update main-with-bazel from main branch
diff --git a/BUILD.generated.bzl b/BUILD.generated.bzl
index c844ae9..f3a0f01 100644
--- a/BUILD.generated.bzl
+++ b/BUILD.generated.bzl
@@ -19,7 +19,6 @@
"src/crypto/fipsmodule/aes/key_wrap.cc.inc",
"src/crypto/fipsmodule/aes/mode_wrappers.cc.inc",
"src/crypto/fipsmodule/aes/ofb.cc.inc",
- "src/crypto/fipsmodule/aes/polyval.cc.inc",
"src/crypto/fipsmodule/bn/add.cc.inc",
"src/crypto/fipsmodule/bn/asm/x86_64-gcc.cc.inc",
"src/crypto/fipsmodule/bn/bn.cc.inc",
@@ -69,7 +68,9 @@
"src/crypto/fipsmodule/hkdf/hkdf.cc.inc",
"src/crypto/fipsmodule/hmac/hmac.cc.inc",
"src/crypto/fipsmodule/keccak/keccak.cc.inc",
+ "src/crypto/fipsmodule/mldsa/fips_known_values.inc",
"src/crypto/fipsmodule/mldsa/mldsa.cc.inc",
+ "src/crypto/fipsmodule/mlkem/fips_known_values.inc",
"src/crypto/fipsmodule/mlkem/mlkem.cc.inc",
"src/crypto/fipsmodule/rand/ctrdrbg.cc.inc",
"src/crypto/fipsmodule/rand/rand.cc.inc",
@@ -83,6 +84,7 @@
"src/crypto/fipsmodule/sha/sha1.cc.inc",
"src/crypto/fipsmodule/sha/sha256.cc.inc",
"src/crypto/fipsmodule/sha/sha512.cc.inc",
+ "src/crypto/fipsmodule/slhdsa/fips_known_values.inc",
"src/crypto/fipsmodule/slhdsa/fors.cc.inc",
"src/crypto/fipsmodule/slhdsa/merkle.cc.inc",
"src/crypto/fipsmodule/slhdsa/slhdsa.cc.inc",
@@ -158,6 +160,7 @@
"src/include/openssl/chacha.h",
"src/include/openssl/cipher.h",
"src/include/openssl/cmac.h",
+ "src/include/openssl/cms.h",
"src/include/openssl/conf.h",
"src/include/openssl/cpu.h",
"src/include/openssl/crypto.h",
@@ -281,7 +284,7 @@
"src/crypto/poly1305/internal.h",
"src/crypto/pool/internal.h",
"src/crypto/rand/getrandom_fillin.h",
- "src/crypto/rand/sysrand_internal.h",
+ "src/crypto/rand/internal.h",
"src/crypto/rsa/internal.h",
"src/crypto/spake2plus/internal.h",
"src/crypto/trust_token/internal.h",
@@ -297,6 +300,7 @@
]
crypto_sources = [
+ "src/crypto/aes/aes.cc",
"src/crypto/asn1/a_bitstr.cc",
"src/crypto/asn1/a_bool.cc",
"src/crypto/asn1/a_d2i_fp.cc",
@@ -339,6 +343,9 @@
"src/crypto/blake2/blake2.cc",
"src/crypto/bn/bn_asn1.cc",
"src/crypto/bn/convert.cc",
+ "src/crypto/bn/div.cc",
+ "src/crypto/bn/exponentiation.cc",
+ "src/crypto/bn/sqrt.cc",
"src/crypto/buf/buf.cc",
"src/crypto/bytestring/asn1_compat.cc",
"src/crypto/bytestring/ber.cc",
@@ -348,6 +355,7 @@
"src/crypto/chacha/chacha.cc",
"src/crypto/cipher/derive_key.cc",
"src/crypto/cipher/e_aesctrhmac.cc",
+ "src/crypto/cipher/e_aeseax.cc",
"src/crypto/cipher/e_aesgcmsiv.cc",
"src/crypto/cipher/e_chacha20poly1305.cc",
"src/crypto/cipher/e_des.cc",
@@ -357,6 +365,7 @@
"src/crypto/cipher/e_tls.cc",
"src/crypto/cipher/get_cipher.cc",
"src/crypto/cipher/tls_cbc.cc",
+ "src/crypto/cms/cms.cc",
"src/crypto/conf/conf.cc",
"src/crypto/cpu_aarch64_apple.cc",
"src/crypto/cpu_aarch64_fuchsia.cc",
@@ -406,6 +415,7 @@
"src/crypto/ex_data.cc",
"src/crypto/fipsmodule/bcm.cc",
"src/crypto/fipsmodule/fips_shared_support.cc",
+ "src/crypto/fuzzer_mode.cc",
"src/crypto/hpke/hpke.cc",
"src/crypto/hrss/hrss.cc",
"src/crypto/kyber/kyber.cc",
@@ -541,10 +551,10 @@
"src/crypto/curve25519/asm/x25519-asm-arm.S",
"src/crypto/hrss/asm/poly_rq_mul.S",
"src/crypto/poly1305/poly1305_arm_asm.S",
- "src/gen/bcm/aes-gcm-avx10-x86_64-apple.S",
- "src/gen/bcm/aes-gcm-avx10-x86_64-linux.S",
"src/gen/bcm/aes-gcm-avx2-x86_64-apple.S",
"src/gen/bcm/aes-gcm-avx2-x86_64-linux.S",
+ "src/gen/bcm/aes-gcm-avx512-x86_64-apple.S",
+ "src/gen/bcm/aes-gcm-avx512-x86_64-linux.S",
"src/gen/bcm/aesni-gcm-x86_64-apple.S",
"src/gen/bcm/aesni-gcm-x86_64-linux.S",
"src/gen/bcm/aesni-x86-apple.S",
@@ -672,8 +682,8 @@
]
crypto_sources_nasm = [
- "src/gen/bcm/aes-gcm-avx10-x86_64-win.asm",
"src/gen/bcm/aes-gcm-avx2-x86_64-win.asm",
+ "src/gen/bcm/aes-gcm-avx512-x86_64-win.asm",
"src/gen/bcm/aesni-gcm-x86_64-win.asm",
"src/gen/bcm/aesni-x86-win.asm",
"src/gen/bcm/aesni-x86_64-win.asm",
diff --git a/BUILD.generated_tests.bzl b/BUILD.generated_tests.bzl
index cca454a..b072d75 100644
--- a/BUILD.generated_tests.bzl
+++ b/BUILD.generated_tests.bzl
@@ -55,7 +55,7 @@
"src/crypto/poly1305/internal.h",
"src/crypto/pool/internal.h",
"src/crypto/rand/getrandom_fillin.h",
- "src/crypto/rand/sysrand_internal.h",
+ "src/crypto/rand/internal.h",
"src/crypto/rsa/internal.h",
"src/crypto/spake2plus/internal.h",
"src/crypto/test/abi_test.cc",
@@ -143,6 +143,7 @@
"src/crypto/chacha/chacha_test.cc",
"src/crypto/cipher/aead_test.cc",
"src/crypto/cipher/cipher_test.cc",
+ "src/crypto/cms/cms_test.cc",
"src/crypto/compiler_test.cc",
"src/crypto/conf/conf_test.cc",
"src/crypto/constant_time_test.cc",
@@ -260,6 +261,7 @@
"src/crypto/cipher/test/aes_128_ccm_bluetooth_tests.txt",
"src/crypto/cipher/test/aes_128_ccm_matter_tests.txt",
"src/crypto/cipher/test/aes_128_ctr_hmac_sha256.txt",
+ "src/crypto/cipher/test/aes_128_eax_test.txt",
"src/crypto/cipher/test/aes_128_gcm_randnonce_tests.txt",
"src/crypto/cipher/test/aes_128_gcm_siv_tests.txt",
"src/crypto/cipher/test/aes_128_gcm_tests.txt",
@@ -267,6 +269,7 @@
"src/crypto/cipher/test/aes_256_cbc_sha1_tls_implicit_iv_tests.txt",
"src/crypto/cipher/test/aes_256_cbc_sha1_tls_tests.txt",
"src/crypto/cipher/test/aes_256_ctr_hmac_sha256.txt",
+ "src/crypto/cipher/test/aes_256_eax_test.txt",
"src/crypto/cipher/test/aes_256_gcm_randnonce_tests.txt",
"src/crypto/cipher/test/aes_256_gcm_siv_tests.txt",
"src/crypto/cipher/test/aes_256_gcm_tests.txt",
@@ -328,6 +331,15 @@
"src/crypto/mlkem/mlkem768_keygen_tests.txt",
"src/crypto/mlkem/mlkem768_nist_decap_tests.txt",
"src/crypto/mlkem/mlkem768_nist_keygen_tests.txt",
+ "src/crypto/pkcs7/test/nss.p7c",
+ "src/crypto/pkcs7/test/openssl_crl.p7c",
+ "src/crypto/pkcs7/test/sign_cert.pem",
+ "src/crypto/pkcs7/test/sign_key.pem",
+ "src/crypto/pkcs7/test/sign_sha1.p7s",
+ "src/crypto/pkcs7/test/sign_sha1_key_id.p7s",
+ "src/crypto/pkcs7/test/sign_sha256.p7s",
+ "src/crypto/pkcs7/test/sign_sha256_key_id.p7s",
+ "src/crypto/pkcs7/test/windows.p7c",
"src/crypto/pkcs8/test/bad1.p12",
"src/crypto/pkcs8/test/bad2.p12",
"src/crypto/pkcs8/test/bad3.p12",
@@ -436,6 +448,7 @@
"src/crypto/x509/test/trailing_data_leaf_subject_key_identifier.pem",
"src/third_party/wycheproof_testvectors/aes_cbc_pkcs5_test.txt",
"src/third_party/wycheproof_testvectors/aes_cmac_test.txt",
+ "src/third_party/wycheproof_testvectors/aes_eax_test.txt",
"src/third_party/wycheproof_testvectors/aes_gcm_siv_test.txt",
"src/third_party/wycheproof_testvectors/aes_gcm_test.txt",
"src/third_party/wycheproof_testvectors/chacha20_poly1305_test.txt",
@@ -1487,6 +1500,18 @@
"src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth-strict-leaf.test",
"src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth-strict.test",
"src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/any.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/c2pamanifest.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/c2patimestamp.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/clientauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/serverauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/any.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/c2pamanifest.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/c2patimestamp.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/clientauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/serverauth.test",
"src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/any.test",
"src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/chain.pem",
"src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/clientauth-strict-leaf.test",
@@ -1495,6 +1520,14 @@
"src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth-strict-leaf.test",
"src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth-strict.test",
"src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth-extra/any.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth-extra/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth-extra/mlsclientauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/any.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/clientauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/mlsclientauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/serverauth.test",
"src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-chain.pem",
"src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-any.test",
"src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-clientAuth-strict.test",
@@ -1711,6 +1744,7 @@
"src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth-strict-leaf.test",
"src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth-strict.test",
"src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/mlsclientauth.test",
"src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth-strict-leaf.test",
"src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth-strict.test",
"src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth.test",
@@ -1725,6 +1759,7 @@
"src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth-strict-leaf.test",
"src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth-strict.test",
"src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/mlsclientauth.test",
"src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth-strict-leaf.test",
"src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth-strict.test",
"src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth.test",
@@ -1733,6 +1768,7 @@
"src/pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth-strict-leaf.test",
"src/pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth-strict.test",
"src/pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-none/mlsclientauth.test",
"src/pki/testdata/verify_certificate_chain_unittest/target-eku-none/serverauth-strict.test",
"src/pki/testdata/verify_certificate_chain_unittest/target-eku-none/serverauth.test",
"src/pki/testdata/verify_certificate_chain_unittest/target-has-512bit-rsa-key/chain.pem",
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 7f1a634..0e8bd77 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -86,10 +86,10 @@
src/crypto/curve25519/asm/x25519-asm-arm.S
src/crypto/hrss/asm/poly_rq_mul.S
src/crypto/poly1305/poly1305_arm_asm.S
- src/gen/bcm/aes-gcm-avx10-x86_64-apple.S
- src/gen/bcm/aes-gcm-avx10-x86_64-linux.S
src/gen/bcm/aes-gcm-avx2-x86_64-apple.S
src/gen/bcm/aes-gcm-avx2-x86_64-linux.S
+ src/gen/bcm/aes-gcm-avx512-x86_64-apple.S
+ src/gen/bcm/aes-gcm-avx512-x86_64-linux.S
src/gen/bcm/aesni-gcm-x86_64-apple.S
src/gen/bcm/aesni-gcm-x86_64-linux.S
src/gen/bcm/aesni-x86-apple.S
@@ -219,8 +219,8 @@
set(
CRYPTO_SOURCES_NASM
- src/gen/bcm/aes-gcm-avx10-x86_64-win.asm
src/gen/bcm/aes-gcm-avx2-x86_64-win.asm
+ src/gen/bcm/aes-gcm-avx512-x86_64-win.asm
src/gen/bcm/aesni-gcm-x86_64-win.asm
src/gen/bcm/aesni-x86-win.asm
src/gen/bcm/aesni-x86_64-win.asm
@@ -266,6 +266,7 @@
crypto
${CRYPTO_SOURCES_ASM_USED}
+ src/crypto/aes/aes.cc
src/crypto/asn1/a_bitstr.cc
src/crypto/asn1/a_bool.cc
src/crypto/asn1/a_d2i_fp.cc
@@ -308,6 +309,9 @@
src/crypto/blake2/blake2.cc
src/crypto/bn/bn_asn1.cc
src/crypto/bn/convert.cc
+ src/crypto/bn/div.cc
+ src/crypto/bn/exponentiation.cc
+ src/crypto/bn/sqrt.cc
src/crypto/buf/buf.cc
src/crypto/bytestring/asn1_compat.cc
src/crypto/bytestring/ber.cc
@@ -317,6 +321,7 @@
src/crypto/chacha/chacha.cc
src/crypto/cipher/derive_key.cc
src/crypto/cipher/e_aesctrhmac.cc
+ src/crypto/cipher/e_aeseax.cc
src/crypto/cipher/e_aesgcmsiv.cc
src/crypto/cipher/e_chacha20poly1305.cc
src/crypto/cipher/e_des.cc
@@ -326,6 +331,7 @@
src/crypto/cipher/e_tls.cc
src/crypto/cipher/get_cipher.cc
src/crypto/cipher/tls_cbc.cc
+ src/crypto/cms/cms.cc
src/crypto/conf/conf.cc
src/crypto/cpu_aarch64_apple.cc
src/crypto/cpu_aarch64_fuchsia.cc
@@ -375,6 +381,7 @@
src/crypto/ex_data.cc
src/crypto/fipsmodule/bcm.cc
src/crypto/fipsmodule/fips_shared_support.cc
+ src/crypto/fuzzer_mode.cc
src/crypto/hpke/hpke.cc
src/crypto/hrss/hrss.cc
src/crypto/kyber/kyber.cc
diff --git a/LICENSE b/LICENSE
index a0f82a1..37a5b74 100644
--- a/LICENSE
+++ b/LICENSE
@@ -236,37 +236,3 @@
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-
-BoringSSL uses the Chromium test infrastructure to run a continuous build,
-trybots etc. The scripts which manage this, and the script for generating build
-metadata, are under the Chromium license. Distributing code linked against
-BoringSSL does not trigger this license.
-
-Copyright 2015 The Chromium Authors. All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are
-met:
-
- * Redistributions of source code must retain the above copyright
-notice, this list of conditions and the following disclaimer.
- * Redistributions in binary form must reproduce the above
-copyright notice, this list of conditions and the following disclaimer
-in the documentation and/or other materials provided with the
-distribution.
- * Neither the name of Google Inc. nor the names of its
-contributors may be used to endorse or promote products derived from
-this software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/sources.json b/sources.json
index 960b065..dd5233e 100644
--- a/sources.json
+++ b/sources.json
@@ -1,2697 +1,2745 @@
{
"bcm_crypto": [
"src/crypto/fipsmodule/bcm.cc"
- ],
+ ],
"crypto": [
- "src/crypto/asn1/a_bitstr.cc",
- "src/crypto/asn1/a_bool.cc",
- "src/crypto/asn1/a_d2i_fp.cc",
- "src/crypto/asn1/a_dup.cc",
- "src/crypto/asn1/a_gentm.cc",
- "src/crypto/asn1/a_i2d_fp.cc",
- "src/crypto/asn1/a_int.cc",
- "src/crypto/asn1/a_mbstr.cc",
- "src/crypto/asn1/a_object.cc",
- "src/crypto/asn1/a_octet.cc",
- "src/crypto/asn1/a_strex.cc",
- "src/crypto/asn1/a_strnid.cc",
- "src/crypto/asn1/a_time.cc",
- "src/crypto/asn1/a_type.cc",
- "src/crypto/asn1/a_utctm.cc",
- "src/crypto/asn1/asn1_lib.cc",
- "src/crypto/asn1/asn1_par.cc",
- "src/crypto/asn1/asn_pack.cc",
- "src/crypto/asn1/f_int.cc",
- "src/crypto/asn1/f_string.cc",
- "src/crypto/asn1/posix_time.cc",
- "src/crypto/asn1/tasn_dec.cc",
- "src/crypto/asn1/tasn_enc.cc",
- "src/crypto/asn1/tasn_fre.cc",
- "src/crypto/asn1/tasn_new.cc",
- "src/crypto/asn1/tasn_typ.cc",
- "src/crypto/asn1/tasn_utl.cc",
- "src/crypto/base64/base64.cc",
- "src/crypto/bio/bio.cc",
- "src/crypto/bio/bio_mem.cc",
- "src/crypto/bio/connect.cc",
- "src/crypto/bio/errno.cc",
- "src/crypto/bio/fd.cc",
- "src/crypto/bio/file.cc",
- "src/crypto/bio/hexdump.cc",
- "src/crypto/bio/pair.cc",
- "src/crypto/bio/printf.cc",
- "src/crypto/bio/socket.cc",
- "src/crypto/bio/socket_helper.cc",
- "src/crypto/blake2/blake2.cc",
- "src/crypto/bn/bn_asn1.cc",
- "src/crypto/bn/convert.cc",
- "src/crypto/buf/buf.cc",
- "src/crypto/bytestring/asn1_compat.cc",
- "src/crypto/bytestring/ber.cc",
- "src/crypto/bytestring/cbb.cc",
- "src/crypto/bytestring/cbs.cc",
- "src/crypto/bytestring/unicode.cc",
- "src/crypto/chacha/chacha.cc",
- "src/crypto/cipher/derive_key.cc",
- "src/crypto/cipher/e_aesctrhmac.cc",
- "src/crypto/cipher/e_aesgcmsiv.cc",
- "src/crypto/cipher/e_chacha20poly1305.cc",
- "src/crypto/cipher/e_des.cc",
- "src/crypto/cipher/e_null.cc",
- "src/crypto/cipher/e_rc2.cc",
- "src/crypto/cipher/e_rc4.cc",
- "src/crypto/cipher/e_tls.cc",
- "src/crypto/cipher/get_cipher.cc",
- "src/crypto/cipher/tls_cbc.cc",
- "src/crypto/conf/conf.cc",
- "src/crypto/cpu_aarch64_apple.cc",
- "src/crypto/cpu_aarch64_fuchsia.cc",
- "src/crypto/cpu_aarch64_linux.cc",
- "src/crypto/cpu_aarch64_openbsd.cc",
- "src/crypto/cpu_aarch64_sysreg.cc",
- "src/crypto/cpu_aarch64_win.cc",
- "src/crypto/cpu_arm_freebsd.cc",
- "src/crypto/cpu_arm_linux.cc",
- "src/crypto/cpu_intel.cc",
- "src/crypto/crypto.cc",
- "src/crypto/curve25519/curve25519.cc",
- "src/crypto/curve25519/curve25519_64_adx.cc",
- "src/crypto/curve25519/spake25519.cc",
- "src/crypto/des/des.cc",
- "src/crypto/dh/dh_asn1.cc",
- "src/crypto/dh/params.cc",
- "src/crypto/digest/digest_extra.cc",
- "src/crypto/dsa/dsa.cc",
- "src/crypto/dsa/dsa_asn1.cc",
- "src/crypto/ec/ec_asn1.cc",
- "src/crypto/ec/ec_derive.cc",
- "src/crypto/ec/hash_to_curve.cc",
- "src/crypto/ecdh/ecdh.cc",
- "src/crypto/ecdsa/ecdsa_asn1.cc",
- "src/crypto/engine/engine.cc",
- "src/crypto/err/err.cc",
- "src/crypto/evp/evp.cc",
- "src/crypto/evp/evp_asn1.cc",
- "src/crypto/evp/evp_ctx.cc",
- "src/crypto/evp/p_dh.cc",
- "src/crypto/evp/p_dh_asn1.cc",
- "src/crypto/evp/p_dsa_asn1.cc",
- "src/crypto/evp/p_ec.cc",
- "src/crypto/evp/p_ec_asn1.cc",
- "src/crypto/evp/p_ed25519.cc",
- "src/crypto/evp/p_ed25519_asn1.cc",
- "src/crypto/evp/p_hkdf.cc",
- "src/crypto/evp/p_rsa.cc",
- "src/crypto/evp/p_rsa_asn1.cc",
- "src/crypto/evp/p_x25519.cc",
- "src/crypto/evp/p_x25519_asn1.cc",
- "src/crypto/evp/pbkdf.cc",
- "src/crypto/evp/print.cc",
- "src/crypto/evp/scrypt.cc",
- "src/crypto/evp/sign.cc",
- "src/crypto/ex_data.cc",
- "src/crypto/fipsmodule/bcm.cc",
- "src/crypto/fipsmodule/fips_shared_support.cc",
- "src/crypto/hpke/hpke.cc",
- "src/crypto/hrss/hrss.cc",
- "src/crypto/kyber/kyber.cc",
- "src/crypto/lhash/lhash.cc",
- "src/crypto/md4/md4.cc",
- "src/crypto/md5/md5.cc",
- "src/crypto/mem.cc",
- "src/crypto/mldsa/mldsa.cc",
- "src/crypto/mlkem/mlkem.cc",
- "src/crypto/obj/obj.cc",
- "src/crypto/obj/obj_xref.cc",
- "src/crypto/pem/pem_all.cc",
- "src/crypto/pem/pem_info.cc",
- "src/crypto/pem/pem_lib.cc",
- "src/crypto/pem/pem_oth.cc",
- "src/crypto/pem/pem_pk8.cc",
- "src/crypto/pem/pem_pkey.cc",
- "src/crypto/pem/pem_x509.cc",
- "src/crypto/pem/pem_xaux.cc",
- "src/crypto/pkcs7/pkcs7.cc",
- "src/crypto/pkcs7/pkcs7_x509.cc",
- "src/crypto/pkcs8/p5_pbev2.cc",
- "src/crypto/pkcs8/pkcs8.cc",
- "src/crypto/pkcs8/pkcs8_x509.cc",
- "src/crypto/poly1305/poly1305.cc",
- "src/crypto/poly1305/poly1305_arm.cc",
- "src/crypto/poly1305/poly1305_vec.cc",
- "src/crypto/pool/pool.cc",
- "src/crypto/rand/deterministic.cc",
- "src/crypto/rand/fork_detect.cc",
- "src/crypto/rand/forkunsafe.cc",
- "src/crypto/rand/getentropy.cc",
- "src/crypto/rand/ios.cc",
- "src/crypto/rand/passive.cc",
- "src/crypto/rand/rand.cc",
- "src/crypto/rand/trusty.cc",
- "src/crypto/rand/urandom.cc",
- "src/crypto/rand/windows.cc",
- "src/crypto/rc4/rc4.cc",
- "src/crypto/refcount.cc",
- "src/crypto/rsa/rsa_asn1.cc",
- "src/crypto/rsa/rsa_crypt.cc",
- "src/crypto/rsa/rsa_extra.cc",
- "src/crypto/rsa/rsa_print.cc",
- "src/crypto/sha/sha1.cc",
- "src/crypto/sha/sha256.cc",
- "src/crypto/sha/sha512.cc",
- "src/crypto/siphash/siphash.cc",
- "src/crypto/slhdsa/slhdsa.cc",
- "src/crypto/spake2plus/spake2plus.cc",
- "src/crypto/stack/stack.cc",
- "src/crypto/thread.cc",
- "src/crypto/thread_none.cc",
- "src/crypto/thread_pthread.cc",
- "src/crypto/thread_win.cc",
- "src/crypto/trust_token/pmbtoken.cc",
- "src/crypto/trust_token/trust_token.cc",
- "src/crypto/trust_token/voprf.cc",
- "src/crypto/x509/a_digest.cc",
- "src/crypto/x509/a_sign.cc",
- "src/crypto/x509/a_verify.cc",
- "src/crypto/x509/algorithm.cc",
- "src/crypto/x509/asn1_gen.cc",
- "src/crypto/x509/by_dir.cc",
- "src/crypto/x509/by_file.cc",
- "src/crypto/x509/i2d_pr.cc",
- "src/crypto/x509/name_print.cc",
- "src/crypto/x509/policy.cc",
- "src/crypto/x509/rsa_pss.cc",
- "src/crypto/x509/t_crl.cc",
- "src/crypto/x509/t_req.cc",
- "src/crypto/x509/t_x509.cc",
- "src/crypto/x509/t_x509a.cc",
- "src/crypto/x509/v3_akey.cc",
- "src/crypto/x509/v3_akeya.cc",
- "src/crypto/x509/v3_alt.cc",
- "src/crypto/x509/v3_bcons.cc",
- "src/crypto/x509/v3_bitst.cc",
- "src/crypto/x509/v3_conf.cc",
- "src/crypto/x509/v3_cpols.cc",
- "src/crypto/x509/v3_crld.cc",
- "src/crypto/x509/v3_enum.cc",
- "src/crypto/x509/v3_extku.cc",
- "src/crypto/x509/v3_genn.cc",
- "src/crypto/x509/v3_ia5.cc",
- "src/crypto/x509/v3_info.cc",
- "src/crypto/x509/v3_int.cc",
- "src/crypto/x509/v3_lib.cc",
- "src/crypto/x509/v3_ncons.cc",
- "src/crypto/x509/v3_ocsp.cc",
- "src/crypto/x509/v3_pcons.cc",
- "src/crypto/x509/v3_pmaps.cc",
- "src/crypto/x509/v3_prn.cc",
- "src/crypto/x509/v3_purp.cc",
- "src/crypto/x509/v3_skey.cc",
- "src/crypto/x509/v3_utl.cc",
- "src/crypto/x509/x509.cc",
- "src/crypto/x509/x509_att.cc",
- "src/crypto/x509/x509_cmp.cc",
- "src/crypto/x509/x509_d2.cc",
- "src/crypto/x509/x509_def.cc",
- "src/crypto/x509/x509_ext.cc",
- "src/crypto/x509/x509_lu.cc",
- "src/crypto/x509/x509_obj.cc",
- "src/crypto/x509/x509_req.cc",
- "src/crypto/x509/x509_set.cc",
- "src/crypto/x509/x509_trs.cc",
- "src/crypto/x509/x509_txt.cc",
- "src/crypto/x509/x509_v3.cc",
- "src/crypto/x509/x509_vfy.cc",
- "src/crypto/x509/x509_vpm.cc",
- "src/crypto/x509/x509cset.cc",
- "src/crypto/x509/x509name.cc",
- "src/crypto/x509/x509rset.cc",
- "src/crypto/x509/x509spki.cc",
- "src/crypto/x509/x_algor.cc",
- "src/crypto/x509/x_all.cc",
- "src/crypto/x509/x_attrib.cc",
- "src/crypto/x509/x_crl.cc",
- "src/crypto/x509/x_exten.cc",
- "src/crypto/x509/x_name.cc",
- "src/crypto/x509/x_pubkey.cc",
- "src/crypto/x509/x_req.cc",
- "src/crypto/x509/x_sig.cc",
- "src/crypto/x509/x_spki.cc",
- "src/crypto/x509/x_val.cc",
- "src/crypto/x509/x_x509.cc",
- "src/crypto/x509/x_x509a.cc",
+ "src/crypto/aes/aes.cc",
+ "src/crypto/asn1/a_bitstr.cc",
+ "src/crypto/asn1/a_bool.cc",
+ "src/crypto/asn1/a_d2i_fp.cc",
+ "src/crypto/asn1/a_dup.cc",
+ "src/crypto/asn1/a_gentm.cc",
+ "src/crypto/asn1/a_i2d_fp.cc",
+ "src/crypto/asn1/a_int.cc",
+ "src/crypto/asn1/a_mbstr.cc",
+ "src/crypto/asn1/a_object.cc",
+ "src/crypto/asn1/a_octet.cc",
+ "src/crypto/asn1/a_strex.cc",
+ "src/crypto/asn1/a_strnid.cc",
+ "src/crypto/asn1/a_time.cc",
+ "src/crypto/asn1/a_type.cc",
+ "src/crypto/asn1/a_utctm.cc",
+ "src/crypto/asn1/asn1_lib.cc",
+ "src/crypto/asn1/asn1_par.cc",
+ "src/crypto/asn1/asn_pack.cc",
+ "src/crypto/asn1/f_int.cc",
+ "src/crypto/asn1/f_string.cc",
+ "src/crypto/asn1/posix_time.cc",
+ "src/crypto/asn1/tasn_dec.cc",
+ "src/crypto/asn1/tasn_enc.cc",
+ "src/crypto/asn1/tasn_fre.cc",
+ "src/crypto/asn1/tasn_new.cc",
+ "src/crypto/asn1/tasn_typ.cc",
+ "src/crypto/asn1/tasn_utl.cc",
+ "src/crypto/base64/base64.cc",
+ "src/crypto/bio/bio.cc",
+ "src/crypto/bio/bio_mem.cc",
+ "src/crypto/bio/connect.cc",
+ "src/crypto/bio/errno.cc",
+ "src/crypto/bio/fd.cc",
+ "src/crypto/bio/file.cc",
+ "src/crypto/bio/hexdump.cc",
+ "src/crypto/bio/pair.cc",
+ "src/crypto/bio/printf.cc",
+ "src/crypto/bio/socket.cc",
+ "src/crypto/bio/socket_helper.cc",
+ "src/crypto/blake2/blake2.cc",
+ "src/crypto/bn/bn_asn1.cc",
+ "src/crypto/bn/convert.cc",
+ "src/crypto/bn/div.cc",
+ "src/crypto/bn/exponentiation.cc",
+ "src/crypto/bn/sqrt.cc",
+ "src/crypto/buf/buf.cc",
+ "src/crypto/bytestring/asn1_compat.cc",
+ "src/crypto/bytestring/ber.cc",
+ "src/crypto/bytestring/cbb.cc",
+ "src/crypto/bytestring/cbs.cc",
+ "src/crypto/bytestring/unicode.cc",
+ "src/crypto/chacha/chacha.cc",
+ "src/crypto/cipher/derive_key.cc",
+ "src/crypto/cipher/e_aesctrhmac.cc",
+ "src/crypto/cipher/e_aeseax.cc",
+ "src/crypto/cipher/e_aesgcmsiv.cc",
+ "src/crypto/cipher/e_chacha20poly1305.cc",
+ "src/crypto/cipher/e_des.cc",
+ "src/crypto/cipher/e_null.cc",
+ "src/crypto/cipher/e_rc2.cc",
+ "src/crypto/cipher/e_rc4.cc",
+ "src/crypto/cipher/e_tls.cc",
+ "src/crypto/cipher/get_cipher.cc",
+ "src/crypto/cipher/tls_cbc.cc",
+ "src/crypto/cms/cms.cc",
+ "src/crypto/conf/conf.cc",
+ "src/crypto/cpu_aarch64_apple.cc",
+ "src/crypto/cpu_aarch64_fuchsia.cc",
+ "src/crypto/cpu_aarch64_linux.cc",
+ "src/crypto/cpu_aarch64_openbsd.cc",
+ "src/crypto/cpu_aarch64_sysreg.cc",
+ "src/crypto/cpu_aarch64_win.cc",
+ "src/crypto/cpu_arm_freebsd.cc",
+ "src/crypto/cpu_arm_linux.cc",
+ "src/crypto/cpu_intel.cc",
+ "src/crypto/crypto.cc",
+ "src/crypto/curve25519/curve25519.cc",
+ "src/crypto/curve25519/curve25519_64_adx.cc",
+ "src/crypto/curve25519/spake25519.cc",
+ "src/crypto/des/des.cc",
+ "src/crypto/dh/dh_asn1.cc",
+ "src/crypto/dh/params.cc",
+ "src/crypto/digest/digest_extra.cc",
+ "src/crypto/dsa/dsa.cc",
+ "src/crypto/dsa/dsa_asn1.cc",
+ "src/crypto/ec/ec_asn1.cc",
+ "src/crypto/ec/ec_derive.cc",
+ "src/crypto/ec/hash_to_curve.cc",
+ "src/crypto/ecdh/ecdh.cc",
+ "src/crypto/ecdsa/ecdsa_asn1.cc",
+ "src/crypto/engine/engine.cc",
+ "src/crypto/err/err.cc",
+ "src/crypto/evp/evp.cc",
+ "src/crypto/evp/evp_asn1.cc",
+ "src/crypto/evp/evp_ctx.cc",
+ "src/crypto/evp/p_dh.cc",
+ "src/crypto/evp/p_dh_asn1.cc",
+ "src/crypto/evp/p_dsa_asn1.cc",
+ "src/crypto/evp/p_ec.cc",
+ "src/crypto/evp/p_ec_asn1.cc",
+ "src/crypto/evp/p_ed25519.cc",
+ "src/crypto/evp/p_ed25519_asn1.cc",
+ "src/crypto/evp/p_hkdf.cc",
+ "src/crypto/evp/p_rsa.cc",
+ "src/crypto/evp/p_rsa_asn1.cc",
+ "src/crypto/evp/p_x25519.cc",
+ "src/crypto/evp/p_x25519_asn1.cc",
+ "src/crypto/evp/pbkdf.cc",
+ "src/crypto/evp/print.cc",
+ "src/crypto/evp/scrypt.cc",
+ "src/crypto/evp/sign.cc",
+ "src/crypto/ex_data.cc",
+ "src/crypto/fipsmodule/bcm.cc",
+ "src/crypto/fipsmodule/fips_shared_support.cc",
+ "src/crypto/fuzzer_mode.cc",
+ "src/crypto/hpke/hpke.cc",
+ "src/crypto/hrss/hrss.cc",
+ "src/crypto/kyber/kyber.cc",
+ "src/crypto/lhash/lhash.cc",
+ "src/crypto/md4/md4.cc",
+ "src/crypto/md5/md5.cc",
+ "src/crypto/mem.cc",
+ "src/crypto/mldsa/mldsa.cc",
+ "src/crypto/mlkem/mlkem.cc",
+ "src/crypto/obj/obj.cc",
+ "src/crypto/obj/obj_xref.cc",
+ "src/crypto/pem/pem_all.cc",
+ "src/crypto/pem/pem_info.cc",
+ "src/crypto/pem/pem_lib.cc",
+ "src/crypto/pem/pem_oth.cc",
+ "src/crypto/pem/pem_pk8.cc",
+ "src/crypto/pem/pem_pkey.cc",
+ "src/crypto/pem/pem_x509.cc",
+ "src/crypto/pem/pem_xaux.cc",
+ "src/crypto/pkcs7/pkcs7.cc",
+ "src/crypto/pkcs7/pkcs7_x509.cc",
+ "src/crypto/pkcs8/p5_pbev2.cc",
+ "src/crypto/pkcs8/pkcs8.cc",
+ "src/crypto/pkcs8/pkcs8_x509.cc",
+ "src/crypto/poly1305/poly1305.cc",
+ "src/crypto/poly1305/poly1305_arm.cc",
+ "src/crypto/poly1305/poly1305_vec.cc",
+ "src/crypto/pool/pool.cc",
+ "src/crypto/rand/deterministic.cc",
+ "src/crypto/rand/fork_detect.cc",
+ "src/crypto/rand/forkunsafe.cc",
+ "src/crypto/rand/getentropy.cc",
+ "src/crypto/rand/ios.cc",
+ "src/crypto/rand/passive.cc",
+ "src/crypto/rand/rand.cc",
+ "src/crypto/rand/trusty.cc",
+ "src/crypto/rand/urandom.cc",
+ "src/crypto/rand/windows.cc",
+ "src/crypto/rc4/rc4.cc",
+ "src/crypto/refcount.cc",
+ "src/crypto/rsa/rsa_asn1.cc",
+ "src/crypto/rsa/rsa_crypt.cc",
+ "src/crypto/rsa/rsa_extra.cc",
+ "src/crypto/rsa/rsa_print.cc",
+ "src/crypto/sha/sha1.cc",
+ "src/crypto/sha/sha256.cc",
+ "src/crypto/sha/sha512.cc",
+ "src/crypto/siphash/siphash.cc",
+ "src/crypto/slhdsa/slhdsa.cc",
+ "src/crypto/spake2plus/spake2plus.cc",
+ "src/crypto/stack/stack.cc",
+ "src/crypto/thread.cc",
+ "src/crypto/thread_none.cc",
+ "src/crypto/thread_pthread.cc",
+ "src/crypto/thread_win.cc",
+ "src/crypto/trust_token/pmbtoken.cc",
+ "src/crypto/trust_token/trust_token.cc",
+ "src/crypto/trust_token/voprf.cc",
+ "src/crypto/x509/a_digest.cc",
+ "src/crypto/x509/a_sign.cc",
+ "src/crypto/x509/a_verify.cc",
+ "src/crypto/x509/algorithm.cc",
+ "src/crypto/x509/asn1_gen.cc",
+ "src/crypto/x509/by_dir.cc",
+ "src/crypto/x509/by_file.cc",
+ "src/crypto/x509/i2d_pr.cc",
+ "src/crypto/x509/name_print.cc",
+ "src/crypto/x509/policy.cc",
+ "src/crypto/x509/rsa_pss.cc",
+ "src/crypto/x509/t_crl.cc",
+ "src/crypto/x509/t_req.cc",
+ "src/crypto/x509/t_x509.cc",
+ "src/crypto/x509/t_x509a.cc",
+ "src/crypto/x509/v3_akey.cc",
+ "src/crypto/x509/v3_akeya.cc",
+ "src/crypto/x509/v3_alt.cc",
+ "src/crypto/x509/v3_bcons.cc",
+ "src/crypto/x509/v3_bitst.cc",
+ "src/crypto/x509/v3_conf.cc",
+ "src/crypto/x509/v3_cpols.cc",
+ "src/crypto/x509/v3_crld.cc",
+ "src/crypto/x509/v3_enum.cc",
+ "src/crypto/x509/v3_extku.cc",
+ "src/crypto/x509/v3_genn.cc",
+ "src/crypto/x509/v3_ia5.cc",
+ "src/crypto/x509/v3_info.cc",
+ "src/crypto/x509/v3_int.cc",
+ "src/crypto/x509/v3_lib.cc",
+ "src/crypto/x509/v3_ncons.cc",
+ "src/crypto/x509/v3_ocsp.cc",
+ "src/crypto/x509/v3_pcons.cc",
+ "src/crypto/x509/v3_pmaps.cc",
+ "src/crypto/x509/v3_prn.cc",
+ "src/crypto/x509/v3_purp.cc",
+ "src/crypto/x509/v3_skey.cc",
+ "src/crypto/x509/v3_utl.cc",
+ "src/crypto/x509/x509.cc",
+ "src/crypto/x509/x509_att.cc",
+ "src/crypto/x509/x509_cmp.cc",
+ "src/crypto/x509/x509_d2.cc",
+ "src/crypto/x509/x509_def.cc",
+ "src/crypto/x509/x509_ext.cc",
+ "src/crypto/x509/x509_lu.cc",
+ "src/crypto/x509/x509_obj.cc",
+ "src/crypto/x509/x509_req.cc",
+ "src/crypto/x509/x509_set.cc",
+ "src/crypto/x509/x509_trs.cc",
+ "src/crypto/x509/x509_txt.cc",
+ "src/crypto/x509/x509_v3.cc",
+ "src/crypto/x509/x509_vfy.cc",
+ "src/crypto/x509/x509_vpm.cc",
+ "src/crypto/x509/x509cset.cc",
+ "src/crypto/x509/x509name.cc",
+ "src/crypto/x509/x509rset.cc",
+ "src/crypto/x509/x509spki.cc",
+ "src/crypto/x509/x_algor.cc",
+ "src/crypto/x509/x_all.cc",
+ "src/crypto/x509/x_attrib.cc",
+ "src/crypto/x509/x_crl.cc",
+ "src/crypto/x509/x_exten.cc",
+ "src/crypto/x509/x_name.cc",
+ "src/crypto/x509/x_pubkey.cc",
+ "src/crypto/x509/x_req.cc",
+ "src/crypto/x509/x_sig.cc",
+ "src/crypto/x509/x_spki.cc",
+ "src/crypto/x509/x_val.cc",
+ "src/crypto/x509/x_x509.cc",
+ "src/crypto/x509/x_x509a.cc",
"src/gen/crypto/err_data.cc"
- ],
+ ],
"crypto_asm": [
- "src/crypto/curve25519/asm/x25519-asm-arm.S",
- "src/crypto/hrss/asm/poly_rq_mul.S",
- "src/crypto/poly1305/poly1305_arm_asm.S",
- "src/gen/bcm/aes-gcm-avx10-x86_64-apple.S",
- "src/gen/bcm/aes-gcm-avx10-x86_64-linux.S",
- "src/gen/bcm/aes-gcm-avx2-x86_64-apple.S",
- "src/gen/bcm/aes-gcm-avx2-x86_64-linux.S",
- "src/gen/bcm/aesni-gcm-x86_64-apple.S",
- "src/gen/bcm/aesni-gcm-x86_64-linux.S",
- "src/gen/bcm/aesni-x86-apple.S",
- "src/gen/bcm/aesni-x86-linux.S",
- "src/gen/bcm/aesni-x86_64-apple.S",
- "src/gen/bcm/aesni-x86_64-linux.S",
- "src/gen/bcm/aesv8-armv7-linux.S",
- "src/gen/bcm/aesv8-armv8-apple.S",
- "src/gen/bcm/aesv8-armv8-linux.S",
- "src/gen/bcm/aesv8-armv8-win.S",
- "src/gen/bcm/aesv8-gcm-armv8-apple.S",
- "src/gen/bcm/aesv8-gcm-armv8-linux.S",
- "src/gen/bcm/aesv8-gcm-armv8-win.S",
- "src/gen/bcm/armv4-mont-linux.S",
- "src/gen/bcm/armv8-mont-apple.S",
- "src/gen/bcm/armv8-mont-linux.S",
- "src/gen/bcm/armv8-mont-win.S",
- "src/gen/bcm/bn-586-apple.S",
- "src/gen/bcm/bn-586-linux.S",
- "src/gen/bcm/bn-armv8-apple.S",
- "src/gen/bcm/bn-armv8-linux.S",
- "src/gen/bcm/bn-armv8-win.S",
- "src/gen/bcm/bsaes-armv7-linux.S",
- "src/gen/bcm/co-586-apple.S",
- "src/gen/bcm/co-586-linux.S",
- "src/gen/bcm/ghash-armv4-linux.S",
- "src/gen/bcm/ghash-neon-armv8-apple.S",
- "src/gen/bcm/ghash-neon-armv8-linux.S",
- "src/gen/bcm/ghash-neon-armv8-win.S",
- "src/gen/bcm/ghash-ssse3-x86-apple.S",
- "src/gen/bcm/ghash-ssse3-x86-linux.S",
- "src/gen/bcm/ghash-ssse3-x86_64-apple.S",
- "src/gen/bcm/ghash-ssse3-x86_64-linux.S",
- "src/gen/bcm/ghash-x86-apple.S",
- "src/gen/bcm/ghash-x86-linux.S",
- "src/gen/bcm/ghash-x86_64-apple.S",
- "src/gen/bcm/ghash-x86_64-linux.S",
- "src/gen/bcm/ghashv8-armv7-linux.S",
- "src/gen/bcm/ghashv8-armv8-apple.S",
- "src/gen/bcm/ghashv8-armv8-linux.S",
- "src/gen/bcm/ghashv8-armv8-win.S",
- "src/gen/bcm/p256-armv8-asm-apple.S",
- "src/gen/bcm/p256-armv8-asm-linux.S",
- "src/gen/bcm/p256-armv8-asm-win.S",
- "src/gen/bcm/p256-x86_64-asm-apple.S",
- "src/gen/bcm/p256-x86_64-asm-linux.S",
- "src/gen/bcm/p256_beeu-armv8-asm-apple.S",
- "src/gen/bcm/p256_beeu-armv8-asm-linux.S",
- "src/gen/bcm/p256_beeu-armv8-asm-win.S",
- "src/gen/bcm/p256_beeu-x86_64-asm-apple.S",
- "src/gen/bcm/p256_beeu-x86_64-asm-linux.S",
- "src/gen/bcm/rdrand-x86_64-apple.S",
- "src/gen/bcm/rdrand-x86_64-linux.S",
- "src/gen/bcm/rsaz-avx2-apple.S",
- "src/gen/bcm/rsaz-avx2-linux.S",
- "src/gen/bcm/sha1-586-apple.S",
- "src/gen/bcm/sha1-586-linux.S",
- "src/gen/bcm/sha1-armv4-large-linux.S",
- "src/gen/bcm/sha1-armv8-apple.S",
- "src/gen/bcm/sha1-armv8-linux.S",
- "src/gen/bcm/sha1-armv8-win.S",
- "src/gen/bcm/sha1-x86_64-apple.S",
- "src/gen/bcm/sha1-x86_64-linux.S",
- "src/gen/bcm/sha256-586-apple.S",
- "src/gen/bcm/sha256-586-linux.S",
- "src/gen/bcm/sha256-armv4-linux.S",
- "src/gen/bcm/sha256-armv8-apple.S",
- "src/gen/bcm/sha256-armv8-linux.S",
- "src/gen/bcm/sha256-armv8-win.S",
- "src/gen/bcm/sha256-x86_64-apple.S",
- "src/gen/bcm/sha256-x86_64-linux.S",
- "src/gen/bcm/sha512-586-apple.S",
- "src/gen/bcm/sha512-586-linux.S",
- "src/gen/bcm/sha512-armv4-linux.S",
- "src/gen/bcm/sha512-armv8-apple.S",
- "src/gen/bcm/sha512-armv8-linux.S",
- "src/gen/bcm/sha512-armv8-win.S",
- "src/gen/bcm/sha512-x86_64-apple.S",
- "src/gen/bcm/sha512-x86_64-linux.S",
- "src/gen/bcm/vpaes-armv7-linux.S",
- "src/gen/bcm/vpaes-armv8-apple.S",
- "src/gen/bcm/vpaes-armv8-linux.S",
- "src/gen/bcm/vpaes-armv8-win.S",
- "src/gen/bcm/vpaes-x86-apple.S",
- "src/gen/bcm/vpaes-x86-linux.S",
- "src/gen/bcm/vpaes-x86_64-apple.S",
- "src/gen/bcm/vpaes-x86_64-linux.S",
- "src/gen/bcm/x86-mont-apple.S",
- "src/gen/bcm/x86-mont-linux.S",
- "src/gen/bcm/x86_64-mont-apple.S",
- "src/gen/bcm/x86_64-mont-linux.S",
- "src/gen/bcm/x86_64-mont5-apple.S",
- "src/gen/bcm/x86_64-mont5-linux.S",
- "src/gen/crypto/aes128gcmsiv-x86_64-apple.S",
- "src/gen/crypto/aes128gcmsiv-x86_64-linux.S",
- "src/gen/crypto/chacha-armv4-linux.S",
- "src/gen/crypto/chacha-armv8-apple.S",
- "src/gen/crypto/chacha-armv8-linux.S",
- "src/gen/crypto/chacha-armv8-win.S",
- "src/gen/crypto/chacha-x86-apple.S",
- "src/gen/crypto/chacha-x86-linux.S",
- "src/gen/crypto/chacha-x86_64-apple.S",
- "src/gen/crypto/chacha-x86_64-linux.S",
- "src/gen/crypto/chacha20_poly1305_armv8-apple.S",
- "src/gen/crypto/chacha20_poly1305_armv8-linux.S",
- "src/gen/crypto/chacha20_poly1305_armv8-win.S",
- "src/gen/crypto/chacha20_poly1305_x86_64-apple.S",
- "src/gen/crypto/chacha20_poly1305_x86_64-linux.S",
- "src/gen/crypto/md5-586-apple.S",
- "src/gen/crypto/md5-586-linux.S",
- "src/gen/crypto/md5-x86_64-apple.S",
- "src/gen/crypto/md5-x86_64-linux.S",
- "src/gen/test_support/trampoline-armv4-linux.S",
- "src/gen/test_support/trampoline-armv8-apple.S",
- "src/gen/test_support/trampoline-armv8-linux.S",
- "src/gen/test_support/trampoline-armv8-win.S",
- "src/gen/test_support/trampoline-x86-apple.S",
- "src/gen/test_support/trampoline-x86-linux.S",
- "src/gen/test_support/trampoline-x86_64-apple.S",
- "src/gen/test_support/trampoline-x86_64-linux.S",
- "src/third_party/fiat/asm/fiat_curve25519_adx_mul.S",
- "src/third_party/fiat/asm/fiat_curve25519_adx_square.S",
- "src/third_party/fiat/asm/fiat_p256_adx_mul.S",
+ "src/crypto/curve25519/asm/x25519-asm-arm.S",
+ "src/crypto/hrss/asm/poly_rq_mul.S",
+ "src/crypto/poly1305/poly1305_arm_asm.S",
+ "src/gen/bcm/aes-gcm-avx2-x86_64-apple.S",
+ "src/gen/bcm/aes-gcm-avx2-x86_64-linux.S",
+ "src/gen/bcm/aes-gcm-avx512-x86_64-apple.S",
+ "src/gen/bcm/aes-gcm-avx512-x86_64-linux.S",
+ "src/gen/bcm/aesni-gcm-x86_64-apple.S",
+ "src/gen/bcm/aesni-gcm-x86_64-linux.S",
+ "src/gen/bcm/aesni-x86-apple.S",
+ "src/gen/bcm/aesni-x86-linux.S",
+ "src/gen/bcm/aesni-x86_64-apple.S",
+ "src/gen/bcm/aesni-x86_64-linux.S",
+ "src/gen/bcm/aesv8-armv7-linux.S",
+ "src/gen/bcm/aesv8-armv8-apple.S",
+ "src/gen/bcm/aesv8-armv8-linux.S",
+ "src/gen/bcm/aesv8-armv8-win.S",
+ "src/gen/bcm/aesv8-gcm-armv8-apple.S",
+ "src/gen/bcm/aesv8-gcm-armv8-linux.S",
+ "src/gen/bcm/aesv8-gcm-armv8-win.S",
+ "src/gen/bcm/armv4-mont-linux.S",
+ "src/gen/bcm/armv8-mont-apple.S",
+ "src/gen/bcm/armv8-mont-linux.S",
+ "src/gen/bcm/armv8-mont-win.S",
+ "src/gen/bcm/bn-586-apple.S",
+ "src/gen/bcm/bn-586-linux.S",
+ "src/gen/bcm/bn-armv8-apple.S",
+ "src/gen/bcm/bn-armv8-linux.S",
+ "src/gen/bcm/bn-armv8-win.S",
+ "src/gen/bcm/bsaes-armv7-linux.S",
+ "src/gen/bcm/co-586-apple.S",
+ "src/gen/bcm/co-586-linux.S",
+ "src/gen/bcm/ghash-armv4-linux.S",
+ "src/gen/bcm/ghash-neon-armv8-apple.S",
+ "src/gen/bcm/ghash-neon-armv8-linux.S",
+ "src/gen/bcm/ghash-neon-armv8-win.S",
+ "src/gen/bcm/ghash-ssse3-x86-apple.S",
+ "src/gen/bcm/ghash-ssse3-x86-linux.S",
+ "src/gen/bcm/ghash-ssse3-x86_64-apple.S",
+ "src/gen/bcm/ghash-ssse3-x86_64-linux.S",
+ "src/gen/bcm/ghash-x86-apple.S",
+ "src/gen/bcm/ghash-x86-linux.S",
+ "src/gen/bcm/ghash-x86_64-apple.S",
+ "src/gen/bcm/ghash-x86_64-linux.S",
+ "src/gen/bcm/ghashv8-armv7-linux.S",
+ "src/gen/bcm/ghashv8-armv8-apple.S",
+ "src/gen/bcm/ghashv8-armv8-linux.S",
+ "src/gen/bcm/ghashv8-armv8-win.S",
+ "src/gen/bcm/p256-armv8-asm-apple.S",
+ "src/gen/bcm/p256-armv8-asm-linux.S",
+ "src/gen/bcm/p256-armv8-asm-win.S",
+ "src/gen/bcm/p256-x86_64-asm-apple.S",
+ "src/gen/bcm/p256-x86_64-asm-linux.S",
+ "src/gen/bcm/p256_beeu-armv8-asm-apple.S",
+ "src/gen/bcm/p256_beeu-armv8-asm-linux.S",
+ "src/gen/bcm/p256_beeu-armv8-asm-win.S",
+ "src/gen/bcm/p256_beeu-x86_64-asm-apple.S",
+ "src/gen/bcm/p256_beeu-x86_64-asm-linux.S",
+ "src/gen/bcm/rdrand-x86_64-apple.S",
+ "src/gen/bcm/rdrand-x86_64-linux.S",
+ "src/gen/bcm/rsaz-avx2-apple.S",
+ "src/gen/bcm/rsaz-avx2-linux.S",
+ "src/gen/bcm/sha1-586-apple.S",
+ "src/gen/bcm/sha1-586-linux.S",
+ "src/gen/bcm/sha1-armv4-large-linux.S",
+ "src/gen/bcm/sha1-armv8-apple.S",
+ "src/gen/bcm/sha1-armv8-linux.S",
+ "src/gen/bcm/sha1-armv8-win.S",
+ "src/gen/bcm/sha1-x86_64-apple.S",
+ "src/gen/bcm/sha1-x86_64-linux.S",
+ "src/gen/bcm/sha256-586-apple.S",
+ "src/gen/bcm/sha256-586-linux.S",
+ "src/gen/bcm/sha256-armv4-linux.S",
+ "src/gen/bcm/sha256-armv8-apple.S",
+ "src/gen/bcm/sha256-armv8-linux.S",
+ "src/gen/bcm/sha256-armv8-win.S",
+ "src/gen/bcm/sha256-x86_64-apple.S",
+ "src/gen/bcm/sha256-x86_64-linux.S",
+ "src/gen/bcm/sha512-586-apple.S",
+ "src/gen/bcm/sha512-586-linux.S",
+ "src/gen/bcm/sha512-armv4-linux.S",
+ "src/gen/bcm/sha512-armv8-apple.S",
+ "src/gen/bcm/sha512-armv8-linux.S",
+ "src/gen/bcm/sha512-armv8-win.S",
+ "src/gen/bcm/sha512-x86_64-apple.S",
+ "src/gen/bcm/sha512-x86_64-linux.S",
+ "src/gen/bcm/vpaes-armv7-linux.S",
+ "src/gen/bcm/vpaes-armv8-apple.S",
+ "src/gen/bcm/vpaes-armv8-linux.S",
+ "src/gen/bcm/vpaes-armv8-win.S",
+ "src/gen/bcm/vpaes-x86-apple.S",
+ "src/gen/bcm/vpaes-x86-linux.S",
+ "src/gen/bcm/vpaes-x86_64-apple.S",
+ "src/gen/bcm/vpaes-x86_64-linux.S",
+ "src/gen/bcm/x86-mont-apple.S",
+ "src/gen/bcm/x86-mont-linux.S",
+ "src/gen/bcm/x86_64-mont-apple.S",
+ "src/gen/bcm/x86_64-mont-linux.S",
+ "src/gen/bcm/x86_64-mont5-apple.S",
+ "src/gen/bcm/x86_64-mont5-linux.S",
+ "src/gen/crypto/aes128gcmsiv-x86_64-apple.S",
+ "src/gen/crypto/aes128gcmsiv-x86_64-linux.S",
+ "src/gen/crypto/chacha-armv4-linux.S",
+ "src/gen/crypto/chacha-armv8-apple.S",
+ "src/gen/crypto/chacha-armv8-linux.S",
+ "src/gen/crypto/chacha-armv8-win.S",
+ "src/gen/crypto/chacha-x86-apple.S",
+ "src/gen/crypto/chacha-x86-linux.S",
+ "src/gen/crypto/chacha-x86_64-apple.S",
+ "src/gen/crypto/chacha-x86_64-linux.S",
+ "src/gen/crypto/chacha20_poly1305_armv8-apple.S",
+ "src/gen/crypto/chacha20_poly1305_armv8-linux.S",
+ "src/gen/crypto/chacha20_poly1305_armv8-win.S",
+ "src/gen/crypto/chacha20_poly1305_x86_64-apple.S",
+ "src/gen/crypto/chacha20_poly1305_x86_64-linux.S",
+ "src/gen/crypto/md5-586-apple.S",
+ "src/gen/crypto/md5-586-linux.S",
+ "src/gen/crypto/md5-x86_64-apple.S",
+ "src/gen/crypto/md5-x86_64-linux.S",
+ "src/gen/test_support/trampoline-armv4-linux.S",
+ "src/gen/test_support/trampoline-armv8-apple.S",
+ "src/gen/test_support/trampoline-armv8-linux.S",
+ "src/gen/test_support/trampoline-armv8-win.S",
+ "src/gen/test_support/trampoline-x86-apple.S",
+ "src/gen/test_support/trampoline-x86-linux.S",
+ "src/gen/test_support/trampoline-x86_64-apple.S",
+ "src/gen/test_support/trampoline-x86_64-linux.S",
+ "src/third_party/fiat/asm/fiat_curve25519_adx_mul.S",
+ "src/third_party/fiat/asm/fiat_curve25519_adx_square.S",
+ "src/third_party/fiat/asm/fiat_p256_adx_mul.S",
"src/third_party/fiat/asm/fiat_p256_adx_sqr.S"
- ],
+ ],
"crypto_headers": [
- "src/include/openssl/aead.h",
- "src/include/openssl/aes.h",
- "src/include/openssl/arm_arch.h",
- "src/include/openssl/asm_base.h",
- "src/include/openssl/asn1.h",
- "src/include/openssl/asn1_mac.h",
- "src/include/openssl/asn1t.h",
- "src/include/openssl/base.h",
- "src/include/openssl/base64.h",
- "src/include/openssl/bcm_public.h",
- "src/include/openssl/bio.h",
- "src/include/openssl/blake2.h",
- "src/include/openssl/blowfish.h",
- "src/include/openssl/bn.h",
- "src/include/openssl/buf.h",
- "src/include/openssl/buffer.h",
- "src/include/openssl/bytestring.h",
- "src/include/openssl/cast.h",
- "src/include/openssl/chacha.h",
- "src/include/openssl/cipher.h",
- "src/include/openssl/cmac.h",
- "src/include/openssl/conf.h",
- "src/include/openssl/cpu.h",
- "src/include/openssl/crypto.h",
- "src/include/openssl/ctrdrbg.h",
- "src/include/openssl/curve25519.h",
- "src/include/openssl/des.h",
- "src/include/openssl/dh.h",
- "src/include/openssl/digest.h",
- "src/include/openssl/dsa.h",
- "src/include/openssl/e_os2.h",
- "src/include/openssl/ec.h",
- "src/include/openssl/ec_key.h",
- "src/include/openssl/ecdh.h",
- "src/include/openssl/ecdsa.h",
- "src/include/openssl/engine.h",
- "src/include/openssl/err.h",
- "src/include/openssl/evp.h",
- "src/include/openssl/evp_errors.h",
- "src/include/openssl/ex_data.h",
- "src/include/openssl/experimental/kyber.h",
- "src/include/openssl/hkdf.h",
- "src/include/openssl/hmac.h",
- "src/include/openssl/hpke.h",
- "src/include/openssl/hrss.h",
- "src/include/openssl/is_boringssl.h",
- "src/include/openssl/kdf.h",
- "src/include/openssl/lhash.h",
- "src/include/openssl/md4.h",
- "src/include/openssl/md5.h",
- "src/include/openssl/mem.h",
- "src/include/openssl/mldsa.h",
- "src/include/openssl/mlkem.h",
- "src/include/openssl/nid.h",
- "src/include/openssl/obj.h",
- "src/include/openssl/obj_mac.h",
- "src/include/openssl/objects.h",
- "src/include/openssl/opensslconf.h",
- "src/include/openssl/opensslv.h",
- "src/include/openssl/ossl_typ.h",
- "src/include/openssl/pem.h",
- "src/include/openssl/pkcs12.h",
- "src/include/openssl/pkcs7.h",
- "src/include/openssl/pkcs8.h",
- "src/include/openssl/poly1305.h",
- "src/include/openssl/pool.h",
- "src/include/openssl/posix_time.h",
- "src/include/openssl/rand.h",
- "src/include/openssl/rc4.h",
- "src/include/openssl/ripemd.h",
- "src/include/openssl/rsa.h",
- "src/include/openssl/safestack.h",
- "src/include/openssl/service_indicator.h",
- "src/include/openssl/sha.h",
- "src/include/openssl/siphash.h",
- "src/include/openssl/slhdsa.h",
- "src/include/openssl/span.h",
- "src/include/openssl/stack.h",
- "src/include/openssl/target.h",
- "src/include/openssl/thread.h",
- "src/include/openssl/time.h",
- "src/include/openssl/trust_token.h",
- "src/include/openssl/type_check.h",
- "src/include/openssl/x509.h",
- "src/include/openssl/x509_vfy.h",
- "src/include/openssl/x509v3.h",
+ "src/include/openssl/aead.h",
+ "src/include/openssl/aes.h",
+ "src/include/openssl/arm_arch.h",
+ "src/include/openssl/asm_base.h",
+ "src/include/openssl/asn1.h",
+ "src/include/openssl/asn1_mac.h",
+ "src/include/openssl/asn1t.h",
+ "src/include/openssl/base.h",
+ "src/include/openssl/base64.h",
+ "src/include/openssl/bcm_public.h",
+ "src/include/openssl/bio.h",
+ "src/include/openssl/blake2.h",
+ "src/include/openssl/blowfish.h",
+ "src/include/openssl/bn.h",
+ "src/include/openssl/buf.h",
+ "src/include/openssl/buffer.h",
+ "src/include/openssl/bytestring.h",
+ "src/include/openssl/cast.h",
+ "src/include/openssl/chacha.h",
+ "src/include/openssl/cipher.h",
+ "src/include/openssl/cmac.h",
+ "src/include/openssl/cms.h",
+ "src/include/openssl/conf.h",
+ "src/include/openssl/cpu.h",
+ "src/include/openssl/crypto.h",
+ "src/include/openssl/ctrdrbg.h",
+ "src/include/openssl/curve25519.h",
+ "src/include/openssl/des.h",
+ "src/include/openssl/dh.h",
+ "src/include/openssl/digest.h",
+ "src/include/openssl/dsa.h",
+ "src/include/openssl/e_os2.h",
+ "src/include/openssl/ec.h",
+ "src/include/openssl/ec_key.h",
+ "src/include/openssl/ecdh.h",
+ "src/include/openssl/ecdsa.h",
+ "src/include/openssl/engine.h",
+ "src/include/openssl/err.h",
+ "src/include/openssl/evp.h",
+ "src/include/openssl/evp_errors.h",
+ "src/include/openssl/ex_data.h",
+ "src/include/openssl/experimental/kyber.h",
+ "src/include/openssl/hkdf.h",
+ "src/include/openssl/hmac.h",
+ "src/include/openssl/hpke.h",
+ "src/include/openssl/hrss.h",
+ "src/include/openssl/is_boringssl.h",
+ "src/include/openssl/kdf.h",
+ "src/include/openssl/lhash.h",
+ "src/include/openssl/md4.h",
+ "src/include/openssl/md5.h",
+ "src/include/openssl/mem.h",
+ "src/include/openssl/mldsa.h",
+ "src/include/openssl/mlkem.h",
+ "src/include/openssl/nid.h",
+ "src/include/openssl/obj.h",
+ "src/include/openssl/obj_mac.h",
+ "src/include/openssl/objects.h",
+ "src/include/openssl/opensslconf.h",
+ "src/include/openssl/opensslv.h",
+ "src/include/openssl/ossl_typ.h",
+ "src/include/openssl/pem.h",
+ "src/include/openssl/pkcs12.h",
+ "src/include/openssl/pkcs7.h",
+ "src/include/openssl/pkcs8.h",
+ "src/include/openssl/poly1305.h",
+ "src/include/openssl/pool.h",
+ "src/include/openssl/posix_time.h",
+ "src/include/openssl/rand.h",
+ "src/include/openssl/rc4.h",
+ "src/include/openssl/ripemd.h",
+ "src/include/openssl/rsa.h",
+ "src/include/openssl/safestack.h",
+ "src/include/openssl/service_indicator.h",
+ "src/include/openssl/sha.h",
+ "src/include/openssl/siphash.h",
+ "src/include/openssl/slhdsa.h",
+ "src/include/openssl/span.h",
+ "src/include/openssl/stack.h",
+ "src/include/openssl/target.h",
+ "src/include/openssl/thread.h",
+ "src/include/openssl/time.h",
+ "src/include/openssl/trust_token.h",
+ "src/include/openssl/type_check.h",
+ "src/include/openssl/x509.h",
+ "src/include/openssl/x509_vfy.h",
+ "src/include/openssl/x509v3.h",
"src/include/openssl/x509v3_errors.h"
- ],
+ ],
"crypto_internal_headers": [
- "src/crypto/asn1/internal.h",
- "src/crypto/bcm_support.h",
- "src/crypto/bio/internal.h",
- "src/crypto/bytestring/internal.h",
- "src/crypto/chacha/internal.h",
- "src/crypto/cipher/internal.h",
- "src/crypto/conf/internal.h",
- "src/crypto/cpu_arm_linux.h",
- "src/crypto/curve25519/curve25519_tables.h",
- "src/crypto/curve25519/internal.h",
- "src/crypto/des/internal.h",
- "src/crypto/dsa/internal.h",
- "src/crypto/ec/internal.h",
- "src/crypto/err/internal.h",
- "src/crypto/evp/internal.h",
- "src/crypto/fipsmodule/aes/internal.h",
- "src/crypto/fipsmodule/bcm_interface.h",
- "src/crypto/fipsmodule/bn/internal.h",
- "src/crypto/fipsmodule/bn/rsaz_exp.h",
- "src/crypto/fipsmodule/cipher/internal.h",
- "src/crypto/fipsmodule/delocate.h",
- "src/crypto/fipsmodule/dh/internal.h",
- "src/crypto/fipsmodule/digest/internal.h",
- "src/crypto/fipsmodule/digest/md32_common.h",
- "src/crypto/fipsmodule/ec/builtin_curves.h",
- "src/crypto/fipsmodule/ec/internal.h",
- "src/crypto/fipsmodule/ec/p256-nistz-table.h",
- "src/crypto/fipsmodule/ec/p256-nistz.h",
- "src/crypto/fipsmodule/ec/p256_table.h",
- "src/crypto/fipsmodule/ecdsa/internal.h",
- "src/crypto/fipsmodule/keccak/internal.h",
- "src/crypto/fipsmodule/rand/internal.h",
- "src/crypto/fipsmodule/rsa/internal.h",
- "src/crypto/fipsmodule/service_indicator/internal.h",
- "src/crypto/fipsmodule/sha/internal.h",
- "src/crypto/fipsmodule/slhdsa/address.h",
- "src/crypto/fipsmodule/slhdsa/fors.h",
- "src/crypto/fipsmodule/slhdsa/merkle.h",
- "src/crypto/fipsmodule/slhdsa/params.h",
- "src/crypto/fipsmodule/slhdsa/thash.h",
- "src/crypto/fipsmodule/slhdsa/wots.h",
- "src/crypto/fipsmodule/tls/internal.h",
- "src/crypto/hrss/internal.h",
- "src/crypto/internal.h",
- "src/crypto/kyber/internal.h",
- "src/crypto/lhash/internal.h",
- "src/crypto/md5/internal.h",
- "src/crypto/obj/obj_dat.h",
- "src/crypto/pem/internal.h",
- "src/crypto/pkcs7/internal.h",
- "src/crypto/pkcs8/internal.h",
- "src/crypto/poly1305/internal.h",
- "src/crypto/pool/internal.h",
- "src/crypto/rand/getrandom_fillin.h",
- "src/crypto/rand/sysrand_internal.h",
- "src/crypto/rsa/internal.h",
- "src/crypto/spake2plus/internal.h",
- "src/crypto/trust_token/internal.h",
- "src/crypto/x509/ext_dat.h",
- "src/crypto/x509/internal.h",
- "src/third_party/fiat/curve25519_32.h",
- "src/third_party/fiat/curve25519_64.h",
- "src/third_party/fiat/curve25519_64_adx.h",
- "src/third_party/fiat/curve25519_64_msvc.h",
- "src/third_party/fiat/p256_32.h",
- "src/third_party/fiat/p256_64.h",
+ "src/crypto/asn1/internal.h",
+ "src/crypto/bcm_support.h",
+ "src/crypto/bio/internal.h",
+ "src/crypto/bytestring/internal.h",
+ "src/crypto/chacha/internal.h",
+ "src/crypto/cipher/internal.h",
+ "src/crypto/conf/internal.h",
+ "src/crypto/cpu_arm_linux.h",
+ "src/crypto/curve25519/curve25519_tables.h",
+ "src/crypto/curve25519/internal.h",
+ "src/crypto/des/internal.h",
+ "src/crypto/dsa/internal.h",
+ "src/crypto/ec/internal.h",
+ "src/crypto/err/internal.h",
+ "src/crypto/evp/internal.h",
+ "src/crypto/fipsmodule/aes/internal.h",
+ "src/crypto/fipsmodule/bcm_interface.h",
+ "src/crypto/fipsmodule/bn/internal.h",
+ "src/crypto/fipsmodule/bn/rsaz_exp.h",
+ "src/crypto/fipsmodule/cipher/internal.h",
+ "src/crypto/fipsmodule/delocate.h",
+ "src/crypto/fipsmodule/dh/internal.h",
+ "src/crypto/fipsmodule/digest/internal.h",
+ "src/crypto/fipsmodule/digest/md32_common.h",
+ "src/crypto/fipsmodule/ec/builtin_curves.h",
+ "src/crypto/fipsmodule/ec/internal.h",
+ "src/crypto/fipsmodule/ec/p256-nistz-table.h",
+ "src/crypto/fipsmodule/ec/p256-nistz.h",
+ "src/crypto/fipsmodule/ec/p256_table.h",
+ "src/crypto/fipsmodule/ecdsa/internal.h",
+ "src/crypto/fipsmodule/keccak/internal.h",
+ "src/crypto/fipsmodule/rand/internal.h",
+ "src/crypto/fipsmodule/rsa/internal.h",
+ "src/crypto/fipsmodule/service_indicator/internal.h",
+ "src/crypto/fipsmodule/sha/internal.h",
+ "src/crypto/fipsmodule/slhdsa/address.h",
+ "src/crypto/fipsmodule/slhdsa/fors.h",
+ "src/crypto/fipsmodule/slhdsa/merkle.h",
+ "src/crypto/fipsmodule/slhdsa/params.h",
+ "src/crypto/fipsmodule/slhdsa/thash.h",
+ "src/crypto/fipsmodule/slhdsa/wots.h",
+ "src/crypto/fipsmodule/tls/internal.h",
+ "src/crypto/hrss/internal.h",
+ "src/crypto/internal.h",
+ "src/crypto/kyber/internal.h",
+ "src/crypto/lhash/internal.h",
+ "src/crypto/md5/internal.h",
+ "src/crypto/obj/obj_dat.h",
+ "src/crypto/pem/internal.h",
+ "src/crypto/pkcs7/internal.h",
+ "src/crypto/pkcs8/internal.h",
+ "src/crypto/poly1305/internal.h",
+ "src/crypto/pool/internal.h",
+ "src/crypto/rand/getrandom_fillin.h",
+ "src/crypto/rand/internal.h",
+ "src/crypto/rsa/internal.h",
+ "src/crypto/spake2plus/internal.h",
+ "src/crypto/trust_token/internal.h",
+ "src/crypto/x509/ext_dat.h",
+ "src/crypto/x509/internal.h",
+ "src/third_party/fiat/curve25519_32.h",
+ "src/third_party/fiat/curve25519_64.h",
+ "src/third_party/fiat/curve25519_64_adx.h",
+ "src/third_party/fiat/curve25519_64_msvc.h",
+ "src/third_party/fiat/p256_32.h",
+ "src/third_party/fiat/p256_64.h",
"src/third_party/fiat/p256_64_msvc.h"
- ],
+ ],
"crypto_nasm": [
- "src/gen/bcm/aes-gcm-avx10-x86_64-win.asm",
- "src/gen/bcm/aes-gcm-avx2-x86_64-win.asm",
- "src/gen/bcm/aesni-gcm-x86_64-win.asm",
- "src/gen/bcm/aesni-x86-win.asm",
- "src/gen/bcm/aesni-x86_64-win.asm",
- "src/gen/bcm/bn-586-win.asm",
- "src/gen/bcm/co-586-win.asm",
- "src/gen/bcm/ghash-ssse3-x86-win.asm",
- "src/gen/bcm/ghash-ssse3-x86_64-win.asm",
- "src/gen/bcm/ghash-x86-win.asm",
- "src/gen/bcm/ghash-x86_64-win.asm",
- "src/gen/bcm/p256-x86_64-asm-win.asm",
- "src/gen/bcm/p256_beeu-x86_64-asm-win.asm",
- "src/gen/bcm/rdrand-x86_64-win.asm",
- "src/gen/bcm/rsaz-avx2-win.asm",
- "src/gen/bcm/sha1-586-win.asm",
- "src/gen/bcm/sha1-x86_64-win.asm",
- "src/gen/bcm/sha256-586-win.asm",
- "src/gen/bcm/sha256-x86_64-win.asm",
- "src/gen/bcm/sha512-586-win.asm",
- "src/gen/bcm/sha512-x86_64-win.asm",
- "src/gen/bcm/vpaes-x86-win.asm",
- "src/gen/bcm/vpaes-x86_64-win.asm",
- "src/gen/bcm/x86-mont-win.asm",
- "src/gen/bcm/x86_64-mont-win.asm",
- "src/gen/bcm/x86_64-mont5-win.asm",
- "src/gen/crypto/aes128gcmsiv-x86_64-win.asm",
- "src/gen/crypto/chacha-x86-win.asm",
- "src/gen/crypto/chacha-x86_64-win.asm",
- "src/gen/crypto/chacha20_poly1305_x86_64-win.asm",
- "src/gen/crypto/md5-586-win.asm",
- "src/gen/crypto/md5-x86_64-win.asm",
- "src/gen/test_support/trampoline-x86-win.asm",
+ "src/gen/bcm/aes-gcm-avx2-x86_64-win.asm",
+ "src/gen/bcm/aes-gcm-avx512-x86_64-win.asm",
+ "src/gen/bcm/aesni-gcm-x86_64-win.asm",
+ "src/gen/bcm/aesni-x86-win.asm",
+ "src/gen/bcm/aesni-x86_64-win.asm",
+ "src/gen/bcm/bn-586-win.asm",
+ "src/gen/bcm/co-586-win.asm",
+ "src/gen/bcm/ghash-ssse3-x86-win.asm",
+ "src/gen/bcm/ghash-ssse3-x86_64-win.asm",
+ "src/gen/bcm/ghash-x86-win.asm",
+ "src/gen/bcm/ghash-x86_64-win.asm",
+ "src/gen/bcm/p256-x86_64-asm-win.asm",
+ "src/gen/bcm/p256_beeu-x86_64-asm-win.asm",
+ "src/gen/bcm/rdrand-x86_64-win.asm",
+ "src/gen/bcm/rsaz-avx2-win.asm",
+ "src/gen/bcm/sha1-586-win.asm",
+ "src/gen/bcm/sha1-x86_64-win.asm",
+ "src/gen/bcm/sha256-586-win.asm",
+ "src/gen/bcm/sha256-x86_64-win.asm",
+ "src/gen/bcm/sha512-586-win.asm",
+ "src/gen/bcm/sha512-x86_64-win.asm",
+ "src/gen/bcm/vpaes-x86-win.asm",
+ "src/gen/bcm/vpaes-x86_64-win.asm",
+ "src/gen/bcm/x86-mont-win.asm",
+ "src/gen/bcm/x86_64-mont-win.asm",
+ "src/gen/bcm/x86_64-mont5-win.asm",
+ "src/gen/crypto/aes128gcmsiv-x86_64-win.asm",
+ "src/gen/crypto/chacha-x86-win.asm",
+ "src/gen/crypto/chacha-x86_64-win.asm",
+ "src/gen/crypto/chacha20_poly1305_x86_64-win.asm",
+ "src/gen/crypto/md5-586-win.asm",
+ "src/gen/crypto/md5-x86_64-win.asm",
+ "src/gen/test_support/trampoline-x86-win.asm",
"src/gen/test_support/trampoline-x86_64-win.asm"
- ],
+ ],
"crypto_test": [
- "src/crypto/abi_self_test.cc",
- "src/crypto/asn1/asn1_test.cc",
- "src/crypto/base64/base64_test.cc",
- "src/crypto/bio/bio_test.cc",
- "src/crypto/blake2/blake2_test.cc",
- "src/crypto/buf/buf_test.cc",
- "src/crypto/bytestring/bytestring_test.cc",
- "src/crypto/chacha/chacha_test.cc",
- "src/crypto/cipher/aead_test.cc",
- "src/crypto/cipher/cipher_test.cc",
- "src/crypto/compiler_test.cc",
- "src/crypto/conf/conf_test.cc",
- "src/crypto/constant_time_test.cc",
- "src/crypto/cpu_arm_linux_test.cc",
- "src/crypto/crypto_test.cc",
- "src/crypto/curve25519/ed25519_test.cc",
- "src/crypto/curve25519/spake25519_test.cc",
- "src/crypto/curve25519/x25519_test.cc",
- "src/crypto/dh/dh_test.cc",
- "src/crypto/digest/digest_test.cc",
- "src/crypto/dsa/dsa_test.cc",
- "src/crypto/ecdh/ecdh_test.cc",
- "src/crypto/err/err_test.cc",
- "src/crypto/evp/evp_extra_test.cc",
- "src/crypto/evp/evp_test.cc",
- "src/crypto/evp/pbkdf_test.cc",
- "src/crypto/evp/scrypt_test.cc",
- "src/crypto/fipsmodule/aes/aes_test.cc",
- "src/crypto/fipsmodule/aes/gcm_test.cc",
- "src/crypto/fipsmodule/bn/bn_test.cc",
- "src/crypto/fipsmodule/cmac/cmac_test.cc",
- "src/crypto/fipsmodule/ec/ec_test.cc",
- "src/crypto/fipsmodule/ec/p256-nistz_test.cc",
- "src/crypto/fipsmodule/ec/p256_test.cc",
- "src/crypto/fipsmodule/ecdsa/ecdsa_test.cc",
- "src/crypto/fipsmodule/hkdf/hkdf_test.cc",
- "src/crypto/fipsmodule/keccak/keccak_test.cc",
- "src/crypto/fipsmodule/rand/ctrdrbg_test.cc",
- "src/crypto/fipsmodule/service_indicator/service_indicator_test.cc",
- "src/crypto/fipsmodule/sha/sha_test.cc",
- "src/crypto/hmac/hmac_test.cc",
- "src/crypto/hpke/hpke_test.cc",
- "src/crypto/hrss/hrss_test.cc",
- "src/crypto/impl_dispatch_test.cc",
- "src/crypto/kyber/kyber_test.cc",
- "src/crypto/lhash/lhash_test.cc",
- "src/crypto/md5/md5_test.cc",
- "src/crypto/mldsa/mldsa_test.cc",
- "src/crypto/mlkem/mlkem_test.cc",
- "src/crypto/obj/obj_test.cc",
- "src/crypto/pem/pem_test.cc",
- "src/crypto/pkcs7/pkcs7_test.cc",
- "src/crypto/pkcs8/pkcs12_test.cc",
- "src/crypto/pkcs8/pkcs8_test.cc",
- "src/crypto/poly1305/poly1305_test.cc",
- "src/crypto/pool/pool_test.cc",
- "src/crypto/rand/fork_detect_test.cc",
- "src/crypto/rand/getentropy_test.cc",
- "src/crypto/rand/rand_test.cc",
- "src/crypto/refcount_test.cc",
- "src/crypto/rsa/rsa_test.cc",
- "src/crypto/self_test.cc",
- "src/crypto/siphash/siphash_test.cc",
- "src/crypto/slhdsa/slhdsa_test.cc",
- "src/crypto/spake2plus/spake2plus_test.cc",
- "src/crypto/stack/stack_test.cc",
- "src/crypto/test/gtest_main.cc",
- "src/crypto/thread_test.cc",
- "src/crypto/trust_token/trust_token_test.cc",
- "src/crypto/x509/tab_test.cc",
- "src/crypto/x509/x509_test.cc",
+ "src/crypto/abi_self_test.cc",
+ "src/crypto/asn1/asn1_test.cc",
+ "src/crypto/base64/base64_test.cc",
+ "src/crypto/bio/bio_test.cc",
+ "src/crypto/blake2/blake2_test.cc",
+ "src/crypto/buf/buf_test.cc",
+ "src/crypto/bytestring/bytestring_test.cc",
+ "src/crypto/chacha/chacha_test.cc",
+ "src/crypto/cipher/aead_test.cc",
+ "src/crypto/cipher/cipher_test.cc",
+ "src/crypto/cms/cms_test.cc",
+ "src/crypto/compiler_test.cc",
+ "src/crypto/conf/conf_test.cc",
+ "src/crypto/constant_time_test.cc",
+ "src/crypto/cpu_arm_linux_test.cc",
+ "src/crypto/crypto_test.cc",
+ "src/crypto/curve25519/ed25519_test.cc",
+ "src/crypto/curve25519/spake25519_test.cc",
+ "src/crypto/curve25519/x25519_test.cc",
+ "src/crypto/dh/dh_test.cc",
+ "src/crypto/digest/digest_test.cc",
+ "src/crypto/dsa/dsa_test.cc",
+ "src/crypto/ecdh/ecdh_test.cc",
+ "src/crypto/err/err_test.cc",
+ "src/crypto/evp/evp_extra_test.cc",
+ "src/crypto/evp/evp_test.cc",
+ "src/crypto/evp/pbkdf_test.cc",
+ "src/crypto/evp/scrypt_test.cc",
+ "src/crypto/fipsmodule/aes/aes_test.cc",
+ "src/crypto/fipsmodule/aes/gcm_test.cc",
+ "src/crypto/fipsmodule/bn/bn_test.cc",
+ "src/crypto/fipsmodule/cmac/cmac_test.cc",
+ "src/crypto/fipsmodule/ec/ec_test.cc",
+ "src/crypto/fipsmodule/ec/p256-nistz_test.cc",
+ "src/crypto/fipsmodule/ec/p256_test.cc",
+ "src/crypto/fipsmodule/ecdsa/ecdsa_test.cc",
+ "src/crypto/fipsmodule/hkdf/hkdf_test.cc",
+ "src/crypto/fipsmodule/keccak/keccak_test.cc",
+ "src/crypto/fipsmodule/rand/ctrdrbg_test.cc",
+ "src/crypto/fipsmodule/service_indicator/service_indicator_test.cc",
+ "src/crypto/fipsmodule/sha/sha_test.cc",
+ "src/crypto/hmac/hmac_test.cc",
+ "src/crypto/hpke/hpke_test.cc",
+ "src/crypto/hrss/hrss_test.cc",
+ "src/crypto/impl_dispatch_test.cc",
+ "src/crypto/kyber/kyber_test.cc",
+ "src/crypto/lhash/lhash_test.cc",
+ "src/crypto/md5/md5_test.cc",
+ "src/crypto/mldsa/mldsa_test.cc",
+ "src/crypto/mlkem/mlkem_test.cc",
+ "src/crypto/obj/obj_test.cc",
+ "src/crypto/pem/pem_test.cc",
+ "src/crypto/pkcs7/pkcs7_test.cc",
+ "src/crypto/pkcs8/pkcs12_test.cc",
+ "src/crypto/pkcs8/pkcs8_test.cc",
+ "src/crypto/poly1305/poly1305_test.cc",
+ "src/crypto/pool/pool_test.cc",
+ "src/crypto/rand/fork_detect_test.cc",
+ "src/crypto/rand/getentropy_test.cc",
+ "src/crypto/rand/rand_test.cc",
+ "src/crypto/refcount_test.cc",
+ "src/crypto/rsa/rsa_test.cc",
+ "src/crypto/self_test.cc",
+ "src/crypto/siphash/siphash_test.cc",
+ "src/crypto/slhdsa/slhdsa_test.cc",
+ "src/crypto/spake2plus/spake2plus_test.cc",
+ "src/crypto/stack/stack_test.cc",
+ "src/crypto/test/gtest_main.cc",
+ "src/crypto/thread_test.cc",
+ "src/crypto/trust_token/trust_token_test.cc",
+ "src/crypto/x509/tab_test.cc",
+ "src/crypto/x509/x509_test.cc",
"src/crypto/x509/x509_time_test.cc"
- ],
+ ],
"crypto_test_data": [
- "src/crypto/blake2/blake2b256_tests.txt",
- "src/crypto/cipher/test/aes_128_cbc_sha1_tls_implicit_iv_tests.txt",
- "src/crypto/cipher/test/aes_128_cbc_sha1_tls_tests.txt",
- "src/crypto/cipher/test/aes_128_ccm_bluetooth_8_tests.txt",
- "src/crypto/cipher/test/aes_128_ccm_bluetooth_tests.txt",
- "src/crypto/cipher/test/aes_128_ccm_matter_tests.txt",
- "src/crypto/cipher/test/aes_128_ctr_hmac_sha256.txt",
- "src/crypto/cipher/test/aes_128_gcm_randnonce_tests.txt",
- "src/crypto/cipher/test/aes_128_gcm_siv_tests.txt",
- "src/crypto/cipher/test/aes_128_gcm_tests.txt",
- "src/crypto/cipher/test/aes_192_gcm_tests.txt",
- "src/crypto/cipher/test/aes_256_cbc_sha1_tls_implicit_iv_tests.txt",
- "src/crypto/cipher/test/aes_256_cbc_sha1_tls_tests.txt",
- "src/crypto/cipher/test/aes_256_ctr_hmac_sha256.txt",
- "src/crypto/cipher/test/aes_256_gcm_randnonce_tests.txt",
- "src/crypto/cipher/test/aes_256_gcm_siv_tests.txt",
- "src/crypto/cipher/test/aes_256_gcm_tests.txt",
- "src/crypto/cipher/test/chacha20_poly1305_tests.txt",
- "src/crypto/cipher/test/cipher_tests.txt",
- "src/crypto/cipher/test/des_ede3_cbc_sha1_tls_implicit_iv_tests.txt",
- "src/crypto/cipher/test/des_ede3_cbc_sha1_tls_tests.txt",
- "src/crypto/cipher/test/nist_cavp/aes_128_cbc.txt",
- "src/crypto/cipher/test/nist_cavp/aes_128_ctr.txt",
- "src/crypto/cipher/test/nist_cavp/aes_128_gcm.txt",
- "src/crypto/cipher/test/nist_cavp/aes_192_cbc.txt",
- "src/crypto/cipher/test/nist_cavp/aes_192_ctr.txt",
- "src/crypto/cipher/test/nist_cavp/aes_256_cbc.txt",
- "src/crypto/cipher/test/nist_cavp/aes_256_ctr.txt",
- "src/crypto/cipher/test/nist_cavp/aes_256_gcm.txt",
- "src/crypto/cipher/test/nist_cavp/tdes_cbc.txt",
- "src/crypto/cipher/test/nist_cavp/tdes_ecb.txt",
- "src/crypto/cipher/test/xchacha20_poly1305_tests.txt",
- "src/crypto/curve25519/ed25519_tests.txt",
- "src/crypto/ecdh/ecdh_tests.txt",
- "src/crypto/evp/evp_tests.txt",
- "src/crypto/evp/scrypt_tests.txt",
- "src/crypto/fipsmodule/aes/aes_tests.txt",
- "src/crypto/fipsmodule/bn/test/exp_tests.txt",
- "src/crypto/fipsmodule/bn/test/gcd_tests.txt",
- "src/crypto/fipsmodule/bn/test/miller_rabin_tests.txt",
- "src/crypto/fipsmodule/bn/test/mod_exp_tests.txt",
- "src/crypto/fipsmodule/bn/test/mod_inv_tests.txt",
- "src/crypto/fipsmodule/bn/test/mod_mul_tests.txt",
- "src/crypto/fipsmodule/bn/test/mod_sqrt_tests.txt",
- "src/crypto/fipsmodule/bn/test/product_tests.txt",
- "src/crypto/fipsmodule/bn/test/quotient_tests.txt",
- "src/crypto/fipsmodule/bn/test/shift_tests.txt",
- "src/crypto/fipsmodule/bn/test/sum_tests.txt",
- "src/crypto/fipsmodule/cmac/cavp_3des_cmac_tests.txt",
- "src/crypto/fipsmodule/cmac/cavp_aes128_cmac_tests.txt",
- "src/crypto/fipsmodule/cmac/cavp_aes192_cmac_tests.txt",
- "src/crypto/fipsmodule/cmac/cavp_aes256_cmac_tests.txt",
- "src/crypto/fipsmodule/ec/ec_scalar_base_mult_tests.txt",
- "src/crypto/fipsmodule/ec/p256-nistz_tests.txt",
- "src/crypto/fipsmodule/ecdsa/ecdsa_sign_tests.txt",
- "src/crypto/fipsmodule/ecdsa/ecdsa_verify_tests.txt",
- "src/crypto/fipsmodule/keccak/keccak_tests.txt",
- "src/crypto/fipsmodule/rand/ctrdrbg_vectors.txt",
- "src/crypto/hmac/hmac_tests.txt",
- "src/crypto/hpke/hpke_test_vectors.txt",
- "src/crypto/kyber/kyber_tests.txt",
- "src/crypto/mldsa/mldsa_nist_keygen_65_tests.txt",
- "src/crypto/mldsa/mldsa_nist_keygen_87_tests.txt",
- "src/crypto/mldsa/mldsa_nist_siggen_65_tests.txt",
- "src/crypto/mldsa/mldsa_nist_siggen_87_tests.txt",
- "src/crypto/mlkem/mlkem1024_decap_tests.txt",
- "src/crypto/mlkem/mlkem1024_encap_tests.txt",
- "src/crypto/mlkem/mlkem1024_keygen_tests.txt",
- "src/crypto/mlkem/mlkem1024_nist_decap_tests.txt",
- "src/crypto/mlkem/mlkem1024_nist_keygen_tests.txt",
- "src/crypto/mlkem/mlkem768_decap_tests.txt",
- "src/crypto/mlkem/mlkem768_encap_tests.txt",
- "src/crypto/mlkem/mlkem768_keygen_tests.txt",
- "src/crypto/mlkem/mlkem768_nist_decap_tests.txt",
- "src/crypto/mlkem/mlkem768_nist_keygen_tests.txt",
- "src/crypto/pkcs8/test/bad1.p12",
- "src/crypto/pkcs8/test/bad2.p12",
- "src/crypto/pkcs8/test/bad3.p12",
- "src/crypto/pkcs8/test/empty_password.p12",
- "src/crypto/pkcs8/test/empty_password_ber.p12",
- "src/crypto/pkcs8/test/empty_password_ber_nested.p12",
- "src/crypto/pkcs8/test/no_encryption.p12",
- "src/crypto/pkcs8/test/nss.p12",
- "src/crypto/pkcs8/test/null_password.p12",
- "src/crypto/pkcs8/test/openssl.p12",
- "src/crypto/pkcs8/test/pbes2_sha1.p12",
- "src/crypto/pkcs8/test/pbes2_sha256.p12",
- "src/crypto/pkcs8/test/unicode_password.p12",
- "src/crypto/pkcs8/test/windows.p12",
- "src/crypto/poly1305/poly1305_tests.txt",
- "src/crypto/siphash/siphash_tests.txt",
- "src/crypto/slhdsa/slhdsa_keygen.txt",
- "src/crypto/slhdsa/slhdsa_prehash.txt",
- "src/crypto/slhdsa/slhdsa_siggen.txt",
- "src/crypto/slhdsa/slhdsa_sigver.txt",
- "src/crypto/x509/test/basic_constraints_ca.pem",
- "src/crypto/x509/test/basic_constraints_ca_pathlen_0.pem",
- "src/crypto/x509/test/basic_constraints_ca_pathlen_1.pem",
- "src/crypto/x509/test/basic_constraints_ca_pathlen_10.pem",
- "src/crypto/x509/test/basic_constraints_leaf.pem",
- "src/crypto/x509/test/basic_constraints_none.pem",
- "src/crypto/x509/test/invalid_extension_intermediate.pem",
- "src/crypto/x509/test/invalid_extension_intermediate_authority_key_identifier.pem",
- "src/crypto/x509/test/invalid_extension_intermediate_basic_constraints.pem",
- "src/crypto/x509/test/invalid_extension_intermediate_ext_key_usage.pem",
- "src/crypto/x509/test/invalid_extension_intermediate_key_usage.pem",
- "src/crypto/x509/test/invalid_extension_intermediate_name_constraints.pem",
- "src/crypto/x509/test/invalid_extension_intermediate_subject_alt_name.pem",
- "src/crypto/x509/test/invalid_extension_intermediate_subject_key_identifier.pem",
- "src/crypto/x509/test/invalid_extension_leaf.pem",
- "src/crypto/x509/test/invalid_extension_leaf_authority_key_identifier.pem",
- "src/crypto/x509/test/invalid_extension_leaf_basic_constraints.pem",
- "src/crypto/x509/test/invalid_extension_leaf_ext_key_usage.pem",
- "src/crypto/x509/test/invalid_extension_leaf_key_usage.pem",
- "src/crypto/x509/test/invalid_extension_leaf_name_constraints.pem",
- "src/crypto/x509/test/invalid_extension_leaf_subject_alt_name.pem",
- "src/crypto/x509/test/invalid_extension_leaf_subject_key_identifier.pem",
- "src/crypto/x509/test/invalid_extension_root.pem",
- "src/crypto/x509/test/invalid_extension_root_authority_key_identifier.pem",
- "src/crypto/x509/test/invalid_extension_root_basic_constraints.pem",
- "src/crypto/x509/test/invalid_extension_root_ext_key_usage.pem",
- "src/crypto/x509/test/invalid_extension_root_key_usage.pem",
- "src/crypto/x509/test/invalid_extension_root_name_constraints.pem",
- "src/crypto/x509/test/invalid_extension_root_subject_alt_name.pem",
- "src/crypto/x509/test/invalid_extension_root_subject_key_identifier.pem",
- "src/crypto/x509/test/many_constraints.pem",
- "src/crypto/x509/test/many_names1.pem",
- "src/crypto/x509/test/many_names2.pem",
- "src/crypto/x509/test/many_names3.pem",
- "src/crypto/x509/test/policy_intermediate.pem",
- "src/crypto/x509/test/policy_intermediate_any.pem",
- "src/crypto/x509/test/policy_intermediate_duplicate.pem",
- "src/crypto/x509/test/policy_intermediate_invalid.pem",
- "src/crypto/x509/test/policy_intermediate_mapped.pem",
- "src/crypto/x509/test/policy_intermediate_mapped_any.pem",
- "src/crypto/x509/test/policy_intermediate_mapped_oid3.pem",
- "src/crypto/x509/test/policy_intermediate_require.pem",
- "src/crypto/x509/test/policy_intermediate_require1.pem",
- "src/crypto/x509/test/policy_intermediate_require2.pem",
- "src/crypto/x509/test/policy_intermediate_require_duplicate.pem",
- "src/crypto/x509/test/policy_intermediate_require_no_policies.pem",
- "src/crypto/x509/test/policy_leaf.pem",
- "src/crypto/x509/test/policy_leaf_any.pem",
- "src/crypto/x509/test/policy_leaf_duplicate.pem",
- "src/crypto/x509/test/policy_leaf_invalid.pem",
- "src/crypto/x509/test/policy_leaf_none.pem",
- "src/crypto/x509/test/policy_leaf_oid1.pem",
- "src/crypto/x509/test/policy_leaf_oid2.pem",
- "src/crypto/x509/test/policy_leaf_oid3.pem",
- "src/crypto/x509/test/policy_leaf_oid4.pem",
- "src/crypto/x509/test/policy_leaf_oid5.pem",
- "src/crypto/x509/test/policy_leaf_require.pem",
- "src/crypto/x509/test/policy_leaf_require1.pem",
- "src/crypto/x509/test/policy_root.pem",
- "src/crypto/x509/test/policy_root2.pem",
- "src/crypto/x509/test/policy_root_cross_inhibit_mapping.pem",
- "src/crypto/x509/test/pss_sha1.pem",
- "src/crypto/x509/test/pss_sha1_explicit.pem",
- "src/crypto/x509/test/pss_sha1_mgf1_syntax_error.pem",
- "src/crypto/x509/test/pss_sha224.pem",
- "src/crypto/x509/test/pss_sha256.pem",
- "src/crypto/x509/test/pss_sha256_explicit_trailer.pem",
- "src/crypto/x509/test/pss_sha256_mgf1_sha384.pem",
- "src/crypto/x509/test/pss_sha256_mgf1_syntax_error.pem",
- "src/crypto/x509/test/pss_sha256_omit_nulls.pem",
- "src/crypto/x509/test/pss_sha256_salt31.pem",
- "src/crypto/x509/test/pss_sha256_salt_overflow.pem",
- "src/crypto/x509/test/pss_sha256_unknown_mgf.pem",
- "src/crypto/x509/test/pss_sha256_wrong_trailer.pem",
- "src/crypto/x509/test/pss_sha384.pem",
- "src/crypto/x509/test/pss_sha512.pem",
- "src/crypto/x509/test/some_names1.pem",
- "src/crypto/x509/test/some_names2.pem",
- "src/crypto/x509/test/some_names3.pem",
- "src/crypto/x509/test/trailing_data_leaf_authority_key_identifier.pem",
- "src/crypto/x509/test/trailing_data_leaf_basic_constraints.pem",
- "src/crypto/x509/test/trailing_data_leaf_ext_key_usage.pem",
- "src/crypto/x509/test/trailing_data_leaf_key_usage.pem",
- "src/crypto/x509/test/trailing_data_leaf_name_constraints.pem",
- "src/crypto/x509/test/trailing_data_leaf_subject_alt_name.pem",
- "src/crypto/x509/test/trailing_data_leaf_subject_key_identifier.pem",
- "src/third_party/wycheproof_testvectors/aes_cbc_pkcs5_test.txt",
- "src/third_party/wycheproof_testvectors/aes_cmac_test.txt",
- "src/third_party/wycheproof_testvectors/aes_gcm_siv_test.txt",
- "src/third_party/wycheproof_testvectors/aes_gcm_test.txt",
- "src/third_party/wycheproof_testvectors/chacha20_poly1305_test.txt",
- "src/third_party/wycheproof_testvectors/dsa_test.txt",
- "src/third_party/wycheproof_testvectors/ecdh_secp224r1_test.txt",
- "src/third_party/wycheproof_testvectors/ecdh_secp256r1_test.txt",
- "src/third_party/wycheproof_testvectors/ecdh_secp384r1_test.txt",
- "src/third_party/wycheproof_testvectors/ecdh_secp521r1_test.txt",
- "src/third_party/wycheproof_testvectors/ecdsa_secp224r1_sha224_test.txt",
- "src/third_party/wycheproof_testvectors/ecdsa_secp224r1_sha256_test.txt",
- "src/third_party/wycheproof_testvectors/ecdsa_secp224r1_sha512_test.txt",
- "src/third_party/wycheproof_testvectors/ecdsa_secp256r1_sha256_test.txt",
- "src/third_party/wycheproof_testvectors/ecdsa_secp256r1_sha512_test.txt",
- "src/third_party/wycheproof_testvectors/ecdsa_secp384r1_sha384_test.txt",
- "src/third_party/wycheproof_testvectors/ecdsa_secp384r1_sha512_test.txt",
- "src/third_party/wycheproof_testvectors/ecdsa_secp521r1_sha512_test.txt",
- "src/third_party/wycheproof_testvectors/eddsa_test.txt",
- "src/third_party/wycheproof_testvectors/hkdf_sha1_test.txt",
- "src/third_party/wycheproof_testvectors/hkdf_sha256_test.txt",
- "src/third_party/wycheproof_testvectors/hkdf_sha384_test.txt",
- "src/third_party/wycheproof_testvectors/hkdf_sha512_test.txt",
- "src/third_party/wycheproof_testvectors/hmac_sha1_test.txt",
- "src/third_party/wycheproof_testvectors/hmac_sha224_test.txt",
- "src/third_party/wycheproof_testvectors/hmac_sha256_test.txt",
- "src/third_party/wycheproof_testvectors/hmac_sha384_test.txt",
- "src/third_party/wycheproof_testvectors/hmac_sha512_test.txt",
- "src/third_party/wycheproof_testvectors/kw_test.txt",
- "src/third_party/wycheproof_testvectors/kwp_test.txt",
- "src/third_party/wycheproof_testvectors/mldsa_65_standard_sign_test.txt",
- "src/third_party/wycheproof_testvectors/mldsa_65_standard_verify_test.txt",
- "src/third_party/wycheproof_testvectors/mldsa_87_standard_sign_test.txt",
- "src/third_party/wycheproof_testvectors/mldsa_87_standard_verify_test.txt",
- "src/third_party/wycheproof_testvectors/primality_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_oaep_2048_sha1_mgf1sha1_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_oaep_2048_sha224_mgf1sha1_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_oaep_2048_sha224_mgf1sha224_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_oaep_2048_sha256_mgf1sha1_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_oaep_2048_sha256_mgf1sha256_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_oaep_2048_sha384_mgf1sha1_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_oaep_2048_sha384_mgf1sha384_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_oaep_2048_sha512_mgf1sha1_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_oaep_2048_sha512_mgf1sha512_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_oaep_3072_sha256_mgf1sha1_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_oaep_3072_sha256_mgf1sha256_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_oaep_3072_sha512_mgf1sha1_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_oaep_3072_sha512_mgf1sha512_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_oaep_4096_sha256_mgf1sha1_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_oaep_4096_sha256_mgf1sha256_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_oaep_4096_sha512_mgf1sha1_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_oaep_4096_sha512_mgf1sha512_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_oaep_misc_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_pkcs1_2048_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_pkcs1_3072_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_pkcs1_4096_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_pss_2048_sha1_mgf1_20_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_pss_2048_sha256_mgf1_0_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_pss_2048_sha256_mgf1_32_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_pss_3072_sha256_mgf1_32_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_pss_4096_sha256_mgf1_32_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_pss_4096_sha512_mgf1_32_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_pss_misc_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_sig_gen_misc_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_signature_2048_sha224_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_signature_2048_sha256_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_signature_2048_sha384_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_signature_2048_sha512_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_signature_3072_sha256_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_signature_3072_sha384_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_signature_3072_sha512_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_signature_4096_sha384_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_signature_4096_sha512_test.txt",
- "src/third_party/wycheproof_testvectors/rsa_signature_test.txt",
- "src/third_party/wycheproof_testvectors/x25519_test.txt",
+ "src/crypto/blake2/blake2b256_tests.txt",
+ "src/crypto/cipher/test/aes_128_cbc_sha1_tls_implicit_iv_tests.txt",
+ "src/crypto/cipher/test/aes_128_cbc_sha1_tls_tests.txt",
+ "src/crypto/cipher/test/aes_128_ccm_bluetooth_8_tests.txt",
+ "src/crypto/cipher/test/aes_128_ccm_bluetooth_tests.txt",
+ "src/crypto/cipher/test/aes_128_ccm_matter_tests.txt",
+ "src/crypto/cipher/test/aes_128_ctr_hmac_sha256.txt",
+ "src/crypto/cipher/test/aes_128_eax_test.txt",
+ "src/crypto/cipher/test/aes_128_gcm_randnonce_tests.txt",
+ "src/crypto/cipher/test/aes_128_gcm_siv_tests.txt",
+ "src/crypto/cipher/test/aes_128_gcm_tests.txt",
+ "src/crypto/cipher/test/aes_192_gcm_tests.txt",
+ "src/crypto/cipher/test/aes_256_cbc_sha1_tls_implicit_iv_tests.txt",
+ "src/crypto/cipher/test/aes_256_cbc_sha1_tls_tests.txt",
+ "src/crypto/cipher/test/aes_256_ctr_hmac_sha256.txt",
+ "src/crypto/cipher/test/aes_256_eax_test.txt",
+ "src/crypto/cipher/test/aes_256_gcm_randnonce_tests.txt",
+ "src/crypto/cipher/test/aes_256_gcm_siv_tests.txt",
+ "src/crypto/cipher/test/aes_256_gcm_tests.txt",
+ "src/crypto/cipher/test/chacha20_poly1305_tests.txt",
+ "src/crypto/cipher/test/cipher_tests.txt",
+ "src/crypto/cipher/test/des_ede3_cbc_sha1_tls_implicit_iv_tests.txt",
+ "src/crypto/cipher/test/des_ede3_cbc_sha1_tls_tests.txt",
+ "src/crypto/cipher/test/nist_cavp/aes_128_cbc.txt",
+ "src/crypto/cipher/test/nist_cavp/aes_128_ctr.txt",
+ "src/crypto/cipher/test/nist_cavp/aes_128_gcm.txt",
+ "src/crypto/cipher/test/nist_cavp/aes_192_cbc.txt",
+ "src/crypto/cipher/test/nist_cavp/aes_192_ctr.txt",
+ "src/crypto/cipher/test/nist_cavp/aes_256_cbc.txt",
+ "src/crypto/cipher/test/nist_cavp/aes_256_ctr.txt",
+ "src/crypto/cipher/test/nist_cavp/aes_256_gcm.txt",
+ "src/crypto/cipher/test/nist_cavp/tdes_cbc.txt",
+ "src/crypto/cipher/test/nist_cavp/tdes_ecb.txt",
+ "src/crypto/cipher/test/xchacha20_poly1305_tests.txt",
+ "src/crypto/curve25519/ed25519_tests.txt",
+ "src/crypto/ecdh/ecdh_tests.txt",
+ "src/crypto/evp/evp_tests.txt",
+ "src/crypto/evp/scrypt_tests.txt",
+ "src/crypto/fipsmodule/aes/aes_tests.txt",
+ "src/crypto/fipsmodule/bn/test/exp_tests.txt",
+ "src/crypto/fipsmodule/bn/test/gcd_tests.txt",
+ "src/crypto/fipsmodule/bn/test/miller_rabin_tests.txt",
+ "src/crypto/fipsmodule/bn/test/mod_exp_tests.txt",
+ "src/crypto/fipsmodule/bn/test/mod_inv_tests.txt",
+ "src/crypto/fipsmodule/bn/test/mod_mul_tests.txt",
+ "src/crypto/fipsmodule/bn/test/mod_sqrt_tests.txt",
+ "src/crypto/fipsmodule/bn/test/product_tests.txt",
+ "src/crypto/fipsmodule/bn/test/quotient_tests.txt",
+ "src/crypto/fipsmodule/bn/test/shift_tests.txt",
+ "src/crypto/fipsmodule/bn/test/sum_tests.txt",
+ "src/crypto/fipsmodule/cmac/cavp_3des_cmac_tests.txt",
+ "src/crypto/fipsmodule/cmac/cavp_aes128_cmac_tests.txt",
+ "src/crypto/fipsmodule/cmac/cavp_aes192_cmac_tests.txt",
+ "src/crypto/fipsmodule/cmac/cavp_aes256_cmac_tests.txt",
+ "src/crypto/fipsmodule/ec/ec_scalar_base_mult_tests.txt",
+ "src/crypto/fipsmodule/ec/p256-nistz_tests.txt",
+ "src/crypto/fipsmodule/ecdsa/ecdsa_sign_tests.txt",
+ "src/crypto/fipsmodule/ecdsa/ecdsa_verify_tests.txt",
+ "src/crypto/fipsmodule/keccak/keccak_tests.txt",
+ "src/crypto/fipsmodule/rand/ctrdrbg_vectors.txt",
+ "src/crypto/hmac/hmac_tests.txt",
+ "src/crypto/hpke/hpke_test_vectors.txt",
+ "src/crypto/kyber/kyber_tests.txt",
+ "src/crypto/mldsa/mldsa_nist_keygen_65_tests.txt",
+ "src/crypto/mldsa/mldsa_nist_keygen_87_tests.txt",
+ "src/crypto/mldsa/mldsa_nist_siggen_65_tests.txt",
+ "src/crypto/mldsa/mldsa_nist_siggen_87_tests.txt",
+ "src/crypto/mlkem/mlkem1024_decap_tests.txt",
+ "src/crypto/mlkem/mlkem1024_encap_tests.txt",
+ "src/crypto/mlkem/mlkem1024_keygen_tests.txt",
+ "src/crypto/mlkem/mlkem1024_nist_decap_tests.txt",
+ "src/crypto/mlkem/mlkem1024_nist_keygen_tests.txt",
+ "src/crypto/mlkem/mlkem768_decap_tests.txt",
+ "src/crypto/mlkem/mlkem768_encap_tests.txt",
+ "src/crypto/mlkem/mlkem768_keygen_tests.txt",
+ "src/crypto/mlkem/mlkem768_nist_decap_tests.txt",
+ "src/crypto/mlkem/mlkem768_nist_keygen_tests.txt",
+ "src/crypto/pkcs7/test/nss.p7c",
+ "src/crypto/pkcs7/test/openssl_crl.p7c",
+ "src/crypto/pkcs7/test/sign_cert.pem",
+ "src/crypto/pkcs7/test/sign_key.pem",
+ "src/crypto/pkcs7/test/sign_sha1.p7s",
+ "src/crypto/pkcs7/test/sign_sha1_key_id.p7s",
+ "src/crypto/pkcs7/test/sign_sha256.p7s",
+ "src/crypto/pkcs7/test/sign_sha256_key_id.p7s",
+ "src/crypto/pkcs7/test/windows.p7c",
+ "src/crypto/pkcs8/test/bad1.p12",
+ "src/crypto/pkcs8/test/bad2.p12",
+ "src/crypto/pkcs8/test/bad3.p12",
+ "src/crypto/pkcs8/test/empty_password.p12",
+ "src/crypto/pkcs8/test/empty_password_ber.p12",
+ "src/crypto/pkcs8/test/empty_password_ber_nested.p12",
+ "src/crypto/pkcs8/test/no_encryption.p12",
+ "src/crypto/pkcs8/test/nss.p12",
+ "src/crypto/pkcs8/test/null_password.p12",
+ "src/crypto/pkcs8/test/openssl.p12",
+ "src/crypto/pkcs8/test/pbes2_sha1.p12",
+ "src/crypto/pkcs8/test/pbes2_sha256.p12",
+ "src/crypto/pkcs8/test/unicode_password.p12",
+ "src/crypto/pkcs8/test/windows.p12",
+ "src/crypto/poly1305/poly1305_tests.txt",
+ "src/crypto/siphash/siphash_tests.txt",
+ "src/crypto/slhdsa/slhdsa_keygen.txt",
+ "src/crypto/slhdsa/slhdsa_prehash.txt",
+ "src/crypto/slhdsa/slhdsa_siggen.txt",
+ "src/crypto/slhdsa/slhdsa_sigver.txt",
+ "src/crypto/x509/test/basic_constraints_ca.pem",
+ "src/crypto/x509/test/basic_constraints_ca_pathlen_0.pem",
+ "src/crypto/x509/test/basic_constraints_ca_pathlen_1.pem",
+ "src/crypto/x509/test/basic_constraints_ca_pathlen_10.pem",
+ "src/crypto/x509/test/basic_constraints_leaf.pem",
+ "src/crypto/x509/test/basic_constraints_none.pem",
+ "src/crypto/x509/test/invalid_extension_intermediate.pem",
+ "src/crypto/x509/test/invalid_extension_intermediate_authority_key_identifier.pem",
+ "src/crypto/x509/test/invalid_extension_intermediate_basic_constraints.pem",
+ "src/crypto/x509/test/invalid_extension_intermediate_ext_key_usage.pem",
+ "src/crypto/x509/test/invalid_extension_intermediate_key_usage.pem",
+ "src/crypto/x509/test/invalid_extension_intermediate_name_constraints.pem",
+ "src/crypto/x509/test/invalid_extension_intermediate_subject_alt_name.pem",
+ "src/crypto/x509/test/invalid_extension_intermediate_subject_key_identifier.pem",
+ "src/crypto/x509/test/invalid_extension_leaf.pem",
+ "src/crypto/x509/test/invalid_extension_leaf_authority_key_identifier.pem",
+ "src/crypto/x509/test/invalid_extension_leaf_basic_constraints.pem",
+ "src/crypto/x509/test/invalid_extension_leaf_ext_key_usage.pem",
+ "src/crypto/x509/test/invalid_extension_leaf_key_usage.pem",
+ "src/crypto/x509/test/invalid_extension_leaf_name_constraints.pem",
+ "src/crypto/x509/test/invalid_extension_leaf_subject_alt_name.pem",
+ "src/crypto/x509/test/invalid_extension_leaf_subject_key_identifier.pem",
+ "src/crypto/x509/test/invalid_extension_root.pem",
+ "src/crypto/x509/test/invalid_extension_root_authority_key_identifier.pem",
+ "src/crypto/x509/test/invalid_extension_root_basic_constraints.pem",
+ "src/crypto/x509/test/invalid_extension_root_ext_key_usage.pem",
+ "src/crypto/x509/test/invalid_extension_root_key_usage.pem",
+ "src/crypto/x509/test/invalid_extension_root_name_constraints.pem",
+ "src/crypto/x509/test/invalid_extension_root_subject_alt_name.pem",
+ "src/crypto/x509/test/invalid_extension_root_subject_key_identifier.pem",
+ "src/crypto/x509/test/many_constraints.pem",
+ "src/crypto/x509/test/many_names1.pem",
+ "src/crypto/x509/test/many_names2.pem",
+ "src/crypto/x509/test/many_names3.pem",
+ "src/crypto/x509/test/policy_intermediate.pem",
+ "src/crypto/x509/test/policy_intermediate_any.pem",
+ "src/crypto/x509/test/policy_intermediate_duplicate.pem",
+ "src/crypto/x509/test/policy_intermediate_invalid.pem",
+ "src/crypto/x509/test/policy_intermediate_mapped.pem",
+ "src/crypto/x509/test/policy_intermediate_mapped_any.pem",
+ "src/crypto/x509/test/policy_intermediate_mapped_oid3.pem",
+ "src/crypto/x509/test/policy_intermediate_require.pem",
+ "src/crypto/x509/test/policy_intermediate_require1.pem",
+ "src/crypto/x509/test/policy_intermediate_require2.pem",
+ "src/crypto/x509/test/policy_intermediate_require_duplicate.pem",
+ "src/crypto/x509/test/policy_intermediate_require_no_policies.pem",
+ "src/crypto/x509/test/policy_leaf.pem",
+ "src/crypto/x509/test/policy_leaf_any.pem",
+ "src/crypto/x509/test/policy_leaf_duplicate.pem",
+ "src/crypto/x509/test/policy_leaf_invalid.pem",
+ "src/crypto/x509/test/policy_leaf_none.pem",
+ "src/crypto/x509/test/policy_leaf_oid1.pem",
+ "src/crypto/x509/test/policy_leaf_oid2.pem",
+ "src/crypto/x509/test/policy_leaf_oid3.pem",
+ "src/crypto/x509/test/policy_leaf_oid4.pem",
+ "src/crypto/x509/test/policy_leaf_oid5.pem",
+ "src/crypto/x509/test/policy_leaf_require.pem",
+ "src/crypto/x509/test/policy_leaf_require1.pem",
+ "src/crypto/x509/test/policy_root.pem",
+ "src/crypto/x509/test/policy_root2.pem",
+ "src/crypto/x509/test/policy_root_cross_inhibit_mapping.pem",
+ "src/crypto/x509/test/pss_sha1.pem",
+ "src/crypto/x509/test/pss_sha1_explicit.pem",
+ "src/crypto/x509/test/pss_sha1_mgf1_syntax_error.pem",
+ "src/crypto/x509/test/pss_sha224.pem",
+ "src/crypto/x509/test/pss_sha256.pem",
+ "src/crypto/x509/test/pss_sha256_explicit_trailer.pem",
+ "src/crypto/x509/test/pss_sha256_mgf1_sha384.pem",
+ "src/crypto/x509/test/pss_sha256_mgf1_syntax_error.pem",
+ "src/crypto/x509/test/pss_sha256_omit_nulls.pem",
+ "src/crypto/x509/test/pss_sha256_salt31.pem",
+ "src/crypto/x509/test/pss_sha256_salt_overflow.pem",
+ "src/crypto/x509/test/pss_sha256_unknown_mgf.pem",
+ "src/crypto/x509/test/pss_sha256_wrong_trailer.pem",
+ "src/crypto/x509/test/pss_sha384.pem",
+ "src/crypto/x509/test/pss_sha512.pem",
+ "src/crypto/x509/test/some_names1.pem",
+ "src/crypto/x509/test/some_names2.pem",
+ "src/crypto/x509/test/some_names3.pem",
+ "src/crypto/x509/test/trailing_data_leaf_authority_key_identifier.pem",
+ "src/crypto/x509/test/trailing_data_leaf_basic_constraints.pem",
+ "src/crypto/x509/test/trailing_data_leaf_ext_key_usage.pem",
+ "src/crypto/x509/test/trailing_data_leaf_key_usage.pem",
+ "src/crypto/x509/test/trailing_data_leaf_name_constraints.pem",
+ "src/crypto/x509/test/trailing_data_leaf_subject_alt_name.pem",
+ "src/crypto/x509/test/trailing_data_leaf_subject_key_identifier.pem",
+ "src/third_party/wycheproof_testvectors/aes_cbc_pkcs5_test.txt",
+ "src/third_party/wycheproof_testvectors/aes_cmac_test.txt",
+ "src/third_party/wycheproof_testvectors/aes_eax_test.txt",
+ "src/third_party/wycheproof_testvectors/aes_gcm_siv_test.txt",
+ "src/third_party/wycheproof_testvectors/aes_gcm_test.txt",
+ "src/third_party/wycheproof_testvectors/chacha20_poly1305_test.txt",
+ "src/third_party/wycheproof_testvectors/dsa_test.txt",
+ "src/third_party/wycheproof_testvectors/ecdh_secp224r1_test.txt",
+ "src/third_party/wycheproof_testvectors/ecdh_secp256r1_test.txt",
+ "src/third_party/wycheproof_testvectors/ecdh_secp384r1_test.txt",
+ "src/third_party/wycheproof_testvectors/ecdh_secp521r1_test.txt",
+ "src/third_party/wycheproof_testvectors/ecdsa_secp224r1_sha224_test.txt",
+ "src/third_party/wycheproof_testvectors/ecdsa_secp224r1_sha256_test.txt",
+ "src/third_party/wycheproof_testvectors/ecdsa_secp224r1_sha512_test.txt",
+ "src/third_party/wycheproof_testvectors/ecdsa_secp256r1_sha256_test.txt",
+ "src/third_party/wycheproof_testvectors/ecdsa_secp256r1_sha512_test.txt",
+ "src/third_party/wycheproof_testvectors/ecdsa_secp384r1_sha384_test.txt",
+ "src/third_party/wycheproof_testvectors/ecdsa_secp384r1_sha512_test.txt",
+ "src/third_party/wycheproof_testvectors/ecdsa_secp521r1_sha512_test.txt",
+ "src/third_party/wycheproof_testvectors/eddsa_test.txt",
+ "src/third_party/wycheproof_testvectors/hkdf_sha1_test.txt",
+ "src/third_party/wycheproof_testvectors/hkdf_sha256_test.txt",
+ "src/third_party/wycheproof_testvectors/hkdf_sha384_test.txt",
+ "src/third_party/wycheproof_testvectors/hkdf_sha512_test.txt",
+ "src/third_party/wycheproof_testvectors/hmac_sha1_test.txt",
+ "src/third_party/wycheproof_testvectors/hmac_sha224_test.txt",
+ "src/third_party/wycheproof_testvectors/hmac_sha256_test.txt",
+ "src/third_party/wycheproof_testvectors/hmac_sha384_test.txt",
+ "src/third_party/wycheproof_testvectors/hmac_sha512_test.txt",
+ "src/third_party/wycheproof_testvectors/kw_test.txt",
+ "src/third_party/wycheproof_testvectors/kwp_test.txt",
+ "src/third_party/wycheproof_testvectors/mldsa_65_standard_sign_test.txt",
+ "src/third_party/wycheproof_testvectors/mldsa_65_standard_verify_test.txt",
+ "src/third_party/wycheproof_testvectors/mldsa_87_standard_sign_test.txt",
+ "src/third_party/wycheproof_testvectors/mldsa_87_standard_verify_test.txt",
+ "src/third_party/wycheproof_testvectors/primality_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_oaep_2048_sha1_mgf1sha1_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_oaep_2048_sha224_mgf1sha1_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_oaep_2048_sha224_mgf1sha224_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_oaep_2048_sha256_mgf1sha1_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_oaep_2048_sha256_mgf1sha256_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_oaep_2048_sha384_mgf1sha1_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_oaep_2048_sha384_mgf1sha384_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_oaep_2048_sha512_mgf1sha1_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_oaep_2048_sha512_mgf1sha512_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_oaep_3072_sha256_mgf1sha1_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_oaep_3072_sha256_mgf1sha256_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_oaep_3072_sha512_mgf1sha1_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_oaep_3072_sha512_mgf1sha512_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_oaep_4096_sha256_mgf1sha1_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_oaep_4096_sha256_mgf1sha256_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_oaep_4096_sha512_mgf1sha1_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_oaep_4096_sha512_mgf1sha512_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_oaep_misc_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_pkcs1_2048_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_pkcs1_3072_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_pkcs1_4096_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_pss_2048_sha1_mgf1_20_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_pss_2048_sha256_mgf1_0_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_pss_2048_sha256_mgf1_32_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_pss_3072_sha256_mgf1_32_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_pss_4096_sha256_mgf1_32_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_pss_4096_sha512_mgf1_32_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_pss_misc_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_sig_gen_misc_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_signature_2048_sha224_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_signature_2048_sha256_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_signature_2048_sha384_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_signature_2048_sha512_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_signature_3072_sha256_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_signature_3072_sha384_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_signature_3072_sha512_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_signature_4096_sha384_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_signature_4096_sha512_test.txt",
+ "src/third_party/wycheproof_testvectors/rsa_signature_test.txt",
+ "src/third_party/wycheproof_testvectors/x25519_test.txt",
"src/third_party/wycheproof_testvectors/xchacha20_poly1305_test.txt"
- ],
+ ],
"fips_fragments": [
- "src/crypto/fipsmodule/aes/aes.cc.inc",
- "src/crypto/fipsmodule/aes/aes_nohw.cc.inc",
- "src/crypto/fipsmodule/aes/cbc.cc.inc",
- "src/crypto/fipsmodule/aes/cfb.cc.inc",
- "src/crypto/fipsmodule/aes/ctr.cc.inc",
- "src/crypto/fipsmodule/aes/gcm.cc.inc",
- "src/crypto/fipsmodule/aes/gcm_nohw.cc.inc",
- "src/crypto/fipsmodule/aes/key_wrap.cc.inc",
- "src/crypto/fipsmodule/aes/mode_wrappers.cc.inc",
- "src/crypto/fipsmodule/aes/ofb.cc.inc",
- "src/crypto/fipsmodule/aes/polyval.cc.inc",
- "src/crypto/fipsmodule/bn/add.cc.inc",
- "src/crypto/fipsmodule/bn/asm/x86_64-gcc.cc.inc",
- "src/crypto/fipsmodule/bn/bn.cc.inc",
- "src/crypto/fipsmodule/bn/bytes.cc.inc",
- "src/crypto/fipsmodule/bn/cmp.cc.inc",
- "src/crypto/fipsmodule/bn/ctx.cc.inc",
- "src/crypto/fipsmodule/bn/div.cc.inc",
- "src/crypto/fipsmodule/bn/div_extra.cc.inc",
- "src/crypto/fipsmodule/bn/exponentiation.cc.inc",
- "src/crypto/fipsmodule/bn/gcd.cc.inc",
- "src/crypto/fipsmodule/bn/gcd_extra.cc.inc",
- "src/crypto/fipsmodule/bn/generic.cc.inc",
- "src/crypto/fipsmodule/bn/jacobi.cc.inc",
- "src/crypto/fipsmodule/bn/montgomery.cc.inc",
- "src/crypto/fipsmodule/bn/montgomery_inv.cc.inc",
- "src/crypto/fipsmodule/bn/mul.cc.inc",
- "src/crypto/fipsmodule/bn/prime.cc.inc",
- "src/crypto/fipsmodule/bn/random.cc.inc",
- "src/crypto/fipsmodule/bn/rsaz_exp.cc.inc",
- "src/crypto/fipsmodule/bn/shift.cc.inc",
- "src/crypto/fipsmodule/bn/sqrt.cc.inc",
- "src/crypto/fipsmodule/cipher/aead.cc.inc",
- "src/crypto/fipsmodule/cipher/cipher.cc.inc",
- "src/crypto/fipsmodule/cipher/e_aes.cc.inc",
- "src/crypto/fipsmodule/cipher/e_aesccm.cc.inc",
- "src/crypto/fipsmodule/cmac/cmac.cc.inc",
- "src/crypto/fipsmodule/dh/check.cc.inc",
- "src/crypto/fipsmodule/dh/dh.cc.inc",
- "src/crypto/fipsmodule/digest/digest.cc.inc",
- "src/crypto/fipsmodule/digest/digests.cc.inc",
- "src/crypto/fipsmodule/digestsign/digestsign.cc.inc",
- "src/crypto/fipsmodule/ec/ec.cc.inc",
- "src/crypto/fipsmodule/ec/ec_key.cc.inc",
- "src/crypto/fipsmodule/ec/ec_montgomery.cc.inc",
- "src/crypto/fipsmodule/ec/felem.cc.inc",
- "src/crypto/fipsmodule/ec/oct.cc.inc",
- "src/crypto/fipsmodule/ec/p224-64.cc.inc",
- "src/crypto/fipsmodule/ec/p256-nistz.cc.inc",
- "src/crypto/fipsmodule/ec/p256.cc.inc",
- "src/crypto/fipsmodule/ec/scalar.cc.inc",
- "src/crypto/fipsmodule/ec/simple.cc.inc",
- "src/crypto/fipsmodule/ec/simple_mul.cc.inc",
- "src/crypto/fipsmodule/ec/util.cc.inc",
- "src/crypto/fipsmodule/ec/wnaf.cc.inc",
- "src/crypto/fipsmodule/ecdh/ecdh.cc.inc",
- "src/crypto/fipsmodule/ecdsa/ecdsa.cc.inc",
- "src/crypto/fipsmodule/hkdf/hkdf.cc.inc",
- "src/crypto/fipsmodule/hmac/hmac.cc.inc",
- "src/crypto/fipsmodule/keccak/keccak.cc.inc",
- "src/crypto/fipsmodule/mldsa/mldsa.cc.inc",
- "src/crypto/fipsmodule/mlkem/mlkem.cc.inc",
- "src/crypto/fipsmodule/rand/ctrdrbg.cc.inc",
- "src/crypto/fipsmodule/rand/rand.cc.inc",
- "src/crypto/fipsmodule/rsa/blinding.cc.inc",
- "src/crypto/fipsmodule/rsa/padding.cc.inc",
- "src/crypto/fipsmodule/rsa/rsa.cc.inc",
- "src/crypto/fipsmodule/rsa/rsa_impl.cc.inc",
- "src/crypto/fipsmodule/self_check/fips.cc.inc",
- "src/crypto/fipsmodule/self_check/self_check.cc.inc",
- "src/crypto/fipsmodule/service_indicator/service_indicator.cc.inc",
- "src/crypto/fipsmodule/sha/sha1.cc.inc",
- "src/crypto/fipsmodule/sha/sha256.cc.inc",
- "src/crypto/fipsmodule/sha/sha512.cc.inc",
- "src/crypto/fipsmodule/slhdsa/fors.cc.inc",
- "src/crypto/fipsmodule/slhdsa/merkle.cc.inc",
- "src/crypto/fipsmodule/slhdsa/slhdsa.cc.inc",
- "src/crypto/fipsmodule/slhdsa/thash.cc.inc",
- "src/crypto/fipsmodule/slhdsa/wots.cc.inc",
+ "src/crypto/fipsmodule/aes/aes.cc.inc",
+ "src/crypto/fipsmodule/aes/aes_nohw.cc.inc",
+ "src/crypto/fipsmodule/aes/cbc.cc.inc",
+ "src/crypto/fipsmodule/aes/cfb.cc.inc",
+ "src/crypto/fipsmodule/aes/ctr.cc.inc",
+ "src/crypto/fipsmodule/aes/gcm.cc.inc",
+ "src/crypto/fipsmodule/aes/gcm_nohw.cc.inc",
+ "src/crypto/fipsmodule/aes/key_wrap.cc.inc",
+ "src/crypto/fipsmodule/aes/mode_wrappers.cc.inc",
+ "src/crypto/fipsmodule/aes/ofb.cc.inc",
+ "src/crypto/fipsmodule/bn/add.cc.inc",
+ "src/crypto/fipsmodule/bn/asm/x86_64-gcc.cc.inc",
+ "src/crypto/fipsmodule/bn/bn.cc.inc",
+ "src/crypto/fipsmodule/bn/bytes.cc.inc",
+ "src/crypto/fipsmodule/bn/cmp.cc.inc",
+ "src/crypto/fipsmodule/bn/ctx.cc.inc",
+ "src/crypto/fipsmodule/bn/div.cc.inc",
+ "src/crypto/fipsmodule/bn/div_extra.cc.inc",
+ "src/crypto/fipsmodule/bn/exponentiation.cc.inc",
+ "src/crypto/fipsmodule/bn/gcd.cc.inc",
+ "src/crypto/fipsmodule/bn/gcd_extra.cc.inc",
+ "src/crypto/fipsmodule/bn/generic.cc.inc",
+ "src/crypto/fipsmodule/bn/jacobi.cc.inc",
+ "src/crypto/fipsmodule/bn/montgomery.cc.inc",
+ "src/crypto/fipsmodule/bn/montgomery_inv.cc.inc",
+ "src/crypto/fipsmodule/bn/mul.cc.inc",
+ "src/crypto/fipsmodule/bn/prime.cc.inc",
+ "src/crypto/fipsmodule/bn/random.cc.inc",
+ "src/crypto/fipsmodule/bn/rsaz_exp.cc.inc",
+ "src/crypto/fipsmodule/bn/shift.cc.inc",
+ "src/crypto/fipsmodule/bn/sqrt.cc.inc",
+ "src/crypto/fipsmodule/cipher/aead.cc.inc",
+ "src/crypto/fipsmodule/cipher/cipher.cc.inc",
+ "src/crypto/fipsmodule/cipher/e_aes.cc.inc",
+ "src/crypto/fipsmodule/cipher/e_aesccm.cc.inc",
+ "src/crypto/fipsmodule/cmac/cmac.cc.inc",
+ "src/crypto/fipsmodule/dh/check.cc.inc",
+ "src/crypto/fipsmodule/dh/dh.cc.inc",
+ "src/crypto/fipsmodule/digest/digest.cc.inc",
+ "src/crypto/fipsmodule/digest/digests.cc.inc",
+ "src/crypto/fipsmodule/digestsign/digestsign.cc.inc",
+ "src/crypto/fipsmodule/ec/ec.cc.inc",
+ "src/crypto/fipsmodule/ec/ec_key.cc.inc",
+ "src/crypto/fipsmodule/ec/ec_montgomery.cc.inc",
+ "src/crypto/fipsmodule/ec/felem.cc.inc",
+ "src/crypto/fipsmodule/ec/oct.cc.inc",
+ "src/crypto/fipsmodule/ec/p224-64.cc.inc",
+ "src/crypto/fipsmodule/ec/p256-nistz.cc.inc",
+ "src/crypto/fipsmodule/ec/p256.cc.inc",
+ "src/crypto/fipsmodule/ec/scalar.cc.inc",
+ "src/crypto/fipsmodule/ec/simple.cc.inc",
+ "src/crypto/fipsmodule/ec/simple_mul.cc.inc",
+ "src/crypto/fipsmodule/ec/util.cc.inc",
+ "src/crypto/fipsmodule/ec/wnaf.cc.inc",
+ "src/crypto/fipsmodule/ecdh/ecdh.cc.inc",
+ "src/crypto/fipsmodule/ecdsa/ecdsa.cc.inc",
+ "src/crypto/fipsmodule/hkdf/hkdf.cc.inc",
+ "src/crypto/fipsmodule/hmac/hmac.cc.inc",
+ "src/crypto/fipsmodule/keccak/keccak.cc.inc",
+ "src/crypto/fipsmodule/mldsa/fips_known_values.inc",
+ "src/crypto/fipsmodule/mldsa/mldsa.cc.inc",
+ "src/crypto/fipsmodule/mlkem/fips_known_values.inc",
+ "src/crypto/fipsmodule/mlkem/mlkem.cc.inc",
+ "src/crypto/fipsmodule/rand/ctrdrbg.cc.inc",
+ "src/crypto/fipsmodule/rand/rand.cc.inc",
+ "src/crypto/fipsmodule/rsa/blinding.cc.inc",
+ "src/crypto/fipsmodule/rsa/padding.cc.inc",
+ "src/crypto/fipsmodule/rsa/rsa.cc.inc",
+ "src/crypto/fipsmodule/rsa/rsa_impl.cc.inc",
+ "src/crypto/fipsmodule/self_check/fips.cc.inc",
+ "src/crypto/fipsmodule/self_check/self_check.cc.inc",
+ "src/crypto/fipsmodule/service_indicator/service_indicator.cc.inc",
+ "src/crypto/fipsmodule/sha/sha1.cc.inc",
+ "src/crypto/fipsmodule/sha/sha256.cc.inc",
+ "src/crypto/fipsmodule/sha/sha512.cc.inc",
+ "src/crypto/fipsmodule/slhdsa/fips_known_values.inc",
+ "src/crypto/fipsmodule/slhdsa/fors.cc.inc",
+ "src/crypto/fipsmodule/slhdsa/merkle.cc.inc",
+ "src/crypto/fipsmodule/slhdsa/slhdsa.cc.inc",
+ "src/crypto/fipsmodule/slhdsa/thash.cc.inc",
+ "src/crypto/fipsmodule/slhdsa/wots.cc.inc",
"src/crypto/fipsmodule/tls/kdf.cc.inc"
- ],
+ ],
"fuzz": [
- "src/fuzz/arm_cpuinfo.cc",
- "src/fuzz/bn_div.cc",
- "src/fuzz/bn_mod_exp.cc",
- "src/fuzz/cert.cc",
- "src/fuzz/client.cc",
- "src/fuzz/conf.cc",
- "src/fuzz/crl_getcrlstatusforcert_fuzzer.cc",
- "src/fuzz/crl_parse_crl_certificatelist_fuzzer.cc",
- "src/fuzz/crl_parse_crl_tbscertlist_fuzzer.cc",
- "src/fuzz/crl_parse_issuing_distribution_point_fuzzer.cc",
- "src/fuzz/decode_client_hello_inner.cc",
- "src/fuzz/der_roundtrip.cc",
- "src/fuzz/dtls_client.cc",
- "src/fuzz/dtls_server.cc",
- "src/fuzz/ocsp_parse_ocsp_cert_id_fuzzer.cc",
- "src/fuzz/ocsp_parse_ocsp_response_data_fuzzer.cc",
- "src/fuzz/ocsp_parse_ocsp_response_fuzzer.cc",
- "src/fuzz/ocsp_parse_ocsp_single_response_fuzzer.cc",
- "src/fuzz/parse_authority_key_identifier_fuzzer.cc",
- "src/fuzz/parse_certificate_fuzzer.cc",
- "src/fuzz/parse_crldp_fuzzer.cc",
- "src/fuzz/pkcs12.cc",
- "src/fuzz/pkcs8.cc",
- "src/fuzz/privkey.cc",
- "src/fuzz/read_pem.cc",
- "src/fuzz/server.cc",
- "src/fuzz/session.cc",
- "src/fuzz/spki.cc",
- "src/fuzz/ssl_ctx_api.cc",
- "src/fuzz/verify_name_match_fuzzer.cc",
- "src/fuzz/verify_name_match_normalizename_fuzzer.cc",
+ "src/fuzz/arm_cpuinfo.cc",
+ "src/fuzz/bn_div.cc",
+ "src/fuzz/bn_mod_exp.cc",
+ "src/fuzz/cert.cc",
+ "src/fuzz/client.cc",
+ "src/fuzz/client_no_fuzzer_mode.cc",
+ "src/fuzz/conf.cc",
+ "src/fuzz/crl_getcrlstatusforcert_fuzzer.cc",
+ "src/fuzz/crl_parse_crl_certificatelist_fuzzer.cc",
+ "src/fuzz/crl_parse_crl_tbscertlist_fuzzer.cc",
+ "src/fuzz/crl_parse_issuing_distribution_point_fuzzer.cc",
+ "src/fuzz/decode_client_hello_inner.cc",
+ "src/fuzz/der_roundtrip.cc",
+ "src/fuzz/dtls_client.cc",
+ "src/fuzz/dtls_server.cc",
+ "src/fuzz/ocsp_parse_ocsp_cert_id_fuzzer.cc",
+ "src/fuzz/ocsp_parse_ocsp_response_data_fuzzer.cc",
+ "src/fuzz/ocsp_parse_ocsp_response_fuzzer.cc",
+ "src/fuzz/ocsp_parse_ocsp_single_response_fuzzer.cc",
+ "src/fuzz/parse_authority_key_identifier_fuzzer.cc",
+ "src/fuzz/parse_certificate_fuzzer.cc",
+ "src/fuzz/parse_crldp_fuzzer.cc",
+ "src/fuzz/pkcs12.cc",
+ "src/fuzz/pkcs8.cc",
+ "src/fuzz/privkey.cc",
+ "src/fuzz/read_pem.cc",
+ "src/fuzz/server.cc",
+ "src/fuzz/server_no_fuzzer_mode.cc",
+ "src/fuzz/session.cc",
+ "src/fuzz/spki.cc",
+ "src/fuzz/ssl_ctx_api.cc",
+ "src/fuzz/verify_name_match_fuzzer.cc",
+ "src/fuzz/verify_name_match_normalizename_fuzzer.cc",
"src/fuzz/verify_name_match_verifynameinsubtree_fuzzer.cc"
- ],
+ ],
"pki": [
- "src/pki/cert_error_id.cc",
- "src/pki/cert_error_params.cc",
- "src/pki/cert_errors.cc",
- "src/pki/cert_issuer_source_static.cc",
- "src/pki/certificate.cc",
- "src/pki/certificate_policies.cc",
- "src/pki/common_cert_errors.cc",
- "src/pki/crl.cc",
- "src/pki/encode_values.cc",
- "src/pki/extended_key_usage.cc",
- "src/pki/general_names.cc",
- "src/pki/input.cc",
- "src/pki/ip_util.cc",
- "src/pki/name_constraints.cc",
- "src/pki/ocsp.cc",
- "src/pki/parse_certificate.cc",
- "src/pki/parse_name.cc",
- "src/pki/parse_values.cc",
- "src/pki/parsed_certificate.cc",
- "src/pki/parser.cc",
- "src/pki/path_builder.cc",
- "src/pki/pem.cc",
- "src/pki/revocation_util.cc",
- "src/pki/signature_algorithm.cc",
- "src/pki/simple_path_builder_delegate.cc",
- "src/pki/string_util.cc",
- "src/pki/trust_store.cc",
- "src/pki/trust_store_collection.cc",
- "src/pki/trust_store_in_memory.cc",
- "src/pki/verify.cc",
- "src/pki/verify_certificate_chain.cc",
- "src/pki/verify_error.cc",
- "src/pki/verify_name_match.cc",
+ "src/pki/cert_error_id.cc",
+ "src/pki/cert_error_params.cc",
+ "src/pki/cert_errors.cc",
+ "src/pki/cert_issuer_source_static.cc",
+ "src/pki/certificate.cc",
+ "src/pki/certificate_policies.cc",
+ "src/pki/common_cert_errors.cc",
+ "src/pki/crl.cc",
+ "src/pki/encode_values.cc",
+ "src/pki/extended_key_usage.cc",
+ "src/pki/general_names.cc",
+ "src/pki/input.cc",
+ "src/pki/ip_util.cc",
+ "src/pki/name_constraints.cc",
+ "src/pki/ocsp.cc",
+ "src/pki/parse_certificate.cc",
+ "src/pki/parse_name.cc",
+ "src/pki/parse_values.cc",
+ "src/pki/parsed_certificate.cc",
+ "src/pki/parser.cc",
+ "src/pki/path_builder.cc",
+ "src/pki/pem.cc",
+ "src/pki/revocation_util.cc",
+ "src/pki/signature_algorithm.cc",
+ "src/pki/simple_path_builder_delegate.cc",
+ "src/pki/string_util.cc",
+ "src/pki/trust_store.cc",
+ "src/pki/trust_store_collection.cc",
+ "src/pki/trust_store_in_memory.cc",
+ "src/pki/verify.cc",
+ "src/pki/verify_certificate_chain.cc",
+ "src/pki/verify_error.cc",
+ "src/pki/verify_name_match.cc",
"src/pki/verify_signed_data.cc"
- ],
+ ],
"pki_headers": [
- "src/include/openssl/pki/certificate.h",
- "src/include/openssl/pki/ocsp.h",
- "src/include/openssl/pki/signature_verify_cache.h",
- "src/include/openssl/pki/verify.h",
+ "src/include/openssl/pki/certificate.h",
+ "src/include/openssl/pki/ocsp.h",
+ "src/include/openssl/pki/signature_verify_cache.h",
+ "src/include/openssl/pki/verify.h",
"src/include/openssl/pki/verify_error.h"
- ],
+ ],
"pki_internal_headers": [
- "src/pki/cert_error_id.h",
- "src/pki/cert_error_params.h",
- "src/pki/cert_errors.h",
- "src/pki/cert_issuer_source.h",
- "src/pki/cert_issuer_source_static.h",
- "src/pki/cert_issuer_source_sync_unittest.h",
- "src/pki/certificate_policies.h",
- "src/pki/common_cert_errors.h",
- "src/pki/crl.h",
- "src/pki/encode_values.h",
- "src/pki/extended_key_usage.h",
- "src/pki/general_names.h",
- "src/pki/input.h",
- "src/pki/ip_util.h",
- "src/pki/mock_signature_verify_cache.h",
- "src/pki/name_constraints.h",
- "src/pki/nist_pkits_unittest.h",
- "src/pki/ocsp.h",
- "src/pki/parse_certificate.h",
- "src/pki/parse_name.h",
- "src/pki/parse_values.h",
- "src/pki/parsed_certificate.h",
- "src/pki/parser.h",
- "src/pki/path_builder.h",
- "src/pki/pem.h",
- "src/pki/revocation_util.h",
- "src/pki/signature_algorithm.h",
- "src/pki/simple_path_builder_delegate.h",
- "src/pki/string_util.h",
- "src/pki/test_helpers.h",
- "src/pki/testdata/nist-pkits/pkits_testcases-inl.h",
- "src/pki/trust_store.h",
- "src/pki/trust_store_collection.h",
- "src/pki/trust_store_in_memory.h",
- "src/pki/verify_certificate_chain.h",
- "src/pki/verify_certificate_chain_typed_unittest.h",
- "src/pki/verify_name_match.h",
+ "src/pki/cert_error_id.h",
+ "src/pki/cert_error_params.h",
+ "src/pki/cert_errors.h",
+ "src/pki/cert_issuer_source.h",
+ "src/pki/cert_issuer_source_static.h",
+ "src/pki/cert_issuer_source_sync_unittest.h",
+ "src/pki/certificate_policies.h",
+ "src/pki/common_cert_errors.h",
+ "src/pki/crl.h",
+ "src/pki/encode_values.h",
+ "src/pki/extended_key_usage.h",
+ "src/pki/general_names.h",
+ "src/pki/input.h",
+ "src/pki/ip_util.h",
+ "src/pki/mock_signature_verify_cache.h",
+ "src/pki/name_constraints.h",
+ "src/pki/nist_pkits_unittest.h",
+ "src/pki/ocsp.h",
+ "src/pki/parse_certificate.h",
+ "src/pki/parse_name.h",
+ "src/pki/parse_values.h",
+ "src/pki/parsed_certificate.h",
+ "src/pki/parser.h",
+ "src/pki/path_builder.h",
+ "src/pki/pem.h",
+ "src/pki/revocation_util.h",
+ "src/pki/signature_algorithm.h",
+ "src/pki/simple_path_builder_delegate.h",
+ "src/pki/string_util.h",
+ "src/pki/test_helpers.h",
+ "src/pki/testdata/nist-pkits/pkits_testcases-inl.h",
+ "src/pki/trust_store.h",
+ "src/pki/trust_store_collection.h",
+ "src/pki/trust_store_in_memory.h",
+ "src/pki/verify_certificate_chain.h",
+ "src/pki/verify_certificate_chain_typed_unittest.h",
+ "src/pki/verify_name_match.h",
"src/pki/verify_signed_data.h"
- ],
+ ],
"pki_test": [
- "src/crypto/test/gtest_main.cc",
- "src/pki/cert_issuer_source_static_unittest.cc",
- "src/pki/certificate_policies_unittest.cc",
- "src/pki/certificate_unittest.cc",
- "src/pki/crl_unittest.cc",
- "src/pki/encode_values_unittest.cc",
- "src/pki/extended_key_usage_unittest.cc",
- "src/pki/general_names_unittest.cc",
- "src/pki/input_unittest.cc",
- "src/pki/ip_util_unittest.cc",
- "src/pki/mock_signature_verify_cache.cc",
- "src/pki/name_constraints_unittest.cc",
- "src/pki/nist_pkits_unittest.cc",
- "src/pki/ocsp_unittest.cc",
- "src/pki/parse_certificate_unittest.cc",
- "src/pki/parse_name_unittest.cc",
- "src/pki/parse_values_unittest.cc",
- "src/pki/parsed_certificate_unittest.cc",
- "src/pki/parser_unittest.cc",
- "src/pki/path_builder_pkits_unittest.cc",
- "src/pki/path_builder_unittest.cc",
- "src/pki/path_builder_verify_certificate_chain_unittest.cc",
- "src/pki/pem_unittest.cc",
- "src/pki/signature_algorithm_unittest.cc",
- "src/pki/simple_path_builder_delegate_unittest.cc",
- "src/pki/string_util_unittest.cc",
- "src/pki/test_helpers.cc",
- "src/pki/trust_store_collection_unittest.cc",
- "src/pki/trust_store_in_memory_unittest.cc",
- "src/pki/verify_certificate_chain_pkits_unittest.cc",
- "src/pki/verify_certificate_chain_unittest.cc",
- "src/pki/verify_name_match_unittest.cc",
- "src/pki/verify_signed_data_unittest.cc",
+ "src/crypto/test/gtest_main.cc",
+ "src/pki/cert_issuer_source_static_unittest.cc",
+ "src/pki/certificate_policies_unittest.cc",
+ "src/pki/certificate_unittest.cc",
+ "src/pki/crl_unittest.cc",
+ "src/pki/encode_values_unittest.cc",
+ "src/pki/extended_key_usage_unittest.cc",
+ "src/pki/general_names_unittest.cc",
+ "src/pki/input_unittest.cc",
+ "src/pki/ip_util_unittest.cc",
+ "src/pki/mock_signature_verify_cache.cc",
+ "src/pki/name_constraints_unittest.cc",
+ "src/pki/nist_pkits_unittest.cc",
+ "src/pki/ocsp_unittest.cc",
+ "src/pki/parse_certificate_unittest.cc",
+ "src/pki/parse_name_unittest.cc",
+ "src/pki/parse_values_unittest.cc",
+ "src/pki/parsed_certificate_unittest.cc",
+ "src/pki/parser_unittest.cc",
+ "src/pki/path_builder_pkits_unittest.cc",
+ "src/pki/path_builder_unittest.cc",
+ "src/pki/path_builder_verify_certificate_chain_unittest.cc",
+ "src/pki/pem_unittest.cc",
+ "src/pki/signature_algorithm_unittest.cc",
+ "src/pki/simple_path_builder_delegate_unittest.cc",
+ "src/pki/string_util_unittest.cc",
+ "src/pki/test_helpers.cc",
+ "src/pki/trust_store_collection_unittest.cc",
+ "src/pki/trust_store_in_memory_unittest.cc",
+ "src/pki/verify_certificate_chain_pkits_unittest.cc",
+ "src/pki/verify_certificate_chain_unittest.cc",
+ "src/pki/verify_name_match_unittest.cc",
+ "src/pki/verify_signed_data_unittest.cc",
"src/pki/verify_unittest.cc"
- ],
+ ],
"pki_test_data": [
- "src/pki/testdata/cert_issuer_source_static_unittest/c1.pem",
- "src/pki/testdata/cert_issuer_source_static_unittest/c2.pem",
- "src/pki/testdata/cert_issuer_source_static_unittest/d.pem",
- "src/pki/testdata/cert_issuer_source_static_unittest/e1.pem",
- "src/pki/testdata/cert_issuer_source_static_unittest/e2.pem",
- "src/pki/testdata/cert_issuer_source_static_unittest/i1_1.pem",
- "src/pki/testdata/cert_issuer_source_static_unittest/i1_2.pem",
- "src/pki/testdata/cert_issuer_source_static_unittest/i2.pem",
- "src/pki/testdata/cert_issuer_source_static_unittest/i3_1.pem",
- "src/pki/testdata/cert_issuer_source_static_unittest/i3_2.pem",
- "src/pki/testdata/cert_issuer_source_static_unittest/root.pem",
- "src/pki/testdata/certificate_policies_unittest/anypolicy.pem",
- "src/pki/testdata/certificate_policies_unittest/anypolicy_with_qualifier.pem",
- "src/pki/testdata/certificate_policies_unittest/invalid-anypolicy_with_custom_qualifier.pem",
- "src/pki/testdata/certificate_policies_unittest/invalid-empty.pem",
- "src/pki/testdata/certificate_policies_unittest/invalid-policy_1_2_3_dupe.pem",
- "src/pki/testdata/certificate_policies_unittest/invalid-policy_1_2_3_policyinformation_unconsumed_data.pem",
- "src/pki/testdata/certificate_policies_unittest/invalid-policy_1_2_3_policyqualifierinfo_unconsumed_data.pem",
- "src/pki/testdata/certificate_policies_unittest/invalid-policy_1_2_3_with_empty_qualifiers_sequence.pem",
- "src/pki/testdata/certificate_policies_unittest/invalid-policy_identifier_not_oid.pem",
- "src/pki/testdata/certificate_policies_unittest/policy_1_2_3.pem",
- "src/pki/testdata/certificate_policies_unittest/policy_1_2_3_and_1_2_4.pem",
- "src/pki/testdata/certificate_policies_unittest/policy_1_2_3_and_1_2_4_with_qualifiers.pem",
- "src/pki/testdata/certificate_policies_unittest/policy_1_2_3_with_custom_qualifier.pem",
- "src/pki/testdata/certificate_policies_unittest/policy_1_2_3_with_qualifier.pem",
- "src/pki/testdata/crl_unittest/bad_crldp_has_crlissuer.pem",
- "src/pki/testdata/crl_unittest/bad_fake_critical_crlentryextension.pem",
- "src/pki/testdata/crl_unittest/bad_fake_critical_extension.pem",
- "src/pki/testdata/crl_unittest/bad_idp_contains_wrong_uri.pem",
- "src/pki/testdata/crl_unittest/bad_idp_indirectcrl.pem",
- "src/pki/testdata/crl_unittest/bad_idp_onlycontainscacerts.pem",
- "src/pki/testdata/crl_unittest/bad_idp_onlycontainscacerts_no_basic_constraints.pem",
- "src/pki/testdata/crl_unittest/bad_idp_onlycontainsusercerts.pem",
- "src/pki/testdata/crl_unittest/bad_idp_uri_and_onlycontainscacerts.pem",
- "src/pki/testdata/crl_unittest/bad_idp_uri_and_onlycontainsusercerts.pem",
- "src/pki/testdata/crl_unittest/bad_key_rollover_signature.pem",
- "src/pki/testdata/crl_unittest/bad_nextupdate_too_old.pem",
- "src/pki/testdata/crl_unittest/bad_signature.pem",
- "src/pki/testdata/crl_unittest/bad_thisupdate_in_future.pem",
- "src/pki/testdata/crl_unittest/bad_thisupdate_too_old.pem",
- "src/pki/testdata/crl_unittest/bad_wrong_issuer.pem",
- "src/pki/testdata/crl_unittest/good.pem",
- "src/pki/testdata/crl_unittest/good_fake_extension.pem",
- "src/pki/testdata/crl_unittest/good_fake_extension_no_nextupdate.pem",
- "src/pki/testdata/crl_unittest/good_generalizedtime.pem",
- "src/pki/testdata/crl_unittest/good_idp_contains_uri.pem",
- "src/pki/testdata/crl_unittest/good_idp_onlycontainscacerts.pem",
- "src/pki/testdata/crl_unittest/good_idp_onlycontainsusercerts.pem",
- "src/pki/testdata/crl_unittest/good_idp_onlycontainsusercerts_no_basic_constraints.pem",
- "src/pki/testdata/crl_unittest/good_idp_uri_and_onlycontainscacerts.pem",
- "src/pki/testdata/crl_unittest/good_idp_uri_and_onlycontainsusercerts.pem",
- "src/pki/testdata/crl_unittest/good_issuer_name_normalization.pem",
- "src/pki/testdata/crl_unittest/good_issuer_no_keyusage.pem",
- "src/pki/testdata/crl_unittest/good_key_rollover.pem",
- "src/pki/testdata/crl_unittest/good_no_crldp.pem",
- "src/pki/testdata/crl_unittest/good_no_nextupdate.pem",
- "src/pki/testdata/crl_unittest/good_no_version.pem",
- "src/pki/testdata/crl_unittest/invalid_garbage_after_crlentryextensions.pem",
- "src/pki/testdata/crl_unittest/invalid_garbage_after_extensions.pem",
- "src/pki/testdata/crl_unittest/invalid_garbage_after_nextupdate.pem",
- "src/pki/testdata/crl_unittest/invalid_garbage_after_revocationdate.pem",
- "src/pki/testdata/crl_unittest/invalid_garbage_after_revokedcerts.pem",
- "src/pki/testdata/crl_unittest/invalid_garbage_after_signaturevalue.pem",
- "src/pki/testdata/crl_unittest/invalid_garbage_after_thisupdate.pem",
- "src/pki/testdata/crl_unittest/invalid_garbage_crlentry.pem",
- "src/pki/testdata/crl_unittest/invalid_garbage_issuer_name.pem",
- "src/pki/testdata/crl_unittest/invalid_garbage_revocationdate.pem",
- "src/pki/testdata/crl_unittest/invalid_garbage_revoked_serial_number.pem",
- "src/pki/testdata/crl_unittest/invalid_garbage_signaturealgorithm.pem",
- "src/pki/testdata/crl_unittest/invalid_garbage_signaturevalue.pem",
- "src/pki/testdata/crl_unittest/invalid_garbage_tbs_signature_algorithm.pem",
- "src/pki/testdata/crl_unittest/invalid_garbage_tbscertlist.pem",
- "src/pki/testdata/crl_unittest/invalid_garbage_thisupdate.pem",
- "src/pki/testdata/crl_unittest/invalid_garbage_version.pem",
- "src/pki/testdata/crl_unittest/invalid_idp_dpname_choice_extra_data.pem",
- "src/pki/testdata/crl_unittest/invalid_idp_empty_sequence.pem",
- "src/pki/testdata/crl_unittest/invalid_idp_onlycontains_user_and_ca_certs.pem",
- "src/pki/testdata/crl_unittest/invalid_idp_onlycontainsusercerts_v1_leaf.pem",
- "src/pki/testdata/crl_unittest/invalid_issuer_keyusage_no_crlsign.pem",
- "src/pki/testdata/crl_unittest/invalid_key_rollover_issuer_keyusage_no_crlsign.pem",
- "src/pki/testdata/crl_unittest/invalid_mismatched_signature_algorithm.pem",
- "src/pki/testdata/crl_unittest/invalid_revoked_empty_sequence.pem",
- "src/pki/testdata/crl_unittest/invalid_v1_explicit.pem",
- "src/pki/testdata/crl_unittest/invalid_v1_with_crlentryextension.pem",
- "src/pki/testdata/crl_unittest/invalid_v1_with_extension.pem",
- "src/pki/testdata/crl_unittest/invalid_v3.pem",
- "src/pki/testdata/crl_unittest/revoked.pem",
- "src/pki/testdata/crl_unittest/revoked_fake_crlentryextension.pem",
- "src/pki/testdata/crl_unittest/revoked_generalized_revocationdate.pem",
- "src/pki/testdata/crl_unittest/revoked_key_rollover.pem",
- "src/pki/testdata/crl_unittest/revoked_no_nextupdate.pem",
- "src/pki/testdata/name_constraints_unittest/directoryname-excludeall.pem",
- "src/pki/testdata/name_constraints_unittest/directoryname-excluded.pem",
- "src/pki/testdata/name_constraints_unittest/directoryname.pem",
- "src/pki/testdata/name_constraints_unittest/directoryname_and_dnsname.pem",
- "src/pki/testdata/name_constraints_unittest/directoryname_and_dnsname_and_ipaddress.pem",
- "src/pki/testdata/name_constraints_unittest/dnsname-exclude_dot.pem",
- "src/pki/testdata/name_constraints_unittest/dnsname-excludeall.pem",
- "src/pki/testdata/name_constraints_unittest/dnsname-excluded.pem",
- "src/pki/testdata/name_constraints_unittest/dnsname-excluded_with_leading_dot.pem",
- "src/pki/testdata/name_constraints_unittest/dnsname-permitted_two_dot.pem",
- "src/pki/testdata/name_constraints_unittest/dnsname-permitted_with_leading_dot.pem",
- "src/pki/testdata/name_constraints_unittest/dnsname-with_max.pem",
- "src/pki/testdata/name_constraints_unittest/dnsname-with_min_0.pem",
- "src/pki/testdata/name_constraints_unittest/dnsname-with_min_0_and_max.pem",
- "src/pki/testdata/name_constraints_unittest/dnsname-with_min_1.pem",
- "src/pki/testdata/name_constraints_unittest/dnsname-with_min_1_and_max.pem",
- "src/pki/testdata/name_constraints_unittest/dnsname.pem",
- "src/pki/testdata/name_constraints_unittest/dnsname2.pem",
- "src/pki/testdata/name_constraints_unittest/edipartyname-excluded.pem",
- "src/pki/testdata/name_constraints_unittest/edipartyname-permitted.pem",
- "src/pki/testdata/name_constraints_unittest/invalid-empty_excluded_subtree.pem",
- "src/pki/testdata/name_constraints_unittest/invalid-empty_permitted_subtree.pem",
- "src/pki/testdata/name_constraints_unittest/invalid-no_subtrees.pem",
- "src/pki/testdata/name_constraints_unittest/ipaddress-excludeall.pem",
- "src/pki/testdata/name_constraints_unittest/ipaddress-excluded.pem",
- "src/pki/testdata/name_constraints_unittest/ipaddress-invalid_addr.pem",
- "src/pki/testdata/name_constraints_unittest/ipaddress-invalid_mask_not_contiguous_1.pem",
- "src/pki/testdata/name_constraints_unittest/ipaddress-invalid_mask_not_contiguous_2.pem",
- "src/pki/testdata/name_constraints_unittest/ipaddress-invalid_mask_not_contiguous_3.pem",
- "src/pki/testdata/name_constraints_unittest/ipaddress-invalid_mask_not_contiguous_4.pem",
- "src/pki/testdata/name_constraints_unittest/ipaddress-mapped_addrs.pem",
- "src/pki/testdata/name_constraints_unittest/ipaddress-permit_all.pem",
- "src/pki/testdata/name_constraints_unittest/ipaddress-permit_prefix1.pem",
- "src/pki/testdata/name_constraints_unittest/ipaddress-permit_prefix31.pem",
- "src/pki/testdata/name_constraints_unittest/ipaddress-permit_singlehost.pem",
- "src/pki/testdata/name_constraints_unittest/ipaddress.pem",
- "src/pki/testdata/name_constraints_unittest/name-ca.pem",
- "src/pki/testdata/name_constraints_unittest/name-de.pem",
- "src/pki/testdata/name_constraints_unittest/name-empty.pem",
- "src/pki/testdata/name_constraints_unittest/name-jp-tokyo.pem",
- "src/pki/testdata/name_constraints_unittest/name-jp.pem",
- "src/pki/testdata/name_constraints_unittest/name-us-arizona-1.1.1.1.pem",
- "src/pki/testdata/name_constraints_unittest/name-us-arizona-192.168.1.1.pem",
- "src/pki/testdata/name_constraints_unittest/name-us-arizona-email-invalidstring.pem",
- "src/pki/testdata/name_constraints_unittest/name-us-arizona-email-localpartcase.pem",
- "src/pki/testdata/name_constraints_unittest/name-us-arizona-email-multiple.pem",
- "src/pki/testdata/name_constraints_unittest/name-us-arizona-email.pem",
- "src/pki/testdata/name_constraints_unittest/name-us-arizona-foo.com.pem",
- "src/pki/testdata/name_constraints_unittest/name-us-arizona-ipv6.pem",
- "src/pki/testdata/name_constraints_unittest/name-us-arizona-permitted.example.com.pem",
- "src/pki/testdata/name_constraints_unittest/name-us-arizona.pem",
- "src/pki/testdata/name_constraints_unittest/name-us-california-192.168.1.1.pem",
- "src/pki/testdata/name_constraints_unittest/name-us-california-mountain_view.pem",
- "src/pki/testdata/name_constraints_unittest/name-us-california-permitted.example.com.pem",
- "src/pki/testdata/name_constraints_unittest/name-us-california.pem",
- "src/pki/testdata/name_constraints_unittest/name-us.pem",
- "src/pki/testdata/name_constraints_unittest/othername-excluded.pem",
- "src/pki/testdata/name_constraints_unittest/othername-permitted.pem",
- "src/pki/testdata/name_constraints_unittest/registeredid-excluded.pem",
- "src/pki/testdata/name_constraints_unittest/registeredid-permitted.pem",
- "src/pki/testdata/name_constraints_unittest/rfc822name-excluded-empty.pem",
- "src/pki/testdata/name_constraints_unittest/rfc822name-excluded-hostname.pem",
- "src/pki/testdata/name_constraints_unittest/rfc822name-excluded-hostnamewithat.pem",
- "src/pki/testdata/name_constraints_unittest/rfc822name-excluded-ipv4.pem",
- "src/pki/testdata/name_constraints_unittest/rfc822name-excluded-quoted.pem",
- "src/pki/testdata/name_constraints_unittest/rfc822name-excluded-subdomains.pem",
- "src/pki/testdata/name_constraints_unittest/rfc822name-excluded.pem",
- "src/pki/testdata/name_constraints_unittest/rfc822name-permitted-empty.pem",
- "src/pki/testdata/name_constraints_unittest/rfc822name-permitted-hostname.pem",
- "src/pki/testdata/name_constraints_unittest/rfc822name-permitted-hostnamewithat.pem",
- "src/pki/testdata/name_constraints_unittest/rfc822name-permitted-ipv4.pem",
- "src/pki/testdata/name_constraints_unittest/rfc822name-permitted-quoted.pem",
- "src/pki/testdata/name_constraints_unittest/rfc822name-permitted-subdomains.pem",
- "src/pki/testdata/name_constraints_unittest/rfc822name-permitted.pem",
- "src/pki/testdata/name_constraints_unittest/san-directoryname.pem",
- "src/pki/testdata/name_constraints_unittest/san-dnsname.pem",
- "src/pki/testdata/name_constraints_unittest/san-edipartyname.pem",
- "src/pki/testdata/name_constraints_unittest/san-excluded-directoryname.pem",
- "src/pki/testdata/name_constraints_unittest/san-excluded-dnsname.pem",
- "src/pki/testdata/name_constraints_unittest/san-excluded-ipaddress.pem",
- "src/pki/testdata/name_constraints_unittest/san-invalid-empty.pem",
- "src/pki/testdata/name_constraints_unittest/san-invalid-ipaddress.pem",
- "src/pki/testdata/name_constraints_unittest/san-ipaddress4.pem",
- "src/pki/testdata/name_constraints_unittest/san-ipaddress6.pem",
- "src/pki/testdata/name_constraints_unittest/san-othername.pem",
- "src/pki/testdata/name_constraints_unittest/san-permitted.pem",
- "src/pki/testdata/name_constraints_unittest/san-registeredid.pem",
- "src/pki/testdata/name_constraints_unittest/san-rfc822name-domaincase.pem",
- "src/pki/testdata/name_constraints_unittest/san-rfc822name-empty-localpart.pem",
- "src/pki/testdata/name_constraints_unittest/san-rfc822name-empty.pem",
- "src/pki/testdata/name_constraints_unittest/san-rfc822name-ipv4.pem",
- "src/pki/testdata/name_constraints_unittest/san-rfc822name-localpartcase.pem",
- "src/pki/testdata/name_constraints_unittest/san-rfc822name-multiple.pem",
- "src/pki/testdata/name_constraints_unittest/san-rfc822name-no-at.pem",
- "src/pki/testdata/name_constraints_unittest/san-rfc822name-quoted.pem",
- "src/pki/testdata/name_constraints_unittest/san-rfc822name-subdomain-no-at.pem",
- "src/pki/testdata/name_constraints_unittest/san-rfc822name-subdomain-two-ats.pem",
- "src/pki/testdata/name_constraints_unittest/san-rfc822name-subdomain.pem",
- "src/pki/testdata/name_constraints_unittest/san-rfc822name-subdomaincase.pem",
- "src/pki/testdata/name_constraints_unittest/san-rfc822name-two-ats.pem",
- "src/pki/testdata/name_constraints_unittest/san-rfc822name.pem",
- "src/pki/testdata/name_constraints_unittest/san-uri.pem",
- "src/pki/testdata/name_constraints_unittest/san-x400address.pem",
- "src/pki/testdata/name_constraints_unittest/uri-excluded.pem",
- "src/pki/testdata/name_constraints_unittest/uri-permitted.pem",
- "src/pki/testdata/name_constraints_unittest/x400address-excluded.pem",
- "src/pki/testdata/name_constraints_unittest/x400address-permitted.pem",
- "src/pki/testdata/nist-pkits/certs/AllCertificatesNoPoliciesTest2EE.crt",
- "src/pki/testdata/nist-pkits/certs/AllCertificatesSamePoliciesTest10EE.crt",
- "src/pki/testdata/nist-pkits/certs/AllCertificatesSamePoliciesTest13EE.crt",
- "src/pki/testdata/nist-pkits/certs/AllCertificatesanyPolicyTest11EE.crt",
- "src/pki/testdata/nist-pkits/certs/AnyPolicyTest14EE.crt",
- "src/pki/testdata/nist-pkits/certs/BadCRLIssuerNameCACert.crt",
- "src/pki/testdata/nist-pkits/certs/BadCRLSignatureCACert.crt",
- "src/pki/testdata/nist-pkits/certs/BadSignedCACert.crt",
- "src/pki/testdata/nist-pkits/certs/BadnotAfterDateCACert.crt",
- "src/pki/testdata/nist-pkits/certs/BadnotBeforeDateCACert.crt",
- "src/pki/testdata/nist-pkits/certs/BasicSelfIssuedCRLSigningKeyCACert.crt",
- "src/pki/testdata/nist-pkits/certs/BasicSelfIssuedCRLSigningKeyCRLCert.crt",
- "src/pki/testdata/nist-pkits/certs/BasicSelfIssuedNewKeyCACert.crt",
- "src/pki/testdata/nist-pkits/certs/BasicSelfIssuedNewKeyOldWithNewCACert.crt",
- "src/pki/testdata/nist-pkits/certs/BasicSelfIssuedOldKeyCACert.crt",
- "src/pki/testdata/nist-pkits/certs/BasicSelfIssuedOldKeyNewWithOldCACert.crt",
- "src/pki/testdata/nist-pkits/certs/CPSPointerQualifierTest20EE.crt",
- "src/pki/testdata/nist-pkits/certs/DSACACert.crt",
- "src/pki/testdata/nist-pkits/certs/DSAParametersInheritedCACert.crt",
- "src/pki/testdata/nist-pkits/certs/DifferentPoliciesTest12EE.crt",
- "src/pki/testdata/nist-pkits/certs/DifferentPoliciesTest3EE.crt",
- "src/pki/testdata/nist-pkits/certs/DifferentPoliciesTest4EE.crt",
- "src/pki/testdata/nist-pkits/certs/DifferentPoliciesTest5EE.crt",
- "src/pki/testdata/nist-pkits/certs/DifferentPoliciesTest7EE.crt",
- "src/pki/testdata/nist-pkits/certs/DifferentPoliciesTest8EE.crt",
- "src/pki/testdata/nist-pkits/certs/DifferentPoliciesTest9EE.crt",
- "src/pki/testdata/nist-pkits/certs/GeneralizedTimeCRLnextUpdateCACert.crt",
- "src/pki/testdata/nist-pkits/certs/GoodCACert.crt",
- "src/pki/testdata/nist-pkits/certs/GoodsubCACert.crt",
- "src/pki/testdata/nist-pkits/certs/GoodsubCAPanyPolicyMapping1to2CACert.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidBadCRLIssuerNameTest5EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidBadCRLSignatureTest4EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidBasicSelfIssuedCRLSigningKeyTest7EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidBasicSelfIssuedCRLSigningKeyTest8EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidBasicSelfIssuedNewWithOldTest5EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidBasicSelfIssuedOldWithNewTest2EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidCASignatureTest2EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidCAnotAfterDateTest5EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidCAnotBeforeDateTest1EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidDNSnameConstraintsTest31EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidDNSnameConstraintsTest33EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidDNSnameConstraintsTest38EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidDNandRFC822nameConstraintsTest28EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidDNandRFC822nameConstraintsTest29EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest10EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest12EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest13EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest15EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest16EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest17EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest20EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest2EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest3EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest7EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest8EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest9EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidDSASignatureTest6EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidEESignatureTest3EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidEEnotAfterDateTest6EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidEEnotBeforeDateTest2EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidIDPwithindirectCRLTest23EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidIDPwithindirectCRLTest26EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidLongSerialNumberTest18EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidMappingFromanyPolicyTest7EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidMappingToanyPolicyTest8EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidMissingCRLTest1EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidMissingbasicConstraintsTest1EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidNameChainingOrderTest2EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidNameChainingTest1EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidNegativeSerialNumberTest15EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidOldCRLnextUpdateTest11EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidPolicyMappingTest10EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidPolicyMappingTest2EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidPolicyMappingTest4EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidRFC822nameConstraintsTest22EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidRFC822nameConstraintsTest24EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidRFC822nameConstraintsTest26EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidRevokedCATest2EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidRevokedEETest3EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidSelfIssuedinhibitAnyPolicyTest10EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidSelfIssuedinhibitAnyPolicyTest8EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidSelfIssuedinhibitPolicyMappingTest10EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidSelfIssuedinhibitPolicyMappingTest11EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidSelfIssuedinhibitPolicyMappingTest8EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidSelfIssuedinhibitPolicyMappingTest9EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidSelfIssuedpathLenConstraintTest16EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidSelfIssuedrequireExplicitPolicyTest7EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidSelfIssuedrequireExplicitPolicyTest8EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidSeparateCertificateandCRLKeysTest20EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidSeparateCertificateandCRLKeysTest21EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidURInameConstraintsTest35EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidURInameConstraintsTest37EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidUnknownCRLEntryExtensionTest8EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidUnknownCRLExtensionTest10EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidUnknownCRLExtensionTest9EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidUnknownCriticalCertificateExtensionTest2EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidWrongCRLTest6EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidcAFalseTest2EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidcAFalseTest3EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidcRLIssuerTest27EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidcRLIssuerTest31EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidcRLIssuerTest32EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidcRLIssuerTest34EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidcRLIssuerTest35EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvaliddeltaCRLIndicatorNoBaseTest1EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvaliddeltaCRLTest10EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvaliddeltaCRLTest3EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvaliddeltaCRLTest4EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvaliddeltaCRLTest6EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvaliddeltaCRLTest9EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvaliddistributionPointTest2EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvaliddistributionPointTest3EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvaliddistributionPointTest6EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvaliddistributionPointTest8EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvaliddistributionPointTest9EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidinhibitAnyPolicyTest1EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidinhibitAnyPolicyTest4EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidinhibitAnyPolicyTest5EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidinhibitAnyPolicyTest6EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidinhibitPolicyMappingTest1EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidinhibitPolicyMappingTest3EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidinhibitPolicyMappingTest5EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidinhibitPolicyMappingTest6EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidkeyUsageCriticalcRLSignFalseTest4EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidkeyUsageCriticalkeyCertSignFalseTest1EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidkeyUsageNotCriticalcRLSignFalseTest5EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidkeyUsageNotCriticalkeyCertSignFalseTest2EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidonlyContainsAttributeCertsTest14EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidonlyContainsCACertsTest12EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidonlyContainsUserCertsTest11EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidonlySomeReasonsTest15EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidonlySomeReasonsTest16EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidonlySomeReasonsTest17EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidonlySomeReasonsTest20EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidonlySomeReasonsTest21EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidpathLenConstraintTest10EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidpathLenConstraintTest11EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidpathLenConstraintTest12EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidpathLenConstraintTest5EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidpathLenConstraintTest6EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidpathLenConstraintTest9EE.crt",
- "src/pki/testdata/nist-pkits/certs/Invalidpre2000CRLnextUpdateTest12EE.crt",
- "src/pki/testdata/nist-pkits/certs/Invalidpre2000UTCEEnotAfterDateTest7EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidrequireExplicitPolicyTest3EE.crt",
- "src/pki/testdata/nist-pkits/certs/InvalidrequireExplicitPolicyTest5EE.crt",
- "src/pki/testdata/nist-pkits/certs/LongSerialNumberCACert.crt",
- "src/pki/testdata/nist-pkits/certs/Mapping1to2CACert.crt",
- "src/pki/testdata/nist-pkits/certs/MappingFromanyPolicyCACert.crt",
- "src/pki/testdata/nist-pkits/certs/MappingToanyPolicyCACert.crt",
- "src/pki/testdata/nist-pkits/certs/MissingbasicConstraintsCACert.crt",
- "src/pki/testdata/nist-pkits/certs/NameOrderingCACert.crt",
- "src/pki/testdata/nist-pkits/certs/NegativeSerialNumberCACert.crt",
- "src/pki/testdata/nist-pkits/certs/NoCRLCACert.crt",
- "src/pki/testdata/nist-pkits/certs/NoPoliciesCACert.crt",
- "src/pki/testdata/nist-pkits/certs/NoissuingDistributionPointCACert.crt",
- "src/pki/testdata/nist-pkits/certs/OldCRLnextUpdateCACert.crt",
- "src/pki/testdata/nist-pkits/certs/OverlappingPoliciesTest6EE.crt",
- "src/pki/testdata/nist-pkits/certs/P12Mapping1to3CACert.crt",
- "src/pki/testdata/nist-pkits/certs/P12Mapping1to3subCACert.crt",
- "src/pki/testdata/nist-pkits/certs/P12Mapping1to3subsubCACert.crt",
- "src/pki/testdata/nist-pkits/certs/P1Mapping1to234CACert.crt",
- "src/pki/testdata/nist-pkits/certs/P1Mapping1to234subCACert.crt",
- "src/pki/testdata/nist-pkits/certs/P1anyPolicyMapping1to2CACert.crt",
- "src/pki/testdata/nist-pkits/certs/PanyPolicyMapping1to2CACert.crt",
- "src/pki/testdata/nist-pkits/certs/PoliciesP1234CACert.crt",
- "src/pki/testdata/nist-pkits/certs/PoliciesP1234subCAP123Cert.crt",
- "src/pki/testdata/nist-pkits/certs/PoliciesP1234subsubCAP123P12Cert.crt",
- "src/pki/testdata/nist-pkits/certs/PoliciesP123CACert.crt",
- "src/pki/testdata/nist-pkits/certs/PoliciesP123subCAP12Cert.crt",
- "src/pki/testdata/nist-pkits/certs/PoliciesP123subsubCAP12P1Cert.crt",
- "src/pki/testdata/nist-pkits/certs/PoliciesP123subsubCAP12P2Cert.crt",
- "src/pki/testdata/nist-pkits/certs/PoliciesP123subsubsubCAP12P2P1Cert.crt",
- "src/pki/testdata/nist-pkits/certs/PoliciesP12CACert.crt",
- "src/pki/testdata/nist-pkits/certs/PoliciesP12subCAP1Cert.crt",
- "src/pki/testdata/nist-pkits/certs/PoliciesP12subsubCAP1P2Cert.crt",
- "src/pki/testdata/nist-pkits/certs/PoliciesP2subCA2Cert.crt",
- "src/pki/testdata/nist-pkits/certs/PoliciesP2subCACert.crt",
- "src/pki/testdata/nist-pkits/certs/PoliciesP3CACert.crt",
- "src/pki/testdata/nist-pkits/certs/RFC3280MandatoryAttributeTypesCACert.crt",
- "src/pki/testdata/nist-pkits/certs/RFC3280OptionalAttributeTypesCACert.crt",
- "src/pki/testdata/nist-pkits/certs/RevokedsubCACert.crt",
- "src/pki/testdata/nist-pkits/certs/RolloverfromPrintableStringtoUTF8StringCACert.crt",
- "src/pki/testdata/nist-pkits/certs/SeparateCertificateandCRLKeysCA2CRLSigningCert.crt",
- "src/pki/testdata/nist-pkits/certs/SeparateCertificateandCRLKeysCA2CertificateSigningCACert.crt",
- "src/pki/testdata/nist-pkits/certs/SeparateCertificateandCRLKeysCRLSigningCert.crt",
- "src/pki/testdata/nist-pkits/certs/SeparateCertificateandCRLKeysCertificateSigningCACert.crt",
- "src/pki/testdata/nist-pkits/certs/TrustAnchorRootCertificate.crt",
- "src/pki/testdata/nist-pkits/certs/TwoCRLsCACert.crt",
- "src/pki/testdata/nist-pkits/certs/UIDCACert.crt",
- "src/pki/testdata/nist-pkits/certs/UTF8StringCaseInsensitiveMatchCACert.crt",
- "src/pki/testdata/nist-pkits/certs/UTF8StringEncodedNamesCACert.crt",
- "src/pki/testdata/nist-pkits/certs/UnknownCRLEntryExtensionCACert.crt",
- "src/pki/testdata/nist-pkits/certs/UnknownCRLExtensionCACert.crt",
- "src/pki/testdata/nist-pkits/certs/UserNoticeQualifierTest15EE.crt",
- "src/pki/testdata/nist-pkits/certs/UserNoticeQualifierTest16EE.crt",
- "src/pki/testdata/nist-pkits/certs/UserNoticeQualifierTest17EE.crt",
- "src/pki/testdata/nist-pkits/certs/UserNoticeQualifierTest18EE.crt",
- "src/pki/testdata/nist-pkits/certs/UserNoticeQualifierTest19EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidBasicSelfIssuedCRLSigningKeyTest6EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidBasicSelfIssuedNewWithOldTest3EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidBasicSelfIssuedNewWithOldTest4EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidBasicSelfIssuedOldWithNewTest1EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidCertificatePathTest1EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidDNSnameConstraintsTest30EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidDNSnameConstraintsTest32EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidDNandRFC822nameConstraintsTest27EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest11EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest14EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest18EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest19EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest1EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest4EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest5EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest6EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidDSAParameterInheritanceTest5EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidDSASignaturesTest4EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidGeneralizedTimeCRLnextUpdateTest13EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidGeneralizedTimenotAfterDateTest8EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidGeneralizedTimenotBeforeDateTest4EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidIDPwithindirectCRLTest22EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidIDPwithindirectCRLTest24EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidIDPwithindirectCRLTest25EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidLongSerialNumberTest16EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidLongSerialNumberTest17EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidNameChainingCapitalizationTest5EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidNameChainingWhitespaceTest3EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidNameChainingWhitespaceTest4EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidNameUIDsTest6EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidNegativeSerialNumberTest14EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidNoissuingDistributionPointTest10EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidPolicyMappingTest11EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidPolicyMappingTest12EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidPolicyMappingTest13EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidPolicyMappingTest14EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidPolicyMappingTest1EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidPolicyMappingTest3EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidPolicyMappingTest5EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidPolicyMappingTest6EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidPolicyMappingTest9EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidRFC3280MandatoryAttributeTypesTest7EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidRFC3280OptionalAttributeTypesTest8EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidRFC822nameConstraintsTest21EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidRFC822nameConstraintsTest23EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidRFC822nameConstraintsTest25EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidRolloverfromPrintableStringtoUTF8StringTest10EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidSelfIssuedinhibitAnyPolicyTest7EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidSelfIssuedinhibitAnyPolicyTest9EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidSelfIssuedinhibitPolicyMappingTest7EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidSelfIssuedpathLenConstraintTest15EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidSelfIssuedpathLenConstraintTest17EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidSelfIssuedrequireExplicitPolicyTest6EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidSeparateCertificateandCRLKeysTest19EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidTwoCRLsTest7EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidURInameConstraintsTest34EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidURInameConstraintsTest36EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidUTF8StringCaseInsensitiveMatchTest11EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidUTF8StringEncodedNamesTest9EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidUnknownNotCriticalCertificateExtensionTest1EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidbasicConstraintsNotCriticalTest4EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidcRLIssuerTest28EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidcRLIssuerTest29EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidcRLIssuerTest30EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidcRLIssuerTest33EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValiddeltaCRLTest2EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValiddeltaCRLTest5EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValiddeltaCRLTest7EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValiddeltaCRLTest8EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValiddistributionPointTest1EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValiddistributionPointTest4EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValiddistributionPointTest5EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValiddistributionPointTest7EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidinhibitAnyPolicyTest2EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidinhibitPolicyMappingTest2EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidinhibitPolicyMappingTest4EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidkeyUsageNotCriticalTest3EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidonlyContainsCACertsTest13EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidonlySomeReasonsTest18EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidonlySomeReasonsTest19EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidpathLenConstraintTest13EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidpathLenConstraintTest14EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidpathLenConstraintTest7EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidpathLenConstraintTest8EE.crt",
- "src/pki/testdata/nist-pkits/certs/Validpre2000UTCnotBeforeDateTest3EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidrequireExplicitPolicyTest1EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidrequireExplicitPolicyTest2EE.crt",
- "src/pki/testdata/nist-pkits/certs/ValidrequireExplicitPolicyTest4EE.crt",
- "src/pki/testdata/nist-pkits/certs/WrongCRLCACert.crt",
- "src/pki/testdata/nist-pkits/certs/anyPolicyCACert.crt",
- "src/pki/testdata/nist-pkits/certs/basicConstraintsCriticalcAFalseCACert.crt",
- "src/pki/testdata/nist-pkits/certs/basicConstraintsNotCriticalCACert.crt",
- "src/pki/testdata/nist-pkits/certs/basicConstraintsNotCriticalcAFalseCACert.crt",
- "src/pki/testdata/nist-pkits/certs/deltaCRLCA1Cert.crt",
- "src/pki/testdata/nist-pkits/certs/deltaCRLCA2Cert.crt",
- "src/pki/testdata/nist-pkits/certs/deltaCRLCA3Cert.crt",
- "src/pki/testdata/nist-pkits/certs/deltaCRLIndicatorNoBaseCACert.crt",
- "src/pki/testdata/nist-pkits/certs/distributionPoint1CACert.crt",
- "src/pki/testdata/nist-pkits/certs/distributionPoint2CACert.crt",
- "src/pki/testdata/nist-pkits/certs/indirectCRLCA1Cert.crt",
- "src/pki/testdata/nist-pkits/certs/indirectCRLCA2Cert.crt",
- "src/pki/testdata/nist-pkits/certs/indirectCRLCA3Cert.crt",
- "src/pki/testdata/nist-pkits/certs/indirectCRLCA3cRLIssuerCert.crt",
- "src/pki/testdata/nist-pkits/certs/indirectCRLCA4Cert.crt",
- "src/pki/testdata/nist-pkits/certs/indirectCRLCA4cRLIssuerCert.crt",
- "src/pki/testdata/nist-pkits/certs/indirectCRLCA5Cert.crt",
- "src/pki/testdata/nist-pkits/certs/indirectCRLCA6Cert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicy0CACert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicy1CACert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicy1SelfIssuedCACert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicy1SelfIssuedsubCA2Cert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicy1subCA1Cert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicy1subCA2Cert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicy1subCAIAP5Cert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicy1subsubCA2Cert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicy5CACert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicy5subCACert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicy5subsubCACert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicyTest3EE.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping0CACert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping0subCACert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P12CACert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P12subCACert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P12subCAIPM5Cert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P12subsubCACert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P12subsubCAIPM5Cert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P1CACert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P1SelfIssuedCACert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P1SelfIssuedsubCACert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P1subCACert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P1subsubCACert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping5CACert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping5subCACert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping5subsubCACert.crt",
- "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping5subsubsubCACert.crt",
- "src/pki/testdata/nist-pkits/certs/keyUsageCriticalcRLSignFalseCACert.crt",
- "src/pki/testdata/nist-pkits/certs/keyUsageCriticalkeyCertSignFalseCACert.crt",
- "src/pki/testdata/nist-pkits/certs/keyUsageNotCriticalCACert.crt",
- "src/pki/testdata/nist-pkits/certs/keyUsageNotCriticalcRLSignFalseCACert.crt",
- "src/pki/testdata/nist-pkits/certs/keyUsageNotCriticalkeyCertSignFalseCACert.crt",
- "src/pki/testdata/nist-pkits/certs/nameConstraintsDN1CACert.crt",
- "src/pki/testdata/nist-pkits/certs/nameConstraintsDN1SelfIssuedCACert.crt",
- "src/pki/testdata/nist-pkits/certs/nameConstraintsDN1subCA1Cert.crt",
- "src/pki/testdata/nist-pkits/certs/nameConstraintsDN1subCA2Cert.crt",
- "src/pki/testdata/nist-pkits/certs/nameConstraintsDN1subCA3Cert.crt",
- "src/pki/testdata/nist-pkits/certs/nameConstraintsDN2CACert.crt",
- "src/pki/testdata/nist-pkits/certs/nameConstraintsDN3CACert.crt",
- "src/pki/testdata/nist-pkits/certs/nameConstraintsDN3subCA1Cert.crt",
- "src/pki/testdata/nist-pkits/certs/nameConstraintsDN3subCA2Cert.crt",
- "src/pki/testdata/nist-pkits/certs/nameConstraintsDN4CACert.crt",
- "src/pki/testdata/nist-pkits/certs/nameConstraintsDN5CACert.crt",
- "src/pki/testdata/nist-pkits/certs/nameConstraintsDNS1CACert.crt",
- "src/pki/testdata/nist-pkits/certs/nameConstraintsDNS2CACert.crt",
- "src/pki/testdata/nist-pkits/certs/nameConstraintsRFC822CA1Cert.crt",
- "src/pki/testdata/nist-pkits/certs/nameConstraintsRFC822CA2Cert.crt",
- "src/pki/testdata/nist-pkits/certs/nameConstraintsRFC822CA3Cert.crt",
- "src/pki/testdata/nist-pkits/certs/nameConstraintsURI1CACert.crt",
- "src/pki/testdata/nist-pkits/certs/nameConstraintsURI2CACert.crt",
- "src/pki/testdata/nist-pkits/certs/onlyContainsAttributeCertsCACert.crt",
- "src/pki/testdata/nist-pkits/certs/onlyContainsCACertsCACert.crt",
- "src/pki/testdata/nist-pkits/certs/onlyContainsUserCertsCACert.crt",
- "src/pki/testdata/nist-pkits/certs/onlySomeReasonsCA1Cert.crt",
- "src/pki/testdata/nist-pkits/certs/onlySomeReasonsCA2Cert.crt",
- "src/pki/testdata/nist-pkits/certs/onlySomeReasonsCA3Cert.crt",
- "src/pki/testdata/nist-pkits/certs/onlySomeReasonsCA4Cert.crt",
- "src/pki/testdata/nist-pkits/certs/pathLenConstraint0CACert.crt",
- "src/pki/testdata/nist-pkits/certs/pathLenConstraint0SelfIssuedCACert.crt",
- "src/pki/testdata/nist-pkits/certs/pathLenConstraint0subCA2Cert.crt",
- "src/pki/testdata/nist-pkits/certs/pathLenConstraint0subCACert.crt",
- "src/pki/testdata/nist-pkits/certs/pathLenConstraint1CACert.crt",
- "src/pki/testdata/nist-pkits/certs/pathLenConstraint1SelfIssuedCACert.crt",
- "src/pki/testdata/nist-pkits/certs/pathLenConstraint1SelfIssuedsubCACert.crt",
- "src/pki/testdata/nist-pkits/certs/pathLenConstraint1subCACert.crt",
- "src/pki/testdata/nist-pkits/certs/pathLenConstraint6CACert.crt",
- "src/pki/testdata/nist-pkits/certs/pathLenConstraint6subCA0Cert.crt",
- "src/pki/testdata/nist-pkits/certs/pathLenConstraint6subCA1Cert.crt",
- "src/pki/testdata/nist-pkits/certs/pathLenConstraint6subCA4Cert.crt",
- "src/pki/testdata/nist-pkits/certs/pathLenConstraint6subsubCA00Cert.crt",
- "src/pki/testdata/nist-pkits/certs/pathLenConstraint6subsubCA11Cert.crt",
- "src/pki/testdata/nist-pkits/certs/pathLenConstraint6subsubCA41Cert.crt",
- "src/pki/testdata/nist-pkits/certs/pathLenConstraint6subsubsubCA11XCert.crt",
- "src/pki/testdata/nist-pkits/certs/pathLenConstraint6subsubsubCA41XCert.crt",
- "src/pki/testdata/nist-pkits/certs/pre2000CRLnextUpdateCACert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy0CACert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy0subCACert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy0subsubCACert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy0subsubsubCACert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy10CACert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy10subCACert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy10subsubCACert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy10subsubsubCACert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy2CACert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy2SelfIssuedCACert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy2SelfIssuedsubCACert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy2subCACert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy4CACert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy4subCACert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy4subsubCACert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy4subsubsubCACert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy5CACert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy5subCACert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy5subsubCACert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy5subsubsubCACert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy7CACert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy7subCARE2Cert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy7subsubCARE2RE4Cert.crt",
- "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy7subsubsubCARE2RE4Cert.crt",
- "src/pki/testdata/nist-pkits/crls/BadCRLIssuerNameCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/BadCRLSignatureCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/BadSignedCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/BadnotAfterDateCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/BadnotBeforeDateCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/BasicSelfIssuedCRLSigningKeyCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/BasicSelfIssuedCRLSigningKeyCRLCertCRL.crl",
- "src/pki/testdata/nist-pkits/crls/BasicSelfIssuedNewKeyCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/BasicSelfIssuedOldKeyCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/BasicSelfIssuedOldKeySelfIssuedCertCRL.crl",
- "src/pki/testdata/nist-pkits/crls/DSACACRL.crl",
- "src/pki/testdata/nist-pkits/crls/DSAParametersInheritedCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/GeneralizedTimeCRLnextUpdateCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/GoodCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/GoodsubCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/GoodsubCAPanyPolicyMapping1to2CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/LongSerialNumberCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/Mapping1to2CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/MappingFromanyPolicyCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/MappingToanyPolicyCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/MissingbasicConstraintsCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/NameOrderCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/NegativeSerialNumberCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/NoPoliciesCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/NoissuingDistributionPointCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/OldCRLnextUpdateCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/P12Mapping1to3CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/P12Mapping1to3subCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/P12Mapping1to3subsubCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/P1Mapping1to234CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/P1Mapping1to234subCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/P1anyPolicyMapping1to2CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/PanyPolicyMapping1to2CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/PoliciesP1234CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/PoliciesP1234subCAP123CRL.crl",
- "src/pki/testdata/nist-pkits/crls/PoliciesP1234subsubCAP123P12CRL.crl",
- "src/pki/testdata/nist-pkits/crls/PoliciesP123CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/PoliciesP123subCAP12CRL.crl",
- "src/pki/testdata/nist-pkits/crls/PoliciesP123subsubCAP12P1CRL.crl",
- "src/pki/testdata/nist-pkits/crls/PoliciesP123subsubCAP2P2CRL.crl",
- "src/pki/testdata/nist-pkits/crls/PoliciesP123subsubsubCAP12P2P1CRL.crl",
- "src/pki/testdata/nist-pkits/crls/PoliciesP12CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/PoliciesP12subCAP1CRL.crl",
- "src/pki/testdata/nist-pkits/crls/PoliciesP12subsubCAP1P2CRL.crl",
- "src/pki/testdata/nist-pkits/crls/PoliciesP2subCA2CRL.crl",
- "src/pki/testdata/nist-pkits/crls/PoliciesP2subCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/PoliciesP3CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/RFC3280MandatoryAttributeTypesCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/RFC3280OptionalAttributeTypesCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/RevokedsubCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/RolloverfromPrintableStringtoUTF8StringCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/SeparateCertificateandCRLKeysCA2CRL.crl",
- "src/pki/testdata/nist-pkits/crls/SeparateCertificateandCRLKeysCRL.crl",
- "src/pki/testdata/nist-pkits/crls/TrustAnchorRootCRL.crl",
- "src/pki/testdata/nist-pkits/crls/TwoCRLsCABadCRL.crl",
- "src/pki/testdata/nist-pkits/crls/TwoCRLsCAGoodCRL.crl",
- "src/pki/testdata/nist-pkits/crls/UIDCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/UTF8StringCaseInsensitiveMatchCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/UTF8StringEncodedNamesCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/UnknownCRLEntryExtensionCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/UnknownCRLExtensionCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/WrongCRLCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/anyPolicyCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/basicConstraintsCriticalcAFalseCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/basicConstraintsNotCriticalCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/basicConstraintsNotCriticalcAFalseCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/deltaCRLCA1CRL.crl",
- "src/pki/testdata/nist-pkits/crls/deltaCRLCA1deltaCRL.crl",
- "src/pki/testdata/nist-pkits/crls/deltaCRLCA2CRL.crl",
- "src/pki/testdata/nist-pkits/crls/deltaCRLCA2deltaCRL.crl",
- "src/pki/testdata/nist-pkits/crls/deltaCRLCA3CRL.crl",
- "src/pki/testdata/nist-pkits/crls/deltaCRLCA3deltaCRL.crl",
- "src/pki/testdata/nist-pkits/crls/deltaCRLIndicatorNoBaseCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/distributionPoint1CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/distributionPoint2CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/indirectCRLCA1CRL.crl",
- "src/pki/testdata/nist-pkits/crls/indirectCRLCA3CRL.crl",
- "src/pki/testdata/nist-pkits/crls/indirectCRLCA3cRLIssuerCRL.crl",
- "src/pki/testdata/nist-pkits/crls/indirectCRLCA4cRLIssuerCRL.crl",
- "src/pki/testdata/nist-pkits/crls/indirectCRLCA5CRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitAnyPolicy0CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitAnyPolicy1CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitAnyPolicy1subCA1CRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitAnyPolicy1subCA2CRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitAnyPolicy1subCAIAP5CRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitAnyPolicy1subsubCA2CRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitAnyPolicy5CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitAnyPolicy5subCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitAnyPolicy5subsubCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping0CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping0subCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P12CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P12subCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P12subCAIPM5CRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P12subsubCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P12subsubCAIPM5CRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P1CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P1subCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P1subsubCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping5CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping5subCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping5subsubCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping5subsubsubCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/keyUsageCriticalcRLSignFalseCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/keyUsageCriticalkeyCertSignFalseCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/keyUsageNotCriticalCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/keyUsageNotCriticalcRLSignFalseCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/keyUsageNotCriticalkeyCertSignFalseCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/nameConstraintsDN1CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/nameConstraintsDN1subCA1CRL.crl",
- "src/pki/testdata/nist-pkits/crls/nameConstraintsDN1subCA2CRL.crl",
- "src/pki/testdata/nist-pkits/crls/nameConstraintsDN1subCA3CRL.crl",
- "src/pki/testdata/nist-pkits/crls/nameConstraintsDN2CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/nameConstraintsDN3CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/nameConstraintsDN3subCA1CRL.crl",
- "src/pki/testdata/nist-pkits/crls/nameConstraintsDN3subCA2CRL.crl",
- "src/pki/testdata/nist-pkits/crls/nameConstraintsDN4CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/nameConstraintsDN5CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/nameConstraintsDNS1CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/nameConstraintsDNS2CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/nameConstraintsRFC822CA1CRL.crl",
- "src/pki/testdata/nist-pkits/crls/nameConstraintsRFC822CA2CRL.crl",
- "src/pki/testdata/nist-pkits/crls/nameConstraintsRFC822CA3CRL.crl",
- "src/pki/testdata/nist-pkits/crls/nameConstraintsURI1CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/nameConstraintsURI2CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/onlyContainsAttributeCertsCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/onlyContainsCACertsCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/onlyContainsUserCertsCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/onlySomeReasonsCA1compromiseCRL.crl",
- "src/pki/testdata/nist-pkits/crls/onlySomeReasonsCA1otherreasonsCRL.crl",
- "src/pki/testdata/nist-pkits/crls/onlySomeReasonsCA2CRL1.crl",
- "src/pki/testdata/nist-pkits/crls/onlySomeReasonsCA2CRL2.crl",
- "src/pki/testdata/nist-pkits/crls/onlySomeReasonsCA3compromiseCRL.crl",
- "src/pki/testdata/nist-pkits/crls/onlySomeReasonsCA3otherreasonsCRL.crl",
- "src/pki/testdata/nist-pkits/crls/onlySomeReasonsCA4compromiseCRL.crl",
- "src/pki/testdata/nist-pkits/crls/onlySomeReasonsCA4otherreasonsCRL.crl",
- "src/pki/testdata/nist-pkits/crls/pathLenConstraint0CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/pathLenConstraint0subCA2CRL.crl",
- "src/pki/testdata/nist-pkits/crls/pathLenConstraint0subCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/pathLenConstraint1CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/pathLenConstraint1subCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/pathLenConstraint6CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/pathLenConstraint6subCA0CRL.crl",
- "src/pki/testdata/nist-pkits/crls/pathLenConstraint6subCA1CRL.crl",
- "src/pki/testdata/nist-pkits/crls/pathLenConstraint6subCA4CRL.crl",
- "src/pki/testdata/nist-pkits/crls/pathLenConstraint6subsubCA00CRL.crl",
- "src/pki/testdata/nist-pkits/crls/pathLenConstraint6subsubCA11CRL.crl",
- "src/pki/testdata/nist-pkits/crls/pathLenConstraint6subsubCA41CRL.crl",
- "src/pki/testdata/nist-pkits/crls/pathLenConstraint6subsubsubCA11XCRL.crl",
- "src/pki/testdata/nist-pkits/crls/pathLenConstraint6subsubsubCA41XCRL.crl",
- "src/pki/testdata/nist-pkits/crls/pre2000CRLnextUpdateCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy0CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy0subCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy0subsubCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy0subsubsubCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy10CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy10subCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy10subsubCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy10subsubsubCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy2CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy2subCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy4CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy4subCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy4subsubCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy4subsubsubCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy5CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy5subCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy5subsubCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy5subsubsubCACRL.crl",
- "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy7CACRL.crl",
- "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy7subCARE2CRL.crl",
- "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy7subsubCARE2RE4CRL.crl",
- "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy7subsubsubCARE2RE4CRL.crl",
- "src/pki/testdata/ocsp_unittest/bad_ocsp_type.pem",
- "src/pki/testdata/ocsp_unittest/bad_signature.pem",
- "src/pki/testdata/ocsp_unittest/bad_status.pem",
- "src/pki/testdata/ocsp_unittest/good_response.pem",
- "src/pki/testdata/ocsp_unittest/good_response_next_update.pem",
- "src/pki/testdata/ocsp_unittest/good_response_sha256.pem",
- "src/pki/testdata/ocsp_unittest/has_critical_ct_extension.pem",
- "src/pki/testdata/ocsp_unittest/has_critical_response_extension.pem",
- "src/pki/testdata/ocsp_unittest/has_critical_single_extension.pem",
- "src/pki/testdata/ocsp_unittest/has_extension.pem",
- "src/pki/testdata/ocsp_unittest/has_single_extension.pem",
- "src/pki/testdata/ocsp_unittest/has_version.pem",
- "src/pki/testdata/ocsp_unittest/malformed_request.pem",
- "src/pki/testdata/ocsp_unittest/missing_response.pem",
- "src/pki/testdata/ocsp_unittest/multiple_response.pem",
- "src/pki/testdata/ocsp_unittest/no_response.pem",
- "src/pki/testdata/ocsp_unittest/ocsp_extra_certs.pem",
- "src/pki/testdata/ocsp_unittest/ocsp_sign_bad_indirect.pem",
- "src/pki/testdata/ocsp_unittest/ocsp_sign_direct.pem",
- "src/pki/testdata/ocsp_unittest/ocsp_sign_indirect.pem",
- "src/pki/testdata/ocsp_unittest/ocsp_sign_indirect_missing.pem",
- "src/pki/testdata/ocsp_unittest/other_response.pem",
- "src/pki/testdata/ocsp_unittest/responder_id.pem",
- "src/pki/testdata/ocsp_unittest/responder_name.pem",
- "src/pki/testdata/ocsp_unittest/revoke_response.pem",
- "src/pki/testdata/ocsp_unittest/revoke_response_reason.pem",
- "src/pki/testdata/ocsp_unittest/unknown_response.pem",
- "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/empty_sequence.pem",
- "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/extra_contents_after_extension_sequence.pem",
- "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/extra_contents_after_issuer_and_serial.pem",
- "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/invalid_contents.pem",
- "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/invalid_issuer.pem",
- "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/invalid_key_identifier.pem",
- "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/invalid_serial.pem",
- "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/issuer_and_serial.pem",
- "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/issuer_only.pem",
- "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/key_identifier.pem",
- "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/key_identifier_and_issuer_and_serial.pem",
- "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/serial_only.pem",
- "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/url_issuer_and_serial.pem",
- "src/pki/testdata/parse_certificate_unittest/authority_key_identifier_not_sequence.pem",
- "src/pki/testdata/parse_certificate_unittest/bad_key_usage.pem",
- "src/pki/testdata/parse_certificate_unittest/bad_policy_qualifiers.pem",
- "src/pki/testdata/parse_certificate_unittest/bad_signature_algorithm_oid.pem",
- "src/pki/testdata/parse_certificate_unittest/bad_validity.pem",
- "src/pki/testdata/parse_certificate_unittest/basic_constraints_ca_false.pem",
- "src/pki/testdata/parse_certificate_unittest/basic_constraints_ca_no_path.pem",
- "src/pki/testdata/parse_certificate_unittest/basic_constraints_ca_path_9.pem",
- "src/pki/testdata/parse_certificate_unittest/basic_constraints_negative_path.pem",
- "src/pki/testdata/parse_certificate_unittest/basic_constraints_not_ca.pem",
- "src/pki/testdata/parse_certificate_unittest/basic_constraints_path_too_large.pem",
- "src/pki/testdata/parse_certificate_unittest/basic_constraints_pathlen_255.pem",
- "src/pki/testdata/parse_certificate_unittest/basic_constraints_pathlen_256.pem",
- "src/pki/testdata/parse_certificate_unittest/basic_constraints_pathlen_not_ca.pem",
- "src/pki/testdata/parse_certificate_unittest/basic_constraints_unconsumed_data.pem",
- "src/pki/testdata/parse_certificate_unittest/cert_algorithm_not_sequence.pem",
- "src/pki/testdata/parse_certificate_unittest/cert_data_after_signature.pem",
- "src/pki/testdata/parse_certificate_unittest/cert_empty_sequence.pem",
- "src/pki/testdata/parse_certificate_unittest/cert_missing_signature.pem",
- "src/pki/testdata/parse_certificate_unittest/cert_not_sequence.pem",
- "src/pki/testdata/parse_certificate_unittest/cert_signature_not_bit_string.pem",
- "src/pki/testdata/parse_certificate_unittest/cert_skeleton.pem",
- "src/pki/testdata/parse_certificate_unittest/cert_version3.pem",
- "src/pki/testdata/parse_certificate_unittest/crldp_1uri_noissuer.pem",
- "src/pki/testdata/parse_certificate_unittest/crldp_3uri_noissuer.pem",
- "src/pki/testdata/parse_certificate_unittest/crldp_full_name_as_dirname.pem",
- "src/pki/testdata/parse_certificate_unittest/crldp_issuer_as_dirname.pem",
- "src/pki/testdata/parse_certificate_unittest/extended_key_usage.pem",
- "src/pki/testdata/parse_certificate_unittest/extension_critical.pem",
- "src/pki/testdata/parse_certificate_unittest/extension_critical_0.pem",
- "src/pki/testdata/parse_certificate_unittest/extension_critical_3.pem",
- "src/pki/testdata/parse_certificate_unittest/extension_not_critical.pem",
- "src/pki/testdata/parse_certificate_unittest/extensions_data_after_sequence.pem",
- "src/pki/testdata/parse_certificate_unittest/extensions_duplicate_key_usage.pem",
- "src/pki/testdata/parse_certificate_unittest/extensions_empty_sequence.pem",
- "src/pki/testdata/parse_certificate_unittest/extensions_not_sequence.pem",
- "src/pki/testdata/parse_certificate_unittest/extensions_real.pem",
- "src/pki/testdata/parse_certificate_unittest/failed_signature_algorithm.pem",
- "src/pki/testdata/parse_certificate_unittest/inhibit_any_policy.pem",
- "src/pki/testdata/parse_certificate_unittest/issuer_bad_printable_string.pem",
- "src/pki/testdata/parse_certificate_unittest/key_usage.pem",
- "src/pki/testdata/parse_certificate_unittest/name_constraints_bad_ip.pem",
- "src/pki/testdata/parse_certificate_unittest/policies.pem",
- "src/pki/testdata/parse_certificate_unittest/policy_constraints_empty.pem",
- "src/pki/testdata/parse_certificate_unittest/policy_constraints_inhibit.pem",
- "src/pki/testdata/parse_certificate_unittest/policy_constraints_inhibit_require.pem",
- "src/pki/testdata/parse_certificate_unittest/policy_constraints_require.pem",
- "src/pki/testdata/parse_certificate_unittest/policy_qualifiers_empty_sequence.pem",
- "src/pki/testdata/parse_certificate_unittest/serial_37_bytes.pem",
- "src/pki/testdata/parse_certificate_unittest/serial_negative.pem",
- "src/pki/testdata/parse_certificate_unittest/serial_not_minimal.pem",
- "src/pki/testdata/parse_certificate_unittest/serial_not_number.pem",
- "src/pki/testdata/parse_certificate_unittest/serial_zero.pem",
- "src/pki/testdata/parse_certificate_unittest/serial_zero_padded.pem",
- "src/pki/testdata/parse_certificate_unittest/serial_zero_padded_21_bytes.pem",
- "src/pki/testdata/parse_certificate_unittest/signature_algorithm_null.pem",
- "src/pki/testdata/parse_certificate_unittest/subject_alt_name.pem",
- "src/pki/testdata/parse_certificate_unittest/subject_blank_subjectaltname_not_critical.pem",
- "src/pki/testdata/parse_certificate_unittest/subject_key_identifier_not_octet_string.pem",
- "src/pki/testdata/parse_certificate_unittest/subject_not_ascii.pem",
- "src/pki/testdata/parse_certificate_unittest/subject_not_printable_string.pem",
- "src/pki/testdata/parse_certificate_unittest/subject_printable_string_containing_utf8_client_cert.pem",
- "src/pki/testdata/parse_certificate_unittest/subject_t61string.pem",
- "src/pki/testdata/parse_certificate_unittest/subject_t61string_1-32.pem",
- "src/pki/testdata/parse_certificate_unittest/subject_t61string_126-160.pem",
- "src/pki/testdata/parse_certificate_unittest/subject_t61string_actual.pem",
- "src/pki/testdata/parse_certificate_unittest/subjectaltname_bad_ip.pem",
- "src/pki/testdata/parse_certificate_unittest/subjectaltname_dns_not_ascii.pem",
- "src/pki/testdata/parse_certificate_unittest/subjectaltname_general_names_empty_sequence.pem",
- "src/pki/testdata/parse_certificate_unittest/subjectaltname_trailing_data.pem",
- "src/pki/testdata/parse_certificate_unittest/tbs_explicit_v1.pem",
- "src/pki/testdata/parse_certificate_unittest/tbs_v1.pem",
- "src/pki/testdata/parse_certificate_unittest/tbs_v1_extensions.pem",
- "src/pki/testdata/parse_certificate_unittest/tbs_v2_extensions.pem",
- "src/pki/testdata/parse_certificate_unittest/tbs_v2_issuer_and_subject_unique_id.pem",
- "src/pki/testdata/parse_certificate_unittest/tbs_v2_issuer_unique_id.pem",
- "src/pki/testdata/parse_certificate_unittest/tbs_v2_no_optionals.pem",
- "src/pki/testdata/parse_certificate_unittest/tbs_v3_all_optionals.pem",
- "src/pki/testdata/parse_certificate_unittest/tbs_v3_data_after_extensions.pem",
- "src/pki/testdata/parse_certificate_unittest/tbs_v3_extensions.pem",
- "src/pki/testdata/parse_certificate_unittest/tbs_v3_extensions_not_sequence.pem",
- "src/pki/testdata/parse_certificate_unittest/tbs_v3_no_optionals.pem",
- "src/pki/testdata/parse_certificate_unittest/tbs_v3_real.pem",
- "src/pki/testdata/parse_certificate_unittest/tbs_v4.pem",
- "src/pki/testdata/parse_certificate_unittest/tbs_validity_both_generalized_time.pem",
- "src/pki/testdata/parse_certificate_unittest/tbs_validity_both_utc_time.pem",
- "src/pki/testdata/parse_certificate_unittest/tbs_validity_generalized_time_and_utc_time.pem",
- "src/pki/testdata/parse_certificate_unittest/tbs_validity_relaxed.pem",
- "src/pki/testdata/parse_certificate_unittest/tbs_validity_utc_time_and_generalized_time.pem",
- "src/pki/testdata/parse_certificate_unittest/v1_explicit_version.pem",
- "src/pki/testdata/path_builder_unittest/key_id_name_and_serial_prioritization/int_match_name_only.pem",
- "src/pki/testdata/path_builder_unittest/key_id_name_and_serial_prioritization/int_matching.pem",
- "src/pki/testdata/path_builder_unittest/key_id_name_and_serial_prioritization/int_mismatch.pem",
- "src/pki/testdata/path_builder_unittest/key_id_name_and_serial_prioritization/root.pem",
- "src/pki/testdata/path_builder_unittest/key_id_name_and_serial_prioritization/root2.pem",
- "src/pki/testdata/path_builder_unittest/key_id_name_and_serial_prioritization/target.pem",
- "src/pki/testdata/path_builder_unittest/key_id_prioritization/int_different_ski_a.pem",
- "src/pki/testdata/path_builder_unittest/key_id_prioritization/int_different_ski_b.pem",
- "src/pki/testdata/path_builder_unittest/key_id_prioritization/int_different_ski_c.pem",
- "src/pki/testdata/path_builder_unittest/key_id_prioritization/int_matching_ski_a.pem",
- "src/pki/testdata/path_builder_unittest/key_id_prioritization/int_matching_ski_b.pem",
- "src/pki/testdata/path_builder_unittest/key_id_prioritization/int_matching_ski_c.pem",
- "src/pki/testdata/path_builder_unittest/key_id_prioritization/int_no_ski_a.pem",
- "src/pki/testdata/path_builder_unittest/key_id_prioritization/int_no_ski_b.pem",
- "src/pki/testdata/path_builder_unittest/key_id_prioritization/int_no_ski_c.pem",
- "src/pki/testdata/path_builder_unittest/key_id_prioritization/root.pem",
- "src/pki/testdata/path_builder_unittest/key_id_prioritization/target.pem",
- "src/pki/testdata/path_builder_unittest/multi-root-A-by-B.pem",
- "src/pki/testdata/path_builder_unittest/multi-root-B-by-C.pem",
- "src/pki/testdata/path_builder_unittest/multi-root-B-by-F.pem",
- "src/pki/testdata/path_builder_unittest/multi-root-C-by-D.pem",
- "src/pki/testdata/path_builder_unittest/multi-root-C-by-E.pem",
- "src/pki/testdata/path_builder_unittest/multi-root-D-by-D.pem",
- "src/pki/testdata/path_builder_unittest/multi-root-E-by-E.pem",
- "src/pki/testdata/path_builder_unittest/multi-root-F-by-E.pem",
- "src/pki/testdata/path_builder_unittest/precertificate/precertificate.pem",
- "src/pki/testdata/path_builder_unittest/precertificate/root.pem",
- "src/pki/testdata/path_builder_unittest/self_issued_prioritization/root1.pem",
- "src/pki/testdata/path_builder_unittest/self_issued_prioritization/root1_cross.pem",
- "src/pki/testdata/path_builder_unittest/self_issued_prioritization/root2.pem",
- "src/pki/testdata/path_builder_unittest/self_issued_prioritization/target.pem",
- "src/pki/testdata/path_builder_unittest/validity_date_prioritization/int_ac.pem",
- "src/pki/testdata/path_builder_unittest/validity_date_prioritization/int_ad.pem",
- "src/pki/testdata/path_builder_unittest/validity_date_prioritization/int_bc.pem",
- "src/pki/testdata/path_builder_unittest/validity_date_prioritization/int_bd.pem",
- "src/pki/testdata/path_builder_unittest/validity_date_prioritization/root.pem",
- "src/pki/testdata/path_builder_unittest/validity_date_prioritization/target.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/basic-constraints-pathlen-0-self-issued/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/basic-constraints-pathlen-0-self-issued/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/expired-intermediate/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/expired-intermediate/not-after.test",
- "src/pki/testdata/verify_certificate_chain_unittest/expired-intermediate/not-before.test",
- "src/pki/testdata/verify_certificate_chain_unittest/expired-root/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/expired-root/not-after-ta-with-constraints.test",
- "src/pki/testdata/verify_certificate_chain_unittest/expired-root/not-after-ta-with-expiration-and-constraints.test",
- "src/pki/testdata/verify_certificate_chain_unittest/expired-root/not-after-ta-with-expiration.test",
- "src/pki/testdata/verify_certificate_chain_unittest/expired-root/not-after.test",
- "src/pki/testdata/verify_certificate_chain_unittest/expired-root/not-before-ta-with-expiration.test",
- "src/pki/testdata/verify_certificate_chain_unittest/expired-root/not-before.test",
- "src/pki/testdata/verify_certificate_chain_unittest/expired-target/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/expired-target/not-after.test",
- "src/pki/testdata/verify_certificate_chain_unittest/expired-target/not-before.test",
- "src/pki/testdata/verify_certificate_chain_unittest/incorrect-trust-anchor/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/incorrect-trust-anchor/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-and-target-wrong-signature/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-and-target-wrong-signature/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-basic-constraints-ca-false/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-basic-constraints-ca-false/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-basic-constraints-not-critical/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-basic-constraints-not-critical/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/any.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/clientauth-strict-leaf.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/clientauth-strict.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/clientauth.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth-strict-leaf.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth-strict.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/any.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/clientauth-strict-leaf.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/clientauth-strict.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/clientauth.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth-strict-leaf.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth-strict.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-any.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-clientAuth-strict.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-clientAuth.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-serverAuth-strict.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-serverAuth.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha256-chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha256-eku-any.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha256-eku-clientAuth-strict.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha256-eku-clientAuth.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha256-eku-serverAuth-strict.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha256-eku-serverAuth.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-invalid-spki/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-invalid-spki/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-lacks-basic-constraints/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-lacks-basic-constraints/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-lacks-signing-key-usage/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-lacks-signing-key-usage/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-signed-with-sha1/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-signed-with-sha1/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-unknown-critical-extension/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-unknown-critical-extension/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-unknown-non-critical-extension/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-unknown-non-critical-extension/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-wrong-signature-no-authority-key-identifier/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/intermediate-wrong-signature-no-authority-key-identifier/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/issuer-and-subject-not-byte-for-byte-equal/anchor.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/issuer-and-subject-not-byte-for-byte-equal/anchor.test",
- "src/pki/testdata/verify_certificate_chain_unittest/issuer-and-subject-not-byte-for-byte-equal/target.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/issuer-and-subject-not-byte-for-byte-equal/target.test",
- "src/pki/testdata/verify_certificate_chain_unittest/key-rollover/longrolloverchain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/key-rollover/longrolloverchain.test",
- "src/pki/testdata/verify_certificate_chain_unittest/key-rollover/newchain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/key-rollover/newchain.test",
- "src/pki/testdata/verify_certificate_chain_unittest/key-rollover/oldchain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/key-rollover/oldchain.test",
- "src/pki/testdata/verify_certificate_chain_unittest/key-rollover/rolloverchain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/key-rollover/rolloverchain.test",
- "src/pki/testdata/verify_certificate_chain_unittest/many-names/ok-all-types.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/many-names/ok-all-types.test",
- "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-all-types.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-all-types.test",
- "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dirnames-excluded.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dirnames-excluded.test",
- "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dirnames-permitted.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dirnames-permitted.test",
- "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dns-excluded.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dns-excluded.test",
- "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dns-permitted.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dns-permitted.test",
- "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-ips-excluded.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-ips-excluded.test",
- "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-ips-permitted.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-ips-permitted.test",
- "src/pki/testdata/verify_certificate_chain_unittest/non-self-signed-root/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/non-self-signed-root/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/non-self-signed-root/ta-with-constraints.test",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.1.2.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.1.3.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.1.4.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.1.5.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.1.6.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.1.2.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.1.3.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.10.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.13.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.2.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.3.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.4.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.5.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.6.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.7.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.8.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.1.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.10.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.11.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.3.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.5.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.6.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.8.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.9.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.12.1.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.12.10.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.12.3.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.12.4.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.12.5.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.12.6.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.12.8.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.10.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.12.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.13.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.15.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.16.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.17.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.2.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.20.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.21.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.22.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.23.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.24.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.25.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.26.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.27.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.28.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.29.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.3.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.31.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.33.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.34.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.35.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.36.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.37.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.38.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.7.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.8.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.9.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.16.2.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.2.1.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.2.2.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.2.5.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.2.6.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.2.7.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.3.1.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.3.2.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.1.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.10.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.11.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.12.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.16.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.2.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.3.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.5.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.6.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.9.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.7.1.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.7.2.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.1.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.12.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.14.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.2.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.3.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.4.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.5.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.6.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.7.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.8.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.9.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.9.3.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.9.5.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.9.7.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.9.8.txt",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-anypolicy-by-root-fail/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-anypolicy-by-root-fail/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-anypolicy-by-root-fail/ta-with-constraints.test",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-anypolicy-by-root-ok/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-anypolicy-by-root-ok/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-anypolicy-by-root-ok/ta-with-constraints.test",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-mapping-by-root-fail/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-mapping-by-root-fail/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-mapping-by-root-fail/ta-with-constraints.test",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-mapping-by-root-ok/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-mapping-by-root-ok/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-mapping-by-root-ok/ta-with-constraints.test",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-ok/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-ok/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-ok/ta-with-constraints.test",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-on-root-ok/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-on-root-ok/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-on-root-ok/ta-with-constraints.test",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-on-root-wrong/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-on-root-wrong/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-on-root-wrong/ta-with-constraints.test",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-required-by-root-fail/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-required-by-root-fail/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-required-by-root-fail/ta-with-constraints.test",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-required-by-root-ok/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-required-by-root-ok/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/policies-required-by-root-ok/ta-with-constraints.test",
- "src/pki/testdata/verify_certificate_chain_unittest/policy-mappings-on-root-fail/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/policy-mappings-on-root-fail/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/policy-mappings-on-root-fail/ta-with-constraints.test",
- "src/pki/testdata/verify_certificate_chain_unittest/policy-mappings-on-root-ok/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/policy-mappings-on-root-ok/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/policy-mappings-on-root-ok/ta-with-constraints.test",
- "src/pki/testdata/verify_certificate_chain_unittest/root-basic-constraints-ca-false/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/root-basic-constraints-ca-false/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/root-basic-constraints-ca-false/ta-with-constraints.test",
- "src/pki/testdata/verify_certificate_chain_unittest/root-eku-clientauth/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/root-eku-clientauth/serverauth-strict.test",
- "src/pki/testdata/verify_certificate_chain_unittest/root-eku-clientauth/serverauth-ta-with-constraints-strict.test",
- "src/pki/testdata/verify_certificate_chain_unittest/root-eku-clientauth/serverauth-ta-with-constraints.test",
- "src/pki/testdata/verify_certificate_chain_unittest/root-eku-clientauth/serverauth-ta-with-expiration-and-constraints.test",
- "src/pki/testdata/verify_certificate_chain_unittest/root-eku-clientauth/serverauth-ta-with-expiration.test",
- "src/pki/testdata/verify_certificate_chain_unittest/root-eku-clientauth/serverauth.test",
- "src/pki/testdata/verify_certificate_chain_unittest/root-lacks-basic-constraints/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/root-lacks-basic-constraints/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/root-lacks-basic-constraints/ta-with-constraints-require-basic-constraints.test",
- "src/pki/testdata/verify_certificate_chain_unittest/root-lacks-basic-constraints/ta-with-constraints.test",
- "src/pki/testdata/verify_certificate_chain_unittest/root-lacks-basic-constraints/ta-with-require-basic-constraints.test",
- "src/pki/testdata/verify_certificate_chain_unittest/root-lacks-keycertsign-key-usage/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/root-lacks-keycertsign-key-usage/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/root-lacks-keycertsign-key-usage/ta-with-constraints.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/distrusted-root-expired.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/distrusted-root.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/ta-with-constraints.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/ta-with-expiration.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/trusted_leaf-and-trust_anchor.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/trusted_leaf-root.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/unspecified-trust-root.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/any.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth-strict-leaf.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth-strict.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth-strict-leaf.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth-strict.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-clientauth/any.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-clientauth/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-clientauth/clientauth-strict.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-clientauth/clientauth.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-clientauth/serverauth-strict.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-clientauth/serverauth.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/any.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth-strict-leaf.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth-strict.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth-strict-leaf.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth-strict.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-none/any.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-none/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth-strict-leaf.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth-strict.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-none/serverauth-strict.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-eku-none/serverauth.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-has-512bit-rsa-key/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-has-512bit-rsa-key/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-has-ca-basic-constraints/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-has-ca-basic-constraints/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-has-ca-basic-constraints/strict.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-has-ca-basic-constraints/target_only-trusted_leaf-strict.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-has-ca-basic-constraints/target_only-trusted_leaf.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-has-ca-basic-constraints/target_only.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-has-keycertsign-but-not-ca/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-has-keycertsign-but-not-ca/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-has-pathlen-but-not-ca/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-has-pathlen-but-not-ca/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-msapplicationpolicies-and-eku/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-msapplicationpolicies-and-eku/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-msapplicationpolicies-no-eku/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-msapplicationpolicies-no-eku/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-not-end-entity/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-not-end-entity/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-not-end-entity/strict-leaf.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-not-end-entity/strict.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-only/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-only/trusted_anchor.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-only/trusted_leaf-and-trust_anchor.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-only/trusted_leaf-not_after.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-only/trusted_leaf-wrong_eku.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-only/trusted_leaf.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-only/trusted_leaf_require_self_signed.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-selfissued/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-selfissued/trusted_anchor.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-selfissued/trusted_leaf-and-trust_anchor.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-selfissued/trusted_leaf.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-selfissued/trusted_leaf_require_self_signed.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-selfsigned/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-selfsigned/trusted_leaf-and-trust_anchor.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-selfsigned/trusted_leaf-not_after.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-selfsigned/trusted_leaf-wrong_eku.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-selfsigned/trusted_leaf.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-selfsigned/trusted_leaf_require_self_signed.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-decipherOnly.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-decipherOnly.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-digitalSignature.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-digitalSignature.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-keyAgreement.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-keyAgreement.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-keyEncipherment.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-keyEncipherment.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-decipherOnly.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-decipherOnly.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-digitalSignature.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-digitalSignature.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-keyAgreement.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-keyAgreement.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-keyEncipherment.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-keyEncipherment.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-signed-by-512bit-rsa/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-signed-by-512bit-rsa/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-signed-using-ecdsa/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-signed-using-ecdsa/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-signed-with-sha1/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-signed-with-sha1/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-unknown-critical-extension/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-unknown-critical-extension/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-unknown-critical-extension/target_only-trusted_leaf.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-unknown-critical-extension/target_only.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-wrong-signature-no-authority-key-identifier/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-wrong-signature-no-authority-key-identifier/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/target-wrong-signature/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/target-wrong-signature/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/unknown-critical-policy-qualifier/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/unknown-critical-policy-qualifier/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/unknown-non-critical-policy-qualifier/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/unknown-non-critical-policy-qualifier/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/violates-basic-constraints-pathlen-0/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/violates-basic-constraints-pathlen-0/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/violates-pathlen-1-from-root/chain.pem",
- "src/pki/testdata/verify_certificate_chain_unittest/violates-pathlen-1-from-root/main.test",
- "src/pki/testdata/verify_certificate_chain_unittest/violates-pathlen-1-from-root/ta-with-constraints.test",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-case_swap-dupe_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-case_swap-extra_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-case_swap-extra_rdn.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-case_swap.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-extra_whitespace-dupe_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-extra_whitespace-extra_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-extra_whitespace-extra_rdn.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-extra_whitespace.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-unmangled-dupe_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-unmangled-extra_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-unmangled-extra_rdn.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-unmangled.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-case_swap-dupe_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-case_swap-extra_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-case_swap-extra_rdn.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-case_swap.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-extra_whitespace-dupe_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-extra_whitespace-extra_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-extra_whitespace-extra_rdn.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-extra_whitespace.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-rdn_sorting_1.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-rdn_sorting_2.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-unmangled-dupe_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-unmangled-extra_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-unmangled-extra_rdn.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-unmangled.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-case_swap-dupe_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-case_swap-extra_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-case_swap-extra_rdn.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-case_swap.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-extra_whitespace-dupe_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-extra_whitespace-extra_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-extra_whitespace-extra_rdn.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-extra_whitespace.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-unmangled-dupe_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-unmangled-extra_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-unmangled-extra_rdn.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-unmangled.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-case_swap-dupe_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-case_swap-extra_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-case_swap-extra_rdn.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-case_swap.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-extra_whitespace-dupe_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-extra_whitespace-extra_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-extra_whitespace-extra_rdn.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-extra_whitespace.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-unmangled-dupe_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-unmangled-extra_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-unmangled-extra_rdn.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-unmangled.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-case_swap-dupe_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-case_swap-extra_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-case_swap-extra_rdn.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-case_swap.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-extra_whitespace-dupe_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-extra_whitespace-extra_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-extra_whitespace-extra_rdn.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-extra_whitespace.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-unmangled-dupe_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-unmangled-extra_attr.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-unmangled-extra_rdn.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-unmangled.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-mixed-rdn_dupetype_sorting_1.pem",
- "src/pki/testdata/verify_name_match_unittest/names/ascii-mixed-rdn_dupetype_sorting_2.pem",
- "src/pki/testdata/verify_name_match_unittest/names/custom-custom-normalized.pem",
- "src/pki/testdata/verify_name_match_unittest/names/invalid-AttributeTypeAndValue-badAttributeType.pem",
- "src/pki/testdata/verify_name_match_unittest/names/invalid-AttributeTypeAndValue-empty.pem",
- "src/pki/testdata/verify_name_match_unittest/names/invalid-AttributeTypeAndValue-extradata.pem",
- "src/pki/testdata/verify_name_match_unittest/names/invalid-AttributeTypeAndValue-onlyOneElement.pem",
- "src/pki/testdata/verify_name_match_unittest/names/invalid-AttributeTypeAndValue-setNotSequence.pem",
- "src/pki/testdata/verify_name_match_unittest/names/invalid-Name-setInsteadOfSequence.pem",
- "src/pki/testdata/verify_name_match_unittest/names/invalid-RDN-empty.pem",
- "src/pki/testdata/verify_name_match_unittest/names/invalid-RDN-sequenceInsteadOfSet.pem",
- "src/pki/testdata/verify_name_match_unittest/names/unicode-mixed-normalized.pem",
- "src/pki/testdata/verify_name_match_unittest/names/unicode-mixed-unnormalized.pem",
- "src/pki/testdata/verify_name_match_unittest/names/unicode_bmp-BMPSTRING-unmangled.pem",
- "src/pki/testdata/verify_name_match_unittest/names/unicode_bmp-UNIVERSALSTRING-unmangled.pem",
- "src/pki/testdata/verify_name_match_unittest/names/unicode_bmp-UTF8-unmangled.pem",
- "src/pki/testdata/verify_name_match_unittest/names/unicode_supplementary-UNIVERSALSTRING-unmangled.pem",
- "src/pki/testdata/verify_name_match_unittest/names/unicode_supplementary-UTF8-unmangled.pem",
- "src/pki/testdata/verify_name_match_unittest/names/valid-Name-empty.pem",
- "src/pki/testdata/verify_name_match_unittest/names/valid-minimal.pem",
- "src/pki/testdata/verify_signed_data_unittest/ecdsa-prime256v1-sha512-spki-params-null.pem",
- "src/pki/testdata/verify_signed_data_unittest/ecdsa-prime256v1-sha512-unused-bits-signature.pem",
- "src/pki/testdata/verify_signed_data_unittest/ecdsa-prime256v1-sha512-using-ecdh-key.pem",
- "src/pki/testdata/verify_signed_data_unittest/ecdsa-prime256v1-sha512-using-ecmqv-key.pem",
- "src/pki/testdata/verify_signed_data_unittest/ecdsa-prime256v1-sha512-using-rsa-algorithm.pem",
- "src/pki/testdata/verify_signed_data_unittest/ecdsa-prime256v1-sha512-wrong-signature-format.pem",
- "src/pki/testdata/verify_signed_data_unittest/ecdsa-prime256v1-sha512.pem",
- "src/pki/testdata/verify_signed_data_unittest/ecdsa-secp384r1-sha256-corrupted-data.pem",
- "src/pki/testdata/verify_signed_data_unittest/ecdsa-secp384r1-sha256.pem",
- "src/pki/testdata/verify_signed_data_unittest/ecdsa-using-rsa-key.pem",
- "src/pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha1-bad-key-der-length.pem",
- "src/pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha1-bad-key-der-null.pem",
- "src/pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha1-key-params-absent.pem",
- "src/pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha1-using-pss-key-no-params.pem",
- "src/pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha1-wrong-algorithm.pem",
- "src/pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha1.pem",
- "src/pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha256-key-encoded-ber.pem",
- "src/pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha256-spki-non-null-params.pem",
- "src/pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha256-using-ecdsa-algorithm.pem",
- "src/pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha256-using-id-ea-rsa.pem",
- "src/pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha256.pem",
- "src/pki/testdata/verify_signed_data_unittest/rsa-pss-sha256-using-pss-key-with-params.pem",
- "src/pki/testdata/verify_signed_data_unittest/rsa-pss-sha256-wrong-salt.pem",
- "src/pki/testdata/verify_signed_data_unittest/rsa-pss-sha256.pem",
- "src/pki/testdata/verify_signed_data_unittest/rsa-using-ec-key.pem",
- "src/pki/testdata/verify_signed_data_unittest/rsa2048-pkcs1-sha512.pem",
- "src/pki/testdata/verify_unittest/google-intermediate1.der",
- "src/pki/testdata/verify_unittest/google-intermediate2.der",
- "src/pki/testdata/verify_unittest/google-leaf.der",
- "src/pki/testdata/verify_unittest/lencr-intermediate-r3.der",
- "src/pki/testdata/verify_unittest/lencr-leaf.der",
- "src/pki/testdata/verify_unittest/lencr-root-dst-x3.der",
- "src/pki/testdata/verify_unittest/lencr-root-x1-cross-signed.der",
- "src/pki/testdata/verify_unittest/lencr-root-x1.der",
- "src/pki/testdata/verify_unittest/mozilla_roots.der",
+ "src/pki/testdata/cert_issuer_source_static_unittest/c1.pem",
+ "src/pki/testdata/cert_issuer_source_static_unittest/c2.pem",
+ "src/pki/testdata/cert_issuer_source_static_unittest/d.pem",
+ "src/pki/testdata/cert_issuer_source_static_unittest/e1.pem",
+ "src/pki/testdata/cert_issuer_source_static_unittest/e2.pem",
+ "src/pki/testdata/cert_issuer_source_static_unittest/i1_1.pem",
+ "src/pki/testdata/cert_issuer_source_static_unittest/i1_2.pem",
+ "src/pki/testdata/cert_issuer_source_static_unittest/i2.pem",
+ "src/pki/testdata/cert_issuer_source_static_unittest/i3_1.pem",
+ "src/pki/testdata/cert_issuer_source_static_unittest/i3_2.pem",
+ "src/pki/testdata/cert_issuer_source_static_unittest/root.pem",
+ "src/pki/testdata/certificate_policies_unittest/anypolicy.pem",
+ "src/pki/testdata/certificate_policies_unittest/anypolicy_with_qualifier.pem",
+ "src/pki/testdata/certificate_policies_unittest/invalid-anypolicy_with_custom_qualifier.pem",
+ "src/pki/testdata/certificate_policies_unittest/invalid-empty.pem",
+ "src/pki/testdata/certificate_policies_unittest/invalid-policy_1_2_3_dupe.pem",
+ "src/pki/testdata/certificate_policies_unittest/invalid-policy_1_2_3_policyinformation_unconsumed_data.pem",
+ "src/pki/testdata/certificate_policies_unittest/invalid-policy_1_2_3_policyqualifierinfo_unconsumed_data.pem",
+ "src/pki/testdata/certificate_policies_unittest/invalid-policy_1_2_3_with_empty_qualifiers_sequence.pem",
+ "src/pki/testdata/certificate_policies_unittest/invalid-policy_identifier_not_oid.pem",
+ "src/pki/testdata/certificate_policies_unittest/policy_1_2_3.pem",
+ "src/pki/testdata/certificate_policies_unittest/policy_1_2_3_and_1_2_4.pem",
+ "src/pki/testdata/certificate_policies_unittest/policy_1_2_3_and_1_2_4_with_qualifiers.pem",
+ "src/pki/testdata/certificate_policies_unittest/policy_1_2_3_with_custom_qualifier.pem",
+ "src/pki/testdata/certificate_policies_unittest/policy_1_2_3_with_qualifier.pem",
+ "src/pki/testdata/crl_unittest/bad_crldp_has_crlissuer.pem",
+ "src/pki/testdata/crl_unittest/bad_fake_critical_crlentryextension.pem",
+ "src/pki/testdata/crl_unittest/bad_fake_critical_extension.pem",
+ "src/pki/testdata/crl_unittest/bad_idp_contains_wrong_uri.pem",
+ "src/pki/testdata/crl_unittest/bad_idp_indirectcrl.pem",
+ "src/pki/testdata/crl_unittest/bad_idp_onlycontainscacerts.pem",
+ "src/pki/testdata/crl_unittest/bad_idp_onlycontainscacerts_no_basic_constraints.pem",
+ "src/pki/testdata/crl_unittest/bad_idp_onlycontainsusercerts.pem",
+ "src/pki/testdata/crl_unittest/bad_idp_uri_and_onlycontainscacerts.pem",
+ "src/pki/testdata/crl_unittest/bad_idp_uri_and_onlycontainsusercerts.pem",
+ "src/pki/testdata/crl_unittest/bad_key_rollover_signature.pem",
+ "src/pki/testdata/crl_unittest/bad_nextupdate_too_old.pem",
+ "src/pki/testdata/crl_unittest/bad_signature.pem",
+ "src/pki/testdata/crl_unittest/bad_thisupdate_in_future.pem",
+ "src/pki/testdata/crl_unittest/bad_thisupdate_too_old.pem",
+ "src/pki/testdata/crl_unittest/bad_wrong_issuer.pem",
+ "src/pki/testdata/crl_unittest/good.pem",
+ "src/pki/testdata/crl_unittest/good_fake_extension.pem",
+ "src/pki/testdata/crl_unittest/good_fake_extension_no_nextupdate.pem",
+ "src/pki/testdata/crl_unittest/good_generalizedtime.pem",
+ "src/pki/testdata/crl_unittest/good_idp_contains_uri.pem",
+ "src/pki/testdata/crl_unittest/good_idp_onlycontainscacerts.pem",
+ "src/pki/testdata/crl_unittest/good_idp_onlycontainsusercerts.pem",
+ "src/pki/testdata/crl_unittest/good_idp_onlycontainsusercerts_no_basic_constraints.pem",
+ "src/pki/testdata/crl_unittest/good_idp_uri_and_onlycontainscacerts.pem",
+ "src/pki/testdata/crl_unittest/good_idp_uri_and_onlycontainsusercerts.pem",
+ "src/pki/testdata/crl_unittest/good_issuer_name_normalization.pem",
+ "src/pki/testdata/crl_unittest/good_issuer_no_keyusage.pem",
+ "src/pki/testdata/crl_unittest/good_key_rollover.pem",
+ "src/pki/testdata/crl_unittest/good_no_crldp.pem",
+ "src/pki/testdata/crl_unittest/good_no_nextupdate.pem",
+ "src/pki/testdata/crl_unittest/good_no_version.pem",
+ "src/pki/testdata/crl_unittest/invalid_garbage_after_crlentryextensions.pem",
+ "src/pki/testdata/crl_unittest/invalid_garbage_after_extensions.pem",
+ "src/pki/testdata/crl_unittest/invalid_garbage_after_nextupdate.pem",
+ "src/pki/testdata/crl_unittest/invalid_garbage_after_revocationdate.pem",
+ "src/pki/testdata/crl_unittest/invalid_garbage_after_revokedcerts.pem",
+ "src/pki/testdata/crl_unittest/invalid_garbage_after_signaturevalue.pem",
+ "src/pki/testdata/crl_unittest/invalid_garbage_after_thisupdate.pem",
+ "src/pki/testdata/crl_unittest/invalid_garbage_crlentry.pem",
+ "src/pki/testdata/crl_unittest/invalid_garbage_issuer_name.pem",
+ "src/pki/testdata/crl_unittest/invalid_garbage_revocationdate.pem",
+ "src/pki/testdata/crl_unittest/invalid_garbage_revoked_serial_number.pem",
+ "src/pki/testdata/crl_unittest/invalid_garbage_signaturealgorithm.pem",
+ "src/pki/testdata/crl_unittest/invalid_garbage_signaturevalue.pem",
+ "src/pki/testdata/crl_unittest/invalid_garbage_tbs_signature_algorithm.pem",
+ "src/pki/testdata/crl_unittest/invalid_garbage_tbscertlist.pem",
+ "src/pki/testdata/crl_unittest/invalid_garbage_thisupdate.pem",
+ "src/pki/testdata/crl_unittest/invalid_garbage_version.pem",
+ "src/pki/testdata/crl_unittest/invalid_idp_dpname_choice_extra_data.pem",
+ "src/pki/testdata/crl_unittest/invalid_idp_empty_sequence.pem",
+ "src/pki/testdata/crl_unittest/invalid_idp_onlycontains_user_and_ca_certs.pem",
+ "src/pki/testdata/crl_unittest/invalid_idp_onlycontainsusercerts_v1_leaf.pem",
+ "src/pki/testdata/crl_unittest/invalid_issuer_keyusage_no_crlsign.pem",
+ "src/pki/testdata/crl_unittest/invalid_key_rollover_issuer_keyusage_no_crlsign.pem",
+ "src/pki/testdata/crl_unittest/invalid_mismatched_signature_algorithm.pem",
+ "src/pki/testdata/crl_unittest/invalid_revoked_empty_sequence.pem",
+ "src/pki/testdata/crl_unittest/invalid_v1_explicit.pem",
+ "src/pki/testdata/crl_unittest/invalid_v1_with_crlentryextension.pem",
+ "src/pki/testdata/crl_unittest/invalid_v1_with_extension.pem",
+ "src/pki/testdata/crl_unittest/invalid_v3.pem",
+ "src/pki/testdata/crl_unittest/revoked.pem",
+ "src/pki/testdata/crl_unittest/revoked_fake_crlentryextension.pem",
+ "src/pki/testdata/crl_unittest/revoked_generalized_revocationdate.pem",
+ "src/pki/testdata/crl_unittest/revoked_key_rollover.pem",
+ "src/pki/testdata/crl_unittest/revoked_no_nextupdate.pem",
+ "src/pki/testdata/name_constraints_unittest/directoryname-excludeall.pem",
+ "src/pki/testdata/name_constraints_unittest/directoryname-excluded.pem",
+ "src/pki/testdata/name_constraints_unittest/directoryname.pem",
+ "src/pki/testdata/name_constraints_unittest/directoryname_and_dnsname.pem",
+ "src/pki/testdata/name_constraints_unittest/directoryname_and_dnsname_and_ipaddress.pem",
+ "src/pki/testdata/name_constraints_unittest/dnsname-exclude_dot.pem",
+ "src/pki/testdata/name_constraints_unittest/dnsname-excludeall.pem",
+ "src/pki/testdata/name_constraints_unittest/dnsname-excluded.pem",
+ "src/pki/testdata/name_constraints_unittest/dnsname-excluded_with_leading_dot.pem",
+ "src/pki/testdata/name_constraints_unittest/dnsname-permitted_two_dot.pem",
+ "src/pki/testdata/name_constraints_unittest/dnsname-permitted_with_leading_dot.pem",
+ "src/pki/testdata/name_constraints_unittest/dnsname-with_max.pem",
+ "src/pki/testdata/name_constraints_unittest/dnsname-with_min_0.pem",
+ "src/pki/testdata/name_constraints_unittest/dnsname-with_min_0_and_max.pem",
+ "src/pki/testdata/name_constraints_unittest/dnsname-with_min_1.pem",
+ "src/pki/testdata/name_constraints_unittest/dnsname-with_min_1_and_max.pem",
+ "src/pki/testdata/name_constraints_unittest/dnsname.pem",
+ "src/pki/testdata/name_constraints_unittest/dnsname2.pem",
+ "src/pki/testdata/name_constraints_unittest/edipartyname-excluded.pem",
+ "src/pki/testdata/name_constraints_unittest/edipartyname-permitted.pem",
+ "src/pki/testdata/name_constraints_unittest/invalid-empty_excluded_subtree.pem",
+ "src/pki/testdata/name_constraints_unittest/invalid-empty_permitted_subtree.pem",
+ "src/pki/testdata/name_constraints_unittest/invalid-no_subtrees.pem",
+ "src/pki/testdata/name_constraints_unittest/ipaddress-excludeall.pem",
+ "src/pki/testdata/name_constraints_unittest/ipaddress-excluded.pem",
+ "src/pki/testdata/name_constraints_unittest/ipaddress-invalid_addr.pem",
+ "src/pki/testdata/name_constraints_unittest/ipaddress-invalid_mask_not_contiguous_1.pem",
+ "src/pki/testdata/name_constraints_unittest/ipaddress-invalid_mask_not_contiguous_2.pem",
+ "src/pki/testdata/name_constraints_unittest/ipaddress-invalid_mask_not_contiguous_3.pem",
+ "src/pki/testdata/name_constraints_unittest/ipaddress-invalid_mask_not_contiguous_4.pem",
+ "src/pki/testdata/name_constraints_unittest/ipaddress-mapped_addrs.pem",
+ "src/pki/testdata/name_constraints_unittest/ipaddress-permit_all.pem",
+ "src/pki/testdata/name_constraints_unittest/ipaddress-permit_prefix1.pem",
+ "src/pki/testdata/name_constraints_unittest/ipaddress-permit_prefix31.pem",
+ "src/pki/testdata/name_constraints_unittest/ipaddress-permit_singlehost.pem",
+ "src/pki/testdata/name_constraints_unittest/ipaddress.pem",
+ "src/pki/testdata/name_constraints_unittest/name-ca.pem",
+ "src/pki/testdata/name_constraints_unittest/name-de.pem",
+ "src/pki/testdata/name_constraints_unittest/name-empty.pem",
+ "src/pki/testdata/name_constraints_unittest/name-jp-tokyo.pem",
+ "src/pki/testdata/name_constraints_unittest/name-jp.pem",
+ "src/pki/testdata/name_constraints_unittest/name-us-arizona-1.1.1.1.pem",
+ "src/pki/testdata/name_constraints_unittest/name-us-arizona-192.168.1.1.pem",
+ "src/pki/testdata/name_constraints_unittest/name-us-arizona-email-invalidstring.pem",
+ "src/pki/testdata/name_constraints_unittest/name-us-arizona-email-localpartcase.pem",
+ "src/pki/testdata/name_constraints_unittest/name-us-arizona-email-multiple.pem",
+ "src/pki/testdata/name_constraints_unittest/name-us-arizona-email.pem",
+ "src/pki/testdata/name_constraints_unittest/name-us-arizona-foo.com.pem",
+ "src/pki/testdata/name_constraints_unittest/name-us-arizona-ipv6.pem",
+ "src/pki/testdata/name_constraints_unittest/name-us-arizona-permitted.example.com.pem",
+ "src/pki/testdata/name_constraints_unittest/name-us-arizona.pem",
+ "src/pki/testdata/name_constraints_unittest/name-us-california-192.168.1.1.pem",
+ "src/pki/testdata/name_constraints_unittest/name-us-california-mountain_view.pem",
+ "src/pki/testdata/name_constraints_unittest/name-us-california-permitted.example.com.pem",
+ "src/pki/testdata/name_constraints_unittest/name-us-california.pem",
+ "src/pki/testdata/name_constraints_unittest/name-us.pem",
+ "src/pki/testdata/name_constraints_unittest/othername-excluded.pem",
+ "src/pki/testdata/name_constraints_unittest/othername-permitted.pem",
+ "src/pki/testdata/name_constraints_unittest/registeredid-excluded.pem",
+ "src/pki/testdata/name_constraints_unittest/registeredid-permitted.pem",
+ "src/pki/testdata/name_constraints_unittest/rfc822name-excluded-empty.pem",
+ "src/pki/testdata/name_constraints_unittest/rfc822name-excluded-hostname.pem",
+ "src/pki/testdata/name_constraints_unittest/rfc822name-excluded-hostnamewithat.pem",
+ "src/pki/testdata/name_constraints_unittest/rfc822name-excluded-ipv4.pem",
+ "src/pki/testdata/name_constraints_unittest/rfc822name-excluded-quoted.pem",
+ "src/pki/testdata/name_constraints_unittest/rfc822name-excluded-subdomains.pem",
+ "src/pki/testdata/name_constraints_unittest/rfc822name-excluded.pem",
+ "src/pki/testdata/name_constraints_unittest/rfc822name-permitted-empty.pem",
+ "src/pki/testdata/name_constraints_unittest/rfc822name-permitted-hostname.pem",
+ "src/pki/testdata/name_constraints_unittest/rfc822name-permitted-hostnamewithat.pem",
+ "src/pki/testdata/name_constraints_unittest/rfc822name-permitted-ipv4.pem",
+ "src/pki/testdata/name_constraints_unittest/rfc822name-permitted-quoted.pem",
+ "src/pki/testdata/name_constraints_unittest/rfc822name-permitted-subdomains.pem",
+ "src/pki/testdata/name_constraints_unittest/rfc822name-permitted.pem",
+ "src/pki/testdata/name_constraints_unittest/san-directoryname.pem",
+ "src/pki/testdata/name_constraints_unittest/san-dnsname.pem",
+ "src/pki/testdata/name_constraints_unittest/san-edipartyname.pem",
+ "src/pki/testdata/name_constraints_unittest/san-excluded-directoryname.pem",
+ "src/pki/testdata/name_constraints_unittest/san-excluded-dnsname.pem",
+ "src/pki/testdata/name_constraints_unittest/san-excluded-ipaddress.pem",
+ "src/pki/testdata/name_constraints_unittest/san-invalid-empty.pem",
+ "src/pki/testdata/name_constraints_unittest/san-invalid-ipaddress.pem",
+ "src/pki/testdata/name_constraints_unittest/san-ipaddress4.pem",
+ "src/pki/testdata/name_constraints_unittest/san-ipaddress6.pem",
+ "src/pki/testdata/name_constraints_unittest/san-othername.pem",
+ "src/pki/testdata/name_constraints_unittest/san-permitted.pem",
+ "src/pki/testdata/name_constraints_unittest/san-registeredid.pem",
+ "src/pki/testdata/name_constraints_unittest/san-rfc822name-domaincase.pem",
+ "src/pki/testdata/name_constraints_unittest/san-rfc822name-empty-localpart.pem",
+ "src/pki/testdata/name_constraints_unittest/san-rfc822name-empty.pem",
+ "src/pki/testdata/name_constraints_unittest/san-rfc822name-ipv4.pem",
+ "src/pki/testdata/name_constraints_unittest/san-rfc822name-localpartcase.pem",
+ "src/pki/testdata/name_constraints_unittest/san-rfc822name-multiple.pem",
+ "src/pki/testdata/name_constraints_unittest/san-rfc822name-no-at.pem",
+ "src/pki/testdata/name_constraints_unittest/san-rfc822name-quoted.pem",
+ "src/pki/testdata/name_constraints_unittest/san-rfc822name-subdomain-no-at.pem",
+ "src/pki/testdata/name_constraints_unittest/san-rfc822name-subdomain-two-ats.pem",
+ "src/pki/testdata/name_constraints_unittest/san-rfc822name-subdomain.pem",
+ "src/pki/testdata/name_constraints_unittest/san-rfc822name-subdomaincase.pem",
+ "src/pki/testdata/name_constraints_unittest/san-rfc822name-two-ats.pem",
+ "src/pki/testdata/name_constraints_unittest/san-rfc822name.pem",
+ "src/pki/testdata/name_constraints_unittest/san-uri.pem",
+ "src/pki/testdata/name_constraints_unittest/san-x400address.pem",
+ "src/pki/testdata/name_constraints_unittest/uri-excluded.pem",
+ "src/pki/testdata/name_constraints_unittest/uri-permitted.pem",
+ "src/pki/testdata/name_constraints_unittest/x400address-excluded.pem",
+ "src/pki/testdata/name_constraints_unittest/x400address-permitted.pem",
+ "src/pki/testdata/nist-pkits/certs/AllCertificatesNoPoliciesTest2EE.crt",
+ "src/pki/testdata/nist-pkits/certs/AllCertificatesSamePoliciesTest10EE.crt",
+ "src/pki/testdata/nist-pkits/certs/AllCertificatesSamePoliciesTest13EE.crt",
+ "src/pki/testdata/nist-pkits/certs/AllCertificatesanyPolicyTest11EE.crt",
+ "src/pki/testdata/nist-pkits/certs/AnyPolicyTest14EE.crt",
+ "src/pki/testdata/nist-pkits/certs/BadCRLIssuerNameCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/BadCRLSignatureCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/BadSignedCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/BadnotAfterDateCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/BadnotBeforeDateCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/BasicSelfIssuedCRLSigningKeyCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/BasicSelfIssuedCRLSigningKeyCRLCert.crt",
+ "src/pki/testdata/nist-pkits/certs/BasicSelfIssuedNewKeyCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/BasicSelfIssuedNewKeyOldWithNewCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/BasicSelfIssuedOldKeyCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/BasicSelfIssuedOldKeyNewWithOldCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/CPSPointerQualifierTest20EE.crt",
+ "src/pki/testdata/nist-pkits/certs/DSACACert.crt",
+ "src/pki/testdata/nist-pkits/certs/DSAParametersInheritedCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/DifferentPoliciesTest12EE.crt",
+ "src/pki/testdata/nist-pkits/certs/DifferentPoliciesTest3EE.crt",
+ "src/pki/testdata/nist-pkits/certs/DifferentPoliciesTest4EE.crt",
+ "src/pki/testdata/nist-pkits/certs/DifferentPoliciesTest5EE.crt",
+ "src/pki/testdata/nist-pkits/certs/DifferentPoliciesTest7EE.crt",
+ "src/pki/testdata/nist-pkits/certs/DifferentPoliciesTest8EE.crt",
+ "src/pki/testdata/nist-pkits/certs/DifferentPoliciesTest9EE.crt",
+ "src/pki/testdata/nist-pkits/certs/GeneralizedTimeCRLnextUpdateCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/GoodCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/GoodsubCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/GoodsubCAPanyPolicyMapping1to2CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidBadCRLIssuerNameTest5EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidBadCRLSignatureTest4EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidBasicSelfIssuedCRLSigningKeyTest7EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidBasicSelfIssuedCRLSigningKeyTest8EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidBasicSelfIssuedNewWithOldTest5EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidBasicSelfIssuedOldWithNewTest2EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidCASignatureTest2EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidCAnotAfterDateTest5EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidCAnotBeforeDateTest1EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidDNSnameConstraintsTest31EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidDNSnameConstraintsTest33EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidDNSnameConstraintsTest38EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidDNandRFC822nameConstraintsTest28EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidDNandRFC822nameConstraintsTest29EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest10EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest12EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest13EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest15EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest16EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest17EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest20EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest2EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest3EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest7EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest8EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest9EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidDSASignatureTest6EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidEESignatureTest3EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidEEnotAfterDateTest6EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidEEnotBeforeDateTest2EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidIDPwithindirectCRLTest23EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidIDPwithindirectCRLTest26EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidLongSerialNumberTest18EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidMappingFromanyPolicyTest7EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidMappingToanyPolicyTest8EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidMissingCRLTest1EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidMissingbasicConstraintsTest1EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidNameChainingOrderTest2EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidNameChainingTest1EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidNegativeSerialNumberTest15EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidOldCRLnextUpdateTest11EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidPolicyMappingTest10EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidPolicyMappingTest2EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidPolicyMappingTest4EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidRFC822nameConstraintsTest22EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidRFC822nameConstraintsTest24EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidRFC822nameConstraintsTest26EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidRevokedCATest2EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidRevokedEETest3EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidSelfIssuedinhibitAnyPolicyTest10EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidSelfIssuedinhibitAnyPolicyTest8EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidSelfIssuedinhibitPolicyMappingTest10EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidSelfIssuedinhibitPolicyMappingTest11EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidSelfIssuedinhibitPolicyMappingTest8EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidSelfIssuedinhibitPolicyMappingTest9EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidSelfIssuedpathLenConstraintTest16EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidSelfIssuedrequireExplicitPolicyTest7EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidSelfIssuedrequireExplicitPolicyTest8EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidSeparateCertificateandCRLKeysTest20EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidSeparateCertificateandCRLKeysTest21EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidURInameConstraintsTest35EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidURInameConstraintsTest37EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidUnknownCRLEntryExtensionTest8EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidUnknownCRLExtensionTest10EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidUnknownCRLExtensionTest9EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidUnknownCriticalCertificateExtensionTest2EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidWrongCRLTest6EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidcAFalseTest2EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidcAFalseTest3EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidcRLIssuerTest27EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidcRLIssuerTest31EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidcRLIssuerTest32EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidcRLIssuerTest34EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidcRLIssuerTest35EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvaliddeltaCRLIndicatorNoBaseTest1EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvaliddeltaCRLTest10EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvaliddeltaCRLTest3EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvaliddeltaCRLTest4EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvaliddeltaCRLTest6EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvaliddeltaCRLTest9EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvaliddistributionPointTest2EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvaliddistributionPointTest3EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvaliddistributionPointTest6EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvaliddistributionPointTest8EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvaliddistributionPointTest9EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidinhibitAnyPolicyTest1EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidinhibitAnyPolicyTest4EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidinhibitAnyPolicyTest5EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidinhibitAnyPolicyTest6EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidinhibitPolicyMappingTest1EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidinhibitPolicyMappingTest3EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidinhibitPolicyMappingTest5EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidinhibitPolicyMappingTest6EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidkeyUsageCriticalcRLSignFalseTest4EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidkeyUsageCriticalkeyCertSignFalseTest1EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidkeyUsageNotCriticalcRLSignFalseTest5EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidkeyUsageNotCriticalkeyCertSignFalseTest2EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidonlyContainsAttributeCertsTest14EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidonlyContainsCACertsTest12EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidonlyContainsUserCertsTest11EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidonlySomeReasonsTest15EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidonlySomeReasonsTest16EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidonlySomeReasonsTest17EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidonlySomeReasonsTest20EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidonlySomeReasonsTest21EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidpathLenConstraintTest10EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidpathLenConstraintTest11EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidpathLenConstraintTest12EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidpathLenConstraintTest5EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidpathLenConstraintTest6EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidpathLenConstraintTest9EE.crt",
+ "src/pki/testdata/nist-pkits/certs/Invalidpre2000CRLnextUpdateTest12EE.crt",
+ "src/pki/testdata/nist-pkits/certs/Invalidpre2000UTCEEnotAfterDateTest7EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidrequireExplicitPolicyTest3EE.crt",
+ "src/pki/testdata/nist-pkits/certs/InvalidrequireExplicitPolicyTest5EE.crt",
+ "src/pki/testdata/nist-pkits/certs/LongSerialNumberCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/Mapping1to2CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/MappingFromanyPolicyCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/MappingToanyPolicyCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/MissingbasicConstraintsCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/NameOrderingCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/NegativeSerialNumberCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/NoCRLCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/NoPoliciesCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/NoissuingDistributionPointCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/OldCRLnextUpdateCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/OverlappingPoliciesTest6EE.crt",
+ "src/pki/testdata/nist-pkits/certs/P12Mapping1to3CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/P12Mapping1to3subCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/P12Mapping1to3subsubCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/P1Mapping1to234CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/P1Mapping1to234subCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/P1anyPolicyMapping1to2CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/PanyPolicyMapping1to2CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/PoliciesP1234CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/PoliciesP1234subCAP123Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/PoliciesP1234subsubCAP123P12Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/PoliciesP123CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/PoliciesP123subCAP12Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/PoliciesP123subsubCAP12P1Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/PoliciesP123subsubCAP12P2Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/PoliciesP123subsubsubCAP12P2P1Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/PoliciesP12CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/PoliciesP12subCAP1Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/PoliciesP12subsubCAP1P2Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/PoliciesP2subCA2Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/PoliciesP2subCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/PoliciesP3CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/RFC3280MandatoryAttributeTypesCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/RFC3280OptionalAttributeTypesCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/RevokedsubCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/RolloverfromPrintableStringtoUTF8StringCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/SeparateCertificateandCRLKeysCA2CRLSigningCert.crt",
+ "src/pki/testdata/nist-pkits/certs/SeparateCertificateandCRLKeysCA2CertificateSigningCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/SeparateCertificateandCRLKeysCRLSigningCert.crt",
+ "src/pki/testdata/nist-pkits/certs/SeparateCertificateandCRLKeysCertificateSigningCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/TrustAnchorRootCertificate.crt",
+ "src/pki/testdata/nist-pkits/certs/TwoCRLsCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/UIDCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/UTF8StringCaseInsensitiveMatchCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/UTF8StringEncodedNamesCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/UnknownCRLEntryExtensionCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/UnknownCRLExtensionCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/UserNoticeQualifierTest15EE.crt",
+ "src/pki/testdata/nist-pkits/certs/UserNoticeQualifierTest16EE.crt",
+ "src/pki/testdata/nist-pkits/certs/UserNoticeQualifierTest17EE.crt",
+ "src/pki/testdata/nist-pkits/certs/UserNoticeQualifierTest18EE.crt",
+ "src/pki/testdata/nist-pkits/certs/UserNoticeQualifierTest19EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidBasicSelfIssuedCRLSigningKeyTest6EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidBasicSelfIssuedNewWithOldTest3EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidBasicSelfIssuedNewWithOldTest4EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidBasicSelfIssuedOldWithNewTest1EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidCertificatePathTest1EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidDNSnameConstraintsTest30EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidDNSnameConstraintsTest32EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidDNandRFC822nameConstraintsTest27EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest11EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest14EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest18EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest19EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest1EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest4EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest5EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest6EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidDSAParameterInheritanceTest5EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidDSASignaturesTest4EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidGeneralizedTimeCRLnextUpdateTest13EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidGeneralizedTimenotAfterDateTest8EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidGeneralizedTimenotBeforeDateTest4EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidIDPwithindirectCRLTest22EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidIDPwithindirectCRLTest24EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidIDPwithindirectCRLTest25EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidLongSerialNumberTest16EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidLongSerialNumberTest17EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidNameChainingCapitalizationTest5EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidNameChainingWhitespaceTest3EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidNameChainingWhitespaceTest4EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidNameUIDsTest6EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidNegativeSerialNumberTest14EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidNoissuingDistributionPointTest10EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidPolicyMappingTest11EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidPolicyMappingTest12EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidPolicyMappingTest13EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidPolicyMappingTest14EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidPolicyMappingTest1EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidPolicyMappingTest3EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidPolicyMappingTest5EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidPolicyMappingTest6EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidPolicyMappingTest9EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidRFC3280MandatoryAttributeTypesTest7EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidRFC3280OptionalAttributeTypesTest8EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidRFC822nameConstraintsTest21EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidRFC822nameConstraintsTest23EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidRFC822nameConstraintsTest25EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidRolloverfromPrintableStringtoUTF8StringTest10EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidSelfIssuedinhibitAnyPolicyTest7EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidSelfIssuedinhibitAnyPolicyTest9EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidSelfIssuedinhibitPolicyMappingTest7EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidSelfIssuedpathLenConstraintTest15EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidSelfIssuedpathLenConstraintTest17EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidSelfIssuedrequireExplicitPolicyTest6EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidSeparateCertificateandCRLKeysTest19EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidTwoCRLsTest7EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidURInameConstraintsTest34EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidURInameConstraintsTest36EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidUTF8StringCaseInsensitiveMatchTest11EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidUTF8StringEncodedNamesTest9EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidUnknownNotCriticalCertificateExtensionTest1EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidbasicConstraintsNotCriticalTest4EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidcRLIssuerTest28EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidcRLIssuerTest29EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidcRLIssuerTest30EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidcRLIssuerTest33EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValiddeltaCRLTest2EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValiddeltaCRLTest5EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValiddeltaCRLTest7EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValiddeltaCRLTest8EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValiddistributionPointTest1EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValiddistributionPointTest4EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValiddistributionPointTest5EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValiddistributionPointTest7EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidinhibitAnyPolicyTest2EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidinhibitPolicyMappingTest2EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidinhibitPolicyMappingTest4EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidkeyUsageNotCriticalTest3EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidonlyContainsCACertsTest13EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidonlySomeReasonsTest18EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidonlySomeReasonsTest19EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidpathLenConstraintTest13EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidpathLenConstraintTest14EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidpathLenConstraintTest7EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidpathLenConstraintTest8EE.crt",
+ "src/pki/testdata/nist-pkits/certs/Validpre2000UTCnotBeforeDateTest3EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidrequireExplicitPolicyTest1EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidrequireExplicitPolicyTest2EE.crt",
+ "src/pki/testdata/nist-pkits/certs/ValidrequireExplicitPolicyTest4EE.crt",
+ "src/pki/testdata/nist-pkits/certs/WrongCRLCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/anyPolicyCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/basicConstraintsCriticalcAFalseCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/basicConstraintsNotCriticalCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/basicConstraintsNotCriticalcAFalseCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/deltaCRLCA1Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/deltaCRLCA2Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/deltaCRLCA3Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/deltaCRLIndicatorNoBaseCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/distributionPoint1CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/distributionPoint2CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/indirectCRLCA1Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/indirectCRLCA2Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/indirectCRLCA3Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/indirectCRLCA3cRLIssuerCert.crt",
+ "src/pki/testdata/nist-pkits/certs/indirectCRLCA4Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/indirectCRLCA4cRLIssuerCert.crt",
+ "src/pki/testdata/nist-pkits/certs/indirectCRLCA5Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/indirectCRLCA6Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicy0CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicy1CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicy1SelfIssuedCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicy1SelfIssuedsubCA2Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicy1subCA1Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicy1subCA2Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicy1subCAIAP5Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicy1subsubCA2Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicy5CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicy5subCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicy5subsubCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitAnyPolicyTest3EE.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping0CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping0subCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P12CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P12subCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P12subCAIPM5Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P12subsubCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P12subsubCAIPM5Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P1CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P1SelfIssuedCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P1SelfIssuedsubCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P1subCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P1subsubCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping5CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping5subCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping5subsubCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/inhibitPolicyMapping5subsubsubCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/keyUsageCriticalcRLSignFalseCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/keyUsageCriticalkeyCertSignFalseCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/keyUsageNotCriticalCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/keyUsageNotCriticalcRLSignFalseCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/keyUsageNotCriticalkeyCertSignFalseCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/nameConstraintsDN1CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/nameConstraintsDN1SelfIssuedCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/nameConstraintsDN1subCA1Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/nameConstraintsDN1subCA2Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/nameConstraintsDN1subCA3Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/nameConstraintsDN2CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/nameConstraintsDN3CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/nameConstraintsDN3subCA1Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/nameConstraintsDN3subCA2Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/nameConstraintsDN4CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/nameConstraintsDN5CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/nameConstraintsDNS1CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/nameConstraintsDNS2CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/nameConstraintsRFC822CA1Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/nameConstraintsRFC822CA2Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/nameConstraintsRFC822CA3Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/nameConstraintsURI1CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/nameConstraintsURI2CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/onlyContainsAttributeCertsCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/onlyContainsCACertsCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/onlyContainsUserCertsCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/onlySomeReasonsCA1Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/onlySomeReasonsCA2Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/onlySomeReasonsCA3Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/onlySomeReasonsCA4Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/pathLenConstraint0CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/pathLenConstraint0SelfIssuedCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/pathLenConstraint0subCA2Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/pathLenConstraint0subCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/pathLenConstraint1CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/pathLenConstraint1SelfIssuedCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/pathLenConstraint1SelfIssuedsubCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/pathLenConstraint1subCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/pathLenConstraint6CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/pathLenConstraint6subCA0Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/pathLenConstraint6subCA1Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/pathLenConstraint6subCA4Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/pathLenConstraint6subsubCA00Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/pathLenConstraint6subsubCA11Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/pathLenConstraint6subsubCA41Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/pathLenConstraint6subsubsubCA11XCert.crt",
+ "src/pki/testdata/nist-pkits/certs/pathLenConstraint6subsubsubCA41XCert.crt",
+ "src/pki/testdata/nist-pkits/certs/pre2000CRLnextUpdateCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy0CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy0subCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy0subsubCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy0subsubsubCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy10CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy10subCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy10subsubCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy10subsubsubCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy2CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy2SelfIssuedCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy2SelfIssuedsubCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy2subCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy4CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy4subCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy4subsubCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy4subsubsubCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy5CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy5subCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy5subsubCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy5subsubsubCACert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy7CACert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy7subCARE2Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy7subsubCARE2RE4Cert.crt",
+ "src/pki/testdata/nist-pkits/certs/requireExplicitPolicy7subsubsubCARE2RE4Cert.crt",
+ "src/pki/testdata/nist-pkits/crls/BadCRLIssuerNameCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/BadCRLSignatureCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/BadSignedCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/BadnotAfterDateCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/BadnotBeforeDateCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/BasicSelfIssuedCRLSigningKeyCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/BasicSelfIssuedCRLSigningKeyCRLCertCRL.crl",
+ "src/pki/testdata/nist-pkits/crls/BasicSelfIssuedNewKeyCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/BasicSelfIssuedOldKeyCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/BasicSelfIssuedOldKeySelfIssuedCertCRL.crl",
+ "src/pki/testdata/nist-pkits/crls/DSACACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/DSAParametersInheritedCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/GeneralizedTimeCRLnextUpdateCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/GoodCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/GoodsubCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/GoodsubCAPanyPolicyMapping1to2CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/LongSerialNumberCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/Mapping1to2CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/MappingFromanyPolicyCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/MappingToanyPolicyCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/MissingbasicConstraintsCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/NameOrderCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/NegativeSerialNumberCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/NoPoliciesCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/NoissuingDistributionPointCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/OldCRLnextUpdateCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/P12Mapping1to3CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/P12Mapping1to3subCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/P12Mapping1to3subsubCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/P1Mapping1to234CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/P1Mapping1to234subCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/P1anyPolicyMapping1to2CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/PanyPolicyMapping1to2CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/PoliciesP1234CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/PoliciesP1234subCAP123CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/PoliciesP1234subsubCAP123P12CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/PoliciesP123CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/PoliciesP123subCAP12CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/PoliciesP123subsubCAP12P1CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/PoliciesP123subsubCAP2P2CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/PoliciesP123subsubsubCAP12P2P1CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/PoliciesP12CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/PoliciesP12subCAP1CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/PoliciesP12subsubCAP1P2CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/PoliciesP2subCA2CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/PoliciesP2subCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/PoliciesP3CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/RFC3280MandatoryAttributeTypesCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/RFC3280OptionalAttributeTypesCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/RevokedsubCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/RolloverfromPrintableStringtoUTF8StringCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/SeparateCertificateandCRLKeysCA2CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/SeparateCertificateandCRLKeysCRL.crl",
+ "src/pki/testdata/nist-pkits/crls/TrustAnchorRootCRL.crl",
+ "src/pki/testdata/nist-pkits/crls/TwoCRLsCABadCRL.crl",
+ "src/pki/testdata/nist-pkits/crls/TwoCRLsCAGoodCRL.crl",
+ "src/pki/testdata/nist-pkits/crls/UIDCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/UTF8StringCaseInsensitiveMatchCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/UTF8StringEncodedNamesCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/UnknownCRLEntryExtensionCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/UnknownCRLExtensionCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/WrongCRLCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/anyPolicyCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/basicConstraintsCriticalcAFalseCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/basicConstraintsNotCriticalCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/basicConstraintsNotCriticalcAFalseCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/deltaCRLCA1CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/deltaCRLCA1deltaCRL.crl",
+ "src/pki/testdata/nist-pkits/crls/deltaCRLCA2CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/deltaCRLCA2deltaCRL.crl",
+ "src/pki/testdata/nist-pkits/crls/deltaCRLCA3CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/deltaCRLCA3deltaCRL.crl",
+ "src/pki/testdata/nist-pkits/crls/deltaCRLIndicatorNoBaseCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/distributionPoint1CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/distributionPoint2CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/indirectCRLCA1CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/indirectCRLCA3CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/indirectCRLCA3cRLIssuerCRL.crl",
+ "src/pki/testdata/nist-pkits/crls/indirectCRLCA4cRLIssuerCRL.crl",
+ "src/pki/testdata/nist-pkits/crls/indirectCRLCA5CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitAnyPolicy0CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitAnyPolicy1CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitAnyPolicy1subCA1CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitAnyPolicy1subCA2CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitAnyPolicy1subCAIAP5CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitAnyPolicy1subsubCA2CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitAnyPolicy5CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitAnyPolicy5subCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitAnyPolicy5subsubCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping0CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping0subCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P12CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P12subCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P12subCAIPM5CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P12subsubCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P12subsubCAIPM5CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P1CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P1subCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P1subsubCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping5CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping5subCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping5subsubCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/inhibitPolicyMapping5subsubsubCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/keyUsageCriticalcRLSignFalseCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/keyUsageCriticalkeyCertSignFalseCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/keyUsageNotCriticalCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/keyUsageNotCriticalcRLSignFalseCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/keyUsageNotCriticalkeyCertSignFalseCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/nameConstraintsDN1CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/nameConstraintsDN1subCA1CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/nameConstraintsDN1subCA2CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/nameConstraintsDN1subCA3CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/nameConstraintsDN2CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/nameConstraintsDN3CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/nameConstraintsDN3subCA1CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/nameConstraintsDN3subCA2CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/nameConstraintsDN4CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/nameConstraintsDN5CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/nameConstraintsDNS1CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/nameConstraintsDNS2CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/nameConstraintsRFC822CA1CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/nameConstraintsRFC822CA2CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/nameConstraintsRFC822CA3CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/nameConstraintsURI1CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/nameConstraintsURI2CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/onlyContainsAttributeCertsCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/onlyContainsCACertsCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/onlyContainsUserCertsCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/onlySomeReasonsCA1compromiseCRL.crl",
+ "src/pki/testdata/nist-pkits/crls/onlySomeReasonsCA1otherreasonsCRL.crl",
+ "src/pki/testdata/nist-pkits/crls/onlySomeReasonsCA2CRL1.crl",
+ "src/pki/testdata/nist-pkits/crls/onlySomeReasonsCA2CRL2.crl",
+ "src/pki/testdata/nist-pkits/crls/onlySomeReasonsCA3compromiseCRL.crl",
+ "src/pki/testdata/nist-pkits/crls/onlySomeReasonsCA3otherreasonsCRL.crl",
+ "src/pki/testdata/nist-pkits/crls/onlySomeReasonsCA4compromiseCRL.crl",
+ "src/pki/testdata/nist-pkits/crls/onlySomeReasonsCA4otherreasonsCRL.crl",
+ "src/pki/testdata/nist-pkits/crls/pathLenConstraint0CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/pathLenConstraint0subCA2CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/pathLenConstraint0subCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/pathLenConstraint1CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/pathLenConstraint1subCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/pathLenConstraint6CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/pathLenConstraint6subCA0CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/pathLenConstraint6subCA1CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/pathLenConstraint6subCA4CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/pathLenConstraint6subsubCA00CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/pathLenConstraint6subsubCA11CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/pathLenConstraint6subsubCA41CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/pathLenConstraint6subsubsubCA11XCRL.crl",
+ "src/pki/testdata/nist-pkits/crls/pathLenConstraint6subsubsubCA41XCRL.crl",
+ "src/pki/testdata/nist-pkits/crls/pre2000CRLnextUpdateCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy0CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy0subCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy0subsubCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy0subsubsubCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy10CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy10subCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy10subsubCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy10subsubsubCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy2CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy2subCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy4CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy4subCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy4subsubCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy4subsubsubCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy5CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy5subCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy5subsubCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy5subsubsubCACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy7CACRL.crl",
+ "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy7subCARE2CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy7subsubCARE2RE4CRL.crl",
+ "src/pki/testdata/nist-pkits/crls/requireExplicitPolicy7subsubsubCARE2RE4CRL.crl",
+ "src/pki/testdata/ocsp_unittest/bad_ocsp_type.pem",
+ "src/pki/testdata/ocsp_unittest/bad_signature.pem",
+ "src/pki/testdata/ocsp_unittest/bad_status.pem",
+ "src/pki/testdata/ocsp_unittest/good_response.pem",
+ "src/pki/testdata/ocsp_unittest/good_response_next_update.pem",
+ "src/pki/testdata/ocsp_unittest/good_response_sha256.pem",
+ "src/pki/testdata/ocsp_unittest/has_critical_ct_extension.pem",
+ "src/pki/testdata/ocsp_unittest/has_critical_response_extension.pem",
+ "src/pki/testdata/ocsp_unittest/has_critical_single_extension.pem",
+ "src/pki/testdata/ocsp_unittest/has_extension.pem",
+ "src/pki/testdata/ocsp_unittest/has_single_extension.pem",
+ "src/pki/testdata/ocsp_unittest/has_version.pem",
+ "src/pki/testdata/ocsp_unittest/malformed_request.pem",
+ "src/pki/testdata/ocsp_unittest/missing_response.pem",
+ "src/pki/testdata/ocsp_unittest/multiple_response.pem",
+ "src/pki/testdata/ocsp_unittest/no_response.pem",
+ "src/pki/testdata/ocsp_unittest/ocsp_extra_certs.pem",
+ "src/pki/testdata/ocsp_unittest/ocsp_sign_bad_indirect.pem",
+ "src/pki/testdata/ocsp_unittest/ocsp_sign_direct.pem",
+ "src/pki/testdata/ocsp_unittest/ocsp_sign_indirect.pem",
+ "src/pki/testdata/ocsp_unittest/ocsp_sign_indirect_missing.pem",
+ "src/pki/testdata/ocsp_unittest/other_response.pem",
+ "src/pki/testdata/ocsp_unittest/responder_id.pem",
+ "src/pki/testdata/ocsp_unittest/responder_name.pem",
+ "src/pki/testdata/ocsp_unittest/revoke_response.pem",
+ "src/pki/testdata/ocsp_unittest/revoke_response_reason.pem",
+ "src/pki/testdata/ocsp_unittest/unknown_response.pem",
+ "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/empty_sequence.pem",
+ "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/extra_contents_after_extension_sequence.pem",
+ "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/extra_contents_after_issuer_and_serial.pem",
+ "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/invalid_contents.pem",
+ "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/invalid_issuer.pem",
+ "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/invalid_key_identifier.pem",
+ "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/invalid_serial.pem",
+ "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/issuer_and_serial.pem",
+ "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/issuer_only.pem",
+ "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/key_identifier.pem",
+ "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/key_identifier_and_issuer_and_serial.pem",
+ "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/serial_only.pem",
+ "src/pki/testdata/parse_certificate_unittest/authority_key_identifier/url_issuer_and_serial.pem",
+ "src/pki/testdata/parse_certificate_unittest/authority_key_identifier_not_sequence.pem",
+ "src/pki/testdata/parse_certificate_unittest/bad_key_usage.pem",
+ "src/pki/testdata/parse_certificate_unittest/bad_policy_qualifiers.pem",
+ "src/pki/testdata/parse_certificate_unittest/bad_signature_algorithm_oid.pem",
+ "src/pki/testdata/parse_certificate_unittest/bad_validity.pem",
+ "src/pki/testdata/parse_certificate_unittest/basic_constraints_ca_false.pem",
+ "src/pki/testdata/parse_certificate_unittest/basic_constraints_ca_no_path.pem",
+ "src/pki/testdata/parse_certificate_unittest/basic_constraints_ca_path_9.pem",
+ "src/pki/testdata/parse_certificate_unittest/basic_constraints_negative_path.pem",
+ "src/pki/testdata/parse_certificate_unittest/basic_constraints_not_ca.pem",
+ "src/pki/testdata/parse_certificate_unittest/basic_constraints_path_too_large.pem",
+ "src/pki/testdata/parse_certificate_unittest/basic_constraints_pathlen_255.pem",
+ "src/pki/testdata/parse_certificate_unittest/basic_constraints_pathlen_256.pem",
+ "src/pki/testdata/parse_certificate_unittest/basic_constraints_pathlen_not_ca.pem",
+ "src/pki/testdata/parse_certificate_unittest/basic_constraints_unconsumed_data.pem",
+ "src/pki/testdata/parse_certificate_unittest/cert_algorithm_not_sequence.pem",
+ "src/pki/testdata/parse_certificate_unittest/cert_data_after_signature.pem",
+ "src/pki/testdata/parse_certificate_unittest/cert_empty_sequence.pem",
+ "src/pki/testdata/parse_certificate_unittest/cert_missing_signature.pem",
+ "src/pki/testdata/parse_certificate_unittest/cert_not_sequence.pem",
+ "src/pki/testdata/parse_certificate_unittest/cert_signature_not_bit_string.pem",
+ "src/pki/testdata/parse_certificate_unittest/cert_skeleton.pem",
+ "src/pki/testdata/parse_certificate_unittest/cert_version3.pem",
+ "src/pki/testdata/parse_certificate_unittest/crldp_1uri_noissuer.pem",
+ "src/pki/testdata/parse_certificate_unittest/crldp_3uri_noissuer.pem",
+ "src/pki/testdata/parse_certificate_unittest/crldp_full_name_as_dirname.pem",
+ "src/pki/testdata/parse_certificate_unittest/crldp_issuer_as_dirname.pem",
+ "src/pki/testdata/parse_certificate_unittest/extended_key_usage.pem",
+ "src/pki/testdata/parse_certificate_unittest/extension_critical.pem",
+ "src/pki/testdata/parse_certificate_unittest/extension_critical_0.pem",
+ "src/pki/testdata/parse_certificate_unittest/extension_critical_3.pem",
+ "src/pki/testdata/parse_certificate_unittest/extension_not_critical.pem",
+ "src/pki/testdata/parse_certificate_unittest/extensions_data_after_sequence.pem",
+ "src/pki/testdata/parse_certificate_unittest/extensions_duplicate_key_usage.pem",
+ "src/pki/testdata/parse_certificate_unittest/extensions_empty_sequence.pem",
+ "src/pki/testdata/parse_certificate_unittest/extensions_not_sequence.pem",
+ "src/pki/testdata/parse_certificate_unittest/extensions_real.pem",
+ "src/pki/testdata/parse_certificate_unittest/failed_signature_algorithm.pem",
+ "src/pki/testdata/parse_certificate_unittest/inhibit_any_policy.pem",
+ "src/pki/testdata/parse_certificate_unittest/issuer_bad_printable_string.pem",
+ "src/pki/testdata/parse_certificate_unittest/key_usage.pem",
+ "src/pki/testdata/parse_certificate_unittest/name_constraints_bad_ip.pem",
+ "src/pki/testdata/parse_certificate_unittest/policies.pem",
+ "src/pki/testdata/parse_certificate_unittest/policy_constraints_empty.pem",
+ "src/pki/testdata/parse_certificate_unittest/policy_constraints_inhibit.pem",
+ "src/pki/testdata/parse_certificate_unittest/policy_constraints_inhibit_require.pem",
+ "src/pki/testdata/parse_certificate_unittest/policy_constraints_require.pem",
+ "src/pki/testdata/parse_certificate_unittest/policy_qualifiers_empty_sequence.pem",
+ "src/pki/testdata/parse_certificate_unittest/serial_37_bytes.pem",
+ "src/pki/testdata/parse_certificate_unittest/serial_negative.pem",
+ "src/pki/testdata/parse_certificate_unittest/serial_not_minimal.pem",
+ "src/pki/testdata/parse_certificate_unittest/serial_not_number.pem",
+ "src/pki/testdata/parse_certificate_unittest/serial_zero.pem",
+ "src/pki/testdata/parse_certificate_unittest/serial_zero_padded.pem",
+ "src/pki/testdata/parse_certificate_unittest/serial_zero_padded_21_bytes.pem",
+ "src/pki/testdata/parse_certificate_unittest/signature_algorithm_null.pem",
+ "src/pki/testdata/parse_certificate_unittest/subject_alt_name.pem",
+ "src/pki/testdata/parse_certificate_unittest/subject_blank_subjectaltname_not_critical.pem",
+ "src/pki/testdata/parse_certificate_unittest/subject_key_identifier_not_octet_string.pem",
+ "src/pki/testdata/parse_certificate_unittest/subject_not_ascii.pem",
+ "src/pki/testdata/parse_certificate_unittest/subject_not_printable_string.pem",
+ "src/pki/testdata/parse_certificate_unittest/subject_printable_string_containing_utf8_client_cert.pem",
+ "src/pki/testdata/parse_certificate_unittest/subject_t61string.pem",
+ "src/pki/testdata/parse_certificate_unittest/subject_t61string_1-32.pem",
+ "src/pki/testdata/parse_certificate_unittest/subject_t61string_126-160.pem",
+ "src/pki/testdata/parse_certificate_unittest/subject_t61string_actual.pem",
+ "src/pki/testdata/parse_certificate_unittest/subjectaltname_bad_ip.pem",
+ "src/pki/testdata/parse_certificate_unittest/subjectaltname_dns_not_ascii.pem",
+ "src/pki/testdata/parse_certificate_unittest/subjectaltname_general_names_empty_sequence.pem",
+ "src/pki/testdata/parse_certificate_unittest/subjectaltname_trailing_data.pem",
+ "src/pki/testdata/parse_certificate_unittest/tbs_explicit_v1.pem",
+ "src/pki/testdata/parse_certificate_unittest/tbs_v1.pem",
+ "src/pki/testdata/parse_certificate_unittest/tbs_v1_extensions.pem",
+ "src/pki/testdata/parse_certificate_unittest/tbs_v2_extensions.pem",
+ "src/pki/testdata/parse_certificate_unittest/tbs_v2_issuer_and_subject_unique_id.pem",
+ "src/pki/testdata/parse_certificate_unittest/tbs_v2_issuer_unique_id.pem",
+ "src/pki/testdata/parse_certificate_unittest/tbs_v2_no_optionals.pem",
+ "src/pki/testdata/parse_certificate_unittest/tbs_v3_all_optionals.pem",
+ "src/pki/testdata/parse_certificate_unittest/tbs_v3_data_after_extensions.pem",
+ "src/pki/testdata/parse_certificate_unittest/tbs_v3_extensions.pem",
+ "src/pki/testdata/parse_certificate_unittest/tbs_v3_extensions_not_sequence.pem",
+ "src/pki/testdata/parse_certificate_unittest/tbs_v3_no_optionals.pem",
+ "src/pki/testdata/parse_certificate_unittest/tbs_v3_real.pem",
+ "src/pki/testdata/parse_certificate_unittest/tbs_v4.pem",
+ "src/pki/testdata/parse_certificate_unittest/tbs_validity_both_generalized_time.pem",
+ "src/pki/testdata/parse_certificate_unittest/tbs_validity_both_utc_time.pem",
+ "src/pki/testdata/parse_certificate_unittest/tbs_validity_generalized_time_and_utc_time.pem",
+ "src/pki/testdata/parse_certificate_unittest/tbs_validity_relaxed.pem",
+ "src/pki/testdata/parse_certificate_unittest/tbs_validity_utc_time_and_generalized_time.pem",
+ "src/pki/testdata/parse_certificate_unittest/v1_explicit_version.pem",
+ "src/pki/testdata/path_builder_unittest/key_id_name_and_serial_prioritization/int_match_name_only.pem",
+ "src/pki/testdata/path_builder_unittest/key_id_name_and_serial_prioritization/int_matching.pem",
+ "src/pki/testdata/path_builder_unittest/key_id_name_and_serial_prioritization/int_mismatch.pem",
+ "src/pki/testdata/path_builder_unittest/key_id_name_and_serial_prioritization/root.pem",
+ "src/pki/testdata/path_builder_unittest/key_id_name_and_serial_prioritization/root2.pem",
+ "src/pki/testdata/path_builder_unittest/key_id_name_and_serial_prioritization/target.pem",
+ "src/pki/testdata/path_builder_unittest/key_id_prioritization/int_different_ski_a.pem",
+ "src/pki/testdata/path_builder_unittest/key_id_prioritization/int_different_ski_b.pem",
+ "src/pki/testdata/path_builder_unittest/key_id_prioritization/int_different_ski_c.pem",
+ "src/pki/testdata/path_builder_unittest/key_id_prioritization/int_matching_ski_a.pem",
+ "src/pki/testdata/path_builder_unittest/key_id_prioritization/int_matching_ski_b.pem",
+ "src/pki/testdata/path_builder_unittest/key_id_prioritization/int_matching_ski_c.pem",
+ "src/pki/testdata/path_builder_unittest/key_id_prioritization/int_no_ski_a.pem",
+ "src/pki/testdata/path_builder_unittest/key_id_prioritization/int_no_ski_b.pem",
+ "src/pki/testdata/path_builder_unittest/key_id_prioritization/int_no_ski_c.pem",
+ "src/pki/testdata/path_builder_unittest/key_id_prioritization/root.pem",
+ "src/pki/testdata/path_builder_unittest/key_id_prioritization/target.pem",
+ "src/pki/testdata/path_builder_unittest/multi-root-A-by-B.pem",
+ "src/pki/testdata/path_builder_unittest/multi-root-B-by-C.pem",
+ "src/pki/testdata/path_builder_unittest/multi-root-B-by-F.pem",
+ "src/pki/testdata/path_builder_unittest/multi-root-C-by-D.pem",
+ "src/pki/testdata/path_builder_unittest/multi-root-C-by-E.pem",
+ "src/pki/testdata/path_builder_unittest/multi-root-D-by-D.pem",
+ "src/pki/testdata/path_builder_unittest/multi-root-E-by-E.pem",
+ "src/pki/testdata/path_builder_unittest/multi-root-F-by-E.pem",
+ "src/pki/testdata/path_builder_unittest/precertificate/precertificate.pem",
+ "src/pki/testdata/path_builder_unittest/precertificate/root.pem",
+ "src/pki/testdata/path_builder_unittest/self_issued_prioritization/root1.pem",
+ "src/pki/testdata/path_builder_unittest/self_issued_prioritization/root1_cross.pem",
+ "src/pki/testdata/path_builder_unittest/self_issued_prioritization/root2.pem",
+ "src/pki/testdata/path_builder_unittest/self_issued_prioritization/target.pem",
+ "src/pki/testdata/path_builder_unittest/validity_date_prioritization/int_ac.pem",
+ "src/pki/testdata/path_builder_unittest/validity_date_prioritization/int_ad.pem",
+ "src/pki/testdata/path_builder_unittest/validity_date_prioritization/int_bc.pem",
+ "src/pki/testdata/path_builder_unittest/validity_date_prioritization/int_bd.pem",
+ "src/pki/testdata/path_builder_unittest/validity_date_prioritization/root.pem",
+ "src/pki/testdata/path_builder_unittest/validity_date_prioritization/target.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/basic-constraints-pathlen-0-self-issued/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/basic-constraints-pathlen-0-self-issued/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/expired-intermediate/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/expired-intermediate/not-after.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/expired-intermediate/not-before.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/expired-root/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/expired-root/not-after-ta-with-constraints.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/expired-root/not-after-ta-with-expiration-and-constraints.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/expired-root/not-after-ta-with-expiration.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/expired-root/not-after.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/expired-root/not-before-ta-with-expiration.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/expired-root/not-before.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/expired-target/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/expired-target/not-after.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/expired-target/not-before.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/incorrect-trust-anchor/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/incorrect-trust-anchor/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-and-target-wrong-signature/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-and-target-wrong-signature/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-basic-constraints-ca-false/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-basic-constraints-ca-false/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-basic-constraints-not-critical/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-basic-constraints-not-critical/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/any.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/clientauth-strict-leaf.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/clientauth-strict.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/clientauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth-strict-leaf.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth-strict.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/any.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/c2pamanifest.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/c2patimestamp.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/clientauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/serverauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/any.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/c2pamanifest.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/c2patimestamp.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/clientauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/serverauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/any.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/clientauth-strict-leaf.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/clientauth-strict.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/clientauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth-strict-leaf.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth-strict.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth-extra/any.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth-extra/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth-extra/mlsclientauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/any.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/clientauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/mlsclientauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/serverauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-any.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-clientAuth-strict.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-clientAuth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-serverAuth-strict.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-serverAuth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha256-chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha256-eku-any.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha256-eku-clientAuth-strict.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha256-eku-clientAuth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha256-eku-serverAuth-strict.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha256-eku-serverAuth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-invalid-spki/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-invalid-spki/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-lacks-basic-constraints/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-lacks-basic-constraints/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-lacks-signing-key-usage/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-lacks-signing-key-usage/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-signed-with-sha1/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-signed-with-sha1/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-unknown-critical-extension/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-unknown-critical-extension/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-unknown-non-critical-extension/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-unknown-non-critical-extension/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-wrong-signature-no-authority-key-identifier/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/intermediate-wrong-signature-no-authority-key-identifier/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/issuer-and-subject-not-byte-for-byte-equal/anchor.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/issuer-and-subject-not-byte-for-byte-equal/anchor.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/issuer-and-subject-not-byte-for-byte-equal/target.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/issuer-and-subject-not-byte-for-byte-equal/target.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/key-rollover/longrolloverchain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/key-rollover/longrolloverchain.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/key-rollover/newchain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/key-rollover/newchain.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/key-rollover/oldchain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/key-rollover/oldchain.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/key-rollover/rolloverchain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/key-rollover/rolloverchain.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/many-names/ok-all-types.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/many-names/ok-all-types.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-all-types.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-all-types.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dirnames-excluded.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dirnames-excluded.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dirnames-permitted.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dirnames-permitted.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dns-excluded.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dns-excluded.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dns-permitted.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dns-permitted.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-ips-excluded.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-ips-excluded.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-ips-permitted.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/many-names/toomany-ips-permitted.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/non-self-signed-root/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/non-self-signed-root/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/non-self-signed-root/ta-with-constraints.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.1.2.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.1.3.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.1.4.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.1.5.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.1.6.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.1.2.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.1.3.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.10.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.13.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.2.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.3.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.4.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.5.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.6.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.7.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.8.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.1.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.10.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.11.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.3.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.5.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.6.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.8.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.9.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.12.1.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.12.10.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.12.3.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.12.4.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.12.5.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.12.6.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.12.8.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.10.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.12.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.13.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.15.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.16.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.17.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.2.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.20.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.21.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.22.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.23.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.24.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.25.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.26.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.27.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.28.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.29.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.3.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.31.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.33.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.34.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.35.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.36.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.37.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.38.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.7.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.8.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.9.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.16.2.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.2.1.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.2.2.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.2.5.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.2.6.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.2.7.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.3.1.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.3.2.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.1.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.10.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.11.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.12.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.16.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.2.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.3.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.5.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.6.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.9.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.7.1.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.7.2.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.1.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.12.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.14.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.2.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.3.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.4.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.5.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.6.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.7.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.8.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.9.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.9.3.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.9.5.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.9.7.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.9.8.txt",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-anypolicy-by-root-fail/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-anypolicy-by-root-fail/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-anypolicy-by-root-fail/ta-with-constraints.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-anypolicy-by-root-ok/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-anypolicy-by-root-ok/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-anypolicy-by-root-ok/ta-with-constraints.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-mapping-by-root-fail/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-mapping-by-root-fail/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-mapping-by-root-fail/ta-with-constraints.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-mapping-by-root-ok/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-mapping-by-root-ok/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-inhibit-mapping-by-root-ok/ta-with-constraints.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-ok/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-ok/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-ok/ta-with-constraints.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-on-root-ok/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-on-root-ok/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-on-root-ok/ta-with-constraints.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-on-root-wrong/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-on-root-wrong/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-on-root-wrong/ta-with-constraints.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-required-by-root-fail/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-required-by-root-fail/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-required-by-root-fail/ta-with-constraints.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-required-by-root-ok/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-required-by-root-ok/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/policies-required-by-root-ok/ta-with-constraints.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/policy-mappings-on-root-fail/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/policy-mappings-on-root-fail/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/policy-mappings-on-root-fail/ta-with-constraints.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/policy-mappings-on-root-ok/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/policy-mappings-on-root-ok/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/policy-mappings-on-root-ok/ta-with-constraints.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/root-basic-constraints-ca-false/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/root-basic-constraints-ca-false/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/root-basic-constraints-ca-false/ta-with-constraints.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/root-eku-clientauth/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/root-eku-clientauth/serverauth-strict.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/root-eku-clientauth/serverauth-ta-with-constraints-strict.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/root-eku-clientauth/serverauth-ta-with-constraints.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/root-eku-clientauth/serverauth-ta-with-expiration-and-constraints.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/root-eku-clientauth/serverauth-ta-with-expiration.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/root-eku-clientauth/serverauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/root-lacks-basic-constraints/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/root-lacks-basic-constraints/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/root-lacks-basic-constraints/ta-with-constraints-require-basic-constraints.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/root-lacks-basic-constraints/ta-with-constraints.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/root-lacks-basic-constraints/ta-with-require-basic-constraints.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/root-lacks-keycertsign-key-usage/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/root-lacks-keycertsign-key-usage/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/root-lacks-keycertsign-key-usage/ta-with-constraints.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/distrusted-root-expired.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/distrusted-root.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/ta-with-constraints.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/ta-with-expiration.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/trusted_leaf-and-trust_anchor.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/trusted_leaf-root.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/unspecified-trust-root.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/any.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth-strict-leaf.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth-strict.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/mlsclientauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth-strict-leaf.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth-strict.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-clientauth/any.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-clientauth/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-clientauth/clientauth-strict.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-clientauth/clientauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-clientauth/serverauth-strict.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-clientauth/serverauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/any.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth-strict-leaf.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth-strict.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/mlsclientauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth-strict-leaf.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth-strict.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-none/any.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-none/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth-strict-leaf.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth-strict.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-none/mlsclientauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-none/serverauth-strict.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-eku-none/serverauth.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-has-512bit-rsa-key/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-has-512bit-rsa-key/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-has-ca-basic-constraints/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-has-ca-basic-constraints/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-has-ca-basic-constraints/strict.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-has-ca-basic-constraints/target_only-trusted_leaf-strict.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-has-ca-basic-constraints/target_only-trusted_leaf.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-has-ca-basic-constraints/target_only.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-has-keycertsign-but-not-ca/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-has-keycertsign-but-not-ca/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-has-pathlen-but-not-ca/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-has-pathlen-but-not-ca/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-msapplicationpolicies-and-eku/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-msapplicationpolicies-and-eku/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-msapplicationpolicies-no-eku/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-msapplicationpolicies-no-eku/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-not-end-entity/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-not-end-entity/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-not-end-entity/strict-leaf.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-not-end-entity/strict.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-only/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-only/trusted_anchor.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-only/trusted_leaf-and-trust_anchor.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-only/trusted_leaf-not_after.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-only/trusted_leaf-wrong_eku.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-only/trusted_leaf.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-only/trusted_leaf_require_self_signed.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-selfissued/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-selfissued/trusted_anchor.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-selfissued/trusted_leaf-and-trust_anchor.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-selfissued/trusted_leaf.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-selfissued/trusted_leaf_require_self_signed.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-selfsigned/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-selfsigned/trusted_leaf-and-trust_anchor.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-selfsigned/trusted_leaf-not_after.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-selfsigned/trusted_leaf-wrong_eku.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-selfsigned/trusted_leaf.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-selfsigned/trusted_leaf_require_self_signed.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-decipherOnly.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-decipherOnly.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-digitalSignature.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-digitalSignature.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-keyAgreement.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-keyAgreement.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-keyEncipherment.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-keyEncipherment.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-decipherOnly.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-decipherOnly.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-digitalSignature.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-digitalSignature.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-keyAgreement.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-keyAgreement.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-keyEncipherment.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-keyEncipherment.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-signed-by-512bit-rsa/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-signed-by-512bit-rsa/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-signed-using-ecdsa/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-signed-using-ecdsa/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-signed-with-sha1/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-signed-with-sha1/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-unknown-critical-extension/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-unknown-critical-extension/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-unknown-critical-extension/target_only-trusted_leaf.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-unknown-critical-extension/target_only.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-wrong-signature-no-authority-key-identifier/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-wrong-signature-no-authority-key-identifier/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-wrong-signature/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/target-wrong-signature/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/unknown-critical-policy-qualifier/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/unknown-critical-policy-qualifier/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/unknown-non-critical-policy-qualifier/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/unknown-non-critical-policy-qualifier/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/violates-basic-constraints-pathlen-0/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/violates-basic-constraints-pathlen-0/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/violates-pathlen-1-from-root/chain.pem",
+ "src/pki/testdata/verify_certificate_chain_unittest/violates-pathlen-1-from-root/main.test",
+ "src/pki/testdata/verify_certificate_chain_unittest/violates-pathlen-1-from-root/ta-with-constraints.test",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-case_swap-dupe_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-case_swap-extra_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-case_swap-extra_rdn.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-case_swap.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-extra_whitespace-dupe_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-extra_whitespace-extra_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-extra_whitespace-extra_rdn.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-extra_whitespace.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-unmangled-dupe_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-unmangled-extra_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-unmangled-extra_rdn.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-unmangled.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-case_swap-dupe_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-case_swap-extra_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-case_swap-extra_rdn.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-case_swap.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-extra_whitespace-dupe_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-extra_whitespace-extra_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-extra_whitespace-extra_rdn.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-extra_whitespace.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-rdn_sorting_1.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-rdn_sorting_2.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-unmangled-dupe_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-unmangled-extra_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-unmangled-extra_rdn.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-unmangled.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-case_swap-dupe_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-case_swap-extra_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-case_swap-extra_rdn.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-case_swap.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-extra_whitespace-dupe_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-extra_whitespace-extra_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-extra_whitespace-extra_rdn.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-extra_whitespace.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-unmangled-dupe_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-unmangled-extra_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-unmangled-extra_rdn.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-unmangled.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-case_swap-dupe_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-case_swap-extra_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-case_swap-extra_rdn.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-case_swap.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-extra_whitespace-dupe_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-extra_whitespace-extra_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-extra_whitespace-extra_rdn.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-extra_whitespace.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-unmangled-dupe_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-unmangled-extra_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-unmangled-extra_rdn.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-unmangled.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-case_swap-dupe_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-case_swap-extra_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-case_swap-extra_rdn.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-case_swap.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-extra_whitespace-dupe_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-extra_whitespace-extra_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-extra_whitespace-extra_rdn.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-extra_whitespace.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-unmangled-dupe_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-unmangled-extra_attr.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-unmangled-extra_rdn.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-UTF8-unmangled.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-mixed-rdn_dupetype_sorting_1.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/ascii-mixed-rdn_dupetype_sorting_2.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/custom-custom-normalized.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/invalid-AttributeTypeAndValue-badAttributeType.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/invalid-AttributeTypeAndValue-empty.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/invalid-AttributeTypeAndValue-extradata.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/invalid-AttributeTypeAndValue-onlyOneElement.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/invalid-AttributeTypeAndValue-setNotSequence.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/invalid-Name-setInsteadOfSequence.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/invalid-RDN-empty.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/invalid-RDN-sequenceInsteadOfSet.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/unicode-mixed-normalized.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/unicode-mixed-unnormalized.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/unicode_bmp-BMPSTRING-unmangled.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/unicode_bmp-UNIVERSALSTRING-unmangled.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/unicode_bmp-UTF8-unmangled.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/unicode_supplementary-UNIVERSALSTRING-unmangled.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/unicode_supplementary-UTF8-unmangled.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/valid-Name-empty.pem",
+ "src/pki/testdata/verify_name_match_unittest/names/valid-minimal.pem",
+ "src/pki/testdata/verify_signed_data_unittest/ecdsa-prime256v1-sha512-spki-params-null.pem",
+ "src/pki/testdata/verify_signed_data_unittest/ecdsa-prime256v1-sha512-unused-bits-signature.pem",
+ "src/pki/testdata/verify_signed_data_unittest/ecdsa-prime256v1-sha512-using-ecdh-key.pem",
+ "src/pki/testdata/verify_signed_data_unittest/ecdsa-prime256v1-sha512-using-ecmqv-key.pem",
+ "src/pki/testdata/verify_signed_data_unittest/ecdsa-prime256v1-sha512-using-rsa-algorithm.pem",
+ "src/pki/testdata/verify_signed_data_unittest/ecdsa-prime256v1-sha512-wrong-signature-format.pem",
+ "src/pki/testdata/verify_signed_data_unittest/ecdsa-prime256v1-sha512.pem",
+ "src/pki/testdata/verify_signed_data_unittest/ecdsa-secp384r1-sha256-corrupted-data.pem",
+ "src/pki/testdata/verify_signed_data_unittest/ecdsa-secp384r1-sha256.pem",
+ "src/pki/testdata/verify_signed_data_unittest/ecdsa-using-rsa-key.pem",
+ "src/pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha1-bad-key-der-length.pem",
+ "src/pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha1-bad-key-der-null.pem",
+ "src/pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha1-key-params-absent.pem",
+ "src/pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha1-using-pss-key-no-params.pem",
+ "src/pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha1-wrong-algorithm.pem",
+ "src/pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha1.pem",
+ "src/pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha256-key-encoded-ber.pem",
+ "src/pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha256-spki-non-null-params.pem",
+ "src/pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha256-using-ecdsa-algorithm.pem",
+ "src/pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha256-using-id-ea-rsa.pem",
+ "src/pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha256.pem",
+ "src/pki/testdata/verify_signed_data_unittest/rsa-pss-sha256-using-pss-key-with-params.pem",
+ "src/pki/testdata/verify_signed_data_unittest/rsa-pss-sha256-wrong-salt.pem",
+ "src/pki/testdata/verify_signed_data_unittest/rsa-pss-sha256.pem",
+ "src/pki/testdata/verify_signed_data_unittest/rsa-using-ec-key.pem",
+ "src/pki/testdata/verify_signed_data_unittest/rsa2048-pkcs1-sha512.pem",
+ "src/pki/testdata/verify_unittest/google-intermediate1.der",
+ "src/pki/testdata/verify_unittest/google-intermediate2.der",
+ "src/pki/testdata/verify_unittest/google-leaf.der",
+ "src/pki/testdata/verify_unittest/lencr-intermediate-r3.der",
+ "src/pki/testdata/verify_unittest/lencr-leaf.der",
+ "src/pki/testdata/verify_unittest/lencr-root-dst-x3.der",
+ "src/pki/testdata/verify_unittest/lencr-root-x1-cross-signed.der",
+ "src/pki/testdata/verify_unittest/lencr-root-x1.der",
+ "src/pki/testdata/verify_unittest/mozilla_roots.der",
"src/pki/testdata/verify_unittest/self-issued.pem"
- ],
+ ],
"rust_bssl_crypto": [
- "src/rust/bssl-crypto/src/aead.rs",
- "src/rust/bssl-crypto/src/aes.rs",
- "src/rust/bssl-crypto/src/cipher/aes_cbc.rs",
- "src/rust/bssl-crypto/src/cipher/aes_ctr.rs",
- "src/rust/bssl-crypto/src/cipher/mod.rs",
- "src/rust/bssl-crypto/src/digest.rs",
- "src/rust/bssl-crypto/src/ec.rs",
- "src/rust/bssl-crypto/src/ecdh.rs",
- "src/rust/bssl-crypto/src/ecdsa.rs",
- "src/rust/bssl-crypto/src/ed25519.rs",
- "src/rust/bssl-crypto/src/hkdf.rs",
- "src/rust/bssl-crypto/src/hmac.rs",
- "src/rust/bssl-crypto/src/hpke.rs",
- "src/rust/bssl-crypto/src/lib.rs",
- "src/rust/bssl-crypto/src/macros.rs",
- "src/rust/bssl-crypto/src/mem.rs",
- "src/rust/bssl-crypto/src/mldsa.rs",
- "src/rust/bssl-crypto/src/mlkem.rs",
- "src/rust/bssl-crypto/src/rand.rs",
- "src/rust/bssl-crypto/src/rsa.rs",
- "src/rust/bssl-crypto/src/scoped.rs",
- "src/rust/bssl-crypto/src/slhdsa.rs",
- "src/rust/bssl-crypto/src/test_helpers.rs",
+ "src/rust/bssl-crypto/src/aead.rs",
+ "src/rust/bssl-crypto/src/aes.rs",
+ "src/rust/bssl-crypto/src/cipher/aes_cbc.rs",
+ "src/rust/bssl-crypto/src/cipher/aes_ctr.rs",
+ "src/rust/bssl-crypto/src/cipher/mod.rs",
+ "src/rust/bssl-crypto/src/digest.rs",
+ "src/rust/bssl-crypto/src/ec.rs",
+ "src/rust/bssl-crypto/src/ecdh.rs",
+ "src/rust/bssl-crypto/src/ecdsa.rs",
+ "src/rust/bssl-crypto/src/ed25519.rs",
+ "src/rust/bssl-crypto/src/hkdf.rs",
+ "src/rust/bssl-crypto/src/hmac.rs",
+ "src/rust/bssl-crypto/src/hpke.rs",
+ "src/rust/bssl-crypto/src/lib.rs",
+ "src/rust/bssl-crypto/src/macros.rs",
+ "src/rust/bssl-crypto/src/mem.rs",
+ "src/rust/bssl-crypto/src/mldsa.rs",
+ "src/rust/bssl-crypto/src/mlkem.rs",
+ "src/rust/bssl-crypto/src/rand.rs",
+ "src/rust/bssl-crypto/src/rsa.rs",
+ "src/rust/bssl-crypto/src/scoped.rs",
+ "src/rust/bssl-crypto/src/slhdsa.rs",
+ "src/rust/bssl-crypto/src/test_helpers.rs",
"src/rust/bssl-crypto/src/x25519.rs"
- ],
+ ],
"rust_bssl_sys": [
"src/rust/bssl-sys/src/lib.rs"
- ],
+ ],
"ssl": [
- "src/ssl/bio_ssl.cc",
- "src/ssl/d1_both.cc",
- "src/ssl/d1_lib.cc",
- "src/ssl/d1_pkt.cc",
- "src/ssl/d1_srtp.cc",
- "src/ssl/dtls_method.cc",
- "src/ssl/dtls_record.cc",
- "src/ssl/encrypted_client_hello.cc",
- "src/ssl/extensions.cc",
- "src/ssl/handoff.cc",
- "src/ssl/handshake.cc",
- "src/ssl/handshake_client.cc",
- "src/ssl/handshake_server.cc",
- "src/ssl/s3_both.cc",
- "src/ssl/s3_lib.cc",
- "src/ssl/s3_pkt.cc",
- "src/ssl/ssl_aead_ctx.cc",
- "src/ssl/ssl_asn1.cc",
- "src/ssl/ssl_buffer.cc",
- "src/ssl/ssl_cert.cc",
- "src/ssl/ssl_cipher.cc",
- "src/ssl/ssl_credential.cc",
- "src/ssl/ssl_file.cc",
- "src/ssl/ssl_key_share.cc",
- "src/ssl/ssl_lib.cc",
- "src/ssl/ssl_privkey.cc",
- "src/ssl/ssl_session.cc",
- "src/ssl/ssl_stat.cc",
- "src/ssl/ssl_transcript.cc",
- "src/ssl/ssl_versions.cc",
- "src/ssl/ssl_x509.cc",
- "src/ssl/t1_enc.cc",
- "src/ssl/tls13_both.cc",
- "src/ssl/tls13_client.cc",
- "src/ssl/tls13_enc.cc",
- "src/ssl/tls13_server.cc",
- "src/ssl/tls_method.cc",
+ "src/ssl/bio_ssl.cc",
+ "src/ssl/d1_both.cc",
+ "src/ssl/d1_lib.cc",
+ "src/ssl/d1_pkt.cc",
+ "src/ssl/d1_srtp.cc",
+ "src/ssl/dtls_method.cc",
+ "src/ssl/dtls_record.cc",
+ "src/ssl/encrypted_client_hello.cc",
+ "src/ssl/extensions.cc",
+ "src/ssl/handoff.cc",
+ "src/ssl/handshake.cc",
+ "src/ssl/handshake_client.cc",
+ "src/ssl/handshake_server.cc",
+ "src/ssl/s3_both.cc",
+ "src/ssl/s3_lib.cc",
+ "src/ssl/s3_pkt.cc",
+ "src/ssl/ssl_aead_ctx.cc",
+ "src/ssl/ssl_asn1.cc",
+ "src/ssl/ssl_buffer.cc",
+ "src/ssl/ssl_cert.cc",
+ "src/ssl/ssl_cipher.cc",
+ "src/ssl/ssl_credential.cc",
+ "src/ssl/ssl_file.cc",
+ "src/ssl/ssl_key_share.cc",
+ "src/ssl/ssl_lib.cc",
+ "src/ssl/ssl_privkey.cc",
+ "src/ssl/ssl_session.cc",
+ "src/ssl/ssl_stat.cc",
+ "src/ssl/ssl_transcript.cc",
+ "src/ssl/ssl_versions.cc",
+ "src/ssl/ssl_x509.cc",
+ "src/ssl/t1_enc.cc",
+ "src/ssl/tls13_both.cc",
+ "src/ssl/tls13_client.cc",
+ "src/ssl/tls13_enc.cc",
+ "src/ssl/tls13_server.cc",
+ "src/ssl/tls_method.cc",
"src/ssl/tls_record.cc"
- ],
+ ],
"ssl_headers": [
- "src/include/openssl/dtls1.h",
- "src/include/openssl/srtp.h",
- "src/include/openssl/ssl.h",
- "src/include/openssl/ssl3.h",
+ "src/include/openssl/dtls1.h",
+ "src/include/openssl/srtp.h",
+ "src/include/openssl/ssl.h",
+ "src/include/openssl/ssl3.h",
"src/include/openssl/tls1.h"
- ],
+ ],
"ssl_internal_headers": [
"src/ssl/internal.h"
- ],
+ ],
"ssl_test": [
- "src/crypto/test/gtest_main.cc",
- "src/ssl/span_test.cc",
- "src/ssl/ssl_c_test.c",
- "src/ssl/ssl_internal_test.cc",
+ "src/crypto/test/gtest_main.cc",
+ "src/ssl/span_test.cc",
+ "src/ssl/ssl_c_test.c",
+ "src/ssl/ssl_internal_test.cc",
"src/ssl/ssl_test.cc"
- ],
+ ],
"test_support": [
- "src/crypto/test/abi_test.cc",
- "src/crypto/test/file_test.cc",
- "src/crypto/test/file_test_gtest.cc",
- "src/crypto/test/file_util.cc",
- "src/crypto/test/test_data.cc",
- "src/crypto/test/test_util.cc",
+ "src/crypto/test/abi_test.cc",
+ "src/crypto/test/file_test.cc",
+ "src/crypto/test/file_test_gtest.cc",
+ "src/crypto/test/file_util.cc",
+ "src/crypto/test/test_data.cc",
+ "src/crypto/test/test_util.cc",
"src/crypto/test/wycheproof_util.cc"
- ],
+ ],
"test_support_headers": [
- "src/crypto/test/abi_test.h",
- "src/crypto/test/file_test.h",
- "src/crypto/test/file_util.h",
- "src/crypto/test/gtest_main.h",
- "src/crypto/test/test_data.h",
- "src/crypto/test/test_util.h",
- "src/crypto/test/wycheproof_util.h",
- "src/ssl/test/async_bio.h",
- "src/ssl/test/fuzzer.h",
- "src/ssl/test/fuzzer_tags.h",
- "src/ssl/test/handshake_util.h",
- "src/ssl/test/mock_quic_transport.h",
- "src/ssl/test/packeted_bio.h",
- "src/ssl/test/settings_writer.h",
- "src/ssl/test/test_config.h",
+ "src/crypto/test/abi_test.h",
+ "src/crypto/test/file_test.h",
+ "src/crypto/test/file_util.h",
+ "src/crypto/test/gtest_main.h",
+ "src/crypto/test/test_data.h",
+ "src/crypto/test/test_util.h",
+ "src/crypto/test/wycheproof_util.h",
+ "src/ssl/test/async_bio.h",
+ "src/ssl/test/fuzzer.h",
+ "src/ssl/test/fuzzer_tags.h",
+ "src/ssl/test/handshake_util.h",
+ "src/ssl/test/mock_quic_transport.h",
+ "src/ssl/test/packeted_bio.h",
+ "src/ssl/test/settings_writer.h",
+ "src/ssl/test/test_config.h",
"src/ssl/test/test_state.h"
- ],
+ ],
"tool": [
- "src/tool/args.cc",
- "src/tool/ciphers.cc",
- "src/tool/client.cc",
- "src/tool/const.cc",
- "src/tool/digest.cc",
- "src/tool/fd.cc",
- "src/tool/file.cc",
- "src/tool/generate_ech.cc",
- "src/tool/generate_ed25519.cc",
- "src/tool/genrsa.cc",
- "src/tool/pkcs12.cc",
- "src/tool/rand.cc",
- "src/tool/server.cc",
- "src/tool/sign.cc",
- "src/tool/speed.cc",
- "src/tool/tool.cc",
+ "src/tool/args.cc",
+ "src/tool/ciphers.cc",
+ "src/tool/client.cc",
+ "src/tool/const.cc",
+ "src/tool/digest.cc",
+ "src/tool/fd.cc",
+ "src/tool/file.cc",
+ "src/tool/generate_ech.cc",
+ "src/tool/generate_ed25519.cc",
+ "src/tool/genrsa.cc",
+ "src/tool/pkcs12.cc",
+ "src/tool/rand.cc",
+ "src/tool/server.cc",
+ "src/tool/sign.cc",
+ "src/tool/speed.cc",
+ "src/tool/tool.cc",
"src/tool/transport_common.cc"
- ],
+ ],
"tool_headers": [
- "src/tool/internal.h",
+ "src/tool/internal.h",
"src/tool/transport_common.h"
- ],
+ ],
"urandom_test": [
"src/crypto/rand/urandom_test.cc"
]
diff --git a/src/.bcr/metadata.template.json b/src/.bcr/metadata.template.json
index 6d8f767..ed376c9 100644
--- a/src/.bcr/metadata.template.json
+++ b/src/.bcr/metadata.template.json
@@ -7,14 +7,14 @@
"name": "Adam Langley"
},
{
- "email": "bbe@google.com",
- "github": "bob-beck",
- "name": "Bob Beck"
- },
- {
"email": "davidben@google.com",
"github": "davidben",
"name": "David Benjamin"
+ },
+ {
+ "email": "dadrian@google.com",
+ "github": "dadrian",
+ "name": "David Adrian"
}
],
"repository": [
diff --git a/src/.gitignore b/src/.gitignore
index f19d1c8..8c3524b 100644
--- a/src/.gitignore
+++ b/src/.gitignore
@@ -34,8 +34,7 @@
/util/bot/sde-win32
/util/bot/sde-win32.tar.xz
/util/bot/tools
-/util/bot/win_toolchain
-/util/bot/win_toolchain.json
+/util/bot/windows_sdk
# Ignore target under any directory.
target/
diff --git a/src/BUILD.bazel b/src/BUILD.bazel
index 5c68e63..b7dc359 100644
--- a/src/BUILD.bazel
+++ b/src/BUILD.bazel
@@ -12,6 +12,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+load("@rules_license//rules:license.bzl", "license")
load(
":gen/sources.bzl",
"bcm_internal_headers",
@@ -43,7 +44,6 @@
"urandom_test_sources",
)
load(":util/util.bzl", "bssl_cc_binary", "bssl_cc_library", "bssl_cc_test")
-load("@rules_license//rules:license.bzl", "license")
package(
default_applicable_licenses = [":license"],
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 50f5e37..4211db0 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -36,6 +36,9 @@
enable_language(C)
enable_language(CXX)
+# TODO(crbug,com/389897612): Register tests with CTest. For now, we include this
+# only to pick up the standard |BUILD_TESTING| option.
+include(CTest)
include(GNUInstallDirs)
set(INSTALL_ENABLED 1)
@@ -241,13 +244,8 @@
message(FATAL_ERROR "You need Clang ≥ 6.0.0")
endif()
- add_definitions(-DBORINGSSL_UNSAFE_DETERMINISTIC_MODE)
- set(RUNNER_ARGS "-deterministic")
-
- if(NOT NO_FUZZER_MODE)
- add_definitions(-DBORINGSSL_UNSAFE_FUZZER_MODE)
- set(RUNNER_ARGS ${RUNNER_ARGS} "-fuzzer" "-shim-config" "fuzzer_mode.json")
- endif()
+ add_definitions(-DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
+ set(RUNNER_ARGS "-deterministic" "-fuzzer" "-shim-config" "fuzzer_mode.json")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=address,fuzzer-no-link -fsanitize-coverage=edge,indirect-calls")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=address,fuzzer-no-link -fsanitize-coverage=edge,indirect-calls")
@@ -481,33 +479,33 @@
target_link_libraries(libcxx libcxxabi)
endif()
-# Add minimal googletest targets. The provided one has many side-effects, and
-# googletest has a very straightforward build.
-add_library(
- boringssl_gtest
- third_party/googletest/googlemock/src/gmock-all.cc
- third_party/googletest/googletest/src/gtest-all.cc
-)
-if(USE_CUSTOM_LIBCXX)
- target_link_libraries(boringssl_gtest libcxx)
-endif()
-target_include_directories(
+if(BUILD_TESTING)
+ # Add minimal googletest targets. The provided one has many side-effects, and
+ # googletest has a very straightforward build.
+ add_library(
boringssl_gtest
- PUBLIC
- third_party/googletest/googlemock/include
- third_party/googletest/googletest/include
- PRIVATE
- third_party/googletest/googlemock
- third_party/googletest/googletest
-)
+ third_party/googletest/googlemock/src/gmock-all.cc
+ third_party/googletest/googletest/src/gtest-all.cc
+ )
+ if(USE_CUSTOM_LIBCXX)
+ target_link_libraries(boringssl_gtest libcxx)
+ endif()
+ target_include_directories(
+ boringssl_gtest
+ PUBLIC
+ third_party/googletest/googlemock/include
+ third_party/googletest/googletest/include
+ PRIVATE
+ third_party/googletest/googlemock
+ third_party/googletest/googletest
+ )
-# Declare a dummy target to build all unit tests. Test targets should inject
-# themselves as dependencies next to the target definition.
-add_custom_target(all_tests)
+ # Declare a dummy target to build all unit tests. Test targets should inject
+ # themselves as dependencies next to the target definition.
+ add_custom_target(all_tests)
-add_subdirectory(ssl/test)
-add_subdirectory(util/fipstools)
-add_subdirectory(util/fipstools/acvp/modulewrapper)
+ add_subdirectory(ssl/test)
+endif()
if(OPENSSL_ASM)
set(CRYPTO_SOURCES_ASM_USED ${CRYPTO_SOURCES_ASM})
@@ -661,66 +659,64 @@
target_link_libraries(ssl crypto)
add_library(decrepit ${DECREPIT_SOURCES})
-target_link_libraries(decrepit crypto ssl)
-
-add_library(test_support_lib STATIC
- ${TEST_SUPPORT_SOURCES} ${TEST_SUPPORT_SOURCES_ASM_USED})
-if(LIBUNWIND_FOUND)
- target_compile_options(test_support_lib PRIVATE ${LIBUNWIND_CFLAGS_OTHER})
- target_include_directories(test_support_lib PRIVATE ${LIBUNWIND_INCLUDE_DIRS})
- target_link_libraries(test_support_lib ${LIBUNWIND_LDFLAGS})
-endif()
-if(WIN32)
- target_link_libraries(test_support_lib dbghelp)
-endif()
-target_link_libraries(test_support_lib boringssl_gtest crypto)
-
-# urandom_test is a separate binary because it needs to be able to observe the
-# PRNG initialisation, which means that it can't have other tests running before
-# it does.
-add_executable(urandom_test ${URANDOM_TEST_SOURCES})
-target_link_libraries(urandom_test test_support_lib boringssl_gtest crypto)
-add_dependencies(all_tests urandom_test)
-
-add_executable(crypto_test ${CRYPTO_TEST_SOURCES})
-target_link_libraries(crypto_test test_support_lib boringssl_gtest crypto)
-add_dependencies(all_tests crypto_test)
-
-add_executable(ssl_test ${SSL_TEST_SOURCES})
-target_link_libraries(ssl_test test_support_lib boringssl_gtest ssl crypto)
-add_dependencies(all_tests ssl_test)
-add_executable(decrepit_test ${DECREPIT_TEST_SOURCES})
-target_link_libraries(decrepit_test test_support_lib boringssl_gtest
- decrepit crypto)
-add_dependencies(all_tests decrepit_test)
+target_link_libraries(decrepit ssl crypto)
if(APPLE)
set(PKI_CXX_FLAGS "-fno-aligned-new")
endif()
-
add_library(pki ${PKI_SOURCES})
target_link_libraries(pki crypto)
+target_compile_options(pki PRIVATE ${PKI_CXX_FLAGS})
-add_executable(pki_test ${PKI_TEST_SOURCES})
-target_link_libraries(pki_test test_support_lib boringssl_gtest pki crypto)
-add_dependencies(all_tests pki_test)
+if(BUILD_TESTING)
+ add_library(test_support_lib STATIC
+ ${TEST_SUPPORT_SOURCES} ${TEST_SUPPORT_SOURCES_ASM_USED})
+ if(LIBUNWIND_FOUND)
+ target_compile_options(test_support_lib PRIVATE ${LIBUNWIND_CFLAGS_OTHER})
+ target_include_directories(test_support_lib PRIVATE ${LIBUNWIND_INCLUDE_DIRS})
+ target_link_libraries(test_support_lib ${LIBUNWIND_LDFLAGS})
+ endif()
+ if(WIN32)
+ target_link_libraries(test_support_lib dbghelp)
+ endif()
+ target_link_libraries(test_support_lib boringssl_gtest crypto)
-set_target_properties(
- pki pki_test
- PROPERTIES
- COMPILE_FLAGS "${PKI_CXX_FLAGS}")
+ # urandom_test is a separate binary because it needs to be able to observe the
+ # PRNG initialisation, which means that it can't have other tests running before
+ # it does.
+ add_executable(urandom_test ${URANDOM_TEST_SOURCES})
+ target_link_libraries(urandom_test test_support_lib boringssl_gtest crypto)
+ add_dependencies(all_tests urandom_test)
+
+ add_executable(crypto_test ${CRYPTO_TEST_SOURCES})
+ target_link_libraries(crypto_test test_support_lib boringssl_gtest crypto)
+ add_dependencies(all_tests crypto_test)
+
+ add_executable(ssl_test ${SSL_TEST_SOURCES})
+ target_link_libraries(ssl_test test_support_lib boringssl_gtest ssl crypto)
+ add_dependencies(all_tests ssl_test)
+ add_executable(decrepit_test ${DECREPIT_TEST_SOURCES})
+ target_link_libraries(decrepit_test test_support_lib boringssl_gtest
+ decrepit ssl crypto)
+ add_dependencies(all_tests decrepit_test)
+
+ add_executable(pki_test ${PKI_TEST_SOURCES})
+ target_link_libraries(pki_test test_support_lib boringssl_gtest pki crypto)
+ target_compile_options(pki_test PRIVATE ${PKI_CXX_FLAGS})
+ add_dependencies(all_tests pki_test)
+
+ add_executable(test_fips util/fipstools/test_fips.cc)
+ target_link_libraries(test_fips crypto)
+endif()
+
+if(FIPS)
+ add_executable(modulewrapper ${MODULEWRAPPER_SOURCES})
+ target_link_libraries(modulewrapper crypto)
+endif()
add_executable(bssl ${BSSL_SOURCES})
target_link_libraries(bssl ssl crypto)
-# Historically, targets were built in subdirectories. For compatibility with
-# existing tools, we, for now, copy the targets into the subdirectories. This
-# will be removed sometime in 2024.
-copy_post_build(crypto crypto crypto_test urandom_test)
-copy_post_build(ssl ssl ssl_test)
-copy_post_build(decrepit decrepit decrepit_test)
-copy_post_build(tool bssl)
-
if(FUZZ)
if(LIBFUZZER_FROM_DEPS)
file(GLOB LIBFUZZER_SOURCES "util/bot/libFuzzer/*.cpp")
@@ -749,56 +745,58 @@
set(HANDSHAKER_ARGS "-handshaker-path" $<TARGET_FILE:handshaker>)
endif()
-if(FIPS)
- add_custom_target(
- acvp_tests
- COMMAND ${GO_EXECUTABLE} build -o ${CMAKE_CURRENT_BINARY_DIR}/acvptool
- boringssl.googlesource.com/boringssl.git/util/fipstools/acvp/acvptool
- COMMAND ${GO_EXECUTABLE} build -o ${CMAKE_CURRENT_BINARY_DIR}/testmodulewrapper
- boringssl.googlesource.com/boringssl.git/util/fipstools/acvp/acvptool/testmodulewrapper
- COMMAND cd util/fipstools/acvp/acvptool/test &&
- ${GO_EXECUTABLE} run check_expected.go
- -tool ${CMAKE_CURRENT_BINARY_DIR}/acvptool
- -module-wrappers modulewrapper:$<TARGET_FILE:modulewrapper>,testmodulewrapper:${CMAKE_CURRENT_BINARY_DIR}/testmodulewrapper
- -tests tests.json
- WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
- DEPENDS modulewrapper
- USES_TERMINAL)
-
- add_custom_target(
- fips_specific_tests_if_any
- DEPENDS acvp_tests
- )
-else()
- add_custom_target(fips_specific_tests_if_any)
-endif()
-
-file(STRINGS util/go_tests.txt GO_TESTS)
-set_property(DIRECTORY APPEND PROPERTY CMAKE_CONFIGURE_DEPENDS
- util/go_tests.txt)
-
-if(GO_EXECUTABLE)
- add_custom_target(
- run_tests
- COMMAND ${CMAKE_COMMAND} -E echo "Running Go tests"
- COMMAND ${GO_EXECUTABLE} test ${GO_TESTS}
- COMMAND ${CMAKE_COMMAND} -E echo
- COMMAND ${CMAKE_COMMAND} -E echo "Running unit tests"
- COMMAND ${GO_EXECUTABLE} run util/all_tests.go -build-dir
- ${CMAKE_CURRENT_BINARY_DIR}
- COMMAND ${CMAKE_COMMAND} -E echo
- COMMAND ${CMAKE_COMMAND} -E echo "Running SSL tests"
- COMMAND cd ssl/test/runner &&
- ${GO_EXECUTABLE} test -shim-path $<TARGET_FILE:bssl_shim>
- ${HANDSHAKER_ARGS} ${RUNNER_ARGS}
+if(BUILD_TESTING)
+ if(FIPS)
+ add_custom_target(
+ acvp_tests
+ COMMAND ${GO_EXECUTABLE} build -o ${CMAKE_CURRENT_BINARY_DIR}/acvptool
+ boringssl.googlesource.com/boringssl.git/util/fipstools/acvp/acvptool
+ COMMAND ${GO_EXECUTABLE} build -o ${CMAKE_CURRENT_BINARY_DIR}/testmodulewrapper
+ boringssl.googlesource.com/boringssl.git/util/fipstools/acvp/acvptool/testmodulewrapper
+ COMMAND cd util/fipstools/acvp/acvptool/test &&
+ ${GO_EXECUTABLE} run check_expected.go
+ -tool ${CMAKE_CURRENT_BINARY_DIR}/acvptool
+ -module-wrappers modulewrapper:$<TARGET_FILE:modulewrapper>,testmodulewrapper:${CMAKE_CURRENT_BINARY_DIR}/testmodulewrapper
+ -tests tests.json
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
- DEPENDS all_tests bssl_shim handshaker fips_specific_tests_if_any
+ DEPENDS modulewrapper
USES_TERMINAL)
-else()
- add_custom_target(
- run_tests
- COMMAND ${CMAKE_COMMAND} -E echo "Running tests requires Go"
- COMMAND ${CMAKE_COMMAND} -E false)
+
+ add_custom_target(
+ fips_specific_tests_if_any
+ DEPENDS acvp_tests
+ )
+ else()
+ add_custom_target(fips_specific_tests_if_any)
+ endif()
+
+ file(STRINGS util/go_tests.txt GO_TESTS)
+ set_property(DIRECTORY APPEND PROPERTY CMAKE_CONFIGURE_DEPENDS
+ util/go_tests.txt)
+
+ if(GO_EXECUTABLE)
+ add_custom_target(
+ run_tests
+ COMMAND ${CMAKE_COMMAND} -E echo "Running Go tests"
+ COMMAND ${GO_EXECUTABLE} test ${GO_TESTS}
+ COMMAND ${CMAKE_COMMAND} -E echo
+ COMMAND ${CMAKE_COMMAND} -E echo "Running unit tests"
+ COMMAND ${GO_EXECUTABLE} run util/all_tests.go -build-dir
+ ${CMAKE_CURRENT_BINARY_DIR}
+ COMMAND ${CMAKE_COMMAND} -E echo
+ COMMAND ${CMAKE_COMMAND} -E echo "Running SSL tests"
+ COMMAND cd ssl/test/runner &&
+ ${GO_EXECUTABLE} test -shim-path $<TARGET_FILE:bssl_shim>
+ ${HANDSHAKER_ARGS} ${RUNNER_ARGS}
+ WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
+ DEPENDS all_tests bssl_shim handshaker fips_specific_tests_if_any
+ USES_TERMINAL)
+ else()
+ add_custom_target(
+ run_tests
+ COMMAND ${CMAKE_COMMAND} -E echo "Running tests requires Go"
+ COMMAND ${CMAKE_COMMAND} -E false)
+ endif()
endif()
if(INSTALL_ENABLED)
diff --git a/src/CONTRIBUTING.md b/src/CONTRIBUTING.md
index ef70b89..4d9279a 100644
--- a/src/CONTRIBUTING.md
+++ b/src/CONTRIBUTING.md
@@ -22,10 +22,13 @@
If you have not done so on this machine, you will need to set up a password for
Gerrit. Sign in with a Google account, visit
[this link](https://boringssl.googlesource.com/), and click the "Generate
-Password" link in the top right. You must also have a Gerrit account associated with
+Password" link in the top right.
+
+You must also have a Gerrit account associated with
your Google account. To do this visit the [Gerrit review server](https://boringssl-review.googlesource.com)
and click "Sign in" (top right).
-You will also need to prepare your checkout to
+
+Finally, you will need to prepare your checkout to
[add Change-Ids](https://gerrit-review.googlesource.com/Documentation/cmd-hook-commit-msg.html)
on commit. Run:
@@ -38,7 +41,7 @@
git push origin HEAD:refs/for/main
The output will then give you a link to the change. Add `agl@google.com`,
-`davidben@google.com`, and `bbe@google.com` as reviewers.
+`davidben@google.com` as reviewers.
Pushing a commit with the same Change-Id as an existing change will upload a new
version of it. (Use the `git rebase` or `git commit --amend` commands.)
@@ -62,6 +65,23 @@
all past contributors. If you previously made a contribution, you are likewise
welcome to send us a patch to be added, or request that we add you.
+After the copyright lines, files should include the license notice described in
+the Apache 2.0 appendix. Thus new files should begin with the following header:
+
+ // Copyright YEAR The BoringSSL Authors
+ //
+ // Licensed under the Apache License, Version 2.0 (the "License");
+ // you may not use this file except in compliance with the License.
+ // You may obtain a copy of the License at
+ //
+ // https://www.apache.org/licenses/LICENSE-2.0
+ //
+ // Unless required by applicable law or agreed to in writing, software
+ // distributed under the License is distributed on an "AS IS" BASIS,
+ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ // See the License for the specific language governing permissions and
+ // limitations under the License.
+
### The small print
Contributions made by corporations are covered by a different agreement than
the one above, the
diff --git a/src/FUZZING.md b/src/FUZZING.md
index 89cf5e9..3689ad0 100644
--- a/src/FUZZING.md
+++ b/src/FUZZING.md
@@ -48,13 +48,11 @@
## Fuzzer mode
-When `-DFUZZ=1` is passed into CMake, BoringSSL builds with `BORINGSSL_UNSAFE_FUZZER_MODE` and `BORINGSSL_UNSAFE_DETERMINISTIC_MODE` defined. This modifies the library to be more friendly to fuzzers. If `BORINGSSL_UNSAFE_DETERMINISTIC_MODE` is set, BoringSSL will:
+When `-DFUZZ=1` is passed into CMake, BoringSSL builds with `FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION` defined. BoringSSL will then:
* Replace `RAND_bytes` with a deterministic PRNG. Call `RAND_reset_for_fuzzing()` at the start of fuzzers which use `RAND_bytes` to reset the PRNG state.
-* Use a hard-coded time instead of the actual time.
-
-Additionally, if `BORINGSSL_UNSAFE_FUZZER_MODE` is set, BoringSSL will:
+Additionally, if `CRYPTO_set_fuzzer_mode()` is called to enable fuzzer mode, BoringSSL will:
* Modify the TLS stack to perform all signature checks (CertificateVerify and ServerKeyExchange) and the Finished check, but always act as if the check succeeded.
@@ -70,7 +68,7 @@
The `client` and `server` corpora are seeded from the test suite. The test suite has a `-fuzzer` flag which mirrors the fuzzer mode changes above and a `-deterministic` flag which removes all non-determinism on the Go side. Not all tests pass, so `ssl/test/runner/fuzzer_mode.json` contains the necessary suppressions. The `run_tests` target will pass appropriate command-line flags.
-There are separate corpora, `client_corpus_no_fuzzer_mode` and `server_corpus_no_fuzzer_mode`. These are transcripts for fuzzers with only `BORINGSSL_UNSAFE_DETERMINISTIC_MODE` defined. To build in this mode, pass `-DNO_FUZZER_MODE=1` into CMake. This configuration is run in the same way but without `-fuzzer` and `-shim-config` flags.
+There are separate fuzzers, `client_no_fuzzer_mode` and `server_no_fuzzer_mode`, with fuzzer mode disabled. This configuration is run in the same way but without `-fuzzer` and `-shim-config` flags.
If both sets of tests pass, refresh the fuzzer corpora with `refresh_ssl_corpora.sh`:
diff --git a/src/MODULE.bazel b/src/MODULE.bazel
index 1595fbc..6737496 100644
--- a/src/MODULE.bazel
+++ b/src/MODULE.bazel
@@ -16,7 +16,7 @@
# the revision where we bump the version.
module(
name = "boringssl",
- version = "0.20250212.0",
+ version = "0.20250415.0",
compatibility_level = 2,
)
@@ -31,7 +31,6 @@
# https://github.com/bazelbuild/bazel/issues/22187 is ever fixed, we can change
# this.
bazel_dep(name = "googletest", version = "1.16.0")
-
bazel_dep(name = "platforms", version = "0.0.11")
bazel_dep(name = "rules_cc", version = "0.1.1")
bazel_dep(name = "rules_license", version = "1.0.0")
diff --git a/src/STYLE.md b/src/STYLE.md
index 98a8159..1b6bd0b 100644
--- a/src/STYLE.md
+++ b/src/STYLE.md
@@ -143,7 +143,7 @@
Name public headers like `include/openssl/evp.h` with header guards like
`OPENSSL_HEADER_EVP_H`. Name internal headers like
`crypto/ec/internal.h` with header guards like
-`OPENSSL_HEADER_EC_INTERNAL_H`.
+`OPENSSL_HEADER_CRYPTO_EC_INTERNAL_H`.
Name enums like `enum unix_hacker_t`. For instance:
diff --git a/src/build.json b/src/build.json
index 1ac48f2..67d3992 100644
--- a/src/build.json
+++ b/src/build.json
@@ -26,7 +26,6 @@
"crypto/fipsmodule/aes/key_wrap.cc.inc",
"crypto/fipsmodule/aes/mode_wrappers.cc.inc",
"crypto/fipsmodule/aes/ofb.cc.inc",
- "crypto/fipsmodule/aes/polyval.cc.inc",
"crypto/fipsmodule/bn/add.cc.inc",
"crypto/fipsmodule/bn/asm/x86_64-gcc.cc.inc",
"crypto/fipsmodule/bn/bn.cc.inc",
@@ -76,7 +75,9 @@
"crypto/fipsmodule/hkdf/hkdf.cc.inc",
"crypto/fipsmodule/hmac/hmac.cc.inc",
"crypto/fipsmodule/keccak/keccak.cc.inc",
+ "crypto/fipsmodule/mldsa/fips_known_values.inc",
"crypto/fipsmodule/mldsa/mldsa.cc.inc",
+ "crypto/fipsmodule/mlkem/fips_known_values.inc",
"crypto/fipsmodule/mlkem/mlkem.cc.inc",
"crypto/fipsmodule/rand/ctrdrbg.cc.inc",
"crypto/fipsmodule/rand/rand.cc.inc",
@@ -95,6 +96,7 @@
"crypto/fipsmodule/slhdsa/slhdsa.cc.inc",
"crypto/fipsmodule/slhdsa/thash.cc.inc",
"crypto/fipsmodule/slhdsa/wots.cc.inc",
+ "crypto/fipsmodule/slhdsa/fips_known_values.inc",
"crypto/fipsmodule/tls/kdf.cc.inc"
],
"asm": [
@@ -140,8 +142,8 @@
],
"perlasm_x86_64": [
{"src": "crypto/fipsmodule/aes/asm/aesni-gcm-x86_64.pl"},
- {"src": "crypto/fipsmodule/aes/asm/aes-gcm-avx10-x86_64.pl"},
{"src": "crypto/fipsmodule/aes/asm/aes-gcm-avx2-x86_64.pl"},
+ {"src": "crypto/fipsmodule/aes/asm/aes-gcm-avx512-x86_64.pl"},
{"src": "crypto/fipsmodule/aes/asm/aesni-x86_64.pl"},
{"src": "crypto/fipsmodule/aes/asm/ghash-ssse3-x86_64.pl"},
{"src": "crypto/fipsmodule/aes/asm/ghash-x86_64.pl"},
@@ -158,7 +160,8 @@
]
},
"crypto": {
- "srcs": [
+ "srcs": [
+ "crypto/aes/aes.cc",
"crypto/asn1/a_bitstr.cc",
"crypto/asn1/a_bool.cc",
"crypto/asn1/a_d2i_fp.cc",
@@ -201,6 +204,9 @@
"crypto/blake2/blake2.cc",
"crypto/bn/bn_asn1.cc",
"crypto/bn/convert.cc",
+ "crypto/bn/div.cc",
+ "crypto/bn/exponentiation.cc",
+ "crypto/bn/sqrt.cc",
"crypto/buf/buf.cc",
"crypto/bytestring/asn1_compat.cc",
"crypto/bytestring/ber.cc",
@@ -211,6 +217,7 @@
"crypto/cipher/derive_key.cc",
"crypto/cipher/get_cipher.cc",
"crypto/cipher/e_aesctrhmac.cc",
+ "crypto/cipher/e_aeseax.cc",
"crypto/cipher/e_aesgcmsiv.cc",
"crypto/cipher/e_chacha20poly1305.cc",
"crypto/cipher/e_des.cc",
@@ -219,6 +226,7 @@
"crypto/cipher/e_rc4.cc",
"crypto/cipher/e_tls.cc",
"crypto/cipher/tls_cbc.cc",
+ "crypto/cms/cms.cc",
"crypto/conf/conf.cc",
"crypto/cpu_aarch64_apple.cc",
"crypto/cpu_aarch64_fuchsia.cc",
@@ -267,6 +275,7 @@
"crypto/evp/sign.cc",
"crypto/ex_data.cc",
"crypto/fipsmodule/fips_shared_support.cc",
+ "crypto/fuzzer_mode.cc",
"crypto/hpke/hpke.cc",
"crypto/hrss/hrss.cc",
"crypto/kyber/kyber.cc",
@@ -418,6 +427,7 @@
"include/openssl/chacha.h",
"include/openssl/cipher.h",
"include/openssl/cmac.h",
+ "include/openssl/cms.h",
"include/openssl/conf.h",
"include/openssl/cpu.h",
"include/openssl/crypto.h",
@@ -540,7 +550,7 @@
"crypto/poly1305/internal.h",
"crypto/pool/internal.h",
"crypto/rand/getrandom_fillin.h",
- "crypto/rand/sysrand_internal.h",
+ "crypto/rand/internal.h",
"crypto/rsa/internal.h",
"crypto/spake2plus/internal.h",
"crypto/trust_token/internal.h",
@@ -804,6 +814,7 @@
"crypto/chacha/chacha_test.cc",
"crypto/cipher/aead_test.cc",
"crypto/cipher/cipher_test.cc",
+ "crypto/cms/cms_test.cc",
"crypto/compiler_test.cc",
"crypto/conf/conf_test.cc",
"crypto/constant_time_test.cc",
@@ -904,6 +915,9 @@
"crypto/mlkem/mlkem768_keygen_tests.txt",
"crypto/mlkem/mlkem768_nist_decap_tests.txt",
"crypto/mlkem/mlkem768_nist_keygen_tests.txt",
+ "crypto/pkcs7/test/*.p7c",
+ "crypto/pkcs7/test/*.p7s",
+ "crypto/pkcs7/test/*.pem",
"crypto/pkcs8/test/*.p12",
"crypto/poly1305/poly1305_tests.txt",
"crypto/siphash/siphash_tests.txt",
@@ -1042,5 +1056,14 @@
"rust/bssl-crypto/src/*.rs",
"rust/bssl-crypto/src/*/*.rs"
]
+ },
+ "modulewrapper": {
+ "srcs": [
+ "util/fipstools/acvp/modulewrapper/main.cc",
+ "util/fipstools/acvp/modulewrapper/modulewrapper.cc"
+ ],
+ "internal_hdrs": [
+ "util/fipstools/acvp/modulewrapper/modulewrapper.h"
+ ]
}
}
diff --git a/src/crypto/aes/aes.cc b/src/crypto/aes/aes.cc
new file mode 100644
index 0000000..fc9b67d
--- /dev/null
+++ b/src/crypto/aes/aes.cc
@@ -0,0 +1,41 @@
+// Copyright 2025 The BoringSSL Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include <assert.h>
+
+#include <openssl/aes.h>
+
+#include "../fipsmodule/bcm_interface.h"
+
+void AES_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
+ BCM_aes_encrypt(in, out, key);
+}
+
+void AES_decrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
+ BCM_aes_decrypt(in, out, key);
+}
+
+int AES_set_encrypt_key(const uint8_t *key, unsigned bits, AES_KEY *aeskey) {
+ if (bits != 128 && bits != 192 && bits != 256) {
+ return -2;
+ }
+ return bcm_success(BCM_aes_set_encrypt_key(key, bits, aeskey)) ? 0 : -1;
+}
+
+int AES_set_decrypt_key(const uint8_t *key, unsigned bits, AES_KEY *aeskey) {
+ if (bits != 128 && bits != 192 && bits != 256) {
+ return -2;
+ }
+ return bcm_success(BCM_aes_set_decrypt_key(key, bits, aeskey)) ? 0 : -1;
+}
diff --git a/src/crypto/asn1/a_bitstr.cc b/src/crypto/asn1/a_bitstr.cc
index 82df5c8..6bdd726 100644
--- a/src/crypto/asn1/a_bitstr.cc
+++ b/src/crypto/asn1/a_bitstr.cc
@@ -17,6 +17,7 @@
#include <limits.h>
#include <string.h>
+#include <openssl/bytestring.h>
#include <openssl/err.h>
#include <openssl/mem.h>
@@ -94,6 +95,21 @@
return ret;
}
+int asn1_marshal_bit_string(CBB *out, const ASN1_BIT_STRING *in,
+ CBS_ASN1_TAG tag) {
+ int len = i2c_ASN1_BIT_STRING(in, nullptr);
+ if (len <= 0) {
+ return 0;
+ }
+ tag = tag == 0 ? CBS_ASN1_BITSTRING : tag;
+ CBB child;
+ uint8_t *ptr;
+ return CBB_add_asn1(out, &child, tag) && //
+ CBB_add_space(&child, &ptr, static_cast<size_t>(len)) && //
+ i2c_ASN1_BIT_STRING(in, &ptr) == len && //
+ CBB_flush(out);
+}
+
ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
const unsigned char **pp, long len) {
ASN1_BIT_STRING *ret = NULL;
diff --git a/src/crypto/asn1/a_int.cc b/src/crypto/asn1/a_int.cc
index 7b0e28b..e641705 100644
--- a/src/crypto/asn1/a_int.cc
+++ b/src/crypto/asn1/a_int.cc
@@ -23,6 +23,7 @@
#include <openssl/mem.h>
#include "../internal.h"
+#include "internal.h"
ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x) {
@@ -72,6 +73,20 @@
return 1;
}
+int asn1_marshal_integer(CBB *out, const ASN1_INTEGER *in, CBS_ASN1_TAG tag) {
+ int len = i2c_ASN1_INTEGER(in, nullptr);
+ if (len <= 0) {
+ return 0;
+ }
+ tag = tag == 0 ? CBS_ASN1_INTEGER : tag;
+ CBB child;
+ uint8_t *ptr;
+ return CBB_add_asn1(out, &child, tag) && //
+ CBB_add_space(&child, &ptr, static_cast<size_t>(len)) && //
+ i2c_ASN1_INTEGER(in, &ptr) == len && //
+ CBB_flush(out);
+}
+
int i2c_ASN1_INTEGER(const ASN1_INTEGER *in, unsigned char **outp) {
if (in == NULL) {
return 0;
diff --git a/src/crypto/asn1/asn1_test.cc b/src/crypto/asn1/asn1_test.cc
index c4d6f0e..36ef5d6 100644
--- a/src/crypto/asn1/asn1_test.cc
+++ b/src/crypto/asn1/asn1_test.cc
@@ -106,22 +106,6 @@
obj->value.asn1_string->length));
TestSerialize(obj.get(), i2d_ASN1_TYPE, kTag128);
- // The historical in-memory representation of |kTag128| was for both
- // |obj->type| and |obj->value.asn1_string->type| to be 128. This is no
- // longer used but is still accepted by the encoder.
- //
- // TODO(crbug.com/boringssl/412): The encoder should reject it. However, it is
- // still needed to support some edge cases in |ASN1_PRINTABLE|. When that is
- // fixed, test that we reject it.
- obj.reset(ASN1_TYPE_new());
- ASSERT_TRUE(obj);
- obj->type = 128;
- obj->value.asn1_string = ASN1_STRING_type_new(128);
- ASSERT_TRUE(obj->value.asn1_string);
- const uint8_t zero = 0;
- ASSERT_TRUE(ASN1_STRING_set(obj->value.asn1_string, &zero, sizeof(zero)));
- TestSerialize(obj.get(), i2d_ASN1_TYPE, kTag128);
-
// If a tag is known, but has the wrong constructed bit, it should be
// rejected, not placed in |V_ASN1_OTHER|.
static const uint8_t kConstructedOctetString[] = {0x24, 0x00};
@@ -1963,18 +1947,6 @@
}
#endif // OPENSSL_THREADS
-// Test that multi-string types correctly encode negative ENUMERATED.
-// Multi-string types cannot contain INTEGER, so we only test ENUMERATED.
-TEST(ASN1Test, NegativeEnumeratedMultistring) {
- static const uint8_t kMinusOne[] = {0x0a, 0x01, 0xff}; // ENUMERATED { -1 }
- // |ASN1_PRINTABLE| is a multi-string type that allows ENUMERATED.
- const uint8_t *p = kMinusOne;
- bssl::UniquePtr<ASN1_STRING> str(
- d2i_ASN1_PRINTABLE(nullptr, &p, sizeof(kMinusOne)));
- ASSERT_TRUE(str);
- TestSerialize(str.get(), i2d_ASN1_PRINTABLE, kMinusOne);
-}
-
// Encoding a CHOICE type with an invalid selector should fail.
TEST(ASN1Test, InvalidChoice) {
bssl::UniquePtr<GENERAL_NAME> name(GENERAL_NAME_new());
@@ -2009,6 +1981,16 @@
ASSERT_TRUE(obj);
EXPECT_EQ(-1, obj->type);
EXPECT_EQ(-1, i2d_ASN1_TYPE(obj.get(), nullptr));
+
+ // The historical in-memory representation of [UNIVERSAL 128] was for both
+ // |obj->type| and |obj->value.asn1_string->type| to be 128. This is no longer
+ // used and should be rejected by the encoder.
+ obj.reset(ASN1_TYPE_new());
+ ASSERT_TRUE(obj);
+ obj->type = 128;
+ obj->value.asn1_string = ASN1_STRING_type_new(128);
+ ASSERT_TRUE(obj->value.asn1_string);
+ EXPECT_EQ(-1, i2d_ASN1_TYPE(obj.get(), nullptr));
}
// Encoding invalid MSTRING types should fail. An MSTRING is a CHOICE of
@@ -3020,9 +3002,8 @@
// Test only the first field present.
bssl::ScopedCBB cbb;
ASSERT_TRUE(CBB_init(cbb.get(), 64));
- CBB seq;
- ASSERT_TRUE(CBB_add_asn1(cbb.get(), &seq, CBS_ASN1_SEQUENCE));
- ASSERT_TRUE(CBB_add_bytes(&seq, inp.data(), inp.size()));
+ ASSERT_TRUE(CBB_add_asn1_element(cbb.get(), CBS_ASN1_SEQUENCE, inp.data(),
+ inp.size()));
ASSERT_TRUE(CBB_flush(cbb.get()));
const uint8_t *ptr = CBB_data(cbb.get());
obj.reset(d2i_embed(nullptr, &ptr, CBB_len(cbb.get())));
@@ -3038,6 +3019,7 @@
// Test all fields present.
cbb.Reset();
ASSERT_TRUE(CBB_init(cbb.get(), 64));
+ CBB seq;
ASSERT_TRUE(CBB_add_asn1(cbb.get(), &seq, CBS_ASN1_SEQUENCE));
ASSERT_TRUE(CBB_add_bytes(&seq, inp.data(), inp.size()));
CBB child;
diff --git a/src/crypto/asn1/internal.h b/src/crypto/asn1/internal.h
index 302dd71..2baeb12 100644
--- a/src/crypto/asn1/internal.h
+++ b/src/crypto/asn1/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_ASN1_INTERNAL_H
-#define OPENSSL_HEADER_ASN1_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_ASN1_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_ASN1_INTERNAL_H
#include <time.h>
@@ -180,6 +180,17 @@
int asn1_bit_string_length(const ASN1_BIT_STRING *str,
uint8_t *out_padding_bits);
+// asn1_marshal_bit_string marshals |in| as a DER-encoded, ASN.1 BIT STRING and
+// writes the result to |out|. It returns one on success and zero on error. If
+// |tag| is non-zero, the tag is replaced with |tag|.
+int asn1_marshal_bit_string(CBB *out, const ASN1_BIT_STRING *in,
+ CBS_ASN1_TAG tag);
+
+// asn1_marshal_integer marshals |in| as a DER-encoded, ASN.1 INTEGER and writes
+// the result to |out|. It returns one on success and zero on error. If |tag| is
+// non-zero, the tag is replaced with |tag|.
+int asn1_marshal_integer(CBB *out, const ASN1_INTEGER *in, CBS_ASN1_TAG tag);
+
typedef struct {
int nid;
long minsize;
@@ -214,9 +225,14 @@
ASN1_ex_i2d *asn1_ex_i2d;
} ASN1_EXTERN_FUNCS;
+// ASN1_ANY_AS_STRING is an |ASN1_ITEM| with ASN.1 type ANY and C type
+// |ASN1_STRING*|. Types which are not represented with |ASN1_STRING|, such as
+// |ASN1_OBJECT|, are represented with type |V_ASN1_OTHER|.
+DECLARE_ASN1_ITEM(ASN1_ANY_AS_STRING)
+
#if defined(__cplusplus)
} // extern C
#endif
-#endif // OPENSSL_HEADER_ASN1_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_ASN1_INTERNAL_H
diff --git a/src/crypto/asn1/tasn_dec.cc b/src/crypto/asn1/tasn_dec.cc
index bf5e030..627c135 100644
--- a/src/crypto/asn1/tasn_dec.cc
+++ b/src/crypto/asn1/tasn_dec.cc
@@ -52,46 +52,43 @@
long len, const ASN1_ITEM *it, int tag, int aclass,
char opt, CRYPTO_BUFFER *buf, int depth);
-// Table to convert tags to bit values, used for MSTRING type
-static const unsigned long tag2bit[31] = {
- 0, // (reserved)
- 0, // BOOLEAN
- 0, // INTEGER
- B_ASN1_BIT_STRING,
- B_ASN1_OCTET_STRING,
- 0, // NULL
- 0, // OBJECT IDENTIFIER
- B_ASN1_UNKNOWN, // ObjectDescriptor
- B_ASN1_UNKNOWN, // EXTERNAL
- B_ASN1_UNKNOWN, // REAL
- B_ASN1_UNKNOWN, // ENUMERATED
- B_ASN1_UNKNOWN, // EMBEDDED PDV
- B_ASN1_UTF8STRING,
- B_ASN1_UNKNOWN, // RELATIVE-OID
- B_ASN1_UNKNOWN, // TIME
- B_ASN1_UNKNOWN, // (reserved)
- B_ASN1_SEQUENCE,
- 0, // SET
- B_ASN1_NUMERICSTRING,
- B_ASN1_PRINTABLESTRING,
- B_ASN1_T61STRING,
- B_ASN1_VIDEOTEXSTRING,
- B_ASN1_IA5STRING,
- B_ASN1_UTCTIME,
- B_ASN1_GENERALIZEDTIME,
- B_ASN1_GRAPHICSTRING,
- B_ASN1_ISO64STRING,
- B_ASN1_GENERALSTRING,
- B_ASN1_UNIVERSALSTRING,
- B_ASN1_UNKNOWN, // CHARACTER STRING
- B_ASN1_BMPSTRING,
-};
-
unsigned long ASN1_tag2bit(int tag) {
- if (tag < 0 || tag > 30) {
- return 0;
+ switch (tag) {
+ case V_ASN1_BIT_STRING:
+ return B_ASN1_BIT_STRING;
+ case V_ASN1_OCTET_STRING:
+ return B_ASN1_OCTET_STRING;
+ case V_ASN1_UTF8STRING:
+ return B_ASN1_UTF8STRING;
+ case V_ASN1_SEQUENCE:
+ return B_ASN1_SEQUENCE;
+ case V_ASN1_NUMERICSTRING:
+ return B_ASN1_NUMERICSTRING;
+ case V_ASN1_PRINTABLESTRING:
+ return B_ASN1_PRINTABLESTRING;
+ case V_ASN1_T61STRING:
+ return B_ASN1_T61STRING;
+ case V_ASN1_VIDEOTEXSTRING:
+ return B_ASN1_VIDEOTEXSTRING;
+ case V_ASN1_IA5STRING:
+ return B_ASN1_IA5STRING;
+ case V_ASN1_UTCTIME:
+ return B_ASN1_UTCTIME;
+ case V_ASN1_GENERALIZEDTIME:
+ return B_ASN1_GENERALIZEDTIME;
+ case V_ASN1_GRAPHICSTRING:
+ return B_ASN1_GRAPHICSTRING;
+ case V_ASN1_ISO64STRING:
+ return B_ASN1_ISO64STRING;
+ case V_ASN1_GENERALSTRING:
+ return B_ASN1_GENERALSTRING;
+ case V_ASN1_UNIVERSALSTRING:
+ return B_ASN1_UNIVERSALSTRING;
+ case V_ASN1_BMPSTRING:
+ return B_ASN1_BMPSTRING;
+ default:
+ return 0;
}
- return tag2bit[tag];
}
static int is_supported_universal_type(int tag, int aclass) {
@@ -629,6 +626,7 @@
return 0; // Should never happen
}
+ assert(it->itype == ASN1_ITYPE_PRIMITIVE || it->itype == ASN1_ITYPE_MSTRING);
if (it->itype == ASN1_ITYPE_MSTRING) {
utype = tag;
tag = -1;
@@ -636,7 +634,7 @@
utype = it->utype;
}
- if (utype == V_ASN1_ANY) {
+ if (utype == V_ASN1_ANY || utype == V_ASN1_ANY_AS_STRING) {
// If type is ANY need to figure out type from tag
unsigned char oclass;
if (tag >= 0) {
@@ -647,8 +645,9 @@
OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_OPTIONAL_ANY);
return 0;
}
+ const int is_string = utype == V_ASN1_ANY_AS_STRING;
p = *in;
- ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, &p, inlen, -1, 0, 0);
+ ret = asn1_check_tlen(&plen, &utype, &oclass, &cst, &p, inlen, -1, 0, 0);
if (!ret) {
OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR);
return 0;
@@ -656,6 +655,37 @@
if (!is_supported_universal_type(utype, oclass)) {
utype = V_ASN1_OTHER;
}
+ // These three types are not represented as |ASN1_STRING|, so they must be
+ // parsed separately and then treated as an opaque |V_ASN1_OTHER|.
+ if (is_string && (utype == V_ASN1_OBJECT || utype == V_ASN1_NULL ||
+ utype == V_ASN1_BOOLEAN)) {
+ if (cst) {
+ OPENSSL_PUT_ERROR(ASN1, ASN1_R_TYPE_NOT_PRIMITIVE);
+ return 0;
+ }
+ CBS cbs;
+ CBS_init(&cbs, p, plen);
+ if (utype == V_ASN1_OBJECT && !CBS_is_valid_asn1_oid(&cbs)) {
+ OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_OBJECT_ENCODING);
+ return 0;
+ }
+ if (utype == V_ASN1_NULL && CBS_len(&cbs) != 0) {
+ OPENSSL_PUT_ERROR(ASN1, ASN1_R_NULL_IS_WRONG_LENGTH);
+ return 0;
+ }
+ if (utype == V_ASN1_BOOLEAN) {
+ if (CBS_len(&cbs) != 1) {
+ OPENSSL_PUT_ERROR(ASN1, ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
+ return 0;
+ }
+ uint8_t v = CBS_data(&cbs)[0];
+ if (v != 0 && v != 0xff) {
+ OPENSSL_PUT_ERROR(ASN1, ASN1_R_DECODE_ERROR);
+ return 0;
+ }
+ }
+ utype = V_ASN1_OTHER;
+ }
}
if (tag == -1) {
tag = utype;
@@ -738,6 +768,10 @@
opval = pval;
pval = &typ->value.asn1_value;
}
+
+ // If implementing a type that is not represented in |ASN1_STRING|, the
+ // |V_ASN1_ANY_AS_STRING| logic must be modified to redirect it to
+ // |V_ASN1_OTHER|.
switch (utype) {
case V_ASN1_OBJECT:
if (!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len)) {
@@ -796,14 +830,7 @@
case V_ASN1_UTF8STRING:
case V_ASN1_OTHER:
case V_ASN1_SET:
- case V_ASN1_SEQUENCE:
- // TODO(crbug.com/boringssl/412): This default case should be removed, now
- // that we've resolved https://crbug.com/boringssl/561. However, it is still
- // needed to support some edge cases in |ASN1_PRINTABLE|. |ASN1_PRINTABLE|
- // broadly doesn't tolerate unrecognized universal tags, but except for
- // eight values that map to |B_ASN1_UNKNOWN| instead of zero. See the
- // X509Test.NameAttributeValues test.
- default: {
+ case V_ASN1_SEQUENCE: {
CBS cbs;
CBS_init(&cbs, cont, (size_t)len);
if (utype == V_ASN1_BMPSTRING) {
@@ -866,6 +893,10 @@
}
break;
}
+
+ default:
+ OPENSSL_PUT_ERROR(ASN1, ASN1_R_BAD_TEMPLATE);
+ goto err;
}
// If ASN1_ANY and NULL type fix up value
if (typ && (utype == V_ASN1_NULL)) {
diff --git a/src/crypto/asn1/tasn_enc.cc b/src/crypto/asn1/tasn_enc.cc
index 9156e16..9aa2039 100644
--- a/src/crypto/asn1/tasn_enc.cc
+++ b/src/crypto/asn1/tasn_enc.cc
@@ -527,21 +527,23 @@
unsigned char c;
int len;
+ assert(it->itype == ASN1_ITYPE_PRIMITIVE || it->itype == ASN1_ITYPE_MSTRING);
// Historically, |it->funcs| for primitive types contained an
// |ASN1_PRIMITIVE_FUNCS| table of callbacks.
assert(it->funcs == NULL);
*out_omit = 0;
- // Should type be omitted?
- if ((it->itype != ASN1_ITYPE_PRIMITIVE) || (it->utype != V_ASN1_BOOLEAN)) {
+ // Handle omitted optional values for all but BOOLEAN, which uses a
+ // non-pointer representation.
+ if (it->itype != ASN1_ITYPE_PRIMITIVE || it->utype != V_ASN1_BOOLEAN) {
if (!*pval) {
*out_omit = 1;
return 0;
}
}
- if (it->itype == ASN1_ITYPE_MSTRING) {
+ if (it->itype == ASN1_ITYPE_MSTRING || it->utype == V_ASN1_ANY_AS_STRING) {
// If MSTRING type set the underlying type
strtmp = (ASN1_STRING *)*pval;
utype = strtmp->type;
@@ -550,15 +552,8 @@
OPENSSL_PUT_ERROR(ASN1, ASN1_R_WRONG_TYPE);
return -1;
}
- // Negative INTEGER and ENUMERATED values use |ASN1_STRING| type values
- // that do not match their corresponding utype values. INTEGERs cannot
- // participate in MSTRING types, but ENUMERATEDs can.
- //
- // TODO(davidben): Is this a bug? Although arguably one of the MSTRING
- // types should contain more values, rather than less. See
- // https://crbug.com/boringssl/412. But it is not possible to fit all
- // possible ANY values into an |ASN1_STRING|, so matching the spec here
- // is somewhat hopeless.
+ // Negative INTEGER and ENUMERATED values use |ASN1_STRING| type values that
+ // do not match their corresponding utype values.
if (utype == V_ASN1_NEG_INTEGER) {
utype = V_ASN1_INTEGER;
} else if (utype == V_ASN1_NEG_ENUMERATED) {
@@ -649,18 +644,15 @@
case V_ASN1_SET:
// This is not a valid |ASN1_ITEM| type, but it appears in |ASN1_TYPE|.
case V_ASN1_OTHER:
- // TODO(crbug.com/boringssl/412): This default case should be removed, now
- // that we've resolved https://crbug.com/boringssl/561. However, it is still
- // needed to support some edge cases in |ASN1_PRINTABLE|. |ASN1_PRINTABLE|
- // broadly doesn't tolerate unrecognized universal tags, but except for
- // eight values that map to |B_ASN1_UNKNOWN| instead of zero. See the
- // X509Test.NameAttributeValues test.
- default:
// All based on ASN1_STRING and handled the same
strtmp = (ASN1_STRING *)*pval;
cont = strtmp->data;
len = strtmp->length;
break;
+
+ default:
+ OPENSSL_PUT_ERROR(ASN1, ASN1_R_BAD_TEMPLATE);
+ return -1;
}
if (cout && len) {
OPENSSL_memcpy(cout, cont, len);
diff --git a/src/crypto/asn1/tasn_typ.cc b/src/crypto/asn1/tasn_typ.cc
index 97d0e44..1d11ae8 100644
--- a/src/crypto/asn1/tasn_typ.cc
+++ b/src/crypto/asn1/tasn_typ.cc
@@ -16,7 +16,8 @@
#include <openssl/asn1t.h>
-// Declarations for string types
+#include "internal.h"
+
#define IMPLEMENT_ASN1_STRING_FUNCTIONS(sname) \
IMPLEMENT_ASN1_TYPE(sname) \
@@ -45,18 +46,13 @@
IMPLEMENT_ASN1_TYPE(ASN1_OBJECT)
IMPLEMENT_ASN1_TYPE(ASN1_ANY)
+IMPLEMENT_ASN1_TYPE(ASN1_ANY_AS_STRING)
// Just swallow an ASN1_SEQUENCE in an ASN1_STRING
IMPLEMENT_ASN1_TYPE(ASN1_SEQUENCE)
IMPLEMENT_ASN1_FUNCTIONS_const_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
-// Multistring types
-
-IMPLEMENT_ASN1_MSTRING(ASN1_PRINTABLE, B_ASN1_PRINTABLE)
-IMPLEMENT_ASN1_FUNCTIONS_const_fname(ASN1_STRING, ASN1_PRINTABLE,
- ASN1_PRINTABLE)
-
IMPLEMENT_ASN1_MSTRING(DISPLAYTEXT, B_ASN1_DISPLAYTEXT)
IMPLEMENT_ASN1_FUNCTIONS_const_fname(ASN1_STRING, DISPLAYTEXT, DISPLAYTEXT)
diff --git a/src/crypto/bcm_support.h b/src/crypto/bcm_support.h
index 903c85c..faea2bb 100644
--- a/src/crypto/bcm_support.h
+++ b/src/crypto/bcm_support.h
@@ -25,41 +25,6 @@
extern "C" {
#endif
-#if defined(OPENSSL_LINUX)
-// On linux we use MADVISE instead of pthread_atfork(), due
-// to concerns about clone() being used for address space
-// duplication.
-#define OPENSSL_FORK_DETECTION
-#define OPENSSL_FORK_DETECTION_MADVISE
-#elif defined(OPENSSL_MACOS) || defined(OPENSSL_IOS) || \
- defined(OPENSSL_OPENBSD) || defined(OPENSSL_FREEBSD)
-// These platforms may detect address space duplication with pthread_atfork.
-// iOS doesn't normally allow fork in apps, but it's there.
-#define OPENSSL_FORK_DETECTION
-#define OPENSSL_FORK_DETECTION_PTHREAD_ATFORK
-#elif defined(OPENSSL_WINDOWS) || defined(OPENSSL_TRUSTY) || \
- defined(__ZEPHYR__) || defined(CROS_EC)
-// These platforms do not fork.
-#define OPENSSL_DOES_NOT_FORK
-#endif
-
-#if defined(BORINGSSL_UNSAFE_DETERMINISTIC_MODE)
-#define OPENSSL_RAND_DETERMINISTIC
-#elif defined(OPENSSL_TRUSTY)
-#define OPENSSL_RAND_TRUSTY
-#elif defined(OPENSSL_WINDOWS)
-#define OPENSSL_RAND_WINDOWS
-#elif defined(OPENSSL_LINUX)
-#define OPENSSL_RAND_URANDOM
-#elif defined(OPENSSL_APPLE) && !defined(OPENSSL_MACOS)
-// Unlike macOS, iOS and similar hide away getentropy().
-#define OPENSSL_RAND_IOS
-#else
-// By default if you are integrating BoringSSL we expect you to
-// provide getentropy from the <unistd.h> header file.
-#define OPENSSL_RAND_GETENTROPY
-#endif
-
// Provided by libcrypto, called from BCM
// CRYPTO_init_sysrand initializes long-lived resources needed to draw entropy
diff --git a/src/crypto/bio/bio_test.cc b/src/crypto/bio/bio_test.cc
index 4dfcbf5..faeccd8 100644
--- a/src/crypto/bio/bio_test.cc
+++ b/src/crypto/bio/bio_test.cc
@@ -39,10 +39,8 @@
#else
#include <fcntl.h>
#include <io.h>
-OPENSSL_MSVC_PRAGMA(warning(push, 3))
#include <winsock2.h>
#include <ws2tcpip.h>
-OPENSSL_MSVC_PRAGMA(warning(pop))
#endif
namespace {
diff --git a/src/crypto/bio/connect.cc b/src/crypto/bio/connect.cc
index 8175b9d..21f09b9 100644
--- a/src/crypto/bio/connect.cc
+++ b/src/crypto/bio/connect.cc
@@ -26,10 +26,8 @@
#include <sys/socket.h>
#include <unistd.h>
#else
-OPENSSL_MSVC_PRAGMA(warning(push, 3))
#include <winsock2.h>
#include <ws2tcpip.h>
-OPENSSL_MSVC_PRAGMA(warning(pop))
#endif
#include <openssl/err.h>
diff --git a/src/crypto/bio/internal.h b/src/crypto/bio/internal.h
index 8c44d2d..d06be4d 100644
--- a/src/crypto/bio/internal.h
+++ b/src/crypto/bio/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_BIO_INTERNAL_H
-#define OPENSSL_HEADER_BIO_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_BIO_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_BIO_INTERNAL_H
#include <openssl/base.h>
@@ -26,9 +26,7 @@
#include <sys/types.h>
#include <sys/socket.h>
#else
-OPENSSL_MSVC_PRAGMA(warning(push, 3))
#include <winsock2.h>
-OPENSSL_MSVC_PRAGMA(warning(pop))
typedef int socklen_t;
#endif
#endif // !OPENSSL_NO_SOCK
@@ -76,4 +74,4 @@
} // extern C
#endif
-#endif // OPENSSL_HEADER_BIO_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_BIO_INTERNAL_H
diff --git a/src/crypto/bio/socket.cc b/src/crypto/bio/socket.cc
index 22ef4f7..672c9b5 100644
--- a/src/crypto/bio/socket.cc
+++ b/src/crypto/bio/socket.cc
@@ -22,10 +22,7 @@
#if !defined(OPENSSL_WINDOWS)
#include <unistd.h>
#else
-OPENSSL_MSVC_PRAGMA(warning(push, 3))
#include <winsock2.h>
-OPENSSL_MSVC_PRAGMA(warning(pop))
-
OPENSSL_MSVC_PRAGMA(comment(lib, "Ws2_32.lib"))
#endif
diff --git a/src/crypto/bio/socket_helper.cc b/src/crypto/bio/socket_helper.cc
index 4b88020..7d1e2a3 100644
--- a/src/crypto/bio/socket_helper.cc
+++ b/src/crypto/bio/socket_helper.cc
@@ -30,10 +30,8 @@
#include <netdb.h>
#include <unistd.h>
#else
-OPENSSL_MSVC_PRAGMA(warning(push, 3))
#include <winsock2.h>
#include <ws2tcpip.h>
-OPENSSL_MSVC_PRAGMA(warning(pop))
#endif
#include "internal.h"
diff --git a/src/crypto/bn/convert.cc b/src/crypto/bn/convert.cc
index 6f4d4fa..59ea6d4 100644
--- a/src/crypto/bn/convert.cc
+++ b/src/crypto/bn/convert.cc
@@ -19,6 +19,8 @@
#include <limits.h>
#include <stdio.h>
+#include <algorithm>
+
#include <openssl/bio.h>
#include <openssl/bytestring.h>
#include <openssl/err.h>
@@ -196,33 +198,32 @@
char *BN_bn2dec(const BIGNUM *a) {
// It is easier to print strings little-endian, so we assemble it in reverse
// and fix at the end.
- BIGNUM *copy = NULL;
- CBB cbb;
- if (!CBB_init(&cbb, 16) || //
- !CBB_add_u8(&cbb, 0 /* trailing NUL */)) {
- goto err;
+ bssl::ScopedCBB cbb;
+ if (!CBB_init(cbb.get(), 16) || //
+ !CBB_add_u8(cbb.get(), 0 /* trailing NUL */)) {
+ return nullptr;
}
if (BN_is_zero(a)) {
- if (!CBB_add_u8(&cbb, '0')) {
- goto err;
+ if (!CBB_add_u8(cbb.get(), '0')) {
+ return nullptr;
}
} else {
- copy = BN_dup(a);
- if (copy == NULL) {
- goto err;
+ bssl::UniquePtr<BIGNUM> copy(BN_dup(a));
+ if (copy == nullptr) {
+ return nullptr;
}
- while (!BN_is_zero(copy)) {
- BN_ULONG word = BN_div_word(copy, BN_DEC_CONV);
+ while (!BN_is_zero(copy.get())) {
+ BN_ULONG word = BN_div_word(copy.get(), BN_DEC_CONV);
if (word == (BN_ULONG)-1) {
- goto err;
+ return nullptr;
}
- const int add_leading_zeros = !BN_is_zero(copy);
+ const int add_leading_zeros = !BN_is_zero(copy.get());
for (int i = 0; i < BN_DEC_NUM && (add_leading_zeros || word != 0); i++) {
- if (!CBB_add_u8(&cbb, '0' + word % 10)) {
- goto err;
+ if (!CBB_add_u8(cbb.get(), '0' + word % 10)) {
+ return nullptr;
}
word /= 10;
}
@@ -231,30 +232,18 @@
}
if (BN_is_negative(a) && //
- !CBB_add_u8(&cbb, '-')) {
- goto err;
+ !CBB_add_u8(cbb.get(), '-')) {
+ return nullptr;
}
uint8_t *data;
size_t len;
- if (!CBB_finish(&cbb, &data, &len)) {
- goto err;
+ if (!CBB_finish(cbb.get(), &data, &len)) {
+ return nullptr;
}
- // Reverse the buffer.
- for (size_t i = 0; i < len / 2; i++) {
- uint8_t tmp = data[i];
- data[i] = data[len - 1 - i];
- data[len - 1 - i] = tmp;
- }
-
- BN_free(copy);
- return (char *)data;
-
-err:
- BN_free(copy);
- CBB_cleanup(&cbb);
- return NULL;
+ std::reverse(data, data + len);
+ return reinterpret_cast<char *>(data);
}
int BN_dec2bn(BIGNUM **outp, const char *in) {
@@ -285,33 +274,28 @@
}
int BN_print(BIO *bp, const BIGNUM *a) {
- int i, j, v, z = 0;
- int ret = 0;
-
if (a->neg && BIO_write(bp, "-", 1) != 1) {
- goto end;
+ return 0;
}
if (BN_is_zero(a) && BIO_write(bp, "0", 1) != 1) {
- goto end;
+ return 0;
}
- for (i = bn_minimal_width(a) - 1; i >= 0; i--) {
- for (j = BN_BITS2 - 4; j >= 0; j -= 4) {
+ int z = 0;
+ for (int i = bn_minimal_width(a) - 1; i >= 0; i--) {
+ for (int j = BN_BITS2 - 4; j >= 0; j -= 4) {
// strip leading zeros
- v = ((int)(a->d[i] >> (long)j)) & 0x0f;
+ int v = ((int)(a->d[i] >> (long)j)) & 0x0f;
if (z || v != 0) {
if (BIO_write(bp, &hextable[v], 1) != 1) {
- goto end;
+ return 0;
}
z = 1;
}
}
}
- ret = 1;
-
-end:
- return ret;
+ return 1;
}
int BN_print_fp(FILE *fp, const BIGNUM *a) {
diff --git a/src/crypto/bn/div.cc b/src/crypto/bn/div.cc
new file mode 100644
index 0000000..868a2a3
--- /dev/null
+++ b/src/crypto/bn/div.cc
@@ -0,0 +1,100 @@
+// Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include <openssl/bn.h>
+
+#include <openssl/err.h>
+
+#include "../fipsmodule/bn/internal.h"
+#include "../internal.h"
+
+
+int BN_mod_pow2(BIGNUM *r, const BIGNUM *a, size_t e) {
+ if (e == 0 || a->width == 0) {
+ BN_zero(r);
+ return 1;
+ }
+
+ size_t num_words = 1 + ((e - 1) / BN_BITS2);
+
+ // If |a| definitely has less than |e| bits, just BN_copy.
+ if ((size_t)a->width < num_words) {
+ return BN_copy(r, a) != NULL;
+ }
+
+ // Otherwise, first make sure we have enough space in |r|.
+ // Note that this will fail if num_words > INT_MAX.
+ if (!bn_wexpand(r, num_words)) {
+ return 0;
+ }
+
+ // Copy the content of |a| into |r|.
+ OPENSSL_memcpy(r->d, a->d, num_words * sizeof(BN_ULONG));
+
+ // If |e| isn't word-aligned, we have to mask off some of our bits.
+ size_t top_word_exponent = e % (sizeof(BN_ULONG) * 8);
+ if (top_word_exponent != 0) {
+ r->d[num_words - 1] &= (((BN_ULONG)1) << top_word_exponent) - 1;
+ }
+
+ // Fill in the remaining fields of |r|.
+ r->neg = a->neg;
+ r->width = (int)num_words;
+ bn_set_minimal_width(r);
+ return 1;
+}
+
+int BN_nnmod_pow2(BIGNUM *r, const BIGNUM *a, size_t e) {
+ if (!BN_mod_pow2(r, a, e)) {
+ return 0;
+ }
+
+ // If the returned value was non-negative, we're done.
+ if (BN_is_zero(r) || !r->neg) {
+ return 1;
+ }
+
+ size_t num_words = 1 + (e - 1) / BN_BITS2;
+
+ // Expand |r| to the size of our modulus.
+ if (!bn_wexpand(r, num_words)) {
+ return 0;
+ }
+
+ // Clear the upper words of |r|.
+ OPENSSL_memset(&r->d[r->width], 0, (num_words - r->width) * BN_BYTES);
+
+ // Set parameters of |r|.
+ r->neg = 0;
+ r->width = (int)num_words;
+
+ // Now, invert every word. The idea here is that we want to compute 2^e-|x|,
+ // which is actually equivalent to the twos-complement representation of |x|
+ // in |e| bits, which is -x = ~x + 1.
+ for (int i = 0; i < r->width; i++) {
+ r->d[i] = ~r->d[i];
+ }
+
+ // If our exponent doesn't span the top word, we have to mask the rest.
+ size_t top_word_exponent = e % BN_BITS2;
+ if (top_word_exponent != 0) {
+ r->d[r->width - 1] &= (((BN_ULONG)1) << top_word_exponent) - 1;
+ }
+
+ // Keep the minimal-width invariant for |BIGNUM|.
+ bn_set_minimal_width(r);
+
+ // Finally, add one, for the reason described above.
+ return BN_add(r, r, BN_value_one());
+}
diff --git a/src/crypto/bn/exponentiation.cc b/src/crypto/bn/exponentiation.cc
new file mode 100644
index 0000000..07f9ec6
--- /dev/null
+++ b/src/crypto/bn/exponentiation.cc
@@ -0,0 +1,166 @@
+// Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include <openssl/bn.h>
+
+#include <assert.h>
+
+#include <openssl/err.h>
+
+#include "../fipsmodule/bn/internal.h"
+
+
+int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) {
+ bssl::BN_CTXScope scope(ctx);
+ BIGNUM *rr;
+ if (r == a || r == p) {
+ rr = BN_CTX_get(ctx);
+ } else {
+ rr = r;
+ }
+
+ BIGNUM *v = BN_CTX_get(ctx);
+ if (rr == NULL || v == NULL) {
+ return 0;
+ }
+
+ if (BN_copy(v, a) == NULL) {
+ return 0;
+ }
+ int bits = BN_num_bits(p);
+
+ if (BN_is_odd(p)) {
+ if (BN_copy(rr, a) == NULL) {
+ return 0;
+ }
+ } else {
+ if (!BN_one(rr)) {
+ return 0;
+ }
+ }
+
+ for (int i = 1; i < bits; i++) {
+ if (!BN_sqr(v, v, ctx)) {
+ return 0;
+ }
+ if (BN_is_bit_set(p, i)) {
+ if (!BN_mul(rr, rr, v, ctx)) {
+ return 0;
+ }
+ }
+ }
+
+ if (r != rr && !BN_copy(r, rr)) {
+ return 0;
+ }
+ return 1;
+}
+
+static int mod_exp_even(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx) {
+ // No cryptographic operations require modular exponentiation with an even
+ // modulus. We support it for backwards compatibility with any applications
+ // that may have relied on the operation, but optimize for simplicity over
+ // performance with straightforward square-and-multiply routine.
+ int bits = BN_num_bits(p);
+ if (bits == 0) {
+ return BN_one(r);
+ }
+
+ // Make a copy of |a|, in case it aliases |r|.
+ bssl::BN_CTXScope scope(ctx);
+ BIGNUM *tmp = BN_CTX_get(ctx);
+ if (tmp == nullptr || !BN_copy(tmp, a)) {
+ return 0;
+ }
+
+ assert(BN_is_bit_set(p, bits - 1));
+ if (!BN_copy(r, tmp)) {
+ return 0;
+ }
+
+ for (int i = bits - 2; i >= 0; i--) {
+ if (!BN_mod_sqr(r, r, m, ctx) ||
+ (BN_is_bit_set(p, i) && !BN_mod_mul(r, r, tmp, m, ctx))) {
+ return 0;
+ }
+ }
+
+ return 1;
+}
+
+int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
+ BN_CTX *ctx) {
+ if (m->neg) {
+ OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER);
+ return 0;
+ }
+ if (a->neg || BN_ucmp(a, m) >= 0) {
+ if (!BN_nnmod(r, a, m, ctx)) {
+ return 0;
+ }
+ a = r;
+ }
+
+ if (BN_is_odd(m)) {
+ return BN_mod_exp_mont(r, a, p, m, ctx, NULL);
+ }
+
+ return mod_exp_even(r, a, p, m, ctx);
+}
+
+int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx,
+ const BN_MONT_CTX *mont) {
+ // BN_mod_exp_mont requires reduced inputs.
+ if (bn_minimal_width(m) == 1) {
+ a %= m->d[0];
+ }
+
+ bssl::UniquePtr<BIGNUM> a_bignum(BN_new());
+ if (a_bignum == nullptr || !BN_set_word(a_bignum.get(), a)) {
+ OPENSSL_PUT_ERROR(BN, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+
+ return BN_mod_exp_mont(rr, a_bignum.get(), p, m, ctx, mont);
+}
+
+int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1,
+ const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m,
+ BN_CTX *ctx, const BN_MONT_CTX *mont) {
+ // Allocate a montgomery context if it was not supplied by the caller.
+ bssl::UniquePtr<BN_MONT_CTX> new_mont;
+ if (mont == nullptr) {
+ new_mont.reset(BN_MONT_CTX_new_for_modulus(m, ctx));
+ if (new_mont == nullptr) {
+ return 0;
+ }
+ mont = new_mont.get();
+ }
+
+ // BN_mod_mul_montgomery removes one Montgomery factor, so passing one
+ // Montgomery-encoded and one non-Montgomery-encoded value gives a
+ // non-Montgomery-encoded result.
+ bssl::UniquePtr<BIGNUM> tmp(BN_new());
+ if (tmp == nullptr || //
+ !BN_mod_exp_mont(rr, a1, p1, m, ctx, mont) ||
+ !BN_mod_exp_mont(tmp.get(), a2, p2, m, ctx, mont) ||
+ !BN_to_montgomery(rr, rr, mont, ctx) ||
+ !BN_mod_mul_montgomery(rr, rr, tmp.get(), mont, ctx)) {
+ return 0;
+ }
+
+ return 1;
+}
diff --git a/src/crypto/bn/sqrt.cc b/src/crypto/bn/sqrt.cc
new file mode 100644
index 0000000..e23f1a3
--- /dev/null
+++ b/src/crypto/bn/sqrt.cc
@@ -0,0 +1,93 @@
+// Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include <openssl/bn.h>
+
+#include <openssl/err.h>
+
+
+int BN_sqrt(BIGNUM *out_sqrt, const BIGNUM *in, BN_CTX *ctx) {
+ BIGNUM *estimate, *tmp, *delta, *last_delta, *tmp2;
+ int ok = 0, last_delta_valid = 0;
+
+ if (in->neg) {
+ OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER);
+ return 0;
+ }
+ if (BN_is_zero(in)) {
+ BN_zero(out_sqrt);
+ return 1;
+ }
+
+ bssl::BN_CTXScope scope(ctx);
+ if (out_sqrt == in) {
+ estimate = BN_CTX_get(ctx);
+ } else {
+ estimate = out_sqrt;
+ }
+ tmp = BN_CTX_get(ctx);
+ last_delta = BN_CTX_get(ctx);
+ delta = BN_CTX_get(ctx);
+ if (estimate == NULL || tmp == NULL || last_delta == NULL || delta == NULL) {
+ goto err;
+ }
+
+ // We estimate that the square root of an n-bit number is 2^{n/2}.
+ if (!BN_lshift(estimate, BN_value_one(), BN_num_bits(in)/2)) {
+ goto err;
+ }
+
+ // This is Newton's method for finding a root of the equation |estimate|^2 -
+ // |in| = 0.
+ for (;;) {
+ // |estimate| = 1/2 * (|estimate| + |in|/|estimate|)
+ if (!BN_div(tmp, NULL, in, estimate, ctx) ||
+ !BN_add(tmp, tmp, estimate) ||
+ !BN_rshift1(estimate, tmp) ||
+ // |tmp| = |estimate|^2
+ !BN_sqr(tmp, estimate, ctx) ||
+ // |delta| = |in| - |tmp|
+ !BN_sub(delta, in, tmp)) {
+ OPENSSL_PUT_ERROR(BN, ERR_R_BN_LIB);
+ goto err;
+ }
+
+ delta->neg = 0;
+ // The difference between |in| and |estimate| squared is required to always
+ // decrease. This ensures that the loop always terminates, but I don't have
+ // a proof that it always finds the square root for a given square.
+ if (last_delta_valid && BN_cmp(delta, last_delta) >= 0) {
+ break;
+ }
+
+ last_delta_valid = 1;
+
+ tmp2 = last_delta;
+ last_delta = delta;
+ delta = tmp2;
+ }
+
+ if (BN_cmp(tmp, in) != 0) {
+ OPENSSL_PUT_ERROR(BN, BN_R_NOT_A_SQUARE);
+ goto err;
+ }
+
+ ok = 1;
+
+err:
+ if (ok && out_sqrt == in && !BN_copy(out_sqrt, estimate)) {
+ ok = 0;
+ }
+ return ok;
+}
diff --git a/src/crypto/bytestring/bytestring_test.cc b/src/crypto/bytestring/bytestring_test.cc
index 23133e0..c5fff11 100644
--- a/src/crypto/bytestring/bytestring_test.cc
+++ b/src/crypto/bytestring/bytestring_test.cc
@@ -257,6 +257,18 @@
EXPECT_EQ(CBS_ASN1_SEQUENCE, tag);
EXPECT_EQ(Bytes("\x01\x02"), Bytes(CBS_data(&contents), CBS_len(&contents)));
+ CBS_init(&data, kData1, sizeof(kData1));
+ // We should be able to ignore the contents and get the tag.
+ ASSERT_TRUE(CBS_get_any_asn1(&data, NULL, &tag));
+ EXPECT_EQ(CBS_ASN1_SEQUENCE, tag);
+ // We should be able to ignore the tag and get the contents.
+ CBS_init(&data, kData1, sizeof(kData1));
+ ASSERT_TRUE(CBS_get_any_asn1(&data, &contents, NULL));
+ EXPECT_EQ(Bytes("\x01\x02"), Bytes(CBS_data(&contents), CBS_len(&contents)));
+ // We should be able to ignore both the tag and contents.
+ CBS_init(&data, kData1, sizeof(kData1));
+ ASSERT_TRUE(CBS_get_any_asn1(&data, NULL, NULL));
+
size_t header_len;
CBS_init(&data, kData1, sizeof(kData1));
ASSERT_TRUE(CBS_get_any_asn1_element(&data, &contents, &tag, &header_len));
diff --git a/src/crypto/bytestring/cbb.cc b/src/crypto/bytestring/cbb.cc
index 316ac4a..b847331 100644
--- a/src/crypto/bytestring/cbb.cc
+++ b/src/crypto/bytestring/cbb.cc
@@ -481,6 +481,19 @@
cbb->child = NULL;
}
+int CBB_add_asn1_element(CBB *cbb, CBS_ASN1_TAG tag, const uint8_t *data,
+ size_t data_len) {
+ CBB child;
+ if (!CBB_add_asn1(cbb, &child, tag) ||
+ !CBB_add_bytes(&child, data, data_len) || //
+ !CBB_flush(cbb)) {
+ cbb_on_error(cbb);
+ return 0;
+ }
+
+ return 1;
+}
+
int CBB_add_asn1_uint64(CBB *cbb, uint64_t value) {
return CBB_add_asn1_uint64_with_tag(cbb, value, CBS_ASN1_INTEGER);
}
@@ -557,14 +570,7 @@
}
int CBB_add_asn1_octet_string(CBB *cbb, const uint8_t *data, size_t data_len) {
- CBB child;
- if (!CBB_add_asn1(cbb, &child, CBS_ASN1_OCTETSTRING) ||
- !CBB_add_bytes(&child, data, data_len) || !CBB_flush(cbb)) {
- cbb_on_error(cbb);
- return 0;
- }
-
- return 1;
+ return CBB_add_asn1_element(cbb, CBS_ASN1_OCTETSTRING, data, data_len);
}
int CBB_add_asn1_bool(CBB *cbb, int value) {
diff --git a/src/crypto/bytestring/cbs.cc b/src/crypto/bytestring/cbs.cc
index 73a9d63..fd11c5a 100644
--- a/src/crypto/bytestring/cbs.cc
+++ b/src/crypto/bytestring/cbs.cc
@@ -410,7 +410,7 @@
return 0;
}
- if (!CBS_skip(out, header_len)) {
+ if (out && !CBS_skip(out, header_len)) {
assert(0);
return 0;
}
diff --git a/src/crypto/bytestring/internal.h b/src/crypto/bytestring/internal.h
index f2ea91a..110fb95 100644
--- a/src/crypto/bytestring/internal.h
+++ b/src/crypto/bytestring/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_BYTESTRING_INTERNAL_H
-#define OPENSSL_HEADER_BYTESTRING_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_BYTESTRING_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_BYTESTRING_INTERNAL_H
#include <openssl/base.h>
@@ -71,4 +71,4 @@
} // extern C
#endif
-#endif // OPENSSL_HEADER_BYTESTRING_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_BYTESTRING_INTERNAL_H
diff --git a/src/crypto/chacha/internal.h b/src/crypto/chacha/internal.h
index 828621b..ec0c79f 100644
--- a/src/crypto/chacha/internal.h
+++ b/src/crypto/chacha/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_CHACHA_INTERNAL
-#define OPENSSL_HEADER_CHACHA_INTERNAL
+#ifndef OPENSSL_HEADER_CRYPTO_CHACHA_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_CHACHA_INTERNAL_H
#include <openssl/base.h>
@@ -37,7 +37,7 @@
inline int ChaCha20_ctr32_ssse3_capable(size_t len) {
// Unlike the x86_64 version, the x86 SSSE3 routine runs for all non-zero
// lengths.
- return len > 0 && CRYPTO_is_SSSE3_capable() && CRYPTO_is_FXSR_capable();
+ return len > 0 && CRYPTO_is_SSSE3_capable();
}
void ChaCha20_ctr32_ssse3(uint8_t *out, const uint8_t *in, size_t in_len,
const uint32_t key[8], const uint32_t counter[4]);
@@ -99,4 +99,4 @@
} // extern C
#endif
-#endif // OPENSSL_HEADER_CHACHA_INTERNAL
+#endif // OPENSSL_HEADER_CRYPTO_CHACHA_INTERNAL_H
diff --git a/src/crypto/cipher/aead_test.cc b/src/crypto/cipher/aead_test.cc
index 6e708e0..5eb0c39 100644
--- a/src/crypto/cipher/aead_test.cc
+++ b/src/crypto/cipher/aead_test.cc
@@ -152,6 +152,12 @@
{"AES_128_CCM_Matter", EVP_aead_aes_128_ccm_matter,
"aes_128_ccm_matter_tests.txt", 0},
+
+ {"AES_128_EAX", EVP_aead_aes_128_eax, "aes_128_eax_test.txt",
+ kVariableNonce},
+
+ {"AES_256_EAX", EVP_aead_aes_256_eax, "aes_256_eax_test.txt",
+ kVariableNonce},
};
class PerAEADTest : public testing::TestWithParam<KnownAEAD> {
@@ -1025,6 +1031,36 @@
});
}
+TEST(AEADTest, WycheproofAESEAX) {
+ FileTestGTest(
+ "third_party/wycheproof_testvectors/aes_eax_test.txt", [](FileTest *t) {
+ std::string key_size_str;
+ ASSERT_TRUE(t->GetInstruction(&key_size_str, "keySize"));
+ const EVP_AEAD *aead;
+ switch (atoi(key_size_str.c_str())) {
+ case 128:
+ aead = EVP_aead_aes_128_eax();
+ break;
+ case 256:
+ aead = EVP_aead_aes_256_eax();
+ break;
+ default:
+ t->SkipCurrent();
+ GTEST_SKIP() << "Unsupported key size: " << key_size_str;
+ }
+
+ std::string nonce_size_str;
+ ASSERT_TRUE(t->GetInstruction(&nonce_size_str, "ivSize"));
+ // Skip tests with invalid nonce size.
+ if (nonce_size_str != "96" && nonce_size_str != "128") {
+ t->SkipCurrent();
+ GTEST_SKIP() << "Unsupported nonce size: " << nonce_size_str;
+ }
+
+ RunWycheproofTestCase(t, aead);
+ });
+}
+
TEST(AEADTest, FreeNull) { EVP_AEAD_CTX_free(nullptr); }
} // namespace
diff --git a/src/crypto/cipher/derive_key.cc b/src/crypto/cipher/derive_key.cc
index d8aecdd..ac0f284 100644
--- a/src/crypto/cipher/derive_key.cc
+++ b/src/crypto/cipher/derive_key.cc
@@ -25,7 +25,6 @@
int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
const uint8_t *salt, const uint8_t *data, size_t data_len,
unsigned count, uint8_t *key, uint8_t *iv) {
- EVP_MD_CTX c;
uint8_t md_buf[EVP_MAX_MD_SIZE];
unsigned addmd = 0;
unsigned mds = 0, i;
@@ -37,36 +36,36 @@
assert(nkey <= EVP_MAX_KEY_LENGTH);
assert(niv <= EVP_MAX_IV_LENGTH);
- if (data == NULL) {
+ if (data == nullptr) {
return nkey;
}
- EVP_MD_CTX_init(&c);
+ bssl::ScopedEVP_MD_CTX c;
for (;;) {
- if (!EVP_DigestInit_ex(&c, md, NULL)) {
+ if (!EVP_DigestInit_ex(c.get(), md, nullptr)) {
goto err;
}
if (addmd++) {
- if (!EVP_DigestUpdate(&c, md_buf, mds)) {
+ if (!EVP_DigestUpdate(c.get(), md_buf, mds)) {
goto err;
}
}
- if (!EVP_DigestUpdate(&c, data, data_len)) {
+ if (!EVP_DigestUpdate(c.get(), data, data_len)) {
goto err;
}
- if (salt != NULL) {
- if (!EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN)) {
+ if (salt != nullptr) {
+ if (!EVP_DigestUpdate(c.get(), salt, PKCS5_SALT_LEN)) {
goto err;
}
}
- if (!EVP_DigestFinal_ex(&c, md_buf, &mds)) {
+ if (!EVP_DigestFinal_ex(c.get(), md_buf, &mds)) {
goto err;
}
for (i = 1; i < count; i++) {
- if (!EVP_DigestInit_ex(&c, md, NULL) ||
- !EVP_DigestUpdate(&c, md_buf, mds) ||
- !EVP_DigestFinal_ex(&c, md_buf, &mds)) {
+ if (!EVP_DigestInit_ex(c.get(), md, nullptr) ||
+ !EVP_DigestUpdate(c.get(), md_buf, mds) ||
+ !EVP_DigestFinal_ex(c.get(), md_buf, &mds)) {
goto err;
}
}
@@ -77,7 +76,7 @@
if (nkey == 0 || i == mds) {
break;
}
- if (key != NULL) {
+ if (key != nullptr) {
*(key++) = md_buf[i];
}
nkey--;
@@ -90,7 +89,7 @@
if (niv == 0 || i == mds) {
break;
}
- if (iv != NULL) {
+ if (iv != nullptr) {
*(iv++) = md_buf[i];
}
niv--;
@@ -104,7 +103,6 @@
rv = EVP_CIPHER_key_length(type);
err:
- EVP_MD_CTX_cleanup(&c);
OPENSSL_cleanse(md_buf, EVP_MAX_MD_SIZE);
return rv;
}
diff --git a/src/crypto/cipher/e_aeseax.cc b/src/crypto/cipher/e_aeseax.cc
new file mode 100644
index 0000000..e4c8781
--- /dev/null
+++ b/src/crypto/cipher/e_aeseax.cc
@@ -0,0 +1,289 @@
+// Copyright 2025 The BoringSSL Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include <openssl/aead.h>
+
+#include <assert.h>
+#include <stddef.h>
+#include <stdint.h>
+#include <sys/types.h>
+
+#include <openssl/aes.h>
+#include <openssl/base.h>
+#include <openssl/cipher.h>
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/mem.h>
+
+#include "../fipsmodule/cipher/internal.h"
+#include "../internal.h"
+
+// Implementation of AES-EAX defined in
+// https://www.iacr.org/archive/fse2004/30170391/30170391.pdf.
+
+#define EVP_AEAD_AES_EAX_TAG_LEN AES_BLOCK_SIZE
+
+struct aead_aes_eax_ctx {
+ union {
+ double align;
+ AES_KEY ks;
+ } ks;
+ uint8_t b[AES_BLOCK_SIZE];
+ uint8_t p[AES_BLOCK_SIZE];
+};
+
+static void mult_by_X(uint8_t out[AES_BLOCK_SIZE],
+ const uint8_t in[AES_BLOCK_SIZE]) {
+ const crypto_word_t in_hi = CRYPTO_load_word_be(in);
+ for (size_t i = 0; i < AES_BLOCK_SIZE - 1; ++i) {
+ out[i] = (in[i] << 1) | (in[i + 1] >> 7);
+ }
+ // Carry over 0x87 if msb is 1, 0x00 if msb is 0.
+ out[AES_BLOCK_SIZE - 1] = in[AES_BLOCK_SIZE - 1] << 1;
+ const uint8_t p = 0x87;
+ constant_time_conditional_memxor(out + AES_BLOCK_SIZE - 1, &p, /*n=*/1,
+ constant_time_msb_w(in_hi));
+}
+
+static int aead_aes_eax_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
+ size_t key_len, size_t tag_len) {
+ struct aead_aes_eax_ctx *aes_ctx = (struct aead_aes_eax_ctx *)&ctx->state;
+
+ if (key_len != 16 && key_len != 32) {
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH);
+ return 0;
+ }
+
+ if (tag_len == EVP_AEAD_DEFAULT_TAG_LENGTH) {
+ tag_len = EVP_AEAD_AES_EAX_TAG_LEN;
+ }
+
+ if (tag_len != EVP_AEAD_AES_EAX_TAG_LEN) {
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_TAG_SIZE);
+ return 0;
+ }
+
+ if (AES_set_encrypt_key(key, /*bits=*/key_len * 8, &aes_ctx->ks.ks) != 0) {
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_AES_KEY_SETUP_FAILED);
+ return 0;
+ }
+ ctx->tag_len = tag_len;
+
+ // L <- Ek(0^n).
+ OPENSSL_memset(aes_ctx->b, 0, sizeof(aes_ctx->b));
+ AES_encrypt(aes_ctx->b, aes_ctx->b, &aes_ctx->ks.ks);
+ // B <- 2L.
+ mult_by_X(aes_ctx->b, aes_ctx->b);
+ // P <- 4L = 2B.
+ mult_by_X(aes_ctx->p, aes_ctx->b);
+ return 1;
+}
+
+static void aead_aes_eax_cleanup(EVP_AEAD_CTX *ctx) {}
+
+// Implements the CBK function in the paper.
+static void cbk_block(const struct aead_aes_eax_ctx *aes_ctx,
+ const uint8_t in[AES_BLOCK_SIZE],
+ uint8_t out[AES_BLOCK_SIZE]) {
+ CRYPTO_xor16(out, in, out);
+ AES_encrypt(out, out, &aes_ctx->ks.ks);
+}
+
+// Precondition: in_len <= AES_BLOCK_SIZE.
+static void pad(const struct aead_aes_eax_ctx *aes_ctx,
+ uint8_t out[AES_BLOCK_SIZE], const uint8_t *in, size_t in_len) {
+ assert(in_len <= AES_BLOCK_SIZE);
+ if (in_len == AES_BLOCK_SIZE) {
+ CRYPTO_xor16(out, aes_ctx->b, in);
+ return;
+ }
+ OPENSSL_memset(out, 0, AES_BLOCK_SIZE);
+ OPENSSL_memcpy(out, in, in_len);
+ out[in_len] = 0x80;
+ CRYPTO_xor16(out, aes_ctx->p, out);
+}
+
+static void omac(const struct aead_aes_eax_ctx *aes_ctx,
+ uint8_t out[AES_BLOCK_SIZE], const uint8_t *in,
+ size_t in_len) {
+ if (in_len == 0) {
+ // CBK(pad(M;B,P)) = CBK(B). Avoiding padding to skip a copy.
+ cbk_block(aes_ctx, aes_ctx->b, out);
+ return;
+ }
+ // CBK(M1) = Ek(M1 ^ 0^n)
+ AES_encrypt(out, out, &aes_ctx->ks.ks);
+ while (in_len > AES_BLOCK_SIZE) {
+ // Full blocks, no padding needed.
+ cbk_block(aes_ctx, in, out);
+ in += AES_BLOCK_SIZE;
+ in_len -= AES_BLOCK_SIZE;
+ }
+ // Last block to be padded.
+ uint8_t padded_block[AES_BLOCK_SIZE];
+ pad(aes_ctx, padded_block, in, in_len);
+ cbk_block(aes_ctx, padded_block, out);
+}
+
+static void omac_with_tag(const struct aead_aes_eax_ctx *aes_ctx,
+ uint8_t out[AES_BLOCK_SIZE], const uint8_t *in,
+ size_t in_len, int tag) {
+ OPENSSL_memset(out, 0, AES_BLOCK_SIZE);
+ out[AES_BLOCK_SIZE - 1] = tag;
+ omac(aes_ctx, out, in, in_len);
+}
+
+// Encrypts/decrypts |in_len| bytes from |in| to |out| using AES-CTR with |n| as
+// the IV.
+static void aes_ctr(const struct aead_aes_eax_ctx *aes_ctx, uint8_t *out,
+ const uint8_t n[AES_BLOCK_SIZE], const uint8_t *in,
+ size_t in_len) {
+ uint8_t ivec[AES_BLOCK_SIZE];
+ OPENSSL_memcpy(ivec, n, AES_BLOCK_SIZE);
+
+ uint8_t unused_ecount_buf[AES_BLOCK_SIZE];
+ unsigned int unused_num = 0;
+ AES_ctr128_encrypt(in, out, in_len, &aes_ctx->ks.ks, ivec, unused_ecount_buf,
+ &unused_num);
+}
+
+static int aead_aes_eax_seal_scatter(
+ const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t *out_tag,
+ size_t *out_tag_len, size_t max_out_tag_len, const uint8_t *nonce,
+ size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *extra_in,
+ size_t extra_in_len, const uint8_t *ad, size_t ad_len) {
+ assert(extra_in_len == 0);
+ // We use the full 128 bits of the nonce as counter, so no need to check the
+ // plaintext size.
+
+ if (max_out_tag_len < ctx->tag_len) {
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL);
+ return 0;
+ }
+
+ if (nonce_len != 12 && nonce_len != 16) {
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE);
+ return 0;
+ }
+
+ const struct aead_aes_eax_ctx *aes_ctx =
+ (struct aead_aes_eax_ctx *)&ctx->state;
+
+ // N <- OMAC(0 || nonce)
+ uint8_t n[AES_BLOCK_SIZE];
+ omac_with_tag(aes_ctx, n, nonce, nonce_len, /*tag=*/0);
+ // H <- OMAC(1 || ad)
+ uint8_t h[AES_BLOCK_SIZE];
+ omac_with_tag(aes_ctx, h, ad, ad_len, /*tag=*/1);
+
+ // C <- CTR^{N}_{K}(M)
+ aes_ctr(aes_ctx, out, n, in, in_len);
+
+ // MAC <- OMAC(2 || C)
+ omac_with_tag(aes_ctx, out_tag, out, in_len, /*tag=*/2);
+ // MAC <- N ^ C ^ H
+ CRYPTO_xor16(out_tag, n, out_tag);
+ CRYPTO_xor16(out_tag, h, out_tag);
+
+ *out_tag_len = ctx->tag_len;
+ return 1;
+}
+
+static int aead_aes_eax_open_gather(const EVP_AEAD_CTX *ctx, uint8_t *out,
+ const uint8_t *nonce, size_t nonce_len,
+ const uint8_t *in, size_t in_len,
+ const uint8_t *in_tag, size_t in_tag_len,
+ const uint8_t *ad, size_t ad_len) {
+ const uint64_t ad_len_64 = ad_len;
+ if (ad_len_64 >= (UINT64_C(1) << 61)) {
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE);
+ return 0;
+ }
+
+ const uint64_t in_len_64 = in_len;
+ if (in_tag_len != EVP_AEAD_AES_EAX_TAG_LEN ||
+ in_len_64 > (UINT64_C(1) << 36) + AES_BLOCK_SIZE) {
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT);
+ return 0;
+ }
+
+ if (nonce_len != 12 && nonce_len != 16) {
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE);
+ return 0;
+ }
+
+ const struct aead_aes_eax_ctx *aes_ctx =
+ (struct aead_aes_eax_ctx *)&ctx->state;
+
+ // N <- OMAC(0 || nonce)
+ uint8_t n[AES_BLOCK_SIZE];
+ omac_with_tag(aes_ctx, n, nonce, nonce_len, /*tag=*/0);
+ // H <- OMAC(1 || ad)
+ uint8_t h[AES_BLOCK_SIZE];
+ omac_with_tag(aes_ctx, h, ad, ad_len, /*tag=*/1);
+
+ // MAC <- OMAC(2 || C)
+ uint8_t mac[AES_BLOCK_SIZE];
+ omac_with_tag(aes_ctx, mac, in, in_len, /*tag=*/2);
+ // MAC <- N ^ C ^ H
+ CRYPTO_xor16(mac, n, mac);
+ CRYPTO_xor16(mac, h, mac);
+
+ if (CRYPTO_memcmp(mac, in_tag, in_tag_len) != 0) {
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT);
+ return 0;
+ }
+
+ // M <- CTR^{N}_{K}(C)
+ aes_ctr(aes_ctx, out, n, in, in_len);
+ return 1;
+}
+
+static const EVP_AEAD aead_aes_128_eax = {
+ 16, // AES key size
+ 16, // nonce length
+ EVP_AEAD_AES_EAX_TAG_LEN, // overhead
+ EVP_AEAD_AES_EAX_TAG_LEN, // max tag length
+ 0, // seal_scatter_supports_extra_in
+
+ aead_aes_eax_init,
+ NULL, // init_with_direction
+ aead_aes_eax_cleanup,
+ NULL, // open
+ aead_aes_eax_seal_scatter,
+ aead_aes_eax_open_gather,
+ NULL, // get_iv
+ NULL, // tag_len
+};
+
+static const EVP_AEAD aead_aes_256_eax = {
+ 32, // AES key size
+ 16, // nonce length
+ EVP_AEAD_AES_EAX_TAG_LEN, // overhead
+ EVP_AEAD_AES_EAX_TAG_LEN, // max tag length
+ 0, // seal_scatter_supports_extra_in
+
+ aead_aes_eax_init,
+ NULL, // init_with_direction
+ aead_aes_eax_cleanup,
+ NULL, // open
+ aead_aes_eax_seal_scatter,
+ aead_aes_eax_open_gather,
+ NULL, // get_iv
+ NULL, // tag_len
+};
+
+const EVP_AEAD *EVP_aead_aes_128_eax(void) { return &aead_aes_128_eax; }
+
+const EVP_AEAD *EVP_aead_aes_256_eax(void) { return &aead_aes_256_eax; }
diff --git a/src/crypto/cipher/e_aesgcmsiv.cc b/src/crypto/cipher/e_aesgcmsiv.cc
index b429dc5..a7b38c6 100644
--- a/src/crypto/cipher/e_aesgcmsiv.cc
+++ b/src/crypto/cipher/e_aesgcmsiv.cc
@@ -28,6 +28,7 @@
#define EVP_AEAD_AES_GCM_SIV_NONCE_LEN 12
#define EVP_AEAD_AES_GCM_SIV_TAG_LEN 16
+namespace {
// TODO(davidben): AES-GCM-SIV assembly is not correct for Windows. It must save
// and restore xmm6 through xmm15.
#if defined(OPENSSL_X86_64) && !defined(OPENSSL_NO_ASM) && \
@@ -36,12 +37,10 @@
// Optimised AES-GCM-SIV
-namespace {
struct aead_aes_gcm_siv_asm_ctx {
alignas(16) uint8_t key[16 * 15];
int is_128_bit;
};
-} // namespace
// The assembly code assumes 8-byte alignment of the EVP_AEAD_CTX's state, and
// aligns to 16 bytes itself.
@@ -51,15 +50,6 @@
static_assert(alignof(union evp_aead_ctx_st_state) >= 8,
"AEAD state has insufficient alignment");
-// asm_ctx_from_ctx returns a 16-byte aligned context pointer from |ctx|.
-static struct aead_aes_gcm_siv_asm_ctx *asm_ctx_from_ctx(
- const EVP_AEAD_CTX *ctx) {
- // ctx->state must already be 8-byte aligned. Thus, at most, we may need to
- // add eight to align it to 16 bytes.
- const uintptr_t offset = ((uintptr_t)&ctx->state) & 8;
- return (struct aead_aes_gcm_siv_asm_ctx *)(&ctx->state.opaque[offset]);
-}
-
extern "C" {
// aes128gcmsiv_aes_ks writes an AES-128 key schedule for |key| to
// |out_expanded_key|.
@@ -70,45 +60,7 @@
// |out_expanded_key|.
extern void aes256gcmsiv_aes_ks(const uint8_t key[32],
uint8_t out_expanded_key[16 * 15]);
-}
-static int aead_aes_gcm_siv_asm_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
- size_t key_len, size_t tag_len) {
- const size_t key_bits = key_len * 8;
-
- if (key_bits != 128 && key_bits != 256) {
- OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH);
- return 0; // EVP_AEAD_CTX_init should catch this.
- }
-
- if (tag_len == EVP_AEAD_DEFAULT_TAG_LENGTH) {
- tag_len = EVP_AEAD_AES_GCM_SIV_TAG_LEN;
- }
-
- if (tag_len != EVP_AEAD_AES_GCM_SIV_TAG_LEN) {
- OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TAG_TOO_LARGE);
- return 0;
- }
-
- struct aead_aes_gcm_siv_asm_ctx *gcm_siv_ctx = asm_ctx_from_ctx(ctx);
- assert((((uintptr_t)gcm_siv_ctx) & 15) == 0);
-
- if (key_bits == 128) {
- aes128gcmsiv_aes_ks(key, &gcm_siv_ctx->key[0]);
- gcm_siv_ctx->is_128_bit = 1;
- } else {
- aes256gcmsiv_aes_ks(key, &gcm_siv_ctx->key[0]);
- gcm_siv_ctx->is_128_bit = 0;
- }
-
- ctx->tag_len = tag_len;
-
- return 1;
-}
-
-static void aead_aes_gcm_siv_asm_cleanup(EVP_AEAD_CTX *ctx) {}
-
-extern "C" {
// aesgcmsiv_polyval_horner updates the POLYVAL value in |in_out_poly| to
// include a number (|in_blocks|) of 16-byte blocks of data from |in|, given
// the POLYVAL key in |key|.
@@ -225,12 +177,55 @@
size_t in_len);
}
+// asm_ctx_from_ctx returns a 16-byte aligned context pointer from |ctx|.
+struct aead_aes_gcm_siv_asm_ctx *asm_ctx_from_ctx(const EVP_AEAD_CTX *ctx) {
+ // ctx->state must already be 8-byte aligned. Thus, at most, we may need to
+ // add eight to align it to 16 bytes.
+ const uintptr_t offset = ((uintptr_t)&ctx->state) & 8;
+ return (struct aead_aes_gcm_siv_asm_ctx *)(&ctx->state.opaque[offset]);
+}
+
+int aead_aes_gcm_siv_asm_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
+ size_t key_len, size_t tag_len) {
+ const size_t key_bits = key_len * 8;
+
+ if (key_bits != 128 && key_bits != 256) {
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_KEY_LENGTH);
+ return 0; // EVP_AEAD_CTX_init should catch this.
+ }
+
+ if (tag_len == EVP_AEAD_DEFAULT_TAG_LENGTH) {
+ tag_len = EVP_AEAD_AES_GCM_SIV_TAG_LEN;
+ }
+
+ if (tag_len != EVP_AEAD_AES_GCM_SIV_TAG_LEN) {
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TAG_TOO_LARGE);
+ return 0;
+ }
+
+ struct aead_aes_gcm_siv_asm_ctx *gcm_siv_ctx = asm_ctx_from_ctx(ctx);
+ assert((((uintptr_t)gcm_siv_ctx) & 15) == 0);
+
+ if (key_bits == 128) {
+ aes128gcmsiv_aes_ks(key, &gcm_siv_ctx->key[0]);
+ gcm_siv_ctx->is_128_bit = 1;
+ } else {
+ aes256gcmsiv_aes_ks(key, &gcm_siv_ctx->key[0]);
+ gcm_siv_ctx->is_128_bit = 0;
+ }
+
+ ctx->tag_len = tag_len;
+
+ return 1;
+}
+
+void aead_aes_gcm_siv_asm_cleanup(EVP_AEAD_CTX *ctx) {}
+
// gcm_siv_asm_polyval evaluates POLYVAL at |auth_key| on the given plaintext
// and AD. The result is written to |out_tag|.
-static void gcm_siv_asm_polyval(uint8_t out_tag[16], const uint8_t *in,
- size_t in_len, const uint8_t *ad, size_t ad_len,
- const uint8_t auth_key[16],
- const uint8_t nonce[12]) {
+void gcm_siv_asm_polyval(uint8_t out_tag[16], const uint8_t *in, size_t in_len,
+ const uint8_t *ad, size_t ad_len,
+ const uint8_t auth_key[16], const uint8_t nonce[12]) {
OPENSSL_memset(out_tag, 0, 16);
const size_t ad_blocks = ad_len / 16;
const size_t in_blocks = in_len / 16;
@@ -283,7 +278,7 @@
// (same thing in CTR mode) of the final block of a plaintext/ciphertext. It
// writes |in_len| & 15 bytes to |out| + |in_len|, based on an initial counter
// derived from |tag|.
-static void aead_aes_gcm_siv_asm_crypt_last_block(
+void aead_aes_gcm_siv_asm_crypt_last_block(
int is_128_bit, uint8_t *out, const uint8_t *in, size_t in_len,
const uint8_t tag[16],
const struct aead_aes_gcm_siv_asm_ctx *enc_key_expanded) {
@@ -309,10 +304,11 @@
// aead_aes_gcm_siv_kdf calculates the record encryption and authentication
// keys given the |nonce|.
-static void aead_aes_gcm_siv_kdf(
- int is_128_bit, const struct aead_aes_gcm_siv_asm_ctx *gcm_siv_ctx,
- uint64_t out_record_auth_key[2], uint64_t out_record_enc_key[4],
- const uint8_t nonce[12]) {
+void aead_aes_gcm_siv_kdf(int is_128_bit,
+ const struct aead_aes_gcm_siv_asm_ctx *gcm_siv_ctx,
+ uint64_t out_record_auth_key[2],
+ uint64_t out_record_enc_key[4],
+ const uint8_t nonce[12]) {
alignas(16) uint8_t padded_nonce[16];
OPENSSL_memcpy(padded_nonce, nonce, 12);
@@ -333,7 +329,7 @@
out_record_auth_key[1] = key_material[2];
}
-static int aead_aes_gcm_siv_asm_seal_scatter(
+int aead_aes_gcm_siv_asm_seal_scatter(
const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t *out_tag,
size_t *out_tag_len, size_t max_out_tag_len, const uint8_t *nonce,
size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *extra_in,
@@ -399,10 +395,11 @@
return 1;
}
-static int aead_aes_gcm_siv_asm_open_gather(
- const EVP_AEAD_CTX *ctx, uint8_t *out, const uint8_t *nonce,
- size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *in_tag,
- size_t in_tag_len, const uint8_t *ad, size_t ad_len) {
+int aead_aes_gcm_siv_asm_open_gather(const EVP_AEAD_CTX *ctx, uint8_t *out,
+ const uint8_t *nonce, size_t nonce_len,
+ const uint8_t *in, size_t in_len,
+ const uint8_t *in_tag, size_t in_tag_len,
+ const uint8_t *ad, size_t ad_len) {
const uint64_t ad_len_64 = ad_len;
if (ad_len_64 >= (UINT64_C(1) << 61)) {
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE);
@@ -499,7 +496,7 @@
return 1;
}
-static const EVP_AEAD aead_aes_128_gcm_siv_asm = {
+const EVP_AEAD aead_aes_128_gcm_siv_asm = {
16, // key length
EVP_AEAD_AES_GCM_SIV_NONCE_LEN, // nonce length
EVP_AEAD_AES_GCM_SIV_TAG_LEN, // overhead
@@ -516,7 +513,7 @@
NULL /* tag_len */,
};
-static const EVP_AEAD aead_aes_256_gcm_siv_asm = {
+const EVP_AEAD aead_aes_256_gcm_siv_asm = {
32, // key length
EVP_AEAD_AES_GCM_SIV_NONCE_LEN, // nonce length
EVP_AEAD_AES_GCM_SIV_TAG_LEN, // overhead
@@ -535,7 +532,7 @@
#endif // X86_64 && !NO_ASM && !WINDOWS
-namespace {
+
struct aead_aes_gcm_siv_ctx {
union {
double align;
@@ -544,7 +541,6 @@
block128_f kgk_block;
unsigned is_256 : 1;
};
-} // namespace
static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) >=
sizeof(struct aead_aes_gcm_siv_ctx),
@@ -553,8 +549,8 @@
alignof(struct aead_aes_gcm_siv_ctx),
"AEAD state has insufficient alignment");
-static int aead_aes_gcm_siv_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
- size_t key_len, size_t tag_len) {
+int aead_aes_gcm_siv_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len,
+ size_t tag_len) {
const size_t key_bits = key_len * 8;
if (key_bits != 128 && key_bits != 256) {
@@ -582,7 +578,7 @@
return 1;
}
-static void aead_aes_gcm_siv_cleanup(EVP_AEAD_CTX *ctx) {}
+void aead_aes_gcm_siv_cleanup(EVP_AEAD_CTX *ctx) {}
// gcm_siv_crypt encrypts (or decrypts—it's the same thing) |in_len| bytes from
// |in| to |out|, using the block function |enc_block| with |key| in counter
@@ -591,9 +587,9 @@
// first four bytes are used and the GCM-SIV tweak to the final byte is
// applied. The |in| and |out| pointers may be equal but otherwise must not
// alias.
