From dac96cebfb2a388021bfd69f76c8aa6bcff146d9 Mon Sep 17 00:00:00 2001 From: mamoniot Date: Sat, 25 Feb 2023 19:07:58 -0500 Subject: [PATCH] added openssl bindings --- Cargo.toml | 2 + crypto/Cargo.toml | 7 +- crypto/benches/benchmark_crypto.rs | 37 - crypto/src/aes.rs | 3723 ---------------------- crypto/src/hash.rs | 253 -- crypto/src/lib.rs | 12 +- crypto/src/x25519.rs | 4 +- openssl-sys/CHANGELOG.md | 411 +++ openssl-sys/Cargo.toml | 36 + openssl-sys/LICENSE-MIT | 25 + openssl-sys/README.md | 1 + openssl-sys/build/cfgs.rs | 94 + openssl-sys/build/expando.c | 124 + openssl-sys/build/find_normal.rs | 275 ++ openssl-sys/build/find_vendored.rs | 16 + openssl-sys/build/main.rs | 416 +++ openssl-sys/build/run_bindgen.rs | 129 + openssl-sys/src/aes.rs | 7 + openssl-sys/src/asn1.rs | 39 + openssl-sys/src/bio.rs | 72 + openssl-sys/src/bn.rs | 15 + openssl-sys/src/cms.rs | 46 + openssl-sys/src/crypto.rs | 134 + openssl-sys/src/dtls1.rs | 9 + openssl-sys/src/ec.rs | 16 + openssl-sys/src/err.rs | 70 + openssl-sys/src/evp.rs | 285 ++ openssl-sys/src/handwritten/aes.rs | 40 + openssl-sys/src/handwritten/asn1.rs | 60 + openssl-sys/src/handwritten/bio.rs | 107 + openssl-sys/src/handwritten/bn.rs | 168 + openssl-sys/src/handwritten/cms.rs | 65 + openssl-sys/src/handwritten/conf.rs | 7 + openssl-sys/src/handwritten/crypto.rs | 85 + openssl-sys/src/handwritten/dh.rs | 50 + openssl-sys/src/handwritten/dsa.rs | 85 + openssl-sys/src/handwritten/ec.rs | 255 ++ openssl-sys/src/handwritten/err.rs | 55 + openssl-sys/src/handwritten/evp.rs | 600 ++++ openssl-sys/src/handwritten/hmac.rs | 30 + openssl-sys/src/handwritten/kdf.rs | 26 + openssl-sys/src/handwritten/mod.rs | 65 + openssl-sys/src/handwritten/object.rs | 30 + openssl-sys/src/handwritten/ocsp.rs | 89 + openssl-sys/src/handwritten/pem.rs | 191 ++ openssl-sys/src/handwritten/pkcs12.rs | 53 + openssl-sys/src/handwritten/pkcs7.rs | 70 + openssl-sys/src/handwritten/provider.rs | 20 + openssl-sys/src/handwritten/rand.rs | 12 + openssl-sys/src/handwritten/rsa.rs | 124 + openssl-sys/src/handwritten/safestack.rs | 1 + openssl-sys/src/handwritten/sha.rs | 101 + openssl-sys/src/handwritten/srtp.rs | 10 + openssl-sys/src/handwritten/ssl.rs | 913 ++++++ openssl-sys/src/handwritten/stack.rs | 45 + openssl-sys/src/handwritten/tls1.rs | 28 + openssl-sys/src/handwritten/types.rs | 1078 +++++++ openssl-sys/src/handwritten/x509.rs | 666 ++++ openssl-sys/src/handwritten/x509_vfy.rs | 132 + openssl-sys/src/handwritten/x509v3.rs | 104 + openssl-sys/src/lib.rs | 198 ++ openssl-sys/src/macros.rs | 298 ++ openssl-sys/src/obj_mac.rs | 978 ++++++ openssl-sys/src/ocsp.rs | 35 + openssl-sys/src/pem.rs | 3 + openssl-sys/src/pkcs7.rs | 20 + openssl-sys/src/rsa.rs | 101 + openssl-sys/src/sha.rs | 103 + openssl-sys/src/srtp.rs | 14 + openssl-sys/src/ssl.rs | 631 ++++ openssl-sys/src/ssl3.rs | 5 + openssl-sys/src/tls1.rs | 94 + openssl-sys/src/types.rs | 21 + openssl-sys/src/x509.rs | 15 + openssl-sys/src/x509_vfy.rs | 149 + openssl-sys/src/x509v3.rs | 93 + openssl-zt/Cargo.toml | 29 + openssl-zt/LICENSE | 15 + openssl-zt/README.md | 1 + openssl-zt/build.rs | 110 + openssl-zt/src/aes.rs | 3279 +++++++++++++++++++ openssl-zt/src/bn.rs | 1153 +++++++ openssl-zt/src/cipher.rs | 484 +++ openssl-zt/src/cipher_ctx.rs | 168 + openssl-zt/src/ec.rs | 191 ++ openssl-zt/src/error.rs | 394 +++ openssl-zt/src/hash.rs | 289 ++ openssl-zt/src/lib.rs | 32 + {crypto => openssl-zt}/src/p384.rs | 302 +- openssl-zt/src/rand.rs | 56 + {crypto => openssl-zt}/src/random.rs | 48 +- {crypto => openssl-zt}/src/secret.rs | 25 +- 92 files changed, 16752 insertions(+), 4205 deletions(-) delete mode 100644 crypto/benches/benchmark_crypto.rs delete mode 100644 crypto/src/aes.rs delete mode 100644 crypto/src/hash.rs create mode 100644 openssl-sys/CHANGELOG.md create mode 100644 openssl-sys/Cargo.toml create mode 100644 openssl-sys/LICENSE-MIT create mode 120000 openssl-sys/README.md create mode 100644 openssl-sys/build/cfgs.rs create mode 100644 openssl-sys/build/expando.c create mode 100644 openssl-sys/build/find_normal.rs create mode 100644 openssl-sys/build/find_vendored.rs create mode 100644 openssl-sys/build/main.rs create mode 100644 openssl-sys/build/run_bindgen.rs create mode 100644 openssl-sys/src/aes.rs create mode 100644 openssl-sys/src/asn1.rs create mode 100644 openssl-sys/src/bio.rs create mode 100644 openssl-sys/src/bn.rs create mode 100644 openssl-sys/src/cms.rs create mode 100644 openssl-sys/src/crypto.rs create mode 100644 openssl-sys/src/dtls1.rs create mode 100644 openssl-sys/src/ec.rs create mode 100644 openssl-sys/src/err.rs create mode 100644 openssl-sys/src/evp.rs create mode 100644 openssl-sys/src/handwritten/aes.rs create mode 100644 openssl-sys/src/handwritten/asn1.rs create mode 100644 openssl-sys/src/handwritten/bio.rs create mode 100644 openssl-sys/src/handwritten/bn.rs create mode 100644 openssl-sys/src/handwritten/cms.rs create mode 100644 openssl-sys/src/handwritten/conf.rs create mode 100644 openssl-sys/src/handwritten/crypto.rs create mode 100644 openssl-sys/src/handwritten/dh.rs create mode 100644 openssl-sys/src/handwritten/dsa.rs create mode 100644 openssl-sys/src/handwritten/ec.rs create mode 100644 openssl-sys/src/handwritten/err.rs create mode 100644 openssl-sys/src/handwritten/evp.rs create mode 100644 openssl-sys/src/handwritten/hmac.rs create mode 100644 openssl-sys/src/handwritten/kdf.rs create mode 100644 openssl-sys/src/handwritten/mod.rs create mode 100644 openssl-sys/src/handwritten/object.rs create mode 100644 openssl-sys/src/handwritten/ocsp.rs create mode 100644 openssl-sys/src/handwritten/pem.rs create mode 100644 openssl-sys/src/handwritten/pkcs12.rs create mode 100644 openssl-sys/src/handwritten/pkcs7.rs create mode 100644 openssl-sys/src/handwritten/provider.rs create mode 100644 openssl-sys/src/handwritten/rand.rs create mode 100644 openssl-sys/src/handwritten/rsa.rs create mode 100644 openssl-sys/src/handwritten/safestack.rs create mode 100644 openssl-sys/src/handwritten/sha.rs create mode 100644 openssl-sys/src/handwritten/srtp.rs create mode 100644 openssl-sys/src/handwritten/ssl.rs create mode 100644 openssl-sys/src/handwritten/stack.rs create mode 100644 openssl-sys/src/handwritten/tls1.rs create mode 100644 openssl-sys/src/handwritten/types.rs create mode 100644 openssl-sys/src/handwritten/x509.rs create mode 100644 openssl-sys/src/handwritten/x509_vfy.rs create mode 100644 openssl-sys/src/handwritten/x509v3.rs create mode 100644 openssl-sys/src/lib.rs create mode 100644 openssl-sys/src/macros.rs create mode 100644 openssl-sys/src/obj_mac.rs create mode 100644 openssl-sys/src/ocsp.rs create mode 100644 openssl-sys/src/pem.rs create mode 100644 openssl-sys/src/pkcs7.rs create mode 100644 openssl-sys/src/rsa.rs create mode 100644 openssl-sys/src/sha.rs create mode 100644 openssl-sys/src/srtp.rs create mode 100644 openssl-sys/src/ssl.rs create mode 100644 openssl-sys/src/ssl3.rs create mode 100644 openssl-sys/src/tls1.rs create mode 100644 openssl-sys/src/types.rs create mode 100644 openssl-sys/src/x509.rs create mode 100644 openssl-sys/src/x509_vfy.rs create mode 100644 openssl-sys/src/x509v3.rs create mode 100644 openssl-zt/Cargo.toml create mode 100644 openssl-zt/LICENSE create mode 120000 openssl-zt/README.md create mode 100644 openssl-zt/build.rs create mode 100644 openssl-zt/src/aes.rs create mode 100644 openssl-zt/src/bn.rs create mode 100644 openssl-zt/src/cipher.rs create mode 100644 openssl-zt/src/cipher_ctx.rs create mode 100644 openssl-zt/src/ec.rs create mode 100644 openssl-zt/src/error.rs create mode 100644 openssl-zt/src/hash.rs create mode 100644 openssl-zt/src/lib.rs rename {crypto => openssl-zt}/src/p384.rs (86%) create mode 100644 openssl-zt/src/rand.rs rename {crypto => openssl-zt}/src/random.rs (68%) rename {crypto => openssl-zt}/src/secret.rs (77%) diff --git a/Cargo.toml b/Cargo.toml index e0bde91e6..2cb3708d2 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -7,6 +7,8 @@ members = [ "service", "vl1-service", "utils", + "openssl-zt", + "openssl-sys", ] [profile.release] diff --git a/crypto/Cargo.toml b/crypto/Cargo.toml index ea02c61c8..fab558264 100644 --- a/crypto/Cargo.toml +++ b/crypto/Cargo.toml @@ -12,16 +12,14 @@ foreign-types = "0.3.1" lazy_static = "^1" poly1305 = { version = "0.8.0", features = [], default-features = false } rand_core = "0.5.1" -rand_core_062 = { package = "rand_core", version = "0.6.2" } subtle = "2.4.1" x25519-dalek = { version = "1.2.0", features = ["std", "u64_backend"], default-features = false } +openssl = { package = "openssl-zt", path = "../openssl-zt" } [target."cfg(windows)".dependencies] -openssl = { version = "^0", features = ["vendored"], default-features = false } winapi = { version = "^0", features = ["handleapi", "ws2ipdef", "ws2tcpip"] } [target."cfg(not(windows))".dependencies] -openssl = { version = "^0", features = [], default-features = false } libc = "^0" signal-hook = "^0" @@ -30,6 +28,3 @@ criterion = "0.3" sha2 = "^0" hex-literal = "^0" -[[bench]] -harness = false -name = "benchmark_crypto" diff --git a/crypto/benches/benchmark_crypto.rs b/crypto/benches/benchmark_crypto.rs deleted file mode 100644 index ee2a7efb7..000000000 --- a/crypto/benches/benchmark_crypto.rs +++ /dev/null @@ -1,37 +0,0 @@ -use criterion::{criterion_group, criterion_main, Criterion}; -use std::time::Duration; - -use zerotier_crypto::p384::*; -use zerotier_crypto::random; -use zerotier_crypto::x25519::*; - -pub fn criterion_benchmark(c: &mut Criterion) { - let p384_a = P384KeyPair::generate(); - let p384_b = P384KeyPair::generate(); - - //let kyber_a = pqc_kyber::keypair(&mut random::SecureRandom::default()); - //let kyber_encap = pqc_kyber::encapsulate(&kyber_a.public, &mut random::SecureRandom::default()).unwrap(); - - let x25519_a = X25519KeyPair::generate(); - let x25519_b = X25519KeyPair::generate(); - let x25519_b_pub = x25519_b.public_bytes(); - - let mut group = c.benchmark_group("cryptography"); - group.measurement_time(Duration::new(10, 0)); - - group.bench_function("ecdhp384", |b| { - b.iter(|| p384_a.agree(p384_b.public_key()).expect("ecdhp384 failed")) - }); - group.bench_function("ecdhx25519", |b| b.iter(|| x25519_a.agree(&x25519_b_pub))); - //group.bench_function("kyber_encapsulate", |b| { - // b.iter(|| pqc_kyber::encapsulate(&kyber_a.public, &mut random::SecureRandom::default()).expect("kyber encapsulate failed")) - //}); - //group.bench_function("kyber_decapsulate", |b| { - // b.iter(|| pqc_kyber::decapsulate(&kyber_encap.0, &kyber_a.secret).expect("kyber decapsulate failed")) - //}); - - group.finish(); -} - -criterion_group!(benches, criterion_benchmark); -criterion_main!(benches); diff --git a/crypto/src/aes.rs b/crypto/src/aes.rs deleted file mode 100644 index 5d0cd2c32..000000000 --- a/crypto/src/aes.rs +++ /dev/null @@ -1,3723 +0,0 @@ -// (c) 2020-2022 ZeroTier, Inc. -- currently proprietary pending actual release and licensing. See LICENSE.md. - -// MacOS implementation of AES primitives since CommonCrypto seems to be faster than OpenSSL, especially on ARM64. -#[cfg(target_os = "macos")] -mod fruit_flavored { - use std::os::raw::{c_int, c_void}; - use std::ptr::{null, null_mut}; - - use crate::secure_eq; - - #[allow(non_upper_case_globals, unused)] - const kCCModeECB: i32 = 1; - #[allow(non_upper_case_globals, unused)] - const kCCModeCTR: i32 = 4; - #[allow(non_upper_case_globals, unused)] - const kCCModeGCM: i32 = 11; - #[allow(non_upper_case_globals, unused)] - const kCCEncrypt: i32 = 0; - #[allow(non_upper_case_globals, unused)] - const kCCDecrypt: i32 = 1; - #[allow(non_upper_case_globals, unused)] - const kCCAlgorithmAES: i32 = 0; - #[allow(non_upper_case_globals, unused)] - const kCCOptionECBMode: i32 = 2; - - extern "C" { - fn CCCryptorCreateWithMode( - op: i32, - mode: i32, - alg: i32, - padding: i32, - iv: *const c_void, - key: *const c_void, - key_len: usize, - tweak: *const c_void, - tweak_len: usize, - num_rounds: c_int, - options: i32, - cryyptor_ref: *mut *mut c_void, - ) -> i32; - fn CCCryptorUpdate( - cryptor_ref: *mut c_void, - data_in: *const c_void, - data_in_len: usize, - data_out: *mut c_void, - data_out_len: usize, - data_out_written: *mut usize, - ) -> i32; - fn CCCryptorReset(cryptor_ref: *mut c_void, iv: *const c_void) -> i32; - fn CCCryptorRelease(cryptor_ref: *mut c_void) -> i32; - fn CCCryptorGCMSetIV(cryptor_ref: *mut c_void, iv: *const c_void, iv_len: usize) -> i32; - fn CCCryptorGCMAddAAD(cryptor_ref: *mut c_void, aad: *const c_void, len: usize) -> i32; - fn CCCryptorGCMEncrypt(cryptor_ref: *mut c_void, data_in: *const c_void, data_in_len: usize, data_out: *mut c_void) -> i32; - fn CCCryptorGCMDecrypt(cryptor_ref: *mut c_void, data_in: *const c_void, data_in_len: usize, data_out: *mut c_void) -> i32; - fn CCCryptorGCMFinal(cryptor_ref: *mut c_void, tag: *mut c_void, tag_len: *mut usize) -> i32; - fn CCCryptorGCMReset(cryptor_ref: *mut c_void) -> i32; - } - - pub struct Aes(*mut c_void, *mut c_void); - - impl Drop for Aes { - #[inline(always)] - fn drop(&mut self) { - unsafe { - CCCryptorRelease(self.0); - CCCryptorRelease(self.1); - } - } - } - - impl Aes { - pub fn new(k: &[u8]) -> Self { - unsafe { - if k.len() != 32 && k.len() != 24 && k.len() != 16 { - panic!("AES supports 128, 192, or 256 bits keys"); - } - let mut aes: Self = std::mem::zeroed(); - assert_eq!( - CCCryptorCreateWithMode( - kCCEncrypt, - kCCModeECB, - kCCAlgorithmAES, - 0, - null(), - k.as_ptr().cast(), - k.len(), - null(), - 0, - 0, - kCCOptionECBMode, - &mut aes.0 - ), - 0 - ); - assert_eq!( - CCCryptorCreateWithMode( - kCCDecrypt, - kCCModeECB, - kCCAlgorithmAES, - 0, - null(), - k.as_ptr().cast(), - k.len(), - null(), - 0, - 0, - kCCOptionECBMode, - &mut aes.1 - ), - 0 - ); - aes - } - } - - #[inline(always)] - pub fn encrypt_block(&self, plaintext: &[u8], ciphertext: &mut [u8]) { - assert_eq!(plaintext.len(), 16); - assert_eq!(ciphertext.len(), 16); - unsafe { - let mut data_out_written = 0; - CCCryptorUpdate( - self.0, - plaintext.as_ptr().cast(), - 16, - ciphertext.as_mut_ptr().cast(), - 16, - &mut data_out_written, - ); - } - } - - #[inline(always)] - pub fn encrypt_block_in_place(&self, data: &mut [u8]) { - assert_eq!(data.len(), 16); - unsafe { - let mut data_out_written = 0; - CCCryptorUpdate( - self.0, - data.as_ptr().cast(), - 16, - data.as_mut_ptr().cast(), - 16, - &mut data_out_written, - ); - } - } - - #[inline(always)] - pub fn decrypt_block(&self, ciphertext: &[u8], plaintext: &mut [u8]) { - assert_eq!(plaintext.len(), 16); - assert_eq!(ciphertext.len(), 16); - unsafe { - let mut data_out_written = 0; - CCCryptorUpdate( - self.1, - ciphertext.as_ptr().cast(), - 16, - plaintext.as_mut_ptr().cast(), - 16, - &mut data_out_written, - ); - } - } - - #[inline(always)] - pub fn decrypt_block_in_place(&self, data: &mut [u8]) { - assert_eq!(data.len(), 16); - unsafe { - let mut data_out_written = 0; - CCCryptorUpdate( - self.1, - data.as_ptr().cast(), - 16, - data.as_mut_ptr().cast(), - 16, - &mut data_out_written, - ); - } - } - } - - unsafe impl Send for Aes {} - unsafe impl Sync for Aes {} - - pub struct AesCtr(*mut c_void); - - impl Drop for AesCtr { - #[inline(always)] - fn drop(&mut self) { - unsafe { CCCryptorRelease(self.0) }; - } - } - - impl AesCtr { - /// Construct a new AES-CTR cipher. - /// Key must be 16, 24, or 32 bytes in length or a panic will occur. - pub fn new(k: &[u8]) -> Self { - if k.len() != 32 && k.len() != 24 && k.len() != 16 { - panic!("AES supports 128, 192, or 256 bits keys"); - } - unsafe { - let mut ptr: *mut c_void = null_mut(); - let result = CCCryptorCreateWithMode( - kCCEncrypt, - kCCModeCTR, - kCCAlgorithmAES, - 0, - [0_u64; 2].as_ptr().cast(), - k.as_ptr().cast(), - k.len(), - null(), - 0, - 0, - 0, - &mut ptr, - ); - if result != 0 { - panic!("CCCryptorCreateWithMode for CTR mode returned {}", result); - } - AesCtr(ptr) - } - } - - /// Initialize AES-CTR for encryption or decryption with the given IV. - /// If it's already been used, this also resets the cipher. There is no separate reset. - pub fn reset_set_iv(&mut self, iv: &[u8]) { - unsafe { - if iv.len() == 16 { - if CCCryptorReset(self.0, iv.as_ptr().cast()) != 0 { - panic!("CCCryptorReset for CTR mode failed (old MacOS bug)"); - } - } else if iv.len() < 16 { - let mut iv2 = [0_u8; 16]; - iv2[0..iv.len()].copy_from_slice(iv); - if CCCryptorReset(self.0, iv2.as_ptr().cast()) != 0 { - panic!("CCCryptorReset for CTR mode failed (old MacOS bug)"); - } - } else { - panic!("CTR IV must be less than or equal to 16 bytes in length"); - } - } - } - - /// Encrypt or decrypt (same operation with CTR mode) - #[inline(always)] - pub fn crypt(&mut self, input: &[u8], output: &mut [u8]) { - unsafe { - assert!(output.len() >= input.len()); - let mut data_out_written: usize = 0; - CCCryptorUpdate( - self.0, - input.as_ptr().cast(), - input.len(), - output.as_mut_ptr().cast(), - output.len(), - &mut data_out_written, - ); - } - } - - /// Encrypt or decrypt in place (same operation with CTR mode) - #[inline(always)] - pub fn crypt_in_place(&mut self, data: &mut [u8]) { - unsafe { - let mut data_out_written: usize = 0; - CCCryptorUpdate( - self.0, - data.as_ptr().cast(), - data.len(), - data.as_mut_ptr().cast(), - data.len(), - &mut data_out_written, - ); - } - } - } - - unsafe impl Send for AesCtr {} - - pub struct AesGcm(*mut c_void, bool); - - impl Drop for AesGcm { - #[inline(always)] - fn drop(&mut self) { - unsafe { CCCryptorRelease(self.0) }; - } - } - - impl AesGcm { - pub fn new(k: &[u8], encrypt: bool) -> Self { - if k.len() != 32 && k.len() != 24 && k.len() != 16 { - panic!("AES supports 128, 192, or 256 bits keys"); - } - unsafe { - let mut ptr: *mut c_void = null_mut(); - assert_eq!( - CCCryptorCreateWithMode( - if encrypt { - kCCEncrypt - } else { - kCCDecrypt - }, - kCCModeGCM, - kCCAlgorithmAES, - 0, - null(), - k.as_ptr().cast(), - k.len(), - null(), - 0, - 0, - 0, - &mut ptr, - ), - 0 - ); - AesGcm(ptr, encrypt) - } - } - - #[inline(always)] - pub fn reset_init_gcm(&mut self, iv: &[u8]) { - assert_eq!(iv.len(), 12); - unsafe { - assert_eq!(CCCryptorGCMReset(self.0), 0); - assert_eq!(CCCryptorGCMSetIV(self.0, iv.as_ptr().cast(), 12), 0); - } - } - - #[inline(always)] - pub fn aad(&mut self, aad: &[u8]) { - unsafe { - assert_eq!(CCCryptorGCMAddAAD(self.0, aad.as_ptr().cast(), aad.len()), 0); - } - } - - #[inline(always)] - pub fn crypt(&mut self, input: &[u8], output: &mut [u8]) { - unsafe { - assert_eq!(input.len(), output.len()); - if self.1 { - assert_eq!( - CCCryptorGCMEncrypt(self.0, input.as_ptr().cast(), input.len(), output.as_mut_ptr().cast()), - 0 - ); - } else { - assert_eq!( - CCCryptorGCMDecrypt(self.0, input.as_ptr().cast(), input.len(), output.as_mut_ptr().cast()), - 0 - ); - } - } - } - - #[inline(always)] - pub fn crypt_in_place(&mut self, data: &mut [u8]) { - unsafe { - if self.1 { - assert_eq!( - CCCryptorGCMEncrypt(self.0, data.as_ptr().cast(), data.len(), data.as_mut_ptr().cast()), - 0 - ); - } else { - assert_eq!( - CCCryptorGCMDecrypt(self.0, data.as_ptr().cast(), data.len(), data.as_mut_ptr().cast()), - 0 - ); - } - } - } - - #[inline(always)] - pub fn finish_encrypt(&mut self) -> [u8; 16] { - let mut tag = 0_u128.to_ne_bytes(); - unsafe { - let mut tag_len = 16; - if CCCryptorGCMFinal(self.0, tag.as_mut_ptr().cast(), &mut tag_len) != 0 { - debug_assert!(false); - tag.fill(0); - } - } - tag - } - - #[inline(always)] - pub fn finish_decrypt(&mut self, expected_tag: &[u8]) -> bool { - secure_eq(&self.finish_encrypt(), expected_tag) - } - } - - unsafe impl Send for AesGcm {} -} - -#[cfg(not(target_os = "macos"))] -mod openssl_aes { - use crate::secret::Secret; - use foreign_types::ForeignTypeRef; - use openssl::cipher::CipherRef; - use openssl::cipher_ctx::{CipherCtx, CipherCtxRef}; - use openssl::symm::{Cipher, Crypter, Mode}; - use std::cell::UnsafeCell; - use std::mem::MaybeUninit; - - fn aes_ctr_by_key_size(ks: usize) -> Cipher { - match ks { - 16 => Cipher::aes_128_ctr(), - 24 => Cipher::aes_192_ctr(), - 32 => Cipher::aes_256_ctr(), - _ => { - panic!("AES supports 128, 192, or 256 bits keys"); - } - } - } - - fn aes_gcm_by_key_size(ks: usize) -> Cipher { - match ks { - 16 => Cipher::aes_128_gcm(), - 24 => Cipher::aes_192_gcm(), - 32 => Cipher::aes_256_gcm(), - _ => { - panic!("AES supports 128, 192, or 256 bits keys"); - } - } - } - - fn aes_ecb_by_key_size(ks: usize) -> Cipher { - match ks { - 16 => Cipher::aes_128_ecb(), - 24 => Cipher::aes_192_ecb(), - 32 => Cipher::aes_256_ecb(), - _ => { - panic!("AES supports 128, 192, or 256 bits keys"); - } - } - } - - pub struct Aes(UnsafeCell, UnsafeCell); - - impl Aes { - pub fn new(k: &[u8]) -> Self { - let (mut c, mut d) = ( - Crypter::new(aes_ecb_by_key_size(k.len()), Mode::Encrypt, k, None).unwrap(), - Crypter::new(aes_ecb_by_key_size(k.len()), Mode::Decrypt, k, None).unwrap(), - ); - c.pad(false); - d.pad(false); - Self(UnsafeCell::new(c), UnsafeCell::new(d)) - } - - #[inline(always)] - pub fn encrypt_block(&self, plaintext: &[u8], ciphertext: &mut [u8]) { - #[allow(invalid_value)] - let mut tmp: [u8; 32] = unsafe { MaybeUninit::uninit().assume_init() }; - let c: &mut Crypter = unsafe { &mut *self.0.get() }; - if c.update(plaintext, &mut tmp).unwrap() != 16 { - assert_eq!(c.finalize(&mut tmp).unwrap(), 16); - } - ciphertext[..16].copy_from_slice(&tmp[..16]); - } - - #[inline(always)] - pub fn encrypt_block_in_place(&self, data: &mut [u8]) { - #[allow(invalid_value)] - let mut tmp: [u8; 32] = unsafe { MaybeUninit::uninit().assume_init() }; - let c: &mut Crypter = unsafe { &mut *self.0.get() }; - if c.update(data, &mut tmp).unwrap() != 16 { - assert_eq!(c.finalize(&mut tmp).unwrap(), 16); - } - data[..16].copy_from_slice(&tmp[..16]); - } - - #[inline(always)] - pub fn decrypt_block(&self, ciphertext: &[u8], plaintext: &mut [u8]) { - #[allow(invalid_value)] - let mut tmp: [u8; 32] = unsafe { MaybeUninit::uninit().assume_init() }; - let c: &mut Crypter = unsafe { &mut *self.1.get() }; - if c.update(ciphertext, &mut tmp).unwrap() != 16 { - assert_eq!(c.finalize(&mut tmp).unwrap(), 16); - } - plaintext[..16].copy_from_slice(&tmp[..16]); - } - - #[inline(always)] - pub fn decrypt_block_in_place(&self, data: &mut [u8]) { - #[allow(invalid_value)] - let mut tmp: [u8; 32] = unsafe { MaybeUninit::uninit().assume_init() }; - let c: &mut Crypter = unsafe { &mut *self.1.get() }; - if c.update(data, &mut tmp).unwrap() != 16 { - assert_eq!(c.finalize(&mut tmp).unwrap(), 16); - } - data[..16].copy_from_slice(&tmp[..16]); - } - } - - unsafe impl Send for Aes {} - unsafe impl Sync for Aes {} - - pub struct AesCtr(Secret<32>, usize, Option); - - impl AesCtr { - /// Construct a new AES-CTR cipher. - /// Key must be 16, 24, or 32 bytes in length or a panic will occur. - #[inline(always)] - pub fn new(k: &[u8]) -> Self { - let mut s: Secret<32> = Secret::default(); - match k.len() { - 16 | 24 | 32 => { - s.0[..k.len()].copy_from_slice(k); - Self(s, k.len(), None) - } - _ => { - panic!("AES supports 128, 192, or 256 bits keys"); - } - } - } - - /// Initialize AES-CTR for encryption or decryption with the given IV. - /// If it's already been used, this also resets the cipher. There is no separate reset. - #[inline(always)] - pub fn reset_set_iv(&mut self, iv: &[u8]) { - let mut c = Crypter::new(aes_ctr_by_key_size(self.1), Mode::Encrypt, &self.0 .0[..self.1], Some(iv)).unwrap(); - c.pad(false); - let _ = self.2.replace(c); - } - - /// Encrypt or decrypt (same operation with CTR mode) - #[inline(always)] - pub fn crypt(&mut self, input: &[u8], output: &mut [u8]) { - let _ = self.2.as_mut().unwrap().update(input, output); - } - - /// Encrypt or decrypt in place (same operation with CTR mode) - #[inline(always)] - pub fn crypt_in_place(&mut self, data: &mut [u8]) { - let _ = self - .2 - .as_mut() - .unwrap() - .update(unsafe { &*std::slice::from_raw_parts(data.as_ptr(), data.len()) }, data); - } - } - - unsafe impl Send for AesCtr {} - - pub struct AesGcm(Secret<32>, usize, CipherCtx, bool); - - impl AesGcm { - /// Construct a new AES-GCM cipher. - /// Key must be 16, 24, or 32 bytes in length or a panic will occur. - pub fn new(k: &[u8], encrypt: bool) -> Self { - let mut s: Secret<32> = Secret::default(); - match k.len() { - 16 | 24 | 32 => { - s.0[..k.len()].copy_from_slice(k); - Self(s, k.len(), CipherCtx::new().unwrap(), encrypt) - } - _ => { - panic!("AES supports 128, 192, or 256 bits keys"); - } - } - } - - /// Initialize AES-CTR for encryption or decryption with the given IV. - /// If it's already been used, this also resets the cipher. There is no separate reset. - #[inline] - pub fn reset_init_gcm(&mut self, iv: &[u8]) { - assert_eq!(iv.len(), 12); - let t = aes_gcm_by_key_size(self.1); - let key = &self.0 .0[..self.1]; - { - let f = match self.3 { - true => CipherCtxRef::encrypt_init, - false => CipherCtxRef::decrypt_init, - }; - - f(&mut self.2, Some(unsafe { CipherRef::from_ptr(t.as_ptr() as *mut _) }), None, None).unwrap(); - - self.2.set_key_length(key.len()).unwrap(); - - if let Some(iv_len) = t.iv_len() { - if iv.len() != iv_len { - self.2.set_iv_length(iv.len()).unwrap(); - } - } - - f(&mut self.2, None, Some(key), Some(iv)).unwrap(); - } - - self.2.set_padding(false); - } - - #[inline(always)] - pub fn aad(&mut self, aad: &[u8]) { - self.2.cipher_update(aad, None).unwrap(); - } - - /// Encrypt or decrypt (same operation with CTR mode) - #[inline(always)] - pub fn crypt(&mut self, input: &[u8], output: &mut [u8]) { - self.2.cipher_update(input, Some(output)).unwrap(); - } - - /// Encrypt or decrypt in place (same operation with CTR mode) - #[inline(always)] - pub fn crypt_in_place(&mut self, data: &mut [u8]) { - self.2 - .cipher_update(unsafe { &*std::slice::from_raw_parts(data.as_ptr(), data.len()) }, Some(data)) - .unwrap(); - } - - #[inline(always)] - pub fn finish_encrypt(&mut self) -> [u8; 16] { - let mut tag = [0_u8; 16]; - self.2.cipher_final(&mut tag).unwrap(); - self.2.tag(&mut tag).unwrap(); - tag - } - - #[inline(always)] - pub fn finish_decrypt(&mut self, expected_tag: &[u8]) -> bool { - if self.2.set_tag(expected_tag).is_ok() { - let result = self.2.cipher_final(&mut []).is_ok(); - result - } else { - false - } - } - } - - unsafe impl Send for AesGcm {} -} - -#[cfg(target_os = "macos")] -pub use fruit_flavored::{Aes, AesCtr, AesGcm}; - -#[cfg(not(target_os = "macos"))] -pub use openssl_aes::{Aes, AesCtr, AesGcm}; - -#[cfg(test)] -mod tests { - use super::AesGcm; - use hex_literal::hex; - use std::time::SystemTime; - - #[test] - fn quick_benchmark() { - let mut buf = [0_u8; 12345]; - for i in 1..12345 { - buf[i] = i as u8; - } - let iv = [1_u8; 12]; - - let mut c = AesGcm::new(&[1_u8; 32], true); - - let benchmark_iterations: usize = 80000; - let start = SystemTime::now(); - for _ in 0..benchmark_iterations { - c.reset_init_gcm(&iv); - c.crypt_in_place(&mut buf); - } - let duration = SystemTime::now().duration_since(start).unwrap(); - println!( - "AES-256-GCM encrypt benchmark: {} MiB/sec", - (((benchmark_iterations * buf.len()) as f64) / 1048576.0) / duration.as_secs_f64() - ); - - let mut c = AesGcm::new(&[1_u8; 32], false); - - let start = SystemTime::now(); - for _ in 0..benchmark_iterations { - c.reset_init_gcm(&iv); - c.crypt_in_place(&mut buf); - } - let duration = SystemTime::now().duration_since(start).unwrap(); - println!( - "AES-256-GCM decrypt benchmark: {} MiB/sec", - (((benchmark_iterations * buf.len()) as f64) / 1048576.0) / duration.as_secs_f64() - ); - } - - #[test] - fn aes_gcm_test_vectors() { - // Even though we are just wrapping other implementations, it's still good to test thoroughly! - for tv in NIST_AES_GCM_TEST_VECTORS.iter() { - let mut gcm = AesGcm::new(tv.key, true); - gcm.reset_init_gcm(tv.nonce); - gcm.aad(tv.aad); - let mut ciphertext = Vec::new(); - ciphertext.resize(tv.plaintext.len(), 0); - gcm.crypt(tv.plaintext, ciphertext.as_mut()); - let mut tag = gcm.finish_encrypt(); - assert!(tag.eq(tv.tag)); - assert!(ciphertext.as_slice().eq(tv.ciphertext)); - - let mut gcm = AesGcm::new(tv.key, false); - gcm.reset_init_gcm(tv.nonce); - gcm.aad(tv.aad); - let mut ct_copy = ciphertext.clone(); - gcm.crypt_in_place(ct_copy.as_mut()); - assert!(gcm.finish_decrypt(&tag)); - - gcm.reset_init_gcm(tv.nonce); - gcm.aad(tv.aad); - gcm.crypt_in_place(ciphertext.as_mut()); - tag[0] ^= 1; - assert!(!gcm.finish_decrypt(&tag)); - } - } - - struct GcmTV { - pub key: &'static K, - pub nonce: &'static [u8; 12], - pub aad: &'static [u8], - pub plaintext: &'static [u8], - pub ciphertext: &'static [u8], - pub tag: &'static [u8; 16], - } - - /// - const NIST_AES_GCM_TEST_VECTORS: &[GcmTV<[u8; 32]>] = &[ - GcmTV { - key: &hex!("b52c505a37d78eda5dd34f20c22540ea1b58963cf8e5bf8ffa85f9f2492505b4"), - nonce: &hex!("516c33929df5a3284ff463d7"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("bdc1ac884d332457a1d2664f168c76f0"), - }, - GcmTV { - key: &hex!("5fe0861cdc2690ce69b3658c7f26f8458eec1c9243c5ba0845305d897e96ca0f"), - nonce: &hex!("770ac1a5a3d476d5d96944a1"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("196d691e1047093ca4b3d2ef4baba216"), - }, - GcmTV { - key: &hex!("7620b79b17b21b06d97019aa70e1ca105e1c03d2a0cf8b20b5a0ce5c3903e548"), - nonce: &hex!("60f56eb7a4b38d4f03395511"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("f570c38202d94564bab39f75617bc87a"), - }, - GcmTV { - key: &hex!("7e2db00321189476d144c5f27e787087302a48b5f7786cd91e93641628c2328b"), - nonce: &hex!("ea9d525bf01de7b2234b606a"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("db9df5f14f6c9f2ae81fd421412ddbbb"), - }, - GcmTV { - key: &hex!("a23dfb84b5976b46b1830d93bcf61941cae5e409e4f5551dc684bdcef9876480"), - nonce: &hex!("5aa345908048de10a2bd3d32"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("f28217649230bd7a40a9a4ddabc67c43"), - }, - GcmTV { - key: &hex!("dfe928f86430b78add7bb7696023e6153d76977e56103b180253490affb9431c"), - nonce: &hex!("1dd0785af9f58979a10bd62d"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("a55eb09e9edef58d9f671d72207f8b3c"), - }, - GcmTV { - key: &hex!("34048db81591ee68224956bd6989e1630fcf068d7ff726ae81e5b29f548cfcfb"), - nonce: &hex!("1621d34cff2a5b250c7b76fc"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("4992ec3d57cccfa58fd8916c59b70b11"), - }, - GcmTV { - key: &hex!("a1114f8749c72b8cef62e7503f1ad921d33eeede32b0b5b8e0d6807aa233d0ad"), - nonce: &hex!("a190ed3ff2e238be56f90bd6"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("c8464d95d540fb191156fbbc1608842a"), - }, - GcmTV { - key: &hex!("ddbb99dc3102d31102c0e14b238518605766c5b23d9bea52c7c5a771042c85a0"), - nonce: &hex!("95d15ed75c6a109aac1b1d86"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("813d1da3775cacd78e96d86f036cff96"), - }, - GcmTV { - key: &hex!("1faa506b8f13a2e6660af78d92915adf333658f748f4e48fa20135a29e9abe5f"), - nonce: &hex!("e50f278d3662c99d750f60d3"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("aec7ece66b7344afd6f6cc7419cf6027"), - }, - GcmTV { - key: &hex!("f30b5942faf57d4c13e7a82495aedf1b4e603539b2e1599317cc6e53225a2493"), - nonce: &hex!("336c388e18e6abf92bb739a9"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("ddaf8ef4cb2f8a6d401f3be5ff0baf6a"), - }, - GcmTV { - key: &hex!("daf4d9c12c5d29fc3fa936532c96196e56ae842e47063a4b29bfff2a35ed9280"), - nonce: &hex!("5381f21197e093b96cdac4fa"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("7f1832c7f7cd7812a004b79c3d399473"), - }, - GcmTV { - key: &hex!("6b524754149c81401d29a4b8a6f4a47833372806b2d4083ff17f2db3bfc17bca"), - nonce: &hex!("ac7d3d618ab690555ec24408"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("db07a885e2bd39da74116d06c316a5c9"), - }, - GcmTV { - key: &hex!("cff083303ff40a1f66c4aed1ac7f50628fe7e9311f5d037ebf49f4a4b9f0223f"), - nonce: &hex!("45d46e1baadcfbc8f0e922ff"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("1687c6d459ea481bf88e4b2263227906"), - }, - GcmTV { - key: &hex!("3954f60cddbb39d2d8b058adf545d5b82490c8ae9283afa5278689041d415a3a"), - nonce: &hex!("8fb3d98ef24fba03746ac84f"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("7fb130855dfe7a373313361f33f55237"), - }, - GcmTV { - key: &hex!("78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"), - nonce: &hex!("d79cf22d504cc793c3fb6c8a"), - plaintext: b"", - aad: &hex!("b96baa8c1c75a671bfb2d08d06be5f36"), - ciphertext: b"", - tag: &hex!("3e5d486aa2e30b22e040b85723a06e76"), - }, - GcmTV { - key: &hex!("4457ff33683cca6ca493878bdc00373893a9763412eef8cddb54f91318e0da88"), - nonce: &hex!("699d1f29d7b8c55300bb1fd2"), - plaintext: b"", - aad: &hex!("6749daeea367d0e9809e2dc2f309e6e3"), - ciphertext: b"", - tag: &hex!("d60c74d2517fde4a74e0cd4709ed43a9"), - }, - GcmTV { - key: &hex!("4d01c96ef9d98d4fb4e9b61be5efa772c9788545b3eac39eb1cacb997a5f0792"), - nonce: &hex!("32124a4d9e576aea2589f238"), - plaintext: b"", - aad: &hex!("d72bad0c38495eda50d55811945ee205"), - ciphertext: b"", - tag: &hex!("6d6397c9e2030f5b8053bfe510f3f2cf"), - }, - GcmTV { - key: &hex!("8378193a4ce64180814bd60591d1054a04dbc4da02afde453799cd6888ee0c6c"), - nonce: &hex!("bd8b4e352c7f69878a475435"), - plaintext: b"", - aad: &hex!("1c6b343c4d045cbba562bae3e5ff1b18"), - ciphertext: b"", - tag: &hex!("0833967a6a53ba24e75c0372a6a17bda"), - }, - GcmTV { - key: &hex!("22fc82db5b606998ad45099b7978b5b4f9dd4ea6017e57370ac56141caaabd12"), - nonce: &hex!("880d05c5ee599e5f151e302f"), - plaintext: b"", - aad: &hex!("3e3eb5747e390f7bc80e748233484ffc"), - ciphertext: b"", - tag: &hex!("2e122a478e64463286f8b489dcdd09c8"), - }, - GcmTV { - key: &hex!("fc00960ddd698d35728c5ac607596b51b3f89741d14c25b8badac91976120d99"), - nonce: &hex!("a424a32a237f0df530f05e30"), - plaintext: b"", - aad: &hex!("cfb7e05e3157f0c90549d5c786506311"), - ciphertext: b"", - tag: &hex!("dcdcb9e4004b852a0da12bdf255b4ddd"), - }, - GcmTV { - key: &hex!("69749943092f5605bf971e185c191c618261b2c7cc1693cda1080ca2fd8d5111"), - nonce: &hex!("bd0d62c02ee682069bd1e128"), - plaintext: b"", - aad: &hex!("6967dce878f03b643bf5cdba596a7af3"), - ciphertext: b"", - tag: &hex!("378f796ae543e1b29115cc18acd193f4"), - }, - GcmTV { - key: &hex!("fc4875db84819834b1cb43828d2f0ae3473aa380111c2737e82a9ab11fea1f19"), - nonce: &hex!("da6a684d3ff63a2d109decd6"), - plaintext: b"", - aad: &hex!("91b6fa2ab4de44282ffc86c8cde6e7f5"), - ciphertext: b"", - tag: &hex!("504e81d2e7877e4dad6f31cdeb07bdbd"), - }, - GcmTV { - key: &hex!("9f9fe7d2a26dcf59d684f1c0945b5ffafe0a4746845ed317d35f3ed76c93044d"), - nonce: &hex!("13b59971cd4dd36b19ac7104"), - plaintext: b"", - aad: &hex!("190a6934f45f89c90067c2f62e04c53b"), - ciphertext: b"", - tag: &hex!("4f636a294bfbf51fc0e131d694d5c222"), - }, - GcmTV { - key: &hex!("ab9155d7d81ba6f33193695cf4566a9b6e97a3e409f57159ae6ca49655cca071"), - nonce: &hex!("26a9f8d665d163ddb92d035d"), - plaintext: b"", - aad: &hex!("4a203ac26b951a1f673c6605653ec02d"), - ciphertext: b"", - tag: &hex!("437ea77a3879f010691e288d6269a996"), - }, - GcmTV { - key: &hex!("0f1c62dd80b4a6d09ee9d787b1b04327aa361529ffa3407560414ac47b7ef7bc"), - nonce: &hex!("c87613a3b70d2a048f32cb9a"), - plaintext: b"", - aad: &hex!("8f23d404be2d9e888d219f1b40aa29e8"), - ciphertext: b"", - tag: &hex!("36d8a309acbb8716c9c08c7f5de4911e"), - }, - GcmTV { - key: &hex!("f3e954a38956df890255f01709e457b33f4bfe7ecb36d0ee50f2500471eebcde"), - nonce: &hex!("9799abd3c52110c704b0f36a"), - plaintext: b"", - aad: &hex!("ddb70173f44157755b6c9b7058f40cb7"), - ciphertext: b"", - tag: &hex!("b323ae3abcb415c7f420876c980f4858"), - }, - GcmTV { - key: &hex!("0625316534fbd82fe8fdea50fa573c462022c42f79e8b21360e5a6dce66dde28"), - nonce: &hex!("da64a674907cd6cf248f5fbb"), - plaintext: b"", - aad: &hex!("f24d48e04f5a0d987ba7c745b73b0364"), - ciphertext: b"", - tag: &hex!("df360b810f27e794673a8bb2dc0d68b0"), - }, - GcmTV { - key: &hex!("28f045ac7c4fe5d4b01a9dcd5f1ad3efff1c4f170fc8ab8758d97292868d5828"), - nonce: &hex!("5d85de95b0bdc44514143919"), - plaintext: b"", - aad: &hex!("601d2158f17ab3c7b4dcb6950fbdcdde"), - ciphertext: b"", - tag: &hex!("42c3f527418cf2c3f5d5010ccba8f271"), - }, - GcmTV { - key: &hex!("19310eed5f5f44eb47075c105eb31e36bbfd1310f741b9baa66a81138d357242"), - nonce: &hex!("a1247120138fa4f0e96c992c"), - plaintext: b"", - aad: &hex!("29d746414333e0f72b4c3f44ec6bfe42"), - ciphertext: b"", - tag: &hex!("d5997e2f956df3fa2c2388e20f30c480"), - }, - GcmTV { - key: &hex!("886cff5f3e6b8d0e1ad0a38fcdb26de97e8acbe79f6bed66959a598fa5047d65"), - nonce: &hex!("3a8efa1cd74bbab5448f9945"), - plaintext: b"", - aad: &hex!("519fee519d25c7a304d6c6aa1897ee1eb8c59655"), - ciphertext: b"", - tag: &hex!("f6d47505ec96c98a42dc3ae719877b87"), - }, - GcmTV { - key: &hex!("6937a57d35fe6dc3fc420b123bccdce874bd4c18f2e7c01ce2faf33d3944fd9d"), - nonce: &hex!("a87247797b758467b96310f3"), - plaintext: b"", - aad: &hex!("ead961939a33dd578f8e93db8b28a1c85362905f"), - ciphertext: b"", - tag: &hex!("599de3ecf22cb867f03f7f6d9fd7428a"), - }, - GcmTV { - key: &hex!("e65a331776c9dcdf5eba6c59e05ec079d97473bcdce84daf836be323456263a0"), - nonce: &hex!("ca731f768da01d02eb8e727e"), - plaintext: b"", - aad: &hex!("d7274586517bf1d8da866f4a47ad0bcf2948a862"), - ciphertext: b"", - tag: &hex!("a8abe7a8085f25130a7206d37a8aaf6d"), - }, - GcmTV { - key: &hex!("77bb1b6ef898683c981b2fc899319ffbb6000edca22566b634db3a3c804059e5"), - nonce: &hex!("354a19283769b3b991b05a4c"), - plaintext: b"", - aad: &hex!("b5566251a8a8bec212dc08113229ff8590168800"), - ciphertext: b"", - tag: &hex!("e5c2dccf8fc7f296cac95d7071cb8d7d"), - }, - GcmTV { - key: &hex!("2a43308d520a59ed51e47a3a915e1dbf20a91f0886506e481ad3de65d50975b4"), - nonce: &hex!("bcbf99733d8ec90cb23e6ce6"), - plaintext: b"", - aad: &hex!("eb88288729289d26fe0e757a99ad8eec96106053"), - ciphertext: b"", - tag: &hex!("01b0196933aa49123eab4e1571250383"), - }, - GcmTV { - key: &hex!("2379b35f85102db4e7aecc52b705bc695d4768d412e2d7bebe999236783972ff"), - nonce: &hex!("918998c4801037b1cd102faa"), - plaintext: b"", - aad: &hex!("b3722309e0f066225e8d1659084ebb07a93b435d"), - ciphertext: b"", - tag: &hex!("dfb18aee99d1f67f5748d4b4843cb649"), - }, - GcmTV { - key: &hex!("98b3cb7537167e6d14a2a8b2310fe94b715c729fdf85216568150b556d0797ba"), - nonce: &hex!("bca5e2e5a6b30f18d263c6b2"), - plaintext: b"", - aad: &hex!("260d3d72db70d677a4e3e1f3e11431217a2e4713"), - ciphertext: b"", - tag: &hex!("d6b7560f8ac2f0a90bad42a6a07204bc"), - }, - GcmTV { - key: &hex!("30341ae0f199b10a15175d00913d5029526ab7f761c0b936a7dd5f1b1583429d"), - nonce: &hex!("dbe109a8ce5f7b241e99f7af"), - plaintext: b"", - aad: &hex!("fe4bdee5ca9c4806fa024715fbf66ab845285fa7"), - ciphertext: b"", - tag: &hex!("ae91daed658e26c0d126575147af9899"), - }, - GcmTV { - key: &hex!("8232b6a1d2e367e9ce1ea8d42fcfc83a4bc8bdec465c6ba326e353ad9255f207"), - nonce: &hex!("cd2fb5ff9cf0f39868ad8685"), - plaintext: b"", - aad: &hex!("02418b3dde54924a9628de06004c0882ae4ec3bb"), - ciphertext: b"", - tag: &hex!("d5308f63708675ced19b2710afd2db49"), - }, - GcmTV { - key: &hex!("f9a132a50a508145ffd8294e68944ea436ce0f9a97e181f5e0d6c5d272311fc1"), - nonce: &hex!("892991b54e94b9d57442ccaf"), - plaintext: b"", - aad: &hex!("4e0fbd3799da250fa27911b7e68d7623bfe60a53"), - ciphertext: b"", - tag: &hex!("89881d5f786e6d53e0d19c3b4e6887d8"), - }, - GcmTV { - key: &hex!("0e3746e5064633ea9311b2b8427c536af92717de20eeb6260db1333c3d8a8114"), - nonce: &hex!("f84c3a1c94533f7f25cec0ac"), - plaintext: b"", - aad: &hex!("8c0d41e6135338c8d3e63e2a5fa0a9667ec9a580"), - ciphertext: b"", - tag: &hex!("479ccfe9241de2c474f2edebbb385c09"), - }, - GcmTV { - key: &hex!("b997e9b0746abaaed6e64b63bdf64882526ad92e24a2f5649df055c9ec0f1daa"), - nonce: &hex!("f141d8d71b033755022f0a7d"), - plaintext: b"", - aad: &hex!("681d6583f527b1a92f66caae9b1d4d028e2e631e"), - ciphertext: b"", - tag: &hex!("b30442a6395ec13246c48b21ffc65509"), - }, - GcmTV { - key: &hex!("87660ec1700d4e9f88a323a49f0b871e6aaf434a2d8448d04d4a22f6561028e0"), - nonce: &hex!("2a07b42593cd24f0a6fe406c"), - plaintext: b"", - aad: &hex!("1dd239b57185b7e457ced73ebba043057f049edd"), - ciphertext: b"", - tag: &hex!("df7a501049b37a534098cb45cb9c21b7"), - }, - GcmTV { - key: &hex!("ea4792e1f1717b77a00de4d109e627549b165c82af35f33ca7e1a6b8ed62f14f"), - nonce: &hex!("7453cc8b46fe4b93bcc48381"), - plaintext: b"", - aad: &hex!("46d98970a636e7cd7b76fc362ae88298436f834f"), - ciphertext: b"", - tag: &hex!("518dbacd36be6fba5c12871678a55516"), - }, - GcmTV { - key: &hex!("34892cdd1d48ca166f7ba73182cb97336c2c754ac160a3e37183d6fb5078cec3"), - nonce: &hex!("ed3198c5861b78c71a6a4eec"), - plaintext: b"", - aad: &hex!("a6fa6d0dd1e0b95b4609951bbbe714de0ae0ccfa"), - ciphertext: b"", - tag: &hex!("c6387795096b348ecf1d1f6caaa3c813"), - }, - GcmTV { - key: &hex!("f4069bb739d07d0cafdcbc609ca01597f985c43db63bbaaa0debbb04d384e49c"), - nonce: &hex!("d25ff30fdc3d464fe173e805"), - plaintext: b"", - aad: &hex!("3e1449c4837f0892f9d55127c75c4b25d69be334baf5f19394d2d8bb460cbf2120e14736d0f634aa792feca20e455f11"), - ciphertext: b"", - tag: &hex!("805ec2931c2181e5bfb74fa0a975f0cf"), - }, - GcmTV { - key: &hex!("62189dcc4beb97462d6c0927d8a270d39a1b07d72d0ad28840badd4f68cf9c8b"), - nonce: &hex!("859fda5247c888823a4b8032"), - plaintext: b"", - aad: &hex!("b28d1621ee110f4c9d709fad764bba2dd6d291bc003748faac6d901937120d41c1b7ce67633763e99e05c71363fceca8"), - ciphertext: b"", - tag: &hex!("27330907d0002880bbb4c1a1d23c0be2"), - }, - GcmTV { - key: &hex!("59012d85a1b90aeb0359e6384c9991e7be219319f5b891c92c384ade2f371816"), - nonce: &hex!("3c9cde00c23912cff9689c7c"), - plaintext: b"", - aad: &hex!("e5daf473a470860b55210a483c0d1a978d8add843c2c097f73a3cda49ac4a614c8e887d94e6692309d2ed97ebe1eaf5d"), - ciphertext: b"", - tag: &hex!("048239e4e5c2c8b33890a7c950cda852"), - }, - GcmTV { - key: &hex!("4be09b408ad68b890f94be5efa7fe9c917362712a3480c57cd3844935f35acb7"), - nonce: &hex!("8f350bd3b8eea173fc7370bc"), - plaintext: b"", - aad: &hex!("2819d65aec942198ca97d4435efd9dd4d4393b96cf5ba44f09bce4ba135fc8636e8275dcb515414b8befd32f91fc4822"), - ciphertext: b"", - tag: &hex!("a133cb7a7d0471dbac61fb41589a2efe"), - }, - GcmTV { - key: &hex!("13cb965a4d9d1a36efad9f6ca1ba76386a5bb160d80b0917277102357ac7afc8"), - nonce: &hex!("f313adec42a66d13c3958180"), - plaintext: b"", - aad: &hex!("717b48358898e5ccfea4289049adcc1bb0db3b3ebd1767ac24fb2b7d37dc80ea2316c17f14fb51b5e18cd5bb09afe414"), - ciphertext: b"", - tag: &hex!("81b4ef7a84dc4a0b1fddbefe37f53852"), - }, - GcmTV { - key: &hex!