diff options
author | kasper3 <33230602+kasper3@users.noreply.github.com> | 2018-06-18 18:56:18 +0300 |
---|---|---|
committer | Marek Safar <marek.safar@gmail.com> | 2018-06-19 12:33:12 +0300 |
commit | eaca84d38d1e8c037c7ba47a70046f2f5d395de5 (patch) | |
tree | 3c7156c3083bba6b909a047ff7b03ecc8eac7f87 | |
parent | b3522b1f347f0252e48132952188078df74818e8 (diff) |
Convert System.Security.Cryptography.Native to C (#30376)
* Rename extension .cpp to .c
* Convert System.Security.Cryptography.Native to C
* Address feedback comments
63 files changed, 1640 insertions, 1578 deletions
diff --git a/src/Native/Unix/Common/pal_utilities.h b/src/Native/Unix/Common/pal_utilities.h index 21f73923d0..ff12d33af5 100644 --- a/src/Native/Unix/Common/pal_utilities.h +++ b/src/Native/Unix/Common/pal_utilities.h @@ -14,6 +14,7 @@ #include <stdbool.h> #include <string.h> #include <unistd.h> +#include <limits.h> #ifdef __cplusplus #include <limits> @@ -187,3 +188,21 @@ static inline bool CheckInterrupted(TInt result) } #endif // __cplusplus + +inline static uint32_t Int32ToUint32(int32_t value) +{ + assert(value >= 0); + return (uint32_t)value; +} + +inline static size_t Int32ToSizeT(int32_t value) +{ + assert(value >= 0); + return (size_t)value; +} + +inline static int32_t Uint32ToInt32(uint32_t value) +{ + assert(value <= INT_MAX); + return (int32_t)value; +} diff --git a/src/Native/Unix/System.Security.Cryptography.Native/CMakeLists.txt b/src/Native/Unix/System.Security.Cryptography.Native/CMakeLists.txt index 352f456d07..e829db0c58 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/CMakeLists.txt +++ b/src/Native/Unix/System.Security.Cryptography.Native/CMakeLists.txt @@ -16,32 +16,32 @@ find_package(OpenSSL REQUIRED) include_directories(SYSTEM ${OPENSSL_INCLUDE_DIR}) set(NATIVECRYPTO_SOURCES - openssl.cpp - pal_asn1.cpp - pal_asn1_print.cpp - pal_bignum.cpp - pal_bio.cpp - pal_dsa.cpp - pal_ecdsa.cpp - pal_ecc_import_export.cpp - pal_eckey.cpp - pal_err.cpp - pal_evp.cpp - pal_evp_pkey.cpp - pal_evp_pkey_dsa.cpp - pal_evp_pkey_ecdh.cpp - pal_evp_pkey_eckey.cpp - pal_evp_pkey_rsa.cpp - pal_evp_cipher.cpp - pal_hmac.cpp - pal_pkcs12.cpp - pal_pkcs7.cpp - pal_rsa.cpp - pal_ssl.cpp - pal_x509.cpp - pal_x509_name.cpp - pal_x509_root.cpp - pal_x509ext.cpp + openssl.c + pal_asn1.c + pal_asn1_print.c + pal_bignum.c + pal_bio.c + pal_dsa.c + pal_ecdsa.c + pal_ecc_import_export.c + pal_eckey.c + pal_err.c + pal_evp.c + pal_evp_pkey.c + pal_evp_pkey_dsa.c + pal_evp_pkey_ecdh.c + pal_evp_pkey_eckey.c + pal_evp_pkey_rsa.c + pal_evp_cipher.c + pal_hmac.c + pal_pkcs12.c + pal_pkcs7.c + pal_rsa.c + pal_ssl.c + pal_x509.c + pal_x509_name.c + pal_x509_root.c + pal_x509ext.c ) if (FEATURE_DISTRO_AGNOSTIC_SSL) @@ -50,7 +50,7 @@ if (FEATURE_DISTRO_AGNOSTIC_SSL) endif() list(APPEND NATIVECRYPTO_SOURCES - opensslshim.cpp + opensslshim.c ) add_definitions(-DFEATURE_DISTRO_AGNOSTIC_SSL) endif() diff --git a/src/Native/Unix/System.Security.Cryptography.Native/openssl.cpp b/src/Native/Unix/System.Security.Cryptography.Native/openssl.c index f424932055..dde8297e2e 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/openssl.cpp +++ b/src/Native/Unix/System.Security.Cryptography.Native/openssl.c @@ -15,7 +15,6 @@ #include <string.h> #include <time.h> #include <unistd.h> -#include <memory> // See X509NameType.SimpleName #define NAME_TYPE_SIMPLE 0 @@ -67,7 +66,7 @@ Return values: 1: Data was copied Any negative value: The input buffer size was reported as insufficient. A buffer of size ABS(return) is required. */ -extern "C" int32_t CryptoNative_GetX509Thumbprint(X509* x509, uint8_t* pBuf, int32_t cBuf) +int32_t CryptoNative_GetX509Thumbprint(X509* x509, uint8_t* pBuf, int32_t cBuf) { if (!x509) { @@ -98,7 +97,7 @@ Return values: NULL if the validity cannot be determined, a pointer to the ASN1_TIME structure for the NotBefore value otherwise. */ -extern "C" ASN1_TIME* CryptoNative_GetX509NotBefore(X509* x509) +ASN1_TIME* CryptoNative_GetX509NotBefore(X509* x509) { if (x509 && x509->cert_info && x509->cert_info->validity) { @@ -119,7 +118,7 @@ Return values: NULL if the validity cannot be determined, a pointer to the ASN1_TIME structure for the NotAfter value otherwise. */ -extern "C" ASN1_TIME* CryptoNative_GetX509NotAfter(X509* x509) +ASN1_TIME* CryptoNative_GetX509NotAfter(X509* x509) { if (x509 && x509->cert_info && x509->cert_info->validity) { @@ -140,7 +139,7 @@ Return values: NULL if the validity cannot be determined, a pointer to the ASN1_TIME structure for the NextUpdate value otherwise. */ -extern "C" ASN1_TIME* CryptoNative_GetX509CrlNextUpdate(X509_CRL* crl) +ASN1_TIME* CryptoNative_GetX509CrlNextUpdate(X509_CRL* crl) { if (crl) { @@ -164,12 +163,12 @@ The encoded value of the version, otherwise: 1: X509v2 2: X509v3 */ -extern "C" int32_t CryptoNative_GetX509Version(X509* x509) +int32_t CryptoNative_GetX509Version(X509* x509) { if (x509 && x509->cert_info) { long ver = ASN1_INTEGER_get(x509->cert_info->version); - return static_cast<int32_t>(ver); + return (int32_t)ver; } return -1; @@ -186,7 +185,7 @@ Return values: NULL if the algorithm cannot be determined, otherwise a pointer to the OpenSSL ASN1_OBJECT structure describing the object type. */ -extern "C" ASN1_OBJECT* CryptoNative_GetX509PublicKeyAlgorithm(X509* x509) +ASN1_OBJECT* CryptoNative_GetX509PublicKeyAlgorithm(X509* x509) { if (x509 && x509->cert_info && x509->cert_info->key && x509->cert_info->key->algor) { @@ -207,7 +206,7 @@ Return values: NULL if the algorithm cannot be determined, otherwise a pointer to the OpenSSL ASN1_OBJECT structure describing the object type. */ -extern "C" ASN1_OBJECT* CryptoNative_GetX509SignatureAlgorithm(X509* x509) +ASN1_OBJECT* CryptoNative_GetX509SignatureAlgorithm(X509* x509) { if (x509 && x509->sig_alg && x509->sig_alg->algorithm) { @@ -229,7 +228,7 @@ Return values: 1: Data was copied Any negative value: The input buffer size was reported as insufficient. A buffer of size ABS(return) is required. */ -extern "C" int32_t CryptoNative_GetX509PublicKeyParameterBytes(X509* x509, uint8_t* pBuf, int32_t cBuf) +int32_t CryptoNative_GetX509PublicKeyParameterBytes(X509* x509, uint8_t* pBuf, int32_t cBuf) { if (!x509 || !x509->cert_info || !x509->cert_info->key || !x509->cert_info->key->algor) { @@ -274,7 +273,7 @@ Return values: NULL if the public key cannot be determined, a pointer to the ASN1_BIT_STRING structure representing the public key. */ -extern "C" ASN1_BIT_STRING* CryptoNative_GetX509PublicKeyBytes(X509* x509) +ASN1_BIT_STRING* CryptoNative_GetX509PublicKeyBytes(X509* x509) { if (x509 && x509->cert_info && x509->cert_info->key) { @@ -317,7 +316,7 @@ Remarks: So this function will really work on all of them. */ -extern "C" int32_t CryptoNative_GetAsn1StringBytes(ASN1_STRING* asn1, uint8_t* pBuf, int32_t cBuf) +int32_t CryptoNative_GetAsn1StringBytes(ASN1_STRING* asn1, uint8_t* pBuf, int32_t cBuf) { if (!asn1 || cBuf < 0) { @@ -336,7 +335,7 @@ extern "C" int32_t CryptoNative_GetAsn1StringBytes(ASN1_STRING* asn1, uint8_t* p return -length; } - memcpy_s(pBuf, UnsignedCast(cBuf), asn1->data, UnsignedCast(length)); + memcpy_s(pBuf, Int32ToSizeT(cBuf), asn1->data, Int32ToSizeT(length)); return 1; } @@ -352,7 +351,7 @@ Return values: 1: Data was copied Any negative value: The input buffer size was reported as insufficient. A buffer of size ABS(return) is required. */ -extern "C" int32_t CryptoNative_GetX509NameRawBytes(X509_NAME* x509Name, uint8_t* pBuf, int32_t cBuf) +int32_t CryptoNative_GetX509NameRawBytes(X509_NAME* x509Name, uint8_t* pBuf, int32_t cBuf) { if (!x509Name || !x509Name->bytes || cBuf < 0) { @@ -374,7 +373,7 @@ extern "C" int32_t CryptoNative_GetX509NameRawBytes(X509_NAME* x509Name, uint8_t return 0; } - int length = static_cast<int>(x509Name->bytes->length); + int length = (int)(x509Name->bytes->length); if (length < 0) { @@ -387,7 +386,7 @@ extern "C" int32_t CryptoNative_GetX509NameRawBytes(X509_NAME* x509Name, uint8_t return -length; } - memcpy_s(pBuf, UnsignedCast(cBuf), x509Name->bytes->data, UnsignedCast(length)); + memcpy_s(pBuf, Int32ToSizeT(cBuf), x509Name->bytes->data, Int32ToSizeT(length)); return 1; } @@ -402,7 +401,7 @@ Return values: 0 if the field count cannot be determined, or the count of OIDs present in the EKU. Note that 0 does not always indicate an error, merely that GetX509EkuField should not be called. */ -extern "C" int32_t CryptoNative_GetX509EkuFieldCount(EXTENDED_KEY_USAGE* eku) +int32_t CryptoNative_GetX509EkuFieldCount(EXTENDED_KEY_USAGE* eku) { return sk_ASN1_OBJECT_num(eku); } @@ -418,7 +417,7 @@ Return values: NULL if eku is NULL or loc is out of bounds, otherwise a pointer to the ASN1_OBJECT structure encoding that particular OID. */ -extern "C" ASN1_OBJECT* CryptoNative_GetX509EkuField(EXTENDED_KEY_USAGE* eku, int32_t loc) +ASN1_OBJECT* CryptoNative_GetX509EkuField(EXTENDED_KEY_USAGE* eku, int32_t loc) { return sk_ASN1_OBJECT_value(eku, loc); } @@ -434,7 +433,7 @@ Return values: NULL if the certificate is invalid or no name information could be found, otherwise a pointer to a memory-backed BIO structure which contains the answer to the GetNameInfo query */ -extern "C" BIO* CryptoNative_GetX509NameInfo(X509* x509, int32_t nameType, int32_t forIssuer) +BIO* CryptoNative_GetX509NameInfo(X509* x509, int32_t nameType, int32_t forIssuer) { static const char szOidUpn[] = "1.3.6.1.4.1.311.20.2.3"; @@ -564,7 +563,7 @@ extern "C" BIO* CryptoNative_GetX509NameInfo(X509* x509, int32_t nameType, int32 break; } - STACK_OF(GENERAL_NAME)* altNames = static_cast<STACK_OF(GENERAL_NAME)*>( + STACK_OF(GENERAL_NAME)* altNames = (STACK_OF(GENERAL_NAME)*)( X509_get_ext_d2i(x509, forIssuer ? NID_issuer_alt_name : NID_subject_alt_name, NULL, NULL)); if (altNames) @@ -730,7 +729,7 @@ static int CheckX509HostnameMatch(ASN1_STRING* candidate, const char* hostname, } // Great, candidateStr is just candidate->data! - candidateStr = reinterpret_cast<char*>(candidate->data); + candidateStr = (char*)(candidate->data); // First, verify that the string is alphanumeric, plus hyphens or periods and maybe starting with an asterisk. for (i = 0; i < candidate->length; ++i) @@ -750,7 +749,7 @@ static int CheckX509HostnameMatch(ASN1_STRING* candidate, const char* hostname, return 0; } - return !memcmp(candidateStr, hostname, static_cast<size_t>(cchHostname)); + return !memcmp(candidateStr, hostname, (size_t)cchHostname); } for (i = 0; i < cchHostname; ++i) @@ -783,7 +782,7 @@ static int CheckX509HostnameMatch(ASN1_STRING* candidate, const char* hostname, return 0; } - return !memcmp(candidateStr + 1, hostname + hostnameFirstDot, static_cast<size_t>(matchLength)); + return !memcmp(candidateStr + 1, hostname + hostnameFirstDot, (size_t)matchLength); } } @@ -794,7 +793,7 @@ static int CheckX509HostnameMatch(ASN1_STRING* candidate, const char* hostname, return 0; } - return !memcmp(candidate->data, hostname, static_cast<size_t>(cchHostname)); + return !memcmp(candidate->data, hostname, (size_t)cchHostname); } /* @@ -809,7 +808,7 @@ Return values: 0 if the hostname is not a match Any negative number indicates an error in the arguments. */ -extern "C" int32_t CryptoNative_CheckX509Hostname(X509* x509, const char* hostname, int32_t cchHostname) +int32_t CryptoNative_CheckX509Hostname(X509* x509, const char* hostname, int32_t cchHostname) { if (!x509) return -2; @@ -820,7 +819,7 @@ extern "C" int32_t CryptoNative_CheckX509Hostname(X509* x509, const char* hostna int subjectNid = NID_commonName; int sanGenType = GEN_DNS; - GENERAL_NAMES* san = static_cast<GENERAL_NAMES*>( + GENERAL_NAMES* san = (GENERAL_NAMES*)( X509_get_ext_d2i(x509, NID_subject_alt_name, NULL, NULL)); char readSubject = 1; int success = 0; @@ -893,7 +892,7 @@ Return values: 0 if the hostname is not a match Any negative number indicates an error in the arguments. */ -extern "C" int32_t CryptoNative_CheckX509IpAddress( +int32_t CryptoNative_CheckX509IpAddress( X509* x509, const uint8_t* addressBytes, int32_t addressBytesLen, const char* hostname, int32_t cchHostname) { if (!x509) @@ -909,7 +908,7 @@ extern "C" int32_t CryptoNative_CheckX509IpAddress( int subjectNid = NID_commonName; int sanGenType = GEN_IPADD; - GENERAL_NAMES* san = static_cast<GENERAL_NAMES*>(X509_get_ext_d2i(x509, NID_subject_alt_name, NULL, NULL)); + GENERAL_NAMES* san = (GENERAL_NAMES*)(X509_get_ext_d2i(x509, NID_subject_alt_name, NULL, NULL)); int success = 0; if (san) @@ -934,7 +933,7 @@ extern "C" int32_t CryptoNative_CheckX509IpAddress( continue; } - if (!memcmp(addressBytes, ipAddr->data, static_cast<size_t>(addressBytesLen))) + if (!memcmp(addressBytes, ipAddr->data, (size_t)addressBytesLen)) { success = 1; break; @@ -981,7 +980,7 @@ Return values: 0 if the field count cannot be determined, or the count of certificates in STACK_OF(X509) Note that 0 does not always indicate an error, merely that GetX509StackField should not be called. */ -extern "C" int32_t CryptoNative_GetX509StackFieldCount(STACK_OF(X509) * stack) +int32_t CryptoNative_GetX509StackFieldCount(STACK_OF(X509) * stack) { return sk_X509_num(stack); } @@ -997,7 +996,7 @@ Return values: NULL if stack is NULL or loc is out of bounds, otherwise a pointer to the X509 structure encoding that particular element. */ -extern "C" X509* CryptoNative_GetX509StackField(STACK_OF(X509) * stack, int loc) +X509* CryptoNative_GetX509StackField(STACK_OF(X509) * stack, int loc) { return sk_X509_value(stack, loc); } @@ -1009,7 +1008,7 @@ RecursiveFreeX509Stack Used by System.Security.Cryptography.X509Certificates' OpenSslX509ChainProcessor to free a stack when done with it. */ -extern "C" void CryptoNative_RecursiveFreeX509Stack(STACK_OF(X509) * stack) +void CryptoNative_RecursiveFreeX509Stack(STACK_OF(X509) * stack) { sk_X509_pop_free(stack, X509_free); } @@ -1025,7 +1024,7 @@ Return values: 0 if ctx is NULL, if ctx has no X509_VERIFY_PARAM, or the date inputs don't produce a valid time_t; 1 on success. */ -extern "C" int32_t CryptoNative_SetX509ChainVerifyTime(X509_STORE_CTX* ctx, +int32_t CryptoNative_SetX509ChainVerifyTime(X509_STORE_CTX* ctx, int32_t year, int32_t month, int32_t day, @@ -1041,7 +1040,7 @@ extern "C" int32_t CryptoNative_SetX509ChainVerifyTime(X509_STORE_CTX* ctx, time_t verifyTime = MakeTimeT(year, month, day, hour, minute, second, isDst); - if (verifyTime == static_cast<time_t>(-1)) + if (verifyTime == (time_t)-1) { return 0; } @@ -1068,7 +1067,7 @@ Return values: If bio containns a valid DER-encoded X509 object, a pointer to that X509 structure that was deserialized, otherwise NULL. */ -extern "C" X509* CryptoNative_ReadX509AsDerFromBio(BIO* bio) +X509* CryptoNative_ReadX509AsDerFromBio(BIO* bio) { return d2i_X509_bio(bio, NULL); } @@ -1088,7 +1087,7 @@ behavior on non-file, non-null BIO objects. See also: OpenSSL's BIO_tell */ -extern "C" int32_t CryptoNative_BioTell(BIO* bio) +int32_t CryptoNative_BioTell(BIO* bio) { if (!bio) { @@ -1115,7 +1114,7 @@ otherwise unspecified See also: OpenSSL's BIO_seek */ -extern "C" int32_t CryptoNative_BioSeek(BIO* bio, int32_t ofs) +int32_t CryptoNative_BioSeek(BIO* bio, int32_t ofs) { if (!bio) { @@ -1135,7 +1134,7 @@ of X509* to OpenSSL. Return values: A STACK_OF(X509*) with no comparator. */ -extern "C" STACK_OF(X509) * CryptoNative_NewX509Stack() +STACK_OF(X509) * CryptoNative_NewX509Stack() { return sk_X509_new_null(); } @@ -1151,7 +1150,7 @@ Return values: 1 on success 0 on a NULL stack, or an error within sk_X509_push */ -extern "C" int32_t CryptoNative_PushX509StackField(STACK_OF(X509) * stack, X509* x509) +int32_t CryptoNative_PushX509StackField(STACK_OF(X509) * stack, X509* x509) { if (!stack) { @@ -1172,7 +1171,7 @@ Returns a bool to managed code. 1 for success 0 for failure */ -extern "C" int32_t CryptoNative_GetRandomBytes(uint8_t* buf, int32_t num) +int32_t CryptoNative_GetRandomBytes(uint8_t* buf, int32_t num) { int ret = RAND_bytes(buf, num); @@ -1192,7 +1191,7 @@ Return values: -1 indicates OpenSSL signalled an error, CryptographicException should be raised. -2 indicates an error in the input arguments */ -extern "C" int32_t CryptoNative_LookupFriendlyNameByOid(const char* oidValue, const char** friendlyName) +int32_t CryptoNative_LookupFriendlyNameByOid(const char* oidValue, const char** friendlyName) { ASN1_OBJECT* oid; int nid; @@ -1246,7 +1245,7 @@ extern "C" int32_t CryptoNative_LookupFriendlyNameByOid(const char* oidValue, co static pthread_mutex_t g_initLock = PTHREAD_MUTEX_INITIALIZER; // Set of locks initialized for OpenSSL -static pthread_mutex_t* g_locks = nullptr; +static pthread_mutex_t* g_locks = NULL; /* Function: @@ -1307,7 +1306,7 @@ Return values: 0 on success non-zero on failure */ -extern "C" int32_t CryptoNative_EnsureOpenSslInitialized() +int32_t CryptoNative_EnsureOpenSslInitialized() { int ret = 0; int numLocks = 0; @@ -1316,7 +1315,7 @@ extern "C" int32_t CryptoNative_EnsureOpenSslInitialized() pthread_mutex_lock(&g_initLock); - if (g_locks != nullptr) + if (g_locks != NULL) { // Already initialized; nothing more to do. goto done; @@ -1332,8 +1331,15 @@ extern "C" int32_t CryptoNative_EnsureOpenSslInitialized() } // Create the locks array - g_locks = new (std::nothrow) pthread_mutex_t[numLocks]; - if (g_locks == nullptr) + size_t allocationSize = 0; + if (!multiply_s(sizeof(pthread_mutex_t), (size_t)numLocks, &allocationSize)) + { + ret = 2; + goto done; + } + + g_locks = (pthread_mutex_t*)malloc(allocationSize); + if (g_locks == NULL) { ret = 2; goto done; @@ -1376,13 +1382,13 @@ done: if (ret != 0) { // Cleanup on failure - if (g_locks != nullptr) + if (g_locks != NULL) { for (int i = locksInitialized - 1; i >= 0; i--) { pthread_mutex_destroy(&g_locks[i]); // ignore failures } - delete[] g_locks; + free(g_locks); g_locks = NULL; } } @@ -1401,7 +1407,7 @@ Return values: Textual description of the version on success. "not available" string on failure. */ -extern "C" char* CryptoNative_SSLEayVersion() +char* CryptoNative_SSLEayVersion() { return strdup(SSLeay_version(SSLEAY_VERSION)); } diff --git a/src/Native/Unix/System.Security.Cryptography.Native/openssl.h b/src/Native/Unix/System.Security.Cryptography.Native/openssl.h index 7da64ca04e..2a0a2562b6 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/openssl.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/openssl.h @@ -5,65 +5,66 @@ #pragma once +#include "pal_compiler.h" #include <openssl/x509.h> #include <openssl/x509v3.h> -extern "C" int32_t CryptoNative_GetX509Thumbprint(X509* x509, uint8_t* pBuf, int32_t cBuf); +DLLEXPORT int32_t CryptoNative_GetX509Thumbprint(X509* x509, uint8_t* pBuf, int32_t cBuf); -extern "C" ASN1_TIME* CryptoNative_GetX509NotBefore(X509* x509); +DLLEXPORT ASN1_TIME* CryptoNative_GetX509NotBefore(X509* x509); -extern "C" ASN1_TIME* CryptoNative_GetX509NotAfter(X509* x509); +DLLEXPORT ASN1_TIME* CryptoNative_GetX509NotAfter(X509* x509); -extern "C" ASN1_TIME* CryptoNative_GetX509CrlNextUpdate(X509_CRL* crl); +DLLEXPORT ASN1_TIME* CryptoNative_GetX509CrlNextUpdate(X509_CRL* crl); -extern "C" int32_t CryptoNative_GetX509Version(X509* x509); +DLLEXPORT int32_t CryptoNative_GetX509Version(X509* x509); -extern "C" ASN1_OBJECT* CryptoNative_GetX509PublicKeyAlgorithm(X509* x509); +DLLEXPORT ASN1_OBJECT* CryptoNative_GetX509PublicKeyAlgorithm(X509* x509); -extern "C" ASN1_OBJECT* CryptoNative_GetX509SignatureAlgorithm(X509* x509); +DLLEXPORT ASN1_OBJECT* CryptoNative_GetX509SignatureAlgorithm(X509* x509); -extern "C" int32_t CryptoNative_GetX509PublicKeyParameterBytes(X509* x509, uint8_t* pBuf, int32_t cBuf); +DLLEXPORT int32_t CryptoNative_GetX509PublicKeyParameterBytes(X509* x509, uint8_t* pBuf, int32_t cBuf); -extern "C" ASN1_BIT_STRING* CryptoNative_GetX509PublicKeyBytes(X509* x509); +DLLEXPORT ASN1_BIT_STRING* CryptoNative_GetX509PublicKeyBytes(X509* x509); -extern "C" int32_t CryptoNative_GetAsn1StringBytes(ASN1_STRING* asn1, uint8_t* pBuf, int32_t cBuf); +DLLEXPORT int32_t CryptoNative_GetAsn1StringBytes(ASN1_STRING* asn1, uint8_t* pBuf, int32_t cBuf); -extern "C" int32_t CryptoNative_GetX509NameRawBytes(X509_NAME* x509Name, uint8_t* pBuf, int32_t cBuf); +DLLEXPORT int32_t CryptoNative_GetX509NameRawBytes(X509_NAME* x509Name, uint8_t* pBuf, int32_t cBuf); -extern "C" int32_t CryptoNative_GetX509EkuFieldCount(EXTENDED_KEY_USAGE* eku); +DLLEXPORT int32_t CryptoNative_GetX509EkuFieldCount(EXTENDED_KEY_USAGE* eku); -extern "C" ASN1_OBJECT* CryptoNative_GetX509EkuField(EXTENDED_KEY_USAGE* eku, int32_t loc); +DLLEXPORT ASN1_OBJECT* CryptoNative_GetX509EkuField(EXTENDED_KEY_USAGE* eku, int32_t loc); -extern "C" BIO* CryptoNative_GetX509NameInfo(X509* x509, int32_t nameType, int32_t forIssuer); +DLLEXPORT BIO* CryptoNative_GetX509NameInfo(X509* x509, int32_t nameType, int32_t forIssuer); -extern "C" int32_t CryptoNative_CheckX509Hostname(X509* x509, const char* hostname, int32_t cchHostname); +DLLEXPORT int32_t CryptoNative_CheckX509Hostname(X509* x509, const char* hostname, int32_t cchHostname); -extern "C" int32_t CryptoNative_CheckX509IpAddress( +DLLEXPORT int32_t CryptoNative_CheckX509IpAddress( X509* x509, const uint8_t* addressBytes, int32_t addressBytesLen, const char* hostname, int32_t cchHostname); -extern "C" int32_t CryptoNative_GetX509StackFieldCount(STACK_OF(X509) * stack); +DLLEXPORT int32_t CryptoNative_GetX509StackFieldCount(STACK_OF(X509) * stack); -extern "C" X509* CryptoNative_GetX509StackField(STACK_OF(X509) * stack, int loc); +DLLEXPORT X509* CryptoNative_GetX509StackField(STACK_OF(X509) * stack, int loc); -extern "C" void CryptoNative_RecursiveFreeX509Stack(STACK_OF(X509) * stack); +DLLEXPORT void CryptoNative_RecursiveFreeX509Stack(STACK_OF(X509) * stack); -extern "C" int32_t CryptoNative_SetX509ChainVerifyTime( +DLLEXPORT int32_t CryptoNative_SetX509ChainVerifyTime( X509_STORE_CTX* ctx, int32_t year, int32_t month, int32_t day, int32_t hour, int32_t minute, int32_t second, int32_t isDst); -extern "C" X509* CryptoNative_ReadX509AsDerFromBio(BIO* bio); +DLLEXPORT X509* CryptoNative_ReadX509AsDerFromBio(BIO* bio); -extern "C" int32_t CryptoNative_BioTell(BIO* bio); +DLLEXPORT int32_t CryptoNative_BioTell(BIO* bio); -extern "C" int32_t CryptoNative_BioSeek(BIO* bio, int32_t ofs); +DLLEXPORT int32_t CryptoNative_BioSeek(BIO* bio, int32_t ofs); -extern "C" STACK_OF(X509) * CryptoNative_NewX509Stack(void); +DLLEXPORT STACK_OF(X509) * CryptoNative_NewX509Stack(void); -extern "C" int32_t CryptoNative_PushX509StackField(STACK_OF(X509) * stack, X509* x509); +DLLEXPORT int32_t CryptoNative_PushX509StackField(STACK_OF(X509) * stack, X509* x509); -extern "C" int32_t CryptoNative_GetRandomBytes(uint8_t* buf, int32_t num); +DLLEXPORT int32_t CryptoNative_GetRandomBytes(uint8_t* buf, int32_t num); -extern "C" int32_t CryptoNative_LookupFriendlyNameByOid(const char* oidValue, const char** friendlyName); +DLLEXPORT int32_t CryptoNative_LookupFriendlyNameByOid(const char* oidValue, const char** friendlyName); -extern "C" int32_t CryptoNative_EnsureOpenSslInitialized(void); +DLLEXPORT int32_t CryptoNative_EnsureOpenSslInitialized(void); -extern "C" char* CryptoNative_SSLEayVersion(void); +DLLEXPORT char* CryptoNative_SSLEayVersion(void); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/opensslshim.cpp b/src/Native/Unix/System.Security.Cryptography.Native/opensslshim.c index 9e5b676eb7..66807866de 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/opensslshim.cpp +++ b/src/Native/Unix/System.Security.Cryptography.Native/opensslshim.c @@ -5,19 +5,20 @@ #include <dlfcn.h> #include <stdio.h> +#include <stdbool.h> #include "opensslshim.h" // Define pointers to all the used ICU functions -#define PER_FUNCTION_BLOCK(fn, isRequired) decltype(fn) fn##_ptr; +#define PER_FUNCTION_BLOCK(fn, isRequired) __typeof(fn) fn##_ptr; FOR_ALL_OPENSSL_FUNCTIONS #undef PER_FUNCTION_BLOCK // x.x.x, considering the max number of decimal digits for each component -static const int MaxVersionStringLength = 32; +#define MaxVersionStringLength 32 #define SONAME_BASE "libssl.so." -static void* libssl = nullptr; +static void* libssl = NULL; static bool OpenLibrary() { @@ -27,7 +28,7 @@ static bool OpenLibrary() // like 1.0.0, 1.0.2 etc. char* versionOverride = getenv("CLR_OPENSSL_VERSION_OVERRIDE"); - if ((versionOverride != nullptr) && strnlen(versionOverride, MaxVersionStringLength + 1) <= MaxVersionStringLength) + if ((versionOverride != NULL) && strnlen(versionOverride, MaxVersionStringLength + 1) <= MaxVersionStringLength) { char soName[sizeof(SONAME_BASE) + MaxVersionStringLength] = SONAME_BASE; @@ -35,7 +36,7 @@ static bool OpenLibrary() libssl = dlopen(soName, RTLD_LAZY); } - if (libssl == nullptr) + if (libssl == NULL) { // Debian 9 has dropped support for SSLv3 and so they have bumped their soname. Let's try it // before trying the version 1.0.0 to make it less probable that some of our other dependencies @@ -43,19 +44,19 @@ static bool OpenLibrary() libssl = dlopen("libssl.so.1.0.2", RTLD_LAZY); } - if (libssl == nullptr) + if (libssl == NULL) { // Now try the default versioned so naming as described in the OpenSSL doc libssl = dlopen("libssl.so.1.0.0", RTLD_LAZY); } - if (libssl == nullptr) + if (libssl == NULL) { // Fedora derived distros use different naming for the version 1.0.0 libssl = dlopen("libssl.so.10", RTLD_LAZY); } - return libssl != nullptr; + return libssl != NULL; } __attribute__((constructor)) @@ -69,7 +70,7 @@ static void InitializeOpenSSLShim() // Get pointers to all the ICU functions that are needed #define PER_FUNCTION_BLOCK(fn, isRequired) \ - fn##_ptr = reinterpret_cast<decltype(fn)>(dlsym(libssl, #fn)); \ + fn##_ptr = (__typeof(fn))(dlsym(libssl, #fn)); \ if ((fn##_ptr) == NULL && isRequired) { fprintf(stderr, "Cannot get required symbol " #fn " from libssl\n"); abort(); } FOR_ALL_OPENSSL_FUNCTIONS @@ -79,7 +80,7 @@ static void InitializeOpenSSLShim() __attribute__((destructor)) static void ShutdownOpenSSLShim() { - if (libssl != nullptr) + if (libssl != NULL) { dlclose(libssl); } diff --git a/src/Native/Unix/System.Security.Cryptography.Native/opensslshim.h b/src/Native/Unix/System.Security.Cryptography.Native/opensslshim.h index afb2559d12..a844178e57 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/opensslshim.