-static void gcm_siv_crypt(uint8_t *out, const uint8_t *in, size_t in_len,
- const uint8_t initial_counter[AES_BLOCK_SIZE],
- block128_f enc_block, const AES_KEY *key) {
+void gcm_siv_crypt(uint8_t *out, const uint8_t *in, size_t in_len,
+ const uint8_t initial_counter[AES_BLOCK_SIZE],
+ block128_f enc_block, const AES_KEY *key) {
uint8_t counter[16];
OPENSSL_memcpy(counter, initial_counter, AES_BLOCK_SIZE);
@@ -617,45 +613,125 @@
}
}
+
+// POLYVAL.
+//
+// POLYVAL is a polynomial authenticator that operates over a field very
+// similar to the one that GHASH uses. See
+// https://www.rfc-editor.org/rfc/rfc8452.html#section-3.
+
+// POLYVAL(H, X_1, ..., X_n) =
+// ByteReverse(GHASH(mulX_GHASH(ByteReverse(H)), ByteReverse(X_1), ...,
+// ByteReverse(X_n))).
+//
+// See https://www.rfc-editor.org/rfc/rfc8452.html#appendix-A.
+
+struct polyval_ctx {
+ uint8_t S[16];
+ u128 Htable[16];
+ gmult_func gmult;
+ ghash_func ghash;
+};
+
+// byte_reverse reverses the order of the bytes in |b->c|.
+void byte_reverse(uint8_t b[16]) {
+ uint64_t hi = CRYPTO_load_u64_le(b);
+ uint64_t lo = CRYPTO_load_u64_le(b + 8);
+ CRYPTO_store_u64_le(b, CRYPTO_bswap8(lo));
+ CRYPTO_store_u64_le(b + 8, CRYPTO_bswap8(hi));
+}
+
+// reverse_and_mulX_ghash interprets |b| as a reversed element of the GHASH
+// field, multiplies that by 'x' and serialises the result back into |b|, but
+// with GHASH's backwards bit ordering.
+void reverse_and_mulX_ghash(uint8_t b[16]) {
+ uint64_t hi = CRYPTO_load_u64_le(b);
+ uint64_t lo = CRYPTO_load_u64_le(b + 8);
+ const crypto_word_t carry = constant_time_eq_w(hi & 1, 1);
+ hi >>= 1;
+ hi |= lo << 63;
+ lo >>= 1;
+ lo ^= ((uint64_t)constant_time_select_w(carry, 0xe1, 0)) << 56;
+
+ CRYPTO_store_u64_le(b, CRYPTO_bswap8(lo));
+ CRYPTO_store_u64_le(b + 8, CRYPTO_bswap8(hi));
+}
+
+void crypto_polyval_init(struct polyval_ctx *ctx, const uint8_t key[16]) {
+ alignas(8) uint8_t H[16];
+ OPENSSL_memcpy(H, key, 16);
+ reverse_and_mulX_ghash(H);
+
+ CRYPTO_ghash_init(&ctx->gmult, &ctx->ghash, ctx->Htable, H);
+ OPENSSL_memset(&ctx->S, 0, sizeof(ctx->S));
+}
+
+void crypto_polyval_update_blocks(struct polyval_ctx *ctx, const uint8_t *in,
+ size_t in_len) {
+ assert((in_len & 15) == 0);
+ alignas(8) uint8_t buf[32 * 16];
+
+ while (in_len > 0) {
+ size_t todo = in_len;
+ if (todo > sizeof(buf)) {
+ todo = sizeof(buf);
+ }
+ OPENSSL_memcpy(buf, in, todo);
+ in += todo;
+ in_len -= todo;
+
+ size_t blocks = todo / 16;
+ for (size_t i = 0; i < blocks; i++) {
+ byte_reverse(buf + 16 * i);
+ }
+
+ ctx->ghash(ctx->S, ctx->Htable, buf, todo);
+ }
+}
+
+void crypto_polyval_finish(const struct polyval_ctx *ctx, uint8_t out[16]) {
+ OPENSSL_memcpy(out, &ctx->S, 16);
+ byte_reverse(out);
+}
+
// gcm_siv_polyval evaluates POLYVAL at |auth_key| on the given plaintext and
// AD. The result is written to |out_tag|.
-static void gcm_siv_polyval(
- uint8_t out_tag[16], const uint8_t *in, size_t in_len, const uint8_t *ad,
- size_t ad_len, const uint8_t auth_key[16],
- const uint8_t nonce[EVP_AEAD_AES_GCM_SIV_NONCE_LEN]) {
+void gcm_siv_polyval(uint8_t out_tag[16], const uint8_t *in, size_t in_len,
+ const uint8_t *ad, size_t ad_len,
+ const uint8_t auth_key[16],
+ const uint8_t nonce[EVP_AEAD_AES_GCM_SIV_NONCE_LEN]) {
struct polyval_ctx polyval_ctx;
- CRYPTO_POLYVAL_init(&polyval_ctx, auth_key);
+ crypto_polyval_init(&polyval_ctx, auth_key);
- CRYPTO_POLYVAL_update_blocks(&polyval_ctx, ad, ad_len & ~15);
+ crypto_polyval_update_blocks(&polyval_ctx, ad, ad_len & ~15);
uint8_t scratch[16];
if (ad_len & 15) {
OPENSSL_memset(scratch, 0, sizeof(scratch));
OPENSSL_memcpy(scratch, &ad[ad_len & ~15], ad_len & 15);
- CRYPTO_POLYVAL_update_blocks(&polyval_ctx, scratch, sizeof(scratch));
+ crypto_polyval_update_blocks(&polyval_ctx, scratch, sizeof(scratch));
}
- CRYPTO_POLYVAL_update_blocks(&polyval_ctx, in, in_len & ~15);
+ crypto_polyval_update_blocks(&polyval_ctx, in, in_len & ~15);
if (in_len & 15) {
OPENSSL_memset(scratch, 0, sizeof(scratch));
OPENSSL_memcpy(scratch, &in[in_len & ~15], in_len & 15);
- CRYPTO_POLYVAL_update_blocks(&polyval_ctx, scratch, sizeof(scratch));
+ crypto_polyval_update_blocks(&polyval_ctx, scratch, sizeof(scratch));
}
uint8_t length_block[16];
CRYPTO_store_u64_le(length_block, ((uint64_t)ad_len) * 8);
CRYPTO_store_u64_le(length_block + 8, ((uint64_t)in_len) * 8);
- CRYPTO_POLYVAL_update_blocks(&polyval_ctx, length_block,
+ crypto_polyval_update_blocks(&polyval_ctx, length_block,
sizeof(length_block));
- CRYPTO_POLYVAL_finish(&polyval_ctx, out_tag);
+ crypto_polyval_finish(&polyval_ctx, out_tag);
for (size_t i = 0; i < EVP_AEAD_AES_GCM_SIV_NONCE_LEN; i++) {
out_tag[i] ^= nonce[i];
}
out_tag[15] &= 0x7f;
}
-namespace {
// gcm_siv_record_keys contains the keys used for a specific GCM-SIV record.
struct gcm_siv_record_keys {
uint8_t auth_key[16];
@@ -665,13 +741,12 @@
} enc_key;
block128_f enc_block;
};
-} // namespace
// gcm_siv_keys calculates the keys for a specific GCM-SIV record with the
// given nonce and writes them to |*out_keys|.
-static void gcm_siv_keys(const struct aead_aes_gcm_siv_ctx *gcm_siv_ctx,
- struct gcm_siv_record_keys *out_keys,
- const uint8_t nonce[EVP_AEAD_AES_GCM_SIV_NONCE_LEN]) {
+void gcm_siv_keys(const struct aead_aes_gcm_siv_ctx *gcm_siv_ctx,
+ struct gcm_siv_record_keys *out_keys,
+ const uint8_t nonce[EVP_AEAD_AES_GCM_SIV_NONCE_LEN]) {
const AES_KEY *const key = &gcm_siv_ctx->ks.ks;
uint8_t key_material[(128 /* POLYVAL key */ + 256 /* max AES key */) / 8];
const size_t blocks_needed = gcm_siv_ctx->is_256 ? 6 : 4;
@@ -701,11 +776,13 @@
key_material + 16, gcm_siv_ctx->is_256 ? 32 : 16);
}
-static int aead_aes_gcm_siv_seal_scatter(
- const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t *out_tag,
- size_t *out_tag_len, size_t max_out_tag_len, const uint8_t *nonce,
- size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *extra_in,
- size_t extra_in_len, const uint8_t *ad, size_t ad_len) {
+int aead_aes_gcm_siv_seal_scatter(const EVP_AEAD_CTX *ctx, uint8_t *out,
+ uint8_t *out_tag, size_t *out_tag_len,
+ size_t max_out_tag_len, const uint8_t *nonce,
+ size_t nonce_len, const uint8_t *in,
+ size_t in_len, const uint8_t *extra_in,
+ size_t extra_in_len, const uint8_t *ad,
+ size_t ad_len) {
const struct aead_aes_gcm_siv_ctx *gcm_siv_ctx =
(struct aead_aes_gcm_siv_ctx *)&ctx->state;
const uint64_t in_len_64 = in_len;
@@ -742,12 +819,11 @@
return 1;
}
-static int aead_aes_gcm_siv_open_gather(const EVP_AEAD_CTX *ctx, uint8_t *out,
- const uint8_t *nonce, size_t nonce_len,
- const uint8_t *in, size_t in_len,
- const uint8_t *in_tag,
- size_t in_tag_len, const uint8_t *ad,
- size_t ad_len) {
+int aead_aes_gcm_siv_open_gather(const EVP_AEAD_CTX *ctx, uint8_t *out,
+ const uint8_t *nonce, size_t nonce_len,
+ const uint8_t *in, size_t in_len,
+ const uint8_t *in_tag, size_t in_tag_len,
+ const uint8_t *ad, size_t ad_len) {
const uint64_t ad_len_64 = ad_len;
if (ad_len_64 >= (UINT64_C(1) << 61)) {
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE);
@@ -786,7 +862,7 @@
return 1;
}
-static const EVP_AEAD aead_aes_128_gcm_siv = {
+const EVP_AEAD aead_aes_128_gcm_siv = {
16, // key length
EVP_AEAD_AES_GCM_SIV_NONCE_LEN, // nonce length
EVP_AEAD_AES_GCM_SIV_TAG_LEN, // overhead
@@ -803,7 +879,7 @@
NULL /* tag_len */,
};
-static const EVP_AEAD aead_aes_256_gcm_siv = {
+const EVP_AEAD aead_aes_256_gcm_siv = {
32, // key length
EVP_AEAD_AES_GCM_SIV_NONCE_LEN, // nonce length
EVP_AEAD_AES_GCM_SIV_TAG_LEN, // overhead
@@ -819,6 +895,7 @@
NULL /* get_iv */,
NULL /* tag_len */,
};
+} // namespace
#if defined(AES_GCM_SIV_ASM)
diff --git a/src/crypto/cipher/internal.h b/src/crypto/cipher/internal.h
index c0fb07a..3b0fb7c 100644
--- a/src/crypto/cipher/internal.h
+++ b/src/crypto/cipher/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_CIPHER_EXTRA_INTERNAL_H
-#define OPENSSL_HEADER_CIPHER_EXTRA_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_CIPHER_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_CIPHER_INTERNAL_H
#include <assert.h>
#include <stdlib.h>
@@ -237,4 +237,4 @@
} // extern C
#endif
-#endif // OPENSSL_HEADER_CIPHER_EXTRA_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_CIPHER_INTERNAL_H
diff --git a/src/crypto/cipher/test/aes_128_eax_test.txt b/src/crypto/cipher/test/aes_128_eax_test.txt
new file mode 100644
index 0000000..84fc4ae
--- /dev/null
+++ b/src/crypto/cipher/test/aes_128_eax_test.txt
@@ -0,0 +1,233 @@
+# Test vectors from
+# https://github.com/C2SP/wycheproof/blob/cd27d6419bedd83cbd24611ec54b6d4bfdb0cdca/testvectors/aes_eax_test.json
+
+AD: 6bfb914fd07eae6b
+CT:
+NONCE: 62ec67f9c3a4a407fcb2a8c49031a8b3
+KEY: 233952dee4d5ed5f9b9c6d6ff80ff478
+IN:
+TAG: e037830e8389f27b025a2d6527e79d01
+
+AD: fa3bfd4806eb53fa
+CT: 19dd
+NONCE: becaf043b0a23d843194ba972c66debd
+KEY: 91945d3f4dcbee0bf45ef52255f095a4
+IN: f7fb
+TAG: 5c4c9331049d0bdab0277408f67967e5
+
+AD: 234a3463c1264ac6
+CT: d851d5bae0
+NONCE: 70c3db4f0d26368400a10ed05d2bff5e
+KEY: 01f74ad64077f2e704c0f60ada3dd523
+IN: 1a47cb4933
+TAG: 3a59f238a23e39199dc9266626c40f80
+
+AD: 33cce2eabff5a79d
+CT: 632a9d131a
+NONCE: 8408dfff3c1a2b1292dc199e46b7d617
+KEY: d07cf6cbb7f313bdde66b727afd3c5e8
+IN: 481c9e39b1
+TAG: d4c168a4225d8e1ff755939974a7bede
+
+AD: aeb96eaebe2970e9
+CT: 071dfe16c675
+NONCE: fdb6b06676eedc5c61d74276e1f8e816
+KEY: 35b6d0580005bbc12b0587124557d2c2
+IN: 40d0c07da5e4
+TAG: cb0677e536f73afe6a14b74ee49844dd
+
+AD: d4482d1ca78dce0f
+CT: 835bb4f15d743e350e728414
+NONCE: 6eac5c93072d8e8513f750935e46da1b
+KEY: bd8e6e11475e60b268784c38c62feb22
+IN: 4de3b35c3fc039245bd1fb7d
+TAG: abb8644fd6ccb86947c5e10590210a4f
+
+AD: 65d2017990d62528
+CT: 02083e3979da014812f59f11d52630da30
+NONCE: 1a8c98dcd73d38393b2bf1569deefc19
+KEY: 7c77d6e813bed5ac98baa417477a2e7d
+IN: 8b0a79306c9ce7ed99dae4f87f8dd61636
+TAG: 137327d10649b0aa6e1c181db617d7f2
+
+AD: 54b9f04e6a09189a
+CT: 2ec47b2c4954a489afc7ba4897edcdae8cc3
+NONCE: dde59b97d722156d4d9aff2bc7559826
+KEY: 5fff20cafab119ca2fc73549e20f5b0d
+IN: 1bda122bce8a8dbaf1877d962b8592dd2d56
+TAG: 3b60450599bd02c96382902aef7f832a
+
+AD: 899a175897561d7e
+CT: 0de18fd0fdd91e7af19f1d8ee8733938b1e8
+NONCE: b781fcf2f75fa5a8de97a9ca48e522ec
+KEY: a4a4782bcffd3ec5e7ef6d8c34a56123
+IN: 6cf36720872b8513f6eab1a8a44438d5ef11
+TAG: e7f6d2231618102fdb7fe55ff1991700
+
+AD: 126735fcc320d25a
+CT: cb8920f87a6c75cff39627b56e3ed197c552d295a7
+NONCE: 22e7add93cfc6393c57ec0b3c17d6b44
+KEY: 8395fcf1e95bebd697bd010bc766aac3
+IN: ca40d7446e545ffaed3bd12a740a659ffbbb3ceab7
+TAG: cfc46afc253b4652b1af3795b124ab6e
+
+AD:
+CT: 3c441f32ce07822364d7a2990e50bb13d7b02a26969e4a937e5e9073b0d9c968
+NONCE: 3c8cc2970a008f75cc5beae2847258c2
+KEY: 000102030405060708090a0b0c0d0e0f
+IN: 0000000000000000000000000000000011111111111111111111111111111111
+TAG: db90bdb3da3d00afd0fc6a83551da95e
+
+AD:
+CT: d19ac59849026a91aa1b9aec29b11a202a4d739fd86c28e3ae3d588ea21d70c6
+NONCE: aef03d00598494e9fb03cd7d8b590866
+KEY: 000102030405060708090a0b0c0d0e0f
+IN: 0000000000000000000000000000000011111111111111111111111111111111
+TAG: c30f6cd9202074ed6e2a2a360eac8c47
+
+AD:
+CT: 2108558ac4b2c2d5cc66cea51d6210e046177a67631cd2dd8f09469733acb517
+NONCE: 55d12511c696a80d0514d1ffba49cada
+KEY: 000102030405060708090a0b0c0d0e0f
+IN: 0000000000000000000000000000000011111111111111111111111111111111
+TAG: fc355e87a267be3ae3e44c0bf3f99b2b
+
+AD:
+CT: 4d2c1524ca4baa4eefcce6b91b227ee83abaff8105dcafa2ab191f5df2575035
+NONCE: 79422ddd91c4eee2deaef1f968305304
+KEY: 000102030405060708090a0b0c0d0e0f
+IN: 0000000000000000000000000000000011111111111111111111111111111111
+TAG: e2c865ce2d7abdac024c6f991a848390
+
+AD:
+CT: 8eb01e62185d782eb9287a341a6862ac5257d6f9adc99ee0a24d9c22b3e9b38a
+NONCE: 0af5aa7a7676e28306306bcd9bf2003a
+KEY: 000102030405060708090a0b0c0d0e0f
+IN: 0000000000000000000000000000000011111111111111111111111111111111
+TAG: 39c339bc8a74c75e2c65c6119544d61e
+
+AD:
+CT: 94c5d2aca6dbbce8c24513a25e095c0e54a942860d327a222a815cc713b163b4
+NONCE: af5a03ae7edd73471bdcdfac5e194a60
+KEY: 000102030405060708090a0b0c0d0e0f
+IN: 0000000000000000000000000000000011111111111111111111111111111111
+TAG: f50b30304e45c9d411e8df4508a98612
+
+AD:
+CT: 3bb6173e3772d4b62eef37f9ef0781f360b6c74be3bf6b371067bc1b090d9d6622a1fbec6ac471b3349cd4277a101d40890fbf27dfdcd0b4e3781f9806daabb6
+NONCE: b37087680f0edd5a52228b8c7aaea664
+KEY: 000102030405060708090a0b0c0d0e0f
+IN: 00000000000000000000000000000000111111111111111111111111111111112222222222222222222222222222222233333333333333333333333333333333
+TAG: a0498745e59999ddc32d5b140241124e
+
+AD:
+CT: e9b0bb8857818ce3201c3690d21daa7f264fb8ee93cc7a4674ea2fc32bf182fb2a7e8ad51507ad4f31cefc2356fe7936a7f6e19f95e88fdbf17620916d3a6f3d01fc17d358672f777fd4099246e436e1
+NONCE: 4f802da62a384555a19bc2b382eb25af
+KEY: 000102030405060708090a0b0c0d0e0f
+IN: 0000000000000000000000000000000011111111111111111111111111111111222222222222222222222222222222223333333333333333333333333333333344444444444444444444444444444444
+TAG: 67910be744b8315ae0eb6124590c5d8b
+
+AD:
+CT:
+NONCE: fa294b129972f7fc5bbd5b96bba837c9
+KEY: b67b1a6efdd40d37080fbe8f8047aeb9
+IN:
+TAG: b14b64fb589899699570cc9160e39896
+
+AD:
+CT: 1d
+NONCE: 9477849d6ccdfca112d92e53fae4a7ca
+KEY: 209e6dbf2ad26a105445fc0207cd9e9a
+IN: 01
+TAG: 52a5f600fe5338026a7cb09c11640082
+
+AD:
+CT: d7b8a6b43d2e9f98c2b44ce5e3cfdb
+NONCE: 5171524568e81d97e8c4de4ba56c10a0
+KEY: a549442e35154032d07c8666006aa6a2
+IN: 1182e93596cac5608946400bc73f3a
+TAG: 1bdd52fc987daf0ee19234c905ea645f
+
+AD:
+CT: 73e5c6f0e703a52d02f7f7faeb1b77fd4fd0cb421eaf
+NONCE: 0e6ec879b02c6f516976e35898428da7
+KEY: 958bcdb66a3952b53701582a68a0e474
+IN: 140415823ecc8932a058384b738ea6ea6d4dfe3bbeee
+TAG: 6c154a85968edd74776575a4450bd897
+
+AD: df10d0d212242450
+CT: 936b69b6c955adfd15539b9be4989cb6
+NONCE: 2e35901ae7d491eecc8838fedd631405
+KEY: 965b757ba5018a8d66edc78e0ceee86b
+IN: 36e57a763958b02cea9d6a676ebce81f
+TAG: ee15a1454e88faad8e48a8df2983b425
+
+AD: 7c571d2fbb5f62523c0eb338bef9a9
+CT: 67caac35443a3138d2cb811f0ce04dd2
+NONCE: 7f2985296315507aa4c0a93d5c12bd77
+KEY: 88d02033781c7b4164711a05420f256e
+IN: d98adc03d9d582732eb07df23d7b9f74
+TAG: b7968e0b5640e3b236569653208b9deb
+
+AD: 16843c091d43b0a191d0c73d15601be9
+CT: 200ac451fbeb0f6151d61583a43b7343
+NONCE: bf47afdfd492137a24236bc36797a88e
+KEY: 515840cf67d2e40eb65e54a24c72cbf2
+IN: c834588cb6daf9f06dd23519f4be9f56
+TAG: 2ad43e4caa51983a9d4d24481bf4c839
+
+AD: 904d86f133cec15a0c3caf14d7e029c82a07705a23f0d080
+CT: 27c6e9a653c5253ca1c5673f97b9b33e
+NONCE: d02bf0763a9fefbf70c33aee1e9da1d6
+KEY: 2e4492d444e5b6f4cec8c2d3615ac858
+IN: 9e62d6511b0bda7dd7740b614d97bae0
+TAG: 2d581271e1fa9e3686136caa8f4d6c8e
+
+AD:
+CT:
+NONCE: 438a547a94ea88dce46c6c85
+KEY: bedcfb5a011ebc84600fcb296c15af0d
+IN:
+TAG: 9607977cd7556b1dfedf0c73a35a5197
+
+AD:
+CT: 98
+NONCE: b30c084727ad1c592ac21d12
+KEY: 384ea416ac3c2f51a76e7d8226346d4e
+IN: 35
+TAG: f5d7930952e275beecb998d804c241f0
+
+AD:
+CT: 7fd2878318ab0f2b
+NONCE: b5e006ded553110e6dc56529
+KEY: cae31cd9f55526eb038241fc44cac1e5
+IN: d10989f2c52e94ad
+TAG: ab184ffde523565529a9be111b0c2d6d
+
+AD:
+CT: e928622d1e6e798d8665ae732c4c1e5f
+NONCE: 0e1666f2dc652f7708fb8f0d
+KEY: ffdf4228361ea1f8165852136b3480f7
+IN: 25b12e28ac0ef6ead0226a3b2288c800
+TAG: 33ab476757ffa42c0f6c276391a46eac
+
+AD:
+CT: efd299a43b25ce8cc31b80e5489ef9ce7356ececa91bc7bd
+NONCE: fbbc04fd6e025b7193eb57f6
+KEY: a8ee11b26d7ceb7f17eaa1e4b83a2cf6
+IN: c08f085e6a9e0ef3636280c11ecfadf0c1e72919ffc17eaf
+TAG: 3c33fc0bcd256b0a8a34ecc8b01e52a6
+
+AD:
+CT: 356bca9cddd39efd393278e43b4e80266071608036e81d6e924d4e4800fb27
+NONCE: 42b51388f6f9047a2a994575
+KEY: 1655bf662f7ee685615701fd3779d628
+IN: 857b2f6cd608c9cea0246c740caa4ca19c5f1c7d71cb9273f0d8c8bb65b70a
+TAG: 71f02ba7c6cf3a579e56245025420071
+
+AD:
+CT: 9d911b934a68ce7db322410028bd31bd81bcbdadf26f15676be472bc3821fb68e4728db76930bc0958aeed6faf3e333da7af3d48c480b424ff3d6600cc56a507c8ad
+NONCE: 064b3cfbe04d94d4d5c19b30
+KEY: 42e38abef2dd7573248c5aefb3ecca54
+IN: 2c763b9ec84903bcbb8aec15e678a3a955e4870edbf62d9d3c81c4f9ed6154877875779ca33cce8f73a55ca7af1d8d817fc6baac00ef962c5a0da339ce81427a3d59
+TAG: d679eb9e5d744b62d91dcf6fb6284f41
\ No newline at end of file
diff --git a/src/crypto/cipher/test/aes_256_eax_test.txt b/src/crypto/cipher/test/aes_256_eax_test.txt
new file mode 100644
index 0000000..d038ab0
--- /dev/null
+++ b/src/crypto/cipher/test/aes_256_eax_test.txt
@@ -0,0 +1,107 @@
+# Test vectors from
+# https://github.com/C2SP/wycheproof/blob/cd27d6419bedd83cbd24611ec54b6d4bfdb0cdca/testvectors/aes_eax_test.json
+
+AD:
+CT:
+NONCE: 4da5bf8dfd5852c1ea12379d
+KEY: 80ba3192c803ce965ea371d5ff073cf0f43b6a2ab576b208426e11409c09b9b0
+IN:
+TAG: 4d293af9a8fe4ac034f14b14334c16ae
+
+AD:
+CT: 8c
+NONCE: 99e23ec48985bccdeeab60f1
+KEY: cc56b680552eb75008f5484b4cb803fa5063ebd6eab91f6ab6aef4916a766273
+IN: 2a
+TAG: c460d5ff45235c3c2491c7e6a32491d6
+
+AD:
+CT: 6038296421fb5007
+NONCE: 4f07afedfdc3b6c2361823d3
+KEY: 51e4bf2bad92b7aff1a4bc05550ba81df4b96fabf41c12c7b00e60e48db7e152
+IN: be3308f72a2c6aed
+TAG: 0a91c72219c0b9ad716accd910e04e13
+
+AD:
+CT: c4066e265a948f40e05e37fa400fde1b
+NONCE: 2fcb1b38a99e71b84740ad9b
+KEY: 59d4eafb4de0cfc7d3db99a8f54b15d7b39f0acc8da69763b019c1699f87674a
+IN: 549b365af913f3b081131ccb6b825588
+TAG: 611de27128955c54edd7a4d6d23e78ee
+
+AD:
+CT: f64ffe52cd838cea89dd500662a2ee4b4b450eee68218e84
+NONCE: e6b1adf2fd58a8762c65f31b
+KEY: 0212a8de5007ed87b33f1a7090b6114f9e08cefd9607f2c276bdcfdbc5ce9cd7
+IN: 10f1ecf9c60584665d9ae5efe279e7f7377eea6916d2b111
+TAG: ae1e2eda96bed82182240aae08f9fe9c
+
+AD:
+CT: 01f09a6a136909c158e13502ee5488f592ee24059d6da734acba8c11e9815f
+NONCE: 04a9be03508a5f31371a6fd2
+KEY: 2eb51c469aa8eb9e6c54a8349bae50a20f0e382711bba1152c424f03b6671d71
+IN: b053999286a2824f42cc8c203ab24e2c97a685adcc2ad32662558e55a5c729
+TAG: 79e57b518fa6dabe94e0e89cae89976b
+
+AD:
+CT: 72356ce9f1822e30809817a3b91ea13700ab3275b6f3718a845ad0b132bf4bbbb61ee466c1b0a1cb5a26424dbcc8d1b649f22785907a9c0164a2a41a9fc477d6c4dd
+NONCE: ce03bbb56778f25d4528350b
+KEY: 95e87eda64d0dc2d4e851030c3e1b27cca2265b3464c2c572bd8fc8cfb282d1b
+IN: 2e5acc19acb9940bb74d414b45e71386a409b641490b139493d7d632cbf1674fdf2511c3fad6c27359e6137b4cd52efc4bf871e6623451517d6a3c68240f2a79916a
+TAG: 872861d71412e15732f60a83d4b47ee1
+
+AD:
+CT:
+NONCE: 00c49f4ebb07393f07ebc3825f7b0830
+KEY: b4cd11db0b3e0b9b34eafd9fe027746976379155e76116afde1b96d21298e34f
+IN:
+TAG: 80d821cde2d6c523b718597b11dd0fa8
+
+AD:
+CT: 25
+NONCE: 0ad570d8863918fe89124e09d125a271
+KEY: b7797eb0c1a6089ad5452d81fdb14828c040ddc4589c32b565aad8cb4de3e4a0
+IN: ed
+TAG: 4fef9ec45255dbba5631105d00a55767
+
+AD:
+CT: cbfcaa3634d6cff5656bc6bda6ab5f
+NONCE: 2a55caa137c5b0b66cf3809eb8f730c4
+KEY: 4c010d9561c7234c308c01cea3040c925a9f324dc958ff904ae39b37e60e1e03
+IN: 2a093c9ed72b8ff4994201e9f9e010
+TAG: 0144be0643b036a8147e19f4ea9e7af2
+
+AD:
+CT: f531097aa1bb35d9f401d459340afbd27f9bdf72c537
+NONCE: 21cbeff0b123799da74f4daff2e279c5
+KEY: 2f6cfb7a215a7bafb607c273f7e66f9a6d51d57f9c29422ec64699bad0c6f33b
+IN: 39dbc71f6838ed6c6e582137436e1c61bbbfb80531f4
+TAG: e4e18170dce4e1af90b15eae64355331
+
+AD: e9ee894ad5b0781d
+CT: 0b70b24253b2e1c3ef1165925b5c5e57
+NONCE: 42f82085c08afd5b19a9491a79cd8119
+KEY: 7517c973a9de3614431e3198f4ddc0f8dc33862654649e9ff7838635bb278231
+IN: d17fbed25ad5f72477580b9e82a7b883
+TAG: 45009a2a101877ed70e58f2e5910004f
+
+AD: 813399ff1e1ef0b58bb2be130ce5d4
+CT: 65019212ccbbd4cd2f995cc59d46fd27
+NONCE: d4df79c69f73b26a13598af07eed6a77
+KEY: 9f5c60fb5df5cf2b1b39254c3fa80e51d30d64e344b3aba59574305b4d2212ad
+IN: a3ca2ef9bd1fdbaa83db4c7eae6de94e
+TAG: 4026c486430a1ae2a5fc4081cd665468
+
+AD: d1544013b885a7083abece9e31d98ebc
+CT: 91b9f4424b68b4af839ce553d10b7dbc
+NONCE: 7078c9239650b8a1a8cf031d460e51c1
+KEY: 38f3d880ed6cd605f2eab88027c9a1c21d13e3de1af50ac884723bcf2b70f495
+IN: 52609620d7f572aa9267565e459ae419
+TAG: 0541b1a518f4bb585a594f3eab5535c3
+
+AD: d28d5811d4168a08da54b97831b59200041adb0e2891ea91
+CT: e42b53912ce21a3ee7a1fb51194d6fe3
+NONCE: 1ec1d18c96ca6cad66690e60b91cf222
+KEY: ec88cec13d8ebae7d62f60197e5486d61c33ee5a50b19f197c1348fbc9e27e8e
+IN: 658c6c7d8ea64a48375d69d9a405095a
+TAG: 2bc8cc7f42cac1a121fd9ddff4f2073c
diff --git a/src/crypto/cms/cms.cc b/src/crypto/cms/cms.cc
new file mode 100644
index 0000000..b2f1953
--- /dev/null
+++ b/src/crypto/cms/cms.cc
@@ -0,0 +1,172 @@
+// Copyright 2025 The BoringSSL Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include <openssl/cms.h>
+
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/mem.h>
+#include <openssl/x509.h>
+
+#include "../pkcs7/internal.h"
+
+
+// TODO(davidben): Should we move the core PKCS#7 / CMS implementation into
+// crypto/cms instead of crypto/pkcs7? CMS is getting new features while PKCS#7
+// is not.
+OPENSSL_DECLARE_ERROR_REASON(CMS, CERTIFICATE_HAS_NO_KEYID)
+
+struct CMS_SignerInfo_st {
+ X509 *signcert = nullptr;
+ EVP_PKEY *pkey = nullptr;
+ const EVP_MD *md = nullptr;
+ bool use_key_id = false;
+};
+
+struct CMS_ContentInfo_st {
+ bool has_signer_info = false;
+ CMS_SignerInfo signer_info;
+ uint8_t *der = nullptr;
+ size_t der_len = 0;
+};
+
+CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
+ BIO *data, uint32_t flags) {
+ // We only support external signatures and do not support embedding
+ // certificates in SignedData.
+ if ((flags & CMS_DETACHED) == 0 || sk_X509_num(certs) != 0) {
+ OPENSSL_PUT_ERROR(CMS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return nullptr;
+ }
+
+ bssl::UniquePtr<CMS_ContentInfo> cms(
+ static_cast<CMS_ContentInfo *>(OPENSSL_zalloc(sizeof(CMS_ContentInfo))));
+ if (cms == nullptr) {
+ return nullptr;
+ }
+
+ if (pkey != nullptr &&
+ !CMS_add1_signer(cms.get(), signcert, pkey, /*md=*/nullptr, flags)) {
+ return nullptr;
+ }
+
+ // We don't actually use streaming mode, but Linux passes |CMS_STREAM| to
+ // |CMS_sign| and OpenSSL interprets it as an alias for |CMS_PARTIAL| in this
+ // context.
+ if ((flags & (CMS_PARTIAL | CMS_STREAM)) == 0 &&
+ !CMS_final(cms.get(), data, NULL, flags)) {
+ return nullptr;
+ }
+
+ return cms.release();
+}
+
+void CMS_ContentInfo_free(CMS_ContentInfo *cms) {
+ if (cms == nullptr) {
+ return;
+ }
+ X509_free(cms->signer_info.signcert);
+ EVP_PKEY_free(cms->signer_info.pkey);
+ OPENSSL_free(cms->der);
+ OPENSSL_free(cms);
+}
+
+CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, X509 *signcert,
+ EVP_PKEY *pkey, const EVP_MD *md,
+ uint32_t flags) {
+ if ( // Already finalized.
+ cms->der_len != 0 ||
+ // We only support one signer.
+ cms->has_signer_info ||
+ // We do not support configuring a signer in multiple steps. (In OpenSSL,
+ // this is used to configure attributes.
+ (flags & CMS_PARTIAL) != 0 ||
+ // We do not support embedding certificates in SignedData.
+ (flags & CMS_NOCERTS) == 0 ||
+ // We do not support attributes in SignedData.
+ (flags & CMS_NOATTR) == 0) {
+ OPENSSL_PUT_ERROR(CMS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return nullptr;
+ }
+
+ if (signcert == nullptr || pkey == nullptr) {
+ OPENSSL_PUT_ERROR(CMS, ERR_R_PASSED_NULL_PARAMETER);
+ return nullptr;
+ }
+
+ if (!X509_check_private_key(signcert, pkey)) {
+ OPENSSL_PUT_ERROR(CMS, CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
+ return nullptr;
+ }
+
+ // Default to SHA-256.
+ if (md == nullptr) {
+ md = EVP_sha256();
+ }
+
+ // Save information for later.
+ cms->has_signer_info = true;
+ cms->signer_info.signcert = bssl::UpRef(signcert).release();
+ cms->signer_info.pkey = bssl::UpRef(pkey).release();
+ cms->signer_info.md = md;
+ cms->signer_info.use_key_id = (flags & CMS_USE_KEYID) != 0;
+ return &cms->signer_info;
+}
+
+int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, uint32_t flags) {
+ if ( // Already finalized.
+ cms->der_len != 0 ||
+ // Require a SignerInfo. We do not support signature-less SignedDatas.
+ !cms->has_signer_info ||
+ // We only support the straightforward passthrough mode, without S/MIME
+ // translations.
+ (flags & CMS_BINARY) == 0 ||
+ // We do not support |dcont|. It is unclear what it does.
+ dcont != nullptr) {
+ OPENSSL_PUT_ERROR(CMS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return 0;
+ }
+
+ bssl::ScopedCBB cbb;
+ if (!CBB_init(cbb.get(), 2048) ||
+ !pkcs7_add_external_signature(cbb.get(), cms->signer_info.signcert,
+ cms->signer_info.pkey, cms->signer_info.md,
+ data, cms->signer_info.use_key_id) ||
+ !CBB_finish(cbb.get(), &cms->der, &cms->der_len)) {
+ return 0;
+ }
+
+ return 1;
+}
+
+int i2d_CMS_bio(BIO *out, CMS_ContentInfo *cms) {
+ if (cms->der_len == 0) {
+ // Not yet finalized.
+ OPENSSL_PUT_ERROR(CMS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return 0;
+ }
+
+ return BIO_write_all(out, cms->der, cms->der_len);
+}
+
+int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags) {
+ // We do not support streaming mode.
+ if ((flags & CMS_STREAM) != 0 || in != nullptr) {
+ OPENSSL_PUT_ERROR(CMS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return 0;
+ }
+
+ return i2d_CMS_bio(out, cms);
+}
diff --git a/src/crypto/cms/cms_test.cc b/src/crypto/cms/cms_test.cc
new file mode 100644
index 0000000..f0d8281
--- /dev/null
+++ b/src/crypto/cms/cms_test.cc
@@ -0,0 +1,164 @@
+// Copyright 2025 The BoringSSL Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include <openssl/cms.h>
+
+#include <vector>
+
+#include <gtest/gtest.h>
+
+#include <openssl/bio.h>
+#include <openssl/digest.h>
+#include <openssl/err.h>
+#include <openssl/nid.h>
+#include <openssl/pem.h>
+#include <openssl/x509.h>
+
+#include "../test/test_data.h"
+#include "../test/test_util.h"
+
+
+static std::vector<uint8_t> BIOMemContents(const BIO *bio) {
+ const uint8_t *data;
+ size_t len;
+ BSSL_CHECK(BIO_mem_contents(bio, &data, &len));
+ return std::vector(data, data + len);
+}
+
+// CMS is (mostly) an extension of PKCS#7, so we reuse the PKCS#7 test data.
+TEST(CMSTest, KernelModuleSigning) {
+ // Sign a message with the same call that the Linux kernel's sign-file.c
+ // makes.
+ std::string cert_pem = GetTestData("crypto/pkcs7/test/sign_cert.pem");
+ std::string key_pem = GetTestData("crypto/pkcs7/test/sign_key.pem");
+ bssl::UniquePtr<BIO> cert_bio(
+ BIO_new_mem_buf(cert_pem.data(), cert_pem.size()));
+ bssl::UniquePtr<X509> cert(
+ PEM_read_bio_X509(cert_bio.get(), nullptr, nullptr, nullptr));
+
+ bssl::UniquePtr<BIO> key_bio(BIO_new_mem_buf(key_pem.data(), key_pem.size()));
+ bssl::UniquePtr<EVP_PKEY> key(
+ PEM_read_bio_PrivateKey(key_bio.get(), nullptr, nullptr, nullptr));
+
+ static const char kSignedData[] = "signed data";
+ bssl::UniquePtr<BIO> data_bio(
+ BIO_new_mem_buf(kSignedData, sizeof(kSignedData) - 1));
+
+ // Sign with SHA-256, as the kernel does.
+ bssl::UniquePtr<CMS_ContentInfo> cms(CMS_sign(
+ nullptr, nullptr, nullptr, nullptr,
+ CMS_NOCERTS | CMS_PARTIAL | CMS_BINARY | CMS_DETACHED | CMS_STREAM));
+ ASSERT_TRUE(cms);
+ ASSERT_TRUE(
+ CMS_add1_signer(cms.get(), cert.get(), key.get(), EVP_sha256(),
+ CMS_NOCERTS | CMS_BINARY | CMS_NOSMIMECAP | CMS_NOATTR));
+ ASSERT_TRUE(CMS_final(cms.get(), data_bio.get(), /*dcont=*/nullptr,
+ CMS_NOCERTS | CMS_BINARY));
+
+ // The kernel uses the streaming API for output, intended to stream the input
+ // to the output, even though it doesn't call it in a streaming mode.
+ bssl::UniquePtr<BIO> out(BIO_new(BIO_s_mem()));
+ ASSERT_TRUE(
+ i2d_CMS_bio_stream(out.get(), cms.get(), /*in=*/nullptr, /*flags=*/0));
+
+ // RSA signatures are deterministic so the output should not change. By
+ // default, |CMS_sign| should sign SHA-256.
+ std::string expected = GetTestData("crypto/pkcs7/test/sign_sha256.p7s");
+ EXPECT_EQ(Bytes(BIOMemContents(out.get())), Bytes(expected));
+
+ // The more straightforward output API works too.
+ ASSERT_TRUE(BIO_reset(out.get()));
+ ASSERT_TRUE(i2d_CMS_bio(out.get(), cms.get()));
+ EXPECT_EQ(Bytes(BIOMemContents(out.get())), Bytes(expected));
+
+ // The kernel passes unnecessary flags. The minimal set of flags works too.
+ ASSERT_TRUE(BIO_reset(data_bio.get()));
+ cms.reset(
+ CMS_sign(nullptr, nullptr, nullptr, nullptr, CMS_PARTIAL | CMS_DETACHED));
+ ASSERT_TRUE(cms);
+ ASSERT_TRUE(CMS_add1_signer(cms.get(), cert.get(), key.get(), EVP_sha256(),
+ CMS_NOCERTS | CMS_NOATTR));
+ ASSERT_TRUE(
+ CMS_final(cms.get(), data_bio.get(), /*dcont=*/nullptr, CMS_BINARY));
+ ASSERT_TRUE(BIO_reset(out.get()));
+ ASSERT_TRUE(i2d_CMS_bio(out.get(), cms.get()));
+ EXPECT_EQ(Bytes(BIOMemContents(out.get())), Bytes(expected));
+
+ // SHA-256 is the default hash, so the single-shot API works too, but is less
+ // explicit about the hash chosen.
+ ASSERT_TRUE(BIO_reset(data_bio.get()));
+ cms.reset(CMS_sign(cert.get(), key.get(), nullptr, data_bio.get(),
+ CMS_DETACHED | CMS_NOCERTS | CMS_NOATTR | CMS_BINARY));
+ ASSERT_TRUE(cms);
+ ASSERT_TRUE(BIO_reset(out.get()));
+ ASSERT_TRUE(i2d_CMS_bio(out.get(), cms.get()));
+ EXPECT_EQ(Bytes(BIOMemContents(out.get())), Bytes(expected));
+
+ // The signer can be identified by SKID instead.
+ ASSERT_TRUE(BIO_reset(data_bio.get()));
+ cms.reset(
+ CMS_sign(nullptr, nullptr, nullptr, nullptr, CMS_PARTIAL | CMS_DETACHED));
+ ASSERT_TRUE(cms);
+ ASSERT_TRUE(CMS_add1_signer(cms.get(), cert.get(), key.get(), EVP_sha256(),
+ CMS_NOCERTS | CMS_NOATTR | CMS_USE_KEYID));
+ ASSERT_TRUE(
+ CMS_final(cms.get(), data_bio.get(), /*dcont=*/nullptr, CMS_BINARY));
+ ASSERT_TRUE(BIO_reset(out.get()));
+ ASSERT_TRUE(i2d_CMS_bio(out.get(), cms.get()));
+ expected = GetTestData("crypto/pkcs7/test/sign_sha256_key_id.p7s");
+ EXPECT_EQ(Bytes(BIOMemContents(out.get())), Bytes(expected));
+
+ // Specify a different hash function.
+ ASSERT_TRUE(BIO_reset(data_bio.get()));
+ cms.reset(
+ CMS_sign(nullptr, nullptr, nullptr, nullptr, CMS_PARTIAL | CMS_DETACHED));
+ ASSERT_TRUE(cms);
+ ASSERT_TRUE(CMS_add1_signer(cms.get(), cert.get(), key.get(), EVP_sha1(),
+ CMS_NOCERTS | CMS_NOATTR));
+ ASSERT_TRUE(
+ CMS_final(cms.get(), data_bio.get(), /*dcont=*/nullptr, CMS_BINARY));
+ ASSERT_TRUE(BIO_reset(out.get()));
+ ASSERT_TRUE(i2d_CMS_bio(out.get(), cms.get()));
+ expected = GetTestData("crypto/pkcs7/test/sign_sha1.p7s");
+ EXPECT_EQ(Bytes(BIOMemContents(out.get())), Bytes(expected));
+
+ // Ditto, with SKID.
+ ASSERT_TRUE(BIO_reset(data_bio.get()));
+ cms.reset(
+ CMS_sign(nullptr, nullptr, nullptr, nullptr, CMS_PARTIAL | CMS_DETACHED));
+ ASSERT_TRUE(cms);
+ ASSERT_TRUE(CMS_add1_signer(cms.get(), cert.get(), key.get(), EVP_sha1(),
+ CMS_NOCERTS | CMS_NOATTR | CMS_USE_KEYID));
+ ASSERT_TRUE(
+ CMS_final(cms.get(), data_bio.get(), /*dcont=*/nullptr, CMS_BINARY));
+ ASSERT_TRUE(BIO_reset(out.get()));
+ ASSERT_TRUE(i2d_CMS_bio(out.get(), cms.get()));
+ expected = GetTestData("crypto/pkcs7/test/sign_sha1_key_id.p7s");
+ EXPECT_EQ(Bytes(BIOMemContents(out.get())), Bytes(expected));
+
+ // If SKID is requested, but there is none, signing should fail.
+ bssl::UniquePtr<X509> cert_no_skid(X509_dup(cert.get()));
+ ASSERT_TRUE(cert_no_skid.get());
+ int loc =
+ X509_get_ext_by_NID(cert_no_skid.get(), NID_subject_key_identifier, -1);
+ ASSERT_GE(loc, 0);
+ X509_EXTENSION_free(X509_delete_ext(cert_no_skid.get(), loc));
+ ASSERT_TRUE(BIO_reset(data_bio.get()));
+ cms.reset(CMS_sign(
+ cert_no_skid.get(), key.get(), nullptr, data_bio.get(),
+ CMS_DETACHED | CMS_NOCERTS | CMS_NOATTR | CMS_BINARY | CMS_USE_KEYID));
+ EXPECT_FALSE(cms);
+ EXPECT_TRUE(ErrorEquals(ERR_get_error(), ERR_LIB_CMS,
+ CMS_R_CERTIFICATE_HAS_NO_KEYID));
+}
diff --git a/src/crypto/cpu_arm_linux.cc b/src/crypto/cpu_arm_linux.cc
index 42ceecd..90489f7 100644
--- a/src/crypto/cpu_arm_linux.cc
+++ b/src/crypto/cpu_arm_linux.cc
@@ -109,7 +109,11 @@
// Matching OpenSSL, only report other features if NEON is present.
unsigned long hwcap = getauxval(AT_HWCAP);
- if (hwcap & HWCAP_NEON) {
+ if (hwcap & CRYPTO_HWCAP_NEON) {
+#if defined(HWCAP_ARM_NEON)
+ static_assert(HWCAP_ARM_NEON == CRYPTO_HWCAP_NEON,
+ "CRYPTO_HWCAP values must match Linux");
+#endif
OPENSSL_armcap_P |= ARMV7_NEON;
// Some ARMv8 Android devices don't expose AT_HWCAP2. Fall back to
@@ -123,16 +127,35 @@
g_needs_hwcap2_workaround = hwcap2 != 0;
}
- if (hwcap2 & HWCAP2_AES) {
+ // HWCAP2_* values, without the "CRYPTO_" prefix, are exposed through
+ // <sys/auxv.h> in some versions of glibc(>= 2.41). Assert that we don't
+ // diverge from those values.
+ if (hwcap2 & CRYPTO_HWCAP2_AES) {
+#if defined(HWCAP2_AES)
+ static_assert(HWCAP2_AES == CRYPTO_HWCAP2_AES,
+ "CRYPTO_HWCAP2 values must match Linux");
+#endif
OPENSSL_armcap_P |= ARMV8_AES;
}
- if (hwcap2 & HWCAP2_PMULL) {
+ if (hwcap2 & CRYPTO_HWCAP2_PMULL) {
+#if defined(HWCAP2_PMULL)
+ static_assert(HWCAP2_PMULL == CRYPTO_HWCAP2_PMULL,
+ "CRYPTO_HWCAP2 values must match Linux");
+#endif
OPENSSL_armcap_P |= ARMV8_PMULL;
}
- if (hwcap2 & HWCAP2_SHA1) {
+ if (hwcap2 & CRYPTO_HWCAP2_SHA1) {
+#if defined(HWCAP2_SHA1)
+ static_assert(HWCAP2_SHA1 == CRYPTO_HWCAP2_SHA1,
+ "CRYPTO_HWCAP2 values must match Linux");
+#endif
OPENSSL_armcap_P |= ARMV8_SHA1;
}
- if (hwcap2 & HWCAP2_SHA2) {
+ if (hwcap2 & CRYPTO_HWCAP2_SHA2) {
+#if defined(HWCAP2_SHA2)
+ static_assert(HWCAP2_SHA2 == CRYPTO_HWCAP2_SHA2,
+ "CRYPTO_HWCAP2 values must match Linux");
+#endif
OPENSSL_armcap_P |= ARMV8_SHA256;
}
}
diff --git a/src/crypto/cpu_arm_linux.h b/src/crypto/cpu_arm_linux.h
index 81e37cb..196f3dd 100644
--- a/src/crypto/cpu_arm_linux.h
+++ b/src/crypto/cpu_arm_linux.h
@@ -29,14 +29,16 @@
// The cpuinfo parser lives in a header file so it may be accessible from
// cross-platform fuzzers without adding code to those platforms normally.
-#define HWCAP_NEON (1 << 12)
+#define CRYPTO_HWCAP_NEON (1 << 12)
// See /usr/include/asm/hwcap.h on an ARM installation for the source of
// these values.
-#define HWCAP2_AES (1 << 0)
-#define HWCAP2_PMULL (1 << 1)
-#define HWCAP2_SHA1 (1 << 2)
-#define HWCAP2_SHA2 (1 << 3)
+// We add the prefix "CRYPTO_" to the definitions so as not to collide with
+// some versions of glibc (>= 2.41) that expose them through <sys/auxv.h>.
+#define CRYPTO_HWCAP2_AES (1 << 0)
+#define CRYPTO_HWCAP2_PMULL (1 << 1)
+#define CRYPTO_HWCAP2_SHA1 (1 << 2)
+#define CRYPTO_HWCAP2_SHA2 (1 << 3)
typedef struct {
const char *data;
@@ -141,16 +143,16 @@
unsigned long ret = 0;
if (has_list_item(&features, "aes")) {
- ret |= HWCAP2_AES;
+ ret |= CRYPTO_HWCAP2_AES;
}
if (has_list_item(&features, "pmull")) {
- ret |= HWCAP2_PMULL;
+ ret |= CRYPTO_HWCAP2_PMULL;
}
if (has_list_item(&features, "sha1")) {
- ret |= HWCAP2_SHA1;
+ ret |= CRYPTO_HWCAP2_SHA1;
}
if (has_list_item(&features, "sha2")) {
- ret |= HWCAP2_SHA2;
+ ret |= CRYPTO_HWCAP2_SHA2;
}
return ret;
}
diff --git a/src/crypto/cpu_arm_linux_test.cc b/src/crypto/cpu_arm_linux_test.cc
index 7c91122..e301ccd 100644
--- a/src/crypto/cpu_arm_linux_test.cc
+++ b/src/crypto/cpu_arm_linux_test.cc
@@ -95,7 +95,8 @@
// (Extra processors omitted.)
"\n"
"Hardware : Qualcomm Technologies, Inc MSM8998\n",
- HWCAP2_AES | HWCAP2_PMULL | HWCAP2_SHA1 | HWCAP2_SHA2,
+ CRYPTO_HWCAP2_AES | CRYPTO_HWCAP2_PMULL | CRYPTO_HWCAP2_SHA1 |
+ CRYPTO_HWCAP2_SHA2,
},
// Garbage should be tolerated.
{
@@ -107,23 +108,24 @@
{
"Features : aes pmull sha1 sha2\n"
"CPU architecture: 8\n",
- HWCAP2_AES | HWCAP2_PMULL | HWCAP2_SHA1 | HWCAP2_SHA2,
+ CRYPTO_HWCAP2_AES | CRYPTO_HWCAP2_PMULL | CRYPTO_HWCAP2_SHA1 |
+ CRYPTO_HWCAP2_SHA2,
},
// Various combinations of ARMv8 flags.
{
"Features : aes sha1 sha2\n"
"CPU architecture: 8\n",
- HWCAP2_AES | HWCAP2_SHA1 | HWCAP2_SHA2,
+ CRYPTO_HWCAP2_AES | CRYPTO_HWCAP2_SHA1 | CRYPTO_HWCAP2_SHA2,
},
{
"Features : pmull sha2\n"
"CPU architecture: 8\n",
- HWCAP2_PMULL | HWCAP2_SHA2,
+ CRYPTO_HWCAP2_PMULL | CRYPTO_HWCAP2_SHA2,
},
{
"Features : aes aes aes not_aes aes aes \n"
"CPU architecture: 8\n",
- HWCAP2_AES,
+ CRYPTO_HWCAP2_AES,
},
{
"Features : \n"
diff --git a/src/crypto/cpu_intel.cc b/src/crypto/cpu_intel.cc
index 05acad2..722c33f 100644
--- a/src/crypto/cpu_intel.cc
+++ b/src/crypto/cpu_intel.cc
@@ -23,10 +23,8 @@
#include <string.h>
#if defined(_MSC_VER)
-OPENSSL_MSVC_PRAGMA(warning(push, 3))
#include <immintrin.h>
#include <intrin.h>
-OPENSSL_MSVC_PRAGMA(warning(pop))
#endif
#include "internal.h"
@@ -207,10 +205,6 @@
// 128-bit or 256-bit vectors, and also volume 2a section 2.7.11 ("#UD
// Equations for EVEX") which says that all EVEX-coded instructions raise an
// undefined-instruction exception if any of these XCR0 bits is zero.
- //
- // AVX10 fixes this by reorganizing the features that used to be part of
- // "AVX512" and allowing them to be used independently of 512-bit support.
- // TODO: add AVX10 detection.
extended_features[0] &= ~(1u << 16); // AVX512F
extended_features[0] &= ~(1u << 17); // AVX512DQ
extended_features[0] &= ~(1u << 21); // AVX512IFMA
diff --git a/src/crypto/crypto.cc b/src/crypto/crypto.cc
index 5c31c48..9bc9dc7 100644
--- a/src/crypto/crypto.cc
+++ b/src/crypto/crypto.cc
@@ -54,7 +54,7 @@
// archive, linking on OS X will fail to resolve common symbols. By
// initialising it to zero, it becomes a "data symbol", which isn't so
// affected.
-HIDDEN uint8_t BORINGSSL_function_hit[9] = {0};
+HIDDEN uint8_t BORINGSSL_function_hit[8] = {0};
#endif
#if defined(OPENSSL_X86) || defined(OPENSSL_X86_64)
diff --git a/src/crypto/curve25519/internal.h b/src/crypto/curve25519/internal.h
index c8797d4..17efc95 100644
--- a/src/crypto/curve25519/internal.h
+++ b/src/crypto/curve25519/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_CURVE25519_INTERNAL_H
-#define OPENSSL_HEADER_CURVE25519_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_CURVE25519_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_CURVE25519_INTERNAL_H
#include <openssl/curve25519.h>
@@ -161,4 +161,4 @@
} // extern C
#endif
-#endif // OPENSSL_HEADER_CURVE25519_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_CURVE25519_INTERNAL_H
diff --git a/src/crypto/des/internal.h b/src/crypto/des/internal.h
index 78e193a..e51c6e3 100644
--- a/src/crypto/des/internal.h
+++ b/src/crypto/des/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_DES_INTERNAL_H
-#define OPENSSL_HEADER_DES_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_DES_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_DES_INTERNAL_H
#include <openssl/base.h>
#include <openssl/des.h>
@@ -146,4 +146,4 @@
} // extern C
#endif
-#endif // OPENSSL_HEADER_DES_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_DES_INTERNAL_H
diff --git a/src/crypto/dh/dh_asn1.cc b/src/crypto/dh/dh_asn1.cc
index 13bd4fd..9295e14 100644
--- a/src/crypto/dh/dh_asn1.cc
+++ b/src/crypto/dh/dh_asn1.cc
@@ -44,41 +44,40 @@
}
DH *DH_parse_parameters(CBS *cbs) {
- DH *ret = DH_new();
- if (ret == NULL) {
- return NULL;
+ bssl::UniquePtr<DH> ret(DH_new());
+ if (ret == nullptr) {
+ return nullptr;
}
CBS child;
if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) ||
!parse_integer(&child, &ret->p) ||
!parse_integer(&child, &ret->g)) {
- goto err;
+ OPENSSL_PUT_ERROR(DH, DH_R_DECODE_ERROR);
+ return nullptr;
}
uint64_t priv_length;
if (CBS_len(&child) != 0) {
if (!CBS_get_asn1_uint64(&child, &priv_length) ||
priv_length > UINT_MAX) {
- goto err;
+ OPENSSL_PUT_ERROR(DH, DH_R_DECODE_ERROR);
+ return nullptr;
}
ret->priv_length = (unsigned)priv_length;
}
if (CBS_len(&child) != 0) {
- goto err;
+ OPENSSL_PUT_ERROR(DH, DH_R_DECODE_ERROR);
+ return nullptr;
}
- if (!dh_check_params_fast(ret)) {
- goto err;
+ if (!dh_check_params_fast(ret.get())) {
+ OPENSSL_PUT_ERROR(DH, DH_R_DECODE_ERROR);
+ return nullptr;
}
- return ret;
-
-err:
- OPENSSL_PUT_ERROR(DH, DH_R_DECODE_ERROR);
- DH_free(ret);
- return NULL;
+ return ret.release();
}
int DH_marshal_parameters(CBB *cbb, const DH *dh) {
diff --git a/src/crypto/dh/params.cc b/src/crypto/dh/params.cc
index 18c585e..115505f 100644
--- a/src/crypto/dh/params.cc
+++ b/src/crypto/dh/params.cc
@@ -22,7 +22,8 @@
#include "../fipsmodule/dh/internal.h"
-static BIGNUM *get_params(BIGNUM *ret, const BN_ULONG *words, size_t num_words) {
+static BIGNUM *get_params(BIGNUM *ret, const BN_ULONG *words,
+ size_t num_words) {
BIGNUM *alloc = NULL;
if (ret == NULL) {
alloc = BN_new();
@@ -304,92 +305,57 @@
return 0;
}
- BIGNUM *t1, *t2;
- int g, ok = 0;
- BN_CTX *ctx = NULL;
-
- ctx = BN_CTX_new();
- if (ctx == NULL) {
- goto err;
- }
- BN_CTX_start(ctx);
- t1 = BN_CTX_get(ctx);
- t2 = BN_CTX_get(ctx);
- if (t1 == NULL || t2 == NULL) {
- goto err;
- }
-
// Make sure |dh| has the necessary elements
if (dh->p == NULL) {
dh->p = BN_new();
if (dh->p == NULL) {
- goto err;
+ OPENSSL_PUT_ERROR(DH, ERR_R_BN_LIB);
+ return 0;
}
}
if (dh->g == NULL) {
dh->g = BN_new();
if (dh->g == NULL) {
- goto err;
+ OPENSSL_PUT_ERROR(DH, ERR_R_BN_LIB);
+ return 0;
}
}
+ BN_ULONG t1, t2, g;
if (generator <= 1) {
OPENSSL_PUT_ERROR(DH, DH_R_BAD_GENERATOR);
- goto err;
+ return 0;
}
if (generator == DH_GENERATOR_2) {
- if (!BN_set_word(t1, 24)) {
- goto err;
- }
- if (!BN_set_word(t2, 11)) {
- goto err;
- }
+ t1 = 24;
+ t2 = 11;
g = 2;
} else if (generator == DH_GENERATOR_5) {
- if (!BN_set_word(t1, 10)) {
- goto err;
- }
- if (!BN_set_word(t2, 3)) {
- goto err;
- }
- // BN_set_word(t3,7); just have to miss
- // out on these ones :-(
+ t1 = 10;
+ t2 = 3;
g = 5;
} else {
- // in the general case, don't worry if 'generator' is a
- // generator or not: since we are using safe primes,
- // it will generate either an order-q or an order-2q group,
- // which both is OK
- if (!BN_set_word(t1, 2)) {
- goto err;
- }
- if (!BN_set_word(t2, 1)) {
- goto err;
- }
+ // In the general case, don't worry if 'generator' is a generator or not:
+ // since we are using safe primes, it will generate either an order-q or an
+ // order-2q group, which both is OK.
+ t1 = 2;
+ t2 = 1;
g = generator;
}
- if (!BN_generate_prime_ex(dh->p, prime_bits, 1, t1, t2, cb)) {
- goto err;
- }
- if (!BN_GENCB_call(cb, 3, 0)) {
- goto err;
- }
- if (!BN_set_word(dh->g, g)) {
- goto err;
- }
- ok = 1;
-
-err:
- if (!ok) {
+ bssl::UniquePtr<BIGNUM> t1_bn(BN_new()), t2_bn(BN_new());
+ if (t1_bn == nullptr || t2_bn == nullptr ||
+ !BN_set_word(t1_bn.get(), t1) || //
+ !BN_set_word(t2_bn.get(), t2) || //
+ !BN_generate_prime_ex(dh->p, prime_bits, 1, t1_bn.get(), t2_bn.get(),
+ cb) ||
+ !BN_GENCB_call(cb, 3, 0) || //
+ !BN_set_word(dh->g, g)) {
OPENSSL_PUT_ERROR(DH, ERR_R_BN_LIB);
+ return 0;
}
- if (ctx != NULL) {
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
- return ok;
+ return 1;
}
static int int_dh_bn_cpy(BIGNUM **dst, const BIGNUM *src) {
diff --git a/src/crypto/digest/digest_extra.cc b/src/crypto/digest/digest_extra.cc
index f68ede9..4cbfa1f 100644
--- a/src/crypto/digest/digest_extra.cc
+++ b/src/crypto/digest/digest_extra.cc
@@ -156,21 +156,22 @@
return ret;
}
-int EVP_marshal_digest_algorithm(CBB *cbb, const EVP_MD *md) {
+static int marshal_digest_algorithm(CBB *cbb, const EVP_MD *md,
+ bool with_null) {
CBB algorithm, oid, null;
if (!CBB_add_asn1(cbb, &algorithm, CBS_ASN1_SEQUENCE) ||
!CBB_add_asn1(&algorithm, &oid, CBS_ASN1_OBJECT)) {
return 0;
}
- int found = 0;
+ bool found = false;
int nid = EVP_MD_type(md);
- for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kMDOIDs); i++) {
- if (nid == kMDOIDs[i].nid) {
- if (!CBB_add_bytes(&oid, kMDOIDs[i].oid, kMDOIDs[i].oid_len)) {
+ for (const auto &mdoid : kMDOIDs) {
+ if (nid == mdoid.nid) {
+ if (!CBB_add_bytes(&oid, mdoid.oid, mdoid.oid_len)) {
return 0;
}
- found = 1;
+ found = true;
break;
}
}
@@ -180,8 +181,7 @@
return 0;
}
- // TODO(crbug.com/boringssl/710): Is this correct? See RFC 4055, section 2.1.
- if (!CBB_add_asn1(&algorithm, &null, CBS_ASN1_NULL) || //
+ if ((with_null && !CBB_add_asn1(&algorithm, &null, CBS_ASN1_NULL)) || //
!CBB_flush(cbb)) {
return 0;
}
@@ -189,6 +189,14 @@
return 1;
}
+int EVP_marshal_digest_algorithm(CBB *cbb, const EVP_MD *md) {
+ return marshal_digest_algorithm(cbb, md, /*with_null=*/true);
+}
+
+int EVP_marshal_digest_algorithm_no_params(CBB *cbb, const EVP_MD *md) {
+ return marshal_digest_algorithm(cbb, md, /*with_null=*/false);
+}
+
const EVP_MD *EVP_get_digestbyname(const char *name) {
for (unsigned i = 0; i < OPENSSL_ARRAY_SIZE(nid_to_digest_mapping); i++) {
const char *short_name = nid_to_digest_mapping[i].short_name;
diff --git a/src/crypto/digest/digest_test.cc b/src/crypto/digest/digest_test.cc
index 8237fb8..8cdc48d 100644
--- a/src/crypto/digest/digest_test.cc
+++ b/src/crypto/digest/digest_test.cc
@@ -282,9 +282,9 @@
ASSERT_TRUE(CBB_init(cbb.get(), 0));
EXPECT_FALSE(EVP_marshal_digest_algorithm(cbb.get(), EVP_md5_sha1()));
- static const uint8_t kSHA256[] = {0x30, 0x0d, 0x06, 0x09, 0x60,
- 0x86, 0x48, 0x01, 0x65, 0x03,
- 0x04, 0x02, 0x01, 0x05, 0x00};
+ static const uint8_t kSHA256NullParam[] = {0x30, 0x0d, 0x06, 0x09, 0x60,
+ 0x86, 0x48, 0x01, 0x65, 0x03,
+ 0x04, 0x02, 0x01, 0x05, 0x00};
static const uint8_t kSHA256NoParam[] = {0x30, 0x0b, 0x06, 0x09, 0x60,
0x86, 0x48, 0x01, 0x65, 0x03,
0x04, 0x02, 0x01};
@@ -292,23 +292,24 @@
0x30, 0x0e, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
0x65, 0x03, 0x04, 0x02, 0x01, 0x02, 0x01, 0x2a};
- // Serialize SHA-256.
+ // Serialize SHA-256, with and without NULL.
cbb.Reset();
ASSERT_TRUE(CBB_init(cbb.get(), 0));
ASSERT_TRUE(EVP_marshal_digest_algorithm(cbb.get(), EVP_sha256()));
- uint8_t *der;
- size_t der_len;
- ASSERT_TRUE(CBB_finish(cbb.get(), &der, &der_len));
- bssl::UniquePtr<uint8_t> free_der(der);
- EXPECT_EQ(Bytes(kSHA256), Bytes(der, der_len));
+ EXPECT_EQ(Bytes(kSHA256NullParam),
+ Bytes(CBB_data(cbb.get()), CBB_len(cbb.get())));
+ cbb.Reset();
+ ASSERT_TRUE(CBB_init(cbb.get(), 0));
+ ASSERT_TRUE(EVP_marshal_digest_algorithm_no_params(cbb.get(), EVP_sha256()));
+ EXPECT_EQ(Bytes(kSHA256NoParam),
+ Bytes(CBB_data(cbb.get()), CBB_len(cbb.get())));
- // Parse SHA-256.
+ // Parse SHA-256. Either absent or NULL parameters are tolerated for
+ // compatibility.
CBS cbs;
- CBS_init(&cbs, kSHA256, sizeof(kSHA256));
+ CBS_init(&cbs, kSHA256NullParam, sizeof(kSHA256NullParam));
EXPECT_EQ(EVP_sha256(), EVP_parse_digest_algorithm(&cbs));
EXPECT_EQ(0u, CBS_len(&cbs));
-
- // Missing parameters are tolerated for compatibility.
CBS_init(&cbs, kSHA256NoParam, sizeof(kSHA256NoParam));
EXPECT_EQ(EVP_sha256(), EVP_parse_digest_algorithm(&cbs));
EXPECT_EQ(0u, CBS_len(&cbs));
diff --git a/src/crypto/dsa/dsa.cc b/src/crypto/dsa/dsa.cc
index d1bfdf0..e2125d5 100644
--- a/src/crypto/dsa/dsa.cc
+++ b/src/crypto/dsa/dsa.cc
@@ -33,6 +33,10 @@
#include "internal.h"
+static_assert(OPENSSL_DSA_MAX_MODULUS_BITS <=
+ BN_MONTGOMERY_MAX_WORDS * BN_BITS2,
+ "Max DSA size too big for Montgomery arithmetic");
+
// Primality test according to FIPS PUB 186[-1], Appendix 2.1: 50 rounds of
// Miller-Rabin.
#define DSS_prime_checks 50
@@ -167,17 +171,14 @@
return 0;
}
- int ok = 0;
unsigned char seed[SHA256_DIGEST_LENGTH];
unsigned char md[SHA256_DIGEST_LENGTH];
unsigned char buf[SHA256_DIGEST_LENGTH], buf2[SHA256_DIGEST_LENGTH];
BIGNUM *r0, *W, *X, *c, *test;
BIGNUM *g = NULL, *q = NULL, *p = NULL;
- BN_MONT_CTX *mont = NULL;
int k, n = 0, m = 0;
int counter = 0;
int r = 0;
- BN_CTX *ctx = NULL;
unsigned int h = 2;
const EVP_MD *evpmd;
@@ -201,23 +202,23 @@
OPENSSL_memcpy(seed, seed_in, seed_len);
}
- ctx = BN_CTX_new();
- if (ctx == NULL) {
- goto err;
+ bssl::UniquePtr<BN_CTX> ctx(BN_CTX_new());
+ if (ctx == nullptr) {
+ return 0;
}
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx.get());
- r0 = BN_CTX_get(ctx);
- g = BN_CTX_get(ctx);
- W = BN_CTX_get(ctx);
- q = BN_CTX_get(ctx);
- X = BN_CTX_get(ctx);
- c = BN_CTX_get(ctx);
- p = BN_CTX_get(ctx);
- test = BN_CTX_get(ctx);
+ r0 = BN_CTX_get(ctx.get());
+ g = BN_CTX_get(ctx.get());
+ W = BN_CTX_get(ctx.get());
+ q = BN_CTX_get(ctx.get());
+ X = BN_CTX_get(ctx.get());
+ c = BN_CTX_get(ctx.get());
+ p = BN_CTX_get(ctx.get());
+ test = BN_CTX_get(ctx.get());
if (test == NULL || !BN_lshift(test, BN_value_one(), bits - 1)) {
- goto err;
+ return 0;
}
for (;;) {
@@ -225,13 +226,13 @@
for (;;) {
// step 1
if (!BN_GENCB_call(cb, BN_GENCB_GENERATED, m++)) {
- goto err;
+ return 0;
}
int use_random_seed = (seed_in == NULL);
if (use_random_seed) {
if (!RAND_bytes(seed, qsize)) {
- goto err;
+ return 0;
}
// DSA parameters are public.
CONSTTIME_DECLASSIFY(seed, qsize);
@@ -252,7 +253,7 @@
// step 2
if (!EVP_Digest(seed, qsize, md, NULL, evpmd, NULL) ||
!EVP_Digest(buf, qsize, buf2, NULL, evpmd, NULL)) {
- goto err;
+ return 0;
}
for (size_t i = 0; i < qsize; i++) {
md[i] ^= buf2[i];
@@ -262,17 +263,17 @@
md[0] |= 0x80;
md[qsize - 1] |= 0x01;
if (!BN_bin2bn(md, qsize, q)) {
- goto err;
+ return 0;
}
// step 4
- r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx, use_random_seed,
- cb);
+ r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx.get(),
+ use_random_seed, cb);
if (r > 0) {
break;
}
if (r != 0) {
- goto err;
+ return 0;
}
// do a callback call
@@ -280,7 +281,7 @@
}
if (!BN_GENCB_call(cb, 2, 0) || !BN_GENCB_call(cb, 3, 0)) {
- goto err;
+ return 0;
}
// step 6
@@ -291,7 +292,7 @@
for (;;) {
if ((counter != 0) && !BN_GENCB_call(cb, BN_GENCB_GENERATED, counter)) {
- goto err;
+ return 0;
}
// step 7
@@ -307,36 +308,36 @@
}
if (!EVP_Digest(buf, qsize, md, NULL, evpmd, NULL)) {
- goto err;
+ return 0;
}
// step 8
if (!BN_bin2bn(md, qsize, r0) || !BN_lshift(r0, r0, (qsize << 3) * k) ||
!BN_add(W, W, r0)) {
- goto err;
+ return 0;
}
}
// more of step 8
if (!BN_mask_bits(W, bits - 1) || !BN_copy(X, W) || !BN_add(X, X, test)) {
- goto err;
+ return 0;
}
// step 9
- if (!BN_lshift1(r0, q) || !BN_mod(c, X, r0, ctx) ||
+ if (!BN_lshift1(r0, q) || !BN_mod(c, X, r0, ctx.get()) ||
!BN_sub(r0, c, BN_value_one()) || !BN_sub(p, X, r0)) {
- goto err;
+ return 0;
}
// step 10
if (BN_cmp(p, test) >= 0) {
// step 11
- r = BN_is_prime_fasttest_ex(p, DSS_prime_checks, ctx, 1, cb);
+ r = BN_is_prime_fasttest_ex(p, DSS_prime_checks, ctx.get(), 1, cb);
if (r > 0) {
goto end; // found it
}
if (r != 0) {
- goto err;
+ return 0;
}
}
@@ -352,68 +353,56 @@
}
end:
if (!BN_GENCB_call(cb, 2, 1)) {
- goto err;
+ return 0;
}
// We now need to generate g
// Set r0=(p-1)/q
- if (!BN_sub(test, p, BN_value_one()) || !BN_div(r0, NULL, test, q, ctx)) {
- goto err;
+ if (!BN_sub(test, p, BN_value_one()) ||
+ !BN_div(r0, NULL, test, q, ctx.get())) {
+ return 0;
}
- mont = BN_MONT_CTX_new_for_modulus(p, ctx);
- if (mont == NULL || !BN_set_word(test, h)) {
- goto err;
+ bssl::UniquePtr<BN_MONT_CTX> mont(BN_MONT_CTX_new_for_modulus(p, ctx.get()));
+ if (mont == nullptr || !BN_set_word(test, h)) {
+ return 0;
}
for (;;) {
// g=test^r0%p
- if (!BN_mod_exp_mont(g, test, r0, p, ctx, mont)) {
- goto err;
+ if (!BN_mod_exp_mont(g, test, r0, p, ctx.get(), mont.get())) {
+ return 0;
}
if (!BN_is_one(g)) {
break;
}
if (!BN_add(test, test, BN_value_one())) {
- goto err;
+ return 0;
}
h++;
}
if (!BN_GENCB_call(cb, 3, 1)) {
- goto err;
+ return 0;
}
- ok = 1;
-
-err:
- if (ok) {
- BN_free(dsa->p);
- BN_free(dsa->q);
- BN_free(dsa->g);
- dsa->p = BN_dup(p);
- dsa->q = BN_dup(q);
- dsa->g = BN_dup(g);
- if (dsa->p == NULL || dsa->q == NULL || dsa->g == NULL) {
- ok = 0;
- goto err;
- }
- if (out_counter != NULL) {
- *out_counter = counter;
- }
- if (out_h != NULL) {
- *out_h = h;
- }
+ BN_free(dsa->p);
+ BN_free(dsa->q);
+ BN_free(dsa->g);
+ dsa->p = BN_dup(p);
+ dsa->q = BN_dup(q);
+ dsa->g = BN_dup(g);
+ if (dsa->p == NULL || dsa->q == NULL || dsa->g == NULL) {
+ return 0;
+ }
+ if (out_counter != NULL) {
+ *out_counter = counter;
+ }
+ if (out_h != NULL) {
+ *out_h = h;
}
- if (ctx) {
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
-
- BN_MONT_CTX_free(mont);
-
- return ok;
+ return 1;
}
DSA *DSAparams_dup(const DSA *dsa) {
@@ -436,17 +425,17 @@
return 0;
}
- int ok = 0;
- BIGNUM *pub_key = NULL, *priv_key = NULL;
- BN_CTX *ctx = BN_CTX_new();
- if (ctx == NULL) {
- goto err;
+ bssl::UniquePtr<BN_CTX> ctx(BN_CTX_new());
+ if (ctx == nullptr) {
+ return 0;
}
- priv_key = dsa->priv_key;
- if (priv_key == NULL) {
+ int ok = 0;
+ BIGNUM *pub_key = nullptr;
+ BIGNUM *priv_key = dsa->priv_key;
+ if (priv_key == nullptr) {
priv_key = BN_new();
- if (priv_key == NULL) {
+ if (priv_key == nullptr) {
goto err;
}
}
@@ -456,16 +445,16 @@
}
pub_key = dsa->pub_key;
- if (pub_key == NULL) {
+ if (pub_key == nullptr) {
pub_key = BN_new();
- if (pub_key == NULL) {
+ if (pub_key == nullptr) {
goto err;
}
}
if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p, &dsa->method_mont_lock,
- dsa->p, ctx) ||
- !BN_mod_exp_mont_consttime(pub_key, dsa->g, priv_key, dsa->p, ctx,
+ dsa->p, ctx.get()) ||
+ !BN_mod_exp_mont_consttime(pub_key, dsa->g, priv_key, dsa->p, ctx.get(),
dsa->method_mont_p)) {
goto err;
}
@@ -478,13 +467,12 @@
ok = 1;
err:
- if (dsa->pub_key == NULL) {
+ if (dsa->pub_key == nullptr) {
BN_free(pub_key);
}
- if (dsa->priv_key == NULL) {
+ if (dsa->priv_key == nullptr) {
BN_free(priv_key);
}
- BN_CTX_free(ctx);
return ok;
}
@@ -529,14 +517,13 @@
// neither inputs nor outputs are in Montgomery form.
static int mod_mul_consttime(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const BN_MONT_CTX *mont, BN_CTX *ctx) {
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *tmp = BN_CTX_get(ctx);
// |BN_mod_mul_montgomery| removes a factor of R, so we cancel it with a
// single |BN_to_montgomery| which adds one factor of R.
- int ok = tmp != NULL && BN_to_montgomery(tmp, a, mont, ctx) &&
- BN_mod_mul_montgomery(r, tmp, b, mont, ctx);
- BN_CTX_end(ctx);
- return ok;
+ return tmp != nullptr && //
+ BN_to_montgomery(tmp, a, mont, ctx) &&
+ BN_mod_mul_montgomery(r, tmp, b, mont, ctx);
}
DSA_SIG *DSA_do_sign(const uint8_t *digest, size_t digest_len, const DSA *dsa) {
@@ -691,9 +678,20 @@
goto err;
}
- // Calculate W = inv(S) mod Q
- // save W in u2
- if (BN_mod_inverse(&u2, sig->s, dsa->q, ctx) == NULL) {
+ if (!BN_MONT_CTX_set_locked((BN_MONT_CTX **)&dsa->method_mont_p,
+ (CRYPTO_MUTEX *)&dsa->method_mont_lock, dsa->p,
+ ctx) ||
+ !BN_MONT_CTX_set_locked((BN_MONT_CTX **)&dsa->method_mont_q,
+ (CRYPTO_MUTEX *)&dsa->method_mont_lock, dsa->q,
+ ctx)) {
+ goto err;
+ }
+
+ // Calculate W = inv(S) mod Q, in the Montgomery domain. This is slightly
+ // more efficiently computed as FromMont(s)^-1 = (s * R^-1)^-1 = s^-1 * R,
+ // instead of ToMont(s^-1) = s^-1 * R.
+ if (!BN_from_montgomery(&u2, sig->s, dsa->method_mont_q, ctx) ||
+ !BN_mod_inverse(&u2, &u2, dsa->q, ctx)) {
goto err;
}
@@ -710,19 +708,15 @@
goto err;
}
- // u1 = M * w mod q
- if (!BN_mod_mul(&u1, &u1, &u2, dsa->q, ctx)) {
+ // u1 = M * w mod q. w was stored in the Montgomery domain while M was not,
+ // so the result will already be out of the Montgomery domain.
+ if (!BN_mod_mul_montgomery(&u1, &u1, &u2, dsa->method_mont_q, ctx)) {
goto err;
}
- // u2 = r * w mod q
- if (!BN_mod_mul(&u2, sig->r, &u2, dsa->q, ctx)) {
- goto err;
- }
-
- if (!BN_MONT_CTX_set_locked((BN_MONT_CTX **)&dsa->method_mont_p,
- (CRYPTO_MUTEX *)&dsa->method_mont_lock, dsa->p,
- ctx)) {
+ // u2 = r * w mod q. w was stored in the Montgomery domain while r was not,
+ // so the result will already be out of the Montgomery domain.
+ if (!BN_mod_mul_montgomery(&u2, sig->r, &u2, dsa->method_mont_q, ctx)) {
goto err;
}
@@ -731,7 +725,6 @@
goto err;
}
- // BN_copy(&u1,&t1);
// let u1 = u1 mod q
if (!BN_mod(&u1, &t1, dsa->q, ctx)) {
goto err;
@@ -921,31 +914,28 @@
}
DH *DSA_dup_DH(const DSA *dsa) {
- if (dsa == NULL) {
- return NULL;
+ if (dsa == nullptr) {
+ return nullptr;
}
- DH *ret = DH_new();
- if (ret == NULL) {
- goto err;
+ bssl::UniquePtr<DH> ret(DH_new());
+ if (ret == nullptr) {
+ return nullptr;
}
- if (dsa->q != NULL) {
+ if (dsa->q != nullptr) {
ret->priv_length = BN_num_bits(dsa->q);
- if ((ret->q = BN_dup(dsa->q)) == NULL) {
- goto err;
+ if ((ret->q = BN_dup(dsa->q)) == nullptr) {
+ return nullptr;
}
}
- if ((dsa->p != NULL && (ret->p = BN_dup(dsa->p)) == NULL) ||
- (dsa->g != NULL && (ret->g = BN_dup(dsa->g)) == NULL) ||
- (dsa->pub_key != NULL && (ret->pub_key = BN_dup(dsa->pub_key)) == NULL) ||
- (dsa->priv_key != NULL &&
- (ret->priv_key = BN_dup(dsa->priv_key)) == NULL)) {
- goto err;
+ if ((dsa->p != nullptr && (ret->p = BN_dup(dsa->p)) == nullptr) ||
+ (dsa->g != nullptr && (ret->g = BN_dup(dsa->g)) == nullptr) ||
+ (dsa->pub_key != nullptr &&
+ (ret->pub_key = BN_dup(dsa->pub_key)) == nullptr) ||
+ (dsa->priv_key != nullptr &&
+ (ret->priv_key = BN_dup(dsa->priv_key)) == nullptr)) {
+ return nullptr;
}
- return ret;
-
-err:
- DH_free(ret);
- return NULL;
+ return ret.release();
}
diff --git a/src/crypto/dsa/dsa_asn1.cc b/src/crypto/dsa/dsa_asn1.cc
index a267473..af5ccad 100644
--- a/src/crypto/dsa/dsa_asn1.cc
+++ b/src/crypto/dsa/dsa_asn1.cc
@@ -136,9 +136,9 @@
}
DSA *DSA_parse_public_key(CBS *cbs) {
- DSA *ret = DSA_new();
- if (ret == NULL) {
- return NULL;
+ bssl::UniquePtr<DSA> ret(DSA_new());
+ if (ret == nullptr) {
+ return nullptr;
}
CBS child;
if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) ||
@@ -148,16 +148,12 @@
!parse_integer(&child, &ret->g) ||
CBS_len(&child) != 0) {
OPENSSL_PUT_ERROR(DSA, DSA_R_DECODE_ERROR);
- goto err;
+ return nullptr;
}
- if (!dsa_check_key(ret)) {
- goto err;
+ if (!dsa_check_key(ret.get())) {
+ return nullptr;
}
- return ret;
-
-err:
- DSA_free(ret);
- return NULL;
+ return ret.release();
}
int DSA_marshal_public_key(CBB *cbb, const DSA *dsa) {
@@ -175,9 +171,9 @@
}
DSA *DSA_parse_parameters(CBS *cbs) {
- DSA *ret = DSA_new();
- if (ret == NULL) {
- return NULL;
+ bssl::UniquePtr<DSA> ret(DSA_new());
+ if (ret == nullptr) {
+ return nullptr;
}
CBS child;
if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) ||
@@ -186,16 +182,12 @@
!parse_integer(&child, &ret->g) ||
CBS_len(&child) != 0) {
OPENSSL_PUT_ERROR(DSA, DSA_R_DECODE_ERROR);
- goto err;
+ return nullptr;
}
- if (!dsa_check_key(ret)) {
- goto err;
+ if (!dsa_check_key(ret.get())) {
+ return nullptr;
}
- return ret;
-
-err:
- DSA_free(ret);
- return NULL;
+ return ret.release();
}
int DSA_marshal_parameters(CBB *cbb, const DSA *dsa) {
@@ -212,9 +204,9 @@
}
DSA *DSA_parse_private_key(CBS *cbs) {
- DSA *ret = DSA_new();
- if (ret == NULL) {
- return NULL;
+ bssl::UniquePtr<DSA> ret(DSA_new());
+ if (ret == nullptr) {
+ return nullptr;
}
CBS child;
@@ -222,12 +214,12 @@
if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) ||
!CBS_get_asn1_uint64(&child, &version)) {
OPENSSL_PUT_ERROR(DSA, DSA_R_DECODE_ERROR);
- goto err;
+ return nullptr;
}
if (version != 0) {
OPENSSL_PUT_ERROR(DSA, DSA_R_BAD_VERSION);
- goto err;
+ return nullptr;
}
if (!parse_integer(&child, &ret->p) ||
@@ -237,17 +229,13 @@
!parse_integer(&child, &ret->priv_key) ||
CBS_len(&child) != 0) {
OPENSSL_PUT_ERROR(DSA, DSA_R_DECODE_ERROR);
- goto err;
+ return nullptr;
}
- if (!dsa_check_key(ret)) {
- goto err;
+ if (!dsa_check_key(ret.get())) {
+ return nullptr;
}
- return ret;
-
-err:
- DSA_free(ret);
- return NULL;
+ return ret.release();
}
int DSA_marshal_private_key(CBB *cbb, const DSA *dsa) {
diff --git a/src/crypto/dsa/internal.h b/src/crypto/dsa/internal.h
index e987774..537c576 100644
--- a/src/crypto/dsa/internal.h
+++ b/src/crypto/dsa/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_DSA_INTERNAL_H
-#define OPENSSL_HEADER_DSA_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_DSA_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_DSA_INTERNAL_H
#include <openssl/dsa.h>
@@ -51,4 +51,4 @@
} // extern C
#endif
-#endif // OPENSSL_HEADER_DSA_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_DSA_INTERNAL_H
diff --git a/src/crypto/ec/ec_asn1.cc b/src/crypto/ec/ec_asn1.cc
index 19d6072..ce81580 100644
--- a/src/crypto/ec/ec_asn1.cc
+++ b/src/crypto/ec/ec_asn1.cc
@@ -51,12 +51,10 @@
version != 1 ||
!CBS_get_asn1(&ec_private_key, &private_key, CBS_ASN1_OCTETSTRING)) {
OPENSSL_PUT_ERROR(EC, EC_R_DECODE_ERROR);
- return NULL;
+ return nullptr;
}
// Parse the optional parameters field.
- EC_KEY *ret = NULL;
- BIGNUM *priv_key = NULL;
if (CBS_peek_asn1_tag(&ec_private_key, kParametersTag)) {
// Per SEC 1, as an alternative to omitting it, one is allowed to specify
// this field and put in a NULL to mean inheriting this value. This was
@@ -65,43 +63,44 @@
CBS child;
if (!CBS_get_asn1(&ec_private_key, &child, kParametersTag)) {
OPENSSL_PUT_ERROR(EC, EC_R_DECODE_ERROR);
- goto err;
+ return nullptr;
}
const EC_GROUP *inner_group = EC_KEY_parse_parameters(&child);
- if (inner_group == NULL) {
- goto err;
+ if (inner_group == nullptr) {
+ return nullptr;
}
- if (group == NULL) {
+ if (group == nullptr) {
group = inner_group;
- } else if (EC_GROUP_cmp(group, inner_group, NULL) != 0) {
+ } else if (EC_GROUP_cmp(group, inner_group, nullptr) != 0) {
// If a group was supplied externally, it must match.
OPENSSL_PUT_ERROR(EC, EC_R_GROUP_MISMATCH);
- goto err;
+ return nullptr;
}
if (CBS_len(&child) != 0) {
OPENSSL_PUT_ERROR(EC, EC_R_DECODE_ERROR);
- goto err;
+ return nullptr;
}
}
- if (group == NULL) {
+ if (group == nullptr) {
OPENSSL_PUT_ERROR(EC, EC_R_MISSING_PARAMETERS);
- goto err;
+ return nullptr;
}
- ret = EC_KEY_new();
- if (ret == NULL || !EC_KEY_set_group(ret, group)) {
- goto err;
+ bssl::UniquePtr<EC_KEY> ret(EC_KEY_new());
+ if (ret == nullptr || !EC_KEY_set_group(ret.get(), group)) {
+ return nullptr;
}
// Although RFC 5915 specifies the length of the key, OpenSSL historically
// got this wrong, so accept any length. See upstream's
// 30cd4ff294252c4b6a4b69cbef6a5b4117705d22.
- priv_key = BN_bin2bn(CBS_data(&private_key), CBS_len(&private_key), NULL);
+ bssl::UniquePtr<BIGNUM> priv_key(
+ BN_bin2bn(CBS_data(&private_key), CBS_len(&private_key), nullptr));
ret->pub_key = EC_POINT_new(group);
- if (priv_key == NULL || ret->pub_key == NULL ||
- !EC_KEY_set_private_key(ret, priv_key)) {
- goto err;
+ if (priv_key == nullptr || ret->pub_key == nullptr ||
+ !EC_KEY_set_private_key(ret.get(), priv_key.get())) {
+ return nullptr;
}
if (CBS_peek_asn1_tag(&ec_private_key, kPublicKeyTag)) {
@@ -117,10 +116,10 @@
// form later.
CBS_len(&public_key) == 0 ||
!EC_POINT_oct2point(group, ret->pub_key, CBS_data(&public_key),
- CBS_len(&public_key), NULL) ||
+ CBS_len(&public_key), nullptr) ||
CBS_len(&child) != 0) {
OPENSSL_PUT_ERROR(EC, EC_R_DECODE_ERROR);
- goto err;
+ return nullptr;
}
// Save the point conversion form.
@@ -131,7 +130,7 @@
// Compute the public key instead.
if (!ec_point_mul_scalar_base(group, &ret->pub_key->raw,
&ret->priv_key->scalar)) {
- goto err;
+ return nullptr;
}
// Remember the original private-key-only encoding.
// TODO(davidben): Consider removing this.
@@ -140,21 +139,15 @@
if (CBS_len(&ec_private_key) != 0) {
OPENSSL_PUT_ERROR(EC, EC_R_DECODE_ERROR);
- goto err;
+ return nullptr;
}
// Ensure the resulting key is valid.
- if (!EC_KEY_check_key(ret)) {
- goto err;
+ if (!EC_KEY_check_key(ret.get())) {
+ return nullptr;
}
- BN_free(priv_key);
- return ret;
-
-err:
- EC_KEY_free(ret);
- BN_free(priv_key);
- return NULL;
+ return ret.release();
}
int EC_KEY_marshal_private_key(CBB *cbb, const EC_KEY *key,
@@ -327,10 +320,7 @@
return 0;
}
- CBB child;
- return CBB_add_asn1(cbb, &child, CBS_ASN1_OBJECT) &&
- CBB_add_bytes(&child, group->oid, group->oid_len) && //
- CBB_flush(cbb);
+ return CBB_add_asn1_element(cbb, CBS_ASN1_OBJECT, group->oid, group->oid_len);
}
EC_GROUP *EC_KEY_parse_parameters(CBS *cbs) {
@@ -344,14 +334,17 @@
// TODO(davidben): Remove support for this.
struct explicit_prime_curve curve;
if (!parse_explicit_prime_curve(cbs, &curve)) {
- return NULL;
+ return nullptr;
}
- const EC_GROUP *ret = NULL;
- BIGNUM *p = BN_new(), *a = BN_new(), *b = BN_new(), *x = BN_new(),
- *y = BN_new();
- if (p == NULL || a == NULL || b == NULL || x == NULL || y == NULL) {
- goto err;
+ bssl::UniquePtr<BIGNUM> p(BN_new());
+ bssl::UniquePtr<BIGNUM> a(BN_new());
+ bssl::UniquePtr<BIGNUM> b(BN_new());
+ bssl::UniquePtr<BIGNUM> x(BN_new());
+ bssl::UniquePtr<BIGNUM> y(BN_new());
+ if (p == nullptr || a == nullptr || b == nullptr || x == nullptr ||
+ y == nullptr) {
+ return nullptr;
}
for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kAllGroups); i++) {
@@ -362,36 +355,27 @@
// The order alone uniquely identifies the group, but we check the other
// parameters to avoid misinterpreting the group.
- if (!EC_GROUP_get_curve_GFp(group, p, a, b, NULL)) {
- goto err;
+ if (!EC_GROUP_get_curve_GFp(group, p.get(), a.get(), b.get(), nullptr)) {
+ return nullptr;
}
- if (!integers_equal(&curve.prime, p) || !integers_equal(&curve.a, a) ||
- !integers_equal(&curve.b, b)) {
+ if (!integers_equal(&curve.prime, p.get()) ||
+ !integers_equal(&curve.a, a.get()) ||
+ !integers_equal(&curve.b, b.get())) {
break;
}
if (!EC_POINT_get_affine_coordinates_GFp(
- group, EC_GROUP_get0_generator(group), x, y, NULL)) {
- goto err;
+ group, EC_GROUP_get0_generator(group), x.get(), y.get(), nullptr)) {
+ return nullptr;
}
- if (!integers_equal(&curve.base_x, x) ||
- !integers_equal(&curve.base_y, y)) {
+ if (!integers_equal(&curve.base_x, x.get()) ||
+ !integers_equal(&curve.base_y, y.get())) {
break;
}
- ret = group;
- break;
+ return const_cast<EC_GROUP *>(group);
}
- if (ret == NULL) {
- OPENSSL_PUT_ERROR(EC, EC_R_UNKNOWN_GROUP);
- }
-
-err:
- BN_free(p);
- BN_free(a);
- BN_free(b);
- BN_free(x);
- BN_free(y);
- return (EC_GROUP *)ret;
+ OPENSSL_PUT_ERROR(EC, EC_R_UNKNOWN_GROUP);
+ return nullptr;
}
int EC_POINT_point2cbb(CBB *out, const EC_GROUP *group, const EC_POINT *point,
diff --git a/src/crypto/ec/hash_to_curve.cc b/src/crypto/ec/hash_to_curve.cc
index 86c2fc6..b9601fc 100644
--- a/src/crypto/ec/hash_to_curve.cc
+++ b/src/crypto/ec/hash_to_curve.cc
@@ -57,84 +57,76 @@
return 0;
}
- int ret = 0;
const size_t block_size = EVP_MD_block_size(md);
const size_t md_size = EVP_MD_size(md);
- EVP_MD_CTX ctx;
- EVP_MD_CTX_init(&ctx);
+ bssl::ScopedEVP_MD_CTX ctx;
- {
- // Long DSTs are hashed down to size. See section 5.3.3.
- static_assert(EVP_MAX_MD_SIZE < 256, "hashed DST still too large");
- uint8_t dst_buf[EVP_MAX_MD_SIZE];
- if (dst_len >= 256) {
- static const char kPrefix[] = "H2C-OVERSIZE-DST-";
- if (!EVP_DigestInit_ex(&ctx, md, NULL) ||
- !EVP_DigestUpdate(&ctx, kPrefix, sizeof(kPrefix) - 1) ||
- !EVP_DigestUpdate(&ctx, dst, dst_len) ||
- !EVP_DigestFinal_ex(&ctx, dst_buf, NULL)) {
- goto err;
- }
- dst = dst_buf;
- dst_len = md_size;
+ // Long DSTs are hashed down to size. See section 5.3.3.
+ static_assert(EVP_MAX_MD_SIZE < 256, "hashed DST still too large");
+ uint8_t dst_buf[EVP_MAX_MD_SIZE];
+ if (dst_len >= 256) {
+ static const char kPrefix[] = "H2C-OVERSIZE-DST-";
+ if (!EVP_DigestInit_ex(ctx.get(), md, nullptr) ||
+ !EVP_DigestUpdate(ctx.get(), kPrefix, sizeof(kPrefix) - 1) ||
+ !EVP_DigestUpdate(ctx.get(), dst, dst_len) ||
+ !EVP_DigestFinal_ex(ctx.get(), dst_buf, nullptr)) {
+ return 0;
}
- uint8_t dst_len_u8 = (uint8_t)dst_len;
+ dst = dst_buf;
+ dst_len = md_size;
+ }
+ uint8_t dst_len_u8 = (uint8_t)dst_len;
- // Compute b_0.
- static const uint8_t kZeros[EVP_MAX_MD_BLOCK_SIZE] = {0};
- // If |out_len| exceeds 16 bits then |i| will wrap below causing an error to
- // be returned. This depends on the static assert above.
- uint8_t l_i_b_str_zero[3] = {static_cast<uint8_t>(out_len >> 8),
- static_cast<uint8_t>(out_len), 0};
- uint8_t b_0[EVP_MAX_MD_SIZE];
- if (!EVP_DigestInit_ex(&ctx, md, NULL) ||
- !EVP_DigestUpdate(&ctx, kZeros, block_size) ||
- !EVP_DigestUpdate(&ctx, msg, msg_len) ||
- !EVP_DigestUpdate(&ctx, l_i_b_str_zero, sizeof(l_i_b_str_zero)) ||
- !EVP_DigestUpdate(&ctx, dst, dst_len) ||
- !EVP_DigestUpdate(&ctx, &dst_len_u8, 1) ||
- !EVP_DigestFinal_ex(&ctx, b_0, NULL)) {
- goto err;
- }
-
- uint8_t b_i[EVP_MAX_MD_SIZE];
- uint8_t i = 1;
- while (out_len > 0) {
- if (i == 0) {
- // Input was too large.
- OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- if (i > 1) {
- for (size_t j = 0; j < md_size; j++) {
- b_i[j] ^= b_0[j];
- }
- } else {
- OPENSSL_memcpy(b_i, b_0, md_size);
- }
-
- if (!EVP_DigestInit_ex(&ctx, md, NULL) ||
- !EVP_DigestUpdate(&ctx, b_i, md_size) ||
- !EVP_DigestUpdate(&ctx, &i, 1) ||
- !EVP_DigestUpdate(&ctx, dst, dst_len) ||
- !EVP_DigestUpdate(&ctx, &dst_len_u8, 1) ||
- !EVP_DigestFinal_ex(&ctx, b_i, NULL)) {
- goto err;
- }
-
- size_t todo = out_len >= md_size ? md_size : out_len;
- OPENSSL_memcpy(out, b_i, todo);
- out += todo;
- out_len -= todo;
- i++;
- }
-
- ret = 1;
+ // Compute b_0.
+ static const uint8_t kZeros[EVP_MAX_MD_BLOCK_SIZE] = {0};
+ // If |out_len| exceeds 16 bits then |i| will wrap below causing an error to
+ // be returned. This depends on the static assert above.
+ uint8_t l_i_b_str_zero[3] = {static_cast<uint8_t>(out_len >> 8),
+ static_cast<uint8_t>(out_len), 0};
+ uint8_t b_0[EVP_MAX_MD_SIZE];
+ if (!EVP_DigestInit_ex(ctx.get(), md, nullptr) ||
+ !EVP_DigestUpdate(ctx.get(), kZeros, block_size) ||
+ !EVP_DigestUpdate(ctx.get(), msg, msg_len) ||
+ !EVP_DigestUpdate(ctx.get(), l_i_b_str_zero, sizeof(l_i_b_str_zero)) ||
+ !EVP_DigestUpdate(ctx.get(), dst, dst_len) ||
+ !EVP_DigestUpdate(ctx.get(), &dst_len_u8, 1) ||
+ !EVP_DigestFinal_ex(ctx.get(), b_0, nullptr)) {
+ return 0;
}
-err:
- EVP_MD_CTX_cleanup(&ctx);
- return ret;
+ uint8_t b_i[EVP_MAX_MD_SIZE];
+ uint8_t i = 1;
+ while (out_len > 0) {
+ if (i == 0) {
+ // Input was too large.
+ OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+ if (i > 1) {
+ for (size_t j = 0; j < md_size; j++) {
+ b_i[j] ^= b_0[j];
+ }
+ } else {
+ OPENSSL_memcpy(b_i, b_0, md_size);
+ }
+
+ if (!EVP_DigestInit_ex(ctx.get(), md, nullptr) ||
+ !EVP_DigestUpdate(ctx.get(), b_i, md_size) ||
+ !EVP_DigestUpdate(ctx.get(), &i, 1) ||
+ !EVP_DigestUpdate(ctx.get(), dst, dst_len) ||
+ !EVP_DigestUpdate(ctx.get(), &dst_len_u8, 1) ||
+ !EVP_DigestFinal_ex(ctx.get(), b_i, nullptr)) {
+ return 0;
+ }
+
+ size_t todo = out_len >= md_size ? md_size : out_len;
+ OPENSSL_memcpy(out, b_i, todo);
+ out += todo;
+ out_len -= todo;
+ i++;
+ }
+
+ return 1;
}
// num_bytes_to_derive determines the number of bytes to derive when hashing to
diff --git a/src/crypto/ec/internal.h b/src/crypto/ec/internal.h
index 86e19e2..8dbe4a7 100644
--- a/src/crypto/ec/internal.h
+++ b/src/crypto/ec/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_EC_EXTRA_INTERNAL_H
-#define OPENSSL_HEADER_EC_EXTRA_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_EC_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_EC_INTERNAL_H
#include <openssl/ec.h>
@@ -75,4 +75,4 @@
} // extern C
#endif
-#endif // OPENSSL_HEADER_EC_EXTRA_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_EC_INTERNAL_H
diff --git a/src/crypto/ecdsa/ecdsa_asn1.cc b/src/crypto/ecdsa/ecdsa_asn1.cc
index 1d86a44..28d5036 100644
--- a/src/crypto/ecdsa/ecdsa_asn1.cc
+++ b/src/crypto/ecdsa/ecdsa_asn1.cc
@@ -88,25 +88,20 @@
// TODO(davidben): We can actually do better and go straight from the DER
// format to the fixed-width format without a malloc.
- ECDSA_SIG *s = ecdsa_sig_from_fixed(eckey, fixed, fixed_len);
- if (s == NULL) {
+ bssl::UniquePtr<ECDSA_SIG> s(ecdsa_sig_from_fixed(eckey, fixed, fixed_len));
+ if (s == nullptr) {
return 0;
}
- int ret = 0;
CBB cbb;
CBB_init_fixed(&cbb, sig, ECDSA_size(eckey));
size_t len;
- if (!ECDSA_SIG_marshal(&cbb, s) || !CBB_finish(&cbb, NULL, &len)) {
+ if (!ECDSA_SIG_marshal(&cbb, s.get()) || !CBB_finish(&cbb, nullptr, &len)) {
OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_ENCODE_ERROR);
- goto err;
+ return 0;
}
- *out_sig_len = (unsigned)len;
- ret = 1;
-
-err:
- ECDSA_SIG_free(s);
- return ret;
+ *out_sig_len = static_cast<unsigned>(len);
+ return 1;
}
int ECDSA_verify(int type, const uint8_t *digest, size_t digest_len,
@@ -116,15 +111,15 @@
// TODO(davidben): We can actually do better and go straight from the DER
// format to the fixed-width format without a malloc.
int ret = 0;
- uint8_t *der = NULL;
- ECDSA_SIG *s = ECDSA_SIG_from_bytes(sig, sig_len);
- if (s == NULL) {
+ uint8_t *der = nullptr;
+ bssl::UniquePtr<ECDSA_SIG> s(ECDSA_SIG_from_bytes(sig, sig_len));
+ if (s == nullptr) {
goto err;
}
// Defend against potential laxness in the DER parser.
size_t der_len;
- if (!ECDSA_SIG_to_bytes(&der, &der_len, s) || der_len != sig_len ||
+ if (!ECDSA_SIG_to_bytes(&der, &der_len, s.get()) || der_len != sig_len ||
OPENSSL_memcmp(sig, der, sig_len) != 0) {
// This should never happen. crypto/bytestring is strictly DER.
OPENSSL_PUT_ERROR(ECDSA, ERR_R_INTERNAL_ERROR);
@@ -133,12 +128,11 @@
uint8_t fixed[ECDSA_MAX_FIXED_LEN];
size_t fixed_len;
- ret = ecdsa_sig_to_fixed(eckey, fixed, &fixed_len, sizeof(fixed), s) &&
+ ret = ecdsa_sig_to_fixed(eckey, fixed, &fixed_len, sizeof(fixed), s.get()) &&
ecdsa_verify_fixed(digest, digest_len, fixed, fixed_len, eckey);
err:
OPENSSL_free(der);
- ECDSA_SIG_free(s);
return ret;
}
diff --git a/src/crypto/err/cms.errordata b/src/crypto/err/cms.errordata
new file mode 100644
index 0000000..68b6e95
--- /dev/null
+++ b/src/crypto/err/cms.errordata
@@ -0,0 +1,2 @@
+CMS,100,CERTIFICATE_HAS_NO_KEYID
+CMS,101,PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE
diff --git a/src/crypto/err/err.cc b/src/crypto/err/err.cc
index 82ba0a6..d84153c 100644
--- a/src/crypto/err/err.cc
+++ b/src/crypto/err/err.cc
@@ -24,9 +24,7 @@
#include <string.h>
#if defined(OPENSSL_WINDOWS)
-OPENSSL_MSVC_PRAGMA(warning(push, 3))
#include <windows.h>
-OPENSSL_MSVC_PRAGMA(warning(pop))
#endif
#include <openssl/mem.h>
diff --git a/src/crypto/err/err_test.cc b/src/crypto/err/err_test.cc
index 5b634d2..d62d07f 100644
--- a/src/crypto/err/err_test.cc
+++ b/src/crypto/err/err_test.cc
@@ -26,9 +26,7 @@
#include "./internal.h"
#if defined(OPENSSL_WINDOWS)
-OPENSSL_MSVC_PRAGMA(warning(push, 3))
#include <windows.h>
-OPENSSL_MSVC_PRAGMA(warning(pop))
#else
#include <errno.h>
#endif
diff --git a/src/crypto/err/ssl.errordata b/src/crypto/err/ssl.errordata
index d8eb3a4..7d77cfd 100644
--- a/src/crypto/err/ssl.errordata
+++ b/src/crypto/err/ssl.errordata
@@ -243,6 +243,8 @@
SSL,237,UNSUPPORTED_CIPHER
SSL,238,UNSUPPORTED_COMPRESSION_ALGORITHM
SSL,327,UNSUPPORTED_CREDENTIAL_LIST
+SSL,328,INVALID_TRUST_ANCHOR_LIST
+SSL,329,INVALID_CERTIFICATE_PROPERTY_LIST
SSL,312,UNSUPPORTED_ECH_SERVER_CONFIG
SSL,239,UNSUPPORTED_ELLIPTIC_CURVE
SSL,240,UNSUPPORTED_PROTOCOL
diff --git a/src/crypto/evp/evp_asn1.cc b/src/crypto/evp/evp_asn1.cc
index eeea963..d77a3d2 100644
--- a/src/crypto/evp/evp_asn1.cc
+++ b/src/crypto/evp/evp_asn1.cc
@@ -435,25 +435,24 @@
EC_KEY *d2i_EC_PUBKEY(EC_KEY **out, const uint8_t **inp, long len) {
if (len < 0) {
- return NULL;
+ return nullptr;
}
CBS cbs;
CBS_init(&cbs, *inp, (size_t)len);
- EVP_PKEY *pkey = EVP_parse_public_key(&cbs);
- if (pkey == NULL) {
- return NULL;
+ bssl::UniquePtr<EVP_PKEY> pkey(EVP_parse_public_key(&cbs));
+ if (pkey == nullptr) {
+ return nullptr;
}
- EC_KEY *ec_key = EVP_PKEY_get1_EC_KEY(pkey);
- EVP_PKEY_free(pkey);
- if (ec_key == NULL) {
- return NULL;
+ bssl::UniquePtr<EC_KEY> ec_key(EVP_PKEY_get1_EC_KEY(pkey.get()));
+ if (ec_key == nullptr) {
+ return nullptr;
}
- if (out != NULL) {
+ if (out != nullptr) {
EC_KEY_free(*out);
- *out = ec_key;
+ *out = ec_key.get();
}
*inp = CBS_data(&cbs);
- return ec_key;
+ return ec_key.release();
}
int i2d_EC_PUBKEY(const EC_KEY *ec_key, uint8_t **outp) {
diff --git a/src/crypto/evp/evp_ctx.cc b/src/crypto/evp/evp_ctx.cc
index e34dfa0..9a5f97e 100644
--- a/src/crypto/evp/evp_ctx.cc
+++ b/src/crypto/evp/evp_ctx.cc
@@ -108,37 +108,36 @@
EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx) {
if (!ctx->pmeth || !ctx->pmeth->copy) {
- return NULL;
+ return nullptr;
}
- EVP_PKEY_CTX *ret =
- reinterpret_cast<EVP_PKEY_CTX *>(OPENSSL_zalloc(sizeof(EVP_PKEY_CTX)));
+ bssl::UniquePtr<EVP_PKEY_CTX> ret(
+ reinterpret_cast<EVP_PKEY_CTX *>(OPENSSL_zalloc(sizeof(EVP_PKEY_CTX))));
if (!ret) {
- return NULL;
+ return nullptr;
}
ret->pmeth = ctx->pmeth;
ret->engine = ctx->engine;
ret->operation = ctx->operation;
- if (ctx->pkey != NULL) {
+ if (ctx->pkey != nullptr) {
EVP_PKEY_up_ref(ctx->pkey);
ret->pkey = ctx->pkey;
}
- if (ctx->peerkey != NULL) {
+ if (ctx->peerkey != nullptr) {
EVP_PKEY_up_ref(ctx->peerkey);
ret->peerkey = ctx->peerkey;
}
- if (ctx->pmeth->copy(ret, ctx) <= 0) {
- ret->pmeth = NULL;
- EVP_PKEY_CTX_free(ret);
+ if (ctx->pmeth->copy(ret.get(), ctx) <= 0) {
+ ret->pmeth = nullptr;
OPENSSL_PUT_ERROR(EVP, ERR_LIB_EVP);
- return NULL;
+ return nullptr;
}
- return ret;
+ return ret.release();
}
EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx) { return ctx->pkey; }
diff --git a/src/crypto/evp/evp_test.cc b/src/crypto/evp/evp_test.cc
index 70f6c76..f71bd9f 100644
--- a/src/crypto/evp/evp_test.cc
+++ b/src/crypto/evp/evp_test.cc
@@ -19,16 +19,11 @@
#include <stdlib.h>
#include <string.h>
-OPENSSL_MSVC_PRAGMA(warning(push))
-OPENSSL_MSVC_PRAGMA(warning(disable: 4702))
-
#include <map>
#include <string>
#include <utility>
#include <vector>
-OPENSSL_MSVC_PRAGMA(warning(pop))
-
#include <gtest/gtest.h>
#include <openssl/bn.h>
diff --git a/src/crypto/evp/internal.h b/src/crypto/evp/internal.h
index da07c27..8307aa4 100644
--- a/src/crypto/evp/internal.h
+++ b/src/crypto/evp/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_EVP_INTERNAL_H
-#define OPENSSL_HEADER_EVP_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_EVP_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_EVP_INTERNAL_H
#include <openssl/base.h>
@@ -265,4 +265,4 @@
} // extern C
#endif
-#endif // OPENSSL_HEADER_EVP_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_EVP_INTERNAL_H
diff --git a/src/crypto/evp/p_dsa_asn1.cc b/src/crypto/evp/p_dsa_asn1.cc
index aab3f59..8503d4d 100644
--- a/src/crypto/evp/p_dsa_asn1.cc
+++ b/src/crypto/evp/p_dsa_asn1.cc
@@ -62,11 +62,11 @@
dsa->p != nullptr && dsa->q != nullptr && dsa->g != nullptr;
// See RFC 5480, section 2.
- CBB spki, algorithm, oid, key_bitstring;
+ CBB spki, algorithm, key_bitstring;
if (!CBB_add_asn1(out, &spki, CBS_ASN1_SEQUENCE) ||
!CBB_add_asn1(&spki, &algorithm, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&algorithm, &oid, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&oid, dsa_asn1_meth.oid, dsa_asn1_meth.oid_len) ||
+ !CBB_add_asn1_element(&algorithm, CBS_ASN1_OBJECT, dsa_asn1_meth.oid,
+ dsa_asn1_meth.oid_len) ||
(has_params && !DSA_marshal_parameters(&algorithm, dsa)) ||
!CBB_add_asn1(&spki, &key_bitstring, CBS_ASN1_BITSTRING) ||
!CBB_add_u8(&key_bitstring, 0 /* padding */) ||
@@ -126,12 +126,12 @@
}
// See PKCS#11, v2.40, section 2.5.
- CBB pkcs8, algorithm, oid, private_key;
+ CBB pkcs8, algorithm, private_key;
if (!CBB_add_asn1(out, &pkcs8, CBS_ASN1_SEQUENCE) ||
!CBB_add_asn1_uint64(&pkcs8, 0 /* version */) ||
!CBB_add_asn1(&pkcs8, &algorithm, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&algorithm, &oid, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&oid, dsa_asn1_meth.oid, dsa_asn1_meth.oid_len) ||
+ !CBB_add_asn1_element(&algorithm, CBS_ASN1_OBJECT, dsa_asn1_meth.oid,
+ dsa_asn1_meth.oid_len) ||
!DSA_marshal_parameters(&algorithm, dsa) ||
!CBB_add_asn1(&pkcs8, &private_key, CBS_ASN1_OCTETSTRING) ||
!BN_marshal_asn1(&private_key, dsa->priv_key) || !CBB_flush(out)) {
diff --git a/src/crypto/evp/p_ec_asn1.cc b/src/crypto/evp/p_ec_asn1.cc
index bcf2525..d89c6eb 100644
--- a/src/crypto/evp/p_ec_asn1.cc
+++ b/src/crypto/evp/p_ec_asn1.cc
@@ -30,11 +30,11 @@
const EC_POINT *public_key = EC_KEY_get0_public_key(ec_key);
// See RFC 5480, section 2.
- CBB spki, algorithm, oid, key_bitstring;
+ CBB spki, algorithm, key_bitstring;
if (!CBB_add_asn1(out, &spki, CBS_ASN1_SEQUENCE) ||
!CBB_add_asn1(&spki, &algorithm, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&algorithm, &oid, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&oid, ec_asn1_meth.oid, ec_asn1_meth.oid_len) ||
+ !CBB_add_asn1_element(&algorithm, CBS_ASN1_OBJECT, ec_asn1_meth.oid,
+ ec_asn1_meth.oid_len) ||
!EC_KEY_marshal_curve_name(&algorithm, group) ||
!CBB_add_asn1(&spki, &key_bitstring, CBS_ASN1_BITSTRING) ||
!CBB_add_u8(&key_bitstring, 0 /* padding */) ||
@@ -114,12 +114,12 @@
unsigned enc_flags = EC_KEY_get_enc_flags(ec_key) | EC_PKEY_NO_PARAMETERS;
// See RFC 5915.
- CBB pkcs8, algorithm, oid, private_key;
+ CBB pkcs8, algorithm, private_key;
if (!CBB_add_asn1(out, &pkcs8, CBS_ASN1_SEQUENCE) ||
!CBB_add_asn1_uint64(&pkcs8, 0 /* version */) ||
!CBB_add_asn1(&pkcs8, &algorithm, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&algorithm, &oid, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&oid, ec_asn1_meth.oid, ec_asn1_meth.oid_len) ||
+ !CBB_add_asn1_element(&algorithm, CBS_ASN1_OBJECT, ec_asn1_meth.oid,
+ ec_asn1_meth.oid_len) ||
!EC_KEY_marshal_curve_name(&algorithm, EC_KEY_get0_group(ec_key)) ||
!CBB_add_asn1(&pkcs8, &private_key, CBS_ASN1_OCTETSTRING) ||
!EC_KEY_marshal_private_key(&private_key, ec_key, enc_flags) ||
diff --git a/src/crypto/evp/p_ed25519_asn1.cc b/src/crypto/evp/p_ed25519_asn1.cc
index 45947d8..8053422 100644
--- a/src/crypto/evp/p_ed25519_asn1.cc
+++ b/src/crypto/evp/p_ed25519_asn1.cc
@@ -129,11 +129,11 @@
const ED25519_KEY *key = reinterpret_cast<const ED25519_KEY *>(pkey->pkey);
// See RFC 8410, section 4.
- CBB spki, algorithm, oid, key_bitstring;
+ CBB spki, algorithm, key_bitstring;
if (!CBB_add_asn1(out, &spki, CBS_ASN1_SEQUENCE) ||
!CBB_add_asn1(&spki, &algorithm, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&algorithm, &oid, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&oid, ed25519_asn1_meth.oid, ed25519_asn1_meth.oid_len) ||
+ !CBB_add_asn1_element(&algorithm, CBS_ASN1_OBJECT, ed25519_asn1_meth.oid,
+ ed25519_asn1_meth.oid_len) ||
!CBB_add_asn1(&spki, &key_bitstring, CBS_ASN1_BITSTRING) ||
!CBB_add_u8(&key_bitstring, 0 /* padding */) ||
!CBB_add_bytes(&key_bitstring, key->key + ED25519_PUBLIC_KEY_OFFSET,
@@ -176,12 +176,12 @@
}
// See RFC 8410, section 7.
- CBB pkcs8, algorithm, oid, private_key, inner;
+ CBB pkcs8, algorithm, private_key, inner;
if (!CBB_add_asn1(out, &pkcs8, CBS_ASN1_SEQUENCE) ||
!CBB_add_asn1_uint64(&pkcs8, 0 /* version */) ||
!CBB_add_asn1(&pkcs8, &algorithm, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&algorithm, &oid, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&oid, ed25519_asn1_meth.oid, ed25519_asn1_meth.oid_len) ||
+ !CBB_add_asn1_element(&algorithm, CBS_ASN1_OBJECT, ed25519_asn1_meth.oid,
+ ed25519_asn1_meth.oid_len) ||
!CBB_add_asn1(&pkcs8, &private_key, CBS_ASN1_OCTETSTRING) ||
!CBB_add_asn1(&private_key, &inner, CBS_ASN1_OCTETSTRING) ||
// The PKCS#8 encoding stores only the 32-byte seed which is the first 32
diff --git a/src/crypto/evp/p_rsa_asn1.cc b/src/crypto/evp/p_rsa_asn1.cc
index cdcb6b4..6c6bfc5 100644
--- a/src/crypto/evp/p_rsa_asn1.cc
+++ b/src/crypto/evp/p_rsa_asn1.cc
@@ -28,11 +28,11 @@
static int rsa_pub_encode(CBB *out, const EVP_PKEY *key) {
// See RFC 3279, section 2.3.1.
const RSA *rsa = reinterpret_cast<const RSA *>(key->pkey);
- CBB spki, algorithm, oid, null, key_bitstring;
+ CBB spki, algorithm, null, key_bitstring;
if (!CBB_add_asn1(out, &spki, CBS_ASN1_SEQUENCE) ||
!CBB_add_asn1(&spki, &algorithm, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&algorithm, &oid, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&oid, rsa_asn1_meth.oid, rsa_asn1_meth.oid_len) ||
+ !CBB_add_asn1_element(&algorithm, CBS_ASN1_OBJECT, rsa_asn1_meth.oid,
+ rsa_asn1_meth.oid_len) ||
!CBB_add_asn1(&algorithm, &null, CBS_ASN1_NULL) ||
!CBB_add_asn1(&spki, &key_bitstring, CBS_ASN1_BITSTRING) ||
!CBB_add_u8(&key_bitstring, 0 /* padding */) ||
@@ -76,12 +76,12 @@
static int rsa_priv_encode(CBB *out, const EVP_PKEY *key) {
const RSA *rsa = reinterpret_cast<const RSA *>(key->pkey);
- CBB pkcs8, algorithm, oid, null, private_key;
+ CBB pkcs8, algorithm, null, private_key;
if (!CBB_add_asn1(out, &pkcs8, CBS_ASN1_SEQUENCE) ||
!CBB_add_asn1_uint64(&pkcs8, 0 /* version */) ||
!CBB_add_asn1(&pkcs8, &algorithm, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&algorithm, &oid, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&oid, rsa_asn1_meth.oid, rsa_asn1_meth.oid_len) ||
+ !CBB_add_asn1_element(&algorithm, CBS_ASN1_OBJECT, rsa_asn1_meth.oid,
+ rsa_asn1_meth.oid_len) ||
!CBB_add_asn1(&algorithm, &null, CBS_ASN1_NULL) ||
!CBB_add_asn1(&pkcs8, &private_key, CBS_ASN1_OCTETSTRING) ||
!RSA_marshal_private_key(&private_key, rsa) || //
diff --git a/src/crypto/evp/p_x25519_asn1.cc b/src/crypto/evp/p_x25519_asn1.cc
index 351b788..c31dcc5 100644
--- a/src/crypto/evp/p_x25519_asn1.cc
+++ b/src/crypto/evp/p_x25519_asn1.cc
@@ -143,11 +143,11 @@
const X25519_KEY *key = reinterpret_cast<X25519_KEY *>(pkey->pkey);
// See RFC 8410, section 4.
- CBB spki, algorithm, oid, key_bitstring;
+ CBB spki, algorithm, key_bitstring;
if (!CBB_add_asn1(out, &spki, CBS_ASN1_SEQUENCE) ||
!CBB_add_asn1(&spki, &algorithm, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&algorithm, &oid, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&oid, x25519_asn1_meth.oid, x25519_asn1_meth.oid_len) ||
+ !CBB_add_asn1_element(&algorithm, CBS_ASN1_OBJECT, x25519_asn1_meth.oid,
+ x25519_asn1_meth.oid_len) ||
!CBB_add_asn1(&spki, &key_bitstring, CBS_ASN1_BITSTRING) ||
!CBB_add_u8(&key_bitstring, 0 /* padding */) ||
!CBB_add_bytes(&key_bitstring, key->pub, 32) || //
@@ -188,12 +188,12 @@
}
// See RFC 8410, section 7.
- CBB pkcs8, algorithm, oid, private_key, inner;
+ CBB pkcs8, algorithm, private_key, inner;
if (!CBB_add_asn1(out, &pkcs8, CBS_ASN1_SEQUENCE) ||
!CBB_add_asn1_uint64(&pkcs8, 0 /* version */) ||
!CBB_add_asn1(&pkcs8, &algorithm, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&algorithm, &oid, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&oid, x25519_asn1_meth.oid, x25519_asn1_meth.oid_len) ||
+ !CBB_add_asn1_element(&algorithm, CBS_ASN1_OBJECT, x25519_asn1_meth.oid,
+ x25519_asn1_meth.oid_len) ||
!CBB_add_asn1(&pkcs8, &private_key, CBS_ASN1_OCTETSTRING) ||
!CBB_add_asn1(&private_key, &inner, CBS_ASN1_OCTETSTRING) ||
// The PKCS#8 encoding stores only the 32-byte seed which is the first 32
diff --git a/src/crypto/evp/sign.cc b/src/crypto/evp/sign.cc
index 2a7836f..e14acc4 100644
--- a/src/crypto/evp/sign.cc
+++ b/src/crypto/evp/sign.cc
@@ -36,39 +36,30 @@
int EVP_SignFinal(const EVP_MD_CTX *ctx, uint8_t *sig, unsigned *out_sig_len,
EVP_PKEY *pkey) {
- uint8_t m[EVP_MAX_MD_SIZE];
- unsigned m_len;
- int ret = 0;
- EVP_MD_CTX tmp_ctx;
- EVP_PKEY_CTX *pkctx = NULL;
- size_t sig_len = EVP_PKEY_size(pkey);
-
// Ensure the final result will fit in |unsigned|.
+ size_t sig_len = EVP_PKEY_size(pkey);
if (sig_len > UINT_MAX) {
sig_len = UINT_MAX;
}
*out_sig_len = 0;
- EVP_MD_CTX_init(&tmp_ctx);
- if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx) ||
- !EVP_DigestFinal_ex(&tmp_ctx, m, &m_len)) {
- goto out;
+ uint8_t m[EVP_MAX_MD_SIZE];
+ unsigned m_len;
+ bssl::ScopedEVP_MD_CTX tmp_ctx;
+ if (!EVP_MD_CTX_copy_ex(tmp_ctx.get(), ctx) ||
+ !EVP_DigestFinal_ex(tmp_ctx.get(), m, &m_len)) {
+ return 0;
}
- EVP_MD_CTX_cleanup(&tmp_ctx);
- pkctx = EVP_PKEY_CTX_new(pkey, NULL);
+ bssl::UniquePtr<EVP_PKEY_CTX> pkctx(EVP_PKEY_CTX_new(pkey, nullptr));
if (!pkctx || //
- !EVP_PKEY_sign_init(pkctx) ||
- !EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) ||
- !EVP_PKEY_sign(pkctx, sig, &sig_len, m, m_len)) {
- goto out;
+ !EVP_PKEY_sign_init(pkctx.get()) ||
+ !EVP_PKEY_CTX_set_signature_md(pkctx.get(), ctx->digest) ||
+ !EVP_PKEY_sign(pkctx.get(), sig, &sig_len, m, m_len)) {
+ return 0;
}
- *out_sig_len = (unsigned)sig_len;
- ret = 1;
-
-out:
- EVP_PKEY_CTX_free(pkctx);
- return ret;
+ *out_sig_len = static_cast<unsigned>(sig_len);
+ return 1;
}
int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) {
@@ -87,28 +78,18 @@
EVP_PKEY *pkey) {
uint8_t m[EVP_MAX_MD_SIZE];
unsigned m_len;
- int ret = 0;
- EVP_MD_CTX tmp_ctx;
- EVP_PKEY_CTX *pkctx = NULL;
-
- EVP_MD_CTX_init(&tmp_ctx);
- if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx) ||
- !EVP_DigestFinal_ex(&tmp_ctx, m, &m_len)) {
- EVP_MD_CTX_cleanup(&tmp_ctx);
- goto out;
+ bssl::ScopedEVP_MD_CTX tmp_ctx;
+ if (!EVP_MD_CTX_copy_ex(tmp_ctx.get(), ctx) ||
+ !EVP_DigestFinal_ex(tmp_ctx.get(), m, &m_len)) {
+ return 0;
}
- EVP_MD_CTX_cleanup(&tmp_ctx);
- pkctx = EVP_PKEY_CTX_new(pkey, NULL);
+ bssl::UniquePtr<EVP_PKEY_CTX> pkctx(EVP_PKEY_CTX_new(pkey, nullptr));
if (!pkctx ||
- !EVP_PKEY_verify_init(pkctx) ||
- !EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest)) {
- goto out;
+ !EVP_PKEY_verify_init(pkctx.get()) ||
+ !EVP_PKEY_CTX_set_signature_md(pkctx.get(), ctx->digest)) {
+ return 0;
}
- ret = EVP_PKEY_verify(pkctx, sig, sig_len, m, m_len);
-
-out:
- EVP_PKEY_CTX_free(pkctx);
- return ret;
+ return EVP_PKEY_verify(pkctx.get(), sig, sig_len, m, m_len);
}
diff --git a/src/crypto/fipsmodule/aes/aes.cc.inc b/src/crypto/fipsmodule/aes/aes.cc.inc
index 26e60e7..6df166b 100644
--- a/src/crypto/fipsmodule/aes/aes.cc.inc
+++ b/src/crypto/fipsmodule/aes/aes.cc.inc
@@ -12,11 +12,10 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#include <openssl/aes.h>
-
#include <assert.h>
#include "internal.h"
+#include "../bcm_interface.h"
// Be aware that different sets of AES functions use incompatible key
@@ -24,7 +23,8 @@
// value, or both. Therefore they cannot mix. Also, on AArch64, the plain-C
// code, above, is incompatible with the |aes_hw_*| functions.
-void AES_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
+bcm_infallible BCM_aes_encrypt(const uint8_t *in, uint8_t *out,
+ const AES_KEY *key) {
if (hwaes_capable()) {
aes_hw_encrypt(in, out, key);
} else if (vpaes_capable()) {
@@ -32,9 +32,11 @@
} else {
aes_nohw_encrypt(in, out, key);
}
+ return bcm_infallible::not_approved;
}
-void AES_decrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
+bcm_infallible BCM_aes_decrypt(const uint8_t *in, uint8_t *out,
+ const AES_KEY *key) {
if (hwaes_capable()) {
aes_hw_decrypt(in, out, key);
} else if (vpaes_capable()) {
@@ -42,32 +44,41 @@
} else {
aes_nohw_decrypt(in, out, key);
}
+ return bcm_infallible::not_approved;
}
-int AES_set_encrypt_key(const uint8_t *key, unsigned bits, AES_KEY *aeskey) {
- if (bits != 128 && bits != 192 && bits != 256) {
- return -2;
- }
+bcm_status BCM_aes_set_encrypt_key(const uint8_t *key, unsigned bits,
+ AES_KEY *aeskey) {
+ int ret = -1;
if (hwaes_capable()) {
- return aes_hw_set_encrypt_key(key, bits, aeskey);
+ ret = aes_hw_set_encrypt_key(key, bits, aeskey);
} else if (vpaes_capable()) {
- return vpaes_set_encrypt_key(key, bits, aeskey);
+ ret = vpaes_set_encrypt_key(key, bits, aeskey);
} else {
- return aes_nohw_set_encrypt_key(key, bits, aeskey);
+ ret = aes_nohw_set_encrypt_key(key, bits, aeskey);
}
+ if (ret < 0) {
+ return bcm_status::failure;
+ }
+ BSSL_CHECK(ret == 0);
+ return bcm_status::not_approved;
}
-int AES_set_decrypt_key(const uint8_t *key, unsigned bits, AES_KEY *aeskey) {
- if (bits != 128 && bits != 192 && bits != 256) {
- return -2;
- }
+bcm_status BCM_aes_set_decrypt_key(const uint8_t *key, unsigned bits,
+ AES_KEY *aeskey) {
+ int ret = -1;
if (hwaes_capable()) {
- return aes_hw_set_decrypt_key(key, bits, aeskey);
+ ret = aes_hw_set_decrypt_key(key, bits, aeskey);
} else if (vpaes_capable()) {
- return vpaes_set_decrypt_key(key, bits, aeskey);
+ ret = vpaes_set_decrypt_key(key, bits, aeskey);
} else {
- return aes_nohw_set_decrypt_key(key, bits, aeskey);
+ ret = aes_nohw_set_decrypt_key(key, bits, aeskey);
}
+ if (ret < 0) {
+ return bcm_status::failure;
+ }
+ BSSL_CHECK(ret == 0);
+ return bcm_status::not_approved;
}
#if defined(HWAES) && (defined(OPENSSL_X86) || defined(OPENSSL_X86_64))
diff --git a/src/crypto/fipsmodule/aes/asm/aes-gcm-avx10-x86_64.pl b/src/crypto/fipsmodule/aes/asm/aes-gcm-avx10-x86_64.pl
deleted file mode 100644
index 8a099d3..0000000
--- a/src/crypto/fipsmodule/aes/asm/aes-gcm-avx10-x86_64.pl
+++ /dev/null
@@ -1,1370 +0,0 @@
-#!/usr/bin/env perl
-# Copyright 2024 The BoringSSL Authors
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# https://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-#------------------------------------------------------------------------------
-#
-# VAES and VPCLMULQDQ optimized AES-GCM for x86_64
-#
-# This file is based on aes-gcm-avx10-x86_64.S from the Linux kernel
-# (https://git.kernel.org/linus/b06affb1cb580e13). The following notable
-# changes have been made:
-#
-# - Relicensed under BoringSSL's preferred license.
-#
-# - Converted from GNU assembler to "perlasm". This was necessary for
-# compatibility with BoringSSL's Windows builds which use NASM instead of the
-# GNU assembler. It was also necessary for compatibility with the 'delocate'
-# tool used in BoringSSL's FIPS builds.
-#
-# - Added support for the Windows ABI.
-#
-# - Changed function prototypes to be compatible with what BoringSSL wants.
-#
-# - Removed the optimized finalization function, as BoringSSL doesn't want it.
-#
-# - Added a single-block GHASH multiplication function, as BoringSSL needs this.
-#
-# - Added optimization for large amounts of AAD.
-#
-#------------------------------------------------------------------------------
-#
-# This file implements AES-GCM (Galois/Counter Mode) for x86_64 CPUs that
-# support VAES (vector AES), VPCLMULQDQ (vector carryless multiplication), and
-# either AVX512 or AVX10. Some of the functions, notably the encryption and
-# decryption update functions which are the most performance-critical, are
-# provided in two variants generated from a macro: one using 256-bit vectors
-# (suffix: vaes_avx10_256) and one using 512-bit vectors (vaes_avx10_512). The
-# other, "shared" functions (vaes_avx10) use at most 256-bit vectors.
-#
-# The functions that use 512-bit vectors are intended for CPUs that support
-# 512-bit vectors *and* where using them doesn't cause significant
-# downclocking. They require the following CPU features:
-#
-# VAES && VPCLMULQDQ && BMI2 && ((AVX512BW && AVX512VL) || AVX10/512)
-#
-# The other functions require the following CPU features:
-#
-# VAES && VPCLMULQDQ && BMI2 && ((AVX512BW && AVX512VL) || AVX10/256)
-#
-# Note that we use "avx10" in the names of the functions as a shorthand to
-# really mean "AVX10 or a certain set of AVX512 features". Due to Intel's
-# introduction of AVX512 and then its replacement by AVX10, there doesn't seem
-# to be a simple way to name things that makes sense on all CPUs.
-#
-# Note that the macros that support both 256-bit and 512-bit vectors could
-# fairly easily be changed to support 128-bit too. However, this would *not*
-# be sufficient to allow the code to run on CPUs without AVX512 or AVX10,
-# because the code heavily uses several features of these extensions other than
-# the vector length: the increase in the number of SIMD registers from 16 to
-# 32, masking support, and new instructions such as vpternlogd (which can do a
-# three-argument XOR). These features are very useful for AES-GCM.
-
-$flavour = shift;
-$output = shift;
-if ( $flavour =~ /\./ ) { $output = $flavour; undef $flavour; }
-
-if ( $flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/ ) {
- $win64 = 1;
- @argregs = ( "%rcx", "%rdx", "%r8", "%r9" );
-}
-else {
- $win64 = 0;
- @argregs = ( "%rdi", "%rsi", "%rdx", "%rcx", "%r8", "%r9" );
-}
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/;
-$dir = $1;
-( $xlate = "${dir}x86_64-xlate.pl" and -f $xlate )
- or ( $xlate = "${dir}../../../perlasm/x86_64-xlate.pl" and -f $xlate )
- or die "can't locate x86_64-xlate.pl";
-
-open OUT, "| \"$^X\" \"$xlate\" $flavour \"$output\"";
-*STDOUT = *OUT;
-
-sub _begin_func {
- my ( $funcname, $uses_seh ) = @_;
- $g_cur_func_name = $funcname;
- $g_cur_func_uses_seh = $uses_seh;
- @g_cur_func_saved_gpregs = ();
- @g_cur_func_saved_xmmregs = ();
- return <<___;
-.globl $funcname
-.type $funcname,\@abi-omnipotent
-.align 32
-$funcname:
- .cfi_startproc
- @{[ $uses_seh ? ".seh_startproc" : "" ]}
- _CET_ENDBR
-___
-}
-
-# Push a list of general purpose registers onto the stack.
-sub _save_gpregs {
- my @gpregs = @_;
- my $code = "";
- die "_save_gpregs requires uses_seh" unless $g_cur_func_uses_seh;
- die "_save_gpregs can only be called once per function"
- if @g_cur_func_saved_gpregs;
- die "Order must be _save_gpregs, then _save_xmmregs"
- if @g_cur_func_saved_xmmregs;
- @g_cur_func_saved_gpregs = @gpregs;
- for my $reg (@gpregs) {
- $code .= "push $reg\n";
- if ($win64) {
- $code .= ".seh_pushreg $reg\n";
- }
- else {
- $code .= ".cfi_push $reg\n";
- }
- }
- return $code;
-}
-
-# Push a list of xmm registers onto the stack if the target is Windows.
-sub _save_xmmregs {
- my @xmmregs = @_;
- my $num_xmmregs = scalar @xmmregs;
- my $code = "";
- die "_save_xmmregs requires uses_seh" unless $g_cur_func_uses_seh;
- die "_save_xmmregs can only be called once per function"
- if @g_cur_func_saved_xmmregs;
- if ( $win64 and $num_xmmregs > 0 ) {
- @g_cur_func_saved_xmmregs = @xmmregs;
- my $is_misaligned = ( scalar @g_cur_func_saved_gpregs ) % 2 == 0;
- my $alloc_size = 16 * $num_xmmregs + ( $is_misaligned ? 8 : 0 );
- $code .= "sub \$$alloc_size, %rsp\n";
- $code .= ".seh_stackalloc $alloc_size\n";
- for my $i ( 0 .. $num_xmmregs - 1 ) {
- my $reg_num = $xmmregs[$i];
- my $pos = 16 * $i;
- $code .= "movdqa %xmm$reg_num, $pos(%rsp)\n";
- $code .= ".seh_savexmm %xmm$reg_num, $pos\n";
- }
- }
- return $code;
-}
-
-sub _end_func {
- my $code = "";
-
- # Restore any xmm registers that were saved earlier.
- my $num_xmmregs = scalar @g_cur_func_saved_xmmregs;
- if ( $win64 and $num_xmmregs > 0 ) {
- my $need_alignment = ( scalar @g_cur_func_saved_gpregs ) % 2 == 0;
- my $alloc_size = 16 * $num_xmmregs + ( $need_alignment ? 8 : 0 );
- for my $i ( 0 .. $num_xmmregs - 1 ) {
- my $reg_num = $g_cur_func_saved_xmmregs[$i];
- my $pos = 16 * $i;
- $code .= "movdqa $pos(%rsp), %xmm$reg_num\n";
- }
- $code .= "add \$$alloc_size, %rsp\n";
- }
-
- # Restore any general purpose registers that were saved earlier.
- for my $reg ( reverse @g_cur_func_saved_gpregs ) {
- $code .= "pop $reg\n";
- if ( !$win64 ) {
- $code .= ".cfi_pop $reg\n";
- }
- }
-
- $code .= <<___;
- ret
- @{[ $g_cur_func_uses_seh ? ".seh_endproc" : "" ]}
- .cfi_endproc
- .size $g_cur_func_name, . - $g_cur_func_name
-___
- return $code;
-}
-
-$code = <<___;
-.section .rodata
-.align 64
-
- # A shuffle mask that reflects the bytes of 16-byte blocks
-.Lbswap_mask:
- .quad 0x08090a0b0c0d0e0f, 0x0001020304050607
-
- # This is the GHASH reducing polynomial without its constant term, i.e.
- # x^128 + x^7 + x^2 + x, represented using the backwards mapping
- # between bits and polynomial coefficients.
- #
- # Alternatively, it can be interpreted as the naturally-ordered
- # representation of the polynomial x^127 + x^126 + x^121 + 1, i.e. the
- # "reversed" GHASH reducing polynomial without its x^128 term.
-.Lgfpoly:
- .quad 1, 0xc200000000000000
-
- # Same as above, but with the (1 << 64) bit set.
-.Lgfpoly_and_internal_carrybit:
- .quad 1, 0xc200000000000001
-
- # The below constants are used for incrementing the counter blocks.
- # ctr_pattern points to the four 128-bit values [0, 1, 2, 3].
- # inc_2blocks and inc_4blocks point to the single 128-bit values 2 and
- # 4. Note that the same '2' is reused in ctr_pattern and inc_2blocks.
-.Lctr_pattern:
- .quad 0, 0
- .quad 1, 0
-.Linc_2blocks:
- .quad 2, 0
- .quad 3, 0
-.Linc_4blocks:
- .quad 4, 0
-
-.text
-___
-
-# Number of powers of the hash key stored in the key struct. The powers are
-# stored from highest (H^NUM_H_POWERS) to lowest (H^1).
-$NUM_H_POWERS = 16;
-
-$OFFSETOFEND_H_POWERS = $NUM_H_POWERS * 16;
-
-# Offset to 'rounds' in AES_KEY struct
-$OFFSETOF_AES_ROUNDS = 240;
-
-# The current vector length in bytes
-undef $VL;
-
-# Set the vector length in bytes. This sets the VL variable and defines
-# register aliases V0-V31 that map to the ymm or zmm registers.
-sub _set_veclen {
- ($VL) = @_;
- foreach my $i ( 0 .. 31 ) {
- if ( $VL == 32 ) {
- ${"V${i}"} = "%ymm${i}";
- }
- elsif ( $VL == 64 ) {
- ${"V${i}"} = "%zmm${i}";
- }
- else {
- die "Unsupported vector length";
- }
- }
-}
-
-# The _ghash_mul_step macro does one step of GHASH multiplication of the
-# 128-bit lanes of \a by the corresponding 128-bit lanes of \b and storing the
-# reduced products in \dst. \t0, \t1, and \t2 are temporary registers of the
-# same size as \a and \b. To complete all steps, this must invoked with \i=0
-# through \i=9. The division into steps allows users of this macro to
-# optionally interleave the computation with other instructions. Users of this
-# macro must preserve the parameter registers across steps.
-#
-# The multiplications are done in GHASH's representation of the finite field
-# GF(2^128). Elements of GF(2^128) are represented as binary polynomials
-# (i.e. polynomials whose coefficients are bits) modulo a reducing polynomial
-# G. The GCM specification uses G = x^128 + x^7 + x^2 + x + 1. Addition is
-# just XOR, while multiplication is more complex and has two parts: (a) do
-# carryless multiplication of two 128-bit input polynomials to get a 256-bit
-# intermediate product polynomial, and (b) reduce the intermediate product to
-# 128 bits by adding multiples of G that cancel out terms in it. (Adding
-# multiples of G doesn't change which field element the polynomial represents.)
-#
-# Unfortunately, the GCM specification maps bits to/from polynomial
-# coefficients backwards from the natural order. In each byte it specifies the
-# highest bit to be the lowest order polynomial coefficient, *not* the highest!
-# This makes it nontrivial to work with the GHASH polynomials. We could
-# reflect the bits, but x86 doesn't have an instruction that does that.
-#
-# Instead, we operate on the values without bit-reflecting them. This *mostly*
-# just works, since XOR and carryless multiplication are symmetric with respect
-# to bit order, but it has some consequences. First, due to GHASH's byte
-# order, by skipping bit reflection, *byte* reflection becomes necessary to
-# give the polynomial terms a consistent order. E.g., considering an N-bit
-# value interpreted using the G = x^128 + x^7 + x^2 + x + 1 convention, bits 0
-# through N-1 of the byte-reflected value represent the coefficients of x^(N-1)
-# through x^0, whereas bits 0 through N-1 of the non-byte-reflected value
-# represent x^7...x^0, x^15...x^8, ..., x^(N-1)...x^(N-8) which can't be worked
-# with. Fortunately, x86's vpshufb instruction can do byte reflection.
-#
-# Second, forgoing the bit reflection causes an extra multiple of x (still
-# using the G = x^128 + x^7 + x^2 + x + 1 convention) to be introduced by each
-# multiplication. This is because an M-bit by N-bit carryless multiplication
-# really produces a (M+N-1)-bit product, but in practice it's zero-extended to
-# M+N bits. In the G = x^128 + x^7 + x^2 + x + 1 convention, which maps bits
-# to polynomial coefficients backwards, this zero-extension actually changes
-# the product by introducing an extra factor of x. Therefore, users of this
-# macro must ensure that one of the inputs has an extra factor of x^-1, i.e.
-# the multiplicative inverse of x, to cancel out the extra x.
-#
-# Third, the backwards coefficients convention is just confusing to work with,
-# since it makes "low" and "high" in the polynomial math mean the opposite of
-# their normal meaning in computer programming. This can be solved by using an
-# alternative interpretation: the polynomial coefficients are understood to be
-# in the natural order, and the multiplication is actually \a * \b * x^-128 mod
-# x^128 + x^127 + x^126 + x^121 + 1. This doesn't change the inputs, outputs,
-# or the implementation at all; it just changes the mathematical interpretation
-# of what each instruction is doing. Starting from here, we'll use this
-# alternative interpretation, as it's easier to understand the code that way.
-#
-# Moving onto the implementation, the vpclmulqdq instruction does 64 x 64 =>
-# 128-bit carryless multiplication, so we break the 128 x 128 multiplication
-# into parts as follows (the _L and _H suffixes denote low and high 64 bits):
-#
-# LO = a_L * b_L
-# MI = (a_L * b_H) + (a_H * b_L)
-# HI = a_H * b_H
-#
-# The 256-bit product is x^128*HI + x^64*MI + LO. LO, MI, and HI are 128-bit.
-# Note that MI "overlaps" with LO and HI. We don't consolidate MI into LO and
-# HI right away, since the way the reduction works makes that unnecessary.
-#
-# For the reduction, we cancel out the low 128 bits by adding multiples of G =
-# x^128 + x^127 + x^126 + x^121 + 1. This is done by two iterations, each of
-# which cancels out the next lowest 64 bits. Consider a value x^64*A + B,
-# where A and B are 128-bit. Adding B_L*G to that value gives:
-#
-# x^64*A + B + B_L*G
-# = x^64*A + x^64*B_H + B_L + B_L*(x^128 + x^127 + x^126 + x^121 + 1)
-# = x^64*A + x^64*B_H + B_L + x^128*B_L + x^64*B_L*(x^63 + x^62 + x^57) + B_L
-# = x^64*A + x^64*B_H + x^128*B_L + x^64*B_L*(x^63 + x^62 + x^57) + B_L + B_L
-# = x^64*(A + B_H + x^64*B_L + B_L*(x^63 + x^62 + x^57))
-#
-# So: if we sum A, B with its halves swapped, and the low half of B times x^63
-# + x^62 + x^57, we get a 128-bit value C where x^64*C is congruent to the
-# original value x^64*A + B. I.e., the low 64 bits got canceled out.
-#
-# We just need to apply this twice: first to fold LO into MI, and second to
-# fold the updated MI into HI.
-#
-# The needed three-argument XORs are done using the vpternlogd instruction with
-# immediate 0x96, since this is faster than two vpxord instructions.
-#
-# A potential optimization, assuming that b is fixed per-key (if a is fixed
-# per-key it would work the other way around), is to use one iteration of the
-# reduction described above to precompute a value c such that x^64*c = b mod G,
-# and then multiply a_L by c (and implicitly by x^64) instead of by b:
-#
-# MI = (a_L * c_L) + (a_H * b_L)
-# HI = (a_L * c_H) + (a_H * b_H)
-#
-# This would eliminate the LO part of the intermediate product, which would
-# eliminate the need to fold LO into MI. This would save two instructions,
-# including a vpclmulqdq. However, we currently don't use this optimization
-# because it would require twice as many per-key precomputed values.
-#
-# Using Karatsuba multiplication instead of "schoolbook" multiplication
-# similarly would save a vpclmulqdq but does not seem to be worth it.
-sub _ghash_mul_step {
- my ( $i, $a, $b, $dst, $gfpoly, $t0, $t1, $t2 ) = @_;
- if ( $i == 0 ) {
- return "vpclmulqdq \$0x00, $a, $b, $t0\n" . # LO = a_L * b_L
- "vpclmulqdq \$0x01, $a, $b, $t1\n"; # MI_0 = a_L * b_H
- }
- elsif ( $i == 1 ) {
- return "vpclmulqdq \$0x10, $a, $b, $t2\n"; # MI_1 = a_H * b_L
- }
- elsif ( $i == 2 ) {
- return "vpxord $t2, $t1, $t1\n"; # MI = MI_0 + MI_1
- }
- elsif ( $i == 3 ) {
- return
- "vpclmulqdq \$0x01, $t0, $gfpoly, $t2\n"; # LO_L*(x^63 + x^62 + x^57)
- }
- elsif ( $i == 4 ) {
- return "vpshufd \$0x4e, $t0, $t0\n"; # Swap halves of LO
- }
- elsif ( $i == 5 ) {
- return "vpternlogd \$0x96, $t2, $t0, $t1\n"; # Fold LO into MI
- }
- elsif ( $i == 6 ) {
- return "vpclmulqdq \$0x11, $a, $b, $dst\n"; # HI = a_H * b_H
- }
- elsif ( $i == 7 ) {
- return
- "vpclmulqdq \$0x01, $t1, $gfpoly, $t0\n"; # MI_L*(x^63 + x^62 + x^57)
- }
- elsif ( $i == 8 ) {
- return "vpshufd \$0x4e, $t1, $t1\n"; # Swap halves of MI
- }
- elsif ( $i == 9 ) {
- return "vpternlogd \$0x96, $t0, $t1, $dst\n"; # Fold MI into HI
- }
-}
-
-# GHASH-multiply the 128-bit lanes of \a by the 128-bit lanes of \b and store
-# the reduced products in \dst. See _ghash_mul_step for full explanation.
-sub _ghash_mul {
- my ( $a, $b, $dst, $gfpoly, $t0, $t1, $t2 ) = @_;
- my $code = "";
- for my $i ( 0 .. 9 ) {
- $code .= _ghash_mul_step $i, $a, $b, $dst, $gfpoly, $t0, $t1, $t2;
- }
- return $code;
-}
-
-# GHASH-multiply the 128-bit lanes of \a by the 128-bit lanes of \b and add the
-# *unreduced* products to \lo, \mi, and \hi.
-sub _ghash_mul_noreduce {
- my ( $a, $b, $lo, $mi, $hi, $t0, $t1, $t2, $t3 ) = @_;
- return <<___;
- vpclmulqdq \$0x00, $a, $b, $t0 # a_L * b_L
- vpclmulqdq \$0x01, $a, $b, $t1 # a_L * b_H
- vpclmulqdq \$0x10, $a, $b, $t2 # a_H * b_L
- vpclmulqdq \$0x11, $a, $b, $t3 # a_H * b_H
- vpxord $t0, $lo, $lo
- vpternlogd \$0x96, $t2, $t1, $mi
- vpxord $t3, $hi, $hi
-___
-}
-
-# Reduce the unreduced products from \lo, \mi, and \hi and store the 128-bit
-# reduced products in \hi. See _ghash_mul_step for explanation of reduction.
-sub _ghash_reduce {
- my ( $lo, $mi, $hi, $gfpoly, $t0 ) = @_;
- return <<___;
- vpclmulqdq \$0x01, $lo, $gfpoly, $t0
- vpshufd \$0x4e, $lo, $lo
- vpternlogd \$0x96, $t0, $lo, $mi
- vpclmulqdq \$0x01, $mi, $gfpoly, $t0
- vpshufd \$0x4e, $mi, $mi
- vpternlogd \$0x96, $t0, $mi, $hi
-___
-}
-
-$g_init_macro_expansion_count = 0;
-
-# void gcm_init_##suffix(u128 Htable[16], const uint64_t H[2]);
-#
-# Initialize |Htable| with powers of the GHASH subkey |H|.
-#
-# The powers are stored in the order H^NUM_H_POWERS to H^1.
-#
-# This macro supports both VL=32 and VL=64. _set_veclen must have been invoked
-# with the desired length. In the VL=32 case, the function computes twice as
-# many key powers than are actually used by the VL=32 GCM update functions.
-# This is done to keep the key format the same regardless of vector length.
-sub _aes_gcm_init {
- my $local_label_suffix = "__func" . ++$g_init_macro_expansion_count;
-
- # Function arguments
- my ( $HTABLE, $H_PTR ) = @argregs[ 0 .. 1 ];
-
- # Additional local variables. V0-V2 and %rax are used as temporaries.
- my $POWERS_PTR = "%r8";
- my $RNDKEYLAST_PTR = "%r9";
- my ( $H_CUR, $H_CUR_YMM, $H_CUR_XMM ) = ( "$V3", "%ymm3", "%xmm3" );
- my ( $H_INC, $H_INC_YMM, $H_INC_XMM ) = ( "$V4", "%ymm4", "%xmm4" );
- my ( $GFPOLY, $GFPOLY_YMM, $GFPOLY_XMM ) = ( "$V5", "%ymm5", "%xmm5" );
-
- my $code = <<___;
- # Get pointer to lowest set of key powers (located at end of array).
- lea $OFFSETOFEND_H_POWERS-$VL($HTABLE), $POWERS_PTR
-
- # Load the byte-reflected hash subkey. BoringSSL provides it in
- # byte-reflected form except the two halves are in the wrong order.
- vpshufd \$0x4e, ($H_PTR), $H_CUR_XMM
-
- # Finish preprocessing the first key power, H^1. Since this GHASH
- # implementation operates directly on values with the backwards bit
- # order specified by the GCM standard, it's necessary to preprocess the
- # raw key as follows. First, reflect its bytes. Second, multiply it
- # by x^-1 mod x^128 + x^7 + x^2 + x + 1 (if using the backwards
- # interpretation of polynomial coefficients), which can also be
- # interpreted as multiplication by x mod x^128 + x^127 + x^126 + x^121
- # + 1 using the alternative, natural interpretation of polynomial
- # coefficients. For details, see the comment above _ghash_mul_step.
- #
- # Either way, for the multiplication the concrete operation performed
- # is a left shift of the 128-bit value by 1 bit, then an XOR with (0xc2
- # << 120) | 1 if a 1 bit was carried out. However, there's no 128-bit
- # wide shift instruction, so instead double each of the two 64-bit
- # halves and incorporate the internal carry bit into the value XOR'd.
- vpshufd \$0xd3, $H_CUR_XMM, %xmm0
- vpsrad \$31, %xmm0, %xmm0
- vpaddq $H_CUR_XMM, $H_CUR_XMM, $H_CUR_XMM
- # H_CUR_XMM ^= xmm0 & gfpoly_and_internal_carrybit
- vpternlogd \$0x78, .Lgfpoly_and_internal_carrybit(%rip), %xmm0, $H_CUR_XMM
-
- # Load the gfpoly constant.
- vbroadcasti32x4 .Lgfpoly(%rip), $GFPOLY
-
- # Square H^1 to get H^2.
- #
- # Note that as with H^1, all higher key powers also need an extra
- # factor of x^-1 (or x using the natural interpretation). Nothing
- # special needs to be done to make this happen, though: H^1 * H^1 would
- # end up with two factors of x^-1, but the multiplication consumes one.
- # So the product H^2 ends up with the desired one factor of x^-1.
- @{[ _ghash_mul $H_CUR_XMM, $H_CUR_XMM, $H_INC_XMM, $GFPOLY_XMM,
- "%xmm0", "%xmm1", "%xmm2" ]}
-
- # Create H_CUR_YMM = [H^2, H^1] and H_INC_YMM = [H^2, H^2].
- vinserti128 \$1, $H_CUR_XMM, $H_INC_YMM, $H_CUR_YMM
- vinserti128 \$1, $H_INC_XMM, $H_INC_YMM, $H_INC_YMM
-___
-
- if ( $VL == 64 ) {
-
- # Create H_CUR = [H^4, H^3, H^2, H^1] and H_INC = [H^4, H^4, H^4, H^4].
- $code .= <<___;
- @{[ _ghash_mul $H_INC_YMM, $H_CUR_YMM, $H_INC_YMM, $GFPOLY_YMM,
- "%ymm0", "%ymm1", "%ymm2" ]}
- vinserti64x4 \$1, $H_CUR_YMM, $H_INC, $H_CUR
- vshufi64x2 \$0, $H_INC, $H_INC, $H_INC
-___
- }
-
- $code .= <<___;
- # Store the lowest set of key powers.
- vmovdqu8 $H_CUR, ($POWERS_PTR)
-
- # Compute and store the remaining key powers. With VL=32, repeatedly
- # multiply [H^(i+1), H^i] by [H^2, H^2] to get [H^(i+3), H^(i+2)].
- # With VL=64, repeatedly multiply [H^(i+3), H^(i+2), H^(i+1), H^i] by
- # [H^4, H^4, H^4, H^4] to get [H^(i+7), H^(i+6), H^(i+5), H^(i+4)].
- mov \$@{[ $NUM_H_POWERS*16/$VL - 1 ]}, %eax
-.Lprecompute_next$local_label_suffix:
- sub \$$VL, $POWERS_PTR
- @{[ _ghash_mul $H_INC, $H_CUR, $H_CUR, $GFPOLY, $V0, $V1, $V2 ]}
- vmovdqu8 $H_CUR, ($POWERS_PTR)
- dec %eax
- jnz .Lprecompute_next$local_label_suffix
-
- vzeroupper # This is needed after using ymm or zmm registers.
-___
- return $code;
-}
-
-# XOR together the 128-bit lanes of \src (whose low lane is \src_xmm) and store
-# the result in \dst_xmm. This implicitly zeroizes the other lanes of dst.
-sub _horizontal_xor {
- my ( $src, $src_xmm, $dst_xmm, $t0_xmm, $t1_xmm, $t2_xmm ) = @_;
- if ( $VL == 32 ) {
- return <<___;
- vextracti32x4 \$1, $src, $t0_xmm
- vpxord $t0_xmm, $src_xmm, $dst_xmm
-___
- }
- elsif ( $VL == 64 ) {
- return <<___;
- vextracti32x4 \$1, $src, $t0_xmm
- vextracti32x4 \$2, $src, $t1_xmm
- vextracti32x4 \$3, $src, $t2_xmm
- vpxord $t0_xmm, $src_xmm, $dst_xmm
- vpternlogd \$0x96, $t1_xmm, $t2_xmm, $dst_xmm
-___
- }
- else {
- die "Unsupported vector length";
- }
-}
-
-# Do one step of the GHASH update of the data blocks given in the vector
-# registers GHASHDATA[0-3]. \i specifies the step to do, 0 through 9. The
-# division into steps allows users of this macro to optionally interleave the
-# computation with other instructions. This macro uses the vector register
-# GHASH_ACC as input/output; GHASHDATA[0-3] as inputs that are clobbered;
-# H_POW[4-1], GFPOLY, and BSWAP_MASK as inputs that aren't clobbered; and
-# GHASHTMP[0-2] as temporaries. This macro handles the byte-reflection of the
-# data blocks. The parameter registers must be preserved across steps.
-#
-# The GHASH update does: GHASH_ACC = H_POW4*(GHASHDATA0 + GHASH_ACC) +
-# H_POW3*GHASHDATA1 + H_POW2*GHASHDATA2 + H_POW1*GHASHDATA3, where the
-# operations are vectorized operations on vectors of 16-byte blocks. E.g.,
-# with VL=32 there are 2 blocks per vector and the vectorized terms correspond
-# to the following non-vectorized terms:
-#
-# H_POW4*(GHASHDATA0 + GHASH_ACC) => H^8*(blk0 + GHASH_ACC_XMM) and H^7*(blk1 + 0)
-# H_POW3*GHASHDATA1 => H^6*blk2 and H^5*blk3
-# H_POW2*GHASHDATA2 => H^4*blk4 and H^3*blk5
-# H_POW1*GHASHDATA3 => H^2*blk6 and H^1*blk7
-#
-# With VL=64, we use 4 blocks/vector, H^16 through H^1, and blk0 through blk15.
-#
-# More concretely, this code does:
-# - Do vectorized "schoolbook" multiplications to compute the intermediate
-# 256-bit product of each block and its corresponding hash key power.
-# There are 4*VL/16 of these intermediate products.
-# - Sum (XOR) the intermediate 256-bit products across vectors. This leaves
-# VL/16 256-bit intermediate values.
-# - Do a vectorized reduction of these 256-bit intermediate values to
-# 128-bits each. This leaves VL/16 128-bit intermediate values.
-# - Sum (XOR) these values and store the 128-bit result in GHASH_ACC_XMM.
-#
-# See _ghash_mul_step for the full explanation of the operations performed for
-# each individual finite field multiplication and reduction.
-sub _ghash_step_4x {
- my ($i) = @_;
- if ( $i == 0 ) {
- return <<___;
- vpshufb $BSWAP_MASK, $GHASHDATA0, $GHASHDATA0
- vpxord $GHASH_ACC, $GHASHDATA0, $GHASHDATA0
- vpshufb $BSWAP_MASK, $GHASHDATA1, $GHASHDATA1
- vpshufb $BSWAP_MASK, $GHASHDATA2, $GHASHDATA2
-___
- }
- elsif ( $i == 1 ) {
- return <<___;
- vpshufb $BSWAP_MASK, $GHASHDATA3, $GHASHDATA3
- vpclmulqdq \$0x00, $H_POW4, $GHASHDATA0, $GHASH_ACC # LO_0
- vpclmulqdq \$0x00, $H_POW3, $GHASHDATA1, $GHASHTMP0 # LO_1
- vpclmulqdq \$0x00, $H_POW2, $GHASHDATA2, $GHASHTMP1 # LO_2
-___
- }
- elsif ( $i == 2 ) {
- return <<___;
- vpxord $GHASHTMP0, $GHASH_ACC, $GHASH_ACC # sum(LO_{1,0})
- vpclmulqdq \$0x00, $H_POW1, $GHASHDATA3, $GHASHTMP2 # LO_3
- vpternlogd \$0x96, $GHASHTMP2, $GHASHTMP1, $GHASH_ACC # LO = sum(LO_{3,2,1,0})
- vpclmulqdq \$0x01, $H_POW4, $GHASHDATA0, $GHASHTMP0 # MI_0
-___
- }
- elsif ( $i == 3 ) {
- return <<___;
- vpclmulqdq \$0x01, $H_POW3, $GHASHDATA1, $GHASHTMP1 # MI_1
- vpclmulqdq \$0x01, $H_POW2, $GHASHDATA2, $GHASHTMP2 # MI_2
- vpternlogd \$0x96, $GHASHTMP2, $GHASHTMP1, $GHASHTMP0 # sum(MI_{2,1,0})
- vpclmulqdq \$0x01, $H_POW1, $GHASHDATA3, $GHASHTMP1 # MI_3
-___
- }
- elsif ( $i == 4 ) {
- return <<___;
- vpclmulqdq \$0x10, $H_POW4, $GHASHDATA0, $GHASHTMP2 # MI_4
- vpternlogd \$0x96, $GHASHTMP2, $GHASHTMP1, $GHASHTMP0 # sum(MI_{4,3,2,1,0})
- vpclmulqdq \$0x10, $H_POW3, $GHASHDATA1, $GHASHTMP1 # MI_5
- vpclmulqdq \$0x10, $H_POW2, $GHASHDATA2, $GHASHTMP2 # MI_6
-___
- }
- elsif ( $i == 5 ) {
- return <<___;
- vpternlogd \$0x96, $GHASHTMP2, $GHASHTMP1, $GHASHTMP0 # sum(MI_{6,5,4,3,2,1,0})
- vpclmulqdq \$0x01, $GHASH_ACC, $GFPOLY, $GHASHTMP2 # LO_L*(x^63 + x^62 + x^57)
- vpclmulqdq \$0x10, $H_POW1, $GHASHDATA3, $GHASHTMP1 # MI_7
- vpxord $GHASHTMP1, $GHASHTMP0, $GHASHTMP0 # MI = sum(MI_{7,6,5,4,3,2,1,0})
-___
- }
- elsif ( $i == 6 ) {
- return <<___;
- vpshufd \$0x4e, $GHASH_ACC, $GHASH_ACC # Swap halves of LO
- vpclmulqdq \$0x11, $H_POW4, $GHASHDATA0, $GHASHDATA0 # HI_0
- vpclmulqdq \$0x11, $H_POW3, $GHASHDATA1, $GHASHDATA1 # HI_1
- vpclmulqdq \$0x11, $H_POW2, $GHASHDATA2, $GHASHDATA2 # HI_2
-___
- }
- elsif ( $i == 7 ) {
- return <<___;
- vpternlogd \$0x96, $GHASHTMP2, $GHASH_ACC, $GHASHTMP0 # Fold LO into MI
- vpclmulqdq \$0x11, $H_POW1, $GHASHDATA3, $GHASHDATA3 # HI_3
- vpternlogd \$0x96, $GHASHDATA2, $GHASHDATA1, $GHASHDATA0 # sum(HI_{2,1,0})
- vpclmulqdq \$0x01, $GHASHTMP0, $GFPOLY, $GHASHTMP1 # MI_L*(x^63 + x^62 + x^57)
-___
- }
- elsif ( $i == 8 ) {
- return <<___;
- vpxord $GHASHDATA3, $GHASHDATA0, $GHASH_ACC # HI = sum(HI_{3,2,1,0})
- vpshufd \$0x4e, $GHASHTMP0, $GHASHTMP0 # Swap halves of MI
- vpternlogd \$0x96, $GHASHTMP1, $GHASHTMP0, $GHASH_ACC # Fold MI into HI
-___
- }
- elsif ( $i == 9 ) {
- return _horizontal_xor $GHASH_ACC, $GHASH_ACC_XMM, $GHASH_ACC_XMM,
- $GHASHDATA0_XMM, $GHASHDATA1_XMM, $GHASHDATA2_XMM;
- }
-}
-
-# Update GHASH with the blocks given in GHASHDATA[0-3].
-# See _ghash_step_4x for full explanation.
-sub _ghash_4x {
- my $code = "";
- for my $i ( 0 .. 9 ) {
- $code .= _ghash_step_4x $i;
- }
- return $code;
-}
-
-$g_ghash_macro_expansion_count = 0;
-
-# void gcm_ghash_##suffix(uint8_t Xi[16], const u128 Htable[16],
-# const uint8_t *in, size_t len);
-#
-# This macro generates the body of a GHASH update function with the above
-# prototype. This macro supports both VL=32 and VL=64. _set_veclen must have
-# been invoked with the desired length.
-#
-# The generated function processes the AAD (Additional Authenticated Data) in
-# GCM. Using the key |Htable|, it updates the GHASH accumulator |Xi| with the
-# data given by |in| and |len|. On the first call, |Xi| must be all zeroes.
-# |len| must be a multiple of 16.
-#
-# This function handles large amounts of AAD efficiently, while also keeping the
-# overhead low for small amounts of AAD which is the common case. TLS uses less
-# than one block of AAD, but (uncommonly) other use cases may use much more.
-sub _ghash_update {
- my $local_label_suffix = "__func" . ++$g_ghash_macro_expansion_count;
- my $code = "";
-
- # Function arguments
- my ( $GHASH_ACC_PTR, $H_POWERS, $AAD, $AADLEN ) = @argregs[ 0 .. 3 ];
-
- # Additional local variables
- ( $GHASHDATA0, $GHASHDATA0_XMM ) = ( $V0, "%xmm0" );
- ( $GHASHDATA1, $GHASHDATA1_XMM ) = ( $V1, "%xmm1" );
- ( $GHASHDATA2, $GHASHDATA2_XMM ) = ( $V2, "%xmm2" );
- ( $GHASHDATA3, $GHASHDATA3_XMM ) = ( $V3, "%xmm3" );
- ( $BSWAP_MASK, $BSWAP_MASK_XMM ) = ( $V4, "%xmm4" );
- ( $GHASH_ACC, $GHASH_ACC_XMM ) = ( $V5, "%xmm5" );
- ( $H_POW4, $H_POW3, $H_POW2 ) = ( $V6, $V7, $V8 );
- ( $H_POW1, $H_POW1_XMM ) = ( $V9, "%xmm9" );
- ( $GFPOLY, $GFPOLY_XMM ) = ( $V10, "%xmm10" );
- ( $GHASHTMP0, $GHASHTMP1, $GHASHTMP2 ) = ( $V11, $V12, $V13 );
-
- $code .= <<___;
- @{[ _save_xmmregs (6 .. 13) ]}
- .seh_endprologue
-
- # Load the bswap_mask and gfpoly constants. Since AADLEN is usually small,
- # usually only 128-bit vectors will be used. So as an optimization, don't
- # broadcast these constants to all 128-bit lanes quite yet.
- vmovdqu .Lbswap_mask(%rip), $BSWAP_MASK_XMM
- vmovdqu .Lgfpoly(%rip), $GFPOLY_XMM
-
- # Load the GHASH accumulator.
- vmovdqu ($GHASH_ACC_PTR), $GHASH_ACC_XMM
- vpshufb $BSWAP_MASK_XMM, $GHASH_ACC_XMM, $GHASH_ACC_XMM
-
- # Optimize for AADLEN < VL by checking for AADLEN < VL before AADLEN < 4*VL.
- cmp \$$VL, $AADLEN
- jb .Laad_blockbyblock$local_label_suffix
-
- # AADLEN >= VL, so we'll operate on full vectors. Broadcast bswap_mask and
- # gfpoly to all 128-bit lanes.
- vshufi64x2 \$0, $BSWAP_MASK, $BSWAP_MASK, $BSWAP_MASK
- vshufi64x2 \$0, $GFPOLY, $GFPOLY, $GFPOLY
-
- # Load the lowest set of key powers.
- vmovdqu8 $OFFSETOFEND_H_POWERS-1*$VL($H_POWERS), $H_POW1
-
- cmp \$4*$VL-1, $AADLEN
- jbe .Laad_loop_1x$local_label_suffix
-
- # AADLEN >= 4*VL. Load the higher key powers.
- vmovdqu8 $OFFSETOFEND_H_POWERS-4*$VL($H_POWERS), $H_POW4
- vmovdqu8 $OFFSETOFEND_H_POWERS-3*$VL($H_POWERS), $H_POW3
- vmovdqu8 $OFFSETOFEND_H_POWERS-2*$VL($H_POWERS), $H_POW2
-
- # Update GHASH with 4*VL bytes of AAD at a time.
-.Laad_loop_4x$local_label_suffix:
- vmovdqu8 0*$VL($AAD), $GHASHDATA0
- vmovdqu8 1*$VL($AAD), $GHASHDATA1
- vmovdqu8 2*$VL($AAD), $GHASHDATA2
- vmovdqu8 3*$VL($AAD), $GHASHDATA3
- @{[ _ghash_4x ]}
- sub \$-4*$VL, $AAD # shorter than 'add 4*VL' when VL=32
- add \$-4*$VL, $AADLEN
- cmp \$4*$VL-1, $AADLEN
- ja .Laad_loop_4x$local_label_suffix
-
- # Update GHASH with VL bytes of AAD at a time.
- cmp \$$VL, $AADLEN
- jb .Laad_large_done$local_label_suffix
-.Laad_loop_1x$local_label_suffix:
- vmovdqu8 ($AAD), $GHASHDATA0
- vpshufb $BSWAP_MASK, $GHASHDATA0, $GHASHDATA0
- vpxord $GHASHDATA0, $GHASH_ACC, $GHASH_ACC
- @{[ _ghash_mul $H_POW1, $GHASH_ACC, $GHASH_ACC, $GFPOLY,
- $GHASHDATA0, $GHASHDATA1, $GHASHDATA2 ]}
- @{[ _horizontal_xor $GHASH_ACC, $GHASH_ACC_XMM, $GHASH_ACC_XMM,
- $GHASHDATA0_XMM, $GHASHDATA1_XMM, $GHASHDATA2_XMM ]}
- add \$$VL, $AAD
- sub \$$VL, $AADLEN
- cmp \$$VL, $AADLEN
- jae .Laad_loop_1x$local_label_suffix
-
-.Laad_large_done$local_label_suffix:
- # Issue the vzeroupper that is needed after using ymm or zmm registers.
- # Do it here instead of at the end, to minimize overhead for small AADLEN.
- vzeroupper
-
- # GHASH the remaining data 16 bytes at a time, using xmm registers only.
-.Laad_blockbyblock$local_label_suffix:
- test $AADLEN, $AADLEN
- jz .Laad_done$local_label_suffix
- vmovdqu $OFFSETOFEND_H_POWERS-16($H_POWERS), $H_POW1_XMM
-.Laad_loop_blockbyblock$local_label_suffix:
- vmovdqu ($AAD), $GHASHDATA0_XMM
- vpshufb $BSWAP_MASK_XMM, $GHASHDATA0_XMM, $GHASHDATA0_XMM
- vpxor $GHASHDATA0_XMM, $GHASH_ACC_XMM, $GHASH_ACC_XMM
- @{[ _ghash_mul $H_POW1_XMM, $GHASH_ACC_XMM, $GHASH_ACC_XMM, $GFPOLY_XMM,
- $GHASHDATA0_XMM, $GHASHDATA1_XMM, $GHASHDATA2_XMM ]}
- add \$16, $AAD
- sub \$16, $AADLEN
- jnz .Laad_loop_blockbyblock$local_label_suffix
-
-.Laad_done$local_label_suffix:
- # Store the updated GHASH accumulator back to memory.
- vpshufb $BSWAP_MASK_XMM, $GHASH_ACC_XMM, $GHASH_ACC_XMM
- vmovdqu $GHASH_ACC_XMM, ($GHASH_ACC_PTR)
-___
- return $code;
-}
-
-# Do one non-last round of AES encryption on the counter blocks in V0-V3 using
-# the round key that has been broadcast to all 128-bit lanes of \round_key.
-sub _vaesenc_4x {
- my ($round_key) = @_;
- return <<___;
- vaesenc $round_key, $V0, $V0
- vaesenc $round_key, $V1, $V1
- vaesenc $round_key, $V2, $V2
- vaesenc $round_key, $V3, $V3
-___
-}
-
-# Start the AES encryption of four vectors of counter blocks.
-sub _ctr_begin_4x {
- return <<___;
- # Increment LE_CTR four times to generate four vectors of little-endian
- # counter blocks, swap each to big-endian, and store them in V0-V3.
- vpshufb $BSWAP_MASK, $LE_CTR, $V0
- vpaddd $LE_CTR_INC, $LE_CTR, $LE_CTR
- vpshufb $BSWAP_MASK, $LE_CTR, $V1
- vpaddd $LE_CTR_INC, $LE_CTR, $LE_CTR
- vpshufb $BSWAP_MASK, $LE_CTR, $V2
- vpaddd $LE_CTR_INC, $LE_CTR, $LE_CTR
- vpshufb $BSWAP_MASK, $LE_CTR, $V3
- vpaddd $LE_CTR_INC, $LE_CTR, $LE_CTR
-
- # AES "round zero": XOR in the zero-th round key.
- vpxord $RNDKEY0, $V0, $V0
- vpxord $RNDKEY0, $V1, $V1
- vpxord $RNDKEY0, $V2, $V2
- vpxord $RNDKEY0, $V3, $V3
-___
-}
-
-# Do the last AES round for four vectors of counter blocks V0-V3, XOR source
-# data with the resulting keystream, and write the result to DST and
-# GHASHDATA[0-3]. (Implementation differs slightly, but has the same effect.)
-sub _aesenclast_and_xor_4x {
- return <<___;
- # XOR the source data with the last round key, saving the result in
- # GHASHDATA[0-3]. This reduces latency by taking advantage of the
- # property vaesenclast(key, a) ^ b == vaesenclast(key ^ b, a).
- vpxord 0*$VL($SRC), $RNDKEYLAST, $GHASHDATA0
- vpxord 1*$VL($SRC), $RNDKEYLAST, $GHASHDATA1
- vpxord 2*$VL($SRC), $RNDKEYLAST, $GHASHDATA2
- vpxord 3*$VL($SRC), $RNDKEYLAST, $GHASHDATA3
-
- # Do the last AES round. This handles the XOR with the source data
- # too, as per the optimization described above.
- vaesenclast $GHASHDATA0, $V0, $GHASHDATA0
- vaesenclast $GHASHDATA1, $V1, $GHASHDATA1
- vaesenclast $GHASHDATA2, $V2, $GHASHDATA2
- vaesenclast $GHASHDATA3, $V3, $GHASHDATA3
-
- # Store the en/decrypted data to DST.
- vmovdqu8 $GHASHDATA0, 0*$VL($DST)
- vmovdqu8 $GHASHDATA1, 1*$VL($DST)
- vmovdqu8 $GHASHDATA2, 2*$VL($DST)
- vmovdqu8 $GHASHDATA3, 3*$VL($DST)
-___
-}
-
-$g_update_macro_expansion_count = 0;
-
-# void aes_gcm_{enc,dec}_update_##suffix(const uint8_t *in, uint8_t *out,
-# size_t len, const AES_KEY *key,
-# const uint8_t ivec[16],
-# const u128 Htable[16],
-# uint8_t Xi[16]);
-#
-# This macro generates a GCM encryption or decryption update function with the
-# above prototype (with \enc selecting which one). This macro supports both
-# VL=32 and VL=64. _set_veclen must have been invoked with the desired length.
-#
-# This function computes the next portion of the CTR keystream, XOR's it with
-# |len| bytes from |in|, and writes the resulting encrypted or decrypted data
-# to |out|. It also updates the GHASH accumulator |Xi| using the next |len|
-# ciphertext bytes.
-#
-# |len| must be a multiple of 16, except on the last call where it can be any
-# length. The caller must do any buffering needed to ensure this. Both
-# in-place and out-of-place en/decryption are supported.
-#
-# |ivec| must give the current counter in big-endian format. This function
-# loads the counter from |ivec| and increments the loaded counter as needed, but
-# it does *not* store the updated counter back to |ivec|. The caller must
-# update |ivec| if any more data segments follow. Internally, only the low
-# 32-bit word of the counter is incremented, following the GCM standard.
-sub _aes_gcm_update {
- my $local_label_suffix = "__func" . ++$g_update_macro_expansion_count;
-
- my ($enc) = @_;
-
- my $code = "";
-
- # Function arguments
- ( $SRC, $DST, $DATALEN, $AESKEY, $BE_CTR_PTR, $H_POWERS, $GHASH_ACC_PTR ) =
- $win64
- ? ( @argregs[ 0 .. 3 ], "%rsi", "%rdi", "%r12" )
- : ( @argregs[ 0 .. 5 ], "%r12" );
-
- # Additional local variables
-
- # %rax, %k1, and %k2 are used as temporary registers. BE_CTR_PTR is
- # also available as a temporary register after the counter is loaded.
-
- # AES key length in bytes
- ( $AESKEYLEN, $AESKEYLEN64 ) = ( "%r10d", "%r10" );
-
- # Pointer to the last AES round key for the chosen AES variant
- $RNDKEYLAST_PTR = "%r11";
-
- # In the main loop, V0-V3 are used as AES input and output. Elsewhere
- # they are used as temporary registers.
-
- # GHASHDATA[0-3] hold the ciphertext blocks and GHASH input data.
- ( $GHASHDATA0, $GHASHDATA0_XMM ) = ( $V4, "%xmm4" );
- ( $GHASHDATA1, $GHASHDATA1_XMM ) = ( $V5, "%xmm5" );
- ( $GHASHDATA2, $GHASHDATA2_XMM ) = ( $V6, "%xmm6" );
- ( $GHASHDATA3, $GHASHDATA3_XMM ) = ( $V7, "%xmm7" );
-
- # BSWAP_MASK is the shuffle mask for byte-reflecting 128-bit values
- # using vpshufb, copied to all 128-bit lanes.
- ( $BSWAP_MASK, $BSWAP_MASK_XMM ) = ( $V8, "%xmm8" );
-
- # RNDKEY temporarily holds the next AES round key.
- $RNDKEY = $V9;
-
- # GHASH_ACC is the accumulator variable for GHASH. When fully reduced,
- # only the lowest 128-bit lane can be nonzero. When not fully reduced,
- # more than one lane may be used, and they need to be XOR'd together.
- ( $GHASH_ACC, $GHASH_ACC_XMM ) = ( $V10, "%xmm10" );
-
- # LE_CTR_INC is the vector of 32-bit words that need to be added to a
- # vector of little-endian counter blocks to advance it forwards.
- $LE_CTR_INC = $V11;
-
- # LE_CTR contains the next set of little-endian counter blocks.
- $LE_CTR = $V12;
-
- # RNDKEY0, RNDKEYLAST, and RNDKEY_M[9-1] contain cached AES round keys,
- # copied to all 128-bit lanes. RNDKEY0 is the zero-th round key,
- # RNDKEYLAST the last, and RNDKEY_M\i the one \i-th from the last.
- (
- $RNDKEY0, $RNDKEYLAST, $RNDKEY_M9, $RNDKEY_M8,
- $RNDKEY_M7, $RNDKEY_M6, $RNDKEY_M5, $RNDKEY_M4,
- $RNDKEY_M3, $RNDKEY_M2, $RNDKEY_M1
- ) = ( $V13, $V14, $V15, $V16, $V17, $V18, $V19, $V20, $V21, $V22, $V23 );
-
- # GHASHTMP[0-2] are temporary variables used by _ghash_step_4x. These
- # cannot coincide with anything used for AES encryption, since for
- # performance reasons GHASH and AES encryption are interleaved.
- ( $GHASHTMP0, $GHASHTMP1, $GHASHTMP2 ) = ( $V24, $V25, $V26 );
-
- # H_POW[4-1] contain the powers of the hash key H^(4*VL/16)...H^1. The
- # descending numbering reflects the order of the key powers.
- ( $H_POW4, $H_POW3, $H_POW2, $H_POW1 ) = ( $V27, $V28, $V29, $V30 );
-
- # GFPOLY contains the .Lgfpoly constant, copied to all 128-bit lanes.
- $GFPOLY = $V31;
-
- if ($win64) {
- $code .= <<___;
- @{[ _save_gpregs $BE_CTR_PTR, $H_POWERS, $GHASH_ACC_PTR ]}
- mov 64(%rsp), $BE_CTR_PTR # arg5
- mov 72(%rsp), $H_POWERS # arg6
- mov 80(%rsp), $GHASH_ACC_PTR # arg7
- @{[ _save_xmmregs (6 .. 15) ]}
- .seh_endprologue
-___
- }
- else {
- $code .= <<___;
- @{[ _save_gpregs $GHASH_ACC_PTR ]}
- mov 16(%rsp), $GHASH_ACC_PTR # arg7
-___
- }
-
- if ($enc) {
- $code .= <<___;
-#ifdef BORINGSSL_DISPATCH_TEST
- .extern BORINGSSL_function_hit
- movb \$1,BORINGSSL_function_hit+@{[ $VL < 64 ? 6 : 7 ]}(%rip)
-#endif
-___
- }
- $code .= <<___;
- # Load some constants.
- vbroadcasti32x4 .Lbswap_mask(%rip), $BSWAP_MASK
- vbroadcasti32x4 .Lgfpoly(%rip), $GFPOLY
-
- # Load the GHASH accumulator and the starting counter.
- # BoringSSL passes these values in big endian format.
- vmovdqu ($GHASH_ACC_PTR), $GHASH_ACC_XMM
- vpshufb $BSWAP_MASK_XMM, $GHASH_ACC_XMM, $GHASH_ACC_XMM
- vbroadcasti32x4 ($BE_CTR_PTR), $LE_CTR
- vpshufb $BSWAP_MASK, $LE_CTR, $LE_CTR
-
- # Load the AES key length in bytes. BoringSSL stores number of rounds
- # minus 1, so convert using: AESKEYLEN = 4 * aeskey->rounds - 20.
- movl $OFFSETOF_AES_ROUNDS($AESKEY), $AESKEYLEN
- lea -20(,$AESKEYLEN,4), $AESKEYLEN
-
- # Make RNDKEYLAST_PTR point to the last AES round key. This is the
- # round key with index 10, 12, or 14 for AES-128, AES-192, or AES-256
- # respectively. Then load the zero-th and last round keys.
- lea 6*16($AESKEY,$AESKEYLEN64,4), $RNDKEYLAST_PTR
- vbroadcasti32x4 ($AESKEY), $RNDKEY0
- vbroadcasti32x4 ($RNDKEYLAST_PTR), $RNDKEYLAST
-
- # Finish initializing LE_CTR by adding [0, 1, ...] to its low words.
- vpaddd .Lctr_pattern(%rip), $LE_CTR, $LE_CTR
-
- # Initialize LE_CTR_INC to contain VL/16 in all 128-bit lanes.
- vbroadcasti32x4 .Linc_@{[ $VL / 16 ]}blocks(%rip), $LE_CTR_INC
-
- # If there are at least 4*VL bytes of data, then continue into the loop
- # that processes 4*VL bytes of data at a time. Otherwise skip it.
- cmp \$4*$VL-1, $DATALEN
- jbe .Lcrypt_loop_4x_done$local_label_suffix
-
- # Load powers of the hash key.
- vmovdqu8 $OFFSETOFEND_H_POWERS-4*$VL($H_POWERS), $H_POW4
- vmovdqu8 $OFFSETOFEND_H_POWERS-3*$VL($H_POWERS), $H_POW3
- vmovdqu8 $OFFSETOFEND_H_POWERS-2*$VL($H_POWERS), $H_POW2
- vmovdqu8 $OFFSETOFEND_H_POWERS-1*$VL($H_POWERS), $H_POW1
-___
-
- # Main loop: en/decrypt and hash 4 vectors at a time.
- #
- # When possible, interleave the AES encryption of the counter blocks
- # with the GHASH update of the ciphertext blocks. This improves
- # performance on many CPUs because the execution ports used by the VAES
- # instructions often differ from those used by vpclmulqdq and other
- # instructions used in GHASH. For example, many Intel CPUs dispatch
- # vaesenc to ports 0 and 1 and vpclmulqdq to port 5.
- #
- # The interleaving is easiest to do during decryption, since during
- # decryption the ciphertext blocks are immediately available. For
- # encryption, instead encrypt the first set of blocks, then hash those
- # blocks while encrypting the next set of blocks, repeat that as
- # needed, and finally hash the last set of blocks.
-
- if ($enc) {
- $code .= <<___;
- # Encrypt the first 4 vectors of plaintext blocks. Leave the resulting
- # ciphertext in GHASHDATA[0-3] for GHASH.
- @{[ _ctr_begin_4x ]}
- lea 16($AESKEY), %rax
-.Lvaesenc_loop_first_4_vecs$local_label_suffix:
- vbroadcasti32x4 (%rax), $RNDKEY
- @{[ _vaesenc_4x $RNDKEY ]}
- add \$16, %rax
- cmp %rax, $RNDKEYLAST_PTR
- jne .Lvaesenc_loop_first_4_vecs$local_label_suffix
- @{[ _aesenclast_and_xor_4x ]}
- sub \$-4*$VL, $SRC # shorter than 'add 4*VL' when VL=32
- sub \$-4*$VL, $DST
- add \$-4*$VL, $DATALEN
- cmp \$4*$VL-1, $DATALEN
- jbe .Lghash_last_ciphertext_4x$local_label_suffix
-___
- }
-
- # Cache as many additional AES round keys as possible.
- for my $i ( reverse 1 .. 9 ) {
- $code .= <<___;
- vbroadcasti32x4 -$i*16($RNDKEYLAST_PTR), ${"RNDKEY_M$i"}
-___
- }
-
- $code .= <<___;
-.Lcrypt_loop_4x$local_label_suffix:
-___
-
- # If decrypting, load more ciphertext blocks into GHASHDATA[0-3]. If
- # encrypting, GHASHDATA[0-3] already contain the previous ciphertext.
- if ( !$enc ) {
- $code .= <<___;
- vmovdqu8 0*$VL($SRC), $GHASHDATA0
- vmovdqu8 1*$VL($SRC), $GHASHDATA1
- vmovdqu8 2*$VL($SRC), $GHASHDATA2
- vmovdqu8 3*$VL($SRC), $GHASHDATA3
-___
- }
-
- $code .= <<___;
- # Start the AES encryption of the counter blocks.
- @{[ _ctr_begin_4x ]}
- cmp \$24, $AESKEYLEN
- jl .Laes128$local_label_suffix
- je .Laes192$local_label_suffix
- # AES-256
- vbroadcasti32x4 -13*16($RNDKEYLAST_PTR), $RNDKEY
- @{[ _vaesenc_4x $RNDKEY ]}
- vbroadcasti32x4 -12*16($RNDKEYLAST_PTR), $RNDKEY
- @{[ _vaesenc_4x $RNDKEY ]}
-.Laes192$local_label_suffix:
- vbroadcasti32x4 -11*16($RNDKEYLAST_PTR), $RNDKEY
- @{[ _vaesenc_4x $RNDKEY ]}
- vbroadcasti32x4 -10*16($RNDKEYLAST_PTR), $RNDKEY
- @{[ _vaesenc_4x $RNDKEY ]}
-.Laes128$local_label_suffix:
-___
-
- # Prefetch the source data 512 bytes ahead into the L1 data cache, to
- # improve performance when the hardware prefetcher is disabled. Assumes the
- # L1 data cache line size is 64 bytes (de facto standard on x86_64).
- for ( my $i = 0 ; $i < 4 * $VL ; $i += 64 ) {
- $code .= "prefetcht0 512+$i($SRC)\n";
- }
-
- # Finish the AES encryption of the counter blocks in V0-V3, interleaved
- # with the GHASH update of the ciphertext blocks in GHASHDATA[0-3].
- for my $i ( reverse 1 .. 9 ) {
- $code .= <<___;
- @{[ _ghash_step_4x (9 - $i) ]}
- @{[ _vaesenc_4x ${"RNDKEY_M$i"} ]}
-___
- }
- $code .= <<___;
- @{[ _ghash_step_4x 9 ]}
- @{[ _aesenclast_and_xor_4x ]}
- sub \$-4*$VL, $SRC # shorter than 'add 4*VL' when VL=32
- sub \$-4*$VL, $DST
- add \$-4*$VL, $DATALEN
- cmp \$4*$VL-1, $DATALEN
- ja .Lcrypt_loop_4x$local_label_suffix
-___
-
- if ($enc) {
-
- # Update GHASH with the last set of ciphertext blocks.
- $code .= <<___;
-.Lghash_last_ciphertext_4x$local_label_suffix:
- @{[ _ghash_4x ]}
-___
- }
-
- my $POWERS_PTR = $BE_CTR_PTR; # BE_CTR_PTR is free to be reused.
-
- $code .= <<___;
-.Lcrypt_loop_4x_done$local_label_suffix:
- # Check whether any data remains.
- test $DATALEN, $DATALEN
- jz .Ldone$local_label_suffix
-
- # The data length isn't a multiple of 4*VL. Process the remaining data
- # of length 1 <= DATALEN < 4*VL, up to one vector (VL bytes) at a time.
- # Going one vector at a time may seem inefficient compared to having
- # separate code paths for each possible number of vectors remaining.
- # However, using a loop keeps the code size down, and it performs
- # surprising well; modern CPUs will start executing the next iteration
- # before the previous one finishes and also predict the number of loop
- # iterations. For a similar reason, we roll up the AES rounds.
- #
- # On the last iteration, the remaining length may be less than VL.
- # Handle this using masking.
- #
- # Since there are enough key powers available for all remaining data,
- # there is no need to do a GHASH reduction after each iteration.
- # Instead, multiply each remaining block by its own key power, and only
- # do a GHASH reduction at the very end.
-
- # Make POWERS_PTR point to the key powers [H^N, H^(N-1), ...] where N
- # is the number of blocks that remain.
- mov $DATALEN, %rax
- neg %rax
- and \$-16, %rax # -round_up(DATALEN, 16)
- lea $OFFSETOFEND_H_POWERS($H_POWERS,%rax), $POWERS_PTR
-___
-
- # Start collecting the unreduced GHASH intermediate value LO, MI, HI.
- my ( $LO, $LO_XMM ) = ( $GHASHDATA0, $GHASHDATA0_XMM );
- my ( $MI, $MI_XMM ) = ( $GHASHDATA1, $GHASHDATA1_XMM );
- my ( $HI, $HI_XMM ) = ( $GHASHDATA2, $GHASHDATA2_XMM );
- $code .= <<___;
- vpxor $LO_XMM, $LO_XMM, $LO_XMM
- vpxor $MI_XMM, $MI_XMM, $MI_XMM
- vpxor $HI_XMM, $HI_XMM, $HI_XMM
-
- cmp \$$VL, $DATALEN
- jb .Lpartial_vec$local_label_suffix
-
-.Lcrypt_loop_1x$local_label_suffix:
- # Process a full vector of length VL.
-
- # Encrypt a vector of counter blocks.
- vpshufb $BSWAP_MASK, $LE_CTR, $V0
- vpaddd $LE_CTR_INC, $LE_CTR, $LE_CTR
- vpxord $RNDKEY0, $V0, $V0
- lea 16($AESKEY), %rax
-.Lvaesenc_loop_tail_full_vec$local_label_suffix:
- vbroadcasti32x4 (%rax), $RNDKEY
- vaesenc $RNDKEY, $V0, $V0
- add \$16, %rax
- cmp %rax, $RNDKEYLAST_PTR
- jne .Lvaesenc_loop_tail_full_vec$local_label_suffix
- vaesenclast $RNDKEYLAST, $V0, $V0
-
- # XOR the data with the vector of keystream blocks.
- vmovdqu8 ($SRC), $V1
- vpxord $V1, $V0, $V0
- vmovdqu8 $V0, ($DST)
-
- # Update GHASH with the ciphertext blocks, without reducing.
- vmovdqu8 ($POWERS_PTR), $H_POW1
- vpshufb $BSWAP_MASK, @{[ $enc ? $V0 : $V1 ]}, $V0
- vpxord $GHASH_ACC, $V0, $V0
- @{[ _ghash_mul_noreduce $H_POW1, $V0, $LO, $MI, $HI, $GHASHDATA3,
- $V1, $V2, $V3 ]}
- vpxor $GHASH_ACC_XMM, $GHASH_ACC_XMM, $GHASH_ACC_XMM
-
- add \$$VL, $POWERS_PTR
- add \$$VL, $SRC
- add \$$VL, $DST
- sub \$$VL, $DATALEN
- cmp \$$VL, $DATALEN
- jae .Lcrypt_loop_1x$local_label_suffix
-
- test $DATALEN, $DATALEN
- jz .Lreduce$local_label_suffix
-
-.Lpartial_vec$local_label_suffix:
- # Process a partial vector of length 1 <= DATALEN < VL.
-
- # Set the data mask %k1 to DATALEN 1's.
- # Set the key powers mask %k2 to round_up(DATALEN, 16) 1's.
- mov \$-1, %rax
- bzhi $DATALEN, %rax, %rax
- @{[ $VL < 64 ? "kmovd %eax, %k1" : "kmovq %rax, %k1" ]}
- add \$15, $DATALEN
- and \$-16, $DATALEN
- mov \$-1, %rax
- bzhi $DATALEN, %rax, %rax
- @{[ $VL < 64 ? "kmovd %eax, %k2" : "kmovq %rax, %k2" ]}
-
- # Encrypt one last vector of counter blocks. This does not need to be
- # masked. The counter does not need to be incremented here.
- vpshufb $BSWAP_MASK, $LE_CTR, $V0
- vpxord $RNDKEY0, $V0, $V0
- lea 16($AESKEY), %rax
-.Lvaesenc_loop_tail_partialvec$local_label_suffix:
- vbroadcasti32x4 (%rax), $RNDKEY
- vaesenc $RNDKEY, $V0, $V0
- add \$16, %rax
- cmp %rax, $RNDKEYLAST_PTR
- jne .Lvaesenc_loop_tail_partialvec$local_label_suffix
- vaesenclast $RNDKEYLAST, $V0, $V0
-
- # XOR the data with the appropriate number of keystream bytes.
- vmovdqu8 ($SRC), $V1\{%k1}{z}
- vpxord $V1, $V0, $V0
- vmovdqu8 $V0, ($DST){%k1}
-
- # Update GHASH with the ciphertext block(s), without reducing.
- #
- # In the case of DATALEN < VL, the ciphertext is zero-padded to VL.
- # (If decrypting, it's done by the above masked load. If encrypting,
- # it's done by the below masked register-to-register move.) Note that
- # if DATALEN <= VL - 16, there will be additional padding beyond the
- # padding of the last block specified by GHASH itself; i.e., there may
- # be whole block(s) that get processed by the GHASH multiplication and
- # reduction instructions but should not actually be included in the
- # GHASH. However, any such blocks are all-zeroes, and the values that
- # they're multiplied with are also all-zeroes. Therefore they just add
- # 0 * 0 = 0 to the final GHASH result, which makes no difference.
- vmovdqu8 ($POWERS_PTR), $H_POW1\{%k2}{z}
- @{[ $enc ? "vmovdqu8 $V0, $V1\{%k1}{z}" : "" ]}
- vpshufb $BSWAP_MASK, $V1, $V0
- vpxord $GHASH_ACC, $V0, $V0
- @{[ _ghash_mul_noreduce $H_POW1, $V0, $LO, $MI, $HI, $GHASHDATA3,
- $V1, $V2, $V3 ]}
-
-.Lreduce$local_label_suffix:
- # Finally, do the GHASH reduction.
- @{[ _ghash_reduce $LO, $MI, $HI, $GFPOLY, $V0 ]}
- @{[ _horizontal_xor $HI, $HI_XMM, $GHASH_ACC_XMM,
- "%xmm0", "%xmm1", "%xmm2" ]}
-
-.Ldone$local_label_suffix:
- # Store the updated GHASH accumulator back to memory.
- vpshufb $BSWAP_MASK_XMM, $GHASH_ACC_XMM, $GHASH_ACC_XMM
- vmovdqu $GHASH_ACC_XMM, ($GHASH_ACC_PTR)
-
- vzeroupper # This is needed after using ymm or zmm registers.
-___
- return $code;
-}
-
-# void gcm_gmult_vpclmulqdq_avx10(uint8_t Xi[16], const u128 Htable[16]);
-$code .= _begin_func "gcm_gmult_vpclmulqdq_avx10", 1;
-{
- my ( $GHASH_ACC_PTR, $H_POWERS ) = @argregs[ 0 .. 1 ];
- my ( $GHASH_ACC, $BSWAP_MASK, $H_POW1, $GFPOLY, $T0, $T1, $T2 ) =
- map( "%xmm$_", ( 0 .. 6 ) );
-
- $code .= <<___;
- @{[ _save_xmmregs (6) ]}
- .seh_endprologue
-
- vmovdqu ($GHASH_ACC_PTR), $GHASH_ACC
- vmovdqu .Lbswap_mask(%rip), $BSWAP_MASK
- vmovdqu $OFFSETOFEND_H_POWERS-16($H_POWERS), $H_POW1
- vmovdqu .Lgfpoly(%rip), $GFPOLY
- vpshufb $BSWAP_MASK, $GHASH_ACC, $GHASH_ACC
-
- @{[ _ghash_mul $H_POW1, $GHASH_ACC, $GHASH_ACC, $GFPOLY, $T0, $T1, $T2 ]}
-
- vpshufb $BSWAP_MASK, $GHASH_ACC, $GHASH_ACC
- vmovdqu $GHASH_ACC, ($GHASH_ACC_PTR)
-___
-}
-$code .= _end_func;
-
-# Disabled until significant deployment of AVX10/256 is seen. The separate
-# *_vaes_avx2 implementation provides the only 256-bit support for now.
-#
-# $code .= _begin_func "gcm_init_vpclmulqdq_avx10_256", 0;
-# $code .= _aes_gcm_init;
-# $code .= _end_func;
-#
-# $code .= _begin_func "gcm_ghash_vpclmulqdq_avx10_256", 1;
-# $code .= _ghash_update;
-# $code .= _end_func;
-#
-# $code .= _begin_func "aes_gcm_enc_update_vaes_avx10_256", 1;
-# $code .= _aes_gcm_update 1;
-# $code .= _end_func;
-#
-# $code .= _begin_func "aes_gcm_dec_update_vaes_avx10_256", 1;
-# $code .= _aes_gcm_update 0;
-# $code .= _end_func;
-
-_set_veclen 64;
-
-$code .= _begin_func "gcm_init_vpclmulqdq_avx10_512", 0;
-$code .= _aes_gcm_init;
-$code .= _end_func;
-
-$code .= _begin_func "gcm_ghash_vpclmulqdq_avx10_512", 1;
-$code .= _ghash_update;
-$code .= _end_func;
-
-$code .= _begin_func "aes_gcm_enc_update_vaes_avx10_512", 1;
-$code .= _aes_gcm_update 1;
-$code .= _end_func;
-
-$code .= _begin_func "aes_gcm_dec_update_vaes_avx10_512", 1;
-$code .= _aes_gcm_update 0;
-$code .= _end_func;
-
-print $code;
-close STDOUT or die "error closing STDOUT: $!";
-exit 0;
diff --git a/src/crypto/fipsmodule/aes/asm/aes-gcm-avx2-x86_64.pl b/src/crypto/fipsmodule/aes/asm/aes-gcm-avx2-x86_64.pl
index ebbd0dd..23ec5da 100644
--- a/src/crypto/fipsmodule/aes/asm/aes-gcm-avx2-x86_64.pl
+++ b/src/crypto/fipsmodule/aes/asm/aes-gcm-avx2-x86_64.pl
@@ -15,14 +15,15 @@
#
#------------------------------------------------------------------------------
#
-# VAES and VPCLMULQDQ optimized AES-GCM for x86_64 (AVX2 version)
+# This is an AES-GCM implementation for x86_64 CPUs that support the following
+# CPU features: VAES && VPCLMULQDQ && AVX2.
#
-# This is similar to aes-gcm-avx10-x86_64.pl, but it uses AVX2 instead of AVX512
-# / AVX10. This means it can only use 16 vector registers instead of 32, the
+# This is similar to aes-gcm-avx512-x86_64.pl, but it uses AVX2 instead of
+# AVX512. This means it can only use 16 vector registers instead of 32, the
# maximum vector length is 32 bytes, and some instructions such as vpternlogd
# and masked loads/stores are unavailable. However, it is able to run on CPUs
-# that have VAES without AVX512 / AVX10, namely AMD Zen 3 (including "Milan"
-# server processors) and some Intel client CPUs such as Alder Lake.
+# that have VAES without AVX512, namely AMD Zen 3 (including "Milan" server
+# processors) and some Intel client CPUs such as Alder Lake.
#
# This implementation also uses Karatsuba multiplication instead of schoolbook
# multiplication for GHASH in its main loop. This does not help much on Intel,
@@ -121,7 +122,7 @@
for my $i ( 0 .. $num_xmmregs - 1 ) {
my $reg_num = $xmmregs[$i];
my $pos = 16 * $i;
- $code .= "movdqa %xmm$reg_num, $pos(%rsp)\n";
+ $code .= "vmovdqa %xmm$reg_num, $pos(%rsp)\n";
$code .= ".seh_savexmm %xmm$reg_num, $pos\n";
}
}
@@ -139,7 +140,7 @@
for my $i ( 0 .. $num_xmmregs - 1 ) {
my $reg_num = $g_cur_func_saved_xmmregs[$i];
my $pos = 16 * $i;
- $code .= "movdqa $pos(%rsp), %xmm$reg_num\n";
+ $code .= "vmovdqa $pos(%rsp), %xmm$reg_num\n";
}
$code .= "add \$$alloc_size, %rsp\n";
}
@@ -226,6 +227,23 @@
___
}
+# This is a specialized version of _ghash_mul that computes \a * \a, i.e. it
+# squares \a. It skips computing MI = (a_L * a_H) + (a_H * a_L) = 0.
+sub _ghash_square {
+ my ( $a, $dst, $gfpoly, $t0, $t1 ) = @_;
+ return <<___;
+ vpclmulqdq \$0x00, $a, $a, $t0 # LO = a_L * a_L
+ vpclmulqdq \$0x11, $a, $a, $dst # HI = a_H * a_H
+ vpclmulqdq \$0x01, $t0, $gfpoly, $t1 # LO_L*(x^63 + x^62 + x^57)
+ vpshufd \$0x4e, $t0, $t0 # Swap halves of LO
+ vpxor $t0, $t1, $t1 # Fold LO into MI
+ vpclmulqdq \$0x01, $t1, $gfpoly, $t0 # MI_L*(x^63 + x^62 + x^57)
+ vpshufd \$0x4e, $t1, $t1 # Swap halves of MI
+ vpxor $t1, $dst, $dst # Fold MI into HI (part 1)
+ vpxor $t0, $dst, $dst # Fold MI into HI (part 2)
+___
+}
+
# void gcm_init_vpclmulqdq_avx2(u128 Htable[16], const uint64_t H[2]);
#
# Initialize |Htable| with powers of the GHASH subkey |H|.
@@ -265,8 +283,8 @@
vbroadcasti128 .Lgfpoly(%rip), $GFPOLY
# Square H^1 to get H^2.
- @{[ _ghash_mul $H_CUR_XMM, $H_CUR_XMM, $H_INC_XMM, $GFPOLY_XMM,
- $TMP0_XMM, $TMP1_XMM, $TMP2_XMM ]}
+ @{[ _ghash_square $H_CUR_XMM, $H_INC_XMM, $GFPOLY_XMM,
+ $TMP0_XMM, $TMP1_XMM ]}
# Create H_CUR = [H^2, H^1] and H_INC = [H^2, H^2].
vinserti128 \$1, $H_CUR_XMM, $H_INC, $H_CUR
@@ -456,6 +474,8 @@
vpshufb $BSWAP_MASK, $GHASH_ACC, $GHASH_ACC
vmovdqu $GHASH_ACC, ($GHASH_ACC_PTR)
+
+ # No need for vzeroupper, since only xmm registers were used.
___
}
$code .= _end_func;
@@ -490,15 +510,25 @@
@{[ _save_xmmregs (6 .. 9) ]}
.seh_endprologue
- vbroadcasti128 .Lbswap_mask(%rip), $BSWAP_MASK
+ # Load the bswap_mask and gfpoly constants. Since AADLEN is usually small,
+ # usually only 128-bit vectors will be used. So as an optimization, don't
+ # broadcast these constants to both 128-bit lanes quite yet.
+ vmovdqu .Lbswap_mask(%rip), $BSWAP_MASK_XMM
+ vmovdqu .Lgfpoly(%rip), $GFPOLY_XMM
+
+ # Load the GHASH accumulator.
vmovdqu ($GHASH_ACC_PTR), $GHASH_ACC_XMM
vpshufb $BSWAP_MASK_XMM, $GHASH_ACC_XMM, $GHASH_ACC_XMM
- vbroadcasti128 .Lgfpoly(%rip), $GFPOLY
# Optimize for AADLEN < 32 by checking for AADLEN < 32 before AADLEN < 128.
cmp \$32, $AADLEN
jb .Lghash_lastblock
+ # AADLEN >= 32, so we'll operate on full vectors. Broadcast bswap_mask and
+ # gfpoly to both 128-bit lanes.
+ vinserti128 \$1, $BSWAP_MASK_XMM, $BSWAP_MASK, $BSWAP_MASK
+ vinserti128 \$1, $GFPOLY_XMM, $GFPOLY, $GFPOLY
+
cmp \$127, $AADLEN
jbe .Lghash_loop_1x
@@ -530,9 +560,6 @@
cmp \$32, $AADLEN
jae .Lghash_loop_1x
.Lghash_loop_1x_done:
- # Issue the vzeroupper that is needed after using ymm registers. Do it here
- # instead of at the end, to minimize overhead for small AADLEN.
- vzeroupper
# Update GHASH with the remaining 16-byte block if any.
.Lghash_lastblock:
@@ -549,6 +576,8 @@
# Store the updated GHASH accumulator back to memory.
vpshufb $BSWAP_MASK_XMM, $GHASH_ACC_XMM, $GHASH_ACC_XMM
vmovdqu $GHASH_ACC_XMM, ($GHASH_ACC_PTR)
+
+ vzeroupper
___
}
$code .= _end_func;
@@ -723,7 +752,7 @@
$code .= <<___;
#ifdef BORINGSSL_DISPATCH_TEST
.extern BORINGSSL_function_hit
- movb \$1,BORINGSSL_function_hit+8(%rip)
+ movb \$1,BORINGSSL_function_hit+6(%rip)
#endif
___
}
diff --git a/src/crypto/fipsmodule/aes/asm/aes-gcm-avx512-x86_64.pl b/src/crypto/fipsmodule/aes/asm/aes-gcm-avx512-x86_64.pl
new file mode 100644
index 0000000..36b79c3
--- /dev/null
+++ b/src/crypto/fipsmodule/aes/asm/aes-gcm-avx512-x86_64.pl
@@ -0,0 +1,1289 @@
+#!/usr/bin/env perl
+# Copyright 2024 The BoringSSL Authors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#------------------------------------------------------------------------------
+#
+# This is an AES-GCM implementation for x86_64 CPUs that support the following
+# CPU features: VAES && VPCLMULQDQ && AVX512BW && AVX512VL && BMI2.
+#
+# This file is based on aes-gcm-avx10-x86_64.S from the Linux kernel
+# (https://git.kernel.org/linus/b06affb1cb580e13). The following notable
+# changes have been made:
+#
+# - Relicensed under BoringSSL's preferred license.
+#
+# - Converted from GNU assembler to "perlasm". This was necessary for
+# compatibility with BoringSSL's Windows builds which use NASM instead of the
+# GNU assembler. It was also necessary for compatibility with the 'delocate'
+# tool used in BoringSSL's FIPS builds.
+#
+# - Added support for the Windows ABI.
+#
+# - Changed function prototypes to be compatible with what BoringSSL wants.
+#
+# - Removed the optimized finalization function, as BoringSSL doesn't want it.
+#
+# - Added a single-block GHASH multiplication function, as BoringSSL needs this.
+#
+# - Added optimization for large amounts of AAD.
+#
+# - Removed support for maximum vector lengths other than 512 bits.
+
+use strict;
+
+my $flavour = shift;
+my $output = shift;
+if ( $flavour =~ /\./ ) { $output = $flavour; undef $flavour; }
+
+my $win64;
+my @argregs;
+if ( $flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/ ) {
+ $win64 = 1;
+ @argregs = ( "%rcx", "%rdx", "%r8", "%r9" );
+}
+else {
+ $win64 = 0;
+ @argregs = ( "%rdi", "%rsi", "%rdx", "%rcx", "%r8", "%r9" );
+}
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/;
+my $dir = $1;
+my $xlate;
+( $xlate = "${dir}x86_64-xlate.pl" and -f $xlate )
+ or ( $xlate = "${dir}../../../perlasm/x86_64-xlate.pl" and -f $xlate )
+ or die "can't locate x86_64-xlate.pl";
+
+open OUT, "| \"$^X\" \"$xlate\" $flavour \"$output\"";
+*STDOUT = *OUT;
+
+my $g_cur_func_name;
+my $g_cur_func_uses_seh;
+my @g_cur_func_saved_gpregs;
+my @g_cur_func_saved_xmmregs;
+
+sub _begin_func {
+ my ( $funcname, $uses_seh ) = @_;
+ $g_cur_func_name = $funcname;
+ $g_cur_func_uses_seh = $uses_seh;
+ @g_cur_func_saved_gpregs = ();
+ @g_cur_func_saved_xmmregs = ();
+ return <<___;
+.globl $funcname
+.type $funcname,\@abi-omnipotent
+.align 32
+$funcname:
+ .cfi_startproc
+ @{[ $uses_seh ? ".seh_startproc" : "" ]}
+ _CET_ENDBR
+___
+}
+
+# Push a list of general purpose registers onto the stack.
+sub _save_gpregs {
+ my @gpregs = @_;
+ my $code = "";
+ die "_save_gpregs requires uses_seh" unless $g_cur_func_uses_seh;
+ die "_save_gpregs can only be called once per function"
+ if @g_cur_func_saved_gpregs;
+ die "Order must be _save_gpregs, then _save_xmmregs"
+ if @g_cur_func_saved_xmmregs;
+ @g_cur_func_saved_gpregs = @gpregs;
+ for my $reg (@gpregs) {
+ $code .= "push $reg\n";
+ if ($win64) {
+ $code .= ".seh_pushreg $reg\n";
+ }
+ else {
+ $code .= ".cfi_push $reg\n";
+ }
+ }
+ return $code;
+}
+
+# Push a list of xmm registers onto the stack if the target is Windows.
+sub _save_xmmregs {
+ my @xmmregs = @_;
+ my $num_xmmregs = scalar @xmmregs;
+ my $code = "";
+ die "_save_xmmregs requires uses_seh" unless $g_cur_func_uses_seh;
+ die "_save_xmmregs can only be called once per function"
+ if @g_cur_func_saved_xmmregs;
+ if ( $win64 and $num_xmmregs > 0 ) {
+ @g_cur_func_saved_xmmregs = @xmmregs;
+ my $is_misaligned = ( scalar @g_cur_func_saved_gpregs ) % 2 == 0;
+ my $alloc_size = 16 * $num_xmmregs + ( $is_misaligned ? 8 : 0 );
+ $code .= "sub \$$alloc_size, %rsp\n";
+ $code .= ".seh_stackalloc $alloc_size\n";
+ for my $i ( 0 .. $num_xmmregs - 1 ) {
+ my $reg_num = $xmmregs[$i];
+ my $pos = 16 * $i;
+ $code .= "vmovdqa %xmm$reg_num, $pos(%rsp)\n";
+ $code .= ".seh_savexmm %xmm$reg_num, $pos\n";
+ }
+ }
+ return $code;
+}
+
+sub _end_func {
+ my $code = "";
+
+ # Restore any xmm registers that were saved earlier.
+ my $num_xmmregs = scalar @g_cur_func_saved_xmmregs;
+ if ( $win64 and $num_xmmregs > 0 ) {
+ my $need_alignment = ( scalar @g_cur_func_saved_gpregs ) % 2 == 0;
+ my $alloc_size = 16 * $num_xmmregs + ( $need_alignment ? 8 : 0 );
+ for my $i ( 0 .. $num_xmmregs - 1 ) {
+ my $reg_num = $g_cur_func_saved_xmmregs[$i];
+ my $pos = 16 * $i;
+ $code .= "vmovdqa $pos(%rsp), %xmm$reg_num\n";
+ }
+ $code .= "add \$$alloc_size, %rsp\n";
+ }
+
+ # Restore any general purpose registers that were saved earlier.
+ for my $reg ( reverse @g_cur_func_saved_gpregs ) {
+ $code .= "pop $reg\n";
+ if ( !$win64 ) {
+ $code .= ".cfi_pop $reg\n";
+ }
+ }
+
+ $code .= <<___;
+ ret
+ @{[ $g_cur_func_uses_seh ? ".seh_endproc" : "" ]}
+ .cfi_endproc
+ .size $g_cur_func_name, . - $g_cur_func_name
+___
+ return $code;
+}
+
+my $code = <<___;
+.section .rodata
+.align 64
+
+ # A shuffle mask that reflects the bytes of 16-byte blocks
+.Lbswap_mask:
+ .quad 0x08090a0b0c0d0e0f, 0x0001020304050607
+
+ # This is the GHASH reducing polynomial without its constant term, i.e.
+ # x^128 + x^7 + x^2 + x, represented using the backwards mapping
+ # between bits and polynomial coefficients.
+ #
+ # Alternatively, it can be interpreted as the naturally-ordered
+ # representation of the polynomial x^127 + x^126 + x^121 + 1, i.e. the
+ # "reversed" GHASH reducing polynomial without its x^128 term.
+.Lgfpoly:
+ .quad 1, 0xc200000000000000
+
+ # Same as above, but with the (1 << 64) bit set.
+.Lgfpoly_and_internal_carrybit:
+ .quad 1, 0xc200000000000001
+
+ # Values needed to prepare the initial vector of counter blocks.
+.Lctr_pattern:
+ .quad 0, 0
+ .quad 1, 0
+ .quad 2, 0
+ .quad 3, 0
+
+ # The number of AES blocks per vector, as a 128-bit value.
+.Linc_4blocks:
+ .quad 4, 0
+
+.text
+___
+
+# Number of powers of the hash key stored in the key struct. The powers are
+# stored from highest (H^NUM_H_POWERS) to lowest (H^1).
+my $NUM_H_POWERS = 16;
+
+my $OFFSETOFEND_H_POWERS = $NUM_H_POWERS * 16;
+
+# Offset to 'rounds' in AES_KEY struct
+my $OFFSETOF_AES_ROUNDS = 240;
+
+# The _ghash_mul macro multiplies the 128-bit lanes of \a by the corresponding
+# 128-bit lanes of \b and stores the reduced products in \dst. \t0, \t1, and
+# \t2 are temporary registers of the same size as \a and \b.
+#
+# The multiplications are done in GHASH's representation of the finite field
+# GF(2^128). Elements of GF(2^128) are represented as binary polynomials
+# (i.e. polynomials whose coefficients are bits) modulo a reducing polynomial
+# G. The GCM specification uses G = x^128 + x^7 + x^2 + x + 1. Addition is
+# just XOR, while multiplication is more complex and has two parts: (a) do
+# carryless multiplication of two 128-bit input polynomials to get a 256-bit
+# intermediate product polynomial, and (b) reduce the intermediate product to
+# 128 bits by adding multiples of G that cancel out terms in it. (Adding
+# multiples of G doesn't change which field element the polynomial represents.)
+#
+# Unfortunately, the GCM specification maps bits to/from polynomial
+# coefficients backwards from the natural order. In each byte it specifies the
+# highest bit to be the lowest order polynomial coefficient, *not* the highest!
+# This makes it nontrivial to work with the GHASH polynomials. We could
+# reflect the bits, but x86 doesn't have an instruction that does that.
+#
+# Instead, we operate on the values without bit-reflecting them. This *mostly*
+# just works, since XOR and carryless multiplication are symmetric with respect
+# to bit order, but it has some consequences. First, due to GHASH's byte
+# order, by skipping bit reflection, *byte* reflection becomes necessary to
+# give the polynomial terms a consistent order. E.g., considering an N-bit
+# value interpreted using the G = x^128 + x^7 + x^2 + x + 1 convention, bits 0
+# through N-1 of the byte-reflected value represent the coefficients of x^(N-1)
+# through x^0, whereas bits 0 through N-1 of the non-byte-reflected value
+# represent x^7...x^0, x^15...x^8, ..., x^(N-1)...x^(N-8) which can't be worked
+# with. Fortunately, x86's vpshufb instruction can do byte reflection.
+#
+# Second, forgoing the bit reflection causes an extra multiple of x (still
+# using the G = x^128 + x^7 + x^2 + x + 1 convention) to be introduced by each
+# multiplication. This is because an M-bit by N-bit carryless multiplication
+# really produces a (M+N-1)-bit product, but in practice it's zero-extended to
+# M+N bits. In the G = x^128 + x^7 + x^2 + x + 1 convention, which maps bits
+# to polynomial coefficients backwards, this zero-extension actually changes
+# the product by introducing an extra factor of x. Therefore, users of this
+# macro must ensure that one of the inputs has an extra factor of x^-1, i.e.
+# the multiplicative inverse of x, to cancel out the extra x.
+#
+# Third, the backwards coefficients convention is just confusing to work with,
+# since it makes "low" and "high" in the polynomial math mean the opposite of
+# their normal meaning in computer programming. This can be solved by using an
+# alternative interpretation: the polynomial coefficients are understood to be
+# in the natural order, and the multiplication is actually \a * \b * x^-128 mod
+# x^128 + x^127 + x^126 + x^121 + 1. This doesn't change the inputs, outputs,
+# or the implementation at all; it just changes the mathematical interpretation
+# of what each instruction is doing. Starting from here, we'll use this
+# alternative interpretation, as it's easier to understand the code that way.
+#
+# Moving onto the implementation, the vpclmulqdq instruction does 64 x 64 =>
+# 128-bit carryless multiplication, so we break the 128 x 128 multiplication
+# into parts as follows (the _L and _H suffixes denote low and high 64 bits):
+#
+# LO = a_L * b_L
+# MI = (a_L * b_H) + (a_H * b_L)
+# HI = a_H * b_H
+#
+# The 256-bit product is x^128*HI + x^64*MI + LO. LO, MI, and HI are 128-bit.
+# Note that MI "overlaps" with LO and HI. We don't consolidate MI into LO and
+# HI right away, since the way the reduction works makes that unnecessary.
+#
+# For the reduction, we cancel out the low 128 bits by adding multiples of G =
+# x^128 + x^127 + x^126 + x^121 + 1. This is done by two iterations, each of
+# which cancels out the next lowest 64 bits. Consider a value x^64*A + B,
+# where A and B are 128-bit. Adding B_L*G to that value gives:
+#
+# x^64*A + B + B_L*G
+# = x^64*A + x^64*B_H + B_L + B_L*(x^128 + x^127 + x^126 + x^121 + 1)
+# = x^64*A + x^64*B_H + B_L + x^128*B_L + x^64*B_L*(x^63 + x^62 + x^57) + B_L
+# = x^64*A + x^64*B_H + x^128*B_L + x^64*B_L*(x^63 + x^62 + x^57) + B_L + B_L
+# = x^64*(A + B_H + x^64*B_L + B_L*(x^63 + x^62 + x^57))
+#
+# So: if we sum A, B with its halves swapped, and the low half of B times x^63
+# + x^62 + x^57, we get a 128-bit value C where x^64*C is congruent to the
+# original value x^64*A + B. I.e., the low 64 bits got canceled out.
+#
+# We just need to apply this twice: first to fold LO into MI, and second to
+# fold the updated MI into HI.
+#
+# The needed three-argument XORs are done using the vpternlogd instruction with
+# immediate 0x96, since this is faster than two vpxord instructions.
+#
+# A potential optimization, assuming that b is fixed per-key (if a is fixed
+# per-key it would work the other way around), is to use one iteration of the
+# reduction described above to precompute a value c such that x^64*c = b mod G,
+# and then multiply a_L by c (and implicitly by x^64) instead of by b:
+#
+# MI = (a_L * c_L) + (a_H * b_L)
+# HI = (a_L * c_H) + (a_H * b_H)
+#
+# This would eliminate the LO part of the intermediate product, which would
+# eliminate the need to fold LO into MI. This would save two instructions,
+# including a vpclmulqdq. However, we currently don't use this optimization
+# because it would require twice as many per-key precomputed values.
+#
+# Using Karatsuba multiplication instead of "schoolbook" multiplication
+# similarly would save a vpclmulqdq but does not seem to be worth it.
+sub _ghash_mul {
+ my ( $a, $b, $dst, $gfpoly, $t0, $t1, $t2 ) = @_;
+ return <<___;
+ vpclmulqdq \$0x00, $a, $b, $t0 # LO = a_L * b_L
+ vpclmulqdq \$0x01, $a, $b, $t1 # MI_0 = a_L * b_H
+ vpclmulqdq \$0x10, $a, $b, $t2 # MI_1 = a_H * b_L
+ vpxord $t2, $t1, $t1 # MI = MI_0 + MI_1
+ vpclmulqdq \$0x01, $t0, $gfpoly, $t2 # LO_L*(x^63 + x^62 + x^57)
+ vpshufd \$0x4e, $t0, $t0 # Swap halves of LO
+ vpternlogd \$0x96, $t2, $t0, $t1 # Fold LO into MI
+ vpclmulqdq \$0x11, $a, $b, $dst # HI = a_H * b_H
+ vpclmulqdq \$0x01, $t1, $gfpoly, $t0 # MI_L*(x^63 + x^62 + x^57)
+ vpshufd \$0x4e, $t1, $t1 # Swap halves of MI
+ vpternlogd \$0x96, $t0, $t1, $dst # Fold MI into HI
+___
+}
+
+# GHASH-multiply the 128-bit lanes of \a by the 128-bit lanes of \b and add the
+# *unreduced* products to \lo, \mi, and \hi.
+sub _ghash_mul_noreduce {
+ my ( $a, $b, $lo, $mi, $hi, $t0, $t1, $t2, $t3 ) = @_;
+ return <<___;
+ vpclmulqdq \$0x00, $a, $b, $t0 # a_L * b_L
+ vpclmulqdq \$0x01, $a, $b, $t1 # a_L * b_H
+ vpclmulqdq \$0x10, $a, $b, $t2 # a_H * b_L
+ vpclmulqdq \$0x11, $a, $b, $t3 # a_H * b_H
+ vpxord $t0, $lo, $lo
+ vpternlogd \$0x96, $t2, $t1, $mi
+ vpxord $t3, $hi, $hi
+___
+}
+
+# Reduce the unreduced products from \lo, \mi, and \hi and store the 128-bit
+# reduced products in \hi. See _ghash_mul for explanation of reduction.
+sub _ghash_reduce {
+ my ( $lo, $mi, $hi, $gfpoly, $t0 ) = @_;
+ return <<___;
+ vpclmulqdq \$0x01, $lo, $gfpoly, $t0
+ vpshufd \$0x4e, $lo, $lo
+ vpternlogd \$0x96, $t0, $lo, $mi
+ vpclmulqdq \$0x01, $mi, $gfpoly, $t0
+ vpshufd \$0x4e, $mi, $mi
+ vpternlogd \$0x96, $t0, $mi, $hi
+___
+}
+
+# This is a specialized version of _ghash_mul that computes \a * \a, i.e. it
+# squares \a. It skips computing MI = (a_L * a_H) + (a_H * a_L) = 0.
+sub _ghash_square {
+ my ( $a, $dst, $gfpoly, $t0, $t1 ) = @_;
+ return <<___;
+ vpclmulqdq \$0x00, $a, $a, $t0 # LO = a_L * a_L
+ vpclmulqdq \$0x11, $a, $a, $dst # HI = a_H * a_H
+ vpclmulqdq \$0x01, $t0, $gfpoly, $t1 # LO_L*(x^63 + x^62 + x^57)
+ vpshufd \$0x4e, $t0, $t0 # Swap halves of LO
+ vpxor $t0, $t1, $t1 # Fold LO into MI
+ vpclmulqdq \$0x01, $t1, $gfpoly, $t0 # MI_L*(x^63 + x^62 + x^57)
+ vpshufd \$0x4e, $t1, $t1 # Swap halves of MI
+ vpternlogd \$0x96, $t0, $t1, $dst # Fold MI into HI
+___
+}
+
+# void gcm_init_vpclmulqdq_avx512(u128 Htable[16], const uint64_t H[2]);
+#
+# Initialize |Htable| with powers of the GHASH subkey |H|.
+#
+# The powers are stored in the order H^NUM_H_POWERS to H^1.
+$code .= _begin_func "gcm_init_vpclmulqdq_avx512", 0;
+{
+ # Function arguments
+ my ( $HTABLE, $H_PTR ) = @argregs[ 0 .. 1 ];
+
+ # Additional local variables. %rax is used as a temporary register.
+ my ( $TMP0, $TMP0_YMM, $TMP0_XMM ) = ( "%zmm0", "%ymm0", "%xmm0" );
+ my ( $TMP1, $TMP1_YMM, $TMP1_XMM ) = ( "%zmm1", "%ymm1", "%xmm1" );
+ my ( $TMP2, $TMP2_YMM, $TMP2_XMM ) = ( "%zmm2", "%ymm2", "%xmm2" );
+ my $POWERS_PTR = "%r8";
+ my $RNDKEYLAST_PTR = "%r9";
+ my ( $H_CUR, $H_CUR_YMM, $H_CUR_XMM ) = ( "%zmm3", "%ymm3", "%xmm3" );
+ my ( $H_INC, $H_INC_YMM, $H_INC_XMM ) = ( "%zmm4", "%ymm4", "%xmm4" );
+ my ( $GFPOLY, $GFPOLY_YMM, $GFPOLY_XMM ) = ( "%zmm5", "%ymm5", "%xmm5" );
+
+ $code .= <<___;
+ # Get pointer to lowest set of key powers (located at end of array).
+ lea $OFFSETOFEND_H_POWERS-64($HTABLE), $POWERS_PTR
+
+ # Load the byte-reflected hash subkey. BoringSSL provides it in
+ # byte-reflected form except the two halves are in the wrong order.
+ vpshufd \$0x4e, ($H_PTR), $H_CUR_XMM
+
+ # Finish preprocessing the first key power, H^1. Since this GHASH
+ # implementation operates directly on values with the backwards bit
+ # order specified by the GCM standard, it's necessary to preprocess the
+ # raw key as follows. First, reflect its bytes. Second, multiply it
+ # by x^-1 mod x^128 + x^7 + x^2 + x + 1 (if using the backwards
+ # interpretation of polynomial coefficients), which can also be
+ # interpreted as multiplication by x mod x^128 + x^127 + x^126 + x^121
+ # + 1 using the alternative, natural interpretation of polynomial
+ # coefficients. For details, see the comment above _ghash_mul.
+ #
+ # Either way, for the multiplication the concrete operation performed
+ # is a left shift of the 128-bit value by 1 bit, then an XOR with (0xc2
+ # << 120) | 1 if a 1 bit was carried out. However, there's no 128-bit
+ # wide shift instruction, so instead double each of the two 64-bit
+ # halves and incorporate the internal carry bit into the value XOR'd.
+ vpshufd \$0xd3, $H_CUR_XMM, $TMP0_XMM
+ vpsrad \$31, $TMP0_XMM, $TMP0_XMM
+ vpaddq $H_CUR_XMM, $H_CUR_XMM, $H_CUR_XMM
+ # H_CUR_XMM ^= TMP0_XMM & gfpoly_and_internal_carrybit
+ vpternlogd \$0x78, .Lgfpoly_and_internal_carrybit(%rip), $TMP0_XMM, $H_CUR_XMM
+
+ # Load the gfpoly constant.
+ vbroadcasti32x4 .Lgfpoly(%rip), $GFPOLY
+
+ # Square H^1 to get H^2.
+ #
+ # Note that as with H^1, all higher key powers also need an extra
+ # factor of x^-1 (or x using the natural interpretation). Nothing
+ # special needs to be done to make this happen, though: H^1 * H^1 would
+ # end up with two factors of x^-1, but the multiplication consumes one.
+ # So the product H^2 ends up with the desired one factor of x^-1.
+ @{[ _ghash_square $H_CUR_XMM, $H_INC_XMM, $GFPOLY_XMM,
+ $TMP0_XMM, $TMP1_XMM ]}
+
+ # Create H_CUR_YMM = [H^2, H^1] and H_INC_YMM = [H^2, H^2].
+ vinserti128 \$1, $H_CUR_XMM, $H_INC_YMM, $H_CUR_YMM
+ vinserti128 \$1, $H_INC_XMM, $H_INC_YMM, $H_INC_YMM
+
+ # Create H_CUR = [H^4, H^3, H^2, H^1] and H_INC = [H^4, H^4, H^4, H^4].
+ @{[ _ghash_mul $H_INC_YMM, $H_CUR_YMM, $H_INC_YMM, $GFPOLY_YMM,
+ $TMP0_YMM, $TMP1_YMM, $TMP2_YMM ]}
+ vinserti64x4 \$1, $H_CUR_YMM, $H_INC, $H_CUR
+ vshufi64x2 \$0, $H_INC, $H_INC, $H_INC
+
+ # Store the lowest set of key powers.
+ vmovdqu8 $H_CUR, ($POWERS_PTR)
+
+ # Compute and store the remaining key powers.
+ # Repeatedly multiply [H^(i+3), H^(i+2), H^(i+1), H^i] by
+ # [H^4, H^4, H^4, H^4] to get [H^(i+7), H^(i+6), H^(i+5), H^(i+4)].
+ mov \$3, %eax
+.Lprecompute_next:
+ sub \$64, $POWERS_PTR
+ @{[ _ghash_mul $H_INC, $H_CUR, $H_CUR, $GFPOLY, $TMP0, $TMP1, $TMP2 ]}
+ vmovdqu8 $H_CUR, ($POWERS_PTR)
+ dec %eax
+ jnz .Lprecompute_next
+
+ vzeroupper # This is needed after using ymm or zmm registers.
+___
+}
+$code .= _end_func;
+
+# XOR together the 128-bit lanes of \src (whose low lane is \src_xmm) and store
+# the result in \dst_xmm. This implicitly zeroizes the other lanes of dst.
+sub _horizontal_xor {
+ my ( $src, $src_xmm, $dst_xmm, $t0_xmm, $t1_xmm, $t2_xmm ) = @_;
+ return <<___;
+ vextracti32x4 \$1, $src, $t0_xmm
+ vextracti32x4 \$2, $src, $t1_xmm
+ vextracti32x4 \$3, $src, $t2_xmm
+ vpxord $t0_xmm, $src_xmm, $dst_xmm
+ vpternlogd \$0x96, $t1_xmm, $t2_xmm, $dst_xmm
+___
+}
+
+# Do one step of the GHASH update of the data blocks given in the vector
+# registers GHASHDATA[0-3]. \i specifies the step to do, 0 through 9. The
+# division into steps allows users of this macro to optionally interleave the
+# computation with other instructions. This macro uses the vector register
+# GHASH_ACC as input/output; GHASHDATA[0-3] as inputs that are clobbered;
+# H_POW[4-1], GFPOLY, and BSWAP_MASK as inputs that aren't clobbered; and
+# GHASHTMP[0-2] as temporaries. This macro handles the byte-reflection of the
+# data blocks. The parameter registers must be preserved across steps.
+#
+# The GHASH update does: GHASH_ACC = H_POW4*(GHASHDATA0 + GHASH_ACC) +
+# H_POW3*GHASHDATA1 + H_POW2*GHASHDATA2 + H_POW1*GHASHDATA3, where the
+# operations are vectorized operations on 512-bit vectors of 128-bit blocks.
+# The vectorized terms correspond to the following non-vectorized terms:
+#
+# H_POW4*(GHASHDATA0 + GHASH_ACC) => H^16*(blk0 + GHASH_ACC_XMM),
+# H^15*(blk1 + 0), H^14*(blk2 + 0), and H^13*(blk3 + 0)
+# H_POW3*GHASHDATA1 => H^12*blk4, H^11*blk5, H^10*blk6, and H^9*blk7
+# H_POW2*GHASHDATA2 => H^8*blk8, H^7*blk9, H^6*blk10, and H^5*blk11
+# H_POW1*GHASHDATA3 => H^4*blk12, H^3*blk13, H^2*blk14, and H^1*blk15
+#
+# More concretely, this code does:
+# - Do vectorized "schoolbook" multiplications to compute the intermediate
+# 256-bit product of each block and its corresponding hash key power.
+# - Sum (XOR) the intermediate 256-bit products across vectors.
+# - Do a vectorized reduction of these 256-bit intermediate values to 128-bits
+# each.
+# - Sum (XOR) these values and store the 128-bit result in GHASH_ACC_XMM.
+#
+# See _ghash_mul for the full explanation of the operations performed for each
+# individual finite field multiplication and reduction.
+sub _ghash_step_4x {
+ my (
+ $i, $BSWAP_MASK, $GHASHDATA0, $GHASHDATA1,
+ $GHASHDATA2, $GHASHDATA3, $GHASHDATA0_XMM, $GHASHDATA1_XMM,
+ $GHASHDATA2_XMM, $GHASHDATA3_XMM, $H_POW4, $H_POW3,
+ $H_POW2, $H_POW1, $GFPOLY, $GHASHTMP0,
+ $GHASHTMP1, $GHASHTMP2, $GHASH_ACC, $GHASH_ACC_XMM
+ ) = @_;
+ if ( $i == 0 ) {
+ return <<___;
+ vpshufb $BSWAP_MASK, $GHASHDATA0, $GHASHDATA0
+ vpxord $GHASH_ACC, $GHASHDATA0, $GHASHDATA0
+ vpshufb $BSWAP_MASK, $GHASHDATA1, $GHASHDATA1
+ vpshufb $BSWAP_MASK, $GHASHDATA2, $GHASHDATA2
+___
+ }
+ elsif ( $i == 1 ) {
+ return <<___;
+ vpshufb $BSWAP_MASK, $GHASHDATA3, $GHASHDATA3
+ vpclmulqdq \$0x00, $H_POW4, $GHASHDATA0, $GHASH_ACC # LO_0
+ vpclmulqdq \$0x00, $H_POW3, $GHASHDATA1, $GHASHTMP0 # LO_1
+ vpclmulqdq \$0x00, $H_POW2, $GHASHDATA2, $GHASHTMP1 # LO_2
+___
+ }
+ elsif ( $i == 2 ) {
+ return <<___;
+ vpxord $GHASHTMP0, $GHASH_ACC, $GHASH_ACC # sum(LO_{1,0})
+ vpclmulqdq \$0x00, $H_POW1, $GHASHDATA3, $GHASHTMP2 # LO_3
+ vpternlogd \$0x96, $GHASHTMP2, $GHASHTMP1, $GHASH_ACC # LO = sum(LO_{3,2,1,0})
+ vpclmulqdq \$0x01, $H_POW4, $GHASHDATA0, $GHASHTMP0 # MI_0
+___
+ }
+ elsif ( $i == 3 ) {
+ return <<___;
+ vpclmulqdq \$0x01, $H_POW3, $GHASHDATA1, $GHASHTMP1 # MI_1
+ vpclmulqdq \$0x01, $H_POW2, $GHASHDATA2, $GHASHTMP2 # MI_2
+ vpternlogd \$0x96, $GHASHTMP2, $GHASHTMP1, $GHASHTMP0 # sum(MI_{2,1,0})
+ vpclmulqdq \$0x01, $H_POW1, $GHASHDATA3, $GHASHTMP1 # MI_3
+___
+ }
+ elsif ( $i == 4 ) {
+ return <<___;
+ vpclmulqdq \$0x10, $H_POW4, $GHASHDATA0, $GHASHTMP2 # MI_4
+ vpternlogd \$0x96, $GHASHTMP2, $GHASHTMP1, $GHASHTMP0 # sum(MI_{4,3,2,1,0})
+ vpclmulqdq \$0x10, $H_POW3, $GHASHDATA1, $GHASHTMP1 # MI_5
+ vpclmulqdq \$0x10, $H_POW2, $GHASHDATA2, $GHASHTMP2 # MI_6
+___
+ }
+ elsif ( $i == 5 ) {
+ return <<___;
+ vpternlogd \$0x96, $GHASHTMP2, $GHASHTMP1, $GHASHTMP0 # sum(MI_{6,5,4,3,2,1,0})
+ vpclmulqdq \$0x01, $GHASH_ACC, $GFPOLY, $GHASHTMP2 # LO_L*(x^63 + x^62 + x^57)
+ vpclmulqdq \$0x10, $H_POW1, $GHASHDATA3, $GHASHTMP1 # MI_7
+ vpxord $GHASHTMP1, $GHASHTMP0, $GHASHTMP0 # MI = sum(MI_{7,6,5,4,3,2,1,0})
+___
+ }
+ elsif ( $i == 6 ) {
+ return <<___;
+ vpshufd \$0x4e, $GHASH_ACC, $GHASH_ACC # Swap halves of LO
+ vpclmulqdq \$0x11, $H_POW4, $GHASHDATA0, $GHASHDATA0 # HI_0
+ vpclmulqdq \$0x11, $H_POW3, $GHASHDATA1, $GHASHDATA1 # HI_1
+ vpclmulqdq \$0x11, $H_POW2, $GHASHDATA2, $GHASHDATA2 # HI_2
+___
+ }
+ elsif ( $i == 7 ) {
+ return <<___;
+ vpternlogd \$0x96, $GHASHTMP2, $GHASH_ACC, $GHASHTMP0 # Fold LO into MI
+ vpclmulqdq \$0x11, $H_POW1, $GHASHDATA3, $GHASHDATA3 # HI_3
+ vpternlogd \$0x96, $GHASHDATA2, $GHASHDATA1, $GHASHDATA0 # sum(HI_{2,1,0})
+ vpclmulqdq \$0x01, $GHASHTMP0, $GFPOLY, $GHASHTMP1 # MI_L*(x^63 + x^62 + x^57)
+___
+ }
+ elsif ( $i == 8 ) {
+ return <<___;
+ vpxord $GHASHDATA3, $GHASHDATA0, $GHASH_ACC # HI = sum(HI_{3,2,1,0})
+ vpshufd \$0x4e, $GHASHTMP0, $GHASHTMP0 # Swap halves of MI
+ vpternlogd \$0x96, $GHASHTMP1, $GHASHTMP0, $GHASH_ACC # Fold MI into HI
+___
+ }
+ elsif ( $i == 9 ) {
+ return _horizontal_xor $GHASH_ACC, $GHASH_ACC_XMM, $GHASH_ACC_XMM,
+ $GHASHDATA0_XMM, $GHASHDATA1_XMM, $GHASHDATA2_XMM;
+ }
+}
+
+# Update GHASH with four vectors of data blocks. See _ghash_step_4x for full
+# explanation.
+sub _ghash_4x {
+ my $code = "";
+ for my $i ( 0 .. 9 ) {
+ $code .= _ghash_step_4x $i, @_;
+ }
+ return $code;
+}
+
+# void gcm_gmult_vpclmulqdq_avx512(uint8_t Xi[16], const u128 Htable[16]);
+$code .= _begin_func "gcm_gmult_vpclmulqdq_avx512", 1;
+{
+ my ( $GHASH_ACC_PTR, $HTABLE ) = @argregs[ 0 .. 1 ];
+ my ( $GHASH_ACC, $BSWAP_MASK, $H_POW1, $GFPOLY, $T0, $T1, $T2 ) =
+ map( "%xmm$_", ( 0 .. 6 ) );
+
+ $code .= <<___;
+ @{[ _save_xmmregs (6) ]}
+ .seh_endprologue
+
+ vmovdqu ($GHASH_ACC_PTR), $GHASH_ACC
+ vmovdqu .Lbswap_mask(%rip), $BSWAP_MASK
+ vmovdqu $OFFSETOFEND_H_POWERS-16($HTABLE), $H_POW1
+ vmovdqu .Lgfpoly(%rip), $GFPOLY
+ vpshufb $BSWAP_MASK, $GHASH_ACC, $GHASH_ACC
+
+ @{[ _ghash_mul $H_POW1, $GHASH_ACC, $GHASH_ACC, $GFPOLY, $T0, $T1, $T2 ]}
+
+ vpshufb $BSWAP_MASK, $GHASH_ACC, $GHASH_ACC
+ vmovdqu $GHASH_ACC, ($GHASH_ACC_PTR)
+
+ # No need for vzeroupper, since only xmm registers were used.
+___
+}
+$code .= _end_func;
+
+# void gcm_ghash_vpclmulqdq_avx512(uint8_t Xi[16], const u128 Htable[16],
+# const uint8_t *in, size_t len);
+#
+# Using the key |Htable|, update the GHASH accumulator |Xi| with the data given
+# by |in| and |len|. |len| must be a multiple of 16.
+#
+# This function handles large amounts of AAD efficiently, while also keeping the
+# overhead low for small amounts of AAD which is the common case. TLS uses less
+# than one block of AAD, but (uncommonly) other use cases may use much more.
+$code .= _begin_func "gcm_ghash_vpclmulqdq_avx512", 1;
+{
+ # Function arguments
+ my ( $GHASH_ACC_PTR, $HTABLE, $AAD, $AADLEN ) = @argregs[ 0 .. 3 ];
+
+ # Additional local variables
+ my ( $GHASHDATA0, $GHASHDATA0_XMM ) = ( "%zmm0", "%xmm0" );
+ my ( $GHASHDATA1, $GHASHDATA1_XMM ) = ( "%zmm1", "%xmm1" );
+ my ( $GHASHDATA2, $GHASHDATA2_XMM ) = ( "%zmm2", "%xmm2" );
+ my ( $GHASHDATA3, $GHASHDATA3_XMM ) = ( "%zmm3", "%xmm3" );
+ my @GHASHDATA = ( $GHASHDATA0, $GHASHDATA1, $GHASHDATA2, $GHASHDATA3 );
+ my @GHASHDATA_XMM =
+ ( $GHASHDATA0_XMM, $GHASHDATA1_XMM, $GHASHDATA2_XMM, $GHASHDATA3_XMM );
+ my ( $BSWAP_MASK, $BSWAP_MASK_XMM ) = ( "%zmm4", "%xmm4" );
+ my ( $GHASH_ACC, $GHASH_ACC_XMM ) = ( "%zmm5", "%xmm5" );
+ my ( $H_POW4, $H_POW3, $H_POW2 ) = ( "%zmm6", "%zmm7", "%zmm8" );
+ my ( $H_POW1, $H_POW1_XMM ) = ( "%zmm9", "%xmm9" );
+ my ( $GFPOLY, $GFPOLY_XMM ) = ( "%zmm10", "%xmm10" );
+ my ( $GHASHTMP0, $GHASHTMP1, $GHASHTMP2 ) =
+ ( "%zmm11", "%zmm12", "%zmm13" );
+
+ $code .= <<___;
+ @{[ _save_xmmregs (6 .. 13) ]}
+ .seh_endprologue
+
+ # Load the bswap_mask and gfpoly constants. Since AADLEN is usually small,
+ # usually only 128-bit vectors will be used. So as an optimization, don't
+ # broadcast these constants to all 128-bit lanes quite yet.
+ vmovdqu .Lbswap_mask(%rip), $BSWAP_MASK_XMM
+ vmovdqu .Lgfpoly(%rip), $GFPOLY_XMM
+
+ # Load the GHASH accumulator.
+ vmovdqu ($GHASH_ACC_PTR), $GHASH_ACC_XMM
+ vpshufb $BSWAP_MASK_XMM, $GHASH_ACC_XMM, $GHASH_ACC_XMM
+
+ # Optimize for AADLEN < 64 by checking for AADLEN < 64 before AADLEN < 256.
+ cmp \$64, $AADLEN
+ jb .Laad_blockbyblock
+
+ # AADLEN >= 64, so we'll operate on full vectors. Broadcast bswap_mask and
+ # gfpoly to all 128-bit lanes.
+ vshufi64x2 \$0, $BSWAP_MASK, $BSWAP_MASK, $BSWAP_MASK
+ vshufi64x2 \$0, $GFPOLY, $GFPOLY, $GFPOLY
+
+ # Load the lowest set of key powers.
+ vmovdqu8 $OFFSETOFEND_H_POWERS-1*64($HTABLE), $H_POW1
+
+ cmp \$256, $AADLEN
+ jb .Laad_loop_1x
+
+ # AADLEN >= 256. Load the higher key powers.
+ vmovdqu8 $OFFSETOFEND_H_POWERS-4*64($HTABLE), $H_POW4
+ vmovdqu8 $OFFSETOFEND_H_POWERS-3*64($HTABLE), $H_POW3
+ vmovdqu8 $OFFSETOFEND_H_POWERS-2*64($HTABLE), $H_POW2
+
+ # Update GHASH with 256 bytes of AAD at a time.
+.Laad_loop_4x:
+ vmovdqu8 0*64($AAD), $GHASHDATA0
+ vmovdqu8 1*64($AAD), $GHASHDATA1
+ vmovdqu8 2*64($AAD), $GHASHDATA2
+ vmovdqu8 3*64($AAD), $GHASHDATA3
+ @{[ _ghash_4x $BSWAP_MASK, @GHASHDATA, @GHASHDATA_XMM, $H_POW4, $H_POW3,
+ $H_POW2, $H_POW1, $GFPOLY, $GHASHTMP0, $GHASHTMP1,
+ $GHASHTMP2, $GHASH_ACC, $GHASH_ACC_XMM ]}
+ add \$256, $AAD
+ sub \$256, $AADLEN
+ cmp \$256, $AADLEN
+ jae .Laad_loop_4x
+
+ # Update GHASH with 64 bytes of AAD at a time.
+ cmp \$64, $AADLEN
+ jb .Laad_large_done
+.Laad_loop_1x:
+ vmovdqu8 ($AAD), $GHASHDATA0
+ vpshufb $BSWAP_MASK, $GHASHDATA0, $GHASHDATA0
+ vpxord $GHASHDATA0, $GHASH_ACC, $GHASH_ACC
+ @{[ _ghash_mul $H_POW1, $GHASH_ACC, $GHASH_ACC, $GFPOLY,
+ $GHASHDATA0, $GHASHDATA1, $GHASHDATA2 ]}
+ @{[ _horizontal_xor $GHASH_ACC, $GHASH_ACC_XMM, $GHASH_ACC_XMM,
+ $GHASHDATA0_XMM, $GHASHDATA1_XMM, $GHASHDATA2_XMM ]}
+ add \$64, $AAD
+ sub \$64, $AADLEN
+ cmp \$64, $AADLEN
+ jae .Laad_loop_1x
+
+.Laad_large_done:
+
+ # GHASH the remaining data 16 bytes at a time, using xmm registers only.
+.Laad_blockbyblock:
+ test $AADLEN, $AADLEN
+ jz .Laad_done
+ vmovdqu $OFFSETOFEND_H_POWERS-16($HTABLE), $H_POW1_XMM
+.Laad_loop_blockbyblock:
+ vmovdqu ($AAD), $GHASHDATA0_XMM
+ vpshufb $BSWAP_MASK_XMM, $GHASHDATA0_XMM, $GHASHDATA0_XMM
+ vpxor $GHASHDATA0_XMM, $GHASH_ACC_XMM, $GHASH_ACC_XMM
+ @{[ _ghash_mul $H_POW1_XMM, $GHASH_ACC_XMM, $GHASH_ACC_XMM, $GFPOLY_XMM,
+ $GHASHDATA0_XMM, $GHASHDATA1_XMM, $GHASHDATA2_XMM ]}
+ add \$16, $AAD
+ sub \$16, $AADLEN
+ jnz .Laad_loop_blockbyblock
+
+.Laad_done:
+ # Store the updated GHASH accumulator back to memory.
+ vpshufb $BSWAP_MASK_XMM, $GHASH_ACC_XMM, $GHASH_ACC_XMM
+ vmovdqu $GHASH_ACC_XMM, ($GHASH_ACC_PTR)
+
+ vzeroupper # This is needed after using ymm or zmm registers.
+___
+}
+$code .= _end_func;
+
+# Do one non-last round of AES encryption on the counter blocks in aesdata[0-3]
+# using the round key that has been broadcast to all 128-bit lanes of round_key.
+sub _vaesenc_4x {
+ my ( $round_key, $aesdata0, $aesdata1, $aesdata2, $aesdata3 ) = @_;
+ return <<___;
+ vaesenc $round_key, $aesdata0, $aesdata0
+ vaesenc $round_key, $aesdata1, $aesdata1
+ vaesenc $round_key, $aesdata2, $aesdata2
+ vaesenc $round_key, $aesdata3, $aesdata3
+___
+}
+
+# Start the AES encryption of four vectors of counter blocks.
+sub _ctr_begin_4x {
+ my (
+ $le_ctr, $le_ctr_inc, $bswap_mask, $rndkey0,
+ $aesdata0, $aesdata1, $aesdata2, $aesdata3
+ ) = @_;
+ return <<___;
+ # Increment le_ctr four times to generate four vectors of little-endian
+ # counter blocks, swap each to big-endian, and store them in aesdata[0-3].
+ vpshufb $bswap_mask, $le_ctr, $aesdata0
+ vpaddd $le_ctr_inc, $le_ctr, $le_ctr
+ vpshufb $bswap_mask, $le_ctr, $aesdata1
+ vpaddd $le_ctr_inc, $le_ctr, $le_ctr
+ vpshufb $bswap_mask, $le_ctr, $aesdata2
+ vpaddd $le_ctr_inc, $le_ctr, $le_ctr
+ vpshufb $bswap_mask, $le_ctr, $aesdata3
+ vpaddd $le_ctr_inc, $le_ctr, $le_ctr
+
+ # AES "round zero": XOR in the zero-th round key.
+ vpxord $rndkey0, $aesdata0, $aesdata0
+ vpxord $rndkey0, $aesdata1, $aesdata1
+ vpxord $rndkey0, $aesdata2, $aesdata2
+ vpxord $rndkey0, $aesdata3, $aesdata3
+___
+}
+
+# Do the last AES round for four vectors of counter blocks, XOR four vectors of
+# source data with the resulting keystream blocks, and write the result to the
+# destination buffer and ghashdata[0-3]. The implementation differs slightly as
+# it takes advantage of the property vaesenclast(key, a) ^ b ==
+# vaesenclast(key ^ b, a) to reduce latency, but it has the same effect.
+sub _aesenclast_and_xor_4x {
+ my (
+ $src, $dst, $rndkeylast, $aesdata0,
+ $aesdata1, $aesdata2, $aesdata3, $ghashdata0,
+ $ghashdata1, $ghashdata2, $ghashdata3
+ ) = @_;
+ return <<___;
+ vpxord 0*64($src), $rndkeylast, $ghashdata0
+ vpxord 1*64($src), $rndkeylast, $ghashdata1
+ vpxord 2*64($src), $rndkeylast, $ghashdata2
+ vpxord 3*64($src), $rndkeylast, $ghashdata3
+ vaesenclast $ghashdata0, $aesdata0, $ghashdata0
+ vaesenclast $ghashdata1, $aesdata1, $ghashdata1
+ vaesenclast $ghashdata2, $aesdata2, $ghashdata2
+ vaesenclast $ghashdata3, $aesdata3, $ghashdata3
+ vmovdqu8 $ghashdata0, 0*64($dst)
+ vmovdqu8 $ghashdata1, 1*64($dst)
+ vmovdqu8 $ghashdata2, 2*64($dst)
+ vmovdqu8 $ghashdata3, 3*64($dst)
+___
+}
+
+my $g_update_macro_expansion_count = 0;
+
+# void aes_gcm_{enc,dec}_update_vaes_avx512(const uint8_t *in, uint8_t *out,
+# size_t len, const AES_KEY *key,
+# const uint8_t ivec[16],
+# const u128 Htable[16],
+# uint8_t Xi[16]);
+#
+# This macro generates a GCM encryption or decryption update function with the
+# above prototype (with \enc selecting which one). The function computes the
+# next portion of the CTR keystream, XOR's it with |len| bytes from |in|, and
+# writes the resulting encrypted or decrypted data to |out|. It also updates
+# the GHASH accumulator |Xi| using the next |len| ciphertext bytes.
+#
+# |len| must be a multiple of 16, except on the last call where it can be any
+# length. The caller must do any buffering needed to ensure this. Both
+# in-place and out-of-place en/decryption are supported.
+#
+# |ivec| must give the current counter in big-endian format. This function
+# loads the counter from |ivec| and increments the loaded counter as needed, but
+# it does *not* store the updated counter back to |ivec|. The caller must
+# update |ivec| if any more data segments follow. Internally, only the low
+# 32-bit word of the counter is incremented, following the GCM standard.
+sub _aes_gcm_update {
+ my $local_label_suffix = "__func" . ++$g_update_macro_expansion_count;
+ my ($enc) = @_;
+ my $code = "";
+
+ # Function arguments
+ my ( $SRC, $DST, $DATALEN, $AESKEY, $BE_CTR_PTR, $HTABLE, $GHASH_ACC_PTR )
+ = $win64
+ ? ( @argregs[ 0 .. 3 ], "%rsi", "%rdi", "%r12" )
+ : ( @argregs[ 0 .. 5 ], "%r12" );
+
+ # Additional local variables.
+ # %rax, %k1, and %k2 are used as temporary registers. BE_CTR_PTR is
+ # also available as a temporary register after the counter is loaded.
+
+ # AES key length in bytes
+ my ( $AESKEYLEN, $AESKEYLEN64 ) = ( "%r10d", "%r10" );
+
+ # Pointer to the last AES round key for the chosen AES variant
+ my $RNDKEYLAST_PTR = "%r11";
+
+ # AESDATA[0-3] hold the counter blocks that are being encrypted by AES.
+ my ( $AESDATA0, $AESDATA0_XMM ) = ( "%zmm0", "%xmm0" );
+ my ( $AESDATA1, $AESDATA1_XMM ) = ( "%zmm1", "%xmm1" );
+ my ( $AESDATA2, $AESDATA2_XMM ) = ( "%zmm2", "%xmm2" );
+ my ( $AESDATA3, $AESDATA3_XMM ) = ( "%zmm3", "%xmm3" );
+ my @AESDATA = ( $AESDATA0, $AESDATA1, $AESDATA2, $AESDATA3 );
+
+ # GHASHDATA[0-3] hold the ciphertext blocks and GHASH input data.
+ my ( $GHASHDATA0, $GHASHDATA0_XMM ) = ( "%zmm4", "%xmm4" );
+ my ( $GHASHDATA1, $GHASHDATA1_XMM ) = ( "%zmm5", "%xmm5" );
+ my ( $GHASHDATA2, $GHASHDATA2_XMM ) = ( "%zmm6", "%xmm6" );
+ my ( $GHASHDATA3, $GHASHDATA3_XMM ) = ( "%zmm7", "%xmm7" );
+ my @GHASHDATA = ( $GHASHDATA0, $GHASHDATA1, $GHASHDATA2, $GHASHDATA3 );
+ my @GHASHDATA_XMM =
+ ( $GHASHDATA0_XMM, $GHASHDATA1_XMM, $GHASHDATA2_XMM, $GHASHDATA3_XMM );
+
+ # BSWAP_MASK is the shuffle mask for byte-reflecting 128-bit values
+ # using vpshufb, copied to all 128-bit lanes.
+ my ( $BSWAP_MASK, $BSWAP_MASK_XMM ) = ( "%zmm8", "%xmm8" );
+
+ # RNDKEY temporarily holds the next AES round key.
+ my $RNDKEY = "%zmm9";
+
+ # GHASH_ACC is the accumulator variable for GHASH. When fully reduced,
+ # only the lowest 128-bit lane can be nonzero. When not fully reduced,
+ # more than one lane may be used, and they need to be XOR'd together.
+ my ( $GHASH_ACC, $GHASH_ACC_XMM ) = ( "%zmm10", "%xmm10" );
+
+ # LE_CTR_INC is the vector of 32-bit words that need to be added to a
+ # vector of little-endian counter blocks to advance it forwards.
+ my $LE_CTR_INC = "%zmm11";
+
+ # LE_CTR contains the next set of little-endian counter blocks.
+ my $LE_CTR = "%zmm12";
+
+ # RNDKEY0, RNDKEYLAST, and RNDKEY_M[9-1] contain cached AES round keys,
+ # copied to all 128-bit lanes. RNDKEY0 is the zero-th round key,
+ # RNDKEYLAST the last, and RNDKEY_M\i the one \i-th from the last.
+ my (
+ $RNDKEY0, $RNDKEYLAST, $RNDKEY_M9, $RNDKEY_M8,
+ $RNDKEY_M7, $RNDKEY_M6, $RNDKEY_M5, $RNDKEY_M4,
+ $RNDKEY_M3, $RNDKEY_M2, $RNDKEY_M1
+ )
+ = (
+ "%zmm13", "%zmm14", "%zmm15", "%zmm16", "%zmm17", "%zmm18",
+ "%zmm19", "%zmm20", "%zmm21", "%zmm22", "%zmm23"
+ );
+
+ # GHASHTMP[0-2] are temporary variables used by _ghash_step_4x. These
+ # cannot coincide with anything used for AES encryption, since for
+ # performance reasons GHASH and AES encryption are interleaved.
+ my ( $GHASHTMP0, $GHASHTMP1, $GHASHTMP2 ) =
+ ( "%zmm24", "%zmm25", "%zmm26" );
+
+ # H_POW[4-1] contain the powers of the hash key H^16...H^1. The descending
+ # numbering reflects the order of the key powers.
+ my ( $H_POW4, $H_POW3, $H_POW2, $H_POW1 ) =
+ ( "%zmm27", "%zmm28", "%zmm29", "%zmm30" );
+
+ # GFPOLY contains the .Lgfpoly constant, copied to all 128-bit lanes.
+ my $GFPOLY = "%zmm31";
+
+ my @ghash_4x_args = (
+ $BSWAP_MASK, @GHASHDATA, @GHASHDATA_XMM, $H_POW4,
+ $H_POW3, $H_POW2, $H_POW1, $GFPOLY,
+ $GHASHTMP0, $GHASHTMP1, $GHASHTMP2, $GHASH_ACC,
+ $GHASH_ACC_XMM
+ );
+
+ if ($win64) {
+ $code .= <<___;
+ @{[ _save_gpregs $BE_CTR_PTR, $HTABLE, $GHASH_ACC_PTR ]}
+ mov 64(%rsp), $BE_CTR_PTR # arg5
+ mov 72(%rsp), $HTABLE # arg6
+ mov 80(%rsp), $GHASH_ACC_PTR # arg7
+ @{[ _save_xmmregs (6 .. 15) ]}
+ .seh_endprologue
+___
+ }
+ else {
+ $code .= <<___;
+ @{[ _save_gpregs $GHASH_ACC_PTR ]}
+ mov 16(%rsp), $GHASH_ACC_PTR # arg7
+___
+ }
+
+ if ($enc) {
+ $code .= <<___;
+#ifdef BORINGSSL_DISPATCH_TEST
+ .extern BORINGSSL_function_hit
+ movb \$1,BORINGSSL_function_hit+7(%rip)
+#endif
+___
+ }
+ $code .= <<___;
+ # Load some constants.
+ vbroadcasti32x4 .Lbswap_mask(%rip), $BSWAP_MASK
+ vbroadcasti32x4 .Lgfpoly(%rip), $GFPOLY
+
+ # Load the GHASH accumulator and the starting counter.
+ # BoringSSL passes these values in big endian format.
+ vmovdqu ($GHASH_ACC_PTR), $GHASH_ACC_XMM
+ vpshufb $BSWAP_MASK_XMM, $GHASH_ACC_XMM, $GHASH_ACC_XMM
+ vbroadcasti32x4 ($BE_CTR_PTR), $LE_CTR
+ vpshufb $BSWAP_MASK, $LE_CTR, $LE_CTR
+
+ # Load the AES key length in bytes. BoringSSL stores number of rounds
+ # minus 1, so convert using: AESKEYLEN = 4 * aeskey->rounds - 20.
+ movl $OFFSETOF_AES_ROUNDS($AESKEY), $AESKEYLEN
+ lea -20(,$AESKEYLEN,4), $AESKEYLEN
+
+ # Make RNDKEYLAST_PTR point to the last AES round key. This is the
+ # round key with index 10, 12, or 14 for AES-128, AES-192, or AES-256
+ # respectively. Then load the zero-th and last round keys.
+ lea 6*16($AESKEY,$AESKEYLEN64,4), $RNDKEYLAST_PTR
+ vbroadcasti32x4 ($AESKEY), $RNDKEY0
+ vbroadcasti32x4 ($RNDKEYLAST_PTR), $RNDKEYLAST
+
+ # Finish initializing LE_CTR by adding [0, 1, 2, 3] to its low words.
+ vpaddd .Lctr_pattern(%rip), $LE_CTR, $LE_CTR
+
+ # Load 4 into all 128-bit lanes of LE_CTR_INC.
+ vbroadcasti32x4 .Linc_4blocks(%rip), $LE_CTR_INC
+
+ # If there are at least 256 bytes of data, then continue into the loop
+ # that processes 256 bytes of data at a time. Otherwise skip it.
+ cmp \$256, $DATALEN
+ jb .Lcrypt_loop_4x_done$local_label_suffix
+
+ # Load powers of the hash key.
+ vmovdqu8 $OFFSETOFEND_H_POWERS-4*64($HTABLE), $H_POW4
+ vmovdqu8 $OFFSETOFEND_H_POWERS-3*64($HTABLE), $H_POW3
+ vmovdqu8 $OFFSETOFEND_H_POWERS-2*64($HTABLE), $H_POW2
+ vmovdqu8 $OFFSETOFEND_H_POWERS-1*64($HTABLE), $H_POW1
+___
+
+ # Main loop: en/decrypt and hash 4 vectors at a time.
+ #
+ # When possible, interleave the AES encryption of the counter blocks
+ # with the GHASH update of the ciphertext blocks. This improves
+ # performance on many CPUs because the execution ports used by the VAES
+ # instructions often differ from those used by vpclmulqdq and other
+ # instructions used in GHASH. For example, many Intel CPUs dispatch
+ # vaesenc to ports 0 and 1 and vpclmulqdq to port 5.
+ #
+ # The interleaving is easiest to do during decryption, since during
+ # decryption the ciphertext blocks are immediately available. For
+ # encryption, instead encrypt the first set of blocks, then hash those
+ # blocks while encrypting the next set of blocks, repeat that as
+ # needed, and finally hash the last set of blocks.
+
+ if ($enc) {
+ $code .= <<___;
+ # Encrypt the first 4 vectors of plaintext blocks. Leave the resulting
+ # ciphertext in GHASHDATA[0-3] for GHASH.
+ @{[ _ctr_begin_4x $LE_CTR, $LE_CTR_INC, $BSWAP_MASK, $RNDKEY0, @AESDATA ]}
+ lea 16($AESKEY), %rax
+.Lvaesenc_loop_first_4_vecs$local_label_suffix:
+ vbroadcasti32x4 (%rax), $RNDKEY
+ @{[ _vaesenc_4x $RNDKEY, @AESDATA ]}
+ add \$16, %rax
+ cmp %rax, $RNDKEYLAST_PTR
+ jne .Lvaesenc_loop_first_4_vecs$local_label_suffix
+ @{[ _aesenclast_and_xor_4x $SRC, $DST, $RNDKEYLAST, @AESDATA, @GHASHDATA ]}
+ add \$256, $SRC
+ add \$256, $DST
+ sub \$256, $DATALEN
+ cmp \$256, $DATALEN
+ jb .Lghash_last_ciphertext_4x$local_label_suffix
+___
+ }
+
+ $code .= <<___;
+ # Cache as many additional AES round keys as possible.
+ vbroadcasti32x4 -9*16($RNDKEYLAST_PTR), $RNDKEY_M9
+ vbroadcasti32x4 -8*16($RNDKEYLAST_PTR), $RNDKEY_M8
+ vbroadcasti32x4 -7*16($RNDKEYLAST_PTR), $RNDKEY_M7
+ vbroadcasti32x4 -6*16($RNDKEYLAST_PTR), $RNDKEY_M6
+ vbroadcasti32x4 -5*16($RNDKEYLAST_PTR), $RNDKEY_M5
+ vbroadcasti32x4 -4*16($RNDKEYLAST_PTR), $RNDKEY_M4
+ vbroadcasti32x4 -3*16($RNDKEYLAST_PTR), $RNDKEY_M3
+ vbroadcasti32x4 -2*16($RNDKEYLAST_PTR), $RNDKEY_M2
+ vbroadcasti32x4 -1*16($RNDKEYLAST_PTR), $RNDKEY_M1
+
+.Lcrypt_loop_4x$local_label_suffix:
+___
+
+ # If decrypting, load more ciphertext blocks into GHASHDATA[0-3]. If
+ # encrypting, GHASHDATA[0-3] already contain the previous ciphertext.
+ if ( !$enc ) {
+ $code .= <<___;
+ vmovdqu8 0*64($SRC), $GHASHDATA0
+ vmovdqu8 1*64($SRC), $GHASHDATA1
+ vmovdqu8 2*64($SRC), $GHASHDATA2
+ vmovdqu8 3*64($SRC), $GHASHDATA3
+___
+ }
+
+ $code .= <<___;
+ # Start the AES encryption of the counter blocks.
+ @{[ _ctr_begin_4x $LE_CTR, $LE_CTR_INC, $BSWAP_MASK, $RNDKEY0, @AESDATA ]}
+ cmp \$24, $AESKEYLEN
+ jl .Laes128$local_label_suffix
+ je .Laes192$local_label_suffix
+ # AES-256
+ vbroadcasti32x4 -13*16($RNDKEYLAST_PTR), $RNDKEY
+ @{[ _vaesenc_4x $RNDKEY, @AESDATA ]}
+ vbroadcasti32x4 -12*16($RNDKEYLAST_PTR), $RNDKEY
+ @{[ _vaesenc_4x $RNDKEY, @AESDATA ]}
+.Laes192$local_label_suffix:
+ vbroadcasti32x4 -11*16($RNDKEYLAST_PTR), $RNDKEY
+ @{[ _vaesenc_4x $RNDKEY, @AESDATA ]}
+ vbroadcasti32x4 -10*16($RNDKEYLAST_PTR), $RNDKEY
+ @{[ _vaesenc_4x $RNDKEY, @AESDATA ]}
+.Laes128$local_label_suffix:
+
+ # Prefetch the source data 512 bytes ahead into the L1 data cache, to
+ # improve performance when the hardware prefetcher is disabled. Assumes the
+ # L1 data cache line size is 64 bytes (de facto standard on x86_64).
+ prefetcht0 512+0*64($SRC)
+ prefetcht0 512+1*64($SRC)
+ prefetcht0 512+2*64($SRC)
+ prefetcht0 512+3*64($SRC)
+
+ # Finish the AES encryption of the counter blocks in AESDATA[0-3],
+ # interleaved with the GHASH update of the ciphertext blocks in
+ # GHASHDATA[0-3].
+ @{[ _ghash_step_4x 0, @ghash_4x_args ]}
+ @{[ _vaesenc_4x $RNDKEY_M9, @AESDATA ]}
+ @{[ _ghash_step_4x 1, @ghash_4x_args ]}
+ @{[ _vaesenc_4x $RNDKEY_M8, @AESDATA ]}
+ @{[ _ghash_step_4x 2, @ghash_4x_args ]}
+ @{[ _vaesenc_4x $RNDKEY_M7, @AESDATA ]}
+ @{[ _ghash_step_4x 3, @ghash_4x_args ]}
+ @{[ _vaesenc_4x $RNDKEY_M6, @AESDATA ]}
+ @{[ _ghash_step_4x 4, @ghash_4x_args ]}
+ @{[ _vaesenc_4x $RNDKEY_M5, @AESDATA ]}
+ @{[ _ghash_step_4x 5, @ghash_4x_args ]}
+ @{[ _vaesenc_4x $RNDKEY_M4, @AESDATA ]}
+ @{[ _ghash_step_4x 6, @ghash_4x_args ]}
+ @{[ _vaesenc_4x $RNDKEY_M3, @AESDATA ]}
+ @{[ _ghash_step_4x 7, @ghash_4x_args ]}
+ @{[ _vaesenc_4x $RNDKEY_M2, @AESDATA ]}
+ @{[ _ghash_step_4x 8, @ghash_4x_args ]}
+ @{[ _vaesenc_4x $RNDKEY_M1, @AESDATA ]}
+
+ @{[ _ghash_step_4x 9, @ghash_4x_args ]}
+ @{[ _aesenclast_and_xor_4x $SRC, $DST, $RNDKEYLAST, @AESDATA, @GHASHDATA ]}
+ add \$256, $SRC
+ add \$256, $DST
+ sub \$256, $DATALEN
+ cmp \$256, $DATALEN
+ jae .Lcrypt_loop_4x$local_label_suffix
+___
+
+ if ($enc) {
+
+ # Update GHASH with the last set of ciphertext blocks.
+ $code .= <<___;
+.Lghash_last_ciphertext_4x$local_label_suffix:
+ @{[ _ghash_4x @ghash_4x_args ]}
+___
+ }
+
+ my $POWERS_PTR = $BE_CTR_PTR; # BE_CTR_PTR is free to be reused.
+
+ $code .= <<___;
+.Lcrypt_loop_4x_done$local_label_suffix:
+ # Check whether any data remains.
+ test $DATALEN, $DATALEN
+ jz .Ldone$local_label_suffix
+
+ # The data length isn't a multiple of 256 bytes. Process the remaining
+ # data of length 1 <= DATALEN < 256, up to one 64-byte vector at a time.
+ # Going one vector at a time may seem inefficient compared to having
+ # separate code paths for each possible number of vectors remaining.
+ # However, using a loop keeps the code size down, and it performs
+ # surprising well; modern CPUs will start executing the next iteration
+ # before the previous one finishes and also predict the number of loop
+ # iterations. For a similar reason, we roll up the AES rounds.
+ #
+ # On the last iteration, the remaining length may be less than 64 bytes.
+ # Handle this using masking.
+ #
+ # Since there are enough key powers available for all remaining data,
+ # there is no need to do a GHASH reduction after each iteration.
+ # Instead, multiply each remaining block by its own key power, and only
+ # do a GHASH reduction at the very end.
+
+ # Make POWERS_PTR point to the key powers [H^N, H^(N-1), ...] where N
+ # is the number of blocks that remain.
+ mov $DATALEN, %rax
+ neg %rax
+ and \$-16, %rax # -round_up(DATALEN, 16)
+ lea $OFFSETOFEND_H_POWERS($HTABLE,%rax), $POWERS_PTR
+___
+
+ # Start collecting the unreduced GHASH intermediate value LO, MI, HI.
+ my ( $LO, $LO_XMM ) = ( $GHASHDATA0, $GHASHDATA0_XMM );
+ my ( $MI, $MI_XMM ) = ( $GHASHDATA1, $GHASHDATA1_XMM );
+ my ( $HI, $HI_XMM ) = ( $GHASHDATA2, $GHASHDATA2_XMM );
+ $code .= <<___;
+ vpxor $LO_XMM, $LO_XMM, $LO_XMM
+ vpxor $MI_XMM, $MI_XMM, $MI_XMM
+ vpxor $HI_XMM, $HI_XMM, $HI_XMM
+
+ cmp \$64, $DATALEN
+ jb .Lpartial_vec$local_label_suffix
+
+.Lcrypt_loop_1x$local_label_suffix:
+ # Process a full 64-byte vector.
+
+ # Encrypt a vector of counter blocks.
+ vpshufb $BSWAP_MASK, $LE_CTR, $AESDATA0
+ vpaddd $LE_CTR_INC, $LE_CTR, $LE_CTR
+ vpxord $RNDKEY0, $AESDATA0, $AESDATA0
+ lea 16($AESKEY), %rax
+.Lvaesenc_loop_tail_full_vec$local_label_suffix:
+ vbroadcasti32x4 (%rax), $RNDKEY
+ vaesenc $RNDKEY, $AESDATA0, $AESDATA0
+ add \$16, %rax
+ cmp %rax, $RNDKEYLAST_PTR
+ jne .Lvaesenc_loop_tail_full_vec$local_label_suffix
+ vaesenclast $RNDKEYLAST, $AESDATA0, $AESDATA0
+
+ # XOR the data with the vector of keystream blocks.
+ vmovdqu8 ($SRC), $AESDATA1
+ vpxord $AESDATA1, $AESDATA0, $AESDATA0
+ vmovdqu8 $AESDATA0, ($DST)
+
+ # Update GHASH with the ciphertext blocks, without reducing.
+ vmovdqu8 ($POWERS_PTR), $H_POW1
+ vpshufb $BSWAP_MASK, @{[ $enc ? $AESDATA0 : $AESDATA1 ]}, $AESDATA0
+ vpxord $GHASH_ACC, $AESDATA0, $AESDATA0
+ @{[ _ghash_mul_noreduce $H_POW1, $AESDATA0, $LO, $MI, $HI,
+ $GHASHDATA3, $AESDATA1, $AESDATA2, $AESDATA3 ]}
+ vpxor $GHASH_ACC_XMM, $GHASH_ACC_XMM, $GHASH_ACC_XMM
+
+ add \$64, $POWERS_PTR
+ add \$64, $SRC
+ add \$64, $DST
+ sub \$64, $DATALEN
+ cmp \$64, $DATALEN
+ jae .Lcrypt_loop_1x$local_label_suffix
+
+ test $DATALEN, $DATALEN
+ jz .Lreduce$local_label_suffix
+
+.Lpartial_vec$local_label_suffix:
+ # Process a partial vector of length 1 <= DATALEN < 64.
+
+ # Set the data mask %k1 to DATALEN 1's.
+ # Set the key powers mask %k2 to round_up(DATALEN, 16) 1's.
+ mov \$-1, %rax
+ bzhi $DATALEN, %rax, %rax
+ kmovq %rax, %k1
+ add \$15, $DATALEN
+ and \$-16, $DATALEN
+ mov \$-1, %rax
+ bzhi $DATALEN, %rax, %rax
+ kmovq %rax, %k2
+
+ # Encrypt one last vector of counter blocks. This does not need to be
+ # masked. The counter does not need to be incremented here.
+ vpshufb $BSWAP_MASK, $LE_CTR, $AESDATA0
+ vpxord $RNDKEY0, $AESDATA0, $AESDATA0
+ lea 16($AESKEY), %rax
+.Lvaesenc_loop_tail_partialvec$local_label_suffix:
+ vbroadcasti32x4 (%rax), $RNDKEY
+ vaesenc $RNDKEY, $AESDATA0, $AESDATA0
+ add \$16, %rax
+ cmp %rax, $RNDKEYLAST_PTR
+ jne .Lvaesenc_loop_tail_partialvec$local_label_suffix
+ vaesenclast $RNDKEYLAST, $AESDATA0, $AESDATA0
+
+ # XOR the data with the appropriate number of keystream bytes.
+ vmovdqu8 ($SRC), $AESDATA1\{%k1}{z}
+ vpxord $AESDATA1, $AESDATA0, $AESDATA0
+ vmovdqu8 $AESDATA0, ($DST){%k1}
+
+ # Update GHASH with the ciphertext block(s), without reducing.
+ #
+ # In the case of DATALEN < 64, the ciphertext is zero-padded to 64
+ # bytes. (If decrypting, it's done by the above masked load. If
+ # encrypting, it's done by the below masked register-to-register move.)
+ # Note that if DATALEN <= 48, there will be additional padding beyond
+ # the padding of the last block specified by GHASH itself; i.e., there
+ # may be whole block(s) that get processed by the GHASH multiplication
+ # and reduction instructions but should not actually be included in the
+ # GHASH. However, any such blocks are all-zeroes, and the values that
+ # they're multiplied with are also all-zeroes. Therefore they just add
+ # 0 * 0 = 0 to the final GHASH result, which makes no difference.
+ vmovdqu8 ($POWERS_PTR), $H_POW1\{%k2}{z}
+ @{[ $enc ? "vmovdqu8 $AESDATA0, $AESDATA1\{%k1}{z}" : "" ]}
+ vpshufb $BSWAP_MASK, $AESDATA1, $AESDATA0
+ vpxord $GHASH_ACC, $AESDATA0, $AESDATA0
+ @{[ _ghash_mul_noreduce $H_POW1, $AESDATA0, $LO, $MI, $HI,
+ $GHASHDATA3, $AESDATA1, $AESDATA2, $AESDATA3 ]}
+
+.Lreduce$local_label_suffix:
+ # Finally, do the GHASH reduction.
+ @{[ _ghash_reduce $LO, $MI, $HI, $GFPOLY, $AESDATA0 ]}
+ @{[ _horizontal_xor $HI, $HI_XMM, $GHASH_ACC_XMM,
+ $AESDATA0_XMM, $AESDATA1_XMM, $AESDATA2_XMM ]}
+
+.Ldone$local_label_suffix:
+ # Store the updated GHASH accumulator back to memory.
+ vpshufb $BSWAP_MASK_XMM, $GHASH_ACC_XMM, $GHASH_ACC_XMM
+ vmovdqu $GHASH_ACC_XMM, ($GHASH_ACC_PTR)
+
+ vzeroupper # This is needed after using ymm or zmm registers.
+___
+ return $code;
+}
+
+$code .= _begin_func "aes_gcm_enc_update_vaes_avx512", 1;
+$code .= _aes_gcm_update 1;
+$code .= _end_func;
+
+$code .= _begin_func "aes_gcm_dec_update_vaes_avx512", 1;
+$code .= _aes_gcm_update 0;
+$code .= _end_func;
+
+print $code;
+close STDOUT or die "error closing STDOUT: $!";
+exit 0;
diff --git a/src/crypto/fipsmodule/aes/asm/aesni-x86_64.pl b/src/crypto/fipsmodule/aes/asm/aesni-x86_64.pl
index 08df44e..930ae14 100644
--- a/src/crypto/fipsmodule/aes/asm/aesni-x86_64.pl
+++ b/src/crypto/fipsmodule/aes/asm/aesni-x86_64.pl
@@ -3983,64 +3983,7 @@
___
}
-sub rex {
- local *opcode=shift;
- my ($dst,$src)=@_;
- my $rex=0;
-
- $rex|=0x04 if($dst>=8);
- $rex|=0x01 if($src>=8);
- push @opcode,$rex|0x40 if($rex);
-}
-
-sub aesni {
- my $line=shift;
- my @opcode=(0x66);
-
- if ($line=~/(aeskeygenassist)\s+\$([x0-9a-f]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
- rex(\@opcode,$4,$3);
- push @opcode,0x0f,0x3a,0xdf;
- push @opcode,0xc0|($3&7)|(($4&7)<<3); # ModR/M
- my $c=$2;
- push @opcode,$c=~/^0/?oct($c):$c;
- return ".byte\t".join(',',@opcode);
- }
- elsif ($line=~/(aes[a-z]+)\s+%xmm([0-9]+),\s*%xmm([0-9]+)/) {
- my %opcodelet = (
- "aesimc" => 0xdb,
- "aesenc" => 0xdc, "aesenclast" => 0xdd,
- "aesdec" => 0xde, "aesdeclast" => 0xdf
- );
- return undef if (!defined($opcodelet{$1}));
- rex(\@opcode,$3,$2);
- push @opcode,0x0f,0x38,$opcodelet{$1};
- push @opcode,0xc0|($2&7)|(($3&7)<<3); # ModR/M
- return ".byte\t".join(',',@opcode);
- }
- elsif ($line=~/(aes[a-z]+)\s+([0x1-9a-fA-F]*)\(%rsp\),\s*%xmm([0-9]+)/) {
- my %opcodelet = (
- "aesenc" => 0xdc, "aesenclast" => 0xdd,
- "aesdec" => 0xde, "aesdeclast" => 0xdf
- );
- return undef if (!defined($opcodelet{$1}));
- my $off = $2;
- push @opcode,0x44 if ($3>=8);
- push @opcode,0x0f,0x38,$opcodelet{$1};
- push @opcode,0x44|(($3&7)<<3),0x24; # ModR/M
- push @opcode,($off=~/^0/?oct($off):$off)&0xff;
- return ".byte\t".join(',',@opcode);
- }
- return $line;
-}
-
-sub movbe {
- ".byte 0x0f,0x38,0xf1,0x44,0x24,".shift;
-}
-
$code =~ s/\`([^\`]*)\`/eval($1)/gem;
-$code =~ s/\b(aes.*%xmm[0-9]+).*$/aesni($1)/gem;
-#$code =~ s/\bmovbe\s+%eax/bswap %eax; mov %eax/gm; # debugging artefact
-$code =~ s/\bmovbe\s+%eax,\s*([0-9]+)\(%rsp\)/movbe($1)/gem;
print $code;
diff --git a/src/crypto/fipsmodule/aes/gcm.cc.inc b/src/crypto/fipsmodule/aes/gcm.cc.inc
index c3c68f2..30855ee 100644
--- a/src/crypto/fipsmodule/aes/gcm.cc.inc
+++ b/src/crypto/fipsmodule/aes/gcm.cc.inc
@@ -109,9 +109,9 @@
aes_gcm_enc_update_vaes_avx2(in, out, len, key, ivec, Htable, Xi);
CRYPTO_store_u32_be(&ivec[12], CRYPTO_load_u32_be(&ivec[12]) + len / 16);
return len;
- case gcm_x86_vaes_avx10_512:
+ case gcm_x86_vaes_avx512:
len &= kSizeTWithoutLower4Bits;
- aes_gcm_enc_update_vaes_avx10_512(in, out, len, key, ivec, Htable, Xi);
+ aes_gcm_enc_update_vaes_avx512(in, out, len, key, ivec, Htable, Xi);
CRYPTO_store_u32_be(&ivec[12], CRYPTO_load_u32_be(&ivec[12]) + len / 16);
return len;
default:
@@ -129,9 +129,9 @@
aes_gcm_dec_update_vaes_avx2(in, out, len, key, ivec, Htable, Xi);
CRYPTO_store_u32_be(&ivec[12], CRYPTO_load_u32_be(&ivec[12]) + len / 16);
return len;
- case gcm_x86_vaes_avx10_512:
+ case gcm_x86_vaes_avx512:
len &= kSizeTWithoutLower4Bits;
- aes_gcm_dec_update_vaes_avx10_512(in, out, len, key, ivec, Htable, Xi);
+ aes_gcm_dec_update_vaes_avx512(in, out, len, key, ivec, Htable, Xi);
CRYPTO_store_u32_be(&ivec[12], CRYPTO_load_u32_be(&ivec[12]) + len / 16);
return len;
default:
@@ -179,9 +179,9 @@
if (CRYPTO_is_VPCLMULQDQ_capable() && CRYPTO_is_AVX2_capable()) {
if (CRYPTO_is_AVX512BW_capable() && CRYPTO_is_AVX512VL_capable() &&
CRYPTO_is_BMI2_capable() && !CRYPTO_cpu_avoid_zmm_registers()) {
- gcm_init_vpclmulqdq_avx10_512(out_table, H);
- *out_mult = gcm_gmult_vpclmulqdq_avx10;
- *out_hash = gcm_ghash_vpclmulqdq_avx10_512;
+ gcm_init_vpclmulqdq_avx512(out_table, H);
+ *out_mult = gcm_gmult_vpclmulqdq_avx512;
+ *out_hash = gcm_ghash_vpclmulqdq_avx512;
return;
}
gcm_init_vpclmulqdq_avx2(out_table, H);
@@ -266,9 +266,9 @@
#if !defined(OPENSSL_NO_ASM)
#if defined(OPENSSL_X86_64)
- if (gcm_key->ghash == gcm_ghash_vpclmulqdq_avx10_512 &&
+ if (gcm_key->ghash == gcm_ghash_vpclmulqdq_avx512 &&
CRYPTO_is_VAES_capable()) {
- gcm_key->impl = gcm_x86_vaes_avx10_512;
+ gcm_key->impl = gcm_x86_vaes_avx512;
} else if (gcm_key->ghash == gcm_ghash_vpclmulqdq_avx2 &&
CRYPTO_is_VAES_capable()) {
gcm_key->impl = gcm_x86_vaes_avx2;
@@ -596,7 +596,7 @@
#if defined(OPENSSL_X86) || defined(OPENSSL_X86_64)
int crypto_gcm_clmul_enabled(void) {
#if defined(GHASH_ASM_X86) || defined(GHASH_ASM_X86_64)
- return CRYPTO_is_FXSR_capable() && CRYPTO_is_PCLMUL_capable();
+ return CRYPTO_is_PCLMUL_capable() && CRYPTO_is_SSSE3_capable();
#else
return 0;
#endif
diff --git a/src/crypto/fipsmodule/aes/gcm_test.cc b/src/crypto/fipsmodule/aes/gcm_test.cc
index 5b8ce5e..4a40fad 100644
--- a/src/crypto/fipsmodule/aes/gcm_test.cc
+++ b/src/crypto/fipsmodule/aes/gcm_test.cc
@@ -111,26 +111,25 @@
static const uint8_t kKey[16] = {0};
uint8_t iv[16] = {0};
- CHECK_ABI_SEH(gcm_init_vpclmulqdq_avx10_512, Htable, kH);
- CHECK_ABI_SEH(gcm_gmult_vpclmulqdq_avx10, X, Htable);
+ CHECK_ABI_SEH(gcm_init_vpclmulqdq_avx512, Htable, kH);
+ CHECK_ABI_SEH(gcm_gmult_vpclmulqdq_avx512, X, Htable);
for (size_t blocks : kBlockCounts) {
- CHECK_ABI_SEH(gcm_ghash_vpclmulqdq_avx10_512, X, Htable, buf,
- 16 * blocks);
+ CHECK_ABI_SEH(gcm_ghash_vpclmulqdq_avx512, X, Htable, buf, 16 * blocks);
}
aes_hw_set_encrypt_key(kKey, 128, &aes_key);
for (size_t blocks : kBlockCounts) {
- CHECK_ABI_SEH(aes_gcm_enc_update_vaes_avx10_512, buf, buf, blocks * 16,
+ CHECK_ABI_SEH(aes_gcm_enc_update_vaes_avx512, buf, buf, blocks * 16,
&aes_key, iv, Htable, X);
- CHECK_ABI_SEH(aes_gcm_enc_update_vaes_avx10_512, buf, buf,
- blocks * 16 + 7, &aes_key, iv, Htable, X);
+ CHECK_ABI_SEH(aes_gcm_enc_update_vaes_avx512, buf, buf, blocks * 16 + 7,
+ &aes_key, iv, Htable, X);
}
aes_hw_set_decrypt_key(kKey, 128, &aes_key);
for (size_t blocks : kBlockCounts) {
- CHECK_ABI_SEH(aes_gcm_dec_update_vaes_avx10_512, buf, buf, blocks * 16,
+ CHECK_ABI_SEH(aes_gcm_dec_update_vaes_avx512, buf, buf, blocks * 16,
&aes_key, iv, Htable, X);
- CHECK_ABI_SEH(aes_gcm_dec_update_vaes_avx10_512, buf, buf,
- blocks * 16 + 7, &aes_key, iv, Htable, X);
+ CHECK_ABI_SEH(aes_gcm_dec_update_vaes_avx512, buf, buf, blocks * 16 + 7,
+ &aes_key, iv, Htable, X);
}
}
#endif // GHASH_ASM_X86_64
diff --git a/src/crypto/fipsmodule/aes/internal.h b/src/crypto/fipsmodule/aes/internal.h
index 7bf28b9..23766fe 100644
--- a/src/crypto/fipsmodule/aes/internal.h
+++ b/src/crypto/fipsmodule/aes/internal.h
@@ -12,13 +12,12 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_AES_INTERNAL_H
-#define OPENSSL_HEADER_AES_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_FIPSMODULE_AES_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_FIPSMODULE_AES_INTERNAL_H
#include <stdlib.h>
-#include <openssl/aes.h>
-
+#include "../bcm_interface.h"
#include "../../internal.h"
extern "C" {
@@ -29,7 +28,7 @@
// Unlike upstream OpenSSL, it and the other functions in this file hard-code
// |AES_KEY|. It is undefined in C to call a function pointer with anything
// other than the original type. Thus we either must match |block128_f| to the
-// type signature of |AES_encrypt| and friends or pass in |void*| wrapper
+// type signature of |BCM_aes_encrypt| and friends or pass in |void*| wrapper
// functions.
//
// These functions are called exclusively with AES, so we use the former.
@@ -314,7 +313,7 @@
gcm_separate = 0, // No combined AES-GCM, but may have AES-CTR and GHASH.
gcm_x86_aesni,
gcm_x86_vaes_avx2,
- gcm_x86_vaes_avx10_512,
+ gcm_x86_vaes_avx512,
gcm_arm64_aes,
};
@@ -455,18 +454,16 @@
const AES_KEY *key, const uint8_t ivec[16],
const u128 Htable[16], uint8_t Xi[16]);
-void gcm_init_vpclmulqdq_avx10_512(u128 Htable[16], const uint64_t H[2]);
-void gcm_gmult_vpclmulqdq_avx10(uint8_t Xi[16], const u128 Htable[16]);
-void gcm_ghash_vpclmulqdq_avx10_512(uint8_t Xi[16], const u128 Htable[16],
- const uint8_t *in, size_t len);
-void aes_gcm_enc_update_vaes_avx10_512(const uint8_t *in, uint8_t *out,
- size_t len, const AES_KEY *key,
- const uint8_t ivec[16],
- const u128 Htable[16], uint8_t Xi[16]);
-void aes_gcm_dec_update_vaes_avx10_512(const uint8_t *in, uint8_t *out,
- size_t len, const AES_KEY *key,
- const uint8_t ivec[16],
- const u128 Htable[16], uint8_t Xi[16]);
+void gcm_init_vpclmulqdq_avx512(u128 Htable[16], const uint64_t H[2]);
+void gcm_gmult_vpclmulqdq_avx512(uint8_t Xi[16], const u128 Htable[16]);
+void gcm_ghash_vpclmulqdq_avx512(uint8_t Xi[16], const u128 Htable[16],
+ const uint8_t *in, size_t len);
+void aes_gcm_enc_update_vaes_avx512(const uint8_t *in, uint8_t *out, size_t len,
+ const AES_KEY *key, const uint8_t ivec[16],
+ const u128 Htable[16], uint8_t Xi[16]);
+void aes_gcm_dec_update_vaes_avx512(const uint8_t *in, uint8_t *out, size_t len,
+ const AES_KEY *key, const uint8_t ivec[16],
+ const u128 Htable[16], uint8_t Xi[16]);
#endif // OPENSSL_X86_64
@@ -572,32 +569,6 @@
block128_f block);
-// POLYVAL.
-//
-// POLYVAL is a polynomial authenticator that operates over a field very
-// similar to the one that GHASH uses. See
-// https://www.rfc-editor.org/rfc/rfc8452.html#section-3.
-
-struct polyval_ctx {
- uint8_t S[16];
- u128 Htable[16];
- gmult_func gmult;
- ghash_func ghash;
-};
-
-// CRYPTO_POLYVAL_init initialises |ctx| using |key|.
-void CRYPTO_POLYVAL_init(struct polyval_ctx *ctx, const uint8_t key[16]);
-
-// CRYPTO_POLYVAL_update_blocks updates the accumulator in |ctx| given the
-// blocks from |in|. Only a whole number of blocks can be processed so |in_len|
-// must be a multiple of 16.
-void CRYPTO_POLYVAL_update_blocks(struct polyval_ctx *ctx, const uint8_t *in,
- size_t in_len);
-
-// CRYPTO_POLYVAL_finish writes the accumulator from |ctx| to |out|.
-void CRYPTO_POLYVAL_finish(const struct polyval_ctx *ctx, uint8_t out[16]);
-
-
} // extern C
-#endif // OPENSSL_HEADER_AES_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_FIPSMODULE_AES_INTERNAL_H
diff --git a/src/crypto/fipsmodule/aes/key_wrap.cc.inc b/src/crypto/fipsmodule/aes/key_wrap.cc.inc
index 99c2450..ad1c314 100644
--- a/src/crypto/fipsmodule/aes/key_wrap.cc.inc
+++ b/src/crypto/fipsmodule/aes/key_wrap.cc.inc
@@ -20,6 +20,7 @@
#include <openssl/mem.h>
+#include "../bcm_interface.h"
#include "../../internal.h"
#include "../service_indicator/internal.h"
@@ -53,7 +54,7 @@
for (unsigned j = 0; j < kBound; j++) {
for (size_t i = 1; i <= n; i++) {
OPENSSL_memcpy(A + 8, out + 8 * i, 8);
- AES_encrypt(A, A, key);
+ BCM_aes_encrypt(A, A, key);
uint32_t t = (uint32_t)(n * j + i);
A[7] ^= t & 0xff;
@@ -96,7 +97,7 @@
A[5] ^= (t >> 16) & 0xff;
A[4] ^= (t >> 24) & 0xff;
OPENSSL_memcpy(A + 8, out + 8 * (i - 1), 8);
- AES_decrypt(A, A, key);
+ BCM_aes_decrypt(A, A, key);
OPENSSL_memcpy(out + 8 * (i - 1), A + 8, 8);
}
}
@@ -145,7 +146,7 @@
if (in_len <= 8) {
memset(block + 8, 0, 8);
memcpy(block + 8, in, in_len);
- AES_encrypt(block, out, key);
+ BCM_aes_encrypt(block, out, key);
*out_len = AES_BLOCK_SIZE;
return 1;
}
@@ -179,7 +180,7 @@
uint8_t iv[8];
if (in_len == AES_BLOCK_SIZE) {
uint8_t block[AES_BLOCK_SIZE];
- AES_decrypt(in, block, key);
+ BCM_aes_decrypt(in, block, key);
memcpy(iv, block, sizeof(iv));
memcpy(out, block + 8, 8);
} else if (!aes_unwrap_key_inner(key, out, iv, in, in_len)) {
diff --git a/src/crypto/fipsmodule/aes/mode_wrappers.cc.inc b/src/crypto/fipsmodule/aes/mode_wrappers.cc.inc
index be5fba9..fdbab94 100644
--- a/src/crypto/fipsmodule/aes/mode_wrappers.cc.inc
+++ b/src/crypto/fipsmodule/aes/mode_wrappers.cc.inc
@@ -19,6 +19,15 @@
#include "../aes/internal.h"
#include "../service_indicator/internal.h"
+namespace {
+void aes_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
+ BCM_aes_encrypt(in, out, key);
+}
+
+void aes_decrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
+ BCM_aes_decrypt(in, out, key);
+}
+}
void AES_ctr128_encrypt(const uint8_t *in, uint8_t *out, size_t len,
const AES_KEY *key, uint8_t ivec[AES_BLOCK_SIZE],
@@ -45,9 +54,9 @@
assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
if (AES_ENCRYPT == enc) {
- AES_encrypt(in, out, key);
+ BCM_aes_encrypt(in, out, key);
} else {
- AES_decrypt(in, out, key);
+ BCM_aes_decrypt(in, out, key);
}
FIPS_service_indicator_update_state();
@@ -60,9 +69,9 @@
} else if (!vpaes_capable()) {
aes_nohw_cbc_encrypt(in, out, len, key, ivec, enc);
} else if (enc) {
- CRYPTO_cbc128_encrypt(in, out, len, key, ivec, AES_encrypt);
+ CRYPTO_cbc128_encrypt(in, out, len, key, ivec, aes_encrypt);
} else {
- CRYPTO_cbc128_decrypt(in, out, len, key, ivec, AES_decrypt);
+ CRYPTO_cbc128_decrypt(in, out, len, key, ivec, aes_decrypt);
}
FIPS_service_indicator_update_state();
@@ -71,7 +80,7 @@
void AES_ofb128_encrypt(const uint8_t *in, uint8_t *out, size_t length,
const AES_KEY *key, uint8_t *ivec, int *num) {
unsigned num_u = (unsigned)(*num);
- CRYPTO_ofb128_encrypt(in, out, length, key, ivec, &num_u, AES_encrypt);
+ CRYPTO_ofb128_encrypt(in, out, length, key, ivec, &num_u, aes_encrypt);
*num = (int)num_u;
}
@@ -79,6 +88,6 @@
const AES_KEY *key, uint8_t *ivec, int *num,
int enc) {
unsigned num_u = (unsigned)(*num);
- CRYPTO_cfb128_encrypt(in, out, length, key, ivec, &num_u, enc, AES_encrypt);
+ CRYPTO_cfb128_encrypt(in, out, length, key, ivec, &num_u, enc, aes_encrypt);
*num = (int)num_u;
}
diff --git a/src/crypto/fipsmodule/aes/polyval.cc.inc b/src/crypto/fipsmodule/aes/polyval.cc.inc
deleted file mode 100644
index c824cee..0000000
--- a/src/crypto/fipsmodule/aes/polyval.cc.inc
+++ /dev/null
@@ -1,89 +0,0 @@
-// Copyright 2016 The BoringSSL Authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// https://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-#include <openssl/base.h>
-
-#include <assert.h>
-#include <string.h>
-
-#include "internal.h"
-#include "../../internal.h"
-
-
-// byte_reverse reverses the order of the bytes in |b->c|.
-static void byte_reverse(uint8_t b[16]) {
- uint64_t hi = CRYPTO_load_u64_le(b);
- uint64_t lo = CRYPTO_load_u64_le(b + 8);
- CRYPTO_store_u64_le(b, CRYPTO_bswap8(lo));
- CRYPTO_store_u64_le(b + 8, CRYPTO_bswap8(hi));
-}
-
-// reverse_and_mulX_ghash interprets |b| as a reversed element of the GHASH
-// field, multiplies that by 'x' and serialises the result back into |b|, but
-// with GHASH's backwards bit ordering.
-static void reverse_and_mulX_ghash(uint8_t b[16]) {
- uint64_t hi = CRYPTO_load_u64_le(b);
- uint64_t lo = CRYPTO_load_u64_le(b + 8);
- const crypto_word_t carry = constant_time_eq_w(hi & 1, 1);
- hi >>= 1;
- hi |= lo << 63;
- lo >>= 1;
- lo ^= ((uint64_t) constant_time_select_w(carry, 0xe1, 0)) << 56;
-
- CRYPTO_store_u64_le(b, CRYPTO_bswap8(lo));
- CRYPTO_store_u64_le(b + 8, CRYPTO_bswap8(hi));
-}
-
-// POLYVAL(H, X_1, ..., X_n) =
-// ByteReverse(GHASH(mulX_GHASH(ByteReverse(H)), ByteReverse(X_1), ...,
-// ByteReverse(X_n))).
-//
-// See https://www.rfc-editor.org/rfc/rfc8452.html#appendix-A.
-
-void CRYPTO_POLYVAL_init(struct polyval_ctx *ctx, const uint8_t key[16]) {
- alignas(8) uint8_t H[16];
- OPENSSL_memcpy(H, key, 16);
- reverse_and_mulX_ghash(H);
-
- CRYPTO_ghash_init(&ctx->gmult, &ctx->ghash, ctx->Htable, H);
- OPENSSL_memset(&ctx->S, 0, sizeof(ctx->S));
-}
-
-void CRYPTO_POLYVAL_update_blocks(struct polyval_ctx *ctx, const uint8_t *in,
- size_t in_len) {
- assert((in_len & 15) == 0);
- alignas(8) uint8_t buf[32 * 16];
-
- while (in_len > 0) {
- size_t todo = in_len;
- if (todo > sizeof(buf)) {
- todo = sizeof(buf);
- }
- OPENSSL_memcpy(buf, in, todo);
- in += todo;
- in_len -= todo;
-
- size_t blocks = todo / 16;
- for (size_t i = 0; i < blocks; i++) {
- byte_reverse(buf + 16 * i);
- }
-
- ctx->ghash(ctx->S, ctx->Htable, buf, todo);
- }
-}
-
-void CRYPTO_POLYVAL_finish(const struct polyval_ctx *ctx, uint8_t out[16]) {
- OPENSSL_memcpy(out, &ctx->S, 16);
- byte_reverse(out);
-}
diff --git a/src/crypto/fipsmodule/bcm.cc b/src/crypto/fipsmodule/bcm.cc
index a23d312..e862014 100644
--- a/src/crypto/fipsmodule/bcm.cc
+++ b/src/crypto/fipsmodule/bcm.cc
@@ -44,7 +44,6 @@
#include "aes/key_wrap.cc.inc"
#include "aes/mode_wrappers.cc.inc"
#include "aes/ofb.cc.inc"
-#include "aes/polyval.cc.inc"
#include "bn/add.cc.inc"
#include "bn/asm/x86_64-gcc.cc.inc"
#include "bn/bn.cc.inc"
@@ -198,7 +197,7 @@
const uint8_t *const start = BORINGSSL_bcm_text_start;
const uint8_t *const end = BORINGSSL_bcm_text_end;
- assert_within(start, reinterpret_cast<const void *>(AES_encrypt), end);
+ assert_within(start, reinterpret_cast<const void *>(BCM_aes_encrypt), end);
assert_within(start, reinterpret_cast<const void *>(RSA_sign), end);
assert_within(start, reinterpret_cast<const void *>(BCM_rand_bytes), end);
assert_within(start, reinterpret_cast<const void *>(EC_GROUP_cmp), end);
@@ -258,7 +257,8 @@
const uint8_t *expected = BORINGSSL_bcm_text_hash;
- if (!check_test(expected, result, sizeof(result), "FIPS integrity test")) {
+ if (!BORINGSSL_check_test(expected, result, sizeof(result),
+ "FIPS integrity test")) {
#if !defined(BORINGSSL_FIPS_BREAK_TESTS)
return 0;
#endif
diff --git a/src/crypto/fipsmodule/bcm_interface.h b/src/crypto/fipsmodule/bcm_interface.h
index 065eec0..a70636d 100644
--- a/src/crypto/fipsmodule/bcm_interface.h
+++ b/src/crypto/fipsmodule/bcm_interface.h
@@ -12,11 +12,14 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_CRYPTO_BCM_INTERFACE_H
-#define OPENSSL_HEADER_CRYPTO_BCM_INTERFACE_H
+#ifndef OPENSSL_HEADER_CRYPTO_FIPSMODULE_BCM_INTERFACE_H
+#define OPENSSL_HEADER_CRYPTO_FIPSMODULE_BCM_INTERFACE_H
+// For the moment, we reach out for AES_KEY.
+#include <openssl/aes.h>
#include <openssl/bcm_public.h>
+
// This header will eventually become the interface between BCM and the
// rest of libcrypto. More cleanly separating the two is still a work in
// progress (see https://crbug.com/boringssl/722) so, at the moment, we
@@ -55,6 +58,9 @@
return result ? bcm_status::approved : bcm_status::failure;
}
+inline bcm_status_t bcm_as_not_approved_status(int result) {
+ return result ? bcm_status::not_approved : bcm_status::failure;
+}
// Random number generator.
@@ -290,6 +296,18 @@
struct BCM_mldsa65_public_key *out_public_key,
const struct BCM_mldsa65_private_key *private_key);
+OPENSSL_EXPORT bcm_status
+BCM_mldsa65_check_key_fips(struct BCM_mldsa65_private_key *private_key);
+
+OPENSSL_EXPORT bcm_status BCM_mldsa65_generate_key_fips(
+ uint8_t out_encoded_public_key[BCM_MLDSA65_PUBLIC_KEY_BYTES],
+ uint8_t out_seed[BCM_MLDSA_SEED_BYTES],
+ struct BCM_mldsa65_private_key *out_private_key);
+
+OPENSSL_EXPORT bcm_status BCM_mldsa65_private_key_from_seed_fips(
+ struct BCM_mldsa65_private_key *out_private_key,
+ const uint8_t seed[BCM_MLDSA_SEED_BYTES]);
+
OPENSSL_EXPORT bcm_status BCM_mldsa65_sign(
uint8_t out_encoded_signature[BCM_MLDSA65_SIGNATURE_BYTES],
const struct BCM_mldsa65_private_key *private_key, const uint8_t *msg,
@@ -317,6 +335,11 @@
struct BCM_mldsa65_private_key *out_private_key,
const uint8_t entropy[BCM_MLDSA_SEED_BYTES]);
+OPENSSL_EXPORT bcm_status BCM_mldsa65_generate_key_external_entropy_fips(
+ uint8_t out_encoded_public_key[BCM_MLDSA65_PUBLIC_KEY_BYTES],
+ struct BCM_mldsa65_private_key *out_private_key,
+ const uint8_t entropy[BCM_MLDSA_SEED_BYTES]);
+
// BCM_mldsa5_sign_internal signs |msg| using |private_key| and writes the
// signature to |out_encoded_signature|. The |context_prefix| and |context| are
// prefixed to the message, in that order, before signing. The |randomizer|
@@ -383,6 +406,18 @@
struct BCM_mldsa87_public_key *out_public_key,
const struct BCM_mldsa87_private_key *private_key);
+OPENSSL_EXPORT bcm_status
+BCM_mldsa87_check_key_fips(struct BCM_mldsa87_private_key *private_key);
+
+OPENSSL_EXPORT bcm_status BCM_mldsa87_generate_key_fips(
+ uint8_t out_encoded_public_key[BCM_MLDSA87_PUBLIC_KEY_BYTES],
+ uint8_t out_seed[BCM_MLDSA_SEED_BYTES],
+ struct BCM_mldsa87_private_key *out_private_key);
+
+OPENSSL_EXPORT bcm_status BCM_mldsa87_private_key_from_seed_fips(
+ struct BCM_mldsa87_private_key *out_private_key,
+ const uint8_t seed[BCM_MLDSA_SEED_BYTES]);
+
OPENSSL_EXPORT bcm_status BCM_mldsa87_sign(
uint8_t out_encoded_signature[BCM_MLDSA87_SIGNATURE_BYTES],
const struct BCM_mldsa87_private_key *private_key, const uint8_t *msg,
@@ -410,6 +445,11 @@
struct BCM_mldsa87_private_key *out_private_key,
const uint8_t entropy[BCM_MLDSA_SEED_BYTES]);
+OPENSSL_EXPORT bcm_status BCM_mldsa87_generate_key_external_entropy_fips(
+ uint8_t out_encoded_public_key[BCM_MLDSA87_PUBLIC_KEY_BYTES],
+ struct BCM_mldsa87_private_key *out_private_key,
+ const uint8_t entropy[BCM_MLDSA_SEED_BYTES]);
+
// BCM_mldsa87_sign_internal signs |msg| using |private_key| and writes the
// signature to |out_encoded_signature|. The |context_prefix| and |context| are
// prefixed to the message, in that order, before signing. The |randomizer|
@@ -492,6 +532,8 @@
} opaque;
};
+
+
OPENSSL_EXPORT bcm_infallible BCM_mlkem768_generate_key(
uint8_t out_encoded_public_key[BCM_MLKEM768_PUBLIC_KEY_BYTES],
uint8_t optional_out_seed[BCM_MLKEM_SEED_BYTES],
@@ -501,6 +543,14 @@
struct BCM_mlkem768_private_key *out_private_key, const uint8_t *seed,
size_t seed_len);
+OPENSSL_EXPORT bcm_status BCM_mlkem768_generate_key_fips(
+ uint8_t out_encoded_public_key[BCM_MLKEM768_PUBLIC_KEY_BYTES],
+ uint8_t optional_out_seed[BCM_MLKEM_SEED_BYTES],
+ struct BCM_mlkem768_private_key *out_private_key);
+
+OPENSSL_EXPORT bcm_status
+BCM_mlkem768_check_fips(const struct BCM_mlkem768_private_key *private_key);
+
OPENSSL_EXPORT bcm_infallible BCM_mlkem768_public_from_private(
struct BCM_mlkem768_public_key *out_public_key,
const struct BCM_mlkem768_private_key *private_key);
@@ -576,6 +626,14 @@
uint8_t optional_out_seed[BCM_MLKEM_SEED_BYTES],
struct BCM_mlkem1024_private_key *out_private_key);
+OPENSSL_EXPORT bcm_status BCM_mlkem1024_generate_key_fips(
+ uint8_t out_encoded_public_key[BCM_MLKEM1024_PUBLIC_KEY_BYTES],
+ uint8_t optional_out_seed[BCM_MLKEM_SEED_BYTES],
+ struct BCM_mlkem1024_private_key *out_private_key);
+
+OPENSSL_EXPORT bcm_status
+BCM_mlkem1024_check_fips(const struct BCM_mlkem1024_private_key *private_key);
+
OPENSSL_EXPORT bcm_status BCM_mlkem1024_private_key_from_seed(
struct BCM_mlkem1024_private_key *out_private_key, const uint8_t *seed,
size_t seed_len);
@@ -658,14 +716,22 @@
// SLH-DSA-SHA2-128s signature.
#define BCM_SLHDSA_SHA2_128S_SIGNATURE_BYTES 7856
-// SLHDSA_SHA2_128S_generate_key_from_seed generates an SLH-DSA-SHA2-128s key
-// pair from a 48-byte seed and writes the result to |out_public_key| and
+// BCM_slhdsa_sha2_128s_generate_key_from_seed generates an SLH-DSA-SHA2-128s
+// key pair from a 48-byte seed and writes the result to |out_public_key| and
// |out_secret_key|.
OPENSSL_EXPORT bcm_infallible BCM_slhdsa_sha2_128s_generate_key_from_seed(
uint8_t out_public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
uint8_t out_secret_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES],
const uint8_t seed[3 * BCM_SLHDSA_SHA2_128S_N]);
+// BCM_slhdsa_sha2_128s_generate_key_from_seed_fips does the same thing as
+// `BCM_slhdsa_sha2_128s_generate_key_from_seed` but implements the required
+// second check before generating a key by testing for nullptr arguments.
+OPENSSL_EXPORT bcm_status BCM_slhdsa_sha2_128s_generate_key_from_seed_fips(
+ uint8_t out_public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
+ uint8_t out_secret_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES],
+ const uint8_t seed[3 * BCM_SLHDSA_SHA2_128S_N]);
+
// BCM_slhdsa_sha2_128s_sign_internal acts like |SLHDSA_SHA2_128S_sign| but
// accepts an explicit entropy input, which can be PK.seed (bytes 32..48 of
// the private key) to generate deterministic signatures. It also takes the
@@ -693,6 +759,10 @@
uint8_t out_public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
uint8_t out_private_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES]);
+OPENSSL_EXPORT bcm_status BCM_slhdsa_sha2_128s_generate_key_fips(
+ uint8_t out_public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
+ uint8_t out_private_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES]);
+
OPENSSL_EXPORT bcm_infallible BCM_slhdsa_sha2_128s_public_from_private(
uint8_t out_public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
const uint8_t private_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES]);
@@ -722,8 +792,34 @@
const uint8_t *context, size_t context_len);
+// AES
+
+// BCM_aes_encrypt encrypts a single block from |in| to |out| with |key|. The
+// |in| and |out| pointers may overlap.
+OPENSSL_EXPORT bcm_infallible BCM_aes_encrypt(const uint8_t *in, uint8_t *out,
+ const AES_KEY *key);
+// BCM_aes_decrypt decrypts a single block from |in| to |out| with |key|. The
+// |in| and |out| pointers may overlap.
+OPENSSL_EXPORT bcm_infallible BCM_aes_decrypt(const uint8_t *in, uint8_t *out,
+ const AES_KEY *key);
+
+// BCM_aes_set_encrypt_key configures |aeskey| to encrypt with the |bits|-bit
+// key, |key|. |key| must point to |bits|/8 bytes. It will return failure if
+// |bits| is an invalid AES key size.
+OPENSSL_EXPORT bcm_status BCM_aes_set_encrypt_key(const uint8_t *key,
+ unsigned bits,
+ AES_KEY *aeskey);
+
+// BCM_aes_set_decrypt_key configures |aeskey| to decrypt with the |bits|-bit
+// key, |key|. |key| must point to |bits|/8 bytes. It will return failure if
+// |bits| is an invalid AES key size.
+OPENSSL_EXPORT bcm_status BCM_aes_set_decrypt_key(const uint8_t *key,
+ unsigned bits,
+ AES_KEY *aeskey);
+
+
#if defined(__cplusplus)
} // extern C
#endif
-#endif // OPENSSL_HEADER_CRYPTO_BCM_INTERFACE_H
+#endif // OPENSSL_HEADER_CRYPTO_FIPSMODULE_BCM_INTERFACE_H
diff --git a/src/crypto/fipsmodule/bn/asm/armv4-mont.pl b/src/crypto/fipsmodule/bn/asm/armv4-mont.pl
index acae4e5..d3c867d 100644
--- a/src/crypto/fipsmodule/bn/asm/armv4-mont.pl
+++ b/src/crypto/fipsmodule/bn/asm/armv4-mont.pl
@@ -121,14 +121,9 @@
bn_mul_mont_nohw:
ldr ip,[sp,#4] @ load num
stmdb sp!,{r0,r2} @ sp points at argument block
- cmp ip,#2
+ @ No return value. Instead, the caller must ensure num >= 2
mov $num,ip @ load num
-#ifdef __thumb2__
- ittt lt
-#endif
- movlt r0,#0
- addlt sp,sp,#2*4
- blt .Labrt
+ @ No return value
stmdb sp!,{r4-r12,lr} @ save 10 registers
@@ -262,8 +257,7 @@
add sp,sp,#4 @ skip over tp[num+1]
ldmia sp!,{r4-r12,lr} @ restore registers
add sp,sp,#2*4 @ skip over {r0,r2}
- mov r0,#1
-.Labrt:
+ @ No return value
#if __ARM_ARCH>=5
ret @ bx lr
#else
@@ -717,6 +711,7 @@
mov sp,ip
vldmia sp!,{d8-d15}
ldmia sp!,{r4-r11}
+ @ No return value
ret @ bx lr
.size bn_mul8x_mont_neon,.-bn_mul8x_mont_neon
#endif
diff --git a/src/crypto/fipsmodule/bn/asm/armv8-mont.pl b/src/crypto/fipsmodule/bn/asm/armv8-mont.pl
index 1ce02ee..fe4d8cf 100644
--- a/src/crypto/fipsmodule/bn/asm/armv8-mont.pl
+++ b/src/crypto/fipsmodule/bn/asm/armv8-mont.pl
@@ -60,7 +60,7 @@
$lo1,$hi1,$nj,$m1,$nlo,$nhi,
$ovf, $i,$j,$tp,$tj) = map("x$_",6..17,19..24);
-# int bn_mul_mont(
+# void bn_mul_mont(
$rp="x0"; # BN_ULONG *rp,
$ap="x1"; # const BN_ULONG *ap,
$bp="x2"; # const BN_ULONG *bp,
@@ -270,7 +270,7 @@
ldp x19,x20,[x29,#16]
mov sp,x29
ldp x21,x22,[x29,#32]
- mov x0,#1
+ // No return value
ldp x23,x24,[x29,#48]
ldr x29,[sp],#64
AARCH64_VALIDATE_LINK_REGISTER
@@ -1044,7 +1044,7 @@
ldp x19,x20,[x29,#16]
mov sp,x29
ldp x21,x22,[x29,#32]
- mov x0,#1
+ // No return value
ldp x23,x24,[x29,#48]
ldp x25,x26,[x29,#64]
ldp x27,x28,[x29,#80]
@@ -1505,7 +1505,7 @@
ldp x19,x20,[x29,#16]
mov sp,x29
ldp x21,x22,[x29,#32]
- mov x0,#1
+ // No return value
ldp x23,x24,[x29,#48]
ldp x25,x26,[x29,#64]
ldp x27,x28,[x29,#80]
diff --git a/src/crypto/fipsmodule/bn/asm/bn-586.pl b/src/crypto/fipsmodule/bn/asm/bn-586.pl
index 7e3decf..fa7eb12 100644
--- a/src/crypto/fipsmodule/bn/asm/bn-586.pl
+++ b/src/crypto/fipsmodule/bn/asm/bn-586.pl
@@ -28,7 +28,6 @@
&bn_mul_add_words("bn_mul_add_words");
&bn_mul_words("bn_mul_words");
&bn_sqr_words("bn_sqr_words");
-&bn_div_words("bn_div_words");
&bn_add_words("bn_add_words");
&bn_sub_words("bn_sub_words");
@@ -205,19 +204,6 @@
&function_end($name);
}
-sub bn_div_words
- {
- local($name)=@_;
-
- &function_begin_B($name,"");
- &mov("edx",&wparam(0)); #
- &mov("eax",&wparam(1)); #
- &mov("ecx",&wparam(2)); #
- &div("ecx");
- &ret();
- &function_end_B($name);
- }
-
sub bn_add_words
{
local($name)=@_;
diff --git a/src/crypto/fipsmodule/bn/asm/x86-mont.pl b/src/crypto/fipsmodule/bn/asm/x86-mont.pl
index 3de17a4..c3e30cb 100755
--- a/src/crypto/fipsmodule/bn/asm/x86-mont.pl
+++ b/src/crypto/fipsmodule/bn/asm/x86-mont.pl
@@ -68,11 +68,9 @@
$_bpend=&DWP(4*7,"esp");
$frame=32; # size of above frame rounded up to 16n
- &xor ("eax","eax");
+ # No return value. Instead, the caller must ensure num >= 4
&mov ("edi",&wparam(5)); # int num
- &cmp ("edi",4);
- &jl (&label("just_leave"));
-
+ # No return value.
&lea ("esi",&wparam(0)); # put aside pointer to argument block
&lea ("edx",&wparam(1)); # load ap
&add ("edi",2); # extra two words on top of tp
@@ -326,8 +324,7 @@
&jge (&label("copy"));
&mov ("esp",$_sp); # pull saved stack pointer
- &mov ("eax",1);
-&set_label("just_leave");
+ # No return value
&function_end("bn_mul_mont");
&asciz("Montgomery Multiplication for x86, CRYPTOGAMS by <appro\@openssl.org>");
diff --git a/src/crypto/fipsmodule/bn/asm/x86_64-mont.pl b/src/crypto/fipsmodule/bn/asm/x86_64-mont.pl
index 537b028..c1d4028 100755
--- a/src/crypto/fipsmodule/bn/asm/x86_64-mont.pl
+++ b/src/crypto/fipsmodule/bn/asm/x86_64-mont.pl
@@ -70,7 +70,7 @@
# output, so this isn't useful anyway.
$addx = 1;
-# int bn_mul_mont_nohw(
+# void bn_mul_mont_nohw(
$rp="%rdi"; # BN_ULONG *rp,
$ap="%rsi"; # const BN_ULONG *ap,
$bp="%rdx"; # const BN_ULONG *bp,
@@ -315,7 +315,7 @@
mov 8(%rsp,$num,8),%rsi # restore %rsp
.cfi_def_cfa %rsi,8
- mov \$1,%rax
+ # No return value
mov -48(%rsi),%r15
.cfi_restore %r15
mov -40(%rsi),%r14
@@ -762,7 +762,7 @@
$code.=<<___;
mov 8(%rsp,$num,8),%rsi # restore %rsp
.cfi_def_cfa %rsi, 8
- mov \$1,%rax
+ # No return value
mov -48(%rsi),%r15
.cfi_restore %r15
mov -40(%rsi),%r14
@@ -785,7 +785,7 @@
}}}
�{{{
######################################################################
-# int bn_sqr8x_mont(
+# void bn_sqr8x_mont(
my $rptr="%rdi"; # const BN_ULONG *rptr,
my $aptr="%rsi"; # const BN_ULONG *aptr,
my $mulx_adx_capable="%rdx"; # Different than upstream!
@@ -976,7 +976,7 @@
add \$32,$num
jnz .Lsqr8x_cond_copy
- mov \$1,%rax
+ # No return value
mov -48(%rsi),%r15
.cfi_restore %r15
mov -40(%rsi),%r14
@@ -1345,7 +1345,7 @@
mov %rdx,($tptr)
- mov \$1,%rax
+ # No return value
mov -48(%rsi),%r15
.cfi_restore %r15
mov -40(%rsi),%r14
diff --git a/src/crypto/fipsmodule/bn/div.cc.inc b/src/crypto/fipsmodule/bn/div.cc.inc
index b09f9fe..a29bf9c 100644
--- a/src/crypto/fipsmodule/bn/div.cc.inc
+++ b/src/crypto/fipsmodule/bn/div.cc.inc
@@ -21,10 +21,22 @@
#include "internal.h"
+#if (defined(OPENSSL_X86) || defined(OPENSSL_X86_64)) && defined(_MSC_VER) && \
+ !defined(__clang__)
+#define HAVE_MSVC_DIV_INTRINSICS
+#include <immintrin.h>
+#if defined(OPENSSL_X86)
+#pragma intrinsic(_udiv64)
+#else
+#pragma intrinsic(_udiv128)
+#endif
+#endif
+
// bn_div_words divides a double-width |h|,|l| by |d| and returns the result,
-// which must fit in a |BN_ULONG|.
+// which must fit in a |BN_ULONG|, i.e. |h < d|.
static inline BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d) {
+ assert(h < d);
BN_ULONG dh, dl, q, ret = 0, th, tl, t;
int i, count = 2;
@@ -93,42 +105,49 @@
return ret;
}
+// bn_div_rem_words divides a double-width numerator (high half |nh| and low
+// half |nl|) with a single-width divisor. It sets |*quotient_out| and
+// |*rem_out| to be the quotient and numerator, respectively. The quotient must
+// fit in a |BN_ULONG|, i.e. |nh < d|.
static inline void bn_div_rem_words(BN_ULONG *quotient_out, BN_ULONG *rem_out,
- BN_ULONG n0, BN_ULONG n1, BN_ULONG d0) {
- // GCC and Clang generate function calls to |__udivdi3| and |__umoddi3| when
- // the |BN_ULLONG|-based C code is used.
- //
- // GCC bugs:
- // * https://gcc.gnu.org/bugzilla/show_bug.cgi?id=14224
- // * https://gcc.gnu.org/bugzilla/show_bug.cgi?id=43721
- // * https://gcc.gnu.org/bugzilla/show_bug.cgi?id=54183
- // * https://gcc.gnu.org/bugzilla/show_bug.cgi?id=58897
- // * https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65668
- //
- // Clang bugs:
- // * https://github.com/llvm/llvm-project/issues/6769
- // * https://github.com/llvm/llvm-project/issues/12790
+ BN_ULONG nh, BN_ULONG nl, BN_ULONG d) {
+ assert(nh < d);
+ // This operation is the x86 and x86_64 DIV instruction, but it is difficult
+ // for the compiler to emit it. Dividing a |BN_ULLONG| by a |BN_ULONG| does
+ // not work because, a priori, the quotient may not fit in |BN_ULONG| and DIV
+ // will trap on overflow, not truncate. The compiler will instead emit a call
+ // to a more expensive support function (e.g. |__udivdi3|). Thus we use inline
+ // assembly or intrinsics to get the instruction.
//
// These is specific to x86 and x86_64; Arm and RISC-V do not have double-wide
// division instructions.
#if defined(BN_CAN_USE_INLINE_ASM) && defined(OPENSSL_X86)
__asm__ volatile("divl %4"
: "=a"(*quotient_out), "=d"(*rem_out)
- : "a"(n1), "d"(n0), "rm"(d0)
+ : "a"(nl), "d"(nh), "rm"(d)
: "cc");
#elif defined(BN_CAN_USE_INLINE_ASM) && defined(OPENSSL_X86_64)
__asm__ volatile("divq %4"
: "=a"(*quotient_out), "=d"(*rem_out)
- : "a"(n1), "d"(n0), "rm"(d0)
+ : "a"(nl), "d"(nh), "rm"(d)
: "cc");
+#elif defined(HAVE_MSVC_DIV_INTRINSICS) && defined(OPENSSL_X86)
+ BN_ULLONG n = (((BN_ULLONG)nh) << BN_BITS2) | nl;
+ unsigned rem;
+ *quotient_out = _udiv64(n, d, &rem);
+ *rem_out = rem;
+#elif defined(HAVE_MSVC_DIV_INTRINSICS) && defined(OPENSSL_X86_64)
+ unsigned __int64 rem;
+ *quotient_out = _udiv128(nh, nl, d, &rem);
+ *rem_out = rem;
#else
#if defined(BN_CAN_DIVIDE_ULLONG)
- BN_ULLONG n = (((BN_ULLONG)n0) << BN_BITS2) | n1;
- *quotient_out = (BN_ULONG)(n / d0);
+ BN_ULLONG n = (((BN_ULLONG)nh) << BN_BITS2) | nl;
+ *quotient_out = (BN_ULONG)(n / d);
#else
- *quotient_out = bn_div_words(n0, n1, d0);
-#endif
- *rem_out = n1 - (*quotient_out * d0);
+ *quotient_out = bn_div_words(nh, nl, d);
+#endif // BN_CAN_DIVIDE_ULLONG
+ *rem_out = nl - (*quotient_out * d);
#endif
}
@@ -147,7 +166,7 @@
return 0;
}
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *tmp = BN_CTX_get(ctx);
BIGNUM *snum = BN_CTX_get(ctx);
BIGNUM *sdiv = BN_CTX_get(ctx);
@@ -155,7 +174,7 @@
int norm_shift, num_n, loop, div_n;
BN_ULONG d0, d1;
if (tmp == NULL || snum == NULL || sdiv == NULL || res == NULL) {
- goto err;
+ return 0;
}
// Knuth step D1: Normalise the numbers such that the divisor's MSB is set.
@@ -164,7 +183,7 @@
norm_shift = BN_BITS2 - (BN_num_bits(divisor) % BN_BITS2);
if (!BN_lshift(sdiv, divisor, norm_shift) ||
!BN_lshift(snum, numerator, norm_shift)) {
- goto err;
+ return 0;
}
// This algorithm relies on |sdiv| being minimal width. We do not use this
@@ -184,7 +203,7 @@
// digit in Knuth step D1.)
num_n = snum->width <= div_n ? div_n + 1 : snum->width + 1;
if (!bn_resize_words(snum, num_n)) {
- goto err;
+ return 0;
}
// Knuth step D2: The quotient's width is the difference between numerator and
@@ -193,7 +212,7 @@
res->neg = snum->neg ^ sdiv->neg;
if (!bn_wexpand(res, loop) || //
!bn_wexpand(tmp, div_n + 1)) {
- goto err;
+ return 0;
}
res->width = loop;
@@ -312,15 +331,10 @@
// Knuth step D8: Unnormalize. snum now contains the remainder.
if (rem != NULL && !BN_rshift(rem, snum, norm_shift)) {
- goto err;
+ return 0;
}
- BN_CTX_end(ctx);
return 1;
-
-err:
- BN_CTX_end(ctx);
- return 0;
}
int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx) {
@@ -396,8 +410,7 @@
// but it is simple, easy to make constant-time, and performant enough for RSA
// key generation.
- int ret = 0;
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *q = quotient, *r = remainder;
if (quotient == NULL || quotient == numerator || quotient == divisor) {
q = BN_CTX_get(ctx);
@@ -410,7 +423,7 @@
if (q == NULL || r == NULL || tmp == NULL ||
!bn_wexpand(q, numerator->width) || !bn_wexpand(r, divisor->width) ||
!bn_wexpand(tmp, divisor->width)) {
- goto err;
+ return 0;
}
OPENSSL_memset(q->d, 0, numerator->width * sizeof(BN_ULONG));
@@ -461,14 +474,10 @@
if ((quotient != NULL && !BN_copy(quotient, q)) ||
(remainder != NULL && !BN_copy(remainder, r))) {
- goto err;
+ return 0;
}
- ret = 1;
-
-err:
- BN_CTX_end(ctx);
- return ret;
+ return 1;
}
static BIGNUM *bn_scratch_space_from_ctx(size_t width, BN_CTX *ctx) {
@@ -510,26 +519,24 @@
int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const BIGNUM *m) {
- BN_CTX *ctx = BN_CTX_new();
- int ok = ctx != NULL && bn_mod_add_consttime(r, a, b, m, ctx);
- BN_CTX_free(ctx);
- return ok;
+ bssl::UniquePtr<BN_CTX> ctx(BN_CTX_new());
+ return ctx != nullptr && bn_mod_add_consttime(r, a, b, m, ctx.get());
}
int bn_mod_add_consttime(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const BIGNUM *m, BN_CTX *ctx) {
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
a = bn_resized_from_ctx(a, m->width, ctx);
b = bn_resized_from_ctx(b, m->width, ctx);
BIGNUM *tmp = bn_scratch_space_from_ctx(m->width, ctx);
- int ok = a != NULL && b != NULL && tmp != NULL && bn_wexpand(r, m->width);
- if (ok) {
- bn_mod_add_words(r->d, a->d, b->d, m->d, tmp->d, m->width);
- r->width = m->width;
- r->neg = 0;
+ if (a == nullptr || b == nullptr || tmp == nullptr ||
+ !bn_wexpand(r, m->width)) {
+ return 0;
}
- BN_CTX_end(ctx);
- return ok;
+ bn_mod_add_words(r->d, a->d, b->d, m->d, tmp->d, m->width);
+ r->width = m->width;
+ r->neg = 0;
+ return 1;
}
int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
@@ -542,58 +549,49 @@
int bn_mod_sub_consttime(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const BIGNUM *m, BN_CTX *ctx) {
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
a = bn_resized_from_ctx(a, m->width, ctx);
b = bn_resized_from_ctx(b, m->width, ctx);
BIGNUM *tmp = bn_scratch_space_from_ctx(m->width, ctx);
- int ok = a != NULL && b != NULL && tmp != NULL && bn_wexpand(r, m->width);
- if (ok) {
- bn_mod_sub_words(r->d, a->d, b->d, m->d, tmp->d, m->width);
- r->width = m->width;
- r->neg = 0;
+ if (a == nullptr || b == nullptr || tmp == nullptr ||
+ !bn_wexpand(r, m->width)) {
+ return 0;
}
- BN_CTX_end(ctx);
- return ok;
+ bn_mod_sub_words(r->d, a->d, b->d, m->d, tmp->d, m->width);
+ r->width = m->width;
+ r->neg = 0;
+ return 1;
}
int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const BIGNUM *m) {
- BN_CTX *ctx = BN_CTX_new();
- int ok = ctx != NULL && bn_mod_sub_consttime(r, a, b, m, ctx);
- BN_CTX_free(ctx);
- return ok;
+ bssl::UniquePtr<BN_CTX> ctx(BN_CTX_new());
+ return ctx != nullptr && bn_mod_sub_consttime(r, a, b, m, ctx.get());
}
int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
BN_CTX *ctx) {
- BIGNUM *t;
- int ret = 0;
-
- BN_CTX_start(ctx);
- t = BN_CTX_get(ctx);
+ bssl::BN_CTXScope scope(ctx);
+ BIGNUM *t = BN_CTX_get(ctx);
if (t == NULL) {
- goto err;
+ return 0;
}
if (a == b) {
if (!BN_sqr(t, a, ctx)) {
- goto err;
+ return 0;
}
} else {
if (!BN_mul(t, a, b, ctx)) {
- goto err;
+ return 0;
}
}
if (!BN_nnmod(r, t, m, ctx)) {
- goto err;
+ return 0;
}
- ret = 1;
-
-err:
- BN_CTX_end(ctx);
- return ret;
+ return 1;
}
int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx) {
@@ -607,25 +605,20 @@
int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m,
BN_CTX *ctx) {
- BIGNUM *abs_m = NULL;
- int ret;
-
if (!BN_nnmod(r, a, m, ctx)) {
return 0;
}
+ bssl::UniquePtr<BIGNUM> abs_m;
if (m->neg) {
- abs_m = BN_dup(m);
- if (abs_m == NULL) {
+ abs_m.reset(BN_dup(m));
+ if (abs_m == nullptr) {
return 0;
}
abs_m->neg = 0;
}
- ret = bn_mod_lshift_consttime(r, r, n, (abs_m ? abs_m : m), ctx);
-
- BN_free(abs_m);
- return ret;
+ return bn_mod_lshift_consttime(r, r, n, (abs_m ? abs_m.get() : m), ctx);
}
int bn_mod_lshift_consttime(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m,
@@ -634,24 +627,21 @@
return 0;
}
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *tmp = bn_scratch_space_from_ctx(m->width, ctx);
- int ok = tmp != NULL;
- if (ok) {
- for (int i = 0; i < n; i++) {
- bn_mod_add_words(r->d, r->d, r->d, m->d, tmp->d, m->width);
- }
- r->neg = 0;
+ if (tmp == nullptr) {
+ return 0;
}
- BN_CTX_end(ctx);
- return ok;
+ for (int i = 0; i < n; i++) {
+ bn_mod_add_words(r->d, r->d, r->d, m->d, tmp->d, m->width);
+ }
+ r->neg = 0;
+ return 1;
}
int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m) {
- BN_CTX *ctx = BN_CTX_new();
- int ok = ctx != NULL && bn_mod_lshift_consttime(r, a, n, m, ctx);
- BN_CTX_free(ctx);
- return ok;
+ bssl::UniquePtr<BN_CTX> ctx(BN_CTX_new());
+ return ctx != nullptr && bn_mod_lshift_consttime(r, a, n, m, ctx.get());
}
int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx) {
@@ -668,10 +658,8 @@
}
int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m) {
- BN_CTX *ctx = BN_CTX_new();
- int ok = ctx != NULL && bn_mod_lshift1_consttime(r, a, m, ctx);
- BN_CTX_free(ctx);
- return ok;
+ bssl::UniquePtr<BN_CTX> ctx(BN_CTX_new());
+ return ctx != nullptr && bn_mod_lshift1_consttime(r, a, m, ctx.get());
}
BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w) {
@@ -744,82 +732,3 @@
}
return (BN_ULONG)ret;
}
-
-int BN_mod_pow2(BIGNUM *r, const BIGNUM *a, size_t e) {
- if (e == 0 || a->width == 0) {
- BN_zero(r);
- return 1;
- }
-
- size_t num_words = 1 + ((e - 1) / BN_BITS2);
-
- // If |a| definitely has less than |e| bits, just BN_copy.
- if ((size_t)a->width < num_words) {
- return BN_copy(r, a) != NULL;
- }
-
- // Otherwise, first make sure we have enough space in |r|.
- // Note that this will fail if num_words > INT_MAX.
- if (!bn_wexpand(r, num_words)) {
- return 0;
- }
-
- // Copy the content of |a| into |r|.
- OPENSSL_memcpy(r->d, a->d, num_words * sizeof(BN_ULONG));
-
- // If |e| isn't word-aligned, we have to mask off some of our bits.
- size_t top_word_exponent = e % (sizeof(BN_ULONG) * 8);
- if (top_word_exponent != 0) {
- r->d[num_words - 1] &= (((BN_ULONG)1) << top_word_exponent) - 1;
- }
-
- // Fill in the remaining fields of |r|.
- r->neg = a->neg;
- r->width = (int)num_words;
- bn_set_minimal_width(r);
- return 1;
-}
-
-int BN_nnmod_pow2(BIGNUM *r, const BIGNUM *a, size_t e) {
- if (!BN_mod_pow2(r, a, e)) {
- return 0;
- }
-
- // If the returned value was non-negative, we're done.
- if (BN_is_zero(r) || !r->neg) {
- return 1;
- }
-
- size_t num_words = 1 + (e - 1) / BN_BITS2;
-
- // Expand |r| to the size of our modulus.
- if (!bn_wexpand(r, num_words)) {
- return 0;
- }
-
- // Clear the upper words of |r|.
- OPENSSL_memset(&r->d[r->width], 0, (num_words - r->width) * BN_BYTES);
-
- // Set parameters of |r|.
- r->neg = 0;
- r->width = (int)num_words;
-
- // Now, invert every word. The idea here is that we want to compute 2^e-|x|,
- // which is actually equivalent to the twos-complement representation of |x|
- // in |e| bits, which is -x = ~x + 1.
- for (int i = 0; i < r->width; i++) {
- r->d[i] = ~r->d[i];
- }
-
- // If our exponent doesn't span the top word, we have to mask the rest.
- size_t top_word_exponent = e % BN_BITS2;
- if (top_word_exponent != 0) {
- r->d[r->width - 1] &= (((BN_ULONG)1) << top_word_exponent) - 1;
- }
-
- // Keep the minimal-width invariant for |BIGNUM|.
- bn_set_minimal_width(r);
-
- // Finally, add one, for the reason described above.
- return BN_add(r, r, BN_value_one());
-}
diff --git a/src/crypto/fipsmodule/bn/exponentiation.cc.inc b/src/crypto/fipsmodule/bn/exponentiation.cc.inc
index 6c3d448..205f4b4 100644
--- a/src/crypto/fipsmodule/bn/exponentiation.cc.inc
+++ b/src/crypto/fipsmodule/bn/exponentiation.cc.inc
@@ -70,261 +70,6 @@
#endif // defined(OPENSSL_BN_ASM_MONT5)
-int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) {
- int i, bits, ret = 0;
- BIGNUM *v, *rr;
-
- BN_CTX_start(ctx);
- if (r == a || r == p) {
- rr = BN_CTX_get(ctx);
- } else {
- rr = r;
- }
-
- v = BN_CTX_get(ctx);
- if (rr == NULL || v == NULL) {
- goto err;
- }
-
- if (BN_copy(v, a) == NULL) {
- goto err;
- }
- bits = BN_num_bits(p);
-
- if (BN_is_odd(p)) {
- if (BN_copy(rr, a) == NULL) {
- goto err;
- }
- } else {
- if (!BN_one(rr)) {
- goto err;
- }
- }
-
- for (i = 1; i < bits; i++) {
- if (!BN_sqr(v, v, ctx)) {
- goto err;
- }
- if (BN_is_bit_set(p, i)) {
- if (!BN_mul(rr, rr, v, ctx)) {
- goto err;
- }
- }
- }
-
- if (r != rr && !BN_copy(r, rr)) {
- goto err;
- }
- ret = 1;
-
-err:
- BN_CTX_end(ctx);
- return ret;
-}
-
-namespace {
-typedef struct bn_recp_ctx_st {
- BIGNUM N; // the divisor
- BIGNUM Nr; // the reciprocal
- int num_bits;
- int shift;
- int flags;
-} BN_RECP_CTX;
-} // namespace
-
-static void BN_RECP_CTX_init(BN_RECP_CTX *recp) {
- BN_init(&recp->N);
- BN_init(&recp->Nr);
- recp->num_bits = 0;
- recp->shift = 0;
- recp->flags = 0;
-}
-
-static void BN_RECP_CTX_free(BN_RECP_CTX *recp) {
- if (recp == nullptr) {
- return;
- }
- BN_free(&recp->N);
- BN_free(&recp->Nr);
-}
-
-static int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx) {
- if (!BN_copy(&(recp->N), d)) {
- return 0;
- }
- BN_zero(&recp->Nr);
- recp->num_bits = BN_num_bits(d);
- recp->shift = 0;
-
- return 1;
-}
-
-// len is the expected size of the result We actually calculate with an extra
-// word of precision, so we can do faster division if the remainder is not
-// required.
-// r := 2^len / m
-static int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx) {
- int ret = -1;
- BIGNUM *t;
-
- BN_CTX_start(ctx);
- t = BN_CTX_get(ctx);
- if (t == NULL) {
- goto err;
- }
-
- if (!BN_set_bit(t, len)) {
- goto err;
- }
-
- if (!BN_div(r, NULL, t, m, ctx)) {
- goto err;
- }
-
- ret = len;
-
-err:
- BN_CTX_end(ctx);
- return ret;
-}
-
-static int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
- BN_RECP_CTX *recp, BN_CTX *ctx) {
- int i, j, ret = 0;
- BIGNUM *a, *b, *d, *r;
-
- BN_CTX_start(ctx);
- a = BN_CTX_get(ctx);
- b = BN_CTX_get(ctx);
- if (dv != NULL) {
- d = dv;
- } else {
- d = BN_CTX_get(ctx);
- }
-
- if (rem != NULL) {
- r = rem;
- } else {
- r = BN_CTX_get(ctx);
- }
-
- if (a == NULL || b == NULL || d == NULL || r == NULL) {
- goto err;
- }
-
- if (BN_ucmp(m, &recp->N) < 0) {
- BN_zero(d);
- if (!BN_copy(r, m)) {
- goto err;
- }
- BN_CTX_end(ctx);
- return 1;
- }
-
- // We want the remainder
- // Given input of ABCDEF / ab
- // we need multiply ABCDEF by 3 digests of the reciprocal of ab
-
- // i := max(BN_num_bits(m), 2*BN_num_bits(N))
- i = BN_num_bits(m);
- j = recp->num_bits << 1;
- if (j > i) {
- i = j;
- }
-
- // Nr := round(2^i / N)
- if (i != recp->shift) {
- recp->shift =
- BN_reciprocal(&(recp->Nr), &(recp->N), i,
- ctx); // BN_reciprocal returns i, or -1 for an error
- }
-
- if (recp->shift == -1) {
- goto err;
- }
-
- // d := |round(round(m / 2^BN_num_bits(N)) * recp->Nr / 2^(i -
- // BN_num_bits(N)))|
- // = |round(round(m / 2^BN_num_bits(N)) * round(2^i / N) / 2^(i -
- // BN_num_bits(N)))|
- // <= |(m / 2^BN_num_bits(N)) * (2^i / N) * (2^BN_num_bits(N) / 2^i)|
- // = |m/N|
- if (!BN_rshift(a, m, recp->num_bits)) {
- goto err;
- }
- if (!BN_mul(b, a, &(recp->Nr), ctx)) {
- goto err;
- }
- if (!BN_rshift(d, b, i - recp->num_bits)) {
- goto err;
- }
- d->neg = 0;
-
- if (!BN_mul(b, &(recp->N), d, ctx)) {
- goto err;
- }
- if (!BN_usub(r, m, b)) {
- goto err;
- }
- r->neg = 0;
-
- j = 0;
- while (BN_ucmp(r, &(recp->N)) >= 0) {
- if (j++ > 2) {
- OPENSSL_PUT_ERROR(BN, BN_R_BAD_RECIPROCAL);
- goto err;
- }
- if (!BN_usub(r, r, &(recp->N))) {
- goto err;
- }
- if (!BN_add_word(d, 1)) {
- goto err;
- }
- }
-
- r->neg = BN_is_zero(r) ? 0 : m->neg;
- d->neg = m->neg ^ recp->N.neg;
- ret = 1;
-
-err:
- BN_CTX_end(ctx);
- return ret;
-}
-
-static int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
- BN_RECP_CTX *recp, BN_CTX *ctx) {
- int ret = 0;
- BIGNUM *a;
- const BIGNUM *ca;
-
- BN_CTX_start(ctx);
- a = BN_CTX_get(ctx);
- if (a == NULL) {
- goto err;
- }
-
- if (y != NULL) {
- if (x == y) {
- if (!BN_sqr(a, x, ctx)) {
- goto err;
- }
- } else {
- if (!BN_mul(a, x, y, ctx)) {
- goto err;
- }
- }
- ca = a;
- } else {
- ca = x; // Just do the mod
- }
-
- ret = BN_div_recp(NULL, r, ca, recp, ctx);
-
-err:
- BN_CTX_end(ctx);
- return ret;
-}
-
// BN_window_bits_for_exponent_size returns sliding window size for mod_exp with
// a |b| bit exponent.
//
@@ -378,163 +123,6 @@
// |BN_BITS2| * |BN_SMALL_MAX_WORDS|.
#define TABLE_SIZE_SMALL (1 << (TABLE_BITS_SMALL - 1))
-static int mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx) {
- int i, j, ret = 0, wstart, window;
- int start = 1;
- BIGNUM *aa;
- // Table of variables obtained from 'ctx'
- BIGNUM *val[TABLE_SIZE];
- BN_RECP_CTX recp;
-
- // This function is only called on even moduli.
- assert(!BN_is_odd(m));
-
- int bits = BN_num_bits(p);
- if (bits == 0) {
- return BN_one(r);
- }
-
- BN_RECP_CTX_init(&recp);
- BN_CTX_start(ctx);
- aa = BN_CTX_get(ctx);
- val[0] = BN_CTX_get(ctx);
- if (!aa || !val[0]) {
- goto err;
- }
-
- if (m->neg) {
- // ignore sign of 'm'
- if (!BN_copy(aa, m)) {
- goto err;
- }
- aa->neg = 0;
- if (BN_RECP_CTX_set(&recp, aa, ctx) <= 0) {
- goto err;
- }
- } else {
- if (BN_RECP_CTX_set(&recp, m, ctx) <= 0) {
- goto err;
- }
- }
-
- if (!BN_nnmod(val[0], a, m, ctx)) {
- goto err; // 1
- }
- if (BN_is_zero(val[0])) {
- BN_zero(r);
- ret = 1;
- goto err;
- }
-
- window = BN_window_bits_for_exponent_size(bits);
- if (window > 1) {
- if (!BN_mod_mul_reciprocal(aa, val[0], val[0], &recp, ctx)) {
- goto err; // 2
- }
- j = 1 << (window - 1);
- for (i = 1; i < j; i++) {
- if (((val[i] = BN_CTX_get(ctx)) == NULL) ||
- !BN_mod_mul_reciprocal(val[i], val[i - 1], aa, &recp, ctx)) {
- goto err;
- }
- }
- }
-
- start = 1; // This is used to avoid multiplication etc
- // when there is only the value '1' in the
- // buffer.
- wstart = bits - 1; // The top bit of the window
-
- if (!BN_one(r)) {
- goto err;
- }
-
- for (;;) {
- int wvalue; // The 'value' of the window
- int wend; // The bottom bit of the window
-
- if (!BN_is_bit_set(p, wstart)) {
- if (!start) {
- if (!BN_mod_mul_reciprocal(r, r, r, &recp, ctx)) {
- goto err;
- }
- }
- if (wstart == 0) {
- break;
- }
- wstart--;
- continue;
- }
-
- // We now have wstart on a 'set' bit, we now need to work out
- // how bit a window to do. To do this we need to scan
- // forward until the last set bit before the end of the
- // window
- wvalue = 1;
- wend = 0;
- for (i = 1; i < window; i++) {
- if (wstart - i < 0) {
- break;
- }
- if (BN_is_bit_set(p, wstart - i)) {
- wvalue <<= (i - wend);
- wvalue |= 1;
- wend = i;
- }
- }
-
- // wend is the size of the current window
- j = wend + 1;
- // add the 'bytes above'
- if (!start) {
- for (i = 0; i < j; i++) {
- if (!BN_mod_mul_reciprocal(r, r, r, &recp, ctx)) {
- goto err;
- }
- }
- }
-
- // wvalue will be an odd number < 2^window
- if (!BN_mod_mul_reciprocal(r, r, val[wvalue >> 1], &recp, ctx)) {
- goto err;
- }
-
- // move the 'window' down further
- wstart -= wend + 1;
- start = 0;
- if (wstart < 0) {
- break;
- }
- }
- ret = 1;
-
-err:
- BN_CTX_end(ctx);
- BN_RECP_CTX_free(&recp);
- return ret;
-}
-
-int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
- BN_CTX *ctx) {
- if (m->neg) {
- OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER);
- return 0;
- }
- if (a->neg || BN_ucmp(a, m) >= 0) {
- if (!BN_nnmod(r, a, m, ctx)) {
- return 0;
- }
- a = r;
- }
-
- if (BN_is_odd(m)) {
- return BN_mod_exp_mont(r, a, p, m, ctx, NULL);
- }
-
- return mod_exp_recp(r, a, p, m, ctx);
-}
-
int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, const BN_MONT_CTX *mont) {
if (!BN_is_odd(m)) {
@@ -561,57 +149,55 @@
return BN_one(rr);
}
- int ret = 0;
BIGNUM *val[TABLE_SIZE];
- BN_MONT_CTX *new_mont = NULL;
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *r = BN_CTX_get(ctx);
val[0] = BN_CTX_get(ctx);
- int window, r_is_one, wstart;
if (r == NULL || val[0] == NULL) {
- goto err;
+ return 0;
}
// Allocate a montgomery context if it was not supplied by the caller.
- if (mont == NULL) {
- new_mont = BN_MONT_CTX_new_consttime(m, ctx);
- if (new_mont == NULL) {
- goto err;
+ bssl::UniquePtr<BN_MONT_CTX> new_mont;
+ if (mont == nullptr) {
+ new_mont.reset(BN_MONT_CTX_new_consttime(m, ctx));
+ if (new_mont == nullptr) {
+ return 0;
}
- mont = new_mont;
+ mont = new_mont.get();
}
// We exponentiate by looking at sliding windows of the exponent and
// precomputing powers of |a|. Windows may be shifted so they always end on a
// set bit, so only precompute odd powers. We compute val[i] = a^(2*i + 1)
// for i = 0 to 2^(window-1), all in Montgomery form.
- window = BN_window_bits_for_exponent_size(bits);
+ int window = BN_window_bits_for_exponent_size(bits);
if (!BN_to_montgomery(val[0], a, mont, ctx)) {
- goto err;
+ return 0;
}
if (window > 1) {
BIGNUM *d = BN_CTX_get(ctx);
if (d == NULL || !BN_mod_mul_montgomery(d, val[0], val[0], mont, ctx)) {
- goto err;
+ return 0;
}
for (int i = 1; i < 1 << (window - 1); i++) {
val[i] = BN_CTX_get(ctx);
if (val[i] == NULL ||
!BN_mod_mul_montgomery(val[i], val[i - 1], d, mont, ctx)) {
- goto err;
+ return 0;
}
}
}
// |p| is non-zero, so at least one window is non-zero. To save some
// multiplications, defer initializing |r| until then.
- r_is_one = 1;
- wstart = bits - 1; // The top bit of the window.
+ int r_is_one = 1;
+ int wstart = bits - 1; // The top bit of the window.
for (;;) {
if (!BN_is_bit_set(p, wstart)) {
if (!r_is_one && !BN_mod_mul_montgomery(r, r, r, mont, ctx)) {
- goto err;
+ return 0;
}
if (wstart == 0) {
break;
@@ -635,7 +221,7 @@
if (!r_is_one) {
for (int i = 0; i < wsize + 1; i++) {
if (!BN_mod_mul_montgomery(r, r, r, mont, ctx)) {
- goto err;
+ return 0;
}
}
}
@@ -644,10 +230,10 @@
assert(wvalue < (1 << window));
if (r_is_one) {
if (!BN_copy(r, val[wvalue >> 1])) {
- goto err;
+ return 0;
}
} else if (!BN_mod_mul_montgomery(r, r, val[wvalue >> 1], mont, ctx)) {
- goto err;
+ return 0;
}
r_is_one = 0;
@@ -660,15 +246,7 @@
// |p| is non-zero, so |r_is_one| must be cleared at some point.
assert(!r_is_one);
- if (!BN_from_montgomery(rr, r, mont, ctx)) {
- goto err;
- }
- ret = 1;
-
-err:
- BN_MONT_CTX_free(new_mont);
- BN_CTX_end(ctx);
- return ret;
+ return BN_from_montgomery(rr, r, mont, ctx);
}
void bn_mod_exp_mont_small(BN_ULONG *r, const BN_ULONG *a, size_t num,
@@ -835,7 +413,6 @@
const BIGNUM *m, BN_CTX *ctx,
const BN_MONT_CTX *mont) {
int i, ret = 0, wvalue;
- BN_MONT_CTX *new_mont = NULL;
void *powerbuf_free = NULL;
size_t powerbuf_len = 0;
@@ -871,12 +448,13 @@
// Allocate a montgomery context if it was not supplied by the caller.
int top, num_powers, window;
- if (mont == NULL) {
- new_mont = BN_MONT_CTX_new_consttime(m, ctx);
- if (new_mont == NULL) {
+ bssl::UniquePtr<BN_MONT_CTX> new_mont;
+ if (mont == nullptr) {
+ new_mont.reset(BN_MONT_CTX_new_consttime(m, ctx));
+ if (new_mont == nullptr) {
goto err;
}
- mont = new_mont;
+ mont = new_mont.get();
}
// Use the width in |mont->N|, rather than the copy in |m|. The assembly
@@ -1153,75 +731,9 @@
ret = 1;
err:
- BN_MONT_CTX_free(new_mont);
if (powerbuf != NULL && powerbuf_free == NULL) {
OPENSSL_cleanse(powerbuf, powerbuf_len);
}
OPENSSL_free(powerbuf_free);
return ret;
}
-
-int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- const BN_MONT_CTX *mont) {
- BIGNUM a_bignum;
- BN_init(&a_bignum);
-
- int ret = 0;
-
- // BN_mod_exp_mont requires reduced inputs.
- if (bn_minimal_width(m) == 1) {
- a %= m->d[0];
- }
-
- if (!BN_set_word(&a_bignum, a)) {
- OPENSSL_PUT_ERROR(BN, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- ret = BN_mod_exp_mont(rr, &a_bignum, p, m, ctx, mont);
-
-err:
- BN_free(&a_bignum);
-
- return ret;
-}
-
-#define TABLE_SIZE 32
-
-int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1,
- const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m,
- BN_CTX *ctx, const BN_MONT_CTX *mont) {
- BIGNUM tmp;
- BN_init(&tmp);
-
- int ret = 0;
- BN_MONT_CTX *new_mont = NULL;
-
- // Allocate a montgomery context if it was not supplied by the caller.
- if (mont == NULL) {
- new_mont = BN_MONT_CTX_new_for_modulus(m, ctx);
- if (new_mont == NULL) {
- goto err;
- }
- mont = new_mont;
- }
-
- // BN_mod_mul_montgomery removes one Montgomery factor, so passing one
- // Montgomery-encoded and one non-Montgomery-encoded value gives a
- // non-Montgomery-encoded result.
- if (!BN_mod_exp_mont(rr, a1, p1, m, ctx, mont) ||
- !BN_mod_exp_mont(&tmp, a2, p2, m, ctx, mont) ||
- !BN_to_montgomery(rr, rr, mont, ctx) ||
- !BN_mod_mul_montgomery(rr, rr, &tmp, mont, ctx)) {
- goto err;
- }
-
- ret = 1;
-
-err:
- BN_MONT_CTX_free(new_mont);
- BN_free(&tmp);
-
- return ret;
-}
diff --git a/src/crypto/fipsmodule/bn/gcd.cc.inc b/src/crypto/fipsmodule/bn/gcd.cc.inc
index 6e3cc06..e876c4d 100644
--- a/src/crypto/fipsmodule/bn/gcd.cc.inc
+++ b/src/crypto/fipsmodule/bn/gcd.cc.inc
@@ -33,23 +33,20 @@
return 0;
}
- BIGNUM *A, *B, *X, *Y;
- int ret = 0;
int sign;
-
- BN_CTX_start(ctx);
- A = BN_CTX_get(ctx);
- B = BN_CTX_get(ctx);
- X = BN_CTX_get(ctx);
- Y = BN_CTX_get(ctx);
+ bssl::BN_CTXScope scope(ctx);
+ BIGNUM *A = BN_CTX_get(ctx);
+ BIGNUM *B = BN_CTX_get(ctx);
+ BIGNUM *X = BN_CTX_get(ctx);
+ BIGNUM *Y = BN_CTX_get(ctx);
BIGNUM *R = out;
if (Y == NULL) {
- goto err;
+ return 0;
}
BN_zero(Y);
if (!BN_one(X) || BN_copy(B, a) == NULL || BN_copy(A, n) == NULL) {
- goto err;
+ return 0;
}
A->neg = 0;
sign = -1;
@@ -80,17 +77,17 @@
if (BN_is_odd(X)) {
if (!BN_uadd(X, X, n)) {
- goto err;
+ return 0;
}
}
// now X is even, so we can easily divide it by two
if (!BN_rshift1(X, X)) {
- goto err;
+ return 0;
}
}
if (shift > 0) {
if (!BN_rshift(B, B, shift)) {
- goto err;
+ return 0;
}
}
@@ -102,17 +99,17 @@
if (BN_is_odd(Y)) {
if (!BN_uadd(Y, Y, n)) {
- goto err;
+ return 0;
}
}
// now Y is even
if (!BN_rshift1(Y, Y)) {
- goto err;
+ return 0;
}
}
if (shift > 0) {
if (!BN_rshift(A, A, shift)) {
- goto err;
+ return 0;
}
}
@@ -129,21 +126,21 @@
if (BN_ucmp(B, A) >= 0) {
// -sign*(X + Y)*a == B - A (mod |n|)
if (!BN_uadd(X, X, Y)) {
- goto err;
+ return 0;
}
// NB: we could use BN_mod_add_quick(X, X, Y, n), but that
// actually makes the algorithm slower
if (!BN_usub(B, B, A)) {
- goto err;
+ return 0;
}
} else {
// sign*(X + Y)*a == A - B (mod |n|)
if (!BN_uadd(Y, Y, X)) {
- goto err;
+ return 0;
}
// as above, BN_mod_add_quick(Y, Y, X, n) would slow things down
if (!BN_usub(A, A, B)) {
- goto err;
+ return 0;
}
}
}
@@ -151,7 +148,7 @@
if (!BN_is_one(A)) {
*out_no_inverse = 1;
OPENSSL_PUT_ERROR(BN, BN_R_NO_INVERSE);
- goto err;
+ return 0;
}
// The while loop (Euclid's algorithm) ends when
@@ -162,7 +159,7 @@
if (sign < 0) {
if (!BN_sub(Y, n, Y)) {
- goto err;
+ return 0;
}
}
// Now Y*a == A (mod |n|).
@@ -170,61 +167,49 @@
// Y*a == 1 (mod |n|)
if (Y->neg || BN_ucmp(Y, n) >= 0) {
if (!BN_nnmod(Y, Y, n, ctx)) {
- goto err;
+ return 0;
}
}
if (!BN_copy(R, Y)) {
- goto err;
+ return 0;
}
- ret = 1;
-
-err:
- BN_CTX_end(ctx);
- return ret;
+ return 1;
}
BIGNUM *BN_mod_inverse(BIGNUM *out, const BIGNUM *a, const BIGNUM *n,
BN_CTX *ctx) {
- BIGNUM *new_out = NULL;
- if (out == NULL) {
- new_out = BN_new();
- if (new_out == NULL) {
- return NULL;
+ bssl::UniquePtr<BIGNUM> new_out;
+ if (out == nullptr) {
+ new_out.reset(BN_new());
+ if (new_out == nullptr) {
+ return nullptr;
}
- out = new_out;
+ out = new_out.get();
}
- int ok = 0;
- BIGNUM *a_reduced = NULL;
+ bssl::UniquePtr<BIGNUM> a_reduced;
if (a->neg || BN_ucmp(a, n) >= 0) {
- a_reduced = BN_dup(a);
- if (a_reduced == NULL) {
- goto err;
+ a_reduced.reset(BN_dup(a));
+ if (a_reduced == nullptr) {
+ return nullptr;
}
- if (!BN_nnmod(a_reduced, a_reduced, n, ctx)) {
- goto err;
+ if (!BN_nnmod(a_reduced.get(), a_reduced.get(), n, ctx)) {
+ return nullptr;
}
- a = a_reduced;
+ a = a_reduced.get();
}
int no_inverse;
if (!BN_is_odd(n)) {
if (!bn_mod_inverse_consttime(out, &no_inverse, a, n, ctx)) {
- goto err;
+ return nullptr;
}
} else if (!BN_mod_inverse_odd(out, &no_inverse, a, n, ctx)) {
- goto err;
+ return nullptr;
}
- ok = 1;
-
-err:
- if (!ok) {
- BN_free(new_out);
- out = NULL;
- }
- BN_free(a_reduced);
+ new_out.release(); // Passed to the caller via |out|.
return out;
}
@@ -240,9 +225,10 @@
return 0;
}
- int ret = 0;
- BIGNUM blinding_factor;
- BN_init(&blinding_factor);
+ bssl::UniquePtr<BIGNUM> blinding_factor(BN_new());
+ if (blinding_factor == nullptr) {
+ return 0;
+ }
// |BN_mod_inverse_odd| is leaky, so generate a secret blinding factor and
// blind |a|. This works because (ar)^-1 * r = a^-1, supposing r is
@@ -253,12 +239,12 @@
//
// TODO(crbug.com/boringssl/677): When the PRNG output is marked secret by
// default, the explicit |bn_secret| call can be removed.
- if (!BN_rand_range_ex(&blinding_factor, 1, &mont->N)) {
- goto err;
+ if (!BN_rand_range_ex(blinding_factor.get(), 1, &mont->N)) {
+ return 0;
}
- bn_secret(&blinding_factor);
- if (!BN_mod_mul_montgomery(out, &blinding_factor, a, mont, ctx)) {
- goto err;
+ bn_secret(blinding_factor.get());
+ if (!BN_mod_mul_montgomery(out, blinding_factor.get(), a, mont, ctx)) {
+ return 0;
}
// Once blinded, |out| is no longer secret, so it may be passed to a leaky
@@ -266,35 +252,27 @@
// secret again after multiplying.
bn_declassify(out);
if (!BN_mod_inverse_odd(out, out_no_inverse, out, &mont->N, ctx) ||
- !BN_mod_mul_montgomery(out, &blinding_factor, out, mont, ctx)) {
- goto err;
+ !BN_mod_mul_montgomery(out, blinding_factor.get(), out, mont, ctx)) {
+ return 0;
}
- ret = 1;
-
-err:
- BN_free(&blinding_factor);
- return ret;
+ return 1;
}
int bn_mod_inverse_prime(BIGNUM *out, const BIGNUM *a, const BIGNUM *p,
BN_CTX *ctx, const BN_MONT_CTX *mont_p) {
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *p_minus_2 = BN_CTX_get(ctx);
- int ok = p_minus_2 != NULL && BN_copy(p_minus_2, p) &&
- BN_sub_word(p_minus_2, 2) &&
- BN_mod_exp_mont(out, a, p_minus_2, p, ctx, mont_p);
- BN_CTX_end(ctx);
- return ok;
+ return p_minus_2 != nullptr && BN_copy(p_minus_2, p) &&
+ BN_sub_word(p_minus_2, 2) &&
+ BN_mod_exp_mont(out, a, p_minus_2, p, ctx, mont_p);
}
int bn_mod_inverse_secret_prime(BIGNUM *out, const BIGNUM *a, const BIGNUM *p,
BN_CTX *ctx, const BN_MONT_CTX *mont_p) {
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *p_minus_2 = BN_CTX_get(ctx);
- int ok = p_minus_2 != NULL && BN_copy(p_minus_2, p) &&
- BN_sub_word(p_minus_2, 2) &&
- BN_mod_exp_mont_consttime(out, a, p_minus_2, p, ctx, mont_p);
- BN_CTX_end(ctx);
- return ok;
+ return p_minus_2 != nullptr && BN_copy(p_minus_2, p) &&
+ BN_sub_word(p_minus_2, 2) &&
+ BN_mod_exp_mont_consttime(out, a, p_minus_2, p, ctx, mont_p);
}
diff --git a/src/crypto/fipsmodule/bn/gcd_extra.cc.inc b/src/crypto/fipsmodule/bn/gcd_extra.cc.inc
index d8642cd..dc0f072 100644
--- a/src/crypto/fipsmodule/bn/gcd_extra.cc.inc
+++ b/src/crypto/fipsmodule/bn/gcd_extra.cc.inc
@@ -56,19 +56,18 @@
}
// This is a constant-time implementation of Stein's algorithm (binary GCD).
- int ret = 0;
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *u = BN_CTX_get(ctx);
BIGNUM *v = BN_CTX_get(ctx);
BIGNUM *tmp = BN_CTX_get(ctx);
unsigned x_bits, y_bits, num_iters, shift;
- if (u == NULL || v == NULL || tmp == NULL || //
+ if (u == nullptr || v == nullptr || tmp == nullptr || //
!BN_copy(u, x) || //
!BN_copy(v, y) || //
!bn_resize_words(u, width) || //
!bn_resize_words(v, width) || //
!bn_resize_words(tmp, width)) {
- goto err;
+ return 0;
}
// Each loop iteration halves at least one of |u| and |v|. Thus we need at
@@ -78,7 +77,7 @@
num_iters = x_bits + y_bits;
if (num_iters < x_bits) {
OPENSSL_PUT_ERROR(BN, BN_R_BIGNUM_TOO_LONG);
- goto err;
+ return 0;
}
shift = 0;
@@ -114,11 +113,7 @@
}
*out_shift = shift;
- ret = bn_set_words(r, v->d, width);
-
-err:
- BN_CTX_end(ctx);
- return ret;
+ return bn_set_words(r, v->d, width);
}
int BN_gcd(BIGNUM *r, const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx) {
@@ -128,12 +123,11 @@
int bn_is_relatively_prime(int *out_relatively_prime, const BIGNUM *x,
const BIGNUM *y, BN_CTX *ctx) {
- int ret = 0;
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
unsigned shift;
BIGNUM *gcd = BN_CTX_get(ctx);
- if (gcd == NULL || !bn_gcd_consttime(gcd, &shift, x, y, ctx)) {
- goto err;
+ if (gcd == nullptr || !bn_gcd_consttime(gcd, &shift, x, y, ctx)) {
+ return 0;
}
// Check that 2^|shift| * |gcd| is one.
@@ -146,25 +140,20 @@
}
*out_relatively_prime = mask == 0;
}
- ret = 1;
-err:
- BN_CTX_end(ctx);
- return ret;
+ return 1;
}
int bn_lcm_consttime(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) {
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
unsigned shift;
BIGNUM *gcd = BN_CTX_get(ctx);
- int ret = gcd != NULL && //
- bn_mul_consttime(r, a, b, ctx) &&
- bn_gcd_consttime(gcd, &shift, a, b, ctx) &&
- // |gcd| has a secret bit width.
- bn_div_consttime(r, NULL, r, gcd, /*divisor_min_bits=*/0, ctx) &&
- bn_rshift_secret_shift(r, r, shift, ctx);
- BN_CTX_end(ctx);
- return ret;
+ return gcd != nullptr && //
+ bn_mul_consttime(r, a, b, ctx) &&
+ bn_gcd_consttime(gcd, &shift, a, b, ctx) &&
+ // |gcd| has a secret bit width.
+ bn_div_consttime(r, nullptr, r, gcd, /*divisor_min_bits=*/0, ctx) &&
+ bn_rshift_secret_shift(r, r, shift, ctx);
}
int bn_mod_inverse_consttime(BIGNUM *r, int *out_no_inverse, const BIGNUM *a,
@@ -207,8 +196,7 @@
a_width = n_width;
}
- int ret = 0;
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *u = BN_CTX_get(ctx);
BIGNUM *v = BN_CTX_get(ctx);
BIGNUM *A = BN_CTX_get(ctx);
@@ -218,14 +206,14 @@
BIGNUM *tmp = BN_CTX_get(ctx);
BIGNUM *tmp2 = BN_CTX_get(ctx);
size_t a_bits, num_iters, n_bits;
- if (u == NULL || //
- v == NULL || //
- A == NULL || //
- B == NULL || //
- C == NULL || //
- D == NULL || //
- tmp == NULL || //
- tmp2 == NULL || //
+ if (u == nullptr || //
+ v == nullptr || //
+ A == nullptr || //
+ B == nullptr || //
+ C == nullptr || //
+ D == nullptr || //
+ tmp == nullptr || //
+ tmp2 == nullptr || //
!BN_copy(u, a) || //
!BN_copy(v, n) || //
!BN_one(A) || //
@@ -242,7 +230,7 @@
// |tmp| and |tmp2| may be used at either size.
!bn_resize_words(tmp, n_width) || //
!bn_resize_words(tmp2, n_width)) {
- goto err;
+ return 0;
}
// Each loop iteration halves at least one of |u| and |v|. Thus we need at
@@ -254,7 +242,7 @@
num_iters = a_bits + n_bits;
if (num_iters < a_bits) {
OPENSSL_PUT_ERROR(BN, BN_R_BIGNUM_TOO_LONG);
- goto err;
+ return 0;
}
// Before and after each loop iteration, the following hold:
@@ -328,12 +316,8 @@
if (constant_time_declassify_int(!BN_is_one(u))) {
*out_no_inverse = 1;
OPENSSL_PUT_ERROR(BN, BN_R_NO_INVERSE);
- goto err;
+ return 0;
}
- ret = BN_copy(r, A) != NULL;
-
-err:
- BN_CTX_end(ctx);
- return ret;
+ return BN_copy(r, A) != nullptr;
}
diff --git a/src/crypto/fipsmodule/bn/internal.h b/src/crypto/fipsmodule/bn/internal.h
index 0a9997d..9dfc114 100644
--- a/src/crypto/fipsmodule/bn/internal.h
+++ b/src/crypto/fipsmodule/bn/internal.h
@@ -13,15 +13,13 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_BN_INTERNAL_H
-#define OPENSSL_HEADER_BN_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_FIPSMODULE_BN_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_FIPSMODULE_BN_INTERNAL_H
#include <openssl/bn.h>
#if defined(OPENSSL_X86_64) && defined(_MSC_VER)
-OPENSSL_MSVC_PRAGMA(warning(push, 3))
#include <intrin.h>
-OPENSSL_MSVC_PRAGMA(warning(pop))
#pragma intrinsic(__umulh, _umul128)
#endif
@@ -263,11 +261,15 @@
int bn_rand_secret_range(BIGNUM *r, int *out_is_uniform, BN_ULONG min_inclusive,
const BIGNUM *max_exclusive);
-// BN_MONTGOMERY_MAX_WORDS is the maximum numer of words allowed in a |BIGNUM|
+// BN_MONTGOMERY_MAX_WORDS is the maximum number of words allowed in a |BIGNUM|
// used with Montgomery reduction. Ideally this limit would be applied to all
// |BIGNUM|s, in |bn_wexpand|, but the exactfloat library needs to create 8 MiB
// values for other operations.
-#define BN_MONTGOMERY_MAX_WORDS (8 * 1024 / sizeof(BN_ULONG))
+//
+// TODO(crbug.com/402677800): This is not quite tight enough to limit the
+// |bn_mul_mont| allocation to under a page. Lower the maximum RSA key and then
+// lower this to match.
+#define BN_MONTGOMERY_MAX_WORDS (16384 / BN_BITS2)
#if !defined(OPENSSL_NO_ASM) && \
(defined(OPENSSL_X86) || defined(OPENSSL_X86_64) || \
@@ -275,14 +277,14 @@
#define OPENSSL_BN_ASM_MONT
// bn_mul_mont writes |ap| * |bp| mod |np| to |rp|, each |num| words
// long. Inputs and outputs are in Montgomery form. |n0| is a pointer to the
-// corresponding field in |BN_MONT_CTX|. It returns one if |bn_mul_mont| handles
-// inputs of this size and zero otherwise.
+// corresponding field in |BN_MONT_CTX|.
//
// If at least one of |ap| or |bp| is fully reduced, |rp| will be fully reduced.
// If neither is fully-reduced, the output may not be either.
//
-// This function allocates |num| words on the stack, so |num| should be at most
-// |BN_MONTGOMERY_MAX_WORDS|.
+// This function allocates up to 2 * |num| words (plus a constant allocation) on
+// the stack, so |num| should be at most |BN_MONTGOMERY_MAX_WORDS|.
+// Additionally, |num| must be at least 128 / |BN_BITS2|.
//
// TODO(davidben): The x86_64 implementation expects a 32-bit input and masks
// off upper bits. The aarch64 implementation expects a 64-bit input and does
@@ -291,39 +293,39 @@
//
// See also discussion in |ToWord| in abi_test.h for notes on smaller-than-word
// inputs.
-int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
- const BN_ULONG *np, const BN_ULONG *n0, size_t num);
+void bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ const BN_ULONG *np, const BN_ULONG *n0, size_t num);
#if defined(OPENSSL_X86_64)
inline int bn_mulx_adx_capable(void) {
// MULX is in BMI2.
return CRYPTO_is_BMI2_capable() && CRYPTO_is_ADX_capable();
}
-int bn_mul_mont_nohw(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
- const BN_ULONG *np, const BN_ULONG *n0, size_t num);
+void bn_mul_mont_nohw(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ const BN_ULONG *np, const BN_ULONG *n0, size_t num);
inline int bn_mul4x_mont_capable(size_t num) {
return num >= 8 && (num & 3) == 0;
}
-int bn_mul4x_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
- const BN_ULONG *np, const BN_ULONG *n0, size_t num);
+void bn_mul4x_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ const BN_ULONG *np, const BN_ULONG *n0, size_t num);
inline int bn_mulx4x_mont_capable(size_t num) {
return bn_mul4x_mont_capable(num) && bn_mulx_adx_capable();
}
-int bn_mulx4x_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
- const BN_ULONG *np, const BN_ULONG *n0, size_t num);
+void bn_mulx4x_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ const BN_ULONG *np, const BN_ULONG *n0, size_t num);
inline int bn_sqr8x_mont_capable(size_t num) {
return num >= 8 && (num & 7) == 0;
}
-int bn_sqr8x_mont(BN_ULONG *rp, const BN_ULONG *ap, BN_ULONG mulx_adx_capable,
- const BN_ULONG *np, const BN_ULONG *n0, size_t num);
+void bn_sqr8x_mont(BN_ULONG *rp, const BN_ULONG *ap, BN_ULONG mulx_adx_capable,
+ const BN_ULONG *np, const BN_ULONG *n0, size_t num);
#elif defined(OPENSSL_ARM)
inline int bn_mul8x_mont_neon_capable(size_t num) {
return (num & 7) == 0 && CRYPTO_is_NEON_capable();
}
-int bn_mul8x_mont_neon(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
- const BN_ULONG *np, const BN_ULONG *n0, size_t num);
-int bn_mul_mont_nohw(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
- const BN_ULONG *np, const BN_ULONG *n0, size_t num);
+void bn_mul8x_mont_neon(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ const BN_ULONG *np, const BN_ULONG *n0, size_t num);
+void bn_mul_mont_nohw(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ const BN_ULONG *np, const BN_ULONG *n0, size_t num);
#endif
#endif // OPENSSL_BN_ASM_MONT
@@ -721,4 +723,4 @@
} // extern C
#endif
-#endif // OPENSSL_HEADER_BN_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_FIPSMODULE_BN_INTERNAL_H
diff --git a/src/crypto/fipsmodule/bn/jacobi.cc.inc b/src/crypto/fipsmodule/bn/jacobi.cc.inc
index 0ac6f67..1c1c51f 100644
--- a/src/crypto/fipsmodule/bn/jacobi.cc.inc
+++ b/src/crypto/fipsmodule/bn/jacobi.cc.inc
@@ -42,32 +42,29 @@
return -2;
}
- int ret = -2;
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *A = BN_CTX_get(ctx);
BIGNUM *B = BN_CTX_get(ctx);
if (B == NULL) {
- goto end;
+ return -2;
}
if (!BN_copy(A, a) ||
!BN_copy(B, b)) {
- goto end;
+ return -2;
}
// Adapted from logic to compute the Kronecker symbol, originally implemented
// according to Henri Cohen, "A Course in Computational Algebraic Number
// Theory" (algorithm 1.4.10).
- ret = 1;
-
+ int ret = 1;
while (1) {
// Cohen's step 3:
// B is positive and odd
if (BN_is_zero(A)) {
- ret = BN_is_one(B) ? ret : 0;
- goto end;
+ return BN_is_one(B) ? ret : 0;
}
// now A is non-zero
@@ -76,8 +73,7 @@
i++;
}
if (!BN_rshift(A, A, i)) {
- ret = -2;
- goto end;
+ return -2;
}
if (i & 1) {
// i is odd
@@ -93,16 +89,11 @@
// (A, B) := (B mod |A|, |A|)
if (!BN_nnmod(B, B, A, ctx)) {
- ret = -2;
- goto end;
+ return -2;
}
BIGNUM *tmp = A;
A = B;
B = tmp;
tmp->neg = 0;
}
-
-end:
- BN_CTX_end(ctx);
- return ret;
}
diff --git a/src/crypto/fipsmodule/bn/montgomery.cc.inc b/src/crypto/fipsmodule/bn/montgomery.cc.inc
index e73f805..4bafb11 100644
--- a/src/crypto/fipsmodule/bn/montgomery.cc.inc
+++ b/src/crypto/fipsmodule/bn/montgomery.cc.inc
@@ -245,21 +245,13 @@
int BN_from_montgomery(BIGNUM *r, const BIGNUM *a, const BN_MONT_CTX *mont,
BN_CTX *ctx) {
- int ret = 0;
- BIGNUM *t;
-
- BN_CTX_start(ctx);
- t = BN_CTX_get(ctx);
+ bssl::BN_CTXScope scope(ctx);
+ BIGNUM *t = BN_CTX_get(ctx);
if (t == NULL || !BN_copy(t, a)) {
- goto err;
+ return 0;
}
- ret = BN_from_montgomery_word(r, t, mont);
-
-err:
- BN_CTX_end(ctx);
-
- return ret;
+ return BN_from_montgomery_word(r, t, mont);
}
int bn_one_to_montgomery(BIGNUM *r, const BN_MONT_CTX *mont, BN_CTX *ctx) {
@@ -286,34 +278,28 @@
const BIGNUM *b,
const BN_MONT_CTX *mont,
BN_CTX *ctx) {
- int ret = 0;
-
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *tmp = BN_CTX_get(ctx);
if (tmp == NULL) {
- goto err;
+ return 0;
}
if (a == b) {
if (!bn_sqr_consttime(tmp, a, ctx)) {
- goto err;
+ return 0;
}
} else {
if (!bn_mul_consttime(tmp, a, b, ctx)) {
- goto err;
+ return 0;
}
}
// reduce from aRR to aR
if (!BN_from_montgomery_word(r, tmp, mont)) {
- goto err;
+ return 0;
}
- ret = 1;
-
-err:
- BN_CTX_end(ctx);
- return ret;
+ return 1;
}
int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
@@ -324,7 +310,7 @@
}
#if defined(OPENSSL_BN_ASM_MONT)
- // |bn_mul_mont| requires at least 128 bits of limbs, at least for x86.
+ // |bn_mul_mont| requires at least 128 bits of limbs.
int num = mont->N.width;
if (num >= (128 / BN_BITS2) && a->width == num && b->width == num) {
if (!bn_wexpand(r, num)) {
@@ -333,12 +319,7 @@
// This bound is implied by |bn_mont_ctx_set_N_and_n0|. |bn_mul_mont|
// allocates |num| words on the stack, so |num| cannot be too large.
assert((size_t)num <= BN_MONTGOMERY_MAX_WORDS);
- if (!bn_mul_mont(r->d, a->d, b->d, mont->N.d, mont->n0, num)) {
- // The check above ensures this won't happen.
- assert(0);
- OPENSSL_PUT_ERROR(BN, ERR_R_INTERNAL_ERROR);
- return 0;
- }
+ bn_mul_mont(r->d, a->d, b->d, mont->N.d, mont->n0, num);
r->neg = 0;
r->width = num;
return 1;
@@ -379,11 +360,9 @@
}
#if defined(OPENSSL_BN_ASM_MONT)
- // |bn_mul_mont| requires at least 128 bits of limbs, at least for x86.
+ // |bn_mul_mont| requires at least 128 bits of limbs.
if (num >= (128 / BN_BITS2)) {
- if (!bn_mul_mont(r, a, b, mont->N.d, mont->n0, num)) {
- abort(); // The check above ensures this won't happen.
- }
+ bn_mul_mont(r, a, b, mont->N.d, mont->n0, num);
return;
}
#endif
@@ -404,27 +383,27 @@
}
#if defined(OPENSSL_BN_ASM_MONT) && defined(OPENSSL_X86_64)
-int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+void bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
const BN_ULONG *np, const BN_ULONG *n0, size_t num) {
if (ap == bp && bn_sqr8x_mont_capable(num)) {
- return bn_sqr8x_mont(rp, ap, bn_mulx_adx_capable(), np, n0, num);
+ bn_sqr8x_mont(rp, ap, bn_mulx_adx_capable(), np, n0, num);
+ } else if (bn_mulx4x_mont_capable(num)) {
+ bn_mulx4x_mont(rp, ap, bp, np, n0, num);
+ } else if (bn_mul4x_mont_capable(num)) {
+ bn_mul4x_mont(rp, ap, bp, np, n0, num);
+ } else {
+ bn_mul_mont_nohw(rp, ap, bp, np, n0, num);
}
- if (bn_mulx4x_mont_capable(num)) {
- return bn_mulx4x_mont(rp, ap, bp, np, n0, num);
- }
- if (bn_mul4x_mont_capable(num)) {
- return bn_mul4x_mont(rp, ap, bp, np, n0, num);
- }
- return bn_mul_mont_nohw(rp, ap, bp, np, n0, num);
}
#endif
#if defined(OPENSSL_BN_ASM_MONT) && defined(OPENSSL_ARM)
-int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
- const BN_ULONG *np, const BN_ULONG *n0, size_t num) {
+void bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ const BN_ULONG *np, const BN_ULONG *n0, size_t num) {
if (bn_mul8x_mont_neon_capable(num)) {
- return bn_mul8x_mont_neon(rp, ap, bp, np, n0, num);
+ bn_mul8x_mont_neon(rp, ap, bp, np, n0, num);
+ } else {
+ bn_mul_mont_nohw(rp, ap, bp, np, n0, num);
}
- return bn_mul_mont_nohw(rp, ap, bp, np, n0, num);
}
#endif
diff --git a/src/crypto/fipsmodule/bn/mul.cc.inc b/src/crypto/fipsmodule/bn/mul.cc.inc
index 6dc8d52..9f75dde 100644
--- a/src/crypto/fipsmodule/bn/mul.cc.inc
+++ b/src/crypto/fipsmodule/bn/mul.cc.inc
@@ -137,15 +137,14 @@
int cl = a->width < b->width ? a->width : b->width;
int dl = a->width - b->width;
int r_len = a->width < b->width ? b->width : a->width;
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *tmp = BN_CTX_get(ctx);
- int ok = tmp != NULL && bn_wexpand(r, r_len) && bn_wexpand(tmp, r_len);
- if (ok) {
- bn_abs_sub_part_words(r->d, a->d, b->d, cl, dl, tmp->d);
- r->width = r_len;
+ if (tmp == nullptr || !bn_wexpand(r, r_len) || !bn_wexpand(tmp, r_len)) {
+ return 0;
}
- BN_CTX_end(ctx);
- return ok;
+ bn_abs_sub_part_words(r->d, a->d, b->d, cl, dl, tmp->d);
+ r->width = r_len;
+ return 1;
}
// Karatsuba recursive multiplication algorithm
@@ -377,13 +376,13 @@
return 1;
}
- int ret = 0, i, top;
+ int i, top;
BIGNUM *rr;
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
if (r == a || r == b) {
rr = BN_CTX_get(ctx);
if (rr == NULL) {
- goto err;
+ return 0;
}
} else {
rr = r;
@@ -394,7 +393,7 @@
if (i == 0) {
if (al == 8) {
if (!bn_wexpand(rr, 16)) {
- goto err;
+ return 0;
}
rr->width = 16;
bn_mul_comba8(rr->d, a->d, b->d);
@@ -403,6 +402,10 @@
}
top = al + bl;
+ // TODO(crbug.com/406497222): The recursive implementation is actually worse
+ // for cryptographic use cases, but we need to retain it in |BN_mul| for the
+ // projects misusing BIGNUM as a general-purpose calculator library with
+ // giant integers. Disconnect this code from our cryptographic primitives.
static const int kMulNormalSize = 16;
if (al >= kMulNormalSize && bl >= kMulNormalSize) {
if (-1 <= i && i <= 1) {
@@ -417,7 +420,7 @@
assert(j <= al || j <= bl);
BIGNUM *t = BN_CTX_get(ctx);
if (t == NULL) {
- goto err;
+ return 0;
}
if (al > j || bl > j) {
// We know |al| and |bl| are at most one from each other, so if al > j,
@@ -428,7 +431,7 @@
// https://boringssl-review.googlesource.com/q/I0bd604e2cd6a75c266f64476c23a730ca1721ea6
assert(al >= j && bl >= j);
if (!bn_wexpand(t, j * 8) || !bn_wexpand(rr, j * 4)) {
- goto err;
+ return 0;
}
bn_mul_part_recursive(rr->d, a->d, b->d, j, al - j, bl - j, t->d);
} else {
@@ -436,7 +439,7 @@
// of al - j or bl - j is zero. The other, by the bound on |i| above, is
// zero or -1. Thus, we can use |bn_mul_recursive|.
if (!bn_wexpand(t, j * 4) || !bn_wexpand(rr, j * 2)) {
- goto err;
+ return 0;
}
bn_mul_recursive(rr->d, a->d, b->d, j, al - j, bl - j, t->d);
}
@@ -446,20 +449,16 @@
}
if (!bn_wexpand(rr, top)) {
- goto err;
+ return 0;
}
rr->width = top;
bn_mul_normal(rr->d, a->d, al, b->d, bl);
end:
if (r != rr && !BN_copy(r, rr)) {
- goto err;
+ return 0;
}
- ret = 1;
-
-err:
- BN_CTX_end(ctx);
- return ret;
+ return 1;
}
int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) {
@@ -623,17 +622,16 @@
return 1;
}
- int ret = 0, max;
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *rr = (a != r) ? r : BN_CTX_get(ctx);
BIGNUM *tmp = BN_CTX_get(ctx);
if (!rr || !tmp) {
- goto err;
+ return 0;
}
- max = 2 * al; // Non-zero (from above)
+ int max = 2 * al; // Non-zero (from above)
if (!bn_wexpand(rr, max)) {
- goto err;
+ return 0;
}
if (al == 4) {
@@ -646,14 +644,20 @@
bn_sqr_normal(rr->d, a->d, al, t);
} else {
// If |al| is a power of two, we can use |bn_sqr_recursive|.
+ //
+ // TODO(crbug.com/406497222): The recursive implementation is actually
+ // worse for cryptographic use cases, but we need to retain it in |BN_mul|
+ // for the projects misusing BIGNUM as a general-purpose calculator
+ // library with giant integers. Disconnect this code from our
+ // cryptographic primitives.
if (al != 0 && (al & (al - 1)) == 0) {
if (!bn_wexpand(tmp, al * 4)) {
- goto err;
+ return 0;
}
bn_sqr_recursive(rr->d, a->d, al, tmp->d);
} else {
if (!bn_wexpand(tmp, max)) {
- goto err;
+ return 0;
}
bn_sqr_normal(rr->d, a->d, al, tmp->d);
}
@@ -664,13 +668,9 @@
rr->width = max;
if (rr != r && !BN_copy(r, rr)) {
- goto err;
+ return 0;
}
- ret = 1;
-
-err:
- BN_CTX_end(ctx);
- return ret;
+ return 1;
}
int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) {
diff --git a/src/crypto/fipsmodule/bn/prime.cc.inc b/src/crypto/fipsmodule/bn/prime.cc.inc
index 0471246..fabb545 100644
--- a/src/crypto/fipsmodule/bn/prime.cc.inc
+++ b/src/crypto/fipsmodule/bn/prime.cc.inc
@@ -290,9 +290,7 @@
int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
const BIGNUM *rem, BN_GENCB *cb) {
BIGNUM *t;
- int found = 0;
int i, j, c1 = 0;
- BN_CTX *ctx;
int checks = BN_prime_checks_for_size(bits);
if (bits < 2) {
@@ -305,43 +303,43 @@
return 0;
}
- ctx = BN_CTX_new();
- if (ctx == NULL) {
- goto err;
+ bssl::UniquePtr<BN_CTX> ctx(BN_CTX_new());
+ if (ctx == nullptr) {
+ return 0;
}
- BN_CTX_start(ctx);
- t = BN_CTX_get(ctx);
+ bssl::BN_CTXScope scope(ctx.get());
+ t = BN_CTX_get(ctx.get());
if (!t) {
- goto err;
+ return 0;
}
loop:
// make a random number and set the top and bottom bits
if (add == NULL) {
if (!probable_prime(ret, bits)) {
- goto err;
+ return 0;
}
} else {
if (safe) {
- if (!probable_prime_dh_safe(ret, bits, add, rem, ctx)) {
- goto err;
+ if (!probable_prime_dh_safe(ret, bits, add, rem, ctx.get())) {
+ return 0;
}
} else {
- if (!probable_prime_dh(ret, bits, add, rem, ctx)) {
- goto err;
+ if (!probable_prime_dh(ret, bits, add, rem, ctx.get())) {
+ return 0;
}
}
}
if (!BN_GENCB_call(cb, BN_GENCB_GENERATED, c1++)) {
// aborted
- goto err;
+ return 0;
}
if (!safe) {
- i = BN_is_prime_fasttest_ex(ret, checks, ctx, 0, cb);
+ i = BN_is_prime_fasttest_ex(ret, checks, ctx.get(), 0, cb);
if (i == -1) {
- goto err;
+ return 0;
} else if (i == 0) {
goto loop;
}
@@ -349,7 +347,7 @@
// for "safe prime" generation, check that (p-1)/2 is prime. Since a prime
// is odd, We just need to divide by 2
if (!BN_rshift1(t, ret)) {
- goto err;
+ return 0;
}
// Interleave |ret| and |t|'s primality tests to avoid paying the full
@@ -358,37 +356,29 @@
// TODO(davidben): This doesn't quite work because an iteration count of 1
// still runs the blinding mechanism.
for (i = 0; i < checks; i++) {
- j = BN_is_prime_fasttest_ex(ret, 1, ctx, 0, NULL);
+ j = BN_is_prime_fasttest_ex(ret, 1, ctx.get(), 0, NULL);
if (j == -1) {
- goto err;
+ return 0;
} else if (j == 0) {
goto loop;
}
- j = BN_is_prime_fasttest_ex(t, 1, ctx, 0, NULL);
+ j = BN_is_prime_fasttest_ex(t, 1, ctx.get(), 0, NULL);
if (j == -1) {
- goto err;
+ return 0;
} else if (j == 0) {
goto loop;
}
if (!BN_GENCB_call(cb, BN_GENCB_PRIME_TEST, i)) {
- goto err;
+ return 0;
}
// We have a safe prime test pass
}
}
// we have a prime :-)
- found = 1;
-
-err:
- if (ctx != NULL) {
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
-
- return found;
+ return 1;
}
static int bn_trial_division(uint16_t *out, const BIGNUM *bn) {
@@ -453,8 +443,7 @@
int *out_is_possibly_prime, const BIGNUM *b,
const BN_MONT_CTX *mont, BN_CTX *ctx) {
// This function corresponds to steps 4.3 through 4.5 of FIPS 186-4, C.3.1.
- int ret = 0;
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
// Step 4.3. We use Montgomery-encoding for better performance and to avoid
// timing leaks.
@@ -464,7 +453,7 @@
if (z == NULL ||
!BN_mod_exp_mont_consttime(z, b, miller_rabin->m, w, ctx, mont) ||
!BN_to_montgomery(z, z, mont, ctx)) {
- goto err;
+ return 0;
}
// is_possibly_prime is all ones if we have determined |b| is not a composite
@@ -493,7 +482,7 @@
// Step 4.5.1.
if (!BN_mod_mul_montgomery(z, z, z, mont, ctx)) {
- goto err;
+ return 0;
}
// Step 4.5.2. If z = w-1 and the loop is not done, this is not a composite
@@ -513,11 +502,7 @@
}
*out_is_possibly_prime = constant_time_declassify_w(is_possibly_prime) & 1;
- ret = 1;
-
-err:
- BN_CTX_end(ctx);
- return ret;
+ return 1;
}
int BN_primality_test(int *out_is_probably_prime, const BIGNUM *w, int checks,
@@ -598,26 +583,25 @@
checks = BN_prime_checks_for_size(BN_num_bits(w));
}
- BN_CTX *new_ctx = NULL;
- if (ctx == NULL) {
- new_ctx = BN_CTX_new();
- if (new_ctx == NULL) {
+ bssl::UniquePtr<BN_CTX> new_ctx;
+ if (ctx == nullptr) {
+ new_ctx.reset(BN_CTX_new());
+ if (new_ctx == nullptr) {
return 0;
}
- ctx = new_ctx;
+ ctx = new_ctx.get();
}
// See C.3.1 from FIPS 186-4.
- int ret = 0;
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *b = BN_CTX_get(ctx);
- BN_MONT_CTX *mont = BN_MONT_CTX_new_consttime(w, ctx);
+ bssl::UniquePtr<BN_MONT_CTX> mont(BN_MONT_CTX_new_consttime(w, ctx));
BN_MILLER_RABIN miller_rabin;
crypto_word_t uniform_iterations = 0;
- if (b == NULL || mont == NULL ||
+ if (b == nullptr || mont == nullptr ||
// Steps 1-3.
- !bn_miller_rabin_init(&miller_rabin, mont, ctx)) {
- goto err;
+ !bn_miller_rabin_init(&miller_rabin, mont.get(), ctx)) {
+ return 0;
}
// The following loop performs in inner iteration of the Miller-Rabin
@@ -657,39 +641,32 @@
// Step 4.1-4.2
int is_uniform;
if (!bn_rand_secret_range(b, &is_uniform, 2, miller_rabin.w1)) {
- goto err;
+ return 0;
}
uniform_iterations += is_uniform;
// Steps 4.3-4.5
int is_possibly_prime = 0;
- if (!bn_miller_rabin_iteration(&miller_rabin, &is_possibly_prime, b, mont,
- ctx)) {
- goto err;
+ if (!bn_miller_rabin_iteration(&miller_rabin, &is_possibly_prime, b,
+ mont.get(), ctx)) {
+ return 0;
}
if (!is_possibly_prime) {
// Step 4.6. We did not see z = w-1 before z = 1, so w must be composite.
*out_is_probably_prime = 0;
- ret = 1;
- goto err;
+ return 1;
}
// Step 4.7
if (!BN_GENCB_call(cb, BN_GENCB_PRIME_TEST, i - 1)) {
- goto err;
+ return 0;
}
}
declassify_assert(uniform_iterations >= (crypto_word_t)checks);
*out_is_probably_prime = 1;
- ret = 1;
-
-err:
- BN_MONT_CTX_free(mont);
- BN_CTX_end(ctx);
- BN_CTX_free(new_ctx);
- return ret;
+ return 1;
}
int BN_is_prime_ex(const BIGNUM *candidate, int checks, BN_CTX *ctx,
@@ -720,41 +697,36 @@
checks = BN_prime_checks_for_size(BN_num_bits(w));
}
- int ret = 0;
- BN_MONT_CTX *mont = NULL;
-
- BN_CTX_start(ctx);
-
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *w1 = BN_CTX_get(ctx);
- BIGNUM *b, *g, *z, *x, *x1, *m;
- int a;
- if (w1 == NULL || !BN_copy(w1, w) || !BN_sub_word(w1, 1)) {
- goto err;
+ if (w1 == nullptr || !BN_copy(w1, w) || !BN_sub_word(w1, 1)) {
+ return 0;
}
// Write w1 as m*2^a (Steps 1 and 2).
- a = 0;
+ int a = 0;
while (!BN_is_bit_set(w1, a)) {
a++;
}
- m = BN_CTX_get(ctx);
- if (m == NULL || !BN_rshift(m, w1, a)) {
- goto err;
+ BIGNUM *m = BN_CTX_get(ctx);
+ if (m == nullptr || !BN_rshift(m, w1, a)) {
+ return 0;
}
- b = BN_CTX_get(ctx);
- g = BN_CTX_get(ctx);
- z = BN_CTX_get(ctx);
- x = BN_CTX_get(ctx);
- x1 = BN_CTX_get(ctx);
- if (b == NULL || g == NULL || z == NULL || x == NULL || x1 == NULL) {
- goto err;
+ BIGNUM *b = BN_CTX_get(ctx);
+ BIGNUM *g = BN_CTX_get(ctx);
+ BIGNUM *z = BN_CTX_get(ctx);
+ BIGNUM *x = BN_CTX_get(ctx);
+ BIGNUM *x1 = BN_CTX_get(ctx);
+ if (b == nullptr || g == nullptr || z == nullptr || x == nullptr ||
+ x1 == nullptr) {
+ return 0;
}
// Montgomery setup for computations mod w
- mont = BN_MONT_CTX_new_for_modulus(w, ctx);
- if (mont == NULL) {
- goto err;
+ bssl::UniquePtr<BN_MONT_CTX> mont(BN_MONT_CTX_new_for_modulus(w, ctx));
+ if (mont == nullptr) {
+ return 0;
}
// The following loop performs in inner iteration of the Enhanced Miller-Rabin
@@ -762,22 +734,21 @@
for (int i = 1; i <= checks; i++) {
// Step 4.1-4.2
if (!BN_rand_range_ex(b, 2, w1)) {
- goto err;
+ return 0;
}
// Step 4.3-4.4
if (!BN_gcd(g, b, w, ctx)) {
- goto err;
+ return 0;
}
if (BN_cmp_word(g, 1) > 0) {
*out_result = bn_composite;
- ret = 1;
- goto err;
+ return 1;
}
// Step 4.5
- if (!BN_mod_exp_mont(z, b, m, w, ctx, mont)) {
- goto err;
+ if (!BN_mod_exp_mont(z, b, m, w, ctx, mont.get())) {
+ return 0;
}
// Step 4.6
@@ -788,7 +759,7 @@
// Step 4.7
for (int j = 1; j < a; j++) {
if (!BN_copy(x, z) || !BN_mod_mul(z, x, x, w, ctx)) {
- goto err;
+ return 0;
}
if (BN_cmp(z, w1) == 0) {
goto loop;
@@ -800,18 +771,18 @@
// Step 4.8-4.9
if (!BN_copy(x, z) || !BN_mod_mul(z, x, x, w, ctx)) {
- goto err;
+ return 0;
}
// Step 4.10-4.11
if (!BN_is_one(z) && !BN_copy(x, z)) {
- goto err;
+ return 0;
}
composite:
// Step 4.12-4.14
if (!BN_copy(x1, x) || !BN_sub_word(x1, 1) || !BN_gcd(g, x1, w, ctx)) {
- goto err;
+ return 0;
}
if (BN_cmp_word(g, 1) > 0) {
*out_result = bn_composite;
@@ -819,24 +790,17 @@
*out_result = bn_non_prime_power_composite;
}
- ret = 1;
- goto err;
+ return 1;
loop:
// Step 4.15
if (!BN_GENCB_call(cb, BN_GENCB_PRIME_TEST, i - 1)) {
- goto err;
+ return 0;
}
}
*out_result = bn_probably_prime;
- ret = 1;
-
-err:
- BN_MONT_CTX_free(mont);
- BN_CTX_end(ctx);
-
- return ret;
+ return 1;
}
static int probable_prime(BIGNUM *rnd, int bits) {
@@ -850,111 +814,99 @@
static int probable_prime_dh(BIGNUM *rnd, int bits, const BIGNUM *add,
const BIGNUM *rem, BN_CTX *ctx) {
- int ret = 0;
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *t1;
-
- BN_CTX_start(ctx);
- size_t num_primes;
- if ((t1 = BN_CTX_get(ctx)) == NULL) {
- goto err;
+ if ((t1 = BN_CTX_get(ctx)) == nullptr) {
+ return 0;
}
if (!BN_rand(rnd, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD)) {
- goto err;
+ return 0;
}
// we need ((rnd-rem) % add) == 0
-
if (!BN_mod(t1, rnd, add, ctx)) {
- goto err;
+ return 0;
}
if (!BN_sub(rnd, rnd, t1)) {
- goto err;
+ return 0;
}
- if (rem == NULL) {
+ if (rem == nullptr) {
if (!BN_add_word(rnd, 1)) {
- goto err;
+ return 0;
}
} else {
if (!BN_add(rnd, rnd, rem)) {
- goto err;
+ return 0;
}
}
// we now have a random number 'rand' to test.
- num_primes = num_trial_division_primes(rnd);
+ size_t num_primes = num_trial_division_primes(rnd);
loop:
for (size_t i = 1; i < num_primes; i++) {
// check that rnd is a prime
if (bn_mod_u16_consttime(rnd, kPrimes[i]) <= 1) {
if (!BN_add(rnd, rnd, add)) {
- goto err;
+ return 0;
}
goto loop;
}
}
- ret = 1;
-
-err:
- BN_CTX_end(ctx);
- return ret;
+ return 1;
}
static int probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd,
const BIGNUM *rem, BN_CTX *ctx) {
- int ret = 0;
- BIGNUM *t1, *qadd, *q;
-
bits--;
- BN_CTX_start(ctx);
- t1 = BN_CTX_get(ctx);
- q = BN_CTX_get(ctx);
- qadd = BN_CTX_get(ctx);
- size_t num_primes;
+ bssl::BN_CTXScope scope(ctx);
+ BIGNUM *t1 = BN_CTX_get(ctx);
+ BIGNUM *q = BN_CTX_get(ctx);
+ BIGNUM *qadd = BN_CTX_get(ctx);
if (qadd == NULL) {
- goto err;
+ return 0;
}
if (!BN_rshift1(qadd, padd)) {
- goto err;
+ return 0;
}
if (!BN_rand(q, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD)) {
- goto err;
+ return 0;
}
// we need ((rnd-rem) % add) == 0
if (!BN_mod(t1, q, qadd, ctx)) {
- goto err;
+ return 0;
}
if (!BN_sub(q, q, t1)) {
- goto err;
+ return 0;
}
if (rem == NULL) {
if (!BN_add_word(q, 1)) {
- goto err;
+ return 0;
}
} else {
if (!BN_rshift1(t1, rem)) {
- goto err;
+ return 0;
}
if (!BN_add(q, q, t1)) {
- goto err;
+ return 0;
}
}
// we now have a random number 'rand' to test.
if (!BN_lshift1(p, q)) {
- goto err;
+ return 0;
}
if (!BN_add_word(p, 1)) {
- goto err;
+ return 0;
}
- num_primes = num_trial_division_primes(p);
+ size_t num_primes = num_trial_division_primes(p);
loop:
for (size_t i = 1; i < num_primes; i++) {
// check that p and q are prime
@@ -963,18 +915,14 @@
if (bn_mod_u16_consttime(p, kPrimes[i]) == 0 ||
bn_mod_u16_consttime(q, kPrimes[i]) == 0) {
if (!BN_add(p, p, padd)) {
- goto err;
+ return 0;
}
if (!BN_add(q, q, qadd)) {
- goto err;
+ return 0;
}
goto loop;
}
}
- ret = 1;
-
-err:
- BN_CTX_end(ctx);
- return ret;
+ return 1;
}
diff --git a/src/crypto/fipsmodule/bn/rsaz_exp.h b/src/crypto/fipsmodule/bn/rsaz_exp.h
index e0e9aa2..2e1d59e 100644
--- a/src/crypto/fipsmodule/bn/rsaz_exp.h
+++ b/src/crypto/fipsmodule/bn/rsaz_exp.h
@@ -17,8 +17,8 @@
// (1) Intel Corporation, Israel Development Center, Haifa, Israel
// (2) University of Haifa, Israel
-#ifndef OPENSSL_HEADER_BN_RSAZ_EXP_H
-#define OPENSSL_HEADER_BN_RSAZ_EXP_H
+#ifndef OPENSSL_HEADER_CRYPTO_FIPSMODULE_BN_RSAZ_EXP_H
+#define OPENSSL_HEADER_CRYPTO_FIPSMODULE_BN_RSAZ_EXP_H
#include <openssl/bn.h>
@@ -108,4 +108,4 @@
} // extern "C"
#endif
-#endif // OPENSSL_HEADER_BN_RSAZ_EXP_H
+#endif // OPENSSL_HEADER_CRYPTO_FIPSMODULE_BN_RSAZ_EXP_H
diff --git a/src/crypto/fipsmodule/bn/shift.cc.inc b/src/crypto/fipsmodule/bn/shift.cc.inc
index 2739c5a..491c796 100644
--- a/src/crypto/fipsmodule/bn/shift.cc.inc
+++ b/src/crypto/fipsmodule/bn/shift.cc.inc
@@ -129,12 +129,11 @@
int bn_rshift_secret_shift(BIGNUM *r, const BIGNUM *a, unsigned n,
BN_CTX *ctx) {
- int ret = 0;
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *tmp = BN_CTX_get(ctx);
unsigned max_bits;
if (tmp == NULL || !BN_copy(r, a) || !bn_wexpand(tmp, r->width)) {
- goto err;
+ return 0;
}
// Shift conditionally by powers of two.
@@ -147,11 +146,7 @@
r->d /* ignore shift */, r->width);
}
- ret = 1;
-
-err:
- BN_CTX_end(ctx);
- return ret;
+ return 1;
}
void bn_rshift1_words(BN_ULONG *r, const BN_ULONG *a, size_t num) {
diff --git a/src/crypto/fipsmodule/bn/sqrt.cc.inc b/src/crypto/fipsmodule/bn/sqrt.cc.inc
index cb70f19..56d89e0 100644
--- a/src/crypto/fipsmodule/bn/sqrt.cc.inc
+++ b/src/crypto/fipsmodule/bn/sqrt.cc.inc
@@ -63,7 +63,7 @@
return ret;
}
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
A = BN_CTX_get(ctx);
b = BN_CTX_get(ctx);
q = BN_CTX_get(ctx);
@@ -378,82 +378,5 @@
}
ret = NULL;
}
- BN_CTX_end(ctx);
return ret;
}
-
-int BN_sqrt(BIGNUM *out_sqrt, const BIGNUM *in, BN_CTX *ctx) {
- BIGNUM *estimate, *tmp, *delta, *last_delta, *tmp2;
- int ok = 0, last_delta_valid = 0;
-
- if (in->neg) {
- OPENSSL_PUT_ERROR(BN, BN_R_NEGATIVE_NUMBER);
- return 0;
- }
- if (BN_is_zero(in)) {
- BN_zero(out_sqrt);
- return 1;
- }
-
- BN_CTX_start(ctx);
- if (out_sqrt == in) {
- estimate = BN_CTX_get(ctx);
- } else {
- estimate = out_sqrt;
- }
- tmp = BN_CTX_get(ctx);
- last_delta = BN_CTX_get(ctx);
- delta = BN_CTX_get(ctx);
- if (estimate == NULL || tmp == NULL || last_delta == NULL || delta == NULL) {
- goto err;
- }
-
- // We estimate that the square root of an n-bit number is 2^{n/2}.
- if (!BN_lshift(estimate, BN_value_one(), BN_num_bits(in)/2)) {
- goto err;
- }
-
- // This is Newton's method for finding a root of the equation |estimate|^2 -
- // |in| = 0.
- for (;;) {
- // |estimate| = 1/2 * (|estimate| + |in|/|estimate|)
- if (!BN_div(tmp, NULL, in, estimate, ctx) ||
- !BN_add(tmp, tmp, estimate) ||
- !BN_rshift1(estimate, tmp) ||
- // |tmp| = |estimate|^2
- !BN_sqr(tmp, estimate, ctx) ||
- // |delta| = |in| - |tmp|
- !BN_sub(delta, in, tmp)) {
- OPENSSL_PUT_ERROR(BN, ERR_R_BN_LIB);
- goto err;
- }
-
- delta->neg = 0;
- // The difference between |in| and |estimate| squared is required to always
- // decrease. This ensures that the loop always terminates, but I don't have
- // a proof that it always finds the square root for a given square.
- if (last_delta_valid && BN_cmp(delta, last_delta) >= 0) {
- break;
- }
-
- last_delta_valid = 1;
-
- tmp2 = last_delta;
- last_delta = delta;
- delta = tmp2;
- }
-
- if (BN_cmp(tmp, in) != 0) {
- OPENSSL_PUT_ERROR(BN, BN_R_NOT_A_SQUARE);
- goto err;
- }
-
- ok = 1;
-
-err:
- if (ok && out_sqrt == in && !BN_copy(out_sqrt, estimate)) {
- ok = 0;
- }
- BN_CTX_end(ctx);
- return ok;
-}
diff --git a/src/crypto/fipsmodule/cipher/e_aes.cc.inc b/src/crypto/fipsmodule/cipher/e_aes.cc.inc
index 3ee6c7b..f0089c8 100644
--- a/src/crypto/fipsmodule/cipher/e_aes.cc.inc
+++ b/src/crypto/fipsmodule/cipher/e_aes.cc.inc
@@ -31,9 +31,6 @@
#include "internal.h"
-OPENSSL_MSVC_PRAGMA(warning(push))
-OPENSSL_MSVC_PRAGMA(warning(disable : 4702)) // Unreachable code.
-
#define AES_GCM_NONCE_LENGTH 12
typedef struct {
@@ -1126,7 +1123,6 @@
struct aead_aes_gcm_ctx gcm_ctx;
uint64_t min_next_nonce;
uint64_t mask;
- uint8_t first;
};
} // namespace
@@ -1143,7 +1139,6 @@
(struct aead_aes_gcm_tls13_ctx *)&ctx->state;
gcm_ctx->min_next_nonce = 0;
- gcm_ctx->first = 1;
size_t actual_tag_len;
if (!aead_aes_gcm_init_impl(&gcm_ctx->gcm_ctx, &actual_tag_len, key, key_len,
@@ -1174,20 +1169,20 @@
uint64_t given_counter =
CRYPTO_load_u64_be(nonce + nonce_len - sizeof(uint64_t));
- if (gcm_ctx->first) {
+ if (gcm_ctx->min_next_nonce == 0) {
// In the first call the sequence number will be zero and therefore the
// given nonce will be 0 ^ mask = mask.
gcm_ctx->mask = given_counter;
- gcm_ctx->first = 0;
+ gcm_ctx->min_next_nonce = 1;
+ } else {
+ given_counter ^= gcm_ctx->mask;
+ if (given_counter == UINT64_MAX ||
+ given_counter < gcm_ctx->min_next_nonce) {
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_NONCE);
+ return 0;
+ }
+ gcm_ctx->min_next_nonce = given_counter + 1;
}
- given_counter ^= gcm_ctx->mask;
-
- if (given_counter == UINT64_MAX || given_counter < gcm_ctx->min_next_nonce) {
- OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_NONCE);
- return 0;
- }
-
- gcm_ctx->min_next_nonce = given_counter + 1;
if (!aead_aes_gcm_seal_scatter(ctx, out, out_tag, out_tag_len,
max_out_tag_len, nonce, nonce_len, in, in_len,
@@ -1238,5 +1233,3 @@
return 0;
#endif
}
-
-OPENSSL_MSVC_PRAGMA(warning(pop))
diff --git a/src/crypto/fipsmodule/cipher/internal.h b/src/crypto/fipsmodule/cipher/internal.h
index d4a06f7..c5373bb 100644
--- a/src/crypto/fipsmodule/cipher/internal.h
+++ b/src/crypto/fipsmodule/cipher/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_CIPHER_INTERNAL_H
-#define OPENSSL_HEADER_CIPHER_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_FIPSMODULE_CIPHER_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_FIPSMODULE_CIPHER_INTERNAL_H
#include <openssl/base.h>
@@ -110,4 +110,4 @@
} // extern C
#endif
-#endif // OPENSSL_HEADER_CIPHER_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_FIPSMODULE_CIPHER_INTERNAL_H
diff --git a/src/crypto/fipsmodule/delocate.h b/src/crypto/fipsmodule/delocate.h
index 26d3d41..ae7781e 100644
--- a/src/crypto/fipsmodule/delocate.h
+++ b/src/crypto/fipsmodule/delocate.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_FIPSMODULE_DELOCATE_H
-#define OPENSSL_HEADER_FIPSMODULE_DELOCATE_H
+#ifndef OPENSSL_HEADER_CRYPTO_FIPSMODULE_DELOCATE_H
+#define OPENSSL_HEADER_CRYPTO_FIPSMODULE_DELOCATE_H
#include <openssl/base.h>
@@ -22,11 +22,18 @@
#if !defined(BORINGSSL_SHARED_LIBRARY) && defined(BORINGSSL_FIPS) && \
!defined(OPENSSL_ASAN) && !defined(OPENSSL_MSAN)
-#define DEFINE_BSS_GET(type, name, init_value) \
- static type name __attribute__((used)) = init_value; \
- extern "C" { \
- type *name##_bss_get(void) __attribute__((const)); \
- }
+#define DEFINE_BSS_GET(type, name, init_value) \
+ /* delocate needs C linkage and for |name| to be unique across BCM. */ \
+ extern "C" { \
+ extern type bcm_##name; \
+ type bcm_##name = init_value; \
+ type *bcm_##name##_bss_get(void) __attribute__((const)); \
+ } /* extern "C" */ \
+ \
+ /* The getter functions are exported, but static variables are usually named \
+ * with short names. Define a static wrapper function so the caller can use \
+ * a short name, while the symbol itself is prefixed. */ \
+ static type *name##_bss_get(void) { return bcm_##name##_bss_get(); }
// For FIPS builds we require that CRYPTO_ONCE_INIT be zero.
#define DEFINE_STATIC_ONCE(name) \
DEFINE_BSS_GET(CRYPTO_once_t, name, CRYPTO_ONCE_INIT)
@@ -89,4 +96,4 @@
#define DEFINE_LOCAL_DATA(type, name) DEFINE_DATA(type, name, static const)
-#endif // OPENSSL_HEADER_FIPSMODULE_DELOCATE_H
+#endif // OPENSSL_HEADER_CRYPTO_FIPSMODULE_DELOCATE_H
diff --git a/src/crypto/fipsmodule/dh/check.cc.inc b/src/crypto/fipsmodule/dh/check.cc.inc
index 19beb31..4d023d5 100644
--- a/src/crypto/fipsmodule/dh/check.cc.inc
+++ b/src/crypto/fipsmodule/dh/check.cc.inc
@@ -17,9 +17,14 @@
#include <openssl/bn.h>
#include <openssl/err.h>
+#include "../bn/internal.h"
#include "internal.h"
+static_assert(OPENSSL_DH_MAX_MODULUS_BITS <=
+ BN_MONTGOMERY_MAX_WORDS * BN_BITS2,
+ "Max DH size too big for Montgomery arithmetic");
+
int dh_check_params_fast(const DH *dh) {
// Most operations scale with p and q.
if (BN_is_negative(dh->p) || !BN_is_odd(dh->p) ||
@@ -50,13 +55,11 @@
return 0;
}
- BN_CTX *ctx = BN_CTX_new();
+ bssl::UniquePtr<BN_CTX> ctx(BN_CTX_new());
if (ctx == NULL) {
return 0;
}
- BN_CTX_start(ctx);
-
- int ok = 0;
+ bssl::BN_CTXScope scope(ctx.get());
// Check |pub_key| is greater than 1.
if (BN_cmp(pub_key, BN_value_one()) <= 0) {
@@ -64,11 +67,11 @@
}
// Check |pub_key| is less than |dh->p| - 1.
- BIGNUM *tmp = BN_CTX_get(ctx);
+ BIGNUM *tmp = BN_CTX_get(ctx.get());
if (tmp == NULL ||
!BN_copy(tmp, dh->p) ||
!BN_sub_word(tmp, 1)) {
- goto err;
+ return 0;
}
if (BN_cmp(pub_key, tmp) >= 0) {
*out_flags |= DH_CHECK_PUBKEY_TOO_LARGE;
@@ -78,23 +81,17 @@
// Check |pub_key|^|dh->q| is 1 mod |dh->p|. This is necessary for RFC 5114
// groups which are not safe primes but pick a generator on a prime-order
// subgroup of size |dh->q|.
- if (!BN_mod_exp_mont(tmp, pub_key, dh->q, dh->p, ctx, NULL)) {
- goto err;
+ if (!BN_mod_exp_mont(tmp, pub_key, dh->q, dh->p, ctx.get(), NULL)) {
+ return 0;
}
if (!BN_is_one(tmp)) {
*out_flags |= DH_CHECK_PUBKEY_INVALID;
}
}
- ok = 1;
-
-err:
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- return ok;
+ return 1;
}
-
int DH_check(const DH *dh, int *out_flags) {
*out_flags = 0;
if (!dh_check_params_fast(dh)) {
@@ -107,23 +104,18 @@
// for 3, p mod 12 == 5
// for 5, p mod 10 == 3 or 7
// should hold.