("d27f1bebbbdef0edca393a6261b0338abbc491262eab0737f55246458f6668cc"), - nonce: &hex!("fc062f857886e278f3a567d2"), - plaintext: b"", - aad: &hex!("2bae92dea64aa99189de8ea4c046745306002e02cfb46a41444ce8bfcc329bd4205963d9ab5357b026a4a34b1a861771"), - ciphertext: b"", - tag: &hex!("5c5a6c4613f1e522596330d45f243fdd"), - }, - GcmTV { - key: &hex!("7b4d19cd3569f74c7b5df61ab78379ee6bfa15105d21b10bf6096699539006d0"), - nonce: &hex!("fbed5695c4a739eded97b1e3"), - plaintext: b"", - aad: &hex!("c6f2e5d663bfaf668d014550ef2e66bf89978799a785f1f2c79a2cb3eb3f2fd4076207d5f7e1c284b4af5cffc4e46198"), - ciphertext: b"", - tag: &hex!("7101b434fb90c7f95b9b7a0deeeb5c81"), - }, - GcmTV { - key: &hex!("d3431488d8f048590bd76ec66e71421ef09f655d7cf8043bf32f75b4b2e7efcc"), - nonce: &hex!("cc766e98b40a81519fa46392"), - plaintext: b"", - aad: &hex!("93320179fdb40cbc1ccf00b872a3b4a5f6c70b56e43a84fcac5eb454a0a19a747d452042611bf3bbaafd925e806ffe8e"), - ciphertext: b"", - tag: &hex!("3afcc336ce8b7191eab04ad679163c2a"), - }, - GcmTV { - key: &hex!("a440948c0378561c3956813c031f81573208c7ffa815114ef2eee1eb642e74c6"), - nonce: &hex!("c1f4ffe54b8680832eed8819"), - plaintext: b"", - aad: &hex!("253438f132b18e8483074561898c5652b43a82cc941e8b4ae37e792a8ed6ec5ce2bcec9f1ffcf4216e46696307bb774a"), - ciphertext: b"", - tag: &hex!("129445f0a3c979a112a3afb10a24e245"), - }, - GcmTV { - key: &hex!("798706b651033d9e9bf2ce064fb12be7df7308cf45df44776588cd391c49ff85"), - nonce: &hex!("5a43368a39e7ffb775edfaf4"), - plaintext: b"", - aad: &hex!("926b74fe6381ebd35757e42e8e557601f2287bfc133a13fd86d61c01aa84f39713bf99a8dc07b812f0274c9d3280a138"), - ciphertext: b"", - tag: &hex!("89fe481a3d95c03a0a9d4ee3e3f0ed4a"), - }, - GcmTV { - key: &hex!("c3aa2a39a9fef4a466618d1288bb62f8da7b1cb760ccc8f1be3e99e076f08eff"), - nonce: &hex!("9965ba5e23d9453d7267ca5b"), - plaintext: b"", - aad: &hex!("93efb6a2affc304cb25dfd49aa3e3ccdb25ceac3d3cea90dd99e38976978217ad5f2b990d10b91725c7fd2035ecc6a30"), - ciphertext: b"", - tag: &hex!("00a94c18a4572dcf4f9e2226a03d4c07"), - }, - GcmTV { - key: &hex!("14e06858008f7e77186a2b3a7928a0c7fcee22136bc36f53553f20fa5c37edcd"), - nonce: &hex!("32ebe0dc9ada849b5eda7b48"), - plaintext: b"", - aad: &hex!("6c0152abfa485b8cd67c154a5f0411f22121379774d745f40ee577b028fd0e188297581561ae972223d75a24b488aed7"), - ciphertext: b"", - tag: &hex!("2625b0ba6ee02b58bc529e43e2eb471b"), - }, - GcmTV { - key: &hex!("fbb56b11c51a093ce169a6990399c4d741f62b3cc61f9e8a609a1b6ae8e7e965"), - nonce: &hex!("9c5a953247e91aceceb9defb"), - plaintext: b"", - aad: &hex!("46cb5c4f617916a9b1b2e03272cb0590ce716498533047d73c81e4cbe9278a3686116f5632753ea2df52efb3551aea2d"), - ciphertext: b"", - tag: &hex!("4f3b82e6be4f08756071f2c46c31fedf"), - }, - GcmTV { - key: &hex!("b303bf02f6a8dbb5bc4baccab0800db5ee06de648e2fae299b95f135c9b107cc"), - nonce: &hex!("906495b67ef4ce00b44422fa"), - plaintext: b"", - aad: &hex!("872c6c370926535c3fa1baec031e31e7c6c82808c8a060742dbef114961c314f1986b2131a9d91f30f53067ec012c6b7"), - ciphertext: b"", - tag: &hex!("64dde37169082d181a69107f60c5c6bb"), - }, - GcmTV { - key: &hex!("29f5f8075903063cb6d7050669b1f74e08a3f79ef566292dfdef1c06a408e1ab"), - nonce: &hex!("35f25c48b4b5355e78b9fb3a"), - plaintext: b"", - aad: &hex!("107e2e23159fc5c0748ca7a077e5cc053fa5c682ff5269d350ee817f8b5de4d3972041d107b1e2f2e54ca93b72cd0408"), - ciphertext: b"", - tag: &hex!("fee5a9baebb5be0165deaa867e967a9e"), - }, - GcmTV { - key: &hex!("03ccb7dbc7b8425465c2c3fc39ed0593929ffd02a45ff583bd89b79c6f646fe9"), - nonce: &hex!("fd119985533bd5520b301d12"), - plaintext: b"", - aad: &hex!("98e68c10bf4b5ae62d434928fc6405147c6301417303ef3a703dcfd2c0c339a4d0a89bd29fe61fecf1066ab06d7a5c31a48ffbfed22f749b17e9bd0dc1c6f8fbd6fd4587184db964d5456132106d782338c3f117ec05229b0899"), - ciphertext: b"", - tag: &hex!("cf54e7141349b66f248154427810c87a"), - }, - GcmTV { - key: &hex!("57e112cd45f2c57ddb819ea651c206763163ef016ceead5c4eae40f2bbe0e4b4"), - nonce: &hex!("188022c2125d2b1fcf9e4769"), - plaintext: b"", - aad: &hex!("09c8f445ce5b71465695f838c4bb2b00624a1c9185a3d552546d9d2ee4870007aaf3007008f8ae9affb7588b88d09a90e58b457f88f1e3752e3fb949ce378670b67a95f8cf7f5c7ceb650efd735dbc652cae06e546a5dbd861bd"), - ciphertext: b"", - tag: &hex!("9efcddfa0be21582a05749f4050d29fe"), - }, - GcmTV { - key: &hex!("a4ddf3cab7453aaefad616fd65d63d13005e9459c17d3173cd6ed7f2a86c921f"), - nonce: &hex!("06177b24c58f3be4f3dd4920"), - plaintext: b"", - aad: &hex!("f95b046d80485e411c56b834209d3abd5a8a9ddf72b1b916679adfdde893044315a5f4967fd0405ec297aa332f676ff0fa5bd795eb609b2e4f088db1cdf37ccff0735a5e53c4c12173a0026aea42388a7d7153a8830b8a901cf9"), - ciphertext: b"", - tag: &hex!("9d1bd8ecb3276906138d0b03fcb8c1bb"), - }, - GcmTV { - key: &hex!("24a92b24e85903cd4aaabfe07c310df5a4f8f459e03a63cbd1b47855b09c0be8"), - nonce: &hex!("22e756dc898d4cf122080612"), - plaintext: b"", - aad: &hex!("2e01b2536dbe376be144296f5c38fb099e008f962b9f0e896334b6408393bff1020a0e442477abfdb1727213b6ccc577f5e16cb057c8945a07e307264b65979aed96b5995f40250ffbaaa1a1f0eccf394015f6290f5e64dfe5ca"), - ciphertext: b"", - tag: &hex!("0d7f1aed4708a03b0c80b2a18785c96d"), - }, - GcmTV { - key: &hex!("15276fc64438578e0ec53366b90a0e23d93910fec10dc3003d9b3f3fa72db702"), - nonce: &hex!("c5e931946d5caebc227656d2"), - plaintext: b"", - aad: &hex!("3f967c83ba02e77c14e9d41185eb87f172250e93edb0f82b6742c124298ab69418358eddefa39fedc3cade9d80f036d864a59ead37c87727c56c701a8cd9634469ff31c704f5ee39354157e6558467b92824da36b1c071bedfe9"), - ciphertext: b"", - tag: &hex!("a0ffa19adcf31d061cd0dd46d24015ef"), - }, - GcmTV { - key: &hex!("ec09804a048bb854c71618b5a3a1c590910fc8a68455139b719486d2280ea59a"), - nonce: &hex!("d0b1247e7121a9276ac18ca3"), - plaintext: b"", - aad: &hex!("66b1d39d414596308e866b04476e053b71acd1cd07ce80939577ebbeace0430f7e4c0c185fe1d97ac7569950c83db40bbed0f1d173e1aa0dc28b4773705032d97551f7fcef7f55e4b69f88df650032dfc5232c156641104b5397"), - ciphertext: b"", - tag: &hex!("8440e6d864ab778f9be478f203162d86"), - }, - GcmTV { - key: &hex!("4adf86bfa547725e4b80365a5a327c107040facfff007dc35102066bd6a995c4"), - nonce: &hex!("b1018cc331911255a55a0795"), - plaintext: b"", - aad: &hex!("053ca4428c990b4456d3c1895d5d52deff675896de9faa53d8cf241255f4a31dc3399f15d83be380256616e5af043abfb37552655adf4f2e68dda24bc3736951134f359d9c0e288bb798b6c3ea46239231a3cb280066db9862e7"), - ciphertext: b"", - tag: &hex!("c7424f38084930bfc5edc1fcf1e7608d"), - }, - GcmTV { - key: &hex!("3c92e0d1e39a3c766573c4646c768c402ccff48a56682a93433512abf0456e00"), - nonce: &hex!("d57f319e590191841d2b98bd"), - plaintext: b"", - aad: &hex!("840d9394aa240e52ba152151c12acd1cd44881e8549dc832b71a45da7efcc74fb7e844d9fec25e5d497b8fb8f47f328c8d99045a19e366e6ce5e19dc26f67a81a94fa6c97c314d886e7b56eff144c09f6fa519db6308bc73422e"), - ciphertext: b"", - tag: &hex!("cb4ef72dbda4914d7434f9686f823e2f"), - }, - GcmTV { - key: &hex!("b66ba39733888a9e0a2e30452844161dc33cb383c02ce16c4efad5452509b5b5"), - nonce: &hex!("937cb665e37059b2e40359f2"), - plaintext: b"", - aad: &hex!("dbcd9694a8834860034e8ede3a5bd419fcf91c005ad99f488aa623f581622093f9d41e6a68e20fd202f302bcfc4417ca89090bfcd4d5224e8ff4eb5bbae4ecb27baa239f59c2f99cd47c0a269c497906b41a8f320a3dd2dc2de2"), - ciphertext: b"", - tag: &hex!("bdc8249302d9d666cf7168317c118743"), - }, - GcmTV { - key: &hex!("2f9fcd1043455695638c991a1b1d35ad57c18ef0727322747b7991abc3d787f3"), - nonce: &hex!("d06cf548f62869f4bed7a318"), - plaintext: b"", - aad: &hex!("432023c12cf1f614e1005112a17dbe6c5d54022a95cf6335a5bc55004c75f09a5699739ecf928e1c78d03dad5096a17a084afe1cc22041bbdfb5985bd08b0dcc59d2b08cd86b7aad597c4cd7b4ba6d6a7370b83995a6511a1f9e"), - ciphertext: b"", - tag: &hex!("322eb84fb6884f10cfb766c2e3ec779e"), - }, - GcmTV { - key: &hex!("21c5839a63e1230c06b086341c96ab74585e69bced94332caeb1fa77d510c24f"), - nonce: &hex!("5ab6e5ed6ee733be7250858c"), - plaintext: b"", - aad: &hex!("c92f08e30f67d42516133c48e97b65cc9e124365e110aba5e7b2cbe83debcc99edf4eb0007af052bda22d85900271b1897af4fd9ace6a2d09d984ac3de79d05de0b105a81b12542b2c48e27d409fd6992dd062d6055d6fc66842"), - ciphertext: b"", - tag: &hex!("53b0e450309d146459f2a1e46c9d9e23"), - }, - GcmTV { - key: &hex!("25a144f0fdba184125d81a87e7ed82fad33c701a094a67a81fe4692dc69afa31"), - nonce: &hex!("8bf575c5c2b45b4efc6746e4"), - plaintext: b"", - aad: &hex!("2a367cb0d3b7c5b8320b3cf95e82b6ba0bba1d09a2055885dedd9ef5641623682212103238b8f775cce42ddfd4f66382f2c3a5e8d6dff9163ced83580a75705574026b55db90f75f8abb3014c9a707021dedc075da38bebbf0a0"), - ciphertext: b"", - tag: &hex!("0e2ce9cac8dfcedb0572ec6cab621efd"), - }, - GcmTV { - key: &hex!("42bc841b3b03a807cd366a35ecec8a6aebef7c4cba0ec8cb8da0da41df8ccef1"), - nonce: &hex!("1bd46f85df5f4b3a126ee315"), - plaintext: b"", - aad: &hex!("ede3dcddbdc7d8e5d034c01661332ec349cb4e7a9fbaaf7abe2c647587db86cd427ce66908e070bc49ef838747e06b45ac486dfbea6f8698b4625e21e69db8327ec05cfd74accbe67ab644948cdb554af179a1e264e08fe16641"), - ciphertext: b"", - tag: &hex!("633ab6aaf5b32b53a794f6be6262fc5f"), - }, - GcmTV { - key: &hex!("c25b8500be73210596fc4a9fb4d84d1a3379a91e3f0a6cc4177d996046627679"), - nonce: &hex!("b56c48c0c4cd318b20437002"), - plaintext: b"", - aad: &hex!("bcd14dd043fdc8c327957e1c1428698543ec8602521a7c74788d296d37d4828f10f90656883d2531c702ebda2dc0a68dab00154577454455fad986ff8e0973098dbf370ff703ed98222b945726ed9be7909210ddbc672e99fdd9"), - ciphertext: b"", - tag: &hex!("8171d4ff60fe7ef6de0288326aa73223"), - }, - GcmTV { - key: &hex!("dd95259bc8eefa3e493cb1a6ba1d8ee2b341d5230d50363094a2cc3433b3d9b9"), - nonce: &hex!("a1a6ced084f4f13990750a9e"), - plaintext: b"", - aad: &hex!("d46db90e13684b26149cb3b7f776e228a0538fa1892c418aaad07aa08d3076f4a52bee8f130ff560db2b8d1009e9260fa6233fc22733e050c9e4f7cc699062765e261dffff1159e9060b26c8065dfab04055b58c82c340d987c9"), - ciphertext: b"", - tag: &hex!("9e120b01899fe2cb3e3a0b0c05045940"), - }, - GcmTV { - key: &hex!("31bdadd96698c204aa9ce1448ea94ae1fb4a9a0b3c9d773b51bb1822666b8f22"), - nonce: &hex!("0d18e06c7c725ac9e362e1ce"), - plaintext: &hex!("2db5168e932556f8089a0622981d017d"), - aad: b"", - ciphertext: &hex!("fa4362189661d163fcd6a56d8bf0405a"), - tag: &hex!("d636ac1bbedd5cc3ee727dc2ab4a9489"), - }, - GcmTV { - key: &hex!("460fc864972261c2560e1eb88761ff1c992b982497bd2ac36c04071cbb8e5d99"), - nonce: &hex!("8a4a16b9e210eb68bcb6f58d"), - plaintext: &hex!("99e4e926ffe927f691893fb79a96b067"), - aad: b"", - ciphertext: &hex!("133fc15751621b5f325c7ff71ce08324"), - tag: &hex!("ec4e87e0cf74a13618d0b68636ba9fa7"), - }, - GcmTV { - key: &hex!("f78a2ba3c5bd164de134a030ca09e99463ea7e967b92c4b0a0870796480297e5"), - nonce: &hex!("2bb92fcb726c278a2fa35a88"), - plaintext: &hex!("f562509ed139a6bbe7ab545ac616250c"), - aad: b"", - ciphertext: &hex!("e2f787996e37d3b47294bf7ebba5ee25"), - tag: &hex!("00f613eee9bdad6c9ee7765db1cb45c0"), - }, - GcmTV { - key: &hex!("48e6af212da1386500454c94a201640c2151b28079240e40d72d2a5fd7d54234"), - nonce: &hex!("ef0ff062220eb817dc2ece94"), - plaintext: &hex!("c7afeecec1408ad155b177c2dc7138b0"), - aad: b"", - ciphertext: &hex!("9432a620e6a22307e06a321d66846fd4"), - tag: &hex!("e3ea499192f2cd8d3ab3edfc55897415"), - }, - GcmTV { - key: &hex!("79cd8d750fc8ea62a2714edcd9b32867c7c4da906c56e23a644552f5b812e75a"), - nonce: &hex!("9bbfdb81015d2b57dead2de5"), - plaintext: &hex!("f980ad8c55ebd31ee6f98f44e92bff55"), - aad: b"", - ciphertext: &hex!("41a34d1e759c859e91b8cf5d3ded1970"), - tag: &hex!("68cd98406d5b322571e750c30aa49834"), - }, - GcmTV { - key: &hex!("130ae450c18efb851057aaa79575a0a090194be8b2c95469a0e8e380a8f48f42"), - nonce: &hex!("b269115396f81b39e0c38f47"), - plaintext: &hex!("036cf36280dee8355c82abc4c1fdb778"), - aad: b"", - ciphertext: &hex!("09f7568fd8181652e556f0dda5a49ed5"), - tag: &hex!("d10b61947cae275b7034f5259ba6fc28"), - }, - GcmTV { - key: &hex!("9c7121289aefc67090cabed53ad11658be72a5372761b9d735e81d2bfc0e3267"), - nonce: &hex!("ade1702d2051b8dd203b5419"), - plaintext: &hex!("b95bcaa2b31403d76859a4c301c50b56"), - aad: b"", - ciphertext: &hex!("628285e6489090dde1b9a60674785003"), - tag: &hex!("9f516af3f3b93d610edbc5ba6e2d115f"), - }, - GcmTV { - key: &hex!("0400b42897011fc20fd2280a52ef905d6ebf1b055b48c97067bd786d678ec4ea"), - nonce: &hex!("0abfb0a41496b453358409d9"), - plaintext: &hex!("20c8230191e35f4e9b269d59cf5521f6"), - aad: b"", - ciphertext: &hex!("dd8c38087daffbbb3ebb57ebf5ee5f78"), - tag: &hex!("bfb07aa5049ee350ec6fb1397f37087b"), - }, - GcmTV { - key: &hex!("56690798978c154ff250ba78e463765f2f0ce69709a4551bd8cb3addeda087b6"), - nonce: &hex!("cf37c286c18ad4ea3d0ba6a0"), - plaintext: &hex!("2d328124a8d58d56d0775eed93de1a88"), - aad: b"", - ciphertext: &hex!("3b0a0267f6ecde3a78b30903ebd4ca6e"), - tag: &hex!("1fd2006409fc636379f3d4067eca0988"), - }, - GcmTV { - key: &hex!("8a02a33bdf87e7845d7a8ae3c8727e704f4fd08c1f2083282d8cb3a5d3cedee9"), - nonce: &hex!("599f5896851c968ed808323b"), - plaintext: &hex!("4ade8b32d56723fb8f65ce40825e27c9"), - aad: b"", - ciphertext: &hex!("cb9133796b9075657840421a46022b63"), - tag: &hex!("a79e453c6fad8a5a4c2a8e87821c7f88"), - }, - GcmTV { - key: &hex!("23aaa78a5915b14f00cf285f38ee275a2db97cb4ab14d1aac8b9a73ff1e66467"), - nonce: &hex!("4a675ec9be1aab9632dd9f59"), - plaintext: &hex!("56659c06a00a2e8ed1ac60572eee3ef7"), - aad: b"", - ciphertext: &hex!("e6c01723bfbfa398d9c9aac8c683bb12"), - tag: &hex!("4a2f78a9975d4a1b5f503a4a2cb71553"), - }, - GcmTV { - key: &hex!("fe647f72e95c469027f4d7778429a2e8e90d090268d4fa7df44f65c0af84190a"), - nonce: &hex!("4f40ae2a83a9b480e4686c90"), - plaintext: &hex!("31fd6cce3f0d2b0d18e0af01c4b5609e"), - aad: b"", - ciphertext: &hex!("54c769fd542f0d3022f1335a7c410b61"), - tag: &hex!("106cb7cbcd967da6cad646039c753474"), - }, - GcmTV { - key: &hex!("fce205515f0551b1797128a2132d8e002ea5ab1beb99c5e7e8329398cf478e10"), - nonce: &hex!("20209a0d4a3b9bfddeef39a0"), - plaintext: &hex!("7d663e31a2f6ffef17e536684dae2e87"), - aad: b"", - ciphertext: &hex!("6529712030fb659dc11ab719f6a4c402"), - tag: &hex!("58699464d062aba505508c576c4e07dd"), - }, - GcmTV { - key: &hex!("cd33003ff18f6f3369dd9a35381261ba660ce0a769864475152e677066540337"), - nonce: &hex!("20bffe9064ce76d275204138"), - plaintext: &hex!("acaf53d4dd2fe12cd44450b0d9adcc92"), - aad: b"", - ciphertext: &hex!("a669fda0444b180165f90815dc992b33"), - tag: &hex!("6e31f5a56c4790cedcc2368c51d0639b"), - }, - GcmTV { - key: &hex!("381873b5f9579d8241f0c61f0d9e327bb9f678691714aaa48ea7d92678d43fe7"), - nonce: &hex!("3fc8bec23603158e012d65e5"), - plaintext: &hex!("7b622e9b408fe91f6fa800ecef838d36"), - aad: b"", - ciphertext: &hex!("8ca4de5b4e2ab22431a009f3ddd01bae"), - tag: &hex!("b3a7f80e3edf322622731550164cd747"), - }, - GcmTV { - key: &hex!("92e11dcdaa866f5ce790fd24501f92509aacf4cb8b1339d50c9c1240935dd08b"), - nonce: &hex!("ac93a1a6145299bde902f21a"), - plaintext: &hex!("2d71bcfa914e4ac045b2aa60955fad24"), - aad: &hex!("1e0889016f67601c8ebea4943bc23ad6"), - ciphertext: &hex!("8995ae2e6df3dbf96fac7b7137bae67f"), - tag: &hex!("eca5aa77d51d4a0a14d9c51e1da474ab"), - }, - GcmTV { - key: &hex!("7da3bccaffb3464178ca7c722379836db50ce0bfb47640b9572163865332e486"), - nonce: &hex!("c04fd2e701c3dc62b68738b3"), - plaintext: &hex!("fd671cab1ee21f0df6bb610bf94f0e69"), - aad: &hex!("fec0311013202e4ffdc4204926ae0ddf"), - ciphertext: &hex!("6be61b17b7f7d494a7cdf270562f37ba"), - tag: &hex!("5e702a38323fe1160b780d17adad3e96"), - }, - GcmTV { - key: &hex!("a359b9584beec189527f8842dda6b6d4c6a5db2f889635715fa3bcd7967c0a71"), - nonce: &hex!("8616c4cde11b34a944caba32"), - plaintext: &hex!("33a46b7539d64c6e1bdb91ba221e3007"), - aad: &hex!("e1796fca20cb3d3ab0ade69b2a18891e"), - ciphertext: &hex!("b0d316e95f3f3390ba10d0274965c62b"), - tag: &hex!("aeaedcf8a012cc32ef25a62790e9334c"), - }, - GcmTV { - key: &hex!("8c83238e7b3b58278200b54940d779d0a0750673aab0bf2f5808dd15dc1a8c49"), - nonce: &hex!("70f8f4ebe408f61a35077956"), - plaintext: &hex!("6e57f8572dd5b2247410f0d4c7424186"), - aad: &hex!("e1cbf83924f1b8d1014b97db56c25a15"), - ciphertext: &hex!("4a11acb9611251df01f79f16f8201ffb"), - tag: &hex!("9732be4ad0569586753d90fabb06f62c"), - }, - GcmTV { - key: &hex!("fe21919bb320af8744c9e862b5b7cf8b81ad3ad1fb0e7d7d710a688d3eed154b"), - nonce: &hex!("38bc3917aa1925f40850c082"), - plaintext: &hex!("aea53b1ea79a71c3a4b83c92a0c979f1"), - aad: &hex!("f24102fa7e6b819bb3ff47f90844db9c"), - ciphertext: &hex!("2fb8b697bf8f7a2eea25fe702a3ae0a9"), - tag: &hex!("5be77e827737ad7c4f79e0e343fe010d"), - }, - GcmTV { - key: &hex!("499e8a3f39ac4abc62dd4e1a6133042e74785972b6b501bfaffefc8bb29fd312"), - nonce: &hex!("5c728dbbef9dcc0ff483e891"), - plaintext: &hex!("b44014c7fc6b3f15d126a881fbe2bd2b"), - aad: &hex!("82300dab592f840ae991efa3623a6203"), - ciphertext: &hex!("578fe5e1aef7619f392c027c838a239e"), - tag: &hex!("49fdc724f05eb56ea9e3fd14b61ad567"), - }, - GcmTV { - key: &hex!("2775d3e7a8fc665bb9a59edc22eb136add194824ed8f2adb449177404c739716"), - nonce: &hex!("73f16c054e166696df679a2e"), - plaintext: &hex!("c9f3bce40310b6c0a3fd62742e4f3617"), - aad: &hex!("23199a1c9b7244913952ca4f7e7444f4"), - ciphertext: &hex!("72c85c10756266d00a9a4340b2cb3137"), - tag: &hex!("5881e4565b42394e62d5daf0d1ebc593"), - }, - GcmTV { - key: &hex!("425a341c67e6d873870f54e2cc5a2984c734e81729c0dbaaeee050309f1ce674"), - nonce: &hex!("0c09b7b4e9e097317b791433"), - plaintext: &hex!("76dda644b3faca509b37def0319f30cc"), - aad: &hex!("4300a721547846761e4bf8df2b6ec1d6"), - ciphertext: &hex!("1dd80daa0fc9e47e43897c64a6663f5e"), - tag: &hex!("5d69b34d8c3b12f783faaea7e93685db"), - }, - GcmTV { - key: &hex!("dd5c48988a6e9f9f60be801ba5c090f224a1b53d6601ec5858eab7b7784a8d5e"), - nonce: &hex!("43562d48cd4110a66d9ca64e"), - plaintext: &hex!("2cda2761fd0be2b03f9714fce8d0e303"), - aad: &hex!("55e568309fc6cb0fb0e0e7d2511d4116"), - ciphertext: &hex!("f2cfb6f5446e7aa172adfcd66b92a98d"), - tag: &hex!("e099c64d2966e780ce7d2eaae97f47d8"), - }, - GcmTV { - key: &hex!("2bdad9c3e5de6e4e101b7f16e727c690db95eacf4b0ccbdec7aab6fb9fc80486"), - nonce: &hex!("a5cf3967d244074d2153c576"), - plaintext: &hex!("84c867ec36cc6fe3487f5192fdfd390b"), - aad: &hex!("6bdae72b5ed0e4d1f10064ebd02cf85c"), - ciphertext: &hex!("53c8fa437c1b5fa91abbd6508b3878ce"), - tag: &hex!("7859593d127324be8b9cf1d43ead4d82"), - }, - GcmTV { - key: &hex!("01e92afdb5d956be12d38b09252966c5728d26f3c72e54bb62bbc55ae590e716"), - nonce: &hex!("886e55364eeb90e87ac79bbe"), - plaintext: &hex!("6c6570385f3d6d937e54a3a2e95bc9eb"), - aad: &hex!("c76aabb7f44b942a81feb50249d2131a"), - ciphertext: &hex!("423b749a507f437b431114962180d352"), - tag: &hex!("54d859320a49281368297da7d4e37326"), - }, - GcmTV { - key: &hex!("46921319217598cb64256fe49abca1f18a9d1dbca360f8630afb5c6137cb42b5"), - nonce: &hex!("290827cf981415760ec3b37a"), - plaintext: &hex!("480d32b191c2e201aed03680f93ea2da"), - aad: &hex!("535ee80b12f581baaf8027e6e3900e31"), - ciphertext: &hex!("89ace4f73583fb1ac260dea99b54055e"), - tag: &hex!("7b8b8358363c175a66e6fb48d1bc2222"), - }, - GcmTV { - key: &hex!("e18cd9b01b59bc0de1502efb74c3642997fe7dfb8d80c8a73caffe7726807d33"), - nonce: &hex!("bd087b384c40841b3839ba02"), - plaintext: &hex!("62f7f3a12b8c5f6747fcfe192d850b19"), - aad: &hex!("fe69f837961b1d83f27fbf68e6791a1c"), - ciphertext: &hex!("bacfccf6397424e96caf761e71dd3e3a"), - tag: &hex!("9c9a5b65420f83e766c7c051680e8e58"), - }, - GcmTV { - key: &hex!("68ee463b3153d9a042e5e3685def6f90f7659a203441de337fb94831cbeae9b2"), - nonce: &hex!("9c4a9254c485236cf838de7e"), - plaintext: &hex!("73731054514f3fb0102c7a1df809f212"), - aad: &hex!("d55820e7acbb27d23c7df32938cf7d42"), - ciphertext: &hex!("13b7823cac37f40eb811e3c966d16a67"), - tag: &hex!("76288c33a66ff6451e2cec6c4ba4935e"), - }, - GcmTV { - key: &hex!("64bd594daf279e3172f9aa713b35b7fce8f43083792bc7d1f10919131f400a7b"), - nonce: &hex!("339a2c40e9d9507c34228649"), - plaintext: &hex!("2b794cb4c98450463a3e225ab33f3f30"), - aad: &hex!("2b9544807b362ebfd88146e2b02c9270"), - ciphertext: &hex!("434d703b8d1069ad8036288b7c2d1ae6"), - tag: &hex!("7d31e397c0c943cbb16cfb9539a6a17d"), - }, - GcmTV { - key: &hex!("83688deb4af8007f9b713b47cfa6c73e35ea7a3aa4ecdb414dded03bf7a0fd3a"), - nonce: &hex!("0b459724904e010a46901cf3"), - plaintext: &hex!("33d893a2114ce06fc15d55e454cf90c3"), - aad: &hex!("794a14ccd178c8ebfd1379dc704c5e208f9d8424"), - ciphertext: &hex!("cc66bee423e3fcd4c0865715e9586696"), - tag: &hex!("0fb291bd3dba94a1dfd8b286cfb97ac5"), - }, - GcmTV { - key: &hex!("013f549af9ecc2ee0259d5fc2311059cb6f10f6cd6ced3b543babe7438a88251"), - nonce: &hex!("e45e759a3bfe4b652dc66d5b"), - plaintext: &hex!("79490d4d233ba594ece1142e310a9857"), - aad: &hex!("b5fe530a5bafce7ae79b3c15471fa68334ab378e"), - ciphertext: &hex!("619443034e4437b893a45a4c89fad851"), - tag: &hex!("6da8a991b690ff6a442087a356f8e9e3"), - }, - GcmTV { - key: &hex!("4b2815c531d2fceab303ec8bca739a97abca9373b7d415ad9d6c6fa9782518cc"), - nonce: &hex!("47d647a72b3b5fe19f5d80f7"), - plaintext: &hex!("d3f6a645779e07517bd0688872e0a49b"), - aad: &hex!("20fd79bd0ee538f42b7264a5d098af9a30959bf5"), - ciphertext: &hex!("00be3b295899c455110a0ae833140c4d"), - tag: &hex!("d054e3997c0085e87055b79829ec3629"), - }, - GcmTV { - key: &hex!("2503b909a569f618f7eb186e4c4b81dbfe974c553e2a16a29aea6846293e1a51"), - nonce: &hex!("e4fa3dc131a910c75f61a38b"), - plaintext: &hex!("188d542f8a815695c48c3a882158958c"), - aad: &hex!("f80edf9b51f8fd66f57ce9af5967ec028245eb6e"), - ciphertext: &hex!("4d39b5494ca12b770099a8eb0c178aca"), - tag: &hex!("adda54ad0c7f848c1c72758406b49355"), - }, - GcmTV { - key: &hex!("6c8f34f14569f625aad7b232f59fa8b187ab24fadcdbaf7d8eb45da8f914e673"), - nonce: &hex!("6e2f886dd97be0e4c5bd488b"), - plaintext: &hex!("ac8aa71cfbf1e968ef5515531576e314"), - aad: &hex!("772ec23e49dbe1d923b1018fc2bef4b579e46241"), - ciphertext: &hex!("cb0ce70345e950b429e710c47d9c8d9b"), - tag: &hex!("9dceea98c438b1d9c154e5386180966d"), - }, - GcmTV { - key: &hex!("182fe560614e1c6adfd1566ac44856df723dcb7e171a7c5796b6d3f83ef3d233"), - nonce: &hex!("8484abca6877a8622bfd2e3c"), - plaintext: &hex!("92ca46b40f2c75755a28943a68a8d81c"), - aad: &hex!("2618c0f7fe97772a0c97638cca238a967987c5e5"), - ciphertext: &hex!("ed1941b330f4275d05899f8677d73637"), - tag: &hex!("3fe93f1f5ffa4844963de1dc964d1996"), - }, - GcmTV { - key: &hex!("65a290b2fabe7cd5fb2f6d627e9f1f79c2c714bffb4fb86e9df3e5eab28320ed"), - nonce: &hex!("5a5ed4d5592a189f0737cf47"), - plaintext: &hex!("662dda0f9c8f92bc906e90288100501c"), - aad: &hex!("ad1c7f7a7fb7f8fef4819c1dd1a67e007c99a87b"), - ciphertext: &hex!("8eb7cb5f0418da43f7e051c588776186"), - tag: &hex!("2b15399ee23690bbf5252fb26a01ae34"), - }, - GcmTV { - key: &hex!("7b720d31cd62966dd4d002c9ea41bcfc419e6d285dfab0023ba21b34e754cb2f"), - nonce: &hex!("e1fb1f9229b451b72f89c333"), - plaintext: &hex!("1aa2948ed804f24e5d783b1bc959e086"), - aad: &hex!("7fdae42d0cf6a13873d3092c41dd3a19a9ea90f9"), - ciphertext: &hex!("8631d3c6b6647866b868421b6a3a548a"), - tag: &hex!("a31febbe169d8d6f391a5e60ef6243a0"), - }, - GcmTV { - key: &hex!("a2aec8f3438ab4d6d9ae566a2cf9101ad3a3cc20f83674c2e208e8ca5abac2bb"), - nonce: &hex!("815c020686c52ae5ddc81680"), - plaintext: &hex!("a5ccf8b4eac22f0e1aac10b8d62cdc69"), - aad: &hex!("86120ce3aa81445a86d971fdb7b3b33c07b25bd6"), - ciphertext: &hex!("364c9ade7097e75f99187e5571ec2e52"), - tag: &hex!("64c322ae7a8dbf3d2407b12601e50942"), - }, - GcmTV { - key: &hex!("e5104cfcbfa30e56915d9cf79efcf064a1d4ce1919b8c20de47eab0c106d67c1"), - nonce: &hex!("d1a5ec793597745c7a31b605"), - plaintext: &hex!("7b6b303381441f3fdf9a0cf79ee2e9e0"), - aad: &hex!("9931678430ff3aa765b871b703dfcc43fb1b8594"), - ciphertext: &hex!("425d48a76001bed9da270636be1f770b"), - tag: &hex!("76ff43a157a6748250a3fdee7446ed22"), - }, - GcmTV { - key: &hex!("f461d1b75a72d942aa096384dc20cf8514a9ad9a9720660add3f318284ca3014"), - nonce: &hex!("d0495f25874e5714a1149e94"), - plaintext: &hex!("d9e4b967fdca8c8bae838a5da95d7cce"), - aad: &hex!("1133f372e3db22456e7ea92f29dff7f1d92864d3"), - ciphertext: &hex!("1df711e6fbcba22b0564c6e36051a3f7"), - tag: &hex!("f0563b7494d5159289b644afc4e8e397"), - }, - GcmTV { - key: &hex!("a9a98ef5076ceb45c4b60a93aeba102507f977bc9b70ded1ad7d422108cdaa65"), - nonce: &hex!("54a1bc67e3a8a3e44deec232"), - plaintext: &hex!("ede93dd1eaa7c9859a0f709f86a48776"), - aad: &hex!("10cfef05e2cd1edd30db5c028bd936a03df03bdc"), - ciphertext: &hex!("3d3b61f553ab59a9f093cac45afa5ac0"), - tag: &hex!("7814cfc873b3398d997d8bb38ead58ef"), - }, - GcmTV { - key: &hex!("d9e17c9882600dd4d2edbeae9a224d8588ff5aa210bd902d1080a6911010c5c5"), - nonce: &hex!("817f3501e977a45a9e110fd4"), - plaintext: &hex!("d74d968ea80121aea0d7a2a45cd5388c"), - aad: &hex!("d216284811321b7591528f0af5a3f2768429e4e8"), - ciphertext: &hex!("1587c8b00e2c197f32a21019feeee99a"), - tag: &hex!("63ea43c03d00f8ae5724589cb6f64480"), - }, - GcmTV { - key: &hex!("ec251b45cb70259846db530aff11b63be00a951827020e9d746659bef2b1fd6f"), - nonce: &hex!("e41652e57b624abd84fe173a"), - plaintext: &hex!("75023f51ba81b680b44ea352c43f700c"), - aad: &hex!("92dd2b00b9dc6c613011e5dee477e10a6e52389c"), - ciphertext: &hex!("29274599a95d63f054ae0c9b9df3e68d"), - tag: &hex!("eb19983b9f90a0e9f556213d7c4df0f9"), - }, - GcmTV { - key: &hex!("61f71fdbe29f56bb0fdf8a9da80cef695c969a2776a88e62cb3d39fca47b18e3"), - nonce: &hex!("77f1d75ab0e3a0ed9bf2b981"), - plaintext: &hex!("110a5c09703482ef1343396d0c3852d3"), - aad: &hex!("c882691811d3de6c927d1c9f2a0f15f782d55c21"), - ciphertext: &hex!("7e9daa4983283facd29a93037eb70bb0"), - tag: &hex!("244930965913ebe0fa7a0eb547b159fb"), - }, - GcmTV { - key: &hex!("e4fed339c7b0cd267305d11ab0d5c3273632e8872d35bdc367a1363438239a35"), - nonce: &hex!("0365882cf75432cfd23cbd42"), - plaintext: &hex!("fff39a087de39a03919fbd2f2fa5f513"), - aad: &hex!("8a97d2af5d41160ac2ff7dd8ba098e7aa4d618f0f455957d6a6d0801796747ba57c32dfbaaaf15176528fe3a0e4550c9"), - ciphertext: &hex!("8d9e68f03f7e5f4a0ffaa7650d026d08"), - tag: &hex!("3554542c478c0635285a61d1b51f6afa"), - }, - GcmTV { - key: &hex!("bd93c7bfc850b33c86484e04859ed374beaee9d613bdca6f072d1d182aeebd04"), - nonce: &hex!("6414c7749effb9af7e5c4762"), - plaintext: &hex!("b6de1699931f2252efc98d491d22ee12"), - aad: &hex!("76f43d5664c7ac1b4de43f2e2c4bc71f6918e0762f40e5dd5597ef4ff215855a4fd26d3ea6ccbd4e10789948fa692433"), - ciphertext: &hex!("a6c7e52f2018b823506e48064ffe6ee4"), - tag: &hex!("175e653c9036f66835f10cf1c82d1741"), - }, - GcmTV { - key: &hex!("df0125a826c7fe49243d89cbdd7562aafd2103fa2783cf901976b5f5d481cdcb"), - nonce: &hex!("f63c1461b2964929d035d9bf"), - plaintext: &hex!("cc27ff68f981e4d6fb1918427c3d6b9e"), - aad: &hex!("0bf602ec47593e44ac1b88244455fa04359e338057b0a0ba057cb506d546d4d6d8538640fe7dd3d5864bd33b5a33d768"), - ciphertext: &hex!("b8fa150af93078574ac7c4615f88647d"), - tag: &hex!("4584553ac3ccdf8b0efae517652d3a18"), - }, - GcmTV { - key: &hex!("d33ea320cec0e43dfc1e3d1d8ccca2dd7e30ad3ea18ad7141cc83645d18771ae"), - nonce: &hex!("540009f321f41d00202e473b"), - plaintext: &hex!("e56cdd522d526d8d0cd18131a19ee4fd"), - aad: &hex!("a41162e1fe875a81fbb5667f73c5d4cbbb9c3956002f7867047edec15bdcac1206e519ee9c238c371a38a485c710da60"), - ciphertext: &hex!("8b624b6f5483f42f36c85dc7cf3e9609"), - tag: &hex!("2651e978d9eaa6c5f4db52391ac9bc7c"), - }, - GcmTV { - key: &hex!("7f35f5979b23321e6449f0f5ef99f2e7b796d52d560cc77aabfb621dbf3a6530"), - nonce: &hex!("cf0f6f3eed4cf374da714c77"), - plaintext: &hex!("4e9f53affdb5b1e91bf423d29c54401a"), - aad: &hex!("a676d35d93e12bfe0603f6aef2c3dd892a9b1ad22d476c3509d313256d4e98e4dda4e46e93b54cf59c2b90608a8fb3ad"), - ciphertext: &hex!("1714d55ef83df2927ee95ff22f1d90e6"), - tag: &hex!("4962a91d1071dd2c05934968d21eb43c"), - }, - GcmTV { - key: &hex!("06ecc134993506cf539b1e797a519fe1d9f34321fe6a0b05f1936285c35c93a4"), - nonce: &hex!("f2190861d1140bd080d79906"), - plaintext: &hex!("519c1fc45a628ec16c515427796711f7"), - aad: &hex!("a04f2723c2521181437ad63f7910481d5de98f3e2561cec3a177bdbcb5048619738852e0fb212a3caa741a353e4e89a8"), - ciphertext: &hex!("b36c793224ce3bb1b54144398fbdedb6"), - tag: &hex!("0030e6e84f6f8eb474ce8e071c2953dd"), - }, - GcmTV { - key: &hex!("734fa8b423b91e0ecccc7f554480eef57a82423a9f92b28d464320fba405a71c"), - nonce: &hex!("a6b5c78bb5791f4d121390ce"), - plaintext: &hex!("b496a99b39e0e94bb5829cfc3d7b3856"), - aad: &hex!("9ce25ff9b55dfa04e4271999a47cba8af8e83a390b090d1c4306b40ce8882624b662ff5867896396789295c19ec80d07"), - ciphertext: &hex!("904081a40484bb6454fc52cb6674e737"), - tag: &hex!("6a0787cf3921a71c35b5054954527823"), - }, - GcmTV { - key: &hex!("d106280b84f25b294f71c261f66a65c2efd9680e19f50316d237975052796392"), - nonce: &hex!("cfc6aa2aeba468c66bf4553f"), - plaintext: &hex!("57e937f8b9b814e965bb569fcf63aaac"), - aad: &hex!("012a43f9903a3808bf34fd6f77d831d9154205ded589964cae60d2e49c856b7a4100a55c8cd02f5e476f62e988dcbd2b"), - ciphertext: &hex!("c835f5d4fd30fe9b2edb4aff24803c60"), - tag: &hex!("e88426bb4619807f18a9cc9839754777"), - }, - GcmTV { - key: &hex!("81eb63bc47aba313d964a5335cfb039051520b3112fa54cab368e5243947d450"), - nonce: &hex!("18cc5dd875753ff51cc6f441"), - plaintext: &hex!("45f51399dff6a0dcd43f35256616d6be"), - aad: &hex!("24f766c56777312494245a4e6c7dbebbae4026e0907eadbc20a488982678161de7b924473c0a81ee59a0fa6905952b33"), - ciphertext: &hex!("a2fc7b0784ec4233142f9cde12ab9e98"), - tag: &hex!("4e60b8561cacfe7133740cd2bddefaa0"), - }, - GcmTV { - key: &hex!("0a997863786a4e97332224ed484ffca508b166f0603687200d99fd6accd45d83"), - nonce: &hex!("7a9acabd4b8d3e1036293a07"), - plaintext: &hex!("9d2c9ff39f57c96ecce287c68c5cd6eb"), - aad: &hex!("525fc5ac7fe93c183a3ef7c75e3fbd52dce956855aff385966f4d79966bdb3ec2019c466584d21bfee74511a77d82adb"), - ciphertext: &hex!("238441c65b2a1c41b302da0f52d40770"), - tag: &hex!("c351d93ab9491cdfb7fa15e7a251de22"), - }, - GcmTV { - key: &hex!("acbfeb7c595b704960c1097e93d3906534c23444c8acc1f8e969ce6c3fe8a46b"), - nonce: &hex!("28922ecac3013806c11660e6"), - plaintext: &hex!("e0d8c52d60c6ed6980abd4348f3f96f1"), - aad: &hex!("b1fe886107013ebdeb19315a9d096ed81803951a508f56f68202a7df00bebae0742dd1128c200952a049ef0cd7cfe4e6"), - ciphertext: &hex!("56fe1cf2c1d193b9b33badbf846f52cc"), - tag: &hex!("1cb4c14f50a54a64813ffc810f31f9f8"), - }, - GcmTV { - key: &hex!("f6e768475c33269596da1f5a5a38547a885006bebb9134e21274d8456e9f5529"), - nonce: &hex!("3579e5ac51d1f1b82ea352ca"), - plaintext: &hex!("0aa481f856f8b96547672e5ae5370f9e"), - aad: &hex!("6929b6053ba148304366164f79b1b9f592c9cb9bce65094cec5cb8b0fc63e20d86b17c8bf5a7b089a63c5eac1824ee93"), - ciphertext: &hex!("b2f4edf5f0b0bfc590fead6239b0f2fb"), - tag: &hex!("2540ceb5ef247c95d63df84c46468533"), - }, - GcmTV { - key: &hex!("2ca76112300bed65b87ba6ec887cd514f4633c1c96565fec8e3e69ae2ba88401"), - nonce: &hex!("964864510a8c957dcfb97d2f"), - plaintext: &hex!("0aff24b4c5aa45b81ce08ec2439be446"), - aad: &hex!("5aebdfd153a18763f36ecc9e8e9a01cb7b3f21e435b35b0da937c67e87c9ec058d08060a95e1eda0a5ab6546cca45094"), - ciphertext: &hex!("03da1f5a1403dbdd9f75a26113608ec0"), - tag: &hex!("a1c215d0c552a6061aa2b60afc3667a6"), - }, - GcmTV { - key: &hex!("c0ff018b6c337dde685c8279cf6de59d7ce4b288032b819e074b671e72abbc91"), - nonce: &hex!("f12e6b1e85f87ef4c9ccbb7b"), - plaintext: &hex!("f7512bbfa2d40d14be71b70f70701c99"), - aad: &hex!("0577e8d28c0e9e5cde3c8b2a1a2aa8e2fc3ec8e96768405fcfbd623be7fc4e2e395c59b5b3a8ea117ef211320bc1f857"), - ciphertext: &hex!("0187b4c2d52486b4417e5a013d553e5e"), - tag: &hex!("dba451e7339be8ebed3ea9683d1b4552"), - }, - GcmTV { - key: &hex!("d90c6948ac2353867e943069196a2c4d0c4d51e34e2505661b1d76f3e5f17ac5"), - nonce: &hex!("07e5623f474e2f0fe9f4c7d2"), - plaintext: &hex!("8a9fb1b384c0d1728099a4f7cb002f07"), - aad: &hex!("0de97574ae1bc6d3ef06c6ce03513ca47dff4728803e0aacc50564ee32b775fd535f5c8c30186550d99bff6f384af2dd"), - ciphertext: &hex!("4234a3a9fb199c3b293357983e8ac30b"), - tag: &hex!("d51e6f071dbab126f5fc9732967108ef"), - }, - GcmTV { - key: &hex!("80d755e24d129e68a5259ec2cf618e39317074a83c8961d3768ceb2ed8d5c3d7"), - nonce: &hex!("7598c07ba7b16cd12cf50813"), - plaintext: &hex!("5e7fd1298c4f15aa0f1c1e47217aa7a9"), - aad: &hex!("0e94f4c48fd0c9690c853ad2a5e197c5de262137b69ed0cdfa28d8d12413e4ffff15374e1cccb0423e8ed829a954a335ed705a272ad7f9abd1057c849bb0d54b768e9d79879ec552461cc04adb6ca0040c5dd5bc733d21a93702"), - ciphertext: &hex!("5762a38cf3f2fdf3645d2f6696a7eead"), - tag: &hex!("8a6708e69468915c5367573924fe1ae3"), - }, - GcmTV { - key: &hex!("dda7977efa1be95a0e41ed8bcd2aa648621945c95a9e28b63919e1d92d269fc3"), - nonce: &hex!("053f6e1be42af8894a6e86a0"), - plaintext: &hex!("6fa9b08176e9963927afba1e5f969a42"), - aad: &hex!("cb5114a001989339657427eb88329d6ce9c69694dc91a69b7557d62184e57832ec76d162fc9c47490bb3d78e5899445cecf85d36cb1f07fed5a3d82aaf7e9590f3ed74ad13b13c8adbfc7f29d7b151448d6f29d11d0bd3d03b76"), - ciphertext: &hex!("d4adbff3ec8edade29b9a1b748c31b54"), - tag: &hex!("3b331733c753858c22d309ceb0f9488c"), - }, - GcmTV { - key: &hex!("d7da934ad057dc06bd1ec234fcc4efdc5119037a440b5827de25915f22dd47e5"), - nonce: &hex!("1b54c4ea37d2395ef70dcc72"), - plaintext: &hex!("86d5567658361198348207ede7a46da6"), - aad: &hex!("735de4596a80e64e38a12ab24ef73881d6ed3b533cb2c101025c3615acd2114150feeca84ade4e563bc4a300eb4a0cd97a184a293f0ac063e4f3c61e7fcdb331bcc6459fafaf0e2dda881f34eb717f4ee8c4b6890d3ef59721f3"), - ciphertext: &hex!("70a1c1d7c200ba5ae1b6f29917bb19f2"), - tag: &hex!("a25d51cccb198bed33de0b98df249c2d"), - }, - GcmTV { - key: &hex!("930ebb4b9b9c35094be374cc0b700c437b3c46b45d489a716c30f93cd5f986c9"), - nonce: &hex!("7a21e5febd82ec9b97bfbe83"), - plaintext: &hex!("980086665d08a365f6bbe20ae51116f7"), - aad: &hex!("9f2ed5f6cf9e2d6505d3c99a8f81a7dfc5658dd085eba966c8b3206230973a086ec36fe948573baee108fca941bce53dad73180877cd497976209c1adf8a9861f0215560df064caf0ef2f99445c11816f5b8deeafedd682b5fb2"), - ciphertext: &hex!("05baaefdeb0c33674a8064a2e9951aaf"), - tag: &hex!("2ec7efd2564d4e09a6ab852f3af49939"), - }, - GcmTV { - key: &hex!("70213d8949a65f463d13206071fab1b4c6b614fd3cee0d340d2d806de6714a93"), - nonce: &hex!("f8529d3e4f155cbb1ffb3d0a"), - plaintext: &hex!("47d47a5fd32a2a416f921cc7f00c0f81"), - aad: &hex!("112360db39b867dabaaa1d777bd881df2104b69fba15a4f37a832f5da38ad8a8c7c46db93e5b4eadf8b9a5a75508ad1457994c133c5ac85509eedfb13b90a2cf6c56a3c778582939362008608b08f9c4866a0e38744572114598"), - ciphertext: &hex!("b220b69bd851a17fbc5b725fb912f11e"), - tag: &hex!("4c3436943d58501c0826ae5827bc063e"), - }, - GcmTV { - key: &hex!("7a5834230ebbbf616630f2edb3ad4320182433c0546ac1e34bc9fd046e4a0ed9"), - nonce: &hex!("d27dd6212b6defdcbbc701bb"), - plaintext: &hex!("b4def1251427ade064a9614e353dda3f"), - aad: &hex!("3bc12f3bb88ea4f8a2184959bb9cd68911a78458b27e9b528ccecafe7f13f303dc714722875f26b136d18a3acfe82b53ad5e13c71f3f6db4b0fd59fffd9cd4422c73f2c31ac97010e5edf5950dc908e8df3d7e1cbf7c34a8521e"), - ciphertext: &hex!("88f94965b4350750e11a2dc139ccaef1"), - tag: &hex!("8a61f0166e70c9bfdd198403e53a68a5"), - }, - GcmTV { - key: &hex!("c3f10586f246aacadcce3701441770c03cfec940afe1908c4c537df4e01c50a0"), - nonce: &hex!("4f52faa1fa67a0e5f4196452"), - plaintext: &hex!("79d97ea3a2edd65045821ea745a44742"), - aad: &hex!("46f9a22b4e52e1526513a952dbee3b91f69595501e0177d50ff364638588c08d92fab8c58a969bdcc84c468d8498c4f06392b99ed5e0c484507fc48dc18d87c40e2ed848b43150be9d36f14cf2cef1310ba4a745adcc7bdc41f6"), - ciphertext: &hex!("560cf716e56190e9397c2f103629eb1f"), - tag: &hex!("ff7c9124879644e80555687d273c55d8"), - }, - GcmTV { - key: &hex!("ad70ebcf889e88b867ded0e4838ca66d6991499046a5671d99e91ed463ae78b1"), - nonce: &hex!("561e13b335718fcbee364100"), - plaintext: &hex!("82d5568872a4cef12238c0feb14f0fb4"), - aad: &hex!("e037bd7306eec185b9cb4e3bf295232da19005957086d62e6fb342284f05feaa0e81d6c95071e7e4d7b6aad7b00f7e7863dd0fc16303a8304bb8855305f28067f4be71eed95ff90e046382116229f0fd3d2c3ef2e87e0d0e7950"), - ciphertext: &hex!("771c6d091f8190ddbdb8886d9ce2ebd5"), - tag: &hex!("5009abd1ebeb26dab852346ea6d8aee3"), - }, - GcmTV { - key: &hex!("a452fa24b381e7165ee90f3371c2b0db2176f848a0354c78e92f2f1f89bbc511"), - nonce: &hex!("4bd904dfe18241eb5455d912"), - plaintext: &hex!("3f43df23ea940f3680a4b679b56db579"), - aad: &hex!("64f1a9d21deb183cff84f1aef5be83dbfc72e275f229eb5d59ace143605e8901dfa8f4724be24c86b5429bc84b629971fe1f9663b7537427b45dfb67d5f04506df4ee2c33d7f15af9f6e86058b131b7e6042b43a55bf6915f048"), - ciphertext: &hex!("c054974c4562f8536aef2734f10e09fc"), - tag: &hex!("2c5cafaf7b1f7581c5ec13080994e33c"), - }, - GcmTV { - key: &hex!("209ea3c4dd0420a4d63dbb72099a0202c9b0709f3b1221565f890511eef8005b"), - nonce: &hex!("43775083e4008816129f5d40"), - plaintext: &hex!("b4967f8c4fb1b34b6ff43a22d34fae5c"), - aad: &hex!("9abc653a2347fc6e5a8cb9bdc251dff7c56109797c387494c0ed55570330961eb5b11087603e08ad293d0dd55571008e62d1163f67cf829e28d27beba65553bd11d8838f8a7a5f1fe05500befbaf97839801e99ecf998882c707"), - ciphertext: &hex!("a8d22a6e25232938d3f8600a66be80da"), - tag: &hex!("2ef93cc03c17bbfb6626144697fd2422"), - }, - GcmTV { - key: &hex!("dabd63ac5274b26842c2695c9850d7accc1693ee2aeee1e2e1338bbbc5b80f87"), - nonce: &hex!("fd6790d620f12870b1d99b31"), - plaintext: &hex!("4a28048f5683679a557630a661f030e2"), - aad: &hex!("e4a06b9b205a7faadb21dc7fea8a0de0e013d717b61b24ec42f81afc8cdbc055573e971375da2fa5103a091317eab13b6a110ea211af257feabf52abafec23fd5b114b013d5c052199020573f8b7b7ae6958f733e87efa0426c2"), - ciphertext: &hex!("196d0345df259b47665bc233b798ebba"), - tag: &hex!("b0729d8b427ad048a7396cedf2257338"), - }, - GcmTV { - key: &hex!("b238df5e52e649d4b0a05e53020ac59e7d5bf49b8d04f8c30c356ed62dba9ed1"), - nonce: &hex!("f153f093c9a3479f999eda04"), - plaintext: &hex!("d48e779766afa73d7e04fc6fc3fa825e"), - aad: &hex!("45b5df0c15140e5ce7a19f4e02834e6027971e3e0e719626c29081a6301e95c71214345afac1908bb75ff2d3281261e6c5f41dc4e4796f054174a64f8e177f3f33321edfbd263e204135699428a09f34eb344211bfb9fac9afba"), - ciphertext: &hex!("b1989eb510843d8f35205dc3f949522f"), - tag: &hex!("616089990729228f673099514824d9b4"), - }, - GcmTV { - key: &hex!("f3dc2456d3b8947591a2d82b7319226b0f346cd4361bcc13b56da43e072a2774"), - nonce: &hex!("7a8acb5a84d7d01e3c00499e"), - plaintext: &hex!("ad075da908231ff9aae30daa6b847143"), - aad: &hex!("5e6be069effee27d34a8087c0d193f9f13e6440dc9fabfe24f6c867f831d06789d0dce92b2e3ff3ab9fe14202a8b42f384c25e3f3753dd503ec907a9b877f1707d64e4ac42909a7dee00c87c4a09d04de331515460ed101f5187"), - ciphertext: &hex!("9f224f2a1a1fbaade8b87b748971c0ac"), - tag: &hex!("cb5089d9dfaebf98e4b36ebc5f9a1a50"), - }, - GcmTV { - key: &hex!("f5a56b69a1562c77e8edebc327a20295c2eba7d406d899a622c53539626c9d72"), - nonce: &hex!("a395b8aca4508a6a5f3cb4d8"), - plaintext: &hex!("7de4638701bd2b600d7f8d26da7a75bc"), - aad: &hex!("2e4fca2b163e4403971716015386cd81bdd1e57f00f2936da408098341011f2644a38ddad799f70eaa54f6e430d4853ff2b9c44a35123670879a83120bd555c76b95b70de0c8054f9d08539a5795e70a2446d7b9fab3f7887c6b"), - ciphertext: &hex!("6508be2698ba9889b4e445b99190a5c5"), - tag: &hex!("3394106f257c2e15c815430f60bc24ba"), - }, - GcmTV { - key: &hex!("376371a780947256c52f07d80bb25a4d7e919ca8bd693b1a0ccbca748d2ce620"), - nonce: &hex!("27d7170f6f70f2fc40dfca78"), - plaintext: &hex!("7a279f9f8568b7c307490549b259226c"), - aad: &hex!("272c3559398ad774fa4b6895afc92870b2b92d310fa0debf0b7960e1fe38bfda64acd2fef26d6b177d8ab11d8afceee77374c6c18ad405d5ae323ad65fb6b04f0c809319133712f47636c5e042f15ed02f37ee7a10c643d7b178"), - ciphertext: &hex!("32284379d8c40ec18ee5774085d7d870"), - tag: &hex!("dcdee1a757f9758c944d296b1dabe7b2"), - }, - GcmTV { - key: &hex!("82c4f12eeec3b2d3d157b0f992d292b237478d2cecc1d5f161389b97f999057a"), - nonce: &hex!("7b40b20f5f397177990ef2d1"), - plaintext: &hex!("982a296ee1cd7086afad976945"), - aad: b"", - ciphertext: &hex!("ec8e05a0471d6b43a59ca5335f"), - tag: &hex!("113ddeafc62373cac2f5951bb9165249"), - }, - GcmTV { - key: &hex!("db4340af2f835a6c6d7ea0ca9d83ca81ba02c29b7410f221cb6071114e393240"), - nonce: &hex!("40e438357dd80a85cac3349e"), - plaintext: &hex!("8ddb3397bd42853193cb0f80c9"), - aad: b"", - ciphertext: &hex!("b694118c85c41abf69e229cb0f"), - tag: &hex!("c07f1b8aafbd152f697eb67f2a85fe45"), - }, - GcmTV { - key: &hex!("acad4a3588a7c5ec67832baee242b007c8f42ed7425d5a7e57b1070b7be2677e"), - nonce: &hex!("b11704ba368abadf8b0c2b98"), - plaintext: &hex!("2656b5fbec8a3666cad5f460b7"), - aad: b"", - ciphertext: &hex!("35c7114cabe39203df19413a99"), - tag: &hex!("16f4c7e5becf00db1223476a14c43ebc"), - }, - GcmTV { - key: &hex!("e5a0eb92cc2b064e1bc80891faf1fab5e9a17a9c3a984e25416720e30e6c2b21"), - nonce: &hex!("4742357c335913153ff0eb0f"), - plaintext: &hex!("8499893e16b0ba8b007d54665a"), - aad: b"", - ciphertext: &hex!("eb8e6175f1fe38eb1acf95fd51"), - tag: &hex!("88a8b74bb74fda553e91020a23deed45"), - }, - GcmTV { - key: &hex!("e78c477053f5dae5c02941061d397bc38dda5de3c9c8660a19de66c56c57fd22"), - nonce: &hex!("4f52c67c2bb748d192a5a4e2"), - plaintext: &hex!("91593e21e1f883af5c32d9be07"), - aad: b"", - ciphertext: &hex!("e37fbc56b0af200a7aa1bbe34e"), - tag: &hex!("29fe54eaaccf5e382601a15603c9f28c"), - }, - GcmTV { - key: &hex!("d0b13482037639aa797471a52b60f353b42e0ed271daa4f38a9293191cb78b72"), - nonce: &hex!("40fb7cae46adf3771bf3756a"), - plaintext: &hex!("938f40ac8e0e3b956aac5e9184"), - aad: b"", - ciphertext: &hex!("7dca05a1abe81928ccfb2164dd"), - tag: &hex!("5ea53ee170d9ab5f6cc047854e47cf60"), - }, - GcmTV { - key: &hex!("46da5ec688feead76a1ddcd60befb45074a2ef2254d7be26abdfd84629dbbc32"), - nonce: &hex!("9fb3b2b03925f476fc9a35f3"), - plaintext: &hex!("a41adc9fb4e25a8adef1180ec8"), - aad: b"", - ciphertext: &hex!("f55d4cbe9b14cea051fe7a2477"), - tag: &hex!("824753da0113d21186699dbb366c0589"), - }, - GcmTV { - key: &hex!("de3adf89f2fe246c07b0ce035f4af73cf2f65e5034dcfecfe9d7690ae1bdbd96"), - nonce: &hex!("a94aa4df0d8451644a5056c0"), - plaintext: &hex!("96825f6d6301db14a8d78fc2f4"), - aad: b"", - ciphertext: &hex!("784c6c3c24a022637cbc907c48"), - tag: &hex!("1eeaeddcdb4c72c4e8966950a319a4ef"), - }, - GcmTV { - key: &hex!("03c362288883327f6289bc1824e1c329ce485e0ce0e8d3405245283cf0f2eae2"), - nonce: &hex!("5de9f882c915c72729b2245c"), - plaintext: &hex!("f5c1c8d41de01d9c08d9f47ece"), - aad: b"", - ciphertext: &hex!("61af621953a126a2d1de559e92"), - tag: &hex!("fbdeb761238f2b70c5fb3dde0a7978f3"), - }, - GcmTV { - key: &hex!("e9ead7c59100b768aa6367d80c04a49bcd19fa8cc2e158dc8edeec3ea39b657d"), - nonce: &hex!("e81854665d2e0a97150fbab3"), - plaintext: &hex!("f8ccf69c52a873695367a42940"), - aad: b"", - ciphertext: &hex!("af2a7199602ee9ed2020c7b4cd"), - tag: &hex!("29715945ab1c034ecfcd91a466fc822e"), - }, - GcmTV { - key: &hex!("bc3e5b0fe423205904c32f870b9adec9d736a1616624043e819533fa97ed9b79"), - nonce: &hex!