diff options
| author | orivej <orivej@yandex-team.ru> | 2022-02-10 16:45:01 +0300 |
|---|---|---|
| committer | Daniil Cherednik <dcherednik@yandex-team.ru> | 2022-02-10 16:45:01 +0300 |
| commit | 2d37894b1b037cf24231090eda8589bbb44fb6fc (patch) | |
| tree | be835aa92c6248212e705f25388ebafcf84bc7a1 /contrib/restricted/aws/aws-c-cal/include | |
| parent | 718c552901d703c502ccbefdfc3c9028d608b947 (diff) | |
| download | ydb-2d37894b1b037cf24231090eda8589bbb44fb6fc.tar.gz | |
Restoring authorship annotation for <orivej@yandex-team.ru>. Commit 2 of 2.
Diffstat (limited to 'contrib/restricted/aws/aws-c-cal/include')
8 files changed, 720 insertions, 720 deletions
diff --git a/contrib/restricted/aws/aws-c-cal/include/aws/cal/cal.h b/contrib/restricted/aws/aws-c-cal/include/aws/cal/cal.h index f266f18c4c..8c6986842b 100644 --- a/contrib/restricted/aws/aws-c-cal/include/aws/cal/cal.h +++ b/contrib/restricted/aws/aws-c-cal/include/aws/cal/cal.h @@ -1,35 +1,35 @@ -#ifndef AWS_CAL_CAL_H -#define AWS_CAL_CAL_H -/** - * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. - * SPDX-License-Identifier: Apache-2.0. - */ - -#include <aws/common/common.h> - -#include <aws/cal/exports.h> - -struct aws_allocator; - -#define AWS_C_CAL_PACKAGE_ID 7 - -enum aws_cal_errors { - AWS_ERROR_CAL_SIGNATURE_VALIDATION_FAILED = AWS_ERROR_ENUM_BEGIN_RANGE(AWS_C_CAL_PACKAGE_ID), - AWS_ERROR_CAL_MISSING_REQUIRED_KEY_COMPONENT, - AWS_ERROR_CAL_INVALID_KEY_LENGTH_FOR_ALGORITHM, - AWS_ERROR_CAL_UNKNOWN_OBJECT_IDENTIFIER, - AWS_ERROR_CAL_MALFORMED_ASN1_ENCOUNTERED, - AWS_ERROR_CAL_MISMATCHED_DER_TYPE, - AWS_ERROR_CAL_UNSUPPORTED_ALGORITHM, - - AWS_ERROR_CAL_END_RANGE = AWS_ERROR_ENUM_END_RANGE(AWS_C_CAL_PACKAGE_ID) -}; - -AWS_EXTERN_C_BEGIN - -AWS_CAL_API void aws_cal_library_init(struct aws_allocator *allocator); -AWS_CAL_API void aws_cal_library_clean_up(void); - -AWS_EXTERN_C_END - -#endif /* AWS_CAL_CAL_H */ +#ifndef AWS_CAL_CAL_H +#define AWS_CAL_CAL_H +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ + +#include <aws/common/common.h> + +#include <aws/cal/exports.h> + +struct aws_allocator; + +#define AWS_C_CAL_PACKAGE_ID 7 + +enum aws_cal_errors { + AWS_ERROR_CAL_SIGNATURE_VALIDATION_FAILED = AWS_ERROR_ENUM_BEGIN_RANGE(AWS_C_CAL_PACKAGE_ID), + AWS_ERROR_CAL_MISSING_REQUIRED_KEY_COMPONENT, + AWS_ERROR_CAL_INVALID_KEY_LENGTH_FOR_ALGORITHM, + AWS_ERROR_CAL_UNKNOWN_OBJECT_IDENTIFIER, + AWS_ERROR_CAL_MALFORMED_ASN1_ENCOUNTERED, + AWS_ERROR_CAL_MISMATCHED_DER_TYPE, + AWS_ERROR_CAL_UNSUPPORTED_ALGORITHM, + + AWS_ERROR_CAL_END_RANGE = AWS_ERROR_ENUM_END_RANGE(AWS_C_CAL_PACKAGE_ID) +}; + +AWS_EXTERN_C_BEGIN + +AWS_CAL_API void aws_cal_library_init(struct aws_allocator *allocator); +AWS_CAL_API void aws_cal_library_clean_up(void); + +AWS_EXTERN_C_END + +#endif /* AWS_CAL_CAL_H */ diff --git a/contrib/restricted/aws/aws-c-cal/include/aws/cal/ecc.h b/contrib/restricted/aws/aws-c-cal/include/aws/cal/ecc.h index 36e5f90b09..660c26d79b 100644 --- a/contrib/restricted/aws/aws-c-cal/include/aws/cal/ecc.h +++ b/contrib/restricted/aws/aws-c-cal/include/aws/cal/ecc.h @@ -1,177 +1,177 @@ -#ifndef AWS_CAL_ECC_H -#define AWS_CAL_ECC_H -/** - * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. - * SPDX-License-Identifier: Apache-2.0. - */ -#include <aws/cal/exports.h> - -#include <aws/common/atomics.h> -#include <aws/common/byte_buf.h> -#include <aws/common/common.h> - -enum aws_ecc_curve_name { - AWS_CAL_ECDSA_P256, - AWS_CAL_ECDSA_P384, -}; - -struct aws_ecc_key_pair; - -typedef void aws_ecc_key_pair_destroy_fn(struct aws_ecc_key_pair *key_pair); -typedef int aws_ecc_key_pair_sign_message_fn( - const struct aws_ecc_key_pair *key_pair, - const struct aws_byte_cursor *message, - struct aws_byte_buf *signature_output); -typedef int aws_ecc_key_pair_derive_public_key_fn(struct aws_ecc_key_pair *key_pair); -typedef int aws_ecc_key_pair_verify_signature_fn( - const struct aws_ecc_key_pair *signer, - const struct aws_byte_cursor *message, - const struct aws_byte_cursor *signature); -typedef size_t aws_ecc_key_pair_signature_length_fn(const struct aws_ecc_key_pair *signer); - -struct aws_ecc_key_pair_vtable { - aws_ecc_key_pair_destroy_fn *destroy; - aws_ecc_key_pair_derive_public_key_fn *derive_pub_key; - aws_ecc_key_pair_sign_message_fn *sign_message; - aws_ecc_key_pair_verify_signature_fn *verify_signature; - aws_ecc_key_pair_signature_length_fn *signature_length; -}; - -struct aws_ecc_key_pair { - struct aws_allocator *allocator; - struct aws_atomic_var ref_count; - enum aws_ecc_curve_name curve_name; - struct aws_byte_buf key_buf; - struct aws_byte_buf pub_x; - struct aws_byte_buf pub_y; - struct aws_byte_buf priv_d; - struct aws_ecc_key_pair_vtable *vtable; - void *impl; -}; - -AWS_EXTERN_C_BEGIN - -/** - * Adds one to an ecc key pair's ref count. - */ -AWS_CAL_API void aws_ecc_key_pair_acquire(struct aws_ecc_key_pair *key_pair); - -/** - * Subtracts one from an ecc key pair's ref count. If ref count reaches zero, the key pair is destroyed. - */ -AWS_CAL_API void aws_ecc_key_pair_release(struct aws_ecc_key_pair *key_pair); - -/** - * Creates a Eliptic Curve private key that can be used for signing. - * Returns a new instance of aws_ecc_key_pair if the key was successfully built. - * Otherwise returns NULL. Note: priv_key::len must match the appropriate length - * for the selected curve_name. - */ -AWS_CAL_API struct aws_ecc_key_pair *aws_ecc_key_pair_new_from_private_key( - struct aws_allocator *allocator, - enum aws_ecc_curve_name curve_name, - const struct aws_byte_cursor *priv_key); - -#if !defined(AWS_OS_IOS) -/** - * Creates a Eliptic Curve public/private key pair that can be used for signing and verifying. - * Returns a new instance of aws_ecc_key_pair if the key was successfully built. - * Otherwise returns NULL. - */ -AWS_CAL_API struct aws_ecc_key_pair *aws_ecc_key_pair_new_generate_random( - struct aws_allocator *allocator, - enum aws_ecc_curve_name curve_name); -#endif /* !AWS_OS_IOS */ - -/** - * Creates a Eliptic Curve public key that can be used for verifying. - * Returns a new instance of aws_ecc_key_pair if the key was successfully built. - * Otherwise returns NULL. Note: public_key_x::len and public_key_y::len must - * match the appropriate length for the selected curve_name. - */ -AWS_CAL_API struct aws_ecc_key_pair *aws_ecc_key_pair_new_from_public_key( - struct aws_allocator *allocator, - enum aws_ecc_curve_name curve_name, - const struct aws_byte_cursor *public_key_x, - const struct aws_byte_cursor *public_key_y); - -/** - * Creates a Eliptic Curve public/private key pair from a DER encoded key pair. - * Returns a new instance of aws_ecc_key_pair if the key was successfully