- int ok = 0, r;
- BN_CTX *ctx = NULL;
- BN_ULONG l;
- BIGNUM *t1 = NULL, *t2 = NULL;
-
- ctx = BN_CTX_new();
- if (ctx == NULL) {
- goto err;
+ bssl::UniquePtr<BN_CTX> ctx(BN_CTX_new());
+ if (ctx == nullptr) {
+ return 0;
}
- BN_CTX_start(ctx);
- t1 = BN_CTX_get(ctx);
- if (t1 == NULL) {
- goto err;
+ bssl::BN_CTXScope scope(ctx.get());
+ BIGNUM *t1 = BN_CTX_get(ctx.get());
+ if (t1 == nullptr) {
+ return 0;
}
- t2 = BN_CTX_get(ctx);
- if (t2 == NULL) {
- goto err;
+ BIGNUM *t2 = BN_CTX_get(ctx.get());
+ if (t2 == nullptr) {
+ return 0;
}
if (dh->q) {
@@ -133,39 +125,40 @@
*out_flags |= DH_CHECK_NOT_SUITABLE_GENERATOR;
} else {
// Check g^q == 1 mod p
- if (!BN_mod_exp_mont(t1, dh->g, dh->q, dh->p, ctx, NULL)) {
- goto err;
+ if (!BN_mod_exp_mont(t1, dh->g, dh->q, dh->p, ctx.get(), nullptr)) {
+ return 0;
}
if (!BN_is_one(t1)) {
*out_flags |= DH_CHECK_NOT_SUITABLE_GENERATOR;
}
}
- r = BN_is_prime_ex(dh->q, BN_prime_checks_for_validation, ctx, NULL);
+ int r = BN_is_prime_ex(dh->q, BN_prime_checks_for_validation, ctx.get(),
+ nullptr);
if (r < 0) {
- goto err;
+ return 0;
}
if (!r) {
*out_flags |= DH_CHECK_Q_NOT_PRIME;
}
// Check p == 1 mod q i.e. q divides p - 1
- if (!BN_div(t1, t2, dh->p, dh->q, ctx)) {
- goto err;
+ if (!BN_div(t1, t2, dh->p, dh->q, ctx.get())) {
+ return 0;
}
if (!BN_is_one(t2)) {
*out_flags |= DH_CHECK_INVALID_Q_VALUE;
}
} else if (BN_is_word(dh->g, DH_GENERATOR_2)) {
- l = BN_mod_word(dh->p, 24);
+ BN_ULONG l = BN_mod_word(dh->p, 24);
if (l == (BN_ULONG)-1) {
- goto err;
+ return 0;
}
if (l != 11) {
*out_flags |= DH_CHECK_NOT_SUITABLE_GENERATOR;
}
} else if (BN_is_word(dh->g, DH_GENERATOR_5)) {
- l = BN_mod_word(dh->p, 10);
+ BN_ULONG l = BN_mod_word(dh->p, 10);
if (l == (BN_ULONG)-1) {
- goto err;
+ return 0;
}
if (l != 3 && l != 7) {
*out_flags |= DH_CHECK_NOT_SUITABLE_GENERATOR;
@@ -174,30 +167,24 @@
*out_flags |= DH_CHECK_UNABLE_TO_CHECK_GENERATOR;
}
- r = BN_is_prime_ex(dh->p, BN_prime_checks_for_validation, ctx, NULL);
+ int r =
+ BN_is_prime_ex(dh->p, BN_prime_checks_for_validation, ctx.get(), nullptr);
if (r < 0) {
- goto err;
+ return 0;
}
if (!r) {
*out_flags |= DH_CHECK_P_NOT_PRIME;
} else if (!dh->q) {
if (!BN_rshift1(t1, dh->p)) {
- goto err;
+ return 0;
}
- r = BN_is_prime_ex(t1, BN_prime_checks_for_validation, ctx, NULL);
+ r = BN_is_prime_ex(t1, BN_prime_checks_for_validation, ctx.get(), nullptr);
if (r < 0) {
- goto err;
+ return 0;
}
if (!r) {
*out_flags |= DH_CHECK_P_NOT_SAFE_PRIME;
}
}
- ok = 1;
-
-err:
- if (ctx != NULL) {
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
- return ok;
+ return 1;
}
diff --git a/src/crypto/fipsmodule/dh/dh.cc.inc b/src/crypto/fipsmodule/dh/dh.cc.inc
index 6f1267f..0a62215 100644
--- a/src/crypto/fipsmodule/dh/dh.cc.inc
+++ b/src/crypto/fipsmodule/dh/dh.cc.inc
@@ -147,28 +147,27 @@
}
int ok = 0;
- int generate_new_key = 0;
- BN_CTX *ctx = NULL;
- BIGNUM *pub_key = NULL, *priv_key = NULL, *priv_key_limit = NULL;
+ bool generate_new_key = false;
+ BIGNUM *pub_key = nullptr, *priv_key = nullptr;
- ctx = BN_CTX_new();
- if (ctx == NULL) {
+ bssl::UniquePtr<BN_CTX> ctx(BN_CTX_new());
+ if (ctx == nullptr) {
goto err;
}
- if (dh->priv_key == NULL) {
+ if (dh->priv_key == nullptr) {
priv_key = BN_new();
- if (priv_key == NULL) {
+ if (priv_key == nullptr) {
goto err;
}
- generate_new_key = 1;
+ generate_new_key = true;
} else {
priv_key = dh->priv_key;
}
- if (dh->pub_key == NULL) {
+ if (dh->pub_key == nullptr) {
pub_key = BN_new();
- if (pub_key == NULL) {
+ if (pub_key == nullptr) {
goto err;
}
} else {
@@ -176,7 +175,7 @@
}
if (!BN_MONT_CTX_set_locked(&dh->method_mont_p, &dh->method_mont_p_lock,
- dh->p, ctx)) {
+ dh->p, ctx.get())) {
goto err;
}
@@ -202,30 +201,30 @@
// clamp |dh->priv_length| before invoking the algorithm.
// Compute M = min(2^N, q).
- priv_key_limit = BN_new();
- if (priv_key_limit == NULL) {
+ bssl::UniquePtr<BIGNUM> priv_key_limit(BN_new());
+ if (priv_key_limit == nullptr) {
goto err;
}
if (dh->priv_length == 0 || dh->priv_length >= BN_num_bits(dh->p) - 1) {
// M = q = (p - 1) / 2.
- if (!BN_rshift1(priv_key_limit, dh->p)) {
+ if (!BN_rshift1(priv_key_limit.get(), dh->p)) {
goto err;
}
} else {
// M = 2^N.
- if (!BN_set_bit(priv_key_limit, dh->priv_length)) {
+ if (!BN_set_bit(priv_key_limit.get(), dh->priv_length)) {
goto err;
}
}
// Choose a private key uniformly from [1, M-1].
- if (!BN_rand_range_ex(priv_key, 1, priv_key_limit)) {
+ if (!BN_rand_range_ex(priv_key, 1, priv_key_limit.get())) {
goto err;
}
}
}
- if (!BN_mod_exp_mont_consttime(pub_key, dh->g, priv_key, dh->p, ctx,
+ if (!BN_mod_exp_mont_consttime(pub_key, dh->g, priv_key, dh->p, ctx.get(),
dh->method_mont_p)) {
goto err;
}
@@ -239,14 +238,12 @@
OPENSSL_PUT_ERROR(DH, ERR_R_BN_LIB);
}
- if (dh->pub_key == NULL) {
+ if (dh->pub_key == nullptr) {
BN_free(pub_key);
}
- if (dh->priv_key == NULL) {
+ if (dh->priv_key == nullptr) {
BN_free(priv_key);
}
- BN_free(priv_key_limit);
- BN_CTX_free(ctx);
return ok;
}
@@ -267,56 +264,46 @@
return 0;
}
- int ret = 0;
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *p_minus_1 = BN_CTX_get(ctx);
-
if (!p_minus_1 ||
!BN_MONT_CTX_set_locked(&dh->method_mont_p, &dh->method_mont_p_lock,
dh->p, ctx)) {
- goto err;
+ return 0;
}
if (!BN_mod_exp_mont_consttime(out_shared_key, peers_key, dh->priv_key, dh->p,
ctx, dh->method_mont_p) ||
!BN_copy(p_minus_1, dh->p) || !BN_sub_word(p_minus_1, 1)) {
OPENSSL_PUT_ERROR(DH, ERR_R_BN_LIB);
- goto err;
+ return 0;
}
// This performs the check required by SP 800-56Ar3 section 5.7.1.1 step two.
if (BN_cmp_word(out_shared_key, 1) <= 0 ||
BN_cmp(out_shared_key, p_minus_1) == 0) {
OPENSSL_PUT_ERROR(DH, DH_R_INVALID_PUBKEY);
- goto err;
+ return 0;
}
- ret = 1;
-
-err:
- BN_CTX_end(ctx);
- return ret;
+ return 1;
}
int dh_compute_key_padded_no_self_test(unsigned char *out,
const BIGNUM *peers_key, DH *dh) {
- BN_CTX *ctx = BN_CTX_new();
- if (ctx == NULL) {
+ bssl::UniquePtr<BN_CTX> ctx(BN_CTX_new());
+ if (ctx == nullptr) {
return -1;
}
- BN_CTX_start(ctx);
-
+ bssl::BN_CTXScope scope(ctx.get());
int dh_size = DH_size(dh);
- int ret = -1;
- BIGNUM *shared_key = BN_CTX_get(ctx);
- if (shared_key && dh_compute_key(dh, shared_key, peers_key, ctx) &&
- BN_bn2bin_padded(out, dh_size, shared_key)) {
- ret = dh_size;
+ BIGNUM *shared_key = BN_CTX_get(ctx.get());
+ if (shared_key == nullptr ||
+ !dh_compute_key(dh, shared_key, peers_key, ctx.get()) ||
+ !BN_bn2bin_padded(out, dh_size, shared_key)) {
+ return -1;
}
-
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- return ret;
+ return dh_size;
}
int DH_compute_key_padded(unsigned char *out, const BIGNUM *peers_key, DH *dh) {
@@ -328,22 +315,18 @@
int DH_compute_key(unsigned char *out, const BIGNUM *peers_key, DH *dh) {
boringssl_ensure_ffdh_self_test();
- BN_CTX *ctx = BN_CTX_new();
- if (ctx == NULL) {
+ bssl::UniquePtr<BN_CTX> ctx(BN_CTX_new());
+ if (ctx == nullptr) {
return -1;
}
- BN_CTX_start(ctx);
-
- int ret = -1;
- BIGNUM *shared_key = BN_CTX_get(ctx);
- if (shared_key && dh_compute_key(dh, shared_key, peers_key, ctx)) {
- // A |BIGNUM|'s byte count fits in |int|.
- ret = (int)BN_bn2bin(shared_key, out);
+ bssl::BN_CTXScope scope(ctx.get());
+ BIGNUM *shared_key = BN_CTX_get(ctx.get());
+ if (shared_key == nullptr ||
+ !dh_compute_key(dh, shared_key, peers_key, ctx.get())) {
+ return -1;
}
-
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- return ret;
+ // A |BIGNUM|'s byte count fits in |int|.
+ return static_cast<int>(BN_bn2bin(shared_key, out));
}
int DH_compute_key_hashed(DH *dh, uint8_t *out, size_t *out_len,
@@ -415,29 +398,27 @@
TOBN(0xadf85458, 0xa2bb4a9a), TOBN(0xffffffff, 0xffffffff),
};
- BIGNUM *const ffdhe2048_p = BN_new();
- BIGNUM *const ffdhe2048_q = BN_new();
- BIGNUM *const ffdhe2048_g = BN_new();
- DH *const dh = DH_new();
-
+ bssl::UniquePtr<BIGNUM> ffdhe2048_p(BN_new());
+ bssl::UniquePtr<BIGNUM> ffdhe2048_q(BN_new());
+ bssl::UniquePtr<BIGNUM> ffdhe2048_g(BN_new());
+ bssl::UniquePtr<DH> dh(DH_new());
if (!ffdhe2048_p || !ffdhe2048_q || !ffdhe2048_g || !dh) {
- goto err;
+ return nullptr;
}
- bn_set_static_words(ffdhe2048_p, kFFDHE2048Data,
+ bn_set_static_words(ffdhe2048_p.get(), kFFDHE2048Data,
OPENSSL_ARRAY_SIZE(kFFDHE2048Data));
- if (!BN_rshift1(ffdhe2048_q, ffdhe2048_p) || !BN_set_word(ffdhe2048_g, 2) ||
- !DH_set0_pqg(dh, ffdhe2048_p, ffdhe2048_q, ffdhe2048_g)) {
- goto err;
+ if (!BN_rshift1(ffdhe2048_q.get(), ffdhe2048_p.get()) ||
+ !BN_set_word(ffdhe2048_g.get(), 2) ||
+ !DH_set0_pqg(dh.get(), ffdhe2048_p.get(), ffdhe2048_q.get(),
+ ffdhe2048_g.get())) {
+ return nullptr;
}
+ // |DH_set0_pqg| takes ownership on success.
+ ffdhe2048_p.release();
+ ffdhe2048_q.release();
+ ffdhe2048_g.release();
- return dh;
-
-err:
- BN_free(ffdhe2048_p);
- BN_free(ffdhe2048_q);
- BN_free(ffdhe2048_g);
- DH_free(dh);
- return NULL;
+ return dh.release();
}
diff --git a/src/crypto/fipsmodule/digest/digest.cc.inc b/src/crypto/fipsmodule/digest/digest.cc.inc
index dc22ad4..2edef42 100644
--- a/src/crypto/fipsmodule/digest/digest.cc.inc
+++ b/src/crypto/fipsmodule/digest/digest.cc.inc
@@ -212,16 +212,10 @@
int EVP_Digest(const void *data, size_t count, uint8_t *out_md,
unsigned int *out_size, const EVP_MD *type, ENGINE *impl) {
- EVP_MD_CTX ctx;
- int ret;
-
- EVP_MD_CTX_init(&ctx);
- ret = EVP_DigestInit_ex(&ctx, type, impl) &&
- EVP_DigestUpdate(&ctx, data, count) &&
- EVP_DigestFinal_ex(&ctx, out_md, out_size);
- EVP_MD_CTX_cleanup(&ctx);
-
- return ret;
+ bssl::ScopedEVP_MD_CTX ctx;
+ return EVP_DigestInit_ex(ctx.get(), type, impl) &&
+ EVP_DigestUpdate(ctx.get(), data, count) &&
+ EVP_DigestFinal_ex(ctx.get(), out_md, out_size);
}
const EVP_MD *EVP_MD_CTX_get0_md(const EVP_MD_CTX *ctx) {
diff --git a/src/crypto/fipsmodule/digest/internal.h b/src/crypto/fipsmodule/digest/internal.h
index 0cef38e..0e850c9 100644
--- a/src/crypto/fipsmodule/digest/internal.h
+++ b/src/crypto/fipsmodule/digest/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_DIGEST_INTERNAL_H
-#define OPENSSL_HEADER_DIGEST_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_FIPSMODULE_DIGEST_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_FIPSMODULE_DIGEST_INTERNAL_H
#include <openssl/base.h>
@@ -67,4 +67,4 @@
} // extern C
#endif
-#endif // OPENSSL_HEADER_DIGEST_INTERNAL
+#endif // OPENSSL_HEADER_CRYPTO_FIPSMODULE_DIGEST_INTERNAL_H
diff --git a/src/crypto/fipsmodule/digest/md32_common.h b/src/crypto/fipsmodule/digest/md32_common.h
index 6cba40a..b64f20b 100644
--- a/src/crypto/fipsmodule/digest/md32_common.h
+++ b/src/crypto/fipsmodule/digest/md32_common.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_DIGEST_MD32_COMMON_H
-#define OPENSSL_HEADER_DIGEST_MD32_COMMON_H
+#ifndef OPENSSL_HEADER_CRYPTO_FIPSMODULE_DIGEST_MD32_COMMON_H
+#define OPENSSL_HEADER_CRYPTO_FIPSMODULE_DIGEST_MD32_COMMON_H
#include <openssl/base.h>
@@ -158,4 +158,4 @@
} // extern C
#endif
-#endif // OPENSSL_HEADER_DIGEST_MD32_COMMON_H
+#endif // OPENSSL_HEADER_CRYPTO_FIPSMODULE_DIGEST_MD32_COMMON_H
diff --git a/src/crypto/fipsmodule/ec/ec.cc.inc b/src/crypto/fipsmodule/ec/ec.cc.inc
index f741840..14916ee 100644
--- a/src/crypto/fipsmodule/ec/ec.cc.inc
+++ b/src/crypto/fipsmodule/ec/ec.cc.inc
@@ -175,47 +175,44 @@
const BIGNUM *b, BN_CTX *ctx) {
if (BN_num_bytes(p) > EC_MAX_BYTES) {
OPENSSL_PUT_ERROR(EC, EC_R_INVALID_FIELD);
- return NULL;
+ return nullptr;
}
- BN_CTX *new_ctx = NULL;
- if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
- if (ctx == NULL) {
- return NULL;
+ bssl::UniquePtr<BN_CTX> new_ctx;
+ if (ctx == nullptr) {
+ new_ctx.reset(BN_CTX_new());
+ if (new_ctx == nullptr) {
+ return nullptr;
}
+ ctx = new_ctx.get();
}
// Historically, |a| and |b| were not required to be fully reduced.
// TODO(davidben): Can this be removed?
- EC_GROUP *ret = NULL;
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *a_reduced = BN_CTX_get(ctx);
BIGNUM *b_reduced = BN_CTX_get(ctx);
- if (a_reduced == NULL || b_reduced == NULL ||
- !BN_nnmod(a_reduced, a, p, ctx) || !BN_nnmod(b_reduced, b, p, ctx)) {
- goto err;
+ if (a_reduced == nullptr || b_reduced == nullptr ||
+ !BN_nnmod(a_reduced, a, p, ctx) || //
+ !BN_nnmod(b_reduced, b, p, ctx)) {
+ return nullptr;
}
- ret = reinterpret_cast<EC_GROUP *>(OPENSSL_zalloc(sizeof(EC_GROUP)));
- if (ret == NULL) {
- return NULL;
+ bssl::UniquePtr<EC_GROUP> ret(
+ reinterpret_cast<EC_GROUP *>(OPENSSL_zalloc(sizeof(EC_GROUP))));
+ if (ret == nullptr) {
+ return nullptr;
}
ret->references = 1;
ret->meth = EC_GFp_mont_method();
bn_mont_ctx_init(&ret->field);
bn_mont_ctx_init(&ret->order);
- ret->generator.group = ret;
- if (!ec_GFp_simple_group_set_curve(ret, p, a_reduced, b_reduced, ctx)) {
- EC_GROUP_free(ret);
- ret = NULL;
- goto err;
+ ret->generator.group = ret.get();
+ if (!ec_GFp_simple_group_set_curve(ret.get(), p, a_reduced, b_reduced, ctx)) {
+ return nullptr;
}
-err:
- BN_CTX_end(ctx);
- BN_CTX_free(new_ctx);
- return ret;
+ return ret.release();
}
int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
@@ -246,20 +243,19 @@
// Note any curve which did not satisfy this must have been invalid or use a
// tiny prime (less than 17). See the proof in |field_element_to_scalar| in
// the ECDSA implementation.
- int ret = 0;
- BIGNUM *tmp = BN_new();
- if (tmp == NULL || !BN_lshift1(tmp, order)) {
- goto err;
+ bssl::UniquePtr<BIGNUM> tmp(BN_new());
+ if (tmp == nullptr || !BN_lshift1(tmp.get(), order)) {
+ return 0;
}
- if (BN_cmp(tmp, &group->field.N) <= 0) {
+ if (BN_cmp(tmp.get(), &group->field.N) <= 0) {
OPENSSL_PUT_ERROR(EC, EC_R_INVALID_GROUP_ORDER);
- goto err;
+ return 0;
}
EC_AFFINE affine;
if (!ec_jacobian_to_affine(group, &affine, &generator->raw) ||
!BN_MONT_CTX_set(&group->order, order, NULL)) {
- goto err;
+ return 0;
}
group->field_greater_than_order = BN_cmp(&group->field.N, order) > 0;
@@ -267,11 +263,7 @@
group->generator.raw.Y = affine.Y;
// |raw.Z| was set to 1 by |EC_GROUP_new_curve_GFp|.
group->has_order = 1;
- ret = 1;
-
-err:
- BN_free(tmp);
- return ret;
+ return 1;
}
EC_GROUP *EC_GROUP_new_by_curve_name(int nid) {
@@ -663,12 +655,10 @@
ERR_clear_error();
// This is an unusual input, so we do not guarantee constant-time processing.
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *tmp = BN_CTX_get(ctx);
- int ok = tmp != NULL && BN_nnmod(tmp, in, EC_GROUP_get0_order(group), ctx) &&
- ec_bignum_to_scalar(group, out, tmp);
- BN_CTX_end(ctx);
- return ok;
+ return tmp != nullptr && BN_nnmod(tmp, in, EC_GROUP_get0_order(group), ctx) &&
+ ec_bignum_to_scalar(group, out, tmp);
}
int ec_point_mul_no_self_test(const EC_GROUP *group, EC_POINT *r,
@@ -689,14 +679,13 @@
return 0;
}
- int ret = 0;
- BN_CTX *new_ctx = NULL;
+ bssl::UniquePtr<BN_CTX> new_ctx;
if (ctx == NULL) {
- new_ctx = BN_CTX_new();
+ new_ctx.reset(BN_CTX_new());
if (new_ctx == NULL) {
- goto err;
+ return 0;
}
- ctx = new_ctx;
+ ctx = new_ctx.get();
}
// If both |g_scalar| and |p_scalar| are non-NULL,
@@ -714,7 +703,7 @@
EC_SCALAR scalar;
if (!arbitrary_bignum_to_scalar(group, &scalar, g_scalar, ctx) ||
!ec_point_mul_scalar_base(group, &r->raw, &scalar)) {
- goto err;
+ return 0;
}
}
@@ -723,7 +712,7 @@
EC_JACOBIAN tmp;
if (!arbitrary_bignum_to_scalar(group, &scalar, p_scalar, ctx) ||
!ec_point_mul_scalar(group, &tmp, &p->raw, &scalar)) {
- goto err;
+ return 0;
}
if (g_scalar == NULL) {
OPENSSL_memcpy(&r->raw, &tmp, sizeof(EC_JACOBIAN));
@@ -732,11 +721,7 @@
}
}
- ret = 1;
-
-err:
- BN_CTX_free(new_ctx);
- return ret;
+ return 1;
}
int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar,
diff --git a/src/crypto/fipsmodule/ec/ec_key.cc.inc b/src/crypto/fipsmodule/ec/ec_key.cc.inc
index 8c402f4..01fbe93 100644
--- a/src/crypto/fipsmodule/ec/ec_key.cc.inc
+++ b/src/crypto/fipsmodule/ec/ec_key.cc.inc
@@ -316,40 +316,33 @@
int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, const BIGNUM *x,
const BIGNUM *y) {
- EC_POINT *point = NULL;
- int ok = 0;
-
if (!key || !key->group || !x || !y) {
OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
- point = EC_POINT_new(key->group);
- if (point == NULL ||
- !EC_POINT_set_affine_coordinates_GFp(key->group, point, x, y, NULL) ||
- !EC_KEY_set_public_key(key, point) || !EC_KEY_check_key(key)) {
- goto err;
+ bssl::UniquePtr<EC_POINT> point(EC_POINT_new(key->group));
+ if (point == nullptr ||
+ !EC_POINT_set_affine_coordinates_GFp(key->group, point.get(), x, y,
+ nullptr) ||
+ !EC_KEY_set_public_key(key, point.get()) || //
+ !EC_KEY_check_key(key)) {
+ return 0;
}
- ok = 1;
-
-err:
- EC_POINT_free(point);
- return ok;
+ return 1;
}
int EC_KEY_oct2key(EC_KEY *key, const uint8_t *in, size_t len, BN_CTX *ctx) {
- if (key->group == NULL) {
+ if (key->group == nullptr) {
OPENSSL_PUT_ERROR(EC, EC_R_MISSING_PARAMETERS);
return 0;
}
- EC_POINT *point = EC_POINT_new(key->group);
- int ok = point != NULL &&
- EC_POINT_oct2point(key->group, point, in, len, ctx) &&
- EC_KEY_set_public_key(key, point);
- EC_POINT_free(point);
- return ok;
+ bssl::UniquePtr<EC_POINT> point(EC_POINT_new(key->group));
+ return point != nullptr &&
+ EC_POINT_oct2point(key->group, point.get(), in, len, ctx) &&
+ EC_KEY_set_public_key(key, point.get());
}
size_t EC_KEY_key2buf(const EC_KEY *key, point_conversion_form_t form,
diff --git a/src/crypto/fipsmodule/ec/internal.h b/src/crypto/fipsmodule/ec/internal.h
index 4599c3c..2c610ba 100644
--- a/src/crypto/fipsmodule/ec/internal.h
+++ b/src/crypto/fipsmodule/ec/internal.h
@@ -13,8 +13,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_EC_INTERNAL_H
-#define OPENSSL_HEADER_EC_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_FIPSMODULE_EC_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_FIPSMODULE_EC_INTERNAL_H
#include <openssl/base.h>
@@ -706,4 +706,4 @@
} // extern C
#endif
-#endif // OPENSSL_HEADER_EC_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_FIPSMODULE_EC_INTERNAL_H
diff --git a/src/crypto/fipsmodule/ec/oct.cc.inc b/src/crypto/fipsmodule/ec/oct.cc.inc
index 15c3a2f..69323dc 100644
--- a/src/crypto/fipsmodule/ec/oct.cc.inc
+++ b/src/crypto/fipsmodule/ec/oct.cc.inc
@@ -116,35 +116,30 @@
// for primes which are not 3 (mod 4), namely P-224 and custom curves. P-224's
// prime is particularly inconvenient for compressed coordinates. See
// https://cr.yp.to/papers/sqroot.pdf
- BN_CTX *new_ctx = NULL;
- if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
- if (ctx == NULL) {
+ bssl::UniquePtr<BN_CTX> new_ctx;
+ if (ctx == nullptr) {
+ new_ctx.reset(BN_CTX_new());
+ if (new_ctx == nullptr) {
return 0;
}
+ ctx = new_ctx.get();
}
- int ret = 0;
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *x = BN_CTX_get(ctx);
- if (x == NULL || !BN_bin2bn(buf + 1, field_len, x)) {
- goto err;
+ if (x == nullptr || !BN_bin2bn(buf + 1, field_len, x)) {
+ return 0;
}
if (BN_ucmp(x, &group->field.N) >= 0) {
OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING);
- goto err;
+ return 0;
}
if (!EC_POINT_set_compressed_coordinates_GFp(group, point, x, y_bit, ctx)) {
- goto err;
+ return 0;
}
- ret = 1;
-
-err:
- BN_CTX_end(ctx);
- BN_CTX_free(new_ctx);
- return ret;
+ return 1;
}
int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *point,
@@ -214,28 +209,27 @@
return 0;
}
- BN_CTX *new_ctx = NULL;
- int ret = 0;
-
ERR_clear_error();
- if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
- if (ctx == NULL) {
+ bssl::UniquePtr<BN_CTX> new_ctx;
+ if (ctx == nullptr) {
+ new_ctx.reset(BN_CTX_new());
+ if (new_ctx == nullptr) {
return 0;
}
+ ctx = new_ctx.get();
}
y_bit = (y_bit != 0);
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *tmp1 = BN_CTX_get(ctx);
BIGNUM *tmp2 = BN_CTX_get(ctx);
BIGNUM *a = BN_CTX_get(ctx);
BIGNUM *b = BN_CTX_get(ctx);
BIGNUM *y = BN_CTX_get(ctx);
if (y == NULL || !EC_GROUP_get_curve_GFp(group, NULL, a, b, ctx)) {
- goto err;
+ return 0;
}
// Recover y. We have a Weierstrass equation
@@ -245,7 +239,7 @@
// tmp1 := x^3
if (!BN_mod_sqr(tmp2, x, field, ctx) ||
!BN_mod_mul(tmp1, tmp2, x, field, ctx)) {
- goto err;
+ return 0;
}
// tmp1 := tmp1 + a*x
@@ -253,18 +247,18 @@
if (!bn_mod_lshift1_consttime(tmp2, x, field, ctx) ||
!bn_mod_add_consttime(tmp2, tmp2, x, field, ctx) ||
!bn_mod_sub_consttime(tmp1, tmp1, tmp2, field, ctx)) {
- goto err;
+ return 0;
}
} else {
if (!BN_mod_mul(tmp2, a, x, field, ctx) ||
!bn_mod_add_consttime(tmp1, tmp1, tmp2, field, ctx)) {
- goto err;
+ return 0;
}
}
// tmp1 := tmp1 + b
if (!bn_mod_add_consttime(tmp1, tmp1, b, field, ctx)) {
- goto err;
+ return 0;
}
if (!BN_mod_sqrt(y, tmp1, field, ctx)) {
@@ -276,31 +270,26 @@
} else {
OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB);
}
- goto err;
+ return 0;
}
if (y_bit != BN_is_odd(y)) {
if (BN_is_zero(y)) {
OPENSSL_PUT_ERROR(EC, EC_R_INVALID_COMPRESSION_BIT);
- goto err;
+ return 0;
}
if (!BN_usub(y, field, y)) {
- goto err;
+ return 0;
}
}
if (y_bit != BN_is_odd(y)) {
OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR);
- goto err;
+ return 0;
}
if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx)) {
- goto err;
+ return 0;
}
- ret = 1;
-
-err:
- BN_CTX_end(ctx);
- BN_CTX_free(new_ctx);
- return ret;
+ return 1;
}
diff --git a/src/crypto/fipsmodule/ec/p256-nistz.h b/src/crypto/fipsmodule/ec/p256-nistz.h
index be6b5ec..326e38d 100644
--- a/src/crypto/fipsmodule/ec/p256-nistz.h
+++ b/src/crypto/fipsmodule/ec/p256-nistz.h
@@ -21,8 +21,8 @@
// S.Gueron and V.Krasnov, "Fast Prime Field Elliptic Curve Cryptography with
// 256 Bit Primes"
-#ifndef OPENSSL_HEADER_EC_P256_X86_64_H
-#define OPENSSL_HEADER_EC_P256_X86_64_H
+#ifndef OPENSSL_HEADER_CRYPTO_FIPSMODULE_EC_P256_NISTZ_H
+#define OPENSSL_HEADER_CRYPTO_FIPSMODULE_EC_P256_NISTZ_H
#include <openssl/base.h>
@@ -204,4 +204,4 @@
} // extern C++
#endif
-#endif // OPENSSL_HEADER_EC_P256_X86_64_H
+#endif // OPENSSL_HEADER_CRYPTO_FIPSMODULE_EC_P256_NISTZ_H
diff --git a/src/crypto/fipsmodule/ec/simple.cc.inc b/src/crypto/fipsmodule/ec/simple.cc.inc
index f053ea1..59a130b 100644
--- a/src/crypto/fipsmodule/ec/simple.cc.inc
+++ b/src/crypto/fipsmodule/ec/simple.cc.inc
@@ -45,11 +45,10 @@
return 0;
}
- int ret = 0;
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *tmp = BN_CTX_get(ctx);
- if (tmp == NULL) {
- goto err;
+ if (tmp == nullptr) {
+ return 0;
}
if (!BN_MONT_CTX_set(&group->field, p, ctx) ||
@@ -57,21 +56,17 @@
!ec_bignum_to_felem(group, &group->b, b) ||
// Reuse Z from the generator to cache the value one.
!ec_bignum_to_felem(group, &group->generator.raw.Z, BN_value_one())) {
- goto err;
+ return 0;
}
// group->a_is_minus3
if (!BN_copy(tmp, a) ||
!BN_add_word(tmp, 3)) {
- goto err;
+ return 0;
}
group->a_is_minus3 = (0 == BN_cmp(tmp, &group->field.N));
- ret = 1;
-
-err:
- BN_CTX_end(ctx);
- return ret;
+ return 1;
}
int ec_GFp_simple_group_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
diff --git a/src/crypto/fipsmodule/keccak/internal.h b/src/crypto/fipsmodule/keccak/internal.h
index f5a15f5..273e666 100644
--- a/src/crypto/fipsmodule/keccak/internal.h
+++ b/src/crypto/fipsmodule/keccak/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_CRYPTO_KECCAK_INTERNAL_H
-#define OPENSSL_HEADER_CRYPTO_KECCAK_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_FIPSMODULE_KECCAK_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_FIPSMODULE_KECCAK_INTERNAL_H
#include <openssl/base.h>
@@ -67,4 +67,4 @@
}
#endif
-#endif // OPENSSL_HEADER_CRYPTO_KECCAK_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_FIPSMODULE_KECCAK_INTERNAL_H
diff --git a/src/crypto/fipsmodule/mldsa/fips_known_values.inc b/src/crypto/fipsmodule/mldsa/fips_known_values.inc
new file mode 100644
index 0000000..948fb5c
--- /dev/null
+++ b/src/crypto/fipsmodule/mldsa/fips_known_values.inc
@@ -0,0 +1,1345 @@
+const uint8_t kGenerateKeyEntropy[BCM_MLDSA_SEED_BYTES] = {
+ 0x47, 0x90, 0x52, 0x10, 0x30, 0x27, 0xbd, 0xf1, 0x7e, 0xb1, 0x22,
+ 0xd7, 0x84, 0xfb, 0x3c, 0xf0, 0x40, 0xd2, 0xf4, 0x97, 0x11, 0x7e,
+ 0x01, 0x38, 0xc4, 0xce, 0x9c, 0xac, 0x94, 0x71, 0xab, 0x39};
+
+const uint8_t kExpectedPublicKey[BCM_MLDSA65_PUBLIC_KEY_BYTES] = {
+ 0x0c, 0x6f, 0x38, 0x7d, 0x2a, 0xb4, 0x33, 0x87, 0xf0, 0x21, 0xb0, 0xda,
+ 0x81, 0x6c, 0x71, 0xf0, 0xbc, 0x81, 0x5e, 0xf0, 0xb1, 0x6a, 0xf1, 0x12,
+ 0x4f, 0x35, 0x4c, 0x27, 0x3e, 0xed, 0xb4, 0x2f, 0xe5, 0x4a, 0x01, 0x9a,
+ 0x97, 0x9c, 0xfa, 0x12, 0xde, 0xca, 0xef, 0xe1, 0x56, 0x9a, 0x90, 0x6d,
+ 0x54, 0x21, 0x58, 0xa6, 0x59, 0x4c, 0x99, 0x28, 0x53, 0x79, 0xce, 0xb8,
+ 0x90, 0xc6, 0xed, 0x4a, 0x4c, 0xe5, 0x9b, 0x9c, 0x87, 0x41, 0xae, 0x95,
+ 0x26, 0x83, 0xca, 0x91, 0x38, 0x62, 0xc0, 0x32, 0x82, 0x42, 0x8e, 0xdf,
+ 0x92, 0xf5, 0xcf, 0xc7, 0xd5, 0x69, 0xfa, 0xfb, 0x1f, 0x18, 0x96, 0xc5,
+ 0x9f, 0xd8, 0xbb, 0xd6, 0xb7, 0xf4, 0x4f, 0x20, 0x12, 0x51, 0x2a, 0x08,
+ 0xba, 0xae, 0x5d, 0x87, 0xf9, 0x14, 0x8f, 0xb0, 0x76, 0xba, 0x1d, 0xae,
+ 0x38, 0x14, 0xad, 0x4f, 0x68, 0xf0, 0xc4, 0xf6, 0xdb, 0x32, 0x30, 0x9b,
+ 0xa3, 0x2f, 0xe3, 0x9b, 0x72, 0x5a, 0xee, 0xb0, 0x97, 0x4d, 0x01, 0xa3,
+ 0x70, 0x29, 0x9a, 0xd6, 0x08, 0xed, 0xbf, 0x0a, 0xa4, 0x17, 0x8d, 0x18,
+ 0x5f, 0x13, 0xef, 0xd2, 0x59, 0xbc, 0x50, 0x65, 0xf4, 0xef, 0xd1, 0xbb,
+ 0x74, 0x22, 0x38, 0xfb, 0x5d, 0x75, 0xc4, 0xe5, 0xf9, 0x8f, 0x39, 0xf2,
+ 0x6f, 0x93, 0xc4, 0x06, 0x1a, 0xff, 0x46, 0x7a, 0xa0, 0xaa, 0xfb, 0x1c,
+ 0x9c, 0xa2, 0xe0, 0x66, 0x74, 0xa1, 0x0f, 0xd5, 0x87, 0x7f, 0x45, 0x9d,
+ 0x5e, 0xcb, 0xec, 0xc6, 0xd0, 0x9f, 0x8a, 0x36, 0xd9, 0xce, 0x37, 0xf1,
+ 0x17, 0x5c, 0x7c, 0x15, 0x1d, 0x46, 0xa3, 0x5d, 0x97, 0x21, 0xbd, 0x93,
+ 0xf5, 0xe9, 0x8f, 0x77, 0xb4, 0xb2, 0xc2, 0x26, 0x82, 0xcb, 0xd4, 0x46,
+ 0xc2, 0x18, 0xa2, 0xa8, 0xfe, 0xee, 0xf5, 0x15, 0xc7, 0x03, 0x0c, 0xa3,
+ 0x46, 0xcf, 0x85, 0x61, 0x68, 0x8c, 0xaa, 0xd6, 0x83, 0x9f, 0xd8, 0xf4,
+ 0x8c, 0x0c, 0xc6, 0xe7, 0xef, 0x17, 0xe4, 0x47, 0x41, 0xcf, 0x35, 0x2a,
+ 0x6a, 0x19, 0xa0, 0x55, 0xc0, 0x16, 0x4f, 0xaa, 0xdc, 0x96, 0xc5, 0x34,
+ 0xfa, 0xee, 0xbf, 0x3f, 0x3d, 0x76, 0x06, 0x82, 0x86, 0x40, 0x7b, 0x85,
+ 0x7f, 0x76, 0x6d, 0x9f, 0x82, 0x9e, 0x21, 0x99, 0xd3, 0x61, 0x34, 0xf7,
+ 0x17, 0xf5, 0x46, 0x41, 0xad, 0x6c, 0x32, 0xd1, 0x33, 0xf8, 0x8f, 0x6e,
+ 0xc9, 0x13, 0xc5, 0xb3, 0x3e, 0xa7, 0x6f, 0xc9, 0x8d, 0xb0, 0x00, 0x9c,
+ 0x5e, 0x7b, 0xcb, 0x0b, 0x03, 0x85, 0x91, 0x4b, 0x8d, 0x74, 0xd1, 0x32,
+ 0x0e, 0x0b, 0x37, 0xc5, 0x80, 0x8c, 0x06, 0xd3, 0x4b, 0xab, 0xb3, 0xd4,
+ 0x3f, 0xb7, 0x4c, 0x46, 0xcd, 0x28, 0xde, 0x15, 0x9d, 0xf5, 0x95, 0x0c,
+ 0x57, 0x56, 0x7a, 0xf9, 0xde, 0x97, 0x47, 0x72, 0x95, 0xf7, 0x4a, 0x3a,
+ 0x1b, 0xbb, 0x51, 0xc6, 0x83, 0x7f, 0x37, 0x18, 0x6a, 0x79, 0x2c, 0xe3,
+ 0x82, 0x20, 0x53, 0x96, 0x10, 0xe4, 0x45, 0x32, 0xf2, 0x66, 0x35, 0x5e,
+ 0xb8, 0x2d, 0x8d, 0xf5, 0x90, 0x66, 0x09, 0xb2, 0xfa, 0x0e, 0xdd, 0x0b,
+ 0x19, 0x41, 0x4a, 0x58, 0xc0, 0x83, 0x9d, 0x6d, 0x05, 0x43, 0x84, 0x6e,
+ 0x5b, 0x6e, 0x7e, 0xd0, 0xc9, 0xb1, 0x55, 0x7f, 0xd0, 0x59, 0x40, 0x94,
+ 0x2d, 0x8c, 0xdb, 0xe1, 0xa4, 0xd8, 0x8a, 0x78, 0x3a, 0x0a, 0x50, 0x55,
+ 0x84, 0xc2, 0xd9, 0xd8, 0x55, 0x3a, 0xef, 0x93, 0xc2, 0xe9, 0x86, 0x43,
+ 0x30, 0x08, 0xd6, 0x54, 0x1f, 0xfd, 0x04, 0xac, 0x4c, 0x2d, 0x5f, 0xf5,
+ 0x4d, 0x4f, 0xe9, 0x70, 0x77, 0x0b, 0x9a, 0x07, 0x91, 0x1e, 0xdf, 0x9c,
+ 0x4e, 0xaa, 0xf5, 0x05, 0x51, 0xc9, 0x7b, 0x48, 0x35, 0xc9, 0x30, 0xd4,
+ 0x02, 0x14, 0x8b, 0xb4, 0x2c, 0x1f, 0x25, 0x6d, 0xf4, 0xa6, 0x52, 0x1b,
+ 0x63, 0x48, 0x85, 0x31, 0x82, 0xf8, 0xd5, 0xb3, 0x11, 0x77, 0x5a, 0xa3,
+ 0xfe, 0x2e, 0x31, 0xc7, 0xdb, 0xda, 0x0b, 0x35, 0x6f, 0x56, 0xb8, 0xb8,
+ 0x64, 0xb7, 0x8c, 0xde, 0x69, 0x2d, 0x88, 0x83, 0xbe, 0x2c, 0xc1, 0xc2,
+ 0x90, 0xd4, 0x19, 0xb7, 0x21, 0x3a, 0x71, 0x81, 0x64, 0x88, 0x7e, 0xed,
+ 0xc2, 0xb8, 0x92, 0xce, 0x36, 0xc0, 0x4d, 0x36, 0x66, 0x75, 0x35, 0xa0,
+ 0x6e, 0x1e, 0xef, 0xb1, 0x9e, 0xb1, 0x9c, 0x16, 0xf7, 0x3a, 0x7e, 0xf7,
+ 0x8a, 0x36, 0xd0, 0x8f, 0x9d, 0x13, 0x04, 0x4a, 0xac, 0x0d, 0x71, 0xd9,
+ 0x1f, 0x52, 0xa6, 0xb4, 0x52, 0xfd, 0x12, 0xd2, 0xa8, 0xc2, 0x38, 0xbf,
+ 0x14, 0x4b, 0x42, 0xcf, 0xfc, 0x2d, 0x72, 0xa3, 0x5d, 0xdb, 0x4e, 0xfd,
+ 0xbc, 0xa6, 0xde, 0x41, 0x21, 0x88, 0xe9, 0x05, 0xe5, 0x6a, 0x80, 0xf1,
+ 0x0e, 0xc6, 0x58, 0x24, 0x0a, 0x0b, 0xdd, 0x32, 0xef, 0x68, 0xf6, 0x5e,
+ 0x84, 0xba, 0xbb, 0xc4, 0x14, 0x10, 0x58, 0xcd, 0x8a, 0x00, 0xce, 0xd2,
+ 0x54, 0xfb, 0x9d, 0x75, 0x69, 0x2b, 0x68, 0x89, 0x4e, 0x71, 0xda, 0x6f,
+ 0x98, 0x88, 0x38, 0x96, 0xe6, 0x34, 0x99, 0x9f, 0x69, 0x2a, 0x9e, 0xa3,
+ 0xb8, 0xe7, 0x0c, 0x97, 0xb9, 0x96, 0x58, 0x2a, 0x79, 0x85, 0x8e, 0x4b,
+ 0xcd, 0x5e, 0xc5, 0x05, 0xbf, 0x44, 0x49, 0x60, 0x9c, 0xa5, 0x49, 0x9f,
+ 0x2f, 0x30, 0x07, 0x79, 0x54, 0x18, 0xc1, 0x84, 0x79, 0xc6, 0x79, 0xc5,
+ 0x83, 0x51, 0x44, 0x18, 0x33, 0xcb, 0xf5, 0xe6, 0x72, 0x13, 0x8e, 0x6d,
+ 0x3d, 0xbe, 0x1d, 0xce, 0x70, 0x31, 0x4b, 0x0d, 0x33, 0x8d, 0x9a, 0xac,
+ 0xbf, 0xf7, 0x17, 0xd5, 0x62, 0xe3, 0x2f, 0xc0, 0x60, 0x25, 0xf6, 0xc1,
+ 0x66, 0xd5, 0x49, 0x18, 0x64, 0x4f, 0x34, 0xca, 0xa9, 0xdd, 0x11, 0x81,
+ 0x36, 0x93, 0xdf, 0xc0, 0xc6, 0x5e, 0x21, 0xc8, 0xbd, 0x15, 0x1e, 0x92,
+ 0xc7, 0x8d, 0xa0, 0x85, 0xdc, 0x14, 0xb9, 0xa0, 0x6d, 0x93, 0x15, 0x2b,
+ 0xce, 0x8d, 0x1c, 0x37, 0x75, 0xbb, 0x5a, 0x5b, 0x41, 0x95, 0xb1, 0xff,
+ 0x82, 0xe9, 0xa0, 0xbb, 0x01, 0x03, 0x15, 0x4b, 0xa1, 0x4e, 0xc6, 0xc2,
+ 0xb2, 0x77, 0x78, 0x75, 0xd2, 0x13, 0x5e, 0xe0, 0x82, 0xee, 0x6c, 0xd9,
+ 0x6f, 0x1e, 0x7e, 0xc4, 0x5b, 0x89, 0x10, 0x0e, 0x0b, 0x85, 0x6f, 0xe0,
+ 0x86, 0xf2, 0x86, 0xc9, 0x20, 0xe0, 0xa5, 0x09, 0x3d, 0x30, 0xed, 0x50,
+ 0x5e, 0xb5, 0x2b, 0xb9, 0xbe, 0x55, 0x60, 0xa9, 0x25, 0x79, 0xed, 0x3f,
+ 0xfe, 0xce, 0xc2, 0x63, 0x5a, 0x17, 0xa0, 0xf9, 0x81, 0xe4, 0x79, 0x0b,
+ 0x0a, 0x8f, 0x32, 0x1f, 0x9b, 0x92, 0xf4, 0x88, 0x68, 0xf4, 0xd8, 0x06,
+ 0xa9, 0x01, 0x26, 0x6a, 0x5d, 0x67, 0xc7, 0x29, 0x67, 0xd3, 0x47, 0xd0,
+ 0x69, 0x76, 0xd8, 0x79, 0x43, 0x40, 0xaa, 0xdd, 0x82, 0x3e, 0xc9, 0x2b,
+ 0x1f, 0x90, 0xb9, 0x27, 0x74, 0x21, 0xb9, 0x29, 0xcd, 0x09, 0x12, 0xb9,
+ 0x72, 0x2c, 0x73, 0x3c, 0x0e, 0x94, 0x69, 0x37, 0xbd, 0xca, 0x54, 0x31,
+ 0x93, 0xce, 0x54, 0x21, 0x5b, 0x51, 0xa4, 0xc4, 0x0e, 0xf4, 0x37, 0xa1,
+ 0x6a, 0x9d, 0x05, 0x6b, 0xec, 0xfb, 0x88, 0x8d, 0xd1, 0x20, 0x33, 0x7d,
+ 0xbe, 0xf1, 0xda, 0x3b, 0xcf, 0x34, 0x9a, 0x1e, 0xbc, 0x18, 0x3a, 0x44,
+ 0xd3, 0x62, 0x0e, 0x2e, 0x18, 0x88, 0x05, 0x13, 0x97, 0x7f, 0x09, 0x3a,
+ 0xb3, 0x18, 0x86, 0x59, 0x1a, 0x9b, 0x15, 0xfc, 0x20, 0xcf, 0xe8, 0x88,
+ 0xf9, 0x75, 0x06, 0x3b, 0xf5, 0xac, 0x02, 0xd6, 0xee, 0x8c, 0x3c, 0x5c,
+ 0xda, 0x5b, 0x9e, 0x9b, 0x81, 0xff, 0x5c, 0x70, 0x1c, 0xb4, 0xe1, 0xb6,
+ 0x9f, 0xd5, 0x15, 0xe8, 0xc0, 0x24, 0xe7, 0x8d, 0xbd, 0x66, 0xd4, 0x82,
+ 0x97, 0x93, 0xf8, 0x95, 0x66, 0xc7, 0xe5, 0x3a, 0x02, 0x0d, 0xc5, 0x7d,
+ 0x0d, 0x4f, 0x9a, 0xb6, 0x41, 0xb8, 0x6f, 0x48, 0x68, 0x01, 0x84, 0xe8,
+ 0x0b, 0x2c, 0x77, 0x1d, 0x79, 0x16, 0x86, 0xc3, 0xf0, 0xa9, 0x41, 0xf1,
+ 0xda, 0xd5, 0x6f, 0x49, 0x8d, 0xb6, 0x6b, 0x53, 0xc1, 0x63, 0xff, 0x0a,
+ 0x95, 0xb8, 0x92, 0xf8, 0x21, 0xc2, 0x17, 0xc5, 0xd6, 0xcf, 0x18, 0xda,
+ 0x1a, 0xb9, 0x71, 0x7e, 0x03, 0x30, 0xfb, 0x40, 0xca, 0xc6, 0xd4, 0x18,
+ 0xe8, 0xe4, 0x8f, 0xe9, 0x23, 0xd1, 0x02, 0xb2, 0x8d, 0xa1, 0xe2, 0x0f,
+ 0x88, 0xc8, 0x88, 0x42, 0xb8, 0x32, 0xf7, 0x2d, 0x94, 0x2a, 0xa8, 0x99,
+ 0x7a, 0x25, 0x3f, 0x2b, 0xf1, 0xc1, 0xdb, 0x83, 0x53, 0xe6, 0x2f, 0x6f,
+ 0x58, 0x38, 0x18, 0x53, 0x6c, 0x50, 0x4f, 0xf8, 0xec, 0xe8, 0x19, 0x36,
+ 0x0f, 0xa8, 0xba, 0x9a, 0x2e, 0xb8, 0x8b, 0xab, 0xd7, 0x59, 0xa6, 0x81,
+ 0xd2, 0x34, 0x03, 0x57, 0x12, 0xaa, 0x2c, 0x92, 0x52, 0xe8, 0x90, 0x59,
+ 0x19, 0x20, 0xb5, 0x24, 0x1e, 0x0c, 0xa8, 0x66, 0xf9, 0x00, 0xeb, 0xa4,
+ 0xc5, 0x45, 0xfe, 0x94, 0x92, 0x92, 0x0e, 0xc9, 0x7b, 0x33, 0x11, 0xb0,
+ 0x92, 0x8e, 0xac, 0xf6, 0xa5, 0x3f, 0x49, 0xd5, 0x29, 0x3a, 0xcf, 0x4f,
+ 0xf6, 0x59, 0x68, 0x1d, 0x24, 0x1d, 0x67, 0xa0, 0x80, 0x72, 0x37, 0x6f,
+ 0xa8, 0x0c, 0x84, 0x09, 0xe0, 0x02, 0xa9, 0xa8, 0xcc, 0xc4, 0x01, 0xa2,
+ 0x50, 0x02, 0xc7, 0xa3, 0xf9, 0x42, 0xbe, 0x55, 0x40, 0xdb, 0xdf, 0x46,
+ 0x56, 0x5c, 0xd7, 0x9a, 0xe9, 0x28, 0xd4, 0xc7, 0xc7, 0x4e, 0x6b, 0x8e,
+ 0x5f, 0x52, 0xd4, 0x8d, 0x1b, 0x97, 0x9d, 0xad, 0x87, 0x1a, 0x5d, 0x79,
+ 0xfa, 0x47, 0xad, 0x3e, 0x70, 0x82, 0x3a, 0x87, 0x49, 0xd7, 0xc4, 0xb3,
+ 0xd5, 0xb8, 0x48, 0x9a, 0x30, 0x5e, 0x59, 0x88, 0xb4, 0xbf, 0xf9, 0x5a,
+ 0x7a, 0x11, 0xb3, 0x57, 0x27, 0x3c, 0x24, 0x22, 0x5a, 0x9d, 0x0c, 0x9a,
+ 0xd4, 0x0d, 0x26, 0xf6, 0xd2, 0x7b, 0x91, 0x68, 0xfe, 0x44, 0xff, 0x54,
+ 0xd0, 0xef, 0x87, 0xcb, 0x29, 0x4c, 0x23, 0xe2, 0xce, 0x4b, 0xf6, 0x36,
+ 0x10, 0x6d, 0x54, 0x2a, 0xf0, 0x21, 0xf9, 0x51, 0x25, 0x5f, 0x11, 0x93,
+ 0xc9, 0x3f, 0x2e, 0x40, 0xed, 0x28, 0x5e, 0x1a, 0xb8, 0x98, 0xc9, 0x63,
+ 0x94, 0xe7, 0x44, 0x11, 0x76, 0xb8, 0x3b, 0xfd, 0xc4, 0x20, 0x47, 0x26,
+ 0x62, 0x26, 0x86, 0x92, 0x3d, 0x2f, 0xdb, 0xed, 0xd0, 0x60, 0x0b, 0x2d,
+ 0x4d, 0xb9, 0xae, 0x76, 0x35, 0xb4, 0xfb, 0x22, 0x7f, 0xcb, 0x5d, 0x76,
+ 0xca, 0xe7, 0x07, 0xd7, 0x1b, 0xd8, 0x2b, 0x20, 0xf4, 0xad, 0xad, 0x8a,
+ 0x78, 0xc2, 0xb1, 0xc4, 0x9e, 0x08, 0x63, 0x98, 0x0f, 0xd8, 0x3b, 0xfc,
+ 0xfa, 0x7c, 0x88, 0x99, 0x50, 0x0c, 0x3b, 0x0f, 0x5a, 0x28, 0xd0, 0xa4,
+ 0x9f, 0x55, 0xc5, 0xf9, 0x18, 0xea, 0x76, 0x3b, 0xf5, 0x28, 0x61, 0x0e,
+ 0x0c, 0x17, 0x2b, 0x04, 0x19, 0x56, 0xa3, 0x83, 0xf5, 0xc6, 0x09, 0xb9,
+ 0x7e, 0xad, 0xa6, 0x63, 0xb1, 0x8d, 0x8d, 0x7f, 0x28, 0xdd, 0x10, 0x7a,
+ 0x38, 0xa9, 0xeb, 0x72, 0xd1, 0x85, 0x15, 0x93, 0xae, 0x86, 0xe6, 0x41,
+ 0xd8, 0xec, 0x57, 0x5b, 0x4e, 0x2f, 0x59, 0x93, 0x01, 0xac, 0x12, 0xd5,
+ 0x7f, 0x9d, 0x5d, 0xb3, 0x06, 0x3d, 0x80, 0xd3, 0x91, 0xd5, 0x90, 0x8b,
+ 0xa5, 0xef, 0x19, 0xb0, 0xf1, 0x33, 0x9e, 0x6d, 0x30, 0xbd, 0x24, 0x21,
+ 0x65, 0x87, 0x71, 0x0c, 0x8e, 0x27, 0x05, 0xee, 0x7d, 0xd0, 0x50, 0xf4,
+ 0x09, 0xf0, 0x24, 0x69, 0xf0, 0x15, 0x43, 0xa6, 0x47, 0xdd, 0x0a, 0x26,
+ 0x17, 0xa8, 0x1c, 0xad, 0x17, 0x9e, 0xbb, 0x3d, 0x84, 0xf3, 0x2f, 0x53,
+ 0xe8, 0x87, 0x28, 0x2d, 0xb1, 0xf6, 0xa3, 0xe2, 0x24, 0xa1, 0x2c, 0x35,
+ 0x9d, 0x1d, 0x48, 0xf0, 0xd4, 0x03, 0xde, 0x4a, 0x31, 0xda, 0x94, 0x7b,
+ 0x67, 0x6f, 0x97, 0x38, 0x59, 0xc6, 0xdc, 0x07, 0xd0, 0xf5, 0xe7, 0xec,
+ 0x33, 0x95, 0x0c, 0xf4, 0xb3, 0x6f, 0x9e, 0x71, 0x09, 0x59, 0x1d, 0x55,
+ 0x1b, 0x3d, 0xc8, 0x89, 0x55, 0xae, 0x95, 0x05, 0xe2, 0x09, 0x55, 0xa1,
+ 0x2d, 0xd3, 0x19, 0xd7, 0x89, 0x88, 0xf5, 0x3b, 0xae, 0xc5, 0xf2, 0x80,
+ 0x1d, 0xe4, 0x27, 0xcf, 0xbe, 0x90, 0x99, 0x8b, 0x01, 0xeb, 0xb3, 0xc8,
+ 0xfe, 0xf2, 0xdd, 0xd5, 0x95, 0x95, 0x9a, 0xa5, 0xe9, 0xec, 0x9f, 0x63,
+ 0x26, 0x20, 0xca, 0x98, 0x37, 0xe9, 0x5e, 0xcd, 0x95, 0x17, 0x4f, 0xbb,
+ 0xff, 0xdb, 0x8b, 0xc7, 0x80, 0xee, 0xb1, 0x5d, 0x27, 0x83, 0xd1, 0x9c,
+ 0x6d, 0xfd, 0x1a, 0x98, 0x99, 0x71, 0x4d, 0x06, 0xbc, 0x47, 0x34, 0xf9,
+ 0x23, 0x9a, 0xd4, 0x3e, 0x92, 0xd4, 0xd5, 0x6c, 0x6c, 0x5c, 0xab, 0xd0,
+ 0xaf, 0x19, 0xf9, 0x48, 0xfe, 0xbd, 0x62, 0x72, 0x1d, 0x1e, 0xbc, 0x8a,
+ 0xa6, 0x21, 0x59, 0xe6, 0xd9, 0xbc, 0x5e, 0xc9, 0x3b, 0x88, 0x38, 0x26,
+ 0xf4, 0x8e, 0xfc, 0x95, 0xbe, 0x6b, 0xf9, 0x1b, 0x7f, 0x37, 0xd0, 0xfc,
+ 0x00, 0x4d, 0x08, 0xfd, 0x75, 0xf8, 0x85, 0x48, 0x2e, 0x40, 0x91, 0x9a,
+ 0xa0, 0xfa, 0x9f, 0x78, 0x39, 0xde, 0x44, 0x73, 0xf9, 0xa4, 0xb7, 0x50,
+ 0x61, 0x9f, 0x93, 0x0a, 0x09, 0xb5, 0x47, 0x91, 0x0f, 0x21, 0x42, 0x7c,
+ 0xa5, 0x25, 0xdb, 0xa8, 0x4e, 0xa1, 0x77, 0x35, 0xf7, 0xb6, 0xb3, 0x0b,
+ 0x36, 0xeb, 0xcc, 0xb4, 0xb8, 0x70, 0xf9, 0xb2, 0xdd, 0x0b, 0x69, 0xaa,
+ 0xd3, 0x47, 0x03, 0xb9, 0x28, 0xba, 0x80, 0x48, 0xf5, 0xcd, 0x6a, 0x7f,
+ 0x16, 0x4d, 0xc5, 0xce, 0x8c, 0xbc, 0x95, 0x0f, 0x5a, 0x24, 0xb0, 0x8f,
+ 0x84, 0xd6, 0xed, 0x79, 0x8e, 0x46, 0x79, 0x82, 0x75, 0x0f, 0x10, 0x3f,
+ 0x51, 0x8e, 0xb0, 0xc9, 0x40, 0x5b, 0xa3, 0xe0, 0x35, 0xf8, 0x4a, 0xf9,
+ 0x7e, 0x38, 0x3f, 0xe9, 0x05, 0xb2, 0x44, 0x7d, 0x76, 0xfe, 0xfd, 0x1e,
+ 0x5b, 0xb7, 0xd6, 0x44, 0x13, 0x53, 0xd7, 0xa2, 0xb0, 0x00, 0xfa, 0xf1,
+ 0x0b, 0x4d, 0xed, 0x1b, 0x46, 0x97, 0x37, 0xa3, 0xbd, 0x90, 0x0c, 0xed,
+ 0xc3, 0x0c, 0x40, 0xcd, 0xba, 0x88, 0x09, 0x47, 0x0d, 0x63, 0xc5, 0xa3,
+ 0x33, 0x2c, 0x9a, 0xef, 0x50, 0xf9, 0xa7, 0xcb, 0x6c, 0xc9, 0xeb, 0xbe,
+ 0xff, 0x60, 0x88, 0x7e, 0x71, 0xa3, 0xea, 0x0a, 0x6d, 0x54, 0x8d, 0x3d,
+ 0x54, 0x6e, 0x15, 0xad, 0xaf, 0x4c, 0xbc, 0x62, 0x4b, 0x2e, 0x0e, 0xfb,
+ 0x07, 0xef, 0xab, 0x56, 0xae, 0xc3, 0xb0, 0xec, 0x11, 0xe5, 0x97, 0xc6,
+ 0x25, 0xd0, 0x03, 0xd5, 0xc5, 0x0e, 0x35, 0x2c, 0x7a, 0x73, 0xb9, 0x1a,
+ 0x81, 0xcb, 0x01, 0xf6, 0x01, 0xae, 0x35, 0x7f};
+
+const uint8_t kExpectedPrivateKey[BCM_MLDSA65_PRIVATE_KEY_BYTES] = {
+ 0x0c, 0x6f, 0x38, 0x7d, 0x2a, 0xb4, 0x33, 0x87, 0xf0, 0x21, 0xb0, 0xda,
+ 0x81, 0x6c, 0x71, 0xf0, 0xbc, 0x81, 0x5e, 0xf0, 0xb1, 0x6a, 0xf1, 0x12,
+ 0x4f, 0x35, 0x4c, 0x27, 0x3e, 0xed, 0xb4, 0x2f, 0xbf, 0x0e, 0xfa, 0x56,
+ 0x57, 0x0f, 0xbe, 0xb6, 0x30, 0x07, 0x57, 0xe6, 0xc2, 0xf4, 0xc3, 0x35,
+ 0xbe, 0x49, 0x22, 0xba, 0xa2, 0xb7, 0x4f, 0x56, 0x52, 0xb5, 0x7c, 0x3a,
+ 0x45, 0x78, 0x0e, 0x2b, 0x63, 0xf6, 0xaf, 0x3b, 0x98, 0xd7, 0xa9, 0x79,
+ 0x3e, 0xa4, 0x2c, 0xb3, 0xf4, 0x21, 0xb4, 0x8f, 0xb8, 0x3e, 0x93, 0x20,
+ 0x5f, 0x61, 0x51, 0x07, 0x30, 0x25, 0x7f, 0xf9, 0x81, 0x7b, 0x77, 0x6b,
+ 0x9d, 0xb4, 0x05, 0x26, 0x15, 0x79, 0x8d, 0xda, 0x47, 0x6f, 0xd5, 0x45,
+ 0x4a, 0xe4, 0xe4, 0xfc, 0xb7, 0xeb, 0xe4, 0x40, 0x2d, 0x6b, 0xe1, 0xeb,
+ 0x5f, 0xcf, 0x52, 0xea, 0xfe, 0xf4, 0x38, 0x37, 0x36, 0x50, 0x31, 0x60,
+ 0x03, 0x68, 0x60, 0x26, 0x36, 0x50, 0x45, 0x16, 0x42, 0x22, 0x51, 0x23,
+ 0x54, 0x28, 0x60, 0x51, 0x32, 0x83, 0x06, 0x01, 0x63, 0x13, 0x86, 0x52,
+ 0x26, 0x32, 0x05, 0x86, 0x80, 0x01, 0x06, 0x74, 0x06, 0x86, 0x43, 0x87,
+ 0x28, 0x72, 0x85, 0x32, 0x14, 0x12, 0x71, 0x68, 0x76, 0x10, 0x32, 0x57,
+ 0x55, 0x27, 0x47, 0x38, 0x20, 0x50, 0x81, 0x22, 0x61, 0x67, 0x62, 0x64,
+ 0x51, 0x43, 0x01, 0x23, 0x38, 0x73, 0x77, 0x34, 0x02, 0x72, 0x83, 0x86,
+ 0x34, 0x28, 0x72, 0x64, 0x88, 0x68, 0x15, 0x86, 0x27, 0x16, 0x14, 0x02,
+ 0x45, 0x10, 0x43, 0x13, 0x41, 0x73, 0x45, 0x02, 0x55, 0x45, 0x06, 0x42,
+ 0x35, 0x28, 0x70, 0x22, 0x81, 0x48, 0x15, 0x36, 0x31, 0x82, 0x18, 0x33,
+ 0x46, 0x01, 0x64, 0x70, 0x32, 0x82, 0x14, 0x02, 0x41, 0x21, 0x28, 0x70,
+ 0x67, 0x55, 0x56, 0x44, 0x57, 0x40, 0x81, 0x05, 0x00, 0x66, 0x56, 0x81,
+ 0x42, 0x04, 0x34, 0x83, 0x77, 0x55, 0x05, 0x47, 0x64, 0x54, 0x36, 0x53,
+ 0x63, 0x63, 0x72, 0x46, 0x60, 0x12, 0x25, 0x25, 0x03, 0x25, 0x65, 0x64,
+ 0x84, 0x64, 0x83, 0x34, 0x30, 0x73, 0x11, 0x68, 0x32, 0x56, 0x06, 0x64,
+ 0x05, 0x40, 0x52, 0x47, 0x37, 0x51, 0x44, 0x06, 0x75, 0x57, 0x36, 0x22,
+ 0x63, 0x28, 0x25, 0x48, 0x64, 0x21, 0x38, 0x47, 0x01, 0x18, 0x18, 0x82,
+ 0x10, 0x00, 0x65, 0x33, 0x65, 0x70, 0x46, 0x76, 0x38, 0x63, 0x15, 0x11,
+ 0x31, 0x73, 0x08, 0x00, 0x37, 0x71, 0x41, 0x16, 0x21, 0x44, 0x72, 0x45,
+ 0x01, 0x71, 0x55, 0x05, 0x01, 0x87, 0x82, 0x14, 0x70, 0x52, 0x32, 0x00,
+ 0x76, 0x45, 0x74, 0x62, 0x22, 0x77, 0x47, 0x74, 0x56, 0x26, 0x56, 0x73,
+ 0x42, 0x84, 0x15, 0x03, 0x44, 0x64, 0x23, 0x73, 0x37, 0x28, 0x67, 0x15,
+ 0x76, 0x28, 0x81, 0x57, 0x52, 0x70, 0x12, 0x31, 0x13, 0x03, 0x32, 0x27,
+ 0x03, 0x05, 0x86, 0x27, 0x47, 0x68, 0x26, 0x75, 0x22, 0x38, 0x45, 0x04,
+ 0x87, 0x05, 0x46, 0x35, 0x51, 0x45, 0x37, 0x03, 0x06, 0x58, 0x78, 0x36,
+ 0x33, 0x07, 0x36, 0x08, 0x23, 0x41, 0x35, 0x30, 0x88, 0x25, 0x03, 0x72,
+ 0x26, 0x12, 0x60, 0x06, 0x62, 0x74, 0x51, 0x66, 0x41, 0x70, 0x87, 0x82,
+ 0x55, 0x22, 0x76, 0x26, 0x50, 0x03, 0x54, 0x03, 0x68, 0x70, 0x71, 0x61,
+ 0x76, 0x00, 0x45, 0x14, 0x64, 0x41, 0x00, 0x46, 0x44, 0x42, 0x62, 0x34,
+ 0x38, 0x28, 0x80, 0x06, 0x52, 0x20, 0x67, 0x88, 0x62, 0x75, 0x48, 0x07,
+ 0x87, 0x61, 0x40, 0x85, 0x55, 0x76, 0x48, 0x24, 0x04, 0x52, 0x00, 0x83,
+ 0x46, 0x54, 0x20, 0x66, 0x52, 0x55, 0x87, 0x50, 0x65, 0x40, 0x43, 0x65,
+ 0x01, 0x61, 0x87, 0x25, 0x30, 0x17, 0x72, 0x46, 0x73, 0x60, 0x74, 0x46,
+ 0x22, 0x76, 0x21, 0x51, 0x01, 0x30, 0x87, 0x38, 0x38, 0x57, 0x88, 0x55,
+ 0x22, 0x64, 0x80, 0x34, 0x83, 0x20, 0x01, 0x42, 0x04, 0x24, 0x08, 0x04,
+ 0x87, 0x34, 0x18, 0x26, 0x25, 0x03, 0x13, 0x02, 0x42, 0x81, 0x07, 0x47,
+ 0x55, 0x53, 0x51, 0x73, 0x07, 0x08, 0x72, 0x32, 0x32, 0x06, 0x13, 0x76,
+ 0x42, 0x61, 0x11, 0x10, 0x34, 0x22, 0x65, 0x80, 0x18, 0x05, 0x01, 0x64,
+ 0x44, 0x65, 0x13, 0x20, 0x81, 0x26, 0x03, 0x50, 0x15, 0x34, 0x76, 0x71,
+ 0x86, 0x52, 0x58, 0x87, 0x53, 0x84, 0x53, 0x57, 0x75, 0x43, 0x13, 0x71,
+ 0x85, 0x66, 0x41, 0x01, 0x52, 0x15, 0x60, 0x43, 0x24, 0x66, 0x42, 0x83,
+ 0x02, 0x37, 0x53, 0x44, 0x53, 0x88, 0x15, 0x20, 0x25, 0x77, 0x34, 0x66,
+ 0x23, 0x70, 0x06, 0x62, 0x81, 0x37, 0x32, 0x05, 0x16, 0x05, 0x26, 0x44,
+ 0x26, 0x21, 0x58, 0x85, 0x17, 0x75, 0x57, 0x70, 0x47, 0x14, 0x61, 0x21,
+ 0x26, 0x13, 0x00, 0x48, 0x47, 0x46, 0x27, 0x48, 0x52, 0x50, 0x67, 0x62,
+ 0x07, 0x27, 0x04, 0x38, 0x72, 0x60, 0x02, 0x74, 0x00, 0x60, 0x80, 0x13,
+ 0x58, 0x63, 0x74, 0x13, 0x47, 0x57, 0x84, 0x52, 0x18, 0x46, 0x36, 0x18,
+ 0x72, 0x65, 0x18, 0x20, 0x57, 0x68, 0x76, 0x11, 0x24, 0x02, 0x45, 0x06,
+ 0x16, 0x46, 0x78, 0x73, 0x86, 0x22, 0x25, 0x16, 0x12, 0x36, 0x66, 0x81,
+ 0x57, 0x82, 0x80, 0x33, 0x08, 0x74, 0x62, 0x48, 0x85, 0x27, 0x56, 0x01,
+ 0x88, 0x44, 0x35, 0x44, 0x01, 0x05, 0x38, 0x44, 0x60, 0x46, 0x67, 0x87,
+ 0x23, 0x43, 0x76, 0x66, 0x52, 0x71, 0x88, 0x87, 0x27, 0x23, 0x14, 0x78,
+ 0x16, 0x87, 0x80, 0x52, 0x56, 0x13, 0x17, 0x06, 0x07, 0x40, 0x86, 0x62,
+ 0x12, 0x72, 0x45, 0x25, 0x50, 0x03, 0x32, 0x14, 0x81, 0x70, 0x41, 0x01,
+ 0x32, 0x81, 0x13, 0x13, 0x13, 0x72, 0x77, 0x00, 0x48, 0x26, 0x64, 0x81,
+ 0x58, 0x07, 0x23, 0x85, 0x27, 0x13, 0x01, 0x60, 0x26, 0x65, 0x37, 0x61,
+ 0x84, 0x17, 0x38, 0x08, 0x10, 0x22, 0x01, 0x70, 0x58, 0x65, 0x68, 0x18,
+ 0x66, 0x40, 0x80, 0x46, 0x50, 0x87, 0x24, 0x70, 0x06, 0x88, 0x37, 0x66,
+ 0x15, 0x03, 0x31, 0x63, 0x05, 0x73, 0x32, 0x57, 0x72, 0x52, 0x12, 0x76,
+ 0x72, 0x67, 0x26, 0x13, 0x34, 0x18, 0x75, 0x20, 0x06, 0x83, 0x22, 0x26,
+ 0x68, 0x84, 0x44, 0x24, 0x47, 0x08, 0x84, 0x44, 0x13, 0x15, 0x86, 0x45,
+ 0x16, 0x58, 0x63, 0x51, 0x50, 0x34, 0x77, 0x00, 0x58, 0x81, 0x86, 0x32,
+ 0x78, 0x57, 0x10, 0x25, 0x58, 0x63, 0x48, 0x53, 0x78, 0x75, 0x42, 0x67,
+ 0x77, 0x52, 0x63, 0x03, 0x33, 0x51, 0x66, 0x11, 0x83, 0x40, 0x76, 0x01,
+ 0x11, 0x53, 0x64, 0x36, 0x30, 0x11, 0x71, 0x75, 0x76, 0x23, 0x26, 0x81,
+ 0x32, 0x27, 0x02, 0x56, 0x66, 0x75, 0x07, 0x14, 0x66, 0x35, 0x87, 0x64,
+ 0x62, 0x56, 0x33, 0x47, 0x82, 0x26, 0x54, 0x73, 0x38, 0x15, 0x41, 0x58,
+ 0x25, 0x84, 0x80, 0x04, 0x57, 0x83, 0x86, 0x83, 0x77, 0x83, 0x22, 0x83,
+ 0x65, 0x25, 0x34, 0x58, 0x82, 0x43, 0x33, 0x36, 0x66, 0x68, 0x60, 0x31,
+ 0x85, 0x48, 0x88, 0x13, 0x57, 0x24, 0x51, 0x34, 0x16, 0x48, 0x60, 0x37,
+ 0x24, 0x21, 0x62, 0x71, 0x06, 0x25, 0x60, 0x32, 0x82, 0x45, 0x52, 0x43,
+ 0x15, 0x11, 0x47, 0x77, 0x60, 0x07, 0x15, 0x04, 0x71, 0x53, 0x58, 0x82,
+ 0x17, 0x68, 0x40, 0x35, 0x21, 0x13, 0x88, 0x88, 0x61, 0x46, 0x24, 0x41,
+ 0x80, 0x10, 0x22, 0x80, 0x88, 0x37, 0x06, 0x30, 0x76, 0x67, 0x70, 0x03,
+ 0x18, 0x43, 0x10, 0x74, 0x46, 0x62, 0x21, 0x25, 0x45, 0x56, 0x63, 0x14,
+ 0x28, 0x11, 0x37, 0x26, 0x88, 0x86, 0x22, 0x35, 0x51, 0x48, 0x78, 0x78,
+ 0x48, 0x26, 0x40, 0x54, 0x82, 0x12, 0x70, 0x71, 0x78, 0x06, 0x05, 0x87,
+ 0x17, 0x41, 0x44, 0x00, 0x27, 0x84, 0x33, 0x81, 0x00, 0x16, 0x70, 0x67,
+ 0x20, 0x62, 0x78, 0x58, 0x46, 0x25, 0x88, 0x06, 0x50, 0x23, 0x44, 0x04,
+ 0x28, 0x44, 0x35, 0x17, 0x62, 0x61, 0x40, 0x41, 0x50, 0x75, 0x27, 0x50,
+ 0x76, 0x13, 0x40, 0x40, 0x50, 0x18, 0x22, 0x32, 0x23, 0x51, 0x34, 0x76,
+ 0x01, 0x25, 0x81, 0x75, 0x23, 0x66, 0x11, 0x48, 0x41, 0x34, 0x57, 0x36,
+ 0x21, 0x73, 0x75, 0x87, 0x01, 0x88, 0x75, 0x28, 0x72, 0x46, 0x13, 0x70,
+ 0x77, 0x14, 0x04, 0x80, 0x73, 0x50, 0x27, 0x56, 0x37, 0x22, 0x65, 0x76,
+ 0x47, 0x78, 0x41, 0x22, 0x38, 0x24, 0x26, 0x82, 0x18, 0x31, 0x10, 0x71,
+ 0x88, 0x62, 0x73, 0x05, 0x30, 0x27, 0x31, 0x76, 0x80, 0x78, 0x13, 0x21,
+ 0x31, 0x35, 0x21, 0x54, 0x64, 0x44, 0x86, 0x36, 0x52, 0x42, 0x02, 0x53,
+ 0x86, 0x07, 0x72, 0x04, 0x07, 0x70, 0x20, 0x80, 0x20, 0x71, 0x50, 0x03,
+ 0x52, 0x14, 0x24, 0x55, 0x52, 0x06, 0x20, 0x11, 0x40, 0x41, 0x14, 0x44,
+ 0x15, 0x23, 0x76, 0x00, 0x35, 0x41, 0x88, 0x11, 0x14, 0x57, 0x14, 0x24,
+ 0x11, 0x62, 0x18, 0x01, 0x23, 0x87, 0x12, 0x73, 0x54, 0x72, 0x32, 0x13,
+ 0x55, 0x04, 0x65, 0x26, 0x76, 0x22, 0x06, 0x51, 0x01, 0x53, 0x81, 0x08,
+ 0x24, 0x51, 0x11, 0x88, 0x14, 0x75, 0x37, 0x52, 0x57, 0x18, 0x34, 0x66,
+ 0x80, 0x78, 0x41, 0x00, 0x64, 0x57, 0x38, 0x28, 0x07, 0x30, 0x56, 0x13,
+ 0x37, 0x27, 0x68, 0x75, 0x01, 0x60, 0x47, 0x32, 0x40, 0x38, 0x71, 0x00,
+ 0x70, 0x83, 0x45, 0x32, 0x36, 0x66, 0x56, 0x61, 0x14, 0x28, 0x23, 0x46,
+ 0x67, 0x27, 0x41, 0x13, 0x06, 0x38, 0x68, 0x02, 0x08, 0x71, 0x68, 0x75,
+ 0x24, 0x51, 0x70, 0x16, 0x01, 0x61, 0x54, 0x75, 0x75, 0x76, 0x08, 0x77,
+ 0x76, 0x42, 0x68, 0x48, 0x31, 0x66, 0x16, 0x74, 0x84, 0x60, 0x52, 0x05,
+ 0x02, 0x47, 0x40, 0x26, 0x12, 0x75, 0x28, 0x73, 0x18, 0x86, 0x80, 0x78,
+ 0x66, 0x54, 0x28, 0x60, 0x30, 0x52, 0x76, 0x45, 0x66, 0x33, 0x52, 0x15,
+ 0x03, 0x44, 0x46, 0x62, 0x82, 0x67, 0x41, 0x25, 0x57, 0x84, 0x28, 0x67,
+ 0x62, 0x52, 0x34, 0x74, 0x53, 0x86, 0x40, 0x52, 0x62, 0x40, 0x37, 0x78,
+ 0x77, 0x45, 0x67, 0x88, 0x08, 0x53, 0x32, 0x21, 0x84, 0x13, 0x34, 0x01,
+ 0x41, 0x65, 0x62, 0x31, 0x68, 0x30, 0x07, 0x13, 0x04, 0x13, 0x84, 0x40,
+ 0x30, 0x77, 0x72, 0x73, 0x07, 0x86, 0x73, 0x34, 0x51, 0x52, 0x30, 0x28,
+ 0x18, 0x02, 0x21, 0x28, 0x61, 0x37, 0x76, 0x60, 0x11, 0x13, 0x01, 0x47,
+ 0x36, 0x18, 0x08, 0x10, 0x21, 0x17, 0x11, 0x20, 0x87, 0x72, 0x21, 0x04,
+ 0x42, 0x34, 0x58, 0x58, 0x04, 0x13, 0x58, 0x11, 0x84, 0x86, 0x75, 0x85,
+ 0x62, 0x73, 0x26, 0x10, 0x70, 0x37, 0x55, 0x45, 0x68, 0x06, 0x25, 0x41,
+ 0x53, 0x75, 0x81, 0x58, 0x84, 0x27, 0x83, 0x08, 0x37, 0x83, 0x13, 0x38,
+ 0x86, 0x42, 0x70, 0x82, 0x67, 0x61, 0x48, 0x54, 0x20, 0x41, 0x82, 0x32,
+ 0x57, 0x81, 0x64, 0x32, 0x12, 0x60, 0x53, 0x75, 0x48, 0x16, 0x22, 0x78,
+ 0x16, 0x21, 0x25, 0x36, 0x27, 0x37, 0x83, 0x24, 0x52, 0x82, 0x20, 0x74,
+ 0x74, 0x53, 0x76, 0x58, 0x46, 0x72, 0x88, 0x50, 0x23, 0x83, 0x36, 0x02,
+ 0x13, 0x12, 0x23, 0x37, 0x08, 0x54, 0x85, 0x11, 0x46, 0x52, 0x74, 0x85,
+ 0x41, 0x00, 0x06, 0x01, 0x36, 0x70, 0x51, 0x00, 0x16, 0x57, 0x05, 0x10,
+ 0x00, 0x86, 0x20, 0x06, 0x11, 0x05, 0x33, 0x05, 0x12, 0x08, 0x75, 0x10,
+ 0x19, 0x3a, 0x4a, 0xa5, 0x53, 0xcb, 0xe3, 0xe7, 0x69, 0xd3, 0x04, 0x28,
+ 0x29, 0x68, 0xf1, 0x94, 0x49, 0xcd, 0xee, 0xa9, 0x25, 0xe3, 0x95, 0x74,
+ 0x57, 0xa7, 0x1e, 0xac, 0xf1, 0x2f, 0xc5, 0xa6, 0x63, 0x2a, 0xa6, 0x15,
+ 0x98, 0x98, 0x6e, 0x15, 0x83, 0xc0, 0xab, 0x5d, 0x8e, 0xbf, 0x69, 0xe4,
+ 0x50, 0xb7, 0x47, 0x8a, 0x81, 0x63, 0x9b, 0xdf, 0x71, 0x61, 0x59, 0x62,
+ 0x77, 0xd1, 0x3e, 0xd2, 0xf0, 0xa3, 0xc9, 0xa4, 0xed, 0x0a, 0x28, 0xcf,
+ 0x5d, 0x8b, 0x3e, 0x29, 0xbc, 0x0e, 0x5c, 0x04, 0x10, 0x8d, 0x13, 0xcd,
+ 0x58, 0xc2, 0x02, 0x8d, 0xb8, 0x2e, 0xfa, 0x1a, 0x86, 0x12, 0x61, 0x4f,
+ 0x8b, 0xc7, 0x90, 0x01, 0x65, 0x61, 0x1c, 0xa5, 0x9a, 0x32, 0x32, 0x59,
+ 0x90, 0x56, 0xb6, 0x5c, 0xbd, 0x6a, 0x85, 0x8a, 0x14, 0xd6, 0x4d, 0xf2,
+ 0x68, 0xe9, 0x6b, 0x61, 0x66, 0x3a, 0x9c, 0x79, 0xed, 0xc4, 0x5f, 0x13,
+ 0xab, 0x8d, 0x71, 0xe4, 0x5d, 0x0d, 0xee, 0xd4, 0x11, 0xdf, 0x53, 0x21,
+ 0x75, 0x64, 0x61, 0x48, 0x6c, 0xf0, 0x30, 0xca, 0x60, 0x92, 0xf2, 0x02,
+ 0x5d, 0xc4, 0x11, 0x18, 0x14, 0xfb, 0xb4, 0xf2, 0xc2, 0x58, 0x99, 0xc8,
+ 0x73, 0x0b, 0xf9, 0xcf, 0x0b, 0xf7, 0x7a, 0x86, 0x36, 0xa0, 0xb5, 0x02,
+ 0x48, 0x5b, 0x42, 0x21, 0xf7, 0x82, 0x03, 0x16, 0x4d, 0x9f, 0x32, 0x2f,
+ 0xca, 0xfe, 0x06, 0x5a, 0xd4, 0xc9, 0x47, 0x73, 0x6e, 0xdc, 0x4d, 0x6a,
+ 0xc7, 0x70, 0x4c, 0xf9, 0x99, 0xba, 0x1c, 0xfe, 0xf4, 0xf3, 0x0d, 0x55,
+ 0x89, 0x74, 0x73, 0xd9, 0xef, 0x0f, 0x0b, 0xce, 0x3c, 0xc0, 0xd3, 0x50,
+ 0xf2, 0xc8, 0x1e, 0x64, 0x35, 0xb0, 0x3b, 0x50, 0xb0, 0x10, 0xb5, 0x6b,
+ 0x5b, 0x4f, 0xdd, 0xad, 0xd3, 0x41, 0x31, 0x40, 0x9b, 0x22, 0xbb, 0x7d,
+ 0xf5, 0x5f, 0x26, 0x23, 0x4c, 0x58, 0x3d, 0x12, 0x58, 0x5a, 0x60, 0x48,
+ 0x73, 0xff, 0x81, 0x4f, 0xa0, 0xaf, 0xa5, 0x86, 0xc9, 0xb3, 0xea, 0x33,
+ 0x00, 0x16, 0x6a, 0x8a, 0xff, 0x64, 0xcc, 0x2e, 0x6c, 0xae, 0x70, 0x2c,
+ 0x51, 0x4b, 0x7e, 0xea, 0x83, 0x46, 0xe4, 0x2f, 0x01, 0xfb, 0x85, 0x4c,
+ 0x6e, 0x37, 0x8f, 0x61, 0x1d, 0x73, 0xc9, 0x11, 0xf4, 0x2d, 0xec, 0xac,
+ 0x6e, 0x76, 0x0b, 0xe1, 0x03, 0xf0, 0xa0, 0x5c, 0x55, 0x81, 0xdc, 0xa7,
+ 0x27, 0x17, 0xcd, 0xad, 0xc7, 0x9c, 0x1a, 0x99, 0x20, 0x92, 0xb8, 0x25,
+ 0x05, 0x1b, 0x3f, 0x80, 0xbe, 0x35, 0x28, 0x98, 0x58, 0x47, 0x10, 0xc7,
+ 0xdc, 0x07, 0x2c, 0xe3, 0x22, 0x55, 0xff, 0xbc, 0x57, 0x23, 0xd5, 0x04,
+ 0xb0, 0x2c, 0x4e, 0x65, 0x1b, 0x60, 0xc9, 0x9b, 0xb6, 0x19, 0x7b, 0x6a,
+ 0xf3, 0xf6, 0xb6, 0xa5, 0x98, 0x18, 0xea, 0xe8, 0x47, 0xc5, 0x99, 0xe5,
+ 0x0f, 0xe5, 0x66, 0x32, 0x8e, 0x55, 0x6b, 0x61, 0x4d, 0xde, 0x30, 0x01,
+ 0x91, 0xc7, 0x82, 0xac, 0xc0, 0xe0, 0x17, 0x5b, 0x3f, 0xa4, 0xf3, 0x70,
+ 0x2d, 0x2c, 0xc5, 0x82, 0x1b, 0x6b, 0xae, 0x3e, 0xe4, 0x04, 0xa7, 0xce,
+ 0x36, 0x27, 0x47, 0xd1, 0xf2, 0xf8, 0xc3, 0x79, 0xce, 0xa1, 0xdf, 0xdc,
+ 0xc8, 0x32, 0x80, 0xb1, 0x3d, 0x39, 0xc0, 0xd4, 0x80, 0x9f, 0xcf, 0x7e,
+ 0x85, 0x76, 0x25, 0xcc, 0x57, 0xb1, 0xf1, 0xcf, 0x6c, 0xc5, 0x41, 0x11,
+ 0xac, 0x48, 0xfe, 0xd1, 0x52, 0xed, 0xde, 0xb9, 0xa4, 0x73, 0x6d, 0x85,
+ 0x54, 0x40, 0x5f, 0x6e, 0x5d, 0x7d, 0x1b, 0xc9, 0xcb, 0x5a, 0x1e, 0xc5,
+ 0xdd, 0x98, 0x94, 0x7d, 0xbe, 0x84, 0x8a, 0x40, 0x6a, 0x27, 0x45, 0x61,
+ 0x2c, 0x8a, 0x04, 0x9e, 0x0b, 0xa3, 0xc2, 0x95, 0xb0, 0x65, 0xf6, 0xb5,
+ 0xc8, 0xff, 0x13, 0x47, 0x10, 0xa9, 0xb4, 0xa1, 0x75, 0x94, 0xcd, 0x98,
+ 0xf4, 0x22, 0x3f, 0xa6, 0x1c, 0x9b, 0xd1, 0xaf, 0x33, 0x69, 0xcb, 0x9a,
+ 0x88, 0x67, 0x16, 0xf6, 0x90, 0x4e, 0xdd, 0x61, 0x91, 0x84, 0xe3, 0xf0,
+ 0x74, 0x73, 0x7e, 0x19, 0x4e, 0x75, 0xd7, 0x5a, 0xcb, 0x40, 0x13, 0x12,
+ 0x5f, 0x6f, 0xe5, 0x77, 0x0c, 0x5e, 0x3c, 0x6b, 0x87, 0xbf, 0xdf, 0x61,
+ 0xbe, 0x97, 0xbd, 0x38, 0xcd, 0xf7, 0x36, 0xee, 0x23, 0xcc, 0x7e, 0xd0,
+ 0x0a, 0xc2, 0xfe, 0x4e, 0xec, 0x9c, 0x9a, 0x07, 0xec, 0xd3, 0xb2, 0x1c,
+ 0x1c, 0x88, 0xfa, 0xfa, 0x26, 0x61, 0x97, 0x93, 0x87, 0xa4, 0xc8, 0xaa,
+ 0x4e, 0xf6, 0x8c, 0x22, 0xd4, 0xe8, 0x36, 0x97, 0x9c, 0x11, 0xe6, 0xf2,
+ 0x2b, 0x1c, 0x6c, 0x33, 0xea, 0xc4, 0xdc, 0xd6, 0x7b, 0xe7, 0x96, 0xe6,
+ 0xbc, 0x14, 0xa6, 0xc4, 0x7c, 0x78, 0x1f, 0xfa, 0x34, 0xd6, 0xaf, 0x28,
+ 0x29, 0xe6, 0x0a, 0xab, 0xca, 0x87, 0xaf, 0xb8, 0x2f, 0xab, 0x5f, 0x4a,
+ 0xc3, 0xfa, 0xd2, 0xa7, 0xef, 0xef, 0x21, 0xbd, 0xef, 0x9c, 0xb9, 0x59,
+ 0x1c, 0xa2, 0x8c, 0x1f, 0x0e, 0x86, 0xa5, 0xc9, 0x8b, 0x3d, 0xbe, 0x6e,
+ 0xba, 0x8c, 0xef, 0xa8, 0xb6, 0x0d, 0x54, 0x1e, 0x6f, 0x5d, 0x22, 0xf4,
+ 0x0c, 0x2e, 0x8b, 0x27, 0xaa, 0xc5, 0x9e, 0x43, 0x5a, 0xfd, 0x2f, 0x4b,
+ 0x49, 0x63, 0x69, 0x57, 0x02, 0x8b, 0xb2, 0xef, 0x21, 0xad, 0xdf, 0x3d,
+ 0x4a, 0x67, 0x0f, 0xad, 0xf7, 0x45, 0x17, 0xb3, 0x6e, 0xdd, 0x21, 0x9a,
+ 0xc2, 0x69, 0x3e, 0xc1, 0x9e, 0xe1, 0x96, 0x96, 0xad, 0xeb, 0x16, 0x69,
+ 0xa7, 0x8b, 0x14, 0x95, 0x6e, 0x47, 0xf9, 0x9f, 0x34, 0x3e, 0x66, 0x9d,
+ 0xcb, 0x0a, 0xb5, 0xff, 0xae, 0x2c, 0xff, 0x4e, 0x4d, 0xf5, 0x02, 0xa6,
+ 0xc9, 0xe8, 0x29, 0x56, 0xb3, 0xa8, 0x8c, 0xf5, 0xe6, 0x97, 0xa7, 0x00,
+ 0x1b, 0x98, 0x8f, 0xd3, 0xe9, 0x14, 0x0e, 0xf2, 0x85, 0x2f, 0xa9, 0xb7,
+ 0xb6, 0xca, 0x99, 0x06, 0x17, 0x1b, 0xf6, 0xce, 0x9e, 0x50, 0xf1, 0x33,
+ 0x62, 0xd0, 0xe5, 0xa0, 0x05, 0x01, 0x0d, 0xf8, 0x56, 0xf0, 0x35, 0x04,
+ 0xbd, 0xf2, 0x2c, 0x15, 0x75, 0x96, 0x89, 0xd9, 0x3c, 0xca, 0x84, 0x14,
+ 0x2b, 0x37, 0x64, 0x1b, 0x28, 0x62, 0xda, 0xb3, 0xc5, 0x2d, 0x26, 0x38,
+ 0x0f, 0x29, 0x39, 0x03, 0x3b, 0x75, 0x82, 0xeb, 0x6a, 0xd7, 0x1f, 0x57,
+ 0xb0, 0x66, 0x6f, 0xd3, 0xb6, 0xe5, 0xd2, 0x68, 0x14, 0x8f, 0xe8, 0xd7,
+ 0x09, 0x53, 0x98, 0xb6, 0xff, 0xa4, 0x85, 0x21, 0x7a, 0x07, 0x4a, 0xf3,
+ 0xe8, 0xe2, 0xc7, 0x20, 0x31, 0x77, 0x79, 0x37, 0xf3, 0x27, 0xe6, 0xd3,
+ 0xfb, 0x8b, 0xa8, 0xf4, 0x71, 0x27, 0xe4, 0xea, 0x63, 0xaf, 0xce, 0x9f,
+ 0x0b, 0x25, 0x01, 0x84, 0x31, 0x60, 0x30, 0x06, 0x11, 0x19, 0x31, 0x74,
+ 0xf2, 0xce, 0x17, 0x6a, 0x22, 0xfe, 0x62, 0x0e, 0xfb, 0x54, 0xdf, 0xe4,
+ 0xfd, 0x96, 0x69, 0x99, 0x1d, 0x95, 0xed, 0xcb, 0x9f, 0xb1, 0x89, 0xce,
+ 0x77, 0x84, 0x46, 0x87, 0x7d, 0x71, 0xb0, 0xd6, 0x35, 0xd1, 0x3d, 0xcd,
+ 0xb5, 0xa1, 0xaa, 0xee, 0xa2, 0x66, 0xb5, 0xf0, 0x1f, 0x4a, 0x12, 0x88,
+ 0xc8, 0x95, 0x02, 0x2c, 0x1a, 0xe8, 0x49, 0xda, 0x28, 0x10, 0x1a, 0xd0,
+ 0xc0, 0x33, 0x6c, 0xb6, 0x69, 0xb2, 0x1a, 0xa4, 0xf5, 0x47, 0xc8, 0x05,
+ 0x12, 0x22, 0xf3, 0xb5, 0xa4, 0x50, 0xa8, 0x1f, 0xab, 0x2c, 0xef, 0x5d,
+ 0x8d, 0xfe, 0x98, 0x9e, 0xdb, 0x1f, 0x63, 0xf3, 0x34, 0x1a, 0x82, 0xce,
+ 0xaf, 0x59, 0x61, 0xa5, 0x78, 0xfd, 0x5f, 0xef, 0xd9, 0xfe, 0xab, 0x06,
+ 0xd0, 0x14, 0xf1, 0x8a, 0x18, 0xbc, 0x32, 0xe2, 0xc0, 0x1b, 0x3d, 0xb1,
+ 0x72, 0x77, 0xa6, 0x94, 0x8c, 0x6e, 0x05, 0xa2, 0x6b, 0x80, 0xd0, 0x1b,
+ 0xd7, 0x59, 0xe3, 0x59, 0x5e, 0x6e, 0x10, 0x53, 0xd4, 0x2c, 0x68, 0x82,
+ 0x9a, 0xfc, 0x39, 0x9d, 0x19, 0xb3, 0x84, 0x3d, 0x4c, 0xaa, 0xe6, 0x71,
+ 0x59, 0x01, 0x29, 0x96, 0xcb, 0x96, 0xb2, 0x68, 0x5e, 0x8f, 0xdb, 0xc4,
+ 0x4e, 0xca, 0x20, 0x4b, 0xe5, 0x52, 0x37, 0xd6, 0xce, 0x36, 0xc0, 0x01,
+ 0xb7, 0xae, 0x7d, 0xe2, 0x2b, 0xd6, 0xcb, 0xb1, 0x9c, 0x66, 0xd9, 0x67,
+ 0xf8, 0x54, 0xcc, 0x2e, 0x2b, 0x2c, 0x58, 0xd0, 0x56, 0xba, 0x71, 0x62,
+ 0x1f, 0xda, 0xfc, 0xd2, 0xe5, 0xf2, 0xf7, 0xbd, 0x49, 0xcf, 0xa4, 0x7f,
+ 0x91, 0x53, 0xac, 0x08, 0x9e, 0xba, 0xd0, 0x85, 0x4d, 0x51, 0x30, 0xd1,
+ 0x58, 0x3c, 0x4c, 0xbe, 0x3d, 0x80, 0x7a, 0x5b, 0xe6, 0xb1, 0x49, 0x88,
+ 0xc6, 0xf8, 0xf7, 0xc6, 0xf4, 0xbc, 0xbb, 0x98, 0x59, 0x88, 0x61, 0xff,
+ 0xe1, 0x9e, 0x8a, 0xbc, 0x83, 0x11, 0xf0, 0xe0, 0x47, 0xa5, 0xea, 0x02,
+ 0x2e, 0xc6, 0xdd, 0x5a, 0xf5, 0x0d, 0x24, 0xf9, 0x00, 0x5f, 0xcc, 0xc9,
+ 0xe7, 0x16, 0x0d, 0xaa, 0x32, 0x34, 0xfe, 0x5c, 0x7b, 0x26, 0x47, 0x0a,
+ 0xb5, 0x61, 0xa2, 0x6c, 0x39, 0x46, 0x87, 0xca, 0xac, 0x75, 0xfe, 0x34,
+ 0x38, 0x92, 0x62, 0xbd, 0xfe, 0xa3, 0x75, 0x97, 0x2b, 0xf1, 0xc2, 0xbb,
+ 0x37, 0xf2, 0x52, 0xad, 0xdb, 0xc0, 0xfe, 0x76, 0x0f, 0x1f, 0x3a, 0xe6,
+ 0xae, 0xde, 0xb8, 0x67, 0x62, 0x94, 0xc4, 0x2f, 0xc8, 0x6a, 0xc8, 0x49,
+ 0x11, 0x90, 0x80, 0x0c, 0xca, 0x46, 0x66, 0x52, 0x7e, 0x51, 0x1d, 0x4d,
+ 0x19, 0x73, 0xf7, 0x10, 0xa0, 0x77, 0xdd, 0x0b, 0x38, 0x2c, 0x79, 0xa4,
+ 0x6e, 0xe3, 0xce, 0x5f, 0x1c, 0xf8, 0xcd, 0x96, 0x7a, 0xed, 0x48, 0x9e,
+ 0x14, 0x32, 0x69, 0x8a, 0xb3, 0xaf, 0xe1, 0x22, 0xb0, 0x29, 0xb3, 0x3b,
+ 0x61, 0x8f, 0xfc, 0xf4, 0xc3, 0xf8, 0x7d, 0x2a, 0x9c, 0x0a, 0x30, 0xe9,
+ 0x43, 0x56, 0xdc, 0xd8, 0xbf, 0xe3, 0x95, 0x6e, 0xa4, 0x25, 0x9b, 0x92,
+ 0xae, 0x30, 0xdc, 0x07, 0x76, 0x39, 0x08, 0x22, 0xe2, 0xd0, 0xf0, 0x4c,
+ 0xb6, 0x0b, 0xa5, 0x69, 0x2b, 0xe9, 0x58, 0x24, 0x85, 0x6b, 0x92, 0xb9,
+ 0x4b, 0xf7, 0x25, 0xdc, 0xbe, 0x77, 0x6c, 0xc0, 0xf3, 0xa9, 0x81, 0x01,
+ 0x8d, 0x95, 0x62, 0x5b, 0x8b, 0x78, 0x76, 0xb8, 0x75, 0x1f, 0xbe, 0x4e,
+ 0x19, 0xb1, 0x69, 0xb5, 0xdf, 0x96, 0x35, 0x51, 0x11, 0x05, 0x81, 0x29,
+ 0xd5, 0x20, 0x21, 0x48, 0xc2, 0xc5, 0x94, 0xdc, 0xf4, 0x2a, 0xc3, 0x45,
+ 0xc5, 0x88, 0xc0, 0x5f, 0x16, 0xd4, 0x42, 0x55, 0x84, 0xe9, 0x14, 0x85,
+ 0xe1, 0x7c, 0x01, 0x33, 0xd5, 0x6a, 0x9b, 0x56, 0x49, 0x8a, 0xd6, 0x79,
+ 0xc4, 0x2b, 0x3d, 0x0d, 0xce, 0x83, 0x48, 0xee, 0x92, 0x31, 0xec, 0xc0,
+ 0x6e, 0xf0, 0x05, 0xa9, 0xe3, 0x02, 0x8f, 0x5b, 0xdb, 0xc4, 0x1b, 0xff,
+ 0x55, 0x8f, 0x02, 0xbd, 0xfb, 0x37, 0xfa, 0x7c, 0x84, 0x22, 0x36, 0xd6,
+ 0x45, 0xf9, 0xf1, 0x95, 0xad, 0xe1, 0xb4, 0xee, 0xc2, 0x23, 0xba, 0xa6,
+ 0x8b, 0xbf, 0xe6, 0xa0, 0x72, 0x1b, 0x3e, 0x98, 0xed, 0x90, 0x4c, 0x33,
+ 0x2f, 0x90, 0x14, 0x9e, 0x45, 0x2f, 0xf6, 0x42, 0xfc, 0x99, 0xef, 0x8e,
+ 0xb3, 0x29, 0x37, 0x2a, 0x8a, 0xe3, 0xc0, 0xb9, 0x69, 0xcd, 0x7f, 0x9b,
+ 0x54, 0x37, 0x91, 0x46, 0x5a, 0xb5, 0x7a, 0x20, 0x9f, 0xff, 0x48, 0x08,
+ 0xc3, 0xa7, 0xf4, 0x4d, 0xa5, 0x84, 0x4e, 0x14, 0x08, 0x45, 0xa3, 0x09,
+ 0x03, 0x30, 0x9e, 0x7f, 0x83, 0xf4, 0x30, 0xe7, 0xfb, 0x8b, 0x49, 0xaf,
+ 0xe2, 0xde, 0x3c, 0x65, 0x16, 0x2d, 0xa1, 0x77, 0x53, 0xd1, 0x4b, 0xda,
+ 0x43, 0xcb, 0xbe, 0xaf, 0x5c, 0x47, 0x25, 0x47, 0x3a, 0x99, 0xb7, 0x1e,
+ 0x4e, 0x02, 0xf9, 0xba, 0x34, 0xe2, 0xb9, 0xbf, 0x48, 0x16, 0xba, 0x6f,
+ 0x42, 0xfa, 0xfa, 0x85, 0x9d, 0x02, 0x64, 0xd1, 0x8e, 0x8a, 0x93, 0x62,
+ 0x5e, 0x32, 0x35, 0x13, 0xdb, 0xb5, 0x55, 0x36, 0x29, 0x20, 0xc7, 0xf9,
+ 0x5b, 0x6b, 0xd1, 0x85, 0xc5, 0xcd, 0x10, 0x7a, 0x1d, 0x91, 0x83, 0x3d,
+ 0xc2, 0x7d, 0x23, 0x24, 0x13, 0xff, 0x9b, 0xa9, 0x00, 0x9d, 0x90, 0x3f,
+ 0xc6, 0xcc, 0xdf, 0x4b, 0x9f, 0xc8, 0x0f, 0x5a, 0xef, 0x4b, 0x39, 0x3b,
+ 0x5a, 0x46, 0x8d, 0x60, 0xb1, 0xa1, 0x22, 0xf3, 0xcc, 0x61, 0x3a, 0x77,
+ 0x69, 0x30, 0x02, 0x14, 0x78, 0xf4, 0xb8, 0x78, 0xce, 0x4e, 0x52, 0xaa,
+ 0x48, 0x39, 0xb2, 0x0f, 0x52, 0x3b, 0xb7, 0xca, 0x7a, 0x94, 0x50, 0x20,
+ 0x05, 0x37, 0x65, 0x21, 0x95, 0x7f, 0x99, 0x21, 0xdc, 0x76, 0xd7, 0x4d,
+ 0xed, 0x38, 0xb5, 0x87, 0x3a, 0xab, 0x53, 0x77, 0xf1, 0xf3, 0xfc, 0x5d,
+ 0x23, 0xe2, 0x09, 0x14, 0x60, 0x0b, 0x8a, 0xe6, 0x2c, 0xb4, 0x8b, 0x73,
+ 0x44, 0x82, 0x16, 0x58, 0x20, 0x77, 0x0b, 0xa1, 0xd0, 0x31, 0x23, 0x2b,
+ 0xf7, 0x5e, 0x9e, 0xc2, 0x50, 0x8e, 0x75, 0x28, 0x6a, 0x63, 0x4e, 0xed,
+ 0xac, 0x93, 0xdb, 0x08, 0x27, 0x50, 0x54, 0x47, 0x0d, 0xc4, 0x64, 0xc4,
+ 0x1d, 0x28, 0x58, 0xfc, 0xd8, 0x0e, 0x05, 0x89, 0xd0, 0x83, 0x11, 0x36,
+ 0x95, 0xdd, 0xcf, 0xc2, 0x4a, 0x8c, 0x47, 0xc4, 0x8a, 0xf5, 0xe2, 0x20,
+ 0x4a, 0x15, 0x50, 0xf1, 0xfc, 0xbe, 0xa0, 0x3e, 0xe6, 0xed, 0x7c, 0x33,
+ 0xd9, 0x93, 0x2b, 0xb8, 0x6b, 0xc9, 0x6c, 0x3a, 0x75, 0xd7, 0xd4, 0xd3,
+ 0x92, 0x9f, 0xa9, 0x58, 0x77, 0xd1, 0x23, 0x91, 0x6e, 0x5e, 0x21, 0x8b,
+ 0x05, 0x40, 0x6f, 0x16, 0x25, 0x5d, 0x13, 0xf3, 0x5a, 0xfc, 0x1b, 0xd0,
+ 0x4e, 0x43, 0x6b, 0x3f, 0x83, 0xfc, 0xb2, 0xe1, 0x8a, 0x50, 0x6a, 0xad,
+ 0x68, 0xe4, 0x11, 0x15, 0x77, 0x65, 0x47, 0xf8, 0x36, 0xba, 0x3a, 0x0f,
+ 0x97, 0x16, 0xcc, 0xaf, 0xc1, 0x84, 0x2e, 0x20, 0x40, 0x96, 0x56, 0xb9,
+ 0x36, 0x13, 0x9e, 0xcb, 0x0d, 0x68, 0xd0, 0xfe, 0x6c, 0x9d, 0xc3, 0x81,
+ 0xa0, 0xb9, 0x4b, 0x59, 0xfb, 0x13, 0xb9, 0xa4, 0xd5, 0xae, 0x32, 0x0a,
+ 0x5f, 0xac, 0x53, 0x83, 0x2b, 0x60, 0x57, 0x63, 0x22, 0xa8, 0x57, 0x18,
+ 0xbd, 0xb9, 0xe5, 0x4c, 0x3c, 0xb0, 0x4a, 0x70, 0x66, 0xc3, 0x90, 0xcf,
+ 0x46, 0x67, 0xaa, 0x9b, 0xbb, 0x7d, 0x48, 0x58, 0xbf, 0x22, 0x00, 0xf3,
+ 0x2a, 0xad, 0xe8, 0xb5, 0x80, 0xf7, 0x53, 0xf1, 0xf6, 0xd4, 0xe2, 0x2d,
+ 0xdf, 0xde, 0x76, 0x91, 0x45, 0x29, 0x65, 0x39, 0xfe, 0xba, 0x5b, 0xd8,
+ 0x77, 0x18, 0x3b, 0x89, 0xe2, 0x3a, 0xe5, 0x03, 0x79, 0xd5, 0x47, 0xa1,
+ 0x37, 0xb5, 0x86, 0x55, 0xef, 0x01, 0xcc, 0x35, 0x7f, 0x1b, 0x68, 0xc1,
+ 0xde, 0x36, 0xc9, 0x72, 0x5d, 0xf6, 0xa2, 0x04, 0x74, 0x62, 0xda, 0x30,
+ 0xe1, 0x7a, 0x37, 0xdd, 0x34, 0x77, 0x5b, 0x4b, 0xc3, 0xf8, 0xe9, 0x47,
+ 0xcf, 0x97, 0xd3, 0x4d, 0x30, 0xee, 0x20, 0x6b, 0x29, 0xd8, 0x9c, 0x7f,
+ 0x26, 0xab, 0x31, 0x57, 0x9d, 0xb9, 0x6a, 0xac, 0x42, 0x54, 0x99, 0x8c,
+ 0xa6, 0x04, 0x08, 0x73, 0x92, 0x0b, 0xf4, 0x92, 0x3f, 0x8a, 0x2f, 0xea,
+ 0x03, 0xdf, 0x8e, 0xa0, 0xcb, 0x99, 0x3a, 0x97, 0x18, 0xc5, 0xd2, 0x67,
+ 0x1b, 0xf0, 0x19, 0x63, 0xbd, 0x12, 0x89, 0x3f, 0x2c, 0xd5, 0xbe, 0x11,
+ 0x64, 0xdb, 0x1a, 0xe1, 0x23, 0x4a, 0x59, 0x67, 0xf3, 0x2f, 0xe1, 0x8e,
+ 0x4e, 0x97, 0x26, 0xbf, 0x04, 0xab, 0xe4, 0x08, 0x4e, 0x6e, 0x77, 0x3c,
+ 0xe0, 0x09, 0x65, 0x5e, 0xf0, 0xba, 0xac, 0x29, 0x6b, 0xf9, 0x1d, 0xea,
+ 0xe5, 0x8d, 0x5c, 0x96, 0x2a, 0x34, 0x32, 0x99, 0x59, 0x1e, 0xb6, 0x41,
+ 0x45, 0xfc, 0x42, 0x9b, 0x4a, 0x27, 0x2c, 0x29, 0x53, 0xc7, 0xa9, 0x85,
+ 0x5f, 0x07, 0xdd, 0xb0, 0x96, 0xbf, 0x55, 0x86, 0x1d, 0x04, 0xb3, 0x0e,
+ 0x32, 0x31, 0x34, 0xd6, 0x01, 0x82, 0x79, 0xb4, 0x9d, 0x48, 0xf3, 0x25,
+ 0x2f, 0xb4, 0xf9, 0x7d, 0xe7, 0xfa, 0x23, 0x92, 0x36, 0x87, 0x2f, 0xa2,
+ 0xf9, 0x99, 0x5c, 0x7e, 0x7c, 0xdb, 0x5b, 0x64, 0xcf, 0xb7, 0x74, 0x91,
+ 0xb7, 0x4a, 0x9f, 0xe7, 0x1f, 0x9a, 0x74, 0x1a, 0x6b, 0xdc, 0x7c, 0xa7,
+ 0x8a, 0x20, 0x94, 0x0a, 0x2d, 0xc7, 0xc6, 0xcf, 0x6e, 0x25, 0xe9, 0xa8,
+ 0x2c, 0xd9, 0xed, 0x78, 0x05, 0xa4, 0x65, 0x20, 0xa6, 0xa9, 0xed, 0x61,
+ 0xd9, 0xb7, 0xf8, 0x43, 0xf1, 0xcc, 0xff, 0x59, 0xcd, 0x6b, 0x9e, 0x7b,
+ 0x4c, 0x91, 0xe9, 0xab, 0x7a, 0x6f, 0x87, 0x7e, 0x66, 0x4a, 0xfb, 0xac,
+ 0xd6, 0xec, 0x95, 0xab, 0xa4, 0x4c, 0x68, 0x69, 0x4e, 0xb4, 0x80, 0xf5,
+ 0x32, 0x2b, 0xd4, 0xa5, 0x08, 0x88, 0x9f, 0x19, 0xf2, 0x12, 0x5c, 0xc1,
+ 0xcb, 0xcc, 0x46, 0xb5, 0xcc, 0x77, 0xbb, 0xc4, 0xc4, 0x01, 0xd9, 0xd6,
+ 0x49, 0x79, 0xe9, 0x62, 0x96, 0xe6, 0xc0, 0x43, 0xde, 0x00, 0x0d, 0xae,
+ 0x60, 0x06, 0x47, 0xb9, 0x5c, 0x81, 0x39, 0xa0, 0x06, 0x05, 0x2a, 0x62,
+ 0xab, 0xe5, 0x15, 0x47, 0xc9, 0x0a, 0xe3, 0x16, 0x6a, 0xfc, 0x4d, 0x73,
+ 0xbf, 0xee, 0x0b, 0x3f, 0x4d, 0x08, 0xee, 0x1c, 0x66, 0x03, 0x42, 0x56,
+ 0xd9, 0xfb, 0xe2, 0x8e, 0xd2, 0xf1, 0xc7, 0x41, 0x3d, 0x32, 0xa8, 0x64,
+ 0xa6, 0x81, 0x28, 0x7d, 0x0e, 0x6e, 0xb3, 0x2c, 0xb5, 0x64, 0xda, 0xda,
+ 0xf9, 0x0c, 0x4b, 0x77, 0x5a, 0xa2, 0xf3, 0xff, 0x96, 0xed, 0x47, 0x5b,
+ 0xe8, 0x03, 0xc1, 0x0a, 0x77, 0x25, 0x4b, 0x3c, 0xa1, 0x92, 0x30, 0xf0,
+ 0xa0, 0xfd, 0x3f, 0xac, 0x2d, 0xbd, 0x33, 0x05, 0x07, 0xfc, 0x48, 0x60,
+ 0xc2, 0xe7, 0x46, 0xc0, 0xf8, 0xcb, 0x4e, 0xed, 0xf5, 0x1e, 0xec, 0xd1,
+ 0x56, 0x6a, 0xcc, 0xfd, 0x4c, 0xb6, 0x18, 0xce, 0xa2, 0x79, 0xba, 0x81,
+ 0x3e, 0x8a, 0x41, 0x73, 0x76, 0xba, 0xde, 0xed, 0x44, 0x11, 0xd3, 0x62,
+ 0xa5, 0x99, 0xbc, 0x63, 0x32, 0xca, 0x42, 0xbf, 0xbf, 0x42, 0xc2, 0x70,
+ 0x64, 0x60, 0xd0, 0x4a, 0x9f, 0x33, 0x06, 0x0f, 0xed, 0x38, 0xa8, 0x3b,
+ 0xe7, 0xf6, 0x05, 0x46, 0x8d, 0x6f, 0x7b, 0x84, 0xb8, 0x90, 0x98, 0xd8,
+ 0x91, 0x93, 0xf8, 0x74, 0xee, 0xd6, 0x03, 0x96, 0x02, 0x15, 0x08, 0xcf,
+ 0x4a, 0xe4, 0xa0, 0x70, 0xa8, 0x5a, 0x3e, 0x77, 0x37, 0x20, 0xd9, 0xae,
+ 0x5e, 0x2e, 0x6f, 0xf7, 0xf9, 0x1a, 0x2d, 0xa9, 0x07, 0xa5, 0x48, 0x39,
+ 0x60, 0x95, 0x4e, 0x58, 0x6e, 0xff, 0xaa, 0x14, 0x50, 0x3a, 0x8f, 0x31,
+ 0x23, 0xb8, 0x54, 0x17, 0x78, 0xf2, 0x65, 0xcc, 0xf0, 0x7a, 0x8e, 0x60,
+ 0x35, 0x7e, 0x99, 0x89, 0x7f, 0x4f, 0xf7, 0xc2, 0x21, 0xc7, 0x11, 0xbf,
+ 0xf2, 0x20, 0xa3, 0x56, 0x91, 0xab, 0x26, 0xfe, 0x17, 0xf1, 0xa5, 0xf3};
+
+const uint8_t kSignEntropy[BCM_MLDSA_SEED_BYTES] = {
+ 0x7c, 0xf6, 0x8e, 0x63, 0x14, 0x04, 0x0b, 0x08, 0x20, 0x9b, 0x00,
+ 0x8c, 0x31, 0x48, 0xee, 0xd3, 0xe1, 0x6d, 0x5f, 0x71, 0x3b, 0xc7,
+ 0x08, 0x78, 0x05, 0x4b, 0x12, 0x4f, 0xf1, 0xf3, 0x50, 0x07};
+
+const uint8_t kExpectedCase1Signature[BCM_MLDSA65_SIGNATURE_BYTES] = {
+ 0xf8, 0xc7, 0x25, 0x84, 0x8b, 0x39, 0xd9, 0xd9, 0x80, 0xf0, 0x2f, 0xf7,
+ 0xa0, 0x24, 0x19, 0x08, 0x70, 0x65, 0xe2, 0xc8, 0x0a, 0xc4, 0xd3, 0xd5,
+ 0x97, 0x49, 0x31, 0xea, 0x7b, 0xd6, 0x64, 0xb6, 0x6e, 0x6b, 0xf3, 0xc7,
+ 0x5f, 0xcb, 0xe3, 0x42, 0xd5, 0x5e, 0xa2, 0xa8, 0x8a, 0x01, 0x9a, 0xfe,
+ 0x44, 0xe2, 0xa7, 0x87, 0xd7, 0x70, 0xab, 0x9d, 0xa8, 0xf0, 0x9c, 0x67,
+ 0xfb, 0x4c, 0x16, 0xa6, 0x86, 0x91, 0xe2, 0x26, 0x9b, 0xa2, 0xda, 0x94,
+ 0x96, 0x6d, 0xfc, 0x4e, 0xf2, 0x2f, 0x2b, 0xcf, 0xf3, 0xc2, 0x7e, 0xe5,
+ 0x73, 0x1a, 0xac, 0xa3, 0x2c, 0x4d, 0x82, 0x28, 0x82, 0xa5, 0x82, 0x40,
+ 0x3d, 0x9a, 0xf6, 0x4b, 0xee, 0xae, 0xb7, 0x37, 0xd8, 0x2d, 0x80, 0xdd,
+ 0xcb, 0x52, 0xce, 0xea, 0xde, 0x51, 0xb9, 0x3e, 0x34, 0x7a, 0xfd, 0x3d,
+ 0x79, 0x38, 0xf6, 0xe9, 0x48, 0x1c, 0x07, 0x5f, 0xb8, 0x02, 0xa5, 0xa4,
+ 0xab, 0x45, 0xe7, 0x66, 0xf5, 0x9a, 0x23, 0xfe, 0x72, 0xcb, 0xd0, 0xa0,
+ 0x18, 0x74, 0x75, 0xc2, 0x1c, 0xcf, 0xd6, 0x69, 0x62, 0xa0, 0xe3, 0xde,
+ 0xa7, 0x2b, 0x0a, 0xf0, 0x1c, 0xb3, 0x51, 0x41, 0xf9, 0xfe, 0x2c, 0xff,
+ 0x82, 0xa3, 0x46, 0x6f, 0xb5, 0x55, 0x0d, 0xaa, 0xd1, 0x0e, 0xc8, 0x31,
+ 0xc6, 0xdf, 0x61, 0xe8, 0x96, 0x78, 0x85, 0x08, 0xf4, 0x62, 0x48, 0xfd,
+ 0x1d, 0x82, 0xf7, 0x9b, 0x7b, 0xbe, 0xee, 0x47, 0xcf, 0x17, 0xf7, 0x5a,
+ 0xed, 0xfa, 0x89, 0x94, 0x3e, 0xc3, 0xba, 0x37, 0xa5, 0xe4, 0xfb, 0x72,
+ 0x32, 0x90, 0xc2, 0x46, 0xd3, 0x02, 0x3f, 0xf5, 0xb1, 0x73, 0xbd, 0x9f,
+ 0x09, 0xa8, 0x61, 0x13, 0x75, 0xf2, 0xa6, 0xfc, 0x19, 0x44, 0xe7, 0xfd,
+ 0x1c, 0xcf, 0xa2, 0x24, 0x79, 0x39, 0x3a, 0xf1, 0xe4, 0x96, 0xe0, 0xd8,
+ 0xcb, 0x9b, 0x1f, 0xab, 0x20, 0x7e, 0x21, 0xbb, 0xf7, 0xe2, 0x7e, 0xd0,
+ 0xaf, 0x2b, 0x04, 0xbf, 0x35, 0xad, 0x04, 0x09, 0x11, 0xfa, 0x45, 0xaa,
+ 0xee, 0x30, 0x62, 0xd4, 0x41, 0x39, 0xed, 0x00, 0xe3, 0x06, 0x7d, 0x0c,
+ 0x91, 0x2d, 0x4b, 0x8d, 0xdb, 0xf6, 0x98, 0x5b, 0x0b, 0x26, 0x9a, 0x79,
+ 0x19, 0x58, 0x2f, 0x3d, 0x80, 0xb7, 0x7a, 0x49, 0xc7, 0x6d, 0xfb, 0xd6,
+ 0xa6, 0x86, 0xef, 0x5b, 0xd2, 0x4d, 0xa6, 0x14, 0xb9, 0x01, 0xe9, 0x30,
+ 0xd1, 0xf1, 0xcf, 0x05, 0x93, 0xb1, 0x35, 0xdd, 0xa2, 0x6c, 0x99, 0x41,
+ 0x37, 0x61, 0xa4, 0x49, 0x72, 0xb2, 0x75, 0xe7, 0x2c, 0x16, 0xd1, 0x9e,
+ 0xc3, 0x57, 0x74, 0x23, 0x29, 0x66, 0x3f, 0xd2, 0xa3, 0x0f, 0xfe, 0xda,
+ 0xd2, 0xa8, 0x7a, 0xce, 0x18, 0x34, 0x1b, 0x15, 0xf8, 0x7d, 0x07, 0x9e,
+ 0x8e, 0x6b, 0x2c, 0x50, 0xa8, 0xfb, 0x81, 0x8e, 0x2b, 0xe5, 0x54, 0xb7,
+ 0xc9, 0x17, 0x26, 0xa5, 0xbf, 0x70, 0xf0, 0x45, 0xf0, 0xfb, 0x92, 0x55,
+ 0x94, 0x90, 0x53, 0x3a, 0xc3, 0x36, 0x4a, 0xe7, 0xa7, 0xae, 0x9f, 0x76,
+ 0x2b, 0x09, 0x12, 0xf2, 0xe6, 0x10, 0x98, 0xf1, 0x6d, 0x9f, 0x4e, 0x5d,
+ 0xdf, 0x79, 0x30, 0xf4, 0x1d, 0x6a, 0x21, 0xa0, 0x9b, 0xf7, 0x6c, 0x67,
+ 0xa5, 0x62, 0x55, 0x61, 0xa2, 0x31, 0xc9, 0xc9, 0x4b, 0x94, 0xd4, 0x91,
+ 0xc1, 0xba, 0xb0, 0x9d, 0x65, 0x68, 0xb9, 0x92, 0xcb, 0xd4, 0x2a, 0x86,
+ 0x81, 0x23, 0xff, 0x64, 0x7e, 0x70, 0xce, 0xfc, 0xab, 0x7f, 0x9f, 0xce,
+ 0xcb, 0x34, 0xff, 0xe7, 0xbc, 0xbb, 0x65, 0x45, 0x08, 0x7e, 0xc7, 0xa1,
+ 0x89, 0x89, 0x9c, 0x85, 0xbf, 0x05, 0x2e, 0x68, 0x7e, 0x33, 0x44, 0x7d,
+ 0x4e, 0xdb, 0xed, 0xf5, 0xe3, 0xee, 0x6a, 0x05, 0x11, 0x40, 0xad, 0xf0,
+ 0xa4, 0x3a, 0x92, 0xf1, 0x3b, 0x40, 0xa1, 0x61, 0xb9, 0x76, 0xc8, 0xd6,
+ 0x77, 0xf9, 0x9e, 0xb5, 0x95, 0x97, 0xdb, 0x1f, 0x5c, 0xbc, 0x31, 0x57,
+ 0x5b, 0xf4, 0x2d, 0x9a, 0x68, 0x2b, 0x1b, 0x44, 0xb3, 0xdc, 0xb6, 0x29,
+ 0xa5, 0x9a, 0xea, 0xcd, 0x28, 0xb0, 0xcf, 0xbc, 0xbd, 0xaf, 0x68, 0x81,
+ 0xd5, 0xd1, 0xfe, 0xb2, 0xd7, 0xfa, 0xd7, 0x76, 0xc8, 0xec, 0x01, 0xc4,
+ 0x7f, 0x73, 0xd4, 0x50, 0x30, 0xc6, 0x12, 0x3c, 0x9f, 0xa9, 0x88, 0xe9,
+ 0xdb, 0x6e, 0x8d, 0x1e, 0xeb, 0xa0, 0xfa, 0x46, 0x30, 0x2f, 0x84, 0x53,
+ 0x24, 0xe4, 0xeb, 0x4d, 0xdb, 0x83, 0xf5, 0x5b, 0x53, 0xc4, 0xeb, 0x02,
+ 0x39, 0xb5, 0x7f, 0x7e, 0x30, 0x53, 0x03, 0x48, 0xd3, 0x2f, 0x85, 0xf9,
+ 0xf8, 0x25, 0xf4, 0x80, 0x78, 0x7a, 0x7a, 0xf9, 0x95, 0x52, 0xb1, 0xc9,
+ 0x6b, 0x75, 0xc2, 0x55, 0x9d, 0xd2, 0xa5, 0x03, 0x54, 0x24, 0xec, 0xf3,
+ 0xef, 0x1b, 0x9c, 0xae, 0xde, 0xad, 0xd1, 0x7e, 0x9b, 0xdc, 0x7b, 0x7c,
+ 0x1b, 0x9b, 0xae, 0x00, 0x53, 0xba, 0xa0, 0x64, 0xb0, 0x16, 0xa6, 0xc8,
+ 0xe0, 0x24, 0xb0, 0xa1, 0x0d, 0xbd, 0xa0, 0x88, 0x49, 0x4d, 0x18, 0xd2,
+ 0x3d, 0xf2, 0x82, 0x3e, 0x5e, 0xbf, 0x08, 0x30, 0xa0, 0x6d, 0xa7, 0xd8,
+ 0xa5, 0x53, 0xd7, 0xa5, 0xaa, 0x3e, 0x63, 0xcc, 0xeb, 0x16, 0x97, 0xb9,
+ 0x2a, 0x4f, 0xcc, 0x92, 0x36, 0x70, 0xb9, 0xf2, 0xd3, 0xf6, 0x45, 0x90,
+ 0x41, 0x9e, 0x88, 0xc4, 0x28, 0x4c, 0x28, 0x72, 0x51, 0xdf, 0xd1, 0x97,
+ 0xa3, 0xe2, 0xe4, 0xa8, 0x6f, 0x79, 0x38, 0x56, 0x27, 0x17, 0xb5, 0x21,
+ 0x60, 0x3a, 0xd9, 0x21, 0x5c, 0x69, 0x41, 0xaa, 0x75, 0xa3, 0x98, 0x6c,
+ 0x2e, 0xb3, 0x79, 0xac, 0xd2, 0x16, 0x26, 0x09, 0x26, 0xc0, 0x05, 0x0a,
+ 0x6a, 0x60, 0xaf, 0x65, 0x78, 0xb2, 0x3f, 0xcd, 0xa5, 0x3b, 0xda, 0x7b,
+ 0x2d, 0x94, 0x66, 0xc1, 0x24, 0x4b, 0x52, 0xd8, 0x6b, 0xa5, 0x14, 0x8b,
+ 0xc3, 0x6d, 0xa6, 0x5c, 0xea, 0x4b, 0x32, 0x22, 0xad, 0x1d, 0xf3, 0x6b,
+ 0x7c, 0x89, 0xfa, 0xd6, 0xc4, 0x9e, 0x8a, 0x77, 0xef, 0x79, 0xcb, 0x59,
+ 0x4f, 0x2c, 0x3b, 0xba, 0xbd, 0xd9, 0xb3, 0x9d, 0x91, 0x29, 0xd5, 0xf6,
+ 0x57, 0xf8, 0x39, 0x7a, 0xf0, 0x0f, 0x1a, 0x89, 0xcb, 0xcb, 0x22, 0x15,
+ 0x08, 0x6d, 0xca, 0x01, 0x8a, 0x15, 0xb3, 0x47, 0xe6, 0x23, 0x7c, 0xe6,
+ 0xec, 0x10, 0xdc, 0x70, 0x16, 0xec, 0x53, 0x39, 0x1d, 0x77, 0x07, 0x8b,
+ 0xbf, 0x8b, 0x85, 0x92, 0x82, 0x3b, 0xf5, 0xe2, 0x8c, 0x80, 0x28, 0x4c,
+ 0xb8, 0x1e, 0xca, 0x57, 0x76, 0x95, 0xeb, 0x97, 0xfd, 0x3d, 0x47, 0x9a,
+ 0xf8, 0x3e, 0x0e, 0xda, 0xb2, 0x41, 0x09, 0xa8, 0x26, 0x1f, 0x11, 0x80,
+ 0xde, 0x18, 0xa5, 0x5c, 0x07, 0x54, 0x57, 0xe3, 0xd5, 0x3e, 0x3f, 0x78,
+ 0x3f, 0x5b, 0x2d, 0x77, 0x69, 0x15, 0x0b, 0xd6, 0x8c, 0xbc, 0x98, 0xf2,
+ 0x86, 0x53, 0x0b, 0x91, 0x46, 0x87, 0x03, 0xfc, 0x05, 0x7f, 0x5b, 0x40,
+ 0x39, 0xa8, 0xe7, 0xbf, 0xe6, 0x18, 0x09, 0xd5, 0x91, 0xa9, 0xec, 0x06,
+ 0x1f, 0x85, 0xc5, 0xf7, 0x94, 0xbe, 0x72, 0x03, 0x2e, 0xaa, 0xbc, 0xbb,
+ 0x4e, 0x8d, 0xfd, 0x27, 0x7c, 0xb4, 0x09, 0x63, 0x8d, 0xca, 0x33, 0x9e,
+ 0x51, 0xc3, 0xa3, 0x5c, 0xcd, 0x02, 0xe0, 0x62, 0x60, 0x53, 0xf2, 0x7f,
+ 0x4a, 0xa9, 0xcb, 0x46, 0xc1, 0xaf, 0x0e, 0x5e, 0x3f, 0xa9, 0x72, 0x14,
+ 0x99, 0x30, 0x0a, 0x81, 0x5c, 0xf3, 0x13, 0xbc, 0x61, 0xf2, 0xf5, 0x6d,
+ 0x89, 0xc1, 0x6f, 0x48, 0xeb, 0x43, 0xc3, 0x48, 0xcf, 0xb7, 0x18, 0x36,
+ 0x88, 0x9e, 0x1b, 0xc0, 0x1f, 0xa7, 0xea, 0x95, 0x12, 0xd3, 0x07, 0x4d,
+ 0xc6, 0xad, 0xb7, 0xef, 0x6c, 0x59, 0xb3, 0xee, 0x04, 0xec, 0x4b, 0xff,
+ 0x4a, 0xcc, 0x7c, 0x33, 0x7d, 0x8b, 0xd3, 0x29, 0x31, 0x77, 0xbd, 0x73,
+ 0x1e, 0x10, 0x53, 0x5a, 0x79, 0x70, 0xca, 0xb5, 0x9f, 0x20, 0x0b, 0x0b,
+ 0x31, 0xd5, 0x5d, 0xd9, 0x2b, 0x4a, 0xc4, 0x87, 0x55, 0xd9, 0xaa, 0x2e,
+ 0x8b, 0x65, 0xb0, 0xf4, 0x06, 0xc7, 0xf2, 0x9a, 0xa0, 0x65, 0xcc, 0x30,
+ 0x24, 0x8d, 0x1a, 0x61, 0x3f, 0xc7, 0x72, 0x3c, 0xf3, 0x17, 0xff, 0x0a,
+ 0x58, 0x82, 0xcf, 0x42, 0x96, 0x49, 0x67, 0x55, 0x79, 0x15, 0x12, 0x96,
+ 0xfa, 0x28, 0xfe, 0x77, 0xfc, 0x8f, 0x30, 0x96, 0x03, 0xf6, 0x79, 0x03,
+ 0x38, 0x49, 0x70, 0x48, 0x5c, 0xb8, 0x8e, 0x65, 0x67, 0xe1, 0x85, 0x6b,
+ 0x70, 0x3c, 0x69, 0xd0, 0x43, 0x0f, 0x4b, 0xa4, 0x04, 0x06, 0xd8, 0xec,
+ 0x26, 0xea, 0xac, 0xd5, 0xd9, 0x6c, 0x8b, 0xb4, 0x13, 0xd0, 0x07, 0xd3,
+ 0x41, 0x28, 0xa7, 0xbf, 0x0c, 0xe4, 0x5b, 0xa9, 0xb7, 0x3d, 0x2d, 0x5d,
+ 0x10, 0xbc, 0xbe, 0xa8, 0x26, 0xe0, 0x0a, 0x92, 0xae, 0xc2, 0x80, 0xd1,
+ 0x85, 0x94, 0x0e, 0x78, 0x24, 0xd6, 0xd5, 0x11, 0x87, 0xa3, 0xd4, 0x3c,
+ 0x63, 0x49, 0x12, 0x64, 0x3e, 0xee, 0xd9, 0x79, 0x2b, 0x84, 0xa1, 0x08,
+ 0x07, 0xcc, 0xa8, 0xc2, 0x8b, 0x91, 0x4c, 0xad, 0x39, 0x1b, 0xb7, 0x1d,
+ 0xa1, 0x22, 0x1a, 0x60, 0x5a, 0x5b, 0x9b, 0x5f, 0x5b, 0x10, 0x46, 0x25,
+ 0x34, 0xe1, 0x3f, 0x6c, 0xc2, 0xd9, 0xab, 0x32, 0x73, 0xa4, 0xde, 0xf1,
+ 0x34, 0x05, 0x04, 0x0a, 0x4c, 0x05, 0xa8, 0x7e, 0xad, 0x1d, 0x98, 0x50,
+ 0xf9, 0x11, 0xe1, 0x9a, 0x90, 0x7b, 0x3c, 0x39, 0xf9, 0x2d, 0x98, 0x28,
+ 0x9e, 0xf5, 0xc4, 0xa5, 0xc9, 0x4d, 0xa5, 0x74, 0xaf, 0x2f, 0x03, 0x97,
+ 0xd5, 0x20, 0x81, 0x40, 0xf3, 0x3e, 0x67, 0x18, 0xb9, 0x98, 0x57, 0xee,
+ 0xc0, 0x8e, 0x9b, 0x21, 0x4a, 0x87, 0xc2, 0x21, 0x9b, 0x42, 0xf7, 0xd1,
+ 0x51, 0x81, 0x23, 0x6c, 0x06, 0xa0, 0xcc, 0x09, 0x15, 0x1a, 0xa6, 0x7b,
+ 0xe9, 0xbe, 0x9f, 0xac, 0x8b, 0x08, 0x8b, 0xb8, 0xa3, 0x7d, 0x04, 0xb0,
+ 0xc0, 0x49, 0x62, 0x85, 0x7e, 0xb7, 0xd0, 0x3d, 0x1d, 0x78, 0xfc, 0x6a,
+ 0x76, 0xfb, 0x5c, 0x60, 0x22, 0xe4, 0xec, 0x09, 0xe0, 0x40, 0xde, 0x03,
+ 0xe5, 0xb1, 0x5e, 0xd7, 0x06, 0xc7, 0x06, 0xf6, 0x6c, 0x66, 0x4b, 0xb6,
+ 0x72, 0xaf, 0x59, 0xd7, 0x04, 0x34, 0xee, 0x64, 0xbe, 0x1b, 0xd2, 0xdf,
+ 0x74, 0x20, 0x05, 0xc8, 0x83, 0xf2, 0xfd, 0x62, 0xb4, 0xb6, 0x85, 0x46,
+ 0x14, 0x33, 0x23, 0x1d, 0xcc, 0xd3, 0x4b, 0x37, 0x96, 0xe4, 0x04, 0xb5,
+ 0x92, 0x0c, 0x6f, 0x52, 0xc9, 0xe2, 0xe7, 0xb2, 0xca, 0x01, 0x9e, 0xc6,
+ 0x51, 0x7a, 0x9e, 0xce, 0xb2, 0x76, 0xf8, 0x74, 0xa2, 0x4c, 0xaa, 0x66,
+ 0x9a, 0x7d, 0x64, 0x24, 0x4f, 0xe3, 0x33, 0xa4, 0xca, 0x26, 0xdd, 0x24,
+ 0xf0, 0xd0, 0x38, 0xf3, 0x81, 0x0a, 0xf1, 0x06, 0xd7, 0x07, 0xe9, 0x1a,
+ 0x85, 0x98, 0x9d, 0x3e, 0xb3, 0x80, 0x9d, 0xaf, 0xeb, 0x48, 0xee, 0xee,
+ 0x04, 0x6c, 0xb1, 0x6a, 0x81, 0x97, 0x26, 0x14, 0x60, 0x16, 0xfd, 0x0e,
+ 0x6a, 0xda, 0xb6, 0x0e, 0xff, 0xd5, 0x6c, 0x65, 0x1c, 0xd1, 0xe2, 0xfa,
+ 0xcc, 0x75, 0x6c, 0xb6, 0x10, 0x03, 0x5d, 0x41, 0xe6, 0x47, 0x95, 0x43,
+ 0xa5, 0x7a, 0xd1, 0xc5, 0xc5, 0xd9, 0xdd, 0x7f, 0x6c, 0xcb, 0x4d, 0x9c,
+ 0x77, 0x04, 0x57, 0x74, 0x90, 0x08, 0x03, 0x5f, 0x3a, 0xb1, 0x08, 0x3f,
+ 0x64, 0xaa, 0x7c, 0x75, 0x9e, 0xfa, 0x14, 0x8b, 0x3c, 0x76, 0xba, 0x20,
+ 0x8b, 0x9b, 0xee, 0x4d, 0xf1, 0x3a, 0x79, 0xdc, 0x97, 0xe6, 0x14, 0x28,
+ 0xee, 0x8b, 0xa4, 0x55, 0x9d, 0xe8, 0x08, 0x83, 0xa9, 0x27, 0x11, 0xd8,
+ 0x24, 0x5d, 0x0e, 0x0a, 0xab, 0x67, 0xfb, 0xd5, 0xda, 0x38, 0x36, 0x7b,
+ 0x25, 0x79, 0xef, 0xb1, 0x30, 0x50, 0x36, 0xf7, 0xfa, 0x8d, 0xc0, 0x82,
+ 0x7a, 0xec, 0x74, 0xde, 0x7a, 0x9d, 0xe4, 0x46, 0xe9, 0x23, 0x9e, 0xa9,
+ 0x90, 0x18, 0x6e, 0xbe, 0xc8, 0x37, 0xc7, 0x47, 0xb3, 0x17, 0x76, 0x2a,
+ 0x4a, 0x97, 0x75, 0x42, 0xee, 0x23, 0x7e, 0x98, 0x89, 0xd6, 0x86, 0x09,
+ 0x28, 0x9c, 0x24, 0xdf, 0x74, 0xa0, 0x2d, 0x3d, 0x17, 0x27, 0x9b, 0x90,
+ 0x51, 0xdd, 0xce, 0xc2, 0xef, 0x4f, 0xce, 0x38, 0x97, 0x69, 0x4e, 0xe9,
+ 0xb6, 0xdf, 0x0e, 0x5f, 0xcb, 0x1f, 0x3b, 0x31, 0xaa, 0xbf, 0xc7, 0x10,
+ 0x29, 0xea, 0xb7, 0x30, 0x9f, 0x43, 0x7d, 0x37, 0xcd, 0x72, 0x1c, 0x27,
+ 0x2b, 0xf7, 0x56, 0x9c, 0x94, 0xe7, 0xc8, 0x1a, 0x2a, 0xad, 0xa1, 0xfe,
+ 0x90, 0xe0, 0xdd, 0xb2, 0x75, 0xe4, 0xd9, 0x36, 0x55, 0xed, 0x9f, 0x5d,
+ 0x07, 0xa8, 0x5c, 0x63, 0x67, 0x8a, 0x12, 0x35, 0xa1, 0xef, 0x78, 0x85,
+ 0xf0, 0x37, 0x6f, 0x37, 0xce, 0x34, 0x75, 0x9a, 0x3c, 0x54, 0xcb, 0x36,
+ 0x8f, 0xfc, 0x41, 0x70, 0x23, 0x19, 0xd1, 0x15, 0xb3, 0x6c, 0xc5, 0x0b,
+ 0x51, 0x9d, 0xf2, 0x83, 0xc9, 0x4b, 0x62, 0x84, 0x12, 0xba, 0x6b, 0xee,
+ 0xd3, 0x4f, 0x80, 0xa7, 0xe3, 0x30, 0x19, 0xe3, 0x20, 0x44, 0xb1, 0x25,
+ 0xe2, 0x5a, 0xaa, 0xb0, 0x81, 0x1a, 0x6a, 0x6a, 0xd7, 0xb2, 0xc4, 0x64,
+ 0x87, 0x25, 0x7e, 0xe1, 0x5f, 0x82, 0x17, 0x1f, 0xce, 0x1a, 0x2d, 0x04,
+ 0x58, 0xad, 0x5f, 0x2a, 0x3d, 0xd2, 0xb8, 0xa9, 0xa2, 0x72, 0x19, 0x24,
+ 0x8d, 0x1b, 0x04, 0x89, 0x62, 0xf5, 0x6b, 0xdd, 0xb0, 0x66, 0x62, 0x59,
+ 0x0d, 0xb3, 0xa9, 0x03, 0x07, 0x11, 0x55, 0x51, 0xfa, 0x14, 0x49, 0x31,
+ 0xe6, 0x38, 0x66, 0x79, 0x07, 0xa8, 0xeb, 0xc5, 0x4b, 0x61, 0x8f, 0x59,
+ 0xb1, 0x18, 0x55, 0x28, 0x5c, 0x82, 0xff, 0x4a, 0xd3, 0x28, 0x47, 0xcc,
+ 0xc1, 0xba, 0xa4, 0xce, 0x2a, 0x9d, 0x28, 0x24, 0x69, 0x28, 0x13, 0x4f,
+ 0x06, 0x0f, 0xa3, 0x71, 0x6b, 0x17, 0x7b, 0xf4, 0x2c, 0x6d, 0xdb, 0xcc,
+ 0x6c, 0x4e, 0x8a, 0x04, 0x58, 0x20, 0x26, 0x54, 0xf9, 0x4d, 0x7c, 0x67,
+ 0xb8, 0x63, 0x55, 0x23, 0x94, 0xe6, 0x3c, 0xf7, 0x11, 0x61, 0x38, 0x9c,
+ 0x1a, 0x40, 0x5c, 0x3d, 0xb2, 0x35, 0xde, 0x35, 0x1f, 0x38, 0x48, 0xc5,
+ 0x15, 0x59, 0x2f, 0xa7, 0x81, 0xe8, 0x53, 0xe8, 0x46, 0x59, 0x3e, 0xf4,
+ 0xc8, 0x01, 0x33, 0xd6, 0xdd, 0xe6, 0xf3, 0xa5, 0x2a, 0x09, 0x54, 0x1a,
+ 0x92, 0x37, 0x3e, 0x9f, 0x54, 0xb6, 0x81, 0x5d, 0xf3, 0x74, 0x6b, 0x56,
+ 0x01, 0xc9, 0xfd, 0x4b, 0xa5, 0x54, 0x08, 0x27, 0x54, 0x21, 0xb2, 0xad,
+ 0x6c, 0x17, 0xdf, 0x4a, 0x29, 0x1e, 0xf8, 0xde, 0xc7, 0x51, 0x59, 0x55,
+ 0xa9, 0x3a, 0xf8, 0xe8, 0xa8, 0x56, 0x5c, 0x8a, 0x04, 0xff, 0x51, 0x8c,
+ 0x10, 0xd2, 0x22, 0xc7, 0x3b, 0x3c, 0xa4, 0xb1, 0x6d, 0x41, 0xb6, 0xaa,
+ 0x5b, 0x24, 0x17, 0x3b, 0x87, 0xb0, 0xa8, 0xd9, 0x93, 0x3f, 0x6b, 0xff,
+ 0x56, 0x83, 0xcc, 0x09, 0x5c, 0x15, 0xe8, 0x99, 0xa6, 0x17, 0xc3, 0xef,
+ 0xa1, 0x4b, 0xf7, 0x81, 0x7b, 0x62, 0x3a, 0x8a, 0x6a, 0x5c, 0x57, 0x4f,
+ 0x6d, 0xf4, 0x79, 0x7f, 0x69, 0xd9, 0xde, 0x40, 0xb8, 0xb0, 0x96, 0x70,
+ 0x1c, 0xaf, 0x94, 0xb5, 0x45, 0x02, 0xff, 0xf7, 0x23, 0x04, 0x7e, 0xc0,
+ 0xa1, 0x93, 0x2f, 0x9e, 0x7d, 0xc0, 0x81, 0x00, 0x4f, 0xed, 0xb5, 0xaa,
+ 0x7c, 0x25, 0x5f, 0x8b, 0x76, 0xd8, 0x45, 0xee, 0xf2, 0x9f, 0xc6, 0xb4,
+ 0x0c, 0x08, 0xd8, 0x7d, 0x1f, 0x25, 0xcc, 0x8f, 0x1e, 0x5b, 0xaa, 0x75,
+ 0x0b, 0xec, 0x61, 0xcf, 0xe2, 0x08, 0xc1, 0x45, 0x9d, 0x08, 0x7e, 0xc0,
+ 0xa8, 0x73, 0xc8, 0x2e, 0xcb, 0xa7, 0x5a, 0x71, 0xce, 0x8f, 0x7f, 0xe6,
+ 0xf6, 0x35, 0xe5, 0xcf, 0xac, 0x24, 0xf7, 0x71, 0x18, 0x27, 0x60, 0x3e,
+ 0xf8, 0x37, 0x3a, 0x81, 0x66, 0xee, 0x41, 0xf0, 0x72, 0x3b, 0x43, 0x40,
+ 0xa2, 0xd7, 0x99, 0x34, 0xda, 0xa3, 0xcc, 0xf4, 0xb7, 0x66, 0xd7, 0xad,
+ 0xab, 0x58, 0xee, 0x52, 0xa0, 0xb1, 0xbb, 0xd4, 0x3d, 0x30, 0x6d, 0x31,
+ 0xe5, 0xf8, 0x1e, 0xc8, 0x5d, 0x78, 0x35, 0x2a, 0xd5, 0x36, 0xd9, 0x08,
+ 0x20, 0x5f, 0x51, 0x07, 0x58, 0x02, 0x5f, 0x3a, 0x81, 0x90, 0x03, 0x35,
+ 0x74, 0xb4, 0x87, 0xae, 0x18, 0xe0, 0xeb, 0x73, 0x05, 0x63, 0xf1, 0x42,
+ 0x7e, 0x49, 0x26, 0xbd, 0xce, 0x8c, 0xab, 0x18, 0x70, 0xf7, 0x88, 0x22,
+ 0xc7, 0x6a, 0xe4, 0x55, 0xab, 0x31, 0x7e, 0xaa, 0x0b, 0x22, 0xff, 0xdd,
+ 0x4c, 0x80, 0x1f, 0x94, 0x64, 0xb0, 0x7d, 0x18, 0x69, 0x33, 0xf2, 0xc8,
+ 0x0a, 0x2e, 0x33, 0x8a, 0x0f, 0x47, 0x10, 0xeb, 0x6c, 0x5a, 0x6f, 0x4f,
+ 0x80, 0xb9, 0x29, 0x9f, 0x88, 0x88, 0x23, 0x75, 0x1e, 0xb8, 0xad, 0x76,
+ 0x75, 0x3a, 0x18, 0xbb, 0x9d, 0x92, 0x76, 0x53, 0x5b, 0x6d, 0x5b, 0x7a,
+ 0xc4, 0x34, 0x1c, 0x6e, 0xc7, 0xb4, 0x24, 0x7c, 0xd8, 0x27, 0x47, 0x74,
+ 0xb5, 0xf5, 0x5f, 0xcb, 0x90, 0x54, 0x00, 0x8e, 0xdd, 0xe1, 0x81, 0xf0,
+ 0xbb, 0xc5, 0xf9, 0x7d, 0x28, 0x07, 0x8d, 0xb2, 0x9b, 0x0c, 0x56, 0x80,
+ 0xa7, 0xa7, 0x2f, 0x84, 0x9a, 0xef, 0x70, 0xa9, 0x92, 0x40, 0xcc, 0xf9,
+ 0xd5, 0xee, 0xbe, 0x65, 0x8a, 0x79, 0xc8, 0xfb, 0x31, 0x4b, 0x6f, 0x79,
+ 0xfc, 0xc9, 0x52, 0x47, 0x38, 0xb9, 0x36, 0x08, 0xe7, 0xab, 0xb4, 0x60,
+ 0xe6, 0x9d, 0xc8, 0xb6, 0x77, 0x28, 0x53, 0x62, 0x70, 0x8a, 0x9a, 0xe1,
+ 0xbb, 0xc0, 0xa9, 0xae, 0x4f, 0xd5, 0x1b, 0x96, 0xdc, 0x7e, 0x8c, 0x4d,
+ 0x96, 0xe2, 0x23, 0x15, 0xaa, 0x6c, 0xf2, 0xca, 0x42, 0xae, 0xb8, 0xfa,
+ 0xea, 0x69, 0xcf, 0xe2, 0xcb, 0x95, 0x87, 0xa9, 0xfa, 0x27, 0x28, 0xdb,
+ 0xa4, 0xa2, 0xb2, 0x89, 0x6c, 0x8a, 0x8b, 0x70, 0x9c, 0xae, 0x45, 0xb1,
+ 0xce, 0x2a, 0xf4, 0x09, 0xeb, 0x52, 0x55, 0x67, 0xb8, 0x48, 0x60, 0xe2,
+ 0xae, 0x6d, 0x5b, 0x6f, 0xa4, 0x43, 0x08, 0xb6, 0x0b, 0x76, 0xce, 0x3c,
+ 0xbf, 0xb3, 0xc6, 0x09, 0x67, 0x18, 0xe6, 0x81, 0xea, 0x41, 0x13, 0x74,
+ 0x4a, 0x07, 0x95, 0x1f, 0xdb, 0x06, 0xa6, 0x45, 0x28, 0x0a, 0x65, 0x0e,
+ 0x4a, 0x4a, 0x55, 0x18, 0x9e, 0x0d, 0x22, 0x6c, 0xdb, 0x58, 0xde, 0x8f,
+ 0x5d, 0x56, 0xd3, 0xdf, 0xdc, 0xb9, 0x3c, 0x9e, 0xc9, 0xe5, 0x9a, 0xb1,
+ 0x33, 0xca, 0x09, 0x18, 0x89, 0x94, 0x08, 0xad, 0xa8, 0xc4, 0x97, 0x23,
+ 0x6c, 0xc4, 0x06, 0x44, 0xd7, 0xa2, 0x94, 0x88, 0x60, 0xfe, 0x56, 0x0e,
+ 0xd4, 0x71, 0xd8, 0xd5, 0xbf, 0x3d, 0x50, 0x92, 0xc4, 0x4a, 0xf0, 0x74,
+ 0x79, 0x70, 0x11, 0xaa, 0x49, 0xb7, 0x18, 0x83, 0xf7, 0xe6, 0x1b, 0x53,
+ 0xcd, 0x39, 0xf6, 0xe8, 0xed, 0x93, 0xa4, 0x36, 0xb9, 0x74, 0xee, 0x80,
+ 0x67, 0x0b, 0xa9, 0xd6, 0x0c, 0x8e, 0xdc, 0x54, 0x32, 0x81, 0x27, 0x95,
+ 0x9c, 0x5b, 0x5a, 0x44, 0x99, 0x0d, 0xb8, 0x89, 0xb0, 0xef, 0x01, 0x42,
+ 0x92, 0x6f, 0xb1, 0x28, 0x81, 0x5b, 0xd8, 0xd0, 0x54, 0xcf, 0x90, 0x4c,
+ 0xc7, 0x6c, 0xd3, 0x8b, 0x0f, 0xf4, 0x34, 0xca, 0x6e, 0xb0, 0x4e, 0xe8,
+ 0xb8, 0x1c, 0x14, 0x63, 0x91, 0x94, 0x3e, 0xcc, 0xa8, 0xbc, 0xb4, 0x28,
+ 0xb3, 0x78, 0x6b, 0xe3, 0x98, 0xfe, 0x80, 0xe8, 0xd9, 0xd7, 0x42, 0xd0,
+ 0x36, 0x1b, 0x3a, 0x22, 0xd3, 0x25, 0x64, 0x37, 0xb2, 0xa7, 0x56, 0x41,
+ 0xa0, 0xf3, 0xb3, 0x7f, 0x11, 0x0c, 0x0f, 0x41, 0x44, 0x92, 0xa5, 0xeb,
+ 0xf6, 0xd4, 0x56, 0x19, 0x41, 0xd4, 0x7e, 0x57, 0x57, 0xa3, 0xb6, 0x12,
+ 0x1d, 0xaf, 0xa6, 0xab, 0x62, 0xc3, 0x5d, 0x74, 0x4f, 0x44, 0xe1, 0xdc,
+ 0xcc, 0x45, 0xbd, 0x34, 0xce, 0x2e, 0x60, 0xcb, 0x21, 0x7d, 0x8b, 0xd8,
+ 0xfe, 0xbc, 0xdc, 0x2e, 0x72, 0xb8, 0xa7, 0x0e, 0x2f, 0x79, 0xc9, 0xc2,
+ 0xf7, 0xf1, 0xd4, 0xf4, 0x36, 0xec, 0x53, 0x31, 0x79, 0x18, 0x85, 0xa3,
+ 0xb4, 0xb0, 0x0e, 0xc1, 0xc9, 0x41, 0xdb, 0x7a, 0x7f, 0xd2, 0x34, 0x35,
+ 0x5c, 0x4b, 0x52, 0x83, 0x80, 0xe6, 0xf2, 0x18, 0x6f, 0xae, 0x37, 0x8c,
+ 0x95, 0x38, 0x8b, 0x44, 0x8d, 0x22, 0x84, 0xd1, 0xd5, 0xc1, 0x01, 0x9c,
+ 0xf0, 0x56, 0x8e, 0x48, 0x5d, 0xab, 0x2d, 0x70, 0x6a, 0x29, 0xca, 0x91,
+ 0x0c, 0x03, 0xaa, 0xaf, 0x8c, 0x28, 0xd2, 0x97, 0x4a, 0x60, 0xac, 0xf4,
+ 0x9c, 0x26, 0xc3, 0xe8, 0x7d, 0xac, 0xc0, 0xc8, 0xe4, 0xf4, 0xad, 0x94,
+ 0x01, 0xcc, 0x5f, 0x13, 0x83, 0x3a, 0x2c, 0xf2, 0xc8, 0xc0, 0xc6, 0x7d,
+ 0x1a, 0x00, 0x54, 0x7e, 0xee, 0xa1, 0xb0, 0x33, 0x21, 0x7f, 0x3f, 0x45,
+ 0xff, 0xdb, 0x6e, 0x9d, 0xca, 0x65, 0xe0, 0x60, 0x8f, 0x40, 0x56, 0x91,
+ 0x57, 0x75, 0x83, 0x8d, 0xd4, 0x03, 0x4a, 0x60, 0x0e, 0x46, 0x27, 0x02,
+ 0x4e, 0x9d, 0xfb, 0xfe, 0xf2, 0xbe, 0x44, 0xa2, 0x8a, 0xc3, 0x2e, 0x46,
+ 0x29, 0x59, 0x8d, 0xb9, 0x61, 0x5a, 0x18, 0x96, 0x1b, 0xaa, 0x7a, 0xea,
+ 0x45, 0xfe, 0x93, 0x17, 0xb8, 0xb8, 0x6c, 0x42, 0xb3, 0xc8, 0xf5, 0x70,
+ 0xe3, 0x98, 0x46, 0xf4, 0x73, 0x61, 0x32, 0xee, 0x8e, 0xb1, 0x9f, 0x12,
+ 0xf5, 0xeb, 0xf3, 0xb7, 0xbc, 0x94, 0x32, 0xa5, 0xc4, 0xd0, 0x60, 0x95,
+ 0x0d, 0xd8, 0x11, 0x15, 0xad, 0xde, 0xea, 0xb5, 0xcb, 0xdb, 0x27, 0xe4,
+ 0x0f, 0x55, 0x1f, 0x65, 0xff, 0x02, 0xa3, 0xb8, 0xfb, 0x38, 0xe9, 0x7e,
+ 0x3d, 0x1f, 0xb9, 0xce, 0x06, 0xa2, 0x57, 0xca, 0x7a, 0xd9, 0x18, 0x90,
+ 0xef, 0xc3, 0x52, 0x50, 0xfc, 0xa6, 0xbf, 0x84, 0x7b, 0x8e, 0xd8, 0xf7,
+ 0x9c, 0x6a, 0x53, 0xc9, 0x10, 0x81, 0x9c, 0xd4, 0x67, 0xef, 0x1c, 0xd2,
+ 0x58, 0x86, 0x66, 0x45, 0x00, 0x26, 0x78, 0x11, 0x61, 0x53, 0xce, 0x50,
+ 0xda, 0x0c, 0xd4, 0x1b, 0xf7, 0xa4, 0xda, 0xab, 0xe2, 0x93, 0xed, 0x8b,
+ 0x34, 0x42, 0x3a, 0xf4, 0xae, 0x3d, 0x46, 0x86, 0xea, 0xae, 0x5f, 0xc2,
+ 0x5a, 0xd8, 0xed, 0x63, 0xc4, 0xd6, 0x51, 0x57, 0x81, 0xea, 0x59, 0x68,
+ 0xf4, 0x58, 0x8c, 0x02, 0xfc, 0xe9, 0x0a, 0x96, 0xa7, 0x29, 0xac, 0xaf,
+ 0xf2, 0x39, 0x17, 0xc8, 0xe0, 0x6e, 0x2a, 0x6d, 0x21, 0xb8, 0xf4, 0xe9,
+ 0x02, 0xd7, 0xbf, 0xc7, 0xf6, 0x09, 0xa0, 0x67, 0x6c, 0x98, 0x83, 0xba,
+ 0x7b, 0x71, 0x4a, 0xea, 0x3d, 0x89, 0x0a, 0x0e, 0x86, 0x6b, 0xa0, 0x25,
+ 0xf1, 0x3a, 0xa3, 0x66, 0x54, 0xff, 0x83, 0x2b, 0xca, 0x1f, 0x74, 0x1d,
+ 0x31, 0x93, 0xfc, 0x84, 0xcd, 0x3c, 0xc9, 0xf0, 0x7e, 0x39, 0xb7, 0x95,
+ 0xf7, 0xa9, 0x9c, 0x67, 0xcf, 0x10, 0x0f, 0xef, 0xc7, 0xce, 0x6b, 0x46,
+ 0x4c, 0x2a, 0x07, 0xb4, 0x24, 0xc4, 0x0a, 0x66, 0xaa, 0x35, 0xbb, 0xe9,
+ 0xe5, 0xcf, 0xd4, 0x19, 0x6b, 0x37, 0x56, 0x54, 0x34, 0x73, 0xd2, 0x63,
+ 0x5f, 0x43, 0xb7, 0x6b, 0xa7, 0x6f, 0x96, 0x2a, 0x58, 0xfc, 0xcd, 0x4d,
+ 0x8c, 0x15, 0x6c, 0x4c, 0x28, 0x8b, 0x68, 0xd1, 0xa1, 0x73, 0xb2, 0x72,
+ 0xa8, 0x42, 0x82, 0x2f, 0x2c, 0xa3, 0xff, 0x02, 0x4d, 0x84, 0xce, 0xb6,
+ 0x13, 0x7b, 0xd3, 0x7a, 0xdc, 0x62, 0xe1, 0xdc, 0xdb, 0x6b, 0xb0, 0x08,
+ 0x69, 0xe6, 0xbc, 0x53, 0xb2, 0xb0, 0xf7, 0x57, 0xe9, 0x7f, 0x52, 0x97,
+ 0xcc, 0xbd, 0x65, 0x65, 0x77, 0xe0, 0x0a, 0x5a, 0xb0, 0xbb, 0xc7, 0x6e,
+ 0x11, 0x4a, 0x0b, 0x62, 0x0c, 0x9d, 0xaa, 0xff, 0x82, 0x1f, 0x0c, 0xd9,
+ 0xe4, 0xf1, 0x9c, 0x32, 0x9d, 0xdf, 0x48, 0xde, 0x14, 0xe9, 0xb1, 0x00,
+ 0xd9, 0xb4, 0xd4, 0xb5, 0xd4, 0x45, 0x59, 0xd6, 0x55, 0x8a, 0x28, 0xc6,
+ 0xf7, 0xdc, 0xe3, 0x73, 0x77, 0xec, 0xc0, 0xfa, 0x02, 0x0b, 0xd6, 0x62,
+ 0x87, 0x58, 0xfe, 0x3c, 0x2c, 0x8b, 0x2a, 0xaf, 0x58, 0x33, 0x93, 0x91,
+ 0x61, 0x9e, 0xf6, 0x35, 0x54, 0x70, 0x84, 0x22, 0x96, 0x64, 0x71, 0xd4,
+ 0xde, 0x8a, 0x18, 0xd5, 0x43, 0xa7, 0x6e, 0x31, 0xb2, 0x9f, 0x88, 0x41,
+ 0x93, 0x7d, 0x4e, 0x61, 0x17, 0x39, 0xe7, 0x1f, 0x4f, 0xa2, 0x21, 0x40,
+ 0x2d, 0x2b, 0x56, 0xb4, 0xbd, 0xf7, 0x7c, 0xef, 0x0a, 0x70, 0xa8, 0x56,
+ 0x71, 0x87, 0x6a, 0x26, 0xb9, 0xfe, 0xba, 0x9c, 0x72, 0x74, 0x7a, 0x8b,
+ 0xa3, 0xaa, 0x0e, 0x19, 0x29, 0x2d, 0x84, 0x8c, 0xa7, 0xd2, 0xd4, 0x27,
+ 0x30, 0x3b, 0x67, 0xb5, 0xb7, 0xc3, 0x02, 0x17, 0x30, 0x3b, 0x47, 0x6e,
+ 0xc2, 0xf3, 0xf7, 0xfd, 0x41, 0x76, 0x99, 0xec, 0x92, 0xb8, 0xbd, 0xf3,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x06, 0x0f, 0x16, 0x20, 0x24, 0x28};
+const uint8_t kExpectedCase2Signature[BCM_MLDSA65_SIGNATURE_BYTES] = {
+ 0xef, 0xbf, 0xd8, 0x29, 0xd3, 0x48, 0xaf, 0x86, 0x0d, 0xe5, 0x31, 0xde,
+ 0xfc, 0xe8, 0x90, 0xc3, 0x1d, 0x9a, 0xda, 0x49, 0xd4, 0xb2, 0xab, 0x5e,
+ 0x19, 0x8e, 0x31, 0x6f, 0x73, 0x3f, 0x7f, 0x77, 0xf8, 0xda, 0x71, 0x90,
+ 0xf9, 0xad, 0x47, 0xdd, 0x9f, 0xed, 0xb9, 0x79, 0xbc, 0x70, 0xf7, 0x80,
+ 0x43, 0xa1, 0xf1, 0x68, 0x71, 0x25, 0x05, 0x54, 0x1f, 0x91, 0xc3, 0xd9,
+ 0xc1, 0xad, 0xbc, 0xb9, 0xa2, 0xd9, 0x80, 0x8d, 0xf4, 0xe4, 0xd2, 0xa6,
+ 0x63, 0x6b, 0x94, 0x5f, 0x16, 0xf4, 0xe1, 0xe6, 0x28, 0x6d, 0x8a, 0xb9,
+ 0x58, 0x72, 0xb7, 0xda, 0x42, 0xbd, 0xa7, 0xaa, 0x85, 0x72, 0x1e, 0xa6,
+ 0xe9, 0xf0, 0x57, 0x13, 0x98, 0x13, 0x88, 0x23, 0x81, 0x41, 0xe4, 0x8b,
+ 0x8b, 0x77, 0x50, 0x98, 0x20, 0x28, 0xc5, 0x0b, 0x66, 0x16, 0x3b, 0xad,
+ 0xf5, 0xf4, 0xd5, 0xe7, 0xe5, 0x99, 0xab, 0x21, 0x9b, 0x0f, 0xbd, 0x02,
+ 0x4c, 0x46, 0x25, 0xc4, 0x2f, 0x14, 0x35, 0x52, 0x12, 0x70, 0xe3, 0x22,
+ 0xa9, 0xa1, 0x99, 0x44, 0x40, 0xeb, 0xb3, 0x8d, 0xc7, 0xec, 0x42, 0x55,
+ 0x10, 0xe9, 0x6b, 0xbb, 0x20, 0xb7, 0x1d, 0xc4, 0x23, 0x11, 0x91, 0x2b,
+ 0x41, 0x3c, 0xc7, 0xe2, 0xda, 0xdf, 0xb6, 0x0a, 0xac, 0x43, 0x2e, 0xfe,
+ 0x6e, 0x01, 0x8f, 0xb7, 0x75, 0x4f, 0xa6, 0x2e, 0x1e, 0xff, 0x04, 0xfe,
+ 0x06, 0x73, 0xed, 0xba, 0x96, 0xad, 0x9f, 0xff, 0xb1, 0xea, 0x89, 0xfa,
+ 0x9f, 0xc9, 0xae, 0x26, 0x68, 0xec, 0xe3, 0x93, 0xaa, 0x35, 0xe6, 0xc6,
+ 0x1b, 0x99, 0xf3, 0xc1, 0xef, 0x8f, 0x56, 0xf4, 0xd9, 0x1f, 0xf3, 0xe0,
+ 0x96, 0xe3, 0x77, 0x76, 0x90, 0xbc, 0xba, 0xcf, 0x3f, 0x2b, 0x24, 0xda,
+ 0x48, 0xf5, 0x7f, 0x1d, 0x58, 0xe9, 0x69, 0x3c, 0xd6, 0x0b, 0x21, 0x7f,
+ 0xad, 0x7e, 0xc7, 0xce, 0x08, 0x52, 0x6c, 0x7a, 0xb9, 0xaf, 0xdb, 0x4f,
+ 0xc4, 0x56, 0x05, 0x3a, 0x3d, 0x94, 0xa0, 0xdc, 0x92, 0x14, 0x20, 0x3c,
+ 0xf1, 0x2a, 0xf7, 0x9f, 0xab, 0x6f, 0x1b, 0x7a, 0xb1, 0x0e, 0x7d, 0x72,
+ 0xdc, 0x65, 0xb1, 0x10, 0xa5, 0x1f, 0x83, 0x9d, 0x4c, 0x2a, 0x37, 0x4a,
+ 0x0d, 0xaa, 0xd4, 0x35, 0x13, 0x3e, 0x68, 0x24, 0x12, 0x31, 0x80, 0xbc,
+ 0x9a, 0x1d, 0x4a, 0xea, 0x31, 0x50, 0x7d, 0x57, 0x95, 0x56, 0x3c, 0x6a,
+ 0x5e, 0xbf, 0x82, 0x47, 0x53, 0x5d, 0x38, 0xce, 0x2b, 0xac, 0x03, 0xe6,
+ 0x50, 0xfd, 0x6a, 0x6a, 0xbb, 0x79, 0x83, 0xee, 0xe2, 0x10, 0xef, 0xb1,
+ 0xc1, 0x2b, 0x01, 0x9d, 0xdc, 0xae, 0x2d, 0xaf, 0x18, 0x48, 0x6d, 0xd2,
+ 0x00, 0x62, 0x96, 0x9e, 0x9d, 0xf9, 0x1e, 0xa5, 0xbc, 0x8e, 0x5f, 0x10,
+ 0x08, 0x63, 0x87, 0x8d, 0x18, 0x4f, 0xd3, 0x8f, 0x99, 0xa7, 0xb6, 0x80,
+ 0x4d, 0xf2, 0x44, 0x22, 0x0b, 0x2e, 0x5c, 0x78, 0x36, 0x93, 0xcb, 0x68,
+ 0x17, 0x00, 0xfc, 0x85, 0x89, 0xd4, 0x3b, 0x1e, 0xed, 0x69, 0xa8, 0xa3,
+ 0x3d, 0xd1, 0x79, 0x7d, 0x18, 0xd8, 0xea, 0xde, 0xf8, 0x4f, 0xd7, 0x82,
+ 0x84, 0x3e, 0x57, 0xf7, 0x6e, 0x6c, 0x7a, 0xd7, 0xa2, 0x35, 0x9b, 0xe0,
+ 0x81, 0xfb, 0xcf, 0x3e, 0xd5, 0xbf, 0x13, 0x25, 0x9d, 0x1e, 0x0d, 0x85,
+ 0x69, 0x17, 0xbc, 0x45, 0xfd, 0xe1, 0xb9, 0x1c, 0xbb, 0x48, 0x46, 0x9d,
+ 0x4e, 0x99, 0x0c, 0x8c, 0xba, 0xb0, 0x3d, 0x6f, 0x6d, 0xea, 0x62, 0xb4,
+ 0x70, 0xfb, 0xf9, 0xae, 0x20, 0x44, 0xfc, 0x5d, 0x61, 0xce, 0x7d, 0x1b,
+ 0x44, 0xae, 0x20, 0xee, 0x0f, 0x9f, 0xaa, 0xa1, 0x3e, 0x6b, 0x53, 0xb4,
+ 0x2e, 0x44, 0x2b, 0xdc, 0x83, 0xa5, 0x2a, 0xd5, 0xda, 0x23, 0x10, 0xbf,
+ 0x3f, 0xb1, 0x3b, 0xa8, 0x0f, 0x01, 0x06, 0xcd, 0xff, 0x01, 0x3e, 0x33,
+ 0x98, 0xb8, 0xf7, 0x26, 0x31, 0x19, 0x07, 0x96, 0x83, 0x94, 0x67, 0x70,
+ 0xac, 0xeb, 0xb1, 0x2f, 0x42, 0x63, 0x36, 0xf2, 0xf4, 0x13, 0x61, 0x72,
+ 0x3e, 0x70, 0xbb, 0xfe, 0xe5, 0x11, 0xc5, 0x77, 0x2f, 0xa2, 0x12, 0xa3,
+ 0x19, 0xff, 0xea, 0x9c, 0xf2, 0xcf, 0x6a, 0x49, 0x09, 0x00, 0x54, 0x1e,
+ 0xae, 0x8c, 0xb3, 0xfe, 0x12, 0x68, 0x24, 0x04, 0x7c, 0x48, 0x84, 0x29,
+ 0xb3, 0x5f, 0x71, 0x45, 0xc7, 0x62, 0xcf, 0xaf, 0xca, 0xe2, 0x8c, 0xd5,
+ 0xb5, 0xc9, 0x82, 0x69, 0x98, 0x0d, 0x16, 0x58, 0x31, 0xb3, 0x38, 0x68,
+ 0x20, 0x82, 0xd5, 0x51, 0xb6, 0xb3, 0x57, 0xb0, 0xa6, 0x7c, 0x6d, 0xf3,
+ 0x82, 0x85, 0xc6, 0xf2, 0x06, 0x67, 0x40, 0x4f, 0x0c, 0x58, 0xfb, 0xc2,
+ 0xa2, 0x73, 0x00, 0x38, 0x00, 0xcc, 0x70, 0x93, 0x6d, 0x6c, 0x3b, 0xd4,
+ 0x4f, 0xcf, 0xb5, 0x1a, 0x26, 0x4e, 0xdb, 0x43, 0xf1, 0x02, 0x9c, 0xe9,
+ 0xe6, 0x0d, 0x1b, 0xa2, 0xae, 0xaf, 0xee, 0x48, 0x21, 0x50, 0x9c, 0xfe,
+ 0xe7, 0xa1, 0x0a, 0x14, 0xf2, 0x59, 0x15, 0x04, 0xd1, 0x8f, 0x37, 0xfa,
+ 0x22, 0x7c, 0xe0, 0x91, 0x83, 0xc8, 0x5d, 0x10, 0xcc, 0xaa, 0x38, 0x03,
+ 0x4b, 0xb4, 0xee, 0xea, 0x7b, 0x1b, 0x9a, 0xfd, 0x92, 0x1b, 0x35, 0x5a,
+ 0x0e, 0xa9, 0xfe, 0xa9, 0x11, 0x42, 0xc1, 0xc9, 0x3d, 0xb8, 0x06, 0xcb,
+ 0x39, 0x59, 0xb0, 0xb2, 0xf2, 0x2d, 0x25, 0x98, 0xf5, 0xde, 0x94, 0xd3,
+ 0x9e, 0xcd, 0x39, 0xbc, 0x6a, 0xae, 0x85, 0x62, 0x36, 0x33, 0x7b, 0xe1,
+ 0x2f, 0x0f, 0x77, 0x25, 0x7a, 0xe1, 0x88, 0xb4, 0xcb, 0x6a, 0x5f, 0x2a,
+ 0x15, 0x02, 0x0b, 0xbd, 0xe2, 0x0c, 0x7b, 0xeb, 0x15, 0xe3, 0x02, 0xd9,
+ 0x56, 0x78, 0xcb, 0x71, 0x07, 0xc9, 0x40, 0xa6, 0xe3, 0x96, 0x79, 0xa2,
+ 0xb3, 0xe5, 0xe0, 0xfe, 0x78, 0xf8, 0xa1, 0x2a, 0x5d, 0xa8, 0x5d, 0x43,
+ 0x08, 0x52, 0xf1, 0xcd, 0x4e, 0x13, 0xc5, 0x85, 0x8d, 0x81, 0xa3, 0x18,
+ 0x1a, 0x23, 0x03, 0x85, 0xf4, 0x13, 0x60, 0xf5, 0x31, 0x02, 0xfb, 0xb9,
+ 0x6c, 0xe5, 0x06, 0x6b, 0xf3, 0x78, 0xf9, 0x03, 0x9c, 0x62, 0xf1, 0xcc,
+ 0xeb, 0xe5, 0x97, 0xe8, 0xf7, 0xb2, 0x70, 0xbd, 0xca, 0x37, 0x7c, 0x15,
+ 0xa3, 0x2f, 0xce, 0x0b, 0xb8, 0xd2, 0xd7, 0x9d, 0xea, 0x96, 0xc7, 0x49,
+ 0xf6, 0xc1, 0x21, 0x7b, 0x7c, 0x41, 0x48, 0x71, 0x71, 0x21, 0xfa, 0x72,
+ 0x41, 0x48, 0x79, 0x80, 0x4e, 0x9a, 0xd6, 0xbc, 0x9e, 0x21, 0x76, 0x08,
+ 0x78, 0x33, 0xe3, 0x84, 0x5a, 0xcb, 0x0d, 0xc6, 0x59, 0x73, 0xc8, 0x9e,
+ 0x11, 0x55, 0x7b, 0x67, 0xff, 0x1d, 0xa5, 0x2a, 0x1f, 0x8c, 0x1d, 0x58,
+ 0x82, 0x1f, 0xde, 0x56, 0x79, 0x36, 0xe0, 0x80, 0x8a, 0xe2, 0xc0, 0xbc,
+ 0x56, 0x7d, 0xdd, 0xc1, 0x58, 0xae, 0x14, 0xe2, 0x50, 0x51, 0x8b, 0xc2,
+ 0xf8, 0xde, 0x6c, 0x81, 0xb2, 0x20, 0xfe, 0x09, 0x8d, 0x01, 0xb4, 0xf5,
+ 0xf0, 0xf6, 0x6c, 0xc9, 0x98, 0xcf, 0x86, 0x86, 0xf8, 0x9c, 0x7a, 0x0e,
+ 0x76, 0x38, 0xf3, 0x84, 0x48, 0xaf, 0x1f, 0x10, 0x08, 0x14, 0x43, 0xbb,
+ 0x04, 0x34, 0x8b, 0x72, 0x23, 0x9c, 0x81, 0x54, 0x36, 0x0f, 0x72, 0x7e,
+ 0xae, 0xac, 0xe9, 0x14, 0x11, 0x80, 0x40, 0xbd, 0x5d, 0xe0, 0xcd, 0xe9,
+ 0xea, 0x91, 0x63, 0x99, 0x22, 0x2e, 0x0a, 0x3a, 0x09, 0x06, 0xb7, 0xe5,
+ 0x01, 0x3d, 0xc2, 0xb7, 0x8f, 0xaf, 0x6e, 0x6a, 0xd1, 0xd5, 0x64, 0x54,
+ 0x69, 0x22, 0x9f, 0x4e, 0xb1, 0x7a, 0xd6, 0x7e, 0x2b, 0xb1, 0xac, 0x54,
+ 0xb6, 0x45, 0x70, 0x22, 0xa0, 0x7c, 0xdf, 0x59, 0xba, 0x9a, 0x80, 0x83,
+ 0xdd, 0x58, 0x16, 0xbc, 0x13, 0x23, 0xee, 0x14, 0x9d, 0x1c, 0xd0, 0x50,
+ 0x6d, 0x7f, 0x16, 0xab, 0x59, 0x54, 0xe4, 0xdb, 0x51, 0xbf, 0x7a, 0x33,
+ 0xf1, 0x58, 0xad, 0xd8, 0xcb, 0xe3, 0x16, 0xa5, 0x22, 0xc1, 0xe8, 0x5a,
+ 0x79, 0x09, 0x8a, 0x54, 0x86, 0x53, 0xd7, 0x20, 0x79, 0x30, 0x34, 0x5e,
+ 0x18, 0x66, 0x8e, 0x3f, 0x25, 0x02, 0x46, 0x31, 0x59, 0x1a, 0x97, 0x04,
+ 0x1f, 0x81, 0x2d, 0xdf, 0x11, 0xeb, 0xb0, 0xe2, 0x20, 0xcc, 0x24, 0x25,
+ 0x3a, 0x04, 0x06, 0x6d, 0xf5, 0x6a, 0xf0, 0x5d, 0x6f, 0xb6, 0x77, 0x47,
+ 0xf2, 0xfb, 0x50, 0x8d, 0xf8, 0xc4, 0xdf, 0x5d, 0x7d, 0xb2, 0x36, 0x95,
+ 0xe1, 0x63, 0x78, 0x29, 0x09, 0xce, 0xe1, 0x34, 0xaf, 0x8f, 0x87, 0x85,
+ 0x09, 0xd5, 0x0b, 0xc0, 0x25, 0x8c, 0x5f, 0x9a, 0xc8, 0xf0, 0xf7, 0x32,
+ 0x08, 0xae, 0x32, 0xbe, 0x9f, 0xf3, 0xc9, 0x64, 0x1f, 0x09, 0xe4, 0x9e,
+ 0x96, 0xbb, 0xed, 0x32, 0x0c, 0x43, 0xad, 0x86, 0x06, 0xc2, 0xb6, 0x52,
+ 0xce, 0xf0, 0x60, 0x4e, 0x53, 0xf7, 0x36, 0xa0, 0x37, 0x13, 0xcd, 0x9f,
+ 0xfc, 0xf2, 0x4b, 0x69, 0xf2, 0x3a, 0xa4, 0xa0, 0x7c, 0x4f, 0xbc, 0x1f,
+ 0xd0, 0x5a, 0xf6, 0x8e, 0x86, 0xe6, 0x4f, 0xe2, 0xc8, 0xb8, 0x4a, 0xb5,
+ 0xb5, 0xec, 0x5c, 0x5d, 0x06, 0xd2, 0xd8, 0xf0, 0xb9, 0x22, 0xd3, 0x6d,
+ 0x6a, 0x26, 0xae, 0x09, 0xbe, 0x1a, 0x9a, 0x80, 0xdf, 0x6c, 0x29, 0xa0,
+ 0xa2, 0xa2, 0xbc, 0xb9, 0xbf, 0xd9, 0xac, 0x10, 0xc5, 0x5d, 0x3d, 0xe4,
+ 0x89, 0x12, 0x99, 0x4e, 0xab, 0x7b, 0x6a, 0x1c, 0xd4, 0x60, 0x20, 0x20,
+ 0x91, 0xfe, 0xf4, 0x2f, 0x0f, 0xfa, 0x5a, 0x77, 0xd0, 0x4c, 0x72, 0x3e,
+ 0x20, 0x14, 0xbf, 0x40, 0xb4, 0x2d, 0x7f, 0x10, 0x93, 0x77, 0x73, 0xb7,
+ 0x5d, 0xce, 0x64, 0x01, 0xe8, 0x7c, 0xc3, 0xae, 0xdc, 0xc6, 0x91, 0x11,
+ 0xb0, 0x4c, 0x00, 0x2a, 0xdb, 0xa8, 0xbb, 0xa9, 0x3e, 0x0d, 0x2a, 0x8b,
+ 0x75, 0x93, 0x1b, 0xcb, 0xb6, 0xc1, 0xcd, 0x33, 0xf7, 0x5f, 0x64, 0xe7,
+ 0xb4, 0x07, 0x7d, 0xdf, 0x9d, 0x1b, 0x4e, 0x38, 0xc1, 0x4e, 0xe0, 0xa4,
+ 0x18, 0xab, 0xdc, 0x7c, 0x33, 0x50, 0xdb, 0xd5, 0x33, 0xbb, 0xb9, 0x74,
+ 0x6e, 0xa5, 0x9f, 0x93, 0x6a, 0x4b, 0x8a, 0xf6, 0x6f, 0x10, 0xfa, 0x85,
+ 0xe0, 0x72, 0xfa, 0x58, 0x25, 0x79, 0x38, 0xe0, 0xfa, 0x80, 0xde, 0x35,
+ 0xe7, 0x4e, 0x37, 0x54, 0x5a, 0xf8, 0xb9, 0x77, 0x15, 0xc7, 0xa1, 0x6f,
+ 0x91, 0x98, 0x1d, 0x3d, 0x8c, 0xd4, 0x5b, 0xe9, 0x56, 0x20, 0x87, 0x2a,
+ 0x6a, 0x6f, 0xd1, 0x88, 0x02, 0x16, 0x46, 0x7b, 0x96, 0x03, 0x99, 0x17,
+ 0x51, 0x1a, 0x74, 0x9d, 0x13, 0x5f, 0xb2, 0xa6, 0xf2, 0xf6, 0x6f, 0x8c,
+ 0xb8, 0xd7, 0x3c, 0x41, 0xd8, 0x51, 0xb4, 0x4d, 0x70, 0x22, 0xb6, 0x93,
+ 0x76, 0xab, 0x82, 0x49, 0x76, 0x8b, 0xe2, 0x99, 0x3d, 0x25, 0x97, 0x74,
+ 0x8b, 0x8b, 0xd6, 0xdd, 0xab, 0xf7, 0x0d, 0xa1, 0xc9, 0x96, 0xb8, 0xfa,
+ 0xcb, 0xfb, 0x2c, 0xb6, 0xe5, 0x60, 0x7d, 0x7f, 0x7c, 0x4b, 0x05, 0x5b,
+ 0xe6, 0xee, 0xc5, 0x7c, 0x60, 0xba, 0x66, 0x7a, 0xc1, 0xc6, 0x9c, 0xce,
+ 0xae, 0xa7, 0x93, 0xb7, 0x5a, 0xc8, 0x7f, 0x9d, 0xaa, 0xe2, 0xc0, 0x4b,
+ 0xb8, 0x05, 0x1d, 0x68, 0x00, 0x17, 0x2e, 0x8e, 0xad, 0xe4, 0x01, 0xa7,
+ 0x82, 0x96, 0xd3, 0x31, 0x0e, 0xd3, 0x8f, 0xae, 0x83, 0xd3, 0xab, 0xa4,
+ 0xd2, 0x5e, 0x45, 0x99, 0x47, 0x97, 0x8b, 0x88, 0xcf, 0x0f, 0xa2, 0x7b,
+ 0x11, 0xc3, 0xb5, 0x5a, 0x39, 0x2a, 0x39, 0x7a, 0x57, 0x09, 0x0b, 0x1e,
+ 0x3e, 0xe7, 0x08, 0x89, 0xee, 0xeb, 0x0c, 0xce, 0x14, 0x60, 0x33, 0x1e,
+ 0xa1, 0x51, 0xf2, 0x72, 0x3c, 0xe3, 0xb1, 0xd5, 0x2a, 0x11, 0x96, 0xe9,
+ 0x1c, 0x40, 0xcd, 0x65, 0x01, 0x2a, 0xc5, 0x75, 0xea, 0x28, 0xfd, 0x8b,
+ 0xf6, 0x45, 0xd6, 0x4c, 0xde, 0x31, 0x7f, 0xa4, 0xfc, 0x8f, 0x9c, 0xd9,
+ 0x4a, 0xf2, 0xbc, 0xf6, 0x76, 0xdd, 0xef, 0xc4, 0x44, 0xd4, 0x16, 0xac,
+ 0x79, 0x44, 0x63, 0xb2, 0x0b, 0x9e, 0x73, 0x49, 0x5f, 0x2b, 0xc5, 0x5a,
+ 0xc7, 0x0a, 0xe3, 0x18, 0xd0, 0x49, 0xf6, 0x4d, 0x8d, 0x23, 0x22, 0xa9,
+ 0xa7, 0x07, 0x37, 0xa0, 0x1b, 0xf3, 0x81, 0xf2, 0xb1, 0x03, 0x16, 0x5c,
+ 0x5a, 0x0a, 0xe6, 0xa5, 0x26, 0x5c, 0xaf, 0x03, 0x16, 0x89, 0x4b, 0xe3,
+ 0x93, 0xcc, 0x1d, 0xc5, 0x67, 0x30, 0x66, 0xbf, 0x3d, 0x1b, 0xc9, 0x80,
+ 0xdb, 0x7c, 0xfa, 0xeb, 0x79, 0x32, 0x69, 0x61, 0x90, 0x21, 0xbb, 0x35,
+ 0x2a, 0xb9, 0x94, 0xc2, 0xfa, 0x8a, 0xe2, 0x1c, 0xb2, 0xc5, 0x77, 0x7d,
+ 0xd0, 0x0e, 0x20, 0xa3, 0x39, 0xd1, 0x2b, 0x5f, 0x97, 0x82, 0xf0, 0x9e,
+ 0x67, 0xe3, 0x15, 0xc8, 0x36, 0x2e, 0x75, 0x20, 0x90, 0x24, 0x61, 0xd4,
+ 0x32, 0xc6, 0x97, 0x41, 0xf0, 0xb4, 0x0e, 0xa2, 0xa2, 0x1e, 0x2b, 0x77,
+ 0xc2, 0x4c, 0x17, 0x35, 0xe1, 0x1a, 0x15, 0x1e, 0x3f, 0xf7, 0xf1, 0x3b,
+ 0x91, 0x77, 0xe9, 0x84, 0x73, 0x2c, 0x61, 0xe9, 0x41, 0x45, 0x56, 0xd1,
+ 0x3b, 0xe4, 0x54, 0x79, 0x15, 0x75, 0x51, 0xe2, 0xbe, 0xed, 0x32, 0xd0,
+ 0xef, 0x34, 0xf1, 0x1f, 0x2e, 0xa8, 0x8e, 0x6b, 0x59, 0x65, 0xb1, 0x2a,
+ 0x54, 0xf7, 0x4c, 0x1a, 0x6b, 0x3c, 0x18, 0xeb, 0x97, 0x3b, 0x94, 0xd4,
+ 0xfe, 0xe4, 0xae, 0x76, 0x2c, 0xf0, 0xbb, 0x4a, 0x63, 0xd6, 0x87, 0xe0,
+ 0x94, 0xee, 0xc9, 0x5a, 0xba, 0x80, 0x28, 0x5e, 0x6b, 0x14, 0x73, 0x7b,
+ 0xe6, 0x4b, 0x0a, 0x81, 0x80, 0x87, 0x68, 0xe0, 0xcb, 0xb8, 0x20, 0x8e,
+ 0x47, 0x69, 0xd2, 0x39, 0x10, 0x8b, 0xc7, 0x29, 0x41, 0x6b, 0x8d, 0xe5,
+ 0x29, 0xd9, 0xad, 0xb1, 0x69, 0x8c, 0xc2, 0xa1, 0x50, 0xd2, 0xe3, 0x80,
+ 0xe4, 0x09, 0xa2, 0xd6, 0xae, 0x75, 0x65, 0xca, 0x45, 0x75, 0xe9, 0xab,
+ 0x2c, 0x99, 0xc6, 0xe9, 0x04, 0xd0, 0xcc, 0x9d, 0xea, 0xc7, 0x85, 0x4c,
+ 0xb2, 0xb1, 0x6f, 0x49, 0xf1, 0xe5, 0x51, 0xce, 0xa6, 0x7e, 0x68, 0xe5,
+ 0x2b, 0xbe, 0xed, 0x21, 0x12, 0x9f, 0x3b, 0x03, 0x6f, 0x84, 0xd6, 0x47,
+ 0x27, 0x76, 0x7f, 0x7b, 0xb8, 0x45, 0x8f, 0xa0, 0xff, 0xb1, 0xa8, 0x8e,
+ 0x4a, 0x33, 0x3b, 0xfe, 0x5a, 0x37, 0x90, 0xe7, 0x37, 0x7b, 0xfc, 0xf4,
+ 0xb3, 0x5f, 0x1c, 0xf7, 0x77, 0xb7, 0x09, 0x77, 0xa1, 0x4d, 0x4e, 0x59,
+ 0xcb, 0x8d, 0x61, 0x8f, 0xee, 0x5a, 0xfb, 0xc0, 0x0b, 0x4e, 0x05, 0x76,
+ 0xa0, 0xd0, 0xc8, 0x8e, 0x2c, 0xba, 0x11, 0xde, 0xa0, 0xc9, 0x69, 0xf4,
+ 0x53, 0xda, 0xc7, 0xda, 0x13, 0x62, 0x94, 0xe4, 0x2f, 0x73, 0x21, 0xca,
+ 0xaf, 0x3f, 0xd2, 0xaf, 0xbe, 0x8e, 0xea, 0x8f, 0xd6, 0x88, 0x74, 0x94,
+ 0x95, 0x42, 0x04, 0xb4, 0x4c, 0x9a, 0xad, 0xf6, 0x7f, 0xe0, 0xad, 0xf4,
+ 0x86, 0x52, 0x09, 0x36, 0x02, 0xb8, 0x61, 0x43, 0xe5, 0x2c, 0xd0, 0xd5,
+ 0x59, 0xc0, 0xf9, 0x99, 0x7c, 0x76, 0xc3, 0xb2, 0xb6, 0x59, 0x9a, 0x4f,
+ 0xd1, 0x0c, 0xc4, 0x76, 0x86, 0xfc, 0xd5, 0x23, 0x3e, 0x3c, 0x07, 0x9b,
+ 0x23, 0xac, 0x64, 0x58, 0x91, 0xb8, 0xd6, 0x96, 0xdc, 0x77, 0xaf, 0x32,
+ 0x32, 0x38, 0xda, 0xeb, 0xc5, 0x43, 0xb6, 0x96, 0x70, 0xbb, 0x63, 0x46,
+ 0x0b, 0xfd, 0xe5, 0x93, 0xdc, 0xb2, 0xaf, 0x80, 0x94, 0xb8, 0xd1, 0x94,
+ 0x59, 0x1e, 0xcb, 0x2d, 0xa5, 0xa2, 0xd6, 0xcd, 0x1a, 0x23, 0xd5, 0x61,
+ 0x03, 0xa7, 0x49, 0xc7, 0xb5, 0xd5, 0x1a, 0x16, 0x60, 0xc6, 0xc7, 0x94,
+ 0xbe, 0x79, 0x99, 0xf0, 0x11, 0x4f, 0x4b, 0x03, 0xdc, 0xfc, 0xb2, 0xd4,
+ 0x7a, 0xf8, 0xe0, 0xa4, 0x77, 0xd6, 0xa4, 0x01, 0xe2, 0x1f, 0xf1, 0x9b,
+ 0xdb, 0xba, 0x8b, 0x42, 0xe6, 0x5e, 0xa6, 0x89, 0x11, 0xab, 0xf1, 0xe9,
+ 0xad, 0x7b, 0x58, 0xfa, 0x68, 0x18, 0x17, 0xff, 0xe3, 0xe2, 0xa0, 0x94,
+ 0xb5, 0xf0, 0x72, 0x40, 0x65, 0x12, 0xfb, 0x11, 0xc9, 0x56, 0x56, 0xce,
+ 0xb1, 0x86, 0x5c, 0x50, 0x74, 0x49, 0x96, 0xf8, 0x43, 0x52, 0x9c, 0xaa,
+ 0xd2, 0x39, 0x84, 0xb3, 0x02, 0xc5, 0xa5, 0x8f, 0xbd, 0x6c, 0xc4, 0x74,
+ 0xf2, 0xc1, 0x0a, 0x08, 0xd0, 0xd9, 0x69, 0xff, 0xf2, 0x80, 0x50, 0x35,
+ 0x63, 0x88, 0x45, 0x0b, 0x8c, 0xd2, 0x48, 0x55, 0x0d, 0xba, 0xa9, 0x4c,
+ 0x7e, 0xd2, 0xaa, 0xb0, 0x7d, 0x46, 0x60, 0x15, 0x23, 0x4b, 0xa6, 0x4d,
+ 0x68, 0x85, 0x31, 0x12, 0xc5, 0x58, 0xdc, 0x2f, 0x26, 0x51, 0xf2, 0x96,
+ 0x7e, 0x2b, 0x67, 0xad, 0x66, 0x80, 0x33, 0x87, 0x33, 0x71, 0x52, 0x5d,
+ 0xd9, 0x4a, 0x1e, 0x23, 0x95, 0x70, 0xec, 0x85, 0x2d, 0x1d, 0x94, 0x33,
+ 0x40, 0xca, 0xef, 0x61, 0x3f, 0x77, 0x38, 0x65, 0x32, 0x9d, 0x94, 0x00,
+ 0xd6, 0x12, 0x4a, 0x37, 0x20, 0xe3, 0xc8, 0xc7, 0xdc, 0x59, 0x9b, 0x43,
+ 0xbe, 0x97, 0x33, 0x66, 0xc0, 0xc9, 0xa5, 0xbc, 0xfe, 0xec, 0x02, 0xf6,
+ 0x52, 0x18, 0x64, 0x24, 0x0c, 0x55, 0xc7, 0x0f, 0x62, 0x56, 0x45, 0xa2,
+ 0x7c, 0x93, 0xa3, 0xea, 0x0f, 0x87, 0xd1, 0xba, 0x23, 0x42, 0x80, 0xd9,
+ 0xc2, 0xb3, 0xd6, 0x25, 0x73, 0x10, 0x5b, 0x1a, 0xc1, 0xed, 0x4f, 0xa2,
+ 0x8d, 0x8e, 0x4d, 0x1b, 0x55, 0x64, 0xfd, 0xe3, 0x89, 0xab, 0xd6, 0xe6,
+ 0x45, 0x49, 0x6f, 0x91, 0x68, 0xb9, 0x26, 0xa4, 0xdd, 0x9f, 0x55, 0xa0,
+ 0x5f, 0x35, 0x69, 0x27, 0xd1, 0xb6, 0x5a, 0x3f, 0xcc, 0x52, 0x40, 0xad,
+ 0xda, 0x10, 0x8d, 0x2f, 0xd6, 0x8c, 0x01, 0xe1, 0x32, 0x73, 0xe1, 0x32,
+ 0xc3, 0xe7, 0x7e, 0xac, 0xba, 0x8c, 0xac, 0x38, 0x8f, 0x02, 0x0d, 0x67,
+ 0xa9, 0xc4, 0xab, 0x4e, 0xb5, 0x31, 0x77, 0xa2, 0x12, 0xd6, 0xaa, 0x58,
+ 0x57, 0xe7, 0xeb, 0xa6, 0x66, 0xd7, 0x36, 0xdc, 0x5c, 0x21, 0x86, 0xa4,
+ 0x76, 0x0a, 0x9c, 0x27, 0xb8, 0xeb, 0x0c, 0xc7, 0x2c, 0xf5, 0xe5, 0x49,
+ 0x8c, 0x62, 0x39, 0x82, 0xc0, 0xc4, 0x73, 0x8c, 0x74, 0x5d, 0xeb, 0xba,
+ 0xa5, 0x5a, 0xe2, 0x50, 0xdc, 0x06, 0xb7, 0x0b, 0x6c, 0xb9, 0x7e, 0x3d,
+ 0x01, 0xb7, 0x48, 0x2d, 0x4b, 0x90, 0xe7, 0x6d, 0x99, 0x58, 0xe1, 0xab,
+ 0x2b, 0xf1, 0x06, 0x5e, 0x25, 0x08, 0x9b, 0xc3, 0x79, 0xaf, 0xe0, 0x5e,
+ 0x01, 0xbb, 0x61, 0xb7, 0xc5, 0x22, 0x1c, 0xaf, 0x68, 0xef, 0x7f, 0xbb,
+ 0x41, 0x8b, 0x99, 0x19, 0xf0, 0x68, 0xe9, 0x94, 0x74, 0xe5, 0xda, 0xd4,
+ 0xf3, 0x8c, 0x4f, 0xdf, 0x09, 0x8f, 0x74, 0xd3, 0xbf, 0xe5, 0xee, 0x58,
+ 0xc0, 0x22, 0xa0, 0x91, 0x1e, 0xfa, 0x6b, 0x3b, 0x02, 0x2a, 0x03, 0xab,
+ 0x6a, 0xe2, 0xaa, 0xfe, 0x64, 0xbd, 0x77, 0xd0, 0x77, 0xc8, 0xbb, 0x75,
+ 0x9d, 0xb3, 0x3e, 0xe7, 0xc3, 0x57, 0x14, 0xb1, 0x75, 0x44, 0x98, 0x15,
+ 0x97, 0xef, 0x4c, 0xd2, 0x94, 0x50, 0x93, 0x89, 0x3a, 0x6f, 0xfa, 0x10,
+ 0x78, 0x90, 0xde, 0xef, 0xcb, 0x7d, 0x5d, 0xae, 0xbc, 0xfa, 0x48, 0x08,
+ 0x81, 0xc9, 0x0b, 0xdd, 0x90, 0x38, 0x34, 0x70, 0x66, 0x1a, 0x0e, 0xb1,
+ 0xe8, 0x99, 0x4e, 0x05, 0xf6, 0xa9, 0x88, 0x7f, 0xa6, 0x22, 0x19, 0x68,
+ 0xe1, 0xf5, 0x6b, 0xfc, 0xe7, 0xeb, 0xaa, 0x5b, 0xc4, 0x62, 0x8c, 0x19,
+ 0x45, 0xb9, 0x77, 0x8e, 0xcc, 0x31, 0xb4, 0xb3, 0x64, 0x43, 0xec, 0x95,
+ 0xe5, 0xd7, 0x63, 0x06, 0x29, 0xd8, 0x0c, 0xcb, 0xeb, 0x97, 0xa6, 0xad,
+ 0x37, 0x28, 0x7c, 0x8c, 0x28, 0xd6, 0x97, 0xa9, 0xc6, 0x3f, 0x9e, 0x1c,
+ 0x26, 0x0d, 0xf1, 0xba, 0xb1, 0x55, 0x96, 0xde, 0x86, 0xbf, 0x4e, 0x36,
+ 0x1f, 0x6c, 0x1c, 0xc6, 0xf5, 0x35, 0xb3, 0xb3, 0x74, 0xa0, 0x23, 0x86,
+ 0xda, 0x9e, 0x9a, 0xfd, 0xb7, 0xe8, 0x43, 0x67, 0x51, 0x26, 0x2d, 0xb3,
+ 0x72, 0x75, 0x6f, 0xd5, 0x2a, 0xae, 0xa3, 0xea, 0x04, 0xed, 0x83, 0x96,
+ 0xbb, 0xd1, 0x0d, 0x13, 0xdb, 0xc0, 0xb3, 0x26, 0x93, 0x54, 0x03, 0x2b,
+ 0x6e, 0x6a, 0x85, 0x8f, 0x50, 0x6f, 0xa3, 0xd3, 0x43, 0xda, 0x05, 0x1a,
+ 0x67, 0x86, 0x4e, 0xc5, 0x8f, 0xb2, 0x26, 0x71, 0xea, 0x4a, 0xcb, 0x24,
+ 0x4b, 0x00, 0x2e, 0xf0, 0xac, 0xaa, 0xae, 0x47, 0x0c, 0x01, 0x3b, 0x20,
+ 0xd0, 0x03, 0x58, 0xff, 0x4f, 0x00, 0xaf, 0xb0, 0xd1, 0x01, 0x41, 0xaf,
+ 0xfb, 0xdc, 0xcd, 0xa9, 0xe7, 0xa1, 0xeb, 0x81, 0x17, 0x41, 0x74, 0x6c,
+ 0x9b, 0xfb, 0x0d, 0xeb, 0x0c, 0x7a, 0xd0, 0x85, 0x6b, 0x0a, 0x30, 0x2b,
+ 0xa5, 0x1a, 0x67, 0xb2, 0x1a, 0x5e, 0x34, 0x89, 0x18, 0x37, 0x3e, 0xbe,
+ 0xd9, 0x81, 0x06, 0xd6, 0xcf, 0x8f, 0xdf, 0x4d, 0x94, 0x49, 0xc9, 0x12,
+ 0xe2, 0xb6, 0xc5, 0xc3, 0xdf, 0x05, 0xdb, 0x7c, 0xf0, 0x4a, 0xdf, 0x90,
+ 0xfa, 0x7e, 0xce, 0x89, 0x93, 0xf7, 0x28, 0x37, 0xd0, 0x1f, 0x3e, 0x7c,
+ 0x6d, 0x0e, 0x75, 0x5f, 0x55, 0xcb, 0xd1, 0x9e, 0x06, 0xed, 0xdd, 0x27,
+ 0xae, 0xb3, 0xce, 0xc0, 0x18, 0xce, 0x4a, 0x4f, 0x43, 0x81, 0x0d, 0x4c,
+ 0x29, 0x53, 0x91, 0xda, 0x5f, 0x22, 0x29, 0xed, 0x49, 0xbe, 0xed, 0x55,
+ 0x37, 0xf1, 0xa6, 0xfc, 0x7d, 0x10, 0xd7, 0xd0, 0xd3, 0xf2, 0xaf, 0x19,
+ 0xf3, 0x40, 0x2f, 0xfd, 0xe0, 0x16, 0x7e, 0x00, 0xb5, 0x4d, 0x57, 0x65,
+ 0xe6, 0x68, 0xef, 0xdb, 0x49, 0xe2, 0xaa, 0x39, 0xfc, 0x8d, 0x19, 0xa2,
+ 0x61, 0x6f, 0xdf, 0x43, 0xf4, 0x18, 0x5d, 0x16, 0xd9, 0x68, 0x92, 0x45,
+ 0x0d, 0x7f, 0x8d, 0x6f, 0xfd, 0x63, 0x26, 0x6d, 0x64, 0xfc, 0xf7, 0xa2,
+ 0x29, 0xda, 0x40, 0x65, 0x98, 0xfa, 0x2e, 0xba, 0x9f, 0x54, 0xfb, 0xc1,
+ 0xe4, 0x8f, 0xbc, 0x6e, 0x57, 0xe5, 0x9a, 0x9d, 0x1c, 0x63, 0x04, 0xc9,
+ 0x89, 0xf7, 0xe2, 0xdf, 0x3b, 0x83, 0xc8, 0x99, 0x65, 0xb7, 0x30, 0x7a,
+ 0x7b, 0x54, 0x95, 0x3f, 0x4e, 0x26, 0x05, 0xa6, 0x86, 0x40, 0x63, 0x4a,
+ 0xb8, 0x53, 0x33, 0x0c, 0x4e, 0x52, 0x26, 0x50, 0xf2, 0x81, 0x2f, 0x69,
+ 0xb0, 0x9d, 0x9e, 0x46, 0x2c, 0x1d, 0xfe, 0x79, 0x79, 0xff, 0x60, 0x83,
+ 0x05, 0x3f, 0xab, 0xcf, 0x04, 0x45, 0xe0, 0x19, 0xb7, 0xb3, 0x50, 0xc7,
+ 0x5e, 0x49, 0xe7, 0xed, 0x4c, 0x76, 0x60, 0x3e, 0xc9, 0x55, 0x11, 0xdc,
+ 0x54, 0xc7, 0x93, 0x13, 0xa8, 0x97, 0x0b, 0x46, 0xfb, 0xad, 0xa5, 0xeb,
+ 0xfc, 0xaa, 0x4a, 0x41, 0xc1, 0xc2, 0xee, 0xbd, 0x15, 0xb5, 0x91, 0x04,
+ 0x77, 0x93, 0xf1, 0x72, 0x38, 0x3f, 0x0b, 0x1e, 0x18, 0xdd, 0x93, 0x2c,
+ 0x1f, 0x32, 0x60, 0x12, 0x4f, 0x1b, 0x06, 0x34, 0xcb, 0xa5, 0x3a, 0x0f,
+ 0x07, 0xff, 0x9b, 0x39, 0xc0, 0x7c, 0xd8, 0xd7, 0x97, 0xe0, 0x08, 0x3b,
+ 0x55, 0xc7, 0x80, 0xc4, 0x07, 0xf6, 0x11, 0x9c, 0x5b, 0x25, 0x02, 0xc4,
+ 0x61, 0xb5, 0xa9, 0x8f, 0xec, 0x01, 0x5c, 0x17, 0xd8, 0x90, 0x48, 0xc5,
+ 0xd4, 0x2a, 0x0d, 0x8b, 0x40, 0x87, 0x46, 0x5e, 0xa2, 0x83, 0xf2, 0x64,
+ 0xf5, 0xb1, 0xeb, 0x52, 0xb2, 0x19, 0x9d, 0x2c, 0x29, 0x59, 0x3e, 0xde,
+ 0x6e, 0x33, 0xa3, 0x17, 0xd7, 0xf8, 0x58, 0x21, 0x42, 0x49, 0x7f, 0x5e,
+ 0x5c, 0xd9, 0x7f, 0x9f, 0xa0, 0x99, 0xa6, 0xfd, 0x66, 0x0c, 0x15, 0x64,
+ 0x5f, 0x1e, 0x01, 0x9d, 0x36, 0x20, 0xa9, 0xa4, 0x13, 0x2c, 0xc0, 0x80,
+ 0x92, 0x44, 0xd5, 0x61, 0xad, 0xd5, 0x9c, 0xf2, 0xdd, 0xc2, 0x0b, 0xc2,
+ 0x24, 0x1f, 0x69, 0x38, 0x48, 0x2c, 0x68, 0xf8, 0x19, 0xbe, 0x34, 0x21,
+ 0x38, 0xd0, 0x9c, 0xe5, 0xc0, 0xb8, 0x2b, 0x33, 0x24, 0x4c, 0x83, 0xe4,
+ 0x7d, 0xdb, 0x75, 0x7e, 0x60, 0xb4, 0x71, 0xaf, 0xb0, 0xc5, 0xb6, 0x4a,
+ 0xba, 0x9a, 0x83, 0x0b, 0x40, 0xf4, 0x96, 0x5a, 0xe2, 0x78, 0x20, 0x33,
+ 0xbb, 0x87, 0xba, 0x09, 0xf2, 0xd0, 0x24, 0x81, 0x23, 0xf5, 0x1b, 0x85,
+ 0x75, 0x12, 0x5d, 0x3e, 0xc5, 0x13, 0xc8, 0x03, 0xb7, 0xd5, 0x45, 0x70,
+ 0x64, 0x25, 0xfa, 0x58, 0xb5, 0x38, 0x11, 0x1f, 0xe7, 0x9e, 0x89, 0x5a,
+ 0x90, 0x59, 0xef, 0x7b, 0xd9, 0x14, 0x28, 0x2e, 0xf6, 0x30, 0x04, 0xf4,
+ 0xd0, 0x13, 0xba, 0xfc, 0x95, 0x39, 0x1a, 0xf4, 0xf4, 0xfd, 0x38, 0x83,
+ 0x46, 0x48, 0xc1, 0x31, 0x87, 0x0b, 0xa3, 0x1e, 0x67, 0x76, 0x83, 0xff,
+ 0x00, 0x52, 0x6b, 0xe8, 0xf4, 0x70, 0xa6, 0xba, 0xc0, 0xc4, 0x38, 0x9b,
+ 0xe0, 0x01, 0x07, 0x23, 0x3f, 0x58, 0x68, 0x7d, 0xbe, 0xdc, 0x0a, 0x4b,
+ 0xcc, 0xef, 0xf0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x04, 0x09, 0x0e, 0x11, 0x1a, 0x1f};
+
+const uint8_t kExpectedVerifySignature[] = {
+ 0x49, 0x23, 0xce, 0xa1, 0x29, 0x3b, 0x24, 0x00, 0xcc, 0xc3, 0xb1, 0x9f,
+ 0x1e, 0x80, 0x3e, 0xd8, 0x5a, 0x0d, 0x6e, 0x0b, 0xa6, 0x4f, 0x35, 0xf8,
+ 0x45, 0xf4, 0x20, 0xd8, 0x48, 0xe1, 0x85, 0x82, 0x05, 0x88, 0x3f, 0xdd,
+ 0xd4, 0xbd, 0xa0, 0xd9, 0xe3, 0x35, 0xca, 0x31, 0x02, 0x72, 0x95, 0x2c,
+ 0xd4, 0xfa, 0xf8, 0x76, 0x7a, 0xe1, 0x35, 0xcb, 0x7e, 0x93, 0xdd, 0x27,
+ 0xb9, 0x5d, 0x71, 0x0a, 0x08, 0xaf, 0xc2, 0x09, 0xbb, 0x74, 0xfa, 0xd9,
+ 0x46, 0x3b, 0x2f, 0x00, 0x53, 0xee, 0x74, 0x1c, 0x85, 0x15, 0xa8, 0x4b,
+ 0xa7, 0xf9, 0x0b, 0xbf, 0x9c, 0xde, 0x84, 0x03, 0xe3, 0x4f, 0x12, 0x21,
+ 0xe9, 0x1e, 0x7a, 0x06, 0x70, 0xd9, 0x68, 0x84, 0x53, 0x83, 0xcd, 0x72,
+ 0x4c, 0xe5, 0xcd, 0x6c, 0x30, 0x47, 0xd9, 0x28, 0x59, 0x64, 0x46, 0x57,
+ 0x93, 0xb5, 0x58, 0xe0, 0x8d, 0x92, 0x15, 0x16, 0xd0, 0x05, 0x09, 0x9f,
+ 0xdc, 0xcc, 0x2e, 0xfd, 0x8e, 0x13, 0x47, 0x41, 0x44, 0x15, 0x6c, 0x32,
+ 0x9f, 0x37, 0xfe, 0xe0, 0x31, 0xfb, 0xcb, 0x94, 0xec, 0x83, 0x37, 0x3e,
+ 0x72, 0x91, 0x0c, 0xab, 0xe0, 0x19, 0x57, 0xb8, 0xd0, 0xfb, 0x3f, 0x1c,
+ 0xe2, 0xb6, 0xf9, 0xc5, 0x9c, 0x91, 0x92, 0x1b, 0x2e, 0x0f, 0x6f, 0xf1,
+ 0xe6, 0x5a, 0xf1, 0x3c, 0x1a, 0x2c, 0xa6, 0xfb, 0x9d, 0x48, 0x86, 0x33,
+ 0xab, 0x94, 0xdf, 0x0b, 0x6b, 0xa8, 0xf0, 0x08, 0xb6, 0x59, 0xd4, 0xad,
+ 0xad, 0x9e, 0xe6, 0x07, 0x26, 0x00, 0x9a, 0x34, 0xc8, 0x2c, 0x7b, 0xd5,
+ 0x2e, 0xe0, 0x47, 0xd8, 0x0b, 0xd0, 0x34, 0x87, 0x62, 0xc5, 0x4d, 0x00,
+ 0xbc, 0x18, 0x62, 0x0b, 0x7f, 0xb7, 0xb6, 0x88, 0x43, 0x9f, 0x3f, 0x77,
+ 0x87, 0xec, 0xad, 0x21, 0xc2, 0xec, 0xfc, 0x99, 0x2f, 0xb6, 0x97, 0xab,
+ 0x40, 0xb3, 0xc2, 0x57, 0x33, 0x27, 0xde, 0x4b, 0xc6, 0x8e, 0x69, 0x47,
+ 0x59, 0x16, 0xe6, 0x49, 0xf7, 0x69, 0xe9, 0x3a, 0x08, 0xca, 0xd4, 0xd4,
+ 0x29, 0x44, 0x6d, 0xf3, 0x10, 0x56, 0x6f, 0x4b, 0x1d, 0x47, 0xb8, 0x9e,
+ 0x66, 0x5e, 0x11, 0x46, 0xec, 0xa8, 0x45, 0xc9, 0x66, 0xc1, 0x4a, 0x0c,
+ 0x62, 0x01, 0x2a, 0x05, 0xc6, 0xda, 0xb0, 0xd9, 0x95, 0x09, 0xc0, 0x97,
+ 0xe0, 0x33, 0xa2, 0x89, 0x36, 0xf6, 0xab, 0xa0, 0x7f, 0x65, 0xff, 0x2c,
+ 0xf5, 0xb9, 0x06, 0x74, 0x8b, 0xc2, 0x10, 0xc7, 0x7f, 0xdb, 0xfd, 0x6d,
+ 0xfe, 0xa8, 0xed, 0xd9, 0x41, 0x3b, 0x1d, 0x40, 0x96, 0xc8, 0xf5, 0x7c,
+ 0x23, 0x7b, 0xfc, 0x80, 0x5a, 0xb3, 0x1d, 0xfd, 0x29, 0x37, 0xfc, 0x12,
+ 0xa5, 0x64, 0x18, 0x93, 0xea, 0xc3, 0x15, 0xf6, 0x36, 0x3e, 0x92, 0xd6,
+ 0x31, 0x1c, 0xe2, 0x70, 0x89, 0xd9, 0x55, 0x4f, 0x42, 0x9e, 0x5e, 0xd2,
+ 0x80, 0x4a, 0x71, 0x31, 0xfc, 0x8f, 0xc2, 0x7f, 0xfc, 0xed, 0x8e, 0x48,
+ 0x8c, 0xc1, 0x7b, 0xa8, 0x73, 0xd3, 0x25, 0xd6, 0xe2, 0x1e, 0x14, 0x5e,
+ 0xbb, 0xd1, 0x3e, 0x44, 0x4c, 0x97, 0x99, 0xc4, 0xb9, 0xce, 0x42, 0xa1,
+ 0x0c, 0x0d, 0xa2, 0xd1, 0x60, 0xfe, 0x58, 0xf6, 0xf5, 0x4a, 0x27, 0x07,
+ 0xac, 0x49, 0x10, 0x71, 0x85, 0xc4, 0xdf, 0xab, 0x73, 0xde, 0x82, 0x17,
+ 0xb6, 0x0c, 0x97, 0x77, 0x8a, 0xd6, 0x88, 0x1e, 0x0b, 0xb5, 0x87, 0xa9,
+ 0xc5, 0xcb, 0x34, 0x48, 0x19, 0x86, 0xf1, 0x72, 0x68, 0xd9, 0xdc, 0x4b,
+ 0x6e, 0x06, 0x6c, 0x7d, 0x39, 0x47, 0xfe, 0xf9, 0x78, 0x23, 0x63, 0xa2,
+ 0x3c, 0xdc, 0xd0, 0x23, 0x44, 0x64, 0x49, 0x06, 0x12, 0x43, 0x35, 0xc6,
+ 0xcb, 0xd1, 0x87, 0x07, 0xaa, 0x9a, 0x03, 0x30, 0x93, 0xc7, 0xac, 0x92,
+ 0x28, 0xb5, 0xbd, 0x43, 0xc2, 0x86, 0xda, 0x36, 0xf1, 0xc1, 0x81, 0x68,
+ 0xd9, 0xcd, 0x00, 0x2d, 0x44, 0x16, 0xa7, 0x21, 0x37, 0x26, 0x87, 0xc8,
+ 0x0a, 0xf4, 0x8b, 0x40, 0x29, 0x84, 0xe8, 0x70, 0x56, 0xb4, 0x3f, 0xc6,
+ 0xc8, 0x96, 0xb5, 0xea, 0xc0, 0x7b, 0x4a, 0x67, 0x2b, 0x6d, 0xd0, 0x0d,
+ 0xd4, 0x79, 0x2d, 0xbd, 0xe1, 0xf1, 0xb3, 0x50, 0x2e, 0xac, 0x22, 0xf4,
+ 0x40, 0xec, 0x1b, 0xdc, 0xd5, 0x3d, 0xea, 0x7d, 0xa4, 0x53, 0x6a, 0x66,
+ 0x0b, 0x85, 0xa2, 0x57, 0xb6, 0x0d, 0xfe, 0x8f, 0xc5, 0x55, 0x1d, 0xcc,
+ 0xe1, 0x39, 0xc0, 0x32, 0xb5, 0x22, 0x35, 0x8b, 0x01, 0x0c, 0xb5, 0x4b,
+ 0xd5, 0x1a, 0xd7, 0x39, 0xa0, 0x32, 0x47, 0x50, 0x30, 0xef, 0x74, 0xf3,
+ 0x52, 0x53, 0x29, 0x8c, 0xaa, 0x24, 0x94, 0xb8, 0xc0, 0xb9, 0xc3, 0x18,
+ 0x5a, 0x49, 0x6d, 0x0e, 0xe4, 0xcc, 0xa0, 0xfb, 0xb9, 0x45, 0xe2, 0x2f,
+ 0x89, 0x00, 0x8c, 0x5a, 0xc8, 0x1c, 0x61, 0x21, 0x6c, 0x35, 0x05, 0xc9,
+ 0x83, 0x07, 0x32, 0x73, 0x73, 0xa6, 0x34, 0x89, 0x83, 0x86, 0xb1, 0xa8,
+ 0x49, 0xaa, 0xec, 0x0c, 0x9a, 0x32, 0xc6, 0x34, 0xbd, 0x9b, 0xbe, 0x74,
+ 0x06, 0x3d, 0x6d, 0x83, 0x7d, 0x47, 0x4b, 0xb3, 0x45, 0x78, 0x3d, 0x8b,
+ 0xbf, 0xca, 0xdc, 0x0c, 0xfb, 0xc5, 0x01, 0xe4, 0x0b, 0xcc, 0x9b, 0x05,
+ 0xbf, 0x16, 0x05, 0xff, 0x2b, 0xd8, 0x20, 0xbc, 0xe2, 0xd8, 0xa0, 0x4c,
+ 0xcd, 0x4f, 0xc3, 0xe7, 0x3b, 0xbd, 0x1d, 0x82, 0xf8, 0x6c, 0xce, 0x6f,
+ 0x62, 0x05, 0x37, 0x9c, 0xb8, 0x26, 0x6a, 0x9f, 0x76, 0xcc, 0x97, 0xac,
+ 0x1d, 0x8b, 0xde, 0x9b, 0x20, 0x52, 0x29, 0x3d, 0x96, 0x01, 0x31, 0x56,
+ 0x4a, 0xea, 0x14, 0xf1, 0xdd, 0x2f, 0x6b, 0x91, 0x46, 0x58, 0x0d, 0xa8,
+ 0xff, 0xcc, 0x4f, 0x95, 0xbc, 0x2e, 0x18, 0x9e, 0x55, 0xfc, 0x27, 0x6a,
+ 0x15, 0x64, 0x68, 0x33, 0x5f, 0xa9, 0xda, 0xe4, 0x10, 0xe1, 0x41, 0x3b,
+ 0x59, 0xd7, 0x61, 0x5c, 0xa4, 0x7b, 0x3d, 0x28, 0x09, 0x59, 0x45, 0x65,
+ 0x68, 0xe9, 0xc8, 0x09, 0x13, 0xa3, 0x61, 0xac, 0xba, 0x98, 0x6d, 0x98,
+ 0xe3, 0x03, 0xa1, 0xe6, 0xf3, 0x5f, 0xb0, 0x1e, 0x72, 0x0b, 0x46, 0xc8,
+ 0x51, 0x26, 0xbf, 0xf9, 0x3e, 0x55, 0xc0, 0x9b, 0x7e, 0x09, 0x63, 0x85,
+ 0x92, 0x18, 0xf2, 0xf4, 0x17, 0x2e, 0x7d, 0x05, 0x99, 0x5e, 0x1d, 0xb2,
+ 0x3e, 0xad, 0x68, 0x29, 0x6d, 0x21, 0xe9, 0xb1, 0x38, 0xd5, 0x3e, 0xcc,
+ 0x5f, 0xe5, 0xd1, 0x16, 0xa8, 0x33, 0x4f, 0xbc, 0x28, 0x21, 0x14, 0x38,
+ 0xdd, 0x45, 0x0d, 0xa7, 0x00, 0x41, 0x5d, 0x5f, 0x98, 0x42, 0x7c, 0x54,
+ 0x16, 0x4f, 0x25, 0xf1, 0x46, 0x76, 0xe4, 0x67, 0x58, 0x5b, 0x65, 0x73,
+ 0xdf, 0xfd, 0x1c, 0x52, 0x61, 0x4d, 0x95, 0xb7, 0x78, 0x47, 0x50, 0x2d,
+ 0xc9, 0xab, 0x14, 0x1c, 0xae, 0x9c, 0xdc, 0x17, 0xdd, 0xcc, 0xe2, 0x5c,
+ 0x03, 0x0e, 0xe0, 0x2a, 0x81, 0xf0, 0xa7, 0xb9, 0x23, 0x21, 0x04, 0xbe,
+ 0x5c, 0xc9, 0x55, 0x58, 0x17, 0x26, 0x0c, 0xb4, 0x52, 0x24, 0xb7, 0x5a,
+ 0xb7, 0x0d, 0x7b, 0xfe, 0xe9, 0xd3, 0xda, 0x16, 0x43, 0xfa, 0x3b, 0xb3,
+ 0xa1, 0x3e, 0x48, 0xe1, 0x68, 0xf5, 0x51, 0xb1, 0xf3, 0x62, 0x06, 0x93,
+ 0x26, 0xe8, 0xa2, 0x9d, 0x9a, 0x7d, 0xf7, 0xa2, 0x8f, 0xe0, 0xe7, 0xa9,
+ 0x6e, 0xa3, 0xce, 0x7f, 0xfb, 0x94, 0x56, 0xc8, 0x2d, 0x6b, 0xcd, 0x2f,
+ 0xa0, 0x1f, 0x9b, 0x7b, 0x7a, 0xd4, 0x35, 0xe6, 0xa0, 0xa9, 0x09, 0x1b,
+ 0x7c, 0x89, 0xc0, 0xd1, 0xd1, 0x34, 0x99, 0x59, 0xb5, 0x6b, 0xb3, 0x29,
+ 0x54, 0xbf, 0xf0, 0xe7, 0x81, 0xee, 0x86, 0x28, 0x6e, 0x68, 0xb2, 0x22,
+ 0xc2, 0x08, 0x84, 0xb7, 0x12, 0xfc, 0x14, 0x55, 0x61, 0xea, 0x36, 0x59,
+ 0x51, 0x14, 0x28, 0x21, 0x30, 0xc3, 0x87, 0x91, 0xad, 0x1b, 0x9d, 0x50,
+ 0x53, 0xf8, 0x1e, 0x2c, 0x90, 0x14, 0x54, 0x67, 0xcf, 0x39, 0x76, 0x4d,
+ 0xfb, 0x4c, 0x7e, 0x0c, 0x3d, 0xa5, 0x79, 0x8c, 0x03, 0x72, 0xcb, 0xf3,
+ 0xd0, 0x2f, 0x20, 0xc3, 0xc0, 0x00, 0x38, 0x90, 0x1d, 0x9f, 0x97, 0xd6,
+ 0xc2, 0x5c, 0xc8, 0xb5, 0x86, 0x94, 0x30, 0x9d, 0x7a, 0x06, 0xb4, 0x4d,
+ 0x40, 0x04, 0xa4, 0x67, 0xb1, 0x12, 0x38, 0xf9, 0x77, 0x45, 0xc0, 0x57,
+ 0x4c, 0xc3, 0x24, 0x96, 0xf6, 0xf0, 0x99, 0x97, 0x50, 0x2e, 0x78, 0xe3,
+ 0x61, 0x93, 0x32, 0x33, 0x43, 0x6c, 0x2b, 0x38, 0xa2, 0xd3, 0xe3, 0xc5,
+ 0xe1, 0x8a, 0xe1, 0xa5, 0x9a, 0x59, 0xa0, 0xdc, 0x49, 0x9c, 0x81, 0x69,
+ 0x24, 0x0b, 0xc6, 0xf7, 0x4e, 0x8c, 0xc7, 0x66, 0xd5, 0x98, 0xc1, 0x88,
+ 0x63, 0xa9, 0xeb, 0x4d, 0xaa, 0x9c, 0x6c, 0xfe, 0xb1, 0x3b, 0x69, 0x47,
+ 0x99, 0xc1, 0xbd, 0x8a, 0x4c, 0xf7, 0xad, 0x9c, 0x54, 0x5b, 0xca, 0x99,
+ 0x23, 0x3b, 0xef, 0x25, 0x77, 0xa1, 0x0f, 0x0a, 0x1c, 0xf9, 0x08, 0x7e,
+ 0xee, 0x26, 0xd8, 0x4d, 0x14, 0xc7, 0x62, 0xb9, 0x44, 0xb6, 0xbb, 0x3c,
+ 0xaa, 0x3b, 0x22, 0x48, 0xfb, 0x8e, 0x3b, 0xed, 0x08, 0x3d, 0x89, 0x9b,
+ 0xf8, 0x44, 0xca, 0xfa, 0x26, 0x78, 0x29, 0xde, 0xd6, 0xf1, 0x7b, 0x59,
+ 0x5a, 0xe6, 0xd1, 0x24, 0x27, 0x11, 0xd6, 0x7d, 0x07, 0x49, 0xdd, 0xff,
+ 0x6d, 0x62, 0x5b, 0x9d, 0x12, 0x81, 0x00, 0xd7, 0xda, 0x00, 0xfb, 0xf7,
+ 0x4f, 0x2d, 0xf4, 0x64, 0xf1, 0xfb, 0x07, 0x23, 0x97, 0xe9, 0x0b, 0x22,
+ 0x9a, 0x3d, 0xf6, 0x87, 0xd8, 0x23, 0xf8, 0x54, 0x36, 0xa0, 0xab, 0xb8,
+ 0x99, 0x8b, 0x83, 0x98, 0x67, 0x33, 0x79, 0x2f, 0x60, 0x99, 0x16, 0x26,
+ 0x50, 0xfc, 0x9d, 0xea, 0xdc, 0x92, 0xf4, 0x7c, 0x44, 0xef, 0xed, 0x23,
+ 0x5e, 0x11, 0x0c, 0x6a, 0xc9, 0xf5, 0x9b, 0x64, 0x65, 0x58, 0x34, 0xc0,
+ 0x18, 0xc2, 0x3c, 0xf4, 0x4f, 0x5c, 0x06, 0x71, 0x59, 0xa9, 0xcd, 0xad,
+ 0x8b, 0xfd, 0x93, 0x05, 0xfc, 0x48, 0x92, 0xa2, 0xed, 0x9d, 0xa5, 0x89,
+ 0x29, 0x35, 0x76, 0x16, 0x2a, 0x69, 0xeb, 0x0c, 0xef, 0xe6, 0x90, 0xa8,
+ 0x18, 0x8b, 0x7e, 0x0e, 0x2c, 0xed, 0x34, 0x37, 0x23, 0xc3, 0x24, 0x7b,
+ 0x67, 0x53, 0x84, 0xbe, 0x5c, 0xe9, 0x8c, 0x37, 0x8e, 0x0e, 0x53, 0xb9,
+ 0xaa, 0x60, 0x64, 0x5e, 0x67, 0x88, 0x88, 0x72, 0x27, 0xb6, 0x8a, 0x72,
+ 0x44, 0xdf, 0xe1, 0x69, 0xb7, 0x1c, 0x35, 0x79, 0xce, 0xab, 0x3a, 0x04,
+ 0x60, 0xa3, 0x60, 0xd8, 0x84, 0x81, 0x61, 0xbc, 0x95, 0xc6, 0x9d, 0x3f,
+ 0x7d, 0xbd, 0x4b, 0x1d, 0x40, 0x35, 0x97, 0x6f, 0xd9, 0x0c, 0x51, 0xa7,
+ 0xac, 0x5b, 0xe8, 0xa1, 0xa8, 0x9b, 0x4e, 0x3c, 0x88, 0x29, 0x23, 0xca,
+ 0x83, 0x1a, 0xc4, 0x5c, 0xec, 0x13, 0x1a, 0x07, 0x5d, 0xf3, 0x58, 0xa6,
+ 0x17, 0x1c, 0x09, 0xca, 0x5f, 0x14, 0x47, 0xf6, 0x94, 0x2f, 0xe8, 0x98,
+ 0x31, 0x51, 0xbe, 0x32, 0xaa, 0x8c, 0xb0, 0x79, 0x88, 0xfa, 0xa3, 0x9c,
+ 0xcc, 0xc1, 0xf6, 0x25, 0xa9, 0x5d, 0xa1, 0x46, 0xf1, 0x30, 0xd0, 0x41,
+ 0xf9, 0x5e, 0xca, 0x28, 0x06, 0x3c, 0xce, 0xb2, 0x40, 0xe3, 0xaf, 0x5e,
+ 0x53, 0x0e, 0xfc, 0x94, 0x9d, 0x6d, 0xc1, 0x90, 0x24, 0x00, 0x31, 0xcf,
+ 0x8d, 0x4a, 0xce, 0x81, 0xac, 0xe0, 0x88, 0x2e, 0xf0, 0x13, 0xac, 0x3c,
+ 0x48, 0xde, 0x0f, 0xdd, 0xc3, 0xcd, 0xa2, 0xc0, 0x5d, 0x67, 0x33, 0x2a,
+ 0xf8, 0x93, 0x25, 0x95, 0x76, 0x5f, 0x0c, 0xfc, 0x88, 0x4d, 0x9d, 0x99,
+ 0x69, 0x66, 0x89, 0xfe, 0x09, 0xb5, 0x78, 0xae, 0xa0, 0x22, 0x1e, 0x41,
+ 0xdc, 0xad, 0x8a, 0xef, 0x89, 0x74, 0x96, 0xc5, 0x83, 0x08, 0xe4, 0xec,
+ 0xb0, 0xaf, 0xd9, 0xdb, 0x83, 0x42, 0xea, 0x96, 0xf4, 0x3b, 0xa2, 0x9a,
+ 0x73, 0x04, 0x99, 0x59, 0xfe, 0x21, 0x35, 0xdc, 0xb3, 0xe8, 0x81, 0x5a,
+ 0xe5, 0x4e, 0x51, 0x9c, 0xc6, 0x5d, 0x81, 0xae, 0x00, 0x0a, 0xee, 0xbf,
+ 0xa2, 0x4d, 0xdf, 0xec, 0xcd, 0x86, 0x62, 0x9b, 0xd3, 0xee, 0x58, 0x8e,
+ 0x69, 0x0c, 0x7f, 0x83, 0xfc, 0xf1, 0x19, 0xde, 0x05, 0x81, 0x3d, 0xe0,
+ 0x46, 0x95, 0xaf, 0x39, 0x13, 0xbf, 0xac, 0xa0, 0x71, 0x00, 0xeb, 0xb8,
+ 0x92, 0xe7, 0x92, 0x86, 0x29, 0xf8, 0x78, 0x02, 0x19, 0xc5, 0x72, 0xe1,
+ 0x8f, 0xce, 0x62, 0x2a, 0x7b, 0x0f, 0xef, 0xa1, 0x79, 0xbf, 0xf9, 0x51,
+ 0x01, 0xc4, 0x3d, 0xbf, 0xbd, 0xcd, 0xf3, 0x62, 0x97, 0xf9, 0x68, 0x9c,
+ 0xb8, 0x60, 0x6d, 0xb3, 0x75, 0xb3, 0x41, 0xff, 0xb2, 0x94, 0x67, 0x6f,
+ 0x74, 0xbb, 0xaa, 0x3a, 0x41, 0x56, 0x0a, 0x16, 0x8c, 0xd9, 0xc5, 0xa6,
+ 0x22, 0x0d, 0xb5, 0x1e, 0x31, 0xf2, 0x87, 0xe3, 0xed, 0x3d, 0x5a, 0x38,
+ 0x59, 0x4f, 0x35, 0x99, 0xfe, 0x60, 0x94, 0xe2, 0x40, 0x90, 0xe3, 0x08,
+ 0x16, 0x8a, 0x19, 0x65, 0x3e, 0x1e, 0x16, 0x30, 0xe5, 0xba, 0x5e, 0x84,
+ 0xef, 0x76, 0x4a, 0x0e, 0x4e, 0x44, 0xd9, 0x3b, 0x6f, 0xb1, 0xe5, 0x89,
+ 0xf0, 0x7b, 0x09, 0x02, 0x8e, 0x61, 0xe9, 0xfd, 0xcb, 0x8f, 0x24, 0x90,
+ 0xde, 0x3c, 0x0d, 0xad, 0x1c, 0xa5, 0x28, 0xcf, 0x45, 0xf0, 0x12, 0x3e,
+ 0x64, 0x7f, 0x55, 0xa4, 0x21, 0x54, 0xff, 0x15, 0x07, 0xfe, 0xd0, 0x98,
+ 0x24, 0x0f, 0xf6, 0xe2, 0xa4, 0x51, 0x34, 0xdf, 0x14, 0x8e, 0x09, 0xaf,
+ 0x51, 0xe9, 0xa0, 0xb5, 0x59, 0x98, 0x07, 0x93, 0xfe, 0xb9, 0x57, 0x30,
+ 0x33, 0x68, 0xc7, 0xe9, 0x38, 0x61, 0xe1, 0x22, 0x3c, 0x1b, 0xac, 0x68,
+ 0x75, 0x51, 0x34, 0xcc, 0x74, 0x35, 0x1b, 0xc0, 0x2c, 0xaa, 0xf1, 0xd5,
+ 0xfe, 0x2e, 0x5f, 0x88, 0x59, 0x28, 0x5a, 0xfe, 0x70, 0x22, 0xb4, 0xfc,
+ 0x73, 0xe2, 0x62, 0x07, 0xd2, 0x8f, 0xbc, 0x5d, 0x1f, 0x61, 0xbb, 0xf2,
+ 0x2f, 0xc2, 0x21, 0x09, 0x58, 0x60, 0x22, 0x72, 0x92, 0xca, 0x04, 0xf8,
+ 0x56, 0x4e, 0x76, 0xec, 0xc4, 0x03, 0x33, 0xe1, 0x4b, 0xaa, 0x2e, 0x71,
+ 0x17, 0x2d, 0x71, 0xd3, 0x29, 0xf2, 0x78, 0x0f, 0xe7, 0xdf, 0x9f, 0xb1,
+ 0x75, 0x96, 0x17, 0x5f, 0xc0, 0x77, 0x3d, 0x6d, 0x50, 0xd1, 0x50, 0x40,
+ 0x1a, 0x17, 0xae, 0x93, 0xdd, 0x0f, 0x93, 0xa9, 0xb0, 0x9b, 0xc2, 0xab,
+ 0x7d, 0xa2, 0x8a, 0xf0, 0xe9, 0xc2, 0x5d, 0xc8, 0x33, 0xe5, 0xd9, 0x51,
+ 0xfc, 0x51, 0x5f, 0x26, 0x10, 0x15, 0x89, 0x12, 0x35, 0x42, 0xb3, 0x7a,
+ 0x10, 0x98, 0x69, 0xfa, 0xa2, 0xa0, 0x86, 0xa7, 0x25, 0x7d, 0x51, 0xcf,
+ 0xc3, 0xb3, 0x95, 0xfc, 0x96, 0x9f, 0x60, 0x42, 0x8c, 0x6c, 0x97, 0x18,
+ 0x0c, 0xfb, 0x49, 0xb7, 0x61, 0x25, 0xb8, 0xb1, 0xc9, 0x87, 0xf3, 0xf0,
+ 0xc5, 0xa1, 0x3d, 0x90, 0x24, 0xe5, 0xca, 0xe1, 0x0f, 0x6a, 0x76, 0x74,
+ 0xd5, 0x6f, 0x0e, 0x07, 0xdf, 0x0c, 0xeb, 0x0a, 0xb9, 0xfe, 0xd2, 0xa0,
+ 0xf5, 0x6d, 0x1d, 0xe1, 0xaa, 0x3a, 0xb8, 0x39, 0x30, 0x52, 0x8d, 0xe0,
+ 0x4e, 0x4e, 0xa0, 0x0e, 0x85, 0x1a, 0xdd, 0x0f, 0x14, 0xff, 0x8a, 0x6c,
+ 0x7b, 0x9c, 0xf2, 0x58, 0x6a, 0x62, 0x15, 0x39, 0x04, 0xf8, 0x39, 0xf4,
+ 0xe2, 0xad, 0x12, 0xd7, 0x28, 0x27, 0xc5, 0x49, 0xdf, 0x18, 0x59, 0xc0,
+ 0xa7, 0xcc, 0xe5, 0x56, 0x61, 0x99, 0xce, 0x31, 0x05, 0x0b, 0x06, 0x3a,
+ 0xb0, 0x92, 0x19, 0x22, 0x67, 0x77, 0xba, 0x34, 0x97, 0xdf, 0x5f, 0x9b,
+ 0x6e, 0xac, 0x44, 0xb6, 0xd1, 0x57, 0xac, 0xa1, 0x2b, 0x5e, 0xf1, 0x27,
+ 0x58, 0xba, 0xfe, 0x05, 0xd7, 0x41, 0xa6, 0x88, 0xc6, 0xbc, 0x93, 0xff,
+ 0x2a, 0x62, 0x0b, 0x35, 0x1b, 0xb9, 0xd9, 0x2d, 0x02, 0xc2, 0x41, 0xdc,
+ 0x8c, 0x7b, 0x9e, 0xda, 0xfd, 0xb3, 0x36, 0x1f, 0xc4, 0x26, 0xcb, 0x75,
+ 0xec, 0xcd, 0xc5, 0xe7, 0xb3, 0x1e, 0x2f, 0x30, 0x17, 0x22, 0x95, 0x7b,
+ 0xdd, 0xfe, 0xa9, 0xe7, 0x63, 0x3b, 0xb0, 0xcc, 0x4d, 0x8a, 0x46, 0x70,
+ 0x77, 0xbf, 0xe6, 0x2e, 0x3f, 0xd6, 0x1f, 0xe9, 0x86, 0xf2, 0x63, 0x09,
+ 0x0b, 0xa0, 0xc4, 0xfa, 0x08, 0x65, 0x99, 0x5d, 0x79, 0x4c, 0x11, 0xe6,
+ 0x3f, 0xd7, 0x94, 0xc3, 0x41, 0x0c, 0x47, 0xc0, 0x64, 0xe2, 0xdc, 0x88,
+ 0x20, 0x50, 0x25, 0xc9, 0x4b, 0xae, 0x06, 0x24, 0x4c, 0xaf, 0x33, 0x26,
+ 0x62, 0xe2, 0xf9, 0xaf, 0xcf, 0x48, 0xe1, 0x16, 0xaa, 0x64, 0x01, 0x70,
+ 0xd8, 0xc3, 0xef, 0x01, 0x6a, 0x64, 0xf0, 0xf5, 0x4a, 0xd0, 0xdd, 0x21,
+ 0xd5, 0x57, 0x28, 0x65, 0x3b, 0x04, 0x3e, 0xc9, 0x94, 0x59, 0x42, 0xac,
+ 0x9b, 0xdf, 0x4e, 0x33, 0xae, 0xd1, 0xda, 0xfc, 0xf3, 0xe6, 0xa1, 0x4a,
+ 0xb4, 0xa4, 0x24, 0x57, 0x5a, 0x34, 0x6f, 0x6f, 0x94, 0xe9, 0x88, 0x42,
+ 0xc5, 0x0d, 0xdf, 0x42, 0x44, 0x08, 0x7b, 0x99, 0x69, 0x59, 0xb6, 0x54,
+ 0x67, 0x7d, 0x83, 0xb8, 0xea, 0x53, 0x9b, 0x1c, 0xb2, 0xd7, 0x44, 0x20,
+ 0x30, 0xb3, 0x72, 0x10, 0x86, 0x87, 0x82, 0x58, 0xb4, 0xf4, 0x08, 0xd1,
+ 0xd9, 0x8a, 0x84, 0xcc, 0xb0, 0x3a, 0xf1, 0xde, 0x24, 0x16, 0x18, 0x7e,
+ 0xd0, 0x92, 0xb8, 0x72, 0x15, 0x08, 0x0c, 0xac, 0xa1, 0x96, 0x24, 0xcf,
+ 0x47, 0x31, 0x3b, 0xc7, 0x28, 0x11, 0xf0, 0x42, 0xe6, 0x40, 0x63, 0xa9,
+ 0xeb, 0xff, 0x80, 0x58, 0x0f, 0xee, 0x4e, 0xc5, 0xc0, 0xe9, 0xb5, 0xc2,
+ 0x18, 0x71, 0x97, 0xfe, 0x1a, 0x53, 0x93, 0xe4, 0x77, 0x92, 0x25, 0xa4,
+ 0x27, 0x03, 0xf6, 0x64, 0xf1, 0x63, 0x37, 0x7b, 0xb7, 0x3a, 0xe2, 0xcb,
+ 0x0c, 0x83, 0x0b, 0x52, 0x3f, 0xee, 0x41, 0x9a, 0x55, 0x8e, 0x85, 0x4a,
+ 0x23, 0x64, 0xea, 0x68, 0xe8, 0x5e, 0xd7, 0xf3, 0x9e, 0xbc, 0x6d, 0x78,
+ 0xba, 0xd2, 0xe5, 0xe8, 0x35, 0xfa, 0x74, 0x0f, 0x33, 0x2a, 0x0e, 0xcc,
+ 0xb2, 0x01, 0xaf, 0x53, 0x04, 0x70, 0x8a, 0xdd, 0x9e, 0x95, 0xcb, 0x3a,
+ 0x81, 0x25, 0x2f, 0x77, 0xb4, 0x31, 0xc7, 0x0b, 0x14, 0xc4, 0xd6, 0x20,
+ 0xa7, 0x80, 0xb1, 0xd5, 0x3d, 0x90, 0x04, 0xaf, 0x59, 0x20, 0xac, 0x6c,
+ 0x5e, 0xfc, 0xda, 0x7f, 0x9e, 0x70, 0x08, 0xe2, 0x5c, 0x02, 0x9c, 0x95,
+ 0x7d, 0xf9, 0xab, 0x2c, 0x15, 0x90, 0xc6, 0xab, 0x49, 0x21, 0x74, 0xcb,
+ 0x93, 0xb0, 0x44, 0x03, 0xfa, 0xc5, 0x35, 0x54, 0xb3, 0x4e, 0x10, 0x25,
+ 0x25, 0x94, 0x7d, 0x45, 0x74, 0xb5, 0x58, 0x85, 0xac, 0xb2, 0xc2, 0xd7,
+ 0xb5, 0xbe, 0xf0, 0xc8, 0x53, 0xdc, 0x62, 0xf8, 0x9b, 0x88, 0x98, 0xa7,
+ 0xda, 0x5a, 0x83, 0x22, 0xe4, 0x26, 0x83, 0x45, 0x41, 0x6f, 0x42, 0x61,
+ 0xcb, 0xc0, 0x89, 0x56, 0x2a, 0xef, 0x1f, 0xbb, 0xb2, 0xc9, 0xa1, 0xc8,
+ 0x16, 0x2d, 0x43, 0xc1, 0x13, 0x29, 0x76, 0xfa, 0x64, 0x4e, 0xe0, 0x66,
+ 0x5a, 0x9d, 0x35, 0x8f, 0x42, 0xd4, 0xe6, 0xea, 0x1d, 0xaf, 0x63, 0x73,
+ 0xb3, 0xff, 0x62, 0xd3, 0xdb, 0x60, 0x01, 0x7b, 0xf9, 0x03, 0xf2, 0x89,
+ 0x29, 0xe8, 0x48, 0xac, 0x2a, 0x71, 0x71, 0xdc, 0x80, 0xb1, 0x96, 0x5e,
+ 0xdd, 0x23, 0xea, 0xac, 0x44, 0xbc, 0xf3, 0x70, 0xf4, 0x40, 0x92, 0x94,
+ 0x8a, 0x89, 0x27, 0x02, 0xe7, 0x7f, 0x59, 0x27, 0x12, 0x11, 0xf1, 0x14,
+ 0x2d, 0x1c, 0x35, 0x89, 0xd6, 0xca, 0xa7, 0xe5, 0xba, 0x3c, 0x2b, 0x91,
+ 0x50, 0x2f, 0x87, 0x1f, 0x89, 0x12, 0x3e, 0x7e, 0x69, 0x47, 0x1e, 0x86,
+ 0xaf, 0x4d, 0xe6, 0x27, 0x04, 0x11, 0x61, 0x15, 0xdd, 0x0f, 0xe0, 0xe6,
+ 0x3f, 0x9f, 0x83, 0x13, 0x52, 0x41, 0x72, 0xba, 0x9e, 0xe2, 0x2e, 0x9c,
+ 0x98, 0xf5, 0x16, 0x17, 0x2a, 0xa7, 0xe5, 0x74, 0x26, 0x93, 0x88, 0xda,
+ 0x7f, 0x9b, 0x2e, 0x38, 0x4c, 0x73, 0x86, 0x98, 0xc6, 0xef, 0xb6, 0x34,
+ 0x02, 0x8c, 0x70, 0xbe, 0x81, 0x02, 0x3a, 0xa0, 0xb7, 0x33, 0x40, 0x6a,
+ 0x7b, 0x2c, 0xe6, 0xdc, 0x00, 0xb6, 0x86, 0x83, 0xbd, 0x8b, 0x75, 0xff,
+ 0xaa, 0xa0, 0x4a, 0x14, 0xf2, 0xed, 0xd0, 0xa3, 0xe3, 0x46, 0x1f, 0x63,
+ 0x04, 0xe6, 0xd5, 0x35, 0x14, 0xb2, 0xf4, 0x49, 0x06, 0x92, 0x94, 0x01,
+ 0x29, 0x32, 0x35, 0x43, 0x98, 0xdd, 0xc9, 0x58, 0x16, 0x19, 0x38, 0x7f,
+ 0xf1, 0x03, 0x0e, 0x9b, 0xfc, 0xc9, 0xaf, 0x4a, 0xee, 0x58, 0x66, 0xd0,
+ 0x8b, 0x34, 0x49, 0xfe, 0x4b, 0x08, 0xf2, 0xbe, 0xdb, 0x6e, 0x9c, 0xe8,
+ 0x1d, 0x99, 0xdd, 0xfc, 0x3b, 0x29, 0x95, 0x90, 0x58, 0xd7, 0x6f, 0x1a,
+ 0x07, 0x2d, 0x18, 0xee, 0x05, 0x15, 0x23, 0x3b, 0xce, 0x1f, 0xdf, 0x97,
+ 0x1c, 0x95, 0x29, 0xf2, 0x07, 0x7c, 0x5c, 0x3a, 0x3e, 0x1b, 0x4c, 0x0e,
+ 0xde, 0x8e, 0x59, 0x72, 0x82, 0x00, 0xd7, 0x26, 0x4b, 0xb7, 0x2f, 0xb0,
+ 0x8e, 0x19, 0x53, 0xdf, 0xf6, 0x58, 0xbe, 0x0d, 0xd1, 0x0c, 0x59, 0x2c,
+ 0xf0, 0xe0, 0xb7, 0xdf, 0x82, 0x90, 0x11, 0x26, 0x02, 0x08, 0x3e, 0xb4,
+ 0x50, 0x48, 0x75, 0x5e, 0x54, 0x29, 0xff, 0x2b, 0x70, 0xa4, 0x16, 0x10,
+ 0xcc, 0x3e, 0x40, 0x3c, 0xf0, 0xda, 0x54, 0xe6, 0x36, 0x0c, 0x5a, 0xde,
+ 0x12, 0x82, 0x4f, 0x1d, 0xa8, 0x58, 0x1c, 0xc3, 0x99, 0x6f, 0x1b, 0x53,
+ 0x91, 0x3e, 0xb8, 0xbf, 0x3b, 0x37, 0x66, 0xa7, 0xff, 0xe6, 0x46, 0x60,
+ 0x72, 0xc3, 0x6e, 0x56, 0xc0, 0x36, 0x66, 0x2e, 0x6d, 0xf8, 0x33, 0xfa,
+ 0x23, 0xfa, 0xff, 0x55, 0xa2, 0x4b, 0xb6, 0xc1, 0x2b, 0x8d, 0xc1, 0x9f,
+ 0x3c, 0xf2, 0xb2, 0x66, 0xd6, 0x66, 0x0f, 0x53, 0x75, 0x5f, 0x69, 0x7f,
+ 0xc9, 0x33, 0xce, 0x3b, 0x86, 0x43, 0x0f, 0x92, 0xdc, 0x2d, 0xb6, 0xcc,
+ 0x3a, 0x5d, 0xbb, 0xe8, 0xc5, 0x0c, 0x41, 0x44, 0x75, 0xb3, 0xdd, 0xf1,
+ 0x34, 0x8b, 0xc1, 0x37, 0x1f, 0xfc, 0x18, 0x5a, 0x2d, 0x78, 0x13, 0x13,
+ 0xff, 0x75, 0x70, 0x18, 0x86, 0x5a, 0x60, 0xc3, 0xd2, 0x9d, 0xeb, 0xe7,
+ 0x59, 0xd8, 0x3b, 0xc9, 0x5d, 0xe7, 0x32, 0xbb, 0x43, 0x59, 0xc8, 0x99,
+ 0xf4, 0xa3, 0x07, 0x8c, 0x0e, 0xa1, 0x99, 0x57, 0x6a, 0x5c, 0x7f, 0xcd,
+ 0xa6, 0x63, 0x38, 0x7d, 0xcf, 0xb8, 0x27, 0xf1, 0xc5, 0x3d, 0x38, 0xf9,
+ 0xc5, 0x6b, 0xba, 0x18, 0xb5, 0xb2, 0x08, 0x70, 0x92, 0xe6, 0xe1, 0xd9,
+ 0x1b, 0xa5, 0xec, 0x83, 0xb2, 0x12, 0x5f, 0x73, 0x31, 0x08, 0xf2, 0x70,
+ 0x8f, 0xb2, 0x40, 0xd6, 0xef, 0x19, 0x8f, 0x78, 0xa2, 0x05, 0xaa, 0x48,
+ 0xad, 0x84, 0xb6, 0x0a, 0x19, 0x2e, 0x6f, 0x22, 0x9a, 0x3d, 0x8a, 0x80,
+ 0x49, 0xfe, 0xff, 0xa0, 0xec, 0x99, 0xdb, 0x89, 0x38, 0x60, 0xf5, 0x56,
+ 0x4d, 0x03, 0x20, 0x0c, 0x96, 0x04, 0xfc, 0x63, 0xbd, 0xa4, 0x59, 0xab,
+ 0x1e, 0x43, 0x84, 0x04, 0xd8, 0x42, 0xe1, 0xc8, 0x03, 0xbd, 0x0e, 0x52,
+ 0x36, 0xa1, 0x00, 0xfe, 0xc0, 0x42, 0xf9, 0x47, 0x1f, 0x98, 0xde, 0x39,
+ 0x1e, 0xd0, 0x85, 0xdb, 0x70, 0x8e, 0x06, 0x39, 0xb0, 0x09, 0x2a, 0xb9,
+ 0xb9, 0xa8, 0x50, 0x28, 0x1a, 0x26, 0x05, 0x7f, 0xdc, 0x56, 0xcf, 0x63,
+ 0xf6, 0x0b, 0xfb, 0x46, 0x0f, 0x6d, 0x00, 0xec, 0x22, 0xa8, 0xe2, 0x21,
+ 0x5e, 0xfd, 0x4c, 0xa2, 0xd7, 0x35, 0x37, 0xd5, 0xa7, 0xad, 0xf9, 0xf3,
+ 0x03, 0xdf, 0xf1, 0x35, 0x63, 0x25, 0xb8, 0xba, 0x23, 0xb7, 0xd2, 0xc3,
+ 0xaa, 0x4d, 0x59, 0x23, 0xc8, 0xf0, 0x64, 0x15, 0x96, 0xf5, 0xac, 0x7b,
+ 0x7e, 0x95, 0x2d, 0xf3, 0xfe, 0x9b, 0xe9, 0x5c, 0x82, 0x61, 0xe9, 0xbc,
+ 0x4f, 0x80, 0x07, 0x07, 0xb5, 0x85, 0xf8, 0x65, 0xac, 0xdf, 0xf5, 0x1b,
+ 0x8c, 0x49, 0x7d, 0x96, 0xf6, 0xd5, 0xba, 0x6e, 0x3a, 0x3c, 0x18, 0x6c,
+ 0x18, 0xa1, 0xaa, 0xfd, 0x9f, 0x56, 0x01, 0x4a, 0x96, 0xe3, 0xf7, 0x73,
+ 0x35, 0x39, 0x62, 0xcb, 0x74, 0x8c, 0x4f, 0x4b, 0x59, 0xfc, 0x42, 0x1a,
+ 0x7f, 0xe2, 0x12, 0x44, 0x26, 0xbb, 0x4e, 0xd5, 0xef, 0xda, 0x1d, 0xbe,
+ 0xe5, 0x57, 0x94, 0x01, 0x49, 0xd7, 0xe7, 0xd6, 0x37, 0xf2, 0x01, 0xaa,
+ 0xeb, 0x45, 0x52, 0x93, 0xec, 0x0f, 0xd2, 0xa1, 0x10, 0xa1, 0x63, 0x06,
+ 0xdc, 0xb6, 0xf7, 0xb9, 0x27, 0x5f, 0x34, 0x66, 0xba, 0xfc, 0x49, 0x66,
+ 0x75, 0x7c, 0xc1, 0xcf, 0xdc, 0xf2, 0x28, 0x5c, 0x62, 0x7e, 0x93, 0x99,
+ 0xbf, 0x1c, 0x27, 0x50, 0x71, 0x96, 0x9b, 0xbc, 0xd6, 0xea, 0x12, 0x18,
+ 0x26, 0x70, 0x76, 0x89, 0xa3, 0x05, 0x2b, 0x2f, 0x40, 0x59, 0x5c, 0x64,
+ 0x6c, 0xad, 0xec, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x02, 0x0a, 0x11, 0x1a, 0x21, 0x2b};
diff --git a/src/crypto/fipsmodule/mldsa/mldsa.cc.inc b/src/crypto/fipsmodule/mldsa/mldsa.cc.inc
index 0024010..e89d87c 100644
--- a/src/crypto/fipsmodule/mldsa/mldsa.cc.inc
+++ b/src/crypto/fipsmodule/mldsa/mldsa.cc.inc
@@ -30,6 +30,12 @@
namespace mldsa {
namespace {
+namespace fips {
+void ensure_keygen_self_test();
+void ensure_sign_self_test();
+void ensure_verify_self_test();
+} // namespace fips
+
constexpr int kDegree = 256;
constexpr int kRhoBytes = 32;
constexpr int kSigmaBytes = 64;
@@ -1397,7 +1403,7 @@
// FIPS 204, Algorithm 6 (`ML-DSA.KeyGen_internal`). Returns 1 on success and 0
// on failure.
template <int K, int L>
-int mldsa_generate_key_external_entropy(
+int mldsa_generate_key_external_entropy_no_self_test(
uint8_t out_encoded_public_key[public_key_bytes<K>()],
struct private_key<K, L> *priv,
const uint8_t entropy[BCM_MLDSA_SEED_BYTES]) {
@@ -1461,6 +1467,16 @@
}
template <int K, int L>
+int mldsa_generate_key_external_entropy(
+ uint8_t out_encoded_public_key[public_key_bytes<K>()],
+ struct private_key<K, L> *priv,
+ const uint8_t entropy[BCM_MLDSA_SEED_BYTES]) {
+ fips::ensure_keygen_self_test();
+ return mldsa_generate_key_external_entropy_no_self_test(
+ out_encoded_public_key, priv, entropy);
+}
+
+template <int K, int L>
int mldsa_public_from_private(struct public_key<K> *pub,
const struct private_key<K, L> *priv) {
// Intermediate values, allocated on the heap to allow use when there is a
@@ -1499,7 +1515,7 @@
// FIPS 204, Algorithm 7 (`ML-DSA.Sign_internal`). Returns 1 on success and 0
// on failure.
template <int K, int L>
-int mldsa_sign_internal(
+int mldsa_sign_internal_no_self_test(
uint8_t out_encoded_signature[signature_bytes<K>()],
const struct private_key<K, L> *priv, const uint8_t *msg, size_t msg_len,
const uint8_t *context_prefix, size_t context_prefix_len,
@@ -1605,6 +1621,11 @@
if (constant_time_declassify_w(
constant_time_ge_w(z_max, gamma1<K>() - beta<K>()) |
constant_time_ge_w(r0_max, kGamma2 - beta<K>()))) {
+#if defined(BORINGSSL_FIPS_BREAK_TESTS)
+ // In order to show that our self-tests trigger both restart cases in
+ // this loop, printf-logging is added when built in break-test mode.
+ printf("MLDSA signature restart case 1.\n");
+#endif
continue;
}
@@ -1618,6 +1639,11 @@
size_t h_ones = vector_count_ones(&values->sign.h);
if (constant_time_declassify_w(constant_time_ge_w(ct0_max, kGamma2) |
constant_time_lt_w(omega<K>(), h_ones))) {
+#if defined(BORINGSSL_FIPS_BREAK_TESTS)
+ // In order to show that our self-tests trigger both restart cases in
+ // this loop, printf-logging is added when built in break-test mode.
+ printf("MLDSA signature restart case 2.\n");
+#endif
continue;
}
@@ -1637,14 +1663,26 @@
}
}
+template <int K, int L>
+int mldsa_sign_internal(
+ uint8_t out_encoded_signature[signature_bytes<K>()],
+ const struct private_key<K, L> *priv, const uint8_t *msg, size_t msg_len,
+ const uint8_t *context_prefix, size_t context_prefix_len,
+ const uint8_t *context, size_t context_len,
+ const uint8_t randomizer[BCM_MLDSA_SIGNATURE_RANDOMIZER_BYTES]) {
+ fips::ensure_sign_self_test();
+ return mldsa_sign_internal_no_self_test(
+ out_encoded_signature, priv, msg, msg_len, context_prefix,
+ context_prefix_len, context, context_len, randomizer);
+}
+
// FIPS 204, Algorithm 8 (`ML-DSA.Verify_internal`).
template <int K, int L>
-int mldsa_verify_internal(const struct public_key<K> *pub,
- const uint8_t encoded_signature[signature_bytes<K>()],
- const uint8_t *msg, size_t msg_len,
- const uint8_t *context_prefix,
- size_t context_prefix_len, const uint8_t *context,
- size_t context_len) {
+int mldsa_verify_internal_no_self_test(
+ const struct public_key<K> *pub,
+ const uint8_t encoded_signature[signature_bytes<K>()], const uint8_t *msg,
+ size_t msg_len, const uint8_t *context_prefix, size_t context_prefix_len,
+ const uint8_t *context, size_t context_len) {
// Intermediate values, allocated on the heap to allow use when there is a
// limited amount of stack.
struct values_st {
@@ -1712,6 +1750,18 @@
OPENSSL_memcmp(c_tilde, values->sign.c_tilde, 2 * lambda_bytes<K>()) ==
0;
}
+template <int K, int L>
+int mldsa_verify_internal(const struct public_key<K> *pub,
+ const uint8_t encoded_signature[signature_bytes<K>()],
+ const uint8_t *msg, size_t msg_len,
+ const uint8_t *context_prefix,
+ size_t context_prefix_len, const uint8_t *context,
+ size_t context_len) {
+ fips::ensure_verify_self_test();
+ return mldsa_verify_internal_no_self_test<K, L>(
+ pub, encoded_signature, msg, msg_len, context_prefix, context_prefix_len,
+ context, context_len);
+}
struct private_key<6, 5> *private_key_from_external_65(
const struct BCM_mldsa65_private_key *external) {
@@ -1724,19 +1774,19 @@
return (struct private_key<6, 5> *)external;
}
-struct public_key<6> *
-public_key_from_external_65(const struct BCM_mldsa65_public_key *external) {
- static_assert(sizeof(struct BCM_mldsa65_public_key) ==
- sizeof(struct public_key<6>),
- "MLDSA65 public key size incorrect");
- static_assert(alignof(struct BCM_mldsa65_public_key) ==
- alignof(struct public_key<6>),
- "MLDSA65 public key align incorrect");
+struct public_key<6> *public_key_from_external_65(
+ const struct BCM_mldsa65_public_key *external) {
+ static_assert(
+ sizeof(struct BCM_mldsa65_public_key) == sizeof(struct public_key<6>),
+ "MLDSA65 public key size incorrect");
+ static_assert(
+ alignof(struct BCM_mldsa65_public_key) == alignof(struct public_key<6>),
+ "MLDSA65 public key align incorrect");
return (struct public_key<6> *)external;
}
-struct private_key<8, 7> *
-private_key_from_external_87(const struct BCM_mldsa87_private_key *external) {
+struct private_key<8, 7> *private_key_from_external_87(
+ const struct BCM_mldsa87_private_key *external) {
static_assert(sizeof(struct BCM_mldsa87_private_key) ==
sizeof(struct private_key<8, 7>),
"MLDSA87 private key size incorrect");
@@ -1746,17 +1796,177 @@
return (struct private_key<8, 7> *)external;
}
-struct public_key<8> *
-public_key_from_external_87(const struct BCM_mldsa87_public_key *external) {
- static_assert(sizeof(struct BCM_mldsa87_public_key) ==
- sizeof(struct public_key<8>),
- "MLDSA87 public key size incorrect");
- static_assert(alignof(struct BCM_mldsa87_public_key) ==
- alignof(struct public_key<8>),
- "MLDSA87 public key align incorrect");
+struct public_key<8> *public_key_from_external_87(
+ const struct BCM_mldsa87_public_key *external) {
+ static_assert(
+ sizeof(struct BCM_mldsa87_public_key) == sizeof(struct public_key<8>),
+ "MLDSA87 public key size incorrect");
+ static_assert(
+ alignof(struct BCM_mldsa87_public_key) == alignof(struct public_key<8>),
+ "MLDSA87 public key align incorrect");
return (struct public_key<8> *)external;
}
+namespace fips {
+
+#include "fips_known_values.inc"
+
+static int keygen_self_test() {
+ private_key<6, 5> priv;
+ uint8_t pub_bytes[BCM_MLDSA65_PUBLIC_KEY_BYTES];
+ if (!mldsa_generate_key_external_entropy_no_self_test(pub_bytes, &priv,
+ kGenerateKeyEntropy)) {
+ return 0;
+ }
+
+ uint8_t priv_bytes[BCM_MLDSA65_PRIVATE_KEY_BYTES];
+ CBB cbb;
+ CBB_init_fixed(&cbb, priv_bytes, sizeof(priv_bytes));
+ if (!mldsa_marshal_private_key(&cbb, &priv)) {
+ return 0;
+ }
+
+ static_assert(sizeof(pub_bytes) == sizeof(kExpectedPublicKey));
+ static_assert(sizeof(priv_bytes) == sizeof(kExpectedPrivateKey));
+ if (!BORINGSSL_check_test(kExpectedPublicKey, pub_bytes, sizeof(pub_bytes),
+ "ML-DSA keygen public key") ||
+ !BORINGSSL_check_test(kExpectedPrivateKey, priv_bytes, sizeof(priv_bytes),
+ "ML-DSA keygen private key")) {
+ return 0;
+ }
+
+ return 1;
+}
+
+static int sign_self_test() {
+ private_key<6, 5> priv;
+ uint8_t pub_bytes[BCM_MLDSA65_PUBLIC_KEY_BYTES];
+ if (!mldsa_generate_key_external_entropy(pub_bytes, &priv, kSignEntropy)) {
+ return 0;
+ }
+
+ const uint8_t randomizer[BCM_MLDSA_SIGNATURE_RANDOMIZER_BYTES] = {};
+ uint8_t sig[BCM_MLDSA65_SIGNATURE_BYTES];
+
+ // This message triggers the first restart case for signing.
+ uint8_t message[4] = {0};
+ if (!mldsa_sign_internal_no_self_test(sig, &priv, message, sizeof(message),
+ nullptr, 0, nullptr, 0, randomizer)) {
+ return 0;
+ }
+ static_assert(sizeof(kExpectedCase1Signature) == sizeof(sig));
+ if (!BORINGSSL_check_test(kExpectedCase1Signature, sig, sizeof(sig),
+ "ML-DSA sign case 1")) {
+ return 0;
+ }
+
+ // This message triggers the second restart case for signing.
+ message[0] = 123;
+ if (!mldsa_sign_internal_no_self_test(sig, &priv, message, sizeof(message),
+ nullptr, 0, nullptr, 0, randomizer)) {
+ return 0;
+ }
+ static_assert(sizeof(kExpectedCase2Signature) == sizeof(sig));
+ if (!BORINGSSL_check_test(kExpectedCase2Signature, sig, sizeof(sig),
+ "ML-DSA sign case 2")) {
+ return 0;
+ }
+
+ return 1;
+}
+
+static int verify_self_test() {
+ struct values_st {
+ private_key<6, 5> priv;
+ public_key<6> pub;
+ uint8_t pub_bytes[BCM_MLDSA65_PUBLIC_KEY_BYTES];
+ };
+ std::unique_ptr<values_st, DeleterFree<values_st>> values(
+ reinterpret_cast<struct values_st *>(OPENSSL_malloc(sizeof(values_st))));
+ if (!values) {
+ return 0;
+ }
+
+ if (!mldsa_generate_key_external_entropy(values->pub_bytes, &values->priv,
+ kSignEntropy)) {
+ return 0;
+ }
+
+ const uint8_t message[4] = {1, 0};
+ if (!mldsa_public_from_private(&values->pub, &values->priv) ||
+ !mldsa_verify_internal_no_self_test<6, 5>(
+ &values->pub, kExpectedVerifySignature, message, sizeof(message),
+ nullptr, 0, nullptr, 0)) {
+ return 0;
+ }
+
+ return 1;
+}
+
+template <int K, int L>
+int check_key(private_key<K, L> *priv) {
+ uint8_t sig[signature_bytes<K>()];
+ uint8_t randomizer[BCM_MLDSA_SIGNATURE_RANDOMIZER_BYTES] = {};
+ mldsa::public_key<K> pub;
+ if (!mldsa_public_from_private(&pub, priv) ||
+ !mldsa_sign_internal_no_self_test(sig, priv, nullptr, 0, nullptr, 0,
+ nullptr, 0, randomizer)) {
+ return 0;
+ }
+
+ if (boringssl_fips_break_test("MLDSA_PWCT")) {
+ sig[0] ^= 1;
+ }
+
+ if (!mldsa_verify_internal_no_self_test<K, L>(&pub, sig, nullptr, 0, nullptr,
+ 0, nullptr, 0)) {
+ return 0;
+ }
+ return 1;
+}
+
+#if defined(BORINGSSL_FIPS)
+
+DEFINE_STATIC_ONCE(g_mldsa_keygen_self_test_once)
+
+void ensure_keygen_self_test(void) {
+ CRYPTO_once(g_mldsa_keygen_self_test_once_bss_get(), []() {
+ if (!keygen_self_test()) {
+ BORINGSSL_FIPS_abort();
+ }
+ });
+}
+
+DEFINE_STATIC_ONCE(g_mldsa_sign_self_test_once)
+
+void ensure_sign_self_test(void) {
+ CRYPTO_once(g_mldsa_sign_self_test_once_bss_get(), []() {
+ if (!sign_self_test()) {
+ BORINGSSL_FIPS_abort();
+ }
+ });
+}
+
+DEFINE_STATIC_ONCE(g_mldsa_verify_self_test_once)
+
+void ensure_verify_self_test(void) {
+ CRYPTO_once(g_mldsa_verify_self_test_once_bss_get(), []() {
+ if (!verify_self_test()) {
+ BORINGSSL_FIPS_abort();
+ }
+ });
+}
+
+#else
+
+void ensure_keygen_self_test(void) {}
+void ensure_sign_self_test(void) {}
+void ensure_verify_self_test(void) {}
+
+#endif
+
+} // namespace fips
+
} // namespace
} // namespace mldsa
@@ -1783,6 +1993,12 @@
CBS_len(in) == 0);
}
+bcm_status BCM_mldsa65_check_key_fips(
+ struct BCM_mldsa65_private_key *private_key) {
+ return bcm_as_approved_status(
+ mldsa::fips::check_key(mldsa::private_key_from_external_65(private_key)));
+}
+
// Calls |MLDSA_generate_key_external_entropy| with random bytes from
// |BCM_rand_bytes|.
bcm_status BCM_mldsa65_generate_key(
@@ -1807,11 +2023,51 @@
uint8_t out_encoded_public_key[BCM_MLDSA65_PUBLIC_KEY_BYTES],
struct BCM_mldsa65_private_key *out_private_key,
const uint8_t entropy[BCM_MLDSA_SEED_BYTES]) {
- return bcm_as_approved_status(mldsa_generate_key_external_entropy(
+ return bcm_as_not_approved_status(mldsa_generate_key_external_entropy(
out_encoded_public_key,
mldsa::private_key_from_external_65(out_private_key), entropy));
}
+bcm_status BCM_mldsa65_generate_key_fips(
+ uint8_t out_encoded_public_key[BCM_MLDSA65_PUBLIC_KEY_BYTES],
+ uint8_t out_seed[BCM_MLDSA_SEED_BYTES],
+ struct BCM_mldsa65_private_key *out_private_key) {
+ if (out_encoded_public_key == nullptr || out_private_key == nullptr) {
+ return bcm_status::failure;
+ }
+ if (BCM_mldsa65_generate_key(out_encoded_public_key, out_seed,
+ out_private_key) == bcm_status::failure) {
+ return bcm_status::failure;
+ }
+ return BCM_mldsa65_check_key_fips(out_private_key);
+}
+
+bcm_status BCM_mldsa65_generate_key_external_entropy_fips(
+ uint8_t out_encoded_public_key[BCM_MLDSA65_PUBLIC_KEY_BYTES],
+ struct BCM_mldsa65_private_key *out_private_key,
+ const uint8_t entropy[BCM_MLDSA_SEED_BYTES]) {
+ if (out_encoded_public_key == nullptr || out_private_key == nullptr) {
+ return bcm_status::failure;
+ }
+ if (BCM_mldsa65_generate_key_external_entropy(out_encoded_public_key,
+ out_private_key, entropy) ==
+ bcm_status::failure) {
+ return bcm_status::failure;
+ }
+ return BCM_mldsa65_check_key_fips(out_private_key);
+}
+
+bcm_status BCM_mldsa65_private_key_from_seed_fips(
+ struct BCM_mldsa65_private_key *out_private_key,
+ const uint8_t seed[BCM_MLDSA_SEED_BYTES]) {
+ uint8_t public_key[BCM_MLDSA65_PUBLIC_KEY_BYTES];
+ if (BCM_mldsa65_generate_key_external_entropy(public_key, out_private_key,
+ seed) == bcm_status::failure) {
+ return bcm_status::failure;
+ }
+ return BCM_mldsa65_check_key_fips(out_private_key);
+}
+
bcm_status BCM_mldsa65_public_from_private(
struct BCM_mldsa65_public_key *out_public_key,
const struct BCM_mldsa65_private_key *private_key) {
@@ -1900,6 +2156,12 @@
CBS_len(in) == 0);
}
+bcm_status BCM_mldsa87_check_key_fips(
+ struct BCM_mldsa87_private_key *private_key) {
+ return bcm_as_approved_status(
+ mldsa::fips::check_key(mldsa::private_key_from_external_87(private_key)));
+}
+
// Calls |MLDSA_generate_key_external_entropy| with random bytes from
// |BCM_rand_bytes|.
bcm_status BCM_mldsa87_generate_key(
@@ -1923,11 +2185,51 @@
uint8_t out_encoded_public_key[BCM_MLDSA87_PUBLIC_KEY_BYTES],
struct BCM_mldsa87_private_key *out_private_key,
const uint8_t entropy[BCM_MLDSA_SEED_BYTES]) {
- return bcm_as_approved_status(mldsa_generate_key_external_entropy(
+ return bcm_as_not_approved_status(mldsa_generate_key_external_entropy(
out_encoded_public_key,
mldsa::private_key_from_external_87(out_private_key), entropy));
}
+bcm_status BCM_mldsa87_generate_key_fips(
+ uint8_t out_encoded_public_key[BCM_MLDSA87_PUBLIC_KEY_BYTES],
+ uint8_t out_seed[BCM_MLDSA_SEED_BYTES],
+ struct BCM_mldsa87_private_key *out_private_key) {
+ if (out_encoded_public_key == nullptr || out_private_key == nullptr) {
+ return bcm_status::failure;
+ }
+ if (BCM_mldsa87_generate_key(out_encoded_public_key, out_seed,
+ out_private_key) == bcm_status::failure) {
+ return bcm_status::failure;
+ }
+ return BCM_mldsa87_check_key_fips(out_private_key);
+}
+
+bcm_status BCM_mldsa87_generate_key_external_entropy_fips(
+ uint8_t out_encoded_public_key[BCM_MLDSA87_PUBLIC_KEY_BYTES],
+ struct BCM_mldsa87_private_key *out_private_key,
+ const uint8_t entropy[BCM_MLDSA_SEED_BYTES]) {
+ if (out_encoded_public_key == nullptr || out_private_key == nullptr) {
+ return bcm_status::failure;
+ }
+ if (BCM_mldsa87_generate_key_external_entropy(out_encoded_public_key,
+ out_private_key, entropy) ==
+ bcm_status::failure) {
+ return bcm_status::failure;
+ }
+ return BCM_mldsa87_check_key_fips(out_private_key);
+}
+
+bcm_status BCM_mldsa87_private_key_from_seed_fips(
+ struct BCM_mldsa87_private_key *out_private_key,
+ const uint8_t seed[BCM_MLDSA_SEED_BYTES]) {
+ uint8_t public_key[BCM_MLDSA87_PUBLIC_KEY_BYTES];
+ if (BCM_mldsa87_generate_key_external_entropy(public_key, out_private_key,
+ seed) == bcm_status::failure) {
+ return bcm_status::failure;
+ }
+ return BCM_mldsa87_check_key_fips(out_private_key);
+}
+
bcm_status BCM_mldsa87_public_from_private(
struct BCM_mldsa87_public_key *out_public_key,
const struct BCM_mldsa87_private_key *private_key) {
@@ -1991,3 +2293,8 @@
return bcm_as_approved_status(mldsa_marshal_public_key(
out, mldsa::public_key_from_external_87(public_key)));
}
+
+int boringssl_self_test_mldsa() {
+ return mldsa::fips::keygen_self_test() && mldsa::fips::sign_self_test() &&
+ mldsa::fips::verify_self_test();
+}
diff --git a/src/crypto/fipsmodule/mlkem/fips_known_values.inc b/src/crypto/fipsmodule/mlkem/fips_known_values.inc
new file mode 100644
index 0000000..81c1b8e
--- /dev/null
+++ b/src/crypto/fipsmodule/mlkem/fips_known_values.inc
@@ -0,0 +1,411 @@
+const uint8_t kTestEntropy[BCM_MLKEM_SEED_BYTES] = {
+ 0xc8, 0x77, 0x34, 0x04, 0xb3, 0xe5, 0x3e, 0x31, 0x7b, 0xab, 0x41,
+ 0x08, 0xa8, 0x88, 0x9c, 0x90, 0xbe, 0xfb, 0x38, 0x0f, 0x63, 0x89,
+ 0x70, 0xbc, 0xdc, 0x33, 0xeb, 0x2d, 0xe2, 0x99, 0x6b, 0x1a};
+
+const uint8_t kExpectedPublicKeyBytes[BCM_MLKEM768_PUBLIC_KEY_BYTES] = {
+ 0xcb, 0x0b, 0x33, 0xa2, 0xac, 0xc4, 0x94, 0x56, 0x1a, 0x36, 0x1c, 0x0d,
+ 0xa3, 0x57, 0x5b, 0x63, 0x6c, 0x0d, 0x1f, 0xe1, 0xa8, 0x36, 0xd5, 0x5d,
+ 0x38, 0x5c, 0xac, 0xf4, 0x67, 0x39, 0x9a, 0x12, 0x5b, 0xef, 0xa1, 0x0a,
+ 0x57, 0x76, 0x87, 0x83, 0xaa, 0xaf, 0x1d, 0x9c, 0xce, 0x2b, 0x78, 0x9b,
+ 0x40, 0x82, 0x1e, 0x34, 0xb3, 0x55, 0x2d, 0xd0, 0x20, 0xcd, 0x5b, 0x46,
+ 0x8d, 0xda, 0xb8, 0x83, 0xa8, 0xab, 0xfb, 0x36, 0x45, 0xcb, 0x40, 0xae,
+ 0x69, 0x77, 0x03, 0x22, 0xa8, 0xb4, 0xaa, 0x17, 0x53, 0x90, 0x05, 0x6a,
+ 0x69, 0xb9, 0xc5, 0x2d, 0xbc, 0x9a, 0x81, 0xf6, 0x2a, 0x3c, 0x57, 0x96,
+ 0x8c, 0xb2, 0x72, 0xa7, 0xd4, 0x84, 0x77, 0xf9, 0x0b, 0x80, 0xe7, 0x1e,
+ 0x75, 0x61, 0x0e, 0xf9, 0xb0, 0xcf, 0x4c, 0x03, 0xca, 0x30, 0x45, 0x50,
+ 0x25, 0x82, 0x56, 0x02, 0xbb, 0x58, 0xab, 0x99, 0xc7, 0x8d, 0xd5, 0x37,
+ 0x12, 0xc8, 0x36, 0x5b, 0x00, 0x5f, 0x91, 0xf6, 0x2d, 0x9b, 0x91, 0xc2,
+ 0x3e, 0x75, 0x56, 0x83, 0xd2, 0xaa, 0xd4, 0x03, 0xcd, 0xe8, 0xe8, 0x3f,
+ 0x09, 0xc1, 0x8e, 0x84, 0xb1, 0x75, 0x85, 0x06, 0xa7, 0x4a, 0x40, 0xc2,
+ 0xc9, 0x90, 0xb0, 0x0f, 0x59, 0x84, 0xe5, 0xf7, 0xa8, 0xd8, 0x35, 0x33,
+ 0xa5, 0x82, 0x4e, 0xf6, 0xb5, 0xaf, 0xd5, 0xaa, 0xbb, 0x52, 0x30, 0x0b,
+ 0xb1, 0x67, 0x7b, 0xbb, 0xdc, 0x38, 0x58, 0xf4, 0x2f, 0xe4, 0xeb, 0x47,
+ 0xf0, 0x49, 0x76, 0x45, 0x10, 0x02, 0x19, 0xa7, 0xc6, 0x1f, 0x8a, 0x71,
+ 0xda, 0x51, 0x61, 0x79, 0xc4, 0x10, 0xeb, 0x3a, 0x11, 0xd9, 0x93, 0x1d,
+ 0x83, 0x81, 0x48, 0x3d, 0x68, 0x35, 0xff, 0xe3, 0xa6, 0xa8, 0x40, 0x74,
+ 0xdb, 0x7c, 0xb4, 0xb2, 0x05, 0x89, 0xc8, 0x09, 0x42, 0x27, 0x28, 0x55,
+ 0x01, 0x57, 0xc9, 0xf9, 0xfa, 0x36, 0xd3, 0x5c, 0x51, 0x40, 0xca, 0x1e,
+ 0x34, 0xc8, 0xb9, 0x27, 0xf1, 0x15, 0xc9, 0xa4, 0x18, 0x9c, 0xa8, 0x4c,
+ 0x55, 0xf8, 0x4d, 0x90, 0xbc, 0x88, 0xd1, 0x46, 0x01, 0x80, 0x96, 0x54,
+ 0x8d, 0x01, 0x6e, 0xe4, 0x26, 0x0c, 0x7a, 0x08, 0x3d, 0x7c, 0x26, 0x66,
+ 0xb1, 0xd1, 0x15, 0xc7, 0xc0, 0x0b, 0x06, 0x92, 0x9c, 0x26, 0xa6, 0x6c,
+ 0x3a, 0x46, 0x47, 0x15, 0x37, 0xb0, 0x0a, 0xc1, 0x5d, 0xe0, 0x51, 0xae,
+ 0x17, 0x87, 0x2f, 0x75, 0x2c, 0x64, 0xd5, 0x39, 0x09, 0xe6, 0xd0, 0x7c,
+ 0x3d, 0x79, 0x47, 0x78, 0x0a, 0x82, 0xc9, 0xba, 0x37, 0x07, 0x93, 0x94,
+ 0xa4, 0x45, 0x7c, 0x07, 0x69, 0x24, 0x1d, 0xc9, 0x75, 0x41, 0x6b, 0xc1,
+ 0x42, 0x28, 0x06, 0xe3, 0xfc, 0x7b, 0xd2, 0xf8, 0xbf, 0xe7, 0x5a, 0xc2,
+ 0xc0, 0x81, 0x63, 0xf3, 0x84, 0x32, 0x31, 0x4a, 0x8d, 0x6b, 0xe3, 0x3e,
+ 0x22, 0x67, 0x9a, 0x3a, 0x96, 0x09, 0xa6, 0xf9, 0x53, 0x40, 0x41, 0x2a,
+ 0x04, 0xa7, 0xc5, 0x7b, 0x86, 0xcd, 0xed, 0xec, 0xae, 0xfd, 0xc7, 0x11,
+ 0x48, 0x56, 0x77, 0x0b, 0xb7, 0xbb, 0xaf, 0xfb, 0x6c, 0x9e, 0xd6, 0x5c,
+ 0xbc, 0xf7, 0x9a, 0x75, 0xb5, 0xb2, 0x20, 0xd9, 0x60, 0x90, 0x65, 0x02,
+ 0xf9, 0x16, 0x34, 0xdf, 0x0b, 0x16, 0x2a, 0x97, 0x00, 0x5d, 0xc1, 0x65,
+ 0xc3, 0xb9, 0x1f, 0x2e, 0x85, 0x97, 0xbd, 0xca, 0xaa, 0x1d, 0xf2, 0x4f,
+ 0x74, 0xe5, 0x56, 0x94, 0xdc, 0x53, 0xbb, 0xc0, 0x75, 0x1c, 0x2b, 0x59,
+ 0x6b, 0x50, 0x2c, 0x25, 0x4c, 0x78, 0xd7, 0x68, 0x40, 0x0b, 0x91, 0x7a,
+ 0x93, 0x02, 0x83, 0x5e, 0x6c, 0x03, 0xc7, 0xc4, 0x24, 0x6f, 0x8b, 0xa4,
+ 0x70, 0x37, 0x1f, 0xe5, 0x33, 0x59, 0xf6, 0xbb, 0x5f, 0xb8, 0x58, 0x50,
+ 0x62, 0x16, 0x95, 0x2a, 0x88, 0xa3, 0xc6, 0x24, 0x94, 0x4b, 0xb0, 0x03,
+ 0x8e, 0xe6, 0x50, 0xd1, 0x63, 0xa2, 0xab, 0x00, 0x16, 0xf4, 0x0a, 0x7d,
+ 0xe6, 0xe0, 0xb9, 0x0c, 0xd8, 0x08, 0xae, 0xf6, 0x80, 0xb7, 0x48, 0xb8,
+ 0x10, 0xd1, 0x77, 0x57, 0x48, 0x2a, 0xc1, 0xf1, 0x4e, 0x61, 0xb4, 0x06,
+ 0x5a, 0xa1, 0xba, 0x32, 0x4a, 0x9a, 0xab, 0x8c, 0xa8, 0xe3, 0xa0, 0x68,
+ 0x39, 0xa3, 0x25, 0x55, 0x48, 0xcd, 0x12, 0x98, 0x14, 0x1b, 0x39, 0x5b,
+ 0xf4, 0x88, 0xbe, 0x5f, 0xac, 0xba, 0x18, 0x20, 0x74, 0x2c, 0xa1, 0x0b,
+ 0xfc, 0xf1, 0x00, 0x85, 0x24, 0x27, 0x3d, 0x80, 0xb6, 0x30, 0x42, 0x7b,
+ 0x74, 0xb0, 0xbf, 0x87, 0x51, 0x9b, 0xa8, 0x1c, 0x79, 0xbd, 0x50, 0x85,
+ 0x66, 0xe1, 0x93, 0xdd, 0xc5, 0x5d, 0x5d, 0xd0, 0xbe, 0xcb, 0x90, 0x36,
+ 0xf8, 0xc6, 0xc2, 0xea, 0xea, 0x40, 0xce, 0xa7, 0xb0, 0xae, 0xc5, 0x44,
+ 0x3a, 0x27, 0xc5, 0x4a, 0xf0, 0x21, 0x4f, 0xf6, 0x63, 0xb1, 0x8c, 0x20,
+ 0x76, 0x65, 0xb5, 0x79, 0x55, 0x10, 0xa5, 0xa7, 0x4b, 0x57, 0x96, 0xb3,
+ 0x03, 0xe6, 0xa8, 0x93, 0xf5, 0xc5, 0xca, 0xe0, 0x1a, 0x23, 0x30, 0x6d,
+ 0x09, 0x07, 0x81, 0x5e, 0x05, 0xc6, 0x1b, 0x7a, 0x0e, 0xde, 0xf3, 0x00,
+ 0x91, 0xf3, 0xbb, 0x4b, 0xa6, 0x8e, 0x96, 0xc3, 0x3a, 0xc8, 0x72, 0x19,
+ 0x23, 0x23, 0xc7, 0x94, 0x46, 0x75, 0xa2, 0xc5, 0x9e, 0xa3, 0x15, 0x86,
+ 0xb4, 0xa7, 0x95, 0xda, 0x16, 0xae, 0x42, 0xe8, 0xcc, 0xf6, 0x41, 0xbc,
+ 0x9c, 0xe8, 0x07, 0xc9, 0x05, 0x3c, 0x74, 0xb2, 0xad, 0x77, 0xc4, 0x08,
+ 0x56, 0x78, 0xb8, 0x65, 0x2a, 0x33, 0x39, 0x82, 0x16, 0x3c, 0x2b, 0x73,
+ 0x41, 0x2a, 0xbc, 0xc8, 0x36, 0x23, 0x2c, 0x23, 0x29, 0xce, 0x94, 0x8a,
+ 0xba, 0x13, 0x3f, 0xfa, 0xcc, 0x6e, 0x17, 0x40, 0xb0, 0xb4, 0x9c, 0xae,
+ 0xf9, 0x72, 0x40, 0xf7, 0x2a, 0xaf, 0x00, 0x17, 0x7e, 0x88, 0x44, 0x4e,
+ 0x32, 0xa4, 0x80, 0x96, 0x53, 0x20, 0xe4, 0xaa, 0x18, 0x9c, 0x69, 0x63,
+ 0xdb, 0x81, 0x73, 0x0e, 0x64, 0x40, 0x12, 0xc1, 0x26, 0x0e, 0xac, 0x4d,
+ 0x38, 0xa6, 0x4c, 0x05, 0xeb, 0x42, 0x1f, 0x88, 0x6e, 0x6c, 0xa3, 0x98,
+ 0x95, 0xc3, 0x5a, 0x31, 0xfc, 0x8a, 0x7c, 0xd6, 0xa5, 0x6c, 0x5a, 0xc9,
+ 0xf5, 0xf2, 0xb0, 0xf7, 0x05, 0x8d, 0x3a, 0x0b, 0x3f, 0x4d, 0x1b, 0x0e,
+ 0x38, 0x7b, 0x1c, 0xe5, 0xd0, 0x75, 0x40, 0x77, 0xc2, 0xe0, 0x8b, 0xa9,
+ 0xfb, 0xa6, 0xa7, 0x13, 0xf0, 0xbc, 0x0c, 0x13, 0xb0, 0x70, 0x3a, 0x2f,
+ 0x20, 0xe7, 0x38, 0xd8, 0x82, 0xa4, 0xc0, 0x06, 0x96, 0x95, 0x75, 0x5c,
+ 0xbc, 0x68, 0xce, 0xee, 0xa6, 0x44, 0xbb, 0xf2, 0x62, 0x14, 0x43, 0x10,
+ 0xe6, 0x0b, 0x5c, 0x66, 0x02, 0xbf, 0x38, 0xe9, 0x8f, 0x19, 0x69, 0x6c,
+ 0x08, 0xfa, 0x93, 0x23, 0xf1, 0x35, 0x5f, 0x33, 0xcf, 0xe2, 0x32, 0x11,
+ 0xda, 0x31, 0xbb, 0xd8, 0xf5, 0x7e, 0x55, 0xc3, 0x6a, 0xa3, 0x04, 0x8c,
+ 0xef, 0x50, 0x67, 0x0f, 0xe9, 0xbb, 0x11, 0x6b, 0xca, 0x5a, 0x23, 0x15,
+ 0xf7, 0x52, 0x8c, 0x69, 0xbb, 0x2d, 0x26, 0xd3, 0x78, 0x32, 0x33, 0x9b,
+ 0x1d, 0x02, 0x7c, 0x22, 0x4b, 0x57, 0x19, 0xec, 0xcd, 0x16, 0x63, 0x5d,
+ 0x1f, 0x0c, 0x67, 0xda, 0x6a, 0xc7, 0x2c, 0xf1, 0x0b, 0xcf, 0x92, 0x10,
+ 0xcb, 0x78, 0x57, 0x67, 0x61, 0x0e, 0xb3, 0x55, 0xb0, 0x17, 0x32, 0x4e,
+ 0x95, 0xf1, 0xcb, 0xb5, 0xdb, 0x5d, 0x8e, 0x38, 0x97, 0x28, 0x46, 0x1e,
+ 0x37, 0x4b, 0x5c, 0x03, 0xf4, 0x84, 0x0c, 0xfc, 0x49, 0x3b, 0xd2, 0xc6,
+ 0x97, 0xd4, 0x4f, 0xef, 0xe6, 0x5c, 0xb2, 0x96, 0x8e, 0xbc, 0x18, 0x9f,
+ 0xec, 0x8a, 0x67, 0x53, 0xe8, 0x2a, 0x41, 0x5c, 0x6e, 0xfe, 0xca, 0x1a,
+ 0xd0, 0x03, 0x4f, 0xe8, 0xd9, 0xb0, 0xe2, 0xa1, 0x6c, 0x32, 0xd5, 0x37,
+ 0x68, 0x9c, 0x6b, 0x30, 0x87, 0xb4, 0x6e, 0xa8, 0xc5, 0x45, 0xe4, 0x74,
+ 0x4a, 0x80, 0x02, 0x84, 0x78, 0x0e, 0x2c, 0x9c, 0x37, 0x07, 0x26, 0x31,
+ 0x88, 0x0a, 0x89, 0xd2, 0xba, 0x8b, 0x09, 0xb2, 0x16, 0x7b, 0x23, 0xa8,
+ 0x0c, 0x82, 0xc4, 0x22, 0xa2, 0x21, 0x2d, 0xa4, 0xa0, 0xeb, 0xe4, 0xa6,
+ 0xd4, 0x16, 0xa0, 0xa7, 0x19, 0x8b, 0x8f, 0x87, 0x9b, 0x53, 0x6c, 0xba,
+ 0x14, 0xa7, 0xc4, 0x64, 0x08, 0xb4, 0x68, 0xda, 0x85, 0xa6, 0x47, 0xbc,
+ 0x58, 0x34, 0xcd, 0x60, 0x43, 0xad, 0x14, 0xd4, 0xca, 0xd7, 0xb1, 0x6c,
+ 0xc0, 0x05, 0x68, 0xaf, 0xa7, 0x08, 0x9d, 0x6a, 0xb0, 0x70, 0x96, 0x81,
+ 0xb8, 0x55, 0xbf, 0xa1, 0xcc, 0xb1, 0x37, 0xe0, 0x94, 0x42, 0x05, 0x0c,
+ 0x83, 0xef, 0x6d, 0xf0, 0x4e, 0xba, 0xe6, 0x78, 0x49, 0xaf, 0x1f, 0x88,
+ 0xf0, 0x18, 0x0c, 0x17, 0x66, 0x92, 0xd8, 0x50, 0x57, 0x3b, 0x8e, 0xc9,
+ 0xd5, 0x8c, 0xfb, 0x9b, 0x78, 0x65, 0x01, 0x76};
+
+const uint8_t kExpectedPrivateKeyBytes[2400] = {
+ 0xd8, 0xc9, 0x39, 0x7c, 0x31, 0x30, 0xd8, 0xec, 0xb4, 0x11, 0xa6, 0x8e,
+ 0xfc, 0xc8, 0x9a, 0x55, 0x3c, 0xb7, 0xe6, 0x81, 0x7e, 0x02, 0x88, 0xbd,
+ 0x06, 0x91, 0x60, 0x9b, 0xf5, 0x57, 0x6a, 0xf8, 0x73, 0x9e, 0x52, 0xa8,
+ 0x03, 0xf0, 0x97, 0xb4, 0x22, 0xb7, 0x02, 0x23, 0xcd, 0x3e, 0xa1, 0x03,
+ 0x20, 0x66, 0x6e, 0x20, 0x20, 0xcb, 0x42, 0xec, 0xb6, 0xc2, 0x14, 0x2c,
+ 0xe7, 0xa8, 0x88, 0x3d, 0xd2, 0x26, 0x9c, 0xf7, 0xb3, 0x4f, 0x00, 0x27,
+ 0x61, 0xc6, 0x10, 0xb2, 0x72, 0x34, 0x39, 0xf1, 0x79, 0x03, 0xcc, 0x06,
+ 0xd2, 0xe4, 0x29, 0x57, 0x91, 0x2f, 0x0d, 0x45, 0x19, 0x30, 0x27, 0x47,
+ 0xcc, 0xba, 0xbe, 0x19, 0x01, 0x1a, 0xbb, 0xd8, 0xcb, 0x74, 0xca, 0x4a,
+ 0xfa, 0x32, 0x2f, 0xb8, 0xbb, 0x5c, 0x19, 0x2a, 0xbf, 0x31, 0x0a, 0x82,
+ 0xf3, 0x29, 0x74, 0x30, 0xa4, 0x95, 0x4c, 0x42, 0x59, 0x8c, 0xb3, 0xcb,
+ 0xfe, 0xa9, 0xb4, 0x2e, 0x60, 0x71, 0x64, 0x51, 0x6d, 0xf9, 0x73, 0x5b,
+ 0xf5, 0x59, 0x9b, 0xf5, 0xd9, 0x9d, 0x3f, 0x86, 0x3a, 0x50, 0x6c, 0x23,
+ 0x8c, 0x96, 0xc0, 0x5e, 0x7c, 0x48, 0x43, 0xec, 0x08, 0xf5, 0xf7, 0x7e,
+ 0x6b, 0x54, 0x84, 0xb2, 0x6c, 0x52, 0xd5, 0x2b, 0x38, 0x85, 0xf4, 0x40,
+ 0x36, 0x09, 0x2f, 0xe6, 0xd0, 0x9e, 0xe6, 0xb6, 0x96, 0x7a, 0xe1, 0xc3,
+ 0xf7, 0xfa, 0x89, 0xc6, 0x75, 0x6f, 0x65, 0xea, 0x4a, 0x6d, 0x55, 0x33,
+ 0xe2, 0xc6, 0x30, 0xfb, 0x7b, 0xbd, 0xcb, 0x33, 0x4d, 0xd6, 0x84, 0x1b,
+ 0x28, 0x77, 0x60, 0xbf, 0x4b, 0x82, 0xd0, 0xb0, 0xc5, 0x88, 0x0c, 0x51,
+ 0x00, 0x22, 0x5e, 0xd9, 0x41, 0x2e, 0x7e, 0x43, 0xa6, 0x9d, 0x34, 0x5d,
+ 0x24, 0x80, 0xad, 0x7f, 0xd3, 0xae, 0xc7, 0x5a, 0x51, 0x74, 0x06, 0xc0,
+ 0x6f, 0x04, 0xae, 0x9b, 0x79, 0x6e, 0x35, 0xfa, 0x0d, 0xf3, 0xda, 0xa4,
+ 0xfa, 0x38, 0x4a, 0xee, 0xb3, 0xa4, 0x87, 0xa7, 0x27, 0xe2, 0x02, 0x2a,
+ 0x29, 0x27, 0xcf, 0xca, 0x4a, 0x20, 0x01, 0x15, 0x3d, 0x12, 0xc7, 0xcc,
+ 0x74, 0x99, 0x17, 0xa6, 0x7b, 0x04, 0xd7, 0xea, 0x64, 0x88, 0xa3, 0x54,
+ 0xb5, 0xc2, 0xa3, 0xea, 0x69, 0x94, 0xb9, 0xc3, 0x45, 0xf8, 0x2b, 0x3c,
+ 0xe5, 0xc1, 0x25, 0xf6, 0xc9, 0x82, 0xe3, 0x45, 0x25, 0xca, 0x71, 0x3d,
+ 0x73, 0x10, 0x99, 0xa5, 0xb5, 0x79, 0xdc, 0x61, 0x8f, 0x04, 0x3c, 0x61,
+ 0x6b, 0x90, 0x4d, 0x83, 0xa3, 0x0d, 0xb4, 0xba, 0xb7, 0x3b, 0x81, 0xca,
+ 0xbb, 0x59, 0x16, 0x46, 0xf4, 0x75, 0x7c, 0xaa, 0x0f, 0x90, 0xec, 0x37,
+ 0xa4, 0x50, 0xa8, 0x41, 0xb4, 0x33, 0xd2, 0xb7, 0x28, 0xe1, 0xda, 0x74,
+ 0x36, 0x3a, 0xa6, 0x96, 0x76, 0x06, 0x67, 0xd3, 0x8e, 0xda, 0xd5, 0x29,
+ 0x24, 0x1a, 0xbe, 0x82, 0x83, 0x6b, 0x3a, 0x90, 0xc1, 0x86, 0x34, 0x2d,
+ 0xd8, 0xa3, 0xa5, 0x7e, 0xe6, 0xca, 0x3f, 0xc5, 0xbf, 0xba, 0x24, 0x14,
+ 0xd2, 0xfc, 0x3f, 0x97, 0x8c, 0xca, 0x59, 0xa5, 0x52, 0xf1, 0x8c, 0x62,
+ 0x8d, 0x8a, 0x7d, 0x1b, 0x35, 0x76, 0x79, 0x98, 0x39, 0x57, 0x53, 0x1f,
+ 0x78, 0x82, 0x7d, 0xcd, 0x9c, 0xab, 0xb3, 0x12, 0x52, 0x86, 0x87, 0xbf,
+ 0x01, 0x12, 0x58, 0x45, 0x37, 0x75, 0x1a, 0xe0, 0x03, 0xbd, 0x67, 0x4c,
+ 0x76, 0xfa, 0x06, 0x59, 0xa2, 0x1f, 0x48, 0x73, 0x7f, 0x0c, 0x90, 0xc1,
+ 0x82, 0xc0, 0x98, 0x2f, 0x6a, 0x1c, 0x6f, 0x6c, 0x98, 0x70, 0x16, 0x8e,
+ 0x8c, 0x5b, 0x60, 0x92, 0x42, 0x59, 0xd6, 0xb2, 0x13, 0x7a, 0x11, 0xb6,
+ 0x15, 0x1b, 0x07, 0x50, 0x52, 0x73, 0x86, 0xbc, 0x3a, 0xff, 0x66, 0x71,
+ 0x57, 0xf8, 0x89, 0x7a, 0x3a, 0x95, 0xc5, 0xa1, 0x31, 0x48, 0x15, 0xc9,
+ 0xe0, 0x4b, 0x41, 0xb6, 0x07, 0x5a, 0x70, 0x88, 0x11, 0xce, 0xdc, 0xa7,
+ 0x84, 0x23, 0x85, 0x96, 0xd8, 0x20, 0x9f, 0x89, 0x42, 0xbc, 0x0b, 0xd0,
+ 0xd9, 0x11, 0x9f, 0x2f, 0x71, 0x37, 0xa2, 0x10, 0x98, 0x95, 0xa7, 0x1f,
+ 0x99, 0x48, 0x8e, 0x5b, 0x40, 0x65, 0x9f, 0x08, 0x4e, 0x04, 0x16, 0x35,
+ 0xc8, 0x56, 0xa1, 0x02, 0xa1, 0xaf, 0x0e, 0x5b, 0xaf, 0x02, 0x66, 0x2e,
+ 0xc8, 0xa5, 0x49, 0xe7, 0xa4, 0x6b, 0x03, 0xe2, 0x42, 0xb3, 0x37, 0x76,
+ 0x2c, 0x89, 0x00, 0x76, 0x83, 0xb3, 0x93, 0xdc, 0x78, 0x56, 0xc9, 0x02,
+ 0xf1, 0xd3, 0x92, 0xe5, 0x14, 0x36, 0xba, 0x37, 0x1d, 0x86, 0x87, 0x81,
+ 0x5f, 0x30, 0x16, 0x7f, 0xdb, 0x76, 0xe2, 0x46, 0x3d, 0x32, 0xe8, 0x47,
+ 0x35, 0x5b, 0x68, 0x39, 0x70, 0xa3, 0xc2, 0xb8, 0xb3, 0x6e, 0xd0, 0x22,
+ 0x6b, 0x39, 0x9c, 0xd9, 0xa3, 0x93, 0x69, 0xbc, 0xcb, 0xe0, 0xbc, 0x82,
+ 0x1b, 0xfb, 0x9f, 0x72, 0x17, 0x40, 0x72, 0xeb, 0xb2, 0x97, 0x31, 0x66,
+ 0x18, 0x48, 0x9a, 0xe5, 0x3a, 0x2a, 0x41, 0x13, 0x3e, 0xfc, 0xfb, 0xb4,
+ 0xb0, 0x96, 0x6e, 0x53, 0x37, 0x18, 0xbb, 0x26, 0x1d, 0xbe, 0x33, 0x0f,
+ 0x06, 0x8b, 0x8c, 0xb1, 0xfc, 0x8c, 0x24, 0x19, 0x8d, 0x7d, 0x76, 0x52,
+ 0x35, 0x75, 0x71, 0x36, 0x61, 0x7d, 0x75, 0x3a, 0x31, 0x9a, 0x16, 0x05,
+ 0x2d, 0x51, 0x63, 0x6f, 0x07, 0x64, 0xfd, 0x80, 0x16, 0x2d, 0xa3, 0x3a,
+ 0x15, 0xca, 0xaa, 0x76, 0xec, 0x2f, 0x91, 0x47, 0xb2, 0x29, 0x61, 0x04,
+ 0x80, 0x20, 0x8d, 0x3c, 0x31, 0xa6, 0x4f, 0x8b, 0xc8, 0xc0, 0x71, 0xbb,
+ 0x0a, 0xec, 0xbc, 0xdf, 0xdc, 0x91, 0x8c, 0xb9, 0x80, 0xb7, 0x67, 0xa9,
+ 0x7f, 0x30, 0x18, 0x4e, 0xd3, 0x68, 0x27, 0x50, 0x15, 0xad, 0x8c, 0x6a,
+ 0xab, 0xc9, 0xbe, 0xad, 0x41, 0x4b, 0xcd, 0x23, 0x73, 0x9f, 0x77, 0x58,
+ 0xe3, 0xd8, 0x2e, 0x16, 0xcb, 0xa0, 0x17, 0x89, 0x51, 0x31, 0x53, 0x01,
+ 0xa8, 0xf1, 0x9b, 0x61, 0xc3, 0x0a, 0x5b, 0x0c, 0x70, 0x36, 0x48, 0x1b,
+ 0xae, 0x17, 0x51, 0x1f, 0xc7, 0x7b, 0xce, 0xd4, 0x45, 0xff, 0xea, 0xb0,
+ 0x5f, 0x48, 0x07, 0x4f, 0x79, 0x26, 0x5c, 0xb6, 0xce, 0x4c, 0xc4, 0x02,
+ 0xd1, 0x31, 0x88, 0xa9, 0xc0, 0x53, 0x6a, 0x42, 0x6f, 0x9c, 0x32, 0xaa,
+ 0x86, 0xec, 0x25, 0xa7, 0x5b, 0x31, 0x68, 0xc9, 0xa9, 0xd8, 0x2c, 0x70,
+ 0xa0, 0x02, 0x31, 0x52, 0x8a, 0x2c, 0xc0, 0x0a, 0xbe, 0x8c, 0x59, 0x6c,
+ 0x72, 0x42, 0x21, 0xcb, 0x44, 0x07, 0x02, 0x27, 0xa0, 0x71, 0xa3, 0x7f,
+ 0xe3, 0x97, 0x24, 0x70, 0x47, 0x4d, 0x10, 0xfc, 0x54, 0x83, 0xdc, 0x44,
+ 0x09, 0x36, 0x23, 0x4a, 0x26, 0x95, 0x60, 0x96, 0xa4, 0x11, 0x1b, 0x18,
+ 0x9d, 0x01, 0x9c, 0x8c, 0xd7, 0x37, 0x60, 0x08, 0x02, 0xef, 0xe3, 0x81,
+ 0xf3, 0x48, 0x5c, 0x9c, 0xac, 0x4f, 0xb6, 0xc7, 0x66, 0xd6, 0xda, 0x25,
+ 0x78, 0x4a, 0xca, 0x91, 0xf1, 0x16, 0x75, 0x69, 0x8b, 0x09, 0x63, 0x0d,
+ 0x74, 0x49, 0x57, 0x33, 0xe1, 0x23, 0x87, 0xc5, 0x0e, 0x85, 0x27, 0x1e,
+ 0x5a, 0xfa, 0x3f, 0xa8, 0x82, 0xbc, 0x49, 0xc7, 0x99, 0x15, 0xe1, 0x2f,
+ 0x04, 0x36, 0x88, 0xd4, 0xa1, 0x9a, 0xe5, 0xb3, 0x70, 0x95, 0x85, 0x43,
+ 0x76, 0xb9, 0x7d, 0x3b, 0x9c, 0x61, 0xf3, 0x30, 0x59, 0x4e, 0x2a, 0xc6,
+ 0x3f, 0x52, 0x35, 0x81, 0x43, 0x61, 0x72, 0xc0, 0x89, 0x98, 0x67, 0x1e,
+ 0x6f, 0xec, 0xc6, 0x2a, 0x9a, 0x14, 0x36, 0x34, 0x4c, 0x9f, 0xfb, 0x2e,
+ 0xd1, 0xd2, 0x4e, 0x6b, 0xb9, 0xc9, 0x56, 0x74, 0xbe, 0xab, 0xa4, 0x7c,
+ 0x48, 0x84, 0x07, 0xf6, 0x04, 0xb1, 0x89, 0x0b, 0x13, 0x79, 0x13, 0xb5,
+ 0x31, 0xd6, 0x2c, 0x40, 0x47, 0xbd, 0xba, 0x37, 0xb1, 0x65, 0x7c, 0xb3,
+ 0xa3, 0x45, 0x1e, 0x0f, 0x41, 0x62, 0x07, 0xf9, 0x1e, 0x25, 0xa5, 0x78,
+ 0x47, 0xd2, 0xa6, 0x4b, 0x20, 0x7b, 0x9b, 0x39, 0x07, 0x09, 0xf3, 0x9e,
+ 0x09, 0xfb, 0xac, 0x87, 0xb6, 0xb5, 0x9b, 0xd8, 0x09, 0xa3, 0xd6, 0x69,
+ 0xb3, 0x3a, 0x87, 0x09, 0xb0, 0x19, 0xb3, 0xc1, 0x47, 0x8e, 0xd7, 0x3a,
+ 0x6e, 0xb5, 0x48, 0x89, 0x56, 0x87, 0x60, 0xb1, 0xba, 0x52, 0xd5, 0x94,
+ 0x22, 0x54, 0xbd, 0x7c, 0xf1, 0xa4, 0x54, 0xaa, 0x38, 0x5c, 0x76, 0xa8,
+ 0x52, 0x19, 0x97, 0x9a, 0x71, 0x47, 0x6c, 0xa0, 0x39, 0xd1, 0x0b, 0xd0,
+ 0xa6, 0xb3, 0x65, 0xdc, 0xbc, 0xa4, 0x4d, 0x62, 0x44, 0xb2, 0x47, 0x5e,
+ 0x77, 0x77, 0x32, 0x2f, 0x78, 0xa6, 0x97, 0xdb, 0xb5, 0xba, 0x3b, 0x4a,
+ 0xcb, 0x0b, 0x33, 0xa2, 0xac, 0xc4, 0x94, 0x56, 0x1a, 0x36, 0x1c, 0x0d,
+ 0xa3, 0x57, 0x5b, 0x63, 0x6c, 0x0d, 0x1f, 0xe1, 0xa8, 0x36, 0xd5, 0x5d,
+ 0x38, 0x5c, 0xac, 0xf4, 0x67, 0x39, 0x9a, 0x12, 0x5b, 0xef, 0xa1, 0x0a,
+ 0x57, 0x76, 0x87, 0x83, 0xaa, 0xaf, 0x1d, 0x9c, 0xce, 0x2b, 0x78, 0x9b,
+ 0x40, 0x82, 0x1e, 0x34, 0xb3, 0x55, 0x2d, 0xd0, 0x20, 0xcd, 0x5b, 0x46,
+ 0x8d, 0xda, 0xb8, 0x83, 0xa8, 0xab, 0xfb, 0x36, 0x45, 0xcb, 0x40, 0xae,
+ 0x69, 0x77, 0x03, 0x22, 0xa8, 0xb4, 0xaa, 0x17, 0x53, 0x90, 0x05, 0x6a,
+ 0x69, 0xb9, 0xc5, 0x2d, 0xbc, 0x9a, 0x81, 0xf6, 0x2a, 0x3c, 0x57, 0x96,
+ 0x8c, 0xb2, 0x72, 0xa7, 0xd4, 0x84, 0x77, 0xf9, 0x0b, 0x80, 0xe7, 0x1e,
+ 0x75, 0x61, 0x0e, 0xf9, 0xb0, 0xcf, 0x4c, 0x03, 0xca, 0x30, 0x45, 0x50,
+ 0x25, 0x82, 0x56, 0x02, 0xbb, 0x58, 0xab, 0x99, 0xc7, 0x8d, 0xd5, 0x37,
+ 0x12, 0xc8, 0x36, 0x5b, 0x00, 0x5f, 0x91, 0xf6, 0x2d, 0x9b, 0x91, 0xc2,
+ 0x3e, 0x75, 0x56, 0x83, 0xd2, 0xaa, 0xd4, 0x03, 0xcd, 0xe8, 0xe8, 0x3f,
+ 0x09, 0xc1, 0x8e, 0x84, 0xb1, 0x75, 0x85, 0x06, 0xa7, 0x4a, 0x40, 0xc2,
+ 0xc9, 0x90, 0xb0, 0x0f, 0x59, 0x84, 0xe5, 0xf7, 0xa8, 0xd8, 0x35, 0x33,
+ 0xa5, 0x82, 0x4e, 0xf6, 0xb5, 0xaf, 0xd5, 0xaa, 0xbb, 0x52, 0x30, 0x0b,
+ 0xb1, 0x67, 0x7b, 0xbb, 0xdc, 0x38, 0x58, 0xf4, 0x2f, 0xe4, 0xeb, 0x47,
+ 0xf0, 0x49, 0x76, 0x45, 0x10, 0x02, 0x19, 0xa7, 0xc6, 0x1f, 0x8a, 0x71,
+ 0xda, 0x51, 0x61, 0x79, 0xc4, 0x10, 0xeb, 0x3a, 0x11, 0xd9, 0x93, 0x1d,
+ 0x83, 0x81, 0x48, 0x3d, 0x68, 0x35, 0xff, 0xe3, 0xa6, 0xa8, 0x40, 0x74,
+ 0xdb, 0x7c, 0xb4, 0xb2, 0x05, 0x89, 0xc8, 0x09, 0x42, 0x27, 0x28, 0x55,
+ 0x01, 0x57, 0xc9, 0xf9, 0xfa, 0x36, 0xd3, 0x5c, 0x51, 0x40, 0xca, 0x1e,
+ 0x34, 0xc8, 0xb9, 0x27, 0xf1, 0x15, 0xc9, 0xa4, 0x18, 0x9c, 0xa8, 0x4c,
+ 0x55, 0xf8, 0x4d, 0x90, 0xbc, 0x88, 0xd1, 0x46, 0x01, 0x80, 0x96, 0x54,
+ 0x8d, 0x01, 0x6e, 0xe4, 0x26, 0x0c, 0x7a, 0x08, 0x3d, 0x7c, 0x26, 0x66,
+ 0xb1, 0xd1, 0x15, 0xc7, 0xc0, 0x0b, 0x06, 0x92, 0x9c, 0x26, 0xa6, 0x6c,
+ 0x3a, 0x46, 0x47, 0x15, 0x37, 0xb0, 0x0a, 0xc1, 0x5d, 0xe0, 0x51, 0xae,
+ 0x17, 0x87, 0x2f, 0x75, 0x2c, 0x64, 0xd5, 0x39, 0x09, 0xe6, 0xd0, 0x7c,
+ 0x3d, 0x79, 0x47, 0x78, 0x0a, 0x82, 0xc9, 0xba, 0x37, 0x07, 0x93, 0x94,
+ 0xa4, 0x45, 0x7c, 0x07, 0x69, 0x24, 0x1d, 0xc9, 0x75, 0x41, 0x6b, 0xc1,
+ 0x42, 0x28, 0x06, 0xe3, 0xfc, 0x7b, 0xd2, 0xf8, 0xbf, 0xe7, 0x5a, 0xc2,
+ 0xc0, 0x81, 0x63, 0xf3, 0x84, 0x32, 0x31, 0x4a, 0x8d, 0x6b, 0xe3, 0x3e,
+ 0x22, 0x67, 0x9a, 0x3a, 0x96, 0x09, 0xa6, 0xf9, 0x53, 0x40, 0x41, 0x2a,
+ 0x04, 0xa7, 0xc5, 0x7b, 0x86, 0xcd, 0xed, 0xec, 0xae, 0xfd, 0xc7, 0x11,
+ 0x48, 0x56, 0x77, 0x0b, 0xb7, 0xbb, 0xaf, 0xfb, 0x6c, 0x9e, 0xd6, 0x5c,
+ 0xbc, 0xf7, 0x9a, 0x75, 0xb5, 0xb2, 0x20, 0xd9, 0x60, 0x90, 0x65, 0x02,
+ 0xf9, 0x16, 0x34, 0xdf, 0x0b, 0x16, 0x2a, 0x97, 0x00, 0x5d, 0xc1, 0x65,
+ 0xc3, 0xb9, 0x1f, 0x2e, 0x85, 0x97, 0xbd, 0xca, 0xaa, 0x1d, 0xf2, 0x4f,
+ 0x74, 0xe5, 0x56, 0x94, 0xdc, 0x53, 0xbb, 0xc0, 0x75, 0x1c, 0x2b, 0x59,
+ 0x6b, 0x50, 0x2c, 0x25, 0x4c, 0x78, 0xd7, 0x68, 0x40, 0x0b, 0x91, 0x7a,
+ 0x93, 0x02, 0x83, 0x5e, 0x6c, 0x03, 0xc7, 0xc4, 0x24, 0x6f, 0x8b, 0xa4,
+ 0x70, 0x37, 0x1f, 0xe5, 0x33, 0x59, 0xf6, 0xbb, 0x5f, 0xb8, 0x58, 0x50,
+ 0x62, 0x16, 0x95, 0x2a, 0x88, 0xa3, 0xc6, 0x24, 0x94, 0x4b, 0xb0, 0x03,
+ 0x8e, 0xe6, 0x50, 0xd1, 0x63, 0xa2, 0xab, 0x00, 0x16, 0xf4, 0x0a, 0x7d,
+ 0xe6, 0xe0, 0xb9, 0x0c, 0xd8, 0x08, 0xae, 0xf6, 0x80, 0xb7, 0x48, 0xb8,
+ 0x10, 0xd1, 0x77, 0x57, 0x48, 0x2a, 0xc1, 0xf1, 0x4e, 0x61, 0xb4, 0x06,
+ 0x5a, 0xa1, 0xba, 0x32, 0x4a, 0x9a, 0xab, 0x8c, 0xa8, 0xe3, 0xa0, 0x68,
+ 0x39, 0xa3, 0x25, 0x55, 0x48, 0xcd, 0x12, 0x98, 0x14, 0x1b, 0x39, 0x5b,
+ 0xf4, 0x88, 0xbe, 0x5f, 0xac, 0xba, 0x18, 0x20, 0x74, 0x2c, 0xa1, 0x0b,
+ 0xfc, 0xf1, 0x00, 0x85, 0x24, 0x27, 0x3d, 0x80, 0xb6, 0x30, 0x42, 0x7b,
+ 0x74, 0xb0, 0xbf, 0x87, 0x51, 0x9b, 0xa8, 0x1c, 0x79, 0xbd, 0x50, 0x85,
+ 0x66, 0xe1, 0x93, 0xdd, 0xc5, 0x5d, 0x5d, 0xd0, 0xbe, 0xcb, 0x90, 0x36,
+ 0xf8, 0xc6, 0xc2, 0xea, 0xea, 0x40, 0xce, 0xa7, 0xb0, 0xae, 0xc5, 0x44,
+ 0x3a, 0x27, 0xc5, 0x4a, 0xf0, 0x21, 0x4f, 0xf6, 0x63, 0xb1, 0x8c, 0x20,
+ 0x76, 0x65, 0xb5, 0x79, 0x55, 0x10, 0xa5, 0xa7, 0x4b, 0x57, 0x96, 0xb3,
+ 0x03, 0xe6, 0xa8, 0x93, 0xf5, 0xc5, 0xca, 0xe0, 0x1a, 0x23, 0x30, 0x6d,
+ 0x09, 0x07, 0x81, 0x5e, 0x05, 0xc6, 0x1b, 0x7a, 0x0e, 0xde, 0xf3, 0x00,
+ 0x91, 0xf3, 0xbb, 0x4b, 0xa6, 0x8e, 0x96, 0xc3, 0x3a, 0xc8, 0x72, 0x19,
+ 0x23, 0x23, 0xc7, 0x94, 0x46, 0x75, 0xa2, 0xc5, 0x9e, 0xa3, 0x15, 0x86,
+ 0xb4, 0xa7, 0x95, 0xda, 0x16, 0xae, 0x42, 0xe8, 0xcc, 0xf6, 0x41, 0xbc,
+ 0x9c, 0xe8, 0x07, 0xc9, 0x05, 0x3c, 0x74, 0xb2, 0xad, 0x77, 0xc4, 0x08,
+ 0x56, 0x78, 0xb8, 0x65, 0x2a, 0x33, 0x39, 0x82, 0x16, 0x3c, 0x2b, 0x73,
+ 0x41, 0x2a, 0xbc, 0xc8, 0x36, 0x23, 0x2c, 0x23, 0x29, 0xce, 0x94, 0x8a,
+ 0xba, 0x13, 0x3f, 0xfa, 0xcc, 0x6e, 0x17, 0x40, 0xb0, 0xb4, 0x9c, 0xae,
+ 0xf9, 0x72, 0x40, 0xf7, 0x2a, 0xaf, 0x00, 0x17, 0x7e, 0x88, 0x44, 0x4e,
+ 0x32, 0xa4, 0x80, 0x96, 0x53, 0x20, 0xe4, 0xaa, 0x18, 0x9c, 0x69, 0x63,
+ 0xdb, 0x81, 0x73, 0x0e, 0x64, 0x40, 0x12, 0xc1, 0x26, 0x0e, 0xac, 0x4d,
+ 0x38, 0xa6, 0x4c, 0x05, 0xeb, 0x42, 0x1f, 0x88, 0x6e, 0x6c, 0xa3, 0x98,
+ 0x95, 0xc3, 0x5a, 0x31, 0xfc, 0x8a, 0x7c, 0xd6, 0xa5, 0x6c, 0x5a, 0xc9,
+ 0xf5, 0xf2, 0xb0, 0xf7, 0x05, 0x8d, 0x3a, 0x0b, 0x3f, 0x4d, 0x1b, 0x0e,
+ 0x38, 0x7b, 0x1c, 0xe5, 0xd0, 0x75, 0x40, 0x77, 0xc2, 0xe0, 0x8b, 0xa9,
+ 0xfb, 0xa6, 0xa7, 0x13, 0xf0, 0xbc, 0x0c, 0x13, 0xb0, 0x70, 0x3a, 0x2f,
+ 0x20, 0xe7, 0x38, 0xd8, 0x82, 0xa4, 0xc0, 0x06, 0x96, 0x95, 0x75, 0x5c,
+ 0xbc, 0x68, 0xce, 0xee, 0xa6, 0x44, 0xbb, 0xf2, 0x62, 0x14, 0x43, 0x10,
+ 0xe6, 0x0b, 0x5c, 0x66, 0x02, 0xbf, 0x38, 0xe9, 0x8f, 0x19, 0x69, 0x6c,
+ 0x08, 0xfa, 0x93, 0x23, 0xf1, 0x35, 0x5f, 0x33, 0xcf, 0xe2, 0x32, 0x11,
+ 0xda, 0x31, 0xbb, 0xd8, 0xf5, 0x7e, 0x55, 0xc3, 0x6a, 0xa3, 0x04, 0x8c,
+ 0xef, 0x50, 0x67, 0x0f, 0xe9, 0xbb, 0x11, 0x6b, 0xca, 0x5a, 0x23, 0x15,
+ 0xf7, 0x52, 0x8c, 0x69, 0xbb, 0x2d, 0x26, 0xd3, 0x78, 0x32, 0x33, 0x9b,
+ 0x1d, 0x02, 0x7c, 0x22, 0x4b, 0x57, 0x19, 0xec, 0xcd, 0x16, 0x63, 0x5d,
+ 0x1f, 0x0c, 0x67, 0xda, 0x6a, 0xc7, 0x2c, 0xf1, 0x0b, 0xcf, 0x92, 0x10,
+ 0xcb, 0x78, 0x57, 0x67, 0x61, 0x0e, 0xb3, 0x55, 0xb0, 0x17, 0x32, 0x4e,
+ 0x95, 0xf1, 0xcb, 0xb5, 0xdb, 0x5d, 0x8e, 0x38, 0x97, 0x28, 0x46, 0x1e,
+ 0x37, 0x4b, 0x5c, 0x03, 0xf4, 0x84, 0x0c, 0xfc, 0x49, 0x3b, 0xd2, 0xc6,
+ 0x97, 0xd4, 0x4f, 0xef, 0xe6, 0x5c, 0xb2, 0x96, 0x8e, 0xbc, 0x18, 0x9f,
+ 0xec, 0x8a, 0x67, 0x53, 0xe8, 0x2a, 0x41, 0x5c, 0x6e, 0xfe, 0xca, 0x1a,
+ 0xd0, 0x03, 0x4f, 0xe8, 0xd9, 0xb0, 0xe2, 0xa1, 0x6c, 0x32, 0xd5, 0x37,
+ 0x68, 0x9c, 0x6b, 0x30, 0x87, 0xb4, 0x6e, 0xa8, 0xc5, 0x45, 0xe4, 0x74,
+ 0x4a, 0x80, 0x02, 0x84, 0x78, 0x0e, 0x2c, 0x9c, 0x37, 0x07, 0x26, 0x31,
+ 0x88, 0x0a, 0x89, 0xd2, 0xba, 0x8b, 0x09, 0xb2, 0x16, 0x7b, 0x23, 0xa8,
+ 0x0c, 0x82, 0xc4, 0x22, 0xa2, 0x21, 0x2d, 0xa4, 0xa0, 0xeb, 0xe4, 0xa6,
+ 0xd4, 0x16, 0xa0, 0xa7, 0x19, 0x8b, 0x8f, 0x87, 0x9b, 0x53, 0x6c, 0xba,
+ 0x14, 0xa7, 0xc4, 0x64, 0x08, 0xb4, 0x68, 0xda, 0x85, 0xa6, 0x47, 0xbc,
+ 0x58, 0x34, 0xcd, 0x60, 0x43, 0xad, 0x14, 0xd4, 0xca, 0xd7, 0xb1, 0x6c,
+ 0xc0, 0x05, 0x68, 0xaf, 0xa7, 0x08, 0x9d, 0x6a, 0xb0, 0x70, 0x96, 0x81,
+ 0xb8, 0x55, 0xbf, 0xa1, 0xcc, 0xb1, 0x37, 0xe0, 0x94, 0x42, 0x05, 0x0c,
+ 0x83, 0xef, 0x6d, 0xf0, 0x4e, 0xba, 0xe6, 0x78, 0x49, 0xaf, 0x1f, 0x88,
+ 0xf0, 0x18, 0x0c, 0x17, 0x66, 0x92, 0xd8, 0x50, 0x57, 0x3b, 0x8e, 0xc9,
+ 0xd5, 0x8c, 0xfb, 0x9b, 0x78, 0x65, 0x01, 0x76, 0x7a, 0x0e, 0xf0, 0x7f,
+ 0x2b, 0xc4, 0x48, 0x81, 0xc2, 0xb7, 0xc1, 0x6e, 0x4b, 0xc7, 0x33, 0xa3,
+ 0x9b, 0xf1, 0xcf, 0x63, 0x77, 0x52, 0x07, 0xe1, 0x9f, 0xa9, 0x6b, 0xce,
+ 0x02, 0xbf, 0x06, 0x8d, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
+
+const uint8_t kExpectedCiphertext[BCM_MLKEM768_CIPHERTEXT_BYTES] = {
+ 0x8c, 0xfa, 0xd2, 0x09, 0x06, 0x1b, 0xff, 0x23, 0x9f, 0x84, 0x61, 0xfd,
+ 0x69, 0x7a, 0xa6, 0x2c, 0x57, 0x43, 0x64, 0x6b, 0x6b, 0x6b, 0xa3, 0xe1,
+ 0xa9, 0x4f, 0x3e, 0x29, 0xff, 0x3d, 0xb1, 0x84, 0x51, 0x1d, 0x48, 0xe3,
+ 0xf2, 0xf9, 0x5c, 0x9b, 0xf8, 0x05, 0xa1, 0x4c, 0xf4, 0x78, 0xce, 0xd8,
+ 0xc8, 0x0a, 0xc9, 0x71, 0xa7, 0x50, 0x89, 0xde, 0x66, 0x11, 0x68, 0x2c,
+ 0x70, 0x0f, 0xa3, 0x15, 0xa7, 0x8f, 0xa7, 0xd1, 0x49, 0x32, 0x2b, 0xe7,
+ 0xe3, 0x63, 0xff, 0x6b, 0x8c, 0x77, 0xd8, 0x97, 0x6f, 0x6c, 0x80, 0xc2,
+ 0x73, 0x7d, 0xe2, 0x39, 0x6f, 0x61, 0x4f, 0xa3, 0x85, 0x14, 0x8e, 0x68,
+ 0x58, 0x18, 0xba, 0x1c, 0x19, 0x01, 0x4c, 0x06, 0x73, 0x58, 0x4a, 0x9d,
+ 0xdd, 0x2e, 0x78, 0x82, 0x62, 0xbf, 0x15, 0x0c, 0x8e, 0xa7, 0xcf, 0xee,
+ 0xd7, 0x9a, 0x42, 0x30, 0xf5, 0x44, 0xdc, 0x3f, 0xdc, 0x67, 0x5c, 0x06,
+ 0xf0, 0xcf, 0x3b, 0x24, 0x9e, 0xfa, 0xe8, 0x4b, 0x3b, 0x00, 0x01, 0x7c,
+ 0x4d, 0x50, 0xa8, 0xac, 0x30, 0x74, 0xf4, 0x73, 0x98, 0x5e, 0x09, 0x92,
+ 0xbd, 0xe1, 0xc4, 0x3a, 0x9f, 0xd0, 0x62, 0xc8, 0x4e, 0x7f, 0xb0, 0xaa,
+ 0xb3, 0x8c, 0xb5, 0xf9, 0x57, 0xe3, 0x90, 0x9a, 0x94, 0x0d, 0xdb, 0x9e,
+ 0xf7, 0x78, 0xbf, 0x18, 0xd0, 0x02, 0x8e, 0x02, 0x04, 0xbe, 0xee, 0x87,
+ 0x49, 0xb1, 0xfe, 0x28, 0xd2, 0xdb, 0xd0, 0x7a, 0x12, 0x50, 0xa3, 0xc6,
+ 0x32, 0xd6, 0x06, 0xa6, 0xc5, 0xb0, 0xa8, 0xbe, 0x49, 0x8a, 0x8b, 0xfe,
+ 0xf6, 0xb1, 0xe5, 0xb6, 0xf0, 0x61, 0xc6, 0x1f, 0xe7, 0xcb, 0x4d, 0x66,
+ 0xdd, 0xe4, 0xd2, 0x2b, 0x73, 0xbd, 0x03, 0x79, 0x76, 0x05, 0x87, 0x58,
+ 0x6f, 0x6f, 0x8f, 0x20, 0x4f, 0x1f, 0x81, 0xa9, 0x9c, 0x22, 0x8d, 0xbd,
+ 0xef, 0x41, 0x5e, 0x39, 0x9e, 0x90, 0x4b, 0x63, 0x8b, 0x50, 0xac, 0x4f,
+ 0x20, 0x08, 0x82, 0x53, 0x52, 0x86, 0xce, 0x55, 0xf5, 0x21, 0xd7, 0x8c,
+ 0xdf, 0xf3, 0x54, 0x90, 0xed, 0x27, 0xa9, 0x95, 0xbb, 0xec, 0x7a, 0xe2,
+ 0xeb, 0x80, 0x29, 0xca, 0xc9, 0x4b, 0x1a, 0xfe, 0xe8, 0x40, 0xcf, 0x70,
+ 0x37, 0xb3, 0xb8, 0xb3, 0x04, 0xf6, 0xc3, 0x44, 0x1e, 0xf8, 0x40, 0x95,
+ 0xf9, 0x92, 0x97, 0x63, 0xab, 0x35, 0x11, 0x7b, 0x2d, 0x9e, 0x5b, 0xeb,
+ 0xfe, 0x80, 0xfe, 0xc3, 0xc6, 0xa4, 0x8c, 0xac, 0xd2, 0xa5, 0x0d, 0x11,
+ 0xcd, 0xbc, 0xdd, 0x57, 0x9d, 0xf4, 0xbc, 0xdf, 0xbe, 0xa2, 0xfc, 0xcd,
+ 0x2b, 0x83, 0x0e, 0x4e, 0x77, 0x44, 0x10, 0x93, 0xeb, 0xca, 0xec, 0xb6,
+ 0x26, 0x48, 0x45, 0x08, 0x72, 0xd4, 0xfe, 0xa2, 0xe5, 0xc8, 0x12, 0x8f,
+ 0x38, 0xcd, 0xd6, 0xaa, 0x97, 0xd4, 0xad, 0xb3, 0x0b, 0x19, 0x5b, 0x70,
+ 0x50, 0xbf, 0x9d, 0x45, 0xd6, 0x0d, 0xf6, 0x72, 0x08, 0x0f, 0x98, 0xbd,
+ 0x1f, 0x39, 0xea, 0x4c, 0x76, 0xa8, 0x6e, 0xc2, 0x24, 0xe3, 0x3d, 0xf4,
+ 0x40, 0xe8, 0x68, 0xfe, 0xaf, 0xeb, 0xae, 0x65, 0x84, 0x86, 0x10, 0xb6,
+ 0x58, 0x75, 0xb9, 0x22, 0x6d, 0x74, 0x5d, 0xa7, 0xc0, 0x17, 0x10, 0x0f,
+ 0x36, 0x5f, 0x99, 0xf3, 0x60, 0x39, 0xeb, 0x6e, 0x04, 0x4d, 0x29, 0xc7,
+ 0xec, 0x2a, 0x1d, 0x8f, 0x5c, 0x23, 0x84, 0xba, 0x65, 0xe9, 0xab, 0x32,
+ 0xd4, 0x62, 0xd1, 0x53, 0xb8, 0x71, 0x40, 0x9a, 0xf0, 0x05, 0xdb, 0xa0,
+ 0x5a, 0xca, 0xeb, 0xb0, 0xbf, 0xfe, 0x7e, 0x19, 0x32, 0x42, 0xef, 0xab,
+ 0xf3, 0x49, 0x13, 0x50, 0x08, 0x98, 0xcd, 0xcf, 0x5a, 0x77, 0x5d, 0xe6,
+ 0x3f, 0x9d, 0xa0, 0x21, 0x98, 0xcb, 0x78, 0x69, 0xd8, 0x22, 0xdb, 0xae,
+ 0x87, 0x2c, 0x38, 0x0a, 0x96, 0xa2, 0x30, 0x8f, 0x37, 0xe4, 0xc5, 0x94,
+ 0x57, 0x40, 0x30, 0xa0, 0x4e, 0x7c, 0xfe, 0x6f, 0x2e, 0x15, 0x88, 0x7b,
+ 0xf2, 0x22, 0x9c, 0x95, 0x7e, 0xd6, 0x2d, 0x37, 0xd4, 0x13, 0x95, 0x31,
+ 0xf6, 0xbb, 0xf4, 0xaf, 0x33, 0x42, 0xf0, 0x45, 0xb1, 0xa8, 0xb4, 0x09,
+ 0x9a, 0x6d, 0x7a, 0xdb, 0xb0, 0xf2, 0x00, 0xdc, 0x77, 0x6a, 0x43, 0xf1,
+ 0xbb, 0x56, 0xc5, 0x7c, 0xee, 0xa6, 0xd6, 0x10, 0xa0, 0x81, 0xca, 0x28,
+ 0xab, 0x48, 0xb4, 0x72, 0xbc, 0xe6, 0xe2, 0x24, 0xef, 0x49, 0xdc, 0xb5,
+ 0x1f, 0x83, 0xe7, 0xda, 0xdd, 0x73, 0x5c, 0x7b, 0x85, 0x4a, 0x15, 0x7b,
+ 0xcb, 0xf1, 0x14, 0x6b, 0x32, 0xef, 0xce, 0xaf, 0x37, 0x04, 0xa4, 0x1e,
+ 0xcb, 0x1b, 0x84, 0x1d, 0xdb, 0xbf, 0x2f, 0x88, 0x89, 0xf4, 0x5e, 0xb0,
+ 0x32, 0x99, 0x81, 0x9c, 0x8a, 0xb0, 0xfd, 0x28, 0x6f, 0xc9, 0xe9, 0xaf,
+ 0x60, 0x11, 0xa5, 0x8d, 0xa4, 0xfb, 0x93, 0x91, 0x7a, 0xa0, 0xd2, 0xcd,
+ 0xda, 0x4d, 0xf3, 0xfe, 0xc8, 0x55, 0x4f, 0x26, 0x9d, 0x56, 0x87, 0x12,
+ 0xfe, 0x93, 0x3e, 0x34, 0xf5, 0x3d, 0x4f, 0x6e, 0x26, 0x56, 0xf7, 0x80,
+ 0xa2, 0xb9, 0x0f, 0xa1, 0xf8, 0x72, 0xb0, 0xaa, 0xec, 0xe2, 0x97, 0xd0,
+ 0x3a, 0x6d, 0xe5, 0xe9, 0x12, 0x1b, 0x32, 0x0a, 0xdb, 0x52, 0x8f, 0x9d,
+ 0xd0, 0xff, 0x67, 0xcc, 0x63, 0x41, 0x32, 0x2f, 0xe7, 0x0c, 0xb0, 0xa5,
+ 0x73, 0xc5, 0xc3, 0x54, 0x75, 0x06, 0x8e, 0x36, 0x54, 0xea, 0x9c, 0x6b,
+ 0x60, 0xee, 0x10, 0x06, 0xd2, 0xb3, 0x8c, 0xe3, 0x09, 0xfe, 0x1e, 0x47,
+ 0xc3, 0xd5, 0x6c, 0x0d, 0x0c, 0x84, 0x5e, 0x4f, 0x01, 0xfa, 0xcf, 0xae,
+ 0xc1, 0xac, 0xd9, 0xb0, 0x03, 0x74, 0x8e, 0xc5, 0x57, 0x51, 0x96, 0x23,
+ 0x72, 0xc6, 0x81, 0x7f, 0xf1, 0x6c, 0x29, 0xea, 0x31, 0x2a, 0x23, 0xbb,
+ 0x88, 0x6f, 0x01, 0xa2, 0x2f, 0x69, 0xd2, 0x1c, 0xe8, 0x1e, 0x63, 0x44,
+ 0xd9, 0x90, 0x0b, 0x57, 0x78, 0xc6, 0xd1, 0xb3, 0xf6, 0x97, 0x99, 0xd8,
+ 0x09, 0xe0, 0x9d, 0x69, 0x00, 0xa0, 0xd4, 0xe0, 0x80, 0xfd, 0xdf, 0x23,
+ 0x3a, 0xf8, 0xc0, 0x97, 0xea, 0xb6, 0xbf, 0x87, 0x75, 0x40, 0x1e, 0x0d,
+ 0x1e, 0x6c, 0x84, 0xa4, 0x7e, 0xbb, 0xa3, 0x02, 0x76, 0x76, 0xc8, 0x4e,
+ 0x8b, 0x21, 0x3d, 0x27, 0xbc, 0x38, 0x0f, 0x79, 0xfb, 0xc5, 0xdd, 0x37,
+ 0x67, 0xcb, 0x61, 0x5a, 0x12, 0x85, 0x31, 0x91, 0x3e, 0x7a, 0x4b, 0x6c,
+ 0xfd, 0x4e, 0x54, 0x47, 0xfc, 0xc5, 0x2e, 0x34, 0xe4, 0xaa, 0x3d, 0xa2,
+ 0xd3, 0x1d, 0x15, 0xbc, 0xea, 0xa7, 0xe3, 0xcd, 0xd6, 0x49, 0xee, 0x06,
+ 0x11, 0x2b, 0xf1, 0x58, 0x81, 0xdd, 0x99, 0xe1, 0xbd, 0x63, 0xa0, 0xd7,
+ 0xa0, 0x4b, 0x01, 0xab, 0xf3, 0x5c, 0x35, 0xf0, 0xb0, 0xdc, 0xd0, 0x87,
+ 0x78, 0x02, 0xec, 0x99, 0x0e, 0xb2, 0x23, 0x8b, 0xb1, 0x44, 0x93, 0x65,
+ 0xd5, 0x1c, 0x00, 0x7e, 0x98, 0xb3, 0x5e, 0xf9, 0xca, 0xbc, 0x26, 0x38,
+ 0x18, 0x22, 0x14, 0x3c, 0xed, 0x8d, 0x54, 0xa4, 0x05, 0x00, 0x7f, 0xfb,
+ 0xd5, 0x73, 0x77, 0xf4, 0x98, 0xa0, 0xf7, 0x60, 0xb4, 0x47, 0x10, 0x75,
+ 0x30, 0x2d, 0xde, 0x9c, 0x3e, 0x08, 0x8f, 0xe5, 0xc9, 0x5a, 0xd9, 0x20,
+ 0xf3, 0x97, 0xb5, 0xd1, 0xb3, 0x90, 0x23, 0x6f, 0x9f, 0x5e, 0xf1, 0x0f,
+ 0x76, 0x18, 0xbf, 0x2b, 0x23, 0x8e, 0x45, 0x3f, 0xaf, 0x2b, 0x53, 0x78,
+ 0x27, 0xa2, 0xf6, 0x07, 0x2b, 0x61, 0x24, 0x5b, 0xc7, 0x2e, 0x25, 0xf1,
+ 0xb3, 0x4c, 0x50, 0xe8, 0x6d, 0xee, 0x56, 0x52, 0x37, 0xd0, 0x6e, 0xd6,
+ 0xcb, 0xc8, 0x2a, 0xb1, 0xba, 0x49, 0xc7, 0x5a, 0x55, 0x3c, 0x6f, 0x16,
+ 0x64, 0x08, 0xa6, 0x46, 0x09, 0x37, 0x86, 0x0b, 0xe7, 0x7e, 0x2d, 0xf4,
+ 0x96, 0x80, 0x41, 0x77, 0x1a, 0xf9, 0xd2, 0xe0, 0xf3, 0x64, 0x0e, 0x3f,
+ 0x3d, 0xe1, 0xec, 0x63, 0x40, 0x10, 0x15, 0xcf, 0x4c, 0xc9, 0x1c, 0x9b,
+ 0x9f, 0xe8, 0x50, 0x27, 0xc2, 0x54, 0x44, 0x14, 0xb6, 0x2e, 0xe4, 0x53,
+ 0xf2, 0x60, 0x8a, 0xb6, 0x1c, 0x14, 0xb6, 0x25, 0xf2, 0x44, 0x59, 0xb7,
+ 0x67, 0x3b, 0x94, 0x88, 0x15, 0x70, 0x6f, 0xa8};
+
+const uint8_t kExpectedSharedSecret[BCM_MLKEM_SHARED_SECRET_BYTES] = {
+ 0x7d, 0x9f, 0x1c, 0xb4, 0xae, 0x04, 0xd7, 0x5f, 0xa6, 0x57, 0x5a,
+ 0xe0, 0xe4, 0x29, 0xb5, 0x73, 0xa9, 0x74, 0xb7, 0xa1, 0x25, 0xbd,
+ 0xfb, 0x8a, 0x6e, 0x0f, 0x19, 0xba, 0xe1, 0x16, 0xae, 0x81};
+
+const uint8_t
+ kExpectedImplicitRejectionSharedSecret[BCM_MLKEM_SHARED_SECRET_BYTES] = {
+ 0xa3, 0x19, 0x2a, 0x8c, 0x88, 0xfc, 0x99, 0x6d, 0x2d, 0xf9, 0x85,
+ 0x8d, 0x2c, 0x55, 0x36, 0x39, 0x93, 0xf0, 0x49, 0x4d, 0x7e, 0xc0,
+ 0xbe, 0x5a, 0x56, 0x7b, 0x8a, 0x42, 0x43, 0xa5, 0x74, 0x5d};
diff --git a/src/crypto/fipsmodule/mlkem/mlkem.cc.inc b/src/crypto/fipsmodule/mlkem/mlkem.cc.inc
index c543f3c..c3773cc 100644
--- a/src/crypto/fipsmodule/mlkem/mlkem.cc.inc
+++ b/src/crypto/fipsmodule/mlkem/mlkem.cc.inc
@@ -26,12 +26,19 @@
#include "../../internal.h"
#include "../bcm_interface.h"
+#include "../delocate.h"
#include "../keccak/internal.h"
namespace mlkem {
namespace {
+namespace fips {
+void ensure_keygen_self_test();
+void ensure_encap_self_test();
+void ensure_decap_self_test();
+} // namespace fips
+
// See
// https://csrc.nist.gov/pubs/fips/203/final
@@ -690,7 +697,7 @@
}
template <int RANK>
-void mlkem_generate_key_external_seed(
+void mlkem_generate_key_external_seed_no_self_test(
uint8_t *out_encoded_public_key, private_key<RANK> *priv,
const uint8_t seed[BCM_MLKEM_SEED_BYTES]) {
uint8_t augmented_seed[33];
@@ -727,6 +734,15 @@
OPENSSL_memcpy(priv->fo_failure_secret, seed + 32, 32);
}
+template <int RANK>
+void mlkem_generate_key_external_seed(
+ uint8_t *out_encoded_public_key, private_key<RANK> *priv,
+ const uint8_t seed[BCM_MLKEM_SEED_BYTES]) {
+ fips::ensure_keygen_self_test();
+ mlkem_generate_key_external_seed_no_self_test(out_encoded_public_key, priv,
+ seed);
+}
+
// Encrypts a message with given randomness to
// the ciphertext in |out|. Without applying the Fujisaki-Okamoto transform this
// would not result in a CCA secure scheme, since lattice schemes are vulnerable
@@ -768,9 +784,9 @@
// See section 6.3
template <int RANK>
-void mlkem_decap(uint8_t out_shared_secret[BCM_MLKEM_SHARED_SECRET_BYTES],
- const uint8_t *ciphertext,
- const struct private_key<RANK> *priv) {
+void mlkem_decap_no_self_test(
+ uint8_t out_shared_secret[BCM_MLKEM_SHARED_SECRET_BYTES],
+ const uint8_t *ciphertext, const struct private_key<RANK> *priv) {
uint8_t decrypted[64];
decrypt_cpa(decrypted, priv, ciphertext);
OPENSSL_memcpy(decrypted + 32, priv->pub.public_key_hash,
@@ -794,6 +810,14 @@
}
}
+template <int RANK>
+void mlkem_decap(uint8_t out_shared_secret[BCM_MLKEM_SHARED_SECRET_BYTES],
+ const uint8_t *ciphertext,
+ const struct private_key<RANK> *priv) {
+ fips::ensure_decap_self_test();
+ mlkem_decap_no_self_test(out_shared_secret, ciphertext, priv);
+}
+
// mlkem_parse_public_key_no_hash parses |in| into |pub| but doesn't calculate
// the value of |pub->public_key_hash|.
template <int RANK>
@@ -863,8 +887,8 @@
return (struct public_key<RANK768> *)external;
}
-static struct public_key<RANK1024> *
-public_key_1024_from_external(const struct BCM_mlkem1024_public_key *external) {
+static struct public_key<RANK1024> *public_key_1024_from_external(
+ const struct BCM_mlkem1024_public_key *external) {
static_assert(sizeof(struct BCM_mlkem1024_public_key) >=
sizeof(struct public_key<RANK1024>),
"MLKEM1024 public key is too small");
@@ -874,8 +898,8 @@
return (struct public_key<RANK1024> *)external;
}
-struct private_key<RANK768> *
-private_key_768_from_external(const struct BCM_mlkem768_private_key *external) {
+struct private_key<RANK768> *private_key_768_from_external(
+ const struct BCM_mlkem768_private_key *external) {
static_assert(sizeof(struct BCM_mlkem768_private_key) >=
sizeof(struct private_key<RANK768>),
"MLKEM private key too small");
@@ -885,8 +909,7 @@
return (struct private_key<RANK768> *)external;
}
-struct private_key<RANK1024> *
-private_key_1024_from_external(
+struct private_key<RANK1024> *private_key_1024_from_external(
const struct BCM_mlkem1024_private_key *external) {
static_assert(sizeof(struct BCM_mlkem1024_private_key) >=
sizeof(struct private_key<RANK1024>),
@@ -897,9 +920,196 @@
return (struct private_key<RANK1024> *)external;
}
+// See section 6.2.
+template <int RANK>
+void mlkem_encap_external_entropy_no_self_test(
+ uint8_t *out_ciphertext,
+ uint8_t out_shared_secret[BCM_MLKEM_SHARED_SECRET_BYTES],
+ const struct mlkem::public_key<RANK> *pub,
+ const uint8_t entropy[BCM_MLKEM_ENCAP_ENTROPY]) {
+ uint8_t input[64];
+ OPENSSL_memcpy(input, entropy, BCM_MLKEM_ENCAP_ENTROPY);
+ OPENSSL_memcpy(input + BCM_MLKEM_ENCAP_ENTROPY, pub->public_key_hash,
+ sizeof(input) - BCM_MLKEM_ENCAP_ENTROPY);
+ uint8_t key_and_randomness[64];
+ mlkem::hash_g(key_and_randomness, input, sizeof(input));
+ encrypt_cpa(out_ciphertext, pub, entropy, key_and_randomness + 32);
+ // The ciphertext is public.
+ CONSTTIME_DECLASSIFY(out_ciphertext, mlkem::ciphertext_size(RANK));
+ static_assert(BCM_MLKEM_SHARED_SECRET_BYTES == 32, "");
+ memcpy(out_shared_secret, key_and_randomness, 32);
+}
+
+template <int RANK>
+void mlkem_encap_external_entropy(
+ uint8_t *out_ciphertext,
+ uint8_t out_shared_secret[BCM_MLKEM_SHARED_SECRET_BYTES],
+ const struct mlkem::public_key<RANK> *pub,
+ const uint8_t entropy[BCM_MLKEM_ENCAP_ENTROPY]) {
+ fips::ensure_encap_self_test();
+ mlkem_encap_external_entropy_no_self_test(out_ciphertext, out_shared_secret,
+ pub, entropy);
+}
+
+namespace fips {
+
+#include "fips_known_values.inc"
+
+static int keygen_self_test() {
+ uint8_t pub_key[BCM_MLKEM768_PUBLIC_KEY_BYTES];
+ private_key<RANK768> priv;
+ static_assert(sizeof(kTestEntropy) >= BCM_MLKEM_SEED_BYTES);
+ mlkem_generate_key_external_seed_no_self_test(pub_key, &priv, kTestEntropy);
+ CBB cbb;
+ constexpr size_t kMarshaledPrivateKeySize = 2400;
+ uint8_t priv_bytes[kMarshaledPrivateKeySize];
+ CBB_init_fixed(&cbb, priv_bytes, sizeof(priv_bytes));
+ static_assert(sizeof(kExpectedPrivateKeyBytes) == kMarshaledPrivateKeySize);
+ static_assert(sizeof(kExpectedPublicKeyBytes) == sizeof(pub_key));
+ if (!mlkem_marshal_private_key(&cbb, &priv) ||
+ !BORINGSSL_check_test(kExpectedPrivateKeyBytes, priv_bytes,
+ sizeof(priv_bytes), "ML-KEM keygen private key") ||
+ !BORINGSSL_check_test(kExpectedPublicKeyBytes, pub_key, sizeof(pub_key),
+ "ML-KEM keygen public key")) {
+ return 0;
+ }
+ return 1;
+}
+
+static int encap_self_test() {
+ CBS cbs;
+ CBS_init(&cbs, kExpectedPublicKeyBytes, sizeof(kExpectedPublicKeyBytes));
+ public_key<RANK768> pub;
+ if (!mlkem_parse_public_key(&pub, &cbs)) {
+ return 0;
+ }
+ uint8_t ciphertext[BCM_MLKEM768_CIPHERTEXT_BYTES];
+ uint8_t shared_secret[BCM_MLKEM_SHARED_SECRET_BYTES];
+ static_assert(sizeof(kTestEntropy) >= BCM_MLKEM_ENCAP_ENTROPY);
+ mlkem_encap_external_entropy_no_self_test(ciphertext, shared_secret, &pub,
+ kTestEntropy);
+ if (!BORINGSSL_check_test(ciphertext, kExpectedCiphertext, sizeof(ciphertext),
+ "ML-KEM encap ciphertext") ||
+ !BORINGSSL_check_test(kExpectedSharedSecret, shared_secret,
+ sizeof(kExpectedSharedSecret),
+ "ML-KEM encap shared secret")) {
+ return 0;
+ }
+ return 1;
+}
+
+static int decap_self_test() {
+ CBS cbs;
+ CBS_init(&cbs, kExpectedPrivateKeyBytes, sizeof(kExpectedPrivateKeyBytes));
+ private_key<RANK768> priv;
+ if (!mlkem_parse_private_key(&priv, &cbs)) {
+ return 0;
+ }
+ uint8_t shared_secret[BCM_MLKEM_SHARED_SECRET_BYTES];
+ mlkem_decap_no_self_test(shared_secret, kExpectedCiphertext, &priv);
+ static_assert(sizeof(kExpectedSharedSecret) == sizeof(shared_secret));
+ if (!BORINGSSL_check_test(kExpectedSharedSecret, shared_secret,
+ sizeof(shared_secret),
+ "ML-KEM decap shared secret")) {
+ return 0;
+ }
+
+ uint8_t implicit_rejection_shared_secret[BCM_MLKEM_SHARED_SECRET_BYTES];
+ static_assert(sizeof(kExpectedPrivateKeyBytes) >=
+ sizeof(kExpectedCiphertext));
+ mlkem_decap_no_self_test(implicit_rejection_shared_secret,
+ kExpectedPrivateKeyBytes, &priv);
+ static_assert(sizeof(kExpectedImplicitRejectionSharedSecret) ==
+ sizeof(implicit_rejection_shared_secret));
+ if (!BORINGSSL_check_test(kExpectedImplicitRejectionSharedSecret,
+ implicit_rejection_shared_secret,
+ sizeof(implicit_rejection_shared_secret),
+ "ML-KEM decap implicit rejection shared secret")) {
+ return 0;
+ }
+ return 1;
+}
+
+#if defined(BORINGSSL_FIPS)
+
+DEFINE_STATIC_ONCE(g_mlkem_keygen_self_test_once)
+
+void ensure_keygen_self_test(void) {
+ CRYPTO_once(g_mlkem_keygen_self_test_once_bss_get(), []() {
+ if (!keygen_self_test()) {
+ BORINGSSL_FIPS_abort();
+ }
+ });
+}
+
+DEFINE_STATIC_ONCE(g_mlkem_encap_self_test_once)
+
+void ensure_encap_self_test(void) {
+ CRYPTO_once(g_mlkem_encap_self_test_once_bss_get(), []() {
+ if (!encap_self_test()) {
+ BORINGSSL_FIPS_abort();
+ }
+ });
+}
+
+DEFINE_STATIC_ONCE(g_mlkem_decap_self_test_once)
+
+void ensure_decap_self_test(void) {
+ CRYPTO_once(g_mlkem_decap_self_test_once_bss_get(), []() {
+ if (!decap_self_test()) {
+ BORINGSSL_FIPS_abort();
+ }
+ });
+}
+
+#else
+
+void ensure_keygen_self_test(void) {}
+void ensure_encap_self_test(void) {}
+void ensure_decap_self_test(void) {}
+
+#endif
+} // namespace fips
+
} // namespace
} // namespace mlkem
+bcm_status BCM_mlkem768_check_fips(
+ const struct BCM_mlkem768_private_key *private_key) {
+ mlkem::private_key<RANK768> *priv =
+ mlkem::private_key_768_from_external(private_key);
+
+ const uint8_t entropy[BCM_MLKEM_ENCAP_ENTROPY] = {1, 2, 3, 4};
+ uint8_t ciphertext[BCM_MLKEM768_CIPHERTEXT_BYTES];
+ uint8_t shared_secret[BCM_MLKEM_SHARED_SECRET_BYTES];
+ mlkem_encap_external_entropy_no_self_test(ciphertext, shared_secret,
+ &priv->pub, entropy);
+
+ if (boringssl_fips_break_test("MLKEM_PWCT")) {
+ shared_secret[0] ^= 1;
+ }
+
+ uint8_t shared_secret2[BCM_MLKEM_SHARED_SECRET_BYTES];
+ mlkem::mlkem_decap_no_self_test(shared_secret2, ciphertext, priv);
+ if (CRYPTO_memcmp(shared_secret, shared_secret2, sizeof(shared_secret)) !=
+ 0) {
+ return bcm_status::failure;
+ }
+ return bcm_status::approved;
+}
+
+bcm_status BCM_mlkem768_generate_key_fips(
+ uint8_t out_encoded_public_key[BCM_MLKEM768_PUBLIC_KEY_BYTES],
+ uint8_t optional_out_seed[BCM_MLKEM_SEED_BYTES],
+ struct BCM_mlkem768_private_key *out_private_key) {
+ if (out_encoded_public_key == nullptr || out_private_key == nullptr) {
+ return bcm_status::failure;
+ }
+ BCM_mlkem768_generate_key(out_encoded_public_key, optional_out_seed,
+ out_private_key);
+ return BCM_mlkem768_check_fips(out_private_key);
+}
+
bcm_infallible BCM_mlkem768_generate_key(
uint8_t out_encoded_public_key[BCM_MLKEM768_PUBLIC_KEY_BYTES],
uint8_t optional_out_seed[BCM_MLKEM_SEED_BYTES],
@@ -912,7 +1122,7 @@
}
BCM_mlkem768_generate_key_external_seed(out_encoded_public_key,
out_private_key, seed);
- return bcm_infallible::approved;
+ return bcm_infallible::not_approved;
}
bcm_status BCM_mlkem768_private_key_from_seed(
@@ -921,12 +1131,49 @@
if (seed_len != BCM_MLKEM_SEED_BYTES) {
return bcm_status::failure;
}
+
uint8_t public_key_bytes[BCM_MLKEM768_PUBLIC_KEY_BYTES];
BCM_mlkem768_generate_key_external_seed(public_key_bytes, out_private_key,
seed);
+ return bcm_status::not_approved;
+}
+
+bcm_status BCM_mlkem1024_check_fips(
+ const struct BCM_mlkem1024_private_key *private_key) {
+ mlkem::private_key<RANK1024> *priv =
+ mlkem::private_key_1024_from_external(private_key);
+
+ const uint8_t entropy[BCM_MLKEM_ENCAP_ENTROPY] = {1, 2, 3, 4};
+ uint8_t ciphertext[BCM_MLKEM1024_CIPHERTEXT_BYTES];
+ uint8_t shared_secret[BCM_MLKEM_SHARED_SECRET_BYTES];
+ mlkem_encap_external_entropy_no_self_test(ciphertext, shared_secret,
+ &priv->pub, entropy);
+
+ if (boringssl_fips_break_test("MLKEM_PWCT")) {
+ shared_secret[0] ^= 1;
+ }
+
+ uint8_t shared_secret2[BCM_MLKEM_SHARED_SECRET_BYTES];
+ mlkem::mlkem_decap_no_self_test(shared_secret2, ciphertext, priv);
+ if (CRYPTO_memcmp(shared_secret, shared_secret2, sizeof(shared_secret)) !=
+ 0) {
+ return bcm_status::failure;
+ }
return bcm_status::approved;
}
+bcm_status BCM_mlkem1024_generate_key_fips(
+ uint8_t out_encoded_public_key[BCM_MLKEM1024_PUBLIC_KEY_BYTES],
+ uint8_t optional_out_seed[BCM_MLKEM_SEED_BYTES],
+ struct BCM_mlkem1024_private_key *out_private_key) {
+ if (out_encoded_public_key == nullptr || out_private_key == nullptr) {
+ return bcm_status::failure;
+ }
+ BCM_mlkem1024_generate_key(out_encoded_public_key, optional_out_seed,
+ out_private_key);
+ return BCM_mlkem1024_check_fips(out_private_key);
+}
+
bcm_infallible BCM_mlkem1024_generate_key(
uint8_t out_encoded_public_key[BCM_MLKEM1024_PUBLIC_KEY_BYTES],
uint8_t optional_out_seed[BCM_MLKEM_SEED_BYTES],
@@ -939,7 +1186,7 @@
}
BCM_mlkem1024_generate_key_external_seed(out_encoded_public_key,
out_private_key, seed);
- return bcm_infallible::approved;
+ return bcm_infallible::not_approved;
}
bcm_status BCM_mlkem1024_private_key_from_seed(
@@ -951,7 +1198,7 @@
uint8_t public_key_bytes[BCM_MLKEM1024_PUBLIC_KEY_BYTES];
BCM_mlkem1024_generate_key_external_seed(public_key_bytes, out_private_key,
seed);
- return bcm_status::approved;
+ return bcm_status::not_approved;
}
bcm_infallible BCM_mlkem768_generate_key_external_seed(
@@ -1022,26 +1269,6 @@
return bcm_infallible::approved;
}
-// See section 6.2.
-template <int RANK>
-void mlkem_encap_external_entropy(
- uint8_t *out_ciphertext,
- uint8_t out_shared_secret[BCM_MLKEM_SHARED_SECRET_BYTES],
- const struct mlkem::public_key<RANK> *pub,
- const uint8_t entropy[BCM_MLKEM_ENCAP_ENTROPY]) {
- uint8_t input[64];
- OPENSSL_memcpy(input, entropy, BCM_MLKEM_ENCAP_ENTROPY);
- OPENSSL_memcpy(input + BCM_MLKEM_ENCAP_ENTROPY, pub->public_key_hash,
- sizeof(input) - BCM_MLKEM_ENCAP_ENTROPY);
- uint8_t key_and_randomness[64];
- mlkem::hash_g(key_and_randomness, input, sizeof(input));
- encrypt_cpa(out_ciphertext, pub, entropy, key_and_randomness + 32);
- // The ciphertext is public.
- CONSTTIME_DECLASSIFY(out_ciphertext, mlkem::ciphertext_size(RANK));
- static_assert(BCM_MLKEM_SHARED_SECRET_BYTES == 32, "");
- memcpy(out_shared_secret, key_and_randomness, 32);
-}
-
bcm_infallible BCM_mlkem768_encap_external_entropy(
uint8_t out_ciphertext[BCM_MLKEM768_CIPHERTEXT_BYTES],
uint8_t out_shared_secret[BCM_MLKEM_SHARED_SECRET_BYTES],
@@ -1163,3 +1390,8 @@
}
return bcm_status::approved;
}
+
+int boringssl_self_test_mlkem() {
+ return mlkem::fips::keygen_self_test() && mlkem::fips::encap_self_test() &&
+ mlkem::fips::decap_self_test();
+}
diff --git a/src/crypto/fipsmodule/rand/internal.h b/src/crypto/fipsmodule/rand/internal.h
index 7ffe617..e791edf 100644
--- a/src/crypto/fipsmodule/rand/internal.h
+++ b/src/crypto/fipsmodule/rand/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_CRYPTO_RAND_INTERNAL_H
-#define OPENSSL_HEADER_CRYPTO_RAND_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_FIPSMODULE_RAND_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_FIPSMODULE_RAND_INTERNAL_H
#include <openssl/aes.h>
#include <openssl/ctrdrbg.h>
@@ -81,4 +81,4 @@
} // extern C
#endif
-#endif // OPENSSL_HEADER_CRYPTO_RAND_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_FIPSMODULE_RAND_INTERNAL_H
diff --git a/src/crypto/fipsmodule/rand/rand.cc.inc b/src/crypto/fipsmodule/rand/rand.cc.inc
index 0200fa5..f531b44 100644
--- a/src/crypto/fipsmodule/rand/rand.cc.inc
+++ b/src/crypto/fipsmodule/rand/rand.cc.inc
@@ -140,7 +140,7 @@
}
#if defined(OPENSSL_X86_64) && !defined(OPENSSL_NO_ASM) && \
- !defined(BORINGSSL_UNSAFE_DETERMINISTIC_MODE)
+ !defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
// rdrand should only be called if either |have_rdrand| or |have_fast_rdrand|
// returned true.
static int rdrand(uint8_t *buf, const size_t len) {
diff --git a/src/crypto/fipsmodule/rsa/internal.h b/src/crypto/fipsmodule/rsa/internal.h
index 6636104..94719ce 100644
--- a/src/crypto/fipsmodule/rsa/internal.h
+++ b/src/crypto/fipsmodule/rsa/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_RSA_INTERNAL_H
-#define OPENSSL_HEADER_RSA_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_FIPSMODULE_RSA_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_FIPSMODULE_RSA_INTERNAL_H
#include <openssl/base.h>
@@ -167,4 +167,4 @@
} // extern C
#endif
-#endif // OPENSSL_HEADER_RSA_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_FIPSMODULE_RSA_INTERNAL_H
diff --git a/src/crypto/fipsmodule/rsa/padding.cc.inc b/src/crypto/fipsmodule/rsa/padding.cc.inc
index b671382..d86627f 100644
--- a/src/crypto/fipsmodule/rsa/padding.cc.inc
+++ b/src/crypto/fipsmodule/rsa/padding.cc.inc
@@ -121,8 +121,7 @@
int PKCS1_MGF1(uint8_t *out, size_t len, const uint8_t *seed, size_t seed_len,
const EVP_MD *md) {
int ret = 0;
- EVP_MD_CTX ctx;
- EVP_MD_CTX_init(&ctx);
+ bssl::ScopedEVP_MD_CTX ctx;
FIPS_service_indicator_lock_state();
size_t md_len = EVP_MD_size(md);
@@ -133,21 +132,21 @@
counter[1] = (uint8_t)(i >> 16);
counter[2] = (uint8_t)(i >> 8);
counter[3] = (uint8_t)i;
- if (!EVP_DigestInit_ex(&ctx, md, NULL) ||
- !EVP_DigestUpdate(&ctx, seed, seed_len) ||
- !EVP_DigestUpdate(&ctx, counter, sizeof(counter))) {
+ if (!EVP_DigestInit_ex(ctx.get(), md, nullptr) ||
+ !EVP_DigestUpdate(ctx.get(), seed, seed_len) ||
+ !EVP_DigestUpdate(ctx.get(), counter, sizeof(counter))) {
goto err;
}
if (md_len <= len) {
- if (!EVP_DigestFinal_ex(&ctx, out, NULL)) {
+ if (!EVP_DigestFinal_ex(ctx.get(), out, nullptr)) {
goto err;
}
out += md_len;
len -= md_len;
} else {
uint8_t digest[EVP_MAX_MD_SIZE];
- if (!EVP_DigestFinal_ex(&ctx, digest, NULL)) {
+ if (!EVP_DigestFinal_ex(ctx.get(), digest, nullptr)) {
goto err;
}
OPENSSL_memcpy(out, digest, len);
@@ -158,7 +157,6 @@
ret = 1;
err:
- EVP_MD_CTX_cleanup(&ctx);
FIPS_service_indicator_unlock_state();
return ret;
}
@@ -175,8 +173,7 @@
int ret = 0;
uint8_t *DB = NULL;
const uint8_t *H;
- EVP_MD_CTX ctx;
- EVP_MD_CTX_init(&ctx);
+ bssl::ScopedEVP_MD_CTX ctx;
unsigned MSBits;
size_t emLen, maskedDBLen, salt_start;
FIPS_service_indicator_lock_state();
@@ -247,11 +244,11 @@
goto err;
}
uint8_t H_[EVP_MAX_MD_SIZE];
- if (!EVP_DigestInit_ex(&ctx, Hash, NULL) ||
- !EVP_DigestUpdate(&ctx, kPSSZeroes, sizeof(kPSSZeroes)) ||
- !EVP_DigestUpdate(&ctx, mHash, hLen) ||
- !EVP_DigestUpdate(&ctx, DB + salt_start, maskedDBLen - salt_start) ||
- !EVP_DigestFinal_ex(&ctx, H_, NULL)) {
+ if (!EVP_DigestInit_ex(ctx.get(), Hash, NULL) ||
+ !EVP_DigestUpdate(ctx.get(), kPSSZeroes, sizeof(kPSSZeroes)) ||
+ !EVP_DigestUpdate(ctx.get(), mHash, hLen) ||
+ !EVP_DigestUpdate(ctx.get(), DB + salt_start, maskedDBLen - salt_start) ||
+ !EVP_DigestFinal_ex(ctx.get(), H_, NULL)) {
goto err;
}
if (OPENSSL_memcmp(H_, H, hLen) != 0) {
@@ -263,7 +260,6 @@
err:
OPENSSL_free(DB);
- EVP_MD_CTX_cleanup(&ctx);
FIPS_service_indicator_unlock_state();
return ret;
}
@@ -272,7 +268,8 @@
const unsigned char *mHash,
const EVP_MD *Hash, const EVP_MD *mgf1Hash,
int sLenRequested) {
- int ret = 0, digest_ok;
+ int ret = 0;
+ bssl::ScopedEVP_MD_CTX ctx;
size_t maskedDBLen, MSBits, emLen;
size_t hLen;
unsigned char *H, *salt = NULL, *p;
@@ -333,15 +330,11 @@
maskedDBLen = emLen - hLen - 1;
H = EM + maskedDBLen;
- EVP_MD_CTX ctx;
- EVP_MD_CTX_init(&ctx);
- digest_ok = EVP_DigestInit_ex(&ctx, Hash, NULL) &&
- EVP_DigestUpdate(&ctx, kPSSZeroes, sizeof(kPSSZeroes)) &&
- EVP_DigestUpdate(&ctx, mHash, hLen) &&
- EVP_DigestUpdate(&ctx, salt, sLen) &&
- EVP_DigestFinal_ex(&ctx, H, NULL);
- EVP_MD_CTX_cleanup(&ctx);
- if (!digest_ok) {
+ if (!EVP_DigestInit_ex(ctx.get(), Hash, NULL) ||
+ !EVP_DigestUpdate(ctx.get(), kPSSZeroes, sizeof(kPSSZeroes)) ||
+ !EVP_DigestUpdate(ctx.get(), mHash, hLen) ||
+ !EVP_DigestUpdate(ctx.get(), salt, sLen) ||
+ !EVP_DigestFinal_ex(ctx.get(), H, NULL)) {
goto err;
}
diff --git a/src/crypto/fipsmodule/rsa/rsa.cc.inc b/src/crypto/fipsmodule/rsa/rsa.cc.inc
index 0240e8a..ebcd558 100644
--- a/src/crypto/fipsmodule/rsa/rsa.cc.inc
+++ b/src/crypto/fipsmodule/rsa/rsa.cc.inc
@@ -718,15 +718,15 @@
// Note |bn_mul_consttime| and |bn_div_consttime| do not scale linearly, but
// checking |ainv| is in range bounds the running time, assuming |m|'s bounds
// were checked by the caller.
- BN_CTX_start(ctx);
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *tmp = BN_CTX_get(ctx);
- int ret = tmp != NULL && bn_mul_consttime(tmp, a, ainv, ctx) &&
- bn_div_consttime(NULL, tmp, tmp, m, m_min_bits, ctx);
- if (ret) {
- *out_ok = constant_time_declassify_int(BN_is_one(tmp));
+ if (tmp == nullptr || //
+ !bn_mul_consttime(tmp, a, ainv, ctx) ||
+ !bn_div_consttime(NULL, tmp, tmp, m, m_min_bits, ctx)) {
+ return 0;
}
- BN_CTX_end(ctx);
- return ret;
+ *out_ok = constant_time_declassify_int(BN_is_one(tmp));
+ return 1;
}
int RSA_check_key(const RSA *key) {
diff --git a/src/crypto/fipsmodule/rsa/rsa_impl.cc.inc b/src/crypto/fipsmodule/rsa/rsa_impl.cc.inc
index 79e2789..e5c34f1 100644
--- a/src/crypto/fipsmodule/rsa/rsa_impl.cc.inc
+++ b/src/crypto/fipsmodule/rsa/rsa_impl.cc.inc
@@ -31,6 +31,10 @@
#include "internal.h"
+static_assert(OPENSSL_RSA_MAX_MODULUS_BITS <=
+ BN_MONTGOMERY_MAX_WORDS * BN_BITS2,
+ "Max RSA size too big for Montgomery arithmetic");
+
int rsa_check_public_key(const RSA *rsa) {
if (rsa->n == NULL) {
OPENSSL_PUT_ERROR(RSA, RSA_R_VALUE_MISSING);
@@ -442,8 +446,6 @@
}
const unsigned rsa_size = RSA_size(rsa);
- BIGNUM *f, *result;
-
if (max_out < rsa_size) {
OPENSSL_PUT_ERROR(RSA, RSA_R_OUTPUT_BUFFER_TOO_SMALL);
return 0;
@@ -454,18 +456,17 @@
return 0;
}
- BN_CTX *ctx = BN_CTX_new();
- if (ctx == NULL) {
+ bssl::UniquePtr<BN_CTX> ctx(BN_CTX_new());
+ if (ctx == nullptr) {
return 0;
}
int ret = 0;
- uint8_t *buf = NULL;
-
- BN_CTX_start(ctx);
- f = BN_CTX_get(ctx);
- result = BN_CTX_get(ctx);
- if (f == NULL || result == NULL) {
+ uint8_t *buf = nullptr;
+ bssl::BN_CTXScope scope(ctx.get());
+ BIGNUM *f = BN_CTX_get(ctx.get());
+ BIGNUM *result = BN_CTX_get(ctx.get());
+ if (f == nullptr || result == nullptr) {
goto err;
}
@@ -474,12 +475,12 @@
} else {
// Allocate a temporary buffer to hold the padded plaintext.
buf = reinterpret_cast<uint8_t *>(OPENSSL_malloc(rsa_size));
- if (buf == NULL) {
+ if (buf == nullptr) {
goto err;
}
}
- if (BN_bin2bn(in, in_len, f) == NULL) {
+ if (BN_bin2bn(in, in_len, f) == nullptr) {
goto err;
}
@@ -488,8 +489,9 @@
goto err;
}
- if (!BN_MONT_CTX_set_locked(&rsa->mont_n, &rsa->lock, rsa->n, ctx) ||
- !BN_mod_exp_mont(result, f, rsa->e, &rsa->mont_n->N, ctx, rsa->mont_n)) {
+ if (!BN_MONT_CTX_set_locked(&rsa->mont_n, &rsa->lock, rsa->n, ctx.get()) ||
+ !BN_mod_exp_mont(result, f, rsa->e, &rsa->mont_n->N, ctx.get(),
+ rsa->mont_n)) {
goto err;
}
@@ -518,8 +520,6 @@
}
err:
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
if (buf != out) {
OPENSSL_free(buf);
}
@@ -535,32 +535,28 @@
int rsa_default_private_transform(RSA *rsa, uint8_t *out, const uint8_t *in,
size_t len) {
- if (rsa->n == NULL || rsa->d == NULL) {
+ if (rsa->n == nullptr || rsa->d == nullptr) {
OPENSSL_PUT_ERROR(RSA, RSA_R_VALUE_MISSING);
return 0;
}
- BIGNUM *f, *result;
- BN_CTX *ctx = NULL;
- size_t blinding_index = 0;
- BN_BLINDING *blinding = NULL;
- int ret = 0, do_blinding;
-
- ctx = BN_CTX_new();
- if (ctx == NULL) {
- goto err;
+ bssl::UniquePtr<BN_CTX> ctx(BN_CTX_new());
+ if (ctx == nullptr) {
+ return 0;
}
- BN_CTX_start(ctx);
- f = BN_CTX_get(ctx);
- result = BN_CTX_get(ctx);
-
- if (f == NULL || result == NULL) {
+ size_t blinding_index = 0;
+ BN_BLINDING *blinding = nullptr;
+ int ret = 0, do_blinding;
+ bssl::BN_CTXScope scope(ctx.get());
+ BIGNUM *f = BN_CTX_get(ctx.get());
+ BIGNUM *result = BN_CTX_get(ctx.get());
+ if (f == nullptr || result == nullptr) {
goto err;
}
// The caller should have ensured this.
assert(len == BN_num_bytes(rsa->n));
- if (BN_bin2bn(in, len, f) == NULL) {
+ if (BN_bin2bn(in, len, f) == nullptr) {
goto err;
}
@@ -572,7 +568,7 @@
goto err;
}
- if (!freeze_private_key(rsa, ctx)) {
+ if (!freeze_private_key(rsa, ctx.get())) {
OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR);
goto err;
}
@@ -580,7 +576,7 @@
do_blinding =
(rsa->flags & (RSA_FLAG_NO_BLINDING | RSA_FLAG_NO_PUBLIC_EXPONENT)) == 0;
- if (rsa->e == NULL && do_blinding) {
+ if (rsa->e == nullptr && do_blinding) {
// We cannot do blinding or verification without |e|, and continuing without
// those countermeasures is dangerous. However, the Java/Android RSA API
// requires support for keys where only |d| and |n| (and not |e|) are known.
@@ -594,29 +590,29 @@
}
if (do_blinding) {
- blinding = rsa_blinding_get(rsa, &blinding_index, ctx);
- if (blinding == NULL) {
+ blinding = rsa_blinding_get(rsa, &blinding_index, ctx.get());
+ if (blinding == nullptr) {
OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR);
goto err;
}
- if (!BN_BLINDING_convert(f, blinding, rsa->e, rsa->mont_n, ctx)) {
+ if (!BN_BLINDING_convert(f, blinding, rsa->e, rsa->mont_n, ctx.get())) {
goto err;
}
}
- if (rsa->p != NULL && rsa->q != NULL && rsa->e != NULL && rsa->dmp1 != NULL &&
- rsa->dmq1 != NULL && rsa->iqmp != NULL &&
+ if (rsa->p != nullptr && rsa->q != nullptr && rsa->e != nullptr &&
+ rsa->dmp1 != nullptr && rsa->dmq1 != nullptr && rsa->iqmp != nullptr &&
// Require that we can reduce |f| by |rsa->p| and |rsa->q| in constant
// time, which requires primes be the same size, rounded to the Montgomery
// coefficient. (See |mod_montgomery|.) This is not required by RFC 8017,
// but it is true for keys generated by us and all common implementations.
bn_less_than_montgomery_R(rsa->q, rsa->mont_p) &&
bn_less_than_montgomery_R(rsa->p, rsa->mont_q)) {
- if (!rsa_mod_exp_crt(result, f, rsa, ctx)) {
+ if (!rsa_mod_exp_crt(result, f, rsa, ctx.get())) {
goto err;
}
- } else if (!BN_mod_exp_mont_consttime(result, f, rsa->d_fixed, rsa->n, ctx,
- rsa->mont_n)) {
+ } else if (!BN_mod_exp_mont_consttime(result, f, rsa->d_fixed, rsa->n,
+ ctx.get(), rsa->mont_n)) {
goto err;
}
@@ -630,17 +626,19 @@
//
// This check is cheap assuming |e| is small, which we require in
// |rsa_check_public_key|.
- if (rsa->e != NULL) {
- BIGNUM *vrfy = BN_CTX_get(ctx);
- if (vrfy == NULL ||
- !BN_mod_exp_mont(vrfy, result, rsa->e, rsa->n, ctx, rsa->mont_n) ||
+ if (rsa->e != nullptr) {
+ BIGNUM *vrfy = BN_CTX_get(ctx.get());
+ if (vrfy == nullptr ||
+ !BN_mod_exp_mont(vrfy, result, rsa->e, rsa->n, ctx.get(),
+ rsa->mont_n) ||
!constant_time_declassify_int(BN_equal_consttime(vrfy, f))) {
OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR);
goto err;
}
}
- if (do_blinding && !BN_BLINDING_invert(result, blinding, rsa->mont_n, ctx)) {
+ if (do_blinding &&
+ !BN_BLINDING_invert(result, blinding, rsa->mont_n, ctx.get())) {
goto err;
}
@@ -659,11 +657,7 @@
ret = 1;
err:
- if (ctx != NULL) {
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
- if (blinding != NULL) {
+ if (blinding != nullptr) {
rsa_blinding_release(rsa, blinding, blinding_index);
}
@@ -713,23 +707,19 @@
assert(rsa->dmq1 != NULL);
assert(rsa->iqmp != NULL);
- BIGNUM *r1, *m1;
- int ret = 0;
-
- BN_CTX_start(ctx);
- r1 = BN_CTX_get(ctx);
- m1 = BN_CTX_get(ctx);
- BIGNUM *n, *p, *q;
+ bssl::BN_CTXScope scope(ctx);
+ BIGNUM *r1 = BN_CTX_get(ctx);
+ BIGNUM *m1 = BN_CTX_get(ctx);
if (r1 == NULL || m1 == NULL) {
- goto err;
+ return 0;
}
// Use the minimal-width versions of |n|, |p|, and |q|. Either works, but if
// someone gives us non-minimal values, these will be slightly more efficient
// on the non-Montgomery operations.
- n = &rsa->mont_n->N;
- p = &rsa->mont_p->N;
- q = &rsa->mont_q->N;
+ BIGNUM *n = &rsa->mont_n->N;
+ BIGNUM *p = &rsa->mont_p->N;
+ BIGNUM *q = &rsa->mont_q->N;
// This is a pre-condition for |mod_montgomery|. It was already checked by the
// caller.
@@ -762,7 +752,7 @@
// [0, n).
!bn_mul_consttime(r0, r0, q, ctx) || //
!bn_uadd_consttime(r0, r0, m1)) {
- goto err;
+ return 0;
}
// The result should be bounded by |n|, but fixed-width operations may
@@ -772,14 +762,10 @@
declassify_assert(BN_cmp(r0, n) < 0);
bn_assert_fits_in_bytes(r0, BN_num_bytes(n));
if (!bn_resize_words(r0, n->width)) {
- goto err;
+ return 0;
}
- ret = 1;
-
-err:
- BN_CTX_end(ctx);
- return ret;
+ return 1;
}
static int ensure_bignum(BIGNUM **out) {
@@ -910,11 +896,11 @@
}
int limit = BN_is_word(e, 3) ? bits * 8 : bits * 5;
- int ret = 0, tries = 0, rand_tries = 0;
- BN_CTX_start(ctx);
+ int tries = 0, rand_tries = 0;
+ bssl::BN_CTXScope scope(ctx);
BIGNUM *tmp = BN_CTX_get(ctx);
if (tmp == NULL) {
- goto err;
+ return 0;
}
for (;;) {
@@ -923,13 +909,13 @@
// bound checked below in steps 4.4 and 5.5).
if (!BN_rand(out, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD) ||
!BN_GENCB_call(cb, BN_GENCB_GENERATED, rand_tries++)) {
- goto err;
+ return 0;
}
if (p != NULL) {
// If |p| and |out| are too close, try again (step 5.4).
if (!bn_abs_sub_consttime(tmp, out, p, ctx)) {
- goto err;
+ return 0;
}
if (BN_cmp(tmp, pow2_bits_100) <= 0) {
continue;
@@ -959,18 +945,17 @@
int relatively_prime;
if (!bn_usub_consttime(tmp, out, BN_value_one()) ||
!bn_is_relatively_prime(&relatively_prime, tmp, e, ctx)) {
- goto err;
+ return 0;
}
if (constant_time_declassify_int(relatively_prime)) {
// Test |out| for primality (steps 4.5.1 and 5.6.1).
int is_probable_prime;
if (!BN_primality_test(&is_probable_prime, out,
BN_prime_checks_for_generation, ctx, 0, cb)) {
- goto err;
+ return 0;
}
if (is_probable_prime) {
- ret = 1;
- goto err;
+ return 1;
}
}
}
@@ -980,16 +965,12 @@
tries++;
if (tries >= limit) {
OPENSSL_PUT_ERROR(RSA, RSA_R_TOO_MANY_ITERATIONS);
- goto err;
+ return 0;
}
if (!BN_GENCB_call(cb, 2, tries)) {
- goto err;
+ return 0;
}
}
-
-err:
- BN_CTX_end(ctx);
- return ret;
}
// rsa_generate_key_impl generates an RSA key using a generalized version of
@@ -1025,29 +1006,31 @@
return 0;
}
- int ret = 0;
- int prime_bits = bits / 2;
- BN_CTX *ctx = BN_CTX_new();
- BIGNUM *totient, *pm1, *qm1, *sqrt2, *pow2_prime_bits_100, *pow2_prime_bits;
+ bssl::UniquePtr<BN_CTX> ctx(BN_CTX_new());
int sqrt2_bits;
- if (ctx == NULL) {
- goto bn_err;
- }
- BN_CTX_start(ctx);
- totient = BN_CTX_get(ctx);
- pm1 = BN_CTX_get(ctx);
- qm1 = BN_CTX_get(ctx);
- sqrt2 = BN_CTX_get(ctx);
- pow2_prime_bits_100 = BN_CTX_get(ctx);
- pow2_prime_bits = BN_CTX_get(ctx);
- if (totient == NULL || pm1 == NULL || qm1 == NULL || sqrt2 == NULL ||
- pow2_prime_bits_100 == NULL || pow2_prime_bits == NULL ||
- !BN_set_bit(pow2_prime_bits_100, prime_bits - 100) ||
- !BN_set_bit(pow2_prime_bits, prime_bits)) {
- goto bn_err;
+ if (ctx == nullptr) {
+ OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN);
+ return 0;
}
- // We need the RSA components non-NULL.
+ int prime_bits = bits / 2;
+ bssl::BN_CTXScope scope(ctx.get());
+ BIGNUM *totient = BN_CTX_get(ctx.get());
+ BIGNUM *pm1 = BN_CTX_get(ctx.get());
+ BIGNUM *qm1 = BN_CTX_get(ctx.get());
+ BIGNUM *sqrt2 = BN_CTX_get(ctx.get());
+ BIGNUM *pow2_prime_bits_100 = BN_CTX_get(ctx.get());
+ BIGNUM *pow2_prime_bits = BN_CTX_get(ctx.get());
+ if (totient == nullptr || pm1 == nullptr || qm1 == nullptr ||
+ sqrt2 == nullptr || pow2_prime_bits_100 == nullptr ||
+ pow2_prime_bits == nullptr ||
+ !BN_set_bit(pow2_prime_bits_100, prime_bits - 100) ||
+ !BN_set_bit(pow2_prime_bits, prime_bits)) {
+ OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN);
+ return 0;
+ }
+
+ // We need the RSA components non-null.
if (!ensure_bignum(&rsa->n) || //
!ensure_bignum(&rsa->d) || //
!ensure_bignum(&rsa->e) || //
@@ -1056,16 +1039,19 @@
!ensure_bignum(&rsa->dmp1) || //
!ensure_bignum(&rsa->dmq1) || //
!ensure_bignum(&rsa->iqmp)) {
- goto bn_err;
+ OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN);
+ return 0;
}
if (!BN_copy(rsa->e, e_value)) {
- goto bn_err;
+ OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN);
+ return 0;
}
// Compute sqrt2 >= ⌊2^(prime_bits-1)×√2⌋.
if (!bn_set_words(sqrt2, kBoringSSLRSASqrtTwo, kBoringSSLRSASqrtTwoLen)) {
- goto bn_err;
+ OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN);
+ return 0;
}
sqrt2_bits = kBoringSSLRSASqrtTwoLen * BN_BITS2;
assert(sqrt2_bits == (int)BN_num_bits(sqrt2));
@@ -1073,14 +1059,16 @@
// For key sizes up to 4096 (prime_bits = 2048), this is exactly
// ⌊2^(prime_bits-1)×√2⌋.
if (!BN_rshift(sqrt2, sqrt2, sqrt2_bits - prime_bits)) {
- goto bn_err;
+ OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN);
+ return 0;
}
} else if (prime_bits > sqrt2_bits) {
// For key sizes beyond 4096, this is approximate. We err towards retrying
// to ensure our key is the right size and round up.
if (!BN_add_word(sqrt2, 1) ||
!BN_lshift(sqrt2, sqrt2, prime_bits - sqrt2_bits)) {
- goto bn_err;
+ OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN);
+ return 0;
}
}
assert(prime_bits == (int)BN_num_bits(sqrt2));
@@ -1091,13 +1079,14 @@
//
// Each call to |generate_prime| fails with probability p = 2^-21. The
// probability that either call fails is 1 - (1-p)^2, which is around 2^-20.
- if (!generate_prime(rsa->p, prime_bits, rsa->e, NULL, sqrt2,
- pow2_prime_bits_100, ctx, cb) ||
+ if (!generate_prime(rsa->p, prime_bits, rsa->e, nullptr, sqrt2,
+ pow2_prime_bits_100, ctx.get(), cb) ||
!BN_GENCB_call(cb, 3, 0) ||
!generate_prime(rsa->q, prime_bits, rsa->e, rsa->p, sqrt2,
- pow2_prime_bits_100, ctx, cb) ||
+ pow2_prime_bits_100, ctx.get(), cb) ||
!BN_GENCB_call(cb, 3, 1)) {
- goto bn_err;
+ OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN);
+ return 0;
}
if (BN_cmp(rsa->p, rsa->q) < 0) {
@@ -1116,9 +1105,11 @@
int no_inverse;
if (!bn_usub_consttime(pm1, rsa->p, BN_value_one()) ||
!bn_usub_consttime(qm1, rsa->q, BN_value_one()) ||
- !bn_lcm_consttime(totient, pm1, qm1, ctx) ||
- !bn_mod_inverse_consttime(rsa->d, &no_inverse, rsa->e, totient, ctx)) {
- goto bn_err;
+ !bn_lcm_consttime(totient, pm1, qm1, ctx.get()) ||
+ !bn_mod_inverse_consttime(rsa->d, &no_inverse, rsa->e, totient,
+ ctx.get())) {
+ OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN);
+ return 0;
}
// Retry if |rsa->d| <= 2^|prime_bits|. See appendix B.3.1's guidance on
@@ -1129,12 +1120,15 @@
assert(BN_num_bits(pm1) == (unsigned)prime_bits);
assert(BN_num_bits(qm1) == (unsigned)prime_bits);
if ( // Calculate n.
- !bn_mul_consttime(rsa->n, rsa->p, rsa->q, ctx) ||
+ !bn_mul_consttime(rsa->n, rsa->p, rsa->q, ctx.get()) ||
// Calculate d mod (p-1).
- !bn_div_consttime(NULL, rsa->dmp1, rsa->d, pm1, prime_bits, ctx) ||
+ !bn_div_consttime(nullptr, rsa->dmp1, rsa->d, pm1, prime_bits,
+ ctx.get()) ||
// Calculate d mod (q-1)
- !bn_div_consttime(NULL, rsa->dmq1, rsa->d, qm1, prime_bits, ctx)) {
- goto bn_err;
+ !bn_div_consttime(nullptr, rsa->dmq1, rsa->d, qm1, prime_bits,
+ ctx.get())) {
+ OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN);
+ return 0;
}
bn_set_minimal_width(rsa->n);
@@ -1142,41 +1136,30 @@
bn_declassify(rsa->n);
// Calculate q^-1 mod p.
- rsa->mont_p = BN_MONT_CTX_new_consttime(rsa->p, ctx);
- if (rsa->mont_p == NULL || //
- !bn_mod_inverse_secret_prime(rsa->iqmp, rsa->q, rsa->p, ctx,
+ rsa->mont_p = BN_MONT_CTX_new_consttime(rsa->p, ctx.get());
+ if (rsa->mont_p == nullptr || //
+ !bn_mod_inverse_secret_prime(rsa->iqmp, rsa->q, rsa->p, ctx.get(),
rsa->mont_p)) {
- goto bn_err;
+ OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN);
+ return 0;
}
// Sanity-check that |rsa->n| has the specified size. This is implied by
// |generate_prime|'s bounds.
if (BN_num_bits(rsa->n) != (unsigned)bits) {
OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR);
- goto err;
+ return 0;
}
// The key generation process is complex and thus error-prone. It could be
// disastrous to generate and then use a bad key so double-check that the key
// makes sense. Also, while |rsa| is mutable, fill in the cached components.
- if (!RSA_check_key(rsa) ||
- !freeze_private_key(rsa, ctx)) {
+ if (!RSA_check_key(rsa) || !freeze_private_key(rsa, ctx.get())) {
OPENSSL_PUT_ERROR(RSA, RSA_R_INTERNAL_ERROR);
- goto err;
+ return 0;
}
- ret = 1;
-
-bn_err:
- if (!ret) {
- OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN);
- }
-err:
- if (ctx != NULL) {
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
- return ret;
+ return 1;
}
static void replace_bignum(BIGNUM **out, BIGNUM **in) {
diff --git a/src/crypto/fipsmodule/self_check/self_check.cc.inc b/src/crypto/fipsmodule/self_check/self_check.cc.inc
index 15a68b5..b64c64b 100644
--- a/src/crypto/fipsmodule/self_check/self_check.cc.inc
+++ b/src/crypto/fipsmodule/self_check/self_check.cc.inc
@@ -44,14 +44,6 @@
#include "../tls/internal.h"
-// MSVC wants to put a NUL byte at the end of non-char arrays and so cannot
-// compile the real logic.
-#if defined(_MSC_VER)
-
-int BORINGSSL_self_test(void) { return 0; }
-
-#else
-
static void hexdump(FILE *out, const void *in, size_t len) {
const uint8_t *in8 = reinterpret_cast<const uint8_t *>(in);
for (size_t i = 0; i < len; i++) {
@@ -59,8 +51,8 @@
}
}
-static int check_test(const void *expected, const void *actual,
- size_t expected_len, const char *name) {
+int BORINGSSL_check_test(const void *expected, const void *actual,
+ size_t expected_len, const char *name) {
if (OPENSSL_memcmp(actual, expected, expected_len) != 0) {
FILE *err = CRYPTO_get_stderr();
fprintf(err, "%s failed.\nExpected: ", name);
@@ -74,6 +66,14 @@
return 1;
}
+// MSVC wants to put a NUL byte at the end of non-char arrays and so cannot
+// compile the real logic.
+#if defined(_MSC_VER)
+
+int BORINGSSL_self_test(void) { return 0; }
+
+#else
+
static int set_bignum(BIGNUM **out, const uint8_t *in, size_t len) {
*out = BN_bin2bn(in, len, NULL);
return *out != NULL;
@@ -337,8 +337,8 @@
unsigned sig_len;
if (!rsa_sign_no_self_test(NID_sha256, kRSASignDigest, sizeof(kRSASignDigest),
output, &sig_len, rsa_key) ||
- !check_test(kRSASignSignature, output, sizeof(kRSASignSignature),
- "RSA-sign KAT")) {
+ !BORINGSSL_check_test(kRSASignSignature, output,
+ sizeof(kRSASignSignature), "RSA-sign KAT")) {
fprintf(CRYPTO_get_stderr(), "RSA signing test failed.\n");
goto err;
}
@@ -429,8 +429,9 @@
kECDSASignDigest, sizeof(kECDSASignDigest), ecdsa_sign_output,
&ecdsa_sign_output_len, sizeof(ecdsa_sign_output), ec_key, ecdsa_k,
sizeof(ecdsa_k)) ||
- !check_test(kECDSASignSig, ecdsa_sign_output, sizeof(ecdsa_sign_output),
- "ECDSA-sign signature")) {
+ !BORINGSSL_check_test(kECDSASignSig, ecdsa_sign_output,
+ sizeof(ecdsa_sign_output),
+ "ECDSA-sign signature")) {
fprintf(CRYPTO_get_stderr(), "ECDSA-sign KAT failed.\n");
goto err;
}
@@ -496,8 +497,8 @@
ec_scalar, NULL) ||
!EC_POINT_point2oct(ec_group, ec_point_out, POINT_CONVERSION_UNCOMPRESSED,
z_comp_result, sizeof(z_comp_result), NULL) ||
- !check_test(kP256PointResult, z_comp_result, sizeof(z_comp_result),
- "Z Computation Result")) {
+ !BORINGSSL_check_test(kP256PointResult, z_comp_result,
+ sizeof(z_comp_result), "Z Computation Result")) {
fprintf(CRYPTO_get_stderr(), "Z-computation KAT failed.\n");
goto err;
}
@@ -576,7 +577,7 @@
if (dh == NULL || ffdhe2048_value == NULL || sizeof(dh_out) != DH_size(dh) ||
dh_compute_key_padded_no_self_test(dh_out, ffdhe2048_value, dh) !=
sizeof(dh_out) ||
- !check_test(kDHOutput, dh_out, sizeof(dh_out), "FFC DH")) {
+ !BORINGSSL_check_test(kDHOutput, dh_out, sizeof(dh_out), "FFC DH")) {
fprintf(CRYPTO_get_stderr(), "FFDH failed.\n");
goto err;
}
@@ -655,8 +656,8 @@
// SHA-256 KAT
SHA256(kInput, sizeof(kInput), output);
- return check_test(kPlaintextSHA256, output, sizeof(kPlaintextSHA256),
- "SHA-256 KAT");
+ return BORINGSSL_check_test(kPlaintextSHA256, output,
+ sizeof(kPlaintextSHA256), "SHA-256 KAT");
}
int boringssl_self_test_sha512(void) {
@@ -676,8 +677,8 @@
// SHA-512 KAT
SHA512(kInput, sizeof(kInput), output);
- return check_test(kPlaintextSHA512, output, sizeof(kPlaintextSHA512),
- "SHA-512 KAT");
+ return BORINGSSL_check_test(kPlaintextSHA512, output,
+ sizeof(kPlaintextSHA512), "SHA-512 KAT");
}
int boringssl_self_test_hmac_sha256(void) {
@@ -696,8 +697,8 @@
HMAC(EVP_sha256(), kInput, sizeof(kInput), kInput, sizeof(kInput), output,
&output_len);
return output_len == sizeof(kPlaintextHMACSHA256) &&
- check_test(kPlaintextHMACSHA256, output, sizeof(kPlaintextHMACSHA256),
- "HMAC-SHA-256 KAT");
+ BORINGSSL_check_test(kPlaintextHMACSHA256, output,
+ sizeof(kPlaintextHMACSHA256), "HMAC-SHA-256 KAT");
}
static int boringssl_self_test_fast(void) {
@@ -707,10 +708,6 @@
};
static const uint8_t kAESIV[16] = {0};
- EVP_AEAD_CTX aead_ctx;
- EVP_AEAD_CTX_zero(&aead_ctx);
- int ret = 0;
-
AES_KEY aes_key;
uint8_t aes_iv[16];
uint8_t output[256];
@@ -727,15 +724,17 @@
0x50, 0x3a, 0xc5, 0x5e, 0x8e, 0x93, 0x40, 0xf2, 0x10, 0xd8,
};
memcpy(aes_iv, kAESIV, sizeof(kAESIV));
- if (AES_set_encrypt_key(kAESKey, 8 * sizeof(kAESKey), &aes_key) != 0) {
- fprintf(CRYPTO_get_stderr(), "AES_set_encrypt_key failed.\n");
- goto err;
+ if (!bcm_success(
+ BCM_aes_set_encrypt_key(kAESKey, 8 * sizeof(kAESKey), &aes_key))) {
+ fprintf(CRYPTO_get_stderr(), "BCM_aes_set_encrypt_key failed.\n");
+ return 0;
}
AES_cbc_encrypt(kAESCBCEncPlaintext, output, sizeof(kAESCBCEncPlaintext),
&aes_key, aes_iv, AES_ENCRYPT);
- if (!check_test(kAESCBCEncCiphertext, output, sizeof(kAESCBCEncCiphertext),
- "AES-CBC-encrypt KAT")) {
- goto err;
+ if (!BORINGSSL_check_test(kAESCBCEncCiphertext, output,
+ sizeof(kAESCBCEncCiphertext),
+ "AES-CBC-encrypt KAT")) {
+ return 0;
}
// AES-CBC Decryption KAT
@@ -750,24 +749,27 @@
0xb2, 0x25, 0x6f, 0xa6, 0xd0, 0xd2, 0x0e, 0x6f, 0x19, 0xb5,
};
memcpy(aes_iv, kAESIV, sizeof(kAESIV));
- if (AES_set_decrypt_key(kAESKey, 8 * sizeof(kAESKey), &aes_key) != 0) {
- fprintf(CRYPTO_get_stderr(), "AES_set_decrypt_key failed.\n");
- goto err;
+ if (!bcm_success(
+ BCM_aes_set_decrypt_key(kAESKey, 8 * sizeof(kAESKey), &aes_key))) {
+ fprintf(CRYPTO_get_stderr(), "BCM_aes_set_decrypt_key failed.\n");
+ return 0;
}
AES_cbc_encrypt(kAESCBCDecCiphertext, output, sizeof(kAESCBCDecCiphertext),
&aes_key, aes_iv, AES_DECRYPT);
- if (!check_test(kAESCBCDecPlaintext, output, sizeof(kAESCBCDecPlaintext),
- "AES-CBC-decrypt KAT")) {
- goto err;
+ if (!BORINGSSL_check_test(kAESCBCDecPlaintext, output,
+ sizeof(kAESCBCDecPlaintext),
+ "AES-CBC-decrypt KAT")) {
+ return 0;
}
size_t out_len;
uint8_t nonce[EVP_AEAD_MAX_NONCE_LENGTH];
OPENSSL_memset(nonce, 0, sizeof(nonce));
- if (!EVP_AEAD_CTX_init(&aead_ctx, EVP_aead_aes_128_gcm(), kAESKey,
+ bssl::ScopedEVP_AEAD_CTX aead_ctx;
+ if (!EVP_AEAD_CTX_init(aead_ctx.get(), EVP_aead_aes_128_gcm(), kAESKey,
sizeof(kAESKey), 0, NULL)) {
fprintf(CRYPTO_get_stderr(), "EVP_AEAD_CTX_init for AES-128-GCM failed.\n");
- goto err;
+ return 0;
}
// AES-GCM Encryption KAT
@@ -782,14 +784,14 @@
0x1c, 0x63, 0x2e, 0x97, 0x93, 0x0f, 0xfb, 0xed, 0xb5, 0x9e, 0x1c, 0x20,
0xb2, 0xb0, 0x58, 0xda, 0x48, 0x07, 0x2d, 0xbd, 0x96, 0x0d, 0x34, 0xc6,
};
- if (!EVP_AEAD_CTX_seal(&aead_ctx, output, &out_len, sizeof(output), nonce,
- EVP_AEAD_nonce_length(EVP_aead_aes_128_gcm()),
+ if (!EVP_AEAD_CTX_seal(aead_ctx.get(), output, &out_len, sizeof(output),
+ nonce, EVP_AEAD_nonce_length(EVP_aead_aes_128_gcm()),
kAESGCMEncPlaintext, sizeof(kAESGCMEncPlaintext), NULL,
0) ||
- !check_test(kAESGCMCiphertext, output, sizeof(kAESGCMCiphertext),
- "AES-GCM-encrypt KAT")) {
+ !BORINGSSL_check_test(kAESGCMCiphertext, output,
+ sizeof(kAESGCMCiphertext), "AES-GCM-encrypt KAT")) {
fprintf(CRYPTO_get_stderr(), "EVP_AEAD_CTX_seal for AES-128-GCM failed.\n");
- goto err;
+ return 0;
}
// AES-GCM Decryption KAT
@@ -805,15 +807,16 @@
0xa9, 0x99, 0x17, 0x6a, 0x45, 0x05, 0x5e, 0x99, 0x83, 0x56, 0x01,
0xc0, 0x82, 0x40, 0x81, 0xd2, 0x48, 0x45, 0xf2, 0xcc, 0xc3,
};
- if (!EVP_AEAD_CTX_open(&aead_ctx, output, &out_len, sizeof(output), nonce,
- EVP_AEAD_nonce_length(EVP_aead_aes_128_gcm()),
+ if (!EVP_AEAD_CTX_open(aead_ctx.get(), output, &out_len, sizeof(output),
+ nonce, EVP_AEAD_nonce_length(EVP_aead_aes_128_gcm()),
kAESGCMDecCiphertext, sizeof(kAESGCMDecCiphertext),
NULL, 0) ||
- !check_test(kAESGCMDecPlaintext, output, sizeof(kAESGCMDecPlaintext),
- "AES-GCM-decrypt KAT")) {
+ !BORINGSSL_check_test(kAESGCMDecPlaintext, output,
+ sizeof(kAESGCMDecPlaintext),
+ "AES-GCM-decrypt KAT")) {
fprintf(CRYPTO_get_stderr(),
"AES-GCM-decrypt KAT failed because EVP_AEAD_CTX_open failed.\n");
- goto err;
+ return 0;
}
// SHA-1 KAT
@@ -826,13 +829,14 @@
0x09, 0x11, 0x6d, 0x1a, 0xfd, 0x0f, 0x1e, 0x11, 0xe3, 0xcb,
};
SHA1(kSHA1Input, sizeof(kSHA1Input), output);
- if (!check_test(kSHA1Digest, output, sizeof(kSHA1Digest), "SHA-1 KAT")) {
- goto err;
+ if (!BORINGSSL_check_test(kSHA1Digest, output, sizeof(kSHA1Digest),
+ "SHA-1 KAT")) {
+ return 0;
}
if (!boringssl_self_test_sha256() || !boringssl_self_test_sha512() ||
!boringssl_self_test_hmac_sha256()) {
- goto err;
+ return 0;
}
// DBRG KAT
@@ -874,22 +878,23 @@
sizeof(kDRBGPersonalization)) ||
!CTR_DRBG_generate(&drbg, output, sizeof(kDRBGOutput), kDRBGAD,
sizeof(kDRBGAD)) ||
- !check_test(kDRBGOutput, output, sizeof(kDRBGOutput),
- "DRBG Generate KAT") ||
+ !BORINGSSL_check_test(kDRBGOutput, output, sizeof(kDRBGOutput),
+ "DRBG Generate KAT") ||
!CTR_DRBG_reseed(&drbg, kDRBGEntropy2, kDRBGAD, sizeof(kDRBGAD)) ||
!CTR_DRBG_generate(&drbg, output, sizeof(kDRBGReseedOutput), kDRBGAD,
sizeof(kDRBGAD)) ||
- !check_test(kDRBGReseedOutput, output, sizeof(kDRBGReseedOutput),
- "DRBG-reseed KAT")) {
+ !BORINGSSL_check_test(kDRBGReseedOutput, output,
+ sizeof(kDRBGReseedOutput), "DRBG-reseed KAT")) {
fprintf(CRYPTO_get_stderr(), "CTR-DRBG failed.\n");
- goto err;
+ return 0;
}
CTR_DRBG_clear(&drbg);
CTR_DRBG_STATE kZeroDRBG;
memset(&kZeroDRBG, 0, sizeof(kZeroDRBG));
- if (!check_test(&kZeroDRBG, &drbg, sizeof(drbg), "DRBG Clear KAT")) {
- goto err;
+ if (!BORINGSSL_check_test(&kZeroDRBG, &drbg, sizeof(drbg),
+ "DRBG Clear KAT")) {
+ return 0;
}
// TLS KDF KAT
@@ -918,10 +923,10 @@
kTLS10Secret, sizeof(kTLS10Secret), kTLSLabel,
sizeof(kTLSLabel), kTLSSeed1, sizeof(kTLSSeed1),
kTLSSeed2, sizeof(kTLSSeed2)) ||
- !check_test(kTLS10Output, tls10_output, sizeof(kTLS10Output),
- "TLS10-KDF KAT")) {
+ !BORINGSSL_check_test(kTLS10Output, tls10_output, sizeof(kTLS10Output),
+ "TLS10-KDF KAT")) {
fprintf(CRYPTO_get_stderr(), "TLS KDF failed.\n");
- goto err;
+ return 0;
}
static const uint8_t kTLS12Secret[32] = {
@@ -939,10 +944,10 @@
kTLS12Secret, sizeof(kTLS12Secret), kTLSLabel,
sizeof(kTLSLabel), kTLSSeed1, sizeof(kTLSSeed1),
kTLSSeed2, sizeof(kTLSSeed2)) ||
- !check_test(kTLS12Output, tls12_output, sizeof(kTLS12Output),
- "TLS12-KDF KAT")) {
+ !BORINGSSL_check_test(kTLS12Output, tls12_output, sizeof(kTLS12Output),
+ "TLS12-KDF KAT")) {
fprintf(CRYPTO_get_stderr(), "TLS KDF failed.\n");
- goto err;
+ return 0;
}
// TLS v1.3: derives a dummy client-early-traffic secret.
@@ -978,11 +983,11 @@
EVP_sha256(), tls13_extract_output, sizeof(tls13_extract_output),
kTLS13Label, sizeof(kTLS13Label) - 1, kTLS13ClientHelloHash,
sizeof(kTLS13ClientHelloHash)) ||
- !check_test(kTLS13ExpandLabelOutput, tls13_expand_label_output,
- sizeof(kTLS13ExpandLabelOutput),
- "CRYPTO_tls13_hkdf_expand_label")) {
+ !BORINGSSL_check_test(kTLS13ExpandLabelOutput, tls13_expand_label_output,
+ sizeof(kTLS13ExpandLabelOutput),
+ "CRYPTO_tls13_hkdf_expand_label")) {
fprintf(CRYPTO_get_stderr(), "TLS13-KDF failed.\n");
- goto err;
+ return 0;
}
// HKDF
@@ -1010,25 +1015,33 @@
if (!HKDF(hkdf_output, sizeof(hkdf_output), EVP_sha256(), kHKDFSecret,
sizeof(kHKDFSecret), kHKDFSalt, sizeof(kHKDFSalt), kHKDFInfo,
sizeof(kHKDFInfo)) ||
- !check_test(kHKDFOutput, hkdf_output, sizeof(kHKDFOutput), "HKDF")) {
+ !BORINGSSL_check_test(kHKDFOutput, hkdf_output, sizeof(kHKDFOutput),
+ "HKDF")) {
fprintf(CRYPTO_get_stderr(), "HKDF failed.\n");
- goto err;
+ return 0;
}
- ret = 1;
-
-err:
- EVP_AEAD_CTX_cleanup(&aead_ctx);
-
- return ret;
+ return 1;
}
int BORINGSSL_self_test(void) {
if (!boringssl_self_test_fast() ||
- // When requested to run self tests, also run the lazy tests.
- !boringssl_self_test_rsa() || //
- !boringssl_self_test_ecc() || //
- !boringssl_self_test_ffdh()) {
+ // When requested to run self tests, also run some of the lazy tests.
+ !boringssl_self_test_rsa() || //
+ !boringssl_self_test_ecc() || //
+ !boringssl_self_test_ffdh() || //
+ !boringssl_self_test_mlkem() || //
+ !boringssl_self_test_mldsa()) {
+ return 0;
+ }
+
+ return 1;
+}
+
+int BORINGSSL_self_test_all(void) {
+ if (!BORINGSSL_self_test() ||
+ // When requested to run all self tests, add in the really slow tests.
+ !boringssl_self_test_slhdsa()) {
return 0;
}
diff --git a/src/crypto/fipsmodule/service_indicator/internal.h b/src/crypto/fipsmodule/service_indicator/internal.h
index 182aefc..5b69172 100644
--- a/src/crypto/fipsmodule/service_indicator/internal.h
+++ b/src/crypto/fipsmodule/service_indicator/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_SERVICE_INDICATOR_INTERNAL_H
-#define OPENSSL_HEADER_SERVICE_INDICATOR_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_FIPSMODULE_SERVICE_INDICATOR_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_FIPSMODULE_SERVICE_INDICATOR_INTERNAL_H
#include <openssl/base.h>
#include <openssl/service_indicator.h>
@@ -86,4 +86,4 @@
#endif // BORINGSSL_FIPS
-#endif // OPENSSL_HEADER_SERVICE_INDICATOR_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_FIPSMODULE_SERVICE_INDICATOR_INTERNAL_H
diff --git a/src/crypto/fipsmodule/sha/asm/sha1-x86_64.pl b/src/crypto/fipsmodule/sha/asm/sha1-x86_64.pl
index 2dc24f2..30f1238 100755
--- a/src/crypto/fipsmodule/sha/asm/sha1-x86_64.pl
+++ b/src/crypto/fipsmodule/sha/asm/sha1-x86_64.pl
@@ -2057,45 +2057,9 @@
####################################################################
-sub sha1rnds4 {
- if (@_[0] =~ /\$([x0-9a-f]+),\s*%xmm([0-7]),\s*%xmm([0-7])/) {
- my @opcode=(0x0f,0x3a,0xcc);
- push @opcode,0xc0|($2&7)|(($3&7)<<3); # ModR/M
- my $c=$1;
- push @opcode,$c=~/^0/?oct($c):$c;
- return ".byte\t".join(',',@opcode);
- } else {
- return "sha1rnds4\t".@_[0];
- }
-}
-
-sub sha1op38 {
- my $instr = shift;
- my %opcodelet = (
- "sha1nexte" => 0xc8,
- "sha1msg1" => 0xc9,
- "sha1msg2" => 0xca );
-
- if (defined($opcodelet{$instr}) && @_[0] =~ /%xmm([0-9]+),\s*%xmm([0-9]+)/) {
- my @opcode=(0x0f,0x38);
- my $rex=0;
- $rex|=0x04 if ($2>=8);
- $rex|=0x01 if ($1>=8);
- unshift @opcode,0x40|$rex if ($rex);
- push @opcode,$opcodelet{$instr};
- push @opcode,0xc0|($1&7)|(($2&7)<<3); # ModR/M
- return ".byte\t".join(',',@opcode);
- } else {
- return $instr."\t".@_[0];
- }
-}
-
foreach (split("\n",$code)) {
s/\`([^\`]*)\`/eval $1/geo;
- s/\b(sha1rnds4)\s+(.*)/sha1rnds4($2)/geo or
- s/\b(sha1[^\s]*)\s+(.*)/sha1op38($1,$2)/geo;
-
print $_,"\n";
}
close STDOUT or die "error closing STDOUT: $!";
diff --git a/src/crypto/fipsmodule/sha/asm/sha512-x86_64.pl b/src/crypto/fipsmodule/sha/asm/sha512-x86_64.pl
index 3a31a16..6768bf3 100755
--- a/src/crypto/fipsmodule/sha/asm/sha512-x86_64.pl
+++ b/src/crypto/fipsmodule/sha/asm/sha512-x86_64.pl
@@ -2042,28 +2042,9 @@
___
}
-sub sha256op38 {
- my $instr = shift;
- my %opcodelet = (
- "sha256rnds2" => 0xcb,
- "sha256msg1" => 0xcc,
- "sha256msg2" => 0xcd );
-
- if (defined($opcodelet{$instr}) && @_[0] =~ /%xmm([0-7]),\s*%xmm([0-7])/) {
- my @opcode=(0x0f,0x38);
- push @opcode,$opcodelet{$instr};
- push @opcode,0xc0|($1&7)|(($2&7)<<3); # ModR/M
- return ".byte\t".join(',',@opcode);
- } else {
- return $instr."\t".@_[0];
- }
-}
-
foreach (split("\n",$code)) {
s/\`([^\`]*)\`/eval $1/geo;
- s/\b(sha256[^\s]*)\s+(.*)/sha256op38($1,$2)/geo;
-
print $_,"\n";
}
close STDOUT or die "error closing STDOUT: $!";
diff --git a/src/crypto/fipsmodule/sha/internal.h b/src/crypto/fipsmodule/sha/internal.h
index 7a6007c..d68bf0d 100644
--- a/src/crypto/fipsmodule/sha/internal.h
+++ b/src/crypto/fipsmodule/sha/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_SHA_INTERNAL_H
-#define OPENSSL_HEADER_SHA_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_FIPSMODULE_SHA_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_FIPSMODULE_SHA_INTERNAL_H
#include <openssl/base.h>
@@ -74,9 +74,7 @@
#define SHA1_ASM_SSSE3
inline int sha1_ssse3_capable(void) {
- // TODO(davidben): Do we need to check the FXSR bit? The Intel manual does not
- // say to.
- return CRYPTO_is_SSSE3_capable() && CRYPTO_is_FXSR_capable();
+ return CRYPTO_is_SSSE3_capable();
}
void sha1_block_data_order_ssse3(uint32_t state[5], const uint8_t *data,
size_t num);
@@ -86,19 +84,14 @@
// AMD CPUs have slow SHLD/SHRD. See also the discussion in sha1-586.pl.
//
// TODO(crbug.com/42290564): Should we enable SHAEXT on 32-bit x86?
- // TODO(davidben): Do we need to check the FXSR bit? The Intel manual does not
- // say to.
- return CRYPTO_is_AVX_capable() && CRYPTO_is_intel_cpu() &&
- CRYPTO_is_FXSR_capable();
+ return CRYPTO_is_AVX_capable() && CRYPTO_is_intel_cpu();
}
void sha1_block_data_order_avx(uint32_t state[5], const uint8_t *data,
size_t num);
#define SHA256_ASM_SSSE3
inline int sha256_ssse3_capable(void) {
- // TODO(davidben): Do we need to check the FXSR bit? The Intel manual does not
- // say to.
- return CRYPTO_is_SSSE3_capable() && CRYPTO_is_FXSR_capable();
+ return CRYPTO_is_SSSE3_capable();
}
void sha256_block_data_order_ssse3(uint32_t state[8], const uint8_t *data,
size_t num);
@@ -108,19 +101,14 @@
// AMD CPUs have slow SHLD/SHRD. See also the discussion in sha1-586.pl.
//
// TODO(crbug.com/42290564): Should we enable SHAEXT on 32-bit x86?
- // TODO(davidben): Do we need to check the FXSR bit? The Intel manual does not
- // say to.
- return CRYPTO_is_AVX_capable() && CRYPTO_is_intel_cpu() &&
- CRYPTO_is_FXSR_capable();
+ return CRYPTO_is_AVX_capable() && CRYPTO_is_intel_cpu();
}
void sha256_block_data_order_avx(uint32_t state[8], const uint8_t *data,
size_t num);
#define SHA512_ASM_SSSE3
inline int sha512_ssse3_capable(void) {
- // TODO(davidben): Do we need to check the FXSR bit? The Intel manual does not
- // say to.