("335fe5180135673ce1a75144"), - plaintext: &hex!("295df9665eef999204f92acf24"), - aad: b"", - ciphertext: &hex!("3ac2a8a1b505a84677adfdb396"), - tag: &hex!("21f20aa0bb77d46d7290bc9c97a7a7bd"), - }, - GcmTV { - key: &hex!("ce889c73e0d64e272aba4bf9777afc7ee6457ddc9626ad931708ed7530d71b99"), - nonce: &hex!("fe61a6cda62fecd4e3b0c562"), - plaintext: &hex!("e2ae40ba5b4103b1a3066c1b57"), - aad: b"", - ciphertext: &hex!("185aa3508a37e6712b28191ec2"), - tag: &hex!("9ec1d567585aa467730cce92e536728e"), - }, - GcmTV { - key: &hex!("41e0cb1aed2fe53e0b688acb042a0c710a3c3ae3205b07c0af5191073abdfba9"), - nonce: &hex!("2f56e35216d88d34d08f6872"), - plaintext: &hex!("6482df0e4150e73dac51dc3220"), - aad: b"", - ciphertext: &hex!("9cb09b9927dfbe0f228e0a4307"), - tag: &hex!("fe7e87a596d63e2ab2aae46b64d466e8"), - }, - GcmTV { - key: &hex!("52a7662954d525cb00602b1ff5e937d41065ac4b921e284ffac73c04cfd462a0"), - nonce: &hex!("baffe73856ab1a47fb1feebf"), - plaintext: &hex!("9d0b5ca712f97caa1875d3ad87"), - aad: b"", - ciphertext: &hex!("fd01165380aedd6be226a66af3"), - tag: &hex!("35a492e39952c26456850b0172d723d1"), - }, - GcmTV { - key: &hex!("c4badb9766986faeb888b1db33060a9cd1f02e1afe7aaaea072d905750cb7352"), - nonce: &hex!("cc6966e9d81a298a561416d4"), - plaintext: &hex!("de68fb51731b45e7c2c5063923"), - aad: b"", - ciphertext: &hex!("f5be41f2c8c32e01098d433057"), - tag: &hex!("c82b1b012916ab6ed851d59829dad8ab"), - }, - GcmTV { - key: &hex!("dad89d9be9bba138cdcf8752c45b579d7e27c3dbb40f53e771dd8cfd500aa2d5"), - nonce: &hex!("cfb2aec82cfa6c7d89ee72ff"), - plaintext: &hex!("b526ba1050177d05b0f72f8d67"), - aad: &hex!("6e43784a91851a77667a02198e28dc32"), - ciphertext: &hex!("8b29e66e924ecae84f6d8f7d68"), - tag: &hex!("1e365805c8f28b2ed8a5cadfd9079158"), - }, - GcmTV { - key: &hex!("0d35d3dbd99cd5e088caf686b1cead9defe0c6001463e92e6d9fcdc2b0dcbaf6"), - nonce: &hex!("f9139eb9368d69ac48479d1f"), - plaintext: &hex!("5e2103eb3e739298c9f5c6ba0e"), - aad: &hex!("825cc713bb41c789c1ace0f2d0dd3377"), - ciphertext: &hex!("8ff3870eec0176d9f0c6c1b1a2"), - tag: &hex!("344234475538dc78c01f249f673e0862"), - }, - GcmTV { - key: &hex!("d35d64f1872bdcb422228f0d63f8e48977ed68d143f648ae2cd852f944b0e6dd"), - nonce: &hex!("0b2184aadbe8b515924dda5e"), - plaintext: &hex!("c8f999aa1a08871d74db490cf3"), - aad: &hex!("888f328d9e9eebbb9cb2704b5b880d66"), - ciphertext: &hex!("ad0d5e7c1065a34b27a256d144"), - tag: &hex!("8c8e7076950f7f2aeba62e1e761650d5"), - }, - GcmTV { - key: &hex!("9484b7ce3c118a8a2d556c2f7ba41fca34f60c9ea1070171459c9e7487c9537e"), - nonce: &hex!("87bc033522ae84d2abe863c5"), - plaintext: &hex!("14d8004793190563825e273dda"), - aad: &hex!("07ee18737b9bf8223979a01c59a90eb4"), - ciphertext: &hex!("43034a2c57ccacc367796d766a"), - tag: &hex!("4c981ca8b6e9e52092f5435e7ef55fbb"), - }, - GcmTV { - key: &hex!("4f4539e4a80ec01a14d6bb1bae0010f8a8b3f2cd0ac01adf239a9b2b755f0614"), - nonce: &hex!("2b6f00ce1570432bf52fdcac"), - plaintext: &hex!("820cc9389e7e74ca1cbb5a5fe6"), - aad: &hex!("0d72a13effe40544c57cc18005b998cb"), - ciphertext: &hex!("99553fdf3e777e2a4b3b6a5538"), - tag: &hex!("3cbf51640a3a93c3662c738e98fb36a2"), - }, - GcmTV { - key: &hex!("2f5e93ee24a8cd2fc6d3765f12d2179ddb8397783e136af9e0ac75f16fca451e"), - nonce: &hex!("0dc3c70a191f3722641fd701"), - plaintext: &hex!("4e96463793cdeda403668c4aee"), - aad: &hex!("ebab30cbcc99905354e4ee6f07c7db87"), - ciphertext: &hex!("ab03f8ca7b1b150bdc26d4e691"), - tag: &hex!("020546afff4290c4c8ef7fc38035ebfd"), - }, - GcmTV { - key: &hex!("a902e15d06ef5ad334d0ec6502e936ee53ef3f3608f7708848b11cefa92983d1"), - nonce: &hex!("b9f3e966efa43ab4aca1f2d8"), - plaintext: &hex!("393ff3dfe51cd43543e4e29fcc"), - aad: &hex!("2eaa35c00bf1cf8a81919bd04b43fd97"), - ciphertext: &hex!("7e8928b450c622ac8efe29d5a0"), - tag: &hex!("5a285de95990aef171629350bbcaf46e"), - }, - GcmTV { - key: &hex!("96657976da7692004e271b594e8304f77db9c9e77859246bb30a16239ba76a53"), - nonce: &hex!("79226100afea30644876e79a"), - plaintext: &hex!("2b0833a065c3853ee27c8968d0"), - aad: &hex!("ede7a9072a0086b9a1e55d900747cf76"), - ciphertext: &hex!("19373168f1a4052a57c6b8146f"), - tag: &hex!("debbf044325384b90a0c442d95455fb9"), - }, - GcmTV { - key: &hex!("630ea13eb5f52378b976ba2662f824dc622920759a15d2e341c446b03ea7bd5c"), - nonce: &hex!("0f9ebe47682f93d44c4db314"), - plaintext: &hex!("5c734964878a4250a3bf61fdd6"), - aad: &hex!("5ad8e9cffe622e9f35bdb185473868e5"), - ciphertext: &hex!("67cb6d943340d002d3323fcc4e"), - tag: &hex!("f5dc0f88f236560c4e2a6d6c15d3c0de"), - }, - GcmTV { - key: &hex!("c64f8a3ac230dce61b53d7b584f2309384274d4b32d404bc0c491f129781e52d"), - nonce: &hex!("7f4b3bcf763f9e2d08516a6d"), - plaintext: &hex!("fe581128ae9832d27ec58bd7ac"), - aad: &hex!("89ed6945547ee5998de1bb2d2f0bef1e"), - ciphertext: &hex!("81d7a8fdaf42b5716b892199c9"), - tag: &hex!("8183aaff4c0973fe56c02c2e0c7e4457"), - }, - GcmTV { - key: &hex!("dd73670fb221f7ee185f5818065e22dda3780fc900fc02ef00232c661d7bffce"), - nonce: &hex!("c33de65344cfbf228e1652bd"), - plaintext: &hex!("ada4d98147b30e5a901229952a"), - aad: &hex!("e1a5e52427f1c5b887575a6f2c445429"), - ciphertext: &hex!("6ed4e4bd1f953d47c5288c48f4"), - tag: &hex!("404e3a9b9f5ddab9ee169a7c7c2cf7af"), - }, - GcmTV { - key: &hex!("f6c5d9562b7dbdd0bf628ddc9d660c27841b06a638f56601f408f23aa2f66f4e"), - nonce: &hex!("67280bcb945ba6eda1c6c80a"), - plaintext: &hex!("f4caead242d180fbd2e6d32d0c"), - aad: &hex!("5b33716567b6c67b78ea5cd9349bcaaf"), - ciphertext: &hex!("fdfa39517d89ea47e6ccb0f831"), - tag: &hex!("91f9b540ca90e310a1f5c12c03d8c25e"), - }, - GcmTV { - key: &hex!("ce1d242f13de7638b870e0aa85843ea43a9255a4fa4d32057347f38e0267daeb"), - nonce: &hex!("86562be4621b4d5eb1983075"), - plaintext: &hex!("d20e59a8ef1a7de9096c3e6746"), - aad: &hex!("d48a9490a0b7deb023460608b7db79ce"), - ciphertext: &hex!("35ce69fb15d01159c52266537c"), - tag: &hex!("dc48f7b8d3feeeb26fcf63c0d2a889ec"), - }, - GcmTV { - key: &hex!("512753cea7c8a6165f2ebbd3768cc7b951029bd527b126233cf0841aff7568c7"), - nonce: &hex!("b79221802d8d97978041fe84"), - plaintext: &hex!("c63d6c1006b615275c085730b1"), - aad: &hex!("22fa0605b955a33468f3e60160b907f2"), - ciphertext: &hex!("bdb5d7f24732bdba1d2a429108"), - tag: &hex!("fca923d2941a6fd9d596b86c3afb0ad9"), - }, - GcmTV { - key: &hex!("e7b18429e3edded2d992ca27afab99e438b8aff25fc8460201fabe08e7d48ec2"), - nonce: &hex!("9db9b7320aaac68538e37bf7"), - plaintext: &hex!("c4713bc67a59928eee50039901"), - aad: &hex!("283e12a26e1646087b5b9d8c123dde1f"), - ciphertext: &hex!("a5932f92bda107d28f2a8aaa74"), - tag: &hex!("9a1357fd8ed21fe14d1ca2e597c3ef17"), - }, - GcmTV { - key: &hex!("69b458f2644af9020463b40ee503cdf083d693815e2659051ae0d039e606a970"), - nonce: &hex!("8d1da8ab5f91ccd09205944b"), - plaintext: &hex!("f3e0e09224256bf21a83a5de8d"), - aad: &hex!("036ad5e5494ef817a8af2f5828784a4bfedd1653"), - ciphertext: &hex!("c0a62d77e6031bfdc6b13ae217"), - tag: &hex!("a794a9aaee48cd92e47761bf1baff0af"), - }, - GcmTV { - key: &hex!("97431e565e8370a4879de962746a2fd67eca868b1c8e51eece2c1f94f74af407"), - nonce: &hex!("17fb63066e2726d282ecc610"), - plaintext: &hex!("e21629cc973fbe40176e621d9d"), - aad: &hex!("78e7374da7c77be5938de8dd76cf0308618306a9"), - ciphertext: &hex!("80dbd469de480389ba6c2fca52"), - tag: &hex!("4e284abb8b4f9f13c7497ae56df05fa5"), - }, - GcmTV { - key: &hex!("2b14ad68f442f7f92a72c7ba909bcf995c827b439d39a02f77c9bf8f84ab04dc"), - nonce: &hex!("4c847ea59f83d82b0ac0bc37"), - plaintext: &hex!("b3c4b26ebbfc717f51e874587d"), - aad: &hex!("8eb650f662be23191e88f1cd0422e57453090e21"), - ciphertext: &hex!("3e288478688e60178920090814"), - tag: &hex!("a928dc026986823062f37ec825c67b95"), - }, - GcmTV { - key: &hex!("11f41bf7d4b9ac7b0035ce54481ed1502ff05cfae02ffba9e502f61bfe785351"), - nonce: &hex!("06f5cf8c12c236e094c32014"), - plaintext: &hex!("bee374a32293cad5e1b28419b3"), - aad: &hex!("d15cbde6290b7723625c99ffa82a9c4c03ed214d"), - ciphertext: &hex!("3f8122deb6dbe0ff596441203d"), - tag: &hex!("60ef7f3723710b9ab744f8eea00267f7"), - }, - GcmTV { - key: &hex!("18ca572da055a2ebb479be6d6d7164e78f592b159cdea76e9fe208062d7b3fa1"), - nonce: &hex!("1b041e534ae20748262f3929"), - plaintext: &hex!("cda2fa0015361ecf684c6ba7d1"), - aad: &hex!("e8a925d7ce18dd456b071cb4c46655940efbe991"), - ciphertext: &hex!("740d8d578e2e7522c31019f471"), - tag: &hex!("f2eeb5af1bfedd10570a137fe2566c3f"), - }, - GcmTV { - key: &hex!("0de2ac5bfec9e8a859c3b6b86dde0537029cdca2d0844bf3e1d98f370e199be1"), - nonce: &hex!("1778e308e0221288f1eb4c5a"), - plaintext: &hex!("575d93a3416763cbd371b5a671"), - aad: &hex!("1362264f5655f71986aa788efd48f6fc13bb6ab4"), - ciphertext: &hex!("8f8df7ca83bf876b63c78e2c9a"), - tag: &hex!("16c74e315aab97efafbe95c9dcaa2d0c"), - }, - GcmTV { - key: &hex!("b381535a085bc4808fa7a139c7204e8a87c7145dfc8f3900df1fa9a9844fab35"), - nonce: &hex!("21ddc54d3c633f4a344a0e42"), - plaintext: &hex!("e4d958cee583010bbfd3a53021"), - aad: &hex!("7ac3ba600e08363ddb57c45a8670bb4abb869db0"), - ciphertext: &hex!("c42c81a312759cdb032aafe852"), - tag: &hex!("0c472591db3df8a7c67164591542dcc9"), - }, - GcmTV { - key: &hex!("29f21e5029ea4964b96dc6f4c34b2df4cce02f2fcf0f168ffd470e7858e0a0ad"), - nonce: &hex!("63a1c1ccc328280a90ff96fe"), - plaintext: &hex!("dc12113764c13c21432ca1ba33"), - aad: &hex!("454f447433f0948581956c4be1b19d932e89b492"), - ciphertext: &hex!("1cb45aac5def93daef806b781e"), - tag: &hex!("f4b0723c89607b66c392049ba042db63"), - }, - GcmTV { - key: &hex!("2733d3aa52a9d70a9fbd6ce2364bb5f9004902aa5eeb17446e08f2bdcc41db15"), - nonce: &hex!("196c4addb84a58beb3674a7a"), - plaintext: &hex!("cbc50cafda2544bcd291e8a025"), - aad: &hex!("c9826fe31f29b55b9d0f9da9795869a1a98befe5"), - ciphertext: &hex!("7a89cc58ccb97ad3e54ca4a9c8"), - tag: &hex!("3990d9aba210182996fdbd91c2ae4801"), - }, - GcmTV { - key: &hex!("0c4b9005b407415c19672bcd0ebe169f66fe404f22529baf55568e0901e94922"), - nonce: &hex!("e51381e959a1f5688c938576"), - plaintext: &hex!("c6179bd3451d9299b727e8bd0a"), - aad: &hex!("0b512faeb4da740dcc1e30d3c7ea61035e8570b7"), - ciphertext: &hex!("4d3fe086c990f16020b4c5eed6"), - tag: &hex!("9ff2297845814719f851ab0943117efb"), - }, - GcmTV { - key: &hex!("fee442ba37c351ec094a48794216a51d208c6a5ba0e5bdb8f3c0f0dfc1e4ed63"), - nonce: &hex!("a666f2f0d42214dbaa6a2658"), - plaintext: &hex!("a2cf3ea0e43e435261cb663a3b"), - aad: &hex!("7198c12810345403862c5374092cc79b669baecc"), - ciphertext: &hex!("713d4050f8c7fd63c0c1bf2ad9"), - tag: &hex!("250a35e2b45ba6b0fe24512f8213d8cb"), - }, - GcmTV { - key: &hex!("77f754d0cf7dbdaf75cfe965ab131e8cd39087ee6d986dec4ad2ff08ebd7f14b"), - nonce: &hex!("e28a14f3107ca190d824ed5f"), - plaintext: &hex!("54a97a74889e55d8043451c796"), - aad: &hex!("1decf0cbc50a9da6dad4a785a941e4b95ce5aaa8"), - ciphertext: &hex!("eedbf8dd81eb19184589dcb157"), - tag: &hex!("7749edd752fab7e50dbc3b0b47678bf6"), - }, - GcmTV { - key: &hex!("0523f232001e68bd65a79837bbaf70ec2e20851301d8e12fddb5926acb2100cb"), - nonce: &hex!("2bb8d5cb3ceb15107582e1fa"), - plaintext: &hex!("6b4cdc9f9c5082d86a1d2e68fe"), - aad: &hex!("1f55bba71cb63df431ef8832c77499ee3c502067"), - ciphertext: &hex!("079fe90ef517ed2f614a3cd8ce"), - tag: &hex!("539c30590a2527f1d52dfae92920794c"), - }, - GcmTV { - key: &hex!("54c56ee869ebb112a408717eb40af6937fe51eb061b42277a10537e7db346b6a"), - nonce: &hex!("5bfb63e2f3e5b2e1b4343480"), - plaintext: &hex!("75f9496b8d0ca96ed3af02dcab"), - aad: &hex!("740ab07b9c5de2afa37f0788ae5230535c18203d"), - ciphertext: &hex!("827902e58c4c8b7af976f61842"), - tag: &hex!("036ee6473c2138f2a2c2841438cb0edc"), - }, - GcmTV { - key: &hex!("d968ffdbed6ffc259b4310e2e97e42d877ef5d86d2169928c51031983779a485"), - nonce: &hex!("633d0d8d3613c83b40df99dd"), - plaintext: &hex!("08cfc65fea9b07f0c01d29dfdf"), - aad: &hex!("9aadc8d8975ec0a3f5c960ce72aaec8ef0b42034"), - ciphertext: &hex!("7b450f162bdedc301b96a3ac36"), - tag: &hex!("970d97344b1451f3f969aeb972d352e6"), - }, - GcmTV { - key: &hex!("5f671466378f470ba5f5160e2209f3d95a48b7e560625d5a08654414de23aee2"), - nonce: &hex!("6b3c08a663d04132243dd96c"), - plaintext: &hex!("c428592d9f8a7f107ec4d0df05"), - aad: &hex!("12965559c31d538f937bda6eee9c93b0387318dc5d9496fb1c3a0b9b978dbfebff2a5823974ee9d679834dbe59f7ec51"), - ciphertext: &hex!("1d8d7fe4357080c817303ce19c"), - tag: &hex!("e88d6b566fdc7b4fd62106bd2eb806ec"), - }, - GcmTV { - key: &hex!("fbcc2e7faa4295080e40b141bef829ba9d34e0691231ad6c62b5109009d74b5e"), - nonce: &hex!("7f35d9ec651c5b0966573e2f"), - plaintext: &hex!("cdd251d449551fec080425d565"), - aad: &hex!("6330d16002a8fd51762043f2df06ecc9c535c96ebe33526d8faf767c2c2af3cd01f4e02fa102f15ce0236d9c9cef26de"), - ciphertext: &hex!("514c5523024dd4c7d59bd73b15"), - tag: &hex!("d3a399843e5776aa348e3e5e56482fff"), - }, - GcmTV { - key: &hex!("04ef660ec041f5c0c24209f959ccf1a2a7cdb0dba22b134ea9f75e6f1efdae4a"), - nonce: &hex!("0f5f6fbca29358217c8a6b67"), - plaintext: &hex!("0835b312191f30f931e65aa05f"), - aad: &hex!("505e205d13ec945391c7d6516af86255e82f38433f40404d4f1e42d23b33eb9e6dea5820dad60622d3a825fc8f01a5d2"), - ciphertext: &hex!("5ddc0f5963f0290c1a0fb65be7"), - tag: &hex!("106d1f8d26abe4b4b1e590cd5d85e737"), - }, - GcmTV { - key: &hex!("42d3ff74284395fb9db9b8c7a444fa400f7fc6b985a7fec2478667c7f17cf3ba"), - nonce: &hex!("89230fbed59d1226a093ad28"), - plaintext: &hex!("d8339e3618ba57a243a27c85d6"), - aad: &hex!("60342f97310446266b2e47b18e008979d07fc181151ac0939b495e7f31de1d0e74042532840ab91686efd7a402d27a94"), - ciphertext: &hex!("9bb6fa36fa167016109d521ac0"), - tag: &hex!("600909ef32ca62951ecbdc811caa7778"), - }, - GcmTV { - key: &hex!("e115c6468606a5f9b8e9a7c220d7d7684d686c9210a669770b6e4bf24447cd17"), - nonce: &hex!("029c7c9ee2d3ab26843e8b41"), - plaintext: &hex!("7abf84842f9867cfc5eabc7032"), - aad: &hex!("1befd9f97f99fc096deafde5e158ac86716c0ba32454988fe48ba4737684361849a221c03fc0948cb25b5f29d6a0cb2a"), - ciphertext: &hex!("851c7047fb09646fbddb824531"), - tag: &hex!("d0ac4110c8d768f0a804ecda387cfa30"), - }, - GcmTV { - key: &hex!("56552f0cef34673a4c958ff55ad0b32c6ababa06cb3ae90178ab1c9a1f29c0e5"), - nonce: &hex!("b34d24935407e8592247ffff"), - plaintext: &hex!("dbd6cc358b28ab66a69f5238d4"), - aad: &hex!("b199437da189486a8fd1c2fa1fe3ebbb116f0ef41415bb7c8065272fb0b2fe8edca9cd0d4255d467e77f2834be557474"), - ciphertext: &hex!("76dc8d035e5ca4001e4e3fcb18"), - tag: &hex!("49c01f735da1131cd42b01b746fd38de"), - }, - GcmTV { - key: &hex!("d4f405ba556e6fe74b7e6dbdd7a8eae36376d1ca7a98d567d108729aeae5c326"), - nonce: &hex!("df6637c98a6592843e0b81ef"), - plaintext: &hex!("abe87641e9a5169f90179d3099"), - aad: &hex!("a5328cbabdfe6c3c1d4f5152189072dade71e2bacd857d3ce37ee9e3161eb0f20de5a29b7999fd9c7c60cdc03751bd1b"), - ciphertext: &hex!("06f9cf9677745e78c6c02bf06b"), - tag: &hex!("5a3a76da0703c24a9588afb2ac1a9e13"), - }, - GcmTV { - key: &hex!("4f667f65ea4569264456e25de498579036d6a604c18baf770bb626d8a1c68e4f"), - nonce: &hex!("43e27d275abefdd45137c8ff"), - plaintext: &hex!("eaa2498ce27e5658489381b6ec"), - aad: &hex!("264b807b4631d7c87ee9f1507082f5af9218f531b4630141f3c94939aa7cf81c71ea540783995560bf7e6e02d196227f"), - ciphertext: &hex!("bac018bf2e7090e7f217ab3365"), - tag: &hex!("13e5a16a9ce7a88cda640de2c4fdc07e"), - }, - GcmTV { - key: &hex!("f5624a166759ef0b8168af6565649f7797fa92476e008c407458101e75831312"), - nonce: &hex!("521ca79ffc8930349abfc052"), - plaintext: &hex!("1fab3def2ea13e815f8746093b"), - aad: &hex!("6e2771ecd637361cb6b947148910f7d9206d6af176c510bb5dd5bc9b97ac015fb05537affbc1756625715374172fb456"), - ciphertext: &hex!("ca72ff15a7eb62a2839bcf0c43"), - tag: &hex!("475fff6d9e2382583c9614020844b92a"), - }, - GcmTV { - key: &hex!("ac1383a3c783d3d0667e944cbe1a6159647b96afa922557eb1cb6407546b98ca"), - nonce: &hex!("70366112dbe1bd905b900e3a"), - plaintext: &hex!("b8dd871f9d866867efbe551c3b"), - aad: &hex!("b7c1865927737bee802415277cf1a25b7380774a9d27b6a3253f077d36e9c4142df2bbbf3c03414ac09161626ce9367c"), - ciphertext: &hex!("ba181874380841791f64881534"), - tag: &hex!("c5641edf42c446873372bbbde1146642"), - }, - GcmTV { - key: &hex!("f37499d9b6ad2e7618e30a23082673008f3ae1938b9397c02a4da2453fb7e403"), - nonce: &hex!("18e112ea6a998d6f9705f7e0"), - plaintext: &hex!("31560b2114a248ffe0696fa130"), - aad: &hex!("736f1a71fb259f46c6519bb87451f238f47d80c74a016604499b02568f1c7bedf70f9597d7b62c1698c4f2631f4e9706"), - ciphertext: &hex!("0163f558be0142ebabde29a7bc"), - tag: &hex!("45579ce07ee64cdac3a7a42109ff44e7"), - }, - GcmTV { - key: &hex!("50b7f5118ef7ee22b107d93ceab9881ef9658931e80385d1ae92501b95e47d62"), - nonce: &hex!("d5113665039169978b7dc4db"), - plaintext: &hex!("9ba4cd5e600277f4c786ce827e"), - aad: &hex!("68ff6c63e94cb7dd2b8413662a56c88dc130b79b8b2e2388c1089b61fa51ea37819109b5ef64da1250f5d6b5d74cc392"), - ciphertext: &hex!("67842199482b28be56f7570d11"), - tag: &hex!("79e03841843fe32337b7c7409a2153bc"), - }, - GcmTV { - key: &hex!("d396941c9c59e6a7bc7d71bd56daf6eabe4bfb943151cdb9895103384b8f38b4"), - nonce: &hex!("f408f8c21f3825d7a87643ed"), - plaintext: &hex!("dc8ad6a50812b25f1b0af70bee"), - aad: &hex!("947bd9a904e03fdd2c91d038d26d48ac6e32afcad908eacd42a25f6240964656d5a493242d3f8a19119a4cd9957d9c42"), - ciphertext: &hex!("57e6d821079bb8a79027f30e25"), - tag: &hex!("de8c26d5a3da6be24b3f6ea1e2a0f0c6"), - }, - GcmTV { - key: &hex!("eca22b3a29761fd40031b5c27d60adbcfac3a8e87feb9380c429cfbcda27bd06"), - nonce: &hex!("4e6fe3d1f989d2efb8293168"), - plaintext: &hex!("44d6a6af7d90be17aac02049a4"), - aad: &hex!("29beb1f0bb6b568268b9c7383991a09fd03da7e1639488169e4f58ec6451cad6d4c62086eee59df64e52a36527733d8c"), - ciphertext: &hex!("9aaa295bb3db7f6335a4c8cf2f"), - tag: &hex!("55f7577163a130c0dbcde243ef216885"), - }, - GcmTV { - key: &hex!("fa3ce8b099f3a392624bc433b5265235b65c0952cfc54817be2a8003d057903c"), - nonce: &hex!("3168b4e50efe96b3d3aed600"), - plaintext: &hex!("84ed3ccd428d3783ecea180b3b"), - aad: &hex!("d451fa64d73b7d7eee8f8143c40bab8e3f7a58ee018acda23224974f64ac7e1e389f5058ec08664bf56492b932d15f42"), - ciphertext: &hex!("ee2bd527568a4e7537c8f939b6"), - tag: &hex!("f4615f7dfdffec8a2d52c992456210ad"), - }, - GcmTV { - key: &hex!("ff9506b4d46ba54128876fadfcc673a4c927c618ea7d95cfcaa508cbc8f7fc66"), - nonce: &hex!("3742ad2208a0484345eee1be"), - plaintext: &hex!("7fd0d6cadc92cad27bb2d7d8c8"), - aad: &hex!("f1360a27fdc244be8739d85af6491c762a693aafe668c449515fdeeedb6a90aeee3891bbc8b69adc6a6426cb12fcdebc32c9f58c5259d128b91efa28620a3a9a0168b0ff5e76951cb41647ba4aa1f87fac0d97ac580e42cffc7e"), - ciphertext: &hex!("bdb8346b28eb4d7226493611a6"), - tag: &hex!("7484d827b767647f44c7f94a39f8175c"), - }, - GcmTV { - key: &hex!("b65b7e27d552395f5f444f031d5118fb4fb226deb0ac4e82784b901accd43c51"), - nonce: &hex!("2493026855dd1c1da3af7b7e"), - plaintext: &hex!("8adb36d2c2358e505b5d214ad0"), - aad: &hex!("b78e31b1793c2b758494e9c8ae7d3cee6e3697d40ffba04d3c6cbe25e12eeea365d5a2e7b46c4245771b7b2eb2062a640e6090d9f81caf63207865bb4f2c4cf6af81898560e3aeaa521dcd2c336e0ec57faffef58683a72710b9"), - ciphertext: &hex!("e9f19548d66ef3c16b711b89e2"), - tag: &hex!("e7efc91bbf2026c3519010d65628e85f"), - }, - GcmTV { - key: &hex!("8e4f8859bc838f6a2e7deb1849c27b78878285e00caad67507d5e79105669674"), - nonce: &hex!("e71d0ebb691a4c31fdd9879c"), - plaintext: &hex!("bd1713d8d276df4367bf3cbb81"), - aad: &hex!("47ca6cef3ca77997ef1b04e3721469be440ad6812aa3674ae92ca016b391d202e29932edfa83029eccae90bd8dbe4b434e7304b28fe249b380b2c3c49324fd5b3e469e3e135abc1c9fd77828b409c7482e6a63461c0597b14e5c"), - ciphertext: &hex!("eecbfb74e314628b0e3f827881"), - tag: &hex!("c9ea890294d7e10f38b88e7c7493c5f8"), - }, - GcmTV { - key: &hex!("2530cdcb2a789000822588a31bdc87c09234838da2d6ae1259c7049186525f11"), - nonce: &hex!("0c509faa257dbb0e743a53ac"), - plaintext: &hex!("a8edc524930ce4c20897c66f75"), - aad: &hex!("92a92cb8c1984ede806028cc45ac95574167ee83f03a707cc4b0fb8ad70907e0016e38b650f4a75bc83a625e3c670701d43bfb0326d1c4fe7c68410733c0c874c920389d164bf67a9032e2e837f5e9e324b97932d1f917ba7dca"), - ciphertext: &hex!("1f658c7a1f41152b22999ed1b7"), - tag: &hex!("cf3e4fef775d9c6ff3695be2602a90d8"), - }, - GcmTV { - key: &hex!("54c31fb2fb4aab6a82ce188e6afa71a3354811099d1203fe1f991746f7342f90"), - nonce: &hex!("f0fe974bdbe1694dc3b06cc6"), - plaintext: &hex!("fbb7b3730f0cd7b1052a5298ee"), - aad: &hex!("2879e05e0f8dd4402425eabb0dc184dcd07d46d54d775d7c2b76b0f76b3eed5f7ca93c6ae71bf509c270490269ea869ed6603fdf7113aa625648ab8ed88210f8b30ec9c94bca5757ca3d77491f64109101165636b068e3095cb4"), - ciphertext: &hex!("3a5a2a8aa93c462cfb80f1f728"), - tag: &hex!("59ef9d54ee01fb6cd54bd0e08f74096f"), - }, - GcmTV { - key: &hex!("8084061d0f7858a65c3a3557215ed46f1590278ca97a45dcb095d2a0979f2e3f"), - nonce: &hex!("6973898b1a8f72856415675b"), - plaintext: &hex!("200d0445cb09eb52f54d2f74c6"), - aad: &hex!("8b543e294546848c3308ccea302f0238b7dffc1706d03657c190ea745cc75bcd5a437993e787828ea7fe42fea1d5c6f7229a72ea65f0d0c190989a590ab49c54726633282c689eef8cf852af263b5edf63e449fd5440730003ca"), - ciphertext: &hex!("ec242c358193ca6187c89aa7a5"), - tag: &hex!("967428ac6956525ba81d5901ed259407"), - }, - GcmTV { - key: &hex!("2aad7db82df4a0d2ec85218da9d61ade98f65feeb8532d8eb728ef8aac220da6"), - nonce: &hex!("029ac2e9f5dc3d76b0d1f9df"), - plaintext: &hex!("ba363912f6207c54aecd26b627"), - aad: &hex!("d6f4b6232d17b1bc307912a15f39ccd185a465ee860279e98eb9551498d7b078271ebabdda7211e6b4ab187043171bc5e4bf9ffcf89a778430e735df29410a45ca354b0003433c6bc8593ee82e7c096a32eac76d11daa7d64150"), - ciphertext: &hex!("bfcad32611da275a0f0821517c"), - tag: &hex!("9ea37bdcaafad69caf06d67fb18dd001"), - }, - GcmTV { - key: &hex!("f70bb950ab56f12f1efc2376d32a59d16ef3ef5969e0106ab40cc314c9b0c7e8"), - nonce: &hex!("3b3b29ba422c2bacafeeb8b3"), - plaintext: &hex!("029929277043dc0379f152a484"), - aad: &hex!("464ac0c84b9ff17a0e7c39a65f89682a89b8787553a6275f0d55effaabef2114072c739f9831a5d5a5133ae4de14eb51346b318b255a1bff57e50c433e1e69a00fe1a8b6f6b621d515d670d89e148f6b65d6eb4c54878cb819ce"), - ciphertext: &hex!("c0b97d6d1a95d708d6dc7d2b95"), - tag: &hex!("322eb4395bf4d4dd070b8f9f6195f8ee"), - }, - GcmTV { - key: &hex!("f4950f01cb11fdd9afb297f7aa852facfac354ff96557befa5f657678de6cefb"), - nonce: &hex!("aba7d864f29cbc449cd93e33"), - plaintext: &hex!("e6daf59ef54ac7405984fc4c4e"), - aad: &hex!("852f624cea7a8c20e189e0c79f578c0d770c4bf7c4e691649eba992f6de89d7bf2078aff94803a3dc62628e02a80a01957722e2a931fc56283d84ab68ce11ae867835c2d9700df130048ea8eaaca41f1a9059be2acaea6e0f7f2"), - ciphertext: &hex!("d01d36ff8009b4082279abb906"), - tag: &hex!("d9a36c8008493bd95c09049299cbd075"), - }, - GcmTV { - key: &hex!("714261ef4f02fb4efb0e6b5aed96d7b3ceac6551a57cf679da179c01aac5ee0e"), - nonce: &hex!("3b7d15c7fd877461a789255a"), - plaintext: &hex!("815de8b0382fe60cb0d3782ee9"), - aad: &hex!("7621e58152336ee415f037f2e11581fe4da545c18d6e80177d5ab5dda89a25e8057d6fccec3757759a6e86e631080c0b17baa8be0b8fe579d3bfa97937ee242b6faacfc09425853df4dc26bc263ed1083a73ffc978c9265f8069"), - ciphertext: &hex!("29c566ea47752a31a380fd0e7c"), - tag: &hex!("b279340a384dbbae721c54e9183b3966"), - }, - GcmTV { - key: &hex!("53459ba5a2e49d1a7c2fb6ad9e6961b4dbe5158cb9266eff425d6dcccaaf8073"), - nonce: &hex!("3c97dc635a75fbe2c33c9a41"), - plaintext: &hex!("03fbfe5842ed781990ca8be728"), - aad: &hex!("7fe308afe58a927680bee3368301f4dc7c47811fc09f1b9922a092a497b9c6b67c857fdcc32da1011acb110b3c1475bef303f1a609479485cc400ee8f38381c45d078708ad49f226f95dd9c81478d1ee2b53c3b906d96f8ddd76"), - ciphertext: &hex!("5865e5a1ec711732a4ee871bff"), - tag: &hex!("856a653ec214178096bed423e30a36e9"), - }, - GcmTV { - key: &hex!("f0501583c226d2519ed23fcc6f2cffd2f013eb91aa07b3a5a2073d6e2bd10cef"), - nonce: &hex!("29a922ad9bdeddc2e298b99f"), - plaintext: &hex!("035eb6922345c02a81435d9e77"), - aad: &hex!("d84f54bac09ea92afe0a7335cb0bb5f68425490fd2fb6c3b99218f49856ed427ec902e510b899d54951fe84cdbfd112608d1e999f64ecc9cd4be3a0114c1c34875dbf35a1b0be421659f99d69b32e968cebfca6f95837e3edeb4"), - ciphertext: &hex!("095971f99af467805a62bfb882"), - tag: &hex!("d5ff2b7beac260e517ea3eca13ff1e77"), - }, - GcmTV { - key: &hex!("78e6789b596c71cb3becc833cf823d2ebb18ca2e26c27e26a55ef95df7353971"), - nonce: &hex!("65da9c7a9f17b11246bcf8db"), - plaintext: &hex!("003e82a147df3c953400f87ab5"), - aad: &hex!("d49aee7ffd31e7c8d831d97ae894a00473adbc5071f6099d567caaef85c295d5143a1316ff82753cc35d3efc60f7e5101ddd811336b404d598f6c439cce6b47fcbebb15d1c342e4151b355025a03b4397260b4a7e6444fa57b5b"), - ciphertext: &hex!("abcceced40209fc30a5590fee8"), - tag: &hex!("0a203973b81375949ebd932597efd495"), - }, - GcmTV { - key: &hex!("816b3e6ca31d59688c20bcd1fa4285197735d8734289ca19a4730e56f1631ccf"), - nonce: &hex!("4c191ac994f86985c180ccd4"), - plaintext: &hex!("b2060dd86bc307133b7d365830"), - aad: &hex!("b3dcd643c68ccce186570c63288c8722b8a13dfaf9e71f44f1eeb454a44dddf5f955540cd46c9f3b6f820588f71936d7a8c54c7b7bc43f58bb48e6416149feae7a3f8d8198a970811627489266a871e8cb87878cdb3a48be65f5"), - ciphertext: &hex!("53e65880ad0012a75f1188996f"), - tag: &hex!("9ca8a71a45eb4402a6b03106bae330d1"), - }, - GcmTV { - key: &hex!("a07ba57478061bd7abddd762971cf2e47141891f76c3d1c150b53eee5704557d"), - nonce: &hex!("5adfb85b2d9e239c5146501d"), - plaintext: &hex!("67c8824c1837cfdec6edcd719c"), - aad: &hex!("937b3ed73e67ca0b02f9eb736a668362d4d0447c15f6083099a7f90c7c49318dd72f6baa74da22ff53b56c24fb9a1b1d6c4e29f4ac4d917220ebe3c8d760999da7be9e1e8f6a171133640c9196f9ee3cdb76a5a342a95a05c8c4"), - ciphertext: &hex!("1eb85c6682850e849eb37927e5"), - tag: &hex!("8079f705cf551a5484132cd0f0c5297c"), - }, - GcmTV { - key: &hex!("268ed1b5d7c9c7304f9cae5fc437b4cd3aebe2ec65f0d85c3918d3d3b5bba89b"), - nonce: &hex!("9ed9d8180564e0e945f5e5d4"), - plaintext: &hex!("fe29a40d8ebf57262bdb87191d01843f4ca4b2de97d88273154a0b7d9e2fdb80"), - aad: b"", - ciphertext: &hex!("791a4a026f16f3a5ea06274bf02baab469860abde5e645f3dd473a5acddeecfc"), - tag: &hex!("05b2b74db0662550435ef1900e136b15"), - }, - GcmTV { - key: &hex!("c772a8d5e9f3384f16be2c34bf9afd9ebf86b69e6f610cd195a9db169e9be17e"), - nonce: &hex!("9b8e079f9971d7352e6810a3"), - plaintext: &hex!("7f13fcaf0db79d792823a9271b1213a98d116eff7e8e3c86ddeb6a0a03f13afa"), - aad: b"", - ciphertext: &hex!("d29e2bf3518668a14f17a3e4e76e1b43685734b801118d33a23238f34d18aa40"), - tag: &hex!("8e02b0b7d172cf5e2578f5b30fac2e7a"), - }, - GcmTV { - key: &hex!("d5924b31676e2354fe7dafffaf529749598ea1bf5e4c44f5b60240e09d8036aa"), - nonce: &hex!("5d847784f0bcd79cb84fcf1d"), - plaintext: &hex!("6fd80c8f0d4de081a93c16b84dec697a1e4f9d80a6af497c561572645eac0d63"), - aad: b"", - ciphertext: &hex!("282cc9d2308a443019cfdc4d79854accc7731ee36902bafe3ffaca6484327b82"), - tag: &hex!("4dc5e0f2ab91bdfd31f2bdcf06af9667"), - }, - GcmTV { - key: &hex!("b328c6d7946221a08c4f0509b52992a139890cdd8eae1956851f110c49602cb5"), - nonce: &hex!("1a433c33ca12ce26cf3dffff"), - plaintext: &hex!("217bdc314a4d335c72b5267b424fc8e31f4bb118e6cfaeacf5548f4ba8f51980"), - aad: b"", - ciphertext: &hex!("a322944e07bf84ab424ffa75fd0309e8691c9036b08f344ba76ce0774f43b351"), - tag: &hex!("14dd6b1c2b224533ccc9fee8d2881358"), - }, - GcmTV { - key: &hex!("c2080965d21d229c0d0d6c56cbce83880120c21a48172a64560b90dc4ce1ffbe"), - nonce: &hex!("928d6c0195f5f0974f38730b"), - plaintext: &hex!("864397271e1b242aa1dff38e78aa89353e1554ba907318a0aaad44f26fcd567d"), - aad: b"", - ciphertext: &hex!("7de4f941f44bd0f268b2a47b9c4927cc10537bbed739d52ab099fde4033041d1"), - tag: &hex!("b51a59931817257619e7be1091128c49"), - }, - GcmTV { - key: &hex!("dd6b7e2584edf1f1e6c2c0dd1f72161a92d2cba99856554f820de1256d48c099"), - nonce: &hex!("fe9d553c75067e8dbae1ab67"), - plaintext: &hex!("f9f86f7762859f11d6e7ef56178657ddcded532843446f86a23eac35aa2dd3c0"), - aad: b"", - ciphertext: &hex!("f7aaa1711c8092783b05b4e5e6c9c6944e991bd59c94b9d0356df00a66e2db5b"), - tag: &hex!("c61edd176c8322a01d8c5f3df09252e9"), - }, - GcmTV { - key: &hex!("37f39137416bafde6f75022a7a527cc593b6000a83ff51ec04871a0ff5360e4e"), - nonce: &hex!("a291484c3de8bec6b47f525f"), - plaintext: &hex!("fafd94cede8b5a0730394bec68a8e77dba288d6ccaa8e1563a81d6e7ccc7fc97"), - aad: b"", - ciphertext: &hex!("44dc868006b21d49284016565ffb3979cc4271d967628bf7cdaf86db888e92e5"), - tag: &hex!("01a2b578aa2f41ec6379a44a31cc019c"), - }, - GcmTV { - key: &hex!("a2ef619054164073c06a191b6431c4c0bc2690508dcb6e88a8396a1391291483"), - nonce: &hex!("16c6d20224b556a8ad7e6007"), - plaintext: &hex!("949a9f85966f4a317cf592e70c5fb59c4cacbd08140c8169ba10b2e8791ae57b"), - aad: b"", - ciphertext: &hex!("b5054a392e5f0672e7922ac243b93b432e8c58274ff4a6d3aa8cb654e494e2f2"), - tag: &hex!("cf2bbdb740369c140e93e251e6f5c875"), - }, - GcmTV { - key: &hex!("76f386bc8b93831903901b5eda1f7795af8adcecffa8aef004b754a353c62d8e"), - nonce: &hex!("96618b357c41f41a2c48343b"), - plaintext: &hex!("36108edad5de3bfb0258df7709fbbb1a157c36321f8de72eb8320e9aa1794933"), - aad: b"", - ciphertext: &hex!("b2093a4fc8ff0daefc1c786b6b04324a80d77941a88e0a7a6ef0a62beb8ed283"), - tag: &hex!("e55ea0456af9cdff2cad4eebbf00da1b"), - }, - GcmTV { - key: &hex!("6fb2d130bbad1924cab37d071553b12169e978a805bf74cb4c23d5ccd393d7bb"), - nonce: &hex!("76826741225a391fdce4d3b6"), - plaintext: &hex!("c49b80080e2efeb5724b9e5b53ba0c302e97bd16f1a6bbec01e1ca6c35a42a3c"), - aad: b"", - ciphertext: &hex!("62fbe5466a7ff83ff719f4927e00e9319e1bb7e835c5d6b4e9d4bc5a8d6e2beb"), - tag: &hex!("df72da7a66cb5257836f3c19ecadcd55"), - }, - GcmTV { - key: &hex!("402e8113970257d9437807620098370243536a105cca4fbc81a1ff2d48874f48"), - nonce: &hex!("c924c19c4d14905a2bdf63bf"), - plaintext: &hex!("917b9585f65e59bf4d242bb0802966045dd29fbc66911277baecdfcc818c3c35"), - aad: b"", - ciphertext: &hex!("5b6594edcddbb338f4e813687f4f23a75a64c21e3cf5d2e7c9af0f7e3ee3e616"), - tag: &hex!("f1cccd93a4411247c8b6830addd72c6f"), - }, - GcmTV { - key: &hex!("2aac499cb0eb72b4598acff4330df6cd764978997d5ace51da88e0c18671bde9"), - nonce: &hex!("fd16cdc39d7f0b92e1f95c97"), - plaintext: &hex!("e7b75bfa35c9a004d0b68265623a9b06b6d4493ea0ad4f6c777ba5add8c7bbbb"), - aad: b"", - ciphertext: &hex!("c3d0a0f7ce9720c95aac86151aad634884ddfa62df58f18394537f6504d9a8aa"), - tag: &hex!("76749a1ec70236b267fc340d5fbb6da3"), - }, - GcmTV { - key: &hex!("a2a502d6bb19089351e228d5cbff203e54fc31f2772253df08557875d964c231"), - nonce: &hex!("0ebb5af4a462a1e6ded7164a"), - plaintext: &hex!("bbecc89450c07b8de631155e5d7cc7a9d26376bb57d7458d49b4c36e140490f3"), - aad: b"", - ciphertext: &hex!("fd09c950890441fcaaa8809a8998079abb88741c6672abae12383ffd724f8299"), - tag: &hex!("22fac246058bf142c5f26812a635b480"), - }, - GcmTV { - key: &hex!("ce2d289e20c76f75c135c8118d5cbf5f2828026f0b639588a3eb4ad752cea548"), - nonce: &hex!("bb08526dd8bd1c3bb58d0999"), - plaintext: &hex!("56f5db1e796a0c4633a8d570182c39e3c8451e7ba485b98d38a2c926a1b92a46"), - aad: b"", - ciphertext: &hex!("a41005df18734d4f3f99f19ef8fc43b16ef431207cb0466341bf164b58e23533"), - tag: &hex!("a45c2a1ef6aec75cc22d71807dab3c27"), - }, - GcmTV { - key: &hex!("66e418d0ec97b420b1b5365d1b6d5cd7c5ac1a5653739120d4aec3c94c93c287"), - nonce: &hex!("989f94480266e3652488184e"), - plaintext: &hex!("e5052b19d7f827fd60f45c8925809fd2217ec4d16aa89bbf95c86a1c1e42bd36"), - aad: b"", - ciphertext: &hex!("f341630574ee92942cf4c5ecd3721ae74b32c557379dfe8351bd1c6661a240da"), - tag: &hex!("e85fb655ef432e19580e0426dd405a3e"), - }, - GcmTV { - key: &hex!("37ccdba1d929d6436c16bba5b5ff34deec88ed7df3d15d0f4ddf80c0c731ee1f"), - nonce: &hex!("5c1b21c8998ed6299006d3f9"), - plaintext: &hex!("ad4260e3cdc76bcc10c7b2c06b80b3be948258e5ef20c508a81f51e96a518388"), - aad: &hex!("22ed235946235a85a45bc5fad7140bfa"), - ciphertext: &hex!("3b335f8b08d33ccdcad228a74700f1007542a4d1e7fc1ebe3f447fe71af29816"), - tag: &hex!("1fbf49cc46f458bf6e88f6370975e6d4"), - }, - GcmTV { - key: &hex!("2c11470e6f136bec73351619288f819fb2bbba451857aadfb78384074612778a"), - nonce: &hex!("4e6cc2bcc15a46d51e88958d"), - plaintext: &hex!("3b3186a02475f536d80d8bd326ecc8b33dd04f66f8ba1d20917952410b05c2ed"), - aad: &hex!("05d29369922fdac1a7b37f07953fe175"), - ciphertext: &hex!("6380945a08977e87b294b9e412a26aebeeb8960c512439bac36636763cd91c0c"), - tag: &hex!("1029a3c4be1d90123c1b404513efde53"), - }, - GcmTV { - key: &hex!("df25ea377c784d743846555a10cfaa044936535649e94da21811bad9cea957b5"), - nonce: &hex!("35f5f8e950c1f57ad3dfb1fa"), - plaintext: &hex!("98941a807ac8f16eef0b3d3c7bbdfd55d01736c5b3360d92b4358a5a8919380b"), - aad: &hex!("28eb4677110ccb6edc8d2013dc8f46ec"), - ciphertext: &hex!("24a07532e981aaf3106eab8dfbb2d2078342e2eaee027e148f06aca68f6a1c50"), - tag: &hex!("131373ed4a0e3f584ae978d42daa6f3a"), - }, - GcmTV { - key: &hex!("106168ea651f22c54196a06f1a10bcf4e620d93e4dc0824d798f44f9219c6177"), - nonce: &hex!("4064dcbd631cf20b05ae22de"), - plaintext: &hex!("b0d3da2b96b8889c92e445abbea4c6d0d5d44d7fbcc7dade4c92f6bcddbf06e1"), - aad: &hex!("a36e2fb9cd96a8ca9ae2b193aa498efd"), - ciphertext: &hex!("f55a6d8a6965ea451637bec7548cfb1ffe59fc0ce6ea6a937cb5dd32b3d45d5f"), - tag: &hex!("8d1bf2715041f817f11631fc9910c629"), - }, - GcmTV { - key: &hex!("272d1649a3dd804de0962d3e07064a7054c00a6234ab1b0cdcf685ab394837e5"), - nonce: &hex!("955b5897f6b9806bbec5c33e"), - plaintext: &hex!("36e57c29c08c51ad7fa91c0416f976cfd011780eb44cc5abd34c7b431b093b8d"), - aad: &hex!("33e618ecbbe5eb0566df21c3c34b7e25"), - ciphertext: &hex!("cd6aeb345081dc0bb2c8b4d19b280658fb87c0f2bd0f4c9da694dc1feeb32f4e"), - tag: &hex!("dd37eac6bd6a4d3618241738779735d7"), - }, - GcmTV { - key: &hex!("3dab6a51bb7af334dd4b79a7d139550c88f0778d43c21fc4ad33f983a13515cb"), - nonce: &hex!("362eaa67cab3d1ed48e9f388"), - plaintext: &hex!("3eb7f5f0a4ca9aa7000497602c6124433a60a8fcd91b20175b4ee87e6b10a2d7"), - aad: &hex!("52852150786e6547a2618e15c77110b6"), - ciphertext: &hex!("cc3316041b88733839249b756ffa00bbec6211942f604f26c4a35ed32e6eeaff"), - tag: &hex!("5936c5500240d50c0da0fcdc248f176e"), - }, - GcmTV { - key: &hex!("0ea606521b935d5b4b66df89fb372d35c4d6d2c03767367e38de0d4c27761d56"), - nonce: &hex!("0d3168318a4f76392699640b"), - plaintext: &hex!("f450b36d6c49411897bce39001d73ff01b5e8566179e36dacac7064cab5c6270"), - aad: &hex!("3bd8849070cf034c4298f40f33b0b839"), - ciphertext: &hex!("3b15fad18726c4eaa70502b3f3b32c5092d1d92835e6460665fc50dda953a191"), - tag: &hex!("11fd3fddf61e010c17fbedd4bd5fb012"), - }, - GcmTV { - key: &hex!("c8c4f9e0bd289ef1bd16104a8074fb073dd9035ab937ab076fb5801e2295aa2f"), - nonce: &hex!("be699d9d98ec1f724da8bd0f"), - plaintext: &hex!("49fe9407a719d41e658587809cfed7a5b49941c2d6378f3c0afe612f54f058a1"), - aad: &hex!("a985c7489732038c3190cb52be23737c"), - ciphertext: &hex!("17a9aaa6a3c68ba1f6cb26fdd6536c207e3c9ce58f43e4ecfd38d3387a798a0f"), - tag: &hex!("d832cb4814142562fedfe45b36126cb8"), - }, - GcmTV { - key: &hex!("52d0f20b0ca7a6f9e5c5b8549d5910f1b5b344fc6852392f983558e3c593be24"), - nonce: &hex!("d5c618a940a5a5d9cc813f27"), - plaintext: &hex!("a9fed8a29355685321f978e59c40135309306cd41b25349fe671dc7990951c68"), - aad: &hex!("61823f7e39ed76143ca7249d149bdf57"), - ciphertext: &hex!("509c540e558d0bf0a3b776cddfbfddc15486748a7f9952b17c1cbd6869c263f4"), - tag: &hex!("42e35ee3f7119f87fb52b5d75b8ab8ec"), - }, - GcmTV { - key: &hex!("5d291a8f1a6433a41076702d9d8a8c196e464550ed900ce8c2a36f4d10483954"), - nonce: &hex!("c4ba743ee692e5d00b5ae2c6"), - plaintext: &hex!("605d519b26182458fea68dddd86033390fc545f843ae817850a2a4574add015d"), - aad: &hex!("878fa6720ab30e0287f6903acd2dca19"), - ciphertext: &hex!("1c2f153f2374d3945cca9757dc18d9a15a93276526285a6e316ee32a72092c34"), - tag: &hex!("e7905e856c88c6ece4bb47781becf923"), - }, - GcmTV { - key: &hex!("09e2724d4017cd57e967000e4da2cd5c5c18ccfb06c33b7ce62a7641e4bb0b73"), - nonce: &hex!("9ea18b420a10177289ab370b"), - plaintext: &hex!("6f5dfa86d5df4febd752265c56390049e7cda60c2644c84ab413932faad15b15"), - aad: &hex!("a8e77939423d5894d307fd60278d162a"), - ciphertext: &hex!("35e37a9b913eb58b72262e92d7584d44bf9a8442f1b2f3da3a5d05ec6a2a31e2"), - tag: &hex!("1a95023b1a4a3e885520ec79e1a3aef9"), - }, - GcmTV { - key: &hex!("8544a9f4f6c0efdff3da90cfa3ee53fbe1f8de159d29537c803e1651da153718"), - nonce: &hex!("be406029a1d0c25d09af94cf"), - plaintext: &hex!("7e88a65646ed138b7c749366d16e41dbafd9987ad2373bb9d0b6ce0c1a4d6661"), - aad: &hex!("599dbb73897d045a1bd87385e60323a2"), - ciphertext: &hex!("38ffbf9ffff8d6a92090584e6dace1c6a47d3d5709a25e470557d5c8f5dd1851"), - tag: &hex!("d5b2e83c47df404de9a7cd95d3cbe7ab"), - }, - GcmTV { - key: &hex!("35b9d2a5db3b06e7720cec794dae615029a491c417f235498e0496cd8183d1bf"), - nonce: &hex!("b382987916e19752dd9ecc0c"), - plaintext: &hex!("76b290496901c5824ad167433dbb6d6b5856d41913ee97ec81e70cf6a170e35c"), - aad: &hex!("e0aa3a1f1df601366c59a390f4f06c3b"), - ciphertext: &hex!("78347400d6799e77e11e76c0ecfd311becf31f74f14b3a71e6d526ce57015c8b"), - tag: &hex!("bf8dec2feac7cfe9f330bdfc92737b33"), - }, - GcmTV { - key: &hex!("d707eab3c167b73efeb08c50e12b1569a275487ea136f52736c0f3ce66b69fa3"), - nonce: &hex!("11116f34182e52428642e747"), - plaintext: &hex!("a0c4818362035b16b50de445d558ea5cf8844bf5c84b96232999a2279806cc45"), - aad: &hex!("ae9f90331800c358716c92667f79f748"), - ciphertext: &hex!("91c77404b20028ef0fd4dd7f8b65b6594af94a1e7fc79cfbdb108265354fc71b"), - tag: &hex!("6c3410d4b915dbad745715202c04e9a4"), - }, - GcmTV { - key: &hex!("405d13ee48d3b9fc26bcfca776b2af6c745d8fc34171622f8c6c4be5a54b8b65"), - nonce: &hex!("add1524abb1b846f0f6577da"), - plaintext: &hex!("e06475990d6e3990266de1bd025c3b1910c0736c81050885f2bfc13ec78e9d96"), - aad: &hex!("0b1c4c3ba877bca5846b2c1f2b0e2105"), - ciphertext: &hex!("6399f7e6d6c680fc41bac8bee3836b9a4241403d5a19e4919f396ce37b238d38"), - tag: &hex!("e754f400d76c76e03c63ea88cf64ccba"), - }, - GcmTV { - key: &hex!("5853c020946b35f2c58ec427152b840420c40029636adcbb027471378cfdde0f"), - nonce: &hex!("eec313dd07cc1b3e6b068a47"), - plaintext: &hex!("ce7458e56aef9061cb0c42ec2315565e6168f5a6249ffd31610b6d17ab64935e"), - aad: &hex!("1389b522c24a774181700553f0246bbabdd38d6f"), - ciphertext: &hex!("eadc3b8766a77ded1a58cb727eca2a9790496c298654cda78febf0da16b6903b"), - tag: &hex!("3d49a5b32fde7eafcce90079217ffb57"), - }, - GcmTV { - key: &hex!("5019ac0617fea10517a2a2714e6cd369c681be340c2a24611306edcd9d5c3928"), - nonce: &hex!("fd1fa6b5cab9aa8d56418abb"), - plaintext: &hex!("4349221f6647a906a47e64b5a7a1deb2f7caf5c3fef16f0b968d625bca363dca"), - aad: &hex!("953bcbd731a139c5de3a2b75e9ffa4f48018266a"), - ciphertext: &hex!("dbce650508dab5f499767651ee734692f7b157341977692d2ca879799e8f54aa"), - tag: &hex!("20239e97e2db4985f07e271ba545bbbf"), - }, - GcmTV { - key: &hex!("c8cee90a8b9ad6094d469e5d1edc30d667608e89b26200cac77efd7e52af36fd"), - nonce: &hex!("5a1aa9c8e635281ee1fb9df7"), - plaintext: &hex!("728d9221891bd75c8e60b7dd6f53edcfd1ab1cebc63a6ce54be220b5b362233b"), - aad: &hex!("0538b3b64da72aac591bc59991a140eff206b3f7"), - ciphertext: &hex!("b753eb6b87f0c8778c3ea3a74fba3b31ced6d2da94d43d482ab0431806a80d75"), - tag: &hex!("b21d29cf6fd04571ffcaf317d384df11"), - }, - GcmTV { - key: &hex!("b4b77710f86ffd463fc14bb9eaa4424b2b3a581778e5511a094a08fb204cab59"), - nonce: &hex!("3e4b12bf55633bf48d104620"), - plaintext: &hex!("6f44a8df11dce27df075ea10ddeb7566ca6c988a334cf56e8540f71166d7c0d1"), - aad: &hex!("3e3b4c9369266266098326217b5677a40297cb87"), - ciphertext: &hex!("31f82f5cb1cd5c4b4819b61aa9377abebe8fca76978b1199178462c7c1c4e2b2"), - tag: &hex!("1b3a535768e8480d75ec91b2e7b55efd"), - }, - GcmTV { - key: &hex!("0a8fb75498a139223c763d52bbe3d42f813de370fa36b81edc4553d4219d2d5d"), - nonce: &hex!("7d6cb675fded3efef908a11a"), - plaintext: &hex!("81b69ca354de3b04d76ee62334cb981e55f0210f1174d391655d0f6712921a0e"), - aad: &hex!("2314ad86b248f1ed2878e7c562b533bf2dda5a29"), - ciphertext: &hex!("6a23d30737f4a72b1e07ba23d17fde43a4498e2e60d3e1b0c8e6ea26a2bb331a"), - tag: &hex!("7fcac442fb657910c62a74b1d0638902"), - }, - GcmTV { - key: &hex!("a84315058849690c2b88062aef81134d338526baa7090e865fcaad94bbf51ca5"), - nonce: &hex!("a487cfa701447b495aab41e0"), - plaintext: &hex!("18074e14dc0a14d4439f1d710927ed8c200154c8492f77f10f653e0bf6070ca6"), - aad: &hex!("7c4416b0cf13ac76bec6687a6840dc703e91bb86"), - ciphertext: &hex!("80f40b7e335d40fc5859e87f385e14798a253818e8ad73b1799c1419638246a4"), - tag: &hex!("b4c7c76d8863e784eb6029cd160ef6de"), - }, - GcmTV { - key: &hex!("82833bcaaec56f6abbb3378f7d65daf6e6f6f2a0d1e858c7219f53a7840f4e00"), - nonce: &hex!("4bc9b028a00be8feb5232978"), - plaintext: &hex!("d9b2383123a27a93bce85add8392b938093b40e82f182e484bf4f84fa3bfb3f0"), - aad: &hex!("76fc8ed57154cd8a9b3d02c87061edd2a8157811"), - ciphertext: &hex!("383efe971438cd2b2cbb399d74a3fb3eedd394f1862addc58e9fdd4c421402d2"), - tag: &hex!("fd803c4fa917f7ff649a6aac013a96b1"), - }, - GcmTV { - key: &hex!("ee4634c49c5672c660968a42862698f6c1b2c7b79efd1605c24af8ff9ff8366c"), - nonce: &hex!("877912b2f35888d2810612cc"), - plaintext: &hex!("9512a5268a0cb3fbd916ddb820dce77f1e0dbb52c8ffc7a74be077119e9245e4"), - aad: &hex!("93bd669db4f1354ef6c8addb0cf729e46d5c3846"), - ciphertext: &hex!("69af0ac954e0d69043851d89f1538ebcb42769857eba27dbe4ad4fd60fd75537"), - tag: &hex!("3ee443873e2f7f7ea601fe3d7e5211e2"), - }, - GcmTV { - key: &hex!("442f4bbc468433411e49486a15c5eed577f5007380ff126d9974f3bd3fe4e3c4"), - nonce: &hex!("1e7133aaa8af826dc646ec62"), - plaintext: &hex!("7f8069e5c356ece135d98bb563c8b411ea90ea3b673dfd92e1ba9c459efae61f"), - aad: &hex!("577662f611446b5b31814930029edb949a30dcb9"), - ciphertext: &hex!("b962952750eb2bce313e1a85a72e3c9cc2ea7e58c353ea37df2c9f0723995ca7"), - tag: &hex!("e633fe9f10cedf0f0d02aa2ddcf47d86"), - }, - GcmTV { - key: &hex!("3a29aec009f44fdd2b1bc07cb7836f29d8589774bd0d74089a68d9e67827d6d8"), - nonce: &hex!("a42c5fb61573c72688ac31d8"), - plaintext: &hex!("d36eb81506c0a0e4ebcac9b4b1acebb38b94b8f2ce3d6f85a8f705fa40cb987a"), - aad: &hex!("2ee2582d544e1663f1d7a0b5033bcb0fce13b3e5"), - ciphertext: &hex!("179ef449daaacb961f88c39b4457d6638f304762bd695924ca9ebd01a3e99b9f"), - tag: &hex!("1fee176c7a5d214748e1d47b77f4bcc8"), - }, - GcmTV { - key: &hex!("ed47660054294f3c913c97b869317cbddc395d757bef7d29b8ccbdd2c54e99d3"), - nonce: &hex!("770a00642c67eff93c9f1f56"), - plaintext: &hex!("034193397cbd0eb414459273a88808db2d0711e46f80d7883212c443d9e31b54"), - aad: &hex!("06210fca2018d2357256c09197730e9777caea96"), - ciphertext: &hex!("6a250ebd3390229d46b691142743dba1c432c0feaa0f0dd19d0ce4e6a8918d80"), - tag: &hex!("a5f6e975592b472907c34b93bfc69dde"), - }, - GcmTV { - key: &hex!("9539844493362dc3f913308f7e12a2a0e02afdbd8869877b30ce0397fb0349dc"), - nonce: &hex!("eadda3132079195a54fde2c1"), - plaintext: &hex!("62349a0b1e40a9f31eadf27073682da15f0a05cf4566ee718b28325f7d8eaba0"), - aad: &hex!("0ae4a90cb292c4e519b525755af6c720b3145a1e"), - ciphertext: &hex!("ad6c9521bf78d1d95673edd150f2b8dd28f10625d67fa25f1fb42d132ba7fcfa"), - tag: &hex!