built. - * Otherwise returns NULL. Whether or not signing or verification can be perform depends - * on if encoded_keys is a public/private pair or a public key. - */ -AWS_CAL_API struct aws_ecc_key_pair *aws_ecc_key_pair_new_from_asn1( - struct aws_allocator *allocator, - const struct aws_byte_cursor *encoded_keys); - -/** - * Creates an Elliptic curve public key from x and y coordinates encoded as hex strings - * Returns a new instance of aws_ecc_key_pair if the key was successfully built. - * Otherwise returns NULL. - */ -AWS_CAL_API struct aws_ecc_key_pair *aws_ecc_key_new_from_hex_coordinates( - struct aws_allocator *allocator, - enum aws_ecc_curve_name curve_name, - struct aws_byte_cursor pub_x_hex_cursor, - struct aws_byte_cursor pub_y_hex_cursor); - -/** - * Derives a public key from the private key if supported by this operating system (not supported on OSX). - * key_pair::pub_x and key_pair::pub_y will be set with the raw key buffers. - */ -AWS_CAL_API int aws_ecc_key_pair_derive_public_key(struct aws_ecc_key_pair *key_pair); - -/** - * Get the curve name from the oid. OID here is the payload of the DER encoded ASN.1 part (doesn't include - * type specifier or length. On success, the value of curve_name will be set. - */ -AWS_CAL_API int aws_ecc_curve_name_from_oid(struct aws_byte_cursor *oid, enum aws_ecc_curve_name *curve_name); - -/** - * Get the DER encoded OID from the curve_name. The OID in this case will not contain the type or the length specifier. - */ -AWS_CAL_API int aws_ecc_oid_from_curve_name(enum aws_ecc_curve_name curve_name, struct aws_byte_cursor *oid); - -/** - * Uses the key_pair's private key to sign message. The output will be in signature. Signature must be large enough - * to hold the signature. Check aws_ecc_key_pair_signature_length() for the appropriate size. Signature will be DER - * encoded. - * - * It is the callers job to make sure message is the appropriate cryptographic digest for this operation. It's usually - * something like a SHA256. - */ -AWS_CAL_API int aws_ecc_key_pair_sign_message( - const struct aws_ecc_key_pair *key_pair, - const struct aws_byte_cursor *message, - struct aws_byte_buf *signature); - -/** - * Uses the key_pair's public key to verify signature of message. Signature should be DER - * encoded. - * - * It is the callers job to make sure message is the appropriate cryptographic digest for this operation. It's usually - * something like a SHA256. - * - * returns AWS_OP_SUCCESS if the signature is valid. - */ -AWS_CAL_API int aws_ecc_key_pair_verify_signature( - const struct aws_ecc_key_pair *key_pair, - const struct aws_byte_cursor *message, - const struct aws_byte_cursor *signature); -AWS_CAL_API size_t aws_ecc_key_pair_signature_length(const struct aws_ecc_key_pair *key_pair); - -AWS_CAL_API void aws_ecc_key_pair_get_public_key( - const struct aws_ecc_key_pair *key_pair, - struct aws_byte_cursor *pub_x, - struct aws_byte_cursor *pub_y); - -AWS_CAL_API void aws_ecc_key_pair_get_private_key( - const struct aws_ecc_key_pair *key_pair, - struct aws_byte_cursor *private_d); - -AWS_CAL_API size_t aws_ecc_key_coordinate_byte_size_from_curve_name(enum aws_ecc_curve_name curve_name); - -AWS_EXTERN_C_END - -#endif /* AWS_CAL_ECC_H */ +#ifndef AWS_CAL_ECC_H +#define AWS_CAL_ECC_H +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ +#include <aws/cal/exports.h> + +#include <aws/common/atomics.h> +#include <aws/common/byte_buf.h> +#include <aws/common/common.h> + +enum aws_ecc_curve_name { + AWS_CAL_ECDSA_P256, + AWS_CAL_ECDSA_P384, +}; + +struct aws_ecc_key_pair; + +typedef void aws_ecc_key_pair_destroy_fn(struct aws_ecc_key_pair *key_pair); +typedef int aws_ecc_key_pair_sign_message_fn( + const struct aws_ecc_key_pair *key_pair, + const struct aws_byte_cursor *message, + struct aws_byte_buf *signature_output); +typedef int aws_ecc_key_pair_derive_public_key_fn(struct aws_ecc_key_pair *key_pair); +typedef int aws_ecc_key_pair_verify_signature_fn( + const struct aws_ecc_key_pair *signer, + const struct aws_byte_cursor *message, + const struct aws_byte_cursor *signature); +typedef size_t aws_ecc_key_pair_signature_length_fn(const struct aws_ecc_key_pair *signer); + +struct aws_ecc_key_pair_vtable { + aws_ecc_key_pair_destroy_fn *destroy; + aws_ecc_key_pair_derive_public_key_fn *derive_pub_key; + aws_ecc_key_pair_sign_message_fn *sign_message; + aws_ecc_key_pair_verify_signature_fn *verify_signature; + aws_ecc_key_pair_signature_length_fn *signature_length; +}; + +struct aws_ecc_key_pair { + struct aws_allocator *allocator; + struct aws_atomic_var ref_count; + enum aws_ecc_curve_name curve_name; + struct aws_byte_buf key_buf; + struct aws_byte_buf pub_x; + struct aws_byte_buf pub_y; + struct aws_byte_buf priv_d; + struct aws_ecc_key_pair_vtable *vtable; + void *impl; +}; + +AWS_EXTERN_C_BEGIN + +/** + * Adds one to an ecc key pair's ref count. + */ +AWS_CAL_API void aws_ecc_key_pair_acquire(struct aws_ecc_key_pair *key_pair); + +/** + * Subtracts one from an ecc key pair's ref count. If ref count reaches zero, the key pair is destroyed. + */ +AWS_CAL_API void aws_ecc_key_pair_release(struct aws_ecc_key_pair *key_pair); + +/** + * Creates a Eliptic Curve private key that can be used for signing. + * Returns a new instance of aws_ecc_key_pair if the key was successfully built. + * Otherwise returns NULL. Note: priv_key::len must match the appropriate length + * for the selected curve_name. + */ +AWS_CAL_API struct aws_ecc_key_pair *aws_ecc_key_pair_new_from_private_key( + struct aws_allocator *allocator, + enum aws_ecc_curve_name curve_name, + const struct aws_byte_cursor *priv_key); + +#if !defined(AWS_OS_IOS) +/** + * Creates a Eliptic Curve public/private key pair that can be used for signing and verifying. + * Returns a new instance of aws_ecc_key_pair if the key was successfully built. + * Otherwise returns NULL. + */ +AWS_CAL_API struct aws_ecc_key_pair *aws_ecc_key_pair_new_generate_random( + struct aws_allocator *allocator, + enum aws_ecc_curve_name curve_name); +#endif /* !AWS_OS_IOS */ + +/** + * Creates a Eliptic Curve public key that can be used for verifying. + * Returns a new instance of aws_ecc_key_pair if the key was successfully built. + * Otherwise returns NULL. Note: public_key_x::len and public_key_y::len must + * match the appropriate length for the selected curve_name. + */ +AWS_CAL_API struct aws_ecc_key_pair *aws_ecc_key_pair_new_from_public_key( + struct aws_allocator *allocator, + enum aws_ecc_curve_name curve_name, + const struct aws_byte_cursor *public_key_x, + const struct aws_byte_cursor *public_key_y); + +/** + * Creates a Eliptic Curve public/private key pair