- return CRYPTO_is_SSSE3_capable() && CRYPTO_is_FXSR_capable();
+ return CRYPTO_is_SSSE3_capable();
}
void sha512_block_data_order_ssse3(uint64_t state[8], const uint8_t *data,
size_t num);
@@ -223,4 +211,4 @@
} // extern "C"
#endif
-#endif // OPENSSL_HEADER_SHA_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_FIPSMODULE_SHA_INTERNAL_H
diff --git a/src/crypto/fipsmodule/slhdsa/fips_known_values.inc b/src/crypto/fipsmodule/slhdsa/fips_known_values.inc
new file mode 100644
index 0000000..5bff695
--- /dev/null
+++ b/src/crypto/fipsmodule/slhdsa/fips_known_values.inc
@@ -0,0 +1,674 @@
+const uint8_t kExpectedPublicKey[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES] = {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0xbe, 0x6b, 0xd7, 0xe8, 0xe1, 0x98,
+ 0xea, 0xf6, 0x2d, 0x57, 0x2f, 0x13, 0xfc, 0x79, 0xf2, 0x6f};
+
+const uint8_t kExpectedPrivateKey[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES] = {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0xbe, 0x6b, 0xd7, 0xe8, 0xe1, 0x98, 0xea,
+ 0xf6, 0x2d, 0x57, 0x2f, 0x13, 0xfc, 0x79, 0xf2, 0x6f};
+
+const uint8_t kExpectedSignatureSHA256[32] = {
+ 0x82, 0xd4, 0x09, 0x74, 0x4d, 0x97, 0xae, 0x30, 0x53, 0x18, 0x46,
+ 0x9f, 0x7b, 0x85, 0x7b, 0x91, 0xd4, 0xe3, 0x33, 0x10, 0xb7, 0x09,
+ 0xb5, 0x50, 0xa7, 0xc4, 0x8a, 0x46, 0x09, 0x4e, 0xc9, 0xd4};
+
+const uint8_t kExpectedSignature[BCM_SLHDSA_SHA2_128S_SIGNATURE_BYTES] = {
+ 0x3f, 0xd6, 0x91, 0x93, 0xee, 0x97, 0x08, 0xbd, 0xea, 0x11, 0x0b, 0xa2,
+ 0x9f, 0x23, 0x5f, 0xf2, 0xec, 0x98, 0x88, 0xd1, 0x27, 0x61, 0xf8, 0x4d,
+ 0xc6, 0xe3, 0xf0, 0xd7, 0xeb, 0x48, 0xd0, 0x5c, 0xac, 0xf6, 0xe8, 0x7f,
+ 0xb7, 0xe9, 0x58, 0xf2, 0x21, 0x47, 0x21, 0x64, 0x03, 0xf1, 0xcd, 0x17,
+ 0xab, 0x8d, 0xfb, 0x3d, 0xf1, 0x60, 0xd8, 0xc5, 0xaa, 0x43, 0xcf, 0x56,
+ 0x2d, 0x82, 0x61, 0x99, 0xcc, 0x72, 0x56, 0x12, 0x3f, 0x06, 0xdb, 0x84,
+ 0x2d, 0xd8, 0x31, 0x7e, 0x60, 0x1e, 0x4d, 0x8c, 0xf2, 0x15, 0x57, 0xa3,
+ 0x78, 0x90, 0x59, 0xbe, 0x6a, 0x7e, 0xc7, 0xc7, 0xe2, 0x6d, 0x6c, 0x81,
+ 0xf1, 0xc7, 0xc0, 0x2a, 0x98, 0xdd, 0x64, 0x05, 0x86, 0x99, 0x1f, 0x09,
+ 0x16, 0xef, 0xad, 0xd6, 0x13, 0x7a, 0xf7, 0x8c, 0x38, 0xd3, 0x2e, 0xde,
+ 0x10, 0xd6, 0x6e, 0x38, 0x24, 0xa2, 0x24, 0x40, 0xf5, 0x7c, 0x63, 0x42,
+ 0xf1, 0xab, 0x72, 0x01, 0xc4, 0x54, 0xf6, 0x66, 0x34, 0x32, 0x39, 0xbb,
+ 0x35, 0x13, 0x45, 0xd1, 0xea, 0x6d, 0x87, 0xff, 0x8b, 0x4a, 0x65, 0x7f,
+ 0x84, 0xbd, 0xb1, 0x03, 0xe1, 0xd7, 0x43, 0xea, 0xbe, 0xe3, 0x78, 0xa5,
+ 0xc5, 0xf5, 0xf9, 0xb2, 0x00, 0xe3, 0x13, 0x06, 0x36, 0xf3, 0xe8, 0xee,
+ 0x07, 0xf2, 0x03, 0x48, 0xfd, 0x51, 0x1b, 0xb5, 0x10, 0xaa, 0x1d, 0xa9,
+ 0x99, 0xad, 0x10, 0xc4, 0x59, 0xbf, 0x66, 0xdd, 0x27, 0x8d, 0xd8, 0x6a,
+ 0x53, 0xe5, 0x9d, 0x1a, 0xc1, 0x17, 0x36, 0x2e, 0x2e, 0xaf, 0xc0, 0xc8,
+ 0x96, 0x89, 0xbc, 0x4e, 0x7c, 0xa5, 0xcc, 0xa9, 0x2a, 0x76, 0xc3, 0x1d,
+ 0xa0, 0xa1, 0xa0, 0x27, 0xbf, 0x93, 0x21, 0xf0, 0x67, 0x7c, 0x10, 0x5f,
+ 0x7f, 0x3c, 0x68, 0xbd, 0x7b, 0x2d, 0x0a, 0x4a, 0xde, 0x1b, 0xd4, 0xaa,
+ 0x85, 0x5c, 0xa1, 0x56, 0x9e, 0x61, 0x6c, 0x97, 0x65, 0xae, 0xc4, 0x13,
+ 0xa8, 0x1a, 0x82, 0x87, 0x66, 0x1b, 0x72, 0x27, 0x43, 0xca, 0xb8, 0xc6,
+ 0x4e, 0xe9, 0xbe, 0x4a, 0x77, 0x66, 0xea, 0xf4, 0xa0, 0x71, 0x94, 0x52,
+ 0xee, 0xc6, 0xef, 0x38, 0x7b, 0x24, 0x94, 0xc3, 0x7a, 0xc9, 0x35, 0x93,
+ 0x5b, 0x19, 0xc5, 0x4d, 0xf1, 0x7d, 0xb0, 0xb9, 0x60, 0xaf, 0x1e, 0xa9,
+ 0x24, 0x85, 0x92, 0x50, 0x78, 0x13, 0x1d, 0xb6, 0x6d, 0x4a, 0x4c, 0x1b,
+ 0xa0, 0x51, 0x86, 0xc9, 0xb4, 0x79, 0xe5, 0x09, 0x4e, 0x61, 0xf4, 0x80,
+ 0x07, 0x04, 0xd6, 0x44, 0x7b, 0xf6, 0xc0, 0x90, 0xc0, 0x46, 0xce, 0xa3,
+ 0x92, 0x1a, 0xfd, 0x85, 0xd7, 0xbc, 0xd5, 0x60, 0x0d, 0xcb, 0xc3, 0x02,
+ 0xbc, 0x82, 0x75, 0xe4, 0x1f, 0xc4, 0xce, 0x5f, 0x35, 0x6b, 0xdf, 0x31,
+ 0x1e, 0x39, 0x18, 0xcd, 0x4c, 0xc7, 0xcc, 0x1e, 0x20, 0x19, 0x4a, 0x87,
+ 0xf4, 0x07, 0xb3, 0x15, 0x02, 0xe4, 0x1a, 0x63, 0x1c, 0xa1, 0x3c, 0x0b,
+ 0xae, 0x33, 0x2c, 0x9a, 0xc4, 0x23, 0x02, 0x44, 0x96, 0x14, 0x09, 0x64,
+ 0xea, 0x84, 0x08, 0x52, 0xed, 0x26, 0x2c, 0x29, 0xc0, 0x56, 0x34, 0xaa,
+ 0x20, 0xba, 0x44, 0x39, 0x8d, 0x3e, 0xce, 0xed, 0x6a, 0x3f, 0xca, 0xcd,
+ 0xd3, 0xbe, 0xa0, 0xee, 0x49, 0xb4, 0xdc, 0x24, 0xa7, 0xe1, 0x7a, 0x89,
+ 0x8f, 0x75, 0xb7, 0x19, 0x71, 0xc6, 0x5e, 0x14, 0x9c, 0xbc, 0xde, 0xd7,
+ 0x52, 0xd9, 0x32, 0x6a, 0xd3, 0xd4, 0xc5, 0x5f, 0x39, 0xf0, 0xd4, 0xda,
+ 0xe2, 0x50, 0xfc, 0x14, 0x73, 0xd2, 0xc2, 0x28, 0xd0, 0x84, 0x46, 0xed,
+ 0xe9, 0x7c, 0x40, 0x16, 0xec, 0x72, 0xbf, 0x77, 0xef, 0xac, 0xe8, 0xce,
+ 0xbf, 0x58, 0x65, 0x29, 0x9d, 0x0d, 0xe2, 0xc9, 0xbf, 0x19, 0xdd, 0x9b,
+ 0x8c, 0xb9, 0x1c, 0x32, 0x24, 0x3b, 0xa5, 0x7a, 0x1f, 0x78, 0x85, 0x77,
+ 0xb0, 0x6c, 0x42, 0xb8, 0xc0, 0x75, 0xf5, 0xc0, 0x45, 0xe3, 0x44, 0x7c,
+ 0xbd, 0x75, 0x6c, 0x5b, 0xe4, 0x91, 0x72, 0x9a, 0x5f, 0xe7, 0x1e, 0xe9,
+ 0xa0, 0x6f, 0x26, 0xbb, 0x31, 0x9d, 0xe4, 0xec, 0x32, 0xae, 0x8d, 0xae,
+ 0x7d, 0x14, 0x33, 0x04, 0x19, 0x26, 0x42, 0x09, 0x91, 0x0c, 0x5f, 0xaa,
+ 0x1a, 0x74, 0xfa, 0x31, 0x67, 0xad, 0x71, 0x49, 0xd8, 0xf3, 0xe7, 0x8c,
+ 0x91, 0x38, 0x0e, 0x10, 0x5b, 0xe5, 0x1e, 0xd2, 0x9a, 0x0c, 0x4d, 0x7b,
+ 0x60, 0xac, 0x6a, 0x94, 0x9d, 0x4f, 0x8c, 0xd0, 0x1d, 0x2f, 0xf7, 0x3d,
+ 0x06, 0x46, 0xc8, 0xd6, 0x25, 0x86, 0xfe, 0x67, 0xf2, 0x01, 0xe1, 0x73,
+ 0x02, 0xa1, 0xdd, 0xf2, 0x6d, 0xe6, 0x9d, 0xb9, 0x83, 0x21, 0x38, 0x74,
+ 0x04, 0xec, 0xe3, 0x9e, 0x21, 0xc0, 0xed, 0x91, 0x47, 0x46, 0x44, 0x6e,
+ 0xf7, 0x76, 0xe7, 0xad, 0xbe, 0xef, 0xfe, 0xcd, 0xda, 0x1d, 0x60, 0xc8,
+ 0x5f, 0x92, 0xd7, 0x21, 0xb4, 0x3c, 0x11, 0x5d, 0x24, 0x50, 0x44, 0xb2,
+ 0xf8, 0x59, 0x7e, 0xc4, 0x7a, 0x25, 0xea, 0x19, 0x4f, 0x1c, 0x8e, 0xb5,
+ 0x0d, 0xd6, 0x7a, 0xe6, 0x0a, 0x11, 0x1f, 0x6b, 0x28, 0x9f, 0xc0, 0x02,
+ 0xc6, 0x1b, 0xca, 0x06, 0xdd, 0x59, 0xa3, 0xe0, 0xd0, 0x25, 0x3e, 0x10,
+ 0x0a, 0x49, 0x54, 0xdc, 0xe5, 0x07, 0x8b, 0xcc, 0xa6, 0x3d, 0x41, 0xe5,
+ 0x00, 0x70, 0xf7, 0x13, 0xed, 0x63, 0x7a, 0x4b, 0x69, 0x21, 0xaa, 0xf2,
+ 0xd5, 0xf7, 0xa4, 0x9c, 0x52, 0x51, 0xef, 0xb9, 0xef, 0xee, 0x3b, 0xa4,
+ 0xdf, 0x16, 0x29, 0x08, 0x0f, 0x6f, 0xbd, 0x4e, 0x53, 0xa2, 0x5c, 0x75,
+ 0x5f, 0x04, 0x5a, 0xdf, 0x48, 0xd6, 0xeb, 0xf9, 0x80, 0x85, 0xd3, 0x1d,
+ 0x7f, 0x23, 0x01, 0x04, 0x8b, 0x78, 0xba, 0xba, 0xc3, 0x74, 0xbe, 0x7d,
+ 0x5b, 0x3e, 0x65, 0x3d, 0xcd, 0x5d, 0x96, 0xe3, 0x40, 0x40, 0x7f, 0x50,
+ 0xfe, 0xa0, 0x53, 0xa6, 0xd9, 0x71, 0x15, 0x33, 0x39, 0x24, 0x83, 0xee,
+ 0x69, 0x6f, 0x3c, 0x0a, 0x5e, 0xdc, 0x83, 0xb9, 0x8a, 0x1f, 0x7f, 0x67,
+ 0x39, 0xb2, 0x58, 0xe4, 0x48, 0xd0, 0xac, 0x75, 0xba, 0x57, 0x13, 0x37,
+ 0xaa, 0x0b, 0xd5, 0x02, 0x89, 0x01, 0x5f, 0xe8, 0x75, 0xcc, 0x2d, 0x76,
+ 0x05, 0xde, 0x57, 0xa2, 0xac, 0x48, 0x95, 0xce, 0xa7, 0x1d, 0xf6, 0xdb,
+ 0x64, 0xff, 0xde, 0x85, 0x7e, 0x13, 0xb9, 0x58, 0x4f, 0xdd, 0xf0, 0xcb,
+ 0x9a, 0x31, 0x7e, 0xc5, 0x61, 0x41, 0x97, 0x56, 0xe4, 0xfa, 0xb1, 0xcb,
+ 0x1e, 0xb3, 0xfd, 0x9c, 0xfd, 0xfd, 0x81, 0x84, 0x78, 0xca, 0xbd, 0xf1,
+ 0x17, 0xec, 0xcb, 0x49, 0xa7, 0x8e, 0xe8, 0xc6, 0xc5, 0x9c, 0x30, 0xf4,
+ 0xc5, 0xac, 0x2a, 0x0e, 0x36, 0x72, 0x03, 0x7d, 0xf2, 0xac, 0xf9, 0x88,
+ 0x84, 0xb6, 0xae, 0x16, 0x77, 0x96, 0x81, 0x7b, 0xfc, 0x17, 0x07, 0x8f,
+ 0xc2, 0x74, 0xd9, 0xce, 0x57, 0xfc, 0x33, 0x53, 0xec, 0x85, 0x0e, 0x55,
+ 0x2e, 0xe3, 0xad, 0x5b, 0xeb, 0x47, 0x8d, 0xf6, 0xb4, 0xb9, 0xc9, 0xb7,
+ 0x9a, 0x63, 0x0e, 0xd9, 0x56, 0xa1, 0x2b, 0x05, 0x39, 0x02, 0xf8, 0x28,
+ 0xdf, 0x67, 0xa7, 0xce, 0x57, 0xfd, 0xd1, 0xb4, 0x55, 0x26, 0x85, 0xe7,
+ 0xd2, 0x5b, 0x90, 0x26, 0xe1, 0x25, 0x5e, 0x73, 0x12, 0xcc, 0x65, 0x8e,
+ 0xdc, 0x1c, 0x64, 0xe9, 0x2e, 0x58, 0xde, 0x70, 0xc3, 0xc6, 0xc9, 0x75,
+ 0x35, 0x0a, 0x0f, 0x60, 0x35, 0xb4, 0x9f, 0xcb, 0x52, 0x20, 0xc9, 0x36,
+ 0xb2, 0x52, 0xbb, 0x35, 0x61, 0xf9, 0xf2, 0xc0, 0xd3, 0x50, 0x08, 0xf6,
+ 0x73, 0x7d, 0xcb, 0x12, 0xd2, 0xd7, 0x4c, 0x56, 0x59, 0xb9, 0x74, 0xec,
+ 0xee, 0x4c, 0x93, 0x1d, 0x9d, 0x73, 0x79, 0xe6, 0xa9, 0x2a, 0x98, 0x22,
+ 0x77, 0x80, 0x84, 0x73, 0x78, 0xe2, 0x8a, 0xec, 0x1e, 0x08, 0x6f, 0x49,
+ 0x64, 0xea, 0x79, 0x99, 0xb1, 0xec, 0x19, 0x6e, 0x65, 0xbd, 0xaa, 0x28,
+ 0x81, 0x4a, 0xe7, 0x70, 0x44, 0xc6, 0xa1, 0xbc, 0xe3, 0x72, 0x8c, 0xa1,
+ 0x13, 0x8a, 0x17, 0x16, 0xcc, 0xfb, 0x03, 0x20, 0x36, 0xb6, 0x6f, 0x4c,
+ 0x52, 0xc4, 0xc6, 0x7e, 0x61, 0x08, 0x56, 0x27, 0xb0, 0xf9, 0x96, 0x44,
+ 0xd9, 0x62, 0x4a, 0x29, 0xea, 0xf2, 0x33, 0x2b, 0x68, 0x45, 0xe0, 0x50,
+ 0x97, 0x6a, 0x1c, 0x59, 0x89, 0x43, 0x60, 0xc2, 0x5f, 0x31, 0xfe, 0xc7,
+ 0x00, 0xcb, 0x6a, 0xe0, 0xcb, 0x1b, 0x50, 0x43, 0x18, 0xd1, 0x67, 0xbc,
+ 0x62, 0xcf, 0xb8, 0xe9, 0x77, 0x81, 0x1d, 0x12, 0x97, 0xa4, 0x87, 0xbe,
+ 0xa2, 0x16, 0x08, 0xf6, 0x1f, 0x42, 0x40, 0x51, 0x65, 0xe3, 0x72, 0x21,
+ 0xef, 0x72, 0xba, 0xff, 0xa7, 0xfa, 0x3b, 0xac, 0xd7, 0xc9, 0x60, 0xa1,
+ 0x5e, 0xae, 0xa5, 0x19, 0x80, 0xfa, 0x5c, 0xd8, 0xf0, 0x1a, 0xf4, 0x0f,
+ 0xb2, 0x5f, 0x57, 0x9a, 0xd2, 0x1b, 0x7c, 0xef, 0xb9, 0x24, 0xd0, 0x30,
+ 0x0e, 0x92, 0xc9, 0x44, 0x05, 0xcf, 0x16, 0x31, 0xc4, 0x3e, 0xa2, 0x94,
+ 0x1f, 0x69, 0xad, 0x0e, 0xcf, 0x7f, 0xce, 0x41, 0x9a, 0xaf, 0x89, 0xc6,
+ 0xbd, 0x65, 0x8c, 0x65, 0xca, 0x36, 0xea, 0xd4, 0x78, 0x04, 0x1b, 0x62,
+ 0x14, 0x2f, 0x37, 0xbe, 0x9b, 0xbe, 0xfd, 0xf4, 0x9d, 0x3c, 0x48, 0xe4,
+ 0x46, 0x71, 0x0d, 0x07, 0x93, 0xfa, 0x86, 0x6c, 0xa7, 0xce, 0xe9, 0x6a,
+ 0xf3, 0xa1, 0x72, 0x19, 0x0a, 0xc9, 0xb9, 0xc4, 0x3b, 0x76, 0x2f, 0x16,
+ 0x82, 0x85, 0xbc, 0x4c, 0x46, 0x32, 0x37, 0xc7, 0x19, 0xc5, 0x24, 0xe1,
+ 0x0f, 0xe2, 0x8f, 0x6d, 0x62, 0x6b, 0x6c, 0x9e, 0xc8, 0x15, 0x01, 0x93,
+ 0x5b, 0x03, 0x44, 0x6e, 0xd0, 0xdc, 0xbd, 0x29, 0x2f, 0x2e, 0x89, 0x11,
+ 0x24, 0x37, 0xfa, 0xff, 0x83, 0x51, 0x1b, 0x31, 0x5e, 0xc6, 0x71, 0x0b,
+ 0xbf, 0x64, 0xb0, 0xca, 0x01, 0xfd, 0x49, 0x64, 0x05, 0xe2, 0xe7, 0x9e,
+ 0x6e, 0xfe, 0xce, 0x98, 0x86, 0xef, 0x16, 0xec, 0x19, 0x66, 0xbe, 0x0d,
+ 0x8a, 0x99, 0xbb, 0xbf, 0x39, 0xa8, 0x85, 0xeb, 0x14, 0x51, 0x2d, 0x18,
+ 0xd5, 0x93, 0x6f, 0x78, 0x7a, 0x5e, 0xa1, 0xee, 0xc0, 0xc3, 0x93, 0x68,
+ 0x04, 0x0c, 0xd4, 0xfe, 0x6a, 0xf7, 0x05, 0x78, 0xac, 0xcf, 0xee, 0x9f,
+ 0x92, 0x53, 0x8d, 0xd4, 0x99, 0x75, 0x27, 0x7f, 0x79, 0x6c, 0x97, 0x52,
+ 0x34, 0x08, 0x31, 0xad, 0x4a, 0x54, 0x34, 0xab, 0x33, 0x2e, 0x16, 0x54,
+ 0xcd, 0x7a, 0x75, 0x96, 0x29, 0x72, 0x3f, 0x40, 0x2e, 0xa4, 0xc8, 0x1c,
+ 0x67, 0xb6, 0x37, 0x15, 0x51, 0x64, 0x83, 0x69, 0xd7, 0x62, 0xcf, 0x8f,
+ 0x34, 0x18, 0x46, 0x98, 0x5c, 0x8b, 0x61, 0x5f, 0x73, 0xe2, 0xc6, 0xe2,
+ 0x86, 0x82, 0xf5, 0xee, 0x1e, 0x2d, 0xb2, 0x73, 0xb0, 0x1b, 0x69, 0xf1,
+ 0x23, 0x47, 0x0d, 0xe6, 0x30, 0xe6, 0xed, 0x91, 0x69, 0x23, 0x23, 0xdd,
+ 0x28, 0x64, 0x56, 0xce, 0x98, 0xa1, 0xfd, 0x93, 0x8b, 0xd3, 0xc0, 0xb7,
+ 0xdd, 0xc8, 0x4a, 0x16, 0xe4, 0x75, 0xa3, 0xef, 0xba, 0x20, 0x92, 0x42,
+ 0xa8, 0x1b, 0xbc, 0x54, 0x88, 0x3e, 0x1b, 0xf0, 0xa1, 0x1f, 0xeb, 0x5d,
+ 0xcb, 0x49, 0x61, 0x19, 0xf3, 0x7f, 0x06, 0xe3, 0xd5, 0x29, 0xbc, 0x1a,
+ 0x54, 0x53, 0xb6, 0xf3, 0x33, 0x50, 0x01, 0xf5, 0xb2, 0xcf, 0x1a, 0x2a,
+ 0x17, 0x8f, 0xfa, 0x1f, 0x41, 0x47, 0x6d, 0x61, 0x60, 0x02, 0x19, 0x36,
+ 0x06, 0xfb, 0x66, 0xfc, 0x42, 0xe3, 0x87, 0xc6, 0x14, 0x82, 0x2e, 0x15,
+ 0xe6, 0x29, 0xbf, 0x44, 0x4d, 0xb4, 0x85, 0xa9, 0x6e, 0x81, 0x75, 0xb9,
+ 0x09, 0x8d, 0xcc, 0x57, 0x13, 0x4c, 0x43, 0xca, 0x94, 0x00, 0x5b, 0xb5,
+ 0x23, 0xbe, 0xf6, 0x3a, 0x1d, 0x42, 0x15, 0xa0, 0xea, 0x2e, 0x89, 0x78,
+ 0x7f, 0xba, 0x6c, 0xe4, 0x27, 0x4c, 0xb6, 0x86, 0x73, 0x0e, 0x9c, 0x8c,
+ 0xef, 0x14, 0xe4, 0x35, 0x43, 0x6d, 0x56, 0xcd, 0x4d, 0xab, 0x48, 0x96,
+ 0x18, 0xb0, 0x4f, 0x03, 0xad, 0xec, 0x62, 0xd3, 0x34, 0x5a, 0xd0, 0xff,
+ 0x14, 0xb1, 0xaf, 0x92, 0xc4, 0x20, 0xaf, 0x2d, 0x17, 0x5e, 0x22, 0x51,
+ 0x5c, 0x66, 0x09, 0x20, 0x1f, 0x50, 0x0c, 0xbc, 0xe0, 0xf5, 0x6e, 0x85,
+ 0x31, 0x48, 0x80, 0xef, 0xf6, 0xef, 0x7c, 0xf5, 0xf3, 0x0e, 0x6b, 0x8d,
+ 0x0b, 0x94, 0x5d, 0xaa, 0x27, 0x81, 0xd3, 0x9b, 0x07, 0xe0, 0x22, 0x0a,
+ 0xce, 0x9d, 0xa1, 0x79, 0x38, 0xe2, 0x6d, 0x58, 0xa7, 0xde, 0x9b, 0xb0,
+ 0x25, 0x0e, 0x6b, 0x25, 0x1e, 0xac, 0x48, 0xb0, 0x34, 0x27, 0x42, 0x30,
+ 0xf5, 0xdb, 0x35, 0x4d, 0xf3, 0x1f, 0xbc, 0x58, 0x2a, 0xeb, 0x86, 0x82,
+ 0x6e, 0x9a, 0x0b, 0xf6, 0xdb, 0xa6, 0x18, 0x12, 0x42, 0x17, 0x5c, 0xb3,
+ 0xe9, 0x49, 0x5f, 0x2a, 0xf9, 0x81, 0x35, 0x2f, 0x2b, 0x92, 0xaa, 0x0d,
+ 0x6b, 0xa7, 0xe1, 0xed, 0x55, 0xa4, 0xf1, 0xef, 0xa4, 0x6b, 0x50, 0x85,
+ 0xe3, 0xcd, 0x9a, 0xb2, 0xc7, 0xd9, 0xdd, 0x46, 0x6a, 0xfc, 0x2c, 0xed,
+ 0xd8, 0xf9, 0x4d, 0x8a, 0xb4, 0x30, 0xa0, 0xd0, 0x08, 0xf8, 0xf0, 0x61,
+ 0xc5, 0x39, 0xa2, 0xfd, 0x78, 0x65, 0x41, 0x5a, 0x52, 0x06, 0xfe, 0x50,
+ 0x74, 0xe2, 0x80, 0xb2, 0x22, 0x2d, 0x96, 0xbf, 0xd2, 0x4f, 0xc9, 0x00,
+ 0x36, 0x58, 0xa7, 0x67, 0x7d, 0xfc, 0xc0, 0xae, 0x34, 0x69, 0xe3, 0x16,
+ 0xbe, 0x59, 0x9e, 0x01, 0x9e, 0x39, 0x0b, 0x3d, 0x16, 0x80, 0x8b, 0xfb,
+ 0xe0, 0x58, 0x81, 0xcd, 0xd1, 0x2c, 0x66, 0x9a, 0xe5, 0x0b, 0x4a, 0xec,
+ 0xb7, 0x45, 0x7f, 0x98, 0xf2, 0xfb, 0xbe, 0x2b, 0xc8, 0xdd, 0x48, 0x95,
+ 0x22, 0xde, 0x8e, 0xb8, 0xb8, 0x4c, 0x09, 0xe8, 0x9e, 0x34, 0x4b, 0xab,
+ 0xe3, 0xa1, 0x19, 0x56, 0xb6, 0x08, 0x67, 0x29, 0x47, 0xba, 0x84, 0xe5,
+ 0x5c, 0x7d, 0x81, 0x7c, 0x8e, 0x48, 0x0a, 0xce, 0x9f, 0x61, 0xfd, 0x26,
+ 0x94, 0xe1, 0x35, 0x43, 0x60, 0xe4, 0x5c, 0x11, 0x26, 0x47, 0xab, 0x1b,
+ 0x0e, 0x24, 0x8b, 0x25, 0x51, 0x6e, 0x21, 0x39, 0x36, 0xa6, 0x46, 0x4c,
+ 0x93, 0x8d, 0xf8, 0xb1, 0xd6, 0x28, 0xdd, 0x21, 0x43, 0xf0, 0xa2, 0x5d,
+ 0x2f, 0xbe, 0x67, 0xe3, 0x89, 0x7a, 0xe5, 0xa2, 0x22, 0x3f, 0xf7, 0x0a,
+ 0xcd, 0xc4, 0xcc, 0xde, 0x81, 0xf1, 0x03, 0xa6, 0xac, 0x29, 0xa3, 0xbe,
+ 0xdc, 0x3a, 0x84, 0x81, 0x98, 0x33, 0x97, 0xa5, 0xe2, 0x93, 0x98, 0xbd,
+ 0x28, 0x7c, 0x78, 0xed, 0xdb, 0x30, 0x26, 0x11, 0x87, 0x32, 0x6f, 0xeb,
+ 0xb0, 0x36, 0x05, 0xcf, 0xe3, 0x28, 0xfc, 0x3e, 0x71, 0xd3, 0x7c, 0x8e,
+ 0xcd, 0xa9, 0xb4, 0x8b, 0x6e, 0x45, 0xdb, 0xc2, 0x48, 0xdf, 0x7f, 0xb8,
+ 0x8a, 0x5b, 0x43, 0xc0, 0x41, 0x25, 0xe7, 0x0a, 0xe5, 0x02, 0x56, 0x21,
+ 0xa1, 0x71, 0xa5, 0xee, 0x13, 0x9f, 0xd7, 0x6b, 0xdb, 0xfa, 0x28, 0x43,
+ 0x58, 0x76, 0x2a, 0x32, 0x89, 0x9b, 0x11, 0x7c, 0xc8, 0xe5, 0x71, 0xe6,
+ 0x2e, 0x08, 0xe1, 0x7a, 0xe5, 0x96, 0x30, 0x61, 0xb1, 0xd9, 0x0a, 0xe5,
+ 0x39, 0x60, 0xaa, 0xf9, 0x3f, 0x7f, 0x88, 0xc7, 0x23, 0xa9, 0x02, 0xe1,
+ 0xbd, 0xa9, 0xcd, 0xb7, 0xee, 0x6c, 0x67, 0xc7, 0x1b, 0xe0, 0xe1, 0x22,
+ 0x08, 0xbe, 0xdb, 0xf6, 0x2b, 0x0d, 0x61, 0xc7, 0x62, 0x5c, 0x5a, 0x9c,
+ 0xb0, 0xd0, 0x6a, 0x7f, 0xd4, 0x4b, 0x43, 0x4e, 0x93, 0x69, 0xf6, 0x43,
+ 0xc7, 0xbd, 0x78, 0xfe, 0xf3, 0x2f, 0xc8, 0x1f, 0x6c, 0xf0, 0x13, 0x9d,
+ 0xff, 0x46, 0xfc, 0xe9, 0x09, 0xe3, 0xaf, 0x47, 0x83, 0x71, 0x99, 0x74,
+ 0xa1, 0xce, 0xa8, 0x35, 0x18, 0x29, 0xa4, 0xbd, 0x4a, 0x84, 0x55, 0x05,
+ 0x29, 0x53, 0x2f, 0xa5, 0xad, 0xa7, 0xf2, 0x1c, 0x45, 0x13, 0xa3, 0xb0,
+ 0xa9, 0x11, 0x80, 0xd6, 0x22, 0xff, 0x64, 0x3e, 0x39, 0xa0, 0x15, 0x58,
+ 0x7f, 0x08, 0x99, 0x08, 0xff, 0x8e, 0x5f, 0x73, 0x98, 0x17, 0x3d, 0x5e,
+ 0xe6, 0xcd, 0x2d, 0xdf, 0xd1, 0x32, 0x2b, 0x8c, 0x08, 0xa6, 0xdb, 0x51,
+ 0x2a, 0x5f, 0xac, 0xad, 0x7a, 0x9b, 0x4c, 0x82, 0x25, 0xad, 0x33, 0x7f,
+ 0x30, 0xc7, 0x48, 0xbd, 0xb4, 0xf5, 0x0d, 0x22, 0xd3, 0xf8, 0x47, 0x58,
+ 0xd3, 0x17, 0x65, 0x81, 0xe4, 0x07, 0xa0, 0x32, 0x7e, 0xee, 0x30, 0xe9,
+ 0x17, 0xaa, 0xa0, 0x0b, 0xd7, 0x97, 0x25, 0xa7, 0xdb, 0xfe, 0xab, 0xd2,
+ 0x3c, 0x9b, 0x6b, 0xdf, 0xa6, 0x87, 0xa3, 0xc0, 0x59, 0xb4, 0x08, 0x11,
+ 0xd4, 0x94, 0x49, 0x83, 0x70, 0x5f, 0x5b, 0x2d, 0x09, 0xd8, 0x53, 0x25,
+ 0xb6, 0xd9, 0x91, 0x32, 0xd3, 0x94, 0x79, 0xbb, 0x4d, 0xf7, 0xb6, 0x92,
+ 0xd3, 0xf4, 0x08, 0x50, 0xda, 0x7d, 0x91, 0x69, 0xad, 0xc3, 0x59, 0x4d,
+ 0xc0, 0x1c, 0x14, 0xf2, 0x95, 0xd3, 0xea, 0xa8, 0x85, 0xa3, 0x93, 0x62,
+ 0x73, 0x68, 0x4c, 0x36, 0x49, 0x35, 0x88, 0xf0, 0xe1, 0xc8, 0x29, 0xab,
+ 0x59, 0x4f, 0xef, 0x2c, 0x4c, 0x07, 0xbd, 0xf3, 0x05, 0x24, 0x41, 0x46,
+ 0x92, 0x66, 0x66, 0x79, 0x92, 0x32, 0x87, 0xcb, 0x90, 0x11, 0x2d, 0x54,
+ 0xda, 0x6d, 0x64, 0x72, 0xae, 0x7d, 0x19, 0x50, 0x61, 0x46, 0xd9, 0x58,
+ 0x2d, 0x28, 0x0d, 0x33, 0x7b, 0x17, 0x01, 0x61, 0x44, 0x77, 0x7e, 0x06,
+ 0x2b, 0x41, 0x88, 0xe6, 0x92, 0x9c, 0x69, 0xa8, 0x89, 0x9f, 0x4a, 0xa4,
+ 0x6f, 0x31, 0xa5, 0x68, 0xff, 0xdb, 0xb6, 0xe3, 0x0c, 0x3f, 0xc6, 0x24,
+ 0x5e, 0xfc, 0x0e, 0x31, 0x32, 0x64, 0xec, 0x3f, 0xe7, 0x7a, 0x29, 0x16,
+ 0x8f, 0xed, 0x6a, 0xb7, 0x96, 0x77, 0x29, 0xa3, 0xfe, 0x1e, 0x6b, 0x54,
+ 0x91, 0xe9, 0xbb, 0x38, 0x65, 0x70, 0x8c, 0x4e, 0x50, 0x39, 0x5e, 0x63,
+ 0xe4, 0x49, 0x33, 0x61, 0xb9, 0x92, 0x92, 0x51, 0xe9, 0x31, 0xf6, 0x5c,
+ 0x21, 0x1a, 0x53, 0xbf, 0x4a, 0xe1, 0xbc, 0x1f, 0x61, 0x66, 0x3d, 0x83,
+ 0x8c, 0x27, 0x17, 0x53, 0xbd, 0xf4, 0x3d, 0x13, 0xe3, 0xfe, 0x58, 0x60,
+ 0x12, 0x78, 0x3b, 0xb1, 0xd7, 0x94, 0x87, 0xe2, 0x3e, 0xc2, 0x16, 0x43,
+ 0x4e, 0xc8, 0xce, 0x43, 0xbc, 0x4a, 0xe4, 0xba, 0xd6, 0xfa, 0xfa, 0x7e,
+ 0x13, 0xd3, 0x28, 0x8f, 0xd2, 0x2b, 0x0b, 0x93, 0x8d, 0x42, 0xe8, 0xd2,
+ 0x50, 0x34, 0x31, 0xd8, 0xb3, 0xa7, 0x1c, 0x93, 0x3d, 0x80, 0x8f, 0x3f,
+ 0xee, 0x7d, 0x3c, 0xd1, 0xcc, 0x2a, 0x99, 0x39, 0xfd, 0x8f, 0xed, 0x8e,
+ 0x85, 0x51, 0x20, 0x04, 0xa7, 0xd7, 0x34, 0x83, 0x20, 0x7c, 0x91, 0x20,
+ 0x96, 0xe6, 0x88, 0xd6, 0x29, 0x99, 0xff, 0x18, 0xa9, 0x3b, 0x3e, 0x41,
+ 0x42, 0x80, 0x14, 0x3b, 0xf2, 0xc4, 0x24, 0x4e, 0x18, 0x04, 0xa0, 0xfb,
+ 0x17, 0x00, 0x2b, 0xf7, 0x44, 0x22, 0x4b, 0x7c, 0x38, 0xb6, 0x66, 0x4c,
+ 0x56, 0x85, 0xb2, 0x82, 0x92, 0xe8, 0x7b, 0x76, 0x33, 0x59, 0xe8, 0x09,
+ 0xd1, 0xef, 0xa0, 0x1b, 0x5b, 0xc2, 0xb1, 0x01, 0x6d, 0x7f, 0xbb, 0x37,
+ 0x72, 0x3f, 0xcd, 0x20, 0x6f, 0x2d, 0x9c, 0xfc, 0xfc, 0x1c, 0x2c, 0x24,
+ 0x3f, 0x30, 0xcd, 0xf5, 0x91, 0x0a, 0x09, 0xa5, 0xeb, 0x97, 0xb0, 0xc4,
+ 0x2c, 0xa3, 0x95, 0x57, 0xea, 0x59, 0x15, 0xc7, 0x81, 0xdf, 0x64, 0x99,
+ 0x1b, 0x20, 0x8d, 0xe0, 0x29, 0x7c, 0x23, 0x16, 0x3c, 0x8e, 0x2e, 0x0b,
+ 0xff, 0x02, 0xdc, 0x6f, 0x24, 0x1e, 0xfc, 0xac, 0x0f, 0x16, 0x38, 0xde,
+ 0x5c, 0x9c, 0x5f, 0x48, 0x13, 0xfb, 0xac, 0xbd, 0x99, 0x5e, 0x7e, 0xe0,
+ 0xcc, 0x3c, 0x21, 0x17, 0xfa, 0x67, 0x53, 0x31, 0xb3, 0x99, 0x98, 0x05,
+ 0x2d, 0xa1, 0xb2, 0x72, 0xf6, 0xe0, 0x73, 0xb5, 0x6e, 0xc7, 0xa0, 0x7f,
+ 0xfa, 0x75, 0x89, 0x20, 0x4c, 0x84, 0xa1, 0x2b, 0x39, 0x4a, 0xd1, 0xf5,
+ 0x36, 0xfa, 0x5f, 0xb2, 0x7e, 0x75, 0x1b, 0x21, 0xae, 0x30, 0x83, 0x14,
+ 0x3d, 0xf6, 0x4c, 0x3a, 0xd8, 0x1e, 0x05, 0xed, 0x93, 0xbf, 0xd3, 0xb2,
+ 0x46, 0x23, 0x43, 0x3d, 0x78, 0xf9, 0x94, 0x78, 0xae, 0x20, 0x8b, 0x49,
+ 0x8c, 0xac, 0x8f, 0x41, 0xe4, 0x5d, 0x96, 0x25, 0xd6, 0xd9, 0xde, 0x8b,
+ 0x6a, 0xcd, 0x37, 0x22, 0x1b, 0xd7, 0xca, 0x8a, 0xa3, 0x79, 0x7b, 0x3d,
+ 0x3e, 0x2d, 0xe3, 0x09, 0xa4, 0xbf, 0x9a, 0x48, 0x63, 0xa5, 0x88, 0xbf,
+ 0xb6, 0xfb, 0x7b, 0xcc, 0x29, 0xd2, 0x2f, 0xdc, 0x36, 0xab, 0xd6, 0x46,
+ 0xae, 0xf7, 0xca, 0xa9, 0xb4, 0x14, 0xae, 0xfe, 0x12, 0x62, 0xb9, 0xce,
+ 0x4b, 0x99, 0xf8, 0xa5, 0x59, 0x81, 0x83, 0x68, 0x48, 0x44, 0x75, 0xab,
+ 0xb2, 0x12, 0x89, 0x1c, 0xe7, 0x3d, 0x9b, 0x19, 0xa2, 0x6c, 0xa5, 0x62,
+ 0x48, 0xed, 0x1c, 0xba, 0x89, 0x61, 0xe4, 0x24, 0x8a, 0xd8, 0x87, 0xb7,
+ 0x64, 0xc8, 0x09, 0x20, 0x83, 0x50, 0x2b, 0xe7, 0xb9, 0x8c, 0x99, 0x05,
+ 0x18, 0xd3, 0xf5, 0x19, 0xec, 0x75, 0x83, 0x4c, 0x80, 0x20, 0x2b, 0x6a,
+ 0xa0, 0x75, 0x6b, 0x62, 0xd1, 0x02, 0x06, 0x16, 0x66, 0x9e, 0x5a, 0x13,
+ 0xfe, 0x1d, 0xf4, 0x95, 0xff, 0xc2, 0xd7, 0x94, 0xda, 0x70, 0x57, 0xc2,
+ 0x1d, 0xe8, 0x70, 0x13, 0x13, 0x95, 0x58, 0xdb, 0x0f, 0x1e, 0xab, 0x40,
+ 0xbc, 0x14, 0xe5, 0xdd, 0x8b, 0xf5, 0x42, 0x21, 0xb4, 0x86, 0xf9, 0x18,
+ 0x2b, 0xd4, 0x92, 0x39, 0xff, 0x11, 0x87, 0xa5, 0xe6, 0x64, 0xbc, 0x44,
+ 0xa0, 0x41, 0x38, 0xed, 0xce, 0x3b, 0xce, 0x8c, 0x56, 0xad, 0xa2, 0xd5,
+ 0xf2, 0x1c, 0x3b, 0xcb, 0x49, 0x27, 0x99, 0xab, 0xb1, 0x4a, 0x1b, 0x24,
+ 0x8f, 0xb0, 0x17, 0xc0, 0x9d, 0xb3, 0x25, 0xac, 0xa8, 0x71, 0x78, 0x2b,
+ 0xd3, 0xa0, 0xc9, 0x76, 0xc5, 0x5b, 0x2d, 0xfc, 0x20, 0x5c, 0x48, 0x0f,
+ 0xfe, 0x19, 0x0b, 0x21, 0xed, 0xf3, 0xed, 0x19, 0xa1, 0xba, 0x27, 0xc3,
+ 0x91, 0xa1, 0xf4, 0x98, 0x62, 0x14, 0xcf, 0x4a, 0x13, 0x1a, 0x35, 0xda,
+ 0x09, 0xfe, 0x34, 0x6a, 0x47, 0x2a, 0x47, 0x7e, 0x99, 0x52, 0x03, 0x8b,
+ 0x47, 0xc6, 0x37, 0x2f, 0xb6, 0xc8, 0x80, 0x7a, 0x14, 0x41, 0x7d, 0x10,
+ 0x93, 0x48, 0xad, 0x95, 0xb5, 0xbb, 0x72, 0xd0, 0x36, 0xfb, 0x07, 0xfa,
+ 0x42, 0x2c, 0x5b, 0x0a, 0xea, 0xe4, 0xea, 0x67, 0x05, 0x1c, 0x73, 0x20,
+ 0xc5, 0xe6, 0x86, 0x87, 0xac, 0xe1, 0xcb, 0x67, 0xae, 0x01, 0x71, 0x05,
+ 0x1e, 0xe5, 0x13, 0x1a, 0x9e, 0xa8, 0xbc, 0xd0, 0x66, 0x83, 0x30, 0x33,
+ 0xcb, 0xf8, 0x01, 0x61, 0x60, 0xe3, 0xfc, 0x55, 0x7f, 0x3b, 0xd0, 0x51,
+ 0x2e, 0x82, 0xb6, 0x11, 0x25, 0xe1, 0x50, 0x77, 0x02, 0x7d, 0x6c, 0x16,
+ 0x37, 0x02, 0xa6, 0x9f, 0x8c, 0xdd, 0x50, 0xdc, 0x95, 0xb6, 0x4a, 0xc9,
+ 0x97, 0xee, 0x0a, 0x11, 0x3c, 0x81, 0xbd, 0x08, 0x23, 0xda, 0xbe, 0xa7,
+ 0x39, 0x8c, 0x24, 0x68, 0x2b, 0x68, 0x7b, 0x9e, 0x1a, 0xf1, 0xb7, 0x58,
+ 0x2f, 0x2a, 0x3f, 0x90, 0xd8, 0x9a, 0xad, 0x92, 0xae, 0x2b, 0xb2, 0x41,
+ 0x46, 0x2d, 0x80, 0xac, 0x84, 0x61, 0xe4, 0x7f, 0xb0, 0x59, 0xa6, 0x3e,
+ 0x4d, 0x61, 0x8a, 0xb7, 0x6b, 0xaa, 0xb4, 0x86, 0x63, 0xd2, 0xf3, 0x12,
+ 0xac, 0xe5, 0x97, 0x88, 0xaf, 0x29, 0xdd, 0x7c, 0xa3, 0xcd, 0x8d, 0x9f,
+ 0x53, 0x22, 0xaf, 0x62, 0xad, 0xf9, 0x96, 0x10, 0x8d, 0x98, 0x99, 0x9a,
+ 0x39, 0x10, 0x1a, 0x09, 0xad, 0x50, 0x52, 0x73, 0xb5, 0xfd, 0xde, 0xe4,
+ 0xf6, 0xe9, 0x96, 0x65, 0xc8, 0x42, 0xf0, 0xf8, 0x31, 0x5a, 0xe5, 0x6d,
+ 0x3b, 0x66, 0x02, 0xc4, 0x76, 0x45, 0xd8, 0xce, 0x97, 0xb9, 0xdd, 0x3b,
+ 0x00, 0x8a, 0xda, 0x7b, 0x23, 0x7d, 0xc2, 0x4e, 0x18, 0xa9, 0xa0, 0x89,
+ 0x3a, 0x19, 0xfd, 0xff, 0xcb, 0x3e, 0xd6, 0x8d, 0xcb, 0x40, 0xa7, 0x9f,
+ 0x3b, 0xe9, 0x9c, 0xe9, 0x4f, 0x91, 0x5a, 0xa0, 0x24, 0x44, 0x4a, 0x37,
+ 0x2b, 0xd5, 0x2c, 0x39, 0x8c, 0xe6, 0x1a, 0xcc, 0x23, 0x28, 0x88, 0xca,
+ 0xfc, 0x77, 0xbd, 0xbf, 0x71, 0x2b, 0x0b, 0x2a, 0xb9, 0x36, 0x6a, 0x71,
+ 0x88, 0x1e, 0x50, 0x76, 0x4c, 0xba, 0xe4, 0x43, 0xd0, 0xf1, 0x08, 0x5f,
+ 0xe3, 0xb4, 0x18, 0x3e, 0x6c, 0x9d, 0xcd, 0xb7, 0xf4, 0xb7, 0x54, 0xdd,
+ 0x71, 0xe0, 0xd3, 0xcb, 0x30, 0x3d, 0x74, 0x7c, 0x8a, 0x22, 0xd4, 0x38,
+ 0x9c, 0x63, 0x24, 0x37, 0x26, 0x0c, 0x32, 0xaa, 0x7b, 0xaa, 0x54, 0x49,
+ 0x98, 0xc4, 0x5a, 0x4e, 0xb3, 0x9b, 0xa8, 0x8e, 0xb6, 0x61, 0x0c, 0xf6,
+ 0xe8, 0x1c, 0x1e, 0xb2, 0x4c, 0xd6, 0x2c, 0x03, 0x2d, 0x87, 0xc8, 0x23,
+ 0x85, 0xfa, 0x06, 0x4e, 0x60, 0x23, 0x88, 0x9b, 0x8c, 0xad, 0x74, 0x99,
+ 0x95, 0x5d, 0x9b, 0x79, 0x40, 0xad, 0x1e, 0x9c, 0xa3, 0xcf, 0xa4, 0x5e,
+ 0xf4, 0xc0, 0x2e, 0xe1, 0x1b, 0x22, 0xc3, 0x9d, 0xb0, 0xc7, 0x80, 0xc5,
+ 0x00, 0x8b, 0xd8, 0x45, 0x01, 0x27, 0xf2, 0x1c, 0x25, 0x9d, 0x73, 0xa3,
+ 0xf4, 0x1c, 0x19, 0x1d, 0xc4, 0x46, 0xb3, 0x12, 0x9b, 0xdb, 0xa0, 0x31,
+ 0x46, 0xb6, 0xf2, 0xaa, 0x27, 0xae, 0x80, 0x51, 0xac, 0x2c, 0xca, 0x1a,
+ 0x60, 0xaa, 0x1a, 0x57, 0xb9, 0x88, 0x2f, 0xbd, 0x60, 0x48, 0xa0, 0xe6,
+ 0xf3, 0xce, 0x3b, 0x48, 0x80, 0xe4, 0x3a, 0x82, 0x49, 0xcf, 0x68, 0x54,
+ 0x48, 0xd3, 0xab, 0x70, 0xd8, 0x0a, 0x8c, 0x75, 0x66, 0x9b, 0x8b, 0x71,
+ 0x65, 0xbf, 0x1b, 0x7c, 0xcf, 0x51, 0x67, 0xce, 0x3c, 0x16, 0x3b, 0x1c,
+ 0xe8, 0x77, 0x33, 0x49, 0x4d, 0x15, 0x04, 0x2b, 0xfc, 0x3a, 0xcf, 0x97,
+ 0x38, 0x97, 0x65, 0x77, 0x23, 0x95, 0xc4, 0x24, 0x7e, 0x44, 0x60, 0x04,
+ 0x46, 0xa1, 0x41, 0x9a, 0x1a, 0x22, 0xbc, 0x4f, 0x10, 0xad, 0x52, 0xc1,
+ 0xf2, 0xbf, 0xe8, 0xd6, 0x44, 0x65, 0xed, 0x66, 0x93, 0x77, 0x64, 0xa1,
+ 0xcf, 0x25, 0xb6, 0x53, 0x32, 0x5a, 0x89, 0xf4, 0xe3, 0x47, 0x7f, 0xeb,
+ 0x60, 0x68, 0x12, 0x50, 0x47, 0x32, 0x72, 0x31, 0x61, 0x26, 0xf9, 0x20,
+ 0x52, 0x9c, 0xa6, 0x95, 0x66, 0xb7, 0x28, 0x7b, 0xc7, 0x9b, 0xe0, 0xc6,
+ 0x19, 0x06, 0x3d, 0xe0, 0x29, 0x59, 0xe6, 0xc1, 0x21, 0x26, 0x5c, 0x72,
+ 0x98, 0x05, 0xde, 0x5b, 0xae, 0x5a, 0x5c, 0x40, 0xf8, 0x31, 0x9b, 0x5e,
+ 0xa8, 0x18, 0x75, 0x1e, 0xb4, 0x22, 0x4a, 0xda, 0x41, 0xa8, 0x1e, 0xec,
+ 0x6a, 0x39, 0x8c, 0xfa, 0x6f, 0xa9, 0xdc, 0xa5, 0x8f, 0xc5, 0x67, 0x8a,
+ 0x68, 0xde, 0xee, 0xc4, 0x0a, 0xcd, 0x34, 0x6b, 0xf7, 0x57, 0x5f, 0x19,
+ 0x8c, 0x98, 0xdd, 0xec, 0x4f, 0xd2, 0x28, 0x48, 0x4d, 0x34, 0x86, 0x6a,
+ 0x2f, 0x5a, 0x36, 0x80, 0x5d, 0x22, 0x68, 0xd2, 0x3e, 0x39, 0x2a, 0x0d,
+ 0xeb, 0xbf, 0x91, 0x83, 0x80, 0x60, 0xa8, 0x44, 0x67, 0x21, 0x89, 0xca,
+ 0x8a, 0x52, 0xcd, 0x7e, 0xcf, 0xa5, 0x99, 0xd0, 0x72, 0xa9, 0x62, 0x7b,
+ 0xfa, 0x38, 0x36, 0x20, 0xe1, 0x19, 0xb5, 0x6d, 0x68, 0x9a, 0x44, 0x7e,
+ 0x7b, 0x1d, 0x46, 0x11, 0x49, 0x26, 0x9e, 0xbd, 0x06, 0xb2, 0x01, 0x53,
+ 0x02, 0xf2, 0x47, 0xe6, 0x57, 0x74, 0x09, 0x13, 0x39, 0x38, 0x02, 0x34,
+ 0x2a, 0x3b, 0x8d, 0xc0, 0x68, 0x2d, 0x2c, 0x7c, 0x1e, 0x38, 0x80, 0xdb,
+ 0x0a, 0xbf, 0xf7, 0x31, 0x35, 0xec, 0xbb, 0xaa, 0xc9, 0xaa, 0x0e, 0x9c,
+ 0x33, 0x8e, 0x7f, 0x85, 0x1f, 0x69, 0x9f, 0xf2, 0x48, 0x5d, 0x51, 0x51,
+ 0xde, 0x33, 0x87, 0x8f, 0x09, 0x02, 0x9e, 0xb7, 0x42, 0xa5, 0x32, 0x1a,
+ 0xe8, 0xf7, 0xa3, 0x8e, 0xfc, 0x5c, 0xcc, 0x8b, 0x8c, 0xc4, 0x44, 0x66,
+ 0xca, 0x28, 0xe4, 0x54, 0xc2, 0xfa, 0x9f, 0x69, 0xd8, 0xfe, 0x1e, 0x37,
+ 0x6b, 0x34, 0x04, 0x94, 0xfe, 0x47, 0xa4, 0x6d, 0x45, 0x28, 0x19, 0xa2,
+ 0xd8, 0x42, 0x89, 0xc7, 0xa0, 0x05, 0x34, 0x3c, 0x9f, 0xb3, 0x0d, 0xa2,
+ 0x56, 0xb3, 0x45, 0xc4, 0x8c, 0x0b, 0x60, 0xcf, 0x58, 0x40, 0xa0, 0x21,
+ 0x49, 0x3a, 0xac, 0xee, 0x6b, 0xc8, 0x98, 0x1c, 0x7c, 0xf9, 0x9d, 0xac,
+ 0x7c, 0x9c, 0xc8, 0xd5, 0xcf, 0xf9, 0x2a, 0x83, 0xec, 0x50, 0x0e, 0xf2,
+ 0x4d, 0x73, 0x05, 0xf2, 0x0f, 0xea, 0xca, 0x45, 0x2b, 0x97, 0x75, 0xbd,
+ 0x53, 0x63, 0x36, 0x68, 0x9b, 0x14, 0x5c, 0xe0, 0x75, 0xd3, 0xb9, 0xe3,
+ 0x25, 0x04, 0x75, 0x7a, 0xe7, 0xb7, 0xa5, 0x44, 0x14, 0x0d, 0xc4, 0x4f,
+ 0xab, 0x86, 0x94, 0xdf, 0x50, 0x76, 0x73, 0xd7, 0x8d, 0x21, 0x2c, 0x77,
+ 0x51, 0x16, 0xb2, 0x4a, 0x5f, 0xcb, 0x45, 0x6c, 0x19, 0x7a, 0x3b, 0x61,
+ 0xbb, 0x98, 0xe4, 0xd3, 0x4a, 0x33, 0x1d, 0x88, 0x4c, 0x65, 0x1d, 0xdb,
+ 0x86, 0xd0, 0x14, 0x2f, 0x3e, 0x27, 0x37, 0x1e, 0xbc, 0x88, 0x84, 0x23,
+ 0x07, 0xe1, 0xc4, 0xaa, 0x5b, 0xde, 0x03, 0x86, 0x77, 0xfd, 0x53, 0x73,
+ 0xd0, 0x70, 0xa2, 0xf9, 0xc6, 0x6c, 0xcb, 0x60, 0xd7, 0xe3, 0xa5, 0xd8,
+ 0x34, 0xf8, 0x35, 0x7d, 0xe1, 0xaf, 0x8b, 0x0c, 0x04, 0x42, 0x70, 0x06,
+ 0x32, 0xb5, 0x7e, 0x9e, 0xec, 0xda, 0xef, 0xd3, 0xd6, 0x3d, 0xd0, 0x6a,
+ 0xcb, 0x7b, 0xed, 0xde, 0xb9, 0x0c, 0xf3, 0xb1, 0x88, 0x35, 0x4a, 0x79,
+ 0x2c, 0x88, 0x63, 0xbc, 0xb7, 0x1a, 0x3e, 0xee, 0x61, 0xc5, 0x1f, 0x1b,
+ 0x94, 0xbb, 0xc1, 0x6b, 0x61, 0xfa, 0x43, 0x27, 0x9b, 0x39, 0x5d, 0x0f,
+ 0xb8, 0x0d, 0x25, 0xa7, 0xcc, 0x1c, 0x99, 0x36, 0xa0, 0x07, 0x71, 0xa9,
+ 0x39, 0x73, 0x3a, 0x5a, 0x12, 0x99, 0xa6, 0x32, 0x30, 0xa5, 0x85, 0x84,
+ 0xa4, 0xe8, 0x98, 0xb4, 0xd1, 0xd1, 0x5d, 0x39, 0xeb, 0x24, 0xde, 0xf2,
+ 0xb4, 0xc2, 0x09, 0x90, 0x1a, 0x1b, 0x61, 0x58, 0x51, 0x11, 0x75, 0x7a,
+ 0x37, 0x0f, 0x69, 0x07, 0x6d, 0xfa, 0x14, 0x08, 0x84, 0xce, 0x4e, 0xa4,
+ 0x91, 0x96, 0x64, 0xfe, 0x1b, 0x4d, 0xa4, 0x52, 0x4e, 0xa8, 0x25, 0xa8,
+ 0x70, 0x25, 0xb0, 0x60, 0xed, 0xbe, 0x65, 0x3f, 0x8a, 0xf5, 0x95, 0x5a,
+ 0xf7, 0xda, 0xe2, 0xd7, 0xc2, 0xcf, 0x3b, 0xdc, 0x44, 0xf6, 0xe7, 0x68,
+ 0x10, 0x50, 0x29, 0xbe, 0x48, 0x55, 0xcc, 0xac, 0xaf, 0x12, 0xa9, 0x61,
+ 0x89, 0x89, 0xc9, 0xca, 0xef, 0x37, 0x35, 0x49, 0x0c, 0xc2, 0xb6, 0x36,
+ 0xbf, 0x6e, 0x24, 0x80, 0x5c, 0x0c, 0x78, 0x33, 0x64, 0xfe, 0x5b, 0xf3,
+ 0x75, 0x36, 0x65, 0x28, 0xeb, 0x20, 0xb4, 0xb0, 0x61, 0xcd, 0x7a, 0x0b,
+ 0x24, 0x1e, 0x46, 0x1d, 0x10, 0xb1, 0x25, 0x6e, 0x3a, 0x25, 0x86, 0xf6,
+ 0xad, 0x1c, 0x43, 0x0c, 0xf9, 0xcf, 0x42, 0xe0, 0x67, 0x2b, 0x36, 0x51,
+ 0x66, 0xbb, 0xf7, 0xea, 0x41, 0x69, 0x6e, 0xb8, 0xb7, 0x0e, 0xfc, 0xfd,
+ 0xaa, 0x1a, 0x95, 0x43, 0x08, 0x4b, 0xb8, 0xfc, 0x3b, 0x99, 0xeb, 0xa0,
+ 0x7c, 0x8d, 0xbd, 0x69, 0x49, 0xd3, 0xdd, 0x0f, 0x8e, 0xbe, 0x34, 0xd2,
+ 0x27, 0x87, 0x64, 0x79, 0x0d, 0xa6, 0xf2, 0xe5, 0x2f, 0xe3, 0xad, 0x2f,
+ 0x21, 0xd6, 0x36, 0x58, 0x2c, 0x6e, 0x6a, 0x43, 0x6b, 0xc7, 0x3d, 0x8b,
+ 0x8d, 0x24, 0xf0, 0xcb, 0x33, 0xdf, 0xf1, 0xd2, 0xeb, 0xcb, 0x5d, 0x00,
+ 0xb1, 0x63, 0x08, 0x77, 0x9d, 0xfc, 0xa1, 0x58, 0x7d, 0xe4, 0xb7, 0x95,
+ 0xc5, 0x99, 0x08, 0x6f, 0xf9, 0xc9, 0x50, 0x4f, 0x8c, 0xa8, 0xc0, 0xe6,
+ 0xc4, 0xff, 0x00, 0xcd, 0x6f, 0xbe, 0xa3, 0xb6, 0x66, 0x63, 0x5d, 0x4b,
+ 0x60, 0x4b, 0x1b, 0x3e, 0xc6, 0x70, 0x65, 0xe4, 0x8e, 0x48, 0xb2, 0x68,
+ 0xdc, 0xd1, 0xac, 0x78, 0x46, 0x3d, 0x32, 0x58, 0x00, 0xfb, 0x28, 0x95,
+ 0x7a, 0xf7, 0x11, 0x33, 0x5a, 0x5b, 0xb8, 0xfa, 0xe0, 0xa1, 0x84, 0x33,
+ 0x64, 0x36, 0x37, 0xd4, 0x64, 0x9e, 0xc1, 0x05, 0xca, 0x87, 0x1d, 0xee,
+ 0xc0, 0x4f, 0xf4, 0xd4, 0x81, 0x78, 0x54, 0x09, 0x93, 0x56, 0xc0, 0xb6,
+ 0x7e, 0x26, 0xc3, 0xed, 0xec, 0xdb, 0x24, 0x2c, 0x80, 0xee, 0x0a, 0x57,
+ 0x6c, 0xa9, 0x85, 0x1d, 0x44, 0xdd, 0x61, 0xb6, 0xfc, 0xdb, 0xd1, 0x00,
+ 0xd0, 0x5f, 0xbb, 0x43, 0xcf, 0x32, 0x41, 0x2a, 0xef, 0xe8, 0x57, 0x89,
+ 0x6d, 0xf0, 0x55, 0x8c, 0x54, 0x61, 0xee, 0x8a, 0xf7, 0x1d, 0x90, 0x51,
+ 0x0f, 0x4e, 0x56, 0xd6, 0x9d, 0x71, 0x77, 0x3c, 0xe5, 0x28, 0xee, 0xc1,
+ 0xd6, 0x8f, 0xef, 0xbd, 0x2c, 0x83, 0xb8, 0xce, 0x24, 0xa4, 0x41, 0x90,
+ 0x14, 0x59, 0xd2, 0xfc, 0xc3, 0x0e, 0x5d, 0xa9, 0x22, 0x3b, 0xd3, 0xa4,
+ 0x30, 0x19, 0x05, 0x64, 0x61, 0x1e, 0x86, 0xec, 0x89, 0x19, 0x75, 0xaf,
+ 0x80, 0xe3, 0xd7, 0xfb, 0x0a, 0x91, 0xe2, 0xb7, 0xd1, 0x6f, 0xe4, 0xcc,
+ 0x88, 0x92, 0x48, 0xed, 0x1e, 0x3b, 0xec, 0xa3, 0x9d, 0xeb, 0x9e, 0x78,
+ 0xb1, 0xa9, 0x34, 0xc1, 0xb6, 0x9b, 0xfc, 0x1e, 0x2d, 0xef, 0xb1, 0x16,
+ 0x49, 0xd9, 0x60, 0xde, 0xd0, 0xf5, 0x69, 0x12, 0x4d, 0xa1, 0xf7, 0xb4,
+ 0x58, 0x3d, 0x9e, 0xb7, 0x93, 0xce, 0x37, 0x33, 0xc1, 0x82, 0x00, 0x74,
+ 0x20, 0xfb, 0x3f, 0x48, 0xb1, 0x52, 0x43, 0x0c, 0x5c, 0x96, 0x82, 0x84,
+ 0x4b, 0xe3, 0x8e, 0x1a, 0xe4, 0x64, 0x39, 0x6d, 0x98, 0x1c, 0x65, 0x11,
+ 0xb2, 0x06, 0xc1, 0xae, 0x01, 0x68, 0xd6, 0xfe, 0x57, 0xe7, 0x53, 0xd7,
+ 0xb1, 0x9f, 0xf9, 0xc8, 0x14, 0x17, 0x85, 0x5c, 0x41, 0x2b, 0x30, 0x60,
+ 0xbe, 0xfb, 0x61, 0x6b, 0xd9, 0x04, 0x24, 0xa3, 0xec, 0x84, 0x29, 0x20,
+ 0x6a, 0x70, 0x85, 0x1c, 0xf7, 0xe1, 0xce, 0x37, 0x14, 0x13, 0x6c, 0xfe,
+ 0xe5, 0x48, 0x6a, 0x33, 0xb9, 0xb9, 0xa2, 0x31, 0x5f, 0xec, 0x3f, 0x8b,
+ 0x16, 0x63, 0xb1, 0x2a, 0xb3, 0x6b, 0x07, 0x9a, 0x72, 0x62, 0xd2, 0x02,
+ 0xef, 0x4c, 0x77, 0x82, 0x1b, 0xaa, 0xbf, 0xc4, 0xe2, 0x21, 0x2f, 0xc9,
+ 0x31, 0x3d, 0x92, 0xf4, 0x73, 0x02, 0xa2, 0x47, 0x90, 0xed, 0xcb, 0xb2,
+ 0xb9, 0xcd, 0xbf, 0xab, 0x7f, 0x6a, 0xe8, 0xc5, 0x19, 0x9a, 0x6a, 0x02,
+ 0x98, 0x36, 0xfb, 0xe1, 0xae, 0xac, 0x6b, 0xca, 0x93, 0x59, 0xf1, 0x04,
+ 0x9e, 0xd8, 0x78, 0x1e, 0x6d, 0x85, 0x3e, 0x2a, 0xe8, 0x79, 0x12, 0x67,
+ 0x27, 0xb4, 0x9b, 0x66, 0xf7, 0xe2, 0x01, 0xf4, 0x98, 0xbe, 0xb0, 0x74,
+ 0x6d, 0x91, 0xf8, 0x3c, 0x18, 0x7e, 0xc6, 0x84, 0x10, 0x51, 0xda, 0x14,
+ 0x69, 0xc0, 0xac, 0xa4, 0xe3, 0xd8, 0x97, 0x73, 0xfe, 0xeb, 0xe0, 0xae,
+ 0x51, 0xc4, 0x22, 0xa5, 0x91, 0x6f, 0x87, 0x38, 0x39, 0x9e, 0x97, 0x3a,
+ 0xeb, 0x91, 0xa9, 0xbb, 0xf9, 0xa4, 0xca, 0x3e, 0xef, 0x17, 0x58, 0x79,
+ 0x45, 0x77, 0x2b, 0xe7, 0x50, 0x92, 0x85, 0x90, 0x12, 0xc5, 0xc3, 0xe3,
+ 0xcd, 0xc4, 0xbe, 0xbf, 0x6f, 0x47, 0x25, 0x88, 0xcd, 0x6c, 0xcc, 0xee,
+ 0x9e, 0x61, 0x1b, 0x78, 0x0d, 0xd7, 0xaa, 0x77, 0x1b, 0x05, 0x91, 0xe7,
+ 0x28, 0x09, 0xfc, 0x66, 0xe5, 0x7e, 0x28, 0xb3, 0x1d, 0x29, 0x33, 0x09,
+ 0xdd, 0x15, 0x28, 0x17, 0x40, 0xa2, 0xef, 0xf4, 0xb9, 0x98, 0x2d, 0xc4,
+ 0x22, 0x9b, 0x1e, 0xc1, 0xef, 0x49, 0x5f, 0xe7, 0xb9, 0xf2, 0x5b, 0x74,
+ 0x6c, 0xd0, 0x11, 0xca, 0x5a, 0x3c, 0xa5, 0x78, 0xe7, 0xd2, 0xd7, 0x05,
+ 0x86, 0x06, 0x7d, 0xe9, 0x13, 0x6f, 0xcd, 0x12, 0x26, 0x51, 0x9c, 0xf8,
+ 0xcb, 0x5f, 0x38, 0x89, 0x32, 0xbb, 0xaa, 0x8c, 0xb9, 0xac, 0x67, 0x19,
+ 0xee, 0xf8, 0x9f, 0x8b, 0x89, 0xca, 0xbc, 0x89, 0x13, 0xd3, 0x7e, 0x2b,
+ 0xa7, 0xb0, 0x8c, 0x5f, 0x4e, 0x89, 0xad, 0x75, 0xc7, 0xc1, 0xf1, 0xd3,
+ 0xa1, 0x0d, 0xc1, 0xbc, 0x7f, 0x60, 0xcf, 0x83, 0x5f, 0x27, 0x43, 0xe1,
+ 0x2f, 0x45, 0x0c, 0x01, 0x65, 0x73, 0x31, 0x34, 0x63, 0x52, 0x44, 0x0e,
+ 0x2a, 0x6c, 0x10, 0x29, 0xf4, 0xad, 0x51, 0x07, 0x58, 0x41, 0xc6, 0x74,
+ 0xac, 0x8c, 0xfc, 0x01, 0xba, 0x80, 0xb9, 0x2d, 0x02, 0xc6, 0x96, 0x1d,
+ 0xcf, 0x6d, 0xad, 0xb2, 0xc1, 0x8f, 0xec, 0x6d, 0xdd, 0xb6, 0x70, 0x4c,
+ 0x99, 0x33, 0x16, 0xb2, 0x60, 0x34, 0xc3, 0xaa, 0x15, 0x09, 0xf2, 0x62,
+ 0xf2, 0x95, 0x80, 0xf2, 0xc1, 0xca, 0x6d, 0x20, 0x67, 0x79, 0x7a, 0x29,
+ 0xfa, 0xbb, 0x19, 0xd8, 0xd8, 0x20, 0xa7, 0x56, 0x84, 0xce, 0x96, 0x2c,
+ 0x92, 0x0d, 0xf7, 0x00, 0x66, 0xc5, 0x8e, 0x05, 0x59, 0x3e, 0xf7, 0xa9,
+ 0x14, 0x6b, 0x50, 0xaf, 0x83, 0xfd, 0x7b, 0x58, 0x5c, 0x2c, 0x6b, 0x7f,
+ 0x84, 0x60, 0x53, 0xbb, 0x02, 0x3e, 0xad, 0x6c, 0x58, 0xe4, 0x0f, 0x7b,
+ 0x77, 0x54, 0xd8, 0x11, 0x35, 0x5d, 0x98, 0x63, 0x51, 0x0c, 0x3f, 0x16,
+ 0x3f, 0x8a, 0x1e, 0xf3, 0x58, 0x59, 0xb1, 0x32, 0x98, 0x10, 0xda, 0x94,
+ 0x61, 0x81, 0x78, 0xf4, 0xec, 0x3b, 0x88, 0xc6, 0x47, 0xb1, 0xad, 0x01,
+ 0xe6, 0xdb, 0x70, 0xa8, 0x13, 0x59, 0xbb, 0x67, 0x10, 0xeb, 0x7c, 0x5c,
+ 0xba, 0x5d, 0xba, 0xdf, 0x81, 0xf0, 0xe9, 0x80, 0x75, 0xe4, 0x61, 0xb0,
+ 0x72, 0xcf, 0x3b, 0x7a, 0xeb, 0xf0, 0xc1, 0xdf, 0xb9, 0xcc, 0x6f, 0x07,
+ 0x75, 0xce, 0x22, 0xc8, 0x90, 0x3f, 0x90, 0xc9, 0xf3, 0x68, 0x91, 0xc8,
+ 0xf2, 0x51, 0x2e, 0x72, 0x54, 0x40, 0x76, 0xdb, 0x9c, 0x75, 0x70, 0x5b,
+ 0x5f, 0xd4, 0x5a, 0x45, 0x81, 0x89, 0x4a, 0xd8, 0x76, 0x22, 0x3e, 0xba,
+ 0xaf, 0x80, 0xee, 0xe6, 0x8e, 0xd1, 0x14, 0xad, 0x24, 0x6f, 0x54, 0x71,
+ 0x7d, 0x9f, 0x94, 0x25, 0x19, 0x39, 0xcc, 0x11, 0x11, 0x1a, 0x15, 0xcb,
+ 0xc7, 0x02, 0xcd, 0x82, 0xf5, 0x7c, 0xbf, 0x11, 0x32, 0xd2, 0x33, 0xc6,
+ 0xee, 0x05, 0x02, 0x46, 0x9d, 0xe6, 0xaf, 0xdd, 0xde, 0x94, 0xac, 0x35,
+ 0xf1, 0x4f, 0x21, 0xbe, 0xab, 0x05, 0x78, 0xae, 0xd4, 0x6c, 0x64, 0x10,
+ 0x71, 0xc4, 0x64, 0x11, 0x5d, 0x06, 0xc7, 0xdf, 0xfd, 0x1b, 0x90, 0x81,
+ 0x75, 0xd2, 0xee, 0x2f, 0x8e, 0x5a, 0xe2, 0xc6, 0x12, 0x95, 0xda, 0xfb,
+ 0xf1, 0xea, 0xf2, 0xfc, 0xcc, 0x09, 0x8b, 0xd3, 0x0d, 0x76, 0x20, 0xb1,
+ 0xe6, 0x62, 0xe4, 0xee, 0xfe, 0x1e, 0x45, 0x70, 0x25, 0x91, 0x61, 0x3a,
+ 0xb5, 0xd5, 0x86, 0xa3, 0xb6, 0x96, 0x9c, 0xc0, 0xa3, 0x61, 0x77, 0x30,
+ 0xc4, 0x83, 0x1b, 0xeb, 0xa6, 0x46, 0x5c, 0xe7, 0xb6, 0x2b, 0xb2, 0xf6,
+ 0xce, 0xd8, 0xb0, 0xad, 0xff, 0x8d, 0x70, 0x19, 0x3d, 0x37, 0x6a, 0x77,
+ 0xc6, 0xac, 0x91, 0x20, 0xdd, 0x8c, 0x4a, 0x9f, 0x99, 0x3e, 0x9f, 0x57,
+ 0x7e, 0x81, 0x84, 0xd3, 0x4c, 0x56, 0x2e, 0xa4, 0xff, 0xa7, 0xa5, 0x25,
+ 0x86, 0xbf, 0x80, 0x04, 0x6e, 0x8f, 0xe8, 0xf9, 0x1f, 0x38, 0x60, 0xf6,
+ 0x2c, 0xae, 0x7f, 0xe0, 0xe5, 0x9f, 0x5e, 0x21, 0x08, 0xbb, 0xe1, 0x41,
+ 0x42, 0xc2, 0xa5, 0xd9, 0xfd, 0x73, 0x82, 0x86, 0xfa, 0x86, 0xe6, 0x91,
+ 0x53, 0x6f, 0x99, 0x21, 0x29, 0x09, 0xb9, 0xfe, 0x91, 0x20, 0x99, 0xd8,
+ 0xf1, 0xe9, 0xfc, 0x63, 0x2f, 0x51, 0x52, 0x7d, 0x3f, 0xe6, 0x88, 0xbd,
+ 0x31, 0xdf, 0x74, 0xa0, 0xb8, 0x5d, 0xf0, 0x9d, 0x07, 0x20, 0xd3, 0x26,
+ 0x7b, 0x80, 0xbd, 0x07, 0x6d, 0x32, 0xbb, 0x62, 0xd2, 0xec, 0x35, 0x3f,
+ 0x7e, 0x5c, 0x10, 0xd0, 0x94, 0xd9, 0x14, 0x09, 0xee, 0xdc, 0x6f, 0xcd,
+ 0xbb, 0x57, 0x1b, 0xed, 0x9a, 0x29, 0xfe, 0x34, 0x83, 0x3e, 0x08, 0x82,
+ 0xc1, 0xa1, 0xae, 0x8d, 0xc6, 0x7c, 0xa2, 0x5f, 0x49, 0x1e, 0x9a, 0x55,
+ 0xfc, 0x88, 0x21, 0x45, 0xde, 0xd1, 0x7e, 0x4c, 0xe0, 0x38, 0x9c, 0xea,
+ 0xd7, 0x18, 0x0a, 0xba, 0x80, 0x23, 0xd6, 0x3e, 0x2e, 0xe1, 0x3e, 0x34,
+ 0x83, 0x7b, 0x69, 0x42, 0xfc, 0xf6, 0xf0, 0x17, 0xc1, 0xac, 0x7f, 0x86,
+ 0xc1, 0x86, 0x81, 0x8c, 0x01, 0xe7, 0x70, 0x02, 0x55, 0x7a, 0x72, 0xf2,
+ 0xee, 0x4c, 0x96, 0xb9, 0xa1, 0xb9, 0x50, 0x67, 0x95, 0x74, 0x42, 0xd1,
+ 0x16, 0x79, 0x90, 0xb2, 0x85, 0x78, 0x5b, 0x91, 0xf8, 0x59, 0x19, 0xe7,
+ 0x6e, 0xb6, 0xc6, 0xff, 0xe0, 0x27, 0x2a, 0x39, 0x82, 0x91, 0xf2, 0x5b,
+ 0xb4, 0x4c, 0x56, 0x22, 0x46, 0x06, 0x09, 0xf3, 0x6e, 0x2e, 0x69, 0x3b,
+ 0x58, 0x7f, 0xb9, 0x8e, 0x40, 0x59, 0x51, 0xb0, 0x2f, 0x4c, 0x0d, 0x7b,
+ 0x01, 0x9f, 0x0a, 0xf3, 0xdd, 0x38, 0xb3, 0xc9, 0x49, 0x15, 0xea, 0xaf,
+ 0x6a, 0xf0, 0x2a, 0xe7, 0x3d, 0x23, 0xb2, 0xe7, 0xf7, 0x5d, 0xb9, 0xa0,
+ 0x40, 0xd0, 0x4b, 0xcd, 0x95, 0xca, 0x54, 0xba, 0x25, 0x82, 0x11, 0xb8,
+ 0x45, 0x76, 0x4c, 0xa9, 0x6f, 0x46, 0x1e, 0xf0, 0xcb, 0xcb, 0x89, 0x92,
+ 0x2c, 0x5f, 0xdf, 0xbb, 0x80, 0xcb, 0x30, 0x5b, 0xbe, 0x29, 0x21, 0x23,
+ 0x2f, 0x87, 0xa0, 0x1e, 0xe8, 0xe4, 0x29, 0x8c, 0x77, 0x78, 0x10, 0xb1,
+ 0x2c, 0x35, 0x10, 0xa0, 0x17, 0x8c, 0x12, 0x57, 0x2e, 0xca, 0xae, 0xa7,
+ 0x56, 0x21, 0xde, 0x74, 0x17, 0xf9, 0xa4, 0xdd, 0x38, 0x9c, 0xb9, 0x0f,
+ 0x2a, 0xa7, 0x33, 0xb7, 0x22, 0xb3, 0x2b, 0xd9, 0xcd, 0x88, 0x3e, 0x86,
+ 0x85, 0x38, 0xae, 0xb5, 0x88, 0x8d, 0xa4, 0x8f, 0x99, 0x1e, 0x2f, 0x4a,
+ 0x8c, 0xfe, 0x58, 0x7f, 0xb4, 0x6e, 0xf2, 0x4f, 0x9e, 0x9f, 0x36, 0xec,
+ 0xf2, 0x5b, 0xd3, 0xa2, 0x76, 0xf5, 0xa2, 0x2f, 0xbb, 0x42, 0x1d, 0x9c,
+ 0xa5, 0xb9, 0x20, 0xb7, 0xcc, 0xdb, 0xd9, 0x5c, 0xe0, 0x69, 0x10, 0xbb,
+ 0xae, 0xa3, 0xb4, 0x69, 0x86, 0xa0, 0x7e, 0xfa, 0xb5, 0x6d, 0xf2, 0xac,
+ 0x3c, 0x96, 0xe5, 0xb6, 0x07, 0xe5, 0x8a, 0x97, 0xb8, 0x90, 0xcb, 0x5a,
+ 0x23, 0x75, 0x56, 0xba, 0xf1, 0xbb, 0xf6, 0x10, 0x69, 0xc1, 0xf2, 0x57,
+ 0xec, 0xab, 0x8b, 0xbe, 0x19, 0x0f, 0x72, 0x79, 0x46, 0xcc, 0xcb, 0xac,
+ 0xab, 0xbe, 0x94, 0xae, 0xa4, 0x52, 0x43, 0xf4, 0x74, 0x05, 0x95, 0x33,
+ 0x97, 0xd5, 0x7c, 0x41, 0x92, 0xef, 0x33, 0x02, 0x64, 0x57, 0x8e, 0x14,
+ 0x05, 0x2c, 0xf4, 0x14, 0xc6, 0x62, 0x16, 0xa5, 0xc6, 0xe1, 0x38, 0x19,
+ 0x01, 0x9f, 0xd2, 0x68, 0x18, 0x20, 0xaf, 0x81, 0xd1, 0x62, 0xd8, 0x32,
+ 0x7a, 0x0e, 0x75, 0x85, 0x47, 0x43, 0xc2, 0xee, 0x8d, 0x96, 0xc7, 0xae,
+ 0x00, 0xc3, 0x29, 0xc5, 0xf5, 0xf4, 0xca, 0xdd, 0x05, 0x1b, 0xfd, 0x82,
+ 0x26, 0xa0, 0x67, 0xa0, 0x9f, 0xcb, 0x37, 0xe9, 0xe3, 0x3f, 0x79, 0x71,
+ 0x80, 0x7f, 0x12, 0xc2, 0xe8, 0x54, 0x60, 0x8b, 0x8b, 0xb9, 0x19, 0xe7,
+ 0x81, 0x70, 0x28, 0xd5, 0xf2, 0xb6, 0x3e, 0xb1, 0xc7, 0x66, 0x44, 0x4f,
+ 0xe3, 0xa8, 0xe1, 0xa1, 0x97, 0x9a, 0xea, 0x60, 0x6c, 0x1b, 0xdd, 0x93,
+ 0xd5, 0x76, 0x0e, 0xe8, 0xce, 0x8f, 0x75, 0x3f, 0x08, 0x55, 0x03, 0x55,
+ 0x2e, 0xd6, 0x93, 0xb8, 0x4a, 0xe4, 0xef, 0x18, 0xbc, 0x7d, 0x7e, 0x4a,
+ 0xae, 0x90, 0x5d, 0xd6, 0x53, 0x72, 0xff, 0x5b, 0xaa, 0x8b, 0x3b, 0x22,
+ 0xb4, 0x8d, 0x1c, 0xdc, 0x8d, 0x4d, 0x2b, 0xd6, 0x4a, 0x33, 0xaf, 0xa6,
+ 0x5c, 0xb3, 0x02, 0xfe, 0x57, 0x6e, 0x1f, 0xe8, 0x39, 0x0e, 0x62, 0x68,
+ 0x93, 0xa9, 0x7b, 0x64, 0x40, 0x2c, 0xc6, 0xea, 0xd6, 0x26, 0xf0, 0x0e,
+ 0x40, 0xdd, 0xf2, 0x6e, 0x6a, 0x2b, 0x9e, 0x0e, 0xd7, 0x03, 0xdf, 0x4c,
+ 0x00, 0x8a, 0x6a, 0xf4, 0x14, 0x4c, 0x5a, 0x61, 0x23, 0x93, 0x12, 0xeb,
+ 0x97, 0xe9, 0xfb, 0x6b, 0x63, 0xc4, 0x08, 0x54, 0xac, 0x01, 0xd0, 0xe8,
+ 0xb4, 0x6e, 0xee, 0x58, 0x3c, 0x4b, 0x89, 0xfa, 0xd8, 0x6e, 0x4f, 0x5c,
+ 0xb3, 0xdb, 0x51, 0x20, 0x63, 0x96, 0xa8, 0xef, 0x68, 0xbe, 0xbf, 0x0a,
+ 0x69, 0x71, 0x33, 0x2a, 0x57, 0x0c, 0x20, 0x21, 0x5f, 0xe5, 0x45, 0x4d,
+ 0xa0, 0x95, 0xd2, 0xb9, 0xe8, 0xc3, 0xbf, 0x6c, 0x77, 0xb8, 0xd8, 0x28,
+ 0x2b, 0xce, 0x68, 0x2c, 0xb5, 0x7b, 0xdd, 0x31, 0xae, 0xd8, 0xa4, 0xee,
+ 0x66, 0x7b, 0x3c, 0xc6, 0x6d, 0x58, 0xf3, 0xc2, 0xee, 0xff, 0x95, 0x98,
+ 0x2b, 0xff, 0x1a, 0x52, 0xc1, 0xca, 0xb2, 0xbe, 0x87, 0x79, 0x9b, 0xe1,
+ 0x19, 0x5c, 0xa5, 0x6c, 0x20, 0x8b, 0x2d, 0xa5, 0x46, 0x9d, 0xa7, 0x8a,
+ 0xa5, 0x2e, 0xb0, 0xe1, 0x54, 0x1d, 0x74, 0xb8, 0x2e, 0x55, 0x99, 0x74,
+ 0x7a, 0xe1, 0xe0, 0x81, 0xce, 0x64, 0x85, 0xb2, 0x5a, 0x1e, 0x57, 0xdc,
+ 0x60, 0xf0, 0xfe, 0x0f, 0xe2, 0x72, 0x96, 0xab, 0x68, 0x6d, 0xcb, 0x5a,
+ 0x1a, 0x32, 0xf0, 0x77, 0xda, 0x54, 0x36, 0x3d, 0x26, 0x12, 0x23, 0x23,
+ 0xcf, 0x01, 0xf3, 0x49, 0xe4, 0x68, 0x1f, 0x5b, 0x95, 0x50, 0x04, 0xb5,
+ 0x67, 0x49, 0xf5, 0x31, 0x0b, 0xb1, 0x2c, 0xf2, 0xb6, 0x26, 0xb4, 0x5d,
+ 0x27, 0x9f, 0x3d, 0x7d, 0x2f, 0xf0, 0x06, 0xd4, 0x95, 0xdc, 0x38, 0x0f,
+ 0xdb, 0xa8, 0xc8, 0x23, 0x9f, 0xe6, 0x6c, 0x4d, 0xe7, 0xdc, 0xeb, 0x30,
+ 0xdf, 0xc1, 0xfa, 0xeb, 0xa0, 0xa0, 0x08, 0x0f, 0xdc, 0xad, 0xf6, 0xe3,
+ 0xb3, 0x62, 0x62, 0x5b, 0xe4, 0xf7, 0x14, 0xda, 0x07, 0x2f, 0x75, 0x35,
+ 0xe4, 0xaf, 0x7c, 0xda, 0x8e, 0x2a, 0xf1, 0x62, 0x60, 0x8d, 0x63, 0xe3,
+ 0x9a, 0x98, 0x6a, 0xbe, 0x9b, 0xfb, 0x51, 0xd9, 0x40, 0x8f, 0xf5, 0x5c,
+ 0xb5, 0x32, 0xc0, 0xfd, 0x9e, 0xce, 0xa3, 0x64, 0xe5, 0x38, 0xf9, 0xd6,
+ 0xef, 0x85, 0x25, 0x70, 0xb8, 0x38, 0xc5, 0x12, 0xb9, 0x5d, 0xd5, 0x57,
+ 0xf0, 0x29, 0x76, 0xa0, 0x1d, 0xc7, 0x9b, 0xf2, 0xf8, 0xe8, 0xb3, 0xea,
+ 0x10, 0x28, 0x3d, 0xf2, 0x71, 0xa8, 0x2d, 0x12, 0xfa, 0x6a, 0x74, 0x61,
+ 0x05, 0x16, 0x98, 0x63, 0xcc, 0x70, 0x78, 0xdb, 0xe6, 0x39, 0x45, 0x83,
+ 0xd2, 0x16, 0x6d, 0x8e, 0xf5, 0x0e, 0xbc, 0x13, 0xf5, 0x37, 0x0c, 0xb4,
+ 0x86, 0x10, 0x0b, 0x07, 0xb6, 0xc6, 0x59, 0xbe, 0xfa, 0x70, 0xc9, 0x6a,
+ 0x29, 0xa7, 0xbe, 0x94, 0x0d, 0xde, 0xb8, 0x01, 0x87, 0xb2, 0xa0, 0xcf,
+ 0xa0, 0xb7, 0x2d, 0x4d, 0x26, 0x69, 0x15, 0x34, 0x23, 0x52, 0x4a, 0x82,
+ 0xce, 0xd7, 0xe2, 0x7a, 0xd3, 0x4c, 0x4c, 0x57, 0x37, 0xb3, 0xc9, 0xc4,
+ 0x4f, 0xec, 0xad, 0xd2, 0x1b, 0x95, 0xef, 0xa8, 0x1f, 0x43, 0xb6, 0x4f,
+ 0x66, 0x5a, 0xad, 0xf2, 0x64, 0x13, 0x4b, 0x0f, 0x0a, 0x02, 0x00, 0x2a,
+ 0x11, 0xb8, 0x53, 0x09, 0xaa, 0x08, 0x2f, 0x8c, 0x30, 0x68, 0x8e, 0x9c,
+ 0xd1, 0xb8, 0x0c, 0xf5, 0xd0, 0xb6, 0x8e, 0x1c, 0xdb, 0x2e, 0x0e, 0xaa,
+ 0x86, 0xcc, 0x86, 0x16, 0x3b, 0x8f, 0xe0, 0xa3, 0xb0, 0x36, 0x50, 0x25,
+ 0x11, 0x16, 0xd2, 0xc4, 0xc7, 0x2b, 0xbf, 0xa5, 0x25, 0xc5, 0xcb, 0x6e,
+ 0xd3, 0x8b, 0xca, 0x24, 0xec, 0x69, 0x1a, 0x75, 0x38, 0x3f, 0x60, 0x9b,
+ 0x17, 0xf6, 0x9c, 0x9a, 0xc1, 0xb2, 0xeb, 0xac, 0x20, 0x43, 0x73, 0x5f,
+ 0x6d, 0x6a, 0x53, 0xcf, 0x4a, 0xfd, 0x42, 0xa7, 0x2d, 0x98, 0xb0, 0x53,
+ 0x44, 0xad, 0xe2, 0x28, 0xf9, 0x61, 0xc3, 0x94, 0xef, 0x7e, 0x70, 0x3c,
+ 0x09, 0xf5, 0xd0, 0x30, 0x10, 0xc9, 0x15, 0xb2, 0x99, 0xbc, 0xb9, 0xbb,
+ 0x58, 0x72, 0x4d, 0x12, 0x80, 0x87, 0x8b, 0xd2, 0x3f, 0xf2, 0xa3, 0xc8,
+ 0x92, 0xde, 0xb1, 0xf8, 0xf4, 0x2c, 0x3b, 0x1a, 0x37, 0x10, 0xb9, 0xea,
+ 0x32, 0xc9, 0x34, 0xac, 0x3e, 0x6d, 0xb6, 0xd2, 0x7f, 0x02, 0x27, 0xfa,
+ 0x36, 0xca, 0x29, 0x18, 0x35, 0x7a, 0x3d, 0x75, 0x36, 0x38, 0x98, 0x8f,
+ 0x96, 0xa4, 0xaf, 0x17, 0x22, 0x2e, 0xdb, 0xaf, 0xbe, 0xd4, 0x1b, 0x42,
+ 0x92, 0x37, 0x1b, 0x85, 0x97, 0xd6, 0x98, 0xf6, 0x20, 0xfb, 0x9f, 0xbd,
+ 0xee, 0x7b, 0xd5, 0xb2, 0xed, 0x26, 0xfd, 0xc3, 0xd7, 0x36, 0x93, 0xb5,
+ 0xeb, 0xe9, 0xe2, 0xd9, 0xcc, 0x5c, 0x15, 0xf1, 0x63, 0xa2, 0xc8, 0x21,
+ 0xff, 0x3e, 0x06, 0x2e, 0x09, 0xe5, 0x2c, 0x57, 0xfe, 0x66, 0x36, 0x26,
+ 0x00, 0xd2, 0x2f, 0xe1, 0x4b, 0xfb, 0x55, 0x38, 0xfa, 0x29, 0xff, 0x3d,
+ 0x12, 0x28, 0xf8, 0xd8, 0xc0, 0x19, 0x55, 0xd3, 0xc6, 0xde, 0xb6, 0xa4,
+ 0xf7, 0x1a, 0x8c, 0xd3, 0x2b, 0x32, 0xc3, 0x45, 0x69, 0xd0, 0xc2, 0xf3,
+ 0x44, 0x07, 0x9a, 0x30, 0x3a, 0x68, 0xab, 0xdb, 0xa3, 0x05, 0x90, 0x57,
+ 0xef, 0x93, 0x8a, 0x09, 0x3a, 0xdc, 0xc1, 0x14, 0x00, 0x00, 0x3f, 0xd3,
+ 0x11, 0x16, 0x07, 0x89, 0xe8, 0x62, 0x63, 0x5a, 0x12, 0xba, 0x69, 0x56,
+ 0x66, 0x7e, 0xa8, 0xac, 0x65, 0xe4, 0xd3, 0xa3, 0xfa, 0x14, 0x63, 0xac,
+ 0x4b, 0x6e, 0xa5, 0x3d, 0x2e, 0xd7, 0xfa, 0xe0, 0xcf, 0x2f, 0x02, 0x80,
+ 0x6a, 0xfa, 0x35, 0xfe, 0xac, 0x29, 0x99, 0xa6, 0x07, 0xec, 0x54, 0xcb,
+ 0x0f, 0x16, 0x84, 0x6e, 0x65, 0x99, 0x52, 0x7c, 0xd7, 0x02, 0xa1, 0xdc,
+ 0xa8, 0x0d, 0x79, 0x4e, 0x1d, 0x87, 0x6f, 0xad, 0xe2, 0xb3, 0xed, 0x92,
+ 0xea, 0xe1, 0xcb, 0xa2, 0x50, 0xf0, 0x52, 0x53, 0x00, 0xaf, 0x02, 0xab,
+ 0xb3, 0xda, 0xed, 0xa8, 0x68, 0xc7, 0xf4, 0xb6, 0xa6, 0x7e, 0x43, 0x9c,
+ 0x4b, 0x18, 0x23, 0x3d, 0x02, 0x5a, 0xc9, 0x1b, 0x55, 0xda, 0x93, 0xc7,
+ 0x8d, 0x4d, 0xdd, 0xd3, 0xb2, 0x48, 0xf9, 0x6b, 0x98, 0x98, 0x12, 0x2a,
+ 0x59, 0x19, 0x7f, 0xfb, 0xc8, 0x2e, 0x08, 0x21, 0xc3, 0x49, 0x9c, 0x86,
+ 0xf4, 0xf8, 0x32, 0x82, 0x97, 0x49, 0x58, 0x1c, 0x3a, 0x22, 0xd3, 0x24,
+ 0x13, 0xf2, 0xc7, 0xa5, 0x71, 0x76, 0x40, 0x4c, 0x4a, 0x21, 0x04, 0x18,
+ 0x8c, 0xcc, 0x15, 0x37, 0xa9, 0xf6, 0x3b, 0x79, 0xe5, 0xc3, 0x7a, 0xba,
+ 0x2a, 0x5c, 0xc1, 0x35, 0x14, 0x5b, 0xd1, 0x13, 0x66, 0xaf, 0xe3, 0xc8,
+ 0xb9, 0x50, 0x82, 0x26, 0x5d, 0x6b, 0xc7, 0x72, 0x19, 0x4b, 0x7c, 0xa9,
+ 0xd6, 0xa3, 0xf8, 0x5a, 0xd6, 0x0e, 0xc6, 0x4e, 0xa0, 0x5a, 0xe5, 0x59,
+ 0x84, 0x6b, 0x42, 0x2d, 0x2d, 0x4d, 0x52, 0x62, 0x36, 0x11, 0x05, 0x3f,
+ 0xc8, 0x0b, 0xcf, 0x53, 0xd7, 0x5e, 0xb7, 0x18, 0x9e, 0xa4, 0xe0, 0xba,
+ 0xe2, 0x48, 0xb8, 0x9d, 0x97, 0x88, 0xa0, 0xd8, 0x47, 0x97, 0x82, 0x3b,
+ 0x08, 0x0b, 0x8b, 0x89, 0x6c, 0xaf, 0x95, 0xf2, 0xd7, 0x08, 0x1c, 0x9d,
+ 0x98, 0x0c, 0x20, 0x37, 0x3e, 0xc8, 0x18, 0xd3, 0x53, 0x9c, 0x4f, 0x4d,
+ 0x14, 0xd1, 0xac, 0xf9, 0x54, 0xf1, 0x54, 0x66, 0x39, 0x24, 0x22, 0x1a,
+ 0xfb, 0xf7, 0x2a, 0x1d, 0x13, 0x09, 0x58, 0x31, 0x4a, 0x0f, 0xac, 0x67,
+ 0xa6, 0xbe, 0xe8, 0x36, 0x1b, 0xd6, 0x05, 0xb3, 0x9a, 0xbb, 0x37, 0xb9,
+ 0xf5, 0x48, 0xe5, 0x89, 0x0c, 0x89, 0xbb, 0x02, 0x26, 0x86, 0x1d, 0x82,
+ 0xb9, 0xe7, 0xd7, 0x8e, 0x50, 0x19, 0xfc, 0xac, 0x6f, 0x65, 0xb5, 0xb2,
+ 0x21, 0xf7, 0xd4, 0x76, 0x92, 0x6e, 0x6f, 0x56, 0x01, 0x94, 0x01, 0xab,
+ 0x9e, 0x89, 0x05, 0x77, 0xa9, 0x65, 0x12, 0x2c, 0x62, 0xb2, 0xb1, 0xcc,
+ 0xac, 0x46, 0x02, 0x9f, 0x09, 0x7d, 0xa2, 0xac, 0x9e, 0x40, 0x83, 0x2a,
+ 0xd7, 0x9e, 0xc3, 0x7c, 0xa4, 0x8c, 0xa6, 0x01, 0xe3, 0x61, 0xc0, 0x09,
+ 0xb9, 0xdb, 0x8a, 0xfc, 0x11, 0x03, 0xa2, 0xbb, 0x1b, 0x13, 0x59, 0x9e,
+ 0xb6, 0x9b, 0x4b, 0xe8, 0x30, 0x4e, 0x6b, 0x8d, 0xd7, 0x04, 0x20, 0x3d,
+ 0x82, 0x53, 0xfb, 0x75, 0x6f, 0x43, 0xdf, 0x05, 0x44, 0xb1, 0x7a, 0x94,
+ 0x83, 0x9d, 0x55, 0x3d, 0x65, 0xa4, 0xdf, 0x78, 0x4a, 0xf1, 0x15, 0xb3,
+ 0x6b, 0x4a, 0x23, 0xfa, 0xcf, 0x52, 0xc6, 0xa4, 0x3c, 0x98, 0x54, 0xc6,
+ 0x3b, 0x5f, 0x90, 0x83, 0x67, 0x70, 0xbe, 0x5d, 0x93, 0x24, 0x32, 0xb2,
+ 0xbc, 0x56, 0x81, 0x89, 0x91, 0x8d, 0xf9, 0x17, 0x56, 0x2d, 0xd4, 0xec,
+ 0x0d, 0x17, 0xd9, 0x35, 0x05, 0x46, 0x29, 0x60, 0xf0, 0x6f, 0x3a, 0x9d,
+ 0x20, 0x5d, 0xee, 0x3c, 0x30, 0x72, 0xee, 0x39, 0xbc, 0x2b, 0xf8, 0xcb,
+ 0x94, 0xff, 0x65, 0x8e, 0x1c, 0x51, 0xfa, 0x1e, 0xd9, 0xb9, 0xc2, 0xcb,
+ 0x29, 0x4b, 0x45, 0x67, 0x70, 0x7c, 0x38, 0xf1, 0xd8, 0xd1, 0xba, 0xa9,
+ 0xae, 0x1f, 0xff, 0x80, 0x76, 0x8b, 0x5b, 0xe0, 0x2c, 0xcd, 0xe5, 0x9f,
+ 0x39, 0x38, 0x62, 0x91, 0x62, 0x40, 0x37, 0xf9, 0x87, 0x65, 0xc9, 0x62,
+ 0x53, 0xe9, 0xbf, 0xb0, 0x22, 0x72, 0x9e, 0x85, 0xf8, 0xa3, 0x9e, 0xa8,
+ 0x71, 0x46, 0xef, 0xd5, 0xec, 0x5d, 0xa0, 0x47, 0x58, 0x96, 0xc7, 0x53,
+ 0xdf, 0x69, 0x9e, 0xc5, 0xb0, 0x6c, 0x34, 0x6a, 0x85, 0xb3, 0xa2, 0xa2,
+ 0x6d, 0x04, 0x0c, 0xd0, 0x31, 0xdd, 0x0c, 0x78, 0x69, 0x9e, 0x4b, 0x79,
+ 0xde, 0xb6, 0x1d, 0x86, 0x83, 0x04, 0x98, 0x54, 0x97, 0x04, 0xae, 0xa2,
+ 0xc1, 0xd9, 0xe5, 0x3d, 0xda, 0x98, 0x02, 0xb5, 0xad, 0x67, 0x0b, 0x7c,
+ 0xb3, 0x6d, 0x0a, 0x40, 0xbe, 0xf2, 0x3a, 0x63, 0x1a, 0x34, 0x64, 0xbe,
+ 0x76, 0x83, 0x82, 0x39, 0xfa, 0xb6, 0x6f, 0xc1, 0x9a, 0x9f, 0xb1, 0x5c,
+ 0x8c, 0x86, 0x39, 0xf5, 0xcf, 0x78, 0x5e, 0x9e, 0x07, 0x17, 0xcb, 0x69,
+ 0x74, 0x19, 0x4a, 0x48, 0x48, 0x50, 0xda, 0xae, 0xfa, 0xa2, 0xd4, 0xb8,
+ 0x11, 0x00, 0x1a, 0x22, 0x69, 0x9c, 0x83, 0xf8, 0x00, 0x17, 0x65, 0xf9,
+ 0x18, 0xc9, 0xef, 0x99, 0x0f, 0x91, 0x4b, 0x90, 0x4d, 0xb5, 0x8c, 0x20,
+ 0x76, 0x7a, 0x2b, 0x7c, 0x21, 0xf6, 0x2e, 0x45, 0x32, 0xd3, 0x53, 0x80,
+ 0xd0, 0xfc, 0xb1, 0xd2, 0x1c, 0x27, 0x33, 0x75, 0x4c, 0x6a, 0xaa, 0xfb,
+ 0x68, 0x7b, 0x10, 0x6c, 0x93, 0xca, 0x2f, 0xa6, 0x50, 0x9c, 0x55, 0x63,
+ 0x65, 0x4f, 0xd9, 0xcf, 0xee, 0x88, 0x8c, 0xf5, 0x96, 0x9a, 0x72, 0x52,
+ 0x2e, 0xe5, 0xc0, 0xdf, 0xbc, 0x95, 0x68, 0x82, 0x97, 0xe8, 0x4f, 0xe2,
+ 0x4c, 0x3a, 0x8c, 0xe5, 0xe4, 0x36, 0xd9, 0x7d, 0xd0, 0xd1, 0xce, 0xd6,
+ 0xd4, 0x50, 0xd3, 0xee, 0x77, 0x14, 0x3e, 0x14, 0x1a, 0x47, 0x1d, 0xa7,
+ 0x3b, 0x30, 0x1f, 0x99, 0x6b, 0x1e, 0x93, 0x27, 0xbd, 0x62, 0x09, 0x27,
+ 0xbc, 0x9f, 0xcd, 0x94, 0x3b, 0x97, 0x89, 0x23, 0xc3, 0x56, 0xde, 0x87,
+ 0x92, 0xa8, 0xc9, 0x3e, 0x37, 0x6a, 0x14, 0xf2, 0x84, 0x79, 0x23, 0x1d,
+ 0xc0, 0x8f, 0x25, 0xc0, 0xc1, 0x0a, 0x22, 0x45, 0x5f, 0xf4, 0x4e, 0xbf,
+ 0x3f, 0x71, 0x88, 0x9b, 0x36, 0x20, 0x5b, 0x96, 0xc0, 0x20, 0xba, 0x15,
+ 0x8d, 0x7d, 0xef, 0x96, 0x1f, 0x79, 0xb5, 0x8c, 0x4c, 0x51, 0xd9, 0x38,
+ 0x35, 0x57, 0x24, 0x73, 0xbe, 0x21, 0xb1, 0xf7, 0x23, 0x89, 0x3c, 0x13,
+ 0x13, 0xd9, 0x70, 0x12, 0x8c, 0x41, 0x18, 0xab, 0xb9, 0xb0, 0x9e, 0x11,
+ 0x4e, 0x1d, 0xb6, 0x99, 0xd2, 0xb2, 0x9f, 0x14, 0x5b, 0x15, 0xfd, 0xc8,
+ 0x2f, 0xfb, 0xac, 0x10, 0xcc, 0x37, 0x92, 0xd9, 0x54, 0xab, 0x83, 0x0c,
+ 0xc8, 0xad, 0x4d, 0xe0, 0x33, 0x41, 0x1e, 0xd8, 0xce, 0xff, 0x44, 0x87,
+ 0x64, 0x04, 0x30, 0x33, 0x55, 0x3f, 0x1b, 0xe2, 0x3b, 0x42, 0x2b, 0x3c,
+ 0x52, 0x28, 0xbd, 0x35, 0x44, 0xa1, 0xc9, 0xa4, 0x27, 0x23, 0x52, 0xe9,
+ 0x74, 0xbc, 0x70, 0x1a, 0x54, 0x65, 0x1c, 0x02, 0xeb, 0xa0, 0x41, 0x8e,
+ 0x3f, 0x14, 0x92, 0x04, 0x44, 0x1d, 0x30, 0x1e, 0x33, 0x31, 0x17, 0x4f,
+ 0xed, 0xbc, 0xc5, 0xa1, 0x8f, 0xc7, 0x54, 0x72, 0xee, 0x93, 0x7e, 0x0a,
+ 0x57, 0x00, 0xdd, 0x93, 0xc5, 0xe5, 0xc7, 0xa1, 0x37, 0x7f, 0x66, 0x07,
+ 0xa8, 0x94, 0x90, 0x61, 0xd5, 0x08, 0x9d, 0xd7, 0xce, 0x1f, 0x76, 0xff,
+ 0x6e, 0xaa, 0x50, 0x93, 0x36, 0xda, 0x34, 0xf9, 0x85, 0x7f, 0x0f, 0x87,
+ 0x90, 0x93, 0x9e, 0x54, 0x5d, 0x48, 0xe7, 0xa3, 0x66, 0xb6, 0xb8, 0xd1,
+ 0x09, 0x69, 0x55, 0x93, 0xcb, 0x70, 0x2d, 0xea, 0xe6, 0x6c, 0xe5, 0x54,
+ 0x08, 0x7d, 0x26, 0x38, 0x1c, 0x8c, 0x1d, 0xc1, 0xfd, 0x54, 0xa3, 0x3e,
+ 0x5a, 0x1f, 0x7a, 0xb9, 0x17, 0xec, 0x14, 0x1a, 0xba, 0x73, 0x97, 0x34,
+ 0x04, 0x03, 0xc9, 0x90, 0xfc, 0x21, 0xcc, 0xb5, 0xec, 0x9b, 0x25, 0x81,
+ 0x96, 0x5c, 0xc5, 0x00, 0xa8, 0xdd, 0x32, 0x5b, 0xdc, 0xd1, 0x23, 0xdb,
+ 0xc2, 0x0c, 0xed, 0x22, 0xb2, 0xd5, 0x49, 0xae, 0xb1, 0x10, 0x10, 0xb8,
+ 0xdf, 0xb0, 0xf8, 0x51, 0xee, 0x6f, 0x23, 0x85, 0xb8, 0xe7, 0x45, 0x17,
+ 0x21, 0x32, 0x17, 0x66, 0x73, 0x31, 0x09, 0x02, 0xa6, 0x82, 0x30, 0x7f,
+ 0x9d, 0xc4, 0x54, 0x41, 0x83, 0x5e, 0xc2, 0x42, 0xff, 0x0f, 0x85, 0x40,
+ 0xe6, 0x86, 0x6c, 0x31, 0x9c, 0xbb, 0x86, 0xa9, 0xde, 0xf6, 0xda, 0x34,
+ 0x1b, 0x22, 0x4b, 0xba, 0x65, 0x31, 0x4f, 0xbb, 0x28, 0x58, 0x9d, 0x96,
+ 0x73, 0x5f, 0x5c, 0x16, 0x42, 0x15, 0x47, 0x3e, 0xa0, 0xf5, 0xf1, 0x0d,
+ 0xbe, 0x51, 0x21, 0x64, 0x8d, 0xf1, 0x93, 0x21, 0x62, 0x2c, 0x34, 0x25,
+ 0x99, 0x64, 0xe2, 0x70, 0xb4, 0x34, 0x17, 0x6f, 0x92, 0x38, 0x31, 0x20,
+ 0x45, 0x6d, 0x84, 0x5e, 0xe4, 0xd0, 0x3f, 0x78, 0xab, 0xa9, 0x8f, 0x33,
+ 0xa3, 0xc7, 0x74, 0x6f, 0x33, 0x38, 0x17, 0xe8, 0xa9, 0x55, 0xa7, 0x5a,
+ 0x51, 0xf1, 0x94, 0xe2, 0xa7, 0x25, 0x06, 0x6d, 0x1c, 0x2b, 0xf8, 0x1c,
+ 0xcf, 0xff, 0xab, 0xc0, 0xdc, 0x64, 0xc5, 0x77, 0xcb, 0x3c, 0x8a, 0xac,
+ 0x4d, 0x07, 0xc5, 0x4f, 0x7d, 0x64, 0xee, 0x20, 0x30, 0xa9, 0x08, 0x88,
+ 0xf1, 0x6c, 0x53, 0x4f, 0x60, 0xe0, 0x46, 0x1e, 0x2d, 0xf9, 0x59, 0xfd,
+ 0xd6, 0x52, 0x09, 0x56, 0x19, 0x5c, 0x14, 0x47, 0xd2, 0x9c, 0x8f, 0x59,
+ 0x64, 0xde, 0x15, 0xeb, 0xec, 0x60, 0xc4, 0x9f, 0xbc, 0xd3, 0xde, 0x37,
+ 0x0a, 0xc0, 0x68, 0xcb, 0xc5, 0x2f, 0x91, 0xf1, 0xb4, 0x33, 0x82, 0x9d,
+ 0x1e, 0x33, 0x2e, 0x9d, 0xfe, 0x9a, 0x5f, 0x8a, 0xa9, 0x19, 0x9e, 0x5b,
+ 0xdb, 0x2c, 0x9a, 0xcf, 0x99, 0x58, 0x7f, 0x00, 0xdd, 0x85, 0x96, 0xff,
+ 0x3e, 0xd0, 0x0a, 0xd2, 0xa3, 0xc5, 0x93, 0xba, 0xa3, 0x8a, 0x6e, 0x9a,
+ 0x36, 0xa9, 0x85, 0x89, 0x8a, 0x96, 0x5b, 0x94, 0x0e, 0xc3, 0x02, 0xe2,
+ 0x5d, 0x62, 0x8b, 0x2c, 0x55, 0x47, 0xfb, 0x50, 0xde, 0x18, 0x01, 0x03,
+ 0xe4, 0xfb, 0xf7, 0x42, 0x22, 0xfb, 0xd4, 0xfd};
diff --git a/src/crypto/fipsmodule/slhdsa/slhdsa.cc.inc b/src/crypto/fipsmodule/slhdsa/slhdsa.cc.inc
index 40bf75b..b3e5644 100644
--- a/src/crypto/fipsmodule/slhdsa/slhdsa.cc.inc
+++ b/src/crypto/fipsmodule/slhdsa/slhdsa.cc.inc
@@ -29,15 +29,23 @@
#include "thash.h"
+namespace {
+
+namespace fips {
+void ensure_keygen_self_test();
+void ensure_sign_self_test();
+void ensure_verify_self_test();
+} // namespace fips
+
// The OBJECT IDENTIFIER header is also included in these values, per the spec.
-static const uint8_t kSHA256OID[] = {0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
- 0x65, 0x03, 0x04, 0x02, 0x01};
-static const uint8_t kSHA384OID[] = {0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
- 0x65, 0x03, 0x04, 0x02, 0x02};
+const uint8_t kSHA256OID[] = {0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
+ 0x65, 0x03, 0x04, 0x02, 0x01};
+const uint8_t kSHA384OID[] = {0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
+ 0x65, 0x03, 0x04, 0x02, 0x02};
#define MAX_OID_LENGTH 11
#define MAX_CONTEXT_LENGTH 255
-bcm_infallible BCM_slhdsa_sha2_128s_generate_key_from_seed(
+bcm_infallible generate_key_from_seed_no_self_test(
uint8_t out_public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
uint8_t out_secret_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES],
const uint8_t seed[3 * BCM_SLHDSA_SHA2_128S_N]) {
@@ -57,30 +65,33 @@
OPENSSL_memcpy(out_secret_key + 3 * BCM_SLHDSA_SHA2_128S_N,
out_public_key + BCM_SLHDSA_SHA2_128S_N,
BCM_SLHDSA_SHA2_128S_N);
- return bcm_infallible::approved;
-}
-bcm_infallible BCM_slhdsa_sha2_128s_generate_key(
- uint8_t out_public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
- uint8_t out_private_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES]) {
- uint8_t seed[3 * BCM_SLHDSA_SHA2_128S_N];
- RAND_bytes(seed, 3 * BCM_SLHDSA_SHA2_128S_N);
- BCM_slhdsa_sha2_128s_generate_key_from_seed(out_public_key, out_private_key,
- seed);
- return bcm_infallible::approved;
-}
+ // FIPS 140-3 IG 10.3.A comment 1 says of the pair-wise consistency test for
+ // SLH-DSA:
+ //
+ // "For key pairs generated for use with approved algorithms in SP 800-208 and
+ // FIPS 205, the PCT (described by the tester in TE10.35.02) may be limited to
+ // confirming the same key identifier (I in the case of LMS, SEED in the case
+ // of XMSS and PK.SEED for SLH-DSA) is shared by the resulting public and
+ // private key following generation."
+ //
+ // Since this is cheap, we always do this.
-bcm_infallible BCM_slhdsa_sha2_128s_public_from_private(
- uint8_t out_public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
- const uint8_t private_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES]) {
- OPENSSL_memcpy(out_public_key, private_key + 2 * BCM_SLHDSA_SHA2_128S_N,
- BCM_SLHDSA_SHA2_128S_N * 2);
- return bcm_infallible::approved;
+ if (boringssl_fips_break_test("SLHDSA_PWCT")) {
+ out_public_key[0] ^= 1;
+ }
+ if (OPENSSL_memcmp(out_public_key,
+ out_secret_key + 2 * BCM_SLHDSA_SHA2_128S_N,
+ BCM_SLHDSA_SHA2_128S_N) != 0) {
+ abort();
+ }
+
+ return bcm_infallible::not_approved;
}
// Note that this overreads by a byte. This is fine in the context that it's
// used.
-static uint64_t load_tree_index(const uint8_t in[8]) {
+uint64_t load_tree_index(const uint8_t in[8]) {
static_assert(SLHDSA_SHA2_128S_TREE_BYTES == 7,
"This code needs to be updated");
uint64_t index = CRYPTO_load_u64_be(in);
@@ -90,7 +101,7 @@
}
// Implements Algorithm 22: slh_sign function (Section 10.2.1, page 39)
-bcm_infallible BCM_slhdsa_sha2_128s_sign_internal(
+bcm_infallible sign_internal_no_self_test(
uint8_t out_signature[BCM_SLHDSA_SHA2_128S_SIGNATURE_BYTES],
const uint8_t secret_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES],
const uint8_t header[BCM_SLHDSA_M_PRIME_HEADER_LEN], const uint8_t *context,
@@ -139,6 +150,189 @@
return bcm_infallible::approved;
}
+bcm_status verify_internal(
+ const uint8_t *signature, size_t signature_len,
+ const uint8_t public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
+ const uint8_t header[BCM_SLHDSA_M_PRIME_HEADER_LEN], const uint8_t *context,
+ size_t context_len, const uint8_t *msg, size_t msg_len) {
+ if (signature_len != BCM_SLHDSA_SHA2_128S_SIGNATURE_BYTES) {
+ return bcm_status::failure;
+ }
+ const uint8_t *pk_seed = public_key;
+ const uint8_t *pk_root = public_key + BCM_SLHDSA_SHA2_128S_N;
+
+ const uint8_t *r = signature;
+ const uint8_t *sig_fors = signature + BCM_SLHDSA_SHA2_128S_N;
+ const uint8_t *sig_ht = sig_fors + SLHDSA_SHA2_128S_FORS_BYTES;
+
+ uint8_t digest[SLHDSA_SHA2_128S_DIGEST_SIZE];
+ slhdsa_thash_hmsg(digest, r, pk_seed, pk_root, header, context, context_len,
+ msg, msg_len);
+
+ uint8_t fors_digest[SLHDSA_SHA2_128S_FORS_MSG_BYTES];
+ OPENSSL_memcpy(fors_digest, digest, SLHDSA_SHA2_128S_FORS_MSG_BYTES);
+
+ const uint64_t idx_tree =
+ load_tree_index(digest + SLHDSA_SHA2_128S_FORS_MSG_BYTES);
+ uint32_t idx_leaf = CRYPTO_load_u16_be(
+ digest + SLHDSA_SHA2_128S_FORS_MSG_BYTES + SLHDSA_SHA2_128S_TREE_BYTES);
+ idx_leaf &= (~(uint32_t)0) >> (32 - SLHDSA_SHA2_128S_LEAF_BITS);
+
+ uint8_t addr[32] = {0};
+ slhdsa_set_tree_addr(addr, idx_tree);
+ slhdsa_set_type(addr, SLHDSA_SHA2_128S_ADDR_TYPE_FORSTREE);
+ slhdsa_set_keypair_addr(addr, idx_leaf);
+
+ uint8_t pk_fors[BCM_SLHDSA_SHA2_128S_N];
+ slhdsa_fors_pk_from_sig(pk_fors, sig_fors, fors_digest, pk_seed, addr);
+
+ if (!slhdsa_ht_verify(sig_ht, pk_fors, idx_tree, idx_leaf, pk_root,
+ pk_seed)) {
+ return bcm_status::failure;
+ }
+
+ return bcm_status::approved;
+}
+
+namespace fips {
+
+#include "fips_known_values.inc"
+
+static int keygen_self_test() {
+ uint8_t seed[3 * BCM_SLHDSA_SHA2_128S_N] = {0};
+ uint8_t pub[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES];
+ uint8_t priv[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES];
+ generate_key_from_seed_no_self_test(pub, priv, seed);
+
+ static_assert(sizeof(kExpectedPublicKey) == sizeof(pub));
+ static_assert(sizeof(kExpectedPrivateKey) == sizeof(priv));
+ if (!BORINGSSL_check_test(kExpectedPublicKey, pub, sizeof(pub),
+ "SLH-DSA public key") ||
+ !BORINGSSL_check_test(kExpectedPrivateKey, priv, sizeof(priv),
+ "SLH-DSA private key")) {
+ return 0;
+ }
+
+ return 1;
+}
+
+static int sign_self_test() {
+ uint8_t header[BCM_SLHDSA_M_PRIME_HEADER_LEN] = {0};
+ uint8_t entropy[BCM_SLHDSA_SHA2_128S_N] = {0};
+ uint8_t sig[BCM_SLHDSA_SHA2_128S_SIGNATURE_BYTES];
+ sign_internal_no_self_test(sig, kExpectedPrivateKey, header, nullptr, 0,
+ nullptr, 0, entropy);
+ uint8_t digest[32];
+ SHA256(sig, sizeof(sig), digest);
+
+ static_assert(sizeof(kExpectedSignatureSHA256) == sizeof(digest));
+ if (!BORINGSSL_check_test(kExpectedSignatureSHA256, digest, sizeof(digest),
+ "SLH-DSA signature")) {
+ return 0;
+ }
+
+ return 1;
+}
+
+static int verify_self_test() {
+ uint8_t header[BCM_SLHDSA_M_PRIME_HEADER_LEN] = {0};
+ return verify_internal(kExpectedSignature, sizeof(kExpectedSignature),
+ kExpectedPublicKey, header, nullptr, 0, nullptr,
+ 0) == bcm_status::approved;
+}
+
+#if defined(BORINGSSL_FIPS)
+
+DEFINE_STATIC_ONCE(g_slhdsa_keygen_self_test_once)
+
+void ensure_keygen_self_test(void) {
+ CRYPTO_once(g_slhdsa_keygen_self_test_once_bss_get(), []() {
+ if (!keygen_self_test()) {
+ BORINGSSL_FIPS_abort();
+ }
+ });
+}
+
+DEFINE_STATIC_ONCE(g_slhdsa_sign_self_test_once)
+
+void ensure_sign_self_test(void) {
+ CRYPTO_once(g_slhdsa_sign_self_test_once_bss_get(), []() {
+ if (!sign_self_test()) {
+ BORINGSSL_FIPS_abort();
+ }
+ });
+}
+
+DEFINE_STATIC_ONCE(g_slhdsa_verify_self_test_once)
+
+void ensure_verify_self_test(void) {
+ CRYPTO_once(g_slhdsa_verify_self_test_once_bss_get(), []() {
+ if (!verify_self_test()) {
+ BORINGSSL_FIPS_abort();
+ }
+ });
+}
+
+#else
+
+void ensure_keygen_self_test(void) {}
+void ensure_sign_self_test(void) {}
+void ensure_verify_self_test(void) {}
+
+#endif
+
+} // namespace fips
+
+} // namespace
+
+bcm_infallible BCM_slhdsa_sha2_128s_generate_key_from_seed(
+ uint8_t out_public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
+ uint8_t out_secret_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES],
+ const uint8_t seed[3 * BCM_SLHDSA_SHA2_128S_N]) {
+ fips::ensure_keygen_self_test();
+ return generate_key_from_seed_no_self_test(out_public_key, out_secret_key,
+ seed);
+}
+
+bcm_status BCM_slhdsa_sha2_128s_generate_key_from_seed_fips(
+ uint8_t out_public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
+ uint8_t out_secret_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES],
+ const uint8_t seed[3 * BCM_SLHDSA_SHA2_128S_N]) {
+ if (out_public_key == nullptr || out_secret_key == nullptr) {
+ return bcm_status::failure;
+ }
+ BCM_slhdsa_sha2_128s_generate_key_from_seed(out_public_key, out_secret_key,
+ seed);
+ return bcm_status::approved;
+}
+
+bcm_infallible BCM_slhdsa_sha2_128s_generate_key(
+ uint8_t out_public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
+ uint8_t out_private_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES]) {
+ uint8_t seed[3 * BCM_SLHDSA_SHA2_128S_N];
+ RAND_bytes(seed, 3 * BCM_SLHDSA_SHA2_128S_N);
+ return BCM_slhdsa_sha2_128s_generate_key_from_seed(out_public_key,
+ out_private_key, seed);
+}
+
+bcm_status BCM_slhdsa_sha2_128s_generate_key_fips(
+ uint8_t out_public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
+ uint8_t out_private_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES]) {
+ if (out_public_key == nullptr || out_private_key == nullptr) {
+ return bcm_status::failure;
+ }
+ BCM_slhdsa_sha2_128s_generate_key(out_public_key, out_private_key);
+ return bcm_status::approved;
+}
+
+bcm_infallible BCM_slhdsa_sha2_128s_public_from_private(
+ uint8_t out_public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
+ const uint8_t private_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES]) {
+ OPENSSL_memcpy(out_public_key, private_key + 2 * BCM_SLHDSA_SHA2_128S_N,
+ BCM_SLHDSA_SHA2_128S_N * 2);
+ return bcm_infallible::approved;
+}
+
bcm_status BCM_slhdsa_sha2_128s_sign(
uint8_t out_signature[BCM_SLHDSA_SHA2_128S_SIGNATURE_BYTES],
const uint8_t private_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES],
@@ -208,6 +402,16 @@
return 1;
}
+bcm_infallible BCM_slhdsa_sha2_128s_sign_internal(
+ uint8_t out_signature[BCM_SLHDSA_SHA2_128S_SIGNATURE_BYTES],
+ const uint8_t secret_key[BCM_SLHDSA_SHA2_128S_PRIVATE_KEY_BYTES],
+ const uint8_t header[BCM_SLHDSA_M_PRIME_HEADER_LEN], const uint8_t *context,
+ size_t context_len, const uint8_t *msg, size_t msg_len,
+ const uint8_t entropy[BCM_SLHDSA_SHA2_128S_N]) {
+ fips::ensure_sign_self_test();
+ return sign_internal_no_self_test(out_signature, secret_key, header, context,
+ context_len, msg, msg_len, entropy);
+}
bcm_status BCM_slhdsa_sha2_128s_prehash_sign(
uint8_t out_signature[BCM_SLHDSA_SHA2_128S_SIGNATURE_BYTES],
@@ -289,41 +493,12 @@
const uint8_t public_key[BCM_SLHDSA_SHA2_128S_PUBLIC_KEY_BYTES],
const uint8_t header[BCM_SLHDSA_M_PRIME_HEADER_LEN], const uint8_t *context,
size_t context_len, const uint8_t *msg, size_t msg_len) {
- if (signature_len != BCM_SLHDSA_SHA2_128S_SIGNATURE_BYTES) {
- return bcm_status::failure;
- }
- const uint8_t *pk_seed = public_key;
- const uint8_t *pk_root = public_key + BCM_SLHDSA_SHA2_128S_N;
+ fips::ensure_verify_self_test();
+ return verify_internal(signature, signature_len, public_key, header, context,
+ context_len, msg, msg_len);
+}
- const uint8_t *r = signature;
- const uint8_t *sig_fors = signature + BCM_SLHDSA_SHA2_128S_N;
- const uint8_t *sig_ht = sig_fors + SLHDSA_SHA2_128S_FORS_BYTES;
-
- uint8_t digest[SLHDSA_SHA2_128S_DIGEST_SIZE];
- slhdsa_thash_hmsg(digest, r, pk_seed, pk_root, header, context, context_len,
- msg, msg_len);
-
- uint8_t fors_digest[SLHDSA_SHA2_128S_FORS_MSG_BYTES];
- OPENSSL_memcpy(fors_digest, digest, SLHDSA_SHA2_128S_FORS_MSG_BYTES);
-
- const uint64_t idx_tree =
- load_tree_index(digest + SLHDSA_SHA2_128S_FORS_MSG_BYTES);
- uint32_t idx_leaf = CRYPTO_load_u16_be(
- digest + SLHDSA_SHA2_128S_FORS_MSG_BYTES + SLHDSA_SHA2_128S_TREE_BYTES);
- idx_leaf &= (~(uint32_t)0) >> (32 - SLHDSA_SHA2_128S_LEAF_BITS);
-
- uint8_t addr[32] = {0};
- slhdsa_set_tree_addr(addr, idx_tree);
- slhdsa_set_type(addr, SLHDSA_SHA2_128S_ADDR_TYPE_FORSTREE);
- slhdsa_set_keypair_addr(addr, idx_leaf);
-
- uint8_t pk_fors[BCM_SLHDSA_SHA2_128S_N];
- slhdsa_fors_pk_from_sig(pk_fors, sig_fors, fors_digest, pk_seed, addr);
-
- if (!slhdsa_ht_verify(sig_ht, pk_fors, idx_tree, idx_leaf, pk_root,
- pk_seed)) {
- return bcm_status::failure;
- }
-
- return bcm_status::approved;
+int boringssl_self_test_slhdsa() {
+ return fips::keygen_self_test() && fips::sign_self_test() &&
+ fips::verify_self_test();
}
diff --git a/src/crypto/fuzzer_mode.cc b/src/crypto/fuzzer_mode.cc
new file mode 100644
index 0000000..e741552
--- /dev/null
+++ b/src/crypto/fuzzer_mode.cc
@@ -0,0 +1,30 @@
+// Copyright 2025 The BoringSSL Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include <openssl/crypto.h>
+
+#include "internal.h"
+
+
+#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
+static CRYPTO_atomic_u32 fuzzer_mode_enabled = 0;
+
+int CRYPTO_fuzzer_mode_enabled(void) {
+ return CRYPTO_atomic_load_u32(&fuzzer_mode_enabled);
+}
+
+void CRYPTO_set_fuzzer_mode(int enabled) {
+ CRYPTO_atomic_store_u32(&fuzzer_mode_enabled, !!enabled);
+}
+#endif // FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
diff --git a/src/crypto/hrss/asm/poly_rq_mul.S b/src/crypto/hrss/asm/poly_rq_mul.S
index 2b99d0e..abbc4e3 100644
--- a/src/crypto/hrss/asm/poly_rq_mul.S
+++ b/src/crypto/hrss/asm/poly_rq_mul.S
@@ -8475,6 +8475,7 @@
vpaddw 2752(%r8), %ymm11, %ymm11
vpand mask_mod8192(%rip), %ymm11, %ymm11
vmovdqu %ymm11, 1320(%rdi)
+vzeroupper
pop %r12
.cfi_restore r12
pop %rbp
diff --git a/src/crypto/hrss/internal.h b/src/crypto/hrss/internal.h
index 44066cf..ab7ebc8 100644
--- a/src/crypto/hrss/internal.h
+++ b/src/crypto/hrss/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_HRSS_INTERNAL_H
-#define OPENSSL_HEADER_HRSS_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_HRSS_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_HRSS_INTERNAL_H
#include <openssl/base.h>
#include "../internal.h"
@@ -65,4 +65,4 @@
} // extern "C"
#endif
-#endif // !OPENSSL_HEADER_HRSS_INTERNAL_H
+#endif // !OPENSSL_HEADER_CRYPTO_HRSS_INTERNAL_H
diff --git a/src/crypto/impl_dispatch_test.cc b/src/crypto/impl_dispatch_test.cc
index 7172a3c..070cc91 100644
--- a/src/crypto/impl_dispatch_test.cc
+++ b/src/crypto/impl_dispatch_test.cc
@@ -38,8 +38,8 @@
ssse3_ = CRYPTO_is_SSSE3_capable();
vaes_ = CRYPTO_is_VAES_capable() && CRYPTO_is_VPCLMULQDQ_capable() &&
CRYPTO_is_AVX2_capable();
- avx10_ = CRYPTO_is_AVX512BW_capable() && CRYPTO_is_AVX512VL_capable() &&
- CRYPTO_is_BMI2_capable();
+ avx512_ = CRYPTO_is_AVX512BW_capable() && CRYPTO_is_AVX512VL_capable() &&
+ CRYPTO_is_BMI2_capable();
avoid_zmm_ = CRYPTO_cpu_avoid_zmm_registers();
is_x86_64_ =
#if defined(OPENSSL_X86_64)
@@ -81,7 +81,7 @@
bool ssse3_ = false;
bool is_x86_64_ = false;
bool vaes_ = false;
- bool avx10_ = false;
+ bool avx512_ = false;
bool avoid_zmm_ = false;
#endif
};
@@ -95,8 +95,8 @@
constexpr size_t kFlag_aes_hw_set_encrypt_key = 3;
constexpr size_t kFlag_vpaes_encrypt = 4;
constexpr size_t kFlag_vpaes_set_encrypt_key = 5;
-constexpr size_t kFlag_aes_gcm_enc_update_vaes_avx10_512 = 7;
-constexpr size_t kFlag_aes_gcm_enc_update_vaes_avx2 = 8;
+constexpr size_t kFlag_aes_gcm_enc_update_vaes_avx2 = 6;
+constexpr size_t kFlag_aes_gcm_enc_update_vaes_avx512 = 7;
TEST_F(ImplDispatchTest, AEAD_AES_GCM) {
AssertFunctionsHit(
@@ -108,10 +108,10 @@
is_x86_64_ && aesni_ && avx_movbe_ && !vaes_},
{kFlag_vpaes_encrypt, ssse3_ && !aesni_},
{kFlag_vpaes_set_encrypt_key, ssse3_ && !aesni_},
- {kFlag_aes_gcm_enc_update_vaes_avx10_512,
- is_x86_64_ && vaes_ && avx10_ && !avoid_zmm_},
{kFlag_aes_gcm_enc_update_vaes_avx2,
- is_x86_64_ && vaes_ && !(avx10_ && !avoid_zmm_)},
+ is_x86_64_ && vaes_ && !(avx512_ && !avoid_zmm_)},
+ {kFlag_aes_gcm_enc_update_vaes_avx512,
+ is_x86_64_ && vaes_ && avx512_ && !avoid_zmm_},
},
[] {
const uint8_t kZeros[16] = {0};
diff --git a/src/crypto/internal.h b/src/crypto/internal.h
index 4b14217..2f8c746 100644
--- a/src/crypto/internal.h
+++ b/src/crypto/internal.h
@@ -21,6 +21,7 @@
#include <openssl/thread.h>
#include <assert.h>
+#include <stdlib.h>
#include <string.h>
#if defined(BORINGSSL_CONSTANT_TIME_VALIDATION)
@@ -47,9 +48,7 @@
#endif
#if defined(OPENSSL_WINDOWS_THREADS)
-OPENSSL_MSVC_PRAGMA(warning(push, 3))
#include <windows.h>
-OPENSSL_MSVC_PRAGMA(warning(pop))
#endif
#if defined(__cplusplus)
@@ -104,12 +103,6 @@
#define OPENSSL_ARRAY_SIZE(array) (sizeof(array) / sizeof((array)[0]))
-#if defined(__clang__) && __clang_major__ >= 5
-#if __has_attribute(fallthrough)
-#define OPENSSL_CAN_USE_ATTR_FALLTHROUGH
-#endif
-#endif
-
// GCC-like compilers indicate SSE2 with |__SSE2__|. MSVC leaves the caller to
// know that x86_64 has SSE2, and uses _M_IX86_FP to indicate SSE2 on x86.
// https://learn.microsoft.com/en-us/cpp/preprocessor/predefined-macros?view=msvc-170
@@ -610,8 +603,7 @@
typedef struct crypto_mutex_st {
char padding; // Empty structs have different sizes in C and C++.
} CRYPTO_MUTEX;
-#define CRYPTO_MUTEX_INIT \
- { 0 }
+#define CRYPTO_MUTEX_INIT {0}
#elif defined(OPENSSL_WINDOWS_THREADS)
typedef SRWLOCK CRYPTO_MUTEX;
#define CRYPTO_MUTEX_INIT SRWLOCK_INIT
@@ -676,7 +668,7 @@
BSSL_NAMESPACE_END
-} // extern "C++"
+} // extern "C++"
#endif // defined(__cplusplus)
@@ -740,10 +732,9 @@
uint8_t num_reserved;
} CRYPTO_EX_DATA_CLASS;
-#define CRYPTO_EX_DATA_CLASS_INIT \
- { CRYPTO_MUTEX_INIT, NULL, NULL, {}, 0 }
+#define CRYPTO_EX_DATA_CLASS_INIT {CRYPTO_MUTEX_INIT, NULL, NULL, {}, 0}
#define CRYPTO_EX_DATA_CLASS_INIT_WITH_APP_DATA \
- { CRYPTO_MUTEX_INIT, NULL, NULL, {}, 1 }
+ {CRYPTO_MUTEX_INIT, NULL, NULL, {}, 1}
// CRYPTO_get_ex_new_index_ex allocates a new index for |ex_data_class|. Each
// class of object should provide a wrapper function that uses the correct
@@ -785,9 +776,6 @@
return __builtin_bswap64(x);
}
#elif defined(_MSC_VER)
-OPENSSL_MSVC_PRAGMA(warning(push, 3))
-#include <stdlib.h>
-OPENSSL_MSVC_PRAGMA(warning(pop))
#pragma intrinsic(_byteswap_uint64, _byteswap_ulong, _byteswap_ushort)
static inline uint16_t CRYPTO_bswap2(uint16_t x) { return _byteswap_ushort(x); }
@@ -842,7 +830,7 @@
return memchr(s, c, n);
}
-} // extern "C++"
+} // extern "C++"
#else // __cplusplus
static inline void *OPENSSL_memchr(const void *s, int c, size_t n) {
@@ -1048,6 +1036,12 @@
#endif // FIPS
+// BORINGSSL_check_test memcmp's two values of equal length. It returns 1 on
+// success and, on failure, it prints an error message that includes the
+// hexdumps the two values and returns 0.
+int BORINGSSL_check_test(const void *expected, const void *actual,
+ size_t expected_len, const char *name);
+
// boringssl_self_test_sha256 performs a SHA-256 KAT.
int boringssl_self_test_sha256(void);
@@ -1057,6 +1051,15 @@
// boringssl_self_test_hmac_sha256 performs an HMAC-SHA-256 KAT.
int boringssl_self_test_hmac_sha256(void);
+// boringssl_self_test_mlkem performs the ML-KEM KATs.
+OPENSSL_EXPORT int boringssl_self_test_mlkem(void);
+
+// boringssl_self_test_mldsa performs the ML-DSA KATs.
+OPENSSL_EXPORT int boringssl_self_test_mldsa(void);
+
+// boringssl_self_test_slhdsa performs the SLH-DSA KATs.
+OPENSSL_EXPORT int boringssl_self_test_slhdsa(void);
+
#if defined(BORINGSSL_FIPS_COUNTERS)
void boringssl_fips_inc_counter(enum fips_counter_t counter);
#else
@@ -1105,14 +1108,6 @@
// See Intel manual, volume 2A, table 3-11.
-inline int CRYPTO_is_FXSR_capable(void) {
-#if defined(__FXSR__)
- return 1;
-#else
- return (OPENSSL_get_ia32cap(0) & (1u << 24)) != 0;
-#endif
-}
-
inline int CRYPTO_is_intel_cpu(void) {
// The reserved bit 30 is used to indicate an Intel CPU.
return (OPENSSL_get_ia32cap(0) & (1u << 30)) != 0;
@@ -1399,6 +1394,7 @@
#endif // OPENSSL_ARM || OPENSSL_AARCH64
+
#if defined(BORINGSSL_DISPATCH_TEST)
// Runtime CPU dispatch testing support
@@ -1410,12 +1406,12 @@
// 3: aes_hw_set_encrypt_key
// 4: vpaes_encrypt
// 5: vpaes_set_encrypt_key
-// 6: aes_gcm_enc_update_vaes_avx10_256 [reserved]
-// 7: aes_gcm_enc_update_vaes_avx10_512
-// 8: aes_gcm_enc_update_vaes_avx2
-extern uint8_t BORINGSSL_function_hit[9];
+// 6: aes_gcm_enc_update_vaes_avx2
+// 7: aes_gcm_enc_update_vaes_avx512
+extern uint8_t BORINGSSL_function_hit[8];
#endif // BORINGSSL_DISPATCH_TEST
+
// OPENSSL_vasprintf_internal is just like |vasprintf(3)|. If |system_malloc| is
// 0, memory will be allocated with |OPENSSL_malloc| and must be freed with
// |OPENSSL_free|. Otherwise the system |malloc| function is used and the memory
@@ -1424,6 +1420,19 @@
va_list args, int system_malloc)
OPENSSL_PRINTF_FORMAT_FUNC(2, 0);
+
+// Fuzzer mode.
+
+#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
+// CRYPTO_fuzzer_mode_enabled returns whether fuzzer mode is enabled. See
+// |CRYPTO_set_fuzzer_mode|. In non-fuzzer builds, this function statically
+// returns zero so the codepaths will be deleted by the optimizer.
+int CRYPTO_fuzzer_mode_enabled(void);
+#else
+inline int CRYPTO_fuzzer_mode_enabled(void) { return 0; }
+#endif
+
+
#if defined(__cplusplus)
} // extern C
#endif
diff --git a/src/crypto/lhash/internal.h b/src/crypto/lhash/internal.h
index 9208d58..cb09dfa 100644
--- a/src/crypto/lhash/internal.h
+++ b/src/crypto/lhash/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_LHASH_INTERNAL_H
-#define OPENSSL_HEADER_LHASH_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_LHASH_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_LHASH_INTERNAL_H
#include <openssl/lhash.h>
@@ -218,4 +218,4 @@
} // extern C
#endif
-#endif // OPENSSL_HEADER_LHASH_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_LHASH_INTERNAL_H
diff --git a/src/crypto/md5/internal.h b/src/crypto/md5/internal.h
index 501b389..5d38e3e 100644
--- a/src/crypto/md5/internal.h
+++ b/src/crypto/md5/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_MD5_INTERNAL_H
-#define OPENSSL_HEADER_MD5_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_MD5_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_MD5_INTERNAL_H
#include <openssl/base.h>
@@ -34,4 +34,4 @@
} // extern "C"
#endif
-#endif // OPENSSL_HEADER_MD5_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_MD5_INTERNAL_H
diff --git a/src/crypto/mem.cc b/src/crypto/mem.cc
index aed60a8..83a1af7 100644
--- a/src/crypto/mem.cc
+++ b/src/crypto/mem.cc
@@ -24,9 +24,7 @@
#include <openssl/err.h>
#if defined(OPENSSL_WINDOWS)
-OPENSSL_MSVC_PRAGMA(warning(push, 3))
#include <windows.h>
-OPENSSL_MSVC_PRAGMA(warning(pop))
#endif
#if defined(BORINGSSL_MALLOC_FAILURE_TESTING)
diff --git a/src/crypto/mldsa/mldsa_test.cc b/src/crypto/mldsa/mldsa_test.cc
index 6d66fc6..112b444 100644
--- a/src/crypto/mldsa/mldsa_test.cc
+++ b/src/crypto/mldsa/mldsa_test.cc
@@ -515,7 +515,6 @@
}
}
-
TEST(MLDSATest, WycheproofVerifyTests65) {
FileTestGTest(
"third_party/wycheproof_testvectors/mldsa_65_standard_verify_test.txt",
@@ -532,4 +531,34 @@
BCM_mldsa87_parse_public_key, BCM_mldsa87_verify>);
}
+TEST(MLDSATest, Self) { ASSERT_TRUE(boringssl_self_test_mldsa()); }
+
+TEST(MLDSATest, PWCT) {
+ uint8_t seed[BCM_MLDSA_SEED_BYTES];
+
+ auto pub65 = std::make_unique<uint8_t[]>(BCM_MLDSA65_PUBLIC_KEY_BYTES);
+ auto priv65 = std::make_unique<BCM_mldsa65_private_key>();
+ ASSERT_EQ(BCM_mldsa65_generate_key_fips(pub65.get(), seed, priv65.get()),
+ bcm_status::approved);
+
+ auto pub87 = std::make_unique<uint8_t[]>(BCM_MLDSA87_PUBLIC_KEY_BYTES);
+ auto priv87 = std::make_unique<BCM_mldsa87_private_key>();
+ ASSERT_EQ(BCM_mldsa87_generate_key_fips(pub87.get(), seed, priv87.get()),
+ bcm_status::approved);
+}
+
+TEST(MLDSATest, NullptrArgumentsToCreate) {
+ // For FIPS reasons, this should fail rather than crash.
+ ASSERT_EQ(BCM_mldsa65_generate_key_fips(nullptr, nullptr, nullptr),
+ bcm_status::failure);
+ ASSERT_EQ(BCM_mldsa87_generate_key_fips(nullptr, nullptr, nullptr),
+ bcm_status::failure);
+ ASSERT_EQ(
+ BCM_mldsa65_generate_key_external_entropy_fips(nullptr, nullptr, nullptr),
+ bcm_status::failure);
+ ASSERT_EQ(
+ BCM_mldsa87_generate_key_external_entropy_fips(nullptr, nullptr, nullptr),
+ bcm_status::failure);
+}
+
} // namespace
diff --git a/src/crypto/mlkem/mlkem_test.cc b/src/crypto/mlkem/mlkem_test.cc
index 0d8baaa..5b4d686 100644
--- a/src/crypto/mlkem/mlkem_test.cc
+++ b/src/crypto/mlkem/mlkem_test.cc
@@ -527,4 +527,29 @@
0x04, 0xab, 0xdb, 0x94, 0x8b, 0x90, 0x8b, 0x75, 0xba, 0xd5};
EXPECT_EQ(Bytes(result), Bytes(kExpected));
}
+
+TEST(MLKEMTest, Self) { ASSERT_TRUE(boringssl_self_test_mlkem()); }
+
+TEST(MLKEMTest, PWCT) {
+ auto pub768 = std::make_unique<uint8_t[]>(BCM_MLKEM768_PUBLIC_KEY_BYTES);
+ auto priv768 = std::make_unique<BCM_mlkem768_private_key>();
+ ASSERT_EQ(
+ BCM_mlkem768_generate_key_fips(pub768.get(), nullptr, priv768.get()),
+ bcm_status::approved);
+
+ auto pub1024 = std::make_unique<uint8_t[]>(BCM_MLKEM1024_PUBLIC_KEY_BYTES);
+ auto priv1024 = std::make_unique<BCM_mlkem1024_private_key>();
+ ASSERT_EQ(
+ BCM_mlkem1024_generate_key_fips(pub1024.get(), nullptr, priv1024.get()),
+ bcm_status::approved);
+}
+
+TEST(MLKEMTest, NullptrArgumentsToCreate) {
+ // For FIPS reasons, this should fail rather than crash.
+ ASSERT_EQ(BCM_mlkem768_generate_key_fips(nullptr, nullptr, nullptr),
+ bcm_status::failure);
+ ASSERT_EQ(BCM_mlkem1024_generate_key_fips(nullptr, nullptr, nullptr),
+ bcm_status::failure);
+}
+
} // namespace
diff --git a/src/crypto/obj/obj.cc b/src/crypto/obj/obj.cc
index ffc12ff..9fa26bb 100644
--- a/src/crypto/obj/obj.cc
+++ b/src/crypto/obj/obj.cc
@@ -278,14 +278,8 @@
OPENSSL_EXPORT int OBJ_nid2cbb(CBB *out, int nid) {
const ASN1_OBJECT *obj = OBJ_nid2obj(nid);
- CBB oid;
-
- if (obj == NULL || !CBB_add_asn1(out, &oid, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&oid, obj->data, obj->length) || !CBB_flush(out)) {
- return 0;
- }
-
- return 1;
+ return obj != NULL &&
+ CBB_add_asn1_element(out, CBS_ASN1_OBJECT, obj->data, obj->length);
}
const ASN1_OBJECT *OBJ_get_undef(void) {
diff --git a/src/crypto/pem/internal.h b/src/crypto/pem/internal.h
index bda89a6..3178c11 100644
--- a/src/crypto/pem/internal.h
+++ b/src/crypto/pem/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_PEM_INTERNAL_H
-#define OPENSSL_HEADER_PEM_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_PEM_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_PEM_INTERNAL_H
#include <openssl/pem.h>
@@ -41,4 +41,4 @@
} // extern "C"
#endif
-#endif // OPENSSL_HEADER_PEM_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_PEM_INTERNAL_H
diff --git a/src/crypto/pem/pem_lib.cc b/src/crypto/pem/pem_lib.cc
index 854af77..7679aa0 100644
--- a/src/crypto/pem/pem_lib.cc
+++ b/src/crypto/pem/pem_lib.cc
@@ -239,7 +239,7 @@
int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
const EVP_CIPHER *enc, const unsigned char *pass,
int pass_len, pem_password_cb *callback, void *u) {
- EVP_CIPHER_CTX ctx;
+ bssl::ScopedEVP_CIPHER_CTX ctx;
int dsize = 0, i, j, ret = 0;
unsigned char *p, *data = NULL;
const char *objstr = NULL;
@@ -305,16 +305,14 @@
PEM_dek_info(buf, objstr, iv_len, (char *)iv);
// k=strlen(buf);
- EVP_CIPHER_CTX_init(&ctx);
ret = 1;
- if (!EVP_EncryptInit_ex(&ctx, enc, NULL, key, iv) ||
- !EVP_EncryptUpdate(&ctx, data, &j, data, i) ||
- !EVP_EncryptFinal_ex(&ctx, &(data[j]), &i)) {
+ if (!EVP_EncryptInit_ex(ctx.get(), enc, NULL, key, iv) ||
+ !EVP_EncryptUpdate(ctx.get(), data, &j, data, i) ||
+ !EVP_EncryptFinal_ex(ctx.get(), &(data[j]), &i)) {
ret = 0;
} else {
i += j;
}
- EVP_CIPHER_CTX_cleanup(&ctx);
if (ret == 0) {
goto err;
}
@@ -329,7 +327,6 @@
err:
OPENSSL_cleanse(key, sizeof(key));
OPENSSL_cleanse(iv, sizeof(iv));
- OPENSSL_cleanse((char *)&ctx, sizeof(ctx));
OPENSSL_cleanse(buf, PEM_BUFSIZE);
OPENSSL_free(data);
return ret;
@@ -339,7 +336,7 @@
long *plen, pem_password_cb *callback, void *u) {
int i = 0, j, o, pass_len;
long len;
- EVP_CIPHER_CTX ctx;
+ bssl::ScopedEVP_CIPHER_CTX ctx;
unsigned char key[EVP_MAX_KEY_LENGTH];
char buf[PEM_BUFSIZE];
@@ -365,15 +362,13 @@
}
j = (int)len;
- EVP_CIPHER_CTX_init(&ctx);
- o = EVP_DecryptInit_ex(&ctx, cipher->cipher, NULL, key, cipher->iv);
+ o = EVP_DecryptInit_ex(ctx.get(), cipher->cipher, NULL, key, cipher->iv);
if (o) {
- o = EVP_DecryptUpdate(&ctx, data, &i, data, j);
+ o = EVP_DecryptUpdate(ctx.get(), data, &i, data, j);
}
if (o) {
- o = EVP_DecryptFinal_ex(&ctx, &(data[i]), &j);
+ o = EVP_DecryptFinal_ex(ctx.get(), &(data[i]), &j);
}
- EVP_CIPHER_CTX_cleanup(&ctx);
OPENSSL_cleanse((char *)buf, sizeof(buf));
OPENSSL_cleanse((char *)key, sizeof(key));
if (!o) {
diff --git a/src/crypto/perlasm/x86_64-xlate.pl b/src/crypto/perlasm/x86_64-xlate.pl
index a0bade3..0955c86 100755
--- a/src/crypto/perlasm/x86_64-xlate.pl
+++ b/src/crypto/perlasm/x86_64-xlate.pl
@@ -127,7 +127,7 @@
if ($self->{op} =~ /^(movz)x?([bw]).*/) { # movz is pain...
$self->{op} = $1;
$self->{sz} = $2;
- } elsif ($self->{op} =~ /call|jmp/) {
+ } elsif ($self->{op} =~ /call|jmp|^rdrand$/) {
$self->{sz} = "";
} elsif ($self->{op} =~ /^p/ && $' !~ /^(ush|op|insrw)/) { # SSEn
$self->{sz} = "";
@@ -1319,198 +1319,6 @@
}
}
-# Upon initial x86_64 introduction SSE>2 extensions were not introduced
-# yet. In order not to be bothered by tracing exact assembler versions,
-# but at the same time to provide a bare security minimum of AES-NI, we
-# hard-code some instructions. Extensions past AES-NI on the other hand
-# are traced by examining assembler version in individual perlasm
-# modules...
-
-my %regrm = ( "%eax"=>0, "%ecx"=>1, "%edx"=>2, "%ebx"=>3,
- "%esp"=>4, "%ebp"=>5, "%esi"=>6, "%edi"=>7 );
-
-sub rex {
- my $opcode=shift;
- my ($dst,$src,$rex)=@_;
-
- $rex|=0x04 if($dst>=8);
- $rex|=0x01 if($src>=8);
- push @$opcode,($rex|0x40) if ($rex);
-}
-
-my $movq = sub { # elderly gas can't handle inter-register movq
- my $arg = shift;
- my @opcode=(0x66);
- if ($arg =~ /%xmm([0-9]+),\s*%r(\w+)/) {
- my ($src,$dst)=($1,$2);
- if ($dst !~ /[0-9]+/) { $dst = $regrm{"%e$dst"}; }
- rex(\@opcode,$src,$dst,0x8);
- push @opcode,0x0f,0x7e;
- push @opcode,0xc0|(($src&7)<<3)|($dst&7); # ModR/M
- @opcode;
- } elsif ($arg =~ /%r(\w+),\s*%xmm([0-9]+)/) {
- my ($src,$dst)=($2,$1);
- if ($dst !~ /[0-9]+/) { $dst = $regrm{"%e$dst"}; }
- rex(\@opcode,$src,$dst,0x8);
- push @opcode,0x0f,0x6e;
- push @opcode,0xc0|(($src&7)<<3)|($dst&7); # ModR/M
- @opcode;
- } else {
- ();
- }
-};
-
-my $pextrd = sub {
- if (shift =~ /\$([0-9]+),\s*%xmm([0-9]+),\s*(%\w+)/) {
- my @opcode=(0x66);
- my $imm=$1;
- my $src=$2;
- my $dst=$3;
- if ($dst =~ /%r([0-9]+)d/) { $dst = $1; }
- elsif ($dst =~ /%e/) { $dst = $regrm{$dst}; }
- rex(\@opcode,$src,$dst);
- push @opcode,0x0f,0x3a,0x16;
- push @opcode,0xc0|(($src&7)<<3)|($dst&7); # ModR/M
- push @opcode,$imm;
- @opcode;
- } else {
- ();
- }
-};
-
-my $pinsrd = sub {
- if (shift =~ /\$([0-9]+),\s*(%\w+),\s*%xmm([0-9]+)/) {
- my @opcode=(0x66);
- my $imm=$1;
- my $src=$2;
- my $dst=$3;
- if ($src =~ /%r([0-9]+)/) { $src = $1; }
- elsif ($src =~ /%e/) { $src = $regrm{$src}; }
- rex(\@opcode,$dst,$src);
- push @opcode,0x0f,0x3a,0x22;
- push @opcode,0xc0|(($dst&7)<<3)|($src&7); # ModR/M
- push @opcode,$imm;
- @opcode;
- } else {
- ();
- }
-};
-
-my $pshufb = sub {
- if (shift =~ /%xmm([0-9]+),\s*%xmm([0-9]+)/) {
- my @opcode=(0x66);
- rex(\@opcode,$2,$1);
- push @opcode,0x0f,0x38,0x00;
- push @opcode,0xc0|($1&7)|(($2&7)<<3); # ModR/M
- @opcode;
- } else {
- ();
- }
-};
-
-my $palignr = sub {
- if (shift =~ /\$([0-9]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
- my @opcode=(0x66);
- rex(\@opcode,$3,$2);
- push @opcode,0x0f,0x3a,0x0f;
- push @opcode,0xc0|($2&7)|(($3&7)<<3); # ModR/M
- push @opcode,$1;
- @opcode;
- } else {
- ();
- }
-};
-
-my $pclmulqdq = sub {
- if (shift =~ /\$([x0-9a-f]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
- my @opcode=(0x66);
- rex(\@opcode,$3,$2);
- push @opcode,0x0f,0x3a,0x44;
- push @opcode,0xc0|($2&7)|(($3&7)<<3); # ModR/M
- my $c=$1;
- push @opcode,$c=~/^0/?oct($c):$c;
- @opcode;
- } else {
- ();
- }
-};
-
-my $rdrand = sub {
- if (shift =~ /%[er](\w+)/) {
- my @opcode=();
- my $dst=$1;
- if ($dst !~ /[0-9]+/) { $dst = $regrm{"%e$dst"}; }
- rex(\@opcode,0,$dst,8);
- push @opcode,0x0f,0xc7,0xf0|($dst&7);
- @opcode;
- } else {
- ();
- }
-};
-
-my $rdseed = sub {
- if (shift =~ /%[er](\w+)/) {
- my @opcode=();
- my $dst=$1;
- if ($dst !~ /[0-9]+/) { $dst = $regrm{"%e$dst"}; }
- rex(\@opcode,0,$dst,8);
- push @opcode,0x0f,0xc7,0xf8|($dst&7);
- @opcode;
- } else {
- ();
- }
-};
-
-# Not all AVX-capable assemblers recognize AMD XOP extension. Since we
-# are using only two instructions hand-code them in order to be excused
-# from chasing assembler versions...
-
-sub rxb {
- my $opcode=shift;
- my ($dst,$src1,$src2,$rxb)=@_;
-
- $rxb|=0x7<<5;
- $rxb&=~(0x04<<5) if($dst>=8);
- $rxb&=~(0x01<<5) if($src1>=8);
- $rxb&=~(0x02<<5) if($src2>=8);
- push @$opcode,$rxb;
-}
-
-my $vprotd = sub {
- if (shift =~ /\$([x0-9a-f]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
- my @opcode=(0x8f);
- rxb(\@opcode,$3,$2,-1,0x08);
- push @opcode,0x78,0xc2;
- push @opcode,0xc0|($2&7)|(($3&7)<<3); # ModR/M
- my $c=$1;
- push @opcode,$c=~/^0/?oct($c):$c;
- @opcode;
- } else {
- ();
- }
-};
-
-my $vprotq = sub {
- if (shift =~ /\$([x0-9a-f]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
- my @opcode=(0x8f);
- rxb(\@opcode,$3,$2,-1,0x08);
- push @opcode,0x78,0xc3;
- push @opcode,0xc0|($2&7)|(($3&7)<<3); # ModR/M
- my $c=$1;
- push @opcode,$c=~/^0/?oct($c):$c;
- @opcode;
- } else {
- ();
- }
-};
-
-# Intel Control-flow Enforcement Technology extension. All functions and
-# indirect branch targets will have to start with this instruction...
-
-my $endbranch = sub {
- (0xf3,0x0f,0x1e,0xfa);
-};
-
########################################################################
{
diff --git a/src/crypto/pkcs7/internal.h b/src/crypto/pkcs7/internal.h
index 7505e33..e6cc8b5 100644
--- a/src/crypto/pkcs7/internal.h
+++ b/src/crypto/pkcs7/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_PKCS7_INTERNAL_H
-#define OPENSSL_HEADER_PKCS7_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_PKCS7_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_PKCS7_INTERNAL_H
#include <openssl/base.h>
@@ -36,6 +36,8 @@
// doing so it makes callbacks to let the caller fill in parts of the structure.
// All callbacks are ignored if NULL and return one on success or zero on error.
//
+// signed_data_version: version number of the SignedData structure. In PKCS#7,
+// it is always 1. In CMS, it depends on the features used.
// digest_algos_cb: may write AlgorithmIdentifiers into the given CBB, which
// is a SET of digest algorithms.
// cert_crl_cb: may write the |certificates| or |crls| fields.
@@ -44,15 +46,27 @@
// (See https://datatracker.ietf.org/doc/html/rfc2315#section-9.1)
//
// pkcs7_add_signed_data returns one on success or zero on error.
-int pkcs7_add_signed_data(CBB *out,
- int (*digest_algos_cb)(CBB *out, const void *arg),
- int (*cert_crl_cb)(CBB *out, const void *arg),
- int (*signer_infos_cb)(CBB *out, const void *arg),
- const void *arg);
+int pkcs7_add_signed_data(CBB *out, uint64_t signed_data_version,
+ int (*digest_algos_cb)(CBB *out, void *arg),
+ int (*cert_crl_cb)(CBB *out, void *arg),
+ int (*signer_infos_cb)(CBB *out, void *arg),
+ void *arg);
+
+// pkcs7_add_external_signature writes a PKCS#7 or CMS SignedData structure to
+// |out|, containing an external (i.e. the contents are not included) signature,
+// using |sign_cert| and |key| to sign the contents of |data| with |md|. If
+// |use_key_id| is true (CMS-only), the SignerInfo specifies the signer with key
+// identifier. Otherwise, it uses issuer and serial number (PKCS#7 or CMS v1).
+// The SignedData will have no embedded certificates and no attributes.
+//
+// Note: CMS v1 and PKCS#7 v1.5 are not completely compatible, but they overlap
+// in all cases implemented by this function.
+int pkcs7_add_external_signature(CBB *out, X509 *sign_cert, EVP_PKEY *key,
+ const EVP_MD *md, BIO *data, bool use_key_id);
#if defined(__cplusplus)
} // extern C
#endif
-#endif // OPENSSL_HEADER_PKCS7_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_PKCS7_INTERNAL_H
diff --git a/src/crypto/pkcs7/pkcs7.cc b/src/crypto/pkcs7/pkcs7.cc
index 4d6c05f..aa92cc1 100644
--- a/src/crypto/pkcs7/pkcs7.cc
+++ b/src/crypto/pkcs7/pkcs7.cc
@@ -130,7 +130,7 @@
return ret;
}
-static int pkcs7_bundle_raw_certificates_cb(CBB *out, const void *arg) {
+static int pkcs7_bundle_raw_certificates_cb(CBB *out, void *arg) {
const STACK_OF(CRYPTO_BUFFER) *certs =
reinterpret_cast<const STACK_OF(CRYPTO_BUFFER) *>(arg);
CBB certificates;
@@ -155,37 +155,39 @@
int PKCS7_bundle_raw_certificates(CBB *out,
const STACK_OF(CRYPTO_BUFFER) *certs) {
- return pkcs7_add_signed_data(out, /*digest_algos_cb=*/NULL,
+ return pkcs7_add_signed_data(out, /*signed_data_version=*/1,
+ /*digest_algos_cb=*/nullptr,
pkcs7_bundle_raw_certificates_cb,
- /*signer_infos_cb=*/NULL, certs);
+ /*signer_infos_cb=*/nullptr,
+ const_cast<STACK_OF(CRYPTO_BUFFER) *>(certs));
}
-int pkcs7_add_signed_data(CBB *out,
- int (*digest_algos_cb)(CBB *out, const void *arg),
- int (*cert_crl_cb)(CBB *out, const void *arg),
- int (*signer_infos_cb)(CBB *out, const void *arg),
- const void *arg) {
- CBB outer_seq, oid, wrapped_seq, seq, version_bytes, digest_algos_set,
- content_info, signer_infos;
+int pkcs7_add_signed_data(CBB *out, uint64_t signed_data_version,
+ int (*digest_algos_cb)(CBB *out, void *arg),
+ int (*cert_crl_cb)(CBB *out, void *arg),
+ int (*signer_infos_cb)(CBB *out, void *arg),
+ void *arg) {
+ CBB outer_seq, wrapped_seq, seq, digest_algos_set, content_info, signer_infos;
// See https://tools.ietf.org/html/rfc2315#section-7
if (!CBB_add_asn1(out, &outer_seq, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&outer_seq, &oid, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&oid, kPKCS7SignedData, sizeof(kPKCS7SignedData)) ||
+ !CBB_add_asn1_element(&outer_seq, CBS_ASN1_OBJECT, kPKCS7SignedData,
+ sizeof(kPKCS7SignedData)) ||
!CBB_add_asn1(&outer_seq, &wrapped_seq,
CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0) ||
// See https://tools.ietf.org/html/rfc2315#section-9.1
!CBB_add_asn1(&wrapped_seq, &seq, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&seq, &version_bytes, CBS_ASN1_INTEGER) ||
- !CBB_add_u8(&version_bytes, 1) ||
+ !CBB_add_asn1_uint64(&seq, signed_data_version) ||
!CBB_add_asn1(&seq, &digest_algos_set, CBS_ASN1_SET) ||
(digest_algos_cb != NULL && !digest_algos_cb(&digest_algos_set, arg)) ||
+ !CBB_flush_asn1_set_of(&digest_algos_set) ||
!CBB_add_asn1(&seq, &content_info, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&content_info, &oid, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&oid, kPKCS7Data, sizeof(kPKCS7Data)) ||
+ !CBB_add_asn1_element(&content_info, CBS_ASN1_OBJECT, kPKCS7Data,
+ sizeof(kPKCS7Data)) ||
(cert_crl_cb != NULL && !cert_crl_cb(&seq, arg)) ||
!CBB_add_asn1(&seq, &signer_infos, CBS_ASN1_SET) ||
- (signer_infos_cb != NULL && !signer_infos_cb(&signer_infos, arg))) {
+ (signer_infos_cb != NULL && !signer_infos_cb(&signer_infos, arg)) ||
+ !CBB_flush_asn1_set_of(&signer_infos)) {
return 0;
}
diff --git a/src/crypto/pkcs7/pkcs7_test.cc b/src/crypto/pkcs7/pkcs7_test.cc
index 168a7c2..89987a8 100644
--- a/src/crypto/pkcs7/pkcs7_test.cc
+++ b/src/crypto/pkcs7/pkcs7_test.cc
@@ -19,403 +19,17 @@
#include <openssl/mem.h>
#include <openssl/pem.h>
#include <openssl/pkcs7.h>
+#include <openssl/span.h>
#include <openssl/stack.h>
#include <openssl/x509.h>
+#include <string>
+
#include "../internal.h"
+#include "../test/test_data.h"
#include "../test/test_util.h"
-// kPKCS7NSS contains the certificate chain of mail.google.com, as saved by NSS
-// using the Chrome UI.
-static const uint8_t kPKCS7NSS[] = {
- 0x30, 0x80, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07,
- 0x02, 0xa0, 0x80, 0x30, 0x80, 0x02, 0x01, 0x01, 0x31, 0x00, 0x30, 0x80,
- 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0x00,
- 0x00, 0xa0, 0x82, 0x0b, 0x1e, 0x30, 0x82, 0x03, 0x54, 0x30, 0x82, 0x02,
- 0x3c, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x03, 0x02, 0x34, 0x56, 0x30,
- 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05,
- 0x05, 0x00, 0x30, 0x42, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
- 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x16, 0x30, 0x14, 0x06, 0x03, 0x55,
- 0x04, 0x0a, 0x13, 0x0d, 0x47, 0x65, 0x6f, 0x54, 0x72, 0x75, 0x73, 0x74,
- 0x20, 0x49, 0x6e, 0x63, 0x2e, 0x31, 0x1b, 0x30, 0x19, 0x06, 0x03, 0x55,
- 0x04, 0x03, 0x13, 0x12, 0x47, 0x65, 0x6f, 0x54, 0x72, 0x75, 0x73, 0x74,
- 0x20, 0x47, 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x20, 0x43, 0x41, 0x30, 0x1e,
- 0x17, 0x0d, 0x30, 0x32, 0x30, 0x35, 0x32, 0x31, 0x30, 0x34, 0x30, 0x30,
- 0x30, 0x30, 0x5a, 0x17, 0x0d, 0x32, 0x32, 0x30, 0x35, 0x32, 0x31, 0x30,
- 0x34, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x42, 0x31, 0x0b, 0x30, 0x09,
- 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x16, 0x30,
- 0x14, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0d, 0x47, 0x65, 0x6f, 0x54,
- 0x72, 0x75, 0x73, 0x74, 0x20, 0x49, 0x6e, 0x63, 0x2e, 0x31, 0x1b, 0x30,
- 0x19, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x12, 0x47, 0x65, 0x6f, 0x54,
- 0x72, 0x75, 0x73, 0x74, 0x20, 0x47, 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x20,
- 0x43, 0x41, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86,
- 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01,
- 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xda,
- 0xcc, 0x18, 0x63, 0x30, 0xfd, 0xf4, 0x17, 0x23, 0x1a, 0x56, 0x7e, 0x5b,
- 0xdf, 0x3c, 0x6c, 0x38, 0xe4, 0x71, 0xb7, 0x78, 0x91, 0xd4, 0xbc, 0xa1,
- 0xd8, 0x4c, 0xf8, 0xa8, 0x43, 0xb6, 0x03, 0xe9, 0x4d, 0x21, 0x07, 0x08,
- 0x88, 0xda, 0x58, 0x2f, 0x66, 0x39, 0x29, 0xbd, 0x05, 0x78, 0x8b, 0x9d,
- 0x38, 0xe8, 0x05, 0xb7, 0x6a, 0x7e, 0x71, 0xa4, 0xe6, 0xc4, 0x60, 0xa6,
- 0xb0, 0xef, 0x80, 0xe4, 0x89, 0x28, 0x0f, 0x9e, 0x25, 0xd6, 0xed, 0x83,
- 0xf3, 0xad, 0xa6, 0x91, 0xc7, 0x98, 0xc9, 0x42, 0x18, 0x35, 0x14, 0x9d,
- 0xad, 0x98, 0x46, 0x92, 0x2e, 0x4f, 0xca, 0xf1, 0x87, 0x43, 0xc1, 0x16,
- 0x95, 0x57, 0x2d, 0x50, 0xef, 0x89, 0x2d, 0x80, 0x7a, 0x57, 0xad, 0xf2,
- 0xee, 0x5f, 0x6b, 0xd2, 0x00, 0x8d, 0xb9, 0x14, 0xf8, 0x14, 0x15, 0x35,
- 0xd9, 0xc0, 0x46, 0xa3, 0x7b, 0x72, 0xc8, 0x91, 0xbf, 0xc9, 0x55, 0x2b,
- 0xcd, 0xd0, 0x97, 0x3e, 0x9c, 0x26, 0x64, 0xcc, 0xdf, 0xce, 0x83, 0x19,
- 0x71, 0xca, 0x4e, 0xe6, 0xd4, 0xd5, 0x7b, 0xa9, 0x19, 0xcd, 0x55, 0xde,
- 0xc8, 0xec, 0xd2, 0x5e, 0x38, 0x53, 0xe5, 0x5c, 0x4f, 0x8c, 0x2d, 0xfe,
- 0x50, 0x23, 0x36, 0xfc, 0x66, 0xe6, 0xcb, 0x8e, 0xa4, 0x39, 0x19, 0x00,
- 0xb7, 0x95, 0x02, 0x39, 0x91, 0x0b, 0x0e, 0xfe, 0x38, 0x2e, 0xd1, 0x1d,
- 0x05, 0x9a, 0xf6, 0x4d, 0x3e, 0x6f, 0x0f, 0x07, 0x1d, 0xaf, 0x2c, 0x1e,
- 0x8f, 0x60, 0x39, 0xe2, 0xfa, 0x36, 0x53, 0x13, 0x39, 0xd4, 0x5e, 0x26,
- 0x2b, 0xdb, 0x3d, 0xa8, 0x14, 0xbd, 0x32, 0xeb, 0x18, 0x03, 0x28, 0x52,
- 0x04, 0x71, 0xe5, 0xab, 0x33, 0x3d, 0xe1, 0x38, 0xbb, 0x07, 0x36, 0x84,
- 0x62, 0x9c, 0x79, 0xea, 0x16, 0x30, 0xf4, 0x5f, 0xc0, 0x2b, 0xe8, 0x71,
- 0x6b, 0xe4, 0xf9, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x53, 0x30, 0x51,
- 0x30, 0x0f, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x05,
- 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e,
- 0x04, 0x16, 0x04, 0x14, 0xc0, 0x7a, 0x98, 0x68, 0x8d, 0x89, 0xfb, 0xab,
- 0x05, 0x64, 0x0c, 0x11, 0x7d, 0xaa, 0x7d, 0x65, 0xb8, 0xca, 0xcc, 0x4e,
- 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80,
- 0x14, 0xc0, 0x7a, 0x98, 0x68, 0x8d, 0x89, 0xfb, 0xab, 0x05, 0x64, 0x0c,
- 0x11, 0x7d, 0xaa, 0x7d, 0x65, 0xb8, 0xca, 0xcc, 0x4e, 0x30, 0x0d, 0x06,
- 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00,
- 0x03, 0x82, 0x01, 0x01, 0x00, 0x35, 0xe3, 0x29, 0x6a, 0xe5, 0x2f, 0x5d,
- 0x54, 0x8e, 0x29, 0x50, 0x94, 0x9f, 0x99, 0x1a, 0x14, 0xe4, 0x8f, 0x78,
- 0x2a, 0x62, 0x94, 0xa2, 0x27, 0x67, 0x9e, 0xd0, 0xcf, 0x1a, 0x5e, 0x47,
- 0xe9, 0xc1, 0xb2, 0xa4, 0xcf, 0xdd, 0x41, 0x1a, 0x05, 0x4e, 0x9b, 0x4b,
- 0xee, 0x4a, 0x6f, 0x55, 0x52, 0xb3, 0x24, 0xa1, 0x37, 0x0a, 0xeb, 0x64,
- 0x76, 0x2a, 0x2e, 0x2c, 0xf3, 0xfd, 0x3b, 0x75, 0x90, 0xbf, 0xfa, 0x71,
- 0xd8, 0xc7, 0x3d, 0x37, 0xd2, 0xb5, 0x05, 0x95, 0x62, 0xb9, 0xa6, 0xde,
- 0x89, 0x3d, 0x36, 0x7b, 0x38, 0x77, 0x48, 0x97, 0xac, 0xa6, 0x20, 0x8f,
- 0x2e, 0xa6, 0xc9, 0x0c, 0xc2, 0xb2, 0x99, 0x45, 0x00, 0xc7, 0xce, 0x11,
- 0x51, 0x22, 0x22, 0xe0, 0xa5, 0xea, 0xb6, 0x15, 0x48, 0x09, 0x64, 0xea,
- 0x5e, 0x4f, 0x74, 0xf7, 0x05, 0x3e, 0xc7, 0x8a, 0x52, 0x0c, 0xdb, 0x15,
- 0xb4, 0xbd, 0x6d, 0x9b, 0xe5, 0xc6, 0xb1, 0x54, 0x68, 0xa9, 0xe3, 0x69,
- 0x90, 0xb6, 0x9a, 0xa5, 0x0f, 0xb8, 0xb9, 0x3f, 0x20, 0x7d, 0xae, 0x4a,
- 0xb5, 0xb8, 0x9c, 0xe4, 0x1d, 0xb6, 0xab, 0xe6, 0x94, 0xa5, 0xc1, 0xc7,
- 0x83, 0xad, 0xdb, 0xf5, 0x27, 0x87, 0x0e, 0x04, 0x6c, 0xd5, 0xff, 0xdd,
- 0xa0, 0x5d, 0xed, 0x87, 0x52, 0xb7, 0x2b, 0x15, 0x02, 0xae, 0x39, 0xa6,
- 0x6a, 0x74, 0xe9, 0xda, 0xc4, 0xe7, 0xbc, 0x4d, 0x34, 0x1e, 0xa9, 0x5c,
- 0x4d, 0x33, 0x5f, 0x92, 0x09, 0x2f, 0x88, 0x66, 0x5d, 0x77, 0x97, 0xc7,
- 0x1d, 0x76, 0x13, 0xa9, 0xd5, 0xe5, 0xf1, 0x16, 0x09, 0x11, 0x35, 0xd5,
- 0xac, 0xdb, 0x24, 0x71, 0x70, 0x2c, 0x98, 0x56, 0x0b, 0xd9, 0x17, 0xb4,
- 0xd1, 0xe3, 0x51, 0x2b, 0x5e, 0x75, 0xe8, 0xd5, 0xd0, 0xdc, 0x4f, 0x34,
- 0xed, 0xc2, 0x05, 0x66, 0x80, 0xa1, 0xcb, 0xe6, 0x33, 0x30, 0x82, 0x03,
- 0xba, 0x30, 0x82, 0x02, 0xa2, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08,
- 0x3e, 0xa3, 0xe4, 0x78, 0x99, 0x38, 0x13, 0x9d, 0x30, 0x0d, 0x06, 0x09,
- 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30,
- 0x49, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
- 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13,
- 0x0a, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x20, 0x49, 0x6e, 0x63, 0x31,
- 0x25, 0x30, 0x23, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x1c, 0x47, 0x6f,
- 0x6f, 0x67, 0x6c, 0x65, 0x20, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65,
- 0x74, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x20,
- 0x47, 0x32, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x34, 0x30, 0x37, 0x31, 0x36,
- 0x31, 0x32, 0x32, 0x31, 0x34, 0x30, 0x5a, 0x17, 0x0d, 0x31, 0x34, 0x31,
- 0x30, 0x31, 0x34, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x69,
- 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
- 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a,
- 0x43, 0x61, 0x6c, 0x69, 0x66, 0x6f, 0x72, 0x6e, 0x69, 0x61, 0x31, 0x16,
- 0x30, 0x14, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x0d, 0x4d, 0x6f, 0x75,
- 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x20, 0x56, 0x69, 0x65, 0x77, 0x31, 0x13,
- 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x0a, 0x47, 0x6f, 0x6f,
- 0x67, 0x6c, 0x65, 0x20, 0x49, 0x6e, 0x63, 0x31, 0x18, 0x30, 0x16, 0x06,
- 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x67,
- 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x59, 0x30,
- 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08,
- 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04,
- 0xb2, 0x68, 0x6e, 0x3f, 0x03, 0x9e, 0x43, 0x85, 0x16, 0xb7, 0x89, 0x0b,
- 0x16, 0x2a, 0xbe, 0x26, 0x36, 0xdd, 0x68, 0x0a, 0x53, 0x4e, 0x20, 0x40,
- 0xf8, 0xd1, 0xdd, 0x63, 0xcb, 0x46, 0x73, 0x09, 0x96, 0x36, 0xde, 0x2c,
- 0x45, 0x71, 0x2e, 0x8a, 0x79, 0xeb, 0x40, 0x2f, 0x65, 0x83, 0x81, 0xdb,
- 0x37, 0x03, 0x84, 0xa1, 0x9a, 0xd0, 0x22, 0x3b, 0x73, 0x38, 0x45, 0xd3,
- 0xd5, 0x91, 0xb2, 0x52, 0xa3, 0x82, 0x01, 0x4f, 0x30, 0x82, 0x01, 0x4b,
- 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06,
- 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2b,
- 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x1a, 0x06, 0x03, 0x55,
- 0x1d, 0x11, 0x04, 0x13, 0x30, 0x11, 0x82, 0x0f, 0x6d, 0x61, 0x69, 0x6c,
- 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x30,
- 0x0b, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, 0x07, 0x80,
- 0x30, 0x68, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01,
- 0x04, 0x5c, 0x30, 0x5a, 0x30, 0x2b, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05,
- 0x05, 0x07, 0x30, 0x02, 0x86, 0x1f, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f,
- 0x2f, 0x70, 0x6b, 0x69, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
- 0x63, 0x6f, 0x6d, 0x2f, 0x47, 0x49, 0x41, 0x47, 0x32, 0x2e, 0x63, 0x72,
- 0x74, 0x30, 0x2b, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30,
- 0x01, 0x86, 0x1f, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x63, 0x6c,
- 0x69, 0x65, 0x6e, 0x74, 0x73, 0x31, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
- 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x6f, 0x63, 0x73, 0x70, 0x30, 0x1d,
- 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x75, 0xc6, 0xb0,
- 0x4a, 0x46, 0x61, 0x83, 0xff, 0x91, 0x46, 0x45, 0x35, 0xa7, 0x0f, 0xd0,
- 0x5b, 0xe9, 0xdd, 0x94, 0x1b, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13,
- 0x01, 0x01, 0xff, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1f, 0x06, 0x03, 0x55,
- 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x4a, 0xdd, 0x06, 0x16,
- 0x1b, 0xbc, 0xf6, 0x68, 0xb5, 0x76, 0xf5, 0x81, 0xb6, 0xbb, 0x62, 0x1a,
- 0xba, 0x5a, 0x81, 0x2f, 0x30, 0x17, 0x06, 0x03, 0x55, 0x1d, 0x20, 0x04,
- 0x10, 0x30, 0x0e, 0x30, 0x0c, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01,
- 0xd6, 0x79, 0x02, 0x05, 0x01, 0x30, 0x30, 0x06, 0x03, 0x55, 0x1d, 0x1f,
- 0x04, 0x29, 0x30, 0x27, 0x30, 0x25, 0xa0, 0x23, 0xa0, 0x21, 0x86, 0x1f,
- 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x70, 0x6b, 0x69, 0x2e, 0x67,
- 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x47, 0x49,
- 0x41, 0x47, 0x32, 0x2e, 0x63, 0x72, 0x6c, 0x30, 0x0d, 0x06, 0x09, 0x2a,
- 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82,
- 0x01, 0x01, 0x00, 0x7f, 0x41, 0xf5, 0x57, 0x18, 0x3c, 0x75, 0xf5, 0x23,
- 0x66, 0xc3, 0xf0, 0xf2, 0x3e, 0x70, 0x34, 0x56, 0xca, 0x78, 0xec, 0xc7,
- 0x81, 0x58, 0x0d, 0xdf, 0xf0, 0xfd, 0x86, 0xe6, 0xe6, 0x50, 0x3d, 0xf6,
- 0x09, 0x9a, 0x4d, 0xca, 0x60, 0x37, 0x9a, 0xd4, 0xca, 0x51, 0x7c, 0xf0,
- 0x66, 0x23, 0xea, 0x5e, 0x6a, 0x6f, 0x7b, 0xa6, 0x7a, 0x38, 0x97, 0x42,
- 0x58, 0x1a, 0x1b, 0x42, 0xae, 0x28, 0xde, 0x18, 0x7f, 0xcc, 0x76, 0x18,
- 0x58, 0x05, 0xbf, 0xea, 0xef, 0x14, 0xad, 0x34, 0xe5, 0x5f, 0x25, 0xab,
- 0xa1, 0x5f, 0x78, 0x5b, 0x6f, 0xe6, 0x69, 0xd8, 0x74, 0x8c, 0x19, 0x59,
- 0xb0, 0x1a, 0xfb, 0x8e, 0xdf, 0x61, 0xac, 0xeb, 0x2b, 0x0a, 0x1c, 0xab,
- 0x30, 0x0d, 0x64, 0x25, 0x78, 0xdf, 0x81, 0x71, 0xe3, 0xbd, 0xde, 0x9c,
- 0x3f, 0xdd, 0xe9, 0xf8, 0xb6, 0x98, 0x2d, 0x13, 0xa3, 0x7b, 0x14, 0x6f,
- 0xe3, 0x8b, 0xfc, 0x4e, 0x31, 0x26, 0xba, 0x10, 0xb4, 0x12, 0xe9, 0xc9,
- 0x49, 0x60, 0xf0, 0xaa, 0x1f, 0x44, 0x68, 0x19, 0xd2, 0xb3, 0xc8, 0x46,
- 0x22, 0x6b, 0xe1, 0x21, 0x77, 0xfd, 0x72, 0x33, 0x13, 0x21, 0x27, 0x81,
- 0xe4, 0x7a, 0xc9, 0xe4, 0x1c, 0x05, 0x04, 0x73, 0x13, 0xda, 0x47, 0xfe,
- 0x59, 0x41, 0x9c, 0x11, 0xc5, 0xf6, 0xb5, 0xd0, 0x01, 0xcb, 0x40, 0x19,
- 0xf5, 0xfe, 0xb3, 0x3c, 0x1f, 0x61, 0x8f, 0x4d, 0xdb, 0x81, 0x2a, 0x8a,
- 0xed, 0xb8, 0x53, 0xc7, 0x19, 0x6b, 0xfa, 0x8b, 0xfc, 0xe3, 0x2e, 0x12,
- 0x4e, 0xbd, 0xc5, 0x44, 0x9d, 0x1c, 0x7f, 0x3b, 0x09, 0x51, 0xd7, 0x0a,
- 0x0f, 0x22, 0x0a, 0xfd, 0x8c, 0x90, 0x14, 0xed, 0x10, 0xcb, 0x50, 0xcf,
- 0xa5, 0x45, 0xce, 0xb0, 0x21, 0x28, 0xcb, 0xd6, 0xf5, 0x6e, 0xb2, 0x3e,
- 0xfa, 0x35, 0x0c, 0x3d, 0x09, 0x0d, 0x81, 0x30, 0x82, 0x04, 0x04, 0x30,
- 0x82, 0x02, 0xec, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x03, 0x02, 0x3a,
- 0x69, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
- 0x01, 0x05, 0x05, 0x00, 0x30, 0x42, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,
- 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x16, 0x30, 0x14, 0x06,
- 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0d, 0x47, 0x65, 0x6f, 0x54, 0x72, 0x75,
- 0x73, 0x74, 0x20, 0x49, 0x6e, 0x63, 0x2e, 0x31, 0x1b, 0x30, 0x19, 0x06,
- 0x03, 0x55, 0x04, 0x03, 0x13, 0x12, 0x47, 0x65, 0x6f, 0x54, 0x72, 0x75,
- 0x73, 0x74, 0x20, 0x47, 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x20, 0x43, 0x41,
- 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x33, 0x30, 0x34, 0x30, 0x35, 0x31, 0x35,
- 0x31, 0x35, 0x35, 0x35, 0x5a, 0x17, 0x0d, 0x31, 0x35, 0x30, 0x34, 0x30,
- 0x34, 0x31, 0x35, 0x31, 0x35, 0x35, 0x35, 0x5a, 0x30, 0x49, 0x31, 0x0b,
- 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
- 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0a, 0x47, 0x6f,
- 0x6f, 0x67, 0x6c, 0x65, 0x20, 0x49, 0x6e, 0x63, 0x31, 0x25, 0x30, 0x23,
- 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x1c, 0x47, 0x6f, 0x6f, 0x67, 0x6c,
- 0x65, 0x20, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x20, 0x41,
- 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x20, 0x47, 0x32, 0x30,
- 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
- 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30,
- 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0x9c, 0x2a, 0x04, 0x77,
- 0x5c, 0xd8, 0x50, 0x91, 0x3a, 0x06, 0xa3, 0x82, 0xe0, 0xd8, 0x50, 0x48,
- 0xbc, 0x89, 0x3f, 0xf1, 0x19, 0x70, 0x1a, 0x88, 0x46, 0x7e, 0xe0, 0x8f,
- 0xc5, 0xf1, 0x89, 0xce, 0x21, 0xee, 0x5a, 0xfe, 0x61, 0x0d, 0xb7, 0x32,
- 0x44, 0x89, 0xa0, 0x74, 0x0b, 0x53, 0x4f, 0x55, 0xa4, 0xce, 0x82, 0x62,
- 0x95, 0xee, 0xeb, 0x59, 0x5f, 0xc6, 0xe1, 0x05, 0x80, 0x12, 0xc4, 0x5e,
- 0x94, 0x3f, 0xbc, 0x5b, 0x48, 0x38, 0xf4, 0x53, 0xf7, 0x24, 0xe6, 0xfb,
- 0x91, 0xe9, 0x15, 0xc4, 0xcf, 0xf4, 0x53, 0x0d, 0xf4, 0x4a, 0xfc, 0x9f,
- 0x54, 0xde, 0x7d, 0xbe, 0xa0, 0x6b, 0x6f, 0x87, 0xc0, 0xd0, 0x50, 0x1f,
- 0x28, 0x30, 0x03, 0x40, 0xda, 0x08, 0x73, 0x51, 0x6c, 0x7f, 0xff, 0x3a,
- 0x3c, 0xa7, 0x37, 0x06, 0x8e, 0xbd, 0x4b, 0x11, 0x04, 0xeb, 0x7d, 0x24,
- 0xde, 0xe6, 0xf9, 0xfc, 0x31, 0x71, 0xfb, 0x94, 0xd5, 0x60, 0xf3, 0x2e,
- 0x4a, 0xaf, 0x42, 0xd2, 0xcb, 0xea, 0xc4, 0x6a, 0x1a, 0xb2, 0xcc, 0x53,
- 0xdd, 0x15, 0x4b, 0x8b, 0x1f, 0xc8, 0x19, 0x61, 0x1f, 0xcd, 0x9d, 0xa8,
- 0x3e, 0x63, 0x2b, 0x84, 0x35, 0x69, 0x65, 0x84, 0xc8, 0x19, 0xc5, 0x46,
- 0x22, 0xf8, 0x53, 0x95, 0xbe, 0xe3, 0x80, 0x4a, 0x10, 0xc6, 0x2a, 0xec,
- 0xba, 0x97, 0x20, 0x11, 0xc7, 0x39, 0x99, 0x10, 0x04, 0xa0, 0xf0, 0x61,
- 0x7a, 0x95, 0x25, 0x8c, 0x4e, 0x52, 0x75, 0xe2, 0xb6, 0xed, 0x08, 0xca,
- 0x14, 0xfc, 0xce, 0x22, 0x6a, 0xb3, 0x4e, 0xcf, 0x46, 0x03, 0x97, 0x97,
- 0x03, 0x7e, 0xc0, 0xb1, 0xde, 0x7b, 0xaf, 0x45, 0x33, 0xcf, 0xba, 0x3e,
- 0x71, 0xb7, 0xde, 0xf4, 0x25, 0x25, 0xc2, 0x0d, 0x35, 0x89, 0x9d, 0x9d,
- 0xfb, 0x0e, 0x11, 0x79, 0x89, 0x1e, 0x37, 0xc5, 0xaf, 0x8e, 0x72, 0x69,
- 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x81, 0xfb, 0x30, 0x81, 0xf8, 0x30,
- 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14,
- 0xc0, 0x7a, 0x98, 0x68, 0x8d, 0x89, 0xfb, 0xab, 0x05, 0x64, 0x0c, 0x11,
- 0x7d, 0xaa, 0x7d, 0x65, 0xb8, 0xca, 0xcc, 0x4e, 0x30, 0x1d, 0x06, 0x03,
- 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x4a, 0xdd, 0x06, 0x16, 0x1b,
- 0xbc, 0xf6, 0x68, 0xb5, 0x76, 0xf5, 0x81, 0xb6, 0xbb, 0x62, 0x1a, 0xba,
- 0x5a, 0x81, 0x2f, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01,
- 0xff, 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x00, 0x30,
- 0x0e, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03,
- 0x02, 0x01, 0x06, 0x30, 0x3a, 0x06, 0x03, 0x55, 0x1d, 0x1f, 0x04, 0x33,
- 0x30, 0x31, 0x30, 0x2f, 0xa0, 0x2d, 0xa0, 0x2b, 0x86, 0x29, 0x68, 0x74,
- 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x63, 0x72, 0x6c, 0x2e, 0x67, 0x65, 0x6f,
- 0x74, 0x72, 0x75, 0x73, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x72,
- 0x6c, 0x73, 0x2f, 0x67, 0x74, 0x67, 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x2e,
- 0x63, 0x72, 0x6c, 0x30, 0x3d, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05,
- 0x07, 0x01, 0x01, 0x04, 0x31, 0x30, 0x2f, 0x30, 0x2d, 0x06, 0x08, 0x2b,
- 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x86, 0x21, 0x68, 0x74, 0x74,
- 0x70, 0x3a, 0x2f, 0x2f, 0x67, 0x74, 0x67, 0x6c, 0x6f, 0x62, 0x61, 0x6c,
- 0x2d, 0x6f, 0x63, 0x73, 0x70, 0x2e, 0x67, 0x65, 0x6f, 0x74, 0x72, 0x75,
- 0x73, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x17, 0x06, 0x03, 0x55, 0x1d,
- 0x20, 0x04, 0x10, 0x30, 0x0e, 0x30, 0x0c, 0x06, 0x0a, 0x2b, 0x06, 0x01,
- 0x04, 0x01, 0xd6, 0x79, 0x02, 0x05, 0x01, 0x30, 0x0d, 0x06, 0x09, 0x2a,
- 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82,
- 0x01, 0x01, 0x00, 0x36, 0xd7, 0x06, 0x80, 0x11, 0x27, 0xad, 0x2a, 0x14,
- 0x9b, 0x38, 0x77, 0xb3, 0x23, 0xa0, 0x75, 0x58, 0xbb, 0xb1, 0x7e, 0x83,
- 0x42, 0xba, 0x72, 0xda, 0x1e, 0xd8, 0x8e, 0x36, 0x06, 0x97, 0xe0, 0xf0,
- 0x95, 0x3b, 0x37, 0xfd, 0x1b, 0x42, 0x58, 0xfe, 0x22, 0xc8, 0x6b, 0xbd,
- 0x38, 0x5e, 0xd1, 0x3b, 0x25, 0x6e, 0x12, 0xeb, 0x5e, 0x67, 0x76, 0x46,
- 0x40, 0x90, 0xda, 0x14, 0xc8, 0x78, 0x0d, 0xed, 0x95, 0x66, 0xda, 0x8e,
- 0x86, 0x6f, 0x80, 0xa1, 0xba, 0x56, 0x32, 0x95, 0x86, 0xdc, 0xdc, 0x6a,
- 0xca, 0x04, 0x8c, 0x5b, 0x7f, 0xf6, 0xbf, 0xcc, 0x6f, 0x85, 0x03, 0x58,
- 0xc3, 0x68, 0x51, 0x13, 0xcd, 0xfd, 0xc8, 0xf7, 0x79, 0x3d, 0x99, 0x35,
- 0xf0, 0x56, 0xa3, 0xbd, 0xe0, 0x59, 0xed, 0x4f, 0x44, 0x09, 0xa3, 0x9e,
- 0x38, 0x7a, 0xf6, 0x46, 0xd1, 0x1d, 0x12, 0x9d, 0x4f, 0xbe, 0xd0, 0x40,
- 0xfc, 0x55, 0xfe, 0x06, 0x5e, 0x3c, 0xda, 0x1c, 0x56, 0xbd, 0x96, 0x51,
- 0x7b, 0x6f, 0x57, 0x2a, 0xdb, 0xa2, 0xaa, 0x96, 0xdc, 0x8c, 0x74, 0xc2,
- 0x95, 0xbe, 0xf0, 0x6e, 0x95, 0x13, 0xff, 0x17, 0xf0, 0x3c, 0xac, 0xb2,
- 0x10, 0x8d, 0xcc, 0x73, 0xfb, 0xe8, 0x8f, 0x02, 0xc6, 0xf0, 0xfb, 0x33,
- 0xb3, 0x95, 0x3b, 0xe3, 0xc2, 0xcb, 0x68, 0x58, 0x73, 0xdb, 0xa8, 0x24,
- 0x62, 0x3b, 0x06, 0x35, 0x9d, 0x0d, 0xa9, 0x33, 0xbd, 0x78, 0x03, 0x90,
- 0x2e, 0x4c, 0x78, 0x5d, 0x50, 0x3a, 0x81, 0xd4, 0xee, 0xa0, 0xc8, 0x70,
- 0x38, 0xdc, 0xb2, 0xf9, 0x67, 0xfa, 0x87, 0x40, 0x5d, 0x61, 0xc0, 0x51,
- 0x8f, 0x6b, 0x83, 0x6b, 0xcd, 0x05, 0x3a, 0xca, 0xe1, 0xa7, 0x05, 0x78,
- 0xfc, 0xca, 0xda, 0x94, 0xd0, 0x2c, 0x08, 0x3d, 0x7e, 0x16, 0x79, 0xc8,
- 0xa0, 0x50, 0x20, 0x24, 0x54, 0x33, 0x71, 0x31, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00,
-};
-
-// kPKCS7Windows is the Equifax root certificate, as exported by Windows 7.
-static const uint8_t kPKCS7Windows[] = {
- 0x30, 0x82, 0x02, 0xb1, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
- 0x01, 0x07, 0x02, 0xa0, 0x82, 0x02, 0xa2, 0x30, 0x82, 0x02, 0x9e, 0x02,
- 0x01, 0x01, 0x31, 0x00, 0x30, 0x0b, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
- 0xf7, 0x0d, 0x01, 0x07, 0x01, 0xa0, 0x82, 0x02, 0x86, 0x30, 0x82, 0x02,
- 0x82, 0x30, 0x82, 0x01, 0xeb, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01,
- 0x04, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
- 0x01, 0x04, 0x05, 0x00, 0x30, 0x53, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,
- 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x1c, 0x30, 0x1a, 0x06,
- 0x03, 0x55, 0x04, 0x0a, 0x13, 0x13, 0x45, 0x71, 0x75, 0x69, 0x66, 0x61,
- 0x78, 0x20, 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x20, 0x49, 0x6e, 0x63,
- 0x2e, 0x31, 0x26, 0x30, 0x24, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x1d,
- 0x45, 0x71, 0x75, 0x69, 0x66, 0x61, 0x78, 0x20, 0x53, 0x65, 0x63, 0x75,
- 0x72, 0x65, 0x20, 0x65, 0x42, 0x75, 0x73, 0x69, 0x6e, 0x65, 0x73, 0x73,
- 0x20, 0x43, 0x41, 0x2d, 0x31, 0x30, 0x1e, 0x17, 0x0d, 0x39, 0x39, 0x30,
- 0x36, 0x32, 0x31, 0x30, 0x34, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x17, 0x0d,
- 0x32, 0x30, 0x30, 0x36, 0x32, 0x31, 0x30, 0x34, 0x30, 0x30, 0x30, 0x30,
- 0x5a, 0x30, 0x53, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06,
- 0x13, 0x02, 0x55, 0x53, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04,
- 0x0a, 0x13, 0x13, 0x45, 0x71, 0x75, 0x69, 0x66, 0x61, 0x78, 0x20, 0x53,
- 0x65, 0x63, 0x75, 0x72, 0x65, 0x20, 0x49, 0x6e, 0x63, 0x2e, 0x31, 0x26,
- 0x30, 0x24, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x1d, 0x45, 0x71, 0x75,
- 0x69, 0x66, 0x61, 0x78, 0x20, 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x20,
- 0x65, 0x42, 0x75, 0x73, 0x69, 0x6e, 0x65, 0x73, 0x73, 0x20, 0x43, 0x41,
- 0x2d, 0x31, 0x30, 0x81, 0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48,
- 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8d, 0x00,
- 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xce, 0x2f, 0x19, 0xbc, 0x17,
- 0xb7, 0x77, 0xde, 0x93, 0xa9, 0x5f, 0x5a, 0x0d, 0x17, 0x4f, 0x34, 0x1a,
- 0x0c, 0x98, 0xf4, 0x22, 0xd9, 0x59, 0xd4, 0xc4, 0x68, 0x46, 0xf0, 0xb4,
- 0x35, 0xc5, 0x85, 0x03, 0x20, 0xc6, 0xaf, 0x45, 0xa5, 0x21, 0x51, 0x45,
- 0x41, 0xeb, 0x16, 0x58, 0x36, 0x32, 0x6f, 0xe2, 0x50, 0x62, 0x64, 0xf9,
- 0xfd, 0x51, 0x9c, 0xaa, 0x24, 0xd9, 0xf4, 0x9d, 0x83, 0x2a, 0x87, 0x0a,
- 0x21, 0xd3, 0x12, 0x38, 0x34, 0x6c, 0x8d, 0x00, 0x6e, 0x5a, 0xa0, 0xd9,
- 0x42, 0xee, 0x1a, 0x21, 0x95, 0xf9, 0x52, 0x4c, 0x55, 0x5a, 0xc5, 0x0f,
- 0x38, 0x4f, 0x46, 0xfa, 0x6d, 0xf8, 0x2e, 0x35, 0xd6, 0x1d, 0x7c, 0xeb,
- 0xe2, 0xf0, 0xb0, 0x75, 0x80, 0xc8, 0xa9, 0x13, 0xac, 0xbe, 0x88, 0xef,
- 0x3a, 0x6e, 0xab, 0x5f, 0x2a, 0x38, 0x62, 0x02, 0xb0, 0x12, 0x7b, 0xfe,
- 0x8f, 0xa6, 0x03, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x66, 0x30, 0x64,
- 0x30, 0x11, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01,
- 0x01, 0x04, 0x04, 0x03, 0x02, 0x00, 0x07, 0x30, 0x0f, 0x06, 0x03, 0x55,
- 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff,
- 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80,
- 0x14, 0x4a, 0x78, 0x32, 0x52, 0x11, 0xdb, 0x59, 0x16, 0x36, 0x5e, 0xdf,
- 0xc1, 0x14, 0x36, 0x40, 0x6a, 0x47, 0x7c, 0x4c, 0xa1, 0x30, 0x1d, 0x06,
- 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x4a, 0x78, 0x32, 0x52,
- 0x11, 0xdb, 0x59, 0x16, 0x36, 0x5e, 0xdf, 0xc1, 0x14, 0x36, 0x40, 0x6a,
- 0x47, 0x7c, 0x4c, 0xa1, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
- 0xf7, 0x0d, 0x01, 0x01, 0x04, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x75,
- 0x5b, 0xa8, 0x9b, 0x03, 0x11, 0xe6, 0xe9, 0x56, 0x4c, 0xcd, 0xf9, 0xa9,
- 0x4c, 0xc0, 0x0d, 0x9a, 0xf3, 0xcc, 0x65, 0x69, 0xe6, 0x25, 0x76, 0xcc,
- 0x59, 0xb7, 0xd6, 0x54, 0xc3, 0x1d, 0xcd, 0x99, 0xac, 0x19, 0xdd, 0xb4,
- 0x85, 0xd5, 0xe0, 0x3d, 0xfc, 0x62, 0x20, 0xa7, 0x84, 0x4b, 0x58, 0x65,
- 0xf1, 0xe2, 0xf9, 0x95, 0x21, 0x3f, 0xf5, 0xd4, 0x7e, 0x58, 0x1e, 0x47,
- 0x87, 0x54, 0x3e, 0x58, 0xa1, 0xb5, 0xb5, 0xf8, 0x2a, 0xef, 0x71, 0xe7,
- 0xbc, 0xc3, 0xf6, 0xb1, 0x49, 0x46, 0xe2, 0xd7, 0xa0, 0x6b, 0xe5, 0x56,
- 0x7a, 0x9a, 0x27, 0x98, 0x7c, 0x46, 0x62, 0x14, 0xe7, 0xc9, 0xfc, 0x6e,
- 0x03, 0x12, 0x79, 0x80, 0x38, 0x1d, 0x48, 0x82, 0x8d, 0xfc, 0x17, 0xfe,
- 0x2a, 0x96, 0x2b, 0xb5, 0x62, 0xa6, 0xa6, 0x3d, 0xbd, 0x7f, 0x92, 0x59,
- 0xcd, 0x5a, 0x2a, 0x82, 0xb2, 0x37, 0x79, 0x31, 0x00,
-};
-
-// kOpenSSLCRL is the Equifax CRL, converted to PKCS#7 form by:
-// openssl crl2pkcs7 -inform DER -in secureca.crl
-static const uint8_t kOpenSSLCRL[] = {
- 0x30, 0x82, 0x03, 0x85, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
- 0x01, 0x07, 0x02, 0xa0, 0x82, 0x03, 0x76, 0x30, 0x82, 0x03, 0x72, 0x02,
- 0x01, 0x01, 0x31, 0x00, 0x30, 0x0b, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
- 0xf7, 0x0d, 0x01, 0x07, 0x01, 0xa0, 0x00, 0xa1, 0x82, 0x03, 0x58, 0x30,
- 0x82, 0x03, 0x54, 0x30, 0x82, 0x02, 0xbd, 0x30, 0x0d, 0x06, 0x09, 0x2a,
- 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x4e,
- 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
- 0x53, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x07,
- 0x45, 0x71, 0x75, 0x69, 0x66, 0x61, 0x78, 0x31, 0x2d, 0x30, 0x2b, 0x06,
- 0x03, 0x55, 0x04, 0x0b, 0x13, 0x24, 0x45, 0x71, 0x75, 0x69, 0x66, 0x61,
- 0x78, 0x20, 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x20, 0x43, 0x65, 0x72,
- 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x20, 0x41, 0x75, 0x74,
- 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x17, 0x0d, 0x31, 0x35, 0x30, 0x32,
- 0x32, 0x37, 0x30, 0x31, 0x32, 0x33, 0x30, 0x30, 0x5a, 0x17, 0x0d, 0x31,
- 0x35, 0x30, 0x33, 0x30, 0x39, 0x30, 0x31, 0x32, 0x33, 0x30, 0x30, 0x5a,
- 0x30, 0x82, 0x02, 0x3c, 0x30, 0x14, 0x02, 0x03, 0x0f, 0x58, 0xe4, 0x17,
- 0x0d, 0x31, 0x34, 0x30, 0x34, 0x32, 0x37, 0x30, 0x38, 0x31, 0x39, 0x32,
- 0x32, 0x5a, 0x30, 0x14, 0x02, 0x03, 0x14, 0x76, 0x19, 0x17, 0x0d, 0x31,
- 0x34, 0x30, 0x36, 0x31, 0x38, 0x31, 0x35, 0x30, 0x30, 0x30, 0x33, 0x5a,
- 0x30, 0x14, 0x02, 0x03, 0x0f, 0x9a, 0xfb, 0x17, 0x0d, 0x31, 0x34, 0x30,
- 0x34, 0x32, 0x39, 0x31, 0x38, 0x30, 0x39, 0x31, 0x37, 0x5a, 0x30, 0x14,
- 0x02, 0x03, 0x14, 0x8b, 0xc0, 0x17, 0x0d, 0x31, 0x34, 0x30, 0x37, 0x30,
- 0x39, 0x31, 0x39, 0x34, 0x36, 0x33, 0x33, 0x5a, 0x30, 0x14, 0x02, 0x03,
- 0x14, 0xe4, 0x9c, 0x17, 0x0d, 0x31, 0x34, 0x30, 0x34, 0x31, 0x36, 0x32,
- 0x33, 0x33, 0x39, 0x33, 0x35, 0x5a, 0x30, 0x14, 0x02, 0x03, 0x0f, 0x86,
- 0x07, 0x17, 0x0d, 0x31, 0x34, 0x30, 0x35, 0x32, 0x31, 0x31, 0x35, 0x35,
- 0x30, 0x35, 0x33, 0x5a, 0x30, 0x14, 0x02, 0x03, 0x12, 0xe2, 0x29, 0x17,
- 0x0d, 0x31, 0x34, 0x30, 0x36, 0x31, 0x37, 0x31, 0x38, 0x35, 0x35, 0x31,
- 0x35, 0x5a, 0x30, 0x14, 0x02, 0x03, 0x0d, 0x42, 0x66, 0x17, 0x0d, 0x31,
- 0x32, 0x30, 0x36, 0x32, 0x37, 0x31, 0x37, 0x31, 0x30, 0x35, 0x33, 0x5a,
- 0x30, 0x14, 0x02, 0x03, 0x03, 0x1e, 0x33, 0x17, 0x0d, 0x30, 0x32, 0x30,
- 0x35, 0x31, 0x35, 0x31, 0x33, 0x30, 0x36, 0x31, 0x31, 0x5a, 0x30, 0x14,
- 0x02, 0x03, 0x12, 0xe2, 0x23, 0x17, 0x0d, 0x31, 0x34, 0x30, 0x36, 0x30,
- 0x36, 0x32, 0x30, 0x34, 0x30, 0x32, 0x31, 0x5a, 0x30, 0x14, 0x02, 0x03,
- 0x13, 0x9c, 0xab, 0x17, 0x0d, 0x31, 0x30, 0x30, 0x37, 0x32, 0x39, 0x31,
- 0x36, 0x34, 0x34, 0x33, 0x39, 0x5a, 0x30, 0x14, 0x02, 0x03, 0x12, 0xc6,
- 0x0a, 0x17, 0x0d, 0x31, 0x34, 0x30, 0x36, 0x30, 0x36, 0x32, 0x32, 0x32,
- 0x31, 0x33, 0x39, 0x5a, 0x30, 0x14, 0x02, 0x03, 0x03, 0x25, 0x85, 0x17,
- 0x0d, 0x30, 0x32, 0x30, 0x35, 0x31, 0x34, 0x31, 0x38, 0x31, 0x31, 0x35,
- 0x37, 0x5a, 0x30, 0x14, 0x02, 0x03, 0x14, 0x86, 0xe6, 0x17, 0x0d, 0x31,
- 0x34, 0x30, 0x37, 0x32, 0x35, 0x30, 0x32, 0x30, 0x30, 0x33, 0x38, 0x5a,
- 0x30, 0x14, 0x02, 0x03, 0x13, 0x9c, 0xa1, 0x17, 0x0d, 0x31, 0x30, 0x30,
- 0x37, 0x32, 0x39, 0x31, 0x36, 0x34, 0x37, 0x33, 0x32, 0x5a, 0x30, 0x14,
- 0x02, 0x03, 0x15, 0x4d, 0x5c, 0x17, 0x0d, 0x31, 0x34, 0x30, 0x34, 0x33,
- 0x30, 0x30, 0x30, 0x30, 0x34, 0x34, 0x32, 0x5a, 0x30, 0x14, 0x02, 0x03,
- 0x0f, 0xfa, 0x2d, 0x17, 0x0d, 0x31, 0x34, 0x30, 0x36, 0x31, 0x37, 0x31,
- 0x38, 0x35, 0x30, 0x31, 0x31, 0x5a, 0x30, 0x14, 0x02, 0x03, 0x13, 0x75,
- 0x55, 0x17, 0x0d, 0x31, 0x35, 0x30, 0x31, 0x31, 0x38, 0x30, 0x32, 0x32,
- 0x31, 0x33, 0x33, 0x5a, 0x30, 0x14, 0x02, 0x03, 0x0f, 0x56, 0x96, 0x17,
- 0x0d, 0x31, 0x34, 0x30, 0x36, 0x32, 0x34, 0x31, 0x32, 0x33, 0x31, 0x30,
- 0x32, 0x5a, 0x30, 0x14, 0x02, 0x03, 0x0b, 0x80, 0x8a, 0x17, 0x0d, 0x31,
- 0x32, 0x30, 0x36, 0x32, 0x37, 0x31, 0x37, 0x31, 0x30, 0x32, 0x35, 0x5a,
- 0x30, 0x14, 0x02, 0x03, 0x0f, 0x94, 0x16, 0x17, 0x0d, 0x31, 0x30, 0x30,
- 0x33, 0x30, 0x31, 0x31, 0x33, 0x34, 0x35, 0x33, 0x31, 0x5a, 0x30, 0x14,
- 0x02, 0x03, 0x14, 0x16, 0xb3, 0x17, 0x0d, 0x31, 0x34, 0x30, 0x36, 0x31,
- 0x38, 0x31, 0x34, 0x33, 0x32, 0x35, 0x36, 0x5a, 0x30, 0x14, 0x02, 0x03,
- 0x0a, 0xe1, 0x85, 0x17, 0x0d, 0x31, 0x32, 0x30, 0x36, 0x32, 0x37, 0x31,
- 0x37, 0x31, 0x30, 0x31, 0x37, 0x5a, 0x30, 0x14, 0x02, 0x03, 0x14, 0xcc,
- 0x3e, 0x17, 0x0d, 0x31, 0x34, 0x30, 0x37, 0x31, 0x31, 0x31, 0x32, 0x35,
- 0x35, 0x33, 0x31, 0x5a, 0x30, 0x14, 0x02, 0x03, 0x10, 0x5b, 0xcb, 0x17,
- 0x0d, 0x31, 0x30, 0x30, 0x37, 0x33, 0x30, 0x32, 0x31, 0x33, 0x31, 0x32,
- 0x30, 0x5a, 0x30, 0x14, 0x02, 0x03, 0x15, 0x6a, 0x1f, 0x17, 0x0d, 0x31,
- 0x34, 0x30, 0x32, 0x32, 0x36, 0x31, 0x32, 0x33, 0x35, 0x31, 0x39, 0x5a,
- 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01,
- 0x05, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x1d, 0x5c, 0x27, 0x07, 0x11,
- 0x03, 0xf2, 0x00, 0xbd, 0xf4, 0x46, 0x3e, 0x71, 0xfd, 0x10, 0x84, 0x83,
- 0xd9, 0xd2, 0xd2, 0x19, 0xa0, 0x20, 0xf7, 0x1a, 0x43, 0x3d, 0xac, 0xda,
- 0x33, 0xfc, 0xb7, 0x42, 0x60, 0x1a, 0xa4, 0xa8, 0xb2, 0x07, 0x5c, 0x51,
- 0x16, 0xc0, 0x42, 0x80, 0x0a, 0x0f, 0xf0, 0x47, 0x5b, 0x4b, 0x78, 0x90,
- 0xaf, 0xc7, 0xac, 0x48, 0xf8, 0xca, 0x3c, 0x13, 0x5e, 0xf6, 0xd1, 0x88,
- 0xae, 0x55, 0xa3, 0x0c, 0x8a, 0x62, 0x47, 0x29, 0xf8, 0x72, 0xb8, 0x24,
- 0x17, 0xaf, 0xb2, 0x06, 0x1e, 0xa7, 0x72, 0x76, 0xab, 0x96, 0x1d, 0xe0,
- 0x7c, 0xd4, 0x0c, 0x42, 0x82, 0x3d, 0x4a, 0x8e, 0x15, 0x77, 0x2f, 0x3c,
- 0x2a, 0x8c, 0x3a, 0x04, 0x10, 0x55, 0xdc, 0xbb, 0xba, 0xb1, 0x91, 0xee,
- 0x7b, 0xe7, 0x23, 0xc5, 0x71, 0x13, 0xae, 0x6b, 0x21, 0x35, 0xd3, 0x64,
- 0xf0, 0x00, 0x54, 0x31, 0x00,
-};
-
// kPEMCert is the result of exporting the mail.google.com certificate from
// Chrome and then running it through:
// openssl pkcs7 -inform DER -in mail.google.com -outform PEM
@@ -470,7 +84,7 @@
"fNQMQoI9So4Vdy88Kow6BBBV3Lu6sZHue+cjxXETrmshNdNk8ABUMQA=\n"
"-----END PKCS7-----\n";
-static void TestCertReparse(const uint8_t *der_bytes, size_t der_len) {
+static void TestCertReparse(bssl::Span<const uint8_t> der) {
bssl::UniquePtr<STACK_OF(X509)> certs(sk_X509_new_null());
ASSERT_TRUE(certs);
bssl::UniquePtr<STACK_OF(X509)> certs2(sk_X509_new_null());
@@ -478,13 +92,12 @@
uint8_t *result_data, *result2_data;
size_t result_len, result2_len;
- CBS pkcs7;
- CBS_init(&pkcs7, der_bytes, der_len);
+ CBS pkcs7 = der;
ASSERT_TRUE(PKCS7_get_certificates(certs.get(), &pkcs7));
EXPECT_EQ(0u, CBS_len(&pkcs7));
bssl::ScopedCBB cbb;
- ASSERT_TRUE(CBB_init(cbb.get(), der_len));
+ ASSERT_TRUE(CBB_init(cbb.get(), der.size()));
ASSERT_TRUE(PKCS7_bundle_certificates(cbb.get(), certs.get()));
ASSERT_TRUE(CBB_finish(cbb.get(), &result_data, &result_len));
bssl::UniquePtr<uint8_t> free_result_data(result_data);
@@ -503,7 +116,7 @@
ASSERT_EQ(0, X509_cmp(a, b));
}
- ASSERT_TRUE(CBB_init(cbb.get(), der_len));
+ ASSERT_TRUE(CBB_init(cbb.get(), der.size()));
ASSERT_TRUE(PKCS7_bundle_certificates(cbb.get(), certs2.get()));
ASSERT_TRUE(CBB_finish(cbb.get(), &result2_data, &result2_len));
bssl::UniquePtr<uint8_t> free_result2_data(result2_data);
@@ -511,10 +124,10 @@
EXPECT_EQ(Bytes(result_data, result_len), Bytes(result2_data, result2_len));
// Parse with the legacy API instead.
- const uint8_t *ptr = der_bytes;
- bssl::UniquePtr<PKCS7> pkcs7_obj(d2i_PKCS7(nullptr, &ptr, der_len));
+ const uint8_t *ptr = der.data();
+ bssl::UniquePtr<PKCS7> pkcs7_obj(d2i_PKCS7(nullptr, &ptr, der.size()));
ASSERT_TRUE(pkcs7_obj);
- EXPECT_EQ(ptr, der_bytes + der_len);
+ EXPECT_EQ(ptr, der.data() + der.size());
ASSERT_TRUE(PKCS7_type_is_signed(pkcs7_obj.get()));
const STACK_OF(X509) *certs3 = pkcs7_obj->d.sign->cert;
@@ -531,7 +144,7 @@
int result3_len = i2d_PKCS7(pkcs7_obj.get(), &result3_data);
ASSERT_GT(result3_len, 0);
bssl::UniquePtr<uint8_t> free_result3_data(result3_data);
- EXPECT_EQ(Bytes(der_bytes, der_len), Bytes(result3_data, result3_len));
+ EXPECT_EQ(Bytes(der), Bytes(result3_data, result3_len));
// Make a new object with the legacy API.
pkcs7_obj.reset(
@@ -555,7 +168,7 @@
EXPECT_EQ(Bytes(result_data, result_len), Bytes(result4_data, result4_len));
}
-static void TestCRLReparse(const uint8_t *der_bytes, size_t der_len) {
+static void TestCRLReparse(bssl::Span<const uint8_t> der) {
bssl::UniquePtr<STACK_OF(X509_CRL)> crls(sk_X509_CRL_new_null());
ASSERT_TRUE(crls);
bssl::UniquePtr<STACK_OF(X509_CRL)> crls2(sk_X509_CRL_new_null());
@@ -563,13 +176,12 @@
uint8_t *result_data, *result2_data;
size_t result_len, result2_len;
- CBS pkcs7;
- CBS_init(&pkcs7, der_bytes, der_len);
+ CBS pkcs7 = der;
ASSERT_TRUE(PKCS7_get_CRLs(crls.get(), &pkcs7));
EXPECT_EQ(0u, CBS_len(&pkcs7));
bssl::ScopedCBB cbb;
- ASSERT_TRUE(CBB_init(cbb.get(), der_len));
+ ASSERT_TRUE(CBB_init(cbb.get(), der.size()));
ASSERT_TRUE(PKCS7_bundle_CRLs(cbb.get(), crls.get()));
ASSERT_TRUE(CBB_finish(cbb.get(), &result_data, &result_len));
bssl::UniquePtr<uint8_t> free_result_data(result_data);
@@ -588,7 +200,7 @@
ASSERT_EQ(0, X509_CRL_cmp(a, b));
}
- ASSERT_TRUE(CBB_init(cbb.get(), der_len));
+ ASSERT_TRUE(CBB_init(cbb.get(), der.size()));
ASSERT_TRUE(PKCS7_bundle_CRLs(cbb.get(), crls2.get()));
ASSERT_TRUE(CBB_finish(cbb.get(), &result2_data, &result2_len));
bssl::UniquePtr<uint8_t> free_result2_data(result2_data);
@@ -596,10 +208,10 @@
EXPECT_EQ(Bytes(result_data, result_len), Bytes(result2_data, result2_len));
// Parse with the legacy API instead.
- const uint8_t *ptr = der_bytes;
- bssl::UniquePtr<PKCS7> pkcs7_obj(d2i_PKCS7(nullptr, &ptr, der_len));
+ const uint8_t *ptr = der.data();
+ bssl::UniquePtr<PKCS7> pkcs7_obj(d2i_PKCS7(nullptr, &ptr, der.size()));
ASSERT_TRUE(pkcs7_obj);
- EXPECT_EQ(ptr, der_bytes + der_len);
+ EXPECT_EQ(ptr, der.data() + der.size());
ASSERT_TRUE(PKCS7_type_is_signed(pkcs7_obj.get()));
const STACK_OF(X509_CRL) *crls3 = pkcs7_obj->d.sign->crl;
@@ -646,15 +258,23 @@
}
TEST(PKCS7Test, CertReparseNSS) {
- TestCertReparse(kPKCS7NSS, sizeof(kPKCS7NSS));
+ // nss.p7c contains the certificate chain of mail.google.com, as saved by NSS
+ // using the Chrome UI.
+ TestCertReparse(
+ bssl::StringAsBytes(GetTestData("crypto/pkcs7/test/nss.p7c")));
}
TEST(PKCS7Test, CertReparseWindows) {
- TestCertReparse(kPKCS7Windows, sizeof(kPKCS7Windows));
+ // windows.p7c is the Equifax root certificate, as exported by Windows 7.
+ TestCertReparse(
+ bssl::StringAsBytes(GetTestData("crypto/pkcs7/test/windows.p7c")));
}
TEST(PKCS7Test, CrlReparse) {
- TestCRLReparse(kOpenSSLCRL, sizeof(kOpenSSLCRL));
+ // openssl_crl.p7c is the Equifax CRL, converted to PKCS#7 form by:
+ // openssl crl2pkcs7 -inform DER -in secureca.crl
+ TestCRLReparse(
+ bssl::StringAsBytes(GetTestData("crypto/pkcs7/test/openssl_crl.p7c")));
}
TEST(PKCS7Test, PEMCerts) {
@@ -667,9 +287,9 @@
// Test that we output certificates in the canonical DER order.
TEST(PKCS7Test, SortCerts) {
- // kPKCS7NSS contains three certificates in the canonical DER order.
- CBS pkcs7;
- CBS_init(&pkcs7, kPKCS7NSS, sizeof(kPKCS7NSS));
+ // nss.p7c contains three certificates in the canonical DER order.
+ std::string nss_p7c = GetTestData("crypto/pkcs7/test/nss.p7c");
+ CBS pkcs7 = bssl::StringAsBytes(nss_p7c);
bssl::UniquePtr<STACK_OF(X509)> certs(sk_X509_new_null());
ASSERT_TRUE(certs);
ASSERT_TRUE(PKCS7_get_certificates(certs.get(), &pkcs7));
@@ -687,7 +307,7 @@
ASSERT_TRUE(bssl::PushToStack(new_certs.get(), bssl::UpRef(new_cert2)));
ASSERT_TRUE(bssl::PushToStack(new_certs.get(), bssl::UpRef(new_cert3)));
bssl::ScopedCBB cbb;
- ASSERT_TRUE(CBB_init(cbb.get(), sizeof(kPKCS7NSS)));
+ ASSERT_TRUE(CBB_init(cbb.get(), nss_p7c.size()));
ASSERT_TRUE(PKCS7_bundle_certificates(cbb.get(), new_certs.get()));
// The bundle should be sorted back to the original order.
@@ -712,9 +332,9 @@
// Test that we output certificates in the canonical DER order, using the
// CRYPTO_BUFFER version of the parse and bundle functions.
TEST(PKCS7Test, SortCertsRaw) {
- // kPKCS7NSS contains three certificates in the canonical DER order.
- CBS pkcs7;
- CBS_init(&pkcs7, kPKCS7NSS, sizeof(kPKCS7NSS));
+ // nss.p7c contains three certificates in the canonical DER order.
+ std::string nss_p7c = GetTestData("crypto/pkcs7/test/nss.p7c");
+ CBS pkcs7 = bssl::StringAsBytes(nss_p7c);
bssl::UniquePtr<STACK_OF(CRYPTO_BUFFER)> certs(sk_CRYPTO_BUFFER_new_null());
ASSERT_TRUE(certs);
ASSERT_TRUE(PKCS7_get_raw_certificates(certs.get(), &pkcs7, nullptr));
@@ -734,7 +354,7 @@
ASSERT_TRUE(bssl::PushToStack(new_certs.get(), bssl::UpRef(new_cert2)));
ASSERT_TRUE(bssl::PushToStack(new_certs.get(), bssl::UpRef(new_cert3)));
bssl::ScopedCBB cbb;
- ASSERT_TRUE(CBB_init(cbb.get(), sizeof(kPKCS7NSS)));
+ ASSERT_TRUE(CBB_init(cbb.get(), nss_p7c.size()));
ASSERT_TRUE(PKCS7_bundle_raw_certificates(cbb.get(), new_certs.get()));
// The bundle should be sorted back to the original order.
@@ -830,108 +450,20 @@
TEST(PKCS7Test, KernelModuleSigning) {
// Sign a message with the same call that the Linux kernel's sign-file.c
// makes.
- static const char kCert[] = R"(
------BEGIN CERTIFICATE-----
-MIIFazCCA1OgAwIBAgIURVkPzF/4dwy7419Qk75uhIuyf0EwDQYJKoZIhvcNAQEL
-BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
-GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMTA5MjExOTIyMTJaFw0yMjA5
-MjExOTIyMTJaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw
-HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggIiMA0GCSqGSIb3DQEB
-AQUAA4ICDwAwggIKAoICAQC1+MOn+BopcEVR4QMvjXdAxGkWFllXyQFDToL+qOiP
-RU1yN7C8KCtkbOAFttJIO4O/i0iZ7KqYbnmB6YUA/ONAcakocnrdoESgRJcVMeAx
-Dk/11OtMF5yIfeOOO/TUeVNmAUaT63gFbKy/adpqhzJtOv9BBl5VcYNGGSE+0wtb
-mjpmNsxunEQR1KLDc97fGYHeRfKoSyrCIEE8IaAEpKGR2Sku3v9Jwh7RpjupgiUA
-kH6pJk7VMZm5vl2wFjYvfysgjeN5ZtsxFDMaPYZStpxMxpNd5C9DsO2Ljp5NMpGf
-NGmG4ZqiaQg8z2cIM6ESmN1zDJdUh5IXed1fOxBZD/poUFH0wDRFWnvzlaPmjJEF
-rYLMK8svnE5nEQp9vu93ISFBx7cofs+niMaUXPEqaRSqruifN2M1it3kOf/8YZl1
-vurs+VtHD6nOJo6bd11+37aBidIB/BaWnzLrDmSTcPFa1tkTHwoLqc9+jThTq9jZ
-6w3lAMPpsoenyD19UmQB589+4kNp2SIO/TtzVQCGgQPXE2jDCl6G9aIPMkfvpPZK
-4THVil3WQRCFYnYdDO4HQXo2ZuC4RiqgY5ygfeoL+fa9k383lgxxAHQLS7xsbaVB
-40RmfdbdevgPYIwZNNO78ddRmMdSv6IknSW9gydGzY//btY+t1SWcBZWzn1Ewq8g
-2QIDAQABo1MwUTAdBgNVHQ4EFgQUotZD9ajEvnQYVezIWzcW4pzvMcUwHwYDVR0j
-BBgwFoAUotZD9ajEvnQYVezIWzcW4pzvMcUwDwYDVR0TAQH/BAUwAwEB/zANBgkq
-hkiG9w0BAQsFAAOCAgEAqCe42PIWoyLDx9bR+5cSp99N5xo5lLiSLtWx2emDbZB2
-AunqKYeEgIV+TWNF2w1SZ/ckFgV7SlL2Yl73N/veSNRfNAnpjLksGDFpdJb7YXrx
-cUvxdy1mr8oau6J7PC9JGjBTBrnhqwCQX1FtcAxODKll2Lsfuj6+bdC3rCK7KBEo
-ENamMJZIeo8lRP9qFF2xwCEzZjRv2zvB6O5o9045aTUcdCrwUfKE2sqY6EXRzFTC
-waK0HRCd1FLv9omhz/Ug5PMHP4d6MZfnAbFm+AzAhnpkrk/9TJYSOoNTNLWsuqhp
-dN0rKqiFWv1zIwfknXvTh1P1Ap+G5jffAca0zWUH1oKjE7ZZioSsaZ6gySnD8+WQ
-TPbOYtG+n0mhCH1TrU8Dqi3rd8g5IbC8loYLRH94QtodOnevD4Qo9Orfrsr8hGOW
-ABespanZArhoQ03DAtpNhtHm2NWJQF2uHNqcTrkq0omqZBTbMD1GKMBujoNooAUu
-w51U9r+RycPJTFqEGHb0nd7EjoyXEXtuX1Ld5fTZjQ9SszmQKQ8w3lHqRGNlkSiO
-e3IOOq2ruXmq1jykxpmi82IcTRUE8TZBfL/yz0nxpHKAYC1VwMezrkgZDGz4npxf
-1z2+qd58xU6/jsf7/+3xdPFubeEJujdbCkWQsQC5Rzm48zDWGq/pyzFji44K3TA=
------END CERTIFICATE-----
-)";
-
- static const char kKey[] = R"(
------BEGIN PRIVATE KEY-----
-MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQC1+MOn+BopcEVR
-4QMvjXdAxGkWFllXyQFDToL+qOiPRU1yN7C8KCtkbOAFttJIO4O/i0iZ7KqYbnmB
-6YUA/ONAcakocnrdoESgRJcVMeAxDk/11OtMF5yIfeOOO/TUeVNmAUaT63gFbKy/
-adpqhzJtOv9BBl5VcYNGGSE+0wtbmjpmNsxunEQR1KLDc97fGYHeRfKoSyrCIEE8
-IaAEpKGR2Sku3v9Jwh7RpjupgiUAkH6pJk7VMZm5vl2wFjYvfysgjeN5ZtsxFDMa
-PYZStpxMxpNd5C9DsO2Ljp5NMpGfNGmG4ZqiaQg8z2cIM6ESmN1zDJdUh5IXed1f
-OxBZD/poUFH0wDRFWnvzlaPmjJEFrYLMK8svnE5nEQp9vu93ISFBx7cofs+niMaU
-XPEqaRSqruifN2M1it3kOf/8YZl1vurs+VtHD6nOJo6bd11+37aBidIB/BaWnzLr
-DmSTcPFa1tkTHwoLqc9+jThTq9jZ6w3lAMPpsoenyD19UmQB589+4kNp2SIO/Ttz
-VQCGgQPXE2jDCl6G9aIPMkfvpPZK4THVil3WQRCFYnYdDO4HQXo2ZuC4RiqgY5yg
-feoL+fa9k383lgxxAHQLS7xsbaVB40RmfdbdevgPYIwZNNO78ddRmMdSv6IknSW9
-gydGzY//btY+t1SWcBZWzn1Ewq8g2QIDAQABAoICAFQ/liZAIaypxA5ChP0RG/Mq
-fBSzyC1ybFlDEjbg8LrUNST6T6LtXhmipp0+pWC33SljTPumrNzh2POir+djLbt6
-Y/zL88KEHwGsf95aNxe/Lpn8N+wEyn4O+rmxXIq6mTgSwyBc1jZ8uAXu9iZ37YrQ
-07jBQA+C/GoJ3HB/uTRx1TPZjxBu3Lz8m1auYLMd1hiYfd4Y3vT9hfZXAwTjS8KA
-riZ7K+p0K1yY/+pczNDUFTAvAjSGQEvUrP+HaRLYZ5ks1/IvArBYT8iIT5Yf4YFS
-NowzxwYp9fC02OmYzf7Nf0XpUXR7+EpfI66SaLJ5f51yaOXD1olz7F/YsprpYN7+
-oQd7EKar1bY3ROM6naUZtsIoEblg6B0mkyHWQgZ9wZRbcN7Zmuc/tIpLat7se+MP
-xQeAcH4Yhgnd2G6EELpmJBcyJ0Ss3atpI1eenU+ly++L4XbDQH9norKQ1PEDXYbV
-XMAV5uIsplBL7hGIa6/u/cRMM5eN3TJchtzIHFhq9+ENMvjTOfo0bflcYR+tNxGD
-6agWlD/Apedaapu/3Xp7ekyCiy/YTIwgT4U3rprYplzFM5HbzYtZ9ThxUm+CmnYj
-ZSCKiLoaQq+11/M9zH1Je0uJP5aK0CxOii2LVRXZYaQfbDtiHNWUSM7uPIZMnDgE
-IPTpl9CEfk7U3pgiUlg5AoIBAQDjUeikACPaRuewIjLqwTT2/j+ZO+/dCG4atFZa
-W+gdZ1NVDCdowQPBZWg6bqejRr1MvORg2L83kqZDQjaT9y59qxsFhXCy26xKp7aP
-Z4pEvUQmQnnf3RYHk3EBtOHyyMetTaghTGzL3MlPGo3uGbCiYtVoPKXZXGWeiOFN
-s9RNDh/7m6harB2bmX2cK+QPdJ1roVBXQDLkjh2mvLnC5vrsw81GWSkbWQpYmnVi
-YdLhytM+UTYjTrSugtrKk9e2KOFf2uR8PVaPeINEM4uubxW5YUy6gwF8ePtWYAtZ
-Skw3kdBdShhGzHORSY3NsRTJZL6AUdkhHYFTl/rlfj1WXsdnAoIBAQDM7i0u2T+E
-HmroTGiQAIRUEwUZQFDRkcEnM75jpkQT39jXF+zmhjzS1slJF2x0E0jUBV0juVWh
-mz1kHjTMV0j3/mvCeVv0iTcdIbHYRtTwmOjzkwTsZGh6T7okYck3KexRjpyhPpcX
-hOHOPJKS/muG0ZuaJjTEbJOzrSPU0rt0ppL7nOwd5jIOoGAciWiP17G1Lyyitrv4
-mKBK6mFQQWjAgEGy3jvBocbUo7Qo8Aucm6Y4eF1fUyC/X07RBzERHS4TuM+AQlDN
-T+LgTgcwTjE+Nzow2WMwCIbhVQqFRScuWqcJ6NQ6S/dV0R+aGJ90Ey+DtiZ9N9uV
-j0omAGvM8u2/AoIBADXF94FsIw8MfNw2itLrl2riJAtMmWYxC1K33EGNwi/KdHUG
-5f+qwQerxGcmK/O81STk/iVGwJ0VzMzWSfDgpRfHNSIuOcWln3EdkVsFBDlUiF2A
-ljH1q7NpFm9v6Y80HcAKQb52xLnI5boXrwFnBFi1hoQc7KKpb8R73sgxxQPhVoF/
-hejFFE/tlEAwRce+L0r5ovaw0hks4SjDNjI7z5nYi6ObjdTRUFg7WY9HUspk32m7
-blIV2Tn67GTFal7F9uJk9m3JWMOhn3OvudguoPX0ZWEtgll+iP4axDSAFd2DWcXn
-tCxzStdQjgHdZOxrL4FNW06xGxm6Nvi4zyuySfsCggEAOuIpC3ATBxRyZYMm/FGZ
-tEquyV2omz8FQA1nJFzu7MMCHHPcdzSVH4Pl3GGloQi1gW51H8GuMDxZ/H2NcDWY
-WuG49u1GFdKjinRXFKztnKBjNzHEVWRYfOSRuMh8N6SNKbYPnWlNos1k0IypFSGT
-pe5uhnF58gK8wgD67bkLce43B6NEWSb+tSMx2qFE8SfqAQSoD6zv//NjA4OrKJNS
-1RVFS279vpqMdib/qk+nFn3G2i0Dr1NEcpihHgCyAZff2Hze6pyjeQr+RrNE74VY
-MudNiiG8lV2t2+tClZ6ULoaPvpIvAP04+WiYav+uOX0VxwO8tXgqWSQOCzNNxlr7
-IwKCAQA7odNjE6Sc2qiecrOu13kEi3gT0heshIyZ0XhePrS1vgHfCouIRvNMw4FT
-45ZZUFDSdOxhrew5GuMeLvo2YILBjmkX3UqTojQMbur7FcGH8/P0Sm0f20Vc06oS
-sQF5Ji4LSyf6t9oQKePjFIGoIc6pf6BXJZYP4rBnzQzUQjH2yzDYDY3TuV7bFJJU
-DcSTGM6nP0fRMmgBtB14o7A6Gsy6X/N2ElgbvWT8YhmUC6H8DIzmZwHRKaG6C6g5
-eEjuAYenYNM4jxeteC1neUDIdGxH/BA7JrAqcGaN9GT+R47YIfiS2WrEssD1Pi5h
-hJTbHtjEDJ7BHLC/CNUhXbpyyu1y
------END PRIVATE KEY-----
-)";
-
+ std::string cert_pem = GetTestData("crypto/pkcs7/test/sign_cert.pem");
+ std::string key_pem = GetTestData("crypto/pkcs7/test/sign_key.pem");
bssl::UniquePtr<BIO> cert_bio(
- BIO_new_mem_buf(const_cast<char *>(kCert), sizeof(kCert) - 1));
+ BIO_new_mem_buf(cert_pem.data(), cert_pem.size()));
bssl::UniquePtr<X509> cert(
PEM_read_bio_X509(cert_bio.get(), nullptr, nullptr, nullptr));
- bssl::UniquePtr<BIO> key_bio(
- BIO_new_mem_buf(const_cast<char *>(kKey), sizeof(kKey) - 1));
+ bssl::UniquePtr<BIO> key_bio(BIO_new_mem_buf(key_pem.data(), key_pem.size()));
bssl::UniquePtr<EVP_PKEY> key(
PEM_read_bio_PrivateKey(key_bio.get(), nullptr, nullptr, nullptr));
static const char kSignedData[] = "signed data";
- bssl::UniquePtr<BIO> data_bio(BIO_new_mem_buf(const_cast<char *>(kSignedData),
- sizeof(kSignedData) - 1));
+ bssl::UniquePtr<BIO> data_bio(
+ BIO_new_mem_buf(kSignedData, sizeof(kSignedData) - 1));
bssl::UniquePtr<PKCS7> pkcs7(
PKCS7_sign(cert.get(), key.get(), /*certs=*/nullptr, data_bio.get(),
@@ -944,69 +476,8 @@
bssl::UniquePtr<uint8_t> pkcs7_storage(pkcs7_bytes);
// RSA signatures are deterministic so the output should not change.
- static const uint8_t kExpectedOutput[] = {
- 0x30, 0x82, 0x02, 0xbc, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
- 0x01, 0x07, 0x02, 0xa0, 0x82, 0x02, 0xad, 0x30, 0x82, 0x02, 0xa9, 0x02,
- 0x01, 0x01, 0x31, 0x0d, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
- 0x65, 0x03, 0x04, 0x02, 0x01, 0x30, 0x0b, 0x06, 0x09, 0x2a, 0x86, 0x48,
- 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0x31, 0x82, 0x02, 0x86, 0x30, 0x82,
- 0x02, 0x82, 0x02, 0x01, 0x01, 0x30, 0x5d, 0x30, 0x45, 0x31, 0x0b, 0x30,
- 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x41, 0x55, 0x31, 0x13,
- 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, 0x53, 0x6f, 0x6d,
- 0x65, 0x2d, 0x53, 0x74, 0x61, 0x74, 0x65, 0x31, 0x21, 0x30, 0x1f, 0x06,
- 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x18, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e,
- 0x65, 0x74, 0x20, 0x57, 0x69, 0x64, 0x67, 0x69, 0x74, 0x73, 0x20, 0x50,
- 0x74, 0x79, 0x20, 0x4c, 0x74, 0x64, 0x02, 0x14, 0x45, 0x59, 0x0f, 0xcc,
- 0x5f, 0xf8, 0x77, 0x0c, 0xbb, 0xe3, 0x5f, 0x50, 0x93, 0xbe, 0x6e, 0x84,
- 0x8b, 0xb2, 0x7f, 0x41, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
- 0x65, 0x03, 0x04, 0x02, 0x01, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48,
- 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x02, 0x00,
- 0x54, 0xd4, 0x7c, 0xdc, 0x19, 0x86, 0xa1, 0xb2, 0xbe, 0xe3, 0xa4, 0x5e,
- 0xad, 0x16, 0x6f, 0x7c, 0xf9, 0xa6, 0x40, 0x90, 0xb8, 0x78, 0x85, 0xf1,
- 0x02, 0x59, 0xe5, 0x9f, 0x83, 0xfb, 0x20, 0xcf, 0x29, 0x52, 0xb6, 0x35,
- 0x5c, 0xf9, 0xef, 0x4e, 0xc5, 0xd3, 0xa6, 0x45, 0x6e, 0xfa, 0x0a, 0xa7,
- 0x53, 0xc8, 0xf4, 0xf9, 0xd6, 0xc5, 0xd8, 0xd8, 0x04, 0x3d, 0xb4, 0x15,
- 0xa7, 0x7a, 0x53, 0xdd, 0x27, 0xfa, 0x58, 0x2e, 0x5e, 0xc4, 0xcd, 0x45,
- 0xaa, 0xc2, 0x7b, 0xf9, 0x3d, 0xd7, 0x22, 0x20, 0x90, 0xbb, 0xa5, 0x62,
- 0xd5, 0xaa, 0x39, 0x8f, 0xc1, 0x00, 0xef, 0x4b, 0x03, 0x2c, 0x32, 0xc0,
- 0xad, 0x27, 0xb6, 0xfe, 0x86, 0xe5, 0x9d, 0xf0, 0xbe, 0xb1, 0x0d, 0xa4,
- 0xa3, 0x40, 0xe0, 0xaa, 0x0a, 0x13, 0x6e, 0x61, 0x9a, 0x3b, 0xae, 0x78,
- 0xd4, 0x6f, 0x2d, 0x1d, 0x40, 0x4b, 0xe3, 0x5f, 0xf8, 0xe8, 0x21, 0x89,
- 0x35, 0x73, 0x6d, 0x7e, 0x41, 0xc6, 0x0f, 0x0c, 0x01, 0x64, 0x61, 0xa8,
- 0x37, 0xef, 0x2b, 0x95, 0xb7, 0x34, 0xac, 0xc7, 0xdb, 0x66, 0x87, 0x45,
- 0xb4, 0x0f, 0x60, 0x01, 0x07, 0x29, 0x74, 0x32, 0x0b, 0xae, 0xbc, 0x08,
- 0x88, 0x15, 0xc3, 0x79, 0x4a, 0x1c, 0x5a, 0x9c, 0xc2, 0xfb, 0x4f, 0xd3,
- 0x17, 0xc2, 0x40, 0x71, 0x37, 0xea, 0xa6, 0x1e, 0xf0, 0x5b, 0xa5, 0xd7,
- 0x9b, 0x9e, 0x57, 0x44, 0x74, 0xc5, 0xd5, 0x5f, 0xba, 0xbc, 0xd7, 0xe1,
- 0xae, 0xd0, 0xd3, 0xb5, 0x10, 0xc6, 0x8b, 0xb1, 0x83, 0x7c, 0xaa, 0x3a,
- 0xbb, 0xe8, 0x7f, 0x56, 0xc4, 0x3b, 0x9d, 0x45, 0x09, 0x9b, 0x34, 0xc9,
- 0xfb, 0x5a, 0xa1, 0xab, 0xd0, 0x07, 0x79, 0x43, 0x58, 0x44, 0xd7, 0x40,
- 0xc4, 0xa7, 0xd3, 0xe9, 0x18, 0xb9, 0x78, 0x1d, 0x93, 0x0b, 0xc1, 0xdb,
- 0xc3, 0xae, 0xc9, 0xe8, 0x2c, 0xa7, 0x8c, 0x7e, 0x31, 0x1e, 0xec, 0x1c,
- 0xab, 0x83, 0xa0, 0x5d, 0x0e, 0xc3, 0x6a, 0x7c, 0x97, 0x09, 0xcf, 0x00,
- 0xa9, 0x66, 0xda, 0x21, 0x85, 0xaa, 0x47, 0xd8, 0xea, 0x8f, 0x72, 0x54,
- 0x03, 0x6c, 0xbc, 0x4b, 0xf9, 0x92, 0xae, 0x82, 0x75, 0x33, 0x10, 0x4d,
- 0x65, 0x4d, 0x0e, 0x73, 0x5d, 0x6f, 0x09, 0xee, 0x56, 0x78, 0x87, 0x0b,
- 0xa3, 0xaa, 0xc2, 0x5f, 0x49, 0x73, 0x0d, 0x78, 0xfa, 0x40, 0xc1, 0x25,
- 0x2f, 0x5d, 0x8a, 0xe1, 0xbf, 0x38, 0x2c, 0xd0, 0x26, 0xbd, 0xf5, 0x6e,
- 0x02, 0x01, 0x2e, 0x9e, 0x27, 0x64, 0x4b, 0x61, 0x8c, 0x68, 0x6e, 0x09,
- 0xfe, 0x0b, 0xf8, 0x36, 0x4e, 0x84, 0xb7, 0x76, 0xcb, 0x41, 0xf0, 0x40,
- 0x72, 0xc9, 0x74, 0x64, 0x5f, 0xbe, 0x9e, 0xfe, 0x9e, 0xce, 0x89, 0x84,
- 0x68, 0x81, 0x57, 0x2a, 0xdb, 0xd6, 0x01, 0xa8, 0x1b, 0x6e, 0x5d, 0xc4,
- 0x65, 0xbd, 0x0d, 0x98, 0x54, 0xa3, 0x18, 0x23, 0x09, 0x4a, 0x8d, 0x6c,
- 0xc6, 0x2e, 0xfe, 0x7a, 0xa9, 0x11, 0x92, 0x8b, 0xd0, 0xc1, 0xe7, 0x76,
- 0x71, 0xec, 0x34, 0xfc, 0xc8, 0x2a, 0x5e, 0x38, 0x52, 0xe6, 0xc8, 0xa5,
- 0x1d, 0x0b, 0xce, 0xf5, 0xc0, 0xe5, 0x0b, 0x88, 0xa9, 0x55, 0x88, 0x6c,
- 0xfa, 0xea, 0xaa, 0x39, 0x66, 0xdd, 0x80, 0x52, 0xe0, 0x7e, 0x45, 0x8e,
- 0x51, 0x2c, 0x36, 0x07, 0xd7, 0x2b, 0xf1, 0x46, 0x00, 0x66, 0xb2, 0x5a,
- 0x39, 0xbe, 0xf7, 0x26, 0x15, 0xbc, 0x55, 0xdb, 0xe9, 0x01, 0xdd, 0x54,
- 0x27, 0x2b, 0xfe, 0x86, 0x52, 0xef, 0xc6, 0x27, 0xa3, 0xf7, 0x55, 0x55,
- 0xb8, 0xe2, 0x1f, 0xcb, 0x32, 0xd8, 0xba, 0xd6, 0x69, 0xde, 0x8d, 0xa7,
- 0xfa, 0xad, 0xf6, 0x2a, 0xc0, 0x6f, 0x86, 0x50, 0x27, 0x5a, 0xe2, 0xe3,
- 0xf6, 0xb9, 0x01, 0xec, 0x01, 0x37, 0x84, 0x01,
- };
- EXPECT_EQ(Bytes(pkcs7_bytes, pkcs7_len),
- Bytes(kExpectedOutput, sizeof(kExpectedOutput)));
+ std::string expected = GetTestData("crypto/pkcs7/test/sign_sha256.p7s");
+ EXPECT_EQ(Bytes(pkcs7_bytes, pkcs7_len), Bytes(expected));
// Other option combinations should fail.
EXPECT_FALSE(
diff --git a/src/crypto/pkcs7/pkcs7_x509.cc b/src/crypto/pkcs7/pkcs7_x509.cc
index 8484c38..8933f61 100644
--- a/src/crypto/pkcs7/pkcs7_x509.cc
+++ b/src/crypto/pkcs7/pkcs7_x509.cc
@@ -17,8 +17,12 @@
#include <assert.h>
#include <limits.h>
+#include <openssl/asn1.h>
#include <openssl/bytestring.h>
+#include <openssl/cms.h>
+#include <openssl/digest.h>
#include <openssl/err.h>
+#include <openssl/evp.h>
#include <openssl/mem.h>
#include <openssl/obj.h>
#include <openssl/pem.h>
@@ -26,6 +30,8 @@
#include <openssl/stack.h>
#include <openssl/x509.h>
+#include "../asn1/internal.h"
+#include "../x509/internal.h"
#include "../internal.h"
#include "internal.h"
@@ -168,8 +174,8 @@
return ret;
}
-static int pkcs7_bundle_certificates_cb(CBB *out, const void *arg) {
- const STACK_OF(X509) *certs = reinterpret_cast<const STACK_OF(X509) *>(arg);
+static int pkcs7_bundle_certificates_cb(CBB *out, void *arg) {
+ auto *certs = static_cast<const STACK_OF(X509) *>(arg);
size_t i;
CBB certificates;
@@ -195,14 +201,14 @@
}
int PKCS7_bundle_certificates(CBB *out, const STACK_OF(X509) *certs) {
- return pkcs7_add_signed_data(out, /*digest_algos_cb=*/NULL,
- pkcs7_bundle_certificates_cb,
- /*signer_infos_cb=*/NULL, certs);
+ return pkcs7_add_signed_data(
+ out, /*signed_data_version=*/1,
+ /*digest_algos_cb=*/nullptr, pkcs7_bundle_certificates_cb,
+ /*signer_infos_cb=*/nullptr, const_cast<STACK_OF(X509) *>(certs));
}
-static int pkcs7_bundle_crls_cb(CBB *out, const void *arg) {
- const STACK_OF(X509_CRL) *crls =
- reinterpret_cast<const STACK_OF(X509_CRL) *>(arg);
+static int pkcs7_bundle_crls_cb(CBB *out, void *arg) {
+ auto *crls = static_cast<const STACK_OF(X509_CRL) *>(arg);
size_t i;
CBB crl_data;
@@ -228,9 +234,10 @@
}
int PKCS7_bundle_CRLs(CBB *out, const STACK_OF(X509_CRL) *crls) {
- return pkcs7_add_signed_data(out, /*digest_algos_cb=*/NULL,
- pkcs7_bundle_crls_cb,
- /*signer_infos_cb=*/NULL, crls);
+ return pkcs7_add_signed_data(
+ out, /*signed_data_version=*/1,
+ /*digest_algos_cb=*/nullptr, pkcs7_bundle_crls_cb,
+ /*signer_infos_cb=*/nullptr, const_cast<STACK_OF(X509_CRL) *>(crls));
}
static PKCS7 *pkcs7_new(CBS *cbs) {
@@ -363,164 +370,155 @@
int PKCS7_type_is_signed(const PKCS7 *p7) { return 1; }
int PKCS7_type_is_signedAndEnveloped(const PKCS7 *p7) { return 0; }
-// write_sha256_ai writes an AlgorithmIdentifier for SHA-256 to
-// |digest_algos_set|.
-static int write_sha256_ai(CBB *digest_algos_set, const void *arg) {
- CBB seq;
- return CBB_add_asn1(digest_algos_set, &seq, CBS_ASN1_SEQUENCE) &&
- OBJ_nid2cbb(&seq, NID_sha256) && //
- // https://datatracker.ietf.org/doc/html/rfc5754#section-2
- // "Implementations MUST generate SHA2 AlgorithmIdentifiers with absent
- // parameters."
- CBB_flush(digest_algos_set);
-}
-
-// sign_sha256 writes at most |max_out_sig| bytes of the signature of |data| by
-// |pkey| to |out_sig| and sets |*out_sig_len| to the number of bytes written.
-// It returns one on success or zero on error.
-static int sign_sha256(uint8_t *out_sig, size_t *out_sig_len,
- size_t max_out_sig, EVP_PKEY *pkey, BIO *data) {
- static const size_t kBufSize = 4096;
- uint8_t *buffer = reinterpret_cast<uint8_t *>(OPENSSL_malloc(kBufSize));
- if (!buffer) {
- return 0;
- }
-
- EVP_MD_CTX ctx;
- EVP_MD_CTX_init(&ctx);
-
- int ret = 0;
- if (!EVP_DigestSignInit(&ctx, NULL, EVP_sha256(), NULL, pkey)) {
- goto out;
- }
-
+static bool digest_sign_update(EVP_MD_CTX *ctx, BIO *data) {
for (;;) {
- const int n = BIO_read(data, buffer, kBufSize);
+ uint8_t buf[4096];
+ const int n = BIO_read(data, buf, sizeof(buf));
if (n == 0) {
- break;
- } else if (n < 0 || !EVP_DigestSignUpdate(&ctx, buffer, n)) {
- goto out;
+ return true;
+ } else if (n < 0 || !EVP_DigestSignUpdate(ctx, buf, n)) {
+ return false;
}
}
-
- *out_sig_len = max_out_sig;
- if (!EVP_DigestSignFinal(&ctx, out_sig, out_sig_len)) {
- goto out;
- }
-
- ret = 1;
-
-out:
- EVP_MD_CTX_cleanup(&ctx);
- OPENSSL_free(buffer);
- return ret;
}
namespace {
struct signer_info_data {
- const X509 *sign_cert;
- uint8_t *signature;
- size_t signature_len;
+ X509 *sign_cert = nullptr;
+ bssl::ScopedEVP_MD_CTX sign_ctx;
+ bool use_key_id = false;
};
} // namespace
+static int write_signer_digest_algos(CBB *digest_algos_set, void *arg) {
+ auto *si_data = static_cast<struct signer_info_data *>(arg);
+ // https://www.rfc-editor.org/rfc/rfc5754.html#section-2
+ // "Implementations MUST generate SHA2 AlgorithmIdentifiers with absent
+ // parameters."
+ return EVP_marshal_digest_algorithm_no_params(
+ digest_algos_set, EVP_MD_CTX_get0_md(si_data->sign_ctx.get()));
+}
+
// write_signer_info writes the SignerInfo structure from
-// https://datatracker.ietf.org/doc/html/rfc2315#section-9.2 to |out|. It
-// returns one on success or zero on error.
-static int write_signer_info(CBB *out, const void *arg) {
- const struct signer_info_data *const si_data =
- reinterpret_cast<const struct signer_info_data *>(arg);
+// https://www.rfc-editor.org/rfc/rfc2315.html#section-9.2 and
+// https://www.rfc-editor.org/rfc/rfc5652.html#section-5.3 to |out|. It returns
+// one on success or zero on error.
+static int write_signer_info(CBB *out, void *arg) {
+ auto *si_data = static_cast<struct signer_info_data *>(arg);
- int ret = 0;
- uint8_t *subject_bytes = NULL;
- uint8_t *serial_bytes = NULL;
-
- const int subject_len =
- i2d_X509_NAME(X509_get_subject_name(si_data->sign_cert), &subject_bytes);
- const int serial_len = i2d_ASN1_INTEGER(
- (ASN1_INTEGER *)X509_get0_serialNumber(si_data->sign_cert),
- &serial_bytes);
-
- CBB seq, issuer_and_serial, signing_algo, null, signature;
- if (subject_len < 0 || serial_len < 0 ||
- !CBB_add_asn1(out, &seq, CBS_ASN1_SEQUENCE) ||
- // version
- !CBB_add_asn1_uint64(&seq, 1) ||
- !CBB_add_asn1(&seq, &issuer_and_serial, CBS_ASN1_SEQUENCE) ||
- !CBB_add_bytes(&issuer_and_serial, subject_bytes, subject_len) ||
- !CBB_add_bytes(&issuer_and_serial, serial_bytes, serial_len) ||
- !write_sha256_ai(&seq, NULL) ||
- !CBB_add_asn1(&seq, &signing_algo, CBS_ASN1_SEQUENCE) ||
- !OBJ_nid2cbb(&signing_algo, NID_rsaEncryption) ||
- !CBB_add_asn1(&signing_algo, &null, CBS_ASN1_NULL) ||
- !CBB_add_asn1(&seq, &signature, CBS_ASN1_OCTETSTRING) ||
- !CBB_add_bytes(&signature, si_data->signature, si_data->signature_len) ||
- !CBB_flush(out)) {
- goto out;
+ uint64_t version = si_data->use_key_id ? 3u : 1u;
+ CBB seq, child, signing_algo, null, signature;
+ if (!CBB_add_asn1(out, &seq, CBS_ASN1_SEQUENCE) ||
+ !CBB_add_asn1_uint64(&seq, version)) {
+ return 0;
}
- ret = 1;
+ // Output the SignerIdentifier.
+ if (si_data->use_key_id) {
+ const ASN1_OCTET_STRING *skid =
+ X509_get0_subject_key_id(si_data->sign_cert);
+ if (skid == nullptr) {
+ OPENSSL_PUT_ERROR(CMS, CMS_R_CERTIFICATE_HAS_NO_KEYID);
+ return 0;
+ }
+ // subjectKeyIdentifier is implicitly-tagged.
+ if (!CBB_add_asn1_element(&seq, CBS_ASN1_CONTEXT_SPECIFIC | 0,
+ ASN1_STRING_get0_data(skid),
+ ASN1_STRING_length(skid))) {
+ return 0;
+ }
+ } else {
+ if (!CBB_add_asn1(&seq, &child, CBS_ASN1_SEQUENCE) ||
+ !x509_marshal_name(&child, X509_get_subject_name(si_data->sign_cert)) ||
+ !asn1_marshal_integer(&child,
+ X509_get0_serialNumber(si_data->sign_cert),
+ /*tag=*/0)) {
+ return 0;
+ }
+ }
-out:
- OPENSSL_free(subject_bytes);
- OPENSSL_free(serial_bytes);
- return ret;
+ // Output the digest and signature algorithm. This cannot use X.509 signature
+ // algorithms because CMS incorrectly decomposes signature algorithms into a
+ // combination of digesting and "encrypting" the digest, then uses the plain
+ // rsaEncryption OID instead of the hash-specific RSA OIDs. For now, we only
+ // support RSA.
+ EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(si_data->sign_ctx->pctx);
+ if (EVP_PKEY_id(pkey) != EVP_PKEY_RSA) {
+ OPENSSL_PUT_ERROR(PKCS7, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return 0;
+ }
+ if (!EVP_marshal_digest_algorithm_no_params(
+ &seq, EVP_MD_CTX_get0_md(si_data->sign_ctx.get())) ||
+ !CBB_add_asn1(&seq, &signing_algo, CBS_ASN1_SEQUENCE) ||
+ !OBJ_nid2cbb(&signing_algo, NID_rsaEncryption) ||
+ !CBB_add_asn1(&signing_algo, &null, CBS_ASN1_NULL)) {
+ return 0;
+ }
+
+ // Output the signature.
+ uint8_t *ptr;
+ size_t sig_len;
+ if (!EVP_DigestSignFinal(si_data->sign_ctx.get(), nullptr, &sig_len) ||
+ !CBB_add_asn1(&seq, &signature, CBS_ASN1_OCTETSTRING) ||
+ !CBB_reserve(&signature, &ptr, sig_len) ||
+ !EVP_DigestSignFinal(si_data->sign_ctx.get(), ptr, &sig_len) ||
+ !CBB_did_write(&signature, sig_len) || //
+ !CBB_flush(out)) {
+ return 0;
+ }
+
+ return 1;
+}
+
+int pkcs7_add_external_signature(CBB *out, X509 *sign_cert, EVP_PKEY *key,
+ const EVP_MD *md, BIO *data, bool use_key_id) {
+ signer_info_data si_data;
+ si_data.use_key_id = use_key_id;
+ si_data.sign_cert = sign_cert;
+
+ // Set up the signature.
+ if (!EVP_DigestSignInit(si_data.sign_ctx.get(), nullptr, md, nullptr, key) ||
+ !digest_sign_update(si_data.sign_ctx.get(), data)) {
+ return 0;
+ }
+
+ // See RFC 5652, Section 5.1. When no certificates are present, the version
+ // comes from the highest SignerInfo version, which will be 3 (CMS) for a key
+ // ID, and 1 (CMS or PKCS#7) for issuer and serial.
+ uint64_t signed_data_version = use_key_id ? 3u : 1u;
+ return pkcs7_add_signed_data(
+ out, signed_data_version, write_signer_digest_algos,
+ /*cert_crl_cb=*/nullptr, write_signer_info, &si_data);
}
PKCS7 *PKCS7_sign(X509 *sign_cert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
BIO *data, int flags) {
- CBB cbb;
- if (!CBB_init(&cbb, 2048)) {
- return NULL;
+ bssl::ScopedCBB cbb;
+ if (!CBB_init(cbb.get(), 2048)) {
+ return nullptr;
}
- uint8_t *der = NULL;
- size_t len;
- PKCS7 *ret = NULL;
-
- if (sign_cert == NULL && pkey == NULL && flags == PKCS7_DETACHED) {
+ if (sign_cert == nullptr && pkey == nullptr && flags == PKCS7_DETACHED) {
// Caller just wants to bundle certificates.
- if (!PKCS7_bundle_certificates(&cbb, certs)) {
- goto out;
+ if (!PKCS7_bundle_certificates(cbb.get(), certs)) {
+ return nullptr;
}
- } else if (sign_cert != NULL && pkey != NULL && certs == NULL &&
- data != NULL &&
+ } else if (sign_cert != nullptr && pkey != nullptr && certs == nullptr &&
+ data != nullptr &&
flags == (PKCS7_NOATTR | PKCS7_BINARY | PKCS7_NOCERTS |
- PKCS7_DETACHED) &&
- EVP_PKEY_id(pkey) == NID_rsaEncryption) {
- // sign-file.c from the Linux kernel.
- const size_t signature_max_len = EVP_PKEY_size(pkey);
- struct signer_info_data si_data = {
- /*sign_cert=*/sign_cert,
- /*signature=*/
- reinterpret_cast<uint8_t *>(OPENSSL_malloc(signature_max_len)),
- /*signature_len=*/0,
- };
-
- if (!si_data.signature ||
- !sign_sha256(si_data.signature, &si_data.signature_len,
- signature_max_len, pkey, data) ||
- !pkcs7_add_signed_data(&cbb, write_sha256_ai, /*cert_crl_cb=*/NULL,
- write_signer_info, &si_data)) {
- OPENSSL_free(si_data.signature);
- goto out;
+ PKCS7_DETACHED)) {
+ // In OpenSSL, this API signs with some default hash. That default has been
+ // SHA-256 since 2015.
+ if (!pkcs7_add_external_signature(cbb.get(), sign_cert, pkey, EVP_sha256(),
+ data, /*use_key_id=*/false)) {
+ return nullptr;
}
- OPENSSL_free(si_data.signature);
} else {
OPENSSL_PUT_ERROR(PKCS7, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- goto out;
- }
-
- if (!CBB_finish(&cbb, &der, &len)) {
- goto out;
+ return nullptr;
}
CBS cbs;
- CBS_init(&cbs, der, len);
- ret = pkcs7_new(&cbs);
-
-out:
- CBB_cleanup(&cbb);
- OPENSSL_free(der);
- return ret;
+ CBS_init(&cbs, CBB_data(cbb.get()), CBB_len(cbb.get()));
+ return pkcs7_new(&cbs);
}
diff --git a/src/crypto/pkcs7/test/nss.p7c b/src/crypto/pkcs7/test/nss.p7c
new file mode 100644
index 0000000..1be5f1d
--- /dev/null
+++ b/src/crypto/pkcs7/test/nss.p7c
Binary files differ
diff --git a/src/crypto/pkcs7/test/openssl_crl.p7c b/src/crypto/pkcs7/test/openssl_crl.p7c
new file mode 100644
index 0000000..03c3c7f
--- /dev/null
+++ b/src/crypto/pkcs7/test/openssl_crl.p7c
Binary files differ
diff --git a/src/crypto/pkcs7/test/sign_cert.pem b/src/crypto/pkcs7/test/sign_cert.pem
new file mode 100644
index 0000000..09d0e33
--- /dev/null
+++ b/src/crypto/pkcs7/test/sign_cert.pem
@@ -0,0 +1,31 @@
+-----BEGIN CERTIFICATE-----
+MIIFazCCA1OgAwIBAgIURVkPzF/4dwy7419Qk75uhIuyf0EwDQYJKoZIhvcNAQEL
+BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
+GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMTA5MjExOTIyMTJaFw0yMjA5
+MjExOTIyMTJaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw
+HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQC1+MOn+BopcEVR4QMvjXdAxGkWFllXyQFDToL+qOiP
+RU1yN7C8KCtkbOAFttJIO4O/i0iZ7KqYbnmB6YUA/ONAcakocnrdoESgRJcVMeAx
+Dk/11OtMF5yIfeOOO/TUeVNmAUaT63gFbKy/adpqhzJtOv9BBl5VcYNGGSE+0wtb
+mjpmNsxunEQR1KLDc97fGYHeRfKoSyrCIEE8IaAEpKGR2Sku3v9Jwh7RpjupgiUA
+kH6pJk7VMZm5vl2wFjYvfysgjeN5ZtsxFDMaPYZStpxMxpNd5C9DsO2Ljp5NMpGf
+NGmG4ZqiaQg8z2cIM6ESmN1zDJdUh5IXed1fOxBZD/poUFH0wDRFWnvzlaPmjJEF
+rYLMK8svnE5nEQp9vu93ISFBx7cofs+niMaUXPEqaRSqruifN2M1it3kOf/8YZl1
+vurs+VtHD6nOJo6bd11+37aBidIB/BaWnzLrDmSTcPFa1tkTHwoLqc9+jThTq9jZ
+6w3lAMPpsoenyD19UmQB589+4kNp2SIO/TtzVQCGgQPXE2jDCl6G9aIPMkfvpPZK
+4THVil3WQRCFYnYdDO4HQXo2ZuC4RiqgY5ygfeoL+fa9k383lgxxAHQLS7xsbaVB
+40RmfdbdevgPYIwZNNO78ddRmMdSv6IknSW9gydGzY//btY+t1SWcBZWzn1Ewq8g
+2QIDAQABo1MwUTAdBgNVHQ4EFgQUotZD9ajEvnQYVezIWzcW4pzvMcUwHwYDVR0j
+BBgwFoAUotZD9ajEvnQYVezIWzcW4pzvMcUwDwYDVR0TAQH/BAUwAwEB/zANBgkq
+hkiG9w0BAQsFAAOCAgEAqCe42PIWoyLDx9bR+5cSp99N5xo5lLiSLtWx2emDbZB2
+AunqKYeEgIV+TWNF2w1SZ/ckFgV7SlL2Yl73N/veSNRfNAnpjLksGDFpdJb7YXrx
+cUvxdy1mr8oau6J7PC9JGjBTBrnhqwCQX1FtcAxODKll2Lsfuj6+bdC3rCK7KBEo
+ENamMJZIeo8lRP9qFF2xwCEzZjRv2zvB6O5o9045aTUcdCrwUfKE2sqY6EXRzFTC
+waK0HRCd1FLv9omhz/Ug5PMHP4d6MZfnAbFm+AzAhnpkrk/9TJYSOoNTNLWsuqhp
+dN0rKqiFWv1zIwfknXvTh1P1Ap+G5jffAca0zWUH1oKjE7ZZioSsaZ6gySnD8+WQ
+TPbOYtG+n0mhCH1TrU8Dqi3rd8g5IbC8loYLRH94QtodOnevD4Qo9Orfrsr8hGOW
+ABespanZArhoQ03DAtpNhtHm2NWJQF2uHNqcTrkq0omqZBTbMD1GKMBujoNooAUu
+w51U9r+RycPJTFqEGHb0nd7EjoyXEXtuX1Ld5fTZjQ9SszmQKQ8w3lHqRGNlkSiO
+e3IOOq2ruXmq1jykxpmi82IcTRUE8TZBfL/yz0nxpHKAYC1VwMezrkgZDGz4npxf
+1z2+qd58xU6/jsf7/+3xdPFubeEJujdbCkWQsQC5Rzm48zDWGq/pyzFji44K3TA=
+-----END CERTIFICATE-----
diff --git a/src/crypto/pkcs7/test/sign_key.pem b/src/crypto/pkcs7/test/sign_key.pem
new file mode 100644
index 0000000..97c6aaf
--- /dev/null
+++ b/src/crypto/pkcs7/test/sign_key.pem
@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQC1+MOn+BopcEVR
+4QMvjXdAxGkWFllXyQFDToL+qOiPRU1yN7C8KCtkbOAFttJIO4O/i0iZ7KqYbnmB
+6YUA/ONAcakocnrdoESgRJcVMeAxDk/11OtMF5yIfeOOO/TUeVNmAUaT63gFbKy/
+adpqhzJtOv9BBl5VcYNGGSE+0wtbmjpmNsxunEQR1KLDc97fGYHeRfKoSyrCIEE8
+IaAEpKGR2Sku3v9Jwh7RpjupgiUAkH6pJk7VMZm5vl2wFjYvfysgjeN5ZtsxFDMa
+PYZStpxMxpNd5C9DsO2Ljp5NMpGfNGmG4ZqiaQg8z2cIM6ESmN1zDJdUh5IXed1f
+OxBZD/poUFH0wDRFWnvzlaPmjJEFrYLMK8svnE5nEQp9vu93ISFBx7cofs+niMaU
+XPEqaRSqruifN2M1it3kOf/8YZl1vurs+VtHD6nOJo6bd11+37aBidIB/BaWnzLr
+DmSTcPFa1tkTHwoLqc9+jThTq9jZ6w3lAMPpsoenyD19UmQB589+4kNp2SIO/Ttz
+VQCGgQPXE2jDCl6G9aIPMkfvpPZK4THVil3WQRCFYnYdDO4HQXo2ZuC4RiqgY5yg
+feoL+fa9k383lgxxAHQLS7xsbaVB40RmfdbdevgPYIwZNNO78ddRmMdSv6IknSW9
+gydGzY//btY+t1SWcBZWzn1Ewq8g2QIDAQABAoICAFQ/liZAIaypxA5ChP0RG/Mq
+fBSzyC1ybFlDEjbg8LrUNST6T6LtXhmipp0+pWC33SljTPumrNzh2POir+djLbt6
+Y/zL88KEHwGsf95aNxe/Lpn8N+wEyn4O+rmxXIq6mTgSwyBc1jZ8uAXu9iZ37YrQ
+07jBQA+C/GoJ3HB/uTRx1TPZjxBu3Lz8m1auYLMd1hiYfd4Y3vT9hfZXAwTjS8KA
+riZ7K+p0K1yY/+pczNDUFTAvAjSGQEvUrP+HaRLYZ5ks1/IvArBYT8iIT5Yf4YFS
+NowzxwYp9fC02OmYzf7Nf0XpUXR7+EpfI66SaLJ5f51yaOXD1olz7F/YsprpYN7+
+oQd7EKar1bY3ROM6naUZtsIoEblg6B0mkyHWQgZ9wZRbcN7Zmuc/tIpLat7se+MP
+xQeAcH4Yhgnd2G6EELpmJBcyJ0Ss3atpI1eenU+ly++L4XbDQH9norKQ1PEDXYbV
+XMAV5uIsplBL7hGIa6/u/cRMM5eN3TJchtzIHFhq9+ENMvjTOfo0bflcYR+tNxGD
+6agWlD/Apedaapu/3Xp7ekyCiy/YTIwgT4U3rprYplzFM5HbzYtZ9ThxUm+CmnYj
+ZSCKiLoaQq+11/M9zH1Je0uJP5aK0CxOii2LVRXZYaQfbDtiHNWUSM7uPIZMnDgE
+IPTpl9CEfk7U3pgiUlg5AoIBAQDjUeikACPaRuewIjLqwTT2/j+ZO+/dCG4atFZa
+W+gdZ1NVDCdowQPBZWg6bqejRr1MvORg2L83kqZDQjaT9y59qxsFhXCy26xKp7aP
+Z4pEvUQmQnnf3RYHk3EBtOHyyMetTaghTGzL3MlPGo3uGbCiYtVoPKXZXGWeiOFN
+s9RNDh/7m6harB2bmX2cK+QPdJ1roVBXQDLkjh2mvLnC5vrsw81GWSkbWQpYmnVi
+YdLhytM+UTYjTrSugtrKk9e2KOFf2uR8PVaPeINEM4uubxW5YUy6gwF8ePtWYAtZ
+Skw3kdBdShhGzHORSY3NsRTJZL6AUdkhHYFTl/rlfj1WXsdnAoIBAQDM7i0u2T+E
+HmroTGiQAIRUEwUZQFDRkcEnM75jpkQT39jXF+zmhjzS1slJF2x0E0jUBV0juVWh
+mz1kHjTMV0j3/mvCeVv0iTcdIbHYRtTwmOjzkwTsZGh6T7okYck3KexRjpyhPpcX
+hOHOPJKS/muG0ZuaJjTEbJOzrSPU0rt0ppL7nOwd5jIOoGAciWiP17G1Lyyitrv4
+mKBK6mFQQWjAgEGy3jvBocbUo7Qo8Aucm6Y4eF1fUyC/X07RBzERHS4TuM+AQlDN
+T+LgTgcwTjE+Nzow2WMwCIbhVQqFRScuWqcJ6NQ6S/dV0R+aGJ90Ey+DtiZ9N9uV
+j0omAGvM8u2/AoIBADXF94FsIw8MfNw2itLrl2riJAtMmWYxC1K33EGNwi/KdHUG
+5f+qwQerxGcmK/O81STk/iVGwJ0VzMzWSfDgpRfHNSIuOcWln3EdkVsFBDlUiF2A
+ljH1q7NpFm9v6Y80HcAKQb52xLnI5boXrwFnBFi1hoQc7KKpb8R73sgxxQPhVoF/
+hejFFE/tlEAwRce+L0r5ovaw0hks4SjDNjI7z5nYi6ObjdTRUFg7WY9HUspk32m7
+blIV2Tn67GTFal7F9uJk9m3JWMOhn3OvudguoPX0ZWEtgll+iP4axDSAFd2DWcXn
+tCxzStdQjgHdZOxrL4FNW06xGxm6Nvi4zyuySfsCggEAOuIpC3ATBxRyZYMm/FGZ
+tEquyV2omz8FQA1nJFzu7MMCHHPcdzSVH4Pl3GGloQi1gW51H8GuMDxZ/H2NcDWY
+WuG49u1GFdKjinRXFKztnKBjNzHEVWRYfOSRuMh8N6SNKbYPnWlNos1k0IypFSGT
+pe5uhnF58gK8wgD67bkLce43B6NEWSb+tSMx2qFE8SfqAQSoD6zv//NjA4OrKJNS
+1RVFS279vpqMdib/qk+nFn3G2i0Dr1NEcpihHgCyAZff2Hze6pyjeQr+RrNE74VY
+MudNiiG8lV2t2+tClZ6ULoaPvpIvAP04+WiYav+uOX0VxwO8tXgqWSQOCzNNxlr7
+IwKCAQA7odNjE6Sc2qiecrOu13kEi3gT0heshIyZ0XhePrS1vgHfCouIRvNMw4FT
+45ZZUFDSdOxhrew5GuMeLvo2YILBjmkX3UqTojQMbur7FcGH8/P0Sm0f20Vc06oS
+sQF5Ji4LSyf6t9oQKePjFIGoIc6pf6BXJZYP4rBnzQzUQjH2yzDYDY3TuV7bFJJU
+DcSTGM6nP0fRMmgBtB14o7A6Gsy6X/N2ElgbvWT8YhmUC6H8DIzmZwHRKaG6C6g5
+eEjuAYenYNM4jxeteC1neUDIdGxH/BA7JrAqcGaN9GT+R47YIfiS2WrEssD1Pi5h
+hJTbHtjEDJ7BHLC/CNUhXbpyyu1y
+-----END PRIVATE KEY-----
diff --git a/src/crypto/pkcs7/test/sign_sha1.p7s b/src/crypto/pkcs7/test/sign_sha1.p7s
new file mode 100644
index 0000000..58438a0
--- /dev/null
+++ b/src/crypto/pkcs7/test/sign_sha1.p7s
Binary files differ
diff --git a/src/crypto/pkcs7/test/sign_sha1_key_id.p7s b/src/crypto/pkcs7/test/sign_sha1_key_id.p7s
new file mode 100644
index 0000000..e304a97
--- /dev/null
+++ b/src/crypto/pkcs7/test/sign_sha1_key_id.p7s
Binary files differ
diff --git a/src/crypto/pkcs7/test/sign_sha256.p7s b/src/crypto/pkcs7/test/sign_sha256.p7s
new file mode 100644
index 0000000..10a2c64
--- /dev/null
+++ b/src/crypto/pkcs7/test/sign_sha256.p7s
Binary files differ
diff --git a/src/crypto/pkcs7/test/sign_sha256_key_id.p7s b/src/crypto/pkcs7/test/sign_sha256_key_id.p7s
new file mode 100644
index 0000000..9cb8746
--- /dev/null
+++ b/src/crypto/pkcs7/test/sign_sha256_key_id.p7s
Binary files differ
diff --git a/src/crypto/pkcs7/test/windows.p7c b/src/crypto/pkcs7/test/windows.p7c
new file mode 100644
index 0000000..e602f95
--- /dev/null
+++ b/src/crypto/pkcs7/test/windows.p7c
Binary files differ
diff --git a/src/crypto/pkcs8/internal.h b/src/crypto/pkcs8/internal.h
index 0c72947..06f17a6 100644
--- a/src/crypto/pkcs8/internal.h
+++ b/src/crypto/pkcs8/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_PKCS8_INTERNAL_H
-#define OPENSSL_HEADER_PKCS8_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_PKCS8_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_PKCS8_INTERNAL_H
#include <openssl/base.h>
#include <openssl/stack.h>
@@ -51,11 +51,13 @@
size_t out_len, uint8_t *out, const EVP_MD *md);
// pkcs12_pbe_encrypt_init configures |ctx| for encrypting with a PBES1 scheme
-// defined in PKCS#12. It writes the corresponding AlgorithmIdentifier to |out|.
-int pkcs12_pbe_encrypt_init(CBB *out, EVP_CIPHER_CTX *ctx, int alg,
- uint32_t iterations, const char *pass,
- size_t pass_len, const uint8_t *salt,
- size_t salt_len);
+// defined in PKCS#12, or a PBES2 scheme defined in PKCS#5. The algorithm is
+// determined as in |PKCS8_encrypt|. It writes the corresponding
+// AlgorithmIdentifier to |out|.
+int pkcs12_pbe_encrypt_init(CBB *out, EVP_CIPHER_CTX *ctx, int alg_nid,
+ const EVP_CIPHER *alg_cipher, uint32_t iterations,
+ const char *pass, size_t pass_len,
+ const uint8_t *salt, size_t salt_len);
struct pbe_suite {
int pbe_nid;
@@ -74,6 +76,10 @@
#define PKCS5_SALT_LEN 8
+// pkcs5_pbe2_nid_to_cipher returns the |EVP_CIPHER| for |nid| if |nid| is
+// supported with PKCS#5 PBES2, and nullptr otherwise.
+const EVP_CIPHER *pkcs5_pbe2_nid_to_cipher(int nid);
+
int PKCS5_pbe2_decrypt_init(const struct pbe_suite *suite, EVP_CIPHER_CTX *ctx,
const char *pass, size_t pass_len, CBS *param);
@@ -94,4 +100,4 @@
} // extern C
#endif
-#endif // OPENSSL_HEADER_PKCS8_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_PKCS8_INTERNAL_H
diff --git a/src/crypto/pkcs8/p5_pbev2.cc b/src/crypto/pkcs8/p5_pbev2.cc
index bd0868b..bac897e 100644
--- a/src/crypto/pkcs8/p5_pbev2.cc
+++ b/src/crypto/pkcs8/p5_pbev2.cc
@@ -78,23 +78,20 @@
};
static const EVP_CIPHER *cbs_to_cipher(const CBS *cbs) {
- for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kCipherOIDs); i++) {
- if (CBS_mem_equal(cbs, kCipherOIDs[i].oid, kCipherOIDs[i].oid_len)) {
- return kCipherOIDs[i].cipher_func();
+ for (const auto &cipher : kCipherOIDs) {
+ if (CBS_mem_equal(cbs, cipher.oid, cipher.oid_len)) {
+ return cipher.cipher_func();
}
}
- return NULL;
+ return nullptr;
}
static int add_cipher_oid(CBB *out, int nid) {
- for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kCipherOIDs); i++) {
- if (kCipherOIDs[i].nid == nid) {
- CBB child;
- return CBB_add_asn1(out, &child, CBS_ASN1_OBJECT) &&
- CBB_add_bytes(&child, kCipherOIDs[i].oid,
- kCipherOIDs[i].oid_len) &&
- CBB_flush(out);
+ for (const auto &cipher : kCipherOIDs) {
+ if (cipher.nid == nid) {
+ return CBB_add_asn1_element(out, CBS_ASN1_OBJECT, cipher.oid,
+ cipher.oid_len);
}
}
@@ -102,6 +99,15 @@
return 0;
}
+const EVP_CIPHER *pkcs5_pbe2_nid_to_cipher(int nid) {
+ for (const auto &cipher : kCipherOIDs) {
+ if (cipher.nid == nid) {
+ return cipher.cipher_func();
+ }
+ }
+ return nullptr;
+}
+
static int pkcs5_pbe2_cipher_init(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
const EVP_MD *pbkdf2_md, uint32_t iterations,
const char *pass, size_t pass_len,
@@ -137,29 +143,27 @@
}
// See RFC 2898, appendix A.
- CBB algorithm, oid, param, kdf, kdf_oid, kdf_param, salt_cbb, cipher_cbb,
- iv_cbb;
+ CBB algorithm, param, kdf, kdf_param, cipher_cbb;
if (!CBB_add_asn1(out, &algorithm, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&algorithm, &oid, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&oid, kPBES2, sizeof(kPBES2)) ||
+ !CBB_add_asn1_element(&algorithm, CBS_ASN1_OBJECT, kPBES2,
+ sizeof(kPBES2)) ||
!CBB_add_asn1(&algorithm, ¶m, CBS_ASN1_SEQUENCE) ||
!CBB_add_asn1(¶m, &kdf, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&kdf, &kdf_oid, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&kdf_oid, kPBKDF2, sizeof(kPBKDF2)) ||
+ !CBB_add_asn1_element(&kdf, CBS_ASN1_OBJECT, kPBKDF2, sizeof(kPBKDF2)) ||
!CBB_add_asn1(&kdf, &kdf_param, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&kdf_param, &salt_cbb, CBS_ASN1_OCTETSTRING) ||
- !CBB_add_bytes(&salt_cbb, salt, salt_len) ||
+ !CBB_add_asn1_octet_string(&kdf_param, salt, salt_len) ||
!CBB_add_asn1_uint64(&kdf_param, iterations) ||
// Specify a key length for RC2.
(cipher_nid == NID_rc2_cbc &&
!CBB_add_asn1_uint64(&kdf_param, EVP_CIPHER_key_length(cipher))) ||
// Omit the PRF. We use the default hmacWithSHA1.
+ // TODO(crbug.com/396434682): Improve this defaults.
!CBB_add_asn1(¶m, &cipher_cbb, CBS_ASN1_SEQUENCE) ||
!add_cipher_oid(&cipher_cbb, cipher_nid) ||
// RFC 2898 says RC2-CBC and RC5-CBC-Pad use a SEQUENCE with version and
// IV, but OpenSSL always uses an OCTET STRING IV, so we do the same.
- !CBB_add_asn1(&cipher_cbb, &iv_cbb, CBS_ASN1_OCTETSTRING) ||
- !CBB_add_bytes(&iv_cbb, iv, EVP_CIPHER_iv_length(cipher)) ||
+ !CBB_add_asn1_octet_string(&cipher_cbb, iv,
+ EVP_CIPHER_iv_length(cipher)) ||
!CBB_flush(out)) {
return 0;
}
diff --git a/src/crypto/pkcs8/pkcs12_test.cc b/src/crypto/pkcs8/pkcs12_test.cc
index e8d2c1b..eb1899f 100644
--- a/src/crypto/pkcs8/pkcs12_test.cc
+++ b/src/crypto/pkcs8/pkcs12_test.cc
@@ -135,10 +135,6 @@
}
TEST(PKCS12Test, TestEmptyPassword) {
-#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
- return; // The MAC check always passes in fuzzer mode.
-#endif
-
// Generated with
// openssl pkcs12 -export -inkey ecdsa_p256_key.pem -in ecdsa_p256_cert.pem -password pass:
std::string data = GetTestData("crypto/pkcs8/test/empty_password.p12");
@@ -164,10 +160,6 @@
}
TEST(PKCS12Test, TestNullPassword) {
-#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
- return; // The MAC check always passes in fuzzer mode.
-#endif
-
// Generated with
// openssl pkcs12 -export -inkey ecdsa_p256_key.pem -in ecdsa_p256_cert.pem -password pass:
// But with OpenSSL patched to pass NULL into PKCS12_create and
@@ -424,6 +416,31 @@
{kTestCert2}, NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
NID_pbe_WithSHA1And3_Key_TripleDES_CBC, 100, 100);
+ // PBES2 ciphers.
+ TestRoundTrip(kPassword, nullptr /* no name */, kTestKey, kTestCert,
+ {kTestCert2}, NID_rc2_cbc, NID_rc2_cbc, 100, 100);
+ TestRoundTrip(kPassword, nullptr /* no name */, kTestKey, kTestCert,
+ {kTestCert2}, NID_des_ede3_cbc, NID_des_ede3_cbc, 100, 100);
+ TestRoundTrip(kPassword, nullptr /* no name */, kTestKey, kTestCert,
+ {kTestCert2}, NID_aes_128_cbc, NID_aes_128_cbc, 100, 100);
+ TestRoundTrip(kPassword, nullptr /* no name */, kTestKey, kTestCert,
+ {kTestCert2}, NID_aes_192_cbc, NID_aes_192_cbc, 100, 100);
+ TestRoundTrip(kPassword, nullptr /* no name */, kTestKey, kTestCert,
+ {kTestCert2}, NID_aes_256_cbc, NID_aes_256_cbc, 100, 100);
+
+ // Mix and match.
+ TestRoundTrip(kPassword, nullptr /* no name */, kTestKey, kTestCert,
+ {kTestCert2}, NID_pbe_WithSHA1And40BitRC2_CBC,
+ NID_pbe_WithSHA1And3_Key_TripleDES_CBC, 100, 100);
+ TestRoundTrip(kPassword, nullptr /* no name */, kTestKey, kTestCert,
+ {kTestCert2}, NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
+ NID_aes_256_cbc, 100, 100);
+ TestRoundTrip(kPassword, nullptr /* no name */, kTestKey, kTestCert,
+ {kTestCert2}, NID_aes_256_cbc,
+ NID_pbe_WithSHA1And3_Key_TripleDES_CBC, 100, 100);
+ TestRoundTrip(kPassword, nullptr /* no name */, kTestKey, kTestCert,
+ {kTestCert2}, NID_aes_128_cbc, NID_aes_256_cbc, 100, 100);
+
// Test unencrypted and partially unencrypted PKCS#12 files.
TestRoundTrip(kPassword, /*name=*/nullptr, kTestKey, kTestCert, {kTestCert2},
/*key_nid=*/-1,
diff --git a/src/crypto/pkcs8/pkcs8.cc b/src/crypto/pkcs8/pkcs8.cc
index 525b7ea..4b5609d 100644
--- a/src/crypto/pkcs8/pkcs8.cc
+++ b/src/crypto/pkcs8/pkcs8.cc
@@ -33,8 +33,8 @@
static int pkcs12_encode_password(const char *in, size_t in_len, uint8_t **out,
size_t *out_len) {
- CBB cbb;
- if (!CBB_init(&cbb, in_len * 2)) {
+ bssl::ScopedCBB cbb;
+ if (!CBB_init(cbb.get(), in_len * 2)) {
return 0;
}
@@ -44,22 +44,18 @@
CBS_init(&cbs, (const uint8_t *)in, in_len);
while (CBS_len(&cbs) != 0) {
uint32_t c;
- if (!CBS_get_utf8(&cbs, &c) || !CBB_add_ucs2_be(&cbb, c)) {
+ if (!CBS_get_utf8(&cbs, &c) || !CBB_add_ucs2_be(cbb.get(), c)) {
OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_INVALID_CHARACTERS);
- goto err;
+ return 0;
}
}
// Terminate the result with a UCS-2 NUL.
- if (!CBB_add_ucs2_be(&cbb, 0) || !CBB_finish(&cbb, out, out_len)) {
- goto err;
+ if (!CBB_add_ucs2_be(cbb.get(), 0) || !CBB_finish(cbb.get(), out, out_len)) {
+ return 0;
}
return 1;
-
-err:
- CBB_cleanup(&cbb);
- return 0;
}
int pkcs12_key_gen(const char *pass, size_t pass_len, const uint8_t *salt,
@@ -286,24 +282,32 @@
return NULL;
}
-int pkcs12_pbe_encrypt_init(CBB *out, EVP_CIPHER_CTX *ctx, int alg,
- uint32_t iterations, const char *pass,
- size_t pass_len, const uint8_t *salt,
- size_t salt_len) {
- const struct pbe_suite *suite = get_pkcs12_pbe_suite(alg);
+int pkcs12_pbe_encrypt_init(CBB *out, EVP_CIPHER_CTX *ctx, int alg_nid,
+ const EVP_CIPHER *alg_cipher, uint32_t iterations,
+ const char *pass, size_t pass_len,
+ const uint8_t *salt, size_t salt_len) {
+ // TODO(davidben): OpenSSL has since extended |pbe_nid| to control either
+ // the PBES1 scheme or the PBES2 PRF. E.g. passing |NID_hmacWithSHA256| will
+ // select PBES2 with HMAC-SHA256 as the PRF. Implement this if anything uses
+ // it. See 5693a30813a031d3921a016a870420e7eb93ec90 in OpenSSL.
+ if (alg_nid == -1) {
+ return PKCS5_pbe2_encrypt_init(out, ctx, alg_cipher, iterations, pass,
+ pass_len, salt, salt_len);
+ }
+
+ const struct pbe_suite *suite = get_pkcs12_pbe_suite(alg_nid);
if (suite == NULL) {
OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_ALGORITHM);
return 0;
}
// See RFC 2898, appendix A.3.
- CBB algorithm, oid, param, salt_cbb;
+ CBB algorithm, param;
if (!CBB_add_asn1(out, &algorithm, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&algorithm, &oid, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&oid, suite->oid, suite->oid_len) ||
+ !CBB_add_asn1_element(&algorithm, CBS_ASN1_OBJECT, suite->oid,
+ suite->oid_len) ||
!CBB_add_asn1(&algorithm, ¶m, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(¶m, &salt_cbb, CBS_ASN1_OCTETSTRING) ||
- !CBB_add_bytes(&salt_cbb, salt, salt_len) ||
+ !CBB_add_asn1_octet_string(¶m, salt, salt_len) ||
!CBB_add_asn1_uint64(¶m, iterations) || !CBB_flush(out)) {
return 0;
}
@@ -317,9 +321,7 @@
size_t in_len) {
int ret = 0;
uint8_t *buf = NULL;
- ;
- EVP_CIPHER_CTX ctx;
- EVP_CIPHER_CTX_init(&ctx);
+ bssl::ScopedEVP_CIPHER_CTX ctx;
CBS obj;
const struct pbe_suite *suite = NULL;
@@ -339,7 +341,7 @@
goto err;
}
- if (!suite->decrypt_init(suite, &ctx, pass, pass_len, algorithm)) {
+ if (!suite->decrypt_init(suite, ctx.get(), pass, pass_len, algorithm)) {
OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_KEYGEN_FAILURE);
goto err;
}
@@ -355,8 +357,8 @@
}
int n1, n2;
- if (!EVP_DecryptUpdate(&ctx, buf, &n1, in, (int)in_len) ||
- !EVP_DecryptFinal_ex(&ctx, buf + n1, &n2)) {
+ if (!EVP_DecryptUpdate(ctx.get(), buf, &n1, in, (int)in_len) ||
+ !EVP_DecryptFinal_ex(ctx.get(), buf + n1, &n2)) {
goto err;
}
@@ -367,7 +369,6 @@
err:
OPENSSL_free(buf);
- EVP_CIPHER_CTX_cleanup(&ctx);
return ret;
}
@@ -405,8 +406,7 @@
int ret = 0;
uint8_t *plaintext = NULL, *salt_buf = NULL;
size_t plaintext_len = 0;
- EVP_CIPHER_CTX ctx;
- EVP_CIPHER_CTX_init(&ctx);
+ bssl::ScopedEVP_CIPHER_CTX ctx;
{
// Generate a random salt if necessary.
@@ -437,29 +437,14 @@
}
CBB epki;
- if (!CBB_add_asn1(out, &epki, CBS_ASN1_SEQUENCE)) {
+ if (!CBB_add_asn1(out, &epki, CBS_ASN1_SEQUENCE) ||
+ !pkcs12_pbe_encrypt_init(&epki, ctx.get(), pbe_nid, cipher,
+ (uint32_t)iterations, pass, pass_len, salt,
+ salt_len)) {
goto err;
}
- // TODO(davidben): OpenSSL has since extended |pbe_nid| to control either
- // the PBES1 scheme or the PBES2 PRF. E.g. passing |NID_hmacWithSHA256| will
- // select PBES2 with HMAC-SHA256 as the PRF. Implement this if anything uses
- // it. See 5693a30813a031d3921a016a870420e7eb93ec90 in OpenSSL.
- int alg_ok;
- if (pbe_nid == -1) {
- alg_ok =
- PKCS5_pbe2_encrypt_init(&epki, &ctx, cipher, (uint32_t)iterations,
- pass, pass_len, salt, salt_len);
- } else {
- alg_ok =
- pkcs12_pbe_encrypt_init(&epki, &ctx, pbe_nid, (uint32_t)iterations,
- pass, pass_len, salt, salt_len);
- }
- if (!alg_ok) {
- goto err;
- }
-
- size_t max_out = plaintext_len + EVP_CIPHER_CTX_block_size(&ctx);
+ size_t max_out = plaintext_len + EVP_CIPHER_CTX_block_size(ctx.get());
if (max_out < plaintext_len) {
OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_TOO_LONG);
goto err;
@@ -470,8 +455,8 @@
int n1, n2;
if (!CBB_add_asn1(&epki, &ciphertext, CBS_ASN1_OCTETSTRING) ||
!CBB_reserve(&ciphertext, &ptr, max_out) ||
- !EVP_CipherUpdate(&ctx, ptr, &n1, plaintext, plaintext_len) ||
- !EVP_CipherFinal_ex(&ctx, ptr + n1, &n2) ||
+ !EVP_CipherUpdate(ctx.get(), ptr, &n1, plaintext, plaintext_len) ||
+ !EVP_CipherFinal_ex(ctx.get(), ptr + n1, &n2) ||
!CBB_did_write(&ciphertext, n1 + n2) || !CBB_flush(out)) {
goto err;
}
@@ -482,6 +467,5 @@
err:
OPENSSL_free(plaintext);
OPENSSL_free(salt_buf);
- EVP_CIPHER_CTX_cleanup(&ctx);
return ret;
}
diff --git a/src/crypto/pkcs8/pkcs8_x509.cc b/src/crypto/pkcs8/pkcs8_x509.cc
index 1e20e76..c5abc75 100644
--- a/src/crypto/pkcs8/pkcs8_x509.cc
+++ b/src/crypto/pkcs8/pkcs8_x509.cc
@@ -36,7 +36,7 @@
int pkcs12_iterations_acceptable(uint64_t iterations) {
-#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
+#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
static const uint64_t kIterationsLimit = 2048;
#else
// Windows imposes a limit of 600K. Mozilla say: “so them increasing
@@ -528,9 +528,9 @@
}
*out_mac_ok = CBS_mem_equal(expected_mac, hmac, hmac_len);
-#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
- *out_mac_ok = 1;
-#endif
+ if (CRYPTO_fuzzer_mode_enabled()) {
+ *out_mac_ok = 1;
+ }
ret = 1;
err:
@@ -904,15 +904,15 @@
return 1; // Omit the OPTIONAL SET.
}
// See https://tools.ietf.org/html/rfc7292#section-4.2.
- CBB attrs, attr, oid, values, value;
+ CBB attrs, attr, values, value;
if (!CBB_add_asn1(bag, &attrs, CBS_ASN1_SET)) {
return 0;
}
if (name_len != 0) {
// See https://tools.ietf.org/html/rfc2985, section 5.5.1.
if (!CBB_add_asn1(&attrs, &attr, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&attr, &oid, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&oid, kFriendlyName, sizeof(kFriendlyName)) ||
+ !CBB_add_asn1_element(&attr, CBS_ASN1_OBJECT, kFriendlyName,
+ sizeof(kFriendlyName)) ||
!CBB_add_asn1(&attr, &values, CBS_ASN1_SET) ||
!CBB_add_asn1(&values, &value, CBS_ASN1_BMPSTRING)) {
return 0;
@@ -931,11 +931,10 @@
if (key_id_len != 0) {
// See https://tools.ietf.org/html/rfc2985, section 5.5.2.
if (!CBB_add_asn1(&attrs, &attr, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&attr, &oid, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&oid, kLocalKeyID, sizeof(kLocalKeyID)) ||
+ !CBB_add_asn1_element(&attr, CBS_ASN1_OBJECT, kLocalKeyID,
+ sizeof(kLocalKeyID)) ||
!CBB_add_asn1(&attr, &values, CBS_ASN1_SET) ||
- !CBB_add_asn1(&values, &value, CBS_ASN1_OCTETSTRING) ||
- !CBB_add_bytes(&value, key_id, key_id_len)) {
+ !CBB_add_asn1_octet_string(&values, key_id, key_id_len)) {
return 0;
}
}
@@ -944,17 +943,17 @@
static int add_cert_bag(CBB *cbb, X509 *cert, const char *name,
const uint8_t *key_id, size_t key_id_len) {
- CBB bag, bag_oid, bag_contents, cert_bag, cert_type, wrapped_cert, cert_value;
+ CBB bag, bag_contents, cert_bag, wrapped_cert, cert_value;
if ( // See https://tools.ietf.org/html/rfc7292#section-4.2.
!CBB_add_asn1(cbb, &bag, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&bag, &bag_oid, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&bag_oid, kCertBag, sizeof(kCertBag)) ||
+ !CBB_add_asn1_element(&bag, CBS_ASN1_OBJECT, kCertBag,
+ sizeof(kCertBag)) ||
!CBB_add_asn1(&bag, &bag_contents,
CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 0) ||
// See https://tools.ietf.org/html/rfc7292#section-4.2.3.
!CBB_add_asn1(&bag_contents, &cert_bag, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&cert_bag, &cert_type, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&cert_type, kX509Certificate, sizeof(kX509Certificate)) ||
+ !CBB_add_asn1_element(&cert_bag, CBS_ASN1_OBJECT, kX509Certificate,
+ sizeof(kX509Certificate)) ||
!CBB_add_asn1(&cert_bag, &wrapped_cert,
CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 0) ||
!CBB_add_asn1(&wrapped_cert, &cert_value, CBS_ASN1_OCTETSTRING)) {
@@ -1005,23 +1004,26 @@
return CBB_flush(cbb);
}
-static int add_encrypted_data(CBB *out, int pbe_nid, const char *password,
- size_t password_len, uint32_t iterations,
- const uint8_t *in, size_t in_len) {
+// add_encrypted_data encrypts |in| with |pbe_nid| and |pbe_cipher|, writing the
+// result to |out|. It returns one on success and zero on error. |pbe_nid| and
+// |pbe_cipher| are interpreted as in |PKCS8_encrypt|.
+static int add_encrypted_data(CBB *out, int pbe_nid,
+ const EVP_CIPHER *pbe_cipher,
+ const char *password, size_t password_len,
+ uint32_t iterations, const uint8_t *in,
+ size_t in_len) {
uint8_t salt[PKCS5_SALT_LEN];
if (!RAND_bytes(salt, sizeof(salt))) {
return 0;
}
- int ret = 0;
- EVP_CIPHER_CTX ctx;
- EVP_CIPHER_CTX_init(&ctx);
- CBB content_info, type, wrapper, encrypted_data, encrypted_content_info,
- inner_type, encrypted_content;
+ bssl::ScopedEVP_CIPHER_CTX ctx;
+ CBB content_info, wrapper, encrypted_data, encrypted_content_info,
+ encrypted_content;
if ( // Add the ContentInfo wrapping.
!CBB_add_asn1(out, &content_info, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&content_info, &type, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&type, kPKCS7EncryptedData, sizeof(kPKCS7EncryptedData)) ||
+ !CBB_add_asn1_element(&content_info, CBS_ASN1_OBJECT, kPKCS7EncryptedData,
+ sizeof(kPKCS7EncryptedData)) ||
!CBB_add_asn1(&content_info, &wrapper,
CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 0) ||
// See https://tools.ietf.org/html/rfc2315#section-13.
@@ -1030,47 +1032,42 @@
// See https://tools.ietf.org/html/rfc2315#section-10.1.
!CBB_add_asn1(&encrypted_data, &encrypted_content_info,
CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&encrypted_content_info, &inner_type, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&inner_type, kPKCS7Data, sizeof(kPKCS7Data)) ||
+ !CBB_add_asn1_element(&encrypted_content_info, CBS_ASN1_OBJECT,
+ kPKCS7Data, sizeof(kPKCS7Data)) ||
// Set up encryption and fill in contentEncryptionAlgorithm.
- !pkcs12_pbe_encrypt_init(&encrypted_content_info, &ctx, pbe_nid,
- iterations, password, password_len, salt,
- sizeof(salt)) ||
+ !pkcs12_pbe_encrypt_init(&encrypted_content_info, ctx.get(), pbe_nid,
+ pbe_cipher, iterations, password, password_len,
+ salt, sizeof(salt)) ||
// Note this tag is primitive. It is an implicitly-tagged OCTET_STRING, so
// it inherits the inner tag's constructed bit.
!CBB_add_asn1(&encrypted_content_info, &encrypted_content,
CBS_ASN1_CONTEXT_SPECIFIC | 0)) {
- goto err;
+ return 0;
}
- {
- size_t max_out = in_len + EVP_CIPHER_CTX_block_size(&ctx);
- if (max_out < in_len) {
- OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_TOO_LONG);
- goto err;
- }
-
- uint8_t *ptr;
- int n1, n2;
- if (!CBB_reserve(&encrypted_content, &ptr, max_out) ||
- !EVP_CipherUpdate(&ctx, ptr, &n1, in, in_len) ||
- !EVP_CipherFinal_ex(&ctx, ptr + n1, &n2) ||
- !CBB_did_write(&encrypted_content, n1 + n2) || !CBB_flush(out)) {
- goto err;
- }
+ size_t max_out = in_len + EVP_CIPHER_CTX_block_size(ctx.get());
+ if (max_out < in_len) {
+ OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_TOO_LONG);
+ return 0;
}
- ret = 1;
+ uint8_t *ptr;
+ int n1, n2;
+ if (!CBB_reserve(&encrypted_content, &ptr, max_out) ||
+ !EVP_CipherUpdate(ctx.get(), ptr, &n1, in, in_len) ||
+ !EVP_CipherFinal_ex(ctx.get(), ptr + n1, &n2) ||
+ !CBB_did_write(&encrypted_content, n1 + n2) || !CBB_flush(out)) {
+ return 0;
+ }
-err:
- EVP_CIPHER_CTX_cleanup(&ctx);
- return ret;
+ return 1;
}
PKCS12 *PKCS12_create(const char *password, const char *name,
const EVP_PKEY *pkey, X509 *cert,
const STACK_OF(X509) *chain, int key_nid, int cert_nid,
int iterations, int mac_iterations, int key_type) {
+ // TODO(crbug.com/396434682): Improve these defaults.
if (key_nid == 0) {
key_nid = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
}
@@ -1145,15 +1142,14 @@
// See https://tools.ietf.org/html/rfc7292#section-4.
PKCS12 *ret = NULL;
- CBB cbb, pfx, auth_safe, auth_safe_oid, auth_safe_wrapper, auth_safe_data,
- content_infos;
+ CBB cbb, pfx, auth_safe, auth_safe_wrapper, auth_safe_data, content_infos;
uint8_t mac_key[EVP_MAX_MD_SIZE];
if (!CBB_init(&cbb, 0) || !CBB_add_asn1(&cbb, &pfx, CBS_ASN1_SEQUENCE) ||
!CBB_add_asn1_uint64(&pfx, 3) ||
// auth_safe is a data ContentInfo.
!CBB_add_asn1(&pfx, &auth_safe, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&auth_safe, &auth_safe_oid, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&auth_safe_oid, kPKCS7Data, sizeof(kPKCS7Data)) ||
+ !CBB_add_asn1_element(&auth_safe, CBS_ASN1_OBJECT, kPKCS7Data,
+ sizeof(kPKCS7Data)) ||
!CBB_add_asn1(&auth_safe, &auth_safe_wrapper,
CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 0) ||
!CBB_add_asn1(&auth_safe_wrapper, &auth_safe_data,
@@ -1173,10 +1169,10 @@
// OpenSSL does not do this. We keep them separate for consistency. (Keys,
// even when encrypted, are always placed in unencrypted ContentInfos.
// PKCS#12 defines bag-level encryption for keys.)
- CBB content_info, oid, wrapper, data;
+ CBB content_info, wrapper, data;
if (!CBB_add_asn1(&content_infos, &content_info, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&content_info, &oid, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&oid, kPKCS7Data, sizeof(kPKCS7Data)) ||
+ !CBB_add_asn1_element(&content_info, CBS_ASN1_OBJECT, kPKCS7Data,
+ sizeof(kPKCS7Data)) ||
!CBB_add_asn1(&content_info, &wrapper,
CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 0) ||
!CBB_add_asn1(&wrapper, &data, CBS_ASN1_OCTETSTRING) ||
@@ -1186,13 +1182,21 @@
goto err;
}
} else {
+ // This function differs from other OpenSSL functions in how PBES1 and
+ // PBES2 schemes are selected. If the NID matches a cipher, treat this as
+ // PBES2 instead. Convert to the other convention.
+ const EVP_CIPHER *cipher = pkcs5_pbe2_nid_to_cipher(cert_nid);
+ if (cipher != nullptr) {
+ cert_nid = -1;
+ }
CBB plaintext_cbb;
- int ok = CBB_init(&plaintext_cbb, 0) &&
- add_cert_safe_contents(&plaintext_cbb, cert, chain, name, key_id,
- key_id_len) &&
- add_encrypted_data(
- &content_infos, cert_nid, password, password_len, iterations,
- CBB_data(&plaintext_cbb), CBB_len(&plaintext_cbb));
+ int ok =
+ CBB_init(&plaintext_cbb, 0) &&
+ add_cert_safe_contents(&plaintext_cbb, cert, chain, name, key_id,
+ key_id_len) &&
+ add_encrypted_data(&content_infos, cert_nid, cipher, password,
+ password_len, iterations, CBB_data(&plaintext_cbb),
+ CBB_len(&plaintext_cbb));
CBB_cleanup(&plaintext_cbb);
if (!ok) {
goto err;
@@ -1205,35 +1209,41 @@
// inside an encrypted ContentInfo, but OpenSSL does not do this and some
// PKCS#12 consumers do not support KeyBags.)
if (pkey != NULL) {
- CBB content_info, oid, wrapper, data, safe_contents, bag, bag_oid,
- bag_contents;
+ CBB content_info, wrapper, data, safe_contents, bag, bag_contents;
if ( // Add another data ContentInfo.
!CBB_add_asn1(&content_infos, &content_info, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&content_info, &oid, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&oid, kPKCS7Data, sizeof(kPKCS7Data)) ||
+ !CBB_add_asn1_element(&content_info, CBS_ASN1_OBJECT, kPKCS7Data,
+ sizeof(kPKCS7Data)) ||
!CBB_add_asn1(&content_info, &wrapper,
CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 0) ||
!CBB_add_asn1(&wrapper, &data, CBS_ASN1_OCTETSTRING) ||
!CBB_add_asn1(&data, &safe_contents, CBS_ASN1_SEQUENCE) ||
// Add a SafeBag containing a PKCS8ShroudedKeyBag.
- !CBB_add_asn1(&safe_contents, &bag, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&bag, &bag_oid, CBS_ASN1_OBJECT)) {
+ !CBB_add_asn1(&safe_contents, &bag, CBS_ASN1_SEQUENCE)) {
goto err;
}
if (key_nid < 0) {
- if (!CBB_add_bytes(&bag_oid, kKeyBag, sizeof(kKeyBag)) ||
+ if (!CBB_add_asn1_element(&bag, CBS_ASN1_OBJECT, kKeyBag,
+ sizeof(kKeyBag)) ||
!CBB_add_asn1(&bag, &bag_contents,
CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 0) ||
!EVP_marshal_private_key(&bag_contents, pkey)) {
goto err;
}
} else {
- if (!CBB_add_bytes(&bag_oid, kPKCS8ShroudedKeyBag,
- sizeof(kPKCS8ShroudedKeyBag)) ||
+ // This function differs from other OpenSSL functions in how PBES1 and
+ // PBES2 schemes are selected. If the NID matches a cipher, treat this as
+ // PBES2 instead. Convert to the other convention.
+ const EVP_CIPHER *cipher = pkcs5_pbe2_nid_to_cipher(key_nid);
+ if (cipher != nullptr) {
+ key_nid = -1;
+ }
+ if (!CBB_add_asn1_element(&bag, CBS_ASN1_OBJECT, kPKCS8ShroudedKeyBag,
+ sizeof(kPKCS8ShroudedKeyBag)) ||
!CBB_add_asn1(&bag, &bag_contents,
CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 0) ||
!PKCS8_marshal_encrypted_private_key(
- &bag_contents, key_nid, NULL, password, password_len,
+ &bag_contents, key_nid, cipher, password, password_len,
NULL /* generate a random salt */,
0 /* use default salt length */, iterations, pkey)) {
goto err;
@@ -1266,14 +1276,22 @@
goto err;
}
- CBB mac_data, digest_info, mac_cbb, mac_salt_cbb;
+ CBB mac_data, digest_info;
if (!CBB_add_asn1(&pfx, &mac_data, CBS_ASN1_SEQUENCE) ||
!CBB_add_asn1(&mac_data, &digest_info, CBS_ASN1_SEQUENCE) ||
+ // OpenSSL and NSS always include a NULL parameter with the digest
+ // algorithm. Windows does not. RFC 7292 imports DigestInfo from PKCS
+ // #7. PKCS #7 does not actually use DigestInfo. It just describes
+ // RSASSA-PKCS1-v1_5 signing as encoding a DigestInfo and then
+ // "encrypting" it with the private key. In that context, NULL should be
+ // included. Confusingly, there is also a digestAlgorithm field in
+ // SignerInfo. There, RFC 5754 says to omit the NULL. But that field
+ // does not use DigestInfo per se.
+ //
+ // We match OpenSSL, NSS, and RSASSA-PKCS1-v1_5 in including the NULL.
!EVP_marshal_digest_algorithm(&digest_info, mac_md) ||
- !CBB_add_asn1(&digest_info, &mac_cbb, CBS_ASN1_OCTETSTRING) ||
- !CBB_add_bytes(&mac_cbb, mac, mac_len) ||
- !CBB_add_asn1(&mac_data, &mac_salt_cbb, CBS_ASN1_OCTETSTRING) ||
- !CBB_add_bytes(&mac_salt_cbb, mac_salt, sizeof(mac_salt)) ||
+ !CBB_add_asn1_octet_string(&digest_info, mac, mac_len) ||
+ !CBB_add_asn1_octet_string(&mac_data, mac_salt, sizeof(mac_salt)) ||
// The iteration count has a DEFAULT of 1, but RFC 7292 says "The
// default is for historical reasons and its use is deprecated." Thus we
// explicitly encode the iteration count, though it is not valid DER.
diff --git a/src/crypto/poly1305/internal.h b/src/crypto/poly1305/internal.h
index 0ef2a9c..3447b4f 100644
--- a/src/crypto/poly1305/internal.h
+++ b/src/crypto/poly1305/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_POLY1305_INTERNAL_H
-#define OPENSSL_HEADER_POLY1305_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_POLY1305_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_POLY1305_INTERNAL_H
#include <openssl/base.h>
#include <openssl/poly1305.h>
@@ -38,4 +38,4 @@
} // extern C
#endif
-#endif // OPENSSL_HEADER_POLY1305_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_POLY1305_INTERNAL_H
diff --git a/src/crypto/pool/internal.h b/src/crypto/pool/internal.h
index bb119b1..2533fc9 100644
--- a/src/crypto/pool/internal.h
+++ b/src/crypto/pool/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_POOL_INTERNAL_H
-#define OPENSSL_HEADER_POOL_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_POOL_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_POOL_INTERNAL_H
#include <openssl/lhash.h>
#include <openssl/thread.h>
@@ -48,4 +48,4 @@
} // extern C
#endif
-#endif // OPENSSL_HEADER_POOL_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_POOL_INTERNAL_H
diff --git a/src/crypto/rand/deterministic.cc b/src/crypto/rand/deterministic.cc
index ab9bcf1..ca97d95 100644
--- a/src/crypto/rand/deterministic.cc
+++ b/src/crypto/rand/deterministic.cc
@@ -15,7 +15,7 @@
#include <openssl/rand.h>
#include "../bcm_support.h"
-#include "sysrand_internal.h"
+#include "internal.h"
#if defined(OPENSSL_RAND_DETERMINISTIC)
diff --git a/src/crypto/rand/fork_detect.cc b/src/crypto/rand/fork_detect.cc
index d7e482b..6870c20 100644
--- a/src/crypto/rand/fork_detect.cc
+++ b/src/crypto/rand/fork_detect.cc
@@ -17,6 +17,8 @@
#endif
#include "../bcm_support.h"
+#include "../internal.h"
+#include "internal.h"
#if defined(OPENSSL_FORK_DETECTION_MADVISE)
#include <assert.h>
@@ -34,8 +36,6 @@
#include <unistd.h>
#endif // OPENSSL_FORK_DETECTION_PTHREAD_ATFORK
-#include "../internal.h"
-
#if defined(OPENSSL_FORK_DETECTION_MADVISE)
static int g_force_madv_wipeonfork;
static int g_force_madv_wipeonfork_enabled;
diff --git a/src/crypto/rand/getentropy.cc b/src/crypto/rand/getentropy.cc
index 1bbb3f9..64cb3e9 100644
--- a/src/crypto/rand/getentropy.cc
+++ b/src/crypto/rand/getentropy.cc
@@ -19,7 +19,7 @@
#include <openssl/rand.h>
#include "../bcm_support.h"
-#include "sysrand_internal.h"
+#include "internal.h"
#if defined(OPENSSL_RAND_GETENTROPY)
diff --git a/src/crypto/rand/internal.h b/src/crypto/rand/internal.h
new file mode 100644
index 0000000..9ed080f
--- /dev/null
+++ b/src/crypto/rand/internal.h
@@ -0,0 +1,55 @@
+// Copyright 2024 The BoringSSL Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef OPENSSL_HEADER_CRYPTO_RAND_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_RAND_INTERNAL_H
+
+#include <openssl/base.h>
+
+#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
+#define OPENSSL_RAND_DETERMINISTIC
+#elif defined(OPENSSL_TRUSTY)
+#define OPENSSL_RAND_TRUSTY
+#elif defined(OPENSSL_WINDOWS)
+#define OPENSSL_RAND_WINDOWS
+#elif defined(OPENSSL_LINUX)
+#define OPENSSL_RAND_URANDOM
+#elif defined(OPENSSL_APPLE) && !defined(OPENSSL_MACOS)
+// Unlike macOS, iOS and similar hide away getentropy().
+#define OPENSSL_RAND_IOS
+#else
+// By default if you are integrating BoringSSL we expect you to
+// provide getentropy from the <unistd.h> header file.
+#define OPENSSL_RAND_GETENTROPY
+#endif
+
+#if defined(OPENSSL_LINUX)
+// On linux we use MADVISE instead of pthread_atfork(), due
+// to concerns about clone() being used for address space
+// duplication.
+#define OPENSSL_FORK_DETECTION
+#define OPENSSL_FORK_DETECTION_MADVISE
+#elif defined(OPENSSL_MACOS) || defined(OPENSSL_IOS) || \
+ defined(OPENSSL_OPENBSD) || defined(OPENSSL_FREEBSD)
+// These platforms may detect address space duplication with pthread_atfork.
+// iOS doesn't normally allow fork in apps, but it's there.
+#define OPENSSL_FORK_DETECTION
+#define OPENSSL_FORK_DETECTION_PTHREAD_ATFORK
+#elif defined(OPENSSL_WINDOWS) || defined(OPENSSL_TRUSTY) || \
+ defined(__ZEPHYR__) || defined(CROS_EC)
+// These platforms do not fork.
+#define OPENSSL_DOES_NOT_FORK
+#endif
+
+#endif // OPENSSL_HEADER_CRYPTO_RAND_INTERNAL_H
diff --git a/src/crypto/rand/ios.cc b/src/crypto/rand/ios.cc
index be13f1b..dd418df 100644
--- a/src/crypto/rand/ios.cc
+++ b/src/crypto/rand/ios.cc
@@ -15,7 +15,7 @@
#include <openssl/rand.h>
#include "../bcm_support.h"
-#include "sysrand_internal.h"
+#include "internal.h"
#if defined(OPENSSL_RAND_IOS)
#include <stdlib.h>
diff --git a/src/crypto/rand/rand_test.cc b/src/crypto/rand/rand_test.cc
index b15b335..901ab49 100644
--- a/src/crypto/rand/rand_test.cc
+++ b/src/crypto/rand/rand_test.cc
@@ -55,7 +55,8 @@
}
#if !defined(OPENSSL_WINDOWS) && !defined(OPENSSL_IOS) && \
- !defined(OPENSSL_FUCHSIA) && !defined(BORINGSSL_UNSAFE_DETERMINISTIC_MODE)
+ !defined(OPENSSL_FUCHSIA) && \
+ !defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
static bool ForkAndRand(bssl::Span<uint8_t> out, bool fork_unsafe_buffering) {
int pipefds[2];
if (pipe(pipefds) < 0) {
@@ -162,7 +163,7 @@
}
}
#endif // !OPENSSL_WINDOWS && !OPENSSL_IOS &&
- // !OPENSSL_FUCHSIA && !BORINGSSL_UNSAFE_DETERMINISTIC_MODE
+ // !OPENSSL_FUCHSIA && !FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
#if defined(OPENSSL_THREADS)
static void RunConcurrentRands(size_t num_threads) {
diff --git a/src/crypto/rand/sysrand_internal.h b/src/crypto/rand/sysrand_internal.h
deleted file mode 100644
index 90931a2..0000000
--- a/src/crypto/rand/sysrand_internal.h
+++ /dev/null
@@ -1,37 +0,0 @@
-// Copyright 2024 The BoringSSL Authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// https://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-#ifndef OPENSSL_HEADER_CRYPTO_SYSRAND_INTERNAL_H
-#define OPENSSL_HEADER_CRYPTO_SYSRAND_INTERNAL_H
-
-#include <openssl/base.h>
-
-#if defined(BORINGSSL_UNSAFE_DETERMINISTIC_MODE)
-#define OPENSSL_RAND_DETERMINISTIC
-#elif defined(OPENSSL_TRUSTY)
-#define OPENSSL_RAND_TRUSTY
-#elif defined(OPENSSL_WINDOWS)
-#define OPENSSL_RAND_WINDOWS
-#elif defined(OPENSSL_LINUX)
-#define OPENSSL_RAND_URANDOM
-#elif defined(OPENSSL_APPLE) && !defined(OPENSSL_MACOS)
-// Unlike macOS, iOS and similar hide away getentropy().
-#define OPENSSL_RAND_IOS
-#else
-// By default if you are integrating BoringSSL we expect you to
-// provide getentropy from the <unistd.h> header file.
-#define OPENSSL_RAND_GETENTROPY
-#endif
-
-#endif // OPENSSL_HEADER_CRYPTO__SYSRAND_INTERNAL_H
diff --git a/src/crypto/rand/trusty.cc b/src/crypto/rand/trusty.cc
index 9ddf024..a2b23ae 100644
--- a/src/crypto/rand/trusty.cc
+++ b/src/crypto/rand/trusty.cc
@@ -15,7 +15,7 @@
#include <openssl/rand.h>
#include "../bcm_support.h"
-#include "sysrand_internal.h"
+#include "internal.h"
#if defined(OPENSSL_RAND_TRUSTY)
#include <stdint.h>
diff --git a/src/crypto/rand/urandom.cc b/src/crypto/rand/urandom.cc
index ce862b5..1d9062f 100644
--- a/src/crypto/rand/urandom.cc
+++ b/src/crypto/rand/urandom.cc
@@ -19,7 +19,7 @@
#include <openssl/rand.h>
#include "../bcm_support.h"
-#include "sysrand_internal.h"
+#include "internal.h"
#if defined(OPENSSL_RAND_URANDOM)
diff --git a/src/crypto/rand/windows.cc b/src/crypto/rand/windows.cc
index 884d789..59df467 100644
--- a/src/crypto/rand/windows.cc
+++ b/src/crypto/rand/windows.cc
@@ -16,15 +16,13 @@
#include "../bcm_support.h"
#include "../internal.h"
-#include "sysrand_internal.h"
+#include "internal.h"
#if defined(OPENSSL_RAND_WINDOWS)
#include <limits.h>
#include <stdlib.h>
-OPENSSL_MSVC_PRAGMA(warning(push, 3))
-
#include <windows.h>
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP) && \
@@ -33,8 +31,6 @@
OPENSSL_MSVC_PRAGMA(comment(lib, "bcrypt.lib"))
#endif // WINAPI_PARTITION_APP && !WINAPI_PARTITION_DESKTOP
-OPENSSL_MSVC_PRAGMA(warning(pop))
-
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP) && \
!WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
diff --git a/src/crypto/rsa/internal.h b/src/crypto/rsa/internal.h
index 4e88afd..21552bf 100644
--- a/src/crypto/rsa/internal.h
+++ b/src/crypto/rsa/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_RSA_EXTRA_INTERNAL_H
-#define OPENSSL_HEADER_RSA_EXTRA_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_RSA_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_RSA_INTERNAL_H
#include <openssl/base.h>
@@ -33,4 +33,4 @@
} // extern C
#endif
-#endif // OPENSSL_HEADER_RSA_EXTRA_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_RSA_INTERNAL_H
diff --git a/src/crypto/rsa/rsa_crypt.cc b/src/crypto/rsa/rsa_crypt.cc
index acf207e..ce4ae7d 100644
--- a/src/crypto/rsa/rsa_crypt.cc
+++ b/src/crypto/rsa/rsa_crypt.cc
@@ -349,25 +349,21 @@
}
const unsigned rsa_size = RSA_size(rsa);
- BIGNUM *f, *result;
- uint8_t *buf = NULL;
- BN_CTX *ctx = NULL;
- int i, ret = 0;
-
if (max_out < rsa_size) {
OPENSSL_PUT_ERROR(RSA, RSA_R_OUTPUT_BUFFER_TOO_SMALL);
return 0;
}
- ctx = BN_CTX_new();
- if (ctx == NULL) {
- goto err;
+ bssl::UniquePtr<BN_CTX> ctx(BN_CTX_new());
+ if (ctx == nullptr) {
+ return 0;
}
- BN_CTX_start(ctx);
- f = BN_CTX_get(ctx);
- result = BN_CTX_get(ctx);
- buf = reinterpret_cast<uint8_t *>(OPENSSL_malloc(rsa_size));
+ bssl::BN_CTXScope scope(ctx.get());
+ BIGNUM *f = BN_CTX_get(ctx.get());
+ BIGNUM *result = BN_CTX_get(ctx.get());
+ uint8_t *buf = reinterpret_cast<uint8_t *>(OPENSSL_malloc(rsa_size));
+ int i, ret = 0;
if (!f || !result || !buf) {
goto err;
}
@@ -378,8 +374,8 @@
break;
case RSA_PKCS1_OAEP_PADDING:
// Use the default parameters: SHA-1 for both hashes and no label.
- i = RSA_padding_add_PKCS1_OAEP_mgf1(buf, rsa_size, in, in_len, NULL, 0,
- NULL, NULL);
+ i = RSA_padding_add_PKCS1_OAEP_mgf1(buf, rsa_size, in, in_len, nullptr, 0,
+ nullptr, nullptr);
break;
case RSA_NO_PADDING:
i = RSA_padding_add_none(buf, rsa_size, in, in_len);
@@ -393,7 +389,7 @@
goto err;
}
- if (BN_bin2bn(buf, rsa_size, f) == NULL) {
+ if (BN_bin2bn(buf, rsa_size, f) == nullptr) {
goto err;
}
@@ -403,8 +399,9 @@
goto err;
}
- if (!BN_MONT_CTX_set_locked(&rsa->mont_n, &rsa->lock, rsa->n, ctx) ||
- !BN_mod_exp_mont(result, f, rsa->e, &rsa->mont_n->N, ctx, rsa->mont_n)) {
+ if (!BN_MONT_CTX_set_locked(&rsa->mont_n, &rsa->lock, rsa->n, ctx.get()) ||
+ !BN_mod_exp_mont(result, f, rsa->e, &rsa->mont_n->N, ctx.get(),
+ rsa->mont_n)) {
goto err;
}
@@ -419,12 +416,7 @@
ret = 1;
err:
- if (ctx != NULL) {
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
OPENSSL_free(buf);
-
return ret;
}
diff --git a/src/crypto/slhdsa/slhdsa_test.cc b/src/crypto/slhdsa/slhdsa_test.cc
index aabebd8..c00a2f9 100644
--- a/src/crypto/slhdsa/slhdsa_test.cc
+++ b/src/crypto/slhdsa/slhdsa_test.cc
@@ -220,4 +220,15 @@
NISTPrehashSignatureVerificationFileTest);
}
+TEST(SLHDSATest, Self) { boringssl_self_test_slhdsa(); }
+
+TEST(SLHDSATest, NullptrArgumentsToCreate) {
+ // For FIPS reasons, this should fail rather than crash.
+ ASSERT_EQ(BCM_slhdsa_sha2_128s_generate_key_fips(nullptr, nullptr),
+ bcm_status::failure);
+ ASSERT_EQ(BCM_slhdsa_sha2_128s_generate_key_from_seed_fips(nullptr, nullptr,
+ nullptr),
+ bcm_status::failure);
+}
+
} // namespace
diff --git a/src/crypto/spake2plus/internal.h b/src/crypto/spake2plus/internal.h
index 49a8a28..c5c99cd 100644
--- a/src/crypto/spake2plus/internal.h
+++ b/src/crypto/spake2plus/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_SPAKE2PLUS_INTERNAL_H
-#define OPENSSL_HEADER_SPAKE2PLUS_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_SPAKE2PLUS_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_SPAKE2PLUS_INTERNAL_H
#include <openssl/base.h>
@@ -201,4 +201,4 @@
BSSL_NAMESPACE_END
-#endif // OPENSSL_HEADER_SPAKE2PLUS_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_SPAKE2PLUS_INTERNAL_H
diff --git a/src/crypto/test/abi_test.cc b/src/crypto/test/abi_test.cc
index e37b675..2c300f4 100644
--- a/src/crypto/test/abi_test.cc
+++ b/src/crypto/test/abi_test.cc
@@ -40,10 +40,8 @@
#include <unistd.h>
#elif defined(OPENSSL_WINDOWS)
#define SUPPORTS_UNWIND_TEST
-OPENSSL_MSVC_PRAGMA(warning(push, 3))
#include <windows.h>
#include <dbghelp.h>
-OPENSSL_MSVC_PRAGMA(warning(pop))
#endif
#endif // X86_64 && SUPPORTS_ABI_TEST
diff --git a/src/crypto/test/abi_test.h b/src/crypto/test/abi_test.h
index bb5ae94..ad65c57 100644
--- a/src/crypto/test/abi_test.h
+++ b/src/crypto/test/abi_test.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_ABI_TEST_H
-#define OPENSSL_HEADER_ABI_TEST_H
+#ifndef OPENSSL_HEADER_CRYPTO_TEST_ABI_TEST_H
+#define OPENSSL_HEADER_CRYPTO_TEST_ABI_TEST_H
#include <gtest/gtest.h>
@@ -479,4 +479,4 @@
#endif // SUPPORTS_ABI_TEST
-#endif // OPENSSL_HEADER_ABI_TEST_H
+#endif // OPENSSL_HEADER_CRYPTO_TEST_ABI_TEST_H
diff --git a/src/crypto/test/file_test.h b/src/crypto/test/file_test.h
index b35056f..4cd22db 100644
--- a/src/crypto/test/file_test.h
+++ b/src/crypto/test/file_test.h
@@ -19,9 +19,6 @@
#include <stdint.h>
-OPENSSL_MSVC_PRAGMA(warning(push))
-OPENSSL_MSVC_PRAGMA(warning(disable : 4702))
-
#include <functional>
#include <map>
#include <memory>
@@ -29,8 +26,6 @@
#include <string>
#include <vector>
-OPENSSL_MSVC_PRAGMA(warning(pop))
-
// File-based test framework.
//
// This module provides a file-based test framework. The file format is based on
diff --git a/src/crypto/test/file_util.cc b/src/crypto/test/file_util.cc
index 6a9c0ba..20d53f9 100644
--- a/src/crypto/test/file_util.cc
+++ b/src/crypto/test/file_util.cc
@@ -17,9 +17,7 @@
#include <stdlib.h>
#if defined(OPENSSL_WINDOWS)
-OPENSSL_MSVC_PRAGMA(warning(push, 3))
#include <windows.h>
-OPENSSL_MSVC_PRAGMA(warning(pop))
#else
#include <fcntl.h>
#include <sys/stat.h>
diff --git a/src/crypto/test/gtest_main.h b/src/crypto/test/gtest_main.h
index fee5fe3..8cb2900 100644
--- a/src/crypto/test/gtest_main.h
+++ b/src/crypto/test/gtest_main.h
@@ -24,9 +24,7 @@
#include <openssl/err.h>
#if defined(OPENSSL_WINDOWS)
-OPENSSL_MSVC_PRAGMA(warning(push, 3))
#include <winsock2.h>
-OPENSSL_MSVC_PRAGMA(warning(pop))
#else
#include <signal.h>
#endif
diff --git a/src/crypto/thread_win.cc b/src/crypto/thread_win.cc
index e50fc62..4e22c47 100644
--- a/src/crypto/thread_win.cc
+++ b/src/crypto/thread_win.cc
@@ -18,9 +18,7 @@
#if defined(OPENSSL_WINDOWS_THREADS)
-OPENSSL_MSVC_PRAGMA(warning(push, 3))
#include <windows.h>
-OPENSSL_MSVC_PRAGMA(warning(pop))
#include <assert.h>
#include <stdlib.h>
diff --git a/src/crypto/trust_token/internal.h b/src/crypto/trust_token/internal.h
index 308a8e8..208e9c3 100644
--- a/src/crypto/trust_token/internal.h
+++ b/src/crypto/trust_token/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_TRUST_TOKEN_INTERNAL_H
-#define OPENSSL_HEADER_TRUST_TOKEN_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_TRUST_TOKEN_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_TRUST_TOKEN_INTERNAL_H
#include <openssl/base.h>
#include <openssl/ec.h>
@@ -409,4 +409,4 @@
} // extern C++
#endif
-#endif // OPENSSL_HEADER_TRUST_TOKEN_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_TRUST_TOKEN_INTERNAL_H
diff --git a/src/crypto/x509/a_sign.cc b/src/crypto/x509/a_sign.cc
index a790cbf..018a31b 100644
--- a/src/crypto/x509/a_sign.cc
+++ b/src/crypto/x509/a_sign.cc
@@ -31,13 +31,11 @@
OPENSSL_PUT_ERROR(ASN1, ASN1_R_WRONG_TYPE);
return 0;
}
- EVP_MD_CTX ctx;
- EVP_MD_CTX_init(&ctx);
- if (!EVP_DigestSignInit(&ctx, NULL, type, NULL, pkey)) {
- EVP_MD_CTX_cleanup(&ctx);
+ bssl::ScopedEVP_MD_CTX ctx;
+ if (!EVP_DigestSignInit(ctx.get(), nullptr, type, nullptr, pkey)) {
return 0;
}
- return ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, &ctx);
+ return ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, ctx.get());
}
int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
diff --git a/src/crypto/x509/asn1_gen.cc b/src/crypto/x509/asn1_gen.cc
index 6b9769f..9b6bf17 100644
--- a/src/crypto/x509/asn1_gen.cc
+++ b/src/crypto/x509/asn1_gen.cc
@@ -58,27 +58,23 @@
static int bitstr_cb(const char *elem, size_t len, void *bitstr);
ASN1_TYPE *ASN1_generate_v3(const char *str, const X509V3_CTX *cnf) {
- CBB cbb;
- if (!CBB_init(&cbb, 0) || //
- !generate_v3(&cbb, str, cnf, /*tag=*/0, ASN1_GEN_FORMAT_ASCII,
+ bssl::ScopedCBB cbb;
+ if (!CBB_init(cbb.get(), 0) || //
+ !generate_v3(cbb.get(), str, cnf, /*tag=*/0, ASN1_GEN_FORMAT_ASCII,
/*depth=*/0)) {
- CBB_cleanup(&cbb);
- return NULL;
+ return nullptr;
}
// While not strictly necessary to avoid a DoS (we rely on any super-linear
// checks being performed internally), cap the overall output to
// |ASN1_GEN_MAX_OUTPUT| so the externally-visible behavior is consistent.
- if (CBB_len(&cbb) > ASN1_GEN_MAX_OUTPUT) {
+ if (CBB_len(cbb.get()) > ASN1_GEN_MAX_OUTPUT) {
OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG);
- CBB_cleanup(&cbb);
- return NULL;
+ return nullptr;
}
- const uint8_t *der = CBB_data(&cbb);
- ASN1_TYPE *ret = d2i_ASN1_TYPE(NULL, &der, CBB_len(&cbb));
- CBB_cleanup(&cbb);
- return ret;
+ const uint8_t *der = CBB_data(cbb.get());
+ return d2i_ASN1_TYPE(nullptr, &der, CBB_len(cbb.get()));
}
static int cbs_str_equal(const CBS *cbs, const char *str) {
diff --git a/src/crypto/x509/internal.h b/src/crypto/x509/internal.h
index 7e92c1f..1fab446 100644
--- a/src/crypto/x509/internal.h
+++ b/src/crypto/x509/internal.h
@@ -12,8 +12,8 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_X509_INTERNAL_H
-#define OPENSSL_HEADER_X509_INTERNAL_H
+#ifndef OPENSSL_HEADER_CRYPTO_X509_INTERNAL_H
+#define OPENSSL_HEADER_CRYPTO_X509_INTERNAL_H
#include <openssl/base.h>
#include <openssl/evp.h>
@@ -547,9 +547,21 @@
// TODO(https://crbug.com/boringssl/695): Remove this.
int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname);
+// x509_marshal_name marshals |in| as a DER-encoded, X.509 Name and writes the
+// result to |out|. It returns one on success and zero on error.
+//
+// TODO(https://crbug.com/boringssl/407): This function should be const and
+// thread-safe but is currently neither in some cases, notably if |in| was
+// mutated.
+int x509_marshal_name(CBB *out, X509_NAME *in);
+
+// x509_marshal_algorithm marshals |in| as a DER-encoded, AlgorithmIdentifier
+// and writes the result to |out|. It returns one on success and zero on error.
+int x509_marshal_algorithm(CBB *out, const X509_ALGOR *in);
+
#if defined(__cplusplus)
} // extern C
#endif
-#endif // OPENSSL_HEADER_X509_INTERNAL_H
+#endif // OPENSSL_HEADER_CRYPTO_X509_INTERNAL_H
diff --git a/src/crypto/x509/v3_conf.cc b/src/crypto/x509/v3_conf.cc
index 8b755d3..f48c128 100644
--- a/src/crypto/x509/v3_conf.cc
+++ b/src/crypto/x509/v3_conf.cc
@@ -226,49 +226,41 @@
static X509_EXTENSION *v3_generic_extension(const char *ext, const char *value,
int crit, int gen_type,
const X509V3_CTX *ctx) {
- unsigned char *ext_der = NULL;
- size_t ext_len = 0;
- ASN1_OBJECT *obj = NULL;
- ASN1_OCTET_STRING *oct = NULL;
- X509_EXTENSION *extension = NULL;
- if (!(obj = OBJ_txt2obj(ext, 0))) {
+ bssl::UniquePtr<ASN1_OBJECT> obj(OBJ_txt2obj(ext, 0));
+ if (obj == nullptr) {
OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXTENSION_NAME_ERROR);
ERR_add_error_data(2, "name=", ext);
- goto err;
+ return nullptr;
}
+ bssl::UniquePtr<unsigned char> ext_der;
+ size_t ext_len = 0;
if (gen_type == 1) {
- ext_der = x509v3_hex_to_bytes(value, &ext_len);
+ ext_der.reset(x509v3_hex_to_bytes(value, &ext_len));
} else if (gen_type == 2) {
- ext_der = generic_asn1(value, ctx, &ext_len);
+ ext_der.reset(generic_asn1(value, ctx, &ext_len));
}
- if (ext_der == NULL) {
+ if (ext_der == nullptr) {
OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXTENSION_VALUE_ERROR);
ERR_add_error_data(2, "value=", value);
- goto err;
+ return nullptr;
}
if (ext_len > INT_MAX) {
OPENSSL_PUT_ERROR(X509V3, ERR_R_OVERFLOW);
- goto err;
+ return nullptr;
}
- oct = ASN1_OCTET_STRING_new();
- if (oct == NULL) {
- goto err;
+ bssl::UniquePtr<ASN1_OCTET_STRING> oct(ASN1_OCTET_STRING_new());
+ if (oct == nullptr) {
+ return nullptr;
}
- ASN1_STRING_set0(oct, ext_der, (int)ext_len);
- ext_der = NULL;
+ ASN1_STRING_set0(oct.get(), ext_der.get(), (int)ext_len);
+ ext_der.release(); // ASN1_STRING_set0 took ownership.
- extension = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct);
-
-err:
- ASN1_OBJECT_free(obj);
- ASN1_OCTET_STRING_free(oct);
- OPENSSL_free(ext_der);
- return extension;
+ return X509_EXTENSION_create_by_OBJ(nullptr, obj.get(), crit, oct.get());
}
static unsigned char *generic_asn1(const char *value, const X509V3_CTX *ctx,
diff --git a/src/crypto/x509/v3_info.cc b/src/crypto/x509/v3_info.cc
index 5e149aa..4f6c69d 100644
--- a/src/crypto/x509/v3_info.cc
+++ b/src/crypto/x509/v3_info.cc
@@ -122,43 +122,40 @@
static void *v2i_AUTHORITY_INFO_ACCESS(const X509V3_EXT_METHOD *method,
const X509V3_CTX *ctx,
const STACK_OF(CONF_VALUE) *nval) {
- AUTHORITY_INFO_ACCESS *ainfo = NULL;
- ACCESS_DESCRIPTION *acc;
- if (!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) {
- return NULL;
+ bssl::UniquePtr<AUTHORITY_INFO_ACCESS> ainfo(sk_ACCESS_DESCRIPTION_new_null());
+ if (ainfo == nullptr) {
+ return nullptr;
}
for (size_t i = 0; i < sk_CONF_VALUE_num(nval); i++) {
const CONF_VALUE *cnf = sk_CONF_VALUE_value(nval, i);
- if (!(acc = ACCESS_DESCRIPTION_new()) ||
- !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) {
- goto err;
+ bssl::UniquePtr<ACCESS_DESCRIPTION> acc(ACCESS_DESCRIPTION_new());
+ if (acc == nullptr) {
+ return nullptr;
}
char *ptmp = strchr(cnf->name, ';');
if (!ptmp) {
OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_SYNTAX);
- goto err;
+ return nullptr;
}
CONF_VALUE ctmp;
ctmp.name = ptmp + 1;
ctmp.value = cnf->value;
if (!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0)) {
- goto err;
+ return nullptr;
}
- char *objtmp = OPENSSL_strndup(cnf->name, ptmp - cnf->name);
- if (objtmp == NULL) {
- goto err;
+ bssl::UniquePtr<char> objtmp(OPENSSL_strndup(cnf->name, ptmp - cnf->name));
+ if (objtmp == nullptr) {
+ return nullptr;
}
- acc->method = OBJ_txt2obj(objtmp, 0);
+ acc->method = OBJ_txt2obj(objtmp.get(), 0);
if (!acc->method) {
OPENSSL_PUT_ERROR(X509V3, X509V3_R_BAD_OBJECT);
- ERR_add_error_data(2, "value=", objtmp);
- OPENSSL_free(objtmp);
- goto err;
+ ERR_add_error_data(2, "value=", objtmp.get());
+ return nullptr;
}
- OPENSSL_free(objtmp);
+ if (!bssl::PushToStack(ainfo.get(), std::move(acc))) {
+ return nullptr;
+ }
}
- return ainfo;
-err:
- sk_ACCESS_DESCRIPTION_pop_free(ainfo, ACCESS_DESCRIPTION_free);
- return NULL;
+ return ainfo.release();
}
diff --git a/src/crypto/x509/x509_test.cc b/src/crypto/x509/x509_test.cc
index 2008957..aa96a28 100644
--- a/src/crypto/x509/x509_test.cc
+++ b/src/crypto/x509/x509_test.cc
@@ -17,6 +17,7 @@
#include <algorithm>
#include <functional>
#include <string>
+#include <string_view>
#include <vector>
#include <gtest/gtest.h>
@@ -6463,6 +6464,31 @@
{"policyMappings", "invalid_oid:2.2.2.2", nullptr, {}},
{"policyMappings", "1.1.1.1:invalid_oid", nullptr, {}},
+ // authorityInfoAccess is a comma-separated list of
+ // accessMethod;accessLocation tuples, where the latter specifies a
+ // GeneralName.
+ {"authorityInfoAccess",
+ "caIssuers;URI:http://example.com/1, "
+ "caIssuers;URI:http://example.com/2, OCSP;URI:http://example.com/3, "
+ "OCSP;DNS:non-uri-does-not-make-sense-but-is-allowed.test",
+ nullptr,
+ {0x30, 0x81, 0xb3, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01,
+ 0x01, 0x04, 0x81, 0xa6, 0x30, 0x81, 0xa3, 0x30, 0x20, 0x06, 0x08, 0x2b,
+ 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x02, 0x86, 0x14, 0x68, 0x74, 0x74,
+ 0x70, 0x3a, 0x2f, 0x2f, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x2e,
+ 0x63, 0x6f, 0x6d, 0x2f, 0x31, 0x30, 0x20, 0x06, 0x08, 0x2b, 0x06, 0x01,
+ 0x05, 0x05, 0x07, 0x30, 0x02, 0x86, 0x14, 0x68, 0x74, 0x74, 0x70, 0x3a,
+ 0x2f, 0x2f, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
+ 0x6d, 0x2f, 0x32, 0x30, 0x20, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05,
+ 0x07, 0x30, 0x01, 0x86, 0x14, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f,
+ 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x2f,
+ 0x33, 0x30, 0x3b, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30,
+ 0x01, 0x82, 0x2f, 0x6e, 0x6f, 0x6e, 0x2d, 0x75, 0x72, 0x69, 0x2d, 0x64,
+ 0x6f, 0x65, 0x73, 0x2d, 0x6e, 0x6f, 0x74, 0x2d, 0x6d, 0x61, 0x6b, 0x65,
+ 0x2d, 0x73, 0x65, 0x6e, 0x73, 0x65, 0x2d, 0x62, 0x75, 0x74, 0x2d, 0x69,
+ 0x73, 0x2d, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x2e, 0x74, 0x65,
+ 0x73, 0x74}},
+
// The "DER:" prefix just specifies an arbitrary byte string. Colons
// separators are ignored.
{kTestOID, "DER:0001020304", nullptr, {0x30, 0x15, 0x06, 0x0c, 0x2a, 0x86,
@@ -7126,20 +7152,16 @@
static const char kOIDText[] = "1.2.840.113554.4.1.72585.0";
auto encode_single_attribute_name =
- [](CBS_ASN1_TAG tag,
- const std::string &contents) -> std::vector<uint8_t> {
+ [](CBS_ASN1_TAG tag, std::string_view contents) -> std::vector<uint8_t> {
+ auto bytes = bssl::StringAsBytes(contents);
bssl::ScopedCBB cbb;
- CBB seq, rdn, attr, attr_type, attr_value;
+ CBB seq, rdn, attr;
if (!CBB_init(cbb.get(), 128) ||
!CBB_add_asn1(cbb.get(), &seq, CBS_ASN1_SEQUENCE) ||
!CBB_add_asn1(&seq, &rdn, CBS_ASN1_SET) ||
!CBB_add_asn1(&rdn, &attr, CBS_ASN1_SEQUENCE) ||
- !CBB_add_asn1(&attr, &attr_type, CBS_ASN1_OBJECT) ||
- !CBB_add_bytes(&attr_type, kOID, sizeof(kOID)) ||
- !CBB_add_asn1(&attr, &attr_value, tag) ||
- !CBB_add_bytes(&attr_value,
- reinterpret_cast<const uint8_t *>(contents.data()),
- contents.size()) ||
+ !CBB_add_asn1_element(&attr, CBS_ASN1_OBJECT, kOID, sizeof(kOID)) ||
+ !CBB_add_asn1_element(&attr, tag, bytes.data(), bytes.size()) ||
!CBB_flush(cbb.get())) {
ADD_FAILURE() << "Could not encode name";
return {};
@@ -7165,35 +7187,52 @@
V_ASN1_UNIVERSALSTRING, std::string("\0\0\0a", 4)},
{CBS_ASN1_BMPSTRING, std::string("\0a", 2), V_ASN1_BMPSTRING,
std::string("\0a", 2)},
+ {CBS_ASN1_OCTETSTRING, "abc", V_ASN1_OCTET_STRING, "abc"},
+ {CBS_ASN1_UTCTIME, "700101000000Z", V_ASN1_UTCTIME, "700101000000Z"},
+ {CBS_ASN1_GENERALIZEDTIME, "19700101000000Z", V_ASN1_GENERALIZEDTIME,
+ "19700101000000Z"},
// ENUMERATED is supported but, currently, INTEGER is not.
+ {CBS_ASN1_INTEGER, "\x01", V_ASN1_INTEGER, "\x01"},
{CBS_ASN1_ENUMERATED, "\x01", V_ASN1_ENUMERATED, "\x01"},
// Test negative values. These are interesting because, when encoding, the
// ASN.1 type must be determined from the string type, but the string type
// has an extra |V_ASN1_NEG| bit.
+ {CBS_ASN1_INTEGER, "\xff", V_ASN1_NEG_INTEGER, "\x01"},
{CBS_ASN1_ENUMERATED, "\xff", V_ASN1_NEG_ENUMERATED, "\x01"},
- // SEQUENCE is supported but, currently, SET is not. Note the
- // |ASN1_STRING| representation will include the tag and length.
+ // SEQUENCE and SET use their |ASN1_STRING| representation, which includes
+ // the tag and length.
{CBS_ASN1_SEQUENCE, "", V_ASN1_SEQUENCE, std::string("\x30\x00", 2)},
+ {CBS_ASN1_SET, "", V_ASN1_SET, std::string("\x31\x00", 2)},
- // These types are not actually supported by the library but,
- // historically, we would parse them, and not other unsupported types, due
- // to quirks of |ASN1_tag2bit|.
- {7, "", V_ASN1_OBJECT_DESCRIPTOR, ""},
- {8, "", V_ASN1_EXTERNAL, ""},
- {9, "", V_ASN1_REAL, ""},
- {11, "", 11 /* EMBEDDED PDV */, ""},
- {13, "", 13 /* RELATIVE-OID */, ""},
- {14, "", 14 /* TIME */, ""},
- {15, "", 15 /* not a type; reserved value */, ""},
- {29, "", 29 /* CHARACTER STRING */, ""},
+ // NULL, BOOLEAN, and OBJECT IDENTIFIER use non-|ASN1_STRING|
+ // representations, so they are represented with |V_ASN1_OTHER|.
+ {CBS_ASN1_NULL, "", V_ASN1_OTHER, std::string("\x05\x00", 2)},
+ {CBS_ASN1_BOOLEAN, std::string("\x00", 1), V_ASN1_OTHER,
+ std::string("\x01\x01\x00", 3)},
+ {CBS_ASN1_BOOLEAN, "\xff", V_ASN1_OTHER, "\x01\x01\xff"},
+ {CBS_ASN1_OBJECT, "\x01\x02\x03\x04", V_ASN1_OTHER,
+ "\x06\x04\x01\x02\x03\x04"},
- // TODO(crbug.com/boringssl/412): Attribute values are an ANY DEFINED BY
- // type, so we actually shoudl be accepting all ASN.1 types. We currently
- // do not and only accept the above types. Extend this test when we fix
- // this.
+ // These types are not actually supported by the library, but we accept
+ // them as |V_ASN1_OTHER|.
+ {7 /* ObjectDescriptor */, "", V_ASN1_OTHER, std::string("\x07\x00", 2)},
+ {8 /* EXTERNAL */, "", V_ASN1_OTHER, std::string("\x08\x00", 2)},
+ {9 /* REAL */, "", V_ASN1_OTHER, std::string("\x09\x00", 2)},
+ {11 /* EMBEDDED PDV */, "", V_ASN1_OTHER, std::string("\x0b\x00", 2)},
+ {13 /* RELATIVE-OID */, "", V_ASN1_OTHER, std::string("\x0d\x00", 2)},
+ {14 /* TIME */, "", V_ASN1_OTHER, std::string("\x0e\x00", 2)},
+ {15 /* not a type; reserved value */, "", V_ASN1_OTHER,
+ std::string("\x0f\x00", 2)},
+ {29 /* CHARACTER STRING */, "", V_ASN1_OTHER, std::string("\x1d\x00", 2)},
+
+ // Non-universal tags are allowed as |V_ASN1_OTHER| too.
+ {CBS_ASN1_APPLICATION | CBS_ASN1_CONSTRUCTED | 42, "", V_ASN1_OTHER,
+ std::string("\x7f\x2a\x00", 3)},
+ {CBS_ASN1_APPLICATION | 42, "", V_ASN1_OTHER,
+ std::string("\x5f\x2a\x00", 3)},
};
for (const auto &t : kTests) {
SCOPED_TRACE(t.der_tag);
@@ -7256,7 +7295,9 @@
// Errors in supported universal types should be handled.
{CBS_ASN1_NULL, "not null"},
{CBS_ASN1_BOOLEAN, "not bool"},
+ {CBS_ASN1_BOOLEAN, "\1"}, // BOOL in DER must be 0x00 or 0xff.
{CBS_ASN1_OBJECT, ""},
+ {CBS_ASN1_OBJECT, "\x80\x01"}, // Non-minimal OID encoding
{CBS_ASN1_INTEGER, std::string("\0\0", 2)},
{CBS_ASN1_ENUMERATED, std::string("\0\0", 2)},
{CBS_ASN1_BITSTRING, ""},
@@ -7265,25 +7306,11 @@
{CBS_ASN1_UNIVERSALSTRING, "not utf-32"},
{CBS_ASN1_UTCTIME, "not utctime"},
{CBS_ASN1_GENERALIZEDTIME, "not generalizedtime"},
+ {CBS_ASN1_NULL | CBS_ASN1_CONSTRUCTED, ""},
+ {CBS_ASN1_OBJECT | CBS_ASN1_CONSTRUCTED, "\x01\x02\x03\x04"},
+ {CBS_ASN1_BOOLEAN | CBS_ASN1_CONSTRUCTED, "\xff"},
{CBS_ASN1_UTF8STRING | CBS_ASN1_CONSTRUCTED, ""},
{CBS_ASN1_SEQUENCE & ~CBS_ASN1_CONSTRUCTED, ""},
-
- // TODO(crbug.com/boringssl/412): The following inputs should parse, but
- // are currently rejected because they cannot be represented in
- // |ASN1_PRINTABLE|, either because they don't fit in |ASN1_STRING| or
- // simply in the |B_ASN1_PRINTABLE| bitmask.
- {CBS_ASN1_NULL, ""},
- {CBS_ASN1_BOOLEAN, std::string("\x00", 1)},
- {CBS_ASN1_BOOLEAN, "\xff"},
- {CBS_ASN1_OBJECT, "\x01\x02\x03\x04"},
- {CBS_ASN1_INTEGER, "\x01"},
- {CBS_ASN1_INTEGER, "\xff"},
- {CBS_ASN1_OCTETSTRING, ""},
- {CBS_ASN1_UTCTIME, "700101000000Z"},
- {CBS_ASN1_GENERALIZEDTIME, "19700101000000Z"},
- {CBS_ASN1_SET, ""},
- {CBS_ASN1_APPLICATION | CBS_ASN1_CONSTRUCTED | 42, ""},
- {CBS_ASN1_APPLICATION | 42, ""},
};
for (const auto &t : kInvalidTests) {
SCOPED_TRACE(t.der_tag);
diff --git a/src/crypto/x509/x509_vfy.cc b/src/crypto/x509/x509_vfy.cc
index 03f4612..92f154c 100644
--- a/src/crypto/x509/x509_vfy.cc
+++ b/src/crypto/x509/x509_vfy.cc
@@ -1020,6 +1020,8 @@
// Check CRLDP and IDP
static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score) {
+ // TODO(bbe): crbug.com/409778435 Make tests for the corner cases we hit
+ // here so that we stay correct for RFC 5280 6.3.3 steps b.1 and b.2
if (crl->idp_flags & IDP_ONLYATTR) {
return 0;
}
@@ -1041,9 +1043,14 @@
//
// We also do not support indirect CRLs, and a CRL issuer can only match
// indirect CRLs (RFC 5280, section 6.3.3, step b.1).
- // support.
- if (dp->reasons != NULL && dp->CRLissuer != NULL &&
- (!crl->idp || idp_check_dp(dp->distpoint, crl->idp->distpoint))) {
+ if (dp->reasons != NULL || dp->CRLissuer != NULL) {
+ continue;
+ }
+ // At this point we have already checked that the CRL issuer matches
+ // the certificate issuer (and set CRL_SCORE_ISSUER_NAME);
+
+ // RFC 5280 Section 6.3.3 step b.2
+ if (!crl->idp || idp_check_dp(dp->distpoint, crl->idp->distpoint)){
return 1;
}
}
diff --git a/src/crypto/x509/x_algor.cc b/src/crypto/x509/x_algor.cc
index 0a1162e..60eb006 100644
--- a/src/crypto/x509/x_algor.cc
+++ b/src/crypto/x509/x_algor.cc
@@ -20,6 +20,7 @@
#include <openssl/obj.h>
#include "../asn1/internal.h"
+#include "internal.h"
ASN1_SEQUENCE(X509_ALGOR) = {
@@ -105,3 +106,11 @@
}
return ASN1_TYPE_cmp(a->parameter, b->parameter);
}
+
+int x509_marshal_algorithm(CBB *out, const X509_ALGOR *in) {
+ uint8_t *ptr;
+ int len = i2d_X509_ALGOR(in, NULL);
+ return len > 0 && //
+ CBB_add_space(out, &ptr, static_cast<size_t>(len)) &&
+ i2d_X509_ALGOR(in, &ptr) == len;
+}
diff --git a/src/crypto/x509/x_name.cc b/src/crypto/x509/x_name.cc
index 767ebfd..035a03a 100644
--- a/src/crypto/x509/x_name.cc
+++ b/src/crypto/x509/x_name.cc
@@ -55,7 +55,7 @@
ASN1_SEQUENCE(X509_NAME_ENTRY) = {
ASN1_SIMPLE(X509_NAME_ENTRY, object, ASN1_OBJECT),
- ASN1_SIMPLE(X509_NAME_ENTRY, value, ASN1_PRINTABLE),
+ ASN1_SIMPLE(X509_NAME_ENTRY, value, ASN1_ANY_AS_STRING),
} ASN1_SEQUENCE_END(X509_NAME_ENTRY)
IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X509_NAME_ENTRY)
@@ -490,3 +490,12 @@
}
return 1;
}
+
+int x509_marshal_name(CBB *out, X509_NAME *in) {
+ int len = i2d_X509_NAME(in, nullptr);
+ if (len <= 0) {
+ return 0;
+ }
+ uint8_t *ptr;
+ return CBB_add_space(out, &ptr, len) && i2d_X509_NAME(in, &ptr) == len;
+}
diff --git a/src/crypto/x509/x_x509.cc b/src/crypto/x509/x_x509.cc
index ebb20d5..485231f 100644
--- a/src/crypto/x509/x_x509.cc
+++ b/src/crypto/x509/x_x509.cc
@@ -17,6 +17,7 @@
#include <stdio.h>
#include <openssl/asn1t.h>
+#include <openssl/bytestring.h>
#include <openssl/evp.h>
#include <openssl/mem.h>
#include <openssl/obj.h>
@@ -109,7 +110,7 @@
!CBS_get_asn1_element(&cert, &tbs, CBS_ASN1_SEQUENCE) ||
!CBS_get_asn1_element(&cert, &sigalg, CBS_ASN1_SEQUENCE)) {
OPENSSL_PUT_ERROR(ASN1, ASN1_R_DECODE_ERROR);
- return NULL;
+ return nullptr;
}
// For just the signature field, we accept non-minimal BER lengths, though not
@@ -121,76 +122,70 @@
size_t header_len;
int indefinite;
if (!CBS_get_any_ber_asn1_element(&cert, &sig, &tag, &header_len,
- /*out_ber_found=*/NULL,
+ /*out_ber_found=*/nullptr,
&indefinite) ||
tag != CBS_ASN1_BITSTRING || indefinite || //
!CBS_skip(&sig, header_len) || //
CBS_len(&cert) != 0) {
OPENSSL_PUT_ERROR(ASN1, ASN1_R_DECODE_ERROR);
- return NULL;
+ return nullptr;
}
- X509 *ret = x509_new_null();
- if (ret == NULL) {
- return NULL;
+ bssl::UniquePtr<X509> ret(x509_new_null());
+ if (ret == nullptr) {
+ return nullptr;
}
- {
- // TODO(crbug.com/boringssl/443): When the rest of the library is decoupled
- // from the tasn_*.c implementation, replace this with |CBS|-based
- // functions.
- const uint8_t *inp = CBS_data(&tbs);
- if (ASN1_item_ex_d2i((ASN1_VALUE **)&ret->cert_info, &inp, CBS_len(&tbs),
- ASN1_ITEM_rptr(X509_CINF), /*tag=*/-1,
- /*aclass=*/0, /*opt=*/0, buf) <= 0 ||
- inp != CBS_data(&tbs) + CBS_len(&tbs)) {
- goto err;
- }
-
- inp = CBS_data(&sigalg);
- ret->sig_alg = d2i_X509_ALGOR(NULL, &inp, CBS_len(&sigalg));
- if (ret->sig_alg == NULL || inp != CBS_data(&sigalg) + CBS_len(&sigalg)) {
- goto err;
- }
-
- inp = CBS_data(&sig);
- ret->signature = c2i_ASN1_BIT_STRING(NULL, &inp, CBS_len(&sig));
- if (ret->signature == NULL || inp != CBS_data(&sig) + CBS_len(&sig)) {
- goto err;
- }
-
- // The version must be one of v1(0), v2(1), or v3(2).
- long version = X509_VERSION_1;
- if (ret->cert_info->version != NULL) {
- version = ASN1_INTEGER_get(ret->cert_info->version);
- // TODO(https://crbug.com/boringssl/364): |X509_VERSION_1| should
- // also be rejected here. This means an explicitly-encoded X.509v1
- // version. v1 is DEFAULT, so DER requires it be omitted.
- if (version < X509_VERSION_1 || version > X509_VERSION_3) {
- OPENSSL_PUT_ERROR(X509, X509_R_INVALID_VERSION);
- goto err;
- }
- }
-
- // Per RFC 5280, section 4.1.2.8, these fields require v2 or v3.
- if (version == X509_VERSION_1 && (ret->cert_info->issuerUID != NULL ||
- ret->cert_info->subjectUID != NULL)) {
- OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_FOR_VERSION);
- goto err;
- }
-
- // Per RFC 5280, section 4.1.2.9, extensions require v3.
- if (version != X509_VERSION_3 && ret->cert_info->extensions != NULL) {
- OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_FOR_VERSION);
- goto err;
- }
-
- return ret;
+ // TODO(crbug.com/boringssl/443): When the rest of the library is decoupled
+ // from the tasn_*.c implementation, replace this with |CBS|-based
+ // functions.
+ const uint8_t *inp = CBS_data(&tbs);
+ if (ASN1_item_ex_d2i((ASN1_VALUE **)&ret->cert_info, &inp, CBS_len(&tbs),
+ ASN1_ITEM_rptr(X509_CINF), /*tag=*/-1,
+ /*aclass=*/0, /*opt=*/0, buf) <= 0 ||
+ inp != CBS_data(&tbs) + CBS_len(&tbs)) {
+ return nullptr;
}
-err:
- X509_free(ret);
- return NULL;
+ inp = CBS_data(&sigalg);
+ ret->sig_alg = d2i_X509_ALGOR(nullptr, &inp, CBS_len(&sigalg));
+ if (ret->sig_alg == nullptr || inp != CBS_data(&sigalg) + CBS_len(&sigalg)) {
+ return nullptr;
+ }
+
+ inp = CBS_data(&sig);
+ ret->signature = c2i_ASN1_BIT_STRING(nullptr, &inp, CBS_len(&sig));
+ if (ret->signature == nullptr || inp != CBS_data(&sig) + CBS_len(&sig)) {
+ return nullptr;
+ }
+
+ // The version must be one of v1(0), v2(1), or v3(2).
+ long version = X509_VERSION_1;
+ if (ret->cert_info->version != nullptr) {
+ version = ASN1_INTEGER_get(ret->cert_info->version);
+ // TODO(https://crbug.com/boringssl/364): |X509_VERSION_1| should
+ // also be rejected here. This means an explicitly-encoded X.509v1
+ // version. v1 is DEFAULT, so DER requires it be omitted.
+ if (version < X509_VERSION_1 || version > X509_VERSION_3) {
+ OPENSSL_PUT_ERROR(X509, X509_R_INVALID_VERSION);
+ return nullptr;
+ }
+ }
+
+ // Per RFC 5280, section 4.1.2.8, these fields require v2 or v3.
+ if (version == X509_VERSION_1 && (ret->cert_info->issuerUID != nullptr ||
+ ret->cert_info->subjectUID != nullptr)) {
+ OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_FOR_VERSION);
+ return nullptr;
+ }
+
+ // Per RFC 5280, section 4.1.2.9, extensions require v3.
+ if (version != X509_VERSION_3 && ret->cert_info->extensions != nullptr) {
+ OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_FOR_VERSION);
+ return nullptr;
+ }
+
+ return ret.release();
}
X509 *d2i_X509(X509 **out, const uint8_t **inp, long len) {
@@ -223,42 +218,26 @@
return -1;
}
- CBB cbb, cert;
- int len;
- if (!CBB_init(&cbb, 64) || //
- !CBB_add_asn1(&cbb, &cert, CBS_ASN1_SEQUENCE)) {
- goto err;
+ bssl::ScopedCBB cbb;
+ CBB cert;
+ if (!CBB_init(cbb.get(), 64) || //
+ !CBB_add_asn1(cbb.get(), &cert, CBS_ASN1_SEQUENCE)) {
+ return -1;
}
// TODO(crbug.com/boringssl/443): When the rest of the library is decoupled
// from the tasn_*.c implementation, replace this with |CBS|-based functions.