("916242a9cb80dffcb6d3ae05c278819a"), - }, - GcmTV { - key: &hex!("3b4eb08d27ae0b77605ae628a1b54a5402026550679fab0a20752bee510d3d92"), - nonce: &hex!("28a20c40f49a00493da3488a"), - plaintext: &hex!("c8a47edcf84872f53f96ef41ce05ca37cbc3854b556d6e606f0a8a32d0861907"), - aad: &hex!("0591390e2d14ebe62aeb1741c26448ce55b28cab"), - ciphertext: &hex!("a3e8cbf84df8529838f79315c7f1a0b7bb3ad4c4d036ec317b1810b274ee3080"), - tag: &hex!("0a8f66daeb7f0a88756909c4e93fcd36"), - }, - GcmTV { - key: &hex!("0cccea8f1f6ce141690e246cf4cb9f35b66baf6e6986b8e0b4cfdd13fcdbc8c3"), - nonce: &hex!("929f07be5aa7bae7607bae3c"), - plaintext: &hex!("9fa5214c599523c695d37937b02f78837f6406960b2a03bf9a6db34bd35e3dc7"), - aad: &hex!("b851e610be70a994808b34ca73f45f1ea973de65"), - ciphertext: &hex!("917ecc8b00b53f7fb0732d66848a106e91f60acf2dcf180832a74d5993c658da"), - tag: &hex!("2959e20746bbb6ab66dfd29b9477799a"), - }, - GcmTV { - key: &hex!("ecbfaef2345b34f31fbf6d68efb385e5833df8b6e6ae621ede02baf9735d2dba"), - nonce: &hex!("50c3527b1a35ccb318b446de"), - plaintext: &hex!("634f6dd60783d1f952353fd1d359b9ee4f4afa53cc13e81c5adfe24b46baf08f"), - aad: &hex!("f8981548bde6ee6c1745f947de191bf29997fadf"), - ciphertext: &hex!("705e5f67ab889ba238118e3fd9b90b68be801995ae307378d93b50977cf90588"), - tag: &hex!("12d14468ac18cc9936bd565f8ad42d0d"), - }, - GcmTV { - key: &hex!("dc776f0156c15d032623854b625c61868e5db84b7b6f9fbd3672f12f0025e0f6"), - nonce: &hex!("67130951c4a57f6ae7f13241"), - plaintext: &hex!("9378a727a5119595ad631b12a5a6bc8a91756ef09c8d6eaa2b718fe86876da20"), - aad: &hex!("fd0920faeb7b212932280a009bac969145e5c316cf3922622c3705c3457c4e9f124b2076994323fbcfb523f8ed16d241"), - ciphertext: &hex!("6d958c20870d401a3c1f7a0ac092c97774d451c09f7aae992a8841ff0ab9d60d"), - tag: &hex!("b876831b4ecd7242963b040aa45c4114"), - }, - GcmTV { - key: &hex!("07b3b8735d67a05632c557076ac41293f52540bac0521573e8c0414ec36f7220"), - nonce: &hex!("0046420eee8d56de35e2f7d5"), - plaintext: &hex!("4835d489828325a0cb38a59fc29cfeedccae25f2e9c399281d9b7641fb609765"), - aad: &hex!("d51cedf9a30e476de37c90b2f60882193630c7497a921ab01590a26bce8cb247e3b5590e7b07b955956ca89c7a041988"), - ciphertext: &hex!("46eb31cd98b6cc3ecafe1cd1fc2d45fa693667cbd3a7d2c5f8c10296827ea83c"), - tag: &hex!("36cd4e76dd0679887477bfb96cf1c5f6"), - }, - GcmTV { - key: &hex!("0219f14b9ca6506c1388177c4ae6ee64ad2ac0256ebbf8c219b40df6e8571d70"), - nonce: &hex!("3420a87c4b9b23ba81eb221e"), - plaintext: &hex!("348f7a4ca944f252e4562c66dacf01fb10d70a3c8f5b280a2829567a2a94e47e"), - aad: &hex!("54dc2277b8d1aae660ffcc326e2c5d9e16b8ca17288601aacd02b3eea8bc5cc60718639aa189506b7b333b87da86e940"), - ciphertext: &hex!("58c92119bfb6ad53e387cac6728ce73b82e18f6e5bfbfca5f5acc370cd8c76a4"), - tag: &hex!("e7f9e3e3dae6d0a3470d8f597291180c"), - }, - GcmTV { - key: &hex!("87440ee7f6febf3e14ef0a917a87c5d61260fefc979eeaeac0a64662c98cb4f7"), - nonce: &hex!("7c48bc75e58f21cc9989d691"), - plaintext: &hex!("f8e40a6a985f424898a7996307a077c487406c5312eefe055ea5b17a4b22087b"), - aad: &hex!("e0c66e5db1c7665a015ba7e21e08ff3de5b4a5fcd5d35e41db7e97ccd0c3df657ae803c3529d375420ad75ac9621cea0"), - ciphertext: &hex!("5a118fc3dbdaf6bc9490d372b7623af76da7841bf9820a9c6624a15eff6a69c2"), - tag: &hex!("0ddc2ae087d9b8ca2249ea5aa3dbd4c7"), - }, - GcmTV { - key: &hex!("b12425796f63bf5435740f9039fa66367fc7702d675c61b2dec4435feeea07f8"), - nonce: &hex!("f26727053e6d67c2d2bf1e69"), - plaintext: &hex!("9df079d98a6e4dbe277a8545f4f6c19fe130f4a84bdd6b760a049fba21d4e99a"), - aad: &hex!("e50fca2e5a81ae56ca07f34c4b5da140d368cceab08494f5e28f746cbfefdc285b79b33cf4969fe618b77ab7baafe271"), - ciphertext: &hex!("845f00202e2e894516d8f4a4021430e531967098c9a94024c7113c9a1b91c8cd"), - tag: &hex!("3566c75967ae00198e39ebe9f0ac697f"), - }, - GcmTV { - key: &hex!("674dfb625b8b0ce1dadbbbcbf7e151c5b2cecf0a1bc4e07f4734f3a6792350cd"), - nonce: &hex!("99e7b76e6686449616ad36c7"), - plaintext: &hex!("0a744a72e536a0484db47091609228d803bcfa9a8daf579e3039e3645f7688e2"), - aad: &hex!("2ab1573e5a94ca2997590840bd9c62e6add55e4d3eac12c895d2ec637791caa41d46ed91e6064db627e1fbef71d31d01"), - ciphertext: &hex!("e550ee77069709f5199be3c618f2a4178e4d719ab73df41cbfe32c52777138ff"), - tag: &hex!("134ac3fa8bd4af7ee836f4a3421d9e99"), - }, - GcmTV { - key: &hex!("10c1de5f741560dae5be23e15649f0114db52949560bb6cdf2d4883247392ee1"), - nonce: &hex!("7cf73c1472cd60d8d35fde51"), - plaintext: &hex!("05becd366aebaa2e609f507dd2dd4433b2aba0634b0eb9a5bf7ded4cc8fbed72"), - aad: &hex!("d3fa8b6f607a20a18dd7eac85eabef69d4fb5a074d8e7d1bf15d07732ed80e020163b475f209c4b0cbfa00d65d1e82ef"), - ciphertext: &hex!("280f0c306e1a3aab8ff9ab3e4a9adc2e9ae4e4e1a06f190d11b3b4dc4280e4f3"), - tag: &hex!("3bc8be845bf5ff844c07337c2cfd5f80"), - }, - GcmTV { - key: &hex!("e8d6ab5e514645dd7e051b028f5bfe624c72f44f30279577365aea65d4a8a819"), - nonce: &hex!("30b0d654ee5b79c2cfb24100"), - plaintext: &hex!("19be7e0feedd402bf4b05995a38e5f423c033de016e3ae83ea8c3c1cba658e1e"), - aad: &hex!("082e534bf860d0061ec2dad34d6b0db8cba1c651f2c705356ff271e47365b0b18f8ddb3a3c2269b437fb0703c9ad367a"), - ciphertext: &hex!("8573800c737d2480b2885ce714ac6a15f23287b1d12949a3d76effbe82b593bd"), - tag: &hex!("50110884292151f51213ccb2fe934d88"), - }, - GcmTV { - key: &hex!("2d1eaf5e62ca80fd1515a811c0e4c045aba8c769df03d57f7493eb623ed8b941"), - nonce: &hex!("abf190b05df2e6556cb34b47"), - plaintext: &hex!("9c7cd522ed5c0af3e57da08d2653ef77eb973734f360572bbcb15a2a6cbd60b9"), - aad: &hex!("75ab9bd39c24e498a54d85a8b76a4126dc1879f2a30270a42609763e045a4021785b6134f283fd81c195c3188e78752d"), - ciphertext: &hex!("5fdfdaccb105e5408c375af8ca63a67afaba7ccbcd591acca9a86d92f92fd0f7"), - tag: &hex!("49940b7610618b3a5cb3912339e06b3c"), - }, - GcmTV { - key: &hex!("b6020677e098c59e19eacf26732473d843aafd6bf999c707bb08ab896406918d"), - nonce: &hex!("807167ef2b84b32d1df4a94c"), - plaintext: &hex!("3199d6b95d133ba5b7eadc420080a0b249c84f4960bd369d6bf9e313627cf670"), - aad: &hex!("06225d410ada3e04157da7e5481d7d9f2285845824aac0c0e033244ed4c1b19615354c224ba8b7093c5651d10ef952fe"), - ciphertext: &hex!("4618adbfa5ea4ee260e310140b385232b7c3ad46887aa2107f7dafffd85cda22"), - tag: &hex!("2d76307bf55826dfeb58a171b6fa80e4"), - }, - GcmTV { - key: &hex!("f75456c4918d0bea72f546a9a1e2db0b6ab9bcd9782b5eb1c2700e729921d666"), - nonce: &hex!("c75b83134e7b9188e5800ffe"), - plaintext: &hex!("f9a23abbd0f2b367ce16c2a0613cd293ac7e66cbe020eaeb5deb09d5031fd992"), - aad: &hex!("5ef46c9eb5865cab2c8a35f9c4c434614a6c9f1b5c479739f7434d3326cff1e70b0d2877c084a71c7a9d33d258d304bb"), - ciphertext: &hex!("56e4efe6c0944153b65ed4909845219842b9b88f54d8d8394051132afb95d391"), - tag: &hex!("255e2c8c43f8979c440c3581bff6cf65"), - }, - GcmTV { - key: &hex!("9831c5c12e53e8a961642e93ddb2e13a38506acd0cf422e6ad9fbaeabce7b3f2"), - nonce: &hex!("bff29de3d6869e5fa75b96f9"), - plaintext: &hex!("b1edbed58ed34e99f718db0608e54dd31883baec1c8a0799c4ff8a5dad468de4"), - aad: &hex!("67ebeecb74cc81fdfee8065f8b1c1f5012bf788953bec9525e896611b827084a8e6baa0ce40ee70bc699b152bc6ed903"), - ciphertext: &hex!("13845db7e33bab1f5766a7fadfb942748e779753d97f143e645ccfcbd7c23b23"), - tag: &hex!("10dbe8a3e1901c8b88b0ab1441664d32"), - }, - GcmTV { - key: &hex!("a02c2d4a43f0f7f1db57c07f13f07f588edfe069a9d83c9b76e9511946c4fc48"), - nonce: &hex!("84677438592dcaf683d08a67"), - plaintext: &hex!("ad5a884dad20ffa88794c4fca39f2ca01c6f67657ab38e5cf86ac5597318ef07"), - aad: &hex!("d5dea0cd6080af49a1c6b4d69ace674a622f84f9f190b2db8a22e084a66500b52ff20a8d04f62a7aeaedb67e2258598c"), - ciphertext: &hex!("83da16ae07ee0e885484c1330a6255a6e7ac22915c63cbefaabc6f9f059dd69d"), - tag: &hex!("42c4a270705493d85ad7bbcfda86dffb"), - }, - GcmTV { - key: &hex!("feba412b641bc762bfa79ef17c3ea16e5630605470db096e36ffd33813641ace"), - nonce: &hex!("e3633f21e7c63a459d5d1670"), - plaintext: &hex!("9326572bd33551322ca42fcfb7cef8be41d78725f392c34907ecd1fe5572bff1"), - aad: &hex!("b7ee0233863b0e185b2f46181eb5fc0718832e1e76e7d4115a4c1f7e998c41319ccef44f5db89e8c5f077bd553d7bf42"), - ciphertext: &hex!("5019ea98cc9dc9368432c6d58f9e144f55446e763c0a8b4d8a6ce26f3dd95260"), - tag: &hex!("1010beb9cd6e9b611280a5395f08bca9"), - }, - GcmTV { - key: &hex!("21bd5691f7af1ce765f099e3c5c09786936982834efd81dd5527c7c322f90e83"), - nonce: &hex!("36a59e523df04bc7feb74944"), - plaintext: &hex!("77e539dfdab4cfb9309a75c2ee9f9e9aa1b4651568b05390d73da19f12ccbe78"), - aad: &hex!("48aef5872f67f524b54598781c3b28f9cbcf353066c3670370fca44e132761203100b5e6c7352a930f7e9cbf28a8e1ce"), - ciphertext: &hex!("c21483731f7fe1b8a17d6e133eda16db7d73ddd7e34b47eec2f99b3bbc9669aa"), - tag: &hex!("15f9265bc523298cefb20337f878b283"), - }, - GcmTV { - key: &hex!("26bf255bee60ef0f653769e7034db95b8c791752754e575c761059e9ee8dcf78"), - nonce: &hex!("cecd97ab07ce57c1612744f5"), - plaintext: &hex!("96983917a036650763aca2b4e927d95ffc74339519ed40c4336dba91edfbf9ad"), - aad: &hex!("afebbe9f260f8c118e52b84d8880a34622675faef334cdb41be9385b7d059b79c0f8a432d25f8b71e781b177fce4d4c57ac5734543e85d7513f96382ff4b2d4b95b2f1fdbaf9e78bbd1db13a7dd26e8a4ac83a3e8ab42d1d545f"), - ciphertext: &hex!("e34b1540a769f7913331d66796e00bdc3ee0f258cf244eb7663375cc5ad6c658"), - tag: &hex!("3841f02beb7a7fca7e578922d0a2f80c"), - }, - GcmTV { - key: &hex!("74ce3121c18bbff4756ad10d0f293bb1ea3f93490daad0249cd3b05e223c9747"), - nonce: &hex!("81107afb4c264f65ae0002b1"), - plaintext: &hex!("7a133385ead593c3907806bec12240943f00a8c3c1b0ac73b8b81af2d3192c6f"), - aad: &hex!("f00847f848d758494afd90b6c49375e0e76e26dcba284e9a608eae33b87ad2deac28ccf40d2db154bbe10dc0fd69b09c9b8920f0f74ea62dd68df275074e288e76a290336b3bf6b485c0159525c362092408f51167c8e59e218f"), - ciphertext: &hex!("64bd17f3e8f71a4844b970d4ebc119961812efb9015b818e8d88b906d5efbd76"), - tag: &hex!("46d0e42aa046237efee17eab6d9cfb75"), - }, - GcmTV { - key: &hex!("4c669a1969c97d56da30a46236c15407e06aada686205eed3bd7796b02c97a4b"), - nonce: &hex!("0a07758d5ad44766e051da6c"), - plaintext: &hex!("cd59bb307be76f11304f69ac8b151e1628ac61dec81086e7f24fd5bd83df8856"), - aad: &hex!("0b8277114cbf7ee16c9bbda1ab40419a02e469ebb295883f0a833c3cb755ded44a3c410034a201f7d91b43519fbabb55b974834be5d5afc7aea7c84b44a14e8e16dd68a3e8cc79ad2bf76d0ceb33d58ddb6378b45681ceaa0f2f"), - ciphertext: &hex!("bc62ce0b23cf4aa8e16b4450c8ab8c629a53949f01e68b875ecc5c45ff6d3ab0"), - tag: &hex!("5ffeda728914031006f271c3d9986f2d"), - }, - GcmTV { - key: &hex!("a23296632913051e438114deb782fb955b75acc35e86e7e9fdaf4e9025b87f12"), - nonce: &hex!("ad50db40f80f15214e43ffd7"), - plaintext: &hex!("b71116cc27b5a5844d9b51a4a720cb3f06d55d6aaeaeaf921236424db8617204"), - aad: &hex!("a6f96f5a89bfd8c8f34cd07045270d80e58ea62f1f0b10f2506a954f272af0bc71df96ad3fa8eed52c45e0b868091dc4f75d9e0eaf15a0a858a71bf7036c5607110cbfe47ad9b6d02e942fcfae88d4c792a1f824e60e3cf98a37"), - ciphertext: &hex!("8e9e4b0ac93ab8e73688d6b4723d8c5ef399ead72246c7aa7a0783a8bfe29936"), - tag: &hex!("b7dea91e4b357ce805edeea3f91392d2"), - }, - GcmTV { - key: &hex!("4036a07bdd4e10eb545f3d9124c9f766d2d0c8c59fc0d5835ac55dcfaebfc3a1"), - nonce: &hex!("815828fbb964497cdadccaad"), - plaintext: &hex!("717f22faff8066182e46d32dbac7831ec24272871c45c7c12ca779f868e7739a"), - aad: &hex!("0bc0e3931388bcb091463bae2989a93bde103bc14fc5d39f9448ca90367e86336b188f73218b2b0ab72a9a564ad5ff32544c5afeacecadfa55d2fb66925a88299dbf58f425cf49e31f42ac4edace743fdf9680d20ec845afc278"), - ciphertext: &hex!("e8c3b0342964c7a71f084d44ba2f93742bccd9821b30087d11b53bbe8b085808"), - tag: &hex!("86ddd9c469849cb6b100c339ca62717d"), - }, - GcmTV { - key: &hex!("714bc3ba3839ac6707863a40aa3db5a2eebcb38dc6ec6d22b083cef244fb09f7"), - nonce: &hex!("2cfe1c51d894e5ef2f5a2c3c"), - plaintext: &hex!("0cc4a18bbfea87de0ac3446c777be38ca843d16f93be2c12c790fda4de94c9bf"), - aad: &hex!("84e3d46af2ecb717a39024d62bbc24d119f5aff57569dfef94e7db71ad5aff864abacdc5f8554e18ed5129cfb3366d349c52b3d1a111b867e8772140749e7f33e2e64259968486e32f047d21120da73c77757c4595ccac1b5713"), - ciphertext: &hex!("0857c8fb93412fde69bad287b43deea36506d7ee061d6844d00a7e77418f702f"), - tag: &hex!("24a9e5290957074807d55ad705adaa89"), - }, - GcmTV { - key: &hex!("2f93b5a37be1a43853bf1fd578061d0744e6bd89337cde20177d1e95a2b642c4"), - nonce: &hex!("52b6d91557ae15aa792ce4b7"), - plaintext: &hex!("0fcaa316a135d81052509dd85f688aed2e5fd4261e174f435cf1c4115aa6f354"), - aad: &hex!("992ba9efa287a5c3e5177bd4931af498982a1728b56b3d7c4b28476905e29f83326c4f3223a28844fc9b9d84d4f6cd859074aff647a35dde28e1ee889faab3bb9c09a4c3fbf2a16460d48a40dc53378d4673f4325e6aa3992a71"), - ciphertext: &hex!("f99774cef3c15af33cda3cb449cd335ffe4f27435edf83aff4a4f4c2d2df6647"), - tag: &hex!("c5e09b83b1c2cc81e48a1f7c62b7bb35"), - }, - GcmTV { - key: &hex!("531ca845af7bf731c49c3136407322b1c0f6b32b8eaebf03744b2edc1202d096"), - nonce: &hex!("baf13b85202bbfc899fc73f7"), - plaintext: &hex!("d4e9783f537c738200e7ba7526605f359a98c9f10cafaa2f433c40f3e5081a36"), - aad: &hex!("e2ba9cf548b4f6fb206f224250d85af327fde8d08916686ae770203dc29c694f8902b02222fd287f28ce6091006368c3949bea2937ff0bdedb7dbbd013ccf0a15ee0af8c56fe211b7c311e182f27707f59e09492b3604e80c6c5"), - ciphertext: &hex!("642f544929202128a783b985d36f60964c7d78e1d41f5d1bfe27de3ae0180df3"), - tag: &hex!("e333528c59ee1909750ed72fd1309ee1"), - }, - GcmTV { - key: &hex!("3add17568daa9d441aa7a89bf88fa4e6998a921d57e494a254080445bc9b6f35"), - nonce: &hex!("b290f4a52496380218c3dcf5"), - plaintext: &hex!("2c6908cb34215f89a3f3a3c892e8887f2efa496a15ab913fc7d34cc70c0dff79"), - aad: &hex!("0bc9cc13eb2890aa60515c2297a99f092f6e516236c0dec9f986ea98b8a180680f2c6c20bd4354c33433a4c6f6a25e632f90ebef3a383c3592268b483eebf5f5db006929e7987edbcac4755d3afd1cdf9b02954ebd4fef53d5f6"), - ciphertext: &hex!("2cf3beae94fd5e6a4126a8ec8a7166b0aacb8b8bbce45d6106b78d3456d05149"), - tag: &hex!("ce1509b1bd5c47a593702618b0d79f6c"), - }, - GcmTV { - key: &hex!("1c1dcfd4c4cc4beb71d6e368f739d8e681dfe48fbae39728386c9dfc08825743"), - nonce: &hex!("0deceb69ce0dc776a3a71b4c"), - plaintext: &hex!("b12700258ace7b16e40f4e86886892837168b256a170937a3b89063a9a0d68f7"), - aad: &hex!("a3af2db672292431fa8ee1fa5b197593b13e58a68c4129401d0942474d5f4cbe62093aaa5453f6d355d2f4b6dc8abde58ce863d1be5f9ecf39730a49565b3b6882a0a641c0b5d156a4107309dd150fd1f1634ea4e5100b3d4f88"), - ciphertext: &hex!("3ea7f1c0d613323e095558ddde53247420fa0eef17997a1e9c5ba93d5f24c46f"), - tag: &hex!("70534a87c258905d35806f4439f6906e"), - }, - GcmTV { - key: &hex!("f2724153aac9d50f350878d3c498bc3dd782d90cce5cce4ae14126c0e1fbb3cf"), - nonce: &hex!("1c07b61c5316659bad65cca9"), - plaintext: &hex!("067ccbd0206f1f05d2872210dc5717a0585e8195d72afd0c77da11b9b3710e44"), - aad: &hex!("e69db7fcd3b590a6d32052612034036d5c8bffa5e5e9b742ffe75a9fbba89dd576dec08154cf4e6d36f0fdd4419bdf50adc1974a80ea313421c926dffa87565b4bd0c1e84f2ff305af91877f830f145bb13dfa7efa5e3aa682e6"), - ciphertext: &hex!("9aba433eef383466a1291bd486c3ce5e0ed126010e0a77bf037c5eaed2c72460"), - tag: &hex!("f30a155e35400bb0540883e8e09b4afd"), - }, - GcmTV { - key: &hex!("a2544eb2047c97cfcaf0ec1427c5df395472285233a93ffccda8fee660aced56"), - nonce: &hex!("a751bea3c769bb5db25ab109"), - plaintext: &hex!("b9514cc01a357605918f9cc19123dcc8db328c605ca0eb9d69d871afeea1dcfb"), - aad: &hex!("eb9e09884de1454d6aeb0d6c82375f2428992031ea6cabf6a29aa6a4de49a353e4ffae043dad18ae651b20b7bca13f5c327ca9f132014bfa86e716d4724e05a1ef675521a6607a536756e6a8c16bb885b64815f1eb5ec282ce8e"), - ciphertext: &hex!("cb442b17088f6ac5f24c7a04f0050559386f3a57131b92a54142c7a556fdb935"), - tag: &hex!("5f80c5c0cdf0c7890bfd1fbd58c33081"), - }, - GcmTV { - key: &hex!("ceb057782efb1e85d805448af946a9b4d4128bf09a12473cce1e8ef8bfd2869d"), - nonce: &hex!("406f9730e9b1e421e428439b"), - plaintext: &hex!("0815723d5367b1328cac632fa26e23f2b814a1d59a2971d94d02ebd7ecf5c14a"), - aad: &hex!("0772ae00e1ca05d096cf533fd3de2818ac783edfca0eee7686a6290f3357481e883fb2f895b9a4f4004c56b8a1265242cfdf1fb4af7edc41ed78c5f4ffe9c4080d4a17318f9c56ecdb3a06f3c748535387d56a096943a76d46f6"), - ciphertext: &hex!("9d82355d8e460896201be15fd95fed48a8524666d987ab078550883034d0253c"), - tag: &hex!("a0bee8ac0e636d64d3b1eb33fd6f21d4"), - }, - GcmTV { - key: &hex!("7dbdbdfe36d4936940ad6d6f76c67c2851a0477f0aa7d6797bfdf2b7878ef7e0"), - nonce: &hex!("bc672b224b4b6b91fc3fd697"), - plaintext: &hex!("dfea463d35f0fa20487b606d6ccfd422a5b707f16527b422bf1d68a77db67e9c"), - aad: &hex!("faacb84ec7cfadd731de2f7c0892d7e38cbfb782b48412331af0b3eab602a722cad1069dea0052beb5ca70e2ee476c340c6193bcc60f939aabe446bf3ce958fe11a2ffc90241f0a7e4e274f0c1441def795893895bd848bf0f0e"), - ciphertext: &hex!("0ddc2281b1fcb904864a43657bc72357cf73fc1f16520caad7cddde10f846bd9"), - tag: &hex!("9d96699450aa9707695e5de56597101b"), - }, - GcmTV { - key: &hex!("187214df6e2d80ee8e9aae1fc569acd41589e952ddcbe8da018550d103767122"), - nonce: &hex!("56db334422b6c5e93460d013"), - plaintext: &hex!("53355283186719a9146c7305e3d1959a11ccf197570b855a43cbc7563a053c73"), - aad: &hex!("cbedb7ccfbf56dfd72e530bfe16b4f5aac48a90204bcb7a8cae1046010882cfc8b526e7562a7880914e61b60cbd605165242737d85eeed583c98cab3443874e5989ec9cde001adf7de9c9967de5178f75b8412b0c4d6fec5af72"), - ciphertext: &hex!("c2262585966bc9c23dc7cc1059d060211e86f3b3161d38b153635fbea4a28c05"), - tag: &hex!("a94297c584dfcd10ee5df19a2ee5c3d2"), - }, - GcmTV { - key: &hex!("1fded32d5999de4a76e0f8082108823aef60417e1896cf4218a2fa90f632ec8a"), - nonce: &hex!("1f3afa4711e9474f32e70462"), - plaintext: &hex!("06b2c75853df9aeb17befd33cea81c630b0fc53667ff45199c629c8e15dce41e530aa792f796b8138eeab2e86c7b7bee1d40b0"), - aad: b"", - ciphertext: &hex!("91fbd061ddc5a7fcc9513fcdfdc9c3a7c5d4d64cedf6a9c24ab8a77c36eefbf1c5dc00bc50121b96456c8cd8b6ff1f8b3e480f"), - tag: &hex!("30096d340f3d5c42d82a6f475def23eb"), - }, - GcmTV { - key: &hex!("b405ac89724f8b555bfee1eaa369cd854003e9fae415f28c5a199d4d6efc83d6"), - nonce: &hex!("cec71a13b14c4d9bd024ef29"), - plaintext: &hex!("ab4fd35bef66addfd2856b3881ff2c74fdc09c82abe339f49736d69b2bd0a71a6b4fe8fc53f50f8b7d6d6d6138ab442c7f653f"), - aad: b"", - ciphertext: &hex!("69a079bca9a6a26707bbfa7fd83d5d091edc88a7f7ff08bd8656d8f2c92144ff23400fcb5c370b596ad6711f386e18f2629e76"), - tag: &hex!("6d2b7861a3c59ba5a3e3a11c92bb2b14"), - }, - GcmTV { - key: &hex!("fad40c82264dc9b8d9a42c10a234138344b0133a708d8899da934bfee2bdd6b8"), - nonce: &hex!("0dade2c95a9b85a8d2bc13ef"), - plaintext: &hex!("664ea95d511b2cfdb9e5fb87efdd41cbfb88f3ff47a7d2b8830967e39071a89b948754ffb0ed34c357ed6d4b4b2f8a76615c03"), - aad: b"", - ciphertext: &hex!("ea94dcbf52b22226dda91d9bfc96fb382730b213b66e30960b0d20d2417036cbaa9e359984eea947232526e175f49739095e69"), - tag: &hex!("5ca8905d469fffec6fba7435ebdffdaf"), - }, - GcmTV { - key: &hex!("aa5fca688cc83283ecf39454679948f4d30aa8cb43db7cc4da4eff1669d6c52f"), - nonce: &hex!("4b2d7b699a5259f9b541fa49"), - plaintext: &hex!("c691f3b8f3917efb76825108c0e37dc33e7a8342764ce68a62a2dc1a5c940594961fcd5c0df05394a5c0fff66c254c6b26a549"), - aad: b"", - ciphertext: &hex!("2cd380ebd6b2cf1b80831cff3d6dc2b6770778ad0d0a91d03eb8553696800f84311d337302519d1036feaab8c8eb845882c5f0"), - tag: &hex!("5de4ef67bf8896fbe82c01dca041d590"), - }, - GcmTV { - key: &hex!("1c7690d5d845fceabba227b11ca221f4d6d302233641016d9cd3a158c3e36017"), - nonce: &hex!("93bca8de6b11a4830c5f5f64"), - plaintext: &hex!("3c79a39878a605f3ac63a256f68c8a66369cc3cd7af680d19692b485a7ba58ce1d536707c55eda5b256c8b29bbf0b4cbeb4fc4"), - aad: b"", - ciphertext: &hex!("c9e48684df13afccdb1d9ceaa483759022e59c3111188c1eceb02eaf308035b0428db826de862d925a3c55af0b61fd8f09a74d"), - tag: &hex!("8f577e8730c19858cad8e0124f311dd9"), - }, - GcmTV { - key: &hex!("dbdb5132f126e62ce5b74bf85a2ac33b276588a3fc91d1bb5c7405a1bf68418b"), - nonce: &hex!("64f9e16489995e1a99568118"), - plaintext: &hex!("b2740a3d5647aa5aaeb98a2e7bbf31edaea1ebacd63ad96b4e2688f1ff08af8ee4071bf26941c517d74523668ca1f9dfdbcaab"), - aad: b"", - ciphertext: &hex!("e5fec362d26a1286b7fd2ec0fa876017437c7bce242293ff03d72c2f321d9e39316a6aa7404a65ccd84890c2f527c1232b58d5"), - tag: &hex!("dfa591ee2372699758d2cc43bfcbd2ba"), - }, - GcmTV { - key: &hex!("8433a85f16c7c921476c83d042cb713eb11a83fc0cffe31dde97907f060b4ee9"), - nonce: &hex!("55ffc85ffd1cdea8b8c48382"), - plaintext: &hex!("23bc3983ba5b3be91c8a6aa148a99995241ee9e82ce44e1184beb742affbe48f545c9a980480cf1fab758a46e4711ea9267466"), - aad: b"", - ciphertext: &hex!("2f4bdc7b8b8cec1863e3145871554778c43963b527f8413bb9779935c138a34d86d7c76a9e6af689902f316191e12f34126a42"), - tag: &hex!("7dc63156b12c9868e6b9a5843df2d79e"), - }, - GcmTV { - key: &hex!("5d7bf55457929c65e4f2a97cbdcc9b432405b1352451ccc958bceebce557491d"), - nonce: &hex!("f45ae70c264ed6e1cc132978"), - plaintext: &hex!("ba5ac2a16d84b0df5a6e40f097d9d44bf21de1fcec06e4c7857463963e5c65c936d37d78867f253ce25690811bf39463e5702a"), - aad: b"", - ciphertext: &hex!("47c16f87ebf00ba3e50416b44b99976c2db579423c3a3420479c477cd5ef57621c9c0cee7520acb55e739cc5435bc8665a2a0c"), - tag: &hex!("456054ecb55cf7e75f9543def2c6e98c"), - }, - GcmTV { - key: &hex!("595f259c55abe00ae07535ca5d9b09d6efb9f7e9abb64605c337acbd6b14fc7e"), - nonce: &hex!("92f258071d79af3e63672285"), - plaintext: &hex!("a6fee33eb110a2d769bbc52b0f36969c287874f665681477a25fc4c48015c541fbe2394133ba490a34ee2dd67b898177849a91"), - aad: b"", - ciphertext: &hex!("bbca4a9e09ae9690c0f6f8d405e53dccd666aa9c5fa13c8758bc30abe1ddd1bcce0d36a1eaaaaffef20cd3c5970b9673f8a65c"), - tag: &hex!("26ccecb9976fd6ac9c2c0f372c52c821"), - }, - GcmTV { - key: &hex!("251227f72c481a7e064cbbaa5489bc85d740c1e6edea2282154507877ed56819"), - nonce: &hex!("db7193d9cd7aeced99062a1c"), - plaintext: &hex!("cccffd58fded7e589481da18beec51562481f4b28c2944819c37f7125d56dceca0ef0bb6f7d7eeb5b7a2bd6b551254e9edff3a"), - aad: b"", - ciphertext: &hex!("1cc08d75a03d32ee9a7ae88e0071406dbee1c306383cf41731f3c547f3377b92f7cc28b3c1066601f54753fbd689af5dbc5448"), - tag: &hex!("a0c7b7444229a8cfef24a31ee2de9961"), - }, - GcmTV { - key: &hex!("f256504fc78fff7139c42ed1510edf9ac5de27da706401aa9c67fd982d435911"), - nonce: &hex!("8adcf2d678abcef9dd45e8f9"), - plaintext: &hex!("d1b6db2b2c81751170d9e1a39997539e3e926ca4a43298cdd3eb6fe8678b508cdb90a8a94171abe2673894405eda5977694d7a"), - aad: b"", - ciphertext: &hex!("76205d63b9c5144e5daa8ac7e51f19fa96e71a3106ab779b67a8358ab5d60ef77197706266e2c214138334a3ed66ceccb5a6cd"), - tag: &hex!("c1fe53cf85fbcbff932c6e1d026ea1d5"), - }, - GcmTV { - key: &hex!("21d296335f58515a90537a6ca3a38536eba1f899a2927447a3be3f0add70bea5"), - nonce: &hex!("2be3ad164fcbcf8ee6708535"), - plaintext: &hex!("ad278650092883d348be63e991231ef857641e5efc0cab9bb28f360becc3c103d2794785024f187beaf9665b986380c92946a7"), - aad: b"", - ciphertext: &hex!("b852aeba704e9d89448ba180a0bfde9e975a21cc073d0c02701215872ed7469f00fe349294ba2d72bf3c7780b72c76101ba148"), - tag: &hex!("bdd6d708b45ae54cd8482e4c5480a3c1"), - }, - GcmTV { - key: &hex!("d42380580e3491ddfbc0ec32424e3a281cbe71aa7505ff5ab8d24e64fbe47518"), - nonce: &hex!("fbed88de61d605a7137ffeb2"), - plaintext: &hex!("4887a6ef947888bf80e4c40d9769650506eb4f4a5fd241b42c9046e3a2cf119db002f89a9eba1d11b7a378be6b27d6f8fc86c9"), - aad: b"", - ciphertext: &hex!("87aa27f96187ce27e26caf71ba5ba4e37705fd86ca9291ea68d6c6f9030291cdbff58bff1e6741590b268367e1f1b8c4b94cd4"), - tag: &hex!("d1690a6fe403c4754fd3773d89395ecd"), - }, - GcmTV { - key: &hex!("5511727ecd92acec510d5d8c0c49b3caacd2140431cf51e09437ebd8ca82e2ce"), - nonce: &hex!("ae80d03696e23464c881ccff"), - plaintext: &hex!("184b086646ef95111ccb3d319f3124f4d4d241f9d731ce26662ea39e43457e30b0bd739b5d5dbceb353ce0c3647a3a4c87e3b0"), - aad: b"", - ciphertext: &hex!("aa28cb257698963dfc3e3fe86368d881ac066eb8ee215a7c0ed72e4d081db0b940071e2e64ff6204960da8e3464daf4cb7f37b"), - tag: &hex!("c1578aa6e3325ee4b5e9fb9ee62a7028"), - }, - GcmTV { - key: &hex!("d48f3072bbd535a2df0a2864feb33b488596cd523ad1623b1cefe7b8cbefcf4a"), - nonce: &hex!("bbf2a537d285444d94f5e944"), - plaintext: &hex!("060c585bd51539afdd8ff871440db36bfdce33b7f039321b0a63273a318bd25375a2d9615b236cfe63d627c6c561535ddfb6bd"), - aad: b"", - ciphertext: &hex!("993d5d692c218570d294ab90d5f7aa683dc0e470efac279a776040f3b49386813f68b0db6a7aef59025cc38520fb318a1eac55"), - tag: &hex!("8cd808438a8f5b6a69ff3ae255bf2cb2"), - }, - GcmTV { - key: &hex!("5fe01c4baf01cbe07796d5aaef6ec1f45193a98a223594ae4f0ef4952e82e330"), - nonce: &hex!("bd587321566c7f1a5dd8652d"), - plaintext: &hex!("881dc6c7a5d4509f3c4bd2daab08f165ddc204489aa8134562a4eac3d0bcad7965847b102733bb63d1e5c598ece0c3e5dadddd"), - aad: &hex!("9013617817dda947e135ee6dd3653382"), - ciphertext: &hex!("16e375b4973b339d3f746c1c5a568bc7526e909ddff1e19c95c94a6ccff210c9a4a40679de5760c396ac0e2ceb1234f9f5fe26"), - tag: &hex!("abd3d26d65a6275f7a4f56b422acab49"), - }, - GcmTV { - key: &hex!("885a9b124137e40bd0f697771317e401ce36327e61a8f9d0b80f4798f30a731d"), - nonce: &hex!("beebc2f5a26fd2cab1e9c395"), - plaintext: &hex!("427ec568ad8367c202f5d9999240f9994cc113500154f7f49e9ca27cc8154143b855238bca5c7bd6d9852b4eebd41e4eb98f16"), - aad: &hex!("2e8bdde32258a5fcd8cd21037d0545eb"), - ciphertext: &hex!("a1d83aab6864db463d9d7c22419462bde0740355c1147c62b4c4f23ceeaf65b16b873b1cc7e698dff6e3d19cf9da33e8cbcba7"), - tag: &hex!("4fdbfd5210afa3556ec0fdc48b98e1eb"), - }, - GcmTV { - key: &hex!("21c190e2b52e27b107f7a24b913a34bd5b7022060c5a4dec9ab289ff8ae67e2d"), - nonce: &hex!("b28a61e6c1dfa7f76d086063"), - plaintext: &hex!("4e1b9528cf46b1dd889858d3904d41d3174dcb225923f923d80adbfe6eec144b1d4eb3690d0b8519c99beaee25bb50fd2d148f"), - aad: &hex!("d80657377ddbbed1f9b8d824b3c4d876"), - ciphertext: &hex!("7126fa807aa6b61a60958fe4cc8682bb256e5bbdc499d04a6caa81b23f9e67d3da4cf1994b5a8ecc7bce641864d0519a6509cd"), - tag: &hex!("d3e96568f2cd1a48771ee4f67ad042c1"), - }, - GcmTV { - key: &hex!("11c33ae37680130c51ed11bfaf0fcb6ed4fc7d903ff432b811763d2c7ef83a33"), - nonce: &hex!("0f224d26dbf632cebdce3b8b"), - plaintext: &hex!("f8a2affe5a7e67f2c62622e4a56804b48e529d1faf9096f94409224129921ce46aed898dd5391746e8170e05f91e0524166625"), - aad: &hex!("dee803732ff662cba9f861227f8b67cf"), - ciphertext: &hex!("3856558375c363b25e8f9e9e2eb63cf0e76a1c6e228893c7b22da4a69b682528b4a4ca2b99e7a537390e2d1e05a68f3e39c4e9"), - tag: &hex!("9b12691b2002ca9227035c68ea941ef3"), - }, - GcmTV { - key: &hex!("3b291794fbb9152c3e4f4de4608a9137d277bd651f97e738afaa548d97b4ec60"), - nonce: &hex!("4d1c69c6da96c085d31422ba"), - plaintext: &hex!("21b3ca1f47a0c7f6ebd097eda69d9e5b5fbf5c24d781658003cfd443ae7096be19e1cd3c14fe9738efb00847697fccb466ae1b"), - aad: &hex!("f3a5fa61a4e987413a8fab4aa51d895d"), - ciphertext: &hex!("6c1439cd2cb564e7944fd52f316e84aeffc3fd8024df5a7d95a87c4d31a0f8ea17f21442c709a83b326d067d5f8e3005ebe22a"), - tag: &hex!("e58048f2c1f806e09552c2e5cdf1b9d9"), - }, - GcmTV { - key: &hex!("8e7a8e7b129326e5410c8ae67fbd318de1909caba1d2b79210793c6b2c6e61c7"), - nonce: &hex!("8e48513fdd971861ef7b5dc3"), - plaintext: &hex!("ef6b4145910139293631db87a0d7782a1d95db568e857598128582e8914b4fa7c03c1b83e5624a2eb4c340c8ad7e6736a3e700"), - aad: &hex!("80bb66a4727095b6c201fb3d82b0fcf5"), - ciphertext: &hex!("e302687c0548973897a27c31911fc87ee93d8758c4ded68d6bd6415eaaf86bcc45fa6a1ef8a6ae068820549b170405b3fc0925"), - tag: &hex!("ff5c193952558e5a120e672f566be411"), - }, - GcmTV { - key: &hex!("d687e0262f7af2768570df90b698094e03b668ce6183b6c6b6ca385dcd622729"), - nonce: &hex!("50f6904f2d8466daa33c2461"), - plaintext: &hex!("79e3067d94464e019a7c8af10b53adf5b09426d35f2257c3cbaffe1ff720565c07e77aeef06f9d03a2353053992073a4ed1fc8"), - aad: &hex!("e8fa99432929d66f10205ad3e9592151"), - ciphertext: &hex!("18f6e6aeecc8dc5a3d0b63a2a8b7bfaf695bd9c49a7392dbfa8ed44771eebe27f94589d8a430da4cf03a8693bc7525e1fcac82"), - tag: &hex!("3c864eaa1b0ae44a7f0ad9ba287ba800"), - }, - GcmTV { - key: &hex!("26dc5ce74b4d64d1dc2221cdd6a63d7a9226134708299cd719a68f636b6b5ebd"), - nonce: &hex!("0294c54ff4ed30782222c834"), - plaintext: &hex!("ae4c7f040d3a5ff108e29381e7a0830221d5378b13b87ef0703c327686d30af004902d4ddb59d5787fecea4731eaa8042443d5"), - aad: &hex!("2a9fb326f98bbe2d2cf57bae9ecbeff7"), - ciphertext: &hex!("9601aec6bc6e8a09d054a01e500a4e4cdcc7c2cf83122656be7c26fc7dc1a773a40be7e8a049a6cdf059e93a23ca441ef1ca96"), - tag: &hex!("b620a8a0c8fe6117f22735c0ca29434c"), - }, - GcmTV { - key: &hex!("7fa0644efc7f2e8df4b311f54ba8b8c975b2c2aa97962f8ca8a322541bedaa9d"), - nonce: &hex!("5e774e45a07eeb9721734412"), - plaintext: &hex!("84d1c75455e4c57419a9d78a90efc232c179517fe94aff53a4b8f7575db5af627f3d008006f216ecfc49ab8da8927ff5dc3959"), - aad: &hex!("6ad673daa8c412bf280ea39ba0d9b6d4"), - ciphertext: &hex!("e2f00b5a86b3dec2b77e54db328c8d954d4b716f9735e5798b05d65c512674d56e88bda0d486685a45d5c249719884329e3297"), - tag: &hex!("0ce8eb54d5ad35dd2cb3fa75e7b70e33"), - }, - GcmTV { - key: &hex!("91d0429f2c45cf8ab01d50b9f04daaaccbe0503c9f115f9457c83a043dc83b23"), - nonce: &hex!("34401d8d922eebac1829f22e"), - plaintext: &hex!("d600d82a3c20c94792362959de440c93119a718ac749fa88aa606fc99cb02b4ca9ba958d28dc85f0523c99d82f43f58c5f979b"), - aad: &hex!("1b29de9321aebc3ff9d1c2507aee80e9"), - ciphertext: &hex!("84cbc9936eb7270080bb7024780113d064eccb63d3da0bd6bce4f8737d28304bfb6102f3ae9c394cc6452633fc551582bbfe1d"), - tag: &hex!("e132dc8a31d21f24ea0e69dfb6b26557"), - }, - GcmTV { - key: &hex!("44e6411b9fbfcef387d0ca07b719181c7567e27dba59e8e1c3cc1763cfeaca04"), - nonce: &hex!("25a1cfd97bd8e63de5d65974"), - plaintext: &hex!("db28a592b1f3603c287991a69cc64eacdd62046445a8ba4067575f12553de155d06a9b40ddf58fec56c8171687b9cb54b1f346"), - aad: &hex!("4b1751b074ab649d27fd3f2c4d7ee33a"), - ciphertext: &hex!("36bf6bb761b2248fe71a620e34e9d18e12a74ca42c9a9a21d30345995a83eb44bcae3c67c020730cd8d5e51a741694cc396469"), - tag: &hex!("e69ebf80a88d6eca41ae87cdcab4e1f2"), - }, - GcmTV { - key: &hex!("a94bfcefae90f9078860db80ccc50819eadf7cce29df3279f94f5eea97009ef2"), - nonce: &hex!("f481bcb7f5da296e9454ff78"), - plaintext: &hex!("97d0c7dfcab32a386f51d92e89333ec84eecd552e68d14cf48b75067bf0e1946ad03a5d063b852ca053c929088af45d0884a88"), - aad: &hex!("9f80d845577818df9ba984ee552ae203"), - ciphertext: &hex!("18a1c9bfe1b1dfdd06e465df347c1e942b37b3e48cb0c905841a593b5b0d0330feb3b8970dbc9429252a897f0f8e12860ea39a"), - tag: &hex!("10cf4d335b8d8e7e8bbaf49222a1cd66"), - }, - GcmTV { - key: &hex!("a50a60e568ff35a610ef9479c08bbc7bb64c373fc853f37fa6b350250a26f232"), - nonce: &hex!("5ada1d4aca883d7bd6fa869f"), - plaintext: &hex!("9ea44e72a1d21395cd81d20db05816441010efd8f811b75bb143ab47f55eefce4eec5f606fa5d98b260d7e5df4a7474cbd8599"), - aad: &hex!("cc7a7a541be7a6d1b846354cb6a571e6"), - ciphertext: &hex!("4165b135187faeb395d4531c062738e0d47df8bed91982eb32e391a6b3711f117b6fae0afde791de3e72fcf96d2b53ff1a621a"), - tag: &hex!("e2cbfea2100585b2cbe5107da17ff77a"), - }, - GcmTV { - key: &hex!("5ff3311461d247ceb1eaf591292fcba54308dd3484fd1851e09a12b8f6663fc1"), - nonce: &hex!("61af2e6aec183129cf053c2b"), - plaintext: &hex!("920df8b2888a74022ede6919ed0bf48ccf51e395fe5bfa69a6209ff9a46674024eaa4f43ae2c933730b9fdc8ad216130447cc8"), - aad: &hex!("5eafed6674f2ae83397df923e059db49"), - ciphertext: &hex!("0e35e1208168b639e012df398bc8bf2b19b08d46af0353cd78f6d1b7ae14e6224c1da6fdc9433b171f1cd2b512d5f1acd84f03"), - tag: &hex!("5bc77eb02e4d51e2019446b468498d0e"), - }, - GcmTV { - key: &hex!("42e93547eee7e18ec9620dd3dc0e2b1cf3e5d448198a902ded3f935da9d35b33"), - nonce: &hex!("e02e12ba92a6046af11adf0e"), - plaintext: &hex!("6c3704b32527ace3d5236687c4a98a1ad5a4f83c04af2f62c9e87e7f3d0469327919d810bb6c44fd3c9b146852583a44ed2f3c"), - aad: &hex!("ac3d536981e3cabc81211646e14f2f92"), - ciphertext: &hex!("8b6506af703ae3158eb61e2f9c2b63de403b2ebc6b1e6759ceb99c08aa66cb07d1d913ac4acd7af9b9e03b3af602bcaf2bb65e"), - tag: &hex!("a6ce2ccb236fc99e87b76cc412a79031"), - }, - GcmTV { - key: &hex!("24501ad384e473963d476edcfe08205237acfd49b5b8f33857f8114e863fec7f"), - nonce: &hex!("9ff18563b978ec281b3f2794"), - plaintext: &hex!("27f348f9cdc0c5bd5e66b1ccb63ad920ff2219d14e8d631b3872265cf117ee86757accb158bd9abb3868fdc0d0b074b5f01b2c"), - aad: &hex!("adb5ec720ccf9898500028bf34afccbcaca126ef"), - ciphertext: &hex!("eb7cb754c824e8d96f7c6d9b76c7d26fb874ffbf1d65c6f64a698d839b0b06145dae82057ad55994cf59ad7f67c0fa5e85fab8"), - tag: &hex!("bc95c532fecc594c36d1550286a7a3f0"), - }, - GcmTV { - key: &hex!("fb43f5ab4a1738a30c1e053d484a94254125d55dccee1ad67c368bc1a985d235"), - nonce: &hex!("9fbb5f8252db0bca21f1c230"), - plaintext: &hex!("34b797bb82250e23c5e796db2c37e488b3b99d1b981cea5e5b0c61a0b39adb6bd6ef1f50722e2e4f81115cfcf53f842e2a6c08"), - aad: &hex!("98f8ae1735c39f732e2cbee1156dabeb854ec7a2"), - ciphertext: &hex!("871cd53d95a8b806bd4821e6c4456204d27fd704ba3d07ce25872dc604ea5c5ea13322186b7489db4fa060c1fd4159692612c8"), - tag: &hex!("07b48e4a32fac47e115d7ac7445d8330"), - }, - GcmTV { - key: &hex!("9f953b9f2f3bb4103a4b34d8ca2ec3720df7fedf8c69cac900bd75338beababe"), - nonce: &hex!("eb731ae04e39f3eb88cc77fa"), - plaintext: &hex!("3b80d5ac12ba9dad9d9ff30a73732674e11c9edf9bb057fd1c6adc97cf6c5fa3ee8690ad4c51b10b3bd5da9a28e6275cbe28cb"), - aad: &hex!("d44a07d869ac0d89b15262a1e8e1aa74f09bcb82"), - ciphertext: &hex!("1533ce8e2fc6ab485aef6fcfb08ded83ae549a7111fce2a1d8a3f691f35182ce46fce6204d7dafb8d3206c4e4b645bc3f5afd1"), - tag: &hex!("f09265c21f90ef79b309a93db73d9290"), - }, - GcmTV { - key: &hex!("2426e2d1cd9545ec2fb7ab9137ad852734333925bfc5674763d6ee906e81c091"), - nonce: &hex!("49a094a71d393b36daa4a591"), - plaintext: &hex!("7cbe7982d365a55d147c954583f9760a09948ab73ebbe1b2c1d69ed58e092a347392192cfe8bce18ca43ee19af7652331bd92c"), - aad: &hex!("177309cfc913e3f5c093e8b1319ba81826d43ce5"), - ciphertext: &hex!("cab992e17cf6ec69fd3c67ea0424bcd67475a7f1f16e6733c4419d1b5a755f78d6eda8e368360d403800a08f0d52b4bc0aa0ab"), - tag: &hex!("b125f8caee9e54b9f9414b1c09021ed8"), - }, - GcmTV { - key: &hex!("8dc1b24bcbbee3cb8e14b344166d461d00c7490041edc9fa07e19cc82a3ed9c4"), - nonce: &hex!("31768ad18c971b188d947019"), - plaintext: &hex!("84e4f79dbb7209cbaf70e4fefe137c494786c899602783e9c034296978d7f0c571f7ea9d80ed0cc4723124872d7326890300c1"), - aad: &hex!("eb3673b64560cca7bda76a1de7ae1014ee1acaee"), - ciphertext: &hex!("2402acd865d4b731bc9395eae0e57d38fdf5ce847ac7aef75791a52c7573ea9b3a296e62cb1ed97c4bd34be50ee7f3d75747cf"), - tag: &hex!("665abb725498ede2b0df655fc1765a2b"), - }, - GcmTV { - key: &hex!("bc898f643a5f2cd864c10b507b4b803b4ff4ace61fadcc7bcd98af394731b791"), - nonce: &hex!("cc447d83c0a6734a79778c64"), - plaintext: &hex!("124eb963cdb56fa49c70a9b1aa682445c55065f26859f1d16eef7cfe491587533eedd7e23deabddfc5550c2fa6a08b17822699"), - aad: &hex!("e932bd2e0e6c550d136f725e14c53d27ffb20f6a"), - ciphertext: &hex!("45d8908ef9eef369e78b7ea0b7d023a92c63648271927efe9b0220eb09ed96f3b635c6ec8bfc68b4c228b712494bb37f4c7f1a"), - tag: &hex!("47899857494bac28d2176a9c923026b2"), - }, - GcmTV { - key: &hex!("8e82a85466ee024eb1ae10c4982d6a95e6dbe5582299ab37fe89a9db80ab51a6"), - nonce: &hex!("04cfd489e18eeb7a4a8ab36b"), - plaintext: &hex!("3aa2e4eaed18c4602715ae77379e9083708af9f9b49031324d41abca61440319c8c8e6dbcc20006a825b12ced00b2286848a94"), - aad: &hex!("7bb54b1a6ed0ca387268a146430c0bfa2602a8fd"), - ciphertext: &hex!("674b1391937074642408eeae9b748ca629da9fd00281824f5a108f6078ee78f98749392bb6e29b53e53e4b11739ac53a8e653b"), - tag: &hex!("e320a873a9c2e8ef455698c37ea59a6d"), - }, - GcmTV { - key: &hex!("f1f2c5503ebf35ac1373c29e2305e963f89f6ed015a181b70fb549429805d5d9"), - nonce: &hex!("2fb5c6a24f406872755db05c"), - plaintext: &hex!("b4a2809198035c277637bb1c2927fb5c60b49ef9087c800012d8663d997983fcb78d51a054114a24e1e1b5214b58e7dee47195"), - aad: &hex!("92c1f3489aed90aedafb55562a34b3f4be29e101"), - ciphertext: &hex!("f051a3a968278a46630b2894a0d386c18fa034960d8ddd14e88e1071afbbca5baf02967c2270117b4fb2bd4cfd032174505f99"), - tag: &hex!("6f1db5293660b6904f7f008e409bdc06"), - }, - GcmTV { - key: &hex!("f0338d26d74bd1768da5bb79c59fab2b4abe1966324048790c44bc98a6b34b6c"), - nonce: &hex!("c8269e4406fa0be1cf057b2f"), - plaintext: &hex!("323c373e4d85a1fd21f387fdd8c7e6aeebd5aae893d7af286cb214600cba8b9eb06df085a2dc5aed870259f7f3cc81d3eb53bd"), - aad: &hex!("13fb0edcba095cef9c4343a0629fd5020f03729d"), - ciphertext: &hex!("08572b9cf9bcfd21d4403a1218d94476b9ee8c3b94c56625c21ccaf4c0efa34cf22a532389210793699c9de1ab14f8c4c52928"), - tag: &hex!("29968c9fb610940cee9fd5b2f7c8ba21"), - }, - GcmTV { - key: &hex!("a67648285b65b9196060aaa02af279170164353e38fb77c3968c403cfa9acdc8"), - nonce: &hex!("0822d6b3e91eccb7e14245fd"), - plaintext: &hex!("b5d271768c12ccabf89eb2d58cbde840c26d1c9b3692581f90c8b0d7b2cff31ae9192d284f5448de7d924a7b08f115edae75aa"), - aad: &hex!("0d9a5af7ac27438d92534d97ff4378274790e59f"), - ciphertext: &hex!("b59041eed7abc2ff507d1932b5c55ac52728e5ac6648dcc74b38870db6181b1989f95a0144f0db368ec50414cfda0b977141e3"), - tag: &hex!("1d12ce89e1261d73470f3ae36ab87288"), - }, - GcmTV { - key: &hex!("51162b2435f3cf43471f4cc0ffac98b438501ee9b887843a66e9951ca35b8767"), - nonce: &hex!("dcb902eaa837ed22bf5fa636"), - plaintext: &hex!("3edf43358f5109a4dfb4a02987170a67cdd170f6028f7708bdd7726f476b882b9640270f2270f7babfa384181c8e58c15d04c4"), - aad: &hex!("4d459905ff89aed07dcda43a3d191a3da9309faa"), - ciphertext: &hex!("046a2313d36cbc43b6d0787e5ef37d153090a31d0f6656004034be72b9b07ace3a8abe8614362282d87da40c29c60a1a9f5c40"), - tag: &hex!("c7410b5cb94d2877c189983791cee82e"), - }, - GcmTV { - key: &hex!("2fa2beb1cde2226f28fb42a5fb0af3fc58fbb76bf14aa436e6535d466456a0f4"), - nonce: &hex!("50190514a3740b3c0b1df576"), - plaintext: &hex!("a5e0b4837dfca263ba286abf7940b6e70fabb55d8dee5028617c1190fbd327f79b79d2f34db6076ab07cecff7114b15ca02a33"), - aad: &hex!("25142928c1ae9c7b850309e07df359389db539fc"), - ciphertext: &hex!("850fd22bd0897b98ce40bc6c1345a9d59abf796b1b8c34ee8b377e54ee7d59dec05c022ecae96ffdfa1311bdd4e7a9d35aac47"), - tag: &hex!("4b5ab89b4f627ca32d12a1791c286870"), - }, - GcmTV { - key: &hex!("a92a797ce2b2f382030b77a1abe94c8076eee88de2dc4929350b244dbdaddd30"), - nonce: &hex!("716f577401a7893c42c91710"), - plaintext: &hex!("9d26ff79a89720fab6e4cda85887e3c0c3f86a4670d065c8ea68042b6f9f16dd2c5b31acb36331f5b1e50f08c492dc12eebd9e"), - aad: &hex!("8642681f1839b88990c2a939f00c9b90766dadac"), - ciphertext: &hex!("3080bcf3604cf81f5f2c6edc80dfe5d877168a9903598a700a0bbae188fadc7a8b76a04b40400f9252d7f9437fa8f024a3bdeb"), - tag: &hex!("8fc56f6bf48efb00476886b2a03ecb89"), - }, - GcmTV { - key: &hex!("89d0723e5a087456b7b709b8b21be380b463ba3dc9b79170e9947526798fe91c"), - nonce: &hex!("68e2f307b7d49d4d9c041755"), - plaintext: &hex!("7fe2afb710e8fd49cca1c2ba8fd0814594fba4d667017630e170a8a379fa5837bf370ca1cd4c98bd8c4f13eb7068ffa71ab07c"), - aad: &hex!("b34805b30703a62b6d37c93f2443e1a33154b5fb"), - ciphertext: &hex!("b841012752bbf1dfa7b59366dbf353bf98b61ff2e6e7a13d64d9dcb58b771003c8842ac002aac1fa8ca00a21eaf101ab44f380"), - tag: &hex!("73a93e2722db63c2bbf470d5193b2230"), - }, - GcmTV { - key: &hex!("329a6e94b1cce693e445694650d62b8c2c9ab03a09e6d4eca05c48291e576b89"), - nonce: &hex!("78f471bc32f8637a213e87ac"), - plaintext: &hex!("65264d75e1a176a7e966e59109cd074ac5d54740eb0c58084af023e5599eb611846199579d95ba94b6d25ee4d9074b9714f231"), - aad: &hex!("c00c465524e2e2f8a55c0793ed9af851be45a70e"), - ciphertext: &hex!("964d665d1e3c1018dfd883e217cfe4c856cc844f7644b53bb68fbe66f8541fa43ac54e92a2b194d6d8929fe031e94b3e70eca0"), - tag: &hex!("fd511385711236f2e99e6da5042007b7"), - }, - GcmTV { - key: &hex!("463b412911767d57a0b33969e674ffe7845d313b88c6fe312f3d724be68e1fca"), - nonce: &hex!("611ce6f9a6880750de7da6cb"), - plaintext: &hex!("e7d1dcf668e2876861940e012fe52a98dacbd78ab63c08842cc9801ea581682ad54af0c34d0d7f6f59e8ee0bf4900e0fd85042"), - aad: &hex!("0a682fbc6192e1b47a5e0868787ffdafe5a50cead3575849990cdd2ea9b3597749403efb4a56684f0c6bde352d4aeec5"), - ciphertext: &hex!("8886e196010cb3849d9c1a182abe1eeab0a5f3ca423c3669a4a8703c0f146e8e956fb122e0d721b869d2b6fcd4216d7d4d3758"), - tag: &hex!("2469cecd70fd98fec9264f71df1aee9a"), - }, - GcmTV { - key: &hex!("55f9171a03c21e09e3a5fd771e56bffb775ebb190319f3dc214c4b19f72e5482"), - nonce: &hex!("14f3bf95a08e8f52eb46fbf9"), - plaintext: &hex!("af6b17fd67bc1173b063fc6f0941483cee9cbbbbed3a4dcff55a74b0c9535b977efa640e5b1a30faa859fd3daa8dd780cc94a0"), - aad: &hex!("bac1ddefd111d471e75f0efb0f8127b4da923ecc788a5c91e3e2f65e2943e4caf42f54896604af19ed0b4d8697d45ab9"), - ciphertext: &hex!("3ae8678089522371fe4bd4da99ffd83a32988e0728aa3a4970ded1fe73bc30c2eb1fe24c0ff5ab549ac7e567d7036628fd718d"), - tag: &hex!("cf59603e05f4ed1d2da04e19399b8512"), - }, - GcmTV { - key: &hex!("54601d1538e5f04dc3fe95e483e40dec0aaa58375dc868da167c9a599ed345d9"), - nonce: &hex!("c5150872e45c341c2b99c69a"), - plaintext: &hex!("ae87c08c7610a125e7aa6f93fac0f80472530b2ce4d7194f5f4cb8ac025323c6c43a806788ef50c5028764ec32f2839005c813"), - aad: &hex!("93cd7ee8648a64c59d54cdac455b05ffdfc2effe8b19b50babd8c1a8c21f5dc8dc6050e2347f4cd28701594b9f8d4de5"), - ciphertext: &hex!("d5f005dc67bdc9738407ce2401977f59c9c83520e262d0c8db7fe47ae0eada30d674694f008e222f9733a6e63d81499e247567"), - tag: &hex!("3470155144c74929980134db6995dd88"), - }, - GcmTV { - key: &hex!("e966c470cbecc819260640d5404c84382e6e649da96d29cad2d4412e671ed802"), - nonce: &hex!("b3a92d6f49fe2cb9c144d339"), - plaintext: &hex!("7adf6fcb41d59b8d2b663010c3d4cf5f5f0b95cf754f76f8626c4428467e5c6684e77e7857b1cc755762e9ea9117e3bb077040"), - aad: &hex!("dfa62a3a4b5b3af6770cfd3cef3bbb4cce3f64925782a9a8a6e15fe3744d8f9310400dd04e8d7966c03850539e440aa5"), - ciphertext: &hex!("5f5b09486e6cd2a854e5622b4988e2408fddaca42c21d946c5cd789fe5a1306ef33c8cd44467ad7aa4c8152bce656a20367284"), - tag: &hex!("2b388109afdada6473435230d747b4eb"), - }, - GcmTV { - key: &hex!("4a8a12c0575ec65ae1c5784d2829bc7b04818eb00bd4c90a0d032ea281076e27"), - nonce: &hex!("959f113b705397fb738018b0"), - plaintext: &hex!("0c5571195586e4fc7096fb86cfcd6684081446f3d7adc33a897f03ac4ff6c3cc2019b67bd3184c86070764f6deaa8a10d0d81f"), - aad: &hex!("adb8bc96142a1025122dc22f826957197af33dcdcf6b7ab56bc1a5e17e8534e48b8daf685faf9543bb343614bdf6737f"), - ciphertext: &hex!("84212d5991231d35c4e8621163e5b370a0105a05856866e74df72c0808c062981570d32d274ea732fa4d29f9cfa7839cadbe6a"), - tag: &hex!("39cee3b8fa0bf92605666ccd9eb19840"), - }, - GcmTV { - key: &hex!("6197a4fa7cfcedeff223f69ea68b4ddf54b683350c20875be353077e9bbce346"), - nonce: &hex!("1a69ecabd42c53c0ec64fcd0"), - plaintext: &hex!("40a487b4daf866c20f3c4911a0586709c3344aa988dc9c464bcf36cc4e3d92701e611e60cf69f3edbf76cd27ff6ba935026d7f"), - aad: &hex!("b20a7ca5b5b603f661587e01f7ef171823ef463c187ded77a3d616400cc1d2b0b688ac9e927498341560cbc8eb9a4198"), - ciphertext: &hex!("06420fa038ee62db30cc05bfe34c8d2c39a9d439653907c512ed606511921fe76110913a5bfb6b6c7b23d7f8883f5ab65f4b14"), - tag: &hex!("4d3097c9919002cd1da83f29820312ed"), - }, - GcmTV { - key: &hex!