from a DER encoded key pair. + * Returns a new instance of aws_ecc_key_pair if the key was successfully built. + * Otherwise returns NULL. Whether or not signing or verification can be perform depends + * on if encoded_keys is a public/private pair or a public key. + */ +AWS_CAL_API struct aws_ecc_key_pair *aws_ecc_key_pair_new_from_asn1( + struct aws_allocator *allocator, + const struct aws_byte_cursor *encoded_keys); + +/** + * Creates an Elliptic curve public key from x and y coordinates encoded as hex strings + * Returns a new instance of aws_ecc_key_pair if the key was successfully built. + * Otherwise returns NULL. + */ +AWS_CAL_API struct aws_ecc_key_pair *aws_ecc_key_new_from_hex_coordinates( + struct aws_allocator *allocator, + enum aws_ecc_curve_name curve_name, + struct aws_byte_cursor pub_x_hex_cursor, + struct aws_byte_cursor pub_y_hex_cursor); + +/** + * Derives a public key from the private key if supported by this operating system (not supported on OSX). + * key_pair::pub_x and key_pair::pub_y will be set with the raw key buffers. + */ +AWS_CAL_API int aws_ecc_key_pair_derive_public_key(struct aws_ecc_key_pair *key_pair); + +/** + * Get the curve name from the oid. OID here is the payload of the DER encoded ASN.1 part (doesn't include + * type specifier or length. On success, the value of curve_name will be set. + */ +AWS_CAL_API int aws_ecc_curve_name_from_oid(struct aws_byte_cursor *oid, enum aws_ecc_curve_name *curve_name); + +/** + * Get the DER encoded OID from the curve_name. The OID in this case will not contain the type or the length specifier. + */ +AWS_CAL_API int aws_ecc_oid_from_curve_name(enum aws_ecc_curve_name curve_name, struct aws_byte_cursor *oid); + +/** + * Uses the key_pair's private key to sign message. The output will be in signature. Signature must be large enough + * to hold the signature. Check aws_ecc_key_pair_signature_length() for the appropriate size. Signature will be DER + * encoded. + * + * It is the callers job to make sure message is the appropriate cryptographic digest for this operation. It's usually + * something like a SHA256. + */ +AWS_CAL_API int aws_ecc_key_pair_sign_message( + const struct aws_ecc_key_pair *key_pair, + const struct aws_byte_cursor *message, + struct aws_byte_buf *signature); + +/** + * Uses the key_pair's public key to verify signature of message. Signature should be DER + * encoded. + * + * It is the callers job to make sure message is the appropriate cryptographic digest for this operation. It's usually + * something like a SHA256. + * + * returns AWS_OP_SUCCESS if the signature is valid. + */ +AWS_CAL_API int aws_ecc_key_pair_verify_signature( + const struct aws_ecc_key_pair *key_pair, + const struct aws_byte_cursor *message, + const struct aws_byte_cursor *signature); +AWS_CAL_API size_t aws_ecc_key_pair_signature_length(const struct aws_ecc_key_pair *key_pair); + +AWS_CAL_API void aws_ecc_key_pair_get_public_key( + const struct aws_ecc_key_pair *key_pair, + struct aws_byte_cursor *pub_x, + struct aws_byte_cursor *pub_y); + +AWS_CAL_API void aws_ecc_key_pair_get_private_key( + const struct aws_ecc_key_pair *key_pair, + struct aws_byte_cursor *private_d); + +AWS_CAL_API size_t aws_ecc_key_coordinate_byte_size_from_curve_name(enum aws_ecc_curve_name curve_name); + +AWS_EXTERN_C_END + +#endif /* AWS_CAL_ECC_H */ diff --git a/contrib/restricted/aws/aws-c-cal/include/aws/cal/exports.h b/contrib/restricted/aws/aws-c-cal/include/aws/cal/exports.h index c73f19974c..d6ab9734b7 100644 --- a/contrib/restricted/aws/aws-c-cal/include/aws/cal/exports.h +++ b/contrib/restricted/aws/aws-c-cal/include/aws/cal/exports.h @@ -1,28 +1,28 @@ -#ifndef AWS_CAL_EXPORTS_H -#define AWS_CAL_EXPORTS_H -/** - * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. - * SPDX-License-Identifier: Apache-2.0. - */ -#if defined(AWS_C_RT_USE_WINDOWS_DLL_SEMANTICS) || defined(WIN32) -# ifdef AWS_CAL_USE_IMPORT_EXPORT -# ifdef AWS_CAL_EXPORTS -# define AWS_CAL_API __declspec(dllexport) -# else -# define AWS_CAL_API __declspec(dllimport) -# endif /* AWS_CAL_EXPORTS */ -# else -# define AWS_CAL_API -# endif /* AWS_CAL_USE_IMPORT_EXPORT */ - -#else /* defined (AWS_C_RT_USE_WINDOWS_DLL_SEMANTICS) || defined (WIN32) */ - -# if ((__GNUC__ >= 4) || defined(__clang__)) && defined(AWS_CAL_USE_IMPORT_EXPORT) && defined(AWS_CAL_EXPORTS) -# define AWS_CAL_API __attribute__((visibility("default"))) -# else -# define AWS_CAL_API -# endif /* __GNUC__ >= 4 || defined(__clang__) */ - -#endif /* defined (AWS_C_RT_USE_WINDOWS_DLL_SEMANTICS) || defined (WIN32) */ - -#endif /* AWS_CAL_EXPORTS_H */ +#ifndef AWS_CAL_EXPORTS_H +#define AWS_CAL_EXPORTS_H +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ +#if defined(AWS_C_RT_USE_WINDOWS_DLL_SEMANTICS) || defined(WIN32) +# ifdef AWS_CAL_USE_IMPORT_EXPORT +# ifdef AWS_CAL_EXPORTS +# define AWS_CAL_API __declspec(dllexport) +# else +# define AWS_CAL_API __declspec(dllimport) +# endif /* AWS_CAL_EXPORTS */ +# else +# define AWS_CAL_API +# endif /* AWS_CAL_USE_IMPORT_EXPORT */ + +#else /* defined (AWS_C_RT_USE_WINDOWS_DLL_SEMANTICS) || defined (WIN32) */ + +# if ((__GNUC__ >= 4) || defined(__clang__)) && defined(AWS_CAL_USE_IMPORT_EXPORT) && defined(AWS_CAL_EXPORTS) +# define AWS_CAL_API __attribute__((visibility("default"))) +# else +# define AWS_CAL_API +# endif /* __GNUC__ >= 4 || defined(__clang__) */ + +#endif /* defined (AWS_C_RT_USE_WINDOWS_DLL_SEMANTICS) || defined (WIN32) */ + +#endif /* AWS_CAL_EXPORTS_H */ diff --git a/contrib/restricted/aws/aws-c-cal/include/aws/cal/hash.h b/contrib/restricted/aws/aws-c-cal/include/aws/cal/hash.h index 865a12f756..ebf70e39e4 100644 --- a/contrib/restricted/aws/aws-c-cal/include/aws/cal/hash.h +++ b/contrib/restricted/aws/aws-c-cal/include/aws/cal/hash.h @@ -1,107 +1,107 @@ -#ifndef AWS_CAL_HASH_H_ -#define AWS_CAL_HASH_H_ -/** - * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. - * SPDX-License-Identifier: Apache-2.0. - */ -#include <aws/cal/exports.h> - -#include <aws/common/byte_buf.h> -#include <aws/common/common.h> - -#define AWS_SHA256_LEN 32 -#define AWS_MD5_LEN 16 - -struct aws_hash; - -struct aws_hash_vtable { - const char *alg_name; - const char *provider; - void (*destroy)(struct aws_hash *hash); - int (*update)(struct aws_hash *hash, const struct aws_byte_cursor *buf); - int (*finalize)(struct aws_hash *hash, struct aws_byte_buf *out); -}; - -struct aws_hash { - struct aws_allocator *allocator; - struct aws_hash_vtable *vtable; - size_t digest_size; - bool good; - void *impl; -}; - -typedef struct aws_hash *(aws_hash_new_fn)(struct aws_allocator *allocator); - -AWS_EXTERN_C_BEGIN -/** - * Allocates and initializes a