uint8_t *out;
- len = i2d_X509_CINF(x509->cert_info, NULL);
+ int len = i2d_X509_CINF(x509->cert_info, NULL);
if (len < 0 || //
- !CBB_add_space(&cert, &out, (size_t)len) ||
- i2d_X509_CINF(x509->cert_info, &out) != len) {
- goto err;
+ !CBB_add_space(&cert, &out, static_cast<size_t>(len)) ||
+ i2d_X509_CINF(x509->cert_info, &out) != len ||
+ !x509_marshal_algorithm(&cert, x509->sig_alg) ||
+ !asn1_marshal_bit_string(&cert, x509->signature, /*tag=*/0)) {
+ return -1;
}
- len = i2d_X509_ALGOR(x509->sig_alg, NULL);
- if (len < 0 || //
- !CBB_add_space(&cert, &out, (size_t)len) ||
- i2d_X509_ALGOR(x509->sig_alg, &out) != len) {
- goto err;
- }
-
- len = i2d_ASN1_BIT_STRING(x509->signature, NULL);
- if (len < 0 || //
- !CBB_add_space(&cert, &out, (size_t)len) ||
- i2d_ASN1_BIT_STRING(x509->signature, &out) != len) {
- goto err;
- }
-
- return CBB_finish_i2d(&cbb, outp);
-
-err:
- CBB_cleanup(&cbb);
- return -1;
+ return CBB_finish_i2d(cbb.get(), outp);
}
static int x509_new_cb(ASN1_VALUE **pval, const ASN1_ITEM *it) {
diff --git a/src/crypto/x509/x_x509a.cc b/src/crypto/x509/x_x509a.cc
index f36fcaf..9318d43 100644
--- a/src/crypto/x509/x_x509a.cc
+++ b/src/crypto/x509/x_x509a.cc
@@ -109,49 +109,33 @@
}
int X509_add1_trust_object(X509 *x, const ASN1_OBJECT *obj) {
- X509_CERT_AUX *aux;
- ASN1_OBJECT *objtmp = OBJ_dup(obj);
- if (objtmp == NULL) {
- goto err;
+ bssl::UniquePtr<ASN1_OBJECT> objtmp(OBJ_dup(obj));
+ if (objtmp == nullptr) {
+ return 0;
}
- aux = aux_get(x);
- if (aux->trust == NULL) {
+ X509_CERT_AUX *aux = aux_get(x);
+ if (aux->trust == nullptr) {
aux->trust = sk_ASN1_OBJECT_new_null();
- if (aux->trust == NULL) {
- goto err;
+ if (aux->trust == nullptr) {
+ return 0;
}
}
- if (!sk_ASN1_OBJECT_push(aux->trust, objtmp)) {
- goto err;
- }
- return 1;
-
-err:
- ASN1_OBJECT_free(objtmp);
- return 0;
+ return bssl::PushToStack(aux->trust, std::move(objtmp));
}
int X509_add1_reject_object(X509 *x, const ASN1_OBJECT *obj) {
- X509_CERT_AUX *aux;
- ASN1_OBJECT *objtmp = OBJ_dup(obj);
- if (objtmp == NULL) {
- goto err;
+ bssl::UniquePtr<ASN1_OBJECT> objtmp(OBJ_dup(obj));
+ if (objtmp == nullptr) {
+ return 0;
}
- aux = aux_get(x);
- if (aux->reject == NULL) {
+ X509_CERT_AUX *aux = aux_get(x);
+ if (aux->reject == nullptr) {
aux->reject = sk_ASN1_OBJECT_new_null();
- if (aux->reject == NULL) {
- goto err;
+ if (aux->reject == nullptr) {
+ return 0;
}
}
- if (!sk_ASN1_OBJECT_push(aux->reject, objtmp)) {
- goto err;
- }
- return 1;
-
-err:
- ASN1_OBJECT_free(objtmp);
- return 0;
+ return bssl::PushToStack(aux->reject, std::move(objtmp));
}
void X509_trust_clear(X509 *x) {
diff --git a/src/decrepit/cast/cast.cc b/src/decrepit/cast/cast.cc
index 6e4c000..37e4684 100644
--- a/src/decrepit/cast/cast.cc
+++ b/src/decrepit/cast/cast.cc
@@ -17,9 +17,7 @@
#include <openssl/obj.h>
#if defined(OPENSSL_WINDOWS)
-OPENSSL_MSVC_PRAGMA(warning(push, 3))
#include <intrin.h>
-OPENSSL_MSVC_PRAGMA(warning(pop))
#endif
#include "../../crypto/fipsmodule/cipher/internal.h"
diff --git a/src/decrepit/dh/dh_decrepit.cc b/src/decrepit/dh/dh_decrepit.cc
index d8d1d2d..7f7b4b6 100644
--- a/src/decrepit/dh/dh_decrepit.cc
+++ b/src/decrepit/dh/dh_decrepit.cc
@@ -32,20 +32,18 @@
DH *DH_generate_parameters(int prime_len, int generator,
void (*callback)(int, int, void *), void *cb_arg) {
if (prime_len < 0 || generator < 0) {
- return NULL;
+ return nullptr;
}
- DH *ret = DH_new();
- if (ret == NULL) {
- return NULL;
+ bssl::UniquePtr<DH> ret(DH_new());
+ if (ret == nullptr) {
+ return nullptr;
}
BN_GENCB gencb_storage;
- BN_GENCB *cb = NULL;
-
+ BN_GENCB *cb = nullptr;
struct wrapped_callback wrapped;
-
- if (callback != NULL) {
+ if (callback != nullptr) {
wrapped.callback = callback;
wrapped.arg = cb_arg;
@@ -53,13 +51,9 @@
BN_GENCB_set(cb, callback_wrapper, &wrapped);
}
- if (!DH_generate_parameters_ex(ret, prime_len, generator, cb)) {
- goto err;
+ if (!DH_generate_parameters_ex(ret.get(), prime_len, generator, cb)) {
+ return nullptr;
}
- return ret;
-
-err:
- DH_free(ret);
- return NULL;
+ return ret.release();
}
diff --git a/src/decrepit/dsa/dsa_decrepit.cc b/src/decrepit/dsa/dsa_decrepit.cc
index c77c7ff..86586ca 100644
--- a/src/decrepit/dsa/dsa_decrepit.cc
+++ b/src/decrepit/dsa/dsa_decrepit.cc
@@ -33,20 +33,18 @@
int *counter_ret, unsigned long *h_ret,
void (*callback)(int, int, void *), void *cb_arg) {
if (bits < 0 || seed_len < 0) {
- return NULL;
+ return nullptr;
}
- DSA *ret = DSA_new();
- if (ret == NULL) {
- return NULL;
+ bssl::UniquePtr<DSA> ret(DSA_new());
+ if (ret == nullptr) {
+ return nullptr;
}
BN_GENCB gencb_storage;
- BN_GENCB *cb = NULL;
-
+ BN_GENCB *cb = nullptr;
struct wrapped_callback wrapped;
-
- if (callback != NULL) {
+ if (callback != nullptr) {
wrapped.callback = callback;
wrapped.arg = cb_arg;
@@ -54,14 +52,10 @@
BN_GENCB_set(cb, callback_wrapper, &wrapped);
}
- if (!DSA_generate_parameters_ex(ret, bits, seed_in, seed_len, counter_ret,
- h_ret, cb)) {
- goto err;
+ if (!DSA_generate_parameters_ex(ret.get(), bits, seed_in, seed_len,
+ counter_ret, h_ret, cb)) {
+ return nullptr;
}
- return ret;
-
-err:
- DSA_free(ret);
- return NULL;
+ return ret.release();
}
diff --git a/src/decrepit/rsa/rsa_decrepit.cc b/src/decrepit/rsa/rsa_decrepit.cc
index 22c9f01..a1b943f 100644
--- a/src/decrepit/rsa/rsa_decrepit.cc
+++ b/src/decrepit/rsa/rsa_decrepit.cc
@@ -21,26 +21,19 @@
RSA *RSA_generate_key(int bits, uint64_t e_value, void *callback,
void *cb_arg) {
- assert(callback == NULL);
- assert(cb_arg == NULL);
+ assert(callback == nullptr);
+ assert(cb_arg == nullptr);
- RSA *rsa = RSA_new();
- BIGNUM *e = BN_new();
-
- if (rsa == NULL ||
- e == NULL ||
- !BN_set_u64(e, e_value) ||
- !RSA_generate_key_ex(rsa, bits, e, NULL)) {
- goto err;
+ bssl::UniquePtr<RSA> rsa(RSA_new());
+ bssl::UniquePtr<BIGNUM> e(BN_new());
+ if (rsa == nullptr || //
+ e == nullptr || //
+ !BN_set_u64(e.get(), e_value) ||
+ !RSA_generate_key_ex(rsa.get(), bits, e.get(), nullptr)) {
+ return nullptr;
}
- BN_free(e);
- return rsa;
-
-err:
- BN_free(e);
- RSA_free(rsa);
- return NULL;
+ return rsa.release();
}
int RSA_padding_add_PKCS1_PSS(const RSA *rsa, uint8_t *EM, const uint8_t *mHash,
diff --git a/src/fuzz/CMakeLists.txt b/src/fuzz/CMakeLists.txt
index 1c784a1..bb4ee90 100644
--- a/src/fuzz/CMakeLists.txt
+++ b/src/fuzz/CMakeLists.txt
@@ -5,7 +5,7 @@
cmake_path(GET fuzzer STEM name)
add_executable(${name} ../${fuzzer})
target_compile_options(${name} PRIVATE "-Wno-missing-prototypes")
- target_link_libraries(${name} crypto ssl pki)
+ target_link_libraries(${name} ssl pki crypto)
if(LIBFUZZER_FROM_DEPS)
set_target_properties(${name} PROPERTIES LINK_FLAGS "-fsanitize=fuzzer-no-link")
target_link_libraries(${name} Fuzzer)
diff --git a/src/fuzz/client.cc b/src/fuzz/client.cc
index 82fa0b8..86dcdc2 100644
--- a/src/fuzz/client.cc
+++ b/src/fuzz/client.cc
@@ -15,7 +15,8 @@
#include "../ssl/test/fuzzer.h"
-static TLSFuzzer g_fuzzer(TLSFuzzer::kTLS, TLSFuzzer::kClient);
+static TLSFuzzer g_fuzzer(TLSFuzzer::kTLS, TLSFuzzer::kClient,
+ TLSFuzzer::kFuzzerModeOn);
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
return g_fuzzer.TestOneInput(buf, len);
diff --git a/src/fuzz/client_corpus/009fee313a3c113c542a5b4cfdfc26c55c225cbf b/src/fuzz/client_corpus/009fee313a3c113c542a5b4cfdfc26c55c225cbf
deleted file mode 100644
index c293357..0000000
--- a/src/fuzz/client_corpus/009fee313a3c113c542a5b4cfdfc26c55c225cbf
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/04c28ad57f2d16bed209a9761e1ec774010c0c63 b/src/fuzz/client_corpus/04c28ad57f2d16bed209a9761e1ec774010c0c63
new file mode 100644
index 0000000..c326fb8
--- /dev/null
+++ b/src/fuzz/client_corpus/04c28ad57f2d16bed209a9761e1ec774010c0c63
Binary files differ
diff --git a/src/fuzz/client_corpus/05a2f0df703eaf18e98c511148895b4b5e5b708e b/src/fuzz/client_corpus/05a2f0df703eaf18e98c511148895b4b5e5b708e
deleted file mode 100644
index 916e91a..0000000
--- a/src/fuzz/client_corpus/05a2f0df703eaf18e98c511148895b4b5e5b708e
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/08b14e280eb84bd7d47def91b01337023a3c363c b/src/fuzz/client_corpus/08b14e280eb84bd7d47def91b01337023a3c363c
deleted file mode 100644
index 9d70fb8..0000000
--- a/src/fuzz/client_corpus/08b14e280eb84bd7d47def91b01337023a3c363c
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/0907ed7a81cd827f9851ccc428a6d37691a442a1 b/src/fuzz/client_corpus/0907ed7a81cd827f9851ccc428a6d37691a442a1
new file mode 100644
index 0000000..3146f73
--- /dev/null
+++ b/src/fuzz/client_corpus/0907ed7a81cd827f9851ccc428a6d37691a442a1
Binary files differ
diff --git a/src/fuzz/client_corpus/0992337019c07c5a492a4c71da5a3cd9e9f33887 b/src/fuzz/client_corpus/0992337019c07c5a492a4c71da5a3cd9e9f33887
new file mode 100644
index 0000000..53d0f63
--- /dev/null
+++ b/src/fuzz/client_corpus/0992337019c07c5a492a4c71da5a3cd9e9f33887
Binary files differ
diff --git a/src/fuzz/client_corpus/16c66d315dc915d03daf45b14e66560591464b5d b/src/fuzz/client_corpus/16c66d315dc915d03daf45b14e66560591464b5d
deleted file mode 100644
index 9a36e78..0000000
--- a/src/fuzz/client_corpus/16c66d315dc915d03daf45b14e66560591464b5d
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/1c4f68b0c7ff500dde6ed368b97913236e06b480 b/src/fuzz/client_corpus/1c4f68b0c7ff500dde6ed368b97913236e06b480
deleted file mode 100644
index 6172f31..0000000
--- a/src/fuzz/client_corpus/1c4f68b0c7ff500dde6ed368b97913236e06b480
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/21b58795c70fecfad292d278c3bb76bed9431d3e b/src/fuzz/client_corpus/21b58795c70fecfad292d278c3bb76bed9431d3e
deleted file mode 100644
index ce99b6c..0000000
--- a/src/fuzz/client_corpus/21b58795c70fecfad292d278c3bb76bed9431d3e
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/2719ccc145a8813a7304811b6ebe1c58c067c241 b/src/fuzz/client_corpus/2719ccc145a8813a7304811b6ebe1c58c067c241
new file mode 100644
index 0000000..d49803f
--- /dev/null
+++ b/src/fuzz/client_corpus/2719ccc145a8813a7304811b6ebe1c58c067c241
Binary files differ
diff --git a/src/fuzz/client_corpus/271f300013a0c622c62053394768a322f128925f b/src/fuzz/client_corpus/271f300013a0c622c62053394768a322f128925f
deleted file mode 100644
index 3547612..0000000
--- a/src/fuzz/client_corpus/271f300013a0c622c62053394768a322f128925f
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/2c4073fccda07d98ce3cfa12ce5067b92e7beaff b/src/fuzz/client_corpus/2c4073fccda07d98ce3cfa12ce5067b92e7beaff
new file mode 100644
index 0000000..f826918
--- /dev/null
+++ b/src/fuzz/client_corpus/2c4073fccda07d98ce3cfa12ce5067b92e7beaff
Binary files differ
diff --git a/src/fuzz/client_corpus/2e89bd3f1c6521c952ce5fc9803a6437a45db29a b/src/fuzz/client_corpus/2e89bd3f1c6521c952ce5fc9803a6437a45db29a
new file mode 100644
index 0000000..03c90c9
--- /dev/null
+++ b/src/fuzz/client_corpus/2e89bd3f1c6521c952ce5fc9803a6437a45db29a
Binary files differ
diff --git a/src/fuzz/client_corpus/3cc980bb071f463cac85ecf625d9d4e969f7bcfb b/src/fuzz/client_corpus/3cc980bb071f463cac85ecf625d9d4e969f7bcfb
new file mode 100644
index 0000000..732c715
--- /dev/null
+++ b/src/fuzz/client_corpus/3cc980bb071f463cac85ecf625d9d4e969f7bcfb
Binary files differ
diff --git a/src/fuzz/client_corpus/3d8da46b556049c4085ee3a2da4bccec185acdf2 b/src/fuzz/client_corpus/3d8da46b556049c4085ee3a2da4bccec185acdf2
new file mode 100644
index 0000000..46c15ca
--- /dev/null
+++ b/src/fuzz/client_corpus/3d8da46b556049c4085ee3a2da4bccec185acdf2
Binary files differ
diff --git a/src/fuzz/client_corpus/4323fb145fd5f4f1f9f99c5c1a6c27449022c706 b/src/fuzz/client_corpus/4323fb145fd5f4f1f9f99c5c1a6c27449022c706
deleted file mode 100644
index ac9d8bf..0000000
--- a/src/fuzz/client_corpus/4323fb145fd5f4f1f9f99c5c1a6c27449022c706
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/437945e8100673c4399a81cd662dc71775f81819 b/src/fuzz/client_corpus/437945e8100673c4399a81cd662dc71775f81819
new file mode 100644
index 0000000..7b8e1e9
--- /dev/null
+++ b/src/fuzz/client_corpus/437945e8100673c4399a81cd662dc71775f81819
Binary files differ
diff --git a/src/fuzz/client_corpus/45dbee5815a97b19e9ed9c8e11e517b551022745 b/src/fuzz/client_corpus/45dbee5815a97b19e9ed9c8e11e517b551022745
new file mode 100644
index 0000000..8336564
--- /dev/null
+++ b/src/fuzz/client_corpus/45dbee5815a97b19e9ed9c8e11e517b551022745
Binary files differ
diff --git a/src/fuzz/client_corpus/4d35fb4d0a819bdc1b8310e92661aae9088fc35c b/src/fuzz/client_corpus/4d35fb4d0a819bdc1b8310e92661aae9088fc35c
deleted file mode 100644
index 4a39038..0000000
--- a/src/fuzz/client_corpus/4d35fb4d0a819bdc1b8310e92661aae9088fc35c
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/4fd403d6146f7f47c32aa9b75f7da8a3ed4abcfc b/src/fuzz/client_corpus/4fd403d6146f7f47c32aa9b75f7da8a3ed4abcfc
new file mode 100644
index 0000000..f097159
--- /dev/null
+++ b/src/fuzz/client_corpus/4fd403d6146f7f47c32aa9b75f7da8a3ed4abcfc
Binary files differ
diff --git a/src/fuzz/client_corpus/5368017ad7d58a595bb45a7b0cd22d958aea14d5 b/src/fuzz/client_corpus/5368017ad7d58a595bb45a7b0cd22d958aea14d5
new file mode 100644
index 0000000..3b058ab
--- /dev/null
+++ b/src/fuzz/client_corpus/5368017ad7d58a595bb45a7b0cd22d958aea14d5
Binary files differ
diff --git a/src/fuzz/client_corpus/53e899069841bf49f6750a134a3aa5f63b4903ad b/src/fuzz/client_corpus/53e899069841bf49f6750a134a3aa5f63b4903ad
deleted file mode 100644
index 755b841..0000000
--- a/src/fuzz/client_corpus/53e899069841bf49f6750a134a3aa5f63b4903ad
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/5a65f8bbbcd506ba2623a9e7c98a09ddbda67017 b/src/fuzz/client_corpus/5a65f8bbbcd506ba2623a9e7c98a09ddbda67017
new file mode 100644
index 0000000..12592f5
--- /dev/null
+++ b/src/fuzz/client_corpus/5a65f8bbbcd506ba2623a9e7c98a09ddbda67017
Binary files differ
diff --git a/src/fuzz/client_corpus/5c17c4704df42cc9b0bac7697ea2ec4e5b2d2984 b/src/fuzz/client_corpus/5c17c4704df42cc9b0bac7697ea2ec4e5b2d2984
deleted file mode 100644
index d33e21d..0000000
--- a/src/fuzz/client_corpus/5c17c4704df42cc9b0bac7697ea2ec4e5b2d2984
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/5c337957318db62fa0ee3a0396f842854fea0148 b/src/fuzz/client_corpus/5c337957318db62fa0ee3a0396f842854fea0148
new file mode 100644
index 0000000..d1f6b6f
--- /dev/null
+++ b/src/fuzz/client_corpus/5c337957318db62fa0ee3a0396f842854fea0148
Binary files differ
diff --git a/src/fuzz/client_corpus/5f574b9afa2f0722b4c3cd704304241592d2fec5 b/src/fuzz/client_corpus/5f574b9afa2f0722b4c3cd704304241592d2fec5
new file mode 100644
index 0000000..6b517ed
--- /dev/null
+++ b/src/fuzz/client_corpus/5f574b9afa2f0722b4c3cd704304241592d2fec5
Binary files differ
diff --git a/src/fuzz/client_corpus/6015fc30d96a89b41156000fcf38cf379c957517 b/src/fuzz/client_corpus/6015fc30d96a89b41156000fcf38cf379c957517
new file mode 100644
index 0000000..077112c
--- /dev/null
+++ b/src/fuzz/client_corpus/6015fc30d96a89b41156000fcf38cf379c957517
Binary files differ
diff --git a/src/fuzz/client_corpus/611053420e5261789e373f2313834a41e891ecba b/src/fuzz/client_corpus/611053420e5261789e373f2313834a41e891ecba
new file mode 100644
index 0000000..165eb3a
--- /dev/null
+++ b/src/fuzz/client_corpus/611053420e5261789e373f2313834a41e891ecba
Binary files differ
diff --git a/src/fuzz/client_corpus/631e3bfe44f7e32c78ead028502573df807dea55 b/src/fuzz/client_corpus/631e3bfe44f7e32c78ead028502573df807dea55
new file mode 100644
index 0000000..fdc3dc0
--- /dev/null
+++ b/src/fuzz/client_corpus/631e3bfe44f7e32c78ead028502573df807dea55
Binary files differ
diff --git a/src/fuzz/client_corpus/645ba3984c1c908c76a7a18a5ce22d1bac06a9d6 b/src/fuzz/client_corpus/645ba3984c1c908c76a7a18a5ce22d1bac06a9d6
new file mode 100644
index 0000000..897fe95
--- /dev/null
+++ b/src/fuzz/client_corpus/645ba3984c1c908c76a7a18a5ce22d1bac06a9d6
Binary files differ
diff --git a/src/fuzz/client_corpus/66a838dc7b430502f49aead72ce6b02316ec6f95 b/src/fuzz/client_corpus/66a838dc7b430502f49aead72ce6b02316ec6f95
deleted file mode 100644
index 3ac1bca..0000000
--- a/src/fuzz/client_corpus/66a838dc7b430502f49aead72ce6b02316ec6f95
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/6cb75744557e90e0a698789e774e8cb8884c79d8 b/src/fuzz/client_corpus/6cb75744557e90e0a698789e774e8cb8884c79d8
deleted file mode 100644
index 2a9640e..0000000
--- a/src/fuzz/client_corpus/6cb75744557e90e0a698789e774e8cb8884c79d8
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/6d868c89c1e8737a7f87066322bb6e372858017e b/src/fuzz/client_corpus/6d868c89c1e8737a7f87066322bb6e372858017e
deleted file mode 100644
index f59dad2..0000000
--- a/src/fuzz/client_corpus/6d868c89c1e8737a7f87066322bb6e372858017e
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/713644535bf06e6a885e3acf6f0911e02b76736e b/src/fuzz/client_corpus/713644535bf06e6a885e3acf6f0911e02b76736e
deleted file mode 100644
index aba9172..0000000
--- a/src/fuzz/client_corpus/713644535bf06e6a885e3acf6f0911e02b76736e
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/744a34c9ad7b0b9207e1766ee087c3eb906ef27a b/src/fuzz/client_corpus/744a34c9ad7b0b9207e1766ee087c3eb906ef27a
new file mode 100644
index 0000000..83829fc
--- /dev/null
+++ b/src/fuzz/client_corpus/744a34c9ad7b0b9207e1766ee087c3eb906ef27a
Binary files differ
diff --git a/src/fuzz/client_corpus/748e3a934338a0e39b96d6e82430eb5ffaa1f3b0 b/src/fuzz/client_corpus/748e3a934338a0e39b96d6e82430eb5ffaa1f3b0
deleted file mode 100644
index e37d590..0000000
--- a/src/fuzz/client_corpus/748e3a934338a0e39b96d6e82430eb5ffaa1f3b0
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/7a4311b9751086b125edc64c4ec4c5baff811e62 b/src/fuzz/client_corpus/7a4311b9751086b125edc64c4ec4c5baff811e62
new file mode 100644
index 0000000..0d4b2de
--- /dev/null
+++ b/src/fuzz/client_corpus/7a4311b9751086b125edc64c4ec4c5baff811e62
Binary files differ
diff --git a/src/fuzz/client_corpus/7dcdcf07e319c36dd4dbad5a7860e853948f5019 b/src/fuzz/client_corpus/7dcdcf07e319c36dd4dbad5a7860e853948f5019
new file mode 100644
index 0000000..a6819ae
--- /dev/null
+++ b/src/fuzz/client_corpus/7dcdcf07e319c36dd4dbad5a7860e853948f5019
Binary files differ
diff --git a/src/fuzz/client_corpus/84ba7200e08f2995d5ae601a52006a1a9de6a7ef b/src/fuzz/client_corpus/84ba7200e08f2995d5ae601a52006a1a9de6a7ef
new file mode 100644
index 0000000..69a4ca0
--- /dev/null
+++ b/src/fuzz/client_corpus/84ba7200e08f2995d5ae601a52006a1a9de6a7ef
Binary files differ
diff --git a/src/fuzz/client_corpus/858cfdeaded389cf2c8720c4159107b4b9c7dd1d b/src/fuzz/client_corpus/858cfdeaded389cf2c8720c4159107b4b9c7dd1d
deleted file mode 100644
index a800224..0000000
--- a/src/fuzz/client_corpus/858cfdeaded389cf2c8720c4159107b4b9c7dd1d
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/85cbb909a0f7309e0f4813aafaecef26fac20d10 b/src/fuzz/client_corpus/85cbb909a0f7309e0f4813aafaecef26fac20d10
new file mode 100644
index 0000000..7b64d21
--- /dev/null
+++ b/src/fuzz/client_corpus/85cbb909a0f7309e0f4813aafaecef26fac20d10
Binary files differ
diff --git a/src/fuzz/client_corpus/85e3e7e691b8378d49173edfd08244ca4807bf84 b/src/fuzz/client_corpus/85e3e7e691b8378d49173edfd08244ca4807bf84
deleted file mode 100644
index 5eeae87..0000000
--- a/src/fuzz/client_corpus/85e3e7e691b8378d49173edfd08244ca4807bf84
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/866d6333ab0de5db40fbe5b84efb0d4f26e08925 b/src/fuzz/client_corpus/866d6333ab0de5db40fbe5b84efb0d4f26e08925
deleted file mode 100644
index f4ff9af..0000000
--- a/src/fuzz/client_corpus/866d6333ab0de5db40fbe5b84efb0d4f26e08925
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/87b93509a12c43e3028c88370d8935dbc5719615 b/src/fuzz/client_corpus/87b93509a12c43e3028c88370d8935dbc5719615
new file mode 100644
index 0000000..584a777
--- /dev/null
+++ b/src/fuzz/client_corpus/87b93509a12c43e3028c88370d8935dbc5719615
Binary files differ
diff --git a/src/fuzz/client_corpus/89a62df92f2195df2fe77b45589633593286ee95 b/src/fuzz/client_corpus/89a62df92f2195df2fe77b45589633593286ee95
deleted file mode 100644
index da0a6e7..0000000
--- a/src/fuzz/client_corpus/89a62df92f2195df2fe77b45589633593286ee95
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/8b05fc845aab67d727037711de7808287412f064 b/src/fuzz/client_corpus/8b05fc845aab67d727037711de7808287412f064
new file mode 100644
index 0000000..e10b325
--- /dev/null
+++ b/src/fuzz/client_corpus/8b05fc845aab67d727037711de7808287412f064
Binary files differ
diff --git a/src/fuzz/client_corpus/8b62204034a82d2988d0c9dda3172538f4205d99 b/src/fuzz/client_corpus/8b62204034a82d2988d0c9dda3172538f4205d99
new file mode 100644
index 0000000..38a4c93
--- /dev/null
+++ b/src/fuzz/client_corpus/8b62204034a82d2988d0c9dda3172538f4205d99
Binary files differ
diff --git a/src/fuzz/client_corpus/8caaba40f209cede75f8b6d15dff0e14b11f4fdd b/src/fuzz/client_corpus/8caaba40f209cede75f8b6d15dff0e14b11f4fdd
deleted file mode 100644
index 15ad2dc..0000000
--- a/src/fuzz/client_corpus/8caaba40f209cede75f8b6d15dff0e14b11f4fdd
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/8ed2ff7918d27098892a855343194f2ccea3fac9 b/src/fuzz/client_corpus/8ed2ff7918d27098892a855343194f2ccea3fac9
deleted file mode 100644
index c13348a..0000000
--- a/src/fuzz/client_corpus/8ed2ff7918d27098892a855343194f2ccea3fac9
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/92b9e0684e054723b2fae964f9e4a7fcdd8957fe b/src/fuzz/client_corpus/92b9e0684e054723b2fae964f9e4a7fcdd8957fe
deleted file mode 100644
index 21d204d..0000000
--- a/src/fuzz/client_corpus/92b9e0684e054723b2fae964f9e4a7fcdd8957fe
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/95920ea67c6bd01f38cc9c77bf11c253082d9330 b/src/fuzz/client_corpus/95920ea67c6bd01f38cc9c77bf11c253082d9330
new file mode 100644
index 0000000..a9f695a
--- /dev/null
+++ b/src/fuzz/client_corpus/95920ea67c6bd01f38cc9c77bf11c253082d9330
Binary files differ
diff --git a/src/fuzz/client_corpus/a09e50736a6dfd1fc930836f693150bd02adebfb b/src/fuzz/client_corpus/a09e50736a6dfd1fc930836f693150bd02adebfb
new file mode 100644
index 0000000..8c513eb
--- /dev/null
+++ b/src/fuzz/client_corpus/a09e50736a6dfd1fc930836f693150bd02adebfb
Binary files differ
diff --git a/src/fuzz/client_corpus/a1eb5db2d450c5d0959147cff41975bd08156655 b/src/fuzz/client_corpus/a1eb5db2d450c5d0959147cff41975bd08156655
deleted file mode 100644
index d0bf517..0000000
--- a/src/fuzz/client_corpus/a1eb5db2d450c5d0959147cff41975bd08156655
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/a261092ef8fbbb540490fc8f9773d88d65782748 b/src/fuzz/client_corpus/a261092ef8fbbb540490fc8f9773d88d65782748
new file mode 100644
index 0000000..1e59346
--- /dev/null
+++ b/src/fuzz/client_corpus/a261092ef8fbbb540490fc8f9773d88d65782748
Binary files differ
diff --git a/src/fuzz/client_corpus/a4f686b4aba889c331dd84e9c19ca729dc8caea8 b/src/fuzz/client_corpus/a4f686b4aba889c331dd84e9c19ca729dc8caea8
new file mode 100644
index 0000000..2e5a2be
--- /dev/null
+++ b/src/fuzz/client_corpus/a4f686b4aba889c331dd84e9c19ca729dc8caea8
Binary files differ
diff --git a/src/fuzz/client_corpus/abe52a0ca90b274b3f11f2e2035e0ac3294feafe b/src/fuzz/client_corpus/abe52a0ca90b274b3f11f2e2035e0ac3294feafe
new file mode 100644
index 0000000..85f7add
--- /dev/null
+++ b/src/fuzz/client_corpus/abe52a0ca90b274b3f11f2e2035e0ac3294feafe
Binary files differ
diff --git a/src/fuzz/client_corpus/ad1f576ae9df13a632ada14d5d908373239a808e b/src/fuzz/client_corpus/ad1f576ae9df13a632ada14d5d908373239a808e
new file mode 100644
index 0000000..af5fd93
--- /dev/null
+++ b/src/fuzz/client_corpus/ad1f576ae9df13a632ada14d5d908373239a808e
Binary files differ
diff --git a/src/fuzz/client_corpus/ad9a83794c7b095b3728ffa302a511640705b495 b/src/fuzz/client_corpus/ad9a83794c7b095b3728ffa302a511640705b495
deleted file mode 100644
index a1f90c5..0000000
--- a/src/fuzz/client_corpus/ad9a83794c7b095b3728ffa302a511640705b495
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/aefb0ebfa73939d1ad1090290b88728d36c215d7 b/src/fuzz/client_corpus/aefb0ebfa73939d1ad1090290b88728d36c215d7
new file mode 100644
index 0000000..34a2f00
--- /dev/null
+++ b/src/fuzz/client_corpus/aefb0ebfa73939d1ad1090290b88728d36c215d7
Binary files differ
diff --git a/src/fuzz/client_corpus/b00f6b1fc712ffc63610269cc5cc100e8f147a40 b/src/fuzz/client_corpus/b00f6b1fc712ffc63610269cc5cc100e8f147a40
deleted file mode 100644
index f2ead99..0000000
--- a/src/fuzz/client_corpus/b00f6b1fc712ffc63610269cc5cc100e8f147a40
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/b06ca89358a62d30e7f08f0ba726058606a891fd b/src/fuzz/client_corpus/b06ca89358a62d30e7f08f0ba726058606a891fd
new file mode 100644
index 0000000..5911427
--- /dev/null
+++ b/src/fuzz/client_corpus/b06ca89358a62d30e7f08f0ba726058606a891fd
Binary files differ
diff --git a/src/fuzz/client_corpus/b23a39fb04fdad2b78f714ce1c850af3f92bd438 b/src/fuzz/client_corpus/b23a39fb04fdad2b78f714ce1c850af3f92bd438
new file mode 100644
index 0000000..eea0c36
--- /dev/null
+++ b/src/fuzz/client_corpus/b23a39fb04fdad2b78f714ce1c850af3f92bd438
Binary files differ
diff --git a/src/fuzz/client_corpus/b25bccdf3174db4751ce450717d3fd8f2c00ce56 b/src/fuzz/client_corpus/b25bccdf3174db4751ce450717d3fd8f2c00ce56
new file mode 100644
index 0000000..863a655
--- /dev/null
+++ b/src/fuzz/client_corpus/b25bccdf3174db4751ce450717d3fd8f2c00ce56
Binary files differ
diff --git a/src/fuzz/client_corpus/b29e2be0d011aee1f45c308cff848c4d25c0f211 b/src/fuzz/client_corpus/b29e2be0d011aee1f45c308cff848c4d25c0f211
deleted file mode 100644
index e92d4a7..0000000
--- a/src/fuzz/client_corpus/b29e2be0d011aee1f45c308cff848c4d25c0f211
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/b5a0827c966b5e7771d5ee42d061ae30d583a60a b/src/fuzz/client_corpus/b5a0827c966b5e7771d5ee42d061ae30d583a60a
new file mode 100644
index 0000000..f675a12
--- /dev/null
+++ b/src/fuzz/client_corpus/b5a0827c966b5e7771d5ee42d061ae30d583a60a
Binary files differ
diff --git a/src/fuzz/client_corpus/b6e04e7f3faae67551f3b03de695d1f9efc1c094 b/src/fuzz/client_corpus/b6e04e7f3faae67551f3b03de695d1f9efc1c094
new file mode 100644
index 0000000..58ee9ea
--- /dev/null
+++ b/src/fuzz/client_corpus/b6e04e7f3faae67551f3b03de695d1f9efc1c094
Binary files differ
diff --git a/src/fuzz/client_corpus/b9f96d459a63cd1b85c113e5de8e4b9e02f22a48 b/src/fuzz/client_corpus/b9f96d459a63cd1b85c113e5de8e4b9e02f22a48
deleted file mode 100644
index a5bcd19..0000000
--- a/src/fuzz/client_corpus/b9f96d459a63cd1b85c113e5de8e4b9e02f22a48
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/ba063e83b4accfa28f356d3c0c3395c86002c680 b/src/fuzz/client_corpus/ba063e83b4accfa28f356d3c0c3395c86002c680
new file mode 100644
index 0000000..78d70c2
--- /dev/null
+++ b/src/fuzz/client_corpus/ba063e83b4accfa28f356d3c0c3395c86002c680
Binary files differ
diff --git a/src/fuzz/client_corpus/c173db0e63f3190b7f6dfb56d66d3790fad91fc4 b/src/fuzz/client_corpus/c173db0e63f3190b7f6dfb56d66d3790fad91fc4
deleted file mode 100644
index f73e875..0000000
--- a/src/fuzz/client_corpus/c173db0e63f3190b7f6dfb56d66d3790fad91fc4
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/c4bd7329210c74eab1b00ca630503c94215957f2 b/src/fuzz/client_corpus/c4bd7329210c74eab1b00ca630503c94215957f2
deleted file mode 100644
index 39d14db..0000000
--- a/src/fuzz/client_corpus/c4bd7329210c74eab1b00ca630503c94215957f2
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/c53ede9e2bae8dc4191822b22c83cd97c74f75b9 b/src/fuzz/client_corpus/c53ede9e2bae8dc4191822b22c83cd97c74f75b9
new file mode 100644
index 0000000..e292ef1
--- /dev/null
+++ b/src/fuzz/client_corpus/c53ede9e2bae8dc4191822b22c83cd97c74f75b9
Binary files differ
diff --git a/src/fuzz/client_corpus/c788328c8de5099e6184a75f5191ef337f48e8a7 b/src/fuzz/client_corpus/c788328c8de5099e6184a75f5191ef337f48e8a7
deleted file mode 100644
index a4c276a..0000000
--- a/src/fuzz/client_corpus/c788328c8de5099e6184a75f5191ef337f48e8a7
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/ccd924524e8d51b2eaba60977c13193afdb3f920 b/src/fuzz/client_corpus/ccd924524e8d51b2eaba60977c13193afdb3f920
new file mode 100644
index 0000000..2ba4255
--- /dev/null
+++ b/src/fuzz/client_corpus/ccd924524e8d51b2eaba60977c13193afdb3f920
Binary files differ
diff --git a/src/fuzz/client_corpus/d02cbd2fbcaae96d98fae62dc63655b76fa718d4 b/src/fuzz/client_corpus/d02cbd2fbcaae96d98fae62dc63655b76fa718d4
new file mode 100644
index 0000000..535d142
--- /dev/null
+++ b/src/fuzz/client_corpus/d02cbd2fbcaae96d98fae62dc63655b76fa718d4
Binary files differ
diff --git a/src/fuzz/client_corpus/d0fce1a992b77535716aac570b0f38f23c8e9b83 b/src/fuzz/client_corpus/d0fce1a992b77535716aac570b0f38f23c8e9b83
new file mode 100644
index 0000000..c4ca88f
--- /dev/null
+++ b/src/fuzz/client_corpus/d0fce1a992b77535716aac570b0f38f23c8e9b83
Binary files differ
diff --git a/src/fuzz/client_corpus/d1a8c6d76736e52a058557b2da02eea71b2da3c4 b/src/fuzz/client_corpus/d1a8c6d76736e52a058557b2da02eea71b2da3c4
deleted file mode 100644
index 49cbe76..0000000
--- a/src/fuzz/client_corpus/d1a8c6d76736e52a058557b2da02eea71b2da3c4
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/d233b71cebdc920563b4b7067430cfb558ca855b b/src/fuzz/client_corpus/d233b71cebdc920563b4b7067430cfb558ca855b
deleted file mode 100644
index 2cd6ad6..0000000
--- a/src/fuzz/client_corpus/d233b71cebdc920563b4b7067430cfb558ca855b
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/d5bd30086dbf53ae76c39eaf20cbb8d4ab59466e b/src/fuzz/client_corpus/d5bd30086dbf53ae76c39eaf20cbb8d4ab59466e
new file mode 100644
index 0000000..7d1d924
--- /dev/null
+++ b/src/fuzz/client_corpus/d5bd30086dbf53ae76c39eaf20cbb8d4ab59466e
Binary files differ
diff --git a/src/fuzz/client_corpus/da3daabe56539c4851e7dd21a54793fec1ed7aa2 b/src/fuzz/client_corpus/da3daabe56539c4851e7dd21a54793fec1ed7aa2
new file mode 100644
index 0000000..16cf321
--- /dev/null
+++ b/src/fuzz/client_corpus/da3daabe56539c4851e7dd21a54793fec1ed7aa2
Binary files differ
diff --git a/src/fuzz/client_corpus/db0a315e9d82a5d245048d6ffed7e05b42d85671 b/src/fuzz/client_corpus/db0a315e9d82a5d245048d6ffed7e05b42d85671
new file mode 100644
index 0000000..08ebc99
--- /dev/null
+++ b/src/fuzz/client_corpus/db0a315e9d82a5d245048d6ffed7e05b42d85671
Binary files differ
diff --git a/src/fuzz/client_corpus/e1027ed036ec96728acba3d72f0a0ea5d59b9cc8 b/src/fuzz/client_corpus/e1027ed036ec96728acba3d72f0a0ea5d59b9cc8
new file mode 100644
index 0000000..460a99d
--- /dev/null
+++ b/src/fuzz/client_corpus/e1027ed036ec96728acba3d72f0a0ea5d59b9cc8
Binary files differ
diff --git a/src/fuzz/client_corpus/e38ef2823e48f897ed118c510c643766fcf1768c b/src/fuzz/client_corpus/e38ef2823e48f897ed118c510c643766fcf1768c
deleted file mode 100644
index a258d2a..0000000
--- a/src/fuzz/client_corpus/e38ef2823e48f897ed118c510c643766fcf1768c
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/e87218d1f2f884a66ca8bb2be3cb38f84b92edd6 b/src/fuzz/client_corpus/e87218d1f2f884a66ca8bb2be3cb38f84b92edd6
new file mode 100644
index 0000000..cbb4fb4
--- /dev/null
+++ b/src/fuzz/client_corpus/e87218d1f2f884a66ca8bb2be3cb38f84b92edd6
Binary files differ
diff --git a/src/fuzz/client_corpus/f0065bd261954ee93eae49517a624e3496b498ee b/src/fuzz/client_corpus/f0065bd261954ee93eae49517a624e3496b498ee
deleted file mode 100644
index 39bd8fd..0000000
--- a/src/fuzz/client_corpus/f0065bd261954ee93eae49517a624e3496b498ee
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/f35a4658f19df962e1ee63f7cedbf53aa70ac175 b/src/fuzz/client_corpus/f35a4658f19df962e1ee63f7cedbf53aa70ac175
deleted file mode 100644
index 5d20308..0000000
--- a/src/fuzz/client_corpus/f35a4658f19df962e1ee63f7cedbf53aa70ac175
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/f5af4da8f41eb4619e920f15badcaed52ab37a27 b/src/fuzz/client_corpus/f5af4da8f41eb4619e920f15badcaed52ab37a27
new file mode 100644
index 0000000..b4c60b0
--- /dev/null
+++ b/src/fuzz/client_corpus/f5af4da8f41eb4619e920f15badcaed52ab37a27
Binary files differ
diff --git a/src/fuzz/client_corpus/f63c9705fa48fff8dbd92be8a8215294da13a339 b/src/fuzz/client_corpus/f63c9705fa48fff8dbd92be8a8215294da13a339
deleted file mode 100644
index b719f44..0000000
--- a/src/fuzz/client_corpus/f63c9705fa48fff8dbd92be8a8215294da13a339
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus/fa29728083c19ba2b1fd8828499060828a6fbd9d b/src/fuzz/client_corpus/fa29728083c19ba2b1fd8828499060828a6fbd9d
new file mode 100644
index 0000000..a4ae5fe
--- /dev/null
+++ b/src/fuzz/client_corpus/fa29728083c19ba2b1fd8828499060828a6fbd9d
Binary files differ
diff --git a/src/fuzz/client_corpus/fc45a752e0663b7c446e31ff7dee01881334ed82 b/src/fuzz/client_corpus/fc45a752e0663b7c446e31ff7dee01881334ed82
new file mode 100644
index 0000000..ef3b22e
--- /dev/null
+++ b/src/fuzz/client_corpus/fc45a752e0663b7c446e31ff7dee01881334ed82
Binary files differ
diff --git a/src/fuzz/client_corpus/ffe71d0314b13356a01c259339dab080a47a2b81 b/src/fuzz/client_corpus/ffe71d0314b13356a01c259339dab080a47a2b81
deleted file mode 100644
index 9bb346c..0000000
--- a/src/fuzz/client_corpus/ffe71d0314b13356a01c259339dab080a47a2b81
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/0ea2832073ae5d65cd3474ef7573dfc6a16254ec b/src/fuzz/client_corpus_no_fuzzer_mode/0ea2832073ae5d65cd3474ef7573dfc6a16254ec
deleted file mode 100644
index 899b618..0000000
--- a/src/fuzz/client_corpus_no_fuzzer_mode/0ea2832073ae5d65cd3474ef7573dfc6a16254ec
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/122a3e27fe2ecbe7e898dca7391bc1c96687e422 b/src/fuzz/client_corpus_no_fuzzer_mode/122a3e27fe2ecbe7e898dca7391bc1c96687e422
deleted file mode 100644
index 1d06e0f..0000000
--- a/src/fuzz/client_corpus_no_fuzzer_mode/122a3e27fe2ecbe7e898dca7391bc1c96687e422
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/17f6593543c8a78c1d6c241cd93770a5d0150ad7 b/src/fuzz/client_corpus_no_fuzzer_mode/17f6593543c8a78c1d6c241cd93770a5d0150ad7
deleted file mode 100644
index a428e7d..0000000
--- a/src/fuzz/client_corpus_no_fuzzer_mode/17f6593543c8a78c1d6c241cd93770a5d0150ad7
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/27c5175e648ee441c45cdafc9ea65b0573fae7f1 b/src/fuzz/client_corpus_no_fuzzer_mode/27c5175e648ee441c45cdafc9ea65b0573fae7f1
deleted file mode 100644
index b23a1b0..0000000
--- a/src/fuzz/client_corpus_no_fuzzer_mode/27c5175e648ee441c45cdafc9ea65b0573fae7f1
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/303b60bb9d1085c215b680de06130911f1456974 b/src/fuzz/client_corpus_no_fuzzer_mode/303b60bb9d1085c215b680de06130911f1456974
deleted file mode 100644
index 965bb98..0000000
--- a/src/fuzz/client_corpus_no_fuzzer_mode/303b60bb9d1085c215b680de06130911f1456974
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/4b66cca03f93afc98bbe23921edbae7ec571349d b/src/fuzz/client_corpus_no_fuzzer_mode/4b66cca03f93afc98bbe23921edbae7ec571349d
deleted file mode 100644
index b3d263c..0000000
--- a/src/fuzz/client_corpus_no_fuzzer_mode/4b66cca03f93afc98bbe23921edbae7ec571349d
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/4f7845dba450bcb783b6960b6714053bc34137a3 b/src/fuzz/client_corpus_no_fuzzer_mode/4f7845dba450bcb783b6960b6714053bc34137a3
deleted file mode 100644
index 0728f77..0000000
--- a/src/fuzz/client_corpus_no_fuzzer_mode/4f7845dba450bcb783b6960b6714053bc34137a3
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/50df7fcb9d352351c357c3628cdccd408a4432a7 b/src/fuzz/client_corpus_no_fuzzer_mode/50df7fcb9d352351c357c3628cdccd408a4432a7
deleted file mode 100644
index 59b98dc..0000000
--- a/src/fuzz/client_corpus_no_fuzzer_mode/50df7fcb9d352351c357c3628cdccd408a4432a7
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/9e61c391be2478fa4a9e6ed79bf084d50aeaecde b/src/fuzz/client_corpus_no_fuzzer_mode/9e61c391be2478fa4a9e6ed79bf084d50aeaecde
deleted file mode 100644
index 6ee5c15..0000000
--- a/src/fuzz/client_corpus_no_fuzzer_mode/9e61c391be2478fa4a9e6ed79bf084d50aeaecde
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/9e678acd3daf9fdcef9129b9e1e3177ead675540 b/src/fuzz/client_corpus_no_fuzzer_mode/9e678acd3daf9fdcef9129b9e1e3177ead675540
deleted file mode 100644
index c7e7b9f..0000000
--- a/src/fuzz/client_corpus_no_fuzzer_mode/9e678acd3daf9fdcef9129b9e1e3177ead675540
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/a4aeb53df6a88dead0a1de205acd78a3b582ca1a b/src/fuzz/client_corpus_no_fuzzer_mode/a4aeb53df6a88dead0a1de205acd78a3b582ca1a
deleted file mode 100644
index 8df4378..0000000
--- a/src/fuzz/client_corpus_no_fuzzer_mode/a4aeb53df6a88dead0a1de205acd78a3b582ca1a
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/a64113ae9e2ca40e85f2da4693d8a50c3a663c13 b/src/fuzz/client_corpus_no_fuzzer_mode/a64113ae9e2ca40e85f2da4693d8a50c3a663c13
deleted file mode 100644
index 3900d8a..0000000
--- a/src/fuzz/client_corpus_no_fuzzer_mode/a64113ae9e2ca40e85f2da4693d8a50c3a663c13
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/ae11a7a9c514ce51f109666719f6c07cb3e683e0 b/src/fuzz/client_corpus_no_fuzzer_mode/ae11a7a9c514ce51f109666719f6c07cb3e683e0
deleted file mode 100644
index 8f1f6de..0000000
--- a/src/fuzz/client_corpus_no_fuzzer_mode/ae11a7a9c514ce51f109666719f6c07cb3e683e0
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/b1f61e1e7c66ad321f8f0cf3cc849531ce1a8ddd b/src/fuzz/client_corpus_no_fuzzer_mode/b1f61e1e7c66ad321f8f0cf3cc849531ce1a8ddd
deleted file mode 100644
index 9b16596..0000000
--- a/src/fuzz/client_corpus_no_fuzzer_mode/b1f61e1e7c66ad321f8f0cf3cc849531ce1a8ddd
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/c1e33e5466c77656b4c9ca825a21a331dd02cc22 b/src/fuzz/client_corpus_no_fuzzer_mode/c1e33e5466c77656b4c9ca825a21a331dd02cc22
deleted file mode 100644
index 78c096a..0000000
--- a/src/fuzz/client_corpus_no_fuzzer_mode/c1e33e5466c77656b4c9ca825a21a331dd02cc22
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/cc60bd93b5b993282fe942a0b78cc5e14a93e527 b/src/fuzz/client_corpus_no_fuzzer_mode/cc60bd93b5b993282fe942a0b78cc5e14a93e527
deleted file mode 100644
index 44e6b39..0000000
--- a/src/fuzz/client_corpus_no_fuzzer_mode/cc60bd93b5b993282fe942a0b78cc5e14a93e527
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/d233b71cebdc920563b4b7067430cfb558ca855b b/src/fuzz/client_corpus_no_fuzzer_mode/d233b71cebdc920563b4b7067430cfb558ca855b
deleted file mode 100644
index 2cd6ad6..0000000
--- a/src/fuzz/client_corpus_no_fuzzer_mode/d233b71cebdc920563b4b7067430cfb558ca855b
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/d636d9f8a5e92c6ffba412fc2dbc2c0c67ece39e b/src/fuzz/client_corpus_no_fuzzer_mode/d636d9f8a5e92c6ffba412fc2dbc2c0c67ece39e
deleted file mode 100644
index f836773..0000000
--- a/src/fuzz/client_corpus_no_fuzzer_mode/d636d9f8a5e92c6ffba412fc2dbc2c0c67ece39e
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/e53615202a537675257fa5bd9ea8aaaf1c2730dc b/src/fuzz/client_corpus_no_fuzzer_mode/e53615202a537675257fa5bd9ea8aaaf1c2730dc
deleted file mode 100644
index ea7f332..0000000
--- a/src/fuzz/client_corpus_no_fuzzer_mode/e53615202a537675257fa5bd9ea8aaaf1c2730dc
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/ea910d676242f1bf4f0bd42d575ea204a84ec64d b/src/fuzz/client_corpus_no_fuzzer_mode/ea910d676242f1bf4f0bd42d575ea204a84ec64d
deleted file mode 100644
index 1d6a4d1..0000000
--- a/src/fuzz/client_corpus_no_fuzzer_mode/ea910d676242f1bf4f0bd42d575ea204a84ec64d
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/f2991e821ea94b22f5c9d7b2fd76a2ded0171328 b/src/fuzz/client_corpus_no_fuzzer_mode/f2991e821ea94b22f5c9d7b2fd76a2ded0171328
deleted file mode 100644
index ba449ac..0000000
--- a/src/fuzz/client_corpus_no_fuzzer_mode/f2991e821ea94b22f5c9d7b2fd76a2ded0171328
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode.cc b/src/fuzz/client_no_fuzzer_mode.cc
new file mode 100644
index 0000000..e5f26ed
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode.cc
@@ -0,0 +1,23 @@
+// Copyright 2016 The BoringSSL Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "../ssl/test/fuzzer.h"
+
+
+static TLSFuzzer g_fuzzer(TLSFuzzer::kTLS, TLSFuzzer::kClient,
+ TLSFuzzer::kFuzzerModeOff);
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
+ return g_fuzzer.TestOneInput(buf, len);
+}
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/0406a0ce3873776e65a0fcb5f9f8e735cd110f8a b/src/fuzz/client_no_fuzzer_mode_corpus/0406a0ce3873776e65a0fcb5f9f8e735cd110f8a
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/0406a0ce3873776e65a0fcb5f9f8e735cd110f8a
rename to src/fuzz/client_no_fuzzer_mode_corpus/0406a0ce3873776e65a0fcb5f9f8e735cd110f8a
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/072afe5e9ba1fcec2b47f13e5628dff55f2131a9 b/src/fuzz/client_no_fuzzer_mode_corpus/072afe5e9ba1fcec2b47f13e5628dff55f2131a9
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/072afe5e9ba1fcec2b47f13e5628dff55f2131a9
rename to src/fuzz/client_no_fuzzer_mode_corpus/072afe5e9ba1fcec2b47f13e5628dff55f2131a9
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/0885d2f5e56debe90d702b3885edbec580af8d24 b/src/fuzz/client_no_fuzzer_mode_corpus/0885d2f5e56debe90d702b3885edbec580af8d24
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/0885d2f5e56debe90d702b3885edbec580af8d24
rename to src/fuzz/client_no_fuzzer_mode_corpus/0885d2f5e56debe90d702b3885edbec580af8d24
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/096eddc240c9044debb4cb35995671a2dd555646 b/src/fuzz/client_no_fuzzer_mode_corpus/096eddc240c9044debb4cb35995671a2dd555646
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/096eddc240c9044debb4cb35995671a2dd555646
rename to src/fuzz/client_no_fuzzer_mode_corpus/096eddc240c9044debb4cb35995671a2dd555646
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/097b025d14e29f7d92152377e73b5ccb6bb900ad b/src/fuzz/client_no_fuzzer_mode_corpus/097b025d14e29f7d92152377e73b5ccb6bb900ad
new file mode 100644
index 0000000..c40cf42
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/097b025d14e29f7d92152377e73b5ccb6bb900ad
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/0a1d783db7943f465520159b2c9b28e692cb1b2e b/src/fuzz/client_no_fuzzer_mode_corpus/0a1d783db7943f465520159b2c9b28e692cb1b2e
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/0a1d783db7943f465520159b2c9b28e692cb1b2e
rename to src/fuzz/client_no_fuzzer_mode_corpus/0a1d783db7943f465520159b2c9b28e692cb1b2e
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/0b0f3818d48b140b7660d30630e2da7be213d13c b/src/fuzz/client_no_fuzzer_mode_corpus/0b0f3818d48b140b7660d30630e2da7be213d13c
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/0b0f3818d48b140b7660d30630e2da7be213d13c
rename to src/fuzz/client_no_fuzzer_mode_corpus/0b0f3818d48b140b7660d30630e2da7be213d13c
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/0c387c40350d3f4259d32d875a1554d8252d8a50 b/src/fuzz/client_no_fuzzer_mode_corpus/0c387c40350d3f4259d32d875a1554d8252d8a50
new file mode 100644
index 0000000..fd144a0
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/0c387c40350d3f4259d32d875a1554d8252d8a50
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/0c8aabd31abb8e0ae4d7e1301220fb230d7dc99a b/src/fuzz/client_no_fuzzer_mode_corpus/0c8aabd31abb8e0ae4d7e1301220fb230d7dc99a
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/0c8aabd31abb8e0ae4d7e1301220fb230d7dc99a
rename to src/fuzz/client_no_fuzzer_mode_corpus/0c8aabd31abb8e0ae4d7e1301220fb230d7dc99a
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/11f842ca4f752d206c9f1d893f4af5b2a0ba39df b/src/fuzz/client_no_fuzzer_mode_corpus/11f842ca4f752d206c9f1d893f4af5b2a0ba39df
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/11f842ca4f752d206c9f1d893f4af5b2a0ba39df
rename to src/fuzz/client_no_fuzzer_mode_corpus/11f842ca4f752d206c9f1d893f4af5b2a0ba39df
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/13526c64ba521bed4c2da7620086ca463671592f b/src/fuzz/client_no_fuzzer_mode_corpus/13526c64ba521bed4c2da7620086ca463671592f
new file mode 100644
index 0000000..200e7bd
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/13526c64ba521bed4c2da7620086ca463671592f
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/1489f923c4dca729178b3e3233458550d8dddf29 b/src/fuzz/client_no_fuzzer_mode_corpus/1489f923c4dca729178b3e3233458550d8dddf29
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/1489f923c4dca729178b3e3233458550d8dddf29
rename to src/fuzz/client_no_fuzzer_mode_corpus/1489f923c4dca729178b3e3233458550d8dddf29
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/151f21f5cb1ffcb105ff9b51af388fef3780f217 b/src/fuzz/client_no_fuzzer_mode_corpus/151f21f5cb1ffcb105ff9b51af388fef3780f217
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/151f21f5cb1ffcb105ff9b51af388fef3780f217
rename to src/fuzz/client_no_fuzzer_mode_corpus/151f21f5cb1ffcb105ff9b51af388fef3780f217
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/15d88286efd2b01b2f19bed5be9d06e803b01200 b/src/fuzz/client_no_fuzzer_mode_corpus/15d88286efd2b01b2f19bed5be9d06e803b01200
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/15d88286efd2b01b2f19bed5be9d06e803b01200
rename to src/fuzz/client_no_fuzzer_mode_corpus/15d88286efd2b01b2f19bed5be9d06e803b01200
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/17bf733e2011f066cbc4dbd62ed9051b3bee44bc b/src/fuzz/client_no_fuzzer_mode_corpus/17bf733e2011f066cbc4dbd62ed9051b3bee44bc
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/17bf733e2011f066cbc4dbd62ed9051b3bee44bc
rename to src/fuzz/client_no_fuzzer_mode_corpus/17bf733e2011f066cbc4dbd62ed9051b3bee44bc
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/196024484e94a9d7aa4e1ed3fac5f9f4969c6956 b/src/fuzz/client_no_fuzzer_mode_corpus/196024484e94a9d7aa4e1ed3fac5f9f4969c6956
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/196024484e94a9d7aa4e1ed3fac5f9f4969c6956
rename to src/fuzz/client_no_fuzzer_mode_corpus/196024484e94a9d7aa4e1ed3fac5f9f4969c6956
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/198387c95d3a24ce414348516fc51ae5d6f46bff b/src/fuzz/client_no_fuzzer_mode_corpus/198387c95d3a24ce414348516fc51ae5d6f46bff
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/198387c95d3a24ce414348516fc51ae5d6f46bff
rename to src/fuzz/client_no_fuzzer_mode_corpus/198387c95d3a24ce414348516fc51ae5d6f46bff
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/1a99c05d8feb0b5db235cffea0d45dcaa78dd143 b/src/fuzz/client_no_fuzzer_mode_corpus/1a99c05d8feb0b5db235cffea0d45dcaa78dd143
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/1a99c05d8feb0b5db235cffea0d45dcaa78dd143
rename to src/fuzz/client_no_fuzzer_mode_corpus/1a99c05d8feb0b5db235cffea0d45dcaa78dd143
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/1bd3619ace632829246ecd717c5e2b6048649e5f b/src/fuzz/client_no_fuzzer_mode_corpus/1bd3619ace632829246ecd717c5e2b6048649e5f
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/1bd3619ace632829246ecd717c5e2b6048649e5f
rename to src/fuzz/client_no_fuzzer_mode_corpus/1bd3619ace632829246ecd717c5e2b6048649e5f
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/1ef89e5a4c6308cb40d8167759ccd1987796a0b4 b/src/fuzz/client_no_fuzzer_mode_corpus/1ef89e5a4c6308cb40d8167759ccd1987796a0b4
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/1ef89e5a4c6308cb40d8167759ccd1987796a0b4
rename to src/fuzz/client_no_fuzzer_mode_corpus/1ef89e5a4c6308cb40d8167759ccd1987796a0b4
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/1efd691b9e956ab5119a03a520a42f1855d095f8 b/src/fuzz/client_no_fuzzer_mode_corpus/1efd691b9e956ab5119a03a520a42f1855d095f8
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/1efd691b9e956ab5119a03a520a42f1855d095f8
rename to src/fuzz/client_no_fuzzer_mode_corpus/1efd691b9e956ab5119a03a520a42f1855d095f8
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/255472a1dff67bdd5cd03b12682189c32c36230f b/src/fuzz/client_no_fuzzer_mode_corpus/255472a1dff67bdd5cd03b12682189c32c36230f
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/255472a1dff67bdd5cd03b12682189c32c36230f
rename to src/fuzz/client_no_fuzzer_mode_corpus/255472a1dff67bdd5cd03b12682189c32c36230f
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/27d953a930479f1e89cf2d33d9473e94e426598f b/src/fuzz/client_no_fuzzer_mode_corpus/27d953a930479f1e89cf2d33d9473e94e426598f
new file mode 100644
index 0000000..110a4a7
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/27d953a930479f1e89cf2d33d9473e94e426598f
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/28b2ccdfe98839ef49df6be3e7c87c67629cba3c b/src/fuzz/client_no_fuzzer_mode_corpus/28b2ccdfe98839ef49df6be3e7c87c67629cba3c
new file mode 100644
index 0000000..7551f49
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/28b2ccdfe98839ef49df6be3e7c87c67629cba3c
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/28d25966f30bcb3fa3376830109d2dfcd1ec5e04 b/src/fuzz/client_no_fuzzer_mode_corpus/28d25966f30bcb3fa3376830109d2dfcd1ec5e04
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/28d25966f30bcb3fa3376830109d2dfcd1ec5e04
rename to src/fuzz/client_no_fuzzer_mode_corpus/28d25966f30bcb3fa3376830109d2dfcd1ec5e04
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/2ae0b8de2c353abb4352391fd013e5a6a9ac9e5e b/src/fuzz/client_no_fuzzer_mode_corpus/2ae0b8de2c353abb4352391fd013e5a6a9ac9e5e
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/2ae0b8de2c353abb4352391fd013e5a6a9ac9e5e
rename to src/fuzz/client_no_fuzzer_mode_corpus/2ae0b8de2c353abb4352391fd013e5a6a9ac9e5e
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/2efb50ea788432cd71beffe0c38b36a338e57e8e b/src/fuzz/client_no_fuzzer_mode_corpus/2efb50ea788432cd71beffe0c38b36a338e57e8e
new file mode 100644
index 0000000..7a6f3c4
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/2efb50ea788432cd71beffe0c38b36a338e57e8e
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/2f10f9e3ea83fa53d7bb9e514f468d1bfc3c01a9 b/src/fuzz/client_no_fuzzer_mode_corpus/2f10f9e3ea83fa53d7bb9e514f468d1bfc3c01a9
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/2f10f9e3ea83fa53d7bb9e514f468d1bfc3c01a9
rename to src/fuzz/client_no_fuzzer_mode_corpus/2f10f9e3ea83fa53d7bb9e514f468d1bfc3c01a9
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/2f7c35faedfcabf2e339a0855ba414a20a5b79f0 b/src/fuzz/client_no_fuzzer_mode_corpus/2f7c35faedfcabf2e339a0855ba414a20a5b79f0
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/2f7c35faedfcabf2e339a0855ba414a20a5b79f0
rename to src/fuzz/client_no_fuzzer_mode_corpus/2f7c35faedfcabf2e339a0855ba414a20a5b79f0
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/3061373083005b2f9bc481a52ac2089de73d6a73 b/src/fuzz/client_no_fuzzer_mode_corpus/3061373083005b2f9bc481a52ac2089de73d6a73
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/3061373083005b2f9bc481a52ac2089de73d6a73
rename to src/fuzz/client_no_fuzzer_mode_corpus/3061373083005b2f9bc481a52ac2089de73d6a73
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/308f27e07c79eb98b4964384ee4a411d637aca11 b/src/fuzz/client_no_fuzzer_mode_corpus/308f27e07c79eb98b4964384ee4a411d637aca11
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/308f27e07c79eb98b4964384ee4a411d637aca11
rename to src/fuzz/client_no_fuzzer_mode_corpus/308f27e07c79eb98b4964384ee4a411d637aca11
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/30bcbd3bf3da44431b4d8a9a50e8c936cdcbbe4e b/src/fuzz/client_no_fuzzer_mode_corpus/30bcbd3bf3da44431b4d8a9a50e8c936cdcbbe4e
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/30bcbd3bf3da44431b4d8a9a50e8c936cdcbbe4e
rename to src/fuzz/client_no_fuzzer_mode_corpus/30bcbd3bf3da44431b4d8a9a50e8c936cdcbbe4e
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/3142b8fa87c64bda644eb691791d669b1781e2a0 b/src/fuzz/client_no_fuzzer_mode_corpus/3142b8fa87c64bda644eb691791d669b1781e2a0
new file mode 100644
index 0000000..cd0cd04
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/3142b8fa87c64bda644eb691791d669b1781e2a0
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/321847a2ce634faeaffa56ae79df8d5a568d4f41 b/src/fuzz/client_no_fuzzer_mode_corpus/321847a2ce634faeaffa56ae79df8d5a568d4f41
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/321847a2ce634faeaffa56ae79df8d5a568d4f41
rename to src/fuzz/client_no_fuzzer_mode_corpus/321847a2ce634faeaffa56ae79df8d5a568d4f41
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/32759b9b755a4793c190395f3a4f083c88de8100 b/src/fuzz/client_no_fuzzer_mode_corpus/32759b9b755a4793c190395f3a4f083c88de8100
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/32759b9b755a4793c190395f3a4f083c88de8100
rename to src/fuzz/client_no_fuzzer_mode_corpus/32759b9b755a4793c190395f3a4f083c88de8100
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/32928f8ffca1409175feb2eb227c37948a77a9ab b/src/fuzz/client_no_fuzzer_mode_corpus/32928f8ffca1409175feb2eb227c37948a77a9ab
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/32928f8ffca1409175feb2eb227c37948a77a9ab
rename to src/fuzz/client_no_fuzzer_mode_corpus/32928f8ffca1409175feb2eb227c37948a77a9ab
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/33534cd816af0da589f5acf0aff55d34f380af53 b/src/fuzz/client_no_fuzzer_mode_corpus/33534cd816af0da589f5acf0aff55d34f380af53
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/33534cd816af0da589f5acf0aff55d34f380af53
rename to src/fuzz/client_no_fuzzer_mode_corpus/33534cd816af0da589f5acf0aff55d34f380af53
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/35b6f5a0f0cf102b0ebe24deecb63e8a28f41bab b/src/fuzz/client_no_fuzzer_mode_corpus/35b6f5a0f0cf102b0ebe24deecb63e8a28f41bab
new file mode 100644
index 0000000..d88a343
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/35b6f5a0f0cf102b0ebe24deecb63e8a28f41bab
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/364fe53a69109d29ea9de3beb2377b173df412a1 b/src/fuzz/client_no_fuzzer_mode_corpus/364fe53a69109d29ea9de3beb2377b173df412a1
new file mode 100644
index 0000000..dbf5703
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/364fe53a69109d29ea9de3beb2377b173df412a1
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/372b95c854577b041dafad1e0f7005642e70d416 b/src/fuzz/client_no_fuzzer_mode_corpus/372b95c854577b041dafad1e0f7005642e70d416
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/372b95c854577b041dafad1e0f7005642e70d416
rename to src/fuzz/client_no_fuzzer_mode_corpus/372b95c854577b041dafad1e0f7005642e70d416
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/3849f809f030d1094d19cce6a636befba1281009 b/src/fuzz/client_no_fuzzer_mode_corpus/3849f809f030d1094d19cce6a636befba1281009
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/3849f809f030d1094d19cce6a636befba1281009
rename to src/fuzz/client_no_fuzzer_mode_corpus/3849f809f030d1094d19cce6a636befba1281009
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/39448989ad2e60a738afa81c2cbd14e0fa44a72c b/src/fuzz/client_no_fuzzer_mode_corpus/39448989ad2e60a738afa81c2cbd14e0fa44a72c
new file mode 100644
index 0000000..54a4e47
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/39448989ad2e60a738afa81c2cbd14e0fa44a72c
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/3948bed942bd57a28bd3b0b78bc8760f625b8c0c b/src/fuzz/client_no_fuzzer_mode_corpus/3948bed942bd57a28bd3b0b78bc8760f625b8c0c
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/3948bed942bd57a28bd3b0b78bc8760f625b8c0c
rename to src/fuzz/client_no_fuzzer_mode_corpus/3948bed942bd57a28bd3b0b78bc8760f625b8c0c
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/39d44f5e3d2c70593e82506504825e556f1003ad b/src/fuzz/client_no_fuzzer_mode_corpus/39d44f5e3d2c70593e82506504825e556f1003ad
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/39d44f5e3d2c70593e82506504825e556f1003ad
rename to src/fuzz/client_no_fuzzer_mode_corpus/39d44f5e3d2c70593e82506504825e556f1003ad
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/3a63ce2d84ccc70bc35b6c7b2849b606785dd032 b/src/fuzz/client_no_fuzzer_mode_corpus/3a63ce2d84ccc70bc35b6c7b2849b606785dd032
new file mode 100644
index 0000000..cc07ddc
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/3a63ce2d84ccc70bc35b6c7b2849b606785dd032
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/3b402925b3ed581d86ba39c3949810f26f6f28ad b/src/fuzz/client_no_fuzzer_mode_corpus/3b402925b3ed581d86ba39c3949810f26f6f28ad
new file mode 100644
index 0000000..c2dcec7
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/3b402925b3ed581d86ba39c3949810f26f6f28ad
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/3d543946691b7da695c51f06788f1fbdbba0078e b/src/fuzz/client_no_fuzzer_mode_corpus/3d543946691b7da695c51f06788f1fbdbba0078e
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/3d543946691b7da695c51f06788f1fbdbba0078e
rename to src/fuzz/client_no_fuzzer_mode_corpus/3d543946691b7da695c51f06788f1fbdbba0078e
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/3e153e6b6d0146a43ec3fd09464f942704daf1a4 b/src/fuzz/client_no_fuzzer_mode_corpus/3e153e6b6d0146a43ec3fd09464f942704daf1a4
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/3e153e6b6d0146a43ec3fd09464f942704daf1a4
rename to src/fuzz/client_no_fuzzer_mode_corpus/3e153e6b6d0146a43ec3fd09464f942704daf1a4
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/3fb9220ae4d3f9b932efb342db26b96938767750 b/src/fuzz/client_no_fuzzer_mode_corpus/3fb9220ae4d3f9b932efb342db26b96938767750
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/3fb9220ae4d3f9b932efb342db26b96938767750
rename to src/fuzz/client_no_fuzzer_mode_corpus/3fb9220ae4d3f9b932efb342db26b96938767750
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/40b6d468cd4142d775eb3b79f6b1900405502b90 b/src/fuzz/client_no_fuzzer_mode_corpus/40b6d468cd4142d775eb3b79f6b1900405502b90
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/40b6d468cd4142d775eb3b79f6b1900405502b90
rename to src/fuzz/client_no_fuzzer_mode_corpus/40b6d468cd4142d775eb3b79f6b1900405502b90
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/41a069cf62fef316e92aa67f42a0265ec974d1b3 b/src/fuzz/client_no_fuzzer_mode_corpus/41a069cf62fef316e92aa67f42a0265ec974d1b3
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/41a069cf62fef316e92aa67f42a0265ec974d1b3
rename to src/fuzz/client_no_fuzzer_mode_corpus/41a069cf62fef316e92aa67f42a0265ec974d1b3
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/4231fbee5082d2873c44ce777f37a5acf705b415 b/src/fuzz/client_no_fuzzer_mode_corpus/4231fbee5082d2873c44ce777f37a5acf705b415
new file mode 100644
index 0000000..0d7d42d
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/4231fbee5082d2873c44ce777f37a5acf705b415
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/42f8174145a9cd2d15016b4cf0d6db97cb884b04 b/src/fuzz/client_no_fuzzer_mode_corpus/42f8174145a9cd2d15016b4cf0d6db97cb884b04
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/42f8174145a9cd2d15016b4cf0d6db97cb884b04
rename to src/fuzz/client_no_fuzzer_mode_corpus/42f8174145a9cd2d15016b4cf0d6db97cb884b04
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/43008da4f82a6b0997a881bd55a4f1448b14f6a2 b/src/fuzz/client_no_fuzzer_mode_corpus/43008da4f82a6b0997a881bd55a4f1448b14f6a2
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/43008da4f82a6b0997a881bd55a4f1448b14f6a2
rename to src/fuzz/client_no_fuzzer_mode_corpus/43008da4f82a6b0997a881bd55a4f1448b14f6a2
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/43d550b1eef83a237a3d96a85eca01afca7f4064 b/src/fuzz/client_no_fuzzer_mode_corpus/43d550b1eef83a237a3d96a85eca01afca7f4064
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/43d550b1eef83a237a3d96a85eca01afca7f4064
rename to src/fuzz/client_no_fuzzer_mode_corpus/43d550b1eef83a237a3d96a85eca01afca7f4064
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/4552802489552783e316f1edf339a112643381f9 b/src/fuzz/client_no_fuzzer_mode_corpus/4552802489552783e316f1edf339a112643381f9
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/4552802489552783e316f1edf339a112643381f9
rename to src/fuzz/client_no_fuzzer_mode_corpus/4552802489552783e316f1edf339a112643381f9
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/461bb6e7d93af42775a640b70b6043d3c43f990d b/src/fuzz/client_no_fuzzer_mode_corpus/461bb6e7d93af42775a640b70b6043d3c43f990d
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/461bb6e7d93af42775a640b70b6043d3c43f990d
rename to src/fuzz/client_no_fuzzer_mode_corpus/461bb6e7d93af42775a640b70b6043d3c43f990d
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/46a9fc44bab25ddf24e92c4f137080bbd8684f10 b/src/fuzz/client_no_fuzzer_mode_corpus/46a9fc44bab25ddf24e92c4f137080bbd8684f10
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/46a9fc44bab25ddf24e92c4f137080bbd8684f10
rename to src/fuzz/client_no_fuzzer_mode_corpus/46a9fc44bab25ddf24e92c4f137080bbd8684f10
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/46be951703158b1af3986c9f0eade0bdb618f5c3 b/src/fuzz/client_no_fuzzer_mode_corpus/46be951703158b1af3986c9f0eade0bdb618f5c3
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/46be951703158b1af3986c9f0eade0bdb618f5c3
rename to src/fuzz/client_no_fuzzer_mode_corpus/46be951703158b1af3986c9f0eade0bdb618f5c3
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/4856721e2cf47eebec756e23c877558b4cb10f3f b/src/fuzz/client_no_fuzzer_mode_corpus/4856721e2cf47eebec756e23c877558b4cb10f3f
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/4856721e2cf47eebec756e23c877558b4cb10f3f
rename to src/fuzz/client_no_fuzzer_mode_corpus/4856721e2cf47eebec756e23c877558b4cb10f3f
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/4a43d832406bb9eb0706b717e5af4c977d88f67e b/src/fuzz/client_no_fuzzer_mode_corpus/4a43d832406bb9eb0706b717e5af4c977d88f67e
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/4a43d832406bb9eb0706b717e5af4c977d88f67e
rename to src/fuzz/client_no_fuzzer_mode_corpus/4a43d832406bb9eb0706b717e5af4c977d88f67e
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/4a8349850aab837eadebfe0d1a49a84adac18fab b/src/fuzz/client_no_fuzzer_mode_corpus/4a8349850aab837eadebfe0d1a49a84adac18fab
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/4a8349850aab837eadebfe0d1a49a84adac18fab
rename to src/fuzz/client_no_fuzzer_mode_corpus/4a8349850aab837eadebfe0d1a49a84adac18fab
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/4ad796d335814bab0d3bbe5b50c1898eb9eb96d4 b/src/fuzz/client_no_fuzzer_mode_corpus/4ad796d335814bab0d3bbe5b50c1898eb9eb96d4
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/4ad796d335814bab0d3bbe5b50c1898eb9eb96d4
rename to src/fuzz/client_no_fuzzer_mode_corpus/4ad796d335814bab0d3bbe5b50c1898eb9eb96d4
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/4b67f6e81d4c05c21b1cbc336c8bfa632dd7fc18 b/src/fuzz/client_no_fuzzer_mode_corpus/4b67f6e81d4c05c21b1cbc336c8bfa632dd7fc18
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/4b67f6e81d4c05c21b1cbc336c8bfa632dd7fc18
rename to src/fuzz/client_no_fuzzer_mode_corpus/4b67f6e81d4c05c21b1cbc336c8bfa632dd7fc18
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/4c108c7588df5d3a0a70725d2ee59b180b30f455 b/src/fuzz/client_no_fuzzer_mode_corpus/4c108c7588df5d3a0a70725d2ee59b180b30f455
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/4c108c7588df5d3a0a70725d2ee59b180b30f455
rename to src/fuzz/client_no_fuzzer_mode_corpus/4c108c7588df5d3a0a70725d2ee59b180b30f455
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/4cfff273128abfdf42e0ead3c0c98d53bab74a68 b/src/fuzz/client_no_fuzzer_mode_corpus/4cfff273128abfdf42e0ead3c0c98d53bab74a68
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/4cfff273128abfdf42e0ead3c0c98d53bab74a68
rename to src/fuzz/client_no_fuzzer_mode_corpus/4cfff273128abfdf42e0ead3c0c98d53bab74a68
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/52eab1080ae6856eb5dc5e13996ebb225d97b918 b/src/fuzz/client_no_fuzzer_mode_corpus/52eab1080ae6856eb5dc5e13996ebb225d97b918
new file mode 100644
index 0000000..22b4618
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/52eab1080ae6856eb5dc5e13996ebb225d97b918
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/5326b1ab999cbca2d5e4525e368b4a31f0357088 b/src/fuzz/client_no_fuzzer_mode_corpus/5326b1ab999cbca2d5e4525e368b4a31f0357088
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/5326b1ab999cbca2d5e4525e368b4a31f0357088
rename to src/fuzz/client_no_fuzzer_mode_corpus/5326b1ab999cbca2d5e4525e368b4a31f0357088
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/53ca7b40934b63df766c5dc95abd75fac34eab0c b/src/fuzz/client_no_fuzzer_mode_corpus/53ca7b40934b63df766c5dc95abd75fac34eab0c
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/53ca7b40934b63df766c5dc95abd75fac34eab0c
rename to src/fuzz/client_no_fuzzer_mode_corpus/53ca7b40934b63df766c5dc95abd75fac34eab0c
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/54de963a4c073668a7728fd22f83881451b46b65 b/src/fuzz/client_no_fuzzer_mode_corpus/54de963a4c073668a7728fd22f83881451b46b65
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/54de963a4c073668a7728fd22f83881451b46b65
rename to src/fuzz/client_no_fuzzer_mode_corpus/54de963a4c073668a7728fd22f83881451b46b65
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/554d380008acbad20916f43fdf249e94b822ddfe b/src/fuzz/client_no_fuzzer_mode_corpus/554d380008acbad20916f43fdf249e94b822ddfe
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/554d380008acbad20916f43fdf249e94b822ddfe
rename to src/fuzz/client_no_fuzzer_mode_corpus/554d380008acbad20916f43fdf249e94b822ddfe
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/564cfd52b7873bea5d715c87b4ec56053ebd14e4 b/src/fuzz/client_no_fuzzer_mode_corpus/564cfd52b7873bea5d715c87b4ec56053ebd14e4
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/564cfd52b7873bea5d715c87b4ec56053ebd14e4
rename to src/fuzz/client_no_fuzzer_mode_corpus/564cfd52b7873bea5d715c87b4ec56053ebd14e4
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/57cdb41b10c91c1461a690397683acce0bc23595 b/src/fuzz/client_no_fuzzer_mode_corpus/57cdb41b10c91c1461a690397683acce0bc23595
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/57cdb41b10c91c1461a690397683acce0bc23595
rename to src/fuzz/client_no_fuzzer_mode_corpus/57cdb41b10c91c1461a690397683acce0bc23595
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/57e66cd964d46e9a1eb8bb03c35b5a9b6c79487b b/src/fuzz/client_no_fuzzer_mode_corpus/57e66cd964d46e9a1eb8bb03c35b5a9b6c79487b
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/57e66cd964d46e9a1eb8bb03c35b5a9b6c79487b
rename to src/fuzz/client_no_fuzzer_mode_corpus/57e66cd964d46e9a1eb8bb03c35b5a9b6c79487b
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/5837fe69b76cfe5fba1d11efccddcab6f2396b5a b/src/fuzz/client_no_fuzzer_mode_corpus/5837fe69b76cfe5fba1d11efccddcab6f2396b5a
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/5837fe69b76cfe5fba1d11efccddcab6f2396b5a
rename to src/fuzz/client_no_fuzzer_mode_corpus/5837fe69b76cfe5fba1d11efccddcab6f2396b5a
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/58b40f20324f77a88604e1866e6dbe13182e8b72 b/src/fuzz/client_no_fuzzer_mode_corpus/58b40f20324f77a88604e1866e6dbe13182e8b72
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/58b40f20324f77a88604e1866e6dbe13182e8b72
rename to src/fuzz/client_no_fuzzer_mode_corpus/58b40f20324f77a88604e1866e6dbe13182e8b72
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/5a470bceaa3bae05ed0f360a6b410c779ba0003b b/src/fuzz/client_no_fuzzer_mode_corpus/5a470bceaa3bae05ed0f360a6b410c779ba0003b
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/5a470bceaa3bae05ed0f360a6b410c779ba0003b
rename to src/fuzz/client_no_fuzzer_mode_corpus/5a470bceaa3bae05ed0f360a6b410c779ba0003b
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/5bcda6ff42d95781bdf79b7df73362743181bb37 b/src/fuzz/client_no_fuzzer_mode_corpus/5bcda6ff42d95781bdf79b7df73362743181bb37
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/5bcda6ff42d95781bdf79b7df73362743181bb37
rename to src/fuzz/client_no_fuzzer_mode_corpus/5bcda6ff42d95781bdf79b7df73362743181bb37
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/5d68e739190e5f8eceed6fa26c5c24d454974b76 b/src/fuzz/client_no_fuzzer_mode_corpus/5d68e739190e5f8eceed6fa26c5c24d454974b76
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/5d68e739190e5f8eceed6fa26c5c24d454974b76
rename to src/fuzz/client_no_fuzzer_mode_corpus/5d68e739190e5f8eceed6fa26c5c24d454974b76
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/5d8c35e774db92e469cb224592a4afdae9ec8846 b/src/fuzz/client_no_fuzzer_mode_corpus/5d8c35e774db92e469cb224592a4afdae9ec8846
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/5d8c35e774db92e469cb224592a4afdae9ec8846
rename to src/fuzz/client_no_fuzzer_mode_corpus/5d8c35e774db92e469cb224592a4afdae9ec8846
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/5ec26ce93fcfef50c4d818b5852dccc3d964cd88 b/src/fuzz/client_no_fuzzer_mode_corpus/5ec26ce93fcfef50c4d818b5852dccc3d964cd88
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/5ec26ce93fcfef50c4d818b5852dccc3d964cd88
rename to src/fuzz/client_no_fuzzer_mode_corpus/5ec26ce93fcfef50c4d818b5852dccc3d964cd88
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/6293fac74bf94aefe343aaaa979f05d63d217664 b/src/fuzz/client_no_fuzzer_mode_corpus/6293fac74bf94aefe343aaaa979f05d63d217664
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/6293fac74bf94aefe343aaaa979f05d63d217664
rename to src/fuzz/client_no_fuzzer_mode_corpus/6293fac74bf94aefe343aaaa979f05d63d217664
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/641f9bf3f164cc63c71b806fc0eaf673ec796b09 b/src/fuzz/client_no_fuzzer_mode_corpus/641f9bf3f164cc63c71b806fc0eaf673ec796b09
new file mode 100644
index 0000000..ec20253
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/641f9bf3f164cc63c71b806fc0eaf673ec796b09
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/6485e23f6bc3d84a6fb8cff8ffcdc1854b0e4ba4 b/src/fuzz/client_no_fuzzer_mode_corpus/6485e23f6bc3d84a6fb8cff8ffcdc1854b0e4ba4
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/6485e23f6bc3d84a6fb8cff8ffcdc1854b0e4ba4
rename to src/fuzz/client_no_fuzzer_mode_corpus/6485e23f6bc3d84a6fb8cff8ffcdc1854b0e4ba4
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/669266bdf7f920870d296bb56b84c5e887e1f51b b/src/fuzz/client_no_fuzzer_mode_corpus/669266bdf7f920870d296bb56b84c5e887e1f51b
new file mode 100644
index 0000000..25bc695
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/669266bdf7f920870d296bb56b84c5e887e1f51b
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/66e7a5d0682175c1c0125b2b46d5312e07bcde98 b/src/fuzz/client_no_fuzzer_mode_corpus/66e7a5d0682175c1c0125b2b46d5312e07bcde98
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/66e7a5d0682175c1c0125b2b46d5312e07bcde98
rename to src/fuzz/client_no_fuzzer_mode_corpus/66e7a5d0682175c1c0125b2b46d5312e07bcde98
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/6755737227f4a22c52504d5d8f40ae9b4e64cffb b/src/fuzz/client_no_fuzzer_mode_corpus/6755737227f4a22c52504d5d8f40ae9b4e64cffb
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/6755737227f4a22c52504d5d8f40ae9b4e64cffb
rename to src/fuzz/client_no_fuzzer_mode_corpus/6755737227f4a22c52504d5d8f40ae9b4e64cffb
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/6788b372c40f83a7dd2d29dd2d0f8f94d7f077bd b/src/fuzz/client_no_fuzzer_mode_corpus/6788b372c40f83a7dd2d29dd2d0f8f94d7f077bd
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/6788b372c40f83a7dd2d29dd2d0f8f94d7f077bd
rename to src/fuzz/client_no_fuzzer_mode_corpus/6788b372c40f83a7dd2d29dd2d0f8f94d7f077bd
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/6991365467c8619c71581bffc9c30f65975e700c b/src/fuzz/client_no_fuzzer_mode_corpus/6991365467c8619c71581bffc9c30f65975e700c
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/6991365467c8619c71581bffc9c30f65975e700c
rename to src/fuzz/client_no_fuzzer_mode_corpus/6991365467c8619c71581bffc9c30f65975e700c
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/6bb2c140712c00af87ee8f7208ce5843af6e7072 b/src/fuzz/client_no_fuzzer_mode_corpus/6bb2c140712c00af87ee8f7208ce5843af6e7072
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/6bb2c140712c00af87ee8f7208ce5843af6e7072
rename to src/fuzz/client_no_fuzzer_mode_corpus/6bb2c140712c00af87ee8f7208ce5843af6e7072
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/6c4da1109f815449cd487b96fe59ddc3060a535f b/src/fuzz/client_no_fuzzer_mode_corpus/6c4da1109f815449cd487b96fe59ddc3060a535f
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/6c4da1109f815449cd487b96fe59ddc3060a535f
rename to src/fuzz/client_no_fuzzer_mode_corpus/6c4da1109f815449cd487b96fe59ddc3060a535f
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/6d869da19df18992541b89b783009cc5e69868bd b/src/fuzz/client_no_fuzzer_mode_corpus/6d869da19df18992541b89b783009cc5e69868bd
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/6d869da19df18992541b89b783009cc5e69868bd
rename to src/fuzz/client_no_fuzzer_mode_corpus/6d869da19df18992541b89b783009cc5e69868bd
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/6e2ccd0ae5e2d1934e717cbd1ecb6befa9ed6140 b/src/fuzz/client_no_fuzzer_mode_corpus/6e2ccd0ae5e2d1934e717cbd1ecb6befa9ed6140
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/6e2ccd0ae5e2d1934e717cbd1ecb6befa9ed6140
rename to src/fuzz/client_no_fuzzer_mode_corpus/6e2ccd0ae5e2d1934e717cbd1ecb6befa9ed6140
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/6f2ef80912b8292e54be7d627ae04b056ec32cb0 b/src/fuzz/client_no_fuzzer_mode_corpus/6f2ef80912b8292e54be7d627ae04b056ec32cb0
new file mode 100644
index 0000000..e8e0a74
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/6f2ef80912b8292e54be7d627ae04b056ec32cb0
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/715ea107bb66d37a57161139384852e434f5e9af b/src/fuzz/client_no_fuzzer_mode_corpus/715ea107bb66d37a57161139384852e434f5e9af
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/715ea107bb66d37a57161139384852e434f5e9af
rename to src/fuzz/client_no_fuzzer_mode_corpus/715ea107bb66d37a57161139384852e434f5e9af
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/71a53759871766a1777635ac953a0397aec89b49 b/src/fuzz/client_no_fuzzer_mode_corpus/71a53759871766a1777635ac953a0397aec89b49
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/71a53759871766a1777635ac953a0397aec89b49
rename to src/fuzz/client_no_fuzzer_mode_corpus/71a53759871766a1777635ac953a0397aec89b49
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/72db38ec7e0b96489820750d33cfeca38868cc50 b/src/fuzz/client_no_fuzzer_mode_corpus/72db38ec7e0b96489820750d33cfeca38868cc50
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/72db38ec7e0b96489820750d33cfeca38868cc50
rename to src/fuzz/client_no_fuzzer_mode_corpus/72db38ec7e0b96489820750d33cfeca38868cc50
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/7461f62ca214c576c43dc6024f126056f54c044f b/src/fuzz/client_no_fuzzer_mode_corpus/7461f62ca214c576c43dc6024f126056f54c044f
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/7461f62ca214c576c43dc6024f126056f54c044f
rename to src/fuzz/client_no_fuzzer_mode_corpus/7461f62ca214c576c43dc6024f126056f54c044f
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/74de0c746d7d094bd79797a013743e8531d6b642 b/src/fuzz/client_no_fuzzer_mode_corpus/74de0c746d7d094bd79797a013743e8531d6b642
new file mode 100644
index 0000000..f221bff
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/74de0c746d7d094bd79797a013743e8531d6b642
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/752ba4ace927edd3ef0fc70516b2fc55c383c1ca b/src/fuzz/client_no_fuzzer_mode_corpus/752ba4ace927edd3ef0fc70516b2fc55c383c1ca
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/752ba4ace927edd3ef0fc70516b2fc55c383c1ca
rename to src/fuzz/client_no_fuzzer_mode_corpus/752ba4ace927edd3ef0fc70516b2fc55c383c1ca
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/759606f3e01eb7a55aa16d40af0b9d4dc03ca02a b/src/fuzz/client_no_fuzzer_mode_corpus/759606f3e01eb7a55aa16d40af0b9d4dc03ca02a
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/759606f3e01eb7a55aa16d40af0b9d4dc03ca02a
rename to src/fuzz/client_no_fuzzer_mode_corpus/759606f3e01eb7a55aa16d40af0b9d4dc03ca02a
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/7690aaee06c6d307efabc1ec7b40ae8035323bd6 b/src/fuzz/client_no_fuzzer_mode_corpus/7690aaee06c6d307efabc1ec7b40ae8035323bd6
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/7690aaee06c6d307efabc1ec7b40ae8035323bd6
rename to src/fuzz/client_no_fuzzer_mode_corpus/7690aaee06c6d307efabc1ec7b40ae8035323bd6
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/76a6426c9e3c75daa67a10c125a9bc3b79ee4908 b/src/fuzz/client_no_fuzzer_mode_corpus/76a6426c9e3c75daa67a10c125a9bc3b79ee4908
new file mode 100644
index 0000000..5f56335
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/76a6426c9e3c75daa67a10c125a9bc3b79ee4908
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/780a84fcc9d2572b250467d8084def560be9073c b/src/fuzz/client_no_fuzzer_mode_corpus/780a84fcc9d2572b250467d8084def560be9073c
new file mode 100644
index 0000000..da7dd18
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/780a84fcc9d2572b250467d8084def560be9073c
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/78be03dce34d5a034897e179c051ddcfe0e7f9e5 b/src/fuzz/client_no_fuzzer_mode_corpus/78be03dce34d5a034897e179c051ddcfe0e7f9e5
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/78be03dce34d5a034897e179c051ddcfe0e7f9e5
rename to src/fuzz/client_no_fuzzer_mode_corpus/78be03dce34d5a034897e179c051ddcfe0e7f9e5
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/798eb6f6cd396eaefcc583e5105c7b4298ac3f3c b/src/fuzz/client_no_fuzzer_mode_corpus/798eb6f6cd396eaefcc583e5105c7b4298ac3f3c
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/798eb6f6cd396eaefcc583e5105c7b4298ac3f3c
rename to src/fuzz/client_no_fuzzer_mode_corpus/798eb6f6cd396eaefcc583e5105c7b4298ac3f3c
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/79e14f63c4d09bea200ca22765808d1566dbbfb6 b/src/fuzz/client_no_fuzzer_mode_corpus/79e14f63c4d09bea200ca22765808d1566dbbfb6
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/79e14f63c4d09bea200ca22765808d1566dbbfb6
rename to src/fuzz/client_no_fuzzer_mode_corpus/79e14f63c4d09bea200ca22765808d1566dbbfb6
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/7a960e8b8537fa769d9d105ae28792149bc7b546 b/src/fuzz/client_no_fuzzer_mode_corpus/7a960e8b8537fa769d9d105ae28792149bc7b546
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/7a960e8b8537fa769d9d105ae28792149bc7b546
rename to src/fuzz/client_no_fuzzer_mode_corpus/7a960e8b8537fa769d9d105ae28792149bc7b546
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/7bbc30cc86d24f0d0462ba712c786bd56821d699 b/src/fuzz/client_no_fuzzer_mode_corpus/7bbc30cc86d24f0d0462ba712c786bd56821d699
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/7bbc30cc86d24f0d0462ba712c786bd56821d699
rename to src/fuzz/client_no_fuzzer_mode_corpus/7bbc30cc86d24f0d0462ba712c786bd56821d699
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/7bf2629128b91edc6fd53bafa9b56b6108ea0562 b/src/fuzz/client_no_fuzzer_mode_corpus/7bf2629128b91edc6fd53bafa9b56b6108ea0562
new file mode 100644
index 0000000..70e1546
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/7bf2629128b91edc6fd53bafa9b56b6108ea0562
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/7d7f767e98437ae3f09759a9ebc5b9f9c9864110 b/src/fuzz/client_no_fuzzer_mode_corpus/7d7f767e98437ae3f09759a9ebc5b9f9c9864110
new file mode 100644
index 0000000..0f36a6c
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/7d7f767e98437ae3f09759a9ebc5b9f9c9864110
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/7ef87ee636938c2bb4235227cc5347d8adae7196 b/src/fuzz/client_no_fuzzer_mode_corpus/7ef87ee636938c2bb4235227cc5347d8adae7196
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/7ef87ee636938c2bb4235227cc5347d8adae7196
rename to src/fuzz/client_no_fuzzer_mode_corpus/7ef87ee636938c2bb4235227cc5347d8adae7196
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/7f94fe1d8d2e9fcbe8a689ea405d283e0dbdec53 b/src/fuzz/client_no_fuzzer_mode_corpus/7f94fe1d8d2e9fcbe8a689ea405d283e0dbdec53
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/7f94fe1d8d2e9fcbe8a689ea405d283e0dbdec53
rename to src/fuzz/client_no_fuzzer_mode_corpus/7f94fe1d8d2e9fcbe8a689ea405d283e0dbdec53
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/8172072778eeb36c76c630dfe2df10ad2e538b55 b/src/fuzz/client_no_fuzzer_mode_corpus/8172072778eeb36c76c630dfe2df10ad2e538b55
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/8172072778eeb36c76c630dfe2df10ad2e538b55
rename to src/fuzz/client_no_fuzzer_mode_corpus/8172072778eeb36c76c630dfe2df10ad2e538b55
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/81de5ce745cff95ee4005cd3d00e5d149cce4013 b/src/fuzz/client_no_fuzzer_mode_corpus/81de5ce745cff95ee4005cd3d00e5d149cce4013
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/81de5ce745cff95ee4005cd3d00e5d149cce4013
rename to src/fuzz/client_no_fuzzer_mode_corpus/81de5ce745cff95ee4005cd3d00e5d149cce4013
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/820f772e67ae14c9c876144baed0c94a30d4cfad b/src/fuzz/client_no_fuzzer_mode_corpus/820f772e67ae14c9c876144baed0c94a30d4cfad
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/820f772e67ae14c9c876144baed0c94a30d4cfad
rename to src/fuzz/client_no_fuzzer_mode_corpus/820f772e67ae14c9c876144baed0c94a30d4cfad
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/8369bfd82d90cd8fa5bd6baefee91bc5d20d15d2 b/src/fuzz/client_no_fuzzer_mode_corpus/8369bfd82d90cd8fa5bd6baefee91bc5d20d15d2
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/8369bfd82d90cd8fa5bd6baefee91bc5d20d15d2
rename to src/fuzz/client_no_fuzzer_mode_corpus/8369bfd82d90cd8fa5bd6baefee91bc5d20d15d2
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/838e4e375d628e8fa42d455b603c888a83d70d05 b/src/fuzz/client_no_fuzzer_mode_corpus/838e4e375d628e8fa42d455b603c888a83d70d05
new file mode 100644
index 0000000..8b23655
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/838e4e375d628e8fa42d455b603c888a83d70d05
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/850c011baf104aa882f5b27d4048f299c7ff902d b/src/fuzz/client_no_fuzzer_mode_corpus/850c011baf104aa882f5b27d4048f299c7ff902d
new file mode 100644
index 0000000..c7444db
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/850c011baf104aa882f5b27d4048f299c7ff902d
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/8662df29e6376489a950812aa5a5ff9c44a2a65d b/src/fuzz/client_no_fuzzer_mode_corpus/8662df29e6376489a950812aa5a5ff9c44a2a65d
new file mode 100644
index 0000000..c894cb7
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/8662df29e6376489a950812aa5a5ff9c44a2a65d
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/87762fe096e0042e7d6b376c705010bbbdada192 b/src/fuzz/client_no_fuzzer_mode_corpus/87762fe096e0042e7d6b376c705010bbbdada192
new file mode 100644
index 0000000..ac2da76
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/87762fe096e0042e7d6b376c705010bbbdada192
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/8a1c75bde791aa363cba0a6a146a098aef100e07 b/src/fuzz/client_no_fuzzer_mode_corpus/8a1c75bde791aa363cba0a6a146a098aef100e07
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/8a1c75bde791aa363cba0a6a146a098aef100e07
rename to src/fuzz/client_no_fuzzer_mode_corpus/8a1c75bde791aa363cba0a6a146a098aef100e07
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/8a59f02a23c0345533220925e57c316ef7de552b b/src/fuzz/client_no_fuzzer_mode_corpus/8a59f02a23c0345533220925e57c316ef7de552b
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/8a59f02a23c0345533220925e57c316ef7de552b
rename to src/fuzz/client_no_fuzzer_mode_corpus/8a59f02a23c0345533220925e57c316ef7de552b
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/8c1d1ac4961975e7ff6592a8293046e8b00d87b1 b/src/fuzz/client_no_fuzzer_mode_corpus/8c1d1ac4961975e7ff6592a8293046e8b00d87b1
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/8c1d1ac4961975e7ff6592a8293046e8b00d87b1
rename to src/fuzz/client_no_fuzzer_mode_corpus/8c1d1ac4961975e7ff6592a8293046e8b00d87b1
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/8cc3c96276b65dfa9cdd6012fdc0bc6a085ea146 b/src/fuzz/client_no_fuzzer_mode_corpus/8cc3c96276b65dfa9cdd6012fdc0bc6a085ea146
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/8cc3c96276b65dfa9cdd6012fdc0bc6a085ea146
rename to src/fuzz/client_no_fuzzer_mode_corpus/8cc3c96276b65dfa9cdd6012fdc0bc6a085ea146
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/8d95927e1a1d8deaf76c328979171a041ed0cd6a b/src/fuzz/client_no_fuzzer_mode_corpus/8d95927e1a1d8deaf76c328979171a041ed0cd6a
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/8d95927e1a1d8deaf76c328979171a041ed0cd6a
rename to src/fuzz/client_no_fuzzer_mode_corpus/8d95927e1a1d8deaf76c328979171a041ed0cd6a
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/8d9d6cfc1b60fff0eac72f537aa04900e3b6049b b/src/fuzz/client_no_fuzzer_mode_corpus/8d9d6cfc1b60fff0eac72f537aa04900e3b6049b
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/8d9d6cfc1b60fff0eac72f537aa04900e3b6049b
rename to src/fuzz/client_no_fuzzer_mode_corpus/8d9d6cfc1b60fff0eac72f537aa04900e3b6049b
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/90ce0951f9404f14c7bcff894f86b5adfbe2ea55 b/src/fuzz/client_no_fuzzer_mode_corpus/90ce0951f9404f14c7bcff894f86b5adfbe2ea55
new file mode 100644
index 0000000..52459b6
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/90ce0951f9404f14c7bcff894f86b5adfbe2ea55
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/91085e28b15a76c0eb952e29a32958c64210fa22 b/src/fuzz/client_no_fuzzer_mode_corpus/91085e28b15a76c0eb952e29a32958c64210fa22
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/91085e28b15a76c0eb952e29a32958c64210fa22
rename to src/fuzz/client_no_fuzzer_mode_corpus/91085e28b15a76c0eb952e29a32958c64210fa22
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/911b77a559df01da7635687f76d5332317c7e08b b/src/fuzz/client_no_fuzzer_mode_corpus/911b77a559df01da7635687f76d5332317c7e08b
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/911b77a559df01da7635687f76d5332317c7e08b
rename to src/fuzz/client_no_fuzzer_mode_corpus/911b77a559df01da7635687f76d5332317c7e08b
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/92bae4073f6ff276cdee0096302c3e9f8d6c10fd b/src/fuzz/client_no_fuzzer_mode_corpus/92bae4073f6ff276cdee0096302c3e9f8d6c10fd
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/92bae4073f6ff276cdee0096302c3e9f8d6c10fd
rename to src/fuzz/client_no_fuzzer_mode_corpus/92bae4073f6ff276cdee0096302c3e9f8d6c10fd
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/92e6ca7ef1f7fef8fbd3d1d590d9e5ae6b766f42 b/src/fuzz/client_no_fuzzer_mode_corpus/92e6ca7ef1f7fef8fbd3d1d590d9e5ae6b766f42
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/92e6ca7ef1f7fef8fbd3d1d590d9e5ae6b766f42
rename to src/fuzz/client_no_fuzzer_mode_corpus/92e6ca7ef1f7fef8fbd3d1d590d9e5ae6b766f42
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/932ac830ad5d51d928c2369a54f50a4f5b924f66 b/src/fuzz/client_no_fuzzer_mode_corpus/932ac830ad5d51d928c2369a54f50a4f5b924f66
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/932ac830ad5d51d928c2369a54f50a4f5b924f66
rename to src/fuzz/client_no_fuzzer_mode_corpus/932ac830ad5d51d928c2369a54f50a4f5b924f66
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/934e88078ef793c18c2395e0bc96d8caa35e8841 b/src/fuzz/client_no_fuzzer_mode_corpus/934e88078ef793c18c2395e0bc96d8caa35e8841
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/934e88078ef793c18c2395e0bc96d8caa35e8841
rename to src/fuzz/client_no_fuzzer_mode_corpus/934e88078ef793c18c2395e0bc96d8caa35e8841
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/93d0f7fb2676b2ceffee437b9009cdb9970d484c b/src/fuzz/client_no_fuzzer_mode_corpus/93d0f7fb2676b2ceffee437b9009cdb9970d484c
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/93d0f7fb2676b2ceffee437b9009cdb9970d484c
rename to src/fuzz/client_no_fuzzer_mode_corpus/93d0f7fb2676b2ceffee437b9009cdb9970d484c
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/964a71f0e7be3d918e17930feb8cb493cd320c49 b/src/fuzz/client_no_fuzzer_mode_corpus/964a71f0e7be3d918e17930feb8cb493cd320c49
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/964a71f0e7be3d918e17930feb8cb493cd320c49
rename to src/fuzz/client_no_fuzzer_mode_corpus/964a71f0e7be3d918e17930feb8cb493cd320c49
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/9763c6b7d81835078e3b20fdb41b5288cab9930d b/src/fuzz/client_no_fuzzer_mode_corpus/9763c6b7d81835078e3b20fdb41b5288cab9930d
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/9763c6b7d81835078e3b20fdb41b5288cab9930d
rename to src/fuzz/client_no_fuzzer_mode_corpus/9763c6b7d81835078e3b20fdb41b5288cab9930d
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/990fc339eeb1c77883a5f078f566a7b33ef2bc71 b/src/fuzz/client_no_fuzzer_mode_corpus/990fc339eeb1c77883a5f078f566a7b33ef2bc71
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/990fc339eeb1c77883a5f078f566a7b33ef2bc71
rename to src/fuzz/client_no_fuzzer_mode_corpus/990fc339eeb1c77883a5f078f566a7b33ef2bc71
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/99c689cce634fc93c6da78966eead9e035ad4cfa b/src/fuzz/client_no_fuzzer_mode_corpus/99c689cce634fc93c6da78966eead9e035ad4cfa
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/99c689cce634fc93c6da78966eead9e035ad4cfa
rename to src/fuzz/client_no_fuzzer_mode_corpus/99c689cce634fc93c6da78966eead9e035ad4cfa
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/9a3e583c686b703985312b4e7b5363976c059ee4 b/src/fuzz/client_no_fuzzer_mode_corpus/9a3e583c686b703985312b4e7b5363976c059ee4
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/9a3e583c686b703985312b4e7b5363976c059ee4
rename to src/fuzz/client_no_fuzzer_mode_corpus/9a3e583c686b703985312b4e7b5363976c059ee4
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/9c26ea944d6af8ca8a40fbe140b1546c35bed999 b/src/fuzz/client_no_fuzzer_mode_corpus/9c26ea944d6af8ca8a40fbe140b1546c35bed999
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/9c26ea944d6af8ca8a40fbe140b1546c35bed999
rename to src/fuzz/client_no_fuzzer_mode_corpus/9c26ea944d6af8ca8a40fbe140b1546c35bed999
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/9c658f6134d4ee8d92cbb14c17ef3f95866f9244 b/src/fuzz/client_no_fuzzer_mode_corpus/9c658f6134d4ee8d92cbb14c17ef3f95866f9244
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/9c658f6134d4ee8d92cbb14c17ef3f95866f9244
rename to src/fuzz/client_no_fuzzer_mode_corpus/9c658f6134d4ee8d92cbb14c17ef3f95866f9244
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/9e7480708f1639b3d7d28c24b8d0069872cd9792 b/src/fuzz/client_no_fuzzer_mode_corpus/9e7480708f1639b3d7d28c24b8d0069872cd9792
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/9e7480708f1639b3d7d28c24b8d0069872cd9792
rename to src/fuzz/client_no_fuzzer_mode_corpus/9e7480708f1639b3d7d28c24b8d0069872cd9792
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/9f512feaf6dedde799fb54ca956d3919d80cae5a b/src/fuzz/client_no_fuzzer_mode_corpus/9f512feaf6dedde799fb54ca956d3919d80cae5a
new file mode 100644
index 0000000..e24bb8f
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/9f512feaf6dedde799fb54ca956d3919d80cae5a
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/9fb42b24e724fcc7b045403afbfdd101cb7cbf22 b/src/fuzz/client_no_fuzzer_mode_corpus/9fb42b24e724fcc7b045403afbfdd101cb7cbf22
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/9fb42b24e724fcc7b045403afbfdd101cb7cbf22
rename to src/fuzz/client_no_fuzzer_mode_corpus/9fb42b24e724fcc7b045403afbfdd101cb7cbf22
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/9fb493abce1d36d1279c94f79909b0c02ccf9dfe b/src/fuzz/client_no_fuzzer_mode_corpus/9fb493abce1d36d1279c94f79909b0c02ccf9dfe
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/9fb493abce1d36d1279c94f79909b0c02ccf9dfe
rename to src/fuzz/client_no_fuzzer_mode_corpus/9fb493abce1d36d1279c94f79909b0c02ccf9dfe
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/a0ae9f3a0a7f4e296a2dc204f0ce4bb20b7681ec b/src/fuzz/client_no_fuzzer_mode_corpus/a0ae9f3a0a7f4e296a2dc204f0ce4bb20b7681ec
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/a0ae9f3a0a7f4e296a2dc204f0ce4bb20b7681ec
rename to src/fuzz/client_no_fuzzer_mode_corpus/a0ae9f3a0a7f4e296a2dc204f0ce4bb20b7681ec
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/a15d97ec9dfa09552cb5a2c6f76b7841a2f5e22c b/src/fuzz/client_no_fuzzer_mode_corpus/a15d97ec9dfa09552cb5a2c6f76b7841a2f5e22c
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/a15d97ec9dfa09552cb5a2c6f76b7841a2f5e22c
rename to src/fuzz/client_no_fuzzer_mode_corpus/a15d97ec9dfa09552cb5a2c6f76b7841a2f5e22c
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/a164f5d41fc8a52882e4da1eab21d684d75575ed b/src/fuzz/client_no_fuzzer_mode_corpus/a164f5d41fc8a52882e4da1eab21d684d75575ed
new file mode 100644
index 0000000..2e11644
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/a164f5d41fc8a52882e4da1eab21d684d75575ed
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/a31485be9beb36c2e8de3c8dff871f5a7ebe6286 b/src/fuzz/client_no_fuzzer_mode_corpus/a31485be9beb36c2e8de3c8dff871f5a7ebe6286
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/a31485be9beb36c2e8de3c8dff871f5a7ebe6286
rename to src/fuzz/client_no_fuzzer_mode_corpus/a31485be9beb36c2e8de3c8dff871f5a7ebe6286
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/a36c75741c2a634a8e15e4a79f7d530f0857461d b/src/fuzz/client_no_fuzzer_mode_corpus/a36c75741c2a634a8e15e4a79f7d530f0857461d
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/a36c75741c2a634a8e15e4a79f7d530f0857461d
rename to src/fuzz/client_no_fuzzer_mode_corpus/a36c75741c2a634a8e15e4a79f7d530f0857461d
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/a48061bd3de257ac7f848d715308b6b83cbaef0e b/src/fuzz/client_no_fuzzer_mode_corpus/a48061bd3de257ac7f848d715308b6b83cbaef0e
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/a48061bd3de257ac7f848d715308b6b83cbaef0e
rename to src/fuzz/client_no_fuzzer_mode_corpus/a48061bd3de257ac7f848d715308b6b83cbaef0e
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/a57ddf52041372f881af848f2b624a17e939d38d b/src/fuzz/client_no_fuzzer_mode_corpus/a57ddf52041372f881af848f2b624a17e939d38d
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/a57ddf52041372f881af848f2b624a17e939d38d
rename to src/fuzz/client_no_fuzzer_mode_corpus/a57ddf52041372f881af848f2b624a17e939d38d
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/a5dfc336934d434aad04cc9914d27426d00c2a34 b/src/fuzz/client_no_fuzzer_mode_corpus/a5dfc336934d434aad04cc9914d27426d00c2a34
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/a5dfc336934d434aad04cc9914d27426d00c2a34
rename to src/fuzz/client_no_fuzzer_mode_corpus/a5dfc336934d434aad04cc9914d27426d00c2a34
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/a6c05de8e45ea2b821158d004808c6beebaf0301 b/src/fuzz/client_no_fuzzer_mode_corpus/a6c05de8e45ea2b821158d004808c6beebaf0301
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/a6c05de8e45ea2b821158d004808c6beebaf0301
rename to src/fuzz/client_no_fuzzer_mode_corpus/a6c05de8e45ea2b821158d004808c6beebaf0301
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/a73e17bb891d223f500c95916dd2ba549661f9ae b/src/fuzz/client_no_fuzzer_mode_corpus/a73e17bb891d223f500c95916dd2ba549661f9ae
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/a73e17bb891d223f500c95916dd2ba549661f9ae
rename to src/fuzz/client_no_fuzzer_mode_corpus/a73e17bb891d223f500c95916dd2ba549661f9ae
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/a8870d429c8e771cc689d8c5f5d3c2bb26d9470e b/src/fuzz/client_no_fuzzer_mode_corpus/a8870d429c8e771cc689d8c5f5d3c2bb26d9470e
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/a8870d429c8e771cc689d8c5f5d3c2bb26d9470e
rename to src/fuzz/client_no_fuzzer_mode_corpus/a8870d429c8e771cc689d8c5f5d3c2bb26d9470e
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/a8d671e53e7e66c2a627a21f04de9617fc7d1ce5 b/src/fuzz/client_no_fuzzer_mode_corpus/a8d671e53e7e66c2a627a21f04de9617fc7d1ce5
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/a8d671e53e7e66c2a627a21f04de9617fc7d1ce5
rename to src/fuzz/client_no_fuzzer_mode_corpus/a8d671e53e7e66c2a627a21f04de9617fc7d1ce5
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/a90d298af651bb2dff49a9eab4a1b3a8434ddd58 b/src/fuzz/client_no_fuzzer_mode_corpus/a90d298af651bb2dff49a9eab4a1b3a8434ddd58
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/a90d298af651bb2dff49a9eab4a1b3a8434ddd58
rename to src/fuzz/client_no_fuzzer_mode_corpus/a90d298af651bb2dff49a9eab4a1b3a8434ddd58
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/a9dee07816a237b7c8b3366bf4e939fbfa855a11 b/src/fuzz/client_no_fuzzer_mode_corpus/a9dee07816a237b7c8b3366bf4e939fbfa855a11
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/a9dee07816a237b7c8b3366bf4e939fbfa855a11
rename to src/fuzz/client_no_fuzzer_mode_corpus/a9dee07816a237b7c8b3366bf4e939fbfa855a11
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/aa42f1d9302651c1d42487c5f0ed597f9cac7f00 b/src/fuzz/client_no_fuzzer_mode_corpus/aa42f1d9302651c1d42487c5f0ed597f9cac7f00
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/aa42f1d9302651c1d42487c5f0ed597f9cac7f00
rename to src/fuzz/client_no_fuzzer_mode_corpus/aa42f1d9302651c1d42487c5f0ed597f9cac7f00
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/ab16b90e9c6ffadad9ca78492e011e9467b93ade b/src/fuzz/client_no_fuzzer_mode_corpus/ab16b90e9c6ffadad9ca78492e011e9467b93ade
new file mode 100644
index 0000000..188c58d
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/ab16b90e9c6ffadad9ca78492e011e9467b93ade
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/abc84e32c9322d849428edcc88f300c6b5092201 b/src/fuzz/client_no_fuzzer_mode_corpus/abc84e32c9322d849428edcc88f300c6b5092201
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/abc84e32c9322d849428edcc88f300c6b5092201
rename to src/fuzz/client_no_fuzzer_mode_corpus/abc84e32c9322d849428edcc88f300c6b5092201
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/ae1efc0b2a8d3c8ef85c46a688647d458441df6b b/src/fuzz/client_no_fuzzer_mode_corpus/ae1efc0b2a8d3c8ef85c46a688647d458441df6b
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/ae1efc0b2a8d3c8ef85c46a688647d458441df6b
rename to src/fuzz/client_no_fuzzer_mode_corpus/ae1efc0b2a8d3c8ef85c46a688647d458441df6b
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/af44ac4c3b0371c29f408f6b42edf8b8403785d9 b/src/fuzz/client_no_fuzzer_mode_corpus/af44ac4c3b0371c29f408f6b42edf8b8403785d9
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/af44ac4c3b0371c29f408f6b42edf8b8403785d9
rename to src/fuzz/client_no_fuzzer_mode_corpus/af44ac4c3b0371c29f408f6b42edf8b8403785d9
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/af745b0ef88bf0ef382e3410e758043ad993ee84 b/src/fuzz/client_no_fuzzer_mode_corpus/af745b0ef88bf0ef382e3410e758043ad993ee84
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/af745b0ef88bf0ef382e3410e758043ad993ee84
rename to src/fuzz/client_no_fuzzer_mode_corpus/af745b0ef88bf0ef382e3410e758043ad993ee84
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/b01af8aca6a58bcda50555e3afab1c40bcf7f582 b/src/fuzz/client_no_fuzzer_mode_corpus/b01af8aca6a58bcda50555e3afab1c40bcf7f582
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/b01af8aca6a58bcda50555e3afab1c40bcf7f582
rename to src/fuzz/client_no_fuzzer_mode_corpus/b01af8aca6a58bcda50555e3afab1c40bcf7f582
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/b030e2429fc53927881d58145d088d06452f6a26 b/src/fuzz/client_no_fuzzer_mode_corpus/b030e2429fc53927881d58145d088d06452f6a26
new file mode 100644
index 0000000..1a577d0
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/b030e2429fc53927881d58145d088d06452f6a26
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/b1376725e3bf74c6519c219c6472c6d81515182a b/src/fuzz/client_no_fuzzer_mode_corpus/b1376725e3bf74c6519c219c6472c6d81515182a
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/b1376725e3bf74c6519c219c6472c6d81515182a
rename to src/fuzz/client_no_fuzzer_mode_corpus/b1376725e3bf74c6519c219c6472c6d81515182a
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/b217013fcc4b7f16e856b8c91df61f7e071c5cd2 b/src/fuzz/client_no_fuzzer_mode_corpus/b217013fcc4b7f16e856b8c91df61f7e071c5cd2
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/b217013fcc4b7f16e856b8c91df61f7e071c5cd2
rename to src/fuzz/client_no_fuzzer_mode_corpus/b217013fcc4b7f16e856b8c91df61f7e071c5cd2
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/b4fb2886caa7253df5484e13fc1f5b5e064ac310 b/src/fuzz/client_no_fuzzer_mode_corpus/b4fb2886caa7253df5484e13fc1f5b5e064ac310
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/b4fb2886caa7253df5484e13fc1f5b5e064ac310
rename to src/fuzz/client_no_fuzzer_mode_corpus/b4fb2886caa7253df5484e13fc1f5b5e064ac310
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/b7d6540600ab6d67e85b698a97ba5d39e9ad7a66 b/src/fuzz/client_no_fuzzer_mode_corpus/b7d6540600ab6d67e85b698a97ba5d39e9ad7a66
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/b7d6540600ab6d67e85b698a97ba5d39e9ad7a66
rename to src/fuzz/client_no_fuzzer_mode_corpus/b7d6540600ab6d67e85b698a97ba5d39e9ad7a66
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/b7f51c55bd011598a8e3e1d0671fc9d4a17a4d09 b/src/fuzz/client_no_fuzzer_mode_corpus/b7f51c55bd011598a8e3e1d0671fc9d4a17a4d09
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/b7f51c55bd011598a8e3e1d0671fc9d4a17a4d09
rename to src/fuzz/client_no_fuzzer_mode_corpus/b7f51c55bd011598a8e3e1d0671fc9d4a17a4d09
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/b7f92e1901074aad1041b2e33b02ab2cf2757f2c b/src/fuzz/client_no_fuzzer_mode_corpus/b7f92e1901074aad1041b2e33b02ab2cf2757f2c
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/b7f92e1901074aad1041b2e33b02ab2cf2757f2c
rename to src/fuzz/client_no_fuzzer_mode_corpus/b7f92e1901074aad1041b2e33b02ab2cf2757f2c
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/b93a61088b431cc110b6a2f1c0908b56133d473e b/src/fuzz/client_no_fuzzer_mode_corpus/b93a61088b431cc110b6a2f1c0908b56133d473e
new file mode 100644
index 0000000..c885602
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/b93a61088b431cc110b6a2f1c0908b56133d473e
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/bb78e3d26db4f97235fda0a0329847a655bac48e b/src/fuzz/client_no_fuzzer_mode_corpus/bb78e3d26db4f97235fda0a0329847a655bac48e
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/bb78e3d26db4f97235fda0a0329847a655bac48e
rename to src/fuzz/client_no_fuzzer_mode_corpus/bb78e3d26db4f97235fda0a0329847a655bac48e
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/bbad23c67780619ce04acfab4995c6ba06039863 b/src/fuzz/client_no_fuzzer_mode_corpus/bbad23c67780619ce04acfab4995c6ba06039863
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/bbad23c67780619ce04acfab4995c6ba06039863
rename to src/fuzz/client_no_fuzzer_mode_corpus/bbad23c67780619ce04acfab4995c6ba06039863
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/bbb0dc96445fec9c12306e6e6202696ae48add91 b/src/fuzz/client_no_fuzzer_mode_corpus/bbb0dc96445fec9c12306e6e6202696ae48add91
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/bbb0dc96445fec9c12306e6e6202696ae48add91
rename to src/fuzz/client_no_fuzzer_mode_corpus/bbb0dc96445fec9c12306e6e6202696ae48add91
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/bc19949a4f9d9309a48ec184fb6c59002f42e86c b/src/fuzz/client_no_fuzzer_mode_corpus/bc19949a4f9d9309a48ec184fb6c59002f42e86c
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/bc19949a4f9d9309a48ec184fb6c59002f42e86c
rename to src/fuzz/client_no_fuzzer_mode_corpus/bc19949a4f9d9309a48ec184fb6c59002f42e86c
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/bf8a9329652af9d8c79a4049a63000282fcc1fba b/src/fuzz/client_no_fuzzer_mode_corpus/bf8a9329652af9d8c79a4049a63000282fcc1fba
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/bf8a9329652af9d8c79a4049a63000282fcc1fba
rename to src/fuzz/client_no_fuzzer_mode_corpus/bf8a9329652af9d8c79a4049a63000282fcc1fba
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/c175d2816aceebfe5d24c64a610238b8a640033c b/src/fuzz/client_no_fuzzer_mode_corpus/c175d2816aceebfe5d24c64a610238b8a640033c
new file mode 100644
index 0000000..2be7b41
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/c175d2816aceebfe5d24c64a610238b8a640033c
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/c42fe981d6fe631b3780b6d3054fdfc38630bc44 b/src/fuzz/client_no_fuzzer_mode_corpus/c42fe981d6fe631b3780b6d3054fdfc38630bc44
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/c42fe981d6fe631b3780b6d3054fdfc38630bc44
rename to src/fuzz/client_no_fuzzer_mode_corpus/c42fe981d6fe631b3780b6d3054fdfc38630bc44
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/c61d8cf81fa324aa38ecf1ef94738ed7bafc217c b/src/fuzz/client_no_fuzzer_mode_corpus/c61d8cf81fa324aa38ecf1ef94738ed7bafc217c
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/c61d8cf81fa324aa38ecf1ef94738ed7bafc217c
rename to src/fuzz/client_no_fuzzer_mode_corpus/c61d8cf81fa324aa38ecf1ef94738ed7bafc217c
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/c7b5dca54cc0ebdf9a47878a0629eba3242a69ee b/src/fuzz/client_no_fuzzer_mode_corpus/c7b5dca54cc0ebdf9a47878a0629eba3242a69ee
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/c7b5dca54cc0ebdf9a47878a0629eba3242a69ee
rename to src/fuzz/client_no_fuzzer_mode_corpus/c7b5dca54cc0ebdf9a47878a0629eba3242a69ee
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/c7c685c2d3992a29cb0ac5f3491481a81e9c37ed b/src/fuzz/client_no_fuzzer_mode_corpus/c7c685c2d3992a29cb0ac5f3491481a81e9c37ed
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/c7c685c2d3992a29cb0ac5f3491481a81e9c37ed
rename to src/fuzz/client_no_fuzzer_mode_corpus/c7c685c2d3992a29cb0ac5f3491481a81e9c37ed
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/c88decc00c709493fd2b46582cc39fb2d90b9c2f b/src/fuzz/client_no_fuzzer_mode_corpus/c88decc00c709493fd2b46582cc39fb2d90b9c2f
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/c88decc00c709493fd2b46582cc39fb2d90b9c2f
rename to src/fuzz/client_no_fuzzer_mode_corpus/c88decc00c709493fd2b46582cc39fb2d90b9c2f
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/ca2ed4c4f6f6fd8ac15b8e778686d9bfe181c5fb b/src/fuzz/client_no_fuzzer_mode_corpus/ca2ed4c4f6f6fd8ac15b8e778686d9bfe181c5fb
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/ca2ed4c4f6f6fd8ac15b8e778686d9bfe181c5fb
rename to src/fuzz/client_no_fuzzer_mode_corpus/ca2ed4c4f6f6fd8ac15b8e778686d9bfe181c5fb
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/cb4fbcb22b4625792d9d9eee7b4284c69ab6a257 b/src/fuzz/client_no_fuzzer_mode_corpus/cb4fbcb22b4625792d9d9eee7b4284c69ab6a257
new file mode 100644
index 0000000..c39a764
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/cb4fbcb22b4625792d9d9eee7b4284c69ab6a257
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/cc3f076cf16324863c399adb8b3f5064036641ce b/src/fuzz/client_no_fuzzer_mode_corpus/cc3f076cf16324863c399adb8b3f5064036641ce
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/cc3f076cf16324863c399adb8b3f5064036641ce
rename to src/fuzz/client_no_fuzzer_mode_corpus/cc3f076cf16324863c399adb8b3f5064036641ce
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/cd280adb132d1fc580a5411d9b3544d24909e0bf b/src/fuzz/client_no_fuzzer_mode_corpus/cd280adb132d1fc580a5411d9b3544d24909e0bf
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/cd280adb132d1fc580a5411d9b3544d24909e0bf
rename to src/fuzz/client_no_fuzzer_mode_corpus/cd280adb132d1fc580a5411d9b3544d24909e0bf
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/d1584204aa43ad0785402278756663e39a8e7804 b/src/fuzz/client_no_fuzzer_mode_corpus/d1584204aa43ad0785402278756663e39a8e7804
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/d1584204aa43ad0785402278756663e39a8e7804
rename to src/fuzz/client_no_fuzzer_mode_corpus/d1584204aa43ad0785402278756663e39a8e7804
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/d2328f74204a8ab6cfe30cd2700bd87cf824ff70 b/src/fuzz/client_no_fuzzer_mode_corpus/d2328f74204a8ab6cfe30cd2700bd87cf824ff70
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/d2328f74204a8ab6cfe30cd2700bd87cf824ff70
rename to src/fuzz/client_no_fuzzer_mode_corpus/d2328f74204a8ab6cfe30cd2700bd87cf824ff70
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/d7e3f40604984ffa180fd18d02b25d2d6db0fed3 b/src/fuzz/client_no_fuzzer_mode_corpus/d7e3f40604984ffa180fd18d02b25d2d6db0fed3
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/d7e3f40604984ffa180fd18d02b25d2d6db0fed3
rename to src/fuzz/client_no_fuzzer_mode_corpus/d7e3f40604984ffa180fd18d02b25d2d6db0fed3
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/d90ce69847da6a1e6afa0ef67dea51c3232921c0 b/src/fuzz/client_no_fuzzer_mode_corpus/d90ce69847da6a1e6afa0ef67dea51c3232921c0
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/d90ce69847da6a1e6afa0ef67dea51c3232921c0
rename to src/fuzz/client_no_fuzzer_mode_corpus/d90ce69847da6a1e6afa0ef67dea51c3232921c0
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/db0dc10acf7ec0d014ec49f891d95aac21c50a94 b/src/fuzz/client_no_fuzzer_mode_corpus/db0dc10acf7ec0d014ec49f891d95aac21c50a94
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/db0dc10acf7ec0d014ec49f891d95aac21c50a94
rename to src/fuzz/client_no_fuzzer_mode_corpus/db0dc10acf7ec0d014ec49f891d95aac21c50a94
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/db6253a552c9b15d05c75abd422b002def6179f7 b/src/fuzz/client_no_fuzzer_mode_corpus/db6253a552c9b15d05c75abd422b002def6179f7
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/db6253a552c9b15d05c75abd422b002def6179f7
rename to src/fuzz/client_no_fuzzer_mode_corpus/db6253a552c9b15d05c75abd422b002def6179f7
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/dc29d977fce71e060b9ae6a7feb965ed9bd2abc8 b/src/fuzz/client_no_fuzzer_mode_corpus/dc29d977fce71e060b9ae6a7feb965ed9bd2abc8
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/dc29d977fce71e060b9ae6a7feb965ed9bd2abc8
rename to src/fuzz/client_no_fuzzer_mode_corpus/dc29d977fce71e060b9ae6a7feb965ed9bd2abc8
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/ddff64620b2c59316fa331ffe65da25a4667f0b3 b/src/fuzz/client_no_fuzzer_mode_corpus/ddff64620b2c59316fa331ffe65da25a4667f0b3
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/ddff64620b2c59316fa331ffe65da25a4667f0b3
rename to src/fuzz/client_no_fuzzer_mode_corpus/ddff64620b2c59316fa331ffe65da25a4667f0b3
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/df69f4b2fbc627d7f1719c0eb8f9b44b8c1f1fc9 b/src/fuzz/client_no_fuzzer_mode_corpus/df69f4b2fbc627d7f1719c0eb8f9b44b8c1f1fc9
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/df69f4b2fbc627d7f1719c0eb8f9b44b8c1f1fc9
rename to src/fuzz/client_no_fuzzer_mode_corpus/df69f4b2fbc627d7f1719c0eb8f9b44b8c1f1fc9
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/dfb41c32dca4464951f14eb246f0386afd2f8b87 b/src/fuzz/client_no_fuzzer_mode_corpus/dfb41c32dca4464951f14eb246f0386afd2f8b87
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/dfb41c32dca4464951f14eb246f0386afd2f8b87
rename to src/fuzz/client_no_fuzzer_mode_corpus/dfb41c32dca4464951f14eb246f0386afd2f8b87
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/e02445df45e951ea7c2819584678658b987234a7 b/src/fuzz/client_no_fuzzer_mode_corpus/e02445df45e951ea7c2819584678658b987234a7
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/e02445df45e951ea7c2819584678658b987234a7
rename to src/fuzz/client_no_fuzzer_mode_corpus/e02445df45e951ea7c2819584678658b987234a7
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/e180ab112d2cfe38105931af1ec32b63e7293997 b/src/fuzz/client_no_fuzzer_mode_corpus/e180ab112d2cfe38105931af1ec32b63e7293997
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/e180ab112d2cfe38105931af1ec32b63e7293997
rename to src/fuzz/client_no_fuzzer_mode_corpus/e180ab112d2cfe38105931af1ec32b63e7293997
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/e1c4b3f06aa06b9686aeab585832383003365963 b/src/fuzz/client_no_fuzzer_mode_corpus/e1c4b3f06aa06b9686aeab585832383003365963
new file mode 100644
index 0000000..5a7f378
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/e1c4b3f06aa06b9686aeab585832383003365963
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/e2c512cb0534f93ebf02a528019f50cc677792db b/src/fuzz/client_no_fuzzer_mode_corpus/e2c512cb0534f93ebf02a528019f50cc677792db
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/e2c512cb0534f93ebf02a528019f50cc677792db
rename to src/fuzz/client_no_fuzzer_mode_corpus/e2c512cb0534f93ebf02a528019f50cc677792db
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/e631a562a9a07024bd3905583c6feb1a557a2356 b/src/fuzz/client_no_fuzzer_mode_corpus/e631a562a9a07024bd3905583c6feb1a557a2356
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/e631a562a9a07024bd3905583c6feb1a557a2356
rename to src/fuzz/client_no_fuzzer_mode_corpus/e631a562a9a07024bd3905583c6feb1a557a2356
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/e6760514765cf56f5544cdd72a48e845a1648665 b/src/fuzz/client_no_fuzzer_mode_corpus/e6760514765cf56f5544cdd72a48e845a1648665
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/e6760514765cf56f5544cdd72a48e845a1648665
rename to src/fuzz/client_no_fuzzer_mode_corpus/e6760514765cf56f5544cdd72a48e845a1648665
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/e72e007032c5cdcf65b3c91bed4e90403d3f7f59 b/src/fuzz/client_no_fuzzer_mode_corpus/e72e007032c5cdcf65b3c91bed4e90403d3f7f59
new file mode 100644
index 0000000..7d85ce0
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/e72e007032c5cdcf65b3c91bed4e90403d3f7f59
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/e93e86d33769c266fc3c8ef19eb06a7e3c6aedab b/src/fuzz/client_no_fuzzer_mode_corpus/e93e86d33769c266fc3c8ef19eb06a7e3c6aedab
new file mode 100644
index 0000000..05ea71c
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/e93e86d33769c266fc3c8ef19eb06a7e3c6aedab
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/eae093893ad367e52f83275a9e85e2042b4f3839 b/src/fuzz/client_no_fuzzer_mode_corpus/eae093893ad367e52f83275a9e85e2042b4f3839
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/eae093893ad367e52f83275a9e85e2042b4f3839
rename to src/fuzz/client_no_fuzzer_mode_corpus/eae093893ad367e52f83275a9e85e2042b4f3839
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/ebffac674a30c42965f2b0db2782bbf4f5b2beac b/src/fuzz/client_no_fuzzer_mode_corpus/ebffac674a30c42965f2b0db2782bbf4f5b2beac
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/ebffac674a30c42965f2b0db2782bbf4f5b2beac
rename to src/fuzz/client_no_fuzzer_mode_corpus/ebffac674a30c42965f2b0db2782bbf4f5b2beac
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/ec26ae2d7ce633f0ad20c29219a43b275d112e56 b/src/fuzz/client_no_fuzzer_mode_corpus/ec26ae2d7ce633f0ad20c29219a43b275d112e56
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/ec26ae2d7ce633f0ad20c29219a43b275d112e56
rename to src/fuzz/client_no_fuzzer_mode_corpus/ec26ae2d7ce633f0ad20c29219a43b275d112e56
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/ed49f8e682adc4e286abc8f03a20b348cc340504 b/src/fuzz/client_no_fuzzer_mode_corpus/ed49f8e682adc4e286abc8f03a20b348cc340504
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/ed49f8e682adc4e286abc8f03a20b348cc340504
rename to src/fuzz/client_no_fuzzer_mode_corpus/ed49f8e682adc4e286abc8f03a20b348cc340504
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/eeb06e0fab0469910b4116f4c41265afe2723f5d b/src/fuzz/client_no_fuzzer_mode_corpus/eeb06e0fab0469910b4116f4c41265afe2723f5d
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/eeb06e0fab0469910b4116f4c41265afe2723f5d
rename to src/fuzz/client_no_fuzzer_mode_corpus/eeb06e0fab0469910b4116f4c41265afe2723f5d
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/eee378854e90402bc4a80bc0c5d35a9a11c39a68 b/src/fuzz/client_no_fuzzer_mode_corpus/eee378854e90402bc4a80bc0c5d35a9a11c39a68
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/eee378854e90402bc4a80bc0c5d35a9a11c39a68
rename to src/fuzz/client_no_fuzzer_mode_corpus/eee378854e90402bc4a80bc0c5d35a9a11c39a68
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/f6c2fc500115c6db954ddb0a4cff9e105f5124e7 b/src/fuzz/client_no_fuzzer_mode_corpus/f6c2fc500115c6db954ddb0a4cff9e105f5124e7
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/f6c2fc500115c6db954ddb0a4cff9e105f5124e7
rename to src/fuzz/client_no_fuzzer_mode_corpus/f6c2fc500115c6db954ddb0a4cff9e105f5124e7
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/f6d5ec326e8f1027a68accda8da48489b705564b b/src/fuzz/client_no_fuzzer_mode_corpus/f6d5ec326e8f1027a68accda8da48489b705564b
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/f6d5ec326e8f1027a68accda8da48489b705564b
rename to src/fuzz/client_no_fuzzer_mode_corpus/f6d5ec326e8f1027a68accda8da48489b705564b
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/f9e44b77292e35b43bc0d0e485447e1ecdab88e5 b/src/fuzz/client_no_fuzzer_mode_corpus/f9e44b77292e35b43bc0d0e485447e1ecdab88e5
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/f9e44b77292e35b43bc0d0e485447e1ecdab88e5
rename to src/fuzz/client_no_fuzzer_mode_corpus/f9e44b77292e35b43bc0d0e485447e1ecdab88e5
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/f9fad23530597588efd0af3187526e3bb0151e31 b/src/fuzz/client_no_fuzzer_mode_corpus/f9fad23530597588efd0af3187526e3bb0151e31
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/f9fad23530597588efd0af3187526e3bb0151e31
rename to src/fuzz/client_no_fuzzer_mode_corpus/f9fad23530597588efd0af3187526e3bb0151e31
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/fa2cefdf344569957b3ea326c8f759738face0eb b/src/fuzz/client_no_fuzzer_mode_corpus/fa2cefdf344569957b3ea326c8f759738face0eb
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/fa2cefdf344569957b3ea326c8f759738face0eb
rename to src/fuzz/client_no_fuzzer_mode_corpus/fa2cefdf344569957b3ea326c8f759738face0eb
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/fb1007d8cc0a626dcf13b4910cbe3cef5ec564a3 b/src/fuzz/client_no_fuzzer_mode_corpus/fb1007d8cc0a626dcf13b4910cbe3cef5ec564a3
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/fb1007d8cc0a626dcf13b4910cbe3cef5ec564a3
rename to src/fuzz/client_no_fuzzer_mode_corpus/fb1007d8cc0a626dcf13b4910cbe3cef5ec564a3
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/fb1a5d0a53477c504d6bf01e36c2680d941c12c1 b/src/fuzz/client_no_fuzzer_mode_corpus/fb1a5d0a53477c504d6bf01e36c2680d941c12c1
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/fb1a5d0a53477c504d6bf01e36c2680d941c12c1
rename to src/fuzz/client_no_fuzzer_mode_corpus/fb1a5d0a53477c504d6bf01e36c2680d941c12c1
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/fba3e36ff9038e8cc1139d722fda5b9fa7f5d901 b/src/fuzz/client_no_fuzzer_mode_corpus/fba3e36ff9038e8cc1139d722fda5b9fa7f5d901
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/fba3e36ff9038e8cc1139d722fda5b9fa7f5d901
rename to src/fuzz/client_no_fuzzer_mode_corpus/fba3e36ff9038e8cc1139d722fda5b9fa7f5d901
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/fbb0d2ec0fa012edbb368960f141773bd7193f2c b/src/fuzz/client_no_fuzzer_mode_corpus/fbb0d2ec0fa012edbb368960f141773bd7193f2c
new file mode 100644
index 0000000..1516996
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/fbb0d2ec0fa012edbb368960f141773bd7193f2c
Binary files differ
diff --git a/src/fuzz/client_corpus_no_fuzzer_mode/ff261b7426d59abe341f87143f622f47ba3b9289 b/src/fuzz/client_no_fuzzer_mode_corpus/ff261b7426d59abe341f87143f622f47ba3b9289
similarity index 100%
rename from src/fuzz/client_corpus_no_fuzzer_mode/ff261b7426d59abe341f87143f622f47ba3b9289
rename to src/fuzz/client_no_fuzzer_mode_corpus/ff261b7426d59abe341f87143f622f47ba3b9289
Binary files differ
diff --git a/src/fuzz/client_no_fuzzer_mode_corpus/ff867841f39f078b4c08e7a6915cf07341e95a8c b/src/fuzz/client_no_fuzzer_mode_corpus/ff867841f39f078b4c08e7a6915cf07341e95a8c
new file mode 100644
index 0000000..6d13c7e
--- /dev/null
+++ b/src/fuzz/client_no_fuzzer_mode_corpus/ff867841f39f078b4c08e7a6915cf07341e95a8c
Binary files differ
diff --git a/src/fuzz/decode_client_hello_inner_corpus/195d372ef6ed267cf60dfd56978d82c8ba1d6b68 b/src/fuzz/decode_client_hello_inner_corpus/195d372ef6ed267cf60dfd56978d82c8ba1d6b68
new file mode 100644
index 0000000..18b86ee
--- /dev/null
+++ b/src/fuzz/decode_client_hello_inner_corpus/195d372ef6ed267cf60dfd56978d82c8ba1d6b68
Binary files differ
diff --git a/src/fuzz/decode_client_hello_inner_corpus/27af6473351f2ab64838dcfe3e4cb4fa3d08f198 b/src/fuzz/decode_client_hello_inner_corpus/27af6473351f2ab64838dcfe3e4cb4fa3d08f198
new file mode 100644
index 0000000..1cc792b
--- /dev/null
+++ b/src/fuzz/decode_client_hello_inner_corpus/27af6473351f2ab64838dcfe3e4cb4fa3d08f198
Binary files differ
diff --git a/src/fuzz/decode_client_hello_inner_corpus/3b0782d27c1bbe783588e48e50e83bf35d8159f8 b/src/fuzz/decode_client_hello_inner_corpus/3b0782d27c1bbe783588e48e50e83bf35d8159f8
new file mode 100644
index 0000000..1ad992a
--- /dev/null
+++ b/src/fuzz/decode_client_hello_inner_corpus/3b0782d27c1bbe783588e48e50e83bf35d8159f8
Binary files differ
diff --git a/src/fuzz/decode_client_hello_inner_corpus/5d04d5c50fa239df2d82e908587381fa51eac5b3 b/src/fuzz/decode_client_hello_inner_corpus/5d04d5c50fa239df2d82e908587381fa51eac5b3
new file mode 100644
index 0000000..a493362
--- /dev/null
+++ b/src/fuzz/decode_client_hello_inner_corpus/5d04d5c50fa239df2d82e908587381fa51eac5b3
Binary files differ
diff --git a/src/fuzz/decode_client_hello_inner_corpus/6b59bce768423c920a740b12cd18f3bad925fd78 b/src/fuzz/decode_client_hello_inner_corpus/6b59bce768423c920a740b12cd18f3bad925fd78
deleted file mode 100644
index 8f538fe..0000000
--- a/src/fuzz/decode_client_hello_inner_corpus/6b59bce768423c920a740b12cd18f3bad925fd78
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/decode_client_hello_inner_corpus/8f26d09f836be335b9c2e478615395c0954f9b74 b/src/fuzz/decode_client_hello_inner_corpus/8f26d09f836be335b9c2e478615395c0954f9b74
new file mode 100644
index 0000000..bb633e4
--- /dev/null
+++ b/src/fuzz/decode_client_hello_inner_corpus/8f26d09f836be335b9c2e478615395c0954f9b74
Binary files differ
diff --git a/src/fuzz/decode_client_hello_inner_corpus/93d475fdb214a1ac30d26e1504f26791bbd74bb7 b/src/fuzz/decode_client_hello_inner_corpus/93d475fdb214a1ac30d26e1504f26791bbd74bb7
new file mode 100644
index 0000000..a22102e
--- /dev/null
+++ b/src/fuzz/decode_client_hello_inner_corpus/93d475fdb214a1ac30d26e1504f26791bbd74bb7
Binary files differ
diff --git a/src/fuzz/decode_client_hello_inner_corpus/981cc58bf5297f1bb8a07c11fa8c7c31b93f5402 b/src/fuzz/decode_client_hello_inner_corpus/981cc58bf5297f1bb8a07c11fa8c7c31b93f5402
new file mode 100644
index 0000000..aec1003
--- /dev/null
+++ b/src/fuzz/decode_client_hello_inner_corpus/981cc58bf5297f1bb8a07c11fa8c7c31b93f5402
Binary files differ
diff --git a/src/fuzz/decode_client_hello_inner_corpus/a9d80dd82f2d0415d224ebd3c184397746cecbb4 b/src/fuzz/decode_client_hello_inner_corpus/a9d80dd82f2d0415d224ebd3c184397746cecbb4
new file mode 100644
index 0000000..14def9d
--- /dev/null
+++ b/src/fuzz/decode_client_hello_inner_corpus/a9d80dd82f2d0415d224ebd3c184397746cecbb4
Binary files differ
diff --git a/src/fuzz/decode_client_hello_inner_corpus/c2bb18319c8702195a0acc9a0f2151b35f6357a7 b/src/fuzz/decode_client_hello_inner_corpus/c2bb18319c8702195a0acc9a0f2151b35f6357a7
deleted file mode 100644
index ccadfa8..0000000
--- a/src/fuzz/decode_client_hello_inner_corpus/c2bb18319c8702195a0acc9a0f2151b35f6357a7
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/decode_client_hello_inner_corpus/ca4621477e43b3765cad52d56fe14a9f8ca91dee b/src/fuzz/decode_client_hello_inner_corpus/ca4621477e43b3765cad52d56fe14a9f8ca91dee
deleted file mode 100644
index a7d3245..0000000
--- a/src/fuzz/decode_client_hello_inner_corpus/ca4621477e43b3765cad52d56fe14a9f8ca91dee
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/decode_client_hello_inner_corpus/d608cfbc975dc08e7d035a9f17496d60a89579b3 b/src/fuzz/decode_client_hello_inner_corpus/d608cfbc975dc08e7d035a9f17496d60a89579b3
new file mode 100644
index 0000000..d8f9884
--- /dev/null
+++ b/src/fuzz/decode_client_hello_inner_corpus/d608cfbc975dc08e7d035a9f17496d60a89579b3
Binary files differ
diff --git a/src/fuzz/decode_client_hello_inner_corpus/e20653e9cefe9005887cc7d11f96f4cc99c3a4e8 b/src/fuzz/decode_client_hello_inner_corpus/e20653e9cefe9005887cc7d11f96f4cc99c3a4e8
deleted file mode 100644
index fad1872..0000000
--- a/src/fuzz/decode_client_hello_inner_corpus/e20653e9cefe9005887cc7d11f96f4cc99c3a4e8
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/der_roundtrip.cc b/src/fuzz/der_roundtrip.cc
index ffce3b9..5df58ff 100644
--- a/src/fuzz/der_roundtrip.cc
+++ b/src/fuzz/der_roundtrip.cc
@@ -29,11 +29,9 @@
// correctly.
size_t consumed = len - CBS_len(&cbs);
bssl::ScopedCBB cbb;
- CBB body_cbb;
if (!CBB_init(cbb.get(), consumed) ||
- !CBB_add_asn1(cbb.get(), &body_cbb, tag) ||
- !CBB_add_bytes(&body_cbb, CBS_data(&body), CBS_len(&body)) ||
- !CBB_flush(cbb.get()) ||
+ !CBB_add_asn1_element(cbb.get(), tag, CBS_data(&body),
+ CBS_len(&body)) ||
CBB_len(cbb.get()) != consumed ||
memcmp(CBB_data(cbb.get()), buf, consumed) != 0) {
abort();
diff --git a/src/fuzz/dtls_client.cc b/src/fuzz/dtls_client.cc
index c73e47e..f5ce885 100644
--- a/src/fuzz/dtls_client.cc
+++ b/src/fuzz/dtls_client.cc
@@ -15,7 +15,8 @@
#include "../ssl/test/fuzzer.h"
-static TLSFuzzer g_fuzzer(TLSFuzzer::kDTLS, TLSFuzzer::kClient);
+static TLSFuzzer g_fuzzer(TLSFuzzer::kDTLS, TLSFuzzer::kClient,
+ TLSFuzzer::kFuzzerModeOn);
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
return g_fuzzer.TestOneInput(buf, len);
diff --git a/src/fuzz/dtls_client_corpus/041362f31da6c05403821b4350eaeabf321ee892 b/src/fuzz/dtls_client_corpus/041362f31da6c05403821b4350eaeabf321ee892
new file mode 100644
index 0000000..54f2304
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/041362f31da6c05403821b4350eaeabf321ee892
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/047004be89c0a1f302611570def65a023d6abba3 b/src/fuzz/dtls_client_corpus/047004be89c0a1f302611570def65a023d6abba3
new file mode 100644
index 0000000..f0fb66f
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/047004be89c0a1f302611570def65a023d6abba3
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/05474066990baed9e18653244a6db30617c09816 b/src/fuzz/dtls_client_corpus/05474066990baed9e18653244a6db30617c09816
new file mode 100644
index 0000000..bad43a1
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/05474066990baed9e18653244a6db30617c09816
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/158b982b0520e17d0489ca8ae891cd53022e1456 b/src/fuzz/dtls_client_corpus/158b982b0520e17d0489ca8ae891cd53022e1456
deleted file mode 100644
index 67d1878..0000000
--- a/src/fuzz/dtls_client_corpus/158b982b0520e17d0489ca8ae891cd53022e1456
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/182c0022271354bab9ca17039fcaf484d3e7d691 b/src/fuzz/dtls_client_corpus/182c0022271354bab9ca17039fcaf484d3e7d691
new file mode 100644
index 0000000..4b5a70e
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/182c0022271354bab9ca17039fcaf484d3e7d691
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/1932fedc680a4f2c8bb53221249c1ca8251fa7dc b/src/fuzz/dtls_client_corpus/1932fedc680a4f2c8bb53221249c1ca8251fa7dc
new file mode 100644
index 0000000..f7c7650
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/1932fedc680a4f2c8bb53221249c1ca8251fa7dc
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/1b5c9c7cfe90fcafee3ebf0495b343ca308af677 b/src/fuzz/dtls_client_corpus/1b5c9c7cfe90fcafee3ebf0495b343ca308af677
new file mode 100644
index 0000000..30f33d4
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/1b5c9c7cfe90fcafee3ebf0495b343ca308af677
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/1bdfc7f32c3e72eebb26b25fad44440f865bf3c7 b/src/fuzz/dtls_client_corpus/1bdfc7f32c3e72eebb26b25fad44440f865bf3c7
new file mode 100644
index 0000000..a20cfcd
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/1bdfc7f32c3e72eebb26b25fad44440f865bf3c7
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/1d7280e26a2ba73cc4b32d3674a445f99efc2fa3 b/src/fuzz/dtls_client_corpus/1d7280e26a2ba73cc4b32d3674a445f99efc2fa3
deleted file mode 100644
index 3225df4..0000000
--- a/src/fuzz/dtls_client_corpus/1d7280e26a2ba73cc4b32d3674a445f99efc2fa3
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/25e0104cb51c2c90f2ce1c447202dc68867529e6 b/src/fuzz/dtls_client_corpus/25e0104cb51c2c90f2ce1c447202dc68867529e6
new file mode 100644
index 0000000..473f814
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/25e0104cb51c2c90f2ce1c447202dc68867529e6
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/29b11dac1649bf2e855fb152449915f2188c1f5b b/src/fuzz/dtls_client_corpus/29b11dac1649bf2e855fb152449915f2188c1f5b
deleted file mode 100644
index f06050e..0000000
--- a/src/fuzz/dtls_client_corpus/29b11dac1649bf2e855fb152449915f2188c1f5b
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/2be05b76e7f3741f4fbabe82adc3a3785087501e b/src/fuzz/dtls_client_corpus/2be05b76e7f3741f4fbabe82adc3a3785087501e
deleted file mode 100644
index b3d657d..0000000
--- a/src/fuzz/dtls_client_corpus/2be05b76e7f3741f4fbabe82adc3a3785087501e
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/2d3fdca1b5fff996ee56640369be5e75ba1db5d4 b/src/fuzz/dtls_client_corpus/2d3fdca1b5fff996ee56640369be5e75ba1db5d4
new file mode 100644
index 0000000..05cdf6b
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/2d3fdca1b5fff996ee56640369be5e75ba1db5d4
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/3136f05af0df34d84f99ed061b97de080d933278 b/src/fuzz/dtls_client_corpus/3136f05af0df34d84f99ed061b97de080d933278
deleted file mode 100644
index 2ed647c..0000000
--- a/src/fuzz/dtls_client_corpus/3136f05af0df34d84f99ed061b97de080d933278
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/363f4acb20737ec6f2daaca58f58c3134e7758d0 b/src/fuzz/dtls_client_corpus/363f4acb20737ec6f2daaca58f58c3134e7758d0
deleted file mode 100644
index a31ce3e..0000000
--- a/src/fuzz/dtls_client_corpus/363f4acb20737ec6f2daaca58f58c3134e7758d0
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/37434ded0b5b1cd5ddae96af353331e2a9ee2fc1 b/src/fuzz/dtls_client_corpus/37434ded0b5b1cd5ddae96af353331e2a9ee2fc1
new file mode 100644
index 0000000..8e97c8a
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/37434ded0b5b1cd5ddae96af353331e2a9ee2fc1
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/3fa0f1925fa1fb8a72c2813d20bb6aad716949d2 b/src/fuzz/dtls_client_corpus/3fa0f1925fa1fb8a72c2813d20bb6aad716949d2
new file mode 100644
index 0000000..6231803
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/3fa0f1925fa1fb8a72c2813d20bb6aad716949d2
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/3fdf6f325607e0d54b8702224deff33b57f8f267 b/src/fuzz/dtls_client_corpus/3fdf6f325607e0d54b8702224deff33b57f8f267
new file mode 100644
index 0000000..59efaf6
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/3fdf6f325607e0d54b8702224deff33b57f8f267
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/413e9bfecceddf63e304006240e89bddf3f6fd1d b/src/fuzz/dtls_client_corpus/413e9bfecceddf63e304006240e89bddf3f6fd1d
new file mode 100644
index 0000000..3267887
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/413e9bfecceddf63e304006240e89bddf3f6fd1d
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/441df3d2904892dae21aae7be22f782c6d52f789 b/src/fuzz/dtls_client_corpus/441df3d2904892dae21aae7be22f782c6d52f789
new file mode 100644
index 0000000..a4a5eb1
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/441df3d2904892dae21aae7be22f782c6d52f789
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/4868aaf8ea86ed3de57eb2a54eddb8a6d77ea60b b/src/fuzz/dtls_client_corpus/4868aaf8ea86ed3de57eb2a54eddb8a6d77ea60b
new file mode 100644
index 0000000..2e5cd70
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/4868aaf8ea86ed3de57eb2a54eddb8a6d77ea60b
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/4a23e7aa3e70a542e900c4b97c050362cf9a752f b/src/fuzz/dtls_client_corpus/4a23e7aa3e70a542e900c4b97c050362cf9a752f
deleted file mode 100644
index c7700ef..0000000
--- a/src/fuzz/dtls_client_corpus/4a23e7aa3e70a542e900c4b97c050362cf9a752f
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/4b2a75c634e97d8d1509af720465982a629c4b4a b/src/fuzz/dtls_client_corpus/4b2a75c634e97d8d1509af720465982a629c4b4a
deleted file mode 100644
index a2ad28d..0000000
--- a/src/fuzz/dtls_client_corpus/4b2a75c634e97d8d1509af720465982a629c4b4a
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/4fceb3c47f7fe10bec69e3301949058bfeb0021d b/src/fuzz/dtls_client_corpus/4fceb3c47f7fe10bec69e3301949058bfeb0021d
new file mode 100644
index 0000000..a78c19d
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/4fceb3c47f7fe10bec69e3301949058bfeb0021d
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/522dc10bcac57ae649b8101d076c33e0559c6060 b/src/fuzz/dtls_client_corpus/522dc10bcac57ae649b8101d076c33e0559c6060
new file mode 100644
index 0000000..292d7ea
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/522dc10bcac57ae649b8101d076c33e0559c6060
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/57697062552842ec22b73c681e5ec791f8f9c607 b/src/fuzz/dtls_client_corpus/57697062552842ec22b73c681e5ec791f8f9c607
deleted file mode 100644
index e976984..0000000
--- a/src/fuzz/dtls_client_corpus/57697062552842ec22b73c681e5ec791f8f9c607
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/597db602bc71b88812a5324e3c08d02dfba0c41d b/src/fuzz/dtls_client_corpus/597db602bc71b88812a5324e3c08d02dfba0c41d
deleted file mode 100644
index 949267f..0000000
--- a/src/fuzz/dtls_client_corpus/597db602bc71b88812a5324e3c08d02dfba0c41d
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/5dae0700e336c6b3c4d9dfc2af7f2716a484862e b/src/fuzz/dtls_client_corpus/5dae0700e336c6b3c4d9dfc2af7f2716a484862e
new file mode 100644
index 0000000..72c4a6f
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/5dae0700e336c6b3c4d9dfc2af7f2716a484862e
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/5ddbc31979a4d501710dc4749ba4e73ec8f12be2 b/src/fuzz/dtls_client_corpus/5ddbc31979a4d501710dc4749ba4e73ec8f12be2
new file mode 100644
index 0000000..21a7ef7
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/5ddbc31979a4d501710dc4749ba4e73ec8f12be2
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/5e40aa8bce2d0acf10e033b317e9bf0b65bb3764 b/src/fuzz/dtls_client_corpus/5e40aa8bce2d0acf10e033b317e9bf0b65bb3764
new file mode 100644
index 0000000..c646ba0
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/5e40aa8bce2d0acf10e033b317e9bf0b65bb3764
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/6072d76d059c0e2e962e8953a33c2ddba807b04c b/src/fuzz/dtls_client_corpus/6072d76d059c0e2e962e8953a33c2ddba807b04c
deleted file mode 100644
index 0965933..0000000
--- a/src/fuzz/dtls_client_corpus/6072d76d059c0e2e962e8953a33c2ddba807b04c
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/626ca01e4a61fea7f7fc456779391b6335e6c422 b/src/fuzz/dtls_client_corpus/626ca01e4a61fea7f7fc456779391b6335e6c422
new file mode 100644
index 0000000..0ee2cb0
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/626ca01e4a61fea7f7fc456779391b6335e6c422
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/628e600b81ae7c48cfd3fbddc1012ad8936060c9 b/src/fuzz/dtls_client_corpus/628e600b81ae7c48cfd3fbddc1012ad8936060c9
new file mode 100644
index 0000000..dc97640
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/628e600b81ae7c48cfd3fbddc1012ad8936060c9
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/639758c54be9c435d966c585adb5a3a18e60f5e9 b/src/fuzz/dtls_client_corpus/639758c54be9c435d966c585adb5a3a18e60f5e9
new file mode 100644
index 0000000..c60c7b3
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/639758c54be9c435d966c585adb5a3a18e60f5e9
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/661bad319f2fe1328742b4032d3e0667b452d848 b/src/fuzz/dtls_client_corpus/661bad319f2fe1328742b4032d3e0667b452d848
new file mode 100644
index 0000000..782c53b
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/661bad319f2fe1328742b4032d3e0667b452d848
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/68a5b70038bd04395fe98157364da1d86f3d831e b/src/fuzz/dtls_client_corpus/68a5b70038bd04395fe98157364da1d86f3d831e
deleted file mode 100644
index 52a6d9b..0000000
--- a/src/fuzz/dtls_client_corpus/68a5b70038bd04395fe98157364da1d86f3d831e
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/696878f56f7a6fe20c95bbf5248dbb7079600b0f b/src/fuzz/dtls_client_corpus/696878f56f7a6fe20c95bbf5248dbb7079600b0f
new file mode 100644
index 0000000..4550688
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/696878f56f7a6fe20c95bbf5248dbb7079600b0f
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/6a97bfc9a6785a72411fcc7d4c3a11986550cccd b/src/fuzz/dtls_client_corpus/6a97bfc9a6785a72411fcc7d4c3a11986550cccd
new file mode 100644
index 0000000..b50218a
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/6a97bfc9a6785a72411fcc7d4c3a11986550cccd
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/6bfb96ccf744774b8f59a9396053e937e8619cc3 b/src/fuzz/dtls_client_corpus/6bfb96ccf744774b8f59a9396053e937e8619cc3
deleted file mode 100644
index ea2e748..0000000
--- a/src/fuzz/dtls_client_corpus/6bfb96ccf744774b8f59a9396053e937e8619cc3
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/6c8a552b290fc66b323028b947a3b7f0e62b91d4 b/src/fuzz/dtls_client_corpus/6c8a552b290fc66b323028b947a3b7f0e62b91d4
deleted file mode 100644
index 5d325c1..0000000
--- a/src/fuzz/dtls_client_corpus/6c8a552b290fc66b323028b947a3b7f0e62b91d4
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/71ddc6053a48e0e90b140c4c78048d841f3fa226 b/src/fuzz/dtls_client_corpus/71ddc6053a48e0e90b140c4c78048d841f3fa226
deleted file mode 100644
index 25814bd..0000000
--- a/src/fuzz/dtls_client_corpus/71ddc6053a48e0e90b140c4c78048d841f3fa226
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/726d716220ad95706d5f4eb587a27af3496854cc b/src/fuzz/dtls_client_corpus/726d716220ad95706d5f4eb587a27af3496854cc
new file mode 100644
index 0000000..8576360
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/726d716220ad95706d5f4eb587a27af3496854cc
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/733bd91414992c60794e88df7014ec4317816a34 b/src/fuzz/dtls_client_corpus/733bd91414992c60794e88df7014ec4317816a34
new file mode 100644
index 0000000..ff540ee
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/733bd91414992c60794e88df7014ec4317816a34
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/743aa2322c72a9876ec2857ab7173f335ff31341 b/src/fuzz/dtls_client_corpus/743aa2322c72a9876ec2857ab7173f335ff31341
new file mode 100644
index 0000000..eb45e66
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/743aa2322c72a9876ec2857ab7173f335ff31341
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/74bb6df8293bb681e9b1b0fb3213e1c743c2380f b/src/fuzz/dtls_client_corpus/74bb6df8293bb681e9b1b0fb3213e1c743c2380f
new file mode 100644
index 0000000..c5b4b2b
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/74bb6df8293bb681e9b1b0fb3213e1c743c2380f
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/78a63a29db708ac9939b88f8585f4ec8a92a2f41 b/src/fuzz/dtls_client_corpus/78a63a29db708ac9939b88f8585f4ec8a92a2f41
new file mode 100644
index 0000000..fb6075e
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/78a63a29db708ac9939b88f8585f4ec8a92a2f41
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/81b5b780dbab6b406c756b534dd82c53e8daab4e b/src/fuzz/dtls_client_corpus/81b5b780dbab6b406c756b534dd82c53e8daab4e
deleted file mode 100644
index 1bca2c8..0000000
--- a/src/fuzz/dtls_client_corpus/81b5b780dbab6b406c756b534dd82c53e8daab4e
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/8713f75eb9831ba67d3d1953cf45a77988ade56b b/src/fuzz/dtls_client_corpus/8713f75eb9831ba67d3d1953cf45a77988ade56b
new file mode 100644
index 0000000..5483be7
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/8713f75eb9831ba67d3d1953cf45a77988ade56b
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/891f38d705f746fc70e63f37873a7fc07a90eabe b/src/fuzz/dtls_client_corpus/891f38d705f746fc70e63f37873a7fc07a90eabe
deleted file mode 100644
index e18a17c..0000000
--- a/src/fuzz/dtls_client_corpus/891f38d705f746fc70e63f37873a7fc07a90eabe
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/8c0ba4119b643b37d6ce7de2e5aeb1a30e594a1a b/src/fuzz/dtls_client_corpus/8c0ba4119b643b37d6ce7de2e5aeb1a30e594a1a
new file mode 100644
index 0000000..f7a0eb5
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/8c0ba4119b643b37d6ce7de2e5aeb1a30e594a1a
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/8cb4439d89fce95a855c5b1f15ab504178822cf1 b/src/fuzz/dtls_client_corpus/8cb4439d89fce95a855c5b1f15ab504178822cf1
deleted file mode 100644
index 62cae2c..0000000
--- a/src/fuzz/dtls_client_corpus/8cb4439d89fce95a855c5b1f15ab504178822cf1
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/8dcd92d13e566481268302277e8b39c32d452998 b/src/fuzz/dtls_client_corpus/8dcd92d13e566481268302277e8b39c32d452998
deleted file mode 100644
index 16a9e0c..0000000
--- a/src/fuzz/dtls_client_corpus/8dcd92d13e566481268302277e8b39c32d452998
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/91bba88b342d01b90c2e00f4cc518d727d57798a b/src/fuzz/dtls_client_corpus/91bba88b342d01b90c2e00f4cc518d727d57798a
new file mode 100644
index 0000000..62b3218
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/91bba88b342d01b90c2e00f4cc518d727d57798a
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/927b3dfc765ecf948c603f1ae290ff571263d958 b/src/fuzz/dtls_client_corpus/927b3dfc765ecf948c603f1ae290ff571263d958
new file mode 100644
index 0000000..5d8c099
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/927b3dfc765ecf948c603f1ae290ff571263d958
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/954e182849c0f4ae5252b3dfd2236a251774acb4 b/src/fuzz/dtls_client_corpus/954e182849c0f4ae5252b3dfd2236a251774acb4
new file mode 100644
index 0000000..47d4935
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/954e182849c0f4ae5252b3dfd2236a251774acb4
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/9c2cd9bf3505671f0ce173fe835b7b7c5679c433 b/src/fuzz/dtls_client_corpus/9c2cd9bf3505671f0ce173fe835b7b7c5679c433
new file mode 100644
index 0000000..a1b2a02
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/9c2cd9bf3505671f0ce173fe835b7b7c5679c433
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/9cc208beec6e1f47cc09daa03eeddd3fc117481f b/src/fuzz/dtls_client_corpus/9cc208beec6e1f47cc09daa03eeddd3fc117481f
deleted file mode 100644
index bf0997c..0000000
--- a/src/fuzz/dtls_client_corpus/9cc208beec6e1f47cc09daa03eeddd3fc117481f
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/9e71be37d2f1a0fbfa83a66885504e17fc145190 b/src/fuzz/dtls_client_corpus/9e71be37d2f1a0fbfa83a66885504e17fc145190
deleted file mode 100644
index c00f478..0000000
--- a/src/fuzz/dtls_client_corpus/9e71be37d2f1a0fbfa83a66885504e17fc145190
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/a00e02d6a66867a528efb3cee7b104399eb62f0f b/src/fuzz/dtls_client_corpus/a00e02d6a66867a528efb3cee7b104399eb62f0f
deleted file mode 100644
index bd3496c..0000000
--- a/src/fuzz/dtls_client_corpus/a00e02d6a66867a528efb3cee7b104399eb62f0f
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/a42d64535920ecb5873c86fe13c2b71b6523408d b/src/fuzz/dtls_client_corpus/a42d64535920ecb5873c86fe13c2b71b6523408d
new file mode 100644
index 0000000..fd48eff
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/a42d64535920ecb5873c86fe13c2b71b6523408d
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/a6a762790cf6d347a07baa602fba7548bbe49694 b/src/fuzz/dtls_client_corpus/a6a762790cf6d347a07baa602fba7548bbe49694
new file mode 100644
index 0000000..f107182
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/a6a762790cf6d347a07baa602fba7548bbe49694
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/a6b230d953b2d6ddd1cfe881a62c69f5995b366d b/src/fuzz/dtls_client_corpus/a6b230d953b2d6ddd1cfe881a62c69f5995b366d
new file mode 100644
index 0000000..8e19c20
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/a6b230d953b2d6ddd1cfe881a62c69f5995b366d
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/ad70020137ab9f826ff903243ae3bb388bff1b97 b/src/fuzz/dtls_client_corpus/ad70020137ab9f826ff903243ae3bb388bff1b97
new file mode 100644
index 0000000..f648ced
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/ad70020137ab9f826ff903243ae3bb388bff1b97
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/b00a5fcb7d799ee039d50d6ed0e7761ddd829bab b/src/fuzz/dtls_client_corpus/b00a5fcb7d799ee039d50d6ed0e7761ddd829bab
new file mode 100644
index 0000000..0fcb555
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/b00a5fcb7d799ee039d50d6ed0e7761ddd829bab
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/b1c4d1babe5a49123dfac762bbed954ca76e87ab b/src/fuzz/dtls_client_corpus/b1c4d1babe5a49123dfac762bbed954ca76e87ab
new file mode 100644
index 0000000..d66fa57
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/b1c4d1babe5a49123dfac762bbed954ca76e87ab
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/b29e2054e14dc0fe51974cd199c7053eb7dd384f b/src/fuzz/dtls_client_corpus/b29e2054e14dc0fe51974cd199c7053eb7dd384f
new file mode 100644
index 0000000..d586220
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/b29e2054e14dc0fe51974cd199c7053eb7dd384f
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/b3962ca9c82812733027a79be8db8f4c3de076bf b/src/fuzz/dtls_client_corpus/b3962ca9c82812733027a79be8db8f4c3de076bf
new file mode 100644
index 0000000..c4ea102
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/b3962ca9c82812733027a79be8db8f4c3de076bf
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/b3c3b9e27e6dcc78747b8e79e9d44188e0149bfd b/src/fuzz/dtls_client_corpus/b3c3b9e27e6dcc78747b8e79e9d44188e0149bfd
new file mode 100644
index 0000000..ead1ada
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/b3c3b9e27e6dcc78747b8e79e9d44188e0149bfd
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/ba3f40f6bf53fd26e3450ba091a755fae59468c6 b/src/fuzz/dtls_client_corpus/ba3f40f6bf53fd26e3450ba091a755fae59468c6
new file mode 100644
index 0000000..8ba5cff
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/ba3f40f6bf53fd26e3450ba091a755fae59468c6
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/bd9a28c9a13ff988b1d1c04427992fcfb6562edd b/src/fuzz/dtls_client_corpus/bd9a28c9a13ff988b1d1c04427992fcfb6562edd
new file mode 100644
index 0000000..2e9086c
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/bd9a28c9a13ff988b1d1c04427992fcfb6562edd
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/c97e4b695be2cfd280d6ae25742b44c932e3f0eb b/src/fuzz/dtls_client_corpus/c97e4b695be2cfd280d6ae25742b44c932e3f0eb
new file mode 100644
index 0000000..f21433b
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/c97e4b695be2cfd280d6ae25742b44c932e3f0eb
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/c9b75e57af9f50f74ec62c218be40982d81a081a b/src/fuzz/dtls_client_corpus/c9b75e57af9f50f74ec62c218be40982d81a081a
deleted file mode 100644
index 97e1d38..0000000
--- a/src/fuzz/dtls_client_corpus/c9b75e57af9f50f74ec62c218be40982d81a081a
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/cc68fc86bd19ab73b81f76a2c4ea5765ebdc7c52 b/src/fuzz/dtls_client_corpus/cc68fc86bd19ab73b81f76a2c4ea5765ebdc7c52
new file mode 100644
index 0000000..5c241d7
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/cc68fc86bd19ab73b81f76a2c4ea5765ebdc7c52
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/cf35c1b963e072b6403fff72283626fb32cc4ba6 b/src/fuzz/dtls_client_corpus/cf35c1b963e072b6403fff72283626fb32cc4ba6
deleted file mode 100644
index 48d8623..0000000
--- a/src/fuzz/dtls_client_corpus/cf35c1b963e072b6403fff72283626fb32cc4ba6
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/d2357faac1dff3b0d3e558c73d9bf11e492f591a b/src/fuzz/dtls_client_corpus/d2357faac1dff3b0d3e558c73d9bf11e492f591a
deleted file mode 100644
index 77bca70..0000000
--- a/src/fuzz/dtls_client_corpus/d2357faac1dff3b0d3e558c73d9bf11e492f591a
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/d4d02b75cc8de4a7aa89e3042a046a91472e3c98 b/src/fuzz/dtls_client_corpus/d4d02b75cc8de4a7aa89e3042a046a91472e3c98
deleted file mode 100644
index 111f206..0000000
--- a/src/fuzz/dtls_client_corpus/d4d02b75cc8de4a7aa89e3042a046a91472e3c98
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/d683d1367d037118cf5c62bc14889743432b957c b/src/fuzz/dtls_client_corpus/d683d1367d037118cf5c62bc14889743432b957c
new file mode 100644
index 0000000..eb3d22e
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/d683d1367d037118cf5c62bc14889743432b957c
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/d6b3b7d7f8c96f72ef4ac861d463d49e03db5008 b/src/fuzz/dtls_client_corpus/d6b3b7d7f8c96f72ef4ac861d463d49e03db5008
new file mode 100644
index 0000000..ee5419c
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/d6b3b7d7f8c96f72ef4ac861d463d49e03db5008
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/dbbc66a7bfd35108d439fac636a755f66045dde7 b/src/fuzz/dtls_client_corpus/dbbc66a7bfd35108d439fac636a755f66045dde7
new file mode 100644
index 0000000..ae48113
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/dbbc66a7bfd35108d439fac636a755f66045dde7
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/dc3f70aeabbef9d00901443f39e544d0b86a914b b/src/fuzz/dtls_client_corpus/dc3f70aeabbef9d00901443f39e544d0b86a914b
new file mode 100644
index 0000000..3c97892
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/dc3f70aeabbef9d00901443f39e544d0b86a914b
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/f4ebae33ef1956e524d6e6a9c89ba661d6e5a061 b/src/fuzz/dtls_client_corpus/f4ebae33ef1956e524d6e6a9c89ba661d6e5a061
new file mode 100644
index 0000000..7daacd5
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/f4ebae33ef1956e524d6e6a9c89ba661d6e5a061
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/f4f6da6d7f4ba0db5e062240c338a42401f12a68 b/src/fuzz/dtls_client_corpus/f4f6da6d7f4ba0db5e062240c338a42401f12a68
new file mode 100644
index 0000000..39b5010
--- /dev/null
+++ b/src/fuzz/dtls_client_corpus/f4f6da6d7f4ba0db5e062240c338a42401f12a68
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/f5b5fb343a4e2d9bc972bf8e30ffb5a6a56c1b1e b/src/fuzz/dtls_client_corpus/f5b5fb343a4e2d9bc972bf8e30ffb5a6a56c1b1e
deleted file mode 100644
index ba61fca..0000000
--- a/src/fuzz/dtls_client_corpus/f5b5fb343a4e2d9bc972bf8e30ffb5a6a56c1b1e
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_client_corpus/fcf5d6b900fddcad52149522f69c93556831b311 b/src/fuzz/dtls_client_corpus/fcf5d6b900fddcad52149522f69c93556831b311
deleted file mode 100644
index ec77983..0000000
--- a/src/fuzz/dtls_client_corpus/fcf5d6b900fddcad52149522f69c93556831b311
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server.cc b/src/fuzz/dtls_server.cc
index fc9718e..410ef3a 100644
--- a/src/fuzz/dtls_server.cc
+++ b/src/fuzz/dtls_server.cc
@@ -15,7 +15,8 @@
#include "../ssl/test/fuzzer.h"
-static TLSFuzzer g_fuzzer(TLSFuzzer::kDTLS, TLSFuzzer::kServer);
+static TLSFuzzer g_fuzzer(TLSFuzzer::kDTLS, TLSFuzzer::kServer,
+ TLSFuzzer::kFuzzerModeOn);
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
return g_fuzzer.TestOneInput(buf, len);
diff --git a/src/fuzz/dtls_server_corpus/008916cded453a950ba4eb58899b0e62a56d0f65 b/src/fuzz/dtls_server_corpus/008916cded453a950ba4eb58899b0e62a56d0f65
new file mode 100644
index 0000000..8a4f06a
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/008916cded453a950ba4eb58899b0e62a56d0f65
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/051d9e6248e1592734fe606ba7ec372d8f8253fb b/src/fuzz/dtls_server_corpus/051d9e6248e1592734fe606ba7ec372d8f8253fb
deleted file mode 100644
index e2ba055..0000000
--- a/src/fuzz/dtls_server_corpus/051d9e6248e1592734fe606ba7ec372d8f8253fb
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/09fc14b96cad9e32c38c2f709fb06da97327c111 b/src/fuzz/dtls_server_corpus/09fc14b96cad9e32c38c2f709fb06da97327c111
new file mode 100644
index 0000000..e0c4c4d
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/09fc14b96cad9e32c38c2f709fb06da97327c111
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/0ae90b427382f5b78da273b666138d5f844e9ab8 b/src/fuzz/dtls_server_corpus/0ae90b427382f5b78da273b666138d5f844e9ab8
new file mode 100644
index 0000000..3f9dc05
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/0ae90b427382f5b78da273b666138d5f844e9ab8
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/0c4f6903c2627a7d0a83e793b22ad7284356e3a3 b/src/fuzz/dtls_server_corpus/0c4f6903c2627a7d0a83e793b22ad7284356e3a3
deleted file mode 100644
index 3b724a3..0000000
--- a/src/fuzz/dtls_server_corpus/0c4f6903c2627a7d0a83e793b22ad7284356e3a3
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/1271659c755766883a8287e85077aa6a003ee00d b/src/fuzz/dtls_server_corpus/1271659c755766883a8287e85077aa6a003ee00d
new file mode 100644
index 0000000..e60004a
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/1271659c755766883a8287e85077aa6a003ee00d
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/14e234c1ea0ff56c3204bb0cc2cfa2bbb3c45bfe b/src/fuzz/dtls_server_corpus/14e234c1ea0ff56c3204bb0cc2cfa2bbb3c45bfe
new file mode 100644
index 0000000..ba2cdcb
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/14e234c1ea0ff56c3204bb0cc2cfa2bbb3c45bfe
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/1a23e8c210e8b79f702c1501a0d4f6e97b72b6d9 b/src/fuzz/dtls_server_corpus/1a23e8c210e8b79f702c1501a0d4f6e97b72b6d9
deleted file mode 100644
index 29c93cf..0000000
--- a/src/fuzz/dtls_server_corpus/1a23e8c210e8b79f702c1501a0d4f6e97b72b6d9
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/1b18e5f61ff3d871059599f371f88c185742b19f b/src/fuzz/dtls_server_corpus/1b18e5f61ff3d871059599f371f88c185742b19f
deleted file mode 100644
index 39e2d3b..0000000
--- a/src/fuzz/dtls_server_corpus/1b18e5f61ff3d871059599f371f88c185742b19f
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/1e0c6b28a070046904db2f5ffee717694a1c2eb5 b/src/fuzz/dtls_server_corpus/1e0c6b28a070046904db2f5ffee717694a1c2eb5
new file mode 100644
index 0000000..fd5932d
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/1e0c6b28a070046904db2f5ffee717694a1c2eb5
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/24973bbed6527f9fffa3792322500447cedc8717 b/src/fuzz/dtls_server_corpus/24973bbed6527f9fffa3792322500447cedc8717
deleted file mode 100644
index 5596dfc..0000000
--- a/src/fuzz/dtls_server_corpus/24973bbed6527f9fffa3792322500447cedc8717
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/296d678b2d972651f64ff9b8900377cd7c88af9a b/src/fuzz/dtls_server_corpus/296d678b2d972651f64ff9b8900377cd7c88af9a
new file mode 100644
index 0000000..cd6591a
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/296d678b2d972651f64ff9b8900377cd7c88af9a
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/2b65c81933ac0a88fb35956334f86c9d5cce38f3 b/src/fuzz/dtls_server_corpus/2b65c81933ac0a88fb35956334f86c9d5cce38f3
new file mode 100644
index 0000000..6d514f4
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/2b65c81933ac0a88fb35956334f86c9d5cce38f3
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/2eb49392be464058d80e4badfa20d84d06d69800 b/src/fuzz/dtls_server_corpus/2eb49392be464058d80e4badfa20d84d06d69800
new file mode 100644
index 0000000..b544d21
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/2eb49392be464058d80e4badfa20d84d06d69800
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/2eb834e0a83f13f0f9d20ff64be7b58a87f09f25 b/src/fuzz/dtls_server_corpus/2eb834e0a83f13f0f9d20ff64be7b58a87f09f25
deleted file mode 100644
index 53568f0..0000000
--- a/src/fuzz/dtls_server_corpus/2eb834e0a83f13f0f9d20ff64be7b58a87f09f25
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/31ed79ccfda79cdeba6017a9740e60af3e360aa1 b/src/fuzz/dtls_server_corpus/31ed79ccfda79cdeba6017a9740e60af3e360aa1
deleted file mode 100644
index 3b0c82d..0000000
--- a/src/fuzz/dtls_server_corpus/31ed79ccfda79cdeba6017a9740e60af3e360aa1
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/325bf586b38eb2d39309abd1de06e2d72e8aa2c4 b/src/fuzz/dtls_server_corpus/325bf586b38eb2d39309abd1de06e2d72e8aa2c4
deleted file mode 100644
index 7cc1bea..0000000
--- a/src/fuzz/dtls_server_corpus/325bf586b38eb2d39309abd1de06e2d72e8aa2c4
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/328daea98a65aa522edf51b482ab5a7d757d6116 b/src/fuzz/dtls_server_corpus/328daea98a65aa522edf51b482ab5a7d757d6116
deleted file mode 100644
index 91e7697..0000000
--- a/src/fuzz/dtls_server_corpus/328daea98a65aa522edf51b482ab5a7d757d6116
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/3c4b77d13c51c48c61e6e298dc8cab84165b6fcc b/src/fuzz/dtls_server_corpus/3c4b77d13c51c48c61e6e298dc8cab84165b6fcc
deleted file mode 100644
index 2a20a1b..0000000
--- a/src/fuzz/dtls_server_corpus/3c4b77d13c51c48c61e6e298dc8cab84165b6fcc
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/3cb976417bf6735470d85b1b4d34e92238d7d9d2 b/src/fuzz/dtls_server_corpus/3cb976417bf6735470d85b1b4d34e92238d7d9d2
deleted file mode 100644
index 3662644..0000000
--- a/src/fuzz/dtls_server_corpus/3cb976417bf6735470d85b1b4d34e92238d7d9d2
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/3fa1997f91f472c0bb037d0072ca1a0a28f63fe4 b/src/fuzz/dtls_server_corpus/3fa1997f91f472c0bb037d0072ca1a0a28f63fe4
new file mode 100644
index 0000000..b26e4d4
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/3fa1997f91f472c0bb037d0072ca1a0a28f63fe4
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/40d7c5c4e89ef81179a3e50632f5b179ccdd0fb9 b/src/fuzz/dtls_server_corpus/40d7c5c4e89ef81179a3e50632f5b179ccdd0fb9
new file mode 100644
index 0000000..88123f9
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/40d7c5c4e89ef81179a3e50632f5b179ccdd0fb9
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/426b6791308c372fc4866694ac5b27b7a5901696 b/src/fuzz/dtls_server_corpus/426b6791308c372fc4866694ac5b27b7a5901696
new file mode 100644
index 0000000..0fc0a9e
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/426b6791308c372fc4866694ac5b27b7a5901696
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/42c9d88358d353ffe0759248daba7810641f3ea9 b/src/fuzz/dtls_server_corpus/42c9d88358d353ffe0759248daba7810641f3ea9
new file mode 100644
index 0000000..66bb2f0
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/42c9d88358d353ffe0759248daba7810641f3ea9
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/434334bf305970ddf81d750c0cf4df1a9f1da15e b/src/fuzz/dtls_server_corpus/434334bf305970ddf81d750c0cf4df1a9f1da15e
new file mode 100644
index 0000000..2693e70
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/434334bf305970ddf81d750c0cf4df1a9f1da15e
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/46201a375d8fe71db07a32073dcda27b38eddd57 b/src/fuzz/dtls_server_corpus/46201a375d8fe71db07a32073dcda27b38eddd57
new file mode 100644
index 0000000..76076ef
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/46201a375d8fe71db07a32073dcda27b38eddd57
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/49937915a71ddf43a13c88a5d13f4000dc0a6112 b/src/fuzz/dtls_server_corpus/49937915a71ddf43a13c88a5d13f4000dc0a6112
deleted file mode 100644
index 03142b7..0000000
--- a/src/fuzz/dtls_server_corpus/49937915a71ddf43a13c88a5d13f4000dc0a6112
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/4f50e0f40fbff8cb0eb5e0fa2cb772565eec84d5 b/src/fuzz/dtls_server_corpus/4f50e0f40fbff8cb0eb5e0fa2cb772565eec84d5
deleted file mode 100644
index 4a1dd79..0000000
--- a/src/fuzz/dtls_server_corpus/4f50e0f40fbff8cb0eb5e0fa2cb772565eec84d5
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/515e847811f0f11a4593435e8f8c283c941e9030 b/src/fuzz/dtls_server_corpus/515e847811f0f11a4593435e8f8c283c941e9030
new file mode 100644
index 0000000..d521480
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/515e847811f0f11a4593435e8f8c283c941e9030
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/517c8306ac9d724c6d39b03322619161816b15ed b/src/fuzz/dtls_server_corpus/517c8306ac9d724c6d39b03322619161816b15ed
new file mode 100644
index 0000000..f0b9fe1
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/517c8306ac9d724c6d39b03322619161816b15ed
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/54eb56610f3a663105006f03d0e83b9d2f5ee8eb b/src/fuzz/dtls_server_corpus/54eb56610f3a663105006f03d0e83b9d2f5ee8eb
deleted file mode 100644
index 9a5906c..0000000
--- a/src/fuzz/dtls_server_corpus/54eb56610f3a663105006f03d0e83b9d2f5ee8eb
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/57521321cc5d80586609338975fff6bb065b568e b/src/fuzz/dtls_server_corpus/57521321cc5d80586609338975fff6bb065b568e
deleted file mode 100644
index 4c6fc6d..0000000
--- a/src/fuzz/dtls_server_corpus/57521321cc5d80586609338975fff6bb065b568e
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/62517c394ce01e3730dee9f60ae393d6cd262747 b/src/fuzz/dtls_server_corpus/62517c394ce01e3730dee9f60ae393d6cd262747
new file mode 100644
index 0000000..f82265a
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/62517c394ce01e3730dee9f60ae393d6cd262747
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/62817eb73d3fcd3ca81008a123517e7c455b5116 b/src/fuzz/dtls_server_corpus/62817eb73d3fcd3ca81008a123517e7c455b5116
new file mode 100644
index 0000000..3ce6400
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/62817eb73d3fcd3ca81008a123517e7c455b5116
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/632ec0d29c72f874aa92f915d674cd9b0e3bf50c b/src/fuzz/dtls_server_corpus/632ec0d29c72f874aa92f915d674cd9b0e3bf50c
new file mode 100644
index 0000000..5f61065
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/632ec0d29c72f874aa92f915d674cd9b0e3bf50c
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/652db1114d3581629061c4db6265ef77eba7b2c9 b/src/fuzz/dtls_server_corpus/652db1114d3581629061c4db6265ef77eba7b2c9
new file mode 100644
index 0000000..e10bf30
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/652db1114d3581629061c4db6265ef77eba7b2c9
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/67543416d15e7f335700c0d00480365c31e0d072 b/src/fuzz/dtls_server_corpus/67543416d15e7f335700c0d00480365c31e0d072
new file mode 100644
index 0000000..4378ab8
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/67543416d15e7f335700c0d00480365c31e0d072
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/684c44a1c50cb8cea94089907a359953ef9ee8b7 b/src/fuzz/dtls_server_corpus/684c44a1c50cb8cea94089907a359953ef9ee8b7
new file mode 100644
index 0000000..5558353
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/684c44a1c50cb8cea94089907a359953ef9ee8b7
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/6d26870ebdceef0f4a0b374613a91c21efe3900c b/src/fuzz/dtls_server_corpus/6d26870ebdceef0f4a0b374613a91c21efe3900c
new file mode 100644
index 0000000..54e58c4
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/6d26870ebdceef0f4a0b374613a91c21efe3900c
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/6d9ab3f08bfb7af1fb7ebe11c5e4f5185aa301c7 b/src/fuzz/dtls_server_corpus/6d9ab3f08bfb7af1fb7ebe11c5e4f5185aa301c7
new file mode 100644
index 0000000..47fad3a
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/6d9ab3f08bfb7af1fb7ebe11c5e4f5185aa301c7
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/6e303ef2848592afbc8972a07f98b0b9559f5f94 b/src/fuzz/dtls_server_corpus/6e303ef2848592afbc8972a07f98b0b9559f5f94
new file mode 100644
index 0000000..64bbc7e
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/6e303ef2848592afbc8972a07f98b0b9559f5f94
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/72932a25bbd3100f478589c32dfb3bb71cb6b578 b/src/fuzz/dtls_server_corpus/72932a25bbd3100f478589c32dfb3bb71cb6b578
deleted file mode 100644
index ff577c1..0000000
--- a/src/fuzz/dtls_server_corpus/72932a25bbd3100f478589c32dfb3bb71cb6b578
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/798b4f764f0126c8d792b2e5108ac009c61a59a7 b/src/fuzz/dtls_server_corpus/798b4f764f0126c8d792b2e5108ac009c61a59a7
new file mode 100644
index 0000000..0ee293d
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/798b4f764f0126c8d792b2e5108ac009c61a59a7
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/7d007d3eed467fd54f92713426c9ede8a174c967 b/src/fuzz/dtls_server_corpus/7d007d3eed467fd54f92713426c9ede8a174c967
deleted file mode 100644
index 1235171..0000000
--- a/src/fuzz/dtls_server_corpus/7d007d3eed467fd54f92713426c9ede8a174c967
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/7f5504997c90e8cbac8d365a5ccd1567f2127baf b/src/fuzz/dtls_server_corpus/7f5504997c90e8cbac8d365a5ccd1567f2127baf
new file mode 100644
index 0000000..582dfb8
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/7f5504997c90e8cbac8d365a5ccd1567f2127baf
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/8291a8b5e99562067229514187884e663e1e3b88 b/src/fuzz/dtls_server_corpus/8291a8b5e99562067229514187884e663e1e3b88
new file mode 100644
index 0000000..7273c7d
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/8291a8b5e99562067229514187884e663e1e3b88
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/85bdd0276d33adb0a0dd33fcd65249fd5d3b9b95 b/src/fuzz/dtls_server_corpus/85bdd0276d33adb0a0dd33fcd65249fd5d3b9b95
new file mode 100644
index 0000000..6a87c85
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/85bdd0276d33adb0a0dd33fcd65249fd5d3b9b95
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/85e30c0aab2d9143fff241281291f45d4510207d b/src/fuzz/dtls_server_corpus/85e30c0aab2d9143fff241281291f45d4510207d
deleted file mode 100644
index d4aed84..0000000
--- a/src/fuzz/dtls_server_corpus/85e30c0aab2d9143fff241281291f45d4510207d
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/8b4a84b78ec7b407accce5896c0e4d5a187ce0ed b/src/fuzz/dtls_server_corpus/8b4a84b78ec7b407accce5896c0e4d5a187ce0ed
new file mode 100644
index 0000000..82a14c0
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/8b4a84b78ec7b407accce5896c0e4d5a187ce0ed
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/8b705efebd6aab7ce4c294978df0947be39f5c10 b/src/fuzz/dtls_server_corpus/8b705efebd6aab7ce4c294978df0947be39f5c10
deleted file mode 100644
index 8876722..0000000
--- a/src/fuzz/dtls_server_corpus/8b705efebd6aab7ce4c294978df0947be39f5c10
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/8ea94fa89d7100c68dca6323289357f5c57fdf5f b/src/fuzz/dtls_server_corpus/8ea94fa89d7100c68dca6323289357f5c57fdf5f
new file mode 100644
index 0000000..c88bc6e
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/8ea94fa89d7100c68dca6323289357f5c57fdf5f
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/8f1392e9baf4a7f354da3ba2705ba420241d9fd9 b/src/fuzz/dtls_server_corpus/8f1392e9baf4a7f354da3ba2705ba420241d9fd9
new file mode 100644
index 0000000..fa89ae6
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/8f1392e9baf4a7f354da3ba2705ba420241d9fd9
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/90776700965014bd67bcd1cee51bd33ab32ac0e7 b/src/fuzz/dtls_server_corpus/90776700965014bd67bcd1cee51bd33ab32ac0e7
new file mode 100644
index 0000000..cf34ee6
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/90776700965014bd67bcd1cee51bd33ab32ac0e7
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/91641c5cbc157a2682393ba6a67a002d7432bf05 b/src/fuzz/dtls_server_corpus/91641c5cbc157a2682393ba6a67a002d7432bf05
deleted file mode 100644
index 6bf0210..0000000
--- a/src/fuzz/dtls_server_corpus/91641c5cbc157a2682393ba6a67a002d7432bf05
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/936319cc795785d56cf38b1a25e4784428b39320 b/src/fuzz/dtls_server_corpus/936319cc795785d56cf38b1a25e4784428b39320
deleted file mode 100644
index 137421f..0000000
--- a/src/fuzz/dtls_server_corpus/936319cc795785d56cf38b1a25e4784428b39320
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/94c8b423e9a6fa62746ab72aa80bb8dcdd84a5dc b/src/fuzz/dtls_server_corpus/94c8b423e9a6fa62746ab72aa80bb8dcdd84a5dc
deleted file mode 100644
index 181229b..0000000
--- a/src/fuzz/dtls_server_corpus/94c8b423e9a6fa62746ab72aa80bb8dcdd84a5dc
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/96c813a1f097ff92498058d80ba0e338a8f172c9 b/src/fuzz/dtls_server_corpus/96c813a1f097ff92498058d80ba0e338a8f172c9
deleted file mode 100644
index 707f21d..0000000
--- a/src/fuzz/dtls_server_corpus/96c813a1f097ff92498058d80ba0e338a8f172c9
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/9a64574c75f98921fef9466fd31474afde298c5b b/src/fuzz/dtls_server_corpus/9a64574c75f98921fef9466fd31474afde298c5b
new file mode 100644
index 0000000..9a0cb1c
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/9a64574c75f98921fef9466fd31474afde298c5b
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/9e2515c32d7538bac3668e47f8a75940b19f8847 b/src/fuzz/dtls_server_corpus/9e2515c32d7538bac3668e47f8a75940b19f8847
new file mode 100644
index 0000000..eb3ba38
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/9e2515c32d7538bac3668e47f8a75940b19f8847
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/a0e84144cca6b2692f60b456769401654541e8b9 b/src/fuzz/dtls_server_corpus/a0e84144cca6b2692f60b456769401654541e8b9
deleted file mode 100644
index 327dfa4..0000000
--- a/src/fuzz/dtls_server_corpus/a0e84144cca6b2692f60b456769401654541e8b9
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/a1fc98bda30c3698cb440c5d5c27609bd03c47b3 b/src/fuzz/dtls_server_corpus/a1fc98bda30c3698cb440c5d5c27609bd03c47b3
new file mode 100644
index 0000000..536c3ea
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/a1fc98bda30c3698cb440c5d5c27609bd03c47b3
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/a44c468a599211d043aaae73a9dd55a4fde864af b/src/fuzz/dtls_server_corpus/a44c468a599211d043aaae73a9dd55a4fde864af
new file mode 100644
index 0000000..7c39575
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/a44c468a599211d043aaae73a9dd55a4fde864af
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/aede02c55d31db32186d6d4ba9f2d9e840d0c0f8 b/src/fuzz/dtls_server_corpus/aede02c55d31db32186d6d4ba9f2d9e840d0c0f8
new file mode 100644
index 0000000..88d73e0
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/aede02c55d31db32186d6d4ba9f2d9e840d0c0f8
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/b2048942476dabac368de4ebcc72c09c929d34c6 b/src/fuzz/dtls_server_corpus/b2048942476dabac368de4ebcc72c09c929d34c6
new file mode 100644
index 0000000..a630ad3
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/b2048942476dabac368de4ebcc72c09c929d34c6
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/b6d19df92f0ffb86a10fdbf8093e215dadb43ccc b/src/fuzz/dtls_server_corpus/b6d19df92f0ffb86a10fdbf8093e215dadb43ccc
new file mode 100644
index 0000000..00ba9aa
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/b6d19df92f0ffb86a10fdbf8093e215dadb43ccc
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/b7e518d9041f284f5a69c3fa943ee71ebb48dfd1 b/src/fuzz/dtls_server_corpus/b7e518d9041f284f5a69c3fa943ee71ebb48dfd1
new file mode 100644
index 0000000..ec159d8
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/b7e518d9041f284f5a69c3fa943ee71ebb48dfd1
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/be84b42eb37c2ec846a83e086f1c272a47c71eeb b/src/fuzz/dtls_server_corpus/be84b42eb37c2ec846a83e086f1c272a47c71eeb
new file mode 100644
index 0000000..8fc5417
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/be84b42eb37c2ec846a83e086f1c272a47c71eeb
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/ce86bb5be4dada1d7077b151a419d8716d4f8af4 b/src/fuzz/dtls_server_corpus/ce86bb5be4dada1d7077b151a419d8716d4f8af4
new file mode 100644
index 0000000..027d84a
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/ce86bb5be4dada1d7077b151a419d8716d4f8af4
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/cf25227c38996d1330f55e17fdcefad821750b33 b/src/fuzz/dtls_server_corpus/cf25227c38996d1330f55e17fdcefad821750b33
new file mode 100644
index 0000000..9788ba7
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/cf25227c38996d1330f55e17fdcefad821750b33
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/cfc49e6b495f0e023c9b16d3ce14184ed79f5c19 b/src/fuzz/dtls_server_corpus/cfc49e6b495f0e023c9b16d3ce14184ed79f5c19
new file mode 100644
index 0000000..8f6fdab
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/cfc49e6b495f0e023c9b16d3ce14184ed79f5c19
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/d5c52e9e1a33d990733e5b6e04f5ff8ae37a7e86 b/src/fuzz/dtls_server_corpus/d5c52e9e1a33d990733e5b6e04f5ff8ae37a7e86
new file mode 100644
index 0000000..50106f8
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/d5c52e9e1a33d990733e5b6e04f5ff8ae37a7e86
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/d6a253345c55e76e191c0a0f790f872e8b04d2a7 b/src/fuzz/dtls_server_corpus/d6a253345c55e76e191c0a0f790f872e8b04d2a7
deleted file mode 100644
index 1ec04bc..0000000
--- a/src/fuzz/dtls_server_corpus/d6a253345c55e76e191c0a0f790f872e8b04d2a7
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/d7105bcebf00ca854441d2ec300eeaca92ff3568 b/src/fuzz/dtls_server_corpus/d7105bcebf00ca854441d2ec300eeaca92ff3568
deleted file mode 100644
index 955d0a7..0000000
--- a/src/fuzz/dtls_server_corpus/d7105bcebf00ca854441d2ec300eeaca92ff3568
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/e15640971571892811059f8d6046bdcb12fe948f b/src/fuzz/dtls_server_corpus/e15640971571892811059f8d6046bdcb12fe948f
deleted file mode 100644
index 264c9d2..0000000
--- a/src/fuzz/dtls_server_corpus/e15640971571892811059f8d6046bdcb12fe948f
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/e3defbc805bf5cb16d044424adbc05c76788ec1e b/src/fuzz/dtls_server_corpus/e3defbc805bf5cb16d044424adbc05c76788ec1e
new file mode 100644
index 0000000..0431383
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/e3defbc805bf5cb16d044424adbc05c76788ec1e
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/e3e3751d904e9df88e060b9830743941431c0f6b b/src/fuzz/dtls_server_corpus/e3e3751d904e9df88e060b9830743941431c0f6b
deleted file mode 100644
index 89134a4..0000000
--- a/src/fuzz/dtls_server_corpus/e3e3751d904e9df88e060b9830743941431c0f6b
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/e7f20beb38c842e821b53df5c1e3d9de42b46824 b/src/fuzz/dtls_server_corpus/e7f20beb38c842e821b53df5c1e3d9de42b46824
new file mode 100644
index 0000000..c81be68
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/e7f20beb38c842e821b53df5c1e3d9de42b46824
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/f0cffff85783c7cecf6cfadaace3cff80c5d3025 b/src/fuzz/dtls_server_corpus/f0cffff85783c7cecf6cfadaace3cff80c5d3025
deleted file mode 100644
index 8a8cffd..0000000
--- a/src/fuzz/dtls_server_corpus/f0cffff85783c7cecf6cfadaace3cff80c5d3025
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/f36112d755c2a835d699da80f00e91782c545645 b/src/fuzz/dtls_server_corpus/f36112d755c2a835d699da80f00e91782c545645
new file mode 100644
index 0000000..30c6935
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/f36112d755c2a835d699da80f00e91782c545645
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/f4efaee12aa3ea9b57b0f44f1cb963871d617ab1 b/src/fuzz/dtls_server_corpus/f4efaee12aa3ea9b57b0f44f1cb963871d617ab1
deleted file mode 100644
index b1afc71..0000000
--- a/src/fuzz/dtls_server_corpus/f4efaee12aa3ea9b57b0f44f1cb963871d617ab1
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/f5d004345957d50b25a6e8308236a8e1d4dd965b b/src/fuzz/dtls_server_corpus/f5d004345957d50b25a6e8308236a8e1d4dd965b
new file mode 100644
index 0000000..c90d270
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/f5d004345957d50b25a6e8308236a8e1d4dd965b
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/f78786eccd28b6e14ee5265e3bf071dd4917046e b/src/fuzz/dtls_server_corpus/f78786eccd28b6e14ee5265e3bf071dd4917046e
new file mode 100644
index 0000000..8f2da00
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/f78786eccd28b6e14ee5265e3bf071dd4917046e
Binary files differ
diff --git a/src/fuzz/dtls_server_corpus/feeb97b07440ae300a89bf3076bcd503ad8506c0 b/src/fuzz/dtls_server_corpus/feeb97b07440ae300a89bf3076bcd503ad8506c0
new file mode 100644
index 0000000..6833eb9
--- /dev/null
+++ b/src/fuzz/dtls_server_corpus/feeb97b07440ae300a89bf3076bcd503ad8506c0
Binary files differ
diff --git a/src/fuzz/pkcs8.cc b/src/fuzz/pkcs8.cc
index 9f8dc03..4aeaaa5 100644
--- a/src/fuzz/pkcs8.cc
+++ b/src/fuzz/pkcs8.cc
@@ -12,12 +12,17 @@
// See the License for the specific language governing permissions and
// limitations under the License.
+#include <openssl/crypto.h>
#include <openssl/bytestring.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/mem.h>
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
+#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
+ CRYPTO_set_fuzzer_mode(1);
+#endif
+
CBS cbs;
CBS_init(&cbs, buf, len);
EVP_PKEY *pkey = EVP_parse_private_key(&cbs);
diff --git a/src/fuzz/refresh_ssl_corpora.sh b/src/fuzz/refresh_ssl_corpora.sh
index 2688030..81d5251 100755
--- a/src/fuzz/refresh_ssl_corpora.sh
+++ b/src/fuzz/refresh_ssl_corpora.sh
@@ -15,38 +15,21 @@
set -ex
-if [[ $# -ne 2 ]]; then
- echo "Usage: $0 fuzzer_mode_build_dir no_fuzzer_mode_build_dir"
+if [[ $# -ne 1 ]]; then
+ echo "Usage: $0 build_dir"
exit 1
fi
-fuzzer_mode_build_dir=$1
-no_fuzzer_mode_build_dir=$2
+build_dir=$1
-# Sanity-check the build directories.
+# Sanity-check the build directory.
-if ! grep -q '^FUZZ:' "$fuzzer_mode_build_dir/CMakeCache.txt"; then
- echo "$fuzzer_mode_build_dir was not built with -DFUZZ=1"
+if ! grep -q '^FUZZ:' "$build_dir/CMakeCache.txt"; then
+ echo "$build_dir was not built with -DFUZZ=1"
exit 1
fi
-if grep -q '^NO_FUZZER_MODE:' "$fuzzer_mode_build_dir/CMakeCache.txt"; then
- echo "$fuzzer_mode_build_dir was built with -DNO_FUZZER_MODE=1"
- exit 1
-fi
-
-if ! grep -q '^FUZZ:' "$no_fuzzer_mode_build_dir/CMakeCache.txt"; then
- echo "$no_fuzzer_mode_build_dir was not built with -DFUZZ=1"
- exit 1
-fi
-
-if ! grep -q '^NO_FUZZER_MODE:' "$no_fuzzer_mode_build_dir/CMakeCache.txt"; then
- echo "$no_fuzzer_mode_build_dir was not built with -DNO_FUZZER_MODE=1"
- exit 1
-fi
-
-
# Sanity-check the current working directory.
assert_directory() {
@@ -57,71 +40,60 @@
}
assert_directory client_corpus
-assert_directory client_corpus_no_fuzzer_mode
+assert_directory client_no_fuzzer_mode_corpus
assert_directory server_corpus
-assert_directory server_corpus_no_fuzzer_mode
+assert_directory server_no_fuzzer_mode_corpus
assert_directory dtls_client_corpus
assert_directory dtls_server_corpus
# Gather new transcripts. Ignore errors in running the tests.
-fuzzer_mode_shim=$(readlink -f "$fuzzer_mode_build_dir/ssl/test/bssl_shim")
-no_fuzzer_mode_shim=$(readlink -f \
- "$no_fuzzer_mode_build_dir/ssl/test/bssl_shim")
-
-fuzzer_mode_handshaker=$(readlink -f \
- "$fuzzer_mode_build_dir/ssl/test/handshaker")
-no_fuzzer_mode_handshaker=$(readlink -f \
- "$no_fuzzer_mode_build_dir/ssl/test/handshaker")
+shim="$(readlink -f "$build_dir")/ssl/test/bssl_shim"
+handshaker="$(readlink -f "$build_dir")/ssl/test/handshaker"
fuzzer_mode_transcripts=$(mktemp -d '/tmp/boringssl-transcript-fuzzer-mode.XXXXXX')
no_fuzzer_mode_transcripts=$(mktemp -d '/tmp/boringssl-transcript-no-fuzzer-mode.XXXXXX')
echo Recording fuzzer-mode transcripts
(cd ../ssl/test/runner/ && go test \
- -shim-path "$fuzzer_mode_shim" \
- -handshaker-path "$fuzzer_mode_handshaker" \
+ -shim-path "$shim" \
+ -handshaker-path "$handshaker" \
-transcript-dir "$fuzzer_mode_transcripts" \
-fuzzer \
-deterministic) || true
echo Recording non-fuzzer-mode transcripts
(cd ../ssl/test/runner/ && go test \
- -shim-path "$no_fuzzer_mode_shim" \
- -handshaker-path "$no_fuzzer_mode_handshaker" \
+ -shim-path "$shim" \
+ -handshaker-path "$handshaker" \
-transcript-dir "$no_fuzzer_mode_transcripts" \
-deterministic)
-# Minimize the existing corpora.
+# Update corpora.
-minimize_corpus() {
- local fuzzer="$1"
- local corpus="$2"
+update_corpus() {
+ local fuzzer_name="$1"
+ local transcript_dir="$2"
+
+ local fuzzer="$build_dir/fuzz/$fuzzer_name"
+ local corpus="${fuzzer_name}_corpus"
echo "Minimizing ${corpus}"
mv "$corpus" "${corpus}_old"
mkdir "$corpus"
"$fuzzer" -max_len=50000 -merge=1 "$corpus" "${corpus}_old"
rm -Rf "${corpus}_old"
+
+ echo "Merging transcripts from ${transcript_dir} into ${corpus}"
+ "$fuzzer" -max_len=50000 -merge=1 "$corpus" "$transcript_dir"
}
-minimize_corpus "$fuzzer_mode_build_dir/fuzz/client" client_corpus
-minimize_corpus "$fuzzer_mode_build_dir/fuzz/server" server_corpus
-minimize_corpus "$no_fuzzer_mode_build_dir/fuzz/client" client_corpus_no_fuzzer_mode
-minimize_corpus "$no_fuzzer_mode_build_dir/fuzz/server" server_corpus_no_fuzzer_mode
-minimize_corpus "$fuzzer_mode_build_dir/fuzz/dtls_client" dtls_client_corpus
-minimize_corpus "$fuzzer_mode_build_dir/fuzz/dtls_server" dtls_server_corpus
-minimize_corpus "$fuzzer_mode_build_dir/fuzz/decode_client_hello_inner" decode_client_hello_inner_corpus
-
-
-# Incorporate the new transcripts.
-
-"$fuzzer_mode_build_dir/fuzz/client" -max_len=50000 -merge=1 client_corpus "${fuzzer_mode_transcripts}/tls/client"
-"$fuzzer_mode_build_dir/fuzz/server" -max_len=50000 -merge=1 server_corpus "${fuzzer_mode_transcripts}/tls/server"
-"$no_fuzzer_mode_build_dir/fuzz/client" -max_len=50000 -merge=1 client_corpus_no_fuzzer_mode "${no_fuzzer_mode_transcripts}/tls/client"
-"$no_fuzzer_mode_build_dir/fuzz/server" -max_len=50000 -merge=1 server_corpus_no_fuzzer_mode "${no_fuzzer_mode_transcripts}/tls/server"
-"$fuzzer_mode_build_dir/fuzz/dtls_client" -max_len=50000 -merge=1 dtls_client_corpus "${fuzzer_mode_transcripts}/dtls/client"
-"$fuzzer_mode_build_dir/fuzz/dtls_server" -max_len=50000 -merge=1 dtls_server_corpus "${fuzzer_mode_transcripts}/dtls/server"
-"$fuzzer_mode_build_dir/fuzz/decode_client_hello_inner" -max_len=50000 -merge=1 decode_client_hello_inner_corpus "${fuzzer_mode_transcripts}/decode_client_hello_inner"
+update_corpus client "${fuzzer_mode_transcripts}/tls/client"
+update_corpus server "${fuzzer_mode_transcripts}/tls/server"
+update_corpus client_no_fuzzer_mode "${no_fuzzer_mode_transcripts}/tls/client"
+update_corpus server_no_fuzzer_mode "${no_fuzzer_mode_transcripts}/tls/server"
+update_corpus dtls_client "${fuzzer_mode_transcripts}/dtls/client"
+update_corpus dtls_server "${fuzzer_mode_transcripts}/dtls/server"
+update_corpus decode_client_hello_inner "${fuzzer_mode_transcripts}/decode_client_hello_inner"
diff --git a/src/fuzz/server.cc b/src/fuzz/server.cc
index c167dd3..d7a8842 100644
--- a/src/fuzz/server.cc
+++ b/src/fuzz/server.cc
@@ -15,7 +15,8 @@
#include "../ssl/test/fuzzer.h"
-static TLSFuzzer g_fuzzer(TLSFuzzer::kTLS, TLSFuzzer::kServer);
+static TLSFuzzer g_fuzzer(TLSFuzzer::kTLS, TLSFuzzer::kServer,
+ TLSFuzzer::kFuzzerModeOn);
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
return g_fuzzer.TestOneInput(buf, len);
diff --git a/src/fuzz/server_corpus/00297505661b08ffccf461853d5210e89c4fdadc b/src/fuzz/server_corpus/00297505661b08ffccf461853d5210e89c4fdadc
new file mode 100644
index 0000000..fb37dba
--- /dev/null
+++ b/src/fuzz/server_corpus/00297505661b08ffccf461853d5210e89c4fdadc
Binary files differ
diff --git a/src/fuzz/server_corpus/014ec357b2c469af87fc67873c9e951bbdad3cf8 b/src/fuzz/server_corpus/014ec357b2c469af87fc67873c9e951bbdad3cf8
deleted file mode 100644
index 6da25af..0000000
--- a/src/fuzz/server_corpus/014ec357b2c469af87fc67873c9e951bbdad3cf8
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/025aed12958abc20757a7074a767f924274d5ca8 b/src/fuzz/server_corpus/025aed12958abc20757a7074a767f924274d5ca8
deleted file mode 100644
index 1d4377d..0000000
--- a/src/fuzz/server_corpus/025aed12958abc20757a7074a767f924274d5ca8
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/0436f13e178d7c96273d1f7e520529abc853db7f b/src/fuzz/server_corpus/0436f13e178d7c96273d1f7e520529abc853db7f
deleted file mode 100644
index 444e333..0000000
--- a/src/fuzz/server_corpus/0436f13e178d7c96273d1f7e520529abc853db7f
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/04f5750d6d1c2f88d1dc68a667445069e2ea33b3 b/src/fuzz/server_corpus/04f5750d6d1c2f88d1dc68a667445069e2ea33b3
new file mode 100644
index 0000000..514dde9
--- /dev/null
+++ b/src/fuzz/server_corpus/04f5750d6d1c2f88d1dc68a667445069e2ea33b3
Binary files differ
diff --git a/src/fuzz/server_corpus/05ce6c45d8f16253845eaa0f513c0b1267927161 b/src/fuzz/server_corpus/05ce6c45d8f16253845eaa0f513c0b1267927161
deleted file mode 100644
index 120771a..0000000
--- a/src/fuzz/server_corpus/05ce6c45d8f16253845eaa0f513c0b1267927161
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/0f8a1d27b3ea511f1a05ebc331a4cbcc8ece8cb2 b/src/fuzz/server_corpus/0f8a1d27b3ea511f1a05ebc331a4cbcc8ece8cb2
deleted file mode 100644
index a186f2f..0000000
--- a/src/fuzz/server_corpus/0f8a1d27b3ea511f1a05ebc331a4cbcc8ece8cb2
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/11640368a03c0ab4f33619bd9b6c6e7533935e1a b/src/fuzz/server_corpus/11640368a03c0ab4f33619bd9b6c6e7533935e1a
new file mode 100644
index 0000000..14eddeb
--- /dev/null
+++ b/src/fuzz/server_corpus/11640368a03c0ab4f33619bd9b6c6e7533935e1a
Binary files differ
diff --git a/src/fuzz/server_corpus/120cb9b864dcd4e16393a192e672933ecdcf5093 b/src/fuzz/server_corpus/120cb9b864dcd4e16393a192e672933ecdcf5093
deleted file mode 100644
index f49747c..0000000
--- a/src/fuzz/server_corpus/120cb9b864dcd4e16393a192e672933ecdcf5093
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/1249d7fe45a9f391f0d8aadd7fbeb4446a0f72f8 b/src/fuzz/server_corpus/1249d7fe45a9f391f0d8aadd7fbeb4446a0f72f8
deleted file mode 100644
index 885772e..0000000
--- a/src/fuzz/server_corpus/1249d7fe45a9f391f0d8aadd7fbeb4446a0f72f8
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/13dcd2b4e39e9a7d2d50498d0681c0041f2ba647 b/src/fuzz/server_corpus/13dcd2b4e39e9a7d2d50498d0681c0041f2ba647
deleted file mode 100644
index 130afdd..0000000
--- a/src/fuzz/server_corpus/13dcd2b4e39e9a7d2d50498d0681c0041f2ba647
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/1555e6ab4962e50ba793dec7cf28f58630a79d56 b/src/fuzz/server_corpus/1555e6ab4962e50ba793dec7cf28f58630a79d56
deleted file mode 100644
index ca65b22..0000000
--- a/src/fuzz/server_corpus/1555e6ab4962e50ba793dec7cf28f58630a79d56
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/1c531ea117559cb08cd537418dbbdff7444d8dfa b/src/fuzz/server_corpus/1c531ea117559cb08cd537418dbbdff7444d8dfa
new file mode 100644
index 0000000..f5bc5ee
--- /dev/null
+++ b/src/fuzz/server_corpus/1c531ea117559cb08cd537418dbbdff7444d8dfa
Binary files differ
diff --git a/src/fuzz/server_corpus/1d26010a0564c39d5a2cb53dc15c824d463a1722 b/src/fuzz/server_corpus/1d26010a0564c39d5a2cb53dc15c824d463a1722
deleted file mode 100644
index 7d62d39..0000000
--- a/src/fuzz/server_corpus/1d26010a0564c39d5a2cb53dc15c824d463a1722
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/1da4b909dd658b346b2e4c1553f0781d269de04f b/src/fuzz/server_corpus/1da4b909dd658b346b2e4c1553f0781d269de04f
deleted file mode 100644
index 1219a0a..0000000
--- a/src/fuzz/server_corpus/1da4b909dd658b346b2e4c1553f0781d269de04f
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/1ed70b69f19cc328d13550da30247e27376e3e42 b/src/fuzz/server_corpus/1ed70b69f19cc328d13550da30247e27376e3e42
new file mode 100644
index 0000000..1e38811
--- /dev/null
+++ b/src/fuzz/server_corpus/1ed70b69f19cc328d13550da30247e27376e3e42
Binary files differ
diff --git a/src/fuzz/server_corpus/256c797f5fd2672727a5446d3b338289ea3255ff b/src/fuzz/server_corpus/256c797f5fd2672727a5446d3b338289ea3255ff
new file mode 100644
index 0000000..3fcc1e4
--- /dev/null
+++ b/src/fuzz/server_corpus/256c797f5fd2672727a5446d3b338289ea3255ff
Binary files differ
diff --git a/src/fuzz/server_corpus/275de3921437094dc3d06f4693b6109dfd2b8349 b/src/fuzz/server_corpus/275de3921437094dc3d06f4693b6109dfd2b8349
deleted file mode 100644
index 1f5deb9..0000000
--- a/src/fuzz/server_corpus/275de3921437094dc3d06f4693b6109dfd2b8349
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/27ccb66ad1a8b4d1ed8f998248afed6118272a75 b/src/fuzz/server_corpus/27ccb66ad1a8b4d1ed8f998248afed6118272a75
new file mode 100644
index 0000000..aefce8d
--- /dev/null
+++ b/src/fuzz/server_corpus/27ccb66ad1a8b4d1ed8f998248afed6118272a75
Binary files differ
diff --git a/src/fuzz/server_corpus/2ae9f0733b55e6da8c3323488e847a90cd4a3fe9 b/src/fuzz/server_corpus/2ae9f0733b55e6da8c3323488e847a90cd4a3fe9
deleted file mode 100644
index 039f2ed..0000000
--- a/src/fuzz/server_corpus/2ae9f0733b55e6da8c3323488e847a90cd4a3fe9
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/2bd8befd0ff11db3cf644f8680bb1bfc67716b73 b/src/fuzz/server_corpus/2bd8befd0ff11db3cf644f8680bb1bfc67716b73
new file mode 100644
index 0000000..20bca5f
--- /dev/null
+++ b/src/fuzz/server_corpus/2bd8befd0ff11db3cf644f8680bb1bfc67716b73
Binary files differ
diff --git a/src/fuzz/server_corpus/2decb8e0bda759216a98beb017aea06581ca2081 b/src/fuzz/server_corpus/2decb8e0bda759216a98beb017aea06581ca2081
new file mode 100644
index 0000000..cedab5a
--- /dev/null
+++ b/src/fuzz/server_corpus/2decb8e0bda759216a98beb017aea06581ca2081
Binary files differ
diff --git a/src/fuzz/server_corpus/30c5597adc8546d84ce258457365dbfcd1d3b33e b/src/fuzz/server_corpus/30c5597adc8546d84ce258457365dbfcd1d3b33e
deleted file mode 100644
index 992ee35..0000000
--- a/src/fuzz/server_corpus/30c5597adc8546d84ce258457365dbfcd1d3b33e
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/31faf51e693067afea269a4699b04a29852ee1af b/src/fuzz/server_corpus/31faf51e693067afea269a4699b04a29852ee1af
new file mode 100644
index 0000000..65f8dda
--- /dev/null
+++ b/src/fuzz/server_corpus/31faf51e693067afea269a4699b04a29852ee1af
Binary files differ
diff --git a/src/fuzz/server_corpus/328d5d60c646d83e1f6df13ff0fd60f4b249b7c6 b/src/fuzz/server_corpus/328d5d60c646d83e1f6df13ff0fd60f4b249b7c6
new file mode 100644
index 0000000..39761c9
--- /dev/null
+++ b/src/fuzz/server_corpus/328d5d60c646d83e1f6df13ff0fd60f4b249b7c6
Binary files differ
diff --git a/src/fuzz/server_corpus/3298398dd6130869015408bba20122fece4e2ab5 b/src/fuzz/server_corpus/3298398dd6130869015408bba20122fece4e2ab5
new file mode 100644
index 0000000..6e15036
--- /dev/null
+++ b/src/fuzz/server_corpus/3298398dd6130869015408bba20122fece4e2ab5
Binary files differ
diff --git a/src/fuzz/server_corpus/33f597d30d38793ccb2b87802e1dfd64d051ffbb b/src/fuzz/server_corpus/33f597d30d38793ccb2b87802e1dfd64d051ffbb
deleted file mode 100644
index 6a224db..0000000
--- a/src/fuzz/server_corpus/33f597d30d38793ccb2b87802e1dfd64d051ffbb
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/35463fa0278db6c1ad7a91d35d19bb9c84b2efd9 b/src/fuzz/server_corpus/35463fa0278db6c1ad7a91d35d19bb9c84b2efd9
deleted file mode 100644
index abcaf2d..0000000
--- a/src/fuzz/server_corpus/35463fa0278db6c1ad7a91d35d19bb9c84b2efd9
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/35dcc02c10b87bbded51c738e7e8f9f31ec4353d b/src/fuzz/server_corpus/35dcc02c10b87bbded51c738e7e8f9f31ec4353d
new file mode 100644
index 0000000..fd91a66
--- /dev/null
+++ b/src/fuzz/server_corpus/35dcc02c10b87bbded51c738e7e8f9f31ec4353d
Binary files differ
diff --git a/src/fuzz/server_corpus/381d7638c8d78731018eb45ccef62656102a1edd b/src/fuzz/server_corpus/381d7638c8d78731018eb45ccef62656102a1edd
new file mode 100644
index 0000000..f3af4a2
--- /dev/null
+++ b/src/fuzz/server_corpus/381d7638c8d78731018eb45ccef62656102a1edd
Binary files differ
diff --git a/src/fuzz/server_corpus/3dc81f53361ab02ee05134aa43d6288424980bdd b/src/fuzz/server_corpus/3dc81f53361ab02ee05134aa43d6288424980bdd
new file mode 100644
index 0000000..151ec61
--- /dev/null
+++ b/src/fuzz/server_corpus/3dc81f53361ab02ee05134aa43d6288424980bdd
Binary files differ
diff --git a/src/fuzz/server_corpus/416bad0364df5d4a1d10526d45181e294b79027e b/src/fuzz/server_corpus/416bad0364df5d4a1d10526d45181e294b79027e
new file mode 100644
index 0000000..bf788ba
--- /dev/null
+++ b/src/fuzz/server_corpus/416bad0364df5d4a1d10526d45181e294b79027e
Binary files differ
diff --git a/src/fuzz/server_corpus/42d4400dfdd879fdf475a0d8db19512c120bf018 b/src/fuzz/server_corpus/42d4400dfdd879fdf475a0d8db19512c120bf018
new file mode 100644
index 0000000..bc50467
--- /dev/null
+++ b/src/fuzz/server_corpus/42d4400dfdd879fdf475a0d8db19512c120bf018
Binary files differ
diff --git a/src/fuzz/server_corpus/468d8dce2bd41adf834040605a56466d5e709e8a b/src/fuzz/server_corpus/468d8dce2bd41adf834040605a56466d5e709e8a
new file mode 100644
index 0000000..7df8a2b
--- /dev/null
+++ b/src/fuzz/server_corpus/468d8dce2bd41adf834040605a56466d5e709e8a
Binary files differ
diff --git a/src/fuzz/server_corpus/4a608931b94ef2d65e6ad9c5c97fcc268c6330d0 b/src/fuzz/server_corpus/4a608931b94ef2d65e6ad9c5c97fcc268c6330d0
new file mode 100644
index 0000000..b6dad73
--- /dev/null
+++ b/src/fuzz/server_corpus/4a608931b94ef2d65e6ad9c5c97fcc268c6330d0
Binary files differ
diff --git a/src/fuzz/server_corpus/4e3b996b7383b7baa62ec07b0c8e9c2772d7b948 b/src/fuzz/server_corpus/4e3b996b7383b7baa62ec07b0c8e9c2772d7b948
deleted file mode 100644
index 9783ba4..0000000
--- a/src/fuzz/server_corpus/4e3b996b7383b7baa62ec07b0c8e9c2772d7b948
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/4f2598a6e30c860dd845fbae49edf2ea5259dbd8 b/src/fuzz/server_corpus/4f2598a6e30c860dd845fbae49edf2ea5259dbd8
deleted file mode 100644
index ab04806..0000000
--- a/src/fuzz/server_corpus/4f2598a6e30c860dd845fbae49edf2ea5259dbd8
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/503ff204bcc3ad87d8582c9520a7cccddc053d58 b/src/fuzz/server_corpus/503ff204bcc3ad87d8582c9520a7cccddc053d58
new file mode 100644
index 0000000..9523b7e
--- /dev/null
+++ b/src/fuzz/server_corpus/503ff204bcc3ad87d8582c9520a7cccddc053d58
Binary files differ
diff --git a/src/fuzz/server_corpus/524a3538cfac30bcbb11367f95bd8280c9a53d36 b/src/fuzz/server_corpus/524a3538cfac30bcbb11367f95bd8280c9a53d36
deleted file mode 100644
index c398eb4..0000000
--- a/src/fuzz/server_corpus/524a3538cfac30bcbb11367f95bd8280c9a53d36
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/5498159c0e193cb9f11d67ac91a6823a78bb1738 b/src/fuzz/server_corpus/5498159c0e193cb9f11d67ac91a6823a78bb1738
deleted file mode 100644
index e9ae637..0000000
--- a/src/fuzz/server_corpus/5498159c0e193cb9f11d67ac91a6823a78bb1738
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/550c6de19d52cf0178d12b3eece0a701186f798f b/src/fuzz/server_corpus/550c6de19d52cf0178d12b3eece0a701186f798f
new file mode 100644
index 0000000..dd6b96c
--- /dev/null
+++ b/src/fuzz/server_corpus/550c6de19d52cf0178d12b3eece0a701186f798f
Binary files differ
diff --git a/src/fuzz/server_corpus/5571632273db47491815793c16570f5e8454bcac b/src/fuzz/server_corpus/5571632273db47491815793c16570f5e8454bcac
deleted file mode 100644
index 68a338e..0000000
--- a/src/fuzz/server_corpus/5571632273db47491815793c16570f5e8454bcac
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/564040068a5e1f2ca9f9c3f79dd3b6ccbb3525b6 b/src/fuzz/server_corpus/564040068a5e1f2ca9f9c3f79dd3b6ccbb3525b6
deleted file mode 100644
index b05c10c..0000000
--- a/src/fuzz/server_corpus/564040068a5e1f2ca9f9c3f79dd3b6ccbb3525b6
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/5820645412502aa980e7d300e2fbd8ea5e6fe156 b/src/fuzz/server_corpus/5820645412502aa980e7d300e2fbd8ea5e6fe156
new file mode 100644
index 0000000..fd11b49
--- /dev/null
+++ b/src/fuzz/server_corpus/5820645412502aa980e7d300e2fbd8ea5e6fe156
Binary files differ
diff --git a/src/fuzz/server_corpus/59e20226c6da2b30debdeb914678414383ce287a b/src/fuzz/server_corpus/59e20226c6da2b30debdeb914678414383ce287a
deleted file mode 100644
index 123c7fd..0000000
--- a/src/fuzz/server_corpus/59e20226c6da2b30debdeb914678414383ce287a
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/5ab138ec34db3a88a6657ff3c92e9e2ac961788d b/src/fuzz/server_corpus/5ab138ec34db3a88a6657ff3c92e9e2ac961788d
new file mode 100644
index 0000000..4d58ef2
--- /dev/null
+++ b/src/fuzz/server_corpus/5ab138ec34db3a88a6657ff3c92e9e2ac961788d
Binary files differ
diff --git a/src/fuzz/server_corpus/5ba1f9d656416c114ed1df61343a0d8ab083c0b7 b/src/fuzz/server_corpus/5ba1f9d656416c114ed1df61343a0d8ab083c0b7
deleted file mode 100644
index e08e1f2..0000000
--- a/src/fuzz/server_corpus/5ba1f9d656416c114ed1df61343a0d8ab083c0b7
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/5bdf24223a3247c80c560e0117551fdac036dd90 b/src/fuzz/server_corpus/5bdf24223a3247c80c560e0117551fdac036dd90
new file mode 100644
index 0000000..80e2280
--- /dev/null
+++ b/src/fuzz/server_corpus/5bdf24223a3247c80c560e0117551fdac036dd90
Binary files differ
diff --git a/src/fuzz/server_corpus/5bebfe9ba65801179484ee57ffea7e93d6245d15 b/src/fuzz/server_corpus/5bebfe9ba65801179484ee57ffea7e93d6245d15
new file mode 100644
index 0000000..be430b2
--- /dev/null
+++ b/src/fuzz/server_corpus/5bebfe9ba65801179484ee57ffea7e93d6245d15
Binary files differ
diff --git a/src/fuzz/server_corpus/5cab4135b16d0aaa5f4a5b5b3bc7257754eb6fe1 b/src/fuzz/server_corpus/5cab4135b16d0aaa5f4a5b5b3bc7257754eb6fe1
new file mode 100644
index 0000000..e83dfe7
--- /dev/null
+++ b/src/fuzz/server_corpus/5cab4135b16d0aaa5f4a5b5b3bc7257754eb6fe1
Binary files differ
diff --git a/src/fuzz/server_corpus/5edf784543003743dc69d76dbc94ea3f2f9d8063 b/src/fuzz/server_corpus/5edf784543003743dc69d76dbc94ea3f2f9d8063
new file mode 100644
index 0000000..e39c8a0
--- /dev/null
+++ b/src/fuzz/server_corpus/5edf784543003743dc69d76dbc94ea3f2f9d8063
Binary files differ
diff --git a/src/fuzz/server_corpus/5f4c395558016c1c8d7ade8dc39bf38a7cdda7d1 b/src/fuzz/server_corpus/5f4c395558016c1c8d7ade8dc39bf38a7cdda7d1
deleted file mode 100644
index 59d05a9..0000000
--- a/src/fuzz/server_corpus/5f4c395558016c1c8d7ade8dc39bf38a7cdda7d1
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/5fa52b26c8eef100680278c4cf019d1edcdba1d7 b/src/fuzz/server_corpus/5fa52b26c8eef100680278c4cf019d1edcdba1d7
deleted file mode 100644
index 9a0a6fc..0000000
--- a/src/fuzz/server_corpus/5fa52b26c8eef100680278c4cf019d1edcdba1d7
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/676c8a4f39c2bef17ec5bfb80ef128c22325953b b/src/fuzz/server_corpus/676c8a4f39c2bef17ec5bfb80ef128c22325953b
new file mode 100644
index 0000000..9fa4a3a
--- /dev/null
+++ b/src/fuzz/server_corpus/676c8a4f39c2bef17ec5bfb80ef128c22325953b
Binary files differ
diff --git a/src/fuzz/server_corpus/69cdf589463ee275905e6610673df15aebe2a93a b/src/fuzz/server_corpus/69cdf589463ee275905e6610673df15aebe2a93a
deleted file mode 100644
index 88977f3..0000000
--- a/src/fuzz/server_corpus/69cdf589463ee275905e6610673df15aebe2a93a
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/6a8d0acbcbf53ed119d50eb88bbf5c71c1f70bdf b/src/fuzz/server_corpus/6a8d0acbcbf53ed119d50eb88bbf5c71c1f70bdf
deleted file mode 100644
index 6d9bc7e..0000000
--- a/src/fuzz/server_corpus/6a8d0acbcbf53ed119d50eb88bbf5c71c1f70bdf
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/6c1d519d8abdc17bf8eb0c650d4912e8d4717516 b/src/fuzz/server_corpus/6c1d519d8abdc17bf8eb0c650d4912e8d4717516
new file mode 100644
index 0000000..947bfb0
--- /dev/null
+++ b/src/fuzz/server_corpus/6c1d519d8abdc17bf8eb0c650d4912e8d4717516
Binary files differ
diff --git a/src/fuzz/server_corpus/6ea216f5c04893a84c9a3c3f8a2736e4d9dcc47d b/src/fuzz/server_corpus/6ea216f5c04893a84c9a3c3f8a2736e4d9dcc47d
deleted file mode 100644
index 7b22efa..0000000
--- a/src/fuzz/server_corpus/6ea216f5c04893a84c9a3c3f8a2736e4d9dcc47d
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/6f1a320acc1519666e923edbd54ffba0770878da b/src/fuzz/server_corpus/6f1a320acc1519666e923edbd54ffba0770878da
new file mode 100644
index 0000000..7515569
--- /dev/null
+++ b/src/fuzz/server_corpus/6f1a320acc1519666e923edbd54ffba0770878da
Binary files differ
diff --git a/src/fuzz/server_corpus/745299cb67ee3b5afd64802787b6224d8bfa5921 b/src/fuzz/server_corpus/745299cb67ee3b5afd64802787b6224d8bfa5921
new file mode 100644
index 0000000..5ad184e
--- /dev/null
+++ b/src/fuzz/server_corpus/745299cb67ee3b5afd64802787b6224d8bfa5921
Binary files differ
diff --git a/src/fuzz/server_corpus/75a4d4273220ff40a717e8c698c173f2238010a6 b/src/fuzz/server_corpus/75a4d4273220ff40a717e8c698c173f2238010a6
deleted file mode 100644
index e1a551f..0000000
--- a/src/fuzz/server_corpus/75a4d4273220ff40a717e8c698c173f2238010a6
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/75ad0a44c84ef1f754bdf896bc2f6b9473a0fb31 b/src/fuzz/server_corpus/75ad0a44c84ef1f754bdf896bc2f6b9473a0fb31
deleted file mode 100644
index e6d84e3..0000000
--- a/src/fuzz/server_corpus/75ad0a44c84ef1f754bdf896bc2f6b9473a0fb31
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/75d0c720e59ff8e03c3b506c5e17a4845c88464b b/src/fuzz/server_corpus/75d0c720e59ff8e03c3b506c5e17a4845c88464b
new file mode 100644
index 0000000..21688ed
--- /dev/null
+++ b/src/fuzz/server_corpus/75d0c720e59ff8e03c3b506c5e17a4845c88464b
Binary files differ
diff --git a/src/fuzz/server_corpus/7739f5537ee34a4a7962dc0acfdddf431b34f11c b/src/fuzz/server_corpus/7739f5537ee34a4a7962dc0acfdddf431b34f11c
deleted file mode 100644
index b9b2e17..0000000
--- a/src/fuzz/server_corpus/7739f5537ee34a4a7962dc0acfdddf431b34f11c
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/775c260b97fdc32cd7f9eeb0748460779ec03c6c b/src/fuzz/server_corpus/775c260b97fdc32cd7f9eeb0748460779ec03c6c
deleted file mode 100644
index dca1327..0000000
--- a/src/fuzz/server_corpus/775c260b97fdc32cd7f9eeb0748460779ec03c6c
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/79da62d0e1044d89d911ff630d975ebfdcfdd8df b/src/fuzz/server_corpus/79da62d0e1044d89d911ff630d975ebfdcfdd8df
new file mode 100644
index 0000000..86ca972
--- /dev/null
+++ b/src/fuzz/server_corpus/79da62d0e1044d89d911ff630d975ebfdcfdd8df
Binary files differ
diff --git a/src/fuzz/server_corpus/7a2227a3b569158f7047d10aabe56145675036e4 b/src/fuzz/server_corpus/7a2227a3b569158f7047d10aabe56145675036e4
deleted file mode 100644
index 74fbd55..0000000
--- a/src/fuzz/server_corpus/7a2227a3b569158f7047d10aabe56145675036e4
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/7b23e66225ed9efaf237332143a122ad916b5b1b b/src/fuzz/server_corpus/7b23e66225ed9efaf237332143a122ad916b5b1b
deleted file mode 100644
index 13a87212..0000000
--- a/src/fuzz/server_corpus/7b23e66225ed9efaf237332143a122ad916b5b1b
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/7b350f1c552d937fc537b18f7c7643a2cef162a8 b/src/fuzz/server_corpus/7b350f1c552d937fc537b18f7c7643a2cef162a8
new file mode 100644
index 0000000..bf18e0a
--- /dev/null
+++ b/src/fuzz/server_corpus/7b350f1c552d937fc537b18f7c7643a2cef162a8
Binary files differ
diff --git a/src/fuzz/server_corpus/7ba7fdd8bdda15cdc2dcbe2492e60cd5a8856ebc b/src/fuzz/server_corpus/7ba7fdd8bdda15cdc2dcbe2492e60cd5a8856ebc
deleted file mode 100644
index c25f653..0000000
--- a/src/fuzz/server_corpus/7ba7fdd8bdda15cdc2dcbe2492e60cd5a8856ebc
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/7c88218dd676309a2250b91520717651a2f4daaf b/src/fuzz/server_corpus/7c88218dd676309a2250b91520717651a2f4daaf
deleted file mode 100644
index b82b873..0000000
--- a/src/fuzz/server_corpus/7c88218dd676309a2250b91520717651a2f4daaf
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/7cb312ce57dea0c9f799f1f414c87d5ef73502db b/src/fuzz/server_corpus/7cb312ce57dea0c9f799f1f414c87d5ef73502db
deleted file mode 100644
index 154d480..0000000
--- a/src/fuzz/server_corpus/7cb312ce57dea0c9f799f1f414c87d5ef73502db
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/7d0a8149f3da5c3f5df45b1dd3a425b0d7e13dac b/src/fuzz/server_corpus/7d0a8149f3da5c3f5df45b1dd3a425b0d7e13dac
deleted file mode 100644
index 77567ad..0000000
--- a/src/fuzz/server_corpus/7d0a8149f3da5c3f5df45b1dd3a425b0d7e13dac
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/7e49f7eed0f563792d57ef3192e0f3d8f940362b b/src/fuzz/server_corpus/7e49f7eed0f563792d57ef3192e0f3d8f940362b
new file mode 100644
index 0000000..3276ea4
--- /dev/null
+++ b/src/fuzz/server_corpus/7e49f7eed0f563792d57ef3192e0f3d8f940362b
Binary files differ
diff --git a/src/fuzz/server_corpus/802c8691245f7112ed1f16568397463138f1a071 b/src/fuzz/server_corpus/802c8691245f7112ed1f16568397463138f1a071
new file mode 100644
index 0000000..da561e8
--- /dev/null
+++ b/src/fuzz/server_corpus/802c8691245f7112ed1f16568397463138f1a071
Binary files differ
diff --git a/src/fuzz/server_corpus/81ecee1e06d345b7988442e3504955bd80809671 b/src/fuzz/server_corpus/81ecee1e06d345b7988442e3504955bd80809671
deleted file mode 100644
index 846821d..0000000
--- a/src/fuzz/server_corpus/81ecee1e06d345b7988442e3504955bd80809671
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/824aad3da574c6e693c53d3105b299e16d3f2388 b/src/fuzz/server_corpus/824aad3da574c6e693c53d3105b299e16d3f2388
new file mode 100644
index 0000000..b1bc207
--- /dev/null
+++ b/src/fuzz/server_corpus/824aad3da574c6e693c53d3105b299e16d3f2388
Binary files differ
diff --git a/src/fuzz/server_corpus/8311155ac46bae1fc887b1f05c260972e689d88d b/src/fuzz/server_corpus/8311155ac46bae1fc887b1f05c260972e689d88d
new file mode 100644
index 0000000..f30f9f3
--- /dev/null
+++ b/src/fuzz/server_corpus/8311155ac46bae1fc887b1f05c260972e689d88d
Binary files differ
diff --git a/src/fuzz/server_corpus/83272d11959a79af08221aa9c4a20de4b8a9b774 b/src/fuzz/server_corpus/83272d11959a79af08221aa9c4a20de4b8a9b774
deleted file mode 100644
index a238d3b..0000000
--- a/src/fuzz/server_corpus/83272d11959a79af08221aa9c4a20de4b8a9b774
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/8352d97ee9c64daa58d1e15625ecaad669129d65 b/src/fuzz/server_corpus/8352d97ee9c64daa58d1e15625ecaad669129d65
deleted file mode 100644
index f513ee5..0000000
--- a/src/fuzz/server_corpus/8352d97ee9c64daa58d1e15625ecaad669129d65
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/854f3f31adc537ba98549be0edaf65bb19092da3 b/src/fuzz/server_corpus/854f3f31adc537ba98549be0edaf65bb19092da3
deleted file mode 100644
index 1ed3f0c..0000000
--- a/src/fuzz/server_corpus/854f3f31adc537ba98549be0edaf65bb19092da3
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/85f1e01d6239dc78abde28e857a3be39ee32a9ec b/src/fuzz/server_corpus/85f1e01d6239dc78abde28e857a3be39ee32a9ec
deleted file mode 100644
index c2eac74..0000000
--- a/src/fuzz/server_corpus/85f1e01d6239dc78abde28e857a3be39ee32a9ec
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/8880050cf344d92305b839411ee91a98e1a7b8f2 b/src/fuzz/server_corpus/8880050cf344d92305b839411ee91a98e1a7b8f2
deleted file mode 100644
index cfee464..0000000
--- a/src/fuzz/server_corpus/8880050cf344d92305b839411ee91a98e1a7b8f2
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/895f1b87f6d991d9d690dbdf6f54761fcd975582 b/src/fuzz/server_corpus/895f1b87f6d991d9d690dbdf6f54761fcd975582
new file mode 100644
index 0000000..eb20df7
--- /dev/null
+++ b/src/fuzz/server_corpus/895f1b87f6d991d9d690dbdf6f54761fcd975582
Binary files differ
diff --git a/src/fuzz/server_corpus/8baeb58c7c4a2d0297f9e350f0554f0b61919891 b/src/fuzz/server_corpus/8baeb58c7c4a2d0297f9e350f0554f0b61919891
new file mode 100644
index 0000000..1cefea8
--- /dev/null
+++ b/src/fuzz/server_corpus/8baeb58c7c4a2d0297f9e350f0554f0b61919891
Binary files differ
diff --git a/src/fuzz/server_corpus/8e254c80621ea0342086a4935f807c9097718b5a b/src/fuzz/server_corpus/8e254c80621ea0342086a4935f807c9097718b5a
deleted file mode 100644
index 4c16830..0000000
--- a/src/fuzz/server_corpus/8e254c80621ea0342086a4935f807c9097718b5a
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/9463bad3abd25f33e55847f46ee4aa37f29a9013 b/src/fuzz/server_corpus/9463bad3abd25f33e55847f46ee4aa37f29a9013
new file mode 100644
index 0000000..43a839e
--- /dev/null
+++ b/src/fuzz/server_corpus/9463bad3abd25f33e55847f46ee4aa37f29a9013
Binary files differ
diff --git a/src/fuzz/server_corpus/95a329aa666948e3c7e26a0f9802a8b730698f9b b/src/fuzz/server_corpus/95a329aa666948e3c7e26a0f9802a8b730698f9b
new file mode 100644
index 0000000..dbcf78a
--- /dev/null
+++ b/src/fuzz/server_corpus/95a329aa666948e3c7e26a0f9802a8b730698f9b
Binary files differ
diff --git a/src/fuzz/server_corpus/96bc7958cd9b948713b7eef66c25b7b24d6fce77 b/src/fuzz/server_corpus/96bc7958cd9b948713b7eef66c25b7b24d6fce77
deleted file mode 100644
index 9f5dde0..0000000
--- a/src/fuzz/server_corpus/96bc7958cd9b948713b7eef66c25b7b24d6fce77
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/9756b988afe8bf1c64c983c8cf67ae2de7f7a700 b/src/fuzz/server_corpus/9756b988afe8bf1c64c983c8cf67ae2de7f7a700
new file mode 100644
index 0000000..f9b1827
--- /dev/null
+++ b/src/fuzz/server_corpus/9756b988afe8bf1c64c983c8cf67ae2de7f7a700
Binary files differ
diff --git a/src/fuzz/server_corpus/9b2454996cb666d576b66726d795e12eb3282f60 b/src/fuzz/server_corpus/9b2454996cb666d576b66726d795e12eb3282f60
new file mode 100644
index 0000000..e674ba9
--- /dev/null
+++ b/src/fuzz/server_corpus/9b2454996cb666d576b66726d795e12eb3282f60
Binary files differ
diff --git a/src/fuzz/server_corpus/9bcf275bae2c3965820c447a331f95f1a159175f b/src/fuzz/server_corpus/9bcf275bae2c3965820c447a331f95f1a159175f
new file mode 100644
index 0000000..1facdce
--- /dev/null
+++ b/src/fuzz/server_corpus/9bcf275bae2c3965820c447a331f95f1a159175f
Binary files differ
diff --git a/src/fuzz/server_corpus/9c1f4fe4d428e4e2929696c8ebdbc2c597309c96 b/src/fuzz/server_corpus/9c1f4fe4d428e4e2929696c8ebdbc2c597309c96
deleted file mode 100644
index 96ff73d..0000000
--- a/src/fuzz/server_corpus/9c1f4fe4d428e4e2929696c8ebdbc2c597309c96
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/9eb764534f27c0ec431288ec168cb0d1bc1dc79c b/src/fuzz/server_corpus/9eb764534f27c0ec431288ec168cb0d1bc1dc79c
deleted file mode 100644
index fbcc95a..0000000
--- a/src/fuzz/server_corpus/9eb764534f27c0ec431288ec168cb0d1bc1dc79c
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/a069da70e9c99dcf045164ba5a3d7c46d2767c58 b/src/fuzz/server_corpus/a069da70e9c99dcf045164ba5a3d7c46d2767c58
deleted file mode 100644
index 7c30bca..0000000
--- a/src/fuzz/server_corpus/a069da70e9c99dcf045164ba5a3d7c46d2767c58
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/a3b32f588723a5e570b649a21e0582a58ad961f0 b/src/fuzz/server_corpus/a3b32f588723a5e570b649a21e0582a58ad961f0
new file mode 100644
index 0000000..0905b59
--- /dev/null
+++ b/src/fuzz/server_corpus/a3b32f588723a5e570b649a21e0582a58ad961f0
Binary files differ
diff --git a/src/fuzz/server_corpus/a80fcf70c297cb0d39f4c900fff3f411e932f3d4 b/src/fuzz/server_corpus/a80fcf70c297cb0d39f4c900fff3f411e932f3d4
deleted file mode 100644
index 4577da7..0000000
--- a/src/fuzz/server_corpus/a80fcf70c297cb0d39f4c900fff3f411e932f3d4
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/a8214199e6bc6e40662ed6450e66d903dbe54844 b/src/fuzz/server_corpus/a8214199e6bc6e40662ed6450e66d903dbe54844
new file mode 100644
index 0000000..57d54df
--- /dev/null
+++ b/src/fuzz/server_corpus/a8214199e6bc6e40662ed6450e66d903dbe54844
Binary files differ
diff --git a/src/fuzz/server_corpus/a92393954fb7770060b70a37143b03c7ac8f17e0 b/src/fuzz/server_corpus/a92393954fb7770060b70a37143b03c7ac8f17e0
new file mode 100644
index 0000000..0c8b24d
--- /dev/null
+++ b/src/fuzz/server_corpus/a92393954fb7770060b70a37143b03c7ac8f17e0
Binary files differ
diff --git a/src/fuzz/server_corpus/aae019279a0c7900da44485a1b0a5dc6142ea21d b/src/fuzz/server_corpus/aae019279a0c7900da44485a1b0a5dc6142ea21d
new file mode 100644
index 0000000..e4a21ca
--- /dev/null
+++ b/src/fuzz/server_corpus/aae019279a0c7900da44485a1b0a5dc6142ea21d
Binary files differ
diff --git a/src/fuzz/server_corpus/aafff906acf6636012e8c1abc35405c90f842497 b/src/fuzz/server_corpus/aafff906acf6636012e8c1abc35405c90f842497
new file mode 100644
index 0000000..4000189
--- /dev/null
+++ b/src/fuzz/server_corpus/aafff906acf6636012e8c1abc35405c90f842497
Binary files differ
diff --git a/src/fuzz/server_corpus/ab6fdeee6ccfd0c9ce0784a11182813abc816b2a b/src/fuzz/server_corpus/ab6fdeee6ccfd0c9ce0784a11182813abc816b2a
new file mode 100644
index 0000000..518dfb5
--- /dev/null
+++ b/src/fuzz/server_corpus/ab6fdeee6ccfd0c9ce0784a11182813abc816b2a
Binary files differ
diff --git a/src/fuzz/server_corpus/af706c19a32116c657c2458ac4370722d72d67af b/src/fuzz/server_corpus/af706c19a32116c657c2458ac4370722d72d67af
new file mode 100644
index 0000000..b2f06ed
--- /dev/null
+++ b/src/fuzz/server_corpus/af706c19a32116c657c2458ac4370722d72d67af
Binary files differ
diff --git a/src/fuzz/server_corpus/b14bf9b60379f6fde0224ba7256042e113e17c12 b/src/fuzz/server_corpus/b14bf9b60379f6fde0224ba7256042e113e17c12
new file mode 100644
index 0000000..209948a
--- /dev/null
+++ b/src/fuzz/server_corpus/b14bf9b60379f6fde0224ba7256042e113e17c12
Binary files differ
diff --git a/src/fuzz/server_corpus/b25cebfdbc7bf85a58f490d8108a5c68be905bd1 b/src/fuzz/server_corpus/b25cebfdbc7bf85a58f490d8108a5c68be905bd1
deleted file mode 100644
index 04b9c5b..0000000
--- a/src/fuzz/server_corpus/b25cebfdbc7bf85a58f490d8108a5c68be905bd1
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/b70bdea5a03ed33b09f274056d6cf2208b5fbbfd b/src/fuzz/server_corpus/b70bdea5a03ed33b09f274056d6cf2208b5fbbfd
deleted file mode 100644
index 7b86e94..0000000
--- a/src/fuzz/server_corpus/b70bdea5a03ed33b09f274056d6cf2208b5fbbfd
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/b977d9992664fbd686c0233b72050c6f67e6ea19 b/src/fuzz/server_corpus/b977d9992664fbd686c0233b72050c6f67e6ea19
deleted file mode 100644
index e57f904..0000000
--- a/src/fuzz/server_corpus/b977d9992664fbd686c0233b72050c6f67e6ea19
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/bdc936fe5e844e65fc34223ba22650edae0e58fe b/src/fuzz/server_corpus/bdc936fe5e844e65fc34223ba22650edae0e58fe
deleted file mode 100644
index b25124f..0000000
--- a/src/fuzz/server_corpus/bdc936fe5e844e65fc34223ba22650edae0e58fe
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/be867e61ea41c571c4485204f394f97188be5047 b/src/fuzz/server_corpus/be867e61ea41c571c4485204f394f97188be5047
deleted file mode 100644
index 12beebc..0000000
--- a/src/fuzz/server_corpus/be867e61ea41c571c4485204f394f97188be5047
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/c095ef83741e7dc39bd78b51cfad9a983b7130b9 b/src/fuzz/server_corpus/c095ef83741e7dc39bd78b51cfad9a983b7130b9
new file mode 100644
index 0000000..95ec963
--- /dev/null
+++ b/src/fuzz/server_corpus/c095ef83741e7dc39bd78b51cfad9a983b7130b9
Binary files differ
diff --git a/src/fuzz/server_corpus/c49b86641c88d6fef43e5d8934186ec00cc4ab9c b/src/fuzz/server_corpus/c49b86641c88d6fef43e5d8934186ec00cc4ab9c
new file mode 100644
index 0000000..74860b7
--- /dev/null
+++ b/src/fuzz/server_corpus/c49b86641c88d6fef43e5d8934186ec00cc4ab9c
Binary files differ
diff --git a/src/fuzz/server_corpus/c6b4907fc1c449f2d5d1f99b215ad11253fa5055 b/src/fuzz/server_corpus/c6b4907fc1c449f2d5d1f99b215ad11253fa5055
new file mode 100644
index 0000000..09afd7d
--- /dev/null
+++ b/src/fuzz/server_corpus/c6b4907fc1c449f2d5d1f99b215ad11253fa5055
Binary files differ
diff --git a/src/fuzz/server_corpus/c86ea6491a2fc788eb6f463c590b83517ba3ded4 b/src/fuzz/server_corpus/c86ea6491a2fc788eb6f463c590b83517ba3ded4
new file mode 100644
index 0000000..a90da59
--- /dev/null
+++ b/src/fuzz/server_corpus/c86ea6491a2fc788eb6f463c590b83517ba3ded4
Binary files differ
diff --git a/src/fuzz/server_corpus/ca8f557e1b0af61e87a19c0291b1b3bee424f451 b/src/fuzz/server_corpus/ca8f557e1b0af61e87a19c0291b1b3bee424f451
deleted file mode 100644
index ca42f35..0000000
--- a/src/fuzz/server_corpus/ca8f557e1b0af61e87a19c0291b1b3bee424f451
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/cba7661f1bb778d5fd731b4d07dbaeef535efb8a b/src/fuzz/server_corpus/cba7661f1bb778d5fd731b4d07dbaeef535efb8a
new file mode 100644
index 0000000..c291dc4
--- /dev/null
+++ b/src/fuzz/server_corpus/cba7661f1bb778d5fd731b4d07dbaeef535efb8a
Binary files differ
diff --git a/src/fuzz/server_corpus/cde43b90cb067eae1fef4bffdbe000945b94854f b/src/fuzz/server_corpus/cde43b90cb067eae1fef4bffdbe000945b94854f
deleted file mode 100644
index 941a1b5..0000000
--- a/src/fuzz/server_corpus/cde43b90cb067eae1fef4bffdbe000945b94854f
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/ce0becbb650090efd38fc81c6f3580a0f3729917 b/src/fuzz/server_corpus/ce0becbb650090efd38fc81c6f3580a0f3729917
new file mode 100644
index 0000000..3c9301a
--- /dev/null
+++ b/src/fuzz/server_corpus/ce0becbb650090efd38fc81c6f3580a0f3729917
Binary files differ
diff --git a/src/fuzz/server_corpus/ce4dfbed92584a5c9116323cd03156c1c31a59ce b/src/fuzz/server_corpus/ce4dfbed92584a5c9116323cd03156c1c31a59ce
deleted file mode 100644
index 3beb50e..0000000
--- a/src/fuzz/server_corpus/ce4dfbed92584a5c9116323cd03156c1c31a59ce
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/d0224525e8fad9c133a64f7f603baaf497976c49 b/src/fuzz/server_corpus/d0224525e8fad9c133a64f7f603baaf497976c49
deleted file mode 100644
index fd450d3..0000000
--- a/src/fuzz/server_corpus/d0224525e8fad9c133a64f7f603baaf497976c49
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/d6a5da220e7194d818b1ae06b7687f54c61b1caf b/src/fuzz/server_corpus/d6a5da220e7194d818b1ae06b7687f54c61b1caf
deleted file mode 100644
index 667300e..0000000
--- a/src/fuzz/server_corpus/d6a5da220e7194d818b1ae06b7687f54c61b1caf
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/d74958d7ded9655e12085dc88f5e2c642918982d b/src/fuzz/server_corpus/d74958d7ded9655e12085dc88f5e2c642918982d
deleted file mode 100644
index 1bc1ac9..0000000
--- a/src/fuzz/server_corpus/d74958d7ded9655e12085dc88f5e2c642918982d
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/d785752aafee099086b12f6a4313f5114f52e987 b/src/fuzz/server_corpus/d785752aafee099086b12f6a4313f5114f52e987
deleted file mode 100644
index 8b1502d..0000000
--- a/src/fuzz/server_corpus/d785752aafee099086b12f6a4313f5114f52e987
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/d9134c524c8b52304442e63fdaad499f61227f75 b/src/fuzz/server_corpus/d9134c524c8b52304442e63fdaad499f61227f75
deleted file mode 100644
index 508e0ec..0000000
--- a/src/fuzz/server_corpus/d9134c524c8b52304442e63fdaad499f61227f75
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/d9bf4fd919800d6de015ca85b5f9c0e8f15c79ca b/src/fuzz/server_corpus/d9bf4fd919800d6de015ca85b5f9c0e8f15c79ca
deleted file mode 100644
index 226fe03..0000000
--- a/src/fuzz/server_corpus/d9bf4fd919800d6de015ca85b5f9c0e8f15c79ca
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/da78bf3dd1a1b85075870fa99805d2d855fac2fa b/src/fuzz/server_corpus/da78bf3dd1a1b85075870fa99805d2d855fac2fa
new file mode 100644
index 0000000..82b7433
--- /dev/null
+++ b/src/fuzz/server_corpus/da78bf3dd1a1b85075870fa99805d2d855fac2fa
Binary files differ
diff --git a/src/fuzz/server_corpus/dbf421a7b48a775c408486ec027d5b5cff649803 b/src/fuzz/server_corpus/dbf421a7b48a775c408486ec027d5b5cff649803
deleted file mode 100644
index f879b8f..0000000
--- a/src/fuzz/server_corpus/dbf421a7b48a775c408486ec027d5b5cff649803
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/dcb092222eb041a250db952c72f3802630740d2a b/src/fuzz/server_corpus/dcb092222eb041a250db952c72f3802630740d2a
deleted file mode 100644
index c2d1c85..0000000
--- a/src/fuzz/server_corpus/dcb092222eb041a250db952c72f3802630740d2a
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/dd1e5f0f9346baef3d9149bd9ebe55ddc8aa3a7f b/src/fuzz/server_corpus/dd1e5f0f9346baef3d9149bd9ebe55ddc8aa3a7f
new file mode 100644
index 0000000..6d60aaf
--- /dev/null
+++ b/src/fuzz/server_corpus/dd1e5f0f9346baef3d9149bd9ebe55ddc8aa3a7f
Binary files differ
diff --git a/src/fuzz/server_corpus/e07dc003c37f086542adc752f8a07b32add64a18 b/src/fuzz/server_corpus/e07dc003c37f086542adc752f8a07b32add64a18
deleted file mode 100644
index 446eb35..0000000
--- a/src/fuzz/server_corpus/e07dc003c37f086542adc752f8a07b32add64a18
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/e2b024abe5d8cc9953f0fc232bb0f9221dfd3702 b/src/fuzz/server_corpus/e2b024abe5d8cc9953f0fc232bb0f9221dfd3702
deleted file mode 100644
index 1a5a8b7..0000000
--- a/src/fuzz/server_corpus/e2b024abe5d8cc9953f0fc232bb0f9221dfd3702
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/e4c534d22c6571469ff83761d883623d3546e466 b/src/fuzz/server_corpus/e4c534d22c6571469ff83761d883623d3546e466
new file mode 100644
index 0000000..5da99e0
--- /dev/null
+++ b/src/fuzz/server_corpus/e4c534d22c6571469ff83761d883623d3546e466
Binary files differ
diff --git a/src/fuzz/server_corpus/e530250fcb8697a8f8fc77ab4555e859d90a6eb7 b/src/fuzz/server_corpus/e530250fcb8697a8f8fc77ab4555e859d90a6eb7
deleted file mode 100644
index 776691a..0000000
--- a/src/fuzz/server_corpus/e530250fcb8697a8f8fc77ab4555e859d90a6eb7
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/ec01750e7e23f69741af69a969ff3b333ccb783b b/src/fuzz/server_corpus/ec01750e7e23f69741af69a969ff3b333ccb783b
deleted file mode 100644
index ec0a410..0000000
--- a/src/fuzz/server_corpus/ec01750e7e23f69741af69a969ff3b333ccb783b
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/ed5a94a0e1eeb9152b92066d064c3917845191b7 b/src/fuzz/server_corpus/ed5a94a0e1eeb9152b92066d064c3917845191b7
deleted file mode 100644
index 4dcf159..0000000
--- a/src/fuzz/server_corpus/ed5a94a0e1eeb9152b92066d064c3917845191b7
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/ee0a8a759193ac7ced60744d3e7d06decdfaa53f b/src/fuzz/server_corpus/ee0a8a759193ac7ced60744d3e7d06decdfaa53f
deleted file mode 100644
index 5712a97..0000000
--- a/src/fuzz/server_corpus/ee0a8a759193ac7ced60744d3e7d06decdfaa53f
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/ee31b271ce14cbd5372de311c6fcc5ae9262e05b b/src/fuzz/server_corpus/ee31b271ce14cbd5372de311c6fcc5ae9262e05b
new file mode 100644
index 0000000..8a35953
--- /dev/null
+++ b/src/fuzz/server_corpus/ee31b271ce14cbd5372de311c6fcc5ae9262e05b
Binary files differ
diff --git a/src/fuzz/server_corpus/eed3e358965b6d88b5101daca716bb076d66a2aa b/src/fuzz/server_corpus/eed3e358965b6d88b5101daca716bb076d66a2aa
deleted file mode 100644
index c4b1e91..0000000
--- a/src/fuzz/server_corpus/eed3e358965b6d88b5101daca716bb076d66a2aa
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/eee9e0ae5db8160112409a3483159733b6f2ae8f b/src/fuzz/server_corpus/eee9e0ae5db8160112409a3483159733b6f2ae8f
deleted file mode 100644
index d4ee8ea..0000000
--- a/src/fuzz/server_corpus/eee9e0ae5db8160112409a3483159733b6f2ae8f
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/ef5b4b1cb3449d6e698238a0882c56c261a5bde5 b/src/fuzz/server_corpus/ef5b4b1cb3449d6e698238a0882c56c261a5bde5
deleted file mode 100644
index 085332c..0000000
--- a/src/fuzz/server_corpus/ef5b4b1cb3449d6e698238a0882c56c261a5bde5
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/f1d0ea910f242833845a97bbcda344e3bd518538 b/src/fuzz/server_corpus/f1d0ea910f242833845a97bbcda344e3bd518538
deleted file mode 100644
index 80a6e82..0000000
--- a/src/fuzz/server_corpus/f1d0ea910f242833845a97bbcda344e3bd518538
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/f3b0fb38fefff0d049362dbe2aa8cf3c8b5aa51d b/src/fuzz/server_corpus/f3b0fb38fefff0d049362dbe2aa8cf3c8b5aa51d
new file mode 100644
index 0000000..56951d2
--- /dev/null
+++ b/src/fuzz/server_corpus/f3b0fb38fefff0d049362dbe2aa8cf3c8b5aa51d
Binary files differ
diff --git a/src/fuzz/server_corpus/f5e8405a64c467bb16890553c654aba3f6946fdb b/src/fuzz/server_corpus/f5e8405a64c467bb16890553c654aba3f6946fdb
deleted file mode 100644
index a895b2e..0000000
--- a/src/fuzz/server_corpus/f5e8405a64c467bb16890553c654aba3f6946fdb
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/fa2e950dee2e2dfb6dfe81e6f47242e9e1f16dc5 b/src/fuzz/server_corpus/fa2e950dee2e2dfb6dfe81e6f47242e9e1f16dc5
new file mode 100644
index 0000000..153c307
--- /dev/null
+++ b/src/fuzz/server_corpus/fa2e950dee2e2dfb6dfe81e6f47242e9e1f16dc5
Binary files differ
diff --git a/src/fuzz/server_corpus/fb28a57faa3ce2cccee6808d14fa807854432467 b/src/fuzz/server_corpus/fb28a57faa3ce2cccee6808d14fa807854432467
deleted file mode 100644
index 491eb4f..0000000
--- a/src/fuzz/server_corpus/fb28a57faa3ce2cccee6808d14fa807854432467
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/fbfbaf58b8f21fe18a1ea1ee20f646f3b004e8b8 b/src/fuzz/server_corpus/fbfbaf58b8f21fe18a1ea1ee20f646f3b004e8b8
deleted file mode 100644
index b372ac5..0000000
--- a/src/fuzz/server_corpus/fbfbaf58b8f21fe18a1ea1ee20f646f3b004e8b8
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/fc01f1ace942785f1a03b32c349cca249327e085 b/src/fuzz/server_corpus/fc01f1ace942785f1a03b32c349cca249327e085
deleted file mode 100644
index af1d99a..0000000
--- a/src/fuzz/server_corpus/fc01f1ace942785f1a03b32c349cca249327e085
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus/fcb6fc93b91bc83b5a41ce5a60b15785231bc342 b/src/fuzz/server_corpus/fcb6fc93b91bc83b5a41ce5a60b15785231bc342
new file mode 100644
index 0000000..84513cb
--- /dev/null
+++ b/src/fuzz/server_corpus/fcb6fc93b91bc83b5a41ce5a60b15785231bc342
Binary files differ
diff --git a/src/fuzz/server_corpus/ffc928938510a6704bff891e999acf92572f461b b/src/fuzz/server_corpus/ffc928938510a6704bff891e999acf92572f461b
new file mode 100644
index 0000000..ee2f182
--- /dev/null
+++ b/src/fuzz/server_corpus/ffc928938510a6704bff891e999acf92572f461b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/0aaa7bc749620d01823c9e9e5dcb19bca73127fa b/src/fuzz/server_corpus_no_fuzzer_mode/0aaa7bc749620d01823c9e9e5dcb19bca73127fa
deleted file mode 100644
index c056142..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/0aaa7bc749620d01823c9e9e5dcb19bca73127fa
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/10be60167b4ac838e237f1bba9a7d25e512f48a2 b/src/fuzz/server_corpus_no_fuzzer_mode/10be60167b4ac838e237f1bba9a7d25e512f48a2
deleted file mode 100644
index 518ec7b..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/10be60167b4ac838e237f1bba9a7d25e512f48a2
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/11dd22a25a28ab59ad43316a17c4fa8e19ab8bca b/src/fuzz/server_corpus_no_fuzzer_mode/11dd22a25a28ab59ad43316a17c4fa8e19ab8bca
deleted file mode 100644
index a63df2f..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/11dd22a25a28ab59ad43316a17c4fa8e19ab8bca
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/14c57a6336b1fe8a30ccd2149842bc3ed2c11d96 b/src/fuzz/server_corpus_no_fuzzer_mode/14c57a6336b1fe8a30ccd2149842bc3ed2c11d96
deleted file mode 100644
index e5c259a..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/14c57a6336b1fe8a30ccd2149842bc3ed2c11d96
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/14ec5669a702b68b29d0af0b4fe33e61a7577202 b/src/fuzz/server_corpus_no_fuzzer_mode/14ec5669a702b68b29d0af0b4fe33e61a7577202
deleted file mode 100644
index 1e2aa42..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/14ec5669a702b68b29d0af0b4fe33e61a7577202
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/179ebb3f16d124fb9338ca7ee488b01a2bcc0376 b/src/fuzz/server_corpus_no_fuzzer_mode/179ebb3f16d124fb9338ca7ee488b01a2bcc0376
deleted file mode 100644
index 7129a14..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/179ebb3f16d124fb9338ca7ee488b01a2bcc0376
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/1a07d9c506d55df88ee448f743b7c2451dc3104a b/src/fuzz/server_corpus_no_fuzzer_mode/1a07d9c506d55df88ee448f743b7c2451dc3104a
deleted file mode 100644
index c6f2cf6..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/1a07d9c506d55df88ee448f743b7c2451dc3104a
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/26fb7c4907fd86a9a0c9d4561b9db5477ddbde57 b/src/fuzz/server_corpus_no_fuzzer_mode/26fb7c4907fd86a9a0c9d4561b9db5477ddbde57
deleted file mode 100644
index 4af989a..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/26fb7c4907fd86a9a0c9d4561b9db5477ddbde57
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/26fd3354a220b1f23c3777a78323bbc4405edb37 b/src/fuzz/server_corpus_no_fuzzer_mode/26fd3354a220b1f23c3777a78323bbc4405edb37
deleted file mode 100644
index 0a8bfe2..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/26fd3354a220b1f23c3777a78323bbc4405edb37
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2741cea11b4ef8ba9d65e97e405fbc22c1590cd7 b/src/fuzz/server_corpus_no_fuzzer_mode/2741cea11b4ef8ba9d65e97e405fbc22c1590cd7
deleted file mode 100644
index 6c20e94..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/2741cea11b4ef8ba9d65e97e405fbc22c1590cd7
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/27e4902a8010cbf7d7f2bf1238d6bcb954bff074 b/src/fuzz/server_corpus_no_fuzzer_mode/27e4902a8010cbf7d7f2bf1238d6bcb954bff074
deleted file mode 100644
index 7ee8bb5..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/27e4902a8010cbf7d7f2bf1238d6bcb954bff074
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/28dd36c0a377316c23fbcd4f867de576345c368a b/src/fuzz/server_corpus_no_fuzzer_mode/28dd36c0a377316c23fbcd4f867de576345c368a
deleted file mode 100644
index 0fe94ed..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/28dd36c0a377316c23fbcd4f867de576345c368a
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2c34e1e6a14c7e64d50986b3b2bad3e56c7d8c39 b/src/fuzz/server_corpus_no_fuzzer_mode/2c34e1e6a14c7e64d50986b3b2bad3e56c7d8c39
deleted file mode 100644
index 4705059..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/2c34e1e6a14c7e64d50986b3b2bad3e56c7d8c39
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2c7f972a4aabfc19d7c4ca5d5cd7ed7f2ff32009 b/src/fuzz/server_corpus_no_fuzzer_mode/2c7f972a4aabfc19d7c4ca5d5cd7ed7f2ff32009
deleted file mode 100644
index fba5509..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/2c7f972a4aabfc19d7c4ca5d5cd7ed7f2ff32009
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2c93fe561d7e12257551cbc928d6ebb7a40a7e81 b/src/fuzz/server_corpus_no_fuzzer_mode/2c93fe561d7e12257551cbc928d6ebb7a40a7e81
deleted file mode 100644
index c1be7d5..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/2c93fe561d7e12257551cbc928d6ebb7a40a7e81
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/30b0405e3042db2089842bc5935fb0f74aa61ad6 b/src/fuzz/server_corpus_no_fuzzer_mode/30b0405e3042db2089842bc5935fb0f74aa61ad6
deleted file mode 100644
index 4fbf097..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/30b0405e3042db2089842bc5935fb0f74aa61ad6
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/31eaa3d8fe6e5772404f3b5d4310f389346021da b/src/fuzz/server_corpus_no_fuzzer_mode/31eaa3d8fe6e5772404f3b5d4310f389346021da
deleted file mode 100644
index 9938855..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/31eaa3d8fe6e5772404f3b5d4310f389346021da
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/34cb7a9f829dce65bb6dfd1b63c786e9927559b4 b/src/fuzz/server_corpus_no_fuzzer_mode/34cb7a9f829dce65bb6dfd1b63c786e9927559b4
deleted file mode 100644
index 7a13352..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/34cb7a9f829dce65bb6dfd1b63c786e9927559b4
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/3ad67d3b9b1a566c92915bc6b1ad6f6c0df20bf5 b/src/fuzz/server_corpus_no_fuzzer_mode/3ad67d3b9b1a566c92915bc6b1ad6f6c0df20bf5
deleted file mode 100644
index 215deae..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/3ad67d3b9b1a566c92915bc6b1ad6f6c0df20bf5
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/46dac3ed93ba5d03e6d08f905eeefa7e91157ced b/src/fuzz/server_corpus_no_fuzzer_mode/46dac3ed93ba5d03e6d08f905eeefa7e91157ced
deleted file mode 100644
index 7c06cf0..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/46dac3ed93ba5d03e6d08f905eeefa7e91157ced
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/52401e80c09ac328e4ff7aac4c93f484239ee25c b/src/fuzz/server_corpus_no_fuzzer_mode/52401e80c09ac328e4ff7aac4c93f484239ee25c
deleted file mode 100644
index e6eeece..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/52401e80c09ac328e4ff7aac4c93f484239ee25c
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/525c87b164fade1e132df1e26d03eeba63039fa9 b/src/fuzz/server_corpus_no_fuzzer_mode/525c87b164fade1e132df1e26d03eeba63039fa9
deleted file mode 100644
index 17258a7..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/525c87b164fade1e132df1e26d03eeba63039fa9
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5715af1004650fae6ec49920cc32b5eb1780f7bc b/src/fuzz/server_corpus_no_fuzzer_mode/5715af1004650fae6ec49920cc32b5eb1780f7bc
deleted file mode 100644
index 01f3cd3..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/5715af1004650fae6ec49920cc32b5eb1780f7bc
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/57c174742566eb238be4955456487502eb4e47d0 b/src/fuzz/server_corpus_no_fuzzer_mode/57c174742566eb238be4955456487502eb4e47d0
deleted file mode 100644
index 6b2a870..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/57c174742566eb238be4955456487502eb4e47d0
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/57dacc1fbd6bc65f5c236a44ebf0445402d5f595 b/src/fuzz/server_corpus_no_fuzzer_mode/57dacc1fbd6bc65f5c236a44ebf0445402d5f595
deleted file mode 100644
index f09faac..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/57dacc1fbd6bc65f5c236a44ebf0445402d5f595
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/597dee9fac708a8ab25dc087b7b3e1033e91ef9f b/src/fuzz/server_corpus_no_fuzzer_mode/597dee9fac708a8ab25dc087b7b3e1033e91ef9f
deleted file mode 100644
index 2c86d21..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/597dee9fac708a8ab25dc087b7b3e1033e91ef9f
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5a626a3ee9d907c8e96816195ffcd58035bf8297 b/src/fuzz/server_corpus_no_fuzzer_mode/5a626a3ee9d907c8e96816195ffcd58035bf8297
deleted file mode 100644
index 457573e..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/5a626a3ee9d907c8e96816195ffcd58035bf8297
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5da1c19c98b66dda146e49555d89193bb357aea5 b/src/fuzz/server_corpus_no_fuzzer_mode/5da1c19c98b66dda146e49555d89193bb357aea5
deleted file mode 100644
index 371d0bd..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/5da1c19c98b66dda146e49555d89193bb357aea5
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5fd0a6765eee8e3ac16741d43e942489c427550d b/src/fuzz/server_corpus_no_fuzzer_mode/5fd0a6765eee8e3ac16741d43e942489c427550d
deleted file mode 100644
index 873e522..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/5fd0a6765eee8e3ac16741d43e942489c427550d
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/62709f5d6c53b7bcb11cd5c9a98bf99daf0533ff b/src/fuzz/server_corpus_no_fuzzer_mode/62709f5d6c53b7bcb11cd5c9a98bf99daf0533ff
deleted file mode 100644
index f897a4b..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/62709f5d6c53b7bcb11cd5c9a98bf99daf0533ff
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/62d145dff485aebbd0e9ab91a193f33390f9bd32 b/src/fuzz/server_corpus_no_fuzzer_mode/62d145dff485aebbd0e9ab91a193f33390f9bd32
deleted file mode 100644
index cdb9c51..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/62d145dff485aebbd0e9ab91a193f33390f9bd32
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/71a68062c2a288672411c719dfe064ef6b527aa1 b/src/fuzz/server_corpus_no_fuzzer_mode/71a68062c2a288672411c719dfe064ef6b527aa1
deleted file mode 100644
index 46022fa..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/71a68062c2a288672411c719dfe064ef6b527aa1
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/7255fcf5cfb255ba3d91071fce2ece8c1db6290f b/src/fuzz/server_corpus_no_fuzzer_mode/7255fcf5cfb255ba3d91071fce2ece8c1db6290f
deleted file mode 100644
index d18a889..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/7255fcf5cfb255ba3d91071fce2ece8c1db6290f
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/836d26bcfdebc4573ab9772cdd267fdea80a7d72 b/src/fuzz/server_corpus_no_fuzzer_mode/836d26bcfdebc4573ab9772cdd267fdea80a7d72
deleted file mode 100644
index 1ae68f3..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/836d26bcfdebc4573ab9772cdd267fdea80a7d72
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/84db07d470de108408623e822ab8a3ac0582f61b b/src/fuzz/server_corpus_no_fuzzer_mode/84db07d470de108408623e822ab8a3ac0582f61b
deleted file mode 100644
index 4a4cb98..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/84db07d470de108408623e822ab8a3ac0582f61b
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/84f0de0936cfe1da662effc01a3610c2b34b0bed b/src/fuzz/server_corpus_no_fuzzer_mode/84f0de0936cfe1da662effc01a3610c2b34b0bed
deleted file mode 100644
index 1c7cba3..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/84f0de0936cfe1da662effc01a3610c2b34b0bed
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/8b69734df8a377757b0ddab21256ca7bcf8184e7 b/src/fuzz/server_corpus_no_fuzzer_mode/8b69734df8a377757b0ddab21256ca7bcf8184e7
deleted file mode 100644
index e6a3de7..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/8b69734df8a377757b0ddab21256ca7bcf8184e7
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/8b70c7e172fcaf65fad4f41bef000bad151bf5a4 b/src/fuzz/server_corpus_no_fuzzer_mode/8b70c7e172fcaf65fad4f41bef000bad151bf5a4
deleted file mode 100644
index 355adb1..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/8b70c7e172fcaf65fad4f41bef000bad151bf5a4
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/8e061386f97303e9355245910b475a257109cf23 b/src/fuzz/server_corpus_no_fuzzer_mode/8e061386f97303e9355245910b475a257109cf23
deleted file mode 100644
index 38cb6f1..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/8e061386f97303e9355245910b475a257109cf23
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/969ab1928ae3fc6d8566f8057875872006063413 b/src/fuzz/server_corpus_no_fuzzer_mode/969ab1928ae3fc6d8566f8057875872006063413
deleted file mode 100644
index f78c66d..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/969ab1928ae3fc6d8566f8057875872006063413
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/96c6b411547f3c01cbdac3cc5eb2b0f4fc4c2e7d b/src/fuzz/server_corpus_no_fuzzer_mode/96c6b411547f3c01cbdac3cc5eb2b0f4fc4c2e7d
deleted file mode 100644
index 23fb4d2..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/96c6b411547f3c01cbdac3cc5eb2b0f4fc4c2e7d
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/9819d42507b9c48a48e8d0a2e7f77c20c521e4fe b/src/fuzz/server_corpus_no_fuzzer_mode/9819d42507b9c48a48e8d0a2e7f77c20c521e4fe
deleted file mode 100644
index 8848bae..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/9819d42507b9c48a48e8d0a2e7f77c20c521e4fe
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/9dd511b02af3bd011a184f7dc9f87ec28aab4b24 b/src/fuzz/server_corpus_no_fuzzer_mode/9dd511b02af3bd011a184f7dc9f87ec28aab4b24
deleted file mode 100644
index 5461d4e..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/9dd511b02af3bd011a184f7dc9f87ec28aab4b24
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/9e5e9160291853b6580dadcee0a153e3b9fc581c b/src/fuzz/server_corpus_no_fuzzer_mode/9e5e9160291853b6580dadcee0a153e3b9fc581c
deleted file mode 100644
index 21b3d7f..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/9e5e9160291853b6580dadcee0a153e3b9fc581c
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/9eff0be6355a0c6c70e2e4aec16a6f0e17ef5b2a b/src/fuzz/server_corpus_no_fuzzer_mode/9eff0be6355a0c6c70e2e4aec16a6f0e17ef5b2a
deleted file mode 100644
index 16e8193..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/9eff0be6355a0c6c70e2e4aec16a6f0e17ef5b2a
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/a2a68ce5763ce52f314c351b4b6e0f7491a1b1ef b/src/fuzz/server_corpus_no_fuzzer_mode/a2a68ce5763ce52f314c351b4b6e0f7491a1b1ef
deleted file mode 100644
index 1e7bd8a..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/a2a68ce5763ce52f314c351b4b6e0f7491a1b1ef
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/a817264a33a681a1ccff2e1343a5fe5bd32a15f6 b/src/fuzz/server_corpus_no_fuzzer_mode/a817264a33a681a1ccff2e1343a5fe5bd32a15f6
deleted file mode 100644
index bf75049..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/a817264a33a681a1ccff2e1343a5fe5bd32a15f6
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/aab46b7c52807d38609b0b96b5cdae2bf928d4e8 b/src/fuzz/server_corpus_no_fuzzer_mode/aab46b7c52807d38609b0b96b5cdae2bf928d4e8
deleted file mode 100644
index a19fd51..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/aab46b7c52807d38609b0b96b5cdae2bf928d4e8
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ac60a4ca03e8927aafd6c040c2384eda237f7f8a b/src/fuzz/server_corpus_no_fuzzer_mode/ac60a4ca03e8927aafd6c040c2384eda237f7f8a
deleted file mode 100644
index fea817a..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/ac60a4ca03e8927aafd6c040c2384eda237f7f8a
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/adf26ae8fa42f2533d910e07f59ec60c056172f1 b/src/fuzz/server_corpus_no_fuzzer_mode/adf26ae8fa42f2533d910e07f59ec60c056172f1
deleted file mode 100644
index 794ad17..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/adf26ae8fa42f2533d910e07f59ec60c056172f1
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b043d2a513990ff8b3d35ca5b52d37f012509277 b/src/fuzz/server_corpus_no_fuzzer_mode/b043d2a513990ff8b3d35ca5b52d37f012509277
deleted file mode 100644
index e1b15b0..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/b043d2a513990ff8b3d35ca5b52d37f012509277
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b2d8e9a49812f3a8d3eee8b96b9d5c7c36c79501 b/src/fuzz/server_corpus_no_fuzzer_mode/b2d8e9a49812f3a8d3eee8b96b9d5c7c36c79501
deleted file mode 100644
index b77da8d6..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/b2d8e9a49812f3a8d3eee8b96b9d5c7c36c79501
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b5fe89b6961bd7b4863d131a6a42d0820b04ec38 b/src/fuzz/server_corpus_no_fuzzer_mode/b5fe89b6961bd7b4863d131a6a42d0820b04ec38
deleted file mode 100644
index 6eb5767..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/b5fe89b6961bd7b4863d131a6a42d0820b04ec38
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b6485e7a666843db742b42045804336195bdc59e b/src/fuzz/server_corpus_no_fuzzer_mode/b6485e7a666843db742b42045804336195bdc59e
deleted file mode 100644
index 2af4819..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/b6485e7a666843db742b42045804336195bdc59e
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b65c75355b17e615db239f15c34a9da20feb0a65 b/src/fuzz/server_corpus_no_fuzzer_mode/b65c75355b17e615db239f15c34a9da20feb0a65
deleted file mode 100644
index ca231c8..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/b65c75355b17e615db239f15c34a9da20feb0a65
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b6f879bf9ff09f31f138368036b9e2d357327f4f b/src/fuzz/server_corpus_no_fuzzer_mode/b6f879bf9ff09f31f138368036b9e2d357327f4f
deleted file mode 100644
index ae4d6db..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/b6f879bf9ff09f31f138368036b9e2d357327f4f
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/beb7ac161af3ea5d739e54f40d2f6bb08e71fa29 b/src/fuzz/server_corpus_no_fuzzer_mode/beb7ac161af3ea5d739e54f40d2f6bb08e71fa29
deleted file mode 100644
index f4bf56a..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/beb7ac161af3ea5d739e54f40d2f6bb08e71fa29
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/c38478b0b6bd4d7bcfd9783afe020a8750e6e36f b/src/fuzz/server_corpus_no_fuzzer_mode/c38478b0b6bd4d7bcfd9783afe020a8750e6e36f
deleted file mode 100644
index b7cd983..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/c38478b0b6bd4d7bcfd9783afe020a8750e6e36f
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/c40f822fff3902d4f6361cb1636e2054d7e09611 b/src/fuzz/server_corpus_no_fuzzer_mode/c40f822fff3902d4f6361cb1636e2054d7e09611
deleted file mode 100644
index 4692f70..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/c40f822fff3902d4f6361cb1636e2054d7e09611
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/c57c035dea7729c87193c0390bc33391cf26bd5c b/src/fuzz/server_corpus_no_fuzzer_mode/c57c035dea7729c87193c0390bc33391cf26bd5c
deleted file mode 100644
index 9a65f88..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/c57c035dea7729c87193c0390bc33391cf26bd5c
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/c9cdc0380defaf3a5d27af8dec90e61fb3b2d582 b/src/fuzz/server_corpus_no_fuzzer_mode/c9cdc0380defaf3a5d27af8dec90e61fb3b2d582
deleted file mode 100644
index 7875f7a..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/c9cdc0380defaf3a5d27af8dec90e61fb3b2d582
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/cb06afac80a6b9dfd82b3d169f409fe8ef364765 b/src/fuzz/server_corpus_no_fuzzer_mode/cb06afac80a6b9dfd82b3d169f409fe8ef364765
deleted file mode 100644
index 0d46a8c..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/cb06afac80a6b9dfd82b3d169f409fe8ef364765
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/cb6fd663240ac5776442e08b3709a14c0cba41c5 b/src/fuzz/server_corpus_no_fuzzer_mode/cb6fd663240ac5776442e08b3709a14c0cba41c5
deleted file mode 100644
index ddc6f0e..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/cb6fd663240ac5776442e08b3709a14c0cba41c5
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/d1b3efd7d1abab95e7b935b85963c91d20a8f75f b/src/fuzz/server_corpus_no_fuzzer_mode/d1b3efd7d1abab95e7b935b85963c91d20a8f75f
deleted file mode 100644
index fb7f3f8..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/d1b3efd7d1abab95e7b935b85963c91d20a8f75f
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/d78073e1735f4b632986c6bd9d17e2c87f2011b5 b/src/fuzz/server_corpus_no_fuzzer_mode/d78073e1735f4b632986c6bd9d17e2c87f2011b5
deleted file mode 100644
index 3f425d1..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/d78073e1735f4b632986c6bd9d17e2c87f2011b5
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/de5791761d6bbc9c595373a484947b1bf5f3120f b/src/fuzz/server_corpus_no_fuzzer_mode/de5791761d6bbc9c595373a484947b1bf5f3120f
deleted file mode 100644
index 20995eb..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/de5791761d6bbc9c595373a484947b1bf5f3120f
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/e5cb3ea7ebe0ae1c6bc2f7cc165ba326b0598bd1 b/src/fuzz/server_corpus_no_fuzzer_mode/e5cb3ea7ebe0ae1c6bc2f7cc165ba326b0598bd1
deleted file mode 100644
index 3206df9..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/e5cb3ea7ebe0ae1c6bc2f7cc165ba326b0598bd1
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/e6a24bd5fe36bfbd21dbd34388090f97997b4c42 b/src/fuzz/server_corpus_no_fuzzer_mode/e6a24bd5fe36bfbd21dbd34388090f97997b4c42
deleted file mode 100644
index 7468760..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/e6a24bd5fe36bfbd21dbd34388090f97997b4c42
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/e8992d0eeeb13c4001b460db1217819bfd678ef0 b/src/fuzz/server_corpus_no_fuzzer_mode/e8992d0eeeb13c4001b460db1217819bfd678ef0
deleted file mode 100644
index 8bbcfa8..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/e8992d0eeeb13c4001b460db1217819bfd678ef0
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ecd9d4fe7da648ad26d5383c75e60a2dba8c39cf b/src/fuzz/server_corpus_no_fuzzer_mode/ecd9d4fe7da648ad26d5383c75e60a2dba8c39cf
deleted file mode 100644
index b056993..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/ecd9d4fe7da648ad26d5383c75e60a2dba8c39cf
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ed80228ea25f1e452417ade7b465ab2165fb1378 b/src/fuzz/server_corpus_no_fuzzer_mode/ed80228ea25f1e452417ade7b465ab2165fb1378
deleted file mode 100644
index 213ec27..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/ed80228ea25f1e452417ade7b465ab2165fb1378
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/efa1a25f1fdc8df35956bb7c68861d0480d4cc6c b/src/fuzz/server_corpus_no_fuzzer_mode/efa1a25f1fdc8df35956bb7c68861d0480d4cc6c
deleted file mode 100644
index a31027d..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/efa1a25f1fdc8df35956bb7c68861d0480d4cc6c
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f9efc3b72aa68f4dbd59212dd5d7c7906507ef11 b/src/fuzz/server_corpus_no_fuzzer_mode/f9efc3b72aa68f4dbd59212dd5d7c7906507ef11
deleted file mode 100644
index 43d4bc9..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/f9efc3b72aa68f4dbd59212dd5d7c7906507ef11
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f9f6b53bebe6b57557c971f098f2cc33c2c7955b b/src/fuzz/server_corpus_no_fuzzer_mode/f9f6b53bebe6b57557c971f098f2cc33c2c7955b
deleted file mode 100644
index 16a59a4..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/f9f6b53bebe6b57557c971f098f2cc33c2c7955b
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/fe164ba4b42f210df1e740f3440cd99520a08042 b/src/fuzz/server_corpus_no_fuzzer_mode/fe164ba4b42f210df1e740f3440cd99520a08042
deleted file mode 100644
index ece6650..0000000
--- a/src/fuzz/server_corpus_no_fuzzer_mode/fe164ba4b42f210df1e740f3440cd99520a08042
+++ /dev/null
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode.cc b/src/fuzz/server_no_fuzzer_mode.cc
new file mode 100644
index 0000000..9944e4d
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode.cc
@@ -0,0 +1,23 @@
+// Copyright 2016 The BoringSSL Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "../ssl/test/fuzzer.h"
+
+
+static TLSFuzzer g_fuzzer(TLSFuzzer::kTLS, TLSFuzzer::kServer,
+ TLSFuzzer::kFuzzerModeOff);
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
+ return g_fuzzer.TestOneInput(buf, len);
+}
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/004fa174d6a55815aaa28a643663e4f7defe17b7 b/src/fuzz/server_no_fuzzer_mode_corpus/004fa174d6a55815aaa28a643663e4f7defe17b7
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/004fa174d6a55815aaa28a643663e4f7defe17b7
rename to src/fuzz/server_no_fuzzer_mode_corpus/004fa174d6a55815aaa28a643663e4f7defe17b7
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/00a5d300edb498ed6ad6c6e1d89542aab9a02b22 b/src/fuzz/server_no_fuzzer_mode_corpus/00a5d300edb498ed6ad6c6e1d89542aab9a02b22
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/00a5d300edb498ed6ad6c6e1d89542aab9a02b22
rename to src/fuzz/server_no_fuzzer_mode_corpus/00a5d300edb498ed6ad6c6e1d89542aab9a02b22
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/00d25fd7ea0f58eb6f4a82c851ed8a931e65dd64 b/src/fuzz/server_no_fuzzer_mode_corpus/00d25fd7ea0f58eb6f4a82c851ed8a931e65dd64
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/00d25fd7ea0f58eb6f4a82c851ed8a931e65dd64
rename to src/fuzz/server_no_fuzzer_mode_corpus/00d25fd7ea0f58eb6f4a82c851ed8a931e65dd64
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/0102298d15e9282866a5f2260302eff322a13c13 b/src/fuzz/server_no_fuzzer_mode_corpus/0102298d15e9282866a5f2260302eff322a13c13
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/0102298d15e9282866a5f2260302eff322a13c13
rename to src/fuzz/server_no_fuzzer_mode_corpus/0102298d15e9282866a5f2260302eff322a13c13
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/01e0cbccb0834c995ec281f2cef6bc2a74d58ad4 b/src/fuzz/server_no_fuzzer_mode_corpus/01e0cbccb0834c995ec281f2cef6bc2a74d58ad4
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/01e0cbccb0834c995ec281f2cef6bc2a74d58ad4
rename to src/fuzz/server_no_fuzzer_mode_corpus/01e0cbccb0834c995ec281f2cef6bc2a74d58ad4
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/0204408e62b9b167d6ccf405f42a7d7b3ac8df45 b/src/fuzz/server_no_fuzzer_mode_corpus/0204408e62b9b167d6ccf405f42a7d7b3ac8df45
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/0204408e62b9b167d6ccf405f42a7d7b3ac8df45
rename to src/fuzz/server_no_fuzzer_mode_corpus/0204408e62b9b167d6ccf405f42a7d7b3ac8df45
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/023f6ec7de2d391c3a5df308362bf03c343b5c4a b/src/fuzz/server_no_fuzzer_mode_corpus/023f6ec7de2d391c3a5df308362bf03c343b5c4a
new file mode 100644
index 0000000..ac19fe2
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/023f6ec7de2d391c3a5df308362bf03c343b5c4a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/03225608b841a3768e061337c015e55514ed439a b/src/fuzz/server_no_fuzzer_mode_corpus/03225608b841a3768e061337c015e55514ed439a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/03225608b841a3768e061337c015e55514ed439a
rename to src/fuzz/server_no_fuzzer_mode_corpus/03225608b841a3768e061337c015e55514ed439a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/035f22634e63cc269a411f33ccd2fa73b8509ece b/src/fuzz/server_no_fuzzer_mode_corpus/035f22634e63cc269a411f33ccd2fa73b8509ece
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/035f22634e63cc269a411f33ccd2fa73b8509ece
rename to src/fuzz/server_no_fuzzer_mode_corpus/035f22634e63cc269a411f33ccd2fa73b8509ece
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/03d8a3c5c91cee6f44ecf79c6b7729a9680a0489 b/src/fuzz/server_no_fuzzer_mode_corpus/03d8a3c5c91cee6f44ecf79c6b7729a9680a0489
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/03d8a3c5c91cee6f44ecf79c6b7729a9680a0489
rename to src/fuzz/server_no_fuzzer_mode_corpus/03d8a3c5c91cee6f44ecf79c6b7729a9680a0489
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/040be56e0312f0675b002650988abb8733779d4c b/src/fuzz/server_no_fuzzer_mode_corpus/040be56e0312f0675b002650988abb8733779d4c
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/040be56e0312f0675b002650988abb8733779d4c
rename to src/fuzz/server_no_fuzzer_mode_corpus/040be56e0312f0675b002650988abb8733779d4c
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/041fd0d839026e1b1c71e9e6e45ae3442495edf8 b/src/fuzz/server_no_fuzzer_mode_corpus/041fd0d839026e1b1c71e9e6e45ae3442495edf8
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/041fd0d839026e1b1c71e9e6e45ae3442495edf8
rename to src/fuzz/server_no_fuzzer_mode_corpus/041fd0d839026e1b1c71e9e6e45ae3442495edf8
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/04c5c81fba6070627d1635396370059b02afc975 b/src/fuzz/server_no_fuzzer_mode_corpus/04c5c81fba6070627d1635396370059b02afc975
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/04c5c81fba6070627d1635396370059b02afc975
rename to src/fuzz/server_no_fuzzer_mode_corpus/04c5c81fba6070627d1635396370059b02afc975
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/06201bff91e6af9e6acabe82dfcd2ff7f3e39186 b/src/fuzz/server_no_fuzzer_mode_corpus/06201bff91e6af9e6acabe82dfcd2ff7f3e39186
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/06201bff91e6af9e6acabe82dfcd2ff7f3e39186
rename to src/fuzz/server_no_fuzzer_mode_corpus/06201bff91e6af9e6acabe82dfcd2ff7f3e39186
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/063057c4179560dbf246978e5721d226fe2bacf8 b/src/fuzz/server_no_fuzzer_mode_corpus/063057c4179560dbf246978e5721d226fe2bacf8
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/063057c4179560dbf246978e5721d226fe2bacf8
rename to src/fuzz/server_no_fuzzer_mode_corpus/063057c4179560dbf246978e5721d226fe2bacf8
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/06a0473104336191d845d5147a96c18e7188851f b/src/fuzz/server_no_fuzzer_mode_corpus/06a0473104336191d845d5147a96c18e7188851f
new file mode 100644
index 0000000..8765cee
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/06a0473104336191d845d5147a96c18e7188851f
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/074c9a9417a8abed82ecc1b4d3cbdd3b32a45b9b b/src/fuzz/server_no_fuzzer_mode_corpus/074c9a9417a8abed82ecc1b4d3cbdd3b32a45b9b
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/074c9a9417a8abed82ecc1b4d3cbdd3b32a45b9b
rename to src/fuzz/server_no_fuzzer_mode_corpus/074c9a9417a8abed82ecc1b4d3cbdd3b32a45b9b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/079bbcaa8d43e42750d6ced26e9d67a594d38386 b/src/fuzz/server_no_fuzzer_mode_corpus/079bbcaa8d43e42750d6ced26e9d67a594d38386
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/079bbcaa8d43e42750d6ced26e9d67a594d38386
rename to src/fuzz/server_no_fuzzer_mode_corpus/079bbcaa8d43e42750d6ced26e9d67a594d38386
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/07a9b5a6f0e6ab3b32ddafa7d6afa062a170b590 b/src/fuzz/server_no_fuzzer_mode_corpus/07a9b5a6f0e6ab3b32ddafa7d6afa062a170b590
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/07a9b5a6f0e6ab3b32ddafa7d6afa062a170b590
rename to src/fuzz/server_no_fuzzer_mode_corpus/07a9b5a6f0e6ab3b32ddafa7d6afa062a170b590
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/07d5b3bcdcd13284acbbdc30e6052d9317c84ff5 b/src/fuzz/server_no_fuzzer_mode_corpus/07d5b3bcdcd13284acbbdc30e6052d9317c84ff5
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/07d5b3bcdcd13284acbbdc30e6052d9317c84ff5
rename to src/fuzz/server_no_fuzzer_mode_corpus/07d5b3bcdcd13284acbbdc30e6052d9317c84ff5
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/0845b7db11759cb6e1b42e4454c76526e39f6055 b/src/fuzz/server_no_fuzzer_mode_corpus/0845b7db11759cb6e1b42e4454c76526e39f6055
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/0845b7db11759cb6e1b42e4454c76526e39f6055
rename to src/fuzz/server_no_fuzzer_mode_corpus/0845b7db11759cb6e1b42e4454c76526e39f6055
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/090318ebc9cf1da627cb9bbd06364a63b0c3c860 b/src/fuzz/server_no_fuzzer_mode_corpus/090318ebc9cf1da627cb9bbd06364a63b0c3c860
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/090318ebc9cf1da627cb9bbd06364a63b0c3c860
rename to src/fuzz/server_no_fuzzer_mode_corpus/090318ebc9cf1da627cb9bbd06364a63b0c3c860
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/0a1fa52ace56fa15987bea607bcfc5b1036ba8e6 b/src/fuzz/server_no_fuzzer_mode_corpus/0a1fa52ace56fa15987bea607bcfc5b1036ba8e6
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/0a1fa52ace56fa15987bea607bcfc5b1036ba8e6
rename to src/fuzz/server_no_fuzzer_mode_corpus/0a1fa52ace56fa15987bea607bcfc5b1036ba8e6
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/0a29785fc7793363905fd9dc5b68db5a8563159a b/src/fuzz/server_no_fuzzer_mode_corpus/0a29785fc7793363905fd9dc5b68db5a8563159a
new file mode 100644
index 0000000..e20ea48
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/0a29785fc7793363905fd9dc5b68db5a8563159a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/0ad14ebc9369516f1887c9610a0a5bee991603ea b/src/fuzz/server_no_fuzzer_mode_corpus/0ad14ebc9369516f1887c9610a0a5bee991603ea
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/0ad14ebc9369516f1887c9610a0a5bee991603ea
rename to src/fuzz/server_no_fuzzer_mode_corpus/0ad14ebc9369516f1887c9610a0a5bee991603ea
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/0b7d4daa747ce6d4e04090076ed2592f33cca1f9 b/src/fuzz/server_no_fuzzer_mode_corpus/0b7d4daa747ce6d4e04090076ed2592f33cca1f9
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/0b7d4daa747ce6d4e04090076ed2592f33cca1f9
rename to src/fuzz/server_no_fuzzer_mode_corpus/0b7d4daa747ce6d4e04090076ed2592f33cca1f9
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/0bef2cd9e280962d885ef79be5f9d6b2677ced20 b/src/fuzz/server_no_fuzzer_mode_corpus/0bef2cd9e280962d885ef79be5f9d6b2677ced20
new file mode 100644
index 0000000..961ada4
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/0bef2cd9e280962d885ef79be5f9d6b2677ced20
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/0d3467650586d68ce881887c569b9beb26d57c48 b/src/fuzz/server_no_fuzzer_mode_corpus/0d3467650586d68ce881887c569b9beb26d57c48
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/0d3467650586d68ce881887c569b9beb26d57c48
rename to src/fuzz/server_no_fuzzer_mode_corpus/0d3467650586d68ce881887c569b9beb26d57c48
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/0dc21f7863914bf167cd2d79d42c1c7e425deb5d b/src/fuzz/server_no_fuzzer_mode_corpus/0dc21f7863914bf167cd2d79d42c1c7e425deb5d
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/0dc21f7863914bf167cd2d79d42c1c7e425deb5d
rename to src/fuzz/server_no_fuzzer_mode_corpus/0dc21f7863914bf167cd2d79d42c1c7e425deb5d
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/0dda9ab2464b2c919969510c6f9c6c67cce3a08a b/src/fuzz/server_no_fuzzer_mode_corpus/0dda9ab2464b2c919969510c6f9c6c67cce3a08a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/0dda9ab2464b2c919969510c6f9c6c67cce3a08a
rename to src/fuzz/server_no_fuzzer_mode_corpus/0dda9ab2464b2c919969510c6f9c6c67cce3a08a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/0df0ecc9f0e1976dccc8101c324c3e0078ad6e0a b/src/fuzz/server_no_fuzzer_mode_corpus/0df0ecc9f0e1976dccc8101c324c3e0078ad6e0a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/0df0ecc9f0e1976dccc8101c324c3e0078ad6e0a
rename to src/fuzz/server_no_fuzzer_mode_corpus/0df0ecc9f0e1976dccc8101c324c3e0078ad6e0a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/0e70573c236286a5ddc0353b749f94ff11860c73 b/src/fuzz/server_no_fuzzer_mode_corpus/0e70573c236286a5ddc0353b749f94ff11860c73
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/0e70573c236286a5ddc0353b749f94ff11860c73
rename to src/fuzz/server_no_fuzzer_mode_corpus/0e70573c236286a5ddc0353b749f94ff11860c73
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/0eea88830d13a4081c0048c5bcee0519446792b3 b/src/fuzz/server_no_fuzzer_mode_corpus/0eea88830d13a4081c0048c5bcee0519446792b3
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/0eea88830d13a4081c0048c5bcee0519446792b3
rename to src/fuzz/server_no_fuzzer_mode_corpus/0eea88830d13a4081c0048c5bcee0519446792b3
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/0fc0d891f2b05996e455fad7f8b1931dd93f3d17 b/src/fuzz/server_no_fuzzer_mode_corpus/0fc0d891f2b05996e455fad7f8b1931dd93f3d17
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/0fc0d891f2b05996e455fad7f8b1931dd93f3d17
rename to src/fuzz/server_no_fuzzer_mode_corpus/0fc0d891f2b05996e455fad7f8b1931dd93f3d17
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/10bda1aaab9f5500a831b5311d55e4a6fb5b22af b/src/fuzz/server_no_fuzzer_mode_corpus/10bda1aaab9f5500a831b5311d55e4a6fb5b22af
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/10bda1aaab9f5500a831b5311d55e4a6fb5b22af
rename to src/fuzz/server_no_fuzzer_mode_corpus/10bda1aaab9f5500a831b5311d55e4a6fb5b22af
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/10c246224654166896d7802847d2781109aa6730 b/src/fuzz/server_no_fuzzer_mode_corpus/10c246224654166896d7802847d2781109aa6730
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/10c246224654166896d7802847d2781109aa6730
rename to src/fuzz/server_no_fuzzer_mode_corpus/10c246224654166896d7802847d2781109aa6730
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/119c3806868a614658090de3963276aec44b64c0 b/src/fuzz/server_no_fuzzer_mode_corpus/119c3806868a614658090de3963276aec44b64c0
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/119c3806868a614658090de3963276aec44b64c0
rename to src/fuzz/server_no_fuzzer_mode_corpus/119c3806868a614658090de3963276aec44b64c0
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/11c91d3aa29f06d800aacbf6a388d3c02a666ff4 b/src/fuzz/server_no_fuzzer_mode_corpus/11c91d3aa29f06d800aacbf6a388d3c02a666ff4
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/11c91d3aa29f06d800aacbf6a388d3c02a666ff4
rename to src/fuzz/server_no_fuzzer_mode_corpus/11c91d3aa29f06d800aacbf6a388d3c02a666ff4
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/12201bf41e3ab5f51e3645469cabf1e82758b488 b/src/fuzz/server_no_fuzzer_mode_corpus/12201bf41e3ab5f51e3645469cabf1e82758b488
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/12201bf41e3ab5f51e3645469cabf1e82758b488
rename to src/fuzz/server_no_fuzzer_mode_corpus/12201bf41e3ab5f51e3645469cabf1e82758b488
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/12286b7d2caa026577cad2ac90b001663ce79730 b/src/fuzz/server_no_fuzzer_mode_corpus/12286b7d2caa026577cad2ac90b001663ce79730
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/12286b7d2caa026577cad2ac90b001663ce79730
rename to src/fuzz/server_no_fuzzer_mode_corpus/12286b7d2caa026577cad2ac90b001663ce79730
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/1269bc0ff52e5b0c7478ddeae0654280c837041c b/src/fuzz/server_no_fuzzer_mode_corpus/1269bc0ff52e5b0c7478ddeae0654280c837041c
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/1269bc0ff52e5b0c7478ddeae0654280c837041c
rename to src/fuzz/server_no_fuzzer_mode_corpus/1269bc0ff52e5b0c7478ddeae0654280c837041c
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/12c4a4c3a7c0e9702fb69a15b1a21bfddc33d57b b/src/fuzz/server_no_fuzzer_mode_corpus/12c4a4c3a7c0e9702fb69a15b1a21bfddc33d57b
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/12c4a4c3a7c0e9702fb69a15b1a21bfddc33d57b
rename to src/fuzz/server_no_fuzzer_mode_corpus/12c4a4c3a7c0e9702fb69a15b1a21bfddc33d57b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/12d6352ace21a4bddc93e04b4befc9fa456667c2 b/src/fuzz/server_no_fuzzer_mode_corpus/12d6352ace21a4bddc93e04b4befc9fa456667c2
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/12d6352ace21a4bddc93e04b4befc9fa456667c2
rename to src/fuzz/server_no_fuzzer_mode_corpus/12d6352ace21a4bddc93e04b4befc9fa456667c2
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/13046cba999eb24ca290d3a51ece837488502d67 b/src/fuzz/server_no_fuzzer_mode_corpus/13046cba999eb24ca290d3a51ece837488502d67
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/13046cba999eb24ca290d3a51ece837488502d67
rename to src/fuzz/server_no_fuzzer_mode_corpus/13046cba999eb24ca290d3a51ece837488502d67
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/1314921c35bcf2033155d3091e5bf87fdd7e2423 b/src/fuzz/server_no_fuzzer_mode_corpus/1314921c35bcf2033155d3091e5bf87fdd7e2423
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/1314921c35bcf2033155d3091e5bf87fdd7e2423
rename to src/fuzz/server_no_fuzzer_mode_corpus/1314921c35bcf2033155d3091e5bf87fdd7e2423
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/13704026841a0d07225402f780f3a6465aaebea8 b/src/fuzz/server_no_fuzzer_mode_corpus/13704026841a0d07225402f780f3a6465aaebea8
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/13704026841a0d07225402f780f3a6465aaebea8
rename to src/fuzz/server_no_fuzzer_mode_corpus/13704026841a0d07225402f780f3a6465aaebea8
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/138679e5a423adcb8c6be1ef9d34166465c25f72 b/src/fuzz/server_no_fuzzer_mode_corpus/138679e5a423adcb8c6be1ef9d34166465c25f72
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/138679e5a423adcb8c6be1ef9d34166465c25f72
rename to src/fuzz/server_no_fuzzer_mode_corpus/138679e5a423adcb8c6be1ef9d34166465c25f72
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/13b2490d5da9d5a43a2162008004ac290e629bec b/src/fuzz/server_no_fuzzer_mode_corpus/13b2490d5da9d5a43a2162008004ac290e629bec
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/13b2490d5da9d5a43a2162008004ac290e629bec
rename to src/fuzz/server_no_fuzzer_mode_corpus/13b2490d5da9d5a43a2162008004ac290e629bec
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/14209811578c32a959299259a2090f012e4881d9 b/src/fuzz/server_no_fuzzer_mode_corpus/14209811578c32a959299259a2090f012e4881d9
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/14209811578c32a959299259a2090f012e4881d9
rename to src/fuzz/server_no_fuzzer_mode_corpus/14209811578c32a959299259a2090f012e4881d9
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/1489f923c4dca729178b3e3233458550d8dddf29 b/src/fuzz/server_no_fuzzer_mode_corpus/1489f923c4dca729178b3e3233458550d8dddf29
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/1489f923c4dca729178b3e3233458550d8dddf29
rename to src/fuzz/server_no_fuzzer_mode_corpus/1489f923c4dca729178b3e3233458550d8dddf29
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/15225c241c1c56fc666cd8e52ae9c666f6bc0e60 b/src/fuzz/server_no_fuzzer_mode_corpus/15225c241c1c56fc666cd8e52ae9c666f6bc0e60
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/15225c241c1c56fc666cd8e52ae9c666f6bc0e60
rename to src/fuzz/server_no_fuzzer_mode_corpus/15225c241c1c56fc666cd8e52ae9c666f6bc0e60
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/1573211bae710105a5ec8007eb30165361674477 b/src/fuzz/server_no_fuzzer_mode_corpus/1573211bae710105a5ec8007eb30165361674477
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/1573211bae710105a5ec8007eb30165361674477
rename to src/fuzz/server_no_fuzzer_mode_corpus/1573211bae710105a5ec8007eb30165361674477
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/15dc111ac3f4ef92733d50415fcae488bc3d0c7c b/src/fuzz/server_no_fuzzer_mode_corpus/15dc111ac3f4ef92733d50415fcae488bc3d0c7c
new file mode 100644
index 0000000..012e674
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/15dc111ac3f4ef92733d50415fcae488bc3d0c7c
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/164c004717340af31817d65e90c5bb57e717abbc b/src/fuzz/server_no_fuzzer_mode_corpus/164c004717340af31817d65e90c5bb57e717abbc
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/164c004717340af31817d65e90c5bb57e717abbc
rename to src/fuzz/server_no_fuzzer_mode_corpus/164c004717340af31817d65e90c5bb57e717abbc
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/1693b2794e49f4bf5ae68f4993fb3dbe13082e76 b/src/fuzz/server_no_fuzzer_mode_corpus/1693b2794e49f4bf5ae68f4993fb3dbe13082e76
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/1693b2794e49f4bf5ae68f4993fb3dbe13082e76
rename to src/fuzz/server_no_fuzzer_mode_corpus/1693b2794e49f4bf5ae68f4993fb3dbe13082e76
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/1696b64a30ff9f652f70b6853114b6a4d9495d92 b/src/fuzz/server_no_fuzzer_mode_corpus/1696b64a30ff9f652f70b6853114b6a4d9495d92
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/1696b64a30ff9f652f70b6853114b6a4d9495d92
rename to src/fuzz/server_no_fuzzer_mode_corpus/1696b64a30ff9f652f70b6853114b6a4d9495d92
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/17a11f55cc31839a468c5ce54c5fdd6df65daa4c b/src/fuzz/server_no_fuzzer_mode_corpus/17a11f55cc31839a468c5ce54c5fdd6df65daa4c
new file mode 100644
index 0000000..ca81b3e
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/17a11f55cc31839a468c5ce54c5fdd6df65daa4c
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/18372eeeba5efd2ad8d36bf84ae8feec4d5fbba4 b/src/fuzz/server_no_fuzzer_mode_corpus/18372eeeba5efd2ad8d36bf84ae8feec4d5fbba4
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/18372eeeba5efd2ad8d36bf84ae8feec4d5fbba4
rename to src/fuzz/server_no_fuzzer_mode_corpus/18372eeeba5efd2ad8d36bf84ae8feec4d5fbba4
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/195ecb2a6b9f63fdc8fa84dc8b1c3abb67ef3fa6 b/src/fuzz/server_no_fuzzer_mode_corpus/195ecb2a6b9f63fdc8fa84dc8b1c3abb67ef3fa6
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/195ecb2a6b9f63fdc8fa84dc8b1c3abb67ef3fa6
rename to src/fuzz/server_no_fuzzer_mode_corpus/195ecb2a6b9f63fdc8fa84dc8b1c3abb67ef3fa6
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/1a6b0a34883df3fe0fc342275ad60e3edd67fc3d b/src/fuzz/server_no_fuzzer_mode_corpus/1a6b0a34883df3fe0fc342275ad60e3edd67fc3d
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/1a6b0a34883df3fe0fc342275ad60e3edd67fc3d
rename to src/fuzz/server_no_fuzzer_mode_corpus/1a6b0a34883df3fe0fc342275ad60e3edd67fc3d
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/1b924c2a6ed3315c60e7f70bc3c3a272ea3411c3 b/src/fuzz/server_no_fuzzer_mode_corpus/1b924c2a6ed3315c60e7f70bc3c3a272ea3411c3
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/1b924c2a6ed3315c60e7f70bc3c3a272ea3411c3
rename to src/fuzz/server_no_fuzzer_mode_corpus/1b924c2a6ed3315c60e7f70bc3c3a272ea3411c3
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/1bd4feee0785eef8ff1e8c70882af1cf46b8945f b/src/fuzz/server_no_fuzzer_mode_corpus/1bd4feee0785eef8ff1e8c70882af1cf46b8945f
new file mode 100644
index 0000000..cf8de08
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/1bd4feee0785eef8ff1e8c70882af1cf46b8945f
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/1be74a4b3069487d2ab4e3fc38582d13fbfc6982 b/src/fuzz/server_no_fuzzer_mode_corpus/1be74a4b3069487d2ab4e3fc38582d13fbfc6982
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/1be74a4b3069487d2ab4e3fc38582d13fbfc6982
rename to src/fuzz/server_no_fuzzer_mode_corpus/1be74a4b3069487d2ab4e3fc38582d13fbfc6982
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/1c634714f8a6359cc53f1bc1c7a1348f39b2f9ea b/src/fuzz/server_no_fuzzer_mode_corpus/1c634714f8a6359cc53f1bc1c7a1348f39b2f9ea
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/1c634714f8a6359cc53f1bc1c7a1348f39b2f9ea
rename to src/fuzz/server_no_fuzzer_mode_corpus/1c634714f8a6359cc53f1bc1c7a1348f39b2f9ea
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/1d42ff3a79a609bb91813f06b2a8b4d91afe54a7 b/src/fuzz/server_no_fuzzer_mode_corpus/1d42ff3a79a609bb91813f06b2a8b4d91afe54a7
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/1d42ff3a79a609bb91813f06b2a8b4d91afe54a7
rename to src/fuzz/server_no_fuzzer_mode_corpus/1d42ff3a79a609bb91813f06b2a8b4d91afe54a7
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/1d66bf16a89f32b85fefe906753d2f23b0fda8f9 b/src/fuzz/server_no_fuzzer_mode_corpus/1d66bf16a89f32b85fefe906753d2f23b0fda8f9
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/1d66bf16a89f32b85fefe906753d2f23b0fda8f9
rename to src/fuzz/server_no_fuzzer_mode_corpus/1d66bf16a89f32b85fefe906753d2f23b0fda8f9
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/1d92c060ea2a91d536c9ed016314f20fa2411788 b/src/fuzz/server_no_fuzzer_mode_corpus/1d92c060ea2a91d536c9ed016314f20fa2411788
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/1d92c060ea2a91d536c9ed016314f20fa2411788
rename to src/fuzz/server_no_fuzzer_mode_corpus/1d92c060ea2a91d536c9ed016314f20fa2411788
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/1e74eaa6f82c33ede12903604d1c018ae2ec7b67 b/src/fuzz/server_no_fuzzer_mode_corpus/1e74eaa6f82c33ede12903604d1c018ae2ec7b67
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/1e74eaa6f82c33ede12903604d1c018ae2ec7b67
rename to src/fuzz/server_no_fuzzer_mode_corpus/1e74eaa6f82c33ede12903604d1c018ae2ec7b67
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/1f04d58e13c50cbdbb989781c4154d021b2437af b/src/fuzz/server_no_fuzzer_mode_corpus/1f04d58e13c50cbdbb989781c4154d021b2437af
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/1f04d58e13c50cbdbb989781c4154d021b2437af
rename to src/fuzz/server_no_fuzzer_mode_corpus/1f04d58e13c50cbdbb989781c4154d021b2437af
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2003175cdfd0c765027642e4cbacf6fdc4002154 b/src/fuzz/server_no_fuzzer_mode_corpus/2003175cdfd0c765027642e4cbacf6fdc4002154
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/2003175cdfd0c765027642e4cbacf6fdc4002154
rename to src/fuzz/server_no_fuzzer_mode_corpus/2003175cdfd0c765027642e4cbacf6fdc4002154
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/20c101d0d759880be159128d7a652751648d3338 b/src/fuzz/server_no_fuzzer_mode_corpus/20c101d0d759880be159128d7a652751648d3338
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/20c101d0d759880be159128d7a652751648d3338
rename to src/fuzz/server_no_fuzzer_mode_corpus/20c101d0d759880be159128d7a652751648d3338
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2134e034dafd716f2f416313abcb9f3f7ea858e9 b/src/fuzz/server_no_fuzzer_mode_corpus/2134e034dafd716f2f416313abcb9f3f7ea858e9
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/2134e034dafd716f2f416313abcb9f3f7ea858e9
rename to src/fuzz/server_no_fuzzer_mode_corpus/2134e034dafd716f2f416313abcb9f3f7ea858e9
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/21e95c8e2790d9bffec74e4a0d8f94d989e2589d b/src/fuzz/server_no_fuzzer_mode_corpus/21e95c8e2790d9bffec74e4a0d8f94d989e2589d
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/21e95c8e2790d9bffec74e4a0d8f94d989e2589d
rename to src/fuzz/server_no_fuzzer_mode_corpus/21e95c8e2790d9bffec74e4a0d8f94d989e2589d
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/2250f8e04cc212126b2df3bac6ed84293e83715a b/src/fuzz/server_no_fuzzer_mode_corpus/2250f8e04cc212126b2df3bac6ed84293e83715a
new file mode 100644
index 0000000..72b488b
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/2250f8e04cc212126b2df3bac6ed84293e83715a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2282590f86aa9e6346694931c88ab0427efc255a b/src/fuzz/server_no_fuzzer_mode_corpus/2282590f86aa9e6346694931c88ab0427efc255a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/2282590f86aa9e6346694931c88ab0427efc255a
rename to src/fuzz/server_no_fuzzer_mode_corpus/2282590f86aa9e6346694931c88ab0427efc255a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/22ed42b85618274ca56f412dbc95cf158076864a b/src/fuzz/server_no_fuzzer_mode_corpus/22ed42b85618274ca56f412dbc95cf158076864a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/22ed42b85618274ca56f412dbc95cf158076864a
rename to src/fuzz/server_no_fuzzer_mode_corpus/22ed42b85618274ca56f412dbc95cf158076864a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/22f989f35ca560a1f7da05c0cc454f98a44d6c1c b/src/fuzz/server_no_fuzzer_mode_corpus/22f989f35ca560a1f7da05c0cc454f98a44d6c1c
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/22f989f35ca560a1f7da05c0cc454f98a44d6c1c
rename to src/fuzz/server_no_fuzzer_mode_corpus/22f989f35ca560a1f7da05c0cc454f98a44d6c1c
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2334fb59f8b4b7852c4546f36e5e3b241e5a8f04 b/src/fuzz/server_no_fuzzer_mode_corpus/2334fb59f8b4b7852c4546f36e5e3b241e5a8f04
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/2334fb59f8b4b7852c4546f36e5e3b241e5a8f04
rename to src/fuzz/server_no_fuzzer_mode_corpus/2334fb59f8b4b7852c4546f36e5e3b241e5a8f04
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/23b47ae3f11c3f4a3573d1531128c5d0efedcdd9 b/src/fuzz/server_no_fuzzer_mode_corpus/23b47ae3f11c3f4a3573d1531128c5d0efedcdd9
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/23b47ae3f11c3f4a3573d1531128c5d0efedcdd9
rename to src/fuzz/server_no_fuzzer_mode_corpus/23b47ae3f11c3f4a3573d1531128c5d0efedcdd9
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/241422d7ee7a1c86910ac543c840ae040d3dcf77 b/src/fuzz/server_no_fuzzer_mode_corpus/241422d7ee7a1c86910ac543c840ae040d3dcf77
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/241422d7ee7a1c86910ac543c840ae040d3dcf77
rename to src/fuzz/server_no_fuzzer_mode_corpus/241422d7ee7a1c86910ac543c840ae040d3dcf77
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/245c140f4a5800adfa7a6e94ecbdc0c67a626ef2 b/src/fuzz/server_no_fuzzer_mode_corpus/245c140f4a5800adfa7a6e94ecbdc0c67a626ef2
new file mode 100644
index 0000000..50e8633
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/245c140f4a5800adfa7a6e94ecbdc0c67a626ef2
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/246327b4f9198aa302033c73781462e5798efcf5 b/src/fuzz/server_no_fuzzer_mode_corpus/246327b4f9198aa302033c73781462e5798efcf5
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/246327b4f9198aa302033c73781462e5798efcf5
rename to src/fuzz/server_no_fuzzer_mode_corpus/246327b4f9198aa302033c73781462e5798efcf5
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/2467263c0f7188169166b0d4347461b5ae058cdd b/src/fuzz/server_no_fuzzer_mode_corpus/2467263c0f7188169166b0d4347461b5ae058cdd
new file mode 100644
index 0000000..3dd528c
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/2467263c0f7188169166b0d4347461b5ae058cdd
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2504d089c2ba4bbb51f7588f791f95f00617ede1 b/src/fuzz/server_no_fuzzer_mode_corpus/2504d089c2ba4bbb51f7588f791f95f00617ede1
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/2504d089c2ba4bbb51f7588f791f95f00617ede1
rename to src/fuzz/server_no_fuzzer_mode_corpus/2504d089c2ba4bbb51f7588f791f95f00617ede1
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/27159295d9da1910cc4090c0b90df0bc0a3c065a b/src/fuzz/server_no_fuzzer_mode_corpus/27159295d9da1910cc4090c0b90df0bc0a3c065a
new file mode 100644
index 0000000..3a4392e
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/27159295d9da1910cc4090c0b90df0bc0a3c065a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/284c4ecf66b5d18df255aa441476f3b6f8fd956d b/src/fuzz/server_no_fuzzer_mode_corpus/284c4ecf66b5d18df255aa441476f3b6f8fd956d
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/284c4ecf66b5d18df255aa441476f3b6f8fd956d
rename to src/fuzz/server_no_fuzzer_mode_corpus/284c4ecf66b5d18df255aa441476f3b6f8fd956d
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/28595fdccec9a49cf650b8841b76c48e367d7ac0 b/src/fuzz/server_no_fuzzer_mode_corpus/28595fdccec9a49cf650b8841b76c48e367d7ac0
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/28595fdccec9a49cf650b8841b76c48e367d7ac0
rename to src/fuzz/server_no_fuzzer_mode_corpus/28595fdccec9a49cf650b8841b76c48e367d7ac0
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/28d75987bd7855b6f3c04c8d0de4040ae319322c b/src/fuzz/server_no_fuzzer_mode_corpus/28d75987bd7855b6f3c04c8d0de4040ae319322c
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/28d75987bd7855b6f3c04c8d0de4040ae319322c
rename to src/fuzz/server_no_fuzzer_mode_corpus/28d75987bd7855b6f3c04c8d0de4040ae319322c
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/28daa994ceff3f0cee5702491b93bd14c59383ba b/src/fuzz/server_no_fuzzer_mode_corpus/28daa994ceff3f0cee5702491b93bd14c59383ba
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/28daa994ceff3f0cee5702491b93bd14c59383ba
rename to src/fuzz/server_no_fuzzer_mode_corpus/28daa994ceff3f0cee5702491b93bd14c59383ba
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/297de488559833cfbceb42024f16390fdffb1093 b/src/fuzz/server_no_fuzzer_mode_corpus/297de488559833cfbceb42024f16390fdffb1093
new file mode 100644
index 0000000..7c10af1
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/297de488559833cfbceb42024f16390fdffb1093
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2a21fcec464b8262d6300f8f0c7f3518e146acc4 b/src/fuzz/server_no_fuzzer_mode_corpus/2a21fcec464b8262d6300f8f0c7f3518e146acc4
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/2a21fcec464b8262d6300f8f0c7f3518e146acc4
rename to src/fuzz/server_no_fuzzer_mode_corpus/2a21fcec464b8262d6300f8f0c7f3518e146acc4
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/2ad583821c1860f52d94c6692faccaed025acfdb b/src/fuzz/server_no_fuzzer_mode_corpus/2ad583821c1860f52d94c6692faccaed025acfdb
new file mode 100644
index 0000000..1decf8e
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/2ad583821c1860f52d94c6692faccaed025acfdb
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2ba03e96d467ad75f911b4f55319a56cc3312751 b/src/fuzz/server_no_fuzzer_mode_corpus/2ba03e96d467ad75f911b4f55319a56cc3312751
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/2ba03e96d467ad75f911b4f55319a56cc3312751
rename to src/fuzz/server_no_fuzzer_mode_corpus/2ba03e96d467ad75f911b4f55319a56cc3312751
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2bcbc0d023a29bc3bedc22b2b61a1df6737e785d b/src/fuzz/server_no_fuzzer_mode_corpus/2bcbc0d023a29bc3bedc22b2b61a1df6737e785d
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/2bcbc0d023a29bc3bedc22b2b61a1df6737e785d
rename to src/fuzz/server_no_fuzzer_mode_corpus/2bcbc0d023a29bc3bedc22b2b61a1df6737e785d
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2c09301393be1636d0a8cc70b6b75e2dffc10f2e b/src/fuzz/server_no_fuzzer_mode_corpus/2c09301393be1636d0a8cc70b6b75e2dffc10f2e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/2c09301393be1636d0a8cc70b6b75e2dffc10f2e
rename to src/fuzz/server_no_fuzzer_mode_corpus/2c09301393be1636d0a8cc70b6b75e2dffc10f2e
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/2c437eed7cb8f2599f1f987eb462e5dfa8b95005 b/src/fuzz/server_no_fuzzer_mode_corpus/2c437eed7cb8f2599f1f987eb462e5dfa8b95005
new file mode 100644
index 0000000..9b6c72e
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/2c437eed7cb8f2599f1f987eb462e5dfa8b95005
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2cc1ef77d85171cf85462d750136e699967c4062 b/src/fuzz/server_no_fuzzer_mode_corpus/2cc1ef77d85171cf85462d750136e699967c4062
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/2cc1ef77d85171cf85462d750136e699967c4062
rename to src/fuzz/server_no_fuzzer_mode_corpus/2cc1ef77d85171cf85462d750136e699967c4062
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2cd81aeed696eb0b3a941f1ca8e8ce9b3a7d00b1 b/src/fuzz/server_no_fuzzer_mode_corpus/2cd81aeed696eb0b3a941f1ca8e8ce9b3a7d00b1
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/2cd81aeed696eb0b3a941f1ca8e8ce9b3a7d00b1
rename to src/fuzz/server_no_fuzzer_mode_corpus/2cd81aeed696eb0b3a941f1ca8e8ce9b3a7d00b1
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2cf927e5b4f3db56e90563f6b7b4193298691ebe b/src/fuzz/server_no_fuzzer_mode_corpus/2cf927e5b4f3db56e90563f6b7b4193298691ebe
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/2cf927e5b4f3db56e90563f6b7b4193298691ebe
rename to src/fuzz/server_no_fuzzer_mode_corpus/2cf927e5b4f3db56e90563f6b7b4193298691ebe
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2d18b5f4f5f3a0235f499d76f6d9e9db7a5ef0cf b/src/fuzz/server_no_fuzzer_mode_corpus/2d18b5f4f5f3a0235f499d76f6d9e9db7a5ef0cf
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/2d18b5f4f5f3a0235f499d76f6d9e9db7a5ef0cf
rename to src/fuzz/server_no_fuzzer_mode_corpus/2d18b5f4f5f3a0235f499d76f6d9e9db7a5ef0cf
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2da8bdc397014d7f5a1fee1b7d30b1cd28b7e862 b/src/fuzz/server_no_fuzzer_mode_corpus/2da8bdc397014d7f5a1fee1b7d30b1cd28b7e862
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/2da8bdc397014d7f5a1fee1b7d30b1cd28b7e862
rename to src/fuzz/server_no_fuzzer_mode_corpus/2da8bdc397014d7f5a1fee1b7d30b1cd28b7e862
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2dc4d57d10664322de1220bb2030e1b3661544b1 b/src/fuzz/server_no_fuzzer_mode_corpus/2dc4d57d10664322de1220bb2030e1b3661544b1
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/2dc4d57d10664322de1220bb2030e1b3661544b1
rename to src/fuzz/server_no_fuzzer_mode_corpus/2dc4d57d10664322de1220bb2030e1b3661544b1
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2ec8ed2f45f5a5b8f66ab3b47f16b235718f0ec6 b/src/fuzz/server_no_fuzzer_mode_corpus/2ec8ed2f45f5a5b8f66ab3b47f16b235718f0ec6
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/2ec8ed2f45f5a5b8f66ab3b47f16b235718f0ec6
rename to src/fuzz/server_no_fuzzer_mode_corpus/2ec8ed2f45f5a5b8f66ab3b47f16b235718f0ec6
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2ede02b70e97de69de384bedcec01813ca769f35 b/src/fuzz/server_no_fuzzer_mode_corpus/2ede02b70e97de69de384bedcec01813ca769f35
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/2ede02b70e97de69de384bedcec01813ca769f35
rename to src/fuzz/server_no_fuzzer_mode_corpus/2ede02b70e97de69de384bedcec01813ca769f35
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2f0f63d0a3dbc0410feda2deecd9c7622834f6b5 b/src/fuzz/server_no_fuzzer_mode_corpus/2f0f63d0a3dbc0410feda2deecd9c7622834f6b5
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/2f0f63d0a3dbc0410feda2deecd9c7622834f6b5
rename to src/fuzz/server_no_fuzzer_mode_corpus/2f0f63d0a3dbc0410feda2deecd9c7622834f6b5
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2f30f458e3e2f93c3df539e181427baf43dd8da5 b/src/fuzz/server_no_fuzzer_mode_corpus/2f30f458e3e2f93c3df539e181427baf43dd8da5
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/2f30f458e3e2f93c3df539e181427baf43dd8da5
rename to src/fuzz/server_no_fuzzer_mode_corpus/2f30f458e3e2f93c3df539e181427baf43dd8da5
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/2f44c3b502e4bb0b88a1bf4fa9760540447c74ce b/src/fuzz/server_no_fuzzer_mode_corpus/2f44c3b502e4bb0b88a1bf4fa9760540447c74ce
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/2f44c3b502e4bb0b88a1bf4fa9760540447c74ce
rename to src/fuzz/server_no_fuzzer_mode_corpus/2f44c3b502e4bb0b88a1bf4fa9760540447c74ce
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/306f10d3374c29f86351764870b814f25e96fb00 b/src/fuzz/server_no_fuzzer_mode_corpus/306f10d3374c29f86351764870b814f25e96fb00
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/306f10d3374c29f86351764870b814f25e96fb00
rename to src/fuzz/server_no_fuzzer_mode_corpus/306f10d3374c29f86351764870b814f25e96fb00
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/30cf369f8271fc2e5a363b05727a2b6993a91782 b/src/fuzz/server_no_fuzzer_mode_corpus/30cf369f8271fc2e5a363b05727a2b6993a91782
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/30cf369f8271fc2e5a363b05727a2b6993a91782
rename to src/fuzz/server_no_fuzzer_mode_corpus/30cf369f8271fc2e5a363b05727a2b6993a91782
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/322de7ec5c0671e0fb799996b2d7c30f7ad927bc b/src/fuzz/server_no_fuzzer_mode_corpus/322de7ec5c0671e0fb799996b2d7c30f7ad927bc
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/322de7ec5c0671e0fb799996b2d7c30f7ad927bc
rename to src/fuzz/server_no_fuzzer_mode_corpus/322de7ec5c0671e0fb799996b2d7c30f7ad927bc
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/327c35674beb6c067401986360dd7e05234bc31e b/src/fuzz/server_no_fuzzer_mode_corpus/327c35674beb6c067401986360dd7e05234bc31e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/327c35674beb6c067401986360dd7e05234bc31e
rename to src/fuzz/server_no_fuzzer_mode_corpus/327c35674beb6c067401986360dd7e05234bc31e
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/3399fb5bf14f0340e00828ab18d292f0de51a25e b/src/fuzz/server_no_fuzzer_mode_corpus/3399fb5bf14f0340e00828ab18d292f0de51a25e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/3399fb5bf14f0340e00828ab18d292f0de51a25e
rename to src/fuzz/server_no_fuzzer_mode_corpus/3399fb5bf14f0340e00828ab18d292f0de51a25e
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/33da2d1bc96d7201287c8a845582ddbf50bcb37a b/src/fuzz/server_no_fuzzer_mode_corpus/33da2d1bc96d7201287c8a845582ddbf50bcb37a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/33da2d1bc96d7201287c8a845582ddbf50bcb37a
rename to src/fuzz/server_no_fuzzer_mode_corpus/33da2d1bc96d7201287c8a845582ddbf50bcb37a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/342abffbd3a33d4b73e54c0675585fcd511f492d b/src/fuzz/server_no_fuzzer_mode_corpus/342abffbd3a33d4b73e54c0675585fcd511f492d
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/342abffbd3a33d4b73e54c0675585fcd511f492d
rename to src/fuzz/server_no_fuzzer_mode_corpus/342abffbd3a33d4b73e54c0675585fcd511f492d
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/3434baa9770fe589fc2110be2680d4b0ca7ccc24 b/src/fuzz/server_no_fuzzer_mode_corpus/3434baa9770fe589fc2110be2680d4b0ca7ccc24
new file mode 100644
index 0000000..8c4df48
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/3434baa9770fe589fc2110be2680d4b0ca7ccc24
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/343dea8f3f2a78c7db0dce8a4b5f151176c5d882 b/src/fuzz/server_no_fuzzer_mode_corpus/343dea8f3f2a78c7db0dce8a4b5f151176c5d882
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/343dea8f3f2a78c7db0dce8a4b5f151176c5d882
rename to src/fuzz/server_no_fuzzer_mode_corpus/343dea8f3f2a78c7db0dce8a4b5f151176c5d882
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/34682a590921e907b96b9e3ea4ca81e7a1ddb42a b/src/fuzz/server_no_fuzzer_mode_corpus/34682a590921e907b96b9e3ea4ca81e7a1ddb42a
new file mode 100644
index 0000000..96439b2
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/34682a590921e907b96b9e3ea4ca81e7a1ddb42a
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/357179e5cfeffc0d0a70072d83cb8ebf6c9b567f b/src/fuzz/server_no_fuzzer_mode_corpus/357179e5cfeffc0d0a70072d83cb8ebf6c9b567f
new file mode 100644
index 0000000..91a02be
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/357179e5cfeffc0d0a70072d83cb8ebf6c9b567f
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/35a7bba0e41884293b9c1e91003489563e16163c b/src/fuzz/server_no_fuzzer_mode_corpus/35a7bba0e41884293b9c1e91003489563e16163c
new file mode 100644
index 0000000..efe73e0
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/35a7bba0e41884293b9c1e91003489563e16163c
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/35c0efd2c9cbc6f3b4e76cddb8c1d94ee1a44794 b/src/fuzz/server_no_fuzzer_mode_corpus/35c0efd2c9cbc6f3b4e76cddb8c1d94ee1a44794
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/35c0efd2c9cbc6f3b4e76cddb8c1d94ee1a44794
rename to src/fuzz/server_no_fuzzer_mode_corpus/35c0efd2c9cbc6f3b4e76cddb8c1d94ee1a44794
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/35ff95557bc6038f4b3866e8cf5f9529b511b51a b/src/fuzz/server_no_fuzzer_mode_corpus/35ff95557bc6038f4b3866e8cf5f9529b511b51a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/35ff95557bc6038f4b3866e8cf5f9529b511b51a
rename to src/fuzz/server_no_fuzzer_mode_corpus/35ff95557bc6038f4b3866e8cf5f9529b511b51a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/36408aff7c4939c52780f09d2b959a02087009d8 b/src/fuzz/server_no_fuzzer_mode_corpus/36408aff7c4939c52780f09d2b959a02087009d8
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/36408aff7c4939c52780f09d2b959a02087009d8
rename to src/fuzz/server_no_fuzzer_mode_corpus/36408aff7c4939c52780f09d2b959a02087009d8
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/36eb60784edea2c9e84965e234df7162cf09b472 b/src/fuzz/server_no_fuzzer_mode_corpus/36eb60784edea2c9e84965e234df7162cf09b472
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/36eb60784edea2c9e84965e234df7162cf09b472
rename to src/fuzz/server_no_fuzzer_mode_corpus/36eb60784edea2c9e84965e234df7162cf09b472
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/372dfd3ad38c81697a88f223c61bebe4108d9e7d b/src/fuzz/server_no_fuzzer_mode_corpus/372dfd3ad38c81697a88f223c61bebe4108d9e7d
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/372dfd3ad38c81697a88f223c61bebe4108d9e7d
rename to src/fuzz/server_no_fuzzer_mode_corpus/372dfd3ad38c81697a88f223c61bebe4108d9e7d
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/3797cfedecf9e7abe3c140a8700416cec19e456b b/src/fuzz/server_no_fuzzer_mode_corpus/3797cfedecf9e7abe3c140a8700416cec19e456b
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/3797cfedecf9e7abe3c140a8700416cec19e456b
rename to src/fuzz/server_no_fuzzer_mode_corpus/3797cfedecf9e7abe3c140a8700416cec19e456b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/3815608992bbaf73e9830ed71bc994580aa8b262 b/src/fuzz/server_no_fuzzer_mode_corpus/3815608992bbaf73e9830ed71bc994580aa8b262
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/3815608992bbaf73e9830ed71bc994580aa8b262
rename to src/fuzz/server_no_fuzzer_mode_corpus/3815608992bbaf73e9830ed71bc994580aa8b262
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/38782780870efe01276992695144688ed7fc0d0e b/src/fuzz/server_no_fuzzer_mode_corpus/38782780870efe01276992695144688ed7fc0d0e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/38782780870efe01276992695144688ed7fc0d0e
rename to src/fuzz/server_no_fuzzer_mode_corpus/38782780870efe01276992695144688ed7fc0d0e
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/390c601ab4fc7955cbc293bdfe06d4596a6a4d1e b/src/fuzz/server_no_fuzzer_mode_corpus/390c601ab4fc7955cbc293bdfe06d4596a6a4d1e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/390c601ab4fc7955cbc293bdfe06d4596a6a4d1e
rename to src/fuzz/server_no_fuzzer_mode_corpus/390c601ab4fc7955cbc293bdfe06d4596a6a4d1e
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/393218bd0709e8f01050f972cac5f7943dcc92d0 b/src/fuzz/server_no_fuzzer_mode_corpus/393218bd0709e8f01050f972cac5f7943dcc92d0
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/393218bd0709e8f01050f972cac5f7943dcc92d0
rename to src/fuzz/server_no_fuzzer_mode_corpus/393218bd0709e8f01050f972cac5f7943dcc92d0
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/3a120b8a4862c1bc0beb6a7d5f3fe9538af6fd80 b/src/fuzz/server_no_fuzzer_mode_corpus/3a120b8a4862c1bc0beb6a7d5f3fe9538af6fd80
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/3a120b8a4862c1bc0beb6a7d5f3fe9538af6fd80
rename to src/fuzz/server_no_fuzzer_mode_corpus/3a120b8a4862c1bc0beb6a7d5f3fe9538af6fd80
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/3a737d30c5a8805fadc8ad37ec97415facd482b2 b/src/fuzz/server_no_fuzzer_mode_corpus/3a737d30c5a8805fadc8ad37ec97415facd482b2
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/3a737d30c5a8805fadc8ad37ec97415facd482b2
rename to src/fuzz/server_no_fuzzer_mode_corpus/3a737d30c5a8805fadc8ad37ec97415facd482b2
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/3c1b292602bb262917b28348d87e42726a3b4f7f b/src/fuzz/server_no_fuzzer_mode_corpus/3c1b292602bb262917b28348d87e42726a3b4f7f
new file mode 100644
index 0000000..84e16e6
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/3c1b292602bb262917b28348d87e42726a3b4f7f
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/3c2f22d033ddba01cf6e8cc32a7856c345b8fa39 b/src/fuzz/server_no_fuzzer_mode_corpus/3c2f22d033ddba01cf6e8cc32a7856c345b8fa39
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/3c2f22d033ddba01cf6e8cc32a7856c345b8fa39
rename to src/fuzz/server_no_fuzzer_mode_corpus/3c2f22d033ddba01cf6e8cc32a7856c345b8fa39
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/3c5f664fd82e10a83df15830bd0ae0b66c3a3a4a b/src/fuzz/server_no_fuzzer_mode_corpus/3c5f664fd82e10a83df15830bd0ae0b66c3a3a4a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/3c5f664fd82e10a83df15830bd0ae0b66c3a3a4a
rename to src/fuzz/server_no_fuzzer_mode_corpus/3c5f664fd82e10a83df15830bd0ae0b66c3a3a4a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/3cd98577646d22f4af245e2b3cf623e19a63827c b/src/fuzz/server_no_fuzzer_mode_corpus/3cd98577646d22f4af245e2b3cf623e19a63827c
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/3cd98577646d22f4af245e2b3cf623e19a63827c
rename to src/fuzz/server_no_fuzzer_mode_corpus/3cd98577646d22f4af245e2b3cf623e19a63827c
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/3cdfdd6097562b00bada1729212b675702ed597b b/src/fuzz/server_no_fuzzer_mode_corpus/3cdfdd6097562b00bada1729212b675702ed597b
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/3cdfdd6097562b00bada1729212b675702ed597b
rename to src/fuzz/server_no_fuzzer_mode_corpus/3cdfdd6097562b00bada1729212b675702ed597b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/3cfac745077d5b35a20306b7370bb75a8ed81385 b/src/fuzz/server_no_fuzzer_mode_corpus/3cfac745077d5b35a20306b7370bb75a8ed81385
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/3cfac745077d5b35a20306b7370bb75a8ed81385
rename to src/fuzz/server_no_fuzzer_mode_corpus/3cfac745077d5b35a20306b7370bb75a8ed81385
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/3d324da734ed5f9480f251da38869f41e638d617 b/src/fuzz/server_no_fuzzer_mode_corpus/3d324da734ed5f9480f251da38869f41e638d617
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/3d324da734ed5f9480f251da38869f41e638d617
rename to src/fuzz/server_no_fuzzer_mode_corpus/3d324da734ed5f9480f251da38869f41e638d617
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/3dfb621c543412bb858fa84ef59323f7bdb2ed36 b/src/fuzz/server_no_fuzzer_mode_corpus/3dfb621c543412bb858fa84ef59323f7bdb2ed36
new file mode 100644
index 0000000..c95350d
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/3dfb621c543412bb858fa84ef59323f7bdb2ed36
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/3e452bfb827194370dc64efc2ef5b4a1efde76f0 b/src/fuzz/server_no_fuzzer_mode_corpus/3e452bfb827194370dc64efc2ef5b4a1efde76f0
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/3e452bfb827194370dc64efc2ef5b4a1efde76f0
rename to src/fuzz/server_no_fuzzer_mode_corpus/3e452bfb827194370dc64efc2ef5b4a1efde76f0
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/3f17b10a71b0f2883378fe9a0aae96e3280140ee b/src/fuzz/server_no_fuzzer_mode_corpus/3f17b10a71b0f2883378fe9a0aae96e3280140ee
new file mode 100644
index 0000000..a661e8c
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/3f17b10a71b0f2883378fe9a0aae96e3280140ee
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/3f4f571a6306785bd50b8b60274dd533aa1f6f96 b/src/fuzz/server_no_fuzzer_mode_corpus/3f4f571a6306785bd50b8b60274dd533aa1f6f96
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/3f4f571a6306785bd50b8b60274dd533aa1f6f96
rename to src/fuzz/server_no_fuzzer_mode_corpus/3f4f571a6306785bd50b8b60274dd533aa1f6f96
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/3fddee660c732806c4cf75c0a535a906adeaf2f8 b/src/fuzz/server_no_fuzzer_mode_corpus/3fddee660c732806c4cf75c0a535a906adeaf2f8
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/3fddee660c732806c4cf75c0a535a906adeaf2f8
rename to src/fuzz/server_no_fuzzer_mode_corpus/3fddee660c732806c4cf75c0a535a906adeaf2f8
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/4119dd280b114874c907a50cbb768e33417fa43f b/src/fuzz/server_no_fuzzer_mode_corpus/4119dd280b114874c907a50cbb768e33417fa43f
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/4119dd280b114874c907a50cbb768e33417fa43f
rename to src/fuzz/server_no_fuzzer_mode_corpus/4119dd280b114874c907a50cbb768e33417fa43f
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/4153d1ab2cd0068f9c99eae3748da0e16ea31d3d b/src/fuzz/server_no_fuzzer_mode_corpus/4153d1ab2cd0068f9c99eae3748da0e16ea31d3d
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/4153d1ab2cd0068f9c99eae3748da0e16ea31d3d
rename to src/fuzz/server_no_fuzzer_mode_corpus/4153d1ab2cd0068f9c99eae3748da0e16ea31d3d
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/438d757e41c4964ff23c877038331b62410df122 b/src/fuzz/server_no_fuzzer_mode_corpus/438d757e41c4964ff23c877038331b62410df122
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/438d757e41c4964ff23c877038331b62410df122
rename to src/fuzz/server_no_fuzzer_mode_corpus/438d757e41c4964ff23c877038331b62410df122
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/43b965aebbcddea6c776f56a9ccc67e6617d5d2e b/src/fuzz/server_no_fuzzer_mode_corpus/43b965aebbcddea6c776f56a9ccc67e6617d5d2e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/43b965aebbcddea6c776f56a9ccc67e6617d5d2e
rename to src/fuzz/server_no_fuzzer_mode_corpus/43b965aebbcddea6c776f56a9ccc67e6617d5d2e
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/43d1508a5748ed862dbda3a7c5732c756a45371f b/src/fuzz/server_no_fuzzer_mode_corpus/43d1508a5748ed862dbda3a7c5732c756a45371f
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/43d1508a5748ed862dbda3a7c5732c756a45371f
rename to src/fuzz/server_no_fuzzer_mode_corpus/43d1508a5748ed862dbda3a7c5732c756a45371f
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/44096b89a066ce2ea3e62dc4f9c4ce68496b1f4b b/src/fuzz/server_no_fuzzer_mode_corpus/44096b89a066ce2ea3e62dc4f9c4ce68496b1f4b
new file mode 100644
index 0000000..d67a0a7
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/44096b89a066ce2ea3e62dc4f9c4ce68496b1f4b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/44b88a54b45e929895e62f0df349d2118fac4926 b/src/fuzz/server_no_fuzzer_mode_corpus/44b88a54b45e929895e62f0df349d2118fac4926
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/44b88a54b45e929895e62f0df349d2118fac4926
rename to src/fuzz/server_no_fuzzer_mode_corpus/44b88a54b45e929895e62f0df349d2118fac4926
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/44e28bf531e394c9652141e0c214ccf7e83c8f49 b/src/fuzz/server_no_fuzzer_mode_corpus/44e28bf531e394c9652141e0c214ccf7e83c8f49
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/44e28bf531e394c9652141e0c214ccf7e83c8f49
rename to src/fuzz/server_no_fuzzer_mode_corpus/44e28bf531e394c9652141e0c214ccf7e83c8f49
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/46d476cec07892045e43fbdec297eefac47d1dcd b/src/fuzz/server_no_fuzzer_mode_corpus/46d476cec07892045e43fbdec297eefac47d1dcd
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/46d476cec07892045e43fbdec297eefac47d1dcd
rename to src/fuzz/server_no_fuzzer_mode_corpus/46d476cec07892045e43fbdec297eefac47d1dcd
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/46ee49bf71d81db9ec25e63ddd3005c403f3eaff b/src/fuzz/server_no_fuzzer_mode_corpus/46ee49bf71d81db9ec25e63ddd3005c403f3eaff
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/46ee49bf71d81db9ec25e63ddd3005c403f3eaff
rename to src/fuzz/server_no_fuzzer_mode_corpus/46ee49bf71d81db9ec25e63ddd3005c403f3eaff
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/4701a996db9f51a3785672a418d817ac918af030 b/src/fuzz/server_no_fuzzer_mode_corpus/4701a996db9f51a3785672a418d817ac918af030
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/4701a996db9f51a3785672a418d817ac918af030
rename to src/fuzz/server_no_fuzzer_mode_corpus/4701a996db9f51a3785672a418d817ac918af030
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/472dc3c76762f89ca0b67d4fa9e6a0b80ab96d46 b/src/fuzz/server_no_fuzzer_mode_corpus/472dc3c76762f89ca0b67d4fa9e6a0b80ab96d46
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/472dc3c76762f89ca0b67d4fa9e6a0b80ab96d46
rename to src/fuzz/server_no_fuzzer_mode_corpus/472dc3c76762f89ca0b67d4fa9e6a0b80ab96d46
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/4764e1747f76ecd6fd07828c24badb99dbfb4585 b/src/fuzz/server_no_fuzzer_mode_corpus/4764e1747f76ecd6fd07828c24badb99dbfb4585
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/4764e1747f76ecd6fd07828c24badb99dbfb4585
rename to src/fuzz/server_no_fuzzer_mode_corpus/4764e1747f76ecd6fd07828c24badb99dbfb4585
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/4872d27fdf102f2dfe776a718db33dbc5fb814d0 b/src/fuzz/server_no_fuzzer_mode_corpus/4872d27fdf102f2dfe776a718db33dbc5fb814d0
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/4872d27fdf102f2dfe776a718db33dbc5fb814d0
rename to src/fuzz/server_no_fuzzer_mode_corpus/4872d27fdf102f2dfe776a718db33dbc5fb814d0
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/497f86b8cf01e8870743bf4ea157834b179a39ce b/src/fuzz/server_no_fuzzer_mode_corpus/497f86b8cf01e8870743bf4ea157834b179a39ce
new file mode 100644
index 0000000..368281d
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/497f86b8cf01e8870743bf4ea157834b179a39ce
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/49b45defe1fbe376e9988bf6c7eb6c1767f0425f b/src/fuzz/server_no_fuzzer_mode_corpus/49b45defe1fbe376e9988bf6c7eb6c1767f0425f
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/49b45defe1fbe376e9988bf6c7eb6c1767f0425f
rename to src/fuzz/server_no_fuzzer_mode_corpus/49b45defe1fbe376e9988bf6c7eb6c1767f0425f
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/4a18136ad23f65ccd751cf307f85010c1f856a24 b/src/fuzz/server_no_fuzzer_mode_corpus/4a18136ad23f65ccd751cf307f85010c1f856a24
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/4a18136ad23f65ccd751cf307f85010c1f856a24
rename to src/fuzz/server_no_fuzzer_mode_corpus/4a18136ad23f65ccd751cf307f85010c1f856a24
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/4a550882f9caf933a356463a02f02964ebf587a1 b/src/fuzz/server_no_fuzzer_mode_corpus/4a550882f9caf933a356463a02f02964ebf587a1
new file mode 100644
index 0000000..00b4e6f
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/4a550882f9caf933a356463a02f02964ebf587a1
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/4aa6ddc122b53afb2aa16f7c51399d75c4b3e79d b/src/fuzz/server_no_fuzzer_mode_corpus/4aa6ddc122b53afb2aa16f7c51399d75c4b3e79d
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/4aa6ddc122b53afb2aa16f7c51399d75c4b3e79d
rename to src/fuzz/server_no_fuzzer_mode_corpus/4aa6ddc122b53afb2aa16f7c51399d75c4b3e79d
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/4aa7a3d7dca16a5b125ae3161759a3013a843b4a b/src/fuzz/server_no_fuzzer_mode_corpus/4aa7a3d7dca16a5b125ae3161759a3013a843b4a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/4aa7a3d7dca16a5b125ae3161759a3013a843b4a
rename to src/fuzz/server_no_fuzzer_mode_corpus/4aa7a3d7dca16a5b125ae3161759a3013a843b4a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/4b80a7e2d86957b1ac8646ee81fb8d549140a0ab b/src/fuzz/server_no_fuzzer_mode_corpus/4b80a7e2d86957b1ac8646ee81fb8d549140a0ab
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/4b80a7e2d86957b1ac8646ee81fb8d549140a0ab
rename to src/fuzz/server_no_fuzzer_mode_corpus/4b80a7e2d86957b1ac8646ee81fb8d549140a0ab
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/4bf6cf93aad8725818db77fe3681497907b74675 b/src/fuzz/server_no_fuzzer_mode_corpus/4bf6cf93aad8725818db77fe3681497907b74675
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/4bf6cf93aad8725818db77fe3681497907b74675
rename to src/fuzz/server_no_fuzzer_mode_corpus/4bf6cf93aad8725818db77fe3681497907b74675
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/4c204fb176ad1966501d0688d9567cdbc89be691 b/src/fuzz/server_no_fuzzer_mode_corpus/4c204fb176ad1966501d0688d9567cdbc89be691
new file mode 100644
index 0000000..53796e6
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/4c204fb176ad1966501d0688d9567cdbc89be691
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/4c2f75a07df986496c0124e82a0daf53ef5733ef b/src/fuzz/server_no_fuzzer_mode_corpus/4c2f75a07df986496c0124e82a0daf53ef5733ef
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/4c2f75a07df986496c0124e82a0daf53ef5733ef
rename to src/fuzz/server_no_fuzzer_mode_corpus/4c2f75a07df986496c0124e82a0daf53ef5733ef
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/4d326efc3fdfe62eb1aa6d32baa5bba49875737c b/src/fuzz/server_no_fuzzer_mode_corpus/4d326efc3fdfe62eb1aa6d32baa5bba49875737c
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/4d326efc3fdfe62eb1aa6d32baa5bba49875737c
rename to src/fuzz/server_no_fuzzer_mode_corpus/4d326efc3fdfe62eb1aa6d32baa5bba49875737c
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/4d4b32eecde94edf651c64ff66ade2a3e51ea2db b/src/fuzz/server_no_fuzzer_mode_corpus/4d4b32eecde94edf651c64ff66ade2a3e51ea2db
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/4d4b32eecde94edf651c64ff66ade2a3e51ea2db
rename to src/fuzz/server_no_fuzzer_mode_corpus/4d4b32eecde94edf651c64ff66ade2a3e51ea2db
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/4dd5ef15636fee27ab973b4235656a48fb0dbee4 b/src/fuzz/server_no_fuzzer_mode_corpus/4dd5ef15636fee27ab973b4235656a48fb0dbee4
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/4dd5ef15636fee27ab973b4235656a48fb0dbee4
rename to src/fuzz/server_no_fuzzer_mode_corpus/4dd5ef15636fee27ab973b4235656a48fb0dbee4
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/4e37ca19e3ad4c3239b7b8f14063b7357d3bee47 b/src/fuzz/server_no_fuzzer_mode_corpus/4e37ca19e3ad4c3239b7b8f14063b7357d3bee47
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/4e37ca19e3ad4c3239b7b8f14063b7357d3bee47
rename to src/fuzz/server_no_fuzzer_mode_corpus/4e37ca19e3ad4c3239b7b8f14063b7357d3bee47
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/4e8b0f090c6d4c3e7cf44bd0c0b5c5cb6f190960 b/src/fuzz/server_no_fuzzer_mode_corpus/4e8b0f090c6d4c3e7cf44bd0c0b5c5cb6f190960
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/4e8b0f090c6d4c3e7cf44bd0c0b5c5cb6f190960
rename to src/fuzz/server_no_fuzzer_mode_corpus/4e8b0f090c6d4c3e7cf44bd0c0b5c5cb6f190960
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/4eea539ee813b43f3242b7a30f5f8fd67fd4bd8d b/src/fuzz/server_no_fuzzer_mode_corpus/4eea539ee813b43f3242b7a30f5f8fd67fd4bd8d
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/4eea539ee813b43f3242b7a30f5f8fd67fd4bd8d
rename to src/fuzz/server_no_fuzzer_mode_corpus/4eea539ee813b43f3242b7a30f5f8fd67fd4bd8d
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/4f49b84d412e0fa3280cf182506aa44b42a89e29 b/src/fuzz/server_no_fuzzer_mode_corpus/4f49b84d412e0fa3280cf182506aa44b42a89e29
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/4f49b84d412e0fa3280cf182506aa44b42a89e29
rename to src/fuzz/server_no_fuzzer_mode_corpus/4f49b84d412e0fa3280cf182506aa44b42a89e29
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/51dd3eb54f8b7b8440b4f6f46c579c227012a0b2 b/src/fuzz/server_no_fuzzer_mode_corpus/51dd3eb54f8b7b8440b4f6f46c579c227012a0b2
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/51dd3eb54f8b7b8440b4f6f46c579c227012a0b2
rename to src/fuzz/server_no_fuzzer_mode_corpus/51dd3eb54f8b7b8440b4f6f46c579c227012a0b2
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5251f7fcfde5023989abd4694a23271fdd7f3f82 b/src/fuzz/server_no_fuzzer_mode_corpus/5251f7fcfde5023989abd4694a23271fdd7f3f82
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/5251f7fcfde5023989abd4694a23271fdd7f3f82
rename to src/fuzz/server_no_fuzzer_mode_corpus/5251f7fcfde5023989abd4694a23271fdd7f3f82
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5518f546d6c1e9b013e66dd0e3dc86af95bf15fa b/src/fuzz/server_no_fuzzer_mode_corpus/5518f546d6c1e9b013e66dd0e3dc86af95bf15fa
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/5518f546d6c1e9b013e66dd0e3dc86af95bf15fa
rename to src/fuzz/server_no_fuzzer_mode_corpus/5518f546d6c1e9b013e66dd0e3dc86af95bf15fa
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/55ccbe8e02901ab3e0f009d73befd2c2a59aa48b b/src/fuzz/server_no_fuzzer_mode_corpus/55ccbe8e02901ab3e0f009d73befd2c2a59aa48b
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/55ccbe8e02901ab3e0f009d73befd2c2a59aa48b
rename to src/fuzz/server_no_fuzzer_mode_corpus/55ccbe8e02901ab3e0f009d73befd2c2a59aa48b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/562d3a9f84f5304c2fe84e9cf0f522a5316ccf6c b/src/fuzz/server_no_fuzzer_mode_corpus/562d3a9f84f5304c2fe84e9cf0f522a5316ccf6c
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/562d3a9f84f5304c2fe84e9cf0f522a5316ccf6c
rename to src/fuzz/server_no_fuzzer_mode_corpus/562d3a9f84f5304c2fe84e9cf0f522a5316ccf6c
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/568bc0da595603a2412d0d182f1996f5c8af4e44 b/src/fuzz/server_no_fuzzer_mode_corpus/568bc0da595603a2412d0d182f1996f5c8af4e44
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/568bc0da595603a2412d0d182f1996f5c8af4e44
rename to src/fuzz/server_no_fuzzer_mode_corpus/568bc0da595603a2412d0d182f1996f5c8af4e44
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/56988b521baeb78522bba750bb94b5024b2e80e0 b/src/fuzz/server_no_fuzzer_mode_corpus/56988b521baeb78522bba750bb94b5024b2e80e0
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/56988b521baeb78522bba750bb94b5024b2e80e0
rename to src/fuzz/server_no_fuzzer_mode_corpus/56988b521baeb78522bba750bb94b5024b2e80e0
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/57a71e5204de5c8ef78a112b0be71bc621e0d79a b/src/fuzz/server_no_fuzzer_mode_corpus/57a71e5204de5c8ef78a112b0be71bc621e0d79a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/57a71e5204de5c8ef78a112b0be71bc621e0d79a
rename to src/fuzz/server_no_fuzzer_mode_corpus/57a71e5204de5c8ef78a112b0be71bc621e0d79a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/583154d034eac68a265654797c9dea99b6ffb8c8 b/src/fuzz/server_no_fuzzer_mode_corpus/583154d034eac68a265654797c9dea99b6ffb8c8
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/583154d034eac68a265654797c9dea99b6ffb8c8
rename to src/fuzz/server_no_fuzzer_mode_corpus/583154d034eac68a265654797c9dea99b6ffb8c8
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/595b8d5661597a065ef843bc241f46d1026a8c60 b/src/fuzz/server_no_fuzzer_mode_corpus/595b8d5661597a065ef843bc241f46d1026a8c60
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/595b8d5661597a065ef843bc241f46d1026a8c60
rename to src/fuzz/server_no_fuzzer_mode_corpus/595b8d5661597a065ef843bc241f46d1026a8c60
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/5a04e5bec40de8728cf12fd7662a8654b377003e b/src/fuzz/server_no_fuzzer_mode_corpus/5a04e5bec40de8728cf12fd7662a8654b377003e
new file mode 100644
index 0000000..b3c84a0
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/5a04e5bec40de8728cf12fd7662a8654b377003e
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/5b893cbfdd4d524e091ec66bb2e35bf477a7e5f3 b/src/fuzz/server_no_fuzzer_mode_corpus/5b893cbfdd4d524e091ec66bb2e35bf477a7e5f3
new file mode 100644
index 0000000..acc5e3f
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/5b893cbfdd4d524e091ec66bb2e35bf477a7e5f3
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5b8bdf3f7553868f91403a49bdc32e18d56540a0 b/src/fuzz/server_no_fuzzer_mode_corpus/5b8bdf3f7553868f91403a49bdc32e18d56540a0
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/5b8bdf3f7553868f91403a49bdc32e18d56540a0
rename to src/fuzz/server_no_fuzzer_mode_corpus/5b8bdf3f7553868f91403a49bdc32e18d56540a0
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/5b945b8aba17cf37de8da44246482397bb653370 b/src/fuzz/server_no_fuzzer_mode_corpus/5b945b8aba17cf37de8da44246482397bb653370
new file mode 100644
index 0000000..a70af8a
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/5b945b8aba17cf37de8da44246482397bb653370
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/5bad4f224133c1189a9f68840fc80b55d0fcec09 b/src/fuzz/server_no_fuzzer_mode_corpus/5bad4f224133c1189a9f68840fc80b55d0fcec09
new file mode 100644
index 0000000..e553a7d
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/5bad4f224133c1189a9f68840fc80b55d0fcec09
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/5bf4694cf0e2eb094a3a437b4d33e2f8d94b83c0 b/src/fuzz/server_no_fuzzer_mode_corpus/5bf4694cf0e2eb094a3a437b4d33e2f8d94b83c0
new file mode 100644
index 0000000..4bb77af
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/5bf4694cf0e2eb094a3a437b4d33e2f8d94b83c0
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5c09923b5d854ea172edd91e245737ee1da84f97 b/src/fuzz/server_no_fuzzer_mode_corpus/5c09923b5d854ea172edd91e245737ee1da84f97
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/5c09923b5d854ea172edd91e245737ee1da84f97
rename to src/fuzz/server_no_fuzzer_mode_corpus/5c09923b5d854ea172edd91e245737ee1da84f97
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5ca590cabb6eff12e445b3a46f7723636f3f383d b/src/fuzz/server_no_fuzzer_mode_corpus/5ca590cabb6eff12e445b3a46f7723636f3f383d
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/5ca590cabb6eff12e445b3a46f7723636f3f383d
rename to src/fuzz/server_no_fuzzer_mode_corpus/5ca590cabb6eff12e445b3a46f7723636f3f383d
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5cdc5e563f563076d78d1c152ecad8868e4ebb40 b/src/fuzz/server_no_fuzzer_mode_corpus/5cdc5e563f563076d78d1c152ecad8868e4ebb40
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/5cdc5e563f563076d78d1c152ecad8868e4ebb40
rename to src/fuzz/server_no_fuzzer_mode_corpus/5cdc5e563f563076d78d1c152ecad8868e4ebb40
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5cea68d5e95c3b3002eb3038ece431e32cf620b0 b/src/fuzz/server_no_fuzzer_mode_corpus/5cea68d5e95c3b3002eb3038ece431e32cf620b0
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/5cea68d5e95c3b3002eb3038ece431e32cf620b0
rename to src/fuzz/server_no_fuzzer_mode_corpus/5cea68d5e95c3b3002eb3038ece431e32cf620b0
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5d04402a860b737a6f12e8d5e86a3247f2c9444f b/src/fuzz/server_no_fuzzer_mode_corpus/5d04402a860b737a6f12e8d5e86a3247f2c9444f
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/5d04402a860b737a6f12e8d5e86a3247f2c9444f
rename to src/fuzz/server_no_fuzzer_mode_corpus/5d04402a860b737a6f12e8d5e86a3247f2c9444f
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5d6384b5248f87e4ef42af56a4ee44de9c9b80b8 b/src/fuzz/server_no_fuzzer_mode_corpus/5d6384b5248f87e4ef42af56a4ee44de9c9b80b8
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/5d6384b5248f87e4ef42af56a4ee44de9c9b80b8
rename to src/fuzz/server_no_fuzzer_mode_corpus/5d6384b5248f87e4ef42af56a4ee44de9c9b80b8
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5d6f2716b2dae48229e5f459b1d2d591c44a6d53 b/src/fuzz/server_no_fuzzer_mode_corpus/5d6f2716b2dae48229e5f459b1d2d591c44a6d53
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/5d6f2716b2dae48229e5f459b1d2d591c44a6d53
rename to src/fuzz/server_no_fuzzer_mode_corpus/5d6f2716b2dae48229e5f459b1d2d591c44a6d53
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5d8b9c2f571f945a671465f9d707532342c707d0 b/src/fuzz/server_no_fuzzer_mode_corpus/5d8b9c2f571f945a671465f9d707532342c707d0
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/5d8b9c2f571f945a671465f9d707532342c707d0
rename to src/fuzz/server_no_fuzzer_mode_corpus/5d8b9c2f571f945a671465f9d707532342c707d0
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5d9d829821ed03338ab892d38b4479dfeeee663d b/src/fuzz/server_no_fuzzer_mode_corpus/5d9d829821ed03338ab892d38b4479dfeeee663d
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/5d9d829821ed03338ab892d38b4479dfeeee663d
rename to src/fuzz/server_no_fuzzer_mode_corpus/5d9d829821ed03338ab892d38b4479dfeeee663d
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5dc9d42eb49d3223281248ac3d6d0f7ba3037dce b/src/fuzz/server_no_fuzzer_mode_corpus/5dc9d42eb49d3223281248ac3d6d0f7ba3037dce
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/5dc9d42eb49d3223281248ac3d6d0f7ba3037dce
rename to src/fuzz/server_no_fuzzer_mode_corpus/5dc9d42eb49d3223281248ac3d6d0f7ba3037dce
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5dd145b1b92c4f903e7d75b24e9b452743205e9f b/src/fuzz/server_no_fuzzer_mode_corpus/5dd145b1b92c4f903e7d75b24e9b452743205e9f
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/5dd145b1b92c4f903e7d75b24e9b452743205e9f
rename to src/fuzz/server_no_fuzzer_mode_corpus/5dd145b1b92c4f903e7d75b24e9b452743205e9f
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5e1cf62ca22f839bbc2c61e2e1bb2e7e81ed7bee b/src/fuzz/server_no_fuzzer_mode_corpus/5e1cf62ca22f839bbc2c61e2e1bb2e7e81ed7bee
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/5e1cf62ca22f839bbc2c61e2e1bb2e7e81ed7bee
rename to src/fuzz/server_no_fuzzer_mode_corpus/5e1cf62ca22f839bbc2c61e2e1bb2e7e81ed7bee
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5e57a0141d2b14d0739ac0b8a02db9da1cda661d b/src/fuzz/server_no_fuzzer_mode_corpus/5e57a0141d2b14d0739ac0b8a02db9da1cda661d
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/5e57a0141d2b14d0739ac0b8a02db9da1cda661d
rename to src/fuzz/server_no_fuzzer_mode_corpus/5e57a0141d2b14d0739ac0b8a02db9da1cda661d
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5ee0835e4c227fb2e2a9d83a4197c04bf80a34bb b/src/fuzz/server_no_fuzzer_mode_corpus/5ee0835e4c227fb2e2a9d83a4197c04bf80a34bb
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/5ee0835e4c227fb2e2a9d83a4197c04bf80a34bb
rename to src/fuzz/server_no_fuzzer_mode_corpus/5ee0835e4c227fb2e2a9d83a4197c04bf80a34bb
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5ef8b90c3ef4ffb0e87ad987f5ce573e3650e68e b/src/fuzz/server_no_fuzzer_mode_corpus/5ef8b90c3ef4ffb0e87ad987f5ce573e3650e68e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/5ef8b90c3ef4ffb0e87ad987f5ce573e3650e68e
rename to src/fuzz/server_no_fuzzer_mode_corpus/5ef8b90c3ef4ffb0e87ad987f5ce573e3650e68e
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/5f46dd35ce756a42da7e301b0f85df2e533cc422 b/src/fuzz/server_no_fuzzer_mode_corpus/5f46dd35ce756a42da7e301b0f85df2e533cc422
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/5f46dd35ce756a42da7e301b0f85df2e533cc422
rename to src/fuzz/server_no_fuzzer_mode_corpus/5f46dd35ce756a42da7e301b0f85df2e533cc422
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/6074ec8f2be2b2a160055368337aa9c88445b8cc b/src/fuzz/server_no_fuzzer_mode_corpus/6074ec8f2be2b2a160055368337aa9c88445b8cc
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/6074ec8f2be2b2a160055368337aa9c88445b8cc
rename to src/fuzz/server_no_fuzzer_mode_corpus/6074ec8f2be2b2a160055368337aa9c88445b8cc
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/6088101bb24a4f3215d8cd54ce65c98ac25b2a4a b/src/fuzz/server_no_fuzzer_mode_corpus/6088101bb24a4f3215d8cd54ce65c98ac25b2a4a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/6088101bb24a4f3215d8cd54ce65c98ac25b2a4a
rename to src/fuzz/server_no_fuzzer_mode_corpus/6088101bb24a4f3215d8cd54ce65c98ac25b2a4a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/60e32d6e31df066ecf0f393014c52b788f6810ba b/src/fuzz/server_no_fuzzer_mode_corpus/60e32d6e31df066ecf0f393014c52b788f6810ba
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/60e32d6e31df066ecf0f393014c52b788f6810ba
rename to src/fuzz/server_no_fuzzer_mode_corpus/60e32d6e31df066ecf0f393014c52b788f6810ba
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/611bff1395d37cfebe40961126bcada5aeb9a3ef b/src/fuzz/server_no_fuzzer_mode_corpus/611bff1395d37cfebe40961126bcada5aeb9a3ef
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/611bff1395d37cfebe40961126bcada5aeb9a3ef
rename to src/fuzz/server_no_fuzzer_mode_corpus/611bff1395d37cfebe40961126bcada5aeb9a3ef
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/618bdf7184839285341c130bc68eaf3f87ef03cb b/src/fuzz/server_no_fuzzer_mode_corpus/618bdf7184839285341c130bc68eaf3f87ef03cb
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/618bdf7184839285341c130bc68eaf3f87ef03cb
rename to src/fuzz/server_no_fuzzer_mode_corpus/618bdf7184839285341c130bc68eaf3f87ef03cb
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/626996d0b8bc362a6f8a538516f373eb1a771482 b/src/fuzz/server_no_fuzzer_mode_corpus/626996d0b8bc362a6f8a538516f373eb1a771482
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/626996d0b8bc362a6f8a538516f373eb1a771482
rename to src/fuzz/server_no_fuzzer_mode_corpus/626996d0b8bc362a6f8a538516f373eb1a771482
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/64a901854f4211fdc0be06215ff1bdb427e22d27 b/src/fuzz/server_no_fuzzer_mode_corpus/64a901854f4211fdc0be06215ff1bdb427e22d27
new file mode 100644
index 0000000..8f3d617
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/64a901854f4211fdc0be06215ff1bdb427e22d27
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/660d46a5e4194cd5c80bc4f5b30ca23708dc727a b/src/fuzz/server_no_fuzzer_mode_corpus/660d46a5e4194cd5c80bc4f5b30ca23708dc727a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/660d46a5e4194cd5c80bc4f5b30ca23708dc727a
rename to src/fuzz/server_no_fuzzer_mode_corpus/660d46a5e4194cd5c80bc4f5b30ca23708dc727a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/669e7413977900e1a1611c9c941989c765c4e236 b/src/fuzz/server_no_fuzzer_mode_corpus/669e7413977900e1a1611c9c941989c765c4e236
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/669e7413977900e1a1611c9c941989c765c4e236
rename to src/fuzz/server_no_fuzzer_mode_corpus/669e7413977900e1a1611c9c941989c765c4e236
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/676c8a4f39c2bef17ec5bfb80ef128c22325953b b/src/fuzz/server_no_fuzzer_mode_corpus/676c8a4f39c2bef17ec5bfb80ef128c22325953b
new file mode 100644
index 0000000..9fa4a3a
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/676c8a4f39c2bef17ec5bfb80ef128c22325953b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/67816ae7bf8c7c76cb2fcd60c2cea995f2f85c29 b/src/fuzz/server_no_fuzzer_mode_corpus/67816ae7bf8c7c76cb2fcd60c2cea995f2f85c29
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/67816ae7bf8c7c76cb2fcd60c2cea995f2f85c29
rename to src/fuzz/server_no_fuzzer_mode_corpus/67816ae7bf8c7c76cb2fcd60c2cea995f2f85c29
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/6795fbbd10b982336bc6fdf18fedd5540e1cdb5e b/src/fuzz/server_no_fuzzer_mode_corpus/6795fbbd10b982336bc6fdf18fedd5540e1cdb5e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/6795fbbd10b982336bc6fdf18fedd5540e1cdb5e
rename to src/fuzz/server_no_fuzzer_mode_corpus/6795fbbd10b982336bc6fdf18fedd5540e1cdb5e
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/67f9f9f0c5dc571443548dee3eaa43e5da943ed5 b/src/fuzz/server_no_fuzzer_mode_corpus/67f9f9f0c5dc571443548dee3eaa43e5da943ed5
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/67f9f9f0c5dc571443548dee3eaa43e5da943ed5
rename to src/fuzz/server_no_fuzzer_mode_corpus/67f9f9f0c5dc571443548dee3eaa43e5da943ed5
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/6a46272294a3c8cb305211f0e4897521f4fd0396 b/src/fuzz/server_no_fuzzer_mode_corpus/6a46272294a3c8cb305211f0e4897521f4fd0396
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/6a46272294a3c8cb305211f0e4897521f4fd0396
rename to src/fuzz/server_no_fuzzer_mode_corpus/6a46272294a3c8cb305211f0e4897521f4fd0396
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/6a5610536c842736fa7f3582504f10f3c2218ab2 b/src/fuzz/server_no_fuzzer_mode_corpus/6a5610536c842736fa7f3582504f10f3c2218ab2
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/6a5610536c842736fa7f3582504f10f3c2218ab2
rename to src/fuzz/server_no_fuzzer_mode_corpus/6a5610536c842736fa7f3582504f10f3c2218ab2
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/6adf86bf945a72fcca8ef6b7bd182703c941ec58 b/src/fuzz/server_no_fuzzer_mode_corpus/6adf86bf945a72fcca8ef6b7bd182703c941ec58
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/6adf86bf945a72fcca8ef6b7bd182703c941ec58
rename to src/fuzz/server_no_fuzzer_mode_corpus/6adf86bf945a72fcca8ef6b7bd182703c941ec58
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/6b7e5431e0a8f9d8e3db01c42bcdb7caef5579b5 b/src/fuzz/server_no_fuzzer_mode_corpus/6b7e5431e0a8f9d8e3db01c42bcdb7caef5579b5
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/6b7e5431e0a8f9d8e3db01c42bcdb7caef5579b5
rename to src/fuzz/server_no_fuzzer_mode_corpus/6b7e5431e0a8f9d8e3db01c42bcdb7caef5579b5
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/6dc59cee133378570b955b045aae46d189bfede9 b/src/fuzz/server_no_fuzzer_mode_corpus/6dc59cee133378570b955b045aae46d189bfede9
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/6dc59cee133378570b955b045aae46d189bfede9
rename to src/fuzz/server_no_fuzzer_mode_corpus/6dc59cee133378570b955b045aae46d189bfede9
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/6f72491711e69a5ede3650b189f27c8e0e51c6dc b/src/fuzz/server_no_fuzzer_mode_corpus/6f72491711e69a5ede3650b189f27c8e0e51c6dc
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/6f72491711e69a5ede3650b189f27c8e0e51c6dc
rename to src/fuzz/server_no_fuzzer_mode_corpus/6f72491711e69a5ede3650b189f27c8e0e51c6dc
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/6f89bf28647f655108d51837b98bf20821497a31 b/src/fuzz/server_no_fuzzer_mode_corpus/6f89bf28647f655108d51837b98bf20821497a31
new file mode 100644
index 0000000..16f2a13
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/6f89bf28647f655108d51837b98bf20821497a31
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/6fe2a9faf86292a05c8ef3ae87dddce4b59366b0 b/src/fuzz/server_no_fuzzer_mode_corpus/6fe2a9faf86292a05c8ef3ae87dddce4b59366b0
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/6fe2a9faf86292a05c8ef3ae87dddce4b59366b0
rename to src/fuzz/server_no_fuzzer_mode_corpus/6fe2a9faf86292a05c8ef3ae87dddce4b59366b0
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/7055ce13e1f6c1841168aa8a33655fae1c703ef3 b/src/fuzz/server_no_fuzzer_mode_corpus/7055ce13e1f6c1841168aa8a33655fae1c703ef3
new file mode 100644
index 0000000..fee91a0
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/7055ce13e1f6c1841168aa8a33655fae1c703ef3
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/707b0f1ccd8a88377f0fa0d4feb395c662a0a120 b/src/fuzz/server_no_fuzzer_mode_corpus/707b0f1ccd8a88377f0fa0d4feb395c662a0a120
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/707b0f1ccd8a88377f0fa0d4feb395c662a0a120
rename to src/fuzz/server_no_fuzzer_mode_corpus/707b0f1ccd8a88377f0fa0d4feb395c662a0a120
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/71178ffc0f7263e9825d6a6fc402fe1e37df8f9b b/src/fuzz/server_no_fuzzer_mode_corpus/71178ffc0f7263e9825d6a6fc402fe1e37df8f9b
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/71178ffc0f7263e9825d6a6fc402fe1e37df8f9b
rename to src/fuzz/server_no_fuzzer_mode_corpus/71178ffc0f7263e9825d6a6fc402fe1e37df8f9b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/718403e68916dc47ab71e8546465e3e8a0cb09c1 b/src/fuzz/server_no_fuzzer_mode_corpus/718403e68916dc47ab71e8546465e3e8a0cb09c1
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/718403e68916dc47ab71e8546465e3e8a0cb09c1
rename to src/fuzz/server_no_fuzzer_mode_corpus/718403e68916dc47ab71e8546465e3e8a0cb09c1
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/718487afa1d377f123c6756bd3251b181b0b5879 b/src/fuzz/server_no_fuzzer_mode_corpus/718487afa1d377f123c6756bd3251b181b0b5879
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/718487afa1d377f123c6756bd3251b181b0b5879
rename to src/fuzz/server_no_fuzzer_mode_corpus/718487afa1d377f123c6756bd3251b181b0b5879
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/736e50c5689e7cbb2f0b380a6748a0c7cc080dfa b/src/fuzz/server_no_fuzzer_mode_corpus/736e50c5689e7cbb2f0b380a6748a0c7cc080dfa
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/736e50c5689e7cbb2f0b380a6748a0c7cc080dfa
rename to src/fuzz/server_no_fuzzer_mode_corpus/736e50c5689e7cbb2f0b380a6748a0c7cc080dfa
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/756cae31cc203e8b73481e667ce714f794413526 b/src/fuzz/server_no_fuzzer_mode_corpus/756cae31cc203e8b73481e667ce714f794413526
new file mode 100644
index 0000000..2011b8a
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/756cae31cc203e8b73481e667ce714f794413526
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/75d0c720e59ff8e03c3b506c5e17a4845c88464b b/src/fuzz/server_no_fuzzer_mode_corpus/75d0c720e59ff8e03c3b506c5e17a4845c88464b
new file mode 100644
index 0000000..21688ed
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/75d0c720e59ff8e03c3b506c5e17a4845c88464b
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/75ebf6152695e8160a9765b8f3f23349f34bef7d b/src/fuzz/server_no_fuzzer_mode_corpus/75ebf6152695e8160a9765b8f3f23349f34bef7d
new file mode 100644
index 0000000..a2f3c3c
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/75ebf6152695e8160a9765b8f3f23349f34bef7d
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/76004034fcbe63d7e8a6a75770d437995b8237cf b/src/fuzz/server_no_fuzzer_mode_corpus/76004034fcbe63d7e8a6a75770d437995b8237cf
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/76004034fcbe63d7e8a6a75770d437995b8237cf
rename to src/fuzz/server_no_fuzzer_mode_corpus/76004034fcbe63d7e8a6a75770d437995b8237cf
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/766c3f823846075e032780a90c901b1ca9f34b33 b/src/fuzz/server_no_fuzzer_mode_corpus/766c3f823846075e032780a90c901b1ca9f34b33
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/766c3f823846075e032780a90c901b1ca9f34b33
rename to src/fuzz/server_no_fuzzer_mode_corpus/766c3f823846075e032780a90c901b1ca9f34b33
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/7805d9a0fcc60059aa961104b53631df4baded7d b/src/fuzz/server_no_fuzzer_mode_corpus/7805d9a0fcc60059aa961104b53631df4baded7d
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/7805d9a0fcc60059aa961104b53631df4baded7d
rename to src/fuzz/server_no_fuzzer_mode_corpus/7805d9a0fcc60059aa961104b53631df4baded7d
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/78453b23ede1f62b308ebf6330c999304c0fa50c b/src/fuzz/server_no_fuzzer_mode_corpus/78453b23ede1f62b308ebf6330c999304c0fa50c
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/78453b23ede1f62b308ebf6330c999304c0fa50c
rename to src/fuzz/server_no_fuzzer_mode_corpus/78453b23ede1f62b308ebf6330c999304c0fa50c
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/79c21d4627814845abb47f422f55dce52396e471 b/src/fuzz/server_no_fuzzer_mode_corpus/79c21d4627814845abb47f422f55dce52396e471
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/79c21d4627814845abb47f422f55dce52396e471
rename to src/fuzz/server_no_fuzzer_mode_corpus/79c21d4627814845abb47f422f55dce52396e471
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/7b976de73f25c7fde1bdf9a7e1b1d690c90eac8c b/src/fuzz/server_no_fuzzer_mode_corpus/7b976de73f25c7fde1bdf9a7e1b1d690c90eac8c
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/7b976de73f25c7fde1bdf9a7e1b1d690c90eac8c
rename to src/fuzz/server_no_fuzzer_mode_corpus/7b976de73f25c7fde1bdf9a7e1b1d690c90eac8c
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/7d432b7e92184ce59d40f0980b6519878076c0bf b/src/fuzz/server_no_fuzzer_mode_corpus/7d432b7e92184ce59d40f0980b6519878076c0bf
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/7d432b7e92184ce59d40f0980b6519878076c0bf
rename to src/fuzz/server_no_fuzzer_mode_corpus/7d432b7e92184ce59d40f0980b6519878076c0bf
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/7d943509937db131b9d406715007444de7dfa0e0 b/src/fuzz/server_no_fuzzer_mode_corpus/7d943509937db131b9d406715007444de7dfa0e0
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/7d943509937db131b9d406715007444de7dfa0e0
rename to src/fuzz/server_no_fuzzer_mode_corpus/7d943509937db131b9d406715007444de7dfa0e0
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/7dc5dbb29d21ff78bb6816b3abc638251aa025a8 b/src/fuzz/server_no_fuzzer_mode_corpus/7dc5dbb29d21ff78bb6816b3abc638251aa025a8
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/7dc5dbb29d21ff78bb6816b3abc638251aa025a8
rename to src/fuzz/server_no_fuzzer_mode_corpus/7dc5dbb29d21ff78bb6816b3abc638251aa025a8
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/7e717339a399dd1ab377076e6fbd3ae53bd0533b b/src/fuzz/server_no_fuzzer_mode_corpus/7e717339a399dd1ab377076e6fbd3ae53bd0533b
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/7e717339a399dd1ab377076e6fbd3ae53bd0533b
rename to src/fuzz/server_no_fuzzer_mode_corpus/7e717339a399dd1ab377076e6fbd3ae53bd0533b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/7e8ece78856f6d3d8e7dbf93dcc607615954f806 b/src/fuzz/server_no_fuzzer_mode_corpus/7e8ece78856f6d3d8e7dbf93dcc607615954f806
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/7e8ece78856f6d3d8e7dbf93dcc607615954f806
rename to src/fuzz/server_no_fuzzer_mode_corpus/7e8ece78856f6d3d8e7dbf93dcc607615954f806
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/7f6cb4c8c0aa983b6d4d92738e7725a314ccf21e b/src/fuzz/server_no_fuzzer_mode_corpus/7f6cb4c8c0aa983b6d4d92738e7725a314ccf21e
new file mode 100644
index 0000000..8a0a900
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/7f6cb4c8c0aa983b6d4d92738e7725a314ccf21e
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/7fbbd3611f4745dd11326b9aa98789fdd5317226 b/src/fuzz/server_no_fuzzer_mode_corpus/7fbbd3611f4745dd11326b9aa98789fdd5317226
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/7fbbd3611f4745dd11326b9aa98789fdd5317226
rename to src/fuzz/server_no_fuzzer_mode_corpus/7fbbd3611f4745dd11326b9aa98789fdd5317226
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/80b0fd23e419bc63185b219828876a0a799e9292 b/src/fuzz/server_no_fuzzer_mode_corpus/80b0fd23e419bc63185b219828876a0a799e9292
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/80b0fd23e419bc63185b219828876a0a799e9292
rename to src/fuzz/server_no_fuzzer_mode_corpus/80b0fd23e419bc63185b219828876a0a799e9292
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/80b62afd604052f368219c4ecf68cb13b5949e8e b/src/fuzz/server_no_fuzzer_mode_corpus/80b62afd604052f368219c4ecf68cb13b5949e8e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/80b62afd604052f368219c4ecf68cb13b5949e8e
rename to src/fuzz/server_no_fuzzer_mode_corpus/80b62afd604052f368219c4ecf68cb13b5949e8e
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/821fbdcc1dae7f2e165d8612c216cb9f87c993b9 b/src/fuzz/server_no_fuzzer_mode_corpus/821fbdcc1dae7f2e165d8612c216cb9f87c993b9
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/821fbdcc1dae7f2e165d8612c216cb9f87c993b9
rename to src/fuzz/server_no_fuzzer_mode_corpus/821fbdcc1dae7f2e165d8612c216cb9f87c993b9
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/822842ea89615192b041877e7a75fd41c2e82790 b/src/fuzz/server_no_fuzzer_mode_corpus/822842ea89615192b041877e7a75fd41c2e82790
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/822842ea89615192b041877e7a75fd41c2e82790
rename to src/fuzz/server_no_fuzzer_mode_corpus/822842ea89615192b041877e7a75fd41c2e82790
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/83127908faab278f20ab9bb6187c3a7de9141bb2 b/src/fuzz/server_no_fuzzer_mode_corpus/83127908faab278f20ab9bb6187c3a7de9141bb2
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/83127908faab278f20ab9bb6187c3a7de9141bb2
rename to src/fuzz/server_no_fuzzer_mode_corpus/83127908faab278f20ab9bb6187c3a7de9141bb2
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/83de936cbeff0cf860fdcfb2977d79e8475a47a1 b/src/fuzz/server_no_fuzzer_mode_corpus/83de936cbeff0cf860fdcfb2977d79e8475a47a1
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/83de936cbeff0cf860fdcfb2977d79e8475a47a1
rename to src/fuzz/server_no_fuzzer_mode_corpus/83de936cbeff0cf860fdcfb2977d79e8475a47a1
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/843ae2ae8e64013b78ae489cd8223e3576e73453 b/src/fuzz/server_no_fuzzer_mode_corpus/843ae2ae8e64013b78ae489cd8223e3576e73453
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/843ae2ae8e64013b78ae489cd8223e3576e73453
rename to src/fuzz/server_no_fuzzer_mode_corpus/843ae2ae8e64013b78ae489cd8223e3576e73453
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/854e7723cc5226072b5b9353200431a9cca34f1c b/src/fuzz/server_no_fuzzer_mode_corpus/854e7723cc5226072b5b9353200431a9cca34f1c
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/854e7723cc5226072b5b9353200431a9cca34f1c
rename to src/fuzz/server_no_fuzzer_mode_corpus/854e7723cc5226072b5b9353200431a9cca34f1c
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/856717f6e978ed5dc06d3e98f819becf360a0c8f b/src/fuzz/server_no_fuzzer_mode_corpus/856717f6e978ed5dc06d3e98f819becf360a0c8f
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/856717f6e978ed5dc06d3e98f819becf360a0c8f
rename to src/fuzz/server_no_fuzzer_mode_corpus/856717f6e978ed5dc06d3e98f819becf360a0c8f
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/85f12f993c076a451c8a93b4d83ca01acb2784dd b/src/fuzz/server_no_fuzzer_mode_corpus/85f12f993c076a451c8a93b4d83ca01acb2784dd
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/85f12f993c076a451c8a93b4d83ca01acb2784dd
rename to src/fuzz/server_no_fuzzer_mode_corpus/85f12f993c076a451c8a93b4d83ca01acb2784dd
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/860fa3d88cc39d5a9c008c5e451e746238ac1bdd b/src/fuzz/server_no_fuzzer_mode_corpus/860fa3d88cc39d5a9c008c5e451e746238ac1bdd
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/860fa3d88cc39d5a9c008c5e451e746238ac1bdd
rename to src/fuzz/server_no_fuzzer_mode_corpus/860fa3d88cc39d5a9c008c5e451e746238ac1bdd
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/86274c56c95f710d955eecf162f466e7ee48dde6 b/src/fuzz/server_no_fuzzer_mode_corpus/86274c56c95f710d955eecf162f466e7ee48dde6
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/86274c56c95f710d955eecf162f466e7ee48dde6
rename to src/fuzz/server_no_fuzzer_mode_corpus/86274c56c95f710d955eecf162f466e7ee48dde6
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/8721de4079859692cfb630adc2ebb1d93affdf67 b/src/fuzz/server_no_fuzzer_mode_corpus/8721de4079859692cfb630adc2ebb1d93affdf67
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/8721de4079859692cfb630adc2ebb1d93affdf67
rename to src/fuzz/server_no_fuzzer_mode_corpus/8721de4079859692cfb630adc2ebb1d93affdf67
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/877acade5135a842fa32414c9de11e39e62276bd b/src/fuzz/server_no_fuzzer_mode_corpus/877acade5135a842fa32414c9de11e39e62276bd
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/877acade5135a842fa32414c9de11e39e62276bd
rename to src/fuzz/server_no_fuzzer_mode_corpus/877acade5135a842fa32414c9de11e39e62276bd
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/879869086d669960666b14d379affcc3acedc3c7 b/src/fuzz/server_no_fuzzer_mode_corpus/879869086d669960666b14d379affcc3acedc3c7
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/879869086d669960666b14d379affcc3acedc3c7
rename to src/fuzz/server_no_fuzzer_mode_corpus/879869086d669960666b14d379affcc3acedc3c7
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/88e3c6bbe38fe2359327308f3492ac1902d35c1b b/src/fuzz/server_no_fuzzer_mode_corpus/88e3c6bbe38fe2359327308f3492ac1902d35c1b
new file mode 100644
index 0000000..cb95f91
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/88e3c6bbe38fe2359327308f3492ac1902d35c1b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/88fbadaa4011de66b7de55d7f1a5ac92f7f9ad5e b/src/fuzz/server_no_fuzzer_mode_corpus/88fbadaa4011de66b7de55d7f1a5ac92f7f9ad5e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/88fbadaa4011de66b7de55d7f1a5ac92f7f9ad5e
rename to src/fuzz/server_no_fuzzer_mode_corpus/88fbadaa4011de66b7de55d7f1a5ac92f7f9ad5e
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/8a046e8af539745b3fa115d1332db059da5228bf b/src/fuzz/server_no_fuzzer_mode_corpus/8a046e8af539745b3fa115d1332db059da5228bf
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/8a046e8af539745b3fa115d1332db059da5228bf
rename to src/fuzz/server_no_fuzzer_mode_corpus/8a046e8af539745b3fa115d1332db059da5228bf
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/8a06ce6fc9fb00b63dd1920d9d443c5ebc6f6b3d b/src/fuzz/server_no_fuzzer_mode_corpus/8a06ce6fc9fb00b63dd1920d9d443c5ebc6f6b3d
new file mode 100644
index 0000000..a7b3efc
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/8a06ce6fc9fb00b63dd1920d9d443c5ebc6f6b3d
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/8a19f558c0b396a1772c85d64fb6c6f5bd8f269e b/src/fuzz/server_no_fuzzer_mode_corpus/8a19f558c0b396a1772c85d64fb6c6f5bd8f269e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/8a19f558c0b396a1772c85d64fb6c6f5bd8f269e
rename to src/fuzz/server_no_fuzzer_mode_corpus/8a19f558c0b396a1772c85d64fb6c6f5bd8f269e
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/8a1a7fa937593cb98656fb6ea85d2619237cb0c2 b/src/fuzz/server_no_fuzzer_mode_corpus/8a1a7fa937593cb98656fb6ea85d2619237cb0c2
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/8a1a7fa937593cb98656fb6ea85d2619237cb0c2
rename to src/fuzz/server_no_fuzzer_mode_corpus/8a1a7fa937593cb98656fb6ea85d2619237cb0c2
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/8b41db3a58cfcc484be4b1eacd8cc9f1264090ab b/src/fuzz/server_no_fuzzer_mode_corpus/8b41db3a58cfcc484be4b1eacd8cc9f1264090ab
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/8b41db3a58cfcc484be4b1eacd8cc9f1264090ab
rename to src/fuzz/server_no_fuzzer_mode_corpus/8b41db3a58cfcc484be4b1eacd8cc9f1264090ab
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/8ba3ad4f520f6fbfeb1fda66fb312f92b5e52d37 b/src/fuzz/server_no_fuzzer_mode_corpus/8ba3ad4f520f6fbfeb1fda66fb312f92b5e52d37
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/8ba3ad4f520f6fbfeb1fda66fb312f92b5e52d37
rename to src/fuzz/server_no_fuzzer_mode_corpus/8ba3ad4f520f6fbfeb1fda66fb312f92b5e52d37
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/8bc2ed3ea8079724e11704db483b5fd627b2340c b/src/fuzz/server_no_fuzzer_mode_corpus/8bc2ed3ea8079724e11704db483b5fd627b2340c
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/8bc2ed3ea8079724e11704db483b5fd627b2340c
rename to src/fuzz/server_no_fuzzer_mode_corpus/8bc2ed3ea8079724e11704db483b5fd627b2340c
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/8c0a2f5793f148ca0782f2ba9c3f6633f7d99806 b/src/fuzz/server_no_fuzzer_mode_corpus/8c0a2f5793f148ca0782f2ba9c3f6633f7d99806
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/8c0a2f5793f148ca0782f2ba9c3f6633f7d99806
rename to src/fuzz/server_no_fuzzer_mode_corpus/8c0a2f5793f148ca0782f2ba9c3f6633f7d99806
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/8c79943f1258629438d0f2e7a596a53f9fa4714a b/src/fuzz/server_no_fuzzer_mode_corpus/8c79943f1258629438d0f2e7a596a53f9fa4714a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/8c79943f1258629438d0f2e7a596a53f9fa4714a
rename to src/fuzz/server_no_fuzzer_mode_corpus/8c79943f1258629438d0f2e7a596a53f9fa4714a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/8d2143c6d4bd2ce07101389222acc1f39be47f3f b/src/fuzz/server_no_fuzzer_mode_corpus/8d2143c6d4bd2ce07101389222acc1f39be47f3f
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/8d2143c6d4bd2ce07101389222acc1f39be47f3f
rename to src/fuzz/server_no_fuzzer_mode_corpus/8d2143c6d4bd2ce07101389222acc1f39be47f3f
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/8e99da49c383818a60e748d408303bed43812a12 b/src/fuzz/server_no_fuzzer_mode_corpus/8e99da49c383818a60e748d408303bed43812a12
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/8e99da49c383818a60e748d408303bed43812a12
rename to src/fuzz/server_no_fuzzer_mode_corpus/8e99da49c383818a60e748d408303bed43812a12
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/8eb4f628da35d5bdd81e927d30d1143e9a05d35b b/src/fuzz/server_no_fuzzer_mode_corpus/8eb4f628da35d5bdd81e927d30d1143e9a05d35b
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/8eb4f628da35d5bdd81e927d30d1143e9a05d35b
rename to src/fuzz/server_no_fuzzer_mode_corpus/8eb4f628da35d5bdd81e927d30d1143e9a05d35b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/9016681d920295065e90ff3cfc2d7f17bb54222d b/src/fuzz/server_no_fuzzer_mode_corpus/9016681d920295065e90ff3cfc2d7f17bb54222d
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/9016681d920295065e90ff3cfc2d7f17bb54222d
rename to src/fuzz/server_no_fuzzer_mode_corpus/9016681d920295065e90ff3cfc2d7f17bb54222d
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/9072ecf76bc288e26aa74c1ca5118a73563fe219 b/src/fuzz/server_no_fuzzer_mode_corpus/9072ecf76bc288e26aa74c1ca5118a73563fe219
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/9072ecf76bc288e26aa74c1ca5118a73563fe219
rename to src/fuzz/server_no_fuzzer_mode_corpus/9072ecf76bc288e26aa74c1ca5118a73563fe219
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/90d7ff2d7fd456c8126226f41b65a84e0a1d7d33 b/src/fuzz/server_no_fuzzer_mode_corpus/90d7ff2d7fd456c8126226f41b65a84e0a1d7d33
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/90d7ff2d7fd456c8126226f41b65a84e0a1d7d33
rename to src/fuzz/server_no_fuzzer_mode_corpus/90d7ff2d7fd456c8126226f41b65a84e0a1d7d33
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/91187d13c0deebb8ac9a3f6f8aac183e37b74ad6 b/src/fuzz/server_no_fuzzer_mode_corpus/91187d13c0deebb8ac9a3f6f8aac183e37b74ad6
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/91187d13c0deebb8ac9a3f6f8aac183e37b74ad6
rename to src/fuzz/server_no_fuzzer_mode_corpus/91187d13c0deebb8ac9a3f6f8aac183e37b74ad6
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/912c06b53d4e9fd7c1d2c97b1dcdd1a1144a5566 b/src/fuzz/server_no_fuzzer_mode_corpus/912c06b53d4e9fd7c1d2c97b1dcdd1a1144a5566
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/912c06b53d4e9fd7c1d2c97b1dcdd1a1144a5566
rename to src/fuzz/server_no_fuzzer_mode_corpus/912c06b53d4e9fd7c1d2c97b1dcdd1a1144a5566
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/91429029b2a72dd8a669720e5744413e5885613f b/src/fuzz/server_no_fuzzer_mode_corpus/91429029b2a72dd8a669720e5744413e5885613f
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/91429029b2a72dd8a669720e5744413e5885613f
rename to src/fuzz/server_no_fuzzer_mode_corpus/91429029b2a72dd8a669720e5744413e5885613f
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/920eae0f62f4e7e9315ec2c04133d6f7a9b5d94b b/src/fuzz/server_no_fuzzer_mode_corpus/920eae0f62f4e7e9315ec2c04133d6f7a9b5d94b
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/920eae0f62f4e7e9315ec2c04133d6f7a9b5d94b
rename to src/fuzz/server_no_fuzzer_mode_corpus/920eae0f62f4e7e9315ec2c04133d6f7a9b5d94b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/92dc5d17326a519fdf94b4cf940533f428dbf03b b/src/fuzz/server_no_fuzzer_mode_corpus/92dc5d17326a519fdf94b4cf940533f428dbf03b
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/92dc5d17326a519fdf94b4cf940533f428dbf03b
rename to src/fuzz/server_no_fuzzer_mode_corpus/92dc5d17326a519fdf94b4cf940533f428dbf03b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/932e116423a150bd4040058c62ae81b943e8c850 b/src/fuzz/server_no_fuzzer_mode_corpus/932e116423a150bd4040058c62ae81b943e8c850
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/932e116423a150bd4040058c62ae81b943e8c850
rename to src/fuzz/server_no_fuzzer_mode_corpus/932e116423a150bd4040058c62ae81b943e8c850
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/93414030e49fca198d8f7260e62a469f4be07376 b/src/fuzz/server_no_fuzzer_mode_corpus/93414030e49fca198d8f7260e62a469f4be07376
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/93414030e49fca198d8f7260e62a469f4be07376
rename to src/fuzz/server_no_fuzzer_mode_corpus/93414030e49fca198d8f7260e62a469f4be07376
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/93b6cf4454b478278eb8eaf0d160cebea6f8d79b b/src/fuzz/server_no_fuzzer_mode_corpus/93b6cf4454b478278eb8eaf0d160cebea6f8d79b
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/93b6cf4454b478278eb8eaf0d160cebea6f8d79b
rename to src/fuzz/server_no_fuzzer_mode_corpus/93b6cf4454b478278eb8eaf0d160cebea6f8d79b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/9471e688d7bb3e3551645a38d3bb8efa89c599a6 b/src/fuzz/server_no_fuzzer_mode_corpus/9471e688d7bb3e3551645a38d3bb8efa89c599a6
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/9471e688d7bb3e3551645a38d3bb8efa89c599a6
rename to src/fuzz/server_no_fuzzer_mode_corpus/9471e688d7bb3e3551645a38d3bb8efa89c599a6
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/9489ab5adbb97ee605d3a85762347f259076616e b/src/fuzz/server_no_fuzzer_mode_corpus/9489ab5adbb97ee605d3a85762347f259076616e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/9489ab5adbb97ee605d3a85762347f259076616e
rename to src/fuzz/server_no_fuzzer_mode_corpus/9489ab5adbb97ee605d3a85762347f259076616e
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/94e110cf70bf139a282897fb2b33ccc7fcc72752 b/src/fuzz/server_no_fuzzer_mode_corpus/94e110cf70bf139a282897fb2b33ccc7fcc72752
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/94e110cf70bf139a282897fb2b33ccc7fcc72752
rename to src/fuzz/server_no_fuzzer_mode_corpus/94e110cf70bf139a282897fb2b33ccc7fcc72752
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/94fb12e2eeef46140ca841bcfa45ffcbacc7362e b/src/fuzz/server_no_fuzzer_mode_corpus/94fb12e2eeef46140ca841bcfa45ffcbacc7362e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/94fb12e2eeef46140ca841bcfa45ffcbacc7362e
rename to src/fuzz/server_no_fuzzer_mode_corpus/94fb12e2eeef46140ca841bcfa45ffcbacc7362e
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/9642dd10833e6e823fef684f682dfe196956ca9d b/src/fuzz/server_no_fuzzer_mode_corpus/9642dd10833e6e823fef684f682dfe196956ca9d
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/9642dd10833e6e823fef684f682dfe196956ca9d
rename to src/fuzz/server_no_fuzzer_mode_corpus/9642dd10833e6e823fef684f682dfe196956ca9d
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/970fa798580d6f587d100df8d82a8a14045d04f3 b/src/fuzz/server_no_fuzzer_mode_corpus/970fa798580d6f587d100df8d82a8a14045d04f3
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/970fa798580d6f587d100df8d82a8a14045d04f3
rename to src/fuzz/server_no_fuzzer_mode_corpus/970fa798580d6f587d100df8d82a8a14045d04f3
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/97c24fc64a94260d54d427e731dd671d6ef1c87a b/src/fuzz/server_no_fuzzer_mode_corpus/97c24fc64a94260d54d427e731dd671d6ef1c87a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/97c24fc64a94260d54d427e731dd671d6ef1c87a
rename to src/fuzz/server_no_fuzzer_mode_corpus/97c24fc64a94260d54d427e731dd671d6ef1c87a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/9811a62726742b957e45b31b4ac7813b69256cde b/src/fuzz/server_no_fuzzer_mode_corpus/9811a62726742b957e45b31b4ac7813b69256cde
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/9811a62726742b957e45b31b4ac7813b69256cde
rename to src/fuzz/server_no_fuzzer_mode_corpus/9811a62726742b957e45b31b4ac7813b69256cde
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/981c0aa863e36f30c68b0e1515304e2e46fda0ae b/src/fuzz/server_no_fuzzer_mode_corpus/981c0aa863e36f30c68b0e1515304e2e46fda0ae
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/981c0aa863e36f30c68b0e1515304e2e46fda0ae
rename to src/fuzz/server_no_fuzzer_mode_corpus/981c0aa863e36f30c68b0e1515304e2e46fda0ae
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/987f62cdf4de7b4305821ca6b364e12ff6d2024e b/src/fuzz/server_no_fuzzer_mode_corpus/987f62cdf4de7b4305821ca6b364e12ff6d2024e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/987f62cdf4de7b4305821ca6b364e12ff6d2024e
rename to src/fuzz/server_no_fuzzer_mode_corpus/987f62cdf4de7b4305821ca6b364e12ff6d2024e
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/997311e3ae79c132057c98a6d166deebdab69c71 b/src/fuzz/server_no_fuzzer_mode_corpus/997311e3ae79c132057c98a6d166deebdab69c71
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/997311e3ae79c132057c98a6d166deebdab69c71
rename to src/fuzz/server_no_fuzzer_mode_corpus/997311e3ae79c132057c98a6d166deebdab69c71
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/99862d97d721139bf4510838cc6ba6f88965f35f b/src/fuzz/server_no_fuzzer_mode_corpus/99862d97d721139bf4510838cc6ba6f88965f35f
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/99862d97d721139bf4510838cc6ba6f88965f35f
rename to src/fuzz/server_no_fuzzer_mode_corpus/99862d97d721139bf4510838cc6ba6f88965f35f
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/9987df311d7c30432c4df8d14193c8f5236f58a2 b/src/fuzz/server_no_fuzzer_mode_corpus/9987df311d7c30432c4df8d14193c8f5236f58a2
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/9987df311d7c30432c4df8d14193c8f5236f58a2
rename to src/fuzz/server_no_fuzzer_mode_corpus/9987df311d7c30432c4df8d14193c8f5236f58a2
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/9a9fe018246f72cc3fd6692605e4fe534e168240 b/src/fuzz/server_no_fuzzer_mode_corpus/9a9fe018246f72cc3fd6692605e4fe534e168240
new file mode 100644
index 0000000..afae401
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/9a9fe018246f72cc3fd6692605e4fe534e168240
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/9bc3038b0a30d90868ba599f7e44417e3dec7dfb b/src/fuzz/server_no_fuzzer_mode_corpus/9bc3038b0a30d90868ba599f7e44417e3dec7dfb
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/9bc3038b0a30d90868ba599f7e44417e3dec7dfb
rename to src/fuzz/server_no_fuzzer_mode_corpus/9bc3038b0a30d90868ba599f7e44417e3dec7dfb
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/9c34981b88a050357ca2db56e4062d73caf117f0 b/src/fuzz/server_no_fuzzer_mode_corpus/9c34981b88a050357ca2db56e4062d73caf117f0
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/9c34981b88a050357ca2db56e4062d73caf117f0
rename to src/fuzz/server_no_fuzzer_mode_corpus/9c34981b88a050357ca2db56e4062d73caf117f0
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/9c5fa0fc7080a2990f85ef48ec9c2d22f6e3af60 b/src/fuzz/server_no_fuzzer_mode_corpus/9c5fa0fc7080a2990f85ef48ec9c2d22f6e3af60
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/9c5fa0fc7080a2990f85ef48ec9c2d22f6e3af60
rename to src/fuzz/server_no_fuzzer_mode_corpus/9c5fa0fc7080a2990f85ef48ec9c2d22f6e3af60
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/9c922a546a18b59d7f4cf8bc5171ba10a66cd700 b/src/fuzz/server_no_fuzzer_mode_corpus/9c922a546a18b59d7f4cf8bc5171ba10a66cd700
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/9c922a546a18b59d7f4cf8bc5171ba10a66cd700
rename to src/fuzz/server_no_fuzzer_mode_corpus/9c922a546a18b59d7f4cf8bc5171ba10a66cd700
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/9d6fa1090c493ac01361927414ac0a49535c92ee b/src/fuzz/server_no_fuzzer_mode_corpus/9d6fa1090c493ac01361927414ac0a49535c92ee
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/9d6fa1090c493ac01361927414ac0a49535c92ee
rename to src/fuzz/server_no_fuzzer_mode_corpus/9d6fa1090c493ac01361927414ac0a49535c92ee
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/9d735b723b0ed2d4d433c00b613e14c28921f0f4 b/src/fuzz/server_no_fuzzer_mode_corpus/9d735b723b0ed2d4d433c00b613e14c28921f0f4
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/9d735b723b0ed2d4d433c00b613e14c28921f0f4
rename to src/fuzz/server_no_fuzzer_mode_corpus/9d735b723b0ed2d4d433c00b613e14c28921f0f4
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/9e9c00e8f297955206b62ecd77638fd241b5da3a b/src/fuzz/server_no_fuzzer_mode_corpus/9e9c00e8f297955206b62ecd77638fd241b5da3a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/9e9c00e8f297955206b62ecd77638fd241b5da3a
rename to src/fuzz/server_no_fuzzer_mode_corpus/9e9c00e8f297955206b62ecd77638fd241b5da3a
Binary files differ
diff --git a/src/fuzz/server_corpus/9eff0be6355a0c6c70e2e4aec16a6f0e17ef5b2a b/src/fuzz/server_no_fuzzer_mode_corpus/9eff0be6355a0c6c70e2e4aec16a6f0e17ef5b2a
similarity index 100%
rename from src/fuzz/server_corpus/9eff0be6355a0c6c70e2e4aec16a6f0e17ef5b2a
rename to src/fuzz/server_no_fuzzer_mode_corpus/9eff0be6355a0c6c70e2e4aec16a6f0e17ef5b2a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/a131c62b37efa169925184ed88dc9d7c886cf590 b/src/fuzz/server_no_fuzzer_mode_corpus/a131c62b37efa169925184ed88dc9d7c886cf590
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/a131c62b37efa169925184ed88dc9d7c886cf590
rename to src/fuzz/server_no_fuzzer_mode_corpus/a131c62b37efa169925184ed88dc9d7c886cf590
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/a159c0b29640bd5e21a9b82b2c38b5173d0e1f7a b/src/fuzz/server_no_fuzzer_mode_corpus/a159c0b29640bd5e21a9b82b2c38b5173d0e1f7a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/a159c0b29640bd5e21a9b82b2c38b5173d0e1f7a
rename to src/fuzz/server_no_fuzzer_mode_corpus/a159c0b29640bd5e21a9b82b2c38b5173d0e1f7a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/a1c0be5740d5410c8b35639b2bdd033f208168a9 b/src/fuzz/server_no_fuzzer_mode_corpus/a1c0be5740d5410c8b35639b2bdd033f208168a9
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/a1c0be5740d5410c8b35639b2bdd033f208168a9
rename to src/fuzz/server_no_fuzzer_mode_corpus/a1c0be5740d5410c8b35639b2bdd033f208168a9
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/a1fbaaac6d6560a1f3c4ca79062b6ace5c67e6cd b/src/fuzz/server_no_fuzzer_mode_corpus/a1fbaaac6d6560a1f3c4ca79062b6ace5c67e6cd
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/a1fbaaac6d6560a1f3c4ca79062b6ace5c67e6cd
rename to src/fuzz/server_no_fuzzer_mode_corpus/a1fbaaac6d6560a1f3c4ca79062b6ace5c67e6cd
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/a2c824d536d09f292644d246e16c4a02b4d57786 b/src/fuzz/server_no_fuzzer_mode_corpus/a2c824d536d09f292644d246e16c4a02b4d57786
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/a2c824d536d09f292644d246e16c4a02b4d57786
rename to src/fuzz/server_no_fuzzer_mode_corpus/a2c824d536d09f292644d246e16c4a02b4d57786
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/a3808ef364037ff1ad87b1134f0730e3b0e88c22 b/src/fuzz/server_no_fuzzer_mode_corpus/a3808ef364037ff1ad87b1134f0730e3b0e88c22
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/a3808ef364037ff1ad87b1134f0730e3b0e88c22
rename to src/fuzz/server_no_fuzzer_mode_corpus/a3808ef364037ff1ad87b1134f0730e3b0e88c22
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/a4025775158a7947f004d5c14d976cbb07f15ed8 b/src/fuzz/server_no_fuzzer_mode_corpus/a4025775158a7947f004d5c14d976cbb07f15ed8
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/a4025775158a7947f004d5c14d976cbb07f15ed8
rename to src/fuzz/server_no_fuzzer_mode_corpus/a4025775158a7947f004d5c14d976cbb07f15ed8
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/a4722ffec3db2c312ac095f50b356e25bfd65728 b/src/fuzz/server_no_fuzzer_mode_corpus/a4722ffec3db2c312ac095f50b356e25bfd65728
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/a4722ffec3db2c312ac095f50b356e25bfd65728
rename to src/fuzz/server_no_fuzzer_mode_corpus/a4722ffec3db2c312ac095f50b356e25bfd65728
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/a4e9e8471ce156a8b3fbfd6b6b87c42e2f164e33 b/src/fuzz/server_no_fuzzer_mode_corpus/a4e9e8471ce156a8b3fbfd6b6b87c42e2f164e33
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/a4e9e8471ce156a8b3fbfd6b6b87c42e2f164e33
rename to src/fuzz/server_no_fuzzer_mode_corpus/a4e9e8471ce156a8b3fbfd6b6b87c42e2f164e33
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/a5470fb0945d46ab47bbb42b9df384ea7a9f741b b/src/fuzz/server_no_fuzzer_mode_corpus/a5470fb0945d46ab47bbb42b9df384ea7a9f741b
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/a5470fb0945d46ab47bbb42b9df384ea7a9f741b
rename to src/fuzz/server_no_fuzzer_mode_corpus/a5470fb0945d46ab47bbb42b9df384ea7a9f741b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/a6c3849c4b77bc0766159ccfb5c9c4f967670150 b/src/fuzz/server_no_fuzzer_mode_corpus/a6c3849c4b77bc0766159ccfb5c9c4f967670150
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/a6c3849c4b77bc0766159ccfb5c9c4f967670150
rename to src/fuzz/server_no_fuzzer_mode_corpus/a6c3849c4b77bc0766159ccfb5c9c4f967670150
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/a6e5bfddcb943a4bfa3b8824a9acdc259521bccf b/src/fuzz/server_no_fuzzer_mode_corpus/a6e5bfddcb943a4bfa3b8824a9acdc259521bccf
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/a6e5bfddcb943a4bfa3b8824a9acdc259521bccf
rename to src/fuzz/server_no_fuzzer_mode_corpus/a6e5bfddcb943a4bfa3b8824a9acdc259521bccf
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/a76e8b2f1ef5ca89e6467dbd4e3e4bd8ac7d11b7 b/src/fuzz/server_no_fuzzer_mode_corpus/a76e8b2f1ef5ca89e6467dbd4e3e4bd8ac7d11b7
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/a76e8b2f1ef5ca89e6467dbd4e3e4bd8ac7d11b7
rename to src/fuzz/server_no_fuzzer_mode_corpus/a76e8b2f1ef5ca89e6467dbd4e3e4bd8ac7d11b7
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/a79b0ea6d8a869a01aa80ae52485c0e2d004853f b/src/fuzz/server_no_fuzzer_mode_corpus/a79b0ea6d8a869a01aa80ae52485c0e2d004853f
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/a79b0ea6d8a869a01aa80ae52485c0e2d004853f
rename to src/fuzz/server_no_fuzzer_mode_corpus/a79b0ea6d8a869a01aa80ae52485c0e2d004853f
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/a8049a59d608040e0d15895c4c58b1580d384f3e b/src/fuzz/server_no_fuzzer_mode_corpus/a8049a59d608040e0d15895c4c58b1580d384f3e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/a8049a59d608040e0d15895c4c58b1580d384f3e
rename to src/fuzz/server_no_fuzzer_mode_corpus/a8049a59d608040e0d15895c4c58b1580d384f3e
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/a84eb2e5d64ab8b2277af470ce5548d8f33722f7 b/src/fuzz/server_no_fuzzer_mode_corpus/a84eb2e5d64ab8b2277af470ce5548d8f33722f7
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/a84eb2e5d64ab8b2277af470ce5548d8f33722f7
rename to src/fuzz/server_no_fuzzer_mode_corpus/a84eb2e5d64ab8b2277af470ce5548d8f33722f7
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/a884770432b51fa684eef92319cecb96be224c4c b/src/fuzz/server_no_fuzzer_mode_corpus/a884770432b51fa684eef92319cecb96be224c4c
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/a884770432b51fa684eef92319cecb96be224c4c
rename to src/fuzz/server_no_fuzzer_mode_corpus/a884770432b51fa684eef92319cecb96be224c4c
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/a92fd79c824d9d8cf151e3849da62d4feb3fcb56 b/src/fuzz/server_no_fuzzer_mode_corpus/a92fd79c824d9d8cf151e3849da62d4feb3fcb56
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/a92fd79c824d9d8cf151e3849da62d4feb3fcb56
rename to src/fuzz/server_no_fuzzer_mode_corpus/a92fd79c824d9d8cf151e3849da62d4feb3fcb56
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/a95da87ecdf14770236874bd0705cd24e19ecf7c b/src/fuzz/server_no_fuzzer_mode_corpus/a95da87ecdf14770236874bd0705cd24e19ecf7c
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/a95da87ecdf14770236874bd0705cd24e19ecf7c
rename to src/fuzz/server_no_fuzzer_mode_corpus/a95da87ecdf14770236874bd0705cd24e19ecf7c
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/aa31df42a5d6865fc19a31ddad7b5f2822ff0f5e b/src/fuzz/server_no_fuzzer_mode_corpus/aa31df42a5d6865fc19a31ddad7b5f2822ff0f5e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/aa31df42a5d6865fc19a31ddad7b5f2822ff0f5e
rename to src/fuzz/server_no_fuzzer_mode_corpus/aa31df42a5d6865fc19a31ddad7b5f2822ff0f5e
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/aa363a2f7e23c854b829b5b63d9edb43ad070510 b/src/fuzz/server_no_fuzzer_mode_corpus/aa363a2f7e23c854b829b5b63d9edb43ad070510
new file mode 100644
index 0000000..c9c454e
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/aa363a2f7e23c854b829b5b63d9edb43ad070510
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/aa3bafdc5f2dfe86fcae30c5efacc3fc2e34ce6f b/src/fuzz/server_no_fuzzer_mode_corpus/aa3bafdc5f2dfe86fcae30c5efacc3fc2e34ce6f
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/aa3bafdc5f2dfe86fcae30c5efacc3fc2e34ce6f
rename to src/fuzz/server_no_fuzzer_mode_corpus/aa3bafdc5f2dfe86fcae30c5efacc3fc2e34ce6f
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/aaee3d02c5b40e6ca1954304f60b20a07c3918b9 b/src/fuzz/server_no_fuzzer_mode_corpus/aaee3d02c5b40e6ca1954304f60b20a07c3918b9
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/aaee3d02c5b40e6ca1954304f60b20a07c3918b9
rename to src/fuzz/server_no_fuzzer_mode_corpus/aaee3d02c5b40e6ca1954304f60b20a07c3918b9
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ab6845efd4c4de05cb349cfd1d2ad5edd1bae8ad b/src/fuzz/server_no_fuzzer_mode_corpus/ab6845efd4c4de05cb349cfd1d2ad5edd1bae8ad
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ab6845efd4c4de05cb349cfd1d2ad5edd1bae8ad
rename to src/fuzz/server_no_fuzzer_mode_corpus/ab6845efd4c4de05cb349cfd1d2ad5edd1bae8ad
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/abb86edc3eec24f266067adc33248e914e2d2703 b/src/fuzz/server_no_fuzzer_mode_corpus/abb86edc3eec24f266067adc33248e914e2d2703
new file mode 100644
index 0000000..f3e775c
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/abb86edc3eec24f266067adc33248e914e2d2703
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ac91a6d718ec3af5036ed496ee7d851d3838675a b/src/fuzz/server_no_fuzzer_mode_corpus/ac91a6d718ec3af5036ed496ee7d851d3838675a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ac91a6d718ec3af5036ed496ee7d851d3838675a
rename to src/fuzz/server_no_fuzzer_mode_corpus/ac91a6d718ec3af5036ed496ee7d851d3838675a
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/acb085d551ffef796cc44723a630581b275b6584 b/src/fuzz/server_no_fuzzer_mode_corpus/acb085d551ffef796cc44723a630581b275b6584
new file mode 100644
index 0000000..76ec4b9
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/acb085d551ffef796cc44723a630581b275b6584
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/acf9c9f7d279236c0b41bcf169ff787626cb2ee9 b/src/fuzz/server_no_fuzzer_mode_corpus/acf9c9f7d279236c0b41bcf169ff787626cb2ee9
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/acf9c9f7d279236c0b41bcf169ff787626cb2ee9
rename to src/fuzz/server_no_fuzzer_mode_corpus/acf9c9f7d279236c0b41bcf169ff787626cb2ee9
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ad2ea836613b670a12f09185e17b6b79a395076d b/src/fuzz/server_no_fuzzer_mode_corpus/ad2ea836613b670a12f09185e17b6b79a395076d
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ad2ea836613b670a12f09185e17b6b79a395076d
rename to src/fuzz/server_no_fuzzer_mode_corpus/ad2ea836613b670a12f09185e17b6b79a395076d
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ae895315f4117a892c308b5aa700b4ec317703d7 b/src/fuzz/server_no_fuzzer_mode_corpus/ae895315f4117a892c308b5aa700b4ec317703d7
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ae895315f4117a892c308b5aa700b4ec317703d7
rename to src/fuzz/server_no_fuzzer_mode_corpus/ae895315f4117a892c308b5aa700b4ec317703d7
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/af3768615dac960bf89e461cfbbd87e96dd7bb64 b/src/fuzz/server_no_fuzzer_mode_corpus/af3768615dac960bf89e461cfbbd87e96dd7bb64
new file mode 100644
index 0000000..97193e9
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/af3768615dac960bf89e461cfbbd87e96dd7bb64
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/af8d9905d8361d3d52ce3b9a7ec948c317b64950 b/src/fuzz/server_no_fuzzer_mode_corpus/af8d9905d8361d3d52ce3b9a7ec948c317b64950
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/af8d9905d8361d3d52ce3b9a7ec948c317b64950
rename to src/fuzz/server_no_fuzzer_mode_corpus/af8d9905d8361d3d52ce3b9a7ec948c317b64950
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/afc79c287b8a0d903b27ed1e5784224c75b6b7f2 b/src/fuzz/server_no_fuzzer_mode_corpus/afc79c287b8a0d903b27ed1e5784224c75b6b7f2
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/afc79c287b8a0d903b27ed1e5784224c75b6b7f2
rename to src/fuzz/server_no_fuzzer_mode_corpus/afc79c287b8a0d903b27ed1e5784224c75b6b7f2
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b08dc0f49074c6bf20d9c2e259c97b3f2e67aad4 b/src/fuzz/server_no_fuzzer_mode_corpus/b08dc0f49074c6bf20d9c2e259c97b3f2e67aad4
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/b08dc0f49074c6bf20d9c2e259c97b3f2e67aad4
rename to src/fuzz/server_no_fuzzer_mode_corpus/b08dc0f49074c6bf20d9c2e259c97b3f2e67aad4
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b09d11ffd2373cbc36cfce836e7e4ceff3ac4f1a b/src/fuzz/server_no_fuzzer_mode_corpus/b09d11ffd2373cbc36cfce836e7e4ceff3ac4f1a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/b09d11ffd2373cbc36cfce836e7e4ceff3ac4f1a
rename to src/fuzz/server_no_fuzzer_mode_corpus/b09d11ffd2373cbc36cfce836e7e4ceff3ac4f1a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b11d38272bc4d0437a8eacdff7f205af3432ca71 b/src/fuzz/server_no_fuzzer_mode_corpus/b11d38272bc4d0437a8eacdff7f205af3432ca71
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/b11d38272bc4d0437a8eacdff7f205af3432ca71
rename to src/fuzz/server_no_fuzzer_mode_corpus/b11d38272bc4d0437a8eacdff7f205af3432ca71
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/b14bf9b60379f6fde0224ba7256042e113e17c12 b/src/fuzz/server_no_fuzzer_mode_corpus/b14bf9b60379f6fde0224ba7256042e113e17c12
new file mode 100644
index 0000000..209948a
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/b14bf9b60379f6fde0224ba7256042e113e17c12
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b19c2fd0d8801fec4f7cb840a2153cdf6e78901d b/src/fuzz/server_no_fuzzer_mode_corpus/b19c2fd0d8801fec4f7cb840a2153cdf6e78901d
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/b19c2fd0d8801fec4f7cb840a2153cdf6e78901d
rename to src/fuzz/server_no_fuzzer_mode_corpus/b19c2fd0d8801fec4f7cb840a2153cdf6e78901d
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b1f0922757222a821b46f1651a929f32d6d15a1d b/src/fuzz/server_no_fuzzer_mode_corpus/b1f0922757222a821b46f1651a929f32d6d15a1d
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/b1f0922757222a821b46f1651a929f32d6d15a1d
rename to src/fuzz/server_no_fuzzer_mode_corpus/b1f0922757222a821b46f1651a929f32d6d15a1d
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b29c8b64b36839d22537bd5780b1195a2d795482 b/src/fuzz/server_no_fuzzer_mode_corpus/b29c8b64b36839d22537bd5780b1195a2d795482
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/b29c8b64b36839d22537bd5780b1195a2d795482
rename to src/fuzz/server_no_fuzzer_mode_corpus/b29c8b64b36839d22537bd5780b1195a2d795482
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b2f7450588592354c260f5fc07f7ed2205d89d36 b/src/fuzz/server_no_fuzzer_mode_corpus/b2f7450588592354c260f5fc07f7ed2205d89d36
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/b2f7450588592354c260f5fc07f7ed2205d89d36
rename to src/fuzz/server_no_fuzzer_mode_corpus/b2f7450588592354c260f5fc07f7ed2205d89d36
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b376633f3ef4a2ea1007e91ca0c298b6a143f730 b/src/fuzz/server_no_fuzzer_mode_corpus/b376633f3ef4a2ea1007e91ca0c298b6a143f730
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/b376633f3ef4a2ea1007e91ca0c298b6a143f730
rename to src/fuzz/server_no_fuzzer_mode_corpus/b376633f3ef4a2ea1007e91ca0c298b6a143f730
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/b4776e4299c0668615623599cfb17e179f0c8c41 b/src/fuzz/server_no_fuzzer_mode_corpus/b4776e4299c0668615623599cfb17e179f0c8c41
new file mode 100644
index 0000000..d1b3b74
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/b4776e4299c0668615623599cfb17e179f0c8c41
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b48a9014bcef59e5b812bf107116b3469ca6e738 b/src/fuzz/server_no_fuzzer_mode_corpus/b48a9014bcef59e5b812bf107116b3469ca6e738
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/b48a9014bcef59e5b812bf107116b3469ca6e738
rename to src/fuzz/server_no_fuzzer_mode_corpus/b48a9014bcef59e5b812bf107116b3469ca6e738
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b5aca9463efda591b9415e7e68d35e82ff6e9a4f b/src/fuzz/server_no_fuzzer_mode_corpus/b5aca9463efda591b9415e7e68d35e82ff6e9a4f
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/b5aca9463efda591b9415e7e68d35e82ff6e9a4f
rename to src/fuzz/server_no_fuzzer_mode_corpus/b5aca9463efda591b9415e7e68d35e82ff6e9a4f
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b645eadfe63851bbbff943332b9164675489fdea b/src/fuzz/server_no_fuzzer_mode_corpus/b645eadfe63851bbbff943332b9164675489fdea
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/b645eadfe63851bbbff943332b9164675489fdea
rename to src/fuzz/server_no_fuzzer_mode_corpus/b645eadfe63851bbbff943332b9164675489fdea
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b659359f3cf3802af64e4eb666012e3ce7ff17bc b/src/fuzz/server_no_fuzzer_mode_corpus/b659359f3cf3802af64e4eb666012e3ce7ff17bc
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/b659359f3cf3802af64e4eb666012e3ce7ff17bc
rename to src/fuzz/server_no_fuzzer_mode_corpus/b659359f3cf3802af64e4eb666012e3ce7ff17bc
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b6d09b9ab245323fd1991b3d7cc69ef3127b3b69 b/src/fuzz/server_no_fuzzer_mode_corpus/b6d09b9ab245323fd1991b3d7cc69ef3127b3b69
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/b6d09b9ab245323fd1991b3d7cc69ef3127b3b69
rename to src/fuzz/server_no_fuzzer_mode_corpus/b6d09b9ab245323fd1991b3d7cc69ef3127b3b69
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b73a8f60a8a5ef12759bef41079da3353ead032b b/src/fuzz/server_no_fuzzer_mode_corpus/b73a8f60a8a5ef12759bef41079da3353ead032b
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/b73a8f60a8a5ef12759bef41079da3353ead032b
rename to src/fuzz/server_no_fuzzer_mode_corpus/b73a8f60a8a5ef12759bef41079da3353ead032b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b73b25c98ffd9c07a6a7452e27ec03a1a519cd47 b/src/fuzz/server_no_fuzzer_mode_corpus/b73b25c98ffd9c07a6a7452e27ec03a1a519cd47
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/b73b25c98ffd9c07a6a7452e27ec03a1a519cd47
rename to src/fuzz/server_no_fuzzer_mode_corpus/b73b25c98ffd9c07a6a7452e27ec03a1a519cd47
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b7548fce385bfb9cca56d02b2bc3d08299c3ef88 b/src/fuzz/server_no_fuzzer_mode_corpus/b7548fce385bfb9cca56d02b2bc3d08299c3ef88
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/b7548fce385bfb9cca56d02b2bc3d08299c3ef88
rename to src/fuzz/server_no_fuzzer_mode_corpus/b7548fce385bfb9cca56d02b2bc3d08299c3ef88
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/b8b5b4c31fe1515f6b0f6aae3405c9150ba8b927 b/src/fuzz/server_no_fuzzer_mode_corpus/b8b5b4c31fe1515f6b0f6aae3405c9150ba8b927
new file mode 100644
index 0000000..879d696
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/b8b5b4c31fe1515f6b0f6aae3405c9150ba8b927
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/b9b3467169abe938b54aa4844d2d50ca50c7b67a b/src/fuzz/server_no_fuzzer_mode_corpus/b9b3467169abe938b54aa4844d2d50ca50c7b67a
new file mode 100644
index 0000000..298c697
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/b9b3467169abe938b54aa4844d2d50ca50c7b67a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/b9dc258d38fef14c3ad2302abd27c6f582c3b0ba b/src/fuzz/server_no_fuzzer_mode_corpus/b9dc258d38fef14c3ad2302abd27c6f582c3b0ba
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/b9dc258d38fef14c3ad2302abd27c6f582c3b0ba
rename to src/fuzz/server_no_fuzzer_mode_corpus/b9dc258d38fef14c3ad2302abd27c6f582c3b0ba
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ba3775f513ea972e0baa17c247da85706064d873 b/src/fuzz/server_no_fuzzer_mode_corpus/ba3775f513ea972e0baa17c247da85706064d873
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ba3775f513ea972e0baa17c247da85706064d873
rename to src/fuzz/server_no_fuzzer_mode_corpus/ba3775f513ea972e0baa17c247da85706064d873
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/baa81ef9575f23fe76c884b3ec1cec00142fd3de b/src/fuzz/server_no_fuzzer_mode_corpus/baa81ef9575f23fe76c884b3ec1cec00142fd3de
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/baa81ef9575f23fe76c884b3ec1cec00142fd3de
rename to src/fuzz/server_no_fuzzer_mode_corpus/baa81ef9575f23fe76c884b3ec1cec00142fd3de
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/baf5151de4a778a04a21a2ab59d8822529f5f1aa b/src/fuzz/server_no_fuzzer_mode_corpus/baf5151de4a778a04a21a2ab59d8822529f5f1aa
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/baf5151de4a778a04a21a2ab59d8822529f5f1aa
rename to src/fuzz/server_no_fuzzer_mode_corpus/baf5151de4a778a04a21a2ab59d8822529f5f1aa
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/bb76ae9d433dd50e2d6848a4e34517cb6fa57a29 b/src/fuzz/server_no_fuzzer_mode_corpus/bb76ae9d433dd50e2d6848a4e34517cb6fa57a29
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/bb76ae9d433dd50e2d6848a4e34517cb6fa57a29
rename to src/fuzz/server_no_fuzzer_mode_corpus/bb76ae9d433dd50e2d6848a4e34517cb6fa57a29
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/bbb583fc45fc784cdb3772e038bba8fb462cfa7b b/src/fuzz/server_no_fuzzer_mode_corpus/bbb583fc45fc784cdb3772e038bba8fb462cfa7b
new file mode 100644
index 0000000..a0dd14c
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/bbb583fc45fc784cdb3772e038bba8fb462cfa7b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/bc33a1a7556a073237bb66ff9091234b0b7b6bde b/src/fuzz/server_no_fuzzer_mode_corpus/bc33a1a7556a073237bb66ff9091234b0b7b6bde
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/bc33a1a7556a073237bb66ff9091234b0b7b6bde
rename to src/fuzz/server_no_fuzzer_mode_corpus/bc33a1a7556a073237bb66ff9091234b0b7b6bde
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/bc65bf3746a64d9d8345618d8bf788f0841ce42a b/src/fuzz/server_no_fuzzer_mode_corpus/bc65bf3746a64d9d8345618d8bf788f0841ce42a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/bc65bf3746a64d9d8345618d8bf788f0841ce42a
rename to src/fuzz/server_no_fuzzer_mode_corpus/bc65bf3746a64d9d8345618d8bf788f0841ce42a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/bd37abc58cfee26c5c3f678e8f4296b2ca7e9458 b/src/fuzz/server_no_fuzzer_mode_corpus/bd37abc58cfee26c5c3f678e8f4296b2ca7e9458
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/bd37abc58cfee26c5c3f678e8f4296b2ca7e9458
rename to src/fuzz/server_no_fuzzer_mode_corpus/bd37abc58cfee26c5c3f678e8f4296b2ca7e9458
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/bd44b1a9e99f819110f901c2862527d7cb73d0d3 b/src/fuzz/server_no_fuzzer_mode_corpus/bd44b1a9e99f819110f901c2862527d7cb73d0d3
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/bd44b1a9e99f819110f901c2862527d7cb73d0d3
rename to src/fuzz/server_no_fuzzer_mode_corpus/bd44b1a9e99f819110f901c2862527d7cb73d0d3
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/be07a269336d9884734a35679b3fd12a7c83b1cd b/src/fuzz/server_no_fuzzer_mode_corpus/be07a269336d9884734a35679b3fd12a7c83b1cd
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/be07a269336d9884734a35679b3fd12a7c83b1cd
rename to src/fuzz/server_no_fuzzer_mode_corpus/be07a269336d9884734a35679b3fd12a7c83b1cd
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/be746ae50e9847503828cd685f5419e703ba08c7 b/src/fuzz/server_no_fuzzer_mode_corpus/be746ae50e9847503828cd685f5419e703ba08c7
new file mode 100644
index 0000000..2df1b0a
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/be746ae50e9847503828cd685f5419e703ba08c7
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/bec6a7bd83f7ef6e2f611427b335a8885ed1a79e b/src/fuzz/server_no_fuzzer_mode_corpus/bec6a7bd83f7ef6e2f611427b335a8885ed1a79e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/bec6a7bd83f7ef6e2f611427b335a8885ed1a79e
rename to src/fuzz/server_no_fuzzer_mode_corpus/bec6a7bd83f7ef6e2f611427b335a8885ed1a79e
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/befc181804f18716d0997986f889e25d0296173b b/src/fuzz/server_no_fuzzer_mode_corpus/befc181804f18716d0997986f889e25d0296173b
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/befc181804f18716d0997986f889e25d0296173b
rename to src/fuzz/server_no_fuzzer_mode_corpus/befc181804f18716d0997986f889e25d0296173b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/bf75767d1269f7227835e8a70e4ba5607daae8e4 b/src/fuzz/server_no_fuzzer_mode_corpus/bf75767d1269f7227835e8a70e4ba5607daae8e4
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/bf75767d1269f7227835e8a70e4ba5607daae8e4
rename to src/fuzz/server_no_fuzzer_mode_corpus/bf75767d1269f7227835e8a70e4ba5607daae8e4
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/bfdf4e74388014a68a4ef7970508afc15115fd3f b/src/fuzz/server_no_fuzzer_mode_corpus/bfdf4e74388014a68a4ef7970508afc15115fd3f
new file mode 100644
index 0000000..932a526
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/bfdf4e74388014a68a4ef7970508afc15115fd3f
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/c0e817e8bacedd33d014b949a05750bd020dbdc9 b/src/fuzz/server_no_fuzzer_mode_corpus/c0e817e8bacedd33d014b949a05750bd020dbdc9
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/c0e817e8bacedd33d014b949a05750bd020dbdc9
rename to src/fuzz/server_no_fuzzer_mode_corpus/c0e817e8bacedd33d014b949a05750bd020dbdc9
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/c115e4ea913845d3b933d40abaf730d17fdecbe8 b/src/fuzz/server_no_fuzzer_mode_corpus/c115e4ea913845d3b933d40abaf730d17fdecbe8
new file mode 100644
index 0000000..a7065da
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/c115e4ea913845d3b933d40abaf730d17fdecbe8
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/c19f831d1043ca4bbf9d68ce89b2883f840748f7 b/src/fuzz/server_no_fuzzer_mode_corpus/c19f831d1043ca4bbf9d68ce89b2883f840748f7
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/c19f831d1043ca4bbf9d68ce89b2883f840748f7
rename to src/fuzz/server_no_fuzzer_mode_corpus/c19f831d1043ca4bbf9d68ce89b2883f840748f7
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/c1c1ef9aed717efc942fb8b33049f39c7b98d938 b/src/fuzz/server_no_fuzzer_mode_corpus/c1c1ef9aed717efc942fb8b33049f39c7b98d938
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/c1c1ef9aed717efc942fb8b33049f39c7b98d938
rename to src/fuzz/server_no_fuzzer_mode_corpus/c1c1ef9aed717efc942fb8b33049f39c7b98d938
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/c1f28bebad1f86668e77d71e61d47e92afcddf51 b/src/fuzz/server_no_fuzzer_mode_corpus/c1f28bebad1f86668e77d71e61d47e92afcddf51
new file mode 100644
index 0000000..56e18ea
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/c1f28bebad1f86668e77d71e61d47e92afcddf51
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/c21cd9a0d7cb4ca1739505aba5dc1a8ebbbeb1be b/src/fuzz/server_no_fuzzer_mode_corpus/c21cd9a0d7cb4ca1739505aba5dc1a8ebbbeb1be
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/c21cd9a0d7cb4ca1739505aba5dc1a8ebbbeb1be
rename to src/fuzz/server_no_fuzzer_mode_corpus/c21cd9a0d7cb4ca1739505aba5dc1a8ebbbeb1be
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/c27abf4967e683747d82c46aa53a0e911e9f4cdf b/src/fuzz/server_no_fuzzer_mode_corpus/c27abf4967e683747d82c46aa53a0e911e9f4cdf
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/c27abf4967e683747d82c46aa53a0e911e9f4cdf
rename to src/fuzz/server_no_fuzzer_mode_corpus/c27abf4967e683747d82c46aa53a0e911e9f4cdf
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/c2cab2cd536db692b7389b5264696579792ff141 b/src/fuzz/server_no_fuzzer_mode_corpus/c2cab2cd536db692b7389b5264696579792ff141
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/c2cab2cd536db692b7389b5264696579792ff141
rename to src/fuzz/server_no_fuzzer_mode_corpus/c2cab2cd536db692b7389b5264696579792ff141
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/c2d82516b4e32beaed4a4d5069a7c3822c08db34 b/src/fuzz/server_no_fuzzer_mode_corpus/c2d82516b4e32beaed4a4d5069a7c3822c08db34
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/c2d82516b4e32beaed4a4d5069a7c3822c08db34
rename to src/fuzz/server_no_fuzzer_mode_corpus/c2d82516b4e32beaed4a4d5069a7c3822c08db34
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/c3431a06f4342fe5ad23f4b45c4ddaa59c18ad4f b/src/fuzz/server_no_fuzzer_mode_corpus/c3431a06f4342fe5ad23f4b45c4ddaa59c18ad4f
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/c3431a06f4342fe5ad23f4b45c4ddaa59c18ad4f
rename to src/fuzz/server_no_fuzzer_mode_corpus/c3431a06f4342fe5ad23f4b45c4ddaa59c18ad4f
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/c349dbdf689b7afda2cef864284a189e350372d2 b/src/fuzz/server_no_fuzzer_mode_corpus/c349dbdf689b7afda2cef864284a189e350372d2
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/c349dbdf689b7afda2cef864284a189e350372d2
rename to src/fuzz/server_no_fuzzer_mode_corpus/c349dbdf689b7afda2cef864284a189e350372d2
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/c36cb7e24270125a95ef26167b03817d1ac03ab4 b/src/fuzz/server_no_fuzzer_mode_corpus/c36cb7e24270125a95ef26167b03817d1ac03ab4
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/c36cb7e24270125a95ef26167b03817d1ac03ab4
rename to src/fuzz/server_no_fuzzer_mode_corpus/c36cb7e24270125a95ef26167b03817d1ac03ab4
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/c3ad01a4290838318265b3bb2ab427c321c80e77 b/src/fuzz/server_no_fuzzer_mode_corpus/c3ad01a4290838318265b3bb2ab427c321c80e77
new file mode 100644
index 0000000..e9e9270
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/c3ad01a4290838318265b3bb2ab427c321c80e77
Binary files differ
diff --git a/src/fuzz/server_corpus/c40f822fff3902d4f6361cb1636e2054d7e09611 b/src/fuzz/server_no_fuzzer_mode_corpus/c40f822fff3902d4f6361cb1636e2054d7e09611
similarity index 100%
rename from src/fuzz/server_corpus/c40f822fff3902d4f6361cb1636e2054d7e09611
rename to src/fuzz/server_no_fuzzer_mode_corpus/c40f822fff3902d4f6361cb1636e2054d7e09611
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/c45e7923ea5c985d8af12865cdeba48ff9876dae b/src/fuzz/server_no_fuzzer_mode_corpus/c45e7923ea5c985d8af12865cdeba48ff9876dae
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/c45e7923ea5c985d8af12865cdeba48ff9876dae
rename to src/fuzz/server_no_fuzzer_mode_corpus/c45e7923ea5c985d8af12865cdeba48ff9876dae
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/c466d73dc7e37acb845d1e233099a788eee5de73 b/src/fuzz/server_no_fuzzer_mode_corpus/c466d73dc7e37acb845d1e233099a788eee5de73
new file mode 100644
index 0000000..4e69e16
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/c466d73dc7e37acb845d1e233099a788eee5de73
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/c46ea3f769cb11459f92d47fec8a8195b7f48023 b/src/fuzz/server_no_fuzzer_mode_corpus/c46ea3f769cb11459f92d47fec8a8195b7f48023
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/c46ea3f769cb11459f92d47fec8a8195b7f48023
rename to src/fuzz/server_no_fuzzer_mode_corpus/c46ea3f769cb11459f92d47fec8a8195b7f48023
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/c4f6653a8eb82a9584a75167c788add431c72180 b/src/fuzz/server_no_fuzzer_mode_corpus/c4f6653a8eb82a9584a75167c788add431c72180
new file mode 100644
index 0000000..2aa95b1
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/c4f6653a8eb82a9584a75167c788add431c72180
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/c5a62b826b99d9a9bfdb8c256152580b350b340d b/src/fuzz/server_no_fuzzer_mode_corpus/c5a62b826b99d9a9bfdb8c256152580b350b340d
new file mode 100644
index 0000000..bf9a411
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/c5a62b826b99d9a9bfdb8c256152580b350b340d
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/c659fd53cd0aba5228a3f123dfc4931eac5ceef2 b/src/fuzz/server_no_fuzzer_mode_corpus/c659fd53cd0aba5228a3f123dfc4931eac5ceef2
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/c659fd53cd0aba5228a3f123dfc4931eac5ceef2
rename to src/fuzz/server_no_fuzzer_mode_corpus/c659fd53cd0aba5228a3f123dfc4931eac5ceef2
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/c6c48658dbe7d3aa286c31684309396127239acd b/src/fuzz/server_no_fuzzer_mode_corpus/c6c48658dbe7d3aa286c31684309396127239acd
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/c6c48658dbe7d3aa286c31684309396127239acd
rename to src/fuzz/server_no_fuzzer_mode_corpus/c6c48658dbe7d3aa286c31684309396127239acd
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/c7e8a64c99fb8bfbb300b3b2a4c488d404083223 b/src/fuzz/server_no_fuzzer_mode_corpus/c7e8a64c99fb8bfbb300b3b2a4c488d404083223
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/c7e8a64c99fb8bfbb300b3b2a4c488d404083223
rename to src/fuzz/server_no_fuzzer_mode_corpus/c7e8a64c99fb8bfbb300b3b2a4c488d404083223
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/c8bb9ed0433460f95bbfb4d1a1e8a63219e5794c b/src/fuzz/server_no_fuzzer_mode_corpus/c8bb9ed0433460f95bbfb4d1a1e8a63219e5794c
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/c8bb9ed0433460f95bbfb4d1a1e8a63219e5794c
rename to src/fuzz/server_no_fuzzer_mode_corpus/c8bb9ed0433460f95bbfb4d1a1e8a63219e5794c
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/c8e49f9f721f228a9298571601943c821141f98c b/src/fuzz/server_no_fuzzer_mode_corpus/c8e49f9f721f228a9298571601943c821141f98c
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/c8e49f9f721f228a9298571601943c821141f98c
rename to src/fuzz/server_no_fuzzer_mode_corpus/c8e49f9f721f228a9298571601943c821141f98c
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/c95f0d1eefff062578a679ac816a67aa2b3adb1b b/src/fuzz/server_no_fuzzer_mode_corpus/c95f0d1eefff062578a679ac816a67aa2b3adb1b
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/c95f0d1eefff062578a679ac816a67aa2b3adb1b
rename to src/fuzz/server_no_fuzzer_mode_corpus/c95f0d1eefff062578a679ac816a67aa2b3adb1b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ca9f8e76c8c58ec6e701745612f63e6b4648304a b/src/fuzz/server_no_fuzzer_mode_corpus/ca9f8e76c8c58ec6e701745612f63e6b4648304a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ca9f8e76c8c58ec6e701745612f63e6b4648304a
rename to src/fuzz/server_no_fuzzer_mode_corpus/ca9f8e76c8c58ec6e701745612f63e6b4648304a
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/caac485cb7b8c10526b13bfbde98bf1d0abc7fe5 b/src/fuzz/server_no_fuzzer_mode_corpus/caac485cb7b8c10526b13bfbde98bf1d0abc7fe5
new file mode 100644
index 0000000..f8efed5
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/caac485cb7b8c10526b13bfbde98bf1d0abc7fe5
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/cad39b590237acb48b7326e9cb42ffd4d5f7f63a b/src/fuzz/server_no_fuzzer_mode_corpus/cad39b590237acb48b7326e9cb42ffd4d5f7f63a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/cad39b590237acb48b7326e9cb42ffd4d5f7f63a
rename to src/fuzz/server_no_fuzzer_mode_corpus/cad39b590237acb48b7326e9cb42ffd4d5f7f63a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/cae2e0f7d7bc254a7a48a4dade13884a886b3efc b/src/fuzz/server_no_fuzzer_mode_corpus/cae2e0f7d7bc254a7a48a4dade13884a886b3efc
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/cae2e0f7d7bc254a7a48a4dade13884a886b3efc
rename to src/fuzz/server_no_fuzzer_mode_corpus/cae2e0f7d7bc254a7a48a4dade13884a886b3efc
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/cc0f546418b16ca1a34acdfc04fc5ba3daff3837 b/src/fuzz/server_no_fuzzer_mode_corpus/cc0f546418b16ca1a34acdfc04fc5ba3daff3837
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/cc0f546418b16ca1a34acdfc04fc5ba3daff3837
rename to src/fuzz/server_no_fuzzer_mode_corpus/cc0f546418b16ca1a34acdfc04fc5ba3daff3837
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/cca0e7c364566ea16f60e61378f3ad2c6d606743 b/src/fuzz/server_no_fuzzer_mode_corpus/cca0e7c364566ea16f60e61378f3ad2c6d606743
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/cca0e7c364566ea16f60e61378f3ad2c6d606743
rename to src/fuzz/server_no_fuzzer_mode_corpus/cca0e7c364566ea16f60e61378f3ad2c6d606743
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/ccfc53fa2579b5c9179127d6d151e67b48ab0a61 b/src/fuzz/server_no_fuzzer_mode_corpus/ccfc53fa2579b5c9179127d6d151e67b48ab0a61
new file mode 100644
index 0000000..ef31fca
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/ccfc53fa2579b5c9179127d6d151e67b48ab0a61
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/cd84cc6ac0083b7b62628e3bfb5dfa943f7633d6 b/src/fuzz/server_no_fuzzer_mode_corpus/cd84cc6ac0083b7b62628e3bfb5dfa943f7633d6
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/cd84cc6ac0083b7b62628e3bfb5dfa943f7633d6
rename to src/fuzz/server_no_fuzzer_mode_corpus/cd84cc6ac0083b7b62628e3bfb5dfa943f7633d6
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ce4102e7e196f7e395bbc7ee62231d482a3d25ca b/src/fuzz/server_no_fuzzer_mode_corpus/ce4102e7e196f7e395bbc7ee62231d482a3d25ca
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ce4102e7e196f7e395bbc7ee62231d482a3d25ca
rename to src/fuzz/server_no_fuzzer_mode_corpus/ce4102e7e196f7e395bbc7ee62231d482a3d25ca
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ce453e5752209c3938b132a781b652b70fb02548 b/src/fuzz/server_no_fuzzer_mode_corpus/ce453e5752209c3938b132a781b652b70fb02548
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ce453e5752209c3938b132a781b652b70fb02548
rename to src/fuzz/server_no_fuzzer_mode_corpus/ce453e5752209c3938b132a781b652b70fb02548
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ce922e8c3a49bcc46ebdb6f34c19c2914127fe94 b/src/fuzz/server_no_fuzzer_mode_corpus/ce922e8c3a49bcc46ebdb6f34c19c2914127fe94
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ce922e8c3a49bcc46ebdb6f34c19c2914127fe94
rename to src/fuzz/server_no_fuzzer_mode_corpus/ce922e8c3a49bcc46ebdb6f34c19c2914127fe94
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ce9db526fea8914002423911d3936ba49d182ecf b/src/fuzz/server_no_fuzzer_mode_corpus/ce9db526fea8914002423911d3936ba49d182ecf
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ce9db526fea8914002423911d3936ba49d182ecf
rename to src/fuzz/server_no_fuzzer_mode_corpus/ce9db526fea8914002423911d3936ba49d182ecf
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/d0b3efe8a7595f32ae87ac63d679f59542f2feeb b/src/fuzz/server_no_fuzzer_mode_corpus/d0b3efe8a7595f32ae87ac63d679f59542f2feeb
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/d0b3efe8a7595f32ae87ac63d679f59542f2feeb
rename to src/fuzz/server_no_fuzzer_mode_corpus/d0b3efe8a7595f32ae87ac63d679f59542f2feeb
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/d174b16da23fd30f9a003a64af4a0f07166acbca b/src/fuzz/server_no_fuzzer_mode_corpus/d174b16da23fd30f9a003a64af4a0f07166acbca
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/d174b16da23fd30f9a003a64af4a0f07166acbca
rename to src/fuzz/server_no_fuzzer_mode_corpus/d174b16da23fd30f9a003a64af4a0f07166acbca
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/d2c1dc8d69d60114e8e0a186ecbb4d9bcf811933 b/src/fuzz/server_no_fuzzer_mode_corpus/d2c1dc8d69d60114e8e0a186ecbb4d9bcf811933
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/d2c1dc8d69d60114e8e0a186ecbb4d9bcf811933
rename to src/fuzz/server_no_fuzzer_mode_corpus/d2c1dc8d69d60114e8e0a186ecbb4d9bcf811933
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/d2c40217ae5014d03aa83c867da14c53bc1d4a35 b/src/fuzz/server_no_fuzzer_mode_corpus/d2c40217ae5014d03aa83c867da14c53bc1d4a35
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/d2c40217ae5014d03aa83c867da14c53bc1d4a35
rename to src/fuzz/server_no_fuzzer_mode_corpus/d2c40217ae5014d03aa83c867da14c53bc1d4a35
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/d439784e7e3ef0aae959b44d909cb2c4c3a9bed3 b/src/fuzz/server_no_fuzzer_mode_corpus/d439784e7e3ef0aae959b44d909cb2c4c3a9bed3
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/d439784e7e3ef0aae959b44d909cb2c4c3a9bed3
rename to src/fuzz/server_no_fuzzer_mode_corpus/d439784e7e3ef0aae959b44d909cb2c4c3a9bed3
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/d4f1c55856461a99d65a88882925c2d8fb61cdc8 b/src/fuzz/server_no_fuzzer_mode_corpus/d4f1c55856461a99d65a88882925c2d8fb61cdc8
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/d4f1c55856461a99d65a88882925c2d8fb61cdc8
rename to src/fuzz/server_no_fuzzer_mode_corpus/d4f1c55856461a99d65a88882925c2d8fb61cdc8
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/d56e6b76f1f1196bcbdab3d1e9329398f02cbfd3 b/src/fuzz/server_no_fuzzer_mode_corpus/d56e6b76f1f1196bcbdab3d1e9329398f02cbfd3
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/d56e6b76f1f1196bcbdab3d1e9329398f02cbfd3
rename to src/fuzz/server_no_fuzzer_mode_corpus/d56e6b76f1f1196bcbdab3d1e9329398f02cbfd3
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/d7c0581e009c8e4bb05263c28081918aede18f36 b/src/fuzz/server_no_fuzzer_mode_corpus/d7c0581e009c8e4bb05263c28081918aede18f36
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/d7c0581e009c8e4bb05263c28081918aede18f36
rename to src/fuzz/server_no_fuzzer_mode_corpus/d7c0581e009c8e4bb05263c28081918aede18f36
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/d7d6ffe7ab1d18c754f71bde4d0436c50f80f80e b/src/fuzz/server_no_fuzzer_mode_corpus/d7d6ffe7ab1d18c754f71bde4d0436c50f80f80e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/d7d6ffe7ab1d18c754f71bde4d0436c50f80f80e
rename to src/fuzz/server_no_fuzzer_mode_corpus/d7d6ffe7ab1d18c754f71bde4d0436c50f80f80e
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/d7dbda60702a2b2bdefa84383fb955f92b1c0552 b/src/fuzz/server_no_fuzzer_mode_corpus/d7dbda60702a2b2bdefa84383fb955f92b1c0552
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/d7dbda60702a2b2bdefa84383fb955f92b1c0552
rename to src/fuzz/server_no_fuzzer_mode_corpus/d7dbda60702a2b2bdefa84383fb955f92b1c0552
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/d85642b9eac7fc349903a3648ac6cee7f18e9987 b/src/fuzz/server_no_fuzzer_mode_corpus/d85642b9eac7fc349903a3648ac6cee7f18e9987
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/d85642b9eac7fc349903a3648ac6cee7f18e9987
rename to src/fuzz/server_no_fuzzer_mode_corpus/d85642b9eac7fc349903a3648ac6cee7f18e9987
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/d8ca9b84d438ebb40dc29606af5658686e5e4b19 b/src/fuzz/server_no_fuzzer_mode_corpus/d8ca9b84d438ebb40dc29606af5658686e5e4b19
new file mode 100644
index 0000000..168418c
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/d8ca9b84d438ebb40dc29606af5658686e5e4b19
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/d90061e9ff6cab9f4e5a99c1a39004457b34bc7e b/src/fuzz/server_no_fuzzer_mode_corpus/d90061e9ff6cab9f4e5a99c1a39004457b34bc7e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/d90061e9ff6cab9f4e5a99c1a39004457b34bc7e
rename to src/fuzz/server_no_fuzzer_mode_corpus/d90061e9ff6cab9f4e5a99c1a39004457b34bc7e
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/da27b4c7d48c40380f200b1ae505dc3069b3346a b/src/fuzz/server_no_fuzzer_mode_corpus/da27b4c7d48c40380f200b1ae505dc3069b3346a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/da27b4c7d48c40380f200b1ae505dc3069b3346a
rename to src/fuzz/server_no_fuzzer_mode_corpus/da27b4c7d48c40380f200b1ae505dc3069b3346a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/db0364479b679e607b6bd082626bb64555a7a171 b/src/fuzz/server_no_fuzzer_mode_corpus/db0364479b679e607b6bd082626bb64555a7a171
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/db0364479b679e607b6bd082626bb64555a7a171
rename to src/fuzz/server_no_fuzzer_mode_corpus/db0364479b679e607b6bd082626bb64555a7a171
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/db5c028cb8265147379470a3240c635672eca685 b/src/fuzz/server_no_fuzzer_mode_corpus/db5c028cb8265147379470a3240c635672eca685
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/db5c028cb8265147379470a3240c635672eca685
rename to src/fuzz/server_no_fuzzer_mode_corpus/db5c028cb8265147379470a3240c635672eca685
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/dbc5cec15023e17b1e75d6aa75e76ade5fe779ca b/src/fuzz/server_no_fuzzer_mode_corpus/dbc5cec15023e17b1e75d6aa75e76ade5fe779ca
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/dbc5cec15023e17b1e75d6aa75e76ade5fe779ca
rename to src/fuzz/server_no_fuzzer_mode_corpus/dbc5cec15023e17b1e75d6aa75e76ade5fe779ca
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/dbda59a2ecb988a37bab285203f85ddf8e71f73f b/src/fuzz/server_no_fuzzer_mode_corpus/dbda59a2ecb988a37bab285203f85ddf8e71f73f
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/dbda59a2ecb988a37bab285203f85ddf8e71f73f
rename to src/fuzz/server_no_fuzzer_mode_corpus/dbda59a2ecb988a37bab285203f85ddf8e71f73f
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/dbf6a36e96e0afe83dffa0a8cc9bb179a69dc1e3 b/src/fuzz/server_no_fuzzer_mode_corpus/dbf6a36e96e0afe83dffa0a8cc9bb179a69dc1e3
new file mode 100644
index 0000000..8eff5ba
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/dbf6a36e96e0afe83dffa0a8cc9bb179a69dc1e3
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/dd27b92eed552fb3bd5c379a7ab7939d52add722 b/src/fuzz/server_no_fuzzer_mode_corpus/dd27b92eed552fb3bd5c379a7ab7939d52add722
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/dd27b92eed552fb3bd5c379a7ab7939d52add722
rename to src/fuzz/server_no_fuzzer_mode_corpus/dd27b92eed552fb3bd5c379a7ab7939d52add722
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/de5307331f1c7f97aab5f3a4f530686436661e47 b/src/fuzz/server_no_fuzzer_mode_corpus/de5307331f1c7f97aab5f3a4f530686436661e47
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/de5307331f1c7f97aab5f3a4f530686436661e47
rename to src/fuzz/server_no_fuzzer_mode_corpus/de5307331f1c7f97aab5f3a4f530686436661e47
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/df916f86637758402c0159b523cf6fa7d5e8c17f b/src/fuzz/server_no_fuzzer_mode_corpus/df916f86637758402c0159b523cf6fa7d5e8c17f
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/df916f86637758402c0159b523cf6fa7d5e8c17f
rename to src/fuzz/server_no_fuzzer_mode_corpus/df916f86637758402c0159b523cf6fa7d5e8c17f
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/dfb715d146ff04d4cf17d5860cf7b0370ae51dba b/src/fuzz/server_no_fuzzer_mode_corpus/dfb715d146ff04d4cf17d5860cf7b0370ae51dba
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/dfb715d146ff04d4cf17d5860cf7b0370ae51dba
rename to src/fuzz/server_no_fuzzer_mode_corpus/dfb715d146ff04d4cf17d5860cf7b0370ae51dba
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/e08ffba2acb6f49749a55cdd8c093d8024cd6aeb b/src/fuzz/server_no_fuzzer_mode_corpus/e08ffba2acb6f49749a55cdd8c093d8024cd6aeb
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/e08ffba2acb6f49749a55cdd8c093d8024cd6aeb
rename to src/fuzz/server_no_fuzzer_mode_corpus/e08ffba2acb6f49749a55cdd8c093d8024cd6aeb
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/e109fd0e9edf89f25f92b61af5e11d6f5d13647f b/src/fuzz/server_no_fuzzer_mode_corpus/e109fd0e9edf89f25f92b61af5e11d6f5d13647f
new file mode 100644
index 0000000..ab193df
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/e109fd0e9edf89f25f92b61af5e11d6f5d13647f
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/e19613e61a7e3dfa632b99e1b86003262ccbe3da b/src/fuzz/server_no_fuzzer_mode_corpus/e19613e61a7e3dfa632b99e1b86003262ccbe3da
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/e19613e61a7e3dfa632b99e1b86003262ccbe3da
rename to src/fuzz/server_no_fuzzer_mode_corpus/e19613e61a7e3dfa632b99e1b86003262ccbe3da
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/e1ec1a35da4ef5886739f5955a83454189a5806e b/src/fuzz/server_no_fuzzer_mode_corpus/e1ec1a35da4ef5886739f5955a83454189a5806e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/e1ec1a35da4ef5886739f5955a83454189a5806e
rename to src/fuzz/server_no_fuzzer_mode_corpus/e1ec1a35da4ef5886739f5955a83454189a5806e
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/e2740e51814a2531daae9e2a153d904644ebbf66 b/src/fuzz/server_no_fuzzer_mode_corpus/e2740e51814a2531daae9e2a153d904644ebbf66
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/e2740e51814a2531daae9e2a153d904644ebbf66
rename to src/fuzz/server_no_fuzzer_mode_corpus/e2740e51814a2531daae9e2a153d904644ebbf66
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/e27a5d318166e706e0331dd39f48a946da831da1 b/src/fuzz/server_no_fuzzer_mode_corpus/e27a5d318166e706e0331dd39f48a946da831da1
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/e27a5d318166e706e0331dd39f48a946da831da1
rename to src/fuzz/server_no_fuzzer_mode_corpus/e27a5d318166e706e0331dd39f48a946da831da1
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/e37dcb9edb9406613ab058b52109cff6e5eb7373 b/src/fuzz/server_no_fuzzer_mode_corpus/e37dcb9edb9406613ab058b52109cff6e5eb7373
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/e37dcb9edb9406613ab058b52109cff6e5eb7373
rename to src/fuzz/server_no_fuzzer_mode_corpus/e37dcb9edb9406613ab058b52109cff6e5eb7373
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/e4ca779155a2ac65415a30eee6a9a4aa1c07b35b b/src/fuzz/server_no_fuzzer_mode_corpus/e4ca779155a2ac65415a30eee6a9a4aa1c07b35b
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/e4ca779155a2ac65415a30eee6a9a4aa1c07b35b
rename to src/fuzz/server_no_fuzzer_mode_corpus/e4ca779155a2ac65415a30eee6a9a4aa1c07b35b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/e4cce0a0ca9071cf023358688fad05f18bc5e4fe b/src/fuzz/server_no_fuzzer_mode_corpus/e4cce0a0ca9071cf023358688fad05f18bc5e4fe
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/e4cce0a0ca9071cf023358688fad05f18bc5e4fe
rename to src/fuzz/server_no_fuzzer_mode_corpus/e4cce0a0ca9071cf023358688fad05f18bc5e4fe
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/e4db629559cb7b8b0036f4d1ee4c4bc947b10564 b/src/fuzz/server_no_fuzzer_mode_corpus/e4db629559cb7b8b0036f4d1ee4c4bc947b10564
new file mode 100644
index 0000000..4ad48f2
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/e4db629559cb7b8b0036f4d1ee4c4bc947b10564
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/e5aaef377b5b77a2365ae18b743cc6603a252a34 b/src/fuzz/server_no_fuzzer_mode_corpus/e5aaef377b5b77a2365ae18b743cc6603a252a34
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/e5aaef377b5b77a2365ae18b743cc6603a252a34
rename to src/fuzz/server_no_fuzzer_mode_corpus/e5aaef377b5b77a2365ae18b743cc6603a252a34
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/e5b1d6a4dbd2161a4fe4d9a7454ddbaae0aae52a b/src/fuzz/server_no_fuzzer_mode_corpus/e5b1d6a4dbd2161a4fe4d9a7454ddbaae0aae52a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/e5b1d6a4dbd2161a4fe4d9a7454ddbaae0aae52a
rename to src/fuzz/server_no_fuzzer_mode_corpus/e5b1d6a4dbd2161a4fe4d9a7454ddbaae0aae52a
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/e721d03081c16f89aabe228e2d491f10ebd7d4f0 b/src/fuzz/server_no_fuzzer_mode_corpus/e721d03081c16f89aabe228e2d491f10ebd7d4f0
new file mode 100644
index 0000000..878b88a
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/e721d03081c16f89aabe228e2d491f10ebd7d4f0
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/e7812858b0e60a4949b8e51bd2abc314f934ad44 b/src/fuzz/server_no_fuzzer_mode_corpus/e7812858b0e60a4949b8e51bd2abc314f934ad44
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/e7812858b0e60a4949b8e51bd2abc314f934ad44
rename to src/fuzz/server_no_fuzzer_mode_corpus/e7812858b0e60a4949b8e51bd2abc314f934ad44
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/e79894801828ab2c84ce83aabef5762365e9531b b/src/fuzz/server_no_fuzzer_mode_corpus/e79894801828ab2c84ce83aabef5762365e9531b
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/e79894801828ab2c84ce83aabef5762365e9531b
rename to src/fuzz/server_no_fuzzer_mode_corpus/e79894801828ab2c84ce83aabef5762365e9531b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/e7dc9378b96b825749873eb5b2ceac26f9ec4d0e b/src/fuzz/server_no_fuzzer_mode_corpus/e7dc9378b96b825749873eb5b2ceac26f9ec4d0e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/e7dc9378b96b825749873eb5b2ceac26f9ec4d0e
rename to src/fuzz/server_no_fuzzer_mode_corpus/e7dc9378b96b825749873eb5b2ceac26f9ec4d0e
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/e80074d9c02fb8bb7e38fbd3436f521fea618f7b b/src/fuzz/server_no_fuzzer_mode_corpus/e80074d9c02fb8bb7e38fbd3436f521fea618f7b
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/e80074d9c02fb8bb7e38fbd3436f521fea618f7b
rename to src/fuzz/server_no_fuzzer_mode_corpus/e80074d9c02fb8bb7e38fbd3436f521fea618f7b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/e841dee2ac5ce35147ecd19ffaca010ca2b2b0b5 b/src/fuzz/server_no_fuzzer_mode_corpus/e841dee2ac5ce35147ecd19ffaca010ca2b2b0b5
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/e841dee2ac5ce35147ecd19ffaca010ca2b2b0b5
rename to src/fuzz/server_no_fuzzer_mode_corpus/e841dee2ac5ce35147ecd19ffaca010ca2b2b0b5
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/e8592060c38e29df3b6f64e0076f46afd36e6988 b/src/fuzz/server_no_fuzzer_mode_corpus/e8592060c38e29df3b6f64e0076f46afd36e6988
new file mode 100644
index 0000000..0760d82
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/e8592060c38e29df3b6f64e0076f46afd36e6988
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/e85e807eb8b5c8c7b3264fb3cdfb3951e7079dfe b/src/fuzz/server_no_fuzzer_mode_corpus/e85e807eb8b5c8c7b3264fb3cdfb3951e7079dfe
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/e85e807eb8b5c8c7b3264fb3cdfb3951e7079dfe
rename to src/fuzz/server_no_fuzzer_mode_corpus/e85e807eb8b5c8c7b3264fb3cdfb3951e7079dfe
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/e877e2afa34c81aba949338cc8292df7c66d2e52 b/src/fuzz/server_no_fuzzer_mode_corpus/e877e2afa34c81aba949338cc8292df7c66d2e52
new file mode 100644
index 0000000..7745629
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/e877e2afa34c81aba949338cc8292df7c66d2e52
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/e886760f57e697fd4a080bc7a813ab4cc22d98de b/src/fuzz/server_no_fuzzer_mode_corpus/e886760f57e697fd4a080bc7a813ab4cc22d98de
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/e886760f57e697fd4a080bc7a813ab4cc22d98de
rename to src/fuzz/server_no_fuzzer_mode_corpus/e886760f57e697fd4a080bc7a813ab4cc22d98de
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/e958885558605789e1d5b2ebb389ea8595d8ae9f b/src/fuzz/server_no_fuzzer_mode_corpus/e958885558605789e1d5b2ebb389ea8595d8ae9f
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/e958885558605789e1d5b2ebb389ea8595d8ae9f
rename to src/fuzz/server_no_fuzzer_mode_corpus/e958885558605789e1d5b2ebb389ea8595d8ae9f
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ea2c8ae59f99ce50ae99e036782202aa990779a8 b/src/fuzz/server_no_fuzzer_mode_corpus/ea2c8ae59f99ce50ae99e036782202aa990779a8
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ea2c8ae59f99ce50ae99e036782202aa990779a8
rename to src/fuzz/server_no_fuzzer_mode_corpus/ea2c8ae59f99ce50ae99e036782202aa990779a8
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ea7f6b81047b4f8def57d225ed7890763738f2e2 b/src/fuzz/server_no_fuzzer_mode_corpus/ea7f6b81047b4f8def57d225ed7890763738f2e2
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ea7f6b81047b4f8def57d225ed7890763738f2e2
rename to src/fuzz/server_no_fuzzer_mode_corpus/ea7f6b81047b4f8def57d225ed7890763738f2e2
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ebe8291cee2dc491b8817396a8258ea9ae2381ab b/src/fuzz/server_no_fuzzer_mode_corpus/ebe8291cee2dc491b8817396a8258ea9ae2381ab
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ebe8291cee2dc491b8817396a8258ea9ae2381ab
rename to src/fuzz/server_no_fuzzer_mode_corpus/ebe8291cee2dc491b8817396a8258ea9ae2381ab
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ec59163f9e5197161e6cf27a9420f88dca993f2a b/src/fuzz/server_no_fuzzer_mode_corpus/ec59163f9e5197161e6cf27a9420f88dca993f2a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ec59163f9e5197161e6cf27a9420f88dca993f2a
rename to src/fuzz/server_no_fuzzer_mode_corpus/ec59163f9e5197161e6cf27a9420f88dca993f2a
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ec7f842055ee3eaef1836efdf1bf0684d90ffc6f b/src/fuzz/server_no_fuzzer_mode_corpus/ec7f842055ee3eaef1836efdf1bf0684d90ffc6f
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ec7f842055ee3eaef1836efdf1bf0684d90ffc6f
rename to src/fuzz/server_no_fuzzer_mode_corpus/ec7f842055ee3eaef1836efdf1bf0684d90ffc6f
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ec8c7f4b7156a184596c73c9d1c2c2a736456cb2 b/src/fuzz/server_no_fuzzer_mode_corpus/ec8c7f4b7156a184596c73c9d1c2c2a736456cb2
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ec8c7f4b7156a184596c73c9d1c2c2a736456cb2
rename to src/fuzz/server_no_fuzzer_mode_corpus/ec8c7f4b7156a184596c73c9d1c2c2a736456cb2
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/eca05ae2db4db1b8fb60240e0b50efead7507bd9 b/src/fuzz/server_no_fuzzer_mode_corpus/eca05ae2db4db1b8fb60240e0b50efead7507bd9
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/eca05ae2db4db1b8fb60240e0b50efead7507bd9
rename to src/fuzz/server_no_fuzzer_mode_corpus/eca05ae2db4db1b8fb60240e0b50efead7507bd9
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ed54e9249f4d5f4a8716a7b178c145eade55894f b/src/fuzz/server_no_fuzzer_mode_corpus/ed54e9249f4d5f4a8716a7b178c145eade55894f
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ed54e9249f4d5f4a8716a7b178c145eade55894f
rename to src/fuzz/server_no_fuzzer_mode_corpus/ed54e9249f4d5f4a8716a7b178c145eade55894f
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/edf576bc7f4600ac40b05d204344d0a49915f51c b/src/fuzz/server_no_fuzzer_mode_corpus/edf576bc7f4600ac40b05d204344d0a49915f51c
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/edf576bc7f4600ac40b05d204344d0a49915f51c
rename to src/fuzz/server_no_fuzzer_mode_corpus/edf576bc7f4600ac40b05d204344d0a49915f51c
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ee3b4d1718ff90e7869b69c4070424f913830ad8 b/src/fuzz/server_no_fuzzer_mode_corpus/ee3b4d1718ff90e7869b69c4070424f913830ad8
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ee3b4d1718ff90e7869b69c4070424f913830ad8
rename to src/fuzz/server_no_fuzzer_mode_corpus/ee3b4d1718ff90e7869b69c4070424f913830ad8
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ee6cbe2eca89f970438173aa484acc596fc53289 b/src/fuzz/server_no_fuzzer_mode_corpus/ee6cbe2eca89f970438173aa484acc596fc53289
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ee6cbe2eca89f970438173aa484acc596fc53289
rename to src/fuzz/server_no_fuzzer_mode_corpus/ee6cbe2eca89f970438173aa484acc596fc53289
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/eeac8e5b5fbba5b4afc8af69e7136a0ca3106f58 b/src/fuzz/server_no_fuzzer_mode_corpus/eeac8e5b5fbba5b4afc8af69e7136a0ca3106f58
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/eeac8e5b5fbba5b4afc8af69e7136a0ca3106f58
rename to src/fuzz/server_no_fuzzer_mode_corpus/eeac8e5b5fbba5b4afc8af69e7136a0ca3106f58
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/eec97495ec0176d661aae751faefe3e29c970bf3 b/src/fuzz/server_no_fuzzer_mode_corpus/eec97495ec0176d661aae751faefe3e29c970bf3
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/eec97495ec0176d661aae751faefe3e29c970bf3
rename to src/fuzz/server_no_fuzzer_mode_corpus/eec97495ec0176d661aae751faefe3e29c970bf3
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ef176236eeff5cd0b8dc1c607d0179083212fc78 b/src/fuzz/server_no_fuzzer_mode_corpus/ef176236eeff5cd0b8dc1c607d0179083212fc78
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ef176236eeff5cd0b8dc1c607d0179083212fc78
rename to src/fuzz/server_no_fuzzer_mode_corpus/ef176236eeff5cd0b8dc1c607d0179083212fc78
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ef534991638836fe68555475e7888aecc4573180 b/src/fuzz/server_no_fuzzer_mode_corpus/ef534991638836fe68555475e7888aecc4573180
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ef534991638836fe68555475e7888aecc4573180
rename to src/fuzz/server_no_fuzzer_mode_corpus/ef534991638836fe68555475e7888aecc4573180
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f05e70506f28f841ed940e8822dd541faf41ba82 b/src/fuzz/server_no_fuzzer_mode_corpus/f05e70506f28f841ed940e8822dd541faf41ba82
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f05e70506f28f841ed940e8822dd541faf41ba82
rename to src/fuzz/server_no_fuzzer_mode_corpus/f05e70506f28f841ed940e8822dd541faf41ba82
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/f078545c63e4592e6b69f061f178b3e2bd2539eb b/src/fuzz/server_no_fuzzer_mode_corpus/f078545c63e4592e6b69f061f178b3e2bd2539eb
new file mode 100644
index 0000000..598f0a3
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/f078545c63e4592e6b69f061f178b3e2bd2539eb
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f088ba074ccb35225983c4568512de7631285b2f b/src/fuzz/server_no_fuzzer_mode_corpus/f088ba074ccb35225983c4568512de7631285b2f
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f088ba074ccb35225983c4568512de7631285b2f
rename to src/fuzz/server_no_fuzzer_mode_corpus/f088ba074ccb35225983c4568512de7631285b2f
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/f0ca9d97efe48c3aacfba4667b9e0cbc872715c0 b/src/fuzz/server_no_fuzzer_mode_corpus/f0ca9d97efe48c3aacfba4667b9e0cbc872715c0
new file mode 100644
index 0000000..6ab6652
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/f0ca9d97efe48c3aacfba4667b9e0cbc872715c0
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f1dff08c50bc7a2fb07a23579c4d534a834c1fce b/src/fuzz/server_no_fuzzer_mode_corpus/f1dff08c50bc7a2fb07a23579c4d534a834c1fce
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f1dff08c50bc7a2fb07a23579c4d534a834c1fce
rename to src/fuzz/server_no_fuzzer_mode_corpus/f1dff08c50bc7a2fb07a23579c4d534a834c1fce
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f1e2cc634a6ba6db2c3a826f337b635ef340f17d b/src/fuzz/server_no_fuzzer_mode_corpus/f1e2cc634a6ba6db2c3a826f337b635ef340f17d
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f1e2cc634a6ba6db2c3a826f337b635ef340f17d
rename to src/fuzz/server_no_fuzzer_mode_corpus/f1e2cc634a6ba6db2c3a826f337b635ef340f17d
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f1f9319fec8b3854cebe6886a03ead6a67ad082e b/src/fuzz/server_no_fuzzer_mode_corpus/f1f9319fec8b3854cebe6886a03ead6a67ad082e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f1f9319fec8b3854cebe6886a03ead6a67ad082e
rename to src/fuzz/server_no_fuzzer_mode_corpus/f1f9319fec8b3854cebe6886a03ead6a67ad082e
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f264f07f3e1b8e20f775abc608c9cede7a963790 b/src/fuzz/server_no_fuzzer_mode_corpus/f264f07f3e1b8e20f775abc608c9cede7a963790
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f264f07f3e1b8e20f775abc608c9cede7a963790
rename to src/fuzz/server_no_fuzzer_mode_corpus/f264f07f3e1b8e20f775abc608c9cede7a963790
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f2e068164194840d77a9b833bab341a2d01f86c9 b/src/fuzz/server_no_fuzzer_mode_corpus/f2e068164194840d77a9b833bab341a2d01f86c9
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f2e068164194840d77a9b833bab341a2d01f86c9
rename to src/fuzz/server_no_fuzzer_mode_corpus/f2e068164194840d77a9b833bab341a2d01f86c9
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/f2e67d3787a62b80783c411a61244b53c13be69c b/src/fuzz/server_no_fuzzer_mode_corpus/f2e67d3787a62b80783c411a61244b53c13be69c
new file mode 100644
index 0000000..24b1d29
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/f2e67d3787a62b80783c411a61244b53c13be69c
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f3593861333a38e2a307963329186d43d1c59cd0 b/src/fuzz/server_no_fuzzer_mode_corpus/f3593861333a38e2a307963329186d43d1c59cd0
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f3593861333a38e2a307963329186d43d1c59cd0
rename to src/fuzz/server_no_fuzzer_mode_corpus/f3593861333a38e2a307963329186d43d1c59cd0
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f3825d1d3a3a6a59be01b3cdfae1a89d9ac31ad3 b/src/fuzz/server_no_fuzzer_mode_corpus/f3825d1d3a3a6a59be01b3cdfae1a89d9ac31ad3
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f3825d1d3a3a6a59be01b3cdfae1a89d9ac31ad3
rename to src/fuzz/server_no_fuzzer_mode_corpus/f3825d1d3a3a6a59be01b3cdfae1a89d9ac31ad3
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f405f617763ee694f4d2efbb6340595e5b5c7d82 b/src/fuzz/server_no_fuzzer_mode_corpus/f405f617763ee694f4d2efbb6340595e5b5c7d82
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f405f617763ee694f4d2efbb6340595e5b5c7d82
rename to src/fuzz/server_no_fuzzer_mode_corpus/f405f617763ee694f4d2efbb6340595e5b5c7d82
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f4e074ba0c8181a2b96482e29c238b7c174d0f1d b/src/fuzz/server_no_fuzzer_mode_corpus/f4e074ba0c8181a2b96482e29c238b7c174d0f1d
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f4e074ba0c8181a2b96482e29c238b7c174d0f1d
rename to src/fuzz/server_no_fuzzer_mode_corpus/f4e074ba0c8181a2b96482e29c238b7c174d0f1d
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f5703e319cf0627f5886386cd1e04192bdd4fb8b b/src/fuzz/server_no_fuzzer_mode_corpus/f5703e319cf0627f5886386cd1e04192bdd4fb8b
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f5703e319cf0627f5886386cd1e04192bdd4fb8b
rename to src/fuzz/server_no_fuzzer_mode_corpus/f5703e319cf0627f5886386cd1e04192bdd4fb8b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f618e090ad5c914a567d94a8bebd732b5d55d3fb b/src/fuzz/server_no_fuzzer_mode_corpus/f618e090ad5c914a567d94a8bebd732b5d55d3fb
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f618e090ad5c914a567d94a8bebd732b5d55d3fb
rename to src/fuzz/server_no_fuzzer_mode_corpus/f618e090ad5c914a567d94a8bebd732b5d55d3fb
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f63693f3613310448d6ba07f32262196714fddc8 b/src/fuzz/server_no_fuzzer_mode_corpus/f63693f3613310448d6ba07f32262196714fddc8
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f63693f3613310448d6ba07f32262196714fddc8
rename to src/fuzz/server_no_fuzzer_mode_corpus/f63693f3613310448d6ba07f32262196714fddc8
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f655b7a7526edddc8ed006902fcef94bc08a5df0 b/src/fuzz/server_no_fuzzer_mode_corpus/f655b7a7526edddc8ed006902fcef94bc08a5df0
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f655b7a7526edddc8ed006902fcef94bc08a5df0
rename to src/fuzz/server_no_fuzzer_mode_corpus/f655b7a7526edddc8ed006902fcef94bc08a5df0
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f7095fcae0eeea759bb71ace0d4c819f45916813 b/src/fuzz/server_no_fuzzer_mode_corpus/f7095fcae0eeea759bb71ace0d4c819f45916813
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f7095fcae0eeea759bb71ace0d4c819f45916813
rename to src/fuzz/server_no_fuzzer_mode_corpus/f7095fcae0eeea759bb71ace0d4c819f45916813
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f79e5ecfa82f228fc86b3d78cfd66f5f4a91e681 b/src/fuzz/server_no_fuzzer_mode_corpus/f79e5ecfa82f228fc86b3d78cfd66f5f4a91e681
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f79e5ecfa82f228fc86b3d78cfd66f5f4a91e681
rename to src/fuzz/server_no_fuzzer_mode_corpus/f79e5ecfa82f228fc86b3d78cfd66f5f4a91e681
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f7f18e8a4ffb813cf94a7888c2984e0d5d58b967 b/src/fuzz/server_no_fuzzer_mode_corpus/f7f18e8a4ffb813cf94a7888c2984e0d5d58b967
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f7f18e8a4ffb813cf94a7888c2984e0d5d58b967
rename to src/fuzz/server_no_fuzzer_mode_corpus/f7f18e8a4ffb813cf94a7888c2984e0d5d58b967
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f84945893aadcf4422f9f1ef47d4000ff4296892 b/src/fuzz/server_no_fuzzer_mode_corpus/f84945893aadcf4422f9f1ef47d4000ff4296892
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f84945893aadcf4422f9f1ef47d4000ff4296892
rename to src/fuzz/server_no_fuzzer_mode_corpus/f84945893aadcf4422f9f1ef47d4000ff4296892
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/f8e933a802366ba454b5449880db99d7c65dcf21 b/src/fuzz/server_no_fuzzer_mode_corpus/f8e933a802366ba454b5449880db99d7c65dcf21
new file mode 100644
index 0000000..af2f249
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/f8e933a802366ba454b5449880db99d7c65dcf21
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f91ff9b71b566f49b7f455193ece86db7380751b b/src/fuzz/server_no_fuzzer_mode_corpus/f91ff9b71b566f49b7f455193ece86db7380751b
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f91ff9b71b566f49b7f455193ece86db7380751b
rename to src/fuzz/server_no_fuzzer_mode_corpus/f91ff9b71b566f49b7f455193ece86db7380751b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f942643bf0edec936a846340f72d5b092a834063 b/src/fuzz/server_no_fuzzer_mode_corpus/f942643bf0edec936a846340f72d5b092a834063
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f942643bf0edec936a846340f72d5b092a834063
rename to src/fuzz/server_no_fuzzer_mode_corpus/f942643bf0edec936a846340f72d5b092a834063
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f98c252bfb626ddbd1f4a206220c939f14cc5249 b/src/fuzz/server_no_fuzzer_mode_corpus/f98c252bfb626ddbd1f4a206220c939f14cc5249
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f98c252bfb626ddbd1f4a206220c939f14cc5249
rename to src/fuzz/server_no_fuzzer_mode_corpus/f98c252bfb626ddbd1f4a206220c939f14cc5249
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/f9d2656776aa01522491e1bdf5cd8851ad15b39b b/src/fuzz/server_no_fuzzer_mode_corpus/f9d2656776aa01522491e1bdf5cd8851ad15b39b
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/f9d2656776aa01522491e1bdf5cd8851ad15b39b
rename to src/fuzz/server_no_fuzzer_mode_corpus/f9d2656776aa01522491e1bdf5cd8851ad15b39b
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/fa75e552f36ba9824e6fad71274b384bd4800da5 b/src/fuzz/server_no_fuzzer_mode_corpus/fa75e552f36ba9824e6fad71274b384bd4800da5
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/fa75e552f36ba9824e6fad71274b384bd4800da5
rename to src/fuzz/server_no_fuzzer_mode_corpus/fa75e552f36ba9824e6fad71274b384bd4800da5
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/faff846f97bed687cc0a19fda11f6e6a6e7a1a01 b/src/fuzz/server_no_fuzzer_mode_corpus/faff846f97bed687cc0a19fda11f6e6a6e7a1a01
new file mode 100644
index 0000000..302f46b
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/faff846f97bed687cc0a19fda11f6e6a6e7a1a01
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/fbe8018dbcea38eabdaa9a74b5de86b74ea121bb b/src/fuzz/server_no_fuzzer_mode_corpus/fbe8018dbcea38eabdaa9a74b5de86b74ea121bb
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/fbe8018dbcea38eabdaa9a74b5de86b74ea121bb
rename to src/fuzz/server_no_fuzzer_mode_corpus/fbe8018dbcea38eabdaa9a74b5de86b74ea121bb
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/fc06fe23281bee455c11b39ef4c4bad0c3363367 b/src/fuzz/server_no_fuzzer_mode_corpus/fc06fe23281bee455c11b39ef4c4bad0c3363367
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/fc06fe23281bee455c11b39ef4c4bad0c3363367
rename to src/fuzz/server_no_fuzzer_mode_corpus/fc06fe23281bee455c11b39ef4c4bad0c3363367
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/fc84fd6e18c99133de1b445215c42b46f1a93788 b/src/fuzz/server_no_fuzzer_mode_corpus/fc84fd6e18c99133de1b445215c42b46f1a93788
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/fc84fd6e18c99133de1b445215c42b46f1a93788
rename to src/fuzz/server_no_fuzzer_mode_corpus/fc84fd6e18c99133de1b445215c42b46f1a93788
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/fe63cd927616d11e5210d3e180d699ff8a1d594a b/src/fuzz/server_no_fuzzer_mode_corpus/fe63cd927616d11e5210d3e180d699ff8a1d594a
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/fe63cd927616d11e5210d3e180d699ff8a1d594a
rename to src/fuzz/server_no_fuzzer_mode_corpus/fe63cd927616d11e5210d3e180d699ff8a1d594a
Binary files differ
diff --git a/src/fuzz/server_no_fuzzer_mode_corpus/feeed70cfd0107aed1b812fe78d9d011fcb36d8c b/src/fuzz/server_no_fuzzer_mode_corpus/feeed70cfd0107aed1b812fe78d9d011fcb36d8c
new file mode 100644
index 0000000..adacd89
--- /dev/null
+++ b/src/fuzz/server_no_fuzzer_mode_corpus/feeed70cfd0107aed1b812fe78d9d011fcb36d8c
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ff75d2c084faf0b7c9d39eb304d7ad32dbb4026e b/src/fuzz/server_no_fuzzer_mode_corpus/ff75d2c084faf0b7c9d39eb304d7ad32dbb4026e
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ff75d2c084faf0b7c9d39eb304d7ad32dbb4026e
rename to src/fuzz/server_no_fuzzer_mode_corpus/ff75d2c084faf0b7c9d39eb304d7ad32dbb4026e
Binary files differ
diff --git a/src/fuzz/server_corpus_no_fuzzer_mode/ffa80e2c9aee0b05dfa2ce0c2111862b8d34badc b/src/fuzz/server_no_fuzzer_mode_corpus/ffa80e2c9aee0b05dfa2ce0c2111862b8d34badc
similarity index 100%
rename from src/fuzz/server_corpus_no_fuzzer_mode/ffa80e2c9aee0b05dfa2ce0c2111862b8d34badc
rename to src/fuzz/server_no_fuzzer_mode_corpus/ffa80e2c9aee0b05dfa2ce0c2111862b8d34badc
Binary files differ
diff --git a/src/fuzz/ssl_ctx_api.cc b/src/fuzz/ssl_ctx_api.cc
index 24f4e9f..ca74b05 100644
--- a/src/fuzz/ssl_ctx_api.cc
+++ b/src/fuzz/ssl_ctx_api.cc
@@ -237,8 +237,10 @@
template <typename T>
static bool GetVector(std::vector<T> *out, CBS *cbs) {
- static_assert(std::is_pod<T>::value,
- "GetVector may only be called on POD types");
+ static_assert(
+ std::is_standard_layout<T>::value && std::is_trivially_copyable<T>::value,
+ "GetVector may only be called on standard layout, trivially copyable "
+ "types");
CBS child;
if (!CBS_get_u8_length_prefixed(cbs, &child)) {
diff --git a/src/gen/bcm/aes-gcm-avx10-x86_64-apple.S b/src/gen/bcm/aes-gcm-avx10-x86_64-apple.S
deleted file mode 100644
index be66605..0000000
--- a/src/gen/bcm/aes-gcm-avx10-x86_64-apple.S
+++ /dev/null
@@ -1,1250 +0,0 @@
-// This file is generated from a similarly-named Perl script in the BoringSSL
-// source tree. Do not edit by hand.