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/opensslshim.h @@ -65,7 +65,7 @@ void SSL_CTX_set_alpn_select_cb(SSL_CTX* ctx, int (*cb) (SSL *ssl, void SSL_get0_alpn_selected(const SSL* ssl, const unsigned char** protocol, unsigned int* len); #endif -#define API_EXISTS(fn) (fn != nullptr) +#define API_EXISTS(fn) (fn != NULL) // List of all functions from the libssl that are used in the System.Security.Cryptography.Native. // Forgetting to add a function here results in build failure with message reporting the function @@ -365,7 +365,7 @@ void SSL_get0_alpn_selected(const SSL* ssl, const unsigned char** protocol, unsi PER_FUNCTION_BLOCK(EC_POINT_set_affine_coordinates_GF2m, false) \ // Declare pointers to all the used OpenSSL functions -#define PER_FUNCTION_BLOCK(fn, isRequired) extern decltype(fn)* fn##_ptr; +#define PER_FUNCTION_BLOCK(fn, isRequired) extern __typeof(fn)* fn##_ptr; FOR_ALL_OPENSSL_FUNCTIONS #undef PER_FUNCTION_BLOCK diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_asn1.c b/src/Native/Unix/System.Security.Cryptography.Native/pal_asn1.c new file mode 100644 index 0000000000..8a3f2b5798 --- /dev/null +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_asn1.c @@ -0,0 +1,110 @@ +// Licensed to the .NET Foundation under one or more agreements. +// The .NET Foundation licenses this file to you under the MIT license. +// See the LICENSE file in the project root for more information. + +#include "pal_asn1.h" +#include <stdlib.h> +#include <stdbool.h> + +c_static_assert(PAL_NID_undef == NID_undef); +c_static_assert(PAL_NID_X9_62_prime256v1 == NID_X9_62_prime256v1); +c_static_assert(PAL_NID_secp224r1 == NID_secp224r1); +c_static_assert(PAL_NID_secp384r1 == NID_secp384r1); +c_static_assert(PAL_NID_secp521r1 == NID_secp521r1); + +const ASN1_OBJECT* CryptoNative_ObjTxt2Obj(const char* s) +{ + return OBJ_txt2obj(s, true); +} + +int32_t CryptoNative_ObjObj2Txt(char* buf, int32_t buf_len, const ASN1_OBJECT* a) +{ + return OBJ_obj2txt(buf, buf_len, a, true); +} + +const ASN1_OBJECT* CryptoNative_GetObjectDefinitionByName(const char* friendlyName) +{ + int nid = OBJ_ln2nid(friendlyName); + + if (nid == NID_undef) + { + nid = OBJ_sn2nid(friendlyName); + } + + if (nid == NID_undef) + { + return NULL; + } + + return OBJ_nid2obj(nid); +} + +int32_t CryptoNative_ObjSn2Nid(const char* sn) +{ + return OBJ_sn2nid(sn); +} + +ASN1_OBJECT* CryptoNative_ObjNid2Obj(int32_t nid) +{ + return OBJ_nid2obj(nid); +} + +void CryptoNative_Asn1ObjectFree(ASN1_OBJECT* a) +{ + ASN1_OBJECT_free(a); +} + +ASN1_BIT_STRING* CryptoNative_DecodeAsn1BitString(const uint8_t* buf, int32_t len) +{ + if (!buf || !len) + { + return NULL; + } + + return d2i_ASN1_BIT_STRING(NULL, &buf, len); +} + +void CryptoNative_Asn1BitStringFree(ASN1_STRING* a) +{ + ASN1_BIT_STRING_free(a); +} + +ASN1_OCTET_STRING* CryptoNative_DecodeAsn1OctetString(const uint8_t* buf, int32_t len) +{ + if (!buf || !len) + { + return NULL; + } + + return d2i_ASN1_OCTET_STRING(NULL, &buf, len); +} + +ASN1_OCTET_STRING* CryptoNative_Asn1OctetStringNew() +{ + return ASN1_OCTET_STRING_new(); +} + +int32_t CryptoNative_Asn1OctetStringSet(ASN1_OCTET_STRING* s, const uint8_t* data, int32_t len) +{ + return ASN1_OCTET_STRING_set(s, data, len); +} + +void CryptoNative_Asn1OctetStringFree(ASN1_STRING* a) +{ + ASN1_OCTET_STRING_free(a); +} + +void CryptoNative_Asn1StringFree(ASN1_STRING* a) +{ + ASN1_STRING_free(a); +} + +int32_t CryptoNative_GetAsn1IntegerDerSize(ASN1_INTEGER* i) +{ + return i2d_ASN1_INTEGER(i, NULL); +} + +int32_t CryptoNative_EncodeAsn1Integer(ASN1_INTEGER* i, uint8_t* buf) +{ + return i2d_ASN1_INTEGER(i, &buf); +} diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_asn1.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_asn1.cpp deleted file mode 100644 index 5429592e57..0000000000 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_asn1.cpp +++ /dev/null @@ -1,108 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -#include "pal_asn1.h" - -static_assert(PAL_NID_undef == NID_undef, ""); -static_assert(PAL_NID_X9_62_prime256v1 == NID_X9_62_prime256v1, ""); -static_assert(PAL_NID_secp224r1 == NID_secp224r1, ""); -static_assert(PAL_NID_secp384r1 == NID_secp384r1, ""); -static_assert(PAL_NID_secp521r1 == NID_secp521r1, ""); - -extern "C" const ASN1_OBJECT* CryptoNative_ObjTxt2Obj(const char* s) -{ - return OBJ_txt2obj(s, true); -} - -extern "C" int32_t CryptoNative_ObjObj2Txt(char* buf, int32_t buf_len, const ASN1_OBJECT* a) -{ - return OBJ_obj2txt(buf, buf_len, a, true); -} - -extern "C" const ASN1_OBJECT* CryptoNative_GetObjectDefinitionByName(const char* friendlyName) -{ - int nid = OBJ_ln2nid(friendlyName); - - if (nid == NID_undef) - { - nid = OBJ_sn2nid(friendlyName); - } - - if (nid == NID_undef) - { - return nullptr; - } - - return OBJ_nid2obj(nid); -} - -extern "C" int32_t CryptoNative_ObjSn2Nid(const char* sn) -{ - return OBJ_sn2nid(sn); -} - -extern "C" ASN1_OBJECT* CryptoNative_ObjNid2Obj(int32_t nid) -{ - return OBJ_nid2obj(nid); -} - -extern "C" void CryptoNative_Asn1ObjectFree(ASN1_OBJECT* a) -{ - ASN1_OBJECT_free(a); -} - -extern "C" ASN1_BIT_STRING* CryptoNative_DecodeAsn1BitString(const uint8_t* buf, int32_t len) -{ - if (!buf || !len) - { - return nullptr; - } - - return d2i_ASN1_BIT_STRING(nullptr, &buf, len); -} - -extern "C" void CryptoNative_Asn1BitStringFree(ASN1_STRING* a) -{ - ASN1_BIT_STRING_free(a); -} - -extern "C" ASN1_OCTET_STRING* CryptoNative_DecodeAsn1OctetString(const uint8_t* buf, int32_t len) -{ - if (!buf || !len) - { - return nullptr; - } - - return d2i_ASN1_OCTET_STRING(nullptr, &buf, len); -} - -extern "C" ASN1_OCTET_STRING* CryptoNative_Asn1OctetStringNew() -{ - return ASN1_OCTET_STRING_new(); -} - -extern "C" int32_t CryptoNative_Asn1OctetStringSet(ASN1_OCTET_STRING* s, const uint8_t* data, int32_t len) -{ - return ASN1_OCTET_STRING_set(s, data, len); -} - -extern "C" void CryptoNative_Asn1OctetStringFree(ASN1_STRING* a) -{ - ASN1_OCTET_STRING_free(a); -} - -extern "C" void CryptoNative_Asn1StringFree(ASN1_STRING* a) -{ - ASN1_STRING_free(a); -} - -extern "C" int32_t CryptoNative_GetAsn1IntegerDerSize(ASN1_INTEGER* i) -{ - return i2d_ASN1_INTEGER(i, nullptr); -} - -extern "C" int32_t CryptoNative_EncodeAsn1Integer(ASN1_INTEGER* i, uint8_t* buf) -{ - return i2d_ASN1_INTEGER(i, &buf); -} diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_asn1.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_asn1.h index 6ec1795d25..852a735c3d 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_asn1.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_asn1.h @@ -3,6 +3,7 @@ // See the LICENSE file in the project root for more information. #include "pal_types.h" +#include "pal_compiler.h" #include "opensslshim.h" /* @@ -20,79 +21,79 @@ enum SupportedAlgorithmNids /* Direct shim to OBJ_txt2obj. */ -extern "C" const ASN1_OBJECT* CryptoNative_ObjTxt2Obj(const char* s); +DLLEXPORT const ASN1_OBJECT* CryptoNative_ObjTxt2Obj(const char* s); /* Direct shim to OBJ_obj2txt. */ -extern "C" int32_t CryptoNative_ObjObj2Txt(char* buf, int32_t buf_len, const ASN1_OBJECT* a); +DLLEXPORT int32_t CryptoNative_ObjObj2Txt(char* buf, int32_t buf_len, const ASN1_OBJECT* a); /* Retrieves the ASN1_OBJECT for the specified friendly name. Can return nullptr if there isn't a corresponding shared object. */ -extern "C" const ASN1_OBJECT* CryptoNative_GetObjectDefinitionByName(const char* friendlyName); +DLLEXPORT const ASN1_OBJECT* CryptoNative_GetObjectDefinitionByName(const char* friendlyName); /* Direct shim to OBJ_sn2nid. */ -extern "C" int32_t CryptoNative_ObjSn2Nid(const char* sn); +DLLEXPORT int32_t CryptoNative_ObjSn2Nid(const char* sn); /* Direct shim to OBJ_nid2obj. */ -extern "C" ASN1_OBJECT* CryptoNative_ObjNid2Obj(int32_t nid); +DLLEXPORT ASN1_OBJECT* CryptoNative_ObjNid2Obj(int32_t nid); /* Direct shim to ASN1_OBJECT_free. */ -extern "C" void CryptoNative_Asn1ObjectFree(ASN1_OBJECT* a); +DLLEXPORT void CryptoNative_Asn1ObjectFree(ASN1_OBJECT* a); /* Shims the d2i_ASN1_BIT_STRING method and makes it easier to invoke from managed code. */ -extern "C" ASN1_BIT_STRING* CryptoNative_DecodeAsn1BitString(const uint8_t* buf, int32_t len); +DLLEXPORT ASN1_BIT_STRING* CryptoNative_DecodeAsn1BitString(const uint8_t* buf, int32_t len); /* Direct shim to ASN1_BIT_STRING_free. */ -extern "C" void CryptoNative_Asn1BitStringFree(ASN1_STRING* a); +DLLEXPORT void CryptoNative_Asn1BitStringFree(ASN1_STRING* a); /* Shims the d2i_ASN1_OCTET_STRING method and makes it easier to invoke from managed code. */ -extern "C" ASN1_OCTET_STRING* CryptoNative_DecodeAsn1OctetString(const uint8_t* buf, int32_t len); +DLLEXPORT ASN1_OCTET_STRING* CryptoNative_DecodeAsn1OctetString(const uint8_t* buf, int32_t len); /* Direct shim to ASN1_OCTET_STRING_new. */ -extern "C" ASN1_OCTET_STRING* CryptoNative_Asn1OctetStringNew(); +DLLEXPORT ASN1_OCTET_STRING* CryptoNative_Asn1OctetStringNew(void); /* Direct shim to ASN1_OCTET_STRING_set. */ -extern "C" int32_t CryptoNative_Asn1OctetStringSet(ASN1_OCTET_STRING* s, const uint8_t* data, int32_t len); +DLLEXPORT int32_t CryptoNative_Asn1OctetStringSet(ASN1_OCTET_STRING* s, const uint8_t* data, int32_t len); /* Direct shim to ASN1_OCTET_STRING_free. */ -extern "C" void CryptoNative_Asn1OctetStringFree(ASN1_STRING* a); +DLLEXPORT void CryptoNative_Asn1OctetStringFree(ASN1_STRING* a); /* Direct shim to ASN1_STRING_free. */ -extern "C" void CryptoNative_Asn1StringFree(ASN1_STRING* a); +DLLEXPORT void CryptoNative_Asn1StringFree(ASN1_STRING* a); /* Returns the number of bytes it will take to convert the ASN1_INTEGER to a DER format. */ -extern "C" int32_t CryptoNative_GetAsn1IntegerDerSize(ASN1_INTEGER* i); +DLLEXPORT int32_t CryptoNative_GetAsn1IntegerDerSize(ASN1_INTEGER* i); /* Shims the i2d_ASN1_INTEGER method. Returns the number of bytes written to buf. */ -extern "C" int32_t CryptoNative_EncodeAsn1Integer(ASN1_INTEGER* i, uint8_t* buf); +DLLEXPORT int32_t CryptoNative_EncodeAsn1Integer(ASN1_INTEGER* i, uint8_t* buf); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_asn1_print.c b/src/Native/Unix/System.Security.Cryptography.Native/pal_asn1_print.c new file mode 100644 index 0000000000..aca41d839d --- /dev/null +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_asn1_print.c @@ -0,0 +1,40 @@ +// Licensed to the .NET Foundation under one or more agreements. +// The .NET Foundation licenses this file to you under the MIT license. +// See the LICENSE file in the project root for more information. + +#include "pal_asn1_print.h" + +c_static_assert(PAL_B_ASN1_NUMERICSTRING == B_ASN1_NUMERICSTRING); +c_static_assert(PAL_B_ASN1_PRINTABLESTRING == B_ASN1_PRINTABLESTRING); +c_static_assert(PAL_B_ASN1_T61STRING == B_ASN1_T61STRING); +c_static_assert(PAL_B_ASN1_VIDEOTEXSTRING == B_ASN1_VIDEOTEXSTRING); +c_static_assert(PAL_B_ASN1_IA5STRING == B_ASN1_IA5STRING); +c_static_assert(PAL_B_ASN1_GRAPHICSTRING == B_ASN1_GRAPHICSTRING); +c_static_assert(PAL_B_ASN1_VISIBLESTRING == B_ASN1_VISIBLESTRING); +c_static_assert(PAL_B_ASN1_GENERALSTRING == B_ASN1_GENERALSTRING); +c_static_assert(PAL_B_ASN1_UNIVERSALSTRING == B_ASN1_UNIVERSALSTRING); +c_static_assert(PAL_B_ASN1_OCTET_STRING == B_ASN1_OCTET_STRING); +c_static_assert(PAL_B_ASN1_BIT_STRING == B_ASN1_BIT_STRING); +c_static_assert(PAL_B_ASN1_BMPSTRING == B_ASN1_BMPSTRING); +c_static_assert(PAL_B_ASN1_UNKNOWN == B_ASN1_UNKNOWN); +c_static_assert(PAL_B_ASN1_UTF8STRING == B_ASN1_UTF8STRING); +c_static_assert(PAL_B_ASN1_UTCTIME == B_ASN1_UTCTIME); +c_static_assert(PAL_B_ASN1_GENERALIZEDTIME == B_ASN1_GENERALIZEDTIME); +c_static_assert(PAL_B_ASN1_SEQUENCE == B_ASN1_SEQUENCE); + +c_static_assert(PAL_ASN1_STRFLGS_UTF8_CONVERT == ASN1_STRFLGS_UTF8_CONVERT); + +ASN1_STRING* CryptoNative_DecodeAsn1TypeBytes(const uint8_t* buf, int32_t len, Asn1StringTypeFlags type) +{ + if (!buf || !len) + { + return NULL; + } + + return d2i_ASN1_type_bytes(NULL, &buf, len, type); +} + +int32_t CryptoNative_Asn1StringPrintEx(BIO* out, ASN1_STRING* str, Asn1StringPrintFlags flags) +{ + return ASN1_STRING_print_ex(out, str, flags); +} diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_asn1_print.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_asn1_print.cpp deleted file mode 100644 index ffbfef980d..0000000000 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_asn1_print.cpp +++ /dev/null @@ -1,40 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -#include "pal_asn1_print.h" - -static_assert(PAL_B_ASN1_NUMERICSTRING == B_ASN1_NUMERICSTRING, ""); -static_assert(PAL_B_ASN1_PRINTABLESTRING == B_ASN1_PRINTABLESTRING, ""); -static_assert(PAL_B_ASN1_T61STRING == B_ASN1_T61STRING, ""); -static_assert(PAL_B_ASN1_VIDEOTEXSTRING == B_ASN1_VIDEOTEXSTRING, ""); -static_assert(PAL_B_ASN1_IA5STRING == B_ASN1_IA5STRING, ""); -static_assert(PAL_B_ASN1_GRAPHICSTRING == B_ASN1_GRAPHICSTRING, ""); -static_assert(PAL_B_ASN1_VISIBLESTRING == B_ASN1_VISIBLESTRING, ""); -static_assert(PAL_B_ASN1_GENERALSTRING == B_ASN1_GENERALSTRING, ""); -static_assert(PAL_B_ASN1_UNIVERSALSTRING == B_ASN1_UNIVERSALSTRING, ""); -static_assert(PAL_B_ASN1_OCTET_STRING == B_ASN1_OCTET_STRING, ""); -static_assert(PAL_B_ASN1_BIT_STRING == B_ASN1_BIT_STRING, ""); -static_assert(PAL_B_ASN1_BMPSTRING == B_ASN1_BMPSTRING, ""); -static_assert(PAL_B_ASN1_UNKNOWN == B_ASN1_UNKNOWN, ""); -static_assert(PAL_B_ASN1_UTF8STRING == B_ASN1_UTF8STRING, ""); -static_assert(PAL_B_ASN1_UTCTIME == B_ASN1_UTCTIME, ""); -static_assert(PAL_B_ASN1_GENERALIZEDTIME == B_ASN1_GENERALIZEDTIME, ""); -static_assert(PAL_B_ASN1_SEQUENCE == B_ASN1_SEQUENCE, ""); - -static_assert(PAL_ASN1_STRFLGS_UTF8_CONVERT == ASN1_STRFLGS_UTF8_CONVERT, ""); - -extern "C" ASN1_STRING* CryptoNative_DecodeAsn1TypeBytes(const uint8_t* buf, int32_t len, Asn1StringTypeFlags type) -{ - if (!buf || !len) - { - return nullptr; - } - - return d2i_ASN1_type_bytes(nullptr, &buf, len, type); -} - -extern "C" int32_t CryptoNative_Asn1StringPrintEx(BIO* out, ASN1_STRING* str, Asn1StringPrintFlags flags) -{ - return ASN1_STRING_print_ex(out, str, flags); -} diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_asn1_print.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_asn1_print.h index 982506e420..78c092da65 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_asn1_print.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_asn1_print.h @@ -3,12 +3,13 @@ // See the LICENSE file in the project root for more information. #include "pal_types.h" +#include "pal_compiler.h" #include "opensslshim.h" /* Flags for the 'type' parameter of CryptoNative_DecodeAsn1TypeBytes. */ -enum Asn1StringTypeFlags : int32_t +typedef enum { PAL_B_ASN1_NUMERICSTRING = 0x0001, PAL_B_ASN1_PRINTABLESTRING = 0x0002, @@ -27,22 +28,22 @@ enum Asn1StringTypeFlags : int32_t PAL_B_ASN1_UTCTIME = 0x4000, PAL_B_ASN1_GENERALIZEDTIME = 0x8000, PAL_B_ASN1_SEQUENCE = 0x10000, -}; +} Asn1StringTypeFlags; /* Flags for the 'flags' parameter of CryptoNative_Asn1StringPrintEx. */ -enum Asn1StringPrintFlags : uint64_t +typedef enum { PAL_ASN1_STRFLGS_UTF8_CONVERT = 0x10, -}; +} Asn1StringPrintFlags; /* Shims the d2i_ASN1_type_bytes method and makes it easier to invoke from managed code. */ -extern "C" ASN1_STRING* CryptoNative_DecodeAsn1TypeBytes(const uint8_t* buf, int32_t len, Asn1StringTypeFlags type); +DLLEXPORT ASN1_STRING* CryptoNative_DecodeAsn1TypeBytes(const uint8_t* buf, int32_t len, Asn1StringTypeFlags type); /* Direct shim to ASN1_STRING_print_ex. */ -extern "C" int32_t CryptoNative_Asn1StringPrintEx(BIO* out, ASN1_STRING* str, Asn1StringPrintFlags flags); +DLLEXPORT int32_t CryptoNative_Asn1StringPrintEx(BIO* out, ASN1_STRING* str, Asn1StringPrintFlags flags); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_bignum.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_bignum.c index bb133d2b62..d9f7453a3c 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_bignum.cpp +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_bignum.c @@ -4,25 +4,25 @@ #include "pal_bignum.h" -extern "C" void CryptoNative_BigNumDestroy(BIGNUM* a) +void CryptoNative_BigNumDestroy(BIGNUM* a) { - if (a != nullptr) + if (a != NULL) { BN_clear_free(a); } } -extern "C" BIGNUM* CryptoNative_BigNumFromBinary(const uint8_t* s, int32_t len) +BIGNUM* CryptoNative_BigNumFromBinary(const uint8_t* s, int32_t len) { if (!s || !len) { - return nullptr; + return NULL; } - return BN_bin2bn(s, len, nullptr); + return BN_bin2bn(s, len, NULL); } -extern "C" int32_t CryptoNative_BigNumToBinary(const BIGNUM* a, uint8_t* to) +int32_t CryptoNative_BigNumToBinary(const BIGNUM* a, uint8_t* to) { if (!a || !to) { @@ -32,7 +32,7 @@ extern "C" int32_t CryptoNative_BigNumToBinary(const BIGNUM* a, uint8_t* to) return BN_bn2bin(a, to); } -extern "C" int32_t CryptoNative_GetBigNumBytes(const BIGNUM* a) +int32_t CryptoNative_GetBigNumBytes(const BIGNUM* a) { if (!a) { diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_bignum.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_bignum.h index 19919c8141..79da9b89fb 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_bignum.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_bignum.h @@ -3,6 +3,7 @@ // See the LICENSE file in the project root for more information. #include "pal_types.h" +#include "pal_compiler.h" #include "opensslshim.h" /* @@ -15,19 +16,19 @@ No-op if a is null. The given BIGNUM pointer is invalid after this call. Always succeeds. */ -extern "C" void CryptoNative_BigNumDestroy(BIGNUM* a); +DLLEXPORT void CryptoNative_BigNumDestroy(BIGNUM* a); /* Shims the BN_bin2bn method. */ -extern "C" BIGNUM* CryptoNative_BigNumFromBinary(const uint8_t* s, int32_t len); +DLLEXPORT BIGNUM* CryptoNative_BigNumFromBinary(const uint8_t* s, int32_t len); /* Shims the BN_bn2bin method. */ -extern "C" int32_t CryptoNative_BigNumToBinary(const BIGNUM* a, uint8_t* to); +DLLEXPORT int32_t CryptoNative_BigNumToBinary(const BIGNUM* a, uint8_t* to); /* Returns the number of bytes needed to export a BIGNUM. */ -extern "C" int32_t CryptoNative_GetBigNumBytes(const BIGNUM* a); +DLLEXPORT int32_t CryptoNative_GetBigNumBytes(const BIGNUM* a); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_bio.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_bio.c index b4009d5c40..0e55e62966 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_bio.cpp +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_bio.c @@ -6,49 +6,49 @@ #include <assert.h> -extern "C" BIO* CryptoNative_CreateMemoryBio() +BIO* CryptoNative_CreateMemoryBio() { return BIO_new(BIO_s_mem()); } -extern "C" BIO* CryptoNative_BioNewFile(const char* filename, const char* mode) +BIO* CryptoNative_BioNewFile(const char* filename, const char* mode) { return BIO_new_file(filename, mode); } -extern "C" int32_t CryptoNative_BioDestroy(BIO* a) +int32_t CryptoNative_BioDestroy(BIO* a) { return BIO_free(a); } -extern "C" int32_t CryptoNative_BioGets(BIO* b, char* buf, int32_t size) +int32_t CryptoNative_BioGets(BIO* b, char* buf, int32_t size) { return BIO_gets(b, buf, size); } -extern "C" int32_t CryptoNative_BioRead(BIO* b, void* buf, int32_t len) +int32_t CryptoNative_BioRead(BIO* b, void* buf, int32_t len) { return BIO_read(b, buf, len); } -extern "C" int32_t CryptoNative_BioWrite(BIO* b, const void* buf, int32_t len) +int32_t CryptoNative_BioWrite(BIO* b, const void* buf, int32_t len) { return BIO_write(b, buf, len); } -extern "C" int32_t CryptoNative_GetMemoryBioSize(BIO* bio) +int32_t CryptoNative_GetMemoryBioSize(BIO* bio) { - long ret = BIO_get_mem_data(bio, nullptr); + long ret = BIO_get_mem_data(bio, NULL); // BIO_get_mem_data returns the memory size, which will always be // an int32. assert(ret <= INT32_MAX); - return static_cast<int32_t>(ret); + return (int32_t)ret; } -extern "C" int32_t CryptoNative_BioCtrlPending(BIO* bio) +int32_t CryptoNative_BioCtrlPending(BIO* bio) { size_t result = BIO_ctrl_pending(bio); assert(result <= INT32_MAX); - return static_cast<int32_t>(result); + return (int32_t)result; } diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_bio.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_bio.h index 6897dc1403..21a1989095 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_bio.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_bio.h @@ -3,17 +3,18 @@ // See the LICENSE file in the project root for more information. #include "pal_types.h" +#include "pal_compiler.h" #include "opensslshim.h" /* Creates a new memory-backed BIO instance. */ -extern "C" BIO* CryptoNative_CreateMemoryBio(); +DLLEXPORT BIO* CryptoNative_CreateMemoryBio(void); /* Direct shim to BIO_new_file. */ -extern "C" BIO* CryptoNative_BioNewFile(const char* filename, const char* mode); +DLLEXPORT BIO* CryptoNative_BioNewFile(const char* filename, const char* mode); /* Cleans up and deletes a BIO instance. @@ -24,33 +25,33 @@ Implemented by: No-op if a is null. The given BIO pointer is invalid after this call. */ -extern "C" int32_t CryptoNative_BioDestroy(BIO* a); +DLLEXPORT int32_t CryptoNative_BioDestroy(BIO* a); /* Direct shim to BIO_gets. */ -extern "C" int32_t CryptoNative_BioGets(BIO* b, char* buf, int32_t size); +DLLEXPORT int32_t CryptoNative_BioGets(BIO* b, char* buf, int32_t size); /* Direct shim to BIO_read. */ -extern "C" int32_t CryptoNative_BioRead(BIO* b, void* buf, int32_t len); +DLLEXPORT int32_t CryptoNative_BioRead(BIO* b, void* buf, int32_t len); /* Direct shim to BIO_write. */ -extern "C" int32_t CryptoNative_BioWrite(BIO* b, const void* buf, int32_t len); +DLLEXPORT int32_t CryptoNative_BioWrite(BIO* b, const void* buf, int32_t len); /* Gets the size of data available in the BIO. Shims the BIO_get_mem_data method. */ -extern "C" int32_t CryptoNative_GetMemoryBioSize(BIO* bio); +DLLEXPORT int32_t CryptoNative_GetMemoryBioSize(BIO* bio); /* Shims the BIO_ctrl_pending method. Returns the number of pending characters in the BIOs read and write buffers. */ -extern "C" int32_t CryptoNative_BioCtrlPending(BIO* bio); +DLLEXPORT int32_t CryptoNative_BioCtrlPending(BIO* bio); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_dsa.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_dsa.c index af9ce59d64..54ef433857 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_dsa.cpp +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_dsa.c @@ -5,20 +5,20 @@ #include "pal_dsa.h" #include "pal_utilities.h" -extern "C" int32_t CryptoNative_DsaUpRef(DSA* dsa) +int32_t CryptoNative_DsaUpRef(DSA* dsa) { return DSA_up_ref(dsa); } -extern "C" void CryptoNative_DsaDestroy(DSA* dsa) +void CryptoNative_DsaDestroy(DSA* dsa) { - if (dsa != nullptr) + if (dsa != NULL) { DSA_free(dsa); } } -extern "C" int32_t CryptoNative_DsaGenerateKey(DSA** dsa, int32_t bits) +int32_t CryptoNative_DsaGenerateKey(DSA** dsa, int32_t bits) { *dsa = DSA_new(); if (!dsa) @@ -27,47 +27,47 @@ extern "C" int32_t CryptoNative_DsaGenerateKey(DSA** dsa, int32_t bits) return 0; } - if (!DSA_generate_parameters_ex(*dsa, bits, nullptr, 0, nullptr, nullptr, nullptr) || + if (!DSA_generate_parameters_ex(*dsa, bits, NULL, 0, NULL, NULL, NULL) || !DSA_generate_key(*dsa)) { DSA_free(*dsa); - *dsa = nullptr; + *dsa = NULL; return 0; } return 1; } -extern "C" int32_t CryptoNative_DsaSizeSignature(DSA* dsa) +int32_t CryptoNative_DsaSizeSignature(DSA* dsa) { return DSA_size(dsa); } -extern "C" int32_t CryptoNative_DsaSizeP(DSA* dsa) +int32_t CryptoNative_DsaSizeP(DSA* dsa) { return BN_num_bytes(dsa->p); } -extern "C" int32_t CryptoNative_DsaSizeQ(DSA* dsa) +int32_t CryptoNative_DsaSizeQ(DSA* dsa) { return BN_num_bytes(dsa->q); } -extern "C" int32_t CryptoNative_DsaSign( +int32_t CryptoNative_DsaSign( DSA* dsa, const uint8_t* hash, int32_t hashLength, uint8_t* refsignature, int32_t* outSignatureLength) { - if (outSignatureLength == nullptr || dsa == nullptr) + if (outSignatureLength == NULL || dsa == NULL) { assert(false); return 0; } // DSA_OpenSSL() returns a shared pointer, no need to free/cache. - if (dsa->meth == DSA_OpenSSL() && dsa->priv_key == nullptr) + if (dsa->meth == DSA_OpenSSL() && dsa->priv_key == NULL) { *outSignatureLength = 0; ERR_PUT_error(ERR_LIB_DSA, DSA_F_DSA_DO_SIGN, DSA_R_MISSING_PARAMETERS, __FILE__, __LINE__); @@ -83,11 +83,11 @@ extern "C" int32_t CryptoNative_DsaSign( } assert(unsignedSigLen <= INT32_MAX); - *outSignatureLength = static_cast<int32_t>(unsignedSigLen); + *outSignatureLength = (int32_t)unsignedSigLen; return 1; } -extern "C" int32_t CryptoNative_DsaVerify( +int32_t CryptoNative_DsaVerify( DSA* dsa, const uint8_t* hash, int32_t hashLength, @@ -109,7 +109,7 @@ extern "C" int32_t CryptoNative_DsaVerify( return 1; } -extern "C" int32_t CryptoNative_GetDsaParameters( +int32_t CryptoNative_GetDsaParameters( const DSA* dsa, BIGNUM** p, int32_t* pLength, BIGNUM** q, int32_t* qLength, @@ -122,11 +122,11 @@ extern "C" int32_t CryptoNative_GetDsaParameters( assert(false); // since these parameters are 'out' parameters in managed code, ensure they are initialized - if (p) *p = nullptr; if (pLength) *pLength = 0; - if (q) *q = nullptr; if (qLength) *qLength = 0; - if (g) *g = nullptr; if (gLength) *gLength = 0; - if (y) *y = nullptr; if (yLength) *yLength = 0; - if (x) *x = nullptr; if (xLength) *xLength = 0; + if (p) *p = NULL; if (pLength) *pLength = 0; + if (q) *q = NULL; if (qLength) *qLength = 0; + if (g) *g = NULL; if (gLength) *gLength = 0; + if (y) *y = NULL; if (yLength) *yLength = 0; + if (x) *x = NULL; if (xLength) *xLength = 0; return 0; } @@ -137,34 +137,34 @@ extern "C" int32_t CryptoNative_GetDsaParameters( // dsa->priv_key is optional *x = dsa->priv_key; - *xLength = (*x == nullptr) ? 0 : BN_num_bytes(*x); + *xLength = (*x == NULL) ? 0 : BN_num_bytes(*x); return 1; } static int32_t SetDsaParameter(BIGNUM** dsaFieldAddress, uint8_t* buffer, int32_t bufferLength) { - assert(dsaFieldAddress != nullptr); + assert(dsaFieldAddress != NULL); if (dsaFieldAddress) { if (!buffer || !bufferLength) { - *dsaFieldAddress = nullptr; + *dsaFieldAddress = NULL; return 1; } else { - BIGNUM* bigNum = BN_bin2bn(buffer, bufferLength, nullptr); + BIGNUM* bigNum = BN_bin2bn(buffer, bufferLength, NULL); *dsaFieldAddress = bigNum; - return bigNum != nullptr; + return bigNum != NULL; } } return 0; } -extern "C" int32_t CryptoNative_DsaKeyCreateByExplicitParameters( +int32_t CryptoNative_DsaKeyCreateByExplicitParameters( DSA** outDsa, uint8_t* p, int32_t pLength, diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_dsa.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_dsa.h index ede7065992..2e60536ae0 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_dsa.