| /ssl/ |
| A D | ssl_asn1.cc | 145 if (in == NULL || in->cipher == NULL) { in SSL_SESSION_to_bytes_full()
169 if (sk_CRYPTO_BUFFER_num(in->certs.get()) > 0 && !in->peer_sha256_valid) { in SSL_SESSION_to_bytes_full()
192 if (in->psk_identity) { in SSL_SESSION_to_bytes_full()
216 if (in->peer_sha256_valid) { in SSL_SESSION_to_bytes_full()
280 if (in->ticket_age_add_valid) { in SSL_SESSION_to_bytes_full()
288 if (!in->is_server) { in SSL_SESSION_to_bytes_full()
307 if (in->timeout != in->auth_timeout && in SSL_SESSION_to_bytes_full()
313 if (!in->early_alpn.empty()) { in SSL_SESSION_to_bytes_full()
321 if (in->is_quic) { in SSL_SESSION_to_bytes_full()
720 if (in->not_resumable) { in SSL_SESSION_to_bytes()
[all …]
|
| A D | ssl_file.cc | 111 if (in == nullptr) { in STACK_OF()
126 if (in == nullptr) { in SSL_add_file_cert_subjects_to_stack()
134 if (in == nullptr) { in SSL_use_certificate_file()
143 x.reset(d2i_X509_bio(in.get(), nullptr)); in SSL_use_certificate_file()
164 if (in == nullptr) { in SSL_use_RSAPrivateKey_file()
193 if (in == nullptr) { in SSL_use_PrivateKey_file()
223 if (in == nullptr) { in SSL_CTX_use_certificate_file()
232 x.reset(d2i_X509_bio(in.get(), nullptr)); in SSL_CTX_use_certificate_file()
252 if (in == nullptr) { in SSL_CTX_use_RSAPrivateKey_file()
281 if (in == nullptr) { in SSL_CTX_use_PrivateKey_file()
[all …]
|
| A D | s3_pkt.cc | 36 Span<const uint8_t> in);
51 if (in.size() < total_bytes_written) { in tls_write_app_data()
62 in = in.subspan(total_bytes_written); in tls_write_app_data()
94 in = in.subspan(bytes_written); in tls_write_app_data()
178 if (!in.empty()) { in do_tls_write()
180 if (max_ciphertext_len < in.size() || in do_tls_write()
208 if (!in.empty()) { in do_tls_write()
211 buf->remaining().size(), type, in.data(), in.size())) { in do_tls_write()
225 if (!in.empty()) { in do_tls_write()
226 ssl->s3->pending_write = in; in do_tls_write()
[all …]
|
| A D | ssl_aead_ctx.cc | 231 *out = in; in Open()
240 if (in.size() < overhead) { in Open()
245 plaintext_len = in.size() - overhead; in Open()
267 if (in.size() < variable_nonce_len_) { in Open()
273 in = in.subspan(variable_nonce_len_); in Open()
290 if (!EVP_AEAD_CTX_open(ctx_.get(), in.data(), &len, in.size(), nonce, in Open()
291 nonce_len, in.data(), in.size(), ad.data(), in Open()
295 *out = in.subspan(0, len); in Open()
311 if ((in != out && buffers_alias(in, in_len, out, in_len)) || in SealScatter()
312 buffers_alias(in, in_len, out_prefix, prefix_len) || in SealScatter()
[all …]
|
| A D | tls_record.cc | 105 CBS cbs = CBS(in); in tls_open_record()
146 Span<const uint8_t> header = in.subspan(0, SSL3_RT_HEADER_LENGTH); in tls_open_record()
149 *out_consumed = in.size() - CBS_len(&cbs); in tls_open_record()
282 assert(in == out || !buffers_alias(in, in_len, out, in_len)); in do_seal_record()
284 assert(!buffers_alias(in, in_len, out_suffix, suffix_len)); in do_seal_record()
409 if (buffers_alias(in, in_len, out, max_out_len)) { in tls_seal_record()
441 Span<const uint8_t> in) { in ssl_process_alert() argument
443 if (in.size() != 2) { in ssl_process_alert()
449 ssl_do_msg_callback(ssl, 0 /* read */, SSL3_RT_ALERT, in); in ssl_process_alert()
451 const uint8_t alert_level = in[0]; in ssl_process_alert()
[all …]
|
| A D | ssl_transcript.cc | 157 bool SSLTranscript::Update(Span<const uint8_t> in) { in Update() argument