("c9dbe185023ecaa78be9bfac1b91b9da6bd7c11349feb69e6b0be83a838e77b2"), - nonce: &hex!("8940fa7c6afd3f7a09ec93b6"), - plaintext: &hex!("075be0d61273e6975978d0b88b3fa38fc398d4d0f22a342a8afa5562af0e7c8fa548f0d8faec898a20c97e851754992c1ed4a3"), - aad: &hex!("f17bd357608365e66b98e49191cdc2a3813bba5a1b7988aa8aaaaad4b86d0ef4e2698cad799d63fcd2a5e87c0e3e929a"), - ciphertext: &hex!("615c1097d577363a77bfc7dd57179acb68166e78021b3397d7029ce33cbc848f036b9c07989eeb9f42aeaeebe8542f103b1d32"), - tag: &hex!("a22ab25fd8a6127469e8ce9ff686d575"), - }, - GcmTV { - key: &hex!("e6cdcf497a6e119009bf43ac183d2dd4d4e967964ef92811f69eb18d92923305"), - nonce: &hex!("3e88459a76e1dcc890788297"), - plaintext: &hex!("72a3dfb555ba0029fc3d1c85b836f76135bd1858189efdde2db29045f2c26e6a65627d81a0b85ca42e8269d432a41154e929ac"), - aad: &hex!("a359f86ec918537d80a84da7b66bca700c1ff9ec7f8695a30808d484da218d15ae89c5f943e71778445130191f779001"), - ciphertext: &hex!("9ae3f8ccae0bb5789b1105118760c406e41175a76612435cb0c8be225ea6b368c9d08c9d9a24b512d1458e94af79e3060ab69e"), - tag: &hex!("ac3bbc8fd6a7097df6f298411c23e385"), - }, - GcmTV { - key: &hex!("de5531b50888b61d63af2210ee23f46d91a5e60312bd578584af586bf22ea756"), - nonce: &hex!("0fde8689b0348bbcfaa89fec"), - plaintext: &hex!("80621e54eef1c92afb1f64ed860e39311eea7e2cca6f5624008c1d2e581d7112b7ee0b559fc3db575b7b7c42ee4f2a20442dc0"), - aad: &hex!("22db97cd5f359f12aec66c51c7da79ba629db4c8c7e5501be2ec1e4cc3f3944b6e3057d093bc68b735b5156950f91804"), - ciphertext: &hex!("933018419a32b7bf65f9777c44889a44b32d61ceddbb46839366ce2ca2ffeb1833f46559e59c93bb07f622d9633f13932cf7f1"), - tag: &hex!("25023a4ee9bdbf525cfef888e2480f86"), - }, - GcmTV { - key: &hex!("bc0c6368a9bb2622f6d5ba12de581f003336c298adac34499bf26b11e630f891"), - nonce: &hex!("2aa8f30b567cf1edd818e42d"), - plaintext: &hex!("1dcc1a3167fba55c00d3383e26d386eaa0449154599992da7f7f6598f41b3eb8e4d0a9143dfcab963f5c390a6ae2010fbcf6ec"), - aad: &hex!("0e28ebf87eb757e83031fb836f7b049a46bd740b0a39c9b798d2407e1150da86dfe84121c7c98449559453ad7558e779"), - ciphertext: &hex!("78d00a6e3302369817b9cf1f24ea13c41751382e3fea74403d094737e32fb507184cfebce48d10b4ce8db12ef961e4df2c8e95"), - tag: &hex!("c0aff3594f86b58e229c7ad05c2b84f0"), - }, - GcmTV { - key: &hex!("5d98a0c7ad6f9c0b116613ca5082250356a6a9bca55fe1a4a2962b733214dac4"), - nonce: &hex!("8b2d8e8d83bdd6a3125dd997"), - plaintext: &hex!("4f3685c2cfbc856379d1fd00f9611fe4c0a4b9c4013fe1bee144449709a6a7e31ff6fb0da74ed464b066b03b50f19cd7f5f9bc"), - aad: &hex!("2f20636d46ce37e9bb0ca0c41d819e3eabcedacbd1ca3ced112d3ad620bbd3b2effe80d3ec8760706e8f14db83139a70"), - ciphertext: &hex!("8e178c0e3e5d22b3be897e0b8879b0d53fef2efb9946ccff6d717b001e3033f2cc22d01d9551e9c0749de704fbe3189328cbb0"), - tag: &hex!("541b7db823e37b5ed323626b9c6748f6"), - }, - GcmTV { - key: &hex!("d80a2703e982de1a2fe706ffe6e389f351ab356ccf056df045e2941b42ef21a4"), - nonce: &hex!("1521ab8f7242cba05427f429"), - plaintext: &hex!("6f9fde28e85776a49cfbad1459d94611757a3cd996aa6e2d702d0483a4d88d532131ebd405b351226b16d19d30d32807a1d511"), - aad: &hex!("5395de90d6bec7c159ab9d6cfa663bdc6295d025e1fcc8b760b9ba42d785eda218dabc6fa7c0f733ad77f61682bff2db"), - ciphertext: &hex!("1e72a8495ceadaf0d31b28ba7cb7c37ccb117761d38fe7dd98eb230ff4ea0b400401e9b5311a7be9b2a533523ad469e2fdb233"), - tag: &hex!("bb174b7624c935ff75b3b77ff7068a98"), - }, - GcmTV { - key: &hex!("6d5c69d7135c0b5b7fef512c127fa788092f1a908358ab658b8f23e463409aa5"), - nonce: &hex!("b36cccad38cd6148a384a026"), - plaintext: &hex!("b4e74f5c56f2ea056d9ff931525944dfad207e063ba226c354e0320a50449967e964580d9b57028c14005aba6865f8bc6a3ef8"), - aad: &hex!("b19f4616bb1452251a2a7dbf78f920194f139e0424d27683621d1ee1e865737c2466e058439c8e122e582a7b63607ce9"), - ciphertext: &hex!("1ce12cd5502efa9ea259584ae9b3c7dbd9444380d4b77a2c787f9b2257019b23ee183dffebb3106a26b18d8a23445626a578e2"), - tag: &hex!("62945e31bae3181855b69c37898ac5bf"), - }, - GcmTV { - key: &hex!("e6afe3c4db2c1d13edb1c5931b2b4b515ec0fd6201139ee1ea55cec92263830e"), - nonce: &hex!("358bd9ea64177d1e23a41726"), - plaintext: &hex!("710bb3394b094ee7d053bc6599b26dafd337e8a61c580d0446c3bf195e77ca5132c8ec3a47a61579dce38360bba7c65e4d5634"), - aad: &hex!("7e0f841cddd7eeebd1ec7b7b8d0e2f71656e5e9ff3cfa739c0b9d0ec4941a0b3f3b396690dbe5f5082d6fb6dd701c68d"), - ciphertext: &hex!("4574a8db515b41c14c2a962dff34e2161a7195c491b11b79889aff93c5b79a6455df9fe8ef5c5b9edb5da1aa9fe66058b9065f"), - tag: &hex!("7c928d7f5cbac9bb4b5928fe727899eb"), - }, - GcmTV { - key: &hex!("5cb962278d79417b7795499e8b92befe4228f3ba5f31992201aa356a6d139a67"), - nonce: &hex!("76f7e7608f09a05f336994cf"), - plaintext: &hex!("2e12cbd468086aa70e2ecd1ddef561e85c225dd083e5956f5c67503344b0ea982bb5044dafbcc02a5b9be1e9b988902d80172b"), - aad: &hex!("032de3fdec273fc8446c2bf767e201f2c7c190acf9d6d321a24a0462cbc3356e798fe23d6c1b4fe83be9c95d71c05504"), - ciphertext: &hex!("c959344a46aa5216d2b37c832436eb72a4a363a6df5642cfbbfd640dea1d64c80bd97eabc1aab192969ee0b799e592a13d2351"), - tag: &hex!("51b227eaf7228a4419f2f3b79b53463a"), - }, - GcmTV { - key: &hex!("148579a3cbca86d5520d66c0ec71ca5f7e41ba78e56dc6eebd566fed547fe691"), - nonce: &hex!("b08a5ea1927499c6ecbfd4e0"), - plaintext: &hex!("9d0b15fdf1bd595f91f8b3abc0f7dec927dfd4799935a1795d9ce00c9b879434420fe42c275a7cd7b39d638fb81ca52b49dc41"), - aad: &hex!("e4f963f015ffbb99ee3349bbaf7e8e8e6c2a71c230a48f9d59860a29091d2747e01a5ca572347e247d25f56ba7ae8e05cde2be3c97931292c02370208ecd097ef692687fecf2f419d3200162a6480a57dad408a0dfeb492e2c5d"), - ciphertext: &hex!("2097e372950a5e9383c675e89eea1c314f999159f5611344b298cda45e62843716f215f82ee663919c64002a5c198d7878fd3f"), - tag: &hex!("adbecdb0d5c2224d804d2886ff9a5760"), - }, - GcmTV { - key: &hex!("e49af19182faef0ebeeba9f2d3be044e77b1212358366e4ef59e008aebcd9788"), - nonce: &hex!("e7f37d79a6a487a5a703edbb"), - plaintext: &hex!("461cd0caf7427a3d44408d825ed719237272ecd503b9094d1f62c97d63ed83a0b50bdc804ffdd7991da7a5b6dcf48d4bcd2cbc"), - aad: &hex!("19a9a1cfc647346781bef51ed9070d05f99a0e0192a223c5cd2522dbdf97d9739dd39fb178ade3339e68774b058aa03e9a20a9a205bc05f32381df4d63396ef691fefd5a71b49a2ad82d5ea428778ca47ee1398792762413cff4"), - ciphertext: &hex!("32ca3588e3e56eb4c8301b009d8b84b8a900b2b88ca3c21944205e9dd7311757b51394ae90d8bb3807b471677614f4198af909"), - tag: &hex!("3e403d035c71d88f1be1a256c89ba6ad"), - }, - GcmTV { - key: &hex!("c277df045d0a1a3956958f271055c229d2634427b1d73e99d54920da69f72e01"), - nonce: &hex!("79e24f84bc77a21a6cb14ee2"), - plaintext: &hex!("5ca68d858cc30b1cb0514c4e9de98e1a1a835df401f69e9ec6f1bcb1158f09114dff551683b3827457f77e17a7097b1ea69eac"), - aad: &hex!("ca09282238d492029afbd30ea9b4aa9d448d77b4b41a791c35ebe3f8e5034ac71210117a843fae647cea020712c27e5c8f85acf933d5e28430c7770862d8dbb197cbbcfe49dd63f6aa05fbd13e32c459342698dfee5935c7c321"), - ciphertext: &hex!("5c5223c8eda59a8dc28b08e6c21482a46e5d84d32c7050bf144fc57f4e8094de133198da7b4b8398b167204aff837da15d9ab2"), - tag: &hex!("378885950a4491bee3cd681d3c957b9a"), - }, - GcmTV { - key: &hex!("4d07f78d19e6d8bb32bf209f138307890f0f1ae39362779ff2bf1f9b734fe653"), - nonce: &hex!("d983a5d5af78a3b1cd5fbd58"), - plaintext: &hex!("94f0bbc4340d97d854e25cc7ce85ea1e781e68bf6f639e0a981bb03e3c209cbf5127171cb0fff65bc3ecac92774d10146d1ac5"), - aad: &hex!("a3dc9ff9210bc4b3276909883db2c2aa0762cd22b46901a248c0372d073e7778b9c1d8469b26bb42406e484ef7747f71dea785fc0020a2eac17e0ac3fbe0453629efd68d5678fbecc10af8ffbe7828f826defb638763f4ecfe82"), - ciphertext: &hex!("6543b4d97fccd273b36436fef719ac31bf0e5c4c058ea71aea2a0e5b60e329be6ea81ce386e6e9fe4480e58363c3b2036865ac"), - tag: &hex!("924cf7c0770f228a4b92e9b2a11fc70b"), - }, - GcmTV { - key: &hex!("9572b9c57abdf1caae3bebc0e4bbf9e556b5cbacca2c4756050fefd10a666155"), - nonce: &hex!("de292a9858caaccdcab6a433"), - plaintext: &hex!("6f420a32708ccd4df0d3149e8c1d88dceba66ee4546f38db07046ebf30f47627f7fdda1dd79783adabe5f6b6853857b99b864c"), - aad: &hex!("a042d97a9b8f6caf51c5f24522d7ed83e2c5d8ec6b37ef2598134a30e57319300c3fdf92fb1d9797f5ef00971f662aae768f69f9ca0455bd6d1059d5f85b8ecb977006b833f90ac2d5bbf4498c83f4d1a42584c0dfc4a2e2453c"), - ciphertext: &hex!("a9af961d61ab578cc1348eb6f729603f481c5d9bf9bee3a13eda022bd09c03a4f207c21c45c0232a9742ae8f0c54b4278a3a63"), - tag: &hex!("eff9bb26156ec76f0060cd93a959e055"), - }, - GcmTV { - key: &hex!("3cc8671c4d25c3cbc887f4dcbd64e531e91cf6252f6ee9c29d9988d20ab6747f"), - nonce: &hex!("f960a09c0b5067280926a9c3"), - plaintext: &hex!("5b58717b0b32076566b58bf37c6133e61468b2be67715fb0007fe390c4b5578decf55502a4e3c12e7bdf0ba98784d126e4753a"), - aad: &hex!("79d73a7ff86698e6114a0f465373fbee029e042424c439b22e3ad37b36b9e02bab82e16844114e99e39c169f462fe61b87c4627c394384acc9531680706e4e56491a304c6075cca37c64db24468c1fb9519605c83f0ee3e0316a"), - ciphertext: &hex!("1d0be097470c1ac30619f63c3961152ab27db88ce694b7bba4db185cb31803cc7bab890e931c90766621bfe5d887eb0cd6995d"), - tag: &hex!("dbd57ea091ff16fc7dbc5435030cc74e"), - }, - GcmTV { - key: &hex!("882068be4552d7ad224fc8fa2af00d6abf76ccf1a7689d75f6f0e9bd82c1215e"), - nonce: &hex!("890a5315992f12674d1c8018"), - plaintext: &hex!("8464c03e0280cb1f63c054a24a050e980f60cc7313f09f2092c45d77bbe9ad2a8c1f6cdca2acd8c57c87e887edadb66bcb66c4"), - aad: &hex!("916721df816b1cad531dee8e4a8e634d43ed87db99609bcc986d16bfac2cff577d536d749a5c3625de53c5351825c228911f0a64be1fc9738a26394efe5332c0762bf59b65d3f1c5aafa9ca2e63eccd59568e6c0269950911a71"), - ciphertext: &hex!("020e297d907177dba12dde4bfe1b0ff9b6a9d9db0695193e4181449e157137b59b488616ba151b06d889f8498ce373d2396ab9"), - tag: &hex!("e48537ecb27460b477a6e7c3463dbcb0"), - }, - GcmTV { - key: &hex!("4deadcf0f7e19231f8afcb6fb902b105bef23f2fa9323a51833ff8368ccb4f91"), - nonce: &hex!("6d4d01abd587ed110e512ed2"), - plaintext: &hex!("75686e0fdd3fd96f3e6dfafd7a2a907f9f375d93943cb2229bd72b032bf624af4fc72071289386e3dccc45959e47ab42b261a2"), - aad: &hex!("31a2797318104b2dc9977e599435b041c56bafe5e7d901a58614c2d3fb9d220e3fd3e2828cef69e0604ed73340cb1e21967294dcd874893942442200b2a5b860ee8cf91e1d8eb3d364d0e43e84f6379f434a1ae17c236b216842"), - ciphertext: &hex!("8feaf9a089599812117a67aed2f4bf3431ff1f6cfd64ea5ff475287abb4ff1ab6b3e4f8a55d1c6b3f08594f403e771ec7e9956"), - tag: &hex!("5040407621712e053591179e1689698e"), - }, - GcmTV { - key: &hex!("80f1c515f10d79cdbee275213aa9ac0845e2cf42874f7e695081cb103abf1a27"), - nonce: &hex!("399d5f9b218b62ff60c267bd"), - plaintext: &hex!("9e95221873f65282dd1ec75494d2500e62a2b6edda5a6f33b3d4dd7516ef25cf4154472e61c6aed2749c5a7d86637052b00f54"), - aad: &hex!("d2a8fff8ae24a6a5efc75764549a765222df317e323a798cbb8a23d1af8fdf8a3b767f55703b1c0feba3912d4234441978191262f1999c69caa4e9a3e0454c143af0022cd6e44cec14149f9e9964a1f2c5e5a6e3e768bd870060"), - ciphertext: &hex!("4f996562e23ebbfd4fe26523aee9525b13d6e134e72d21bdc7f195c6403501fd8300b6e597b668f199f93591ba742a91b54454"), - tag: &hex!("2da1c7325f58575d275abf96c7fa9e51"), - }, - GcmTV { - key: &hex!("c2c6e9be5a480a4a56bfcd0e268faa2276093bd1f7e8ce61e746d003decc761e"), - nonce: &hex!("c1541eb25721d4856df8f928"), - plaintext: &hex!("87d22e0318fbbb420b86b0585bd12c14645ff2c742e5639b3a114cc96c5f738edfbe2055116f259e3d6c14cb6d8fca45708289"), - aad: &hex!("f34e79e5fe437eda03ccfef2f1d6319df51a71c9891863e4b98a7298bd64490460354db5a28b0fadcb815024ea17f3b84810e27954afb1fdf44f0defb930b1793684a781310b9af95b4bcf0a727a2cb0ac529b805811b3721d98"), - ciphertext: &hex!("b5d6e57c7aa0240e0b6e332d3b3323b525a3d8a553ad041ba599e909188da537c3293d1687fb967882d16a5615b84e95f9dd77"), - tag: &hex!("1cce334cec4b51216cac0fc620cdadf9"), - }, - GcmTV { - key: &hex!("ea0d6184a71456e27f9ac82dfc7f6694c898f7c0d19d1cb0db4e575dd0094bb6"), - nonce: &hex!("5018fb816d515511bfb939d5"), - plaintext: &hex!("083147d0c80f134f7393855c8a95bf6e6abd6f9a7b1fca584e8bfc6b5dc13a8edbfd473e232c041d9be9ee7709dc86b3aa320a"), - aad: &hex!("8bc6bd0a263212bd7281fd1a45e512fca104f859358eae9293a297c529a0abaffd8a77507b9069040f2b3141a7620691e110a8b593b956d8e3e71694506b89018a03861c1ba6082687adce15a874c73477430cef075eba077a93"), - ciphertext: &hex!("f0a5c4941782e2f2941dd05acee29b65341773f2e8d51935a3f4fa6f268ff030c880976cf1ee858f6571abd8411b695a2fadf0"), - tag: &hex!("067d8cc2d38c30697272daa00c7f70cf"), - }, - GcmTV { - key: &hex!("c624feb6cb0d78d634b627134c692f0bf5debf84d8639e22ff27ce2ace49d438"), - nonce: &hex!("a54f4f1204255f6b312222cd"), - plaintext: &hex!("ec34f45c1b70fd56518cc5c404cc13330ab7d51c10f4d2cfeb26b097ae76897191ec1b3953b0086e425c7da221d29f65d5ccf3"), - aad: &hex!("d9099ba6be50dca77e0b9803766ad993132479fbab43b8f4126a7f9ef673ac0caf2de235e1e84ad9fe505c43d1ac779f5072c025c14ea0d930ce39db8c5930baada23b3e4654470e559fcb6eb1c133a77318b87cc7913e12d404"), - ciphertext: &hex!("713d28a5123d65e82cca6e7fd919e1e5e3bdaab12ae715cf8b7c974eb5f62be8c3b42637074c6b891f6c6033eb4b7e61db9f0b"), - tag: &hex!("01ededff6e4d1dce4ac790218e208ebe"), - }, - GcmTV { - key: &hex!("1afc68b32596198ae0f3a8612751c2413322e8054ff2ac6bede3d4a1ee20ee62"), - nonce: &hex!("356860e76e794492de6a68f3"), - plaintext: &hex!("293041038f9e8edee23d2f18bce87b522380f1fa18b3021830a54ab891da8548095228ed9860176152e27945d66254f0db8590"), - aad: &hex!("205e44009e0ef963838aff615b35c9f1271d487cf719677d956718bce8ab676cceb636ad381432c5c790c26b07051b661a2fec4e607f9644f84993c8335db21ae36b6008bab2883ad7541809bf5f49272295c1c1f1cf8c678553"), - ciphertext: &hex!("e06109680d5fefd345665ec9a5b2e7bf3ece3af1b62841a95c453e7753b5a1d6d8a10b3c6c42df1f23832b74e74871821f1c0b"), - tag: &hex!("953d8d04f70e2af055ac902a455235b2"), - }, - GcmTV { - key: &hex!("f61b723359e798fefecc26b10b168dc331c639079598f1f651166cc58c671ee1"), - nonce: &hex!("b07e9407b592d4fd95509343"), - plaintext: &hex!("2724f1ad6b5b409a59c7f2ff649eb24b4a33a03d7a0426e29a6ea3aa91b4f00699fbed75bb7189964303e2e9fe3a7e5f74b7a1"), - aad: &hex!("1429c6f27828cb94ad5e62451da10fd574660cec2b8f279a19bbb8a167a630d3ac60db04e8faa02204792e49aed4501844a419d3ecdff0d03799866fee81a91187b08a44d5bb617ff3b2cef79cd48750ea20903e1d3627a17730"), - ciphertext: &hex!("362bad8de943dce8f53edf682d02e1d893c23c5272b13fd35b492f8477083a8c34027db32b6131931f03555ac5fbc6dbb13801"), - tag: &hex!("a51775606343755691f125019b44fdfc"), - }, - GcmTV { - key: &hex!("6be7f4d18ff0fbdd9b3b3cacaba4629a0c617387079add62f6ce1584b33faad1"), - nonce: &hex!("fda568c9cb13d9c176bcef03"), - plaintext: &hex!("4df668e99d5068604a48bcca5baa8245435928558a83d68d7b0b081861224e9bd39ea8f2d55a635949e66c6f6a7ff5cc34dd94"), - aad: &hex!("11ebeb97dd4a9925c1fbe2b9af77392058d2d971e42db15da39f090d7bc132573c34bf7d92a2d72dc66ee6840c3ff07985b8976ee8d8f36bf47ae330b899fdc60652dd5a23c45f3680f11951f019e0697c8acfcaa95f01b9c7dd"), - ciphertext: &hex!("488b40ad594e1845ccdd9e9467fc5e1afbbfde34e57d45bfcd30b61cc326d57fe8e3f31a39cdebf00f60bbd2c3cdf69f756eff"), - tag: &hex!("3bf3fbab9b48486fd08a5552604df639"), - }, - ]; -} diff --git a/crypto/src/hash.rs b/crypto/src/hash.rs deleted file mode 100644 index d148517c2..000000000 --- a/crypto/src/hash.rs +++ /dev/null @@ -1,253 +0,0 @@ -// (c) 2020-2022 ZeroTier, Inc. -- currently proprietary pending actual release and licensing. See LICENSE.md. - -use std::ffi::c_void; -use std::io::Write; -use std::os::raw::{c_int, c_uint}; -use std::ptr::null; - -pub const SHA512_HASH_SIZE: usize = 64; -pub const SHA384_HASH_SIZE: usize = 48; -pub const HMAC_SHA512_SIZE: usize = 64; -pub const HMAC_SHA384_SIZE: usize = 48; - -pub struct SHA512(Option); - -impl SHA512 { - #[inline(always)] - pub fn hash(b: &[u8]) -> [u8; SHA512_HASH_SIZE] { - openssl::sha::sha512(b) - } - - #[inline(always)] - pub fn new() -> Self { - Self(Some(openssl::sha::Sha512::new())) - } - - #[inline(always)] - pub fn reset(&mut self) { - let _ = self.0.replace(openssl::sha::Sha512::new()); - } - - #[inline(always)] - pub fn update(&mut self, b: &[u8]) { - self.0.as_mut().unwrap().update(b); - } - - #[inline(always)] - pub fn finish(&mut self) -> [u8; SHA512_HASH_SIZE] { - self.0.take().unwrap().finish() - } -} - -impl Write for SHA512 { - #[inline(always)] - fn write(&mut self, b: &[u8]) -> std::io::Result { - self.0.as_mut().unwrap().update(b); - Ok(b.len()) - } - - #[inline(always)] - fn flush(&mut self) -> std::io::Result<()> { - Ok(()) - } -} - -unsafe impl Send for SHA512 {} - -pub struct SHA384(Option); - -impl SHA384 { - #[inline(always)] - pub fn hash(b: &[u8]) -> [u8; SHA384_HASH_SIZE] { - openssl::sha::sha384(b) - } - - #[inline(always)] - pub fn new() -> Self { - Self(Some(openssl::sha::Sha384::new())) - } - - #[inline(always)] - pub fn reset(&mut self) { - let _ = self.0.replace(openssl::sha::Sha384::new()); - } - - #[inline(always)] - pub fn update(&mut self, b: &[u8]) { - self.0.as_mut().unwrap().update(b); - } - - #[inline(always)] - pub fn finish(&mut self) -> [u8; SHA384_HASH_SIZE] { - self.0.take().unwrap().finish() - } -} - -impl Write for SHA384 { - #[inline(always)] - fn write(&mut self, b: &[u8]) -> std::io::Result { - self.0.as_mut().unwrap().update(b); - Ok(b.len()) - } - - #[inline(always)] - fn flush(&mut self) -> std::io::Result<()> { - Ok(()) - } -} - -unsafe impl Send for SHA384 {} - -//#[link(name="crypto")] -extern "C" { - fn HMAC_CTX_new() -> *mut c_void; - fn HMAC_CTX_reset(ctx: *mut c_void) -> c_int; - fn HMAC_Init_ex(ctx: *mut c_void, key: *const c_void, key_len: c_int, evp_md: *const c_void, _impl: *const c_void) -> c_int; - fn HMAC_Update(ctx: *mut c_void, data: *const c_void, len: usize) -> c_int; - fn HMAC_Final(ctx: *mut c_void, output: *mut c_void, output_len: *mut c_uint) -> c_int; - fn HMAC_CTX_free(ctx: *mut c_void); - fn EVP_sha384() -> *const c_void; - fn EVP_sha512() -> *const c_void; -} - -pub struct HMACSHA512 { - ctx: *mut c_void, - evp_md: *const c_void, -} - -impl HMACSHA512 { - #[inline(always)] - pub fn new(key: &[u8]) -> Self { - unsafe { - let hm = Self { ctx: HMAC_CTX_new(), evp_md: EVP_sha512() }; - assert!(!hm.ctx.is_null()); - assert_ne!(HMAC_Init_ex(hm.ctx, key.as_ptr().cast(), key.len() as c_int, hm.evp_md, null()), 0); - hm - } - } - - #[inline(always)] - pub fn reset(&mut self) { - unsafe { - assert_ne!(HMAC_CTX_reset(self.ctx), 0); - } - } - - #[inline(always)] - pub fn update(&mut self, b: &[u8]) { - unsafe { - assert_ne!(HMAC_Update(self.ctx, b.as_ptr().cast(), b.len()), 0); - } - } - - #[inline(always)] - pub fn finish_into(&mut self, md: &mut [u8]) { - unsafe { - assert_eq!(md.len(), 64); - let mut mdlen: c_uint = 64; - assert_ne!(HMAC_Final(self.ctx, md.as_mut_ptr().cast(), &mut mdlen), 0); - assert_eq!(mdlen, 64); - } - } - - #[inline(always)] - pub fn finish(&mut self) -> [u8; 64] { - let mut tmp = [0u8; 64]; - self.finish_into(&mut tmp); - tmp - } -} - -impl Drop for HMACSHA512 { - #[inline(always)] - fn drop(&mut self) { - unsafe { HMAC_CTX_free(self.ctx) }; - } -} - -unsafe impl Send for HMACSHA512 {} - -pub struct HMACSHA384 { - ctx: *mut c_void, - evp_md: *const c_void, -} - -impl HMACSHA384 { - #[inline(always)] - pub fn new(key: &[u8]) -> Self { - unsafe { - let hm = Self { ctx: HMAC_CTX_new(), evp_md: EVP_sha384() }; - assert!(!hm.ctx.is_null()); - assert_ne!(HMAC_Init_ex(hm.ctx, key.as_ptr().cast(), key.len() as c_int, hm.evp_md, null()), 0); - hm - } - } - - #[inline(always)] - pub fn reset(&mut self) { - unsafe { - assert_ne!(HMAC_CTX_reset(self.ctx), 0); - } - } - - #[inline(always)] - pub fn update(&mut self, b: &[u8]) { - unsafe { - assert_ne!(HMAC_Update(self.ctx, b.as_ptr().cast(), b.len()), 0); - } - } - - #[inline(always)] - pub fn finish_into(&mut self, md: &mut [u8]) { - unsafe { - assert_eq!(md.len(), 48); - let mut mdlen: c_uint = 48; - assert_ne!(HMAC_Final(self.ctx, md.as_mut_ptr().cast(), &mut mdlen), 0); - assert_eq!(mdlen, 48); - } - } - - #[inline(always)] - pub fn finish(&mut self) -> [u8; 48] { - let mut tmp = [0u8; 48]; - self.finish_into(&mut tmp); - tmp - } -} - -impl Drop for HMACSHA384 { - #[inline(always)] - fn drop(&mut self) { - unsafe { HMAC_CTX_free(self.ctx) }; - } -} - -unsafe impl Send for HMACSHA384 {} - -#[inline(always)] -pub fn hmac_sha512(key: &[u8], msg: &[u8]) -> [u8; 64] { - let mut hm = HMACSHA512::new(key); - hm.update(msg); - hm.finish() -} - -#[inline(always)] -pub fn hmac_sha512_into(key: &[u8], msg: &[u8], md: &mut [u8]) { - let mut hm = HMACSHA512::new(key); - hm.update(msg); - hm.finish_into(md); -} - -#[inline(always)] -pub fn hmac_sha384(key: &[u8], msg: &[u8]) -> [u8; 48] { - let mut hm = HMACSHA384::new(key); - hm.update(msg); - hm.finish() -} - -#[inline(always)] -pub fn hmac_sha384_into(key: &[u8], msg: &[u8], md: &mut [u8]) { - let mut hm = HMACSHA384::new(key); - hm.update(msg); - hm.finish_into(md); -} diff --git a/crypto/src/lib.rs b/crypto/src/lib.rs index d2812429f..b1f39e6c7 100644 --- a/crypto/src/lib.rs +++ b/crypto/src/lib.rs @@ -1,13 +1,13 @@ // (c) 2020-2022 ZeroTier, Inc. -- currently proprietary pending actual release and licensing. See LICENSE.md. +pub use openssl::aes; +pub use openssl::hash; +pub use openssl::p384; +pub use openssl::random; +pub use openssl::secret; -pub mod aes; -pub mod aes_gmac_siv; -pub mod hash; -pub mod p384; +//pub mod aes_gmac_siv; pub mod poly1305; -pub mod random; pub mod salsa; -pub mod secret; pub mod typestate; pub mod x25519; diff --git a/crypto/src/x25519.rs b/crypto/src/x25519.rs index e0a2d8b7d..afffdee16 100644 --- a/crypto/src/x25519.rs +++ b/crypto/src/x25519.rs @@ -5,8 +5,8 @@ use std::io::Write; use ed25519_dalek::Digest; -use crate::random::SecureRandom; -use crate::secret::Secret; +use openssl::random::SecureRandom; +use openssl::secret::Secret; pub const C25519_PUBLIC_KEY_SIZE: usize = 32; pub const C25519_SECRET_KEY_SIZE: usize = 32; diff --git a/openssl-sys/CHANGELOG.md b/openssl-sys/CHANGELOG.md new file mode 100644 index 000000000..1bf8690db --- /dev/null +++ b/openssl-sys/CHANGELOG.md @@ -0,0 +1,411 @@ +# Change Log + +## [Unreleased] + +## [v0.9.80] - 2022-12-20 + +### Fixed + +* Added `NO_DEPRECATED_3_0` cfg checks for more APIs. + +### Added + +* Added support for LibreSSL 3.7.0. +* Added `SSL_CTRL_CHAIN_CERT` and `SSL_add0_chain_cert`. +* Added `EVP_PKEY_get_security_bits` and `EVP_PKEY_security_bits`. +* Added `OSSL_PROVIDER_set_default_search_path`. + +## [v0.9.79] - 2022-12-06 + +### Added + +* Added `EVP_CIPHER_CTX_num`. +* Added `X509_LOOKUP_file` and `X509_load_cert_file`. + +## [v0.9.78] - 2022-11-23 + +### Added + +* Added support for LibreSSL 3.6.x. +* Added `NID_brainpoolP256r1`, `NID_brainpoolP384r1`, and `NID_brainpool512r1`. +* Added `EVP_camellia_128_cfb128`, `EVP_camellia_128_ecb`, `EVP_camellia_192_cfb128`, `EVP_camellia_192_ecb`, + `EVP_camellia_256_cfb128`, and `EVP_camellia_256_ecb`. +* Added `EVP_cast5_cfb64` and `EVP_cast5_ecb`. +* Added `EVP_idea_cfb64` and `EVP_idea_ecb`. +* Added `DSA_SIG`, `d2i_DSA_SIG`, `i2d_DSA_SIG`, `DSA_SIG_new`, `DSA_SIG_free`, `DSA_SIG_get0`, and `DSA_SIG_set0`. +* Added `X509_STORE_set1_param`, `X509_VERIFY_PARAM_new`, `X509_VERIFY_PARAM_set_time`, and + `X509_VERIFY_PARAM_set_depth`. + +## [v0.9.77] - 2022-10-22 + +### Added + +* Added support for LibreSSL 3.6.0 +* Added `assume_init`. + +## [v0.9.76] - 2022-09-26 + +### Added + +* Added `SSL_get_psk_identity_hint` and `SSL_get_psk_identity`. +* Added SHA-3 NID constants. +* Added `SSL_OP_PRIORITIZE_CHACHA`. +* Added `X509_REQ_print`. +* Added `EVP_MD_CTX_size` and `EVP_MD_CTX_get_size` +* Added `EVP_MD_CTX_reset`. +* Added experimental, unstable support for BoringSSL. + +### Fixed + +* Fixed the deprecation note on `SSL_CTX_set_alpn_select_cb`. + +## [v0.9.75] - 2022-07-09 + +### Added + +* Added SM4 bindings. +* Added `EC_GROUP_set_generator` and `EC_POINT_set_affine_coordinates_GFp`. + +## [v0.9.74] - 2022-06-01 + +### Added + +* Added `EVP_MD_block_size`. +* Added `X509V3_EXT_add_alias`. +* Added `X509_V_ERR_INVALID_CA` back when building against OpenSSL 3.0. + +## [v0.9.73] - 2022-05-02 + +### Added + +* Added support for installations that place libraries in `$OPENSSL_DIR/lib64` in addition to `$OPENSSL_DIR/lib`. +* Added `X509_issuer_name_hash`. +* Added `ASN1_string_set`. +* Added `X509_CRL_dup`, `X509_REQ_dup`, `X509_NAME_dup`, and `X509_dup`. +* Added `X509_print`. +* Added support for LibreSSL 3.5.x. + +## [v0.9.72] - 2021-12-11 + +### Changed + +* Temporarily downgraded the vendored OpenSSL back to 1.1.1 due to significant performance regressions. We will move + back to 3.0.0 when a future release resolves those issues. + +### Added + +* Added `PKCS12_set_mac`. +* Added `EVP_PKEY_sign_init`, `EVP_PKEY_sign`, `EVP_PKEY_verify_init`, and `EVP_PKEY_verify`. +* Added support for LibreSSL 3.4.x. + +## [v0.9.71] + +### Fixed + +* Fixed linkage to static OpenSSL 3.0.0 libraries on some 32 bit Android targets. + +### Added + +* Added support for LibreSSL 3.4.1. +* Added `SSL_get_extms_support` and `SSL_CTRL_GET_EXTMS_SUPPORT`. +* Added `OBJ_create`. +* Added `EVP_CIPHER_CTX_get0_cipher`, `EVP_CIPHER_CTX_get_block_size`, `EVP_CIPHER_CTX_get_key_length`, + `EVP_CIPHER_CTX_get_iv_length`, and `EVP_CIPHER_CTX_get_tag_length`. +* Added `EVP_CIPHER_free`. +* Added `EVP_CIPHER_CTX_rand_key`. +* Added `OSSL_LIB_CTX_new` and `OSSL_LIB_CTX_free`. +* Added `EVP_CIPHER_fetch`. +* Added `EVP_MD_fetch` and `EVP_MD_free`. +* Added `OPENSSL_malloc` and `OPENSSL_free`. +* Added `EVP_DigestSignUpdate` and `EVP_DigestVerifyUpdate`. + +## [v0.9.70] - 2021-10-31 + +### Fixed + +* Fixed linkage to static 3.0.0 OpenSSL libraries on some 32 bit architectures. + +## [v0.9.69] - 2021-10-31 + +### Changed + +* Upgraded the vendored OpenSSL to 3.0.0. + +### Added + +* Added support for automatic detection of Homebrew `openssl@3` installs. +* Added `EVP_PKEY_Q_keygen` and `EVP_EC_gen`. + +## [v0.9.68] - 2021-10-27 + +### Added + +* Added `BN_bn2binpad`. +* Added `i2d_X509_NAME` and `d2i_X509_NAME`. +* Added `BN_FLG_MALLOCED`, `BN_FLG_STATIC_DATA`, `BN_FLG_CONSTTIME`, and `BN_FLG_SECURE`. +* Added `BN_CTX_secure_new`, `BN_secure_new`, `BN_set_flags`, and `BN_get_flags`. + +## [v0.9.67] - 2021-09-21 + +### Added + +* Added support for LibreSSL 3.4.0 + +## [v0.9.66] - 2021-08-17 + +### Added + +* Added `EVP_seed_cbc`, `EVP_seed_cfb128`, `EVP_seed_ecb`, and `EVP_seed_ofb`. +* Added `OBJ_length` and `OBJ_get0_data`. +* Added `i2d_PKCS8PrivateKey_bio`. + +## [v0.9.65] - 2021-06-21 + +### Fixed + +* Restored the accidentally deleted `PEM_read_bio_X509_CRL` function. + +## [v0.9.64] - 2021-06-18 + +### Added + +* Added support for OpenSSL 3.x.x. +* Added `SSL_peek`. +* Added `ERR_LIB_ASN1` and `ASN1_R_HEADER_TOO_LONG`. +* Added `d2i_X509_bio`. +* Added `OBJ_nid2obj`. +* Added `RAND_add`. +* Added `SSL_CTX_set_post_handshake_auth`. +* Added `COMP_get_type`. +* Added `X509_get_default_cert_file_env`, `X509_get_default_cert_file`, `X509_get_default_cert_dir_env`, and + `X509_get_default_cirt_dir`. + +## [v0.9.63] - 2021-05-06 + +### Added + +* Added support for LibreSSL 3.3.x. + +## [v0.9.62] - 2021-04-28 + +### Added + +* Added support for LibreSSL 3.3.2. +* Added `DH_set0_key`. +* Added `EC_POINT_get_affine_coordinates`. + +## [v0.9.61] - 2021-03-13 + +### Added + +* Added support for automatic detection of OpenSSL installations via pkgsrc and MacPorts on macOS. +* Added various `V_ASN1_*` constants. +* Added `DH_generate_parameters_ex`. +* Added `EC_POINT_is_at_infinity` and `EC_POINT_is_on_curve`. +* Added `EVP_CIPHER_nid`. +* Added `EVP_sm3`. +* Added `NID_*` constants related to SM3. +* Added `PKCS7_get0_signers`. +* Added `EVP_PKEY_CTX_set0_rsa_oaep_label`. +* Added `ACCESS_DESCRIPTION` and `ACCESS_DESCRIPTION_free`. + +## [v0.9.60] - 2020-12-24 + +### Added + +* Added support for the default Homebrew install directory on ARM. +* Added `EVP_PKEY_CTX_set_rsa_oaep_md` and `EVP_PKEY_CTRL_RSA_OAEP_MD`. + +## [v0.9.59] - 2020-12-09 + +### Added + +* Added support for LibreSSL 3.2.x, 3.3.0, and 3.3.1. +* Added `DH_generate_parameters`, `DH_generate_key`, `DH_compute_key`, and `DH_size`. +* Added `NID_X25519`, `NID_X448`, `EVP_PKEY_x25519` and `EVP_PKEY_x448`. +* Added `OBJ_txt2obj`. +* Added `d2i_PKCS7` and `i2d_PKCS7`. +* Added `SRTP_AEAD_AES_128_GCM` and `SRTP_AEAD_AES_256_GCM`. + +## [v0.9.58] - 2020-06-05 + +### Added + +* Added `SSL_set_mtu`. +* Added support for LibreSSL 3.2.0. +* Added `PEM_read_bio_EC_PUBKEY`, `PEM_write_bio_EC_PUBKEY`, `d2i_EC_PUBKEY`, and `i2d_EC_PUBKEY`. +* Added `EVP_PKEY_encrypt_init`, `EVP_PKEY_encrypt`, `EVP_PKEY_decrypt_init`, `EVP_PKEY_decrypt`, + `EVP_PKEY_get_raw_public_key`, `EVP_PKEY_new_raw_public_key`, `EVP_PKEY_get_raw_private_key`, + and `EVP_PKEY_new_raw_private_key`. +* Added `OBJ_sn2nid`. + +## [v0.9.57] - 2020-05-24 + +### Added + +* Added support for LibreSSL 3.1.x. + +## [v0.9.56] - 2020-05-07 + +### Fixed + +* Fixed vendored builds on windows-gnu targets. + +### Added + +* Added support for LibreSSL 3.0.0. + +## [v0.9.55] - 2020-04-07 + +### Fixed + +* Fixed windows-msvc library names when using OpenSSL from vcpkg. + +### Added + +* If the `OPENSSL_NO_VENDOR` environment variable is set, vendoring will not be used even if enabled. +* Added `SSL_CTX_get_verify_mode` and `SSL_get_verify_mode`. +* Added `SSL_is_init_finished`. +* Added `SSL_CTX_set_cert_store`. +* Added `TLS_server_method` and `TLS_client_method`. +* Added `X509_STORE_get0_objects`. +* Added `X509_OBJECT_free`, `X509_OBJECT_get_type`, and `X509_OBJECT_get0_X509`. + +## [v0.9.54] - 2020-01-29 + +### Added + +* Added `BIO_CTRL_DGRAM_QUERY_MTU`. +* Added `EVP_EncryptInit_ex`, `EVP_EncryptFinal_ex`, `EVP_DecryptInit_ex`, and `EVP_DecryptFinal_ex`. +* Added `EVP_md_null`. +* Added `EVP_PKCS82PKEY`. +* Added `PKCS8_PRIV_KEY_INFO`, `d2i_PKCS8_PRIV_KEY_INFO`, and `PKCS8_PRIV_KEY_INFO_free`. +* Added `SSL_OP_NO_RENEGOTIATION`. + +## [v0.9.53] - 2019-11-22 + +### Added + +* Added `ASN1_TIME_diff`. +* Added `EC_GROUP_order_bits`. +* Added `EVP_EncodeBlock` and `EVP_DecodeBlock`. +* Added `SSL_CTRL_SET_GROUPS_LIST`, `SSL_CTRL_SET_SIGALGS_LIST`, `SSL_CTX_set1_groups_list`, and + `SSL_CTX_set1_sigalgs_list`. +* Added `Clone` implementations to `SHA_CTX`, `SHA256_CTX`, and `SHA512_CTX`. + +## [v0.9.52] - 2019-10-19 + +### Added + +* Added support for LibreSSL 3.0.x. + +## [v0.9.51] - 2019-10-02 + +### Added + +* Added support for LibreSSL 3.0.1. + +## [v0.9.50] - 2019-10-02 + +### Added + +* Added `CRYPTO_LOCK_EVP_PKEY`. +* Added `EVP_PKEY_ED25519` and `EVP_PKEY_ED448`. +* Added `EVP_DigestSign` and `EVP_DigestVerify`. +* Added `EVP_PKEY_up_ref`. +* Added `NID_ED25519` and `NID_ED448`. + +## [v0.9.49] - 2019-08-15 + +### Added + +* Added support for LibreSSL 3.0.0. + +## [v0.9.48] - 2019-07-19 + +### Added + +* Added `AES_wrap_key` and `AES_unwrap_key`. +* Added `EC_GROUP_get_cofactor`, `EC_GROUP_get0_generator`, and `EC_POINT_dup`. +* Added `EVP_aes_128_ofb`, `EVP_aes_192_ecb`, `EVP_aes_192_cbc`, `EVP_aes_192_cfb1`, `EVP_aes_192_cfb8`, + `EVP_aes_192_cfb_128`, `EVP_aes_192_ctr`, `EVP_aes_192_ccm`, `EVP_aes_192_gcm`, `EVP_aes_192_ofb`, and + `EVP_aes_256_ofb`. +* Added `PEM_read_bio_CMS` and `PEM_write_bio_CMS`. + +## [v0.9.47] - 2019-05-18 + +### Added + +* Added `SSL_CTX_add_client_CA`. + +## [v0.9.46] - 2019-05-08 + +### Added + +* Added support for the LibreSSL 2.9.x series. + +## [v0.9.45] - 2019-05-03 + +### Fixed + +* Reverted a change to windows-gnu library names that caused regressions. + +## [v0.9.44] - 2019-04-30 + +### Added + +* The `DEP_OPENSSL_VENDORED` environment variable tells downstream build scripts if the vendored feature was enabled. +* Added `EVP_SealInit`, `EVP_SealFinal`, `EVP_EncryptUpdate`, `EVP_OpenInit`, `EVP_OpenFinal`, and `EVP_DecryptUpdate`. +* Added `EVP_PKEY_size`. + +### Fixed + +* Fixed library names when targeting windows-gnu and pkg-config fails. + +## [v0.9.43] - 2019-03-20 + +### Added + +* Added `d2i_CMS_ContentInfo` and `CMS_encrypt`. +* Added `X509_verify` and `X509_REQ_verify`. +* Added `EVP_MD_type` and `EVP_GROUP_get_curve_name`. + +[Unreleased]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.80..master +[v0.9.80]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.79...openssl-sys-v0.9.80 +[v0.9.79]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.78...openssl-sys-v0.9.79 +[v0.9.78]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.77...openssl-sys-v0.9.78 +[v0.9.77]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.76...openssl-sys-v0.9.77 +[v0.9.76]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.75...openssl-sys-v0.9.76 +[v0.9.75]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.74...openssl-sys-v0.9.75 +[v0.9.74]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.73...openssl-sys-v0.9.74 +[v0.9.73]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.72...openssl-sys-v0.9.73 +[v0.9.72]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.71...openssl-sys-v0.9.72 +[v0.9.71]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.70...openssl-sys-v0.9.71 +[v0.9.70]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.69...openssl-sys-v0.9.70 +[v0.9.69]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.68...openssl-sys-v0.9.69 +[v0.9.68]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.67...openssl-sys-v0.9.68 +[v0.9.67]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.66...openssl-sys-v0.9.67 +[v0.9.66]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.65...openssl-sys-v0.9.66 +[v0.9.65]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.64...openssl-sys-v0.9.65 +[v0.9.64]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.63...openssl-sys-v0.9.64 +[v0.9.63]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.62...openssl-sys-v0.9.63 +[v0.9.62]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.61...openssl-sys-v0.9.62 +[v0.9.61]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.60...openssl-sys-v0.9.61 +[v0.9.60]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.59...openssl-sys-v0.9.60 +[v0.9.59]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.58...openssl-sys-v0.9.59 +[v0.9.58]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.57...openssl-sys-v0.9.58 +[v0.9.57]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.56...openssl-sys-v0.9.57 +[v0.9.56]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.55...openssl-sys-v0.9.56 +[v0.9.55]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.54...openssl-sys-v0.9.55 +[v0.9.54]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.53...openssl-sys-v0.9.54 +[v0.9.53]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.52...openssl-sys-v0.9.53 +[v0.9.52]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.51...openssl-sys-v0.9.52 +[v0.9.51]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.50...openssl-sys-v0.9.51 +[v0.9.50]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.49...openssl-sys-v0.9.50 +[v0.9.49]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.48...openssl-sys-v0.9.49 +[v0.9.48]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.47...openssl-sys-v0.9.48 +[v0.9.47]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.46...openssl-sys-v0.9.47 +[v0.9.46]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.45...openssl-sys-v0.9.46 +[v0.9.45]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.44...openssl-sys-v0.9.45 +[v0.9.44]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.43...openssl-sys-v0.9.44 +[v0.9.43]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.42...openssl-sys-v0.9.43 diff --git a/openssl-sys/Cargo.toml b/openssl-sys/Cargo.toml new file mode 100644 index 000000000..6c8e1309c --- /dev/null +++ b/openssl-sys/Cargo.toml @@ -0,0 +1,36 @@ +[package] +name = "openssl-sys" +version = "0.9.80" +authors = [ + "Alex Crichton ", + "Steven Fackler ", +] +license = "MIT" +description = "FFI bindings to OpenSSL" +repository = "https://github.com/sfackler/rust-openssl" +readme = "README.md" +categories = ["cryptography", "external-ffi-bindings"] +links = "openssl" +build = "build/main.rs" +edition = "2018" + +[features] +vendored = ['openssl-src'] + +[dependencies] +libc = "0.2" +bssl-sys = { version = "0.1.0", optional = true } + +[build-dependencies] +bindgen = { version = "0.64.0", optional = true } +cc = "1.0" +openssl-src = { version = "300.0.12", optional = true } +pkg-config = "0.3.9" +autocfg = "1.0" + +[target.'cfg(target_env = "msvc")'.build-dependencies] +vcpkg = "0.2.8" + +# We don't actually use metadeps for annoying reasons but this is still here for tooling +[package.metadata.pkg-config] +openssl = "1.0.1" diff --git a/openssl-sys/LICENSE-MIT b/openssl-sys/LICENSE-MIT new file mode 100644 index 000000000..39e0ed660 --- /dev/null +++ b/openssl-sys/LICENSE-MIT @@ -0,0 +1,25 @@ +Copyright (c) 2014 Alex Crichton + +Permission is hereby granted, free of charge, to any +person obtaining a copy of this software and associated +documentation files (the "Software"), to deal in the +Software without restriction, including without +limitation the rights to use, copy, modify, merge, +publish, distribute, sublicense, and/or sell copies of +the Software, and to permit persons to whom the Software +is furnished to do so, subject to the following +conditions: + +The above copyright notice and this permission notice +shall be included in all copies or substantial portions +of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF +ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED +TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A +PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT +SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR +IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER +DEALINGS IN THE SOFTWARE. diff --git a/openssl-sys/README.md b/openssl-sys/README.md new file mode 120000 index 000000000..32d46ee88 --- /dev/null +++ b/openssl-sys/README.md @@ -0,0 +1 @@ +../README.md \ No newline at end of file diff --git a/openssl-sys/build/cfgs.rs b/openssl-sys/build/cfgs.rs new file mode 100644 index 000000000..d925d90ad --- /dev/null +++ b/openssl-sys/build/cfgs.rs @@ -0,0 +1,94 @@ +pub fn get(openssl_version: Option, libressl_version: Option) -> Vec<&'static str> { + let mut cfgs = vec![]; + + if let Some(libressl_version) = libressl_version { + cfgs.push("libressl"); + + if libressl_version >= 0x2_05_01_00_0 { + cfgs.push("libressl251"); + } + if libressl_version >= 0x2_05_02_00_0 { + cfgs.push("libressl252"); + } + if libressl_version >= 0x2_06_01_00_0 { + cfgs.push("libressl261"); + } + if libressl_version >= 0x2_07_00_00_0 { + cfgs.push("libressl270"); + } + if libressl_version >= 0x2_07_01_00_0 { + cfgs.push("libressl271"); + } + if libressl_version >= 0x2_07_03_00_0 { + cfgs.push("libressl273"); + } + if libressl_version >= 0x2_08_00_00_0 { + cfgs.push("libressl280"); + } + if libressl_version >= 0x2_08_01_00_0 { + cfgs.push("libressl281"); + } + if libressl_version >= 0x2_09_01_00_0 { + cfgs.push("libressl291"); + } + if libressl_version >= 0x3_02_01_00_0 { + cfgs.push("libressl321"); + } + if libressl_version >= 0x3_03_02_00_0 { + cfgs.push("libressl332"); + } + if libressl_version >= 0x3_04_00_00_0 { + cfgs.push("libressl340"); + } + if libressl_version >= 0x3_05_00_00_0 { + cfgs.push("libressl350"); + } + if libressl_version >= 0x3_06_00_00_0 { + cfgs.push("libressl360"); + } + if libressl_version >= 0x3_07_00_00_0 { + cfgs.push("libressl370"); + } + } else { + let openssl_version = openssl_version.unwrap(); + + if openssl_version >= 0x3_00_00_00_0 { + cfgs.push("ossl300"); + } + if openssl_version >= 0x1_00_01_00_0 { + cfgs.push("ossl101"); + } + if openssl_version >= 0x1_00_02_00_0 { + cfgs.push("ossl102"); + } + if openssl_version >= 0x1_00_02_06_0 { + cfgs.push("ossl102f"); + } + if openssl_version >= 0x1_00_02_08_0 { + cfgs.push("ossl102h"); + } + if openssl_version >= 0x1_01_00_00_0 { + cfgs.push("ossl110"); + } + if openssl_version >= 0x1_01_00_06_0 { + cfgs.push("ossl110f"); + } + if openssl_version >= 0x1_01_00_07_0 { + cfgs.push("ossl110g"); + } + if openssl_version >= 0x1_01_00_08_0 { + cfgs.push("ossl110h"); + } + if openssl_version >= 0x1_01_01_00_0 { + cfgs.push("ossl111"); + } + if openssl_version >= 0x1_01_01_02_0 { + cfgs.push("ossl111b"); + } + if openssl_version >= 0x1_01_01_03_0 { + cfgs.push("ossl111c"); + } + } + + cfgs +} diff --git a/openssl-sys/build/expando.c b/openssl-sys/build/expando.c new file mode 100644 index 000000000..11fb04db0 --- /dev/null +++ b/openssl-sys/build/expando.c @@ -0,0 +1,124 @@ +#include +#include + +#define VERSION2(n, v) RUST_VERSION_##n##_##v +#define VERSION(n, v) VERSION2(n, v) + +#define NEW_VERSION2(a, b, c) RUST_VERSION_NEW_OPENSSL_##a##_##b##_##c +#define NEW_VERSION(a, b, c) NEW_VERSION2(a, b, c) + +#ifdef LIBRESSL_VERSION_NUMBER +VERSION(LIBRESSL, LIBRESSL_VERSION_NUMBER) +#elif defined OPENSSL_VERSION_MAJOR +NEW_VERSION(OPENSSL_VERSION_MAJOR, OPENSSL_VERSION_MINOR, OPENSSL_VERSION_PATCH) +#else +VERSION(OPENSSL, OPENSSL_VERSION_NUMBER) +#endif + +#ifdef OPENSSL_IS_BORINGSSL +RUST_OPENSSL_IS_BORINGSSL +#endif + +#ifdef OPENSSL_NO_BF +RUST_CONF_OPENSSL_NO_BF +#endif + +#ifdef OPENSSL_NO_BUF_FREELISTS +RUST_CONF_OPENSSL_NO_BUF_FREELISTS +#endif + +#ifdef OPENSSL_NO_CHACHA +RUST_CONF_OPENSSL_NO_CHACHA +#endif + +#ifdef OPENSSL_NO_IDEA +RUST_CONF_OPENSSL_NO_IDEA +#endif + +#ifdef OPENSSL_NO_CAMELLIA +RUST_CONF_OPENSSL_NO_CAMELLIA +#endif + +#ifdef OPENSSL_NO_CAST +RUST_CONF_OPENSSL_NO_CAST +#endif + +#ifdef OPENSSL_NO_CMS +RUST_CONF_OPENSSL_NO_CMS +#endif + +#ifdef OPENSSL_NO_COMP +RUST_CONF_OPENSSL_NO_COMP +#endif + +#ifdef OPENSSL_NO_EC +RUST_CONF_OPENSSL_NO_EC +#endif + +#ifdef OPENSSL_NO_EC2M +RUST_CONF_OPENSSL_NO_EC2M +#endif + +#ifdef OPENSSL_NO_ENGINE +RUST_CONF_OPENSSL_NO_ENGINE +#endif + +#ifdef OPENSSL_NO_KRB5 +RUST_CONF_OPENSSL_NO_KRB5 +#endif + +#ifdef OPENSSL_NO_NEXTPROTONEG +RUST_CONF_OPENSSL_NO_NEXTPROTONEG +#endif + +#ifdef OPENSSL_NO_OCSP +RUST_CONF_OPENSSL_NO_OCSP +#endif + +#ifdef OPENSSL_NO_PSK +RUST_CONF_OPENSSL_NO_PSK +#endif + +#ifdef OPENSSL_NO_RFC3779 +RUST_CONF_OPENSSL_NO_RFC3779 +#endif + +#ifdef OPENSSL_NO_RMD160 +RUST_CONF_OPENSSL_NO_RMD160 +#endif + +#ifdef OPENSSL_NO_SHA +RUST_CONF_OPENSSL_NO_SHA +#endif + +#ifdef OPENSSL_NO_SRP +RUST_CONF_OPENSSL_NO_SRP +#endif + +#ifdef OPENSSL_NO_SSL3_METHOD +RUST_CONF_OPENSSL_NO_SSL3_METHOD +#endif + +#ifdef OPENSSL_NO_TLSEXT +RUST_CONF_OPENSSL_NO_TLSEXT +#endif + +#ifdef OPENSSL_NO_STDIO +RUST_CONF_OPENSSL_NO_STDIO +#endif + +#ifdef OPENSSL_NO_SM3 +RUST_CONF_OPENSSL_NO_SM3 +#endif + +#ifdef OPENSSL_NO_SM4 +RUST_CONF_OPENSSL_NO_SM4 +#endif + +#ifdef OPENSSL_NO_DEPRECATED_3_0 +RUST_CONF_OPENSSL_NO_DEPRECATED_3_0 +#endif + +#ifdef OPENSSL_NO_SEED +RUST_CONF_OPENSSL_NO_SEED +#endif diff --git a/openssl-sys/build/find_normal.rs b/openssl-sys/build/find_normal.rs new file mode 100644 index 000000000..791fc3398 --- /dev/null +++ b/openssl-sys/build/find_normal.rs @@ -0,0 +1,275 @@ +use std::ffi::OsString; +use std::path::{Path, PathBuf}; +use std::process::{self, Command}; + +use super::env; + +pub fn get_openssl(target: &str) -> (Vec, PathBuf) { + let lib_dir = env("OPENSSL_LIB_DIR").map(PathBuf::from); + let include_dir = env("OPENSSL_INCLUDE_DIR").map(PathBuf::from); + + match (lib_dir, include_dir) { + (Some(lib_dir), Some(include_dir)) => (vec![lib_dir], include_dir), + (lib_dir, include_dir) => { + let openssl_dir = env("OPENSSL_DIR").unwrap_or_else(|| find_openssl_dir(target)); + let openssl_dir = Path::new(&openssl_dir); + let lib_dir = lib_dir.map(|d| vec![d]).unwrap_or_else(|| { + let mut lib_dirs = vec![]; + // OpenSSL 3.0 now puts it's libraries in lib64/ by default, + // check for both it and lib/. + if openssl_dir.join("lib64").exists() { + lib_dirs.push(openssl_dir.join("lib64")); + } + if openssl_dir.join("lib").exists() { + lib_dirs.push(openssl_dir.join("lib")); + } + lib_dirs + }); + let include_dir = include_dir.unwrap_or_else(|| openssl_dir.join("include")); + (lib_dir, include_dir) + } + } +} + +fn resolve_with_wellknown_homebrew_location(dir: &str) -> Option { + let versions = ["openssl@3", "openssl@1.1"]; + + // Check up default aarch 64 Homebrew installation location first + // for quick resolution if possible. + // `pkg-config` on brew doesn't necessarily contain settings for openssl apparently. + for version in &versions { + let homebrew = Path::new(dir).join(format!