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_dsa.h @@ -3,6 +3,7 @@ // See the LICENSE file in the project root for more information. #include "pal_types.h" +#include "pal_compiler.h" #include "opensslshim.h" /* @@ -10,14 +11,14 @@ Shims the DSA_new method. Returns the new DSA instance. */ -extern "C" DSA* CryptoNative_DsaCreate(); +DLLEXPORT DSA* CryptoNative_DsaCreate(void); /* Shims the DSA_up_ref method. Returns 1 upon success, otherwise 0. */ -extern "C" int32_t CryptoNative_DsaUpRef(DSA* dsa); +DLLEXPORT int32_t CryptoNative_DsaUpRef(DSA* dsa); /* Cleans up and deletes a DSA instance. @@ -28,38 +29,38 @@ No-op if dsa is null. The given DSA pointer is invalid after this call. Always succeeds. */ -extern "C" void CryptoNative_DsaDestroy(DSA* dsa); +DLLEXPORT void CryptoNative_DsaDestroy(DSA* dsa); /* Shims the DSA_generate_key_ex method. Returns 1 upon success, otherwise 0. */ -extern "C" int32_t CryptoNative_DsaGenerateKey(DSA** dsa, int32_t bits); +DLLEXPORT int32_t CryptoNative_DsaGenerateKey(DSA** dsa, int32_t bits); /* Shims the DSA_size method. Returns the size of the ASN.1 encoded signature. */ -extern "C" int32_t CryptoNative_DsaSizeSignature(DSA* dsa); +DLLEXPORT int32_t CryptoNative_DsaSizeSignature(DSA* dsa); /* Returns the size of the p parameter in bytes. */ -extern "C" int32_t CryptoNative_DsaSizeP(DSA* dsa); +DLLEXPORT int32_t CryptoNative_DsaSizeP(DSA* dsa); /* Returns the size of the q parameter in bytes. */ -extern "C" int32_t CryptoNative_DsaSizeQ(DSA* dsa); +DLLEXPORT int32_t CryptoNative_DsaSizeQ(DSA* dsa); /* Shims the DSA_sign method. Returns 1 upon success, otherwise 0. */ -extern "C" int32_t +DLLEXPORT int32_t CryptoNative_DsaSign( DSA* dsa, const uint8_t* hash, @@ -72,7 +73,7 @@ Shims the DSA_verify method. Returns 1 upon success, otherwise 0. */ -extern "C" int32_t +DLLEXPORT int32_t CryptoNative_DsaVerify( DSA* dsa, const uint8_t* hash, @@ -85,7 +86,7 @@ Gets all the parameters from the DSA instance. Returns 1 upon success, otherwise 0. */ -extern "C" int32_t CryptoNative_GetDsaParameters( +DLLEXPORT int32_t CryptoNative_GetDsaParameters( const DSA* dsa, BIGNUM** p, int32_t* pLength, BIGNUM** q, int32_t* qLength, @@ -96,7 +97,7 @@ extern "C" int32_t CryptoNative_GetDsaParameters( /* Sets all the parameters on the DSA instance. */ -extern "C" int32_t CryptoNative_DsaKeyCreateByExplicitParameters( +DLLEXPORT int32_t CryptoNative_DsaKeyCreateByExplicitParameters( DSA** dsa, uint8_t* p, int32_t pLength, diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_ecc_import_export.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_ecc_import_export.c index 59ab434881..f605e698ed 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_ecc_import_export.cpp +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_ecc_import_export.c @@ -8,48 +8,48 @@ static ECCurveType MethodToCurveType(EC_METHOD* method) { if (method == EC_GFp_mont_method()) - return ECCurveType::PrimeMontgomery; + return PrimeMontgomery; int fieldType = EC_METHOD_get_field_type(method); if (fieldType == NID_X9_62_characteristic_two_field) - return ECCurveType::Characteristic2; + return Characteristic2; if (fieldType == NID_X9_62_prime_field) - return ECCurveType::PrimeShortWeierstrass; + return PrimeShortWeierstrass; - return ECCurveType::Unspecified; + return Unspecified; } static const EC_METHOD* CurveTypeToMethod(ECCurveType curveType) { - if (curveType == ECCurveType::PrimeShortWeierstrass) + if (curveType == PrimeShortWeierstrass) return EC_GFp_simple_method(); - if (curveType == ECCurveType::PrimeMontgomery) + if (curveType == PrimeMontgomery) return EC_GFp_mont_method(); #if HAVE_OPENSSL_EC2M - if (API_EXISTS(EC_GF2m_simple_method) && (curveType == ECCurveType::Characteristic2)) + if (API_EXISTS(EC_GF2m_simple_method) && (curveType == Characteristic2)) return EC_GF2m_simple_method(); #endif - return nullptr; //Edwards and others + return NULL; //Edwards and others } -extern "C" ECCurveType CryptoNative_EcKeyGetCurveType( +ECCurveType CryptoNative_EcKeyGetCurveType( const EC_KEY* key) { const EC_GROUP* group = EC_KEY_get0_group(key); - if (!group) return ECCurveType::Unspecified; + if (!group) return Unspecified; const EC_METHOD* method = EC_GROUP_method_of(group); - if (!method) return ECCurveType::Unspecified; + if (!method) return Unspecified; - return MethodToCurveType(const_cast<EC_METHOD*>(method)); + return MethodToCurveType(method); } -extern "C" int32_t CryptoNative_GetECKeyParameters( +int32_t CryptoNative_GetECKeyParameters( const EC_KEY* key, int32_t includePrivate, BIGNUM** qx, int32_t* cbQx, @@ -65,22 +65,22 @@ extern "C" int32_t CryptoNative_GetECKeyParameters( assert(false); // Since these parameters are 'out' parameters in managed code, ensure they are initialized - if (qx) *qx = nullptr; if (cbQx) *cbQx = 0; - if (qy) *qy = nullptr; if (cbQy) *cbQy = 0; - if (d) *d = nullptr; if (cbD) *cbD = 0; + if (qx) *qx = NULL; if (cbQx) *cbQx = 0; + if (qy) *qy = NULL; if (cbQy) *cbQy = 0; + if (d) *d = NULL; if (cbD) *cbD = 0; return 0; } // Get the public key and curve int rc = 0; - BIGNUM *xBn = nullptr; - BIGNUM *yBn = nullptr; + BIGNUM *xBn = NULL; + BIGNUM *yBn = NULL; ECCurveType curveType = CryptoNative_EcKeyGetCurveType(key); const EC_POINT* Q = EC_KEY_get0_public_key(key); const EC_GROUP* group = EC_KEY_get0_group(key); - if (curveType == ECCurveType::Unspecified || !Q || !group) + if (curveType == Unspecified || !Q || !group) goto error; // Extract qx and qy @@ -90,15 +90,15 @@ extern "C" int32_t CryptoNative_GetECKeyParameters( goto error; #if HAVE_OPENSSL_EC2M - if (API_EXISTS(EC_POINT_get_affine_coordinates_GF2m) && (curveType == ECCurveType::Characteristic2)) + if (API_EXISTS(EC_POINT_get_affine_coordinates_GF2m) && (curveType == Characteristic2)) { - if (!EC_POINT_get_affine_coordinates_GF2m(group, Q, xBn, yBn, nullptr)) + if (!EC_POINT_get_affine_coordinates_GF2m(group, Q, xBn, yBn, NULL)) goto error; } else #endif { - if (!EC_POINT_get_affine_coordinates_GFp(group, Q, xBn, yBn, nullptr)) + if (!EC_POINT_get_affine_coordinates_GFp(group, Q, xBn, yBn, NULL)) goto error; } @@ -109,9 +109,9 @@ extern "C" int32_t CryptoNative_GetECKeyParameters( if (includePrivate) { const BIGNUM* const_bignum_privateKey = EC_KEY_get0_private_key(key); - if (const_bignum_privateKey != nullptr) + if (const_bignum_privateKey != NULL) { - *d = const_cast<BIGNUM*>(const_bignum_privateKey); + *d = const_bignum_privateKey; *cbD = BN_num_bytes(*d); } else @@ -123,7 +123,7 @@ extern "C" int32_t CryptoNative_GetECKeyParameters( else { if (d) - *d = nullptr; + *d = NULL; if (cbD) *cbD = 0; @@ -135,14 +135,14 @@ extern "C" int32_t CryptoNative_GetECKeyParameters( error: *cbQx = *cbQy = 0; *qx = *qy = 0; - if (d) *d = nullptr; + if (d) *d = NULL; if (cbD) *cbD = 0; if (xBn) BN_free(xBn); if (yBn) BN_free(yBn); return rc; } -extern "C" int32_t CryptoNative_GetECCurveParameters( +int32_t CryptoNative_GetECCurveParameters( const EC_KEY* key, int32_t includePrivate, ECCurveType* curveType, @@ -174,29 +174,29 @@ extern "C" int32_t CryptoNative_GetECCurveParameters( assert(false); // Since these parameters are 'out' parameters in managed code, ensure they are initialized - if (p) *p = nullptr; if (cbP) *cbP = 0; - if (a) *a = nullptr; if (cbA) *cbA = 0; - if (b) *b = nullptr; if (cbB) *cbB = 0; - if (gx) *gx = nullptr; if (cbGx) *cbGx = 0; - if (gy) *gy = nullptr; if (cbGy) *cbGy = 0; - if (order) *order = nullptr; if (cbOrder) *cbOrder = 0; - if (cofactor) *cofactor = nullptr; if (cbCofactor) *cbCofactor = 0; - if (seed) *seed = nullptr; if (cbSeed) *cbSeed = 0; + if (p) *p = NULL; if (cbP) *cbP = 0; + if (a) *a = NULL; if (cbA) *cbA = 0; + if (b) *b = NULL; if (cbB) *cbB = 0; + if (gx) *gx = NULL; if (cbGx) *cbGx = 0; + if (gy) *gy = NULL; if (cbGy) *cbGy = 0; + if (order) *order = NULL; if (cbOrder) *cbOrder = 0; + if (cofactor) *cofactor = NULL; if (cbCofactor) *cbCofactor = 0; + if (seed) *seed = NULL; if (cbSeed) *cbSeed = 0; return 0; } - EC_GROUP* group = nullptr; - EC_POINT* G = nullptr; - EC_METHOD* curveMethod = nullptr; - BIGNUM* xBn = nullptr; - BIGNUM* yBn = nullptr; - BIGNUM* pBn = nullptr; - BIGNUM* aBn = nullptr; - BIGNUM* bBn = nullptr; - BIGNUM* orderBn = nullptr; - BIGNUM* cofactorBn = nullptr; - BIGNUM* seedBn = nullptr; + EC_GROUP* group = NULL; + EC_POINT* G = NULL; + EC_METHOD* curveMethod = NULL; + BIGNUM* xBn = NULL; + BIGNUM* yBn = NULL; + BIGNUM* pBn = NULL; + BIGNUM* aBn = NULL; + BIGNUM* bBn = NULL; + BIGNUM* orderBn = NULL; + BIGNUM* cofactorBn = NULL; + BIGNUM* seedBn = NULL; // Exit if CryptoNative_GetECKeyParameters failed if (rc != 1) @@ -213,38 +213,38 @@ extern "C" int32_t CryptoNative_GetECCurveParameters( if (!xBn || !yBn || !pBn || !aBn || !bBn || !orderBn || !cofactorBn) goto error; - group = const_cast<EC_GROUP*>(EC_KEY_get0_group(key)); // curve + group = EC_KEY_get0_group(key); // curve if (!group) goto error; - curveMethod = const_cast<EC_METHOD*>(EC_GROUP_method_of(group)); + curveMethod = EC_GROUP_method_of(group); if (!curveMethod) goto error; *curveType = MethodToCurveType(curveMethod); - if (*curveType == ECCurveType::Unspecified) + if (*curveType == Unspecified) goto error; // Extract p, a, b #if HAVE_OPENSSL_EC2M - if (API_EXISTS(EC_GROUP_get_curve_GF2m) && (*curveType == ECCurveType::Characteristic2)) + if (API_EXISTS(EC_GROUP_get_curve_GF2m) && (*curveType == Characteristic2)) { // pBn represents the binary polynomial - if (!EC_GROUP_get_curve_GF2m(group, pBn, aBn, bBn, nullptr)) + if (!EC_GROUP_get_curve_GF2m(group, pBn, aBn, bBn, NULL)) goto error; } else #endif { // pBn represents the prime - if (!EC_GROUP_get_curve_GFp(group, pBn, aBn, bBn, nullptr)) + if (!EC_GROUP_get_curve_GFp(group, pBn, aBn, bBn, NULL)) goto error; } // Extract gx and gy - G = const_cast<EC_POINT*>(EC_GROUP_get0_generator(group)); + G = EC_GROUP_get0_generator(group); #if HAVE_OPENSSL_EC2M - if (API_EXISTS(EC_POINT_get_affine_coordinates_GF2m) && (*curveType == ECCurveType::Characteristic2)) + if (API_EXISTS(EC_POINT_get_affine_coordinates_GF2m) && (*curveType == Characteristic2)) { if (!EC_POINT_get_affine_coordinates_GF2m(group, G, xBn, yBn, NULL)) goto error; @@ -257,18 +257,18 @@ extern "C" int32_t CryptoNative_GetECCurveParameters( } // Extract order (n) - if (!EC_GROUP_get_order(group, orderBn, nullptr)) + if (!EC_GROUP_get_order(group, orderBn, NULL)) goto error; // Extract cofactor (h) - if (!EC_GROUP_get_cofactor(group, cofactorBn, nullptr)) + if (!EC_GROUP_get_cofactor(group, cofactorBn, NULL)) goto error; // Extract seed (optional) if (EC_GROUP_get0_seed(group)) { seedBn = BN_bin2bn(EC_GROUP_get0_seed(group), - static_cast<int>(EC_GROUP_get_seed_len(group)), NULL); + (int)EC_GROUP_get_seed_len(group), NULL); *seed = seedBn; *cbSeed = BN_num_bytes(seedBn); @@ -282,7 +282,7 @@ extern "C" int32_t CryptoNative_GetECCurveParameters( } else { - *seed = nullptr; + *seed = NULL; *cbSeed = 0; } @@ -301,14 +301,14 @@ extern "C" int32_t CryptoNative_GetECCurveParameters( error: // Clear out variables from CryptoNative_GetECKeyParameters *cbQx = *cbQy = 0; - *qx = *qy = nullptr; - if (d) *d = nullptr; + *qx = *qy = NULL; + if (d) *d = NULL; if (cbD) *cbD = 0; // Clear our out variables - *curveType = ECCurveType::Unspecified; + *curveType = Unspecified; *cbP = *cbA = *cbB = *cbGx = *cbGy = *cbOrder = *cbCofactor = *cbSeed = 0; - *p = *a = *b = *gx = *gy = *order = *cofactor = *seed = nullptr; + *p = *a = *b = *gx = *gy = *order = *cofactor = *seed = NULL; if (xBn) BN_free(xBn); if (yBn) BN_free(yBn); @@ -323,7 +323,7 @@ exit: return rc; } -extern "C" int32_t CryptoNative_EcKeyCreateByKeyParameters(EC_KEY** key, const char* oid, uint8_t* qx, int32_t qxLength, uint8_t* qy, int32_t qyLength, uint8_t* d, int32_t dLength) +int32_t CryptoNative_EcKeyCreateByKeyParameters(EC_KEY** key, const char* oid, uint8_t* qx, int32_t qxLength, uint8_t* qy, int32_t qyLength, uint8_t* d, int32_t dLength) { if (!key || !oid) { @@ -331,7 +331,7 @@ extern "C" int32_t CryptoNative_EcKeyCreateByKeyParameters(EC_KEY** key, const c return 0; } - *key = nullptr; + *key = NULL; // oid can be friendly name or value int nid = OBJ_txt2nid(oid); @@ -342,15 +342,15 @@ extern "C" int32_t CryptoNative_EcKeyCreateByKeyParameters(EC_KEY** key, const c if (!(*key)) return -1; - BIGNUM* dBn = nullptr; - BIGNUM* qxBn = nullptr; - BIGNUM* qyBn = nullptr; + BIGNUM* dBn = NULL; + BIGNUM* qxBn = NULL; + BIGNUM* qyBn = NULL; // If key values specified, use them, otherwise a key will be generated later if (qx && qy) { - qxBn = BN_bin2bn(qx, qxLength, nullptr); - qyBn = BN_bin2bn(qy, qyLength, nullptr); + qxBn = BN_bin2bn(qx, qxLength, NULL); + qyBn = BN_bin2bn(qy, qyLength, NULL); if (!qxBn || !qyBn) goto error; @@ -360,7 +360,7 @@ extern "C" int32_t CryptoNative_EcKeyCreateByKeyParameters(EC_KEY** key, const c // Set private key (optional) if (d && dLength > 0) { - dBn = BN_bin2bn(d, dLength, nullptr); + dBn = BN_bin2bn(d, dLength, NULL); if (!dBn) goto error; @@ -383,12 +383,12 @@ error: if (*key) { EC_KEY_free(*key); - *key = nullptr; + *key = NULL; } return 0; } -extern "C" EC_KEY* CryptoNative_EcKeyCreateByExplicitParameters( +EC_KEY* CryptoNative_EcKeyCreateByExplicitParameters( ECCurveType curveType, uint8_t* qx, int32_t qxLength, uint8_t* qy, int32_t qyLength, @@ -409,75 +409,75 @@ extern "C" EC_KEY* CryptoNative_EcKeyCreateByExplicitParameters( return 0; } - EC_KEY* key = nullptr; - EC_POINT* G = nullptr; + EC_KEY* key = NULL; + EC_POINT* G = NULL; - BIGNUM* qxBn = nullptr; - BIGNUM* qyBn = nullptr; - BIGNUM* dBn = nullptr; - BIGNUM* pBn = nullptr; // p = either the char2 polynomial or the prime - BIGNUM* aBn = nullptr; - BIGNUM* bBn = nullptr; - BIGNUM* gxBn = nullptr; - BIGNUM* gyBn = nullptr; - BIGNUM* orderBn = nullptr; - BIGNUM* cofactorBn = nullptr; + BIGNUM* qxBn = NULL; + BIGNUM* qyBn = NULL; + BIGNUM* dBn = NULL; + BIGNUM* pBn = NULL; // p = either the char2 polynomial or the prime + BIGNUM* aBn = NULL; + BIGNUM* bBn = NULL; + BIGNUM* gxBn = NULL; + BIGNUM* gyBn = NULL; + BIGNUM* orderBn = NULL; + BIGNUM* cofactorBn = NULL; // Create the group. Explicitly specify the curve type because using EC_GROUP_new_curve_GFp // will default to montgomery curve const EC_METHOD* curveMethod = CurveTypeToMethod(curveType); - if (!curveMethod) return nullptr; + if (!curveMethod) return NULL; EC_GROUP* group = EC_GROUP_new(curveMethod); - if (!group) return nullptr; + if (!group) return NULL; - pBn = BN_bin2bn(p, pLength, nullptr); + pBn = BN_bin2bn(p, pLength, NULL); // At this point we should use 'goto error' since we allocated memory - aBn = BN_bin2bn(a, aLength, nullptr); - bBn = BN_bin2bn(b, bLength, nullptr); + aBn = BN_bin2bn(a, aLength, NULL); + bBn = BN_bin2bn(b, bLength, NULL); #if HAVE_OPENSSL_EC2M - if (API_EXISTS(EC_GROUP_set_curve_GF2m) && (curveType == ECCurveType::Characteristic2)) + if (API_EXISTS(EC_GROUP_set_curve_GF2m) && (curveType == Characteristic2)) { - if (!EC_GROUP_set_curve_GF2m(group, pBn, aBn, bBn, nullptr)) + if (!EC_GROUP_set_curve_GF2m(group, pBn, aBn, bBn, NULL)) goto error; } else #endif { - if (!EC_GROUP_set_curve_GFp(group, pBn, aBn, bBn, nullptr)) + if (!EC_GROUP_set_curve_GFp(group, pBn, aBn, bBn, NULL)) goto error; } // Set generator, order and cofactor G = EC_POINT_new(group); - gxBn = BN_bin2bn(gx, gxLength, nullptr); - gyBn = BN_bin2bn(gy, gyLength, nullptr); + gxBn = BN_bin2bn(gx, gxLength, NULL); + gyBn = BN_bin2bn(gy, gyLength, NULL); #if HAVE_OPENSSL_EC2M - if (API_EXISTS(EC_POINT_set_affine_coordinates_GF2m) && (curveType == ECCurveType::Characteristic2)) + if (API_EXISTS(EC_POINT_set_affine_coordinates_GF2m) && (curveType == Characteristic2)) { - EC_POINT_set_affine_coordinates_GF2m(group, G, gxBn, gyBn, nullptr); + EC_POINT_set_affine_coordinates_GF2m(group, G, gxBn, gyBn, NULL); } else #endif { - EC_POINT_set_affine_coordinates_GFp(group, G, gxBn, gyBn, nullptr); + EC_POINT_set_affine_coordinates_GFp(group, G, gxBn, gyBn, NULL); } - orderBn = BN_bin2bn(order, orderLength, nullptr); - cofactorBn = BN_bin2bn(cofactor, cofactorLength, nullptr); + orderBn = BN_bin2bn(order, orderLength, NULL); + cofactorBn = BN_bin2bn(cofactor, cofactorLength, NULL); EC_GROUP_set_generator(group, G, orderBn, cofactorBn); // Set seed (optional) if (seed && seedLength > 0) { - if (!EC_GROUP_set_seed(group, seed, static_cast<size_t>(seedLength))) + if (!EC_GROUP_set_seed(group, seed, (size_t)seedLength)) goto error; } // Validate group - if (!EC_GROUP_check(group, nullptr)) + if (!EC_GROUP_check(group, NULL)) goto error; // Create key @@ -491,8 +491,8 @@ extern "C" EC_KEY* CryptoNative_EcKeyCreateByExplicitParameters( // Set the public and private key values if (qx && qy) { - qxBn = BN_bin2bn(qx, qxLength, nullptr); - qyBn = BN_bin2bn(qy, qyLength, nullptr); + qxBn = BN_bin2bn(qx, qxLength, NULL); + qyBn = BN_bin2bn(qy, qyLength, NULL); if (!qxBn || !qyBn) goto error; @@ -502,7 +502,7 @@ extern "C" EC_KEY* CryptoNative_EcKeyCreateByExplicitParameters( // Set private key (optional) if (d && dLength) { - dBn = BN_bin2bn(d, dLength, nullptr); + dBn = BN_bin2bn(d, dLength, NULL); if (!dBn) goto error; @@ -532,5 +532,5 @@ error: if (G) EC_POINT_free(G); if (group) EC_GROUP_free(group); if (key) EC_KEY_free(key); - return nullptr; + return NULL; } diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_ecc_import_export.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_ecc_import_export.h index b138a080e6..f6fc6e0065 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_ecc_import_export.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_ecc_import_export.h @@ -3,9 +3,11 @@ // See the LICENSE file in the project root for more information. #include "pal_types.h" +#include "pal_compiler.h" #include "opensslshim.h" -typedef enum : int32_t { +typedef enum +{ Unspecified = 0, PrimeShortWeierstrass = 1, PrimeTwistedEdwards = 2, @@ -17,13 +19,13 @@ typedef enum : int32_t { /* Returns the ECCurveType given the key. */ -extern "C" ECCurveType CryptoNative_EcKeyGetCurveType( +DLLEXPORT ECCurveType CryptoNative_EcKeyGetCurveType( const EC_KEY* key); /* Returns the ECC key parameters. */ -extern "C" int32_t CryptoNative_GetECKeyParameters( +DLLEXPORT int32_t CryptoNative_GetECKeyParameters( const EC_KEY* key, int32_t includePrivate, BIGNUM** qx, int32_t* cbQx, @@ -33,7 +35,7 @@ extern "C" int32_t CryptoNative_GetECKeyParameters( /* Returns the ECC key and curve parameters. */ -extern "C" int32_t CryptoNative_GetECCurveParameters( +DLLEXPORT int32_t CryptoNative_GetECCurveParameters( const EC_KEY* key, int32_t includePrivate, ECCurveType* curveType, @@ -53,7 +55,7 @@ extern "C" int32_t CryptoNative_GetECCurveParameters( Creates the new EC_KEY instance using the curve oid (friendly name or value) and public key parameters. Returns 1 upon success, -1 if oid was not found, otherwise 0. */ -extern "C" int32_t CryptoNative_EcKeyCreateByKeyParameters( +DLLEXPORT int32_t CryptoNative_EcKeyCreateByKeyParameters( EC_KEY** key, const char* oid, uint8_t* qx, int32_t qxLength, @@ -63,7 +65,7 @@ extern "C" int32_t CryptoNative_EcKeyCreateByKeyParameters( /* Returns the new EC_KEY instance using the explicit parameters. */ -extern "C" EC_KEY* CryptoNative_EcKeyCreateByExplicitParameters( +DLLEXPORT EC_KEY* CryptoNative_EcKeyCreateByExplicitParameters( ECCurveType curveType, uint8_t* qx, int32_t qxLength, uint8_t* qy, int32_t qyLength, diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_ecdsa.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_ecdsa.c index 1e61f09f9a..27889bbf90 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_ecdsa.cpp +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_ecdsa.c @@ -5,7 +5,7 @@ #include "pal_ecdsa.h" #include "pal_utilities.h" -extern "C" int32_t +int32_t CryptoNative_EcDsaSign(const uint8_t* dgst, int32_t dgstlen, uint8_t* sig, int32_t* siglen, EC_KEY* key) { if (!siglen) @@ -13,19 +13,19 @@ CryptoNative_EcDsaSign(const uint8_t* dgst, int32_t dgstlen, uint8_t* sig, int32 return 0; } - unsigned int unsignedSigLength = UnsignedCast(*siglen); + unsigned int unsignedSigLength = Int32ToUint32(*siglen); int ret = ECDSA_sign(0, dgst, dgstlen, sig, &unsignedSigLength, key); - *siglen = SignedCast(unsignedSigLength); + *siglen = Uint32ToInt32(unsignedSigLength); return ret; } -extern "C" int32_t +int32_t CryptoNative_EcDsaVerify(const uint8_t* dgst, int32_t dgstlen, const uint8_t* sig, int32_t siglen, EC_KEY* key) { return ECDSA_verify(0, dgst, dgstlen, sig, siglen, key); } -extern "C" int32_t CryptoNative_EcDsaSize(const EC_KEY* key) +int32_t CryptoNative_EcDsaSize(const EC_KEY* key) { return ECDSA_size(key); } diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_ecdsa.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_ecdsa.h index 13ed17bb29..ccc47c9568 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_ecdsa.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_ecdsa.h @@ -3,6 +3,7 @@ // See the LICENSE file in the project root for more information. #include "pal_types.h" +#include "pal_compiler.h" #include "opensslshim.h" /* @@ -10,7 +11,7 @@ Shims the ECDSA_sign method. Returns 1 on success, otherwise 0. */ -extern "C" int32_t +DLLEXPORT int32_t CryptoNative_EcDsaSign(const uint8_t* dgst, int32_t dgstlen, uint8_t* sig, int32_t* siglen, EC_KEY* key); /* @@ -18,7 +19,7 @@ Shims the ECDSA_verify method. Returns 1 for a correct signature, 0 for an incorrect signature, -1 on error. */ -extern "C" int32_t +DLLEXPORT int32_t CryptoNative_EcDsaVerify(const uint8_t* dgst, int32_t dgstlen, const uint8_t* sig, int32_t siglen, EC_KEY* key); /* @@ -26,4 +27,4 @@ Shims the ECDSA_size method. Returns the maximum length of a DER encoded ECDSA signature created with this key. */ -extern "C" int32_t CryptoNative_EcDsaSize(const EC_KEY* key); +DLLEXPORT int32_t CryptoNative_EcDsaSize(const EC_KEY* key); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_eckey.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_eckey.c index 9a5a2a3662..77b598e333 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_eckey.cpp +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_eckey.c @@ -6,25 +6,25 @@ #include <assert.h> -extern "C" void CryptoNative_EcKeyDestroy(EC_KEY* r) +void CryptoNative_EcKeyDestroy(EC_KEY* r) { EC_KEY_free(r); } // For backwards compatibility -extern "C" EC_KEY* CryptoNative_EcKeyCreateByCurveName(int32_t nid) +EC_KEY* CryptoNative_EcKeyCreateByCurveName(int32_t nid) { return EC_KEY_new_by_curve_name(nid); } -extern "C" EC_KEY* CryptoNative_EcKeyCreateByOid(const char* oid) +EC_KEY* CryptoNative_EcKeyCreateByOid(const char* oid) { // oid can be friendly name or value int nid = OBJ_txt2nid(oid); return CryptoNative_EcKeyCreateByCurveName(nid); } -extern "C" int32_t CryptoNative_EcKeyGenerateKey(EC_KEY* eckey) +int32_t CryptoNative_EcKeyGenerateKey(EC_KEY* eckey) { if (!EC_KEY_generate_key(eckey)) return 0; @@ -32,12 +32,12 @@ extern "C" int32_t CryptoNative_EcKeyGenerateKey(EC_KEY* eckey) return EC_KEY_check_key(eckey); } -extern "C" int32_t CryptoNative_EcKeyUpRef(EC_KEY* r) +int32_t CryptoNative_EcKeyUpRef(EC_KEY* r) { return EC_KEY_up_ref(r); } -extern "C" int32_t CryptoNative_EcKeyGetSize(const EC_KEY* key, int32_t* keySize) +int32_t CryptoNative_EcKeyGetSize(const EC_KEY* key, int32_t* keySize) { if (!keySize) return 0; @@ -57,15 +57,15 @@ extern "C" int32_t CryptoNative_EcKeyGetSize(const EC_KEY* key, int32_t* keySize } // For backwards compatibility -extern "C" int32_t CryptoNative_EcKeyGetCurveName(const EC_KEY* key) +int32_t CryptoNative_EcKeyGetCurveName(const EC_KEY* key) { - if (key == nullptr) + if (key == NULL) { return NID_undef; } const EC_GROUP* group = EC_KEY_get0_group(key); - if (group == nullptr) + if (group == NULL) { return NID_undef; } @@ -73,7 +73,7 @@ extern "C" int32_t CryptoNative_EcKeyGetCurveName(const EC_KEY* key) return EC_GROUP_get_curve_name(group); } -extern "C" int32_t CryptoNative_EcKeyGetCurveName2(const EC_KEY* key, int32_t* nidName) +int32_t CryptoNative_EcKeyGetCurveName2(const EC_KEY* key, int32_t* nidName) { if (!nidName) return 0; diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_eckey.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_eckey.h index 4f180c9007..a590d356f6 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_eckey.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_eckey.h @@ -3,6 +3,7 @@ // See the LICENSE file in the project root for more information. #include "pal_types.h" +#include "pal_compiler.h" #include "opensslshim.h" /* @@ -14,51 +15,51 @@ No-op if r is null. The given EC_KEY pointer is invalid after this call. Always succeeds. */ -extern "C" void CryptoNative_EcKeyDestroy(EC_KEY* r); +DLLEXPORT void CryptoNative_EcKeyDestroy(EC_KEY* r); /* Shims the EC_KEY_new_by_curve_name method. Returns the new EC_KEY instance. */ -extern "C" EC_KEY* CryptoNative_EcKeyCreateByCurveName(int32_t nid); +DLLEXPORT EC_KEY* CryptoNative_EcKeyCreateByCurveName(int32_t nid); /* Shims the EC_KEY_new_by_curve_name method. Returns the new EC_KEY instance. */ -extern "C" EC_KEY* CryptoNative_EcKeyCreateByOid(const char* oid); +DLLEXPORT EC_KEY* CryptoNative_EcKeyCreateByOid(const char* oid); /* Shims the EC_KEY_generate_key method. Returns 1 upon success, otherwise 0. */ -extern "C" int32_t CryptoNative_EcKeyGenerateKey(EC_KEY* eckey); +DLLEXPORT int32_t CryptoNative_EcKeyGenerateKey(EC_KEY* eckey); /* Shims the EC_KEY_up_ref method. Returns 1 upon success, otherwise 0. */ -extern "C" int32_t CryptoNative_EcKeyUpRef(EC_KEY* r); +DLLEXPORT int32_t CryptoNative_EcKeyUpRef(EC_KEY* r); /* Gets the key size in bits for the specified EC_KEY. Returns 1 upon success, otherwise 0. */ -extern "C" int32_t CryptoNative_EcKeyGetSize(const EC_KEY* key, int32_t* keySize); +DLLEXPORT int32_t CryptoNative_EcKeyGetSize(const EC_KEY* key, int32_t* keySize); /* Gets the NID of the curve name as an oid value for the specified EC_KEY. */ -extern "C" int32_t CryptoNative_EcKeyGetCurveName(const EC_KEY* key); +DLLEXPORT int32_t CryptoNative_EcKeyGetCurveName(const EC_KEY* key); /* Gets the NID of the curve name as an oid value for the specified EC_KEY. Returns 1 upon success, otherwise 0. */ -extern "C" int32_t CryptoNative_EcKeyGetCurveName2(const EC_KEY* key, int32_t* nidName); +DLLEXPORT int32_t CryptoNative_EcKeyGetCurveName2(const EC_KEY* key, int32_t* nidName); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_err.c b/src/Native/Unix/System.Security.Cryptography.Native/pal_err.c new file mode 100644 index 0000000000..b8f9ed6a44 --- /dev/null +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_err.c @@ -0,0 +1,48 @@ +// Licensed to the .NET Foundation under one or more agreements. +// The .NET Foundation licenses this file to you under the MIT license. +// See the LICENSE file in the project root for more information. + +#include "pal_err.h" +#include "pal_utilities.h" + +void CryptoNative_ErrClearError() +{ + ERR_clear_error(); +} + +uint64_t CryptoNative_ErrGetError() +{ + return ERR_get_error(); +} + +uint64_t CryptoNative_ErrGetErrorAlloc(int32_t* isAllocFailure) +{ + unsigned long err = ERR_get_error(); + + if (isAllocFailure) + { + *isAllocFailure = ERR_GET_REASON(err) == ERR_R_MALLOC_FAILURE; + } + + return err; +} + +uint64_t CryptoNative_ErrPeekError() +{ + return ERR_peek_error(); +} + +uint64_t CryptoNative_ErrPeekLastError() +{ + return ERR_peek_last_error(); +} + +const char* CryptoNative_ErrReasonErrorString(uint64_t error) +{ + return ERR_reason_error_string((unsigned long)error); +} + +void CryptoNative_ErrErrorStringN(uint64_t e, char* buf, int32_t len) +{ + ERR_error_string_n((unsigned long)e, buf, Int32ToSizeT(len)); +} diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_err.