159 return AddToBufferOrHash(in); in Update()
161 if (in.size() < DTLS1_HM_HEADER_LENGTH) { in Update()
171 if (!AddToBufferOrHash(in.subspan(0, 4)) || in Update()
172 !AddToBufferOrHash(in.subspan(12))) { in Update()
178 bool SSLTranscript::AddToBufferOrHash(Span<const uint8_t> in) { in AddToBufferOrHash() argument
182 !BUF_MEM_append(buffer_.get(), in.data(), in.size())) { in AddToBufferOrHash()
187 EVP_DigestUpdate(hash_.get(), in.data(), in.size()); in AddToBufferOrHash()
|
| A D | d1_pkt.cc | 162 Span<uint8_t> in) { in dtls1_open_app_data() argument
169 out_alert, in); in dtls1_open_app_data()
248 if (in.size() > SSL3_RT_MAX_PLAIN_LENGTH) { in dtls1_write_app_data()
253 if (in.empty()) { in dtls1_write_app_data()
259 int ret = dtls1_write_record(ssl, SSL3_RT_APPLICATION_DATA, in, in dtls1_write_app_data()
264 *out_bytes_written = in.size(); in dtls1_write_app_data()
268 int dtls1_write_record(SSL *ssl, int type, Span<const uint8_t> in, in dtls1_write_record() argument
271 assert(in.size() <= SSL3_RT_MAX_PLAIN_LENGTH); in dtls1_write_record()
277 if (in.size() > SSL3_RT_MAX_PLAIN_LENGTH) { in dtls1_write_record()
285 in.size() + SSL_max_seal_overhead(ssl)) || in dtls1_write_record()
[all …]
|
| A D | dtls_record.cc | 183 if (!CBS_get_bytes(in, &seq_bytes, seq_len)) { in parse_dtls13_record()
195 BSSL_CHECK(CBS_get_bytes(in, &out->body, CBS_len(in))); in parse_dtls13_record()
237 if (!CBS_get_u16(in, &out->version) || // in parse_dtls12_record()
238 !CBS_get_u64(in, &epoch_and_seq) || in parse_dtls12_record()
302 if (in.empty()) { in dtls_open_record()
306 CBS cbs(in); in dtls_open_record()
310 *out_consumed = in.size(); in dtls_open_record()
322 *out_consumed = in.size() - CBS_len(&cbs); in dtls_open_record()
338 *out_consumed = in.size() - CBS_len(&cbs); in dtls_open_record()
341 *out_consumed = in.size() - CBS_len(&cbs); in dtls_open_record()
[all …]
|
| A D | s3_both.cc | 41 Span<const uint8_t> in) { in add_record_to_flight() argument
54 size_t max_out = in.size() + SSL_max_seal_overhead(ssl); in add_record_to_flight()
56 if (max_out < in.size() || new_cap < max_out) { in add_record_to_flight()
66 &len, max_out, type, in.data(), in.size())) { in add_record_to_flight()
258 assert(in.size() >= SSL3_RT_HEADER_LENGTH); in read_v2_client_hello()
260 size_t msg_length = ((in[0] & 0x7f) << 8) | in[1]; in read_v2_client_hello()
274 if (in.size() < 2 + msg_length) { in read_v2_client_hello()
468 if (in.size() < SSL3_RT_HEADER_LENGTH) { in tls_open_handshake()
476 auto str = bssl::BytesAsStringView(in); in tls_open_handshake()
492 if ((in[0] & 0x80) != 0 && in[2] == SSL2_MT_CLIENT_HELLO && in tls_open_handshake()
[all …]
|
| A D | internal.h | 465 bool Update(Span<const uint8_t> in);
487 bool AddToBufferOrHash(Span<const uint8_t> in);
873 uint16_t sigalg, Span<const uint8_t> in);
890 Span<const uint8_t> in);
1026 Span<const uint8_t> in);
1148 UniquePtr<EVP_PKEY> ssl_cert_parse_pubkey(const CBS *in);
2198 bool ssl_is_valid_alpn_list(Span<const uint8_t> in);
2463 Span<uint8_t> in);
2539 Span<uint8_t> in);
3491 Span<uint8_t> in);
[all …]
|
| A D | ssl_privkey.cc | 197 uint16_t sigalg, Span<const uint8_t> in) { in ssl_private_key_sign() argument
215 in == hints->signature_input && // in ssl_private_key_sign()