("opt/{}", version)); + if homebrew.exists() { + return Some(homebrew); + } + } + + for version in &versions { + // Calling `brew --prefix ` command usually slow and + // takes seconds, and will be used only as a last resort. + let output = execute_command_and_get_output("brew", &["--prefix", version]); + if let Some(ref output) = output { + let homebrew = Path::new(&output); + if homebrew.exists() { + return Some(homebrew.to_path_buf()); + } + } + } + + None +} + +fn resolve_with_wellknown_location(dir: &str) -> Option { + let root_dir = Path::new(dir); + let include_openssl = root_dir.join("include/openssl"); + if include_openssl.exists() { + Some(root_dir.to_path_buf()) + } else { + None + } +} + +fn find_openssl_dir(target: &str) -> OsString { + let host = env::var("HOST").unwrap(); + + if host == target && target.ends_with("-apple-darwin") { + let homebrew_dir = match target { + "aarch64-apple-darwin" => "/opt/homebrew", + _ => "/usr/local", + }; + + if let Some(dir) = resolve_with_wellknown_homebrew_location(homebrew_dir) { + return dir.into(); + } else if let Some(dir) = resolve_with_wellknown_location("/opt/pkg") { + // pkgsrc + return dir.into(); + } else if let Some(dir) = resolve_with_wellknown_location("/opt/local") { + // MacPorts + return dir.into(); + } + } + + try_pkg_config(); + try_vcpkg(); + + // FreeBSD ships with OpenSSL but doesn't include a pkg-config file :( + if host == target && target.contains("freebsd") { + return OsString::from("/usr"); + } + + // DragonFly has libressl (or openssl) in ports, but this doesn't include a pkg-config file + if host == target && target.contains("dragonfly") { + return OsString::from("/usr/local"); + } + + let mut msg = format!( + " + +Could not find directory of OpenSSL installation, and this `-sys` crate cannot +proceed without this knowledge. If OpenSSL is installed and this crate had +trouble finding it, you can set the `OPENSSL_DIR` environment variable for the +compilation process. + +Make sure you also have the development packages of openssl installed. +For example, `libssl-dev` on Ubuntu or `openssl-devel` on Fedora. + +If you're in a situation where you think the directory *should* be found +automatically, please open a bug at https://github.com/sfackler/rust-openssl +and include information about your system as well as this message. + +$HOST = {} +$TARGET = {} +openssl-sys = {} + +", + host, + target, + env!("CARGO_PKG_VERSION") + ); + + if host.contains("apple-darwin") && target.contains("apple-darwin") { + let system = Path::new("/usr/lib/libssl.0.9.8.dylib"); + if system.exists() { + msg.push_str( + " + +openssl-sys crate build failed: no supported version of OpenSSL found. + +Ways to fix it: +- Use the `vendored` feature of openssl-sys crate to build OpenSSL from source. +- Use Homebrew to install the `openssl` package. + +", + ); + } + } + + if host.contains("unknown-linux") + && target.contains("unknown-linux-gnu") + && Command::new("pkg-config").output().is_err() + { + msg.push_str( + " +It looks like you're compiling on Linux and also targeting Linux. Currently this +requires the `pkg-config` utility to find OpenSSL but unfortunately `pkg-config` +could not be found. If you have OpenSSL installed you can likely fix this by +installing `pkg-config`. + +", + ); + } + + if host.contains("windows") && target.contains("windows-gnu") { + msg.push_str( + " +It looks like you're compiling for MinGW but you may not have either OpenSSL or +pkg-config installed. You can install these two dependencies with: + +pacman -S openssl-devel pkg-config + +and try building this crate again. + +", + ); + } + + if host.contains("windows") && target.contains("windows-msvc") { + msg.push_str( + " +It looks like you're compiling for MSVC but we couldn't detect an OpenSSL +installation. If there isn't one installed then you can try the rust-openssl +README for more information about how to download precompiled binaries of +OpenSSL: + +https://github.com/sfackler/rust-openssl#windows + +", + ); + } + + panic!("{}", msg); +} + +/// Attempt to find OpenSSL through pkg-config. +/// +/// Note that if this succeeds then the function does not return as pkg-config +/// typically tells us all the information that we need. +fn try_pkg_config() { + let target = env::var("TARGET").unwrap(); + let host = env::var("HOST").unwrap(); + + // If we're going to windows-gnu we can use pkg-config, but only so long as + // we're coming from a windows host. + // + // Otherwise if we're going to windows we probably can't use pkg-config. + if target.contains("windows-gnu") && host.contains("windows") { + env::set_var("PKG_CONFIG_ALLOW_CROSS", "1"); + } else if target.contains("windows") { + return; + } + + let lib = match pkg_config::Config::new() + .print_system_libs(false) + .probe("openssl") + { + Ok(lib) => lib, + Err(e) => { + println!("run pkg_config fail: {:?}", e); + return; + } + }; + + super::postprocess(&lib.include_paths); + + for include in lib.include_paths.iter() { + println!("cargo:include={}", include.display()); + } + + process::exit(0); +} + +/// Attempt to find OpenSSL through vcpkg. +/// +/// Note that if this succeeds then the function does not return as vcpkg +/// should emit all of the cargo metadata that we need. +#[cfg(target_env = "msvc")] +fn try_vcpkg() { + // vcpkg will not emit any metadata if it can not find libraries + // appropriate for the target triple with the desired linkage. + + let lib = match vcpkg::Config::new() + .emit_includes(true) + .find_package("openssl") + { + Ok(lib) => lib, + Err(e) => { + println!("note: vcpkg did not find openssl: {}", e); + return; + } + }; + + super::postprocess(&lib.include_paths); + + println!("cargo:rustc-link-lib=user32"); + println!("cargo:rustc-link-lib=gdi32"); + println!("cargo:rustc-link-lib=crypt32"); + + process::exit(0); +} + +#[cfg(not(target_env = "msvc"))] +fn try_vcpkg() {} + +fn execute_command_and_get_output(cmd: &str, args: &[&str]) -> Option { + let out = Command::new(cmd).args(args).output(); + if let Ok(ref r1) = out { + if r1.status.success() { + let r2 = String::from_utf8(r1.stdout.clone()); + if let Ok(r3) = r2 { + return Some(r3.trim().to_string()); + } + } + } + + None +} diff --git a/openssl-sys/build/find_vendored.rs b/openssl-sys/build/find_vendored.rs new file mode 100644 index 000000000..c92b2bd39 --- /dev/null +++ b/openssl-sys/build/find_vendored.rs @@ -0,0 +1,16 @@ +use openssl_src; +use std::path::PathBuf; + +pub fn get_openssl(_target: &str) -> (Vec, PathBuf) { + let artifacts = openssl_src::Build::new().build(); + println!("cargo:vendored=1"); + println!( + "cargo:root={}", + artifacts.lib_dir().parent().unwrap().display() + ); + + ( + vec![artifacts.lib_dir().to_path_buf()], + artifacts.include_dir().to_path_buf(), + ) +} diff --git a/openssl-sys/build/main.rs b/openssl-sys/build/main.rs new file mode 100644 index 000000000..262ea2cba --- /dev/null +++ b/openssl-sys/build/main.rs @@ -0,0 +1,416 @@ +#![allow( + clippy::inconsistent_digit_grouping, + clippy::uninlined_format_args, + clippy::unusual_byte_groupings +)] + +extern crate autocfg; +#[cfg(feature = "bindgen")] +extern crate bindgen; +extern crate cc; +#[cfg(feature = "vendored")] +extern crate openssl_src; +extern crate pkg_config; +#[cfg(target_env = "msvc")] +extern crate vcpkg; + +use std::collections::HashSet; +use std::env; +use std::ffi::OsString; +use std::path::{Path, PathBuf}; +mod cfgs; + +mod find_normal; +#[cfg(feature = "vendored")] +mod find_vendored; +#[cfg(feature = "bindgen")] +mod run_bindgen; + +#[derive(PartialEq)] +enum Version { + Openssl3xx, + Openssl11x, + Openssl10x, + Libressl, +} + +fn env_inner(name: &str) -> Option { + let var = env::var_os(name); + println!("cargo:rerun-if-env-changed={}", name); + + match var { + Some(ref v) => println!("{} = {}", name, v.to_string_lossy()), + None => println!("{} unset", name), + } + + var +} + +fn env(name: &str) -> Option { + let prefix = env::var("TARGET").unwrap().to_uppercase().replace('-', "_"); + let prefixed = format!("{}_{}", prefix, name); + env_inner(&prefixed).or_else(|| env_inner(name)) +} + +fn find_openssl(target: &str) -> (Vec, PathBuf) { + #[cfg(feature = "vendored")] + { + // vendor if the feature is present, unless + // OPENSSL_NO_VENDOR exists and isn't `0` + if env("OPENSSL_NO_VENDOR").map_or(true, |s| s == "0") { + return find_vendored::get_openssl(target); + } + } + find_normal::get_openssl(target) +} + +fn check_ssl_kind() { + if cfg!(feature = "unstable_boringssl") { + println!("cargo:rustc-cfg=boringssl"); + // BoringSSL does not have any build logic, exit early + std::process::exit(0); + } else { + println!("cargo:rustc-cfg=openssl"); + } +} + +fn main() { + check_rustc_versions(); + + check_ssl_kind(); + + let target = env::var("TARGET").unwrap(); + + let (lib_dirs, include_dir) = find_openssl(&target); + + if !lib_dirs.iter().all(|p| Path::new(p).exists()) { + panic!("OpenSSL library directory does not exist: {:?}", lib_dirs); + } + if !Path::new(&include_dir).exists() { + panic!( + "OpenSSL include directory does not exist: {}", + include_dir.to_string_lossy() + ); + } + + for lib_dir in lib_dirs.iter() { + println!( + "cargo:rustc-link-search=native={}", + lib_dir.to_string_lossy() + ); + } + println!("cargo:include={}", include_dir.to_string_lossy()); + + let version = postprocess(&[include_dir]); + + let libs_env = env("OPENSSL_LIBS"); + let libs = match libs_env.as_ref().and_then(|s| s.to_str()) { + Some(v) => { + if v.is_empty() { + vec![] + } else { + v.split(':').collect() + } + } + None => match version { + Version::Openssl10x if target.contains("windows") => vec!["ssleay32", "libeay32"], + Version::Openssl3xx | Version::Openssl11x if target.contains("windows-msvc") => { + vec!["libssl", "libcrypto"] + } + _ => vec!["ssl", "crypto"], + }, + }; + + let kind = determine_mode(&lib_dirs, &libs); + for lib in libs.into_iter() { + println!("cargo:rustc-link-lib={}={}", kind, lib); + } + + if kind == "static" && target.contains("windows") { + println!("cargo:rustc-link-lib=dylib=gdi32"); + println!("cargo:rustc-link-lib=dylib=user32"); + println!("cargo:rustc-link-lib=dylib=crypt32"); + println!("cargo:rustc-link-lib=dylib=ws2_32"); + println!("cargo:rustc-link-lib=dylib=advapi32"); + } +} + +fn check_rustc_versions() { + let cfg = autocfg::new(); + + if cfg.probe_rustc_version(1, 31) { + println!("cargo:rustc-cfg=const_fn"); + } +} + +#[allow(clippy::let_and_return)] +fn postprocess(include_dirs: &[PathBuf]) -> Version { + let version = validate_headers(include_dirs); + #[cfg(feature = "bindgen")] + run_bindgen::run(&include_dirs); + + version +} + +/// Validates the header files found in `include_dir` and then returns the +/// version string of OpenSSL. +#[allow(clippy::manual_strip)] // we need to support pre-1.45.0 +fn validate_headers(include_dirs: &[PathBuf]) -> Version { + // This `*-sys` crate only works with OpenSSL 1.0.1, 1.0.2, 1.1.0, 1.1.1 and 3.0.0. + // To correctly expose the right API from this crate, take a look at + // `opensslv.h` to see what version OpenSSL claims to be. + // + // OpenSSL has a number of build-time configuration options which affect + // various structs and such. Since OpenSSL 1.1.0 this isn't really a problem + // as the library is much more FFI-friendly, but 1.0.{1,2} suffer this problem. + // + // To handle all this conditional compilation we slurp up the configuration + // file of OpenSSL, `opensslconf.h`, and then dump out everything it defines + // as our own #[cfg] directives. That way the `ossl10x.rs` bindings can + // account for compile differences and such. + println!("cargo:rerun-if-changed=build/expando.c"); + let mut gcc = cc::Build::new(); + for include_dir in include_dirs { + gcc.include(include_dir); + } + let expanded = match gcc.file("build/expando.c").try_expand() { + Ok(expanded) => expanded, + Err(e) => { + panic!( + " +Header expansion error: +{:?} + +Failed to find OpenSSL development headers. + +You can try fixing this setting the `OPENSSL_DIR` environment variable +pointing to your OpenSSL installation or installing OpenSSL headers package +specific to your distribution: + + # On Ubuntu + sudo apt-get install libssl-dev + # On Arch Linux + sudo pacman -S openssl + # On Fedora + sudo dnf install openssl-devel + # On Alpine Linux + apk add openssl-dev + +See rust-openssl documentation for more information: + + https://docs.rs/openssl +", + e + ); + } + }; + let expanded = String::from_utf8(expanded).unwrap(); + + let mut enabled = vec![]; + let mut openssl_version = None; + let mut libressl_version = None; + let mut is_boringssl = false; + for line in expanded.lines() { + let line = line.trim(); + + let openssl_prefix = "RUST_VERSION_OPENSSL_"; + let new_openssl_prefix = "RUST_VERSION_NEW_OPENSSL_"; + let libressl_prefix = "RUST_VERSION_LIBRESSL_"; + let boringsl_prefix = "RUST_OPENSSL_IS_BORINGSSL"; + let conf_prefix = "RUST_CONF_"; + if line.starts_with(openssl_prefix) { + let version = &line[openssl_prefix.len()..]; + openssl_version = Some(parse_version(version)); + } else if line.starts_with(new_openssl_prefix) { + let version = &line[new_openssl_prefix.len()..]; + openssl_version = Some(parse_new_version(version)); + } else if line.starts_with(libressl_prefix) { + let version = &line[libressl_prefix.len()..]; + libressl_version = Some(parse_version(version)); + } else if line.starts_with(conf_prefix) { + enabled.push(&line[conf_prefix.len()..]); + } else if line.starts_with(boringsl_prefix) { + is_boringssl = true; + } + } + + if is_boringssl { + panic!("BoringSSL detected, but `unstable_boringssl` feature wasn't specified.") + } + + for enabled in &enabled { + println!("cargo:rustc-cfg=osslconf=\"{}\"", enabled); + } + println!("cargo:conf={}", enabled.join(",")); + + for cfg in cfgs::get(openssl_version, libressl_version) { + println!("cargo:rustc-cfg={}", cfg); + } + + if let Some(libressl_version) = libressl_version { + println!("cargo:libressl_version_number={:x}", libressl_version); + + let major = (libressl_version >> 28) as u8; + let minor = (libressl_version >> 20) as u8; + let fix = (libressl_version >> 12) as u8; + let (major, minor, fix) = match (major, minor, fix) { + (2, 5, 0) => ('2', '5', '0'), + (2, 5, 1) => ('2', '5', '1'), + (2, 5, 2) => ('2', '5', '2'), + (2, 5, _) => ('2', '5', 'x'), + (2, 6, 0) => ('2', '6', '0'), + (2, 6, 1) => ('2', '6', '1'), + (2, 6, 2) => ('2', '6', '2'), + (2, 6, _) => ('2', '6', 'x'), + (2, 7, _) => ('2', '7', 'x'), + (2, 8, 0) => ('2', '8', '0'), + (2, 8, 1) => ('2', '8', '1'), + (2, 8, _) => ('2', '8', 'x'), + (2, 9, 0) => ('2', '9', '0'), + (2, 9, _) => ('2', '9', 'x'), + (3, 0, 0) => ('3', '0', '0'), + (3, 0, 1) => ('3', '0', '1'), + (3, 0, _) => ('3', '0', 'x'), + (3, 1, 0) => ('3', '1', '0'), + (3, 1, _) => ('3', '1', 'x'), + (3, 2, 0) => ('3', '2', '0'), + (3, 2, 1) => ('3', '2', '1'), + (3, 2, _) => ('3', '2', 'x'), + (3, 3, 0) => ('3', '3', '0'), + (3, 3, 1) => ('3', '3', '1'), + (3, 3, _) => ('3', '3', 'x'), + (3, 4, 0) => ('3', '4', '0'), + (3, 4, _) => ('3', '4', 'x'), + (3, 5, _) => ('3', '5', 'x'), + (3, 6, 0) => ('3', '6', '0'), + (3, 6, _) => ('3', '6', 'x'), + (3, 7, 0) => ('3', '7', '0'), + _ => version_error(), + }; + + println!("cargo:libressl=true"); + println!("cargo:libressl_version={}{}{}", major, minor, fix); + println!("cargo:version=101"); + Version::Libressl + } else { + let openssl_version = openssl_version.unwrap(); + println!("cargo:version_number={:x}", openssl_version); + + if openssl_version >= 0x4_00_00_00_0 { + version_error() + } else if openssl_version >= 0x3_00_00_00_0 { + Version::Openssl3xx + } else if openssl_version >= 0x1_01_01_00_0 { + println!("cargo:version=111"); + Version::Openssl11x + } else if openssl_version >= 0x1_01_00_06_0 { + println!("cargo:version=110"); + println!("cargo:patch=f"); + Version::Openssl11x + } else if openssl_version >= 0x1_01_00_00_0 { + println!("cargo:version=110"); + Version::Openssl11x + } else if openssl_version >= 0x1_00_02_00_0 { + println!("cargo:version=102"); + Version::Openssl10x + } else if openssl_version >= 0x1_00_01_00_0 { + println!("cargo:version=101"); + Version::Openssl10x + } else { + version_error() + } + } +} + +fn version_error() -> ! { + panic!( + " + +This crate is only compatible with OpenSSL (version 1.0.1 through 1.1.1, or 3.0.0), or LibreSSL 2.5 +through 3.7.0, but a different version of OpenSSL was found. The build is now aborting +due to this version mismatch. + +" + ); +} + +// parses a string that looks like "0x100020cfL" +#[allow(deprecated)] // trim_right_matches is now trim_end_matches +#[allow(clippy::match_like_matches_macro)] // matches macro requires rust 1.42.0 +fn parse_version(version: &str) -> u64 { + // cut off the 0x prefix + assert!(version.starts_with("0x")); + let version = &version[2..]; + + // and the type specifier suffix + let version = version.trim_right_matches(|c: char| match c { + '0'..='9' | 'a'..='f' | 'A'..='F' => false, + _ => true, + }); + + u64::from_str_radix(version, 16).unwrap() +} + +// parses a string that looks like 3_0_0 +fn parse_new_version(version: &str) -> u64 { + println!("version: {}", version); + let mut it = version.split('_'); + let major = it.next().unwrap().parse::().unwrap(); + let minor = it.next().unwrap().parse::().unwrap(); + let patch = it.next().unwrap().parse::().unwrap(); + + (major << 28) | (minor << 20) | (patch << 4) +} + +/// Given a libdir for OpenSSL (where artifacts are located) as well as the name +/// of the libraries we're linking to, figure out whether we should link them +/// statically or dynamically. +fn determine_mode(libdirs: &[PathBuf], libs: &[&str]) -> &'static str { + // First see if a mode was explicitly requested + let kind = env("OPENSSL_STATIC"); + match kind.as_ref().and_then(|s| s.to_str()) { + Some("0") => return "dylib", + Some(_) => return "static", + None => {} + } + + // Next, see what files we actually have to link against, and see what our + // possibilities even are. + let mut files = HashSet::new(); + for dir in libdirs { + for path in dir + .read_dir() + .unwrap() + .map(|e| e.unwrap()) + .map(|e| e.file_name()) + .filter_map(|e| e.into_string().ok()) + { + files.insert(path); + } + } + let can_static = libs + .iter() + .all(|l| files.contains(&format!("lib{}.a", l)) || files.contains(&format!("{}.lib", l))); + let can_dylib = libs.iter().all(|l| { + files.contains(&format!("lib{}.so", l)) + || files.contains(&format!("{}.dll", l)) + || files.contains(&format!("lib{}.dylib", l)) + }); + match (can_static, can_dylib) { + (true, false) => return "static", + (false, true) => return "dylib", + (false, false) => { + panic!( + "OpenSSL libdir at `{:?}` does not contain the required files \ + to either statically or dynamically link OpenSSL", + libdirs + ); + } + (true, true) => {} + } + + // Ok, we've got not explicit preference and can *either* link statically or + // link dynamically. In the interest of "security upgrades" and/or "best + // practices with security libs", let's link dynamically. + "dylib" +} diff --git a/openssl-sys/build/run_bindgen.rs b/openssl-sys/build/run_bindgen.rs new file mode 100644 index 000000000..9531e6e8b --- /dev/null +++ b/openssl-sys/build/run_bindgen.rs @@ -0,0 +1,129 @@ +use bindgen::callbacks::{MacroParsingBehavior, ParseCallbacks}; +use bindgen::RustTarget; +use std::env; +use std::path::PathBuf; + +const INCLUDES: &str = " +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +// this must be included after ssl.h for libressl! +#include + +#if !defined(LIBRESSL_VERSION_NUMBER) +#include +#endif + +#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000 +#include +#endif + +#if OPENSSL_VERSION_NUMBER >= 0x30000000 +#include +#endif +"; + +pub fn run(include_dirs: &[PathBuf]) { + let out_dir = PathBuf::from(env::var_os("OUT_DIR").unwrap()); + + let mut builder = bindgen::builder() + .parse_callbacks(Box::new(OpensslCallbacks)) + .rust_target(RustTarget::Stable_1_47) + .ctypes_prefix("::libc") + .raw_line("use libc::*;") + .raw_line("type evp_pkey_st = EVP_PKEY;") + .allowlist_file(".*/openssl/[^/]+\\.h") + .allowlist_recursively(false) + // libc is missing pthread_once_t on macOS + .blocklist_type("CRYPTO_ONCE") + .blocklist_function("CRYPTO_THREAD_run_once") + // we don't want to mess with va_list + .blocklist_function("BIO_vprintf") + .blocklist_function("BIO_vsnprintf") + .blocklist_function("ERR_vset_error") + .blocklist_function("ERR_add_error_vdata") + .blocklist_function("EVP_KDF_vctrl") + .blocklist_type("OSSL_FUNC_core_vset_error_fn") + .blocklist_type("OSSL_FUNC_BIO_vprintf_fn") + .blocklist_type("OSSL_FUNC_BIO_vsnprintf_fn") + // Maintain compatibility for existing enum definitions + .rustified_enum("point_conversion_form_t") + // Maintain compatibility for pre-union definitions + .blocklist_type("GENERAL_NAME") + .blocklist_type("GENERAL_NAME_st") + .blocklist_type("EVP_PKEY") + .blocklist_type("evp_pkey_st") + .layout_tests(false) + .header_contents("includes.h", INCLUDES); + + for include_dir in include_dirs { + builder = builder + .clang_arg("-I") + .clang_arg(include_dir.display().to_string()); + } + + builder + .generate() + .unwrap() + .write_to_file(out_dir.join("bindgen.rs")) + .unwrap(); +} + +#[derive(Debug)] +struct OpensslCallbacks; + +impl ParseCallbacks for OpensslCallbacks { + // for now we'll continue hand-writing constants + fn will_parse_macro(&self, _name: &str) -> MacroParsingBehavior { + MacroParsingBehavior::Ignore + } + + fn item_name(&self, original_item_name: &str) -> Option { + match original_item_name { + // Our original definitions of these are wrong, so rename to avoid breakage + "CRYPTO_EX_new" + | "CRYPTO_EX_dup" + | "CRYPTO_EX_free" + | "BIO_meth_set_write" + | "BIO_meth_set_read" + | "BIO_meth_set_puts" + | "BIO_meth_set_ctrl" + | "BIO_meth_set_create" + | "BIO_meth_set_destroy" + | "CRYPTO_set_locking_callback" + | "CRYPTO_set_id_callback" + | "SSL_CTX_set_tmp_dh_callback" + | "SSL_set_tmp_dh_callback" + | "SSL_CTX_set_tmp_ecdh_callback" + | "SSL_set_tmp_ecdh_callback" + | "SSL_CTX_callback_ctrl" + | "SSL_CTX_set_alpn_select_cb" => Some(format!("{}__fixed_rust", original_item_name)), + _ => None, + } + } +} diff --git a/openssl-sys/src/aes.rs b/openssl-sys/src/aes.rs new file mode 100644 index 000000000..ade6e842f --- /dev/null +++ b/openssl-sys/src/aes.rs @@ -0,0 +1,7 @@ +use libc::*; + +pub const AES_ENCRYPT: c_int = 1; +pub const AES_DECRYPT: c_int = 0; + +pub const AES_MAXNR: c_int = 14; +pub const AES_BLOCK_SIZE: c_int = 16; diff --git a/openssl-sys/src/asn1.rs b/openssl-sys/src/asn1.rs new file mode 100644 index 000000000..caf14f7b9 --- /dev/null +++ b/openssl-sys/src/asn1.rs @@ -0,0 +1,39 @@ +use libc::*; + +use super::*; + +// ASN.1 tag values +pub const V_ASN1_EOC: c_int = 0; +pub const V_ASN1_BOOLEAN: c_int = 1; +pub const V_ASN1_INTEGER: c_int = 2; +pub const V_ASN1_BIT_STRING: c_int = 3; +pub const V_ASN1_OCTET_STRING: c_int = 4; +pub const V_ASN1_NULL: c_int = 5; +pub const V_ASN1_OBJECT: c_int = 6; +pub const V_ASN1_OBJECT_DESCRIPTOR: c_int = 7; +pub const V_ASN1_EXTERNAL: c_int = 8; +pub const V_ASN1_REAL: c_int = 9; +pub const V_ASN1_ENUMERATED: c_int = 10; +pub const V_ASN1_UTF8STRING: c_int = 12; +pub const V_ASN1_SEQUENCE: c_int = 16; +pub const V_ASN1_SET: c_int = 17; +pub const V_ASN1_NUMERICSTRING: c_int = 18; +pub const V_ASN1_PRINTABLESTRING: c_int = 19; +pub const V_ASN1_T61STRING: c_int = 20; +pub const V_ASN1_TELETEXSTRING: c_int = 20; // alias +pub const V_ASN1_VIDEOTEXSTRING: c_int = 21; +pub const V_ASN1_IA5STRING: c_int = 22; +pub const V_ASN1_UTCTIME: c_int = 23; +pub const V_ASN1_GENERALIZEDTIME: c_int = 24; +pub const V_ASN1_GRAPHICSTRING: c_int = 25; +pub const V_ASN1_ISO64STRING: c_int = 26; +pub const V_ASN1_VISIBLESTRING: c_int = 26; // alias +pub const V_ASN1_GENERALSTRING: c_int = 27; +pub const V_ASN1_UNIVERSALSTRING: c_int = 28; +pub const V_ASN1_BMPSTRING: c_int = 30; + +pub const MBSTRING_FLAG: c_int = 0x1000; +pub const MBSTRING_UTF8: c_int = MBSTRING_FLAG; +pub const MBSTRING_ASC: c_int = MBSTRING_FLAG | 1; +pub const MBSTRING_BMP: c_int = MBSTRING_FLAG | 2; +pub const MBSTRING_UNIV: c_int = MBSTRING_FLAG | 4; diff --git a/openssl-sys/src/bio.rs b/openssl-sys/src/bio.rs new file mode 100644 index 000000000..ea6053b59 --- /dev/null +++ b/openssl-sys/src/bio.rs @@ -0,0 +1,72 @@ +use libc::*; + +use super::*; + +pub const BIO_TYPE_NONE: c_int = 0; + +pub const BIO_CTRL_EOF: c_int = 2; +pub const BIO_CTRL_INFO: c_int = 3; +pub const BIO_CTRL_FLUSH: c_int = 11; +pub const BIO_CTRL_DGRAM_QUERY_MTU: c_int = 40; +pub const BIO_C_SET_BUF_MEM_EOF_RETURN: c_int = 130; + +pub unsafe fn BIO_set_retry_read(b: *mut BIO) { + BIO_set_flags(b, BIO_FLAGS_READ | BIO_FLAGS_SHOULD_RETRY) +} + +pub unsafe fn BIO_set_retry_write(b: *mut BIO) { + BIO_set_flags(b, BIO_FLAGS_WRITE | BIO_FLAGS_SHOULD_RETRY) +} + +pub unsafe fn BIO_clear_retry_flags(b: *mut BIO) { + BIO_clear_flags(b, BIO_FLAGS_RWS | BIO_FLAGS_SHOULD_RETRY) +} + +pub const BIO_FLAGS_READ: c_int = 0x01; +pub const BIO_FLAGS_WRITE: c_int = 0x02; +pub const BIO_FLAGS_IO_SPECIAL: c_int = 0x04; +pub const BIO_FLAGS_RWS: c_int = BIO_FLAGS_READ | BIO_FLAGS_WRITE | BIO_FLAGS_IO_SPECIAL; +pub const BIO_FLAGS_SHOULD_RETRY: c_int = 0x08; + +pub unsafe fn BIO_get_mem_data(b: *mut BIO, pp: *mut *mut c_char) -> c_long { + BIO_ctrl(b, BIO_CTRL_INFO, 0, pp as *mut c_void) +} + +extern "C" { + #[deprecated(note = "use BIO_meth_set_write__fixed_rust instead")] + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_set_write( + biom: *mut BIO_METHOD, + write: unsafe extern "C" fn(*mut BIO, *const c_char, c_int) -> c_int, + ) -> c_int; + #[deprecated(note = "use BIO_meth_set_read__fixed_rust instead")] + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_set_read( + biom: *mut BIO_METHOD, + read: unsafe extern "C" fn(*mut BIO, *mut c_char, c_int) -> c_int, + ) -> c_int; + #[deprecated(note = "use BIO_meth_set_puts__fixed_rust instead")] + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_set_puts( + biom: *mut BIO_METHOD, + read: unsafe extern "C" fn(*mut BIO, *const c_char) -> c_int, + ) -> c_int; + #[deprecated(note = "use BIO_meth_set_ctrl__fixed_rust instead")] + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_set_ctrl( + biom: *mut BIO_METHOD, + read: unsafe extern "C" fn(*mut BIO, c_int, c_long, *mut c_void) -> c_long, + ) -> c_int; + #[deprecated(note = "use BIO_meth_set_create__fixed_rust instead")] + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_set_create( + biom: *mut BIO_METHOD, + create: unsafe extern "C" fn(*mut BIO) -> c_int, + ) -> c_int; + #[deprecated(note = "use BIO_meth_set_destroy__fixed_rust instead")] + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_set_destroy( + biom: *mut BIO_METHOD, + destroy: unsafe extern "C" fn(*mut BIO) -> c_int, + ) -> c_int; +} diff --git a/openssl-sys/src/bn.rs b/openssl-sys/src/bn.rs new file mode 100644 index 000000000..a6bbcce88 --- /dev/null +++ b/openssl-sys/src/bn.rs @@ -0,0 +1,15 @@ +use libc::*; + +#[cfg(target_pointer_width = "64")] +pub type BN_ULONG = c_ulonglong; +#[cfg(target_pointer_width = "32")] +pub type BN_ULONG = c_uint; + +#[cfg(ossl110)] +pub const BN_FLG_MALLOCED: c_int = 0x01; +#[cfg(ossl110)] +pub const BN_FLG_STATIC_DATA: c_int = 0x02; +#[cfg(ossl110)] +pub const BN_FLG_CONSTTIME: c_int = 0x04; +#[cfg(ossl110)] +pub const BN_FLG_SECURE: c_int = 0x08; diff --git a/openssl-sys/src/cms.rs b/openssl-sys/src/cms.rs new file mode 100644 index 000000000..f008adb1c --- /dev/null +++ b/openssl-sys/src/cms.rs @@ -0,0 +1,46 @@ +use libc::*; + +#[cfg(ossl101)] +pub const CMS_TEXT: c_uint = 0x1; +#[cfg(ossl101)] +pub const CMS_NOCERTS: c_uint = 0x2; +#[cfg(ossl101)] +pub const CMS_NO_CONTENT_VERIFY: c_uint = 0x4; +#[cfg(ossl101)] +pub const CMS_NO_ATTR_VERIFY: c_uint = 0x8; +#[cfg(ossl101)] +pub const CMS_NOSIGS: c_uint = 0x4 | 0x8; +#[cfg(ossl101)] +pub const CMS_NOINTERN: c_uint = 0x10; +#[cfg(ossl101)] +pub const CMS_NO_SIGNER_CERT_VERIFY: c_uint = 0x20; +#[cfg(ossl101)] +pub const CMS_NOVERIFY: c_uint = 0x20; +#[cfg(ossl101)] +pub const CMS_DETACHED: c_uint = 0x40; +#[cfg(ossl101)] +pub const CMS_BINARY: c_uint = 0x80; +#[cfg(ossl101)] +pub const CMS_NOATTR: c_uint = 0x100; +#[cfg(ossl101)] +pub const CMS_NOSMIMECAP: c_uint = 0x200; +#[cfg(ossl101)] +pub const CMS_NOOLDMIMETYPE: c_uint = 0x400; +#[cfg(ossl101)] +pub const CMS_CRLFEOL: c_uint = 0x800; +#[cfg(ossl101)] +pub const CMS_STREAM: c_uint = 0x1000; +#[cfg(ossl101)] +pub const CMS_NOCRL: c_uint = 0x2000; +#[cfg(ossl101)] +pub const CMS_PARTIAL: c_uint = 0x4000; +#[cfg(ossl101)] +pub const CMS_REUSE_DIGEST: c_uint = 0x8000; +#[cfg(ossl101)] +pub const CMS_USE_KEYID: c_uint = 0x10000; +#[cfg(ossl101)] +pub const CMS_DEBUG_DECRYPT: c_uint = 0x20000; +#[cfg(ossl102)] +pub const CMS_KEY_PARAM: c_uint = 0x40000; +#[cfg(ossl110)] +pub const CMS_ASCIICRLF: c_uint = 0x80000; diff --git a/openssl-sys/src/crypto.rs b/openssl-sys/src/crypto.rs new file mode 100644 index 000000000..35be07ead --- /dev/null +++ b/openssl-sys/src/crypto.rs @@ -0,0 +1,134 @@ +use super::*; +use libc::*; + +extern "C" { + #[deprecated(note = "use CRYPTO_set_locking_callback__fixed_rust instead")] + #[cfg(not(ossl110))] + pub fn CRYPTO_set_locking_callback( + func: unsafe extern "C" fn(mode: c_int, n: c_int, file: *const c_char, line: c_int), + ); + + #[deprecated(note = "use CRYPTO_set_id_callback__fixed_rust instead")] + #[cfg(not(ossl110))] + pub fn CRYPTO_set_id_callback(func: unsafe extern "C" fn() -> c_ulong); +} + +cfg_if! { + if #[cfg(ossl110)] { + type CRYPTO_EX_new_ret = (); + type CRYPTO_EX_dup_from = *const CRYPTO_EX_DATA; + } else { + type CRYPTO_EX_new_ret = c_int; + type CRYPTO_EX_dup_from = *mut CRYPTO_EX_DATA; + } +} + +cfg_if! { + if #[cfg(ossl300)] { + type CRYPTO_EX_dup_from_d = *mut *mut c_void; + } else { + type CRYPTO_EX_dup_from_d = *mut c_void; + } +} + +// FIXME should be options +pub type CRYPTO_EX_new = unsafe extern "C" fn( + parent: *mut c_void, + ptr: *mut c_void, + ad: *mut CRYPTO_EX_DATA, + idx: c_int, + argl: c_long, + argp: *mut c_void, +) -> CRYPTO_EX_new_ret; +pub type CRYPTO_EX_dup = unsafe extern "C" fn( + to: *mut CRYPTO_EX_DATA, + from: CRYPTO_EX_dup_from, + from_d: CRYPTO_EX_dup_from_d, + idx: c_int, + argl: c_long, + argp: *mut c_void, +) -> c_int; +pub type CRYPTO_EX_free = unsafe extern "C" fn( + parent: *mut c_void, + ptr: *mut c_void, + ad: *mut CRYPTO_EX_DATA, + idx: c_int, + argl: c_long, + argp: *mut c_void, +); + +#[cfg(ossl110)] +#[inline] +#[track_caller] +pub unsafe fn OPENSSL_malloc(num: usize) -> *mut c_void { + CRYPTO_malloc( + num, + concat!(file!(), "\0").as_ptr() as *const _, + line!() as _, + ) +} + +#[cfg(not(ossl110))] +#[inline] +#[track_caller] +pub unsafe fn OPENSSL_malloc(num: c_int) -> *mut c_void { + CRYPTO_malloc( + num, + concat!(file!(), "\0").as_ptr() as *const _, + line!() as _, + ) +} + +#[cfg(ossl110)] +#[inline] +#[track_caller] +pub unsafe fn OPENSSL_free(addr: *mut c_void) { + CRYPTO_free( + addr, + concat!(file!(), "\0").as_ptr() as *const _, + line!() as _, + ) +} + +#[cfg(not(ossl110))] +#[inline] +pub unsafe fn OPENSSL_free(addr: *mut c_void) { + CRYPTO_free(addr) +} + +#[cfg(not(ossl110))] +pub const CRYPTO_LOCK_X509: c_int = 3; +#[cfg(not(ossl110))] +pub const CRYPTO_LOCK_EVP_PKEY: c_int = 10; +#[cfg(not(ossl110))] +pub const CRYPTO_LOCK_SSL_CTX: c_int = 12; +#[cfg(not(ossl110))] +pub const CRYPTO_LOCK_SSL_SESSION: c_int = 14; + +cfg_if! { + if #[cfg(ossl110)] { + pub const CRYPTO_EX_INDEX_SSL: c_int = 0; + pub const CRYPTO_EX_INDEX_SSL_CTX: c_int = 1; + } else if #[cfg(libressl)] { + pub const CRYPTO_EX_INDEX_SSL: c_int = 1; + pub const CRYPTO_EX_INDEX_SSL_CTX: c_int = 2; + } +} + +cfg_if! { + if #[cfg(any(ossl110, libressl271))] { + pub const OPENSSL_VERSION: c_int = 0; + pub const OPENSSL_CFLAGS: c_int = 1; + pub const OPENSSL_BUILT_ON: c_int = 2; + pub const OPENSSL_PLATFORM: c_int = 3; + pub const OPENSSL_DIR: c_int = 4; + } else { + pub const SSLEAY_VERSION: c_int = 0; + pub const SSLEAY_CFLAGS: c_int = 2; + pub const SSLEAY_BUILT_ON: c_int = 3; + pub const SSLEAY_PLATFORM: c_int = 4; + pub const SSLEAY_DIR: c_int = 5; + } +} + +pub const CRYPTO_LOCK: c_int = 1; diff --git a/openssl-sys/src/dtls1.rs b/openssl-sys/src/dtls1.rs new file mode 100644 index 000000000..9ef5e77f7 --- /dev/null +++ b/openssl-sys/src/dtls1.rs @@ -0,0 +1,9 @@ +use libc::*; + +cfg_if! { + if #[cfg(ossl300)] { + pub const DTLS1_COOKIE_LENGTH: c_uint = 255; + } else { + pub const DTLS1_COOKIE_LENGTH: c_uint = 256; + } +} diff --git a/openssl-sys/src/ec.rs b/openssl-sys/src/ec.rs new file mode 100644 index 000000000..995a84ff6 --- /dev/null +++ b/openssl-sys/src/ec.rs @@ -0,0 +1,16 @@ +use libc::*; +use std::ptr; + +use super::*; + +pub const OPENSSL_EC_NAMED_CURVE: c_int = 1; + +#[cfg(ossl300)] +pub unsafe fn EVP_EC_gen(curve: *const c_char) -> *mut EVP_PKEY { + EVP_PKEY_Q_keygen( + ptr::null_mut(), + ptr::null_mut(), + "EC\0".as_ptr().cast(), + curve, + ) +} diff --git a/openssl-sys/src/err.rs b/openssl-sys/src/err.rs new file mode 100644 index 000000000..5e84e6208 --- /dev/null +++ b/openssl-sys/src/err.rs @@ -0,0 +1,70 @@ +use libc::*; + +pub const ERR_TXT_MALLOCED: c_int = 0x01; +pub const ERR_TXT_STRING: c_int = 0x02; + +pub const ERR_LIB_SYS: c_int = 2; +pub const ERR_LIB_PEM: c_int = 9; +pub const ERR_LIB_ASN1: c_int = 13; + +cfg_if! { + if #[cfg(ossl300)] { + pub const ERR_SYSTEM_FLAG: c_ulong = c_int::max_value() as c_ulong + 1; + pub const ERR_SYSTEM_MASK: c_ulong = c_int::max_value() as c_ulong; + + pub const ERR_LIB_OFFSET: c_ulong = 23; + pub const ERR_LIB_MASK: c_ulong = 0xff; + pub const ERR_RFLAGS_OFFSET: c_ulong = 18; + pub const ERR_RFLAGS_MASK: c_ulong = 0x1f; + pub const ERR_REASON_MASK: c_ulong = 0x7FFFFF; + + pub const ERR_RFLAG_FATAL: c_ulong = 0x1 << ERR_RFLAGS_OFFSET; + + const_fn! { + pub const fn ERR_SYSTEM_ERROR(errcode: c_ulong) -> bool { + errcode & ERR_SYSTEM_FLAG != 0 + } + + pub const fn ERR_GET_LIB(errcode: c_ulong) -> c_int { + // hacks since `if` isn't yet stable in const functions :( + ((ERR_LIB_SYS as c_ulong * (ERR_SYSTEM_ERROR(errcode) as c_ulong)) | + (((errcode >> ERR_LIB_OFFSET) & ERR_LIB_MASK) * (!ERR_SYSTEM_ERROR(errcode) as c_ulong))) as c_int + } + + pub const fn ERR_GET_FUNC(_errcode: c_ulong) -> c_int { + 0 + } + + pub const fn ERR_GET_REASON(errcode: c_ulong) -> c_int { + // hacks since `if` isn't yet stable in const functions :( + ((ERR_LIB_SYS as c_ulong * (ERR_SYSTEM_ERROR(errcode) as c_ulong)) | + ((errcode & ERR_REASON_MASK) * (!ERR_SYSTEM_ERROR(errcode) as c_ulong))) as c_int + } + + pub const fn ERR_PACK(lib: c_int, _func: c_int, reason: c_int) -> c_ulong { + ((lib as c_ulong & ERR_LIB_MASK) << ERR_LIB_OFFSET) | + (reason as c_ulong & ERR_REASON_MASK) + } + } + } else { + const_fn! { + pub const fn ERR_PACK(l: c_int, f: c_int, r: c_int) -> c_ulong { + ((l as c_ulong & 0x0FF) << 24) | + ((f as c_ulong & 0xFFF) << 12) | + (r as c_ulong & 0xFFF) + } + + pub const fn ERR_GET_LIB(l: c_ulong) -> c_int { + ((l >> 24) & 0x0FF) as c_int + } + + pub const fn ERR_GET_FUNC(l: c_ulong) -> c_int { + ((l >> 12) & 0xFFF) as c_int + } + + pub const fn ERR_GET_REASON(l: c_ulong) -> c_int { + (l & 0xFFF) as c_int + } + } + } +} diff --git a/openssl-sys/src/evp.rs b/openssl-sys/src/evp.rs new file mode 100644 index 000000000..a98e43842 --- /dev/null +++ b/openssl-sys/src/evp.rs @@ -0,0 +1,285 @@ +use super::*; +use libc::*; + +pub const EVP_MAX_MD_SIZE: c_uint = 64; + +pub const PKCS5_SALT_LEN: c_int = 8; +pub const PKCS12_DEFAULT_ITER: c_int = 2048; + +pub const EVP_PKEY_RSA: c_int = NID_rsaEncryption; +pub const EVP_PKEY_DSA: c_int = NID_dsa; +pub const EVP_PKEY_DH: c_int = NID_dhKeyAgreement; +pub const EVP_PKEY_EC: c_int = NID_X9_62_id_ecPublicKey; +#[cfg(ossl111)] +pub const EVP_PKEY_X25519: c_int = NID_X25519; +#[cfg(ossl111)] +pub const EVP_PKEY_ED25519: c_int = NID_ED25519; +#[cfg(ossl111)] +pub const EVP_PKEY_X448: c_int = NID_X448; +#[cfg(ossl111)] +pub const EVP_PKEY_ED448: c_int = NID_ED448; +pub const EVP_PKEY_HMAC: c_int = NID_hmac; +pub const EVP_PKEY_CMAC: c_int = NID_cmac; +#[cfg(ossl110)] +pub const EVP_PKEY_HKDF: c_int = NID_hkdf; + +pub const EVP_CTRL_GCM_SET_IVLEN: c_int = 0x9; +pub const EVP_CTRL_GCM_GET_TAG: c_int = 0x10; +pub const EVP_CTRL_GCM_SET_TAG: c_int = 0x11; + +pub unsafe fn EVP_get_digestbynid(type_: c_int) -> *const EVP_MD { + EVP_get_digestbyname(OBJ_nid2sn(type_)) +} + +cfg_if! { + if #[cfg(ossl300)] { + #[inline] + pub unsafe fn EVP_MD_CTX_md(ctx: *const EVP_MD_CTX) -> *const EVP_MD { + EVP_MD_CTX_get0_md(ctx) + } + + #[inline] + pub unsafe fn EVP_MD_CTX_get_size(ctx: *const EVP_MD_CTX) -> c_int { + EVP_MD_get_size(EVP_MD_CTX_get0_md(ctx)) + } + + #[inline] + pub unsafe fn EVP_MD_CTX_size(ctx: *const EVP_MD_CTX) -> c_int { + EVP_MD_CTX_get_size(ctx) + } + + #[inline] + pub unsafe fn EVP_MD_block_size(md: *const EVP_MD) -> c_int { + EVP_MD_get_block_size(md) + } + + #[inline] + pub unsafe fn EVP_MD_size(md: *const EVP_MD) -> c_int { + EVP_MD_get_size(md) + } + + #[inline] + pub unsafe fn EVP_MD_type(md: *const EVP_MD) -> c_int { + EVP_MD_get_type(md) + } + + #[inline] + pub unsafe fn EVP_CIPHER_key_length(cipher: *const EVP_CIPHER) -> c_int { + EVP_CIPHER_get_key_length(cipher) + } + + #[inline] + pub unsafe fn EVP_CIPHER_block_size(cipher: *const EVP_CIPHER) -> c_int { + EVP_CIPHER_get_block_size(cipher) + } + + #[inline] + pub unsafe fn EVP_CIPHER_iv_length(cipher: *const EVP_CIPHER) -> c_int { + EVP_CIPHER_get_iv_length(cipher) + } + + #[inline] + pub unsafe fn EVP_CIPHER_nid(cipher: *const EVP_CIPHER) -> c_int { + EVP_CIPHER_get_nid(cipher) + } + + #[inline] + pub unsafe fn EVP_CIPHER_CTX_block_size(ctx: *const EVP_CIPHER_CTX) -> c_int { + EVP_CIPHER_CTX_get_block_size(ctx) + } + + #[inline] + pub unsafe fn EVP_CIPHER_CTX_key_length(ctx: *const EVP_CIPHER_CTX) -> c_int { + EVP_CIPHER_CTX_get_key_length(ctx) + } + + #[inline] + pub unsafe fn EVP_CIPHER_CTX_iv_length(ctx: *const EVP_CIPHER_CTX) -> c_int { + EVP_CIPHER_CTX_get_iv_length(ctx) + } + + #[inline] + pub unsafe fn EVP_CIPHER_CTX_num(ctx: *const EVP_CIPHER_CTX) -> c_int { + EVP_CIPHER_CTX_get_num(ctx) + } + } else { + pub unsafe fn EVP_MD_CTX_size(ctx: *const EVP_MD_CTX) -> c_int { + EVP_MD_size(EVP_MD_CTX_md(ctx)) + } + } +} +#[cfg(not(ossl300))] +#[inline] +pub unsafe fn EVP_DigestSignUpdate( + ctx: *mut EVP_MD_CTX, + data: *const c_void, + dsize: size_t, +) -> c_int { + EVP_DigestUpdate(ctx, data, dsize) +} +#[cfg(not(ossl300))] +#[inline] +pub unsafe fn EVP_DigestVerifyUpdate( + ctx: *mut EVP_MD_CTX, + data: *const c_void, + dsize: size_t, +) -> c_int { + EVP_DigestUpdate(ctx, data, dsize) +} +#[cfg(ossl300)] +#[inline] +pub unsafe fn EVP_PKEY_size(pkey: *const EVP_PKEY) -> c_int { + EVP_PKEY_get_size(pkey) +} + +cfg_if! { + if #[cfg(ossl300)] { + #[inline] + pub unsafe fn EVP_PKEY_id(pkey: *const EVP_PKEY) -> c_int { + EVP_PKEY_get_id(pkey) + } + + #[inline] + pub unsafe fn EVP_PKEY_bits(pkey: *const EVP_PKEY) -> c_int { + EVP_PKEY_get_bits(pkey) + } + + #[inline] + pub unsafe fn EVP_PKEY_security_bits(pkey: *const EVP_PKEY) -> c_int { + EVP_PKEY_get_security_bits(pkey) + } + } +} + +pub const EVP_PKEY_OP_KEYGEN: c_int = 1 << 2; +cfg_if! { + if #[cfg(ossl300)] { + pub const EVP_PKEY_OP_SIGN: c_int = 1 << 4; + pub const EVP_PKEY_OP_VERIFY: c_int = 1 << 5; + pub const EVP_PKEY_OP_VERIFYRECOVER: c_int = 1 << 6; + pub const EVP_PKEY_OP_SIGNCTX: c_int = 1 << 7; + pub const EVP_PKEY_OP_VERIFYCTX: c_int = 1 << 8; + pub const EVP_PKEY_OP_ENCRYPT: c_int = 1 << 9; + pub const EVP_PKEY_OP_DECRYPT: c_int = 1 << 10; + pub const EVP_PKEY_OP_DERIVE: c_int = 1 << 11; + } else { + pub const EVP_PKEY_OP_SIGN: c_int = 1 << 3; + pub const EVP_PKEY_OP_VERIFY: c_int = 1 << 4; + pub const EVP_PKEY_OP_VERIFYRECOVER: c_int = 1 << 5; + pub const EVP_PKEY_OP_SIGNCTX: c_int = 1 << 6; + pub const EVP_PKEY_OP_VERIFYCTX: c_int = 1 << 7; + pub const EVP_PKEY_OP_ENCRYPT: c_int = 1 << 8; + pub const EVP_PKEY_OP_DECRYPT: c_int = 1 << 9; + pub const EVP_PKEY_OP_DERIVE: c_int = 1 << 10; + } +} + +pub const EVP_PKEY_OP_TYPE_SIG: c_int = EVP_PKEY_OP_SIGN + | EVP_PKEY_OP_VERIFY + | EVP_PKEY_OP_VERIFYRECOVER + | EVP_PKEY_OP_SIGNCTX + | EVP_PKEY_OP_VERIFYCTX; + +pub const EVP_PKEY_OP_TYPE_CRYPT: c_int = EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT; + +pub const EVP_PKEY_CTRL_SET_MAC_KEY: c_int = 6; + +pub const EVP_PKEY_CTRL_CIPHER: c_int = 12; + +pub const EVP_PKEY_ALG_CTRL: c_int = 0x1000; + +#[cfg(ossl111)] +pub const EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND: c_int = 0; + +#[cfg(ossl111)] +pub const EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY: c_int = 1; + +#[cfg(ossl111)] +pub const EVP_PKEY_HKDEF_MODE_EXPAND_ONLY: c_int = 2; + +#[cfg(ossl110)] +pub const EVP_PKEY_CTRL_HKDF_MD: c_int = EVP_PKEY_ALG_CTRL + 3; + +#[cfg(ossl110)] +pub const EVP_PKEY_CTRL_HKDF_SALT: c_int = EVP_PKEY_ALG_CTRL + 4; + +#[cfg(ossl110)] +pub const EVP_PKEY_CTRL_HKDF_KEY: c_int = EVP_PKEY_ALG_CTRL + 5; + +#[cfg(ossl110)] +pub const EVP_PKEY_CTRL_HKDF_INFO: c_int = EVP_PKEY_ALG_CTRL + 6; + +#[cfg(ossl111)] +pub const EVP_PKEY_CTRL_HKDF_MODE: c_int = EVP_PKEY_ALG_CTRL + 7; + +#[cfg(all(ossl111, not(ossl300)))] +pub unsafe fn EVP_PKEY_CTX_set_hkdf_mode(ctx: *mut EVP_PKEY_CTX, mode: c_int) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + -1, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_HKDF_MODE, + mode, + std::ptr::null_mut(), + ) +} + +#[cfg(all(ossl110, not(ossl300)))] +pub unsafe fn EVP_PKEY_CTX_set_hkdf_md(ctx: *mut EVP_PKEY_CTX, md: *const EVP_MD) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + -1, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_HKDF_MD, + 0, + md as *mut c_void, + ) +} + +#[cfg(all(ossl110, not(ossl300)))] +pub unsafe fn EVP_PKEY_CTX_set1_hkdf_salt( + ctx: *mut EVP_PKEY_CTX, + salt: *const u8, + saltlen: c_int, +) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + -1, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_HKDF_SALT, + saltlen, + salt as *mut c_void, + ) +} + +#[cfg(all(ossl110, not(ossl300)))] +pub unsafe fn EVP_PKEY_CTX_set1_hkdf_key( + ctx: *mut EVP_PKEY_CTX, + key: *const u8, + keylen: c_int, +) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + -1, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_HKDF_KEY, + keylen, + key as *mut c_void, + ) +} + +#[cfg(all(ossl110, not(ossl300)))] +pub unsafe fn EVP_PKEY_CTX_add1_hkdf_info( + ctx: *mut EVP_PKEY_CTX, + info: *const u8, + infolen: c_int, +) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + -1, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_HKDF_INFO, + infolen, + info as *mut c_void, + ) +} diff --git a/openssl-sys/src/handwritten/aes.rs b/openssl-sys/src/handwritten/aes.rs new file mode 100644 index 000000000..ba249362c --- /dev/null +++ b/openssl-sys/src/handwritten/aes.rs @@ -0,0 +1,40 @@ +use super::super::*; +use libc::*; + +#[repr(C)] +pub struct AES_KEY { + // There is some business with AES_LONG which is there to ensure the values here are 32 bits + rd_key: [u32; 4 * (AES_MAXNR as usize + 1)], + rounds: c_int, +} + +extern "C" { + pub fn AES_set_encrypt_key(userKey: *const c_uchar, bits: c_int, key: *mut AES_KEY) -> c_int; + pub fn AES_set_decrypt_key(userKey: *const c_uchar, bits: c_int, key: *mut AES_KEY) -> c_int; + + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + pub fn AES_ige_encrypt( + in_: *const c_uchar, + out: *mut c_uchar, + length: size_t, + key: *const AES_KEY, + ivec: *mut c_uchar, + enc: c_int, + ); + + pub fn AES_wrap_key( + key: *mut AES_KEY, + iv: *const c_uchar, + out: *mut c_uchar, + in_: *const c_uchar, + inlen: c_uint, + ) -> c_int; + + pub fn AES_unwrap_key( + key: *mut AES_KEY, + iv: *const c_uchar, + out: *mut c_uchar, + in_: *const c_uchar, + inlen: c_uint, + ) -> c_int; +} diff --git a/openssl-sys/src/handwritten/asn1.rs b/openssl-sys/src/handwritten/asn1.rs new file mode 100644 index 000000000..7163a69d5 --- /dev/null +++ b/openssl-sys/src/handwritten/asn1.rs @@ -0,0 +1,60 @@ +use super::super::*; +use libc::*; + +#[repr(C)] +pub struct ASN1_ENCODING { + pub enc: *mut c_uchar, + pub len: c_long, + pub modified: c_int, +} + +extern "C" { + pub fn ASN1_OBJECT_free(x: *mut ASN1_OBJECT); +} + +stack!