sha256 hash instance. - */ -AWS_CAL_API struct aws_hash *aws_sha256_new(struct aws_allocator *allocator); -/** - * Allocates and initializes an md5 hash instance. - */ -AWS_CAL_API struct aws_hash *aws_md5_new(struct aws_allocator *allocator); -/** - * Cleans up and deallocates hash. - */ -AWS_CAL_API void aws_hash_destroy(struct aws_hash *hash); -/** - * Updates the running hash with to_hash. this can be called multiple times. - */ -AWS_CAL_API int aws_hash_update(struct aws_hash *hash, const struct aws_byte_cursor *to_hash); -/** - * Completes the hash computation and writes the final digest to output. - * Allocation of output is the caller's responsibility. If you specify - * truncate_to to something other than 0, the output will be truncated to that - * number of bytes. For example if you want a SHA256 digest as the first 16 - * bytes, set truncate_to to 16. If you want the full digest size, just set this - * to 0. - */ -AWS_CAL_API int aws_hash_finalize(struct aws_hash *hash, struct aws_byte_buf *output, size_t truncate_to); - -/** - * Computes the md5 hash over input and writes the digest output to 'output'. - * Use this if you don't need to stream the data you're hashing and you can load - * the entire input to hash into memory. - */ -AWS_CAL_API int aws_md5_compute( - struct aws_allocator *allocator, - const struct aws_byte_cursor *input, - struct aws_byte_buf *output, - size_t truncate_to); - -/** - * Computes the sha256 hash over input and writes the digest output to 'output'. - * Use this if you don't need to stream the data you're hashing and you can load - * the entire input to hash into memory. If you specify truncate_to to something - * other than 0, the output will be truncated to that number of bytes. For - * example if you want a SHA256 digest as the first 16 bytes, set truncate_to - * to 16. If you want the full digest size, just set this to 0. - */ -AWS_CAL_API int aws_sha256_compute( - struct aws_allocator *allocator, - const struct aws_byte_cursor *input, - struct aws_byte_buf *output, - size_t truncate_to); - -/** - * Set the implementation of md5 to use. If you compiled without AWS_BYO_CRYPTO, - * you do not need to call this. However, if use this, we will honor it, - * regardless of compile options. This may be useful for testing purposes. If - * you did set AWS_BYO_CRYPTO, and you do not call this function you will - * segfault. - */ -AWS_CAL_API void aws_set_md5_new_fn(aws_hash_new_fn *fn); - -/** - * Set the implementation of sha256 to use. If you compiled without - * AWS_BYO_CRYPTO, you do not need to call this. However, if use this, we will - * honor it, regardless of compile options. This may be useful for testing - * purposes. If you did set AWS_BYO_CRYPTO, and you do not call this function - * you will segfault. - */ -AWS_CAL_API void aws_set_sha256_new_fn(aws_hash_new_fn *fn); - -AWS_EXTERN_C_END - -#endif /* AWS_CAL_HASH_H_ */ +#ifndef AWS_CAL_HASH_H_ +#define AWS_CAL_HASH_H_ +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ +#include <aws/cal/exports.h> + +#include <aws/common/byte_buf.h> +#include <aws/common/common.h> + +#define AWS_SHA256_LEN 32 +#define AWS_MD5_LEN 16 + +struct aws_hash; + +struct aws_hash_vtable { + const char *alg_name; + const char *provider; + void (*destroy)(struct aws_hash *hash); + int (*update)(struct aws_hash *hash, const struct aws_byte_cursor *buf); + int (*finalize)(struct aws_hash *hash, struct aws_byte_buf *out); +}; + +struct aws_hash { + struct aws_allocator *allocator; + struct aws_hash_vtable *vtable; + size_t digest_size; + bool good; + void *impl; +}; + +typedef struct aws_hash *(aws_hash_new_fn)(struct aws_allocator *allocator); + +AWS_EXTERN_C_BEGIN +/** + * Allocates and initializes a sha256 hash instance. + */ +AWS_CAL_API struct aws_hash *aws_sha256_new(struct aws_allocator *allocator); +/** + * Allocates and initializes an md5 hash instance. + */ +AWS_CAL_API struct aws_hash *aws_md5_new(struct aws_allocator *allocator); +/** + * Cleans up and deallocates hash. + */ +AWS_CAL_API void aws_hash_destroy(struct aws_hash *hash); +/** + * Updates the running hash with to_hash. this can be called multiple times. + */ +AWS_CAL_API int aws_hash_update(struct aws_hash *hash, const struct aws_byte_cursor *to_hash); +/** + * Completes the hash computation and writes the final digest to output. + * Allocation of output is the caller's responsibility. If you specify + * truncate_to to something other than 0, the output will be truncated to that + * number of bytes. For example if you want a SHA256 digest as the first 16 + * bytes, set truncate_to to 16. If you want the full digest size, just set this + * to 0. + */ +AWS_CAL_API int aws_hash_finalize(struct aws_hash *hash, struct aws_byte_buf *output, size_t truncate_to); + +/** + * Computes the md5 hash over input and writes the digest output to 'output'. + * Use this if you don't need to stream the data you're hashing and you can load + * the entire input to hash into memory. + */ +AWS_CAL_API int aws_md5_compute( + struct aws_allocator *allocator, + const struct aws_byte_cursor *input, + struct aws_byte_buf *output, + size_t truncate_to); + +/** + * Computes the sha256 hash over input and writes the digest output to 'output'. + * Use this if you don't need to stream the data you're hashing and you can load + * the entire input to hash into memory. If you specify truncate_to to something + * other than 0, the output will be truncated to that number of bytes. For + * example if you want a SHA256 digest as the first 16 bytes, set truncate_to + * to 16. If you want the full digest size, just set this to 0. + */ +AWS_CAL_API int aws_sha256_compute( + struct aws_allocator *allocator, + const struct aws_byte_cursor *input, + struct aws_byte_buf *output, + size_t truncate_to); + +/** + * Set the implementation of md5 to use. If you compiled without AWS_BYO_CRYPTO, + * you do not need to call this. However, if use this, we will honor it, + * regardless of compile options. This may be useful for testing purposes. If + * you did set AWS_BYO_CRYPTO, and you do not call this function you will + * segfault. + */ +AWS_CAL_API void aws_set_md5_new_fn(aws_hash_new_fn *fn); + +/** + * Set the implementation of sha256 to use. If you compiled without + * AWS_BYO_CRYPTO, you do not need to call this. However, if use this, we will + * honor it, regardless of compile options. This may be useful for testing + * purposes. If you did set AWS_BYO_CRYPTO, and you do not call this function + * you will segfault. + */ +AWS_CAL_API void aws_set_sha256_new_fn(aws_hash_new_fn *fn); + +AWS_EXTERN_C_END + +#endif /* AWS_CAL_HASH_H_ */ diff --git