234 ret = key_method->sign(ssl, out, out_len, max_out, sigalg, in.data(), in ssl_private_key_sign()
235 in.size()); in ssl_private_key_sign()
248 !EVP_DigestSign(ctx.get(), out, out_len, in.data(), in.size())) { in ssl_private_key_sign()
257 if (!hints->signature_input.CopyFrom(in) || in ssl_private_key_sign()
267 Span<const uint8_t> in) { in ssl_public_key_verify() argument
273 in.data(), in.size()); in ssl_public_key_verify()
294 ret = cred->key_method->decrypt(ssl, out, out_len, max_out, in.data(), in ssl_private_key_decrypt()
295 in.size()); in ssl_private_key_decrypt()
[all …]
|
| A D | ssl_cert.cc | 189 static bool ssl_cert_skip_to_spki(const CBS *in, CBS *out_tbs_cert) { in ssl_cert_skip_to_spki() argument
205 CBS buf = *in; in ssl_cert_skip_to_spki()
232 bool ssl_cert_extract_issuer(const CBS *in, CBS *out_dn) { in ssl_cert_extract_issuer() argument
233 CBS buf = *in; in ssl_cert_extract_issuer()
255 bool ssl_cert_matches_issuer(const CBS *in, const CBS *dn) { in ssl_cert_matches_issuer() argument
258 if (!ssl_cert_extract_issuer(in, &issuer)) { in ssl_cert_matches_issuer()
264 UniquePtr<EVP_PKEY> ssl_cert_parse_pubkey(const CBS *in) { in ssl_cert_parse_pubkey() argument
265 CBS buf = *in, tbs_cert; in ssl_cert_parse_pubkey()
300 bool ssl_cert_check_key_usage(const CBS *in, enum ssl_key_usage_t bit) { in ssl_cert_check_key_usage() argument
301 CBS buf = *in; in ssl_cert_check_key_usage()
|
| A D | ssl_key_share.cc | 127 bool DeserializePrivateKey(CBS *in) override { in DeserializePrivateKey() argument
129 private_key_.reset(BN_bin2bn(CBS_data(in), CBS_len(in), nullptr)); in DeserializePrivateKey()
183 bool DeserializePrivateKey(CBS *in) override { in DeserializePrivateKey() argument
184 if (CBS_len(in) != sizeof(private_key_) || in DeserializePrivateKey()
185 !CBS_copy_bytes(in, private_key_, sizeof(private_key_))) { in DeserializePrivateKey()
|
| A D | encrypted_client_hello.cc | 341 static bool is_hex_component(Span<const uint8_t> in) { in is_hex_component() argument
342 if (in.size() < 2 || in[0] != '0' || (in[1] != 'x' && in[1] != 'X')) { in is_hex_component()
345 for (uint8_t b : in.subspan(2)) { in is_hex_component()
353 static bool is_decimal_component(Span<const uint8_t> in) { in is_decimal_component() argument
354 if (in.empty()) { in is_decimal_component()
357 for (uint8_t b : in) { in is_decimal_component()
|
| A D | ssl_lib.cc | 130 Span<uint8_t> in) { in ssl_open_change_cipher_spec() argument
146 Span<uint8_t> in) { in ssl_open_app_data() argument
167 if (!CBB_add_space(cbb, &out, in.size() * 2)) { in cbb_add_hex_consttime()
171 for (uint8_t b : in) { in cbb_add_hex_consttime()
220 Span<const uint8_t> in) { in ssl_do_msg_callback() argument
240 ssl->msg_callback(is_write, version, content_type, in.data(), in.size(), in ssl_do_msg_callback()
1512 if (out_len > in.size()) { in copy_finished()
1513 out_len = in.size(); in copy_finished()
1515 OPENSSL_memcpy(out, in.data(), out_len); in copy_finished()
1516 return in.size(); in copy_finished()
[all …]
|
| /ssl/test/runner/ |
| A D | shim_ticket.go | 47 if !bytes.Equal(name, in[:len(name)]) {
52 mac := in[len(in)-h.Size():]
53 in = in[:len(in)-h.Size()]
54 h.Write(in)
60 in = in[len(name):]
63 iv := in[:block.BlockSize()]
64 in = in[block.BlockSize():]
68 out := make([]byte, len(in))
70 cbc.CryptBlocks(out, in)
107 out = append(out, in...)