(stack_st_ASN1_OBJECT); + +extern "C" { + pub fn ASN1_STRING_type_new(ty: c_int) -> *mut ASN1_STRING; + #[cfg(any(ossl110, libressl273))] + pub fn ASN1_STRING_get0_data(x: *const ASN1_STRING) -> *const c_uchar; + #[cfg(any(all(ossl101, not(ossl110)), libressl))] + pub fn ASN1_STRING_data(x: *mut ASN1_STRING) -> *mut c_uchar; + + pub fn ASN1_BIT_STRING_free(x: *mut ASN1_BIT_STRING); + + pub fn ASN1_STRING_free(x: *mut ASN1_STRING); + pub fn ASN1_STRING_length(x: *const ASN1_STRING) -> c_int; + + pub fn ASN1_STRING_set(x: *mut ASN1_STRING, data: *const c_void, len: c_int) -> c_int; + + pub fn ASN1_GENERALIZEDTIME_free(tm: *mut ASN1_GENERALIZEDTIME); + pub fn ASN1_GENERALIZEDTIME_print(b: *mut BIO, tm: *const ASN1_GENERALIZEDTIME) -> c_int; + pub fn ASN1_TIME_new() -> *mut ASN1_TIME; + #[cfg(ossl102)] + pub fn ASN1_TIME_diff( + pday: *mut c_int, + psec: *mut c_int, + from: *const ASN1_TIME, + to: *const ASN1_TIME, + ) -> c_int; + pub fn ASN1_TIME_free(tm: *mut ASN1_TIME); + pub fn ASN1_TIME_print(b: *mut BIO, tm: *const ASN1_TIME) -> c_int; + pub fn ASN1_TIME_set(from: *mut ASN1_TIME, to: time_t) -> *mut ASN1_TIME; + + pub fn ASN1_INTEGER_free(x: *mut ASN1_INTEGER); + pub fn ASN1_INTEGER_get(dest: *const ASN1_INTEGER) -> c_long; + pub fn ASN1_INTEGER_set(dest: *mut ASN1_INTEGER, value: c_long) -> c_int; + pub fn BN_to_ASN1_INTEGER(bn: *const BIGNUM, ai: *mut ASN1_INTEGER) -> *mut ASN1_INTEGER; + pub fn ASN1_INTEGER_to_BN(ai: *const ASN1_INTEGER, bn: *mut BIGNUM) -> *mut BIGNUM; + + pub fn ASN1_TIME_set_string(s: *mut ASN1_TIME, str: *const c_char) -> c_int; + #[cfg(ossl111)] + pub fn ASN1_TIME_set_string_X509(s: *mut ASN1_TIME, str: *const c_char) -> c_int; +} + +const_ptr_api! { + extern "C" { + pub fn ASN1_STRING_to_UTF8(out: *mut *mut c_uchar, s: #[const_ptr_if(any(ossl110, libressl280))] ASN1_STRING) -> c_int; + } +} diff --git a/openssl-sys/src/handwritten/bio.rs b/openssl-sys/src/handwritten/bio.rs new file mode 100644 index 000000000..7d9752225 --- /dev/null +++ b/openssl-sys/src/handwritten/bio.rs @@ -0,0 +1,107 @@ +use super::super::*; +use libc::*; + +extern "C" { + pub fn BIO_set_flags(b: *mut BIO, flags: c_int); + pub fn BIO_clear_flags(b: *mut BIO, flags: c_int); +} + +pub type bio_info_cb = + Option; + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum BIO_METHOD {} + } else { + #[repr(C)] + pub struct BIO_METHOD { + pub type_: c_int, + pub name: *const c_char, + pub bwrite: Option c_int>, + pub bread: Option c_int>, + pub bputs: Option c_int>, + pub bgets: Option c_int>, + pub ctrl: Option c_long>, + pub create: Option c_int>, + pub destroy: Option c_int>, + pub callback_ctrl: Option c_long>, + } + } +} + +const_ptr_api! { + extern "C" { + pub fn BIO_s_file() -> #[const_ptr_if(any(ossl110, libressl280))] BIO_METHOD; + pub fn BIO_new(type_: #[const_ptr_if(any(ossl110, libressl280))] BIO_METHOD) -> *mut BIO; + } +} +extern "C" { + #[cfg(not(osslconf = "OPENSSL_NO_STDIO"))] + pub fn BIO_new_fp(stream: *mut FILE, close_flag: c_int) -> *mut BIO; + #[cfg(any(ossl110, libressl273))] + pub fn BIO_set_data(a: *mut BIO, data: *mut c_void); + #[cfg(any(ossl110, libressl273))] + pub fn BIO_get_data(a: *mut BIO) -> *mut c_void; + #[cfg(any(ossl110, libressl273))] + pub fn BIO_set_init(a: *mut BIO, init: c_int); + pub fn BIO_write(b: *mut BIO, buf: *const c_void, len: c_int) -> c_int; + pub fn BIO_read(b: *mut BIO, buf: *mut c_void, len: c_int) -> c_int; + pub fn BIO_ctrl(b: *mut BIO, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long; + pub fn BIO_free_all(b: *mut BIO); +} + +const_ptr_api! { + extern "C" { + pub fn BIO_s_mem() -> #[const_ptr_if(any(ossl110, libressl280))] BIO_METHOD; + pub fn BIO_new_mem_buf(buf: #[const_ptr_if(any(ossl102, libressl280))] c_void, len: c_int) -> *mut BIO; + } +} + +extern "C" { + pub fn BIO_new_socket(sock: c_int, close_flag: c_int) -> *mut BIO; + + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_new(type_: c_int, name: *const c_char) -> *mut BIO_METHOD; + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_free(biom: *mut BIO_METHOD); +} + +#[allow(clashing_extern_declarations)] +extern "C" { + #[cfg(any(ossl110, libressl273))] + #[link_name = "BIO_meth_set_write"] + pub fn BIO_meth_set_write__fixed_rust( + biom: *mut BIO_METHOD, + write: Option c_int>, + ) -> c_int; + #[cfg(any(ossl110, libressl273))] + #[link_name = "BIO_meth_set_read"] + pub fn BIO_meth_set_read__fixed_rust( + biom: *mut BIO_METHOD, + read: Option c_int>, + ) -> c_int; + #[cfg(any(ossl110, libressl273))] + #[link_name = "BIO_meth_set_puts"] + pub fn BIO_meth_set_puts__fixed_rust( + biom: *mut BIO_METHOD, + read: Option c_int>, + ) -> c_int; + #[cfg(any(ossl110, libressl273))] + #[link_name = "BIO_meth_set_ctrl"] + pub fn BIO_meth_set_ctrl__fixed_rust( + biom: *mut BIO_METHOD, + read: Option c_long>, + ) -> c_int; + #[cfg(any(ossl110, libressl273))] + #[link_name = "BIO_meth_set_create"] + pub fn BIO_meth_set_create__fixed_rust( + biom: *mut BIO_METHOD, + create: Option c_int>, + ) -> c_int; + #[cfg(any(ossl110, libressl273))] + #[link_name = "BIO_meth_set_destroy"] + pub fn BIO_meth_set_destroy__fixed_rust( + biom: *mut BIO_METHOD, + destroy: Option c_int>, + ) -> c_int; +} diff --git a/openssl-sys/src/handwritten/bn.rs b/openssl-sys/src/handwritten/bn.rs new file mode 100644 index 000000000..81348f692 --- /dev/null +++ b/openssl-sys/src/handwritten/bn.rs @@ -0,0 +1,168 @@ +use super::super::*; +use libc::*; + +extern "C" { + pub fn BN_CTX_new() -> *mut BN_CTX; + #[cfg(ossl110)] + pub fn BN_CTX_secure_new() -> *mut BN_CTX; + pub fn BN_CTX_free(ctx: *mut BN_CTX); + pub fn BN_rand(r: *mut BIGNUM, bits: c_int, top: c_int, bottom: c_int) -> c_int; + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + pub fn BN_pseudo_rand(r: *mut BIGNUM, bits: c_int, top: c_int, bottom: c_int) -> c_int; + pub fn BN_rand_range(r: *mut BIGNUM, range: *const BIGNUM) -> c_int; + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + pub fn BN_pseudo_rand_range(r: *mut BIGNUM, range: *const BIGNUM) -> c_int; + pub fn BN_new() -> *mut BIGNUM; + #[cfg(ossl110)] + pub fn BN_secure_new() -> *mut BIGNUM; + #[cfg(ossl110)] + pub fn BN_set_flags(b: *mut BIGNUM, n: c_int); + #[cfg(ossl110)] + pub fn BN_get_flags(b: *const BIGNUM, n: c_int) -> c_int; + pub fn BN_num_bits(bn: *const BIGNUM) -> c_int; + pub fn BN_clear_free(bn: *mut BIGNUM); + pub fn BN_bin2bn(s: *const u8, size: c_int, ret: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_bn2bin(a: *const BIGNUM, to: *mut u8) -> c_int; + #[cfg(ossl110)] + pub fn BN_bn2binpad(a: *const BIGNUM, to: *mut u8, tolen: c_int) -> c_int; + pub fn BN_sub(r: *mut BIGNUM, a: *const BIGNUM, b: *const BIGNUM) -> c_int; + pub fn BN_add(r: *mut BIGNUM, a: *const BIGNUM, b: *const BIGNUM) -> c_int; + pub fn BN_mul(r: *mut BIGNUM, a: *const BIGNUM, b: *const BIGNUM, ctx: *mut BN_CTX) -> c_int; + pub fn BN_sqr(r: *mut BIGNUM, a: *const BIGNUM, ctx: *mut BN_CTX) -> c_int; + pub fn BN_set_negative(bn: *mut BIGNUM, n: c_int); + #[cfg(any(ossl110, libressl350))] + pub fn BN_is_negative(b: *const BIGNUM) -> c_int; + + pub fn BN_div( + dv: *mut BIGNUM, + rem: *mut BIGNUM, + a: *const BIGNUM, + b: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + pub fn BN_nnmod( + rem: *mut BIGNUM, + a: *const BIGNUM, + m: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + pub fn BN_mod_add( + r: *mut BIGNUM, + a: *const BIGNUM, + b: *const BIGNUM, + m: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + pub fn BN_mod_sub( + r: *mut BIGNUM, + a: *const BIGNUM, + b: *const BIGNUM, + m: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + pub fn BN_mod_mul( + r: *mut BIGNUM, + a: *const BIGNUM, + b: *const BIGNUM, + m: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + pub fn BN_mod_sqr( + r: *mut BIGNUM, + a: *const BIGNUM, + m: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn BN_mod_word(r: *const BIGNUM, w: BN_ULONG) -> BN_ULONG; + pub fn BN_div_word(r: *mut BIGNUM, w: BN_ULONG) -> BN_ULONG; + pub fn BN_mul_word(r: *mut BIGNUM, w: BN_ULONG) -> c_int; + pub fn BN_add_word(r: *mut BIGNUM, w: BN_ULONG) -> c_int; + pub fn BN_sub_word(r: *mut BIGNUM, w: BN_ULONG) -> c_int; + pub fn BN_set_word(bn: *mut BIGNUM, n: BN_ULONG) -> c_int; + + pub fn BN_cmp(a: *const BIGNUM, b: *const BIGNUM) -> c_int; + pub fn BN_free(bn: *mut BIGNUM); + pub fn BN_is_bit_set(a: *const BIGNUM, n: c_int) -> c_int; + pub fn BN_lshift(r: *mut BIGNUM, a: *const BIGNUM, n: c_int) -> c_int; + pub fn BN_lshift1(r: *mut BIGNUM, a: *const BIGNUM) -> c_int; + pub fn BN_exp(r: *mut BIGNUM, a: *const BIGNUM, p: *const BIGNUM, ctx: *mut BN_CTX) -> c_int; + + pub fn BN_mod_exp( + r: *mut BIGNUM, + a: *const BIGNUM, + p: *const BIGNUM, + m: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn BN_mask_bits(a: *mut BIGNUM, n: c_int) -> c_int; + pub fn BN_rshift(r: *mut BIGNUM, a: *const BIGNUM, n: c_int) -> c_int; + pub fn BN_rshift1(r: *mut BIGNUM, a: *const BIGNUM) -> c_int; + pub fn BN_bn2hex(a: *const BIGNUM) -> *mut c_char; + pub fn BN_bn2dec(a: *const BIGNUM) -> *mut c_char; + pub fn BN_hex2bn(a: *mut *mut BIGNUM, s: *const c_char) -> c_int; + pub fn BN_dec2bn(a: *mut *mut BIGNUM, s: *const c_char) -> c_int; + pub fn BN_gcd(r: *mut BIGNUM, a: *const BIGNUM, b: *const BIGNUM, ctx: *mut BN_CTX) -> c_int; + pub fn BN_mod_inverse( + r: *mut BIGNUM, + a: *const BIGNUM, + n: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> *mut BIGNUM; + pub fn BN_clear(bn: *mut BIGNUM); + pub fn BN_dup(n: *const BIGNUM) -> *mut BIGNUM; + pub fn BN_ucmp(a: *const BIGNUM, b: *const BIGNUM) -> c_int; + pub fn BN_set_bit(a: *mut BIGNUM, n: c_int) -> c_int; + pub fn BN_clear_bit(a: *mut BIGNUM, n: c_int) -> c_int; + + pub fn BN_generate_prime_ex( + r: *mut BIGNUM, + bits: c_int, + safe: c_int, + add: *const BIGNUM, + rem: *const BIGNUM, + cb: *mut BN_GENCB, + ) -> c_int; + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + pub fn BN_is_prime_ex( + p: *const BIGNUM, + checks: c_int, + ctx: *mut BN_CTX, + cb: *mut BN_GENCB, + ) -> c_int; + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + pub fn BN_is_prime_fasttest_ex( + p: *const BIGNUM, + checks: c_int, + ctx: *mut BN_CTX, + do_trial_division: c_int, + cb: *mut BN_GENCB, + ) -> c_int; +} + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + extern "C" { + pub fn BN_get_rfc2409_prime_768(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc2409_prime_1024(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_1536(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_2048(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_3072(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_4096(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_6144(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_8192(bn: *mut BIGNUM) -> *mut BIGNUM; + } + } else { + extern "C" { + pub fn get_rfc2409_prime_768(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc2409_prime_1024(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_1536(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_2048(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_3072(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_4096(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_6144(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_8192(bn: *mut BIGNUM) -> *mut BIGNUM; + } + } +} diff --git a/openssl-sys/src/handwritten/cms.rs b/openssl-sys/src/handwritten/cms.rs new file mode 100644 index 000000000..a13ea423c --- /dev/null +++ b/openssl-sys/src/handwritten/cms.rs @@ -0,0 +1,65 @@ +use super::super::*; +use libc::*; + +pub enum CMS_ContentInfo {} + +extern "C" { + #[cfg(ossl101)] + pub fn CMS_ContentInfo_free(cms: *mut CMS_ContentInfo); +} + +const_ptr_api! { + extern "C" { + #[cfg(ossl101)] + pub fn i2d_CMS_ContentInfo(a: #[const_ptr_if(ossl300)] CMS_ContentInfo, pp: *mut *mut c_uchar) -> c_int; + } +} + +extern "C" { + #[cfg(ossl101)] + pub fn d2i_CMS_ContentInfo( + a: *mut *mut CMS_ContentInfo, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut CMS_ContentInfo; + + #[cfg(ossl101)] + pub fn SMIME_read_CMS(bio: *mut BIO, bcont: *mut *mut BIO) -> *mut CMS_ContentInfo; + + #[cfg(ossl101)] + pub fn CMS_sign( + signcert: *mut X509, + pkey: *mut EVP_PKEY, + certs: *mut stack_st_X509, + data: *mut BIO, + flags: c_uint, + ) -> *mut CMS_ContentInfo; + + #[cfg(ossl101)] + pub fn CMS_verify( + cms: *mut CMS_ContentInfo, + certs: *mut stack_st_X509, + store: *mut X509_STORE, + detached_data: *mut BIO, + out: *mut BIO, + flags: c_uint, + ) -> c_int; + + #[cfg(ossl101)] + pub fn CMS_encrypt( + certs: *mut stack_st_X509, + data: *mut BIO, + cipher: *const EVP_CIPHER, + flags: c_uint, + ) -> *mut CMS_ContentInfo; + + #[cfg(ossl101)] + pub fn CMS_decrypt( + cms: *mut CMS_ContentInfo, + pkey: *mut EVP_PKEY, + cert: *mut X509, + dcont: *mut BIO, + out: *mut BIO, + flags: c_uint, + ) -> c_int; +} diff --git a/openssl-sys/src/handwritten/conf.rs b/openssl-sys/src/handwritten/conf.rs new file mode 100644 index 000000000..2348d7d4c --- /dev/null +++ b/openssl-sys/src/handwritten/conf.rs @@ -0,0 +1,7 @@ +use super::super::*; + +extern "C" { + pub fn NCONF_new(meth: *mut CONF_METHOD) -> *mut CONF; + pub fn NCONF_default() -> *mut CONF_METHOD; + pub fn NCONF_free(conf: *mut CONF); +} diff --git a/openssl-sys/src/handwritten/crypto.rs b/openssl-sys/src/handwritten/crypto.rs new file mode 100644 index 000000000..62ccbce1e --- /dev/null +++ b/openssl-sys/src/handwritten/crypto.rs @@ -0,0 +1,85 @@ +use super::super::*; +use libc::*; + +stack!(stack_st_void); + +cfg_if! { + if #[cfg(any(ossl110, libressl271))] { + extern "C" { + pub fn OpenSSL_version_num() -> c_ulong; + pub fn OpenSSL_version(key: c_int) -> *const c_char; + } + } else { + extern "C" { + pub fn SSLeay() -> c_ulong; + pub fn SSLeay_version(key: c_int) -> *const c_char; + } + } +} + +extern "C" { + #[cfg(any(ossl110, libressl))] + pub fn CRYPTO_get_ex_new_index( + class_index: c_int, + argl: c_long, + argp: *mut c_void, + new_func: Option, + dup_func: Option, + free_func: Option, + ) -> c_int; + + #[cfg(not(ossl110))] + pub fn CRYPTO_num_locks() -> c_int; +} + +#[allow(clashing_extern_declarations)] +extern "C" { + #[cfg(not(ossl110))] + #[link_name = "CRYPTO_set_locking_callback"] + pub fn CRYPTO_set_locking_callback__fixed_rust( + func: Option, + ); + + #[cfg(not(ossl110))] + #[link_name = "CRYPTO_set_id_callback"] + pub fn CRYPTO_set_id_callback__fixed_rust(func: Option c_ulong>); +} + +extern "C" { + #[cfg(not(ossl110))] + pub fn CRYPTO_add_lock( + pointer: *mut c_int, + amount: c_int, + type_: c_int, + file: *const c_char, + line: c_int, + ) -> c_int; +} + +cfg_if! { + if #[cfg(ossl110)] { + extern "C" { + pub fn CRYPTO_malloc(num: size_t, file: *const c_char, line: c_int) -> *mut c_void; + pub fn CRYPTO_free(buf: *mut c_void, file: *const c_char, line: c_int); + } + } else { + extern "C" { + pub fn CRYPTO_malloc(num: c_int, file: *const c_char, line: c_int) -> *mut c_void; + pub fn CRYPTO_free(buf: *mut c_void); + } + } +} + +extern "C" { + #[cfg(all(ossl101, not(ossl300)))] + pub fn FIPS_mode() -> c_int; + #[cfg(all(ossl101, not(ossl300)))] + pub fn FIPS_mode_set(onoff: c_int) -> c_int; + + pub fn CRYPTO_memcmp(a: *const c_void, b: *const c_void, len: size_t) -> c_int; + + #[cfg(ossl300)] + pub fn OSSL_LIB_CTX_new() -> *mut OSSL_LIB_CTX; + #[cfg(ossl300)] + pub fn OSSL_LIB_CTX_free(libcts: *mut OSSL_LIB_CTX); +} diff --git a/openssl-sys/src/handwritten/dh.rs b/openssl-sys/src/handwritten/dh.rs new file mode 100644 index 000000000..a4de122ea --- /dev/null +++ b/openssl-sys/src/handwritten/dh.rs @@ -0,0 +1,50 @@ +use super::super::*; + +extern "C" { + pub fn DH_new() -> *mut DH; + pub fn DH_free(dh: *mut DH); + + pub fn DH_generate_parameters( + prime_len: c_int, + generator: c_int, + callback: Option, + cb_arg: *mut c_void, + ) -> *mut DH; + + pub fn DH_generate_parameters_ex( + dh: *mut DH, + prime_len: c_int, + generator: c_int, + cb: *mut BN_GENCB, + ) -> c_int; + + pub fn DH_generate_key(dh: *mut DH) -> c_int; + pub fn DH_compute_key(key: *mut c_uchar, pub_key: *const BIGNUM, dh: *mut DH) -> c_int; + pub fn DH_size(dh: *const DH) -> c_int; + + pub fn d2i_DHparams(k: *mut *mut DH, pp: *mut *const c_uchar, length: c_long) -> *mut DH; + pub fn i2d_DHparams(dh: *const DH, pp: *mut *mut c_uchar) -> c_int; + + #[cfg(ossl102)] + pub fn DH_get_1024_160() -> *mut DH; + #[cfg(ossl102)] + pub fn DH_get_2048_224() -> *mut DH; + #[cfg(ossl102)] + pub fn DH_get_2048_256() -> *mut DH; + + #[cfg(any(ossl110, libressl270))] + pub fn DH_set0_pqg(dh: *mut DH, p: *mut BIGNUM, q: *mut BIGNUM, g: *mut BIGNUM) -> c_int; + #[cfg(any(ossl110, libressl270))] + pub fn DH_get0_pqg( + dh: *const DH, + p: *mut *const BIGNUM, + q: *mut *const BIGNUM, + g: *mut *const BIGNUM, + ); + + #[cfg(any(ossl110, libressl270))] + pub fn DH_set0_key(dh: *mut DH, pub_key: *mut BIGNUM, priv_key: *mut BIGNUM) -> c_int; + + #[cfg(any(ossl110, libressl270))] + pub fn DH_get0_key(dh: *const DH, pub_key: *mut *const BIGNUM, priv_key: *mut *const BIGNUM); +} diff --git a/openssl-sys/src/handwritten/dsa.rs b/openssl-sys/src/handwritten/dsa.rs new file mode 100644 index 000000000..be25f23b6 --- /dev/null +++ b/openssl-sys/src/handwritten/dsa.rs @@ -0,0 +1,85 @@ +use libc::*; + +use super::super::*; + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum DSA_SIG {} + } else { + #[repr(C)] + pub struct DSA_SIG { + pub r: *mut BIGNUM, + pub s: *mut BIGNUM, + } + } +} + +extern "C" { + pub fn DSA_new() -> *mut DSA; + pub fn DSA_free(dsa: *mut DSA); + pub fn DSA_up_ref(dsa: *mut DSA) -> c_int; + pub fn DSA_size(dsa: *const DSA) -> c_int; + pub fn DSA_sign( + dummy: c_int, + dgst: *const c_uchar, + len: c_int, + sigret: *mut c_uchar, + siglen: *mut c_uint, + dsa: *mut DSA, + ) -> c_int; + pub fn DSA_verify( + dummy: c_int, + dgst: *const c_uchar, + len: c_int, + sigbuf: *const c_uchar, + siglen: c_int, + dsa: *mut DSA, + ) -> c_int; + + pub fn d2i_DSAPublicKey(a: *mut *mut DSA, pp: *mut *const c_uchar, length: c_long) -> *mut DSA; + pub fn d2i_DSAPrivateKey(a: *mut *mut DSA, pp: *mut *const c_uchar, length: c_long) + -> *mut DSA; + + pub fn DSA_generate_parameters_ex( + dsa: *mut DSA, + bits: c_int, + seed: *const c_uchar, + seed_len: c_int, + counter_ref: *mut c_int, + h_ret: *mut c_ulong, + cb: *mut BN_GENCB, + ) -> c_int; + + pub fn DSA_generate_key(dsa: *mut DSA) -> c_int; + pub fn i2d_DSAPublicKey(a: *const DSA, pp: *mut *mut c_uchar) -> c_int; + pub fn i2d_DSAPrivateKey(a: *const DSA, pp: *mut *mut c_uchar) -> c_int; + + #[cfg(any(ossl110, libressl273))] + pub fn DSA_get0_pqg( + d: *const DSA, + p: *mut *const BIGNUM, + q: *mut *const BIGNUM, + q: *mut *const BIGNUM, + ); + #[cfg(any(ossl110, libressl273))] + pub fn DSA_set0_pqg(d: *mut DSA, p: *mut BIGNUM, q: *mut BIGNUM, q: *mut BIGNUM) -> c_int; + #[cfg(any(ossl110, libressl273))] + pub fn DSA_get0_key(d: *const DSA, pub_key: *mut *const BIGNUM, priv_key: *mut *const BIGNUM); + #[cfg(any(ossl110, libressl273))] + pub fn DSA_set0_key(d: *mut DSA, pub_key: *mut BIGNUM, priv_key: *mut BIGNUM) -> c_int; + pub fn d2i_DSA_SIG( + sig: *mut *mut DSA_SIG, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut DSA_SIG; + pub fn i2d_DSA_SIG(a: *const DSA_SIG, pp: *mut *mut c_uchar) -> c_int; + + pub fn DSA_SIG_new() -> *mut DSA_SIG; + pub fn DSA_SIG_free(sig: *mut DSA_SIG); + + #[cfg(any(ossl110, libressl273))] + pub fn DSA_SIG_get0(sig: *const DSA_SIG, pr: *mut *const BIGNUM, ps: *mut *const BIGNUM); + + #[cfg(any(ossl110, libressl273))] + pub fn DSA_SIG_set0(sig: *mut DSA_SIG, pr: *mut BIGNUM, ps: *mut BIGNUM) -> c_int; +} diff --git a/openssl-sys/src/handwritten/ec.rs b/openssl-sys/src/handwritten/ec.rs new file mode 100644 index 000000000..6ee475f32 --- /dev/null +++ b/openssl-sys/src/handwritten/ec.rs @@ -0,0 +1,255 @@ +use super::super::*; +use libc::*; + +#[repr(C)] +#[derive(Copy, Clone)] +pub enum point_conversion_form_t { + POINT_CONVERSION_COMPRESSED = 2, + POINT_CONVERSION_UNCOMPRESSED = 4, + POINT_CONVERSION_HYBRID = 6, +} + +pub enum EC_METHOD {} +pub enum EC_GROUP {} +pub enum EC_POINT {} + +extern "C" { + #[cfg(not(osslconf = "OPENSSL_NO_EC2M"))] + pub fn EC_GF2m_simple_method() -> *const EC_METHOD; + + pub fn EC_GROUP_new(meth: *const EC_METHOD) -> *mut EC_GROUP; + + pub fn EC_GROUP_free(group: *mut EC_GROUP); + + pub fn EC_GROUP_get_order( + group: *const EC_GROUP, + order: *mut BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_GROUP_get_cofactor( + group: *const EC_GROUP, + cofactor: *mut BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_GROUP_get0_generator(group: *const EC_GROUP) -> *const EC_POINT; + + pub fn EC_GROUP_set_generator( + group: *mut EC_GROUP, + generator: *const EC_POINT, + order: *const BIGNUM, + cofactor: *const BIGNUM, + ) -> c_int; + + pub fn EC_GROUP_get_curve_name(group: *const EC_GROUP) -> c_int; + + pub fn EC_GROUP_set_asn1_flag(key: *mut EC_GROUP, flag: c_int); + + pub fn EC_GROUP_get_curve_GFp( + group: *const EC_GROUP, + p: *mut BIGNUM, + a: *mut BIGNUM, + b: *mut BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + #[cfg(not(osslconf = "OPENSSL_NO_EC2M"))] + pub fn EC_GROUP_get_curve_GF2m( + group: *const EC_GROUP, + p: *mut BIGNUM, + a: *mut BIGNUM, + b: *mut BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_GROUP_get_degree(group: *const EC_GROUP) -> c_int; + + #[cfg(ossl110)] + pub fn EC_GROUP_order_bits(group: *const EC_GROUP) -> c_int; + + pub fn EC_GROUP_new_curve_GFp( + p: *const BIGNUM, + a: *const BIGNUM, + b: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> *mut EC_GROUP; + + #[cfg(not(osslconf = "OPENSSL_NO_EC2M"))] + pub fn EC_GROUP_new_curve_GF2m( + p: *const BIGNUM, + a: *const BIGNUM, + b: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> *mut EC_GROUP; + + pub fn EC_GROUP_new_by_curve_name(nid: c_int) -> *mut EC_GROUP; + + pub fn EC_POINT_is_at_infinity(group: *const EC_GROUP, point: *const EC_POINT) -> c_int; + + pub fn EC_POINT_is_on_curve( + group: *const EC_GROUP, + point: *const EC_POINT, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_POINT_new(group: *const EC_GROUP) -> *mut EC_POINT; + + pub fn EC_POINT_free(point: *mut EC_POINT); + + pub fn EC_POINT_dup(p: *const EC_POINT, group: *const EC_GROUP) -> *mut EC_POINT; + + #[cfg(ossl111)] + pub fn EC_POINT_get_affine_coordinates( + group: *const EC_GROUP, + p: *const EC_POINT, + x: *mut BIGNUM, + y: *mut BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_POINT_get_affine_coordinates_GFp( + group: *const EC_GROUP, + p: *const EC_POINT, + x: *mut BIGNUM, + y: *mut BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_POINT_set_affine_coordinates_GFp( + group: *const EC_GROUP, + p: *mut EC_POINT, + x: *const BIGNUM, + y: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + #[cfg(not(osslconf = "OPENSSL_NO_EC2M"))] + pub fn EC_POINT_get_affine_coordinates_GF2m( + group: *const EC_GROUP, + p: *const EC_POINT, + x: *mut BIGNUM, + y: *mut BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_POINT_point2oct( + group: *const EC_GROUP, + p: *const EC_POINT, + form: point_conversion_form_t, + buf: *mut c_uchar, + len: size_t, + ctx: *mut BN_CTX, + ) -> size_t; + + pub fn EC_POINT_oct2point( + group: *const EC_GROUP, + p: *mut EC_POINT, + buf: *const c_uchar, + len: size_t, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_POINT_add( + group: *const EC_GROUP, + r: *mut EC_POINT, + a: *const EC_POINT, + b: *const EC_POINT, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_POINT_invert(group: *const EC_GROUP, r: *mut EC_POINT, ctx: *mut BN_CTX) -> c_int; + + pub fn EC_POINT_cmp( + group: *const EC_GROUP, + a: *const EC_POINT, + b: *const EC_POINT, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_POINT_mul( + group: *const EC_GROUP, + r: *mut EC_POINT, + n: *const BIGNUM, + q: *const EC_POINT, + m: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_KEY_new() -> *mut EC_KEY; + + pub fn EC_KEY_new_by_curve_name(nid: c_int) -> *mut EC_KEY; + + pub fn EC_KEY_free(key: *mut EC_KEY); + + pub fn EC_KEY_dup(key: *const EC_KEY) -> *mut EC_KEY; + + pub fn EC_KEY_up_ref(key: *mut EC_KEY) -> c_int; + + pub fn EC_KEY_get0_group(key: *const EC_KEY) -> *const EC_GROUP; + + pub fn EC_KEY_set_group(key: *mut EC_KEY, group: *const EC_GROUP) -> c_int; + + pub fn EC_KEY_get0_private_key(key: *const EC_KEY) -> *const BIGNUM; + + pub fn EC_KEY_set_private_key(key: *mut EC_KEY, key: *const BIGNUM) -> c_int; + + pub fn EC_KEY_get0_public_key(key: *const EC_KEY) -> *const EC_POINT; + + pub fn EC_KEY_set_public_key(key: *mut EC_KEY, key: *const EC_POINT) -> c_int; + + pub fn EC_KEY_generate_key(key: *mut EC_KEY) -> c_int; + + pub fn EC_KEY_check_key(key: *const EC_KEY) -> c_int; + + pub fn EC_KEY_set_public_key_affine_coordinates( + key: *mut EC_KEY, + x: *mut BIGNUM, + y: *mut BIGNUM, + ) -> c_int; +} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum ECDSA_SIG {} + } else { + #[repr(C)] + pub struct ECDSA_SIG { + pub r: *mut BIGNUM, + pub s: *mut BIGNUM, + } + } +} + +extern "C" { + pub fn ECDSA_SIG_new() -> *mut ECDSA_SIG; + + pub fn ECDSA_SIG_free(sig: *mut ECDSA_SIG); + + #[cfg(any(ossl110, libressl273))] + pub fn ECDSA_SIG_get0(sig: *const ECDSA_SIG, pr: *mut *const BIGNUM, ps: *mut *const BIGNUM); + + #[cfg(any(ossl110, libressl273))] + pub fn ECDSA_SIG_set0(sig: *mut ECDSA_SIG, pr: *mut BIGNUM, ps: *mut BIGNUM) -> c_int; + + pub fn ECDSA_do_sign( + dgst: *const c_uchar, + dgst_len: c_int, + eckey: *mut EC_KEY, + ) -> *mut ECDSA_SIG; + + pub fn ECDSA_do_verify( + dgst: *const c_uchar, + dgst_len: c_int, + sig: *const ECDSA_SIG, + eckey: *mut EC_KEY, + ) -> c_int; + + pub fn d2i_ECDSA_SIG( + sig: *mut *mut ECDSA_SIG, + inp: *mut *const c_uchar, + length: c_long, + ) -> *mut ECDSA_SIG; + + pub fn i2d_ECDSA_SIG(sig: *const ECDSA_SIG, out: *mut *mut c_uchar) -> c_int; +} diff --git a/openssl-sys/src/handwritten/err.rs b/openssl-sys/src/handwritten/err.rs new file mode 100644 index 000000000..5653c1d18 --- /dev/null +++ b/openssl-sys/src/handwritten/err.rs @@ -0,0 +1,55 @@ +use super::super::*; +use libc::*; + +#[repr(C)] +pub struct ERR_STRING_DATA { + pub error: c_ulong, + pub string: *const c_char, +} + +cfg_if! { + if #[cfg(ossl300)] { + extern "C" { + pub fn ERR_new(); + pub fn ERR_set_debug(file: *const c_char, line: c_int, func: *const c_char); + pub fn ERR_set_error(lib: c_int, reason: c_int, fmt: *const c_char, ...); + } + } else { + extern "C" { + pub fn ERR_put_error(lib: c_int, func: c_int, reason: c_int, file: *const c_char, line: c_int); + } + } +} + +extern "C" { + pub fn ERR_set_error_data(data: *mut c_char, flags: c_int); + + pub fn ERR_get_error() -> c_ulong; + #[cfg(ossl300)] + pub fn ERR_get_error_all( + file: *mut *const c_char, + line: *mut c_int, + func: *mut *const c_char, + data: *mut *const c_char, + flags: *mut c_int, + ) -> c_ulong; + pub fn ERR_get_error_line_data( + file: *mut *const c_char, + line: *mut c_int, + data: *mut *const c_char, + flags: *mut c_int, + ) -> c_ulong; + pub fn ERR_peek_last_error() -> c_ulong; + pub fn ERR_clear_error(); + pub fn ERR_lib_error_string(err: c_ulong) -> *const c_char; + pub fn ERR_func_error_string(err: c_ulong) -> *const c_char; + pub fn ERR_reason_error_string(err: c_ulong) -> *const c_char; + #[cfg(ossl110)] + pub fn ERR_load_strings(lib: c_int, str: *mut ERR_STRING_DATA) -> c_int; + #[cfg(not(ossl110))] + pub fn ERR_load_strings(lib: c_int, str: *mut ERR_STRING_DATA); + #[cfg(not(ossl110))] + pub fn ERR_load_crypto_strings(); + + pub fn ERR_get_next_error_library() -> c_int; +} diff --git a/openssl-sys/src/handwritten/evp.rs b/openssl-sys/src/handwritten/evp.rs new file mode 100644 index 000000000..772709650 --- /dev/null +++ b/openssl-sys/src/handwritten/evp.rs @@ -0,0 +1,600 @@ +use super::super::*; +use libc::*; + +cfg_if! { + if #[cfg(ossl300)] { + extern "C" { + pub fn EVP_MD_get_block_size(md: *const EVP_MD) -> c_int; + pub fn EVP_MD_get_size(md: *const EVP_MD) -> c_int; + pub fn EVP_MD_get_type(md: *const EVP_MD) -> c_int; + + pub fn EVP_MD_CTX_get0_md(ctx: *const EVP_MD_CTX) -> *const EVP_MD; + + pub fn EVP_CIPHER_get_key_length(cipher: *const EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_get_block_size(cipher: *const EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_get_iv_length(cipher: *const EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_get_nid(cipher: *const EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_fetch( + ctx: *mut OSSL_LIB_CTX, + algorithm: *const c_char, + properties: *const c_char, + ) -> *mut EVP_CIPHER; + pub fn EVP_CIPHER_free(cipher: *mut EVP_CIPHER); + + pub fn EVP_CIPHER_CTX_get0_cipher(ctx: *const EVP_CIPHER_CTX) -> *const EVP_CIPHER; + pub fn EVP_CIPHER_CTX_get_block_size(ctx: *const EVP_CIPHER_CTX) -> c_int; + pub fn EVP_CIPHER_CTX_get_key_length(ctx: *const EVP_CIPHER_CTX) -> c_int; + pub fn EVP_CIPHER_CTX_get_iv_length(ctx: *const EVP_CIPHER_CTX) -> c_int; + pub fn EVP_CIPHER_CTX_get_tag_length(ctx: *const EVP_CIPHER_CTX) -> c_int; + pub fn EVP_CIPHER_CTX_get_num(ctx: *const EVP_CIPHER_CTX) -> c_int; + } + } else { + extern "C" { + pub fn EVP_MD_block_size(md: *const EVP_MD) -> c_int; + pub fn EVP_MD_size(md: *const EVP_MD) -> c_int; + pub fn EVP_MD_type(md: *const EVP_MD) -> c_int; + + pub fn EVP_MD_CTX_md(ctx: *const EVP_MD_CTX) -> *const EVP_MD; + + pub fn EVP_CIPHER_key_length(cipher: *const EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_block_size(cipher: *const EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_iv_length(cipher: *const EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_nid(cipher: *const EVP_CIPHER) -> c_int; + + pub fn EVP_CIPHER_CTX_cipher(ctx: *const EVP_CIPHER_CTX) -> *const EVP_CIPHER; + pub fn EVP_CIPHER_CTX_block_size(ctx: *const EVP_CIPHER_CTX) -> c_int; + pub fn EVP_CIPHER_CTX_key_length(ctx: *const EVP_CIPHER_CTX) -> c_int; + pub fn EVP_CIPHER_CTX_iv_length(ctx: *const EVP_CIPHER_CTX) -> c_int; + #[cfg(ossl110)] + pub fn EVP_CIPHER_CTX_num(ctx: *const EVP_CIPHER_CTX) -> c_int; + } + } +} + +cfg_if! { + if #[cfg(ossl110)] { + extern "C" { + pub fn EVP_MD_CTX_new() -> *mut EVP_MD_CTX; + pub fn EVP_MD_CTX_free(ctx: *mut EVP_MD_CTX); + } + } else { + extern "C" { + pub fn EVP_MD_CTX_create() -> *mut EVP_MD_CTX; + pub fn EVP_MD_CTX_destroy(ctx: *mut EVP_MD_CTX); + } + } +} + +extern "C" { + pub fn EVP_DigestInit_ex(ctx: *mut EVP_MD_CTX, typ: *const EVP_MD, imple: *mut ENGINE) + -> c_int; + pub fn EVP_DigestUpdate(ctx: *mut EVP_MD_CTX, data: *const c_void, n: size_t) -> c_int; + pub fn EVP_DigestFinal_ex(ctx: *mut EVP_MD_CTX, res: *mut u8, n: *mut u32) -> c_int; + #[cfg(ossl300)] + pub fn EVP_Q_digest( + libctx: *mut OSSL_LIB_CTX, + name: *const c_char, + propq: *const c_char, + data: *const c_void, + count: size_t, + md: *mut c_uchar, + size: *mut size_t, + ) -> c_int; + pub fn EVP_DigestInit(ctx: *mut EVP_MD_CTX, typ: *const EVP_MD) -> c_int; + pub fn EVP_DigestFinal(ctx: *mut EVP_MD_CTX, res: *mut u8, n: *mut u32) -> c_int; + #[cfg(ossl111)] + pub fn EVP_DigestFinalXOF(ctx: *mut EVP_MD_CTX, res: *mut u8, len: usize) -> c_int; + + #[cfg(ossl300)] + pub fn EVP_MD_fetch( + ctx: *mut OSSL_LIB_CTX, + algorithm: *const c_char, + properties: *const c_char, + ) -> *mut EVP_MD; + + #[cfg(ossl300)] + pub fn EVP_MD_free(md: *mut EVP_MD); + + pub fn EVP_BytesToKey( + typ: *const EVP_CIPHER, + md: *const EVP_MD, + salt: *const u8, + data: *const u8, + datalen: c_int, + count: c_int, + key: *mut u8, + iv: *mut u8, + ) -> c_int; + + pub fn EVP_CipherInit( + ctx: *mut EVP_CIPHER_CTX, + evp: *const EVP_CIPHER, + key: *const u8, + iv: *const u8, + mode: c_int, + ) -> c_int; + pub fn EVP_CipherInit_ex( + ctx: *mut EVP_CIPHER_CTX, + type_: *const EVP_CIPHER, + impl_: *mut ENGINE, + key: *const c_uchar, + iv: *const c_uchar, + enc: c_int, + ) -> c_int; + pub fn EVP_CipherUpdate( + ctx: *mut EVP_CIPHER_CTX, + outbuf: *mut u8, + outlen: *mut c_int, + inbuf: *const u8, + inlen: c_int, + ) -> c_int; + pub fn EVP_CipherFinal(ctx: *mut EVP_CIPHER_CTX, res: *mut u8, len: *mut c_int) -> c_int; + + pub fn EVP_DigestSignInit( + ctx: *mut EVP_MD_CTX, + pctx: *mut *mut EVP_PKEY_CTX, + type_: *const EVP_MD, + e: *mut ENGINE, + pkey: *mut EVP_PKEY, + ) -> c_int; + + #[cfg(ossl300)] + pub fn EVP_DigestSignUpdate(ctx: *mut EVP_MD_CTX, data: *const c_void, dsize: size_t) -> c_int; + pub fn EVP_DigestSignFinal( + ctx: *mut EVP_MD_CTX, + sig: *mut c_uchar, + siglen: *mut size_t, + ) -> c_int; + pub fn EVP_DigestVerifyInit( + ctx: *mut EVP_MD_CTX, + pctx: *mut *mut EVP_PKEY_CTX, + type_: *const EVP_MD, + e: *mut ENGINE, + pkey: *mut EVP_PKEY, + ) -> c_int; + #[cfg(ossl300)] + pub fn EVP_DigestVerifyUpdate( + ctx: *mut EVP_MD_CTX, + data: *const c_void, + dsize: size_t, + ) -> c_int; + pub fn EVP_SealInit( + ctx: *mut EVP_CIPHER_CTX, + type_: *const EVP_CIPHER, + ek: *mut *mut c_uchar, + ekl: *mut c_int, + iv: *mut c_uchar, + pubk: *mut *mut EVP_PKEY, + npubk: c_int, + ) -> c_int; + pub fn EVP_SealFinal(ctx: *mut EVP_CIPHER_CTX, out: *mut c_uchar, outl: *mut c_int) -> c_int; + pub fn EVP_EncryptInit_ex( + ctx: *mut EVP_CIPHER_CTX, + cipher: *const EVP_CIPHER, + impl_: *mut ENGINE, + key: *const c_uchar, + iv: *const c_uchar, + ) -> c_int; + pub fn EVP_EncryptUpdate( + ctx: *mut EVP_CIPHER_CTX, + out: *mut c_uchar, + outl: *mut c_int, + in_: *const u8, + inl: c_int, + ) -> c_int; + pub fn EVP_EncryptFinal_ex( + ctx: *mut EVP_CIPHER_CTX, + out: *mut c_uchar, + outl: *mut c_int, + ) -> c_int; + pub fn EVP_OpenInit( + ctx: *mut EVP_CIPHER_CTX, + type_: *const EVP_CIPHER, + ek: *const c_uchar, + ekl: c_int, + iv: *const c_uchar, + priv_: *mut EVP_PKEY, + ) -> c_int; + pub fn EVP_OpenFinal(ctx: *mut EVP_CIPHER_CTX, out: *mut c_uchar, outl: *mut c_int) -> c_int; + pub fn EVP_DecryptInit_ex( + ctx: *mut EVP_CIPHER_CTX, + cipher: *const EVP_CIPHER, + impl_: *mut ENGINE, + key: *const c_uchar, + iv: *const c_uchar, + ) -> c_int; + pub fn EVP_DecryptUpdate( + ctx: *mut EVP_CIPHER_CTX, + out: *mut c_uchar, + outl: *mut c_int, + in_: *const u8, + inl: c_int, + ) -> c_int; + pub fn EVP_DecryptFinal_ex( + ctx: *mut EVP_CIPHER_CTX, + outm: *mut c_uchar, + outl: *mut c_int, + ) -> c_int; +} +cfg_if! { + if #[cfg(ossl300)] { + extern "C" { + pub fn EVP_PKEY_get_size(pkey: *const EVP_PKEY) -> c_int; + } + } else { + const_ptr_api! { + extern "C" { + pub fn EVP_PKEY_size(pkey: #[const_ptr_if(any(ossl111b, libressl280))] EVP_PKEY) -> c_int; + } + } + } +} +cfg_if! { + if #[cfg(ossl111)] { + extern "C" { + pub fn EVP_DigestSign( + ctx: *mut EVP_MD_CTX, + sigret: *mut c_uchar, + siglen: *mut size_t, + tbs: *const c_uchar, + tbslen: size_t + ) -> c_int; + + pub fn EVP_DigestVerify( + ctx: *mut EVP_MD_CTX, + sigret: *const c_uchar, + siglen: size_t, + tbs: *const c_uchar, + tbslen: size_t + ) -> c_int; + } + } +} +const_ptr_api! { + extern "C" { + pub fn EVP_DigestVerifyFinal( + ctx: *mut EVP_MD_CTX, + sigret: #[const_ptr_if(any(ossl102, libressl280))] c_uchar, + siglen: size_t, + ) -> c_int; + } +} + +extern "C" { + pub fn EVP_CIPHER_CTX_new() -> *mut EVP_CIPHER_CTX; + pub fn EVP_CIPHER_CTX_free(ctx: *mut EVP_CIPHER_CTX); + pub fn EVP_MD_CTX_copy_ex(dst: *mut EVP_MD_CTX, src: *const EVP_MD_CTX) -> c_int; + #[cfg(ossl111)] + pub fn EVP_MD_CTX_reset(ctx: *mut EVP_MD_CTX) -> c_int; + pub fn EVP_CIPHER_CTX_set_key_length(ctx: *mut EVP_CIPHER_CTX, keylen: c_int) -> c_int; + pub fn EVP_CIPHER_CTX_set_padding(ctx: *mut EVP_CIPHER_CTX, padding: c_int) -> c_int; + pub fn EVP_CIPHER_CTX_ctrl( + ctx: *mut EVP_CIPHER_CTX, + type_: c_int, + arg: c_int, + ptr: *mut c_void, + ) -> c_int; + pub fn EVP_CIPHER_CTX_rand_key(ctx: *mut EVP_CIPHER_CTX, key: *mut c_uchar) -> c_int; + + pub fn EVP_md_null() -> *const EVP_MD; + pub fn EVP_md5() -> *const EVP_MD; + pub fn EVP_sha1() -> *const EVP_MD; + pub fn EVP_sha224() -> *const EVP_MD; + pub fn EVP_sha256() -> *const EVP_MD; + pub fn EVP_sha384() -> *const EVP_MD; + pub fn EVP_sha512() -> *const EVP_MD; + #[cfg(ossl111)] + pub fn EVP_sha3_224() -> *const EVP_MD; + #[cfg(ossl111)] + pub fn EVP_sha3_256() -> *const EVP_MD; + #[cfg(ossl111)] + pub fn EVP_sha3_384() -> *const EVP_MD; + #[cfg(ossl111)] + pub fn EVP_sha3_512() -> *const EVP_MD; + #[cfg(ossl111)] + pub fn EVP_shake128() -> *const EVP_MD; + #[cfg(ossl111)] + pub fn EVP_shake256() -> *const EVP_MD; + pub fn EVP_ripemd160() -> *const EVP_MD; + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM3")))] + pub fn EVP_sm3() -> *const EVP_MD; + pub fn EVP_des_ecb() -> *const EVP_CIPHER; + pub fn EVP_des_ede3() -> *const EVP_CIPHER; + pub fn EVP_des_ede3_cbc() -> *const EVP_CIPHER; + pub fn EVP_des_ede3_cfb64() -> *const EVP_CIPHER; + pub fn EVP_des_cbc() -> *const EVP_CIPHER; + pub fn EVP_rc4() -> *const EVP_CIPHER; + pub fn EVP_bf_ecb() -> *const EVP_CIPHER; + pub fn EVP_bf_cbc() -> *const EVP_CIPHER; + pub fn EVP_bf_cfb64() -> *const EVP_CIPHER; + pub fn EVP_bf_ofb() -> *const EVP_CIPHER; + pub fn EVP_aes_128_ecb() -> *const EVP_CIPHER; + pub fn EVP_aes_128_cbc() -> *const EVP_CIPHER; + pub fn EVP_aes_128_cfb1() -> *const EVP_CIPHER; + pub fn EVP_aes_128_cfb8() -> *const EVP_CIPHER; + pub fn EVP_aes_128_cfb128() -> *const EVP_CIPHER; + pub fn EVP_aes_128_ctr() -> *const EVP_CIPHER; + pub fn EVP_aes_128_ccm() -> *const EVP_CIPHER; + pub fn EVP_aes_128_gcm() -> *const EVP_CIPHER; + pub fn EVP_aes_128_xts() -> *const EVP_CIPHER; + pub fn EVP_aes_128_ofb() -> *const EVP_CIPHER; + #[cfg(ossl110)] + pub fn EVP_aes_128_ocb() -> *const EVP_CIPHER; + pub fn EVP_aes_192_ecb() -> *const EVP_CIPHER; + pub fn EVP_aes_192_cbc() -> *const EVP_CIPHER; + pub fn EVP_aes_192_cfb1() -> *const EVP_CIPHER; + pub fn EVP_aes_192_cfb8() -> *const EVP_CIPHER; + pub fn EVP_aes_192_cfb128() -> *const EVP_CIPHER; + pub fn EVP_aes_192_ctr() -> *const EVP_CIPHER; + pub fn EVP_aes_192_ccm() -> *const EVP_CIPHER; + pub fn EVP_aes_192_gcm() -> *const EVP_CIPHER; + pub fn EVP_aes_192_ofb() -> *const EVP_CIPHER; + #[cfg(ossl110)] + pub fn EVP_aes_192_ocb() -> *const EVP_CIPHER; + pub fn EVP_aes_256_ecb() -> *const EVP_CIPHER; + pub fn EVP_aes_256_cbc() -> *const EVP_CIPHER; + pub fn EVP_aes_256_cfb1() -> *const EVP_CIPHER; + pub fn EVP_aes_256_cfb8() -> *const EVP_CIPHER; + pub fn EVP_aes_256_cfb128() -> *const EVP_CIPHER; + pub fn EVP_aes_256_ctr() -> *const EVP_CIPHER; + pub fn EVP_aes_256_ccm() -> *const EVP_CIPHER; + pub fn EVP_aes_256_gcm() -> *const EVP_CIPHER; + pub fn EVP_aes_256_xts() -> *const EVP_CIPHER; + pub fn EVP_aes_256_ofb() -> *const EVP_CIPHER; + #[cfg(ossl110)] + pub fn EVP_aes_256_ocb() -> *const EVP_CIPHER; + #[cfg(all(ossl110, not(osslconf = "OPENSSL_NO_CHACHA")))] + pub fn EVP_chacha20() -> *const EVP_CIPHER; + #[cfg(all(ossl110, not(osslconf = "OPENSSL_NO_CHACHA")))] + pub