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_err.cpp deleted file mode 100644 index 80997a8380..0000000000 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_err.cpp +++ /dev/null @@ -1,48 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -#include "pal_err.h" -#include "pal_utilities.h" - -extern "C" void CryptoNative_ErrClearError() -{ - ERR_clear_error(); -} - -extern "C" uint64_t CryptoNative_ErrGetError() -{ - return ERR_get_error(); -} - -extern "C" uint64_t CryptoNative_ErrGetErrorAlloc(int32_t* isAllocFailure) -{ - unsigned long err = ERR_get_error(); - - if (isAllocFailure) - { - *isAllocFailure = ERR_GET_REASON(err) == ERR_R_MALLOC_FAILURE; - } - - return err; -} - -extern "C" uint64_t CryptoNative_ErrPeekError() -{ - return ERR_peek_error(); -} - -extern "C" uint64_t CryptoNative_ErrPeekLastError() -{ - return ERR_peek_last_error(); -} - -extern "C" const char* CryptoNative_ErrReasonErrorString(uint64_t error) -{ - return ERR_reason_error_string(static_cast<unsigned long>(error)); -} - -extern "C" void CryptoNative_ErrErrorStringN(uint64_t e, char* buf, int32_t len) -{ - ERR_error_string_n(static_cast<unsigned long>(e), buf, UnsignedCast(len)); -} diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_err.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_err.h index 4da05604f4..eaa4c93898 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_err.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_err.h @@ -2,37 +2,38 @@ // The .NET Foundation licenses this file to you under the MIT license. // See the LICENSE file in the project root for more information. +#include "pal_compiler.h" #include <stdint.h> #include "opensslshim.h" /* Shims the ERR_clear_error method. */ -extern "C" void CryptoNative_ErrClearError(); +DLLEXPORT void CryptoNative_ErrClearError(void); /* Shims the ERR_get_error method. */ -extern "C" uint64_t CryptoNative_ErrGetError(); +DLLEXPORT uint64_t CryptoNative_ErrGetError(void); /* Shim to ERR_get_error which also returns whether the error was caused by an allocation failure. */ -extern "C" uint64_t CryptoNative_ErrGetErrorAlloc(int32_t* isAllocFailure); +DLLEXPORT uint64_t CryptoNative_ErrGetErrorAlloc(int32_t* isAllocFailure); -extern "C" uint64_t CryptoNative_ErrPeekError(void); +DLLEXPORT uint64_t CryptoNative_ErrPeekError(void); -extern "C" uint64_t CryptoNative_ErrPeekLastError(void); +DLLEXPORT uint64_t CryptoNative_ErrPeekLastError(void); /* Shims the ERR_reason_error_string method. Returns the string for the specified error. */ -extern "C" const char* CryptoNative_ErrReasonErrorString(uint64_t error); +DLLEXPORT const char* CryptoNative_ErrReasonErrorString(uint64_t error); /* Direct shim to ERR_error_string_n. */ -extern "C" void CryptoNative_ErrErrorStringN(uint64_t e, char* buf, int32_t len); +DLLEXPORT void CryptoNative_ErrErrorStringN(uint64_t e, char* buf, int32_t len); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp.c b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp.c new file mode 100644 index 0000000000..f475c41a55 --- /dev/null +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp.c @@ -0,0 +1,93 @@ +// Licensed to the .NET Foundation under one or more agreements. +// The .NET Foundation licenses this file to you under the MIT license. +// See the LICENSE file in the project root for more information. + +#include "pal_evp.h" + +#include <assert.h> + +#define SUCCESS 1 + +EVP_MD_CTX* CryptoNative_EvpMdCtxCreate(const EVP_MD* type) +{ + EVP_MD_CTX* ctx = EVP_MD_CTX_create(); + if (ctx == NULL) + { + // Allocation failed + return NULL; + } + + int ret = EVP_DigestInit_ex(ctx, type, NULL); + if (!ret) + { + EVP_MD_CTX_destroy(ctx); + return NULL; + } + + return ctx; +} + +void CryptoNative_EvpMdCtxDestroy(EVP_MD_CTX* ctx) +{ + if (ctx != NULL) + { + EVP_MD_CTX_destroy(ctx); + } +} + +int32_t CryptoNative_EvpDigestReset(EVP_MD_CTX* ctx, const EVP_MD* type) +{ + return EVP_DigestInit_ex(ctx, type, NULL); +} + +int32_t CryptoNative_EvpDigestUpdate(EVP_MD_CTX* ctx, const void* d, size_t cnt) +{ + return EVP_DigestUpdate(ctx, d, cnt); +} + +int32_t CryptoNative_EvpDigestFinalEx(EVP_MD_CTX* ctx, uint8_t* md, uint32_t* s) +{ + unsigned int size; + int32_t ret = EVP_DigestFinal_ex(ctx, md, &size); + if (ret == SUCCESS) + { + *s = size; + } + + return ret; +} + +int32_t CryptoNative_EvpMdSize(const EVP_MD* md) +{ + return EVP_MD_size(md); +} + +const EVP_MD* CryptoNative_EvpMd5() +{ + return EVP_md5(); +} + +const EVP_MD* CryptoNative_EvpSha1() +{ + return EVP_sha1(); +} + +const EVP_MD* CryptoNative_EvpSha256() +{ + return EVP_sha256(); +} + +const EVP_MD* CryptoNative_EvpSha384() +{ + return EVP_sha384(); +} + +const EVP_MD* CryptoNative_EvpSha512() +{ + return EVP_sha512(); +} + +int32_t CryptoNative_GetMaxMdSize() +{ + return EVP_MAX_MD_SIZE; +} diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp.cpp deleted file mode 100644 index 1fbadce9af..0000000000 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp.cpp +++ /dev/null @@ -1,93 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -#include "pal_evp.h" - -#include <assert.h> - -#define SUCCESS 1 - -extern "C" EVP_MD_CTX* CryptoNative_EvpMdCtxCreate(const EVP_MD* type) -{ - EVP_MD_CTX* ctx = EVP_MD_CTX_create(); - if (ctx == nullptr) - { - // Allocation failed - return nullptr; - } - - int ret = EVP_DigestInit_ex(ctx, type, nullptr); - if (!ret) - { - EVP_MD_CTX_destroy(ctx); - return nullptr; - } - - return ctx; -} - -extern "C" void CryptoNative_EvpMdCtxDestroy(EVP_MD_CTX* ctx) -{ - if (ctx != nullptr) - { - EVP_MD_CTX_destroy(ctx); - } -} - -extern "C" int32_t CryptoNative_EvpDigestReset(EVP_MD_CTX* ctx, const EVP_MD* type) -{ - return EVP_DigestInit_ex(ctx, type, nullptr); -} - -extern "C" int32_t CryptoNative_EvpDigestUpdate(EVP_MD_CTX* ctx, const void* d, size_t cnt) -{ - return EVP_DigestUpdate(ctx, d, cnt); -} - -extern "C" int32_t CryptoNative_EvpDigestFinalEx(EVP_MD_CTX* ctx, uint8_t* md, uint32_t* s) -{ - unsigned int size; - int32_t ret = EVP_DigestFinal_ex(ctx, md, &size); - if (ret == SUCCESS) - { - *s = size; - } - - return ret; -} - -extern "C" int32_t CryptoNative_EvpMdSize(const EVP_MD* md) -{ - return EVP_MD_size(md); -} - -extern "C" const EVP_MD* CryptoNative_EvpMd5() -{ - return EVP_md5(); -} - -extern "C" const EVP_MD* CryptoNative_EvpSha1() -{ - return EVP_sha1(); -} - -extern "C" const EVP_MD* CryptoNative_EvpSha256() -{ - return EVP_sha256(); -} - -extern "C" const EVP_MD* CryptoNative_EvpSha384() -{ - return EVP_sha384(); -} - -extern "C" const EVP_MD* CryptoNative_EvpSha512() -{ - return EVP_sha512(); -} - -extern "C" int32_t CryptoNative_GetMaxMdSize() -{ - return EVP_MAX_MD_SIZE; -} diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp.h index 1e0dc4a141..b0d7f9b61b 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp.h @@ -2,6 +2,7 @@ // The .NET Foundation licenses this file to you under the MIT license. // See the LICENSE file in the project root for more information. +#include "pal_compiler.h" #include <stdint.h> #include "opensslshim.h" @@ -14,7 +15,7 @@ Implemented by: Returns new EVP_MD_CTX on success, nullptr on failure. */ -extern "C" EVP_MD_CTX* CryptoNative_EvpMdCtxCreate(const EVP_MD* type); +DLLEXPORT EVP_MD_CTX* CryptoNative_EvpMdCtxCreate(const EVP_MD* type); /* Cleans up and deletes an EVP_MD_CTX instance created by EvpMdCtxCreate. @@ -26,12 +27,12 @@ No-op if ctx is null. The given EVP_MD_CTX pointer is invalid after this call. Always succeeds. */ -extern "C" void CryptoNative_EvpMdCtxDestroy(EVP_MD_CTX* ctx); +DLLEXPORT void CryptoNative_EvpMdCtxDestroy(EVP_MD_CTX* ctx); /* Resets an EVP_MD_CTX instance for a new computation. */ -extern "C" int32_t CryptoNative_EvpDigestReset(EVP_MD_CTX* ctx, const EVP_MD* type); +DLLEXPORT int32_t CryptoNative_EvpDigestReset(EVP_MD_CTX* ctx, const EVP_MD* type); /* Function: @@ -39,7 +40,7 @@ EvpDigestUpdate Direct shim to EVP_DigestUpdate. */ -extern "C" int32_t CryptoNative_EvpDigestUpdate(EVP_MD_CTX* ctx, const void* d, size_t cnt); +DLLEXPORT int32_t CryptoNative_EvpDigestUpdate(EVP_MD_CTX* ctx, const void* d, size_t cnt); /* Function: @@ -47,7 +48,7 @@ EvpDigestFinalEx Direct shim to EVP_DigestFinal_ex. */ -extern "C" int32_t CryptoNative_EvpDigestFinalEx(EVP_MD_CTX* ctx, uint8_t* md, uint32_t* s); +DLLEXPORT int32_t CryptoNative_EvpDigestFinalEx(EVP_MD_CTX* ctx, uint8_t* md, uint32_t* s); /* Function: @@ -55,7 +56,7 @@ EvpMdSize Direct shim to EVP_MD_size. */ -extern "C" int32_t CryptoNative_EvpMdSize(const EVP_MD* md); +DLLEXPORT int32_t CryptoNative_EvpMdSize(const EVP_MD* md); /* Function: @@ -63,7 +64,7 @@ EvpMd5 Direct shim to EVP_md5. */ -extern "C" const EVP_MD* CryptoNative_EvpMd5(); +DLLEXPORT const EVP_MD* CryptoNative_EvpMd5(void); /* Function: @@ -71,7 +72,7 @@ EvpSha1 Direct shim to EVP_sha1. */ -extern "C" const EVP_MD* CryptoNative_EvpSha1(); +DLLEXPORT const EVP_MD* CryptoNative_EvpSha1(void); /* Function: @@ -79,7 +80,7 @@ EvpSha256 Direct shim to EVP_sha256. */ -extern "C" const EVP_MD* CryptoNative_EvpSha256(); +DLLEXPORT const EVP_MD* CryptoNative_EvpSha256(void); /* Function: @@ -87,7 +88,7 @@ EvpSha384 Direct shim to EVP_sha384. */ -extern "C" const EVP_MD* CryptoNative_EvpSha384(); +DLLEXPORT const EVP_MD* CryptoNative_EvpSha384(void); /* Function: @@ -95,7 +96,7 @@ EvpSha512 Direct shim to EVP_sha512. */ -extern "C" const EVP_MD* CryptoNative_EvpSha512(); +DLLEXPORT const EVP_MD* CryptoNative_EvpSha512(void); /* Function: @@ -103,4 +104,4 @@ GetMaxMdSize Returns the maxium bytes for a message digest. */ -extern "C" int32_t CryptoNative_GetMaxMdSize(); +DLLEXPORT int32_t CryptoNative_GetMaxMdSize(void); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_cipher.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_cipher.c index 1f2e80e114..58a7ce13c9 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_cipher.cpp +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_cipher.c @@ -5,76 +5,79 @@ #include "pal_evp_cipher.h" #include <assert.h> -#include <memory> #define SUCCESS 1 #define KEEP_CURRENT_DIRECTION -1 -extern "C" EVP_CIPHER_CTX* +EVP_CIPHER_CTX* CryptoNative_EvpCipherCreate(const EVP_CIPHER* type, uint8_t* key, unsigned char* iv, int32_t enc) { return CryptoNative_EvpCipherCreate2(type, key, 0, 0, iv, enc); } -extern "C" EVP_CIPHER_CTX* +EVP_CIPHER_CTX* CryptoNative_EvpCipherCreate2(const EVP_CIPHER* type, uint8_t* key, int32_t keyLength, int32_t effectiveKeyLength, unsigned char* iv, int32_t enc) { - std::unique_ptr<EVP_CIPHER_CTX> ctx(new (std::nothrow) EVP_CIPHER_CTX); - if (ctx == nullptr) + EVP_CIPHER_CTX* ctx = (EVP_CIPHER_CTX*)malloc(sizeof(EVP_CIPHER_CTX)); + if (ctx == NULL) { // Allocation failed - return nullptr; + return NULL; } - EVP_CIPHER_CTX_init(ctx.get()); + EVP_CIPHER_CTX_init(ctx); // Perform partial initialization so we can set the key lengths - int ret = EVP_CipherInit_ex(ctx.get(), type, nullptr, nullptr, nullptr, 0); + int ret = EVP_CipherInit_ex(ctx, type, NULL, NULL, NULL, 0); if (!ret) { - return nullptr; + free(ctx); + return NULL; } if (keyLength > 0) { // Necessary when the default key size is different than current - ret = EVP_CIPHER_CTX_set_key_length(ctx.get(), keyLength / 8); + ret = EVP_CIPHER_CTX_set_key_length(ctx, keyLength / 8); if (!ret) { - return nullptr; + free(ctx); + return NULL; } } if (effectiveKeyLength > 0) { // Necessary for RC2 - ret = EVP_CIPHER_CTX_ctrl(ctx.get(), EVP_CTRL_SET_RC2_KEY_BITS, effectiveKeyLength, nullptr); + ret = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC2_KEY_BITS, effectiveKeyLength, NULL); if (ret <= 0) { - return nullptr; + free(ctx); + return NULL; } } // Perform final initialization specifying the remaining arguments - ret = EVP_CipherInit_ex(ctx.get(), nullptr, nullptr, key, iv, enc); + ret = EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc); if (!ret) { - return nullptr; + free(ctx); + return NULL; } - return ctx.release(); + return ctx; } -extern "C" void CryptoNative_EvpCipherDestroy(EVP_CIPHER_CTX* ctx) +void CryptoNative_EvpCipherDestroy(EVP_CIPHER_CTX* ctx) { - if (ctx != nullptr) + if (ctx != NULL) { EVP_CIPHER_CTX_cleanup(ctx); - delete ctx; + free(ctx); } } -extern "C" int32_t CryptoNative_EvpCipherReset(EVP_CIPHER_CTX* ctx) +int32_t CryptoNative_EvpCipherReset(EVP_CIPHER_CTX* ctx) { // EVP_CipherInit_ex with all nulls preserves the algorithm, resets the IV, // and maintains the key. @@ -85,15 +88,15 @@ extern "C" int32_t CryptoNative_EvpCipherReset(EVP_CIPHER_CTX* ctx) // But since we have a different object returned for CreateEncryptor // and CreateDecryptor we don't need to worry about that. - return EVP_CipherInit_ex(ctx, nullptr, nullptr, nullptr, nullptr, KEEP_CURRENT_DIRECTION); + return EVP_CipherInit_ex(ctx, NULL, NULL, NULL, NULL, KEEP_CURRENT_DIRECTION); } -extern "C" int32_t CryptoNative_EvpCipherCtxSetPadding(EVP_CIPHER_CTX* x, int32_t padding) +int32_t CryptoNative_EvpCipherCtxSetPadding(EVP_CIPHER_CTX* x, int32_t padding) { return EVP_CIPHER_CTX_set_padding(x, padding); } -extern "C" int32_t +int32_t CryptoNative_EvpCipherUpdate(EVP_CIPHER_CTX* ctx, uint8_t* out, int32_t* outl, unsigned char* in, int32_t inl) { int outLength; @@ -106,7 +109,7 @@ CryptoNative_EvpCipherUpdate(EVP_CIPHER_CTX* ctx, uint8_t* out, int32_t* outl, u return ret; } -extern "C" int32_t CryptoNative_EvpCipherFinalEx(EVP_CIPHER_CTX* ctx, uint8_t* outm, int32_t* outl) +int32_t CryptoNative_EvpCipherFinalEx(EVP_CIPHER_CTX* ctx, uint8_t* outm, int32_t* outl) { int outLength; int32_t ret = EVP_CipherFinal_ex(ctx, outm, &outLength); @@ -118,62 +121,62 @@ extern "C" int32_t CryptoNative_EvpCipherFinalEx(EVP_CIPHER_CTX* ctx, uint8_t* o return ret; } -extern "C" const EVP_CIPHER* CryptoNative_EvpAes128Ecb() +const EVP_CIPHER* CryptoNative_EvpAes128Ecb() { return EVP_aes_128_ecb(); } -extern "C" const EVP_CIPHER* CryptoNative_EvpAes128Cbc() +const EVP_CIPHER* CryptoNative_EvpAes128Cbc() { return EVP_aes_128_cbc(); } -extern "C" const EVP_CIPHER* CryptoNative_EvpAes192Ecb() +const EVP_CIPHER* CryptoNative_EvpAes192Ecb() { return EVP_aes_192_ecb(); } -extern "C" const EVP_CIPHER* CryptoNative_EvpAes192Cbc() +const EVP_CIPHER* CryptoNative_EvpAes192Cbc() { return EVP_aes_192_cbc(); } -extern "C" const EVP_CIPHER* CryptoNative_EvpAes256Ecb() +const EVP_CIPHER* CryptoNative_EvpAes256Ecb() { return EVP_aes_256_ecb(); } -extern "C" const EVP_CIPHER* CryptoNative_EvpAes256Cbc() +const EVP_CIPHER* CryptoNative_EvpAes256Cbc() { return EVP_aes_256_cbc(); } -extern "C" const EVP_CIPHER* CryptoNative_EvpDesEcb() +const EVP_CIPHER* CryptoNative_EvpDesEcb() { return EVP_des_ecb(); } -extern "C" const EVP_CIPHER* CryptoNative_EvpDesCbc() +const EVP_CIPHER* CryptoNative_EvpDesCbc() { return EVP_des_cbc(); } -extern "C" const EVP_CIPHER* CryptoNative_EvpDes3Ecb() +const EVP_CIPHER* CryptoNative_EvpDes3Ecb() { return EVP_des_ede3(); } -extern "C" const EVP_CIPHER* CryptoNative_EvpDes3Cbc() +const EVP_CIPHER* CryptoNative_EvpDes3Cbc() { return EVP_des_ede3_cbc(); } -extern "C" const EVP_CIPHER* CryptoNative_EvpRC2Ecb() +const EVP_CIPHER* CryptoNative_EvpRC2Ecb() { return EVP_rc2_ecb(); } -extern "C" const EVP_CIPHER* CryptoNative_EvpRC2Cbc() +const EVP_CIPHER* CryptoNative_EvpRC2Cbc() { return EVP_rc2_cbc(); } diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_cipher.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_cipher.h index fb3a6c750e..f95ea8f898 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_cipher.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_cipher.h @@ -3,6 +3,7 @@ // See the LICENSE file in the project root for more information. #include "pal_types.h" +#include "pal_compiler.h" #include "opensslshim.h" /* @@ -15,10 +16,10 @@ Implemented by: Returns new EVP_CIPHER_CTX on success, nullptr on failure. */ -extern "C" EVP_CIPHER_CTX* +DLLEXPORT EVP_CIPHER_CTX* CryptoNative_EvpCipherCreate(const EVP_CIPHER* type, uint8_t* key, unsigned char* iv, int32_t enc); -extern "C" EVP_CIPHER_CTX* +DLLEXPORT EVP_CIPHER_CTX* CryptoNative_EvpCipherCreate2(const EVP_CIPHER* type, uint8_t* key, int32_t keyLength, int32_t effectiveKeyLength, unsigned char* iv, int32_t enc); /* Cleans up and deletes an EVP_CIPHER_CTX instance created by EvpCipherCreate. @@ -31,7 +32,7 @@ No-op if ctx is null. The given EVP_CIPHER_CTX pointer is invalid after this call. Always succeeds. */ -extern "C" void CryptoNative_EvpCipherDestroy(EVP_CIPHER_CTX* ctx); +DLLEXPORT void CryptoNative_EvpCipherDestroy(EVP_CIPHER_CTX* ctx); /* Function: @@ -39,7 +40,7 @@ EvpCipherReset Resets an EVP_CIPHER_CTX instance for a new computation. */ -extern "C" int32_t CryptoNative_EvpCipherReset(EVP_CIPHER_CTX* ctx); +DLLEXPORT int32_t CryptoNative_EvpCipherReset(EVP_CIPHER_CTX* ctx); /* Function: @@ -47,7 +48,7 @@ EvpCipherCtxSetPadding Direct shim to EVP_CIPHER_CTX_set_padding. */ -extern "C" int32_t CryptoNative_EvpCipherCtxSetPadding(EVP_CIPHER_CTX* x, int32_t padding); +DLLEXPORT int32_t CryptoNative_EvpCipherCtxSetPadding(EVP_CIPHER_CTX* x, int32_t padding); /* Function: @@ -55,7 +56,7 @@ EvpCipherUpdate Direct shim to EVP_CipherUpdate. */ -extern "C" int32_t +DLLEXPORT int32_t CryptoNative_EvpCipherUpdate(EVP_CIPHER_CTX* ctx, uint8_t* out, int32_t* outl, unsigned char* in, int32_t inl); /* @@ -64,7 +65,7 @@ EvpCipherFinalEx Direct shim to EVP_CipherFinal_ex. */ -extern "C" int32_t CryptoNative_EvpCipherFinalEx(EVP_CIPHER_CTX* ctx, uint8_t* outm, int32_t* outl); +DLLEXPORT int32_t CryptoNative_EvpCipherFinalEx(EVP_CIPHER_CTX* ctx, uint8_t* outm, int32_t* outl); /* Function: @@ -72,7 +73,7 @@ EvpAes128Ecb Direct shim to EVP_aes_128_ecb. */ -extern "C" const EVP_CIPHER* CryptoNative_EvpAes128Ecb(); +DLLEXPORT const EVP_CIPHER* CryptoNative_EvpAes128Ecb(void); /* Function: @@ -80,7 +81,7 @@ EvpAes128Cbc Direct shim to EVP_aes_128_cbc. */ -extern "C" const EVP_CIPHER* CryptoNative_EvpAes128Cbc(); +DLLEXPORT const EVP_CIPHER* CryptoNative_EvpAes128Cbc(void); /* Function: @@ -88,7 +89,7 @@ EvpAes192Ecb Direct shim to EVP_aes_192_ecb. */ -extern "C" const EVP_CIPHER* CryptoNative_EvpAes192Ecb(); +DLLEXPORT const EVP_CIPHER* CryptoNative_EvpAes192Ecb(void); /* Function: @@ -96,7 +97,7 @@ EvpAes192Cbc Direct shim to EVP_aes_192_cbc. */ -extern "C" const EVP_CIPHER* CryptoNative_EvpAes192Cbc(); +DLLEXPORT const EVP_CIPHER* CryptoNative_EvpAes192Cbc(void); /* Function: @@ -104,7 +105,7 @@ EvpAes256Ecb Direct shim to EVP_aes_256_ecb. */ -extern "C" const EVP_CIPHER* CryptoNative_EvpAes256Ecb(); +DLLEXPORT const EVP_CIPHER* CryptoNative_EvpAes256Ecb(void); /* Function: @@ -112,7 +113,7 @@ EvpAes256Cbc Direct shim to EVP_aes_256_cbc. */ -extern "C" const EVP_CIPHER* CryptoNative_EvpAes256Cbc(); +DLLEXPORT const EVP_CIPHER* CryptoNative_EvpAes256Cbc(void); /* Function: @@ -120,7 +121,7 @@ EvpDes3Ecb Direct shim to EVP_des_ede3. */ -extern "C" const EVP_CIPHER* CryptoNative_EvpDes3Ecb(); +DLLEXPORT const EVP_CIPHER* CryptoNative_EvpDes3Ecb(void); /* Function: @@ -128,7 +129,7 @@ EvpDes3Cbc Direct shim to EVP_des_ede3_cbc. */ -extern "C" const EVP_CIPHER* CryptoNative_EvpDes3Cbc(); +DLLEXPORT const EVP_CIPHER* CryptoNative_EvpDes3Cbc(void); /* Function: @@ -136,7 +137,7 @@ EvpDesEcb Direct shim to EVP_des_ecb. */ -extern "C" const EVP_CIPHER* CryptoNative_EvpDesEcb(); +DLLEXPORT const EVP_CIPHER* CryptoNative_EvpDesEcb(void); /* Function: @@ -144,7 +145,7 @@ EvpDesCbc Direct shim to EVP_des_ede_cbc. */ -extern "C" const EVP_CIPHER* CryptoNative_EvpDesCbc(); +DLLEXPORT const EVP_CIPHER* CryptoNative_EvpDesCbc(void); /* Function: @@ -152,7 +153,7 @@ EvpRC2Ecb Direct shim to EVP_rc2_ecb. */ -extern "C" const EVP_CIPHER* CryptoNative_EvpRC2Ecb(); +DLLEXPORT const EVP_CIPHER* CryptoNative_EvpRC2Ecb(void); /* Function: @@ -160,4 +161,4 @@ EvpRC2Cbc Direct shim to EVP_des_rc2_cbc. */ -extern "C" const EVP_CIPHER* CryptoNative_EvpRC2Cbc(); +DLLEXPORT const EVP_CIPHER* CryptoNative_EvpRC2Cbc(void); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey.c index 384030740e..02e8524d96 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey.cpp +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey.c @@ -4,20 +4,20 @@ #include "pal_evp_pkey.h" -extern "C" EVP_PKEY* CryptoNative_EvpPkeyCreate() +EVP_PKEY* CryptoNative_EvpPkeyCreate() { return EVP_PKEY_new(); } -extern "C" void CryptoNative_EvpPkeyDestroy(EVP_PKEY* pkey) +void CryptoNative_EvpPkeyDestroy(EVP_PKEY* pkey) { - if (pkey != nullptr) + if (pkey != NULL) { EVP_PKEY_free(pkey); } } -extern "C" int32_t CryptoNative_UpRefEvpPkey(EVP_PKEY* pkey) +int32_t CryptoNative_UpRefEvpPkey(EVP_PKEY* pkey) { if (!pkey) { diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey.h index 1449fda5b4..7baf997d8d 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey.h @@ -3,6 +3,7 @@ // See the LICENSE file in the project root for more information. #include "pal_types.h" +#include "pal_compiler.h" #include "opensslshim.h" /* @@ -10,7 +11,7 @@ Shims the EVP_PKEY_new method. Returns the new EVP_PKEY instance. */ -extern "C" EVP_PKEY* CryptoNative_EvpPkeyCreate(); +DLLEXPORT EVP_PKEY* CryptoNative_EvpPkeyCreate(void); /* Cleans up and deletes a EVP_PKEY instance. @@ -21,7 +22,7 @@ No-op if pkey is null. The given EVP_PKEY pointer is invalid after this call. Always succeeds. */ -extern "C" void CryptoNative_EvpPkeyDestroy(EVP_PKEY* pkey); +DLLEXPORT void CryptoNative_EvpPkeyDestroy(EVP_PKEY* pkey); /* Used by System.Security.Cryptography.X509Certificates' OpenSslX509CertificateReader when @@ -30,4 +31,4 @@ duplicating a private key context as part of duplicating the Pal object. Returns the number (as of this call) of references to the EVP_PKEY. Anything less than 2 is an error, because the key is already in the process of being freed. */ -extern "C" int32_t CryptoNative_UpRefEvpPkey(EVP_PKEY* pkey); +DLLEXPORT int32_t CryptoNative_UpRefEvpPkey(EVP_PKEY* pkey); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_dsa.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_dsa.c index 797d21d045..e67642d419 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_dsa.cpp +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_dsa.c @@ -4,12 +4,12 @@ #include "pal_evp_pkey_dsa.h" -extern "C" DSA* CryptoNative_EvpPkeyGetDsa(EVP_PKEY* pkey) +DSA* CryptoNative_EvpPkeyGetDsa(EVP_PKEY* pkey) { return EVP_PKEY_get1_DSA(pkey); } -extern "C" int32_t CryptoNative_EvpPkeySetDsa(EVP_PKEY* pkey, DSA* dsa) +int32_t CryptoNative_EvpPkeySetDsa(EVP_PKEY* pkey, DSA* dsa) { return EVP_PKEY_set1_DSA(pkey, dsa); } diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_dsa.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_dsa.h index 79835d27ec..7ea1743809 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_dsa.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_dsa.h @@ -3,6 +3,7 @@ // See the LICENSE file in the project root for more information. #include "pal_types.h" +#include "pal_compiler.h" #include "opensslshim.h" /* @@ -10,7 +11,7 @@ Shims the EVP_PKEY_get1_DSA method. Returns the DSA instance for the EVP_PKEY. */ -extern "C" DSA* CryptoNative_EvpPkeyGetDsa(EVP_PKEY* pkey); +DLLEXPORT DSA* CryptoNative_EvpPkeyGetDsa(EVP_PKEY* pkey); /* Shims the EVP_PKEY_set1_DSA method to set the DSA @@ -18,4 +19,4 @@ instance on the EVP_KEY. Returns 1 upon success, otherwise 0. */ -extern "C" int32_t CryptoNative_EvpPkeySetDsa(EVP_PKEY* pkey, DSA* dsa); +DLLEXPORT int32_t CryptoNative_EvpPkeySetDsa(EVP_PKEY* pkey, DSA* dsa); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_ecdh.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_ecdh.c index 1b696096b2..0fd53380fa 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_ecdh.cpp +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_ecdh.c @@ -4,22 +4,22 @@ #include "pal_evp_pkey_ecdh.h" -extern "C" EVP_PKEY_CTX* CryptoNative_EvpPKeyCtxCreate(EVP_PKEY* pkey, EVP_PKEY* peerkey, uint32_t* secretLength) +EVP_PKEY_CTX* CryptoNative_EvpPKeyCtxCreate(EVP_PKEY* pkey, EVP_PKEY* peerkey, uint32_t* secretLength) { - if (secretLength != nullptr) + if (secretLength != NULL) *secretLength = 0; - if (pkey == nullptr || peerkey == nullptr || secretLength == nullptr) + if (pkey == NULL || peerkey == NULL || secretLength == NULL) { - return nullptr; + return NULL; } /* Create the context for the shared secret derivation */ EVP_PKEY_CTX* ctx = EVP_PKEY_CTX_new(pkey, NULL); - if (ctx == nullptr) + if (ctx == NULL) { - return nullptr; + return NULL; } size_t tmpLength = 0; @@ -29,19 +29,19 @@ extern "C" EVP_PKEY_CTX* CryptoNative_EvpPKeyCtxCreate(EVP_PKEY* pkey, EVP_PKEY* 1 != EVP_PKEY_derive(ctx, NULL, &tmpLength)) { EVP_PKEY_CTX_free(ctx); - return nullptr; + return NULL; } *secretLength = (uint32_t)tmpLength; return ctx; } -extern "C" int32_t CryptoNative_EvpPKeyDeriveSecretAgreement(uint8_t* secret, uint32_t secretLength, EVP_PKEY_CTX* ctx) +int32_t CryptoNative_EvpPKeyDeriveSecretAgreement(uint8_t* secret, uint32_t secretLength, EVP_PKEY_CTX* ctx) { size_t tmpSize = (size_t)secretLength; int ret = 0; - if (secret != nullptr && ctx != nullptr) + if (secret != NULL && ctx != NULL) { ret = EVP_PKEY_derive(ctx, secret, &tmpSize); @@ -55,9 +55,9 @@ extern "C" int32_t CryptoNative_EvpPKeyDeriveSecretAgreement(uint8_t* secret, ui return ret; } -extern "C" void CryptoNative_EvpPKeyCtxDestroy(EVP_PKEY_CTX* ctx) +void CryptoNative_EvpPKeyCtxDestroy(EVP_PKEY_CTX* ctx) { - if (ctx != nullptr) + if (ctx != NULL) { EVP_PKEY_CTX_free(ctx); } diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_ecdh.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_ecdh.h index 59052a15ab..e97f4e2603 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_ecdh.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_ecdh.h @@ -2,11 +2,12 @@ // The .NET Foundation licenses this file to you under the MIT license. // See the LICENSE file in the project root for more information. -#include "opensslshim.h" #include "pal_types.h" +#include "pal_compiler.h" +#include "opensslshim.h" -extern "C" EVP_PKEY_CTX* CryptoNative_EvpPKeyCtxCreate(EVP_PKEY* pkey, EVP_PKEY* peerkey, uint32_t* secretLength); +DLLEXPORT EVP_PKEY_CTX* CryptoNative_EvpPKeyCtxCreate(EVP_PKEY* pkey, EVP_PKEY* peerkey, uint32_t* secretLength); -extern "C" int32_t CryptoNative_EvpPKeyDeriveSecretAgreement(uint8_t* secret, uint32_t secretLength, EVP_PKEY_CTX* ctx); +DLLEXPORT int32_t CryptoNative_EvpPKeyDeriveSecretAgreement(uint8_t* secret, uint32_t secretLength, EVP_PKEY_CTX* ctx); -extern "C" void CryptoNative_EvpPKeyCtxDestroy(EVP_PKEY_CTX* ctx); +DLLEXPORT void CryptoNative_EvpPKeyCtxDestroy(EVP_PKEY_CTX* ctx); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_eckey.