-
-#include <openssl/asm_base.h>
-
-#if !defined(OPENSSL_NO_ASM) && defined(OPENSSL_X86_64) && defined(__APPLE__)
-.section __DATA,__const
-.p2align 6
-
-
-L$bswap_mask:
-.quad 0x08090a0b0c0d0e0f, 0x0001020304050607
-
-
-
-
-
-
-
-
-L$gfpoly:
-.quad 1, 0xc200000000000000
-
-
-L$gfpoly_and_internal_carrybit:
-.quad 1, 0xc200000000000001
-
-
-
-
-
-L$ctr_pattern:
-.quad 0, 0
-.quad 1, 0
-L$inc_2blocks:
-.quad 2, 0
-.quad 3, 0
-L$inc_4blocks:
-.quad 4, 0
-
-.text
-.globl _gcm_gmult_vpclmulqdq_avx10
-.private_extern _gcm_gmult_vpclmulqdq_avx10
-
-.p2align 5
-_gcm_gmult_vpclmulqdq_avx10:
-
-
-_CET_ENDBR
-
-
-
- vmovdqu (%rdi),%xmm0
- vmovdqu L$bswap_mask(%rip),%xmm1
- vmovdqu 256-16(%rsi),%xmm2
- vmovdqu L$gfpoly(%rip),%xmm3
- vpshufb %xmm1,%xmm0,%xmm0
-
- vpclmulqdq $0x00,%xmm2,%xmm0,%xmm4
- vpclmulqdq $0x01,%xmm2,%xmm0,%xmm5
- vpclmulqdq $0x10,%xmm2,%xmm0,%xmm6
- vpxord %xmm6,%xmm5,%xmm5
- vpclmulqdq $0x01,%xmm4,%xmm3,%xmm6
- vpshufd $0x4e,%xmm4,%xmm4
- vpternlogd $0x96,%xmm6,%xmm4,%xmm5
- vpclmulqdq $0x11,%xmm2,%xmm0,%xmm0
- vpclmulqdq $0x01,%xmm5,%xmm3,%xmm4
- vpshufd $0x4e,%xmm5,%xmm5
- vpternlogd $0x96,%xmm4,%xmm5,%xmm0
-
-
- vpshufb %xmm1,%xmm0,%xmm0
- vmovdqu %xmm0,(%rdi)
- ret
-
-
-
-.globl _gcm_init_vpclmulqdq_avx10_512
-.private_extern _gcm_init_vpclmulqdq_avx10_512
-
-.p2align 5
-_gcm_init_vpclmulqdq_avx10_512:
-
-
-_CET_ENDBR
-
- leaq 256-64(%rdi),%r8
-
-
-
- vpshufd $0x4e,(%rsi),%xmm3
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- vpshufd $0xd3,%xmm3,%xmm0
- vpsrad $31,%xmm0,%xmm0
- vpaddq %xmm3,%xmm3,%xmm3
-
- vpternlogd $0x78,L$gfpoly_and_internal_carrybit(%rip),%xmm0,%xmm3
-
-
- vbroadcasti32x4 L$gfpoly(%rip),%zmm5
-
-
-
-
-
-
-
-
- vpclmulqdq $0x00,%xmm3,%xmm3,%xmm0
- vpclmulqdq $0x01,%xmm3,%xmm3,%xmm1
- vpclmulqdq $0x10,%xmm3,%xmm3,%xmm2
- vpxord %xmm2,%xmm1,%xmm1
- vpclmulqdq $0x01,%xmm0,%xmm5,%xmm2
- vpshufd $0x4e,%xmm0,%xmm0
- vpternlogd $0x96,%xmm2,%xmm0,%xmm1
- vpclmulqdq $0x11,%xmm3,%xmm3,%xmm4
- vpclmulqdq $0x01,%xmm1,%xmm5,%xmm0
- vpshufd $0x4e,%xmm1,%xmm1
- vpternlogd $0x96,%xmm0,%xmm1,%xmm4
-
-
-
- vinserti128 $1,%xmm3,%ymm4,%ymm3
- vinserti128 $1,%xmm4,%ymm4,%ymm4
- vpclmulqdq $0x00,%ymm4,%ymm3,%ymm0
- vpclmulqdq $0x01,%ymm4,%ymm3,%ymm1
- vpclmulqdq $0x10,%ymm4,%ymm3,%ymm2
- vpxord %ymm2,%ymm1,%ymm1
- vpclmulqdq $0x01,%ymm0,%ymm5,%ymm2
- vpshufd $0x4e,%ymm0,%ymm0
- vpternlogd $0x96,%ymm2,%ymm0,%ymm1
- vpclmulqdq $0x11,%ymm4,%ymm3,%ymm4
- vpclmulqdq $0x01,%ymm1,%ymm5,%ymm0
- vpshufd $0x4e,%ymm1,%ymm1
- vpternlogd $0x96,%ymm0,%ymm1,%ymm4
-
- vinserti64x4 $1,%ymm3,%zmm4,%zmm3
- vshufi64x2 $0,%zmm4,%zmm4,%zmm4
-
- vmovdqu8 %zmm3,(%r8)
-
-
-
-
-
- movl $3,%eax
-L$precompute_next__func1:
- subq $64,%r8
- vpclmulqdq $0x00,%zmm4,%zmm3,%zmm0
- vpclmulqdq $0x01,%zmm4,%zmm3,%zmm1
- vpclmulqdq $0x10,%zmm4,%zmm3,%zmm2
- vpxord %zmm2,%zmm1,%zmm1
- vpclmulqdq $0x01,%zmm0,%zmm5,%zmm2
- vpshufd $0x4e,%zmm0,%zmm0
- vpternlogd $0x96,%zmm2,%zmm0,%zmm1
- vpclmulqdq $0x11,%zmm4,%zmm3,%zmm3
- vpclmulqdq $0x01,%zmm1,%zmm5,%zmm0
- vpshufd $0x4e,%zmm1,%zmm1
- vpternlogd $0x96,%zmm0,%zmm1,%zmm3
-
- vmovdqu8 %zmm3,(%r8)
- decl %eax
- jnz L$precompute_next__func1
-
- vzeroupper
- ret
-
-
-
-.globl _gcm_ghash_vpclmulqdq_avx10_512
-.private_extern _gcm_ghash_vpclmulqdq_avx10_512
-
-.p2align 5
-_gcm_ghash_vpclmulqdq_avx10_512:
-
-
-_CET_ENDBR
-
-
-
-
-
-
- vmovdqu L$bswap_mask(%rip),%xmm4
- vmovdqu L$gfpoly(%rip),%xmm10
-
-
- vmovdqu (%rdi),%xmm5
- vpshufb %xmm4,%xmm5,%xmm5
-
-
- cmpq $64,%rcx
- jb L$aad_blockbyblock__func1
-
-
-
- vshufi64x2 $0,%zmm4,%zmm4,%zmm4
- vshufi64x2 $0,%zmm10,%zmm10,%zmm10
-
-
- vmovdqu8 256-64(%rsi),%zmm9
-
- cmpq $256-1,%rcx
- jbe L$aad_loop_1x__func1
-
-
- vmovdqu8 256-256(%rsi),%zmm6
- vmovdqu8 256-192(%rsi),%zmm7
- vmovdqu8 256-128(%rsi),%zmm8
-
-
-L$aad_loop_4x__func1:
- vmovdqu8 0(%rdx),%zmm0
- vmovdqu8 64(%rdx),%zmm1
- vmovdqu8 128(%rdx),%zmm2
- vmovdqu8 192(%rdx),%zmm3
- vpshufb %zmm4,%zmm0,%zmm0
- vpxord %zmm5,%zmm0,%zmm0
- vpshufb %zmm4,%zmm1,%zmm1
- vpshufb %zmm4,%zmm2,%zmm2
- vpshufb %zmm4,%zmm3,%zmm3
- vpclmulqdq $0x00,%zmm6,%zmm0,%zmm5
- vpclmulqdq $0x00,%zmm7,%zmm1,%zmm11
- vpclmulqdq $0x00,%zmm8,%zmm2,%zmm12
- vpxord %zmm11,%zmm5,%zmm5
- vpclmulqdq $0x00,%zmm9,%zmm3,%zmm13
- vpternlogd $0x96,%zmm13,%zmm12,%zmm5
- vpclmulqdq $0x01,%zmm6,%zmm0,%zmm11
- vpclmulqdq $0x01,%zmm7,%zmm1,%zmm12
- vpclmulqdq $0x01,%zmm8,%zmm2,%zmm13
- vpternlogd $0x96,%zmm13,%zmm12,%zmm11
- vpclmulqdq $0x01,%zmm9,%zmm3,%zmm12
- vpclmulqdq $0x10,%zmm6,%zmm0,%zmm13
- vpternlogd $0x96,%zmm13,%zmm12,%zmm11
- vpclmulqdq $0x10,%zmm7,%zmm1,%zmm12
- vpclmulqdq $0x10,%zmm8,%zmm2,%zmm13
- vpternlogd $0x96,%zmm13,%zmm12,%zmm11
- vpclmulqdq $0x01,%zmm5,%zmm10,%zmm13
- vpclmulqdq $0x10,%zmm9,%zmm3,%zmm12
- vpxord %zmm12,%zmm11,%zmm11
- vpshufd $0x4e,%zmm5,%zmm5
- vpclmulqdq $0x11,%zmm6,%zmm0,%zmm0
- vpclmulqdq $0x11,%zmm7,%zmm1,%zmm1
- vpclmulqdq $0x11,%zmm8,%zmm2,%zmm2
- vpternlogd $0x96,%zmm13,%zmm5,%zmm11
- vpclmulqdq $0x11,%zmm9,%zmm3,%zmm3
- vpternlogd $0x96,%zmm2,%zmm1,%zmm0
- vpclmulqdq $0x01,%zmm11,%zmm10,%zmm12
- vpxord %zmm3,%zmm0,%zmm5
- vpshufd $0x4e,%zmm11,%zmm11
- vpternlogd $0x96,%zmm12,%zmm11,%zmm5
- vextracti32x4 $1,%zmm5,%xmm0
- vextracti32x4 $2,%zmm5,%xmm1
- vextracti32x4 $3,%zmm5,%xmm2
- vpxord %xmm0,%xmm5,%xmm5
- vpternlogd $0x96,%xmm1,%xmm2,%xmm5
-
- subq $-256,%rdx
- addq $-256,%rcx
- cmpq $256-1,%rcx
- ja L$aad_loop_4x__func1
-
-
- cmpq $64,%rcx
- jb L$aad_large_done__func1
-L$aad_loop_1x__func1:
- vmovdqu8 (%rdx),%zmm0
- vpshufb %zmm4,%zmm0,%zmm0
- vpxord %zmm0,%zmm5,%zmm5
- vpclmulqdq $0x00,%zmm9,%zmm5,%zmm0
- vpclmulqdq $0x01,%zmm9,%zmm5,%zmm1
- vpclmulqdq $0x10,%zmm9,%zmm5,%zmm2
- vpxord %zmm2,%zmm1,%zmm1
- vpclmulqdq $0x01,%zmm0,%zmm10,%zmm2
- vpshufd $0x4e,%zmm0,%zmm0
- vpternlogd $0x96,%zmm2,%zmm0,%zmm1
- vpclmulqdq $0x11,%zmm9,%zmm5,%zmm5
- vpclmulqdq $0x01,%zmm1,%zmm10,%zmm0
- vpshufd $0x4e,%zmm1,%zmm1
- vpternlogd $0x96,%zmm0,%zmm1,%zmm5
-
- vextracti32x4 $1,%zmm5,%xmm0
- vextracti32x4 $2,%zmm5,%xmm1
- vextracti32x4 $3,%zmm5,%xmm2
- vpxord %xmm0,%xmm5,%xmm5
- vpternlogd $0x96,%xmm1,%xmm2,%xmm5
-
- addq $64,%rdx
- subq $64,%rcx
- cmpq $64,%rcx
- jae L$aad_loop_1x__func1
-
-L$aad_large_done__func1:
-
-
- vzeroupper
-
-
-L$aad_blockbyblock__func1:
- testq %rcx,%rcx
- jz L$aad_done__func1
- vmovdqu 256-16(%rsi),%xmm9
-L$aad_loop_blockbyblock__func1:
- vmovdqu (%rdx),%xmm0
- vpshufb %xmm4,%xmm0,%xmm0
- vpxor %xmm0,%xmm5,%xmm5
- vpclmulqdq $0x00,%xmm9,%xmm5,%xmm0
- vpclmulqdq $0x01,%xmm9,%xmm5,%xmm1
- vpclmulqdq $0x10,%xmm9,%xmm5,%xmm2
- vpxord %xmm2,%xmm1,%xmm1
- vpclmulqdq $0x01,%xmm0,%xmm10,%xmm2
- vpshufd $0x4e,%xmm0,%xmm0
- vpternlogd $0x96,%xmm2,%xmm0,%xmm1
- vpclmulqdq $0x11,%xmm9,%xmm5,%xmm5
- vpclmulqdq $0x01,%xmm1,%xmm10,%xmm0
- vpshufd $0x4e,%xmm1,%xmm1
- vpternlogd $0x96,%xmm0,%xmm1,%xmm5
-
- addq $16,%rdx
- subq $16,%rcx
- jnz L$aad_loop_blockbyblock__func1
-
-L$aad_done__func1:
-
- vpshufb %xmm4,%xmm5,%xmm5
- vmovdqu %xmm5,(%rdi)
- ret
-
-
-
-.globl _aes_gcm_enc_update_vaes_avx10_512
-.private_extern _aes_gcm_enc_update_vaes_avx10_512
-
-.p2align 5
-_aes_gcm_enc_update_vaes_avx10_512:
-
-
-_CET_ENDBR
- pushq %r12
-
-
- movq 16(%rsp),%r12
-#ifdef BORINGSSL_DISPATCH_TEST
-
- movb $1,_BORINGSSL_function_hit+7(%rip)
-#endif
-
- vbroadcasti32x4 L$bswap_mask(%rip),%zmm8
- vbroadcasti32x4 L$gfpoly(%rip),%zmm31
-
-
-
- vmovdqu (%r12),%xmm10
- vpshufb %xmm8,%xmm10,%xmm10
- vbroadcasti32x4 (%r8),%zmm12
- vpshufb %zmm8,%zmm12,%zmm12
-
-
-
- movl 240(%rcx),%r10d
- leal -20(,%r10,4),%r10d
-
-
-
-
- leaq 96(%rcx,%r10,4),%r11
- vbroadcasti32x4 (%rcx),%zmm13
- vbroadcasti32x4 (%r11),%zmm14
-
-
- vpaddd L$ctr_pattern(%rip),%zmm12,%zmm12
-
-
- vbroadcasti32x4 L$inc_4blocks(%rip),%zmm11
-
-
-
- cmpq $256-1,%rdx
- jbe L$crypt_loop_4x_done__func1
-
-
- vmovdqu8 256-256(%r9),%zmm27
- vmovdqu8 256-192(%r9),%zmm28
- vmovdqu8 256-128(%r9),%zmm29
- vmovdqu8 256-64(%r9),%zmm30
-
-
-
-
- vpshufb %zmm8,%zmm12,%zmm0
- vpaddd %zmm11,%zmm12,%zmm12
- vpshufb %zmm8,%zmm12,%zmm1
- vpaddd %zmm11,%zmm12,%zmm12
- vpshufb %zmm8,%zmm12,%zmm2
- vpaddd %zmm11,%zmm12,%zmm12
- vpshufb %zmm8,%zmm12,%zmm3
- vpaddd %zmm11,%zmm12,%zmm12
-
-
- vpxord %zmm13,%zmm0,%zmm0
- vpxord %zmm13,%zmm1,%zmm1
- vpxord %zmm13,%zmm2,%zmm2
- vpxord %zmm13,%zmm3,%zmm3
-
- leaq 16(%rcx),%rax
-L$vaesenc_loop_first_4_vecs__func1:
- vbroadcasti32x4 (%rax),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- vaesenc %zmm9,%zmm1,%zmm1
- vaesenc %zmm9,%zmm2,%zmm2
- vaesenc %zmm9,%zmm3,%zmm3
-
- addq $16,%rax
- cmpq %rax,%r11
- jne L$vaesenc_loop_first_4_vecs__func1
-
-
-
- vpxord 0(%rdi),%zmm14,%zmm4
- vpxord 64(%rdi),%zmm14,%zmm5
- vpxord 128(%rdi),%zmm14,%zmm6
- vpxord 192(%rdi),%zmm14,%zmm7
-
-
-
- vaesenclast %zmm4,%zmm0,%zmm4
- vaesenclast %zmm5,%zmm1,%zmm5
- vaesenclast %zmm6,%zmm2,%zmm6
- vaesenclast %zmm7,%zmm3,%zmm7
-
-
- vmovdqu8 %zmm4,0(%rsi)
- vmovdqu8 %zmm5,64(%rsi)
- vmovdqu8 %zmm6,128(%rsi)
- vmovdqu8 %zmm7,192(%rsi)
-
- subq $-256,%rdi
- subq $-256,%rsi
- addq $-256,%rdx
- cmpq $256-1,%rdx
- jbe L$ghash_last_ciphertext_4x__func1
- vbroadcasti32x4 -144(%r11),%zmm15
- vbroadcasti32x4 -128(%r11),%zmm16
- vbroadcasti32x4 -112(%r11),%zmm17
- vbroadcasti32x4 -96(%r11),%zmm18
- vbroadcasti32x4 -80(%r11),%zmm19
- vbroadcasti32x4 -64(%r11),%zmm20
- vbroadcasti32x4 -48(%r11),%zmm21
- vbroadcasti32x4 -32(%r11),%zmm22
- vbroadcasti32x4 -16(%r11),%zmm23
-L$crypt_loop_4x__func1:
-
-
-
- vpshufb %zmm8,%zmm12,%zmm0
- vpaddd %zmm11,%zmm12,%zmm12
- vpshufb %zmm8,%zmm12,%zmm1
- vpaddd %zmm11,%zmm12,%zmm12
- vpshufb %zmm8,%zmm12,%zmm2
- vpaddd %zmm11,%zmm12,%zmm12
- vpshufb %zmm8,%zmm12,%zmm3
- vpaddd %zmm11,%zmm12,%zmm12
-
-
- vpxord %zmm13,%zmm0,%zmm0
- vpxord %zmm13,%zmm1,%zmm1
- vpxord %zmm13,%zmm2,%zmm2
- vpxord %zmm13,%zmm3,%zmm3
-
- cmpl $24,%r10d
- jl L$aes128__func1
- je L$aes192__func1
-
- vbroadcasti32x4 -208(%r11),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- vaesenc %zmm9,%zmm1,%zmm1
- vaesenc %zmm9,%zmm2,%zmm2
- vaesenc %zmm9,%zmm3,%zmm3
-
- vbroadcasti32x4 -192(%r11),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- vaesenc %zmm9,%zmm1,%zmm1
- vaesenc %zmm9,%zmm2,%zmm2
- vaesenc %zmm9,%zmm3,%zmm3
-
-L$aes192__func1:
- vbroadcasti32x4 -176(%r11),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- vaesenc %zmm9,%zmm1,%zmm1
- vaesenc %zmm9,%zmm2,%zmm2
- vaesenc %zmm9,%zmm3,%zmm3
-
- vbroadcasti32x4 -160(%r11),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- vaesenc %zmm9,%zmm1,%zmm1
- vaesenc %zmm9,%zmm2,%zmm2
- vaesenc %zmm9,%zmm3,%zmm3
-
-L$aes128__func1:
- prefetcht0 512+0(%rdi)
- prefetcht0 512+64(%rdi)
- prefetcht0 512+128(%rdi)
- prefetcht0 512+192(%rdi)
- vpshufb %zmm8,%zmm4,%zmm4
- vpxord %zmm10,%zmm4,%zmm4
- vpshufb %zmm8,%zmm5,%zmm5
- vpshufb %zmm8,%zmm6,%zmm6
-
- vaesenc %zmm15,%zmm0,%zmm0
- vaesenc %zmm15,%zmm1,%zmm1
- vaesenc %zmm15,%zmm2,%zmm2
- vaesenc %zmm15,%zmm3,%zmm3
-
- vpshufb %zmm8,%zmm7,%zmm7
- vpclmulqdq $0x00,%zmm27,%zmm4,%zmm10
- vpclmulqdq $0x00,%zmm28,%zmm5,%zmm24
- vpclmulqdq $0x00,%zmm29,%zmm6,%zmm25
-
- vaesenc %zmm16,%zmm0,%zmm0
- vaesenc %zmm16,%zmm1,%zmm1
- vaesenc %zmm16,%zmm2,%zmm2
- vaesenc %zmm16,%zmm3,%zmm3
-
- vpxord %zmm24,%zmm10,%zmm10
- vpclmulqdq $0x00,%zmm30,%zmm7,%zmm26
- vpternlogd $0x96,%zmm26,%zmm25,%zmm10
- vpclmulqdq $0x01,%zmm27,%zmm4,%zmm24
-
- vaesenc %zmm17,%zmm0,%zmm0
- vaesenc %zmm17,%zmm1,%zmm1
- vaesenc %zmm17,%zmm2,%zmm2
- vaesenc %zmm17,%zmm3,%zmm3
-
- vpclmulqdq $0x01,%zmm28,%zmm5,%zmm25
- vpclmulqdq $0x01,%zmm29,%zmm6,%zmm26
- vpternlogd $0x96,%zmm26,%zmm25,%zmm24
- vpclmulqdq $0x01,%zmm30,%zmm7,%zmm25
-
- vaesenc %zmm18,%zmm0,%zmm0
- vaesenc %zmm18,%zmm1,%zmm1
- vaesenc %zmm18,%zmm2,%zmm2
- vaesenc %zmm18,%zmm3,%zmm3
-
- vpclmulqdq $0x10,%zmm27,%zmm4,%zmm26
- vpternlogd $0x96,%zmm26,%zmm25,%zmm24
- vpclmulqdq $0x10,%zmm28,%zmm5,%zmm25
- vpclmulqdq $0x10,%zmm29,%zmm6,%zmm26
-
- vaesenc %zmm19,%zmm0,%zmm0
- vaesenc %zmm19,%zmm1,%zmm1
- vaesenc %zmm19,%zmm2,%zmm2
- vaesenc %zmm19,%zmm3,%zmm3
-
- vpternlogd $0x96,%zmm26,%zmm25,%zmm24
- vpclmulqdq $0x01,%zmm10,%zmm31,%zmm26
- vpclmulqdq $0x10,%zmm30,%zmm7,%zmm25
- vpxord %zmm25,%zmm24,%zmm24
-
- vaesenc %zmm20,%zmm0,%zmm0
- vaesenc %zmm20,%zmm1,%zmm1
- vaesenc %zmm20,%zmm2,%zmm2
- vaesenc %zmm20,%zmm3,%zmm3
-
- vpshufd $0x4e,%zmm10,%zmm10
- vpclmulqdq $0x11,%zmm27,%zmm4,%zmm4
- vpclmulqdq $0x11,%zmm28,%zmm5,%zmm5
- vpclmulqdq $0x11,%zmm29,%zmm6,%zmm6
-
- vaesenc %zmm21,%zmm0,%zmm0
- vaesenc %zmm21,%zmm1,%zmm1
- vaesenc %zmm21,%zmm2,%zmm2
- vaesenc %zmm21,%zmm3,%zmm3
-
- vpternlogd $0x96,%zmm26,%zmm10,%zmm24
- vpclmulqdq $0x11,%zmm30,%zmm7,%zmm7
- vpternlogd $0x96,%zmm6,%zmm5,%zmm4
- vpclmulqdq $0x01,%zmm24,%zmm31,%zmm25
-
- vaesenc %zmm22,%zmm0,%zmm0
- vaesenc %zmm22,%zmm1,%zmm1
- vaesenc %zmm22,%zmm2,%zmm2
- vaesenc %zmm22,%zmm3,%zmm3
-
- vpxord %zmm7,%zmm4,%zmm10
- vpshufd $0x4e,%zmm24,%zmm24
- vpternlogd $0x96,%zmm25,%zmm24,%zmm10
-
- vaesenc %zmm23,%zmm0,%zmm0
- vaesenc %zmm23,%zmm1,%zmm1
- vaesenc %zmm23,%zmm2,%zmm2
- vaesenc %zmm23,%zmm3,%zmm3
-
- vextracti32x4 $1,%zmm10,%xmm4
- vextracti32x4 $2,%zmm10,%xmm5
- vextracti32x4 $3,%zmm10,%xmm6
- vpxord %xmm4,%xmm10,%xmm10
- vpternlogd $0x96,%xmm5,%xmm6,%xmm10
-
-
-
-
- vpxord 0(%rdi),%zmm14,%zmm4
- vpxord 64(%rdi),%zmm14,%zmm5
- vpxord 128(%rdi),%zmm14,%zmm6
- vpxord 192(%rdi),%zmm14,%zmm7
-
-
-
- vaesenclast %zmm4,%zmm0,%zmm4
- vaesenclast %zmm5,%zmm1,%zmm5
- vaesenclast %zmm6,%zmm2,%zmm6
- vaesenclast %zmm7,%zmm3,%zmm7
-
-
- vmovdqu8 %zmm4,0(%rsi)
- vmovdqu8 %zmm5,64(%rsi)
- vmovdqu8 %zmm6,128(%rsi)
- vmovdqu8 %zmm7,192(%rsi)
-
- subq $-256,%rdi
- subq $-256,%rsi
- addq $-256,%rdx
- cmpq $256-1,%rdx
- ja L$crypt_loop_4x__func1
-L$ghash_last_ciphertext_4x__func1:
- vpshufb %zmm8,%zmm4,%zmm4
- vpxord %zmm10,%zmm4,%zmm4
- vpshufb %zmm8,%zmm5,%zmm5
- vpshufb %zmm8,%zmm6,%zmm6
- vpshufb %zmm8,%zmm7,%zmm7
- vpclmulqdq $0x00,%zmm27,%zmm4,%zmm10
- vpclmulqdq $0x00,%zmm28,%zmm5,%zmm24
- vpclmulqdq $0x00,%zmm29,%zmm6,%zmm25
- vpxord %zmm24,%zmm10,%zmm10
- vpclmulqdq $0x00,%zmm30,%zmm7,%zmm26
- vpternlogd $0x96,%zmm26,%zmm25,%zmm10
- vpclmulqdq $0x01,%zmm27,%zmm4,%zmm24
- vpclmulqdq $0x01,%zmm28,%zmm5,%zmm25
- vpclmulqdq $0x01,%zmm29,%zmm6,%zmm26
- vpternlogd $0x96,%zmm26,%zmm25,%zmm24
- vpclmulqdq $0x01,%zmm30,%zmm7,%zmm25
- vpclmulqdq $0x10,%zmm27,%zmm4,%zmm26
- vpternlogd $0x96,%zmm26,%zmm25,%zmm24
- vpclmulqdq $0x10,%zmm28,%zmm5,%zmm25
- vpclmulqdq $0x10,%zmm29,%zmm6,%zmm26
- vpternlogd $0x96,%zmm26,%zmm25,%zmm24
- vpclmulqdq $0x01,%zmm10,%zmm31,%zmm26
- vpclmulqdq $0x10,%zmm30,%zmm7,%zmm25
- vpxord %zmm25,%zmm24,%zmm24
- vpshufd $0x4e,%zmm10,%zmm10
- vpclmulqdq $0x11,%zmm27,%zmm4,%zmm4
- vpclmulqdq $0x11,%zmm28,%zmm5,%zmm5
- vpclmulqdq $0x11,%zmm29,%zmm6,%zmm6
- vpternlogd $0x96,%zmm26,%zmm10,%zmm24
- vpclmulqdq $0x11,%zmm30,%zmm7,%zmm7
- vpternlogd $0x96,%zmm6,%zmm5,%zmm4
- vpclmulqdq $0x01,%zmm24,%zmm31,%zmm25
- vpxord %zmm7,%zmm4,%zmm10
- vpshufd $0x4e,%zmm24,%zmm24
- vpternlogd $0x96,%zmm25,%zmm24,%zmm10
- vextracti32x4 $1,%zmm10,%xmm4
- vextracti32x4 $2,%zmm10,%xmm5
- vextracti32x4 $3,%zmm10,%xmm6
- vpxord %xmm4,%xmm10,%xmm10
- vpternlogd $0x96,%xmm5,%xmm6,%xmm10
-
-L$crypt_loop_4x_done__func1:
-
- testq %rdx,%rdx
- jz L$done__func1
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- movq %rdx,%rax
- negq %rax
- andq $-16,%rax
- leaq 256(%r9,%rax,1),%r8
- vpxor %xmm4,%xmm4,%xmm4
- vpxor %xmm5,%xmm5,%xmm5
- vpxor %xmm6,%xmm6,%xmm6
-
- cmpq $64,%rdx
- jb L$partial_vec__func1
-
-L$crypt_loop_1x__func1:
-
-
-
- vpshufb %zmm8,%zmm12,%zmm0
- vpaddd %zmm11,%zmm12,%zmm12
- vpxord %zmm13,%zmm0,%zmm0
- leaq 16(%rcx),%rax
-L$vaesenc_loop_tail_full_vec__func1:
- vbroadcasti32x4 (%rax),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- addq $16,%rax
- cmpq %rax,%r11
- jne L$vaesenc_loop_tail_full_vec__func1
- vaesenclast %zmm14,%zmm0,%zmm0
-
-
- vmovdqu8 (%rdi),%zmm1
- vpxord %zmm1,%zmm0,%zmm0
- vmovdqu8 %zmm0,(%rsi)
-
-
- vmovdqu8 (%r8),%zmm30
- vpshufb %zmm8,%zmm0,%zmm0
- vpxord %zmm10,%zmm0,%zmm0
- vpclmulqdq $0x00,%zmm30,%zmm0,%zmm7
- vpclmulqdq $0x01,%zmm30,%zmm0,%zmm1
- vpclmulqdq $0x10,%zmm30,%zmm0,%zmm2
- vpclmulqdq $0x11,%zmm30,%zmm0,%zmm3
- vpxord %zmm7,%zmm4,%zmm4
- vpternlogd $0x96,%zmm2,%zmm1,%zmm5
- vpxord %zmm3,%zmm6,%zmm6
-
- vpxor %xmm10,%xmm10,%xmm10
-
- addq $64,%r8
- addq $64,%rdi
- addq $64,%rsi
- subq $64,%rdx
- cmpq $64,%rdx
- jae L$crypt_loop_1x__func1
-
- testq %rdx,%rdx
- jz L$reduce__func1
-
-L$partial_vec__func1:
-
-
-
-
- movq $-1,%rax
- bzhiq %rdx,%rax,%rax
- kmovq %rax,%k1
- addq $15,%rdx
- andq $-16,%rdx
- movq $-1,%rax
- bzhiq %rdx,%rax,%rax
- kmovq %rax,%k2
-
-
-
- vpshufb %zmm8,%zmm12,%zmm0
- vpxord %zmm13,%zmm0,%zmm0
- leaq 16(%rcx),%rax
-L$vaesenc_loop_tail_partialvec__func1:
- vbroadcasti32x4 (%rax),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- addq $16,%rax
- cmpq %rax,%r11
- jne L$vaesenc_loop_tail_partialvec__func1
- vaesenclast %zmm14,%zmm0,%zmm0
-
-
- vmovdqu8 (%rdi),%zmm1{%k1}{z}
- vpxord %zmm1,%zmm0,%zmm0
- vmovdqu8 %zmm0,(%rsi){%k1}
-
-
-
-
-
-
-
-
-
-
-
-
-
- vmovdqu8 (%r8),%zmm30{%k2}{z}
- vmovdqu8 %zmm0,%zmm1{%k1}{z}
- vpshufb %zmm8,%zmm1,%zmm0
- vpxord %zmm10,%zmm0,%zmm0
- vpclmulqdq $0x00,%zmm30,%zmm0,%zmm7
- vpclmulqdq $0x01,%zmm30,%zmm0,%zmm1
- vpclmulqdq $0x10,%zmm30,%zmm0,%zmm2
- vpclmulqdq $0x11,%zmm30,%zmm0,%zmm3
- vpxord %zmm7,%zmm4,%zmm4
- vpternlogd $0x96,%zmm2,%zmm1,%zmm5
- vpxord %zmm3,%zmm6,%zmm6
-
-
-L$reduce__func1:
-
- vpclmulqdq $0x01,%zmm4,%zmm31,%zmm0
- vpshufd $0x4e,%zmm4,%zmm4
- vpternlogd $0x96,%zmm0,%zmm4,%zmm5
- vpclmulqdq $0x01,%zmm5,%zmm31,%zmm0
- vpshufd $0x4e,%zmm5,%zmm5
- vpternlogd $0x96,%zmm0,%zmm5,%zmm6
-
- vextracti32x4 $1,%zmm6,%xmm0
- vextracti32x4 $2,%zmm6,%xmm1
- vextracti32x4 $3,%zmm6,%xmm2
- vpxord %xmm0,%xmm6,%xmm10
- vpternlogd $0x96,%xmm1,%xmm2,%xmm10
-
-
-L$done__func1:
-
- vpshufb %xmm8,%xmm10,%xmm10
- vmovdqu %xmm10,(%r12)
-
- vzeroupper
- popq %r12
-
- ret
-
-
-
-.globl _aes_gcm_dec_update_vaes_avx10_512
-.private_extern _aes_gcm_dec_update_vaes_avx10_512
-
-.p2align 5
-_aes_gcm_dec_update_vaes_avx10_512:
-
-
-_CET_ENDBR
- pushq %r12
-
-
- movq 16(%rsp),%r12
-
- vbroadcasti32x4 L$bswap_mask(%rip),%zmm8
- vbroadcasti32x4 L$gfpoly(%rip),%zmm31
-
-
-
- vmovdqu (%r12),%xmm10
- vpshufb %xmm8,%xmm10,%xmm10
- vbroadcasti32x4 (%r8),%zmm12
- vpshufb %zmm8,%zmm12,%zmm12
-
-
-
- movl 240(%rcx),%r10d
- leal -20(,%r10,4),%r10d
-
-
-
-
- leaq 96(%rcx,%r10,4),%r11
- vbroadcasti32x4 (%rcx),%zmm13
- vbroadcasti32x4 (%r11),%zmm14
-
-
- vpaddd L$ctr_pattern(%rip),%zmm12,%zmm12
-
-
- vbroadcasti32x4 L$inc_4blocks(%rip),%zmm11
-
-
-
- cmpq $256-1,%rdx
- jbe L$crypt_loop_4x_done__func2
-
-
- vmovdqu8 256-256(%r9),%zmm27
- vmovdqu8 256-192(%r9),%zmm28
- vmovdqu8 256-128(%r9),%zmm29
- vmovdqu8 256-64(%r9),%zmm30
- vbroadcasti32x4 -144(%r11),%zmm15
- vbroadcasti32x4 -128(%r11),%zmm16
- vbroadcasti32x4 -112(%r11),%zmm17
- vbroadcasti32x4 -96(%r11),%zmm18
- vbroadcasti32x4 -80(%r11),%zmm19
- vbroadcasti32x4 -64(%r11),%zmm20
- vbroadcasti32x4 -48(%r11),%zmm21
- vbroadcasti32x4 -32(%r11),%zmm22
- vbroadcasti32x4 -16(%r11),%zmm23
-L$crypt_loop_4x__func2:
- vmovdqu8 0(%rdi),%zmm4
- vmovdqu8 64(%rdi),%zmm5
- vmovdqu8 128(%rdi),%zmm6
- vmovdqu8 192(%rdi),%zmm7
-
-
-
- vpshufb %zmm8,%zmm12,%zmm0
- vpaddd %zmm11,%zmm12,%zmm12
- vpshufb %zmm8,%zmm12,%zmm1
- vpaddd %zmm11,%zmm12,%zmm12
- vpshufb %zmm8,%zmm12,%zmm2
- vpaddd %zmm11,%zmm12,%zmm12
- vpshufb %zmm8,%zmm12,%zmm3
- vpaddd %zmm11,%zmm12,%zmm12
-
-
- vpxord %zmm13,%zmm0,%zmm0
- vpxord %zmm13,%zmm1,%zmm1
- vpxord %zmm13,%zmm2,%zmm2
- vpxord %zmm13,%zmm3,%zmm3
-
- cmpl $24,%r10d
- jl L$aes128__func2
- je L$aes192__func2
-
- vbroadcasti32x4 -208(%r11),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- vaesenc %zmm9,%zmm1,%zmm1
- vaesenc %zmm9,%zmm2,%zmm2
- vaesenc %zmm9,%zmm3,%zmm3
-
- vbroadcasti32x4 -192(%r11),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- vaesenc %zmm9,%zmm1,%zmm1
- vaesenc %zmm9,%zmm2,%zmm2
- vaesenc %zmm9,%zmm3,%zmm3
-
-L$aes192__func2:
- vbroadcasti32x4 -176(%r11),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- vaesenc %zmm9,%zmm1,%zmm1
- vaesenc %zmm9,%zmm2,%zmm2
- vaesenc %zmm9,%zmm3,%zmm3
-
- vbroadcasti32x4 -160(%r11),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- vaesenc %zmm9,%zmm1,%zmm1
- vaesenc %zmm9,%zmm2,%zmm2
- vaesenc %zmm9,%zmm3,%zmm3
-
-L$aes128__func2:
- prefetcht0 512+0(%rdi)
- prefetcht0 512+64(%rdi)
- prefetcht0 512+128(%rdi)
- prefetcht0 512+192(%rdi)
- vpshufb %zmm8,%zmm4,%zmm4
- vpxord %zmm10,%zmm4,%zmm4
- vpshufb %zmm8,%zmm5,%zmm5
- vpshufb %zmm8,%zmm6,%zmm6
-
- vaesenc %zmm15,%zmm0,%zmm0
- vaesenc %zmm15,%zmm1,%zmm1
- vaesenc %zmm15,%zmm2,%zmm2
- vaesenc %zmm15,%zmm3,%zmm3
-
- vpshufb %zmm8,%zmm7,%zmm7
- vpclmulqdq $0x00,%zmm27,%zmm4,%zmm10
- vpclmulqdq $0x00,%zmm28,%zmm5,%zmm24
- vpclmulqdq $0x00,%zmm29,%zmm6,%zmm25
-
- vaesenc %zmm16,%zmm0,%zmm0
- vaesenc %zmm16,%zmm1,%zmm1
- vaesenc %zmm16,%zmm2,%zmm2
- vaesenc %zmm16,%zmm3,%zmm3
-
- vpxord %zmm24,%zmm10,%zmm10
- vpclmulqdq $0x00,%zmm30,%zmm7,%zmm26
- vpternlogd $0x96,%zmm26,%zmm25,%zmm10
- vpclmulqdq $0x01,%zmm27,%zmm4,%zmm24
-
- vaesenc %zmm17,%zmm0,%zmm0
- vaesenc %zmm17,%zmm1,%zmm1
- vaesenc %zmm17,%zmm2,%zmm2
- vaesenc %zmm17,%zmm3,%zmm3
-
- vpclmulqdq $0x01,%zmm28,%zmm5,%zmm25
- vpclmulqdq $0x01,%zmm29,%zmm6,%zmm26
- vpternlogd $0x96,%zmm26,%zmm25,%zmm24
- vpclmulqdq $0x01,%zmm30,%zmm7,%zmm25
-
- vaesenc %zmm18,%zmm0,%zmm0
- vaesenc %zmm18,%zmm1,%zmm1
- vaesenc %zmm18,%zmm2,%zmm2
- vaesenc %zmm18,%zmm3,%zmm3
-
- vpclmulqdq $0x10,%zmm27,%zmm4,%zmm26
- vpternlogd $0x96,%zmm26,%zmm25,%zmm24
- vpclmulqdq $0x10,%zmm28,%zmm5,%zmm25
- vpclmulqdq $0x10,%zmm29,%zmm6,%zmm26
-
- vaesenc %zmm19,%zmm0,%zmm0
- vaesenc %zmm19,%zmm1,%zmm1
- vaesenc %zmm19,%zmm2,%zmm2
- vaesenc %zmm19,%zmm3,%zmm3
-
- vpternlogd $0x96,%zmm26,%zmm25,%zmm24
- vpclmulqdq $0x01,%zmm10,%zmm31,%zmm26
- vpclmulqdq $0x10,%zmm30,%zmm7,%zmm25
- vpxord %zmm25,%zmm24,%zmm24
-
- vaesenc %zmm20,%zmm0,%zmm0
- vaesenc %zmm20,%zmm1,%zmm1
- vaesenc %zmm20,%zmm2,%zmm2
- vaesenc %zmm20,%zmm3,%zmm3
-
- vpshufd $0x4e,%zmm10,%zmm10
- vpclmulqdq $0x11,%zmm27,%zmm4,%zmm4
- vpclmulqdq $0x11,%zmm28,%zmm5,%zmm5
- vpclmulqdq $0x11,%zmm29,%zmm6,%zmm6
-
- vaesenc %zmm21,%zmm0,%zmm0
- vaesenc %zmm21,%zmm1,%zmm1
- vaesenc %zmm21,%zmm2,%zmm2
- vaesenc %zmm21,%zmm3,%zmm3
-
- vpternlogd $0x96,%zmm26,%zmm10,%zmm24
- vpclmulqdq $0x11,%zmm30,%zmm7,%zmm7
- vpternlogd $0x96,%zmm6,%zmm5,%zmm4
- vpclmulqdq $0x01,%zmm24,%zmm31,%zmm25
-
- vaesenc %zmm22,%zmm0,%zmm0
- vaesenc %zmm22,%zmm1,%zmm1
- vaesenc %zmm22,%zmm2,%zmm2
- vaesenc %zmm22,%zmm3,%zmm3
-
- vpxord %zmm7,%zmm4,%zmm10
- vpshufd $0x4e,%zmm24,%zmm24
- vpternlogd $0x96,%zmm25,%zmm24,%zmm10
-
- vaesenc %zmm23,%zmm0,%zmm0
- vaesenc %zmm23,%zmm1,%zmm1
- vaesenc %zmm23,%zmm2,%zmm2
- vaesenc %zmm23,%zmm3,%zmm3
-
- vextracti32x4 $1,%zmm10,%xmm4
- vextracti32x4 $2,%zmm10,%xmm5
- vextracti32x4 $3,%zmm10,%xmm6
- vpxord %xmm4,%xmm10,%xmm10
- vpternlogd $0x96,%xmm5,%xmm6,%xmm10
-
-
-
-
- vpxord 0(%rdi),%zmm14,%zmm4
- vpxord 64(%rdi),%zmm14,%zmm5
- vpxord 128(%rdi),%zmm14,%zmm6
- vpxord 192(%rdi),%zmm14,%zmm7
-
-
-
- vaesenclast %zmm4,%zmm0,%zmm4
- vaesenclast %zmm5,%zmm1,%zmm5
- vaesenclast %zmm6,%zmm2,%zmm6
- vaesenclast %zmm7,%zmm3,%zmm7
-
-
- vmovdqu8 %zmm4,0(%rsi)
- vmovdqu8 %zmm5,64(%rsi)
- vmovdqu8 %zmm6,128(%rsi)
- vmovdqu8 %zmm7,192(%rsi)
-
- subq $-256,%rdi
- subq $-256,%rsi
- addq $-256,%rdx
- cmpq $256-1,%rdx
- ja L$crypt_loop_4x__func2
-L$crypt_loop_4x_done__func2:
-
- testq %rdx,%rdx
- jz L$done__func2
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- movq %rdx,%rax
- negq %rax
- andq $-16,%rax
- leaq 256(%r9,%rax,1),%r8
- vpxor %xmm4,%xmm4,%xmm4
- vpxor %xmm5,%xmm5,%xmm5
- vpxor %xmm6,%xmm6,%xmm6
-
- cmpq $64,%rdx
- jb L$partial_vec__func2
-
-L$crypt_loop_1x__func2:
-
-
-
- vpshufb %zmm8,%zmm12,%zmm0
- vpaddd %zmm11,%zmm12,%zmm12
- vpxord %zmm13,%zmm0,%zmm0
- leaq 16(%rcx),%rax
-L$vaesenc_loop_tail_full_vec__func2:
- vbroadcasti32x4 (%rax),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- addq $16,%rax
- cmpq %rax,%r11
- jne L$vaesenc_loop_tail_full_vec__func2
- vaesenclast %zmm14,%zmm0,%zmm0
-
-
- vmovdqu8 (%rdi),%zmm1
- vpxord %zmm1,%zmm0,%zmm0
- vmovdqu8 %zmm0,(%rsi)
-
-
- vmovdqu8 (%r8),%zmm30
- vpshufb %zmm8,%zmm1,%zmm0
- vpxord %zmm10,%zmm0,%zmm0
- vpclmulqdq $0x00,%zmm30,%zmm0,%zmm7
- vpclmulqdq $0x01,%zmm30,%zmm0,%zmm1
- vpclmulqdq $0x10,%zmm30,%zmm0,%zmm2
- vpclmulqdq $0x11,%zmm30,%zmm0,%zmm3
- vpxord %zmm7,%zmm4,%zmm4
- vpternlogd $0x96,%zmm2,%zmm1,%zmm5
- vpxord %zmm3,%zmm6,%zmm6
-
- vpxor %xmm10,%xmm10,%xmm10
-
- addq $64,%r8
- addq $64,%rdi
- addq $64,%rsi
- subq $64,%rdx
- cmpq $64,%rdx
- jae L$crypt_loop_1x__func2
-
- testq %rdx,%rdx
- jz L$reduce__func2
-
-L$partial_vec__func2:
-
-
-
-
- movq $-1,%rax
- bzhiq %rdx,%rax,%rax
- kmovq %rax,%k1
- addq $15,%rdx
- andq $-16,%rdx
- movq $-1,%rax
- bzhiq %rdx,%rax,%rax
- kmovq %rax,%k2
-
-
-
- vpshufb %zmm8,%zmm12,%zmm0
- vpxord %zmm13,%zmm0,%zmm0
- leaq 16(%rcx),%rax
-L$vaesenc_loop_tail_partialvec__func2:
- vbroadcasti32x4 (%rax),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- addq $16,%rax
- cmpq %rax,%r11
- jne L$vaesenc_loop_tail_partialvec__func2
- vaesenclast %zmm14,%zmm0,%zmm0
-
-
- vmovdqu8 (%rdi),%zmm1{%k1}{z}
- vpxord %zmm1,%zmm0,%zmm0
- vmovdqu8 %zmm0,(%rsi){%k1}
-
-
-
-
-
-
-
-
-
-
-
-
-
- vmovdqu8 (%r8),%zmm30{%k2}{z}
-
- vpshufb %zmm8,%zmm1,%zmm0
- vpxord %zmm10,%zmm0,%zmm0
- vpclmulqdq $0x00,%zmm30,%zmm0,%zmm7
- vpclmulqdq $0x01,%zmm30,%zmm0,%zmm1
- vpclmulqdq $0x10,%zmm30,%zmm0,%zmm2
- vpclmulqdq $0x11,%zmm30,%zmm0,%zmm3
- vpxord %zmm7,%zmm4,%zmm4
- vpternlogd $0x96,%zmm2,%zmm1,%zmm5
- vpxord %zmm3,%zmm6,%zmm6
-
-
-L$reduce__func2:
-
- vpclmulqdq $0x01,%zmm4,%zmm31,%zmm0
- vpshufd $0x4e,%zmm4,%zmm4
- vpternlogd $0x96,%zmm0,%zmm4,%zmm5
- vpclmulqdq $0x01,%zmm5,%zmm31,%zmm0
- vpshufd $0x4e,%zmm5,%zmm5
- vpternlogd $0x96,%zmm0,%zmm5,%zmm6
-
- vextracti32x4 $1,%zmm6,%xmm0
- vextracti32x4 $2,%zmm6,%xmm1
- vextracti32x4 $3,%zmm6,%xmm2
- vpxord %xmm0,%xmm6,%xmm10
- vpternlogd $0x96,%xmm1,%xmm2,%xmm10
-
-
-L$done__func2:
-
- vpshufb %xmm8,%xmm10,%xmm10
- vmovdqu %xmm10,(%r12)
-
- vzeroupper
- popq %r12
-
- ret
-
-
-
-#endif
diff --git a/src/gen/bcm/aes-gcm-avx10-x86_64-linux.S b/src/gen/bcm/aes-gcm-avx10-x86_64-linux.S
deleted file mode 100644
index b525623..0000000
--- a/src/gen/bcm/aes-gcm-avx10-x86_64-linux.S
+++ /dev/null
@@ -1,1255 +0,0 @@
-// This file is generated from a similarly-named Perl script in the BoringSSL
-// source tree. Do not edit by hand.
-
-#include <openssl/asm_base.h>
-
-#if !defined(OPENSSL_NO_ASM) && defined(OPENSSL_X86_64) && defined(__ELF__)
-.section .rodata
-.align 64
-
-
-.Lbswap_mask:
-.quad 0x08090a0b0c0d0e0f, 0x0001020304050607
-
-
-
-
-
-
-
-
-.Lgfpoly:
-.quad 1, 0xc200000000000000
-
-
-.Lgfpoly_and_internal_carrybit:
-.quad 1, 0xc200000000000001
-
-
-
-
-
-.Lctr_pattern:
-.quad 0, 0
-.quad 1, 0
-.Linc_2blocks:
-.quad 2, 0
-.quad 3, 0
-.Linc_4blocks:
-.quad 4, 0
-
-.text
-.globl gcm_gmult_vpclmulqdq_avx10
-.hidden gcm_gmult_vpclmulqdq_avx10
-.type gcm_gmult_vpclmulqdq_avx10,@function
-.align 32
-gcm_gmult_vpclmulqdq_avx10:
-.cfi_startproc
-
-_CET_ENDBR
-
-
-
- vmovdqu (%rdi),%xmm0
- vmovdqu .Lbswap_mask(%rip),%xmm1
- vmovdqu 256-16(%rsi),%xmm2
- vmovdqu .Lgfpoly(%rip),%xmm3
- vpshufb %xmm1,%xmm0,%xmm0
-
- vpclmulqdq $0x00,%xmm2,%xmm0,%xmm4
- vpclmulqdq $0x01,%xmm2,%xmm0,%xmm5
- vpclmulqdq $0x10,%xmm2,%xmm0,%xmm6
- vpxord %xmm6,%xmm5,%xmm5
- vpclmulqdq $0x01,%xmm4,%xmm3,%xmm6
- vpshufd $0x4e,%xmm4,%xmm4
- vpternlogd $0x96,%xmm6,%xmm4,%xmm5
- vpclmulqdq $0x11,%xmm2,%xmm0,%xmm0
- vpclmulqdq $0x01,%xmm5,%xmm3,%xmm4
- vpshufd $0x4e,%xmm5,%xmm5
- vpternlogd $0x96,%xmm4,%xmm5,%xmm0
-
-
- vpshufb %xmm1,%xmm0,%xmm0
- vmovdqu %xmm0,(%rdi)
- ret
-
-.cfi_endproc
-.size gcm_gmult_vpclmulqdq_avx10, . - gcm_gmult_vpclmulqdq_avx10
-.globl gcm_init_vpclmulqdq_avx10_512
-.hidden gcm_init_vpclmulqdq_avx10_512
-.type gcm_init_vpclmulqdq_avx10_512,@function
-.align 32
-gcm_init_vpclmulqdq_avx10_512:
-.cfi_startproc
-
-_CET_ENDBR
-
- leaq 256-64(%rdi),%r8
-
-
-
- vpshufd $0x4e,(%rsi),%xmm3
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- vpshufd $0xd3,%xmm3,%xmm0
- vpsrad $31,%xmm0,%xmm0
- vpaddq %xmm3,%xmm3,%xmm3
-
- vpternlogd $0x78,.Lgfpoly_and_internal_carrybit(%rip),%xmm0,%xmm3
-
-
- vbroadcasti32x4 .Lgfpoly(%rip),%zmm5
-
-
-
-
-
-
-
-
- vpclmulqdq $0x00,%xmm3,%xmm3,%xmm0
- vpclmulqdq $0x01,%xmm3,%xmm3,%xmm1
- vpclmulqdq $0x10,%xmm3,%xmm3,%xmm2
- vpxord %xmm2,%xmm1,%xmm1
- vpclmulqdq $0x01,%xmm0,%xmm5,%xmm2
- vpshufd $0x4e,%xmm0,%xmm0
- vpternlogd $0x96,%xmm2,%xmm0,%xmm1
- vpclmulqdq $0x11,%xmm3,%xmm3,%xmm4
- vpclmulqdq $0x01,%xmm1,%xmm5,%xmm0
- vpshufd $0x4e,%xmm1,%xmm1
- vpternlogd $0x96,%xmm0,%xmm1,%xmm4
-
-
-
- vinserti128 $1,%xmm3,%ymm4,%ymm3
- vinserti128 $1,%xmm4,%ymm4,%ymm4
- vpclmulqdq $0x00,%ymm4,%ymm3,%ymm0
- vpclmulqdq $0x01,%ymm4,%ymm3,%ymm1
- vpclmulqdq $0x10,%ymm4,%ymm3,%ymm2
- vpxord %ymm2,%ymm1,%ymm1
- vpclmulqdq $0x01,%ymm0,%ymm5,%ymm2
- vpshufd $0x4e,%ymm0,%ymm0
- vpternlogd $0x96,%ymm2,%ymm0,%ymm1
- vpclmulqdq $0x11,%ymm4,%ymm3,%ymm4
- vpclmulqdq $0x01,%ymm1,%ymm5,%ymm0
- vpshufd $0x4e,%ymm1,%ymm1
- vpternlogd $0x96,%ymm0,%ymm1,%ymm4
-
- vinserti64x4 $1,%ymm3,%zmm4,%zmm3
- vshufi64x2 $0,%zmm4,%zmm4,%zmm4
-
- vmovdqu8 %zmm3,(%r8)
-
-
-
-
-
- movl $3,%eax
-.Lprecompute_next__func1:
- subq $64,%r8
- vpclmulqdq $0x00,%zmm4,%zmm3,%zmm0
- vpclmulqdq $0x01,%zmm4,%zmm3,%zmm1
- vpclmulqdq $0x10,%zmm4,%zmm3,%zmm2
- vpxord %zmm2,%zmm1,%zmm1
- vpclmulqdq $0x01,%zmm0,%zmm5,%zmm2
- vpshufd $0x4e,%zmm0,%zmm0
- vpternlogd $0x96,%zmm2,%zmm0,%zmm1
- vpclmulqdq $0x11,%zmm4,%zmm3,%zmm3
- vpclmulqdq $0x01,%zmm1,%zmm5,%zmm0
- vpshufd $0x4e,%zmm1,%zmm1
- vpternlogd $0x96,%zmm0,%zmm1,%zmm3
-
- vmovdqu8 %zmm3,(%r8)
- decl %eax
- jnz .Lprecompute_next__func1
-
- vzeroupper
- ret
-
-.cfi_endproc
-.size gcm_init_vpclmulqdq_avx10_512, . - gcm_init_vpclmulqdq_avx10_512
-.globl gcm_ghash_vpclmulqdq_avx10_512
-.hidden gcm_ghash_vpclmulqdq_avx10_512
-.type gcm_ghash_vpclmulqdq_avx10_512,@function
-.align 32
-gcm_ghash_vpclmulqdq_avx10_512:
-.cfi_startproc
-
-_CET_ENDBR
-
-
-
-
-
-
- vmovdqu .Lbswap_mask(%rip),%xmm4
- vmovdqu .Lgfpoly(%rip),%xmm10
-
-
- vmovdqu (%rdi),%xmm5
- vpshufb %xmm4,%xmm5,%xmm5
-
-
- cmpq $64,%rcx
- jb .Laad_blockbyblock__func1
-
-
-
- vshufi64x2 $0,%zmm4,%zmm4,%zmm4
- vshufi64x2 $0,%zmm10,%zmm10,%zmm10
-
-
- vmovdqu8 256-64(%rsi),%zmm9
-
- cmpq $256-1,%rcx
- jbe .Laad_loop_1x__func1
-
-
- vmovdqu8 256-256(%rsi),%zmm6
- vmovdqu8 256-192(%rsi),%zmm7
- vmovdqu8 256-128(%rsi),%zmm8
-
-
-.Laad_loop_4x__func1:
- vmovdqu8 0(%rdx),%zmm0
- vmovdqu8 64(%rdx),%zmm1
- vmovdqu8 128(%rdx),%zmm2
- vmovdqu8 192(%rdx),%zmm3
- vpshufb %zmm4,%zmm0,%zmm0
- vpxord %zmm5,%zmm0,%zmm0
- vpshufb %zmm4,%zmm1,%zmm1
- vpshufb %zmm4,%zmm2,%zmm2
- vpshufb %zmm4,%zmm3,%zmm3
- vpclmulqdq $0x00,%zmm6,%zmm0,%zmm5
- vpclmulqdq $0x00,%zmm7,%zmm1,%zmm11
- vpclmulqdq $0x00,%zmm8,%zmm2,%zmm12
- vpxord %zmm11,%zmm5,%zmm5
- vpclmulqdq $0x00,%zmm9,%zmm3,%zmm13
- vpternlogd $0x96,%zmm13,%zmm12,%zmm5
- vpclmulqdq $0x01,%zmm6,%zmm0,%zmm11
- vpclmulqdq $0x01,%zmm7,%zmm1,%zmm12
- vpclmulqdq $0x01,%zmm8,%zmm2,%zmm13
- vpternlogd $0x96,%zmm13,%zmm12,%zmm11
- vpclmulqdq $0x01,%zmm9,%zmm3,%zmm12
- vpclmulqdq $0x10,%zmm6,%zmm0,%zmm13
- vpternlogd $0x96,%zmm13,%zmm12,%zmm11
- vpclmulqdq $0x10,%zmm7,%zmm1,%zmm12
- vpclmulqdq $0x10,%zmm8,%zmm2,%zmm13
- vpternlogd $0x96,%zmm13,%zmm12,%zmm11
- vpclmulqdq $0x01,%zmm5,%zmm10,%zmm13
- vpclmulqdq $0x10,%zmm9,%zmm3,%zmm12
- vpxord %zmm12,%zmm11,%zmm11
- vpshufd $0x4e,%zmm5,%zmm5
- vpclmulqdq $0x11,%zmm6,%zmm0,%zmm0
- vpclmulqdq $0x11,%zmm7,%zmm1,%zmm1
- vpclmulqdq $0x11,%zmm8,%zmm2,%zmm2
- vpternlogd $0x96,%zmm13,%zmm5,%zmm11
- vpclmulqdq $0x11,%zmm9,%zmm3,%zmm3
- vpternlogd $0x96,%zmm2,%zmm1,%zmm0
- vpclmulqdq $0x01,%zmm11,%zmm10,%zmm12
- vpxord %zmm3,%zmm0,%zmm5
- vpshufd $0x4e,%zmm11,%zmm11
- vpternlogd $0x96,%zmm12,%zmm11,%zmm5
- vextracti32x4 $1,%zmm5,%xmm0
- vextracti32x4 $2,%zmm5,%xmm1
- vextracti32x4 $3,%zmm5,%xmm2
- vpxord %xmm0,%xmm5,%xmm5
- vpternlogd $0x96,%xmm1,%xmm2,%xmm5
-
- subq $-256,%rdx
- addq $-256,%rcx
- cmpq $256-1,%rcx
- ja .Laad_loop_4x__func1
-
-
- cmpq $64,%rcx
- jb .Laad_large_done__func1
-.Laad_loop_1x__func1:
- vmovdqu8 (%rdx),%zmm0
- vpshufb %zmm4,%zmm0,%zmm0
- vpxord %zmm0,%zmm5,%zmm5
- vpclmulqdq $0x00,%zmm9,%zmm5,%zmm0
- vpclmulqdq $0x01,%zmm9,%zmm5,%zmm1
- vpclmulqdq $0x10,%zmm9,%zmm5,%zmm2
- vpxord %zmm2,%zmm1,%zmm1
- vpclmulqdq $0x01,%zmm0,%zmm10,%zmm2
- vpshufd $0x4e,%zmm0,%zmm0
- vpternlogd $0x96,%zmm2,%zmm0,%zmm1
- vpclmulqdq $0x11,%zmm9,%zmm5,%zmm5
- vpclmulqdq $0x01,%zmm1,%zmm10,%zmm0
- vpshufd $0x4e,%zmm1,%zmm1
- vpternlogd $0x96,%zmm0,%zmm1,%zmm5
-
- vextracti32x4 $1,%zmm5,%xmm0
- vextracti32x4 $2,%zmm5,%xmm1
- vextracti32x4 $3,%zmm5,%xmm2
- vpxord %xmm0,%xmm5,%xmm5
- vpternlogd $0x96,%xmm1,%xmm2,%xmm5
-
- addq $64,%rdx
- subq $64,%rcx
- cmpq $64,%rcx
- jae .Laad_loop_1x__func1
-
-.Laad_large_done__func1:
-
-
- vzeroupper
-
-
-.Laad_blockbyblock__func1:
- testq %rcx,%rcx
- jz .Laad_done__func1
- vmovdqu 256-16(%rsi),%xmm9
-.Laad_loop_blockbyblock__func1:
- vmovdqu (%rdx),%xmm0
- vpshufb %xmm4,%xmm0,%xmm0
- vpxor %xmm0,%xmm5,%xmm5
- vpclmulqdq $0x00,%xmm9,%xmm5,%xmm0
- vpclmulqdq $0x01,%xmm9,%xmm5,%xmm1
- vpclmulqdq $0x10,%xmm9,%xmm5,%xmm2
- vpxord %xmm2,%xmm1,%xmm1
- vpclmulqdq $0x01,%xmm0,%xmm10,%xmm2
- vpshufd $0x4e,%xmm0,%xmm0
- vpternlogd $0x96,%xmm2,%xmm0,%xmm1
- vpclmulqdq $0x11,%xmm9,%xmm5,%xmm5
- vpclmulqdq $0x01,%xmm1,%xmm10,%xmm0
- vpshufd $0x4e,%xmm1,%xmm1
- vpternlogd $0x96,%xmm0,%xmm1,%xmm5
-
- addq $16,%rdx
- subq $16,%rcx
- jnz .Laad_loop_blockbyblock__func1
-
-.Laad_done__func1:
-
- vpshufb %xmm4,%xmm5,%xmm5
- vmovdqu %xmm5,(%rdi)
- ret
-
-.cfi_endproc
-.size gcm_ghash_vpclmulqdq_avx10_512, . - gcm_ghash_vpclmulqdq_avx10_512
-.globl aes_gcm_enc_update_vaes_avx10_512
-.hidden aes_gcm_enc_update_vaes_avx10_512
-.type aes_gcm_enc_update_vaes_avx10_512,@function
-.align 32
-aes_gcm_enc_update_vaes_avx10_512:
-.cfi_startproc
-
-_CET_ENDBR
- pushq %r12
-.cfi_adjust_cfa_offset 8
-.cfi_offset %r12,-16
-
- movq 16(%rsp),%r12
-#ifdef BORINGSSL_DISPATCH_TEST
-.extern BORINGSSL_function_hit
-.hidden BORINGSSL_function_hit
- movb $1,BORINGSSL_function_hit+7(%rip)
-#endif
-
- vbroadcasti32x4 .Lbswap_mask(%rip),%zmm8
- vbroadcasti32x4 .Lgfpoly(%rip),%zmm31
-
-
-
- vmovdqu (%r12),%xmm10
- vpshufb %xmm8,%xmm10,%xmm10
- vbroadcasti32x4 (%r8),%zmm12
- vpshufb %zmm8,%zmm12,%zmm12
-
-
-
- movl 240(%rcx),%r10d
- leal -20(,%r10,4),%r10d
-
-
-
-
- leaq 96(%rcx,%r10,4),%r11
- vbroadcasti32x4 (%rcx),%zmm13
- vbroadcasti32x4 (%r11),%zmm14
-
-
- vpaddd .Lctr_pattern(%rip),%zmm12,%zmm12
-
-
- vbroadcasti32x4 .Linc_4blocks(%rip),%zmm11
-
-
-
- cmpq $256-1,%rdx
- jbe .Lcrypt_loop_4x_done__func1
-
-
- vmovdqu8 256-256(%r9),%zmm27
- vmovdqu8 256-192(%r9),%zmm28
- vmovdqu8 256-128(%r9),%zmm29
- vmovdqu8 256-64(%r9),%zmm30
-
-
-
-
- vpshufb %zmm8,%zmm12,%zmm0
- vpaddd %zmm11,%zmm12,%zmm12
- vpshufb %zmm8,%zmm12,%zmm1
- vpaddd %zmm11,%zmm12,%zmm12
- vpshufb %zmm8,%zmm12,%zmm2
- vpaddd %zmm11,%zmm12,%zmm12
- vpshufb %zmm8,%zmm12,%zmm3
- vpaddd %zmm11,%zmm12,%zmm12
-
-
- vpxord %zmm13,%zmm0,%zmm0
- vpxord %zmm13,%zmm1,%zmm1
- vpxord %zmm13,%zmm2,%zmm2
- vpxord %zmm13,%zmm3,%zmm3
-
- leaq 16(%rcx),%rax
-.Lvaesenc_loop_first_4_vecs__func1:
- vbroadcasti32x4 (%rax),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- vaesenc %zmm9,%zmm1,%zmm1
- vaesenc %zmm9,%zmm2,%zmm2
- vaesenc %zmm9,%zmm3,%zmm3
-
- addq $16,%rax
- cmpq %rax,%r11
- jne .Lvaesenc_loop_first_4_vecs__func1
-
-
-
- vpxord 0(%rdi),%zmm14,%zmm4
- vpxord 64(%rdi),%zmm14,%zmm5
- vpxord 128(%rdi),%zmm14,%zmm6
- vpxord 192(%rdi),%zmm14,%zmm7
-
-
-
- vaesenclast %zmm4,%zmm0,%zmm4
- vaesenclast %zmm5,%zmm1,%zmm5
- vaesenclast %zmm6,%zmm2,%zmm6
- vaesenclast %zmm7,%zmm3,%zmm7
-
-
- vmovdqu8 %zmm4,0(%rsi)
- vmovdqu8 %zmm5,64(%rsi)
- vmovdqu8 %zmm6,128(%rsi)
- vmovdqu8 %zmm7,192(%rsi)
-
- subq $-256,%rdi
- subq $-256,%rsi
- addq $-256,%rdx
- cmpq $256-1,%rdx
- jbe .Lghash_last_ciphertext_4x__func1
- vbroadcasti32x4 -144(%r11),%zmm15
- vbroadcasti32x4 -128(%r11),%zmm16
- vbroadcasti32x4 -112(%r11),%zmm17
- vbroadcasti32x4 -96(%r11),%zmm18
- vbroadcasti32x4 -80(%r11),%zmm19
- vbroadcasti32x4 -64(%r11),%zmm20
- vbroadcasti32x4 -48(%r11),%zmm21
- vbroadcasti32x4 -32(%r11),%zmm22
- vbroadcasti32x4 -16(%r11),%zmm23
-.Lcrypt_loop_4x__func1:
-
-
-
- vpshufb %zmm8,%zmm12,%zmm0
- vpaddd %zmm11,%zmm12,%zmm12
- vpshufb %zmm8,%zmm12,%zmm1
- vpaddd %zmm11,%zmm12,%zmm12
- vpshufb %zmm8,%zmm12,%zmm2
- vpaddd %zmm11,%zmm12,%zmm12
- vpshufb %zmm8,%zmm12,%zmm3
- vpaddd %zmm11,%zmm12,%zmm12
-
-
- vpxord %zmm13,%zmm0,%zmm0
- vpxord %zmm13,%zmm1,%zmm1
- vpxord %zmm13,%zmm2,%zmm2
- vpxord %zmm13,%zmm3,%zmm3
-
- cmpl $24,%r10d
- jl .Laes128__func1
- je .Laes192__func1
-
- vbroadcasti32x4 -208(%r11),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- vaesenc %zmm9,%zmm1,%zmm1
- vaesenc %zmm9,%zmm2,%zmm2
- vaesenc %zmm9,%zmm3,%zmm3
-
- vbroadcasti32x4 -192(%r11),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- vaesenc %zmm9,%zmm1,%zmm1
- vaesenc %zmm9,%zmm2,%zmm2
- vaesenc %zmm9,%zmm3,%zmm3
-
-.Laes192__func1:
- vbroadcasti32x4 -176(%r11),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- vaesenc %zmm9,%zmm1,%zmm1
- vaesenc %zmm9,%zmm2,%zmm2
- vaesenc %zmm9,%zmm3,%zmm3
-
- vbroadcasti32x4 -160(%r11),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- vaesenc %zmm9,%zmm1,%zmm1
- vaesenc %zmm9,%zmm2,%zmm2
- vaesenc %zmm9,%zmm3,%zmm3
-
-.Laes128__func1:
- prefetcht0 512+0(%rdi)
- prefetcht0 512+64(%rdi)
- prefetcht0 512+128(%rdi)
- prefetcht0 512+192(%rdi)
- vpshufb %zmm8,%zmm4,%zmm4
- vpxord %zmm10,%zmm4,%zmm4
- vpshufb %zmm8,%zmm5,%zmm5
- vpshufb %zmm8,%zmm6,%zmm6
-
- vaesenc %zmm15,%zmm0,%zmm0
- vaesenc %zmm15,%zmm1,%zmm1
- vaesenc %zmm15,%zmm2,%zmm2
- vaesenc %zmm15,%zmm3,%zmm3
-
- vpshufb %zmm8,%zmm7,%zmm7
- vpclmulqdq $0x00,%zmm27,%zmm4,%zmm10
- vpclmulqdq $0x00,%zmm28,%zmm5,%zmm24
- vpclmulqdq $0x00,%zmm29,%zmm6,%zmm25
-
- vaesenc %zmm16,%zmm0,%zmm0
- vaesenc %zmm16,%zmm1,%zmm1
- vaesenc %zmm16,%zmm2,%zmm2
- vaesenc %zmm16,%zmm3,%zmm3
-
- vpxord %zmm24,%zmm10,%zmm10
- vpclmulqdq $0x00,%zmm30,%zmm7,%zmm26
- vpternlogd $0x96,%zmm26,%zmm25,%zmm10
- vpclmulqdq $0x01,%zmm27,%zmm4,%zmm24
-
- vaesenc %zmm17,%zmm0,%zmm0
- vaesenc %zmm17,%zmm1,%zmm1
- vaesenc %zmm17,%zmm2,%zmm2
- vaesenc %zmm17,%zmm3,%zmm3
-
- vpclmulqdq $0x01,%zmm28,%zmm5,%zmm25
- vpclmulqdq $0x01,%zmm29,%zmm6,%zmm26
- vpternlogd $0x96,%zmm26,%zmm25,%zmm24
- vpclmulqdq $0x01,%zmm30,%zmm7,%zmm25
-
- vaesenc %zmm18,%zmm0,%zmm0
- vaesenc %zmm18,%zmm1,%zmm1
- vaesenc %zmm18,%zmm2,%zmm2
- vaesenc %zmm18,%zmm3,%zmm3
-
- vpclmulqdq $0x10,%zmm27,%zmm4,%zmm26
- vpternlogd $0x96,%zmm26,%zmm25,%zmm24
- vpclmulqdq $0x10,%zmm28,%zmm5,%zmm25
- vpclmulqdq $0x10,%zmm29,%zmm6,%zmm26
-
- vaesenc %zmm19,%zmm0,%zmm0
- vaesenc %zmm19,%zmm1,%zmm1
- vaesenc %zmm19,%zmm2,%zmm2
- vaesenc %zmm19,%zmm3,%zmm3
-
- vpternlogd $0x96,%zmm26,%zmm25,%zmm24
- vpclmulqdq $0x01,%zmm10,%zmm31,%zmm26
- vpclmulqdq $0x10,%zmm30,%zmm7,%zmm25
- vpxord %zmm25,%zmm24,%zmm24
-
- vaesenc %zmm20,%zmm0,%zmm0
- vaesenc %zmm20,%zmm1,%zmm1
- vaesenc %zmm20,%zmm2,%zmm2
- vaesenc %zmm20,%zmm3,%zmm3
-
- vpshufd $0x4e,%zmm10,%zmm10
- vpclmulqdq $0x11,%zmm27,%zmm4,%zmm4
- vpclmulqdq $0x11,%zmm28,%zmm5,%zmm5
- vpclmulqdq $0x11,%zmm29,%zmm6,%zmm6
-
- vaesenc %zmm21,%zmm0,%zmm0
- vaesenc %zmm21,%zmm1,%zmm1
- vaesenc %zmm21,%zmm2,%zmm2
- vaesenc %zmm21,%zmm3,%zmm3
-
- vpternlogd $0x96,%zmm26,%zmm10,%zmm24
- vpclmulqdq $0x11,%zmm30,%zmm7,%zmm7
- vpternlogd $0x96,%zmm6,%zmm5,%zmm4
- vpclmulqdq $0x01,%zmm24,%zmm31,%zmm25
-
- vaesenc %zmm22,%zmm0,%zmm0
- vaesenc %zmm22,%zmm1,%zmm1
- vaesenc %zmm22,%zmm2,%zmm2
- vaesenc %zmm22,%zmm3,%zmm3
-
- vpxord %zmm7,%zmm4,%zmm10
- vpshufd $0x4e,%zmm24,%zmm24
- vpternlogd $0x96,%zmm25,%zmm24,%zmm10
-
- vaesenc %zmm23,%zmm0,%zmm0
- vaesenc %zmm23,%zmm1,%zmm1
- vaesenc %zmm23,%zmm2,%zmm2
- vaesenc %zmm23,%zmm3,%zmm3
-
- vextracti32x4 $1,%zmm10,%xmm4
- vextracti32x4 $2,%zmm10,%xmm5
- vextracti32x4 $3,%zmm10,%xmm6
- vpxord %xmm4,%xmm10,%xmm10
- vpternlogd $0x96,%xmm5,%xmm6,%xmm10
-
-
-
-
- vpxord 0(%rdi),%zmm14,%zmm4
- vpxord 64(%rdi),%zmm14,%zmm5
- vpxord 128(%rdi),%zmm14,%zmm6
- vpxord 192(%rdi),%zmm14,%zmm7
-
-
-
- vaesenclast %zmm4,%zmm0,%zmm4
- vaesenclast %zmm5,%zmm1,%zmm5
- vaesenclast %zmm6,%zmm2,%zmm6
- vaesenclast %zmm7,%zmm3,%zmm7
-
-
- vmovdqu8 %zmm4,0(%rsi)
- vmovdqu8 %zmm5,64(%rsi)
- vmovdqu8 %zmm6,128(%rsi)
- vmovdqu8 %zmm7,192(%rsi)
-
- subq $-256,%rdi
- subq $-256,%rsi
- addq $-256,%rdx
- cmpq $256-1,%rdx
- ja .Lcrypt_loop_4x__func1
-.Lghash_last_ciphertext_4x__func1:
- vpshufb %zmm8,%zmm4,%zmm4
- vpxord %zmm10,%zmm4,%zmm4
- vpshufb %zmm8,%zmm5,%zmm5
- vpshufb %zmm8,%zmm6,%zmm6
- vpshufb %zmm8,%zmm7,%zmm7
- vpclmulqdq $0x00,%zmm27,%zmm4,%zmm10
- vpclmulqdq $0x00,%zmm28,%zmm5,%zmm24
- vpclmulqdq $0x00,%zmm29,%zmm6,%zmm25
- vpxord %zmm24,%zmm10,%zmm10
- vpclmulqdq $0x00,%zmm30,%zmm7,%zmm26
- vpternlogd $0x96,%zmm26,%zmm25,%zmm10
- vpclmulqdq $0x01,%zmm27,%zmm4,%zmm24
- vpclmulqdq $0x01,%zmm28,%zmm5,%zmm25
- vpclmulqdq $0x01,%zmm29,%zmm6,%zmm26
- vpternlogd $0x96,%zmm26,%zmm25,%zmm24
- vpclmulqdq $0x01,%zmm30,%zmm7,%zmm25
- vpclmulqdq $0x10,%zmm27,%zmm4,%zmm26
- vpternlogd $0x96,%zmm26,%zmm25,%zmm24
- vpclmulqdq $0x10,%zmm28,%zmm5,%zmm25
- vpclmulqdq $0x10,%zmm29,%zmm6,%zmm26
- vpternlogd $0x96,%zmm26,%zmm25,%zmm24
- vpclmulqdq $0x01,%zmm10,%zmm31,%zmm26
- vpclmulqdq $0x10,%zmm30,%zmm7,%zmm25
- vpxord %zmm25,%zmm24,%zmm24
- vpshufd $0x4e,%zmm10,%zmm10
- vpclmulqdq $0x11,%zmm27,%zmm4,%zmm4
- vpclmulqdq $0x11,%zmm28,%zmm5,%zmm5
- vpclmulqdq $0x11,%zmm29,%zmm6,%zmm6
- vpternlogd $0x96,%zmm26,%zmm10,%zmm24
- vpclmulqdq $0x11,%zmm30,%zmm7,%zmm7
- vpternlogd $0x96,%zmm6,%zmm5,%zmm4
- vpclmulqdq $0x01,%zmm24,%zmm31,%zmm25
- vpxord %zmm7,%zmm4,%zmm10
- vpshufd $0x4e,%zmm24,%zmm24
- vpternlogd $0x96,%zmm25,%zmm24,%zmm10
- vextracti32x4 $1,%zmm10,%xmm4
- vextracti32x4 $2,%zmm10,%xmm5
- vextracti32x4 $3,%zmm10,%xmm6
- vpxord %xmm4,%xmm10,%xmm10
- vpternlogd $0x96,%xmm5,%xmm6,%xmm10
-
-.Lcrypt_loop_4x_done__func1:
-
- testq %rdx,%rdx
- jz .Ldone__func1
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- movq %rdx,%rax
- negq %rax
- andq $-16,%rax
- leaq 256(%r9,%rax,1),%r8
- vpxor %xmm4,%xmm4,%xmm4
- vpxor %xmm5,%xmm5,%xmm5
- vpxor %xmm6,%xmm6,%xmm6
-
- cmpq $64,%rdx
- jb .Lpartial_vec__func1
-
-.Lcrypt_loop_1x__func1:
-
-
-
- vpshufb %zmm8,%zmm12,%zmm0
- vpaddd %zmm11,%zmm12,%zmm12
- vpxord %zmm13,%zmm0,%zmm0
- leaq 16(%rcx),%rax
-.Lvaesenc_loop_tail_full_vec__func1:
- vbroadcasti32x4 (%rax),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- addq $16,%rax
- cmpq %rax,%r11
- jne .Lvaesenc_loop_tail_full_vec__func1
- vaesenclast %zmm14,%zmm0,%zmm0
-
-
- vmovdqu8 (%rdi),%zmm1
- vpxord %zmm1,%zmm0,%zmm0
- vmovdqu8 %zmm0,(%rsi)
-
-
- vmovdqu8 (%r8),%zmm30
- vpshufb %zmm8,%zmm0,%zmm0
- vpxord %zmm10,%zmm0,%zmm0
- vpclmulqdq $0x00,%zmm30,%zmm0,%zmm7
- vpclmulqdq $0x01,%zmm30,%zmm0,%zmm1
- vpclmulqdq $0x10,%zmm30,%zmm0,%zmm2
- vpclmulqdq $0x11,%zmm30,%zmm0,%zmm3
- vpxord %zmm7,%zmm4,%zmm4
- vpternlogd $0x96,%zmm2,%zmm1,%zmm5
- vpxord %zmm3,%zmm6,%zmm6
-
- vpxor %xmm10,%xmm10,%xmm10
-
- addq $64,%r8
- addq $64,%rdi
- addq $64,%rsi
- subq $64,%rdx
- cmpq $64,%rdx
- jae .Lcrypt_loop_1x__func1
-
- testq %rdx,%rdx
- jz .Lreduce__func1
-
-.Lpartial_vec__func1:
-
-
-
-
- movq $-1,%rax
- bzhiq %rdx,%rax,%rax
- kmovq %rax,%k1
- addq $15,%rdx
- andq $-16,%rdx
- movq $-1,%rax
- bzhiq %rdx,%rax,%rax
- kmovq %rax,%k2
-
-
-
- vpshufb %zmm8,%zmm12,%zmm0
- vpxord %zmm13,%zmm0,%zmm0
- leaq 16(%rcx),%rax
-.Lvaesenc_loop_tail_partialvec__func1:
- vbroadcasti32x4 (%rax),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- addq $16,%rax
- cmpq %rax,%r11
- jne .Lvaesenc_loop_tail_partialvec__func1
- vaesenclast %zmm14,%zmm0,%zmm0
-
-
- vmovdqu8 (%rdi),%zmm1{%k1}{z}
- vpxord %zmm1,%zmm0,%zmm0
- vmovdqu8 %zmm0,(%rsi){%k1}
-
-
-
-
-
-
-
-
-
-
-
-
-
- vmovdqu8 (%r8),%zmm30{%k2}{z}
- vmovdqu8 %zmm0,%zmm1{%k1}{z}
- vpshufb %zmm8,%zmm1,%zmm0
- vpxord %zmm10,%zmm0,%zmm0
- vpclmulqdq $0x00,%zmm30,%zmm0,%zmm7
- vpclmulqdq $0x01,%zmm30,%zmm0,%zmm1
- vpclmulqdq $0x10,%zmm30,%zmm0,%zmm2
- vpclmulqdq $0x11,%zmm30,%zmm0,%zmm3
- vpxord %zmm7,%zmm4,%zmm4
- vpternlogd $0x96,%zmm2,%zmm1,%zmm5
- vpxord %zmm3,%zmm6,%zmm6
-
-
-.Lreduce__func1:
-
- vpclmulqdq $0x01,%zmm4,%zmm31,%zmm0
- vpshufd $0x4e,%zmm4,%zmm4
- vpternlogd $0x96,%zmm0,%zmm4,%zmm5
- vpclmulqdq $0x01,%zmm5,%zmm31,%zmm0
- vpshufd $0x4e,%zmm5,%zmm5
- vpternlogd $0x96,%zmm0,%zmm5,%zmm6
-
- vextracti32x4 $1,%zmm6,%xmm0
- vextracti32x4 $2,%zmm6,%xmm1
- vextracti32x4 $3,%zmm6,%xmm2
- vpxord %xmm0,%xmm6,%xmm10
- vpternlogd $0x96,%xmm1,%xmm2,%xmm10
-
-
-.Ldone__func1:
-
- vpshufb %xmm8,%xmm10,%xmm10
- vmovdqu %xmm10,(%r12)
-
- vzeroupper
- popq %r12
-.cfi_adjust_cfa_offset -8
-.cfi_restore %r12
- ret
-
-.cfi_endproc
-.size aes_gcm_enc_update_vaes_avx10_512, . - aes_gcm_enc_update_vaes_avx10_512
-.globl aes_gcm_dec_update_vaes_avx10_512
-.hidden aes_gcm_dec_update_vaes_avx10_512
-.type aes_gcm_dec_update_vaes_avx10_512,@function
-.align 32
-aes_gcm_dec_update_vaes_avx10_512:
-.cfi_startproc
-
-_CET_ENDBR
- pushq %r12
-.cfi_adjust_cfa_offset 8
-.cfi_offset %r12,-16
-
- movq 16(%rsp),%r12
-
- vbroadcasti32x4 .Lbswap_mask(%rip),%zmm8
- vbroadcasti32x4 .Lgfpoly(%rip),%zmm31
-
-
-
- vmovdqu (%r12),%xmm10
- vpshufb %xmm8,%xmm10,%xmm10
- vbroadcasti32x4 (%r8),%zmm12
- vpshufb %zmm8,%zmm12,%zmm12
-
-
-
- movl 240(%rcx),%r10d
- leal -20(,%r10,4),%r10d
-
-
-
-
- leaq 96(%rcx,%r10,4),%r11
- vbroadcasti32x4 (%rcx),%zmm13
- vbroadcasti32x4 (%r11),%zmm14
-
-
- vpaddd .Lctr_pattern(%rip),%zmm12,%zmm12
-
-
- vbroadcasti32x4 .Linc_4blocks(%rip),%zmm11
-
-
-
- cmpq $256-1,%rdx
- jbe .Lcrypt_loop_4x_done__func2
-
-
- vmovdqu8 256-256(%r9),%zmm27
- vmovdqu8 256-192(%r9),%zmm28
- vmovdqu8 256-128(%r9),%zmm29
- vmovdqu8 256-64(%r9),%zmm30
- vbroadcasti32x4 -144(%r11),%zmm15
- vbroadcasti32x4 -128(%r11),%zmm16
- vbroadcasti32x4 -112(%r11),%zmm17
- vbroadcasti32x4 -96(%r11),%zmm18
- vbroadcasti32x4 -80(%r11),%zmm19
- vbroadcasti32x4 -64(%r11),%zmm20
- vbroadcasti32x4 -48(%r11),%zmm21
- vbroadcasti32x4 -32(%r11),%zmm22
- vbroadcasti32x4 -16(%r11),%zmm23
-.Lcrypt_loop_4x__func2:
- vmovdqu8 0(%rdi),%zmm4
- vmovdqu8 64(%rdi),%zmm5
- vmovdqu8 128(%rdi),%zmm6
- vmovdqu8 192(%rdi),%zmm7
-
-
-
- vpshufb %zmm8,%zmm12,%zmm0
- vpaddd %zmm11,%zmm12,%zmm12
- vpshufb %zmm8,%zmm12,%zmm1
- vpaddd %zmm11,%zmm12,%zmm12
- vpshufb %zmm8,%zmm12,%zmm2
- vpaddd %zmm11,%zmm12,%zmm12
- vpshufb %zmm8,%zmm12,%zmm3
- vpaddd %zmm11,%zmm12,%zmm12
-
-
- vpxord %zmm13,%zmm0,%zmm0
- vpxord %zmm13,%zmm1,%zmm1
- vpxord %zmm13,%zmm2,%zmm2
- vpxord %zmm13,%zmm3,%zmm3
-
- cmpl $24,%r10d
- jl .Laes128__func2
- je .Laes192__func2
-
- vbroadcasti32x4 -208(%r11),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- vaesenc %zmm9,%zmm1,%zmm1
- vaesenc %zmm9,%zmm2,%zmm2
- vaesenc %zmm9,%zmm3,%zmm3
-
- vbroadcasti32x4 -192(%r11),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- vaesenc %zmm9,%zmm1,%zmm1
- vaesenc %zmm9,%zmm2,%zmm2
- vaesenc %zmm9,%zmm3,%zmm3
-
-.Laes192__func2:
- vbroadcasti32x4 -176(%r11),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- vaesenc %zmm9,%zmm1,%zmm1
- vaesenc %zmm9,%zmm2,%zmm2
- vaesenc %zmm9,%zmm3,%zmm3
-
- vbroadcasti32x4 -160(%r11),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- vaesenc %zmm9,%zmm1,%zmm1
- vaesenc %zmm9,%zmm2,%zmm2
- vaesenc %zmm9,%zmm3,%zmm3
-
-.Laes128__func2:
- prefetcht0 512+0(%rdi)
- prefetcht0 512+64(%rdi)
- prefetcht0 512+128(%rdi)
- prefetcht0 512+192(%rdi)
- vpshufb %zmm8,%zmm4,%zmm4
- vpxord %zmm10,%zmm4,%zmm4
- vpshufb %zmm8,%zmm5,%zmm5
- vpshufb %zmm8,%zmm6,%zmm6
-
- vaesenc %zmm15,%zmm0,%zmm0
- vaesenc %zmm15,%zmm1,%zmm1
- vaesenc %zmm15,%zmm2,%zmm2
- vaesenc %zmm15,%zmm3,%zmm3
-
- vpshufb %zmm8,%zmm7,%zmm7
- vpclmulqdq $0x00,%zmm27,%zmm4,%zmm10
- vpclmulqdq $0x00,%zmm28,%zmm5,%zmm24
- vpclmulqdq $0x00,%zmm29,%zmm6,%zmm25
-
- vaesenc %zmm16,%zmm0,%zmm0
- vaesenc %zmm16,%zmm1,%zmm1
- vaesenc %zmm16,%zmm2,%zmm2
- vaesenc %zmm16,%zmm3,%zmm3
-
- vpxord %zmm24,%zmm10,%zmm10
- vpclmulqdq $0x00,%zmm30,%zmm7,%zmm26
- vpternlogd $0x96,%zmm26,%zmm25,%zmm10
- vpclmulqdq $0x01,%zmm27,%zmm4,%zmm24
-
- vaesenc %zmm17,%zmm0,%zmm0
- vaesenc %zmm17,%zmm1,%zmm1
- vaesenc %zmm17,%zmm2,%zmm2
- vaesenc %zmm17,%zmm3,%zmm3
-
- vpclmulqdq $0x01,%zmm28,%zmm5,%zmm25
- vpclmulqdq $0x01,%zmm29,%zmm6,%zmm26
- vpternlogd $0x96,%zmm26,%zmm25,%zmm24
- vpclmulqdq $0x01,%zmm30,%zmm7,%zmm25
-
- vaesenc %zmm18,%zmm0,%zmm0
- vaesenc %zmm18,%zmm1,%zmm1
- vaesenc %zmm18,%zmm2,%zmm2
- vaesenc %zmm18,%zmm3,%zmm3
-
- vpclmulqdq $0x10,%zmm27,%zmm4,%zmm26
- vpternlogd $0x96,%zmm26,%zmm25,%zmm24
- vpclmulqdq $0x10,%zmm28,%zmm5,%zmm25
- vpclmulqdq $0x10,%zmm29,%zmm6,%zmm26
-
- vaesenc %zmm19,%zmm0,%zmm0
- vaesenc %zmm19,%zmm1,%zmm1
- vaesenc %zmm19,%zmm2,%zmm2
- vaesenc %zmm19,%zmm3,%zmm3
-
- vpternlogd $0x96,%zmm26,%zmm25,%zmm24
- vpclmulqdq $0x01,%zmm10,%zmm31,%zmm26
- vpclmulqdq $0x10,%zmm30,%zmm7,%zmm25
- vpxord %zmm25,%zmm24,%zmm24
-
- vaesenc %zmm20,%zmm0,%zmm0
- vaesenc %zmm20,%zmm1,%zmm1
- vaesenc %zmm20,%zmm2,%zmm2
- vaesenc %zmm20,%zmm3,%zmm3
-
- vpshufd $0x4e,%zmm10,%zmm10
- vpclmulqdq $0x11,%zmm27,%zmm4,%zmm4
- vpclmulqdq $0x11,%zmm28,%zmm5,%zmm5
- vpclmulqdq $0x11,%zmm29,%zmm6,%zmm6
-
- vaesenc %zmm21,%zmm0,%zmm0
- vaesenc %zmm21,%zmm1,%zmm1
- vaesenc %zmm21,%zmm2,%zmm2
- vaesenc %zmm21,%zmm3,%zmm3
-
- vpternlogd $0x96,%zmm26,%zmm10,%zmm24
- vpclmulqdq $0x11,%zmm30,%zmm7,%zmm7
- vpternlogd $0x96,%zmm6,%zmm5,%zmm4
- vpclmulqdq $0x01,%zmm24,%zmm31,%zmm25
-
- vaesenc %zmm22,%zmm0,%zmm0
- vaesenc %zmm22,%zmm1,%zmm1
- vaesenc %zmm22,%zmm2,%zmm2
- vaesenc %zmm22,%zmm3,%zmm3
-
- vpxord %zmm7,%zmm4,%zmm10
- vpshufd $0x4e,%zmm24,%zmm24
- vpternlogd $0x96,%zmm25,%zmm24,%zmm10
-
- vaesenc %zmm23,%zmm0,%zmm0
- vaesenc %zmm23,%zmm1,%zmm1
- vaesenc %zmm23,%zmm2,%zmm2
- vaesenc %zmm23,%zmm3,%zmm3
-
- vextracti32x4 $1,%zmm10,%xmm4
- vextracti32x4 $2,%zmm10,%xmm5
- vextracti32x4 $3,%zmm10,%xmm6
- vpxord %xmm4,%xmm10,%xmm10
- vpternlogd $0x96,%xmm5,%xmm6,%xmm10
-
-
-
-
- vpxord 0(%rdi),%zmm14,%zmm4
- vpxord 64(%rdi),%zmm14,%zmm5
- vpxord 128(%rdi),%zmm14,%zmm6
- vpxord 192(%rdi),%zmm14,%zmm7
-
-
-
- vaesenclast %zmm4,%zmm0,%zmm4
- vaesenclast %zmm5,%zmm1,%zmm5
- vaesenclast %zmm6,%zmm2,%zmm6
- vaesenclast %zmm7,%zmm3,%zmm7
-
-
- vmovdqu8 %zmm4,0(%rsi)
- vmovdqu8 %zmm5,64(%rsi)
- vmovdqu8 %zmm6,128(%rsi)
- vmovdqu8 %zmm7,192(%rsi)
-
- subq $-256,%rdi
- subq $-256,%rsi
- addq $-256,%rdx
- cmpq $256-1,%rdx
- ja .Lcrypt_loop_4x__func2
-.Lcrypt_loop_4x_done__func2:
-
- testq %rdx,%rdx
- jz .Ldone__func2
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- movq %rdx,%rax
- negq %rax
- andq $-16,%rax
- leaq 256(%r9,%rax,1),%r8
- vpxor %xmm4,%xmm4,%xmm4
- vpxor %xmm5,%xmm5,%xmm5
- vpxor %xmm6,%xmm6,%xmm6
-
- cmpq $64,%rdx
- jb .Lpartial_vec__func2
-
-.Lcrypt_loop_1x__func2:
-
-
-
- vpshufb %zmm8,%zmm12,%zmm0
- vpaddd %zmm11,%zmm12,%zmm12
- vpxord %zmm13,%zmm0,%zmm0
- leaq 16(%rcx),%rax
-.Lvaesenc_loop_tail_full_vec__func2:
- vbroadcasti32x4 (%rax),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- addq $16,%rax
- cmpq %rax,%r11
- jne .Lvaesenc_loop_tail_full_vec__func2
- vaesenclast %zmm14,%zmm0,%zmm0
-
-
- vmovdqu8 (%rdi),%zmm1
- vpxord %zmm1,%zmm0,%zmm0
- vmovdqu8 %zmm0,(%rsi)
-
-
- vmovdqu8 (%r8),%zmm30
- vpshufb %zmm8,%zmm1,%zmm0
- vpxord %zmm10,%zmm0,%zmm0
- vpclmulqdq $0x00,%zmm30,%zmm0,%zmm7
- vpclmulqdq $0x01,%zmm30,%zmm0,%zmm1
- vpclmulqdq $0x10,%zmm30,%zmm0,%zmm2
- vpclmulqdq $0x11,%zmm30,%zmm0,%zmm3
- vpxord %zmm7,%zmm4,%zmm4
- vpternlogd $0x96,%zmm2,%zmm1,%zmm5
- vpxord %zmm3,%zmm6,%zmm6
-
- vpxor %xmm10,%xmm10,%xmm10
-
- addq $64,%r8
- addq $64,%rdi
- addq $64,%rsi
- subq $64,%rdx
- cmpq $64,%rdx
- jae .Lcrypt_loop_1x__func2
-
- testq %rdx,%rdx
- jz .Lreduce__func2
-
-.Lpartial_vec__func2:
-
-
-
-
- movq $-1,%rax
- bzhiq %rdx,%rax,%rax
- kmovq %rax,%k1
- addq $15,%rdx
- andq $-16,%rdx
- movq $-1,%rax
- bzhiq %rdx,%rax,%rax
- kmovq %rax,%k2
-
-
-
- vpshufb %zmm8,%zmm12,%zmm0
- vpxord %zmm13,%zmm0,%zmm0
- leaq 16(%rcx),%rax
-.Lvaesenc_loop_tail_partialvec__func2:
- vbroadcasti32x4 (%rax),%zmm9
- vaesenc %zmm9,%zmm0,%zmm0
- addq $16,%rax
- cmpq %rax,%r11
- jne .Lvaesenc_loop_tail_partialvec__func2
- vaesenclast %zmm14,%zmm0,%zmm0
-
-
- vmovdqu8 (%rdi),%zmm1{%k1}{z}
- vpxord %zmm1,%zmm0,%zmm0
- vmovdqu8 %zmm0,(%rsi){%k1}
-
-
-
-
-
-
-
-
-
-
-
-
-
- vmovdqu8 (%r8),%zmm30{%k2}{z}
-
- vpshufb %zmm8,%zmm1,%zmm0
- vpxord %zmm10,%zmm0,%zmm0
- vpclmulqdq $0x00,%zmm30,%zmm0,%zmm7
- vpclmulqdq $0x01,%zmm30,%zmm0,%zmm1
- vpclmulqdq $0x10,%zmm30,%zmm0,%zmm2
- vpclmulqdq $0x11,%zmm30,%zmm0,%zmm3
- vpxord %zmm7,%zmm4,%zmm4
- vpternlogd $0x96,%zmm2,%zmm1,%zmm5
- vpxord %zmm3,%zmm6,%zmm6
-
-
-.Lreduce__func2:
-
- vpclmulqdq $0x01,%zmm4,%zmm31,%zmm0
- vpshufd $0x4e,%zmm4,%zmm4
- vpternlogd $0x96,%zmm0,%zmm4,%zmm5
- vpclmulqdq $0x01,%zmm5,%zmm31,%zmm0
- vpshufd $0x4e,%zmm5,%zmm5
- vpternlogd $0x96,%zmm0,%zmm5,%zmm6
-
- vextracti32x4 $1,%zmm6,%xmm0
- vextracti32x4 $2,%zmm6,%xmm1
- vextracti32x4 $3,%zmm6,%xmm2
- vpxord %xmm0,%xmm6,%xmm10
- vpternlogd $0x96,%xmm1,%xmm2,%xmm10
-
-
-.Ldone__func2:
-
- vpshufb %xmm8,%xmm10,%xmm10
- vmovdqu %xmm10,(%r12)
-
- vzeroupper
- popq %r12
-.cfi_adjust_cfa_offset -8
-.cfi_restore %r12
- ret
-
-.cfi_endproc
-.size aes_gcm_dec_update_vaes_avx10_512, . - aes_gcm_dec_update_vaes_avx10_512
-#endif
diff --git a/src/gen/bcm/aes-gcm-avx10-x86_64-win.asm b/src/gen/bcm/aes-gcm-avx10-x86_64-win.asm
deleted file mode 100644
index 733ae72..0000000
--- a/src/gen/bcm/aes-gcm-avx10-x86_64-win.asm
+++ /dev/null
@@ -1,1531 +0,0 @@
-; This file is generated from a similarly-named Perl script in the BoringSSL
-; source tree. Do not edit by hand.
-
-%ifidn __OUTPUT_FORMAT__, win64
-default rel
-%define XMMWORD
-%define YMMWORD
-%define ZMMWORD
-%define _CET_ENDBR
-
-%ifdef BORINGSSL_PREFIX
-%include "boringssl_prefix_symbols_nasm.inc"
-%endif
-section .rdata rdata align=8
-ALIGN 64
-
-
-$L$bswap_mask:
- DQ 0x08090a0b0c0d0e0f,0x0001020304050607
-
-
-
-
-
-
-
-
-$L$gfpoly:
- DQ 1,0xc200000000000000
-
-
-$L$gfpoly_and_internal_carrybit:
- DQ 1,0xc200000000000001
-
-
-
-
-
-$L$ctr_pattern:
- DQ 0,0
- DQ 1,0
-$L$inc_2blocks:
- DQ 2,0
- DQ 3,0
-$L$inc_4blocks:
- DQ 4,0
-
-section .text code align=64
-
-global gcm_gmult_vpclmulqdq_avx10
-
-ALIGN 32
-gcm_gmult_vpclmulqdq_avx10:
-
-$L$SEH_begin_gcm_gmult_vpclmulqdq_avx10_1:
-_CET_ENDBR
- sub rsp,24
-$L$SEH_prologue_gcm_gmult_vpclmulqdq_avx10_2:
- movdqa XMMWORD[rsp],xmm6
-$L$SEH_prologue_gcm_gmult_vpclmulqdq_avx10_3:
-
-$L$SEH_endprologue_gcm_gmult_vpclmulqdq_avx10_4:
-
- vmovdqu xmm0,XMMWORD[rcx]
- vmovdqu xmm1,XMMWORD[$L$bswap_mask]
- vmovdqu xmm2,XMMWORD[((256-16))+rdx]
- vmovdqu xmm3,XMMWORD[$L$gfpoly]
- vpshufb xmm0,xmm0,xmm1
-
- vpclmulqdq xmm4,xmm0,xmm2,0x00
- vpclmulqdq xmm5,xmm0,xmm2,0x01
- vpclmulqdq xmm6,xmm0,xmm2,0x10
- vpxord xmm5,xmm5,xmm6
- vpclmulqdq xmm6,xmm3,xmm4,0x01
- vpshufd xmm4,xmm4,0x4e
- vpternlogd xmm5,xmm4,xmm6,0x96
- vpclmulqdq xmm0,xmm0,xmm2,0x11
- vpclmulqdq xmm4,xmm3,xmm5,0x01
- vpshufd xmm5,xmm5,0x4e
- vpternlogd xmm0,xmm5,xmm4,0x96
-
-
- vpshufb xmm0,xmm0,xmm1
- vmovdqu XMMWORD[rcx],xmm0
- movdqa xmm6,XMMWORD[rsp]
- add rsp,24
- ret
-$L$SEH_end_gcm_gmult_vpclmulqdq_avx10_5:
-
-
-global gcm_init_vpclmulqdq_avx10_512
-
-ALIGN 32
-gcm_init_vpclmulqdq_avx10_512:
-
-
-_CET_ENDBR
-
- lea r8,[((256-64))+rcx]
-
-
-
- vpshufd xmm3,XMMWORD[rdx],0x4e
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- vpshufd xmm0,xmm3,0xd3
- vpsrad xmm0,xmm0,31
- vpaddq xmm3,xmm3,xmm3
-
- vpternlogd xmm3,xmm0,XMMWORD[$L$gfpoly_and_internal_carrybit],0x78
-
-
- vbroadcasti32x4 zmm5,ZMMWORD[$L$gfpoly]
-
-
-
-
-
-
-
-
- vpclmulqdq xmm0,xmm3,xmm3,0x00
- vpclmulqdq xmm1,xmm3,xmm3,0x01
- vpclmulqdq xmm2,xmm3,xmm3,0x10
- vpxord xmm1,xmm1,xmm2
- vpclmulqdq xmm2,xmm5,xmm0,0x01
- vpshufd xmm0,xmm0,0x4e
- vpternlogd xmm1,xmm0,xmm2,0x96
- vpclmulqdq xmm4,xmm3,xmm3,0x11
- vpclmulqdq xmm0,xmm5,xmm1,0x01
- vpshufd xmm1,xmm1,0x4e
- vpternlogd xmm4,xmm1,xmm0,0x96
-
-
-
- vinserti128 ymm3,ymm4,xmm3,1
- vinserti128 ymm4,ymm4,xmm4,1
- vpclmulqdq ymm0,ymm3,ymm4,0x00
- vpclmulqdq ymm1,ymm3,ymm4,0x01
- vpclmulqdq ymm2,ymm3,ymm4,0x10
- vpxord ymm1,ymm1,ymm2
- vpclmulqdq ymm2,ymm5,ymm0,0x01
- vpshufd ymm0,ymm0,0x4e
- vpternlogd ymm1,ymm0,ymm2,0x96
- vpclmulqdq ymm4,ymm3,ymm4,0x11
- vpclmulqdq ymm0,ymm5,ymm1,0x01
- vpshufd ymm1,ymm1,0x4e
- vpternlogd ymm4,ymm1,ymm0,0x96
-
- vinserti64x4 zmm3,zmm4,ymm3,1
- vshufi64x2 zmm4,zmm4,zmm4,0
-
- vmovdqu8 ZMMWORD[r8],zmm3
-
-
-
-
-
- mov eax,3
-$L$precompute_next__func1:
- sub r8,64
- vpclmulqdq zmm0,zmm3,zmm4,0x00
- vpclmulqdq zmm1,zmm3,zmm4,0x01
- vpclmulqdq zmm2,zmm3,zmm4,0x10
- vpxord zmm1,zmm1,zmm2
- vpclmulqdq zmm2,zmm5,zmm0,0x01
- vpshufd zmm0,zmm0,0x4e
- vpternlogd zmm1,zmm0,zmm2,0x96
- vpclmulqdq zmm3,zmm3,zmm4,0x11
- vpclmulqdq zmm0,zmm5,zmm1,0x01
- vpshufd zmm1,zmm1,0x4e
- vpternlogd zmm3,zmm1,zmm0,0x96
-
- vmovdqu8 ZMMWORD[r8],zmm3
- dec eax
- jnz NEAR $L$precompute_next__func1
-
- vzeroupper
- ret
-
-
-
-global gcm_ghash_vpclmulqdq_avx10_512
-
-ALIGN 32
-gcm_ghash_vpclmulqdq_avx10_512:
-
-$L$SEH_begin_gcm_ghash_vpclmulqdq_avx10_512_1:
-_CET_ENDBR
- sub rsp,136
-$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx10_512_2:
- movdqa XMMWORD[rsp],xmm6
-$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx10_512_3:
- movdqa XMMWORD[16+rsp],xmm7
-$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx10_512_4:
- movdqa XMMWORD[32+rsp],xmm8
-$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx10_512_5:
- movdqa XMMWORD[48+rsp],xmm9
-$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx10_512_6:
- movdqa XMMWORD[64+rsp],xmm10
-$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx10_512_7:
- movdqa XMMWORD[80+rsp],xmm11
-$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx10_512_8:
- movdqa XMMWORD[96+rsp],xmm12
-$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx10_512_9:
- movdqa XMMWORD[112+rsp],xmm13
-$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx10_512_10:
-
-$L$SEH_endprologue_gcm_ghash_vpclmulqdq_avx10_512_11:
-
-
-
-
- vmovdqu xmm4,XMMWORD[$L$bswap_mask]
- vmovdqu xmm10,XMMWORD[$L$gfpoly]
-
-
- vmovdqu xmm5,XMMWORD[rcx]
- vpshufb xmm5,xmm5,xmm4
-
-
- cmp r9,64
- jb NEAR $L$aad_blockbyblock__func1
-
-
-
- vshufi64x2 zmm4,zmm4,zmm4,0
- vshufi64x2 zmm10,zmm10,zmm10,0
-
-
- vmovdqu8 zmm9,ZMMWORD[((256-64))+rdx]
-
- cmp r9,4*64-1
- jbe NEAR $L$aad_loop_1x__func1
-
-
- vmovdqu8 zmm6,ZMMWORD[((256-256))+rdx]
- vmovdqu8 zmm7,ZMMWORD[((256-192))+rdx]
- vmovdqu8 zmm8,ZMMWORD[((256-128))+rdx]
-
-
-$L$aad_loop_4x__func1:
- vmovdqu8 zmm0,ZMMWORD[r8]
- vmovdqu8 zmm1,ZMMWORD[64+r8]
- vmovdqu8 zmm2,ZMMWORD[128+r8]
- vmovdqu8 zmm3,ZMMWORD[192+r8]
- vpshufb zmm0,zmm0,zmm4
- vpxord zmm0,zmm0,zmm5
- vpshufb zmm1,zmm1,zmm4
- vpshufb zmm2,zmm2,zmm4
- vpshufb zmm3,zmm3,zmm4
- vpclmulqdq zmm5,zmm0,zmm6,0x00
- vpclmulqdq zmm11,zmm1,zmm7,0x00
- vpclmulqdq zmm12,zmm2,zmm8,0x00
- vpxord zmm5,zmm5,zmm11
- vpclmulqdq zmm13,zmm3,zmm9,0x00
- vpternlogd zmm5,zmm12,zmm13,0x96
- vpclmulqdq zmm11,zmm0,zmm6,0x01
- vpclmulqdq zmm12,zmm1,zmm7,0x01
- vpclmulqdq zmm13,zmm2,zmm8,0x01
- vpternlogd zmm11,zmm12,zmm13,0x96
- vpclmulqdq zmm12,zmm3,zmm9,0x01
- vpclmulqdq zmm13,zmm0,zmm6,0x10
- vpternlogd zmm11,zmm12,zmm13,0x96
- vpclmulqdq zmm12,zmm1,zmm7,0x10
- vpclmulqdq zmm13,zmm2,zmm8,0x10
- vpternlogd zmm11,zmm12,zmm13,0x96
- vpclmulqdq zmm13,zmm10,zmm5,0x01
- vpclmulqdq zmm12,zmm3,zmm9,0x10
- vpxord zmm11,zmm11,zmm12
- vpshufd zmm5,zmm5,0x4e
- vpclmulqdq zmm0,zmm0,zmm6,0x11
- vpclmulqdq zmm1,zmm1,zmm7,0x11
- vpclmulqdq zmm2,zmm2,zmm8,0x11
- vpternlogd zmm11,zmm5,zmm13,0x96
- vpclmulqdq zmm3,zmm3,zmm9,0x11
- vpternlogd zmm0,zmm1,zmm2,0x96
- vpclmulqdq zmm12,zmm10,zmm11,0x01
- vpxord zmm5,zmm0,zmm3
- vpshufd zmm11,zmm11,0x4e
- vpternlogd zmm5,zmm11,zmm12,0x96
- vextracti32x4 xmm0,zmm5,1
- vextracti32x4 xmm1,zmm5,2
- vextracti32x4 xmm2,zmm5,3
- vpxord xmm5,xmm5,xmm0
- vpternlogd xmm5,xmm2,xmm1,0x96
-
- sub r8,-4*64
- add r9,-4*64
- cmp r9,4*64-1
- ja NEAR $L$aad_loop_4x__func1
-
-
- cmp r9,64
- jb NEAR $L$aad_large_done__func1
-$L$aad_loop_1x__func1:
- vmovdqu8 zmm0,ZMMWORD[r8]
- vpshufb zmm0,zmm0,zmm4
- vpxord zmm5,zmm5,zmm0
- vpclmulqdq zmm0,zmm5,zmm9,0x00
- vpclmulqdq zmm1,zmm5,zmm9,0x01
- vpclmulqdq zmm2,zmm5,zmm9,0x10
- vpxord zmm1,zmm1,zmm2
- vpclmulqdq zmm2,zmm10,zmm0,0x01
- vpshufd zmm0,zmm0,0x4e
- vpternlogd zmm1,zmm0,zmm2,0x96
- vpclmulqdq zmm5,zmm5,zmm9,0x11
- vpclmulqdq zmm0,zmm10,zmm1,0x01
- vpshufd zmm1,zmm1,0x4e
- vpternlogd zmm5,zmm1,zmm0,0x96
-
- vextracti32x4 xmm0,zmm5,1
- vextracti32x4 xmm1,zmm5,2
- vextracti32x4 xmm2,zmm5,3
- vpxord xmm5,xmm5,xmm0
- vpternlogd xmm5,xmm2,xmm1,0x96
-
- add r8,64
- sub r9,64
- cmp r9,64
- jae NEAR $L$aad_loop_1x__func1
-
-$L$aad_large_done__func1:
-
-
- vzeroupper
-
-
-$L$aad_blockbyblock__func1:
- test r9,r9
- jz NEAR $L$aad_done__func1
- vmovdqu xmm9,XMMWORD[((256-16))+rdx]
-$L$aad_loop_blockbyblock__func1:
- vmovdqu xmm0,XMMWORD[r8]
- vpshufb xmm0,xmm0,xmm4
- vpxor xmm5,xmm5,xmm0
- vpclmulqdq xmm0,xmm5,xmm9,0x00
- vpclmulqdq xmm1,xmm5,xmm9,0x01
- vpclmulqdq xmm2,xmm5,xmm9,0x10
- vpxord xmm1,xmm1,xmm2
- vpclmulqdq xmm2,xmm10,xmm0,0x01
- vpshufd xmm0,xmm0,0x4e
- vpternlogd xmm1,xmm0,xmm2,0x96
- vpclmulqdq xmm5,xmm5,xmm9,0x11
- vpclmulqdq xmm0,xmm10,xmm1,0x01
- vpshufd xmm1,xmm1,0x4e
- vpternlogd xmm5,xmm1,xmm0,0x96
-
- add r8,16
- sub r9,16
- jnz NEAR $L$aad_loop_blockbyblock__func1
-
-$L$aad_done__func1:
-
- vpshufb xmm5,xmm5,xmm4
- vmovdqu XMMWORD[rcx],xmm5
- movdqa xmm6,XMMWORD[rsp]
- movdqa xmm7,XMMWORD[16+rsp]
- movdqa xmm8,XMMWORD[32+rsp]
- movdqa xmm9,XMMWORD[48+rsp]
- movdqa xmm10,XMMWORD[64+rsp]
- movdqa xmm11,XMMWORD[80+rsp]
- movdqa xmm12,XMMWORD[96+rsp]
- movdqa xmm13,XMMWORD[112+rsp]
- add rsp,136
- ret
-$L$SEH_end_gcm_ghash_vpclmulqdq_avx10_512_12:
-
-
-global aes_gcm_enc_update_vaes_avx10_512
-
-ALIGN 32
-aes_gcm_enc_update_vaes_avx10_512:
-
-$L$SEH_begin_aes_gcm_enc_update_vaes_avx10_512_1:
-_CET_ENDBR
- push rsi
-$L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_2:
- push rdi
-$L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_3:
- push r12
-$L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_4:
-
- mov rsi,QWORD[64+rsp]
- mov rdi,QWORD[72+rsp]
- mov r12,QWORD[80+rsp]
- sub rsp,160
-$L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_5:
- movdqa XMMWORD[rsp],xmm6
-$L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_6:
- movdqa XMMWORD[16+rsp],xmm7
-$L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_7:
- movdqa XMMWORD[32+rsp],xmm8
-$L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_8:
- movdqa XMMWORD[48+rsp],xmm9
-$L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_9:
- movdqa XMMWORD[64+rsp],xmm10
-$L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_10:
- movdqa XMMWORD[80+rsp],xmm11
-$L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_11:
- movdqa XMMWORD[96+rsp],xmm12
-$L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_12:
- movdqa XMMWORD[112+rsp],xmm13
-$L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_13:
- movdqa XMMWORD[128+rsp],xmm14
-$L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_14:
- movdqa XMMWORD[144+rsp],xmm15
-$L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_15:
-
-$L$SEH_endprologue_aes_gcm_enc_update_vaes_avx10_512_16:
-%ifdef BORINGSSL_DISPATCH_TEST
-EXTERN BORINGSSL_function_hit
- mov BYTE[((BORINGSSL_function_hit+7))],1
-%endif
-
- vbroadcasti32x4 zmm8,ZMMWORD[$L$bswap_mask]
- vbroadcasti32x4 zmm31,ZMMWORD[$L$gfpoly]
-
-
-
- vmovdqu xmm10,XMMWORD[r12]
- vpshufb xmm10,xmm10,xmm8
- vbroadcasti32x4 zmm12,ZMMWORD[rsi]
- vpshufb zmm12,zmm12,zmm8
-
-
-
- mov r10d,DWORD[240+r9]
- lea r10d,[((-20))+r10*4]
-
-
-
-
- lea r11,[96+r10*4+r9]
- vbroadcasti32x4 zmm13,ZMMWORD[r9]
- vbroadcasti32x4 zmm14,ZMMWORD[r11]
-
-
- vpaddd zmm12,zmm12,ZMMWORD[$L$ctr_pattern]
-
-
- vbroadcasti32x4 zmm11,ZMMWORD[$L$inc_4blocks]
-
-
-
- cmp r8,4*64-1
- jbe NEAR $L$crypt_loop_4x_done__func1
-
-
- vmovdqu8 zmm27,ZMMWORD[((256-256))+rdi]
- vmovdqu8 zmm28,ZMMWORD[((256-192))+rdi]
- vmovdqu8 zmm29,ZMMWORD[((256-128))+rdi]
- vmovdqu8 zmm30,ZMMWORD[((256-64))+rdi]
-
-
-
-
- vpshufb zmm0,zmm12,zmm8
- vpaddd zmm12,zmm12,zmm11
- vpshufb zmm1,zmm12,zmm8
- vpaddd zmm12,zmm12,zmm11
- vpshufb zmm2,zmm12,zmm8
- vpaddd zmm12,zmm12,zmm11
- vpshufb zmm3,zmm12,zmm8
- vpaddd zmm12,zmm12,zmm11
-
-
- vpxord zmm0,zmm0,zmm13
- vpxord zmm1,zmm1,zmm13
- vpxord zmm2,zmm2,zmm13
- vpxord zmm3,zmm3,zmm13
-
- lea rax,[16+r9]
-$L$vaesenc_loop_first_4_vecs__func1:
- vbroadcasti32x4 zmm9,ZMMWORD[rax]
- vaesenc zmm0,zmm0,zmm9
- vaesenc zmm1,zmm1,zmm9
- vaesenc zmm2,zmm2,zmm9
- vaesenc zmm3,zmm3,zmm9
-
- add rax,16
- cmp r11,rax
- jne NEAR $L$vaesenc_loop_first_4_vecs__func1
-
-
-
- vpxord zmm4,zmm14,ZMMWORD[rcx]
- vpxord zmm5,zmm14,ZMMWORD[64+rcx]
- vpxord zmm6,zmm14,ZMMWORD[128+rcx]
- vpxord zmm7,zmm14,ZMMWORD[192+rcx]
-
-
-
- vaesenclast zmm4,zmm0,zmm4
- vaesenclast zmm5,zmm1,zmm5
- vaesenclast zmm6,zmm2,zmm6
- vaesenclast zmm7,zmm3,zmm7
-
-
- vmovdqu8 ZMMWORD[rdx],zmm4
- vmovdqu8 ZMMWORD[64+rdx],zmm5
- vmovdqu8 ZMMWORD[128+rdx],zmm6
- vmovdqu8 ZMMWORD[192+rdx],zmm7
-
- sub rcx,-4*64
- sub rdx,-4*64
- add r8,-4*64
- cmp r8,4*64-1
- jbe NEAR $L$ghash_last_ciphertext_4x__func1
- vbroadcasti32x4 zmm15,ZMMWORD[((-144))+r11]
- vbroadcasti32x4 zmm16,ZMMWORD[((-128))+r11]
- vbroadcasti32x4 zmm17,ZMMWORD[((-112))+r11]
- vbroadcasti32x4 zmm18,ZMMWORD[((-96))+r11]
- vbroadcasti32x4 zmm19,ZMMWORD[((-80))+r11]
- vbroadcasti32x4 zmm20,ZMMWORD[((-64))+r11]
- vbroadcasti32x4 zmm21,ZMMWORD[((-48))+r11]
- vbroadcasti32x4 zmm22,ZMMWORD[((-32))+r11]
- vbroadcasti32x4 zmm23,ZMMWORD[((-16))+r11]
-$L$crypt_loop_4x__func1:
-
-
-
- vpshufb zmm0,zmm12,zmm8
- vpaddd zmm12,zmm12,zmm11
- vpshufb zmm1,zmm12,zmm8
- vpaddd zmm12,zmm12,zmm11
- vpshufb zmm2,zmm12,zmm8
- vpaddd zmm12,zmm12,zmm11
- vpshufb zmm3,zmm12,zmm8
- vpaddd zmm12,zmm12,zmm11
-
-
- vpxord zmm0,zmm0,zmm13
- vpxord zmm1,zmm1,zmm13
- vpxord zmm2,zmm2,zmm13
- vpxord zmm3,zmm3,zmm13
-
- cmp r10d,24
- jl NEAR $L$aes128__func1
- je NEAR $L$aes192__func1
-
- vbroadcasti32x4 zmm9,ZMMWORD[((-208))+r11]
- vaesenc zmm0,zmm0,zmm9
- vaesenc zmm1,zmm1,zmm9
- vaesenc zmm2,zmm2,zmm9
- vaesenc zmm3,zmm3,zmm9
-
- vbroadcasti32x4 zmm9,ZMMWORD[((-192))+r11]
- vaesenc zmm0,zmm0,zmm9
- vaesenc zmm1,zmm1,zmm9
- vaesenc zmm2,zmm2,zmm9
- vaesenc zmm3,zmm3,zmm9
-
-$L$aes192__func1:
- vbroadcasti32x4 zmm9,ZMMWORD[((-176))+r11]
- vaesenc zmm0,zmm0,zmm9
- vaesenc zmm1,zmm1,zmm9
- vaesenc zmm2,zmm2,zmm9
- vaesenc zmm3,zmm3,zmm9
-
- vbroadcasti32x4 zmm9,ZMMWORD[((-160))+r11]
- vaesenc zmm0,zmm0,zmm9
- vaesenc zmm1,zmm1,zmm9
- vaesenc zmm2,zmm2,zmm9
- vaesenc zmm3,zmm3,zmm9
-
-$L$aes128__func1:
- prefetcht0 [((512+0))+rcx]
- prefetcht0 [((512+64))+rcx]
- prefetcht0 [((512+128))+rcx]
- prefetcht0 [((512+192))+rcx]
- vpshufb zmm4,zmm4,zmm8
- vpxord zmm4,zmm4,zmm10
- vpshufb zmm5,zmm5,zmm8
- vpshufb zmm6,zmm6,zmm8
-
- vaesenc zmm0,zmm0,zmm15
- vaesenc zmm1,zmm1,zmm15
- vaesenc zmm2,zmm2,zmm15
- vaesenc zmm3,zmm3,zmm15
-
- vpshufb zmm7,zmm7,zmm8
- vpclmulqdq zmm10,zmm4,zmm27,0x00
- vpclmulqdq zmm24,zmm5,zmm28,0x00
- vpclmulqdq zmm25,zmm6,zmm29,0x00
-
- vaesenc zmm0,zmm0,zmm16
- vaesenc zmm1,zmm1,zmm16
- vaesenc zmm2,zmm2,zmm16
- vaesenc zmm3,zmm3,zmm16
-
- vpxord zmm10,zmm10,zmm24
- vpclmulqdq zmm26,zmm7,zmm30,0x00
- vpternlogd zmm10,zmm25,zmm26,0x96
- vpclmulqdq zmm24,zmm4,zmm27,0x01
-
- vaesenc zmm0,zmm0,zmm17
- vaesenc zmm1,zmm1,zmm17
- vaesenc zmm2,zmm2,zmm17
- vaesenc zmm3,zmm3,zmm17
-
- vpclmulqdq zmm25,zmm5,zmm28,0x01
- vpclmulqdq zmm26,zmm6,zmm29,0x01
- vpternlogd zmm24,zmm25,zmm26,0x96
- vpclmulqdq zmm25,zmm7,zmm30,0x01
-
- vaesenc zmm0,zmm0,zmm18
- vaesenc zmm1,zmm1,zmm18
- vaesenc zmm2,zmm2,zmm18
- vaesenc zmm3,zmm3,zmm18
-
- vpclmulqdq zmm26,zmm4,zmm27,0x10
- vpternlogd zmm24,zmm25,zmm26,0x96
- vpclmulqdq zmm25,zmm5,zmm28,0x10
- vpclmulqdq zmm26,zmm6,zmm29,0x10
-
- vaesenc zmm0,zmm0,zmm19
- vaesenc zmm1,zmm1,zmm19
- vaesenc zmm2,zmm2,zmm19
- vaesenc zmm3,zmm3,zmm19
-
- vpternlogd zmm24,zmm25,zmm26,0x96
- vpclmulqdq zmm26,zmm31,zmm10,0x01
- vpclmulqdq zmm25,zmm7,zmm30,0x10
- vpxord zmm24,zmm24,zmm25
-
- vaesenc zmm0,zmm0,zmm20
- vaesenc zmm1,zmm1,zmm20
- vaesenc zmm2,zmm2,zmm20
- vaesenc zmm3,zmm3,zmm20
-
- vpshufd zmm10,zmm10,0x4e
- vpclmulqdq zmm4,zmm4,zmm27,0x11
- vpclmulqdq zmm5,zmm5,zmm28,0x11
- vpclmulqdq zmm6,zmm6,zmm29,0x11
-
- vaesenc zmm0,zmm0,zmm21
- vaesenc zmm1,zmm1,zmm21
- vaesenc zmm2,zmm2,zmm21
- vaesenc zmm3,zmm3,zmm21
-
- vpternlogd zmm24,zmm10,zmm26,0x96
- vpclmulqdq zmm7,zmm7,zmm30,0x11
- vpternlogd zmm4,zmm5,zmm6,0x96
- vpclmulqdq zmm25,zmm31,zmm24,0x01
-
- vaesenc zmm0,zmm0,zmm22
- vaesenc zmm1,zmm1,zmm22
- vaesenc zmm2,zmm2,zmm22
- vaesenc zmm3,zmm3,zmm22
-
- vpxord zmm10,zmm4,zmm7
- vpshufd zmm24,zmm24,0x4e
- vpternlogd zmm10,zmm24,zmm25,0x96
-
- vaesenc zmm0,zmm0,zmm23
- vaesenc zmm1,zmm1,zmm23
- vaesenc zmm2,zmm2,zmm23
- vaesenc zmm3,zmm3,zmm23
-
- vextracti32x4 xmm4,zmm10,1
- vextracti32x4 xmm5,zmm10,2
- vextracti32x4 xmm6,zmm10,3
- vpxord xmm10,xmm10,xmm4
- vpternlogd xmm10,xmm6,xmm5,0x96
-
-
-
-
- vpxord zmm4,zmm14,ZMMWORD[rcx]
- vpxord zmm5,zmm14,ZMMWORD[64+rcx]
- vpxord zmm6,zmm14,ZMMWORD[128+rcx]
- vpxord zmm7,zmm14,ZMMWORD[192+rcx]
-
-
-
- vaesenclast zmm4,zmm0,zmm4
- vaesenclast zmm5,zmm1,zmm5
- vaesenclast zmm6,zmm2,zmm6
- vaesenclast zmm7,zmm3,zmm7
-
-
- vmovdqu8 ZMMWORD[rdx],zmm4
- vmovdqu8 ZMMWORD[64+rdx],zmm5
- vmovdqu8 ZMMWORD[128+rdx],zmm6
- vmovdqu8 ZMMWORD[192+rdx],zmm7
-
- sub rcx,-4*64
- sub rdx,-4*64
- add r8,-4*64
- cmp r8,4*64-1
- ja NEAR $L$crypt_loop_4x__func1
-$L$ghash_last_ciphertext_4x__func1:
- vpshufb zmm4,zmm4,zmm8
- vpxord zmm4,zmm4,zmm10
- vpshufb zmm5,zmm5,zmm8
- vpshufb zmm6,zmm6,zmm8
- vpshufb zmm7,zmm7,zmm8
- vpclmulqdq zmm10,zmm4,zmm27,0x00
- vpclmulqdq zmm24,zmm5,zmm28,0x00
- vpclmulqdq zmm25,zmm6,zmm29,0x00
- vpxord zmm10,zmm10,zmm24
- vpclmulqdq zmm26,zmm7,zmm30,0x00
- vpternlogd zmm10,zmm25,zmm26,0x96
- vpclmulqdq zmm24,zmm4,zmm27,0x01
- vpclmulqdq zmm25,zmm5,zmm28,0x01
- vpclmulqdq zmm26,zmm6,zmm29,0x01
- vpternlogd zmm24,zmm25,zmm26,0x96
- vpclmulqdq zmm25,zmm7,zmm30,0x01
- vpclmulqdq zmm26,zmm4,zmm27,0x10
- vpternlogd zmm24,zmm25,zmm26,0x96
- vpclmulqdq zmm25,zmm5,zmm28,0x10
- vpclmulqdq zmm26,zmm6,zmm29,0x10
- vpternlogd zmm24,zmm25,zmm26,0x96
- vpclmulqdq zmm26,zmm31,zmm10,0x01
- vpclmulqdq zmm25,zmm7,zmm30,0x10
- vpxord zmm24,zmm24,zmm25
- vpshufd zmm10,zmm10,0x4e
- vpclmulqdq zmm4,zmm4,zmm27,0x11
- vpclmulqdq zmm5,zmm5,zmm28,0x11
- vpclmulqdq zmm6,zmm6,zmm29,0x11
- vpternlogd zmm24,zmm10,zmm26,0x96
- vpclmulqdq zmm7,zmm7,zmm30,0x11
- vpternlogd zmm4,zmm5,zmm6,0x96
- vpclmulqdq zmm25,zmm31,zmm24,0x01
- vpxord zmm10,zmm4,zmm7
- vpshufd zmm24,zmm24,0x4e
- vpternlogd zmm10,zmm24,zmm25,0x96
- vextracti32x4 xmm4,zmm10,1
- vextracti32x4 xmm5,zmm10,2
- vextracti32x4 xmm6,zmm10,3
- vpxord xmm10,xmm10,xmm4
- vpternlogd xmm10,xmm6,xmm5,0x96
-
-$L$crypt_loop_4x_done__func1:
-
- test r8,r8
- jz NEAR $L$done__func1
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- mov rax,r8
- neg rax
- and rax,-16
- lea rsi,[256+rax*1+rdi]
- vpxor xmm4,xmm4,xmm4
- vpxor xmm5,xmm5,xmm5
- vpxor xmm6,xmm6,xmm6
-
- cmp r8,64
- jb NEAR $L$partial_vec__func1
-
-$L$crypt_loop_1x__func1:
-
-
-
- vpshufb zmm0,zmm12,zmm8
- vpaddd zmm12,zmm12,zmm11
- vpxord zmm0,zmm0,zmm13
- lea rax,[16+r9]
-$L$vaesenc_loop_tail_full_vec__func1:
- vbroadcasti32x4 zmm9,ZMMWORD[rax]
- vaesenc zmm0,zmm0,zmm9
- add rax,16
- cmp r11,rax
- jne NEAR $L$vaesenc_loop_tail_full_vec__func1
- vaesenclast zmm0,zmm0,zmm14
-
-
- vmovdqu8 zmm1,ZMMWORD[rcx]
- vpxord zmm0,zmm0,zmm1
- vmovdqu8 ZMMWORD[rdx],zmm0
-
-
- vmovdqu8 zmm30,ZMMWORD[rsi]
- vpshufb zmm0,zmm0,zmm8
- vpxord zmm0,zmm0,zmm10
- vpclmulqdq zmm7,zmm0,zmm30,0x00
- vpclmulqdq zmm1,zmm0,zmm30,0x01
- vpclmulqdq zmm2,zmm0,zmm30,0x10
- vpclmulqdq zmm3,zmm0,zmm30,0x11
- vpxord zmm4,zmm4,zmm7
- vpternlogd zmm5,zmm1,zmm2,0x96
- vpxord zmm6,zmm6,zmm3
-
- vpxor xmm10,xmm10,xmm10
-
- add rsi,64
- add rcx,64
- add rdx,64
- sub r8,64
- cmp r8,64
- jae NEAR $L$crypt_loop_1x__func1
-
- test r8,r8
- jz NEAR $L$reduce__func1
-
-$L$partial_vec__func1:
-
-
-
-
- mov rax,-1
- bzhi rax,rax,r8
- kmovq k1,rax
- add r8,15
- and r8,-16
- mov rax,-1
- bzhi rax,rax,r8
- kmovq k2,rax
-
-
-
- vpshufb zmm0,zmm12,zmm8
- vpxord zmm0,zmm0,zmm13
- lea rax,[16+r9]
-$L$vaesenc_loop_tail_partialvec__func1:
- vbroadcasti32x4 zmm9,ZMMWORD[rax]
- vaesenc zmm0,zmm0,zmm9
- add rax,16
- cmp r11,rax
- jne NEAR $L$vaesenc_loop_tail_partialvec__func1
- vaesenclast zmm0,zmm0,zmm14
-
-
- vmovdqu8 zmm1{k1}{z},[rcx]
- vpxord zmm0,zmm0,zmm1
- vmovdqu8 ZMMWORD[rdx]{k1},zmm0
-
-
-
-
-
-
-
-
-
-
-
-
-
- vmovdqu8 zmm30{k2}{z},[rsi]
- vmovdqu8 zmm1{k1}{z},zmm0
- vpshufb zmm0,zmm1,zmm8
- vpxord zmm0,zmm0,zmm10
- vpclmulqdq zmm7,zmm0,zmm30,0x00
- vpclmulqdq zmm1,zmm0,zmm30,0x01
- vpclmulqdq zmm2,zmm0,zmm30,0x10
- vpclmulqdq zmm3,zmm0,zmm30,0x11
- vpxord zmm4,zmm4,zmm7
- vpternlogd zmm5,zmm1,zmm2,0x96
- vpxord zmm6,zmm6,zmm3
-
-
-$L$reduce__func1:
-
- vpclmulqdq zmm0,zmm31,zmm4,0x01
- vpshufd zmm4,zmm4,0x4e
- vpternlogd zmm5,zmm4,zmm0,0x96
- vpclmulqdq zmm0,zmm31,zmm5,0x01
- vpshufd zmm5,zmm5,0x4e
- vpternlogd zmm6,zmm5,zmm0,0x96
-
- vextracti32x4 xmm0,zmm6,1
- vextracti32x4 xmm1,zmm6,2
- vextracti32x4 xmm2,zmm6,3
- vpxord xmm10,xmm6,xmm0
- vpternlogd xmm10,xmm2,xmm1,0x96
-
-
-$L$done__func1:
-
- vpshufb xmm10,xmm10,xmm8
- vmovdqu XMMWORD[r12],xmm10
-
- vzeroupper
- movdqa xmm6,XMMWORD[rsp]
- movdqa xmm7,XMMWORD[16+rsp]
- movdqa xmm8,XMMWORD[32+rsp]
- movdqa xmm9,XMMWORD[48+rsp]
- movdqa xmm10,XMMWORD[64+rsp]
- movdqa xmm11,XMMWORD[80+rsp]
- movdqa xmm12,XMMWORD[96+rsp]
- movdqa xmm13,XMMWORD[112+rsp]
- movdqa xmm14,XMMWORD[128+rsp]
- movdqa xmm15,XMMWORD[144+rsp]
- add rsp,160
- pop r12
- pop rdi
- pop rsi
- ret
-$L$SEH_end_aes_gcm_enc_update_vaes_avx10_512_17:
-
-
-global aes_gcm_dec_update_vaes_avx10_512
-
-ALIGN 32
-aes_gcm_dec_update_vaes_avx10_512:
-
-$L$SEH_begin_aes_gcm_dec_update_vaes_avx10_512_1:
-_CET_ENDBR
- push rsi
-$L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_2:
- push rdi
-$L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_3:
- push r12
-$L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_4:
-
- mov rsi,QWORD[64+rsp]
- mov rdi,QWORD[72+rsp]
- mov r12,QWORD[80+rsp]
- sub rsp,160
-$L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_5:
- movdqa XMMWORD[rsp],xmm6
-$L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_6:
- movdqa XMMWORD[16+rsp],xmm7
-$L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_7:
- movdqa XMMWORD[32+rsp],xmm8
-$L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_8:
- movdqa XMMWORD[48+rsp],xmm9
-$L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_9:
- movdqa XMMWORD[64+rsp],xmm10
-$L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_10:
- movdqa XMMWORD[80+rsp],xmm11
-$L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_11:
- movdqa XMMWORD[96+rsp],xmm12
-$L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_12:
- movdqa XMMWORD[112+rsp],xmm13
-$L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_13:
- movdqa XMMWORD[128+rsp],xmm14
-$L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_14:
- movdqa XMMWORD[144+rsp],xmm15
-$L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_15:
-
-$L$SEH_endprologue_aes_gcm_dec_update_vaes_avx10_512_16:
-
- vbroadcasti32x4 zmm8,ZMMWORD[$L$bswap_mask]
- vbroadcasti32x4 zmm31,ZMMWORD[$L$gfpoly]
-
-
-
- vmovdqu xmm10,XMMWORD[r12]
- vpshufb xmm10,xmm10,xmm8
- vbroadcasti32x4 zmm12,ZMMWORD[rsi]
- vpshufb zmm12,zmm12,zmm8
-
-
-
- mov r10d,DWORD[240+r9]
- lea r10d,[((-20))+r10*4]
-
-
-
-
- lea r11,[96+r10*4+r9]
- vbroadcasti32x4 zmm13,ZMMWORD[r9]
- vbroadcasti32x4 zmm14,ZMMWORD[r11]
-
-
- vpaddd zmm12,zmm12,ZMMWORD[$L$ctr_pattern]
-
-
- vbroadcasti32x4 zmm11,ZMMWORD[$L$inc_4blocks]
-
-
-
- cmp r8,4*64-1
- jbe NEAR $L$crypt_loop_4x_done__func2
-
-
- vmovdqu8 zmm27,ZMMWORD[((256-256))+rdi]
- vmovdqu8 zmm28,ZMMWORD[((256-192))+rdi]
- vmovdqu8 zmm29,ZMMWORD[((256-128))+rdi]
- vmovdqu8 zmm30,ZMMWORD[((256-64))+rdi]
- vbroadcasti32x4 zmm15,ZMMWORD[((-144))+r11]
- vbroadcasti32x4 zmm16,ZMMWORD[((-128))+r11]
- vbroadcasti32x4 zmm17,ZMMWORD[((-112))+r11]
- vbroadcasti32x4 zmm18,ZMMWORD[((-96))+r11]
- vbroadcasti32x4 zmm19,ZMMWORD[((-80))+r11]
- vbroadcasti32x4 zmm20,ZMMWORD[((-64))+r11]
- vbroadcasti32x4 zmm21,ZMMWORD[((-48))+r11]
- vbroadcasti32x4 zmm22,ZMMWORD[((-32))+r11]
- vbroadcasti32x4 zmm23,ZMMWORD[((-16))+r11]
-$L$crypt_loop_4x__func2:
- vmovdqu8 zmm4,ZMMWORD[rcx]
- vmovdqu8 zmm5,ZMMWORD[64+rcx]
- vmovdqu8 zmm6,ZMMWORD[128+rcx]
- vmovdqu8 zmm7,ZMMWORD[192+rcx]
-
-
-
- vpshufb zmm0,zmm12,zmm8
- vpaddd zmm12,zmm12,zmm11
- vpshufb zmm1,zmm12,zmm8
- vpaddd zmm12,zmm12,zmm11
- vpshufb zmm2,zmm12,zmm8
- vpaddd zmm12,zmm12,zmm11
- vpshufb zmm3,zmm12,zmm8
- vpaddd zmm12,zmm12,zmm11
-
-
- vpxord zmm0,zmm0,zmm13
- vpxord zmm1,zmm1,zmm13
- vpxord zmm2,zmm2,zmm13
- vpxord zmm3,zmm3,zmm13
-
- cmp r10d,24
- jl NEAR $L$aes128__func2
- je NEAR $L$aes192__func2
-
- vbroadcasti32x4 zmm9,ZMMWORD[((-208))+r11]
- vaesenc zmm0,zmm0,zmm9
- vaesenc zmm1,zmm1,zmm9
- vaesenc zmm2,zmm2,zmm9
- vaesenc zmm3,zmm3,zmm9
-
- vbroadcasti32x4 zmm9,ZMMWORD[((-192))+r11]
- vaesenc zmm0,zmm0,zmm9
- vaesenc zmm1,zmm1,zmm9
- vaesenc zmm2,zmm2,zmm9
- vaesenc zmm3,zmm3,zmm9
-
-$L$aes192__func2:
- vbroadcasti32x4 zmm9,ZMMWORD[((-176))+r11]
- vaesenc zmm0,zmm0,zmm9
- vaesenc zmm1,zmm1,zmm9
- vaesenc zmm2,zmm2,zmm9
- vaesenc zmm3,zmm3,zmm9
-
- vbroadcasti32x4 zmm9,ZMMWORD[((-160))+r11]
- vaesenc zmm0,zmm0,zmm9
- vaesenc zmm1,zmm1,zmm9
- vaesenc zmm2,zmm2,zmm9
- vaesenc zmm3,zmm3,zmm9
-
-$L$aes128__func2:
- prefetcht0 [((512+0))+rcx]
- prefetcht0 [((512+64))+rcx]
- prefetcht0 [((512+128))+rcx]
- prefetcht0 [((512+192))+rcx]
- vpshufb zmm4,zmm4,zmm8
- vpxord zmm4,zmm4,zmm10
- vpshufb zmm5,zmm5,zmm8
- vpshufb zmm6,zmm6,zmm8
-
- vaesenc zmm0,zmm0,zmm15
- vaesenc zmm1,zmm1,zmm15
- vaesenc zmm2,zmm2,zmm15
- vaesenc zmm3,zmm3,zmm15
-
- vpshufb zmm7,zmm7,zmm8
- vpclmulqdq zmm10,zmm4,zmm27,0x00
- vpclmulqdq zmm24,zmm5,zmm28,0x00
- vpclmulqdq zmm25,zmm6,zmm29,0x00
-
- vaesenc zmm0,zmm0,zmm16
- vaesenc zmm1,zmm1,zmm16
- vaesenc zmm2,zmm2,zmm16
- vaesenc zmm3,zmm3,zmm16
-
- vpxord zmm10,zmm10,zmm24
- vpclmulqdq zmm26,zmm7,zmm30,0x00
- vpternlogd zmm10,zmm25,zmm26,0x96
- vpclmulqdq zmm24,zmm4,zmm27,0x01
-
- vaesenc zmm0,zmm0,zmm17
- vaesenc zmm1,zmm1,zmm17
- vaesenc zmm2,zmm2,zmm17
- vaesenc zmm3,zmm3,zmm17
-
- vpclmulqdq zmm25,zmm5,zmm28,0x01
- vpclmulqdq zmm26,zmm6,zmm29,0x01
- vpternlogd zmm24,zmm25,zmm26,0x96
- vpclmulqdq zmm25,zmm7,zmm30,0x01
-
- vaesenc zmm0,zmm0,zmm18
- vaesenc zmm1,zmm1,zmm18
- vaesenc zmm2,zmm2,zmm18
- vaesenc zmm3,zmm3,zmm18
-
- vpclmulqdq zmm26,zmm4,zmm27,0x10
- vpternlogd zmm24,zmm25,zmm26,0x96
- vpclmulqdq zmm25,zmm5,zmm28,0x10
- vpclmulqdq zmm26,zmm6,zmm29,0x10
-
- vaesenc zmm0,zmm0,zmm19
- vaesenc zmm1,zmm1,zmm19
- vaesenc zmm2,zmm2,zmm19
- vaesenc zmm3,zmm3,zmm19
-
- vpternlogd zmm24,zmm25,zmm26,0x96
- vpclmulqdq zmm26,zmm31,zmm10,0x01
- vpclmulqdq zmm25,zmm7,zmm30,0x10
- vpxord zmm24,zmm24,zmm25
-
- vaesenc zmm0,zmm0,zmm20
- vaesenc zmm1,zmm1,zmm20
- vaesenc zmm2,zmm2,zmm20
- vaesenc zmm3,zmm3,zmm20
-
- vpshufd zmm10,zmm10,0x4e
- vpclmulqdq zmm4,zmm4,zmm27,0x11
- vpclmulqdq zmm5,zmm5,zmm28,0x11
- vpclmulqdq zmm6,zmm6,zmm29,0x11
-
- vaesenc zmm0,zmm0,zmm21
- vaesenc zmm1,zmm1,zmm21
- vaesenc zmm2,zmm2,zmm21
- vaesenc zmm3,zmm3,zmm21
-
- vpternlogd zmm24,zmm10,zmm26,0x96
- vpclmulqdq zmm7,zmm7,zmm30,0x11
- vpternlogd zmm4,zmm5,zmm6,0x96
- vpclmulqdq zmm25,zmm31,zmm24,0x01
-
- vaesenc zmm0,zmm0,zmm22
- vaesenc zmm1,zmm1,zmm22
- vaesenc zmm2,zmm2,zmm22
- vaesenc zmm3,zmm3,zmm22
-
- vpxord zmm10,zmm4,zmm7
- vpshufd zmm24,zmm24,0x4e
- vpternlogd zmm10,zmm24,zmm25,0x96
-
- vaesenc zmm0,zmm0,zmm23
- vaesenc zmm1,zmm1,zmm23
- vaesenc zmm2,zmm2,zmm23
- vaesenc zmm3,zmm3,zmm23
-
- vextracti32x4 xmm4,zmm10,1
- vextracti32x4 xmm5,zmm10,2
- vextracti32x4 xmm6,zmm10,3
- vpxord xmm10,xmm10,xmm4
- vpternlogd xmm10,xmm6,xmm5,0x96
-
-
-
-
- vpxord zmm4,zmm14,ZMMWORD[rcx]
- vpxord zmm5,zmm14,ZMMWORD[64+rcx]
- vpxord zmm6,zmm14,ZMMWORD[128+rcx]
- vpxord zmm7,zmm14,ZMMWORD[192+rcx]
-
-
-
- vaesenclast zmm4,zmm0,zmm4
- vaesenclast zmm5,zmm1,zmm5
- vaesenclast zmm6,zmm2,zmm6
- vaesenclast zmm7,zmm3,zmm7
-
-
- vmovdqu8 ZMMWORD[rdx],zmm4
- vmovdqu8 ZMMWORD[64+rdx],zmm5
- vmovdqu8 ZMMWORD[128+rdx],zmm6
- vmovdqu8 ZMMWORD[192+rdx],zmm7
-
- sub rcx,-4*64
- sub rdx,-4*64
- add r8,-4*64
- cmp r8,4*64-1
- ja NEAR $L$crypt_loop_4x__func2
-$L$crypt_loop_4x_done__func2:
-
- test r8,r8
- jz NEAR $L$done__func2
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- mov rax,r8
- neg rax
- and rax,-16
- lea rsi,[256+rax*1+rdi]
- vpxor xmm4,xmm4,xmm4
- vpxor xmm5,xmm5,xmm5
- vpxor xmm6,xmm6,xmm6
-
- cmp r8,64
- jb NEAR $L$partial_vec__func2
-
-$L$crypt_loop_1x__func2:
-
-
-
- vpshufb zmm0,zmm12,zmm8
- vpaddd zmm12,zmm12,zmm11
- vpxord zmm0,zmm0,zmm13
- lea rax,[16+r9]
-$L$vaesenc_loop_tail_full_vec__func2:
- vbroadcasti32x4 zmm9,ZMMWORD[rax]
- vaesenc zmm0,zmm0,zmm9
- add rax,16
- cmp r11,rax
- jne NEAR $L$vaesenc_loop_tail_full_vec__func2
- vaesenclast zmm0,zmm0,zmm14
-
-
- vmovdqu8 zmm1,ZMMWORD[rcx]
- vpxord zmm0,zmm0,zmm1
- vmovdqu8 ZMMWORD[rdx],zmm0
-
-
- vmovdqu8 zmm30,ZMMWORD[rsi]
- vpshufb zmm0,zmm1,zmm8
- vpxord zmm0,zmm0,zmm10
- vpclmulqdq zmm7,zmm0,zmm30,0x00
- vpclmulqdq zmm1,zmm0,zmm30,0x01
- vpclmulqdq zmm2,zmm0,zmm30,0x10
- vpclmulqdq zmm3,zmm0,zmm30,0x11
- vpxord zmm4,zmm4,zmm7
- vpternlogd zmm5,zmm1,zmm2,0x96
- vpxord zmm6,zmm6,zmm3
-
- vpxor xmm10,xmm10,xmm10
-
- add rsi,64
- add rcx,64
- add rdx,64
- sub r8,64
- cmp r8,64
- jae NEAR $L$crypt_loop_1x__func2
-
- test r8,r8
- jz NEAR $L$reduce__func2
-
-$L$partial_vec__func2:
-
-
-
-
- mov rax,-1
- bzhi rax,rax,r8
- kmovq k1,rax
- add r8,15
- and r8,-16
- mov rax,-1
- bzhi rax,rax,r8
- kmovq k2,rax
-
-
-
- vpshufb zmm0,zmm12,zmm8
- vpxord zmm0,zmm0,zmm13
- lea rax,[16+r9]
-$L$vaesenc_loop_tail_partialvec__func2:
- vbroadcasti32x4 zmm9,ZMMWORD[rax]
- vaesenc zmm0,zmm0,zmm9
- add rax,16
- cmp r11,rax
- jne NEAR $L$vaesenc_loop_tail_partialvec__func2
- vaesenclast zmm0,zmm0,zmm14
-
-
- vmovdqu8 zmm1{k1}{z},[rcx]
- vpxord zmm0,zmm0,zmm1
- vmovdqu8 ZMMWORD[rdx]{k1},zmm0
-
-
-
-
-
-
-
-
-
-
-
-
-
- vmovdqu8 zmm30{k2}{z},[rsi]
-
- vpshufb zmm0,zmm1,zmm8
- vpxord zmm0,zmm0,zmm10
- vpclmulqdq zmm7,zmm0,zmm30,0x00
- vpclmulqdq zmm1,zmm0,zmm30,0x01
- vpclmulqdq zmm2,zmm0,zmm30,0x10
- vpclmulqdq zmm3,zmm0,zmm30,0x11
- vpxord zmm4,zmm4,zmm7
- vpternlogd zmm5,zmm1,zmm2,0x96
- vpxord zmm6,zmm6,zmm3
-
-
-$L$reduce__func2:
-
- vpclmulqdq zmm0,zmm31,zmm4,0x01
- vpshufd zmm4,zmm4,0x4e
- vpternlogd zmm5,zmm4,zmm0,0x96
- vpclmulqdq zmm0,zmm31,zmm5,0x01
- vpshufd zmm5,zmm5,0x4e
- vpternlogd zmm6,zmm5,zmm0,0x96
-
- vextracti32x4 xmm0,zmm6,1
- vextracti32x4 xmm1,zmm6,2
- vextracti32x4 xmm2,zmm6,3
- vpxord xmm10,xmm6,xmm0
- vpternlogd xmm10,xmm2,xmm1,0x96
-
-
-$L$done__func2:
-
- vpshufb xmm10,xmm10,xmm8
- vmovdqu XMMWORD[r12],xmm10
-
- vzeroupper
- movdqa xmm6,XMMWORD[rsp]
- movdqa xmm7,XMMWORD[16+rsp]
- movdqa xmm8,XMMWORD[32+rsp]
- movdqa xmm9,XMMWORD[48+rsp]
- movdqa xmm10,XMMWORD[64+rsp]
- movdqa xmm11,XMMWORD[80+rsp]
- movdqa xmm12,XMMWORD[96+rsp]
- movdqa xmm13,XMMWORD[112+rsp]
- movdqa xmm14,XMMWORD[128+rsp]
- movdqa xmm15,XMMWORD[144+rsp]
- add rsp,160
- pop r12
- pop rdi
- pop rsi
- ret
-$L$SEH_end_aes_gcm_dec_update_vaes_avx10_512_17:
-
-
-section .pdata rdata align=4
-ALIGN 4
- DD $L$SEH_begin_gcm_gmult_vpclmulqdq_avx10_1 wrt ..imagebase
- DD $L$SEH_end_gcm_gmult_vpclmulqdq_avx10_5 wrt ..imagebase
- DD $L$SEH_info_gcm_gmult_vpclmulqdq_avx10_0 wrt ..imagebase
-
- DD $L$SEH_begin_gcm_ghash_vpclmulqdq_avx10_512_1 wrt ..imagebase
- DD $L$SEH_end_gcm_ghash_vpclmulqdq_avx10_512_12 wrt ..imagebase
- DD $L$SEH_info_gcm_ghash_vpclmulqdq_avx10_512_0 wrt ..imagebase
-
- DD $L$SEH_begin_aes_gcm_enc_update_vaes_avx10_512_1 wrt ..imagebase
- DD $L$SEH_end_aes_gcm_enc_update_vaes_avx10_512_17 wrt ..imagebase
- DD $L$SEH_info_aes_gcm_enc_update_vaes_avx10_512_0 wrt ..imagebase
-
- DD $L$SEH_begin_aes_gcm_dec_update_vaes_avx10_512_1 wrt ..imagebase
- DD $L$SEH_end_aes_gcm_dec_update_vaes_avx10_512_17 wrt ..imagebase
- DD $L$SEH_info_aes_gcm_dec_update_vaes_avx10_512_0 wrt ..imagebase
-
-
-section .xdata rdata align=8
-ALIGN 4
-$L$SEH_info_gcm_gmult_vpclmulqdq_avx10_0:
- DB 1
- DB $L$SEH_endprologue_gcm_gmult_vpclmulqdq_avx10_4-$L$SEH_begin_gcm_gmult_vpclmulqdq_avx10_1
- DB 3
- DB 0
- DB $L$SEH_prologue_gcm_gmult_vpclmulqdq_avx10_3-$L$SEH_begin_gcm_gmult_vpclmulqdq_avx10_1
- DB 104
- DW 0
- DB $L$SEH_prologue_gcm_gmult_vpclmulqdq_avx10_2-$L$SEH_begin_gcm_gmult_vpclmulqdq_avx10_1
- DB 34
-
- DW 0
-$L$SEH_info_gcm_ghash_vpclmulqdq_avx10_512_0:
- DB 1
- DB $L$SEH_endprologue_gcm_ghash_vpclmulqdq_avx10_512_11-$L$SEH_begin_gcm_ghash_vpclmulqdq_avx10_512_1
- DB 18
- DB 0
- DB $L$SEH_prologue_gcm_ghash_vpclmulqdq_avx10_512_10-$L$SEH_begin_gcm_ghash_vpclmulqdq_avx10_512_1
- DB 216
- DW 7
- DB $L$SEH_prologue_gcm_ghash_vpclmulqdq_avx10_512_9-$L$SEH_begin_gcm_ghash_vpclmulqdq_avx10_512_1
- DB 200
- DW 6
- DB $L$SEH_prologue_gcm_ghash_vpclmulqdq_avx10_512_8-$L$SEH_begin_gcm_ghash_vpclmulqdq_avx10_512_1
- DB 184
- DW 5
- DB $L$SEH_prologue_gcm_ghash_vpclmulqdq_avx10_512_7-$L$SEH_begin_gcm_ghash_vpclmulqdq_avx10_512_1
- DB 168
- DW 4
- DB $L$SEH_prologue_gcm_ghash_vpclmulqdq_avx10_512_6-$L$SEH_begin_gcm_ghash_vpclmulqdq_avx10_512_1
- DB 152
- DW 3
- DB $L$SEH_prologue_gcm_ghash_vpclmulqdq_avx10_512_5-$L$SEH_begin_gcm_ghash_vpclmulqdq_avx10_512_1
- DB 136
- DW 2
- DB $L$SEH_prologue_gcm_ghash_vpclmulqdq_avx10_512_4-$L$SEH_begin_gcm_ghash_vpclmulqdq_avx10_512_1
- DB 120
- DW 1
- DB $L$SEH_prologue_gcm_ghash_vpclmulqdq_avx10_512_3-$L$SEH_begin_gcm_ghash_vpclmulqdq_avx10_512_1
- DB 104
- DW 0
- DB $L$SEH_prologue_gcm_ghash_vpclmulqdq_avx10_512_2-$L$SEH_begin_gcm_ghash_vpclmulqdq_avx10_512_1
- DB 1
- DW 17
-
-$L$SEH_info_aes_gcm_enc_update_vaes_avx10_512_0:
- DB 1
- DB $L$SEH_endprologue_aes_gcm_enc_update_vaes_avx10_512_16-$L$SEH_begin_aes_gcm_enc_update_vaes_avx10_512_1
- DB 25
- DB 0
- DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_15-$L$SEH_begin_aes_gcm_enc_update_vaes_avx10_512_1
- DB 248
- DW 9
- DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_14-$L$SEH_begin_aes_gcm_enc_update_vaes_avx10_512_1
- DB 232
- DW 8
- DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_13-$L$SEH_begin_aes_gcm_enc_update_vaes_avx10_512_1
- DB 216
- DW 7
- DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_12-$L$SEH_begin_aes_gcm_enc_update_vaes_avx10_512_1
- DB 200
- DW 6
- DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_11-$L$SEH_begin_aes_gcm_enc_update_vaes_avx10_512_1
- DB 184
- DW 5
- DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_10-$L$SEH_begin_aes_gcm_enc_update_vaes_avx10_512_1
- DB 168
- DW 4
- DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_9-$L$SEH_begin_aes_gcm_enc_update_vaes_avx10_512_1
- DB 152
- DW 3
- DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_8-$L$SEH_begin_aes_gcm_enc_update_vaes_avx10_512_1
- DB 136
- DW 2
- DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_7-$L$SEH_begin_aes_gcm_enc_update_vaes_avx10_512_1
- DB 120
- DW 1
- DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_6-$L$SEH_begin_aes_gcm_enc_update_vaes_avx10_512_1
- DB 104
- DW 0
- DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_5-$L$SEH_begin_aes_gcm_enc_update_vaes_avx10_512_1
- DB 1
- DW 20
- DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_4-$L$SEH_begin_aes_gcm_enc_update_vaes_avx10_512_1
- DB 192
- DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_3-$L$SEH_begin_aes_gcm_enc_update_vaes_avx10_512_1
- DB 112
- DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx10_512_2-$L$SEH_begin_aes_gcm_enc_update_vaes_avx10_512_1
- DB 96
-
- DW 0
-$L$SEH_info_aes_gcm_dec_update_vaes_avx10_512_0:
- DB 1
- DB $L$SEH_endprologue_aes_gcm_dec_update_vaes_avx10_512_16-$L$SEH_begin_aes_gcm_dec_update_vaes_avx10_512_1
- DB 25
- DB 0
- DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_15-$L$SEH_begin_aes_gcm_dec_update_vaes_avx10_512_1
- DB 248
- DW 9
- DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_14-$L$SEH_begin_aes_gcm_dec_update_vaes_avx10_512_1
- DB 232
- DW 8
- DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_13-$L$SEH_begin_aes_gcm_dec_update_vaes_avx10_512_1
- DB 216
- DW 7
- DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_12-$L$SEH_begin_aes_gcm_dec_update_vaes_avx10_512_1
- DB 200
- DW 6
- DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_11-$L$SEH_begin_aes_gcm_dec_update_vaes_avx10_512_1
- DB 184
- DW 5
- DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_10-$L$SEH_begin_aes_gcm_dec_update_vaes_avx10_512_1
- DB 168
- DW 4
- DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_9-$L$SEH_begin_aes_gcm_dec_update_vaes_avx10_512_1
- DB 152
- DW 3
- DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_8-$L$SEH_begin_aes_gcm_dec_update_vaes_avx10_512_1
- DB 136
- DW 2
- DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_7-$L$SEH_begin_aes_gcm_dec_update_vaes_avx10_512_1
- DB 120
- DW 1
- DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_6-$L$SEH_begin_aes_gcm_dec_update_vaes_avx10_512_1
- DB 104
- DW 0
- DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_5-$L$SEH_begin_aes_gcm_dec_update_vaes_avx10_512_1
- DB 1
- DW 20
- DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_4-$L$SEH_begin_aes_gcm_dec_update_vaes_avx10_512_1
- DB 192
- DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_3-$L$SEH_begin_aes_gcm_dec_update_vaes_avx10_512_1
- DB 112
- DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx10_512_2-$L$SEH_begin_aes_gcm_dec_update_vaes_avx10_512_1
- DB 96
-
- DW 0
-%else
-; Work around https://bugzilla.nasm.us/show_bug.cgi?id=3392738
-ret
-%endif
diff --git a/src/gen/bcm/aes-gcm-avx2-x86_64-apple.S b/src/gen/bcm/aes-gcm-avx2-x86_64-apple.S
index d896f2a..eb2ac3b 100644
--- a/src/gen/bcm/aes-gcm-avx2-x86_64-apple.S
+++ b/src/gen/bcm/aes-gcm-avx2-x86_64-apple.S
@@ -64,14 +64,10 @@
vpclmulqdq $0x00,%xmm3,%xmm3,%xmm0
- vpclmulqdq $0x01,%xmm3,%xmm3,%xmm1
- vpclmulqdq $0x10,%xmm3,%xmm3,%xmm2
- vpxor %xmm2,%xmm1,%xmm1
- vpclmulqdq $0x01,%xmm0,%xmm6,%xmm2
+ vpclmulqdq $0x11,%xmm3,%xmm3,%xmm5
+ vpclmulqdq $0x01,%xmm0,%xmm6,%xmm1
vpshufd $0x4e,%xmm0,%xmm0
vpxor %xmm0,%xmm1,%xmm1
- vpxor %xmm2,%xmm1,%xmm1
- vpclmulqdq $0x11,%xmm3,%xmm3,%xmm5
vpclmulqdq $0x01,%xmm1,%xmm6,%xmm0
vpshufd $0x4e,%xmm1,%xmm1
vpxor %xmm1,%xmm5,%xmm5
@@ -187,6 +183,8 @@
vpshufb %xmm1,%xmm0,%xmm0
vmovdqu %xmm0,(%rdi)
+
+
ret
@@ -202,15 +200,25 @@
- vbroadcasti128 L$bswap_mask(%rip),%ymm6
+
+
+
+ vmovdqu L$bswap_mask(%rip),%xmm6
+ vmovdqu L$gfpoly(%rip),%xmm7
+
+
vmovdqu (%rdi),%xmm5
vpshufb %xmm6,%xmm5,%xmm5
- vbroadcasti128 L$gfpoly(%rip),%ymm7
cmpq $32,%rcx
jb L$ghash_lastblock
+
+
+ vinserti128 $1,%xmm6,%ymm6,%ymm6
+ vinserti128 $1,%xmm7,%ymm7,%ymm7
+
cmpq $127,%rcx
jbe L$ghash_loop_1x
@@ -319,9 +327,6 @@
L$ghash_loop_1x_done:
- vzeroupper
-
-
L$ghash_lastblock:
testq %rcx,%rcx
jz L$ghash_done
@@ -348,6 +353,8 @@
vpshufb %xmm6,%xmm5,%xmm5
vmovdqu %xmm5,(%rdi)
+
+ vzeroupper
ret
@@ -366,7 +373,7 @@
movq 16(%rsp),%r12
#ifdef BORINGSSL_DISPATCH_TEST
- movb $1,_BORINGSSL_function_hit+8(%rip)
+ movb $1,_BORINGSSL_function_hit+6(%rip)
#endif
vbroadcasti128 L$bswap_mask(%rip),%ymm0
diff --git a/src/gen/bcm/aes-gcm-avx2-x86_64-linux.S b/src/gen/bcm/aes-gcm-avx2-x86_64-linux.S
index 583f02f..018397a 100644
--- a/src/gen/bcm/aes-gcm-avx2-x86_64-linux.S
+++ b/src/gen/bcm/aes-gcm-avx2-x86_64-linux.S
@@ -64,14 +64,10 @@
vpclmulqdq $0x00,%xmm3,%xmm3,%xmm0
- vpclmulqdq $0x01,%xmm3,%xmm3,%xmm1
- vpclmulqdq $0x10,%xmm3,%xmm3,%xmm2
- vpxor %xmm2,%xmm1,%xmm1
- vpclmulqdq $0x01,%xmm0,%xmm6,%xmm2
+ vpclmulqdq $0x11,%xmm3,%xmm3,%xmm5
+ vpclmulqdq $0x01,%xmm0,%xmm6,%xmm1
vpshufd $0x4e,%xmm0,%xmm0
vpxor %xmm0,%xmm1,%xmm1
- vpxor %xmm2,%xmm1,%xmm1
- vpclmulqdq $0x11,%xmm3,%xmm3,%xmm5
vpclmulqdq $0x01,%xmm1,%xmm6,%xmm0
vpshufd $0x4e,%xmm1,%xmm1
vpxor %xmm1,%xmm5,%xmm5
@@ -187,6 +183,8 @@
vpshufb %xmm1,%xmm0,%xmm0
vmovdqu %xmm0,(%rdi)
+
+
ret
.cfi_endproc
@@ -202,15 +200,25 @@
- vbroadcasti128 .Lbswap_mask(%rip),%ymm6
+
+
+
+ vmovdqu .Lbswap_mask(%rip),%xmm6
+ vmovdqu .Lgfpoly(%rip),%xmm7
+
+
vmovdqu (%rdi),%xmm5
vpshufb %xmm6,%xmm5,%xmm5
- vbroadcasti128 .Lgfpoly(%rip),%ymm7
cmpq $32,%rcx
jb .Lghash_lastblock
+
+
+ vinserti128 $1,%xmm6,%ymm6,%ymm6
+ vinserti128 $1,%xmm7,%ymm7,%ymm7
+
cmpq $127,%rcx
jbe .Lghash_loop_1x
@@ -319,9 +327,6 @@
.Lghash_loop_1x_done:
- vzeroupper
-
-
.Lghash_lastblock:
testq %rcx,%rcx
jz .Lghash_done
@@ -348,6 +353,8 @@
vpshufb %xmm6,%xmm5,%xmm5
vmovdqu %xmm5,(%rdi)
+
+ vzeroupper
ret
.cfi_endproc
@@ -368,7 +375,7 @@
#ifdef BORINGSSL_DISPATCH_TEST
.extern BORINGSSL_function_hit
.hidden BORINGSSL_function_hit
- movb $1,BORINGSSL_function_hit+8(%rip)
+ movb $1,BORINGSSL_function_hit+6(%rip)
#endif
vbroadcasti128 .Lbswap_mask(%rip),%ymm0
diff --git a/src/gen/bcm/aes-gcm-avx2-x86_64-win.asm b/src/gen/bcm/aes-gcm-avx2-x86_64-win.asm
index 00e2a2b..ca1d28b 100644
--- a/src/gen/bcm/aes-gcm-avx2-x86_64-win.asm
+++ b/src/gen/bcm/aes-gcm-avx2-x86_64-win.asm
@@ -52,7 +52,7 @@
_CET_ENDBR
sub rsp,24
$L$SEH_prologue_gcm_init_vpclmulqdq_avx2_2:
- movdqa XMMWORD[rsp],xmm6
+ vmovdqa XMMWORD[rsp],xmm6
$L$SEH_prologue_gcm_init_vpclmulqdq_avx2_3:
$L$SEH_endprologue_gcm_init_vpclmulqdq_avx2_4:
@@ -75,14 +75,10 @@
vpclmulqdq xmm0,xmm3,xmm3,0x00
- vpclmulqdq xmm1,xmm3,xmm3,0x01
- vpclmulqdq xmm2,xmm3,xmm3,0x10
- vpxor xmm1,xmm1,xmm2
- vpclmulqdq xmm2,xmm6,xmm0,0x01
+ vpclmulqdq xmm5,xmm3,xmm3,0x11
+ vpclmulqdq xmm1,xmm6,xmm0,0x01
vpshufd xmm0,xmm0,0x4e
vpxor xmm1,xmm1,xmm0
- vpxor xmm1,xmm1,xmm2
- vpclmulqdq xmm5,xmm3,xmm3,0x11
vpclmulqdq xmm0,xmm6,xmm1,0x01
vpshufd xmm1,xmm1,0x4e
vpxor xmm5,xmm5,xmm1
@@ -160,7 +156,7 @@
vmovdqu YMMWORD[128+rcx],ymm0
vzeroupper
- movdqa xmm6,XMMWORD[rsp]
+ vmovdqa xmm6,XMMWORD[rsp]
add rsp,24
ret
$L$SEH_end_gcm_init_vpclmulqdq_avx2_5:
@@ -175,7 +171,7 @@
_CET_ENDBR
sub rsp,24
$L$SEH_prologue_gcm_gmult_vpclmulqdq_avx2_2:
- movdqa XMMWORD[rsp],xmm6
+ vmovdqa XMMWORD[rsp],xmm6
$L$SEH_prologue_gcm_gmult_vpclmulqdq_avx2_3:
$L$SEH_endprologue_gcm_gmult_vpclmulqdq_avx2_4:
@@ -203,7 +199,9 @@
vpshufb xmm0,xmm0,xmm1
vmovdqu XMMWORD[rcx],xmm0
- movdqa xmm6,XMMWORD[rsp]
+
+
+ vmovdqa xmm6,XMMWORD[rsp]
add rsp,24
ret
$L$SEH_end_gcm_gmult_vpclmulqdq_avx2_5:
@@ -218,26 +216,36 @@
_CET_ENDBR
sub rsp,72
$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx2_2:
- movdqa XMMWORD[rsp],xmm6
+ vmovdqa XMMWORD[rsp],xmm6
$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx2_3:
- movdqa XMMWORD[16+rsp],xmm7
+ vmovdqa XMMWORD[16+rsp],xmm7
$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx2_4:
- movdqa XMMWORD[32+rsp],xmm8
+ vmovdqa XMMWORD[32+rsp],xmm8
$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx2_5:
- movdqa XMMWORD[48+rsp],xmm9
+ vmovdqa XMMWORD[48+rsp],xmm9
$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx2_6:
$L$SEH_endprologue_gcm_ghash_vpclmulqdq_avx2_7:
- vbroadcasti128 ymm6,XMMWORD[$L$bswap_mask]
+
+
+
+ vmovdqu xmm6,XMMWORD[$L$bswap_mask]
+ vmovdqu xmm7,XMMWORD[$L$gfpoly]
+
+
vmovdqu xmm5,XMMWORD[rcx]
vpshufb xmm5,xmm5,xmm6
- vbroadcasti128 ymm7,XMMWORD[$L$gfpoly]
cmp r9,32
jb NEAR $L$ghash_lastblock
+
+
+ vinserti128 ymm6,ymm6,xmm6,1
+ vinserti128 ymm7,ymm7,xmm7,1
+
cmp r9,127
jbe NEAR $L$ghash_loop_1x
@@ -346,9 +354,6 @@
$L$ghash_loop_1x_done:
- vzeroupper
-
-
$L$ghash_lastblock:
test r9,r9
jz NEAR $L$ghash_done
@@ -375,10 +380,12 @@
vpshufb xmm5,xmm5,xmm6
vmovdqu XMMWORD[rcx],xmm5
- movdqa xmm6,XMMWORD[rsp]
- movdqa xmm7,XMMWORD[16+rsp]
- movdqa xmm8,XMMWORD[32+rsp]
- movdqa xmm9,XMMWORD[48+rsp]
+
+ vzeroupper
+ vmovdqa xmm6,XMMWORD[rsp]
+ vmovdqa xmm7,XMMWORD[16+rsp]
+ vmovdqa xmm8,XMMWORD[32+rsp]
+ vmovdqa xmm9,XMMWORD[48+rsp]
add rsp,72
ret
$L$SEH_end_gcm_ghash_vpclmulqdq_avx2_8:
@@ -403,31 +410,31 @@
mov r12,QWORD[80+rsp]
sub rsp,160
$L$SEH_prologue_aes_gcm_enc_update_vaes_avx2_5:
- movdqa XMMWORD[rsp],xmm6
+ vmovdqa XMMWORD[rsp],xmm6
$L$SEH_prologue_aes_gcm_enc_update_vaes_avx2_6:
- movdqa XMMWORD[16+rsp],xmm7
+ vmovdqa XMMWORD[16+rsp],xmm7
$L$SEH_prologue_aes_gcm_enc_update_vaes_avx2_7:
- movdqa XMMWORD[32+rsp],xmm8
+ vmovdqa XMMWORD[32+rsp],xmm8
$L$SEH_prologue_aes_gcm_enc_update_vaes_avx2_8:
- movdqa XMMWORD[48+rsp],xmm9
+ vmovdqa XMMWORD[48+rsp],xmm9
$L$SEH_prologue_aes_gcm_enc_update_vaes_avx2_9:
- movdqa XMMWORD[64+rsp],xmm10
+ vmovdqa XMMWORD[64+rsp],xmm10
$L$SEH_prologue_aes_gcm_enc_update_vaes_avx2_10:
- movdqa XMMWORD[80+rsp],xmm11
+ vmovdqa XMMWORD[80+rsp],xmm11
$L$SEH_prologue_aes_gcm_enc_update_vaes_avx2_11:
- movdqa XMMWORD[96+rsp],xmm12
+ vmovdqa XMMWORD[96+rsp],xmm12
$L$SEH_prologue_aes_gcm_enc_update_vaes_avx2_12:
- movdqa XMMWORD[112+rsp],xmm13
+ vmovdqa XMMWORD[112+rsp],xmm13
$L$SEH_prologue_aes_gcm_enc_update_vaes_avx2_13:
- movdqa XMMWORD[128+rsp],xmm14
+ vmovdqa XMMWORD[128+rsp],xmm14
$L$SEH_prologue_aes_gcm_enc_update_vaes_avx2_14:
- movdqa XMMWORD[144+rsp],xmm15
+ vmovdqa XMMWORD[144+rsp],xmm15
$L$SEH_prologue_aes_gcm_enc_update_vaes_avx2_15:
$L$SEH_endprologue_aes_gcm_enc_update_vaes_avx2_16:
%ifdef BORINGSSL_DISPATCH_TEST
EXTERN BORINGSSL_function_hit
- mov BYTE[((BORINGSSL_function_hit+8))],1
+ mov BYTE[((BORINGSSL_function_hit+6))],1
%endif
vbroadcasti128 ymm0,XMMWORD[$L$bswap_mask]
@@ -945,16 +952,16 @@
vmovdqu XMMWORD[r12],xmm1
vzeroupper
- movdqa xmm6,XMMWORD[rsp]
- movdqa xmm7,XMMWORD[16+rsp]
- movdqa xmm8,XMMWORD[32+rsp]
- movdqa xmm9,XMMWORD[48+rsp]
- movdqa xmm10,XMMWORD[64+rsp]
- movdqa xmm11,XMMWORD[80+rsp]
- movdqa xmm12,XMMWORD[96+rsp]
- movdqa xmm13,XMMWORD[112+rsp]
- movdqa xmm14,XMMWORD[128+rsp]
- movdqa xmm15,XMMWORD[144+rsp]
+ vmovdqa xmm6,XMMWORD[rsp]
+ vmovdqa xmm7,XMMWORD[16+rsp]
+ vmovdqa xmm8,XMMWORD[32+rsp]
+ vmovdqa xmm9,XMMWORD[48+rsp]
+ vmovdqa xmm10,XMMWORD[64+rsp]
+ vmovdqa xmm11,XMMWORD[80+rsp]
+ vmovdqa xmm12,XMMWORD[96+rsp]
+ vmovdqa xmm13,XMMWORD[112+rsp]
+ vmovdqa xmm14,XMMWORD[128+rsp]
+ vmovdqa xmm15,XMMWORD[144+rsp]
add rsp,160
pop r12
pop rdi
@@ -982,25 +989,25 @@
mov r12,QWORD[80+rsp]
sub rsp,160
$L$SEH_prologue_aes_gcm_dec_update_vaes_avx2_5:
- movdqa XMMWORD[rsp],xmm6
+ vmovdqa XMMWORD[rsp],xmm6
$L$SEH_prologue_aes_gcm_dec_update_vaes_avx2_6:
- movdqa XMMWORD[16+rsp],xmm7
+ vmovdqa XMMWORD[16+rsp],xmm7
$L$SEH_prologue_aes_gcm_dec_update_vaes_avx2_7:
- movdqa XMMWORD[32+rsp],xmm8
+ vmovdqa XMMWORD[32+rsp],xmm8
$L$SEH_prologue_aes_gcm_dec_update_vaes_avx2_8:
- movdqa XMMWORD[48+rsp],xmm9
+ vmovdqa XMMWORD[48+rsp],xmm9
$L$SEH_prologue_aes_gcm_dec_update_vaes_avx2_9:
- movdqa XMMWORD[64+rsp],xmm10
+ vmovdqa XMMWORD[64+rsp],xmm10
$L$SEH_prologue_aes_gcm_dec_update_vaes_avx2_10:
- movdqa XMMWORD[80+rsp],xmm11
+ vmovdqa XMMWORD[80+rsp],xmm11
$L$SEH_prologue_aes_gcm_dec_update_vaes_avx2_11:
- movdqa XMMWORD[96+rsp],xmm12
+ vmovdqa XMMWORD[96+rsp],xmm12
$L$SEH_prologue_aes_gcm_dec_update_vaes_avx2_12:
- movdqa XMMWORD[112+rsp],xmm13
+ vmovdqa XMMWORD[112+rsp],xmm13
$L$SEH_prologue_aes_gcm_dec_update_vaes_avx2_13:
- movdqa XMMWORD[128+rsp],xmm14
+ vmovdqa XMMWORD[128+rsp],xmm14
$L$SEH_prologue_aes_gcm_dec_update_vaes_avx2_14:
- movdqa XMMWORD[144+rsp],xmm15
+ vmovdqa XMMWORD[144+rsp],xmm15
$L$SEH_prologue_aes_gcm_dec_update_vaes_avx2_15:
$L$SEH_endprologue_aes_gcm_dec_update_vaes_avx2_16:
@@ -1406,16 +1413,16 @@
vmovdqu XMMWORD[r12],xmm1
vzeroupper
- movdqa xmm6,XMMWORD[rsp]
- movdqa xmm7,XMMWORD[16+rsp]
- movdqa xmm8,XMMWORD[32+rsp]
- movdqa xmm9,XMMWORD[48+rsp]
- movdqa xmm10,XMMWORD[64+rsp]
- movdqa xmm11,XMMWORD[80+rsp]
- movdqa xmm12,XMMWORD[96+rsp]
- movdqa xmm13,XMMWORD[112+rsp]
- movdqa xmm14,XMMWORD[128+rsp]
- movdqa xmm15,XMMWORD[144+rsp]
+ vmovdqa xmm6,XMMWORD[rsp]
+ vmovdqa xmm7,XMMWORD[16+rsp]
+ vmovdqa xmm8,XMMWORD[32+rsp]
+ vmovdqa xmm9,XMMWORD[48+rsp]
+ vmovdqa xmm10,XMMWORD[64+rsp]
+ vmovdqa xmm11,XMMWORD[80+rsp]
+ vmovdqa xmm12,XMMWORD[96+rsp]
+ vmovdqa xmm13,XMMWORD[112+rsp]
+ vmovdqa xmm14,XMMWORD[128+rsp]
+ vmovdqa xmm15,XMMWORD[144+rsp]
add rsp,160
pop r12
pop rdi
diff --git a/src/gen/bcm/aes-gcm-avx512-x86_64-apple.S b/src/gen/bcm/aes-gcm-avx512-x86_64-apple.S
new file mode 100644
index 0000000..874ec0a
--- /dev/null
+++ b/src/gen/bcm/aes-gcm-avx512-x86_64-apple.S
@@ -0,0 +1,1246 @@
+// This file is generated from a similarly-named Perl script in the BoringSSL
+// source tree. Do not edit by hand.
+
+#include <openssl/asm_base.h>
+
+#if !defined(OPENSSL_NO_ASM) && defined(OPENSSL_X86_64) && defined(__APPLE__)
+.section __DATA,__const
+.p2align 6
+
+
+L$bswap_mask:
+.quad 0x08090a0b0c0d0e0f, 0x0001020304050607
+
+
+
+
+
+
+
+
+L$gfpoly:
+.quad 1, 0xc200000000000000
+
+
+L$gfpoly_and_internal_carrybit:
+.quad 1, 0xc200000000000001
+
+
+L$ctr_pattern:
+.quad 0, 0
+.quad 1, 0
+.quad 2, 0
+.quad 3, 0
+
+
+L$inc_4blocks:
+.quad 4, 0
+
+.text
+.globl _gcm_init_vpclmulqdq_avx512
+.private_extern _gcm_init_vpclmulqdq_avx512
+
+.p2align 5
+_gcm_init_vpclmulqdq_avx512:
+
+
+_CET_ENDBR
+
+ leaq 256-64(%rdi),%r8
+
+
+
+ vpshufd $0x4e,(%rsi),%xmm3
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ vpshufd $0xd3,%xmm3,%xmm0
+ vpsrad $31,%xmm0,%xmm0
+ vpaddq %xmm3,%xmm3,%xmm3
+
+ vpternlogd $0x78,L$gfpoly_and_internal_carrybit(%rip),%xmm0,%xmm3
+
+
+ vbroadcasti32x4 L$gfpoly(%rip),%zmm5
+
+
+
+
+
+
+
+
+ vpclmulqdq $0x00,%xmm3,%xmm3,%xmm0
+ vpclmulqdq $0x11,%xmm3,%xmm3,%xmm4
+ vpclmulqdq $0x01,%xmm0,%xmm5,%xmm1
+ vpshufd $0x4e,%xmm0,%xmm0
+ vpxor %xmm0,%xmm1,%xmm1
+ vpclmulqdq $0x01,%xmm1,%xmm5,%xmm0
+ vpshufd $0x4e,%xmm1,%xmm1
+ vpternlogd $0x96,%xmm0,%xmm1,%xmm4
+
+
+
+ vinserti128 $1,%xmm3,%ymm4,%ymm3
+ vinserti128 $1,%xmm4,%ymm4,%ymm4
+
+
+ vpclmulqdq $0x00,%ymm4,%ymm3,%ymm0
+ vpclmulqdq $0x01,%ymm4,%ymm3,%ymm1
+ vpclmulqdq $0x10,%ymm4,%ymm3,%ymm2
+ vpxord %ymm2,%ymm1,%ymm1
+ vpclmulqdq $0x01,%ymm0,%ymm5,%ymm2
+ vpshufd $0x4e,%ymm0,%ymm0
+ vpternlogd $0x96,%ymm2,%ymm0,%ymm1
+ vpclmulqdq $0x11,%ymm4,%ymm3,%ymm4
+ vpclmulqdq $0x01,%ymm1,%ymm5,%ymm0
+ vpshufd $0x4e,%ymm1,%ymm1
+ vpternlogd $0x96,%ymm0,%ymm1,%ymm4
+
+ vinserti64x4 $1,%ymm3,%zmm4,%zmm3
+ vshufi64x2 $0,%zmm4,%zmm4,%zmm4
+
+
+ vmovdqu8 %zmm3,(%r8)
+
+
+
+
+ movl $3,%eax
+L$precompute_next:
+ subq $64,%r8
+ vpclmulqdq $0x00,%zmm4,%zmm3,%zmm0
+ vpclmulqdq $0x01,%zmm4,%zmm3,%zmm1
+ vpclmulqdq $0x10,%zmm4,%zmm3,%zmm2
+ vpxord %zmm2,%zmm1,%zmm1
+ vpclmulqdq $0x01,%zmm0,%zmm5,%zmm2
+ vpshufd $0x4e,%zmm0,%zmm0
+ vpternlogd $0x96,%zmm2,%zmm0,%zmm1
+ vpclmulqdq $0x11,%zmm4,%zmm3,%zmm3
+ vpclmulqdq $0x01,%zmm1,%zmm5,%zmm0
+ vpshufd $0x4e,%zmm1,%zmm1
+ vpternlogd $0x96,%zmm0,%zmm1,%zmm3
+
+ vmovdqu8 %zmm3,(%r8)
+ decl %eax
+ jnz L$precompute_next
+
+ vzeroupper
+ ret
+
+
+
+.globl _gcm_gmult_vpclmulqdq_avx512
+.private_extern _gcm_gmult_vpclmulqdq_avx512
+
+.p2align 5
+_gcm_gmult_vpclmulqdq_avx512:
+
+
+_CET_ENDBR
+
+
+
+ vmovdqu (%rdi),%xmm0
+ vmovdqu L$bswap_mask(%rip),%xmm1
+ vmovdqu 256-16(%rsi),%xmm2
+ vmovdqu L$gfpoly(%rip),%xmm3
+ vpshufb %xmm1,%xmm0,%xmm0
+
+ vpclmulqdq $0x00,%xmm2,%xmm0,%xmm4
+ vpclmulqdq $0x01,%xmm2,%xmm0,%xmm5
+ vpclmulqdq $0x10,%xmm2,%xmm0,%xmm6
+ vpxord %xmm6,%xmm5,%xmm5
+ vpclmulqdq $0x01,%xmm4,%xmm3,%xmm6
+ vpshufd $0x4e,%xmm4,%xmm4
+ vpternlogd $0x96,%xmm6,%xmm4,%xmm5
+ vpclmulqdq $0x11,%xmm2,%xmm0,%xmm0
+ vpclmulqdq $0x01,%xmm5,%xmm3,%xmm4
+ vpshufd $0x4e,%xmm5,%xmm5
+ vpternlogd $0x96,%xmm4,%xmm5,%xmm0
+
+
+ vpshufb %xmm1,%xmm0,%xmm0
+ vmovdqu %xmm0,(%rdi)
+
+
+ ret
+
+
+
+.globl _gcm_ghash_vpclmulqdq_avx512
+.private_extern _gcm_ghash_vpclmulqdq_avx512
+
+.p2align 5
+_gcm_ghash_vpclmulqdq_avx512:
+
+
+_CET_ENDBR
+
+
+
+
+
+
+ vmovdqu L$bswap_mask(%rip),%xmm4
+ vmovdqu L$gfpoly(%rip),%xmm10
+
+
+ vmovdqu (%rdi),%xmm5
+ vpshufb %xmm4,%xmm5,%xmm5
+
+
+ cmpq $64,%rcx
+ jb L$aad_blockbyblock
+
+
+
+ vshufi64x2 $0,%zmm4,%zmm4,%zmm4
+ vshufi64x2 $0,%zmm10,%zmm10,%zmm10
+
+
+ vmovdqu8 256-64(%rsi),%zmm9
+
+ cmpq $256,%rcx
+ jb L$aad_loop_1x
+
+
+ vmovdqu8 256-256(%rsi),%zmm6
+ vmovdqu8 256-192(%rsi),%zmm7
+ vmovdqu8 256-128(%rsi),%zmm8
+
+
+L$aad_loop_4x:
+ vmovdqu8 0(%rdx),%zmm0
+ vmovdqu8 64(%rdx),%zmm1
+ vmovdqu8 128(%rdx),%zmm2
+ vmovdqu8 192(%rdx),%zmm3
+ vpshufb %zmm4,%zmm0,%zmm0
+ vpxord %zmm5,%zmm0,%zmm0
+ vpshufb %zmm4,%zmm1,%zmm1
+ vpshufb %zmm4,%zmm2,%zmm2
+ vpshufb %zmm4,%zmm3,%zmm3
+ vpclmulqdq $0x00,%zmm6,%zmm0,%zmm5
+ vpclmulqdq $0x00,%zmm7,%zmm1,%zmm11
+ vpclmulqdq $0x00,%zmm8,%zmm2,%zmm12
+ vpxord %zmm11,%zmm5,%zmm5
+ vpclmulqdq $0x00,%zmm9,%zmm3,%zmm13
+ vpternlogd $0x96,%zmm13,%zmm12,%zmm5
+ vpclmulqdq $0x01,%zmm6,%zmm0,%zmm11
+ vpclmulqdq $0x01,%zmm7,%zmm1,%zmm12
+ vpclmulqdq $0x01,%zmm8,%zmm2,%zmm13
+ vpternlogd $0x96,%zmm13,%zmm12,%zmm11
+ vpclmulqdq $0x01,%zmm9,%zmm3,%zmm12
+ vpclmulqdq $0x10,%zmm6,%zmm0,%zmm13
+ vpternlogd $0x96,%zmm13,%zmm12,%zmm11
+ vpclmulqdq $0x10,%zmm7,%zmm1,%zmm12
+ vpclmulqdq $0x10,%zmm8,%zmm2,%zmm13
+ vpternlogd $0x96,%zmm13,%zmm12,%zmm11
+ vpclmulqdq $0x01,%zmm5,%zmm10,%zmm13
+ vpclmulqdq $0x10,%zmm9,%zmm3,%zmm12
+ vpxord %zmm12,%zmm11,%zmm11
+ vpshufd $0x4e,%zmm5,%zmm5
+ vpclmulqdq $0x11,%zmm6,%zmm0,%zmm0
+ vpclmulqdq $0x11,%zmm7,%zmm1,%zmm1
+ vpclmulqdq $0x11,%zmm8,%zmm2,%zmm2
+ vpternlogd $0x96,%zmm13,%zmm5,%zmm11
+ vpclmulqdq $0x11,%zmm9,%zmm3,%zmm3
+ vpternlogd $0x96,%zmm2,%zmm1,%zmm0
+ vpclmulqdq $0x01,%zmm11,%zmm10,%zmm12
+ vpxord %zmm3,%zmm0,%zmm5
+ vpshufd $0x4e,%zmm11,%zmm11
+ vpternlogd $0x96,%zmm12,%zmm11,%zmm5
+ vextracti32x4 $1,%zmm5,%xmm0
+ vextracti32x4 $2,%zmm5,%xmm1
+ vextracti32x4 $3,%zmm5,%xmm2
+ vpxord %xmm0,%xmm5,%xmm5
+ vpternlogd $0x96,%xmm1,%xmm2,%xmm5
+
+ addq $256,%rdx
+ subq $256,%rcx
+ cmpq $256,%rcx
+ jae L$aad_loop_4x
+
+
+ cmpq $64,%rcx
+ jb L$aad_large_done
+L$aad_loop_1x:
+ vmovdqu8 (%rdx),%zmm0
+ vpshufb %zmm4,%zmm0,%zmm0
+ vpxord %zmm0,%zmm5,%zmm5
+ vpclmulqdq $0x00,%zmm9,%zmm5,%zmm0
+ vpclmulqdq $0x01,%zmm9,%zmm5,%zmm1
+ vpclmulqdq $0x10,%zmm9,%zmm5,%zmm2
+ vpxord %zmm2,%zmm1,%zmm1
+ vpclmulqdq $0x01,%zmm0,%zmm10,%zmm2
+ vpshufd $0x4e,%zmm0,%zmm0
+ vpternlogd $0x96,%zmm2,%zmm0,%zmm1
+ vpclmulqdq $0x11,%zmm9,%zmm5,%zmm5
+ vpclmulqdq $0x01,%zmm1,%zmm10,%zmm0
+ vpshufd $0x4e,%zmm1,%zmm1
+ vpternlogd $0x96,%zmm0,%zmm1,%zmm5
+
+ vextracti32x4 $1,%zmm5,%xmm0
+ vextracti32x4 $2,%zmm5,%xmm1
+ vextracti32x4 $3,%zmm5,%xmm2
+ vpxord %xmm0,%xmm5,%xmm5
+ vpternlogd $0x96,%xmm1,%xmm2,%xmm5
+
+ addq $64,%rdx
+ subq $64,%rcx
+ cmpq $64,%rcx
+ jae L$aad_loop_1x
+
+L$aad_large_done:
+
+
+L$aad_blockbyblock:
+ testq %rcx,%rcx
+ jz L$aad_done
+ vmovdqu 256-16(%rsi),%xmm9
+L$aad_loop_blockbyblock:
+ vmovdqu (%rdx),%xmm0
+ vpshufb %xmm4,%xmm0,%xmm0
+ vpxor %xmm0,%xmm5,%xmm5
+ vpclmulqdq $0x00,%xmm9,%xmm5,%xmm0
+ vpclmulqdq $0x01,%xmm9,%xmm5,%xmm1
+ vpclmulqdq $0x10,%xmm9,%xmm5,%xmm2
+ vpxord %xmm2,%xmm1,%xmm1
+ vpclmulqdq $0x01,%xmm0,%xmm10,%xmm2
+ vpshufd $0x4e,%xmm0,%xmm0
+ vpternlogd $0x96,%xmm2,%xmm0,%xmm1
+ vpclmulqdq $0x11,%xmm9,%xmm5,%xmm5
+ vpclmulqdq $0x01,%xmm1,%xmm10,%xmm0
+ vpshufd $0x4e,%xmm1,%xmm1
+ vpternlogd $0x96,%xmm0,%xmm1,%xmm5
+
+ addq $16,%rdx
+ subq $16,%rcx
+ jnz L$aad_loop_blockbyblock
+
+L$aad_done:
+
+ vpshufb %xmm4,%xmm5,%xmm5
+ vmovdqu %xmm5,(%rdi)
+
+ vzeroupper
+ ret
+
+
+
+.globl _aes_gcm_enc_update_vaes_avx512
+.private_extern _aes_gcm_enc_update_vaes_avx512
+
+.p2align 5
+_aes_gcm_enc_update_vaes_avx512:
+
+
+_CET_ENDBR
+ pushq %r12
+
+
+ movq 16(%rsp),%r12
+#ifdef BORINGSSL_DISPATCH_TEST
+
+ movb $1,_BORINGSSL_function_hit+7(%rip)
+#endif
+
+ vbroadcasti32x4 L$bswap_mask(%rip),%zmm8
+ vbroadcasti32x4 L$gfpoly(%rip),%zmm31
+
+
+
+ vmovdqu (%r12),%xmm10
+ vpshufb %xmm8,%xmm10,%xmm10
+ vbroadcasti32x4 (%r8),%zmm12
+ vpshufb %zmm8,%zmm12,%zmm12
+
+
+
+ movl 240(%rcx),%r10d
+ leal -20(,%r10,4),%r10d
+
+
+
+
+ leaq 96(%rcx,%r10,4),%r11
+ vbroadcasti32x4 (%rcx),%zmm13
+ vbroadcasti32x4 (%r11),%zmm14
+
+
+ vpaddd L$ctr_pattern(%rip),%zmm12,%zmm12
+
+
+ vbroadcasti32x4 L$inc_4blocks(%rip),%zmm11
+
+
+
+ cmpq $256,%rdx
+ jb L$crypt_loop_4x_done__func1
+
+
+ vmovdqu8 256-256(%r9),%zmm27
+ vmovdqu8 256-192(%r9),%zmm28
+ vmovdqu8 256-128(%r9),%zmm29
+ vmovdqu8 256-64(%r9),%zmm30
+
+
+
+
+ vpshufb %zmm8,%zmm12,%zmm0
+ vpaddd %zmm11,%zmm12,%zmm12
+ vpshufb %zmm8,%zmm12,%zmm1
+ vpaddd %zmm11,%zmm12,%zmm12
+ vpshufb %zmm8,%zmm12,%zmm2
+ vpaddd %zmm11,%zmm12,%zmm12
+ vpshufb %zmm8,%zmm12,%zmm3
+ vpaddd %zmm11,%zmm12,%zmm12
+
+
+ vpxord %zmm13,%zmm0,%zmm0
+ vpxord %zmm13,%zmm1,%zmm1
+ vpxord %zmm13,%zmm2,%zmm2
+ vpxord %zmm13,%zmm3,%zmm3
+
+ leaq 16(%rcx),%rax
+L$vaesenc_loop_first_4_vecs__func1:
+ vbroadcasti32x4 (%rax),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ vaesenc %zmm9,%zmm1,%zmm1
+ vaesenc %zmm9,%zmm2,%zmm2
+ vaesenc %zmm9,%zmm3,%zmm3
+
+ addq $16,%rax
+ cmpq %rax,%r11
+ jne L$vaesenc_loop_first_4_vecs__func1
+ vpxord 0(%rdi),%zmm14,%zmm4
+ vpxord 64(%rdi),%zmm14,%zmm5
+ vpxord 128(%rdi),%zmm14,%zmm6
+ vpxord 192(%rdi),%zmm14,%zmm7
+ vaesenclast %zmm4,%zmm0,%zmm4
+ vaesenclast %zmm5,%zmm1,%zmm5
+ vaesenclast %zmm6,%zmm2,%zmm6
+ vaesenclast %zmm7,%zmm3,%zmm7
+ vmovdqu8 %zmm4,0(%rsi)
+ vmovdqu8 %zmm5,64(%rsi)
+ vmovdqu8 %zmm6,128(%rsi)
+ vmovdqu8 %zmm7,192(%rsi)
+
+ addq $256,%rdi
+ addq $256,%rsi
+ subq $256,%rdx
+ cmpq $256,%rdx
+ jb L$ghash_last_ciphertext_4x__func1
+
+ vbroadcasti32x4 -144(%r11),%zmm15
+ vbroadcasti32x4 -128(%r11),%zmm16
+ vbroadcasti32x4 -112(%r11),%zmm17
+ vbroadcasti32x4 -96(%r11),%zmm18
+ vbroadcasti32x4 -80(%r11),%zmm19
+ vbroadcasti32x4 -64(%r11),%zmm20
+ vbroadcasti32x4 -48(%r11),%zmm21
+ vbroadcasti32x4 -32(%r11),%zmm22
+ vbroadcasti32x4 -16(%r11),%zmm23
+
+L$crypt_loop_4x__func1:
+
+
+
+ vpshufb %zmm8,%zmm12,%zmm0
+ vpaddd %zmm11,%zmm12,%zmm12
+ vpshufb %zmm8,%zmm12,%zmm1
+ vpaddd %zmm11,%zmm12,%zmm12
+ vpshufb %zmm8,%zmm12,%zmm2
+ vpaddd %zmm11,%zmm12,%zmm12
+ vpshufb %zmm8,%zmm12,%zmm3
+ vpaddd %zmm11,%zmm12,%zmm12
+
+
+ vpxord %zmm13,%zmm0,%zmm0
+ vpxord %zmm13,%zmm1,%zmm1
+ vpxord %zmm13,%zmm2,%zmm2
+ vpxord %zmm13,%zmm3,%zmm3
+
+ cmpl $24,%r10d
+ jl L$aes128__func1
+ je L$aes192__func1
+
+ vbroadcasti32x4 -208(%r11),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ vaesenc %zmm9,%zmm1,%zmm1
+ vaesenc %zmm9,%zmm2,%zmm2
+ vaesenc %zmm9,%zmm3,%zmm3
+
+ vbroadcasti32x4 -192(%r11),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ vaesenc %zmm9,%zmm1,%zmm1
+ vaesenc %zmm9,%zmm2,%zmm2
+ vaesenc %zmm9,%zmm3,%zmm3
+
+L$aes192__func1:
+ vbroadcasti32x4 -176(%r11),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ vaesenc %zmm9,%zmm1,%zmm1
+ vaesenc %zmm9,%zmm2,%zmm2
+ vaesenc %zmm9,%zmm3,%zmm3
+
+ vbroadcasti32x4 -160(%r11),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ vaesenc %zmm9,%zmm1,%zmm1
+ vaesenc %zmm9,%zmm2,%zmm2
+ vaesenc %zmm9,%zmm3,%zmm3
+
+L$aes128__func1:
+
+
+
+
+ prefetcht0 512+0(%rdi)
+ prefetcht0 512+64(%rdi)
+ prefetcht0 512+128(%rdi)
+ prefetcht0 512+192(%rdi)
+
+
+
+
+ vpshufb %zmm8,%zmm4,%zmm4
+ vpxord %zmm10,%zmm4,%zmm4
+ vpshufb %zmm8,%zmm5,%zmm5
+ vpshufb %zmm8,%zmm6,%zmm6
+
+ vaesenc %zmm15,%zmm0,%zmm0
+ vaesenc %zmm15,%zmm1,%zmm1
+ vaesenc %zmm15,%zmm2,%zmm2
+ vaesenc %zmm15,%zmm3,%zmm3
+
+ vpshufb %zmm8,%zmm7,%zmm7
+ vpclmulqdq $0x00,%zmm27,%zmm4,%zmm10
+ vpclmulqdq $0x00,%zmm28,%zmm5,%zmm24
+ vpclmulqdq $0x00,%zmm29,%zmm6,%zmm25
+
+ vaesenc %zmm16,%zmm0,%zmm0
+ vaesenc %zmm16,%zmm1,%zmm1
+ vaesenc %zmm16,%zmm2,%zmm2
+ vaesenc %zmm16,%zmm3,%zmm3
+
+ vpxord %zmm24,%zmm10,%zmm10
+ vpclmulqdq $0x00,%zmm30,%zmm7,%zmm26
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm10
+ vpclmulqdq $0x01,%zmm27,%zmm4,%zmm24
+
+ vaesenc %zmm17,%zmm0,%zmm0
+ vaesenc %zmm17,%zmm1,%zmm1
+ vaesenc %zmm17,%zmm2,%zmm2
+ vaesenc %zmm17,%zmm3,%zmm3
+
+ vpclmulqdq $0x01,%zmm28,%zmm5,%zmm25
+ vpclmulqdq $0x01,%zmm29,%zmm6,%zmm26
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm24
+ vpclmulqdq $0x01,%zmm30,%zmm7,%zmm25
+
+ vaesenc %zmm18,%zmm0,%zmm0
+ vaesenc %zmm18,%zmm1,%zmm1
+ vaesenc %zmm18,%zmm2,%zmm2
+ vaesenc %zmm18,%zmm3,%zmm3
+
+ vpclmulqdq $0x10,%zmm27,%zmm4,%zmm26
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm24
+ vpclmulqdq $0x10,%zmm28,%zmm5,%zmm25
+ vpclmulqdq $0x10,%zmm29,%zmm6,%zmm26
+
+ vaesenc %zmm19,%zmm0,%zmm0
+ vaesenc %zmm19,%zmm1,%zmm1
+ vaesenc %zmm19,%zmm2,%zmm2
+ vaesenc %zmm19,%zmm3,%zmm3
+
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm24
+ vpclmulqdq $0x01,%zmm10,%zmm31,%zmm26
+ vpclmulqdq $0x10,%zmm30,%zmm7,%zmm25
+ vpxord %zmm25,%zmm24,%zmm24
+
+ vaesenc %zmm20,%zmm0,%zmm0
+ vaesenc %zmm20,%zmm1,%zmm1
+ vaesenc %zmm20,%zmm2,%zmm2
+ vaesenc %zmm20,%zmm3,%zmm3
+
+ vpshufd $0x4e,%zmm10,%zmm10
+ vpclmulqdq $0x11,%zmm27,%zmm4,%zmm4
+ vpclmulqdq $0x11,%zmm28,%zmm5,%zmm5
+ vpclmulqdq $0x11,%zmm29,%zmm6,%zmm6
+
+ vaesenc %zmm21,%zmm0,%zmm0
+ vaesenc %zmm21,%zmm1,%zmm1
+ vaesenc %zmm21,%zmm2,%zmm2
+ vaesenc %zmm21,%zmm3,%zmm3
+
+ vpternlogd $0x96,%zmm26,%zmm10,%zmm24
+ vpclmulqdq $0x11,%zmm30,%zmm7,%zmm7
+ vpternlogd $0x96,%zmm6,%zmm5,%zmm4
+ vpclmulqdq $0x01,%zmm24,%zmm31,%zmm25
+
+ vaesenc %zmm22,%zmm0,%zmm0
+ vaesenc %zmm22,%zmm1,%zmm1
+ vaesenc %zmm22,%zmm2,%zmm2
+ vaesenc %zmm22,%zmm3,%zmm3
+
+ vpxord %zmm7,%zmm4,%zmm10
+ vpshufd $0x4e,%zmm24,%zmm24
+ vpternlogd $0x96,%zmm25,%zmm24,%zmm10
+
+ vaesenc %zmm23,%zmm0,%zmm0
+ vaesenc %zmm23,%zmm1,%zmm1
+ vaesenc %zmm23,%zmm2,%zmm2
+ vaesenc %zmm23,%zmm3,%zmm3
+
+
+ vextracti32x4 $1,%zmm10,%xmm4
+ vextracti32x4 $2,%zmm10,%xmm5
+ vextracti32x4 $3,%zmm10,%xmm6
+ vpxord %xmm4,%xmm10,%xmm10
+ vpternlogd $0x96,%xmm5,%xmm6,%xmm10
+
+ vpxord 0(%rdi),%zmm14,%zmm4
+ vpxord 64(%rdi),%zmm14,%zmm5
+ vpxord 128(%rdi),%zmm14,%zmm6
+ vpxord 192(%rdi),%zmm14,%zmm7
+ vaesenclast %zmm4,%zmm0,%zmm4
+ vaesenclast %zmm5,%zmm1,%zmm5
+ vaesenclast %zmm6,%zmm2,%zmm6
+ vaesenclast %zmm7,%zmm3,%zmm7
+ vmovdqu8 %zmm4,0(%rsi)
+ vmovdqu8 %zmm5,64(%rsi)
+ vmovdqu8 %zmm6,128(%rsi)
+ vmovdqu8 %zmm7,192(%rsi)
+
+ addq $256,%rdi
+ addq $256,%rsi
+ subq $256,%rdx
+ cmpq $256,%rdx
+ jae L$crypt_loop_4x__func1
+L$ghash_last_ciphertext_4x__func1:
+ vpshufb %zmm8,%zmm4,%zmm4
+ vpxord %zmm10,%zmm4,%zmm4
+ vpshufb %zmm8,%zmm5,%zmm5
+ vpshufb %zmm8,%zmm6,%zmm6
+ vpshufb %zmm8,%zmm7,%zmm7
+ vpclmulqdq $0x00,%zmm27,%zmm4,%zmm10
+ vpclmulqdq $0x00,%zmm28,%zmm5,%zmm24
+ vpclmulqdq $0x00,%zmm29,%zmm6,%zmm25
+ vpxord %zmm24,%zmm10,%zmm10
+ vpclmulqdq $0x00,%zmm30,%zmm7,%zmm26
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm10
+ vpclmulqdq $0x01,%zmm27,%zmm4,%zmm24
+ vpclmulqdq $0x01,%zmm28,%zmm5,%zmm25
+ vpclmulqdq $0x01,%zmm29,%zmm6,%zmm26
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm24
+ vpclmulqdq $0x01,%zmm30,%zmm7,%zmm25
+ vpclmulqdq $0x10,%zmm27,%zmm4,%zmm26
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm24
+ vpclmulqdq $0x10,%zmm28,%zmm5,%zmm25
+ vpclmulqdq $0x10,%zmm29,%zmm6,%zmm26
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm24
+ vpclmulqdq $0x01,%zmm10,%zmm31,%zmm26
+ vpclmulqdq $0x10,%zmm30,%zmm7,%zmm25
+ vpxord %zmm25,%zmm24,%zmm24
+ vpshufd $0x4e,%zmm10,%zmm10
+ vpclmulqdq $0x11,%zmm27,%zmm4,%zmm4
+ vpclmulqdq $0x11,%zmm28,%zmm5,%zmm5
+ vpclmulqdq $0x11,%zmm29,%zmm6,%zmm6
+ vpternlogd $0x96,%zmm26,%zmm10,%zmm24
+ vpclmulqdq $0x11,%zmm30,%zmm7,%zmm7
+ vpternlogd $0x96,%zmm6,%zmm5,%zmm4
+ vpclmulqdq $0x01,%zmm24,%zmm31,%zmm25
+ vpxord %zmm7,%zmm4,%zmm10
+ vpshufd $0x4e,%zmm24,%zmm24
+ vpternlogd $0x96,%zmm25,%zmm24,%zmm10
+ vextracti32x4 $1,%zmm10,%xmm4
+ vextracti32x4 $2,%zmm10,%xmm5
+ vextracti32x4 $3,%zmm10,%xmm6
+ vpxord %xmm4,%xmm10,%xmm10
+ vpternlogd $0x96,%xmm5,%xmm6,%xmm10
+
+L$crypt_loop_4x_done__func1:
+
+ testq %rdx,%rdx
+ jz L$done__func1
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ movq %rdx,%rax
+ negq %rax
+ andq $-16,%rax
+ leaq 256(%r9,%rax,1),%r8
+ vpxor %xmm4,%xmm4,%xmm4
+ vpxor %xmm5,%xmm5,%xmm5
+ vpxor %xmm6,%xmm6,%xmm6
+
+ cmpq $64,%rdx
+ jb L$partial_vec__func1
+
+L$crypt_loop_1x__func1:
+
+
+
+ vpshufb %zmm8,%zmm12,%zmm0
+ vpaddd %zmm11,%zmm12,%zmm12
+ vpxord %zmm13,%zmm0,%zmm0
+ leaq 16(%rcx),%rax
+L$vaesenc_loop_tail_full_vec__func1:
+ vbroadcasti32x4 (%rax),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ addq $16,%rax
+ cmpq %rax,%r11
+ jne L$vaesenc_loop_tail_full_vec__func1
+ vaesenclast %zmm14,%zmm0,%zmm0
+
+
+ vmovdqu8 (%rdi),%zmm1
+ vpxord %zmm1,%zmm0,%zmm0
+ vmovdqu8 %zmm0,(%rsi)
+
+
+ vmovdqu8 (%r8),%zmm30
+ vpshufb %zmm8,%zmm0,%zmm0
+ vpxord %zmm10,%zmm0,%zmm0
+ vpclmulqdq $0x00,%zmm30,%zmm0,%zmm7
+ vpclmulqdq $0x01,%zmm30,%zmm0,%zmm1
+ vpclmulqdq $0x10,%zmm30,%zmm0,%zmm2
+ vpclmulqdq $0x11,%zmm30,%zmm0,%zmm3
+ vpxord %zmm7,%zmm4,%zmm4
+ vpternlogd $0x96,%zmm2,%zmm1,%zmm5
+ vpxord %zmm3,%zmm6,%zmm6
+
+ vpxor %xmm10,%xmm10,%xmm10
+
+ addq $64,%r8
+ addq $64,%rdi
+ addq $64,%rsi
+ subq $64,%rdx
+ cmpq $64,%rdx
+ jae L$crypt_loop_1x__func1
+
+ testq %rdx,%rdx
+ jz L$reduce__func1
+
+L$partial_vec__func1:
+
+
+
+
+ movq $-1,%rax
+ bzhiq %rdx,%rax,%rax
+ kmovq %rax,%k1
+ addq $15,%rdx
+ andq $-16,%rdx
+ movq $-1,%rax
+ bzhiq %rdx,%rax,%rax
+ kmovq %rax,%k2
+
+
+
+ vpshufb %zmm8,%zmm12,%zmm0
+ vpxord %zmm13,%zmm0,%zmm0
+ leaq 16(%rcx),%rax
+L$vaesenc_loop_tail_partialvec__func1:
+ vbroadcasti32x4 (%rax),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ addq $16,%rax
+ cmpq %rax,%r11
+ jne L$vaesenc_loop_tail_partialvec__func1
+ vaesenclast %zmm14,%zmm0,%zmm0
+
+
+ vmovdqu8 (%rdi),%zmm1{%k1}{z}
+ vpxord %zmm1,%zmm0,%zmm0
+ vmovdqu8 %zmm0,(%rsi){%k1}
+
+
+
+
+
+
+
+
+
+
+
+
+
+ vmovdqu8 (%r8),%zmm30{%k2}{z}
+ vmovdqu8 %zmm0,%zmm1{%k1}{z}
+ vpshufb %zmm8,%zmm1,%zmm0
+ vpxord %zmm10,%zmm0,%zmm0
+ vpclmulqdq $0x00,%zmm30,%zmm0,%zmm7
+ vpclmulqdq $0x01,%zmm30,%zmm0,%zmm1
+ vpclmulqdq $0x10,%zmm30,%zmm0,%zmm2
+ vpclmulqdq $0x11,%zmm30,%zmm0,%zmm3
+ vpxord %zmm7,%zmm4,%zmm4
+ vpternlogd $0x96,%zmm2,%zmm1,%zmm5
+ vpxord %zmm3,%zmm6,%zmm6
+
+
+L$reduce__func1:
+
+ vpclmulqdq $0x01,%zmm4,%zmm31,%zmm0
+ vpshufd $0x4e,%zmm4,%zmm4
+ vpternlogd $0x96,%zmm0,%zmm4,%zmm5
+ vpclmulqdq $0x01,%zmm5,%zmm31,%zmm0
+ vpshufd $0x4e,%zmm5,%zmm5
+ vpternlogd $0x96,%zmm0,%zmm5,%zmm6
+
+ vextracti32x4 $1,%zmm6,%xmm0
+ vextracti32x4 $2,%zmm6,%xmm1
+ vextracti32x4 $3,%zmm6,%xmm2
+ vpxord %xmm0,%xmm6,%xmm10
+ vpternlogd $0x96,%xmm1,%xmm2,%xmm10
+
+
+L$done__func1:
+
+ vpshufb %xmm8,%xmm10,%xmm10
+ vmovdqu %xmm10,(%r12)
+
+ vzeroupper
+ popq %r12
+
+ ret
+
+
+
+.globl _aes_gcm_dec_update_vaes_avx512
+.private_extern _aes_gcm_dec_update_vaes_avx512
+
+.p2align 5
+_aes_gcm_dec_update_vaes_avx512:
+
+
+_CET_ENDBR
+ pushq %r12
+
+
+ movq 16(%rsp),%r12
+
+ vbroadcasti32x4 L$bswap_mask(%rip),%zmm8
+ vbroadcasti32x4 L$gfpoly(%rip),%zmm31
+
+
+
+ vmovdqu (%r12),%xmm10
+ vpshufb %xmm8,%xmm10,%xmm10
+ vbroadcasti32x4 (%r8),%zmm12
+ vpshufb %zmm8,%zmm12,%zmm12
+
+
+
+ movl 240(%rcx),%r10d
+ leal -20(,%r10,4),%r10d
+
+
+
+
+ leaq 96(%rcx,%r10,4),%r11
+ vbroadcasti32x4 (%rcx),%zmm13
+ vbroadcasti32x4 (%r11),%zmm14
+
+
+ vpaddd L$ctr_pattern(%rip),%zmm12,%zmm12
+
+
+ vbroadcasti32x4 L$inc_4blocks(%rip),%zmm11
+
+
+
+ cmpq $256,%rdx
+ jb L$crypt_loop_4x_done__func2
+
+
+ vmovdqu8 256-256(%r9),%zmm27
+ vmovdqu8 256-192(%r9),%zmm28
+ vmovdqu8 256-128(%r9),%zmm29
+ vmovdqu8 256-64(%r9),%zmm30
+
+ vbroadcasti32x4 -144(%r11),%zmm15
+ vbroadcasti32x4 -128(%r11),%zmm16
+ vbroadcasti32x4 -112(%r11),%zmm17
+ vbroadcasti32x4 -96(%r11),%zmm18
+ vbroadcasti32x4 -80(%r11),%zmm19
+ vbroadcasti32x4 -64(%r11),%zmm20
+ vbroadcasti32x4 -48(%r11),%zmm21
+ vbroadcasti32x4 -32(%r11),%zmm22
+ vbroadcasti32x4 -16(%r11),%zmm23
+
+L$crypt_loop_4x__func2:
+ vmovdqu8 0(%rdi),%zmm4
+ vmovdqu8 64(%rdi),%zmm5
+ vmovdqu8 128(%rdi),%zmm6
+ vmovdqu8 192(%rdi),%zmm7
+
+
+
+ vpshufb %zmm8,%zmm12,%zmm0
+ vpaddd %zmm11,%zmm12,%zmm12
+ vpshufb %zmm8,%zmm12,%zmm1
+ vpaddd %zmm11,%zmm12,%zmm12
+ vpshufb %zmm8,%zmm12,%zmm2
+ vpaddd %zmm11,%zmm12,%zmm12
+ vpshufb %zmm8,%zmm12,%zmm3
+ vpaddd %zmm11,%zmm12,%zmm12
+
+
+ vpxord %zmm13,%zmm0,%zmm0
+ vpxord %zmm13,%zmm1,%zmm1
+ vpxord %zmm13,%zmm2,%zmm2
+ vpxord %zmm13,%zmm3,%zmm3
+
+ cmpl $24,%r10d
+ jl L$aes128__func2
+ je L$aes192__func2
+
+ vbroadcasti32x4 -208(%r11),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ vaesenc %zmm9,%zmm1,%zmm1
+ vaesenc %zmm9,%zmm2,%zmm2
+ vaesenc %zmm9,%zmm3,%zmm3
+
+ vbroadcasti32x4 -192(%r11),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ vaesenc %zmm9,%zmm1,%zmm1
+ vaesenc %zmm9,%zmm2,%zmm2
+ vaesenc %zmm9,%zmm3,%zmm3
+
+L$aes192__func2:
+ vbroadcasti32x4 -176(%r11),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ vaesenc %zmm9,%zmm1,%zmm1
+ vaesenc %zmm9,%zmm2,%zmm2
+ vaesenc %zmm9,%zmm3,%zmm3
+
+ vbroadcasti32x4 -160(%r11),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ vaesenc %zmm9,%zmm1,%zmm1
+ vaesenc %zmm9,%zmm2,%zmm2
+ vaesenc %zmm9,%zmm3,%zmm3
+
+L$aes128__func2:
+
+
+
+
+ prefetcht0 512+0(%rdi)
+ prefetcht0 512+64(%rdi)
+ prefetcht0 512+128(%rdi)
+ prefetcht0 512+192(%rdi)
+
+
+
+
+ vpshufb %zmm8,%zmm4,%zmm4
+ vpxord %zmm10,%zmm4,%zmm4
+ vpshufb %zmm8,%zmm5,%zmm5
+ vpshufb %zmm8,%zmm6,%zmm6
+
+ vaesenc %zmm15,%zmm0,%zmm0
+ vaesenc %zmm15,%zmm1,%zmm1
+ vaesenc %zmm15,%zmm2,%zmm2
+ vaesenc %zmm15,%zmm3,%zmm3
+
+ vpshufb %zmm8,%zmm7,%zmm7
+ vpclmulqdq $0x00,%zmm27,%zmm4,%zmm10
+ vpclmulqdq $0x00,%zmm28,%zmm5,%zmm24
+ vpclmulqdq $0x00,%zmm29,%zmm6,%zmm25
+
+ vaesenc %zmm16,%zmm0,%zmm0
+ vaesenc %zmm16,%zmm1,%zmm1
+ vaesenc %zmm16,%zmm2,%zmm2
+ vaesenc %zmm16,%zmm3,%zmm3
+
+ vpxord %zmm24,%zmm10,%zmm10
+ vpclmulqdq $0x00,%zmm30,%zmm7,%zmm26
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm10
+ vpclmulqdq $0x01,%zmm27,%zmm4,%zmm24
+
+ vaesenc %zmm17,%zmm0,%zmm0
+ vaesenc %zmm17,%zmm1,%zmm1
+ vaesenc %zmm17,%zmm2,%zmm2
+ vaesenc %zmm17,%zmm3,%zmm3
+
+ vpclmulqdq $0x01,%zmm28,%zmm5,%zmm25
+ vpclmulqdq $0x01,%zmm29,%zmm6,%zmm26
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm24
+ vpclmulqdq $0x01,%zmm30,%zmm7,%zmm25
+
+ vaesenc %zmm18,%zmm0,%zmm0
+ vaesenc %zmm18,%zmm1,%zmm1
+ vaesenc %zmm18,%zmm2,%zmm2
+ vaesenc %zmm18,%zmm3,%zmm3
+
+ vpclmulqdq $0x10,%zmm27,%zmm4,%zmm26
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm24
+ vpclmulqdq $0x10,%zmm28,%zmm5,%zmm25
+ vpclmulqdq $0x10,%zmm29,%zmm6,%zmm26
+
+ vaesenc %zmm19,%zmm0,%zmm0
+ vaesenc %zmm19,%zmm1,%zmm1
+ vaesenc %zmm19,%zmm2,%zmm2
+ vaesenc %zmm19,%zmm3,%zmm3
+
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm24
+ vpclmulqdq $0x01,%zmm10,%zmm31,%zmm26
+ vpclmulqdq $0x10,%zmm30,%zmm7,%zmm25
+ vpxord %zmm25,%zmm24,%zmm24
+
+ vaesenc %zmm20,%zmm0,%zmm0
+ vaesenc %zmm20,%zmm1,%zmm1
+ vaesenc %zmm20,%zmm2,%zmm2
+ vaesenc %zmm20,%zmm3,%zmm3
+
+ vpshufd $0x4e,%zmm10,%zmm10
+ vpclmulqdq $0x11,%zmm27,%zmm4,%zmm4
+ vpclmulqdq $0x11,%zmm28,%zmm5,%zmm5
+ vpclmulqdq $0x11,%zmm29,%zmm6,%zmm6
+
+ vaesenc %zmm21,%zmm0,%zmm0
+ vaesenc %zmm21,%zmm1,%zmm1
+ vaesenc %zmm21,%zmm2,%zmm2
+ vaesenc %zmm21,%zmm3,%zmm3
+
+ vpternlogd $0x96,%zmm26,%zmm10,%zmm24
+ vpclmulqdq $0x11,%zmm30,%zmm7,%zmm7
+ vpternlogd $0x96,%zmm6,%zmm5,%zmm4
+ vpclmulqdq $0x01,%zmm24,%zmm31,%zmm25
+
+ vaesenc %zmm22,%zmm0,%zmm0
+ vaesenc %zmm22,%zmm1,%zmm1
+ vaesenc %zmm22,%zmm2,%zmm2
+ vaesenc %zmm22,%zmm3,%zmm3
+
+ vpxord %zmm7,%zmm4,%zmm10
+ vpshufd $0x4e,%zmm24,%zmm24
+ vpternlogd $0x96,%zmm25,%zmm24,%zmm10
+
+ vaesenc %zmm23,%zmm0,%zmm0
+ vaesenc %zmm23,%zmm1,%zmm1
+ vaesenc %zmm23,%zmm2,%zmm2
+ vaesenc %zmm23,%zmm3,%zmm3
+
+
+ vextracti32x4 $1,%zmm10,%xmm4
+ vextracti32x4 $2,%zmm10,%xmm5
+ vextracti32x4 $3,%zmm10,%xmm6
+ vpxord %xmm4,%xmm10,%xmm10
+ vpternlogd $0x96,%xmm5,%xmm6,%xmm10
+
+ vpxord 0(%rdi),%zmm14,%zmm4
+ vpxord 64(%rdi),%zmm14,%zmm5
+ vpxord 128(%rdi),%zmm14,%zmm6
+ vpxord 192(%rdi),%zmm14,%zmm7
+ vaesenclast %zmm4,%zmm0,%zmm4
+ vaesenclast %zmm5,%zmm1,%zmm5
+ vaesenclast %zmm6,%zmm2,%zmm6
+ vaesenclast %zmm7,%zmm3,%zmm7
+ vmovdqu8 %zmm4,0(%rsi)
+ vmovdqu8 %zmm5,64(%rsi)
+ vmovdqu8 %zmm6,128(%rsi)
+ vmovdqu8 %zmm7,192(%rsi)
+
+ addq $256,%rdi
+ addq $256,%rsi
+ subq $256,%rdx
+ cmpq $256,%rdx
+ jae L$crypt_loop_4x__func2
+L$crypt_loop_4x_done__func2:
+
+ testq %rdx,%rdx
+ jz L$done__func2
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ movq %rdx,%rax
+ negq %rax
+ andq $-16,%rax
+ leaq 256(%r9,%rax,1),%r8
+ vpxor %xmm4,%xmm4,%xmm4
+ vpxor %xmm5,%xmm5,%xmm5
+ vpxor %xmm6,%xmm6,%xmm6
+
+ cmpq $64,%rdx
+ jb L$partial_vec__func2
+
+L$crypt_loop_1x__func2:
+
+
+
+ vpshufb %zmm8,%zmm12,%zmm0
+ vpaddd %zmm11,%zmm12,%zmm12
+ vpxord %zmm13,%zmm0,%zmm0
+ leaq 16(%rcx),%rax
+L$vaesenc_loop_tail_full_vec__func2:
+ vbroadcasti32x4 (%rax),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ addq $16,%rax
+ cmpq %rax,%r11
+ jne L$vaesenc_loop_tail_full_vec__func2
+ vaesenclast %zmm14,%zmm0,%zmm0
+
+
+ vmovdqu8 (%rdi),%zmm1
+ vpxord %zmm1,%zmm0,%zmm0
+ vmovdqu8 %zmm0,(%rsi)
+
+
+ vmovdqu8 (%r8),%zmm30
+ vpshufb %zmm8,%zmm1,%zmm0
+ vpxord %zmm10,%zmm0,%zmm0
+ vpclmulqdq $0x00,%zmm30,%zmm0,%zmm7
+ vpclmulqdq $0x01,%zmm30,%zmm0,%zmm1
+ vpclmulqdq $0x10,%zmm30,%zmm0,%zmm2
+ vpclmulqdq $0x11,%zmm30,%zmm0,%zmm3
+ vpxord %zmm7,%zmm4,%zmm4
+ vpternlogd $0x96,%zmm2,%zmm1,%zmm5
+ vpxord %zmm3,%zmm6,%zmm6
+
+ vpxor %xmm10,%xmm10,%xmm10
+
+ addq $64,%r8
+ addq $64,%rdi
+ addq $64,%rsi
+ subq $64,%rdx
+ cmpq $64,%rdx
+ jae L$crypt_loop_1x__func2
+
+ testq %rdx,%rdx
+ jz L$reduce__func2
+
+L$partial_vec__func2:
+
+
+
+
+ movq $-1,%rax
+ bzhiq %rdx,%rax,%rax
+ kmovq %rax,%k1
+ addq $15,%rdx
+ andq $-16,%rdx
+ movq $-1,%rax
+ bzhiq %rdx,%rax,%rax
+ kmovq %rax,%k2
+
+
+
+ vpshufb %zmm8,%zmm12,%zmm0
+ vpxord %zmm13,%zmm0,%zmm0
+ leaq 16(%rcx),%rax
+L$vaesenc_loop_tail_partialvec__func2:
+ vbroadcasti32x4 (%rax),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ addq $16,%rax
+ cmpq %rax,%r11
+ jne L$vaesenc_loop_tail_partialvec__func2
+ vaesenclast %zmm14,%zmm0,%zmm0
+
+
+ vmovdqu8 (%rdi),%zmm1{%k1}{z}
+ vpxord %zmm1,%zmm0,%zmm0
+ vmovdqu8 %zmm0,(%rsi){%k1}
+
+
+
+
+
+
+
+
+
+
+
+
+
+ vmovdqu8 (%r8),%zmm30{%k2}{z}
+
+ vpshufb %zmm8,%zmm1,%zmm0
+ vpxord %zmm10,%zmm0,%zmm0
+ vpclmulqdq $0x00,%zmm30,%zmm0,%zmm7
+ vpclmulqdq $0x01,%zmm30,%zmm0,%zmm1
+ vpclmulqdq $0x10,%zmm30,%zmm0,%zmm2
+ vpclmulqdq $0x11,%zmm30,%zmm0,%zmm3
+ vpxord %zmm7,%zmm4,%zmm4
+ vpternlogd $0x96,%zmm2,%zmm1,%zmm5
+ vpxord %zmm3,%zmm6,%zmm6
+
+
+L$reduce__func2:
+
+ vpclmulqdq $0x01,%zmm4,%zmm31,%zmm0
+ vpshufd $0x4e,%zmm4,%zmm4
+ vpternlogd $0x96,%zmm0,%zmm4,%zmm5
+ vpclmulqdq $0x01,%zmm5,%zmm31,%zmm0
+ vpshufd $0x4e,%zmm5,%zmm5
+ vpternlogd $0x96,%zmm0,%zmm5,%zmm6
+
+ vextracti32x4 $1,%zmm6,%xmm0
+ vextracti32x4 $2,%zmm6,%xmm1
+ vextracti32x4 $3,%zmm6,%xmm2
+ vpxord %xmm0,%xmm6,%xmm10
+ vpternlogd $0x96,%xmm1,%xmm2,%xmm10
+
+
+L$done__func2:
+
+ vpshufb %xmm8,%xmm10,%xmm10
+ vmovdqu %xmm10,(%r12)
+
+ vzeroupper
+ popq %r12
+
+ ret
+
+
+
+#endif
diff --git a/src/gen/bcm/aes-gcm-avx512-x86_64-linux.S b/src/gen/bcm/aes-gcm-avx512-x86_64-linux.S
new file mode 100644
index 0000000..bec5e88
--- /dev/null
+++ b/src/gen/bcm/aes-gcm-avx512-x86_64-linux.S
@@ -0,0 +1,1251 @@
+// This file is generated from a similarly-named Perl script in the BoringSSL
+// source tree. Do not edit by hand.
+
+#include <openssl/asm_base.h>
+
+#if !defined(OPENSSL_NO_ASM) && defined(OPENSSL_X86_64) && defined(__ELF__)
+.section .rodata
+.align 64
+
+
+.Lbswap_mask:
+.quad 0x08090a0b0c0d0e0f, 0x0001020304050607
+
+
+
+
+
+
+
+
+.Lgfpoly:
+.quad 1, 0xc200000000000000
+
+
+.Lgfpoly_and_internal_carrybit:
+.quad 1, 0xc200000000000001
+
+
+.Lctr_pattern:
+.quad 0, 0
+.quad 1, 0
+.quad 2, 0
+.quad 3, 0
+
+
+.Linc_4blocks:
+.quad 4, 0
+
+.text
+.globl gcm_init_vpclmulqdq_avx512
+.hidden gcm_init_vpclmulqdq_avx512
+.type gcm_init_vpclmulqdq_avx512,@function
+.align 32
+gcm_init_vpclmulqdq_avx512:
+.cfi_startproc
+
+_CET_ENDBR
+
+ leaq 256-64(%rdi),%r8
+
+
+
+ vpshufd $0x4e,(%rsi),%xmm3
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ vpshufd $0xd3,%xmm3,%xmm0
+ vpsrad $31,%xmm0,%xmm0
+ vpaddq %xmm3,%xmm3,%xmm3
+
+ vpternlogd $0x78,.Lgfpoly_and_internal_carrybit(%rip),%xmm0,%xmm3
+
+
+ vbroadcasti32x4 .Lgfpoly(%rip),%zmm5
+
+
+
+
+
+
+
+
+ vpclmulqdq $0x00,%xmm3,%xmm3,%xmm0
+ vpclmulqdq $0x11,%xmm3,%xmm3,%xmm4
+ vpclmulqdq $0x01,%xmm0,%xmm5,%xmm1
+ vpshufd $0x4e,%xmm0,%xmm0
+ vpxor %xmm0,%xmm1,%xmm1
+ vpclmulqdq $0x01,%xmm1,%xmm5,%xmm0
+ vpshufd $0x4e,%xmm1,%xmm1
+ vpternlogd $0x96,%xmm0,%xmm1,%xmm4
+
+
+
+ vinserti128 $1,%xmm3,%ymm4,%ymm3
+ vinserti128 $1,%xmm4,%ymm4,%ymm4
+
+
+ vpclmulqdq $0x00,%ymm4,%ymm3,%ymm0
+ vpclmulqdq $0x01,%ymm4,%ymm3,%ymm1
+ vpclmulqdq $0x10,%ymm4,%ymm3,%ymm2
+ vpxord %ymm2,%ymm1,%ymm1
+ vpclmulqdq $0x01,%ymm0,%ymm5,%ymm2
+ vpshufd $0x4e,%ymm0,%ymm0
+ vpternlogd $0x96,%ymm2,%ymm0,%ymm1
+ vpclmulqdq $0x11,%ymm4,%ymm3,%ymm4
+ vpclmulqdq $0x01,%ymm1,%ymm5,%ymm0
+ vpshufd $0x4e,%ymm1,%ymm1
+ vpternlogd $0x96,%ymm0,%ymm1,%ymm4
+
+ vinserti64x4 $1,%ymm3,%zmm4,%zmm3
+ vshufi64x2 $0,%zmm4,%zmm4,%zmm4
+
+
+ vmovdqu8 %zmm3,(%r8)
+
+
+
+
+ movl $3,%eax
+.Lprecompute_next:
+ subq $64,%r8
+ vpclmulqdq $0x00,%zmm4,%zmm3,%zmm0
+ vpclmulqdq $0x01,%zmm4,%zmm3,%zmm1
+ vpclmulqdq $0x10,%zmm4,%zmm3,%zmm2
+ vpxord %zmm2,%zmm1,%zmm1
+ vpclmulqdq $0x01,%zmm0,%zmm5,%zmm2
+ vpshufd $0x4e,%zmm0,%zmm0
+ vpternlogd $0x96,%zmm2,%zmm0,%zmm1
+ vpclmulqdq $0x11,%zmm4,%zmm3,%zmm3
+ vpclmulqdq $0x01,%zmm1,%zmm5,%zmm0
+ vpshufd $0x4e,%zmm1,%zmm1
+ vpternlogd $0x96,%zmm0,%zmm1,%zmm3
+
+ vmovdqu8 %zmm3,(%r8)
+ decl %eax
+ jnz .Lprecompute_next
+
+ vzeroupper
+ ret
+
+.cfi_endproc
+.size gcm_init_vpclmulqdq_avx512, . - gcm_init_vpclmulqdq_avx512
+.globl gcm_gmult_vpclmulqdq_avx512
+.hidden gcm_gmult_vpclmulqdq_avx512
+.type gcm_gmult_vpclmulqdq_avx512,@function
+.align 32
+gcm_gmult_vpclmulqdq_avx512:
+.cfi_startproc
+
+_CET_ENDBR
+
+
+
+ vmovdqu (%rdi),%xmm0
+ vmovdqu .Lbswap_mask(%rip),%xmm1
+ vmovdqu 256-16(%rsi),%xmm2
+ vmovdqu .Lgfpoly(%rip),%xmm3
+ vpshufb %xmm1,%xmm0,%xmm0
+
+ vpclmulqdq $0x00,%xmm2,%xmm0,%xmm4
+ vpclmulqdq $0x01,%xmm2,%xmm0,%xmm5
+ vpclmulqdq $0x10,%xmm2,%xmm0,%xmm6
+ vpxord %xmm6,%xmm5,%xmm5
+ vpclmulqdq $0x01,%xmm4,%xmm3,%xmm6
+ vpshufd $0x4e,%xmm4,%xmm4
+ vpternlogd $0x96,%xmm6,%xmm4,%xmm5
+ vpclmulqdq $0x11,%xmm2,%xmm0,%xmm0
+ vpclmulqdq $0x01,%xmm5,%xmm3,%xmm4
+ vpshufd $0x4e,%xmm5,%xmm5
+ vpternlogd $0x96,%xmm4,%xmm5,%xmm0
+
+
+ vpshufb %xmm1,%xmm0,%xmm0
+ vmovdqu %xmm0,(%rdi)
+
+
+ ret
+
+.cfi_endproc
+.size gcm_gmult_vpclmulqdq_avx512, . - gcm_gmult_vpclmulqdq_avx512
+.globl gcm_ghash_vpclmulqdq_avx512
+.hidden gcm_ghash_vpclmulqdq_avx512
+.type gcm_ghash_vpclmulqdq_avx512,@function
+.align 32
+gcm_ghash_vpclmulqdq_avx512:
+.cfi_startproc
+
+_CET_ENDBR
+
+
+
+
+
+
+ vmovdqu .Lbswap_mask(%rip),%xmm4
+ vmovdqu .Lgfpoly(%rip),%xmm10
+
+
+ vmovdqu (%rdi),%xmm5
+ vpshufb %xmm4,%xmm5,%xmm5
+
+
+ cmpq $64,%rcx
+ jb .Laad_blockbyblock
+
+
+
+ vshufi64x2 $0,%zmm4,%zmm4,%zmm4
+ vshufi64x2 $0,%zmm10,%zmm10,%zmm10
+
+
+ vmovdqu8 256-64(%rsi),%zmm9
+
+ cmpq $256,%rcx
+ jb .Laad_loop_1x
+
+
+ vmovdqu8 256-256(%rsi),%zmm6
+ vmovdqu8 256-192(%rsi),%zmm7
+ vmovdqu8 256-128(%rsi),%zmm8
+
+
+.Laad_loop_4x:
+ vmovdqu8 0(%rdx),%zmm0
+ vmovdqu8 64(%rdx),%zmm1
+ vmovdqu8 128(%rdx),%zmm2
+ vmovdqu8 192(%rdx),%zmm3
+ vpshufb %zmm4,%zmm0,%zmm0
+ vpxord %zmm5,%zmm0,%zmm0
+ vpshufb %zmm4,%zmm1,%zmm1
+ vpshufb %zmm4,%zmm2,%zmm2
+ vpshufb %zmm4,%zmm3,%zmm3
+ vpclmulqdq $0x00,%zmm6,%zmm0,%zmm5
+ vpclmulqdq $0x00,%zmm7,%zmm1,%zmm11
+ vpclmulqdq $0x00,%zmm8,%zmm2,%zmm12
+ vpxord %zmm11,%zmm5,%zmm5
+ vpclmulqdq $0x00,%zmm9,%zmm3,%zmm13
+ vpternlogd $0x96,%zmm13,%zmm12,%zmm5
+ vpclmulqdq $0x01,%zmm6,%zmm0,%zmm11
+ vpclmulqdq $0x01,%zmm7,%zmm1,%zmm12
+ vpclmulqdq $0x01,%zmm8,%zmm2,%zmm13
+ vpternlogd $0x96,%zmm13,%zmm12,%zmm11
+ vpclmulqdq $0x01,%zmm9,%zmm3,%zmm12
+ vpclmulqdq $0x10,%zmm6,%zmm0,%zmm13
+ vpternlogd $0x96,%zmm13,%zmm12,%zmm11
+ vpclmulqdq $0x10,%zmm7,%zmm1,%zmm12
+ vpclmulqdq $0x10,%zmm8,%zmm2,%zmm13
+ vpternlogd $0x96,%zmm13,%zmm12,%zmm11
+ vpclmulqdq $0x01,%zmm5,%zmm10,%zmm13
+ vpclmulqdq $0x10,%zmm9,%zmm3,%zmm12
+ vpxord %zmm12,%zmm11,%zmm11
+ vpshufd $0x4e,%zmm5,%zmm5
+ vpclmulqdq $0x11,%zmm6,%zmm0,%zmm0
+ vpclmulqdq $0x11,%zmm7,%zmm1,%zmm1
+ vpclmulqdq $0x11,%zmm8,%zmm2,%zmm2
+ vpternlogd $0x96,%zmm13,%zmm5,%zmm11
+ vpclmulqdq $0x11,%zmm9,%zmm3,%zmm3
+ vpternlogd $0x96,%zmm2,%zmm1,%zmm0
+ vpclmulqdq $0x01,%zmm11,%zmm10,%zmm12
+ vpxord %zmm3,%zmm0,%zmm5
+ vpshufd $0x4e,%zmm11,%zmm11
+ vpternlogd $0x96,%zmm12,%zmm11,%zmm5
+ vextracti32x4 $1,%zmm5,%xmm0
+ vextracti32x4 $2,%zmm5,%xmm1
+ vextracti32x4 $3,%zmm5,%xmm2
+ vpxord %xmm0,%xmm5,%xmm5
+ vpternlogd $0x96,%xmm1,%xmm2,%xmm5
+
+ addq $256,%rdx
+ subq $256,%rcx
+ cmpq $256,%rcx
+ jae .Laad_loop_4x
+
+
+ cmpq $64,%rcx
+ jb .Laad_large_done
+.Laad_loop_1x:
+ vmovdqu8 (%rdx),%zmm0
+ vpshufb %zmm4,%zmm0,%zmm0
+ vpxord %zmm0,%zmm5,%zmm5
+ vpclmulqdq $0x00,%zmm9,%zmm5,%zmm0
+ vpclmulqdq $0x01,%zmm9,%zmm5,%zmm1
+ vpclmulqdq $0x10,%zmm9,%zmm5,%zmm2
+ vpxord %zmm2,%zmm1,%zmm1
+ vpclmulqdq $0x01,%zmm0,%zmm10,%zmm2
+ vpshufd $0x4e,%zmm0,%zmm0
+ vpternlogd $0x96,%zmm2,%zmm0,%zmm1
+ vpclmulqdq $0x11,%zmm9,%zmm5,%zmm5
+ vpclmulqdq $0x01,%zmm1,%zmm10,%zmm0
+ vpshufd $0x4e,%zmm1,%zmm1
+ vpternlogd $0x96,%zmm0,%zmm1,%zmm5
+
+ vextracti32x4 $1,%zmm5,%xmm0
+ vextracti32x4 $2,%zmm5,%xmm1
+ vextracti32x4 $3,%zmm5,%xmm2
+ vpxord %xmm0,%xmm5,%xmm5
+ vpternlogd $0x96,%xmm1,%xmm2,%xmm5
+
+ addq $64,%rdx
+ subq $64,%rcx
+ cmpq $64,%rcx
+ jae .Laad_loop_1x
+
+.Laad_large_done:
+
+
+.Laad_blockbyblock:
+ testq %rcx,%rcx
+ jz .Laad_done
+ vmovdqu 256-16(%rsi),%xmm9
+.Laad_loop_blockbyblock:
+ vmovdqu (%rdx),%xmm0
+ vpshufb %xmm4,%xmm0,%xmm0
+ vpxor %xmm0,%xmm5,%xmm5
+ vpclmulqdq $0x00,%xmm9,%xmm5,%xmm0
+ vpclmulqdq $0x01,%xmm9,%xmm5,%xmm1
+ vpclmulqdq $0x10,%xmm9,%xmm5,%xmm2
+ vpxord %xmm2,%xmm1,%xmm1
+ vpclmulqdq $0x01,%xmm0,%xmm10,%xmm2
+ vpshufd $0x4e,%xmm0,%xmm0
+ vpternlogd $0x96,%xmm2,%xmm0,%xmm1
+ vpclmulqdq $0x11,%xmm9,%xmm5,%xmm5
+ vpclmulqdq $0x01,%xmm1,%xmm10,%xmm0
+ vpshufd $0x4e,%xmm1,%xmm1
+ vpternlogd $0x96,%xmm0,%xmm1,%xmm5
+
+ addq $16,%rdx
+ subq $16,%rcx
+ jnz .Laad_loop_blockbyblock
+
+.Laad_done:
+
+ vpshufb %xmm4,%xmm5,%xmm5
+ vmovdqu %xmm5,(%rdi)
+
+ vzeroupper
+ ret
+
+.cfi_endproc
+.size gcm_ghash_vpclmulqdq_avx512, . - gcm_ghash_vpclmulqdq_avx512
+.globl aes_gcm_enc_update_vaes_avx512
+.hidden aes_gcm_enc_update_vaes_avx512
+.type aes_gcm_enc_update_vaes_avx512,@function
+.align 32
+aes_gcm_enc_update_vaes_avx512:
+.cfi_startproc
+
+_CET_ENDBR
+ pushq %r12
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r12,-16
+
+ movq 16(%rsp),%r12
+#ifdef BORINGSSL_DISPATCH_TEST
+.extern BORINGSSL_function_hit
+.hidden BORINGSSL_function_hit
+ movb $1,BORINGSSL_function_hit+7(%rip)
+#endif
+
+ vbroadcasti32x4 .Lbswap_mask(%rip),%zmm8
+ vbroadcasti32x4 .Lgfpoly(%rip),%zmm31
+
+
+
+ vmovdqu (%r12),%xmm10
+ vpshufb %xmm8,%xmm10,%xmm10
+ vbroadcasti32x4 (%r8),%zmm12
+ vpshufb %zmm8,%zmm12,%zmm12
+
+
+
+ movl 240(%rcx),%r10d
+ leal -20(,%r10,4),%r10d
+
+
+
+
+ leaq 96(%rcx,%r10,4),%r11
+ vbroadcasti32x4 (%rcx),%zmm13
+ vbroadcasti32x4 (%r11),%zmm14
+
+
+ vpaddd .Lctr_pattern(%rip),%zmm12,%zmm12
+
+
+ vbroadcasti32x4 .Linc_4blocks(%rip),%zmm11
+
+
+
+ cmpq $256,%rdx
+ jb .Lcrypt_loop_4x_done__func1
+
+
+ vmovdqu8 256-256(%r9),%zmm27
+ vmovdqu8 256-192(%r9),%zmm28
+ vmovdqu8 256-128(%r9),%zmm29
+ vmovdqu8 256-64(%r9),%zmm30
+
+
+
+
+ vpshufb %zmm8,%zmm12,%zmm0
+ vpaddd %zmm11,%zmm12,%zmm12
+ vpshufb %zmm8,%zmm12,%zmm1
+ vpaddd %zmm11,%zmm12,%zmm12
+ vpshufb %zmm8,%zmm12,%zmm2
+ vpaddd %zmm11,%zmm12,%zmm12
+ vpshufb %zmm8,%zmm12,%zmm3
+ vpaddd %zmm11,%zmm12,%zmm12
+
+
+ vpxord %zmm13,%zmm0,%zmm0
+ vpxord %zmm13,%zmm1,%zmm1
+ vpxord %zmm13,%zmm2,%zmm2
+ vpxord %zmm13,%zmm3,%zmm3
+
+ leaq 16(%rcx),%rax
+.Lvaesenc_loop_first_4_vecs__func1:
+ vbroadcasti32x4 (%rax),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ vaesenc %zmm9,%zmm1,%zmm1
+ vaesenc %zmm9,%zmm2,%zmm2
+ vaesenc %zmm9,%zmm3,%zmm3
+
+ addq $16,%rax
+ cmpq %rax,%r11
+ jne .Lvaesenc_loop_first_4_vecs__func1
+ vpxord 0(%rdi),%zmm14,%zmm4
+ vpxord 64(%rdi),%zmm14,%zmm5
+ vpxord 128(%rdi),%zmm14,%zmm6
+ vpxord 192(%rdi),%zmm14,%zmm7
+ vaesenclast %zmm4,%zmm0,%zmm4
+ vaesenclast %zmm5,%zmm1,%zmm5
+ vaesenclast %zmm6,%zmm2,%zmm6
+ vaesenclast %zmm7,%zmm3,%zmm7
+ vmovdqu8 %zmm4,0(%rsi)
+ vmovdqu8 %zmm5,64(%rsi)
+ vmovdqu8 %zmm6,128(%rsi)
+ vmovdqu8 %zmm7,192(%rsi)
+
+ addq $256,%rdi
+ addq $256,%rsi
+ subq $256,%rdx
+ cmpq $256,%rdx
+ jb .Lghash_last_ciphertext_4x__func1
+
+ vbroadcasti32x4 -144(%r11),%zmm15
+ vbroadcasti32x4 -128(%r11),%zmm16
+ vbroadcasti32x4 -112(%r11),%zmm17
+ vbroadcasti32x4 -96(%r11),%zmm18
+ vbroadcasti32x4 -80(%r11),%zmm19
+ vbroadcasti32x4 -64(%r11),%zmm20
+ vbroadcasti32x4 -48(%r11),%zmm21
+ vbroadcasti32x4 -32(%r11),%zmm22
+ vbroadcasti32x4 -16(%r11),%zmm23
+
+.Lcrypt_loop_4x__func1:
+
+
+
+ vpshufb %zmm8,%zmm12,%zmm0
+ vpaddd %zmm11,%zmm12,%zmm12
+ vpshufb %zmm8,%zmm12,%zmm1
+ vpaddd %zmm11,%zmm12,%zmm12
+ vpshufb %zmm8,%zmm12,%zmm2
+ vpaddd %zmm11,%zmm12,%zmm12
+ vpshufb %zmm8,%zmm12,%zmm3
+ vpaddd %zmm11,%zmm12,%zmm12
+
+
+ vpxord %zmm13,%zmm0,%zmm0
+ vpxord %zmm13,%zmm1,%zmm1
+ vpxord %zmm13,%zmm2,%zmm2
+ vpxord %zmm13,%zmm3,%zmm3
+
+ cmpl $24,%r10d
+ jl .Laes128__func1
+ je .Laes192__func1
+
+ vbroadcasti32x4 -208(%r11),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ vaesenc %zmm9,%zmm1,%zmm1
+ vaesenc %zmm9,%zmm2,%zmm2
+ vaesenc %zmm9,%zmm3,%zmm3
+
+ vbroadcasti32x4 -192(%r11),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ vaesenc %zmm9,%zmm1,%zmm1
+ vaesenc %zmm9,%zmm2,%zmm2
+ vaesenc %zmm9,%zmm3,%zmm3
+
+.Laes192__func1:
+ vbroadcasti32x4 -176(%r11),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ vaesenc %zmm9,%zmm1,%zmm1
+ vaesenc %zmm9,%zmm2,%zmm2
+ vaesenc %zmm9,%zmm3,%zmm3
+
+ vbroadcasti32x4 -160(%r11),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ vaesenc %zmm9,%zmm1,%zmm1
+ vaesenc %zmm9,%zmm2,%zmm2
+ vaesenc %zmm9,%zmm3,%zmm3
+
+.Laes128__func1:
+
+
+
+
+ prefetcht0 512+0(%rdi)
+ prefetcht0 512+64(%rdi)
+ prefetcht0 512+128(%rdi)
+ prefetcht0 512+192(%rdi)
+
+
+
+
+ vpshufb %zmm8,%zmm4,%zmm4
+ vpxord %zmm10,%zmm4,%zmm4
+ vpshufb %zmm8,%zmm5,%zmm5
+ vpshufb %zmm8,%zmm6,%zmm6
+
+ vaesenc %zmm15,%zmm0,%zmm0
+ vaesenc %zmm15,%zmm1,%zmm1
+ vaesenc %zmm15,%zmm2,%zmm2
+ vaesenc %zmm15,%zmm3,%zmm3
+
+ vpshufb %zmm8,%zmm7,%zmm7
+ vpclmulqdq $0x00,%zmm27,%zmm4,%zmm10
+ vpclmulqdq $0x00,%zmm28,%zmm5,%zmm24
+ vpclmulqdq $0x00,%zmm29,%zmm6,%zmm25
+
+ vaesenc %zmm16,%zmm0,%zmm0
+ vaesenc %zmm16,%zmm1,%zmm1
+ vaesenc %zmm16,%zmm2,%zmm2
+ vaesenc %zmm16,%zmm3,%zmm3
+
+ vpxord %zmm24,%zmm10,%zmm10
+ vpclmulqdq $0x00,%zmm30,%zmm7,%zmm26
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm10
+ vpclmulqdq $0x01,%zmm27,%zmm4,%zmm24
+
+ vaesenc %zmm17,%zmm0,%zmm0
+ vaesenc %zmm17,%zmm1,%zmm1
+ vaesenc %zmm17,%zmm2,%zmm2
+ vaesenc %zmm17,%zmm3,%zmm3
+
+ vpclmulqdq $0x01,%zmm28,%zmm5,%zmm25
+ vpclmulqdq $0x01,%zmm29,%zmm6,%zmm26
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm24
+ vpclmulqdq $0x01,%zmm30,%zmm7,%zmm25
+
+ vaesenc %zmm18,%zmm0,%zmm0
+ vaesenc %zmm18,%zmm1,%zmm1
+ vaesenc %zmm18,%zmm2,%zmm2
+ vaesenc %zmm18,%zmm3,%zmm3
+
+ vpclmulqdq $0x10,%zmm27,%zmm4,%zmm26
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm24
+ vpclmulqdq $0x10,%zmm28,%zmm5,%zmm25
+ vpclmulqdq $0x10,%zmm29,%zmm6,%zmm26
+
+ vaesenc %zmm19,%zmm0,%zmm0
+ vaesenc %zmm19,%zmm1,%zmm1
+ vaesenc %zmm19,%zmm2,%zmm2
+ vaesenc %zmm19,%zmm3,%zmm3
+
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm24
+ vpclmulqdq $0x01,%zmm10,%zmm31,%zmm26
+ vpclmulqdq $0x10,%zmm30,%zmm7,%zmm25
+ vpxord %zmm25,%zmm24,%zmm24
+
+ vaesenc %zmm20,%zmm0,%zmm0
+ vaesenc %zmm20,%zmm1,%zmm1
+ vaesenc %zmm20,%zmm2,%zmm2
+ vaesenc %zmm20,%zmm3,%zmm3
+
+ vpshufd $0x4e,%zmm10,%zmm10
+ vpclmulqdq $0x11,%zmm27,%zmm4,%zmm4
+ vpclmulqdq $0x11,%zmm28,%zmm5,%zmm5
+ vpclmulqdq $0x11,%zmm29,%zmm6,%zmm6
+
+ vaesenc %zmm21,%zmm0,%zmm0
+ vaesenc %zmm21,%zmm1,%zmm1
+ vaesenc %zmm21,%zmm2,%zmm2
+ vaesenc %zmm21,%zmm3,%zmm3
+
+ vpternlogd $0x96,%zmm26,%zmm10,%zmm24
+ vpclmulqdq $0x11,%zmm30,%zmm7,%zmm7
+ vpternlogd $0x96,%zmm6,%zmm5,%zmm4
+ vpclmulqdq $0x01,%zmm24,%zmm31,%zmm25
+
+ vaesenc %zmm22,%zmm0,%zmm0
+ vaesenc %zmm22,%zmm1,%zmm1
+ vaesenc %zmm22,%zmm2,%zmm2
+ vaesenc %zmm22,%zmm3,%zmm3
+
+ vpxord %zmm7,%zmm4,%zmm10
+ vpshufd $0x4e,%zmm24,%zmm24
+ vpternlogd $0x96,%zmm25,%zmm24,%zmm10
+
+ vaesenc %zmm23,%zmm0,%zmm0
+ vaesenc %zmm23,%zmm1,%zmm1
+ vaesenc %zmm23,%zmm2,%zmm2
+ vaesenc %zmm23,%zmm3,%zmm3
+
+
+ vextracti32x4 $1,%zmm10,%xmm4
+ vextracti32x4 $2,%zmm10,%xmm5
+ vextracti32x4 $3,%zmm10,%xmm6
+ vpxord %xmm4,%xmm10,%xmm10
+ vpternlogd $0x96,%xmm5,%xmm6,%xmm10
+
+ vpxord 0(%rdi),%zmm14,%zmm4
+ vpxord 64(%rdi),%zmm14,%zmm5
+ vpxord 128(%rdi),%zmm14,%zmm6
+ vpxord 192(%rdi),%zmm14,%zmm7
+ vaesenclast %zmm4,%zmm0,%zmm4
+ vaesenclast %zmm5,%zmm1,%zmm5
+ vaesenclast %zmm6,%zmm2,%zmm6
+ vaesenclast %zmm7,%zmm3,%zmm7
+ vmovdqu8 %zmm4,0(%rsi)
+ vmovdqu8 %zmm5,64(%rsi)
+ vmovdqu8 %zmm6,128(%rsi)
+ vmovdqu8 %zmm7,192(%rsi)
+
+ addq $256,%rdi
+ addq $256,%rsi
+ subq $256,%rdx
+ cmpq $256,%rdx
+ jae .Lcrypt_loop_4x__func1
+.Lghash_last_ciphertext_4x__func1:
+ vpshufb %zmm8,%zmm4,%zmm4
+ vpxord %zmm10,%zmm4,%zmm4
+ vpshufb %zmm8,%zmm5,%zmm5
+ vpshufb %zmm8,%zmm6,%zmm6
+ vpshufb %zmm8,%zmm7,%zmm7
+ vpclmulqdq $0x00,%zmm27,%zmm4,%zmm10
+ vpclmulqdq $0x00,%zmm28,%zmm5,%zmm24
+ vpclmulqdq $0x00,%zmm29,%zmm6,%zmm25
+ vpxord %zmm24,%zmm10,%zmm10
+ vpclmulqdq $0x00,%zmm30,%zmm7,%zmm26
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm10
+ vpclmulqdq $0x01,%zmm27,%zmm4,%zmm24
+ vpclmulqdq $0x01,%zmm28,%zmm5,%zmm25
+ vpclmulqdq $0x01,%zmm29,%zmm6,%zmm26
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm24
+ vpclmulqdq $0x01,%zmm30,%zmm7,%zmm25
+ vpclmulqdq $0x10,%zmm27,%zmm4,%zmm26
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm24
+ vpclmulqdq $0x10,%zmm28,%zmm5,%zmm25
+ vpclmulqdq $0x10,%zmm29,%zmm6,%zmm26
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm24
+ vpclmulqdq $0x01,%zmm10,%zmm31,%zmm26
+ vpclmulqdq $0x10,%zmm30,%zmm7,%zmm25
+ vpxord %zmm25,%zmm24,%zmm24
+ vpshufd $0x4e,%zmm10,%zmm10
+ vpclmulqdq $0x11,%zmm27,%zmm4,%zmm4
+ vpclmulqdq $0x11,%zmm28,%zmm5,%zmm5
+ vpclmulqdq $0x11,%zmm29,%zmm6,%zmm6
+ vpternlogd $0x96,%zmm26,%zmm10,%zmm24
+ vpclmulqdq $0x11,%zmm30,%zmm7,%zmm7
+ vpternlogd $0x96,%zmm6,%zmm5,%zmm4
+ vpclmulqdq $0x01,%zmm24,%zmm31,%zmm25
+ vpxord %zmm7,%zmm4,%zmm10
+ vpshufd $0x4e,%zmm24,%zmm24
+ vpternlogd $0x96,%zmm25,%zmm24,%zmm10
+ vextracti32x4 $1,%zmm10,%xmm4
+ vextracti32x4 $2,%zmm10,%xmm5
+ vextracti32x4 $3,%zmm10,%xmm6
+ vpxord %xmm4,%xmm10,%xmm10
+ vpternlogd $0x96,%xmm5,%xmm6,%xmm10
+
+.Lcrypt_loop_4x_done__func1:
+
+ testq %rdx,%rdx
+ jz .Ldone__func1
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ movq %rdx,%rax
+ negq %rax
+ andq $-16,%rax
+ leaq 256(%r9,%rax,1),%r8
+ vpxor %xmm4,%xmm4,%xmm4
+ vpxor %xmm5,%xmm5,%xmm5
+ vpxor %xmm6,%xmm6,%xmm6
+
+ cmpq $64,%rdx
+ jb .Lpartial_vec__func1
+
+.Lcrypt_loop_1x__func1:
+
+
+
+ vpshufb %zmm8,%zmm12,%zmm0
+ vpaddd %zmm11,%zmm12,%zmm12
+ vpxord %zmm13,%zmm0,%zmm0
+ leaq 16(%rcx),%rax
+.Lvaesenc_loop_tail_full_vec__func1:
+ vbroadcasti32x4 (%rax),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ addq $16,%rax
+ cmpq %rax,%r11
+ jne .Lvaesenc_loop_tail_full_vec__func1
+ vaesenclast %zmm14,%zmm0,%zmm0
+
+
+ vmovdqu8 (%rdi),%zmm1
+ vpxord %zmm1,%zmm0,%zmm0
+ vmovdqu8 %zmm0,(%rsi)
+
+
+ vmovdqu8 (%r8),%zmm30
+ vpshufb %zmm8,%zmm0,%zmm0
+ vpxord %zmm10,%zmm0,%zmm0
+ vpclmulqdq $0x00,%zmm30,%zmm0,%zmm7
+ vpclmulqdq $0x01,%zmm30,%zmm0,%zmm1
+ vpclmulqdq $0x10,%zmm30,%zmm0,%zmm2
+ vpclmulqdq $0x11,%zmm30,%zmm0,%zmm3
+ vpxord %zmm7,%zmm4,%zmm4
+ vpternlogd $0x96,%zmm2,%zmm1,%zmm5
+ vpxord %zmm3,%zmm6,%zmm6
+
+ vpxor %xmm10,%xmm10,%xmm10
+
+ addq $64,%r8
+ addq $64,%rdi
+ addq $64,%rsi
+ subq $64,%rdx
+ cmpq $64,%rdx
+ jae .Lcrypt_loop_1x__func1
+
+ testq %rdx,%rdx
+ jz .Lreduce__func1
+
+.Lpartial_vec__func1:
+
+
+
+
+ movq $-1,%rax
+ bzhiq %rdx,%rax,%rax
+ kmovq %rax,%k1
+ addq $15,%rdx
+ andq $-16,%rdx
+ movq $-1,%rax
+ bzhiq %rdx,%rax,%rax
+ kmovq %rax,%k2
+
+
+
+ vpshufb %zmm8,%zmm12,%zmm0
+ vpxord %zmm13,%zmm0,%zmm0
+ leaq 16(%rcx),%rax
+.Lvaesenc_loop_tail_partialvec__func1:
+ vbroadcasti32x4 (%rax),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ addq $16,%rax
+ cmpq %rax,%r11
+ jne .Lvaesenc_loop_tail_partialvec__func1
+ vaesenclast %zmm14,%zmm0,%zmm0
+
+
+ vmovdqu8 (%rdi),%zmm1{%k1}{z}
+ vpxord %zmm1,%zmm0,%zmm0
+ vmovdqu8 %zmm0,(%rsi){%k1}
+
+
+
+
+
+
+
+
+
+
+
+
+
+ vmovdqu8 (%r8),%zmm30{%k2}{z}
+ vmovdqu8 %zmm0,%zmm1{%k1}{z}
+ vpshufb %zmm8,%zmm1,%zmm0
+ vpxord %zmm10,%zmm0,%zmm0
+ vpclmulqdq $0x00,%zmm30,%zmm0,%zmm7
+ vpclmulqdq $0x01,%zmm30,%zmm0,%zmm1
+ vpclmulqdq $0x10,%zmm30,%zmm0,%zmm2
+ vpclmulqdq $0x11,%zmm30,%zmm0,%zmm3
+ vpxord %zmm7,%zmm4,%zmm4
+ vpternlogd $0x96,%zmm2,%zmm1,%zmm5
+ vpxord %zmm3,%zmm6,%zmm6
+
+
+.Lreduce__func1:
+
+ vpclmulqdq $0x01,%zmm4,%zmm31,%zmm0
+ vpshufd $0x4e,%zmm4,%zmm4
+ vpternlogd $0x96,%zmm0,%zmm4,%zmm5
+ vpclmulqdq $0x01,%zmm5,%zmm31,%zmm0
+ vpshufd $0x4e,%zmm5,%zmm5
+ vpternlogd $0x96,%zmm0,%zmm5,%zmm6
+
+ vextracti32x4 $1,%zmm6,%xmm0
+ vextracti32x4 $2,%zmm6,%xmm1
+ vextracti32x4 $3,%zmm6,%xmm2
+ vpxord %xmm0,%xmm6,%xmm10
+ vpternlogd $0x96,%xmm1,%xmm2,%xmm10
+
+
+.Ldone__func1:
+
+ vpshufb %xmm8,%xmm10,%xmm10
+ vmovdqu %xmm10,(%r12)
+
+ vzeroupper
+ popq %r12
+.cfi_adjust_cfa_offset -8
+.cfi_restore %r12
+ ret
+
+.cfi_endproc
+.size aes_gcm_enc_update_vaes_avx512, . - aes_gcm_enc_update_vaes_avx512
+.globl aes_gcm_dec_update_vaes_avx512
+.hidden aes_gcm_dec_update_vaes_avx512
+.type aes_gcm_dec_update_vaes_avx512,@function
+.align 32
+aes_gcm_dec_update_vaes_avx512:
+.cfi_startproc
+
+_CET_ENDBR
+ pushq %r12
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r12,-16
+
+ movq 16(%rsp),%r12
+
+ vbroadcasti32x4 .Lbswap_mask(%rip),%zmm8
+ vbroadcasti32x4 .Lgfpoly(%rip),%zmm31
+
+
+
+ vmovdqu (%r12),%xmm10
+ vpshufb %xmm8,%xmm10,%xmm10
+ vbroadcasti32x4 (%r8),%zmm12
+ vpshufb %zmm8,%zmm12,%zmm12
+
+
+
+ movl 240(%rcx),%r10d
+ leal -20(,%r10,4),%r10d
+
+
+
+
+ leaq 96(%rcx,%r10,4),%r11
+ vbroadcasti32x4 (%rcx),%zmm13
+ vbroadcasti32x4 (%r11),%zmm14
+
+
+ vpaddd .Lctr_pattern(%rip),%zmm12,%zmm12
+
+
+ vbroadcasti32x4 .Linc_4blocks(%rip),%zmm11
+
+
+
+ cmpq $256,%rdx
+ jb .Lcrypt_loop_4x_done__func2
+
+
+ vmovdqu8 256-256(%r9),%zmm27
+ vmovdqu8 256-192(%r9),%zmm28
+ vmovdqu8 256-128(%r9),%zmm29
+ vmovdqu8 256-64(%r9),%zmm30
+
+ vbroadcasti32x4 -144(%r11),%zmm15
+ vbroadcasti32x4 -128(%r11),%zmm16
+ vbroadcasti32x4 -112(%r11),%zmm17
+ vbroadcasti32x4 -96(%r11),%zmm18
+ vbroadcasti32x4 -80(%r11),%zmm19
+ vbroadcasti32x4 -64(%r11),%zmm20
+ vbroadcasti32x4 -48(%r11),%zmm21
+ vbroadcasti32x4 -32(%r11),%zmm22
+ vbroadcasti32x4 -16(%r11),%zmm23
+
+.Lcrypt_loop_4x__func2:
+ vmovdqu8 0(%rdi),%zmm4
+ vmovdqu8 64(%rdi),%zmm5
+ vmovdqu8 128(%rdi),%zmm6
+ vmovdqu8 192(%rdi),%zmm7
+
+
+
+ vpshufb %zmm8,%zmm12,%zmm0
+ vpaddd %zmm11,%zmm12,%zmm12
+ vpshufb %zmm8,%zmm12,%zmm1
+ vpaddd %zmm11,%zmm12,%zmm12
+ vpshufb %zmm8,%zmm12,%zmm2
+ vpaddd %zmm11,%zmm12,%zmm12
+ vpshufb %zmm8,%zmm12,%zmm3
+ vpaddd %zmm11,%zmm12,%zmm12
+
+
+ vpxord %zmm13,%zmm0,%zmm0
+ vpxord %zmm13,%zmm1,%zmm1
+ vpxord %zmm13,%zmm2,%zmm2
+ vpxord %zmm13,%zmm3,%zmm3
+
+ cmpl $24,%r10d
+ jl .Laes128__func2
+ je .Laes192__func2
+
+ vbroadcasti32x4 -208(%r11),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ vaesenc %zmm9,%zmm1,%zmm1
+ vaesenc %zmm9,%zmm2,%zmm2
+ vaesenc %zmm9,%zmm3,%zmm3
+
+ vbroadcasti32x4 -192(%r11),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ vaesenc %zmm9,%zmm1,%zmm1
+ vaesenc %zmm9,%zmm2,%zmm2
+ vaesenc %zmm9,%zmm3,%zmm3
+
+.Laes192__func2:
+ vbroadcasti32x4 -176(%r11),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ vaesenc %zmm9,%zmm1,%zmm1
+ vaesenc %zmm9,%zmm2,%zmm2
+ vaesenc %zmm9,%zmm3,%zmm3
+
+ vbroadcasti32x4 -160(%r11),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ vaesenc %zmm9,%zmm1,%zmm1
+ vaesenc %zmm9,%zmm2,%zmm2
+ vaesenc %zmm9,%zmm3,%zmm3
+
+.Laes128__func2:
+
+
+
+
+ prefetcht0 512+0(%rdi)
+ prefetcht0 512+64(%rdi)
+ prefetcht0 512+128(%rdi)
+ prefetcht0 512+192(%rdi)
+
+
+
+
+ vpshufb %zmm8,%zmm4,%zmm4
+ vpxord %zmm10,%zmm4,%zmm4
+ vpshufb %zmm8,%zmm5,%zmm5
+ vpshufb %zmm8,%zmm6,%zmm6
+
+ vaesenc %zmm15,%zmm0,%zmm0
+ vaesenc %zmm15,%zmm1,%zmm1
+ vaesenc %zmm15,%zmm2,%zmm2
+ vaesenc %zmm15,%zmm3,%zmm3
+
+ vpshufb %zmm8,%zmm7,%zmm7
+ vpclmulqdq $0x00,%zmm27,%zmm4,%zmm10
+ vpclmulqdq $0x00,%zmm28,%zmm5,%zmm24
+ vpclmulqdq $0x00,%zmm29,%zmm6,%zmm25
+
+ vaesenc %zmm16,%zmm0,%zmm0
+ vaesenc %zmm16,%zmm1,%zmm1
+ vaesenc %zmm16,%zmm2,%zmm2
+ vaesenc %zmm16,%zmm3,%zmm3
+
+ vpxord %zmm24,%zmm10,%zmm10
+ vpclmulqdq $0x00,%zmm30,%zmm7,%zmm26
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm10
+ vpclmulqdq $0x01,%zmm27,%zmm4,%zmm24
+
+ vaesenc %zmm17,%zmm0,%zmm0
+ vaesenc %zmm17,%zmm1,%zmm1
+ vaesenc %zmm17,%zmm2,%zmm2
+ vaesenc %zmm17,%zmm3,%zmm3
+
+ vpclmulqdq $0x01,%zmm28,%zmm5,%zmm25
+ vpclmulqdq $0x01,%zmm29,%zmm6,%zmm26
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm24
+ vpclmulqdq $0x01,%zmm30,%zmm7,%zmm25
+
+ vaesenc %zmm18,%zmm0,%zmm0
+ vaesenc %zmm18,%zmm1,%zmm1
+ vaesenc %zmm18,%zmm2,%zmm2
+ vaesenc %zmm18,%zmm3,%zmm3
+
+ vpclmulqdq $0x10,%zmm27,%zmm4,%zmm26
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm24
+ vpclmulqdq $0x10,%zmm28,%zmm5,%zmm25
+ vpclmulqdq $0x10,%zmm29,%zmm6,%zmm26
+
+ vaesenc %zmm19,%zmm0,%zmm0
+ vaesenc %zmm19,%zmm1,%zmm1
+ vaesenc %zmm19,%zmm2,%zmm2
+ vaesenc %zmm19,%zmm3,%zmm3
+
+ vpternlogd $0x96,%zmm26,%zmm25,%zmm24
+ vpclmulqdq $0x01,%zmm10,%zmm31,%zmm26
+ vpclmulqdq $0x10,%zmm30,%zmm7,%zmm25
+ vpxord %zmm25,%zmm24,%zmm24
+
+ vaesenc %zmm20,%zmm0,%zmm0
+ vaesenc %zmm20,%zmm1,%zmm1
+ vaesenc %zmm20,%zmm2,%zmm2
+ vaesenc %zmm20,%zmm3,%zmm3
+
+ vpshufd $0x4e,%zmm10,%zmm10
+ vpclmulqdq $0x11,%zmm27,%zmm4,%zmm4
+ vpclmulqdq $0x11,%zmm28,%zmm5,%zmm5
+ vpclmulqdq $0x11,%zmm29,%zmm6,%zmm6
+
+ vaesenc %zmm21,%zmm0,%zmm0
+ vaesenc %zmm21,%zmm1,%zmm1
+ vaesenc %zmm21,%zmm2,%zmm2
+ vaesenc %zmm21,%zmm3,%zmm3
+
+ vpternlogd $0x96,%zmm26,%zmm10,%zmm24
+ vpclmulqdq $0x11,%zmm30,%zmm7,%zmm7
+ vpternlogd $0x96,%zmm6,%zmm5,%zmm4
+ vpclmulqdq $0x01,%zmm24,%zmm31,%zmm25
+
+ vaesenc %zmm22,%zmm0,%zmm0
+ vaesenc %zmm22,%zmm1,%zmm1
+ vaesenc %zmm22,%zmm2,%zmm2
+ vaesenc %zmm22,%zmm3,%zmm3
+
+ vpxord %zmm7,%zmm4,%zmm10
+ vpshufd $0x4e,%zmm24,%zmm24
+ vpternlogd $0x96,%zmm25,%zmm24,%zmm10
+
+ vaesenc %zmm23,%zmm0,%zmm0
+ vaesenc %zmm23,%zmm1,%zmm1
+ vaesenc %zmm23,%zmm2,%zmm2
+ vaesenc %zmm23,%zmm3,%zmm3
+
+
+ vextracti32x4 $1,%zmm10,%xmm4
+ vextracti32x4 $2,%zmm10,%xmm5
+ vextracti32x4 $3,%zmm10,%xmm6
+ vpxord %xmm4,%xmm10,%xmm10
+ vpternlogd $0x96,%xmm5,%xmm6,%xmm10
+
+ vpxord 0(%rdi),%zmm14,%zmm4
+ vpxord 64(%rdi),%zmm14,%zmm5
+ vpxord 128(%rdi),%zmm14,%zmm6
+ vpxord 192(%rdi),%zmm14,%zmm7
+ vaesenclast %zmm4,%zmm0,%zmm4
+ vaesenclast %zmm5,%zmm1,%zmm5
+ vaesenclast %zmm6,%zmm2,%zmm6
+ vaesenclast %zmm7,%zmm3,%zmm7
+ vmovdqu8 %zmm4,0(%rsi)
+ vmovdqu8 %zmm5,64(%rsi)
+ vmovdqu8 %zmm6,128(%rsi)
+ vmovdqu8 %zmm7,192(%rsi)
+
+ addq $256,%rdi
+ addq $256,%rsi
+ subq $256,%rdx
+ cmpq $256,%rdx
+ jae .Lcrypt_loop_4x__func2
+.Lcrypt_loop_4x_done__func2:
+
+ testq %rdx,%rdx
+ jz .Ldone__func2
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ movq %rdx,%rax
+ negq %rax
+ andq $-16,%rax
+ leaq 256(%r9,%rax,1),%r8
+ vpxor %xmm4,%xmm4,%xmm4
+ vpxor %xmm5,%xmm5,%xmm5
+ vpxor %xmm6,%xmm6,%xmm6
+
+ cmpq $64,%rdx
+ jb .Lpartial_vec__func2
+
+.Lcrypt_loop_1x__func2:
+
+
+
+ vpshufb %zmm8,%zmm12,%zmm0
+ vpaddd %zmm11,%zmm12,%zmm12
+ vpxord %zmm13,%zmm0,%zmm0
+ leaq 16(%rcx),%rax
+.Lvaesenc_loop_tail_full_vec__func2:
+ vbroadcasti32x4 (%rax),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ addq $16,%rax
+ cmpq %rax,%r11
+ jne .Lvaesenc_loop_tail_full_vec__func2
+ vaesenclast %zmm14,%zmm0,%zmm0
+
+
+ vmovdqu8 (%rdi),%zmm1
+ vpxord %zmm1,%zmm0,%zmm0
+ vmovdqu8 %zmm0,(%rsi)
+
+
+ vmovdqu8 (%r8),%zmm30
+ vpshufb %zmm8,%zmm1,%zmm0
+ vpxord %zmm10,%zmm0,%zmm0
+ vpclmulqdq $0x00,%zmm30,%zmm0,%zmm7
+ vpclmulqdq $0x01,%zmm30,%zmm0,%zmm1
+ vpclmulqdq $0x10,%zmm30,%zmm0,%zmm2
+ vpclmulqdq $0x11,%zmm30,%zmm0,%zmm3
+ vpxord %zmm7,%zmm4,%zmm4
+ vpternlogd $0x96,%zmm2,%zmm1,%zmm5
+ vpxord %zmm3,%zmm6,%zmm6
+
+ vpxor %xmm10,%xmm10,%xmm10
+
+ addq $64,%r8
+ addq $64,%rdi
+ addq $64,%rsi
+ subq $64,%rdx
+ cmpq $64,%rdx
+ jae .Lcrypt_loop_1x__func2
+
+ testq %rdx,%rdx
+ jz .Lreduce__func2
+
+.Lpartial_vec__func2:
+
+
+
+
+ movq $-1,%rax
+ bzhiq %rdx,%rax,%rax
+ kmovq %rax,%k1
+ addq $15,%rdx
+ andq $-16,%rdx
+ movq $-1,%rax
+ bzhiq %rdx,%rax,%rax
+ kmovq %rax,%k2
+
+
+
+ vpshufb %zmm8,%zmm12,%zmm0
+ vpxord %zmm13,%zmm0,%zmm0
+ leaq 16(%rcx),%rax
+.Lvaesenc_loop_tail_partialvec__func2:
+ vbroadcasti32x4 (%rax),%zmm9
+ vaesenc %zmm9,%zmm0,%zmm0
+ addq $16,%rax
+ cmpq %rax,%r11
+ jne .Lvaesenc_loop_tail_partialvec__func2
+ vaesenclast %zmm14,%zmm0,%zmm0
+
+
+ vmovdqu8 (%rdi),%zmm1{%k1}{z}
+ vpxord %zmm1,%zmm0,%zmm0
+ vmovdqu8 %zmm0,(%rsi){%k1}
+
+
+
+
+
+
+
+
+
+
+
+
+
+ vmovdqu8 (%r8),%zmm30{%k2}{z}
+
+ vpshufb %zmm8,%zmm1,%zmm0
+ vpxord %zmm10,%zmm0,%zmm0
+ vpclmulqdq $0x00,%zmm30,%zmm0,%zmm7
+ vpclmulqdq $0x01,%zmm30,%zmm0,%zmm1
+ vpclmulqdq $0x10,%zmm30,%zmm0,%zmm2
+ vpclmulqdq $0x11,%zmm30,%zmm0,%zmm3
+ vpxord %zmm7,%zmm4,%zmm4
+ vpternlogd $0x96,%zmm2,%zmm1,%zmm5
+ vpxord %zmm3,%zmm6,%zmm6
+
+
+.Lreduce__func2:
+
+ vpclmulqdq $0x01,%zmm4,%zmm31,%zmm0
+ vpshufd $0x4e,%zmm4,%zmm4
+ vpternlogd $0x96,%zmm0,%zmm4,%zmm5
+ vpclmulqdq $0x01,%zmm5,%zmm31,%zmm0
+ vpshufd $0x4e,%zmm5,%zmm5
+ vpternlogd $0x96,%zmm0,%zmm5,%zmm6
+
+ vextracti32x4 $1,%zmm6,%xmm0
+ vextracti32x4 $2,%zmm6,%xmm1
+ vextracti32x4 $3,%zmm6,%xmm2
+ vpxord %xmm0,%xmm6,%xmm10
+ vpternlogd $0x96,%xmm1,%xmm2,%xmm10
+
+
+.Ldone__func2:
+
+ vpshufb %xmm8,%xmm10,%xmm10
+ vmovdqu %xmm10,(%r12)
+
+ vzeroupper
+ popq %r12
+.cfi_adjust_cfa_offset -8
+.cfi_restore %r12
+ ret
+
+.cfi_endproc
+.size aes_gcm_dec_update_vaes_avx512, . - aes_gcm_dec_update_vaes_avx512
+#endif
diff --git a/src/gen/bcm/aes-gcm-avx512-x86_64-win.asm b/src/gen/bcm/aes-gcm-avx512-x86_64-win.asm
new file mode 100644
index 0000000..3a86e3a
--- /dev/null
+++ b/src/gen/bcm/aes-gcm-avx512-x86_64-win.asm
@@ -0,0 +1,1527 @@
+; This file is generated from a similarly-named Perl script in the BoringSSL
+; source tree. Do not edit by hand.
+
+%ifidn __OUTPUT_FORMAT__, win64
+default rel
+%define XMMWORD
+%define YMMWORD
+%define ZMMWORD
+%define _CET_ENDBR
+
+%ifdef BORINGSSL_PREFIX
+%include "boringssl_prefix_symbols_nasm.inc"
+%endif
+section .rdata rdata align=8
+ALIGN 64
+
+
+$L$bswap_mask:
+ DQ 0x08090a0b0c0d0e0f,0x0001020304050607
+
+
+
+
+
+
+
+
+$L$gfpoly:
+ DQ 1,0xc200000000000000
+
+
+$L$gfpoly_and_internal_carrybit:
+ DQ 1,0xc200000000000001
+
+
+$L$ctr_pattern:
+ DQ 0,0
+ DQ 1,0
+ DQ 2,0
+ DQ 3,0
+
+
+$L$inc_4blocks:
+ DQ 4,0
+
+section .text code align=64
+
+global gcm_init_vpclmulqdq_avx512
+
+ALIGN 32
+gcm_init_vpclmulqdq_avx512:
+
+
+_CET_ENDBR
+
+ lea r8,[((256-64))+rcx]
+
+
+
+ vpshufd xmm3,XMMWORD[rdx],0x4e
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ vpshufd xmm0,xmm3,0xd3
+ vpsrad xmm0,xmm0,31
+ vpaddq xmm3,xmm3,xmm3
+
+ vpternlogd xmm3,xmm0,XMMWORD[$L$gfpoly_and_internal_carrybit],0x78
+
+
+ vbroadcasti32x4 zmm5,ZMMWORD[$L$gfpoly]
+
+
+
+
+
+
+
+
+ vpclmulqdq xmm0,xmm3,xmm3,0x00
+ vpclmulqdq xmm4,xmm3,xmm3,0x11
+ vpclmulqdq xmm1,xmm5,xmm0,0x01
+ vpshufd xmm0,xmm0,0x4e
+ vpxor xmm1,xmm1,xmm0
+ vpclmulqdq xmm0,xmm5,xmm1,0x01
+ vpshufd xmm1,xmm1,0x4e
+ vpternlogd xmm4,xmm1,xmm0,0x96
+
+
+
+ vinserti128 ymm3,ymm4,xmm3,1
+ vinserti128 ymm4,ymm4,xmm4,1
+
+
+ vpclmulqdq ymm0,ymm3,ymm4,0x00
+ vpclmulqdq ymm1,ymm3,ymm4,0x01
+ vpclmulqdq ymm2,ymm3,ymm4,0x10
+ vpxord ymm1,ymm1,ymm2
+ vpclmulqdq ymm2,ymm5,ymm0,0x01
+ vpshufd ymm0,ymm0,0x4e
+ vpternlogd ymm1,ymm0,ymm2,0x96
+ vpclmulqdq ymm4,ymm3,ymm4,0x11
+ vpclmulqdq ymm0,ymm5,ymm1,0x01
+ vpshufd ymm1,ymm1,0x4e
+ vpternlogd ymm4,ymm1,ymm0,0x96
+
+ vinserti64x4 zmm3,zmm4,ymm3,1
+ vshufi64x2 zmm4,zmm4,zmm4,0
+
+
+ vmovdqu8 ZMMWORD[r8],zmm3
+
+
+
+
+ mov eax,3
+$L$precompute_next:
+ sub r8,64
+ vpclmulqdq zmm0,zmm3,zmm4,0x00
+ vpclmulqdq zmm1,zmm3,zmm4,0x01
+ vpclmulqdq zmm2,zmm3,zmm4,0x10
+ vpxord zmm1,zmm1,zmm2
+ vpclmulqdq zmm2,zmm5,zmm0,0x01
+ vpshufd zmm0,zmm0,0x4e
+ vpternlogd zmm1,zmm0,zmm2,0x96
+ vpclmulqdq zmm3,zmm3,zmm4,0x11
+ vpclmulqdq zmm0,zmm5,zmm1,0x01
+ vpshufd zmm1,zmm1,0x4e
+ vpternlogd zmm3,zmm1,zmm0,0x96
+
+ vmovdqu8 ZMMWORD[r8],zmm3
+ dec eax
+ jnz NEAR $L$precompute_next
+
+ vzeroupper
+ ret
+
+
+
+global gcm_gmult_vpclmulqdq_avx512
+
+ALIGN 32
+gcm_gmult_vpclmulqdq_avx512:
+
+$L$SEH_begin_gcm_gmult_vpclmulqdq_avx512_1:
+_CET_ENDBR
+ sub rsp,24
+$L$SEH_prologue_gcm_gmult_vpclmulqdq_avx512_2:
+ vmovdqa XMMWORD[rsp],xmm6
+$L$SEH_prologue_gcm_gmult_vpclmulqdq_avx512_3:
+
+$L$SEH_endprologue_gcm_gmult_vpclmulqdq_avx512_4:
+
+ vmovdqu xmm0,XMMWORD[rcx]
+ vmovdqu xmm1,XMMWORD[$L$bswap_mask]
+ vmovdqu xmm2,XMMWORD[((256-16))+rdx]
+ vmovdqu xmm3,XMMWORD[$L$gfpoly]
+ vpshufb xmm0,xmm0,xmm1
+
+ vpclmulqdq xmm4,xmm0,xmm2,0x00
+ vpclmulqdq xmm5,xmm0,xmm2,0x01
+ vpclmulqdq xmm6,xmm0,xmm2,0x10
+ vpxord xmm5,xmm5,xmm6
+ vpclmulqdq xmm6,xmm3,xmm4,0x01
+ vpshufd xmm4,xmm4,0x4e
+ vpternlogd xmm5,xmm4,xmm6,0x96
+ vpclmulqdq xmm0,xmm0,xmm2,0x11
+ vpclmulqdq xmm4,xmm3,xmm5,0x01
+ vpshufd xmm5,xmm5,0x4e
+ vpternlogd xmm0,xmm5,xmm4,0x96
+
+
+ vpshufb xmm0,xmm0,xmm1
+ vmovdqu XMMWORD[rcx],xmm0
+
+
+ vmovdqa xmm6,XMMWORD[rsp]
+ add rsp,24
+ ret
+$L$SEH_end_gcm_gmult_vpclmulqdq_avx512_5:
+
+
+global gcm_ghash_vpclmulqdq_avx512
+
+ALIGN 32
+gcm_ghash_vpclmulqdq_avx512:
+
+$L$SEH_begin_gcm_ghash_vpclmulqdq_avx512_1:
+_CET_ENDBR
+ sub rsp,136
+$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx512_2:
+ vmovdqa XMMWORD[rsp],xmm6
+$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx512_3:
+ vmovdqa XMMWORD[16+rsp],xmm7
+$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx512_4:
+ vmovdqa XMMWORD[32+rsp],xmm8
+$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx512_5:
+ vmovdqa XMMWORD[48+rsp],xmm9
+$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx512_6:
+ vmovdqa XMMWORD[64+rsp],xmm10
+$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx512_7:
+ vmovdqa XMMWORD[80+rsp],xmm11
+$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx512_8:
+ vmovdqa XMMWORD[96+rsp],xmm12
+$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx512_9:
+ vmovdqa XMMWORD[112+rsp],xmm13
+$L$SEH_prologue_gcm_ghash_vpclmulqdq_avx512_10:
+
+$L$SEH_endprologue_gcm_ghash_vpclmulqdq_avx512_11:
+
+
+
+
+ vmovdqu xmm4,XMMWORD[$L$bswap_mask]
+ vmovdqu xmm10,XMMWORD[$L$gfpoly]
+
+
+ vmovdqu xmm5,XMMWORD[rcx]
+ vpshufb xmm5,xmm5,xmm4
+
+
+ cmp r9,64
+ jb NEAR $L$aad_blockbyblock
+
+
+
+ vshufi64x2 zmm4,zmm4,zmm4,0
+ vshufi64x2 zmm10,zmm10,zmm10,0
+
+
+ vmovdqu8 zmm9,ZMMWORD[((256-64))+rdx]
+
+ cmp r9,256
+ jb NEAR $L$aad_loop_1x
+
+
+ vmovdqu8 zmm6,ZMMWORD[((256-256))+rdx]
+ vmovdqu8 zmm7,ZMMWORD[((256-192))+rdx]
+ vmovdqu8 zmm8,ZMMWORD[((256-128))+rdx]
+
+
+$L$aad_loop_4x:
+ vmovdqu8 zmm0,ZMMWORD[r8]
+ vmovdqu8 zmm1,ZMMWORD[64+r8]
+ vmovdqu8 zmm2,ZMMWORD[128+r8]
+ vmovdqu8 zmm3,ZMMWORD[192+r8]
+ vpshufb zmm0,zmm0,zmm4
+ vpxord zmm0,zmm0,zmm5
+ vpshufb zmm1,zmm1,zmm4
+ vpshufb zmm2,zmm2,zmm4
+ vpshufb zmm3,zmm3,zmm4
+ vpclmulqdq zmm5,zmm0,zmm6,0x00
+ vpclmulqdq zmm11,zmm1,zmm7,0x00
+ vpclmulqdq zmm12,zmm2,zmm8,0x00
+ vpxord zmm5,zmm5,zmm11
+ vpclmulqdq zmm13,zmm3,zmm9,0x00
+ vpternlogd zmm5,zmm12,zmm13,0x96
+ vpclmulqdq zmm11,zmm0,zmm6,0x01
+ vpclmulqdq zmm12,zmm1,zmm7,0x01
+ vpclmulqdq zmm13,zmm2,zmm8,0x01
+ vpternlogd zmm11,zmm12,zmm13,0x96
+ vpclmulqdq zmm12,zmm3,zmm9,0x01
+ vpclmulqdq zmm13,zmm0,zmm6,0x10
+ vpternlogd zmm11,zmm12,zmm13,0x96
+ vpclmulqdq zmm12,zmm1,zmm7,0x10
+ vpclmulqdq zmm13,zmm2,zmm8,0x10
+ vpternlogd zmm11,zmm12,zmm13,0x96
+ vpclmulqdq zmm13,zmm10,zmm5,0x01
+ vpclmulqdq zmm12,zmm3,zmm9,0x10
+ vpxord zmm11,zmm11,zmm12
+ vpshufd zmm5,zmm5,0x4e
+ vpclmulqdq zmm0,zmm0,zmm6,0x11
+ vpclmulqdq zmm1,zmm1,zmm7,0x11
+ vpclmulqdq zmm2,zmm2,zmm8,0x11
+ vpternlogd zmm11,zmm5,zmm13,0x96
+ vpclmulqdq zmm3,zmm3,zmm9,0x11
+ vpternlogd zmm0,zmm1,zmm2,0x96
+ vpclmulqdq zmm12,zmm10,zmm11,0x01
+ vpxord zmm5,zmm0,zmm3
+ vpshufd zmm11,zmm11,0x4e
+ vpternlogd zmm5,zmm11,zmm12,0x96
+ vextracti32x4 xmm0,zmm5,1
+ vextracti32x4 xmm1,zmm5,2
+ vextracti32x4 xmm2,zmm5,3
+ vpxord xmm5,xmm5,xmm0
+ vpternlogd xmm5,xmm2,xmm1,0x96
+
+ add r8,256
+ sub r9,256
+ cmp r9,256
+ jae NEAR $L$aad_loop_4x
+
+
+ cmp r9,64
+ jb NEAR $L$aad_large_done
+$L$aad_loop_1x:
+ vmovdqu8 zmm0,ZMMWORD[r8]
+ vpshufb zmm0,zmm0,zmm4
+ vpxord zmm5,zmm5,zmm0
+ vpclmulqdq zmm0,zmm5,zmm9,0x00
+ vpclmulqdq zmm1,zmm5,zmm9,0x01
+ vpclmulqdq zmm2,zmm5,zmm9,0x10
+ vpxord zmm1,zmm1,zmm2
+ vpclmulqdq zmm2,zmm10,zmm0,0x01
+ vpshufd zmm0,zmm0,0x4e
+ vpternlogd zmm1,zmm0,zmm2,0x96
+ vpclmulqdq zmm5,zmm5,zmm9,0x11
+ vpclmulqdq zmm0,zmm10,zmm1,0x01
+ vpshufd zmm1,zmm1,0x4e
+ vpternlogd zmm5,zmm1,zmm0,0x96
+
+ vextracti32x4 xmm0,zmm5,1
+ vextracti32x4 xmm1,zmm5,2
+ vextracti32x4 xmm2,zmm5,3
+ vpxord xmm5,xmm5,xmm0
+ vpternlogd xmm5,xmm2,xmm1,0x96
+
+ add r8,64
+ sub r9,64
+ cmp r9,64
+ jae NEAR $L$aad_loop_1x
+
+$L$aad_large_done:
+
+
+$L$aad_blockbyblock:
+ test r9,r9
+ jz NEAR $L$aad_done
+ vmovdqu xmm9,XMMWORD[((256-16))+rdx]
+$L$aad_loop_blockbyblock:
+ vmovdqu xmm0,XMMWORD[r8]
+ vpshufb xmm0,xmm0,xmm4
+ vpxor xmm5,xmm5,xmm0
+ vpclmulqdq xmm0,xmm5,xmm9,0x00
+ vpclmulqdq xmm1,xmm5,xmm9,0x01
+ vpclmulqdq xmm2,xmm5,xmm9,0x10
+ vpxord xmm1,xmm1,xmm2
+ vpclmulqdq xmm2,xmm10,xmm0,0x01
+ vpshufd xmm0,xmm0,0x4e
+ vpternlogd xmm1,xmm0,xmm2,0x96
+ vpclmulqdq xmm5,xmm5,xmm9,0x11
+ vpclmulqdq xmm0,xmm10,xmm1,0x01
+ vpshufd xmm1,xmm1,0x4e
+ vpternlogd xmm5,xmm1,xmm0,0x96
+
+ add r8,16
+ sub r9,16
+ jnz NEAR $L$aad_loop_blockbyblock
+
+$L$aad_done:
+
+ vpshufb xmm5,xmm5,xmm4
+ vmovdqu XMMWORD[rcx],xmm5
+
+ vzeroupper
+ vmovdqa xmm6,XMMWORD[rsp]
+ vmovdqa xmm7,XMMWORD[16+rsp]
+ vmovdqa xmm8,XMMWORD[32+rsp]
+ vmovdqa xmm9,XMMWORD[48+rsp]
+ vmovdqa xmm10,XMMWORD[64+rsp]
+ vmovdqa xmm11,XMMWORD[80+rsp]
+ vmovdqa xmm12,XMMWORD[96+rsp]
+ vmovdqa xmm13,XMMWORD[112+rsp]
+ add rsp,136
+ ret
+$L$SEH_end_gcm_ghash_vpclmulqdq_avx512_12:
+
+
+global aes_gcm_enc_update_vaes_avx512
+
+ALIGN 32
+aes_gcm_enc_update_vaes_avx512:
+
+$L$SEH_begin_aes_gcm_enc_update_vaes_avx512_1:
+_CET_ENDBR
+ push rsi
+$L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_2:
+ push rdi
+$L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_3:
+ push r12
+$L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_4:
+
+ mov rsi,QWORD[64+rsp]
+ mov rdi,QWORD[72+rsp]
+ mov r12,QWORD[80+rsp]
+ sub rsp,160
+$L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_5:
+ vmovdqa XMMWORD[rsp],xmm6
+$L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_6:
+ vmovdqa XMMWORD[16+rsp],xmm7
+$L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_7:
+ vmovdqa XMMWORD[32+rsp],xmm8
+$L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_8:
+ vmovdqa XMMWORD[48+rsp],xmm9
+$L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_9:
+ vmovdqa XMMWORD[64+rsp],xmm10
+$L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_10:
+ vmovdqa XMMWORD[80+rsp],xmm11
+$L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_11:
+ vmovdqa XMMWORD[96+rsp],xmm12
+$L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_12:
+ vmovdqa XMMWORD[112+rsp],xmm13
+$L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_13:
+ vmovdqa XMMWORD[128+rsp],xmm14
+$L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_14:
+ vmovdqa XMMWORD[144+rsp],xmm15
+$L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_15:
+
+$L$SEH_endprologue_aes_gcm_enc_update_vaes_avx512_16:
+%ifdef BORINGSSL_DISPATCH_TEST
+EXTERN BORINGSSL_function_hit
+ mov BYTE[((BORINGSSL_function_hit+7))],1
+%endif
+
+ vbroadcasti32x4 zmm8,ZMMWORD[$L$bswap_mask]
+ vbroadcasti32x4 zmm31,ZMMWORD[$L$gfpoly]
+
+
+
+ vmovdqu xmm10,XMMWORD[r12]
+ vpshufb xmm10,xmm10,xmm8
+ vbroadcasti32x4 zmm12,ZMMWORD[rsi]
+ vpshufb zmm12,zmm12,zmm8
+
+
+
+ mov r10d,DWORD[240+r9]
+ lea r10d,[((-20))+r10*4]
+
+
+
+
+ lea r11,[96+r10*4+r9]
+ vbroadcasti32x4 zmm13,ZMMWORD[r9]
+ vbroadcasti32x4 zmm14,ZMMWORD[r11]
+
+
+ vpaddd zmm12,zmm12,ZMMWORD[$L$ctr_pattern]
+
+
+ vbroadcasti32x4 zmm11,ZMMWORD[$L$inc_4blocks]
+
+
+
+ cmp r8,256
+ jb NEAR $L$crypt_loop_4x_done__func1
+
+
+ vmovdqu8 zmm27,ZMMWORD[((256-256))+rdi]
+ vmovdqu8 zmm28,ZMMWORD[((256-192))+rdi]
+ vmovdqu8 zmm29,ZMMWORD[((256-128))+rdi]
+ vmovdqu8 zmm30,ZMMWORD[((256-64))+rdi]
+
+
+
+
+ vpshufb zmm0,zmm12,zmm8
+ vpaddd zmm12,zmm12,zmm11
+ vpshufb zmm1,zmm12,zmm8
+ vpaddd zmm12,zmm12,zmm11
+ vpshufb zmm2,zmm12,zmm8
+ vpaddd zmm12,zmm12,zmm11
+ vpshufb zmm3,zmm12,zmm8
+ vpaddd zmm12,zmm12,zmm11
+
+
+ vpxord zmm0,zmm0,zmm13
+ vpxord zmm1,zmm1,zmm13
+ vpxord zmm2,zmm2,zmm13
+ vpxord zmm3,zmm3,zmm13
+
+ lea rax,[16+r9]
+$L$vaesenc_loop_first_4_vecs__func1:
+ vbroadcasti32x4 zmm9,ZMMWORD[rax]
+ vaesenc zmm0,zmm0,zmm9
+ vaesenc zmm1,zmm1,zmm9
+ vaesenc zmm2,zmm2,zmm9
+ vaesenc zmm3,zmm3,zmm9
+
+ add rax,16
+ cmp r11,rax
+ jne NEAR $L$vaesenc_loop_first_4_vecs__func1
+ vpxord zmm4,zmm14,ZMMWORD[rcx]
+ vpxord zmm5,zmm14,ZMMWORD[64+rcx]
+ vpxord zmm6,zmm14,ZMMWORD[128+rcx]
+ vpxord zmm7,zmm14,ZMMWORD[192+rcx]
+ vaesenclast zmm4,zmm0,zmm4
+ vaesenclast zmm5,zmm1,zmm5
+ vaesenclast zmm6,zmm2,zmm6
+ vaesenclast zmm7,zmm3,zmm7
+ vmovdqu8 ZMMWORD[rdx],zmm4
+ vmovdqu8 ZMMWORD[64+rdx],zmm5
+ vmovdqu8 ZMMWORD[128+rdx],zmm6
+ vmovdqu8 ZMMWORD[192+rdx],zmm7
+
+ add rcx,256
+ add rdx,256
+ sub r8,256
+ cmp r8,256
+ jb NEAR $L$ghash_last_ciphertext_4x__func1
+
+ vbroadcasti32x4 zmm15,ZMMWORD[((-144))+r11]
+ vbroadcasti32x4 zmm16,ZMMWORD[((-128))+r11]
+ vbroadcasti32x4 zmm17,ZMMWORD[((-112))+r11]
+ vbroadcasti32x4 zmm18,ZMMWORD[((-96))+r11]
+ vbroadcasti32x4 zmm19,ZMMWORD[((-80))+r11]
+ vbroadcasti32x4 zmm20,ZMMWORD[((-64))+r11]
+ vbroadcasti32x4 zmm21,ZMMWORD[((-48))+r11]
+ vbroadcasti32x4 zmm22,ZMMWORD[((-32))+r11]
+ vbroadcasti32x4 zmm23,ZMMWORD[((-16))+r11]
+
+$L$crypt_loop_4x__func1:
+
+
+
+ vpshufb zmm0,zmm12,zmm8
+ vpaddd zmm12,zmm12,zmm11
+ vpshufb zmm1,zmm12,zmm8
+ vpaddd zmm12,zmm12,zmm11
+ vpshufb zmm2,zmm12,zmm8
+ vpaddd zmm12,zmm12,zmm11
+ vpshufb zmm3,zmm12,zmm8
+ vpaddd zmm12,zmm12,zmm11
+
+
+ vpxord zmm0,zmm0,zmm13
+ vpxord zmm1,zmm1,zmm13
+ vpxord zmm2,zmm2,zmm13
+ vpxord zmm3,zmm3,zmm13
+
+ cmp r10d,24
+ jl NEAR $L$aes128__func1
+ je NEAR $L$aes192__func1
+
+ vbroadcasti32x4 zmm9,ZMMWORD[((-208))+r11]
+ vaesenc zmm0,zmm0,zmm9
+ vaesenc zmm1,zmm1,zmm9
+ vaesenc zmm2,zmm2,zmm9
+ vaesenc zmm3,zmm3,zmm9
+
+ vbroadcasti32x4 zmm9,ZMMWORD[((-192))+r11]
+ vaesenc zmm0,zmm0,zmm9
+ vaesenc zmm1,zmm1,zmm9
+ vaesenc zmm2,zmm2,zmm9
+ vaesenc zmm3,zmm3,zmm9
+
+$L$aes192__func1:
+ vbroadcasti32x4 zmm9,ZMMWORD[((-176))+r11]
+ vaesenc zmm0,zmm0,zmm9
+ vaesenc zmm1,zmm1,zmm9
+ vaesenc zmm2,zmm2,zmm9
+ vaesenc zmm3,zmm3,zmm9
+
+ vbroadcasti32x4 zmm9,ZMMWORD[((-160))+r11]
+ vaesenc zmm0,zmm0,zmm9
+ vaesenc zmm1,zmm1,zmm9
+ vaesenc zmm2,zmm2,zmm9
+ vaesenc zmm3,zmm3,zmm9
+
+$L$aes128__func1:
+
+
+
+
+ prefetcht0 [((512+0))+rcx]
+ prefetcht0 [((512+64))+rcx]
+ prefetcht0 [((512+128))+rcx]
+ prefetcht0 [((512+192))+rcx]
+
+
+
+
+ vpshufb zmm4,zmm4,zmm8
+ vpxord zmm4,zmm4,zmm10
+ vpshufb zmm5,zmm5,zmm8
+ vpshufb zmm6,zmm6,zmm8
+
+ vaesenc zmm0,zmm0,zmm15
+ vaesenc zmm1,zmm1,zmm15
+ vaesenc zmm2,zmm2,zmm15
+ vaesenc zmm3,zmm3,zmm15
+
+ vpshufb zmm7,zmm7,zmm8
+ vpclmulqdq zmm10,zmm4,zmm27,0x00
+ vpclmulqdq zmm24,zmm5,zmm28,0x00
+ vpclmulqdq zmm25,zmm6,zmm29,0x00
+
+ vaesenc zmm0,zmm0,zmm16
+ vaesenc zmm1,zmm1,zmm16
+ vaesenc zmm2,zmm2,zmm16
+ vaesenc zmm3,zmm3,zmm16
+
+ vpxord zmm10,zmm10,zmm24
+ vpclmulqdq zmm26,zmm7,zmm30,0x00
+ vpternlogd zmm10,zmm25,zmm26,0x96
+ vpclmulqdq zmm24,zmm4,zmm27,0x01
+
+ vaesenc zmm0,zmm0,zmm17
+ vaesenc zmm1,zmm1,zmm17
+ vaesenc zmm2,zmm2,zmm17
+ vaesenc zmm3,zmm3,zmm17
+
+ vpclmulqdq zmm25,zmm5,zmm28,0x01
+ vpclmulqdq zmm26,zmm6,zmm29,0x01
+ vpternlogd zmm24,zmm25,zmm26,0x96
+ vpclmulqdq zmm25,zmm7,zmm30,0x01
+
+ vaesenc zmm0,zmm0,zmm18
+ vaesenc zmm1,zmm1,zmm18
+ vaesenc zmm2,zmm2,zmm18
+ vaesenc zmm3,zmm3,zmm18
+
+ vpclmulqdq zmm26,zmm4,zmm27,0x10
+ vpternlogd zmm24,zmm25,zmm26,0x96
+ vpclmulqdq zmm25,zmm5,zmm28,0x10
+ vpclmulqdq zmm26,zmm6,zmm29,0x10
+
+ vaesenc zmm0,zmm0,zmm19
+ vaesenc zmm1,zmm1,zmm19
+ vaesenc zmm2,zmm2,zmm19
+ vaesenc zmm3,zmm3,zmm19
+
+ vpternlogd zmm24,zmm25,zmm26,0x96
+ vpclmulqdq zmm26,zmm31,zmm10,0x01
+ vpclmulqdq zmm25,zmm7,zmm30,0x10
+ vpxord zmm24,zmm24,zmm25
+
+ vaesenc zmm0,zmm0,zmm20
+ vaesenc zmm1,zmm1,zmm20
+ vaesenc zmm2,zmm2,zmm20
+ vaesenc zmm3,zmm3,zmm20
+
+ vpshufd zmm10,zmm10,0x4e
+ vpclmulqdq zmm4,zmm4,zmm27,0x11
+ vpclmulqdq zmm5,zmm5,zmm28,0x11
+ vpclmulqdq zmm6,zmm6,zmm29,0x11
+
+ vaesenc zmm0,zmm0,zmm21
+ vaesenc zmm1,zmm1,zmm21
+ vaesenc zmm2,zmm2,zmm21
+ vaesenc zmm3,zmm3,zmm21
+
+ vpternlogd zmm24,zmm10,zmm26,0x96
+ vpclmulqdq zmm7,zmm7,zmm30,0x11
+ vpternlogd zmm4,zmm5,zmm6,0x96
+ vpclmulqdq zmm25,zmm31,zmm24,0x01
+
+ vaesenc zmm0,zmm0,zmm22
+ vaesenc zmm1,zmm1,zmm22
+ vaesenc zmm2,zmm2,zmm22
+ vaesenc zmm3,zmm3,zmm22
+
+ vpxord zmm10,zmm4,zmm7
+ vpshufd zmm24,zmm24,0x4e
+ vpternlogd zmm10,zmm24,zmm25,0x96
+
+ vaesenc zmm0,zmm0,zmm23
+ vaesenc zmm1,zmm1,zmm23
+ vaesenc zmm2,zmm2,zmm23
+ vaesenc zmm3,zmm3,zmm23
+
+
+ vextracti32x4 xmm4,zmm10,1
+ vextracti32x4 xmm5,zmm10,2
+ vextracti32x4 xmm6,zmm10,3
+ vpxord xmm10,xmm10,xmm4
+ vpternlogd xmm10,xmm6,xmm5,0x96
+
+ vpxord zmm4,zmm14,ZMMWORD[rcx]
+ vpxord zmm5,zmm14,ZMMWORD[64+rcx]
+ vpxord zmm6,zmm14,ZMMWORD[128+rcx]
+ vpxord zmm7,zmm14,ZMMWORD[192+rcx]
+ vaesenclast zmm4,zmm0,zmm4
+ vaesenclast zmm5,zmm1,zmm5
+ vaesenclast zmm6,zmm2,zmm6
+ vaesenclast zmm7,zmm3,zmm7
+ vmovdqu8 ZMMWORD[rdx],zmm4
+ vmovdqu8 ZMMWORD[64+rdx],zmm5
+ vmovdqu8 ZMMWORD[128+rdx],zmm6
+ vmovdqu8 ZMMWORD[192+rdx],zmm7
+
+ add rcx,256
+ add rdx,256
+ sub r8,256
+ cmp r8,256
+ jae NEAR $L$crypt_loop_4x__func1
+$L$ghash_last_ciphertext_4x__func1:
+ vpshufb zmm4,zmm4,zmm8
+ vpxord zmm4,zmm4,zmm10
+ vpshufb zmm5,zmm5,zmm8
+ vpshufb zmm6,zmm6,zmm8
+ vpshufb zmm7,zmm7,zmm8
+ vpclmulqdq zmm10,zmm4,zmm27,0x00
+ vpclmulqdq zmm24,zmm5,zmm28,0x00
+ vpclmulqdq zmm25,zmm6,zmm29,0x00
+ vpxord zmm10,zmm10,zmm24
+ vpclmulqdq zmm26,zmm7,zmm30,0x00
+ vpternlogd zmm10,zmm25,zmm26,0x96
+ vpclmulqdq zmm24,zmm4,zmm27,0x01
+ vpclmulqdq zmm25,zmm5,zmm28,0x01
+ vpclmulqdq zmm26,zmm6,zmm29,0x01
+ vpternlogd zmm24,zmm25,zmm26,0x96
+ vpclmulqdq zmm25,zmm7,zmm30,0x01
+ vpclmulqdq zmm26,zmm4,zmm27,0x10
+ vpternlogd zmm24,zmm25,zmm26,0x96
+ vpclmulqdq zmm25,zmm5,zmm28,0x10
+ vpclmulqdq zmm26,zmm6,zmm29,0x10
+ vpternlogd zmm24,zmm25,zmm26,0x96
+ vpclmulqdq zmm26,zmm31,zmm10,0x01
+ vpclmulqdq zmm25,zmm7,zmm30,0x10
+ vpxord zmm24,zmm24,zmm25
+ vpshufd zmm10,zmm10,0x4e
+ vpclmulqdq zmm4,zmm4,zmm27,0x11
+ vpclmulqdq zmm5,zmm5,zmm28,0x11
+ vpclmulqdq zmm6,zmm6,zmm29,0x11
+ vpternlogd zmm24,zmm10,zmm26,0x96
+ vpclmulqdq zmm7,zmm7,zmm30,0x11
+ vpternlogd zmm4,zmm5,zmm6,0x96
+ vpclmulqdq zmm25,zmm31,zmm24,0x01
+ vpxord zmm10,zmm4,zmm7
+ vpshufd zmm24,zmm24,0x4e
+ vpternlogd zmm10,zmm24,zmm25,0x96
+ vextracti32x4 xmm4,zmm10,1
+ vextracti32x4 xmm5,zmm10,2
+ vextracti32x4 xmm6,zmm10,3
+ vpxord xmm10,xmm10,xmm4
+ vpternlogd xmm10,xmm6,xmm5,0x96
+
+$L$crypt_loop_4x_done__func1:
+
+ test r8,r8
+ jz NEAR $L$done__func1
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ mov rax,r8
+ neg rax
+ and rax,-16
+ lea rsi,[256+rax*1+rdi]
+ vpxor xmm4,xmm4,xmm4
+ vpxor xmm5,xmm5,xmm5
+ vpxor xmm6,xmm6,xmm6
+
+ cmp r8,64
+ jb NEAR $L$partial_vec__func1
+
+$L$crypt_loop_1x__func1:
+
+
+
+ vpshufb zmm0,zmm12,zmm8
+ vpaddd zmm12,zmm12,zmm11
+ vpxord zmm0,zmm0,zmm13
+ lea rax,[16+r9]
+$L$vaesenc_loop_tail_full_vec__func1:
+ vbroadcasti32x4 zmm9,ZMMWORD[rax]
+ vaesenc zmm0,zmm0,zmm9
+ add rax,16
+ cmp r11,rax
+ jne NEAR $L$vaesenc_loop_tail_full_vec__func1
+ vaesenclast zmm0,zmm0,zmm14
+
+
+ vmovdqu8 zmm1,ZMMWORD[rcx]
+ vpxord zmm0,zmm0,zmm1
+ vmovdqu8 ZMMWORD[rdx],zmm0
+
+
+ vmovdqu8 zmm30,ZMMWORD[rsi]
+ vpshufb zmm0,zmm0,zmm8
+ vpxord zmm0,zmm0,zmm10
+ vpclmulqdq zmm7,zmm0,zmm30,0x00
+ vpclmulqdq zmm1,zmm0,zmm30,0x01
+ vpclmulqdq zmm2,zmm0,zmm30,0x10
+ vpclmulqdq zmm3,zmm0,zmm30,0x11
+ vpxord zmm4,zmm4,zmm7
+ vpternlogd zmm5,zmm1,zmm2,0x96
+ vpxord zmm6,zmm6,zmm3
+
+ vpxor xmm10,xmm10,xmm10
+
+ add rsi,64
+ add rcx,64
+ add rdx,64
+ sub r8,64
+ cmp r8,64
+ jae NEAR $L$crypt_loop_1x__func1
+
+ test r8,r8
+ jz NEAR $L$reduce__func1
+
+$L$partial_vec__func1:
+
+
+
+
+ mov rax,-1
+ bzhi rax,rax,r8
+ kmovq k1,rax
+ add r8,15
+ and r8,-16
+ mov rax,-1
+ bzhi rax,rax,r8
+ kmovq k2,rax
+
+
+
+ vpshufb zmm0,zmm12,zmm8
+ vpxord zmm0,zmm0,zmm13
+ lea rax,[16+r9]
+$L$vaesenc_loop_tail_partialvec__func1:
+ vbroadcasti32x4 zmm9,ZMMWORD[rax]
+ vaesenc zmm0,zmm0,zmm9
+ add rax,16
+ cmp r11,rax
+ jne NEAR $L$vaesenc_loop_tail_partialvec__func1
+ vaesenclast zmm0,zmm0,zmm14
+
+
+ vmovdqu8 zmm1{k1}{z},[rcx]
+ vpxord zmm0,zmm0,zmm1
+ vmovdqu8 ZMMWORD[rdx]{k1},zmm0
+
+
+
+
+
+
+
+
+
+
+
+
+
+ vmovdqu8 zmm30{k2}{z},[rsi]
+ vmovdqu8 zmm1{k1}{z},zmm0
+ vpshufb zmm0,zmm1,zmm8
+ vpxord zmm0,zmm0,zmm10
+ vpclmulqdq zmm7,zmm0,zmm30,0x00
+ vpclmulqdq zmm1,zmm0,zmm30,0x01
+ vpclmulqdq zmm2,zmm0,zmm30,0x10
+ vpclmulqdq zmm3,zmm0,zmm30,0x11
+ vpxord zmm4,zmm4,zmm7
+ vpternlogd zmm5,zmm1,zmm2,0x96
+ vpxord zmm6,zmm6,zmm3
+
+
+$L$reduce__func1:
+
+ vpclmulqdq zmm0,zmm31,zmm4,0x01
+ vpshufd zmm4,zmm4,0x4e
+ vpternlogd zmm5,zmm4,zmm0,0x96
+ vpclmulqdq zmm0,zmm31,zmm5,0x01
+ vpshufd zmm5,zmm5,0x4e
+ vpternlogd zmm6,zmm5,zmm0,0x96
+
+ vextracti32x4 xmm0,zmm6,1
+ vextracti32x4 xmm1,zmm6,2
+ vextracti32x4 xmm2,zmm6,3
+ vpxord xmm10,xmm6,xmm0
+ vpternlogd xmm10,xmm2,xmm1,0x96
+
+
+$L$done__func1:
+
+ vpshufb xmm10,xmm10,xmm8
+ vmovdqu XMMWORD[r12],xmm10
+
+ vzeroupper
+ vmovdqa xmm6,XMMWORD[rsp]
+ vmovdqa xmm7,XMMWORD[16+rsp]
+ vmovdqa xmm8,XMMWORD[32+rsp]
+ vmovdqa xmm9,XMMWORD[48+rsp]
+ vmovdqa xmm10,XMMWORD[64+rsp]
+ vmovdqa xmm11,XMMWORD[80+rsp]
+ vmovdqa xmm12,XMMWORD[96+rsp]
+ vmovdqa xmm13,XMMWORD[112+rsp]
+ vmovdqa xmm14,XMMWORD[128+rsp]
+ vmovdqa xmm15,XMMWORD[144+rsp]
+ add rsp,160
+ pop r12
+ pop rdi
+ pop rsi
+ ret
+$L$SEH_end_aes_gcm_enc_update_vaes_avx512_17:
+
+
+global aes_gcm_dec_update_vaes_avx512
+
+ALIGN 32
+aes_gcm_dec_update_vaes_avx512:
+
+$L$SEH_begin_aes_gcm_dec_update_vaes_avx512_1:
+_CET_ENDBR
+ push rsi
+$L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_2:
+ push rdi
+$L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_3:
+ push r12
+$L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_4:
+
+ mov rsi,QWORD[64+rsp]
+ mov rdi,QWORD[72+rsp]
+ mov r12,QWORD[80+rsp]
+ sub rsp,160
+$L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_5:
+ vmovdqa XMMWORD[rsp],xmm6
+$L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_6:
+ vmovdqa XMMWORD[16+rsp],xmm7
+$L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_7:
+ vmovdqa XMMWORD[32+rsp],xmm8
+$L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_8:
+ vmovdqa XMMWORD[48+rsp],xmm9
+$L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_9:
+ vmovdqa XMMWORD[64+rsp],xmm10
+$L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_10:
+ vmovdqa XMMWORD[80+rsp],xmm11
+$L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_11:
+ vmovdqa XMMWORD[96+rsp],xmm12
+$L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_12:
+ vmovdqa XMMWORD[112+rsp],xmm13
+$L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_13:
+ vmovdqa XMMWORD[128+rsp],xmm14
+$L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_14:
+ vmovdqa XMMWORD[144+rsp],xmm15
+$L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_15:
+
+$L$SEH_endprologue_aes_gcm_dec_update_vaes_avx512_16:
+
+ vbroadcasti32x4 zmm8,ZMMWORD[$L$bswap_mask]
+ vbroadcasti32x4 zmm31,ZMMWORD[$L$gfpoly]
+
+
+
+ vmovdqu xmm10,XMMWORD[r12]
+ vpshufb xmm10,xmm10,xmm8
+ vbroadcasti32x4 zmm12,ZMMWORD[rsi]
+ vpshufb zmm12,zmm12,zmm8
+
+
+
+ mov r10d,DWORD[240+r9]
+ lea r10d,[((-20))+r10*4]
+
+
+
+
+ lea r11,[96+r10*4+r9]
+ vbroadcasti32x4 zmm13,ZMMWORD[r9]
+ vbroadcasti32x4 zmm14,ZMMWORD[r11]
+
+
+ vpaddd zmm12,zmm12,ZMMWORD[$L$ctr_pattern]
+
+
+ vbroadcasti32x4 zmm11,ZMMWORD[$L$inc_4blocks]
+
+
+
+ cmp r8,256
+ jb NEAR $L$crypt_loop_4x_done__func2
+
+
+ vmovdqu8 zmm27,ZMMWORD[((256-256))+rdi]
+ vmovdqu8 zmm28,ZMMWORD[((256-192))+rdi]
+ vmovdqu8 zmm29,ZMMWORD[((256-128))+rdi]
+ vmovdqu8 zmm30,ZMMWORD[((256-64))+rdi]
+
+ vbroadcasti32x4 zmm15,ZMMWORD[((-144))+r11]
+ vbroadcasti32x4 zmm16,ZMMWORD[((-128))+r11]
+ vbroadcasti32x4 zmm17,ZMMWORD[((-112))+r11]
+ vbroadcasti32x4 zmm18,ZMMWORD[((-96))+r11]
+ vbroadcasti32x4 zmm19,ZMMWORD[((-80))+r11]
+ vbroadcasti32x4 zmm20,ZMMWORD[((-64))+r11]
+ vbroadcasti32x4 zmm21,ZMMWORD[((-48))+r11]
+ vbroadcasti32x4 zmm22,ZMMWORD[((-32))+r11]
+ vbroadcasti32x4 zmm23,ZMMWORD[((-16))+r11]
+
+$L$crypt_loop_4x__func2:
+ vmovdqu8 zmm4,ZMMWORD[rcx]
+ vmovdqu8 zmm5,ZMMWORD[64+rcx]
+ vmovdqu8 zmm6,ZMMWORD[128+rcx]
+ vmovdqu8 zmm7,ZMMWORD[192+rcx]
+
+
+
+ vpshufb zmm0,zmm12,zmm8
+ vpaddd zmm12,zmm12,zmm11
+ vpshufb zmm1,zmm12,zmm8
+ vpaddd zmm12,zmm12,zmm11
+ vpshufb zmm2,zmm12,zmm8
+ vpaddd zmm12,zmm12,zmm11
+ vpshufb zmm3,zmm12,zmm8
+ vpaddd zmm12,zmm12,zmm11
+
+
+ vpxord zmm0,zmm0,zmm13
+ vpxord zmm1,zmm1,zmm13
+ vpxord zmm2,zmm2,zmm13
+ vpxord zmm3,zmm3,zmm13
+
+ cmp r10d,24
+ jl NEAR $L$aes128__func2
+ je NEAR $L$aes192__func2
+
+ vbroadcasti32x4 zmm9,ZMMWORD[((-208))+r11]
+ vaesenc zmm0,zmm0,zmm9
+ vaesenc zmm1,zmm1,zmm9
+ vaesenc zmm2,zmm2,zmm9
+ vaesenc zmm3,zmm3,zmm9
+
+ vbroadcasti32x4 zmm9,ZMMWORD[((-192))+r11]
+ vaesenc zmm0,zmm0,zmm9
+ vaesenc zmm1,zmm1,zmm9
+ vaesenc zmm2,zmm2,zmm9
+ vaesenc zmm3,zmm3,zmm9
+
+$L$aes192__func2:
+ vbroadcasti32x4 zmm9,ZMMWORD[((-176))+r11]
+ vaesenc zmm0,zmm0,zmm9
+ vaesenc zmm1,zmm1,zmm9
+ vaesenc zmm2,zmm2,zmm9
+ vaesenc zmm3,zmm3,zmm9
+
+ vbroadcasti32x4 zmm9,ZMMWORD[((-160))+r11]
+ vaesenc zmm0,zmm0,zmm9
+ vaesenc zmm1,zmm1,zmm9
+ vaesenc zmm2,zmm2,zmm9
+ vaesenc zmm3,zmm3,zmm9
+
+$L$aes128__func2:
+
+
+
+
+ prefetcht0 [((512+0))+rcx]
+ prefetcht0 [((512+64))+rcx]
+ prefetcht0 [((512+128))+rcx]
+ prefetcht0 [((512+192))+rcx]
+
+
+
+
+ vpshufb zmm4,zmm4,zmm8
+ vpxord zmm4,zmm4,zmm10
+ vpshufb zmm5,zmm5,zmm8
+ vpshufb zmm6,zmm6,zmm8
+
+ vaesenc zmm0,zmm0,zmm15
+ vaesenc zmm1,zmm1,zmm15
+ vaesenc zmm2,zmm2,zmm15
+ vaesenc zmm3,zmm3,zmm15
+
+ vpshufb zmm7,zmm7,zmm8
+ vpclmulqdq zmm10,zmm4,zmm27,0x00
+ vpclmulqdq zmm24,zmm5,zmm28,0x00
+ vpclmulqdq zmm25,zmm6,zmm29,0x00
+
+ vaesenc zmm0,zmm0,zmm16
+ vaesenc zmm1,zmm1,zmm16
+ vaesenc zmm2,zmm2,zmm16
+ vaesenc zmm3,zmm3,zmm16
+
+ vpxord zmm10,zmm10,zmm24
+ vpclmulqdq zmm26,zmm7,zmm30,0x00
+ vpternlogd zmm10,zmm25,zmm26,0x96
+ vpclmulqdq zmm24,zmm4,zmm27,0x01
+
+ vaesenc zmm0,zmm0,zmm17
+ vaesenc zmm1,zmm1,zmm17
+ vaesenc zmm2,zmm2,zmm17
+ vaesenc zmm3,zmm3,zmm17
+
+ vpclmulqdq zmm25,zmm5,zmm28,0x01
+ vpclmulqdq zmm26,zmm6,zmm29,0x01
+ vpternlogd zmm24,zmm25,zmm26,0x96
+ vpclmulqdq zmm25,zmm7,zmm30,0x01
+
+ vaesenc zmm0,zmm0,zmm18
+ vaesenc zmm1,zmm1,zmm18
+ vaesenc zmm2,zmm2,zmm18
+ vaesenc zmm3,zmm3,zmm18
+
+ vpclmulqdq zmm26,zmm4,zmm27,0x10
+ vpternlogd zmm24,zmm25,zmm26,0x96
+ vpclmulqdq zmm25,zmm5,zmm28,0x10
+ vpclmulqdq zmm26,zmm6,zmm29,0x10
+
+ vaesenc zmm0,zmm0,zmm19
+ vaesenc zmm1,zmm1,zmm19
+ vaesenc zmm2,zmm2,zmm19
+ vaesenc zmm3,zmm3,zmm19
+
+ vpternlogd zmm24,zmm25,zmm26,0x96
+ vpclmulqdq zmm26,zmm31,zmm10,0x01
+ vpclmulqdq zmm25,zmm7,zmm30,0x10
+ vpxord zmm24,zmm24,zmm25
+
+ vaesenc zmm0,zmm0,zmm20
+ vaesenc zmm1,zmm1,zmm20
+ vaesenc zmm2,zmm2,zmm20
+ vaesenc zmm3,zmm3,zmm20
+
+ vpshufd zmm10,zmm10,0x4e
+ vpclmulqdq zmm4,zmm4,zmm27,0x11
+ vpclmulqdq zmm5,zmm5,zmm28,0x11
+ vpclmulqdq zmm6,zmm6,zmm29,0x11
+
+ vaesenc zmm0,zmm0,zmm21
+ vaesenc zmm1,zmm1,zmm21
+ vaesenc zmm2,zmm2,zmm21
+ vaesenc zmm3,zmm3,zmm21
+
+ vpternlogd zmm24,zmm10,zmm26,0x96
+ vpclmulqdq zmm7,zmm7,zmm30,0x11
+ vpternlogd zmm4,zmm5,zmm6,0x96
+ vpclmulqdq zmm25,zmm31,zmm24,0x01
+
+ vaesenc zmm0,zmm0,zmm22
+ vaesenc zmm1,zmm1,zmm22
+ vaesenc zmm2,zmm2,zmm22
+ vaesenc zmm3,zmm3,zmm22
+
+ vpxord zmm10,zmm4,zmm7
+ vpshufd zmm24,zmm24,0x4e
+ vpternlogd zmm10,zmm24,zmm25,0x96
+
+ vaesenc zmm0,zmm0,zmm23
+ vaesenc zmm1,zmm1,zmm23
+ vaesenc zmm2,zmm2,zmm23
+ vaesenc zmm3,zmm3,zmm23
+
+
+ vextracti32x4 xmm4,zmm10,1
+ vextracti32x4 xmm5,zmm10,2
+ vextracti32x4 xmm6,zmm10,3
+ vpxord xmm10,xmm10,xmm4
+ vpternlogd xmm10,xmm6,xmm5,0x96
+
+ vpxord zmm4,zmm14,ZMMWORD[rcx]
+ vpxord zmm5,zmm14,ZMMWORD[64+rcx]
+ vpxord zmm6,zmm14,ZMMWORD[128+rcx]
+ vpxord zmm7,zmm14,ZMMWORD[192+rcx]
+ vaesenclast zmm4,zmm0,zmm4
+ vaesenclast zmm5,zmm1,zmm5
+ vaesenclast zmm6,zmm2,zmm6
+ vaesenclast zmm7,zmm3,zmm7
+ vmovdqu8 ZMMWORD[rdx],zmm4
+ vmovdqu8 ZMMWORD[64+rdx],zmm5
+ vmovdqu8 ZMMWORD[128+rdx],zmm6
+ vmovdqu8 ZMMWORD[192+rdx],zmm7
+
+ add rcx,256
+ add rdx,256
+ sub r8,256
+ cmp r8,256
+ jae NEAR $L$crypt_loop_4x__func2
+$L$crypt_loop_4x_done__func2:
+
+ test r8,r8
+ jz NEAR $L$done__func2
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ mov rax,r8
+ neg rax
+ and rax,-16
+ lea rsi,[256+rax*1+rdi]
+ vpxor xmm4,xmm4,xmm4
+ vpxor xmm5,xmm5,xmm5
+ vpxor xmm6,xmm6,xmm6
+
+ cmp r8,64
+ jb NEAR $L$partial_vec__func2
+
+$L$crypt_loop_1x__func2:
+
+
+
+ vpshufb zmm0,zmm12,zmm8
+ vpaddd zmm12,zmm12,zmm11
+ vpxord zmm0,zmm0,zmm13
+ lea rax,[16+r9]
+$L$vaesenc_loop_tail_full_vec__func2:
+ vbroadcasti32x4 zmm9,ZMMWORD[rax]
+ vaesenc zmm0,zmm0,zmm9
+ add rax,16
+ cmp r11,rax
+ jne NEAR $L$vaesenc_loop_tail_full_vec__func2
+ vaesenclast zmm0,zmm0,zmm14
+
+
+ vmovdqu8 zmm1,ZMMWORD[rcx]
+ vpxord zmm0,zmm0,zmm1
+ vmovdqu8 ZMMWORD[rdx],zmm0
+
+
+ vmovdqu8 zmm30,ZMMWORD[rsi]
+ vpshufb zmm0,zmm1,zmm8
+ vpxord zmm0,zmm0,zmm10
+ vpclmulqdq zmm7,zmm0,zmm30,0x00
+ vpclmulqdq zmm1,zmm0,zmm30,0x01
+ vpclmulqdq zmm2,zmm0,zmm30,0x10
+ vpclmulqdq zmm3,zmm0,zmm30,0x11
+ vpxord zmm4,zmm4,zmm7
+ vpternlogd zmm5,zmm1,zmm2,0x96
+ vpxord zmm6,zmm6,zmm3
+
+ vpxor xmm10,xmm10,xmm10
+
+ add rsi,64
+ add rcx,64
+ add rdx,64
+ sub r8,64
+ cmp r8,64
+ jae NEAR $L$crypt_loop_1x__func2
+
+ test r8,r8
+ jz NEAR $L$reduce__func2
+
+$L$partial_vec__func2:
+
+
+
+
+ mov rax,-1
+ bzhi rax,rax,r8
+ kmovq k1,rax
+ add r8,15
+ and r8,-16
+ mov rax,-1
+ bzhi rax,rax,r8
+ kmovq k2,rax
+
+
+
+ vpshufb zmm0,zmm12,zmm8
+ vpxord zmm0,zmm0,zmm13
+ lea rax,[16+r9]
+$L$vaesenc_loop_tail_partialvec__func2:
+ vbroadcasti32x4 zmm9,ZMMWORD[rax]
+ vaesenc zmm0,zmm0,zmm9
+ add rax,16
+ cmp r11,rax
+ jne NEAR $L$vaesenc_loop_tail_partialvec__func2
+ vaesenclast zmm0,zmm0,zmm14
+
+
+ vmovdqu8 zmm1{k1}{z},[rcx]
+ vpxord zmm0,zmm0,zmm1
+ vmovdqu8 ZMMWORD[rdx]{k1},zmm0
+
+
+
+
+
+
+
+
+
+
+
+
+
+ vmovdqu8 zmm30{k2}{z},[rsi]
+
+ vpshufb zmm0,zmm1,zmm8
+ vpxord zmm0,zmm0,zmm10
+ vpclmulqdq zmm7,zmm0,zmm30,0x00
+ vpclmulqdq zmm1,zmm0,zmm30,0x01
+ vpclmulqdq zmm2,zmm0,zmm30,0x10
+ vpclmulqdq zmm3,zmm0,zmm30,0x11
+ vpxord zmm4,zmm4,zmm7
+ vpternlogd zmm5,zmm1,zmm2,0x96
+ vpxord zmm6,zmm6,zmm3
+
+
+$L$reduce__func2:
+
+ vpclmulqdq zmm0,zmm31,zmm4,0x01
+ vpshufd zmm4,zmm4,0x4e
+ vpternlogd zmm5,zmm4,zmm0,0x96
+ vpclmulqdq zmm0,zmm31,zmm5,0x01
+ vpshufd zmm5,zmm5,0x4e
+ vpternlogd zmm6,zmm5,zmm0,0x96
+
+ vextracti32x4 xmm0,zmm6,1
+ vextracti32x4 xmm1,zmm6,2
+ vextracti32x4 xmm2,zmm6,3
+ vpxord xmm10,xmm6,xmm0
+ vpternlogd xmm10,xmm2,xmm1,0x96
+
+
+$L$done__func2:
+
+ vpshufb xmm10,xmm10,xmm8
+ vmovdqu XMMWORD[r12],xmm10
+
+ vzeroupper
+ vmovdqa xmm6,XMMWORD[rsp]
+ vmovdqa xmm7,XMMWORD[16+rsp]
+ vmovdqa xmm8,XMMWORD[32+rsp]
+ vmovdqa xmm9,XMMWORD[48+rsp]
+ vmovdqa xmm10,XMMWORD[64+rsp]
+ vmovdqa xmm11,XMMWORD[80+rsp]
+ vmovdqa xmm12,XMMWORD[96+rsp]
+ vmovdqa xmm13,XMMWORD[112+rsp]
+ vmovdqa xmm14,XMMWORD[128+rsp]
+ vmovdqa xmm15,XMMWORD[144+rsp]
+ add rsp,160
+ pop r12
+ pop rdi
+ pop rsi
+ ret
+$L$SEH_end_aes_gcm_dec_update_vaes_avx512_17:
+
+
+section .pdata rdata align=4
+ALIGN 4
+ DD $L$SEH_begin_gcm_gmult_vpclmulqdq_avx512_1 wrt ..imagebase
+ DD $L$SEH_end_gcm_gmult_vpclmulqdq_avx512_5 wrt ..imagebase
+ DD $L$SEH_info_gcm_gmult_vpclmulqdq_avx512_0 wrt ..imagebase
+
+ DD $L$SEH_begin_gcm_ghash_vpclmulqdq_avx512_1 wrt ..imagebase
+ DD $L$SEH_end_gcm_ghash_vpclmulqdq_avx512_12 wrt ..imagebase
+ DD $L$SEH_info_gcm_ghash_vpclmulqdq_avx512_0 wrt ..imagebase
+
+ DD $L$SEH_begin_aes_gcm_enc_update_vaes_avx512_1 wrt ..imagebase
+ DD $L$SEH_end_aes_gcm_enc_update_vaes_avx512_17 wrt ..imagebase
+ DD $L$SEH_info_aes_gcm_enc_update_vaes_avx512_0 wrt ..imagebase
+
+ DD $L$SEH_begin_aes_gcm_dec_update_vaes_avx512_1 wrt ..imagebase
+ DD $L$SEH_end_aes_gcm_dec_update_vaes_avx512_17 wrt ..imagebase
+ DD $L$SEH_info_aes_gcm_dec_update_vaes_avx512_0 wrt ..imagebase
+
+
+section .xdata rdata align=8
+ALIGN 4
+$L$SEH_info_gcm_gmult_vpclmulqdq_avx512_0:
+ DB 1
+ DB $L$SEH_endprologue_gcm_gmult_vpclmulqdq_avx512_4-$L$SEH_begin_gcm_gmult_vpclmulqdq_avx512_1
+ DB 3
+ DB 0
+ DB $L$SEH_prologue_gcm_gmult_vpclmulqdq_avx512_3-$L$SEH_begin_gcm_gmult_vpclmulqdq_avx512_1
+ DB 104
+ DW 0
+ DB $L$SEH_prologue_gcm_gmult_vpclmulqdq_avx512_2-$L$SEH_begin_gcm_gmult_vpclmulqdq_avx512_1
+ DB 34
+
+ DW 0
+$L$SEH_info_gcm_ghash_vpclmulqdq_avx512_0:
+ DB 1
+ DB $L$SEH_endprologue_gcm_ghash_vpclmulqdq_avx512_11-$L$SEH_begin_gcm_ghash_vpclmulqdq_avx512_1
+ DB 18
+ DB 0
+ DB $L$SEH_prologue_gcm_ghash_vpclmulqdq_avx512_10-$L$SEH_begin_gcm_ghash_vpclmulqdq_avx512_1
+ DB 216
+ DW 7
+ DB $L$SEH_prologue_gcm_ghash_vpclmulqdq_avx512_9-$L$SEH_begin_gcm_ghash_vpclmulqdq_avx512_1
+ DB 200
+ DW 6
+ DB $L$SEH_prologue_gcm_ghash_vpclmulqdq_avx512_8-$L$SEH_begin_gcm_ghash_vpclmulqdq_avx512_1
+ DB 184
+ DW 5
+ DB $L$SEH_prologue_gcm_ghash_vpclmulqdq_avx512_7-$L$SEH_begin_gcm_ghash_vpclmulqdq_avx512_1
+ DB 168
+ DW 4
+ DB $L$SEH_prologue_gcm_ghash_vpclmulqdq_avx512_6-$L$SEH_begin_gcm_ghash_vpclmulqdq_avx512_1
+ DB 152
+ DW 3
+ DB $L$SEH_prologue_gcm_ghash_vpclmulqdq_avx512_5-$L$SEH_begin_gcm_ghash_vpclmulqdq_avx512_1
+ DB 136
+ DW 2
+ DB $L$SEH_prologue_gcm_ghash_vpclmulqdq_avx512_4-$L$SEH_begin_gcm_ghash_vpclmulqdq_avx512_1
+ DB 120
+ DW 1
+ DB $L$SEH_prologue_gcm_ghash_vpclmulqdq_avx512_3-$L$SEH_begin_gcm_ghash_vpclmulqdq_avx512_1
+ DB 104
+ DW 0
+ DB $L$SEH_prologue_gcm_ghash_vpclmulqdq_avx512_2-$L$SEH_begin_gcm_ghash_vpclmulqdq_avx512_1
+ DB 1
+ DW 17
+
+$L$SEH_info_aes_gcm_enc_update_vaes_avx512_0:
+ DB 1
+ DB $L$SEH_endprologue_aes_gcm_enc_update_vaes_avx512_16-$L$SEH_begin_aes_gcm_enc_update_vaes_avx512_1
+ DB 25
+ DB 0
+ DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_15-$L$SEH_begin_aes_gcm_enc_update_vaes_avx512_1
+ DB 248
+ DW 9
+ DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_14-$L$SEH_begin_aes_gcm_enc_update_vaes_avx512_1
+ DB 232
+ DW 8
+ DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_13-$L$SEH_begin_aes_gcm_enc_update_vaes_avx512_1
+ DB 216
+ DW 7
+ DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_12-$L$SEH_begin_aes_gcm_enc_update_vaes_avx512_1
+ DB 200
+ DW 6
+ DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_11-$L$SEH_begin_aes_gcm_enc_update_vaes_avx512_1
+ DB 184
+ DW 5
+ DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_10-$L$SEH_begin_aes_gcm_enc_update_vaes_avx512_1
+ DB 168
+ DW 4
+ DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_9-$L$SEH_begin_aes_gcm_enc_update_vaes_avx512_1
+ DB 152
+ DW 3
+ DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_8-$L$SEH_begin_aes_gcm_enc_update_vaes_avx512_1
+ DB 136
+ DW 2
+ DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_7-$L$SEH_begin_aes_gcm_enc_update_vaes_avx512_1
+ DB 120
+ DW 1
+ DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_6-$L$SEH_begin_aes_gcm_enc_update_vaes_avx512_1
+ DB 104
+ DW 0
+ DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_5-$L$SEH_begin_aes_gcm_enc_update_vaes_avx512_1
+ DB 1
+ DW 20
+ DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_4-$L$SEH_begin_aes_gcm_enc_update_vaes_avx512_1
+ DB 192
+ DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_3-$L$SEH_begin_aes_gcm_enc_update_vaes_avx512_1
+ DB 112
+ DB $L$SEH_prologue_aes_gcm_enc_update_vaes_avx512_2-$L$SEH_begin_aes_gcm_enc_update_vaes_avx512_1
+ DB 96
+
+ DW 0
+$L$SEH_info_aes_gcm_dec_update_vaes_avx512_0:
+ DB 1
+ DB $L$SEH_endprologue_aes_gcm_dec_update_vaes_avx512_16-$L$SEH_begin_aes_gcm_dec_update_vaes_avx512_1
+ DB 25
+ DB 0
+ DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_15-$L$SEH_begin_aes_gcm_dec_update_vaes_avx512_1
+ DB 248
+ DW 9
+ DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_14-$L$SEH_begin_aes_gcm_dec_update_vaes_avx512_1
+ DB 232
+ DW 8
+ DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_13-$L$SEH_begin_aes_gcm_dec_update_vaes_avx512_1
+ DB 216
+ DW 7
+ DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_12-$L$SEH_begin_aes_gcm_dec_update_vaes_avx512_1
+ DB 200
+ DW 6
+ DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_11-$L$SEH_begin_aes_gcm_dec_update_vaes_avx512_1
+ DB 184
+ DW 5
+ DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_10-$L$SEH_begin_aes_gcm_dec_update_vaes_avx512_1
+ DB 168
+ DW 4
+ DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_9-$L$SEH_begin_aes_gcm_dec_update_vaes_avx512_1
+ DB 152
+ DW 3
+ DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_8-$L$SEH_begin_aes_gcm_dec_update_vaes_avx512_1
+ DB 136
+ DW 2
+ DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_7-$L$SEH_begin_aes_gcm_dec_update_vaes_avx512_1
+ DB 120
+ DW 1
+ DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_6-$L$SEH_begin_aes_gcm_dec_update_vaes_avx512_1
+ DB 104
+ DW 0
+ DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_5-$L$SEH_begin_aes_gcm_dec_update_vaes_avx512_1
+ DB 1
+ DW 20
+ DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_4-$L$SEH_begin_aes_gcm_dec_update_vaes_avx512_1
+ DB 192
+ DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_3-$L$SEH_begin_aes_gcm_dec_update_vaes_avx512_1
+ DB 112
+ DB $L$SEH_prologue_aes_gcm_dec_update_vaes_avx512_2-$L$SEH_begin_aes_gcm_dec_update_vaes_avx512_1
+ DB 96
+
+ DW 0
+%else
+; Work around https://bugzilla.nasm.us/show_bug.cgi?id=3392738
+ret
+%endif
diff --git a/src/gen/bcm/aesni-x86_64-apple.S b/src/gen/bcm/aesni-x86_64-apple.S
index 0247a2d..958cc5a 100644
--- a/src/gen/bcm/aesni-x86_64-apple.S
+++ b/src/gen/bcm/aesni-x86_64-apple.S
@@ -23,12 +23,12 @@
leaq 32(%rdx),%rdx
xorps %xmm0,%xmm2
L$oop_enc1_1:
-.byte 102,15,56,220,209
+ aesenc %xmm1,%xmm2
decl %eax
movups (%rdx),%xmm1
leaq 16(%rdx),%rdx
jnz L$oop_enc1_1
-.byte 102,15,56,221,209
+ aesenclast %xmm1,%xmm2
pxor %xmm0,%xmm0
pxor %xmm1,%xmm1
movups %xmm2,(%rsi)
@@ -51,12 +51,12 @@
leaq 32(%rdx),%rdx
xorps %xmm0,%xmm2
L$oop_dec1_2:
-.byte 102,15,56,222,209
+ aesdec %xmm1,%xmm2
decl %eax
movups (%rdx),%xmm1
leaq 16(%rdx),%rdx
jnz L$oop_dec1_2
-.byte 102,15,56,223,209
+ aesdeclast %xmm1,%xmm2
pxor %xmm0,%xmm0
pxor %xmm1,%xmm1
movups %xmm2,(%rsi)
@@ -79,19 +79,19 @@
addq $16,%rax
L$enc_loop2:
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
movups (%rcx,%rax,1),%xmm1
addq $32,%rax
-.byte 102,15,56,220,208
-.byte 102,15,56,220,216
+ aesenc %xmm0,%xmm2
+ aesenc %xmm0,%xmm3
movups -16(%rcx,%rax,1),%xmm0
jnz L$enc_loop2
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
-.byte 102,15,56,221,208
-.byte 102,15,56,221,216
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
+ aesenclast %xmm0,%xmm2
+ aesenclast %xmm0,%xmm3
ret
@@ -110,19 +110,19 @@
addq $16,%rax
L$dec_loop2:
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
movups (%rcx,%rax,1),%xmm1
addq $32,%rax
-.byte 102,15,56,222,208
-.byte 102,15,56,222,216
+ aesdec %xmm0,%xmm2
+ aesdec %xmm0,%xmm3
movups -16(%rcx,%rax,1),%xmm0
jnz L$dec_loop2
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,223,208
-.byte 102,15,56,223,216
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdeclast %xmm0,%xmm2
+ aesdeclast %xmm0,%xmm3
ret
@@ -142,23 +142,23 @@
addq $16,%rax
L$enc_loop3:
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
movups (%rcx,%rax,1),%xmm1
addq $32,%rax
-.byte 102,15,56,220,208
-.byte 102,15,56,220,216
-.byte 102,15,56,220,224
+ aesenc %xmm0,%xmm2
+ aesenc %xmm0,%xmm3
+ aesenc %xmm0,%xmm4
movups -16(%rcx,%rax,1),%xmm0
jnz L$enc_loop3
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
-.byte 102,15,56,221,208
-.byte 102,15,56,221,216
-.byte 102,15,56,221,224
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
+ aesenclast %xmm0,%xmm2
+ aesenclast %xmm0,%xmm3
+ aesenclast %xmm0,%xmm4
ret
@@ -178,23 +178,23 @@
addq $16,%rax
L$dec_loop3:
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
movups (%rcx,%rax,1),%xmm1
addq $32,%rax
-.byte 102,15,56,222,208
-.byte 102,15,56,222,216
-.byte 102,15,56,222,224
+ aesdec %xmm0,%xmm2
+ aesdec %xmm0,%xmm3
+ aesdec %xmm0,%xmm4
movups -16(%rcx,%rax,1),%xmm0
jnz L$dec_loop3
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
-.byte 102,15,56,223,208
-.byte 102,15,56,223,216
-.byte 102,15,56,223,224
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
+ aesdeclast %xmm0,%xmm2
+ aesdeclast %xmm0,%xmm3
+ aesdeclast %xmm0,%xmm4
ret
@@ -216,27 +216,27 @@
addq $16,%rax
L$enc_loop4:
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
movups (%rcx,%rax,1),%xmm1
addq $32,%rax
-.byte 102,15,56,220,208
-.byte 102,15,56,220,216
-.byte 102,15,56,220,224
-.byte 102,15,56,220,232
+ aesenc %xmm0,%xmm2
+ aesenc %xmm0,%xmm3
+ aesenc %xmm0,%xmm4
+ aesenc %xmm0,%xmm5
movups -16(%rcx,%rax,1),%xmm0
jnz L$enc_loop4
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
-.byte 102,15,56,221,208
-.byte 102,15,56,221,216
-.byte 102,15,56,221,224
-.byte 102,15,56,221,232
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
+ aesenclast %xmm0,%xmm2
+ aesenclast %xmm0,%xmm3
+ aesenclast %xmm0,%xmm4
+ aesenclast %xmm0,%xmm5
ret
@@ -258,27 +258,27 @@
addq $16,%rax
L$dec_loop4:
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
movups (%rcx,%rax,1),%xmm1
addq $32,%rax
-.byte 102,15,56,222,208
-.byte 102,15,56,222,216
-.byte 102,15,56,222,224
-.byte 102,15,56,222,232
+ aesdec %xmm0,%xmm2
+ aesdec %xmm0,%xmm3
+ aesdec %xmm0,%xmm4
+ aesdec %xmm0,%xmm5
movups -16(%rcx,%rax,1),%xmm0
jnz L$dec_loop4
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
-.byte 102,15,56,223,208
-.byte 102,15,56,223,216
-.byte 102,15,56,223,224
-.byte 102,15,56,223,232
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
+ aesdeclast %xmm0,%xmm2
+ aesdeclast %xmm0,%xmm3
+ aesdeclast %xmm0,%xmm4
+ aesdeclast %xmm0,%xmm5
ret
@@ -292,49 +292,49 @@
xorps %xmm0,%xmm2
pxor %xmm0,%xmm3
pxor %xmm0,%xmm4
-.byte 102,15,56,220,209
+ aesenc %xmm1,%xmm2
leaq 32(%rcx,%rax,1),%rcx
negq %rax
-.byte 102,15,56,220,217
+ aesenc %xmm1,%xmm3
pxor %xmm0,%xmm5
pxor %xmm0,%xmm6
-.byte 102,15,56,220,225
+ aesenc %xmm1,%xmm4
pxor %xmm0,%xmm7
movups (%rcx,%rax,1),%xmm0
addq $16,%rax
jmp L$enc_loop6_enter
.p2align 4
L$enc_loop6:
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
L$enc_loop6_enter:
-.byte 102,15,56,220,233
-.byte 102,15,56,220,241
-.byte 102,15,56,220,249
+ aesenc %xmm1,%xmm5
+ aesenc %xmm1,%xmm6
+ aesenc %xmm1,%xmm7
movups (%rcx,%rax,1),%xmm1
addq $32,%rax
-.byte 102,15,56,220,208
-.byte 102,15,56,220,216
-.byte 102,15,56,220,224
-.byte 102,15,56,220,232
-.byte 102,15,56,220,240
-.byte 102,15,56,220,248
+ aesenc %xmm0,%xmm2
+ aesenc %xmm0,%xmm3
+ aesenc %xmm0,%xmm4
+ aesenc %xmm0,%xmm5
+ aesenc %xmm0,%xmm6
+ aesenc %xmm0,%xmm7
movups -16(%rcx,%rax,1),%xmm0
jnz L$enc_loop6
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
-.byte 102,15,56,220,241
-.byte 102,15,56,220,249
-.byte 102,15,56,221,208
-.byte 102,15,56,221,216
-.byte 102,15,56,221,224
-.byte 102,15,56,221,232
-.byte 102,15,56,221,240
-.byte 102,15,56,221,248
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
+ aesenc %xmm1,%xmm6
+ aesenc %xmm1,%xmm7
+ aesenclast %xmm0,%xmm2
+ aesenclast %xmm0,%xmm3
+ aesenclast %xmm0,%xmm4
+ aesenclast %xmm0,%xmm5
+ aesenclast %xmm0,%xmm6
+ aesenclast %xmm0,%xmm7
ret
@@ -348,49 +348,49 @@
xorps %xmm0,%xmm2
pxor %xmm0,%xmm3
pxor %xmm0,%xmm4
-.byte 102,15,56,222,209
+ aesdec %xmm1,%xmm2
leaq 32(%rcx,%rax,1),%rcx
negq %rax
-.byte 102,15,56,222,217
+ aesdec %xmm1,%xmm3
pxor %xmm0,%xmm5
pxor %xmm0,%xmm6
-.byte 102,15,56,222,225
+ aesdec %xmm1,%xmm4
pxor %xmm0,%xmm7
movups (%rcx,%rax,1),%xmm0
addq $16,%rax
jmp L$dec_loop6_enter
.p2align 4
L$dec_loop6:
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
L$dec_loop6_enter:
-.byte 102,15,56,222,233
-.byte 102,15,56,222,241
-.byte 102,15,56,222,249
+ aesdec %xmm1,%xmm5
+ aesdec %xmm1,%xmm6
+ aesdec %xmm1,%xmm7
movups (%rcx,%rax,1),%xmm1
addq $32,%rax
-.byte 102,15,56,222,208
-.byte 102,15,56,222,216
-.byte 102,15,56,222,224
-.byte 102,15,56,222,232
-.byte 102,15,56,222,240
-.byte 102,15,56,222,248
+ aesdec %xmm0,%xmm2
+ aesdec %xmm0,%xmm3
+ aesdec %xmm0,%xmm4
+ aesdec %xmm0,%xmm5
+ aesdec %xmm0,%xmm6
+ aesdec %xmm0,%xmm7
movups -16(%rcx,%rax,1),%xmm0
jnz L$dec_loop6
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
-.byte 102,15,56,222,241
-.byte 102,15,56,222,249
-.byte 102,15,56,223,208
-.byte 102,15,56,223,216
-.byte 102,15,56,223,224
-.byte 102,15,56,223,232
-.byte 102,15,56,223,240
-.byte 102,15,56,223,248
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
+ aesdec %xmm1,%xmm6
+ aesdec %xmm1,%xmm7
+ aesdeclast %xmm0,%xmm2
+ aesdeclast %xmm0,%xmm3
+ aesdeclast %xmm0,%xmm4
+ aesdeclast %xmm0,%xmm5
+ aesdeclast %xmm0,%xmm6
+ aesdeclast %xmm0,%xmm7
ret
@@ -408,55 +408,55 @@
pxor %xmm0,%xmm6
leaq 32(%rcx,%rax,1),%rcx
negq %rax
-.byte 102,15,56,220,209
+ aesenc %xmm1,%xmm2
pxor %xmm0,%xmm7
pxor %xmm0,%xmm8
-.byte 102,15,56,220,217
+ aesenc %xmm1,%xmm3
pxor %xmm0,%xmm9
movups (%rcx,%rax,1),%xmm0
addq $16,%rax
jmp L$enc_loop8_inner
.p2align 4
L$enc_loop8:
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
L$enc_loop8_inner:
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
-.byte 102,15,56,220,241
-.byte 102,15,56,220,249
-.byte 102,68,15,56,220,193
-.byte 102,68,15,56,220,201
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
+ aesenc %xmm1,%xmm6
+ aesenc %xmm1,%xmm7
+ aesenc %xmm1,%xmm8
+ aesenc %xmm1,%xmm9
L$enc_loop8_enter:
movups (%rcx,%rax,1),%xmm1
addq $32,%rax
-.byte 102,15,56,220,208
-.byte 102,15,56,220,216
-.byte 102,15,56,220,224
-.byte 102,15,56,220,232
-.byte 102,15,56,220,240
-.byte 102,15,56,220,248
-.byte 102,68,15,56,220,192
-.byte 102,68,15,56,220,200
+ aesenc %xmm0,%xmm2
+ aesenc %xmm0,%xmm3
+ aesenc %xmm0,%xmm4
+ aesenc %xmm0,%xmm5
+ aesenc %xmm0,%xmm6
+ aesenc %xmm0,%xmm7
+ aesenc %xmm0,%xmm8
+ aesenc %xmm0,%xmm9
movups -16(%rcx,%rax,1),%xmm0
jnz L$enc_loop8
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
-.byte 102,15,56,220,241
-.byte 102,15,56,220,249
-.byte 102,68,15,56,220,193
-.byte 102,68,15,56,220,201
-.byte 102,15,56,221,208
-.byte 102,15,56,221,216
-.byte 102,15,56,221,224
-.byte 102,15,56,221,232
-.byte 102,15,56,221,240
-.byte 102,15,56,221,248
-.byte 102,68,15,56,221,192
-.byte 102,68,15,56,221,200
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
+ aesenc %xmm1,%xmm6
+ aesenc %xmm1,%xmm7
+ aesenc %xmm1,%xmm8
+ aesenc %xmm1,%xmm9
+ aesenclast %xmm0,%xmm2
+ aesenclast %xmm0,%xmm3
+ aesenclast %xmm0,%xmm4
+ aesenclast %xmm0,%xmm5
+ aesenclast %xmm0,%xmm6
+ aesenclast %xmm0,%xmm7
+ aesenclast %xmm0,%xmm8
+ aesenclast %xmm0,%xmm9
ret
@@ -474,55 +474,55 @@
pxor %xmm0,%xmm6
leaq 32(%rcx,%rax,1),%rcx
negq %rax
-.byte 102,15,56,222,209
+ aesdec %xmm1,%xmm2
pxor %xmm0,%xmm7
pxor %xmm0,%xmm8
-.byte 102,15,56,222,217
+ aesdec %xmm1,%xmm3
pxor %xmm0,%xmm9
movups (%rcx,%rax,1),%xmm0
addq $16,%rax
jmp L$dec_loop8_inner
.p2align 4
L$dec_loop8:
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
L$dec_loop8_inner:
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
-.byte 102,15,56,222,241
-.byte 102,15,56,222,249
-.byte 102,68,15,56,222,193
-.byte 102,68,15,56,222,201
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
+ aesdec %xmm1,%xmm6
+ aesdec %xmm1,%xmm7
+ aesdec %xmm1,%xmm8
+ aesdec %xmm1,%xmm9
L$dec_loop8_enter:
movups (%rcx,%rax,1),%xmm1
addq $32,%rax
-.byte 102,15,56,222,208
-.byte 102,15,56,222,216
-.byte 102,15,56,222,224
-.byte 102,15,56,222,232
-.byte 102,15,56,222,240
-.byte 102,15,56,222,248
-.byte 102,68,15,56,222,192
-.byte 102,68,15,56,222,200
+ aesdec %xmm0,%xmm2
+ aesdec %xmm0,%xmm3
+ aesdec %xmm0,%xmm4
+ aesdec %xmm0,%xmm5
+ aesdec %xmm0,%xmm6
+ aesdec %xmm0,%xmm7
+ aesdec %xmm0,%xmm8
+ aesdec %xmm0,%xmm9
movups -16(%rcx,%rax,1),%xmm0
jnz L$dec_loop8
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
-.byte 102,15,56,222,241
-.byte 102,15,56,222,249
-.byte 102,68,15,56,222,193
-.byte 102,68,15,56,222,201
-.byte 102,15,56,223,208
-.byte 102,15,56,223,216
-.byte 102,15,56,223,224
-.byte 102,15,56,223,232
-.byte 102,15,56,223,240
-.byte 102,15,56,223,248
-.byte 102,68,15,56,223,192
-.byte 102,68,15,56,223,200
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
+ aesdec %xmm1,%xmm6
+ aesdec %xmm1,%xmm7
+ aesdec %xmm1,%xmm8
+ aesdec %xmm1,%xmm9
+ aesdeclast %xmm0,%xmm2
+ aesdeclast %xmm0,%xmm3
+ aesdeclast %xmm0,%xmm4
+ aesdeclast %xmm0,%xmm5
+ aesdeclast %xmm0,%xmm6
+ aesdeclast %xmm0,%xmm7
+ aesdeclast %xmm0,%xmm8
+ aesdeclast %xmm0,%xmm9
ret
@@ -634,12 +634,12 @@
leaq 32(%rcx),%rcx
xorps %xmm0,%xmm2
L$oop_enc1_3:
-.byte 102,15,56,220,209
+ aesenc %xmm1,%xmm2
decl %eax
movups (%rcx),%xmm1
leaq 16(%rcx),%rcx
jnz L$oop_enc1_3
-.byte 102,15,56,221,209
+ aesenclast %xmm1,%xmm2
movups %xmm2,(%rsi)
jmp L$ecb_ret
.p2align 4
@@ -795,12 +795,12 @@
leaq 32(%rcx),%rcx
xorps %xmm0,%xmm2
L$oop_dec1_4:
-.byte 102,15,56,222,209
+ aesdec %xmm1,%xmm2
decl %eax
movups (%rcx),%xmm1
leaq 16(%rcx),%rcx
jnz L$oop_dec1_4
-.byte 102,15,56,223,209
+ aesdeclast %xmm1,%xmm2
movups %xmm2,(%rsi)
pxor %xmm2,%xmm2
jmp L$ecb_ret
@@ -895,12 +895,12 @@
leaq 32(%rcx),%rcx
xorps %xmm0,%xmm2
L$oop_enc1_5:
-.byte 102,15,56,220,209
+ aesenc %xmm1,%xmm2
decl %edx
movups (%rcx),%xmm1
leaq 16(%rcx),%rcx
jnz L$oop_enc1_5
-.byte 102,15,56,221,209
+ aesenclast %xmm1,%xmm2
pxor %xmm0,%xmm0
pxor %xmm1,%xmm1
xorps %xmm3,%xmm2
@@ -943,17 +943,17 @@
bswapl %edx
xorl %ebp,%eax
xorl %ebp,%edx
-.byte 102,15,58,34,216,3
+ pinsrd $3,%eax,%xmm3
leaq 3(%r8),%rax
movdqa %xmm3,16(%rsp)
-.byte 102,15,58,34,226,3
+ pinsrd $3,%edx,%xmm4
bswapl %eax
movq %r10,%rdx
leaq 4(%r8),%r10
movdqa %xmm4,32(%rsp)
xorl %ebp,%eax
bswapl %r10d
-.byte 102,15,58,34,232,3
+ pinsrd $3,%eax,%xmm5
xorl %ebp,%r10d
movdqa %xmm5,48(%rsp)
leaq 5(%r8),%r9
@@ -987,163 +987,163 @@
L$ctr32_loop8:
addl $8,%r8d
movdqa 96(%rsp),%xmm8
-.byte 102,15,56,220,209
+ aesenc %xmm1,%xmm2
movl %r8d,%r9d
movdqa 112(%rsp),%xmm9
-.byte 102,15,56,220,217
+ aesenc %xmm1,%xmm3
bswapl %r9d
movups 32-128(%rcx),%xmm0
-.byte 102,15,56,220,225
+ aesenc %xmm1,%xmm4
xorl %ebp,%r9d
nop
-.byte 102,15,56,220,233
+ aesenc %xmm1,%xmm5
movl %r9d,0+12(%rsp)
leaq 1(%r8),%r9
-.byte 102,15,56,220,241
-.byte 102,15,56,220,249
-.byte 102,68,15,56,220,193
-.byte 102,68,15,56,220,201
+ aesenc %xmm1,%xmm6
+ aesenc %xmm1,%xmm7
+ aesenc %xmm1,%xmm8
+ aesenc %xmm1,%xmm9
movups 48-128(%rcx),%xmm1
bswapl %r9d
-.byte 102,15,56,220,208
-.byte 102,15,56,220,216
+ aesenc %xmm0,%xmm2
+ aesenc %xmm0,%xmm3
xorl %ebp,%r9d
.byte 0x66,0x90
-.byte 102,15,56,220,224
-.byte 102,15,56,220,232
+ aesenc %xmm0,%xmm4
+ aesenc %xmm0,%xmm5
movl %r9d,16+12(%rsp)
leaq 2(%r8),%r9
-.byte 102,15,56,220,240
-.byte 102,15,56,220,248
-.byte 102,68,15,56,220,192
-.byte 102,68,15,56,220,200
+ aesenc %xmm0,%xmm6
+ aesenc %xmm0,%xmm7
+ aesenc %xmm0,%xmm8
+ aesenc %xmm0,%xmm9
movups 64-128(%rcx),%xmm0
bswapl %r9d
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
xorl %ebp,%r9d
.byte 0x66,0x90
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
movl %r9d,32+12(%rsp)
leaq 3(%r8),%r9
-.byte 102,15,56,220,241
-.byte 102,15,56,220,249
-.byte 102,68,15,56,220,193
-.byte 102,68,15,56,220,201
+ aesenc %xmm1,%xmm6
+ aesenc %xmm1,%xmm7
+ aesenc %xmm1,%xmm8
+ aesenc %xmm1,%xmm9
movups 80-128(%rcx),%xmm1
bswapl %r9d
-.byte 102,15,56,220,208
-.byte 102,15,56,220,216
+ aesenc %xmm0,%xmm2
+ aesenc %xmm0,%xmm3
xorl %ebp,%r9d
.byte 0x66,0x90
-.byte 102,15,56,220,224
-.byte 102,15,56,220,232
+ aesenc %xmm0,%xmm4
+ aesenc %xmm0,%xmm5
movl %r9d,48+12(%rsp)
leaq 4(%r8),%r9
-.byte 102,15,56,220,240
-.byte 102,15,56,220,248
-.byte 102,68,15,56,220,192
-.byte 102,68,15,56,220,200
+ aesenc %xmm0,%xmm6
+ aesenc %xmm0,%xmm7
+ aesenc %xmm0,%xmm8
+ aesenc %xmm0,%xmm9
movups 96-128(%rcx),%xmm0
bswapl %r9d
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
xorl %ebp,%r9d
.byte 0x66,0x90
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
movl %r9d,64+12(%rsp)
leaq 5(%r8),%r9
-.byte 102,15,56,220,241
-.byte 102,15,56,220,249
-.byte 102,68,15,56,220,193
-.byte 102,68,15,56,220,201
+ aesenc %xmm1,%xmm6
+ aesenc %xmm1,%xmm7
+ aesenc %xmm1,%xmm8
+ aesenc %xmm1,%xmm9
movups 112-128(%rcx),%xmm1
bswapl %r9d
-.byte 102,15,56,220,208
-.byte 102,15,56,220,216
+ aesenc %xmm0,%xmm2
+ aesenc %xmm0,%xmm3
xorl %ebp,%r9d
.byte 0x66,0x90
-.byte 102,15,56,220,224
-.byte 102,15,56,220,232
+ aesenc %xmm0,%xmm4
+ aesenc %xmm0,%xmm5
movl %r9d,80+12(%rsp)
leaq 6(%r8),%r9
-.byte 102,15,56,220,240
-.byte 102,15,56,220,248
-.byte 102,68,15,56,220,192
-.byte 102,68,15,56,220,200
+ aesenc %xmm0,%xmm6
+ aesenc %xmm0,%xmm7
+ aesenc %xmm0,%xmm8
+ aesenc %xmm0,%xmm9
movups 128-128(%rcx),%xmm0
bswapl %r9d
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
xorl %ebp,%r9d
.byte 0x66,0x90
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
movl %r9d,96+12(%rsp)
leaq 7(%r8),%r9
-.byte 102,15,56,220,241
-.byte 102,15,56,220,249
-.byte 102,68,15,56,220,193
-.byte 102,68,15,56,220,201
+ aesenc %xmm1,%xmm6
+ aesenc %xmm1,%xmm7
+ aesenc %xmm1,%xmm8
+ aesenc %xmm1,%xmm9
movups 144-128(%rcx),%xmm1
bswapl %r9d
-.byte 102,15,56,220,208
-.byte 102,15,56,220,216
-.byte 102,15,56,220,224
+ aesenc %xmm0,%xmm2
+ aesenc %xmm0,%xmm3
+ aesenc %xmm0,%xmm4
xorl %ebp,%r9d
movdqu 0(%rdi),%xmm10
-.byte 102,15,56,220,232
+ aesenc %xmm0,%xmm5
movl %r9d,112+12(%rsp)
cmpl $11,%eax
-.byte 102,15,56,220,240
-.byte 102,15,56,220,248
-.byte 102,68,15,56,220,192
-.byte 102,68,15,56,220,200
+ aesenc %xmm0,%xmm6
+ aesenc %xmm0,%xmm7
+ aesenc %xmm0,%xmm8
+ aesenc %xmm0,%xmm9
movups 160-128(%rcx),%xmm0
jb L$ctr32_enc_done
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
-.byte 102,15,56,220,241
-.byte 102,15,56,220,249
-.byte 102,68,15,56,220,193
-.byte 102,68,15,56,220,201
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
+ aesenc %xmm1,%xmm6
+ aesenc %xmm1,%xmm7
+ aesenc %xmm1,%xmm8
+ aesenc %xmm1,%xmm9
movups 176-128(%rcx),%xmm1
-.byte 102,15,56,220,208
-.byte 102,15,56,220,216
-.byte 102,15,56,220,224
-.byte 102,15,56,220,232
-.byte 102,15,56,220,240
-.byte 102,15,56,220,248
-.byte 102,68,15,56,220,192
-.byte 102,68,15,56,220,200
+ aesenc %xmm0,%xmm2
+ aesenc %xmm0,%xmm3
+ aesenc %xmm0,%xmm4
+ aesenc %xmm0,%xmm5
+ aesenc %xmm0,%xmm6
+ aesenc %xmm0,%xmm7
+ aesenc %xmm0,%xmm8
+ aesenc %xmm0,%xmm9
movups 192-128(%rcx),%xmm0
je L$ctr32_enc_done
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
-.byte 102,15,56,220,241
-.byte 102,15,56,220,249
-.byte 102,68,15,56,220,193
-.byte 102,68,15,56,220,201
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
+ aesenc %xmm1,%xmm6
+ aesenc %xmm1,%xmm7
+ aesenc %xmm1,%xmm8
+ aesenc %xmm1,%xmm9
movups 208-128(%rcx),%xmm1
-.byte 102,15,56,220,208
-.byte 102,15,56,220,216
-.byte 102,15,56,220,224
-.byte 102,15,56,220,232
-.byte 102,15,56,220,240
-.byte 102,15,56,220,248
-.byte 102,68,15,56,220,192
-.byte 102,68,15,56,220,200
+ aesenc %xmm0,%xmm2
+ aesenc %xmm0,%xmm3
+ aesenc %xmm0,%xmm4
+ aesenc %xmm0,%xmm5
+ aesenc %xmm0,%xmm6
+ aesenc %xmm0,%xmm7
+ aesenc %xmm0,%xmm8
+ aesenc %xmm0,%xmm9
movups 224-128(%rcx),%xmm0
jmp L$ctr32_enc_done
@@ -1162,35 +1162,35 @@
prefetcht0 448(%rdi)
prefetcht0 512(%rdi)
pxor %xmm0,%xmm15
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
-.byte 102,15,56,220,241
-.byte 102,15,56,220,249
-.byte 102,68,15,56,220,193
-.byte 102,68,15,56,220,201
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
+ aesenc %xmm1,%xmm6
+ aesenc %xmm1,%xmm7
+ aesenc %xmm1,%xmm8
+ aesenc %xmm1,%xmm9
movdqu 96(%rdi),%xmm1
leaq 128(%rdi),%rdi
-.byte 102,65,15,56,221,210
+ aesenclast %xmm10,%xmm2
pxor %xmm0,%xmm1
movdqu 112-128(%rdi),%xmm10
-.byte 102,65,15,56,221,219
+ aesenclast %xmm11,%xmm3
pxor %xmm0,%xmm10
movdqa 0(%rsp),%xmm11
-.byte 102,65,15,56,221,228
-.byte 102,65,15,56,221,237
+ aesenclast %xmm12,%xmm4
+ aesenclast %xmm13,%xmm5
movdqa 16(%rsp),%xmm12
movdqa 32(%rsp),%xmm13
-.byte 102,65,15,56,221,246
-.byte 102,65,15,56,221,255
+ aesenclast %xmm14,%xmm6
+ aesenclast %xmm15,%xmm7
movdqa 48(%rsp),%xmm14
movdqa 64(%rsp),%xmm15
-.byte 102,68,15,56,221,193
+ aesenclast %xmm1,%xmm8
movdqa 80(%rsp),%xmm0
movups 16-128(%rcx),%xmm1
-.byte 102,69,15,56,221,202
+ aesenclast %xmm10,%xmm9
movups %xmm2,(%rsi)
movdqa %xmm11,%xmm2
@@ -1229,19 +1229,19 @@
pxor %xmm9,%xmm9
movups 16(%rcx),%xmm0
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
leaq 32-16(%rcx,%rax,1),%rcx
negq %rax
-.byte 102,15,56,220,225
+ aesenc %xmm1,%xmm4
addq $16,%rax
movups (%rdi),%xmm10
-.byte 102,15,56,220,233
-.byte 102,15,56,220,241
+ aesenc %xmm1,%xmm5
+ aesenc %xmm1,%xmm6
movups 16(%rdi),%xmm11
movups 32(%rdi),%xmm12
-.byte 102,15,56,220,249
-.byte 102,68,15,56,220,193
+ aesenc %xmm1,%xmm7
+ aesenc %xmm1,%xmm8
call L$enc_loop8_enter
@@ -1272,20 +1272,20 @@
.p2align 5
L$ctr32_loop4:
-.byte 102,15,56,220,209
+ aesenc %xmm1,%xmm2
leaq 16(%rcx),%rcx
decl %eax
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
movups (%rcx),%xmm1
jnz L$ctr32_loop4
-.byte 102,15,56,221,209
-.byte 102,15,56,221,217
+ aesenclast %xmm1,%xmm2
+ aesenclast %xmm1,%xmm3
movups (%rdi),%xmm10
movups 16(%rdi),%xmm11
-.byte 102,15,56,221,225
-.byte 102,15,56,221,233
+ aesenclast %xmm1,%xmm4
+ aesenclast %xmm1,%xmm5
movups 32(%rdi),%xmm12
movups 48(%rdi),%xmm13
@@ -1301,16 +1301,16 @@
.p2align 5
L$ctr32_loop3:
-.byte 102,15,56,220,209
+ aesenc %xmm1,%xmm2
leaq 16(%rcx),%rcx
decl %eax
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
movups (%rcx),%xmm1
jnz L$ctr32_loop3
-.byte 102,15,56,221,209
-.byte 102,15,56,221,217
-.byte 102,15,56,221,225
+ aesenclast %xmm1,%xmm2
+ aesenclast %xmm1,%xmm3
+ aesenclast %xmm1,%xmm4
movups (%rdi),%xmm10
xorps %xmm10,%xmm2
@@ -1393,12 +1393,12 @@
leaq 32(%rcx),%rcx
xorps %xmm3,%xmm2
L$oop_enc1_6:
-.byte 102,15,56,220,209
+ aesenc %xmm1,%xmm2
decl %eax
movups (%rcx),%xmm1
leaq 16(%rcx),%rcx
jnz L$oop_enc1_6
-.byte 102,15,56,221,209
+ aesenclast %xmm1,%xmm2
movl %r10d,%eax
movq %r11,%rcx
movups %xmm2,0(%rsi)
@@ -1444,12 +1444,12 @@
leaq 32(%rcx),%rcx
xorps %xmm0,%xmm2
L$oop_dec1_7:
-.byte 102,15,56,222,209
+ aesdec %xmm1,%xmm2
decl %r10d
movups (%rcx),%xmm1
leaq 16(%rcx),%rcx
jnz L$oop_dec1_7
-.byte 102,15,56,223,209
+ aesdeclast %xmm1,%xmm2
pxor %xmm0,%xmm0
pxor %xmm1,%xmm1
movdqu %xmm4,(%r8)
@@ -1508,166 +1508,166 @@
pxor %xmm0,%xmm7
pxor %xmm0,%xmm8
-.byte 102,15,56,222,209
+ aesdec %xmm1,%xmm2
pxor %xmm0,%xmm9
movups 32-112(%rcx),%xmm0
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
-.byte 102,15,56,222,241
-.byte 102,15,56,222,249
-.byte 102,68,15,56,222,193
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
+ aesdec %xmm1,%xmm6
+ aesdec %xmm1,%xmm7
+ aesdec %xmm1,%xmm8
adcq $0,%rbp
andq $128,%rbp
-.byte 102,68,15,56,222,201
+ aesdec %xmm1,%xmm9
addq %rdi,%rbp
movups 48-112(%rcx),%xmm1
-.byte 102,15,56,222,208
-.byte 102,15,56,222,216
-.byte 102,15,56,222,224
-.byte 102,15,56,222,232
-.byte 102,15,56,222,240
-.byte 102,15,56,222,248
-.byte 102,68,15,56,222,192
-.byte 102,68,15,56,222,200
+ aesdec %xmm0,%xmm2
+ aesdec %xmm0,%xmm3
+ aesdec %xmm0,%xmm4
+ aesdec %xmm0,%xmm5
+ aesdec %xmm0,%xmm6
+ aesdec %xmm0,%xmm7
+ aesdec %xmm0,%xmm8
+ aesdec %xmm0,%xmm9
movups 64-112(%rcx),%xmm0
nop
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
-.byte 102,15,56,222,241
-.byte 102,15,56,222,249
-.byte 102,68,15,56,222,193
-.byte 102,68,15,56,222,201
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
+ aesdec %xmm1,%xmm6
+ aesdec %xmm1,%xmm7
+ aesdec %xmm1,%xmm8
+ aesdec %xmm1,%xmm9
movups 80-112(%rcx),%xmm1
nop
-.byte 102,15,56,222,208
-.byte 102,15,56,222,216
-.byte 102,15,56,222,224
-.byte 102,15,56,222,232
-.byte 102,15,56,222,240
-.byte 102,15,56,222,248
-.byte 102,68,15,56,222,192
-.byte 102,68,15,56,222,200
+ aesdec %xmm0,%xmm2
+ aesdec %xmm0,%xmm3
+ aesdec %xmm0,%xmm4
+ aesdec %xmm0,%xmm5
+ aesdec %xmm0,%xmm6
+ aesdec %xmm0,%xmm7
+ aesdec %xmm0,%xmm8
+ aesdec %xmm0,%xmm9
movups 96-112(%rcx),%xmm0
nop
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
-.byte 102,15,56,222,241
-.byte 102,15,56,222,249
-.byte 102,68,15,56,222,193
-.byte 102,68,15,56,222,201
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
+ aesdec %xmm1,%xmm6
+ aesdec %xmm1,%xmm7
+ aesdec %xmm1,%xmm8
+ aesdec %xmm1,%xmm9
movups 112-112(%rcx),%xmm1
nop
-.byte 102,15,56,222,208
-.byte 102,15,56,222,216
-.byte 102,15,56,222,224
-.byte 102,15,56,222,232
-.byte 102,15,56,222,240
-.byte 102,15,56,222,248
-.byte 102,68,15,56,222,192
-.byte 102,68,15,56,222,200
+ aesdec %xmm0,%xmm2
+ aesdec %xmm0,%xmm3
+ aesdec %xmm0,%xmm4
+ aesdec %xmm0,%xmm5
+ aesdec %xmm0,%xmm6
+ aesdec %xmm0,%xmm7
+ aesdec %xmm0,%xmm8
+ aesdec %xmm0,%xmm9
movups 128-112(%rcx),%xmm0
nop
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
-.byte 102,15,56,222,241
-.byte 102,15,56,222,249
-.byte 102,68,15,56,222,193
-.byte 102,68,15,56,222,201
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
+ aesdec %xmm1,%xmm6
+ aesdec %xmm1,%xmm7
+ aesdec %xmm1,%xmm8
+ aesdec %xmm1,%xmm9
movups 144-112(%rcx),%xmm1
cmpl $11,%eax
-.byte 102,15,56,222,208
-.byte 102,15,56,222,216
-.byte 102,15,56,222,224
-.byte 102,15,56,222,232
-.byte 102,15,56,222,240
-.byte 102,15,56,222,248
-.byte 102,68,15,56,222,192
-.byte 102,68,15,56,222,200
+ aesdec %xmm0,%xmm2
+ aesdec %xmm0,%xmm3
+ aesdec %xmm0,%xmm4
+ aesdec %xmm0,%xmm5
+ aesdec %xmm0,%xmm6
+ aesdec %xmm0,%xmm7
+ aesdec %xmm0,%xmm8
+ aesdec %xmm0,%xmm9
movups 160-112(%rcx),%xmm0
jb L$cbc_dec_done
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
-.byte 102,15,56,222,241
-.byte 102,15,56,222,249
-.byte 102,68,15,56,222,193
-.byte 102,68,15,56,222,201
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
+ aesdec %xmm1,%xmm6
+ aesdec %xmm1,%xmm7
+ aesdec %xmm1,%xmm8
+ aesdec %xmm1,%xmm9
movups 176-112(%rcx),%xmm1
nop
-.byte 102,15,56,222,208
-.byte 102,15,56,222,216
-.byte 102,15,56,222,224
-.byte 102,15,56,222,232
-.byte 102,15,56,222,240
-.byte 102,15,56,222,248
-.byte 102,68,15,56,222,192
-.byte 102,68,15,56,222,200
+ aesdec %xmm0,%xmm2
+ aesdec %xmm0,%xmm3
+ aesdec %xmm0,%xmm4
+ aesdec %xmm0,%xmm5
+ aesdec %xmm0,%xmm6
+ aesdec %xmm0,%xmm7
+ aesdec %xmm0,%xmm8
+ aesdec %xmm0,%xmm9
movups 192-112(%rcx),%xmm0
je L$cbc_dec_done
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
-.byte 102,15,56,222,241
-.byte 102,15,56,222,249
-.byte 102,68,15,56,222,193
-.byte 102,68,15,56,222,201
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
+ aesdec %xmm1,%xmm6
+ aesdec %xmm1,%xmm7
+ aesdec %xmm1,%xmm8
+ aesdec %xmm1,%xmm9
movups 208-112(%rcx),%xmm1
nop
-.byte 102,15,56,222,208
-.byte 102,15,56,222,216
-.byte 102,15,56,222,224
-.byte 102,15,56,222,232
-.byte 102,15,56,222,240
-.byte 102,15,56,222,248
-.byte 102,68,15,56,222,192
-.byte 102,68,15,56,222,200
+ aesdec %xmm0,%xmm2
+ aesdec %xmm0,%xmm3
+ aesdec %xmm0,%xmm4
+ aesdec %xmm0,%xmm5
+ aesdec %xmm0,%xmm6
+ aesdec %xmm0,%xmm7
+ aesdec %xmm0,%xmm8
+ aesdec %xmm0,%xmm9
movups 224-112(%rcx),%xmm0
jmp L$cbc_dec_done
.p2align 4
L$cbc_dec_done:
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
pxor %xmm0,%xmm10
pxor %xmm0,%xmm11
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
pxor %xmm0,%xmm12
pxor %xmm0,%xmm13
-.byte 102,15,56,222,241
-.byte 102,15,56,222,249
+ aesdec %xmm1,%xmm6
+ aesdec %xmm1,%xmm7
pxor %xmm0,%xmm14
pxor %xmm0,%xmm15
-.byte 102,68,15,56,222,193
-.byte 102,68,15,56,222,201
+ aesdec %xmm1,%xmm8
+ aesdec %xmm1,%xmm9
movdqu 80(%rdi),%xmm1
-.byte 102,65,15,56,223,210
+ aesdeclast %xmm10,%xmm2
movdqu 96(%rdi),%xmm10
pxor %xmm0,%xmm1
-.byte 102,65,15,56,223,219
+ aesdeclast %xmm11,%xmm3
pxor %xmm0,%xmm10
movdqu 112(%rdi),%xmm0
-.byte 102,65,15,56,223,228
+ aesdeclast %xmm12,%xmm4
leaq 128(%rdi),%rdi
movdqu 0(%rbp),%xmm11
-.byte 102,65,15,56,223,237
-.byte 102,65,15,56,223,246
+ aesdeclast %xmm13,%xmm5
+ aesdeclast %xmm14,%xmm6
movdqu 16(%rbp),%xmm12
movdqu 32(%rbp),%xmm13
-.byte 102,65,15,56,223,255
-.byte 102,68,15,56,223,193
+ aesdeclast %xmm15,%xmm7
+ aesdeclast %xmm1,%xmm8
movdqu 48(%rbp),%xmm14
movdqu 64(%rbp),%xmm15
-.byte 102,69,15,56,223,202
+ aesdeclast %xmm10,%xmm9
movdqa %xmm0,%xmm10
movdqu 80(%rbp),%xmm1
movups -112(%rcx),%xmm0
@@ -1811,12 +1811,12 @@
leaq 32(%rcx),%rcx
xorps %xmm0,%xmm2
L$oop_dec1_8:
-.byte 102,15,56,222,209
+ aesdec %xmm1,%xmm2
decl %eax
movups (%rcx),%xmm1
leaq 16(%rcx),%rcx
jnz L$oop_dec1_8
-.byte 102,15,56,223,209
+ aesdeclast %xmm1,%xmm2
xorps %xmm10,%xmm2
movaps %xmm11,%xmm10
jmp L$cbc_dec_tail_collected
@@ -1927,8 +1927,8 @@
L$dec_key_inverse:
movups (%rdi),%xmm0
movups (%rdx),%xmm1
-.byte 102,15,56,219,192
-.byte 102,15,56,219,201
+ aesimc %xmm0,%xmm0
+ aesimc %xmm1,%xmm1
leaq 16(%rdi),%rdi
leaq -16(%rdx),%rdx
movups %xmm0,16(%rdx)
@@ -1937,7 +1937,7 @@
ja L$dec_key_inverse
movups (%rdi),%xmm0
-.byte 102,15,56,219,192
+ aesimc %xmm0,%xmm0
pxor %xmm1,%xmm1
movups %xmm0,(%rdx)
pxor %xmm0,%xmm0
@@ -1973,25 +1973,25 @@
movl $9,%esi
movups %xmm0,(%rdx)
-.byte 102,15,58,223,200,1
+ aeskeygenassist $0x1,%xmm0,%xmm1
call L$key_expansion_128_cold
-.byte 102,15,58,223,200,2
+ aeskeygenassist $0x2,%xmm0,%xmm1
call L$key_expansion_128
-.byte 102,15,58,223,200,4
+ aeskeygenassist $0x4,%xmm0,%xmm1
call L$key_expansion_128
-.byte 102,15,58,223,200,8
+ aeskeygenassist $0x8,%xmm0,%xmm1
call L$key_expansion_128
-.byte 102,15,58,223,200,16
+ aeskeygenassist $0x10,%xmm0,%xmm1
call L$key_expansion_128
-.byte 102,15,58,223,200,32
+ aeskeygenassist $0x20,%xmm0,%xmm1
call L$key_expansion_128
-.byte 102,15,58,223,200,64
+ aeskeygenassist $0x40,%xmm0,%xmm1
call L$key_expansion_128
-.byte 102,15,58,223,200,128
+ aeskeygenassist $0x80,%xmm0,%xmm1
call L$key_expansion_128
-.byte 102,15,58,223,200,27
+ aeskeygenassist $0x1b,%xmm0,%xmm1
call L$key_expansion_128
-.byte 102,15,58,223,200,54
+ aeskeygenassist $0x36,%xmm0,%xmm1
call L$key_expansion_128
movups %xmm0,(%rax)
movl %esi,80(%rax)
@@ -2004,21 +2004,21 @@
movl $11,%esi
movups %xmm0,(%rdx)
-.byte 102,15,58,223,202,1
+ aeskeygenassist $0x1,%xmm2,%xmm1
call L$key_expansion_192a_cold
-.byte 102,15,58,223,202,2
+ aeskeygenassist $0x2,%xmm2,%xmm1
call L$key_expansion_192b
-.byte 102,15,58,223,202,4
+ aeskeygenassist $0x4,%xmm2,%xmm1
call L$key_expansion_192a
-.byte 102,15,58,223,202,8
+ aeskeygenassist $0x8,%xmm2,%xmm1
call L$key_expansion_192b
-.byte 102,15,58,223,202,16
+ aeskeygenassist $0x10,%xmm2,%xmm1
call L$key_expansion_192a
-.byte 102,15,58,223,202,32
+ aeskeygenassist $0x20,%xmm2,%xmm1
call L$key_expansion_192b
-.byte 102,15,58,223,202,64
+ aeskeygenassist $0x40,%xmm2,%xmm1
call L$key_expansion_192a
-.byte 102,15,58,223,202,128
+ aeskeygenassist $0x80,%xmm2,%xmm1
call L$key_expansion_192b
movups %xmm0,(%rax)
movl %esi,48(%rax)
@@ -2033,31 +2033,31 @@
movups %xmm0,(%rdx)
movups %xmm2,16(%rdx)
-.byte 102,15,58,223,202,1
+ aeskeygenassist $0x1,%xmm2,%xmm1
call L$key_expansion_256a_cold
-.byte 102,15,58,223,200,1
+ aeskeygenassist $0x1,%xmm0,%xmm1
call L$key_expansion_256b
-.byte 102,15,58,223,202,2
+ aeskeygenassist $0x2,%xmm2,%xmm1
call L$key_expansion_256a
-.byte 102,15,58,223,200,2
+ aeskeygenassist $0x2,%xmm0,%xmm1
call L$key_expansion_256b
-.byte 102,15,58,223,202,4
+ aeskeygenassist $0x4,%xmm2,%xmm1
call L$key_expansion_256a
-.byte 102,15,58,223,200,4
+ aeskeygenassist $0x4,%xmm0,%xmm1
call L$key_expansion_256b
-.byte 102,15,58,223,202,8
+ aeskeygenassist $0x8,%xmm2,%xmm1
call L$key_expansion_256a
-.byte 102,15,58,223,200,8
+ aeskeygenassist $0x8,%xmm0,%xmm1
call L$key_expansion_256b
-.byte 102,15,58,223,202,16
+ aeskeygenassist $0x10,%xmm2,%xmm1
call L$key_expansion_256a
-.byte 102,15,58,223,200,16
+ aeskeygenassist $0x10,%xmm0,%xmm1
call L$key_expansion_256b
-.byte 102,15,58,223,202,32
+ aeskeygenassist $0x20,%xmm2,%xmm1
call L$key_expansion_256a
-.byte 102,15,58,223,200,32
+ aeskeygenassist $0x20,%xmm0,%xmm1
call L$key_expansion_256b
-.byte 102,15,58,223,202,64
+ aeskeygenassist $0x40,%xmm2,%xmm1
call L$key_expansion_256a
movups %xmm0,(%rax)
movl %esi,16(%rax)
@@ -2195,8 +2195,8 @@
.p2align 4
L$oop_key128:
-.byte 102,15,56,0,197
-.byte 102,15,56,221,196
+ pshufb %xmm5,%xmm0
+ aesenclast %xmm4,%xmm0
pslld $1,%xmm4
leaq 16(%rax),%rax
@@ -2217,8 +2217,8 @@
movdqa L$key_rcon1b(%rip),%xmm4
-.byte 102,15,56,0,197
-.byte 102,15,56,221,196
+ pshufb %xmm5,%xmm0
+ aesenclast %xmm4,%xmm0
pslld $1,%xmm4
movdqa %xmm2,%xmm3
@@ -2233,8 +2233,8 @@
movdqu %xmm0,(%rax)
movdqa %xmm0,%xmm2
-.byte 102,15,56,0,197
-.byte 102,15,56,221,196
+ pshufb %xmm5,%xmm0
+ aesenclast %xmm4,%xmm0
movdqa %xmm2,%xmm3
pslldq $4,%xmm2
@@ -2265,8 +2265,8 @@
L$oop_key192:
movq %xmm2,0(%rax)
movdqa %xmm2,%xmm1
-.byte 102,15,56,0,213
-.byte 102,15,56,221,212
+ pshufb %xmm5,%xmm2
+ aesenclast %xmm4,%xmm2
pslld $1,%xmm4
leaq 24(%rax),%rax
@@ -2309,8 +2309,8 @@
.p2align 4
L$oop_key256:
-.byte 102,15,56,0,213
-.byte 102,15,56,221,212
+ pshufb %xmm5,%xmm2
+ aesenclast %xmm4,%xmm2
movdqa %xmm0,%xmm3
pslldq $4,%xmm0
@@ -2329,7 +2329,7 @@
pshufd $0xff,%xmm0,%xmm2
pxor %xmm3,%xmm3
-.byte 102,15,56,221,211
+ aesenclast %xmm3,%xmm2
movdqa %xmm1,%xmm3
pslldq $4,%xmm1
diff --git a/src/gen/bcm/aesni-x86_64-linux.S b/src/gen/bcm/aesni-x86_64-linux.S
index bedd98b..4bce582 100644
--- a/src/gen/bcm/aesni-x86_64-linux.S
+++ b/src/gen/bcm/aesni-x86_64-linux.S
@@ -24,12 +24,12 @@
leaq 32(%rdx),%rdx
xorps %xmm0,%xmm2
.Loop_enc1_1:
-.byte 102,15,56,220,209
+ aesenc %xmm1,%xmm2
decl %eax
movups (%rdx),%xmm1
leaq 16(%rdx),%rdx
jnz .Loop_enc1_1
-.byte 102,15,56,221,209
+ aesenclast %xmm1,%xmm2
pxor %xmm0,%xmm0
pxor %xmm1,%xmm1
movups %xmm2,(%rsi)
@@ -52,12 +52,12 @@
leaq 32(%rdx),%rdx
xorps %xmm0,%xmm2
.Loop_dec1_2:
-.byte 102,15,56,222,209
+ aesdec %xmm1,%xmm2
decl %eax
movups (%rdx),%xmm1
leaq 16(%rdx),%rdx
jnz .Loop_dec1_2
-.byte 102,15,56,223,209
+ aesdeclast %xmm1,%xmm2
pxor %xmm0,%xmm0
pxor %xmm1,%xmm1
movups %xmm2,(%rsi)
@@ -80,19 +80,19 @@
addq $16,%rax
.Lenc_loop2:
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
movups (%rcx,%rax,1),%xmm1
addq $32,%rax
-.byte 102,15,56,220,208
-.byte 102,15,56,220,216
+ aesenc %xmm0,%xmm2
+ aesenc %xmm0,%xmm3
movups -16(%rcx,%rax,1),%xmm0
jnz .Lenc_loop2
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
-.byte 102,15,56,221,208
-.byte 102,15,56,221,216
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
+ aesenclast %xmm0,%xmm2
+ aesenclast %xmm0,%xmm3
ret
.cfi_endproc
.size _aesni_encrypt2,.-_aesni_encrypt2
@@ -111,19 +111,19 @@
addq $16,%rax
.Ldec_loop2:
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
movups (%rcx,%rax,1),%xmm1
addq $32,%rax
-.byte 102,15,56,222,208
-.byte 102,15,56,222,216
+ aesdec %xmm0,%xmm2
+ aesdec %xmm0,%xmm3
movups -16(%rcx,%rax,1),%xmm0
jnz .Ldec_loop2
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,223,208
-.byte 102,15,56,223,216
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdeclast %xmm0,%xmm2
+ aesdeclast %xmm0,%xmm3
ret
.cfi_endproc
.size _aesni_decrypt2,.-_aesni_decrypt2
@@ -143,23 +143,23 @@
addq $16,%rax
.Lenc_loop3:
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
movups (%rcx,%rax,1),%xmm1
addq $32,%rax
-.byte 102,15,56,220,208
-.byte 102,15,56,220,216
-.byte 102,15,56,220,224
+ aesenc %xmm0,%xmm2
+ aesenc %xmm0,%xmm3
+ aesenc %xmm0,%xmm4
movups -16(%rcx,%rax,1),%xmm0
jnz .Lenc_loop3
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
-.byte 102,15,56,221,208
-.byte 102,15,56,221,216
-.byte 102,15,56,221,224
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
+ aesenclast %xmm0,%xmm2
+ aesenclast %xmm0,%xmm3
+ aesenclast %xmm0,%xmm4
ret
.cfi_endproc
.size _aesni_encrypt3,.-_aesni_encrypt3
@@ -179,23 +179,23 @@
addq $16,%rax
.Ldec_loop3:
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
movups (%rcx,%rax,1),%xmm1
addq $32,%rax
-.byte 102,15,56,222,208
-.byte 102,15,56,222,216
-.byte 102,15,56,222,224
+ aesdec %xmm0,%xmm2
+ aesdec %xmm0,%xmm3
+ aesdec %xmm0,%xmm4
movups -16(%rcx,%rax,1),%xmm0
jnz .Ldec_loop3
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
-.byte 102,15,56,223,208
-.byte 102,15,56,223,216
-.byte 102,15,56,223,224
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
+ aesdeclast %xmm0,%xmm2
+ aesdeclast %xmm0,%xmm3
+ aesdeclast %xmm0,%xmm4
ret
.cfi_endproc
.size _aesni_decrypt3,.-_aesni_decrypt3
@@ -217,27 +217,27 @@
addq $16,%rax
.Lenc_loop4:
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
movups (%rcx,%rax,1),%xmm1
addq $32,%rax
-.byte 102,15,56,220,208
-.byte 102,15,56,220,216
-.byte 102,15,56,220,224
-.byte 102,15,56,220,232
+ aesenc %xmm0,%xmm2
+ aesenc %xmm0,%xmm3
+ aesenc %xmm0,%xmm4
+ aesenc %xmm0,%xmm5
movups -16(%rcx,%rax,1),%xmm0
jnz .Lenc_loop4
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
-.byte 102,15,56,221,208
-.byte 102,15,56,221,216
-.byte 102,15,56,221,224
-.byte 102,15,56,221,232
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
+ aesenclast %xmm0,%xmm2
+ aesenclast %xmm0,%xmm3
+ aesenclast %xmm0,%xmm4
+ aesenclast %xmm0,%xmm5
ret
.cfi_endproc
.size _aesni_encrypt4,.-_aesni_encrypt4
@@ -259,27 +259,27 @@
addq $16,%rax
.Ldec_loop4:
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
movups (%rcx,%rax,1),%xmm1
addq $32,%rax
-.byte 102,15,56,222,208
-.byte 102,15,56,222,216
-.byte 102,15,56,222,224
-.byte 102,15,56,222,232
+ aesdec %xmm0,%xmm2
+ aesdec %xmm0,%xmm3
+ aesdec %xmm0,%xmm4
+ aesdec %xmm0,%xmm5
movups -16(%rcx,%rax,1),%xmm0
jnz .Ldec_loop4
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
-.byte 102,15,56,223,208
-.byte 102,15,56,223,216
-.byte 102,15,56,223,224
-.byte 102,15,56,223,232
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
+ aesdeclast %xmm0,%xmm2
+ aesdeclast %xmm0,%xmm3
+ aesdeclast %xmm0,%xmm4
+ aesdeclast %xmm0,%xmm5
ret
.cfi_endproc
.size _aesni_decrypt4,.-_aesni_decrypt4
@@ -293,49 +293,49 @@
xorps %xmm0,%xmm2
pxor %xmm0,%xmm3
pxor %xmm0,%xmm4
-.byte 102,15,56,220,209
+ aesenc %xmm1,%xmm2
leaq 32(%rcx,%rax,1),%rcx
negq %rax
-.byte 102,15,56,220,217
+ aesenc %xmm1,%xmm3
pxor %xmm0,%xmm5
pxor %xmm0,%xmm6
-.byte 102,15,56,220,225
+ aesenc %xmm1,%xmm4
pxor %xmm0,%xmm7
movups (%rcx,%rax,1),%xmm0
addq $16,%rax
jmp .Lenc_loop6_enter
.align 16
.Lenc_loop6:
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
.Lenc_loop6_enter:
-.byte 102,15,56,220,233
-.byte 102,15,56,220,241
-.byte 102,15,56,220,249
+ aesenc %xmm1,%xmm5
+ aesenc %xmm1,%xmm6
+ aesenc %xmm1,%xmm7
movups (%rcx,%rax,1),%xmm1
addq $32,%rax
-.byte 102,15,56,220,208
-.byte 102,15,56,220,216
-.byte 102,15,56,220,224
-.byte 102,15,56,220,232
-.byte 102,15,56,220,240
-.byte 102,15,56,220,248
+ aesenc %xmm0,%xmm2
+ aesenc %xmm0,%xmm3
+ aesenc %xmm0,%xmm4
+ aesenc %xmm0,%xmm5
+ aesenc %xmm0,%xmm6
+ aesenc %xmm0,%xmm7
movups -16(%rcx,%rax,1),%xmm0
jnz .Lenc_loop6
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
-.byte 102,15,56,220,241
-.byte 102,15,56,220,249
-.byte 102,15,56,221,208
-.byte 102,15,56,221,216
-.byte 102,15,56,221,224
-.byte 102,15,56,221,232
-.byte 102,15,56,221,240
-.byte 102,15,56,221,248
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
+ aesenc %xmm1,%xmm6
+ aesenc %xmm1,%xmm7
+ aesenclast %xmm0,%xmm2
+ aesenclast %xmm0,%xmm3
+ aesenclast %xmm0,%xmm4
+ aesenclast %xmm0,%xmm5
+ aesenclast %xmm0,%xmm6
+ aesenclast %xmm0,%xmm7
ret
.cfi_endproc
.size _aesni_encrypt6,.-_aesni_encrypt6
@@ -349,49 +349,49 @@
xorps %xmm0,%xmm2
pxor %xmm0,%xmm3
pxor %xmm0,%xmm4
-.byte 102,15,56,222,209
+ aesdec %xmm1,%xmm2
leaq 32(%rcx,%rax,1),%rcx
negq %rax
-.byte 102,15,56,222,217
+ aesdec %xmm1,%xmm3
pxor %xmm0,%xmm5
pxor %xmm0,%xmm6
-.byte 102,15,56,222,225
+ aesdec %xmm1,%xmm4
pxor %xmm0,%xmm7
movups (%rcx,%rax,1),%xmm0
addq $16,%rax
jmp .Ldec_loop6_enter
.align 16
.Ldec_loop6:
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
.Ldec_loop6_enter:
-.byte 102,15,56,222,233
-.byte 102,15,56,222,241
-.byte 102,15,56,222,249
+ aesdec %xmm1,%xmm5
+ aesdec %xmm1,%xmm6
+ aesdec %xmm1,%xmm7
movups (%rcx,%rax,1),%xmm1
addq $32,%rax
-.byte 102,15,56,222,208
-.byte 102,15,56,222,216
-.byte 102,15,56,222,224
-.byte 102,15,56,222,232
-.byte 102,15,56,222,240
-.byte 102,15,56,222,248
+ aesdec %xmm0,%xmm2
+ aesdec %xmm0,%xmm3
+ aesdec %xmm0,%xmm4
+ aesdec %xmm0,%xmm5
+ aesdec %xmm0,%xmm6
+ aesdec %xmm0,%xmm7
movups -16(%rcx,%rax,1),%xmm0
jnz .Ldec_loop6
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
-.byte 102,15,56,222,241
-.byte 102,15,56,222,249
-.byte 102,15,56,223,208
-.byte 102,15,56,223,216
-.byte 102,15,56,223,224
-.byte 102,15,56,223,232
-.byte 102,15,56,223,240
-.byte 102,15,56,223,248
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
+ aesdec %xmm1,%xmm6
+ aesdec %xmm1,%xmm7
+ aesdeclast %xmm0,%xmm2
+ aesdeclast %xmm0,%xmm3
+ aesdeclast %xmm0,%xmm4
+ aesdeclast %xmm0,%xmm5
+ aesdeclast %xmm0,%xmm6
+ aesdeclast %xmm0,%xmm7
ret
.cfi_endproc
.size _aesni_decrypt6,.-_aesni_decrypt6
@@ -409,55 +409,55 @@
pxor %xmm0,%xmm6
leaq 32(%rcx,%rax,1),%rcx
negq %rax
-.byte 102,15,56,220,209
+ aesenc %xmm1,%xmm2
pxor %xmm0,%xmm7
pxor %xmm0,%xmm8
-.byte 102,15,56,220,217
+ aesenc %xmm1,%xmm3
pxor %xmm0,%xmm9
movups (%rcx,%rax,1),%xmm0
addq $16,%rax
jmp .Lenc_loop8_inner
.align 16
.Lenc_loop8:
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
.Lenc_loop8_inner:
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
-.byte 102,15,56,220,241
-.byte 102,15,56,220,249
-.byte 102,68,15,56,220,193
-.byte 102,68,15,56,220,201
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
+ aesenc %xmm1,%xmm6
+ aesenc %xmm1,%xmm7
+ aesenc %xmm1,%xmm8
+ aesenc %xmm1,%xmm9
.Lenc_loop8_enter:
movups (%rcx,%rax,1),%xmm1
addq $32,%rax
-.byte 102,15,56,220,208
-.byte 102,15,56,220,216
-.byte 102,15,56,220,224
-.byte 102,15,56,220,232
-.byte 102,15,56,220,240
-.byte 102,15,56,220,248
-.byte 102,68,15,56,220,192
-.byte 102,68,15,56,220,200
+ aesenc %xmm0,%xmm2
+ aesenc %xmm0,%xmm3
+ aesenc %xmm0,%xmm4
+ aesenc %xmm0,%xmm5
+ aesenc %xmm0,%xmm6
+ aesenc %xmm0,%xmm7
+ aesenc %xmm0,%xmm8
+ aesenc %xmm0,%xmm9
movups -16(%rcx,%rax,1),%xmm0
jnz .Lenc_loop8
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
-.byte 102,15,56,220,241
-.byte 102,15,56,220,249
-.byte 102,68,15,56,220,193
-.byte 102,68,15,56,220,201
-.byte 102,15,56,221,208
-.byte 102,15,56,221,216
-.byte 102,15,56,221,224
-.byte 102,15,56,221,232
-.byte 102,15,56,221,240
-.byte 102,15,56,221,248
-.byte 102,68,15,56,221,192
-.byte 102,68,15,56,221,200
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
+ aesenc %xmm1,%xmm6
+ aesenc %xmm1,%xmm7
+ aesenc %xmm1,%xmm8
+ aesenc %xmm1,%xmm9
+ aesenclast %xmm0,%xmm2
+ aesenclast %xmm0,%xmm3
+ aesenclast %xmm0,%xmm4
+ aesenclast %xmm0,%xmm5
+ aesenclast %xmm0,%xmm6
+ aesenclast %xmm0,%xmm7
+ aesenclast %xmm0,%xmm8
+ aesenclast %xmm0,%xmm9
ret
.cfi_endproc
.size _aesni_encrypt8,.-_aesni_encrypt8
@@ -475,55 +475,55 @@
pxor %xmm0,%xmm6
leaq 32(%rcx,%rax,1),%rcx
negq %rax
-.byte 102,15,56,222,209
+ aesdec %xmm1,%xmm2
pxor %xmm0,%xmm7
pxor %xmm0,%xmm8
-.byte 102,15,56,222,217
+ aesdec %xmm1,%xmm3
pxor %xmm0,%xmm9
movups (%rcx,%rax,1),%xmm0
addq $16,%rax
jmp .Ldec_loop8_inner
.align 16
.Ldec_loop8:
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
.Ldec_loop8_inner:
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
-.byte 102,15,56,222,241
-.byte 102,15,56,222,249
-.byte 102,68,15,56,222,193
-.byte 102,68,15,56,222,201
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
+ aesdec %xmm1,%xmm6
+ aesdec %xmm1,%xmm7
+ aesdec %xmm1,%xmm8
+ aesdec %xmm1,%xmm9
.Ldec_loop8_enter:
movups (%rcx,%rax,1),%xmm1
addq $32,%rax
-.byte 102,15,56,222,208
-.byte 102,15,56,222,216
-.byte 102,15,56,222,224
-.byte 102,15,56,222,232
-.byte 102,15,56,222,240
-.byte 102,15,56,222,248
-.byte 102,68,15,56,222,192
-.byte 102,68,15,56,222,200
+ aesdec %xmm0,%xmm2
+ aesdec %xmm0,%xmm3
+ aesdec %xmm0,%xmm4
+ aesdec %xmm0,%xmm5
+ aesdec %xmm0,%xmm6
+ aesdec %xmm0,%xmm7
+ aesdec %xmm0,%xmm8
+ aesdec %xmm0,%xmm9
movups -16(%rcx,%rax,1),%xmm0
jnz .Ldec_loop8
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
-.byte 102,15,56,222,241
-.byte 102,15,56,222,249
-.byte 102,68,15,56,222,193
-.byte 102,68,15,56,222,201
-.byte 102,15,56,223,208
-.byte 102,15,56,223,216
-.byte 102,15,56,223,224
-.byte 102,15,56,223,232
-.byte 102,15,56,223,240
-.byte 102,15,56,223,248
-.byte 102,68,15,56,223,192
-.byte 102,68,15,56,223,200
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
+ aesdec %xmm1,%xmm6
+ aesdec %xmm1,%xmm7
+ aesdec %xmm1,%xmm8
+ aesdec %xmm1,%xmm9
+ aesdeclast %xmm0,%xmm2
+ aesdeclast %xmm0,%xmm3
+ aesdeclast %xmm0,%xmm4
+ aesdeclast %xmm0,%xmm5
+ aesdeclast %xmm0,%xmm6
+ aesdeclast %xmm0,%xmm7
+ aesdeclast %xmm0,%xmm8
+ aesdeclast %xmm0,%xmm9
ret
.cfi_endproc
.size _aesni_decrypt8,.-_aesni_decrypt8
@@ -635,12 +635,12 @@
leaq 32(%rcx),%rcx
xorps %xmm0,%xmm2
.Loop_enc1_3:
-.byte 102,15,56,220,209
+ aesenc %xmm1,%xmm2
decl %eax
movups (%rcx),%xmm1
leaq 16(%rcx),%rcx
jnz .Loop_enc1_3
-.byte 102,15,56,221,209
+ aesenclast %xmm1,%xmm2
movups %xmm2,(%rsi)
jmp .Lecb_ret
.align 16
@@ -796,12 +796,12 @@
leaq 32(%rcx),%rcx
xorps %xmm0,%xmm2
.Loop_dec1_4:
-.byte 102,15,56,222,209
+ aesdec %xmm1,%xmm2
decl %eax
movups (%rcx),%xmm1
leaq 16(%rcx),%rcx
jnz .Loop_dec1_4
-.byte 102,15,56,223,209
+ aesdeclast %xmm1,%xmm2
movups %xmm2,(%rsi)
pxor %xmm2,%xmm2
jmp .Lecb_ret
@@ -896,12 +896,12 @@
leaq 32(%rcx),%rcx
xorps %xmm0,%xmm2
.Loop_enc1_5:
-.byte 102,15,56,220,209
+ aesenc %xmm1,%xmm2
decl %edx
movups (%rcx),%xmm1
leaq 16(%rcx),%rcx
jnz .Loop_enc1_5
-.byte 102,15,56,221,209
+ aesenclast %xmm1,%xmm2
pxor %xmm0,%xmm0
pxor %xmm1,%xmm1
xorps %xmm3,%xmm2
@@ -944,17 +944,17 @@
bswapl %edx
xorl %ebp,%eax
xorl %ebp,%edx
-.byte 102,15,58,34,216,3
+ pinsrd $3,%eax,%xmm3
leaq 3(%r8),%rax
movdqa %xmm3,16(%rsp)
-.byte 102,15,58,34,226,3
+ pinsrd $3,%edx,%xmm4
bswapl %eax
movq %r10,%rdx
leaq 4(%r8),%r10
movdqa %xmm4,32(%rsp)
xorl %ebp,%eax
bswapl %r10d
-.byte 102,15,58,34,232,3
+ pinsrd $3,%eax,%xmm5
xorl %ebp,%r10d
movdqa %xmm5,48(%rsp)
leaq 5(%r8),%r9
@@ -988,163 +988,163 @@
.Lctr32_loop8:
addl $8,%r8d
movdqa 96(%rsp),%xmm8
-.byte 102,15,56,220,209
+ aesenc %xmm1,%xmm2
movl %r8d,%r9d
movdqa 112(%rsp),%xmm9
-.byte 102,15,56,220,217
+ aesenc %xmm1,%xmm3
bswapl %r9d
movups 32-128(%rcx),%xmm0
-.byte 102,15,56,220,225
+ aesenc %xmm1,%xmm4
xorl %ebp,%r9d
nop
-.byte 102,15,56,220,233
+ aesenc %xmm1,%xmm5
movl %r9d,0+12(%rsp)
leaq 1(%r8),%r9
-.byte 102,15,56,220,241
-.byte 102,15,56,220,249
-.byte 102,68,15,56,220,193
-.byte 102,68,15,56,220,201
+ aesenc %xmm1,%xmm6
+ aesenc %xmm1,%xmm7
+ aesenc %xmm1,%xmm8
+ aesenc %xmm1,%xmm9
movups 48-128(%rcx),%xmm1
bswapl %r9d
-.byte 102,15,56,220,208
-.byte 102,15,56,220,216
+ aesenc %xmm0,%xmm2
+ aesenc %xmm0,%xmm3
xorl %ebp,%r9d
.byte 0x66,0x90
-.byte 102,15,56,220,224
-.byte 102,15,56,220,232
+ aesenc %xmm0,%xmm4
+ aesenc %xmm0,%xmm5
movl %r9d,16+12(%rsp)
leaq 2(%r8),%r9
-.byte 102,15,56,220,240
-.byte 102,15,56,220,248
-.byte 102,68,15,56,220,192
-.byte 102,68,15,56,220,200
+ aesenc %xmm0,%xmm6
+ aesenc %xmm0,%xmm7
+ aesenc %xmm0,%xmm8
+ aesenc %xmm0,%xmm9
movups 64-128(%rcx),%xmm0
bswapl %r9d
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
xorl %ebp,%r9d
.byte 0x66,0x90
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
movl %r9d,32+12(%rsp)
leaq 3(%r8),%r9
-.byte 102,15,56,220,241
-.byte 102,15,56,220,249
-.byte 102,68,15,56,220,193
-.byte 102,68,15,56,220,201
+ aesenc %xmm1,%xmm6
+ aesenc %xmm1,%xmm7
+ aesenc %xmm1,%xmm8
+ aesenc %xmm1,%xmm9
movups 80-128(%rcx),%xmm1
bswapl %r9d
-.byte 102,15,56,220,208
-.byte 102,15,56,220,216
+ aesenc %xmm0,%xmm2
+ aesenc %xmm0,%xmm3
xorl %ebp,%r9d
.byte 0x66,0x90
-.byte 102,15,56,220,224
-.byte 102,15,56,220,232
+ aesenc %xmm0,%xmm4
+ aesenc %xmm0,%xmm5
movl %r9d,48+12(%rsp)
leaq 4(%r8),%r9
-.byte 102,15,56,220,240
-.byte 102,15,56,220,248
-.byte 102,68,15,56,220,192
-.byte 102,68,15,56,220,200
+ aesenc %xmm0,%xmm6
+ aesenc %xmm0,%xmm7
+ aesenc %xmm0,%xmm8
+ aesenc %xmm0,%xmm9
movups 96-128(%rcx),%xmm0
bswapl %r9d
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
xorl %ebp,%r9d
.byte 0x66,0x90
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
movl %r9d,64+12(%rsp)
leaq 5(%r8),%r9
-.byte 102,15,56,220,241
-.byte 102,15,56,220,249
-.byte 102,68,15,56,220,193
-.byte 102,68,15,56,220,201
+ aesenc %xmm1,%xmm6
+ aesenc %xmm1,%xmm7
+ aesenc %xmm1,%xmm8
+ aesenc %xmm1,%xmm9
movups 112-128(%rcx),%xmm1
bswapl %r9d
-.byte 102,15,56,220,208
-.byte 102,15,56,220,216
+ aesenc %xmm0,%xmm2
+ aesenc %xmm0,%xmm3
xorl %ebp,%r9d
.byte 0x66,0x90
-.byte 102,15,56,220,224
-.byte 102,15,56,220,232
+ aesenc %xmm0,%xmm4
+ aesenc %xmm0,%xmm5
movl %r9d,80+12(%rsp)
leaq 6(%r8),%r9
-.byte 102,15,56,220,240
-.byte 102,15,56,220,248
-.byte 102,68,15,56,220,192
-.byte 102,68,15,56,220,200
+ aesenc %xmm0,%xmm6
+ aesenc %xmm0,%xmm7
+ aesenc %xmm0,%xmm8
+ aesenc %xmm0,%xmm9
movups 128-128(%rcx),%xmm0
bswapl %r9d
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
xorl %ebp,%r9d
.byte 0x66,0x90
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
movl %r9d,96+12(%rsp)
leaq 7(%r8),%r9
-.byte 102,15,56,220,241
-.byte 102,15,56,220,249
-.byte 102,68,15,56,220,193
-.byte 102,68,15,56,220,201
+ aesenc %xmm1,%xmm6
+ aesenc %xmm1,%xmm7
+ aesenc %xmm1,%xmm8
+ aesenc %xmm1,%xmm9
movups 144-128(%rcx),%xmm1
bswapl %r9d
-.byte 102,15,56,220,208
-.byte 102,15,56,220,216
-.byte 102,15,56,220,224
+ aesenc %xmm0,%xmm2
+ aesenc %xmm0,%xmm3
+ aesenc %xmm0,%xmm4
xorl %ebp,%r9d
movdqu 0(%rdi),%xmm10
-.byte 102,15,56,220,232
+ aesenc %xmm0,%xmm5
movl %r9d,112+12(%rsp)
cmpl $11,%eax
-.byte 102,15,56,220,240
-.byte 102,15,56,220,248
-.byte 102,68,15,56,220,192
-.byte 102,68,15,56,220,200
+ aesenc %xmm0,%xmm6
+ aesenc %xmm0,%xmm7
+ aesenc %xmm0,%xmm8
+ aesenc %xmm0,%xmm9
movups 160-128(%rcx),%xmm0
jb .Lctr32_enc_done
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
-.byte 102,15,56,220,241
-.byte 102,15,56,220,249
-.byte 102,68,15,56,220,193
-.byte 102,68,15,56,220,201
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
+ aesenc %xmm1,%xmm6
+ aesenc %xmm1,%xmm7
+ aesenc %xmm1,%xmm8
+ aesenc %xmm1,%xmm9
movups 176-128(%rcx),%xmm1
-.byte 102,15,56,220,208
-.byte 102,15,56,220,216
-.byte 102,15,56,220,224
-.byte 102,15,56,220,232
-.byte 102,15,56,220,240
-.byte 102,15,56,220,248
-.byte 102,68,15,56,220,192
-.byte 102,68,15,56,220,200
+ aesenc %xmm0,%xmm2
+ aesenc %xmm0,%xmm3
+ aesenc %xmm0,%xmm4
+ aesenc %xmm0,%xmm5
+ aesenc %xmm0,%xmm6
+ aesenc %xmm0,%xmm7
+ aesenc %xmm0,%xmm8
+ aesenc %xmm0,%xmm9
movups 192-128(%rcx),%xmm0
je .Lctr32_enc_done
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
-.byte 102,15,56,220,241
-.byte 102,15,56,220,249
-.byte 102,68,15,56,220,193
-.byte 102,68,15,56,220,201
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
+ aesenc %xmm1,%xmm6
+ aesenc %xmm1,%xmm7
+ aesenc %xmm1,%xmm8
+ aesenc %xmm1,%xmm9
movups 208-128(%rcx),%xmm1
-.byte 102,15,56,220,208
-.byte 102,15,56,220,216
-.byte 102,15,56,220,224
-.byte 102,15,56,220,232
-.byte 102,15,56,220,240
-.byte 102,15,56,220,248
-.byte 102,68,15,56,220,192
-.byte 102,68,15,56,220,200
+ aesenc %xmm0,%xmm2
+ aesenc %xmm0,%xmm3
+ aesenc %xmm0,%xmm4
+ aesenc %xmm0,%xmm5
+ aesenc %xmm0,%xmm6
+ aesenc %xmm0,%xmm7
+ aesenc %xmm0,%xmm8
+ aesenc %xmm0,%xmm9
movups 224-128(%rcx),%xmm0
jmp .Lctr32_enc_done
@@ -1163,35 +1163,35 @@
prefetcht0 448(%rdi)
prefetcht0 512(%rdi)
pxor %xmm0,%xmm15
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
-.byte 102,15,56,220,241
-.byte 102,15,56,220,249
-.byte 102,68,15,56,220,193
-.byte 102,68,15,56,220,201
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
+ aesenc %xmm1,%xmm6
+ aesenc %xmm1,%xmm7
+ aesenc %xmm1,%xmm8
+ aesenc %xmm1,%xmm9
movdqu 96(%rdi),%xmm1
leaq 128(%rdi),%rdi
-.byte 102,65,15,56,221,210
+ aesenclast %xmm10,%xmm2
pxor %xmm0,%xmm1
movdqu 112-128(%rdi),%xmm10
-.byte 102,65,15,56,221,219
+ aesenclast %xmm11,%xmm3
pxor %xmm0,%xmm10
movdqa 0(%rsp),%xmm11
-.byte 102,65,15,56,221,228
-.byte 102,65,15,56,221,237
+ aesenclast %xmm12,%xmm4
+ aesenclast %xmm13,%xmm5
movdqa 16(%rsp),%xmm12
movdqa 32(%rsp),%xmm13
-.byte 102,65,15,56,221,246
-.byte 102,65,15,56,221,255
+ aesenclast %xmm14,%xmm6
+ aesenclast %xmm15,%xmm7
movdqa 48(%rsp),%xmm14
movdqa 64(%rsp),%xmm15
-.byte 102,68,15,56,221,193
+ aesenclast %xmm1,%xmm8
movdqa 80(%rsp),%xmm0
movups 16-128(%rcx),%xmm1
-.byte 102,69,15,56,221,202
+ aesenclast %xmm10,%xmm9
movups %xmm2,(%rsi)
movdqa %xmm11,%xmm2
@@ -1230,19 +1230,19 @@
pxor %xmm9,%xmm9
movups 16(%rcx),%xmm0
-.byte 102,15,56,220,209
-.byte 102,15,56,220,217
+ aesenc %xmm1,%xmm2
+ aesenc %xmm1,%xmm3
leaq 32-16(%rcx,%rax,1),%rcx
negq %rax
-.byte 102,15,56,220,225
+ aesenc %xmm1,%xmm4
addq $16,%rax
movups (%rdi),%xmm10
-.byte 102,15,56,220,233
-.byte 102,15,56,220,241
+ aesenc %xmm1,%xmm5
+ aesenc %xmm1,%xmm6
movups 16(%rdi),%xmm11
movups 32(%rdi),%xmm12
-.byte 102,15,56,220,249
-.byte 102,68,15,56,220,193
+ aesenc %xmm1,%xmm7
+ aesenc %xmm1,%xmm8
call .Lenc_loop8_enter
@@ -1273,20 +1273,20 @@
.align 32
.Lctr32_loop4:
-.byte 102,15,56,220,209
+ aesenc %xmm1,%xmm2
leaq 16(%rcx),%rcx
decl %eax
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
-.byte 102,15,56,220,233
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
+ aesenc %xmm1,%xmm5
movups (%rcx),%xmm1
jnz .Lctr32_loop4
-.byte 102,15,56,221,209
-.byte 102,15,56,221,217
+ aesenclast %xmm1,%xmm2
+ aesenclast %xmm1,%xmm3
movups (%rdi),%xmm10
movups 16(%rdi),%xmm11
-.byte 102,15,56,221,225
-.byte 102,15,56,221,233
+ aesenclast %xmm1,%xmm4
+ aesenclast %xmm1,%xmm5
movups 32(%rdi),%xmm12
movups 48(%rdi),%xmm13
@@ -1302,16 +1302,16 @@
.align 32
.Lctr32_loop3:
-.byte 102,15,56,220,209
+ aesenc %xmm1,%xmm2
leaq 16(%rcx),%rcx
decl %eax
-.byte 102,15,56,220,217
-.byte 102,15,56,220,225
+ aesenc %xmm1,%xmm3
+ aesenc %xmm1,%xmm4
movups (%rcx),%xmm1
jnz .Lctr32_loop3
-.byte 102,15,56,221,209
-.byte 102,15,56,221,217
-.byte 102,15,56,221,225
+ aesenclast %xmm1,%xmm2
+ aesenclast %xmm1,%xmm3
+ aesenclast %xmm1,%xmm4
movups (%rdi),%xmm10
xorps %xmm10,%xmm2
@@ -1394,12 +1394,12 @@
leaq 32(%rcx),%rcx
xorps %xmm3,%xmm2
.Loop_enc1_6:
-.byte 102,15,56,220,209
+ aesenc %xmm1,%xmm2
decl %eax
movups (%rcx),%xmm1
leaq 16(%rcx),%rcx
jnz .Loop_enc1_6
-.byte 102,15,56,221,209
+ aesenclast %xmm1,%xmm2
movl %r10d,%eax
movq %r11,%rcx
movups %xmm2,0(%rsi)
@@ -1445,12 +1445,12 @@
leaq 32(%rcx),%rcx
xorps %xmm0,%xmm2
.Loop_dec1_7:
-.byte 102,15,56,222,209
+ aesdec %xmm1,%xmm2
decl %r10d
movups (%rcx),%xmm1
leaq 16(%rcx),%rcx
jnz .Loop_dec1_7
-.byte 102,15,56,223,209
+ aesdeclast %xmm1,%xmm2
pxor %xmm0,%xmm0
pxor %xmm1,%xmm1
movdqu %xmm4,(%r8)
@@ -1509,166 +1509,166 @@
pxor %xmm0,%xmm7
pxor %xmm0,%xmm8
-.byte 102,15,56,222,209
+ aesdec %xmm1,%xmm2
pxor %xmm0,%xmm9
movups 32-112(%rcx),%xmm0
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
-.byte 102,15,56,222,241
-.byte 102,15,56,222,249
-.byte 102,68,15,56,222,193
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
+ aesdec %xmm1,%xmm6
+ aesdec %xmm1,%xmm7
+ aesdec %xmm1,%xmm8
adcq $0,%rbp
andq $128,%rbp
-.byte 102,68,15,56,222,201
+ aesdec %xmm1,%xmm9
addq %rdi,%rbp
movups 48-112(%rcx),%xmm1
-.byte 102,15,56,222,208
-.byte 102,15,56,222,216
-.byte 102,15,56,222,224
-.byte 102,15,56,222,232
-.byte 102,15,56,222,240
-.byte 102,15,56,222,248
-.byte 102,68,15,56,222,192
-.byte 102,68,15,56,222,200
+ aesdec %xmm0,%xmm2
+ aesdec %xmm0,%xmm3
+ aesdec %xmm0,%xmm4
+ aesdec %xmm0,%xmm5
+ aesdec %xmm0,%xmm6
+ aesdec %xmm0,%xmm7
+ aesdec %xmm0,%xmm8
+ aesdec %xmm0,%xmm9
movups 64-112(%rcx),%xmm0
nop
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
-.byte 102,15,56,222,241
-.byte 102,15,56,222,249
-.byte 102,68,15,56,222,193
-.byte 102,68,15,56,222,201
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
+ aesdec %xmm1,%xmm6
+ aesdec %xmm1,%xmm7
+ aesdec %xmm1,%xmm8
+ aesdec %xmm1,%xmm9
movups 80-112(%rcx),%xmm1
nop
-.byte 102,15,56,222,208
-.byte 102,15,56,222,216
-.byte 102,15,56,222,224
-.byte 102,15,56,222,232
-.byte 102,15,56,222,240
-.byte 102,15,56,222,248
-.byte 102,68,15,56,222,192
-.byte 102,68,15,56,222,200
+ aesdec %xmm0,%xmm2
+ aesdec %xmm0,%xmm3
+ aesdec %xmm0,%xmm4
+ aesdec %xmm0,%xmm5
+ aesdec %xmm0,%xmm6
+ aesdec %xmm0,%xmm7
+ aesdec %xmm0,%xmm8
+ aesdec %xmm0,%xmm9
movups 96-112(%rcx),%xmm0
nop
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
-.byte 102,15,56,222,241
-.byte 102,15,56,222,249
-.byte 102,68,15,56,222,193
-.byte 102,68,15,56,222,201
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
+ aesdec %xmm1,%xmm6
+ aesdec %xmm1,%xmm7
+ aesdec %xmm1,%xmm8
+ aesdec %xmm1,%xmm9
movups 112-112(%rcx),%xmm1
nop
-.byte 102,15,56,222,208
-.byte 102,15,56,222,216
-.byte 102,15,56,222,224
-.byte 102,15,56,222,232
-.byte 102,15,56,222,240
-.byte 102,15,56,222,248
-.byte 102,68,15,56,222,192
-.byte 102,68,15,56,222,200
+ aesdec %xmm0,%xmm2
+ aesdec %xmm0,%xmm3
+ aesdec %xmm0,%xmm4
+ aesdec %xmm0,%xmm5
+ aesdec %xmm0,%xmm6
+ aesdec %xmm0,%xmm7
+ aesdec %xmm0,%xmm8
+ aesdec %xmm0,%xmm9
movups 128-112(%rcx),%xmm0
nop
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
-.byte 102,15,56,222,241
-.byte 102,15,56,222,249
-.byte 102,68,15,56,222,193
-.byte 102,68,15,56,222,201
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
+ aesdec %xmm1,%xmm6
+ aesdec %xmm1,%xmm7
+ aesdec %xmm1,%xmm8
+ aesdec %xmm1,%xmm9
movups 144-112(%rcx),%xmm1
cmpl $11,%eax
-.byte 102,15,56,222,208
-.byte 102,15,56,222,216
-.byte 102,15,56,222,224
-.byte 102,15,56,222,232
-.byte 102,15,56,222,240
-.byte 102,15,56,222,248
-.byte 102,68,15,56,222,192
-.byte 102,68,15,56,222,200
+ aesdec %xmm0,%xmm2
+ aesdec %xmm0,%xmm3
+ aesdec %xmm0,%xmm4
+ aesdec %xmm0,%xmm5
+ aesdec %xmm0,%xmm6
+ aesdec %xmm0,%xmm7
+ aesdec %xmm0,%xmm8
+ aesdec %xmm0,%xmm9
movups 160-112(%rcx),%xmm0
jb .Lcbc_dec_done
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
-.byte 102,15,56,222,241
-.byte 102,15,56,222,249
-.byte 102,68,15,56,222,193
-.byte 102,68,15,56,222,201
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
+ aesdec %xmm1,%xmm6
+ aesdec %xmm1,%xmm7
+ aesdec %xmm1,%xmm8
+ aesdec %xmm1,%xmm9
movups 176-112(%rcx),%xmm1
nop
-.byte 102,15,56,222,208
-.byte 102,15,56,222,216
-.byte 102,15,56,222,224
-.byte 102,15,56,222,232
-.byte 102,15,56,222,240
-.byte 102,15,56,222,248
-.byte 102,68,15,56,222,192
-.byte 102,68,15,56,222,200
+ aesdec %xmm0,%xmm2
+ aesdec %xmm0,%xmm3
+ aesdec %xmm0,%xmm4
+ aesdec %xmm0,%xmm5
+ aesdec %xmm0,%xmm6
+ aesdec %xmm0,%xmm7
+ aesdec %xmm0,%xmm8
+ aesdec %xmm0,%xmm9
movups 192-112(%rcx),%xmm0
je .Lcbc_dec_done
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
-.byte 102,15,56,222,241
-.byte 102,15,56,222,249
-.byte 102,68,15,56,222,193
-.byte 102,68,15,56,222,201
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
+ aesdec %xmm1,%xmm6
+ aesdec %xmm1,%xmm7
+ aesdec %xmm1,%xmm8
+ aesdec %xmm1,%xmm9
movups 208-112(%rcx),%xmm1
nop
-.byte 102,15,56,222,208
-.byte 102,15,56,222,216
-.byte 102,15,56,222,224
-.byte 102,15,56,222,232
-.byte 102,15,56,222,240
-.byte 102,15,56,222,248
-.byte 102,68,15,56,222,192
-.byte 102,68,15,56,222,200
+ aesdec %xmm0,%xmm2
+ aesdec %xmm0,%xmm3
+ aesdec %xmm0,%xmm4
+ aesdec %xmm0,%xmm5
+ aesdec %xmm0,%xmm6
+ aesdec %xmm0,%xmm7
+ aesdec %xmm0,%xmm8
+ aesdec %xmm0,%xmm9
movups 224-112(%rcx),%xmm0
jmp .Lcbc_dec_done
.align 16
.Lcbc_dec_done:
-.byte 102,15,56,222,209
-.byte 102,15,56,222,217
+ aesdec %xmm1,%xmm2
+ aesdec %xmm1,%xmm3
pxor %xmm0,%xmm10
pxor %xmm0,%xmm11
-.byte 102,15,56,222,225
-.byte 102,15,56,222,233
+ aesdec %xmm1,%xmm4
+ aesdec %xmm1,%xmm5
pxor %xmm0,%xmm12
pxor %xmm0,%xmm13
-.byte 102,15,56,222,241
-.byte 102,15,56,222,249
+ aesdec %xmm1,%xmm6
+ aesdec %xmm1,%xmm7
pxor %xmm0,%xmm14
pxor %xmm0,%xmm15
-.byte 102,68,15,56,222,193
-.byte 102,68,15,56,222,201
+ aesdec %xmm1,%xmm8
+ aesdec %xmm1,%xmm9
movdqu 80(%rdi),%xmm1
-.byte 102,65,15,56,223,210
+ aesdeclast %xmm10,%xmm2
movdqu 96(%rdi),%xmm10
pxor %xmm0,%xmm1
-.byte 102,65,15,56,223,219
+ aesdeclast %xmm11,%xmm3
pxor %xmm0,%xmm10
movdqu 112(%rdi),%xmm0
-.byte 102,65,15,56,223,228
+ aesdeclast %xmm12,%xmm4
leaq 128(%rdi),%rdi
movdqu 0(%rbp),%xmm11
-.byte 102,65,15,56,223,237
-.byte 102,65,15,56,223,246
+ aesdeclast %xmm13,%xmm5
+ aesdeclast %xmm14,%xmm6
movdqu 16(%rbp),%xmm12
movdqu 32(%rbp),%xmm13
-.byte 102,65,15,56,223,255
-.byte 102,68,15,56,223,193
+ aesdeclast %xmm15,%xmm7
+ aesdeclast %xmm1,%xmm8
movdqu 48(%rbp),%xmm14
movdqu 64(%rbp),%xmm15
-.byte 102,69,15,56,223,202
+ aesdeclast %xmm10,%xmm9
movdqa %xmm0,%xmm10
movdqu 80(%rbp),%xmm1
movups -112(%rcx),%xmm0
@@ -1812,12 +1812,12 @@
leaq 32(%rcx),%rcx
xorps %xmm0,%xmm2
.Loop_dec1_8:
-.byte 102,15,56,222,209
+ aesdec %xmm1,%xmm2
decl %eax
movups (%rcx),%xmm1
leaq 16(%rcx),%rcx
jnz .Loop_dec1_8
-.byte 102,15,56,223,209
+ aesdeclast %xmm1,%xmm2
xorps %xmm10,%xmm2
movaps %xmm11,%xmm10
jmp .Lcbc_dec_tail_collected
@@ -1928,8 +1928,8 @@
.Ldec_key_inverse:
movups (%rdi),%xmm0
movups (%rdx),%xmm1
-.byte 102,15,56,219,192
-.byte 102,15,56,219,201
+ aesimc %xmm0,%xmm0
+ aesimc %xmm1,%xmm1
leaq 16(%rdi),%rdi
leaq -16(%rdx),%rdx
movups %xmm0,16(%rdx)
@@ -1938,7 +1938,7 @@
ja .Ldec_key_inverse
movups (%rdi),%xmm0
-.byte 102,15,56,219,192
+ aesimc %xmm0,%xmm0
pxor %xmm1,%xmm1
movups %xmm0,(%rdx)
pxor %xmm0,%xmm0
@@ -1974,25 +1974,25 @@
movl $9,%esi
movups %xmm0,(%rdx)
-.byte 102,15,58,223,200,1
+ aeskeygenassist $0x1,%xmm0,%xmm1
call .Lkey_expansion_128_cold
-.byte 102,15,58,223,200,2
+ aeskeygenassist $0x2,%xmm0,%xmm1
call .Lkey_expansion_128
-.byte 102,15,58,223,200,4
+ aeskeygenassist $0x4,%xmm0,%xmm1
call .Lkey_expansion_128
-.byte 102,15,58,223,200,8
+ aeskeygenassist $0x8,%xmm0,%xmm1
call .Lkey_expansion_128
-.byte 102,15,58,223,200,16
+ aeskeygenassist $0x10,%xmm0,%xmm1
call .Lkey_expansion_128
-.byte 102,15,58,223,200,32
+ aeskeygenassist $0x20,%xmm0,%xmm1
call .Lkey_expansion_128
-.byte 102,15,58,223,200,64
+ aeskeygenassist $0x40,%xmm0,%xmm1
call .Lkey_expansion_128
-.byte 102,15,58,223,200,128
+ aeskeygenassist $0x80,%xmm0,%xmm1
call .Lkey_expansion_128
-.byte 102,15,58,223,200,27
+ aeskeygenassist $0x1b,%xmm0,%xmm1
call .Lkey_expansion_128
-.byte 102,15,58,223,200,54
+ aeskeygenassist $0x36,%xmm0,%xmm1
call .Lkey_expansion_128
movups %xmm0,(%rax)
movl %esi,80(%rax)
@@ -2005,21 +2005,21 @@
movl $11,%esi
movups %xmm0,(%rdx)
-.byte 102,15,58,223,202,1
+ aeskeygenassist $0x1,%xmm2,%xmm1
call .Lkey_expansion_192a_cold
-.byte 102,15,58,223,202,2
+ aeskeygenassist $0x2,%xmm2,%xmm1
call .Lkey_expansion_192b
-.byte 102,15,58,223,202,4
+ aeskeygenassist $0x4,%xmm2,%xmm1
call .Lkey_expansion_192a
-.byte 102,15,58,223,202,8
+ aeskeygenassist $0x8,%xmm2,%xmm1
call .Lkey_expansion_192b
-.byte 102,15,58,223,202,16
+ aeskeygenassist $0x10,%xmm2,%xmm1
call .Lkey_expansion_192a
-.byte 102,15,58,223,202,32
+ aeskeygenassist $0x20,%xmm2,%xmm1
call .Lkey_expansion_192b
-.byte 102,15,58,223,202,64
+ aeskeygenassist $0x40,%xmm2,%xmm1
call .Lkey_expansion_192a
-.byte 102,15,58,223,202,128
+ aeskeygenassist $0x80,%xmm2,%xmm1
call .Lkey_expansion_192b
movups %xmm0,(%rax)
movl %esi,48(%rax)
@@ -2034,31 +2034,31 @@
movups %xmm0,(%rdx)
movups %xmm2,16(%rdx)
-.byte 102,15,58,223,202,1
+ aeskeygenassist $0x1,%xmm2,%xmm1
call .Lkey_expansion_256a_cold
-.byte 102,15,58,223,200,1
+ aeskeygenassist $0x1,%xmm0,%xmm1
call .Lkey_expansion_256b
-.byte 102,15,58,223,202,2
+ aeskeygenassist $0x2,%xmm2,%xmm1
call .Lkey_expansion_256a
-.byte 102,15,58,223,200,2
+ aeskeygenassist $0x2,%xmm0,%xmm1
call .Lkey_expansion_256b
-.byte 102,15,58,223,202,4
+ aeskeygenassist $0x4,%xmm2,%xmm1
call .Lkey_expansion_256a
-.byte 102,15,58,223,200,4
+ aeskeygenassist $0x4,%xmm0,%xmm1
call .Lkey_expansion_256b
-.byte 102,15,58,223,202,8
+ aeskeygenassist $0x8,%xmm2,%xmm1
call .Lkey_expansion_256a
-.byte 102,15,58,223,200,8
+ aeskeygenassist $0x8,%xmm0,%xmm1
call .Lkey_expansion_256b
-.byte 102,15,58,223,202,16
+ aeskeygenassist $0x10,%xmm2,%xmm1
call .Lkey_expansion_256a
-.byte 102,15,58,223,200,16
+ aeskeygenassist $0x10,%xmm0,%xmm1
call .Lkey_expansion_256b
-.byte 102,15,58,223,202,32
+ aeskeygenassist $0x20,%xmm2,%xmm1
call .Lkey_expansion_256a
-.byte 102,15,58,223,200,32
+ aeskeygenassist $0x20,%xmm0,%xmm1
call .Lkey_expansion_256b
-.byte 102,15,58,223,202,64
+ aeskeygenassist $0x40,%xmm2,%xmm1
call .Lkey_expansion_256a
movups %xmm0,(%rax)
movl %esi,16(%rax)
@@ -2196,8 +2196,8 @@
.align 16
.Loop_key128:
-.byte 102,15,56,0,197
-.byte 102,15,56,221,196
+ pshufb %xmm5,%xmm0
+ aesenclast %xmm4,%xmm0
pslld $1,%xmm4
leaq 16(%rax),%rax
@@ -2218,8 +2218,8 @@
movdqa .Lkey_rcon1b(%rip),%xmm4
-.byte 102,15,56,0,197
-.byte 102,15,56,221,196
+ pshufb %xmm5,%xmm0
+ aesenclast %xmm4,%xmm0
pslld $1,%xmm4
movdqa %xmm2,%xmm3
@@ -2234,8 +2234,8 @@
movdqu %xmm0,(%rax)
movdqa %xmm0,%xmm2
-.byte 102,15,56,0,197
-.byte 102,15,56,221,196
+ pshufb %xmm5,%xmm0
+ aesenclast %xmm4,%xmm0
movdqa %xmm2,%xmm3
pslldq $4,%xmm2
@@ -2266,8 +2266,8 @@
.Loop_key192:
movq %xmm2,0(%rax)
movdqa %xmm2,%xmm1
-.byte 102,15,56,0,213
-.byte 102,15,56,221,212
+ pshufb %xmm5,%xmm2
+ aesenclast %xmm4,%xmm2
pslld $1,%xmm4
leaq 24(%rax),%rax
@@ -2310,8 +2310,8 @@
.align 16
.Loop_key256:
-.byte 102,15,56,0,213
-.byte 102,15,56,221,212
+ pshufb %xmm5,%xmm2
+ aesenclast %xmm4,%xmm2
movdqa %xmm0,%xmm3
pslldq $4,%xmm0
@@ -2330,7 +2330,7 @@
pshufd $0xff,%xmm0,%xmm2
pxor %xmm3,%xmm3
-.byte 102,15,56,221,211
+ aesenclast %xmm3,%xmm2
movdqa %xmm1,%xmm3
pslldq $4,%xmm1
diff --git a/src/gen/bcm/aesni-x86_64-win.asm b/src/gen/bcm/aesni-x86_64-win.asm
index c585507..8e592cd 100644
--- a/src/gen/bcm/aesni-x86_64-win.asm
+++ b/src/gen/bcm/aesni-x86_64-win.asm
@@ -30,12 +30,12 @@
lea r8,[32+r8]
xorps xmm2,xmm0
$L$oop_enc1_1:
- DB 102,15,56,220,209
+ aesenc xmm2,xmm1
dec eax
movups xmm1,XMMWORD[r8]
lea r8,[16+r8]
jnz NEAR $L$oop_enc1_1
- DB 102,15,56,221,209
+ aesenclast xmm2,xmm1
pxor xmm0,xmm0
pxor xmm1,xmm1
movups XMMWORD[rdx],xmm2
@@ -57,12 +57,12 @@
lea r8,[32+r8]
xorps xmm2,xmm0
$L$oop_dec1_2:
- DB 102,15,56,222,209
+ aesdec xmm2,xmm1
dec eax
movups xmm1,XMMWORD[r8]
lea r8,[16+r8]
jnz NEAR $L$oop_dec1_2
- DB 102,15,56,223,209
+ aesdeclast xmm2,xmm1
pxor xmm0,xmm0
pxor xmm1,xmm1
movups XMMWORD[rdx],xmm2
@@ -85,19 +85,19 @@
add rax,16
$L$enc_loop2:
- DB 102,15,56,220,209
- DB 102,15,56,220,217
+ aesenc xmm2,xmm1
+ aesenc xmm3,xmm1
movups xmm1,XMMWORD[rax*1+rcx]
add rax,32
- DB 102,15,56,220,208
- DB 102,15,56,220,216
+ aesenc xmm2,xmm0
+ aesenc xmm3,xmm0
movups xmm0,XMMWORD[((-16))+rax*1+rcx]
jnz NEAR $L$enc_loop2
- DB 102,15,56,220,209
- DB 102,15,56,220,217
- DB 102,15,56,221,208
- DB 102,15,56,221,216
+ aesenc xmm2,xmm1
+ aesenc xmm3,xmm1
+ aesenclast xmm2,xmm0
+ aesenclast xmm3,xmm0
ret
@@ -116,19 +116,19 @@
add rax,16
$L$dec_loop2:
- DB 102,15,56,222,209
- DB 102,15,56,222,217
+ aesdec xmm2,xmm1
+ aesdec xmm3,xmm1
movups xmm1,XMMWORD[rax*1+rcx]
add rax,32
- DB 102,15,56,222,208
- DB 102,15,56,222,216
+ aesdec xmm2,xmm0
+ aesdec xmm3,xmm0
movups xmm0,XMMWORD[((-16))+rax*1+rcx]
jnz NEAR $L$dec_loop2
- DB 102,15,56,222,209
- DB 102,15,56,222,217
- DB 102,15,56,223,208
- DB 102,15,56,223,216
+ aesdec xmm2,xmm1
+ aesdec xmm3,xmm1
+ aesdeclast xmm2,xmm0
+ aesdeclast xmm3,xmm0
ret
@@ -148,23 +148,23 @@
add rax,16
$L$enc_loop3:
- DB 102,15,56,220,209
- DB 102,15,56,220,217
- DB 102,15,56,220,225
+ aesenc xmm2,xmm1
+ aesenc xmm3,xmm1
+ aesenc xmm4,xmm1
movups xmm1,XMMWORD[rax*1+rcx]
add rax,32
- DB 102,15,56,220,208
- DB 102,15,56,220,216
- DB 102,15,56,220,224
+ aesenc xmm2,xmm0
+ aesenc xmm3,xmm0
+ aesenc xmm4,xmm0
movups xmm0,XMMWORD[((-16))+rax*1+rcx]
jnz NEAR $L$enc_loop3
- DB 102,15,56,220,209
- DB 102,15,56,220,217
- DB 102,15,56,220,225
- DB 102,15,56,221,208
- DB 102,15,56,221,216
- DB 102,15,56,221,224
+ aesenc xmm2,xmm1
+ aesenc xmm3,xmm1
+ aesenc xmm4,xmm1
+ aesenclast xmm2,xmm0
+ aesenclast xmm3,xmm0
+ aesenclast xmm4,xmm0
ret
@@ -184,23 +184,23 @@
add rax,16
$L$dec_loop3:
- DB 102,15,56,222,209
- DB 102,15,56,222,217
- DB 102,15,56,222,225
+ aesdec xmm2,xmm1
+ aesdec xmm3,xmm1
+ aesdec xmm4,xmm1
movups xmm1,XMMWORD[rax*1+rcx]
add rax,32
- DB 102,15,56,222,208
- DB 102,15,56,222,216
- DB 102,15,56,222,224
+ aesdec xmm2,xmm0
+ aesdec xmm3,xmm0
+ aesdec xmm4,xmm0
movups xmm0,XMMWORD[((-16))+rax*1+rcx]
jnz NEAR $L$dec_loop3
- DB 102,15,56,222,209
- DB 102,15,56,222,217
- DB 102,15,56,222,225
- DB 102,15,56,223,208
- DB 102,15,56,223,216
- DB 102,15,56,223,224
+ aesdec xmm2,xmm1
+ aesdec xmm3,xmm1
+ aesdec xmm4,xmm1
+ aesdeclast xmm2,xmm0
+ aesdeclast xmm3,xmm0
+ aesdeclast xmm4,xmm0
ret
@@ -222,27 +222,27 @@
add rax,16
$L$enc_loop4:
- DB 102,15,56,220,209
- DB 102,15,56,220,217
- DB 102,15,56,220,225
- DB 102,15,56,220,233
+ aesenc xmm2,xmm1
+ aesenc xmm3,xmm1
+ aesenc xmm4,xmm1
+ aesenc xmm5,xmm1
movups xmm1,XMMWORD[rax*1+rcx]
add rax,32
- DB 102,15,56,220,208
- DB 102,15,56,220,216
- DB 102,15,56,220,224
- DB 102,15,56,220,232
+ aesenc xmm2,xmm0
+ aesenc xmm3,xmm0
+ aesenc xmm4,xmm0
+ aesenc xmm5,xmm0
movups xmm0,XMMWORD[((-16))+rax*1+rcx]
jnz NEAR $L$enc_loop4
- DB 102,15,56,220,209
- DB 102,15,56,220,217
- DB 102,15,56,220,225
- DB 102,15,56,220,233
- DB 102,15,56,221,208
- DB 102,15,56,221,216
- DB 102,15,56,221,224
- DB 102,15,56,221,232
+ aesenc xmm2,xmm1
+ aesenc xmm3,xmm1
+ aesenc xmm4,xmm1
+ aesenc xmm5,xmm1
+ aesenclast xmm2,xmm0
+ aesenclast xmm3,xmm0
+ aesenclast xmm4,xmm0
+ aesenclast xmm5,xmm0
ret
@@ -264,27 +264,27 @@
add rax,16
$L$dec_loop4:
- DB 102,15,56,222,209
- DB 102,15,56,222,217
- DB 102,15,56,222,225
- DB 102,15,56,222,233
+ aesdec xmm2,xmm1
+ aesdec xmm3,xmm1
+ aesdec xmm4,xmm1
+ aesdec xmm5,xmm1
movups xmm1,XMMWORD[rax*1+rcx]
add rax,32
- DB 102,15,56,222,208
- DB 102,15,56,222,216
- DB 102,15,56,222,224
- DB 102,15,56,222,232
+ aesdec xmm2,xmm0
+ aesdec xmm3,xmm0
+ aesdec xmm4,xmm0
+ aesdec xmm5,xmm0
movups xmm0,XMMWORD[((-16))+rax*1+rcx]
jnz NEAR $L$dec_loop4
- DB 102,15,56,222,209
- DB 102,15,56,222,217
- DB 102,15,56,222,225
- DB 102,15,56,222,233
- DB 102,15,56,223,208
- DB 102,15,56,223,216
- DB 102,15,56,223,224
- DB 102,15,56,223,232
+ aesdec xmm2,xmm1
+ aesdec xmm3,xmm1
+ aesdec xmm4,xmm1
+ aesdec xmm5,xmm1
+ aesdeclast xmm2,xmm0
+ aesdeclast xmm3,xmm0
+ aesdeclast xmm4,xmm0
+ aesdeclast xmm5,xmm0
ret
@@ -298,49 +298,49 @@
xorps xmm2,xmm0
pxor xmm3,xmm0
pxor xmm4,xmm0
- DB 102,15,56,220,209
+ aesenc xmm2,xmm1
lea rcx,[32+rax*1+rcx]
neg rax
- DB 102,15,56,220,217
+ aesenc xmm3,xmm1
pxor xmm5,xmm0
pxor xmm6,xmm0
- DB 102,15,56,220,225
+ aesenc xmm4,xmm1
pxor xmm7,xmm0
movups xmm0,XMMWORD[rax*1+rcx]
add rax,16
jmp NEAR $L$enc_loop6_enter
ALIGN 16
$L$enc_loop6:
- DB 102,15,56,220,209
- DB 102,15,56,220,217
- DB 102,15,56,220,225
+ aesenc xmm2,xmm1
+ aesenc xmm3,xmm1
+ aesenc xmm4,xmm1
$L$enc_loop6_enter:
- DB 102,15,56,220,233
- DB 102,15,56,220,241
- DB 102,15,56,220,249
+ aesenc xmm5,xmm1
+ aesenc xmm6,xmm1
+ aesenc xmm7,xmm1
movups xmm1,XMMWORD[rax*1+rcx]
add rax,32
- DB 102,15,56,220,208
- DB 102,15,56,220,216
- DB 102,15,56,220,224
- DB 102,15,56,220,232
- DB 102,15,56,220,240
- DB 102,15,56,220,248
+ aesenc xmm2,xmm0
+ aesenc xmm3,xmm0
+ aesenc xmm4,xmm0
+ aesenc xmm5,xmm0
+ aesenc xmm6,xmm0
+ aesenc xmm7,xmm0
movups xmm0,XMMWORD[((-16))+rax*1+rcx]
jnz NEAR $L$enc_loop6
- DB 102,15,56,220,209
- DB 102,15,56,220,217
- DB 102,15,56,220,225
- DB 102,15,56,220,233
- DB 102,15,56,220,241
- DB 102,15,56,220,249
- DB 102,15,56,221,208
- DB 102,15,56,221,216
- DB 102,15,56,221,224
- DB 102,15,56,221,232
- DB 102,15,56,221,240
- DB 102,15,56,221,248
+ aesenc xmm2,xmm1
+ aesenc xmm3,xmm1
+ aesenc xmm4,xmm1
+ aesenc xmm5,xmm1
+ aesenc xmm6,xmm1
+ aesenc xmm7,xmm1
+ aesenclast xmm2,xmm0
+ aesenclast xmm3,xmm0
+ aesenclast xmm4,xmm0
+ aesenclast xmm5,xmm0
+ aesenclast xmm6,xmm0
+ aesenclast xmm7,xmm0
ret
@@ -354,49 +354,49 @@
xorps xmm2,xmm0
pxor xmm3,xmm0
pxor xmm4,xmm0
- DB 102,15,56,222,209
+ aesdec xmm2,xmm1
lea rcx,[32+rax*1+rcx]
neg rax
- DB 102,15,56,222,217
+ aesdec xmm3,xmm1
pxor xmm5,xmm0
pxor xmm6,xmm0
- DB 102,15,56,222,225
+ aesdec xmm4,xmm1
pxor xmm7,xmm0
movups xmm0,XMMWORD[rax*1+rcx]
add rax,16
jmp NEAR $L$dec_loop6_enter
ALIGN 16
$L$dec_loop6:
- DB 102,15,56,222,209
- DB 102,15,56,222,217
- DB 102,15,56,222,225
+ aesdec xmm2,xmm1
+ aesdec xmm3,xmm1
+ aesdec xmm4,xmm1
$L$dec_loop6_enter:
- DB 102,15,56,222,233
- DB 102,15,56,222,241
- DB 102,15,56,222,249
+ aesdec xmm5,xmm1
+ aesdec xmm6,xmm1
+ aesdec xmm7,xmm1
movups xmm1,XMMWORD[rax*1+rcx]
add rax,32
- DB 102,15,56,222,208
- DB 102,15,56,222,216
- DB 102,15,56,222,224
- DB 102,15,56,222,232
- DB 102,15,56,222,240
- DB 102,15,56,222,248
+ aesdec xmm2,xmm0
+ aesdec xmm3,xmm0
+ aesdec xmm4,xmm0
+ aesdec xmm5,xmm0
+ aesdec xmm6,xmm0
+ aesdec xmm7,xmm0
movups xmm0,XMMWORD[((-16))+rax*1+rcx]
jnz NEAR $L$dec_loop6
- DB 102,15,56,222,209
- DB 102,15,56,222,217
- DB 102,15,56,222,225
- DB 102,15,56,222,233
- DB 102,15,56,222,241
- DB 102,15,56,222,249
- DB 102,15,56,223,208
- DB 102,15,56,223,216
- DB 102,15,56,223,224
- DB 102,15,56,223,232
- DB 102,15,56,223,240
- DB 102,15,56,223,248
+ aesdec xmm2,xmm1
+ aesdec xmm3,xmm1
+ aesdec xmm4,xmm1
+ aesdec xmm5,xmm1
+ aesdec xmm6,xmm1
+ aesdec xmm7,xmm1
+ aesdeclast xmm2,xmm0
+ aesdeclast xmm3,xmm0
+ aesdeclast xmm4,xmm0
+ aesdeclast xmm5,xmm0
+ aesdeclast xmm6,xmm0
+ aesdeclast xmm7,xmm0
ret
@@ -414,55 +414,55 @@
pxor xmm6,xmm0
lea rcx,[32+rax*1+rcx]
neg rax
- DB 102,15,56,220,209
+ aesenc xmm2,xmm1
pxor xmm7,xmm0
pxor xmm8,xmm0
- DB 102,15,56,220,217
+ aesenc xmm3,xmm1
pxor xmm9,xmm0
movups xmm0,XMMWORD[rax*1+rcx]
add rax,16
jmp NEAR $L$enc_loop8_inner
ALIGN 16
$L$enc_loop8:
- DB 102,15,56,220,209
- DB 102,15,56,220,217
+ aesenc xmm2,xmm1
+ aesenc xmm3,xmm1
$L$enc_loop8_inner:
- DB 102,15,56,220,225
- DB 102,15,56,220,233
- DB 102,15,56,220,241
- DB 102,15,56,220,249
- DB 102,68,15,56,220,193
- DB 102,68,15,56,220,201
+ aesenc xmm4,xmm1
+ aesenc xmm5,xmm1
+ aesenc xmm6,xmm1
+ aesenc xmm7,xmm1
+ aesenc xmm8,xmm1
+ aesenc xmm9,xmm1
$L$enc_loop8_enter:
movups xmm1,XMMWORD[rax*1+rcx]
add rax,32
- DB 102,15,56,220,208
- DB 102,15,56,220,216
- DB 102,15,56,220,224
- DB 102,15,56,220,232
- DB 102,15,56,220,240
- DB 102,15,56,220,248
- DB 102,68,15,56,220,192
- DB 102,68,15,56,220,200
+ aesenc xmm2,xmm0
+ aesenc xmm3,xmm0
+ aesenc xmm4,xmm0
+ aesenc xmm5,xmm0
+ aesenc xmm6,xmm0
+ aesenc xmm7,xmm0
+ aesenc xmm8,xmm0
+ aesenc xmm9,xmm0
movups xmm0,XMMWORD[((-16))+rax*1+rcx]
jnz NEAR $L$enc_loop8
- DB 102,15,56,220,209
- DB 102,15,56,220,217
- DB 102,15,56,220,225
- DB 102,15,56,220,233
- DB 102,15,56,220,241
- DB 102,15,56,220,249
- DB 102,68,15,56,220,193
- DB 102,68,15,56,220,201
- DB 102,15,56,221,208
- DB 102,15,56,221,216
- DB 102,15,56,221,224
- DB 102,15,56,221,232
- DB 102,15,56,221,240
- DB 102,15,56,221,248
- DB 102,68,15,56,221,192
- DB 102,68,15,56,221,200
+ aesenc xmm2,xmm1
+ aesenc xmm3,xmm1
+ aesenc xmm4,xmm1
+ aesenc xmm5,xmm1
+ aesenc xmm6,xmm1
+ aesenc xmm7,xmm1
+ aesenc xmm8,xmm1
+ aesenc xmm9,xmm1
+ aesenclast xmm2,xmm0
+ aesenclast xmm3,xmm0
+ aesenclast xmm4,xmm0
+ aesenclast xmm5,xmm0
+ aesenclast xmm6,xmm0
+ aesenclast xmm7,xmm0
+ aesenclast xmm8,xmm0
+ aesenclast xmm9,xmm0
ret
@@ -480,55 +480,55 @@
pxor xmm6,xmm0
lea rcx,[32+rax*1+rcx]
neg rax
- DB 102,15,56,222,209
+ aesdec xmm2,xmm1
pxor xmm7,xmm0
pxor xmm8,xmm0
- DB 102,15,56,222,217
+ aesdec xmm3,xmm1
pxor xmm9,xmm0
movups xmm0,XMMWORD[rax*1+rcx]
add rax,16
jmp NEAR $L$dec_loop8_inner
ALIGN 16
$L$dec_loop8:
- DB 102,15,56,222,209
- DB 102,15,56,222,217
+ aesdec xmm2,xmm1
+ aesdec xmm3,xmm1
$L$dec_loop8_inner:
- DB 102,15,56,222,225
- DB 102,15,56,222,233
- DB 102,15,56,222,241
- DB 102,15,56,222,249
- DB 102,68,15,56,222,193
- DB 102,68,15,56,222,201
+ aesdec xmm4,xmm1
+ aesdec xmm5,xmm1
+ aesdec xmm6,xmm1
+ aesdec xmm7,xmm1
+ aesdec xmm8,xmm1
+ aesdec xmm9,xmm1
$L$dec_loop8_enter:
movups xmm1,XMMWORD[rax*1+rcx]
add rax,32
- DB 102,15,56,222,208
- DB 102,15,56,222,216
- DB 102,15,56,222,224
- DB 102,15,56,222,232
- DB 102,15,56,222,240
- DB 102,15,56,222,248
- DB 102,68,15,56,222,192
- DB 102,68,15,56,222,200
+ aesdec xmm2,xmm0
+ aesdec xmm3,xmm0
+ aesdec xmm4,xmm0
+ aesdec xmm5,xmm0
+ aesdec xmm6,xmm0
+ aesdec xmm7,xmm0
+ aesdec xmm8,xmm0
+ aesdec xmm9,xmm0
movups xmm0,XMMWORD[((-16))+rax*1+rcx]
jnz NEAR $L$dec_loop8
- DB 102,15,56,222,209
- DB 102,15,56,222,217
- DB 102,15,56,222,225
- DB 102,15,56,222,233
- DB 102,15,56,222,241
- DB 102,15,56,222,249
- DB 102,68,15,56,222,193
- DB 102,68,15,56,222,201
- DB 102,15,56,223,208
- DB 102,15,56,223,216
- DB 102,15,56,223,224
- DB 102,15,56,223,232
- DB 102,15,56,223,240
- DB 102,15,56,223,248
- DB 102,68,15,56,223,192
- DB 102,68,15,56,223,200
+ aesdec xmm2,xmm1
+ aesdec xmm3,xmm1
+ aesdec xmm4,xmm1
+ aesdec xmm5,xmm1
+ aesdec xmm6,xmm1
+ aesdec xmm7,xmm1
+ aesdec xmm8,xmm1
+ aesdec xmm9,xmm1
+ aesdeclast xmm2,xmm0
+ aesdeclast xmm3,xmm0
+ aesdeclast xmm4,xmm0
+ aesdeclast xmm5,xmm0
+ aesdeclast xmm6,xmm0
+ aesdeclast xmm7,xmm0
+ aesdeclast xmm8,xmm0
+ aesdeclast xmm9,xmm0
ret
@@ -656,12 +656,12 @@
lea rcx,[32+rcx]
xorps xmm2,xmm0
$L$oop_enc1_3:
- DB 102,15,56,220,209
+ aesenc xmm2,xmm1
dec eax
movups xmm1,XMMWORD[rcx]
lea rcx,[16+rcx]
jnz NEAR $L$oop_enc1_3
- DB 102,15,56,221,209
+ aesenclast xmm2,xmm1
movups XMMWORD[rsi],xmm2
jmp NEAR $L$ecb_ret
ALIGN 16
@@ -817,12 +817,12 @@
lea rcx,[32+rcx]
xorps xmm2,xmm0
$L$oop_dec1_4:
- DB 102,15,56,222,209
+ aesdec xmm2,xmm1
dec eax
movups xmm1,XMMWORD[rcx]
lea rcx,[16+rcx]
jnz NEAR $L$oop_dec1_4
- DB 102,15,56,223,209
+ aesdeclast xmm2,xmm1
movups XMMWORD[rsi],xmm2
pxor xmm2,xmm2
jmp NEAR $L$ecb_ret
@@ -939,12 +939,12 @@
lea rcx,[32+rcx]
xorps xmm2,xmm0
$L$oop_enc1_5:
- DB 102,15,56,220,209
+ aesenc xmm2,xmm1
dec edx
movups xmm1,XMMWORD[rcx]
lea rcx,[16+rcx]
jnz NEAR $L$oop_enc1_5
- DB 102,15,56,221,209
+ aesenclast xmm2,xmm1
pxor xmm0,xmm0
pxor xmm1,xmm1
xorps xmm2,xmm3
@@ -998,17 +998,17 @@
bswap edx
xor eax,ebp
xor edx,ebp
-DB 102,15,58,34,216,3
+ pinsrd xmm3,eax,3
lea rax,[3+r8]
movdqa XMMWORD[16+rsp],xmm3
-DB 102,15,58,34,226,3
+ pinsrd xmm4,edx,3
bswap eax
mov rdx,r10
lea r10,[4+r8]
movdqa XMMWORD[32+rsp],xmm4
xor eax,ebp
bswap r10d
-DB 102,15,58,34,232,3
+ pinsrd xmm5,eax,3
xor r10d,ebp
movdqa XMMWORD[48+rsp],xmm5
lea r9,[5+r8]
@@ -1042,163 +1042,163 @@
$L$ctr32_loop8:
add r8d,8
movdqa xmm8,XMMWORD[96+rsp]
- DB 102,15,56,220,209
+ aesenc xmm2,xmm1
mov r9d,r8d
movdqa xmm9,XMMWORD[112+rsp]
- DB 102,15,56,220,217
+ aesenc xmm3,xmm1
bswap r9d
movups xmm0,XMMWORD[((32-128))+rcx]
- DB 102,15,56,220,225
+ aesenc xmm4,xmm1
xor r9d,ebp
nop
- DB 102,15,56,220,233
+ aesenc xmm5,xmm1
mov DWORD[((0+12))+rsp],r9d
lea r9,[1+r8]
- DB 102,15,56,220,241
- DB 102,15,56,220,249
- DB 102,68,15,56,220,193
- DB 102,68,15,56,220,201
+ aesenc xmm6,xmm1
+ aesenc xmm7,xmm1
+ aesenc xmm8,xmm1
+ aesenc xmm9,xmm1
movups xmm1,XMMWORD[((48-128))+rcx]
bswap r9d
- DB 102,15,56,220,208
- DB 102,15,56,220,216
+ aesenc xmm2,xmm0
+ aesenc xmm3,xmm0
xor r9d,ebp
DB 0x66,0x90
- DB 102,15,56,220,224
- DB 102,15,56,220,232
+ aesenc xmm4,xmm0
+ aesenc xmm5,xmm0
mov DWORD[((16+12))+rsp],r9d
lea r9,[2+r8]
- DB 102,15,56,220,240
- DB 102,15,56,220,248
- DB 102,68,15,56,220,192
- DB 102,68,15,56,220,200
+ aesenc xmm6,xmm0
+ aesenc xmm7,xmm0
+ aesenc xmm8,xmm0
+ aesenc xmm9,xmm0
movups xmm0,XMMWORD[((64-128))+rcx]
bswap r9d
- DB 102,15,56,220,209
- DB 102,15,56,220,217
+ aesenc xmm2,xmm1
+ aesenc xmm3,xmm1
xor r9d,ebp
DB 0x66,0x90
- DB 102,15,56,220,225
- DB 102,15,56,220,233
+ aesenc xmm4,xmm1
+ aesenc xmm5,xmm1
mov DWORD[((32+12))+rsp],r9d
lea r9,[3+r8]
- DB 102,15,56,220,241
- DB 102,15,56,220,249
- DB 102,68,15,56,220,193
- DB 102,68,15,56,220,201
+ aesenc xmm6,xmm1
+ aesenc xmm7,xmm1
+ aesenc xmm8,xmm1
+ aesenc xmm9,xmm1
movups xmm1,XMMWORD[((80-128))+rcx]
bswap r9d
- DB 102,15,56,220,208
- DB 102,15,56,220,216
+ aesenc xmm2,xmm0
+ aesenc xmm3,xmm0
xor r9d,ebp
DB 0x66,0x90
- DB 102,15,56,220,224
- DB 102,15,56,220,232
+ aesenc xmm4,xmm0
+ aesenc xmm5,xmm0
mov DWORD[((48+12))+rsp],r9d
lea r9,[4+r8]
- DB 102,15,56,220,240
- DB 102,15,56,220,248
- DB 102,68,15,56,220,192
- DB 102,68,15,56,220,200
+ aesenc xmm6,xmm0
+ aesenc xmm7,xmm0
+ aesenc xmm8,xmm0
+ aesenc xmm9,xmm0
movups xmm0,XMMWORD[((96-128))+rcx]
bswap r9d
- DB 102,15,56,220,209
- DB 102,15,56,220,217
+ aesenc xmm2,xmm1
+ aesenc xmm3,xmm1
xor r9d,ebp
DB 0x66,0x90
- DB 102,15,56,220,225
- DB 102,15,56,220,233
+ aesenc xmm4,xmm1
+ aesenc xmm5,xmm1
mov DWORD[((64+12))+rsp],r9d
lea r9,[5+r8]
- DB 102,15,56,220,241
- DB 102,15,56,220,249
- DB 102,68,15,56,220,193
- DB 102,68,15,56,220,201
+ aesenc xmm6,xmm1
+ aesenc xmm7,xmm1
+ aesenc xmm8,xmm1
+ aesenc xmm9,xmm1
movups xmm1,XMMWORD[((112-128))+rcx]
bswap r9d
- DB 102,15,56,220,208
- DB 102,15,56,220,216
+ aesenc xmm2,xmm0
+ aesenc xmm3,xmm0
xor r9d,ebp
DB 0x66,0x90
- DB 102,15,56,220,224
- DB 102,15,56,220,232
+ aesenc xmm4,xmm0
+ aesenc xmm5,xmm0
mov DWORD[((80+12))+rsp],r9d
lea r9,[6+r8]
- DB 102,15,56,220,240
- DB 102,15,56,220,248
- DB 102,68,15,56,220,192
- DB 102,68,15,56,220,200
+ aesenc xmm6,xmm0
+ aesenc xmm7,xmm0
+ aesenc xmm8,xmm0
+ aesenc xmm9,xmm0
movups xmm0,XMMWORD[((128-128))+rcx]
bswap r9d
- DB 102,15,56,220,209
- DB 102,15,56,220,217
+ aesenc xmm2,xmm1
+ aesenc xmm3,xmm1
xor r9d,ebp
DB 0x66,0x90
- DB 102,15,56,220,225
- DB 102,15,56,220,233
+ aesenc xmm4,xmm1
+ aesenc xmm5,xmm1
mov DWORD[((96+12))+rsp],r9d
lea r9,[7+r8]
- DB 102,15,56,220,241
- DB 102,15,56,220,249
- DB 102,68,15,56,220,193
- DB 102,68,15,56,220,201
+ aesenc xmm6,xmm1
+ aesenc xmm7,xmm1
+ aesenc xmm8,xmm1
+ aesenc xmm9,xmm1
movups xmm1,XMMWORD[((144-128))+rcx]
bswap r9d
- DB 102,15,56,220,208
- DB 102,15,56,220,216
- DB 102,15,56,220,224
+ aesenc xmm2,xmm0
+ aesenc xmm3,xmm0
+ aesenc xmm4,xmm0
xor r9d,ebp
movdqu xmm10,XMMWORD[rdi]
- DB 102,15,56,220,232
+ aesenc xmm5,xmm0
mov DWORD[((112+12))+rsp],r9d
cmp eax,11
- DB 102,15,56,220,240
- DB 102,15,56,220,248
- DB 102,68,15,56,220,192
- DB 102,68,15,56,220,200
+ aesenc xmm6,xmm0
+ aesenc xmm7,xmm0
+ aesenc xmm8,xmm0
+ aesenc xmm9,xmm0
movups xmm0,XMMWORD[((160-128))+rcx]
jb NEAR $L$ctr32_enc_done
- DB 102,15,56,220,209
- DB 102,15,56,220,217
- DB 102,15,56,220,225
- DB 102,15,56,220,233
- DB 102,15,56,220,241
- DB 102,15,56,220,249
- DB 102,68,15,56,220,193
- DB 102,68,15,56,220,201
+ aesenc xmm2,xmm1
+ aesenc xmm3,xmm1
+ aesenc xmm4,xmm1
+ aesenc xmm5,xmm1
+ aesenc xmm6,xmm1
+ aesenc xmm7,xmm1
+ aesenc xmm8,xmm1
+ aesenc xmm9,xmm1
movups xmm1,XMMWORD[((176-128))+rcx]
- DB 102,15,56,220,208
- DB 102,15,56,220,216
- DB 102,15,56,220,224
- DB 102,15,56,220,232
- DB 102,15,56,220,240
- DB 102,15,56,220,248
- DB 102,68,15,56,220,192
- DB 102,68,15,56,220,200
+ aesenc xmm2,xmm0
+ aesenc xmm3,xmm0
+ aesenc xmm4,xmm0
+ aesenc xmm5,xmm0
+ aesenc xmm6,xmm0
+ aesenc xmm7,xmm0
+ aesenc xmm8,xmm0
+ aesenc xmm9,xmm0
movups xmm0,XMMWORD[((192-128))+rcx]
je NEAR $L$ctr32_enc_done
- DB 102,15,56,220,209
- DB 102,15,56,220,217
- DB 102,15,56,220,225
- DB 102,15,56,220,233
- DB 102,15,56,220,241
- DB 102,15,56,220,249
- DB 102,68,15,56,220,193
- DB 102,68,15,56,220,201
+ aesenc xmm2,xmm1
+ aesenc xmm3,xmm1
+ aesenc xmm4,xmm1
+ aesenc xmm5,xmm1
+ aesenc xmm6,xmm1
+ aesenc xmm7,xmm1
+ aesenc xmm8,xmm1
+ aesenc xmm9,xmm1
movups xmm1,XMMWORD[((208-128))+rcx]
- DB 102,15,56,220,208
- DB 102,15,56,220,216
- DB 102,15,56,220,224
- DB 102,15,56,220,232
- DB 102,15,56,220,240
- DB 102,15,56,220,248
- DB 102,68,15,56,220,192
- DB 102,68,15,56,220,200
+ aesenc xmm2,xmm0
+ aesenc xmm3,xmm0
+ aesenc xmm4,xmm0
+ aesenc xmm5,xmm0
+ aesenc xmm6,xmm0
+ aesenc xmm7,xmm0
+ aesenc xmm8,xmm0
+ aesenc xmm9,xmm0
movups xmm0,XMMWORD[((224-128))+rcx]
jmp NEAR $L$ctr32_enc_done
@@ -1217,35 +1217,35 @@
prefetcht0 [448+rdi]
prefetcht0 [512+rdi]
pxor xmm15,xmm0
- DB 102,15,56,220,209
- DB 102,15,56,220,217
- DB 102,15,56,220,225
- DB 102,15,56,220,233
- DB 102,15,56,220,241
- DB 102,15,56,220,249
- DB 102,68,15,56,220,193
- DB 102,68,15,56,220,201
+ aesenc xmm2,xmm1
+ aesenc xmm3,xmm1
+ aesenc xmm4,xmm1
+ aesenc xmm5,xmm1
+ aesenc xmm6,xmm1
+ aesenc xmm7,xmm1
+ aesenc xmm8,xmm1
+ aesenc xmm9,xmm1
movdqu xmm1,XMMWORD[96+rdi]
lea rdi,[128+rdi]
- DB 102,65,15,56,221,210
+ aesenclast xmm2,xmm10
pxor xmm1,xmm0
movdqu xmm10,XMMWORD[((112-128))+rdi]
- DB 102,65,15,56,221,219
+ aesenclast xmm3,xmm11
pxor xmm10,xmm0
movdqa xmm11,XMMWORD[rsp]
- DB 102,65,15,56,221,228
- DB 102,65,15,56,221,237
+ aesenclast xmm4,xmm12
+ aesenclast xmm5,xmm13
movdqa xmm12,XMMWORD[16+rsp]
movdqa xmm13,XMMWORD[32+rsp]
- DB 102,65,15,56,221,246
- DB 102,65,15,56,221,255
+ aesenclast xmm6,xmm14
+ aesenclast xmm7,xmm15
movdqa xmm14,XMMWORD[48+rsp]
movdqa xmm15,XMMWORD[64+rsp]
- DB 102,68,15,56,221,193
+ aesenclast xmm8,xmm1
movdqa xmm0,XMMWORD[80+rsp]
movups xmm1,XMMWORD[((16-128))+rcx]
- DB 102,69,15,56,221,202
+ aesenclast xmm9,xmm10
movups XMMWORD[rsi],xmm2
movdqa xmm2,xmm11
@@ -1284,19 +1284,19 @@
pxor xmm9,xmm9
movups xmm0,XMMWORD[16+rcx]
- DB 102,15,56,220,209
- DB 102,15,56,220,217
+ aesenc xmm2,xmm1
+ aesenc xmm3,xmm1
lea rcx,[((32-16))+rax*1+rcx]
neg rax
- DB 102,15,56,220,225
+ aesenc xmm4,xmm1
add rax,16
movups xmm10,XMMWORD[rdi]
- DB 102,15,56,220,233
- DB 102,15,56,220,241
+ aesenc xmm5,xmm1
+ aesenc xmm6,xmm1
movups xmm11,XMMWORD[16+rdi]
movups xmm12,XMMWORD[32+rdi]
- DB 102,15,56,220,249
- DB 102,68,15,56,220,193
+ aesenc xmm7,xmm1
+ aesenc xmm8,xmm1
call $L$enc_loop8_enter
@@ -1327,20 +1327,20 @@
ALIGN 32
$L$ctr32_loop4:
- DB 102,15,56,220,209
+ aesenc xmm2,xmm1
lea rcx,[16+rcx]
dec eax
- DB 102,15,56,220,217
- DB 102,15,56,220,225
- DB 102,15,56,220,233
+ aesenc xmm3,xmm1
+ aesenc xmm4,xmm1
+ aesenc xmm5,xmm1