a/contrib/restricted/aws/aws-c-cal/include/aws/cal/hmac.h b/contrib/restricted/aws/aws-c-cal/include/aws/cal/hmac.h index 37ce7cdc22..42183887d6 100644 --- a/contrib/restricted/aws/aws-c-cal/include/aws/cal/hmac.h +++ b/contrib/restricted/aws/aws-c-cal/include/aws/cal/hmac.h @@ -1,84 +1,84 @@ -#ifndef AWS_CAL_HMAC_H_ -#define AWS_CAL_HMAC_H_ -/** - * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. - * SPDX-License-Identifier: Apache-2.0. - */ -#include <aws/cal/exports.h> - -#include <aws/common/byte_buf.h> -#include <aws/common/common.h> - -#define AWS_SHA256_HMAC_LEN 32 - -struct aws_hmac; - -struct aws_hmac_vtable { - const char *alg_name; - const char *provider; - void (*destroy)(struct aws_hmac *hmac); - int (*update)(struct aws_hmac *hmac, const struct aws_byte_cursor *buf); - int (*finalize)(struct aws_hmac *hmac, struct aws_byte_buf *out); -}; - -struct aws_hmac { - struct aws_allocator *allocator; - struct aws_hmac_vtable *vtable; - size_t digest_size; - bool good; - void *impl; -}; - -typedef struct aws_hmac *(aws_hmac_new_fn)(struct aws_allocator *allocator, const struct aws_byte_cursor *secret); - -AWS_EXTERN_C_BEGIN -/** - * Allocates and initializes a sha256 hmac instance. Secret is the key to be - * used for the hmac process. - */ -AWS_CAL_API struct aws_hmac *aws_sha256_hmac_new(struct aws_allocator *allocator, const struct aws_byte_cursor *secret); - -/** - * Cleans up and deallocates hmac. - */ -AWS_CAL_API void aws_hmac_destroy(struct aws_hmac *hmac); - -/** - * Updates the running hmac with to_hash. this can be called multiple times. - */ -AWS_CAL_API int aws_hmac_update(struct aws_hmac *hmac, const struct aws_byte_cursor *to_hmac); -/** - * Completes the hmac computation and writes the final digest to output. - * Allocation of output is the caller's responsibility. If you specify - * truncate_to to something other than 0, the output will be truncated to that - * number of bytes. For example if you want a SHA256 digest as the first 16 - * bytes, set truncate_to to 16. If you want the full digest size, just set this - * to 0. - */ -AWS_CAL_API int aws_hmac_finalize(struct aws_hmac *hmac, struct aws_byte_buf *output, size_t truncate_to); -/** - * Computes the sha256 hmac over input and writes the digest output to 'output'. - * Use this if you don't need to stream the data you're hashing and you can load - * the entire input to hash into memory. If you specify truncate_to to something - * other than 0, the output will be truncated to that number of bytes. For - * example if you want a SHA256 HMAC digest as the first 16 bytes, set - * truncate_to to 16. If you want the full digest size, just set this to 0. - */ -AWS_CAL_API int aws_sha256_hmac_compute( - struct aws_allocator *allocator, - const struct aws_byte_cursor *secret, - const struct aws_byte_cursor *to_hmac, - struct aws_byte_buf *output, - size_t truncate_to); -/** - * Set the implementation of sha256 hmac to use. If you compiled without - * AWS_BYO_CRYPTO, you do not need to call this. However, if use this, we will - * honor it, regardless of compile options. This may be useful for testing - * purposes. If you did set AWS_BYO_CRYPTO, and you do not call this function - * you will segfault. - */ -AWS_CAL_API void aws_set_sha256_hmac_new_fn(aws_hmac_new_fn *fn); - -AWS_EXTERN_C_END - -#endif /* AWS_CAL_HASH_H_ */ +#ifndef AWS_CAL_HMAC_H_ +#define AWS_CAL_HMAC_H_ +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ +#include <aws/cal/exports.h> + +#include <aws/common/byte_buf.h> +#include <aws/common/common.h> + +#define AWS_SHA256_HMAC_LEN 32 + +struct aws_hmac; + +struct aws_hmac_vtable { + const char *alg_name; + const char *provider; + void (*destroy)(struct aws_hmac *hmac); + int (*update)(struct aws_hmac *hmac, const struct aws_byte_cursor *buf); + int (*finalize)(struct aws_hmac *hmac, struct aws_byte_buf *out); +}; + +struct aws_hmac { + struct aws_allocator *allocator; + struct aws_hmac_vtable *vtable; + size_t digest_size; + bool good; + void *impl; +}; + +typedef struct aws_hmac *(aws_hmac_new_fn)(struct aws_allocator *allocator, const struct aws_byte_cursor *secret); + +AWS_EXTERN_C_BEGIN +/** + * Allocates and initializes a sha256 hmac instance. Secret is the key to be + * used for the hmac process. + */ +AWS_CAL_API struct aws_hmac *aws_sha256_hmac_new(struct aws_allocator *allocator, const struct aws_byte_cursor *secret); + +/** + * Cleans up and deallocates hmac. + */ +AWS_CAL_API void aws_hmac_destroy(struct aws_hmac *hmac); + +/** + * Updates the running hmac with to_hash. this can be called multiple times. + */ +AWS_CAL_API int aws_hmac_update(struct aws_hmac *hmac, const struct aws_byte_cursor *to_hmac); +/** + * Completes the hmac computation and writes the final digest to output. + * Allocation of output is the caller's responsibility. If you specify + * truncate_to to something other than 0, the output will be truncated to that + * number of bytes. For example if you want a SHA256 digest as the first 16 + * bytes, set truncate_to to 16. If you want the full digest size, just set this + * to 0. + */ +AWS_CAL_API int aws_hmac_finalize(struct aws_hmac *hmac, struct aws_byte_buf *output, size_t truncate_to); +/** + * Computes the sha256 hmac over input and writes the digest output to 'output'. + * Use this if you don't need to stream the data you're hashing and you can load + * the entire input to hash into memory. If you specify truncate_to to something + * other than 0, the output will be truncated to that number of bytes. For + * example if you want a SHA256 HMAC digest as the first 16 bytes, set + * truncate_to to 16. If you want the full digest size, just set this to 0. + */ +AWS_CAL_API int aws_sha256_hmac_compute( + struct aws_allocator *allocator, + const struct aws_byte_cursor *secret, + const struct aws_byte_cursor *to_hmac, + struct aws_byte_buf *output, + size_t truncate_to); +/** + * Set the implementation of sha256 hmac to use. If you compiled without + * AWS_BYO_CRYPTO, you do not need to call this. However, if use this, we will + * honor it, regardless of compile options. This may be useful for testing + * purposes. If you did set AWS_BYO_CRYPTO, and you do not call this function + * you will segfault. + */ +AWS_CAL_API void aws_set_sha256_hmac_new_fn(aws_hmac_new_fn *fn); + +AWS_EXTERN_C_END + +#endif /* AWS_CAL_HASH_H_ */ diff --git a/contrib/restricted/aws/aws-c-cal/include/aws/cal/private/der.h b/contrib/restricted/aws/aws-c-cal/include/aws/cal/private/der.h index e263864a49..3486e3f476 100644 --- a/contrib/restricted/aws/aws-c-cal/include/aws/cal/private/der.h +++ b/contrib/restricted/aws/aws-c-cal/include/aws/cal/private/der.h @@ -1,218 +1,218 @@ -#ifndef AWS_C_CAL_DER_H -#define AWS_C_CAL_DER_H -/** - * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. - * SPDX-License-Identifier: Apache-2.0. - */ - -#include <aws/cal/exports.h> - -#include <aws/common/array_list.h> -#include <aws/common/byte_buf.h> - -struct aws_der_encoder; -struct aws_der_decoder; - -enum aws_der_type { - /* Primitives */ - AWS_DER_BOOLEAN = 0x01, - AWS_DER_INTEGER = 0x02, - AWS_DER_BIT_STRING = 0x03, - AWS_DER_OCTET_STRING = 0x04, - AWS_DER_NULL = 0x05, - AWS_DER_OBJECT_IDENTIFIER = 0x06, - AWS_DER_BMPString = 0x1e, - AWS_DER_UNICODE_STRING = AWS_DER_BMPString, - AWS_DER_IA5String = 0x16, /* Unsupported */ - AWS_DER_PrintableString = 0x13, - AWS_DER_TeletexString = 0x14, /* Unsupported */ - - /* Constructed types */ - AWS_DER_SEQUENCE = 0x30, - AWS_DER_SEQUENCE_OF = AWS_DER_SEQUENCE, - AWS_DER_SET = 0x31, - AWS_DER_SET_OF = AWS_DER_SET, - AWS_DER_UTF8_STRING = 0x0c, - - /* class types */ - AWS_DER_CLASS_UNIVERSAL = 0x00, - AWS_DER_CLASS_APPLICATION = 0x40, - AWS_DER_CLASS_CONTEXT = 0x80, - AWS_DER_CLASS_PRIVATE = 0xc0, - - /* forms */ - AWS_DER_FORM_CONSTRUCTED = 0x20, - AWS_DER_FORM_PRIMITIVE = 0x00, -}; - -AWS_EXTERN_C_BEGIN - -/** - * Initializes a DER encoder - * @param allocator The allocator to use for all allocations within the encoder - * @param capacity The initial capacity of the encoder scratch buffer (the max size of all encoded TLVs) - * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS - */ -AWS_CAL_API struct aws_der_encoder *aws_der_encoder_new(struct aws_allocator *allocator, size_t capacity); - -/** - * Cleans up a DER encoder - * @param encoder The encoder to clean up - * - * Note that this destroys the encoder buffer, invalidating any references to the contents given via get_contents() - */ -AWS_CAL_API void aws_der_encoder_destroy(struct aws_der_encoder *encoder); - -/** - * Writes an arbitrarily sized integer to the DER stream - * @param encoder The encoder to use - * @param integer A cursor pointing to the integer's memory - * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS - */ -AWS_CAL_API int aws_der_encoder_write_integer(struct aws_der_encoder *encoder, struct aws_byte_cursor integer); -/** - * Writes a boolean to the DER stream - * @param encoder The encoder to use - * @param boolean The boolean to write - * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS - */ -AWS_CAL_API int aws_der_encoder_write_boolean(struct aws_der_encoder *encoder, bool boolean); - -/** - * Writes a NULL token to the stream - * @param encoder The encoder to write to - * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS - */ -AWS_CAL_API int aws_der_encoder_write_null(struct aws_der_encoder *encoder); - -/** - * Writes a BIT_STRING to the stream - * @param encoder The encoder to use - * @param bit_string The bit string to encode - * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS - */ -AWS_CAL_API int aws_der_encoder_write_bit_string(struct aws_der_encoder *encoder, struct aws_byte_cursor bit_string); - -/** - * Writes a string to the stream - * @param encoder The encoder to use - * @param octet_string The string to encode - * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS - */ -AWS_CAL_API int aws_der_encoder_write_octet_string( - struct aws_der_encoder *encoder, - struct aws_byte_cursor octet_string); - -/** - * Begins a SEQUENCE of objects in the DER stream - * @param encoder The encoder to use - * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS - */ -AWS_CAL_API int aws_der_encoder_begin_sequence(struct aws_der_encoder *encoder); - -/** - * Finishes a SEQUENCE and applies it to the DER stream buffer - * @param encoder The encoder to update - * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS - */ -AWS_CAL_API int aws_der_encoder_end_sequence(struct aws_der_encoder *encoder); - -/** - * Begins a SET of objects in the DER stream - * @param encoder The encoder to use - * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS - */ -AWS_CAL_API int aws_der_encoder_begin_set(struct aws_der_encoder *encoder); - -/** - * Finishes a SET and applies it to the DER stream buffer - * @param encoder The encoder to update - * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS - */ -AWS_CAL_API int aws_der_encoder_end_set(struct aws_der_encoder *encoder); - -/** - * Retrieves the contents of the encoder stream buffer - * @param encoder The encoder to read from - * @param cursor The cursor to point at the stream buffer - * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS - */ -AWS_CAL_API int aws_der_encoder_get_contents(struct aws_der_encoder *encoder, struct aws_byte_cursor *contents); - -/** - * Initializes an DER decoder - * @param allocator The allocator to use - * @param input The DER formatted buffer to parse - * @return Initialized decoder, or NULL - */ -AWS_CAL_API struct aws_der_decoder *aws_der_decoder_new(struct aws_allocator *allocator, struct aws_byte_cursor input); - -/** - * Cleans up a DER encoder - * @param decoder The encoder to clean up - */ -AWS_CAL_API void aws_der_decoder_destroy(struct aws_der_decoder *decoder); - -/** - * Allows for iteration over the decoded TLVs. - * @param decoder The decoder to iterate over - * @return true if there is a tlv to read after advancing, false when done - */ -AWS_CAL_API bool aws_der_decoder_next(struct aws_der_decoder *decoder); - -/** - * The type of the current TLV - * @param decoder The decoder to inspect - * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS - */ -AWS_CAL_API enum aws_der_type aws_der_decoder_tlv_type(struct aws_der_decoder *decoder); - -/** - * The size of the current TLV - * @param decoder The decoder to inspect - * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS - */ -AWS_CAL_API size_t aws_der_decoder_tlv_length(struct aws_der_decoder *decoder); - -/** - * The number of elements in the current TLV container - * @param decoder The decoder to inspect - * @return Number of elements in the current container - */ -AWS_CAL_API size_t aws_der_decoder_tlv_count(struct aws_der_decoder *decoder); - -/** - * Extracts the current TLV string value (BIT_STRING, OCTET_STRING) - * @param decoder The decoder to extract from - * @param string The buffer to store the string into - * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS - */ -AWS_CAL_API int aws_der_decoder_tlv_string(struct aws_der_decoder *decoder, struct aws_byte_cursor *string); - -/** - * Extracts the current TLV INTEGER value (INTEGER) - * @param decoder The decoder to extract from - * @param integer The buffer to store the integer into - * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS - */ -AWS_CAL_API int