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_eckey.c index 1c792514e6..305734212e 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_eckey.cpp +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_eckey.c @@ -4,12 +4,12 @@ #include "pal_evp_pkey_eckey.h" -extern "C" EC_KEY* CryptoNative_EvpPkeyGetEcKey(EVP_PKEY* pkey) +EC_KEY* CryptoNative_EvpPkeyGetEcKey(EVP_PKEY* pkey) { return EVP_PKEY_get1_EC_KEY(pkey); } -extern "C" int32_t CryptoNative_EvpPkeySetEcKey(EVP_PKEY* pkey, EC_KEY* key) +int32_t CryptoNative_EvpPkeySetEcKey(EVP_PKEY* pkey, EC_KEY* key) { return EVP_PKEY_set1_EC_KEY(pkey, key); } diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_eckey.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_eckey.h index 0b71546cf8..fbeea59bff 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_eckey.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_eckey.h @@ -3,6 +3,7 @@ // See the LICENSE file in the project root for more information. #include "pal_types.h" +#include "pal_compiler.h" #include "opensslshim.h" /* @@ -10,7 +11,7 @@ Shims the EVP_PKEY_get1_EC_KEY method. Returns the EC_KEY instance for the EVP_PKEY. */ -extern "C" EC_KEY* CryptoNative_EvpPkeyGetEcKey(EVP_PKEY* pkey); +DLLEXPORT EC_KEY* CryptoNative_EvpPkeyGetEcKey(EVP_PKEY* pkey); /* Shims the EVP_PKEY_set1_EC_KEY method to set the EC_KEY @@ -18,4 +19,4 @@ instance on the EVP_KEY. Returns 1 upon success, otherwise 0. */ -extern "C" int32_t CryptoNative_EvpPkeySetEcKey(EVP_PKEY* pkey, EC_KEY* key); +DLLEXPORT int32_t CryptoNative_EvpPkeySetEcKey(EVP_PKEY* pkey, EC_KEY* key); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_rsa.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_rsa.c index c36a830722..e8d961dbd2 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_rsa.cpp +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_rsa.c @@ -4,12 +4,12 @@ #include "pal_evp_pkey_rsa.h" -extern "C" RSA* CryptoNative_EvpPkeyGetRsa(EVP_PKEY* pkey) +RSA* CryptoNative_EvpPkeyGetRsa(EVP_PKEY* pkey) { return EVP_PKEY_get1_RSA(pkey); } -extern "C" int32_t CryptoNative_EvpPkeySetRsa(EVP_PKEY* pkey, RSA* rsa) +int32_t CryptoNative_EvpPkeySetRsa(EVP_PKEY* pkey, RSA* rsa) { return EVP_PKEY_set1_RSA(pkey, rsa); } diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_rsa.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_rsa.h index 3200a6180e..d8ff369670 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_rsa.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey_rsa.h @@ -3,6 +3,7 @@ // See the LICENSE file in the project root for more information. #include "pal_types.h" +#include "pal_compiler.h" #include "opensslshim.h" /* @@ -10,7 +11,7 @@ Shims the EVP_PKEY_get1_RSA method. Returns the RSA instance for the EVP_PKEY. */ -extern "C" RSA* CryptoNative_EvpPkeyGetRsa(EVP_PKEY* pkey); +DLLEXPORT RSA* CryptoNative_EvpPkeyGetRsa(EVP_PKEY* pkey); /* Shims the EVP_PKEY_set1_RSA method to set the RSA @@ -18,4 +19,4 @@ instance on the EVP_KEY. Returns 1 upon success, otherwise 0. */ -extern "C" int32_t CryptoNative_EvpPkeySetRsa(EVP_PKEY* pkey, RSA* rsa); +DLLEXPORT int32_t CryptoNative_EvpPkeySetRsa(EVP_PKEY* pkey, RSA* rsa); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_hmac.c b/src/Native/Unix/System.Security.Cryptography.Native/pal_hmac.c new file mode 100644 index 0000000000..783850ee6b --- /dev/null +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_hmac.c @@ -0,0 +1,88 @@ +// Licensed to the .NET Foundation under one or more agreements. +// The .NET Foundation licenses this file to you under the MIT license. +// See the LICENSE file in the project root for more information. + +#include "pal_config.h" +#include "pal_utilities.h" +#include "pal_hmac.h" + +#include <assert.h> + +HMAC_CTX* CryptoNative_HmacCreate(const uint8_t* key, int32_t keyLen, const EVP_MD* md) +{ + assert(key != NULL || keyLen == 0); + assert(keyLen >= 0); + assert(md != NULL); + + HMAC_CTX* ctx = (HMAC_CTX*)malloc(sizeof(HMAC_CTX)); + if (ctx == NULL) + { + // Allocation failed + return NULL; + } + + // NOTE: We can't pass NULL as empty key since HMAC_Init_ex will interpret + // that as request to reuse the "existing" key. + uint8_t _; + if (keyLen == 0) + key = &_; + + HMAC_CTX_init(ctx); + int ret = HMAC_Init_ex(ctx, key, keyLen, md, NULL); + + if (!ret) + { + free(ctx); + return NULL; + } + + return ctx; +} + +void CryptoNative_HmacDestroy(HMAC_CTX* ctx) +{ + if (ctx != NULL) + { + HMAC_CTX_cleanup(ctx); + free(ctx); + } +} + +int32_t CryptoNative_HmacReset(HMAC_CTX* ctx) +{ + assert(ctx != NULL); + + return HMAC_Init_ex(ctx, NULL, 0, NULL, NULL); +} + +int32_t CryptoNative_HmacUpdate(HMAC_CTX* ctx, const uint8_t* data, int32_t len) +{ + assert(ctx != NULL); + assert(data != NULL || len == 0); + assert(len >= 0); + + if (len < 0) + { + return 0; + } + + return HMAC_Update(ctx, data, Int32ToSizeT(len)); +} + +int32_t CryptoNative_HmacFinal(HMAC_CTX* ctx, uint8_t* md, int32_t* len) +{ + assert(ctx != NULL); + assert(len != NULL); + assert(md != NULL || *len == 0); + assert(*len >= 0); + + if (len == NULL || *len < 0) + { + return 0; + } + + unsigned int unsignedLen = Int32ToUint32(*len); + int ret = HMAC_Final(ctx, md, &unsignedLen); + *len = Uint32ToInt32(unsignedLen); + return ret; +} diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_hmac.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_hmac.cpp deleted file mode 100644 index 10eef6809c..0000000000 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_hmac.cpp +++ /dev/null @@ -1,88 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -#include "pal_config.h" -#include "pal_utilities.h" -#include "pal_hmac.h" - -#include <assert.h> -#include <memory> - -extern "C" HMAC_CTX* CryptoNative_HmacCreate(const uint8_t* key, int32_t keyLen, const EVP_MD* md) -{ - assert(key != nullptr || keyLen == 0); - assert(keyLen >= 0); - assert(md != nullptr); - - std::unique_ptr<HMAC_CTX> ctx(new (std::nothrow) HMAC_CTX); - if (ctx == nullptr) - { - // Allocation failed - return nullptr; - } - - // NOTE: We can't pass nullptr as empty key since HMAC_Init_ex will interpret - // that as request to reuse the "existing" key. - uint8_t _; - if (keyLen == 0) - key = &_; - - HMAC_CTX_init(ctx.get()); - int ret = HMAC_Init_ex(ctx.get(), key, keyLen, md, nullptr); - - if (!ret) - { - return nullptr; - } - - return ctx.release(); -} - -extern "C" void CryptoNative_HmacDestroy(HMAC_CTX* ctx) -{ - if (ctx != nullptr) - { - HMAC_CTX_cleanup(ctx); - delete ctx; - } -} - -extern "C" int32_t CryptoNative_HmacReset(HMAC_CTX* ctx) -{ - assert(ctx != nullptr); - - return HMAC_Init_ex(ctx, nullptr, 0, nullptr, nullptr); -} - -extern "C" int32_t CryptoNative_HmacUpdate(HMAC_CTX* ctx, const uint8_t* data, int32_t len) -{ - assert(ctx != nullptr); - assert(data != nullptr || len == 0); - assert(len >= 0); - - if (len < 0) - { - return 0; - } - - return HMAC_Update(ctx, data, UnsignedCast(len)); -} - -extern "C" int32_t CryptoNative_HmacFinal(HMAC_CTX* ctx, uint8_t* md, int32_t* len) -{ - assert(ctx != nullptr); - assert(len != nullptr); - assert(md != nullptr || *len == 0); - assert(*len >= 0); - - if (len == nullptr || *len < 0) - { - return 0; - } - - unsigned int unsignedLen = UnsignedCast(*len); - int ret = HMAC_Final(ctx, md, &unsignedLen); - *len = SignedCast(unsignedLen); - return ret; -} diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_hmac.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_hmac.h index 131e148c00..72862b8b9c 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_hmac.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_hmac.h @@ -3,6 +3,7 @@ // See the LICENSE file in the project root for more information. #include "pal_types.h" +#include "pal_compiler.h" #include "opensslshim.h" // The shim API here is slightly less than 1:1 with underlying API so that: @@ -24,7 +25,7 @@ typedef struct env_md_st EVP_MD; * * Returns new HMAC_CTX on success, nullptr on failure. */ -extern "C" HMAC_CTX* CryptoNative_HmacCreate(const uint8_t* key, int32_t keyLen, const EVP_MD* md); +DLLEXPORT HMAC_CTX* CryptoNative_HmacCreate(const uint8_t* key, int32_t keyLen, const EVP_MD* md); /** * Cleans up and deletes an HMAC_CTX instance created by HmacCreate. @@ -37,14 +38,14 @@ extern "C" HMAC_CTX* CryptoNative_HmacCreate(const uint8_t* key, int32_t keyLen, * The given HMAC_CTX pointer is invalid after this call. * Always succeeds. */ -extern "C" void CryptoNative_HmacDestroy(HMAC_CTX* ctx); +DLLEXPORT void CryptoNative_HmacDestroy(HMAC_CTX* ctx); /** * Resets an HMAC_CTX instance for a new computation, preserving the key and EVP_MD. * * Implemented by passing all null/0 values but ctx to HMAC_Init_ex. */ -extern "C" int32_t CryptoNative_HmacReset(HMAC_CTX* ctx); +DLLEXPORT int32_t CryptoNative_HmacReset(HMAC_CTX* ctx); /** * Appends data to the computation. @@ -53,7 +54,7 @@ extern "C" int32_t CryptoNative_HmacReset(HMAC_CTX* ctx); * * Returns 1 for success or 0 for failure. (Always succeeds on platforms where HMAC_Update returns void.) */ -extern "C" int32_t CryptoNative_HmacUpdate(HMAC_CTX* ctx, const uint8_t* data, int32_t len); +DLLEXPORT int32_t CryptoNative_HmacUpdate(HMAC_CTX* ctx, const uint8_t* data, int32_t len); /** * Finalizes the computation and obtains the result. @@ -62,4 +63,4 @@ extern "C" int32_t CryptoNative_HmacUpdate(HMAC_CTX* ctx, const uint8_t* data, i * * Returns 1 for success or 0 for failure. (Always succeeds on platforms where HMAC_Update returns void.) */ -extern "C" int32_t CryptoNative_HmacFinal(HMAC_CTX* ctx, uint8_t* md, int32_t* len); +DLLEXPORT int32_t CryptoNative_HmacFinal(HMAC_CTX* ctx, uint8_t* md, int32_t* len); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_pkcs12.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_pkcs12.c index 7e48813e03..ea88390191 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_pkcs12.cpp +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_pkcs12.c @@ -4,46 +4,46 @@ #include "pal_pkcs12.h" -extern "C" PKCS12* CryptoNative_DecodePkcs12(const uint8_t* buf, int32_t len) +PKCS12* CryptoNative_DecodePkcs12(const uint8_t* buf, int32_t len) { if (!buf || !len) { - return nullptr; + return NULL; } - return d2i_PKCS12(nullptr, &buf, len); + return d2i_PKCS12(NULL, &buf, len); } -extern "C" PKCS12* CryptoNative_DecodePkcs12FromBio(BIO* bio) +PKCS12* CryptoNative_DecodePkcs12FromBio(BIO* bio) { - return d2i_PKCS12_bio(bio, nullptr); + return d2i_PKCS12_bio(bio, NULL); } -extern "C" void CryptoNative_Pkcs12Destroy(PKCS12* p12) +void CryptoNative_Pkcs12Destroy(PKCS12* p12) { - if (p12 != nullptr) + if (p12 != NULL) { PKCS12_free(p12); } } -extern "C" PKCS12* CryptoNative_Pkcs12Create(char* pass, EVP_PKEY* pkey, X509* cert, X509Stack* ca) +PKCS12* CryptoNative_Pkcs12Create(char* pass, EVP_PKEY* pkey, X509* cert, X509Stack* ca) { return PKCS12_create( - pass, nullptr, pkey, cert, ca, NID_undef, NID_undef, PKCS12_DEFAULT_ITER, PKCS12_DEFAULT_ITER, 0); + pass, NULL, pkey, cert, ca, NID_undef, NID_undef, PKCS12_DEFAULT_ITER, PKCS12_DEFAULT_ITER, 0); } -extern "C" int32_t CryptoNative_GetPkcs12DerSize(PKCS12* p12) +int32_t CryptoNative_GetPkcs12DerSize(PKCS12* p12) { - return i2d_PKCS12(p12, nullptr); + return i2d_PKCS12(p12, NULL); } -extern "C" int32_t CryptoNative_EncodePkcs12(PKCS12* p12, uint8_t* buf) +int32_t CryptoNative_EncodePkcs12(PKCS12* p12, uint8_t* buf) { return i2d_PKCS12(p12, &buf); } -extern "C" int32_t CryptoNative_Pkcs12Parse(PKCS12* p12, const char* pass, EVP_PKEY** pkey, X509** cert, X509Stack** ca) +int32_t CryptoNative_Pkcs12Parse(PKCS12* p12, const char* pass, EVP_PKEY** pkey, X509** cert, X509Stack** ca) { int32_t ret = PKCS12_parse(p12, pass, pkey, cert, ca); @@ -60,8 +60,8 @@ extern "C" int32_t CryptoNative_Pkcs12Parse(PKCS12* p12, const char* pass, EVP_P // placed in. // If those handles make it back into managed code they will crash // the coreclr when Disposed. - *pkey = nullptr; - *cert = nullptr; + *pkey = NULL; + *cert = NULL; } return ret; diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_pkcs12.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_pkcs12.h index 9b9960a1a7..b3eb1fce14 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_pkcs12.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_pkcs12.h @@ -3,19 +3,20 @@ // See the LICENSE file in the project root for more information. #include "pal_crypto_types.h" +#include "pal_compiler.h" #include "opensslshim.h" /* Shims the d2i_PKCS12 method and makes it easier to invoke from managed code. */ -extern "C" PKCS12* CryptoNative_DecodePkcs12(const uint8_t* buf, int32_t len); +DLLEXPORT PKCS12* CryptoNative_DecodePkcs12(const uint8_t* buf, int32_t len); /* Shims the d2i_PKCS12_bio method. Returns the new PKCS12 instance. */ -extern "C" PKCS12* CryptoNative_DecodePkcs12FromBio(BIO* bio); +DLLEXPORT PKCS12* CryptoNative_DecodePkcs12FromBio(BIO* bio); /* Cleans up and deletes a PKCS12 instance. @@ -26,32 +27,32 @@ No-op if p12 is null. The given PKCS12 pointer is invalid after this call. Always succeeds. */ -extern "C" void CryptoNative_Pkcs12Destroy(PKCS12* p12); +DLLEXPORT void CryptoNative_Pkcs12Destroy(PKCS12* p12); /* Shims the PKCS12_create method. Returns the new PKCS12 instance. */ -extern "C" PKCS12* CryptoNative_Pkcs12Create(char* pass, EVP_PKEY* pkey, X509* cert, X509Stack* ca); +DLLEXPORT PKCS12* CryptoNative_Pkcs12Create(char* pass, EVP_PKEY* pkey, X509* cert, X509Stack* ca); /* Returns the number of bytes it will take to convert the PKCS12 to a DER format. */ -extern "C" int32_t CryptoNative_GetPkcs12DerSize(PKCS12* p12); +DLLEXPORT int32_t CryptoNative_GetPkcs12DerSize(PKCS12* p12); /* Shims the i2d_PKCS12 method. Returns the number of bytes written to buf. */ -extern "C" int32_t CryptoNative_EncodePkcs12(PKCS12* p12, uint8_t* buf); +DLLEXPORT int32_t CryptoNative_EncodePkcs12(PKCS12* p12, uint8_t* buf); /* Shims the PKCS12_parse method. Returns 1 on success, otherwise 0. */ -extern "C" int32_t +DLLEXPORT int32_t CryptoNative_Pkcs12Parse(PKCS12* p12, const char* pass, EVP_PKEY** pkey, X509** cert, X509Stack** ca); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_pkcs7.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_pkcs7.c index 718d6ccfb4..09c72ed1af 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_pkcs7.cpp +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_pkcs7.c @@ -4,53 +4,53 @@ #include "pal_pkcs7.h" -extern "C" PKCS7* CryptoNative_PemReadBioPkcs7(BIO* bp) +PKCS7* CryptoNative_PemReadBioPkcs7(BIO* bp) { - return PEM_read_bio_PKCS7(bp, nullptr, nullptr, nullptr); + return PEM_read_bio_PKCS7(bp, NULL, NULL, NULL); } -extern "C" PKCS7* CryptoNative_DecodePkcs7(const uint8_t* buf, int32_t len) +PKCS7* CryptoNative_DecodePkcs7(const uint8_t* buf, int32_t len) { if (!buf || !len) { - return nullptr; + return NULL; } - return d2i_PKCS7(nullptr, &buf, len); + return d2i_PKCS7(NULL, &buf, len); } -extern "C" PKCS7* CryptoNative_D2IPkcs7Bio(BIO* bp) +PKCS7* CryptoNative_D2IPkcs7Bio(BIO* bp) { - return d2i_PKCS7_bio(bp, nullptr); + return d2i_PKCS7_bio(bp, NULL); } -extern "C" PKCS7* CryptoNative_Pkcs7CreateSigned() +PKCS7* CryptoNative_Pkcs7CreateSigned() { PKCS7* pkcs7 = PKCS7_new(); - if (pkcs7 == nullptr) + if (pkcs7 == NULL) { - return nullptr; + return NULL; } if (!PKCS7_set_type(pkcs7, NID_pkcs7_signed) || !PKCS7_content_new(pkcs7, NID_pkcs7_data)) { PKCS7_free(pkcs7); - return nullptr; + return NULL; } return pkcs7; } -extern "C" void CryptoNative_Pkcs7Destroy(PKCS7* p7) +void CryptoNative_Pkcs7Destroy(PKCS7* p7) { - if (p7 != nullptr) + if (p7 != NULL) { PKCS7_free(p7); } } -extern "C" int32_t CryptoNative_GetPkcs7Certificates(PKCS7* p7, X509Stack** certs) +int32_t CryptoNative_GetPkcs7Certificates(PKCS7* p7, X509Stack** certs) { if (!p7 || !certs) { @@ -70,9 +70,9 @@ extern "C" int32_t CryptoNative_GetPkcs7Certificates(PKCS7* p7, X509Stack** cert return 0; } -extern "C" int32_t CryptoNative_Pkcs7AddCertificate(PKCS7* p7, X509* x509) +int32_t CryptoNative_Pkcs7AddCertificate(PKCS7* p7, X509* x509) { - if (p7 == nullptr || x509 == nullptr) + if (p7 == NULL || x509 == NULL) { return 0; } @@ -80,12 +80,12 @@ extern "C" int32_t CryptoNative_Pkcs7AddCertificate(PKCS7* p7, X509* x509) return PKCS7_add_certificate(p7, x509); } -extern "C" int32_t CryptoNative_GetPkcs7DerSize(PKCS7* p7) +int32_t CryptoNative_GetPkcs7DerSize(PKCS7* p7) { - return i2d_PKCS7(p7, nullptr); + return i2d_PKCS7(p7, NULL); } -extern "C" int32_t CryptoNative_EncodePkcs7(PKCS7* p7, uint8_t* buf) +int32_t CryptoNative_EncodePkcs7(PKCS7* p7, uint8_t* buf) { return i2d_PKCS7(p7, &buf); } diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_pkcs7.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_pkcs7.h index e7921c1be4..59f0914a0d 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_pkcs7.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_pkcs7.h @@ -3,6 +3,7 @@ // See the LICENSE file in the project root for more information. #include "pal_crypto_types.h" +#include "pal_compiler.h" #include "opensslshim.h" /* @@ -12,12 +13,12 @@ Direct shim to PEM_read_bio_PKCS7. Returns the new PKCS7 instance. */ -extern "C" PKCS7* CryptoNative_PemReadBioPkcs7(BIO* bp); +DLLEXPORT PKCS7* CryptoNative_PemReadBioPkcs7(BIO* bp); /* Shims the d2i_PKCS7 method and makes it easier to invoke from managed code. */ -extern "C" PKCS7* CryptoNative_DecodePkcs7(const uint8_t* buf, int32_t len); +DLLEXPORT PKCS7* CryptoNative_DecodePkcs7(const uint8_t* buf, int32_t len); /* Reads a PKCS7 instance in DER format from a BIO. @@ -26,7 +27,7 @@ Direct shim to d2i_PKCS7_bio. Returns the new PKCS7 instance. */ -extern "C" PKCS7* CryptoNative_D2IPkcs7Bio(BIO* bp); +DLLEXPORT PKCS7* CryptoNative_D2IPkcs7Bio(BIO* bp); /* Create a new PKCS7 instance and prepare it to be a signed PKCS7 @@ -34,7 +35,7 @@ with a data payload. Returns the new PKCS7 instance. */ -extern "C" PKCS7* CryptoNative_Pkcs7CreateSigned(); +DLLEXPORT PKCS7* CryptoNative_Pkcs7CreateSigned(void); /* Cleans up and deletes a PKCS7 instance. @@ -45,7 +46,7 @@ No-op if p7 is null. The given PKCS7 pointer is invalid after this call. Always succeeds. */ -extern "C" void CryptoNative_Pkcs7Destroy(PKCS7* p7); +DLLEXPORT void CryptoNative_Pkcs7Destroy(PKCS7* p7); /* Function: @@ -59,22 +60,22 @@ Return values: 1 when the file format is understood, and *certs is assigned to the certificate contents of the structure. */ -extern "C" int32_t CryptoNative_GetPkcs7Certificates(PKCS7* p7, X509Stack** certs); +DLLEXPORT int32_t CryptoNative_GetPkcs7Certificates(PKCS7* p7, X509Stack** certs); /* Shims the PKCS7_add_certificate function and makes it easier to invoke from managed code. */ -extern "C" int32_t CryptoNative_Pkcs7AddCertificate(PKCS7* p7, X509* x509); +DLLEXPORT int32_t CryptoNative_Pkcs7AddCertificate(PKCS7* p7, X509* x509); /* Returns the number of bytes it will take to convert the PKCS7 to a DER format. */ -extern "C" int32_t CryptoNative_GetPkcs7DerSize(PKCS7* p7); +DLLEXPORT int32_t CryptoNative_GetPkcs7DerSize(PKCS7* p7); /* Shims the i2d_PKCS7 method. Returns the number of bytes written to buf. */ -extern "C" int32_t CryptoNative_EncodePkcs7(PKCS7* p7, uint8_t* buf); +DLLEXPORT int32_t CryptoNative_EncodePkcs7(PKCS7* p7, uint8_t* buf); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_rsa.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_rsa.c index 9ad896aa72..1f2fad46f4 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_rsa.cpp +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_rsa.c @@ -5,32 +5,32 @@ #include "pal_rsa.h" #include "pal_utilities.h" -extern "C" RSA* CryptoNative_RsaCreate() +RSA* CryptoNative_RsaCreate() { return RSA_new(); } -extern "C" int32_t CryptoNative_RsaUpRef(RSA* rsa) +int32_t CryptoNative_RsaUpRef(RSA* rsa) { return RSA_up_ref(rsa); } -extern "C" void CryptoNative_RsaDestroy(RSA* rsa) +void CryptoNative_RsaDestroy(RSA* rsa) { - if (rsa != nullptr) + if (rsa != NULL) { RSA_free(rsa); } } -extern "C" RSA* CryptoNative_DecodeRsaPublicKey(const uint8_t* buf, int32_t len) +RSA* CryptoNative_DecodeRsaPublicKey(const uint8_t* buf, int32_t len) { if (!buf || !len) { - return nullptr; + return NULL; } - return d2i_RSAPublicKey(nullptr, &buf, len); + return d2i_RSAPublicKey(NULL, &buf, len); } static int GetOpenSslPadding(RsaPadding padding) @@ -50,7 +50,7 @@ static int GetOpenSslPadding(RsaPadding padding) static int HasNoPrivateKey(RSA* rsa) { - if (rsa == nullptr) + if (rsa == NULL) return 1; // Shared pointer, don't free. @@ -72,23 +72,23 @@ static int HasNoPrivateKey(RSA* rsa) // The module is documented as accepting either d or the full set of CRT parameters (p, q, dp, dq, qInv) // So if we see d, we're good. Otherwise, if any of the rest are missing, we're public-only. - if (rsa->d != nullptr) + if (rsa->d != NULL) return 0; - if (rsa->p == nullptr || rsa->q == nullptr || rsa->dmp1 == nullptr || rsa->dmq1 == nullptr || rsa->iqmp == nullptr) + if (rsa->p == NULL || rsa->q == NULL || rsa->dmp1 == NULL || rsa->dmq1 == NULL || rsa->iqmp == NULL) return 1; return 0; } -extern "C" int32_t +int32_t CryptoNative_RsaPublicEncrypt(int32_t flen, const uint8_t* from, uint8_t* to, RSA* rsa, RsaPadding padding) { int openSslPadding = GetOpenSslPadding(padding); return RSA_public_encrypt(flen, from, to, rsa, openSslPadding); } -extern "C" int32_t +int32_t CryptoNative_RsaPrivateDecrypt(int32_t flen, const uint8_t* from, uint8_t* to, RSA* rsa, RsaPadding padding) { if (HasNoPrivateKey(rsa)) @@ -101,7 +101,7 @@ CryptoNative_RsaPrivateDecrypt(int32_t flen, const uint8_t* from, uint8_t* to, R return RSA_private_decrypt(flen, from, to, rsa, openSslPadding); } -extern "C" int32_t CryptoNative_RsaSignPrimitive(int32_t flen, const uint8_t* from, uint8_t* to, RSA* rsa) +int32_t CryptoNative_RsaSignPrimitive(int32_t flen, const uint8_t* from, uint8_t* to, RSA* rsa) { if (HasNoPrivateKey(rsa)) { @@ -112,25 +112,25 @@ extern "C" int32_t CryptoNative_RsaSignPrimitive(int32_t flen, const uint8_t* fr return RSA_private_encrypt(flen, from, to, rsa, RSA_NO_PADDING); } -extern "C" int32_t CryptoNative_RsaVerificationPrimitive(int32_t flen, const uint8_t* from, uint8_t* to, RSA* rsa) +int32_t CryptoNative_RsaVerificationPrimitive(int32_t flen, const uint8_t* from, uint8_t* to, RSA* rsa) { return RSA_public_decrypt(flen, from, to, rsa, RSA_NO_PADDING); } -extern "C" int32_t CryptoNative_RsaSize(RSA* rsa) +int32_t CryptoNative_RsaSize(RSA* rsa) { return RSA_size(rsa); } -extern "C" int32_t CryptoNative_RsaGenerateKeyEx(RSA* rsa, int32_t bits, BIGNUM* e) +int32_t CryptoNative_RsaGenerateKeyEx(RSA* rsa, int32_t bits, BIGNUM* e) { - return RSA_generate_key_ex(rsa, bits, e, nullptr); + return RSA_generate_key_ex(rsa, bits, e, NULL); } -extern "C" int32_t +int32_t CryptoNative_RsaSign(int32_t type, const uint8_t* m, int32_t mlen, uint8_t* sigret, int32_t* siglen, RSA* rsa) { - if (siglen == nullptr) + if (siglen == NULL) { assert(false); return 0; @@ -149,26 +149,26 @@ CryptoNative_RsaSign(int32_t type, const uint8_t* m, int32_t mlen, uint8_t* sigr // If the digest itself isn't known then RSA_R_UNKNOWN_ALGORITHM_TYPE will get reported, but // we have to check that the digest size matches what we expect. - if (digest != nullptr && mlen != EVP_MD_size(digest)) + if (digest != NULL && mlen != EVP_MD_size(digest)) { ERR_PUT_error(ERR_LIB_RSA, RSA_F_RSA_SIGN, RSA_R_INVALID_MESSAGE_LENGTH, __FILE__, __LINE__); return 0; } unsigned int unsignedSigLen = 0; - int32_t ret = RSA_sign(type, m, UnsignedCast(mlen), sigret, &unsignedSigLen, rsa); + int32_t ret = RSA_sign(type, m, Int32ToUint32(mlen), sigret, &unsignedSigLen, rsa); assert(unsignedSigLen <= INT32_MAX); - *siglen = static_cast<int32_t>(unsignedSigLen); + *siglen = (int32_t)unsignedSigLen; return ret; } -extern "C" int32_t +int32_t CryptoNative_RsaVerify(int32_t type, const uint8_t* m, int32_t mlen, uint8_t* sigbuf, int32_t siglen, RSA* rsa) { - return RSA_verify(type, m, UnsignedCast(mlen), sigbuf, UnsignedCast(siglen), rsa); + return RSA_verify(type, m, Int32ToUint32(mlen), sigbuf, Int32ToUint32(siglen), rsa); } -extern "C" int32_t CryptoNative_GetRsaParameters(const RSA* rsa, +int32_t CryptoNative_GetRsaParameters(const RSA* rsa, BIGNUM** n, BIGNUM** e, BIGNUM** d, @@ -184,21 +184,21 @@ extern "C" int32_t CryptoNative_GetRsaParameters(const RSA* rsa, // since these parameters are 'out' parameters in managed code, ensure they are initialized if (n) - *n = nullptr; + *n = NULL; if (e) - *e = nullptr; + *e = NULL; if (d) - *d = nullptr; + *d = NULL; if (p) - *p = nullptr; + *p = NULL; if (dmp1) - *dmp1 = nullptr; + *dmp1 = NULL; if (q) - *q = nullptr; + *q = NULL; if (dmq1) - *dmq1 = nullptr; + *dmq1 = NULL; if (iqmp) - *iqmp = nullptr; + *iqmp = NULL; return 0; } @@ -217,27 +217,27 @@ extern "C" int32_t CryptoNative_GetRsaParameters(const RSA* rsa, static int32_t SetRsaParameter(BIGNUM** rsaFieldAddress, uint8_t* buffer, int32_t bufferLength) { - assert(rsaFieldAddress != nullptr); + assert(rsaFieldAddress != NULL); if (rsaFieldAddress) { if (!buffer || !bufferLength) { - *rsaFieldAddress = nullptr; + *rsaFieldAddress = NULL; return 1; } else { - BIGNUM* bigNum = BN_bin2bn(buffer, bufferLength, nullptr); + BIGNUM* bigNum = BN_bin2bn(buffer, bufferLength, NULL); *rsaFieldAddress = bigNum; - return bigNum != nullptr; + return bigNum != NULL; } } return 0; } -extern "C" int32_t CryptoNative_SetRsaParameters(RSA* rsa, +int32_t CryptoNative_SetRsaParameters(RSA* rsa, uint8_t* n, int32_t nLength, uint8_t* e, diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_rsa.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_rsa.h index c4a2737ced..83a0e01569 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_rsa.