movups xmm1,XMMWORD[rcx]
jnz NEAR $L$ctr32_loop4
- DB 102,15,56,221,209
- DB 102,15,56,221,217
+ aesenclast xmm2,xmm1
+ aesenclast xmm3,xmm1
movups xmm10,XMMWORD[rdi]
movups xmm11,XMMWORD[16+rdi]
- DB 102,15,56,221,225
- DB 102,15,56,221,233
+ aesenclast xmm4,xmm1
+ aesenclast xmm5,xmm1
movups xmm12,XMMWORD[32+rdi]
movups xmm13,XMMWORD[48+rdi]
@@ -1356,16 +1356,16 @@
ALIGN 32
$L$ctr32_loop3:
- DB 102,15,56,220,209
+ aesenc xmm2,xmm1
lea rcx,[16+rcx]
dec eax
- DB 102,15,56,220,217
- DB 102,15,56,220,225
+ aesenc xmm3,xmm1
+ aesenc xmm4,xmm1
movups xmm1,XMMWORD[rcx]
jnz NEAR $L$ctr32_loop3
- DB 102,15,56,221,209
- DB 102,15,56,221,217
- DB 102,15,56,221,225
+ aesenclast xmm2,xmm1
+ aesenclast xmm3,xmm1
+ aesenclast xmm4,xmm1
movups xmm10,XMMWORD[rdi]
xorps xmm2,xmm10
@@ -1471,12 +1471,12 @@
lea rcx,[32+rcx]
xorps xmm2,xmm3
$L$oop_enc1_6:
- DB 102,15,56,220,209
+ aesenc xmm2,xmm1
dec eax
movups xmm1,XMMWORD[rcx]
lea rcx,[16+rcx]
jnz NEAR $L$oop_enc1_6
- DB 102,15,56,221,209
+ aesenclast xmm2,xmm1
mov eax,r10d
mov rcx,r11
movups XMMWORD[rsi],xmm2
@@ -1522,12 +1522,12 @@
lea rcx,[32+rcx]
xorps xmm2,xmm0
$L$oop_dec1_7:
- DB 102,15,56,222,209
+ aesdec xmm2,xmm1
dec r10d
movups xmm1,XMMWORD[rcx]
lea rcx,[16+rcx]
jnz NEAR $L$oop_dec1_7
- DB 102,15,56,223,209
+ aesdeclast xmm2,xmm1
pxor xmm0,xmm0
pxor xmm1,xmm1
movdqu XMMWORD[r8],xmm4
@@ -1597,166 +1597,166 @@
pxor xmm7,xmm0
pxor xmm8,xmm0
- DB 102,15,56,222,209
+ aesdec xmm2,xmm1
pxor xmm9,xmm0
movups xmm0,XMMWORD[((32-112))+rcx]
- DB 102,15,56,222,217
- DB 102,15,56,222,225
- DB 102,15,56,222,233
- DB 102,15,56,222,241
- DB 102,15,56,222,249
- DB 102,68,15,56,222,193
+ aesdec xmm3,xmm1
+ aesdec xmm4,xmm1
+ aesdec xmm5,xmm1
+ aesdec xmm6,xmm1
+ aesdec xmm7,xmm1
+ aesdec xmm8,xmm1
adc rbp,0
and rbp,128
- DB 102,68,15,56,222,201
+ aesdec xmm9,xmm1
add rbp,rdi
movups xmm1,XMMWORD[((48-112))+rcx]
- DB 102,15,56,222,208
- DB 102,15,56,222,216
- DB 102,15,56,222,224
- DB 102,15,56,222,232
- DB 102,15,56,222,240
- DB 102,15,56,222,248
- DB 102,68,15,56,222,192
- DB 102,68,15,56,222,200
+ aesdec xmm2,xmm0
+ aesdec xmm3,xmm0
+ aesdec xmm4,xmm0
+ aesdec xmm5,xmm0
+ aesdec xmm6,xmm0
+ aesdec xmm7,xmm0
+ aesdec xmm8,xmm0
+ aesdec xmm9,xmm0
movups xmm0,XMMWORD[((64-112))+rcx]
nop
- DB 102,15,56,222,209
- DB 102,15,56,222,217
- DB 102,15,56,222,225
- DB 102,15,56,222,233
- DB 102,15,56,222,241
- DB 102,15,56,222,249
- DB 102,68,15,56,222,193
- DB 102,68,15,56,222,201
+ aesdec xmm2,xmm1
+ aesdec xmm3,xmm1
+ aesdec xmm4,xmm1
+ aesdec xmm5,xmm1
+ aesdec xmm6,xmm1
+ aesdec xmm7,xmm1
+ aesdec xmm8,xmm1
+ aesdec xmm9,xmm1
movups xmm1,XMMWORD[((80-112))+rcx]
nop
- DB 102,15,56,222,208
- DB 102,15,56,222,216
- DB 102,15,56,222,224
- DB 102,15,56,222,232
- DB 102,15,56,222,240
- DB 102,15,56,222,248
- DB 102,68,15,56,222,192
- DB 102,68,15,56,222,200
+ aesdec xmm2,xmm0
+ aesdec xmm3,xmm0
+ aesdec xmm4,xmm0
+ aesdec xmm5,xmm0
+ aesdec xmm6,xmm0
+ aesdec xmm7,xmm0
+ aesdec xmm8,xmm0
+ aesdec xmm9,xmm0
movups xmm0,XMMWORD[((96-112))+rcx]
nop
- DB 102,15,56,222,209
- DB 102,15,56,222,217
- DB 102,15,56,222,225
- DB 102,15,56,222,233
- DB 102,15,56,222,241
- DB 102,15,56,222,249
- DB 102,68,15,56,222,193
- DB 102,68,15,56,222,201
+ aesdec xmm2,xmm1
+ aesdec xmm3,xmm1
+ aesdec xmm4,xmm1
+ aesdec xmm5,xmm1
+ aesdec xmm6,xmm1
+ aesdec xmm7,xmm1
+ aesdec xmm8,xmm1
+ aesdec xmm9,xmm1
movups xmm1,XMMWORD[((112-112))+rcx]
nop
- DB 102,15,56,222,208
- DB 102,15,56,222,216
- DB 102,15,56,222,224
- DB 102,15,56,222,232
- DB 102,15,56,222,240
- DB 102,15,56,222,248
- DB 102,68,15,56,222,192
- DB 102,68,15,56,222,200
+ aesdec xmm2,xmm0
+ aesdec xmm3,xmm0
+ aesdec xmm4,xmm0
+ aesdec xmm5,xmm0
+ aesdec xmm6,xmm0
+ aesdec xmm7,xmm0
+ aesdec xmm8,xmm0
+ aesdec xmm9,xmm0
movups xmm0,XMMWORD[((128-112))+rcx]
nop
- DB 102,15,56,222,209
- DB 102,15,56,222,217
- DB 102,15,56,222,225
- DB 102,15,56,222,233
- DB 102,15,56,222,241
- DB 102,15,56,222,249
- DB 102,68,15,56,222,193
- DB 102,68,15,56,222,201
+ aesdec xmm2,xmm1
+ aesdec xmm3,xmm1
+ aesdec xmm4,xmm1
+ aesdec xmm5,xmm1
+ aesdec xmm6,xmm1
+ aesdec xmm7,xmm1
+ aesdec xmm8,xmm1
+ aesdec xmm9,xmm1
movups xmm1,XMMWORD[((144-112))+rcx]
cmp eax,11
- DB 102,15,56,222,208
- DB 102,15,56,222,216
- DB 102,15,56,222,224
- DB 102,15,56,222,232
- DB 102,15,56,222,240
- DB 102,15,56,222,248
- DB 102,68,15,56,222,192
- DB 102,68,15,56,222,200
+ aesdec xmm2,xmm0
+ aesdec xmm3,xmm0
+ aesdec xmm4,xmm0
+ aesdec xmm5,xmm0
+ aesdec xmm6,xmm0
+ aesdec xmm7,xmm0
+ aesdec xmm8,xmm0
+ aesdec xmm9,xmm0
movups xmm0,XMMWORD[((160-112))+rcx]
jb NEAR $L$cbc_dec_done
- DB 102,15,56,222,209
- DB 102,15,56,222,217
- DB 102,15,56,222,225
- DB 102,15,56,222,233
- DB 102,15,56,222,241
- DB 102,15,56,222,249
- DB 102,68,15,56,222,193
- DB 102,68,15,56,222,201
+ aesdec xmm2,xmm1
+ aesdec xmm3,xmm1
+ aesdec xmm4,xmm1
+ aesdec xmm5,xmm1
+ aesdec xmm6,xmm1
+ aesdec xmm7,xmm1
+ aesdec xmm8,xmm1
+ aesdec xmm9,xmm1
movups xmm1,XMMWORD[((176-112))+rcx]
nop
- DB 102,15,56,222,208
- DB 102,15,56,222,216
- DB 102,15,56,222,224
- DB 102,15,56,222,232
- DB 102,15,56,222,240
- DB 102,15,56,222,248
- DB 102,68,15,56,222,192
- DB 102,68,15,56,222,200
+ aesdec xmm2,xmm0
+ aesdec xmm3,xmm0
+ aesdec xmm4,xmm0
+ aesdec xmm5,xmm0
+ aesdec xmm6,xmm0
+ aesdec xmm7,xmm0
+ aesdec xmm8,xmm0
+ aesdec xmm9,xmm0
movups xmm0,XMMWORD[((192-112))+rcx]
je NEAR $L$cbc_dec_done
- DB 102,15,56,222,209
- DB 102,15,56,222,217
- DB 102,15,56,222,225
- DB 102,15,56,222,233
- DB 102,15,56,222,241
- DB 102,15,56,222,249
- DB 102,68,15,56,222,193
- DB 102,68,15,56,222,201
+ aesdec xmm2,xmm1
+ aesdec xmm3,xmm1
+ aesdec xmm4,xmm1
+ aesdec xmm5,xmm1
+ aesdec xmm6,xmm1
+ aesdec xmm7,xmm1
+ aesdec xmm8,xmm1
+ aesdec xmm9,xmm1
movups xmm1,XMMWORD[((208-112))+rcx]
nop
- DB 102,15,56,222,208
- DB 102,15,56,222,216
- DB 102,15,56,222,224
- DB 102,15,56,222,232
- DB 102,15,56,222,240
- DB 102,15,56,222,248
- DB 102,68,15,56,222,192
- DB 102,68,15,56,222,200
+ aesdec xmm2,xmm0
+ aesdec xmm3,xmm0
+ aesdec xmm4,xmm0
+ aesdec xmm5,xmm0
+ aesdec xmm6,xmm0
+ aesdec xmm7,xmm0
+ aesdec xmm8,xmm0
+ aesdec xmm9,xmm0
movups xmm0,XMMWORD[((224-112))+rcx]
jmp NEAR $L$cbc_dec_done
ALIGN 16
$L$cbc_dec_done:
- DB 102,15,56,222,209
- DB 102,15,56,222,217
+ aesdec xmm2,xmm1
+ aesdec xmm3,xmm1
pxor xmm10,xmm0
pxor xmm11,xmm0
- DB 102,15,56,222,225
- DB 102,15,56,222,233
+ aesdec xmm4,xmm1
+ aesdec xmm5,xmm1
pxor xmm12,xmm0
pxor xmm13,xmm0
- DB 102,15,56,222,241
- DB 102,15,56,222,249
+ aesdec xmm6,xmm1
+ aesdec xmm7,xmm1
pxor xmm14,xmm0
pxor xmm15,xmm0
- DB 102,68,15,56,222,193
- DB 102,68,15,56,222,201
+ aesdec xmm8,xmm1
+ aesdec xmm9,xmm1
movdqu xmm1,XMMWORD[80+rdi]
- DB 102,65,15,56,223,210
+ aesdeclast xmm2,xmm10
movdqu xmm10,XMMWORD[96+rdi]
pxor xmm1,xmm0
- DB 102,65,15,56,223,219
+ aesdeclast xmm3,xmm11
pxor xmm10,xmm0
movdqu xmm0,XMMWORD[112+rdi]
- DB 102,65,15,56,223,228
+ aesdeclast xmm4,xmm12
lea rdi,[128+rdi]
movdqu xmm11,XMMWORD[rbp]
- DB 102,65,15,56,223,237
- DB 102,65,15,56,223,246
+ aesdeclast xmm5,xmm13
+ aesdeclast xmm6,xmm14
movdqu xmm12,XMMWORD[16+rbp]
movdqu xmm13,XMMWORD[32+rbp]
- DB 102,65,15,56,223,255
- DB 102,68,15,56,223,193
+ aesdeclast xmm7,xmm15
+ aesdeclast xmm8,xmm1
movdqu xmm14,XMMWORD[48+rbp]
movdqu xmm15,XMMWORD[64+rbp]
- DB 102,69,15,56,223,202
+ aesdeclast xmm9,xmm10
movdqa xmm10,xmm0
movdqu xmm1,XMMWORD[80+rbp]
movups xmm0,XMMWORD[((-112))+rcx]
@@ -1900,12 +1900,12 @@
lea rcx,[32+rcx]
xorps xmm2,xmm0
$L$oop_dec1_8:
- DB 102,15,56,222,209
+ aesdec xmm2,xmm1
dec eax
movups xmm1,XMMWORD[rcx]
lea rcx,[16+rcx]
jnz NEAR $L$oop_dec1_8
- DB 102,15,56,223,209
+ aesdeclast xmm2,xmm1
xorps xmm2,xmm10
movaps xmm10,xmm11
jmp NEAR $L$cbc_dec_tail_collected
@@ -2033,8 +2033,8 @@
$L$dec_key_inverse:
movups xmm0,XMMWORD[rcx]
movups xmm1,XMMWORD[r8]
- DB 102,15,56,219,192
- DB 102,15,56,219,201
+ aesimc xmm0,xmm0
+ aesimc xmm1,xmm1
lea rcx,[16+rcx]
lea r8,[((-16))+r8]
movups XMMWORD[16+r8],xmm0
@@ -2043,7 +2043,7 @@
ja NEAR $L$dec_key_inverse
movups xmm0,XMMWORD[rcx]
- DB 102,15,56,219,192
+ aesimc xmm0,xmm0
pxor xmm1,xmm1
movups XMMWORD[r8],xmm0
pxor xmm0,xmm0
@@ -2078,25 +2078,25 @@
mov edx,9
movups XMMWORD[r8],xmm0
- DB 102,15,58,223,200,1
+ aeskeygenassist xmm1,xmm0,0x1
call $L$key_expansion_128_cold
- DB 102,15,58,223,200,2
+ aeskeygenassist xmm1,xmm0,0x2
call $L$key_expansion_128
- DB 102,15,58,223,200,4
+ aeskeygenassist xmm1,xmm0,0x4
call $L$key_expansion_128
- DB 102,15,58,223,200,8
+ aeskeygenassist xmm1,xmm0,0x8
call $L$key_expansion_128
- DB 102,15,58,223,200,16
+ aeskeygenassist xmm1,xmm0,0x10
call $L$key_expansion_128
- DB 102,15,58,223,200,32
+ aeskeygenassist xmm1,xmm0,0x20
call $L$key_expansion_128
- DB 102,15,58,223,200,64
+ aeskeygenassist xmm1,xmm0,0x40
call $L$key_expansion_128
- DB 102,15,58,223,200,128
+ aeskeygenassist xmm1,xmm0,0x80
call $L$key_expansion_128
- DB 102,15,58,223,200,27
+ aeskeygenassist xmm1,xmm0,0x1b
call $L$key_expansion_128
- DB 102,15,58,223,200,54
+ aeskeygenassist xmm1,xmm0,0x36
call $L$key_expansion_128
movups XMMWORD[rax],xmm0
mov DWORD[80+rax],edx
@@ -2109,21 +2109,21 @@
mov edx,11
movups XMMWORD[r8],xmm0
- DB 102,15,58,223,202,1
+ aeskeygenassist xmm1,xmm2,0x1
call $L$key_expansion_192a_cold
- DB 102,15,58,223,202,2
+ aeskeygenassist xmm1,xmm2,0x2
call $L$key_expansion_192b
- DB 102,15,58,223,202,4
+ aeskeygenassist xmm1,xmm2,0x4
call $L$key_expansion_192a
- DB 102,15,58,223,202,8
+ aeskeygenassist xmm1,xmm2,0x8
call $L$key_expansion_192b
- DB 102,15,58,223,202,16
+ aeskeygenassist xmm1,xmm2,0x10
call $L$key_expansion_192a
- DB 102,15,58,223,202,32
+ aeskeygenassist xmm1,xmm2,0x20
call $L$key_expansion_192b
- DB 102,15,58,223,202,64
+ aeskeygenassist xmm1,xmm2,0x40
call $L$key_expansion_192a
- DB 102,15,58,223,202,128
+ aeskeygenassist xmm1,xmm2,0x80
call $L$key_expansion_192b
movups XMMWORD[rax],xmm0
mov DWORD[48+rax],edx
@@ -2138,31 +2138,31 @@
movups XMMWORD[r8],xmm0
movups XMMWORD[16+r8],xmm2
- DB 102,15,58,223,202,1
+ aeskeygenassist xmm1,xmm2,0x1
call $L$key_expansion_256a_cold
- DB 102,15,58,223,200,1
+ aeskeygenassist xmm1,xmm0,0x1
call $L$key_expansion_256b
- DB 102,15,58,223,202,2
+ aeskeygenassist xmm1,xmm2,0x2
call $L$key_expansion_256a
- DB 102,15,58,223,200,2
+ aeskeygenassist xmm1,xmm0,0x2
call $L$key_expansion_256b
- DB 102,15,58,223,202,4
+ aeskeygenassist xmm1,xmm2,0x4
call $L$key_expansion_256a
- DB 102,15,58,223,200,4
+ aeskeygenassist xmm1,xmm0,0x4
call $L$key_expansion_256b
- DB 102,15,58,223,202,8
+ aeskeygenassist xmm1,xmm2,0x8
call $L$key_expansion_256a
- DB 102,15,58,223,200,8
+ aeskeygenassist xmm1,xmm0,0x8
call $L$key_expansion_256b
- DB 102,15,58,223,202,16
+ aeskeygenassist xmm1,xmm2,0x10
call $L$key_expansion_256a
- DB 102,15,58,223,200,16
+ aeskeygenassist xmm1,xmm0,0x10
call $L$key_expansion_256b
- DB 102,15,58,223,202,32
+ aeskeygenassist xmm1,xmm2,0x20
call $L$key_expansion_256a
- DB 102,15,58,223,200,32
+ aeskeygenassist xmm1,xmm0,0x20
call $L$key_expansion_256b
- DB 102,15,58,223,202,64
+ aeskeygenassist xmm1,xmm2,0x40
call $L$key_expansion_256a
movups XMMWORD[rax],xmm0
mov DWORD[16+rax],edx
@@ -2299,8 +2299,8 @@
ALIGN 16
$L$oop_key128:
-DB 102,15,56,0,197
- DB 102,15,56,221,196
+ pshufb xmm0,xmm5
+ aesenclast xmm0,xmm4
pslld xmm4,1
lea rax,[16+rax]
@@ -2321,8 +2321,8 @@
movdqa xmm4,XMMWORD[$L$key_rcon1b]
-DB 102,15,56,0,197
- DB 102,15,56,221,196
+ pshufb xmm0,xmm5
+ aesenclast xmm0,xmm4
pslld xmm4,1
movdqa xmm3,xmm2
@@ -2337,8 +2337,8 @@
movdqu XMMWORD[rax],xmm0
movdqa xmm2,xmm0
-DB 102,15,56,0,197
- DB 102,15,56,221,196
+ pshufb xmm0,xmm5
+ aesenclast xmm0,xmm4
movdqa xmm3,xmm2
pslldq xmm2,4
@@ -2369,8 +2369,8 @@
$L$oop_key192:
movq QWORD[rax],xmm2
movdqa xmm1,xmm2
-DB 102,15,56,0,213
- DB 102,15,56,221,212
+ pshufb xmm2,xmm5
+ aesenclast xmm2,xmm4
pslld xmm4,1
lea rax,[24+rax]
@@ -2413,8 +2413,8 @@
ALIGN 16
$L$oop_key256:
-DB 102,15,56,0,213
- DB 102,15,56,221,212
+ pshufb xmm2,xmm5
+ aesenclast xmm2,xmm4
movdqa xmm3,xmm0
pslldq xmm0,4
@@ -2433,7 +2433,7 @@
pshufd xmm2,xmm0,0xff
pxor xmm3,xmm3
- DB 102,15,56,221,211
+ aesenclast xmm2,xmm3
movdqa xmm3,xmm1
pslldq xmm1,4
diff --git a/src/gen/bcm/armv4-mont-linux.S b/src/gen/bcm/armv4-mont-linux.S
index 704f607..73e42b5 100644
--- a/src/gen/bcm/armv4-mont-linux.S
+++ b/src/gen/bcm/armv4-mont-linux.S
@@ -24,14 +24,9 @@
bn_mul_mont_nohw:
ldr ip,[sp,#4] @ load num
stmdb sp!,{r0,r2} @ sp points at argument block
- cmp ip,#2
+ @ No return value. Instead, the caller must ensure num >= 2
mov r0,ip @ load num
-#ifdef __thumb2__
- ittt lt
-#endif
- movlt r0,#0
- addlt sp,sp,#2*4
- blt .Labrt
+ @ No return value
stmdb sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,lr} @ save 10 registers
@@ -165,8 +160,7 @@
add sp,sp,#4 @ skip over tp[num+1]
ldmia sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,lr} @ restore registers
add sp,sp,#2*4 @ skip over {r0,r2}
- mov r0,#1
-.Labrt:
+ @ No return value
#if __ARM_ARCH>=5
bx lr @ bx lr
#else
@@ -929,6 +923,7 @@
mov sp,ip
vldmia sp!,{d8,d9,d10,d11,d12,d13,d14,d15}
ldmia sp!,{r4,r5,r6,r7,r8,r9,r10,r11}
+ @ No return value
bx lr @ bx lr
.size bn_mul8x_mont_neon,.-bn_mul8x_mont_neon
#endif
diff --git a/src/gen/bcm/armv8-mont-apple.S b/src/gen/bcm/armv8-mont-apple.S
index 9e39c1d..6aad968 100644
--- a/src/gen/bcm/armv8-mont-apple.S
+++ b/src/gen/bcm/armv8-mont-apple.S
@@ -206,7 +206,7 @@
ldp x19,x20,[x29,#16]
mov sp,x29
ldp x21,x22,[x29,#32]
- mov x0,#1
+ // No return value
ldp x23,x24,[x29,#48]
ldr x29,[sp],#64
AARCH64_VALIDATE_LINK_REGISTER
@@ -965,7 +965,7 @@
ldp x19,x20,[x29,#16]
mov sp,x29
ldp x21,x22,[x29,#32]
- mov x0,#1
+ // No return value
ldp x23,x24,[x29,#48]
ldp x25,x26,[x29,#64]
ldp x27,x28,[x29,#80]
@@ -1408,7 +1408,7 @@
ldp x19,x20,[x29,#16]
mov sp,x29
ldp x21,x22,[x29,#32]
- mov x0,#1
+ // No return value
ldp x23,x24,[x29,#48]
ldp x25,x26,[x29,#64]
ldp x27,x28,[x29,#80]
diff --git a/src/gen/bcm/armv8-mont-linux.S b/src/gen/bcm/armv8-mont-linux.S
index 168162f..e49322b 100644
--- a/src/gen/bcm/armv8-mont-linux.S
+++ b/src/gen/bcm/armv8-mont-linux.S
@@ -206,7 +206,7 @@
ldp x19,x20,[x29,#16]
mov sp,x29
ldp x21,x22,[x29,#32]
- mov x0,#1
+ // No return value
ldp x23,x24,[x29,#48]
ldr x29,[sp],#64
AARCH64_VALIDATE_LINK_REGISTER
@@ -965,7 +965,7 @@
ldp x19,x20,[x29,#16]
mov sp,x29
ldp x21,x22,[x29,#32]
- mov x0,#1
+ // No return value
ldp x23,x24,[x29,#48]
ldp x25,x26,[x29,#64]
ldp x27,x28,[x29,#80]
@@ -1408,7 +1408,7 @@
ldp x19,x20,[x29,#16]
mov sp,x29
ldp x21,x22,[x29,#32]
- mov x0,#1
+ // No return value
ldp x23,x24,[x29,#48]
ldp x25,x26,[x29,#64]
ldp x27,x28,[x29,#80]
diff --git a/src/gen/bcm/armv8-mont-win.S b/src/gen/bcm/armv8-mont-win.S
index b521d49..4091a5a 100644
--- a/src/gen/bcm/armv8-mont-win.S
+++ b/src/gen/bcm/armv8-mont-win.S
@@ -208,7 +208,7 @@
ldp x19,x20,[x29,#16]
mov sp,x29
ldp x21,x22,[x29,#32]
- mov x0,#1
+ // No return value
ldp x23,x24,[x29,#48]
ldr x29,[sp],#64
AARCH64_VALIDATE_LINK_REGISTER
@@ -969,7 +969,7 @@
ldp x19,x20,[x29,#16]
mov sp,x29
ldp x21,x22,[x29,#32]
- mov x0,#1
+ // No return value
ldp x23,x24,[x29,#48]
ldp x25,x26,[x29,#64]
ldp x27,x28,[x29,#80]
@@ -1414,7 +1414,7 @@
ldp x19,x20,[x29,#16]
mov sp,x29
ldp x21,x22,[x29,#32]
- mov x0,#1
+ // No return value
ldp x23,x24,[x29,#48]
ldp x25,x26,[x29,#64]
ldp x27,x28,[x29,#80]
diff --git a/src/gen/bcm/bn-586-apple.S b/src/gen/bcm/bn-586-apple.S
index f483ef1..3e6f791 100644
--- a/src/gen/bcm/bn-586-apple.S
+++ b/src/gen/bcm/bn-586-apple.S
@@ -156,16 +156,6 @@
popl %ebx
popl %ebp
ret
-.globl _bn_div_words
-.private_extern _bn_div_words
-.align 4
-_bn_div_words:
-L_bn_div_words_begin:
- movl 4(%esp),%edx
- movl 8(%esp),%eax
- movl 12(%esp),%ecx
- divl %ecx
- ret
.globl _bn_add_words
.private_extern _bn_add_words
.align 4
diff --git a/src/gen/bcm/bn-586-linux.S b/src/gen/bcm/bn-586-linux.S
index fb83b22..808f63e 100644
--- a/src/gen/bcm/bn-586-linux.S
+++ b/src/gen/bcm/bn-586-linux.S
@@ -162,18 +162,6 @@
popl %ebp
ret
.size bn_sqr_words,.-.L_bn_sqr_words_begin
-.globl bn_div_words
-.hidden bn_div_words
-.type bn_div_words,@function
-.align 16
-bn_div_words:
-.L_bn_div_words_begin:
- movl 4(%esp),%edx
- movl 8(%esp),%eax
- movl 12(%esp),%ecx
- divl %ecx
- ret
-.size bn_div_words,.-.L_bn_div_words_begin
.globl bn_add_words
.hidden bn_add_words
.type bn_add_words,@function
diff --git a/src/gen/bcm/bn-586-win.asm b/src/gen/bcm/bn-586-win.asm
index 09aafb8..1250eb6 100644
--- a/src/gen/bcm/bn-586-win.asm
+++ b/src/gen/bcm/bn-586-win.asm
@@ -161,15 +161,6 @@
pop ebx
pop ebp
ret
-global _bn_div_words
-align 16
-_bn_div_words:
-L$_bn_div_words_begin:
- mov edx,DWORD [4+esp]
- mov eax,DWORD [8+esp]
- mov ecx,DWORD [12+esp]
- div ecx
- ret
global _bn_add_words
align 16
_bn_add_words:
diff --git a/src/gen/bcm/ghash-ssse3-x86_64-apple.S b/src/gen/bcm/ghash-ssse3-x86_64-apple.S
index 651cca3..53af23f 100644
--- a/src/gen/bcm/ghash-ssse3-x86_64-apple.S
+++ b/src/gen/bcm/ghash-ssse3-x86_64-apple.S
@@ -23,7 +23,7 @@
movdqa L$low4_mask(%rip),%xmm2
-.byte 102,65,15,56,0,194
+ pshufb %xmm10,%xmm0
movdqa %xmm2,%xmm1
@@ -43,7 +43,7 @@
movdqa %xmm2,%xmm6
-.byte 102,15,58,15,243,1
+ palignr $1,%xmm3,%xmm6
movdqa %xmm6,%xmm3
psrldq $1,%xmm2
@@ -51,8 +51,8 @@
movdqa %xmm4,%xmm5
-.byte 102,15,56,0,224
-.byte 102,15,56,0,233
+ pshufb %xmm0,%xmm4
+ pshufb %xmm1,%xmm5
pxor %xmm5,%xmm2
@@ -91,7 +91,7 @@
movdqa %xmm2,%xmm6
-.byte 102,15,58,15,243,1
+ palignr $1,%xmm3,%xmm6
movdqa %xmm6,%xmm3
psrldq $1,%xmm2
@@ -99,8 +99,8 @@
movdqa %xmm4,%xmm5
-.byte 102,15,56,0,224
-.byte 102,15,56,0,233
+ pshufb %xmm0,%xmm4
+ pshufb %xmm1,%xmm5
pxor %xmm5,%xmm2
@@ -139,7 +139,7 @@
movdqa %xmm2,%xmm6
-.byte 102,15,58,15,243,1
+ palignr $1,%xmm3,%xmm6
movdqa %xmm6,%xmm3
psrldq $1,%xmm2
@@ -147,8 +147,8 @@
movdqa %xmm4,%xmm5
-.byte 102,15,56,0,224
-.byte 102,15,56,0,233
+ pshufb %xmm0,%xmm4
+ pshufb %xmm1,%xmm5
pxor %xmm5,%xmm2
@@ -181,7 +181,7 @@
pxor %xmm3,%xmm2
pxor %xmm3,%xmm3
-.byte 102,65,15,56,0,210
+ pshufb %xmm10,%xmm2
movdqu %xmm2,(%rdi)
@@ -218,14 +218,14 @@
-.byte 102,65,15,56,0,194
+ pshufb %xmm10,%xmm0
pxor %xmm3,%xmm3
L$oop_ghash:
movdqu (%rdx),%xmm1
-.byte 102,65,15,56,0,202
+ pshufb %xmm10,%xmm1
pxor %xmm1,%xmm0
@@ -246,7 +246,7 @@
movdqa %xmm2,%xmm6
-.byte 102,15,58,15,243,1
+ palignr $1,%xmm3,%xmm6
movdqa %xmm6,%xmm3
psrldq $1,%xmm2
@@ -254,8 +254,8 @@
movdqa %xmm4,%xmm5
-.byte 102,15,56,0,224
-.byte 102,15,56,0,233
+ pshufb %xmm0,%xmm4
+ pshufb %xmm1,%xmm5
pxor %xmm5,%xmm2
@@ -294,7 +294,7 @@
movdqa %xmm2,%xmm6
-.byte 102,15,58,15,243,1
+ palignr $1,%xmm3,%xmm6
movdqa %xmm6,%xmm3
psrldq $1,%xmm2
@@ -302,8 +302,8 @@
movdqa %xmm4,%xmm5
-.byte 102,15,56,0,224
-.byte 102,15,56,0,233
+ pshufb %xmm0,%xmm4
+ pshufb %xmm1,%xmm5
pxor %xmm5,%xmm2
@@ -342,7 +342,7 @@
movdqa %xmm2,%xmm6
-.byte 102,15,58,15,243,1
+ palignr $1,%xmm3,%xmm6
movdqa %xmm6,%xmm3
psrldq $1,%xmm2
@@ -350,8 +350,8 @@
movdqa %xmm4,%xmm5
-.byte 102,15,56,0,224
-.byte 102,15,56,0,233
+ pshufb %xmm0,%xmm4
+ pshufb %xmm1,%xmm5
pxor %xmm5,%xmm2
@@ -394,7 +394,7 @@
jnz L$oop_ghash
-.byte 102,65,15,56,0,194
+ pshufb %xmm10,%xmm0
movdqu %xmm0,(%rdi)
diff --git a/src/gen/bcm/ghash-ssse3-x86_64-linux.S b/src/gen/bcm/ghash-ssse3-x86_64-linux.S
index 84ac20a..edce38d 100644
--- a/src/gen/bcm/ghash-ssse3-x86_64-linux.S
+++ b/src/gen/bcm/ghash-ssse3-x86_64-linux.S
@@ -23,7 +23,7 @@
movdqa .Llow4_mask(%rip),%xmm2
-.byte 102,65,15,56,0,194
+ pshufb %xmm10,%xmm0
movdqa %xmm2,%xmm1
@@ -43,7 +43,7 @@
movdqa %xmm2,%xmm6
-.byte 102,15,58,15,243,1
+ palignr $1,%xmm3,%xmm6
movdqa %xmm6,%xmm3
psrldq $1,%xmm2
@@ -51,8 +51,8 @@
movdqa %xmm4,%xmm5
-.byte 102,15,56,0,224
-.byte 102,15,56,0,233
+ pshufb %xmm0,%xmm4
+ pshufb %xmm1,%xmm5
pxor %xmm5,%xmm2
@@ -91,7 +91,7 @@
movdqa %xmm2,%xmm6
-.byte 102,15,58,15,243,1
+ palignr $1,%xmm3,%xmm6
movdqa %xmm6,%xmm3
psrldq $1,%xmm2
@@ -99,8 +99,8 @@
movdqa %xmm4,%xmm5
-.byte 102,15,56,0,224
-.byte 102,15,56,0,233
+ pshufb %xmm0,%xmm4
+ pshufb %xmm1,%xmm5
pxor %xmm5,%xmm2
@@ -139,7 +139,7 @@
movdqa %xmm2,%xmm6
-.byte 102,15,58,15,243,1
+ palignr $1,%xmm3,%xmm6
movdqa %xmm6,%xmm3
psrldq $1,%xmm2
@@ -147,8 +147,8 @@
movdqa %xmm4,%xmm5
-.byte 102,15,56,0,224
-.byte 102,15,56,0,233
+ pshufb %xmm0,%xmm4
+ pshufb %xmm1,%xmm5
pxor %xmm5,%xmm2
@@ -181,7 +181,7 @@
pxor %xmm3,%xmm2
pxor %xmm3,%xmm3
-.byte 102,65,15,56,0,210
+ pshufb %xmm10,%xmm2
movdqu %xmm2,(%rdi)
@@ -218,14 +218,14 @@
-.byte 102,65,15,56,0,194
+ pshufb %xmm10,%xmm0
pxor %xmm3,%xmm3
.Loop_ghash:
movdqu (%rdx),%xmm1
-.byte 102,65,15,56,0,202
+ pshufb %xmm10,%xmm1
pxor %xmm1,%xmm0
@@ -246,7 +246,7 @@
movdqa %xmm2,%xmm6
-.byte 102,15,58,15,243,1
+ palignr $1,%xmm3,%xmm6
movdqa %xmm6,%xmm3
psrldq $1,%xmm2
@@ -254,8 +254,8 @@
movdqa %xmm4,%xmm5
-.byte 102,15,56,0,224
-.byte 102,15,56,0,233
+ pshufb %xmm0,%xmm4
+ pshufb %xmm1,%xmm5
pxor %xmm5,%xmm2
@@ -294,7 +294,7 @@
movdqa %xmm2,%xmm6
-.byte 102,15,58,15,243,1
+ palignr $1,%xmm3,%xmm6
movdqa %xmm6,%xmm3
psrldq $1,%xmm2
@@ -302,8 +302,8 @@
movdqa %xmm4,%xmm5
-.byte 102,15,56,0,224
-.byte 102,15,56,0,233
+ pshufb %xmm0,%xmm4
+ pshufb %xmm1,%xmm5
pxor %xmm5,%xmm2
@@ -342,7 +342,7 @@
movdqa %xmm2,%xmm6
-.byte 102,15,58,15,243,1
+ palignr $1,%xmm3,%xmm6
movdqa %xmm6,%xmm3
psrldq $1,%xmm2
@@ -350,8 +350,8 @@
movdqa %xmm4,%xmm5
-.byte 102,15,56,0,224
-.byte 102,15,56,0,233
+ pshufb %xmm0,%xmm4
+ pshufb %xmm1,%xmm5
pxor %xmm5,%xmm2
@@ -394,7 +394,7 @@
jnz .Loop_ghash
-.byte 102,65,15,56,0,194
+ pshufb %xmm10,%xmm0
movdqu %xmm0,(%rdi)
diff --git a/src/gen/bcm/ghash-ssse3-x86_64-win.asm b/src/gen/bcm/ghash-ssse3-x86_64-win.asm
index c00e039..5bcd094 100644
--- a/src/gen/bcm/ghash-ssse3-x86_64-win.asm
+++ b/src/gen/bcm/ghash-ssse3-x86_64-win.asm
@@ -37,7 +37,7 @@
movdqa xmm2,XMMWORD[$L$low4_mask]
-DB 102,65,15,56,0,194
+ pshufb xmm0,xmm10
movdqa xmm1,xmm2
@@ -57,7 +57,7 @@
movdqa xmm6,xmm2
-DB 102,15,58,15,243,1
+ palignr xmm6,xmm3,1
movdqa xmm3,xmm6
psrldq xmm2,1
@@ -65,8 +65,8 @@
movdqa xmm5,xmm4
-DB 102,15,56,0,224
-DB 102,15,56,0,233
+ pshufb xmm4,xmm0
+ pshufb xmm5,xmm1
pxor xmm2,xmm5
@@ -105,7 +105,7 @@
movdqa xmm6,xmm2
-DB 102,15,58,15,243,1
+ palignr xmm6,xmm3,1
movdqa xmm3,xmm6
psrldq xmm2,1
@@ -113,8 +113,8 @@
movdqa xmm5,xmm4
-DB 102,15,56,0,224
-DB 102,15,56,0,233
+ pshufb xmm4,xmm0
+ pshufb xmm5,xmm1
pxor xmm2,xmm5
@@ -153,7 +153,7 @@
movdqa xmm6,xmm2
-DB 102,15,58,15,243,1
+ palignr xmm6,xmm3,1
movdqa xmm3,xmm6
psrldq xmm2,1
@@ -161,8 +161,8 @@
movdqa xmm5,xmm4
-DB 102,15,56,0,224
-DB 102,15,56,0,233
+ pshufb xmm4,xmm0
+ pshufb xmm5,xmm1
pxor xmm2,xmm5
@@ -195,7 +195,7 @@
pxor xmm2,xmm3
pxor xmm3,xmm3
-DB 102,65,15,56,0,210
+ pshufb xmm2,xmm10
movdqu XMMWORD[rcx],xmm2
@@ -243,14 +243,14 @@
-DB 102,65,15,56,0,194
+ pshufb xmm0,xmm10
pxor xmm3,xmm3
$L$oop_ghash:
movdqu xmm1,XMMWORD[r8]
-DB 102,65,15,56,0,202
+ pshufb xmm1,xmm10
pxor xmm0,xmm1
@@ -271,7 +271,7 @@
movdqa xmm6,xmm2
-DB 102,15,58,15,243,1
+ palignr xmm6,xmm3,1
movdqa xmm3,xmm6
psrldq xmm2,1
@@ -279,8 +279,8 @@
movdqa xmm5,xmm4
-DB 102,15,56,0,224
-DB 102,15,56,0,233
+ pshufb xmm4,xmm0
+ pshufb xmm5,xmm1
pxor xmm2,xmm5
@@ -319,7 +319,7 @@
movdqa xmm6,xmm2
-DB 102,15,58,15,243,1
+ palignr xmm6,xmm3,1
movdqa xmm3,xmm6
psrldq xmm2,1
@@ -327,8 +327,8 @@
movdqa xmm5,xmm4
-DB 102,15,56,0,224
-DB 102,15,56,0,233
+ pshufb xmm4,xmm0
+ pshufb xmm5,xmm1
pxor xmm2,xmm5
@@ -367,7 +367,7 @@
movdqa xmm6,xmm2
-DB 102,15,58,15,243,1
+ palignr xmm6,xmm3,1
movdqa xmm3,xmm6
psrldq xmm2,1
@@ -375,8 +375,8 @@
movdqa xmm5,xmm4
-DB 102,15,56,0,224
-DB 102,15,56,0,233
+ pshufb xmm4,xmm0
+ pshufb xmm5,xmm1
pxor xmm2,xmm5
@@ -419,7 +419,7 @@
jnz NEAR $L$oop_ghash
-DB 102,65,15,56,0,194
+ pshufb xmm0,xmm10
movdqu XMMWORD[rcx],xmm0
diff --git a/src/gen/bcm/ghash-x86_64-apple.S b/src/gen/bcm/ghash-x86_64-apple.S
index 4961298..0cf60d1 100644
--- a/src/gen/bcm/ghash-x86_64-apple.S
+++ b/src/gen/bcm/ghash-x86_64-apple.S
@@ -38,9 +38,9 @@
movdqa %xmm0,%xmm1
pshufd $78,%xmm0,%xmm3
pxor %xmm0,%xmm3
-.byte 102,15,58,68,194,0
-.byte 102,15,58,68,202,17
-.byte 102,15,58,68,222,0
+ pclmulqdq $0x00,%xmm2,%xmm0
+ pclmulqdq $0x11,%xmm2,%xmm1
+ pclmulqdq $0x00,%xmm6,%xmm3
pxor %xmm0,%xmm3
pxor %xmm1,%xmm3
@@ -78,14 +78,14 @@
movdqu %xmm2,0(%rdi)
pxor %xmm0,%xmm4
movdqu %xmm0,16(%rdi)
-.byte 102,15,58,15,227,8
+ palignr $8,%xmm3,%xmm4
movdqu %xmm4,32(%rdi)
movdqa %xmm0,%xmm1
pshufd $78,%xmm0,%xmm3
pxor %xmm0,%xmm3
-.byte 102,15,58,68,194,0
-.byte 102,15,58,68,202,17
-.byte 102,15,58,68,222,0
+ pclmulqdq $0x00,%xmm2,%xmm0
+ pclmulqdq $0x11,%xmm2,%xmm1
+ pclmulqdq $0x00,%xmm6,%xmm3
pxor %xmm0,%xmm3
pxor %xmm1,%xmm3
@@ -121,9 +121,9 @@
movdqa %xmm0,%xmm1
pshufd $78,%xmm0,%xmm3
pxor %xmm0,%xmm3
-.byte 102,15,58,68,194,0
-.byte 102,15,58,68,202,17
-.byte 102,15,58,68,222,0
+ pclmulqdq $0x00,%xmm2,%xmm0
+ pclmulqdq $0x11,%xmm2,%xmm1
+ pclmulqdq $0x00,%xmm6,%xmm3
pxor %xmm0,%xmm3
pxor %xmm1,%xmm3
@@ -161,7 +161,7 @@
movdqu %xmm5,48(%rdi)
pxor %xmm0,%xmm4
movdqu %xmm0,64(%rdi)
-.byte 102,15,58,15,227,8
+ palignr $8,%xmm3,%xmm4
movdqu %xmm4,80(%rdi)
ret
@@ -179,13 +179,13 @@
movdqa L$bswap_mask(%rip),%xmm5
movdqu (%rsi),%xmm2
movdqu 32(%rsi),%xmm4
-.byte 102,15,56,0,197
+ pshufb %xmm5,%xmm0
movdqa %xmm0,%xmm1
pshufd $78,%xmm0,%xmm3
pxor %xmm0,%xmm3
-.byte 102,15,58,68,194,0
-.byte 102,15,58,68,202,17
-.byte 102,15,58,68,220,0
+ pclmulqdq $0x00,%xmm2,%xmm0
+ pclmulqdq $0x11,%xmm2,%xmm1
+ pclmulqdq $0x00,%xmm4,%xmm3
pxor %xmm0,%xmm3
pxor %xmm1,%xmm3
@@ -217,7 +217,7 @@
pxor %xmm4,%xmm0
psrlq $1,%xmm0
pxor %xmm1,%xmm0
-.byte 102,15,56,0,197
+ pshufb %xmm5,%xmm0
movdqu %xmm0,(%rdi)
ret
@@ -236,7 +236,7 @@
movdqu (%rdi),%xmm0
movdqu (%rsi),%xmm2
movdqu 32(%rsi),%xmm7
-.byte 102,65,15,56,0,194
+ pshufb %xmm10,%xmm0
subq $0x10,%rcx
jz L$odd_tail
@@ -255,21 +255,21 @@
movdqu 48(%rdx),%xmm3
movdqu 32(%rdx),%xmm11
-.byte 102,65,15,56,0,218
-.byte 102,69,15,56,0,218
+ pshufb %xmm10,%xmm3
+ pshufb %xmm10,%xmm11
movdqa %xmm3,%xmm5
pshufd $78,%xmm3,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,68,218,0
-.byte 102,15,58,68,234,17
-.byte 102,15,58,68,231,0
+ pclmulqdq $0x00,%xmm2,%xmm3
+ pclmulqdq $0x11,%xmm2,%xmm5
+ pclmulqdq $0x00,%xmm7,%xmm4
movdqa %xmm11,%xmm13
pshufd $78,%xmm11,%xmm12
pxor %xmm11,%xmm12
-.byte 102,68,15,58,68,222,0
-.byte 102,68,15,58,68,238,17
-.byte 102,68,15,58,68,231,16
+ pclmulqdq $0x00,%xmm6,%xmm11
+ pclmulqdq $0x11,%xmm6,%xmm13
+ pclmulqdq $0x10,%xmm7,%xmm12
xorps %xmm11,%xmm3
xorps %xmm13,%xmm5
movups 80(%rsi),%xmm7
@@ -277,18 +277,18 @@
movdqu 16(%rdx),%xmm11
movdqu 0(%rdx),%xmm8
-.byte 102,69,15,56,0,218
-.byte 102,69,15,56,0,194
+ pshufb %xmm10,%xmm11
+ pshufb %xmm10,%xmm8
movdqa %xmm11,%xmm13
pshufd $78,%xmm11,%xmm12
pxor %xmm8,%xmm0
pxor %xmm11,%xmm12
-.byte 102,69,15,58,68,222,0
+ pclmulqdq $0x00,%xmm14,%xmm11
movdqa %xmm0,%xmm1
pshufd $78,%xmm0,%xmm8
pxor %xmm0,%xmm8
-.byte 102,69,15,58,68,238,17
-.byte 102,68,15,58,68,231,0
+ pclmulqdq $0x11,%xmm14,%xmm13
+ pclmulqdq $0x00,%xmm7,%xmm12
xorps %xmm11,%xmm3
xorps %xmm13,%xmm5
@@ -299,22 +299,22 @@
jmp L$mod4_loop
.p2align 5
L$mod4_loop:
-.byte 102,65,15,58,68,199,0
+ pclmulqdq $0x00,%xmm15,%xmm0
xorps %xmm12,%xmm4
movdqu 48(%rdx),%xmm11
-.byte 102,69,15,56,0,218
-.byte 102,65,15,58,68,207,17
+ pshufb %xmm10,%xmm11
+ pclmulqdq $0x11,%xmm15,%xmm1
xorps %xmm3,%xmm0
movdqu 32(%rdx),%xmm3
movdqa %xmm11,%xmm13
-.byte 102,68,15,58,68,199,16
+ pclmulqdq $0x10,%xmm7,%xmm8
pshufd $78,%xmm11,%xmm12
xorps %xmm5,%xmm1
pxor %xmm11,%xmm12
-.byte 102,65,15,56,0,218
+ pshufb %xmm10,%xmm3
movups 32(%rsi),%xmm7
xorps %xmm4,%xmm8
-.byte 102,68,15,58,68,218,0
+ pclmulqdq $0x00,%xmm2,%xmm11
pshufd $78,%xmm3,%xmm4
pxor %xmm0,%xmm8
@@ -322,22 +322,22 @@
pxor %xmm1,%xmm8
pxor %xmm3,%xmm4
movdqa %xmm8,%xmm9
-.byte 102,68,15,58,68,234,17
+ pclmulqdq $0x11,%xmm2,%xmm13
pslldq $8,%xmm8
psrldq $8,%xmm9
pxor %xmm8,%xmm0
movdqa L$7_mask(%rip),%xmm8
pxor %xmm9,%xmm1
-.byte 102,76,15,110,200
+ movq %rax,%xmm9
pand %xmm0,%xmm8
-.byte 102,69,15,56,0,200
+ pshufb %xmm8,%xmm9
pxor %xmm0,%xmm9
-.byte 102,68,15,58,68,231,0
+ pclmulqdq $0x00,%xmm7,%xmm12
psllq $57,%xmm9
movdqa %xmm9,%xmm8
pslldq $8,%xmm9
-.byte 102,15,58,68,222,0
+ pclmulqdq $0x00,%xmm6,%xmm3
psrldq $8,%xmm8
pxor %xmm9,%xmm0
pxor %xmm8,%xmm1
@@ -345,14 +345,14 @@
movdqa %xmm0,%xmm9
psrlq $1,%xmm0
-.byte 102,15,58,68,238,17
+ pclmulqdq $0x11,%xmm6,%xmm5
xorps %xmm11,%xmm3
movdqu 16(%rdx),%xmm11
-.byte 102,69,15,56,0,218
-.byte 102,15,58,68,231,16
+ pshufb %xmm10,%xmm11
+ pclmulqdq $0x10,%xmm7,%xmm4
xorps %xmm13,%xmm5
movups 80(%rsi),%xmm7
-.byte 102,69,15,56,0,194
+ pshufb %xmm10,%xmm8
pxor %xmm9,%xmm1
pxor %xmm0,%xmm9
psrlq $5,%xmm0
@@ -363,16 +363,16 @@
pxor %xmm9,%xmm0
pxor %xmm8,%xmm1
pxor %xmm11,%xmm12
-.byte 102,69,15,58,68,222,0
+ pclmulqdq $0x00,%xmm14,%xmm11
psrlq $1,%xmm0
pxor %xmm1,%xmm0
movdqa %xmm0,%xmm1
-.byte 102,69,15,58,68,238,17
+ pclmulqdq $0x11,%xmm14,%xmm13
xorps %xmm11,%xmm3
pshufd $78,%xmm0,%xmm8
pxor %xmm0,%xmm8
-.byte 102,68,15,58,68,231,0
+ pclmulqdq $0x00,%xmm7,%xmm12
xorps %xmm13,%xmm5
leaq 64(%rdx),%rdx
@@ -380,9 +380,9 @@
jnc L$mod4_loop
L$tail4x:
-.byte 102,65,15,58,68,199,0
-.byte 102,65,15,58,68,207,17
-.byte 102,68,15,58,68,199,16
+ pclmulqdq $0x00,%xmm15,%xmm0
+ pclmulqdq $0x11,%xmm15,%xmm1
+ pclmulqdq $0x10,%xmm7,%xmm8
xorps %xmm12,%xmm4
xorps %xmm3,%xmm0
xorps %xmm5,%xmm1
@@ -433,16 +433,16 @@
movdqu (%rdx),%xmm8
movdqu 16(%rdx),%xmm3
-.byte 102,69,15,56,0,194
-.byte 102,65,15,56,0,218
+ pshufb %xmm10,%xmm8
+ pshufb %xmm10,%xmm3
pxor %xmm8,%xmm0
movdqa %xmm3,%xmm5
pshufd $78,%xmm3,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,68,218,0
-.byte 102,15,58,68,234,17
-.byte 102,15,58,68,231,0
+ pclmulqdq $0x00,%xmm2,%xmm3
+ pclmulqdq $0x11,%xmm2,%xmm5
+ pclmulqdq $0x00,%xmm7,%xmm4
leaq 32(%rdx),%rdx
nop
@@ -458,21 +458,21 @@
pshufd $78,%xmm0,%xmm4
pxor %xmm0,%xmm4
-.byte 102,15,58,68,198,0
-.byte 102,15,58,68,206,17
-.byte 102,15,58,68,231,16
+ pclmulqdq $0x00,%xmm6,%xmm0
+ pclmulqdq $0x11,%xmm6,%xmm1
+ pclmulqdq $0x10,%xmm7,%xmm4
pxor %xmm3,%xmm0
pxor %xmm5,%xmm1
movdqu (%rdx),%xmm9
pxor %xmm0,%xmm8
-.byte 102,69,15,56,0,202
+ pshufb %xmm10,%xmm9
movdqu 16(%rdx),%xmm3
pxor %xmm1,%xmm8
pxor %xmm9,%xmm1
pxor %xmm8,%xmm4
-.byte 102,65,15,56,0,218
+ pshufb %xmm10,%xmm3
movdqa %xmm4,%xmm8
psrldq $8,%xmm8
pslldq $8,%xmm4
@@ -485,7 +485,7 @@
movdqa %xmm0,%xmm8
psllq $5,%xmm0
pxor %xmm0,%xmm8
-.byte 102,15,58,68,218,0
+ pclmulqdq $0x00,%xmm2,%xmm3
psllq $1,%xmm0
pxor %xmm8,%xmm0
psllq $57,%xmm0
@@ -499,14 +499,14 @@
movdqa %xmm0,%xmm9
psrlq $1,%xmm0
-.byte 102,15,58,68,234,17
+ pclmulqdq $0x11,%xmm2,%xmm5
pxor %xmm9,%xmm1
pxor %xmm0,%xmm9
psrlq $5,%xmm0
pxor %xmm9,%xmm0
leaq 32(%rdx),%rdx
psrlq $1,%xmm0
-.byte 102,15,58,68,231,0
+ pclmulqdq $0x00,%xmm7,%xmm4
pxor %xmm1,%xmm0
subq $0x20,%rcx
@@ -518,9 +518,9 @@
pshufd $78,%xmm0,%xmm4
pxor %xmm0,%xmm4
-.byte 102,15,58,68,198,0
-.byte 102,15,58,68,206,17
-.byte 102,15,58,68,231,16
+ pclmulqdq $0x00,%xmm6,%xmm0
+ pclmulqdq $0x11,%xmm6,%xmm1
+ pclmulqdq $0x10,%xmm7,%xmm4
pxor %xmm3,%xmm0
pxor %xmm5,%xmm1
@@ -560,14 +560,14 @@
L$odd_tail:
movdqu (%rdx),%xmm8
-.byte 102,69,15,56,0,194
+ pshufb %xmm10,%xmm8
pxor %xmm8,%xmm0
movdqa %xmm0,%xmm1
pshufd $78,%xmm0,%xmm3
pxor %xmm0,%xmm3
-.byte 102,15,58,68,194,0
-.byte 102,15,58,68,202,17
-.byte 102,15,58,68,223,0
+ pclmulqdq $0x00,%xmm2,%xmm0
+ pclmulqdq $0x11,%xmm2,%xmm1
+ pclmulqdq $0x00,%xmm7,%xmm3
pxor %xmm0,%xmm3
pxor %xmm1,%xmm3
@@ -600,7 +600,7 @@
psrlq $1,%xmm0
pxor %xmm1,%xmm0
L$done:
-.byte 102,65,15,56,0,194
+ pshufb %xmm10,%xmm0
movdqu %xmm0,(%rdi)
ret
diff --git a/src/gen/bcm/ghash-x86_64-linux.S b/src/gen/bcm/ghash-x86_64-linux.S
index e00bb9f..f1ffcb8 100644
--- a/src/gen/bcm/ghash-x86_64-linux.S
+++ b/src/gen/bcm/ghash-x86_64-linux.S
@@ -38,9 +38,9 @@
movdqa %xmm0,%xmm1
pshufd $78,%xmm0,%xmm3
pxor %xmm0,%xmm3
-.byte 102,15,58,68,194,0
-.byte 102,15,58,68,202,17
-.byte 102,15,58,68,222,0
+ pclmulqdq $0x00,%xmm2,%xmm0
+ pclmulqdq $0x11,%xmm2,%xmm1
+ pclmulqdq $0x00,%xmm6,%xmm3
pxor %xmm0,%xmm3
pxor %xmm1,%xmm3
@@ -78,14 +78,14 @@
movdqu %xmm2,0(%rdi)
pxor %xmm0,%xmm4
movdqu %xmm0,16(%rdi)
-.byte 102,15,58,15,227,8
+ palignr $8,%xmm3,%xmm4
movdqu %xmm4,32(%rdi)
movdqa %xmm0,%xmm1
pshufd $78,%xmm0,%xmm3
pxor %xmm0,%xmm3
-.byte 102,15,58,68,194,0
-.byte 102,15,58,68,202,17
-.byte 102,15,58,68,222,0
+ pclmulqdq $0x00,%xmm2,%xmm0
+ pclmulqdq $0x11,%xmm2,%xmm1
+ pclmulqdq $0x00,%xmm6,%xmm3
pxor %xmm0,%xmm3
pxor %xmm1,%xmm3
@@ -121,9 +121,9 @@
movdqa %xmm0,%xmm1
pshufd $78,%xmm0,%xmm3
pxor %xmm0,%xmm3
-.byte 102,15,58,68,194,0
-.byte 102,15,58,68,202,17
-.byte 102,15,58,68,222,0
+ pclmulqdq $0x00,%xmm2,%xmm0
+ pclmulqdq $0x11,%xmm2,%xmm1
+ pclmulqdq $0x00,%xmm6,%xmm3
pxor %xmm0,%xmm3
pxor %xmm1,%xmm3
@@ -161,7 +161,7 @@
movdqu %xmm5,48(%rdi)
pxor %xmm0,%xmm4
movdqu %xmm0,64(%rdi)
-.byte 102,15,58,15,227,8
+ palignr $8,%xmm3,%xmm4
movdqu %xmm4,80(%rdi)
ret
.cfi_endproc
@@ -179,13 +179,13 @@
movdqa .Lbswap_mask(%rip),%xmm5
movdqu (%rsi),%xmm2
movdqu 32(%rsi),%xmm4
-.byte 102,15,56,0,197
+ pshufb %xmm5,%xmm0
movdqa %xmm0,%xmm1
pshufd $78,%xmm0,%xmm3
pxor %xmm0,%xmm3
-.byte 102,15,58,68,194,0
-.byte 102,15,58,68,202,17
-.byte 102,15,58,68,220,0
+ pclmulqdq $0x00,%xmm2,%xmm0
+ pclmulqdq $0x11,%xmm2,%xmm1
+ pclmulqdq $0x00,%xmm4,%xmm3
pxor %xmm0,%xmm3
pxor %xmm1,%xmm3
@@ -217,7 +217,7 @@
pxor %xmm4,%xmm0
psrlq $1,%xmm0
pxor %xmm1,%xmm0
-.byte 102,15,56,0,197
+ pshufb %xmm5,%xmm0
movdqu %xmm0,(%rdi)
ret
.cfi_endproc
@@ -236,7 +236,7 @@
movdqu (%rdi),%xmm0
movdqu (%rsi),%xmm2
movdqu 32(%rsi),%xmm7
-.byte 102,65,15,56,0,194
+ pshufb %xmm10,%xmm0
subq $0x10,%rcx
jz .Lodd_tail
@@ -255,21 +255,21 @@
movdqu 48(%rdx),%xmm3
movdqu 32(%rdx),%xmm11
-.byte 102,65,15,56,0,218
-.byte 102,69,15,56,0,218
+ pshufb %xmm10,%xmm3
+ pshufb %xmm10,%xmm11
movdqa %xmm3,%xmm5
pshufd $78,%xmm3,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,68,218,0
-.byte 102,15,58,68,234,17
-.byte 102,15,58,68,231,0
+ pclmulqdq $0x00,%xmm2,%xmm3
+ pclmulqdq $0x11,%xmm2,%xmm5
+ pclmulqdq $0x00,%xmm7,%xmm4
movdqa %xmm11,%xmm13
pshufd $78,%xmm11,%xmm12
pxor %xmm11,%xmm12
-.byte 102,68,15,58,68,222,0
-.byte 102,68,15,58,68,238,17
-.byte 102,68,15,58,68,231,16
+ pclmulqdq $0x00,%xmm6,%xmm11
+ pclmulqdq $0x11,%xmm6,%xmm13
+ pclmulqdq $0x10,%xmm7,%xmm12
xorps %xmm11,%xmm3
xorps %xmm13,%xmm5
movups 80(%rsi),%xmm7
@@ -277,18 +277,18 @@
movdqu 16(%rdx),%xmm11
movdqu 0(%rdx),%xmm8
-.byte 102,69,15,56,0,218
-.byte 102,69,15,56,0,194
+ pshufb %xmm10,%xmm11
+ pshufb %xmm10,%xmm8
movdqa %xmm11,%xmm13
pshufd $78,%xmm11,%xmm12
pxor %xmm8,%xmm0
pxor %xmm11,%xmm12
-.byte 102,69,15,58,68,222,0
+ pclmulqdq $0x00,%xmm14,%xmm11
movdqa %xmm0,%xmm1
pshufd $78,%xmm0,%xmm8
pxor %xmm0,%xmm8
-.byte 102,69,15,58,68,238,17
-.byte 102,68,15,58,68,231,0
+ pclmulqdq $0x11,%xmm14,%xmm13
+ pclmulqdq $0x00,%xmm7,%xmm12
xorps %xmm11,%xmm3
xorps %xmm13,%xmm5
@@ -299,22 +299,22 @@
jmp .Lmod4_loop
.align 32
.Lmod4_loop:
-.byte 102,65,15,58,68,199,0
+ pclmulqdq $0x00,%xmm15,%xmm0
xorps %xmm12,%xmm4
movdqu 48(%rdx),%xmm11
-.byte 102,69,15,56,0,218
-.byte 102,65,15,58,68,207,17
+ pshufb %xmm10,%xmm11
+ pclmulqdq $0x11,%xmm15,%xmm1
xorps %xmm3,%xmm0
movdqu 32(%rdx),%xmm3
movdqa %xmm11,%xmm13
-.byte 102,68,15,58,68,199,16
+ pclmulqdq $0x10,%xmm7,%xmm8
pshufd $78,%xmm11,%xmm12
xorps %xmm5,%xmm1
pxor %xmm11,%xmm12
-.byte 102,65,15,56,0,218
+ pshufb %xmm10,%xmm3
movups 32(%rsi),%xmm7
xorps %xmm4,%xmm8
-.byte 102,68,15,58,68,218,0
+ pclmulqdq $0x00,%xmm2,%xmm11
pshufd $78,%xmm3,%xmm4
pxor %xmm0,%xmm8
@@ -322,22 +322,22 @@
pxor %xmm1,%xmm8
pxor %xmm3,%xmm4
movdqa %xmm8,%xmm9
-.byte 102,68,15,58,68,234,17
+ pclmulqdq $0x11,%xmm2,%xmm13
pslldq $8,%xmm8
psrldq $8,%xmm9
pxor %xmm8,%xmm0
movdqa .L7_mask(%rip),%xmm8
pxor %xmm9,%xmm1
-.byte 102,76,15,110,200
+ movq %rax,%xmm9
pand %xmm0,%xmm8
-.byte 102,69,15,56,0,200
+ pshufb %xmm8,%xmm9
pxor %xmm0,%xmm9
-.byte 102,68,15,58,68,231,0
+ pclmulqdq $0x00,%xmm7,%xmm12
psllq $57,%xmm9
movdqa %xmm9,%xmm8
pslldq $8,%xmm9
-.byte 102,15,58,68,222,0
+ pclmulqdq $0x00,%xmm6,%xmm3
psrldq $8,%xmm8
pxor %xmm9,%xmm0
pxor %xmm8,%xmm1
@@ -345,14 +345,14 @@
movdqa %xmm0,%xmm9
psrlq $1,%xmm0
-.byte 102,15,58,68,238,17
+ pclmulqdq $0x11,%xmm6,%xmm5
xorps %xmm11,%xmm3
movdqu 16(%rdx),%xmm11
-.byte 102,69,15,56,0,218
-.byte 102,15,58,68,231,16
+ pshufb %xmm10,%xmm11
+ pclmulqdq $0x10,%xmm7,%xmm4
xorps %xmm13,%xmm5
movups 80(%rsi),%xmm7
-.byte 102,69,15,56,0,194
+ pshufb %xmm10,%xmm8
pxor %xmm9,%xmm1
pxor %xmm0,%xmm9
psrlq $5,%xmm0
@@ -363,16 +363,16 @@
pxor %xmm9,%xmm0
pxor %xmm8,%xmm1
pxor %xmm11,%xmm12
-.byte 102,69,15,58,68,222,0
+ pclmulqdq $0x00,%xmm14,%xmm11
psrlq $1,%xmm0
pxor %xmm1,%xmm0
movdqa %xmm0,%xmm1
-.byte 102,69,15,58,68,238,17
+ pclmulqdq $0x11,%xmm14,%xmm13
xorps %xmm11,%xmm3
pshufd $78,%xmm0,%xmm8
pxor %xmm0,%xmm8
-.byte 102,68,15,58,68,231,0
+ pclmulqdq $0x00,%xmm7,%xmm12
xorps %xmm13,%xmm5
leaq 64(%rdx),%rdx
@@ -380,9 +380,9 @@
jnc .Lmod4_loop
.Ltail4x:
-.byte 102,65,15,58,68,199,0
-.byte 102,65,15,58,68,207,17
-.byte 102,68,15,58,68,199,16
+ pclmulqdq $0x00,%xmm15,%xmm0
+ pclmulqdq $0x11,%xmm15,%xmm1
+ pclmulqdq $0x10,%xmm7,%xmm8
xorps %xmm12,%xmm4
xorps %xmm3,%xmm0
xorps %xmm5,%xmm1
@@ -433,16 +433,16 @@
movdqu (%rdx),%xmm8
movdqu 16(%rdx),%xmm3
-.byte 102,69,15,56,0,194
-.byte 102,65,15,56,0,218
+ pshufb %xmm10,%xmm8
+ pshufb %xmm10,%xmm3
pxor %xmm8,%xmm0
movdqa %xmm3,%xmm5
pshufd $78,%xmm3,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,68,218,0
-.byte 102,15,58,68,234,17
-.byte 102,15,58,68,231,0
+ pclmulqdq $0x00,%xmm2,%xmm3
+ pclmulqdq $0x11,%xmm2,%xmm5
+ pclmulqdq $0x00,%xmm7,%xmm4
leaq 32(%rdx),%rdx
nop
@@ -458,21 +458,21 @@
pshufd $78,%xmm0,%xmm4
pxor %xmm0,%xmm4
-.byte 102,15,58,68,198,0
-.byte 102,15,58,68,206,17
-.byte 102,15,58,68,231,16
+ pclmulqdq $0x00,%xmm6,%xmm0
+ pclmulqdq $0x11,%xmm6,%xmm1
+ pclmulqdq $0x10,%xmm7,%xmm4
pxor %xmm3,%xmm0
pxor %xmm5,%xmm1
movdqu (%rdx),%xmm9
pxor %xmm0,%xmm8
-.byte 102,69,15,56,0,202
+ pshufb %xmm10,%xmm9
movdqu 16(%rdx),%xmm3
pxor %xmm1,%xmm8
pxor %xmm9,%xmm1
pxor %xmm8,%xmm4
-.byte 102,65,15,56,0,218
+ pshufb %xmm10,%xmm3
movdqa %xmm4,%xmm8
psrldq $8,%xmm8
pslldq $8,%xmm4
@@ -485,7 +485,7 @@
movdqa %xmm0,%xmm8
psllq $5,%xmm0
pxor %xmm0,%xmm8
-.byte 102,15,58,68,218,0
+ pclmulqdq $0x00,%xmm2,%xmm3
psllq $1,%xmm0
pxor %xmm8,%xmm0
psllq $57,%xmm0
@@ -499,14 +499,14 @@
movdqa %xmm0,%xmm9
psrlq $1,%xmm0
-.byte 102,15,58,68,234,17
+ pclmulqdq $0x11,%xmm2,%xmm5
pxor %xmm9,%xmm1
pxor %xmm0,%xmm9
psrlq $5,%xmm0
pxor %xmm9,%xmm0
leaq 32(%rdx),%rdx
psrlq $1,%xmm0
-.byte 102,15,58,68,231,0
+ pclmulqdq $0x00,%xmm7,%xmm4
pxor %xmm1,%xmm0
subq $0x20,%rcx
@@ -518,9 +518,9 @@
pshufd $78,%xmm0,%xmm4
pxor %xmm0,%xmm4
-.byte 102,15,58,68,198,0
-.byte 102,15,58,68,206,17
-.byte 102,15,58,68,231,16
+ pclmulqdq $0x00,%xmm6,%xmm0
+ pclmulqdq $0x11,%xmm6,%xmm1
+ pclmulqdq $0x10,%xmm7,%xmm4
pxor %xmm3,%xmm0
pxor %xmm5,%xmm1
@@ -560,14 +560,14 @@
.Lodd_tail:
movdqu (%rdx),%xmm8
-.byte 102,69,15,56,0,194
+ pshufb %xmm10,%xmm8
pxor %xmm8,%xmm0
movdqa %xmm0,%xmm1
pshufd $78,%xmm0,%xmm3
pxor %xmm0,%xmm3
-.byte 102,15,58,68,194,0
-.byte 102,15,58,68,202,17
-.byte 102,15,58,68,223,0
+ pclmulqdq $0x00,%xmm2,%xmm0
+ pclmulqdq $0x11,%xmm2,%xmm1
+ pclmulqdq $0x00,%xmm7,%xmm3
pxor %xmm0,%xmm3
pxor %xmm1,%xmm3
@@ -600,7 +600,7 @@
psrlq $1,%xmm0
pxor %xmm1,%xmm0
.Ldone:
-.byte 102,65,15,56,0,194
+ pshufb %xmm10,%xmm0
movdqu %xmm0,(%rdi)
ret
.cfi_endproc
diff --git a/src/gen/bcm/ghash-x86_64-win.asm b/src/gen/bcm/ghash-x86_64-win.asm
index b5416b3..5cfb844 100644
--- a/src/gen/bcm/ghash-x86_64-win.asm
+++ b/src/gen/bcm/ghash-x86_64-win.asm
@@ -50,9 +50,9 @@
movdqa xmm1,xmm0
pshufd xmm3,xmm0,78
pxor xmm3,xmm0
-DB 102,15,58,68,194,0
-DB 102,15,58,68,202,17
-DB 102,15,58,68,222,0
+ pclmulqdq xmm0,xmm2,0x00
+ pclmulqdq xmm1,xmm2,0x11
+ pclmulqdq xmm3,xmm6,0x00
pxor xmm3,xmm0
pxor xmm3,xmm1
@@ -90,14 +90,14 @@
movdqu XMMWORD[rcx],xmm2
pxor xmm4,xmm0
movdqu XMMWORD[16+rcx],xmm0
-DB 102,15,58,15,227,8
+ palignr xmm4,xmm3,8
movdqu XMMWORD[32+rcx],xmm4
movdqa xmm1,xmm0
pshufd xmm3,xmm0,78
pxor xmm3,xmm0
-DB 102,15,58,68,194,0
-DB 102,15,58,68,202,17
-DB 102,15,58,68,222,0
+ pclmulqdq xmm0,xmm2,0x00
+ pclmulqdq xmm1,xmm2,0x11
+ pclmulqdq xmm3,xmm6,0x00
pxor xmm3,xmm0
pxor xmm3,xmm1
@@ -133,9 +133,9 @@
movdqa xmm1,xmm0
pshufd xmm3,xmm0,78
pxor xmm3,xmm0
-DB 102,15,58,68,194,0
-DB 102,15,58,68,202,17
-DB 102,15,58,68,222,0
+ pclmulqdq xmm0,xmm2,0x00
+ pclmulqdq xmm1,xmm2,0x11
+ pclmulqdq xmm3,xmm6,0x00
pxor xmm3,xmm0
pxor xmm3,xmm1
@@ -173,7 +173,7 @@
movdqu XMMWORD[48+rcx],xmm5
pxor xmm4,xmm0
movdqu XMMWORD[64+rcx],xmm0
-DB 102,15,58,15,227,8
+ palignr xmm4,xmm3,8
movdqu XMMWORD[80+rcx],xmm4
movaps xmm6,XMMWORD[rsp]
lea rsp,[24+rsp]
@@ -192,13 +192,13 @@
movdqa xmm5,XMMWORD[$L$bswap_mask]
movdqu xmm2,XMMWORD[rdx]
movdqu xmm4,XMMWORD[32+rdx]
-DB 102,15,56,0,197
+ pshufb xmm0,xmm5
movdqa xmm1,xmm0
pshufd xmm3,xmm0,78
pxor xmm3,xmm0
-DB 102,15,58,68,194,0
-DB 102,15,58,68,202,17
-DB 102,15,58,68,220,0
+ pclmulqdq xmm0,xmm2,0x00
+ pclmulqdq xmm1,xmm2,0x11
+ pclmulqdq xmm3,xmm4,0x00
pxor xmm3,xmm0
pxor xmm3,xmm1
@@ -230,7 +230,7 @@
pxor xmm0,xmm4
psrlq xmm0,1
pxor xmm0,xmm1
-DB 102,15,56,0,197
+ pshufb xmm0,xmm5
movdqu XMMWORD[rcx],xmm0
ret
@@ -272,7 +272,7 @@
movdqu xmm0,XMMWORD[rcx]
movdqu xmm2,XMMWORD[rdx]
movdqu xmm7,XMMWORD[32+rdx]
-DB 102,65,15,56,0,194
+ pshufb xmm0,xmm10
sub r9,0x10
jz NEAR $L$odd_tail
@@ -291,21 +291,21 @@
movdqu xmm3,XMMWORD[48+r8]
movdqu xmm11,XMMWORD[32+r8]
-DB 102,65,15,56,0,218
-DB 102,69,15,56,0,218
+ pshufb xmm3,xmm10
+ pshufb xmm11,xmm10
movdqa xmm5,xmm3
pshufd xmm4,xmm3,78
pxor xmm4,xmm3
-DB 102,15,58,68,218,0
-DB 102,15,58,68,234,17
-DB 102,15,58,68,231,0
+ pclmulqdq xmm3,xmm2,0x00
+ pclmulqdq xmm5,xmm2,0x11
+ pclmulqdq xmm4,xmm7,0x00
movdqa xmm13,xmm11
pshufd xmm12,xmm11,78
pxor xmm12,xmm11
-DB 102,68,15,58,68,222,0
-DB 102,68,15,58,68,238,17
-DB 102,68,15,58,68,231,16
+ pclmulqdq xmm11,xmm6,0x00
+ pclmulqdq xmm13,xmm6,0x11
+ pclmulqdq xmm12,xmm7,0x10
xorps xmm3,xmm11
xorps xmm5,xmm13
movups xmm7,XMMWORD[80+rdx]
@@ -313,18 +313,18 @@
movdqu xmm11,XMMWORD[16+r8]
movdqu xmm8,XMMWORD[r8]
-DB 102,69,15,56,0,218
-DB 102,69,15,56,0,194
+ pshufb xmm11,xmm10
+ pshufb xmm8,xmm10
movdqa xmm13,xmm11
pshufd xmm12,xmm11,78
pxor xmm0,xmm8
pxor xmm12,xmm11
-DB 102,69,15,58,68,222,0
+ pclmulqdq xmm11,xmm14,0x00
movdqa xmm1,xmm0
pshufd xmm8,xmm0,78
pxor xmm8,xmm0
-DB 102,69,15,58,68,238,17
-DB 102,68,15,58,68,231,0
+ pclmulqdq xmm13,xmm14,0x11
+ pclmulqdq xmm12,xmm7,0x00
xorps xmm3,xmm11
xorps xmm5,xmm13
@@ -335,22 +335,22 @@
jmp NEAR $L$mod4_loop
ALIGN 32
$L$mod4_loop:
-DB 102,65,15,58,68,199,0
+ pclmulqdq xmm0,xmm15,0x00
xorps xmm4,xmm12
movdqu xmm11,XMMWORD[48+r8]
-DB 102,69,15,56,0,218
-DB 102,65,15,58,68,207,17
+ pshufb xmm11,xmm10
+ pclmulqdq xmm1,xmm15,0x11
xorps xmm0,xmm3
movdqu xmm3,XMMWORD[32+r8]
movdqa xmm13,xmm11
-DB 102,68,15,58,68,199,16
+ pclmulqdq xmm8,xmm7,0x10
pshufd xmm12,xmm11,78
xorps xmm1,xmm5
pxor xmm12,xmm11
-DB 102,65,15,56,0,218
+ pshufb xmm3,xmm10
movups xmm7,XMMWORD[32+rdx]
xorps xmm8,xmm4
-DB 102,68,15,58,68,218,0
+ pclmulqdq xmm11,xmm2,0x00
pshufd xmm4,xmm3,78
pxor xmm8,xmm0
@@ -358,22 +358,22 @@
pxor xmm8,xmm1
pxor xmm4,xmm3
movdqa xmm9,xmm8
-DB 102,68,15,58,68,234,17
+ pclmulqdq xmm13,xmm2,0x11
pslldq xmm8,8
psrldq xmm9,8
pxor xmm0,xmm8
movdqa xmm8,XMMWORD[$L$7_mask]
pxor xmm1,xmm9
-DB 102,76,15,110,200
+ movq xmm9,rax
pand xmm8,xmm0
-DB 102,69,15,56,0,200
+ pshufb xmm9,xmm8
pxor xmm9,xmm0
-DB 102,68,15,58,68,231,0
+ pclmulqdq xmm12,xmm7,0x00
psllq xmm9,57
movdqa xmm8,xmm9
pslldq xmm9,8
-DB 102,15,58,68,222,0
+ pclmulqdq xmm3,xmm6,0x00
psrldq xmm8,8
pxor xmm0,xmm9
pxor xmm1,xmm8
@@ -381,14 +381,14 @@
movdqa xmm9,xmm0
psrlq xmm0,1
-DB 102,15,58,68,238,17
+ pclmulqdq xmm5,xmm6,0x11
xorps xmm3,xmm11
movdqu xmm11,XMMWORD[16+r8]
-DB 102,69,15,56,0,218
-DB 102,15,58,68,231,16
+ pshufb xmm11,xmm10
+ pclmulqdq xmm4,xmm7,0x10
xorps xmm5,xmm13
movups xmm7,XMMWORD[80+rdx]
-DB 102,69,15,56,0,194
+ pshufb xmm8,xmm10
pxor xmm1,xmm9
pxor xmm9,xmm0
psrlq xmm0,5
@@ -399,16 +399,16 @@
pxor xmm0,xmm9
pxor xmm1,xmm8
pxor xmm12,xmm11
-DB 102,69,15,58,68,222,0
+ pclmulqdq xmm11,xmm14,0x00
psrlq xmm0,1
pxor xmm0,xmm1
movdqa xmm1,xmm0
-DB 102,69,15,58,68,238,17
+ pclmulqdq xmm13,xmm14,0x11
xorps xmm3,xmm11
pshufd xmm8,xmm0,78
pxor xmm8,xmm0
-DB 102,68,15,58,68,231,0
+ pclmulqdq xmm12,xmm7,0x00
xorps xmm5,xmm13
lea r8,[64+r8]
@@ -416,9 +416,9 @@
jnc NEAR $L$mod4_loop
$L$tail4x:
-DB 102,65,15,58,68,199,0
-DB 102,65,15,58,68,207,17
-DB 102,68,15,58,68,199,16
+ pclmulqdq xmm0,xmm15,0x00
+ pclmulqdq xmm1,xmm15,0x11
+ pclmulqdq xmm8,xmm7,0x10
xorps xmm4,xmm12
xorps xmm0,xmm3
xorps xmm1,xmm5
@@ -469,16 +469,16 @@
movdqu xmm8,XMMWORD[r8]
movdqu xmm3,XMMWORD[16+r8]
-DB 102,69,15,56,0,194
-DB 102,65,15,56,0,218
+ pshufb xmm8,xmm10
+ pshufb xmm3,xmm10
pxor xmm0,xmm8
movdqa xmm5,xmm3
pshufd xmm4,xmm3,78
pxor xmm4,xmm3
-DB 102,15,58,68,218,0
-DB 102,15,58,68,234,17
-DB 102,15,58,68,231,0
+ pclmulqdq xmm3,xmm2,0x00
+ pclmulqdq xmm5,xmm2,0x11
+ pclmulqdq xmm4,xmm7,0x00
lea r8,[32+r8]
nop
@@ -494,21 +494,21 @@
pshufd xmm4,xmm0,78
pxor xmm4,xmm0
-DB 102,15,58,68,198,0
-DB 102,15,58,68,206,17
-DB 102,15,58,68,231,16
+ pclmulqdq xmm0,xmm6,0x00
+ pclmulqdq xmm1,xmm6,0x11
+ pclmulqdq xmm4,xmm7,0x10
pxor xmm0,xmm3
pxor xmm1,xmm5
movdqu xmm9,XMMWORD[r8]
pxor xmm8,xmm0
-DB 102,69,15,56,0,202
+ pshufb xmm9,xmm10
movdqu xmm3,XMMWORD[16+r8]
pxor xmm8,xmm1
pxor xmm1,xmm9
pxor xmm4,xmm8
-DB 102,65,15,56,0,218
+ pshufb xmm3,xmm10
movdqa xmm8,xmm4
psrldq xmm8,8
pslldq xmm4,8
@@ -521,7 +521,7 @@
movdqa xmm8,xmm0
psllq xmm0,5
pxor xmm8,xmm0
-DB 102,15,58,68,218,0
+ pclmulqdq xmm3,xmm2,0x00
psllq xmm0,1
pxor xmm0,xmm8
psllq xmm0,57
@@ -535,14 +535,14 @@
movdqa xmm9,xmm0
psrlq xmm0,1
-DB 102,15,58,68,234,17
+ pclmulqdq xmm5,xmm2,0x11
pxor xmm1,xmm9
pxor xmm9,xmm0
psrlq xmm0,5
pxor xmm0,xmm9
lea r8,[32+r8]
psrlq xmm0,1
-DB 102,15,58,68,231,0
+ pclmulqdq xmm4,xmm7,0x00
pxor xmm0,xmm1
sub r9,0x20
@@ -554,9 +554,9 @@
pshufd xmm4,xmm0,78
pxor xmm4,xmm0
-DB 102,15,58,68,198,0
-DB 102,15,58,68,206,17
-DB 102,15,58,68,231,16
+ pclmulqdq xmm0,xmm6,0x00
+ pclmulqdq xmm1,xmm6,0x11
+ pclmulqdq xmm4,xmm7,0x10
pxor xmm0,xmm3
pxor xmm1,xmm5
@@ -596,14 +596,14 @@
$L$odd_tail:
movdqu xmm8,XMMWORD[r8]
-DB 102,69,15,56,0,194
+ pshufb xmm8,xmm10
pxor xmm0,xmm8
movdqa xmm1,xmm0
pshufd xmm3,xmm0,78
pxor xmm3,xmm0
-DB 102,15,58,68,194,0
-DB 102,15,58,68,202,17
-DB 102,15,58,68,223,0
+ pclmulqdq xmm0,xmm2,0x00
+ pclmulqdq xmm1,xmm2,0x11
+ pclmulqdq xmm3,xmm7,0x00
pxor xmm3,xmm0
pxor xmm3,xmm1
@@ -636,7 +636,7 @@
psrlq xmm0,1
pxor xmm0,xmm1
$L$done:
-DB 102,65,15,56,0,194
+ pshufb xmm0,xmm10
movdqu XMMWORD[rcx],xmm0
movaps xmm6,XMMWORD[rsp]
movaps xmm7,XMMWORD[16+rsp]
diff --git a/src/gen/bcm/p256-x86_64-asm-apple.S b/src/gen/bcm/p256-x86_64-asm-apple.S
index d43fcfc..80ffa01 100644
--- a/src/gen/bcm/p256-x86_64-asm-apple.S
+++ b/src/gen/bcm/p256-x86_64-asm-apple.S
@@ -450,21 +450,21 @@
movq %rax,%rbp
mulq %r8
movq %rax,%r9
-.byte 102,72,15,110,205
+ movq %rbp,%xmm1
movq %r14,%rax
movq %rdx,%r10
mulq %r8
addq %rax,%r10
movq %r15,%rax
-.byte 102,73,15,110,214
+ movq %r14,%xmm2
adcq $0,%rdx
movq %rdx,%r11
mulq %r8
addq %rax,%r11
movq %r15,%rax
-.byte 102,73,15,110,223
+ movq %r15,%xmm3
adcq $0,%rdx
movq %rdx,%r12
@@ -503,20 +503,20 @@
mulq %rax
movq %rax,%r8
-.byte 102,72,15,126,200
+ movq %xmm1,%rax
movq %rdx,%rbp
mulq %rax
addq %rbp,%r9
adcq %rax,%r10
-.byte 102,72,15,126,208
+ movq %xmm2,%rax
adcq $0,%rdx
movq %rdx,%rbp
mulq %rax
addq %rbp,%r11
adcq %rax,%r12
-.byte 102,72,15,126,216
+ movq %xmm3,%rax
adcq $0,%rdx
movq %rdx,%rbp
@@ -977,11 +977,11 @@
mulxq %r14,%r9,%r10
mulxq %r15,%rcx,%r11
movq %rdx,%rax
-.byte 102,73,15,110,206
+ movq %r14,%xmm1
mulxq %r8,%rbp,%r12
movq %r14,%rdx
addq %rcx,%r10
-.byte 102,73,15,110,215
+ movq %r15,%xmm2
adcq %rbp,%r11
adcq $0,%r12
xorq %r13,%r13
@@ -998,7 +998,7 @@
mulxq %r8,%rcx,%r14
movq %rax,%rdx
-.byte 102,73,15,110,216
+ movq %r8,%xmm3
xorq %r15,%r15
adcxq %r9,%r9
adoxq %rcx,%r13
@@ -1007,18 +1007,18 @@
mulxq %rdx,%r8,%rbp
-.byte 102,72,15,126,202
+ movq %xmm1,%rdx
adcxq %r11,%r11
adoxq %rbp,%r9
adcxq %r12,%r12
mulxq %rdx,%rcx,%rax
-.byte 102,72,15,126,210
+ movq %xmm2,%rdx
adcxq %r13,%r13
adoxq %rcx,%r10
adcxq %r14,%r14
mulxq %rdx,%rcx,%rbp
.byte 0x67
-.byte 102,72,15,126,218
+ movq %xmm3,%rdx
adoxq %rax,%r11
adcxq %r15,%r15
adoxq %rcx,%r12
@@ -2462,9 +2462,9 @@
movdqa %xmm1,96+16(%rsp)
leaq 32(%rdi),%r10
leaq 64(%rdi),%r11
-.byte 102,72,15,110,199
-.byte 102,73,15,110,202
-.byte 102,73,15,110,211
+ movq %rdi,%xmm0
+ movq %r10,%xmm1
+ movq %r11,%xmm2
leaq 0(%rsp),%rdi
call __ecp_nistz256_mul_by_2q
@@ -2492,7 +2492,7 @@
movq 64+24(%rbx),%r12
leaq 64-0(%rbx),%rsi
leaq 32(%rbx),%rbx
-.byte 102,72,15,126,215
+ movq %xmm2,%rdi
call __ecp_nistz256_mul_montq
call __ecp_nistz256_mul_by_2q
@@ -2517,7 +2517,7 @@
leaq 0+0(%rsp),%rsi
movq 16+0(%rsp),%r15
movq 24+0(%rsp),%r8
-.byte 102,72,15,126,207
+ movq %xmm1,%rdi
call __ecp_nistz256_sqr_montq
xorq %r9,%r9
movq %r12,%rax
@@ -2592,7 +2592,7 @@
leaq 0+32(%rsp),%rsi
movq 16+32(%rsp),%r15
movq 24+32(%rsp),%r8
-.byte 102,72,15,126,199
+ movq %xmm0,%rdi
call __ecp_nistz256_sqr_montq
leaq 128(%rsp),%rbx
@@ -2625,8 +2625,8 @@
leaq 0(%rsp),%rdi
call __ecp_nistz256_mul_montq
-.byte 102,72,15,126,203
-.byte 102,72,15,126,207
+ movq %xmm1,%rbx
+ movq %xmm1,%rdi
call __ecp_nistz256_sub_fromq
leaq 160+56(%rsp),%rsi
@@ -2708,7 +2708,7 @@
por %xmm4,%xmm5
pxor %xmm4,%xmm4
por %xmm0,%xmm1
-.byte 102,72,15,110,199
+ movq %rdi,%xmm0
leaq 64-0(%rsi),%rsi
movq %rax,544+0(%rsp)
@@ -2731,7 +2731,7 @@
movq 64+8(%rbx),%r14
movq 64+16(%rbx),%r15
movq 64+24(%rbx),%r8
-.byte 102,72,15,110,203
+ movq %rbx,%xmm1
leaq 64-0(%rbx),%rsi
leaq 32(%rsp),%rdi
@@ -2786,7 +2786,7 @@
orq %r8,%r12
orq %r9,%r12
por %xmm5,%xmm2
-.byte 102,73,15,110,220
+ movq %r12,%xmm3
movq 384(%rsp),%rax
leaq 384(%rsp),%rbx
@@ -2816,8 +2816,8 @@
orq %r8,%r12
orq %r9,%r12
-.byte 102,73,15,126,208
-.byte 102,73,15,126,217
+ movq %xmm2,%r8
+ movq %xmm3,%r9
orq %r8,%r12
.byte 0x3e
jnz L$add_proceedq
@@ -2832,7 +2832,7 @@
-.byte 102,72,15,126,199
+ movq %xmm0,%rdi
pxor %xmm0,%xmm0
movdqu %xmm0,0(%rdi)
movdqu %xmm0,16(%rdi)
@@ -2844,8 +2844,8 @@
.p2align 5
L$add_doubleq:
-.byte 102,72,15,126,206
-.byte 102,72,15,126,199
+ movq %xmm1,%rsi
+ movq %xmm0,%rdi
addq $416,%rsp
jmp L$point_double_shortcutq
@@ -2981,7 +2981,7 @@
leaq 320(%rsp),%rdi
call __ecp_nistz256_sub_fromq
-.byte 102,72,15,126,199
+ movq %xmm0,%rdi
movdqa %xmm5,%xmm0
movdqa %xmm5,%xmm1
@@ -3128,7 +3128,7 @@
pshufd $0x1e,%xmm5,%xmm4
movdqa %xmm1,416+16(%rsp)
por %xmm0,%xmm1
-.byte 102,72,15,110,199
+ movq %rdi,%xmm0
movdqa %xmm2,448(%rsp)
movdqa %xmm3,448+16(%rsp)
por %xmm2,%xmm3
@@ -3306,7 +3306,7 @@
leaq 256(%rsp),%rdi
call __ecp_nistz256_sub_fromq
-.byte 102,72,15,126,199
+ movq %xmm0,%rdi
movdqa %xmm5,%xmm0
movdqa %xmm5,%xmm1
@@ -3572,9 +3572,9 @@
movdqa %xmm1,96+16(%rsp)
leaq 32(%rdi),%r10
leaq 64(%rdi),%r11
-.byte 102,72,15,110,199
-.byte 102,73,15,110,202
-.byte 102,73,15,110,211
+ movq %rdi,%xmm0
+ movq %r10,%xmm1
+ movq %r11,%xmm2
leaq 0(%rsp),%rdi
call __ecp_nistz256_mul_by_2x
@@ -3602,7 +3602,7 @@
movq 64+24(%rbx),%r12
leaq 64-128(%rbx),%rsi
leaq 32(%rbx),%rbx
-.byte 102,72,15,126,215
+ movq %xmm2,%rdi
call __ecp_nistz256_mul_montx
call __ecp_nistz256_mul_by_2x
@@ -3627,7 +3627,7 @@
leaq -128+0(%rsp),%rsi
movq 16+0(%rsp),%r15
movq 24+0(%rsp),%r8
-.byte 102,72,15,126,207
+ movq %xmm1,%rdi
call __ecp_nistz256_sqr_montx
xorq %r9,%r9
movq %r12,%rax
@@ -3702,7 +3702,7 @@
leaq -128+32(%rsp),%rsi
movq 16+32(%rsp),%r15
movq 24+32(%rsp),%r8
-.byte 102,72,15,126,199
+ movq %xmm0,%rdi
call __ecp_nistz256_sqr_montx
leaq 128(%rsp),%rbx
@@ -3735,8 +3735,8 @@
leaq 0(%rsp),%rdi
call __ecp_nistz256_mul_montx
-.byte 102,72,15,126,203
-.byte 102,72,15,126,207
+ movq %xmm1,%rbx
+ movq %xmm1,%rdi
call __ecp_nistz256_sub_fromx
leaq 160+56(%rsp),%rsi
@@ -3818,7 +3818,7 @@
por %xmm4,%xmm5
pxor %xmm4,%xmm4
por %xmm0,%xmm1
-.byte 102,72,15,110,199
+ movq %rdi,%xmm0
leaq 64-128(%rsi),%rsi
movq %rdx,544+0(%rsp)
@@ -3841,7 +3841,7 @@
movq 64+8(%rbx),%r14
movq 64+16(%rbx),%r15
movq 64+24(%rbx),%r8
-.byte 102,72,15,110,203
+ movq %rbx,%xmm1
leaq 64-128(%rbx),%rsi
leaq 32(%rsp),%rdi
@@ -3896,7 +3896,7 @@
orq %r8,%r12
orq %r9,%r12
por %xmm5,%xmm2
-.byte 102,73,15,110,220
+ movq %r12,%xmm3
movq 384(%rsp),%rdx
leaq 384(%rsp),%rbx
@@ -3926,8 +3926,8 @@
orq %r8,%r12
orq %r9,%r12
-.byte 102,73,15,126,208
-.byte 102,73,15,126,217
+ movq %xmm2,%r8
+ movq %xmm3,%r9
orq %r8,%r12
.byte 0x3e
jnz L$add_proceedx
@@ -3942,7 +3942,7 @@
-.byte 102,72,15,126,199
+ movq %xmm0,%rdi
pxor %xmm0,%xmm0
movdqu %xmm0,0(%rdi)
movdqu %xmm0,16(%rdi)
@@ -3954,8 +3954,8 @@
.p2align 5
L$add_doublex:
-.byte 102,72,15,126,206
-.byte 102,72,15,126,199
+ movq %xmm1,%rsi
+ movq %xmm0,%rdi
addq $416,%rsp
jmp L$point_double_shortcutx
@@ -4091,7 +4091,7 @@
leaq 320(%rsp),%rdi
call __ecp_nistz256_sub_fromx
-.byte 102,72,15,126,199
+ movq %xmm0,%rdi
movdqa %xmm5,%xmm0
movdqa %xmm5,%xmm1
@@ -4238,7 +4238,7 @@
pshufd $0x1e,%xmm5,%xmm4
movdqa %xmm1,416+16(%rsp)
por %xmm0,%xmm1
-.byte 102,72,15,110,199
+ movq %rdi,%xmm0
movdqa %xmm2,448(%rsp)
movdqa %xmm3,448+16(%rsp)
por %xmm2,%xmm3
@@ -4416,7 +4416,7 @@
leaq 256(%rsp),%rdi
call __ecp_nistz256_sub_fromx
-.byte 102,72,15,126,199
+ movq %xmm0,%rdi
movdqa %xmm5,%xmm0
movdqa %xmm5,%xmm1
diff --git a/src/gen/bcm/p256-x86_64-asm-linux.S b/src/gen/bcm/p256-x86_64-asm-linux.S
index b14ef80..c54d577 100644
--- a/src/gen/bcm/p256-x86_64-asm-linux.S
+++ b/src/gen/bcm/p256-x86_64-asm-linux.S
@@ -464,21 +464,21 @@
movq %rax,%rbp
mulq %r8
movq %rax,%r9
-.byte 102,72,15,110,205
+ movq %rbp,%xmm1
movq %r14,%rax
movq %rdx,%r10
mulq %r8
addq %rax,%r10
movq %r15,%rax
-.byte 102,73,15,110,214
+ movq %r14,%xmm2
adcq $0,%rdx
movq %rdx,%r11
mulq %r8
addq %rax,%r11
movq %r15,%rax
-.byte 102,73,15,110,223
+ movq %r15,%xmm3
adcq $0,%rdx
movq %rdx,%r12
@@ -517,20 +517,20 @@
mulq %rax
movq %rax,%r8
-.byte 102,72,15,126,200
+ movq %xmm1,%rax
movq %rdx,%rbp
mulq %rax
addq %rbp,%r9
adcq %rax,%r10
-.byte 102,72,15,126,208
+ movq %xmm2,%rax
adcq $0,%rdx
movq %rdx,%rbp
mulq %rax
addq %rbp,%r11
adcq %rax,%r12
-.byte 102,72,15,126,216
+ movq %xmm3,%rax
adcq $0,%rdx
movq %rdx,%rbp
@@ -1003,11 +1003,11 @@
mulxq %r14,%r9,%r10
mulxq %r15,%rcx,%r11
movq %rdx,%rax
-.byte 102,73,15,110,206
+ movq %r14,%xmm1
mulxq %r8,%rbp,%r12
movq %r14,%rdx
addq %rcx,%r10
-.byte 102,73,15,110,215
+ movq %r15,%xmm2
adcq %rbp,%r11
adcq $0,%r12
xorq %r13,%r13
@@ -1024,7 +1024,7 @@
mulxq %r8,%rcx,%r14
movq %rax,%rdx
-.byte 102,73,15,110,216
+ movq %r8,%xmm3
xorq %r15,%r15
adcxq %r9,%r9
adoxq %rcx,%r13
@@ -1033,18 +1033,18 @@
mulxq %rdx,%r8,%rbp
-.byte 102,72,15,126,202
+ movq %xmm1,%rdx
adcxq %r11,%r11
adoxq %rbp,%r9
adcxq %r12,%r12
mulxq %rdx,%rcx,%rax
-.byte 102,72,15,126,210
+ movq %xmm2,%rdx
adcxq %r13,%r13
adoxq %rcx,%r10
adcxq %r14,%r14
mulxq %rdx,%rcx,%rbp
.byte 0x67
-.byte 102,72,15,126,218
+ movq %xmm3,%rdx
adoxq %rax,%r11
adcxq %r15,%r15
adoxq %rcx,%r12
@@ -2518,9 +2518,9 @@
movdqa %xmm1,96+16(%rsp)
leaq 32(%rdi),%r10
leaq 64(%rdi),%r11
-.byte 102,72,15,110,199
-.byte 102,73,15,110,202
-.byte 102,73,15,110,211
+ movq %rdi,%xmm0
+ movq %r10,%xmm1
+ movq %r11,%xmm2
leaq 0(%rsp),%rdi
call __ecp_nistz256_mul_by_2q
@@ -2548,7 +2548,7 @@
movq 64+24(%rbx),%r12
leaq 64-0(%rbx),%rsi
leaq 32(%rbx),%rbx
-.byte 102,72,15,126,215
+ movq %xmm2,%rdi
call __ecp_nistz256_mul_montq
call __ecp_nistz256_mul_by_2q
@@ -2573,7 +2573,7 @@
leaq 0+0(%rsp),%rsi
movq 16+0(%rsp),%r15
movq 24+0(%rsp),%r8
-.byte 102,72,15,126,207
+ movq %xmm1,%rdi
call __ecp_nistz256_sqr_montq
xorq %r9,%r9
movq %r12,%rax
@@ -2648,7 +2648,7 @@
leaq 0+32(%rsp),%rsi
movq 16+32(%rsp),%r15
movq 24+32(%rsp),%r8
-.byte 102,72,15,126,199
+ movq %xmm0,%rdi
call __ecp_nistz256_sqr_montq
leaq 128(%rsp),%rbx
@@ -2681,8 +2681,8 @@
leaq 0(%rsp),%rdi
call __ecp_nistz256_mul_montq
-.byte 102,72,15,126,203
-.byte 102,72,15,126,207
+ movq %xmm1,%rbx
+ movq %xmm1,%rdi
call __ecp_nistz256_sub_fromq
leaq 160+56(%rsp),%rsi
@@ -2770,7 +2770,7 @@
por %xmm4,%xmm5
pxor %xmm4,%xmm4
por %xmm0,%xmm1
-.byte 102,72,15,110,199
+ movq %rdi,%xmm0
leaq 64-0(%rsi),%rsi
movq %rax,544+0(%rsp)
@@ -2793,7 +2793,7 @@
movq 64+8(%rbx),%r14
movq 64+16(%rbx),%r15
movq 64+24(%rbx),%r8
-.byte 102,72,15,110,203
+ movq %rbx,%xmm1
leaq 64-0(%rbx),%rsi
leaq 32(%rsp),%rdi
@@ -2848,7 +2848,7 @@
orq %r8,%r12
orq %r9,%r12
por %xmm5,%xmm2
-.byte 102,73,15,110,220
+ movq %r12,%xmm3
movq 384(%rsp),%rax
leaq 384(%rsp),%rbx
@@ -2878,8 +2878,8 @@
orq %r8,%r12
orq %r9,%r12
-.byte 102,73,15,126,208
-.byte 102,73,15,126,217
+ movq %xmm2,%r8
+ movq %xmm3,%r9
orq %r8,%r12
.byte 0x3e
jnz .Ladd_proceedq
@@ -2894,7 +2894,7 @@
-.byte 102,72,15,126,199
+ movq %xmm0,%rdi
pxor %xmm0,%xmm0
movdqu %xmm0,0(%rdi)
movdqu %xmm0,16(%rdi)
@@ -2906,8 +2906,8 @@
.align 32
.Ladd_doubleq:
-.byte 102,72,15,126,206
-.byte 102,72,15,126,199
+ movq %xmm1,%rsi
+ movq %xmm0,%rdi
addq $416,%rsp
.cfi_adjust_cfa_offset -416
jmp .Lpoint_double_shortcutq
@@ -3043,7 +3043,7 @@
leaq 320(%rsp),%rdi
call __ecp_nistz256_sub_fromq
-.byte 102,72,15,126,199
+ movq %xmm0,%rdi
movdqa %xmm5,%xmm0
movdqa %xmm5,%xmm1
@@ -3196,7 +3196,7 @@
pshufd $0x1e,%xmm5,%xmm4
movdqa %xmm1,416+16(%rsp)
por %xmm0,%xmm1
-.byte 102,72,15,110,199
+ movq %rdi,%xmm0
movdqa %xmm2,448(%rsp)
movdqa %xmm3,448+16(%rsp)
por %xmm2,%xmm3
@@ -3374,7 +3374,7 @@
leaq 256(%rsp),%rdi
call __ecp_nistz256_sub_fromq
-.byte 102,72,15,126,199
+ movq %xmm0,%rdi
movdqa %xmm5,%xmm0
movdqa %xmm5,%xmm1
@@ -3646,9 +3646,9 @@
movdqa %xmm1,96+16(%rsp)
leaq 32(%rdi),%r10
leaq 64(%rdi),%r11
-.byte 102,72,15,110,199
-.byte 102,73,15,110,202
-.byte 102,73,15,110,211
+ movq %rdi,%xmm0
+ movq %r10,%xmm1
+ movq %r11,%xmm2
leaq 0(%rsp),%rdi
call __ecp_nistz256_mul_by_2x
@@ -3676,7 +3676,7 @@
movq 64+24(%rbx),%r12
leaq 64-128(%rbx),%rsi
leaq 32(%rbx),%rbx
-.byte 102,72,15,126,215
+ movq %xmm2,%rdi
call __ecp_nistz256_mul_montx
call __ecp_nistz256_mul_by_2x
@@ -3701,7 +3701,7 @@
leaq -128+0(%rsp),%rsi
movq 16+0(%rsp),%r15
movq 24+0(%rsp),%r8
-.byte 102,72,15,126,207
+ movq %xmm1,%rdi
call __ecp_nistz256_sqr_montx
xorq %r9,%r9
movq %r12,%rax
@@ -3776,7 +3776,7 @@
leaq -128+32(%rsp),%rsi
movq 16+32(%rsp),%r15
movq 24+32(%rsp),%r8
-.byte 102,72,15,126,199
+ movq %xmm0,%rdi
call __ecp_nistz256_sqr_montx
leaq 128(%rsp),%rbx
@@ -3809,8 +3809,8 @@
leaq 0(%rsp),%rdi
call __ecp_nistz256_mul_montx
-.byte 102,72,15,126,203
-.byte 102,72,15,126,207
+ movq %xmm1,%rbx
+ movq %xmm1,%rdi
call __ecp_nistz256_sub_fromx
leaq 160+56(%rsp),%rsi
@@ -3898,7 +3898,7 @@
por %xmm4,%xmm5
pxor %xmm4,%xmm4
por %xmm0,%xmm1
-.byte 102,72,15,110,199
+ movq %rdi,%xmm0
leaq 64-128(%rsi),%rsi
movq %rdx,544+0(%rsp)
@@ -3921,7 +3921,7 @@
movq 64+8(%rbx),%r14
movq 64+16(%rbx),%r15
movq 64+24(%rbx),%r8
-.byte 102,72,15,110,203
+ movq %rbx,%xmm1
leaq 64-128(%rbx),%rsi
leaq 32(%rsp),%rdi
@@ -3976,7 +3976,7 @@
orq %r8,%r12
orq %r9,%r12
por %xmm5,%xmm2
-.byte 102,73,15,110,220
+ movq %r12,%xmm3
movq 384(%rsp),%rdx
leaq 384(%rsp),%rbx
@@ -4006,8 +4006,8 @@
orq %r8,%r12
orq %r9,%r12
-.byte 102,73,15,126,208
-.byte 102,73,15,126,217
+ movq %xmm2,%r8
+ movq %xmm3,%r9
orq %r8,%r12
.byte 0x3e
jnz .Ladd_proceedx
@@ -4022,7 +4022,7 @@
-.byte 102,72,15,126,199
+ movq %xmm0,%rdi
pxor %xmm0,%xmm0
movdqu %xmm0,0(%rdi)
movdqu %xmm0,16(%rdi)
@@ -4034,8 +4034,8 @@
.align 32
.Ladd_doublex:
-.byte 102,72,15,126,206
-.byte 102,72,15,126,199
+ movq %xmm1,%rsi
+ movq %xmm0,%rdi
addq $416,%rsp
.cfi_adjust_cfa_offset -416
jmp .Lpoint_double_shortcutx
@@ -4171,7 +4171,7 @@
leaq 320(%rsp),%rdi
call __ecp_nistz256_sub_fromx
-.byte 102,72,15,126,199
+ movq %xmm0,%rdi
movdqa %xmm5,%xmm0
movdqa %xmm5,%xmm1
@@ -4324,7 +4324,7 @@
pshufd $0x1e,%xmm5,%xmm4
movdqa %xmm1,416+16(%rsp)
por %xmm0,%xmm1
-.byte 102,72,15,110,199
+ movq %rdi,%xmm0
movdqa %xmm2,448(%rsp)
movdqa %xmm3,448+16(%rsp)
por %xmm2,%xmm3
@@ -4502,7 +4502,7 @@
leaq 256(%rsp),%rdi
call __ecp_nistz256_sub_fromx
-.byte 102,72,15,126,199
+ movq %xmm0,%rdi
movdqa %xmm5,%xmm0
movdqa %xmm5,%xmm1
diff --git a/src/gen/bcm/p256-x86_64-asm-win.asm b/src/gen/bcm/p256-x86_64-asm-win.asm
index 10a1c0d..194df1c 100644
--- a/src/gen/bcm/p256-x86_64-asm-win.asm
+++ b/src/gen/bcm/p256-x86_64-asm-win.asm
@@ -486,21 +486,21 @@
mov rbp,rax
mul r8
mov r9,rax
-DB 102,72,15,110,205
+ movq xmm1,rbp
mov rax,r14
mov r10,rdx
mul r8
add r10,rax
mov rax,r15
-DB 102,73,15,110,214
+ movq xmm2,r14
adc rdx,0
mov r11,rdx
mul r8
add r11,rax
mov rax,r15
-DB 102,73,15,110,223
+ movq xmm3,r15
adc rdx,0
mov r12,rdx
@@ -539,20 +539,20 @@
mul rax
mov r8,rax
-DB 102,72,15,126,200
+ movq rax,xmm1
mov rbp,rdx
mul rax
add r9,rbp
adc r10,rax
-DB 102,72,15,126,208
+ movq rax,xmm2
adc rdx,0
mov rbp,rdx
mul rax
add r11,rbp
adc r12,rax
-DB 102,72,15,126,216
+ movq rax,xmm3
adc rdx,0
mov rbp,rdx
@@ -1033,11 +1033,11 @@
mulx r10,r9,r14
mulx r11,rcx,r15
mov rax,rdx
-DB 102,73,15,110,206
+ movq xmm1,r14
mulx r12,rbp,r8
mov rdx,r14
add r10,rcx
-DB 102,73,15,110,215
+ movq xmm2,r15
adc r11,rbp
adc r12,0
xor r13,r13
@@ -1054,7 +1054,7 @@
mulx r14,rcx,r8
mov rdx,rax
-DB 102,73,15,110,216
+ movq xmm3,r8
xor r15,r15
adcx r9,r9
adox r13,rcx
@@ -1063,18 +1063,18 @@
mulx rbp,r8,rdx
-DB 102,72,15,126,202
+ movq rdx,xmm1
adcx r11,r11
adox r9,rbp
adcx r12,r12
mulx rax,rcx,rdx
-DB 102,72,15,126,210
+ movq rdx,xmm2
adcx r13,r13
adox r10,rcx
adcx r14,r14
mulx rbp,rcx,rdx
DB 0x67
-DB 102,72,15,126,218
+ movq rdx,xmm3
adox r11,rax
adcx r15,r15
adox r12,rcx
@@ -2659,9 +2659,9 @@
movdqa XMMWORD[(96+16)+rsp],xmm1
lea r10,[32+rdi]
lea r11,[64+rdi]
-DB 102,72,15,110,199
-DB 102,73,15,110,202
-DB 102,73,15,110,211
+ movq xmm0,rdi
+ movq xmm1,r10
+ movq xmm2,r11
lea rdi,[rsp]
call __ecp_nistz256_mul_by_2q
@@ -2689,7 +2689,7 @@
mov r12,QWORD[((64+24))+rbx]
lea rsi,[((64-0))+rbx]
lea rbx,[32+rbx]
-DB 102,72,15,126,215
+ movq rdi,xmm2
call __ecp_nistz256_mul_montq
call __ecp_nistz256_mul_by_2q
@@ -2714,7 +2714,7 @@
lea rsi,[((0+0))+rsp]
mov r15,QWORD[((16+0))+rsp]
mov r8,QWORD[((24+0))+rsp]
-DB 102,72,15,126,207
+ movq rdi,xmm1
call __ecp_nistz256_sqr_montq
xor r9,r9
mov rax,r12
@@ -2789,7 +2789,7 @@
lea rsi,[((0+32))+rsp]
mov r15,QWORD[((16+32))+rsp]
mov r8,QWORD[((24+32))+rsp]
-DB 102,72,15,126,199
+ movq rdi,xmm0
call __ecp_nistz256_sqr_montq
lea rbx,[128+rsp]
@@ -2822,8 +2822,8 @@
lea rdi,[rsp]
call __ecp_nistz256_mul_montq
-DB 102,72,15,126,203
-DB 102,72,15,126,207
+ movq rbx,xmm1
+ movq rdi,xmm1
call __ecp_nistz256_sub_fromq
lea rsi,[((160+56))+rsp]
@@ -2915,7 +2915,7 @@
por xmm5,xmm4
pxor xmm4,xmm4
por xmm1,xmm0
-DB 102,72,15,110,199
+ movq xmm0,rdi
lea rsi,[((64-0))+rsi]
mov QWORD[((544+0))+rsp],rax
@@ -2938,7 +2938,7 @@
mov r14,QWORD[((64+8))+rbx]
mov r15,QWORD[((64+16))+rbx]
mov r8,QWORD[((64+24))+rbx]
-DB 102,72,15,110,203
+ movq xmm1,rbx
lea rsi,[((64-0))+rbx]
lea rdi,[32+rsp]
@@ -2993,7 +2993,7 @@
or r12,r8
or r12,r9
por xmm2,xmm5
-DB 102,73,15,110,220
+ movq xmm3,r12
mov rax,QWORD[384+rsp]
lea rbx,[384+rsp]
@@ -3023,8 +3023,8 @@
or r12,r8
or r12,r9
-DB 102,73,15,126,208
-DB 102,73,15,126,217
+ movq r8,xmm2
+ movq r9,xmm3
or r12,r8
DB 0x3e
jnz NEAR $L$add_proceedq
@@ -3039,7 +3039,7 @@
-DB 102,72,15,126,199
+ movq rdi,xmm0
pxor xmm0,xmm0
movdqu XMMWORD[rdi],xmm0
movdqu XMMWORD[16+rdi],xmm0
@@ -3051,8 +3051,8 @@
ALIGN 32
$L$add_doubleq:
-DB 102,72,15,126,206
-DB 102,72,15,126,199
+ movq rsi,xmm1
+ movq rdi,xmm0
add rsp,416
jmp NEAR $L$point_double_shortcutq
@@ -3188,7 +3188,7 @@
lea rdi,[320+rsp]
call __ecp_nistz256_sub_fromq
-DB 102,72,15,126,199
+ movq rdi,xmm0
movdqa xmm0,xmm5
movdqa xmm1,xmm5
@@ -3345,7 +3345,7 @@
pshufd xmm4,xmm5,0x1e
movdqa XMMWORD[(416+16)+rsp],xmm1
por xmm1,xmm0
-DB 102,72,15,110,199
+ movq xmm0,rdi
movdqa XMMWORD[448+rsp],xmm2
movdqa XMMWORD[(448+16)+rsp],xmm3
por xmm3,xmm2
@@ -3523,7 +3523,7 @@
lea rdi,[256+rsp]
call __ecp_nistz256_sub_fromq
-DB 102,72,15,126,199
+ movq rdi,xmm0
movdqa xmm0,xmm5
movdqa xmm1,xmm5
@@ -3798,9 +3798,9 @@
movdqa XMMWORD[(96+16)+rsp],xmm1
lea r10,[32+rdi]
lea r11,[64+rdi]
-DB 102,72,15,110,199
-DB 102,73,15,110,202
-DB 102,73,15,110,211
+ movq xmm0,rdi
+ movq xmm1,r10
+ movq xmm2,r11
lea rdi,[rsp]
call __ecp_nistz256_mul_by_2x
@@ -3828,7 +3828,7 @@
mov r12,QWORD[((64+24))+rbx]
lea rsi,[((64-128))+rbx]
lea rbx,[32+rbx]
-DB 102,72,15,126,215
+ movq rdi,xmm2
call __ecp_nistz256_mul_montx
call __ecp_nistz256_mul_by_2x
@@ -3853,7 +3853,7 @@
lea rsi,[((-128+0))+rsp]
mov r15,QWORD[((16+0))+rsp]
mov r8,QWORD[((24+0))+rsp]
-DB 102,72,15,126,207
+ movq rdi,xmm1
call __ecp_nistz256_sqr_montx
xor r9,r9
mov rax,r12
@@ -3928,7 +3928,7 @@
lea rsi,[((-128+32))+rsp]
mov r15,QWORD[((16+32))+rsp]
mov r8,QWORD[((24+32))+rsp]
-DB 102,72,15,126,199
+ movq rdi,xmm0
call __ecp_nistz256_sqr_montx
lea rbx,[128+rsp]
@@ -3961,8 +3961,8 @@
lea rdi,[rsp]
call __ecp_nistz256_mul_montx
-DB 102,72,15,126,203
-DB 102,72,15,126,207
+ movq rbx,xmm1
+ movq rdi,xmm1
call __ecp_nistz256_sub_fromx
lea rsi,[((160+56))+rsp]
@@ -4054,7 +4054,7 @@
por xmm5,xmm4
pxor xmm4,xmm4
por xmm1,xmm0
-DB 102,72,15,110,199
+ movq xmm0,rdi
lea rsi,[((64-128))+rsi]
mov QWORD[((544+0))+rsp],rdx
@@ -4077,7 +4077,7 @@
mov r14,QWORD[((64+8))+rbx]
mov r15,QWORD[((64+16))+rbx]
mov r8,QWORD[((64+24))+rbx]
-DB 102,72,15,110,203
+ movq xmm1,rbx
lea rsi,[((64-128))+rbx]
lea rdi,[32+rsp]
@@ -4132,7 +4132,7 @@
or r12,r8
or r12,r9
por xmm2,xmm5
-DB 102,73,15,110,220
+ movq xmm3,r12
mov rdx,QWORD[384+rsp]
lea rbx,[384+rsp]
@@ -4162,8 +4162,8 @@
or r12,r8
or r12,r9
-DB 102,73,15,126,208
-DB 102,73,15,126,217
+ movq r8,xmm2
+ movq r9,xmm3
or r12,r8
DB 0x3e
jnz NEAR $L$add_proceedx
@@ -4178,7 +4178,7 @@
-DB 102,72,15,126,199
+ movq rdi,xmm0
pxor xmm0,xmm0
movdqu XMMWORD[rdi],xmm0
movdqu XMMWORD[16+rdi],xmm0
@@ -4190,8 +4190,8 @@
ALIGN 32
$L$add_doublex:
-DB 102,72,15,126,206
-DB 102,72,15,126,199
+ movq rsi,xmm1
+ movq rdi,xmm0
add rsp,416
jmp NEAR $L$point_double_shortcutx
@@ -4327,7 +4327,7 @@
lea rdi,[320+rsp]
call __ecp_nistz256_sub_fromx
-DB 102,72,15,126,199
+ movq rdi,xmm0
movdqa xmm0,xmm5
movdqa xmm1,xmm5
@@ -4484,7 +4484,7 @@
pshufd xmm4,xmm5,0x1e
movdqa XMMWORD[(416+16)+rsp],xmm1
por xmm1,xmm0
-DB 102,72,15,110,199
+ movq xmm0,rdi
movdqa XMMWORD[448+rsp],xmm2
movdqa XMMWORD[(448+16)+rsp],xmm3
por xmm3,xmm2
@@ -4662,7 +4662,7 @@
lea rdi,[256+rsp]
call __ecp_nistz256_sub_fromx
-DB 102,72,15,126,199
+ movq rdi,xmm0
movdqa xmm0,xmm5
movdqa xmm1,xmm5
diff --git a/src/gen/bcm/rdrand-x86_64-apple.S b/src/gen/bcm/rdrand-x86_64-apple.S
index 5fdf105..4f990d9 100644
--- a/src/gen/bcm/rdrand-x86_64-apple.S
+++ b/src/gen/bcm/rdrand-x86_64-apple.S
@@ -17,7 +17,7 @@
_CET_ENDBR
xorq %rax,%rax
-.byte 72,15,199,242
+ rdrand %rdx
adcq %rax,%rax
movq %rdx,0(%rdi)
@@ -40,7 +40,7 @@
jz L$out
movq $8,%rdx
L$loop:
-.byte 72,15,199,241
+ rdrand %rcx
jnc L$err
movq %rcx,0(%rdi)
addq %rdx,%rdi
diff --git a/src/gen/bcm/rdrand-x86_64-linux.S b/src/gen/bcm/rdrand-x86_64-linux.S
index fe81dac..52a1eb2 100644
--- a/src/gen/bcm/rdrand-x86_64-linux.S
+++ b/src/gen/bcm/rdrand-x86_64-linux.S
@@ -17,7 +17,7 @@
.cfi_startproc
_CET_ENDBR
xorq %rax,%rax
-.byte 72,15,199,242
+ rdrand %rdx
adcq %rax,%rax
movq %rdx,0(%rdi)
@@ -40,7 +40,7 @@
jz .Lout
movq $8,%rdx
.Lloop:
-.byte 72,15,199,241
+ rdrand %rcx
jnc .Lerr
movq %rcx,0(%rdi)
addq %rdx,%rdi
diff --git a/src/gen/bcm/rdrand-x86_64-win.asm b/src/gen/bcm/rdrand-x86_64-win.asm
index aae3d76..6dba87b 100644
--- a/src/gen/bcm/rdrand-x86_64-win.asm
+++ b/src/gen/bcm/rdrand-x86_64-win.asm
@@ -24,7 +24,7 @@
_CET_ENDBR
xor rax,rax
-DB 73,15,199,240
+ rdrand r8
adc rax,rax
mov QWORD[rcx],r8
@@ -46,7 +46,7 @@
jz NEAR $L$out
mov r8,8
$L$loop:
-DB 73,15,199,241
+ rdrand r9
jnc NEAR $L$err
mov QWORD[rcx],r9
add rcx,r8
diff --git a/src/gen/bcm/sha1-x86_64-apple.S b/src/gen/bcm/sha1-x86_64-apple.S
index a1ea1e6..32b3bc7 100644
--- a/src/gen/bcm/sha1-x86_64-apple.S
+++ b/src/gen/bcm/sha1-x86_64-apple.S
@@ -1259,12 +1259,12 @@
movdqu 16(%rsi),%xmm5
pshufd $27,%xmm1,%xmm1
movdqu 32(%rsi),%xmm6
-.byte 102,15,56,0,227
+ pshufb %xmm3,%xmm4
movdqu 48(%rsi),%xmm7
-.byte 102,15,56,0,235
-.byte 102,15,56,0,243
+ pshufb %xmm3,%xmm5
+ pshufb %xmm3,%xmm6
movdqa %xmm1,%xmm9
-.byte 102,15,56,0,251
+ pshufb %xmm3,%xmm7
jmp L$oop_shaext
.p2align 4
@@ -1275,133 +1275,133 @@
cmovneq %r8,%rsi
prefetcht0 512(%rsi)
movdqa %xmm0,%xmm8
-.byte 15,56,201,229
+ sha1msg1 %xmm5,%xmm4
movdqa %xmm0,%xmm2
-.byte 15,58,204,193,0
-.byte 15,56,200,213
+ sha1rnds4 $0,%xmm1,%xmm0
+ sha1nexte %xmm5,%xmm2
pxor %xmm6,%xmm4
-.byte 15,56,201,238
-.byte 15,56,202,231
+ sha1msg1 %xmm6,%xmm5
+ sha1msg2 %xmm7,%xmm4
movdqa %xmm0,%xmm1
-.byte 15,58,204,194,0
-.byte 15,56,200,206
+ sha1rnds4 $0,%xmm2,%xmm0
+ sha1nexte %xmm6,%xmm1
pxor %xmm7,%xmm5
-.byte 15,56,202,236
-.byte 15,56,201,247
+ sha1msg2 %xmm4,%xmm5
+ sha1msg1 %xmm7,%xmm6
movdqa %xmm0,%xmm2
-.byte 15,58,204,193,0
-.byte 15,56,200,215
+ sha1rnds4 $0,%xmm1,%xmm0
+ sha1nexte %xmm7,%xmm2
pxor %xmm4,%xmm6
-.byte 15,56,201,252
-.byte 15,56,202,245
+ sha1msg1 %xmm4,%xmm7
+ sha1msg2 %xmm5,%xmm6
movdqa %xmm0,%xmm1
-.byte 15,58,204,194,0
-.byte 15,56,200,204
+ sha1rnds4 $0,%xmm2,%xmm0
+ sha1nexte %xmm4,%xmm1
pxor %xmm5,%xmm7
-.byte 15,56,202,254
-.byte 15,56,201,229
+ sha1msg2 %xmm6,%xmm7
+ sha1msg1 %xmm5,%xmm4
movdqa %xmm0,%xmm2
-.byte 15,58,204,193,0
-.byte 15,56,200,213
+ sha1rnds4 $0,%xmm1,%xmm0
+ sha1nexte %xmm5,%xmm2
pxor %xmm6,%xmm4
-.byte 15,56,201,238
-.byte 15,56,202,231
+ sha1msg1 %xmm6,%xmm5
+ sha1msg2 %xmm7,%xmm4
movdqa %xmm0,%xmm1
-.byte 15,58,204,194,1
-.byte 15,56,200,206
+ sha1rnds4 $1,%xmm2,%xmm0
+ sha1nexte %xmm6,%xmm1
pxor %xmm7,%xmm5
-.byte 15,56,202,236
-.byte 15,56,201,247
+ sha1msg2 %xmm4,%xmm5
+ sha1msg1 %xmm7,%xmm6
movdqa %xmm0,%xmm2
-.byte 15,58,204,193,1
-.byte 15,56,200,215
+ sha1rnds4 $1,%xmm1,%xmm0
+ sha1nexte %xmm7,%xmm2
pxor %xmm4,%xmm6
-.byte 15,56,201,252
-.byte 15,56,202,245
+ sha1msg1 %xmm4,%xmm7
+ sha1msg2 %xmm5,%xmm6
movdqa %xmm0,%xmm1
-.byte 15,58,204,194,1
-.byte 15,56,200,204
+ sha1rnds4 $1,%xmm2,%xmm0
+ sha1nexte %xmm4,%xmm1
pxor %xmm5,%xmm7
-.byte 15,56,202,254
-.byte 15,56,201,229
+ sha1msg2 %xmm6,%xmm7
+ sha1msg1 %xmm5,%xmm4
movdqa %xmm0,%xmm2
-.byte 15,58,204,193,1
-.byte 15,56,200,213
+ sha1rnds4 $1,%xmm1,%xmm0
+ sha1nexte %xmm5,%xmm2
pxor %xmm6,%xmm4
-.byte 15,56,201,238
-.byte 15,56,202,231
+ sha1msg1 %xmm6,%xmm5
+ sha1msg2 %xmm7,%xmm4
movdqa %xmm0,%xmm1
-.byte 15,58,204,194,1
-.byte 15,56,200,206
+ sha1rnds4 $1,%xmm2,%xmm0
+ sha1nexte %xmm6,%xmm1
pxor %xmm7,%xmm5
-.byte 15,56,202,236
-.byte 15,56,201,247
+ sha1msg2 %xmm4,%xmm5
+ sha1msg1 %xmm7,%xmm6
movdqa %xmm0,%xmm2
-.byte 15,58,204,193,2
-.byte 15,56,200,215
+ sha1rnds4 $2,%xmm1,%xmm0
+ sha1nexte %xmm7,%xmm2
pxor %xmm4,%xmm6
-.byte 15,56,201,252
-.byte 15,56,202,245
+ sha1msg1 %xmm4,%xmm7
+ sha1msg2 %xmm5,%xmm6
movdqa %xmm0,%xmm1
-.byte 15,58,204,194,2
-.byte 15,56,200,204
+ sha1rnds4 $2,%xmm2,%xmm0
+ sha1nexte %xmm4,%xmm1
pxor %xmm5,%xmm7
-.byte 15,56,202,254
-.byte 15,56,201,229
+ sha1msg2 %xmm6,%xmm7
+ sha1msg1 %xmm5,%xmm4
movdqa %xmm0,%xmm2
-.byte 15,58,204,193,2
-.byte 15,56,200,213
+ sha1rnds4 $2,%xmm1,%xmm0
+ sha1nexte %xmm5,%xmm2
pxor %xmm6,%xmm4
-.byte 15,56,201,238
-.byte 15,56,202,231
+ sha1msg1 %xmm6,%xmm5
+ sha1msg2 %xmm7,%xmm4
movdqa %xmm0,%xmm1
-.byte 15,58,204,194,2
-.byte 15,56,200,206
+ sha1rnds4 $2,%xmm2,%xmm0
+ sha1nexte %xmm6,%xmm1
pxor %xmm7,%xmm5
-.byte 15,56,202,236
-.byte 15,56,201,247
+ sha1msg2 %xmm4,%xmm5
+ sha1msg1 %xmm7,%xmm6
movdqa %xmm0,%xmm2
-.byte 15,58,204,193,2
-.byte 15,56,200,215
+ sha1rnds4 $2,%xmm1,%xmm0
+ sha1nexte %xmm7,%xmm2
pxor %xmm4,%xmm6
-.byte 15,56,201,252
-.byte 15,56,202,245
+ sha1msg1 %xmm4,%xmm7
+ sha1msg2 %xmm5,%xmm6
movdqa %xmm0,%xmm1
-.byte 15,58,204,194,3
-.byte 15,56,200,204
+ sha1rnds4 $3,%xmm2,%xmm0
+ sha1nexte %xmm4,%xmm1
pxor %xmm5,%xmm7
-.byte 15,56,202,254
+ sha1msg2 %xmm6,%xmm7
movdqu (%rsi),%xmm4
movdqa %xmm0,%xmm2
-.byte 15,58,204,193,3
-.byte 15,56,200,213
+ sha1rnds4 $3,%xmm1,%xmm0
+ sha1nexte %xmm5,%xmm2
movdqu 16(%rsi),%xmm5
-.byte 102,15,56,0,227
+ pshufb %xmm3,%xmm4
movdqa %xmm0,%xmm1
-.byte 15,58,204,194,3
-.byte 15,56,200,206
+ sha1rnds4 $3,%xmm2,%xmm0
+ sha1nexte %xmm6,%xmm1
movdqu 32(%rsi),%xmm6
-.byte 102,15,56,0,235
+ pshufb %xmm3,%xmm5
movdqa %xmm0,%xmm2
-.byte 15,58,204,193,3
-.byte 15,56,200,215
+ sha1rnds4 $3,%xmm1,%xmm0
+ sha1nexte %xmm7,%xmm2
movdqu 48(%rsi),%xmm7
-.byte 102,15,56,0,243
+ pshufb %xmm3,%xmm6
movdqa %xmm0,%xmm1
-.byte 15,58,204,194,3
-.byte 65,15,56,200,201
-.byte 102,15,56,0,251
+ sha1rnds4 $3,%xmm2,%xmm0
+ sha1nexte %xmm9,%xmm1
+ pshufb %xmm3,%xmm7
paddd %xmm8,%xmm0
movdqa %xmm1,%xmm9
@@ -1460,12 +1460,12 @@
movdqu 16(%r9),%xmm1
movdqu 32(%r9),%xmm2
movdqu 48(%r9),%xmm3
-.byte 102,15,56,0,198
-.byte 102,15,56,0,206
-.byte 102,15,56,0,214
+ pshufb %xmm6,%xmm0
+ pshufb %xmm6,%xmm1
+ pshufb %xmm6,%xmm2
addq $64,%r9
paddd %xmm9,%xmm0
-.byte 102,15,56,0,222
+ pshufb %xmm6,%xmm3
paddd %xmm9,%xmm1
paddd %xmm9,%xmm2
movdqa %xmm0,0(%rsp)
@@ -2357,12 +2357,12 @@
movdqu 16(%r9),%xmm1
movdqu 32(%r9),%xmm2
movdqu 48(%r9),%xmm3
-.byte 102,15,56,0,198
+ pshufb %xmm6,%xmm0
addq $64,%r9
addl 16(%rsp),%ebx
xorl %ebp,%esi
movl %ecx,%edi
-.byte 102,15,56,0,206
+ pshufb %xmm6,%xmm1
roll $5,%ecx
addl %esi,%ebx
xorl %ebp,%edi
@@ -2398,7 +2398,7 @@
addl 32(%rsp),%ecx
xorl %eax,%esi
movl %edx,%edi
-.byte 102,15,56,0,214
+ pshufb %xmm6,%xmm2
roll $5,%edx
addl %esi,%ecx
xorl %eax,%edi
@@ -2434,7 +2434,7 @@
addl 48(%rsp),%edx
xorl %ebx,%esi
movl %ebp,%edi
-.byte 102,15,56,0,222
+ pshufb %xmm6,%xmm3
roll $5,%ebp
addl %esi,%edx
xorl %ebx,%edi
diff --git a/src/gen/bcm/sha1-x86_64-linux.S b/src/gen/bcm/sha1-x86_64-linux.S
index 39d9ad3..1f4807a 100644
--- a/src/gen/bcm/sha1-x86_64-linux.S
+++ b/src/gen/bcm/sha1-x86_64-linux.S
@@ -1259,12 +1259,12 @@
movdqu 16(%rsi),%xmm5
pshufd $27,%xmm1,%xmm1
movdqu 32(%rsi),%xmm6
-.byte 102,15,56,0,227
+ pshufb %xmm3,%xmm4
movdqu 48(%rsi),%xmm7
-.byte 102,15,56,0,235
-.byte 102,15,56,0,243
+ pshufb %xmm3,%xmm5
+ pshufb %xmm3,%xmm6
movdqa %xmm1,%xmm9
-.byte 102,15,56,0,251
+ pshufb %xmm3,%xmm7
jmp .Loop_shaext
.align 16
@@ -1275,133 +1275,133 @@
cmovneq %r8,%rsi
prefetcht0 512(%rsi)
movdqa %xmm0,%xmm8
-.byte 15,56,201,229
+ sha1msg1 %xmm5,%xmm4
movdqa %xmm0,%xmm2
-.byte 15,58,204,193,0
-.byte 15,56,200,213
+ sha1rnds4 $0,%xmm1,%xmm0
+ sha1nexte %xmm5,%xmm2
pxor %xmm6,%xmm4
-.byte 15,56,201,238
-.byte 15,56,202,231
+ sha1msg1 %xmm6,%xmm5
+ sha1msg2 %xmm7,%xmm4
movdqa %xmm0,%xmm1
-.byte 15,58,204,194,0
-.byte 15,56,200,206
+ sha1rnds4 $0,%xmm2,%xmm0
+ sha1nexte %xmm6,%xmm1
pxor %xmm7,%xmm5
-.byte 15,56,202,236
-.byte 15,56,201,247
+ sha1msg2 %xmm4,%xmm5
+ sha1msg1 %xmm7,%xmm6
movdqa %xmm0,%xmm2
-.byte 15,58,204,193,0
-.byte 15,56,200,215
+ sha1rnds4 $0,%xmm1,%xmm0
+ sha1nexte %xmm7,%xmm2
pxor %xmm4,%xmm6
-.byte 15,56,201,252
-.byte 15,56,202,245
+ sha1msg1 %xmm4,%xmm7
+ sha1msg2 %xmm5,%xmm6
movdqa %xmm0,%xmm1
-.byte 15,58,204,194,0
-.byte 15,56,200,204
+ sha1rnds4 $0,%xmm2,%xmm0
+ sha1nexte %xmm4,%xmm1
pxor %xmm5,%xmm7
-.byte 15,56,202,254
-.byte 15,56,201,229
+ sha1msg2 %xmm6,%xmm7
+ sha1msg1 %xmm5,%xmm4
movdqa %xmm0,%xmm2
-.byte 15,58,204,193,0
-.byte 15,56,200,213
+ sha1rnds4 $0,%xmm1,%xmm0
+ sha1nexte %xmm5,%xmm2
pxor %xmm6,%xmm4
-.byte 15,56,201,238
-.byte 15,56,202,231
+ sha1msg1 %xmm6,%xmm5
+ sha1msg2 %xmm7,%xmm4
movdqa %xmm0,%xmm1
-.byte 15,58,204,194,1
-.byte 15,56,200,206
+ sha1rnds4 $1,%xmm2,%xmm0
+ sha1nexte %xmm6,%xmm1
pxor %xmm7,%xmm5
-.byte 15,56,202,236
-.byte 15,56,201,247
+ sha1msg2 %xmm4,%xmm5
+ sha1msg1 %xmm7,%xmm6
movdqa %xmm0,%xmm2
-.byte 15,58,204,193,1
-.byte 15,56,200,215
+ sha1rnds4 $1,%xmm1,%xmm0
+ sha1nexte %xmm7,%xmm2
pxor %xmm4,%xmm6
-.byte 15,56,201,252
-.byte 15,56,202,245
+ sha1msg1 %xmm4,%xmm7
+ sha1msg2 %xmm5,%xmm6
movdqa %xmm0,%xmm1
-.byte 15,58,204,194,1
-.byte 15,56,200,204
+ sha1rnds4 $1,%xmm2,%xmm0
+ sha1nexte %xmm4,%xmm1
pxor %xmm5,%xmm7
-.byte 15,56,202,254
-.byte 15,56,201,229
+ sha1msg2 %xmm6,%xmm7
+ sha1msg1 %xmm5,%xmm4
movdqa %xmm0,%xmm2
-.byte 15,58,204,193,1
-.byte 15,56,200,213
+ sha1rnds4 $1,%xmm1,%xmm0
+ sha1nexte %xmm5,%xmm2
pxor %xmm6,%xmm4
-.byte 15,56,201,238
-.byte 15,56,202,231
+ sha1msg1 %xmm6,%xmm5
+ sha1msg2 %xmm7,%xmm4
movdqa %xmm0,%xmm1
-.byte 15,58,204,194,1
-.byte 15,56,200,206
+ sha1rnds4 $1,%xmm2,%xmm0
+ sha1nexte %xmm6,%xmm1
pxor %xmm7,%xmm5
-.byte 15,56,202,236
-.byte 15,56,201,247
+ sha1msg2 %xmm4,%xmm5
+ sha1msg1 %xmm7,%xmm6
movdqa %xmm0,%xmm2
-.byte 15,58,204,193,2
-.byte 15,56,200,215
+ sha1rnds4 $2,%xmm1,%xmm0
+ sha1nexte %xmm7,%xmm2
pxor %xmm4,%xmm6
-.byte 15,56,201,252
-.byte 15,56,202,245
+ sha1msg1 %xmm4,%xmm7
+ sha1msg2 %xmm5,%xmm6
movdqa %xmm0,%xmm1
-.byte 15,58,204,194,2
-.byte 15,56,200,204
+ sha1rnds4 $2,%xmm2,%xmm0
+ sha1nexte %xmm4,%xmm1
pxor %xmm5,%xmm7
-.byte 15,56,202,254
-.byte 15,56,201,229
+ sha1msg2 %xmm6,%xmm7
+ sha1msg1 %xmm5,%xmm4
movdqa %xmm0,%xmm2
-.byte 15,58,204,193,2
-.byte 15,56,200,213
+ sha1rnds4 $2,%xmm1,%xmm0
+ sha1nexte %xmm5,%xmm2
pxor %xmm6,%xmm4
-.byte 15,56,201,238
-.byte 15,56,202,231
+ sha1msg1 %xmm6,%xmm5
+ sha1msg2 %xmm7,%xmm4
movdqa %xmm0,%xmm1
-.byte 15,58,204,194,2
-.byte 15,56,200,206
+ sha1rnds4 $2,%xmm2,%xmm0
+ sha1nexte %xmm6,%xmm1
pxor %xmm7,%xmm5
-.byte 15,56,202,236
-.byte 15,56,201,247
+ sha1msg2 %xmm4,%xmm5
+ sha1msg1 %xmm7,%xmm6
movdqa %xmm0,%xmm2
-.byte 15,58,204,193,2
-.byte 15,56,200,215
+ sha1rnds4 $2,%xmm1,%xmm0
+ sha1nexte %xmm7,%xmm2
pxor %xmm4,%xmm6
-.byte 15,56,201,252
-.byte 15,56,202,245
+ sha1msg1 %xmm4,%xmm7
+ sha1msg2 %xmm5,%xmm6
movdqa %xmm0,%xmm1
-.byte 15,58,204,194,3
-.byte 15,56,200,204
+ sha1rnds4 $3,%xmm2,%xmm0
+ sha1nexte %xmm4,%xmm1
pxor %xmm5,%xmm7
-.byte 15,56,202,254
+ sha1msg2 %xmm6,%xmm7
movdqu (%rsi),%xmm4
movdqa %xmm0,%xmm2
-.byte 15,58,204,193,3
-.byte 15,56,200,213
+ sha1rnds4 $3,%xmm1,%xmm0
+ sha1nexte %xmm5,%xmm2
movdqu 16(%rsi),%xmm5
-.byte 102,15,56,0,227
+ pshufb %xmm3,%xmm4
movdqa %xmm0,%xmm1
-.byte 15,58,204,194,3
-.byte 15,56,200,206
+ sha1rnds4 $3,%xmm2,%xmm0
+ sha1nexte %xmm6,%xmm1
movdqu 32(%rsi),%xmm6
-.byte 102,15,56,0,235
+ pshufb %xmm3,%xmm5
movdqa %xmm0,%xmm2
-.byte 15,58,204,193,3
-.byte 15,56,200,215
+ sha1rnds4 $3,%xmm1,%xmm0
+ sha1nexte %xmm7,%xmm2
movdqu 48(%rsi),%xmm7
-.byte 102,15,56,0,243
+ pshufb %xmm3,%xmm6
movdqa %xmm0,%xmm1
-.byte 15,58,204,194,3
-.byte 65,15,56,200,201
-.byte 102,15,56,0,251
+ sha1rnds4 $3,%xmm2,%xmm0
+ sha1nexte %xmm9,%xmm1
+ pshufb %xmm3,%xmm7
paddd %xmm8,%xmm0
movdqa %xmm1,%xmm9
@@ -1460,12 +1460,12 @@
movdqu 16(%r9),%xmm1
movdqu 32(%r9),%xmm2
movdqu 48(%r9),%xmm3
-.byte 102,15,56,0,198
-.byte 102,15,56,0,206
-.byte 102,15,56,0,214
+ pshufb %xmm6,%xmm0
+ pshufb %xmm6,%xmm1
+ pshufb %xmm6,%xmm2
addq $64,%r9
paddd %xmm9,%xmm0
-.byte 102,15,56,0,222
+ pshufb %xmm6,%xmm3
paddd %xmm9,%xmm1
paddd %xmm9,%xmm2
movdqa %xmm0,0(%rsp)
@@ -2357,12 +2357,12 @@
movdqu 16(%r9),%xmm1
movdqu 32(%r9),%xmm2
movdqu 48(%r9),%xmm3
-.byte 102,15,56,0,198
+ pshufb %xmm6,%xmm0
addq $64,%r9
addl 16(%rsp),%ebx
xorl %ebp,%esi
movl %ecx,%edi
-.byte 102,15,56,0,206
+ pshufb %xmm6,%xmm1
roll $5,%ecx
addl %esi,%ebx
xorl %ebp,%edi
@@ -2398,7 +2398,7 @@
addl 32(%rsp),%ecx
xorl %eax,%esi
movl %edx,%edi
-.byte 102,15,56,0,214
+ pshufb %xmm6,%xmm2
roll $5,%edx
addl %esi,%ecx
xorl %eax,%edi
@@ -2434,7 +2434,7 @@
addl 48(%rsp),%edx
xorl %ebx,%esi
movl %ebp,%edi
-.byte 102,15,56,0,222
+ pshufb %xmm6,%xmm3
roll $5,%ebp
addl %esi,%edx
xorl %ebx,%edi
diff --git a/src/gen/bcm/sha1-x86_64-win.asm b/src/gen/bcm/sha1-x86_64-win.asm
index 92e9b9c..c5da333 100644
--- a/src/gen/bcm/sha1-x86_64-win.asm
+++ b/src/gen/bcm/sha1-x86_64-win.asm
@@ -1291,12 +1291,12 @@
movdqu xmm5,XMMWORD[16+rsi]
pshufd xmm1,xmm1,27
movdqu xmm6,XMMWORD[32+rsi]
-DB 102,15,56,0,227
+ pshufb xmm4,xmm3
movdqu xmm7,XMMWORD[48+rsi]
-DB 102,15,56,0,235
-DB 102,15,56,0,243
+ pshufb xmm5,xmm3
+ pshufb xmm6,xmm3
movdqa xmm9,xmm1
-DB 102,15,56,0,251
+ pshufb xmm7,xmm3
jmp NEAR $L$oop_shaext
ALIGN 16
@@ -1307,133 +1307,133 @@
cmovne rsi,r8
prefetcht0 [512+rsi]
movdqa xmm8,xmm0
- DB 15,56,201,229
+ sha1msg1 xmm4,xmm5
movdqa xmm2,xmm0
- DB 15,58,204,193,0
- DB 15,56,200,213
+ sha1rnds4 xmm0,xmm1,0
+ sha1nexte xmm2,xmm5
pxor xmm4,xmm6
- DB 15,56,201,238
- DB 15,56,202,231
+ sha1msg1 xmm5,xmm6
+ sha1msg2 xmm4,xmm7
movdqa xmm1,xmm0
- DB 15,58,204,194,0
- DB 15,56,200,206
+ sha1rnds4 xmm0,xmm2,0
+ sha1nexte xmm1,xmm6
pxor xmm5,xmm7
- DB 15,56,202,236
- DB 15,56,201,247
+ sha1msg2 xmm5,xmm4
+ sha1msg1 xmm6,xmm7
movdqa xmm2,xmm0
- DB 15,58,204,193,0
- DB 15,56,200,215
+ sha1rnds4 xmm0,xmm1,0
+ sha1nexte xmm2,xmm7
pxor xmm6,xmm4
- DB 15,56,201,252
- DB 15,56,202,245
+ sha1msg1 xmm7,xmm4
+ sha1msg2 xmm6,xmm5
movdqa xmm1,xmm0
- DB 15,58,204,194,0
- DB 15,56,200,204
+ sha1rnds4 xmm0,xmm2,0
+ sha1nexte xmm1,xmm4
pxor xmm7,xmm5
- DB 15,56,202,254
- DB 15,56,201,229
+ sha1msg2 xmm7,xmm6
+ sha1msg1 xmm4,xmm5
movdqa xmm2,xmm0
- DB 15,58,204,193,0
- DB 15,56,200,213
+ sha1rnds4 xmm0,xmm1,0
+ sha1nexte xmm2,xmm5
pxor xmm4,xmm6
- DB 15,56,201,238
- DB 15,56,202,231
+ sha1msg1 xmm5,xmm6
+ sha1msg2 xmm4,xmm7
movdqa xmm1,xmm0
- DB 15,58,204,194,1
- DB 15,56,200,206
+ sha1rnds4 xmm0,xmm2,1
+ sha1nexte xmm1,xmm6
pxor xmm5,xmm7
- DB 15,56,202,236
- DB 15,56,201,247
+ sha1msg2 xmm5,xmm4
+ sha1msg1 xmm6,xmm7
movdqa xmm2,xmm0
- DB 15,58,204,193,1
- DB 15,56,200,215
+ sha1rnds4 xmm0,xmm1,1
+ sha1nexte xmm2,xmm7
pxor xmm6,xmm4
- DB 15,56,201,252
- DB 15,56,202,245
+ sha1msg1 xmm7,xmm4
+ sha1msg2 xmm6,xmm5
movdqa xmm1,xmm0
- DB 15,58,204,194,1
- DB 15,56,200,204
+ sha1rnds4 xmm0,xmm2,1
+ sha1nexte xmm1,xmm4
pxor xmm7,xmm5
- DB 15,56,202,254
- DB 15,56,201,229
+ sha1msg2 xmm7,xmm6
+ sha1msg1 xmm4,xmm5
movdqa xmm2,xmm0
- DB 15,58,204,193,1
- DB 15,56,200,213
+ sha1rnds4 xmm0,xmm1,1
+ sha1nexte xmm2,xmm5
pxor xmm4,xmm6
- DB 15,56,201,238
- DB 15,56,202,231
+ sha1msg1 xmm5,xmm6
+ sha1msg2 xmm4,xmm7
movdqa xmm1,xmm0
- DB 15,58,204,194,1
- DB 15,56,200,206
+ sha1rnds4 xmm0,xmm2,1
+ sha1nexte xmm1,xmm6
pxor xmm5,xmm7
- DB 15,56,202,236
- DB 15,56,201,247
+ sha1msg2 xmm5,xmm4
+ sha1msg1 xmm6,xmm7
movdqa xmm2,xmm0
- DB 15,58,204,193,2
- DB 15,56,200,215
+ sha1rnds4 xmm0,xmm1,2
+ sha1nexte xmm2,xmm7
pxor xmm6,xmm4
- DB 15,56,201,252
- DB 15,56,202,245
+ sha1msg1 xmm7,xmm4
+ sha1msg2 xmm6,xmm5
movdqa xmm1,xmm0
- DB 15,58,204,194,2
- DB 15,56,200,204
+ sha1rnds4 xmm0,xmm2,2
+ sha1nexte xmm1,xmm4
pxor xmm7,xmm5
- DB 15,56,202,254
- DB 15,56,201,229
+ sha1msg2 xmm7,xmm6
+ sha1msg1 xmm4,xmm5
movdqa xmm2,xmm0
- DB 15,58,204,193,2
- DB 15,56,200,213
+ sha1rnds4 xmm0,xmm1,2
+ sha1nexte xmm2,xmm5
pxor xmm4,xmm6
- DB 15,56,201,238
- DB 15,56,202,231
+ sha1msg1 xmm5,xmm6
+ sha1msg2 xmm4,xmm7
movdqa xmm1,xmm0
- DB 15,58,204,194,2
- DB 15,56,200,206
+ sha1rnds4 xmm0,xmm2,2
+ sha1nexte xmm1,xmm6
pxor xmm5,xmm7
- DB 15,56,202,236
- DB 15,56,201,247
+ sha1msg2 xmm5,xmm4
+ sha1msg1 xmm6,xmm7
movdqa xmm2,xmm0
- DB 15,58,204,193,2
- DB 15,56,200,215
+ sha1rnds4 xmm0,xmm1,2
+ sha1nexte xmm2,xmm7
pxor xmm6,xmm4
- DB 15,56,201,252
- DB 15,56,202,245
+ sha1msg1 xmm7,xmm4
+ sha1msg2 xmm6,xmm5
movdqa xmm1,xmm0
- DB 15,58,204,194,3
- DB 15,56,200,204
+ sha1rnds4 xmm0,xmm2,3
+ sha1nexte xmm1,xmm4
pxor xmm7,xmm5
- DB 15,56,202,254
+ sha1msg2 xmm7,xmm6
movdqu xmm4,XMMWORD[rsi]
movdqa xmm2,xmm0
- DB 15,58,204,193,3
- DB 15,56,200,213
+ sha1rnds4 xmm0,xmm1,3
+ sha1nexte xmm2,xmm5
movdqu xmm5,XMMWORD[16+rsi]
-DB 102,15,56,0,227
+ pshufb xmm4,xmm3
movdqa xmm1,xmm0
- DB 15,58,204,194,3
- DB 15,56,200,206
+ sha1rnds4 xmm0,xmm2,3
+ sha1nexte xmm1,xmm6
movdqu xmm6,XMMWORD[32+rsi]
-DB 102,15,56,0,235
+ pshufb xmm5,xmm3
movdqa xmm2,xmm0
- DB 15,58,204,193,3
- DB 15,56,200,215
+ sha1rnds4 xmm0,xmm1,3
+ sha1nexte xmm2,xmm7
movdqu xmm7,XMMWORD[48+rsi]
-DB 102,15,56,0,243
+ pshufb xmm6,xmm3
movdqa xmm1,xmm0
- DB 15,58,204,194,3
- DB 65,15,56,200,201
-DB 102,15,56,0,251
+ sha1rnds4 xmm0,xmm2,3
+ sha1nexte xmm1,xmm9
+ pshufb xmm7,xmm3
paddd xmm0,xmm8
movdqa xmm9,xmm1
@@ -1515,12 +1515,12 @@
movdqu xmm1,XMMWORD[16+r9]
movdqu xmm2,XMMWORD[32+r9]
movdqu xmm3,XMMWORD[48+r9]
-DB 102,15,56,0,198
-DB 102,15,56,0,206
-DB 102,15,56,0,214
+ pshufb xmm0,xmm6
+ pshufb xmm1,xmm6
+ pshufb xmm2,xmm6
add r9,64
paddd xmm0,xmm9
-DB 102,15,56,0,222
+ pshufb xmm3,xmm6
paddd xmm1,xmm9
paddd xmm2,xmm9
movdqa XMMWORD[rsp],xmm0
@@ -2412,12 +2412,12 @@
movdqu xmm1,XMMWORD[16+r9]
movdqu xmm2,XMMWORD[32+r9]
movdqu xmm3,XMMWORD[48+r9]
-DB 102,15,56,0,198
+ pshufb xmm0,xmm6
add r9,64
add ebx,DWORD[16+rsp]
xor esi,ebp
mov edi,ecx
-DB 102,15,56,0,206
+ pshufb xmm1,xmm6
rol ecx,5
add ebx,esi
xor edi,ebp
@@ -2453,7 +2453,7 @@
add ecx,DWORD[32+rsp]
xor esi,eax
mov edi,edx
-DB 102,15,56,0,214
+ pshufb xmm2,xmm6
rol edx,5
add ecx,esi
xor edi,eax
@@ -2489,7 +2489,7 @@
add edx,DWORD[48+rsp]
xor esi,ebx
mov edi,ebp
-DB 102,15,56,0,222
+ pshufb xmm3,xmm6
rol ebp,5
add edx,esi
xor edi,ebx
diff --git a/src/gen/bcm/sha256-x86_64-apple.S b/src/gen/bcm/sha256-x86_64-apple.S
index b33f807..367f0d3 100644
--- a/src/gen/bcm/sha256-x86_64-apple.S
+++ b/src/gen/bcm/sha256-x86_64-apple.S
@@ -1780,7 +1780,7 @@
pshufd $0xb1,%xmm1,%xmm1
pshufd $0x1b,%xmm2,%xmm2
movdqa %xmm7,%xmm8
-.byte 102,15,58,15,202,8
+ palignr $8,%xmm2,%xmm1
punpcklqdq %xmm0,%xmm2
jmp L$oop_shaext
@@ -1789,176 +1789,176 @@
movdqu (%rsi),%xmm3
movdqu 16(%rsi),%xmm4
movdqu 32(%rsi),%xmm5
-.byte 102,15,56,0,223
+ pshufb %xmm7,%xmm3
movdqu 48(%rsi),%xmm6
movdqa 0-128(%rcx),%xmm0
paddd %xmm3,%xmm0
-.byte 102,15,56,0,231
+ pshufb %xmm7,%xmm4
movdqa %xmm2,%xmm10
-.byte 15,56,203,209
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
nop
movdqa %xmm1,%xmm9
-.byte 15,56,203,202
+ sha256rnds2 %xmm2,%xmm1
movdqa 32-128(%rcx),%xmm0
paddd %xmm4,%xmm0
-.byte 102,15,56,0,239
-.byte 15,56,203,209
+ pshufb %xmm7,%xmm5
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
leaq 64(%rsi),%rsi
-.byte 15,56,204,220
-.byte 15,56,203,202
+ sha256msg1 %xmm4,%xmm3
+ sha256rnds2 %xmm2,%xmm1
movdqa 64-128(%rcx),%xmm0
paddd %xmm5,%xmm0
-.byte 102,15,56,0,247
-.byte 15,56,203,209
+ pshufb %xmm7,%xmm6
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm6,%xmm7
-.byte 102,15,58,15,253,4
+ palignr $4,%xmm5,%xmm7
nop
paddd %xmm7,%xmm3
-.byte 15,56,204,229
-.byte 15,56,203,202
+ sha256msg1 %xmm5,%xmm4
+ sha256rnds2 %xmm2,%xmm1
movdqa 96-128(%rcx),%xmm0
paddd %xmm6,%xmm0
-.byte 15,56,205,222
-.byte 15,56,203,209
+ sha256msg2 %xmm6,%xmm3
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm3,%xmm7
-.byte 102,15,58,15,254,4
+ palignr $4,%xmm6,%xmm7
nop
paddd %xmm7,%xmm4
-.byte 15,56,204,238
-.byte 15,56,203,202
+ sha256msg1 %xmm6,%xmm5
+ sha256rnds2 %xmm2,%xmm1
movdqa 128-128(%rcx),%xmm0
paddd %xmm3,%xmm0
-.byte 15,56,205,227
-.byte 15,56,203,209
+ sha256msg2 %xmm3,%xmm4
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm4,%xmm7
-.byte 102,15,58,15,251,4
+ palignr $4,%xmm3,%xmm7
nop
paddd %xmm7,%xmm5
-.byte 15,56,204,243
-.byte 15,56,203,202
+ sha256msg1 %xmm3,%xmm6
+ sha256rnds2 %xmm2,%xmm1
movdqa 160-128(%rcx),%xmm0
paddd %xmm4,%xmm0
-.byte 15,56,205,236
-.byte 15,56,203,209
+ sha256msg2 %xmm4,%xmm5
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm5,%xmm7
-.byte 102,15,58,15,252,4
+ palignr $4,%xmm4,%xmm7
nop
paddd %xmm7,%xmm6
-.byte 15,56,204,220
-.byte 15,56,203,202
+ sha256msg1 %xmm4,%xmm3
+ sha256rnds2 %xmm2,%xmm1
movdqa 192-128(%rcx),%xmm0
paddd %xmm5,%xmm0
-.byte 15,56,205,245
-.byte 15,56,203,209
+ sha256msg2 %xmm5,%xmm6
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm6,%xmm7
-.byte 102,15,58,15,253,4
+ palignr $4,%xmm5,%xmm7
nop
paddd %xmm7,%xmm3
-.byte 15,56,204,229
-.byte 15,56,203,202
+ sha256msg1 %xmm5,%xmm4
+ sha256rnds2 %xmm2,%xmm1
movdqa 224-128(%rcx),%xmm0
paddd %xmm6,%xmm0
-.byte 15,56,205,222
-.byte 15,56,203,209
+ sha256msg2 %xmm6,%xmm3
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm3,%xmm7
-.byte 102,15,58,15,254,4
+ palignr $4,%xmm6,%xmm7
nop
paddd %xmm7,%xmm4
-.byte 15,56,204,238
-.byte 15,56,203,202
+ sha256msg1 %xmm6,%xmm5
+ sha256rnds2 %xmm2,%xmm1
movdqa 256-128(%rcx),%xmm0
paddd %xmm3,%xmm0
-.byte 15,56,205,227
-.byte 15,56,203,209
+ sha256msg2 %xmm3,%xmm4
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm4,%xmm7
-.byte 102,15,58,15,251,4
+ palignr $4,%xmm3,%xmm7
nop
paddd %xmm7,%xmm5
-.byte 15,56,204,243
-.byte 15,56,203,202
+ sha256msg1 %xmm3,%xmm6
+ sha256rnds2 %xmm2,%xmm1
movdqa 288-128(%rcx),%xmm0
paddd %xmm4,%xmm0
-.byte 15,56,205,236
-.byte 15,56,203,209
+ sha256msg2 %xmm4,%xmm5
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm5,%xmm7
-.byte 102,15,58,15,252,4
+ palignr $4,%xmm4,%xmm7
nop
paddd %xmm7,%xmm6
-.byte 15,56,204,220
-.byte 15,56,203,202
+ sha256msg1 %xmm4,%xmm3
+ sha256rnds2 %xmm2,%xmm1
movdqa 320-128(%rcx),%xmm0
paddd %xmm5,%xmm0
-.byte 15,56,205,245
-.byte 15,56,203,209
+ sha256msg2 %xmm5,%xmm6
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm6,%xmm7
-.byte 102,15,58,15,253,4
+ palignr $4,%xmm5,%xmm7
nop
paddd %xmm7,%xmm3
-.byte 15,56,204,229
-.byte 15,56,203,202
+ sha256msg1 %xmm5,%xmm4
+ sha256rnds2 %xmm2,%xmm1
movdqa 352-128(%rcx),%xmm0
paddd %xmm6,%xmm0
-.byte 15,56,205,222
-.byte 15,56,203,209
+ sha256msg2 %xmm6,%xmm3
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm3,%xmm7
-.byte 102,15,58,15,254,4
+ palignr $4,%xmm6,%xmm7
nop
paddd %xmm7,%xmm4
-.byte 15,56,204,238
-.byte 15,56,203,202
+ sha256msg1 %xmm6,%xmm5
+ sha256rnds2 %xmm2,%xmm1
movdqa 384-128(%rcx),%xmm0
paddd %xmm3,%xmm0
-.byte 15,56,205,227
-.byte 15,56,203,209
+ sha256msg2 %xmm3,%xmm4
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm4,%xmm7
-.byte 102,15,58,15,251,4
+ palignr $4,%xmm3,%xmm7
nop
paddd %xmm7,%xmm5
-.byte 15,56,204,243
-.byte 15,56,203,202
+ sha256msg1 %xmm3,%xmm6
+ sha256rnds2 %xmm2,%xmm1
movdqa 416-128(%rcx),%xmm0
paddd %xmm4,%xmm0
-.byte 15,56,205,236
-.byte 15,56,203,209
+ sha256msg2 %xmm4,%xmm5
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm5,%xmm7
-.byte 102,15,58,15,252,4
-.byte 15,56,203,202
+ palignr $4,%xmm4,%xmm7
+ sha256rnds2 %xmm2,%xmm1
paddd %xmm7,%xmm6
movdqa 448-128(%rcx),%xmm0
paddd %xmm5,%xmm0
-.byte 15,56,203,209
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
-.byte 15,56,205,245
+ sha256msg2 %xmm5,%xmm6
movdqa %xmm8,%xmm7
-.byte 15,56,203,202
+ sha256rnds2 %xmm2,%xmm1
movdqa 480-128(%rcx),%xmm0
paddd %xmm6,%xmm0
nop
-.byte 15,56,203,209
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
decq %rdx
nop
-.byte 15,56,203,202
+ sha256rnds2 %xmm2,%xmm1
paddd %xmm10,%xmm2
paddd %xmm9,%xmm1
@@ -1968,7 +1968,7 @@
pshufd $0x1b,%xmm1,%xmm7
pshufd $0xb1,%xmm1,%xmm1
punpckhqdq %xmm2,%xmm1
-.byte 102,15,58,15,215,8
+ palignr $8,%xmm7,%xmm2
movdqu %xmm1,(%rdi)
movdqu %xmm2,16(%rdi)
@@ -2024,16 +2024,16 @@
movdqu 0(%rsi),%xmm0
movdqu 16(%rsi),%xmm1
movdqu 32(%rsi),%xmm2
-.byte 102,15,56,0,199
+ pshufb %xmm7,%xmm0
movdqu 48(%rsi),%xmm3
leaq K256(%rip),%rbp
-.byte 102,15,56,0,207
+ pshufb %xmm7,%xmm1
movdqa 0(%rbp),%xmm4
movdqa 32(%rbp),%xmm5
-.byte 102,15,56,0,215
+ pshufb %xmm7,%xmm2
paddd %xmm0,%xmm4
movdqa 64(%rbp),%xmm6
-.byte 102,15,56,0,223
+ pshufb %xmm7,%xmm3
movdqa 96(%rbp),%xmm7
paddd %xmm1,%xmm5
paddd %xmm2,%xmm6
@@ -2061,10 +2061,10 @@
xorl %r10d,%r12d
rorl $5,%r13d
xorl %eax,%r14d
-.byte 102,15,58,15,224,4
+ palignr $4,%xmm0,%xmm4
andl %r8d,%r12d
xorl %r8d,%r13d
-.byte 102,15,58,15,250,4
+ palignr $4,%xmm2,%xmm7
addl 0(%rsp),%r11d
movl %eax,%r15d
xorl %r10d,%r12d
@@ -2205,10 +2205,10 @@
xorl %ecx,%r12d
rorl $5,%r13d
xorl %r8d,%r14d
-.byte 102,15,58,15,225,4
+ palignr $4,%xmm1,%xmm4
andl %eax,%r12d
xorl %eax,%r13d
-.byte 102,15,58,15,251,4
+ palignr $4,%xmm3,%xmm7
addl 16(%rsp),%edx
movl %r8d,%r15d
xorl %ecx,%r12d
@@ -2349,10 +2349,10 @@
xorl %r10d,%r12d
rorl $5,%r13d
xorl %eax,%r14d
-.byte 102,15,58,15,226,4
+ palignr $4,%xmm2,%xmm4
andl %r8d,%r12d
xorl %r8d,%r13d
-.byte 102,15,58,15,248,4
+ palignr $4,%xmm0,%xmm7
addl 32(%rsp),%r11d
movl %eax,%r15d
xorl %r10d,%r12d
@@ -2493,10 +2493,10 @@
xorl %ecx,%r12d
rorl $5,%r13d
xorl %r8d,%r14d
-.byte 102,15,58,15,227,4
+ palignr $4,%xmm3,%xmm4
andl %eax,%r12d
xorl %eax,%r13d
-.byte 102,15,58,15,249,4
+ palignr $4,%xmm1,%xmm7
addl 48(%rsp),%edx
movl %r8d,%r15d
xorl %ecx,%r12d
diff --git a/src/gen/bcm/sha256-x86_64-linux.S b/src/gen/bcm/sha256-x86_64-linux.S
index 8476b03..938f531 100644
--- a/src/gen/bcm/sha256-x86_64-linux.S
+++ b/src/gen/bcm/sha256-x86_64-linux.S
@@ -1780,7 +1780,7 @@
pshufd $0xb1,%xmm1,%xmm1
pshufd $0x1b,%xmm2,%xmm2
movdqa %xmm7,%xmm8
-.byte 102,15,58,15,202,8
+ palignr $8,%xmm2,%xmm1
punpcklqdq %xmm0,%xmm2
jmp .Loop_shaext
@@ -1789,176 +1789,176 @@
movdqu (%rsi),%xmm3
movdqu 16(%rsi),%xmm4
movdqu 32(%rsi),%xmm5
-.byte 102,15,56,0,223
+ pshufb %xmm7,%xmm3
movdqu 48(%rsi),%xmm6
movdqa 0-128(%rcx),%xmm0
paddd %xmm3,%xmm0
-.byte 102,15,56,0,231
+ pshufb %xmm7,%xmm4
movdqa %xmm2,%xmm10
-.byte 15,56,203,209
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
nop
movdqa %xmm1,%xmm9
-.byte 15,56,203,202
+ sha256rnds2 %xmm2,%xmm1
movdqa 32-128(%rcx),%xmm0
paddd %xmm4,%xmm0
-.byte 102,15,56,0,239
-.byte 15,56,203,209
+ pshufb %xmm7,%xmm5
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
leaq 64(%rsi),%rsi
-.byte 15,56,204,220
-.byte 15,56,203,202
+ sha256msg1 %xmm4,%xmm3
+ sha256rnds2 %xmm2,%xmm1
movdqa 64-128(%rcx),%xmm0
paddd %xmm5,%xmm0
-.byte 102,15,56,0,247
-.byte 15,56,203,209
+ pshufb %xmm7,%xmm6
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm6,%xmm7
-.byte 102,15,58,15,253,4
+ palignr $4,%xmm5,%xmm7
nop
paddd %xmm7,%xmm3
-.byte 15,56,204,229
-.byte 15,56,203,202
+ sha256msg1 %xmm5,%xmm4
+ sha256rnds2 %xmm2,%xmm1
movdqa 96-128(%rcx),%xmm0
paddd %xmm6,%xmm0
-.byte 15,56,205,222
-.byte 15,56,203,209
+ sha256msg2 %xmm6,%xmm3
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm3,%xmm7
-.byte 102,15,58,15,254,4
+ palignr $4,%xmm6,%xmm7
nop
paddd %xmm7,%xmm4
-.byte 15,56,204,238
-.byte 15,56,203,202
+ sha256msg1 %xmm6,%xmm5
+ sha256rnds2 %xmm2,%xmm1
movdqa 128-128(%rcx),%xmm0
paddd %xmm3,%xmm0
-.byte 15,56,205,227
-.byte 15,56,203,209
+ sha256msg2 %xmm3,%xmm4
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm4,%xmm7
-.byte 102,15,58,15,251,4
+ palignr $4,%xmm3,%xmm7
nop
paddd %xmm7,%xmm5
-.byte 15,56,204,243
-.byte 15,56,203,202
+ sha256msg1 %xmm3,%xmm6
+ sha256rnds2 %xmm2,%xmm1
movdqa 160-128(%rcx),%xmm0
paddd %xmm4,%xmm0
-.byte 15,56,205,236
-.byte 15,56,203,209
+ sha256msg2 %xmm4,%xmm5
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm5,%xmm7
-.byte 102,15,58,15,252,4
+ palignr $4,%xmm4,%xmm7
nop
paddd %xmm7,%xmm6
-.byte 15,56,204,220
-.byte 15,56,203,202
+ sha256msg1 %xmm4,%xmm3
+ sha256rnds2 %xmm2,%xmm1
movdqa 192-128(%rcx),%xmm0
paddd %xmm5,%xmm0
-.byte 15,56,205,245
-.byte 15,56,203,209
+ sha256msg2 %xmm5,%xmm6
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm6,%xmm7
-.byte 102,15,58,15,253,4
+ palignr $4,%xmm5,%xmm7
nop
paddd %xmm7,%xmm3
-.byte 15,56,204,229
-.byte 15,56,203,202
+ sha256msg1 %xmm5,%xmm4
+ sha256rnds2 %xmm2,%xmm1
movdqa 224-128(%rcx),%xmm0
paddd %xmm6,%xmm0
-.byte 15,56,205,222
-.byte 15,56,203,209
+ sha256msg2 %xmm6,%xmm3
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm3,%xmm7
-.byte 102,15,58,15,254,4
+ palignr $4,%xmm6,%xmm7
nop
paddd %xmm7,%xmm4
-.byte 15,56,204,238
-.byte 15,56,203,202
+ sha256msg1 %xmm6,%xmm5
+ sha256rnds2 %xmm2,%xmm1
movdqa 256-128(%rcx),%xmm0
paddd %xmm3,%xmm0
-.byte 15,56,205,227
-.byte 15,56,203,209
+ sha256msg2 %xmm3,%xmm4
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm4,%xmm7
-.byte 102,15,58,15,251,4
+ palignr $4,%xmm3,%xmm7
nop
paddd %xmm7,%xmm5
-.byte 15,56,204,243
-.byte 15,56,203,202
+ sha256msg1 %xmm3,%xmm6
+ sha256rnds2 %xmm2,%xmm1
movdqa 288-128(%rcx),%xmm0
paddd %xmm4,%xmm0
-.byte 15,56,205,236
-.byte 15,56,203,209
+ sha256msg2 %xmm4,%xmm5
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm5,%xmm7
-.byte 102,15,58,15,252,4
+ palignr $4,%xmm4,%xmm7
nop
paddd %xmm7,%xmm6
-.byte 15,56,204,220
-.byte 15,56,203,202
+ sha256msg1 %xmm4,%xmm3
+ sha256rnds2 %xmm2,%xmm1
movdqa 320-128(%rcx),%xmm0
paddd %xmm5,%xmm0
-.byte 15,56,205,245
-.byte 15,56,203,209
+ sha256msg2 %xmm5,%xmm6
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm6,%xmm7
-.byte 102,15,58,15,253,4
+ palignr $4,%xmm5,%xmm7
nop
paddd %xmm7,%xmm3
-.byte 15,56,204,229
-.byte 15,56,203,202
+ sha256msg1 %xmm5,%xmm4
+ sha256rnds2 %xmm2,%xmm1
movdqa 352-128(%rcx),%xmm0
paddd %xmm6,%xmm0
-.byte 15,56,205,222
-.byte 15,56,203,209
+ sha256msg2 %xmm6,%xmm3
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm3,%xmm7
-.byte 102,15,58,15,254,4
+ palignr $4,%xmm6,%xmm7
nop
paddd %xmm7,%xmm4
-.byte 15,56,204,238
-.byte 15,56,203,202
+ sha256msg1 %xmm6,%xmm5
+ sha256rnds2 %xmm2,%xmm1
movdqa 384-128(%rcx),%xmm0
paddd %xmm3,%xmm0
-.byte 15,56,205,227
-.byte 15,56,203,209
+ sha256msg2 %xmm3,%xmm4
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm4,%xmm7
-.byte 102,15,58,15,251,4
+ palignr $4,%xmm3,%xmm7
nop
paddd %xmm7,%xmm5
-.byte 15,56,204,243
-.byte 15,56,203,202
+ sha256msg1 %xmm3,%xmm6
+ sha256rnds2 %xmm2,%xmm1
movdqa 416-128(%rcx),%xmm0
paddd %xmm4,%xmm0
-.byte 15,56,205,236
-.byte 15,56,203,209
+ sha256msg2 %xmm4,%xmm5
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
movdqa %xmm5,%xmm7
-.byte 102,15,58,15,252,4
-.byte 15,56,203,202
+ palignr $4,%xmm4,%xmm7
+ sha256rnds2 %xmm2,%xmm1
paddd %xmm7,%xmm6
movdqa 448-128(%rcx),%xmm0
paddd %xmm5,%xmm0
-.byte 15,56,203,209
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
-.byte 15,56,205,245
+ sha256msg2 %xmm5,%xmm6
movdqa %xmm8,%xmm7
-.byte 15,56,203,202
+ sha256rnds2 %xmm2,%xmm1
movdqa 480-128(%rcx),%xmm0
paddd %xmm6,%xmm0
nop
-.byte 15,56,203,209
+ sha256rnds2 %xmm1,%xmm2
pshufd $0x0e,%xmm0,%xmm0
decq %rdx
nop
-.byte 15,56,203,202
+ sha256rnds2 %xmm2,%xmm1
paddd %xmm10,%xmm2
paddd %xmm9,%xmm1
@@ -1968,7 +1968,7 @@
pshufd $0x1b,%xmm1,%xmm7
pshufd $0xb1,%xmm1,%xmm1
punpckhqdq %xmm2,%xmm1
-.byte 102,15,58,15,215,8
+ palignr $8,%xmm7,%xmm2
movdqu %xmm1,(%rdi)
movdqu %xmm2,16(%rdi)
@@ -2024,16 +2024,16 @@
movdqu 0(%rsi),%xmm0
movdqu 16(%rsi),%xmm1
movdqu 32(%rsi),%xmm2
-.byte 102,15,56,0,199
+ pshufb %xmm7,%xmm0
movdqu 48(%rsi),%xmm3
leaq K256(%rip),%rbp
-.byte 102,15,56,0,207
+ pshufb %xmm7,%xmm1
movdqa 0(%rbp),%xmm4
movdqa 32(%rbp),%xmm5
-.byte 102,15,56,0,215
+ pshufb %xmm7,%xmm2
paddd %xmm0,%xmm4
movdqa 64(%rbp),%xmm6
-.byte 102,15,56,0,223
+ pshufb %xmm7,%xmm3
movdqa 96(%rbp),%xmm7
paddd %xmm1,%xmm5
paddd %xmm2,%xmm6
@@ -2061,10 +2061,10 @@
xorl %r10d,%r12d
rorl $5,%r13d
xorl %eax,%r14d
-.byte 102,15,58,15,224,4
+ palignr $4,%xmm0,%xmm4
andl %r8d,%r12d
xorl %r8d,%r13d
-.byte 102,15,58,15,250,4
+ palignr $4,%xmm2,%xmm7
addl 0(%rsp),%r11d
movl %eax,%r15d
xorl %r10d,%r12d
@@ -2205,10 +2205,10 @@
xorl %ecx,%r12d
rorl $5,%r13d
xorl %r8d,%r14d
-.byte 102,15,58,15,225,4
+ palignr $4,%xmm1,%xmm4
andl %eax,%r12d
xorl %eax,%r13d
-.byte 102,15,58,15,251,4
+ palignr $4,%xmm3,%xmm7
addl 16(%rsp),%edx
movl %r8d,%r15d
xorl %ecx,%r12d
@@ -2349,10 +2349,10 @@
xorl %r10d,%r12d
rorl $5,%r13d
xorl %eax,%r14d
-.byte 102,15,58,15,226,4
+ palignr $4,%xmm2,%xmm4
andl %r8d,%r12d
xorl %r8d,%r13d
-.byte 102,15,58,15,248,4
+ palignr $4,%xmm0,%xmm7
addl 32(%rsp),%r11d
movl %eax,%r15d
xorl %r10d,%r12d
@@ -2493,10 +2493,10 @@
xorl %ecx,%r12d
rorl $5,%r13d
xorl %r8d,%r14d
-.byte 102,15,58,15,227,4
+ palignr $4,%xmm3,%xmm4
andl %eax,%r12d
xorl %eax,%r13d
-.byte 102,15,58,15,249,4
+ palignr $4,%xmm1,%xmm7
addl 48(%rsp),%edx
movl %r8d,%r15d
xorl %ecx,%r12d
diff --git a/src/gen/bcm/sha256-x86_64-win.asm b/src/gen/bcm/sha256-x86_64-win.asm
index ada8dba..b720603 100644
--- a/src/gen/bcm/sha256-x86_64-win.asm
+++ b/src/gen/bcm/sha256-x86_64-win.asm
@@ -1818,7 +1818,7 @@
pshufd xmm1,xmm1,0xb1
pshufd xmm2,xmm2,0x1b
movdqa xmm8,xmm7
-DB 102,15,58,15,202,8
+ palignr xmm1,xmm2,8
punpcklqdq xmm2,xmm0
jmp NEAR $L$oop_shaext
@@ -1827,176 +1827,176 @@
movdqu xmm3,XMMWORD[rsi]
movdqu xmm4,XMMWORD[16+rsi]
movdqu xmm5,XMMWORD[32+rsi]
-DB 102,15,56,0,223
+ pshufb xmm3,xmm7
movdqu xmm6,XMMWORD[48+rsi]
movdqa xmm0,XMMWORD[((0-128))+rcx]
paddd xmm0,xmm3
-DB 102,15,56,0,231
+ pshufb xmm4,xmm7
movdqa xmm10,xmm2
- DB 15,56,203,209
+ sha256rnds2 xmm2,xmm1
pshufd xmm0,xmm0,0x0e
nop
movdqa xmm9,xmm1
- DB 15,56,203,202
+ sha256rnds2 xmm1,xmm2
movdqa xmm0,XMMWORD[((32-128))+rcx]
paddd xmm0,xmm4
-DB 102,15,56,0,239
- DB 15,56,203,209
+ pshufb xmm5,xmm7
+ sha256rnds2 xmm2,xmm1
pshufd xmm0,xmm0,0x0e
lea rsi,[64+rsi]
- DB 15,56,204,220
- DB 15,56,203,202
+ sha256msg1 xmm3,xmm4
+ sha256rnds2 xmm1,xmm2
movdqa xmm0,XMMWORD[((64-128))+rcx]
paddd xmm0,xmm5
-DB 102,15,56,0,247
- DB 15,56,203,209
+ pshufb xmm6,xmm7
+ sha256rnds2 xmm2,xmm1
pshufd xmm0,xmm0,0x0e
movdqa xmm7,xmm6
-DB 102,15,58,15,253,4
+ palignr xmm7,xmm5,4
nop
paddd xmm3,xmm7
- DB 15,56,204,229
- DB 15,56,203,202
+ sha256msg1 xmm4,xmm5
+ sha256rnds2 xmm1,xmm2
movdqa xmm0,XMMWORD[((96-128))+rcx]
paddd xmm0,xmm6
- DB 15,56,205,222
- DB 15,56,203,209
+ sha256msg2 xmm3,xmm6
+ sha256rnds2 xmm2,xmm1
pshufd xmm0,xmm0,0x0e
movdqa xmm7,xmm3
-DB 102,15,58,15,254,4
+ palignr xmm7,xmm6,4
nop
paddd xmm4,xmm7
- DB 15,56,204,238
- DB 15,56,203,202
+ sha256msg1 xmm5,xmm6
+ sha256rnds2 xmm1,xmm2
movdqa xmm0,XMMWORD[((128-128))+rcx]
paddd xmm0,xmm3
- DB 15,56,205,227
- DB 15,56,203,209
+ sha256msg2 xmm4,xmm3
+ sha256rnds2 xmm2,xmm1
pshufd xmm0,xmm0,0x0e
movdqa xmm7,xmm4
-DB 102,15,58,15,251,4
+ palignr xmm7,xmm3,4
nop
paddd xmm5,xmm7
- DB 15,56,204,243
- DB 15,56,203,202
+ sha256msg1 xmm6,xmm3
+ sha256rnds2 xmm1,xmm2
movdqa xmm0,XMMWORD[((160-128))+rcx]
paddd xmm0,xmm4
- DB 15,56,205,236
- DB 15,56,203,209
+ sha256msg2 xmm5,xmm4
+ sha256rnds2 xmm2,xmm1
pshufd xmm0,xmm0,0x0e
movdqa xmm7,xmm5
-DB 102,15,58,15,252,4
+ palignr xmm7,xmm4,4
nop
paddd xmm6,xmm7
- DB 15,56,204,220
- DB 15,56,203,202
+ sha256msg1 xmm3,xmm4
+ sha256rnds2 xmm1,xmm2
movdqa xmm0,XMMWORD[((192-128))+rcx]
paddd xmm0,xmm5
- DB 15,56,205,245
- DB 15,56,203,209
+ sha256msg2 xmm6,xmm5
+ sha256rnds2 xmm2,xmm1
pshufd xmm0,xmm0,0x0e
movdqa xmm7,xmm6
-DB 102,15,58,15,253,4
+ palignr xmm7,xmm5,4
nop
paddd xmm3,xmm7
- DB 15,56,204,229
- DB 15,56,203,202
+ sha256msg1 xmm4,xmm5
+ sha256rnds2 xmm1,xmm2
movdqa xmm0,XMMWORD[((224-128))+rcx]
paddd xmm0,xmm6
- DB 15,56,205,222
- DB 15,56,203,209
+ sha256msg2 xmm3,xmm6
+ sha256rnds2 xmm2,xmm1
pshufd xmm0,xmm0,0x0e
movdqa xmm7,xmm3
-DB 102,15,58,15,254,4
+ palignr xmm7,xmm6,4
nop
paddd xmm4,xmm7
- DB 15,56,204,238
- DB 15,56,203,202
+ sha256msg1 xmm5,xmm6
+ sha256rnds2 xmm1,xmm2
movdqa xmm0,XMMWORD[((256-128))+rcx]
paddd xmm0,xmm3
- DB 15,56,205,227
- DB 15,56,203,209
+ sha256msg2 xmm4,xmm3
+ sha256rnds2 xmm2,xmm1
pshufd xmm0,xmm0,0x0e
movdqa xmm7,xmm4
-DB 102,15,58,15,251,4
+ palignr xmm7,xmm3,4
nop
paddd xmm5,xmm7
- DB 15,56,204,243
- DB 15,56,203,202
+ sha256msg1 xmm6,xmm3
+ sha256rnds2 xmm1,xmm2
movdqa xmm0,XMMWORD[((288-128))+rcx]
paddd xmm0,xmm4
- DB 15,56,205,236
- DB 15,56,203,209
+ sha256msg2 xmm5,xmm4
+ sha256rnds2 xmm2,xmm1
pshufd xmm0,xmm0,0x0e
movdqa xmm7,xmm5
-DB 102,15,58,15,252,4
+ palignr xmm7,xmm4,4
nop
paddd xmm6,xmm7
- DB 15,56,204,220
- DB 15,56,203,202
+ sha256msg1 xmm3,xmm4
+ sha256rnds2 xmm1,xmm2
movdqa xmm0,XMMWORD[((320-128))+rcx]
paddd xmm0,xmm5
- DB 15,56,205,245
- DB 15,56,203,209
+ sha256msg2 xmm6,xmm5
+ sha256rnds2 xmm2,xmm1
pshufd xmm0,xmm0,0x0e
movdqa xmm7,xmm6
-DB 102,15,58,15,253,4
+ palignr xmm7,xmm5,4
nop
paddd xmm3,xmm7
- DB 15,56,204,229
- DB 15,56,203,202
+ sha256msg1 xmm4,xmm5
+ sha256rnds2 xmm1,xmm2
movdqa xmm0,XMMWORD[((352-128))+rcx]
paddd xmm0,xmm6
- DB 15,56,205,222
- DB 15,56,203,209
+ sha256msg2 xmm3,xmm6
+ sha256rnds2 xmm2,xmm1
pshufd xmm0,xmm0,0x0e
movdqa xmm7,xmm3
-DB 102,15,58,15,254,4
+ palignr xmm7,xmm6,4
nop
paddd xmm4,xmm7
- DB 15,56,204,238
- DB 15,56,203,202
+ sha256msg1 xmm5,xmm6
+ sha256rnds2 xmm1,xmm2
movdqa xmm0,XMMWORD[((384-128))+rcx]
paddd xmm0,xmm3
- DB 15,56,205,227
- DB 15,56,203,209
+ sha256msg2 xmm4,xmm3
+ sha256rnds2 xmm2,xmm1
pshufd xmm0,xmm0,0x0e
movdqa xmm7,xmm4
-DB 102,15,58,15,251,4
+ palignr xmm7,xmm3,4
nop
paddd xmm5,xmm7
- DB 15,56,204,243
- DB 15,56,203,202
+ sha256msg1 xmm6,xmm3
+ sha256rnds2 xmm1,xmm2
movdqa xmm0,XMMWORD[((416-128))+rcx]
paddd xmm0,xmm4
- DB 15,56,205,236
- DB 15,56,203,209
+ sha256msg2 xmm5,xmm4
+ sha256rnds2 xmm2,xmm1
pshufd xmm0,xmm0,0x0e
movdqa xmm7,xmm5
-DB 102,15,58,15,252,4
- DB 15,56,203,202
+ palignr xmm7,xmm4,4
+ sha256rnds2 xmm1,xmm2
paddd xmm6,xmm7
movdqa xmm0,XMMWORD[((448-128))+rcx]
paddd xmm0,xmm5
- DB 15,56,203,209
+ sha256rnds2 xmm2,xmm1
pshufd xmm0,xmm0,0x0e
- DB 15,56,205,245
+ sha256msg2 xmm6,xmm5
movdqa xmm7,xmm8
- DB 15,56,203,202
+ sha256rnds2 xmm1,xmm2
movdqa xmm0,XMMWORD[((480-128))+rcx]
paddd xmm0,xmm6
nop
- DB 15,56,203,209
+ sha256rnds2 xmm2,xmm1
pshufd xmm0,xmm0,0x0e
dec rdx
nop
- DB 15,56,203,202
+ sha256rnds2 xmm1,xmm2
paddd xmm2,xmm10
paddd xmm1,xmm9
@@ -2006,7 +2006,7 @@
pshufd xmm7,xmm1,0x1b
pshufd xmm1,xmm1,0xb1
punpckhqdq xmm1,xmm2
-DB 102,15,58,15,215,8
+ palignr xmm2,xmm7,8
movdqu XMMWORD[rdi],xmm1
movdqu XMMWORD[16+rdi],xmm2
@@ -2083,16 +2083,16 @@
movdqu xmm0,XMMWORD[rsi]
movdqu xmm1,XMMWORD[16+rsi]
movdqu xmm2,XMMWORD[32+rsi]
-DB 102,15,56,0,199
+ pshufb xmm0,xmm7
movdqu xmm3,XMMWORD[48+rsi]
lea rbp,[K256]
-DB 102,15,56,0,207
+ pshufb xmm1,xmm7
movdqa xmm4,XMMWORD[rbp]
movdqa xmm5,XMMWORD[32+rbp]
-DB 102,15,56,0,215
+ pshufb xmm2,xmm7
paddd xmm4,xmm0
movdqa xmm6,XMMWORD[64+rbp]
-DB 102,15,56,0,223
+ pshufb xmm3,xmm7
movdqa xmm7,XMMWORD[96+rbp]
paddd xmm5,xmm1
paddd xmm6,xmm2
@@ -2120,10 +2120,10 @@
xor r12d,r10d
ror r13d,5
xor r14d,eax
-DB 102,15,58,15,224,4
+ palignr xmm4,xmm0,4
and r12d,r8d
xor r13d,r8d
-DB 102,15,58,15,250,4
+ palignr xmm7,xmm2,4
add r11d,DWORD[rsp]
mov r15d,eax
xor r12d,r10d
@@ -2264,10 +2264,10 @@
xor r12d,ecx
ror r13d,5
xor r14d,r8d
-DB 102,15,58,15,225,4
+ palignr xmm4,xmm1,4
and r12d,eax
xor r13d,eax
-DB 102,15,58,15,251,4
+ palignr xmm7,xmm3,4
add edx,DWORD[16+rsp]
mov r15d,r8d
xor r12d,ecx
@@ -2408,10 +2408,10 @@
xor r12d,r10d
ror r13d,5
xor r14d,eax
-DB 102,15,58,15,226,4
+ palignr xmm4,xmm2,4
and r12d,r8d
xor r13d,r8d
-DB 102,15,58,15,248,4
+ palignr xmm7,xmm0,4
add r11d,DWORD[32+rsp]
mov r15d,eax
xor r12d,r10d
@@ -2552,10 +2552,10 @@
xor r12d,ecx
ror r13d,5
xor r14d,r8d
-DB 102,15,58,15,227,4
+ palignr xmm4,xmm3,4
and r12d,eax
xor r13d,eax
-DB 102,15,58,15,249,4
+ palignr xmm7,xmm1,4
add edx,DWORD[48+rsp]
mov r15d,r8d
xor r12d,ecx
diff --git a/src/gen/bcm/vpaes-x86_64-apple.S b/src/gen/bcm/vpaes-x86_64-apple.S
index 5aea40f..bfcc030 100644
--- a/src/gen/bcm/vpaes-x86_64-apple.S
+++ b/src/gen/bcm/vpaes-x86_64-apple.S
@@ -34,9 +34,9 @@
movdqu (%r9),%xmm5
psrld $4,%xmm1
pand %xmm9,%xmm0
-.byte 102,15,56,0,208
+ pshufb %xmm0,%xmm2
movdqa L$k_ipt+16(%rip),%xmm0
-.byte 102,15,56,0,193
+ pshufb %xmm1,%xmm0
pxor %xmm5,%xmm2
addq $16,%r9
pxor %xmm2,%xmm0
@@ -48,25 +48,25 @@
movdqa %xmm13,%xmm4
movdqa %xmm12,%xmm0
-.byte 102,15,56,0,226
-.byte 102,15,56,0,195
+ pshufb %xmm2,%xmm4
+ pshufb %xmm3,%xmm0
pxor %xmm5,%xmm4
movdqa %xmm15,%xmm5
pxor %xmm4,%xmm0
movdqa -64(%r11,%r10,1),%xmm1
-.byte 102,15,56,0,234
+ pshufb %xmm2,%xmm5
movdqa (%r11,%r10,1),%xmm4
movdqa %xmm14,%xmm2
-.byte 102,15,56,0,211
+ pshufb %xmm3,%xmm2
movdqa %xmm0,%xmm3
pxor %xmm5,%xmm2
-.byte 102,15,56,0,193
+ pshufb %xmm1,%xmm0
addq $16,%r9
pxor %xmm2,%xmm0
-.byte 102,15,56,0,220
+ pshufb %xmm4,%xmm3
addq $16,%r11
pxor %xmm0,%xmm3
-.byte 102,15,56,0,193
+ pshufb %xmm1,%xmm0
andq $0x30,%r11
subq $1,%rax
pxor %xmm3,%xmm0
@@ -78,19 +78,19 @@
pandn %xmm0,%xmm1
psrld $4,%xmm1
pand %xmm9,%xmm0
-.byte 102,15,56,0,232
+ pshufb %xmm0,%xmm5
movdqa %xmm10,%xmm3
pxor %xmm1,%xmm0
-.byte 102,15,56,0,217
+ pshufb %xmm1,%xmm3
movdqa %xmm10,%xmm4
pxor %xmm5,%xmm3
-.byte 102,15,56,0,224
+ pshufb %xmm0,%xmm4
movdqa %xmm10,%xmm2
pxor %xmm5,%xmm4
-.byte 102,15,56,0,211
+ pshufb %xmm3,%xmm2
movdqa %xmm10,%xmm3
pxor %xmm0,%xmm2
-.byte 102,15,56,0,220
+ pshufb %xmm4,%xmm3
movdqu (%r9),%xmm5
pxor %xmm1,%xmm3
jnz L$enc_loop
@@ -98,12 +98,12 @@
movdqa -96(%r10),%xmm4
movdqa -80(%r10),%xmm0
-.byte 102,15,56,0,226
+ pshufb %xmm2,%xmm4
pxor %xmm5,%xmm4
-.byte 102,15,56,0,195
+ pshufb %xmm3,%xmm0
movdqa 64(%r11,%r10,1),%xmm1
pxor %xmm4,%xmm0
-.byte 102,15,56,0,193
+ pshufb %xmm1,%xmm0
ret
@@ -156,12 +156,12 @@
psrld $4,%xmm7
pand %xmm9,%xmm0
pand %xmm9,%xmm6
-.byte 102,15,56,0,208
-.byte 102,68,15,56,0,198
+ pshufb %xmm0,%xmm2
+ pshufb %xmm6,%xmm8
movdqa L$k_ipt+16(%rip),%xmm0
movdqa %xmm0,%xmm6
-.byte 102,15,56,0,193
-.byte 102,15,56,0,247
+ pshufb %xmm1,%xmm0
+ pshufb %xmm7,%xmm6
pxor %xmm5,%xmm2
pxor %xmm5,%xmm8
addq $16,%r9
@@ -177,10 +177,10 @@
movdqa L$k_sb1+16(%rip),%xmm0
movdqa %xmm4,%xmm12
movdqa %xmm0,%xmm6
-.byte 102,15,56,0,226
-.byte 102,69,15,56,0,224
-.byte 102,15,56,0,195
-.byte 102,65,15,56,0,243
+ pshufb %xmm2,%xmm4
+ pshufb %xmm8,%xmm12
+ pshufb %xmm3,%xmm0
+ pshufb %xmm11,%xmm6
pxor %xmm5,%xmm4
pxor %xmm5,%xmm12
movdqa L$k_sb2(%rip),%xmm5
@@ -189,30 +189,30 @@
pxor %xmm12,%xmm6
movdqa -64(%r11,%r10,1),%xmm1
-.byte 102,15,56,0,234
-.byte 102,69,15,56,0,232
+ pshufb %xmm2,%xmm5
+ pshufb %xmm8,%xmm13
movdqa (%r11,%r10,1),%xmm4
movdqa L$k_sb2+16(%rip),%xmm2
movdqa %xmm2,%xmm8
-.byte 102,15,56,0,211
-.byte 102,69,15,56,0,195
+ pshufb %xmm3,%xmm2
+ pshufb %xmm11,%xmm8
movdqa %xmm0,%xmm3
movdqa %xmm6,%xmm11
pxor %xmm5,%xmm2
pxor %xmm13,%xmm8
-.byte 102,15,56,0,193
-.byte 102,15,56,0,241
+ pshufb %xmm1,%xmm0
+ pshufb %xmm1,%xmm6
addq $16,%r9
pxor %xmm2,%xmm0
pxor %xmm8,%xmm6
-.byte 102,15,56,0,220
-.byte 102,68,15,56,0,220
+ pshufb %xmm4,%xmm3
+ pshufb %xmm4,%xmm11
addq $16,%r11
pxor %xmm0,%xmm3
pxor %xmm6,%xmm11
-.byte 102,15,56,0,193
-.byte 102,15,56,0,241
+ pshufb %xmm1,%xmm0
+ pshufb %xmm1,%xmm6
andq $0x30,%r11
subq $1,%rax
pxor %xmm3,%xmm0
@@ -230,32 +230,32 @@
psrld $4,%xmm7
pand %xmm9,%xmm0
pand %xmm9,%xmm6
-.byte 102,15,56,0,232
-.byte 102,68,15,56,0,238
+ pshufb %xmm0,%xmm5
+ pshufb %xmm6,%xmm13
movdqa %xmm10,%xmm3
movdqa %xmm10,%xmm11
pxor %xmm1,%xmm0
pxor %xmm7,%xmm6
-.byte 102,15,56,0,217
-.byte 102,68,15,56,0,223
+ pshufb %xmm1,%xmm3
+ pshufb %xmm7,%xmm11
movdqa %xmm10,%xmm4
movdqa %xmm10,%xmm12
pxor %xmm5,%xmm3
pxor %xmm13,%xmm11
-.byte 102,15,56,0,224
-.byte 102,68,15,56,0,230
+ pshufb %xmm0,%xmm4
+ pshufb %xmm6,%xmm12
movdqa %xmm10,%xmm2
movdqa %xmm10,%xmm8
pxor %xmm5,%xmm4
pxor %xmm13,%xmm12
-.byte 102,15,56,0,211
-.byte 102,69,15,56,0,195
+ pshufb %xmm3,%xmm2
+ pshufb %xmm11,%xmm8
movdqa %xmm10,%xmm3
movdqa %xmm10,%xmm11
pxor %xmm0,%xmm2
pxor %xmm6,%xmm8
-.byte 102,15,56,0,220
-.byte 102,69,15,56,0,220
+ pshufb %xmm4,%xmm3
+ pshufb %xmm12,%xmm11
movdqu (%r9),%xmm5
pxor %xmm1,%xmm3
@@ -267,18 +267,18 @@
movdqa -80(%r10),%xmm0
movdqa %xmm4,%xmm12
movdqa %xmm0,%xmm6
-.byte 102,15,56,0,226
-.byte 102,69,15,56,0,224
+ pshufb %xmm2,%xmm4
+ pshufb %xmm8,%xmm12
pxor %xmm5,%xmm4
pxor %xmm5,%xmm12
-.byte 102,15,56,0,195
-.byte 102,65,15,56,0,243
+ pshufb %xmm3,%xmm0
+ pshufb %xmm11,%xmm6
movdqa 64(%r11,%r10,1),%xmm1
pxor %xmm4,%xmm0
pxor %xmm12,%xmm6
-.byte 102,15,56,0,193
-.byte 102,15,56,0,241
+ pshufb %xmm1,%xmm0
+ pshufb %xmm1,%xmm6
ret
@@ -302,11 +302,11 @@
movdqu (%r9),%xmm5
shlq $4,%r11
pand %xmm9,%xmm0
-.byte 102,15,56,0,208
+ pshufb %xmm0,%xmm2
movdqa L$k_dipt+16(%rip),%xmm0
xorq $0x30,%r11
leaq L$k_dsbd(%rip),%r10
-.byte 102,15,56,0,193
+ pshufb %xmm1,%xmm0
andq $0x30,%r11
pxor %xmm5,%xmm2
movdqa L$k_mc_forward+48(%rip),%xmm5
@@ -322,35 +322,35 @@
movdqa -32(%r10),%xmm4
movdqa -16(%r10),%xmm1
-.byte 102,15,56,0,226
-.byte 102,15,56,0,203
+ pshufb %xmm2,%xmm4
+ pshufb %xmm3,%xmm1
pxor %xmm4,%xmm0
movdqa 0(%r10),%xmm4
pxor %xmm1,%xmm0
movdqa 16(%r10),%xmm1
-.byte 102,15,56,0,226
-.byte 102,15,56,0,197
-.byte 102,15,56,0,203
+ pshufb %xmm2,%xmm4
+ pshufb %xmm5,%xmm0
+ pshufb %xmm3,%xmm1
pxor %xmm4,%xmm0
movdqa 32(%r10),%xmm4
pxor %xmm1,%xmm0
movdqa 48(%r10),%xmm1
-.byte 102,15,56,0,226
-.byte 102,15,56,0,197
-.byte 102,15,56,0,203
+ pshufb %xmm2,%xmm4
+ pshufb %xmm5,%xmm0
+ pshufb %xmm3,%xmm1
pxor %xmm4,%xmm0
movdqa 64(%r10),%xmm4
pxor %xmm1,%xmm0
movdqa 80(%r10),%xmm1
-.byte 102,15,56,0,226
-.byte 102,15,56,0,197
-.byte 102,15,56,0,203
+ pshufb %xmm2,%xmm4
+ pshufb %xmm5,%xmm0
+ pshufb %xmm3,%xmm1
pxor %xmm4,%xmm0
addq $16,%r9
-.byte 102,15,58,15,237,12
+ palignr $12,%xmm5,%xmm5
pxor %xmm1,%xmm0
subq $1,%rax
@@ -361,32 +361,32 @@
movdqa %xmm11,%xmm2
psrld $4,%xmm1
pand %xmm9,%xmm0
-.byte 102,15,56,0,208
+ pshufb %xmm0,%xmm2
movdqa %xmm10,%xmm3
pxor %xmm1,%xmm0
-.byte 102,15,56,0,217
+ pshufb %xmm1,%xmm3
movdqa %xmm10,%xmm4
pxor %xmm2,%xmm3
-.byte 102,15,56,0,224
+ pshufb %xmm0,%xmm4
pxor %xmm2,%xmm4
movdqa %xmm10,%xmm2
-.byte 102,15,56,0,211
+ pshufb %xmm3,%xmm2
movdqa %xmm10,%xmm3
pxor %xmm0,%xmm2
-.byte 102,15,56,0,220
+ pshufb %xmm4,%xmm3
movdqu (%r9),%xmm0
pxor %xmm1,%xmm3
jnz L$dec_loop
movdqa 96(%r10),%xmm4
-.byte 102,15,56,0,226
+ pshufb %xmm2,%xmm4
pxor %xmm0,%xmm4
movdqa 112(%r10),%xmm0
movdqa -352(%r11),%xmm2
-.byte 102,15,56,0,195
+ pshufb %xmm3,%xmm0
pxor %xmm4,%xmm0
-.byte 102,15,56,0,194
+ pshufb %xmm2,%xmm0
ret
@@ -426,7 +426,7 @@
L$schedule_am_decrypting:
movdqa (%r8,%r10,1),%xmm1
-.byte 102,15,56,0,217
+ pshufb %xmm1,%xmm3
movdqu %xmm3,(%rdx)
xorq $0x30,%r8
@@ -480,7 +480,7 @@
L$oop_schedule_192:
call _vpaes_schedule_round
-.byte 102,15,58,15,198,8
+ palignr $8,%xmm6,%xmm0
call _vpaes_schedule_mangle
call _vpaes_schedule_192_smear
call _vpaes_schedule_mangle
@@ -546,7 +546,7 @@
movdqa (%r8,%r10,1),%xmm1
-.byte 102,15,56,0,193
+ pshufb %xmm1,%xmm0
leaq L$k_opt(%rip),%r11
addq $32,%rdx
@@ -622,13 +622,13 @@
pxor %xmm1,%xmm1
-.byte 102,65,15,58,15,200,15
-.byte 102,69,15,58,15,192,15
+ palignr $15,%xmm8,%xmm1
+ palignr $15,%xmm8,%xmm8
pxor %xmm1,%xmm7
pshufd $0xFF,%xmm0,%xmm0
-.byte 102,15,58,15,192,1
+ palignr $1,%xmm0,%xmm0
@@ -649,24 +649,24 @@
psrld $4,%xmm1
pand %xmm9,%xmm0
movdqa %xmm11,%xmm2
-.byte 102,15,56,0,208
+ pshufb %xmm0,%xmm2
pxor %xmm1,%xmm0
movdqa %xmm10,%xmm3
-.byte 102,15,56,0,217
+ pshufb %xmm1,%xmm3
pxor %xmm2,%xmm3
movdqa %xmm10,%xmm4
-.byte 102,15,56,0,224
+ pshufb %xmm0,%xmm4
pxor %xmm2,%xmm4
movdqa %xmm10,%xmm2
-.byte 102,15,56,0,211
+ pshufb %xmm3,%xmm2
pxor %xmm0,%xmm2
movdqa %xmm10,%xmm3
-.byte 102,15,56,0,220
+ pshufb %xmm4,%xmm3
pxor %xmm1,%xmm3
movdqa %xmm13,%xmm4
-.byte 102,15,56,0,226
+ pshufb %xmm2,%xmm4
movdqa %xmm12,%xmm0
-.byte 102,15,56,0,195
+ pshufb %xmm3,%xmm0
pxor %xmm4,%xmm0
@@ -694,9 +694,9 @@
psrld $4,%xmm1
pand %xmm9,%xmm0
movdqa (%r11),%xmm2
-.byte 102,15,56,0,208
+ pshufb %xmm0,%xmm2
movdqa 16(%r11),%xmm0
-.byte 102,15,56,0,193
+ pshufb %xmm1,%xmm0
pxor %xmm2,%xmm0
ret
@@ -737,11 +737,11 @@
addq $16,%rdx
pxor L$k_s63(%rip),%xmm4
-.byte 102,15,56,0,229
+ pshufb %xmm5,%xmm4
movdqa %xmm4,%xmm3
-.byte 102,15,56,0,229
+ pshufb %xmm5,%xmm4
pxor %xmm4,%xmm3
-.byte 102,15,56,0,229
+ pshufb %xmm5,%xmm4
pxor %xmm4,%xmm3
jmp L$schedule_mangle_both
@@ -755,40 +755,40 @@
pand %xmm9,%xmm4
movdqa 0(%r11),%xmm2
-.byte 102,15,56,0,212
+ pshufb %xmm4,%xmm2
movdqa 16(%r11),%xmm3
-.byte 102,15,56,0,217
+ pshufb %xmm1,%xmm3
pxor %xmm2,%xmm3
-.byte 102,15,56,0,221
+ pshufb %xmm5,%xmm3
movdqa 32(%r11),%xmm2
-.byte 102,15,56,0,212
+ pshufb %xmm4,%xmm2
pxor %xmm3,%xmm2
movdqa 48(%r11),%xmm3
-.byte 102,15,56,0,217
+ pshufb %xmm1,%xmm3
pxor %xmm2,%xmm3
-.byte 102,15,56,0,221
+ pshufb %xmm5,%xmm3
movdqa 64(%r11),%xmm2
-.byte 102,15,56,0,212
+ pshufb %xmm4,%xmm2
pxor %xmm3,%xmm2
movdqa 80(%r11),%xmm3
-.byte 102,15,56,0,217
+ pshufb %xmm1,%xmm3
pxor %xmm2,%xmm3
-.byte 102,15,56,0,221
+ pshufb %xmm5,%xmm3
movdqa 96(%r11),%xmm2
-.byte 102,15,56,0,212
+ pshufb %xmm4,%xmm2
pxor %xmm3,%xmm2
movdqa 112(%r11),%xmm3
-.byte 102,15,56,0,217
+ pshufb %xmm1,%xmm3
pxor %xmm2,%xmm3
addq $-16,%rdx
L$schedule_mangle_both:
movdqa (%r8,%r10,1),%xmm1
-.byte 102,15,56,0,217
+ pshufb %xmm1,%xmm3
addq $-16,%r8
andq $0x30,%r8
movdqu %xmm3,(%rdx)
@@ -969,8 +969,8 @@
movdqa L$rev_ctr(%rip),%xmm1
movdqa %xmm14,%xmm0
movdqa %xmm15,%xmm6
-.byte 102,15,56,0,193
-.byte 102,15,56,0,241
+ pshufb %xmm1,%xmm0
+ pshufb %xmm1,%xmm6
call _vpaes_encrypt_core_2x
movdqu (%rdi),%xmm1
movdqu 16(%rdi),%xmm2
diff --git a/src/gen/bcm/vpaes-x86_64-linux.S b/src/gen/bcm/vpaes-x86_64-linux.S
index 019c638..e788464 100644
--- a/src/gen/bcm/vpaes-x86_64-linux.S
+++ b/src/gen/bcm/vpaes-x86_64-linux.S
@@ -34,9 +34,9 @@
movdqu (%r9),%xmm5
psrld $4,%xmm1
pand %xmm9,%xmm0
-.byte 102,15,56,0,208
+ pshufb %xmm0,%xmm2
movdqa .Lk_ipt+16(%rip),%xmm0
-.byte 102,15,56,0,193
+ pshufb %xmm1,%xmm0
pxor %xmm5,%xmm2
addq $16,%r9
pxor %xmm2,%xmm0
@@ -48,25 +48,25 @@
movdqa %xmm13,%xmm4
movdqa %xmm12,%xmm0
-.byte 102,15,56,0,226
-.byte 102,15,56,0,195
+ pshufb %xmm2,%xmm4
+ pshufb %xmm3,%xmm0
pxor %xmm5,%xmm4
movdqa %xmm15,%xmm5
pxor %xmm4,%xmm0
movdqa -64(%r11,%r10,1),%xmm1
-.byte 102,15,56,0,234
+ pshufb %xmm2,%xmm5
movdqa (%r11,%r10,1),%xmm4
movdqa %xmm14,%xmm2
-.byte 102,15,56,0,211
+ pshufb %xmm3,%xmm2
movdqa %xmm0,%xmm3
pxor %xmm5,%xmm2
-.byte 102,15,56,0,193
+ pshufb %xmm1,%xmm0
addq $16,%r9
pxor %xmm2,%xmm0
-.byte 102,15,56,0,220
+ pshufb %xmm4,%xmm3
addq $16,%r11
pxor %xmm0,%xmm3
-.byte 102,15,56,0,193
+ pshufb %xmm1,%xmm0
andq $0x30,%r11
subq $1,%rax
pxor %xmm3,%xmm0
@@ -78,19 +78,19 @@
pandn %xmm0,%xmm1
psrld $4,%xmm1
pand %xmm9,%xmm0
-.byte 102,15,56,0,232
+ pshufb %xmm0,%xmm5
movdqa %xmm10,%xmm3
pxor %xmm1,%xmm0
-.byte 102,15,56,0,217
+ pshufb %xmm1,%xmm3
movdqa %xmm10,%xmm4
pxor %xmm5,%xmm3
-.byte 102,15,56,0,224
+ pshufb %xmm0,%xmm4
movdqa %xmm10,%xmm2
pxor %xmm5,%xmm4
-.byte 102,15,56,0,211
+ pshufb %xmm3,%xmm2
movdqa %xmm10,%xmm3
pxor %xmm0,%xmm2
-.byte 102,15,56,0,220
+ pshufb %xmm4,%xmm3
movdqu (%r9),%xmm5
pxor %xmm1,%xmm3
jnz .Lenc_loop
@@ -98,12 +98,12 @@
movdqa -96(%r10),%xmm4
movdqa -80(%r10),%xmm0
-.byte 102,15,56,0,226
+ pshufb %xmm2,%xmm4
pxor %xmm5,%xmm4
-.byte 102,15,56,0,195
+ pshufb %xmm3,%xmm0
movdqa 64(%r11,%r10,1),%xmm1
pxor %xmm4,%xmm0
-.byte 102,15,56,0,193
+ pshufb %xmm1,%xmm0
ret
.cfi_endproc
.size _vpaes_encrypt_core,.-_vpaes_encrypt_core
@@ -156,12 +156,12 @@
psrld $4,%xmm7
pand %xmm9,%xmm0
pand %xmm9,%xmm6
-.byte 102,15,56,0,208
-.byte 102,68,15,56,0,198
+ pshufb %xmm0,%xmm2
+ pshufb %xmm6,%xmm8
movdqa .Lk_ipt+16(%rip),%xmm0
movdqa %xmm0,%xmm6
-.byte 102,15,56,0,193
-.byte 102,15,56,0,247
+ pshufb %xmm1,%xmm0
+ pshufb %xmm7,%xmm6
pxor %xmm5,%xmm2
pxor %xmm5,%xmm8
addq $16,%r9
@@ -177,10 +177,10 @@
movdqa .Lk_sb1+16(%rip),%xmm0
movdqa %xmm4,%xmm12
movdqa %xmm0,%xmm6
-.byte 102,15,56,0,226
-.byte 102,69,15,56,0,224
-.byte 102,15,56,0,195
-.byte 102,65,15,56,0,243
+ pshufb %xmm2,%xmm4
+ pshufb %xmm8,%xmm12
+ pshufb %xmm3,%xmm0
+ pshufb %xmm11,%xmm6
pxor %xmm5,%xmm4
pxor %xmm5,%xmm12
movdqa .Lk_sb2(%rip),%xmm5
@@ -189,30 +189,30 @@
pxor %xmm12,%xmm6
movdqa -64(%r11,%r10,1),%xmm1
-.byte 102,15,56,0,234
-.byte 102,69,15,56,0,232
+ pshufb %xmm2,%xmm5
+ pshufb %xmm8,%xmm13
movdqa (%r11,%r10,1),%xmm4
movdqa .Lk_sb2+16(%rip),%xmm2
movdqa %xmm2,%xmm8
-.byte 102,15,56,0,211
-.byte 102,69,15,56,0,195
+ pshufb %xmm3,%xmm2
+ pshufb %xmm11,%xmm8
movdqa %xmm0,%xmm3
movdqa %xmm6,%xmm11
pxor %xmm5,%xmm2
pxor %xmm13,%xmm8
-.byte 102,15,56,0,193
-.byte 102,15,56,0,241
+ pshufb %xmm1,%xmm0
+ pshufb %xmm1,%xmm6
addq $16,%r9
pxor %xmm2,%xmm0
pxor %xmm8,%xmm6
-.byte 102,15,56,0,220
-.byte 102,68,15,56,0,220
+ pshufb %xmm4,%xmm3
+ pshufb %xmm4,%xmm11
addq $16,%r11
pxor %xmm0,%xmm3
pxor %xmm6,%xmm11
-.byte 102,15,56,0,193
-.byte 102,15,56,0,241
+ pshufb %xmm1,%xmm0
+ pshufb %xmm1,%xmm6
andq $0x30,%r11
subq $1,%rax
pxor %xmm3,%xmm0
@@ -230,32 +230,32 @@
psrld $4,%xmm7
pand %xmm9,%xmm0
pand %xmm9,%xmm6
-.byte 102,15,56,0,232
-.byte 102,68,15,56,0,238
+ pshufb %xmm0,%xmm5
+ pshufb %xmm6,%xmm13
movdqa %xmm10,%xmm3
movdqa %xmm10,%xmm11
pxor %xmm1,%xmm0
pxor %xmm7,%xmm6
-.byte 102,15,56,0,217
-.byte 102,68,15,56,0,223
+ pshufb %xmm1,%xmm3
+ pshufb %xmm7,%xmm11
movdqa %xmm10,%xmm4
movdqa %xmm10,%xmm12
pxor %xmm5,%xmm3
pxor %xmm13,%xmm11
-.byte 102,15,56,0,224
-.byte 102,68,15,56,0,230
+ pshufb %xmm0,%xmm4
+ pshufb %xmm6,%xmm12
movdqa %xmm10,%xmm2
movdqa %xmm10,%xmm8
pxor %xmm5,%xmm4
pxor %xmm13,%xmm12
-.byte 102,15,56,0,211
-.byte 102,69,15,56,0,195
+ pshufb %xmm3,%xmm2
+ pshufb %xmm11,%xmm8
movdqa %xmm10,%xmm3
movdqa %xmm10,%xmm11
pxor %xmm0,%xmm2
pxor %xmm6,%xmm8
-.byte 102,15,56,0,220
-.byte 102,69,15,56,0,220
+ pshufb %xmm4,%xmm3
+ pshufb %xmm12,%xmm11
movdqu (%r9),%xmm5
pxor %xmm1,%xmm3
@@ -267,18 +267,18 @@
movdqa -80(%r10),%xmm0
movdqa %xmm4,%xmm12
movdqa %xmm0,%xmm6
-.byte 102,15,56,0,226
-.byte 102,69,15,56,0,224
+ pshufb %xmm2,%xmm4
+ pshufb %xmm8,%xmm12
pxor %xmm5,%xmm4
pxor %xmm5,%xmm12
-.byte 102,15,56,0,195
-.byte 102,65,15,56,0,243
+ pshufb %xmm3,%xmm0
+ pshufb %xmm11,%xmm6
movdqa 64(%r11,%r10,1),%xmm1
pxor %xmm4,%xmm0
pxor %xmm12,%xmm6
-.byte 102,15,56,0,193
-.byte 102,15,56,0,241
+ pshufb %xmm1,%xmm0
+ pshufb %xmm1,%xmm6
ret
.cfi_endproc
.size _vpaes_encrypt_core_2x,.-_vpaes_encrypt_core_2x
@@ -302,11 +302,11 @@
movdqu (%r9),%xmm5
shlq $4,%r11
pand %xmm9,%xmm0
-.byte 102,15,56,0,208
+ pshufb %xmm0,%xmm2
movdqa .Lk_dipt+16(%rip),%xmm0
xorq $0x30,%r11
leaq .Lk_dsbd(%rip),%r10
-.byte 102,15,56,0,193
+ pshufb %xmm1,%xmm0
andq $0x30,%r11
pxor %xmm5,%xmm2
movdqa .Lk_mc_forward+48(%rip),%xmm5
@@ -322,35 +322,35 @@
movdqa -32(%r10),%xmm4
movdqa -16(%r10),%xmm1
-.byte 102,15,56,0,226
-.byte 102,15,56,0,203
+ pshufb %xmm2,%xmm4
+ pshufb %xmm3,%xmm1
pxor %xmm4,%xmm0
movdqa 0(%r10),%xmm4
pxor %xmm1,%xmm0
movdqa 16(%r10),%xmm1
-.byte 102,15,56,0,226
-.byte 102,15,56,0,197
-.byte 102,15,56,0,203
+ pshufb %xmm2,%xmm4
+ pshufb %xmm5,%xmm0
+ pshufb %xmm3,%xmm1
pxor %xmm4,%xmm0
movdqa 32(%r10),%xmm4
pxor %xmm1,%xmm0
movdqa 48(%r10),%xmm1
-.byte 102,15,56,0,226
-.byte 102,15,56,0,197
-.byte 102,15,56,0,203
+ pshufb %xmm2,%xmm4
+ pshufb %xmm5,%xmm0
+ pshufb %xmm3,%xmm1
pxor %xmm4,%xmm0
movdqa 64(%r10),%xmm4
pxor %xmm1,%xmm0
movdqa 80(%r10),%xmm1
-.byte 102,15,56,0,226
-.byte 102,15,56,0,197
-.byte 102,15,56,0,203
+ pshufb %xmm2,%xmm4
+ pshufb %xmm5,%xmm0
+ pshufb %xmm3,%xmm1
pxor %xmm4,%xmm0
addq $16,%r9
-.byte 102,15,58,15,237,12
+ palignr $12,%xmm5,%xmm5
pxor %xmm1,%xmm0
subq $1,%rax
@@ -361,32 +361,32 @@
movdqa %xmm11,%xmm2
psrld $4,%xmm1
pand %xmm9,%xmm0
-.byte 102,15,56,0,208
+ pshufb %xmm0,%xmm2
movdqa %xmm10,%xmm3
pxor %xmm1,%xmm0
-.byte 102,15,56,0,217
+ pshufb %xmm1,%xmm3
movdqa %xmm10,%xmm4
pxor %xmm2,%xmm3
-.byte 102,15,56,0,224
+ pshufb %xmm0,%xmm4
pxor %xmm2,%xmm4
movdqa %xmm10,%xmm2
-.byte 102,15,56,0,211
+ pshufb %xmm3,%xmm2
movdqa %xmm10,%xmm3
pxor %xmm0,%xmm2
-.byte 102,15,56,0,220
+ pshufb %xmm4,%xmm3
movdqu (%r9),%xmm0
pxor %xmm1,%xmm3
jnz .Ldec_loop
movdqa 96(%r10),%xmm4
-.byte 102,15,56,0,226
+ pshufb %xmm2,%xmm4
pxor %xmm0,%xmm4
movdqa 112(%r10),%xmm0
movdqa -352(%r11),%xmm2
-.byte 102,15,56,0,195
+ pshufb %xmm3,%xmm0
pxor %xmm4,%xmm0
-.byte 102,15,56,0,194
+ pshufb %xmm2,%xmm0
ret
.cfi_endproc
.size _vpaes_decrypt_core,.-_vpaes_decrypt_core
@@ -426,7 +426,7 @@
.Lschedule_am_decrypting:
movdqa (%r8,%r10,1),%xmm1
-.byte 102,15,56,0,217
+ pshufb %xmm1,%xmm3
movdqu %xmm3,(%rdx)
xorq $0x30,%r8
@@ -480,7 +480,7 @@
.Loop_schedule_192:
call _vpaes_schedule_round
-.byte 102,15,58,15,198,8
+ palignr $8,%xmm6,%xmm0
call _vpaes_schedule_mangle
call _vpaes_schedule_192_smear
call _vpaes_schedule_mangle
@@ -546,7 +546,7 @@
movdqa (%r8,%r10,1),%xmm1
-.byte 102,15,56,0,193
+ pshufb %xmm1,%xmm0
leaq .Lk_opt(%rip),%r11
addq $32,%rdx
@@ -622,13 +622,13 @@
.cfi_startproc
pxor %xmm1,%xmm1
-.byte 102,65,15,58,15,200,15
-.byte 102,69,15,58,15,192,15
+ palignr $15,%xmm8,%xmm1
+ palignr $15,%xmm8,%xmm8
pxor %xmm1,%xmm7
pshufd $0xFF,%xmm0,%xmm0
-.byte 102,15,58,15,192,1
+ palignr $1,%xmm0,%xmm0
@@ -649,24 +649,24 @@
psrld $4,%xmm1
pand %xmm9,%xmm0
movdqa %xmm11,%xmm2
-.byte 102,15,56,0,208
+ pshufb %xmm0,%xmm2
pxor %xmm1,%xmm0
movdqa %xmm10,%xmm3
-.byte 102,15,56,0,217
+ pshufb %xmm1,%xmm3
pxor %xmm2,%xmm3
movdqa %xmm10,%xmm4
-.byte 102,15,56,0,224
+ pshufb %xmm0,%xmm4
pxor %xmm2,%xmm4
movdqa %xmm10,%xmm2
-.byte 102,15,56,0,211
+ pshufb %xmm3,%xmm2
pxor %xmm0,%xmm2
movdqa %xmm10,%xmm3
-.byte 102,15,56,0,220
+ pshufb %xmm4,%xmm3
pxor %xmm1,%xmm3
movdqa %xmm13,%xmm4
-.byte 102,15,56,0,226
+ pshufb %xmm2,%xmm4
movdqa %xmm12,%xmm0
-.byte 102,15,56,0,195
+ pshufb %xmm3,%xmm0
pxor %xmm4,%xmm0
@@ -694,9 +694,9 @@
psrld $4,%xmm1
pand %xmm9,%xmm0
movdqa (%r11),%xmm2
-.byte 102,15,56,0,208
+ pshufb %xmm0,%xmm2
movdqa 16(%r11),%xmm0
-.byte 102,15,56,0,193
+ pshufb %xmm1,%xmm0
pxor %xmm2,%xmm0
ret
.cfi_endproc
@@ -737,11 +737,11 @@
addq $16,%rdx
pxor .Lk_s63(%rip),%xmm4
-.byte 102,15,56,0,229
+ pshufb %xmm5,%xmm4
movdqa %xmm4,%xmm3
-.byte 102,15,56,0,229
+ pshufb %xmm5,%xmm4
pxor %xmm4,%xmm3
-.byte 102,15,56,0,229
+ pshufb %xmm5,%xmm4
pxor %xmm4,%xmm3
jmp .Lschedule_mangle_both
@@ -755,40 +755,40 @@
pand %xmm9,%xmm4
movdqa 0(%r11),%xmm2
-.byte 102,15,56,0,212
+ pshufb %xmm4,%xmm2
movdqa 16(%r11),%xmm3
-.byte 102,15,56,0,217
+ pshufb %xmm1,%xmm3
pxor %xmm2,%xmm3
-.byte 102,15,56,0,221
+ pshufb %xmm5,%xmm3
movdqa 32(%r11),%xmm2
-.byte 102,15,56,0,212
+ pshufb %xmm4,%xmm2
pxor %xmm3,%xmm2
movdqa 48(%r11),%xmm3
-.byte 102,15,56,0,217
+ pshufb %xmm1,%xmm3
pxor %xmm2,%xmm3
-.byte 102,15,56,0,221
+ pshufb %xmm5,%xmm3
movdqa 64(%r11),%xmm2
-.byte 102,15,56,0,212
+ pshufb %xmm4,%xmm2
pxor %xmm3,%xmm2
movdqa 80(%r11),%xmm3
-.byte 102,15,56,0,217
+ pshufb %xmm1,%xmm3
pxor %xmm2,%xmm3
-.byte 102,15,56,0,221
+ pshufb %xmm5,%xmm3
movdqa 96(%r11),%xmm2
-.byte 102,15,56,0,212
+ pshufb %xmm4,%xmm2
pxor %xmm3,%xmm2
movdqa 112(%r11),%xmm3
-.byte 102,15,56,0,217
+ pshufb %xmm1,%xmm3
pxor %xmm2,%xmm3
addq $-16,%rdx
.Lschedule_mangle_both:
movdqa (%r8,%r10,1),%xmm1
-.byte 102,15,56,0,217
+ pshufb %xmm1,%xmm3
addq $-16,%r8
andq $0x30,%r8
movdqu %xmm3,(%rdx)
@@ -971,8 +971,8 @@
movdqa .Lrev_ctr(%rip),%xmm1
movdqa %xmm14,%xmm0
movdqa %xmm15,%xmm6
-.byte 102,15,56,0,193
-.byte 102,15,56,0,241
+ pshufb %xmm1,%xmm0
+ pshufb %xmm1,%xmm6
call _vpaes_encrypt_core_2x
movdqu (%rdi),%xmm1
movdqu 16(%rdi),%xmm2
diff --git a/src/gen/bcm/vpaes-x86_64-win.asm b/src/gen/bcm/vpaes-x86_64-win.asm
index ddbfb12..e28ae47 100644
--- a/src/gen/bcm/vpaes-x86_64-win.asm
+++ b/src/gen/bcm/vpaes-x86_64-win.asm
@@ -42,9 +42,9 @@
movdqu xmm5,XMMWORD[r9]
psrld xmm1,4
pand xmm0,xmm9
-DB 102,15,56,0,208
+ pshufb xmm2,xmm0
movdqa xmm0,XMMWORD[(($L$k_ipt+16))]
-DB 102,15,56,0,193
+ pshufb xmm0,xmm1
pxor xmm2,xmm5
add r9,16
pxor xmm0,xmm2
@@ -56,25 +56,25 @@
movdqa xmm4,xmm13
movdqa xmm0,xmm12
-DB 102,15,56,0,226
-DB 102,15,56,0,195
+ pshufb xmm4,xmm2
+ pshufb xmm0,xmm3
pxor xmm4,xmm5
movdqa xmm5,xmm15
pxor xmm0,xmm4
movdqa xmm1,XMMWORD[((-64))+r10*1+r11]
-DB 102,15,56,0,234
+ pshufb xmm5,xmm2
movdqa xmm4,XMMWORD[r10*1+r11]
movdqa xmm2,xmm14
-DB 102,15,56,0,211
+ pshufb xmm2,xmm3
movdqa xmm3,xmm0
pxor xmm2,xmm5
-DB 102,15,56,0,193
+ pshufb xmm0,xmm1
add r9,16
pxor xmm0,xmm2
-DB 102,15,56,0,220
+ pshufb xmm3,xmm4
add r11,16
pxor xmm3,xmm0
-DB 102,15,56,0,193
+ pshufb xmm0,xmm1
and r11,0x30
sub rax,1
pxor xmm0,xmm3
@@ -86,19 +86,19 @@
pandn xmm1,xmm0
psrld xmm1,4
pand xmm0,xmm9
-DB 102,15,56,0,232
+ pshufb xmm5,xmm0
movdqa xmm3,xmm10
pxor xmm0,xmm1
-DB 102,15,56,0,217
+ pshufb xmm3,xmm1
movdqa xmm4,xmm10
pxor xmm3,xmm5
-DB 102,15,56,0,224
+ pshufb xmm4,xmm0
movdqa xmm2,xmm10
pxor xmm4,xmm5
-DB 102,15,56,0,211
+ pshufb xmm2,xmm3
movdqa xmm3,xmm10
pxor xmm2,xmm0
-DB 102,15,56,0,220
+ pshufb xmm3,xmm4
movdqu xmm5,XMMWORD[r9]
pxor xmm3,xmm1
jnz NEAR $L$enc_loop
@@ -106,12 +106,12 @@
movdqa xmm4,XMMWORD[((-96))+r10]
movdqa xmm0,XMMWORD[((-80))+r10]
-DB 102,15,56,0,226
+ pshufb xmm4,xmm2
pxor xmm4,xmm5
-DB 102,15,56,0,195
+ pshufb xmm0,xmm3
movdqa xmm1,XMMWORD[64+r10*1+r11]
pxor xmm0,xmm4
-DB 102,15,56,0,193
+ pshufb xmm0,xmm1
ret
@@ -164,12 +164,12 @@
psrld xmm7,4
pand xmm0,xmm9
pand xmm6,xmm9
-DB 102,15,56,0,208
-DB 102,68,15,56,0,198
+ pshufb xmm2,xmm0
+ pshufb xmm8,xmm6
movdqa xmm0,XMMWORD[(($L$k_ipt+16))]
movdqa xmm6,xmm0
-DB 102,15,56,0,193
-DB 102,15,56,0,247
+ pshufb xmm0,xmm1
+ pshufb xmm6,xmm7
pxor xmm2,xmm5
pxor xmm8,xmm5
add r9,16
@@ -185,10 +185,10 @@
movdqa xmm0,XMMWORD[(($L$k_sb1+16))]
movdqa xmm12,xmm4
movdqa xmm6,xmm0
-DB 102,15,56,0,226
-DB 102,69,15,56,0,224
-DB 102,15,56,0,195
-DB 102,65,15,56,0,243
+ pshufb xmm4,xmm2
+ pshufb xmm12,xmm8
+ pshufb xmm0,xmm3
+ pshufb xmm6,xmm11
pxor xmm4,xmm5
pxor xmm12,xmm5
movdqa xmm5,XMMWORD[$L$k_sb2]
@@ -197,30 +197,30 @@
pxor xmm6,xmm12
movdqa xmm1,XMMWORD[((-64))+r10*1+r11]
-DB 102,15,56,0,234
-DB 102,69,15,56,0,232
+ pshufb xmm5,xmm2
+ pshufb xmm13,xmm8
movdqa xmm4,XMMWORD[r10*1+r11]
movdqa xmm2,XMMWORD[(($L$k_sb2+16))]
movdqa xmm8,xmm2
-DB 102,15,56,0,211
-DB 102,69,15,56,0,195
+ pshufb xmm2,xmm3
+ pshufb xmm8,xmm11
movdqa xmm3,xmm0
movdqa xmm11,xmm6
pxor xmm2,xmm5
pxor xmm8,xmm13
-DB 102,15,56,0,193
-DB 102,15,56,0,241
+ pshufb xmm0,xmm1
+ pshufb xmm6,xmm1
add r9,16
pxor xmm0,xmm2
pxor xmm6,xmm8
-DB 102,15,56,0,220
-DB 102,68,15,56,0,220
+ pshufb xmm3,xmm4
+ pshufb xmm11,xmm4
add r11,16
pxor xmm3,xmm0
pxor xmm11,xmm6
-DB 102,15,56,0,193
-DB 102,15,56,0,241
+ pshufb xmm0,xmm1
+ pshufb xmm6,xmm1
and r11,0x30
sub rax,1
pxor xmm0,xmm3
@@ -238,32 +238,32 @@
psrld xmm7,4
pand xmm0,xmm9
pand xmm6,xmm9
-DB 102,15,56,0,232
-DB 102,68,15,56,0,238
+ pshufb xmm5,xmm0
+ pshufb xmm13,xmm6
movdqa xmm3,xmm10
movdqa xmm11,xmm10
pxor xmm0,xmm1
pxor xmm6,xmm7
-DB 102,15,56,0,217
-DB 102,68,15,56,0,223
+ pshufb xmm3,xmm1
+ pshufb xmm11,xmm7
movdqa xmm4,xmm10
movdqa xmm12,xmm10
pxor xmm3,xmm5
pxor xmm11,xmm13
-DB 102,15,56,0,224
-DB 102,68,15,56,0,230
+ pshufb xmm4,xmm0
+ pshufb xmm12,xmm6
movdqa xmm2,xmm10
movdqa xmm8,xmm10
pxor xmm4,xmm5
pxor xmm12,xmm13
-DB 102,15,56,0,211
-DB 102,69,15,56,0,195
+ pshufb xmm2,xmm3
+ pshufb xmm8,xmm11
movdqa xmm3,xmm10
movdqa xmm11,xmm10
pxor xmm2,xmm0
pxor xmm8,xmm6
-DB 102,15,56,0,220
-DB 102,69,15,56,0,220
+ pshufb xmm3,xmm4
+ pshufb xmm11,xmm12
movdqu xmm5,XMMWORD[r9]
pxor xmm3,xmm1
@@ -275,18 +275,18 @@
movdqa xmm0,XMMWORD[((-80))+r10]
movdqa xmm12,xmm4
movdqa xmm6,xmm0
-DB 102,15,56,0,226
-DB 102,69,15,56,0,224
+ pshufb xmm4,xmm2
+ pshufb xmm12,xmm8
pxor xmm4,xmm5
pxor xmm12,xmm5
-DB 102,15,56,0,195
-DB 102,65,15,56,0,243
+ pshufb xmm0,xmm3
+ pshufb xmm6,xmm11
movdqa xmm1,XMMWORD[64+r10*1+r11]
pxor xmm0,xmm4
pxor xmm6,xmm12
-DB 102,15,56,0,193
-DB 102,15,56,0,241
+ pshufb xmm0,xmm1
+ pshufb xmm6,xmm1
ret
@@ -310,11 +310,11 @@
movdqu xmm5,XMMWORD[r9]
shl r11,4
pand xmm0,xmm9
-DB 102,15,56,0,208
+ pshufb xmm2,xmm0
movdqa xmm0,XMMWORD[(($L$k_dipt+16))]
xor r11,0x30
lea r10,[$L$k_dsbd]
-DB 102,15,56,0,193
+ pshufb xmm0,xmm1
and r11,0x30
pxor xmm2,xmm5
movdqa xmm5,XMMWORD[(($L$k_mc_forward+48))]
@@ -330,35 +330,35 @@
movdqa xmm4,XMMWORD[((-32))+r10]
movdqa xmm1,XMMWORD[((-16))+r10]
-DB 102,15,56,0,226
-DB 102,15,56,0,203
+ pshufb xmm4,xmm2
+ pshufb xmm1,xmm3
pxor xmm0,xmm4
movdqa xmm4,XMMWORD[r10]
pxor xmm0,xmm1
movdqa xmm1,XMMWORD[16+r10]
-DB 102,15,56,0,226
-DB 102,15,56,0,197
-DB 102,15,56,0,203
+ pshufb xmm4,xmm2
+ pshufb xmm0,xmm5
+ pshufb xmm1,xmm3
pxor xmm0,xmm4
movdqa xmm4,XMMWORD[32+r10]
pxor xmm0,xmm1
movdqa xmm1,XMMWORD[48+r10]
-DB 102,15,56,0,226
-DB 102,15,56,0,197
-DB 102,15,56,0,203
+ pshufb xmm4,xmm2
+ pshufb xmm0,xmm5
+ pshufb xmm1,xmm3
pxor xmm0,xmm4
movdqa xmm4,XMMWORD[64+r10]
pxor xmm0,xmm1
movdqa xmm1,XMMWORD[80+r10]
-DB 102,15,56,0,226
-DB 102,15,56,0,197
-DB 102,15,56,0,203
+ pshufb xmm4,xmm2
+ pshufb xmm0,xmm5
+ pshufb xmm1,xmm3
pxor xmm0,xmm4
add r9,16
-DB 102,15,58,15,237,12
+ palignr xmm5,xmm5,12
pxor xmm0,xmm1
sub rax,1
@@ -369,32 +369,32 @@
movdqa xmm2,xmm11
psrld xmm1,4
pand xmm0,xmm9
-DB 102,15,56,0,208
+ pshufb xmm2,xmm0
movdqa xmm3,xmm10
pxor xmm0,xmm1
-DB 102,15,56,0,217
+ pshufb xmm3,xmm1
movdqa xmm4,xmm10
pxor xmm3,xmm2
-DB 102,15,56,0,224
+ pshufb xmm4,xmm0
pxor xmm4,xmm2
movdqa xmm2,xmm10
-DB 102,15,56,0,211
+ pshufb xmm2,xmm3
movdqa xmm3,xmm10
pxor xmm2,xmm0
-DB 102,15,56,0,220
+ pshufb xmm3,xmm4
movdqu xmm0,XMMWORD[r9]
pxor xmm3,xmm1
jnz NEAR $L$dec_loop
movdqa xmm4,XMMWORD[96+r10]
-DB 102,15,56,0,226
+ pshufb xmm4,xmm2
pxor xmm4,xmm0
movdqa xmm0,XMMWORD[112+r10]
movdqa xmm2,XMMWORD[((-352))+r11]
-DB 102,15,56,0,195
+ pshufb xmm0,xmm3
pxor xmm0,xmm4
-DB 102,15,56,0,194
+ pshufb xmm0,xmm2
ret
@@ -434,7 +434,7 @@
$L$schedule_am_decrypting:
movdqa xmm1,XMMWORD[r10*1+r8]
-DB 102,15,56,0,217
+ pshufb xmm3,xmm1
movdqu XMMWORD[rdx],xmm3
xor r8,0x30
@@ -488,7 +488,7 @@
$L$oop_schedule_192:
call _vpaes_schedule_round
-DB 102,15,58,15,198,8
+ palignr xmm0,xmm6,8
call _vpaes_schedule_mangle
call _vpaes_schedule_192_smear
call _vpaes_schedule_mangle
@@ -554,7 +554,7 @@
movdqa xmm1,XMMWORD[r10*1+r8]
-DB 102,15,56,0,193
+ pshufb xmm0,xmm1
lea r11,[$L$k_opt]
add rdx,32
@@ -630,13 +630,13 @@
pxor xmm1,xmm1
-DB 102,65,15,58,15,200,15
-DB 102,69,15,58,15,192,15
+ palignr xmm1,xmm8,15
+ palignr xmm8,xmm8,15
pxor xmm7,xmm1
pshufd xmm0,xmm0,0xFF
-DB 102,15,58,15,192,1
+ palignr xmm0,xmm0,1
@@ -657,24 +657,24 @@
psrld xmm1,4
pand xmm0,xmm9
movdqa xmm2,xmm11
-DB 102,15,56,0,208
+ pshufb xmm2,xmm0
pxor xmm0,xmm1
movdqa xmm3,xmm10
-DB 102,15,56,0,217
+ pshufb xmm3,xmm1
pxor xmm3,xmm2
movdqa xmm4,xmm10
-DB 102,15,56,0,224
+ pshufb xmm4,xmm0
pxor xmm4,xmm2
movdqa xmm2,xmm10
-DB 102,15,56,0,211
+ pshufb xmm2,xmm3
pxor xmm2,xmm0
movdqa xmm3,xmm10
-DB 102,15,56,0,220
+ pshufb xmm3,xmm4
pxor xmm3,xmm1
movdqa xmm4,xmm13
-DB 102,15,56,0,226
+ pshufb xmm4,xmm2
movdqa xmm0,xmm12
-DB 102,15,56,0,195
+ pshufb xmm0,xmm3
pxor xmm0,xmm4
@@ -702,9 +702,9 @@
psrld xmm1,4
pand xmm0,xmm9
movdqa xmm2,XMMWORD[r11]
-DB 102,15,56,0,208
+ pshufb xmm2,xmm0
movdqa xmm0,XMMWORD[16+r11]
-DB 102,15,56,0,193
+ pshufb xmm0,xmm1
pxor xmm0,xmm2
ret
@@ -745,11 +745,11 @@
add rdx,16
pxor xmm4,XMMWORD[$L$k_s63]
-DB 102,15,56,0,229
+ pshufb xmm4,xmm5
movdqa xmm3,xmm4
-DB 102,15,56,0,229
+ pshufb xmm4,xmm5
pxor xmm3,xmm4
-DB 102,15,56,0,229
+ pshufb xmm4,xmm5
pxor xmm3,xmm4
jmp NEAR $L$schedule_mangle_both
@@ -763,40 +763,40 @@
pand xmm4,xmm9
movdqa xmm2,XMMWORD[r11]
-DB 102,15,56,0,212
+ pshufb xmm2,xmm4
movdqa xmm3,XMMWORD[16+r11]
-DB 102,15,56,0,217
+ pshufb xmm3,xmm1
pxor xmm3,xmm2
-DB 102,15,56,0,221
+ pshufb xmm3,xmm5
movdqa xmm2,XMMWORD[32+r11]
-DB 102,15,56,0,212
+ pshufb xmm2,xmm4
pxor xmm2,xmm3
movdqa xmm3,XMMWORD[48+r11]
-DB 102,15,56,0,217
+ pshufb xmm3,xmm1
pxor xmm3,xmm2
-DB 102,15,56,0,221
+ pshufb xmm3,xmm5
movdqa xmm2,XMMWORD[64+r11]
-DB 102,15,56,0,212
+ pshufb xmm2,xmm4
pxor xmm2,xmm3
movdqa xmm3,XMMWORD[80+r11]
-DB 102,15,56,0,217
+ pshufb xmm3,xmm1
pxor xmm3,xmm2
-DB 102,15,56,0,221
+ pshufb xmm3,xmm5
movdqa xmm2,XMMWORD[96+r11]
-DB 102,15,56,0,212
+ pshufb xmm2,xmm4
pxor xmm2,xmm3
movdqa xmm3,XMMWORD[112+r11]
-DB 102,15,56,0,217
+ pshufb xmm3,xmm1
pxor xmm3,xmm2
add rdx,-16
$L$schedule_mangle_both:
movdqa xmm1,XMMWORD[r10*1+r8]
-DB 102,15,56,0,217
+ pshufb xmm3,xmm1
add r8,-16
and r8,0x30
movdqu XMMWORD[rdx],xmm3
@@ -1172,8 +1172,8 @@
movdqa xmm1,XMMWORD[$L$rev_ctr]
movdqa xmm0,xmm14
movdqa xmm6,xmm15
-DB 102,15,56,0,193
-DB 102,15,56,0,241
+ pshufb xmm0,xmm1
+ pshufb xmm6,xmm1
call _vpaes_encrypt_core_2x
movdqu xmm1,XMMWORD[rdi]
movdqu xmm2,XMMWORD[16+rdi]
diff --git a/src/gen/bcm/x86-mont-apple.S b/src/gen/bcm/x86-mont-apple.S
index a8fd1f9..6e549c7 100644
--- a/src/gen/bcm/x86-mont-apple.S
+++ b/src/gen/bcm/x86-mont-apple.S
@@ -14,10 +14,7 @@
pushl %ebx
pushl %esi
pushl %edi
- xorl %eax,%eax
movl 40(%esp),%edi
- cmpl $4,%edi
- jl L000just_leave
leal 20(%esp),%esi
leal 24(%esp),%edx
addl $2,%edi
@@ -40,15 +37,15 @@
leal (%ebp,%eax,1),%esp
movl (%esp),%eax
cmpl %ebp,%esp
- ja L001page_walk
- jmp L002page_walk_done
+ ja L000page_walk
+ jmp L001page_walk_done
.align 4,0x90
-L001page_walk:
+L000page_walk:
leal -4096(%esp),%esp
movl (%esp),%eax
cmpl %ebp,%esp
- ja L001page_walk
-L002page_walk_done:
+ ja L000page_walk
+L001page_walk_done:
movl (%esi),%eax
movl 4(%esi),%ebx
movl 8(%esi),%ecx
@@ -85,7 +82,7 @@
psrlq $32,%mm3
incl %ecx
.align 4,0x90
-L0031st:
+L0021st:
pmuludq %mm4,%mm0
pmuludq %mm5,%mm1
paddq %mm0,%mm2
@@ -100,7 +97,7 @@
psrlq $32,%mm3
leal 1(%ecx),%ecx
cmpl %ebx,%ecx
- jl L0031st
+ jl L0021st
pmuludq %mm4,%mm0
pmuludq %mm5,%mm1
paddq %mm0,%mm2
@@ -114,7 +111,7 @@
paddq %mm2,%mm3
movq %mm3,32(%esp,%ebx,4)
incl %edx
-L004outer:
+L003outer:
xorl %ecx,%ecx
movd (%edi,%edx,4),%mm4
movd (%esi),%mm5
@@ -136,7 +133,7 @@
paddq %mm6,%mm2
incl %ecx
decl %ebx
-L005inner:
+L004inner:
pmuludq %mm4,%mm0
pmuludq %mm5,%mm1
paddq %mm0,%mm2
@@ -153,7 +150,7 @@
paddq %mm6,%mm2
decl %ebx
leal 1(%ecx),%ecx
- jnz L005inner
+ jnz L004inner
movl %ecx,%ebx
pmuludq %mm4,%mm0
pmuludq %mm5,%mm1
@@ -171,11 +168,11 @@
movq %mm3,32(%esp,%ebx,4)
leal 1(%edx),%edx
cmpl %ebx,%edx
- jle L004outer
+ jle L003outer
emms
- jmp L006common_tail
+ jmp L005common_tail
.align 4,0x90
-L006common_tail:
+L005common_tail:
movl 16(%esp),%ebp
movl 4(%esp),%edi
leal 32(%esp),%esi
@@ -183,19 +180,19 @@
movl %ebx,%ecx
xorl %edx,%edx
.align 4,0x90
-L007sub:
+L006sub:
sbbl (%ebp,%edx,4),%eax
movl %eax,(%edi,%edx,4)
decl %ecx
movl 4(%esi,%edx,4),%eax
leal 1(%edx),%edx
- jge L007sub
+ jge L006sub
sbbl $0,%eax
movl $-1,%edx
xorl %eax,%edx
- jmp L008copy
+ jmp L007copy
.align 4,0x90
-L008copy:
+L007copy:
movl 32(%esp,%ebx,4),%esi
movl (%edi,%ebx,4),%ebp
movl %ecx,32(%esp,%ebx,4)
@@ -204,10 +201,8 @@
orl %esi,%ebp
movl %ebp,(%edi,%ebx,4)
decl %ebx
- jge L008copy
+ jge L007copy
movl 24(%esp),%esp
- movl $1,%eax
-L000just_leave:
popl %edi
popl %esi
popl %ebx
diff --git a/src/gen/bcm/x86-mont-linux.S b/src/gen/bcm/x86-mont-linux.S
index 3d3ddb5..21fbee2 100644
--- a/src/gen/bcm/x86-mont-linux.S
+++ b/src/gen/bcm/x86-mont-linux.S
@@ -15,10 +15,7 @@
pushl %ebx
pushl %esi
pushl %edi
- xorl %eax,%eax
movl 40(%esp),%edi
- cmpl $4,%edi
- jl .L000just_leave
leal 20(%esp),%esi
leal 24(%esp),%edx
addl $2,%edi
@@ -41,15 +38,15 @@
leal (%ebp,%eax,1),%esp
movl (%esp),%eax
cmpl %ebp,%esp
- ja .L001page_walk
- jmp .L002page_walk_done
+ ja .L000page_walk
+ jmp .L001page_walk_done
.align 16
-.L001page_walk:
+.L000page_walk:
leal -4096(%esp),%esp
movl (%esp),%eax
cmpl %ebp,%esp
- ja .L001page_walk
-.L002page_walk_done:
+ ja .L000page_walk
+.L001page_walk_done:
movl (%esi),%eax
movl 4(%esi),%ebx
movl 8(%esi),%ecx
@@ -86,7 +83,7 @@
psrlq $32,%mm3
incl %ecx
.align 16
-.L0031st:
+.L0021st:
pmuludq %mm4,%mm0
pmuludq %mm5,%mm1
paddq %mm0,%mm2
@@ -101,7 +98,7 @@
psrlq $32,%mm3
leal 1(%ecx),%ecx
cmpl %ebx,%ecx
- jl .L0031st
+ jl .L0021st
pmuludq %mm4,%mm0
pmuludq %mm5,%mm1
paddq %mm0,%mm2
@@ -115,7 +112,7 @@
paddq %mm2,%mm3
movq %mm3,32(%esp,%ebx,4)
incl %edx
-.L004outer:
+.L003outer:
xorl %ecx,%ecx
movd (%edi,%edx,4),%mm4
movd (%esi),%mm5
@@ -137,7 +134,7 @@
paddq %mm6,%mm2
incl %ecx
decl %ebx
-.L005inner:
+.L004inner:
pmuludq %mm4,%mm0
pmuludq %mm5,%mm1
paddq %mm0,%mm2
@@ -154,7 +151,7 @@
paddq %mm6,%mm2
decl %ebx
leal 1(%ecx),%ecx
- jnz .L005inner
+ jnz .L004inner
movl %ecx,%ebx
pmuludq %mm4,%mm0
pmuludq %mm5,%mm1
@@ -172,11 +169,11 @@
movq %mm3,32(%esp,%ebx,4)
leal 1(%edx),%edx
cmpl %ebx,%edx
- jle .L004outer
+ jle .L003outer
emms
- jmp .L006common_tail
+ jmp .L005common_tail
.align 16
-.L006common_tail:
+.L005common_tail:
movl 16(%esp),%ebp
movl 4(%esp),%edi
leal 32(%esp),%esi
@@ -184,19 +181,19 @@
movl %ebx,%ecx
xorl %edx,%edx
.align 16
-.L007sub:
+.L006sub:
sbbl (%ebp,%edx,4),%eax
movl %eax,(%edi,%edx,4)
decl %ecx
movl 4(%esi,%edx,4),%eax
leal 1(%edx),%edx
- jge .L007sub
+ jge .L006sub
sbbl $0,%eax
movl $-1,%edx
xorl %eax,%edx
- jmp .L008copy
+ jmp .L007copy
.align 16
-.L008copy:
+.L007copy:
movl 32(%esp,%ebx,4),%esi
movl (%edi,%ebx,4),%ebp
movl %ecx,32(%esp,%ebx,4)
@@ -205,10 +202,8 @@
orl %esi,%ebp
movl %ebp,(%edi,%ebx,4)
decl %ebx
- jge .L008copy
+ jge .L007copy
movl 24(%esp),%esp
- movl $1,%eax
-.L000just_leave:
popl %edi
popl %esi
popl %ebx
diff --git a/src/gen/bcm/x86-mont-win.asm b/src/gen/bcm/x86-mont-win.asm
index 931275d..d154078 100644
--- a/src/gen/bcm/x86-mont-win.asm
+++ b/src/gen/bcm/x86-mont-win.asm
@@ -21,10 +21,7 @@
push ebx
push esi
push edi
- xor eax,eax
mov edi,DWORD [40+esp]
- cmp edi,4
- jl NEAR L$000just_leave
lea esi,[20+esp]
lea edx,[24+esp]
add edi,2
@@ -47,15 +44,15 @@
lea esp,[eax*1+ebp]
mov eax,DWORD [esp]
cmp esp,ebp
- ja NEAR L$001page_walk
- jmp NEAR L$002page_walk_done
+ ja NEAR L$000page_walk
+ jmp NEAR L$001page_walk_done
align 16
-L$001page_walk:
+L$000page_walk:
lea esp,[esp-4096]
mov eax,DWORD [esp]
cmp esp,ebp
- ja NEAR L$001page_walk
-L$002page_walk_done:
+ ja NEAR L$000page_walk
+L$001page_walk_done:
mov eax,DWORD [esi]
mov ebx,DWORD [4+esi]
mov ecx,DWORD [8+esi]
@@ -92,7 +89,7 @@
psrlq mm3,32
inc ecx
align 16
-L$0031st:
+L$0021st:
pmuludq mm0,mm4
pmuludq mm1,mm5
paddq mm2,mm0
@@ -107,7 +104,7 @@
psrlq mm3,32
lea ecx,[1+ecx]
cmp ecx,ebx
- jl NEAR L$0031st
+ jl NEAR L$0021st
pmuludq mm0,mm4
pmuludq mm1,mm5
paddq mm2,mm0
@@ -121,7 +118,7 @@
paddq mm3,mm2
movq [32+ebx*4+esp],mm3
inc edx
-L$004outer:
+L$003outer:
xor ecx,ecx
movd mm4,DWORD [edx*4+edi]
movd mm5,DWORD [esi]
@@ -143,7 +140,7 @@
paddq mm2,mm6
inc ecx
dec ebx
-L$005inner:
+L$004inner:
pmuludq mm0,mm4
pmuludq mm1,mm5
paddq mm2,mm0
@@ -160,7 +157,7 @@
paddq mm2,mm6
dec ebx
lea ecx,[1+ecx]
- jnz NEAR L$005inner
+ jnz NEAR L$004inner
mov ebx,ecx
pmuludq mm0,mm4
pmuludq mm1,mm5
@@ -178,11 +175,11 @@
movq [32+ebx*4+esp],mm3
lea edx,[1+edx]
cmp edx,ebx
- jle NEAR L$004outer
+ jle NEAR L$003outer
emms
- jmp NEAR L$006common_tail
+ jmp NEAR L$005common_tail
align 16
-L$006common_tail:
+L$005common_tail:
mov ebp,DWORD [16+esp]
mov edi,DWORD [4+esp]
lea esi,[32+esp]
@@ -190,19 +187,19 @@
mov ecx,ebx
xor edx,edx
align 16
-L$007sub:
+L$006sub:
sbb eax,DWORD [edx*4+ebp]
mov DWORD [edx*4+edi],eax
dec ecx
mov eax,DWORD [4+edx*4+esi]
lea edx,[1+edx]
- jge NEAR L$007sub
+ jge NEAR L$006sub
sbb eax,0
mov edx,-1
xor edx,eax
- jmp NEAR L$008copy
+ jmp NEAR L$007copy
align 16
-L$008copy:
+L$007copy:
mov esi,DWORD [32+ebx*4+esp]
mov ebp,DWORD [ebx*4+edi]
mov DWORD [32+ebx*4+esp],ecx
@@ -211,10 +208,8 @@
or ebp,esi
mov DWORD [ebx*4+edi],ebp
dec ebx
- jge NEAR L$008copy
+ jge NEAR L$007copy
mov esp,DWORD [24+esp]
- mov eax,1
-L$000just_leave:
pop edi
pop esi
pop ebx
diff --git a/src/gen/bcm/x86_64-mont-apple.S b/src/gen/bcm/x86_64-mont-apple.S
index 4bf0c6d..27a168d 100644
--- a/src/gen/bcm/x86_64-mont-apple.S
+++ b/src/gen/bcm/x86_64-mont-apple.S
@@ -229,7 +229,7 @@
movq 8(%rsp,%r9,8),%rsi
- movq $1,%rax
+
movq -48(%rsi),%r15
movq -40(%rsi),%r14
@@ -632,7 +632,7 @@
sbbq $0,%rax
movq %rbp,24(%rdi,%r14,8)
pxor %xmm0,%xmm0
-.byte 102,72,15,110,224
+ movq %rax,%xmm4
pcmpeqd %xmm5,%xmm5
pshufd $0,%xmm4,%xmm4
movq %r9,%r15
@@ -662,7 +662,7 @@
jnz L$copy4x
movq 8(%rsp,%r9,8),%rsi
- movq $1,%rax
+
movq -48(%rsi),%r15
movq -40(%rsi),%r14
@@ -764,10 +764,10 @@
L$sqr8x_body:
-.byte 102,72,15,110,209
+ movq %rcx,%xmm2
pxor %xmm0,%xmm0
-.byte 102,72,15,110,207
-.byte 102,73,15,110,218
+ movq %rdi,%xmm1
+ movq %r10,%xmm3
testq %rdx,%rdx
jz L$sqr8x_nox
@@ -779,7 +779,7 @@
leaq (%r8,%rcx,1),%rbx
movq %rcx,%r9
movq %rcx,%rdx
-.byte 102,72,15,126,207
+ movq %xmm1,%rdi
sarq $3+2,%rcx
jmp L$sqr8x_sub
@@ -793,7 +793,7 @@
leaq (%rdi,%r9,1),%rbx
movq %r9,%rcx
movq %r9,%rdx
-.byte 102,72,15,126,207
+ movq %xmm1,%rdi
sarq $3+2,%rcx
jmp L$sqr8x_sub
@@ -821,7 +821,7 @@
leaq (%rbx,%r9,1),%rbx
leaq (%rdi,%r9,1),%rdi
-.byte 102,72,15,110,200
+ movq %rax,%xmm1
pxor %xmm0,%xmm0
pshufd $0,%xmm1,%xmm1
movq 40(%rsp),%rsi
@@ -853,7 +853,7 @@
addq $32,%r9
jnz L$sqr8x_cond_copy
- movq $1,%rax
+
movq -48(%rsi),%r15
movq -40(%rsi),%r14
@@ -1179,7 +1179,7 @@
leaq 64(%rsp),%rbx
subq %rdx,%rdi
-.byte 102,73,15,110,207
+ movq %r15,%xmm1
pxor %xmm0,%xmm0
pshufd $0,%xmm1,%xmm1
movq 40(%rsp),%rsi
@@ -1211,7 +1211,7 @@
movq %rdx,(%rbx)
- movq $1,%rax
+
movq -48(%rsi),%r15
movq -40(%rsi),%r14
diff --git a/src/gen/bcm/x86_64-mont-linux.S b/src/gen/bcm/x86_64-mont-linux.S
index 02b282d..51c4b6c 100644
--- a/src/gen/bcm/x86_64-mont-linux.S
+++ b/src/gen/bcm/x86_64-mont-linux.S
@@ -229,7 +229,7 @@
movq 8(%rsp,%r9,8),%rsi
.cfi_def_cfa %rsi,8
- movq $1,%rax
+
movq -48(%rsi),%r15
.cfi_restore %r15
movq -40(%rsi),%r14
@@ -632,7 +632,7 @@
sbbq $0,%rax
movq %rbp,24(%rdi,%r14,8)
pxor %xmm0,%xmm0
-.byte 102,72,15,110,224
+ movq %rax,%xmm4
pcmpeqd %xmm5,%xmm5
pshufd $0,%xmm4,%xmm4
movq %r9,%r15
@@ -662,7 +662,7 @@
jnz .Lcopy4x
movq 8(%rsp,%r9,8),%rsi
.cfi_def_cfa %rsi, 8
- movq $1,%rax
+
movq -48(%rsi),%r15
.cfi_restore %r15
movq -40(%rsi),%r14
@@ -766,10 +766,10 @@
.cfi_escape 0x0f,0x05,0x77,0x28,0x06,0x23,0x08
.Lsqr8x_body:
-.byte 102,72,15,110,209
+ movq %rcx,%xmm2
pxor %xmm0,%xmm0
-.byte 102,72,15,110,207
-.byte 102,73,15,110,218
+ movq %rdi,%xmm1
+ movq %r10,%xmm3
testq %rdx,%rdx
jz .Lsqr8x_nox
@@ -781,7 +781,7 @@
leaq (%r8,%rcx,1),%rbx
movq %rcx,%r9
movq %rcx,%rdx
-.byte 102,72,15,126,207
+ movq %xmm1,%rdi
sarq $3+2,%rcx
jmp .Lsqr8x_sub
@@ -795,7 +795,7 @@
leaq (%rdi,%r9,1),%rbx
movq %r9,%rcx
movq %r9,%rdx
-.byte 102,72,15,126,207
+ movq %xmm1,%rdi
sarq $3+2,%rcx
jmp .Lsqr8x_sub
@@ -823,7 +823,7 @@
leaq (%rbx,%r9,1),%rbx
leaq (%rdi,%r9,1),%rdi
-.byte 102,72,15,110,200
+ movq %rax,%xmm1
pxor %xmm0,%xmm0
pshufd $0,%xmm1,%xmm1
movq 40(%rsp),%rsi
@@ -855,7 +855,7 @@
addq $32,%r9
jnz .Lsqr8x_cond_copy
- movq $1,%rax
+
movq -48(%rsi),%r15
.cfi_restore %r15
movq -40(%rsi),%r14
@@ -1181,7 +1181,7 @@
leaq 64(%rsp),%rbx
subq %rdx,%rdi
-.byte 102,73,15,110,207
+ movq %r15,%xmm1
pxor %xmm0,%xmm0
pshufd $0,%xmm1,%xmm1
movq 40(%rsp),%rsi
@@ -1213,7 +1213,7 @@
movq %rdx,(%rbx)
- movq $1,%rax
+
movq -48(%rsi),%r15
.cfi_restore %r15
movq -40(%rsi),%r14
diff --git a/src/gen/bcm/x86_64-mont-win.asm b/src/gen/bcm/x86_64-mont-win.asm
index b0611fc..c768d16 100644
--- a/src/gen/bcm/x86_64-mont-win.asm
+++ b/src/gen/bcm/x86_64-mont-win.asm
@@ -248,7 +248,7 @@
mov rsi,QWORD[8+r9*8+rsp]
- mov rax,1
+
mov r15,QWORD[((-48))+rsi]
mov r14,QWORD[((-40))+rsi]
@@ -664,7 +664,7 @@
sbb rax,0
mov QWORD[24+r14*8+rdi],rbp
pxor xmm0,xmm0
-DB 102,72,15,110,224
+ movq xmm4,rax
pcmpeqd xmm5,xmm5
pshufd xmm4,xmm4,0
mov r15,r9
@@ -694,7 +694,7 @@
jnz NEAR $L$copy4x
mov rsi,QWORD[8+r9*8+rsp]
- mov rax,1
+
mov r15,QWORD[((-48))+rsi]
mov r14,QWORD[((-40))+rsi]
@@ -809,10 +809,10 @@
$L$sqr8x_body:
-DB 102,72,15,110,209
+ movq xmm2,rcx
pxor xmm0,xmm0
-DB 102,72,15,110,207
-DB 102,73,15,110,218
+ movq xmm1,rdi
+ movq xmm3,r10
test rdx,rdx
jz NEAR $L$sqr8x_nox
@@ -824,7 +824,7 @@
lea rbx,[rcx*1+r8]
mov r9,rcx
mov rdx,rcx
-DB 102,72,15,126,207
+ movq rdi,xmm1
sar rcx,3+2
jmp NEAR $L$sqr8x_sub
@@ -838,7 +838,7 @@
lea rbx,[r9*1+rdi]
mov rcx,r9
mov rdx,r9
-DB 102,72,15,126,207
+ movq rdi,xmm1
sar rcx,3+2
jmp NEAR $L$sqr8x_sub
@@ -866,7 +866,7 @@
lea rbx,[r9*1+rbx]
lea rdi,[r9*1+rdi]
-DB 102,72,15,110,200
+ movq xmm1,rax
pxor xmm0,xmm0
pshufd xmm1,xmm1,0
mov rsi,QWORD[40+rsp]
@@ -898,7 +898,7 @@
add r9,32
jnz NEAR $L$sqr8x_cond_copy
- mov rax,1
+
mov r15,QWORD[((-48))+rsi]
mov r14,QWORD[((-40))+rsi]
@@ -1237,7 +1237,7 @@
lea rbx,[64+rsp]
sub rdi,rdx
-DB 102,73,15,110,207
+ movq xmm1,r15
pxor xmm0,xmm0
pshufd xmm1,xmm1,0
mov rsi,QWORD[40+rsp]
@@ -1269,7 +1269,7 @@
mov QWORD[rbx],rdx
- mov rax,1
+
mov r15,QWORD[((-48))+rsi]
mov r14,QWORD[((-40))+rsi]
diff --git a/src/gen/bcm/x86_64-mont5-apple.S b/src/gen/bcm/x86_64-mont5-apple.S
index 5cf770f..cd7d797 100644
--- a/src/gen/bcm/x86_64-mont5-apple.S
+++ b/src/gen/bcm/x86_64-mont5-apple.S
@@ -196,7 +196,7 @@
pshufd $0x4e,%xmm0,%xmm1
por %xmm1,%xmm0
leaq 256(%r12),%r12
-.byte 102,72,15,126,195
+ movq %xmm0,%rbx
movq (%r8),%r8
movq (%rsi),%rax
@@ -322,7 +322,7 @@
leaq 256(%r12),%r12
movq (%rsi),%rax
-.byte 102,72,15,126,195
+ movq %xmm0,%rbx
xorq %r15,%r15
movq %r8,%rbp
@@ -691,7 +691,7 @@
pshufd $0x4e,%xmm0,%xmm1
por %xmm1,%xmm0
leaq 256(%r12),%r12
-.byte 102,72,15,126,195
+ movq %xmm0,%rbx
movq %r13,16+8(%rsp)
movq %rdi,56+8(%rsp)
@@ -899,7 +899,7 @@
pshufd $0x4e,%xmm4,%xmm0
por %xmm4,%xmm0
leaq 256(%r12),%r12
-.byte 102,72,15,126,195
+ movq %xmm0,%rbx
movq (%r14,%r9,1),%r10
movq %r8,%rbp
@@ -1171,10 +1171,10 @@
movq %rax,40(%rsp)
L$power5_body:
-.byte 102,72,15,110,207
-.byte 102,72,15,110,209
-.byte 102,73,15,110,218
-.byte 102,72,15,110,226
+ movq %rdi,%xmm1
+ movq %rcx,%xmm2
+ movq %r10,%xmm3
+ movq %rdx,%xmm4
call __bn_sqr8x_internal
call __bn_post4x_internal
@@ -1187,8 +1187,8 @@
call __bn_sqr8x_internal
call __bn_post4x_internal
-.byte 102,72,15,126,209
-.byte 102,72,15,126,226
+ movq %xmm2,%rcx
+ movq %xmm4,%rdx
movq %rsi,%rdi
movq 40(%rsp),%rax
leaq 32(%rsp),%r8
@@ -1740,7 +1740,7 @@
adcq %rdx,%r8
movq %rbx,-16(%rdi)
movq %r8,-8(%rdi)
-.byte 102,72,15,126,213
+ movq %xmm2,%rbp
__bn_sqr8x_reduction:
xorq %rax,%rax
leaq (%r9,%rbp,1),%rcx
@@ -1984,11 +1984,11 @@
movq -8(%rbp),%rcx
xorq %rsi,%rsi
-.byte 102,72,15,126,213
+ movq %xmm2,%rbp
movq %r8,0(%rdi)
movq %r9,8(%rdi)
-.byte 102,73,15,126,217
+ movq %xmm3,%r9
movq %r10,16(%rdi)
movq %r11,24(%rdi)
movq %r12,32(%rdi)
@@ -2009,9 +2009,9 @@
movq 0(%rbp),%r12
leaq (%rdi,%r9,1),%rbx
movq %r9,%rcx
-.byte 102,72,15,126,207
+ movq %xmm1,%rdi
negq %rax
-.byte 102,72,15,126,206
+ movq %xmm1,%rsi
sarq $3+2,%rcx
decq %r12
xorq %r10,%r10
@@ -2321,7 +2321,7 @@
pshufd $0x4e,%xmm0,%xmm1
por %xmm1,%xmm0
leaq 256(%rdi),%rdi
-.byte 102,72,15,126,194
+ movq %xmm0,%rdx
leaq 64+32+8(%rsp),%rbx
movq %rdx,%r9
@@ -2472,7 +2472,7 @@
pshufd $0x4e,%xmm4,%xmm0
por %xmm4,%xmm0
leaq 256(%rdi),%rdi
-.byte 102,72,15,126,194
+ movq %xmm0,%rdx
movq %rbp,(%rbx)
leaq 32(%rbx,%rax,1),%rbx
@@ -2689,10 +2689,10 @@
pxor %xmm0,%xmm0
-.byte 102,72,15,110,207
-.byte 102,72,15,110,209
-.byte 102,73,15,110,218
-.byte 102,72,15,110,226
+ movq %rdi,%xmm1
+ movq %rcx,%xmm2
+ movq %r10,%xmm3
+ movq %rdx,%xmm4
movq %r8,32(%rsp)
movq %rax,40(%rsp)
@@ -2711,8 +2711,8 @@
movq %r10,%r9
movq %rsi,%rdi
-.byte 102,72,15,126,209
-.byte 102,72,15,126,226
+ movq %xmm2,%rcx
+ movq %xmm4,%rdx
movq 40(%rsp),%rax
call mulx4x_internal
@@ -3077,7 +3077,7 @@
.p2align 5
L$sqrx8x_outer_break:
movq %r9,72(%rdi)
-.byte 102,72,15,126,217
+ movq %xmm3,%rcx
movq %r10,80(%rdi)
movq %r11,88(%rdi)
movq %r12,96(%rdi)
@@ -3151,7 +3151,7 @@
movq %rax,48(%rdi)
movq %rbx,56(%rdi)
leaq 64(%rdi),%rdi
-.byte 102,72,15,126,213
+ movq %xmm2,%rbp
__bn_sqrx8x_reduction:
xorl %eax,%eax
movq 32+8(%rsp),%rbx
@@ -3331,10 +3331,10 @@
subq 16+8(%rsp),%rsi
L$sqrx8x_no_tail:
adcq 0(%rdi),%r8
-.byte 102,72,15,126,217
+ movq %xmm3,%rcx
adcq 8(%rdi),%r9
movq 56(%rbp),%rsi
-.byte 102,72,15,126,213
+ movq %xmm2,%rbp
adcq 16(%rdi),%r10
adcq 24(%rdi),%r11
adcq 32(%rdi),%r12
@@ -3372,8 +3372,8 @@
negq %rax
sarq $3+2,%rcx
-.byte 102,72,15,126,202
-.byte 102,72,15,126,206
+ movq %xmm1,%rdx
+ movq %xmm1,%rsi
decq %r12
movq 8(%rbp),%r13
xorq %r8,%r8
diff --git a/src/gen/bcm/x86_64-mont5-linux.S b/src/gen/bcm/x86_64-mont5-linux.S
index dcc02fc..a147041 100644
--- a/src/gen/bcm/x86_64-mont5-linux.S
+++ b/src/gen/bcm/x86_64-mont5-linux.S
@@ -196,7 +196,7 @@
pshufd $0x4e,%xmm0,%xmm1
por %xmm1,%xmm0
leaq 256(%r12),%r12
-.byte 102,72,15,126,195
+ movq %xmm0,%rbx
movq (%r8),%r8
movq (%rsi),%rax
@@ -322,7 +322,7 @@
leaq 256(%r12),%r12
movq (%rsi),%rax
-.byte 102,72,15,126,195
+ movq %xmm0,%rbx
xorq %r15,%r15
movq %r8,%rbp
@@ -691,7 +691,7 @@
pshufd $0x4e,%xmm0,%xmm1
por %xmm1,%xmm0
leaq 256(%r12),%r12
-.byte 102,72,15,126,195
+ movq %xmm0,%rbx
movq %r13,16+8(%rsp)
movq %rdi,56+8(%rsp)
@@ -899,7 +899,7 @@
pshufd $0x4e,%xmm4,%xmm0
por %xmm4,%xmm0
leaq 256(%r12),%r12
-.byte 102,72,15,126,195
+ movq %xmm0,%rbx
movq (%r14,%r9,1),%r10
movq %r8,%rbp
@@ -1171,10 +1171,10 @@
movq %rax,40(%rsp)
.cfi_escape 0x0f,0x05,0x77,0x28,0x06,0x23,0x08
.Lpower5_body:
-.byte 102,72,15,110,207
-.byte 102,72,15,110,209
-.byte 102,73,15,110,218
-.byte 102,72,15,110,226
+ movq %rdi,%xmm1
+ movq %rcx,%xmm2
+ movq %r10,%xmm3
+ movq %rdx,%xmm4
call __bn_sqr8x_internal
call __bn_post4x_internal
@@ -1187,8 +1187,8 @@
call __bn_sqr8x_internal
call __bn_post4x_internal
-.byte 102,72,15,126,209
-.byte 102,72,15,126,226
+ movq %xmm2,%rcx
+ movq %xmm4,%rdx
movq %rsi,%rdi
movq 40(%rsp),%rax
leaq 32(%rsp),%r8
@@ -1740,7 +1740,7 @@
adcq %rdx,%r8
movq %rbx,-16(%rdi)
movq %r8,-8(%rdi)
-.byte 102,72,15,126,213
+ movq %xmm2,%rbp
__bn_sqr8x_reduction:
xorq %rax,%rax
leaq (%r9,%rbp,1),%rcx
@@ -1984,11 +1984,11 @@
movq -8(%rbp),%rcx
xorq %rsi,%rsi
-.byte 102,72,15,126,213
+ movq %xmm2,%rbp
movq %r8,0(%rdi)
movq %r9,8(%rdi)
-.byte 102,73,15,126,217
+ movq %xmm3,%r9
movq %r10,16(%rdi)
movq %r11,24(%rdi)
movq %r12,32(%rdi)
@@ -2009,9 +2009,9 @@
movq 0(%rbp),%r12
leaq (%rdi,%r9,1),%rbx
movq %r9,%rcx
-.byte 102,72,15,126,207
+ movq %xmm1,%rdi
negq %rax
-.byte 102,72,15,126,206
+ movq %xmm1,%rsi
sarq $3+2,%rcx
decq %r12
xorq %r10,%r10
@@ -2321,7 +2321,7 @@
pshufd $0x4e,%xmm0,%xmm1
por %xmm1,%xmm0
leaq 256(%rdi),%rdi
-.byte 102,72,15,126,194
+ movq %xmm0,%rdx
leaq 64+32+8(%rsp),%rbx
movq %rdx,%r9
@@ -2472,7 +2472,7 @@
pshufd $0x4e,%xmm4,%xmm0
por %xmm4,%xmm0
leaq 256(%rdi),%rdi
-.byte 102,72,15,126,194
+ movq %xmm0,%rdx
movq %rbp,(%rbx)
leaq 32(%rbx,%rax,1),%rbx
@@ -2689,10 +2689,10 @@
pxor %xmm0,%xmm0
-.byte 102,72,15,110,207
-.byte 102,72,15,110,209
-.byte 102,73,15,110,218
-.byte 102,72,15,110,226
+ movq %rdi,%xmm1
+ movq %rcx,%xmm2
+ movq %r10,%xmm3
+ movq %rdx,%xmm4
movq %r8,32(%rsp)
movq %rax,40(%rsp)
.cfi_escape 0x0f,0x05,0x77,0x28,0x06,0x23,0x08
@@ -2711,8 +2711,8 @@
movq %r10,%r9
movq %rsi,%rdi
-.byte 102,72,15,126,209
-.byte 102,72,15,126,226
+ movq %xmm2,%rcx
+ movq %xmm4,%rdx
movq 40(%rsp),%rax
call mulx4x_internal
@@ -3077,7 +3077,7 @@
.align 32
.Lsqrx8x_outer_break:
movq %r9,72(%rdi)
-.byte 102,72,15,126,217
+ movq %xmm3,%rcx
movq %r10,80(%rdi)
movq %r11,88(%rdi)
movq %r12,96(%rdi)
@@ -3151,7 +3151,7 @@
movq %rax,48(%rdi)
movq %rbx,56(%rdi)
leaq 64(%rdi),%rdi
-.byte 102,72,15,126,213
+ movq %xmm2,%rbp
__bn_sqrx8x_reduction:
xorl %eax,%eax
movq 32+8(%rsp),%rbx
@@ -3331,10 +3331,10 @@
subq 16+8(%rsp),%rsi
.Lsqrx8x_no_tail:
adcq 0(%rdi),%r8
-.byte 102,72,15,126,217
+ movq %xmm3,%rcx
adcq 8(%rdi),%r9
movq 56(%rbp),%rsi
-.byte 102,72,15,126,213
+ movq %xmm2,%rbp
adcq 16(%rdi),%r10
adcq 24(%rdi),%r11
adcq 32(%rdi),%r12
@@ -3372,8 +3372,8 @@
negq %rax
sarq $3+2,%rcx
-.byte 102,72,15,126,202
-.byte 102,72,15,126,206
+ movq %xmm1,%rdx
+ movq %xmm1,%rsi
decq %r12
movq 8(%rbp),%r13
xorq %r8,%r8
diff --git a/src/gen/bcm/x86_64-mont5-win.asm b/src/gen/bcm/x86_64-mont5-win.asm
index 3b12405..5ddeb86 100644
--- a/src/gen/bcm/x86_64-mont5-win.asm
+++ b/src/gen/bcm/x86_64-mont5-win.asm
@@ -215,7 +215,7 @@
pshufd xmm1,xmm0,0x4e
por xmm0,xmm1
lea r12,[256+r12]
-DB 102,72,15,126,195
+ movq rbx,xmm0
mov r8,QWORD[r8]
mov rax,QWORD[rsi]
@@ -341,7 +341,7 @@
lea r12,[256+r12]
mov rax,QWORD[rsi]
-DB 102,72,15,126,195
+ movq rbx,xmm0
xor r15,r15
mov rbp,r8
@@ -725,7 +725,7 @@
pshufd xmm1,xmm0,0x4e
por xmm0,xmm1
lea r12,[256+r12]
-DB 102,72,15,126,195
+ movq rbx,xmm0
mov QWORD[((16+8))+rsp],r13
mov QWORD[((56+8))+rsp],rdi
@@ -933,7 +933,7 @@
pshufd xmm0,xmm4,0x4e
por xmm0,xmm4
lea r12,[256+r12]
-DB 102,72,15,126,195
+ movq rbx,xmm0
mov r10,QWORD[r9*1+r14]
mov rbp,r8
@@ -1216,10 +1216,10 @@
mov QWORD[40+rsp],rax
$L$power5_body:
-DB 102,72,15,110,207
-DB 102,72,15,110,209
-DB 102,73,15,110,218
-DB 102,72,15,110,226
+ movq xmm1,rdi
+ movq xmm2,rcx
+ movq xmm3,r10
+ movq xmm4,rdx
call __bn_sqr8x_internal
call __bn_post4x_internal
@@ -1232,8 +1232,8 @@
call __bn_sqr8x_internal
call __bn_post4x_internal
-DB 102,72,15,126,209
-DB 102,72,15,126,226
+ movq rcx,xmm2
+ movq rdx,xmm4
mov rdi,rsi
mov rax,QWORD[40+rsp]
lea r8,[32+rsp]
@@ -1786,7 +1786,7 @@
adc r8,rdx
mov QWORD[((-16))+rdi],rbx
mov QWORD[((-8))+rdi],r8
-DB 102,72,15,126,213
+ movq rbp,xmm2
__bn_sqr8x_reduction:
xor rax,rax
lea rcx,[rbp*1+r9]
@@ -2030,11 +2030,11 @@
mov rcx,QWORD[((-8))+rbp]
xor rsi,rsi
-DB 102,72,15,126,213
+ movq rbp,xmm2
mov QWORD[rdi],r8
mov QWORD[8+rdi],r9
-DB 102,73,15,126,217
+ movq r9,xmm3
mov QWORD[16+rdi],r10
mov QWORD[24+rdi],r11
mov QWORD[32+rdi],r12
@@ -2055,9 +2055,9 @@
mov r12,QWORD[rbp]
lea rbx,[r9*1+rdi]
mov rcx,r9
-DB 102,72,15,126,207
+ movq rdi,xmm1
neg rax
-DB 102,72,15,126,206
+ movq rsi,xmm1
sar rcx,3+2
dec r12
xor r10,r10
@@ -2380,7 +2380,7 @@
pshufd xmm1,xmm0,0x4e
por xmm0,xmm1
lea rdi,[256+rdi]
-DB 102,72,15,126,194
+ movq rdx,xmm0
lea rbx,[((64+32+8))+rsp]
mov r9,rdx
@@ -2531,7 +2531,7 @@
pshufd xmm0,xmm4,0x4e
por xmm0,xmm4
lea rdi,[256+rdi]
-DB 102,72,15,126,194
+ movq rdx,xmm0
mov QWORD[rbx],rbp
lea rbx,[32+rax*1+rbx]
@@ -2759,10 +2759,10 @@
pxor xmm0,xmm0
-DB 102,72,15,110,207
-DB 102,72,15,110,209
-DB 102,73,15,110,218
-DB 102,72,15,110,226
+ movq xmm1,rdi
+ movq xmm2,rcx
+ movq xmm3,r10
+ movq xmm4,rdx
mov QWORD[32+rsp],r8
mov QWORD[40+rsp],rax
@@ -2781,8 +2781,8 @@
mov r9,r10
mov rdi,rsi
-DB 102,72,15,126,209
-DB 102,72,15,126,226
+ movq rcx,xmm2
+ movq rdx,xmm4
mov rax,QWORD[40+rsp]
call mulx4x_internal
@@ -3148,7 +3148,7 @@
ALIGN 32
$L$sqrx8x_outer_break:
mov QWORD[72+rdi],r9
-DB 102,72,15,126,217
+ movq rcx,xmm3
mov QWORD[80+rdi],r10
mov QWORD[88+rdi],r11
mov QWORD[96+rdi],r12
@@ -3222,7 +3222,7 @@
mov QWORD[48+rdi],rax
mov QWORD[56+rdi],rbx
lea rdi,[64+rdi]
-DB 102,72,15,126,213
+ movq rbp,xmm2
__bn_sqrx8x_reduction:
xor eax,eax
mov rbx,QWORD[((32+8))+rsp]
@@ -3402,10 +3402,10 @@
sub rsi,QWORD[((16+8))+rsp]
$L$sqrx8x_no_tail:
adc r8,QWORD[rdi]
-DB 102,72,15,126,217
+ movq rcx,xmm3
adc r9,QWORD[8+rdi]
mov rsi,QWORD[56+rbp]
-DB 102,72,15,126,213
+ movq rbp,xmm2
adc r10,QWORD[16+rdi]
adc r11,QWORD[24+rdi]
adc r12,QWORD[32+rdi]
@@ -3443,8 +3443,8 @@
neg rax
sar rcx,3+2
-DB 102,72,15,126,202
-DB 102,72,15,126,206
+ movq rdx,xmm1
+ movq rsi,xmm1
dec r12
mov r13,QWORD[8+rbp]
xor r8,r8
diff --git a/src/gen/crypto/chacha-x86_64-apple.S b/src/gen/crypto/chacha-x86_64-apple.S
index d330661..09481e3 100644
--- a/src/gen/crypto/chacha-x86_64-apple.S
+++ b/src/gen/crypto/chacha-x86_64-apple.S
@@ -91,7 +91,7 @@
movq %rbp,64+0(%rsp)
movl $10,%ebp
movq %rsi,64+8(%rsp)
-.byte 102,72,15,126,214
+ movq %xmm2,%rsi
movq %rdi,64+16(%rsp)
movq %rsi,%rdi
shrq $32,%rdi
@@ -354,7 +354,7 @@
L$oop_ssse3:
paddd %xmm1,%xmm0
pxor %xmm0,%xmm3
-.byte 102,15,56,0,222
+ pshufb %xmm6,%xmm3
paddd %xmm3,%xmm2
pxor %xmm2,%xmm1
movdqa %xmm1,%xmm4
@@ -363,7 +363,7 @@
por %xmm4,%xmm1
paddd %xmm1,%xmm0
pxor %xmm0,%xmm3
-.byte 102,15,56,0,223
+ pshufb %xmm7,%xmm3
paddd %xmm3,%xmm2
pxor %xmm2,%xmm1
movdqa %xmm1,%xmm4
@@ -376,7 +376,7 @@
nop
paddd %xmm1,%xmm0
pxor %xmm0,%xmm3
-.byte 102,15,56,0,222
+ pshufb %xmm6,%xmm3
paddd %xmm3,%xmm2
pxor %xmm2,%xmm1
movdqa %xmm1,%xmm4
@@ -385,7 +385,7 @@
por %xmm4,%xmm1
paddd %xmm1,%xmm0
pxor %xmm0,%xmm3
-.byte 102,15,56,0,223
+ pshufb %xmm7,%xmm3
paddd %xmm3,%xmm2
pxor %xmm2,%xmm1
movdqa %xmm1,%xmm4
@@ -540,8 +540,8 @@
paddd %xmm13,%xmm9
pxor %xmm8,%xmm0
pxor %xmm9,%xmm1
-.byte 102,15,56,0,199
-.byte 102,15,56,0,207
+ pshufb %xmm7,%xmm0
+ pshufb %xmm7,%xmm1
paddd %xmm0,%xmm4
paddd %xmm1,%xmm5
pxor %xmm4,%xmm12
@@ -559,8 +559,8 @@
paddd %xmm13,%xmm9
pxor %xmm8,%xmm0
pxor %xmm9,%xmm1
-.byte 102,15,56,0,198
-.byte 102,15,56,0,206
+ pshufb %xmm6,%xmm0
+ pshufb %xmm6,%xmm1
paddd %xmm0,%xmm4
paddd %xmm1,%xmm5
pxor %xmm4,%xmm12
@@ -582,8 +582,8 @@
paddd %xmm15,%xmm11
pxor %xmm10,%xmm2
pxor %xmm11,%xmm3
-.byte 102,15,56,0,215
-.byte 102,15,56,0,223
+ pshufb %xmm7,%xmm2
+ pshufb %xmm7,%xmm3
paddd %xmm2,%xmm4
paddd %xmm3,%xmm5
pxor %xmm4,%xmm14
@@ -601,8 +601,8 @@
paddd %xmm15,%xmm11
pxor %xmm10,%xmm2
pxor %xmm11,%xmm3
-.byte 102,15,56,0,214
-.byte 102,15,56,0,222
+ pshufb %xmm6,%xmm2
+ pshufb %xmm6,%xmm3
paddd %xmm2,%xmm4
paddd %xmm3,%xmm5
pxor %xmm4,%xmm14
@@ -620,8 +620,8 @@
paddd %xmm14,%xmm9
pxor %xmm8,%xmm3
pxor %xmm9,%xmm0
-.byte 102,15,56,0,223
-.byte 102,15,56,0,199
+ pshufb %xmm7,%xmm3
+ pshufb %xmm7,%xmm0
paddd %xmm3,%xmm4
paddd %xmm0,%xmm5
pxor %xmm4,%xmm13
@@ -639,8 +639,8 @@
paddd %xmm14,%xmm9
pxor %xmm8,%xmm3
pxor %xmm9,%xmm0
-.byte 102,15,56,0,222
-.byte 102,15,56,0,198
+ pshufb %xmm6,%xmm3
+ pshufb %xmm6,%xmm0
paddd %xmm3,%xmm4
paddd %xmm0,%xmm5
pxor %xmm4,%xmm13
@@ -662,8 +662,8 @@
paddd %xmm12,%xmm11
pxor %xmm10,%xmm1
pxor %xmm11,%xmm2
-.byte 102,15,56,0,207
-.byte 102,15,56,0,215
+ pshufb %xmm7,%xmm1
+ pshufb %xmm7,%xmm2
paddd %xmm1,%xmm4
paddd %xmm2,%xmm5
pxor %xmm4,%xmm15
@@ -681,8 +681,8 @@
paddd %xmm12,%xmm11
pxor %xmm10,%xmm1
pxor %xmm11,%xmm2
-.byte 102,15,56,0,206
-.byte 102,15,56,0,214
+ pshufb %xmm6,%xmm1
+ pshufb %xmm6,%xmm2
paddd %xmm1,%xmm4
paddd %xmm2,%xmm5
pxor %xmm4,%xmm15
diff --git a/src/gen/crypto/chacha-x86_64-linux.S b/src/gen/crypto/chacha-x86_64-linux.S
index d76e6d0..8ea190d 100644
--- a/src/gen/crypto/chacha-x86_64-linux.S
+++ b/src/gen/crypto/chacha-x86_64-linux.S
@@ -97,7 +97,7 @@
movq %rbp,64+0(%rsp)
movl $10,%ebp
movq %rsi,64+8(%rsp)
-.byte 102,72,15,126,214
+ movq %xmm2,%rsi
movq %rdi,64+16(%rsp)
movq %rsi,%rdi
shrq $32,%rdi
@@ -360,7 +360,7 @@
.Loop_ssse3:
paddd %xmm1,%xmm0
pxor %xmm0,%xmm3
-.byte 102,15,56,0,222
+ pshufb %xmm6,%xmm3
paddd %xmm3,%xmm2
pxor %xmm2,%xmm1
movdqa %xmm1,%xmm4
@@ -369,7 +369,7 @@
por %xmm4,%xmm1
paddd %xmm1,%xmm0
pxor %xmm0,%xmm3
-.byte 102,15,56,0,223
+ pshufb %xmm7,%xmm3
paddd %xmm3,%xmm2
pxor %xmm2,%xmm1
movdqa %xmm1,%xmm4
@@ -382,7 +382,7 @@
nop
paddd %xmm1,%xmm0
pxor %xmm0,%xmm3
-.byte 102,15,56,0,222
+ pshufb %xmm6,%xmm3
paddd %xmm3,%xmm2
pxor %xmm2,%xmm1
movdqa %xmm1,%xmm4
@@ -391,7 +391,7 @@
por %xmm4,%xmm1
paddd %xmm1,%xmm0
pxor %xmm0,%xmm3
-.byte 102,15,56,0,223
+ pshufb %xmm7,%xmm3
paddd %xmm3,%xmm2
pxor %xmm2,%xmm1
movdqa %xmm1,%xmm4
@@ -546,8 +546,8 @@
paddd %xmm13,%xmm9
pxor %xmm8,%xmm0
pxor %xmm9,%xmm1
-.byte 102,15,56,0,199
-.byte 102,15,56,0,207
+ pshufb %xmm7,%xmm0
+ pshufb %xmm7,%xmm1
paddd %xmm0,%xmm4
paddd %xmm1,%xmm5
pxor %xmm4,%xmm12
@@ -565,8 +565,8 @@
paddd %xmm13,%xmm9
pxor %xmm8,%xmm0
pxor %xmm9,%xmm1
-.byte 102,15,56,0,198
-.byte 102,15,56,0,206
+ pshufb %xmm6,%xmm0
+ pshufb %xmm6,%xmm1
paddd %xmm0,%xmm4
paddd %xmm1,%xmm5
pxor %xmm4,%xmm12
@@ -588,8 +588,8 @@
paddd %xmm15,%xmm11
pxor %xmm10,%xmm2
pxor %xmm11,%xmm3
-.byte 102,15,56,0,215
-.byte 102,15,56,0,223
+ pshufb %xmm7,%xmm2
+ pshufb %xmm7,%xmm3
paddd %xmm2,%xmm4
paddd %xmm3,%xmm5
pxor %xmm4,%xmm14
@@ -607,8 +607,8 @@
paddd %xmm15,%xmm11
pxor %xmm10,%xmm2
pxor %xmm11,%xmm3
-.byte 102,15,56,0,214
-.byte 102,15,56,0,222
+ pshufb %xmm6,%xmm2
+ pshufb %xmm6,%xmm3
paddd %xmm2,%xmm4
paddd %xmm3,%xmm5
pxor %xmm4,%xmm14
@@ -626,8 +626,8 @@
paddd %xmm14,%xmm9
pxor %xmm8,%xmm3
pxor %xmm9,%xmm0
-.byte 102,15,56,0,223
-.byte 102,15,56,0,199
+ pshufb %xmm7,%xmm3
+ pshufb %xmm7,%xmm0
paddd %xmm3,%xmm4
paddd %xmm0,%xmm5
pxor %xmm4,%xmm13
@@ -645,8 +645,8 @@
paddd %xmm14,%xmm9
pxor %xmm8,%xmm3
pxor %xmm9,%xmm0
-.byte 102,15,56,0,222
-.byte 102,15,56,0,198
+ pshufb %xmm6,%xmm3
+ pshufb %xmm6,%xmm0
paddd %xmm3,%xmm4
paddd %xmm0,%xmm5
pxor %xmm4,%xmm13
@@ -668,8 +668,8 @@
paddd %xmm12,%xmm11
pxor %xmm10,%xmm1
pxor %xmm11,%xmm2
-.byte 102,15,56,0,207
-.byte 102,15,56,0,215
+ pshufb %xmm7,%xmm1
+ pshufb %xmm7,%xmm2
paddd %xmm1,%xmm4
paddd %xmm2,%xmm5
pxor %xmm4,%xmm15
@@ -687,8 +687,8 @@
paddd %xmm12,%xmm11
pxor %xmm10,%xmm1
pxor %xmm11,%xmm2
-.byte 102,15,56,0,206
-.byte 102,15,56,0,214
+ pshufb %xmm6,%xmm1
+ pshufb %xmm6,%xmm2
paddd %xmm1,%xmm4
paddd %xmm2,%xmm5
pxor %xmm4,%xmm15
diff --git a/src/gen/crypto/chacha-x86_64-win.asm b/src/gen/crypto/chacha-x86_64-win.asm
index f1f9a0d..f9cae3f 100644
--- a/src/gen/crypto/chacha-x86_64-win.asm
+++ b/src/gen/crypto/chacha-x86_64-win.asm
@@ -114,7 +114,7 @@
mov QWORD[((64+0))+rsp],rbp
mov ebp,10
mov QWORD[((64+8))+rsp],rsi
-DB 102,72,15,126,214
+ movq rsi,xmm2
mov QWORD[((64+16))+rsp],rdi
mov rdi,rsi
shr rdi,32
@@ -392,7 +392,7 @@
$L$oop_ssse3:
paddd xmm0,xmm1
pxor xmm3,xmm0
-DB 102,15,56,0,222
+ pshufb xmm3,xmm6
paddd xmm2,xmm3
pxor xmm1,xmm2
movdqa xmm4,xmm1
@@ -401,7 +401,7 @@
por xmm1,xmm4
paddd xmm0,xmm1
pxor xmm3,xmm0
-DB 102,15,56,0,223
+ pshufb xmm3,xmm7
paddd xmm2,xmm3
pxor xmm1,xmm2
movdqa xmm4,xmm1
@@ -414,7 +414,7 @@
nop
paddd xmm0,xmm1
pxor xmm3,xmm0
-DB 102,15,56,0,222
+ pshufb xmm3,xmm6
paddd xmm2,xmm3
pxor xmm1,xmm2
movdqa xmm4,xmm1
@@ -423,7 +423,7 @@
por xmm1,xmm4
paddd xmm0,xmm1
pxor xmm3,xmm0
-DB 102,15,56,0,223
+ pshufb xmm3,xmm7
paddd xmm2,xmm3
pxor xmm1,xmm2
movdqa xmm4,xmm1
@@ -603,8 +603,8 @@
paddd xmm9,xmm13
pxor xmm0,xmm8
pxor xmm1,xmm9
-DB 102,15,56,0,199
-DB 102,15,56,0,207
+ pshufb xmm0,xmm7
+ pshufb xmm1,xmm7
paddd xmm4,xmm0
paddd xmm5,xmm1
pxor xmm12,xmm4
@@ -622,8 +622,8 @@
paddd xmm9,xmm13
pxor xmm0,xmm8
pxor xmm1,xmm9
-DB 102,15,56,0,198
-DB 102,15,56,0,206
+ pshufb xmm0,xmm6
+ pshufb xmm1,xmm6
paddd xmm4,xmm0
paddd xmm5,xmm1
pxor xmm12,xmm4
@@ -645,8 +645,8 @@
paddd xmm11,xmm15
pxor xmm2,xmm10
pxor xmm3,xmm11
-DB 102,15,56,0,215
-DB 102,15,56,0,223
+ pshufb xmm2,xmm7
+ pshufb xmm3,xmm7
paddd xmm4,xmm2
paddd xmm5,xmm3
pxor xmm14,xmm4
@@ -664,8 +664,8 @@
paddd xmm11,xmm15
pxor xmm2,xmm10
pxor xmm3,xmm11
-DB 102,15,56,0,214
-DB 102,15,56,0,222
+ pshufb xmm2,xmm6
+ pshufb xmm3,xmm6
paddd xmm4,xmm2
paddd xmm5,xmm3
pxor xmm14,xmm4
@@ -683,8 +683,8 @@
paddd xmm9,xmm14
pxor xmm3,xmm8
pxor xmm0,xmm9
-DB 102,15,56,0,223
-DB 102,15,56,0,199
+ pshufb xmm3,xmm7
+ pshufb xmm0,xmm7
paddd xmm4,xmm3
paddd xmm5,xmm0
pxor xmm13,xmm4
@@ -702,8 +702,8 @@
paddd xmm9,xmm14
pxor xmm3,xmm8
pxor xmm0,xmm9
-DB 102,15,56,0,222
-DB 102,15,56,0,198
+ pshufb xmm3,xmm6
+ pshufb xmm0,xmm6
paddd xmm4,xmm3
paddd xmm5,xmm0
pxor xmm13,xmm4
@@ -725,8 +725,8 @@
paddd xmm11,xmm12
pxor xmm1,xmm10
pxor xmm2,xmm11
-DB 102,15,56,0,207
-DB 102,15,56,0,215
+ pshufb xmm1,xmm7
+ pshufb xmm2,xmm7
paddd xmm4,xmm1
paddd xmm5,xmm2
pxor xmm15,xmm4
@@ -744,8 +744,8 @@
paddd xmm11,xmm12
pxor xmm1,xmm10
pxor xmm2,xmm11
-DB 102,15,56,0,206
-DB 102,15,56,0,214
+ pshufb xmm1,xmm6
+ pshufb xmm2,xmm6
paddd xmm4,xmm1
paddd xmm5,xmm2
pxor xmm15,xmm4
diff --git a/src/gen/crypto/chacha20_poly1305_x86_64-apple.S b/src/gen/crypto/chacha20_poly1305_x86_64-apple.S
index a261463..4044212 100644
--- a/src/gen/crypto/chacha20_poly1305_x86_64-apple.S
+++ b/src/gen/crypto/chacha20_poly1305_x86_64-apple.S
@@ -278,9 +278,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
paddd %xmm4,%xmm0
pxor %xmm0,%xmm12
pshufb L$rol16(%rip),%xmm12
@@ -299,9 +299,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
decq %r10
jne L$open_sse_init_rounds
@@ -359,10 +359,10 @@
pxor %xmm2,%xmm14
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -413,10 +413,10 @@
pxor %xmm2,%xmm14
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -457,18 +457,18 @@
imulq %r12,%r9
addq %r10,%r15
adcq %rdx,%r9
-.byte 102,15,58,15,255,4
-.byte 102,69,15,58,15,219,8
-.byte 102,69,15,58,15,255,12
-.byte 102,15,58,15,246,4
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,12
-.byte 102,15,58,15,237,4
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,12
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm7,%xmm7
+ palignr $8,%xmm11,%xmm11
+ palignr $12,%xmm15,%xmm15
+ palignr $4,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $12,%xmm14,%xmm14
+ palignr $4,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $12,%xmm13,%xmm13
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
movdqa %xmm8,0+80(%rbp)
movdqa L$rol16(%rip),%xmm8
paddd %xmm7,%xmm3
@@ -493,10 +493,10 @@
adcq $0,%r12
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -532,10 +532,10 @@
pxor %xmm2,%xmm14
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -563,18 +563,18 @@
pslld $32-25,%xmm4
pxor %xmm8,%xmm4
movdqa 0+80(%rbp),%xmm8
-.byte 102,15,58,15,255,12
-.byte 102,69,15,58,15,219,8
-.byte 102,69,15,58,15,255,4
-.byte 102,15,58,15,246,12
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,4
-.byte 102,15,58,15,237,12
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm7,%xmm7
+ palignr $8,%xmm11,%xmm11
+ palignr $4,%xmm15,%xmm15
+ palignr $12,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $4,%xmm14,%xmm14
+ palignr $12,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $4,%xmm13,%xmm13
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
decq %rcx
jge L$open_sse_main_loop_rounds
@@ -776,9 +776,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
paddd %xmm4,%xmm0
pxor %xmm0,%xmm12
pshufb L$rol16(%rip),%xmm12
@@ -797,9 +797,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
cmpq $16,%rcx
jae L$open_sse_tail_64_rounds_and_x1hash
@@ -891,9 +891,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb L$rol16(%rip),%xmm13
@@ -912,9 +912,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,4
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,12
+ palignr $4,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $12,%xmm13,%xmm13
paddd %xmm4,%xmm0
pxor %xmm0,%xmm12
pshufb L$rol16(%rip),%xmm12
@@ -933,9 +933,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb L$rol16(%rip),%xmm13
@@ -954,9 +954,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,12
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,4
+ palignr $12,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $4,%xmm13,%xmm13
cmpq %rcx,%r8
jb L$open_sse_tail_128_rounds_and_x1hash
@@ -1076,9 +1076,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb L$rol16(%rip),%xmm13
@@ -1097,9 +1097,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,4
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,12
+ palignr $4,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $12,%xmm13,%xmm13
paddd %xmm6,%xmm2
pxor %xmm2,%xmm14
pshufb L$rol16(%rip),%xmm14
@@ -1118,9 +1118,9 @@
pslld $7,%xmm3
psrld $25,%xmm6
pxor %xmm3,%xmm6
-.byte 102,15,58,15,246,4
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,12
+ palignr $4,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $12,%xmm14,%xmm14
paddd %xmm4,%xmm0
pxor %xmm0,%xmm12
pshufb L$rol16(%rip),%xmm12
@@ -1139,9 +1139,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb L$rol16(%rip),%xmm13
@@ -1160,9 +1160,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,12
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,4
+ palignr $12,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $4,%xmm13,%xmm13
paddd %xmm6,%xmm2
pxor %xmm2,%xmm14
pshufb L$rol16(%rip),%xmm14
@@ -1181,9 +1181,9 @@
pslld $7,%xmm3
psrld $25,%xmm6
pxor %xmm3,%xmm6
-.byte 102,15,58,15,246,12
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,4
+ palignr $12,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $4,%xmm14,%xmm14
cmpq %rcx,%r8
jb L$open_sse_tail_192_rounds_and_x1hash
@@ -1368,9 +1368,9 @@
pslld $7,%xmm11
psrld $25,%xmm4
pxor %xmm11,%xmm4
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb L$rol16(%rip),%xmm13
@@ -1389,9 +1389,9 @@
pslld $7,%xmm11
psrld $25,%xmm5
pxor %xmm11,%xmm5
-.byte 102,15,58,15,237,4
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,12
+ palignr $4,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $12,%xmm13,%xmm13
paddd %xmm6,%xmm2
pxor %xmm2,%xmm14
pshufb L$rol16(%rip),%xmm14
@@ -1410,9 +1410,9 @@
pslld $7,%xmm11
psrld $25,%xmm6
pxor %xmm11,%xmm6
-.byte 102,15,58,15,246,4
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,12
+ palignr $4,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $12,%xmm14,%xmm14
movdqa 0+80(%rbp),%xmm11
movq 0+0+0(%rbp),%rax
movq %rax,%r15
@@ -1443,9 +1443,9 @@
pslld $7,%xmm9
psrld $25,%xmm7
pxor %xmm9,%xmm7
-.byte 102,15,58,15,255,4
-.byte 102,69,15,58,15,219,8
-.byte 102,69,15,58,15,255,12
+ palignr $4,%xmm7,%xmm7
+ palignr $8,%xmm11,%xmm11
+ palignr $12,%xmm15,%xmm15
movdqa 0+80(%rbp),%xmm9
movq 8+0+0(%rbp),%rax
movq %rax,%r9
@@ -1476,9 +1476,9 @@
pslld $7,%xmm11
psrld $25,%xmm4
pxor %xmm11,%xmm4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb L$rol16(%rip),%xmm13
@@ -1497,9 +1497,9 @@
pslld $7,%xmm11
psrld $25,%xmm5
pxor %xmm11,%xmm5
-.byte 102,15,58,15,237,12
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,4
+ palignr $12,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $4,%xmm13,%xmm13
imulq %r12,%r9
addq %r10,%r15
adcq %rdx,%r9
@@ -1521,9 +1521,9 @@
pslld $7,%xmm11
psrld $25,%xmm6
pxor %xmm11,%xmm6
-.byte 102,15,58,15,246,12
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,4
+ palignr $12,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $4,%xmm14,%xmm14
movdqa 0+80(%rbp),%xmm11
movq %r13,%r10
movq %r14,%r11
@@ -1558,9 +1558,9 @@
pslld $7,%xmm9
psrld $25,%xmm7
pxor %xmm9,%xmm7
-.byte 102,15,58,15,255,12
-.byte 102,69,15,58,15,219,8
-.byte 102,69,15,58,15,255,4
+ palignr $12,%xmm7,%xmm7
+ palignr $8,%xmm11,%xmm11
+ palignr $4,%xmm15,%xmm15
movdqa 0+80(%rbp),%xmm9
addq $16,%r8
@@ -1707,7 +1707,7 @@
subq $1,%r8
jnz L$open_sse_tail_16_compose
-.byte 102,73,15,126,221
+ movq %xmm3,%r13
pextrq $1,%xmm3,%r14
pxor %xmm1,%xmm3
@@ -1880,9 +1880,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb L$rol16(%rip),%xmm13
@@ -1901,9 +1901,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,4
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,12
+ palignr $4,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $12,%xmm13,%xmm13
paddd %xmm6,%xmm2
pxor %xmm2,%xmm14
pshufb L$rol16(%rip),%xmm14
@@ -1922,9 +1922,9 @@
pslld $7,%xmm3
psrld $25,%xmm6
pxor %xmm3,%xmm6
-.byte 102,15,58,15,246,4
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,12
+ palignr $4,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $12,%xmm14,%xmm14
paddd %xmm4,%xmm0
pxor %xmm0,%xmm12
pshufb L$rol16(%rip),%xmm12
@@ -1943,9 +1943,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb L$rol16(%rip),%xmm13
@@ -1964,9 +1964,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,12
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,4
+ palignr $12,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $4,%xmm13,%xmm13
paddd %xmm6,%xmm2
pxor %xmm2,%xmm14
pshufb L$rol16(%rip),%xmm14
@@ -1985,9 +1985,9 @@
pslld $7,%xmm3
psrld $25,%xmm6
pxor %xmm3,%xmm6
-.byte 102,15,58,15,246,12
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,4
+ palignr $12,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $4,%xmm14,%xmm14
decq %r10
jnz L$open_sse_128_rounds
@@ -2155,10 +2155,10 @@
pxor %xmm2,%xmm14
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -2194,10 +2194,10 @@
pxor %xmm2,%xmm14
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -2225,18 +2225,18 @@
pslld $32-25,%xmm4
pxor %xmm8,%xmm4
movdqa 0+80(%rbp),%xmm8
-.byte 102,15,58,15,255,4
-.byte 102,69,15,58,15,219,8
-.byte 102,69,15,58,15,255,12
-.byte 102,15,58,15,246,4
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,12
-.byte 102,15,58,15,237,4
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,12
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm7,%xmm7
+ palignr $8,%xmm11,%xmm11
+ palignr $12,%xmm15,%xmm15
+ palignr $4,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $12,%xmm14,%xmm14
+ palignr $4,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $12,%xmm13,%xmm13
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
movdqa %xmm8,0+80(%rbp)
movdqa L$rol16(%rip),%xmm8
paddd %xmm7,%xmm3
@@ -2247,10 +2247,10 @@
pxor %xmm2,%xmm14
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -2286,10 +2286,10 @@
pxor %xmm2,%xmm14
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -2317,18 +2317,18 @@
pslld $32-25,%xmm4
pxor %xmm8,%xmm4
movdqa 0+80(%rbp),%xmm8
-.byte 102,15,58,15,255,12
-.byte 102,69,15,58,15,219,8
-.byte 102,69,15,58,15,255,4
-.byte 102,15,58,15,246,12
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,4
-.byte 102,15,58,15,237,12
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm7,%xmm7
+ palignr $8,%xmm11,%xmm11
+ palignr $4,%xmm15,%xmm15
+ palignr $12,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $4,%xmm14,%xmm14
+ palignr $12,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $4,%xmm13,%xmm13
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
decq %r10
jnz L$seal_sse_init_rounds
@@ -2451,10 +2451,10 @@
pxor %xmm2,%xmm14
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -2503,10 +2503,10 @@
pxor %xmm2,%xmm14
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -2547,18 +2547,18 @@
imulq %r12,%r9
addq %r10,%r15
adcq %rdx,%r9
-.byte 102,15,58,15,255,4
-.byte 102,69,15,58,15,219,8
-.byte 102,69,15,58,15,255,12
-.byte 102,15,58,15,246,4
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,12
-.byte 102,15,58,15,237,4
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,12
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm7,%xmm7
+ palignr $8,%xmm11,%xmm11
+ palignr $12,%xmm15,%xmm15
+ palignr $4,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $12,%xmm14,%xmm14
+ palignr $4,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $12,%xmm13,%xmm13
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
movdqa %xmm8,0+80(%rbp)
movdqa L$rol16(%rip),%xmm8
paddd %xmm7,%xmm3
@@ -2583,10 +2583,10 @@
adcq $0,%r12
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -2622,10 +2622,10 @@
pxor %xmm2,%xmm14
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -2653,18 +2653,18 @@
pslld $32-25,%xmm4
pxor %xmm8,%xmm4
movdqa 0+80(%rbp),%xmm8
-.byte 102,15,58,15,255,12
-.byte 102,69,15,58,15,219,8
-.byte 102,69,15,58,15,255,4
-.byte 102,15,58,15,246,12
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,4
-.byte 102,15,58,15,237,12
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm7,%xmm7
+ palignr $8,%xmm11,%xmm11
+ palignr $4,%xmm15,%xmm15
+ palignr $12,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $4,%xmm14,%xmm14
+ palignr $12,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $4,%xmm13,%xmm13
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
leaq 16(%rdi),%rdi
decq %r8
@@ -2877,9 +2877,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
paddd %xmm4,%xmm0
pxor %xmm0,%xmm12
pshufb L$rol16(%rip),%xmm12
@@ -2898,9 +2898,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
addq 0+0(%rdi),%r10
adcq 8+0(%rdi),%r11
adcq $1,%r12
@@ -3030,9 +3030,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb L$rol16(%rip),%xmm13
@@ -3051,9 +3051,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,4
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,12
+ palignr $4,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $12,%xmm13,%xmm13
addq 0+0(%rdi),%r10
adcq 8+0(%rdi),%r11
adcq $1,%r12
@@ -3112,9 +3112,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb L$rol16(%rip),%xmm13
@@ -3133,9 +3133,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,12
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,4
+ palignr $12,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $4,%xmm13,%xmm13
leaq 16(%rdi),%rdi
decq %rcx
@@ -3250,9 +3250,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb L$rol16(%rip),%xmm13
@@ -3271,9 +3271,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,4
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,12
+ palignr $4,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $12,%xmm13,%xmm13
paddd %xmm6,%xmm2
pxor %xmm2,%xmm14
pshufb L$rol16(%rip),%xmm14
@@ -3292,9 +3292,9 @@
pslld $7,%xmm3
psrld $25,%xmm6
pxor %xmm3,%xmm6
-.byte 102,15,58,15,246,4
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,12
+ palignr $4,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $12,%xmm14,%xmm14
addq 0+0(%rdi),%r10
adcq 8+0(%rdi),%r11
adcq $1,%r12
@@ -3353,9 +3353,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb L$rol16(%rip),%xmm13
@@ -3374,9 +3374,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,12
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,4
+ palignr $12,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $4,%xmm13,%xmm13
paddd %xmm6,%xmm2
pxor %xmm2,%xmm14
pshufb L$rol16(%rip),%xmm14
@@ -3395,9 +3395,9 @@
pslld $7,%xmm3
psrld $25,%xmm6
pxor %xmm3,%xmm6
-.byte 102,15,58,15,246,12
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,4
+ palignr $12,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $4,%xmm14,%xmm14
leaq 16(%rdi),%rdi
decq %rcx
@@ -3649,7 +3649,7 @@
-.byte 102,77,15,126,253
+ movq %xmm15,%r13
pextrq $1,%xmm15,%r14
addq %r13,%r10
adcq %r14,%r11
@@ -3765,7 +3765,7 @@
leaq L$and_masks(%rip),%r15
shlq $4,%rbx
pand -16(%r15,%rbx,1),%xmm15
-.byte 102,77,15,126,253
+ movq %xmm15,%r13
pextrq $1,%xmm15,%r14
addq %r13,%r10
adcq %r14,%r11
@@ -3927,9 +3927,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb L$rol16(%rip),%xmm13
@@ -3948,9 +3948,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,4
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,12
+ palignr $4,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $12,%xmm13,%xmm13
paddd %xmm6,%xmm2
pxor %xmm2,%xmm14
pshufb L$rol16(%rip),%xmm14
@@ -3969,9 +3969,9 @@
pslld $7,%xmm3
psrld $25,%xmm6
pxor %xmm3,%xmm6
-.byte 102,15,58,15,246,4
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,12
+ palignr $4,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $12,%xmm14,%xmm14
paddd %xmm4,%xmm0
pxor %xmm0,%xmm12
pshufb L$rol16(%rip),%xmm12
@@ -3990,9 +3990,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb L$rol16(%rip),%xmm13
@@ -4011,9 +4011,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,12
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,4
+ palignr $12,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $4,%xmm13,%xmm13
paddd %xmm6,%xmm2
pxor %xmm2,%xmm14
pshufb L$rol16(%rip),%xmm14
@@ -4032,9 +4032,9 @@
pslld $7,%xmm3
psrld $25,%xmm6
pxor %xmm3,%xmm6
-.byte 102,15,58,15,246,12
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,4
+ palignr $12,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $4,%xmm14,%xmm14
decq %r10
jnz L$seal_sse_128_rounds
diff --git a/src/gen/crypto/chacha20_poly1305_x86_64-linux.S b/src/gen/crypto/chacha20_poly1305_x86_64-linux.S
index 180b41e..6fd94c8 100644
--- a/src/gen/crypto/chacha20_poly1305_x86_64-linux.S
+++ b/src/gen/crypto/chacha20_poly1305_x86_64-linux.S
@@ -285,9 +285,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
paddd %xmm4,%xmm0
pxor %xmm0,%xmm12
pshufb .Lrol16(%rip),%xmm12
@@ -306,9 +306,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
decq %r10
jne .Lopen_sse_init_rounds
@@ -366,10 +366,10 @@
pxor %xmm2,%xmm14
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -420,10 +420,10 @@
pxor %xmm2,%xmm14
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -464,18 +464,18 @@
imulq %r12,%r9
addq %r10,%r15
adcq %rdx,%r9
-.byte 102,15,58,15,255,4
-.byte 102,69,15,58,15,219,8
-.byte 102,69,15,58,15,255,12
-.byte 102,15,58,15,246,4
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,12
-.byte 102,15,58,15,237,4
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,12
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm7,%xmm7
+ palignr $8,%xmm11,%xmm11
+ palignr $12,%xmm15,%xmm15
+ palignr $4,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $12,%xmm14,%xmm14
+ palignr $4,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $12,%xmm13,%xmm13
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
movdqa %xmm8,0+80(%rbp)
movdqa .Lrol16(%rip),%xmm8
paddd %xmm7,%xmm3
@@ -500,10 +500,10 @@
adcq $0,%r12
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -539,10 +539,10 @@
pxor %xmm2,%xmm14
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -570,18 +570,18 @@
pslld $32-25,%xmm4
pxor %xmm8,%xmm4
movdqa 0+80(%rbp),%xmm8
-.byte 102,15,58,15,255,12
-.byte 102,69,15,58,15,219,8
-.byte 102,69,15,58,15,255,4
-.byte 102,15,58,15,246,12
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,4
-.byte 102,15,58,15,237,12
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm7,%xmm7
+ palignr $8,%xmm11,%xmm11
+ palignr $4,%xmm15,%xmm15
+ palignr $12,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $4,%xmm14,%xmm14
+ palignr $12,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $4,%xmm13,%xmm13
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
decq %rcx
jge .Lopen_sse_main_loop_rounds
@@ -783,9 +783,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
paddd %xmm4,%xmm0
pxor %xmm0,%xmm12
pshufb .Lrol16(%rip),%xmm12
@@ -804,9 +804,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
cmpq $16,%rcx
jae .Lopen_sse_tail_64_rounds_and_x1hash
@@ -898,9 +898,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb .Lrol16(%rip),%xmm13
@@ -919,9 +919,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,4
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,12
+ palignr $4,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $12,%xmm13,%xmm13
paddd %xmm4,%xmm0
pxor %xmm0,%xmm12
pshufb .Lrol16(%rip),%xmm12
@@ -940,9 +940,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb .Lrol16(%rip),%xmm13
@@ -961,9 +961,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,12
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,4
+ palignr $12,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $4,%xmm13,%xmm13
cmpq %rcx,%r8
jb .Lopen_sse_tail_128_rounds_and_x1hash
@@ -1083,9 +1083,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb .Lrol16(%rip),%xmm13
@@ -1104,9 +1104,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,4
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,12
+ palignr $4,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $12,%xmm13,%xmm13
paddd %xmm6,%xmm2
pxor %xmm2,%xmm14
pshufb .Lrol16(%rip),%xmm14
@@ -1125,9 +1125,9 @@
pslld $7,%xmm3
psrld $25,%xmm6
pxor %xmm3,%xmm6
-.byte 102,15,58,15,246,4
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,12
+ palignr $4,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $12,%xmm14,%xmm14
paddd %xmm4,%xmm0
pxor %xmm0,%xmm12
pshufb .Lrol16(%rip),%xmm12
@@ -1146,9 +1146,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb .Lrol16(%rip),%xmm13
@@ -1167,9 +1167,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,12
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,4
+ palignr $12,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $4,%xmm13,%xmm13
paddd %xmm6,%xmm2
pxor %xmm2,%xmm14
pshufb .Lrol16(%rip),%xmm14
@@ -1188,9 +1188,9 @@
pslld $7,%xmm3
psrld $25,%xmm6
pxor %xmm3,%xmm6
-.byte 102,15,58,15,246,12
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,4
+ palignr $12,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $4,%xmm14,%xmm14
cmpq %rcx,%r8
jb .Lopen_sse_tail_192_rounds_and_x1hash
@@ -1375,9 +1375,9 @@
pslld $7,%xmm11
psrld $25,%xmm4
pxor %xmm11,%xmm4
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb .Lrol16(%rip),%xmm13
@@ -1396,9 +1396,9 @@
pslld $7,%xmm11
psrld $25,%xmm5
pxor %xmm11,%xmm5
-.byte 102,15,58,15,237,4
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,12
+ palignr $4,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $12,%xmm13,%xmm13
paddd %xmm6,%xmm2
pxor %xmm2,%xmm14
pshufb .Lrol16(%rip),%xmm14
@@ -1417,9 +1417,9 @@
pslld $7,%xmm11
psrld $25,%xmm6
pxor %xmm11,%xmm6
-.byte 102,15,58,15,246,4
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,12
+ palignr $4,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $12,%xmm14,%xmm14
movdqa 0+80(%rbp),%xmm11
movq 0+0+0(%rbp),%rax
movq %rax,%r15
@@ -1450,9 +1450,9 @@
pslld $7,%xmm9
psrld $25,%xmm7
pxor %xmm9,%xmm7
-.byte 102,15,58,15,255,4
-.byte 102,69,15,58,15,219,8
-.byte 102,69,15,58,15,255,12
+ palignr $4,%xmm7,%xmm7
+ palignr $8,%xmm11,%xmm11
+ palignr $12,%xmm15,%xmm15
movdqa 0+80(%rbp),%xmm9
movq 8+0+0(%rbp),%rax
movq %rax,%r9
@@ -1483,9 +1483,9 @@
pslld $7,%xmm11
psrld $25,%xmm4
pxor %xmm11,%xmm4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb .Lrol16(%rip),%xmm13
@@ -1504,9 +1504,9 @@
pslld $7,%xmm11
psrld $25,%xmm5
pxor %xmm11,%xmm5
-.byte 102,15,58,15,237,12
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,4
+ palignr $12,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $4,%xmm13,%xmm13
imulq %r12,%r9
addq %r10,%r15
adcq %rdx,%r9
@@ -1528,9 +1528,9 @@
pslld $7,%xmm11
psrld $25,%xmm6
pxor %xmm11,%xmm6
-.byte 102,15,58,15,246,12
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,4
+ palignr $12,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $4,%xmm14,%xmm14
movdqa 0+80(%rbp),%xmm11
movq %r13,%r10
movq %r14,%r11
@@ -1565,9 +1565,9 @@
pslld $7,%xmm9
psrld $25,%xmm7
pxor %xmm9,%xmm7
-.byte 102,15,58,15,255,12
-.byte 102,69,15,58,15,219,8
-.byte 102,69,15,58,15,255,4
+ palignr $12,%xmm7,%xmm7
+ palignr $8,%xmm11,%xmm11
+ palignr $4,%xmm15,%xmm15
movdqa 0+80(%rbp),%xmm9
addq $16,%r8
@@ -1714,7 +1714,7 @@
subq $1,%r8
jnz .Lopen_sse_tail_16_compose
-.byte 102,73,15,126,221
+ movq %xmm3,%r13
pextrq $1,%xmm3,%r14
pxor %xmm1,%xmm3
@@ -1894,9 +1894,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb .Lrol16(%rip),%xmm13
@@ -1915,9 +1915,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,4
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,12
+ palignr $4,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $12,%xmm13,%xmm13
paddd %xmm6,%xmm2
pxor %xmm2,%xmm14
pshufb .Lrol16(%rip),%xmm14
@@ -1936,9 +1936,9 @@
pslld $7,%xmm3
psrld $25,%xmm6
pxor %xmm3,%xmm6
-.byte 102,15,58,15,246,4
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,12
+ palignr $4,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $12,%xmm14,%xmm14
paddd %xmm4,%xmm0
pxor %xmm0,%xmm12
pshufb .Lrol16(%rip),%xmm12
@@ -1957,9 +1957,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb .Lrol16(%rip),%xmm13
@@ -1978,9 +1978,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,12
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,4
+ palignr $12,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $4,%xmm13,%xmm13
paddd %xmm6,%xmm2
pxor %xmm2,%xmm14
pshufb .Lrol16(%rip),%xmm14
@@ -1999,9 +1999,9 @@
pslld $7,%xmm3
psrld $25,%xmm6
pxor %xmm3,%xmm6
-.byte 102,15,58,15,246,12
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,4
+ palignr $12,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $4,%xmm14,%xmm14
decq %r10
jnz .Lopen_sse_128_rounds
@@ -2176,10 +2176,10 @@
pxor %xmm2,%xmm14
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -2215,10 +2215,10 @@
pxor %xmm2,%xmm14
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -2246,18 +2246,18 @@
pslld $32-25,%xmm4
pxor %xmm8,%xmm4
movdqa 0+80(%rbp),%xmm8
-.byte 102,15,58,15,255,4
-.byte 102,69,15,58,15,219,8
-.byte 102,69,15,58,15,255,12
-.byte 102,15,58,15,246,4
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,12
-.byte 102,15,58,15,237,4
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,12
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm7,%xmm7
+ palignr $8,%xmm11,%xmm11
+ palignr $12,%xmm15,%xmm15
+ palignr $4,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $12,%xmm14,%xmm14
+ palignr $4,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $12,%xmm13,%xmm13
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
movdqa %xmm8,0+80(%rbp)
movdqa .Lrol16(%rip),%xmm8
paddd %xmm7,%xmm3
@@ -2268,10 +2268,10 @@
pxor %xmm2,%xmm14
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -2307,10 +2307,10 @@
pxor %xmm2,%xmm14
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -2338,18 +2338,18 @@
pslld $32-25,%xmm4
pxor %xmm8,%xmm4
movdqa 0+80(%rbp),%xmm8
-.byte 102,15,58,15,255,12
-.byte 102,69,15,58,15,219,8
-.byte 102,69,15,58,15,255,4
-.byte 102,15,58,15,246,12
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,4
-.byte 102,15,58,15,237,12
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm7,%xmm7
+ palignr $8,%xmm11,%xmm11
+ palignr $4,%xmm15,%xmm15
+ palignr $12,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $4,%xmm14,%xmm14
+ palignr $12,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $4,%xmm13,%xmm13
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
decq %r10
jnz .Lseal_sse_init_rounds
@@ -2472,10 +2472,10 @@
pxor %xmm2,%xmm14
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -2524,10 +2524,10 @@
pxor %xmm2,%xmm14
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -2568,18 +2568,18 @@
imulq %r12,%r9
addq %r10,%r15
adcq %rdx,%r9
-.byte 102,15,58,15,255,4
-.byte 102,69,15,58,15,219,8
-.byte 102,69,15,58,15,255,12
-.byte 102,15,58,15,246,4
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,12
-.byte 102,15,58,15,237,4
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,12
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm7,%xmm7
+ palignr $8,%xmm11,%xmm11
+ palignr $12,%xmm15,%xmm15
+ palignr $4,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $12,%xmm14,%xmm14
+ palignr $4,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $12,%xmm13,%xmm13
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
movdqa %xmm8,0+80(%rbp)
movdqa .Lrol16(%rip),%xmm8
paddd %xmm7,%xmm3
@@ -2604,10 +2604,10 @@
adcq $0,%r12
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -2643,10 +2643,10 @@
pxor %xmm2,%xmm14
pxor %xmm1,%xmm13
pxor %xmm0,%xmm12
-.byte 102,69,15,56,0,248
-.byte 102,69,15,56,0,240
-.byte 102,69,15,56,0,232
-.byte 102,69,15,56,0,224
+ pshufb %xmm8,%xmm15
+ pshufb %xmm8,%xmm14
+ pshufb %xmm8,%xmm13
+ pshufb %xmm8,%xmm12
movdqa 0+80(%rbp),%xmm8
paddd %xmm15,%xmm11
paddd %xmm14,%xmm10
@@ -2674,18 +2674,18 @@
pslld $32-25,%xmm4
pxor %xmm8,%xmm4
movdqa 0+80(%rbp),%xmm8
-.byte 102,15,58,15,255,12
-.byte 102,69,15,58,15,219,8
-.byte 102,69,15,58,15,255,4
-.byte 102,15,58,15,246,12
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,4
-.byte 102,15,58,15,237,12
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm7,%xmm7
+ palignr $8,%xmm11,%xmm11
+ palignr $4,%xmm15,%xmm15
+ palignr $12,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $4,%xmm14,%xmm14
+ palignr $12,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $4,%xmm13,%xmm13
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
leaq 16(%rdi),%rdi
decq %r8
@@ -2898,9 +2898,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
paddd %xmm4,%xmm0
pxor %xmm0,%xmm12
pshufb .Lrol16(%rip),%xmm12
@@ -2919,9 +2919,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
addq 0+0(%rdi),%r10
adcq 8+0(%rdi),%r11
adcq $1,%r12
@@ -3051,9 +3051,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb .Lrol16(%rip),%xmm13
@@ -3072,9 +3072,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,4
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,12
+ palignr $4,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $12,%xmm13,%xmm13
addq 0+0(%rdi),%r10
adcq 8+0(%rdi),%r11
adcq $1,%r12
@@ -3133,9 +3133,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb .Lrol16(%rip),%xmm13
@@ -3154,9 +3154,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,12
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,4
+ palignr $12,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $4,%xmm13,%xmm13
leaq 16(%rdi),%rdi
decq %rcx
@@ -3271,9 +3271,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb .Lrol16(%rip),%xmm13
@@ -3292,9 +3292,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,4
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,12
+ palignr $4,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $12,%xmm13,%xmm13
paddd %xmm6,%xmm2
pxor %xmm2,%xmm14
pshufb .Lrol16(%rip),%xmm14
@@ -3313,9 +3313,9 @@
pslld $7,%xmm3
psrld $25,%xmm6
pxor %xmm3,%xmm6
-.byte 102,15,58,15,246,4
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,12
+ palignr $4,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $12,%xmm14,%xmm14
addq 0+0(%rdi),%r10
adcq 8+0(%rdi),%r11
adcq $1,%r12
@@ -3374,9 +3374,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb .Lrol16(%rip),%xmm13
@@ -3395,9 +3395,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,12
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,4
+ palignr $12,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $4,%xmm13,%xmm13
paddd %xmm6,%xmm2
pxor %xmm2,%xmm14
pshufb .Lrol16(%rip),%xmm14
@@ -3416,9 +3416,9 @@
pslld $7,%xmm3
psrld $25,%xmm6
pxor %xmm3,%xmm6
-.byte 102,15,58,15,246,12
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,4
+ palignr $12,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $4,%xmm14,%xmm14
leaq 16(%rdi),%rdi
decq %rcx
@@ -3670,7 +3670,7 @@
-.byte 102,77,15,126,253
+ movq %xmm15,%r13
pextrq $1,%xmm15,%r14
addq %r13,%r10
adcq %r14,%r11
@@ -3786,7 +3786,7 @@
leaq .Land_masks(%rip),%r15
shlq $4,%rbx
pand -16(%r15,%rbx,1),%xmm15
-.byte 102,77,15,126,253
+ movq %xmm15,%r13
pextrq $1,%xmm15,%r14
addq %r13,%r10
adcq %r14,%r11
@@ -3955,9 +3955,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,4
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,12
+ palignr $4,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $12,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb .Lrol16(%rip),%xmm13
@@ -3976,9 +3976,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,4
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,12
+ palignr $4,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $12,%xmm13,%xmm13
paddd %xmm6,%xmm2
pxor %xmm2,%xmm14
pshufb .Lrol16(%rip),%xmm14
@@ -3997,9 +3997,9 @@
pslld $7,%xmm3
psrld $25,%xmm6
pxor %xmm3,%xmm6
-.byte 102,15,58,15,246,4
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,12
+ palignr $4,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $12,%xmm14,%xmm14
paddd %xmm4,%xmm0
pxor %xmm0,%xmm12
pshufb .Lrol16(%rip),%xmm12
@@ -4018,9 +4018,9 @@
pslld $7,%xmm3
psrld $25,%xmm4
pxor %xmm3,%xmm4
-.byte 102,15,58,15,228,12
-.byte 102,69,15,58,15,192,8
-.byte 102,69,15,58,15,228,4
+ palignr $12,%xmm4,%xmm4
+ palignr $8,%xmm8,%xmm8
+ palignr $4,%xmm12,%xmm12
paddd %xmm5,%xmm1
pxor %xmm1,%xmm13
pshufb .Lrol16(%rip),%xmm13
@@ -4039,9 +4039,9 @@
pslld $7,%xmm3
psrld $25,%xmm5
pxor %xmm3,%xmm5
-.byte 102,15,58,15,237,12
-.byte 102,69,15,58,15,201,8
-.byte 102,69,15,58,15,237,4
+ palignr $12,%xmm5,%xmm5
+ palignr $8,%xmm9,%xmm9
+ palignr $4,%xmm13,%xmm13
paddd %xmm6,%xmm2
pxor %xmm2,%xmm14
pshufb .Lrol16(%rip),%xmm14
@@ -4060,9 +4060,9 @@
pslld $7,%xmm3
psrld $25,%xmm6
pxor %xmm3,%xmm6
-.byte 102,15,58,15,246,12
-.byte 102,69,15,58,15,210,8
-.byte 102,69,15,58,15,246,4
+ palignr $12,%xmm6,%xmm6
+ palignr $8,%xmm10,%xmm10
+ palignr $4,%xmm14,%xmm14
decq %r10
jnz .Lseal_sse_128_rounds
diff --git a/src/gen/crypto/chacha20_poly1305_x86_64-win.asm b/src/gen/crypto/chacha20_poly1305_x86_64-win.asm
index 25c69ef..7ff65db 100644
--- a/src/gen/crypto/chacha20_poly1305_x86_64-win.asm
+++ b/src/gen/crypto/chacha20_poly1305_x86_64-win.asm
@@ -308,9 +308,9 @@
pslld xmm3,7
psrld xmm4,25
pxor xmm4,xmm3
-DB 102,15,58,15,228,4
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,12
+ palignr xmm4,xmm4,4
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,12
paddd xmm0,xmm4
pxor xmm12,xmm0
pshufb xmm12,XMMWORD[$L$rol16]
@@ -329,9 +329,9 @@
pslld xmm3,7
psrld xmm4,25
pxor xmm4,xmm3
-DB 102,15,58,15,228,12
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,4
+ palignr xmm4,xmm4,12
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,4
dec r10
jne NEAR $L$open_sse_init_rounds
@@ -389,10 +389,10 @@
pxor xmm14,xmm2
pxor xmm13,xmm1
pxor xmm12,xmm0
-DB 102,69,15,56,0,248
-DB 102,69,15,56,0,240
-DB 102,69,15,56,0,232
-DB 102,69,15,56,0,224
+ pshufb xmm15,xmm8
+ pshufb xmm14,xmm8
+ pshufb xmm13,xmm8
+ pshufb xmm12,xmm8
movdqa xmm8,XMMWORD[((160+80))+rbp]
paddd xmm11,xmm15
paddd xmm10,xmm14
@@ -443,10 +443,10 @@
pxor xmm14,xmm2
pxor xmm13,xmm1
pxor xmm12,xmm0
-DB 102,69,15,56,0,248
-DB 102,69,15,56,0,240
-DB 102,69,15,56,0,232
-DB 102,69,15,56,0,224
+ pshufb xmm15,xmm8
+ pshufb xmm14,xmm8
+ pshufb xmm13,xmm8
+ pshufb xmm12,xmm8
movdqa xmm8,XMMWORD[((160+80))+rbp]
paddd xmm11,xmm15
paddd xmm10,xmm14
@@ -487,18 +487,18 @@
imul r9,r12
add r15,r10
adc r9,rdx
-DB 102,15,58,15,255,4
-DB 102,69,15,58,15,219,8
-DB 102,69,15,58,15,255,12
-DB 102,15,58,15,246,4
-DB 102,69,15,58,15,210,8
-DB 102,69,15,58,15,246,12
-DB 102,15,58,15,237,4
-DB 102,69,15,58,15,201,8
-DB 102,69,15,58,15,237,12
-DB 102,15,58,15,228,4
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,12
+ palignr xmm7,xmm7,4
+ palignr xmm11,xmm11,8
+ palignr xmm15,xmm15,12
+ palignr xmm6,xmm6,4
+ palignr xmm10,xmm10,8
+ palignr xmm14,xmm14,12
+ palignr xmm5,xmm5,4
+ palignr xmm9,xmm9,8
+ palignr xmm13,xmm13,12
+ palignr xmm4,xmm4,4
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,12
movdqa XMMWORD[(160+80)+rbp],xmm8
movdqa xmm8,XMMWORD[$L$rol16]
paddd xmm3,xmm7
@@ -523,10 +523,10 @@
adc r12,0
pxor xmm13,xmm1
pxor xmm12,xmm0
-DB 102,69,15,56,0,248
-DB 102,69,15,56,0,240
-DB 102,69,15,56,0,232
-DB 102,69,15,56,0,224
+ pshufb xmm15,xmm8
+ pshufb xmm14,xmm8
+ pshufb xmm13,xmm8
+ pshufb xmm12,xmm8
movdqa xmm8,XMMWORD[((160+80))+rbp]
paddd xmm11,xmm15
paddd xmm10,xmm14
@@ -562,10 +562,10 @@
pxor xmm14,xmm2
pxor xmm13,xmm1
pxor xmm12,xmm0
-DB 102,69,15,56,0,248
-DB 102,69,15,56,0,240
-DB 102,69,15,56,0,232
-DB 102,69,15,56,0,224
+ pshufb xmm15,xmm8
+ pshufb xmm14,xmm8
+ pshufb xmm13,xmm8
+ pshufb xmm12,xmm8
movdqa xmm8,XMMWORD[((160+80))+rbp]
paddd xmm11,xmm15
paddd xmm10,xmm14
@@ -593,18 +593,18 @@
pslld xmm4,32-25
pxor xmm4,xmm8
movdqa xmm8,XMMWORD[((160+80))+rbp]
-DB 102,15,58,15,255,12
-DB 102,69,15,58,15,219,8
-DB 102,69,15,58,15,255,4
-DB 102,15,58,15,246,12
-DB 102,69,15,58,15,210,8
-DB 102,69,15,58,15,246,4
-DB 102,15,58,15,237,12
-DB 102,69,15,58,15,201,8
-DB 102,69,15,58,15,237,4
-DB 102,15,58,15,228,12
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,4
+ palignr xmm7,xmm7,12
+ palignr xmm11,xmm11,8
+ palignr xmm15,xmm15,4
+ palignr xmm6,xmm6,12
+ palignr xmm10,xmm10,8
+ palignr xmm14,xmm14,4
+ palignr xmm5,xmm5,12
+ palignr xmm9,xmm9,8
+ palignr xmm13,xmm13,4
+ palignr xmm4,xmm4,12
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,4
dec rcx
jge NEAR $L$open_sse_main_loop_rounds
@@ -806,9 +806,9 @@
pslld xmm3,7
psrld xmm4,25
pxor xmm4,xmm3
-DB 102,15,58,15,228,4
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,12
+ palignr xmm4,xmm4,4
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,12
paddd xmm0,xmm4
pxor xmm12,xmm0
pshufb xmm12,XMMWORD[$L$rol16]
@@ -827,9 +827,9 @@
pslld xmm3,7
psrld xmm4,25
pxor xmm4,xmm3
-DB 102,15,58,15,228,12
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,4
+ palignr xmm4,xmm4,12
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,4
cmp rcx,16
jae NEAR $L$open_sse_tail_64_rounds_and_x1hash
@@ -921,9 +921,9 @@
pslld xmm3,7
psrld xmm4,25
pxor xmm4,xmm3
-DB 102,15,58,15,228,4
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,12
+ palignr xmm4,xmm4,4
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,12
paddd xmm1,xmm5
pxor xmm13,xmm1
pshufb xmm13,XMMWORD[$L$rol16]
@@ -942,9 +942,9 @@
pslld xmm3,7
psrld xmm5,25
pxor xmm5,xmm3
-DB 102,15,58,15,237,4
-DB 102,69,15,58,15,201,8
-DB 102,69,15,58,15,237,12
+ palignr xmm5,xmm5,4
+ palignr xmm9,xmm9,8
+ palignr xmm13,xmm13,12
paddd xmm0,xmm4
pxor xmm12,xmm0
pshufb xmm12,XMMWORD[$L$rol16]
@@ -963,9 +963,9 @@
pslld xmm3,7
psrld xmm4,25
pxor xmm4,xmm3
-DB 102,15,58,15,228,12
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,4
+ palignr xmm4,xmm4,12
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,4
paddd xmm1,xmm5
pxor xmm13,xmm1
pshufb xmm13,XMMWORD[$L$rol16]
@@ -984,9 +984,9 @@
pslld xmm3,7
psrld xmm5,25
pxor xmm5,xmm3
-DB 102,15,58,15,237,12
-DB 102,69,15,58,15,201,8
-DB 102,69,15,58,15,237,4
+ palignr xmm5,xmm5,12
+ palignr xmm9,xmm9,8
+ palignr xmm13,xmm13,4
cmp r8,rcx
jb NEAR $L$open_sse_tail_128_rounds_and_x1hash
@@ -1106,9 +1106,9 @@
pslld xmm3,7
psrld xmm4,25
pxor xmm4,xmm3
-DB 102,15,58,15,228,4
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,12
+ palignr xmm4,xmm4,4
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,12
paddd xmm1,xmm5
pxor xmm13,xmm1
pshufb xmm13,XMMWORD[$L$rol16]
@@ -1127,9 +1127,9 @@
pslld xmm3,7
psrld xmm5,25
pxor xmm5,xmm3
-DB 102,15,58,15,237,4
-DB 102,69,15,58,15,201,8
-DB 102,69,15,58,15,237,12
+ palignr xmm5,xmm5,4
+ palignr xmm9,xmm9,8
+ palignr xmm13,xmm13,12
paddd xmm2,xmm6
pxor xmm14,xmm2
pshufb xmm14,XMMWORD[$L$rol16]
@@ -1148,9 +1148,9 @@
pslld xmm3,7
psrld xmm6,25
pxor xmm6,xmm3
-DB 102,15,58,15,246,4
-DB 102,69,15,58,15,210,8
-DB 102,69,15,58,15,246,12
+ palignr xmm6,xmm6,4
+ palignr xmm10,xmm10,8
+ palignr xmm14,xmm14,12
paddd xmm0,xmm4
pxor xmm12,xmm0
pshufb xmm12,XMMWORD[$L$rol16]
@@ -1169,9 +1169,9 @@
pslld xmm3,7
psrld xmm4,25
pxor xmm4,xmm3
-DB 102,15,58,15,228,12
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,4
+ palignr xmm4,xmm4,12
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,4
paddd xmm1,xmm5
pxor xmm13,xmm1
pshufb xmm13,XMMWORD[$L$rol16]
@@ -1190,9 +1190,9 @@
pslld xmm3,7
psrld xmm5,25
pxor xmm5,xmm3
-DB 102,15,58,15,237,12
-DB 102,69,15,58,15,201,8
-DB 102,69,15,58,15,237,4
+ palignr xmm5,xmm5,12
+ palignr xmm9,xmm9,8
+ palignr xmm13,xmm13,4
paddd xmm2,xmm6
pxor xmm14,xmm2
pshufb xmm14,XMMWORD[$L$rol16]
@@ -1211,9 +1211,9 @@
pslld xmm3,7
psrld xmm6,25
pxor xmm6,xmm3
-DB 102,15,58,15,246,12
-DB 102,69,15,58,15,210,8
-DB 102,69,15,58,15,246,4
+ palignr xmm6,xmm6,12
+ palignr xmm10,xmm10,8
+ palignr xmm14,xmm14,4
cmp r8,rcx
jb NEAR $L$open_sse_tail_192_rounds_and_x1hash
@@ -1398,9 +1398,9 @@
pslld xmm11,7
psrld xmm4,25
pxor xmm4,xmm11
-DB 102,15,58,15,228,4
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,12
+ palignr xmm4,xmm4,4
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,12
paddd xmm1,xmm5
pxor xmm13,xmm1
pshufb xmm13,XMMWORD[$L$rol16]
@@ -1419,9 +1419,9 @@
pslld xmm11,7
psrld xmm5,25
pxor xmm5,xmm11
-DB 102,15,58,15,237,4
-DB 102,69,15,58,15,201,8
-DB 102,69,15,58,15,237,12
+ palignr xmm5,xmm5,4
+ palignr xmm9,xmm9,8
+ palignr xmm13,xmm13,12
paddd xmm2,xmm6
pxor xmm14,xmm2
pshufb xmm14,XMMWORD[$L$rol16]
@@ -1440,9 +1440,9 @@
pslld xmm11,7
psrld xmm6,25
pxor xmm6,xmm11
-DB 102,15,58,15,246,4
-DB 102,69,15,58,15,210,8
-DB 102,69,15,58,15,246,12
+ palignr xmm6,xmm6,4
+ palignr xmm10,xmm10,8
+ palignr xmm14,xmm14,12
movdqa xmm11,XMMWORD[((160+80))+rbp]
mov rax,QWORD[((0+160+0))+rbp]
mov r15,rax
@@ -1473,9 +1473,9 @@
pslld xmm9,7
psrld xmm7,25
pxor xmm7,xmm9
-DB 102,15,58,15,255,4
-DB 102,69,15,58,15,219,8
-DB 102,69,15,58,15,255,12
+ palignr xmm7,xmm7,4
+ palignr xmm11,xmm11,8
+ palignr xmm15,xmm15,12
movdqa xmm9,XMMWORD[((160+80))+rbp]
mov rax,QWORD[((8+160+0))+rbp]
mov r9,rax
@@ -1506,9 +1506,9 @@
pslld xmm11,7
psrld xmm4,25
pxor xmm4,xmm11
-DB 102,15,58,15,228,12
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,4
+ palignr xmm4,xmm4,12
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,4
paddd xmm1,xmm5
pxor xmm13,xmm1
pshufb xmm13,XMMWORD[$L$rol16]
@@ -1527,9 +1527,9 @@
pslld xmm11,7
psrld xmm5,25
pxor xmm5,xmm11
-DB 102,15,58,15,237,12
-DB 102,69,15,58,15,201,8
-DB 102,69,15,58,15,237,4
+ palignr xmm5,xmm5,12
+ palignr xmm9,xmm9,8
+ palignr xmm13,xmm13,4
imul r9,r12
add r15,r10
adc r9,rdx
@@ -1551,9 +1551,9 @@
pslld xmm11,7
psrld xmm6,25
pxor xmm6,xmm11
-DB 102,15,58,15,246,12
-DB 102,69,15,58,15,210,8
-DB 102,69,15,58,15,246,4
+ palignr xmm6,xmm6,12
+ palignr xmm10,xmm10,8
+ palignr xmm14,xmm14,4
movdqa xmm11,XMMWORD[((160+80))+rbp]
mov r10,r13
mov r11,r14
@@ -1588,9 +1588,9 @@
pslld xmm9,7
psrld xmm7,25
pxor xmm7,xmm9
-DB 102,15,58,15,255,12
-DB 102,69,15,58,15,219,8
-DB 102,69,15,58,15,255,4
+ palignr xmm7,xmm7,12
+ palignr xmm11,xmm11,8
+ palignr xmm15,xmm15,4
movdqa xmm9,XMMWORD[((160+80))+rbp]
add r8,16
@@ -1737,7 +1737,7 @@
sub r8,1
jnz NEAR $L$open_sse_tail_16_compose
-DB 102,73,15,126,221
+ movq r13,xmm3
pextrq r14,xmm3,1
pxor xmm3,xmm1
@@ -1923,9 +1923,9 @@
pslld xmm3,7
psrld xmm4,25
pxor xmm4,xmm3
-DB 102,15,58,15,228,4
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,12
+ palignr xmm4,xmm4,4
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,12
paddd xmm1,xmm5
pxor xmm13,xmm1
pshufb xmm13,XMMWORD[$L$rol16]
@@ -1944,9 +1944,9 @@
pslld xmm3,7
psrld xmm5,25
pxor xmm5,xmm3
-DB 102,15,58,15,237,4
-DB 102,69,15,58,15,201,8
-DB 102,69,15,58,15,237,12
+ palignr xmm5,xmm5,4
+ palignr xmm9,xmm9,8
+ palignr xmm13,xmm13,12
paddd xmm2,xmm6
pxor xmm14,xmm2
pshufb xmm14,XMMWORD[$L$rol16]
@@ -1965,9 +1965,9 @@
pslld xmm3,7
psrld xmm6,25
pxor xmm6,xmm3
-DB 102,15,58,15,246,4
-DB 102,69,15,58,15,210,8
-DB 102,69,15,58,15,246,12
+ palignr xmm6,xmm6,4
+ palignr xmm10,xmm10,8
+ palignr xmm14,xmm14,12
paddd xmm0,xmm4
pxor xmm12,xmm0
pshufb xmm12,XMMWORD[$L$rol16]
@@ -1986,9 +1986,9 @@
pslld xmm3,7
psrld xmm4,25
pxor xmm4,xmm3
-DB 102,15,58,15,228,12
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,4
+ palignr xmm4,xmm4,12
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,4
paddd xmm1,xmm5
pxor xmm13,xmm1
pshufb xmm13,XMMWORD[$L$rol16]
@@ -2007,9 +2007,9 @@
pslld xmm3,7
psrld xmm5,25
pxor xmm5,xmm3
-DB 102,15,58,15,237,12
-DB 102,69,15,58,15,201,8
-DB 102,69,15,58,15,237,4
+ palignr xmm5,xmm5,12
+ palignr xmm9,xmm9,8
+ palignr xmm13,xmm13,4
paddd xmm2,xmm6
pxor xmm14,xmm2
pshufb xmm14,XMMWORD[$L$rol16]
@@ -2028,9 +2028,9 @@
pslld xmm3,7
psrld xmm6,25
pxor xmm6,xmm3
-DB 102,15,58,15,246,12
-DB 102,69,15,58,15,210,8
-DB 102,69,15,58,15,246,4
+ palignr xmm6,xmm6,12
+ palignr xmm10,xmm10,8
+ palignr xmm14,xmm14,4
dec r10
jnz NEAR $L$open_sse_128_rounds
@@ -2220,10 +2220,10 @@
pxor xmm14,xmm2
pxor xmm13,xmm1
pxor xmm12,xmm0
-DB 102,69,15,56,0,248
-DB 102,69,15,56,0,240
-DB 102,69,15,56,0,232
-DB 102,69,15,56,0,224
+ pshufb xmm15,xmm8
+ pshufb xmm14,xmm8
+ pshufb xmm13,xmm8
+ pshufb xmm12,xmm8
movdqa xmm8,XMMWORD[((160+80))+rbp]
paddd xmm11,xmm15
paddd xmm10,xmm14
@@ -2259,10 +2259,10 @@
pxor xmm14,xmm2
pxor xmm13,xmm1
pxor xmm12,xmm0
-DB 102,69,15,56,0,248
-DB 102,69,15,56,0,240
-DB 102,69,15,56,0,232
-DB 102,69,15,56,0,224
+ pshufb xmm15,xmm8
+ pshufb xmm14,xmm8
+ pshufb xmm13,xmm8
+ pshufb xmm12,xmm8
movdqa xmm8,XMMWORD[((160+80))+rbp]
paddd xmm11,xmm15
paddd xmm10,xmm14
@@ -2290,18 +2290,18 @@
pslld xmm4,32-25
pxor xmm4,xmm8
movdqa xmm8,XMMWORD[((160+80))+rbp]
-DB 102,15,58,15,255,4
-DB 102,69,15,58,15,219,8
-DB 102,69,15,58,15,255,12
-DB 102,15,58,15,246,4
-DB 102,69,15,58,15,210,8
-DB 102,69,15,58,15,246,12
-DB 102,15,58,15,237,4
-DB 102,69,15,58,15,201,8
-DB 102,69,15,58,15,237,12
-DB 102,15,58,15,228,4
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,12
+ palignr xmm7,xmm7,4
+ palignr xmm11,xmm11,8
+ palignr xmm15,xmm15,12
+ palignr xmm6,xmm6,4
+ palignr xmm10,xmm10,8
+ palignr xmm14,xmm14,12
+ palignr xmm5,xmm5,4
+ palignr xmm9,xmm9,8
+ palignr xmm13,xmm13,12
+ palignr xmm4,xmm4,4
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,12
movdqa XMMWORD[(160+80)+rbp],xmm8
movdqa xmm8,XMMWORD[$L$rol16]
paddd xmm3,xmm7
@@ -2312,10 +2312,10 @@
pxor xmm14,xmm2
pxor xmm13,xmm1
pxor xmm12,xmm0
-DB 102,69,15,56,0,248
-DB 102,69,15,56,0,240
-DB 102,69,15,56,0,232
-DB 102,69,15,56,0,224
+ pshufb xmm15,xmm8
+ pshufb xmm14,xmm8
+ pshufb xmm13,xmm8
+ pshufb xmm12,xmm8
movdqa xmm8,XMMWORD[((160+80))+rbp]
paddd xmm11,xmm15
paddd xmm10,xmm14
@@ -2351,10 +2351,10 @@
pxor xmm14,xmm2
pxor xmm13,xmm1
pxor xmm12,xmm0
-DB 102,69,15,56,0,248
-DB 102,69,15,56,0,240
-DB 102,69,15,56,0,232
-DB 102,69,15,56,0,224
+ pshufb xmm15,xmm8
+ pshufb xmm14,xmm8
+ pshufb xmm13,xmm8
+ pshufb xmm12,xmm8
movdqa xmm8,XMMWORD[((160+80))+rbp]
paddd xmm11,xmm15
paddd xmm10,xmm14
@@ -2382,18 +2382,18 @@
pslld xmm4,32-25
pxor xmm4,xmm8
movdqa xmm8,XMMWORD[((160+80))+rbp]
-DB 102,15,58,15,255,12
-DB 102,69,15,58,15,219,8
-DB 102,69,15,58,15,255,4
-DB 102,15,58,15,246,12
-DB 102,69,15,58,15,210,8
-DB 102,69,15,58,15,246,4
-DB 102,15,58,15,237,12
-DB 102,69,15,58,15,201,8
-DB 102,69,15,58,15,237,4
-DB 102,15,58,15,228,12
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,4
+ palignr xmm7,xmm7,12
+ palignr xmm11,xmm11,8
+ palignr xmm15,xmm15,4
+ palignr xmm6,xmm6,12
+ palignr xmm10,xmm10,8
+ palignr xmm14,xmm14,4
+ palignr xmm5,xmm5,12
+ palignr xmm9,xmm9,8
+ palignr xmm13,xmm13,4
+ palignr xmm4,xmm4,12
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,4
dec r10
jnz NEAR $L$seal_sse_init_rounds
@@ -2516,10 +2516,10 @@
pxor xmm14,xmm2
pxor xmm13,xmm1
pxor xmm12,xmm0
-DB 102,69,15,56,0,248
-DB 102,69,15,56,0,240
-DB 102,69,15,56,0,232
-DB 102,69,15,56,0,224
+ pshufb xmm15,xmm8
+ pshufb xmm14,xmm8
+ pshufb xmm13,xmm8
+ pshufb xmm12,xmm8
movdqa xmm8,XMMWORD[((160+80))+rbp]
paddd xmm11,xmm15
paddd xmm10,xmm14
@@ -2568,10 +2568,10 @@
pxor xmm14,xmm2
pxor xmm13,xmm1
pxor xmm12,xmm0
-DB 102,69,15,56,0,248
-DB 102,69,15,56,0,240
-DB 102,69,15,56,0,232
-DB 102,69,15,56,0,224
+ pshufb xmm15,xmm8
+ pshufb xmm14,xmm8
+ pshufb xmm13,xmm8
+ pshufb xmm12,xmm8
movdqa xmm8,XMMWORD[((160+80))+rbp]
paddd xmm11,xmm15
paddd xmm10,xmm14
@@ -2612,18 +2612,18 @@
imul r9,r12
add r15,r10
adc r9,rdx
-DB 102,15,58,15,255,4
-DB 102,69,15,58,15,219,8
-DB 102,69,15,58,15,255,12
-DB 102,15,58,15,246,4
-DB 102,69,15,58,15,210,8
-DB 102,69,15,58,15,246,12
-DB 102,15,58,15,237,4
-DB 102,69,15,58,15,201,8
-DB 102,69,15,58,15,237,12
-DB 102,15,58,15,228,4
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,12
+ palignr xmm7,xmm7,4
+ palignr xmm11,xmm11,8
+ palignr xmm15,xmm15,12
+ palignr xmm6,xmm6,4
+ palignr xmm10,xmm10,8
+ palignr xmm14,xmm14,12
+ palignr xmm5,xmm5,4
+ palignr xmm9,xmm9,8
+ palignr xmm13,xmm13,12
+ palignr xmm4,xmm4,4
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,12
movdqa XMMWORD[(160+80)+rbp],xmm8
movdqa xmm8,XMMWORD[$L$rol16]
paddd xmm3,xmm7
@@ -2648,10 +2648,10 @@
adc r12,0
pxor xmm13,xmm1
pxor xmm12,xmm0
-DB 102,69,15,56,0,248
-DB 102,69,15,56,0,240
-DB 102,69,15,56,0,232
-DB 102,69,15,56,0,224
+ pshufb xmm15,xmm8
+ pshufb xmm14,xmm8
+ pshufb xmm13,xmm8
+ pshufb xmm12,xmm8
movdqa xmm8,XMMWORD[((160+80))+rbp]
paddd xmm11,xmm15
paddd xmm10,xmm14
@@ -2687,10 +2687,10 @@
pxor xmm14,xmm2
pxor xmm13,xmm1
pxor xmm12,xmm0
-DB 102,69,15,56,0,248
-DB 102,69,15,56,0,240
-DB 102,69,15,56,0,232
-DB 102,69,15,56,0,224
+ pshufb xmm15,xmm8
+ pshufb xmm14,xmm8
+ pshufb xmm13,xmm8
+ pshufb xmm12,xmm8
movdqa xmm8,XMMWORD[((160+80))+rbp]
paddd xmm11,xmm15
paddd xmm10,xmm14
@@ -2718,18 +2718,18 @@
pslld xmm4,32-25
pxor xmm4,xmm8
movdqa xmm8,XMMWORD[((160+80))+rbp]
-DB 102,15,58,15,255,12
-DB 102,69,15,58,15,219,8
-DB 102,69,15,58,15,255,4
-DB 102,15,58,15,246,12
-DB 102,69,15,58,15,210,8
-DB 102,69,15,58,15,246,4
-DB 102,15,58,15,237,12
-DB 102,69,15,58,15,201,8
-DB 102,69,15,58,15,237,4
-DB 102,15,58,15,228,12
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,4
+ palignr xmm7,xmm7,12
+ palignr xmm11,xmm11,8
+ palignr xmm15,xmm15,4
+ palignr xmm6,xmm6,12
+ palignr xmm10,xmm10,8
+ palignr xmm14,xmm14,4
+ palignr xmm5,xmm5,12
+ palignr xmm9,xmm9,8
+ palignr xmm13,xmm13,4
+ palignr xmm4,xmm4,12
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,4
lea rdi,[16+rdi]
dec r8
@@ -2942,9 +2942,9 @@
pslld xmm3,7
psrld xmm4,25
pxor xmm4,xmm3
-DB 102,15,58,15,228,4
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,12
+ palignr xmm4,xmm4,4
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,12
paddd xmm0,xmm4
pxor xmm12,xmm0
pshufb xmm12,XMMWORD[$L$rol16]
@@ -2963,9 +2963,9 @@
pslld xmm3,7
psrld xmm4,25
pxor xmm4,xmm3
-DB 102,15,58,15,228,12
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,4
+ palignr xmm4,xmm4,12
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,4
add r10,QWORD[((0+0))+rdi]
adc r11,QWORD[((8+0))+rdi]
adc r12,1
@@ -3095,9 +3095,9 @@
pslld xmm3,7
psrld xmm4,25
pxor xmm4,xmm3
-DB 102,15,58,15,228,4
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,12
+ palignr xmm4,xmm4,4
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,12
paddd xmm1,xmm5
pxor xmm13,xmm1
pshufb xmm13,XMMWORD[$L$rol16]
@@ -3116,9 +3116,9 @@
pslld xmm3,7
psrld xmm5,25
pxor xmm5,xmm3
-DB 102,15,58,15,237,4
-DB 102,69,15,58,15,201,8
-DB 102,69,15,58,15,237,12
+ palignr xmm5,xmm5,4
+ palignr xmm9,xmm9,8
+ palignr xmm13,xmm13,12
add r10,QWORD[((0+0))+rdi]
adc r11,QWORD[((8+0))+rdi]
adc r12,1
@@ -3177,9 +3177,9 @@
pslld xmm3,7
psrld xmm4,25
pxor xmm4,xmm3
-DB 102,15,58,15,228,12
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,4
+ palignr xmm4,xmm4,12
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,4
paddd xmm1,xmm5
pxor xmm13,xmm1
pshufb xmm13,XMMWORD[$L$rol16]
@@ -3198,9 +3198,9 @@
pslld xmm3,7
psrld xmm5,25
pxor xmm5,xmm3
-DB 102,15,58,15,237,12
-DB 102,69,15,58,15,201,8
-DB 102,69,15,58,15,237,4
+ palignr xmm5,xmm5,12
+ palignr xmm9,xmm9,8
+ palignr xmm13,xmm13,4
lea rdi,[16+rdi]
dec rcx
@@ -3315,9 +3315,9 @@
pslld xmm3,7
psrld xmm4,25
pxor xmm4,xmm3
-DB 102,15,58,15,228,4
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,12
+ palignr xmm4,xmm4,4
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,12
paddd xmm1,xmm5
pxor xmm13,xmm1
pshufb xmm13,XMMWORD[$L$rol16]
@@ -3336,9 +3336,9 @@
pslld xmm3,7
psrld xmm5,25
pxor xmm5,xmm3
-DB 102,15,58,15,237,4
-DB 102,69,15,58,15,201,8
-DB 102,69,15,58,15,237,12
+ palignr xmm5,xmm5,4
+ palignr xmm9,xmm9,8
+ palignr xmm13,xmm13,12
paddd xmm2,xmm6
pxor xmm14,xmm2
pshufb xmm14,XMMWORD[$L$rol16]
@@ -3357,9 +3357,9 @@
pslld xmm3,7
psrld xmm6,25
pxor xmm6,xmm3
-DB 102,15,58,15,246,4
-DB 102,69,15,58,15,210,8
-DB 102,69,15,58,15,246,12
+ palignr xmm6,xmm6,4
+ palignr xmm10,xmm10,8
+ palignr xmm14,xmm14,12
add r10,QWORD[((0+0))+rdi]
adc r11,QWORD[((8+0))+rdi]
adc r12,1
@@ -3418,9 +3418,9 @@
pslld xmm3,7
psrld xmm4,25
pxor xmm4,xmm3
-DB 102,15,58,15,228,12
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,4
+ palignr xmm4,xmm4,12
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,4
paddd xmm1,xmm5
pxor xmm13,xmm1
pshufb xmm13,XMMWORD[$L$rol16]
@@ -3439,9 +3439,9 @@
pslld xmm3,7
psrld xmm5,25
pxor xmm5,xmm3
-DB 102,15,58,15,237,12
-DB 102,69,15,58,15,201,8
-DB 102,69,15,58,15,237,4
+ palignr xmm5,xmm5,12
+ palignr xmm9,xmm9,8
+ palignr xmm13,xmm13,4
paddd xmm2,xmm6
pxor xmm14,xmm2
pshufb xmm14,XMMWORD[$L$rol16]
@@ -3460,9 +3460,9 @@
pslld xmm3,7
psrld xmm6,25
pxor xmm6,xmm3
-DB 102,15,58,15,246,12
-DB 102,69,15,58,15,210,8
-DB 102,69,15,58,15,246,4
+ palignr xmm6,xmm6,12
+ palignr xmm10,xmm10,8
+ palignr xmm14,xmm14,4
lea rdi,[16+rdi]
dec rcx
@@ -3714,7 +3714,7 @@
-DB 102,77,15,126,253
+ movq r13,xmm15
pextrq r14,xmm15,1
add r10,r13
adc r11,r14
@@ -3830,7 +3830,7 @@
lea r15,[$L$and_masks]
shl rbx,4
pand xmm15,XMMWORD[((-16))+rbx*1+r15]
-DB 102,77,15,126,253
+ movq r13,xmm15
pextrq r14,xmm15,1
add r10,r13
adc r11,r14
@@ -4005,9 +4005,9 @@
pslld xmm3,7
psrld xmm4,25
pxor xmm4,xmm3
-DB 102,15,58,15,228,4
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,12
+ palignr xmm4,xmm4,4
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,12
paddd xmm1,xmm5
pxor xmm13,xmm1
pshufb xmm13,XMMWORD[$L$rol16]
@@ -4026,9 +4026,9 @@
pslld xmm3,7
psrld xmm5,25
pxor xmm5,xmm3
-DB 102,15,58,15,237,4
-DB 102,69,15,58,15,201,8
-DB 102,69,15,58,15,237,12
+ palignr xmm5,xmm5,4
+ palignr xmm9,xmm9,8
+ palignr xmm13,xmm13,12
paddd xmm2,xmm6
pxor xmm14,xmm2
pshufb xmm14,XMMWORD[$L$rol16]
@@ -4047,9 +4047,9 @@
pslld xmm3,7
psrld xmm6,25
pxor xmm6,xmm3
-DB 102,15,58,15,246,4
-DB 102,69,15,58,15,210,8
-DB 102,69,15,58,15,246,12
+ palignr xmm6,xmm6,4
+ palignr xmm10,xmm10,8
+ palignr xmm14,xmm14,12
paddd xmm0,xmm4
pxor xmm12,xmm0
pshufb xmm12,XMMWORD[$L$rol16]
@@ -4068,9 +4068,9 @@
pslld xmm3,7
psrld xmm4,25
pxor xmm4,xmm3
-DB 102,15,58,15,228,12
-DB 102,69,15,58,15,192,8
-DB 102,69,15,58,15,228,4
+ palignr xmm4,xmm4,12
+ palignr xmm8,xmm8,8
+ palignr xmm12,xmm12,4
paddd xmm1,xmm5
pxor xmm13,xmm1
pshufb xmm13,XMMWORD[$L$rol16]
@@ -4089,9 +4089,9 @@
pslld xmm3,7
psrld xmm5,25
pxor xmm5,xmm3
-DB 102,15,58,15,237,12
-DB 102,69,15,58,15,201,8
-DB 102,69,15,58,15,237,4
+ palignr xmm5,xmm5,12
+ palignr xmm9,xmm9,8
+ palignr xmm13,xmm13,4
paddd xmm2,xmm6
pxor xmm14,xmm2
pshufb xmm14,XMMWORD[$L$rol16]
@@ -4110,9 +4110,9 @@
pslld xmm3,7
psrld xmm6,25
pxor xmm6,xmm3
-DB 102,15,58,15,246,12
-DB 102,69,15,58,15,210,8
-DB 102,69,15,58,15,246,4
+ palignr xmm6,xmm6,12
+ palignr xmm10,xmm10,8
+ palignr xmm14,xmm14,4
dec r10
jnz NEAR $L$seal_sse_128_rounds
diff --git a/src/gen/crypto/err_data.cc b/src/gen/crypto/err_data.cc
index fd67be8..f3d8f7c 100644
--- a/src/gen/crypto/err_data.cc
+++ b/src/gen/crypto/err_data.cc
@@ -51,8 +51,9 @@
static_assert(ERR_LIB_CIPHER == 30, "library value changed");
static_assert(ERR_LIB_HKDF == 31, "library value changed");
static_assert(ERR_LIB_TRUST_TOKEN == 32, "library value changed");
-static_assert(ERR_LIB_USER == 33, "library value changed");
-static_assert(ERR_NUM_LIBS == 34, "number of libraries changed");
+static_assert(ERR_LIB_CMS == 33, "library value changed");
+static_assert(ERR_LIB_USER == 34, "library value changed");
+static_assert(ERR_NUM_LIBS == 35, "number of libraries changed");
extern const uint32_t kOpenSSLReasonValues[];
const uint32_t kOpenSSLReasonValues[] = {
@@ -77,172 +78,172 @@
0xc3b00f7,
0xc3b8921,
0x10320892,
- 0x10329672,
- 0x1033167e,
- 0x10339697,
- 0x103416aa,
- 0x10348f93,
- 0x10350cdf,
- 0x103596bd,
- 0x103616e7,
- 0x103696fa,
- 0x10371719,
- 0x10379732,
- 0x10381747,
- 0x10389765,
- 0x10391774,
- 0x10399790,
- 0x103a17ab,
- 0x103a97ba,
- 0x103b17d6,
- 0x103b97f1,
- 0x103c1817,
+ 0x103296b2,
+ 0x103316be,
+ 0x103396d7,
+ 0x103416ea,
+ 0x10348fd3,
+ 0x10350d1f,
+ 0x103596fd,
+ 0x10361727,
+ 0x1036973a,
+ 0x10371759,
+ 0x10379772,
+ 0x10381787,
+ 0x103897a5,
+ 0x103917b4,
+ 0x103997d0,
+ 0x103a17eb,
+ 0x103a97fa,
+ 0x103b1816,
+ 0x103b9831,
+ 0x103c1857,
0x103c80f7,
- 0x103d1828,
- 0x103d983c,
- 0x103e185b,
- 0x103e986a,
- 0x103f1881,
- 0x103f9894,
- 0x10400ca3,
- 0x104098a7,
- 0x104118c5,
- 0x104198d8,
- 0x104218f2,
- 0x10429902,
- 0x10431916,
- 0x1043992c,
- 0x10441944,
- 0x10449959,
- 0x1045196d,
- 0x1045997f,
+ 0x103d1868,
+ 0x103d987c,
+ 0x103e189b,
+ 0x103e98aa,
+ 0x103f18c1,
+ 0x103f98d4,
+ 0x10400ce3,
+ 0x104098e7,
+ 0x10411905,
+ 0x10419918,
+ 0x10421932,
+ 0x10429942,
+ 0x10431956,
+ 0x1043996c,
+ 0x10441984,
+ 0x10449999,
+ 0x104519ad,
+ 0x104599bf,
0x10460635,
0x1046899a,
- 0x10471994,
- 0x104799ab,
- 0x104819c0,
- 0x104899ce,
- 0x10490edf,
- 0x10499808,
- 0x104a16d2,
- 0x14320c73,
- 0x14328c94,
- 0x14330ca3,
- 0x14338cb5,
+ 0x104719d4,
+ 0x104799eb,
+ 0x10481a00,
+ 0x10489a0e,
+ 0x10490f1f,
+ 0x10499848,
+ 0x104a1712,
+ 0x14320cb3,
+ 0x14328cd4,
+ 0x14330ce3,
+ 0x14338cf5,
0x143400b9,
0x143480f7,
- 0x14350c81,
+ 0x14350cc1,
0x18320090,
- 0x18328fe9,
+ 0x18329029,
0x183300b9,
- 0x18338fff,
- 0x18341013,
+ 0x1833903f,
+ 0x18341053,
0x183480f7,
- 0x18351032,
- 0x1835904a,
- 0x18361072,
- 0x18369086,
- 0x183710be,
- 0x183790d4,
- 0x183810e8,
- 0x183890f8,
+ 0x18351072,
+ 0x1835908a,
+ 0x183610b2,
+ 0x183690c6,
+ 0x183710fe,
+ 0x18379114,
+ 0x18381128,
+ 0x18389138,
0x18390ac0,
- 0x18399108,
- 0x183a112e,
- 0x183a9154,
- 0x183b0ceb,
- 0x183b91a3,
- 0x183c11b5,
- 0x183c91c0,
- 0x183d11d0,
- 0x183d91e1,
- 0x183e11f2,
- 0x183e9204,
- 0x183f122d,
- 0x183f9246,
- 0x1840125e,
+ 0x18399148,
+ 0x183a116e,
+ 0x183a9194,
+ 0x183b0d2b,
+ 0x183b91e3,
+ 0x183c11f5,
+ 0x183c9200,
+ 0x183d1210,
+ 0x183d9221,
+ 0x183e1232,
+ 0x183e9244,
+ 0x183f126d,
+ 0x183f9286,
+ 0x1840129e,
0x1840870d,
- 0x18411177,
- 0x18419142,
- 0x18421161,
- 0x18428c81,
- 0x1843111d,
- 0x18439189,
- 0x18441028,
- 0x184490aa,
- 0x1845105f,
- 0x20321298,
- 0x20329285,
- 0x243212a4,
+ 0x184111b7,
+ 0x18419182,
+ 0x184211a1,
+ 0x18428cc1,
+ 0x1843115d,
+ 0x184391c9,
+ 0x18441068,
+ 0x184490ea,
+ 0x1845109f,
+ 0x203212d8,
+ 0x203292c5,
+ 0x243212e4,
0x243289e0,
- 0x243312b6,
- 0x243392c3,
- 0x243412d0,
- 0x243492e2,
- 0x243512f1,
- 0x2435930e,
- 0x2436131b,
- 0x24369329,
- 0x24371337,
- 0x24379345,
- 0x2438134e,
- 0x2438935b,
- 0x2439136e,
- 0x24399385,
- 0x28320cd3,
- 0x28328ceb,
- 0x28330ca3,
- 0x28338cfe,
- 0x28340cdf,
+ 0x243312f6,
+ 0x24339303,
+ 0x24341310,
+ 0x24349322,
+ 0x24351331,
+ 0x2435934e,
+ 0x2436135b,
+ 0x24369369,
+ 0x24371377,
+ 0x24379385,
+ 0x2438138e,
+ 0x2438939b,
+ 0x243913ae,
+ 0x243993c5,
+ 0x28320d13,
+ 0x28328d2b,
+ 0x28330ce3,
+ 0x28338d3e,
+ 0x28340d1f,
0x283480b9,
0x283500f7,
- 0x28358c81,
+ 0x28358cc1,
0x2836099a,
- 0x2c32337d,
- 0x2c3293a3,
- 0x2c33338b,
- 0x2c33b39d,
- 0x2c3433b1,
- 0x2c34b3c3,
- 0x2c3533de,
- 0x2c35b3f0,
- 0x2c363420,
+ 0x2c3233f9,
+ 0x2c3293e3,
+ 0x2c333407,
+ 0x2c33b419,
+ 0x2c34342d,
+ 0x2c34b43f,
+ 0x2c35345a,
+ 0x2c35b46c,
+ 0x2c36349c,
0x2c36833a,
- 0x2c37342d,
- 0x2c37b459,
- 0x2c383497,
- 0x2c38b4ae,
- 0x2c3934cc,
- 0x2c39b4dc,
- 0x2c3a34ee,
- 0x2c3ab502,
- 0x2c3b3513,
- 0x2c3bb532,
- 0x2c3c13b5,
- 0x2c3c93cb,
- 0x2c3d3577,
- 0x2c3d93e4,
- 0x2c3e35a1,
- 0x2c3eb5af,
- 0x2c3f35c7,
- 0x2c3fb5df,
- 0x2c403609,
- 0x2c409298,
- 0x2c41361a,
- 0x2c41b62d,
- 0x2c42125e,
- 0x2c42b63e,
+ 0x2c3734a9,
+ 0x2c37b4d5,
+ 0x2c383513,
+ 0x2c38b52a,
+ 0x2c393548,
+ 0x2c39b558,
+ 0x2c3a356a,
+ 0x2c3ab57e,
+ 0x2c3b358f,
+ 0x2c3bb5ae,
+ 0x2c3c13f5,
+ 0x2c3c940b,
+ 0x2c3d35f3,
+ 0x2c3d9424,
+ 0x2c3e361d,
+ 0x2c3eb62b,
+ 0x2c3f3643,
+ 0x2c3fb65b,
+ 0x2c403685,
+ 0x2c4092d8,
+ 0x2c413696,
+ 0x2c41b6a9,
+ 0x2c42129e,
+ 0x2c42b6ba,
0x2c43076d,
- 0x2c43b524,
- 0x2c44346c,
- 0x2c44b5ec,
- 0x2c453403,
- 0x2c45b43f,
- 0x2c4634bc,
- 0x2c46b546,
- 0x2c47355b,
- 0x2c47b594,
- 0x2c48347e,
+ 0x2c43b5a0,
+ 0x2c4434e8,
+ 0x2c44b668,
+ 0x2c45347f,
+ 0x2c45b4bb,
+ 0x2c463538,
+ 0x2c46b5c2,
+ 0x2c4735d7,
+ 0x2c47b610,
+ 0x2c4834fa,
0x30320000,
0x30328015,
0x3033001f,
@@ -340,308 +341,310 @@
0x30610357,
0x3061873a,
0x30620392,
- 0x34320bb0,
- 0x34328bc4,
- 0x34330be1,
- 0x34338bf4,
- 0x34340c03,
- 0x34348c5d,
- 0x34350c41,
- 0x34358c20,
+ 0x34320bf0,
+ 0x34328c04,
+ 0x34330c21,
+ 0x34338c34,
+ 0x34340c43,
+ 0x34348c9d,
+ 0x34350c81,
+ 0x34358c60,
0x3c320090,
- 0x3c328d28,
- 0x3c330d41,
- 0x3c338d5c,
- 0x3c340d79,
- 0x3c348da3,
- 0x3c350dbe,
- 0x3c358de4,
- 0x3c360dfd,
- 0x3c368e15,
- 0x3c370e26,
- 0x3c378e34,
- 0x3c380e41,
- 0x3c388e55,
- 0x3c390ceb,
- 0x3c398e78,
- 0x3c3a0e8c,
+ 0x3c328d68,
+ 0x3c330d81,
+ 0x3c338d9c,
+ 0x3c340db9,
+ 0x3c348de3,
+ 0x3c350dfe,
+ 0x3c358e24,
+ 0x3c360e3d,
+ 0x3c368e55,
+ 0x3c370e66,
+ 0x3c378e74,
+ 0x3c380e81,
+ 0x3c388e95,
+ 0x3c390d2b,
+ 0x3c398eb8,
+ 0x3c3a0ecc,
0x3c3a895a,
- 0x3c3b0e9c,
- 0x3c3b8eb7,
- 0x3c3c0ec9,
- 0x3c3c8efc,
- 0x3c3d0f06,
- 0x3c3d8f1a,
- 0x3c3e0f28,
- 0x3c3e8f4d,
- 0x3c3f0d14,
- 0x3c3f8f36,
+ 0x3c3b0edc,
+ 0x3c3b8ef7,
+ 0x3c3c0f09,
+ 0x3c3c8f3c,
+ 0x3c3d0f46,
+ 0x3c3d8f5a,
+ 0x3c3e0f68,
+ 0x3c3e8f8d,
+ 0x3c3f0d54,
+ 0x3c3f8f76,
0x3c4000b9,
0x3c4080f7,
- 0x3c410d94,
- 0x3c418dd3,
- 0x3c420edf,
- 0x3c428e69,
- 0x40321a3a,
- 0x40329a50,
- 0x40331a7e,
- 0x40339a88,
- 0x40341a9f,
- 0x40349abd,
- 0x40351acd,
- 0x40359adf,
- 0x40361aec,
- 0x40369af8,
- 0x40371b0d,
- 0x40379b1f,
- 0x40381b2a,
- 0x40389b3c,
- 0x40390f93,
- 0x40399b4c,
- 0x403a1b5f,
- 0x403a9b80,
- 0x403b1b91,
- 0x403b9ba1,
+ 0x3c410dd4,
+ 0x3c418e13,
+ 0x3c420f1f,
+ 0x3c428ea9,
+ 0x40321a7a,
+ 0x40329a90,
+ 0x40331abe,
+ 0x40339ac8,
+ 0x40341adf,
+ 0x40349afd,
+ 0x40351b0d,
+ 0x40359b1f,
+ 0x40361b2c,
+ 0x40369b38,
+ 0x40371b4d,
+ 0x40379b5f,
+ 0x40381b6a,
+ 0x40389b7c,
+ 0x40390fd3,
+ 0x40399b8c,
+ 0x403a1b9f,
+ 0x403a9bc0,
+ 0x403b1bd1,
+ 0x403b9be1,
0x403c0071,
0x403c8090,
- 0x403d1c02,
- 0x403d9c18,
- 0x403e1c27,
- 0x403e9c5f,
- 0x403f1c79,
- 0x403f9ca1,
- 0x40401cb6,
- 0x40409cca,
- 0x40411d05,
- 0x40419d20,
- 0x40421d39,
- 0x40429d4c,
- 0x40431d60,
- 0x40439d8e,
- 0x40441da5,
+ 0x403d1c42,
+ 0x403d9c58,
+ 0x403e1c67,
+ 0x403e9c9f,
+ 0x403f1cb9,
+ 0x403f9ce1,
+ 0x40401cf6,
+ 0x40409d0a,
+ 0x40411d45,
+ 0x40419d60,
+ 0x40421d79,
+ 0x40429d8c,
+ 0x40431da0,
+ 0x40439dce,
+ 0x40441de5,
0x404480b9,
- 0x40451dba,
- 0x40459dcc,
- 0x40461df0,
- 0x40469e10,
- 0x40471e1e,
- 0x40479e45,
- 0x40481eb6,
- 0x40489f70,
- 0x40491f87,
- 0x40499fa1,
- 0x404a1fb8,
- 0x404a9fd6,
- 0x404b1fee,
- 0x404ba01b,
- 0x404c2031,
- 0x404ca043,
- 0x404d2064,
- 0x404da09d,
- 0x404e20b1,
- 0x404ea0be,
- 0x404f216f,
- 0x404fa1e5,
- 0x4050226f,
- 0x4050a283,
- 0x405122b6,
- 0x405222c6,
- 0x4052a2ea,
- 0x40532302,
- 0x4053a315,
- 0x4054232a,
- 0x4054a34d,
- 0x40552378,
- 0x4055a3b5,
- 0x405623da,
- 0x4056a3f3,
- 0x4057240b,
- 0x4057a41e,
- 0x40582433,
- 0x4058a45a,
- 0x40592489,
- 0x4059a4c9,
- 0x405aa4dd,
- 0x405b24f5,
- 0x405ba506,
- 0x405c2519,
- 0x405ca558,
- 0x405d2565,
- 0x405da58a,
- 0x405e25c8,
+ 0x40451dfa,
+ 0x40459e0c,
+ 0x40461e30,
+ 0x40469e50,
+ 0x40471e5e,
+ 0x40479e85,
+ 0x40481ef6,
+ 0x40489fb0,
+ 0x40491fc7,
+ 0x40499fe1,
+ 0x404a1ff8,
+ 0x404aa016,
+ 0x404b202e,
+ 0x404ba05b,
+ 0x404c2071,
+ 0x404ca083,
+ 0x404d20a4,
+ 0x404da0dd,
+ 0x404e20f1,
+ 0x404ea0fe,
+ 0x404f21af,
+ 0x404fa225,
+ 0x405022af,
+ 0x4050a2c3,
+ 0x405122f6,
+ 0x40522306,
+ 0x4052a32a,
+ 0x40532342,
+ 0x4053a355,
+ 0x4054236a,
+ 0x4054a38d,
+ 0x405523b8,
+ 0x4055a3f5,
+ 0x4056241a,
+ 0x4056a433,
+ 0x4057244b,
+ 0x4057a45e,
+ 0x40582473,
+ 0x4058a49a,
+ 0x405924c9,
+ 0x4059a509,
+ 0x405aa51d,
+ 0x405b2535,
+ 0x405ba546,
+ 0x405c2559,
+ 0x405ca598,
+ 0x405d25a5,
+ 0x405da5ca,
+ 0x405e2608,
0x405e8afe,
- 0x405f2617,
- 0x405fa624,
- 0x40602632,
- 0x4060a654,
- 0x406126c8,
- 0x4061a700,
- 0x40622717,
- 0x4062a728,
- 0x40632775,
- 0x4063a78a,
- 0x406427a1,
- 0x4064a7cd,
- 0x406527e8,
- 0x4065a7ff,
- 0x40662817,
- 0x4066a841,
- 0x4067286c,
- 0x4067a8b1,
- 0x406828f9,
- 0x4068a91a,
- 0x4069294c,
- 0x4069a97a,
- 0x406a299b,
- 0x406aa9bb,
- 0x406b2b43,
- 0x406bab66,
- 0x406c2b7c,
- 0x406cae86,
- 0x406d2eb5,
- 0x406daedd,
- 0x406e2f0b,
- 0x406eaf58,
- 0x406f2fb1,
- 0x406fafe9,
- 0x40702ffc,
- 0x4070b019,
+ 0x405f2657,
+ 0x405fa664,
+ 0x40602672,
+ 0x4060a694,
+ 0x40612708,
+ 0x4061a740,
+ 0x40622757,
+ 0x4062a768,
+ 0x406327b5,
+ 0x4063a7ca,
+ 0x406427e1,
+ 0x4064a80d,
+ 0x40652828,
+ 0x4065a83f,
+ 0x40662857,
+ 0x4066a881,
+ 0x406728ac,
+ 0x4067a8f1,
+ 0x40682939,
+ 0x4068a95a,
+ 0x4069298c,
+ 0x4069a9ba,
+ 0x406a29db,
+ 0x406aa9fb,
+ 0x406b2b83,
+ 0x406baba6,
+ 0x406c2bbc,
+ 0x406caec6,
+ 0x406d2ef5,
+ 0x406daf1d,
+ 0x406e2f4b,
+ 0x406eaf98,
+ 0x406f2ff1,
+ 0x406fb029,
+ 0x4070303c,
+ 0x4070b059,
0x4071084d,
- 0x4071b02b,
- 0x4072303e,
- 0x4072b074,
- 0x4073308c,
- 0x407395cd,
- 0x407430a0,
- 0x4074b0ba,
- 0x407530cb,
- 0x4075b0df,
- 0x407630ed,
- 0x4076935b,
- 0x40773112,
- 0x4077b16e,
- 0x40783189,
- 0x4078b1c2,
- 0x407931d9,
- 0x4079b1ef,
- 0x407a321b,
- 0x407ab22e,
- 0x407b3243,
- 0x407bb255,
- 0x407c3286,
- 0x407cb28f,
- 0x407d2935,
- 0x407da20d,
- 0x407e319e,
- 0x407ea46a,
- 0x407f1e32,
- 0x407fa005,
- 0x4080217f,
- 0x40809e5a,
- 0x408122d8,
- 0x4081a10c,
- 0x40822ef6,
- 0x40829bad,
- 0x40832445,
- 0x4083a7b2,
- 0x40841e6e,
- 0x4084a4a2,
- 0x4085252a,
- 0x4085a68f,
- 0x408625aa,
- 0x4086a227,
- 0x40872f3c,
- 0x4087a6dd,
- 0x40881beb,
- 0x4088a8c4,
- 0x40891c3a,
- 0x40899bc7,
- 0x408a2bb4,
- 0x408a99e5,
- 0x408b326a,
- 0x408bafc6,
- 0x408c253a,
- 0x408d1f56,
- 0x408d9ea0,
- 0x408e2086,
- 0x408ea395,
- 0x408f28d8,
- 0x408fa6ab,
- 0x4090288d,
- 0x4090a57c,
- 0x40912b9c,
- 0x40919a1d,
- 0x40921c87,
- 0x4092af77,
- 0x40933057,
- 0x4093a238,
- 0x40941e82,
- 0x4094abcd,
- 0x40952739,
- 0x4095b1fb,
- 0x40962f23,
- 0x4096a198,
- 0x4097229e,
- 0x4097a0d5,
- 0x40981ce7,
- 0x4098a74d,
- 0x40992f93,
- 0x4099a3c2,
- 0x409a235b,
- 0x409a9a01,
- 0x409b1edc,
- 0x409b9f07,
- 0x409c3150,
- 0x409c9f2f,
- 0x409d2154,
- 0x409da122,
- 0x409e1d78,
- 0x409ea1cd,
- 0x409f21b5,
- 0x409f9ecf,
- 0x40a021f5,
- 0x40a0a0ef,
- 0x40a1213d,
- 0x40a1a4b6,
- 0x40a22254,
- 0x40a2a608,
- 0x40a3267c,
- 0x40a3b134,
- 0x41f42a6e,
- 0x41f92b00,
- 0x41fe29f3,
- 0x41feaca9,
- 0x41ff2dd7,
- 0x42032a87,
- 0x42082aa9,
- 0x4208aae5,
- 0x420929d7,
- 0x4209ab1f,
- 0x420a2a2e,
- 0x420aaa0e,
- 0x420b2a4e,
- 0x420baac7,
- 0x420c2df3,
- 0x420cabdd,
- 0x420d2c90,
- 0x420dacc7,
- 0x42122cfa,
- 0x42172dba,
- 0x4217ad3c,
- 0x421c2d5e,
- 0x421f2d19,
- 0x42212e6b,
- 0x42262d9d,
- 0x422b2e49,
- 0x422bac6b,
- 0x422c2e2b,
- 0x422cac1e,
- 0x422d2bf7,
- 0x422dae0a,
- 0x422e2c4a,
- 0x42302d79,
- 0x4230ace1,
- 0x423125e9,
+ 0x4071b06b,
+ 0x4072307e,
+ 0x4072b0b4,
+ 0x407330cc,
+ 0x4073960d,
+ 0x407430e0,
+ 0x4074b0fa,
+ 0x4075310b,
+ 0x4075b11f,
+ 0x4076312d,
+ 0x4076939b,
+ 0x40773152,
+ 0x4077b1ea,
+ 0x40783205,
+ 0x4078b23e,
+ 0x40793255,
+ 0x4079b26b,
+ 0x407a3297,
+ 0x407ab2aa,
+ 0x407b32bf,
+ 0x407bb2d1,
+ 0x407c3302,
+ 0x407cb30b,
+ 0x407d2975,
+ 0x407da24d,
+ 0x407e321a,
+ 0x407ea4aa,
+ 0x407f1e72,
+ 0x407fa045,
+ 0x408021bf,
+ 0x40809e9a,
+ 0x40812318,
+ 0x4081a14c,
+ 0x40822f36,
+ 0x40829bed,
+ 0x40832485,
+ 0x4083a7f2,
+ 0x40841eae,
+ 0x4084a4e2,
+ 0x4085256a,
+ 0x4085a6cf,
+ 0x408625ea,
+ 0x4086a267,
+ 0x40872f7c,
+ 0x4087a71d,
+ 0x40881c2b,
+ 0x4088a904,
+ 0x40891c7a,
+ 0x40899c07,
+ 0x408a2bf4,
+ 0x408a9a25,
+ 0x408b32e6,
+ 0x408bb006,
+ 0x408c257a,
+ 0x408d1f96,
+ 0x408d9ee0,
+ 0x408e20c6,
+ 0x408ea3d5,
+ 0x408f2918,
+ 0x408fa6eb,
+ 0x409028cd,
+ 0x4090a5bc,
+ 0x40912bdc,
+ 0x40919a5d,
+ 0x40921cc7,
+ 0x4092afb7,
+ 0x40933097,
+ 0x4093a278,
+ 0x40941ec2,
+ 0x4094ac0d,
+ 0x40952779,
+ 0x4095b277,
+ 0x40962f63,
+ 0x4096a1d8,
+ 0x409722de,
+ 0x4097a115,
+ 0x40981d27,
+ 0x4098a78d,
+ 0x40992fd3,
+ 0x4099a402,
+ 0x409a239b,
+ 0x409a9a41,
+ 0x409b1f1c,
+ 0x409b9f47,
+ 0x409c31cc,
+ 0x409c9f6f,
+ 0x409d2194,
+ 0x409da162,
+ 0x409e1db8,
+ 0x409ea20d,
+ 0x409f21f5,
+ 0x409f9f0f,
+ 0x40a02235,
+ 0x40a0a12f,
+ 0x40a1217d,
+ 0x40a1a4f6,
+ 0x40a22294,
+ 0x40a2a648,
+ 0x40a326bc,
+ 0x40a3b174,
+ 0x40a43190,
+ 0x40a4b1aa,
+ 0x41f42aae,
+ 0x41f92b40,
+ 0x41fe2a33,
+ 0x41feace9,
+ 0x41ff2e17,
+ 0x42032ac7,
+ 0x42082ae9,
+ 0x4208ab25,
+ 0x42092a17,
+ 0x4209ab5f,
+ 0x420a2a6e,
+ 0x420aaa4e,
+ 0x420b2a8e,
+ 0x420bab07,
+ 0x420c2e33,
+ 0x420cac1d,
+ 0x420d2cd0,
+ 0x420dad07,
+ 0x42122d3a,
+ 0x42172dfa,
+ 0x4217ad7c,
+ 0x421c2d9e,
+ 0x421f2d59,
+ 0x42212eab,
+ 0x42262ddd,
+ 0x422b2e89,
+ 0x422bacab,
+ 0x422c2e6b,
+ 0x422cac5e,
+ 0x422d2c37,
+ 0x422dae4a,
+ 0x422e2c8a,
+ 0x42302db9,
+ 0x4230ad21,
+ 0x42312629,
0x44320778,
0x44328787,
0x44330793,
@@ -659,124 +662,124 @@
0x4439084d,
0x4439885b,
0x443a086e,
- 0x483213a3,
- 0x483293b5,
- 0x483313cb,
- 0x483393e4,
- 0x4c321421,
- 0x4c329431,
- 0x4c331444,
- 0x4c339464,
+ 0x483213e3,
+ 0x483293f5,
+ 0x4833140b,
+ 0x48339424,
+ 0x4c321461,
+ 0x4c329471,
+ 0x4c331484,
+ 0x4c3394a4,
0x4c3400b9,
0x4c3480f7,
- 0x4c351470,
- 0x4c35947e,
- 0x4c36149a,
- 0x4c3694c0,
- 0x4c3714cf,
- 0x4c3794dd,
- 0x4c3814f2,
- 0x4c3894fe,
- 0x4c39151e,
- 0x4c399548,
- 0x4c3a1561,
- 0x4c3a957a,
+ 0x4c3514b0,
+ 0x4c3594be,
+ 0x4c3614da,
+ 0x4c369500,
+ 0x4c37150f,
+ 0x4c37951d,
+ 0x4c381532,
+ 0x4c38953e,
+ 0x4c39155e,
+ 0x4c399588,
+ 0x4c3a15a1,
+ 0x4c3a95ba,
0x4c3b0635,
- 0x4c3b9593,
- 0x4c3c15a5,
- 0x4c3c95b4,
- 0x4c3d15cd,
- 0x4c3d8cc6,
- 0x4c3e163a,
- 0x4c3e95dc,
- 0x4c3f165c,
- 0x4c3f935b,
- 0x4c4015f2,
- 0x4c40940d,
- 0x4c41162a,
- 0x4c4194ad,
- 0x4c421616,
- 0x4c4293f5,
- 0x50323650,
- 0x5032b65f,
- 0x5033366a,
- 0x5033b67a,
- 0x50343693,
- 0x5034b6ad,
- 0x503536bb,
- 0x5035b6d1,
- 0x503636e3,
- 0x5036b6f9,
- 0x50373712,
- 0x5037b725,
- 0x5038373d,
- 0x5038b74e,
- 0x50393763,
- 0x5039b777,
- 0x503a3797,
- 0x503ab7ad,
- 0x503b37c5,
- 0x503bb7d7,
- 0x503c37f3,
- 0x503cb80a,
- 0x503d3823,
- 0x503db839,
- 0x503e3846,
- 0x503eb85c,
- 0x503f386e,
+ 0x4c3b95d3,
+ 0x4c3c15e5,
+ 0x4c3c95f4,
+ 0x4c3d160d,
+ 0x4c3d8d06,
+ 0x4c3e167a,
+ 0x4c3e961c,
+ 0x4c3f169c,
+ 0x4c3f939b,
+ 0x4c401632,
+ 0x4c40944d,
+ 0x4c41166a,
+ 0x4c4194ed,
+ 0x4c421656,
+ 0x4c429435,
+ 0x503236cc,
+ 0x5032b6db,
+ 0x503336e6,
+ 0x5033b6f6,
+ 0x5034370f,
+ 0x5034b729,
+ 0x50353737,
+ 0x5035b74d,
+ 0x5036375f,
+ 0x5036b775,
+ 0x5037378e,
+ 0x5037b7a1,
+ 0x503837b9,
+ 0x5038b7ca,
+ 0x503937df,
+ 0x5039b7f3,
+ 0x503a3813,
+ 0x503ab829,
+ 0x503b3841,
+ 0x503bb853,
+ 0x503c386f,
+ 0x503cb886,
+ 0x503d389f,
+ 0x503db8b5,
+ 0x503e38c2,
+ 0x503eb8d8,
+ 0x503f38ea,
0x503f83b3,
- 0x50403881,
- 0x5040b891,
- 0x504138ab,
- 0x5041b8ba,
- 0x504238d4,
- 0x5042b8f1,
- 0x50433901,
- 0x5043b911,
- 0x5044392e,
+ 0x504038fd,
+ 0x5040b90d,
+ 0x50413927,
+ 0x5041b936,
+ 0x50423950,
+ 0x5042b96d,
+ 0x5043397d,
+ 0x5043b98d,
+ 0x504439aa,
0x50448469,
- 0x50453942,
- 0x5045b960,
- 0x50463973,
- 0x5046b989,
- 0x5047399b,
- 0x5047b9b0,
- 0x504839d6,
- 0x5048b9e4,
- 0x504939f7,
- 0x5049ba0c,
- 0x504a3a22,
- 0x504aba32,
- 0x504b3a52,
- 0x504bba65,
- 0x504c3a88,
- 0x504cbab6,
- 0x504d3ae3,
- 0x504dbb00,
- 0x504e3b1b,
- 0x504ebb37,
- 0x504f3b49,
- 0x504fbb60,
- 0x50503b6f,
+ 0x504539be,
+ 0x5045b9dc,
+ 0x504639ef,
+ 0x5046ba05,
+ 0x50473a17,
+ 0x5047ba2c,
+ 0x50483a52,
+ 0x5048ba60,
+ 0x50493a73,
+ 0x5049ba88,
+ 0x504a3a9e,
+ 0x504abaae,
+ 0x504b3ace,
+ 0x504bbae1,
+ 0x504c3b04,
+ 0x504cbb32,
+ 0x504d3b5f,
+ 0x504dbb7c,
+ 0x504e3b97,
+ 0x504ebbb3,
+ 0x504f3bc5,
+ 0x504fbbdc,
+ 0x50503beb,
0x50508729,
- 0x50513b82,
- 0x5051b920,
- 0x50523ac8,
- 0x58320fd1,
- 0x68320f93,
- 0x68328ceb,
- 0x68330cfe,
- 0x68338fa1,
- 0x68340fb1,
+ 0x50513bfe,
+ 0x5051b99c,
+ 0x50523b44,
+ 0x58321011,
+ 0x68320fd3,
+ 0x68328d2b,
+ 0x68330d3e,
+ 0x68338fe1,
+ 0x68340ff1,
0x683480f7,
0x6835099a,
- 0x6c320f59,
- 0x6c328cb5,
- 0x6c330f64,
- 0x6c338f7d,
+ 0x6c320f99,
+ 0x6c328cf5,
+ 0x6c330fa4,
+ 0x6c338fbd,
0x74320a66,
0x743280b9,
- 0x74330cc6,
+ 0x74330d06,
0x783209cb,
0x783289e0,
0x783309ec,
@@ -803,22 +806,24 @@
0x783d8b97,
0x783e0aed,
0x783e8a9f,
- 0x7c321274,
- 0x803214c0,
+ 0x7c3212b4,
+ 0x80321500,
0x80328090,
- 0x8033334c,
+ 0x803333c8,
0x803380b9,
- 0x8034335b,
- 0x8034b2c3,
- 0x803532e1,
- 0x8035b36f,
- 0x80363323,
- 0x8036b2d2,
- 0x80373315,
- 0x8037b2b0,
- 0x80383336,
- 0x8038b2f2,
- 0x80393307,
+ 0x803433d7,
+ 0x8034b33f,
+ 0x8035335d,
+ 0x8035b3eb,
+ 0x8036339f,
+ 0x8036b34e,
+ 0x80373391,
+ 0x8037b32c,
+ 0x803833b2,
+ 0x8038b36e,
+ 0x80393383,
+ 0x84320bb0,
+ 0x84328bc9,
};
extern const size_t kOpenSSLReasonValuesLen;
@@ -984,6 +989,8 @@
"UNSUPPORTED_NONCE_SIZE\0"
"UNSUPPORTED_TAG_SIZE\0"
"WRONG_FINAL_BLOCK_LENGTH\0"
+ "CERTIFICATE_HAS_NO_KEYID\0"
+ "PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE\0"
"LIST_CANNOT_BE_NULL\0"
"MISSING_CLOSE_SQUARE_BRACKET\0"
"MISSING_EQUAL_SIGN\0"
@@ -1399,6 +1406,8 @@
"UNSAFE_LEGACY_RENEGOTIATION_DISABLED\0"
"UNSUPPORTED_COMPRESSION_ALGORITHM\0"
"UNSUPPORTED_CREDENTIAL_LIST\0"
+ "INVALID_TRUST_ANCHOR_LIST\0"
+ "INVALID_CERTIFICATE_PROPERTY_LIST\0"
"UNSUPPORTED_ECH_SERVER_CONFIG\0"
"UNSUPPORTED_ELLIPTIC_CURVE\0"
"UNSUPPORTED_PROTOCOL\0"
diff --git a/src/gen/sources.bzl b/src/gen/sources.bzl
index 082ac46..758f8e7 100644
--- a/src/gen/sources.bzl
+++ b/src/gen/sources.bzl
@@ -29,7 +29,6 @@
"crypto/fipsmodule/aes/key_wrap.cc.inc",
"crypto/fipsmodule/aes/mode_wrappers.cc.inc",
"crypto/fipsmodule/aes/ofb.cc.inc",
- "crypto/fipsmodule/aes/polyval.cc.inc",
"crypto/fipsmodule/bn/add.cc.inc",
"crypto/fipsmodule/bn/asm/x86_64-gcc.cc.inc",
"crypto/fipsmodule/bn/bn.cc.inc",
@@ -79,7 +78,9 @@
"crypto/fipsmodule/hkdf/hkdf.cc.inc",
"crypto/fipsmodule/hmac/hmac.cc.inc",
"crypto/fipsmodule/keccak/keccak.cc.inc",
+ "crypto/fipsmodule/mldsa/fips_known_values.inc",
"crypto/fipsmodule/mldsa/mldsa.cc.inc",
+ "crypto/fipsmodule/mlkem/fips_known_values.inc",
"crypto/fipsmodule/mlkem/mlkem.cc.inc",
"crypto/fipsmodule/rand/ctrdrbg.cc.inc",
"crypto/fipsmodule/rand/rand.cc.inc",
@@ -93,6 +94,7 @@
"crypto/fipsmodule/sha/sha1.cc.inc",
"crypto/fipsmodule/sha/sha256.cc.inc",
"crypto/fipsmodule/sha/sha512.cc.inc",
+ "crypto/fipsmodule/slhdsa/fips_known_values.inc",
"crypto/fipsmodule/slhdsa/fors.cc.inc",
"crypto/fipsmodule/slhdsa/merkle.cc.inc",
"crypto/fipsmodule/slhdsa/slhdsa.cc.inc",
@@ -102,10 +104,10 @@
]
bcm_sources_asm = [
- "gen/bcm/aes-gcm-avx10-x86_64-apple.S",
- "gen/bcm/aes-gcm-avx10-x86_64-linux.S",
"gen/bcm/aes-gcm-avx2-x86_64-apple.S",
"gen/bcm/aes-gcm-avx2-x86_64-linux.S",
+ "gen/bcm/aes-gcm-avx512-x86_64-apple.S",
+ "gen/bcm/aes-gcm-avx512-x86_64-linux.S",
"gen/bcm/aesni-gcm-x86_64-apple.S",
"gen/bcm/aesni-gcm-x86_64-linux.S",
"gen/bcm/aesni-x86-apple.S",
@@ -204,8 +206,8 @@
]
bcm_sources_nasm = [
- "gen/bcm/aes-gcm-avx10-x86_64-win.asm",
"gen/bcm/aes-gcm-avx2-x86_64-win.asm",
+ "gen/bcm/aes-gcm-avx512-x86_64-win.asm",
"gen/bcm/aesni-gcm-x86_64-win.asm",
"gen/bcm/aesni-x86-win.asm",
"gen/bcm/aesni-x86_64-win.asm",
@@ -258,6 +260,7 @@
]
crypto_sources = [
+ "crypto/aes/aes.cc",
"crypto/asn1/a_bitstr.cc",
"crypto/asn1/a_bool.cc",
"crypto/asn1/a_d2i_fp.cc",
@@ -300,6 +303,9 @@
"crypto/blake2/blake2.cc",
"crypto/bn/bn_asn1.cc",
"crypto/bn/convert.cc",
+ "crypto/bn/div.cc",
+ "crypto/bn/exponentiation.cc",
+ "crypto/bn/sqrt.cc",
"crypto/buf/buf.cc",
"crypto/bytestring/asn1_compat.cc",
"crypto/bytestring/ber.cc",
@@ -309,6 +315,7 @@
"crypto/chacha/chacha.cc",
"crypto/cipher/derive_key.cc",
"crypto/cipher/e_aesctrhmac.cc",
+ "crypto/cipher/e_aeseax.cc",
"crypto/cipher/e_aesgcmsiv.cc",
"crypto/cipher/e_chacha20poly1305.cc",
"crypto/cipher/e_des.cc",
@@ -318,6 +325,7 @@
"crypto/cipher/e_tls.cc",
"crypto/cipher/get_cipher.cc",
"crypto/cipher/tls_cbc.cc",
+ "crypto/cms/cms.cc",
"crypto/conf/conf.cc",
"crypto/cpu_aarch64_apple.cc",
"crypto/cpu_aarch64_fuchsia.cc",
@@ -366,6 +374,7 @@
"crypto/evp/sign.cc",
"crypto/ex_data.cc",
"crypto/fipsmodule/fips_shared_support.cc",
+ "crypto/fuzzer_mode.cc",
"crypto/hpke/hpke.cc",
"crypto/hrss/hrss.cc",
"crypto/kyber/kyber.cc",
@@ -519,6 +528,7 @@
"include/openssl/chacha.h",
"include/openssl/cipher.h",
"include/openssl/cmac.h",
+ "include/openssl/cms.h",
"include/openssl/conf.h",
"include/openssl/cpu.h",
"include/openssl/crypto.h",
@@ -642,7 +652,7 @@
"crypto/poly1305/internal.h",
"crypto/pool/internal.h",
"crypto/rand/getrandom_fillin.h",
- "crypto/rand/sysrand_internal.h",
+ "crypto/rand/internal.h",
"crypto/rsa/internal.h",
"crypto/spake2plus/internal.h",
"crypto/trust_token/internal.h",
@@ -704,6 +714,7 @@
"crypto/chacha/chacha_test.cc",
"crypto/cipher/aead_test.cc",
"crypto/cipher/cipher_test.cc",
+ "crypto/cms/cms_test.cc",
"crypto/compiler_test.cc",
"crypto/conf/conf_test.cc",
"crypto/constant_time_test.cc",
@@ -776,6 +787,7 @@
"crypto/cipher/test/aes_128_ccm_bluetooth_tests.txt",
"crypto/cipher/test/aes_128_ccm_matter_tests.txt",
"crypto/cipher/test/aes_128_ctr_hmac_sha256.txt",
+ "crypto/cipher/test/aes_128_eax_test.txt",
"crypto/cipher/test/aes_128_gcm_randnonce_tests.txt",
"crypto/cipher/test/aes_128_gcm_siv_tests.txt",
"crypto/cipher/test/aes_128_gcm_tests.txt",
@@ -783,6 +795,7 @@
"crypto/cipher/test/aes_256_cbc_sha1_tls_implicit_iv_tests.txt",
"crypto/cipher/test/aes_256_cbc_sha1_tls_tests.txt",
"crypto/cipher/test/aes_256_ctr_hmac_sha256.txt",
+ "crypto/cipher/test/aes_256_eax_test.txt",
"crypto/cipher/test/aes_256_gcm_randnonce_tests.txt",
"crypto/cipher/test/aes_256_gcm_siv_tests.txt",
"crypto/cipher/test/aes_256_gcm_tests.txt",
@@ -844,6 +857,15 @@
"crypto/mlkem/mlkem768_keygen_tests.txt",
"crypto/mlkem/mlkem768_nist_decap_tests.txt",
"crypto/mlkem/mlkem768_nist_keygen_tests.txt",
+ "crypto/pkcs7/test/nss.p7c",
+ "crypto/pkcs7/test/openssl_crl.p7c",
+ "crypto/pkcs7/test/sign_cert.pem",
+ "crypto/pkcs7/test/sign_key.pem",
+ "crypto/pkcs7/test/sign_sha1.p7s",
+ "crypto/pkcs7/test/sign_sha1_key_id.p7s",
+ "crypto/pkcs7/test/sign_sha256.p7s",
+ "crypto/pkcs7/test/sign_sha256_key_id.p7s",
+ "crypto/pkcs7/test/windows.p7c",
"crypto/pkcs8/test/bad1.p12",
"crypto/pkcs8/test/bad2.p12",
"crypto/pkcs8/test/bad3.p12",
@@ -952,6 +974,7 @@
"crypto/x509/test/trailing_data_leaf_subject_key_identifier.pem",
"third_party/wycheproof_testvectors/aes_cbc_pkcs5_test.txt",
"third_party/wycheproof_testvectors/aes_cmac_test.txt",
+ "third_party/wycheproof_testvectors/aes_eax_test.txt",
"third_party/wycheproof_testvectors/aes_gcm_siv_test.txt",
"third_party/wycheproof_testvectors/aes_gcm_test.txt",
"third_party/wycheproof_testvectors/chacha20_poly1305_test.txt",
@@ -1070,6 +1093,7 @@
"fuzz/bn_mod_exp.cc",
"fuzz/cert.cc",
"fuzz/client.cc",
+ "fuzz/client_no_fuzzer_mode.cc",
"fuzz/conf.cc",
"fuzz/crl_getcrlstatusforcert_fuzzer.cc",
"fuzz/crl_parse_crl_certificatelist_fuzzer.cc",
@@ -1091,6 +1115,7 @@
"fuzz/privkey.cc",
"fuzz/read_pem.cc",
"fuzz/server.cc",
+ "fuzz/server_no_fuzzer_mode.cc",
"fuzz/session.cc",
"fuzz/spki.cc",
"fuzz/ssl_ctx_api.cc",
@@ -1099,6 +1124,15 @@
"fuzz/verify_name_match_verifynameinsubtree_fuzzer.cc",
]
+modulewrapper_sources = [
+ "util/fipstools/acvp/modulewrapper/main.cc",
+ "util/fipstools/acvp/modulewrapper/modulewrapper.cc",
+]
+
+modulewrapper_internal_headers = [
+ "util/fipstools/acvp/modulewrapper/modulewrapper.h",
+]
+
pki_sources = [
"pki/cert_error_id.cc",
"pki/cert_error_params.cc",
@@ -2197,6 +2231,18 @@
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth-strict-leaf.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/any.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/c2pamanifest.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/c2patimestamp.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/chain.pem",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/clientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/serverauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/any.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/c2pamanifest.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/c2patimestamp.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/chain.pem",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/clientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/serverauth.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/any.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/chain.pem",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/clientauth-strict-leaf.test",
@@ -2205,6 +2251,14 @@
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth-strict-leaf.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth-extra/any.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth-extra/chain.pem",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth-extra/mlsclientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/any.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/chain.pem",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/clientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/mlsclientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/serverauth.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-chain.pem",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-any.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-clientAuth-strict.test",
@@ -2421,6 +2475,7 @@
"pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth-strict-leaf.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/target-eku-any/mlsclientauth.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth-strict-leaf.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth.test",
@@ -2435,6 +2490,7 @@
"pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth-strict-leaf.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/target-eku-many/mlsclientauth.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth-strict-leaf.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth.test",
@@ -2443,6 +2499,7 @@
"pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth-strict-leaf.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/target-eku-none/mlsclientauth.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-none/serverauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-none/serverauth.test",
"pki/testdata/verify_certificate_chain_unittest/target-has-512bit-rsa-key/chain.pem",
diff --git a/src/gen/sources.cmake b/src/gen/sources.cmake
index 5f4afc8..32aaf2b 100644
--- a/src/gen/sources.cmake
+++ b/src/gen/sources.cmake
@@ -33,7 +33,6 @@
crypto/fipsmodule/aes/key_wrap.cc.inc
crypto/fipsmodule/aes/mode_wrappers.cc.inc
crypto/fipsmodule/aes/ofb.cc.inc
- crypto/fipsmodule/aes/polyval.cc.inc
crypto/fipsmodule/bn/add.cc.inc
crypto/fipsmodule/bn/asm/x86_64-gcc.cc.inc
crypto/fipsmodule/bn/bn.cc.inc
@@ -83,7 +82,9 @@
crypto/fipsmodule/hkdf/hkdf.cc.inc
crypto/fipsmodule/hmac/hmac.cc.inc
crypto/fipsmodule/keccak/keccak.cc.inc
+ crypto/fipsmodule/mldsa/fips_known_values.inc
crypto/fipsmodule/mldsa/mldsa.cc.inc
+ crypto/fipsmodule/mlkem/fips_known_values.inc
crypto/fipsmodule/mlkem/mlkem.cc.inc
crypto/fipsmodule/rand/ctrdrbg.cc.inc
crypto/fipsmodule/rand/rand.cc.inc
@@ -97,6 +98,7 @@
crypto/fipsmodule/sha/sha1.cc.inc
crypto/fipsmodule/sha/sha256.cc.inc
crypto/fipsmodule/sha/sha512.cc.inc
+ crypto/fipsmodule/slhdsa/fips_known_values.inc
crypto/fipsmodule/slhdsa/fors.cc.inc
crypto/fipsmodule/slhdsa/merkle.cc.inc
crypto/fipsmodule/slhdsa/slhdsa.cc.inc
@@ -108,10 +110,10 @@
set(
BCM_SOURCES_ASM
- gen/bcm/aes-gcm-avx10-x86_64-apple.S
- gen/bcm/aes-gcm-avx10-x86_64-linux.S
gen/bcm/aes-gcm-avx2-x86_64-apple.S
gen/bcm/aes-gcm-avx2-x86_64-linux.S
+ gen/bcm/aes-gcm-avx512-x86_64-apple.S
+ gen/bcm/aes-gcm-avx512-x86_64-linux.S
gen/bcm/aesni-gcm-x86_64-apple.S
gen/bcm/aesni-gcm-x86_64-linux.S
gen/bcm/aesni-x86-apple.S
@@ -212,8 +214,8 @@
set(
BCM_SOURCES_NASM
- gen/bcm/aes-gcm-avx10-x86_64-win.asm
gen/bcm/aes-gcm-avx2-x86_64-win.asm
+ gen/bcm/aes-gcm-avx512-x86_64-win.asm
gen/bcm/aesni-gcm-x86_64-win.asm
gen/bcm/aesni-x86-win.asm
gen/bcm/aesni-x86_64-win.asm
@@ -272,6 +274,7 @@
set(
CRYPTO_SOURCES
+ crypto/aes/aes.cc
crypto/asn1/a_bitstr.cc
crypto/asn1/a_bool.cc
crypto/asn1/a_d2i_fp.cc
@@ -314,6 +317,9 @@
crypto/blake2/blake2.cc
crypto/bn/bn_asn1.cc
crypto/bn/convert.cc
+ crypto/bn/div.cc
+ crypto/bn/exponentiation.cc
+ crypto/bn/sqrt.cc
crypto/buf/buf.cc
crypto/bytestring/asn1_compat.cc
crypto/bytestring/ber.cc
@@ -323,6 +329,7 @@
crypto/chacha/chacha.cc
crypto/cipher/derive_key.cc
crypto/cipher/e_aesctrhmac.cc
+ crypto/cipher/e_aeseax.cc
crypto/cipher/e_aesgcmsiv.cc
crypto/cipher/e_chacha20poly1305.cc
crypto/cipher/e_des.cc
@@ -332,6 +339,7 @@
crypto/cipher/e_tls.cc
crypto/cipher/get_cipher.cc
crypto/cipher/tls_cbc.cc
+ crypto/cms/cms.cc
crypto/conf/conf.cc
crypto/cpu_aarch64_apple.cc
crypto/cpu_aarch64_fuchsia.cc
@@ -380,6 +388,7 @@
crypto/evp/sign.cc
crypto/ex_data.cc
crypto/fipsmodule/fips_shared_support.cc
+ crypto/fuzzer_mode.cc
crypto/hpke/hpke.cc
crypto/hrss/hrss.cc
crypto/kyber/kyber.cc
@@ -535,6 +544,7 @@
include/openssl/chacha.h
include/openssl/cipher.h
include/openssl/cmac.h
+ include/openssl/cms.h
include/openssl/conf.h
include/openssl/cpu.h
include/openssl/crypto.h
@@ -660,7 +670,7 @@
crypto/poly1305/internal.h
crypto/pool/internal.h
crypto/rand/getrandom_fillin.h
- crypto/rand/sysrand_internal.h
+ crypto/rand/internal.h
crypto/rsa/internal.h
crypto/spake2plus/internal.h
crypto/trust_token/internal.h
@@ -728,6 +738,7 @@
crypto/chacha/chacha_test.cc
crypto/cipher/aead_test.cc
crypto/cipher/cipher_test.cc
+ crypto/cms/cms_test.cc
crypto/compiler_test.cc
crypto/conf/conf_test.cc
crypto/constant_time_test.cc
@@ -802,6 +813,7 @@
crypto/cipher/test/aes_128_ccm_bluetooth_tests.txt
crypto/cipher/test/aes_128_ccm_matter_tests.txt
crypto/cipher/test/aes_128_ctr_hmac_sha256.txt
+ crypto/cipher/test/aes_128_eax_test.txt
crypto/cipher/test/aes_128_gcm_randnonce_tests.txt
crypto/cipher/test/aes_128_gcm_siv_tests.txt
crypto/cipher/test/aes_128_gcm_tests.txt
@@ -809,6 +821,7 @@
crypto/cipher/test/aes_256_cbc_sha1_tls_implicit_iv_tests.txt
crypto/cipher/test/aes_256_cbc_sha1_tls_tests.txt
crypto/cipher/test/aes_256_ctr_hmac_sha256.txt
+ crypto/cipher/test/aes_256_eax_test.txt
crypto/cipher/test/aes_256_gcm_randnonce_tests.txt
crypto/cipher/test/aes_256_gcm_siv_tests.txt
crypto/cipher/test/aes_256_gcm_tests.txt
@@ -870,6 +883,15 @@
crypto/mlkem/mlkem768_keygen_tests.txt
crypto/mlkem/mlkem768_nist_decap_tests.txt
crypto/mlkem/mlkem768_nist_keygen_tests.txt
+ crypto/pkcs7/test/nss.p7c
+ crypto/pkcs7/test/openssl_crl.p7c
+ crypto/pkcs7/test/sign_cert.pem
+ crypto/pkcs7/test/sign_key.pem
+ crypto/pkcs7/test/sign_sha1.p7s
+ crypto/pkcs7/test/sign_sha1_key_id.p7s
+ crypto/pkcs7/test/sign_sha256.p7s
+ crypto/pkcs7/test/sign_sha256_key_id.p7s
+ crypto/pkcs7/test/windows.p7c
crypto/pkcs8/test/bad1.p12
crypto/pkcs8/test/bad2.p12
crypto/pkcs8/test/bad3.p12
@@ -978,6 +1000,7 @@
crypto/x509/test/trailing_data_leaf_subject_key_identifier.pem
third_party/wycheproof_testvectors/aes_cbc_pkcs5_test.txt
third_party/wycheproof_testvectors/aes_cmac_test.txt
+ third_party/wycheproof_testvectors/aes_eax_test.txt
third_party/wycheproof_testvectors/aes_gcm_siv_test.txt
third_party/wycheproof_testvectors/aes_gcm_test.txt
third_party/wycheproof_testvectors/chacha20_poly1305_test.txt
@@ -1104,6 +1127,7 @@
fuzz/bn_mod_exp.cc
fuzz/cert.cc
fuzz/client.cc
+ fuzz/client_no_fuzzer_mode.cc
fuzz/conf.cc
fuzz/crl_getcrlstatusforcert_fuzzer.cc
fuzz/crl_parse_crl_certificatelist_fuzzer.cc
@@ -1125,6 +1149,7 @@
fuzz/privkey.cc
fuzz/read_pem.cc
fuzz/server.cc
+ fuzz/server_no_fuzzer_mode.cc
fuzz/session.cc
fuzz/spki.cc
fuzz/ssl_ctx_api.cc
@@ -1134,6 +1159,19 @@
)
set(
+ MODULEWRAPPER_SOURCES
+
+ util/fipstools/acvp/modulewrapper/main.cc
+ util/fipstools/acvp/modulewrapper/modulewrapper.cc
+)
+
+set(
+ MODULEWRAPPER_INTERNAL_HEADERS
+
+ util/fipstools/acvp/modulewrapper/modulewrapper.h
+)
+
+set(
PKI_SOURCES
pki/cert_error_id.cc
@@ -2241,6 +2279,18 @@
pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth-strict-leaf.test
pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth-strict.test
pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth.test
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/any.test
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/c2pamanifest.test
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/c2patimestamp.test
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/chain.pem
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/clientauth.test
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/serverauth.test
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/any.test
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/c2pamanifest.test
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/c2patimestamp.test
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/chain.pem
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/clientauth.test
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/serverauth.test
pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/any.test
pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/chain.pem
pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/clientauth-strict-leaf.test
@@ -2249,6 +2299,14 @@
pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth-strict-leaf.test
pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth-strict.test
pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth.test
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth-extra/any.test
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth-extra/chain.pem
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth-extra/mlsclientauth.test
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/any.test
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/chain.pem
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/clientauth.test
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/mlsclientauth.test
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/serverauth.test
pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-chain.pem
pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-any.test
pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-clientAuth-strict.test
@@ -2465,6 +2523,7 @@
pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth-strict-leaf.test
pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth-strict.test
pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth.test
+ pki/testdata/verify_certificate_chain_unittest/target-eku-any/mlsclientauth.test
pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth-strict-leaf.test
pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth-strict.test
pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth.test
@@ -2479,6 +2538,7 @@
pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth-strict-leaf.test
pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth-strict.test
pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth.test
+ pki/testdata/verify_certificate_chain_unittest/target-eku-many/mlsclientauth.test
pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth-strict-leaf.test
pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth-strict.test
pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth.test
@@ -2487,6 +2547,7 @@
pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth-strict-leaf.test
pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth-strict.test
pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth.test
+ pki/testdata/verify_certificate_chain_unittest/target-eku-none/mlsclientauth.test
pki/testdata/verify_certificate_chain_unittest/target-eku-none/serverauth-strict.test
pki/testdata/verify_certificate_chain_unittest/target-eku-none/serverauth.test
pki/testdata/verify_certificate_chain_unittest/target-has-512bit-rsa-key/chain.pem
diff --git a/src/gen/sources.gni b/src/gen/sources.gni
index 1cc825f..cd760e2 100644
--- a/src/gen/sources.gni
+++ b/src/gen/sources.gni
@@ -29,7 +29,6 @@
"crypto/fipsmodule/aes/key_wrap.cc.inc",
"crypto/fipsmodule/aes/mode_wrappers.cc.inc",
"crypto/fipsmodule/aes/ofb.cc.inc",
- "crypto/fipsmodule/aes/polyval.cc.inc",
"crypto/fipsmodule/bn/add.cc.inc",
"crypto/fipsmodule/bn/asm/x86_64-gcc.cc.inc",
"crypto/fipsmodule/bn/bn.cc.inc",
@@ -79,7 +78,9 @@
"crypto/fipsmodule/hkdf/hkdf.cc.inc",
"crypto/fipsmodule/hmac/hmac.cc.inc",
"crypto/fipsmodule/keccak/keccak.cc.inc",
+ "crypto/fipsmodule/mldsa/fips_known_values.inc",
"crypto/fipsmodule/mldsa/mldsa.cc.inc",
+ "crypto/fipsmodule/mlkem/fips_known_values.inc",
"crypto/fipsmodule/mlkem/mlkem.cc.inc",
"crypto/fipsmodule/rand/ctrdrbg.cc.inc",
"crypto/fipsmodule/rand/rand.cc.inc",
@@ -93,6 +94,7 @@
"crypto/fipsmodule/sha/sha1.cc.inc",
"crypto/fipsmodule/sha/sha256.cc.inc",
"crypto/fipsmodule/sha/sha512.cc.inc",
+ "crypto/fipsmodule/slhdsa/fips_known_values.inc",
"crypto/fipsmodule/slhdsa/fors.cc.inc",
"crypto/fipsmodule/slhdsa/merkle.cc.inc",
"crypto/fipsmodule/slhdsa/slhdsa.cc.inc",
@@ -102,10 +104,10 @@
]
bcm_sources_asm = [
- "gen/bcm/aes-gcm-avx10-x86_64-apple.S",
- "gen/bcm/aes-gcm-avx10-x86_64-linux.S",
"gen/bcm/aes-gcm-avx2-x86_64-apple.S",
"gen/bcm/aes-gcm-avx2-x86_64-linux.S",
+ "gen/bcm/aes-gcm-avx512-x86_64-apple.S",
+ "gen/bcm/aes-gcm-avx512-x86_64-linux.S",
"gen/bcm/aesni-gcm-x86_64-apple.S",
"gen/bcm/aesni-gcm-x86_64-linux.S",
"gen/bcm/aesni-x86-apple.S",
@@ -204,8 +206,8 @@
]
bcm_sources_nasm = [
- "gen/bcm/aes-gcm-avx10-x86_64-win.asm",
"gen/bcm/aes-gcm-avx2-x86_64-win.asm",
+ "gen/bcm/aes-gcm-avx512-x86_64-win.asm",
"gen/bcm/aesni-gcm-x86_64-win.asm",
"gen/bcm/aesni-x86-win.asm",
"gen/bcm/aesni-x86_64-win.asm",
@@ -258,6 +260,7 @@
]
crypto_sources = [
+ "crypto/aes/aes.cc",
"crypto/asn1/a_bitstr.cc",
"crypto/asn1/a_bool.cc",
"crypto/asn1/a_d2i_fp.cc",
@@ -300,6 +303,9 @@
"crypto/blake2/blake2.cc",
"crypto/bn/bn_asn1.cc",
"crypto/bn/convert.cc",
+ "crypto/bn/div.cc",
+ "crypto/bn/exponentiation.cc",
+ "crypto/bn/sqrt.cc",
"crypto/buf/buf.cc",
"crypto/bytestring/asn1_compat.cc",
"crypto/bytestring/ber.cc",
@@ -309,6 +315,7 @@
"crypto/chacha/chacha.cc",
"crypto/cipher/derive_key.cc",
"crypto/cipher/e_aesctrhmac.cc",
+ "crypto/cipher/e_aeseax.cc",
"crypto/cipher/e_aesgcmsiv.cc",
"crypto/cipher/e_chacha20poly1305.cc",
"crypto/cipher/e_des.cc",
@@ -318,6 +325,7 @@
"crypto/cipher/e_tls.cc",
"crypto/cipher/get_cipher.cc",
"crypto/cipher/tls_cbc.cc",
+ "crypto/cms/cms.cc",
"crypto/conf/conf.cc",
"crypto/cpu_aarch64_apple.cc",
"crypto/cpu_aarch64_fuchsia.cc",
@@ -366,6 +374,7 @@
"crypto/evp/sign.cc",
"crypto/ex_data.cc",
"crypto/fipsmodule/fips_shared_support.cc",
+ "crypto/fuzzer_mode.cc",
"crypto/hpke/hpke.cc",
"crypto/hrss/hrss.cc",
"crypto/kyber/kyber.cc",
@@ -519,6 +528,7 @@
"include/openssl/chacha.h",
"include/openssl/cipher.h",
"include/openssl/cmac.h",
+ "include/openssl/cms.h",
"include/openssl/conf.h",
"include/openssl/cpu.h",
"include/openssl/crypto.h",
@@ -642,7 +652,7 @@
"crypto/poly1305/internal.h",
"crypto/pool/internal.h",
"crypto/rand/getrandom_fillin.h",
- "crypto/rand/sysrand_internal.h",
+ "crypto/rand/internal.h",
"crypto/rsa/internal.h",
"crypto/spake2plus/internal.h",
"crypto/trust_token/internal.h",
@@ -704,6 +714,7 @@
"crypto/chacha/chacha_test.cc",
"crypto/cipher/aead_test.cc",
"crypto/cipher/cipher_test.cc",
+ "crypto/cms/cms_test.cc",
"crypto/compiler_test.cc",
"crypto/conf/conf_test.cc",
"crypto/constant_time_test.cc",
@@ -776,6 +787,7 @@
"crypto/cipher/test/aes_128_ccm_bluetooth_tests.txt",
"crypto/cipher/test/aes_128_ccm_matter_tests.txt",
"crypto/cipher/test/aes_128_ctr_hmac_sha256.txt",
+ "crypto/cipher/test/aes_128_eax_test.txt",
"crypto/cipher/test/aes_128_gcm_randnonce_tests.txt",
"crypto/cipher/test/aes_128_gcm_siv_tests.txt",
"crypto/cipher/test/aes_128_gcm_tests.txt",
@@ -783,6 +795,7 @@
"crypto/cipher/test/aes_256_cbc_sha1_tls_implicit_iv_tests.txt",
"crypto/cipher/test/aes_256_cbc_sha1_tls_tests.txt",
"crypto/cipher/test/aes_256_ctr_hmac_sha256.txt",
+ "crypto/cipher/test/aes_256_eax_test.txt",
"crypto/cipher/test/aes_256_gcm_randnonce_tests.txt",
"crypto/cipher/test/aes_256_gcm_siv_tests.txt",
"crypto/cipher/test/aes_256_gcm_tests.txt",
@@ -844,6 +857,15 @@
"crypto/mlkem/mlkem768_keygen_tests.txt",
"crypto/mlkem/mlkem768_nist_decap_tests.txt",
"crypto/mlkem/mlkem768_nist_keygen_tests.txt",
+ "crypto/pkcs7/test/nss.p7c",
+ "crypto/pkcs7/test/openssl_crl.p7c",
+ "crypto/pkcs7/test/sign_cert.pem",
+ "crypto/pkcs7/test/sign_key.pem",
+ "crypto/pkcs7/test/sign_sha1.p7s",
+ "crypto/pkcs7/test/sign_sha1_key_id.p7s",
+ "crypto/pkcs7/test/sign_sha256.p7s",
+ "crypto/pkcs7/test/sign_sha256_key_id.p7s",
+ "crypto/pkcs7/test/windows.p7c",
"crypto/pkcs8/test/bad1.p12",
"crypto/pkcs8/test/bad2.p12",
"crypto/pkcs8/test/bad3.p12",
@@ -952,6 +974,7 @@
"crypto/x509/test/trailing_data_leaf_subject_key_identifier.pem",
"third_party/wycheproof_testvectors/aes_cbc_pkcs5_test.txt",
"third_party/wycheproof_testvectors/aes_cmac_test.txt",
+ "third_party/wycheproof_testvectors/aes_eax_test.txt",
"third_party/wycheproof_testvectors/aes_gcm_siv_test.txt",
"third_party/wycheproof_testvectors/aes_gcm_test.txt",
"third_party/wycheproof_testvectors/chacha20_poly1305_test.txt",
@@ -1070,6 +1093,7 @@
"fuzz/bn_mod_exp.cc",
"fuzz/cert.cc",
"fuzz/client.cc",
+ "fuzz/client_no_fuzzer_mode.cc",
"fuzz/conf.cc",
"fuzz/crl_getcrlstatusforcert_fuzzer.cc",
"fuzz/crl_parse_crl_certificatelist_fuzzer.cc",
@@ -1091,6 +1115,7 @@
"fuzz/privkey.cc",
"fuzz/read_pem.cc",
"fuzz/server.cc",
+ "fuzz/server_no_fuzzer_mode.cc",
"fuzz/session.cc",
"fuzz/spki.cc",
"fuzz/ssl_ctx_api.cc",
@@ -1099,6 +1124,15 @@
"fuzz/verify_name_match_verifynameinsubtree_fuzzer.cc",
]
+modulewrapper_sources = [
+ "util/fipstools/acvp/modulewrapper/main.cc",
+ "util/fipstools/acvp/modulewrapper/modulewrapper.cc",
+]
+
+modulewrapper_internal_headers = [
+ "util/fipstools/acvp/modulewrapper/modulewrapper.h",
+]
+
pki_sources = [
"pki/cert_error_id.cc",
"pki/cert_error_params.cc",
@@ -2197,6 +2231,18 @@
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth-strict-leaf.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/any.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/c2pamanifest.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/c2patimestamp.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/chain.pem",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/clientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/serverauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/any.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/c2pamanifest.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/c2patimestamp.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/chain.pem",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/clientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/serverauth.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/any.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/chain.pem",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/clientauth-strict-leaf.test",
@@ -2205,6 +2251,14 @@
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth-strict-leaf.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth-extra/any.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth-extra/chain.pem",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth-extra/mlsclientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/any.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/chain.pem",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/clientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/mlsclientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/serverauth.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-chain.pem",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-any.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-clientAuth-strict.test",
@@ -2421,6 +2475,7 @@
"pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth-strict-leaf.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/target-eku-any/mlsclientauth.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth-strict-leaf.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth.test",
@@ -2435,6 +2490,7 @@
"pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth-strict-leaf.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/target-eku-many/mlsclientauth.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth-strict-leaf.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth.test",
@@ -2443,6 +2499,7 @@
"pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth-strict-leaf.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/target-eku-none/mlsclientauth.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-none/serverauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-none/serverauth.test",
"pki/testdata/verify_certificate_chain_unittest/target-has-512bit-rsa-key/chain.pem",
diff --git a/src/gen/sources.json b/src/gen/sources.json
index 239b0a8..fb27719 100644
--- a/src/gen/sources.json
+++ b/src/gen/sources.json
@@ -14,7 +14,6 @@
"crypto/fipsmodule/aes/key_wrap.cc.inc",
"crypto/fipsmodule/aes/mode_wrappers.cc.inc",
"crypto/fipsmodule/aes/ofb.cc.inc",
- "crypto/fipsmodule/aes/polyval.cc.inc",
"crypto/fipsmodule/bn/add.cc.inc",
"crypto/fipsmodule/bn/asm/x86_64-gcc.cc.inc",
"crypto/fipsmodule/bn/bn.cc.inc",
@@ -64,7 +63,9 @@
"crypto/fipsmodule/hkdf/hkdf.cc.inc",
"crypto/fipsmodule/hmac/hmac.cc.inc",
"crypto/fipsmodule/keccak/keccak.cc.inc",
+ "crypto/fipsmodule/mldsa/fips_known_values.inc",
"crypto/fipsmodule/mldsa/mldsa.cc.inc",
+ "crypto/fipsmodule/mlkem/fips_known_values.inc",
"crypto/fipsmodule/mlkem/mlkem.cc.inc",
"crypto/fipsmodule/rand/ctrdrbg.cc.inc",
"crypto/fipsmodule/rand/rand.cc.inc",
@@ -78,6 +79,7 @@
"crypto/fipsmodule/sha/sha1.cc.inc",
"crypto/fipsmodule/sha/sha256.cc.inc",
"crypto/fipsmodule/sha/sha512.cc.inc",
+ "crypto/fipsmodule/slhdsa/fips_known_values.inc",
"crypto/fipsmodule/slhdsa/fors.cc.inc",
"crypto/fipsmodule/slhdsa/merkle.cc.inc",
"crypto/fipsmodule/slhdsa/slhdsa.cc.inc",
@@ -86,10 +88,10 @@
"crypto/fipsmodule/tls/kdf.cc.inc"
],
"asm": [
- "gen/bcm/aes-gcm-avx10-x86_64-apple.S",
- "gen/bcm/aes-gcm-avx10-x86_64-linux.S",
"gen/bcm/aes-gcm-avx2-x86_64-apple.S",
"gen/bcm/aes-gcm-avx2-x86_64-linux.S",
+ "gen/bcm/aes-gcm-avx512-x86_64-apple.S",
+ "gen/bcm/aes-gcm-avx512-x86_64-linux.S",
"gen/bcm/aesni-gcm-x86_64-apple.S",
"gen/bcm/aesni-gcm-x86_64-linux.S",
"gen/bcm/aesni-x86-apple.S",
@@ -187,8 +189,8 @@
"third_party/fiat/asm/fiat_p256_adx_sqr.S"
],
"nasm": [
- "gen/bcm/aes-gcm-avx10-x86_64-win.asm",
"gen/bcm/aes-gcm-avx2-x86_64-win.asm",
+ "gen/bcm/aes-gcm-avx512-x86_64-win.asm",
"gen/bcm/aesni-gcm-x86_64-win.asm",
"gen/bcm/aesni-x86-win.asm",
"gen/bcm/aesni-x86_64-win.asm",
@@ -242,6 +244,7 @@
},
"crypto": {
"srcs": [
+ "crypto/aes/aes.cc",
"crypto/asn1/a_bitstr.cc",
"crypto/asn1/a_bool.cc",
"crypto/asn1/a_d2i_fp.cc",
@@ -284,6 +287,9 @@
"crypto/blake2/blake2.cc",
"crypto/bn/bn_asn1.cc",
"crypto/bn/convert.cc",
+ "crypto/bn/div.cc",
+ "crypto/bn/exponentiation.cc",
+ "crypto/bn/sqrt.cc",
"crypto/buf/buf.cc",
"crypto/bytestring/asn1_compat.cc",
"crypto/bytestring/ber.cc",
@@ -293,6 +299,7 @@
"crypto/chacha/chacha.cc",
"crypto/cipher/derive_key.cc",
"crypto/cipher/e_aesctrhmac.cc",
+ "crypto/cipher/e_aeseax.cc",
"crypto/cipher/e_aesgcmsiv.cc",
"crypto/cipher/e_chacha20poly1305.cc",
"crypto/cipher/e_des.cc",
@@ -302,6 +309,7 @@
"crypto/cipher/e_tls.cc",
"crypto/cipher/get_cipher.cc",
"crypto/cipher/tls_cbc.cc",
+ "crypto/cms/cms.cc",
"crypto/conf/conf.cc",
"crypto/cpu_aarch64_apple.cc",
"crypto/cpu_aarch64_fuchsia.cc",
@@ -350,6 +358,7 @@
"crypto/evp/sign.cc",
"crypto/ex_data.cc",
"crypto/fipsmodule/fips_shared_support.cc",
+ "crypto/fuzzer_mode.cc",
"crypto/hpke/hpke.cc",
"crypto/hrss/hrss.cc",
"crypto/kyber/kyber.cc",
@@ -502,6 +511,7 @@
"include/openssl/chacha.h",
"include/openssl/cipher.h",
"include/openssl/cmac.h",
+ "include/openssl/cms.h",
"include/openssl/conf.h",
"include/openssl/cpu.h",
"include/openssl/crypto.h",
@@ -624,7 +634,7 @@
"crypto/poly1305/internal.h",
"crypto/pool/internal.h",
"crypto/rand/getrandom_fillin.h",
- "crypto/rand/sysrand_internal.h",
+ "crypto/rand/internal.h",
"crypto/rsa/internal.h",
"crypto/spake2plus/internal.h",
"crypto/trust_token/internal.h",
@@ -685,6 +695,7 @@
"crypto/chacha/chacha_test.cc",
"crypto/cipher/aead_test.cc",
"crypto/cipher/cipher_test.cc",
+ "crypto/cms/cms_test.cc",
"crypto/compiler_test.cc",
"crypto/conf/conf_test.cc",
"crypto/constant_time_test.cc",
@@ -756,6 +767,7 @@
"crypto/cipher/test/aes_128_ccm_bluetooth_tests.txt",
"crypto/cipher/test/aes_128_ccm_matter_tests.txt",
"crypto/cipher/test/aes_128_ctr_hmac_sha256.txt",
+ "crypto/cipher/test/aes_128_eax_test.txt",
"crypto/cipher/test/aes_128_gcm_randnonce_tests.txt",
"crypto/cipher/test/aes_128_gcm_siv_tests.txt",
"crypto/cipher/test/aes_128_gcm_tests.txt",
@@ -763,6 +775,7 @@
"crypto/cipher/test/aes_256_cbc_sha1_tls_implicit_iv_tests.txt",
"crypto/cipher/test/aes_256_cbc_sha1_tls_tests.txt",
"crypto/cipher/test/aes_256_ctr_hmac_sha256.txt",
+ "crypto/cipher/test/aes_256_eax_test.txt",
"crypto/cipher/test/aes_256_gcm_randnonce_tests.txt",
"crypto/cipher/test/aes_256_gcm_siv_tests.txt",
"crypto/cipher/test/aes_256_gcm_tests.txt",
@@ -824,6 +837,15 @@
"crypto/mlkem/mlkem768_keygen_tests.txt",
"crypto/mlkem/mlkem768_nist_decap_tests.txt",
"crypto/mlkem/mlkem768_nist_keygen_tests.txt",
+ "crypto/pkcs7/test/nss.p7c",
+ "crypto/pkcs7/test/openssl_crl.p7c",
+ "crypto/pkcs7/test/sign_cert.pem",
+ "crypto/pkcs7/test/sign_key.pem",
+ "crypto/pkcs7/test/sign_sha1.p7s",
+ "crypto/pkcs7/test/sign_sha1_key_id.p7s",
+ "crypto/pkcs7/test/sign_sha256.p7s",
+ "crypto/pkcs7/test/sign_sha256_key_id.p7s",
+ "crypto/pkcs7/test/windows.p7c",
"crypto/pkcs8/test/bad1.p12",
"crypto/pkcs8/test/bad2.p12",
"crypto/pkcs8/test/bad3.p12",
@@ -932,6 +954,7 @@
"crypto/x509/test/trailing_data_leaf_subject_key_identifier.pem",
"third_party/wycheproof_testvectors/aes_cbc_pkcs5_test.txt",
"third_party/wycheproof_testvectors/aes_cmac_test.txt",
+ "third_party/wycheproof_testvectors/aes_eax_test.txt",
"third_party/wycheproof_testvectors/aes_gcm_siv_test.txt",
"third_party/wycheproof_testvectors/aes_gcm_test.txt",
"third_party/wycheproof_testvectors/chacha20_poly1305_test.txt",
@@ -1052,6 +1075,7 @@
"fuzz/bn_mod_exp.cc",
"fuzz/cert.cc",
"fuzz/client.cc",
+ "fuzz/client_no_fuzzer_mode.cc",
"fuzz/conf.cc",
"fuzz/crl_getcrlstatusforcert_fuzzer.cc",
"fuzz/crl_parse_crl_certificatelist_fuzzer.cc",
@@ -1073,6 +1097,7 @@
"fuzz/privkey.cc",
"fuzz/read_pem.cc",
"fuzz/server.cc",
+ "fuzz/server_no_fuzzer_mode.cc",
"fuzz/session.cc",
"fuzz/spki.cc",
"fuzz/ssl_ctx_api.cc",
@@ -1081,6 +1106,15 @@
"fuzz/verify_name_match_verifynameinsubtree_fuzzer.cc"
]
},
+ "modulewrapper": {
+ "srcs": [
+ "util/fipstools/acvp/modulewrapper/main.cc",
+ "util/fipstools/acvp/modulewrapper/modulewrapper.cc"
+ ],
+ "internal_hdrs": [
+ "util/fipstools/acvp/modulewrapper/modulewrapper.h"
+ ]
+ },
"pki": {
"srcs": [
"pki/cert_error_id.cc",
@@ -2178,6 +2212,18 @@
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth-strict-leaf.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/any.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/c2pamanifest.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/c2patimestamp.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/chain.pem",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/clientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/serverauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/any.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/c2pamanifest.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/c2patimestamp.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/chain.pem",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/clientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/serverauth.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/any.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/chain.pem",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/clientauth-strict-leaf.test",
@@ -2186,6 +2232,14 @@
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth-strict-leaf.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth-extra/any.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth-extra/chain.pem",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth-extra/mlsclientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/any.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/chain.pem",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/clientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/mlsclientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/serverauth.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-chain.pem",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-any.test",
"pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-clientAuth-strict.test",
@@ -2402,6 +2456,7 @@
"pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth-strict-leaf.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/target-eku-any/mlsclientauth.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth-strict-leaf.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth.test",
@@ -2416,6 +2471,7 @@
"pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth-strict-leaf.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/target-eku-many/mlsclientauth.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth-strict-leaf.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth.test",
@@ -2424,6 +2480,7 @@
"pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth-strict-leaf.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth.test",
+ "pki/testdata/verify_certificate_chain_unittest/target-eku-none/mlsclientauth.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-none/serverauth-strict.test",
"pki/testdata/verify_certificate_chain_unittest/target-eku-none/serverauth.test",
"pki/testdata/verify_certificate_chain_unittest/target-has-512bit-rsa-key/chain.pem",
diff --git a/src/gen/sources.mk b/src/gen/sources.mk
new file mode 100644
index 0000000..b6888fa
--- /dev/null
+++ b/src/gen/sources.mk
@@ -0,0 +1,2806 @@
+# Copyright 2024 The BoringSSL Authors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Generated by go ./util/pregenerate. Do not edit manually.