aws_der_decoder_tlv_integer(struct aws_der_decoder *decoder, struct aws_byte_cursor *integer); - -/** - * Extracts the current TLV BOOLEAN value (BOOLEAN) - * @param decoder The decoder to extract from - * @param boolean The boolean to store the value into - * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS - */ -AWS_CAL_API int aws_der_decoder_tlv_boolean(struct aws_der_decoder *decoder, bool *boolean); - -/** - * Extracts the current TLV value as a blob - * @param decoder The decoder to extract from - * @param blob The buffer to store the value into - * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS - */ -AWS_CAL_API int aws_der_decoder_tlv_blob(struct aws_der_decoder *decoder, struct aws_byte_cursor *blob); - -AWS_EXTERN_C_END - -#endif +#ifndef AWS_C_CAL_DER_H +#define AWS_C_CAL_DER_H +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ + +#include <aws/cal/exports.h> + +#include <aws/common/array_list.h> +#include <aws/common/byte_buf.h> + +struct aws_der_encoder; +struct aws_der_decoder; + +enum aws_der_type { + /* Primitives */ + AWS_DER_BOOLEAN = 0x01, + AWS_DER_INTEGER = 0x02, + AWS_DER_BIT_STRING = 0x03, + AWS_DER_OCTET_STRING = 0x04, + AWS_DER_NULL = 0x05, + AWS_DER_OBJECT_IDENTIFIER = 0x06, + AWS_DER_BMPString = 0x1e, + AWS_DER_UNICODE_STRING = AWS_DER_BMPString, + AWS_DER_IA5String = 0x16, /* Unsupported */ + AWS_DER_PrintableString = 0x13, + AWS_DER_TeletexString = 0x14, /* Unsupported */ + + /* Constructed types */ + AWS_DER_SEQUENCE = 0x30, + AWS_DER_SEQUENCE_OF = AWS_DER_SEQUENCE, + AWS_DER_SET = 0x31, + AWS_DER_SET_OF = AWS_DER_SET, + AWS_DER_UTF8_STRING = 0x0c, + + /* class types */ + AWS_DER_CLASS_UNIVERSAL = 0x00, + AWS_DER_CLASS_APPLICATION = 0x40, + AWS_DER_CLASS_CONTEXT = 0x80, + AWS_DER_CLASS_PRIVATE = 0xc0, + + /* forms */ + AWS_DER_FORM_CONSTRUCTED = 0x20, + AWS_DER_FORM_PRIMITIVE = 0x00, +}; + +AWS_EXTERN_C_BEGIN + +/** + * Initializes a DER encoder + * @param allocator The allocator to use for all allocations within the encoder + * @param capacity The initial capacity of the encoder scratch buffer (the max size of all encoded TLVs) + * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS + */ +AWS_CAL_API struct aws_der_encoder *aws_der_encoder_new(struct aws_allocator *allocator, size_t capacity); + +/** + * Cleans up a DER encoder + * @param encoder The encoder to clean up + * + * Note that this destroys the encoder buffer, invalidating any references to the contents given via get_contents() + */ +AWS_CAL_API void aws_der_encoder_destroy(struct aws_der_encoder *encoder); + +/** + * Writes an arbitrarily sized integer to the DER stream + * @param encoder The encoder to use + * @param integer A cursor pointing to the integer's memory + * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS + */ +AWS_CAL_API int aws_der_encoder_write_integer(struct aws_der_encoder *encoder, struct aws_byte_cursor integer); +/** + * Writes a boolean to the DER stream + * @param encoder The encoder to use + * @param boolean The boolean to write + * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS + */ +AWS_CAL_API int aws_der_encoder_write_boolean(struct aws_der_encoder *encoder, bool boolean); + +/** + * Writes a NULL token to the stream + * @param encoder The encoder to write to + * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS + */ +AWS_CAL_API int aws_der_encoder_write_null(struct aws_der_encoder *encoder); + +/** + * Writes a BIT_STRING to the stream + * @param encoder The encoder to use + * @param bit_string The bit string to encode + * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS + */ +AWS_CAL_API int aws_der_encoder_write_bit_string(struct aws_der_encoder *encoder, struct aws_byte_cursor bit_string); + +/** + * Writes a string to the stream + * @param encoder The encoder to use + * @param octet_string The string to encode + * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS + */ +AWS_CAL_API int aws_der_encoder_write_octet_string( + struct aws_der_encoder *encoder, + struct aws_byte_cursor octet_string); + +/** + * Begins a SEQUENCE of objects in the DER stream + * @param encoder The encoder to use + * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS + */ +AWS_CAL_API int aws_der_encoder_begin_sequence(struct aws_der_encoder *encoder); + +/** + * Finishes a SEQUENCE and applies it to the DER stream buffer + * @param encoder The encoder to update + * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS + */ +AWS_CAL_API int aws_der_encoder_end_sequence(struct aws_der_encoder *encoder); + +/** + * Begins a SET of objects in the DER stream + * @param encoder The encoder to use + * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS + */ +AWS_CAL_API int aws_der_encoder_begin_set(struct aws_der_encoder *encoder); + +/** + * Finishes a SET and applies it to the DER stream buffer + * @param encoder The encoder to update + * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS + */ +AWS_CAL_API int aws_der_encoder_end_set(struct aws_der_encoder *encoder); + +/** + * Retrieves the contents of the encoder stream buffer + * @param encoder The encoder to read from + * @param cursor The cursor to point at the stream buffer + * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS + */ +AWS_CAL_API int aws_der_encoder_get_contents(struct aws_der_encoder *encoder, struct aws_byte_cursor *contents); + +/** + * Initializes an DER decoder + * @param allocator The allocator to use + * @param input The DER formatted buffer to parse + * @return Initialized decoder, or NULL + */ +AWS_CAL_API struct aws_der_decoder *aws_der_decoder_new(struct aws_allocator *allocator, struct aws_byte_cursor input); + +/** + * Cleans up a DER encoder + * @param decoder The encoder to clean up + */ +AWS_CAL_API void aws_der_decoder_destroy(struct aws_der_decoder *decoder); + +/** + * Allows for iteration over the decoded TLVs. + * @param decoder The decoder to iterate over + * @return true if there is a tlv to read after advancing, false when done + */ +AWS_CAL_API bool aws_der_decoder_next(struct aws_der_decoder *decoder); + +/** + * The type of the current TLV + * @param decoder The decoder to inspect + * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS + */ +AWS_CAL_API enum aws_der_type aws_der_decoder_tlv_type(struct aws_der_decoder *decoder); + +/** + * The size of the current TLV + * @param decoder The decoder to inspect + * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS + */ +AWS_CAL_API size_t aws_der_decoder_tlv_length(struct aws_der_decoder *decoder); + +/** + * The number of elements in the current TLV container + * @param decoder The decoder to inspect + * @return Number of elements in the current