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_rsa.h @@ -2,33 +2,34 @@ // The .NET Foundation licenses this file to you under the MIT license. // See the LICENSE file in the project root for more information. -#include "opensslshim.h" #include "pal_types.h" +#include "pal_compiler.h" +#include "opensslshim.h" /* Padding options for RsaPublicEncrypt and RsaPrivateDecrypt. These values should be kept in sync with Interop.Crypto.RsaPadding. */ -enum RsaPadding : int32_t +typedef enum { Pkcs1 = 0, OaepSHA1 = 1, NoPadding = 2, -}; +} RsaPadding; /* Shims the RSA_new method. Returns the new RSA instance. */ -extern "C" RSA* CryptoNative_RsaCreate(); +DLLEXPORT RSA* CryptoNative_RsaCreate(void); /* Shims the RSA_up_ref method. Returns 1 upon success, otherwise 0. */ -extern "C" int32_t CryptoNative_RsaUpRef(RSA* rsa); +DLLEXPORT int32_t CryptoNative_RsaUpRef(RSA* rsa); /* Cleans up and deletes a RSA instance. @@ -39,19 +40,19 @@ No-op if rsa is null. The given RSA pointer is invalid after this call. Always succeeds. */ -extern "C" void CryptoNative_RsaDestroy(RSA* rsa); +DLLEXPORT void CryptoNative_RsaDestroy(RSA* rsa); /* Shims the d2i_RSAPublicKey method and makes it easier to invoke from managed code. */ -extern "C" RSA* CryptoNative_DecodeRsaPublicKey(const uint8_t* buf, int32_t len); +DLLEXPORT RSA* CryptoNative_DecodeRsaPublicKey(const uint8_t* buf, int32_t len); /* Shims the RSA_public_encrypt method. Returns the size of the signature, or -1 on error. */ -extern "C" int32_t +DLLEXPORT int32_t CryptoNative_RsaPublicEncrypt(int32_t flen, const uint8_t* from, uint8_t* to, RSA* rsa, RsaPadding padding); /* @@ -59,7 +60,7 @@ Shims the RSA_private_decrypt method. Returns the size of the signature, or -1 on error. */ -extern "C" int32_t +DLLEXPORT int32_t CryptoNative_RsaPrivateDecrypt(int32_t flen, const uint8_t* from, uint8_t* to, RSA* rsa, RsaPadding padding); /* @@ -68,7 +69,7 @@ Shims RSA_private_encrypt with a fixed value of RSA_NO_PADDING. Requires that the input be the size of the key. Returns the number of bytes written (which should be flen), or -1 on error. */ -extern "C" int32_t CryptoNative_RsaSignPrimitive(int32_t flen, const uint8_t* from, uint8_t* to, RSA* rsa); +DLLEXPORT int32_t CryptoNative_RsaSignPrimitive(int32_t flen, const uint8_t* from, uint8_t* to, RSA* rsa); /* Shims RSA_public_decrypt with a fixed value of RSA_NO_PADDING. @@ -76,28 +77,28 @@ Shims RSA_public_decrypt with a fixed value of RSA_NO_PADDING. Requires that the input be the size of the key. Returns the number of bytes written (which should be flen), or -1 on error. */ -extern "C" int32_t CryptoNative_RsaVerificationPrimitive(int32_t flen, const uint8_t* from, uint8_t* to, RSA* rsa); +DLLEXPORT int32_t CryptoNative_RsaVerificationPrimitive(int32_t flen, const uint8_t* from, uint8_t* to, RSA* rsa); /* Shims the RSA_size method. Returns the RSA modulus size in bytes. */ -extern "C" int32_t CryptoNative_RsaSize(RSA* rsa); +DLLEXPORT int32_t CryptoNative_RsaSize(RSA* rsa); /* Shims the RSA_generate_key_ex method. Returns 1 upon success, otherwise 0. */ -extern "C" int32_t CryptoNative_RsaGenerateKeyEx(RSA* rsa, int32_t bits, BIGNUM* e); +DLLEXPORT int32_t CryptoNative_RsaGenerateKeyEx(RSA* rsa, int32_t bits, BIGNUM* e); /* Shims the RSA_sign method. Returns 1 upon success, otherwise 0. */ -extern "C" int32_t +DLLEXPORT int32_t CryptoNative_RsaSign(int32_t type, const uint8_t* m, int32_t mlen, uint8_t* sigret, int32_t* siglen, RSA* rsa); /* @@ -105,7 +106,7 @@ Shims the RSA_verify method. Returns 1 upon success, otherwise 0. */ -extern "C" int32_t +DLLEXPORT int32_t CryptoNative_RsaVerify(int32_t type, const uint8_t* m, int32_t mlen, uint8_t* sigbuf, int32_t siglen, RSA* rsa); /* @@ -113,7 +114,7 @@ Gets all the parameters from the RSA instance. Returns 1 upon success, otherwise 0. */ -extern "C" int32_t CryptoNative_GetRsaParameters(const RSA* rsa, +DLLEXPORT int32_t CryptoNative_GetRsaParameters(const RSA* rsa, BIGNUM** n, BIGNUM** e, BIGNUM** d, @@ -126,7 +127,7 @@ extern "C" int32_t CryptoNative_GetRsaParameters(const RSA* rsa, /* Sets all the parameters on the RSA instance. */ -extern "C" int32_t CryptoNative_SetRsaParameters(RSA* rsa, +DLLEXPORT int32_t CryptoNative_SetRsaParameters(RSA* rsa, uint8_t* n, int32_t nLength, uint8_t* e, diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_ssl.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_ssl.c index f93cdf3ced..c09661c9ec 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_ssl.cpp +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_ssl.c @@ -6,35 +6,36 @@ #include <assert.h> #include <string.h> +#include <stdbool.h> -static_assert(PAL_SSL_ERROR_NONE == SSL_ERROR_NONE, ""); -static_assert(PAL_SSL_ERROR_SSL == SSL_ERROR_SSL, ""); -static_assert(PAL_SSL_ERROR_WANT_READ == SSL_ERROR_WANT_READ, ""); -static_assert(PAL_SSL_ERROR_WANT_WRITE == SSL_ERROR_WANT_WRITE, ""); -static_assert(PAL_SSL_ERROR_SYSCALL == SSL_ERROR_SYSCALL, ""); -static_assert(PAL_SSL_ERROR_ZERO_RETURN == SSL_ERROR_ZERO_RETURN, ""); +c_static_assert(PAL_SSL_ERROR_NONE == SSL_ERROR_NONE); +c_static_assert(PAL_SSL_ERROR_SSL == SSL_ERROR_SSL); +c_static_assert(PAL_SSL_ERROR_WANT_READ == SSL_ERROR_WANT_READ); +c_static_assert(PAL_SSL_ERROR_WANT_WRITE == SSL_ERROR_WANT_WRITE); +c_static_assert(PAL_SSL_ERROR_SYSCALL == SSL_ERROR_SYSCALL); +c_static_assert(PAL_SSL_ERROR_ZERO_RETURN == SSL_ERROR_ZERO_RETURN); -extern "C" int32_t CryptoNative_EnsureOpenSslInitialized(); +int32_t CryptoNative_EnsureOpenSslInitialized(void); -extern "C" void CryptoNative_EnsureLibSslInitialized() +void CryptoNative_EnsureLibSslInitialized() { CryptoNative_EnsureOpenSslInitialized(); SSL_library_init(); SSL_load_error_strings(); } -extern "C" const SSL_METHOD* CryptoNative_SslV2_3Method() +const SSL_METHOD* CryptoNative_SslV2_3Method() { const SSL_METHOD* method = SSLv23_method(); - assert(method != nullptr); + assert(method != NULL); return method; } -extern "C" SSL_CTX* CryptoNative_SslCtxCreate(SSL_METHOD* method) +SSL_CTX* CryptoNative_SslCtxCreate(SSL_METHOD* method) { SSL_CTX* ctx = SSL_CTX_new(method); - if (ctx != nullptr) + if (ctx != NULL) { // As of OpenSSL 1.1.0, compression is disabled by default. In case an older build // is used, ensure it's disabled. @@ -56,7 +57,7 @@ static long TrySetECDHNamedCurve(SSL_CTX* ctx) result = SSL_CTX_set_ecdh_auto(ctx, 1); #else EC_KEY *ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); - if (ecdh != nullptr) + if (ecdh != NULL) { result = SSL_CTX_set_tmp_ecdh(ctx, ecdh); EC_KEY_free(ecdh); @@ -66,7 +67,7 @@ static long TrySetECDHNamedCurve(SSL_CTX* ctx) return result; } -extern "C" void CryptoNative_SetProtocolOptions(SSL_CTX* ctx, SslProtocols protocols) +void CryptoNative_SetProtocolOptions(SSL_CTX* ctx, SslProtocols protocols) { // protocols may be 0, meaning system default, in which case let OpenSSL do what OpenSSL wants. if (protocols == 0) @@ -108,12 +109,12 @@ extern "C" void CryptoNative_SetProtocolOptions(SSL_CTX* ctx, SslProtocols proto } } -extern "C" SSL* CryptoNative_SslCreate(SSL_CTX* ctx) +SSL* CryptoNative_SslCreate(SSL_CTX* ctx) { return SSL_new(ctx); } -extern "C" int32_t CryptoNative_SslGetError(SSL* ssl, int32_t ret) +int32_t CryptoNative_SslGetError(SSL* ssl, int32_t ret) { // This pops off "old" errors left by other operations // until the first error is equal to the last one, @@ -128,7 +129,7 @@ extern "C" int32_t CryptoNative_SslGetError(SSL* ssl, int32_t ret) return SSL_get_error(ssl, ret); } -extern "C" void CryptoNative_SslDestroy(SSL* ssl) +void CryptoNative_SslDestroy(SSL* ssl) { if (ssl) { @@ -136,7 +137,7 @@ extern "C" void CryptoNative_SslDestroy(SSL* ssl) } } -extern "C" void CryptoNative_SslCtxDestroy(SSL_CTX* ctx) +void CryptoNative_SslCtxDestroy(SSL_CTX* ctx) { if (ctx) { @@ -144,36 +145,36 @@ extern "C" void CryptoNative_SslCtxDestroy(SSL_CTX* ctx) } } -extern "C" void CryptoNative_SslSetConnectState(SSL* ssl) +void CryptoNative_SslSetConnectState(SSL* ssl) { SSL_set_connect_state(ssl); } -extern "C" void CryptoNative_SslSetAcceptState(SSL* ssl) +void CryptoNative_SslSetAcceptState(SSL* ssl) { SSL_set_accept_state(ssl); } -extern "C" const char* CryptoNative_SslGetVersion(SSL* ssl) +const char* CryptoNative_SslGetVersion(SSL* ssl) { return SSL_get_version(ssl); } -extern "C" int32_t CryptoNative_SslGetFinished(SSL* ssl, void* buf, int32_t count) +int32_t CryptoNative_SslGetFinished(SSL* ssl, void* buf, int32_t count) { - size_t result = SSL_get_finished(ssl, buf, size_t(count)); + size_t result = SSL_get_finished(ssl, buf, (size_t)count); assert(result <= INT32_MAX); - return static_cast<int32_t>(result); + return (int32_t)result; } -extern "C" int32_t CryptoNative_SslGetPeerFinished(SSL* ssl, void* buf, int32_t count) +int32_t CryptoNative_SslGetPeerFinished(SSL* ssl, void* buf, int32_t count) { - size_t result = SSL_get_peer_finished(ssl, buf, size_t(count)); + size_t result = SSL_get_peer_finished(ssl, buf, (size_t)count); assert(result <= INT32_MAX); - return static_cast<int32_t>(result); + return (int32_t)result; } -extern "C" int32_t CryptoNative_SslSessionReused(SSL* ssl) +int32_t CryptoNative_SslSessionReused(SSL* ssl) { return SSL_session_reused(ssl) == 1; } @@ -191,115 +192,115 @@ static bool StringSpanEquals(const char* lhs, const char* rhs, size_t lhsLength) static CipherAlgorithmType MapCipherAlgorithmType(const char* encryption, size_t encryptionLength) { if (StringSpanEquals(encryption, "DES(56)", encryptionLength)) - return CipherAlgorithmType::Des; + return Des; if (StringSpanEquals(encryption, "3DES(168)", encryptionLength)) - return CipherAlgorithmType::TripleDes; + return TripleDes; if (StringSpanEquals(encryption, "RC4(128)", encryptionLength)) - return CipherAlgorithmType::Rc4; + return Rc4; if (StringSpanEquals(encryption, "RC2(128)", encryptionLength)) - return CipherAlgorithmType::Rc2; + return Rc2; if (StringSpanEquals(encryption, "None", encryptionLength)) - return CipherAlgorithmType::Null; + return Null; if (StringSpanEquals(encryption, "IDEA(128)", encryptionLength)) - return CipherAlgorithmType::SSL_IDEA; + return SSL_IDEA; if (StringSpanEquals(encryption, "SEED(128)", encryptionLength)) - return CipherAlgorithmType::SSL_SEED; + return SSL_SEED; if (StringSpanEquals(encryption, "AES(128)", encryptionLength)) - return CipherAlgorithmType::Aes128; + return Aes128; if (StringSpanEquals(encryption, "AES(256)", encryptionLength)) - return CipherAlgorithmType::Aes256; + return Aes256; if (StringSpanEquals(encryption, "Camellia(128)", encryptionLength)) - return CipherAlgorithmType::SSL_CAMELLIA128; + return SSL_CAMELLIA128; if (StringSpanEquals(encryption, "Camellia(256)", encryptionLength)) - return CipherAlgorithmType::SSL_CAMELLIA256; + return SSL_CAMELLIA256; if (StringSpanEquals(encryption, "GOST89(256)", encryptionLength)) - return CipherAlgorithmType::SSL_eGOST2814789CNT; + return SSL_eGOST2814789CNT; if (StringSpanEquals(encryption, "AESGCM(128)", encryptionLength)) - return CipherAlgorithmType::Aes128; + return Aes128; if (StringSpanEquals(encryption, "AESGCM(256)", encryptionLength)) - return CipherAlgorithmType::Aes256; + return Aes256; - return CipherAlgorithmType::None; + return CipherAlgorithmType_None; } static ExchangeAlgorithmType MapExchangeAlgorithmType(const char* keyExchange, size_t keyExchangeLength) { if (StringSpanEquals(keyExchange, "RSA", keyExchangeLength)) - return ExchangeAlgorithmType::RsaKeyX; + return RsaKeyX; if (StringSpanEquals(keyExchange, "DH/RSA", keyExchangeLength)) - return ExchangeAlgorithmType::DiffieHellman; + return DiffieHellman; if (StringSpanEquals(keyExchange, "DH/DSS", keyExchangeLength)) - return ExchangeAlgorithmType::DiffieHellman; + return DiffieHellman; if (StringSpanEquals(keyExchange, "DH", keyExchangeLength)) - return ExchangeAlgorithmType::DiffieHellman; + return DiffieHellman; if (StringSpanEquals(keyExchange, "KRB5", keyExchangeLength)) - return ExchangeAlgorithmType::SSL_kKRB5; + return SSL_kKRB5; if (StringSpanEquals(keyExchange, "ECDH", keyExchangeLength)) - return ExchangeAlgorithmType::SSL_ECDHE; + return SSL_ECDHE; if (StringSpanEquals(keyExchange, "ECDH/RSA", keyExchangeLength)) - return ExchangeAlgorithmType::SSL_ECDH; + return SSL_ECDH; if (StringSpanEquals(keyExchange, "ECDH/ECDSA", keyExchangeLength)) - return ExchangeAlgorithmType::SSL_ECDSA; + return SSL_ECDSA; if (StringSpanEquals(keyExchange, "PSK", keyExchangeLength)) - return ExchangeAlgorithmType::SSL_kPSK; + return SSL_kPSK; if (StringSpanEquals(keyExchange, "GOST", keyExchangeLength)) - return ExchangeAlgorithmType::SSL_kGOST; + return SSL_kGOST; if (StringSpanEquals(keyExchange, "SRP", keyExchangeLength)) - return ExchangeAlgorithmType::SSL_kSRP; + return SSL_kSRP; - return ExchangeAlgorithmType::None; + return ExchangeAlgorithmType_None; } static void GetHashAlgorithmTypeAndSize(const char* mac, size_t macLength, - HashAlgorithmType& dataHashAlg, - DataHashSize& hashKeySize) + HashAlgorithmType* dataHashAlg, + DataHashSize* hashKeySize) { if (StringSpanEquals(mac, "MD5", macLength)) { - dataHashAlg = HashAlgorithmType::Md5; - hashKeySize = DataHashSize::MD5_HashKeySize; + *dataHashAlg = Md5; + *hashKeySize = MD5_HashKeySize; return; } if (StringSpanEquals(mac, "SHA1", macLength)) { - dataHashAlg = HashAlgorithmType::Sha1; - hashKeySize = DataHashSize::SHA1_HashKeySize; + *dataHashAlg = Sha1; + *hashKeySize = SHA1_HashKeySize; return; } if (StringSpanEquals(mac, "GOST94", macLength)) { - dataHashAlg = HashAlgorithmType::SSL_GOST94; - hashKeySize = DataHashSize::GOST_HashKeySize; + *dataHashAlg = SSL_GOST94; + *hashKeySize = GOST_HashKeySize; return; } if (StringSpanEquals(mac, "GOST89", macLength)) { - dataHashAlg = HashAlgorithmType::SSL_GOST89; - hashKeySize = DataHashSize::GOST_HashKeySize; + *dataHashAlg = SSL_GOST89; + *hashKeySize = GOST_HashKeySize; return; } if (StringSpanEquals(mac, "SHA256", macLength)) { - dataHashAlg = HashAlgorithmType::SSL_SHA256; - hashKeySize = DataHashSize::SHA256_HashKeySize; + *dataHashAlg = SSL_SHA256; + *hashKeySize = SHA256_HashKeySize; return; } if (StringSpanEquals(mac, "SHA384", macLength)) { - dataHashAlg = HashAlgorithmType::SSL_SHA384; - hashKeySize = DataHashSize::SHA384_HashKeySize; + *dataHashAlg = SSL_SHA384; + *hashKeySize = SHA384_HashKeySize; return; } if (StringSpanEquals(mac, "AEAD", macLength)) { - dataHashAlg = HashAlgorithmType::SSL_AEAD; - hashKeySize = DataHashSize::Default; + *dataHashAlg = SSL_AEAD; + *hashKeySize = Default; return; } - dataHashAlg = HashAlgorithmType::None; - hashKeySize = DataHashSize::Default; + *dataHashAlg = HashAlgorithmType_None; + *hashKeySize = Default; } /* @@ -309,11 +310,11 @@ Given a keyName string like "Enc=XXX", parses the description string and returns Returns a value indicating whether the pattern starting with keyName was found in description. */ static bool GetDescriptionValue( - const char* description, const char* keyName, size_t keyNameLength, const char** value, size_t& valueLength) + const char* description, const char* keyName, size_t keyNameLength, const char** value, size_t* valueLength) { // search for keyName in description const char* keyNameStart = strstr(description, keyName); - if (keyNameStart != nullptr) + if (keyNameStart != NULL) { // set valueStart to the beginning of the value const char* valueStart = keyNameStart + keyNameLength; @@ -326,55 +327,56 @@ static bool GetDescriptionValue( } *value = valueStart; - valueLength = index; + *valueLength = index; return true; } return false; } +#define descriptionLength 256 + /* Parses the Kx, Enc, and Mac values out of the SSL_CIPHER_description and maps the values to the corresponding .NET enum value. */ static bool GetSslConnectionInfoFromDescription(const SSL_CIPHER* cipher, - CipherAlgorithmType& dataCipherAlg, - ExchangeAlgorithmType& keyExchangeAlg, - HashAlgorithmType& dataHashAlg, - DataHashSize& hashKeySize) + CipherAlgorithmType* dataCipherAlg, + ExchangeAlgorithmType* keyExchangeAlg, + HashAlgorithmType* dataHashAlg, + DataHashSize* hashKeySize) { - const int descriptionLength = 256; - char description[descriptionLength] = {}; + char description[descriptionLength] = { 0 }; SSL_CIPHER_description(cipher, description, descriptionLength - 1); // ensure description is NULL-terminated const char* keyExchange; size_t keyExchangeLength; - if (!GetDescriptionValue(description, "Kx=", 3, &keyExchange, keyExchangeLength)) + if (!GetDescriptionValue(description, "Kx=", 3, &keyExchange, &keyExchangeLength)) { return false; } const char* encryption; size_t encryptionLength; - if (!GetDescriptionValue(description, "Enc=", 4, &encryption, encryptionLength)) + if (!GetDescriptionValue(description, "Enc=", 4, &encryption, &encryptionLength)) { return false; } const char* mac; size_t macLength; - if (!GetDescriptionValue(description, "Mac=", 4, &mac, macLength)) + if (!GetDescriptionValue(description, "Mac=", 4, &mac, &macLength)) { return false; } - keyExchangeAlg = MapExchangeAlgorithmType(keyExchange, keyExchangeLength); - dataCipherAlg = MapCipherAlgorithmType(encryption, encryptionLength); + *keyExchangeAlg = MapExchangeAlgorithmType(keyExchange, keyExchangeLength); + *dataCipherAlg = MapCipherAlgorithmType(encryption, encryptionLength); GetHashAlgorithmTypeAndSize(mac, macLength, dataHashAlg, hashKeySize); return true; } -extern "C" int32_t CryptoNative_GetSslConnectionInfo(SSL* ssl, +int32_t CryptoNative_GetSslConnectionInfo(SSL* ssl, CipherAlgorithmType* dataCipherAlg, ExchangeAlgorithmType* keyExchangeAlg, HashAlgorithmType* dataHashAlg, @@ -395,7 +397,7 @@ extern "C" int32_t CryptoNative_GetSslConnectionInfo(SSL* ssl, } *dataKeySize = cipher->alg_bits; - if (GetSslConnectionInfoFromDescription(cipher, *dataCipherAlg, *keyExchangeAlg, *dataHashAlg, *hashKeySize)) + if (GetSslConnectionInfoFromDescription(cipher, dataCipherAlg, keyExchangeAlg, dataHashAlg, hashKeySize)) { return 1; } @@ -404,104 +406,104 @@ err: assert(false); if (dataCipherAlg) - *dataCipherAlg = CipherAlgorithmType::None; + *dataCipherAlg = CipherAlgorithmType_None; if (keyExchangeAlg) - *keyExchangeAlg = ExchangeAlgorithmType::None; + *keyExchangeAlg = ExchangeAlgorithmType_None; if (dataHashAlg) - *dataHashAlg = HashAlgorithmType::None; + *dataHashAlg = HashAlgorithmType_None; if (dataKeySize) *dataKeySize = 0; if (hashKeySize) - *hashKeySize = DataHashSize::Default; + *hashKeySize = Default; return 0; } -extern "C" int32_t CryptoNative_SslWrite(SSL* ssl, const void* buf, int32_t num) +int32_t CryptoNative_SslWrite(SSL* ssl, const void* buf, int32_t num) { return SSL_write(ssl, buf, num); } -extern "C" int32_t CryptoNative_SslRead(SSL* ssl, void* buf, int32_t num) +int32_t CryptoNative_SslRead(SSL* ssl, void* buf, int32_t num) { return SSL_read(ssl, buf, num); } -extern "C" int32_t CryptoNative_IsSslRenegotiatePending(SSL* ssl) +int32_t CryptoNative_IsSslRenegotiatePending(SSL* ssl) { return SSL_renegotiate_pending(ssl) != 0; } -extern "C" int32_t CryptoNative_SslShutdown(SSL* ssl) +int32_t CryptoNative_SslShutdown(SSL* ssl) { ERR_clear_error(); return SSL_shutdown(ssl); } -extern "C" void CryptoNative_SslSetBio(SSL* ssl, BIO* rbio, BIO* wbio) +void CryptoNative_SslSetBio(SSL* ssl, BIO* rbio, BIO* wbio) { SSL_set_bio(ssl, rbio, wbio); } -extern "C" int32_t CryptoNative_SslDoHandshake(SSL* ssl) +int32_t CryptoNative_SslDoHandshake(SSL* ssl) { ERR_clear_error(); return SSL_do_handshake(ssl); } -extern "C" int32_t CryptoNative_IsSslStateOK(SSL* ssl) +int32_t CryptoNative_IsSslStateOK(SSL* ssl) { return SSL_state(ssl) == SSL_ST_OK; } -extern "C" X509* CryptoNative_SslGetPeerCertificate(SSL* ssl) +X509* CryptoNative_SslGetPeerCertificate(SSL* ssl) { return SSL_get_peer_certificate(ssl); } -extern "C" X509Stack* CryptoNative_SslGetPeerCertChain(SSL* ssl) +X509Stack* CryptoNative_SslGetPeerCertChain(SSL* ssl) { return SSL_get_peer_cert_chain(ssl); } -extern "C" int32_t CryptoNative_SslCtxUseCertificate(SSL_CTX* ctx, X509* x) +int32_t CryptoNative_SslCtxUseCertificate(SSL_CTX* ctx, X509* x) { return SSL_CTX_use_certificate(ctx, x); } -extern "C" int32_t CryptoNative_SslCtxUsePrivateKey(SSL_CTX* ctx, EVP_PKEY* pkey) +int32_t CryptoNative_SslCtxUsePrivateKey(SSL_CTX* ctx, EVP_PKEY* pkey) { return SSL_CTX_use_PrivateKey(ctx, pkey); } -extern "C" int32_t CryptoNative_SslCtxCheckPrivateKey(SSL_CTX* ctx) +int32_t CryptoNative_SslCtxCheckPrivateKey(SSL_CTX* ctx) { return SSL_CTX_check_private_key(ctx); } -extern "C" void CryptoNative_SslCtxSetQuietShutdown(SSL_CTX* ctx) +void CryptoNative_SslCtxSetQuietShutdown(SSL_CTX* ctx) { SSL_CTX_set_quiet_shutdown(ctx, 1); } -extern "C" void CryptoNative_SslSetQuietShutdown(SSL* ssl, int mode) +void CryptoNative_SslSetQuietShutdown(SSL* ssl, int mode) { SSL_set_quiet_shutdown(ssl, mode); } -extern "C" X509NameStack* CryptoNative_SslGetClientCAList(SSL* ssl) +X509NameStack* CryptoNative_SslGetClientCAList(SSL* ssl) { return SSL_get_client_CA_list(ssl); } -extern "C" void CryptoNative_SslCtxSetVerify(SSL_CTX* ctx, SslCtxSetVerifyCallback callback) +void CryptoNative_SslCtxSetVerify(SSL_CTX* ctx, SslCtxSetVerifyCallback callback) { int mode = SSL_VERIFY_PEER; SSL_CTX_set_verify(ctx, mode, callback); } -extern "C" void +void CryptoNative_SslCtxSetCertVerifyCallback(SSL_CTX* ctx, SslCtxSetCertVerifyCallbackCallback callback, void* arg) { SSL_CTX_set_cert_verify_callback(ctx, callback, arg); @@ -514,36 +516,36 @@ CryptoNative_SslCtxSetCertVerifyCallback(SSL_CTX* ctx, SslCtxSetCertVerifyCallba #define SSL_TXT_AllIncludingNull SSL_TXT_ALL SSL_TXT_Separator SSL_TXT_eNULL #define SSL_TXT_NotAnon SSL_TXT_Separator SSL_TXT_Exclusion SSL_TXT_aNULL -extern "C" int32_t CryptoNative_SetEncryptionPolicy(SSL_CTX* ctx, EncryptionPolicy policy) +int32_t CryptoNative_SetEncryptionPolicy(SSL_CTX* ctx, EncryptionPolicy policy) { - const char* cipherString = nullptr; + const char* cipherString = NULL; switch (policy) { - case EncryptionPolicy::RequireEncryption: + case RequireEncryption: cipherString = SSL_TXT_ALL SSL_TXT_NotAnon; break; - case EncryptionPolicy::AllowNoEncryption: + case AllowNoEncryption: cipherString = SSL_TXT_AllIncludingNull; break; - case EncryptionPolicy::NoEncryption: + case NoEncryption: cipherString = SSL_TXT_eNULL; break; } - assert(cipherString != nullptr); + assert(cipherString != NULL); return SSL_CTX_set_cipher_list(ctx, cipherString); } -extern "C" void CryptoNative_SslCtxSetClientCertCallback(SSL_CTX* ctx, SslClientCertCallback callback) +void CryptoNative_SslCtxSetClientCertCallback(SSL_CTX* ctx, SslClientCertCallback callback) { SSL_CTX_set_client_cert_cb(ctx, callback); } -extern "C" int32_t CryptoNative_SslAddExtraChainCert(SSL* ssl, X509* x509) +int32_t CryptoNative_SslAddExtraChainCert(SSL* ssl, X509* x509) { if (!x509 || !ssl) { @@ -559,7 +561,7 @@ extern "C" int32_t CryptoNative_SslAddExtraChainCert(SSL* ssl, X509* x509) return 0; } -extern "C" void CryptoNative_SslCtxSetAlpnSelectCb(SSL_CTX* ctx, SslCtxSetAlpnCallback cb, void* arg) +void CryptoNative_SslCtxSetAlpnSelectCb(SSL_CTX* ctx, SslCtxSetAlpnCallback cb, void* arg) { #if HAVE_OPENSSL_ALPN if (API_EXISTS(SSL_CTX_set_alpn_select_cb)) @@ -573,7 +575,7 @@ extern "C" void CryptoNative_SslCtxSetAlpnSelectCb(SSL_CTX* ctx, SslCtxSetAlpnCa #endif } -extern "C" int32_t CryptoNative_SslCtxSetAlpnProtos(SSL_CTX* ctx, const uint8_t* protos, uint32_t protos_len) +int32_t CryptoNative_SslCtxSetAlpnProtos(SSL_CTX* ctx, const uint8_t* protos, uint32_t protos_len) { #if HAVE_OPENSSL_ALPN if (API_EXISTS(SSL_CTX_set_alpn_protos)) @@ -591,7 +593,7 @@ extern "C" int32_t CryptoNative_SslCtxSetAlpnProtos(SSL_CTX* ctx, const uint8_t* } } -extern "C" void CryptoNative_SslGet0AlpnSelected(SSL* ssl, const uint8_t** protocol, uint32_t* len) +void CryptoNative_SslGet0AlpnSelected(SSL* ssl, const uint8_t** protocol, uint32_t* len) { #if HAVE_OPENSSL_ALPN if (API_EXISTS(SSL_get0_alpn_selected)) @@ -603,13 +605,13 @@ extern "C" void CryptoNative_SslGet0AlpnSelected(SSL* ssl, const uint8_t** proto (void)ssl; #endif { - *protocol = nullptr; + *protocol = NULL; *len = 0; } } -extern "C" int32_t CryptoNative_SslSetTlsExtHostName(SSL* ssl, const uint8_t* name) +int32_t CryptoNative_SslSetTlsExtHostName(SSL* ssl, uint8_t* name) { - return static_cast<int32_t>(SSL_set_tlsext_host_name(ssl, const_cast<unsigned char*>(name))); + return (int32_t)SSL_set_tlsext_host_name(ssl, name); } diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_ssl.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_ssl.h index a5415a17d9..971018b686 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_ssl.