+
+boringssl_bcm_sources := \
+ crypto/fipsmodule/bcm.cc
+
+boringssl_bcm_internal_headers := \
+ crypto/fipsmodule/aes/aes.cc.inc \
+ crypto/fipsmodule/aes/aes_nohw.cc.inc \
+ crypto/fipsmodule/aes/cbc.cc.inc \
+ crypto/fipsmodule/aes/cfb.cc.inc \
+ crypto/fipsmodule/aes/ctr.cc.inc \
+ crypto/fipsmodule/aes/gcm.cc.inc \
+ crypto/fipsmodule/aes/gcm_nohw.cc.inc \
+ crypto/fipsmodule/aes/key_wrap.cc.inc \
+ crypto/fipsmodule/aes/mode_wrappers.cc.inc \
+ crypto/fipsmodule/aes/ofb.cc.inc \
+ crypto/fipsmodule/bn/add.cc.inc \
+ crypto/fipsmodule/bn/asm/x86_64-gcc.cc.inc \
+ crypto/fipsmodule/bn/bn.cc.inc \
+ crypto/fipsmodule/bn/bytes.cc.inc \
+ crypto/fipsmodule/bn/cmp.cc.inc \
+ crypto/fipsmodule/bn/ctx.cc.inc \
+ crypto/fipsmodule/bn/div.cc.inc \
+ crypto/fipsmodule/bn/div_extra.cc.inc \
+ crypto/fipsmodule/bn/exponentiation.cc.inc \
+ crypto/fipsmodule/bn/gcd.cc.inc \
+ crypto/fipsmodule/bn/gcd_extra.cc.inc \
+ crypto/fipsmodule/bn/generic.cc.inc \
+ crypto/fipsmodule/bn/jacobi.cc.inc \
+ crypto/fipsmodule/bn/montgomery.cc.inc \
+ crypto/fipsmodule/bn/montgomery_inv.cc.inc \
+ crypto/fipsmodule/bn/mul.cc.inc \
+ crypto/fipsmodule/bn/prime.cc.inc \
+ crypto/fipsmodule/bn/random.cc.inc \
+ crypto/fipsmodule/bn/rsaz_exp.cc.inc \
+ crypto/fipsmodule/bn/shift.cc.inc \
+ crypto/fipsmodule/bn/sqrt.cc.inc \
+ crypto/fipsmodule/cipher/aead.cc.inc \
+ crypto/fipsmodule/cipher/cipher.cc.inc \
+ crypto/fipsmodule/cipher/e_aes.cc.inc \
+ crypto/fipsmodule/cipher/e_aesccm.cc.inc \
+ crypto/fipsmodule/cmac/cmac.cc.inc \
+ crypto/fipsmodule/dh/check.cc.inc \
+ crypto/fipsmodule/dh/dh.cc.inc \
+ crypto/fipsmodule/digest/digest.cc.inc \
+ crypto/fipsmodule/digest/digests.cc.inc \
+ crypto/fipsmodule/digestsign/digestsign.cc.inc \
+ crypto/fipsmodule/ec/ec.cc.inc \
+ crypto/fipsmodule/ec/ec_key.cc.inc \
+ crypto/fipsmodule/ec/ec_montgomery.cc.inc \
+ crypto/fipsmodule/ec/felem.cc.inc \
+ crypto/fipsmodule/ec/oct.cc.inc \
+ crypto/fipsmodule/ec/p224-64.cc.inc \
+ crypto/fipsmodule/ec/p256-nistz.cc.inc \
+ crypto/fipsmodule/ec/p256.cc.inc \
+ crypto/fipsmodule/ec/scalar.cc.inc \
+ crypto/fipsmodule/ec/simple.cc.inc \
+ crypto/fipsmodule/ec/simple_mul.cc.inc \
+ crypto/fipsmodule/ec/util.cc.inc \
+ crypto/fipsmodule/ec/wnaf.cc.inc \
+ crypto/fipsmodule/ecdh/ecdh.cc.inc \
+ crypto/fipsmodule/ecdsa/ecdsa.cc.inc \
+ crypto/fipsmodule/hkdf/hkdf.cc.inc \
+ crypto/fipsmodule/hmac/hmac.cc.inc \
+ crypto/fipsmodule/keccak/keccak.cc.inc \
+ crypto/fipsmodule/mldsa/fips_known_values.inc \
+ crypto/fipsmodule/mldsa/mldsa.cc.inc \
+ crypto/fipsmodule/mlkem/fips_known_values.inc \
+ crypto/fipsmodule/mlkem/mlkem.cc.inc \
+ crypto/fipsmodule/rand/ctrdrbg.cc.inc \
+ crypto/fipsmodule/rand/rand.cc.inc \
+ crypto/fipsmodule/rsa/blinding.cc.inc \
+ crypto/fipsmodule/rsa/padding.cc.inc \
+ crypto/fipsmodule/rsa/rsa.cc.inc \
+ crypto/fipsmodule/rsa/rsa_impl.cc.inc \
+ crypto/fipsmodule/self_check/fips.cc.inc \
+ crypto/fipsmodule/self_check/self_check.cc.inc \
+ crypto/fipsmodule/service_indicator/service_indicator.cc.inc \
+ crypto/fipsmodule/sha/sha1.cc.inc \
+ crypto/fipsmodule/sha/sha256.cc.inc \
+ crypto/fipsmodule/sha/sha512.cc.inc \
+ crypto/fipsmodule/slhdsa/fips_known_values.inc \
+ crypto/fipsmodule/slhdsa/fors.cc.inc \
+ crypto/fipsmodule/slhdsa/merkle.cc.inc \
+ crypto/fipsmodule/slhdsa/slhdsa.cc.inc \
+ crypto/fipsmodule/slhdsa/thash.cc.inc \
+ crypto/fipsmodule/slhdsa/wots.cc.inc \
+ crypto/fipsmodule/tls/kdf.cc.inc
+
+boringssl_bcm_sources_asm := \
+ gen/bcm/aes-gcm-avx2-x86_64-apple.S \
+ gen/bcm/aes-gcm-avx2-x86_64-linux.S \
+ gen/bcm/aes-gcm-avx512-x86_64-apple.S \
+ gen/bcm/aes-gcm-avx512-x86_64-linux.S \
+ gen/bcm/aesni-gcm-x86_64-apple.S \
+ gen/bcm/aesni-gcm-x86_64-linux.S \
+ gen/bcm/aesni-x86-apple.S \
+ gen/bcm/aesni-x86-linux.S \
+ gen/bcm/aesni-x86_64-apple.S \
+ gen/bcm/aesni-x86_64-linux.S \
+ gen/bcm/aesv8-armv7-linux.S \
+ gen/bcm/aesv8-armv8-apple.S \
+ gen/bcm/aesv8-armv8-linux.S \
+ gen/bcm/aesv8-armv8-win.S \
+ gen/bcm/aesv8-gcm-armv8-apple.S \
+ gen/bcm/aesv8-gcm-armv8-linux.S \
+ gen/bcm/aesv8-gcm-armv8-win.S \
+ gen/bcm/armv4-mont-linux.S \
+ gen/bcm/armv8-mont-apple.S \
+ gen/bcm/armv8-mont-linux.S \
+ gen/bcm/armv8-mont-win.S \
+ gen/bcm/bn-586-apple.S \
+ gen/bcm/bn-586-linux.S \
+ gen/bcm/bn-armv8-apple.S \
+ gen/bcm/bn-armv8-linux.S \
+ gen/bcm/bn-armv8-win.S \
+ gen/bcm/bsaes-armv7-linux.S \
+ gen/bcm/co-586-apple.S \
+ gen/bcm/co-586-linux.S \
+ gen/bcm/ghash-armv4-linux.S \
+ gen/bcm/ghash-neon-armv8-apple.S \
+ gen/bcm/ghash-neon-armv8-linux.S \
+ gen/bcm/ghash-neon-armv8-win.S \
+ gen/bcm/ghash-ssse3-x86-apple.S \
+ gen/bcm/ghash-ssse3-x86-linux.S \
+ gen/bcm/ghash-ssse3-x86_64-apple.S \
+ gen/bcm/ghash-ssse3-x86_64-linux.S \
+ gen/bcm/ghash-x86-apple.S \
+ gen/bcm/ghash-x86-linux.S \
+ gen/bcm/ghash-x86_64-apple.S \
+ gen/bcm/ghash-x86_64-linux.S \
+ gen/bcm/ghashv8-armv7-linux.S \
+ gen/bcm/ghashv8-armv8-apple.S \
+ gen/bcm/ghashv8-armv8-linux.S \
+ gen/bcm/ghashv8-armv8-win.S \
+ gen/bcm/p256-armv8-asm-apple.S \
+ gen/bcm/p256-armv8-asm-linux.S \
+ gen/bcm/p256-armv8-asm-win.S \
+ gen/bcm/p256-x86_64-asm-apple.S \
+ gen/bcm/p256-x86_64-asm-linux.S \
+ gen/bcm/p256_beeu-armv8-asm-apple.S \
+ gen/bcm/p256_beeu-armv8-asm-linux.S \
+ gen/bcm/p256_beeu-armv8-asm-win.S \
+ gen/bcm/p256_beeu-x86_64-asm-apple.S \
+ gen/bcm/p256_beeu-x86_64-asm-linux.S \
+ gen/bcm/rdrand-x86_64-apple.S \
+ gen/bcm/rdrand-x86_64-linux.S \
+ gen/bcm/rsaz-avx2-apple.S \
+ gen/bcm/rsaz-avx2-linux.S \
+ gen/bcm/sha1-586-apple.S \
+ gen/bcm/sha1-586-linux.S \
+ gen/bcm/sha1-armv4-large-linux.S \
+ gen/bcm/sha1-armv8-apple.S \
+ gen/bcm/sha1-armv8-linux.S \
+ gen/bcm/sha1-armv8-win.S \
+ gen/bcm/sha1-x86_64-apple.S \
+ gen/bcm/sha1-x86_64-linux.S \
+ gen/bcm/sha256-586-apple.S \
+ gen/bcm/sha256-586-linux.S \
+ gen/bcm/sha256-armv4-linux.S \
+ gen/bcm/sha256-armv8-apple.S \
+ gen/bcm/sha256-armv8-linux.S \
+ gen/bcm/sha256-armv8-win.S \
+ gen/bcm/sha256-x86_64-apple.S \
+ gen/bcm/sha256-x86_64-linux.S \
+ gen/bcm/sha512-586-apple.S \
+ gen/bcm/sha512-586-linux.S \
+ gen/bcm/sha512-armv4-linux.S \
+ gen/bcm/sha512-armv8-apple.S \
+ gen/bcm/sha512-armv8-linux.S \
+ gen/bcm/sha512-armv8-win.S \
+ gen/bcm/sha512-x86_64-apple.S \
+ gen/bcm/sha512-x86_64-linux.S \
+ gen/bcm/vpaes-armv7-linux.S \
+ gen/bcm/vpaes-armv8-apple.S \
+ gen/bcm/vpaes-armv8-linux.S \
+ gen/bcm/vpaes-armv8-win.S \
+ gen/bcm/vpaes-x86-apple.S \
+ gen/bcm/vpaes-x86-linux.S \
+ gen/bcm/vpaes-x86_64-apple.S \
+ gen/bcm/vpaes-x86_64-linux.S \
+ gen/bcm/x86-mont-apple.S \
+ gen/bcm/x86-mont-linux.S \
+ gen/bcm/x86_64-mont-apple.S \
+ gen/bcm/x86_64-mont-linux.S \
+ gen/bcm/x86_64-mont5-apple.S \
+ gen/bcm/x86_64-mont5-linux.S \
+ third_party/fiat/asm/fiat_p256_adx_mul.S \
+ third_party/fiat/asm/fiat_p256_adx_sqr.S
+
+boringssl_bcm_sources_nasm := \
+ gen/bcm/aes-gcm-avx2-x86_64-win.asm \
+ gen/bcm/aes-gcm-avx512-x86_64-win.asm \
+ gen/bcm/aesni-gcm-x86_64-win.asm \
+ gen/bcm/aesni-x86-win.asm \
+ gen/bcm/aesni-x86_64-win.asm \
+ gen/bcm/bn-586-win.asm \
+ gen/bcm/co-586-win.asm \
+ gen/bcm/ghash-ssse3-x86-win.asm \
+ gen/bcm/ghash-ssse3-x86_64-win.asm \
+ gen/bcm/ghash-x86-win.asm \
+ gen/bcm/ghash-x86_64-win.asm \
+ gen/bcm/p256-x86_64-asm-win.asm \
+ gen/bcm/p256_beeu-x86_64-asm-win.asm \
+ gen/bcm/rdrand-x86_64-win.asm \
+ gen/bcm/rsaz-avx2-win.asm \
+ gen/bcm/sha1-586-win.asm \
+ gen/bcm/sha1-x86_64-win.asm \
+ gen/bcm/sha256-586-win.asm \
+ gen/bcm/sha256-x86_64-win.asm \
+ gen/bcm/sha512-586-win.asm \
+ gen/bcm/sha512-x86_64-win.asm \
+ gen/bcm/vpaes-x86-win.asm \
+ gen/bcm/vpaes-x86_64-win.asm \
+ gen/bcm/x86-mont-win.asm \
+ gen/bcm/x86_64-mont-win.asm \
+ gen/bcm/x86_64-mont5-win.asm
+
+boringssl_bssl_sources := \
+ tool/args.cc \
+ tool/ciphers.cc \
+ tool/client.cc \
+ tool/const.cc \
+ tool/digest.cc \
+ tool/fd.cc \
+ tool/file.cc \
+ tool/generate_ech.cc \
+ tool/generate_ed25519.cc \
+ tool/genrsa.cc \
+ tool/pkcs12.cc \
+ tool/rand.cc \
+ tool/server.cc \
+ tool/sign.cc \
+ tool/speed.cc \
+ tool/tool.cc \
+ tool/transport_common.cc
+
+boringssl_bssl_internal_headers := \
+ tool/internal.h \
+ tool/transport_common.h
+
+boringssl_crypto_sources := \
+ crypto/aes/aes.cc \
+ crypto/asn1/a_bitstr.cc \
+ crypto/asn1/a_bool.cc \
+ crypto/asn1/a_d2i_fp.cc \
+ crypto/asn1/a_dup.cc \
+ crypto/asn1/a_gentm.cc \
+ crypto/asn1/a_i2d_fp.cc \
+ crypto/asn1/a_int.cc \
+ crypto/asn1/a_mbstr.cc \
+ crypto/asn1/a_object.cc \
+ crypto/asn1/a_octet.cc \
+ crypto/asn1/a_strex.cc \
+ crypto/asn1/a_strnid.cc \
+ crypto/asn1/a_time.cc \
+ crypto/asn1/a_type.cc \
+ crypto/asn1/a_utctm.cc \
+ crypto/asn1/asn1_lib.cc \
+ crypto/asn1/asn1_par.cc \
+ crypto/asn1/asn_pack.cc \
+ crypto/asn1/f_int.cc \
+ crypto/asn1/f_string.cc \
+ crypto/asn1/posix_time.cc \
+ crypto/asn1/tasn_dec.cc \
+ crypto/asn1/tasn_enc.cc \
+ crypto/asn1/tasn_fre.cc \
+ crypto/asn1/tasn_new.cc \
+ crypto/asn1/tasn_typ.cc \
+ crypto/asn1/tasn_utl.cc \
+ crypto/base64/base64.cc \
+ crypto/bio/bio.cc \
+ crypto/bio/bio_mem.cc \
+ crypto/bio/connect.cc \
+ crypto/bio/errno.cc \
+ crypto/bio/fd.cc \
+ crypto/bio/file.cc \
+ crypto/bio/hexdump.cc \
+ crypto/bio/pair.cc \
+ crypto/bio/printf.cc \
+ crypto/bio/socket.cc \
+ crypto/bio/socket_helper.cc \
+ crypto/blake2/blake2.cc \
+ crypto/bn/bn_asn1.cc \
+ crypto/bn/convert.cc \
+ crypto/bn/div.cc \
+ crypto/bn/exponentiation.cc \
+ crypto/bn/sqrt.cc \
+ crypto/buf/buf.cc \
+ crypto/bytestring/asn1_compat.cc \
+ crypto/bytestring/ber.cc \
+ crypto/bytestring/cbb.cc \
+ crypto/bytestring/cbs.cc \
+ crypto/bytestring/unicode.cc \
+ crypto/chacha/chacha.cc \
+ crypto/cipher/derive_key.cc \
+ crypto/cipher/e_aesctrhmac.cc \
+ crypto/cipher/e_aeseax.cc \
+ crypto/cipher/e_aesgcmsiv.cc \
+ crypto/cipher/e_chacha20poly1305.cc \
+ crypto/cipher/e_des.cc \
+ crypto/cipher/e_null.cc \
+ crypto/cipher/e_rc2.cc \
+ crypto/cipher/e_rc4.cc \
+ crypto/cipher/e_tls.cc \
+ crypto/cipher/get_cipher.cc \
+ crypto/cipher/tls_cbc.cc \
+ crypto/cms/cms.cc \
+ crypto/conf/conf.cc \
+ crypto/cpu_aarch64_apple.cc \
+ crypto/cpu_aarch64_fuchsia.cc \
+ crypto/cpu_aarch64_linux.cc \
+ crypto/cpu_aarch64_openbsd.cc \
+ crypto/cpu_aarch64_sysreg.cc \
+ crypto/cpu_aarch64_win.cc \
+ crypto/cpu_arm_freebsd.cc \
+ crypto/cpu_arm_linux.cc \
+ crypto/cpu_intel.cc \
+ crypto/crypto.cc \
+ crypto/curve25519/curve25519.cc \
+ crypto/curve25519/curve25519_64_adx.cc \
+ crypto/curve25519/spake25519.cc \
+ crypto/des/des.cc \
+ crypto/dh/dh_asn1.cc \
+ crypto/dh/params.cc \
+ crypto/digest/digest_extra.cc \
+ crypto/dsa/dsa.cc \
+ crypto/dsa/dsa_asn1.cc \
+ crypto/ec/ec_asn1.cc \
+ crypto/ec/ec_derive.cc \
+ crypto/ec/hash_to_curve.cc \
+ crypto/ecdh/ecdh.cc \
+ crypto/ecdsa/ecdsa_asn1.cc \
+ crypto/engine/engine.cc \
+ crypto/err/err.cc \
+ crypto/evp/evp.cc \
+ crypto/evp/evp_asn1.cc \
+ crypto/evp/evp_ctx.cc \
+ crypto/evp/p_dh.cc \
+ crypto/evp/p_dh_asn1.cc \
+ crypto/evp/p_dsa_asn1.cc \
+ crypto/evp/p_ec.cc \
+ crypto/evp/p_ec_asn1.cc \
+ crypto/evp/p_ed25519.cc \
+ crypto/evp/p_ed25519_asn1.cc \
+ crypto/evp/p_hkdf.cc \
+ crypto/evp/p_rsa.cc \
+ crypto/evp/p_rsa_asn1.cc \
+ crypto/evp/p_x25519.cc \
+ crypto/evp/p_x25519_asn1.cc \
+ crypto/evp/pbkdf.cc \
+ crypto/evp/print.cc \
+ crypto/evp/scrypt.cc \
+ crypto/evp/sign.cc \
+ crypto/ex_data.cc \
+ crypto/fipsmodule/fips_shared_support.cc \
+ crypto/fuzzer_mode.cc \
+ crypto/hpke/hpke.cc \
+ crypto/hrss/hrss.cc \
+ crypto/kyber/kyber.cc \
+ crypto/lhash/lhash.cc \
+ crypto/md4/md4.cc \
+ crypto/md5/md5.cc \
+ crypto/mem.cc \
+ crypto/mldsa/mldsa.cc \
+ crypto/mlkem/mlkem.cc \
+ crypto/obj/obj.cc \
+ crypto/obj/obj_xref.cc \
+ crypto/pem/pem_all.cc \
+ crypto/pem/pem_info.cc \
+ crypto/pem/pem_lib.cc \
+ crypto/pem/pem_oth.cc \
+ crypto/pem/pem_pk8.cc \
+ crypto/pem/pem_pkey.cc \
+ crypto/pem/pem_x509.cc \
+ crypto/pem/pem_xaux.cc \
+ crypto/pkcs7/pkcs7.cc \
+ crypto/pkcs7/pkcs7_x509.cc \
+ crypto/pkcs8/p5_pbev2.cc \
+ crypto/pkcs8/pkcs8.cc \
+ crypto/pkcs8/pkcs8_x509.cc \
+ crypto/poly1305/poly1305.cc \
+ crypto/poly1305/poly1305_arm.cc \
+ crypto/poly1305/poly1305_vec.cc \
+ crypto/pool/pool.cc \
+ crypto/rand/deterministic.cc \
+ crypto/rand/fork_detect.cc \
+ crypto/rand/forkunsafe.cc \
+ crypto/rand/getentropy.cc \
+ crypto/rand/ios.cc \
+ crypto/rand/passive.cc \
+ crypto/rand/rand.cc \
+ crypto/rand/trusty.cc \
+ crypto/rand/urandom.cc \
+ crypto/rand/windows.cc \
+ crypto/rc4/rc4.cc \
+ crypto/refcount.cc \
+ crypto/rsa/rsa_asn1.cc \
+ crypto/rsa/rsa_crypt.cc \
+ crypto/rsa/rsa_extra.cc \
+ crypto/rsa/rsa_print.cc \
+ crypto/sha/sha1.cc \
+ crypto/sha/sha256.cc \
+ crypto/sha/sha512.cc \
+ crypto/siphash/siphash.cc \
+ crypto/slhdsa/slhdsa.cc \
+ crypto/spake2plus/spake2plus.cc \
+ crypto/stack/stack.cc \
+ crypto/thread.cc \
+ crypto/thread_none.cc \
+ crypto/thread_pthread.cc \
+ crypto/thread_win.cc \
+ crypto/trust_token/pmbtoken.cc \
+ crypto/trust_token/trust_token.cc \
+ crypto/trust_token/voprf.cc \
+ crypto/x509/a_digest.cc \
+ crypto/x509/a_sign.cc \
+ crypto/x509/a_verify.cc \
+ crypto/x509/algorithm.cc \
+ crypto/x509/asn1_gen.cc \
+ crypto/x509/by_dir.cc \
+ crypto/x509/by_file.cc \
+ crypto/x509/i2d_pr.cc \
+ crypto/x509/name_print.cc \
+ crypto/x509/policy.cc \
+ crypto/x509/rsa_pss.cc \
+ crypto/x509/t_crl.cc \
+ crypto/x509/t_req.cc \
+ crypto/x509/t_x509.cc \
+ crypto/x509/t_x509a.cc \
+ crypto/x509/v3_akey.cc \
+ crypto/x509/v3_akeya.cc \
+ crypto/x509/v3_alt.cc \
+ crypto/x509/v3_bcons.cc \
+ crypto/x509/v3_bitst.cc \
+ crypto/x509/v3_conf.cc \
+ crypto/x509/v3_cpols.cc \
+ crypto/x509/v3_crld.cc \
+ crypto/x509/v3_enum.cc \
+ crypto/x509/v3_extku.cc \
+ crypto/x509/v3_genn.cc \
+ crypto/x509/v3_ia5.cc \
+ crypto/x509/v3_info.cc \
+ crypto/x509/v3_int.cc \
+ crypto/x509/v3_lib.cc \
+ crypto/x509/v3_ncons.cc \
+ crypto/x509/v3_ocsp.cc \
+ crypto/x509/v3_pcons.cc \
+ crypto/x509/v3_pmaps.cc \
+ crypto/x509/v3_prn.cc \
+ crypto/x509/v3_purp.cc \
+ crypto/x509/v3_skey.cc \
+ crypto/x509/v3_utl.cc \
+ crypto/x509/x509.cc \
+ crypto/x509/x509_att.cc \
+ crypto/x509/x509_cmp.cc \
+ crypto/x509/x509_d2.cc \
+ crypto/x509/x509_def.cc \
+ crypto/x509/x509_ext.cc \
+ crypto/x509/x509_lu.cc \
+ crypto/x509/x509_obj.cc \
+ crypto/x509/x509_req.cc \
+ crypto/x509/x509_set.cc \
+ crypto/x509/x509_trs.cc \
+ crypto/x509/x509_txt.cc \
+ crypto/x509/x509_v3.cc \
+ crypto/x509/x509_vfy.cc \
+ crypto/x509/x509_vpm.cc \
+ crypto/x509/x509cset.cc \
+ crypto/x509/x509name.cc \
+ crypto/x509/x509rset.cc \
+ crypto/x509/x509spki.cc \
+ crypto/x509/x_algor.cc \
+ crypto/x509/x_all.cc \
+ crypto/x509/x_attrib.cc \
+ crypto/x509/x_crl.cc \
+ crypto/x509/x_exten.cc \
+ crypto/x509/x_name.cc \
+ crypto/x509/x_pubkey.cc \
+ crypto/x509/x_req.cc \
+ crypto/x509/x_sig.cc \
+ crypto/x509/x_spki.cc \
+ crypto/x509/x_val.cc \
+ crypto/x509/x_x509.cc \
+ crypto/x509/x_x509a.cc \
+ gen/crypto/err_data.cc
+
+boringssl_crypto_headers := \
+ include/openssl/aead.h \
+ include/openssl/aes.h \
+ include/openssl/arm_arch.h \
+ include/openssl/asm_base.h \
+ include/openssl/asn1.h \
+ include/openssl/asn1_mac.h \
+ include/openssl/asn1t.h \
+ include/openssl/base.h \
+ include/openssl/base64.h \
+ include/openssl/bcm_public.h \
+ include/openssl/bio.h \
+ include/openssl/blake2.h \
+ include/openssl/blowfish.h \
+ include/openssl/bn.h \
+ include/openssl/buf.h \
+ include/openssl/buffer.h \
+ include/openssl/bytestring.h \
+ include/openssl/cast.h \
+ include/openssl/chacha.h \
+ include/openssl/cipher.h \
+ include/openssl/cmac.h \
+ include/openssl/cms.h \
+ include/openssl/conf.h \
+ include/openssl/cpu.h \
+ include/openssl/crypto.h \
+ include/openssl/ctrdrbg.h \
+ include/openssl/curve25519.h \
+ include/openssl/des.h \
+ include/openssl/dh.h \
+ include/openssl/digest.h \
+ include/openssl/dsa.h \
+ include/openssl/e_os2.h \
+ include/openssl/ec.h \
+ include/openssl/ec_key.h \
+ include/openssl/ecdh.h \
+ include/openssl/ecdsa.h \
+ include/openssl/engine.h \
+ include/openssl/err.h \
+ include/openssl/evp.h \
+ include/openssl/evp_errors.h \
+ include/openssl/ex_data.h \
+ include/openssl/experimental/kyber.h \
+ include/openssl/hkdf.h \
+ include/openssl/hmac.h \
+ include/openssl/hpke.h \
+ include/openssl/hrss.h \
+ include/openssl/is_boringssl.h \
+ include/openssl/kdf.h \
+ include/openssl/lhash.h \
+ include/openssl/md4.h \
+ include/openssl/md5.h \
+ include/openssl/mem.h \
+ include/openssl/mldsa.h \
+ include/openssl/mlkem.h \
+ include/openssl/nid.h \
+ include/openssl/obj.h \
+ include/openssl/obj_mac.h \
+ include/openssl/objects.h \
+ include/openssl/opensslconf.h \
+ include/openssl/opensslv.h \
+ include/openssl/ossl_typ.h \
+ include/openssl/pem.h \
+ include/openssl/pkcs12.h \
+ include/openssl/pkcs7.h \
+ include/openssl/pkcs8.h \
+ include/openssl/poly1305.h \
+ include/openssl/pool.h \
+ include/openssl/posix_time.h \
+ include/openssl/rand.h \
+ include/openssl/rc4.h \
+ include/openssl/ripemd.h \
+ include/openssl/rsa.h \
+ include/openssl/safestack.h \
+ include/openssl/service_indicator.h \
+ include/openssl/sha.h \
+ include/openssl/siphash.h \
+ include/openssl/slhdsa.h \
+ include/openssl/span.h \
+ include/openssl/stack.h \
+ include/openssl/target.h \
+ include/openssl/thread.h \
+ include/openssl/time.h \
+ include/openssl/trust_token.h \
+ include/openssl/type_check.h \
+ include/openssl/x509.h \
+ include/openssl/x509_vfy.h \
+ include/openssl/x509v3.h \
+ include/openssl/x509v3_errors.h
+
+boringssl_crypto_internal_headers := \
+ crypto/asn1/internal.h \
+ crypto/bcm_support.h \
+ crypto/bio/internal.h \
+ crypto/bytestring/internal.h \
+ crypto/chacha/internal.h \
+ crypto/cipher/internal.h \
+ crypto/conf/internal.h \
+ crypto/cpu_arm_linux.h \
+ crypto/curve25519/curve25519_tables.h \
+ crypto/curve25519/internal.h \
+ crypto/des/internal.h \
+ crypto/dsa/internal.h \
+ crypto/ec/internal.h \
+ crypto/err/internal.h \
+ crypto/evp/internal.h \
+ crypto/fipsmodule/aes/internal.h \
+ crypto/fipsmodule/bcm_interface.h \
+ crypto/fipsmodule/bn/internal.h \
+ crypto/fipsmodule/bn/rsaz_exp.h \
+ crypto/fipsmodule/cipher/internal.h \
+ crypto/fipsmodule/delocate.h \
+ crypto/fipsmodule/dh/internal.h \
+ crypto/fipsmodule/digest/internal.h \
+ crypto/fipsmodule/digest/md32_common.h \
+ crypto/fipsmodule/ec/builtin_curves.h \
+ crypto/fipsmodule/ec/internal.h \
+ crypto/fipsmodule/ec/p256-nistz-table.h \
+ crypto/fipsmodule/ec/p256-nistz.h \
+ crypto/fipsmodule/ec/p256_table.h \
+ crypto/fipsmodule/ecdsa/internal.h \
+ crypto/fipsmodule/keccak/internal.h \
+ crypto/fipsmodule/rand/internal.h \
+ crypto/fipsmodule/rsa/internal.h \
+ crypto/fipsmodule/service_indicator/internal.h \
+ crypto/fipsmodule/sha/internal.h \
+ crypto/fipsmodule/slhdsa/address.h \
+ crypto/fipsmodule/slhdsa/fors.h \
+ crypto/fipsmodule/slhdsa/merkle.h \
+ crypto/fipsmodule/slhdsa/params.h \
+ crypto/fipsmodule/slhdsa/thash.h \
+ crypto/fipsmodule/slhdsa/wots.h \
+ crypto/fipsmodule/tls/internal.h \
+ crypto/hrss/internal.h \
+ crypto/internal.h \
+ crypto/kyber/internal.h \
+ crypto/lhash/internal.h \
+ crypto/md5/internal.h \
+ crypto/obj/obj_dat.h \
+ crypto/pem/internal.h \
+ crypto/pkcs7/internal.h \
+ crypto/pkcs8/internal.h \
+ crypto/poly1305/internal.h \
+ crypto/pool/internal.h \
+ crypto/rand/getrandom_fillin.h \
+ crypto/rand/internal.h \
+ crypto/rsa/internal.h \
+ crypto/spake2plus/internal.h \
+ crypto/trust_token/internal.h \
+ crypto/x509/ext_dat.h \
+ crypto/x509/internal.h \
+ third_party/fiat/curve25519_32.h \
+ third_party/fiat/curve25519_64.h \
+ third_party/fiat/curve25519_64_adx.h \
+ third_party/fiat/curve25519_64_msvc.h \
+ third_party/fiat/p256_32.h \
+ third_party/fiat/p256_64.h \
+ third_party/fiat/p256_64_msvc.h
+
+boringssl_crypto_sources_asm := \
+ crypto/curve25519/asm/x25519-asm-arm.S \
+ crypto/hrss/asm/poly_rq_mul.S \
+ crypto/poly1305/poly1305_arm_asm.S \
+ gen/crypto/aes128gcmsiv-x86_64-apple.S \
+ gen/crypto/aes128gcmsiv-x86_64-linux.S \
+ gen/crypto/chacha-armv4-linux.S \
+ gen/crypto/chacha-armv8-apple.S \
+ gen/crypto/chacha-armv8-linux.S \
+ gen/crypto/chacha-armv8-win.S \
+ gen/crypto/chacha-x86-apple.S \
+ gen/crypto/chacha-x86-linux.S \
+ gen/crypto/chacha-x86_64-apple.S \
+ gen/crypto/chacha-x86_64-linux.S \
+ gen/crypto/chacha20_poly1305_armv8-apple.S \
+ gen/crypto/chacha20_poly1305_armv8-linux.S \
+ gen/crypto/chacha20_poly1305_armv8-win.S \
+ gen/crypto/chacha20_poly1305_x86_64-apple.S \
+ gen/crypto/chacha20_poly1305_x86_64-linux.S \
+ gen/crypto/md5-586-apple.S \
+ gen/crypto/md5-586-linux.S \
+ gen/crypto/md5-x86_64-apple.S \
+ gen/crypto/md5-x86_64-linux.S \
+ third_party/fiat/asm/fiat_curve25519_adx_mul.S \
+ third_party/fiat/asm/fiat_curve25519_adx_square.S
+
+boringssl_crypto_sources_nasm := \
+ gen/crypto/aes128gcmsiv-x86_64-win.asm \
+ gen/crypto/chacha-x86-win.asm \
+ gen/crypto/chacha-x86_64-win.asm \
+ gen/crypto/chacha20_poly1305_x86_64-win.asm \
+ gen/crypto/md5-586-win.asm \
+ gen/crypto/md5-x86_64-win.asm
+
+boringssl_crypto_test_sources := \
+ crypto/abi_self_test.cc \
+ crypto/asn1/asn1_test.cc \
+ crypto/base64/base64_test.cc \
+ crypto/bio/bio_test.cc \
+ crypto/blake2/blake2_test.cc \
+ crypto/buf/buf_test.cc \
+ crypto/bytestring/bytestring_test.cc \
+ crypto/chacha/chacha_test.cc \
+ crypto/cipher/aead_test.cc \
+ crypto/cipher/cipher_test.cc \
+ crypto/cms/cms_test.cc \
+ crypto/compiler_test.cc \
+ crypto/conf/conf_test.cc \
+ crypto/constant_time_test.cc \
+ crypto/cpu_arm_linux_test.cc \
+ crypto/crypto_test.cc \
+ crypto/curve25519/ed25519_test.cc \
+ crypto/curve25519/spake25519_test.cc \
+ crypto/curve25519/x25519_test.cc \
+ crypto/dh/dh_test.cc \
+ crypto/digest/digest_test.cc \
+ crypto/dsa/dsa_test.cc \
+ crypto/ecdh/ecdh_test.cc \
+ crypto/err/err_test.cc \
+ crypto/evp/evp_extra_test.cc \
+ crypto/evp/evp_test.cc \
+ crypto/evp/pbkdf_test.cc \
+ crypto/evp/scrypt_test.cc \
+ crypto/fipsmodule/aes/aes_test.cc \
+ crypto/fipsmodule/aes/gcm_test.cc \
+ crypto/fipsmodule/bn/bn_test.cc \
+ crypto/fipsmodule/cmac/cmac_test.cc \
+ crypto/fipsmodule/ec/ec_test.cc \
+ crypto/fipsmodule/ec/p256-nistz_test.cc \
+ crypto/fipsmodule/ec/p256_test.cc \
+ crypto/fipsmodule/ecdsa/ecdsa_test.cc \
+ crypto/fipsmodule/hkdf/hkdf_test.cc \
+ crypto/fipsmodule/keccak/keccak_test.cc \
+ crypto/fipsmodule/rand/ctrdrbg_test.cc \
+ crypto/fipsmodule/service_indicator/service_indicator_test.cc \
+ crypto/fipsmodule/sha/sha_test.cc \
+ crypto/hmac/hmac_test.cc \
+ crypto/hpke/hpke_test.cc \
+ crypto/hrss/hrss_test.cc \
+ crypto/impl_dispatch_test.cc \
+ crypto/kyber/kyber_test.cc \
+ crypto/lhash/lhash_test.cc \
+ crypto/md5/md5_test.cc \
+ crypto/mldsa/mldsa_test.cc \
+ crypto/mlkem/mlkem_test.cc \
+ crypto/obj/obj_test.cc \
+ crypto/pem/pem_test.cc \
+ crypto/pkcs7/pkcs7_test.cc \
+ crypto/pkcs8/pkcs12_test.cc \
+ crypto/pkcs8/pkcs8_test.cc \
+ crypto/poly1305/poly1305_test.cc \
+ crypto/pool/pool_test.cc \
+ crypto/rand/fork_detect_test.cc \
+ crypto/rand/getentropy_test.cc \
+ crypto/rand/rand_test.cc \
+ crypto/refcount_test.cc \
+ crypto/rsa/rsa_test.cc \
+ crypto/self_test.cc \
+ crypto/siphash/siphash_test.cc \
+ crypto/slhdsa/slhdsa_test.cc \
+ crypto/spake2plus/spake2plus_test.cc \
+ crypto/stack/stack_test.cc \
+ crypto/test/gtest_main.cc \
+ crypto/thread_test.cc \
+ crypto/trust_token/trust_token_test.cc \
+ crypto/x509/tab_test.cc \
+ crypto/x509/x509_test.cc \
+ crypto/x509/x509_time_test.cc
+
+boringssl_crypto_test_data := \
+ crypto/blake2/blake2b256_tests.txt \
+ crypto/cipher/test/aes_128_cbc_sha1_tls_implicit_iv_tests.txt \
+ crypto/cipher/test/aes_128_cbc_sha1_tls_tests.txt \
+ crypto/cipher/test/aes_128_ccm_bluetooth_8_tests.txt \
+ crypto/cipher/test/aes_128_ccm_bluetooth_tests.txt \
+ crypto/cipher/test/aes_128_ccm_matter_tests.txt \
+ crypto/cipher/test/aes_128_ctr_hmac_sha256.txt \
+ crypto/cipher/test/aes_128_eax_test.txt \
+ crypto/cipher/test/aes_128_gcm_randnonce_tests.txt \
+ crypto/cipher/test/aes_128_gcm_siv_tests.txt \
+ crypto/cipher/test/aes_128_gcm_tests.txt \
+ crypto/cipher/test/aes_192_gcm_tests.txt \
+ crypto/cipher/test/aes_256_cbc_sha1_tls_implicit_iv_tests.txt \
+ crypto/cipher/test/aes_256_cbc_sha1_tls_tests.txt \
+ crypto/cipher/test/aes_256_ctr_hmac_sha256.txt \
+ crypto/cipher/test/aes_256_eax_test.txt \
+ crypto/cipher/test/aes_256_gcm_randnonce_tests.txt \
+ crypto/cipher/test/aes_256_gcm_siv_tests.txt \
+ crypto/cipher/test/aes_256_gcm_tests.txt \
+ crypto/cipher/test/chacha20_poly1305_tests.txt \
+ crypto/cipher/test/cipher_tests.txt \
+ crypto/cipher/test/des_ede3_cbc_sha1_tls_implicit_iv_tests.txt \
+ crypto/cipher/test/des_ede3_cbc_sha1_tls_tests.txt \
+ crypto/cipher/test/nist_cavp/aes_128_cbc.txt \
+ crypto/cipher/test/nist_cavp/aes_128_ctr.txt \
+ crypto/cipher/test/nist_cavp/aes_128_gcm.txt \
+ crypto/cipher/test/nist_cavp/aes_192_cbc.txt \
+ crypto/cipher/test/nist_cavp/aes_192_ctr.txt \
+ crypto/cipher/test/nist_cavp/aes_256_cbc.txt \
+ crypto/cipher/test/nist_cavp/aes_256_ctr.txt \
+ crypto/cipher/test/nist_cavp/aes_256_gcm.txt \
+ crypto/cipher/test/nist_cavp/tdes_cbc.txt \
+ crypto/cipher/test/nist_cavp/tdes_ecb.txt \
+ crypto/cipher/test/xchacha20_poly1305_tests.txt \
+ crypto/curve25519/ed25519_tests.txt \
+ crypto/ecdh/ecdh_tests.txt \
+ crypto/evp/evp_tests.txt \
+ crypto/evp/scrypt_tests.txt \
+ crypto/fipsmodule/aes/aes_tests.txt \
+ crypto/fipsmodule/bn/test/exp_tests.txt \
+ crypto/fipsmodule/bn/test/gcd_tests.txt \
+ crypto/fipsmodule/bn/test/miller_rabin_tests.txt \
+ crypto/fipsmodule/bn/test/mod_exp_tests.txt \
+ crypto/fipsmodule/bn/test/mod_inv_tests.txt \
+ crypto/fipsmodule/bn/test/mod_mul_tests.txt \
+ crypto/fipsmodule/bn/test/mod_sqrt_tests.txt \
+ crypto/fipsmodule/bn/test/product_tests.txt \
+ crypto/fipsmodule/bn/test/quotient_tests.txt \
+ crypto/fipsmodule/bn/test/shift_tests.txt \
+ crypto/fipsmodule/bn/test/sum_tests.txt \
+ crypto/fipsmodule/cmac/cavp_3des_cmac_tests.txt \
+ crypto/fipsmodule/cmac/cavp_aes128_cmac_tests.txt \
+ crypto/fipsmodule/cmac/cavp_aes192_cmac_tests.txt \
+ crypto/fipsmodule/cmac/cavp_aes256_cmac_tests.txt \
+ crypto/fipsmodule/ec/ec_scalar_base_mult_tests.txt \
+ crypto/fipsmodule/ec/p256-nistz_tests.txt \
+ crypto/fipsmodule/ecdsa/ecdsa_sign_tests.txt \
+ crypto/fipsmodule/ecdsa/ecdsa_verify_tests.txt \
+ crypto/fipsmodule/keccak/keccak_tests.txt \
+ crypto/fipsmodule/rand/ctrdrbg_vectors.txt \
+ crypto/hmac/hmac_tests.txt \
+ crypto/hpke/hpke_test_vectors.txt \
+ crypto/kyber/kyber_tests.txt \
+ crypto/mldsa/mldsa_nist_keygen_65_tests.txt \
+ crypto/mldsa/mldsa_nist_keygen_87_tests.txt \
+ crypto/mldsa/mldsa_nist_siggen_65_tests.txt \
+ crypto/mldsa/mldsa_nist_siggen_87_tests.txt \
+ crypto/mlkem/mlkem1024_decap_tests.txt \
+ crypto/mlkem/mlkem1024_encap_tests.txt \
+ crypto/mlkem/mlkem1024_keygen_tests.txt \
+ crypto/mlkem/mlkem1024_nist_decap_tests.txt \
+ crypto/mlkem/mlkem1024_nist_keygen_tests.txt \
+ crypto/mlkem/mlkem768_decap_tests.txt \
+ crypto/mlkem/mlkem768_encap_tests.txt \
+ crypto/mlkem/mlkem768_keygen_tests.txt \
+ crypto/mlkem/mlkem768_nist_decap_tests.txt \
+ crypto/mlkem/mlkem768_nist_keygen_tests.txt \
+ crypto/pkcs7/test/nss.p7c \
+ crypto/pkcs7/test/openssl_crl.p7c \
+ crypto/pkcs7/test/sign_cert.pem \
+ crypto/pkcs7/test/sign_key.pem \
+ crypto/pkcs7/test/sign_sha1.p7s \
+ crypto/pkcs7/test/sign_sha1_key_id.p7s \
+ crypto/pkcs7/test/sign_sha256.p7s \
+ crypto/pkcs7/test/sign_sha256_key_id.p7s \
+ crypto/pkcs7/test/windows.p7c \
+ crypto/pkcs8/test/bad1.p12 \
+ crypto/pkcs8/test/bad2.p12 \
+ crypto/pkcs8/test/bad3.p12 \
+ crypto/pkcs8/test/empty_password.p12 \
+ crypto/pkcs8/test/empty_password_ber.p12 \
+ crypto/pkcs8/test/empty_password_ber_nested.p12 \
+ crypto/pkcs8/test/no_encryption.p12 \
+ crypto/pkcs8/test/nss.p12 \
+ crypto/pkcs8/test/null_password.p12 \
+ crypto/pkcs8/test/openssl.p12 \
+ crypto/pkcs8/test/pbes2_sha1.p12 \
+ crypto/pkcs8/test/pbes2_sha256.p12 \
+ crypto/pkcs8/test/unicode_password.p12 \
+ crypto/pkcs8/test/windows.p12 \
+ crypto/poly1305/poly1305_tests.txt \
+ crypto/siphash/siphash_tests.txt \
+ crypto/slhdsa/slhdsa_keygen.txt \
+ crypto/slhdsa/slhdsa_prehash.txt \
+ crypto/slhdsa/slhdsa_siggen.txt \
+ crypto/slhdsa/slhdsa_sigver.txt \
+ crypto/x509/test/basic_constraints_ca.pem \
+ crypto/x509/test/basic_constraints_ca_pathlen_0.pem \
+ crypto/x509/test/basic_constraints_ca_pathlen_1.pem \
+ crypto/x509/test/basic_constraints_ca_pathlen_10.pem \
+ crypto/x509/test/basic_constraints_leaf.pem \
+ crypto/x509/test/basic_constraints_none.pem \
+ crypto/x509/test/invalid_extension_intermediate.pem \
+ crypto/x509/test/invalid_extension_intermediate_authority_key_identifier.pem \
+ crypto/x509/test/invalid_extension_intermediate_basic_constraints.pem \
+ crypto/x509/test/invalid_extension_intermediate_ext_key_usage.pem \
+ crypto/x509/test/invalid_extension_intermediate_key_usage.pem \
+ crypto/x509/test/invalid_extension_intermediate_name_constraints.pem \
+ crypto/x509/test/invalid_extension_intermediate_subject_alt_name.pem \
+ crypto/x509/test/invalid_extension_intermediate_subject_key_identifier.pem \
+ crypto/x509/test/invalid_extension_leaf.pem \
+ crypto/x509/test/invalid_extension_leaf_authority_key_identifier.pem \
+ crypto/x509/test/invalid_extension_leaf_basic_constraints.pem \
+ crypto/x509/test/invalid_extension_leaf_ext_key_usage.pem \
+ crypto/x509/test/invalid_extension_leaf_key_usage.pem \
+ crypto/x509/test/invalid_extension_leaf_name_constraints.pem \
+ crypto/x509/test/invalid_extension_leaf_subject_alt_name.pem \
+ crypto/x509/test/invalid_extension_leaf_subject_key_identifier.pem \
+ crypto/x509/test/invalid_extension_root.pem \
+ crypto/x509/test/invalid_extension_root_authority_key_identifier.pem \
+ crypto/x509/test/invalid_extension_root_basic_constraints.pem \
+ crypto/x509/test/invalid_extension_root_ext_key_usage.pem \
+ crypto/x509/test/invalid_extension_root_key_usage.pem \
+ crypto/x509/test/invalid_extension_root_name_constraints.pem \
+ crypto/x509/test/invalid_extension_root_subject_alt_name.pem \
+ crypto/x509/test/invalid_extension_root_subject_key_identifier.pem \
+ crypto/x509/test/many_constraints.pem \
+ crypto/x509/test/many_names1.pem \
+ crypto/x509/test/many_names2.pem \
+ crypto/x509/test/many_names3.pem \
+ crypto/x509/test/policy_intermediate.pem \
+ crypto/x509/test/policy_intermediate_any.pem \
+ crypto/x509/test/policy_intermediate_duplicate.pem \
+ crypto/x509/test/policy_intermediate_invalid.pem \
+ crypto/x509/test/policy_intermediate_mapped.pem \
+ crypto/x509/test/policy_intermediate_mapped_any.pem \
+ crypto/x509/test/policy_intermediate_mapped_oid3.pem \
+ crypto/x509/test/policy_intermediate_require.pem \
+ crypto/x509/test/policy_intermediate_require1.pem \
+ crypto/x509/test/policy_intermediate_require2.pem \
+ crypto/x509/test/policy_intermediate_require_duplicate.pem \
+ crypto/x509/test/policy_intermediate_require_no_policies.pem \
+ crypto/x509/test/policy_leaf.pem \
+ crypto/x509/test/policy_leaf_any.pem \
+ crypto/x509/test/policy_leaf_duplicate.pem \
+ crypto/x509/test/policy_leaf_invalid.pem \
+ crypto/x509/test/policy_leaf_none.pem \
+ crypto/x509/test/policy_leaf_oid1.pem \
+ crypto/x509/test/policy_leaf_oid2.pem \
+ crypto/x509/test/policy_leaf_oid3.pem \
+ crypto/x509/test/policy_leaf_oid4.pem \
+ crypto/x509/test/policy_leaf_oid5.pem \
+ crypto/x509/test/policy_leaf_require.pem \
+ crypto/x509/test/policy_leaf_require1.pem \
+ crypto/x509/test/policy_root.pem \
+ crypto/x509/test/policy_root2.pem \
+ crypto/x509/test/policy_root_cross_inhibit_mapping.pem \
+ crypto/x509/test/pss_sha1.pem \
+ crypto/x509/test/pss_sha1_explicit.pem \
+ crypto/x509/test/pss_sha1_mgf1_syntax_error.pem \
+ crypto/x509/test/pss_sha224.pem \
+ crypto/x509/test/pss_sha256.pem \
+ crypto/x509/test/pss_sha256_explicit_trailer.pem \
+ crypto/x509/test/pss_sha256_mgf1_sha384.pem \
+ crypto/x509/test/pss_sha256_mgf1_syntax_error.pem \
+ crypto/x509/test/pss_sha256_omit_nulls.pem \
+ crypto/x509/test/pss_sha256_salt31.pem \
+ crypto/x509/test/pss_sha256_salt_overflow.pem \
+ crypto/x509/test/pss_sha256_unknown_mgf.pem \
+ crypto/x509/test/pss_sha256_wrong_trailer.pem \
+ crypto/x509/test/pss_sha384.pem \
+ crypto/x509/test/pss_sha512.pem \
+ crypto/x509/test/some_names1.pem \
+ crypto/x509/test/some_names2.pem \
+ crypto/x509/test/some_names3.pem \
+ crypto/x509/test/trailing_data_leaf_authority_key_identifier.pem \
+ crypto/x509/test/trailing_data_leaf_basic_constraints.pem \
+ crypto/x509/test/trailing_data_leaf_ext_key_usage.pem \
+ crypto/x509/test/trailing_data_leaf_key_usage.pem \
+ crypto/x509/test/trailing_data_leaf_name_constraints.pem \
+ crypto/x509/test/trailing_data_leaf_subject_alt_name.pem \
+ crypto/x509/test/trailing_data_leaf_subject_key_identifier.pem \
+ third_party/wycheproof_testvectors/aes_cbc_pkcs5_test.txt \
+ third_party/wycheproof_testvectors/aes_cmac_test.txt \
+ third_party/wycheproof_testvectors/aes_eax_test.txt \
+ third_party/wycheproof_testvectors/aes_gcm_siv_test.txt \
+ third_party/wycheproof_testvectors/aes_gcm_test.txt \
+ third_party/wycheproof_testvectors/chacha20_poly1305_test.txt \
+ third_party/wycheproof_testvectors/dsa_test.txt \
+ third_party/wycheproof_testvectors/ecdh_secp224r1_test.txt \
+ third_party/wycheproof_testvectors/ecdh_secp256r1_test.txt \
+ third_party/wycheproof_testvectors/ecdh_secp384r1_test.txt \
+ third_party/wycheproof_testvectors/ecdh_secp521r1_test.txt \
+ third_party/wycheproof_testvectors/ecdsa_secp224r1_sha224_test.txt \
+ third_party/wycheproof_testvectors/ecdsa_secp224r1_sha256_test.txt \
+ third_party/wycheproof_testvectors/ecdsa_secp224r1_sha512_test.txt \
+ third_party/wycheproof_testvectors/ecdsa_secp256r1_sha256_test.txt \
+ third_party/wycheproof_testvectors/ecdsa_secp256r1_sha512_test.txt \
+ third_party/wycheproof_testvectors/ecdsa_secp384r1_sha384_test.txt \
+ third_party/wycheproof_testvectors/ecdsa_secp384r1_sha512_test.txt \
+ third_party/wycheproof_testvectors/ecdsa_secp521r1_sha512_test.txt \
+ third_party/wycheproof_testvectors/eddsa_test.txt \
+ third_party/wycheproof_testvectors/hkdf_sha1_test.txt \
+ third_party/wycheproof_testvectors/hkdf_sha256_test.txt \
+ third_party/wycheproof_testvectors/hkdf_sha384_test.txt \
+ third_party/wycheproof_testvectors/hkdf_sha512_test.txt \
+ third_party/wycheproof_testvectors/hmac_sha1_test.txt \
+ third_party/wycheproof_testvectors/hmac_sha224_test.txt \
+ third_party/wycheproof_testvectors/hmac_sha256_test.txt \
+ third_party/wycheproof_testvectors/hmac_sha384_test.txt \
+ third_party/wycheproof_testvectors/hmac_sha512_test.txt \
+ third_party/wycheproof_testvectors/kw_test.txt \
+ third_party/wycheproof_testvectors/kwp_test.txt \
+ third_party/wycheproof_testvectors/mldsa_65_standard_sign_test.txt \
+ third_party/wycheproof_testvectors/mldsa_65_standard_verify_test.txt \
+ third_party/wycheproof_testvectors/mldsa_87_standard_sign_test.txt \
+ third_party/wycheproof_testvectors/mldsa_87_standard_verify_test.txt \
+ third_party/wycheproof_testvectors/primality_test.txt \
+ third_party/wycheproof_testvectors/rsa_oaep_2048_sha1_mgf1sha1_test.txt \
+ third_party/wycheproof_testvectors/rsa_oaep_2048_sha224_mgf1sha1_test.txt \
+ third_party/wycheproof_testvectors/rsa_oaep_2048_sha224_mgf1sha224_test.txt \
+ third_party/wycheproof_testvectors/rsa_oaep_2048_sha256_mgf1sha1_test.txt \
+ third_party/wycheproof_testvectors/rsa_oaep_2048_sha256_mgf1sha256_test.txt \
+ third_party/wycheproof_testvectors/rsa_oaep_2048_sha384_mgf1sha1_test.txt \
+ third_party/wycheproof_testvectors/rsa_oaep_2048_sha384_mgf1sha384_test.txt \
+ third_party/wycheproof_testvectors/rsa_oaep_2048_sha512_mgf1sha1_test.txt \
+ third_party/wycheproof_testvectors/rsa_oaep_2048_sha512_mgf1sha512_test.txt \
+ third_party/wycheproof_testvectors/rsa_oaep_3072_sha256_mgf1sha1_test.txt \
+ third_party/wycheproof_testvectors/rsa_oaep_3072_sha256_mgf1sha256_test.txt \
+ third_party/wycheproof_testvectors/rsa_oaep_3072_sha512_mgf1sha1_test.txt \
+ third_party/wycheproof_testvectors/rsa_oaep_3072_sha512_mgf1sha512_test.txt \
+ third_party/wycheproof_testvectors/rsa_oaep_4096_sha256_mgf1sha1_test.txt \
+ third_party/wycheproof_testvectors/rsa_oaep_4096_sha256_mgf1sha256_test.txt \
+ third_party/wycheproof_testvectors/rsa_oaep_4096_sha512_mgf1sha1_test.txt \
+ third_party/wycheproof_testvectors/rsa_oaep_4096_sha512_mgf1sha512_test.txt \
+ third_party/wycheproof_testvectors/rsa_oaep_misc_test.txt \
+ third_party/wycheproof_testvectors/rsa_pkcs1_2048_test.txt \
+ third_party/wycheproof_testvectors/rsa_pkcs1_3072_test.txt \
+ third_party/wycheproof_testvectors/rsa_pkcs1_4096_test.txt \
+ third_party/wycheproof_testvectors/rsa_pss_2048_sha1_mgf1_20_test.txt \
+ third_party/wycheproof_testvectors/rsa_pss_2048_sha256_mgf1_0_test.txt \
+ third_party/wycheproof_testvectors/rsa_pss_2048_sha256_mgf1_32_test.txt \
+ third_party/wycheproof_testvectors/rsa_pss_3072_sha256_mgf1_32_test.txt \
+ third_party/wycheproof_testvectors/rsa_pss_4096_sha256_mgf1_32_test.txt \
+ third_party/wycheproof_testvectors/rsa_pss_4096_sha512_mgf1_32_test.txt \
+ third_party/wycheproof_testvectors/rsa_pss_misc_test.txt \
+ third_party/wycheproof_testvectors/rsa_sig_gen_misc_test.txt \
+ third_party/wycheproof_testvectors/rsa_signature_2048_sha224_test.txt \
+ third_party/wycheproof_testvectors/rsa_signature_2048_sha256_test.txt \
+ third_party/wycheproof_testvectors/rsa_signature_2048_sha384_test.txt \
+ third_party/wycheproof_testvectors/rsa_signature_2048_sha512_test.txt \
+ third_party/wycheproof_testvectors/rsa_signature_3072_sha256_test.txt \
+ third_party/wycheproof_testvectors/rsa_signature_3072_sha384_test.txt \
+ third_party/wycheproof_testvectors/rsa_signature_3072_sha512_test.txt \
+ third_party/wycheproof_testvectors/rsa_signature_4096_sha384_test.txt \
+ third_party/wycheproof_testvectors/rsa_signature_4096_sha512_test.txt \
+ third_party/wycheproof_testvectors/rsa_signature_test.txt \
+ third_party/wycheproof_testvectors/x25519_test.txt \
+ third_party/wycheproof_testvectors/xchacha20_poly1305_test.txt
+
+boringssl_decrepit_sources := \
+ decrepit/bio/base64_bio.cc \
+ decrepit/blowfish/blowfish.cc \
+ decrepit/cast/cast.cc \
+ decrepit/cast/cast_tables.cc \
+ decrepit/cfb/cfb.cc \
+ decrepit/des/cfb64ede.cc \
+ decrepit/dh/dh_decrepit.cc \
+ decrepit/dsa/dsa_decrepit.cc \
+ decrepit/evp/dss1.cc \
+ decrepit/evp/evp_do_all.cc \
+ decrepit/obj/obj_decrepit.cc \
+ decrepit/rc4/rc4_decrepit.cc \
+ decrepit/ripemd/ripemd.cc \
+ decrepit/rsa/rsa_decrepit.cc \
+ decrepit/ssl/ssl_decrepit.cc \
+ decrepit/x509/x509_decrepit.cc \
+ decrepit/xts/xts.cc
+
+boringssl_decrepit_internal_headers := \
+ decrepit/cast/internal.h \
+ decrepit/macros.h
+
+boringssl_decrepit_test_sources := \
+ crypto/test/gtest_main.cc \
+ decrepit/blowfish/blowfish_test.cc \
+ decrepit/cast/cast_test.cc \
+ decrepit/cfb/cfb_test.cc \
+ decrepit/des/des_test.cc \
+ decrepit/evp/evp_test.cc \
+ decrepit/ripemd/ripemd_test.cc \
+ decrepit/xts/xts_test.cc
+
+boringssl_fuzz_sources := \
+ fuzz/arm_cpuinfo.cc \
+ fuzz/bn_div.cc \
+ fuzz/bn_mod_exp.cc \
+ fuzz/cert.cc \
+ fuzz/client.cc \
+ fuzz/client_no_fuzzer_mode.cc \
+ fuzz/conf.cc \
+ fuzz/crl_getcrlstatusforcert_fuzzer.cc \
+ fuzz/crl_parse_crl_certificatelist_fuzzer.cc \
+ fuzz/crl_parse_crl_tbscertlist_fuzzer.cc \
+ fuzz/crl_parse_issuing_distribution_point_fuzzer.cc \
+ fuzz/decode_client_hello_inner.cc \
+ fuzz/der_roundtrip.cc \
+ fuzz/dtls_client.cc \
+ fuzz/dtls_server.cc \
+ fuzz/ocsp_parse_ocsp_cert_id_fuzzer.cc \
+ fuzz/ocsp_parse_ocsp_response_data_fuzzer.cc \
+ fuzz/ocsp_parse_ocsp_response_fuzzer.cc \
+ fuzz/ocsp_parse_ocsp_single_response_fuzzer.cc \
+ fuzz/parse_authority_key_identifier_fuzzer.cc \
+ fuzz/parse_certificate_fuzzer.cc \
+ fuzz/parse_crldp_fuzzer.cc \
+ fuzz/pkcs12.cc \
+ fuzz/pkcs8.cc \
+ fuzz/privkey.cc \
+ fuzz/read_pem.cc \
+ fuzz/server.cc \
+ fuzz/server_no_fuzzer_mode.cc \
+ fuzz/session.cc \
+ fuzz/spki.cc \
+ fuzz/ssl_ctx_api.cc \
+ fuzz/verify_name_match_fuzzer.cc \
+ fuzz/verify_name_match_normalizename_fuzzer.cc \
+ fuzz/verify_name_match_verifynameinsubtree_fuzzer.cc
+
+boringssl_modulewrapper_sources := \
+ util/fipstools/acvp/modulewrapper/main.cc \
+ util/fipstools/acvp/modulewrapper/modulewrapper.cc
+
+boringssl_modulewrapper_internal_headers := \
+ util/fipstools/acvp/modulewrapper/modulewrapper.h
+
+boringssl_pki_sources := \
+ pki/cert_error_id.cc \
+ pki/cert_error_params.cc \
+ pki/cert_errors.cc \
+ pki/cert_issuer_source_static.cc \
+ pki/certificate.cc \
+ pki/certificate_policies.cc \
+ pki/common_cert_errors.cc \
+ pki/crl.cc \
+ pki/encode_values.cc \
+ pki/extended_key_usage.cc \
+ pki/general_names.cc \
+ pki/input.cc \
+ pki/ip_util.cc \
+ pki/name_constraints.cc \
+ pki/ocsp.cc \
+ pki/parse_certificate.cc \
+ pki/parse_name.cc \
+ pki/parse_values.cc \
+ pki/parsed_certificate.cc \
+ pki/parser.cc \
+ pki/path_builder.cc \
+ pki/pem.cc \
+ pki/revocation_util.cc \
+ pki/signature_algorithm.cc \
+ pki/simple_path_builder_delegate.cc \
+ pki/string_util.cc \
+ pki/trust_store.cc \
+ pki/trust_store_collection.cc \
+ pki/trust_store_in_memory.cc \
+ pki/verify.cc \
+ pki/verify_certificate_chain.cc \
+ pki/verify_error.cc \
+ pki/verify_name_match.cc \
+ pki/verify_signed_data.cc
+
+boringssl_pki_headers := \
+ include/openssl/pki/certificate.h \
+ include/openssl/pki/ocsp.h \
+ include/openssl/pki/signature_verify_cache.h \
+ include/openssl/pki/verify.h \
+ include/openssl/pki/verify_error.h
+
+boringssl_pki_internal_headers := \
+ pki/cert_error_id.h \
+ pki/cert_error_params.h \
+ pki/cert_errors.h \
+ pki/cert_issuer_source.h \
+ pki/cert_issuer_source_static.h \
+ pki/cert_issuer_source_sync_unittest.h \
+ pki/certificate_policies.h \
+ pki/common_cert_errors.h \
+ pki/crl.h \
+ pki/encode_values.h \
+ pki/extended_key_usage.h \
+ pki/general_names.h \
+ pki/input.h \
+ pki/ip_util.h \
+ pki/mock_signature_verify_cache.h \
+ pki/name_constraints.h \
+ pki/nist_pkits_unittest.h \
+ pki/ocsp.h \
+ pki/parse_certificate.h \
+ pki/parse_name.h \
+ pki/parse_values.h \
+ pki/parsed_certificate.h \
+ pki/parser.h \
+ pki/path_builder.h \
+ pki/pem.h \
+ pki/revocation_util.h \
+ pki/signature_algorithm.h \
+ pki/simple_path_builder_delegate.h \
+ pki/string_util.h \
+ pki/test_helpers.h \
+ pki/testdata/nist-pkits/pkits_testcases-inl.h \
+ pki/trust_store.h \
+ pki/trust_store_collection.h \
+ pki/trust_store_in_memory.h \
+ pki/verify_certificate_chain.h \
+ pki/verify_certificate_chain_typed_unittest.h \
+ pki/verify_name_match.h \
+ pki/verify_signed_data.h
+
+boringssl_pki_test_sources := \
+ crypto/test/gtest_main.cc \
+ pki/cert_issuer_source_static_unittest.cc \
+ pki/certificate_policies_unittest.cc \
+ pki/certificate_unittest.cc \
+ pki/crl_unittest.cc \
+ pki/encode_values_unittest.cc \
+ pki/extended_key_usage_unittest.cc \
+ pki/general_names_unittest.cc \
+ pki/input_unittest.cc \
+ pki/ip_util_unittest.cc \
+ pki/mock_signature_verify_cache.cc \
+ pki/name_constraints_unittest.cc \
+ pki/nist_pkits_unittest.cc \
+ pki/ocsp_unittest.cc \
+ pki/parse_certificate_unittest.cc \
+ pki/parse_name_unittest.cc \
+ pki/parse_values_unittest.cc \
+ pki/parsed_certificate_unittest.cc \
+ pki/parser_unittest.cc \
+ pki/path_builder_pkits_unittest.cc \
+ pki/path_builder_unittest.cc \
+ pki/path_builder_verify_certificate_chain_unittest.cc \
+ pki/pem_unittest.cc \
+ pki/signature_algorithm_unittest.cc \
+ pki/simple_path_builder_delegate_unittest.cc \
+ pki/string_util_unittest.cc \
+ pki/test_helpers.cc \
+ pki/trust_store_collection_unittest.cc \
+ pki/trust_store_in_memory_unittest.cc \
+ pki/verify_certificate_chain_pkits_unittest.cc \
+ pki/verify_certificate_chain_unittest.cc \
+ pki/verify_name_match_unittest.cc \
+ pki/verify_signed_data_unittest.cc \
+ pki/verify_unittest.cc
+
+boringssl_pki_test_data := \
+ pki/testdata/cert_issuer_source_static_unittest/c1.pem \
+ pki/testdata/cert_issuer_source_static_unittest/c2.pem \
+ pki/testdata/cert_issuer_source_static_unittest/d.pem \
+ pki/testdata/cert_issuer_source_static_unittest/e1.pem \
+ pki/testdata/cert_issuer_source_static_unittest/e2.pem \
+ pki/testdata/cert_issuer_source_static_unittest/i1_1.pem \
+ pki/testdata/cert_issuer_source_static_unittest/i1_2.pem \
+ pki/testdata/cert_issuer_source_static_unittest/i2.pem \
+ pki/testdata/cert_issuer_source_static_unittest/i3_1.pem \
+ pki/testdata/cert_issuer_source_static_unittest/i3_2.pem \
+ pki/testdata/cert_issuer_source_static_unittest/root.pem \
+ pki/testdata/certificate_policies_unittest/anypolicy.pem \
+ pki/testdata/certificate_policies_unittest/anypolicy_with_qualifier.pem \
+ pki/testdata/certificate_policies_unittest/invalid-anypolicy_with_custom_qualifier.pem \
+ pki/testdata/certificate_policies_unittest/invalid-empty.pem \
+ pki/testdata/certificate_policies_unittest/invalid-policy_1_2_3_dupe.pem \
+ pki/testdata/certificate_policies_unittest/invalid-policy_1_2_3_policyinformation_unconsumed_data.pem \
+ pki/testdata/certificate_policies_unittest/invalid-policy_1_2_3_policyqualifierinfo_unconsumed_data.pem \
+ pki/testdata/certificate_policies_unittest/invalid-policy_1_2_3_with_empty_qualifiers_sequence.pem \
+ pki/testdata/certificate_policies_unittest/invalid-policy_identifier_not_oid.pem \
+ pki/testdata/certificate_policies_unittest/policy_1_2_3.pem \
+ pki/testdata/certificate_policies_unittest/policy_1_2_3_and_1_2_4.pem \
+ pki/testdata/certificate_policies_unittest/policy_1_2_3_and_1_2_4_with_qualifiers.pem \
+ pki/testdata/certificate_policies_unittest/policy_1_2_3_with_custom_qualifier.pem \
+ pki/testdata/certificate_policies_unittest/policy_1_2_3_with_qualifier.pem \
+ pki/testdata/crl_unittest/bad_crldp_has_crlissuer.pem \
+ pki/testdata/crl_unittest/bad_fake_critical_crlentryextension.pem \
+ pki/testdata/crl_unittest/bad_fake_critical_extension.pem \
+ pki/testdata/crl_unittest/bad_idp_contains_wrong_uri.pem \
+ pki/testdata/crl_unittest/bad_idp_indirectcrl.pem \
+ pki/testdata/crl_unittest/bad_idp_onlycontainscacerts.pem \
+ pki/testdata/crl_unittest/bad_idp_onlycontainscacerts_no_basic_constraints.pem \
+ pki/testdata/crl_unittest/bad_idp_onlycontainsusercerts.pem \
+ pki/testdata/crl_unittest/bad_idp_uri_and_onlycontainscacerts.pem \
+ pki/testdata/crl_unittest/bad_idp_uri_and_onlycontainsusercerts.pem \
+ pki/testdata/crl_unittest/bad_key_rollover_signature.pem \
+ pki/testdata/crl_unittest/bad_nextupdate_too_old.pem \
+ pki/testdata/crl_unittest/bad_signature.pem \
+ pki/testdata/crl_unittest/bad_thisupdate_in_future.pem \
+ pki/testdata/crl_unittest/bad_thisupdate_too_old.pem \
+ pki/testdata/crl_unittest/bad_wrong_issuer.pem \
+ pki/testdata/crl_unittest/good.pem \
+ pki/testdata/crl_unittest/good_fake_extension.pem \
+ pki/testdata/crl_unittest/good_fake_extension_no_nextupdate.pem \
+ pki/testdata/crl_unittest/good_generalizedtime.pem \
+ pki/testdata/crl_unittest/good_idp_contains_uri.pem \
+ pki/testdata/crl_unittest/good_idp_onlycontainscacerts.pem \
+ pki/testdata/crl_unittest/good_idp_onlycontainsusercerts.pem \
+ pki/testdata/crl_unittest/good_idp_onlycontainsusercerts_no_basic_constraints.pem \
+ pki/testdata/crl_unittest/good_idp_uri_and_onlycontainscacerts.pem \
+ pki/testdata/crl_unittest/good_idp_uri_and_onlycontainsusercerts.pem \
+ pki/testdata/crl_unittest/good_issuer_name_normalization.pem \
+ pki/testdata/crl_unittest/good_issuer_no_keyusage.pem \
+ pki/testdata/crl_unittest/good_key_rollover.pem \
+ pki/testdata/crl_unittest/good_no_crldp.pem \
+ pki/testdata/crl_unittest/good_no_nextupdate.pem \
+ pki/testdata/crl_unittest/good_no_version.pem \
+ pki/testdata/crl_unittest/invalid_garbage_after_crlentryextensions.pem \
+ pki/testdata/crl_unittest/invalid_garbage_after_extensions.pem \
+ pki/testdata/crl_unittest/invalid_garbage_after_nextupdate.pem \
+ pki/testdata/crl_unittest/invalid_garbage_after_revocationdate.pem \
+ pki/testdata/crl_unittest/invalid_garbage_after_revokedcerts.pem \
+ pki/testdata/crl_unittest/invalid_garbage_after_signaturevalue.pem \
+ pki/testdata/crl_unittest/invalid_garbage_after_thisupdate.pem \
+ pki/testdata/crl_unittest/invalid_garbage_crlentry.pem \
+ pki/testdata/crl_unittest/invalid_garbage_issuer_name.pem \
+ pki/testdata/crl_unittest/invalid_garbage_revocationdate.pem \
+ pki/testdata/crl_unittest/invalid_garbage_revoked_serial_number.pem \
+ pki/testdata/crl_unittest/invalid_garbage_signaturealgorithm.pem \
+ pki/testdata/crl_unittest/invalid_garbage_signaturevalue.pem \
+ pki/testdata/crl_unittest/invalid_garbage_tbs_signature_algorithm.pem \
+ pki/testdata/crl_unittest/invalid_garbage_tbscertlist.pem \
+ pki/testdata/crl_unittest/invalid_garbage_thisupdate.pem \
+ pki/testdata/crl_unittest/invalid_garbage_version.pem \
+ pki/testdata/crl_unittest/invalid_idp_dpname_choice_extra_data.pem \
+ pki/testdata/crl_unittest/invalid_idp_empty_sequence.pem \
+ pki/testdata/crl_unittest/invalid_idp_onlycontains_user_and_ca_certs.pem \
+ pki/testdata/crl_unittest/invalid_idp_onlycontainsusercerts_v1_leaf.pem \
+ pki/testdata/crl_unittest/invalid_issuer_keyusage_no_crlsign.pem \
+ pki/testdata/crl_unittest/invalid_key_rollover_issuer_keyusage_no_crlsign.pem \
+ pki/testdata/crl_unittest/invalid_mismatched_signature_algorithm.pem \
+ pki/testdata/crl_unittest/invalid_revoked_empty_sequence.pem \
+ pki/testdata/crl_unittest/invalid_v1_explicit.pem \
+ pki/testdata/crl_unittest/invalid_v1_with_crlentryextension.pem \
+ pki/testdata/crl_unittest/invalid_v1_with_extension.pem \
+ pki/testdata/crl_unittest/invalid_v3.pem \
+ pki/testdata/crl_unittest/revoked.pem \
+ pki/testdata/crl_unittest/revoked_fake_crlentryextension.pem \
+ pki/testdata/crl_unittest/revoked_generalized_revocationdate.pem \
+ pki/testdata/crl_unittest/revoked_key_rollover.pem \
+ pki/testdata/crl_unittest/revoked_no_nextupdate.pem \
+ pki/testdata/name_constraints_unittest/directoryname-excludeall.pem \
+ pki/testdata/name_constraints_unittest/directoryname-excluded.pem \
+ pki/testdata/name_constraints_unittest/directoryname.pem \
+ pki/testdata/name_constraints_unittest/directoryname_and_dnsname.pem \
+ pki/testdata/name_constraints_unittest/directoryname_and_dnsname_and_ipaddress.pem \
+ pki/testdata/name_constraints_unittest/dnsname-exclude_dot.pem \
+ pki/testdata/name_constraints_unittest/dnsname-excludeall.pem \
+ pki/testdata/name_constraints_unittest/dnsname-excluded.pem \
+ pki/testdata/name_constraints_unittest/dnsname-excluded_with_leading_dot.pem \
+ pki/testdata/name_constraints_unittest/dnsname-permitted_two_dot.pem \
+ pki/testdata/name_constraints_unittest/dnsname-permitted_with_leading_dot.pem \
+ pki/testdata/name_constraints_unittest/dnsname-with_max.pem \
+ pki/testdata/name_constraints_unittest/dnsname-with_min_0.pem \
+ pki/testdata/name_constraints_unittest/dnsname-with_min_0_and_max.pem \
+ pki/testdata/name_constraints_unittest/dnsname-with_min_1.pem \
+ pki/testdata/name_constraints_unittest/dnsname-with_min_1_and_max.pem \
+ pki/testdata/name_constraints_unittest/dnsname.pem \
+ pki/testdata/name_constraints_unittest/dnsname2.pem \
+ pki/testdata/name_constraints_unittest/edipartyname-excluded.pem \
+ pki/testdata/name_constraints_unittest/edipartyname-permitted.pem \
+ pki/testdata/name_constraints_unittest/invalid-empty_excluded_subtree.pem \
+ pki/testdata/name_constraints_unittest/invalid-empty_permitted_subtree.pem \
+ pki/testdata/name_constraints_unittest/invalid-no_subtrees.pem \
+ pki/testdata/name_constraints_unittest/ipaddress-excludeall.pem \
+ pki/testdata/name_constraints_unittest/ipaddress-excluded.pem \
+ pki/testdata/name_constraints_unittest/ipaddress-invalid_addr.pem \
+ pki/testdata/name_constraints_unittest/ipaddress-invalid_mask_not_contiguous_1.pem \
+ pki/testdata/name_constraints_unittest/ipaddress-invalid_mask_not_contiguous_2.pem \
+ pki/testdata/name_constraints_unittest/ipaddress-invalid_mask_not_contiguous_3.pem \
+ pki/testdata/name_constraints_unittest/ipaddress-invalid_mask_not_contiguous_4.pem \
+ pki/testdata/name_constraints_unittest/ipaddress-mapped_addrs.pem \
+ pki/testdata/name_constraints_unittest/ipaddress-permit_all.pem \
+ pki/testdata/name_constraints_unittest/ipaddress-permit_prefix1.pem \
+ pki/testdata/name_constraints_unittest/ipaddress-permit_prefix31.pem \
+ pki/testdata/name_constraints_unittest/ipaddress-permit_singlehost.pem \
+ pki/testdata/name_constraints_unittest/ipaddress.pem \
+ pki/testdata/name_constraints_unittest/name-ca.pem \
+ pki/testdata/name_constraints_unittest/name-de.pem \
+ pki/testdata/name_constraints_unittest/name-empty.pem \
+ pki/testdata/name_constraints_unittest/name-jp-tokyo.pem \
+ pki/testdata/name_constraints_unittest/name-jp.pem \
+ pki/testdata/name_constraints_unittest/name-us-arizona-1.1.1.1.pem \
+ pki/testdata/name_constraints_unittest/name-us-arizona-192.168.1.1.pem \
+ pki/testdata/name_constraints_unittest/name-us-arizona-email-invalidstring.pem \
+ pki/testdata/name_constraints_unittest/name-us-arizona-email-localpartcase.pem \
+ pki/testdata/name_constraints_unittest/name-us-arizona-email-multiple.pem \
+ pki/testdata/name_constraints_unittest/name-us-arizona-email.pem \
+ pki/testdata/name_constraints_unittest/name-us-arizona-foo.com.pem \
+ pki/testdata/name_constraints_unittest/name-us-arizona-ipv6.pem \
+ pki/testdata/name_constraints_unittest/name-us-arizona-permitted.example.com.pem \
+ pki/testdata/name_constraints_unittest/name-us-arizona.pem \
+ pki/testdata/name_constraints_unittest/name-us-california-192.168.1.1.pem \
+ pki/testdata/name_constraints_unittest/name-us-california-mountain_view.pem \
+ pki/testdata/name_constraints_unittest/name-us-california-permitted.example.com.pem \
+ pki/testdata/name_constraints_unittest/name-us-california.pem \
+ pki/testdata/name_constraints_unittest/name-us.pem \
+ pki/testdata/name_constraints_unittest/othername-excluded.pem \
+ pki/testdata/name_constraints_unittest/othername-permitted.pem \
+ pki/testdata/name_constraints_unittest/registeredid-excluded.pem \
+ pki/testdata/name_constraints_unittest/registeredid-permitted.pem \
+ pki/testdata/name_constraints_unittest/rfc822name-excluded-empty.pem \
+ pki/testdata/name_constraints_unittest/rfc822name-excluded-hostname.pem \
+ pki/testdata/name_constraints_unittest/rfc822name-excluded-hostnamewithat.pem \
+ pki/testdata/name_constraints_unittest/rfc822name-excluded-ipv4.pem \
+ pki/testdata/name_constraints_unittest/rfc822name-excluded-quoted.pem \
+ pki/testdata/name_constraints_unittest/rfc822name-excluded-subdomains.pem \
+ pki/testdata/name_constraints_unittest/rfc822name-excluded.pem \
+ pki/testdata/name_constraints_unittest/rfc822name-permitted-empty.pem \
+ pki/testdata/name_constraints_unittest/rfc822name-permitted-hostname.pem \
+ pki/testdata/name_constraints_unittest/rfc822name-permitted-hostnamewithat.pem \
+ pki/testdata/name_constraints_unittest/rfc822name-permitted-ipv4.pem \
+ pki/testdata/name_constraints_unittest/rfc822name-permitted-quoted.pem \
+ pki/testdata/name_constraints_unittest/rfc822name-permitted-subdomains.pem \
+ pki/testdata/name_constraints_unittest/rfc822name-permitted.pem \
+ pki/testdata/name_constraints_unittest/san-directoryname.pem \
+ pki/testdata/name_constraints_unittest/san-dnsname.pem \
+ pki/testdata/name_constraints_unittest/san-edipartyname.pem \
+ pki/testdata/name_constraints_unittest/san-excluded-directoryname.pem \
+ pki/testdata/name_constraints_unittest/san-excluded-dnsname.pem \
+ pki/testdata/name_constraints_unittest/san-excluded-ipaddress.pem \
+ pki/testdata/name_constraints_unittest/san-invalid-empty.pem \
+ pki/testdata/name_constraints_unittest/san-invalid-ipaddress.pem \
+ pki/testdata/name_constraints_unittest/san-ipaddress4.pem \
+ pki/testdata/name_constraints_unittest/san-ipaddress6.pem \
+ pki/testdata/name_constraints_unittest/san-othername.pem \
+ pki/testdata/name_constraints_unittest/san-permitted.pem \
+ pki/testdata/name_constraints_unittest/san-registeredid.pem \
+ pki/testdata/name_constraints_unittest/san-rfc822name-domaincase.pem \
+ pki/testdata/name_constraints_unittest/san-rfc822name-empty-localpart.pem \
+ pki/testdata/name_constraints_unittest/san-rfc822name-empty.pem \
+ pki/testdata/name_constraints_unittest/san-rfc822name-ipv4.pem \
+ pki/testdata/name_constraints_unittest/san-rfc822name-localpartcase.pem \
+ pki/testdata/name_constraints_unittest/san-rfc822name-multiple.pem \
+ pki/testdata/name_constraints_unittest/san-rfc822name-no-at.pem \
+ pki/testdata/name_constraints_unittest/san-rfc822name-quoted.pem \
+ pki/testdata/name_constraints_unittest/san-rfc822name-subdomain-no-at.pem \
+ pki/testdata/name_constraints_unittest/san-rfc822name-subdomain-two-ats.pem \
+ pki/testdata/name_constraints_unittest/san-rfc822name-subdomain.pem \
+ pki/testdata/name_constraints_unittest/san-rfc822name-subdomaincase.pem \
+ pki/testdata/name_constraints_unittest/san-rfc822name-two-ats.pem \
+ pki/testdata/name_constraints_unittest/san-rfc822name.pem \
+ pki/testdata/name_constraints_unittest/san-uri.pem \
+ pki/testdata/name_constraints_unittest/san-x400address.pem \
+ pki/testdata/name_constraints_unittest/uri-excluded.pem \
+ pki/testdata/name_constraints_unittest/uri-permitted.pem \
+ pki/testdata/name_constraints_unittest/x400address-excluded.pem \
+ pki/testdata/name_constraints_unittest/x400address-permitted.pem \
+ pki/testdata/nist-pkits/certs/AllCertificatesNoPoliciesTest2EE.crt \
+ pki/testdata/nist-pkits/certs/AllCertificatesSamePoliciesTest10EE.crt \
+ pki/testdata/nist-pkits/certs/AllCertificatesSamePoliciesTest13EE.crt \
+ pki/testdata/nist-pkits/certs/AllCertificatesanyPolicyTest11EE.crt \
+ pki/testdata/nist-pkits/certs/AnyPolicyTest14EE.crt \
+ pki/testdata/nist-pkits/certs/BadCRLIssuerNameCACert.crt \
+ pki/testdata/nist-pkits/certs/BadCRLSignatureCACert.crt \
+ pki/testdata/nist-pkits/certs/BadSignedCACert.crt \
+ pki/testdata/nist-pkits/certs/BadnotAfterDateCACert.crt \
+ pki/testdata/nist-pkits/certs/BadnotBeforeDateCACert.crt \
+ pki/testdata/nist-pkits/certs/BasicSelfIssuedCRLSigningKeyCACert.crt \
+ pki/testdata/nist-pkits/certs/BasicSelfIssuedCRLSigningKeyCRLCert.crt \
+ pki/testdata/nist-pkits/certs/BasicSelfIssuedNewKeyCACert.crt \
+ pki/testdata/nist-pkits/certs/BasicSelfIssuedNewKeyOldWithNewCACert.crt \
+ pki/testdata/nist-pkits/certs/BasicSelfIssuedOldKeyCACert.crt \
+ pki/testdata/nist-pkits/certs/BasicSelfIssuedOldKeyNewWithOldCACert.crt \
+ pki/testdata/nist-pkits/certs/CPSPointerQualifierTest20EE.crt \
+ pki/testdata/nist-pkits/certs/DSACACert.crt \
+ pki/testdata/nist-pkits/certs/DSAParametersInheritedCACert.crt \
+ pki/testdata/nist-pkits/certs/DifferentPoliciesTest12EE.crt \
+ pki/testdata/nist-pkits/certs/DifferentPoliciesTest3EE.crt \
+ pki/testdata/nist-pkits/certs/DifferentPoliciesTest4EE.crt \
+ pki/testdata/nist-pkits/certs/DifferentPoliciesTest5EE.crt \
+ pki/testdata/nist-pkits/certs/DifferentPoliciesTest7EE.crt \
+ pki/testdata/nist-pkits/certs/DifferentPoliciesTest8EE.crt \
+ pki/testdata/nist-pkits/certs/DifferentPoliciesTest9EE.crt \
+ pki/testdata/nist-pkits/certs/GeneralizedTimeCRLnextUpdateCACert.crt \
+ pki/testdata/nist-pkits/certs/GoodCACert.crt \
+ pki/testdata/nist-pkits/certs/GoodsubCACert.crt \
+ pki/testdata/nist-pkits/certs/GoodsubCAPanyPolicyMapping1to2CACert.crt \
+ pki/testdata/nist-pkits/certs/InvalidBadCRLIssuerNameTest5EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidBadCRLSignatureTest4EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidBasicSelfIssuedCRLSigningKeyTest7EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidBasicSelfIssuedCRLSigningKeyTest8EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidBasicSelfIssuedNewWithOldTest5EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidBasicSelfIssuedOldWithNewTest2EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidCASignatureTest2EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidCAnotAfterDateTest5EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidCAnotBeforeDateTest1EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidDNSnameConstraintsTest31EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidDNSnameConstraintsTest33EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidDNSnameConstraintsTest38EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidDNandRFC822nameConstraintsTest28EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidDNandRFC822nameConstraintsTest29EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest10EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest12EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest13EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest15EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest16EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest17EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest20EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest2EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest3EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest7EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest8EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidDNnameConstraintsTest9EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidDSASignatureTest6EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidEESignatureTest3EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidEEnotAfterDateTest6EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidEEnotBeforeDateTest2EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidIDPwithindirectCRLTest23EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidIDPwithindirectCRLTest26EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidLongSerialNumberTest18EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidMappingFromanyPolicyTest7EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidMappingToanyPolicyTest8EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidMissingCRLTest1EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidMissingbasicConstraintsTest1EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidNameChainingOrderTest2EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidNameChainingTest1EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidNegativeSerialNumberTest15EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidOldCRLnextUpdateTest11EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidPolicyMappingTest10EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidPolicyMappingTest2EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidPolicyMappingTest4EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidRFC822nameConstraintsTest22EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidRFC822nameConstraintsTest24EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidRFC822nameConstraintsTest26EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidRevokedCATest2EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidRevokedEETest3EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidSelfIssuedinhibitAnyPolicyTest10EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidSelfIssuedinhibitAnyPolicyTest8EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidSelfIssuedinhibitPolicyMappingTest10EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidSelfIssuedinhibitPolicyMappingTest11EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidSelfIssuedinhibitPolicyMappingTest8EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidSelfIssuedinhibitPolicyMappingTest9EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidSelfIssuedpathLenConstraintTest16EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidSelfIssuedrequireExplicitPolicyTest7EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidSelfIssuedrequireExplicitPolicyTest8EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidSeparateCertificateandCRLKeysTest20EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidSeparateCertificateandCRLKeysTest21EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidURInameConstraintsTest35EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidURInameConstraintsTest37EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidUnknownCRLEntryExtensionTest8EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidUnknownCRLExtensionTest10EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidUnknownCRLExtensionTest9EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidUnknownCriticalCertificateExtensionTest2EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidWrongCRLTest6EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidcAFalseTest2EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidcAFalseTest3EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidcRLIssuerTest27EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidcRLIssuerTest31EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidcRLIssuerTest32EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidcRLIssuerTest34EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidcRLIssuerTest35EE.crt \
+ pki/testdata/nist-pkits/certs/InvaliddeltaCRLIndicatorNoBaseTest1EE.crt \
+ pki/testdata/nist-pkits/certs/InvaliddeltaCRLTest10EE.crt \
+ pki/testdata/nist-pkits/certs/InvaliddeltaCRLTest3EE.crt \
+ pki/testdata/nist-pkits/certs/InvaliddeltaCRLTest4EE.crt \
+ pki/testdata/nist-pkits/certs/InvaliddeltaCRLTest6EE.crt \
+ pki/testdata/nist-pkits/certs/InvaliddeltaCRLTest9EE.crt \
+ pki/testdata/nist-pkits/certs/InvaliddistributionPointTest2EE.crt \
+ pki/testdata/nist-pkits/certs/InvaliddistributionPointTest3EE.crt \
+ pki/testdata/nist-pkits/certs/InvaliddistributionPointTest6EE.crt \
+ pki/testdata/nist-pkits/certs/InvaliddistributionPointTest8EE.crt \
+ pki/testdata/nist-pkits/certs/InvaliddistributionPointTest9EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidinhibitAnyPolicyTest1EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidinhibitAnyPolicyTest4EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidinhibitAnyPolicyTest5EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidinhibitAnyPolicyTest6EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidinhibitPolicyMappingTest1EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidinhibitPolicyMappingTest3EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidinhibitPolicyMappingTest5EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidinhibitPolicyMappingTest6EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidkeyUsageCriticalcRLSignFalseTest4EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidkeyUsageCriticalkeyCertSignFalseTest1EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidkeyUsageNotCriticalcRLSignFalseTest5EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidkeyUsageNotCriticalkeyCertSignFalseTest2EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidonlyContainsAttributeCertsTest14EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidonlyContainsCACertsTest12EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidonlyContainsUserCertsTest11EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidonlySomeReasonsTest15EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidonlySomeReasonsTest16EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidonlySomeReasonsTest17EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidonlySomeReasonsTest20EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidonlySomeReasonsTest21EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidpathLenConstraintTest10EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidpathLenConstraintTest11EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidpathLenConstraintTest12EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidpathLenConstraintTest5EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidpathLenConstraintTest6EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidpathLenConstraintTest9EE.crt \
+ pki/testdata/nist-pkits/certs/Invalidpre2000CRLnextUpdateTest12EE.crt \
+ pki/testdata/nist-pkits/certs/Invalidpre2000UTCEEnotAfterDateTest7EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidrequireExplicitPolicyTest3EE.crt \
+ pki/testdata/nist-pkits/certs/InvalidrequireExplicitPolicyTest5EE.crt \
+ pki/testdata/nist-pkits/certs/LongSerialNumberCACert.crt \
+ pki/testdata/nist-pkits/certs/Mapping1to2CACert.crt \
+ pki/testdata/nist-pkits/certs/MappingFromanyPolicyCACert.crt \
+ pki/testdata/nist-pkits/certs/MappingToanyPolicyCACert.crt \
+ pki/testdata/nist-pkits/certs/MissingbasicConstraintsCACert.crt \
+ pki/testdata/nist-pkits/certs/NameOrderingCACert.crt \
+ pki/testdata/nist-pkits/certs/NegativeSerialNumberCACert.crt \
+ pki/testdata/nist-pkits/certs/NoCRLCACert.crt \
+ pki/testdata/nist-pkits/certs/NoPoliciesCACert.crt \
+ pki/testdata/nist-pkits/certs/NoissuingDistributionPointCACert.crt \
+ pki/testdata/nist-pkits/certs/OldCRLnextUpdateCACert.crt \
+ pki/testdata/nist-pkits/certs/OverlappingPoliciesTest6EE.crt \
+ pki/testdata/nist-pkits/certs/P12Mapping1to3CACert.crt \
+ pki/testdata/nist-pkits/certs/P12Mapping1to3subCACert.crt \
+ pki/testdata/nist-pkits/certs/P12Mapping1to3subsubCACert.crt \
+ pki/testdata/nist-pkits/certs/P1Mapping1to234CACert.crt \
+ pki/testdata/nist-pkits/certs/P1Mapping1to234subCACert.crt \
+ pki/testdata/nist-pkits/certs/P1anyPolicyMapping1to2CACert.crt \
+ pki/testdata/nist-pkits/certs/PanyPolicyMapping1to2CACert.crt \
+ pki/testdata/nist-pkits/certs/PoliciesP1234CACert.crt \
+ pki/testdata/nist-pkits/certs/PoliciesP1234subCAP123Cert.crt \
+ pki/testdata/nist-pkits/certs/PoliciesP1234subsubCAP123P12Cert.crt \
+ pki/testdata/nist-pkits/certs/PoliciesP123CACert.crt \
+ pki/testdata/nist-pkits/certs/PoliciesP123subCAP12Cert.crt \
+ pki/testdata/nist-pkits/certs/PoliciesP123subsubCAP12P1Cert.crt \
+ pki/testdata/nist-pkits/certs/PoliciesP123subsubCAP12P2Cert.crt \
+ pki/testdata/nist-pkits/certs/PoliciesP123subsubsubCAP12P2P1Cert.crt \
+ pki/testdata/nist-pkits/certs/PoliciesP12CACert.crt \
+ pki/testdata/nist-pkits/certs/PoliciesP12subCAP1Cert.crt \
+ pki/testdata/nist-pkits/certs/PoliciesP12subsubCAP1P2Cert.crt \
+ pki/testdata/nist-pkits/certs/PoliciesP2subCA2Cert.crt \
+ pki/testdata/nist-pkits/certs/PoliciesP2subCACert.crt \
+ pki/testdata/nist-pkits/certs/PoliciesP3CACert.crt \
+ pki/testdata/nist-pkits/certs/RFC3280MandatoryAttributeTypesCACert.crt \
+ pki/testdata/nist-pkits/certs/RFC3280OptionalAttributeTypesCACert.crt \
+ pki/testdata/nist-pkits/certs/RevokedsubCACert.crt \
+ pki/testdata/nist-pkits/certs/RolloverfromPrintableStringtoUTF8StringCACert.crt \
+ pki/testdata/nist-pkits/certs/SeparateCertificateandCRLKeysCA2CRLSigningCert.crt \
+ pki/testdata/nist-pkits/certs/SeparateCertificateandCRLKeysCA2CertificateSigningCACert.crt \
+ pki/testdata/nist-pkits/certs/SeparateCertificateandCRLKeysCRLSigningCert.crt \
+ pki/testdata/nist-pkits/certs/SeparateCertificateandCRLKeysCertificateSigningCACert.crt \
+ pki/testdata/nist-pkits/certs/TrustAnchorRootCertificate.crt \
+ pki/testdata/nist-pkits/certs/TwoCRLsCACert.crt \
+ pki/testdata/nist-pkits/certs/UIDCACert.crt \
+ pki/testdata/nist-pkits/certs/UTF8StringCaseInsensitiveMatchCACert.crt \
+ pki/testdata/nist-pkits/certs/UTF8StringEncodedNamesCACert.crt \
+ pki/testdata/nist-pkits/certs/UnknownCRLEntryExtensionCACert.crt \
+ pki/testdata/nist-pkits/certs/UnknownCRLExtensionCACert.crt \
+ pki/testdata/nist-pkits/certs/UserNoticeQualifierTest15EE.crt \
+ pki/testdata/nist-pkits/certs/UserNoticeQualifierTest16EE.crt \
+ pki/testdata/nist-pkits/certs/UserNoticeQualifierTest17EE.crt \
+ pki/testdata/nist-pkits/certs/UserNoticeQualifierTest18EE.crt \
+ pki/testdata/nist-pkits/certs/UserNoticeQualifierTest19EE.crt \
+ pki/testdata/nist-pkits/certs/ValidBasicSelfIssuedCRLSigningKeyTest6EE.crt \
+ pki/testdata/nist-pkits/certs/ValidBasicSelfIssuedNewWithOldTest3EE.crt \
+ pki/testdata/nist-pkits/certs/ValidBasicSelfIssuedNewWithOldTest4EE.crt \
+ pki/testdata/nist-pkits/certs/ValidBasicSelfIssuedOldWithNewTest1EE.crt \
+ pki/testdata/nist-pkits/certs/ValidCertificatePathTest1EE.crt \
+ pki/testdata/nist-pkits/certs/ValidDNSnameConstraintsTest30EE.crt \
+ pki/testdata/nist-pkits/certs/ValidDNSnameConstraintsTest32EE.crt \
+ pki/testdata/nist-pkits/certs/ValidDNandRFC822nameConstraintsTest27EE.crt \
+ pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest11EE.crt \
+ pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest14EE.crt \
+ pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest18EE.crt \
+ pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest19EE.crt \
+ pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest1EE.crt \
+ pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest4EE.crt \
+ pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest5EE.crt \
+ pki/testdata/nist-pkits/certs/ValidDNnameConstraintsTest6EE.crt \
+ pki/testdata/nist-pkits/certs/ValidDSAParameterInheritanceTest5EE.crt \
+ pki/testdata/nist-pkits/certs/ValidDSASignaturesTest4EE.crt \
+ pki/testdata/nist-pkits/certs/ValidGeneralizedTimeCRLnextUpdateTest13EE.crt \
+ pki/testdata/nist-pkits/certs/ValidGeneralizedTimenotAfterDateTest8EE.crt \
+ pki/testdata/nist-pkits/certs/ValidGeneralizedTimenotBeforeDateTest4EE.crt \
+ pki/testdata/nist-pkits/certs/ValidIDPwithindirectCRLTest22EE.crt \
+ pki/testdata/nist-pkits/certs/ValidIDPwithindirectCRLTest24EE.crt \
+ pki/testdata/nist-pkits/certs/ValidIDPwithindirectCRLTest25EE.crt \
+ pki/testdata/nist-pkits/certs/ValidLongSerialNumberTest16EE.crt \
+ pki/testdata/nist-pkits/certs/ValidLongSerialNumberTest17EE.crt \
+ pki/testdata/nist-pkits/certs/ValidNameChainingCapitalizationTest5EE.crt \
+ pki/testdata/nist-pkits/certs/ValidNameChainingWhitespaceTest3EE.crt \
+ pki/testdata/nist-pkits/certs/ValidNameChainingWhitespaceTest4EE.crt \
+ pki/testdata/nist-pkits/certs/ValidNameUIDsTest6EE.crt \
+ pki/testdata/nist-pkits/certs/ValidNegativeSerialNumberTest14EE.crt \
+ pki/testdata/nist-pkits/certs/ValidNoissuingDistributionPointTest10EE.crt \
+ pki/testdata/nist-pkits/certs/ValidPolicyMappingTest11EE.crt \
+ pki/testdata/nist-pkits/certs/ValidPolicyMappingTest12EE.crt \
+ pki/testdata/nist-pkits/certs/ValidPolicyMappingTest13EE.crt \
+ pki/testdata/nist-pkits/certs/ValidPolicyMappingTest14EE.crt \
+ pki/testdata/nist-pkits/certs/ValidPolicyMappingTest1EE.crt \
+ pki/testdata/nist-pkits/certs/ValidPolicyMappingTest3EE.crt \
+ pki/testdata/nist-pkits/certs/ValidPolicyMappingTest5EE.crt \
+ pki/testdata/nist-pkits/certs/ValidPolicyMappingTest6EE.crt \
+ pki/testdata/nist-pkits/certs/ValidPolicyMappingTest9EE.crt \
+ pki/testdata/nist-pkits/certs/ValidRFC3280MandatoryAttributeTypesTest7EE.crt \
+ pki/testdata/nist-pkits/certs/ValidRFC3280OptionalAttributeTypesTest8EE.crt \
+ pki/testdata/nist-pkits/certs/ValidRFC822nameConstraintsTest21EE.crt \
+ pki/testdata/nist-pkits/certs/ValidRFC822nameConstraintsTest23EE.crt \
+ pki/testdata/nist-pkits/certs/ValidRFC822nameConstraintsTest25EE.crt \
+ pki/testdata/nist-pkits/certs/ValidRolloverfromPrintableStringtoUTF8StringTest10EE.crt \
+ pki/testdata/nist-pkits/certs/ValidSelfIssuedinhibitAnyPolicyTest7EE.crt \
+ pki/testdata/nist-pkits/certs/ValidSelfIssuedinhibitAnyPolicyTest9EE.crt \
+ pki/testdata/nist-pkits/certs/ValidSelfIssuedinhibitPolicyMappingTest7EE.crt \
+ pki/testdata/nist-pkits/certs/ValidSelfIssuedpathLenConstraintTest15EE.crt \
+ pki/testdata/nist-pkits/certs/ValidSelfIssuedpathLenConstraintTest17EE.crt \
+ pki/testdata/nist-pkits/certs/ValidSelfIssuedrequireExplicitPolicyTest6EE.crt \
+ pki/testdata/nist-pkits/certs/ValidSeparateCertificateandCRLKeysTest19EE.crt \
+ pki/testdata/nist-pkits/certs/ValidTwoCRLsTest7EE.crt \
+ pki/testdata/nist-pkits/certs/ValidURInameConstraintsTest34EE.crt \
+ pki/testdata/nist-pkits/certs/ValidURInameConstraintsTest36EE.crt \
+ pki/testdata/nist-pkits/certs/ValidUTF8StringCaseInsensitiveMatchTest11EE.crt \
+ pki/testdata/nist-pkits/certs/ValidUTF8StringEncodedNamesTest9EE.crt \
+ pki/testdata/nist-pkits/certs/ValidUnknownNotCriticalCertificateExtensionTest1EE.crt \
+ pki/testdata/nist-pkits/certs/ValidbasicConstraintsNotCriticalTest4EE.crt \
+ pki/testdata/nist-pkits/certs/ValidcRLIssuerTest28EE.crt \
+ pki/testdata/nist-pkits/certs/ValidcRLIssuerTest29EE.crt \
+ pki/testdata/nist-pkits/certs/ValidcRLIssuerTest30EE.crt \
+ pki/testdata/nist-pkits/certs/ValidcRLIssuerTest33EE.crt \
+ pki/testdata/nist-pkits/certs/ValiddeltaCRLTest2EE.crt \
+ pki/testdata/nist-pkits/certs/ValiddeltaCRLTest5EE.crt \
+ pki/testdata/nist-pkits/certs/ValiddeltaCRLTest7EE.crt \
+ pki/testdata/nist-pkits/certs/ValiddeltaCRLTest8EE.crt \
+ pki/testdata/nist-pkits/certs/ValiddistributionPointTest1EE.crt \
+ pki/testdata/nist-pkits/certs/ValiddistributionPointTest4EE.crt \
+ pki/testdata/nist-pkits/certs/ValiddistributionPointTest5EE.crt \
+ pki/testdata/nist-pkits/certs/ValiddistributionPointTest7EE.crt \
+ pki/testdata/nist-pkits/certs/ValidinhibitAnyPolicyTest2EE.crt \
+ pki/testdata/nist-pkits/certs/ValidinhibitPolicyMappingTest2EE.crt \
+ pki/testdata/nist-pkits/certs/ValidinhibitPolicyMappingTest4EE.crt \
+ pki/testdata/nist-pkits/certs/ValidkeyUsageNotCriticalTest3EE.crt \
+ pki/testdata/nist-pkits/certs/ValidonlyContainsCACertsTest13EE.crt \
+ pki/testdata/nist-pkits/certs/ValidonlySomeReasonsTest18EE.crt \
+ pki/testdata/nist-pkits/certs/ValidonlySomeReasonsTest19EE.crt \
+ pki/testdata/nist-pkits/certs/ValidpathLenConstraintTest13EE.crt \
+ pki/testdata/nist-pkits/certs/ValidpathLenConstraintTest14EE.crt \
+ pki/testdata/nist-pkits/certs/ValidpathLenConstraintTest7EE.crt \
+ pki/testdata/nist-pkits/certs/ValidpathLenConstraintTest8EE.crt \
+ pki/testdata/nist-pkits/certs/Validpre2000UTCnotBeforeDateTest3EE.crt \
+ pki/testdata/nist-pkits/certs/ValidrequireExplicitPolicyTest1EE.crt \
+ pki/testdata/nist-pkits/certs/ValidrequireExplicitPolicyTest2EE.crt \
+ pki/testdata/nist-pkits/certs/ValidrequireExplicitPolicyTest4EE.crt \
+ pki/testdata/nist-pkits/certs/WrongCRLCACert.crt \
+ pki/testdata/nist-pkits/certs/anyPolicyCACert.crt \
+ pki/testdata/nist-pkits/certs/basicConstraintsCriticalcAFalseCACert.crt \
+ pki/testdata/nist-pkits/certs/basicConstraintsNotCriticalCACert.crt \
+ pki/testdata/nist-pkits/certs/basicConstraintsNotCriticalcAFalseCACert.crt \
+ pki/testdata/nist-pkits/certs/deltaCRLCA1Cert.crt \
+ pki/testdata/nist-pkits/certs/deltaCRLCA2Cert.crt \
+ pki/testdata/nist-pkits/certs/deltaCRLCA3Cert.crt \
+ pki/testdata/nist-pkits/certs/deltaCRLIndicatorNoBaseCACert.crt \
+ pki/testdata/nist-pkits/certs/distributionPoint1CACert.crt \
+ pki/testdata/nist-pkits/certs/distributionPoint2CACert.crt \
+ pki/testdata/nist-pkits/certs/indirectCRLCA1Cert.crt \
+ pki/testdata/nist-pkits/certs/indirectCRLCA2Cert.crt \
+ pki/testdata/nist-pkits/certs/indirectCRLCA3Cert.crt \
+ pki/testdata/nist-pkits/certs/indirectCRLCA3cRLIssuerCert.crt \
+ pki/testdata/nist-pkits/certs/indirectCRLCA4Cert.crt \
+ pki/testdata/nist-pkits/certs/indirectCRLCA4cRLIssuerCert.crt \
+ pki/testdata/nist-pkits/certs/indirectCRLCA5Cert.crt \
+ pki/testdata/nist-pkits/certs/indirectCRLCA6Cert.crt \
+ pki/testdata/nist-pkits/certs/inhibitAnyPolicy0CACert.crt \
+ pki/testdata/nist-pkits/certs/inhibitAnyPolicy1CACert.crt \
+ pki/testdata/nist-pkits/certs/inhibitAnyPolicy1SelfIssuedCACert.crt \
+ pki/testdata/nist-pkits/certs/inhibitAnyPolicy1SelfIssuedsubCA2Cert.crt \
+ pki/testdata/nist-pkits/certs/inhibitAnyPolicy1subCA1Cert.crt \
+ pki/testdata/nist-pkits/certs/inhibitAnyPolicy1subCA2Cert.crt \
+ pki/testdata/nist-pkits/certs/inhibitAnyPolicy1subCAIAP5Cert.crt \
+ pki/testdata/nist-pkits/certs/inhibitAnyPolicy1subsubCA2Cert.crt \
+ pki/testdata/nist-pkits/certs/inhibitAnyPolicy5CACert.crt \
+ pki/testdata/nist-pkits/certs/inhibitAnyPolicy5subCACert.crt \
+ pki/testdata/nist-pkits/certs/inhibitAnyPolicy5subsubCACert.crt \
+ pki/testdata/nist-pkits/certs/inhibitAnyPolicyTest3EE.crt \
+ pki/testdata/nist-pkits/certs/inhibitPolicyMapping0CACert.crt \
+ pki/testdata/nist-pkits/certs/inhibitPolicyMapping0subCACert.crt \
+ pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P12CACert.crt \
+ pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P12subCACert.crt \
+ pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P12subCAIPM5Cert.crt \
+ pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P12subsubCACert.crt \
+ pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P12subsubCAIPM5Cert.crt \
+ pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P1CACert.crt \
+ pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P1SelfIssuedCACert.crt \
+ pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P1SelfIssuedsubCACert.crt \
+ pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P1subCACert.crt \
+ pki/testdata/nist-pkits/certs/inhibitPolicyMapping1P1subsubCACert.crt \
+ pki/testdata/nist-pkits/certs/inhibitPolicyMapping5CACert.crt \
+ pki/testdata/nist-pkits/certs/inhibitPolicyMapping5subCACert.crt \
+ pki/testdata/nist-pkits/certs/inhibitPolicyMapping5subsubCACert.crt \
+ pki/testdata/nist-pkits/certs/inhibitPolicyMapping5subsubsubCACert.crt \
+ pki/testdata/nist-pkits/certs/keyUsageCriticalcRLSignFalseCACert.crt \
+ pki/testdata/nist-pkits/certs/keyUsageCriticalkeyCertSignFalseCACert.crt \
+ pki/testdata/nist-pkits/certs/keyUsageNotCriticalCACert.crt \
+ pki/testdata/nist-pkits/certs/keyUsageNotCriticalcRLSignFalseCACert.crt \
+ pki/testdata/nist-pkits/certs/keyUsageNotCriticalkeyCertSignFalseCACert.crt \
+ pki/testdata/nist-pkits/certs/nameConstraintsDN1CACert.crt \
+ pki/testdata/nist-pkits/certs/nameConstraintsDN1SelfIssuedCACert.crt \
+ pki/testdata/nist-pkits/certs/nameConstraintsDN1subCA1Cert.crt \
+ pki/testdata/nist-pkits/certs/nameConstraintsDN1subCA2Cert.crt \
+ pki/testdata/nist-pkits/certs/nameConstraintsDN1subCA3Cert.crt \
+ pki/testdata/nist-pkits/certs/nameConstraintsDN2CACert.crt \
+ pki/testdata/nist-pkits/certs/nameConstraintsDN3CACert.crt \
+ pki/testdata/nist-pkits/certs/nameConstraintsDN3subCA1Cert.crt \
+ pki/testdata/nist-pkits/certs/nameConstraintsDN3subCA2Cert.crt \
+ pki/testdata/nist-pkits/certs/nameConstraintsDN4CACert.crt \
+ pki/testdata/nist-pkits/certs/nameConstraintsDN5CACert.crt \
+ pki/testdata/nist-pkits/certs/nameConstraintsDNS1CACert.crt \
+ pki/testdata/nist-pkits/certs/nameConstraintsDNS2CACert.crt \
+ pki/testdata/nist-pkits/certs/nameConstraintsRFC822CA1Cert.crt \
+ pki/testdata/nist-pkits/certs/nameConstraintsRFC822CA2Cert.crt \
+ pki/testdata/nist-pkits/certs/nameConstraintsRFC822CA3Cert.crt \
+ pki/testdata/nist-pkits/certs/nameConstraintsURI1CACert.crt \
+ pki/testdata/nist-pkits/certs/nameConstraintsURI2CACert.crt \
+ pki/testdata/nist-pkits/certs/onlyContainsAttributeCertsCACert.crt \
+ pki/testdata/nist-pkits/certs/onlyContainsCACertsCACert.crt \
+ pki/testdata/nist-pkits/certs/onlyContainsUserCertsCACert.crt \
+ pki/testdata/nist-pkits/certs/onlySomeReasonsCA1Cert.crt \
+ pki/testdata/nist-pkits/certs/onlySomeReasonsCA2Cert.crt \
+ pki/testdata/nist-pkits/certs/onlySomeReasonsCA3Cert.crt \
+ pki/testdata/nist-pkits/certs/onlySomeReasonsCA4Cert.crt \
+ pki/testdata/nist-pkits/certs/pathLenConstraint0CACert.crt \
+ pki/testdata/nist-pkits/certs/pathLenConstraint0SelfIssuedCACert.crt \
+ pki/testdata/nist-pkits/certs/pathLenConstraint0subCA2Cert.crt \
+ pki/testdata/nist-pkits/certs/pathLenConstraint0subCACert.crt \
+ pki/testdata/nist-pkits/certs/pathLenConstraint1CACert.crt \
+ pki/testdata/nist-pkits/certs/pathLenConstraint1SelfIssuedCACert.crt \
+ pki/testdata/nist-pkits/certs/pathLenConstraint1SelfIssuedsubCACert.crt \
+ pki/testdata/nist-pkits/certs/pathLenConstraint1subCACert.crt \
+ pki/testdata/nist-pkits/certs/pathLenConstraint6CACert.crt \
+ pki/testdata/nist-pkits/certs/pathLenConstraint6subCA0Cert.crt \
+ pki/testdata/nist-pkits/certs/pathLenConstraint6subCA1Cert.crt \
+ pki/testdata/nist-pkits/certs/pathLenConstraint6subCA4Cert.crt \
+ pki/testdata/nist-pkits/certs/pathLenConstraint6subsubCA00Cert.crt \
+ pki/testdata/nist-pkits/certs/pathLenConstraint6subsubCA11Cert.crt \
+ pki/testdata/nist-pkits/certs/pathLenConstraint6subsubCA41Cert.crt \
+ pki/testdata/nist-pkits/certs/pathLenConstraint6subsubsubCA11XCert.crt \
+ pki/testdata/nist-pkits/certs/pathLenConstraint6subsubsubCA41XCert.crt \
+ pki/testdata/nist-pkits/certs/pre2000CRLnextUpdateCACert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy0CACert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy0subCACert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy0subsubCACert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy0subsubsubCACert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy10CACert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy10subCACert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy10subsubCACert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy10subsubsubCACert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy2CACert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy2SelfIssuedCACert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy2SelfIssuedsubCACert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy2subCACert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy4CACert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy4subCACert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy4subsubCACert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy4subsubsubCACert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy5CACert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy5subCACert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy5subsubCACert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy5subsubsubCACert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy7CACert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy7subCARE2Cert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy7subsubCARE2RE4Cert.crt \
+ pki/testdata/nist-pkits/certs/requireExplicitPolicy7subsubsubCARE2RE4Cert.crt \
+ pki/testdata/nist-pkits/crls/BadCRLIssuerNameCACRL.crl \
+ pki/testdata/nist-pkits/crls/BadCRLSignatureCACRL.crl \
+ pki/testdata/nist-pkits/crls/BadSignedCACRL.crl \
+ pki/testdata/nist-pkits/crls/BadnotAfterDateCACRL.crl \
+ pki/testdata/nist-pkits/crls/BadnotBeforeDateCACRL.crl \
+ pki/testdata/nist-pkits/crls/BasicSelfIssuedCRLSigningKeyCACRL.crl \
+ pki/testdata/nist-pkits/crls/BasicSelfIssuedCRLSigningKeyCRLCertCRL.crl \
+ pki/testdata/nist-pkits/crls/BasicSelfIssuedNewKeyCACRL.crl \
+ pki/testdata/nist-pkits/crls/BasicSelfIssuedOldKeyCACRL.crl \
+ pki/testdata/nist-pkits/crls/BasicSelfIssuedOldKeySelfIssuedCertCRL.crl \
+ pki/testdata/nist-pkits/crls/DSACACRL.crl \
+ pki/testdata/nist-pkits/crls/DSAParametersInheritedCACRL.crl \
+ pki/testdata/nist-pkits/crls/GeneralizedTimeCRLnextUpdateCACRL.crl \
+ pki/testdata/nist-pkits/crls/GoodCACRL.crl \
+ pki/testdata/nist-pkits/crls/GoodsubCACRL.crl \
+ pki/testdata/nist-pkits/crls/GoodsubCAPanyPolicyMapping1to2CACRL.crl \
+ pki/testdata/nist-pkits/crls/LongSerialNumberCACRL.crl \
+ pki/testdata/nist-pkits/crls/Mapping1to2CACRL.crl \
+ pki/testdata/nist-pkits/crls/MappingFromanyPolicyCACRL.crl \
+ pki/testdata/nist-pkits/crls/MappingToanyPolicyCACRL.crl \
+ pki/testdata/nist-pkits/crls/MissingbasicConstraintsCACRL.crl \
+ pki/testdata/nist-pkits/crls/NameOrderCACRL.crl \
+ pki/testdata/nist-pkits/crls/NegativeSerialNumberCACRL.crl \
+ pki/testdata/nist-pkits/crls/NoPoliciesCACRL.crl \
+ pki/testdata/nist-pkits/crls/NoissuingDistributionPointCACRL.crl \
+ pki/testdata/nist-pkits/crls/OldCRLnextUpdateCACRL.crl \
+ pki/testdata/nist-pkits/crls/P12Mapping1to3CACRL.crl \
+ pki/testdata/nist-pkits/crls/P12Mapping1to3subCACRL.crl \
+ pki/testdata/nist-pkits/crls/P12Mapping1to3subsubCACRL.crl \
+ pki/testdata/nist-pkits/crls/P1Mapping1to234CACRL.crl \
+ pki/testdata/nist-pkits/crls/P1Mapping1to234subCACRL.crl \
+ pki/testdata/nist-pkits/crls/P1anyPolicyMapping1to2CACRL.crl \
+ pki/testdata/nist-pkits/crls/PanyPolicyMapping1to2CACRL.crl \
+ pki/testdata/nist-pkits/crls/PoliciesP1234CACRL.crl \
+ pki/testdata/nist-pkits/crls/PoliciesP1234subCAP123CRL.crl \
+ pki/testdata/nist-pkits/crls/PoliciesP1234subsubCAP123P12CRL.crl \
+ pki/testdata/nist-pkits/crls/PoliciesP123CACRL.crl \
+ pki/testdata/nist-pkits/crls/PoliciesP123subCAP12CRL.crl \
+ pki/testdata/nist-pkits/crls/PoliciesP123subsubCAP12P1CRL.crl \
+ pki/testdata/nist-pkits/crls/PoliciesP123subsubCAP2P2CRL.crl \
+ pki/testdata/nist-pkits/crls/PoliciesP123subsubsubCAP12P2P1CRL.crl \
+ pki/testdata/nist-pkits/crls/PoliciesP12CACRL.crl \
+ pki/testdata/nist-pkits/crls/PoliciesP12subCAP1CRL.crl \
+ pki/testdata/nist-pkits/crls/PoliciesP12subsubCAP1P2CRL.crl \
+ pki/testdata/nist-pkits/crls/PoliciesP2subCA2CRL.crl \
+ pki/testdata/nist-pkits/crls/PoliciesP2subCACRL.crl \
+ pki/testdata/nist-pkits/crls/PoliciesP3CACRL.crl \
+ pki/testdata/nist-pkits/crls/RFC3280MandatoryAttributeTypesCACRL.crl \
+ pki/testdata/nist-pkits/crls/RFC3280OptionalAttributeTypesCACRL.crl \
+ pki/testdata/nist-pkits/crls/RevokedsubCACRL.crl \
+ pki/testdata/nist-pkits/crls/RolloverfromPrintableStringtoUTF8StringCACRL.crl \
+ pki/testdata/nist-pkits/crls/SeparateCertificateandCRLKeysCA2CRL.crl \
+ pki/testdata/nist-pkits/crls/SeparateCertificateandCRLKeysCRL.crl \
+ pki/testdata/nist-pkits/crls/TrustAnchorRootCRL.crl \
+ pki/testdata/nist-pkits/crls/TwoCRLsCABadCRL.crl \
+ pki/testdata/nist-pkits/crls/TwoCRLsCAGoodCRL.crl \
+ pki/testdata/nist-pkits/crls/UIDCACRL.crl \
+ pki/testdata/nist-pkits/crls/UTF8StringCaseInsensitiveMatchCACRL.crl \
+ pki/testdata/nist-pkits/crls/UTF8StringEncodedNamesCACRL.crl \
+ pki/testdata/nist-pkits/crls/UnknownCRLEntryExtensionCACRL.crl \
+ pki/testdata/nist-pkits/crls/UnknownCRLExtensionCACRL.crl \
+ pki/testdata/nist-pkits/crls/WrongCRLCACRL.crl \
+ pki/testdata/nist-pkits/crls/anyPolicyCACRL.crl \
+ pki/testdata/nist-pkits/crls/basicConstraintsCriticalcAFalseCACRL.crl \
+ pki/testdata/nist-pkits/crls/basicConstraintsNotCriticalCACRL.crl \
+ pki/testdata/nist-pkits/crls/basicConstraintsNotCriticalcAFalseCACRL.crl \
+ pki/testdata/nist-pkits/crls/deltaCRLCA1CRL.crl \
+ pki/testdata/nist-pkits/crls/deltaCRLCA1deltaCRL.crl \
+ pki/testdata/nist-pkits/crls/deltaCRLCA2CRL.crl \
+ pki/testdata/nist-pkits/crls/deltaCRLCA2deltaCRL.crl \
+ pki/testdata/nist-pkits/crls/deltaCRLCA3CRL.crl \
+ pki/testdata/nist-pkits/crls/deltaCRLCA3deltaCRL.crl \
+ pki/testdata/nist-pkits/crls/deltaCRLIndicatorNoBaseCACRL.crl \
+ pki/testdata/nist-pkits/crls/distributionPoint1CACRL.crl \
+ pki/testdata/nist-pkits/crls/distributionPoint2CACRL.crl \
+ pki/testdata/nist-pkits/crls/indirectCRLCA1CRL.crl \
+ pki/testdata/nist-pkits/crls/indirectCRLCA3CRL.crl \
+ pki/testdata/nist-pkits/crls/indirectCRLCA3cRLIssuerCRL.crl \
+ pki/testdata/nist-pkits/crls/indirectCRLCA4cRLIssuerCRL.crl \
+ pki/testdata/nist-pkits/crls/indirectCRLCA5CRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitAnyPolicy0CACRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitAnyPolicy1CACRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitAnyPolicy1subCA1CRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitAnyPolicy1subCA2CRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitAnyPolicy1subCAIAP5CRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitAnyPolicy1subsubCA2CRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitAnyPolicy5CACRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitAnyPolicy5subCACRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitAnyPolicy5subsubCACRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitPolicyMapping0CACRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitPolicyMapping0subCACRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P12CACRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P12subCACRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P12subCAIPM5CRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P12subsubCACRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P12subsubCAIPM5CRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P1CACRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P1subCACRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitPolicyMapping1P1subsubCACRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitPolicyMapping5CACRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitPolicyMapping5subCACRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitPolicyMapping5subsubCACRL.crl \
+ pki/testdata/nist-pkits/crls/inhibitPolicyMapping5subsubsubCACRL.crl \
+ pki/testdata/nist-pkits/crls/keyUsageCriticalcRLSignFalseCACRL.crl \
+ pki/testdata/nist-pkits/crls/keyUsageCriticalkeyCertSignFalseCACRL.crl \
+ pki/testdata/nist-pkits/crls/keyUsageNotCriticalCACRL.crl \
+ pki/testdata/nist-pkits/crls/keyUsageNotCriticalcRLSignFalseCACRL.crl \
+ pki/testdata/nist-pkits/crls/keyUsageNotCriticalkeyCertSignFalseCACRL.crl \
+ pki/testdata/nist-pkits/crls/nameConstraintsDN1CACRL.crl \
+ pki/testdata/nist-pkits/crls/nameConstraintsDN1subCA1CRL.crl \
+ pki/testdata/nist-pkits/crls/nameConstraintsDN1subCA2CRL.crl \
+ pki/testdata/nist-pkits/crls/nameConstraintsDN1subCA3CRL.crl \
+ pki/testdata/nist-pkits/crls/nameConstraintsDN2CACRL.crl \
+ pki/testdata/nist-pkits/crls/nameConstraintsDN3CACRL.crl \
+ pki/testdata/nist-pkits/crls/nameConstraintsDN3subCA1CRL.crl \
+ pki/testdata/nist-pkits/crls/nameConstraintsDN3subCA2CRL.crl \
+ pki/testdata/nist-pkits/crls/nameConstraintsDN4CACRL.crl \
+ pki/testdata/nist-pkits/crls/nameConstraintsDN5CACRL.crl \
+ pki/testdata/nist-pkits/crls/nameConstraintsDNS1CACRL.crl \
+ pki/testdata/nist-pkits/crls/nameConstraintsDNS2CACRL.crl \
+ pki/testdata/nist-pkits/crls/nameConstraintsRFC822CA1CRL.crl \
+ pki/testdata/nist-pkits/crls/nameConstraintsRFC822CA2CRL.crl \
+ pki/testdata/nist-pkits/crls/nameConstraintsRFC822CA3CRL.crl \
+ pki/testdata/nist-pkits/crls/nameConstraintsURI1CACRL.crl \
+ pki/testdata/nist-pkits/crls/nameConstraintsURI2CACRL.crl \
+ pki/testdata/nist-pkits/crls/onlyContainsAttributeCertsCACRL.crl \
+ pki/testdata/nist-pkits/crls/onlyContainsCACertsCACRL.crl \
+ pki/testdata/nist-pkits/crls/onlyContainsUserCertsCACRL.crl \
+ pki/testdata/nist-pkits/crls/onlySomeReasonsCA1compromiseCRL.crl \
+ pki/testdata/nist-pkits/crls/onlySomeReasonsCA1otherreasonsCRL.crl \
+ pki/testdata/nist-pkits/crls/onlySomeReasonsCA2CRL1.crl \
+ pki/testdata/nist-pkits/crls/onlySomeReasonsCA2CRL2.crl \
+ pki/testdata/nist-pkits/crls/onlySomeReasonsCA3compromiseCRL.crl \
+ pki/testdata/nist-pkits/crls/onlySomeReasonsCA3otherreasonsCRL.crl \
+ pki/testdata/nist-pkits/crls/onlySomeReasonsCA4compromiseCRL.crl \
+ pki/testdata/nist-pkits/crls/onlySomeReasonsCA4otherreasonsCRL.crl \
+ pki/testdata/nist-pkits/crls/pathLenConstraint0CACRL.crl \
+ pki/testdata/nist-pkits/crls/pathLenConstraint0subCA2CRL.crl \
+ pki/testdata/nist-pkits/crls/pathLenConstraint0subCACRL.crl \
+ pki/testdata/nist-pkits/crls/pathLenConstraint1CACRL.crl \
+ pki/testdata/nist-pkits/crls/pathLenConstraint1subCACRL.crl \
+ pki/testdata/nist-pkits/crls/pathLenConstraint6CACRL.crl \
+ pki/testdata/nist-pkits/crls/pathLenConstraint6subCA0CRL.crl \
+ pki/testdata/nist-pkits/crls/pathLenConstraint6subCA1CRL.crl \
+ pki/testdata/nist-pkits/crls/pathLenConstraint6subCA4CRL.crl \
+ pki/testdata/nist-pkits/crls/pathLenConstraint6subsubCA00CRL.crl \
+ pki/testdata/nist-pkits/crls/pathLenConstraint6subsubCA11CRL.crl \
+ pki/testdata/nist-pkits/crls/pathLenConstraint6subsubCA41CRL.crl \
+ pki/testdata/nist-pkits/crls/pathLenConstraint6subsubsubCA11XCRL.crl \
+ pki/testdata/nist-pkits/crls/pathLenConstraint6subsubsubCA41XCRL.crl \
+ pki/testdata/nist-pkits/crls/pre2000CRLnextUpdateCACRL.crl \
+ pki/testdata/nist-pkits/crls/requireExplicitPolicy0CACRL.crl \
+ pki/testdata/nist-pkits/crls/requireExplicitPolicy0subCACRL.crl \
+ pki/testdata/nist-pkits/crls/requireExplicitPolicy0subsubCACRL.crl \
+ pki/testdata/nist-pkits/crls/requireExplicitPolicy0subsubsubCACRL.crl \
+ pki/testdata/nist-pkits/crls/requireExplicitPolicy10CACRL.crl \
+ pki/testdata/nist-pkits/crls/requireExplicitPolicy10subCACRL.crl \
+ pki/testdata/nist-pkits/crls/requireExplicitPolicy10subsubCACRL.crl \
+ pki/testdata/nist-pkits/crls/requireExplicitPolicy10subsubsubCACRL.crl \
+ pki/testdata/nist-pkits/crls/requireExplicitPolicy2CACRL.crl \
+ pki/testdata/nist-pkits/crls/requireExplicitPolicy2subCACRL.crl \
+ pki/testdata/nist-pkits/crls/requireExplicitPolicy4CACRL.crl \
+ pki/testdata/nist-pkits/crls/requireExplicitPolicy4subCACRL.crl \
+ pki/testdata/nist-pkits/crls/requireExplicitPolicy4subsubCACRL.crl \
+ pki/testdata/nist-pkits/crls/requireExplicitPolicy4subsubsubCACRL.crl \
+ pki/testdata/nist-pkits/crls/requireExplicitPolicy5CACRL.crl \
+ pki/testdata/nist-pkits/crls/requireExplicitPolicy5subCACRL.crl \
+ pki/testdata/nist-pkits/crls/requireExplicitPolicy5subsubCACRL.crl \
+ pki/testdata/nist-pkits/crls/requireExplicitPolicy5subsubsubCACRL.crl \
+ pki/testdata/nist-pkits/crls/requireExplicitPolicy7CACRL.crl \
+ pki/testdata/nist-pkits/crls/requireExplicitPolicy7subCARE2CRL.crl \
+ pki/testdata/nist-pkits/crls/requireExplicitPolicy7subsubCARE2RE4CRL.crl \
+ pki/testdata/nist-pkits/crls/requireExplicitPolicy7subsubsubCARE2RE4CRL.crl \
+ pki/testdata/ocsp_unittest/bad_ocsp_type.pem \
+ pki/testdata/ocsp_unittest/bad_signature.pem \
+ pki/testdata/ocsp_unittest/bad_status.pem \
+ pki/testdata/ocsp_unittest/good_response.pem \
+ pki/testdata/ocsp_unittest/good_response_next_update.pem \
+ pki/testdata/ocsp_unittest/good_response_sha256.pem \
+ pki/testdata/ocsp_unittest/has_critical_ct_extension.pem \
+ pki/testdata/ocsp_unittest/has_critical_response_extension.pem \
+ pki/testdata/ocsp_unittest/has_critical_single_extension.pem \
+ pki/testdata/ocsp_unittest/has_extension.pem \
+ pki/testdata/ocsp_unittest/has_single_extension.pem \
+ pki/testdata/ocsp_unittest/has_version.pem \
+ pki/testdata/ocsp_unittest/malformed_request.pem \
+ pki/testdata/ocsp_unittest/missing_response.pem \
+ pki/testdata/ocsp_unittest/multiple_response.pem \
+ pki/testdata/ocsp_unittest/no_response.pem \
+ pki/testdata/ocsp_unittest/ocsp_extra_certs.pem \
+ pki/testdata/ocsp_unittest/ocsp_sign_bad_indirect.pem \
+ pki/testdata/ocsp_unittest/ocsp_sign_direct.pem \
+ pki/testdata/ocsp_unittest/ocsp_sign_indirect.pem \
+ pki/testdata/ocsp_unittest/ocsp_sign_indirect_missing.pem \
+ pki/testdata/ocsp_unittest/other_response.pem \
+ pki/testdata/ocsp_unittest/responder_id.pem \
+ pki/testdata/ocsp_unittest/responder_name.pem \
+ pki/testdata/ocsp_unittest/revoke_response.pem \
+ pki/testdata/ocsp_unittest/revoke_response_reason.pem \
+ pki/testdata/ocsp_unittest/unknown_response.pem \
+ pki/testdata/parse_certificate_unittest/authority_key_identifier/empty_sequence.pem \
+ pki/testdata/parse_certificate_unittest/authority_key_identifier/extra_contents_after_extension_sequence.pem \
+ pki/testdata/parse_certificate_unittest/authority_key_identifier/extra_contents_after_issuer_and_serial.pem \
+ pki/testdata/parse_certificate_unittest/authority_key_identifier/invalid_contents.pem \
+ pki/testdata/parse_certificate_unittest/authority_key_identifier/invalid_issuer.pem \
+ pki/testdata/parse_certificate_unittest/authority_key_identifier/invalid_key_identifier.pem \
+ pki/testdata/parse_certificate_unittest/authority_key_identifier/invalid_serial.pem \
+ pki/testdata/parse_certificate_unittest/authority_key_identifier/issuer_and_serial.pem \
+ pki/testdata/parse_certificate_unittest/authority_key_identifier/issuer_only.pem \
+ pki/testdata/parse_certificate_unittest/authority_key_identifier/key_identifier.pem \
+ pki/testdata/parse_certificate_unittest/authority_key_identifier/key_identifier_and_issuer_and_serial.pem \
+ pki/testdata/parse_certificate_unittest/authority_key_identifier/serial_only.pem \
+ pki/testdata/parse_certificate_unittest/authority_key_identifier/url_issuer_and_serial.pem \
+ pki/testdata/parse_certificate_unittest/authority_key_identifier_not_sequence.pem \
+ pki/testdata/parse_certificate_unittest/bad_key_usage.pem \
+ pki/testdata/parse_certificate_unittest/bad_policy_qualifiers.pem \
+ pki/testdata/parse_certificate_unittest/bad_signature_algorithm_oid.pem \
+ pki/testdata/parse_certificate_unittest/bad_validity.pem \
+ pki/testdata/parse_certificate_unittest/basic_constraints_ca_false.pem \
+ pki/testdata/parse_certificate_unittest/basic_constraints_ca_no_path.pem \
+ pki/testdata/parse_certificate_unittest/basic_constraints_ca_path_9.pem \
+ pki/testdata/parse_certificate_unittest/basic_constraints_negative_path.pem \
+ pki/testdata/parse_certificate_unittest/basic_constraints_not_ca.pem \
+ pki/testdata/parse_certificate_unittest/basic_constraints_path_too_large.pem \
+ pki/testdata/parse_certificate_unittest/basic_constraints_pathlen_255.pem \
+ pki/testdata/parse_certificate_unittest/basic_constraints_pathlen_256.pem \
+ pki/testdata/parse_certificate_unittest/basic_constraints_pathlen_not_ca.pem \
+ pki/testdata/parse_certificate_unittest/basic_constraints_unconsumed_data.pem \
+ pki/testdata/parse_certificate_unittest/cert_algorithm_not_sequence.pem \
+ pki/testdata/parse_certificate_unittest/cert_data_after_signature.pem \
+ pki/testdata/parse_certificate_unittest/cert_empty_sequence.pem \
+ pki/testdata/parse_certificate_unittest/cert_missing_signature.pem \
+ pki/testdata/parse_certificate_unittest/cert_not_sequence.pem \
+ pki/testdata/parse_certificate_unittest/cert_signature_not_bit_string.pem \
+ pki/testdata/parse_certificate_unittest/cert_skeleton.pem \
+ pki/testdata/parse_certificate_unittest/cert_version3.pem \
+ pki/testdata/parse_certificate_unittest/crldp_1uri_noissuer.pem \
+ pki/testdata/parse_certificate_unittest/crldp_3uri_noissuer.pem \
+ pki/testdata/parse_certificate_unittest/crldp_full_name_as_dirname.pem \
+ pki/testdata/parse_certificate_unittest/crldp_issuer_as_dirname.pem \
+ pki/testdata/parse_certificate_unittest/extended_key_usage.pem \
+ pki/testdata/parse_certificate_unittest/extension_critical.pem \
+ pki/testdata/parse_certificate_unittest/extension_critical_0.pem \
+ pki/testdata/parse_certificate_unittest/extension_critical_3.pem \
+ pki/testdata/parse_certificate_unittest/extension_not_critical.pem \
+ pki/testdata/parse_certificate_unittest/extensions_data_after_sequence.pem \
+ pki/testdata/parse_certificate_unittest/extensions_duplicate_key_usage.pem \
+ pki/testdata/parse_certificate_unittest/extensions_empty_sequence.pem \
+ pki/testdata/parse_certificate_unittest/extensions_not_sequence.pem \
+ pki/testdata/parse_certificate_unittest/extensions_real.pem \
+ pki/testdata/parse_certificate_unittest/failed_signature_algorithm.pem \
+ pki/testdata/parse_certificate_unittest/inhibit_any_policy.pem \
+ pki/testdata/parse_certificate_unittest/issuer_bad_printable_string.pem \
+ pki/testdata/parse_certificate_unittest/key_usage.pem \
+ pki/testdata/parse_certificate_unittest/name_constraints_bad_ip.pem \
+ pki/testdata/parse_certificate_unittest/policies.pem \
+ pki/testdata/parse_certificate_unittest/policy_constraints_empty.pem \
+ pki/testdata/parse_certificate_unittest/policy_constraints_inhibit.pem \
+ pki/testdata/parse_certificate_unittest/policy_constraints_inhibit_require.pem \
+ pki/testdata/parse_certificate_unittest/policy_constraints_require.pem \
+ pki/testdata/parse_certificate_unittest/policy_qualifiers_empty_sequence.pem \
+ pki/testdata/parse_certificate_unittest/serial_37_bytes.pem \
+ pki/testdata/parse_certificate_unittest/serial_negative.pem \
+ pki/testdata/parse_certificate_unittest/serial_not_minimal.pem \
+ pki/testdata/parse_certificate_unittest/serial_not_number.pem \
+ pki/testdata/parse_certificate_unittest/serial_zero.pem \
+ pki/testdata/parse_certificate_unittest/serial_zero_padded.pem \
+ pki/testdata/parse_certificate_unittest/serial_zero_padded_21_bytes.pem \
+ pki/testdata/parse_certificate_unittest/signature_algorithm_null.pem \
+ pki/testdata/parse_certificate_unittest/subject_alt_name.pem \
+ pki/testdata/parse_certificate_unittest/subject_blank_subjectaltname_not_critical.pem \
+ pki/testdata/parse_certificate_unittest/subject_key_identifier_not_octet_string.pem \
+ pki/testdata/parse_certificate_unittest/subject_not_ascii.pem \
+ pki/testdata/parse_certificate_unittest/subject_not_printable_string.pem \
+ pki/testdata/parse_certificate_unittest/subject_printable_string_containing_utf8_client_cert.pem \
+ pki/testdata/parse_certificate_unittest/subject_t61string.pem \
+ pki/testdata/parse_certificate_unittest/subject_t61string_1-32.pem \
+ pki/testdata/parse_certificate_unittest/subject_t61string_126-160.pem \
+ pki/testdata/parse_certificate_unittest/subject_t61string_actual.pem \
+ pki/testdata/parse_certificate_unittest/subjectaltname_bad_ip.pem \
+ pki/testdata/parse_certificate_unittest/subjectaltname_dns_not_ascii.pem \
+ pki/testdata/parse_certificate_unittest/subjectaltname_general_names_empty_sequence.pem \
+ pki/testdata/parse_certificate_unittest/subjectaltname_trailing_data.pem \
+ pki/testdata/parse_certificate_unittest/tbs_explicit_v1.pem \
+ pki/testdata/parse_certificate_unittest/tbs_v1.pem \
+ pki/testdata/parse_certificate_unittest/tbs_v1_extensions.pem \
+ pki/testdata/parse_certificate_unittest/tbs_v2_extensions.pem \
+ pki/testdata/parse_certificate_unittest/tbs_v2_issuer_and_subject_unique_id.pem \
+ pki/testdata/parse_certificate_unittest/tbs_v2_issuer_unique_id.pem \
+ pki/testdata/parse_certificate_unittest/tbs_v2_no_optionals.pem \
+ pki/testdata/parse_certificate_unittest/tbs_v3_all_optionals.pem \
+ pki/testdata/parse_certificate_unittest/tbs_v3_data_after_extensions.pem \
+ pki/testdata/parse_certificate_unittest/tbs_v3_extensions.pem \
+ pki/testdata/parse_certificate_unittest/tbs_v3_extensions_not_sequence.pem \
+ pki/testdata/parse_certificate_unittest/tbs_v3_no_optionals.pem \
+ pki/testdata/parse_certificate_unittest/tbs_v3_real.pem \
+ pki/testdata/parse_certificate_unittest/tbs_v4.pem \
+ pki/testdata/parse_certificate_unittest/tbs_validity_both_generalized_time.pem \
+ pki/testdata/parse_certificate_unittest/tbs_validity_both_utc_time.pem \
+ pki/testdata/parse_certificate_unittest/tbs_validity_generalized_time_and_utc_time.pem \
+ pki/testdata/parse_certificate_unittest/tbs_validity_relaxed.pem \
+ pki/testdata/parse_certificate_unittest/tbs_validity_utc_time_and_generalized_time.pem \
+ pki/testdata/parse_certificate_unittest/v1_explicit_version.pem \
+ pki/testdata/path_builder_unittest/key_id_name_and_serial_prioritization/int_match_name_only.pem \
+ pki/testdata/path_builder_unittest/key_id_name_and_serial_prioritization/int_matching.pem \
+ pki/testdata/path_builder_unittest/key_id_name_and_serial_prioritization/int_mismatch.pem \
+ pki/testdata/path_builder_unittest/key_id_name_and_serial_prioritization/root.pem \
+ pki/testdata/path_builder_unittest/key_id_name_and_serial_prioritization/root2.pem \
+ pki/testdata/path_builder_unittest/key_id_name_and_serial_prioritization/target.pem \
+ pki/testdata/path_builder_unittest/key_id_prioritization/int_different_ski_a.pem \
+ pki/testdata/path_builder_unittest/key_id_prioritization/int_different_ski_b.pem \
+ pki/testdata/path_builder_unittest/key_id_prioritization/int_different_ski_c.pem \
+ pki/testdata/path_builder_unittest/key_id_prioritization/int_matching_ski_a.pem \
+ pki/testdata/path_builder_unittest/key_id_prioritization/int_matching_ski_b.pem \
+ pki/testdata/path_builder_unittest/key_id_prioritization/int_matching_ski_c.pem \
+ pki/testdata/path_builder_unittest/key_id_prioritization/int_no_ski_a.pem \
+ pki/testdata/path_builder_unittest/key_id_prioritization/int_no_ski_b.pem \
+ pki/testdata/path_builder_unittest/key_id_prioritization/int_no_ski_c.pem \
+ pki/testdata/path_builder_unittest/key_id_prioritization/root.pem \
+ pki/testdata/path_builder_unittest/key_id_prioritization/target.pem \
+ pki/testdata/path_builder_unittest/multi-root-A-by-B.pem \
+ pki/testdata/path_builder_unittest/multi-root-B-by-C.pem \
+ pki/testdata/path_builder_unittest/multi-root-B-by-F.pem \
+ pki/testdata/path_builder_unittest/multi-root-C-by-D.pem \
+ pki/testdata/path_builder_unittest/multi-root-C-by-E.pem \
+ pki/testdata/path_builder_unittest/multi-root-D-by-D.pem \
+ pki/testdata/path_builder_unittest/multi-root-E-by-E.pem \
+ pki/testdata/path_builder_unittest/multi-root-F-by-E.pem \
+ pki/testdata/path_builder_unittest/precertificate/precertificate.pem \
+ pki/testdata/path_builder_unittest/precertificate/root.pem \
+ pki/testdata/path_builder_unittest/self_issued_prioritization/root1.pem \
+ pki/testdata/path_builder_unittest/self_issued_prioritization/root1_cross.pem \
+ pki/testdata/path_builder_unittest/self_issued_prioritization/root2.pem \
+ pki/testdata/path_builder_unittest/self_issued_prioritization/target.pem \
+ pki/testdata/path_builder_unittest/validity_date_prioritization/int_ac.pem \
+ pki/testdata/path_builder_unittest/validity_date_prioritization/int_ad.pem \
+ pki/testdata/path_builder_unittest/validity_date_prioritization/int_bc.pem \
+ pki/testdata/path_builder_unittest/validity_date_prioritization/int_bd.pem \
+ pki/testdata/path_builder_unittest/validity_date_prioritization/root.pem \
+ pki/testdata/path_builder_unittest/validity_date_prioritization/target.pem \
+ pki/testdata/verify_certificate_chain_unittest/basic-constraints-pathlen-0-self-issued/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/basic-constraints-pathlen-0-self-issued/main.test \
+ pki/testdata/verify_certificate_chain_unittest/expired-intermediate/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/expired-intermediate/not-after.test \
+ pki/testdata/verify_certificate_chain_unittest/expired-intermediate/not-before.test \
+ pki/testdata/verify_certificate_chain_unittest/expired-root/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/expired-root/not-after-ta-with-constraints.test \
+ pki/testdata/verify_certificate_chain_unittest/expired-root/not-after-ta-with-expiration-and-constraints.test \
+ pki/testdata/verify_certificate_chain_unittest/expired-root/not-after-ta-with-expiration.test \
+ pki/testdata/verify_certificate_chain_unittest/expired-root/not-after.test \
+ pki/testdata/verify_certificate_chain_unittest/expired-root/not-before-ta-with-expiration.test \
+ pki/testdata/verify_certificate_chain_unittest/expired-root/not-before.test \
+ pki/testdata/verify_certificate_chain_unittest/expired-target/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/expired-target/not-after.test \
+ pki/testdata/verify_certificate_chain_unittest/expired-target/not-before.test \
+ pki/testdata/verify_certificate_chain_unittest/incorrect-trust-anchor/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/incorrect-trust-anchor/main.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-and-target-wrong-signature/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-and-target-wrong-signature/main.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-basic-constraints-ca-false/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-basic-constraints-ca-false/main.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-basic-constraints-not-critical/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-basic-constraints-not-critical/main.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/any.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/clientauth-strict-leaf.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/clientauth-strict.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/clientauth.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth-strict-leaf.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth-strict.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-any-and-clientauth/serverauth.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/any.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/c2pamanifest.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/c2patimestamp.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/clientauth.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/serverauth.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/any.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/c2pamanifest.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/c2patimestamp.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/clientauth.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/serverauth.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/any.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/clientauth-strict-leaf.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/clientauth-strict.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/clientauth.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth-strict-leaf.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth-strict.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-clientauth/serverauth.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth-extra/any.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth-extra/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth-extra/mlsclientauth.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/any.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/clientauth.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/mlsclientauth.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-mlsclientauth/serverauth.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-any.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-clientAuth-strict.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-clientAuth.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-serverAuth-strict.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha1-eku-serverAuth.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha256-chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha256-eku-any.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha256-eku-clientAuth-strict.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha256-eku-clientAuth.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha256-eku-serverAuth-strict.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-eku-server-gated-crypto/sha256-eku-serverAuth.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-invalid-spki/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-invalid-spki/main.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-lacks-basic-constraints/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-lacks-basic-constraints/main.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-lacks-signing-key-usage/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-lacks-signing-key-usage/main.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-signed-with-sha1/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-signed-with-sha1/main.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-unknown-critical-extension/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-unknown-critical-extension/main.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-unknown-non-critical-extension/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-unknown-non-critical-extension/main.test \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-wrong-signature-no-authority-key-identifier/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/intermediate-wrong-signature-no-authority-key-identifier/main.test \
+ pki/testdata/verify_certificate_chain_unittest/issuer-and-subject-not-byte-for-byte-equal/anchor.pem \
+ pki/testdata/verify_certificate_chain_unittest/issuer-and-subject-not-byte-for-byte-equal/anchor.test \
+ pki/testdata/verify_certificate_chain_unittest/issuer-and-subject-not-byte-for-byte-equal/target.pem \
+ pki/testdata/verify_certificate_chain_unittest/issuer-and-subject-not-byte-for-byte-equal/target.test \
+ pki/testdata/verify_certificate_chain_unittest/key-rollover/longrolloverchain.pem \
+ pki/testdata/verify_certificate_chain_unittest/key-rollover/longrolloverchain.test \
+ pki/testdata/verify_certificate_chain_unittest/key-rollover/newchain.pem \
+ pki/testdata/verify_certificate_chain_unittest/key-rollover/newchain.test \
+ pki/testdata/verify_certificate_chain_unittest/key-rollover/oldchain.pem \
+ pki/testdata/verify_certificate_chain_unittest/key-rollover/oldchain.test \
+ pki/testdata/verify_certificate_chain_unittest/key-rollover/rolloverchain.pem \
+ pki/testdata/verify_certificate_chain_unittest/key-rollover/rolloverchain.test \
+ pki/testdata/verify_certificate_chain_unittest/many-names/ok-all-types.pem \
+ pki/testdata/verify_certificate_chain_unittest/many-names/ok-all-types.test \
+ pki/testdata/verify_certificate_chain_unittest/many-names/toomany-all-types.pem \
+ pki/testdata/verify_certificate_chain_unittest/many-names/toomany-all-types.test \
+ pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dirnames-excluded.pem \
+ pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dirnames-excluded.test \
+ pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dirnames-permitted.pem \
+ pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dirnames-permitted.test \
+ pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dns-excluded.pem \
+ pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dns-excluded.test \
+ pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dns-permitted.pem \
+ pki/testdata/verify_certificate_chain_unittest/many-names/toomany-dns-permitted.test \
+ pki/testdata/verify_certificate_chain_unittest/many-names/toomany-ips-excluded.pem \
+ pki/testdata/verify_certificate_chain_unittest/many-names/toomany-ips-excluded.test \
+ pki/testdata/verify_certificate_chain_unittest/many-names/toomany-ips-permitted.pem \
+ pki/testdata/verify_certificate_chain_unittest/many-names/toomany-ips-permitted.test \
+ pki/testdata/verify_certificate_chain_unittest/non-self-signed-root/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/non-self-signed-root/main.test \
+ pki/testdata/verify_certificate_chain_unittest/non-self-signed-root/ta-with-constraints.test \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.1.2.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.1.3.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.1.4.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.1.5.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.1.6.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.1.2.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.1.3.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.10.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.13.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.2.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.3.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.4.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.5.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.6.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.7.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.10.8.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.1.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.10.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.11.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.3.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.5.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.6.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.8.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.11.9.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.12.1.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.12.10.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.12.3.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.12.4.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.12.5.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.12.6.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.12.8.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.10.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.12.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.13.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.15.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.16.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.17.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.2.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.20.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.21.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.22.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.23.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.24.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.25.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.26.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.27.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.28.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.29.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.3.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.31.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.33.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.34.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.35.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.36.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.37.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.38.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.7.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.8.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.13.9.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.16.2.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.2.1.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.2.2.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.2.5.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.2.6.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.2.7.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.3.1.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.3.2.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.1.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.10.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.11.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.12.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.16.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.2.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.3.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.5.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.6.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.6.9.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.7.1.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.7.2.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.1.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.12.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.14.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.2.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.3.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.4.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.5.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.6.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.7.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.8.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.8.9.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.9.3.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.9.5.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.9.7.txt \
+ pki/testdata/verify_certificate_chain_unittest/pkits_errors/4.9.8.txt \
+ pki/testdata/verify_certificate_chain_unittest/policies-inhibit-anypolicy-by-root-fail/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/policies-inhibit-anypolicy-by-root-fail/main.test \
+ pki/testdata/verify_certificate_chain_unittest/policies-inhibit-anypolicy-by-root-fail/ta-with-constraints.test \
+ pki/testdata/verify_certificate_chain_unittest/policies-inhibit-anypolicy-by-root-ok/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/policies-inhibit-anypolicy-by-root-ok/main.test \
+ pki/testdata/verify_certificate_chain_unittest/policies-inhibit-anypolicy-by-root-ok/ta-with-constraints.test \
+ pki/testdata/verify_certificate_chain_unittest/policies-inhibit-mapping-by-root-fail/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/policies-inhibit-mapping-by-root-fail/main.test \
+ pki/testdata/verify_certificate_chain_unittest/policies-inhibit-mapping-by-root-fail/ta-with-constraints.test \
+ pki/testdata/verify_certificate_chain_unittest/policies-inhibit-mapping-by-root-ok/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/policies-inhibit-mapping-by-root-ok/main.test \
+ pki/testdata/verify_certificate_chain_unittest/policies-inhibit-mapping-by-root-ok/ta-with-constraints.test \
+ pki/testdata/verify_certificate_chain_unittest/policies-ok/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/policies-ok/main.test \
+ pki/testdata/verify_certificate_chain_unittest/policies-ok/ta-with-constraints.test \
+ pki/testdata/verify_certificate_chain_unittest/policies-on-root-ok/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/policies-on-root-ok/main.test \
+ pki/testdata/verify_certificate_chain_unittest/policies-on-root-ok/ta-with-constraints.test \
+ pki/testdata/verify_certificate_chain_unittest/policies-on-root-wrong/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/policies-on-root-wrong/main.test \
+ pki/testdata/verify_certificate_chain_unittest/policies-on-root-wrong/ta-with-constraints.test \
+ pki/testdata/verify_certificate_chain_unittest/policies-required-by-root-fail/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/policies-required-by-root-fail/main.test \
+ pki/testdata/verify_certificate_chain_unittest/policies-required-by-root-fail/ta-with-constraints.test \
+ pki/testdata/verify_certificate_chain_unittest/policies-required-by-root-ok/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/policies-required-by-root-ok/main.test \
+ pki/testdata/verify_certificate_chain_unittest/policies-required-by-root-ok/ta-with-constraints.test \
+ pki/testdata/verify_certificate_chain_unittest/policy-mappings-on-root-fail/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/policy-mappings-on-root-fail/main.test \
+ pki/testdata/verify_certificate_chain_unittest/policy-mappings-on-root-fail/ta-with-constraints.test \
+ pki/testdata/verify_certificate_chain_unittest/policy-mappings-on-root-ok/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/policy-mappings-on-root-ok/main.test \
+ pki/testdata/verify_certificate_chain_unittest/policy-mappings-on-root-ok/ta-with-constraints.test \
+ pki/testdata/verify_certificate_chain_unittest/root-basic-constraints-ca-false/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/root-basic-constraints-ca-false/main.test \
+ pki/testdata/verify_certificate_chain_unittest/root-basic-constraints-ca-false/ta-with-constraints.test \
+ pki/testdata/verify_certificate_chain_unittest/root-eku-clientauth/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/root-eku-clientauth/serverauth-strict.test \
+ pki/testdata/verify_certificate_chain_unittest/root-eku-clientauth/serverauth-ta-with-constraints-strict.test \
+ pki/testdata/verify_certificate_chain_unittest/root-eku-clientauth/serverauth-ta-with-constraints.test \
+ pki/testdata/verify_certificate_chain_unittest/root-eku-clientauth/serverauth-ta-with-expiration-and-constraints.test \
+ pki/testdata/verify_certificate_chain_unittest/root-eku-clientauth/serverauth-ta-with-expiration.test \
+ pki/testdata/verify_certificate_chain_unittest/root-eku-clientauth/serverauth.test \
+ pki/testdata/verify_certificate_chain_unittest/root-lacks-basic-constraints/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/root-lacks-basic-constraints/main.test \
+ pki/testdata/verify_certificate_chain_unittest/root-lacks-basic-constraints/ta-with-constraints-require-basic-constraints.test \
+ pki/testdata/verify_certificate_chain_unittest/root-lacks-basic-constraints/ta-with-constraints.test \
+ pki/testdata/verify_certificate_chain_unittest/root-lacks-basic-constraints/ta-with-require-basic-constraints.test \
+ pki/testdata/verify_certificate_chain_unittest/root-lacks-keycertsign-key-usage/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/root-lacks-keycertsign-key-usage/main.test \
+ pki/testdata/verify_certificate_chain_unittest/root-lacks-keycertsign-key-usage/ta-with-constraints.test \
+ pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/distrusted-root-expired.test \
+ pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/distrusted-root.test \
+ pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/main.test \
+ pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/ta-with-constraints.test \
+ pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/ta-with-expiration.test \
+ pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/trusted_leaf-and-trust_anchor.test \
+ pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/trusted_leaf-root.test \
+ pki/testdata/verify_certificate_chain_unittest/target-and-intermediate/unspecified-trust-root.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-any/any.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-any/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth-strict-leaf.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth-strict.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-any/clientauth.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-any/mlsclientauth.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth-strict-leaf.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth-strict.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-any/serverauth.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-clientauth/any.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-clientauth/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-clientauth/clientauth-strict.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-clientauth/clientauth.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-clientauth/serverauth-strict.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-clientauth/serverauth.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-many/any.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-many/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth-strict-leaf.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth-strict.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-many/clientauth.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-many/mlsclientauth.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth-strict-leaf.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth-strict.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-many/serverauth.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-none/any.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-none/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth-strict-leaf.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth-strict.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-none/clientauth.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-none/mlsclientauth.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-none/serverauth-strict.test \
+ pki/testdata/verify_certificate_chain_unittest/target-eku-none/serverauth.test \
+ pki/testdata/verify_certificate_chain_unittest/target-has-512bit-rsa-key/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-has-512bit-rsa-key/main.test \
+ pki/testdata/verify_certificate_chain_unittest/target-has-ca-basic-constraints/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-has-ca-basic-constraints/main.test \
+ pki/testdata/verify_certificate_chain_unittest/target-has-ca-basic-constraints/strict.test \
+ pki/testdata/verify_certificate_chain_unittest/target-has-ca-basic-constraints/target_only-trusted_leaf-strict.test \
+ pki/testdata/verify_certificate_chain_unittest/target-has-ca-basic-constraints/target_only-trusted_leaf.test \
+ pki/testdata/verify_certificate_chain_unittest/target-has-ca-basic-constraints/target_only.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-has-keycertsign-but-not-ca/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-has-keycertsign-but-not-ca/main.test \
+ pki/testdata/verify_certificate_chain_unittest/target-has-pathlen-but-not-ca/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-has-pathlen-but-not-ca/main.test \
+ pki/testdata/verify_certificate_chain_unittest/target-msapplicationpolicies-and-eku/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-msapplicationpolicies-and-eku/main.test \
+ pki/testdata/verify_certificate_chain_unittest/target-msapplicationpolicies-no-eku/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-msapplicationpolicies-no-eku/main.test \
+ pki/testdata/verify_certificate_chain_unittest/target-not-end-entity/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-not-end-entity/main.test \
+ pki/testdata/verify_certificate_chain_unittest/target-not-end-entity/strict-leaf.test \
+ pki/testdata/verify_certificate_chain_unittest/target-not-end-entity/strict.test \
+ pki/testdata/verify_certificate_chain_unittest/target-only/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-only/trusted_anchor.test \
+ pki/testdata/verify_certificate_chain_unittest/target-only/trusted_leaf-and-trust_anchor.test \
+ pki/testdata/verify_certificate_chain_unittest/target-only/trusted_leaf-not_after.test \
+ pki/testdata/verify_certificate_chain_unittest/target-only/trusted_leaf-wrong_eku.test \
+ pki/testdata/verify_certificate_chain_unittest/target-only/trusted_leaf.test \
+ pki/testdata/verify_certificate_chain_unittest/target-only/trusted_leaf_require_self_signed.test \
+ pki/testdata/verify_certificate_chain_unittest/target-selfissued/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-selfissued/trusted_anchor.test \
+ pki/testdata/verify_certificate_chain_unittest/target-selfissued/trusted_leaf-and-trust_anchor.test \
+ pki/testdata/verify_certificate_chain_unittest/target-selfissued/trusted_leaf.test \
+ pki/testdata/verify_certificate_chain_unittest/target-selfissued/trusted_leaf_require_self_signed.test \
+ pki/testdata/verify_certificate_chain_unittest/target-selfsigned/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-selfsigned/trusted_leaf-and-trust_anchor.test \
+ pki/testdata/verify_certificate_chain_unittest/target-selfsigned/trusted_leaf-not_after.test \
+ pki/testdata/verify_certificate_chain_unittest/target-selfsigned/trusted_leaf-wrong_eku.test \
+ pki/testdata/verify_certificate_chain_unittest/target-selfsigned/trusted_leaf.test \
+ pki/testdata/verify_certificate_chain_unittest/target-selfsigned/trusted_leaf_require_self_signed.test \
+ pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-decipherOnly.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-decipherOnly.test \
+ pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-digitalSignature.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-digitalSignature.test \
+ pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-keyAgreement.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-keyAgreement.test \
+ pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-keyEncipherment.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/ec-keyEncipherment.test \
+ pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-decipherOnly.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-decipherOnly.test \
+ pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-digitalSignature.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-digitalSignature.test \
+ pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-keyAgreement.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-keyAgreement.test \
+ pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-keyEncipherment.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-serverauth-various-keyusages/rsa-keyEncipherment.test \
+ pki/testdata/verify_certificate_chain_unittest/target-signed-by-512bit-rsa/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-signed-by-512bit-rsa/main.test \
+ pki/testdata/verify_certificate_chain_unittest/target-signed-using-ecdsa/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-signed-using-ecdsa/main.test \
+ pki/testdata/verify_certificate_chain_unittest/target-signed-with-sha1/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-signed-with-sha1/main.test \
+ pki/testdata/verify_certificate_chain_unittest/target-unknown-critical-extension/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-unknown-critical-extension/main.test \
+ pki/testdata/verify_certificate_chain_unittest/target-unknown-critical-extension/target_only-trusted_leaf.test \
+ pki/testdata/verify_certificate_chain_unittest/target-unknown-critical-extension/target_only.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-wrong-signature-no-authority-key-identifier/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-wrong-signature-no-authority-key-identifier/main.test \
+ pki/testdata/verify_certificate_chain_unittest/target-wrong-signature/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/target-wrong-signature/main.test \
+ pki/testdata/verify_certificate_chain_unittest/unknown-critical-policy-qualifier/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/unknown-critical-policy-qualifier/main.test \
+ pki/testdata/verify_certificate_chain_unittest/unknown-non-critical-policy-qualifier/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/unknown-non-critical-policy-qualifier/main.test \
+ pki/testdata/verify_certificate_chain_unittest/violates-basic-constraints-pathlen-0/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/violates-basic-constraints-pathlen-0/main.test \
+ pki/testdata/verify_certificate_chain_unittest/violates-pathlen-1-from-root/chain.pem \
+ pki/testdata/verify_certificate_chain_unittest/violates-pathlen-1-from-root/main.test \
+ pki/testdata/verify_certificate_chain_unittest/violates-pathlen-1-from-root/ta-with-constraints.test \
+ pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-case_swap-dupe_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-case_swap-extra_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-case_swap-extra_rdn.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-case_swap.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-extra_whitespace-dupe_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-extra_whitespace-extra_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-extra_whitespace-extra_rdn.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-extra_whitespace.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-unmangled-dupe_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-unmangled-extra_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-unmangled-extra_rdn.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-BMPSTRING-unmangled.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-case_swap-dupe_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-case_swap-extra_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-case_swap-extra_rdn.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-case_swap.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-extra_whitespace-dupe_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-extra_whitespace-extra_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-extra_whitespace-extra_rdn.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-extra_whitespace.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-rdn_sorting_1.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-rdn_sorting_2.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-unmangled-dupe_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-unmangled-extra_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-unmangled-extra_rdn.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-PRINTABLESTRING-unmangled.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-case_swap-dupe_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-case_swap-extra_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-case_swap-extra_rdn.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-case_swap.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-extra_whitespace-dupe_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-extra_whitespace-extra_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-extra_whitespace-extra_rdn.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-extra_whitespace.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-unmangled-dupe_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-unmangled-extra_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-unmangled-extra_rdn.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-T61STRING-unmangled.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-case_swap-dupe_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-case_swap-extra_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-case_swap-extra_rdn.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-case_swap.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-extra_whitespace-dupe_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-extra_whitespace-extra_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-extra_whitespace-extra_rdn.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-extra_whitespace.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-unmangled-dupe_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-unmangled-extra_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-unmangled-extra_rdn.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UNIVERSALSTRING-unmangled.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UTF8-case_swap-dupe_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UTF8-case_swap-extra_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UTF8-case_swap-extra_rdn.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UTF8-case_swap.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UTF8-extra_whitespace-dupe_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UTF8-extra_whitespace-extra_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UTF8-extra_whitespace-extra_rdn.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UTF8-extra_whitespace.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UTF8-unmangled-dupe_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UTF8-unmangled-extra_attr.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UTF8-unmangled-extra_rdn.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-UTF8-unmangled.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-mixed-rdn_dupetype_sorting_1.pem \
+ pki/testdata/verify_name_match_unittest/names/ascii-mixed-rdn_dupetype_sorting_2.pem \
+ pki/testdata/verify_name_match_unittest/names/custom-custom-normalized.pem \
+ pki/testdata/verify_name_match_unittest/names/invalid-AttributeTypeAndValue-badAttributeType.pem \
+ pki/testdata/verify_name_match_unittest/names/invalid-AttributeTypeAndValue-empty.pem \
+ pki/testdata/verify_name_match_unittest/names/invalid-AttributeTypeAndValue-extradata.pem \
+ pki/testdata/verify_name_match_unittest/names/invalid-AttributeTypeAndValue-onlyOneElement.pem \
+ pki/testdata/verify_name_match_unittest/names/invalid-AttributeTypeAndValue-setNotSequence.pem \
+ pki/testdata/verify_name_match_unittest/names/invalid-Name-setInsteadOfSequence.pem \
+ pki/testdata/verify_name_match_unittest/names/invalid-RDN-empty.pem \
+ pki/testdata/verify_name_match_unittest/names/invalid-RDN-sequenceInsteadOfSet.pem \
+ pki/testdata/verify_name_match_unittest/names/unicode-mixed-normalized.pem \
+ pki/testdata/verify_name_match_unittest/names/unicode-mixed-unnormalized.pem \
+ pki/testdata/verify_name_match_unittest/names/unicode_bmp-BMPSTRING-unmangled.pem \
+ pki/testdata/verify_name_match_unittest/names/unicode_bmp-UNIVERSALSTRING-unmangled.pem \
+ pki/testdata/verify_name_match_unittest/names/unicode_bmp-UTF8-unmangled.pem \
+ pki/testdata/verify_name_match_unittest/names/unicode_supplementary-UNIVERSALSTRING-unmangled.pem \
+ pki/testdata/verify_name_match_unittest/names/unicode_supplementary-UTF8-unmangled.pem \
+ pki/testdata/verify_name_match_unittest/names/valid-Name-empty.pem \
+ pki/testdata/verify_name_match_unittest/names/valid-minimal.pem \
+ pki/testdata/verify_signed_data_unittest/ecdsa-prime256v1-sha512-spki-params-null.pem \
+ pki/testdata/verify_signed_data_unittest/ecdsa-prime256v1-sha512-unused-bits-signature.pem \
+ pki/testdata/verify_signed_data_unittest/ecdsa-prime256v1-sha512-using-ecdh-key.pem \
+ pki/testdata/verify_signed_data_unittest/ecdsa-prime256v1-sha512-using-ecmqv-key.pem \
+ pki/testdata/verify_signed_data_unittest/ecdsa-prime256v1-sha512-using-rsa-algorithm.pem \
+ pki/testdata/verify_signed_data_unittest/ecdsa-prime256v1-sha512-wrong-signature-format.pem \
+ pki/testdata/verify_signed_data_unittest/ecdsa-prime256v1-sha512.pem \
+ pki/testdata/verify_signed_data_unittest/ecdsa-secp384r1-sha256-corrupted-data.pem \
+ pki/testdata/verify_signed_data_unittest/ecdsa-secp384r1-sha256.pem \
+ pki/testdata/verify_signed_data_unittest/ecdsa-using-rsa-key.pem \
+ pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha1-bad-key-der-length.pem \
+ pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha1-bad-key-der-null.pem \
+ pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha1-key-params-absent.pem \
+ pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha1-using-pss-key-no-params.pem \
+ pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha1-wrong-algorithm.pem \
+ pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha1.pem \
+ pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha256-key-encoded-ber.pem \
+ pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha256-spki-non-null-params.pem \
+ pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha256-using-ecdsa-algorithm.pem \
+ pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha256-using-id-ea-rsa.pem \
+ pki/testdata/verify_signed_data_unittest/rsa-pkcs1-sha256.pem \
+ pki/testdata/verify_signed_data_unittest/rsa-pss-sha256-using-pss-key-with-params.pem \
+ pki/testdata/verify_signed_data_unittest/rsa-pss-sha256-wrong-salt.pem \
+ pki/testdata/verify_signed_data_unittest/rsa-pss-sha256.pem \
+ pki/testdata/verify_signed_data_unittest/rsa-using-ec-key.pem \
+ pki/testdata/verify_signed_data_unittest/rsa2048-pkcs1-sha512.pem \
+ pki/testdata/verify_unittest/google-intermediate1.der \
+ pki/testdata/verify_unittest/google-intermediate2.der \
+ pki/testdata/verify_unittest/google-leaf.der \
+ pki/testdata/verify_unittest/lencr-intermediate-r3.der \
+ pki/testdata/verify_unittest/lencr-leaf.der \
+ pki/testdata/verify_unittest/lencr-root-dst-x3.der \
+ pki/testdata/verify_unittest/lencr-root-x1-cross-signed.der \
+ pki/testdata/verify_unittest/lencr-root-x1.der \
+ pki/testdata/verify_unittest/mozilla_roots.der \
+ pki/testdata/verify_unittest/self-issued.pem
+
+boringssl_rust_bssl_crypto_sources := \
+ rust/bssl-crypto/src/aead.rs \
+ rust/bssl-crypto/src/aes.rs \
+ rust/bssl-crypto/src/cipher/aes_cbc.rs \
+ rust/bssl-crypto/src/cipher/aes_ctr.rs \
+ rust/bssl-crypto/src/cipher/mod.rs \
+ rust/bssl-crypto/src/digest.rs \
+ rust/bssl-crypto/src/ec.rs \
+ rust/bssl-crypto/src/ecdh.rs \
+ rust/bssl-crypto/src/ecdsa.rs \
+ rust/bssl-crypto/src/ed25519.rs \
+ rust/bssl-crypto/src/hkdf.rs \
+ rust/bssl-crypto/src/hmac.rs \
+ rust/bssl-crypto/src/hpke.rs \
+ rust/bssl-crypto/src/lib.rs \
+ rust/bssl-crypto/src/macros.rs \
+ rust/bssl-crypto/src/mem.rs \
+ rust/bssl-crypto/src/mldsa.rs \
+ rust/bssl-crypto/src/mlkem.rs \
+ rust/bssl-crypto/src/rand.rs \
+ rust/bssl-crypto/src/rsa.rs \
+ rust/bssl-crypto/src/scoped.rs \
+ rust/bssl-crypto/src/slhdsa.rs \
+ rust/bssl-crypto/src/test_helpers.rs \
+ rust/bssl-crypto/src/x25519.rs
+
+boringssl_rust_bssl_sys_sources := \
+ rust/bssl-sys/src/lib.rs
+
+boringssl_ssl_sources := \
+ ssl/bio_ssl.cc \
+ ssl/d1_both.cc \
+ ssl/d1_lib.cc \
+ ssl/d1_pkt.cc \
+ ssl/d1_srtp.cc \
+ ssl/dtls_method.cc \
+ ssl/dtls_record.cc \
+ ssl/encrypted_client_hello.cc \
+ ssl/extensions.cc \
+ ssl/handoff.cc \
+ ssl/handshake.cc \
+ ssl/handshake_client.cc \
+ ssl/handshake_server.cc \
+ ssl/s3_both.cc \
+ ssl/s3_lib.cc \
+ ssl/s3_pkt.cc \
+ ssl/ssl_aead_ctx.cc \
+ ssl/ssl_asn1.cc \
+ ssl/ssl_buffer.cc \
+ ssl/ssl_cert.cc \
+ ssl/ssl_cipher.cc \
+ ssl/ssl_credential.cc \
+ ssl/ssl_file.cc \
+ ssl/ssl_key_share.cc \
+ ssl/ssl_lib.cc \
+ ssl/ssl_privkey.cc \
+ ssl/ssl_session.cc \
+ ssl/ssl_stat.cc \
+ ssl/ssl_transcript.cc \
+ ssl/ssl_versions.cc \
+ ssl/ssl_x509.cc \
+ ssl/t1_enc.cc \
+ ssl/tls13_both.cc \
+ ssl/tls13_client.cc \
+ ssl/tls13_enc.cc \
+ ssl/tls13_server.cc \
+ ssl/tls_method.cc \
+ ssl/tls_record.cc
+
+boringssl_ssl_headers := \
+ include/openssl/dtls1.h \
+ include/openssl/srtp.h \
+ include/openssl/ssl.h \
+ include/openssl/ssl3.h \
+ include/openssl/tls1.h
+
+boringssl_ssl_internal_headers := \
+ ssl/internal.h
+
+boringssl_ssl_test_sources := \
+ crypto/test/gtest_main.cc \
+ ssl/span_test.cc \
+ ssl/ssl_c_test.c \
+ ssl/ssl_internal_test.cc \
+ ssl/ssl_test.cc
+
+boringssl_test_support_sources := \
+ crypto/test/abi_test.cc \
+ crypto/test/file_test.cc \
+ crypto/test/file_test_gtest.cc \
+ crypto/test/file_util.cc \
+ crypto/test/test_data.cc \
+ crypto/test/test_util.cc \
+ crypto/test/wycheproof_util.cc
+
+boringssl_test_support_internal_headers := \
+ crypto/test/abi_test.h \
+ crypto/test/file_test.h \
+ crypto/test/file_util.h \
+ crypto/test/gtest_main.h \
+ crypto/test/test_data.h \
+ crypto/test/test_util.h \
+ crypto/test/wycheproof_util.h \
+ ssl/test/async_bio.h \
+ ssl/test/fuzzer.h \
+ ssl/test/fuzzer_tags.h \
+ ssl/test/handshake_util.h \
+ ssl/test/mock_quic_transport.h \
+ ssl/test/packeted_bio.h \
+ ssl/test/settings_writer.h \
+ ssl/test/test_config.h \
+ ssl/test/test_state.h
+
+boringssl_test_support_sources_asm := \
+ gen/test_support/trampoline-armv4-linux.S \
+ gen/test_support/trampoline-armv8-apple.S \
+ gen/test_support/trampoline-armv8-linux.S \
+ gen/test_support/trampoline-armv8-win.S \
+ gen/test_support/trampoline-x86-apple.S \
+ gen/test_support/trampoline-x86-linux.S \
+ gen/test_support/trampoline-x86_64-apple.S \
+ gen/test_support/trampoline-x86_64-linux.S
+
+boringssl_test_support_sources_nasm := \
+ gen/test_support/trampoline-x86-win.asm \
+ gen/test_support/trampoline-x86_64-win.asm
+
+boringssl_urandom_test_sources := \
+ crypto/rand/urandom_test.cc
diff --git a/src/go.mod b/src/go.mod
index 811bf7d..9c29809 100644
--- a/src/go.mod
+++ b/src/go.mod
@@ -3,12 +3,54 @@
go 1.24
require (
+ cloud.google.com/go/storage v1.51.0
filippo.io/edwards25519 v1.1.0
- golang.org/x/crypto v0.31.0
- golang.org/x/net v0.27.0
+ golang.org/x/crypto v0.37.0
+ golang.org/x/net v0.39.0
+ google.golang.org/api v0.229.0
)
require (
- golang.org/x/sys v0.28.0 // indirect
- golang.org/x/term v0.27.0 // indirect
+ cel.dev/expr v0.23.1 // indirect
+ cloud.google.com/go v0.120.1 // indirect
+ cloud.google.com/go/auth v0.16.0 // indirect
+ cloud.google.com/go/auth/oauth2adapt v0.2.8 // indirect
+ cloud.google.com/go/compute/metadata v0.6.0 // indirect
+ cloud.google.com/go/iam v1.5.0 // indirect
+ cloud.google.com/go/monitoring v1.24.1 // indirect
+ github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.27.0 // indirect
+ github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric v0.51.0 // indirect
+ github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping v0.51.0 // indirect
+ github.com/cespare/xxhash/v2 v2.3.0 // indirect
+ github.com/cncf/xds/go v0.0.0-20250326154945-ae57f3c0d45f // indirect
+ github.com/envoyproxy/go-control-plane/envoy v1.32.4 // indirect
+ github.com/envoyproxy/protoc-gen-validate v1.2.1 // indirect
+ github.com/felixge/httpsnoop v1.0.4 // indirect
+ github.com/go-logr/logr v1.4.2 // indirect
+ github.com/go-logr/stdr v1.2.2 // indirect
+ github.com/google/s2a-go v0.1.9 // indirect
+ github.com/google/uuid v1.6.0 // indirect
+ github.com/googleapis/enterprise-certificate-proxy v0.3.6 // indirect
+ github.com/googleapis/gax-go/v2 v2.14.1 // indirect
+ github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 // indirect
+ go.opentelemetry.io/auto/sdk v1.1.0 // indirect
+ go.opentelemetry.io/contrib/detectors/gcp v1.35.0 // indirect
+ go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.60.0 // indirect
+ go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 // indirect
+ go.opentelemetry.io/otel v1.35.0 // indirect
+ go.opentelemetry.io/otel/metric v1.35.0 // indirect
+ go.opentelemetry.io/otel/sdk v1.35.0 // indirect
+ go.opentelemetry.io/otel/sdk/metric v1.35.0 // indirect
+ go.opentelemetry.io/otel/trace v1.35.0 // indirect
+ golang.org/x/oauth2 v0.29.0 // indirect
+ golang.org/x/sync v0.13.0 // indirect
+ golang.org/x/sys v0.32.0 // indirect
+ golang.org/x/term v0.31.0 // indirect
+ golang.org/x/text v0.24.0 // indirect
+ golang.org/x/time v0.11.0 // indirect
+ google.golang.org/genproto v0.0.0-20250414145226-207652e42e2e // indirect
+ google.golang.org/genproto/googleapis/api v0.0.0-20250414145226-207652e42e2e // indirect
+ google.golang.org/genproto/googleapis/rpc v0.0.0-20250414145226-207652e42e2e // indirect
+ google.golang.org/grpc v1.71.1 // indirect
+ google.golang.org/protobuf v1.36.6 // indirect
)
diff --git a/src/go.sum b/src/go.sum
index 3b0bcfc..5ada5b4 100644
--- a/src/go.sum
+++ b/src/go.sum
@@ -1,10 +1,123 @@
+cel.dev/expr v0.23.1 h1:K4KOtPCJQjVggkARsjG9RWXP6O4R73aHeJMa/dmCQQg=
+cel.dev/expr v0.23.1/go.mod h1:hLPLo1W4QUmuYdA72RBX06QTs6MXw941piREPl3Yfiw=
+cloud.google.com/go v0.120.1 h1:Z+5V7yd383+9617XDCyszmK5E4wJRJL+tquMfDj9hLM=
+cloud.google.com/go v0.120.1/go.mod h1:56Vs7sf/i2jYM6ZL9NYlC82r04PThNcPS5YgFmb0rp8=
+cloud.google.com/go/auth v0.16.0 h1:Pd8P1s9WkcrBE2n/PhAwKsdrR35V3Sg2II9B+ndM3CU=
+cloud.google.com/go/auth v0.16.0/go.mod h1:1howDHJ5IETh/LwYs3ZxvlkXF48aSqqJUM+5o02dNOI=
+cloud.google.com/go/auth/oauth2adapt v0.2.8 h1:keo8NaayQZ6wimpNSmW5OPc283g65QNIiLpZnkHRbnc=
+cloud.google.com/go/auth/oauth2adapt v0.2.8/go.mod h1:XQ9y31RkqZCcwJWNSx2Xvric3RrU88hAYYbjDWYDL+c=
+cloud.google.com/go/compute/metadata v0.6.0 h1:A6hENjEsCDtC1k8byVsgwvVcioamEHvZ4j01OwKxG9I=
+cloud.google.com/go/compute/metadata v0.6.0/go.mod h1:FjyFAW1MW0C203CEOMDTu3Dk1FlqW3Rga40jzHL4hfg=
+cloud.google.com/go/iam v1.5.0 h1:QlLcVMhbLGOjRcGe6VTGGTyQib8dRLK2B/kYNV0+2xs=
+cloud.google.com/go/iam v1.5.0/go.mod h1:U+DOtKQltF/LxPEtcDLoobcsZMilSRwR7mgNL7knOpo=
+cloud.google.com/go/logging v1.13.0 h1:7j0HgAp0B94o1YRDqiqm26w4q1rDMH7XNRU34lJXHYc=
+cloud.google.com/go/logging v1.13.0/go.mod h1:36CoKh6KA/M0PbhPKMq6/qety2DCAErbhXT62TuXALA=
+cloud.google.com/go/longrunning v0.6.6 h1:XJNDo5MUfMM05xK3ewpbSdmt7R2Zw+aQEMbdQR65Rbw=
+cloud.google.com/go/longrunning v0.6.6/go.mod h1:hyeGJUrPHcx0u2Uu1UFSoYZLn4lkMrccJig0t4FI7yw=
+cloud.google.com/go/monitoring v1.24.1 h1:vKiypZVFD/5a3BbQMvI4gZdl8445ITzXFh257XBgrS0=
+cloud.google.com/go/monitoring v1.24.1/go.mod h1:Z05d1/vn9NaujqY2voG6pVQXoJGbp+r3laV+LySt9K0=
+cloud.google.com/go/storage v1.51.0 h1:ZVZ11zCiD7b3k+cH5lQs/qcNaoSz3U9I0jgwVzqDlCw=
+cloud.google.com/go/storage v1.51.0/go.mod h1:YEJfu/Ki3i5oHC/7jyTgsGZwdQ8P9hqMqvpi5kRKGgc=
+cloud.google.com/go/trace v1.11.5 h1:CALS1loyxJMnRiCwZSpdf8ac7iCsjreMxFD2WGxzzHU=
+cloud.google.com/go/trace v1.11.5/go.mod h1:TwblCcqNInriu5/qzaeYEIH7wzUcchSdeY2l5wL3Eec=
filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
-golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
-golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
-golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys=
-golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE=
-golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
-golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q=
-golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM=
+github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.27.0 h1:ErKg/3iS1AKcTkf3yixlZ54f9U1rljCkQyEXWUnIUxc=
+github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.27.0/go.mod h1:yAZHSGnqScoU556rBOVkwLze6WP5N+U11RHuWaGVxwY=
+github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric v0.51.0 h1:fYE9p3esPxA/C0rQ0AHhP0drtPXDRhaWiwg1DPqO7IU=
+github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric v0.51.0/go.mod h1:BnBReJLvVYx2CS/UHOgVz2BXKXD9wsQPxZug20nZhd0=
+github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/cloudmock v0.51.0 h1:OqVGm6Ei3x5+yZmSJG1Mh2NwHvpVmZ08CB5qJhT9Nuk=
+github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/cloudmock v0.51.0/go.mod h1:SZiPHWGOOk3bl8tkevxkoiwPgsIl6CwrWcbwjfHZpdM=
+github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping v0.51.0 h1:6/0iUd0xrnX7qt+mLNRwg5c0PGv8wpE8K90ryANQwMI=
+github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping v0.51.0/go.mod h1:otE2jQekW/PqXk1Awf5lmfokJx4uwuqcj1ab5SpGeW0=
+github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
+github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
+github.com/cncf/xds/go v0.0.0-20250326154945-ae57f3c0d45f h1:C5bqEmzEPLsHm9Mv73lSE9e9bKV23aB1vxOsmZrkl3k=
+github.com/cncf/xds/go v0.0.0-20250326154945-ae57f3c0d45f/go.mod h1:W+zGtBO5Y1IgJhy4+A9GOqVhqLpfZi+vwmdNXUehLA8=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/envoyproxy/go-control-plane v0.13.4 h1:zEqyPVyku6IvWCFwux4x9RxkLOMUL+1vC9xUFv5l2/M=
+github.com/envoyproxy/go-control-plane v0.13.4/go.mod h1:kDfuBlDVsSj2MjrLEtRWtHlsWIFcGyB2RMO44Dc5GZA=
+github.com/envoyproxy/go-control-plane/envoy v1.32.4 h1:jb83lalDRZSpPWW2Z7Mck/8kXZ5CQAFYVjQcdVIr83A=
+github.com/envoyproxy/go-control-plane/envoy v1.32.4/go.mod h1:Gzjc5k8JcJswLjAx1Zm+wSYE20UrLtt7JZMWiWQXQEw=
+github.com/envoyproxy/go-control-plane/ratelimit v0.1.0 h1:/G9QYbddjL25KvtKTv3an9lx6VBE2cnb8wp1vEGNYGI=
+github.com/envoyproxy/go-control-plane/ratelimit v0.1.0/go.mod h1:Wk+tMFAFbCXaJPzVVHnPgRKdUdwW/KdbRt94AzgRee4=
+github.com/envoyproxy/protoc-gen-validate v1.2.1 h1:DEo3O99U8j4hBFwbJfrz9VtgcDfUKS7KJ7spH3d86P8=
+github.com/envoyproxy/protoc-gen-validate v1.2.1/go.mod h1:d/C80l/jxXLdfEIhX1W2TmLfsJ31lvEjwamM4DxlWXU=
+github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
+github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
+github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
+github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
+github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
+github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
+github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
+github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
+github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
+github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
+github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
+github.com/google/martian/v3 v3.3.3 h1:DIhPTQrbPkgs2yJYdXU/eNACCG5DVQjySNRNlflZ9Fc=
+github.com/google/martian/v3 v3.3.3/go.mod h1:iEPrYcgCF7jA9OtScMFQyAlZZ4YXTKEtJ1E6RWzmBA0=
+github.com/google/s2a-go v0.1.9 h1:LGD7gtMgezd8a/Xak7mEWL0PjoTQFvpRudN895yqKW0=
+github.com/google/s2a-go v0.1.9/go.mod h1:YA0Ei2ZQL3acow2O62kdp9UlnvMmU7kA6Eutn0dXayM=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/googleapis/enterprise-certificate-proxy v0.3.6 h1:GW/XbdyBFQ8Qe+YAmFU9uHLo7OnF5tL52HFAgMmyrf4=
+github.com/googleapis/enterprise-certificate-proxy v0.3.6/go.mod h1:MkHOF77EYAE7qfSuSS9PU6g4Nt4e11cnsDUowfwewLA=
+github.com/googleapis/gax-go/v2 v2.14.1 h1:hb0FFeiPaQskmvakKu5EbCbpntQn48jyHuvrkurSS/Q=
+github.com/googleapis/gax-go/v2 v2.14.1/go.mod h1:Hb/NubMaVM88SrNkvl8X/o8XWwDJEPqouaLeN2IUxoA=
+github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 h1:GFCKgmp0tecUJ0sJuv4pzYCqS9+RGSn52M3FUwPs+uo=
+github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10/go.mod h1:t/avpk3KcrXxUnYOhZhMXJlSEyie6gQbtLq5NM3loB8=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
+github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA=
+go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A=
+go.opentelemetry.io/contrib/detectors/gcp v1.35.0 h1:bGvFt68+KTiAKFlacHW6AhA56GF2rS0bdD3aJYEnmzA=
+go.opentelemetry.io/contrib/detectors/gcp v1.35.0/go.mod h1:qGWP8/+ILwMRIUf9uIVLloR1uo5ZYAslM4O6OqUi1DA=
+go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.60.0 h1:x7wzEgXfnzJcHDwStJT+mxOz4etr2EcexjqhBvmoakw=
+go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.60.0/go.mod h1:rg+RlpR5dKwaS95IyyZqj5Wd4E13lk/msnTS0Xl9lJM=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 h1:sbiXRNDSWJOTobXh5HyQKjq6wUC5tNybqjIqDpAY4CU=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0/go.mod h1:69uWxva0WgAA/4bu2Yy70SLDBwZXuQ6PbBpbsa5iZrQ=
+go.opentelemetry.io/otel v1.35.0 h1:xKWKPxrxB6OtMCbmMY021CqC45J+3Onta9MqjhnusiQ=
+go.opentelemetry.io/otel v1.35.0/go.mod h1:UEqy8Zp11hpkUrL73gSlELM0DupHoiq72dR+Zqel/+Y=
+go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.29.0 h1:WDdP9acbMYjbKIyJUhTvtzj601sVJOqgWdUxSdR/Ysc=
+go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.29.0/go.mod h1:BLbf7zbNIONBLPwvFnwNHGj4zge8uTCM/UPIVW1Mq2I=
+go.opentelemetry.io/otel/metric v1.35.0 h1:0znxYu2SNyuMSQT4Y9WDWej0VpcsxkuklLa4/siN90M=
+go.opentelemetry.io/otel/metric v1.35.0/go.mod h1:nKVFgxBZ2fReX6IlyW28MgZojkoAkJGaE8CpgeAU3oE=
+go.opentelemetry.io/otel/sdk v1.35.0 h1:iPctf8iprVySXSKJffSS79eOjl9pvxV9ZqOWT0QejKY=
+go.opentelemetry.io/otel/sdk v1.35.0/go.mod h1:+ga1bZliga3DxJ3CQGg3updiaAJoNECOgJREo9KHGQg=
+go.opentelemetry.io/otel/sdk/metric v1.35.0 h1:1RriWBmCKgkeHEhM7a2uMjMUfP7MsOF5JpUCaEqEI9o=
+go.opentelemetry.io/otel/sdk/metric v1.35.0/go.mod h1:is6XYCUMpcKi+ZsOvfluY5YstFnhW0BidkR+gL+qN+w=
+go.opentelemetry.io/otel/trace v1.35.0 h1:dPpEfJu1sDIqruz7BHFG3c7528f6ddfSWfFDVt/xgMs=
+go.opentelemetry.io/otel/trace v1.35.0/go.mod h1:WUk7DtFp1Aw2MkvqGdwiXYDZZNvA/1J8o6xRXLrIkyc=
+golang.org/x/crypto v0.37.0 h1:kJNSjF/Xp7kU0iB2Z+9viTPMW4EqqsrywMXLJOOsXSE=
+golang.org/x/crypto v0.37.0/go.mod h1:vg+k43peMZ0pUMhYmVAWysMK35e6ioLh3wB8ZCAfbVc=
+golang.org/x/net v0.39.0 h1:ZCu7HMWDxpXpaiKdhzIfaltL9Lp31x/3fCP11bc6/fY=
+golang.org/x/net v0.39.0/go.mod h1:X7NRbYVEA+ewNkCNyJ513WmMdQ3BineSwVtN2zD/d+E=
+golang.org/x/oauth2 v0.29.0 h1:WdYw2tdTK1S8olAzWHdgeqfy+Mtm9XNhv/xJsY65d98=
+golang.org/x/oauth2 v0.29.0/go.mod h1:onh5ek6nERTohokkhCD/y2cV4Do3fxFHFuAejCkRWT8=
+golang.org/x/sync v0.13.0 h1:AauUjRAJ9OSnvULf/ARrrVywoJDy0YS2AwQ98I37610=
+golang.org/x/sync v0.13.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
+golang.org/x/sys v0.32.0 h1:s77OFDvIQeibCmezSnk/q6iAfkdiQaJi4VzroCFrN20=
+golang.org/x/sys v0.32.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
+golang.org/x/term v0.31.0 h1:erwDkOK1Msy6offm1mOgvspSkslFnIGsFnxOKoufg3o=
+golang.org/x/term v0.31.0/go.mod h1:R4BeIy7D95HzImkxGkTW1UQTtP54tio2RyHz7PwK0aw=
+golang.org/x/text v0.24.0 h1:dd5Bzh4yt5KYA8f9CJHCP4FB4D51c2c6JvN37xJJkJ0=
+golang.org/x/text v0.24.0/go.mod h1:L8rBsPeo2pSS+xqN0d5u2ikmjtmoJbDBT1b7nHvFCdU=
+golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0=
+golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
+google.golang.org/api v0.229.0 h1:p98ymMtqeJ5i3lIBMj5MpR9kzIIgzpHHh8vQ+vgAzx8=
+google.golang.org/api v0.229.0/go.mod h1:wyDfmq5g1wYJWn29O22FDWN48P7Xcz0xz+LBpptYvB0=
+google.golang.org/genproto v0.0.0-20250414145226-207652e42e2e h1:mYHFv3iX85YMwhGSaZS4xpkM8WQDmJUovz7yqsFrwDk=
+google.golang.org/genproto v0.0.0-20250414145226-207652e42e2e/go.mod h1:TQT1YpH/rlDCS5+EuFaqPIMqDfuNMFR1OI8EcZJGgAk=
+google.golang.org/genproto/googleapis/api v0.0.0-20250414145226-207652e42e2e h1:UdXH7Kzbj+Vzastr5nVfccbmFsmYNygVLSPk1pEfDoY=
+google.golang.org/genproto/googleapis/api v0.0.0-20250414145226-207652e42e2e/go.mod h1:085qFyf2+XaZlRdCgKNCIZ3afY2p4HHZdoIRpId8F4A=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20250414145226-207652e42e2e h1:ztQaXfzEXTmCBvbtWYRhJxW+0iJcz2qXfd38/e9l7bA=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20250414145226-207652e42e2e/go.mod h1:qQ0YXyHHx3XkvlzUtpXDkS29lDSafHMZBAZDc03LQ3A=
+google.golang.org/grpc v1.71.1 h1:ffsFWr7ygTUscGPI0KKK6TLrGz0476KUvvsbqWK0rPI=
+google.golang.org/grpc v1.71.1/go.mod h1:H0GRtasmQOh9LkFoCPDu3ZrwUtD1YGE+b2vYBYd/8Ec=
+google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY=
+google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
diff --git a/src/include/openssl/aead.h b/src/include/openssl/aead.h
index 570dec6..e9c8fbe 100644
--- a/src/include/openssl/aead.h
+++ b/src/include/openssl/aead.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_AEAD_H
#define OPENSSL_HEADER_AEAD_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
@@ -186,6 +186,16 @@
// constant-time AES-GCM.
OPENSSL_EXPORT int EVP_has_aes_hardware(void);
+// EVP_aead_aes_128_eax is AES-128 in EAX mode. Nonce size is either 12 or 16
+// bytes, tag length is 16 bytes.
+// See https://doi.org/10.1007/978-3-540-25937-4_25.
+OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_eax(void);
+
+// EVP_aead_aes_256_eax is AES-256 in EAX mode. Nonce size is either 12 or 16
+// bytes, tag length is 16 bytes.
+// See https://doi.org/10.1007/978-3-540-25937-4_25.
+OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_eax(void);
+
// Utility functions.
@@ -210,7 +220,7 @@
// AEAD operations.
union evp_aead_ctx_st_state {
- uint8_t opaque[564];
+ uint8_t opaque[560];
uint64_t alignment;
};
@@ -356,12 +366,10 @@
// If |in| and |out| alias then |out| must be == |in|. |out_tag| may not alias
// any other argument.
OPENSSL_EXPORT int EVP_AEAD_CTX_seal_scatter(
- const EVP_AEAD_CTX *ctx, uint8_t *out,
- uint8_t *out_tag, size_t *out_tag_len, size_t max_out_tag_len,
- const uint8_t *nonce, size_t nonce_len,
- const uint8_t *in, size_t in_len,
- const uint8_t *extra_in, size_t extra_in_len,
- const uint8_t *ad, size_t ad_len);
+ const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t *out_tag,
+ size_t *out_tag_len, size_t max_out_tag_len, const uint8_t *nonce,
+ size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *extra_in,
+ size_t extra_in_len, const uint8_t *ad, size_t ad_len);
// EVP_AEAD_CTX_open_gather decrypts and authenticates |in_len| bytes from |in|
// and authenticates |ad_len| bytes from |ad| using |in_tag_len| bytes of
diff --git a/src/include/openssl/aes.h b/src/include/openssl/aes.h
index ea3e9d9..eee88a5 100644
--- a/src/include/openssl/aes.h
+++ b/src/include/openssl/aes.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_AES_H
#define OPENSSL_HEADER_AES_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/asn1.h b/src/include/openssl/asn1.h
index 2b06074..8eb8e8b 100644
--- a/src/include/openssl/asn1.h
+++ b/src/include/openssl/asn1.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_ASN1_H
#define OPENSSL_HEADER_ASN1_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <time.h>
@@ -77,6 +77,10 @@
// V_ASN1_ANY is used by the ASN.1 templates to indicate an ANY type.
#define V_ASN1_ANY (-4)
+// V_ASN1_ANY_AS_STRING is used by the ASN.1 templates to indicate an ANY type
+// represented with |ASN1_STRING| instead of |ASN1_TYPE|.
+#define V_ASN1_ANY_AS_STRING (-5)
+
// The following constants are tag numbers for universal types.
#define V_ASN1_EOC 0
#define V_ASN1_BOOLEAN 1
@@ -128,21 +132,13 @@
#define B_ASN1_OCTET_STRING 0x0200
#define B_ASN1_BIT_STRING 0x0400
#define B_ASN1_BMPSTRING 0x0800
-#define B_ASN1_UNKNOWN 0x1000
#define B_ASN1_UTF8STRING 0x2000
#define B_ASN1_UTCTIME 0x4000
#define B_ASN1_GENERALIZEDTIME 0x8000
#define B_ASN1_SEQUENCE 0x10000
// ASN1_tag2bit converts |tag| from the tag number of a universal type to a
-// corresponding |B_ASN1_*| constant, |B_ASN1_UNKNOWN|, or zero. If the
-// |B_ASN1_*| constant above is defined, it will map the corresponding
-// |V_ASN1_*| constant to it. Otherwise, whether it returns |B_ASN1_UNKNOWN| or
-// zero is ill-defined and callers should not rely on it.
-//
-// TODO(https://crbug.com/boringssl/412): Figure out what |B_ASN1_UNNOWN| vs
-// zero is meant to be. The main impact is what values go in |B_ASN1_PRINTABLE|.
-// To that end, we must return zero on types that can't go in |ASN1_STRING|.
+// corresponding |B_ASN1_*| constant, or zero if |tag| has no bitmask.
OPENSSL_EXPORT unsigned long ASN1_tag2bit(int tag);
// ASN1_tag2str returns a string representation of |tag|, interpret as a tag
@@ -1855,50 +1851,6 @@
#define M_ASN1_UTF8STRING_new() ASN1_UTF8STRING_new()
#define M_ASN1_UTF8STRING_free(a) ASN1_UTF8STRING_free(a)
-// B_ASN1_PRINTABLE is a bitmask for an ad-hoc subset of string-like types. Note
-// the presence of |B_ASN1_UNKNOWN| means it includes types which |ASN1_tag2bit|
-// maps to |B_ASN1_UNKNOWN|.
-//
-// Do not use this. Despite the name, it has no connection to PrintableString or
-// printable characters. See https://crbug.com/boringssl/412.
-#define B_ASN1_PRINTABLE \
- (B_ASN1_NUMERICSTRING | B_ASN1_PRINTABLESTRING | B_ASN1_T61STRING | \
- B_ASN1_IA5STRING | B_ASN1_BIT_STRING | B_ASN1_UNIVERSALSTRING | \
- B_ASN1_BMPSTRING | B_ASN1_UTF8STRING | B_ASN1_SEQUENCE | B_ASN1_UNKNOWN)
-
-// ASN1_PRINTABLE_new returns a newly-allocated |ASN1_STRING| with type -1, or
-// NULL on error. The resulting |ASN1_STRING| is not a valid ASN.1 value until
-// initialized with a value.
-OPENSSL_EXPORT ASN1_STRING *ASN1_PRINTABLE_new(void);
-
-// ASN1_PRINTABLE_free calls |ASN1_STRING_free|.
-OPENSSL_EXPORT void ASN1_PRINTABLE_free(ASN1_STRING *str);
-
-// d2i_ASN1_PRINTABLE parses up to |len| bytes from |*inp| as a DER-encoded
-// CHOICE of an ad-hoc subset of string-like types, as described in
-// |d2i_SAMPLE|.
-//
-// Do not use this. Despite, the name it has no connection to PrintableString or
-// printable characters. See https://crbug.com/boringssl/412.
-//
-// TODO(https://crbug.com/boringssl/354): This function currently also accepts
-// BER, but this will be removed in the future.
-OPENSSL_EXPORT ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **out,
- const uint8_t **inp, long len);
-
-// i2d_ASN1_PRINTABLE marshals |in| as DER, as described in |i2d_SAMPLE|.
-//
-// Do not use this. Despite the name, it has no connection to PrintableString or
-// printable characters. See https://crbug.com/boringssl/412.
-OPENSSL_EXPORT int i2d_ASN1_PRINTABLE(const ASN1_STRING *in, uint8_t **outp);
-
-// ASN1_PRINTABLE is an |ASN1_ITEM| whose ASN.1 type is a CHOICE of an ad-hoc
-// subset of string-like types, and whose C type is |ASN1_STRING*|.
-//
-// Do not use this. Despite the name, it has no connection to PrintableString or
-// printable characters. See https://crbug.com/boringssl/412.
-DECLARE_ASN1_ITEM(ASN1_PRINTABLE)
-
// ASN1_INTEGER_set sets |a| to an INTEGER with value |v|. It returns one on
// success and zero on error.
//
diff --git a/src/include/openssl/asn1t.h b/src/include/openssl/asn1t.h
index 9ac58a7..60c1b62 100644
--- a/src/include/openssl/asn1t.h
+++ b/src/include/openssl/asn1t.h
@@ -16,7 +16,7 @@
#define OPENSSL_HEADER_ASN1T_H
#include <openssl/asn1.h>
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/base.h b/src/include/openssl/base.h
index 3be025e..ebbb1cf 100644
--- a/src/include/openssl/base.h
+++ b/src/include/openssl/base.h
@@ -16,10 +16,12 @@
#define OPENSSL_HEADER_BASE_H
-// This file should be the first included by all BoringSSL headers.
+// This file should be the first included by all BoringSSL headers. All
+// BoringSSL headers can be assumed to import this file, and this header can be
+// assumed to include stddef.h (size_t) and stdint.h (uint*_t, etc).
-#include <stddef.h>
-#include <stdint.h>
+#include <stddef.h> // IWYU pragma: export
+#include <stdint.h> // IWYU pragma: export
#include <stdlib.h>
#include <sys/types.h>
@@ -71,7 +73,7 @@
// A consumer may use this symbol in the preprocessor to temporarily build
// against multiple revisions of BoringSSL at the same time. It is not
// recommended to do so for longer than is necessary.
-#define BORINGSSL_API_VERSION 34
+#define BORINGSSL_API_VERSION 36
#if defined(BORINGSSL_SHARED_LIBRARY)
@@ -260,6 +262,8 @@
typedef struct asn1_type_st ASN1_TYPE;
typedef struct AUTHORITY_KEYID_st AUTHORITY_KEYID;
typedef struct BASIC_CONSTRAINTS_st BASIC_CONSTRAINTS;
+typedef struct CMS_ContentInfo_st CMS_ContentInfo;
+typedef struct CMS_SignerInfo_st CMS_SignerInfo;
typedef struct DIST_POINT_st DIST_POINT;
typedef struct DSA_SIG_st DSA_SIG;
typedef struct GENERAL_NAME_st GENERAL_NAME;
diff --git a/src/include/openssl/base64.h b/src/include/openssl/base64.h
index 96086e0..ca265cd 100644
--- a/src/include/openssl/base64.h
+++ b/src/include/openssl/base64.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_BASE64_H
#define OPENSSL_HEADER_BASE64_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/bcm_public.h b/src/include/openssl/bcm_public.h
index a7e97a6..c5326e2 100644
--- a/src/include/openssl/bcm_public.h
+++ b/src/include/openssl/bcm_public.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_BCM_PUBLIC_H_
#define OPENSSL_HEADER_BCM_PUBLIC_H_
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/bio.h b/src/include/openssl/bio.h
index 099d3d7..28e23d8 100644
--- a/src/include/openssl/bio.h
+++ b/src/include/openssl/bio.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_BIO_H
#define OPENSSL_HEADER_BIO_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <stdio.h> // For FILE
diff --git a/src/include/openssl/blake2.h b/src/include/openssl/blake2.h
index 24389c0..5378fc3 100644
--- a/src/include/openssl/blake2.h
+++ b/src/include/openssl/blake2.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_BLAKE2_H
#define OPENSSL_HEADER_BLAKE2_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/blowfish.h b/src/include/openssl/blowfish.h
index 66a1cc9..926555e 100644
--- a/src/include/openssl/blowfish.h
+++ b/src/include/openssl/blowfish.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_BLOWFISH_H
#define OPENSSL_HEADER_BLOWFISH_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#ifdef __cplusplus
extern "C" {
diff --git a/src/include/openssl/bn.h b/src/include/openssl/bn.h
index 466823b..6d95db8 100644
--- a/src/include/openssl/bn.h
+++ b/src/include/openssl/bn.h
@@ -16,7 +16,7 @@
#ifndef OPENSSL_HEADER_BN_H
#define OPENSSL_HEADER_BN_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <openssl/thread.h>
#include <inttypes.h> // for PRIu64 and friends
diff --git a/src/include/openssl/buf.h b/src/include/openssl/buf.h
index 74ef14f..18ae3a1 100644
--- a/src/include/openssl/buf.h
+++ b/src/include/openssl/buf.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_BUFFER_H
#define OPENSSL_HEADER_BUFFER_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/bytestring.h b/src/include/openssl/bytestring.h
index 813decb..1738c08 100644
--- a/src/include/openssl/bytestring.h
+++ b/src/include/openssl/bytestring.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_BYTESTRING_H
#define OPENSSL_HEADER_BYTESTRING_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <openssl/span.h>
#include <time.h>
@@ -601,6 +601,12 @@
// child's contents nor the length prefix will be included in the output.
OPENSSL_EXPORT void CBB_discard_child(CBB *cbb);
+// CBB_add_asn1_element adds an ASN.1 element with the specified tag and
+// contents. It returns one on success and zero on error. This is a convenience
+// function over |CBB_add_asn1| when the data is already available.
+OPENSSL_EXPORT int CBB_add_asn1_element(CBB *cbb, CBS_ASN1_TAG tag,
+ const uint8_t *data, size_t data_len);
+
// CBB_add_asn1_uint64 writes an ASN.1 INTEGER into |cbb| using |CBB_add_asn1|
// and writes |value| in its contents. It returns one on success and zero on
// error.
diff --git a/src/include/openssl/cast.h b/src/include/openssl/cast.h
index 7cd7fc5..8650094 100644
--- a/src/include/openssl/cast.h
+++ b/src/include/openssl/cast.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_CAST_H
#define OPENSSL_HEADER_CAST_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#ifdef __cplusplus
extern "C" {
diff --git a/src/include/openssl/chacha.h b/src/include/openssl/chacha.h
index 1cc4cb2..ff9f55e 100644
--- a/src/include/openssl/chacha.h
+++ b/src/include/openssl/chacha.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_CHACHA_H
#define OPENSSL_HEADER_CHACHA_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/cipher.h b/src/include/openssl/cipher.h
index 6bb1358..13e68ad 100644
--- a/src/include/openssl/cipher.h
+++ b/src/include/openssl/cipher.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_CIPHER_H
#define OPENSSL_HEADER_CIPHER_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/cmac.h b/src/include/openssl/cmac.h
index 05aa312..3e5a2d6 100644
--- a/src/include/openssl/cmac.h
+++ b/src/include/openssl/cmac.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_CMAC_H
#define OPENSSL_HEADER_CMAC_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/cms.h b/src/include/openssl/cms.h
new file mode 100644
index 0000000..6616348
--- /dev/null
+++ b/src/include/openssl/cms.h
@@ -0,0 +1,146 @@
+// Copyright 2025 The BoringSSL Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef OPENSSL_HEADER_CMS_H
+#define OPENSSL_HEADER_CMS_H
+
+#include <openssl/base.h> // IWYU pragma: export
+
+#include <openssl/stack.h>
+
+#if defined(__cplusplus)
+extern "C" {
+#endif
+
+
+// CMS.
+//
+// This library contains functions for implementing a small subset of OpenSSL's
+// API for CMS (RFC 5652). A general CMS implementation, notably one suitable
+// for S/MIME, is out of scope for BoringSSL.
+//
+// As this library is intentionally not a general CMS implementation, BoringSSL
+// continues to define |OPENSSL_NO_CMS|, so that most callers turn off their
+// general-purpose CMS code. In callers that are compatible with this subset,
+// the |BORINGSSL_NO_NO_CMS| build option can be used to suppress
+// |OPENSSL_NO_CMS|.
+
+DECLARE_STACK_OF(X509)
+
+// CMS_* are flags that can be passed to functions in this library. Their
+// interpretation is specified in the corresponding functinos.
+#define CMS_NOCERTS 0x2
+#define CMS_DETACHED 0x40
+#define CMS_BINARY 0x80
+#define CMS_NOATTR 0x100
+#define CMS_NOSMIMECAP 0x200
+#define CMS_STREAM 0x1000
+#define CMS_PARTIAL 0x4000
+#define CMS_USE_KEYID 0x10000
+#define CMS_NO_SIGNING_TIME 0x400000
+
+// CMS_sign returns a newly-allocated |CMS_ContentInfo| structure for building a
+// SignedData (RFC 5652), or NULL on error.
+//
+// |certs| must be NULL or zero length. BoringSSL does not support embedding
+// certificates in SignedData.
+//
+// |flags| must contain |CMS_DETACHED|, which indicates an external signature.
+// BoringSSL only supports generating external signatures and does not support
+// embedding encapsulated content directly in a SignedData.
+//
+// If |pkey| is non-NULL, |CMS_add1_signer| is automatically called with
+// |signcert|, |pkey|, a default hash of SHA-256, and |flags|. |flags| will then
+// additionally be interpreted as in |CMS_add1_signer|.
+//
+// If |CMS_PARTIAL| or |CMS_STREAM| is set in |flags|, the object will be left
+// incomplete. |data| will then be ignored and should be NULL. The caller can
+// then continue configuring it and finalizing it with |CMS_final|. Otherwise,
+// the object will be finalized with |data| and |flags| passed to |CMS_final|.
+OPENSSL_EXPORT CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
+ STACK_OF(X509) *certs, BIO *data,
+ uint32_t flags);
+
+// CMS_ContentInfo_free releases memory associated with |cms|.
+OPENSSL_EXPORT void CMS_ContentInfo_free(CMS_ContentInfo *cms);
+
+// CMS_add1_signer adds a signer to |cms|, which must be a SignedData created by
+// |CMS_sign|, with the |CMS_PARTIAL| flag set. The signer will use |signcert|,
+// |pkey|, and |md| for the signing certificate, private key, and digest
+// algorithm, respectively. It returns a non-NULL pointer to the signer on
+// success, and NULL on error. The signer is owned by |cms| and should not be
+// released by the caller.
+//
+// |flags| is interpreted as follows:
+//
+// - |CMS_PARTIAL| must not be set. BoringSSL does not support configuring a
+// signer in multiple steps.
+//
+// - |CMS_NOCERTS| must be set. BoringSSL does not support embedding
+// certificates in SignedData.
+//
+// - |CMS_NOATTR| must be set. BoringSSL does not support attributes in
+// SignedData.
+//
+// - If |CMS_USE_KEYID| is set, SignerInfos will be identified by subject key
+// identifier instead of issuer and serial number. |signcert| must then have
+// the subject key identifier extension.
+//
+// BoringSSL currently only supports one signer per |CMS_ContentInfo|.
+// Subsequent calls will fail. Additionally, only RSA keys are currently
+// supported for |pkey|.
+OPENSSL_EXPORT CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
+ X509 *signcert, EVP_PKEY *pkey,
+ const EVP_MD *md,
+ uint32_t flags);
+
+// CMS_final finalizes constructing |cms|, which must have been initialized with
+// the |CMS_PARTIAL| flag. |data| is read, until EOF, as the data to be
+// processed by CMS. It returns one on success and zero on error.
+//
+// |CMS_BINARY| must be set in |flags|. BoringSSL does not support translating
+// inputs according to S/MIME.
+//
+// |dcont| must be NULL. What a non-NULL |dcont| does is not clearly documented
+// by OpenSSL, and there are no tests to demonstrate its behavior.
+OPENSSL_EXPORT int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont,
+ uint32_t flags);
+
+// i2d_CMS_bio encodes |cms| as a DER-encoded ContentInfo structure (RFC 5652).
+// It returns one on success and zero on failure.
+OPENSSL_EXPORT int i2d_CMS_bio(BIO *out, CMS_ContentInfo *cms);
+
+// i2d_CMS_bio_stream calls |i2d_CMS_bio|. |in| must be NULL and |flags| must
+// not contain |CMS_STREAM|. BoringSSL does not support any streaming modes for
+// CMS.
+OPENSSL_EXPORT int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in,
+ int flags);
+
+
+#if defined(__cplusplus)
+} // extern C
+
+extern "C++" {
+BSSL_NAMESPACE_BEGIN
+
+BORINGSSL_MAKE_DELETER(CMS_ContentInfo, CMS_ContentInfo_free)
+
+BSSL_NAMESPACE_END
+} // extern C++
+#endif
+
+#define CMS_R_CERTIFICATE_HAS_NO_KEYID 100
+#define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 101
+
+#endif // OPENSSL_HEADER_CMS_H
diff --git a/src/include/openssl/conf.h b/src/include/openssl/conf.h
index f1005bb..ff20b60 100644
--- a/src/include/openssl/conf.h
+++ b/src/include/openssl/conf.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_CONF_H
#define OPENSSL_HEADER_CONF_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <openssl/stack.h>
#include <openssl/lhash.h>
diff --git a/src/include/openssl/crypto.h b/src/include/openssl/crypto.h
index ff42a95..ca1ca2f 100644
--- a/src/include/openssl/crypto.h
+++ b/src/include/openssl/crypto.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_CRYPTO_H
#define OPENSSL_HEADER_CRYPTO_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <openssl/sha.h>
// Upstream OpenSSL defines |OPENSSL_malloc|, etc., in crypto.h rather than
@@ -46,10 +46,17 @@
// in which case it returns zero.
OPENSSL_EXPORT int CRYPTO_has_asm(void);
-// BORINGSSL_self_test triggers the FIPS KAT-based self tests. It returns one on
-// success and zero on error.
+// BORINGSSL_self_test triggers most of the FIPS KAT-based self tests. It
+// returns one on success and zero on error. It currently skips the SLH-DSA
+// tests, which take a really long time to run.
OPENSSL_EXPORT int BORINGSSL_self_test(void);
+// BORINGSSL_self_test_all triggers all of the FIPS KAT-based self tests. This
+// is the 'self-test' entry point required by FIPS 140. It returns one on
+// success and zero on error. This test will take a very long time to run. You
+// probably do not want to run this in a resource or time constrained test.
+OPENSSL_EXPORT int BORINGSSL_self_test_all(void);
+
// BORINGSSL_integrity_test triggers the module's integrity test where the code
// and data of the module is matched against a hash injected at build time. It
// returns one on success or zero if there's a mismatch. This function only
@@ -71,6 +78,19 @@
OPENSSL_EXPORT int CRYPTO_needs_hwcap2_workaround(void);
#endif // OPENSSL_ARM && OPENSSL_LINUX && !OPENSSL_STATIC_ARMCAP
+#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
+// CRYPTO_set_fuzzer_mode, in non-production fuzzer builds, configures a "fuzzer
+// mode" in the library, which disables various signature checks and disables
+// encryption in parts of TLS.
+//
+// By default, fuzzer builds make the PRNG deterministic (and thus unsafe for
+// production), but continue to run cryptographic operations as usual. This
+// allows a fuzzer build of BoringSSL to be used dependency of fuzzer builds of
+// other libraries, without changing in semantics. This function enables further
+// incompatible changes intended for fuzzing BoringSSL itself.
+OPENSSL_EXPORT void CRYPTO_set_fuzzer_mode(int enabled);
+#endif
+
// FIPS monitoring
diff --git a/src/include/openssl/ctrdrbg.h b/src/include/openssl/ctrdrbg.h
index a92c065..6074935 100644
--- a/src/include/openssl/ctrdrbg.h
+++ b/src/include/openssl/ctrdrbg.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_CTRDRBG_H
#define OPENSSL_HEADER_CTRDRBG_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/curve25519.h b/src/include/openssl/curve25519.h
index 0d28966..85a08b8 100644
--- a/src/include/openssl/curve25519.h
+++ b/src/include/openssl/curve25519.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_CURVE25519_H
#define OPENSSL_HEADER_CURVE25519_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/des.h b/src/include/openssl/des.h
index 8f97848..9dbcb8e 100644
--- a/src/include/openssl/des.h
+++ b/src/include/openssl/des.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_DES_H
#define OPENSSL_HEADER_DES_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/dh.h b/src/include/openssl/dh.h
index 5f2c9aa..5b6ec18 100644
--- a/src/include/openssl/dh.h
+++ b/src/include/openssl/dh.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_DH_H
#define OPENSSL_HEADER_DH_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <openssl/thread.h>
diff --git a/src/include/openssl/digest.h b/src/include/openssl/digest.h
index 5ddc2d3..6abab76 100644
--- a/src/include/openssl/digest.h
+++ b/src/include/openssl/digest.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_DIGEST_H
#define OPENSSL_HEADER_DIGEST_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
@@ -166,11 +166,6 @@
// EVP_MD_block_size returns the native block-size of |md|, in bytes.
OPENSSL_EXPORT size_t EVP_MD_block_size(const EVP_MD *md);
-// EVP_MD_FLAG_PKEY_DIGEST indicates that the digest function is used with a
-// specific public key in order to verify signatures. (For example,
-// EVP_dss1.)
-#define EVP_MD_FLAG_PKEY_DIGEST 1
-
// EVP_MD_FLAG_DIGALGID_ABSENT indicates that the parameter type in an X.509
// DigestAlgorithmIdentifier representing this digest function should be
// undefined rather than NULL.
@@ -220,9 +215,26 @@
// EVP_marshal_digest_algorithm marshals |md| as an AlgorithmIdentifier
// structure and appends the result to |cbb|. It returns one on success and zero
-// on error.
+// on error. It sets the parameters field to NULL. Use
+// |EVP_marshal_digest_algorithm_no_params| to omit the parameters instead.
+//
+// In general, the parameters should be omitted for digest algorithms, but the
+// following specifications require a NULL parameter instead.
+//
+// - Hash algorithms and MGF-1 hash algorithms used in RSASSA-PSS and RSAES-OAEP
+// (see RFC 4055, Section 2.1)
+// - The hash algorithm in the DigestInfo structure of RSASSA-PKCS1-v1_5 (see
+// RFC 8017, Appendix A.2.4)
+//
+// Some existing software also uses NULL parameters in other contexts. In
+// practice, digest algorithms are encoded wildly inconsistently.
OPENSSL_EXPORT int EVP_marshal_digest_algorithm(CBB *cbb, const EVP_MD *md);
+// EVP_marshal_digest_algorithm_no_params behaves like
+// |EVP_marshal_digest_algorithm| but omits the parameters field.
+OPENSSL_EXPORT int EVP_marshal_digest_algorithm_no_params(CBB *cbb,
+ const EVP_MD *md);
+
// Deprecated functions.
diff --git a/src/include/openssl/dsa.h b/src/include/openssl/dsa.h
index 9e5b6e2..9b3d20c 100644
--- a/src/include/openssl/dsa.h
+++ b/src/include/openssl/dsa.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_DSA_H
#define OPENSSL_HEADER_DSA_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <openssl/ex_data.h>
diff --git a/src/include/openssl/e_os2.h b/src/include/openssl/e_os2.h
index cebb2fc..06dcc70 100644
--- a/src/include/openssl/e_os2.h
+++ b/src/include/openssl/e_os2.h
@@ -15,4 +15,4 @@
/* This header is provided in order to make compiling against code that expects
OpenSSL easier. */
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
diff --git a/src/include/openssl/ec.h b/src/include/openssl/ec.h
index 4349965..6f1d3d5 100644
--- a/src/include/openssl/ec.h
+++ b/src/include/openssl/ec.h
@@ -16,7 +16,7 @@
#ifndef OPENSSL_HEADER_EC_H
#define OPENSSL_HEADER_EC_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/ec_key.h b/src/include/openssl/ec_key.h
index ac0ac01..1219cf1 100644
--- a/src/include/openssl/ec_key.h
+++ b/src/include/openssl/ec_key.h
@@ -16,7 +16,7 @@
#ifndef OPENSSL_HEADER_EC_KEY_H
#define OPENSSL_HEADER_EC_KEY_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <openssl/ec.h>
#include <openssl/engine.h>
diff --git a/src/include/openssl/ecdh.h b/src/include/openssl/ecdh.h
index 14a26a0..35a99e6 100644
--- a/src/include/openssl/ecdh.h
+++ b/src/include/openssl/ecdh.h
@@ -16,7 +16,7 @@
#ifndef OPENSSL_HEADER_ECDH_H
#define OPENSSL_HEADER_ECDH_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <openssl/ec_key.h>
diff --git a/src/include/openssl/ecdsa.h b/src/include/openssl/ecdsa.h
index 5016c2d..f60f037 100644
--- a/src/include/openssl/ecdsa.h
+++ b/src/include/openssl/ecdsa.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_ECDSA_H
#define OPENSSL_HEADER_ECDSA_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <openssl/ec_key.h>
diff --git a/src/include/openssl/engine.h b/src/include/openssl/engine.h
index 1addd73..6765c28 100644
--- a/src/include/openssl/engine.h
+++ b/src/include/openssl/engine.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_ENGINE_H
#define OPENSSL_HEADER_ENGINE_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/err.h b/src/include/openssl/err.h
index 8d5596d..0263505 100644
--- a/src/include/openssl/err.h
+++ b/src/include/openssl/err.h
@@ -17,7 +17,7 @@
#include <stdio.h>
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
@@ -253,6 +253,7 @@
ERR_LIB_CIPHER,
ERR_LIB_HKDF,
ERR_LIB_TRUST_TOKEN,
+ ERR_LIB_CMS,
ERR_LIB_USER,
ERR_NUM_LIBS
};
diff --git a/src/include/openssl/evp.h b/src/include/openssl/evp.h
index d99803f..eaf041d 100644
--- a/src/include/openssl/evp.h
+++ b/src/include/openssl/evp.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_EVP_H
#define OPENSSL_HEADER_EVP_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <openssl/evp_errors.h> // IWYU pragma: export
#include <openssl/thread.h>
diff --git a/src/include/openssl/ex_data.h b/src/include/openssl/ex_data.h
index 111cb0e..9ce1a93 100644
--- a/src/include/openssl/ex_data.h
+++ b/src/include/openssl/ex_data.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_EX_DATA_H
#define OPENSSL_HEADER_EX_DATA_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <openssl/stack.h>
diff --git a/src/include/openssl/experimental/kyber.h b/src/include/openssl/experimental/kyber.h
index 7a8d631..14ff973 100644
--- a/src/include/openssl/experimental/kyber.h
+++ b/src/include/openssl/experimental/kyber.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_KYBER_H
#define OPENSSL_HEADER_KYBER_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/hkdf.h b/src/include/openssl/hkdf.h
index 246c73e..19663db 100644
--- a/src/include/openssl/hkdf.h
+++ b/src/include/openssl/hkdf.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_HKDF_H
#define OPENSSL_HEADER_HKDF_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/hmac.h b/src/include/openssl/hmac.h
index eab50a35..7f62643 100644
--- a/src/include/openssl/hmac.h
+++ b/src/include/openssl/hmac.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_HMAC_H
#define OPENSSL_HEADER_HMAC_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <openssl/digest.h>
diff --git a/src/include/openssl/hpke.h b/src/include/openssl/hpke.h
index 4502ec8..ca10731 100644
--- a/src/include/openssl/hpke.h
+++ b/src/include/openssl/hpke.h
@@ -12,11 +12,11 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-#ifndef OPENSSL_HEADER_CRYPTO_HPKE_INTERNAL_H
-#define OPENSSL_HEADER_CRYPTO_HPKE_INTERNAL_H
+#ifndef OPENSSL_HEADER_HPKE_H
+#define OPENSSL_HEADER_HPKE_H
#include <openssl/aead.h>
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <openssl/curve25519.h>
#include <openssl/digest.h>
@@ -406,4 +406,4 @@
} // extern C++
#endif
-#endif // OPENSSL_HEADER_CRYPTO_HPKE_INTERNAL_H
+#endif // OPENSSL_HEADER_HPKE_H
diff --git a/src/include/openssl/hrss.h b/src/include/openssl/hrss.h
index 974a130..2a24dff 100644
--- a/src/include/openssl/hrss.h
+++ b/src/include/openssl/hrss.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_HRSS_H
#define OPENSSL_HEADER_HRSS_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/kdf.h b/src/include/openssl/kdf.h
index 9a25a5f..29daa6a 100644
--- a/src/include/openssl/kdf.h
+++ b/src/include/openssl/kdf.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_KDF_H
#define OPENSSL_HEADER_KDF_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/lhash.h b/src/include/openssl/lhash.h
index 4f816fa..6b305ac 100644
--- a/src/include/openssl/lhash.h
+++ b/src/include/openssl/lhash.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_LHASH_H
#define OPENSSL_HEADER_LHASH_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/md4.h b/src/include/openssl/md4.h
index b5ebae1..dc45b67 100644
--- a/src/include/openssl/md4.h
+++ b/src/include/openssl/md4.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_MD4_H
#define OPENSSL_HEADER_MD4_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/md5.h b/src/include/openssl/md5.h
index 2c7e253..1e7d519 100644
--- a/src/include/openssl/md5.h
+++ b/src/include/openssl/md5.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_MD5_H
#define OPENSSL_HEADER_MD5_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/mem.h b/src/include/openssl/mem.h
index 456876b..e0ac688 100644
--- a/src/include/openssl/mem.h
+++ b/src/include/openssl/mem.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_MEM_H
#define OPENSSL_HEADER_MEM_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <stdlib.h>
#include <stdarg.h>
diff --git a/src/include/openssl/mldsa.h b/src/include/openssl/mldsa.h
index 0c1db20..cc0f850 100644
--- a/src/include/openssl/mldsa.h
+++ b/src/include/openssl/mldsa.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_MLDSA_H_
#define OPENSSL_HEADER_MLDSA_H_
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/mlkem.h b/src/include/openssl/mlkem.h
index b9b3366..56edc16 100644
--- a/src/include/openssl/mlkem.h
+++ b/src/include/openssl/mlkem.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_MLKEM_H
#define OPENSSL_HEADER_MLKEM_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/nid.h b/src/include/openssl/nid.h
index bf5536d..88a3e2a 100644
--- a/src/include/openssl/nid.h
+++ b/src/include/openssl/nid.h
@@ -17,7 +17,7 @@
#ifndef OPENSSL_HEADER_NID_H
#define OPENSSL_HEADER_NID_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/obj.h b/src/include/openssl/obj.h
index 67e3e9a..b3fabca 100644
--- a/src/include/openssl/obj.h
+++ b/src/include/openssl/obj.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_OBJ_H
#define OPENSSL_HEADER_OBJ_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <openssl/bytestring.h>
#include <openssl/nid.h> // IWYU pragma: export
diff --git a/src/include/openssl/obj_mac.h b/src/include/openssl/obj_mac.h
index 2fdac44..d70048c 100644
--- a/src/include/openssl/obj_mac.h
+++ b/src/include/openssl/obj_mac.h
@@ -15,4 +15,4 @@
/* This header is provided in order to make compiling against code that expects
OpenSSL easier. */
-#include "nid.h"
+#include "nid.h" // IWYU pragma: export
diff --git a/src/include/openssl/opensslconf.h b/src/include/openssl/opensslconf.h
index d06f7d0..7249fdc 100644
--- a/src/include/openssl/opensslconf.h
+++ b/src/include/openssl/opensslconf.h
@@ -12,13 +12,13 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-/* This header is provided in order to make compiling against code that expects
- OpenSSL easier. */
+// This header is provided in order to make compiling against code that expects
+// OpenSSL easier.
#ifndef OPENSSL_HEADER_OPENSSLCONF_H
#define OPENSSL_HEADER_OPENSSLCONF_H
-/* Keep in sync with the list in rust/bssl-sys/build.rs */
+// Keep in sync with the list in rust/bssl-sys/build.rs.
#define OPENSSL_NO_ASYNC
#define OPENSSL_NO_BF
@@ -27,7 +27,6 @@
#define OPENSSL_NO_CAMELLIA
#define OPENSSL_NO_CAPIENG
#define OPENSSL_NO_CAST
-#define OPENSSL_NO_CMS
#define OPENSSL_NO_COMP
#define OPENSSL_NO_CT
#define OPENSSL_NO_DANE
@@ -68,5 +67,12 @@
#define OPENSSL_NO_STORE
#define OPENSSL_NO_WHIRLPOOL
+// We do not implement OpenSSL's CMS API, except for a tiny subset. Projects
+// targeting the tiny subset can define BORINGSSL_NO_NO_CMS to suppress
+// OPENSSL_NO_CMS, to make it easier to compile code that expects OpenSSL. This
+// option does not change what APIs are exposed by BoringSSL, only this macro.
+#if !defined(BORINGSSL_NO_NO_CMS)
+#define OPENSSL_NO_CMS
+#endif
#endif // OPENSSL_HEADER_OPENSSLCONF_H
diff --git a/src/include/openssl/pkcs7.h b/src/include/openssl/pkcs7.h
index ea18c65..9990580 100644
--- a/src/include/openssl/pkcs7.h
+++ b/src/include/openssl/pkcs7.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_PKCS7_H
#define OPENSSL_HEADER_PKCS7_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <openssl/stack.h>
diff --git a/src/include/openssl/pkcs8.h b/src/include/openssl/pkcs8.h
index 173ff96..8693566 100644
--- a/src/include/openssl/pkcs8.h
+++ b/src/include/openssl/pkcs8.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_PKCS8_H
#define OPENSSL_HEADER_PKCS8_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <openssl/x509.h>
@@ -174,11 +174,24 @@
// |NID_pbe_WithSHA1And40BitRC2_CBC|, |PKCS12_DEFAULT_ITER|, and one,
// respectively.
//
-// |key_nid| or |cert_nid| may also be -1 to disable encryption of the key or
-// certificate, respectively. This option is not recommended and is only
-// implemented for compatibility with external packages. Note the output still
-// requires a password for the MAC. Unencrypted keys in PKCS#12 are also not
-// widely supported and may not open in other implementations.
+// |key_nid| and |cert_nid| are then interpreted as follows:
+//
+// * If the NID is a cipher that is supported with PBES2, e.g.
+// |NID_aes_256_cbc|, this function will use it with PBES2 and a default KDF
+// (currently PBKDF2 with HMAC-SHA1). There is no way to specify the KDF in
+// this function.
+//
+// * If the NID is a PBES1 suite, e.g. |NID_pbe_WithSHA1And3_Key_TripleDES_CBC|,
+// this function will use the specified suite.
+//
+// * If the NID is -1, this function will disable encryption for the key or
+// certificate. This option is not recommended and is only implemented for
+// compatibility with external packages. Note the output still requires a
+// password for the MAC. Unencrypted keys in PKCS#12 are also not widely
+// supported and may not open in other implementations.
+//
+// WARNING: This differs from other functions in this module, which use a pair
+// of NID and |EVP_CIPHER| parameters to pick between PBES1 and PBES2 schemes.
//
// If |cert| or |chain| have associated aliases (see |X509_alias_set1|), they
// will be included in the output as friendlyName attributes (RFC 2985). It is
diff --git a/src/include/openssl/pki/certificate.h b/src/include/openssl/pki/certificate.h
index a7ef188..3eeeeef 100644
--- a/src/include/openssl/pki/certificate.h
+++ b/src/include/openssl/pki/certificate.h
@@ -19,7 +19,7 @@
#include <string>
#include <string_view>
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <openssl/span.h>
BSSL_NAMESPACE_BEGIN
diff --git a/src/include/openssl/pki/ocsp.h b/src/include/openssl/pki/ocsp.h
index 4500804..e3f55f9 100644
--- a/src/include/openssl/pki/ocsp.h
+++ b/src/include/openssl/pki/ocsp.h
@@ -15,7 +15,7 @@
#if !defined(OPENSSL_HEADER_BSSL_PKI_OCSP_H_) && defined(__cplusplus)
#define OPENSSL_HEADER_BSSL_PKI_OCSP_H_
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <string_view>
#include <optional>
diff --git a/src/include/openssl/pki/signature_verify_cache.h b/src/include/openssl/pki/signature_verify_cache.h
index a31450d..1bc49ec 100644
--- a/src/include/openssl/pki/signature_verify_cache.h
+++ b/src/include/openssl/pki/signature_verify_cache.h
@@ -15,7 +15,7 @@
#if !defined(BSSL_PKI_SIGNATURE_VERIFY_CACHE_H_) && defined(__cplusplus)
#define BSSL_PKI_SIGNATURE_VERIFY_CACHE_H_
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <string>
BSSL_NAMESPACE_BEGIN
diff --git a/src/include/openssl/pki/verify.h b/src/include/openssl/pki/verify.h
index 06ca1af..d22f693 100644
--- a/src/include/openssl/pki/verify.h
+++ b/src/include/openssl/pki/verify.h
@@ -72,6 +72,9 @@
CLIENT_AUTH_STRICT,
SERVER_AUTH_STRICT_LEAF,
CLIENT_AUTH_STRICT_LEAF,
+ RCS_MLS_CLIENT_AUTH,
+ C2PA_TIMESTAMPING,
+ C2PA_MANIFEST
};
CertificateVerifyOptions();
diff --git a/src/include/openssl/pki/verify_error.h b/src/include/openssl/pki/verify_error.h
index 34cd2bb..22c219d 100644
--- a/src/include/openssl/pki/verify_error.h
+++ b/src/include/openssl/pki/verify_error.h
@@ -15,7 +15,7 @@
#if !defined(OPENSSL_HEADER_BSSL_PKI_VERIFY_ERROR_H_) && defined(__cplusplus)
#define OPENSSL_HEADER_BSSL_PKI_VERIFY_ERROR_H_
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <string>
diff --git a/src/include/openssl/poly1305.h b/src/include/openssl/poly1305.h
index 196427d..0688d36 100644
--- a/src/include/openssl/poly1305.h
+++ b/src/include/openssl/poly1305.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_POLY1305_H
#define OPENSSL_HEADER_POLY1305_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#ifdef __cplusplus
extern "C" {
diff --git a/src/include/openssl/pool.h b/src/include/openssl/pool.h
index e739ffe..25ac469 100644
--- a/src/include/openssl/pool.h
+++ b/src/include/openssl/pool.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_POOL_H
#define OPENSSL_HEADER_POOL_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <openssl/stack.h>
diff --git a/src/include/openssl/posix_time.h b/src/include/openssl/posix_time.h
index e185adf..b9e0a77 100644
--- a/src/include/openssl/posix_time.h
+++ b/src/include/openssl/posix_time.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_POSIX_TIME_H
#define OPENSSL_HEADER_POSIX_TIME_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <time.h>
diff --git a/src/include/openssl/rand.h b/src/include/openssl/rand.h
index 50cb9ae..1cea36d 100644
--- a/src/include/openssl/rand.h
+++ b/src/include/openssl/rand.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_RAND_H
#define OPENSSL_HEADER_RAND_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
@@ -59,7 +59,7 @@
OPENSSL_EXPORT void RAND_disable_fork_unsafe_buffering(void);
#endif
-#if defined(BORINGSSL_UNSAFE_DETERMINISTIC_MODE)
+#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
// RAND_reset_for_fuzzing resets the fuzzer-only deterministic RNG. This
// function is only defined in the fuzzer-only build configuration.
OPENSSL_EXPORT void RAND_reset_for_fuzzing(void);
diff --git a/src/include/openssl/rc4.h b/src/include/openssl/rc4.h
index 3954625..520c3a6 100644
--- a/src/include/openssl/rc4.h
+++ b/src/include/openssl/rc4.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_RC4_H
#define OPENSSL_HEADER_RC4_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/ripemd.h b/src/include/openssl/ripemd.h
index 6dd1b14..cb23918 100644
--- a/src/include/openssl/ripemd.h
+++ b/src/include/openssl/ripemd.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_RIPEMD_H
#define OPENSSL_HEADER_RIPEMD_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#ifdef __cplusplus
extern "C" {
diff --git a/src/include/openssl/rsa.h b/src/include/openssl/rsa.h
index f090927..c3395b0 100644
--- a/src/include/openssl/rsa.h
+++ b/src/include/openssl/rsa.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_RSA_H
#define OPENSSL_HEADER_RSA_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <openssl/engine.h>
#include <openssl/ex_data.h>
@@ -71,7 +71,7 @@
// OPENSSL_RSA_MAX_MODULUS_BITS is the maximum supported RSA modulus, in bits.
//
-// TODO(davidben): Reduce this to 8192.
+// TODO(crbug.com/402677800): Reduce this to 8192.
#define OPENSSL_RSA_MAX_MODULUS_BITS 16384
// RSA_bits returns the size of |rsa|, in bits.
diff --git a/src/include/openssl/service_indicator.h b/src/include/openssl/service_indicator.h
index e942f8b..f866b40 100644
--- a/src/include/openssl/service_indicator.h
+++ b/src/include/openssl/service_indicator.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_SERVICE_INDICATOR_H
#define OPENSSL_HEADER_SERVICE_INDICATOR_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/sha.h b/src/include/openssl/sha.h
index cc9bcf7..8fe7af8 100644
--- a/src/include/openssl/sha.h
+++ b/src/include/openssl/sha.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_SHA_H
#define OPENSSL_HEADER_SHA_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <openssl/bcm_public.h> // IWYU pragma: export
#if defined(__cplusplus)
diff --git a/src/include/openssl/siphash.h b/src/include/openssl/siphash.h
index 3a5709b..51b0c81 100644
--- a/src/include/openssl/siphash.h
+++ b/src/include/openssl/siphash.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_SIPHASH_H
#define OPENSSL_HEADER_SIPHASH_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/slhdsa.h b/src/include/openssl/slhdsa.h
index d6aa5b8..e68d741 100644
--- a/src/include/openssl/slhdsa.h
+++ b/src/include/openssl/slhdsa.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_SLHDSA_H
#define OPENSSL_HEADER_SLHDSA_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/span.h b/src/include/openssl/span.h
index 4d7e791..440b657 100644
--- a/src/include/openssl/span.h
+++ b/src/include/openssl/span.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_SSL_SPAN_H
#define OPENSSL_HEADER_SSL_SPAN_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if !defined(BORINGSSL_NO_CXX)
diff --git a/src/include/openssl/ssl.h b/src/include/openssl/ssl.h
index b9bf7ea..f017a03 100644
--- a/src/include/openssl/ssl.h
+++ b/src/include/openssl/ssl.h
@@ -17,7 +17,7 @@
#ifndef OPENSSL_HEADER_SSL_H
#define OPENSSL_HEADER_SSL_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <openssl/bio.h>
#include <openssl/buf.h>
@@ -774,8 +774,6 @@
// - Whether the peer supports the signature algorithms in the certificate chain
// - Whether the a server certificate is compatible with the server_name
// extension (SNI)
-// - Whether the peer supports the certificate authority that issued the
-// certificate
//
// Credentials may be configured before the handshake or dynamically in the
// early callback (see |SSL_CTX_set_select_certificate_cb|) and certificate
@@ -829,6 +827,26 @@
OPENSSL_EXPORT int SSL_CREDENTIAL_set1_ocsp_response(SSL_CREDENTIAL *cred,
CRYPTO_BUFFER *ocsp);
+// SSL_CREDENTIAL_set1_certificate_properties parses
+// |certificate_property_list| as a CertificatePropertyList (see Section 6 of
+// draft-ietf-tls-trust-anchor-ids-00) and applies recognized properties to
+// |cred|. It returns one on success and zero on error. It is an error if
+// |certificate_property_list| does not parse correctly, or if any recognized
+// properties from |certificate_property_list| cannot be applied to |cred|.
+//
+// CertificatePropertyList is an extensible structure which allows serving
+// properties of a certificate chain to be passed from a CA, through an
+// application's issuance and configuration pipeline, and to the TLS serving
+// logic, without requiring application changes for each property defined.
+//
+// BoringSSL currently supports the following properties:
+// * trust_anchor_identifier (see |SSL_CREDENTIAL_set1_trust_anchor_id|)
+//
+// Note this function does not automatically enable issuer matching. Callers
+// must separately call |SSL_CREDENTIAL_set_must_match_issuer| if desired.
+OPENSSL_EXPORT int SSL_CREDENTIAL_set1_certificate_properties(
+ SSL_CREDENTIAL *cred, CRYPTO_BUFFER *cert_property_list);
+
// SSL_CREDENTIAL_set1_signed_cert_timestamp_list sets |cred|'s list of signed
// certificate timestamps |sct_list|. |sct_list| must contain one or more SCT
// structures serialised as a SignedCertificateTimestampList (see
@@ -839,6 +857,27 @@
OPENSSL_EXPORT int SSL_CREDENTIAL_set1_signed_cert_timestamp_list(
SSL_CREDENTIAL *cred, CRYPTO_BUFFER *sct_list);
+// SSL_CREDENTIAL_set_must_match_issuer configures whether |cred| should check
+// if the peer supports the certificate chain's issuer.
+//
+// If |match| is non-zero, |cred| will only be applicable when the certificate
+// chain is issued by some CA requested by the peer in the
+// certificate_authorities extension or, if |cred| has a trust anchor ID (see
+// |SSL_CREDENTIAL_set1_trust_anchor_id|), the trust_anchors extension. |cred|'s
+// certificate chain must then be a correctly ordered certification path.
+//
+// If |match| is zero (default), |cred| will not be conditioned on the peer's
+// requested CAs. This can be used for certificate chains that are assumed to be
+// usable by most peers.
+//
+// This setting can be used for certificate chains that may not be usable by all
+// peers, e.g. chains with fewer cross-signs or issued from a newer CA. The
+// credential list is tried in order, so more specific credentials that enable
+// issuer matching should generally be ordered before less specific credentials
+// that do not.
+OPENSSL_EXPORT void SSL_CREDENTIAL_set_must_match_issuer(SSL_CREDENTIAL *cred,
+ int match);
+
// SSL_CTX_add1_credential appends |cred| to |ctx|'s credential list. It returns
// one on success and zero on error. The credential list is maintained in order
// of decreasing preference, so earlier calls are preferred over later calls.
@@ -1400,24 +1439,6 @@
OPENSSL_EXPORT int SSL_CREDENTIAL_set_private_key_method(
SSL_CREDENTIAL *cred, const SSL_PRIVATE_KEY_METHOD *key_method);
-// SSL_CREDENTIAL_set_must_match_issuer sets the flag that this credential
-// should be considered only when it matches a peer request for a particular
-// issuer via a negotiation mechanism (such as the certificate_authorities
-// extension).
-OPENSSL_EXPORT void SSL_CREDENTIAL_set_must_match_issuer(SSL_CREDENTIAL *cred);
-
-// SSL_CREDENTIAL_clear_must_match_issuer clears the flag requiring issuer
-// matching, indicating this credential should be considered regardless of peer
-// issuer matching requests. (This is the default).
-OPENSSL_EXPORT void SSL_CREDENTIAL_clear_must_match_issuer(
- SSL_CREDENTIAL *cred);
-
-// SSL_CREDENTIAL_must_match_issuer returns the value of the flag indicating
-// that this credential should be considered only when it matches a peer request
-// for a particular issuer via a negotiation mechanism (such as the
-// certificate_authorities extension).
-OPENSSL_EXPORT int SSL_CREDENTIAL_must_match_issuer(const SSL_CREDENTIAL *cred);
-
// SSL_can_release_private_key returns one if |ssl| will no longer call into the
// private key and zero otherwise. If the function returns one, the caller can
// release state associated with the private key.
@@ -1802,13 +1823,21 @@
// SSL_export_keying_material exports a connection-specific secret from |ssl|,
// as specified in RFC 5705. It writes |out_len| bytes to |out| given a label
// and optional context. If |use_context| is zero, the |context| parameter is
-// ignored. Prior to TLS 1.3, using a zero-length context and using no context
-// would give different output.
+// ignored.
+//
+// To derive the same value, both sides of a connection must use the same output
+// length, label, and context. In TLS 1.2 and earlier, using a zero-length
+// context and using no context would give different output. In TLS 1.3 and
+// later, the output length impacts the derivation, so a truncated longer export
+// will not match a shorter export.
//
// It returns one on success and zero otherwise.
-OPENSSL_EXPORT int SSL_export_keying_material(
- SSL *ssl, uint8_t *out, size_t out_len, const char *label, size_t label_len,
- const uint8_t *context, size_t context_len, int use_context);
+OPENSSL_EXPORT int SSL_export_keying_material(const SSL *ssl, uint8_t *out,
+ size_t out_len, const char *label,
+ size_t label_len,
+ const uint8_t *context,
+ size_t context_len,
+ int use_context);
// Sessions.
@@ -2034,6 +2063,12 @@
const uint8_t **out_ptr,
size_t *out_len);
+// SSL_SESSION_is_resumable_across_names returns one if |session| may be resumed
+// with any identity in the server certificate and zero otherwise. See
+// draft-ietf-tls-cross-sni-resumption.
+OPENSSL_EXPORT int SSL_SESSION_is_resumable_across_names(
+ const SSL_SESSION *session);
+
// Session caching.
//
@@ -2283,6 +2318,32 @@
// when the lookup has completed.
OPENSSL_EXPORT SSL_SESSION *SSL_magic_pending_session_ptr(void);
+// SSL_CTX_set_resumption_across_names_enabled configures whether |ctx|, as a
+// TLS 1.3 server, signals its sessions are compatible with any identity in the
+// server certificate, e.g. all DNS names in the subjectAlternateNames list.
+// This does not change BoringSSL's resumption behavior, only whether it signals
+// this to the client. See draft-ietf-tls-cross-sni-resumption.
+//
+// When this is enabled, all identities in the server certificate should by
+// hosted by servers that accept TLS 1.3 tickets issued by |ctx|. The connection
+// will otherwise function, but performance may suffer from clients wasting
+// single-use tickets.
+OPENSSL_EXPORT void SSL_CTX_set_resumption_across_names_enabled(SSL_CTX *ctx,
+ int enabled);
+
+// SSL_set_resumption_across_names_enabled configures whether |ssl|, as a
+// TLS 1.3 server, signals its sessions are compatible with any identity in the
+// server certificate, e.g. all DNS names in the subjectAlternateNames list.
+// This does not change BoringSSL's resumption behavior, only whether it signals
+// this to the client. See draft-ietf-tls-cross-sni-resumption.
+//
+// When this is enabled, all identities in the server certificate should by
+// hosted by servers that accept TLS 1.3 tickets issued by |ssl|. The connection
+// will otherwise function, but performance may suffer from clients wasting
+// single-use tickets.
+OPENSSL_EXPORT void SSL_set_resumption_across_names_enabled(SSL *ssl,
+ int enabled);
+
// Session tickets.
//
@@ -2580,10 +2641,6 @@
// with |SSL_VERIFY_PEER|, otherwise it won't work.
#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
-// SSL_VERIFY_PEER_IF_NO_OBC configures a server to request a client certificate
-// if and only if Channel ID is not negotiated.
-#define SSL_VERIFY_PEER_IF_NO_OBC 0x04
-
// SSL_CTX_set_verify configures certificate verification behavior. |mode| is
// one of the |SSL_VERIFY_*| values defined above. |callback| should be NULL.
//
@@ -2887,11 +2944,16 @@
size_t num_prefs);
-// Client certificate CA list.
+// Certificate authorities.
//
-// When requesting a client certificate, a server may advertise a list of
-// certificate authorities which are accepted. These functions may be used to
-// configure this list.
+// TLS implementations can send a list of supported certificate authorities to
+// guide the peer in selecting a certificate. This was originally defined for
+// servers requesting client certificates, but TLS 1.3 generalized it to server
+// certificates with the certificate_authorities extension.
+//
+// The following functions can be used to configure and query this list. They do
+// not directly impact certificate verification, only the list of certificate
+// authorities sent to the peer.
// SSL_set_client_CA_list sets |ssl|'s client certificate CA list to
// |name_list|. It takes ownership of |name_list|.
@@ -2976,6 +3038,95 @@
BIO *bio);
+// Trust Anchor Identifiers.
+//
+// The trust_anchors extension, like certificate_authorities, allows clients to
+// communicate supported CAs to guide server certificate selection, or vice
+// versa. It better supports larger PKIs by referring to CAs by short "trust
+// anchor IDs" and, in the server certificate direction, allowing a client to
+// advertise only a subset of its full list, with DNS hinting and a retry
+// mechanism to manage the subset.
+//
+// See https://datatracker.ietf.org/doc/draft-ietf-tls-trust-anchor-ids/
+//
+// BoringSSL currently only implements this for server certificates, and not yet
+// client certificates.
+
+// SSL_CREDENTIAL_set1_trust_anchor_id sets |cred|'s trust anchor ID to |id|, or
+// clears it if |id_len| is zero. It returns one on success and zero on
+// error. If not clearing, |id| must be in binary format (Section 3 of
+// draft-ietf-tls-trust-anchor-ids-00) of length |id_len|, and describe the
+// issuer of the final certificate in |cred|'s certificate chain.
+//
+// Additionally, |cred| must enable issuer matching (see
+// SSL_CREDENTIAL_set_must_match_issuer|) for this value to take effect.
+//
+// For better extensibility, callers are recommended to configure this
+// information with a CertificatePropertyList instead. See
+// |SSL_CREDENTIAL_set1_certificate_properties|.
+OPENSSL_EXPORT int SSL_CREDENTIAL_set1_trust_anchor_id(SSL_CREDENTIAL *cred,
+ const uint8_t *id,
+ size_t id_len);
+
+// SSL_CTX_set1_requested_trust_anchors configures |ctx| to request a
+// certificate issued by one of the trust anchors in |ids|. It returns one on
+// success and zero on error. |ids| must be a list of trust anchor IDs in
+// wire-format (a series of non-empty, 8-bit length-prefixed strings).
+//
+// The list may describe application's full list of supported trust anchors, or
+// a, possibly empty, subset. Applications can select this subset using
+// out-of-band information, such as the DNS hint in Section 5 of
+// draft-ietf-tls-trust-anchor-ids-00. Client applications sending a subset
+// should use |SSL_get0_peer_available_trust_anchors| to implement the retry
+// flow from Section 4.3 of draft-ietf-tls-trust-anchor-ids-00.
+//
+// If empty (|ids_len| is zero), the trust_anchors extension will still be sent
+// in ClientHello. This may be used by a client application to signal support
+// for the retry flow without requesting specific trust anchors.
+//
+// This function does not directly impact certificate verification, only the
+// list of trust anchors sent to the peer.
+OPENSSL_EXPORT int SSL_CTX_set1_requested_trust_anchors(SSL_CTX *ctx,
+ const uint8_t *ids,
+ size_t ids_len);
+
+// SSL_set1_requested_trust_anchors behaves like
+// |SSL_CTX_set1_requested_trust_anchors| but configures the value on |ssl|.
+OPENSSL_EXPORT int SSL_set1_requested_trust_anchors(SSL *ssl,
+ const uint8_t *ids,
+ size_t ids_len);
+
+// SSL_peer_matched_trust_anchor returns one if the peer reported that its
+// certificate chain matched one of the trust anchor IDs requested by |ssl|, and
+// zero otherwise.
+//
+// This value is only available during the handshake and is expected to be
+// called during certificate verification, e.g. during |SSL_set_custom_verify|
+// or |SSL_CTX_set_cert_verify_callback| callbacks. If the value is one, callers
+// can safely treat the peer's certificate chain as a pre-built path and skip
+// path-building in certificate verification.
+OPENSSL_EXPORT int SSL_peer_matched_trust_anchor(const SSL *ssl);
+
+// SSL_get0_peer_available_trust_anchors gets the peer's available trust anchor
+// IDs. It sets |*out| and |*out_len| so that |*out| points to |*out_len| bytes
+// containing the list in wire format (i.e. a series of non-empty
+// 8-bit-length-prefixed strings). If the peer did not provide a list, the
+// function will output zero bytes. Only servers can provide available trust
+// anchor IDs, so this API will only output a list when |ssl| is a client.
+//
+// This value is only available during the handshake and is expected to be
+// called in the event of certificate verification failure. Client applications
+// can use it to retry the connection, requesting different trust anchors. See
+// Section 4.3 of draft-ietf-tls-trust-anchor-ids-00 for details.
+// |CBS_get_u8_length_prefixed| may be used to iterate over the format.
+//
+// If needed in other contexts, callers may save the value during certificate
+// verification, or at |SSL_CB_HANDSHAKE_DONE| with |SSL_CTX_set_info_callback|.
+OPENSSL_EXPORT void SSL_get0_peer_available_trust_anchors(const SSL *ssl,
+ const uint8_t **out,
+ size_t *out_len);
+
+
// Server name indication.
//
// The server_name extension (RFC 3546) allows the client to advertise the name
@@ -3611,7 +3762,7 @@
// WARNING: |rate_limit| differs from the client's |error_limit| parameter.
// Server PAKE credentials must temporarily deduct incomplete handshakes from
// the limit, until the peer completes the handshake correctly. Thus
-// applications use that multiple connections in parallel may need a higher
+// applications that use multiple connections in parallel may need a higher
// limit, and thus higher attacker exposure, to avoid failures. Such
// applications should instead use one PAKE-based connection to established a
// high-entropy secret (e.g. with |SSL_export_keying_material|) instead of
@@ -4331,20 +4482,118 @@
size_t out_len);
// SSL_get_read_sequence returns, in TLS, the expected sequence number of the
-// next incoming record in the current epoch. In DTLS, it returns the maximum
-// sequence number received in the current epoch and includes the epoch number
-// in the two most significant bytes.
+// next incoming record in the current epoch.
+//
+// TODO(crbug.com/42290608): In DTLS, it returns the maximum sequence number
+// received in the current epoch (for some notion of "current" specific to
+// BoringSSL) and includes the epoch number in the two most significant bytes,
+// but this is deprecated. Use |SSL_get_dtls_read_sequence| instead.
OPENSSL_EXPORT uint64_t SSL_get_read_sequence(const SSL *ssl);
// SSL_get_write_sequence returns the sequence number of the next outgoing
-// record in the current epoch. In DTLS, it includes the epoch number in the
-// two most significant bytes.
+// record in the current epoch.
+//
+// TODO(crbug.com/42290608): In DTLS, it includes the epoch number in the two
+// most significant bytes, but this is deprecated. Use
+// |SSL_get_dtls_write_sequence| instead.
OPENSSL_EXPORT uint64_t SSL_get_write_sequence(const SSL *ssl);
// SSL_CTX_set_record_protocol_version returns whether |version| is zero.
OPENSSL_EXPORT int SSL_CTX_set_record_protocol_version(SSL_CTX *ctx,
int version);
+// SSL_is_dtls_handshake_idle returns one |ssl|'s handshake is idle and zero if
+// it is busy. The handshake is considered idle if all of the following are
+// true:
+//
+// - |ssl| is not mid handshake or post-handshake transaction.
+// - In DTLS 1.3, all sent handshake messages have been acknowledged. That is,
+// |ssl| does not have data to retransmit.
+// - All received handshake data has been processed. That is, |ssl| has no
+// buffered partial or out-of-order messages.
+//
+// If any condition is false, the handshake is considered busy. If this function
+// reports the handshake is busy, it is expected that the handshake will become
+// idle after short timers and a few roundtrips of successful communication.
+// However, this is not guaranteed if, e.g., the peer misbehaves or sends many
+// KeyUpdates.
+//
+// WARNING: In DTLS 1.3, this function may return one while multiple active read
+// epochs exist in |ssl|.
+//
+// WARNING: In DTLS 1.2 (or earlier), if |ssl| is the role that speaks last, it
+// retains its final flight for retransmission in case of loss. There is no
+// explicit protocol signal for when this completes, though after receiving
+// application data and/or a timeout it is likely that this is no longer needed.
+// BoringSSL does not currently evaluate either condition and leaves it it to
+// the caller to determine whether this is now unnecessary. This applies when
+// |ssl| is a server for full handshakes and when |ssl| is a client for full
+// handshakes.
+OPENSSL_EXPORT int SSL_is_dtls_handshake_idle(const SSL *ssl);
+
+// SSL_get_dtls_handshake_read_seq returns the 16-bit sequence number of the
+// next DTLS handshake message to be read, or 0x10000 if handshake message
+// 0xffff (the maximum) has already been read.
+OPENSSL_EXPORT uint32_t SSL_get_dtls_handshake_read_seq(const SSL *ssl);
+
+// SSL_get_dtls_handshake_write_seq returns the 16-bit sequence number of the
+// next DTLS handshake message to be written or 0x10000 if handshake message
+// 0xffff (the maximum) has already been written.
+OPENSSL_EXPORT uint32_t SSL_get_dtls_handshake_write_seq(const SSL *ssl);
+
+// SSL_get_dtls_read_epoch returns the highest available DTLS read epoch in
+// |ssl|. In DTLS 1.3, |ssl| may have earlier epochs also active, sometimes to
+// optionally improve handling of reordered packets and sometimes as an
+// important part of the protocol correctness in the face of packet loss.
+//
+// The failure conditions of |SSL_get_dtls_read_traffic_secret| and
+// |SSL_get_dtls_read_sequence| can be used to determine if past epochs are
+// active.
+OPENSSL_EXPORT uint16_t SSL_get_dtls_read_epoch(const SSL *ssl);
+
+// SSL_get_dtls_write_epoch returns the current DTLS write epoch. If the
+// handshake is idle (see |SSL_is_dtls_handshake_idle|), no other write epochs
+// will be active.
+OPENSSL_EXPORT uint16_t SSL_get_dtls_write_epoch(const SSL *ssl);
+
+// SSL_get_dtls_read_sequence returns one more than the sequence number of the
+// highest record received in |epoch|. If no records have been received in
+// |epoch|. If the epoch does not exist, it returns |UINT64_MAX|.
+//
+// It is safe to discard all sequence numbers less than the return value of this
+// function. The sequence numbers returned by this function do not include the
+// epoch number in the upper 16 bits.
+OPENSSL_EXPORT uint64_t SSL_get_dtls_read_sequence(const SSL *ssl,
+ uint16_t epoch);
+
+// SSL_get_dtls_write_sequence returns the sequence number of the next record to
+// be sent in |epoch|. If the epoch does not exist, it returns |UINT64_MAX|.
+//
+// The sequence numbers returned by this function do not include the epoch
+// number in the upper 16 bits.
+OPENSSL_EXPORT uint64_t SSL_get_dtls_write_sequence(const SSL *ssl,
+ uint16_t epoch);
+
+// SSL_get_dtls_read_traffic_secret looks up the traffic secret for read epoch
+// |epoch|. If the epoch exists and is an encrypted (not epoch zero) DTLS 1.3
+// epoch, it sets |*out_data| and |*out_len| to a buffer containing the secrets
+// and returns one. Otherwise, it returns zero. The buffer is valid until the
+// next operation on |ssl|.
+OPENSSL_EXPORT int SSL_get_dtls_read_traffic_secret(const SSL *ssl,
+ const uint8_t **out_data,
+ size_t *out_len,
+ uint16_t epoch);
+
+// SSL_get_dtls_write_traffic_secret looks up the traffic secret for write epoch
+// |epoch|. If the epoch exists and is an encrypted (not epoch zero) DTLS 1.3
+// epoch, it sets |*out_data| and |*out_len| to a buffer containing the secrets
+// and returns one. Otherwise, it returns zero. The buffer is valid until the
+// next operation on |ssl|.
+OPENSSL_EXPORT int SSL_get_dtls_write_traffic_secret(const SSL *ssl,
+ const uint8_t **out_data,
+ size_t *out_len,
+ uint16_t epoch);
+
// Handshake hints.
//
@@ -6210,6 +6459,8 @@
#define SSL_R_PAKE_EXHAUSTED 325
#define SSL_R_PEER_PAKE_MISMATCH 326
#define SSL_R_UNSUPPORTED_CREDENTIAL_LIST 327
+#define SSL_R_INVALID_TRUST_ANCHOR_LIST 328
+#define SSL_R_INVALID_CERTIFICATE_PROPERTY_LIST 329
#define SSL_R_SSLV3_ALERT_CLOSE_NOTIFY 1000
#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
diff --git a/src/include/openssl/stack.h b/src/include/openssl/stack.h
index bdbf642..2332a5a 100644
--- a/src/include/openssl/stack.h
+++ b/src/include/openssl/stack.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_STACK_H
#define OPENSSL_HEADER_STACK_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/target.h b/src/include/openssl/target.h
index 147ab31..8d4763d 100644
--- a/src/include/openssl/target.h
+++ b/src/include/openssl/target.h
@@ -192,11 +192,6 @@
#define OPENSSL_THREADS
#endif
-#if defined(BORINGSSL_UNSAFE_FUZZER_MODE) && \
- !defined(BORINGSSL_UNSAFE_DETERMINISTIC_MODE)
-#define BORINGSSL_UNSAFE_DETERMINISTIC_MODE
-#endif
-
#if defined(__has_feature)
#if __has_feature(address_sanitizer)
#define OPENSSL_ASAN
diff --git a/src/include/openssl/thread.h b/src/include/openssl/thread.h
index 5aac953..26a29ca 100644
--- a/src/include/openssl/thread.h
+++ b/src/include/openssl/thread.h
@@ -17,7 +17,7 @@
#include <sys/types.h>
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/tls1.h b/src/include/openssl/tls1.h
index 7705e9c..dde04dd 100644
--- a/src/include/openssl/tls1.h
+++ b/src/include/openssl/tls1.h
@@ -17,7 +17,7 @@
#ifndef OPENSSL_HEADER_TLS1_H
#define OPENSSL_HEADER_TLS1_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#ifdef __cplusplus
extern "C" {
@@ -132,6 +132,14 @@
// This is not an IANA defined extension number
#define TLSEXT_TYPE_channel_id 30032
+// This is not an IANA defined extension number
+// TODO(crbug.com/398275713): Replace with the final codepoint once
+// standardization completes.
+#define TLSEXT_TYPE_trust_anchors 0xca34
+
+// ExtensionType value from draft-ietf-tls-tlsflags.
+#define TLSEXT_TYPE_tls_flags 62
+
// status request value from RFC 3546
#define TLSEXT_STATUSTYPE_nothing (-1)
#define TLSEXT_STATUSTYPE_ocsp 1
diff --git a/src/include/openssl/trust_token.h b/src/include/openssl/trust_token.h
index 1026bcd..0353fd4 100644
--- a/src/include/openssl/trust_token.h
+++ b/src/include/openssl/trust_token.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_TRUST_TOKEN_H
#define OPENSSL_HEADER_TRUST_TOKEN_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <openssl/stack.h>
#if defined(__cplusplus)
diff --git a/src/include/openssl/type_check.h b/src/include/openssl/type_check.h
index 8225f91..185b765 100644
--- a/src/include/openssl/type_check.h
+++ b/src/include/openssl/type_check.h
@@ -15,7 +15,7 @@
#ifndef OPENSSL_HEADER_TYPE_CHECK_H
#define OPENSSL_HEADER_TYPE_CHECK_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#if defined(__cplusplus)
extern "C" {
diff --git a/src/include/openssl/x509.h b/src/include/openssl/x509.h
index 3e81b5f..58508a5 100644
--- a/src/include/openssl/x509.h
+++ b/src/include/openssl/x509.h
@@ -16,7 +16,7 @@
#ifndef OPENSSL_HEADER_X509_H
#define OPENSSL_HEADER_X509_H
-#include <openssl/base.h>
+#include <openssl/base.h> // IWYU pragma: export
#include <time.h>
@@ -1504,9 +1504,12 @@
// pointer for OpenSSL compatibility, but callers should not mutate the result.
// Doing so will break internal invariants in the library.
//
-// TODO(https://crbug.com/boringssl/412): Although the spec says any ASN.1 type
-// is allowed, we currently only allow an ad-hoc set of types. Additionally, it
-// is unclear if some types can even be represented by this function.
+// See |ASN1_STRING| for how values are represented in this library. Where a
+// specific |ASN1_STRING| representation exists, that representation is used.
+// Otherwise, the |V_ASN1_OTHER| representation is used. Note that NULL, OBJECT
+// IDENTIFIER, and BOOLEAN attribute values are represented as |V_ASN1_OTHER|,
+// because their usual representation in this library is not
+// |ASN1_STRING|-compatible.
OPENSSL_EXPORT ASN1_STRING *X509_NAME_ENTRY_get_data(
const X509_NAME_ENTRY *entry);
diff --git a/src/pki/certificate_policies_unittest.cc b/src/pki/certificate_policies_unittest.cc
index cc634a7..ba14490 100644
--- a/src/pki/certificate_policies_unittest.cc
+++ b/src/pki/certificate_policies_unittest.cc
@@ -15,6 +15,9 @@
#include "certificate_policies.h"
#include <gtest/gtest.h>
+
+#include <openssl/span.h>
+
#include "input.h"
#include "parser.h"
#include "test_helpers.h"
@@ -53,7 +56,7 @@
std::vector<der::Input> policies;
CertErrors errors;
EXPECT_FALSE(ParseCertificatePoliciesExtensionOids(
- der::Input(der), fail_parsing_unknown_qualifier_oids(), &policies,
+ StringAsBytes(der), fail_parsing_unknown_qualifier_oids(), &policies,
&errors));
}
@@ -63,7 +66,7 @@
std::vector<der::Input> policies;
CertErrors errors;
EXPECT_FALSE(ParseCertificatePoliciesExtensionOids(
- der::Input(der), fail_parsing_unknown_qualifier_oids(), &policies,
+ StringAsBytes(der), fail_parsing_unknown_qualifier_oids(), &policies,
&errors));
}
@@ -73,7 +76,7 @@
std::vector<der::Input> policies;
CertErrors errors;
EXPECT_TRUE(ParseCertificatePoliciesExtensionOids(
- der::Input(der), fail_parsing_unknown_qualifier_oids(), &policies,
+ StringAsBytes(der), fail_parsing_unknown_qualifier_oids(), &policies,
&errors));
ASSERT_EQ(1U, policies.size());
EXPECT_EQ(der::Input(kAnyPolicyOid), policies[0]);
@@ -85,7 +88,7 @@
std::vector<der::Input> policies;
CertErrors errors;
EXPECT_TRUE(ParseCertificatePoliciesExtensionOids(
- der::Input(der), fail_parsing_unknown_qualifier_oids(), &policies,
+ StringAsBytes(der), fail_parsing_unknown_qualifier_oids(), &policies,
&errors));
ASSERT_EQ(1U, policies.size());
EXPECT_EQ(der::Input(kAnyPolicyOid), policies[0]);
@@ -99,7 +102,7 @@
std::vector<der::Input> policies;
CertErrors errors;
EXPECT_FALSE(ParseCertificatePoliciesExtensionOids(
- der::Input(der), fail_parsing_unknown_qualifier_oids(), &policies,
+ StringAsBytes(der), fail_parsing_unknown_qualifier_oids(), &policies,
&errors));
}
@@ -109,7 +112,7 @@
std::vector<der::Input> policies;
CertErrors errors;
EXPECT_TRUE(ParseCertificatePoliciesExtensionOids(
- der::Input(der), fail_parsing_unknown_qualifier_oids(), &policies,
+ StringAsBytes(der), fail_parsing_unknown_qualifier_oids(), &policies,
&errors));
ASSERT_EQ(1U, policies.size());
EXPECT_EQ(der::Input(policy_1_2_3_der), policies[0]);
@@ -121,7 +124,7 @@
std::vector<der::Input> policies;
CertErrors errors;
EXPECT_TRUE(ParseCertificatePoliciesExtensionOids(
- der::Input(der), fail_parsing_unknown_qualifier_oids(), &policies,
+ StringAsBytes(der), fail_parsing_unknown_qualifier_oids(), &policies,
&errors));
ASSERT_EQ(1U, policies.size());
EXPECT_EQ(der::Input(policy_1_2_3_der), policies[0]);
@@ -134,7 +137,7 @@
std::vector<der::Input> policies;
CertErrors errors;
bool result = ParseCertificatePoliciesExtensionOids(
- der::Input(der), fail_parsing_unknown_qualifier_oids(), &policies,
+ StringAsBytes(der), fail_parsing_unknown_qualifier_oids(), &policies,
&errors);
if (fail_parsing_unknown_qualifier_oids()) {
@@ -153,7 +156,7 @@
std::vector<der::Input> policies;
CertErrors errors;
EXPECT_FALSE(ParseCertificatePoliciesExtensionOids(
- der::Input(der), fail_parsing_unknown_qualifier_oids(), &policies,
+ StringAsBytes(der), fail_parsing_unknown_qualifier_oids(), &policies,
&errors));
}
@@ -165,7 +168,7 @@
std::vector<der::Input> policies;
CertErrors errors;
EXPECT_FALSE(ParseCertificatePoliciesExtensionOids(
- der::Input(der), fail_parsing_unknown_qualifier_oids(), &policies,
+ StringAsBytes(der), fail_parsing_unknown_qualifier_oids(), &policies,
&errors));
}
@@ -177,7 +180,7 @@
std::vector<der::Input> policies;
CertErrors errors;
EXPECT_FALSE(ParseCertificatePoliciesExtensionOids(
- der::Input(der), fail_parsing_unknown_qualifier_oids(), &policies,
+ StringAsBytes(der), fail_parsing_unknown_qualifier_oids(), &policies,
&errors));
}
@@ -189,7 +192,7 @@
std::vector<der::Input> policies;
CertErrors errors;
EXPECT_FALSE(ParseCertificatePoliciesExtensionOids(
- der::Input(der), fail_parsing_unknown_qualifier_oids(), &policies,
+ StringAsBytes(der), fail_parsing_unknown_qualifier_oids(), &policies,
&errors));
}
@@ -199,7 +202,7 @@
std::vector<der::Input> policies;
CertErrors errors;
EXPECT_TRUE(ParseCertificatePoliciesExtensionOids(
- der::Input(der), fail_parsing_unknown_qualifier_oids(), &policies,
+ StringAsBytes(der), fail_parsing_unknown_qualifier_oids(), &policies,
&errors));
ASSERT_EQ(2U, policies.size());
EXPECT_EQ(der::Input(policy_1_2_3_der), policies[0]);
@@ -212,7 +215,7 @@
std::vector<der::Input> policies;
CertErrors errors;
EXPECT_TRUE(ParseCertificatePoliciesExtensionOids(
- der::Input(der), fail_parsing_unknown_qualifier_oids(), &policies,
+ StringAsBytes(der), fail_parsing_unknown_qualifier_oids(), &policies,
&errors));
ASSERT_EQ(2U, policies.size());
EXPECT_EQ(der::Input(policy_1_2_3_der), policies[0]);
@@ -224,8 +227,8 @@
ASSERT_TRUE(LoadTestData("invalid-empty.pem", &der));
std::vector<PolicyInformation> policies;
CertErrors errors;
- EXPECT_FALSE(
- ParseCertificatePoliciesExtension(der::Input(der), &policies, &errors));
+ EXPECT_FALSE(ParseCertificatePoliciesExtension(StringAsBytes(der), &policies,
+ &errors));
}
TEST(ParseCertificatePoliciesExtensionTest,
@@ -234,8 +237,8 @@
ASSERT_TRUE(LoadTestData("invalid-policy_1_2_3_dupe.pem", &der));
std::vector<PolicyInformation> policies;
CertErrors errors;
- EXPECT_FALSE(
- ParseCertificatePoliciesExtension(der::Input(der), &policies, &errors));
+ EXPECT_FALSE(ParseCertificatePoliciesExtension(StringAsBytes(der), &policies,
+ &errors));
}
TEST(ParseCertificatePoliciesExtensionTest, OnePolicyWithCustomQualifier) {
@@ -243,8 +246,8 @@
ASSERT_TRUE(LoadTestData("policy_1_2_3_with_custom_qualifier.pem", &der));
std::vector<PolicyInformation> policies;
CertErrors errors;
- EXPECT_TRUE(
- ParseCertificatePoliciesExtension(der::Input(der), &policies, &errors));
+ EXPECT_TRUE(ParseCertificatePoliciesExtension(StringAsBytes(der), &policies,
+ &errors));
ASSERT_EQ(1U, policies.size());
PolicyInformation &policy = policies[0];
EXPECT_EQ(der::Input(policy_1_2_3_der), policy.policy_oid);
@@ -264,8 +267,8 @@
ASSERT_TRUE(LoadTestData("policy_1_2_3_and_1_2_4.pem", &der));
std::vector<PolicyInformation> policies;
CertErrors errors;
- EXPECT_TRUE(
- ParseCertificatePoliciesExtension(der::Input(der), &policies, &errors));
+ EXPECT_TRUE(ParseCertificatePoliciesExtension(StringAsBytes(der), &policies,
+ &errors));
ASSERT_EQ(2U, policies.size());
{
PolicyInformation &policy = policies[0];
@@ -284,8 +287,8 @@
ASSERT_TRUE(LoadTestData("policy_1_2_3_and_1_2_4_with_qualifiers.pem", &der));
std::vector<PolicyInformation> policies;
CertErrors errors;
- EXPECT_TRUE(
- ParseCertificatePoliciesExtension(der::Input(der), &policies, &errors));
+ EXPECT_TRUE(ParseCertificatePoliciesExtension(StringAsBytes(der), &policies,
+ &errors));
ASSERT_EQ(2U, policies.size());
{
PolicyInformation &policy = policies[0];
diff --git a/src/pki/common_cert_errors.cc b/src/pki/common_cert_errors.cc
index 636bfc6..4bb0707 100644
--- a/src/pki/common_cert_errors.cc
+++ b/src/pki/common_cert_errors.cc
@@ -30,6 +30,9 @@
DEFINE_CERT_ERROR_ID(kUnconsumedCriticalExtension,
"Unconsumed critical extension");
DEFINE_CERT_ERROR_ID(kKeyCertSignBitNotSet, "keyCertSign bit is not set");
+DEFINE_CERT_ERROR_ID(kKeyUsageIncorrectForRcsMlsClient,
+ "KeyUsage must have only the digitalSignature bit set for "
+ "rcsMlsClient auth");
DEFINE_CERT_ERROR_ID(kMaxPathLengthViolated, "max_path_length reached");
DEFINE_CERT_ERROR_ID(kBasicConstraintsIndicatesNotCa,
"Basic Constraints indicates not a CA");
@@ -70,6 +73,17 @@
DEFINE_CERT_ERROR_ID(kEkuHasProhibitedCodeSigning,
"The extended key usage includes code signing which "
"is not permitted for this use");
+DEFINE_CERT_ERROR_ID(kEkuIncorrectForRcsMlsClient,
+ "The extended key usage does not contain only the "
+ "rcsMlsClient key purpose.");
+DEFINE_CERT_ERROR_ID(kEkuIncorrectForC2PATimeStamping,
+ "The extended key usage does not contain the time "
+ "stamping key purpose, or contains prohibited key usages");
+DEFINE_CERT_ERROR_ID(
+ kEkuIncorrectForC2PAManifest,
+ "The extended key usage must contain at least one of: email protection or "
+ "document signing, and must not contain prohibited key usages");
+
DEFINE_CERT_ERROR_ID(kEkuNotPresent,
"Certificate does not have extended key usage");
DEFINE_CERT_ERROR_ID(kCertIsNotTrustAnchor,
diff --git a/src/pki/common_cert_errors.h b/src/pki/common_cert_errors.h
index 40b02de..5bbf412 100644
--- a/src/pki/common_cert_errors.h
+++ b/src/pki/common_cert_errors.h
@@ -58,6 +58,10 @@
// keyCertSign KeyUsage was not set.
OPENSSL_EXPORT extern const CertErrorId kKeyCertSignBitNotSet;
+// The certificate is being used for RCS MLS but the required digitalSignature
+// bit was either not set, or was not the only bit set.
+OPENSSL_EXPORT extern const CertErrorId kKeyUsageIncorrectForRcsMlsClient;
+
// The chain violates the max_path_length from BasicConstraints.
OPENSSL_EXPORT extern const CertErrorId kMaxPathLengthViolated;
@@ -139,6 +143,15 @@
// The certificate's EKU has Code Signing when it should not.
OPENSSL_EXPORT extern const CertErrorId kEkuHasProhibitedCodeSigning;
+// The certificate's EKU is incorrect for an RcsMlsClient.
+OPENSSL_EXPORT extern const CertErrorId kEkuIncorrectForRcsMlsClient;
+
+// The certificate's EKU is incorrect for C2PA Time Stamping
+OPENSSL_EXPORT extern const CertErrorId kEkuIncorrectForC2PATimeStamping;
+
+// The certificate's EKU is incorrect for C2PA Manifest Signing
+OPENSSL_EXPORT extern const CertErrorId kEkuIncorrectForC2PAManifest;
+
// The certificate does not have EKU.
OPENSSL_EXPORT extern const CertErrorId kEkuNotPresent;
diff --git a/src/pki/crl.cc b/src/pki/crl.cc
index 5af3e27..abe9d26 100644
--- a/src/pki/crl.cc
+++ b/src/pki/crl.cc
@@ -17,6 +17,7 @@
#include <openssl/base.h>
#include <openssl/bytestring.h>
+#include <openssl/span.h>
#include "cert_errors.h"
#include "crl.h"
@@ -444,7 +445,7 @@
der::Input tbs_cert_list_tlv;
der::Input signature_algorithm_tlv;
der::BitString signature_value;
- if (!ParseCrlCertificateList(der::Input(raw_crl), &tbs_cert_list_tlv,
+ if (!ParseCrlCertificateList(StringAsBytes(raw_crl), &tbs_cert_list_tlv,
&signature_algorithm_tlv, &signature_value)) {
return CRLRevocationStatus::UNKNOWN;
}
@@ -519,7 +520,8 @@
if (!NormalizeNameTLV(tbs_cert_list.issuer_tlv, &normalized_crl_issuer)) {
return CRLRevocationStatus::UNKNOWN;
}
- if (der::Input(normalized_crl_issuer) != target_cert->normalized_issuer()) {
+ if (der::Input(StringAsBytes(normalized_crl_issuer)) !=
+ target_cert->normalized_issuer()) {
return CRLRevocationStatus::UNKNOWN;
}
@@ -639,7 +641,7 @@
//
// As the |issuer_cert| is from the already validated chain, it is already
// known to chain to the same trust anchor as the target certificate.
- if (der::Input(normalized_crl_issuer) !=
+ if (der::Input(StringAsBytes(normalized_crl_issuer)) !=
issuer_cert->normalized_subject()) {
continue;
}
diff --git a/src/pki/extended_key_usage.h b/src/pki/extended_key_usage.h
index 2556c24..fb10c77 100644
--- a/src/pki/extended_key_usage.h
+++ b/src/pki/extended_key_usage.h
@@ -78,6 +78,24 @@
inline constexpr uint8_t kOCSPSigning[] = {0x2b, 0x06, 0x01, 0x05,
0x05, 0x07, 0x03, 0x09};
+// From RFC 9336 section 3.1:
+// id-kp-documentSigning OBJECT IDENTIFIER ::= { id-kp 36 }
+// In dotted notation: 1.3.6.1.5.5.7.3.36
+inline constexpr uint8_t kDocumentSigning[] = {0x2b, 0x06, 0x01, 0x05,
+ 0x05, 0x07, 0x03, 0x24};
+
+// From GSMA RCC.16 v1.0 End-to-End Encryption Specification.
+// id-gsmaRCSE2EE OBJECT IDENTIFIER ::= { joint-iso-itu-t(2)
+// international-organizations(23) gsma(146) rcs(2) rcsE2EE (1)}
+// (Note this spec incorrectly says id-appleDraftRCSE2EE in place of
+// id-gmsaRCSE2EE in several places)
+//
+// From GSMA RCC.16 v1.0 End-to-End Encryption Specification section A.2.8.8,
+// and A.3.8.7.
+// id-kp-rcsMlsClient OBJECT IDENTIFIER ::= { id-gmsaRCS2EE 3 }
+// In dotted notation: 2.23.146.2.1.3
+inline constexpr uint8_t kRcsMlsClient[] = {0x67, 0x81, 0x12, 0x02, 0x01, 0x03};
+
// Parses |extension_value|, which contains the extnValue field of an X.509v3
// Extended Key Usage extension, and populates |eku_oids| with the list of
// DER-encoded OID values (that is, without tag and length). Returns false if
diff --git a/src/pki/general_names_unittest.cc b/src/pki/general_names_unittest.cc
index 63034f5..b451246 100644
--- a/src/pki/general_names_unittest.cc
+++ b/src/pki/general_names_unittest.cc
@@ -15,6 +15,9 @@
#include "general_names.h"
#include <gtest/gtest.h>
+
+#include <openssl/span.h>
+
#include "test_helpers.h"
BSSL_NAMESPACE_BEGIN
@@ -52,7 +55,7 @@
ASSERT_TRUE(
LoadTestSubjectAltNameData("san-invalid-empty.pem", &invalid_san_der));
CertErrors errors;
- EXPECT_FALSE(GeneralNames::Create(der::Input(invalid_san_der), &errors));
+ EXPECT_FALSE(GeneralNames::Create(StringAsBytes(invalid_san_der), &errors));
}
TEST(GeneralNames, OtherName) {
@@ -61,7 +64,7 @@
CertErrors errors;
std::unique_ptr<GeneralNames> general_names =
- GeneralNames::Create(der::Input(san_der), &errors);
+ GeneralNames::Create(StringAsBytes(san_der), &errors);
ASSERT_TRUE(general_names);
EXPECT_EQ(GENERAL_NAME_OTHER_NAME, general_names->present_name_types);
const uint8_t expected_der[] = {0x06, 0x04, 0x2a, 0x03, 0x04, 0x05,
@@ -76,7 +79,7 @@
CertErrors errors;
std::unique_ptr<GeneralNames> general_names =
- GeneralNames::Create(der::Input(san_der), &errors);
+ GeneralNames::Create(StringAsBytes(san_der), &errors);
ASSERT_TRUE(general_names);
EXPECT_EQ(GENERAL_NAME_RFC822_NAME, general_names->present_name_types);
ASSERT_EQ(1U, general_names->rfc822_names.size());
@@ -88,7 +91,7 @@
ASSERT_TRUE(LoadTestSubjectAltNameData("san-rfc822name.pem", &san_der));
ReplaceFirstSubstring(&san_der, "foo@example.com", "f\xF6\xF6@example.com");
CertErrors errors;
- EXPECT_FALSE(GeneralNames::Create(der::Input(san_der), &errors));
+ EXPECT_FALSE(GeneralNames::Create(StringAsBytes(san_der), &errors));
}
TEST(GeneralNames, DnsName) {
@@ -97,7 +100,7 @@
CertErrors errors;
std::unique_ptr<GeneralNames> general_names =
- GeneralNames::Create(der::Input(san_der), &errors);
+ GeneralNames::Create(StringAsBytes(san_der), &errors);
ASSERT_TRUE(general_names);
EXPECT_EQ(GENERAL_NAME_DNS_NAME, general_names->present_name_types);
ASSERT_EQ(1U, general_names->dns_names.size());
@@ -109,7 +112,7 @@
ASSERT_TRUE(LoadTestSubjectAltNameData("san-dnsname.pem", &san_der));
ReplaceFirstSubstring(&san_der, "foo.example.com", "f\xF6\xF6.example.com");
CertErrors errors;
- EXPECT_FALSE(GeneralNames::Create(der::Input(san_der), &errors));
+ EXPECT_FALSE(GeneralNames::Create(StringAsBytes(san_der), &errors));
}
TEST(GeneralNames, X400Address) {
@@ -118,7 +121,7 @@
CertErrors errors;
std::unique_ptr<GeneralNames> general_names =
- GeneralNames::Create(der::Input(san_der), &errors);
+ GeneralNames::Create(StringAsBytes(san_der), &errors);
ASSERT_TRUE(general_names);
EXPECT_EQ(GENERAL_NAME_X400_ADDRESS, general_names->present_name_types);
ASSERT_EQ(1U, general_names->x400_addresses.size());
@@ -133,7 +136,7 @@
CertErrors errors;
std::unique_ptr<GeneralNames> general_names =
- GeneralNames::Create(der::Input(san_der), &errors);
+ GeneralNames::Create(StringAsBytes(san_der), &errors);
ASSERT_TRUE(general_names);
EXPECT_EQ(GENERAL_NAME_DIRECTORY_NAME, general_names->present_name_types);
ASSERT_EQ(1U, general_names->directory_names.size());
@@ -148,7 +151,7 @@
CertErrors errors;
std::unique_ptr<GeneralNames> general_names =
- GeneralNames::Create(der::Input(san_der), &errors);
+ GeneralNames::Create(StringAsBytes(san_der), &errors);
ASSERT_TRUE(general_names);
EXPECT_EQ(GENERAL_NAME_EDI_PARTY_NAME, general_names->present_name_types);
ASSERT_EQ(1U, general_names->edi_party_names.size());
@@ -162,7 +165,7 @@
CertErrors errors;
std::unique_ptr<GeneralNames> general_names =
- GeneralNames::Create(der::Input(san_der), &errors);
+ GeneralNames::Create(StringAsBytes(san_der), &errors);
ASSERT_TRUE(general_names);
EXPECT_EQ(GENERAL_NAME_UNIFORM_RESOURCE_IDENTIFIER,
general_names->present_name_types);
@@ -177,7 +180,7 @@
ReplaceFirstSubstring(&san_der, "http://example.com",
"http://ex\xE4mple.com");
CertErrors errors;
- EXPECT_FALSE(GeneralNames::Create(der::Input(san_der), &errors));
+ EXPECT_FALSE(GeneralNames::Create(StringAsBytes(san_der), &errors));
}
TEST(GeneralNames, IPAddress_v4) {
@@ -186,7 +189,7 @@
CertErrors errors;
std::unique_ptr<GeneralNames> general_names =
- GeneralNames::Create(der::Input(san_der), &errors);
+ GeneralNames::Create(StringAsBytes(san_der), &errors);
ASSERT_TRUE(general_names);
EXPECT_EQ(GENERAL_NAME_IP_ADDRESS, general_names->present_name_types);
ASSERT_EQ(1U, general_names->ip_addresses.size());
@@ -201,7 +204,7 @@
CertErrors errors;
std::unique_ptr<GeneralNames> general_names =
- GeneralNames::Create(der::Input(san_der), &errors);
+ GeneralNames::Create(StringAsBytes(san_der), &errors);
ASSERT_TRUE(general_names);
EXPECT_EQ(GENERAL_NAME_IP_ADDRESS, general_names->present_name_types);
ASSERT_EQ(1U, general_names->ip_addresses.size());
@@ -216,7 +219,7 @@
ASSERT_TRUE(LoadTestSubjectAltNameData("san-invalid-ipaddress.pem",
&invalid_san_der));
CertErrors errors;
- EXPECT_FALSE(GeneralNames::Create(der::Input(invalid_san_der), &errors));
+ EXPECT_FALSE(GeneralNames::Create(StringAsBytes(invalid_san_der), &errors));
}
TEST(GeneralNames, RegisteredIDs) {
@@ -225,7 +228,7 @@
CertErrors errors;
std::unique_ptr<GeneralNames> general_names =
- GeneralNames::Create(der::Input(san_der), &errors);
+ GeneralNames::Create(StringAsBytes(san_der), &errors);
ASSERT_TRUE(general_names);
EXPECT_EQ(GENERAL_NAME_REGISTERED_ID, general_names->present_name_types);
ASSERT_EQ(1U, general_names->registered_ids.size());
diff --git a/src/pki/name_constraints_unittest.cc b/src/pki/name_constraints_unittest.cc
index 9037deb..fa7cbec 100644
--- a/src/pki/name_constraints_unittest.cc
+++ b/src/pki/name_constraints_unittest.cc
@@ -18,6 +18,9 @@
#include <memory>
#include <gtest/gtest.h>
+
+#include <openssl/span.h>
+
#include "common_cert_errors.h"
#include "test_helpers.h"
@@ -60,7 +63,7 @@
return load_result;
}
CertErrors errors;
- *result = GeneralNames::Create(der::Input(*result_der), &errors);
+ *result = GeneralNames::Create(StringAsBytes(*result_der), &errors);
if (!*result) {
return ::testing::AssertionFailure() << "Create failed";
}
@@ -114,7 +117,7 @@
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(
- NameConstraints::Create(der::Input(a), is_critical(), &errors));
+ NameConstraints::Create(StringAsBytes(a), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
EXPECT_TRUE(name_constraints->IsPermittedDNSName("permitted.example.com"));
@@ -203,7 +206,7 @@
ASSERT_TRUE(LoadTestNameConstraint("dnsname2.pem", &a));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(
- NameConstraints::Create(der::Input(a), is_critical(), &errors));
+ NameConstraints::Create(StringAsBytes(a), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
// Matches permitted exactly.
@@ -234,7 +237,7 @@
LoadTestNameConstraint("dnsname-permitted_with_leading_dot.pem", &a));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(
- NameConstraints::Create(der::Input(a), is_critical(), &errors));
+ NameConstraints::Create(StringAsBytes(a), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
// A permitted dNSName constraint of ".bar.com" should only match subdomains
@@ -252,7 +255,7 @@
LoadTestNameConstraint("dnsname-excluded_with_leading_dot.pem", &a));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(
- NameConstraints::Create(der::Input(a), is_critical(), &errors));
+ NameConstraints::Create(StringAsBytes(a), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
// An excluded dNSName constraint of ".bar.com" should only match subdomains
@@ -269,7 +272,7 @@
ASSERT_TRUE(LoadTestNameConstraint("dnsname-permitted_two_dot.pem", &a));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(
- NameConstraints::Create(der::Input(a), is_critical(), &errors));
+ NameConstraints::Create(StringAsBytes(a), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
// A dNSName constraint of ".." isn't meaningful. Shouldn't match anything.
@@ -285,7 +288,7 @@
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(
- NameConstraints::Create(der::Input(a), is_critical(), &errors));
+ NameConstraints::Create(StringAsBytes(a), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
// Only "excluded.permitted.example.com" is excluded, and since permitted is
@@ -305,7 +308,7 @@
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(
- NameConstraints::Create(der::Input(a), is_critical(), &errors));
+ NameConstraints::Create(StringAsBytes(a), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
// "permitted.example.com" is in the permitted section, but since "" is
@@ -323,7 +326,7 @@
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(
- NameConstraints::Create(der::Input(a), is_critical(), &errors));
+ NameConstraints::Create(StringAsBytes(a), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
// "." is excluded, which should match nothing.
@@ -342,7 +345,8 @@
a.replace(replace_location, 1, 1, -1);
CertErrors errors;
- EXPECT_FALSE(NameConstraints::Create(der::Input(a), is_critical(), &errors));
+ EXPECT_FALSE(
+ NameConstraints::Create(StringAsBytes(a), is_critical(), &errors));
}
TEST_P(ParseNameConstraints, DirectoryNames) {
@@ -369,7 +373,7 @@
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
// Not in any permitted subtree.
@@ -439,7 +443,7 @@
LoadTestNameConstraint("directoryname-excluded.pem", &constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
std::string name_empty;
@@ -470,7 +474,7 @@
LoadTestNameConstraint("directoryname-excludeall.pem", &constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
std::string name_empty;
@@ -503,7 +507,7 @@
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(
- NameConstraints::Create(der::Input(a), is_critical(), &errors));
+ NameConstraints::Create(StringAsBytes(a), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
// IPv4 tests:
@@ -634,7 +638,7 @@
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(
- NameConstraints::Create(der::Input(a), is_critical(), &errors));
+ NameConstraints::Create(StringAsBytes(a), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
// Only 192.168.5.0/255.255.255.0 is excluded, and since permitted is empty,
@@ -653,7 +657,7 @@
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(
- NameConstraints::Create(der::Input(a), is_critical(), &errors));
+ NameConstraints::Create(StringAsBytes(a), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
// 192.168.0.0/255.255.0.0 and
@@ -675,7 +679,7 @@
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(
- NameConstraints::Create(der::Input(a), is_critical(), &errors));
+ NameConstraints::Create(StringAsBytes(a), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
EXPECT_FALSE(
@@ -698,7 +702,7 @@
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(
- NameConstraints::Create(der::Input(a), is_critical(), &errors));
+ NameConstraints::Create(StringAsBytes(a), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
EXPECT_FALSE(
@@ -723,7 +727,7 @@
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(
- NameConstraints::Create(der::Input(a), is_critical(), &errors));
+ NameConstraints::Create(StringAsBytes(a), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
EXPECT_FALSE(
@@ -742,7 +746,7 @@
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(
- NameConstraints::Create(der::Input(a), is_critical(), &errors));
+ NameConstraints::Create(StringAsBytes(a), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
EXPECT_TRUE(
@@ -758,7 +762,8 @@
ASSERT_TRUE(LoadTestNameConstraint("ipaddress-invalid_addr.pem", &a));
CertErrors errors;
- EXPECT_FALSE(NameConstraints::Create(der::Input(a), is_critical(), &errors));
+ EXPECT_FALSE(
+ NameConstraints::Create(StringAsBytes(a), is_critical(), &errors));
}
TEST_P(ParseNameConstraints, IPAddressesFailOnInvalidMaskNotContiguous) {
@@ -766,19 +771,23 @@
ASSERT_TRUE(LoadTestNameConstraint(
"ipaddress-invalid_mask_not_contiguous_1.pem", &a));
CertErrors errors;
- EXPECT_FALSE(NameConstraints::Create(der::Input(a), is_critical(), &errors));
+ EXPECT_FALSE(
+ NameConstraints::Create(StringAsBytes(a), is_critical(), &errors));
ASSERT_TRUE(LoadTestNameConstraint(
"ipaddress-invalid_mask_not_contiguous_2.pem", &a));
- EXPECT_FALSE(NameConstraints::Create(der::Input(a), is_critical(), &errors));
+ EXPECT_FALSE(
+ NameConstraints::Create(StringAsBytes(a), is_critical(), &errors));
ASSERT_TRUE(LoadTestNameConstraint(
"ipaddress-invalid_mask_not_contiguous_3.pem", &a));
- EXPECT_FALSE(NameConstraints::Create(der::Input(a), is_critical(), &errors));
+ EXPECT_FALSE(
+ NameConstraints::Create(StringAsBytes(a), is_critical(), &errors));
ASSERT_TRUE(LoadTestNameConstraint(
"ipaddress-invalid_mask_not_contiguous_4.pem", &a));
- EXPECT_FALSE(NameConstraints::Create(der::Input(a), is_critical(), &errors));
+ EXPECT_FALSE(
+ NameConstraints::Create(StringAsBytes(a), is_critical(), &errors));
}
// Test that v4/v6 mapping is not applied when evaluating name constraints.
@@ -788,7 +797,7 @@
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(
- NameConstraints::Create(der::Input(a), is_critical(), &errors));
+ NameConstraints::Create(StringAsBytes(a), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
// 192.168.1.0/24 is a permitted subtree.
@@ -824,7 +833,7 @@
LoadTestNameConstraint("othername-permitted.pem", &constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
if (is_critical()) {
@@ -847,7 +856,7 @@
LoadTestNameConstraint("othername-excluded.pem", &constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
if (is_critical()) {
@@ -870,7 +879,7 @@
LoadTestNameConstraint("rfc822name-permitted.pem", &constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
EXPECT_EQ(GENERAL_NAME_RFC822_NAME,
@@ -932,7 +941,7 @@
LoadTestNameConstraint("rfc822name-excluded.pem", &constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
EXPECT_EQ(GENERAL_NAME_RFC822_NAME,
@@ -982,7 +991,7 @@
&constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
EXPECT_EQ(GENERAL_NAME_RFC822_NAME,
@@ -1041,7 +1050,7 @@
&constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
EXPECT_EQ(GENERAL_NAME_RFC822_NAME,
@@ -1090,7 +1099,7 @@
&constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
EXPECT_EQ(GENERAL_NAME_RFC822_NAME,
@@ -1140,7 +1149,7 @@
&constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
EXPECT_EQ(GENERAL_NAME_RFC822_NAME,
@@ -1190,7 +1199,7 @@
&constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
EXPECT_EQ(GENERAL_NAME_RFC822_NAME,
@@ -1228,7 +1237,7 @@
&constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
EXPECT_EQ(GENERAL_NAME_RFC822_NAME,
@@ -1267,7 +1276,7 @@
&constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
EXPECT_EQ(GENERAL_NAME_RFC822_NAME,
@@ -1292,7 +1301,7 @@
&constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
EXPECT_EQ(GENERAL_NAME_RFC822_NAME,
@@ -1317,7 +1326,7 @@
&constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
EXPECT_EQ(GENERAL_NAME_RFC822_NAME,
@@ -1347,7 +1356,7 @@
LoadTestNameConstraint("rfc822name-excluded-ipv4.pem", &constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
EXPECT_EQ(GENERAL_NAME_RFC822_NAME,
@@ -1378,7 +1387,7 @@
LoadTestNameConstraint("othername-excluded.pem", &constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
std::string san_der;
@@ -1396,7 +1405,7 @@
&constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
std::string san_der;
@@ -1415,7 +1424,7 @@
&constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
std::string san_der;
@@ -1435,7 +1444,7 @@
LoadTestNameConstraint("x400address-permitted.pem", &constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
if (is_critical()) {
@@ -1458,7 +1467,7 @@
LoadTestNameConstraint("x400address-excluded.pem", &constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
if (is_critical()) {
@@ -1481,7 +1490,7 @@
LoadTestNameConstraint("edipartyname-permitted.pem", &constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
if (is_critical()) {
@@ -1504,7 +1513,7 @@
LoadTestNameConstraint("edipartyname-excluded.pem", &constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
if (is_critical()) {
@@ -1526,7 +1535,7 @@
ASSERT_TRUE(LoadTestNameConstraint("uri-permitted.pem", &constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
if (is_critical()) {
@@ -1548,7 +1557,7 @@
ASSERT_TRUE(LoadTestNameConstraint("uri-excluded.pem", &constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
if (is_critical()) {
@@ -1571,7 +1580,7 @@
LoadTestNameConstraint("registeredid-permitted.pem", &constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
if (is_critical()) {
@@ -1594,7 +1603,7 @@
LoadTestNameConstraint("registeredid-excluded.pem", &constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
if (is_critical()) {
@@ -1620,7 +1629,7 @@
// could be changed to allowed if there are buggy encoders out there that
// include it anyway.
CertErrors errors;
- EXPECT_FALSE(NameConstraints::Create(der::Input(constraints_der),
+ EXPECT_FALSE(NameConstraints::Create(StringAsBytes(constraints_der),
is_critical(), &errors));
}
@@ -1629,7 +1638,7 @@
ASSERT_TRUE(
LoadTestNameConstraint("dnsname-with_min_1.pem", &constraints_der));
CertErrors errors;
- EXPECT_FALSE(NameConstraints::Create(der::Input(constraints_der),
+ EXPECT_FALSE(NameConstraints::Create(StringAsBytes(constraints_der),
is_critical(), &errors));
}
@@ -1639,7 +1648,7 @@
ASSERT_TRUE(LoadTestNameConstraint("dnsname-with_min_0_and_max.pem",
&constraints_der));
CertErrors errors;
- EXPECT_FALSE(NameConstraints::Create(der::Input(constraints_der),
+ EXPECT_FALSE(NameConstraints::Create(StringAsBytes(constraints_der),
is_critical(), &errors));
}
@@ -1648,7 +1657,7 @@
ASSERT_TRUE(LoadTestNameConstraint("dnsname-with_min_1_and_max.pem",
&constraints_der));
CertErrors errors;
- EXPECT_FALSE(NameConstraints::Create(der::Input(constraints_der),
+ EXPECT_FALSE(NameConstraints::Create(StringAsBytes(constraints_der),
is_critical(), &errors));
}
@@ -1656,14 +1665,14 @@
std::string constraints_der;
ASSERT_TRUE(LoadTestNameConstraint("dnsname-with_max.pem", &constraints_der));
CertErrors errors;
- EXPECT_FALSE(NameConstraints::Create(der::Input(constraints_der),
+ EXPECT_FALSE(NameConstraints::Create(StringAsBytes(constraints_der),
is_critical(), &errors));
}
TEST_P(ParseNameConstraints, FailsOnEmptyExtensionValue) {
std::string constraints_der = "";
CertErrors errors;
- EXPECT_FALSE(NameConstraints::Create(der::Input(constraints_der),
+ EXPECT_FALSE(NameConstraints::Create(StringAsBytes(constraints_der),
is_critical(), &errors));
}
@@ -1672,7 +1681,7 @@
ASSERT_TRUE(
LoadTestNameConstraint("invalid-no_subtrees.pem", &constraints_der));
CertErrors errors;
- EXPECT_FALSE(NameConstraints::Create(der::Input(constraints_der),
+ EXPECT_FALSE(NameConstraints::Create(StringAsBytes(constraints_der),
is_critical(), &errors));
}
@@ -1681,7 +1690,7 @@
ASSERT_TRUE(LoadTestNameConstraint("invalid-empty_permitted_subtree.pem",
&constraints_der));
CertErrors errors;
- EXPECT_FALSE(NameConstraints::Create(der::Input(constraints_der),
+ EXPECT_FALSE(NameConstraints::Create(StringAsBytes(constraints_der),
is_critical(), &errors));
}
@@ -1690,7 +1699,7 @@
ASSERT_TRUE(LoadTestNameConstraint("invalid-empty_excluded_subtree.pem",
&constraints_der));
CertErrors errors;
- EXPECT_FALSE(NameConstraints::Create(der::Input(constraints_der),
+ EXPECT_FALSE(NameConstraints::Create(StringAsBytes(constraints_der),
is_critical(), &errors));
}
@@ -1700,7 +1709,7 @@
ASSERT_TRUE(LoadTestNameConstraint("directoryname.pem", &constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
std::string name;
@@ -1725,7 +1734,7 @@
&constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
std::string name;
@@ -1758,7 +1767,7 @@
LoadTestNameConstraint("rfc822name-permitted.pem", &constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
std::string name;
@@ -1791,7 +1800,7 @@
LoadTestNameConstraint("rfc822name-excluded.pem", &constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
std::string name;
@@ -1827,7 +1836,7 @@
&constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
std::string name_us_az_foocom;
@@ -1869,7 +1878,7 @@
"directoryname_and_dnsname_and_ipaddress.pem", &constraints_der));
CertErrors errors;
std::unique_ptr<NameConstraints> name_constraints(NameConstraints::Create(
- der::Input(constraints_der), is_critical(), &errors));
+ StringAsBytes(constraints_der), is_critical(), &errors));
ASSERT_TRUE(name_constraints);
std::string name_us_az_1_1_1_1;
diff --git a/src/pki/ocsp.cc b/src/pki/ocsp.cc
index 7984050..9f42403 100644
--- a/src/pki/ocsp.cc
+++ b/src/pki/ocsp.cc
@@ -19,6 +19,8 @@
#include <openssl/mem.h>
#include <openssl/pool.h>
#include <openssl/sha.h>
+#include <openssl/span.h>
+
#include "cert_errors.h"
#include "extended_key_usage.h"
#include "parsed_certificate.h"
@@ -887,9 +889,8 @@
return OCSPRevocationStatus::UNKNOWN;
}
- der::Input response_der(raw_response);
OCSPResponse response;
- if (!ParseOCSPResponse(response_der, &response)) {
+ if (!ParseOCSPResponse(StringAsBytes(raw_response), &response)) {
*response_details = OCSPVerifyResult::PARSE_RESPONSE_ERROR;
return OCSPRevocationStatus::UNKNOWN;
}
@@ -1056,6 +1057,11 @@
// issuerNameHash OCTET STRING, -- Hash of issuer's DN
// issuerKeyHash OCTET STRING, -- Hash of issuer's public key
// serialNumber CertificateSerialNumber }
+ //
+ // It is unclear whether the parameters for hashAlgorithm should be omitted or
+ // NULL. Section 2.1 of RFC 4055 would suggest omitting it is the right
+ // default behavior. However, both OpenSSL and Go include it, so we match them
+ // for now.
// TODO(eroman): Don't use SHA1.
const EVP_MD *md = EVP_sha1();
diff --git a/src/pki/ocsp_unittest.cc b/src/pki/ocsp_unittest.cc
index 25658cc..23a7d9f 100644
--- a/src/pki/ocsp_unittest.cc
+++ b/src/pki/ocsp_unittest.cc
@@ -15,8 +15,11 @@
#include "ocsp.h"
#include <gtest/gtest.h>
+
#include <openssl/base64.h>
#include <openssl/pool.h>
+#include <openssl/span.h>
+
#include "encode_values.h"
#include "string_util.h"
#include "test_helpers.h"
@@ -182,7 +185,8 @@
std::vector<uint8_t> encoded_request;
ASSERT_TRUE(CreateOCSPRequest(cert.get(), issuer.get(), &encoded_request));
- EXPECT_EQ(der::Input(encoded_request), der::Input(request_data));
+ EXPECT_EQ(der::Input(encoded_request),
+ der::Input(StringAsBytes(request_data)));
}
std::string_view kGetURLTestParams[] = {
diff --git a/src/pki/parse_certificate.h b/src/pki/parse_certificate.h
index 99b822e..d2bf9db 100644
--- a/src/pki/parse_certificate.h
+++ b/src/pki/parse_certificate.h
@@ -440,6 +440,32 @@
inline constexpr uint8_t kMSApplicationPoliciesOid[] = {
0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x15, 0x0a};
+// From GSMA RCC.16 v1.0 End-to-End Encryption Specification.
+// id-gsmaRCSE2EE OBJECT IDENTIFIER ::= { joint-iso-itu-t(2)
+// international-organizations(23) gsma(146) rcs(2) rcsE2EE (1)}
+// (Note this spec incorrectly says id-appleDraftRCSE2EE in place of
+// id-gmsaRCSE2EE in several places)
+//
+// From GSMA RCC.16 v1.0 End-to-End Encryption Specification section A.2.8.8,
+// and A.3.8.9.
+// id-participantInformation OBJECT IDENTIFIER ::= { id-gmsaRCS2EE 4 }
+// In dotted notation: 2.23.146.2.1.4
+inline constexpr uint8_t kRcsMlsParticipantInformation[] = {0x67, 0x81, 0x12,
+ 0x02, 0x01, 0x04};
+
+// From GSMA RCC.16 v1.0 End-to-End Encryption Specification.
+// id-gsmaRCSE2EE OBJECT IDENTIFIER ::= { joint-iso-itu-t(2)
+// international-organizations(23) gsma(146) rcs(2) rcsE2EE (1)}
+// (Note this spec incorrectly says id-appleDraftRCSE2EE in place of
+// id-gmsaRCSE2EE in several places)
+//
+// From GSMA RCC.16 v1.0 End-to-End Encryption Specification section A.2.8.8,
+// and A.3.8.10.
+// id-acsParticipantInformation OBJECT IDENTIFIER ::= { id-gmsaRCS2EE 5 }
+// In dotted notation: 2.23.146.2.1.5
+inline constexpr uint8_t kRcsMlsAcsParticipantInformation[] = {
+ 0x67, 0x81, 0x12, 0x02, 0x01, 0x05};
+
// Parses the Extensions sequence as defined by RFC 5280. Extensions are added
// to the map |extensions| keyed by the OID. Parsing guarantees that each OID
// is unique. Note that certificate verification must consume each extension
diff --git a/src/pki/parse_certificate_unittest.cc b/src/pki/parse_certificate_unittest.cc
index 8f867b9..19382a2 100644
--- a/src/pki/parse_certificate_unittest.cc
+++ b/src/pki/parse_certificate_unittest.cc
@@ -15,7 +15,10 @@
#include "parse_certificate.h"
#include <gtest/gtest.h>
+
#include <openssl/pool.h>
+#include <openssl/span.h>
+
#include "cert_errors.h"
#include "general_names.h"
#include "input.h"
@@ -73,7 +76,7 @@
der::BitString signature_value;
CertErrors errors;
bool actual_result =
- ParseCertificate(der::Input(data), &tbs_certificate_tlv,
+ ParseCertificate(StringAsBytes(data), &tbs_certificate_tlv,
&signature_algorithm_tlv, &signature_value, &errors);
EXPECT_EQ(expected_result, actual_result);
@@ -82,10 +85,12 @@
// Ensure that the parsed certificate matches expectations.
if (expected_result && actual_result) {
EXPECT_EQ(0, signature_value.unused_bits());
- EXPECT_EQ(der::Input(expected_signature), signature_value.bytes());
- EXPECT_EQ(der::Input(expected_signature_algorithm),
+ EXPECT_EQ(der::Input(StringAsBytes(expected_signature)),
+ signature_value.bytes());
+ EXPECT_EQ(der::Input(StringAsBytes(expected_signature_algorithm)),
signature_algorithm_tlv);
- EXPECT_EQ(der::Input(expected_tbs_certificate), tbs_certificate_tlv);
+ EXPECT_EQ(der::Input(StringAsBytes(expected_tbs_certificate)),
+ tbs_certificate_tlv);
}
}
@@ -177,7 +182,7 @@
ParsedTbsCertificate parsed;
CertErrors errors;
bool actual_result =
- ParseTbsCertificate(der::Input(data), {}, &parsed, &errors);
+ ParseTbsCertificate(StringAsBytes(data), {}, &parsed, &errors);
EXPECT_EQ(expected_result, actual_result);
VerifyCertErrors(expected_errors, errors, test_file_path);
@@ -189,36 +194,38 @@
// Ensure that the ParsedTbsCertificate matches expectations.
EXPECT_EQ(expected_version, parsed.version);
- EXPECT_EQ(der::Input(expected_serial_number), parsed.serial_number);
- EXPECT_EQ(der::Input(expected_signature_algorithm),
+ EXPECT_EQ(der::Input(StringAsBytes(expected_serial_number)),
+ parsed.serial_number);
+ EXPECT_EQ(der::Input(StringAsBytes(expected_signature_algorithm)),
parsed.signature_algorithm_tlv);
- EXPECT_EQ(der::Input(expected_issuer), parsed.issuer_tlv);
+ EXPECT_EQ(der::Input(StringAsBytes(expected_issuer)), parsed.issuer_tlv);
// In the test expectations PEM file, validity is described as a
// textual string of the parsed value (rather than as DER).
EXPECT_EQ(expected_validity_not_before, ToString(parsed.validity_not_before));
EXPECT_EQ(expected_validity_not_after, ToString(parsed.validity_not_after));
- EXPECT_EQ(der::Input(expected_subject), parsed.subject_tlv);
- EXPECT_EQ(der::Input(expected_spki), parsed.spki_tlv);
+ EXPECT_EQ(der::Input(StringAsBytes(expected_subject)), parsed.subject_tlv);
+ EXPECT_EQ(der::Input(StringAsBytes(expected_spki)), parsed.spki_tlv);
EXPECT_EQ(!expected_issuer_unique_id.empty(),
parsed.issuer_unique_id.has_value());
if (parsed.issuer_unique_id.has_value()) {
- EXPECT_EQ(der::Input(expected_issuer_unique_id),
+ EXPECT_EQ(der::Input(StringAsBytes(expected_issuer_unique_id)),
parsed.issuer_unique_id->bytes());
}
EXPECT_EQ(!expected_subject_unique_id.empty(),
parsed.subject_unique_id.has_value());
if (parsed.subject_unique_id.has_value()) {
- EXPECT_EQ(der::Input(expected_subject_unique_id),
+ EXPECT_EQ(der::Input(StringAsBytes(expected_subject_unique_id)),
parsed.subject_unique_id->bytes());
}
EXPECT_EQ(!expected_extensions.empty(), parsed.extensions_tlv.has_value());
if (parsed.extensions_tlv) {
- EXPECT_EQ(der::Input(expected_extensions), parsed.extensions_tlv.value());
+ EXPECT_EQ(der::Input(StringAsBytes(expected_extensions)),
+ parsed.extensions_tlv.value());
}
}
@@ -1018,7 +1025,7 @@
file_name;
EXPECT_TRUE(ReadTestDataFromPemFile(test_file_path, mappings));
- return ParseAuthorityKeyIdentifier(der::Input(*backing_bytes),
+ return ParseAuthorityKeyIdentifier(StringAsBytes(*backing_bytes),
authority_key_identifier);
}
diff --git a/src/pki/parsed_certificate.h b/src/pki/parsed_certificate.h
index 57a7f1d..88df692 100644
--- a/src/pki/parsed_certificate.h
+++ b/src/pki/parsed_certificate.h
@@ -21,6 +21,7 @@
#include <vector>
#include <openssl/base.h>
+#include <openssl/span.h>
#include "certificate_policies.h"
#include "input.h"
@@ -117,7 +118,7 @@
// Sequence tag). This is guaranteed to be valid DER, though the contents of
// unhandled string types are treated as raw bytes.
der::Input normalized_subject() const {
- return der::Input(normalized_subject_);
+ return StringAsBytes(normalized_subject_);
}
// Returns the DER-encoded raw issuer value (including the outer sequence
// tag). This is guaranteed to be valid DER, though the contents of unhandled
@@ -127,7 +128,7 @@
// Sequence tag). This is guaranteed to be valid DER, though the contents of
// unhandled string types are treated as raw bytes.
der::Input normalized_issuer() const {
- return der::Input(normalized_issuer_);
+ return StringAsBytes(normalized_issuer_);
}
// Returns true if the certificate has a BasicConstraints extension.
diff --git a/src/pki/simple_path_builder_delegate_unittest.cc b/src/pki/simple_path_builder_delegate_unittest.cc
index b345bc1..568cce6 100644
--- a/src/pki/simple_path_builder_delegate_unittest.cc
+++ b/src/pki/simple_path_builder_delegate_unittest.cc
@@ -11,13 +11,17 @@
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
+
#include "simple_path_builder_delegate.h"
#include <memory>
#include <set>
#include <gtest/gtest.h>
+
#include <openssl/nid.h>
+#include <openssl/span.h>
+
#include "cert_errors.h"
#include "input.h"
#include "parse_values.h"
@@ -48,11 +52,11 @@
ASSERT_TRUE(ReadTestDataFromPemFile(path, mappings));
std::optional<SignatureAlgorithm> sigalg_opt =
- ParseSignatureAlgorithm(der::Input(algorithm_str));
+ ParseSignatureAlgorithm(StringAsBytes(algorithm_str));
ASSERT_TRUE(sigalg_opt);
*signature_algorithm = *sigalg_opt;
- ASSERT_TRUE(ParsePublicKey(der::Input(public_key_str), public_key));
+ ASSERT_TRUE(ParsePublicKey(StringAsBytes(public_key_str), public_key));
}
class SimplePathBuilderDelegate1024SuccessTest
diff --git a/src/pki/test_helpers.cc b/src/pki/test_helpers.cc
index 20f082f..123aacb 100644
--- a/src/pki/test_helpers.cc
+++ b/src/pki/test_helpers.cc
@@ -26,6 +26,7 @@
#include <openssl/bytestring.h>
#include <openssl/mem.h>
#include <openssl/pool.h>
+#include <openssl/span.h>
#include "../crypto/test/test_data.h"
#include "cert_error_params.h"
@@ -123,7 +124,7 @@
} // namespace der
der::Input SequenceValueFromString(std::string_view s) {
- der::Parser parser((der::Input(s)));
+ der::Parser parser(StringAsBytes(s));
der::Input data;
if (!parser.ReadTag(CBS_ASN1_SEQUENCE, &data)) {
ADD_FAILURE();
@@ -299,7 +300,7 @@
if (value == "DEFAULT") {
value = "211005120000Z";
}
- if (!der::ParseUTCTime(der::Input(value), &test->time)) {
+ if (!der::ParseUTCTime(StringAsBytes(value), &test->time)) {
ADD_FAILURE() << "Failed parsing UTC time";
return false;
}
@@ -319,6 +320,12 @@
test->key_purpose = KeyPurpose::SERVER_AUTH_STRICT_LEAF;
} else if (value == "CLIENT_AUTH_STRICT_LEAF") {
test->key_purpose = KeyPurpose::CLIENT_AUTH_STRICT_LEAF;
+ } else if (value == "MLS_CLIENT_AUTH") {
+ test->key_purpose = KeyPurpose::RCS_MLS_CLIENT_AUTH;
+ } else if (value == "C2PA_TIMESTAMPING") {
+ test->key_purpose = KeyPurpose::C2PA_TIMESTAMPING;
+ } else if (value == "C2PA_MANIFEST") {
+ test->key_purpose = KeyPurpose::C2PA_MANIFEST;
} else {
ADD_FAILURE() << "Unrecognized key_purpose: " << value;
return false;
diff --git a/src/pki/testdata/nist-pkits/README.chromium b/src/pki/testdata/nist-pkits/README.chromium
deleted file mode 100644
index 3f09e09..0000000
--- a/src/pki/testdata/nist-pkits/README.chromium
+++ /dev/null
@@ -1,20 +0,0 @@
-Name: NIST Public Key Interoperability Test Suite
-Short Name: NIST PKITS
-URL: http://csrc.nist.gov/groups/ST/crypto_apps_infra/pki/pkitesting.html
-Version: 1.0.1
-Date: 2011-04-14
-License: Public Domain: United States Government Work under 17 U.S.C. 105
-Shipped: no
-Security Critical: no
-
-Description:
-The Public Key Interoperability Test Suite (PKITS) is a comprehensive X.509
-path validation test suite that was developed by NIST in conjunction with BAE
-Systems and NSA. The PKITS path validation test suite is designed to cover
-most of the features specified in X.509 and RFC 3280.
-
-Local Modifications:
-Only the certs/ and crls/ directories were extracted from PKITS_data.zip.
-
-pkits_testcases-inl.h is generated from the test descriptions in PKITS.pdf
-using generate_tests.py.
diff --git a/src/pki/testdata/nist-pkits/README.md b/src/pki/testdata/nist-pkits/README.md
new file mode 100644
index 0000000..c1e001e
--- /dev/null
+++ b/src/pki/testdata/nist-pkits/README.md
@@ -0,0 +1,7 @@
+# NIST Public Key Interoperability Test Suite
+
+This directory contains test data from the NIST [Public Key Interoperability Test Suite](http://csrc.nist.gov/groups/ST/crypto_apps_infra/pki/pkitesting.html) (NIST PKITS), version 1.0.1, fetched 2011-04-14. NIST PKITS test data is under public domain (United States Government Work under 17 U.S.C. 105). This directory is not included in BoringSSL when compiled and is only used for testing.
+
+Only the `certs/` and `crls/` directories were extracted from `PKITS_data.zip`.
+
+`pkits_testcases-inl.h` is generated from the test descriptions in `PKITS.pdf` using `generate_tests.py`.
diff --git a/src/pki/testdata/verify_certificate_chain_unittest/generate-all.sh b/src/pki/testdata/verify_certificate_chain_unittest/generate-all.sh
index 15dc4ff..4941ca3 100755
--- a/src/pki/testdata/verify_certificate_chain_unittest/generate-all.sh
+++ b/src/pki/testdata/verify_certificate_chain_unittest/generate-all.sh
@@ -16,6 +16,11 @@
set -e
+# As generate-chains.py calls out to the openssl command under the hood
+# this is suboptimal if you don't have openssl installed. We should
+# replace generate-chains.py
+# TODO(bbe): crbug.com/402461221
+
for dir in */ ; do
cd "$dir"
diff --git a/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/any.test b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/any.test
new file mode 100644
index 0000000..4d092a9
--- /dev/null
+++ b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/any.test
@@ -0,0 +1,5 @@
+chain: chain.pem
+last_cert_trust: TRUSTED_ANCHOR
+utc_time: DEFAULT
+key_purpose: ANY_EKU
+expected_errors:
diff --git a/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/c2pamanifest.test b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/c2pamanifest.test
new file mode 100644
index 0000000..ffae69c
--- /dev/null
+++ b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/c2pamanifest.test
@@ -0,0 +1,5 @@
+chain: chain.pem
+last_cert_trust: TRUSTED_ANCHOR
+utc_time: DEFAULT
+key_purpose: C2PA_MANIFEST
+expected_errors:
diff --git a/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/c2patimestamp.test b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/c2patimestamp.test
new file mode 100644
index 0000000..c587a36
--- /dev/null
+++ b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/c2patimestamp.test
@@ -0,0 +1,8 @@
+chain: chain.pem
+last_cert_trust: TRUSTED_ANCHOR
+utc_time: DEFAULT
+key_purpose: C2PA_TIMESTAMPING
+expected_errors:
+----- Certificate i=0 (CN=C2PA Cert Leaf) -----
+ERROR: The extended key usage does not contain the time stamping key purpose, or contains prohibited key usages
+
diff --git a/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/chain.pem b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/chain.pem
new file mode 100644
index 0000000..321652c
--- /dev/null
+++ b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/chain.pem
@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIIBlDCCATqgAwIBAgIBAzAKBggqhkjOPQQDAjAhMR8wHQYDVQQDExZDMlBBIENl
+cnQgSW50ZXJtZWRpYXRlMCIYDzAwMDAwMTAxMDAwMDAwWhgPOTk5OTEyMzEyMzU5
+NTlaMBkxFzAVBgNVBAMTDkMyUEEgQ2VydCBMZWFmMFkwEwYHKoZIzj0CAQYIKoZI
+zj0DAQcDQgAEkSrYvFVtkZJmvirfY0JDDYrZQrNJecPLt0ksJux2URL5nAQiQY1S
+ERGnEaiNLpoc0dleTS8wQT/cjw/wPgoeV6NnMGUwDgYDVR0PAQH/BAQDAgeAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDBDAMBgNVHRMBAf8EAjAAMA0GA1Ud
+DgQGBARsZWFmMBcGA1UdIwQQMA6ADGludGVybWVkaWF0ZTAKBggqhkjOPQQDAgNI
+ADBFAiAqKEacSfBZeF/TXI04niDtv5S+UJ7/TVFAwnC8xH75uwIhAJSQsLXs+a3O
+NkoRHJKGsnuJ8Py2hMfY7r6h95b4p5A3
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIBijCCATGgAwIBAgIBAjAKBggqhkjOPQQDAjAZMRcwFQYDVQQDEw5DMlBBIENl
+cnQgUm9vdDAiGA8wMDAwMDEwMTAwMDAwMFoYDzk5OTkxMjMxMjM1OTU5WjAhMR8w
+HQYDVQQDExZDMlBBIENlcnQgSW50ZXJtZWRpYXRlMFkwEwYHKoZIzj0CAQYIKoZI
+zj0DAQcDQgAE4jp8qIzeMUuQvICfzxy+XDhLDG7KBGOik/cUUEofJRC+HdVW9+pK
+lIJKannRCJqNDoODsJOlVlVUf5uC5PslMKNeMFwwDgYDVR0PAQH/BAQDAgIEMBEG
+A1UdJQQKMAgGBmeBEgIBAzAPBgNVHRMBAf8EBTADAQH/MBUGA1UdDgQOBAxpbnRl
+cm1lZGlhdGUwDwYDVR0jBAgwBoAEcm9vdDAKBggqhkjOPQQDAgNHADBEAiBIGr9B
+G10qB/vTMMruFZWBwzUFM7AnP9tlpqKyRorXJwIgEQDzXE5xS+q9PiRjtnD5NA2k
+2tBHjho1duXcd1EsKdc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIBVTCB/aADAgECAgEBMAoGCCqGSM49BAMCMBkxFzAVBgNVBAMTDkMyUEEgQ2Vy
+dCBSb290MCIYDzAwMDAwMTAxMDAwMDAwWhgPOTk5OTEyMzEyMzU5NTlaMBkxFzAV
+BgNVBAMTDkMyUEEgQ2VydCBSb290MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
+Jnal2JdRr2O8t43E0yujFVyEK+OE6goUWCOiHlfbSAeoyLDmPkKJdW5PMf+wORRj
+p1FhVSxADxD0icD53Y6JbaMyMDAwDgYDVR0PAQH/BAQDAgIEMA8GA1UdEwEB/wQF
+MAMBAf8wDQYDVR0OBAYEBHJvb3QwCgYIKoZIzj0EAwIDRwAwRAIgcB1lb5KE/GOi
+RTy4bcRudwGKQ65BMBPn2AVGPnmrJ9wCIGwrE1m36y5EkgDHujNcnQD+x6o6gqj3
+WOZICZjXCDKx
+-----END CERTIFICATE-----
diff --git a/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/clientauth.test b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/clientauth.test
new file mode 100644
index 0000000..b46cc5a
--- /dev/null
+++ b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/clientauth.test
@@ -0,0 +1,11 @@
+chain: chain.pem
+last_cert_trust: TRUSTED_ANCHOR
+utc_time: DEFAULT
+key_purpose: CLIENT_AUTH
+expected_errors:
+----- Certificate i=0 (CN=C2PA Cert Leaf) -----
+ERROR: The extended key usage does not include client auth
+
+----- Certificate i=1 (CN=C2PA Cert Intermediate) -----
+ERROR: The extended key usage does not include client auth
+
diff --git a/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/make-chain.go b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/make-chain.go
new file mode 100644
index 0000000..49ed58b
--- /dev/null
+++ b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/make-chain.go
@@ -0,0 +1,171 @@
+// Copyright 2025 The BoringSSL Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//go:build ignore
+
+// make-chain generates a test certificate chain.
+package main
+
+import (
+ "crypto/ecdsa"
+ "crypto/rand"
+ "crypto/x509"
+ "crypto/x509/pkix"
+ "encoding/asn1"
+ "encoding/pem"
+ "math/big"
+ "os"
+ "time"
+)
+
+var leafKey, intermediateKey, rootKey *ecdsa.PrivateKey
+
+func init() {
+ leafKey = mustParseECDSAKey(leafKeyPEM)
+ intermediateKey = mustParseECDSAKey(intermediateKeyPEM)
+ rootKey = mustParseECDSAKey(rootKeyPEM)
+}
+
+type templateAndKey struct {
+ template x509.Certificate
+ key *ecdsa.PrivateKey
+}
+
+func mustStartChain(path string, subject, issuer *templateAndKey) []byte {
+ cert, err := x509.CreateCertificate(rand.Reader, &subject.template, &issuer.template, &subject.key.PublicKey, issuer.key)
+ if err != nil {
+ panic(err)
+ }
+ file, err := os.OpenFile(path, os.O_TRUNC|os.O_CREATE|os.O_WRONLY, 0644)
+ if err != nil {
+ panic(err)
+ }
+ defer file.Close()
+ err = pem.Encode(file, &pem.Block{Type: "CERTIFICATE", Bytes: cert})
+ if err != nil {
+ panic(err)
+ }
+ file.Close()
+ return cert
+}
+
+func mustAppendToChain(path string, subject, issuer *templateAndKey) []byte {
+ cert, err := x509.CreateCertificate(rand.Reader, &subject.template, &issuer.template, &subject.key.PublicKey, issuer.key)
+ if err != nil {
+ panic(err)
+ }
+ file, err := os.OpenFile(path, os.O_APPEND|os.O_WRONLY, 0644)
+ if err != nil {
+ panic(err)
+ }
+ defer file.Close()
+ err = pem.Encode(file, &pem.Block{Type: "CERTIFICATE", Bytes: cert})
+ if err != nil {
+ panic(err)
+ }
+ file.Close()
+ return cert
+}
+
+func main() {
+ notBefore, err := time.Parse(time.RFC3339, "0000-01-01T00:00:00Z")
+ if err != nil {
+ panic(err)
+ }
+ notAfter, err := time.Parse(time.RFC3339, "9999-12-31T23:59:59Z")
+ if err != nil {
+ panic(err)
+ }
+
+ root := templateAndKey{
+ template: x509.Certificate{
+ SerialNumber: new(big.Int).SetInt64(1),
+ Subject: pkix.Name{CommonName: "C2PA Cert Root"},
+ NotBefore: notBefore,
+ NotAfter: notAfter,
+ BasicConstraintsValid: true,
+ IsCA: true,
+ KeyUsage: x509.KeyUsageCertSign,
+ SignatureAlgorithm: x509.ECDSAWithSHA256,
+ SubjectKeyId: []byte("root"),
+ },
+ key: rootKey,
+ }
+ intermediate := templateAndKey{
+ template: x509.Certificate{
+ SerialNumber: new(big.Int).SetInt64(2),
+ Subject: pkix.Name{CommonName: "C2PA Cert Intermediate"},
+ NotBefore: notBefore,
+ NotAfter: notAfter,
+ BasicConstraintsValid: true,
+ IsCA: true,
+ KeyUsage: x509.KeyUsageCertSign,
+ SignatureAlgorithm: x509.ECDSAWithSHA256,
+ SubjectKeyId: []byte("intermediate"),
+ UnknownExtKeyUsage: []asn1.ObjectIdentifier{[]int{2, 23, 146, 2, 1, 3}},
+ },
+ key: intermediateKey,
+ }
+
+ leaf := templateAndKey{
+ template: x509.Certificate{
+ SerialNumber: new(big.Int).SetInt64(3),
+ Subject: pkix.Name{CommonName: "C2PA Cert Leaf"},
+ NotBefore: notBefore,
+ NotAfter: notAfter,
+ BasicConstraintsValid: true,
+ IsCA: false,
+ KeyUsage: x509.KeyUsageDigitalSignature,
+ ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth, x509.ExtKeyUsageEmailProtection},
+ SignatureAlgorithm: x509.ECDSAWithSHA256,
+ SubjectKeyId: []byte("leaf"),
+ },
+ key: leafKey,
+ }
+
+ // Generate a valid certificate chain from the templates.
+ mustStartChain("chain.pem", &leaf, &intermediate)
+ mustAppendToChain("chain.pem", &intermediate, &root)
+ mustAppendToChain("chain.pem", &root, &root)
+}
+
+const leafKeyPEM = `-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgoPUXNXuH9mgiS/nk
+024SYxryxMa3CyGJldiHymLxSquhRANCAASRKti8VW2Rkma+Kt9jQkMNitlCs0l5
+w8u3SSwm7HZREvmcBCJBjVIREacRqI0umhzR2V5NLzBBP9yPD/A+Ch5X
+-----END PRIVATE KEY-----`
+
+const intermediateKeyPEM = `-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgWHKCKgY058ahE3t6
+vpxVQgzlycgCVMogwjK0y3XMNfWhRANCAATiOnyojN4xS5C8gJ/PHL5cOEsMbsoE
+Y6KT9xRQSh8lEL4d1Vb36kqUgkpqedEImo0Og4Owk6VWVVR/m4Lk+yUw
+-----END PRIVATE KEY-----`
+
+const rootKeyPEM = `-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgBwND/eHytW0I417J
+Hr+qcPlp5N1jM3ACXys57bPujg+hRANCAAQmdqXYl1GvY7y3jcTTK6MVXIQr44Tq
+ChRYI6IeV9tIB6jIsOY+Qol1bk8x/7A5FGOnUWFVLEAPEPSJwPndjolt
+-----END PRIVATE KEY-----`
+
+func mustParseECDSAKey(in string) *ecdsa.PrivateKey {
+ keyBlock, _ := pem.Decode([]byte(in))
+ if keyBlock == nil || keyBlock.Type != "PRIVATE KEY" {
+ panic("could not decode private key")
+ }
+ key, err := x509.ParsePKCS8PrivateKey(keyBlock.Bytes)
+ if err != nil {
+ panic(err)
+ }
+ return key.(*ecdsa.PrivateKey)
+}
diff --git a/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/serverauth.test b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/serverauth.test
new file mode 100644
index 0000000..ee67119
--- /dev/null
+++ b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2pamanifest/serverauth.test
@@ -0,0 +1,8 @@
+chain: chain.pem
+last_cert_trust: TRUSTED_ANCHOR
+utc_time: DEFAULT
+key_purpose: SERVER_AUTH
+expected_errors:
+----- Certificate i=1 (CN=C2PA Cert Intermediate) -----
+ERROR: The extended key usage does not include server auth
+
diff --git a/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/any.test b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/any.test
new file mode 100644
index 0000000..4d092a9
--- /dev/null
+++ b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/any.test
@@ -0,0 +1,5 @@
+chain: chain.pem
+last_cert_trust: TRUSTED_ANCHOR
+utc_time: DEFAULT
+key_purpose: ANY_EKU
+expected_errors:
diff --git a/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/c2pamanifest.test b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/c2pamanifest.test
new file mode 100644
index 0000000..e48463c
--- /dev/null
+++ b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/c2pamanifest.test
@@ -0,0 +1,8 @@
+chain: chain.pem
+last_cert_trust: TRUSTED_ANCHOR
+utc_time: DEFAULT
+key_purpose: C2PA_MANIFEST
+expected_errors:
+----- Certificate i=0 (CN=C2PA Cert Leaf) -----
+ERROR: The extended key usage must contain at least one of: email protection or document signing, and must not contain prohibited key usages
+
diff --git a/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/c2patimestamp.test b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/c2patimestamp.test
new file mode 100644
index 0000000..b6c6911
--- /dev/null
+++ b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/c2patimestamp.test
@@ -0,0 +1,5 @@
+chain: chain.pem
+last_cert_trust: TRUSTED_ANCHOR
+utc_time: DEFAULT
+key_purpose: C2PA_TIMESTAMPING
+expected_errors:
diff --git a/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/chain.pem b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/chain.pem
new file mode 100644
index 0000000..8df49ce
--- /dev/null
+++ b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/chain.pem
@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIIBgzCCASqgAwIBAgIBAzAKBggqhkjOPQQDAjAhMR8wHQYDVQQDExZDMlBBIENl
+cnQgSW50ZXJtZWRpYXRlMCIYDzAwMDAwMTAxMDAwMDAwWhgPOTk5OTEyMzEyMzU5
+NTlaMBkxFzAVBgNVBAMTDkMyUEEgQ2VydCBMZWFmMFkwEwYHKoZIzj0CAQYIKoZI
+zj0DAQcDQgAEkSrYvFVtkZJmvirfY0JDDYrZQrNJecPLt0ksJux2URL5nAQiQY1S
+ERGnEaiNLpoc0dleTS8wQT/cjw/wPgoeV6NXMFUwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMIMAwGA1UdEwEB/wQCMAAwDQYDVR0OBAYEBGxlYWYwFwYDVR0j
+BBAwDoAMaW50ZXJtZWRpYXRlMAoGCCqGSM49BAMCA0cAMEQCIDfZSkZ9qfE9DtRb
+lU5IOLhh8xpEcwoaQWRUS2UIIAD5AiAFbPG4214Y2skTsSVm58ynjbjam/lO36V0
+C5YREd86tw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIBizCCATGgAwIBAgIBAjAKBggqhkjOPQQDAjAZMRcwFQYDVQQDEw5DMlBBIENl
+cnQgUm9vdDAiGA8wMDAwMDEwMTAwMDAwMFoYDzk5OTkxMjMxMjM1OTU5WjAhMR8w
+HQYDVQQDExZDMlBBIENlcnQgSW50ZXJtZWRpYXRlMFkwEwYHKoZIzj0CAQYIKoZI
+zj0DAQcDQgAE4jp8qIzeMUuQvICfzxy+XDhLDG7KBGOik/cUUEofJRC+HdVW9+pK
+lIJKannRCJqNDoODsJOlVlVUf5uC5PslMKNeMFwwDgYDVR0PAQH/BAQDAgIEMBEG
+A1UdJQQKMAgGBmeBEgIBAzAPBgNVHRMBAf8EBTADAQH/MBUGA1UdDgQOBAxpbnRl
+cm1lZGlhdGUwDwYDVR0jBAgwBoAEcm9vdDAKBggqhkjOPQQDAgNIADBFAiEA+M4D
+YTyTHKD6Ism47OXmG52xO0kNCiFSmZ69/6zNW+QCIEPo5nZgHp8QvYN8wMVMKtbt
+dAKAnjgW98HoANRg8zI5
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIBVjCB/aADAgECAgEBMAoGCCqGSM49BAMCMBkxFzAVBgNVBAMTDkMyUEEgQ2Vy
+dCBSb290MCIYDzAwMDAwMTAxMDAwMDAwWhgPOTk5OTEyMzEyMzU5NTlaMBkxFzAV
+BgNVBAMTDkMyUEEgQ2VydCBSb290MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
+Jnal2JdRr2O8t43E0yujFVyEK+OE6goUWCOiHlfbSAeoyLDmPkKJdW5PMf+wORRj
+p1FhVSxADxD0icD53Y6JbaMyMDAwDgYDVR0PAQH/BAQDAgIEMA8GA1UdEwEB/wQF
+MAMBAf8wDQYDVR0OBAYEBHJvb3QwCgYIKoZIzj0EAwIDSAAwRQIhAIfA7n5sX+4L
+S7/98FuSque5GpwHoELRrQdDxvqzb97oAiBugKrTQN76A+/hvoHQmylV07xnq0v2
+Jn77ADgWGozs8Q==
+-----END CERTIFICATE-----
diff --git a/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/clientauth.test b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/clientauth.test
new file mode 100644
index 0000000..b5b9e03
--- /dev/null
+++ b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/clientauth.test
@@ -0,0 +1,12 @@
+chain: chain.pem
+last_cert_trust: TRUSTED_ANCHOR
+utc_time: DEFAULT
+key_purpose: CLIENT_AUTH
+expected_errors:
+----- Certificate i=0 (CN=C2PA Cert Leaf) -----
+WARNING: The extended key usage includes time stamping which is not permitted for this use
+ERROR: The extended key usage does not include client auth
+
+----- Certificate i=1 (CN=C2PA Cert Intermediate) -----
+ERROR: The extended key usage does not include client auth
+
diff --git a/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/make-chain.go b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/make-chain.go
new file mode 100644
index 0000000..3a3de84
--- /dev/null
+++ b/src/pki/testdata/verify_certificate_chain_unittest/intermediate-eku-c2patimestamping/make-chain.go
@@ -0,0 +1,170 @@
+// Copyright 2025 The BoringSSL Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//go:build ignore
+
+// make-chain generates a test certificate chain.
+package main
+
+import (
+ "crypto/ecdsa"
+ "crypto/rand"
+ "crypto/x509"
+ "crypto/x509/pkix"
+ "encoding/asn1"
+ "encoding/pem"
+ "math/big"
+ "os"
+ "time"
+)
+
+var leafKey, intermediateKey, rootKey *ecdsa.PrivateKey
+
+func init() {
+ leafKey = mustParseECDSAKey(leafKeyPEM)
+ intermediateKey = mustParseECDSAKey(intermediateKeyPEM)
+ rootKey = mustParseECDSAKey(rootKeyPEM)
+}
+
+type templateAndKey struct {
+ template x509.Certificate
+ key *ecdsa.PrivateKey
+}
+
+func mustStartChain(path string, subject, issuer *templateAndKey) []byte {
+ cert, err := x509.CreateCertificate(rand.Reader, &subject.template, &issuer.template, &subject.key.PublicKey, issuer.key)
+ if err != nil {
+ panic(err)
+ }
+ file, err := os.OpenFile(path, os.O_TRUNC|os.O_CREATE|os.O_WRONLY, 0644)
+ if err != nil {
+ panic(err)
+ }
+ defer file.Close()
+ err = pem.Encode(file, &pem.Block{Type: "CERTIFICATE", Bytes: cert})
+ if err != nil {
+ panic(err)
+ }
+ file.Close()
+ return cert
+}
+
+func mustAppendToChain(path string, subject, issuer *templateAndKey) []byte {
+ cert, err := x509.CreateCertificate(rand.Reader, &subject.template, &issuer.template, &subject.key.PublicKey, issuer.key)
+ if err != nil {
+ panic(err)
+ }
+ file, err := os.OpenFile(path, os.O_APPEND|os.O_WRONLY, 0644)
+ if err != nil {
+ panic(err)
+ }
+ defer file.Close()
+ err = pem.Encode(file, &pem.Block{Type: "CERTIFICATE", Bytes: cert})
+ if err != nil {
+ panic(err)
+ }
+ file.Close()
+ return cert
+}
+
+func main() {
+ notBefore, err := time.Parse(time.RFC3339, "0000-01-01T00:00:00Z")
+ if err != nil {
+ panic(err)
+ }
+ notAfter, err := time.Parse(time.RFC3339, "9999-12-31T23:59:59Z")
+ if err != nil {
+ panic(err)
+ }
+
+ root := templateAndKey{
+ template: x509.Certificate{
+ SerialNumber: new(big.Int).SetInt64(1),
+ Subject: pkix.Name{CommonName: "C2PA Cert Root"},
+ NotBefore: notBefore,
+ NotAfter: notAfter,
+ BasicConstraintsValid: true,
+ IsCA: true,
+ KeyUsage: x509.KeyUsageCertSign,
+ SignatureAlgorithm: x509.ECDSAWithSHA256,
+ SubjectKeyId: []byte("root"),
+ },
+ key: rootKey,
+ }
+ intermediate := templateAndKey{
+ template: x509.Certificate{
+ SerialNumber: new(big.Int).SetInt64(2),
+ Subject: pkix.Name{CommonName: "C2PA Cert Intermediate"},
+ NotBefore: notBefore,
+ NotAfter: notAfter,
+ BasicConstraintsValid: true,
+ IsCA: true,
+ KeyUsage: x509.KeyUsageCertSign,
+ SignatureAlgorithm: x509.ECDSAWithSHA256,
+ SubjectKeyId: []byte("intermediate"),
+ UnknownExtKeyUsage: []asn1.ObjectIdentifier{[]int{2, 23, 146, 2, 1, 3}},
+ },
+ key: intermediateKey,
+ }
+
+ leaf := templateAndKey{
+ template: x509.Certificate{
+ SerialNumber: new(big.Int).SetInt64(3),
+ Subject: pkix.Name{CommonName: "C2PA Cert Leaf"},
+ NotBefore: notBefore,
+ NotAfter: notAfter,
+ BasicConstraintsValid: true,
+ IsCA: false,
+ ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth, x509.ExtKeyUsageTimeStamping},
+ SignatureAlgorithm: x509.ECDSAWithSHA256,
+ SubjectKeyId: []byte("leaf"),
+ },
+ key: leafKey,
+ }
+
+ // Generate a valid certificate chain from the templates.