[all …]
|
| A D | conn.go | 163 c.in.isDTLS = c.isDTLS
165 c.in.config = c.config
167 c.in.conn = c
923 c.in.setErrorLocked(err)
991 epoch := &c.in.epoch
1198 return c.in.err
1728 c.in.Lock()
1729 defer c.in.Unlock()
1764 c.in.Lock()
1765 defer c.in.Unlock()
[all …]
|
| A D | resumption_tests.go | 197 FilterTicket: func(in []byte) ([]byte, error) {
198 in, err := SetShimTicketVersion(in, VersionTLS12)
221 FilterTicket: func(in []byte) ([]byte, error) {
222 return SetShimTicketVersion(in, VersionTLS13)
240 FilterTicket: func(in []byte) ([]byte, error) {
241 return SetShimTicketVersion(in, VersionTLS12)
261 FilterTicket: func(in []byte) ([]byte, error) {
281 FilterTicket: func(in []byte) ([]byte, error) {
303 FilterTicket: func(in []byte) ([]byte, error) {
326 FilterTicket: func(in []byte) ([]byte, error) {
[all …]
|
| A D | dtls.go | 166 return 0, 0, 0, c.in.setErrorLocked(fmt.Errorf("dtls: bad epoch"))
205 if epoch.cipher != nil && c.in.version >= VersionTLS13 {
249 return 0, 0, 0, c.in.setErrorLocked(fmt.Errorf("dtls: bad epoch"))
253 return 0, 0, 0, c.in.setErrorLocked(fmt.Errorf("dtls: bad sequence number"))
296 ok, encTyp, data, alertValue := c.in.decrypt(epoch, recordHeaderLen, b)
301 return 0, nil, c.in.setErrorLocked(c.sendAlert(alertValue))
696 if err := c.in.err; err != nil {
722 return nil, c.in.setErrorLocked(c.sendAlert(alertInternalError))
755 Epoch: c.in.epoch.epoch,
908 epoch, ok := c.conn.in.getEpoch(epochValue)
[all …]
|
| /ssl/test/ |
| A D | test_state.cc | 110 CBS in, sessions, ticket_keys; in DeserializeContextState() local
113 if (!CBS_get_u24_length_prefixed(cbs, &in) || in DeserializeContextState()
114 !CBS_get_u16(&in, &version) || in DeserializeContextState()
116 !CBS_get_u8_length_prefixed(&in, &ticket_keys) || in DeserializeContextState()
119 !CBS_get_asn1(&in, &sessions, CBS_ASN1_SEQUENCE)) { in DeserializeContextState()
153 CBS in, pending_session, text; in Deserialize() local
158 if (!CBS_get_u24_length_prefixed(cbs, &in) || // in Deserialize()
159 !CBS_get_u16(&in, &version) || // in Deserialize()
162 !CBS_get_u16_length_prefixed(&in, &text) || in Deserialize()
163 !CBS_get_asn1_uint64(&in, &sec) || // in Deserialize()
[all …]
|
| A D | test_config.cc | 194 if (!EVP_DecodedLength(&len, in.size())) { in DecodeBase64()
201 in.size())) { in DecodeBase64()
1050 bssl::Span(in, inlen)) { in AlpnSelectCallback()
1261 in, in_len)) { in AsyncPrivateKeySign()
1375 auto in_span = bssl::Span(in, in_len); in AsyncTicketOpen()
1617 if ((in.size() & 1) != 0) { in HexDecode()
1622 for (size_t i = 0; i < in.size() / 2; i++) { in HexDecode()
1640 for (size_t i = 0; i < in.size(); i++) { in SplitParts()
1641 if (in[i] == delim) { in SplitParts()
2102 if (in_len < 4 || in[0] != 1 || in[1] != 2 || in[2] != 3 || in SetupCtx()
[all …]
|
| A D | README.md | 12 configurable bugs. This code, along with a test suite and harness written in Go,
13 lives in the `runner` directory. The harness runs BoringSSL via a C/C++ shim
14 binary which lives in this directory. All communication with the shim binary
18 features should be implemented twice, once in C for BoringSSL and once in Go for
|
| A D | PORTING.md | 9 Note that supporting non-BoringSSL implementations is a work in
10 progress and interfaces may change in the future. Consumers should pin
21 default, the shim points to the BoringSSL shim in the same source
43 There are a number of situations in which the runner might succeed
46 * Defects in the stack under test
105 for an example which handles the environment variables in `OPENSSL_malloc`.
|
| /ssl/test/runner/kyber/ |
| A D | kyber_test.go | 31 in, err := os.Open(*testVectorsPath)
36 defer in.Close()
38 scanner := bufio.NewScanner(in)
|
| A D | kyber.go | 313 func (s *scalar) decode(in []byte, bits int) ([]byte, bool) {
323 inByte = in[0]
324 in = in[1:]
346 return in, true
480 in, ok := ret.t.decode(data[:], log2Prime)
484 copy(ret.rho[:], in)
|