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_ssl.h @@ -3,12 +3,13 @@ // See the LICENSE file in the project root for more information. #include "pal_crypto_types.h" +#include "pal_compiler.h" #include "opensslshim.h" /* These values should be kept in sync with System.Security.Authentication.SslProtocols. */ -enum SslProtocols : int32_t +typedef enum { PAL_SSL_NONE = 0, PAL_SSL_SSL2 = 12, @@ -16,24 +17,24 @@ enum SslProtocols : int32_t PAL_SSL_TLS = 192, PAL_SSL_TLS11 = 768, PAL_SSL_TLS12 = 3072 -}; +} SslProtocols; /* These values should be kept in sync with System.Net.Security.EncryptionPolicy. */ -enum class EncryptionPolicy : int32_t +typedef enum { RequireEncryption = 0, AllowNoEncryption, NoEncryption -}; +} EncryptionPolicy; /* These values should be kept in sync with System.Security.Authentication.CipherAlgorithmType. */ -enum class CipherAlgorithmType : int32_t +typedef enum { - None = 0, + CipherAlgorithmType_None = 0, Null = 24576, Des = 26113, Rc2 = 26114, @@ -50,14 +51,14 @@ enum class CipherAlgorithmType : int32_t SSL_CAMELLIA256 = 229382, SSL_eGOST2814789CNT = 229383, SSL_SEED = 229384, -}; +} CipherAlgorithmType; /* These values should be kept in sync with System.Security.Authentication.ExchangeAlgorithmType. */ -enum class ExchangeAlgorithmType : int32_t +typedef enum { - None, + ExchangeAlgorithmType_None, RsaSign = 9216, RsaKeyX = 41984, DiffieHellman = 43522, @@ -70,14 +71,14 @@ enum class ExchangeAlgorithmType : int32_t SSL_kGOST = 229391, SSL_kSRP = 229392, SSL_kKRB5 = 229393, -}; +} ExchangeAlgorithmType; /* These values should be kept in sync with System.Security.Authentication.HashAlgorithmType. */ -enum class HashAlgorithmType : int32_t +typedef enum { - None = 0, + HashAlgorithmType_None = 0, Md5 = 32771, Sha1 = 32772, @@ -87,9 +88,9 @@ enum class HashAlgorithmType : int32_t SSL_GOST94 = 229410, SSL_GOST89 = 229411, SSL_AEAD = 229412, -}; +} HashAlgorithmType; -enum class DataHashSize : int32_t +typedef enum { MD5_HashKeySize = 8 * MD5_DIGEST_LENGTH, SHA1_HashKeySize = 8 * SHA_DIGEST_LENGTH, @@ -97,9 +98,9 @@ enum class DataHashSize : int32_t SHA384_HashKeySize = 8 * SHA384_DIGEST_LENGTH, GOST_HashKeySize = 256, Default = 0, -}; +} DataHashSize; -enum SslErrorCode : int32_t +enum SslErrorCode { PAL_SSL_ERROR_NONE = 0, PAL_SSL_ERROR_SSL = 1, @@ -128,40 +129,40 @@ typedef int32_t (*SslCtxSetAlpnCallback)(SSL* ssl, /* Ensures that libssl is correctly initialized and ready to use. */ -extern "C" void CryptoNative_EnsureLibSslInitialized(); +DLLEXPORT void CryptoNative_EnsureLibSslInitialized(void); /* Shims the SSLv23_method method. Returns the requested SSL_METHOD. */ -extern "C" const SSL_METHOD* CryptoNative_SslV2_3Method(); +DLLEXPORT const SSL_METHOD* CryptoNative_SslV2_3Method(void); /* Shims the SSL_CTX_new method. Returns the new SSL_CTX instance. */ -extern "C" SSL_CTX* CryptoNative_SslCtxCreate(SSL_METHOD* method); +DLLEXPORT SSL_CTX* CryptoNative_SslCtxCreate(SSL_METHOD* method); /* Sets the specified protocols in the SSL_CTX options. */ -extern "C" void CryptoNative_SetProtocolOptions(SSL_CTX* ctx, SslProtocols protocols); +DLLEXPORT void CryptoNative_SetProtocolOptions(SSL_CTX* ctx, SslProtocols protocols); /* Shims the SSL_new method. Returns the new SSL instance. */ -extern "C" SSL* CryptoNative_SslCreate(SSL_CTX* ctx); +DLLEXPORT SSL* CryptoNative_SslCreate(SSL_CTX* ctx); /* Shims the SSL_get_error method. Returns the error code for the specified result. */ -extern "C" int32_t CryptoNative_SslGetError(SSL* ssl, int32_t ret); +DLLEXPORT int32_t CryptoNative_SslGetError(SSL* ssl, int32_t ret); /* Cleans up and deletes an SSL instance. @@ -172,7 +173,7 @@ No-op if ssl is null. The given X509 SSL is invalid after this call. Always succeeds. */ -extern "C" void CryptoNative_SslDestroy(SSL* ssl); +DLLEXPORT void CryptoNative_SslDestroy(SSL* ssl); /* Cleans up and deletes an SSL_CTX instance. @@ -183,24 +184,24 @@ No-op if ctx is null. The given X509 SSL_CTX is invalid after this call. Always succeeds. */ -extern "C" void CryptoNative_SslCtxDestroy(SSL_CTX* ctx); +DLLEXPORT void CryptoNative_SslCtxDestroy(SSL_CTX* ctx); /* Shims the SSL_set_connect_state method. */ -extern "C" void CryptoNative_SslSetConnectState(SSL* ssl); +DLLEXPORT void CryptoNative_SslSetConnectState(SSL* ssl); /* Shims the SSL_set_accept_state method. */ -extern "C" void CryptoNative_SslSetAcceptState(SSL* ssl); +DLLEXPORT void CryptoNative_SslSetAcceptState(SSL* ssl); /* Shims the SSL_get_version method. Returns the protocol version string for the SSL instance. */ -extern "C" const char* CryptoNative_SslGetVersion(SSL* ssl); +DLLEXPORT const char* CryptoNative_SslGetVersion(SSL* ssl); /* Returns the connection information for the SSL instance. @@ -208,7 +209,7 @@ Returns the connection information for the SSL instance. Returns 1 upon success, otherwise 0. */ -extern "C" int32_t CryptoNative_GetSslConnectionInfo(SSL* ssl, +DLLEXPORT int32_t CryptoNative_GetSslConnectionInfo(SSL* ssl, CipherAlgorithmType* dataCipherAlg, ExchangeAlgorithmType* keyExchangeAlg, HashAlgorithmType* dataHashAlg, @@ -221,7 +222,7 @@ Shims the SSL_write method. Returns the positive number of bytes written when successful, 0 or a negative number when an error is encountered. */ -extern "C" int32_t CryptoNative_SslWrite(SSL* ssl, const void* buf, int32_t num); +DLLEXPORT int32_t CryptoNative_SslWrite(SSL* ssl, const void* buf, int32_t num); /* Shims the SSL_read method. @@ -229,14 +230,14 @@ Shims the SSL_read method. Returns the positive number of bytes read when successful, 0 or a negative number when an error is encountered. */ -extern "C" int32_t CryptoNative_SslRead(SSL* ssl, void* buf, int32_t num); +DLLEXPORT int32_t CryptoNative_SslRead(SSL* ssl, void* buf, int32_t num); /* Shims the SSL_renegotiate_pending method. Returns 1 when negotiation is requested; 0 once a handshake has finished. */ -extern "C" int32_t CryptoNative_IsSslRenegotiatePending(SSL* ssl); +DLLEXPORT int32_t CryptoNative_IsSslRenegotiatePending(SSL* ssl); /* Shims the SSL_shutdown method. @@ -246,12 +247,12 @@ Returns: 0 if the shutdown is not yet finished; <0 if the shutdown was not successful because a fatal error. */ -extern "C" int32_t CryptoNative_SslShutdown(SSL* ssl); +DLLEXPORT int32_t CryptoNative_SslShutdown(SSL* ssl); /* Shims the SSL_set_bio method. */ -extern "C" void CryptoNative_SslSetBio(SSL* ssl, BIO* rbio, BIO* wbio); +DLLEXPORT void CryptoNative_SslSetBio(SSL* ssl, BIO* rbio, BIO* wbio); /* Shims the SSL_do_handshake method. @@ -262,104 +263,104 @@ Returns: and by the specifications of the TLS/SSL protocol; <0 if the handshake was not successful because of a fatal error. */ -extern "C" int32_t CryptoNative_SslDoHandshake(SSL* ssl); +DLLEXPORT int32_t CryptoNative_SslDoHandshake(SSL* ssl); /* Gets a value indicating whether the SSL_state is SSL_ST_OK. Returns 1 if the state is OK, otherwise 0. */ -extern "C" int32_t CryptoNative_IsSslStateOK(SSL* ssl); +DLLEXPORT int32_t CryptoNative_IsSslStateOK(SSL* ssl); /* Shims the SSL_get_peer_certificate method. Returns the certificate presented by the peer. */ -extern "C" X509* CryptoNative_SslGetPeerCertificate(SSL* ssl); +DLLEXPORT X509* CryptoNative_SslGetPeerCertificate(SSL* ssl); /* Shims the SSL_get_peer_cert_chain method. Returns the certificate chain presented by the peer. */ -extern "C" X509Stack* CryptoNative_SslGetPeerCertChain(SSL* ssl); +DLLEXPORT X509Stack* CryptoNative_SslGetPeerCertChain(SSL* ssl); /* Shims the SSL_CTX_use_certificate method. Returns 1 upon success, otherwise 0. */ -extern "C" int32_t CryptoNative_SslCtxUseCertificate(SSL_CTX* ctx, X509* x); +DLLEXPORT int32_t CryptoNative_SslCtxUseCertificate(SSL_CTX* ctx, X509* x); /* Shims the SSL_CTX_use_PrivateKey method. Returns 1 upon success, otherwise 0. */ -extern "C" int32_t CryptoNative_SslCtxUsePrivateKey(SSL_CTX* ctx, EVP_PKEY* pkey); +DLLEXPORT int32_t CryptoNative_SslCtxUsePrivateKey(SSL_CTX* ctx, EVP_PKEY* pkey); /* Shims the SSL_CTX_check_private_key method. Returns 1 upon success, otherwise 0. */ -extern "C" int32_t CryptoNative_SslCtxCheckPrivateKey(SSL_CTX* ctx); +DLLEXPORT int32_t CryptoNative_SslCtxCheckPrivateKey(SSL_CTX* ctx); /* Shims the SSL_CTX_set_quiet_shutdown method. */ -extern "C" void CryptoNative_SslCtxSetQuietShutdown(SSL_CTX* ctx); +DLLEXPORT void CryptoNative_SslCtxSetQuietShutdown(SSL_CTX* ctx); /* Shims the SSL_set_quiet_shutdown method. */ -extern "C" void CryptoNative_SslSetQuietShutdown(SSL* ctx, int mode); +DLLEXPORT void CryptoNative_SslSetQuietShutdown(SSL* ctx, int mode); /* Shims the SSL_get_client_CA_list method. Returns the list of CA names explicity set. */ -extern "C" X509NameStack* CryptoNative_SslGetClientCAList(SSL* ssl); +DLLEXPORT X509NameStack* CryptoNative_SslGetClientCAList(SSL* ssl); /* Shims the SSL_CTX_set_verify method. */ -extern "C" void CryptoNative_SslCtxSetVerify(SSL_CTX* ctx, SslCtxSetVerifyCallback callback); +DLLEXPORT void CryptoNative_SslCtxSetVerify(SSL_CTX* ctx, SslCtxSetVerifyCallback callback); /* Shims the SSL_CTX_set_cert_verify_callback method. */ -extern "C" void +DLLEXPORT void CryptoNative_SslCtxSetCertVerifyCallback(SSL_CTX* ctx, SslCtxSetCertVerifyCallbackCallback callback, void* arg); /* Sets the specified encryption policy on the SSL_CTX. Returns 1 if any cipher could be selected, and 0 if none were available. */ -extern "C" int32_t CryptoNative_SetEncryptionPolicy(SSL_CTX* ctx, EncryptionPolicy policy); +DLLEXPORT int32_t CryptoNative_SetEncryptionPolicy(SSL_CTX* ctx, EncryptionPolicy policy); /* Shims the SSL_CTX_set_client_cert_cb method */ -extern "C" void CryptoNative_SslCtxSetClientCertCallback(SSL_CTX* ctx, SslClientCertCallback callback); +DLLEXPORT void CryptoNative_SslCtxSetClientCertCallback(SSL_CTX* ctx, SslClientCertCallback callback); /* Shims the SSL_get_finished method. */ -extern "C" int32_t CryptoNative_SslGetFinished(SSL* ssl, void* buf, int32_t count); +DLLEXPORT int32_t CryptoNative_SslGetFinished(SSL* ssl, void* buf, int32_t count); /* Shims the SSL_get_peer_finished method. */ -extern "C" int32_t CryptoNative_SslGetPeerFinished(SSL* ssl, void* buf, int32_t count); +DLLEXPORT int32_t CryptoNative_SslGetPeerFinished(SSL* ssl, void* buf, int32_t count); /* Returns true/false based on if existing ssl session was re-used or not. Shims the SSL_session_reused macro. */ -extern "C" int32_t CryptoNative_SslSessionReused(SSL* ssl); +DLLEXPORT int32_t CryptoNative_SslSessionReused(SSL* ssl); /* adds the given certificate to the extra chain certificates associated with ctx that is associated with the ssl. @@ -367,26 +368,26 @@ adds the given certificate to the extra chain certificates associated with ctx t libssl frees the x509 object. Returns 1 if success and 0 in case of failure */ -extern "C" int32_t CryptoNative_SslAddExtraChainCert(SSL* ssl, X509* x509); +DLLEXPORT int32_t CryptoNative_SslAddExtraChainCert(SSL* ssl, X509* x509); /* Shims the ssl_ctx_set_alpn_select_cb method. */ -extern "C" void CryptoNative_SslCtxSetAlpnSelectCb(SSL_CTX* ctx, SslCtxSetAlpnCallback cb, void *arg); +DLLEXPORT void CryptoNative_SslCtxSetAlpnSelectCb(SSL_CTX* ctx, SslCtxSetAlpnCallback cb, void *arg); /* Shims the ssl_ctx_set_alpn_protos method. Returns 0 on success, non-zero on failure. */ -extern "C" int32_t CryptoNative_SslCtxSetAlpnProtos(SSL_CTX* ctx, const uint8_t* protos, uint32_t protos_len); +DLLEXPORT int32_t CryptoNative_SslCtxSetAlpnProtos(SSL_CTX* ctx, const uint8_t* protos, uint32_t protos_len); /* Shims the ssl_get0_alpn_selected method. */ -extern "C" void CryptoNative_SslGet0AlpnSelected(SSL* ssl, const uint8_t** protocol, uint32_t* len); +DLLEXPORT void CryptoNative_SslGet0AlpnSelected(SSL* ssl, const uint8_t** protocol, uint32_t* len); /* Shims the SSL_set_tlsext_host_name method. */ -extern "C" int32_t CryptoNative_SslSetTlsExtHostName(SSL* ssl, const uint8_t* name); +DLLEXPORT int32_t CryptoNative_SslSetTlsExtHostName(SSL* ssl, uint8_t* name); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_x509.c b/src/Native/Unix/System.Security.Cryptography.Native/pal_x509.c new file mode 100644 index 0000000000..67e2e2521e --- /dev/null +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_x509.c @@ -0,0 +1,310 @@ +// Licensed to the .NET Foundation under one or more agreements. +// The .NET Foundation licenses this file to you under the MIT license. +// See the LICENSE file in the project root for more information. + +#include "pal_x509.h" + +#include <stdbool.h> +#include <assert.h> + +c_static_assert(PAL_X509_V_OK == X509_V_OK); +c_static_assert(PAL_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT); +c_static_assert(PAL_X509_V_ERR_UNABLE_TO_GET_CRL == X509_V_ERR_UNABLE_TO_GET_CRL); +c_static_assert(PAL_X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE == X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE); +c_static_assert(PAL_X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY == X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY); +c_static_assert(PAL_X509_V_ERR_CERT_SIGNATURE_FAILURE == X509_V_ERR_CERT_SIGNATURE_FAILURE); +c_static_assert(PAL_X509_V_ERR_CRL_SIGNATURE_FAILURE == X509_V_ERR_CRL_SIGNATURE_FAILURE); +c_static_assert(PAL_X509_V_ERR_CERT_NOT_YET_VALID == X509_V_ERR_CERT_NOT_YET_VALID); +c_static_assert(PAL_X509_V_ERR_CERT_HAS_EXPIRED == X509_V_ERR_CERT_HAS_EXPIRED); +c_static_assert(PAL_X509_V_ERR_CRL_NOT_YET_VALID == X509_V_ERR_CRL_NOT_YET_VALID); +c_static_assert(PAL_X509_V_ERR_CRL_HAS_EXPIRED == X509_V_ERR_CRL_HAS_EXPIRED); +c_static_assert(PAL_X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD == X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD); +c_static_assert(PAL_X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD == X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD); +c_static_assert(PAL_X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD == X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD); +c_static_assert(PAL_X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD == X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD); +c_static_assert(PAL_X509_V_ERR_OUT_OF_MEM == X509_V_ERR_OUT_OF_MEM); +c_static_assert(PAL_X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT); +c_static_assert(PAL_X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN); +c_static_assert(PAL_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY); +c_static_assert(PAL_X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE == X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE); +c_static_assert(PAL_X509_V_ERR_CERT_CHAIN_TOO_LONG == X509_V_ERR_CERT_CHAIN_TOO_LONG); +c_static_assert(PAL_X509_V_ERR_CERT_REVOKED == X509_V_ERR_CERT_REVOKED); +c_static_assert(PAL_X509_V_ERR_INVALID_CA == X509_V_ERR_INVALID_CA); +c_static_assert(PAL_X509_V_ERR_PATH_LENGTH_EXCEEDED == X509_V_ERR_PATH_LENGTH_EXCEEDED); +c_static_assert(PAL_X509_V_ERR_INVALID_PURPOSE == X509_V_ERR_INVALID_PURPOSE); +c_static_assert(PAL_X509_V_ERR_CERT_UNTRUSTED == X509_V_ERR_CERT_UNTRUSTED); +c_static_assert(PAL_X509_V_ERR_CERT_REJECTED == X509_V_ERR_CERT_REJECTED); +c_static_assert(PAL_X509_V_ERR_KEYUSAGE_NO_CERTSIGN == X509_V_ERR_KEYUSAGE_NO_CERTSIGN); +c_static_assert(PAL_X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER == X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER); +c_static_assert(PAL_X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION == X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION); +c_static_assert(PAL_X509_V_ERR_KEYUSAGE_NO_CRL_SIGN == X509_V_ERR_KEYUSAGE_NO_CRL_SIGN); +c_static_assert(PAL_X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION == X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION); +c_static_assert(PAL_X509_V_ERR_INVALID_NON_CA == X509_V_ERR_INVALID_NON_CA); +c_static_assert(PAL_X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE == X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE); +c_static_assert(PAL_X509_V_ERR_INVALID_EXTENSION == X509_V_ERR_INVALID_EXTENSION); +c_static_assert(PAL_X509_V_ERR_INVALID_POLICY_EXTENSION == X509_V_ERR_INVALID_POLICY_EXTENSION); +c_static_assert(PAL_X509_V_ERR_NO_EXPLICIT_POLICY == X509_V_ERR_NO_EXPLICIT_POLICY); + +EVP_PKEY* CryptoNative_GetX509EvpPublicKey(X509* x509) +{ + if (!x509) + { + return NULL; + } + + // X509_get_X509_PUBKEY returns an interior pointer, so should not be freed + return X509_PUBKEY_get(X509_get_X509_PUBKEY(x509)); +} + +X509_CRL* CryptoNative_DecodeX509Crl(const uint8_t* buf, int32_t len) +{ + if (!buf || !len) + { + return NULL; + } + + return d2i_X509_CRL(NULL, &buf, len); +} + +X509* CryptoNative_DecodeX509(const uint8_t* buf, int32_t len) +{ + if (!buf || !len) + { + return NULL; + } + + return d2i_X509(NULL, &buf, len); +} + +int32_t CryptoNative_GetX509DerSize(X509* x) +{ + return i2d_X509(x, NULL); +} + +int32_t CryptoNative_EncodeX509(X509* x, uint8_t* buf) +{ + return i2d_X509(x, &buf); +} + +void CryptoNative_X509Destroy(X509* a) +{ + if (a != NULL) + { + X509_free(a); + } +} + +X509* CryptoNative_X509Duplicate(X509* x509) +{ + return X509_dup(x509); +} + +X509* CryptoNative_PemReadX509FromBio(BIO* bio) +{ + return PEM_read_bio_X509_AUX(bio, NULL, NULL, NULL); +} + +ASN1_INTEGER* CryptoNative_X509GetSerialNumber(X509* x509) +{ + return X509_get_serialNumber(x509); +} + +X509_NAME* CryptoNative_X509GetIssuerName(X509* x509) +{ + return X509_get_issuer_name(x509); +} + +X509_NAME* CryptoNative_X509GetSubjectName(X509* x509) +{ + return X509_get_subject_name(x509); +} + +int32_t CryptoNative_X509CheckPurpose(X509* x, int32_t id, int32_t ca) +{ + return X509_check_purpose(x, id, ca); +} + +int32_t CryptoNative_X509CheckIssued(X509* issuer, X509* subject) +{ + return X509_check_issued(issuer, subject); +} + +uint64_t CryptoNative_X509IssuerNameHash(X509* x) +{ + return X509_issuer_name_hash(x); +} + +int32_t CryptoNative_X509GetExtCount(X509* x) +{ + return X509_get_ext_count(x); +} + +X509_EXTENSION* CryptoNative_X509GetExt(X509* x, int32_t loc) +{ + return X509_get_ext(x, loc); +} + +ASN1_OBJECT* CryptoNative_X509ExtensionGetOid(X509_EXTENSION* x) +{ + return X509_EXTENSION_get_object(x); +} + +ASN1_OCTET_STRING* CryptoNative_X509ExtensionGetData(X509_EXTENSION* x) +{ + return X509_EXTENSION_get_data(x); +} + +int32_t CryptoNative_X509ExtensionGetCritical(X509_EXTENSION* x) +{ + return X509_EXTENSION_get_critical(x); +} + +X509_STORE* CryptoNative_X509StoreCreate() +{ + return X509_STORE_new(); +} + +void CryptoNative_X509StoreDestory(X509_STORE* v) +{ + if (v != NULL) + { + X509_STORE_free(v); + } +} + +int32_t CryptoNative_X509StoreAddCert(X509_STORE* ctx, X509* x) +{ + return X509_STORE_add_cert(ctx, x); +} + +int32_t CryptoNative_X509StoreAddCrl(X509_STORE* ctx, X509_CRL* x) +{ + return X509_STORE_add_crl(ctx, x); +} + +int32_t CryptoNative_X509StoreSetRevocationFlag(X509_STORE* ctx, X509RevocationFlag revocationFlag) +{ + unsigned long verifyFlags = X509_V_FLAG_CRL_CHECK; + + if (revocationFlag != EndCertificateOnly) + { + verifyFlags |= X509_V_FLAG_CRL_CHECK_ALL; + } + + return X509_STORE_set_flags(ctx, verifyFlags); +} + +X509_STORE_CTX* CryptoNative_X509StoreCtxCreate() +{ + return X509_STORE_CTX_new(); +} + +void CryptoNative_X509StoreCtxDestroy(X509_STORE_CTX* v) +{ + if (v != NULL) + { + X509_STORE_CTX_free(v); + } +} + +int32_t CryptoNative_X509StoreCtxInit(X509_STORE_CTX* ctx, X509_STORE* store, X509* x509, X509Stack* extraStore) +{ + int32_t val = X509_STORE_CTX_init(ctx, store, x509, extraStore); + + if (val != 0) + { + X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_CHECK_SS_SIGNATURE); + } + + return val; +} + +int32_t CryptoNative_X509VerifyCert(X509_STORE_CTX* ctx) +{ + return X509_verify_cert(ctx); +} + +X509Stack* CryptoNative_X509StoreCtxGetChain(X509_STORE_CTX* ctx) +{ + return X509_STORE_CTX_get1_chain(ctx); +} + +X509Stack* CryptoNative_X509StoreCtxGetSharedUntrusted(X509_STORE_CTX* ctx) +{ + return ctx ? ctx->untrusted : NULL; +} + +X509* CryptoNative_X509StoreCtxGetTargetCert(X509_STORE_CTX* ctx) +{ + return ctx ? ctx->cert : NULL; +} + +X509VerifyStatusCode CryptoNative_X509StoreCtxGetError(X509_STORE_CTX* ctx) +{ + return (unsigned int)X509_STORE_CTX_get_error(ctx); +} + +void CryptoNative_X509StoreCtxSetVerifyCallback(X509_STORE_CTX* ctx, X509StoreVerifyCallback callback) +{ + X509_STORE_CTX_set_verify_cb(ctx, callback); +} + +int32_t CryptoNative_X509StoreCtxGetErrorDepth(X509_STORE_CTX* ctx) +{ + return X509_STORE_CTX_get_error_depth(ctx); +} + +const char* CryptoNative_X509VerifyCertErrorString(X509VerifyStatusCode n) +{ + return X509_verify_cert_error_string(n); +} + +void CryptoNative_X509CrlDestroy(X509_CRL* a) +{ + if (a != NULL) + { + X509_CRL_free(a); + } +} + +int32_t CryptoNative_PemWriteBioX509Crl(BIO* bio, X509_CRL* crl) +{ + return PEM_write_bio_X509_CRL(bio, crl); +} + +X509_CRL* CryptoNative_PemReadBioX509Crl(BIO* bio) +{ + return PEM_read_bio_X509_CRL(bio, NULL, NULL, NULL); +} + +int32_t CryptoNative_GetX509SubjectPublicKeyInfoDerSize(X509* x509) +{ + if (!x509) + { + return 0; + } + + // X509_get_X509_PUBKEY returns an interior pointer, so should not be freed + return i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x509), NULL); +} + +int32_t CryptoNative_EncodeX509SubjectPublicKeyInfo(X509* x509, uint8_t* buf) +{ + if (!x509) + { + return 0; + } + + // X509_get_X509_PUBKEY returns an interior pointer, so should not be freed + return i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x509), &buf); +} + +X509* CryptoNative_X509UpRef(X509* x509) +{ + if (x509 != NULL) + { + CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509); + } + + return x509; +} diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_x509.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_x509.cpp deleted file mode 100644 index 3118c9aa2c..0000000000 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_x509.cpp +++ /dev/null @@ -1,309 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -#include "pal_x509.h" - -#include <assert.h> - -static_assert(PAL_X509_V_OK == X509_V_OK, ""); -static_assert(PAL_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT, ""); -static_assert(PAL_X509_V_ERR_UNABLE_TO_GET_CRL == X509_V_ERR_UNABLE_TO_GET_CRL, ""); -static_assert(PAL_X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE == X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE, ""); -static_assert(PAL_X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY == X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY, ""); -static_assert(PAL_X509_V_ERR_CERT_SIGNATURE_FAILURE == X509_V_ERR_CERT_SIGNATURE_FAILURE, ""); -static_assert(PAL_X509_V_ERR_CRL_SIGNATURE_FAILURE == X509_V_ERR_CRL_SIGNATURE_FAILURE, ""); -static_assert(PAL_X509_V_ERR_CERT_NOT_YET_VALID == X509_V_ERR_CERT_NOT_YET_VALID, ""); -static_assert(PAL_X509_V_ERR_CERT_HAS_EXPIRED == X509_V_ERR_CERT_HAS_EXPIRED, ""); -static_assert(PAL_X509_V_ERR_CRL_NOT_YET_VALID == X509_V_ERR_CRL_NOT_YET_VALID, ""); -static_assert(PAL_X509_V_ERR_CRL_HAS_EXPIRED == X509_V_ERR_CRL_HAS_EXPIRED, ""); -static_assert(PAL_X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD == X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD, ""); -static_assert(PAL_X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD == X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD, ""); -static_assert(PAL_X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD == X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD, ""); -static_assert(PAL_X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD == X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD, ""); -static_assert(PAL_X509_V_ERR_OUT_OF_MEM == X509_V_ERR_OUT_OF_MEM, ""); -static_assert(PAL_X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT, ""); -static_assert(PAL_X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN, ""); -static_assert(PAL_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY, ""); -static_assert(PAL_X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE == X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE, ""); -static_assert(PAL_X509_V_ERR_CERT_CHAIN_TOO_LONG == X509_V_ERR_CERT_CHAIN_TOO_LONG, ""); -static_assert(PAL_X509_V_ERR_CERT_REVOKED == X509_V_ERR_CERT_REVOKED, ""); -static_assert(PAL_X509_V_ERR_INVALID_CA == X509_V_ERR_INVALID_CA, ""); -static_assert(PAL_X509_V_ERR_PATH_LENGTH_EXCEEDED == X509_V_ERR_PATH_LENGTH_EXCEEDED, ""); -static_assert(PAL_X509_V_ERR_INVALID_PURPOSE == X509_V_ERR_INVALID_PURPOSE, ""); -static_assert(PAL_X509_V_ERR_CERT_UNTRUSTED == X509_V_ERR_CERT_UNTRUSTED, ""); -static_assert(PAL_X509_V_ERR_CERT_REJECTED == X509_V_ERR_CERT_REJECTED, ""); -static_assert(PAL_X509_V_ERR_KEYUSAGE_NO_CERTSIGN == X509_V_ERR_KEYUSAGE_NO_CERTSIGN, ""); -static_assert(PAL_X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER == X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER, ""); -static_assert(PAL_X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION == X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION, ""); -static_assert(PAL_X509_V_ERR_KEYUSAGE_NO_CRL_SIGN == X509_V_ERR_KEYUSAGE_NO_CRL_SIGN, ""); -static_assert(PAL_X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION == X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION, ""); -static_assert(PAL_X509_V_ERR_INVALID_NON_CA == X509_V_ERR_INVALID_NON_CA, ""); -static_assert(PAL_X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE == X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE, ""); -static_assert(PAL_X509_V_ERR_INVALID_EXTENSION == X509_V_ERR_INVALID_EXTENSION, ""); -static_assert(PAL_X509_V_ERR_INVALID_POLICY_EXTENSION == X509_V_ERR_INVALID_POLICY_EXTENSION, ""); -static_assert(PAL_X509_V_ERR_NO_EXPLICIT_POLICY == X509_V_ERR_NO_EXPLICIT_POLICY, ""); - -extern "C" EVP_PKEY* CryptoNative_GetX509EvpPublicKey(X509* x509) -{ - if (!x509) - { - return nullptr; - } - - // X509_get_X509_PUBKEY returns an interior pointer, so should not be freed - return X509_PUBKEY_get(X509_get_X509_PUBKEY(x509)); -} - -extern "C" X509_CRL* CryptoNative_DecodeX509Crl(const uint8_t* buf, int32_t len) -{ - if (!buf || !len) - { - return nullptr; - } - - return d2i_X509_CRL(nullptr, &buf, len); -} - -extern "C" X509* CryptoNative_DecodeX509(const uint8_t* buf, int32_t len) -{ - if (!buf || !len) - { - return nullptr; - } - - return d2i_X509(nullptr, &buf, len); -} - -extern "C" int32_t CryptoNative_GetX509DerSize(X509* x) -{ - return i2d_X509(x, nullptr); -} - -extern "C" int32_t CryptoNative_EncodeX509(X509* x, uint8_t* buf) -{ - return i2d_X509(x, &buf); -} - -extern "C" void CryptoNative_X509Destroy(X509* a) -{ - if (a != nullptr) - { - X509_free(a); - } -} - -extern "C" X509* CryptoNative_X509Duplicate(X509* x509) -{ - return X509_dup(x509); -} - -extern "C" X509* CryptoNative_PemReadX509FromBio(BIO* bio) -{ - return PEM_read_bio_X509_AUX(bio, nullptr, nullptr, nullptr); -} - -extern "C" ASN1_INTEGER* CryptoNative_X509GetSerialNumber(X509* x509) -{ - return X509_get_serialNumber(x509); -} - -extern "C" X509_NAME* CryptoNative_X509GetIssuerName(X509* x509) -{ - return X509_get_issuer_name(x509); -} - -extern "C" X509_NAME* CryptoNative_X509GetSubjectName(X509* x509) -{ - return X509_get_subject_name(x509); -} - -extern "C" int32_t CryptoNative_X509CheckPurpose(X509* x, int32_t id, int32_t ca) -{ - return X509_check_purpose(x, id, ca); -} - -extern "C" int32_t CryptoNative_X509CheckIssued(X509* issuer, X509* subject) -{ - return X509_check_issued(issuer, subject); -} - -extern "C" uint64_t CryptoNative_X509IssuerNameHash(X509* x) -{ - return X509_issuer_name_hash(x); -} - -extern "C" int32_t CryptoNative_X509GetExtCount(X509* x) -{ - return X509_get_ext_count(x); -} - -extern "C" X509_EXTENSION* CryptoNative_X509GetExt(X509* x, int32_t loc) -{ - return X509_get_ext(x, loc); -} - -extern "C" ASN1_OBJECT* CryptoNative_X509ExtensionGetOid(X509_EXTENSION* x) -{ - return X509_EXTENSION_get_object(x); -} - -extern "C" ASN1_OCTET_STRING* CryptoNative_X509ExtensionGetData(X509_EXTENSION* x) -{ - return X509_EXTENSION_get_data(x); -} - -extern "C" int32_t CryptoNative_X509ExtensionGetCritical(X509_EXTENSION* x) -{ - return X509_EXTENSION_get_critical(x); -} - -extern "C" X509_STORE* CryptoNative_X509StoreCreate() -{ - return X509_STORE_new(); -} - -extern "C" void CryptoNative_X509StoreDestory(X509_STORE* v) -{ - if (v != nullptr) - { - X509_STORE_free(v); - } -} - -extern "C" int32_t CryptoNative_X509StoreAddCert(X509_STORE* ctx, X509* x) -{ - return X509_STORE_add_cert(ctx, x); -} - -extern "C" int32_t CryptoNative_X509StoreAddCrl(X509_STORE* ctx, X509_CRL* x) -{ - return X509_STORE_add_crl(ctx, x); -} - -extern "C" int32_t CryptoNative_X509StoreSetRevocationFlag(X509_STORE* ctx, X509RevocationFlag revocationFlag) -{ - unsigned long verifyFlags = X509_V_FLAG_CRL_CHECK; - - if (revocationFlag != X509RevocationFlag::EndCertificateOnly) - { - verifyFlags |= X509_V_FLAG_CRL_CHECK_ALL; - } - - return X509_STORE_set_flags(ctx, verifyFlags); -} - -extern "C" X509_STORE_CTX* CryptoNative_X509StoreCtxCreate() -{ - return X509_STORE_CTX_new(); -} - -extern "C" void CryptoNative_X509StoreCtxDestroy(X509_STORE_CTX* v) -{ - if (v != nullptr) - { - X509_STORE_CTX_free(v); - } -} - -extern "C" int32_t CryptoNative_X509StoreCtxInit(X509_STORE_CTX* ctx, X509_STORE* store, X509* x509, X509Stack* extraStore) -{ - int32_t val = X509_STORE_CTX_init(ctx, store, x509, extraStore); - - if (val != 0) - { - X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_CHECK_SS_SIGNATURE); - } - - return val; -} - -extern "C" int32_t CryptoNative_X509VerifyCert(X509_STORE_CTX* ctx) -{ - return X509_verify_cert(ctx); -} - -extern "C" X509Stack* CryptoNative_X509StoreCtxGetChain(X509_STORE_CTX* ctx) -{ - return X509_STORE_CTX_get1_chain(ctx); -} - -extern "C" X509Stack* CryptoNative_X509StoreCtxGetSharedUntrusted(X509_STORE_CTX* ctx) -{ - return ctx ? ctx->untrusted : nullptr; -} - -extern "C" X509* CryptoNative_X509StoreCtxGetTargetCert(X509_STORE_CTX* ctx) -{ - return ctx ? ctx->cert : nullptr; -} - -extern "C" X509VerifyStatusCode CryptoNative_X509StoreCtxGetError(X509_STORE_CTX* ctx) -{ - return static_cast<X509VerifyStatusCode>(X509_STORE_CTX_get_error(ctx)); -} - -extern "C" void CryptoNative_X509StoreCtxSetVerifyCallback(X509_STORE_CTX* ctx, X509StoreVerifyCallback callback) -{ - X509_STORE_CTX_set_verify_cb(ctx, callback); -} - -extern "C" int32_t CryptoNative_X509StoreCtxGetErrorDepth(X509_STORE_CTX* ctx) -{ - return X509_STORE_CTX_get_error_depth(ctx); -} - -extern "C" const char* CryptoNative_X509VerifyCertErrorString(X509VerifyStatusCode n) -{ - return X509_verify_cert_error_string(n); -} - -extern "C" void CryptoNative_X509CrlDestroy(X509_CRL* a) -{ - if (a != nullptr) - { - X509_CRL_free(a); - } -} - -extern "C" int32_t CryptoNative_PemWriteBioX509Crl(BIO* bio, X509_CRL* crl) -{ - return PEM_write_bio_X509_CRL(bio, crl); -} - -extern "C" X509_CRL* CryptoNative_PemReadBioX509Crl(BIO* bio) -{ - return PEM_read_bio_X509_CRL(bio, nullptr, nullptr, nullptr); -} - -extern "C" int32_t CryptoNative_GetX509SubjectPublicKeyInfoDerSize(X509* x509) -{ - if (!x509) - { - return 0; - } - - // X509_get_X509_PUBKEY returns an interior pointer, so should not be freed - return i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x509), nullptr); -} - -extern "C" int32_t CryptoNative_EncodeX509SubjectPublicKeyInfo(X509* x509, uint8_t* buf) -{ - if (!x509) - { - return 0; - } - - // X509_get_X509_PUBKEY returns an interior pointer, so should not be freed - return i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x509), &buf); -} - -extern "C" X509* CryptoNative_X509UpRef(X509* x509) -{ - if (x509 != nullptr) - { - CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509); - } - - return x509; -} diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_x509.