container + */ +AWS_CAL_API size_t aws_der_decoder_tlv_count(struct aws_der_decoder *decoder); + +/** + * Extracts the current TLV string value (BIT_STRING, OCTET_STRING) + * @param decoder The decoder to extract from + * @param string The buffer to store the string into + * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS + */ +AWS_CAL_API int aws_der_decoder_tlv_string(struct aws_der_decoder *decoder, struct aws_byte_cursor *string); + +/** + * Extracts the current TLV INTEGER value (INTEGER) + * @param decoder The decoder to extract from + * @param integer The buffer to store the integer into + * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS + */ +AWS_CAL_API int aws_der_decoder_tlv_integer(struct aws_der_decoder *decoder, struct aws_byte_cursor *integer); + +/** + * Extracts the current TLV BOOLEAN value (BOOLEAN) + * @param decoder The decoder to extract from + * @param boolean The boolean to store the value into + * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS + */ +AWS_CAL_API int aws_der_decoder_tlv_boolean(struct aws_der_decoder *decoder, bool *boolean); + +/** + * Extracts the current TLV value as a blob + * @param decoder The decoder to extract from + * @param blob The buffer to store the value into + * @return AWS_OP_ERR if an error occurs, otherwise AWS_OP_SUCCESS + */ +AWS_CAL_API int aws_der_decoder_tlv_blob(struct aws_der_decoder *decoder, struct aws_byte_cursor *blob); + +AWS_EXTERN_C_END + +#endif diff --git a/contrib/restricted/aws/aws-c-cal/include/aws/cal/private/ecc.h b/contrib/restricted/aws/aws-c-cal/include/aws/cal/private/ecc.h index bbed69b547..ec3492518c 100644 --- a/contrib/restricted/aws/aws-c-cal/include/aws/cal/private/ecc.h +++ b/contrib/restricted/aws/aws-c-cal/include/aws/cal/private/ecc.h @@ -1,25 +1,25 @@ -#ifndef AWS_C_CAL_PRIVATE_ECC_H -#define AWS_C_CAL_PRIVATE_ECC_H -/** - * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. - * SPDX-License-Identifier: Apache-2.0. - */ - -#include <aws/cal/ecc.h> - -#include <aws/common/byte_buf.h> - -struct aws_der_decoder; - -AWS_EXTERN_C_BEGIN - -AWS_CAL_API int aws_der_decoder_load_ecc_key_pair( - struct aws_der_decoder *decoder, - struct aws_byte_cursor *out_public_x_coor, - struct aws_byte_cursor *out_public_y_coor, - struct aws_byte_cursor *out_private_d, - enum aws_ecc_curve_name *out_curve_name); - -AWS_EXTERN_C_END - -#endif /* AWS_C_CAL_PRIVATE_ECC_H */ +#ifndef AWS_C_CAL_PRIVATE_ECC_H +#define AWS_C_CAL_PRIVATE_ECC_H +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ + +#include <aws/cal/ecc.h> + +#include <aws/common/byte_buf.h> + +struct aws_der_decoder; + +AWS_EXTERN_C_BEGIN + +AWS_CAL_API int aws_der_decoder_load_ecc_key_pair( + struct aws_der_decoder *decoder, + struct aws_byte_cursor *out_public_x_coor, + struct aws_byte_cursor *out_public_y_coor, + struct aws_byte_cursor *out_private_d, + enum aws_ecc_curve_name *out_curve_name); + +AWS_EXTERN_C_END + +#endif /* AWS_C_CAL_PRIVATE_ECC_H */ diff --git a/contrib/restricted/aws/aws-c-cal/include/aws/cal/private/opensslcrypto_common.h b/contrib/restricted/aws/aws-c-cal/include/aws/cal/private/opensslcrypto_common.h index 6628db1e5c..f4e25c5f35 100644 --- a/contrib/restricted/aws/aws-c-cal/include/aws/cal/private/opensslcrypto_common.h +++ b/contrib/restricted/aws/aws-c-cal/include/aws/cal/private/opensslcrypto_common.h @@ -1,46 +1,46 @@ -#ifndef AWS_C_CAL_OPENSSLCRYPTO_COMMON_H -#define AWS_C_CAL_OPENSSLCRYPTO_COMMON_H - -#include <openssl/crypto.h> -#include <openssl/evp.h> -#include <openssl/hmac.h> - -typedef HMAC_CTX *(*hmac_ctx_new)(void); -typedef int (*hmac_ctx_reset)(HMAC_CTX *); -typedef void (*hmac_ctx_free)(HMAC_CTX *); -typedef void (*hmac_ctx_init)(HMAC_CTX *); -typedef int (*hmac_ctx_init_ex)(HMAC_CTX *, const void *, int, const EVP_MD *, ENGINE *); -typedef void (*hmac_ctx_clean_up)(HMAC_CTX *); -typedef int (*hmac_ctx_update)(HMAC_CTX *, const unsigned char *, size_t); -typedef int (*hmac_ctx_final)(HMAC_CTX *, unsigned char *, unsigned int *); - -struct openssl_hmac_ctx_table { - hmac_ctx_new new_fn; - hmac_ctx_free free_fn; - hmac_ctx_init init_fn; - hmac_ctx_init_ex init_ex_fn; - hmac_ctx_clean_up clean_up_fn; - hmac_ctx_update update_fn; - hmac_ctx_final final_fn; - hmac_ctx_reset reset_fn; -}; - -extern struct openssl_hmac_ctx_table *g_aws_openssl_hmac_ctx_table; - -typedef EVP_MD_CTX *(*evp_md_ctx_new)(void); -typedef void (*evp_md_ctx_free)(EVP_MD_CTX *); -typedef int (*evp_md_ctx_digest_init_ex)(EVP_MD_CTX *, const EVP_MD *, ENGINE *); -typedef int (*evp_md_ctx_digest_update)(EVP_MD_CTX *, const void *, size_t); -typedef int (*evp_md_ctx_digest_final_ex)(EVP_MD_CTX *, unsigned char *, unsigned int *); - -struct openssl_evp_md_ctx_table { - evp_md_ctx_new new_fn; - evp_md_ctx_free free_fn; - evp_md_ctx_digest_init_ex init_ex_fn; - evp_md_ctx_digest_update update_fn; - evp_md_ctx_digest_final_ex final_ex_fn; -}; - -extern struct openssl_evp_md_ctx_table *g_aws_openssl_evp_md_ctx_table; - -#endif /* AWS_C_CAL_OPENSSLCRYPTO_COMMON_H */ +#ifndef AWS_C_CAL_OPENSSLCRYPTO_COMMON_H +#define AWS_C_CAL_OPENSSLCRYPTO_COMMON_H + +#include <openssl/crypto.h> +#include <openssl/evp.h> +#include <openssl/hmac.h> + +typedef HMAC_CTX *(*hmac_ctx_new)(void); +typedef int (*hmac_ctx_reset)(HMAC_CTX *); +typedef void (*hmac_ctx_free)(HMAC_CTX *); +typedef void (*hmac_ctx_init)(HMAC_CTX *); +typedef int (*hmac_ctx_init_ex)(HMAC_CTX *, const void *, int, const EVP_MD *, ENGINE *); +typedef void (*hmac_ctx_clean_up)(HMAC_CTX *); +typedef int (*hmac_ctx_update)(HMAC_CTX *, const unsigned char *, size_t); +typedef int (*hmac_ctx_final)(HMAC_CTX *, unsigned char *, unsigned int *); + +struct openssl_hmac_ctx_table { + hmac_ctx_new new_fn; + hmac_ctx_free free_fn; + hmac_ctx_init init_fn; + hmac_ctx_init_ex init_ex_fn; + hmac_ctx_clean_up clean_up_fn; + hmac_ctx_update update_fn; + hmac_ctx_final final_fn; + hmac_ctx_reset reset_fn; +}; + +extern struct openssl_hmac_ctx_table *g_aws_openssl_hmac_ctx_table; + +typedef EVP_MD_CTX *(*evp_md_ctx_new)(void); +typedef void (*evp_md_ctx_free)(EVP_MD_CTX *); +typedef int (*evp_md_ctx_digest_init_ex)(EVP_MD_CTX *, const EVP_MD *, ENGINE *); +typedef int (*evp_md_ctx_digest_update)(EVP_MD_CTX *, const void *, size_t); +typedef int (*evp_md_ctx_digest_final_ex)(EVP_MD_CTX *, unsigned char *, unsigned int *); + +struct openssl_evp_md_ctx_table { + evp_md_ctx_new new_fn; + evp_md_ctx_free free_fn; + evp_md_ctx_digest_init_ex init_ex_fn; + evp_md_ctx_digest_update update_fn; + evp_md_ctx_digest_final_ex final_ex_fn; +}; + +extern struct openssl_evp_md_ctx_table *g_aws_openssl_evp_md_ctx_table; + +#endif /* AWS_C_CAL_OPENSSLCRYPTO_COMMON_H */ |