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_x509.h index d182de6569..79a03da7d3 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_x509.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_x509.h @@ -3,24 +3,25 @@ // See the LICENSE file in the project root for more information. #include "pal_crypto_types.h" +#include "pal_compiler.h" #include "opensslshim.h" /* These values should be kept in sync with System.Security.Cryptography.X509Certificates.X509RevocationFlag. */ -enum X509RevocationFlag : int32_t +typedef enum { EndCertificateOnly = 0, EntireChain = 1, ExcludeRoot = 2, -}; +} X509RevocationFlag; /* The error codes used when verifying X509 certificate chains. These values should be kept in sync with Interop.Crypto.X509VerifyStatusCode. */ -enum X509VerifyStatusCode : int32_t +typedef enum { PAL_X509_V_OK = 0, PAL_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT = 2, @@ -59,7 +60,7 @@ enum X509VerifyStatusCode : int32_t PAL_X509_V_ERR_INVALID_EXTENSION = 41, PAL_X509_V_ERR_INVALID_POLICY_EXTENSION = 42, PAL_X509_V_ERR_NO_EXPLICIT_POLICY = 43, -}; +} X509VerifyStatusCode; typedef int32_t (*X509StoreVerifyCallback)(int32_t, X509_STORE_CTX*); @@ -69,30 +70,30 @@ GetX509EvpPublicKey Returns a EVP_PKEY* equivalent to the public key of the certificate. */ -extern "C" EVP_PKEY* CryptoNative_GetX509EvpPublicKey(X509* x509); +DLLEXPORT EVP_PKEY* CryptoNative_GetX509EvpPublicKey(X509* x509); /* Shims the d2i_X509_CRL method and makes it easier to invoke from managed code. */ -extern "C" X509_CRL* CryptoNative_DecodeX509Crl(const uint8_t* buf, int32_t len); +DLLEXPORT X509_CRL* CryptoNative_DecodeX509Crl(const uint8_t* buf, int32_t len); /* Shims the d2i_X509 method and makes it easier to invoke from managed code. */ -extern "C" X509* CryptoNative_DecodeX509(const uint8_t* buf, int32_t len); +DLLEXPORT X509* CryptoNative_DecodeX509(const uint8_t* buf, int32_t len); /* Returns the number of bytes it will take to convert the X509 to a DER format. */ -extern "C" int32_t CryptoNative_GetX509DerSize(X509* x); +DLLEXPORT int32_t CryptoNative_GetX509DerSize(X509* x); /* Shims the i2d_X509 method. Returns the number of bytes written to buf. */ -extern "C" int32_t CryptoNative_EncodeX509(X509* x, uint8_t* buf); +DLLEXPORT int32_t CryptoNative_EncodeX509(X509* x, uint8_t* buf); /* Cleans up and deletes an X509 instance. @@ -103,196 +104,196 @@ No-op if a is null. The given X509 pointer is invalid after this call. Always succeeds. */ -extern "C" void CryptoNative_X509Destroy(X509* a); +DLLEXPORT void CryptoNative_X509Destroy(X509* a); /* Shims the X509_dup method. Returns the duplicated X509 instance. */ -extern "C" X509* CryptoNative_X509Duplicate(X509* x509); +DLLEXPORT X509* CryptoNative_X509Duplicate(X509* x509); /* Shims the PEM_read_bio_X509_AUX method. Returns the read X509 instance. */ -extern "C" X509* CryptoNative_PemReadX509FromBio(BIO* bio); +DLLEXPORT X509* CryptoNative_PemReadX509FromBio(BIO* bio); /* Shims the X509_get_serialNumber method. Returns the ASN1_INTEGER for the serial number. */ -extern "C" ASN1_INTEGER* CryptoNative_X509GetSerialNumber(X509* x509); +DLLEXPORT ASN1_INTEGER* CryptoNative_X509GetSerialNumber(X509* x509); /* Shims the X509_get_issuer_name method. Returns the ASN1_INTEGER for the issuer name. */ -extern "C" X509_NAME* CryptoNative_X509GetIssuerName(X509* x509); +DLLEXPORT X509_NAME* CryptoNative_X509GetIssuerName(X509* x509); /* Shims the X509_get_subject_name method. Returns the X509_NAME for the subject name. */ -extern "C" X509_NAME* CryptoNative_X509GetSubjectName(X509* x509); +DLLEXPORT X509_NAME* CryptoNative_X509GetSubjectName(X509* x509); /* Shims the X509_check_purpose method. */ -extern "C" int32_t CryptoNative_X509CheckPurpose(X509* x, int32_t id, int32_t ca); +DLLEXPORT int32_t CryptoNative_X509CheckPurpose(X509* x, int32_t id, int32_t ca); /* Shims the X509_check_issued method. */ -extern "C" int32_t CryptoNative_X509CheckIssued(X509* issuer, X509* subject); +DLLEXPORT int32_t CryptoNative_X509CheckIssued(X509* issuer, X509* subject); /* Shims the X509_issuer_name_hash method. */ -extern "C" uint64_t CryptoNative_X509IssuerNameHash(X509* x); +DLLEXPORT uint64_t CryptoNative_X509IssuerNameHash(X509* x); /* Shims the X509_get_ext_count method. */ -extern "C" int32_t CryptoNative_X509GetExtCount(X509* x); +DLLEXPORT int32_t CryptoNative_X509GetExtCount(X509* x); /* Shims the X509_get_ext method. */ -extern "C" X509_EXTENSION* CryptoNative_X509GetExt(X509* x, int32_t loc); +DLLEXPORT X509_EXTENSION* CryptoNative_X509GetExt(X509* x, int32_t loc); /* Shims the X509_EXTENSION_get_object method. */ -extern "C" ASN1_OBJECT* CryptoNative_X509ExtensionGetOid(X509_EXTENSION* x); +DLLEXPORT ASN1_OBJECT* CryptoNative_X509ExtensionGetOid(X509_EXTENSION* x); /* Shims the X509_EXTENSION_get_data method. */ -extern "C" ASN1_OCTET_STRING* CryptoNative_X509ExtensionGetData(X509_EXTENSION* x); +DLLEXPORT ASN1_OCTET_STRING* CryptoNative_X509ExtensionGetData(X509_EXTENSION* x); /* Shims the X509_EXTENSION_get_critical method. */ -extern "C" int32_t CryptoNative_X509ExtensionGetCritical(X509_EXTENSION* x); +DLLEXPORT int32_t CryptoNative_X509ExtensionGetCritical(X509_EXTENSION* x); /* Shims the X509_STORE_new method. */ -extern "C" X509_STORE* CryptoNative_X509StoreCreate(); +DLLEXPORT X509_STORE* CryptoNative_X509StoreCreate(void); /* Shims the X509_STORE_free method. */ -extern "C" void CryptoNative_X509StoreDestory(X509_STORE* v); +DLLEXPORT void CryptoNative_X509StoreDestory(X509_STORE* v); /* Shims the X509_STORE_add_cert method. */ -extern "C" int32_t CryptoNative_X509StoreAddCert(X509_STORE* ctx, X509* x); +DLLEXPORT int32_t CryptoNative_X509StoreAddCert(X509_STORE* ctx, X509* x); /* Shims the X509_STORE_add_crl method. */ -extern "C" int32_t CryptoNative_X509StoreAddCrl(X509_STORE* ctx, X509_CRL* x); +DLLEXPORT int32_t CryptoNative_X509StoreAddCrl(X509_STORE* ctx, X509_CRL* x); /* Sets the correct flags on the X509_STORE for the specified X509RevocationFlag. Shims the X509_STORE_set_flags method. */ -extern "C" int32_t CryptoNative_X509StoreSetRevocationFlag(X509_STORE* ctx, X509RevocationFlag revocationFlag); +DLLEXPORT int32_t CryptoNative_X509StoreSetRevocationFlag(X509_STORE* ctx, X509RevocationFlag revocationFlag); /* Shims the X509_STORE_CTX_new method. */ -extern "C" X509_STORE_CTX* CryptoNative_X509StoreCtxCreate(); +DLLEXPORT X509_STORE_CTX* CryptoNative_X509StoreCtxCreate(void); /* Shims the X509_STORE_CTX_free method. */ -extern "C" void CryptoNative_X509StoreCtxDestroy(X509_STORE_CTX* v); +DLLEXPORT void CryptoNative_X509StoreCtxDestroy(X509_STORE_CTX* v); /* Shims the X509_STORE_CTX_init method. */ -extern "C" int32_t CryptoNative_X509StoreCtxInit(X509_STORE_CTX* ctx, X509_STORE* store, X509* x509, X509Stack* extraStore); +DLLEXPORT int32_t CryptoNative_X509StoreCtxInit(X509_STORE_CTX* ctx, X509_STORE* store, X509* x509, X509Stack* extraStore); /* Shims the X509_verify_cert method. */ -extern "C" int32_t CryptoNative_X509VerifyCert(X509_STORE_CTX* ctx); +DLLEXPORT int32_t CryptoNative_X509VerifyCert(X509_STORE_CTX* ctx); /* Shims the X509_STORE_CTX_get1_chain method. */ -extern "C" X509Stack* CryptoNative_X509StoreCtxGetChain(X509_STORE_CTX* ctx); +DLLEXPORT X509Stack* CryptoNative_X509StoreCtxGetChain(X509_STORE_CTX* ctx); /* Returns the interior pointer to the "untrusted" certificates collection for this X509_STORE_CTX */ -extern "C" X509Stack* CryptoNative_X509StoreCtxGetSharedUntrusted(X509_STORE_CTX* ctx); +DLLEXPORT X509Stack* CryptoNative_X509StoreCtxGetSharedUntrusted(X509_STORE_CTX* ctx); /* Returns the interior pointer to the target certificate for an X509 certificate chain */ -extern "C" X509* CryptoNative_X509StoreCtxGetTargetCert(X509_STORE_CTX* ctx); +DLLEXPORT X509* CryptoNative_X509StoreCtxGetTargetCert(X509_STORE_CTX* ctx); /* Shims the X509_STORE_CTX_get_error method. */ -extern "C" X509VerifyStatusCode CryptoNative_X509StoreCtxGetError(X509_STORE_CTX* ctx); +DLLEXPORT X509VerifyStatusCode CryptoNative_X509StoreCtxGetError(X509_STORE_CTX* ctx); /* Shims the X509_STORE_CTX_get_error_depth method. */ -extern "C" int32_t CryptoNative_X509StoreCtxGetErrorDepth(X509_STORE_CTX* ctx); +DLLEXPORT int32_t CryptoNative_X509StoreCtxGetErrorDepth(X509_STORE_CTX* ctx); /* Shims the X509_STORE_CTX_set_verify_cb function. */ -extern "C" void CryptoNative_X509StoreCtxSetVerifyCallback(X509_STORE_CTX* ctx, X509StoreVerifyCallback callback); +DLLEXPORT void CryptoNative_X509StoreCtxSetVerifyCallback(X509_STORE_CTX* ctx, X509StoreVerifyCallback callback); /* Shims the X509_verify_cert_error_string method. */ -extern "C" const char* CryptoNative_X509VerifyCertErrorString(X509VerifyStatusCode n); +DLLEXPORT const char* CryptoNative_X509VerifyCertErrorString(X509VerifyStatusCode n); /* Shims the X509_CRL_free method. */ -extern "C" void CryptoNative_X509CrlDestroy(X509_CRL* a); +DLLEXPORT void CryptoNative_X509CrlDestroy(X509_CRL* a); /* Shims the PEM_write_bio_X509_CRL method. Returns the number of bytes written. */ -extern "C" int32_t CryptoNative_PemWriteBioX509Crl(BIO* bio, X509_CRL* crl); +DLLEXPORT int32_t CryptoNative_PemWriteBioX509Crl(BIO* bio, X509_CRL* crl); /* Shims the PEM_read_bio_X509_CRL method. The new X509_CRL instance. */ -extern "C" X509_CRL* CryptoNative_PemReadBioX509Crl(BIO* bio); +DLLEXPORT X509_CRL* CryptoNative_PemReadBioX509Crl(BIO* bio); /* Returns the number of bytes it will take to convert the SubjectPublicKeyInfo portion of the X509 to DER format. */ -extern "C" int32_t CryptoNative_GetX509SubjectPublicKeyInfoDerSize(X509* x); +DLLEXPORT int32_t CryptoNative_GetX509SubjectPublicKeyInfoDerSize(X509* x); /* Shims the i2d_X509_PUBKEY method, providing X509_get_X509_PUBKEY(x) as the input. Returns the number of bytes written to buf. */ -extern "C" int32_t CryptoNative_EncodeX509SubjectPublicKeyInfo(X509* x, uint8_t* buf); +DLLEXPORT int32_t CryptoNative_EncodeX509SubjectPublicKeyInfo(X509* x, uint8_t* buf); /* Increases the reference count of the X509*, thereby increasing the number of calls @@ -302,4 +303,4 @@ Unlike X509Duplicate, this modifies an existing object, so no new memory is allo Returns the input value. */ -extern "C" X509* CryptoNative_X509UpRef(X509* x509); +DLLEXPORT X509* CryptoNative_X509UpRef(X509* x509); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_name.c b/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_name.c new file mode 100644 index 0000000000..ee77a5df03 --- /dev/null +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_name.c @@ -0,0 +1,73 @@ +// Licensed to the .NET Foundation under one or more agreements. +// The .NET Foundation licenses this file to you under the MIT license. +// See the LICENSE file in the project root for more information. + +#include "pal_x509_name.h" + +int32_t CryptoNative_GetX509NameStackFieldCount(X509NameStack* sk) +{ + return sk_X509_NAME_num(sk); +} + +X509_NAME* CryptoNative_GetX509NameStackField(X509NameStack* sk, int32_t loc) +{ + return sk_X509_NAME_value(sk, loc); +} + +X509_NAME* CryptoNative_DecodeX509Name(const uint8_t* buf, int32_t len) +{ + if (!buf || !len) + { + return NULL; + } + + return d2i_X509_NAME(NULL, &buf, len); +} + +void CryptoNative_X509NameDestroy(X509_NAME* a) +{ + if (a != NULL) + { + X509_NAME_free(a); + } +} + +STACK_OF(X509_NAME) * CryptoNative_NewX509NameStack() +{ + return sk_X509_NAME_new_null(); +} + +int32_t CryptoNative_PushX509NameStackField(STACK_OF(X509_NAME) * stack, X509_NAME* x509Name) +{ + if (!stack) + { + return 0; + } + + return sk_X509_NAME_push(stack, x509Name); +} + +void CryptoNative_RecursiveFreeX509NameStack(STACK_OF(X509_NAME) * stack) +{ + sk_X509_NAME_pop_free(stack, X509_NAME_free); +} + +int32_t CryptoNative_GetX509NameEntryCount(X509_NAME* x509Name) +{ + return X509_NAME_entry_count(x509Name); +} + +X509_NAME_ENTRY* CryptoNative_GetX509NameEntry(X509_NAME* x509Name, int32_t loc) +{ + return X509_NAME_get_entry(x509Name, loc); +} + +ASN1_OBJECT* CryptoNative_GetX509NameEntryOid(X509_NAME_ENTRY* nameEntry) +{ + return X509_NAME_ENTRY_get_object(nameEntry); +} + +ASN1_STRING* CryptoNative_GetX509NameEntryData(X509_NAME_ENTRY* nameEntry) +{ + return X509_NAME_ENTRY_get_data(nameEntry); +} diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_name.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_name.cpp deleted file mode 100644 index 2195b74906..0000000000 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_name.cpp +++ /dev/null @@ -1,73 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -#include "pal_x509_name.h" - -extern "C" int32_t CryptoNative_GetX509NameStackFieldCount(X509NameStack* sk) -{ - return sk_X509_NAME_num(sk); -} - -extern "C" X509_NAME* CryptoNative_GetX509NameStackField(X509NameStack* sk, int32_t loc) -{ - return sk_X509_NAME_value(sk, loc); -} - -extern "C" X509_NAME* CryptoNative_DecodeX509Name(const uint8_t* buf, int32_t len) -{ - if (!buf || !len) - { - return nullptr; - } - - return d2i_X509_NAME(nullptr, &buf, len); -} - -extern "C" void CryptoNative_X509NameDestroy(X509_NAME* a) -{ - if (a != nullptr) - { - X509_NAME_free(a); - } -} - -extern "C" STACK_OF(X509_NAME) * CryptoNative_NewX509NameStack() -{ - return sk_X509_NAME_new_null(); -} - -extern "C" int32_t CryptoNative_PushX509NameStackField(STACK_OF(X509_NAME) * stack, X509_NAME* x509Name) -{ - if (!stack) - { - return 0; - } - - return sk_X509_NAME_push(stack, x509Name); -} - -extern "C" void CryptoNative_RecursiveFreeX509NameStack(STACK_OF(X509_NAME) * stack) -{ - sk_X509_NAME_pop_free(stack, X509_NAME_free); -} - -extern "C" int32_t CryptoNative_GetX509NameEntryCount(X509_NAME* x509Name) -{ - return X509_NAME_entry_count(x509Name); -} - -extern "C" X509_NAME_ENTRY* CryptoNative_GetX509NameEntry(X509_NAME* x509Name, int32_t loc) -{ - return X509_NAME_get_entry(x509Name, loc); -} - -extern "C" ASN1_OBJECT* CryptoNative_GetX509NameEntryOid(X509_NAME_ENTRY* nameEntry) -{ - return X509_NAME_ENTRY_get_object(nameEntry); -} - -extern "C" ASN1_STRING* CryptoNative_GetX509NameEntryData(X509_NAME_ENTRY* nameEntry) -{ - return X509_NAME_ENTRY_get_data(nameEntry); -} diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_name.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_name.h index 76a77ccc1f..52231e85fb 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_name.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_name.h @@ -3,6 +3,7 @@ // See the LICENSE file in the project root for more information. #include "pal_crypto_types.h" +#include "pal_compiler.h" #include "opensslshim.h" /* @@ -11,17 +12,17 @@ GetX509NameStackFieldCount Direct shim to sk_X509_NAME_num */ -extern "C" int32_t CryptoNative_GetX509NameStackFieldCount(X509NameStack* sk); +DLLEXPORT int32_t CryptoNative_GetX509NameStackFieldCount(X509NameStack* sk); /* Direct shim to sk_X509_NAME_value */ -extern "C" X509_NAME* CryptoNative_GetX509NameStackField(X509NameStack* sk, int32_t loc); +DLLEXPORT X509_NAME* CryptoNative_GetX509NameStackField(X509NameStack* sk, int32_t loc); /* Shims the d2i_X509_NAME method and makes it easier to invoke from managed code. */ -extern "C" X509_NAME* CryptoNative_DecodeX509Name(const uint8_t* buf, int32_t len); +DLLEXPORT X509_NAME* CryptoNative_DecodeX509Name(const uint8_t* buf, int32_t len); /* Cleans up and deletes an X509_NAME instance. @@ -32,7 +33,7 @@ No-op if a is null. The given X509_NAME pointer is invalid after this call. Always succeeds. */ -extern "C" void CryptoNative_X509NameDestroy(X509_NAME* a); +DLLEXPORT void CryptoNative_X509NameDestroy(X509_NAME* a); /* Function: @@ -40,7 +41,7 @@ NewX509NameStack Direct shim to sk_X509_NAME_new_null */ -extern "C" STACK_OF(X509_NAME) * CryptoNative_NewX509NameStack(); +DLLEXPORT STACK_OF(X509_NAME) * CryptoNative_NewX509NameStack(void); /* Function: @@ -51,7 +52,7 @@ Return values: 1 on success 0 on a NULL stack, or an error within sk_X509_NAME_push */ -extern "C" int32_t CryptoNative_PushX509NameStackField(STACK_OF(X509_NAME) * stack, X509_NAME* x509Name); +DLLEXPORT int32_t CryptoNative_PushX509NameStackField(STACK_OF(X509_NAME) * stack, X509_NAME* x509Name); /* Function: @@ -59,24 +60,24 @@ RecursiveFreeX509NameStack Direct shim to sk_X509_NAME_pop_free */ -extern "C" void CryptoNative_RecursiveFreeX509NameStack(STACK_OF(X509_NAME) * stack); +DLLEXPORT void CryptoNative_RecursiveFreeX509NameStack(STACK_OF(X509_NAME) * stack); /* Direct shim to X509_NAME_entry_count */ -extern "C" int32_t CryptoNative_GetX509NameEntryCount(X509_NAME* x509Name); +DLLEXPORT int32_t CryptoNative_GetX509NameEntryCount(X509_NAME* x509Name); /* Direct shim to X509_NAME_get_entry */ -extern "C" X509_NAME_ENTRY* CryptoNative_GetX509NameEntry(X509_NAME* x509Name, int32_t loc); +DLLEXPORT X509_NAME_ENTRY* CryptoNative_GetX509NameEntry(X509_NAME* x509Name, int32_t loc); /* Direct shim to X509_NAME_ENTRY_get_object */ -extern "C" ASN1_OBJECT* CryptoNative_GetX509NameEntryOid(X509_NAME_ENTRY* nameEntry); +DLLEXPORT ASN1_OBJECT* CryptoNative_GetX509NameEntryOid(X509_NAME_ENTRY* nameEntry); /* Direct shim to X509_NAME_ENTRY_get_data */ -extern "C" ASN1_STRING* CryptoNative_GetX509NameEntryData(X509_NAME_ENTRY* nameEntry); +DLLEXPORT ASN1_STRING* CryptoNative_GetX509NameEntryData(X509_NAME_ENTRY* nameEntry); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_root.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_root.c index 2132a81836..1054caec69 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_root.cpp +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_root.c @@ -6,7 +6,7 @@ #include <assert.h> -extern "C" const char* CryptoNative_GetX509RootStorePath() +const char* CryptoNative_GetX509RootStorePath() { const char* dir = getenv(X509_get_default_cert_dir_env()); @@ -18,7 +18,7 @@ extern "C" const char* CryptoNative_GetX509RootStorePath() return dir; } -extern "C" const char* CryptoNative_GetX509RootStoreFile() +const char* CryptoNative_GetX509RootStoreFile() { const char* file = getenv(X509_get_default_cert_file_env()); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_root.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_root.h index ef7ce5262b..f259a505fa 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_root.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_root.h @@ -2,17 +2,18 @@ // The .NET Foundation licenses this file to you under the MIT license. // See the LICENSE file in the project root for more information. +#include "pal_compiler.h" #include "opensslshim.h" /* Look up the directory in which all certificate files therein are considered trusted (root or trusted intermediate). */ -extern "C" const char* CryptoNative_GetX509RootStorePath(); +DLLEXPORT const char* CryptoNative_GetX509RootStorePath(void); /* Look up the file in which all certificates are considered trusted (root or trusted intermediate), in addition to those files in the root store path. */ -extern "C" const char* CryptoNative_GetX509RootStoreFile(); +DLLEXPORT const char* CryptoNative_GetX509RootStoreFile(void); diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_x509ext.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_x509ext.c index 415602e013..9346952dcd 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_x509ext.cpp +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_x509ext.c @@ -4,28 +4,29 @@ #include "pal_x509ext.h" +#include <stdbool.h> #include <assert.h> -extern "C" X509_EXTENSION* +X509_EXTENSION* CryptoNative_X509ExtensionCreateByObj(ASN1_OBJECT* obj, int32_t isCritical, ASN1_OCTET_STRING* data) { - return X509_EXTENSION_create_by_OBJ(nullptr, obj, isCritical, data); + return X509_EXTENSION_create_by_OBJ(NULL, obj, isCritical, data); } -extern "C" void CryptoNative_X509ExtensionDestroy(X509_EXTENSION* a) +void CryptoNative_X509ExtensionDestroy(X509_EXTENSION* a) { - if (a != nullptr) + if (a != NULL) { X509_EXTENSION_free(a); } } -extern "C" int32_t CryptoNative_X509V3ExtPrint(BIO* out, X509_EXTENSION* ext) +int32_t CryptoNative_X509V3ExtPrint(BIO* out, X509_EXTENSION* ext) { return X509V3_EXT_print(out, ext, X509V3_EXT_DEFAULT, /*indent*/ 0); } -extern "C" int32_t CryptoNative_DecodeX509BasicConstraints2Extension(const uint8_t* encoded, +int32_t CryptoNative_DecodeX509BasicConstraints2Extension(const uint8_t* encoded, int32_t encodedLength, int32_t* certificateAuthority, int32_t* hasPathLengthConstraint, @@ -41,19 +42,19 @@ extern "C" int32_t CryptoNative_DecodeX509BasicConstraints2Extension(const uint8 *pathLengthConstraint = 0; int32_t result = false; - BASIC_CONSTRAINTS* constraints = d2i_BASIC_CONSTRAINTS(nullptr, &encoded, encodedLength); + BASIC_CONSTRAINTS* constraints = d2i_BASIC_CONSTRAINTS(NULL, &encoded, encodedLength); if (constraints) { *certificateAuthority = constraints->ca != 0; - if (constraints->pathlen != nullptr) + if (constraints->pathlen != NULL) { *hasPathLengthConstraint = true; long pathLength = ASN1_INTEGER_get(constraints->pathlen); // pathLengthConstraint needs to be in the Int32 range assert(pathLength <= INT32_MAX); - *pathLengthConstraint = static_cast<int32_t>(pathLength); + *pathLengthConstraint = (int32_t)pathLength; } else { @@ -68,19 +69,19 @@ extern "C" int32_t CryptoNative_DecodeX509BasicConstraints2Extension(const uint8 return result; } -extern "C" EXTENDED_KEY_USAGE* CryptoNative_DecodeExtendedKeyUsage(const uint8_t* buf, int32_t len) +EXTENDED_KEY_USAGE* CryptoNative_DecodeExtendedKeyUsage(const uint8_t* buf, int32_t len) { if (!buf || !len) { - return nullptr; + return NULL; } - return d2i_EXTENDED_KEY_USAGE(nullptr, &buf, len); + return d2i_EXTENDED_KEY_USAGE(NULL, &buf, len); } -extern "C" void CryptoNative_ExtendedKeyUsageDestory(EXTENDED_KEY_USAGE* a) +void CryptoNative_ExtendedKeyUsageDestory(EXTENDED_KEY_USAGE* a) { - if (a != nullptr) + if (a != NULL) { EXTENDED_KEY_USAGE_free(a); } diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_x509ext.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_x509ext.h index c68d96650c..166f84d5c0 100644 --- a/src/Native/Unix/System.Security.Cryptography.Native/pal_x509ext.h +++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_x509ext.h @@ -3,6 +3,7 @@ // See the LICENSE file in the project root for more information. #include "pal_types.h" +#include "pal_compiler.h" #include "opensslshim.h" /* @@ -12,7 +13,7 @@ Implemented by calling X509_EXTENSION_create_by_OBJ Returns new X509_EXTENSION on success, nullptr on failure. */ -extern "C" X509_EXTENSION* +DLLEXPORT X509_EXTENSION* CryptoNative_X509ExtensionCreateByObj(ASN1_OBJECT* obj, int32_t isCritical, ASN1_OCTET_STRING* data); /* @@ -24,14 +25,14 @@ No-op if a is null. The given X509_EXTENSION pointer is invalid after this call. Always succeeds. */ -extern "C" void CryptoNative_X509ExtensionDestroy(X509_EXTENSION* a); +DLLEXPORT void CryptoNative_X509ExtensionDestroy(X509_EXTENSION* a); /* Shims the X509V3_EXT_print method. Returns 1 on success, otherwise 0 if there was an error. */ -extern "C" int32_t CryptoNative_X509V3ExtPrint(BIO* out, X509_EXTENSION* ext); +DLLEXPORT int32_t CryptoNative_X509V3ExtPrint(BIO* out, X509_EXTENSION* ext); /* Decodes the X509 BASIC_CONSTRAINTS information and fills the out variables: @@ -42,7 +43,7 @@ Decodes the X509 BASIC_CONSTRAINTS information and fills the out variables: Returns 1 if the BASIC_CONSTRAINTS information was successfully decoded, otherwise 0. */ -extern "C" int32_t CryptoNative_DecodeX509BasicConstraints2Extension(const uint8_t* encoded, +DLLEXPORT int32_t CryptoNative_DecodeX509BasicConstraints2Extension(const uint8_t* encoded, int32_t encodedLength, int32_t* certificateAuthority, int32_t* hasPathLengthConstraint, @@ -51,7 +52,7 @@ extern "C" int32_t CryptoNative_DecodeX509BasicConstraints2Extension(const uint8 /* Shims the d2i_EXTENDED_KEY_USAGE method and makes it easier to invoke from managed code. */ -extern "C" EXTENDED_KEY_USAGE* CryptoNative_DecodeExtendedKeyUsage(const uint8_t* buf, int32_t len); +DLLEXPORT EXTENDED_KEY_USAGE* CryptoNative_DecodeExtendedKeyUsage(const uint8_t* buf, int32_t len); /* Cleans up and deletes an EXTENDED_KEY_USAGE instance. @@ -62,4 +63,4 @@ No-op if a is null. The given EXTENDED_KEY_USAGE pointer is invalid after this call. Always succeeds. */ -extern "C" void CryptoNative_ExtendedKeyUsageDestory(EXTENDED_KEY_USAGE* a); +DLLEXPORT void CryptoNative_ExtendedKeyUsageDestory(EXTENDED_KEY_USAGE* a); |