fn EVP_chacha20_poly1305() -> *const EVP_CIPHER; + #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] + pub fn EVP_seed_cbc() -> *const EVP_CIPHER; + #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] + pub fn EVP_seed_cfb128() -> *const EVP_CIPHER; + #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] + pub fn EVP_seed_ecb() -> *const EVP_CIPHER; + #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] + pub fn EVP_seed_ofb() -> *const EVP_CIPHER; + + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM4")))] + pub fn EVP_sm4_ecb() -> *const EVP_CIPHER; + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM4")))] + pub fn EVP_sm4_cbc() -> *const EVP_CIPHER; + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM4")))] + pub fn EVP_sm4_cfb128() -> *const EVP_CIPHER; + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM4")))] + pub fn EVP_sm4_ofb() -> *const EVP_CIPHER; + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM4")))] + pub fn EVP_sm4_ctr() -> *const EVP_CIPHER; + + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn EVP_camellia_128_cfb128() -> *const EVP_CIPHER; + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn EVP_camellia_128_ecb() -> *const EVP_CIPHER; + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn EVP_camellia_192_cfb128() -> *const EVP_CIPHER; + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn EVP_camellia_192_ecb() -> *const EVP_CIPHER; + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn EVP_camellia_256_cfb128() -> *const EVP_CIPHER; + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn EVP_camellia_256_ecb() -> *const EVP_CIPHER; + + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAST")))] + pub fn EVP_cast5_cfb64() -> *const EVP_CIPHER; + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAST")))] + pub fn EVP_cast5_ecb() -> *const EVP_CIPHER; + + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_IDEA")))] + pub fn EVP_idea_cfb64() -> *const EVP_CIPHER; + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_IDEA")))] + pub fn EVP_idea_ecb() -> *const EVP_CIPHER; + + #[cfg(not(ossl110))] + pub fn OPENSSL_add_all_algorithms_noconf(); + + pub fn EVP_get_digestbyname(name: *const c_char) -> *const EVP_MD; + pub fn EVP_get_cipherbyname(name: *const c_char) -> *const EVP_CIPHER; +} + +cfg_if! { + if #[cfg(ossl300)] { + extern "C" { + pub fn EVP_PKEY_get_id(pkey: *const EVP_PKEY) -> c_int; + pub fn EVP_PKEY_get_bits(key: *const EVP_PKEY) -> c_int; + pub fn EVP_PKEY_get_security_bits(key: *const EVP_PKEY) -> c_int; + } + + #[inline] + pub unsafe fn EVP_PKEY_id(pkey: *const EVP_PKEY) -> c_int { + EVP_PKEY_get_id(pkey) + } + + #[inline] + pub unsafe fn EVP_PKEY_bits(pkey: *const EVP_PKEY) -> c_int { + EVP_PKEY_get_bits(pkey) + } + + #[inline] + pub unsafe fn EVP_PKEY_security_bits(pkey: *const EVP_PKEY) -> c_int { + EVP_PKEY_get_security_bits(pkey) + } + + } else { + extern "C" { + pub fn EVP_PKEY_id(pkey: *const EVP_PKEY) -> c_int; + } + const_ptr_api! { + extern "C" { + pub fn EVP_PKEY_bits(key: #[const_ptr_if(any(ossl110, libressl280))] EVP_PKEY) -> c_int; + #[cfg(any(ossl110, libressl360))] + pub fn EVP_PKEY_security_bits(pkey: #[const_ptr_if(any(ossl110, libressl280))] EVP_PKEY) -> c_int; + } + } + } +} +extern "C" { + pub fn EVP_PKEY_assign(pkey: *mut EVP_PKEY, typ: c_int, key: *mut c_void) -> c_int; + + pub fn EVP_PKEY_set1_RSA(k: *mut EVP_PKEY, r: *mut RSA) -> c_int; + pub fn EVP_PKEY_get1_RSA(k: *mut EVP_PKEY) -> *mut RSA; + pub fn EVP_PKEY_get1_DSA(k: *mut EVP_PKEY) -> *mut DSA; + pub fn EVP_PKEY_get1_DH(k: *mut EVP_PKEY) -> *mut DH; + pub fn EVP_PKEY_get1_EC_KEY(k: *mut EVP_PKEY) -> *mut EC_KEY; + + pub fn EVP_PKEY_new() -> *mut EVP_PKEY; + pub fn EVP_PKEY_free(k: *mut EVP_PKEY); + #[cfg(any(ossl110, libressl270))] + pub fn EVP_PKEY_up_ref(pkey: *mut EVP_PKEY) -> c_int; + + pub fn d2i_AutoPrivateKey( + a: *mut *mut EVP_PKEY, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut EVP_PKEY; + + pub fn EVP_PKEY_cmp(a: *const EVP_PKEY, b: *const EVP_PKEY) -> c_int; + + pub fn EVP_PKEY_copy_parameters(to: *mut EVP_PKEY, from: *const EVP_PKEY) -> c_int; + + pub fn PKCS5_PBKDF2_HMAC_SHA1( + pass: *const c_char, + passlen: c_int, + salt: *const u8, + saltlen: c_int, + iter: c_int, + keylen: c_int, + out: *mut u8, + ) -> c_int; + pub fn PKCS5_PBKDF2_HMAC( + pass: *const c_char, + passlen: c_int, + salt: *const c_uchar, + saltlen: c_int, + iter: c_int, + digest: *const EVP_MD, + keylen: c_int, + out: *mut u8, + ) -> c_int; + + #[cfg(ossl110)] + pub fn EVP_PBE_scrypt( + pass: *const c_char, + passlen: size_t, + salt: *const c_uchar, + saltlen: size_t, + N: u64, + r: u64, + p: u64, + maxmem: u64, + key: *mut c_uchar, + keylen: size_t, + ) -> c_int; + + pub fn EVP_PKEY_CTX_new(k: *mut EVP_PKEY, e: *mut ENGINE) -> *mut EVP_PKEY_CTX; + pub fn EVP_PKEY_CTX_new_id(id: c_int, e: *mut ENGINE) -> *mut EVP_PKEY_CTX; + pub fn EVP_PKEY_CTX_free(ctx: *mut EVP_PKEY_CTX); + + pub fn EVP_PKEY_CTX_ctrl( + ctx: *mut EVP_PKEY_CTX, + keytype: c_int, + optype: c_int, + cmd: c_int, + p1: c_int, + p2: *mut c_void, + ) -> c_int; + + pub fn EVP_PKEY_new_mac_key( + type_: c_int, + e: *mut ENGINE, + key: *const c_uchar, + keylen: c_int, + ) -> *mut EVP_PKEY; + + pub fn EVP_PKEY_derive_init(ctx: *mut EVP_PKEY_CTX) -> c_int; + pub fn EVP_PKEY_derive_set_peer(ctx: *mut EVP_PKEY_CTX, peer: *mut EVP_PKEY) -> c_int; + pub fn EVP_PKEY_derive(ctx: *mut EVP_PKEY_CTX, key: *mut c_uchar, size: *mut size_t) -> c_int; + + #[cfg(ossl300)] + pub fn EVP_PKEY_Q_keygen( + libctx: *mut OSSL_LIB_CTX, + propq: *const c_char, + type_: *const c_char, + ... + ) -> *mut EVP_PKEY; + pub fn EVP_PKEY_keygen_init(ctx: *mut EVP_PKEY_CTX) -> c_int; + pub fn EVP_PKEY_keygen(ctx: *mut EVP_PKEY_CTX, key: *mut *mut EVP_PKEY) -> c_int; + + pub fn EVP_PKEY_sign_init(ctx: *mut EVP_PKEY_CTX) -> c_int; + pub fn EVP_PKEY_sign( + ctx: *mut EVP_PKEY_CTX, + sig: *mut c_uchar, + siglen: *mut size_t, + tbs: *const c_uchar, + tbslen: size_t, + ) -> c_int; + pub fn EVP_PKEY_verify_init(ctx: *mut EVP_PKEY_CTX) -> c_int; + pub fn EVP_PKEY_verify( + ctx: *mut EVP_PKEY_CTX, + sig: *const c_uchar, + siglen: size_t, + tbs: *const c_uchar, + tbslen: size_t, + ) -> c_int; + pub fn EVP_PKEY_encrypt_init(ctx: *mut EVP_PKEY_CTX) -> c_int; + pub fn EVP_PKEY_encrypt( + ctx: *mut EVP_PKEY_CTX, + pout: *mut c_uchar, + poutlen: *mut size_t, + pin: *const c_uchar, + pinlen: size_t, + ) -> c_int; + pub fn EVP_PKEY_decrypt_init(ctx: *mut EVP_PKEY_CTX) -> c_int; + pub fn EVP_PKEY_decrypt( + ctx: *mut EVP_PKEY_CTX, + pout: *mut c_uchar, + poutlen: *mut size_t, + pin: *const c_uchar, + pinlen: size_t, + ) -> c_int; +} + +const_ptr_api! { + extern "C" { + pub fn EVP_PKCS82PKEY(p8: #[const_ptr_if(any(ossl110, libressl280))] PKCS8_PRIV_KEY_INFO) -> *mut EVP_PKEY; + } +} + +cfg_if! { + if #[cfg(any(ossl111))] { + extern "C" { + pub fn EVP_PKEY_get_raw_public_key( + pkey: *const EVP_PKEY, + ppub: *mut c_uchar, + len: *mut size_t, + ) -> c_int; + pub fn EVP_PKEY_new_raw_public_key( + ttype: c_int, + e: *mut ENGINE, + key: *const c_uchar, + keylen: size_t, + ) -> *mut EVP_PKEY; + pub fn EVP_PKEY_get_raw_private_key( + pkey: *const EVP_PKEY, + ppriv: *mut c_uchar, + len: *mut size_t, + ) -> c_int; + pub fn EVP_PKEY_new_raw_private_key( + ttype: c_int, + e: *mut ENGINE, + key: *const c_uchar, + keylen: size_t, + ) -> *mut EVP_PKEY; + } + } +} + +extern "C" { + pub fn EVP_EncodeBlock(dst: *mut c_uchar, src: *const c_uchar, src_len: c_int) -> c_int; + pub fn EVP_DecodeBlock(dst: *mut c_uchar, src: *const c_uchar, src_len: c_int) -> c_int; +} diff --git a/openssl-sys/src/handwritten/hmac.rs b/openssl-sys/src/handwritten/hmac.rs new file mode 100644 index 000000000..b52d63fb1 --- /dev/null +++ b/openssl-sys/src/handwritten/hmac.rs @@ -0,0 +1,30 @@ +use libc::*; + +use super::super::*; + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + extern "C" { + pub fn HMAC_CTX_new() -> *mut HMAC_CTX; + pub fn HMAC_CTX_free(ctx: *mut HMAC_CTX); + } + } else { + extern "C" { + pub fn HMAC_CTX_init(ctx: *mut HMAC_CTX); + pub fn HMAC_CTX_cleanup(ctx: *mut HMAC_CTX); + } + } +} + +extern "C" { + pub fn HMAC_Init_ex( + ctx: *mut HMAC_CTX, + key: *const c_void, + len: c_int, + md: *const EVP_MD, + impl_: *mut ENGINE, + ) -> c_int; + pub fn HMAC_Update(ctx: *mut HMAC_CTX, data: *const c_uchar, len: size_t) -> c_int; + pub fn HMAC_Final(ctx: *mut HMAC_CTX, md: *mut c_uchar, len: *mut c_uint) -> c_int; + pub fn HMAC_CTX_copy(dst: *mut HMAC_CTX, src: *mut HMAC_CTX) -> c_int; +} diff --git a/openssl-sys/src/handwritten/kdf.rs b/openssl-sys/src/handwritten/kdf.rs new file mode 100644 index 000000000..0f14b63a9 --- /dev/null +++ b/openssl-sys/src/handwritten/kdf.rs @@ -0,0 +1,26 @@ +use super::super::*; +use libc::*; + +cfg_if! { + if #[cfg(ossl300)] { + extern "C" { + pub fn EVP_PKEY_CTX_set_hkdf_mode(ctx: *mut EVP_PKEY_CTX, mode: c_int) -> c_int; + pub fn EVP_PKEY_CTX_set_hkdf_md(ctx: *mut EVP_PKEY_CTX, md: *const EVP_MD) -> c_int; + pub fn EVP_PKEY_CTX_set1_hkdf_salt( + ctx: *mut EVP_PKEY_CTX, + salt: *const u8, + saltlen: c_int, + ) -> c_int; + pub fn EVP_PKEY_CTX_set1_hkdf_key( + ctx: *mut EVP_PKEY_CTX, + key: *const u8, + keylen: c_int, + ) -> c_int; + pub fn EVP_PKEY_CTX_add1_hkdf_info( + ctx: *mut EVP_PKEY_CTX, + info: *const u8, + infolen: c_int, + ) -> c_int; + } + } +} diff --git a/openssl-sys/src/handwritten/mod.rs b/openssl-sys/src/handwritten/mod.rs new file mode 100644 index 000000000..28aa4aecd --- /dev/null +++ b/openssl-sys/src/handwritten/mod.rs @@ -0,0 +1,65 @@ +pub use self::aes::*; +pub use self::asn1::*; +pub use self::bio::*; +pub use self::bn::*; +pub use self::cms::*; +pub use self::conf::*; +pub use self::crypto::*; +pub use self::dh::*; +pub use self::dsa::*; +pub use self::ec::*; +pub use self::err::*; +pub use self::evp::*; +pub use self::hmac::*; +pub use self::kdf::*; +pub use self::object::*; +pub use self::ocsp::*; +pub use self::pem::*; +pub use self::pkcs12::*; +pub use self::pkcs7::*; +pub use self::provider::*; +pub use self::rand::*; +pub use self::rsa::*; +pub use self::safestack::*; +pub use self::sha::*; +pub use self::srtp::*; +pub use self::ssl::*; +pub use self::stack::*; +pub use self::tls1::*; +pub use self::types::*; +pub use self::x509::*; +pub use self::x509_vfy::*; +pub use self::x509v3::*; + +mod aes; +mod asn1; +mod bio; +mod bn; +mod cms; +mod conf; +mod crypto; +mod dh; +mod dsa; +mod ec; +mod err; +mod evp; +mod hmac; +mod kdf; +mod object; +mod ocsp; +mod pem; +mod pkcs12; +mod pkcs7; +mod provider; +mod rand; +mod rsa; +mod safestack; +mod sha; +mod srtp; +mod ssl; +mod stack; +mod tls1; +mod types; +mod x509; +mod x509_vfy; +mod x509v3; diff --git a/openssl-sys/src/handwritten/object.rs b/openssl-sys/src/handwritten/object.rs new file mode 100644 index 000000000..06e655343 --- /dev/null +++ b/openssl-sys/src/handwritten/object.rs @@ -0,0 +1,30 @@ +use libc::*; + +use super::super::*; + +extern "C" { + pub fn OBJ_nid2ln(nid: c_int) -> *const c_char; + pub fn OBJ_nid2sn(nid: c_int) -> *const c_char; + pub fn OBJ_nid2obj(n: c_int) -> *mut ASN1_OBJECT; + pub fn OBJ_obj2nid(o: *const ASN1_OBJECT) -> c_int; + pub fn OBJ_obj2txt( + buf: *mut c_char, + buf_len: c_int, + a: *const ASN1_OBJECT, + no_name: c_int, + ) -> c_int; + + pub fn OBJ_find_sigid_algs(signid: c_int, pdig_nid: *mut c_int, ppkey_nid: *mut c_int) + -> c_int; + pub fn OBJ_sn2nid(sn: *const libc::c_char) -> libc::c_int; + pub fn OBJ_txt2obj(s: *const libc::c_char, no_name: libc::c_int) -> *mut ASN1_OBJECT; + pub fn OBJ_create( + oid: *const libc::c_char, + sn: *const libc::c_char, + ln: *const libc::c_char, + ) -> c_int; + #[cfg(ossl111)] + pub fn OBJ_length(obj: *const ASN1_OBJECT) -> libc::size_t; + #[cfg(ossl111)] + pub fn OBJ_get0_data(obj: *const ASN1_OBJECT) -> *const c_uchar; +} diff --git a/openssl-sys/src/handwritten/ocsp.rs b/openssl-sys/src/handwritten/ocsp.rs new file mode 100644 index 000000000..c194a831b --- /dev/null +++ b/openssl-sys/src/handwritten/ocsp.rs @@ -0,0 +1,89 @@ +use super::super::*; +use libc::*; + +pub enum OCSP_CERTID {} + +pub enum OCSP_ONEREQ {} + +pub enum OCSP_REQUEST {} + +pub enum OCSP_BASICRESP {} + +const_ptr_api! { + extern "C" { + pub fn OCSP_cert_to_id( + dgst: *const EVP_MD, + subject: #[const_ptr_if(any(ossl110, libressl281))] X509, + issuer: #[const_ptr_if(any(ossl110, libressl281))] X509, + ) -> *mut OCSP_CERTID; + } +} + +extern "C" { + pub fn OCSP_request_add0_id(r: *mut OCSP_REQUEST, id: *mut OCSP_CERTID) -> *mut OCSP_ONEREQ; + + pub fn OCSP_resp_find_status( + bs: *mut OCSP_BASICRESP, + id: *mut OCSP_CERTID, + status: *mut c_int, + reason: *mut c_int, + revtime: *mut *mut ASN1_GENERALIZEDTIME, + thisupd: *mut *mut ASN1_GENERALIZEDTIME, + nextupd: *mut *mut ASN1_GENERALIZEDTIME, + ) -> c_int; + pub fn OCSP_check_validity( + thisupd: *mut ASN1_GENERALIZEDTIME, + nextupd: *mut ASN1_GENERALIZEDTIME, + sec: c_long, + maxsec: c_long, + ) -> c_int; + + pub fn OCSP_response_status(resp: *mut OCSP_RESPONSE) -> c_int; + pub fn OCSP_response_get1_basic(resp: *mut OCSP_RESPONSE) -> *mut OCSP_BASICRESP; + + pub fn OCSP_response_create(status: c_int, bs: *mut OCSP_BASICRESP) -> *mut OCSP_RESPONSE; + + pub fn OCSP_BASICRESP_new() -> *mut OCSP_BASICRESP; + pub fn OCSP_BASICRESP_free(r: *mut OCSP_BASICRESP); + pub fn OCSP_RESPONSE_new() -> *mut OCSP_RESPONSE; + pub fn OCSP_RESPONSE_free(r: *mut OCSP_RESPONSE); +} + +const_ptr_api! { + extern "C" { + pub fn i2d_OCSP_RESPONSE(a: #[const_ptr_if(ossl300)] OCSP_RESPONSE, pp: *mut *mut c_uchar) -> c_int; + } +} + +extern "C" { + pub fn d2i_OCSP_RESPONSE( + a: *mut *mut OCSP_RESPONSE, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut OCSP_RESPONSE; + pub fn OCSP_ONEREQ_free(r: *mut OCSP_ONEREQ); + pub fn OCSP_CERTID_free(id: *mut OCSP_CERTID); + pub fn OCSP_REQUEST_new() -> *mut OCSP_REQUEST; + pub fn OCSP_REQUEST_free(r: *mut OCSP_REQUEST); +} + +const_ptr_api! { + extern "C" { + pub fn i2d_OCSP_REQUEST(a: #[const_ptr_if(ossl300)] OCSP_REQUEST, pp: *mut *mut c_uchar) -> c_int; + } +} + +extern "C" { + pub fn d2i_OCSP_REQUEST( + a: *mut *mut OCSP_REQUEST, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut OCSP_REQUEST; + + pub fn OCSP_basic_verify( + bs: *mut OCSP_BASICRESP, + certs: *mut stack_st_X509, + st: *mut X509_STORE, + flags: c_ulong, + ) -> c_int; +} diff --git a/openssl-sys/src/handwritten/pem.rs b/openssl-sys/src/handwritten/pem.rs new file mode 100644 index 000000000..42997177e --- /dev/null +++ b/openssl-sys/src/handwritten/pem.rs @@ -0,0 +1,191 @@ +use super::super::*; +use libc::*; + +pub type pem_password_cb = Option< + unsafe extern "C" fn( + buf: *mut c_char, + size: c_int, + rwflag: c_int, + user_data: *mut c_void, + ) -> c_int, +>; + +const_ptr_api! { + extern "C" { + pub fn PEM_write_bio_X509(bio: *mut BIO, x509: #[const_ptr_if(ossl300)] X509) -> c_int; + pub fn PEM_write_bio_X509_REQ(bio: *mut BIO, x509: #[const_ptr_if(ossl300)] X509_REQ) -> c_int; + pub fn PEM_write_bio_X509_CRL(bio: *mut BIO, x509: #[const_ptr_if(ossl300)] X509_CRL) -> c_int; + pub fn PEM_write_bio_RSAPrivateKey( + bp: *mut BIO, + rsa: #[const_ptr_if(ossl300)] RSA, + cipher: *const EVP_CIPHER, + kstr: #[const_ptr_if(ossl300)] c_uchar, + klen: c_int, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> c_int; + pub fn PEM_write_bio_RSA_PUBKEY(bp: *mut BIO, rsa: #[const_ptr_if(ossl300)] RSA) -> c_int; + pub fn PEM_write_bio_DSAPrivateKey( + bp: *mut BIO, + dsa: #[const_ptr_if(ossl300)] DSA, + cipher: *const EVP_CIPHER, + kstr: #[const_ptr_if(ossl300)] c_uchar, + klen: c_int, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> c_int; + pub fn PEM_write_bio_ECPrivateKey( + bio: *mut BIO, + key: #[const_ptr_if(ossl300)] EC_KEY, + cipher: *const EVP_CIPHER, + kstr: #[const_ptr_if(ossl300)] c_uchar, + klen: c_int, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> c_int; + pub fn PEM_write_bio_DSA_PUBKEY(bp: *mut BIO, dsa: #[const_ptr_if(ossl300)] DSA) -> c_int; + pub fn PEM_write_bio_PrivateKey( + bio: *mut BIO, + pkey: #[const_ptr_if(ossl300)] EVP_PKEY, + cipher: *const EVP_CIPHER, + kstr: #[const_ptr_if(ossl300)] c_uchar, + klen: c_int, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> c_int; + pub fn PEM_write_bio_PUBKEY(bp: *mut BIO, x: #[const_ptr_if(ossl300)] EVP_PKEY) -> c_int; + pub fn PEM_write_bio_PKCS8PrivateKey( + bio: *mut BIO, + pkey: #[const_ptr_if(ossl300)] EVP_PKEY, + cipher: *const EVP_CIPHER, + kstr: #[const_ptr_if(ossl300)] c_char, + klen: c_int, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> c_int; + pub fn PEM_write_bio_PKCS7(bp: *mut BIO, x: #[const_ptr_if(ossl300)] PKCS7) -> c_int; + pub fn PEM_write_bio_EC_PUBKEY(bp: *mut BIO, ec: #[const_ptr_if(ossl300)] EC_KEY) -> c_int; + pub fn i2d_PKCS8PrivateKey_bio( + bp: *mut BIO, + x: #[const_ptr_if(ossl300)] EVP_PKEY, + enc: *const EVP_CIPHER, + kstr: #[const_ptr_if(ossl300)] c_char, + klen: c_int, + cb: pem_password_cb, + u: *mut c_void, + ) -> c_int; + } +} + +extern "C" { + pub fn PEM_read_bio_X509( + bio: *mut BIO, + out: *mut *mut X509, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut X509; + pub fn PEM_read_bio_X509_REQ( + bio: *mut BIO, + out: *mut *mut X509_REQ, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut X509_REQ; + pub fn PEM_read_bio_X509_CRL( + bio: *mut BIO, + out: *mut *mut X509_CRL, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut X509_CRL; + pub fn PEM_read_bio_RSAPrivateKey( + bio: *mut BIO, + rsa: *mut *mut RSA, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut RSA; + pub fn PEM_read_bio_RSAPublicKey( + bio: *mut BIO, + rsa: *mut *mut RSA, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut RSA; + pub fn PEM_write_bio_RSAPublicKey(bp: *mut BIO, rsa: *const RSA) -> c_int; + pub fn PEM_read_bio_RSA_PUBKEY( + bio: *mut BIO, + rsa: *mut *mut RSA, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut RSA; + pub fn PEM_read_bio_DSAPrivateKey( + bp: *mut BIO, + dsa: *mut *mut DSA, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut DSA; + pub fn PEM_read_bio_DSA_PUBKEY( + bp: *mut BIO, + dsa: *mut *mut DSA, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut DSA; + pub fn PEM_read_bio_ECPrivateKey( + bio: *mut BIO, + key: *mut *mut EC_KEY, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut EC_KEY; + pub fn PEM_read_bio_EC_PUBKEY( + bp: *mut BIO, + ec: *mut *mut EC_KEY, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut EC_KEY; + pub fn PEM_read_bio_DHparams( + bio: *mut BIO, + out: *mut *mut DH, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut DH; + pub fn PEM_write_bio_DHparams(bio: *mut BIO, x: *const DH) -> c_int; + pub fn PEM_read_bio_PrivateKey( + bio: *mut BIO, + out: *mut *mut EVP_PKEY, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut EVP_PKEY; + pub fn PEM_read_bio_PUBKEY( + bio: *mut BIO, + out: *mut *mut EVP_PKEY, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut EVP_PKEY; + + pub fn d2i_PKCS8PrivateKey_bio( + bp: *mut BIO, + x: *mut *mut EVP_PKEY, + cb: pem_password_cb, + u: *mut c_void, + ) -> *mut EVP_PKEY; + pub fn d2i_PKCS8_PRIV_KEY_INFO( + k: *mut *mut PKCS8_PRIV_KEY_INFO, + buf: *mut *const u8, + length: c_long, + ) -> *mut PKCS8_PRIV_KEY_INFO; + pub fn PKCS8_PRIV_KEY_INFO_free(p8inf: *mut PKCS8_PRIV_KEY_INFO); + + pub fn PEM_read_bio_PKCS7( + bio: *mut BIO, + out: *mut *mut PKCS7, + cb: pem_password_cb, + u: *mut c_void, + ) -> *mut PKCS7; + + #[cfg(ossl101)] + pub fn PEM_read_bio_CMS( + bio: *mut BIO, + out: *mut *mut CMS_ContentInfo, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut CMS_ContentInfo; + #[cfg(ossl101)] + pub fn PEM_write_bio_CMS(bio: *mut BIO, cms: *const CMS_ContentInfo) -> c_int; +} diff --git a/openssl-sys/src/handwritten/pkcs12.rs b/openssl-sys/src/handwritten/pkcs12.rs new file mode 100644 index 000000000..728c333ad --- /dev/null +++ b/openssl-sys/src/handwritten/pkcs12.rs @@ -0,0 +1,53 @@ +use libc::*; + +use super::super::*; + +pub enum PKCS12 {} + +extern "C" { + pub fn PKCS12_free(p12: *mut PKCS12); +} +const_ptr_api! { + extern "C" { + pub fn i2d_PKCS12(a: #[const_ptr_if(ossl300)] PKCS12, buf: *mut *mut u8) -> c_int; + } +} +extern "C" { + pub fn d2i_PKCS12(a: *mut *mut PKCS12, pp: *mut *const u8, length: c_long) -> *mut PKCS12; + + pub fn PKCS12_parse( + p12: *mut PKCS12, + pass: *const c_char, + pkey: *mut *mut EVP_PKEY, + cert: *mut *mut X509, + ca: *mut *mut stack_st_X509, + ) -> c_int; + + pub fn PKCS12_set_mac( + p12: *mut PKCS12, + pass: *const c_char, + passlen: c_int, + salt: *mut c_uchar, + saltlen: c_int, + iter: c_int, + md_type: *const EVP_MD, + ) -> c_int; +} +const_ptr_api! { + extern "C" { + pub fn PKCS12_create( + pass: #[const_ptr_if(any(ossl110, libressl280))] c_char, + friendly_name: #[const_ptr_if(any(ossl110, libressl280))] c_char, + pkey: *mut EVP_PKEY, + cert: *mut X509, + ca: *mut stack_st_X509, + nid_key: c_int, + nid_cert: c_int, + iter: c_int, + mac_iter: c_int, + keytype: c_int, + ) -> *mut PKCS12; + + pub fn i2d_PKCS12_bio(b: *mut BIO, a: #[const_ptr_if(ossl300)] PKCS12) -> c_int; + } +} diff --git a/openssl-sys/src/handwritten/pkcs7.rs b/openssl-sys/src/handwritten/pkcs7.rs new file mode 100644 index 000000000..78f96ec3e --- /dev/null +++ b/openssl-sys/src/handwritten/pkcs7.rs @@ -0,0 +1,70 @@ +use super::super::*; +use libc::*; + +pub enum PKCS7_SIGNED {} +pub enum PKCS7_ENVELOPE {} +pub enum PKCS7_SIGN_ENVELOPE {} +pub enum PKCS7_DIGEST {} +pub enum PKCS7_ENCRYPT {} +pub enum PKCS7 {} + +extern "C" { + pub fn d2i_PKCS7(a: *mut *mut PKCS7, pp: *mut *const c_uchar, length: c_long) -> *mut PKCS7; +} + +const_ptr_api! { + extern "C" { + pub fn i2d_PKCS7(a: #[const_ptr_if(ossl300)] PKCS7, buf: *mut *mut u8) -> c_int; + } +} + +extern "C" { + pub fn PKCS7_encrypt( + certs: *mut stack_st_X509, + b: *mut BIO, + cipher: *const EVP_CIPHER, + flags: c_int, + ) -> *mut PKCS7; + + pub fn PKCS7_verify( + pkcs7: *mut PKCS7, + certs: *mut stack_st_X509, + store: *mut X509_STORE, + indata: *mut BIO, + out: *mut BIO, + flags: c_int, + ) -> c_int; + + pub fn PKCS7_get0_signers( + pkcs7: *mut PKCS7, + certs: *mut stack_st_X509, + flags: c_int, + ) -> *mut stack_st_X509; + + pub fn PKCS7_sign( + signcert: *mut X509, + pkey: *mut EVP_PKEY, + certs: *mut stack_st_X509, + data: *mut BIO, + flags: c_int, + ) -> *mut PKCS7; + + pub fn PKCS7_decrypt( + pkcs7: *mut PKCS7, + pkey: *mut EVP_PKEY, + cert: *mut X509, + data: *mut BIO, + flags: c_int, + ) -> c_int; + + pub fn PKCS7_free(pkcs7: *mut PKCS7); + + pub fn SMIME_write_PKCS7( + out: *mut BIO, + pkcs7: *mut PKCS7, + data: *mut BIO, + flags: c_int, + ) -> c_int; + + pub fn SMIME_read_PKCS7(bio: *mut BIO, bcont: *mut *mut BIO) -> *mut PKCS7; +} diff --git a/openssl-sys/src/handwritten/provider.rs b/openssl-sys/src/handwritten/provider.rs new file mode 100644 index 000000000..3e18a02be --- /dev/null +++ b/openssl-sys/src/handwritten/provider.rs @@ -0,0 +1,20 @@ +use super::super::*; +use libc::*; + +extern "C" { + #[cfg(ossl300)] + pub fn OSSL_PROVIDER_load(ctx: *mut OSSL_LIB_CTX, name: *const c_char) -> *mut OSSL_PROVIDER; + #[cfg(ossl300)] + pub fn OSSL_PROVIDER_try_load( + ctx: *mut OSSL_LIB_CTX, + name: *const c_char, + retain_fallbacks: c_int, + ) -> *mut OSSL_PROVIDER; + #[cfg(ossl300)] + pub fn OSSL_PROVIDER_unload(prov: *mut OSSL_PROVIDER) -> c_int; + #[cfg(ossl300)] + pub fn OSSL_PROVIDER_set_default_search_path( + ctx: *mut OSSL_LIB_CTX, + path: *const c_char, + ) -> c_int; +} diff --git a/openssl-sys/src/handwritten/rand.rs b/openssl-sys/src/handwritten/rand.rs new file mode 100644 index 000000000..3bf9da592 --- /dev/null +++ b/openssl-sys/src/handwritten/rand.rs @@ -0,0 +1,12 @@ +use libc::*; + +extern "C" { + pub fn RAND_bytes(buf: *mut u8, num: c_int) -> c_int; + + #[cfg(ossl111)] + pub fn RAND_keep_random_devices_open(keep: c_int); + + pub fn RAND_status() -> c_int; + + pub fn RAND_add(buf: *const c_void, num: c_int, randomness: c_double); +} diff --git a/openssl-sys/src/handwritten/rsa.rs b/openssl-sys/src/handwritten/rsa.rs new file mode 100644 index 000000000..d05edfc30 --- /dev/null +++ b/openssl-sys/src/handwritten/rsa.rs @@ -0,0 +1,124 @@ +use super::super::*; +use libc::*; + +cfg_if! { + if #[cfg(ossl300)] { + extern "C" { + pub fn EVP_PKEY_CTX_set_rsa_padding(ctx: *mut EVP_PKEY_CTX, pad_mode: c_int) -> c_int; + pub fn EVP_PKEY_CTX_get_rsa_padding(ctx: *mut EVP_PKEY_CTX, pad_mode: *mut c_int) -> c_int; + + pub fn EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx: *mut EVP_PKEY_CTX, len: c_int) -> c_int; + pub fn EVP_PKEY_CTX_set_rsa_mgf1_md(ctx: *mut EVP_PKEY_CTX, md: *const EVP_MD) -> c_int; + } + } +} + +extern "C" { + pub fn RSA_new() -> *mut RSA; + pub fn RSA_size(k: *const RSA) -> c_int; + + #[cfg(any(ossl110, libressl273))] + pub fn RSA_set0_key(r: *mut RSA, n: *mut BIGNUM, e: *mut BIGNUM, d: *mut BIGNUM) -> c_int; + #[cfg(any(ossl110, libressl273))] + pub fn RSA_set0_factors(r: *mut RSA, p: *mut BIGNUM, q: *mut BIGNUM) -> c_int; + #[cfg(any(ossl110, libressl273))] + pub fn RSA_set0_crt_params( + r: *mut RSA, + dmp1: *mut BIGNUM, + dmq1: *mut BIGNUM, + iqmp: *mut BIGNUM, + ) -> c_int; + #[cfg(any(ossl110, libressl273))] + pub fn RSA_get0_key( + r: *const RSA, + n: *mut *const BIGNUM, + e: *mut *const BIGNUM, + d: *mut *const BIGNUM, + ); + #[cfg(any(ossl110, libressl273))] + pub fn RSA_get0_factors(r: *const RSA, p: *mut *const BIGNUM, q: *mut *const BIGNUM); + #[cfg(any(ossl110, libressl273))] + pub fn RSA_get0_crt_params( + r: *const RSA, + dmp1: *mut *const BIGNUM, + dmq1: *mut *const BIGNUM, + iqmp: *mut *const BIGNUM, + ); + + #[cfg(not(ossl110))] + pub fn RSA_generate_key( + modsz: c_int, + e: c_ulong, + cb: Option, + cbarg: *mut c_void, + ) -> *mut RSA; + + pub fn RSA_generate_key_ex( + rsa: *mut RSA, + bits: c_int, + e: *mut BIGNUM, + cb: *mut BN_GENCB, + ) -> c_int; + + pub fn RSA_public_encrypt( + flen: c_int, + from: *const u8, + to: *mut u8, + k: *mut RSA, + pad: c_int, + ) -> c_int; + pub fn RSA_private_encrypt( + flen: c_int, + from: *const u8, + to: *mut u8, + k: *mut RSA, + pad: c_int, + ) -> c_int; + pub fn RSA_public_decrypt( + flen: c_int, + from: *const u8, + to: *mut u8, + k: *mut RSA, + pad: c_int, + ) -> c_int; + pub fn RSA_private_decrypt( + flen: c_int, + from: *const u8, + to: *mut u8, + k: *mut RSA, + pad: c_int, + ) -> c_int; + pub fn RSA_check_key(r: *const RSA) -> c_int; + pub fn RSA_free(rsa: *mut RSA); + pub fn RSA_up_ref(rsa: *mut RSA) -> c_int; + + pub fn i2d_RSAPublicKey(k: *const RSA, buf: *mut *mut u8) -> c_int; + pub fn d2i_RSAPublicKey(k: *mut *mut RSA, buf: *mut *const u8, len: c_long) -> *mut RSA; + pub fn i2d_RSAPrivateKey(k: *const RSA, buf: *mut *mut u8) -> c_int; + pub fn d2i_RSAPrivateKey(k: *mut *mut RSA, buf: *mut *const u8, len: c_long) -> *mut RSA; + + pub fn RSA_sign( + t: c_int, + m: *const u8, + mlen: c_uint, + sig: *mut u8, + siglen: *mut c_uint, + k: *mut RSA, + ) -> c_int; + pub fn RSA_verify( + t: c_int, + m: *const u8, + mlen: c_uint, + sig: *const u8, + siglen: c_uint, + k: *mut RSA, + ) -> c_int; + + pub fn RSA_padding_check_PKCS1_type_2( + to: *mut c_uchar, + tlen: c_int, + f: *const c_uchar, + fl: c_int, + rsa_len: c_int, + ) -> c_int; +} diff --git a/openssl-sys/src/handwritten/safestack.rs b/openssl-sys/src/handwritten/safestack.rs new file mode 100644 index 000000000..0bee90d96 --- /dev/null +++ b/openssl-sys/src/handwritten/safestack.rs @@ -0,0 +1 @@ +stack!(stack_st_OPENSSL_STRING); diff --git a/openssl-sys/src/handwritten/sha.rs b/openssl-sys/src/handwritten/sha.rs new file mode 100644 index 000000000..7d00b592f --- /dev/null +++ b/openssl-sys/src/handwritten/sha.rs @@ -0,0 +1,101 @@ +use super::super::*; +use libc::*; + +cfg_if! { + if #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] { + #[repr(C)] + #[derive(Clone)] + pub struct SHA_CTX { + pub h0: SHA_LONG, + pub h1: SHA_LONG, + pub h2: SHA_LONG, + pub h3: SHA_LONG, + pub h4: SHA_LONG, + pub Nl: SHA_LONG, + pub Nh: SHA_LONG, + pub data: [SHA_LONG; SHA_LBLOCK as usize], + pub num: c_uint, + } + + extern "C" { + pub fn SHA1_Init(c: *mut SHA_CTX) -> c_int; + pub fn SHA1_Update(c: *mut SHA_CTX, data: *const c_void, len: size_t) -> c_int; + pub fn SHA1_Final(md: *mut c_uchar, c: *mut SHA_CTX) -> c_int; + } + } +} + +cfg_if! { + if #[cfg(not(ossl300))] { + extern "C" { + pub fn SHA1(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar; + } + } +} + +cfg_if! { + if #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] { + #[repr(C)] + #[derive(Clone)] + pub struct SHA256_CTX { + pub h: [SHA_LONG; 8], + pub Nl: SHA_LONG, + pub Nh: SHA_LONG, + pub data: [SHA_LONG; SHA_LBLOCK as usize], + pub num: c_uint, + pub md_len: c_uint, + } + + extern "C" { + pub fn SHA224_Init(c: *mut SHA256_CTX) -> c_int; + pub fn SHA224_Update(c: *mut SHA256_CTX, data: *const c_void, len: size_t) -> c_int; + pub fn SHA224_Final(md: *mut c_uchar, c: *mut SHA256_CTX) -> c_int; + pub fn SHA256_Init(c: *mut SHA256_CTX) -> c_int; + pub fn SHA256_Update(c: *mut SHA256_CTX, data: *const c_void, len: size_t) -> c_int; + pub fn SHA256_Final(md: *mut c_uchar, c: *mut SHA256_CTX) -> c_int; + } + } +} + +cfg_if! { + if #[cfg(not(ossl300))] { + extern "C" { + pub fn SHA224(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar; + pub fn SHA256(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar; + } + } +} + +cfg_if! { + if #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] { + #[repr(C)] + #[derive(Clone)] + pub struct SHA512_CTX { + pub h: [SHA_LONG64; 8], + pub Nl: SHA_LONG64, + pub Nh: SHA_LONG64, + // this is a union but we don't want to require 1.19 + u: [SHA_LONG64; SHA_LBLOCK as usize], + pub num: c_uint, + pub md_len: c_uint, + } + + extern "C" { + pub fn SHA384_Init(c: *mut SHA512_CTX) -> c_int; + pub fn SHA384_Update(c: *mut SHA512_CTX, data: *const c_void, len: size_t) -> c_int; + pub fn SHA384_Final(md: *mut c_uchar, c: *mut SHA512_CTX) -> c_int; + pub fn SHA512_Init(c: *mut SHA512_CTX) -> c_int; + pub fn SHA512_Update(c: *mut SHA512_CTX, data: *const c_void, len: size_t) -> c_int; + pub fn SHA512_Final(md: *mut c_uchar, c: *mut SHA512_CTX) -> c_int; + } + } +} + +cfg_if! { + if #[cfg(not(ossl300))] { + extern "C" { + pub fn SHA384(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar; + pub fn SHA512(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar; + } + } +} diff --git a/openssl-sys/src/handwritten/srtp.rs b/openssl-sys/src/handwritten/srtp.rs new file mode 100644 index 000000000..d4c7af8eb --- /dev/null +++ b/openssl-sys/src/handwritten/srtp.rs @@ -0,0 +1,10 @@ +use super::super::*; +use libc::*; + +extern "C" { + pub fn SSL_CTX_set_tlsext_use_srtp(ctx: *mut SSL_CTX, profiles: *const c_char) -> c_int; + pub fn SSL_set_tlsext_use_srtp(ssl: *mut SSL, profiles: *const c_char) -> c_int; + + pub fn SSL_get_srtp_profiles(ssl: *mut SSL) -> *mut stack_st_SRTP_PROTECTION_PROFILE; + pub fn SSL_get_selected_srtp_profile(ssl: *mut SSL) -> *mut SRTP_PROTECTION_PROFILE; +} diff --git a/openssl-sys/src/handwritten/ssl.rs b/openssl-sys/src/handwritten/ssl.rs new file mode 100644 index 000000000..f179a04ab --- /dev/null +++ b/openssl-sys/src/handwritten/ssl.rs @@ -0,0 +1,913 @@ +use super::super::*; +use libc::*; + +pub enum SSL_METHOD {} +pub enum SSL_CIPHER {} +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum SSL_SESSION {} + } else if #[cfg(libressl251)] { + #[repr(C)] + pub struct SSL_SESSION { + ssl_version: c_int, + pub master_key_length: c_int, + pub master_key: [c_uchar; 48], + session_id_length: c_uint, + session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize], + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + peer: *mut X509, + verify_result: c_long, + timeout: c_long, + time: time_t, + pub references: c_int, + cipher: *const SSL_CIPHER, + cipher_id: c_long, + ciphers: *mut stack_st_SSL_CIPHER, + tlsext_hostname: *mut c_char, + tlsext_tick: *mut c_uchar, + tlsext_ticklen: size_t, + tlsext_tick_lifetime_int: c_long, + internal: *mut c_void, + } + } else if #[cfg(libressl)] { + #[repr(C)] + pub struct SSL_SESSION { + ssl_version: c_int, + pub master_key_length: c_int, + pub master_key: [c_uchar; 48], + session_id_length: c_uint, + session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize], + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + not_resumable: c_int, + sess_cert: *mut c_void, + peer: *mut X509, + verify_result: c_long, + timeout: c_long, + time: time_t, + pub references: c_int, + cipher: *const c_void, + cipher_id: c_ulong, + ciphers: *mut c_void, + ex_data: CRYPTO_EX_DATA, + prev: *mut c_void, + next: *mut c_void, + tlsext_hostname: *mut c_char, + tlsext_ecpointformatlist_length: size_t, + tlsext_ecpointformatlist: *mut u8, + tlsext_ellipticcurvelist_length: size_t, + tlsext_ellipticcurvelist: *mut u16, + tlsext_tick: *mut c_uchar, + tlsext_ticklen: size_t, + tlsext_tick_lifetime_hint: c_long, + } + } else { + #[repr(C)] + pub struct SSL_SESSION { + ssl_version: c_int, + key_arg_length: c_uint, + key_arg: [c_uchar; SSL_MAX_KEY_ARG_LENGTH as usize], + pub master_key_length: c_int, + pub master_key: [c_uchar; 48], + session_id_length: c_uint, + session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize], + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + #[cfg(not(osslconf = "OPENSSL_NO_KRB5"))] + krb5_client_princ_len: c_uint, + #[cfg(not(osslconf = "OPENSSL_NO_KRB5"))] + krb5_client_princ: [c_uchar; SSL_MAX_KRB5_PRINCIPAL_LENGTH as usize], + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_identity_hint: *mut c_char, + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_identity: *mut c_char, + not_resumable: c_int, + sess_cert: *mut c_void, + peer: *mut X509, + verify_result: c_long, + pub references: c_int, + timeout: c_long, + time: c_long, + compress_meth: c_uint, + cipher: *const c_void, + cipher_id: c_ulong, + ciphers: *mut c_void, + ex_data: CRYPTO_EX_DATA, + prev: *mut c_void, + next: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_hostname: *mut c_char, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ecpointformatlist_length: size_t, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ecpointformatlist: *mut c_uchar, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ellipticcurvelist_length: size_t, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ellipticcurvelist: *mut c_uchar, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_tick: *mut c_uchar, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ticklen: size_t, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_tick_lifetime_hint: c_long, + #[cfg(not(osslconf = "OPENSSL_NO_SRP"))] + srp_username: *mut c_char, + } + } +} + +stack!(stack_st_SSL_CIPHER); + +#[repr(C)] +pub struct SRTP_PROTECTION_PROFILE { + pub name: *const c_char, + pub id: c_ulong, +} + +stack!(stack_st_SRTP_PROTECTION_PROFILE); + +pub type tls_session_ticket_ext_cb_fn = + Option c_int>; +pub type tls_session_secret_cb_fn = Option< + unsafe extern "C" fn( + *mut SSL, + *mut c_void, + *mut c_int, + *mut stack_st_SSL_CIPHER, + *mut *mut SSL_CIPHER, + *mut c_void, + ) -> c_int, +>; + +#[cfg(ossl111)] +pub type SSL_custom_ext_add_cb_ex = Option< + unsafe extern "C" fn( + ssl: *mut SSL, + ext_type: c_uint, + context: c_uint, + out: *mut *const c_uchar, + outlen: *mut size_t, + x: *mut X509, + chainidx: size_t, + al: *mut c_int, + add_arg: *mut c_void, + ) -> c_int, +>; + +#[cfg(ossl111)] +pub type SSL_custom_ext_free_cb_ex = Option< + unsafe extern "C" fn( + ssl: *mut SSL, + ext_type: c_uint, + context: c_uint, + out: *const c_uchar, + add_arg: *mut c_void, + ), +>; + +#[cfg(ossl111)] +pub type SSL_custom_ext_parse_cb_ex = Option< + unsafe extern "C" fn( + ssl: *mut SSL, + ext_type: c_uint, + context: c_uint, + input: *const c_uchar, + inlen: size_t, + x: *mut X509, + chainidx: size_t, + al: *mut c_int, + parse_arg: *mut c_void, + ) -> c_int, +>; + +cfg_if! { + if #[cfg(ossl300)] { + extern "C" { + pub fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> u64; + pub fn SSL_CTX_set_options(ctx: *mut SSL_CTX, op: u64) -> u64; + pub fn SSL_CTX_clear_options(ctx: *mut SSL_CTX, op: u64) -> u64; + } + } else if #[cfg(ossl110)] { + extern "C" { + pub fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> c_ulong; + pub fn SSL_CTX_set_options(ctx: *mut SSL_CTX, op: c_ulong) -> c_ulong; + pub fn SSL_CTX_clear_options(ctx: *mut SSL_CTX, op: c_ulong) -> c_ulong; + } + } +} + +pub type GEN_SESSION_CB = + Option c_int>; + +extern "C" { + pub fn SSL_CTX_sess_set_new_cb( + ctx: *mut SSL_CTX, + new_session_cb: Option c_int>, + ); + pub fn SSL_CTX_sess_set_remove_cb( + ctx: *mut SSL_CTX, + remove_session_cb: Option, + ); +} +cfg_if! { + // const change in passed function pointer signature + if #[cfg(any(ossl110, libressl280))] { + extern "C" { + pub fn SSL_CTX_sess_set_get_cb( + ctx: *mut SSL_CTX, + get_session_cb: Option< + unsafe extern "C" fn(*mut SSL, *const c_uchar, c_int, *mut c_int) -> *mut SSL_SESSION, + >, + ); + } + } else { + extern "C" { + pub fn SSL_CTX_sess_set_get_cb( + ctx: *mut SSL_CTX, + get_session_cb: Option< + unsafe extern "C" fn(*mut SSL, *mut c_uchar, c_int, *mut c_int) -> *mut SSL_SESSION, + >, + ); + } + } +} +extern "C" { + // FIXME change to unsafe extern "C" fn + pub fn SSL_CTX_set_cookie_generate_cb( + s: *mut SSL_CTX, + cb: Option< + extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: *mut c_uint) -> c_int, + >, + ); +} + +cfg_if! { + // const change in passed function pointer signature + if #[cfg(any(ossl110, libressl280))] { + extern "C" { + pub fn SSL_CTX_set_cookie_verify_cb( + s: *mut SSL_CTX, + cb: Option< + extern "C" fn(ssl: *mut SSL, cookie: *const c_uchar, cookie_len: c_uint) -> c_int, + >, + ); + } + } else { + extern "C" { + pub fn SSL_CTX_set_cookie_verify_cb( + s: *mut SSL_CTX, + cb: Option c_int>, + ); + } + } +} + +extern "C" { + #[cfg(ossl111)] + pub fn SSL_CTX_set_stateless_cookie_generate_cb( + s: *mut SSL_CTX, + cb: Option< + unsafe extern "C" fn( + ssl: *mut SSL, + cookie: *mut c_uchar, + cookie_len: *mut size_t, + ) -> c_int, + >, + ); + #[cfg(ossl111)] + pub fn SSL_CTX_set_stateless_cookie_verify_cb( + s: *mut SSL_CTX, + cb: Option< + unsafe extern "C" fn( + ssl: *mut SSL, + cookie: *const c_uchar, + cookie_len: size_t, + ) -> c_int, + >, + ); + + pub fn SSL_CTX_set_next_protos_advertised_cb( + ssl: *mut SSL_CTX, + cb: extern "C" fn( + ssl: *mut SSL, + out: *mut *const c_uchar, + outlen: *mut c_uint, + arg: *mut c_void, + ) -> c_int, + arg: *mut c_void, + ); + pub fn SSL_CTX_set_next_proto_select_cb( + ssl: *mut SSL_CTX, + cb: extern "C" fn( + ssl: *mut SSL, + out: *mut *mut c_uchar, + outlen: *mut c_uchar, + inbuf: *const c_uchar, + inlen: c_uint, + arg: *mut c_void, + ) -> c_int, + arg: *mut c_void, + ); + pub fn SSL_get0_next_proto_negotiated( + s: *const SSL, + data: *mut *const c_uchar, + len: *mut c_uint, + ); + + pub fn SSL_select_next_proto( + out: *mut *mut c_uchar, + outlen: *mut c_uchar, + inbuf: *const c_uchar, + inlen: c_uint, + client: *const c_uchar, + client_len: c_uint, + ) -> c_int; +} + +extern "C" { + #[cfg(any(ossl102, libressl261))] + pub fn SSL_CTX_set_alpn_protos(s: *mut SSL_CTX, data: *const c_uchar, len: c_uint) -> c_int; + #[cfg(any(ossl102, libressl261))] + pub fn SSL_set_alpn_protos(s: *mut SSL, data: *const c_uchar, len: c_uint) -> c_int; + #[cfg(any(ossl102, libressl261))] + #[link_name = "SSL_CTX_set_alpn_select_cb"] + pub fn SSL_CTX_set_alpn_select_cb__fixed_rust( + ssl: *mut SSL_CTX, + cb: Option< + unsafe extern "C" fn( + ssl: *mut SSL, + out: *mut *const c_uchar, + outlen: *mut c_uchar, + inbuf: *const c_uchar, + inlen: c_uint, + arg: *mut c_void, + ) -> c_int, + >, + arg: *mut c_void, + ); + #[cfg(any(ossl102, libressl261))] + pub fn SSL_get0_alpn_selected(s: *const SSL, data: *mut *const c_uchar, len: *mut c_uint); +} + +#[cfg(not(osslconf = "OPENSSL_NO_PSK"))] +extern "C" { + pub fn SSL_CTX_set_psk_client_callback( + ssl: *mut SSL_CTX, + psk_client_cb: Option< + extern "C" fn( + *mut SSL, + *const c_char, + *mut c_char, + c_uint, + *mut c_uchar, + c_uint, + ) -> c_uint, + >, + ); + pub fn SSL_CTX_set_psk_server_callback( + ssl: *mut SSL_CTX, + psk_server_cb: Option< + extern "C" fn(*mut SSL, *const c_char, *mut c_uchar, c_uint) -> c_uint, + >, + ); + pub fn SSL_get_psk_identity_hint(ssl: *const SSL) -> *const c_char; + pub fn SSL_get_psk_identity(ssl: *const SSL) -> *const c_char; +} + +extern "C" { + #[cfg(ossl111)] + pub fn SSL_CTX_add_custom_ext( + ctx: *mut SSL_CTX, + ext_type: c_uint, + context: c_uint, + add_cb: SSL_custom_ext_add_cb_ex, + free_cb: SSL_custom_ext_free_cb_ex, + add_arg: *mut c_void, + parse_cb: SSL_custom_ext_parse_cb_ex, + parse_arg: *mut c_void, + ) -> c_int; + + #[cfg(ossl102)] + pub fn SSL_extension_supported(ext_type: c_uint) -> c_int; +} + +#[cfg(ossl111)] +pub type SSL_CTX_keylog_cb_func = + Option; + +extern "C" { + #[cfg(ossl111)] + pub fn SSL_CTX_set_keylog_callback(ctx: *mut SSL_CTX, cb: SSL_CTX_keylog_cb_func); + + #[cfg(any(ossl111, libressl340))] + pub fn SSL_CTX_set_max_early_data(ctx: *mut SSL_CTX, max_early_data: u32) -> c_int; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_CTX_get_max_early_data(ctx: *const SSL_CTX) -> u32; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_set_max_early_data(ctx: *mut SSL, max_early_data: u32) -> c_int; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_get_max_early_data(ctx: *const SSL) -> u32; + + pub fn SSL_get_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t; + pub fn SSL_get_peer_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t; + + pub fn SSL_CTX_get_verify_mode(ctx: *const SSL_CTX) -> c_int; + pub fn SSL_get_verify_mode(s: *const SSL) -> c_int; +} + +const_ptr_api! { + extern "C" { + #[cfg(ossl110)] + pub fn SSL_is_init_finished(s: #[const_ptr_if(ossl111)] SSL) -> c_int; + } +} + +cfg_if! { + if #[cfg(libressl261)] { + extern "C" { + pub fn SSL_CTX_set_min_proto_version(ctx: *mut SSL_CTX, version: u16) -> c_int; + pub fn SSL_CTX_set_max_proto_version(ctx: *mut SSL_CTX, version: u16) -> c_int; + pub fn SSL_set_min_proto_version(s: *mut SSL, version: u16) -> c_int; + pub fn SSL_set_max_proto_version(s: *mut SSL, version: u16) -> c_int; + } + } +} + +cfg_if! { + if #[cfg(libressl270)] { + extern "C" { + pub fn SSL_CTX_get_min_proto_version(ctx: *mut SSL_CTX) -> c_int; + pub fn SSL_CTX_get_max_proto_version(ctx: *mut SSL_CTX) -> c_int; + pub fn SSL_get_min_proto_version(s: *mut SSL) -> c_int; + pub fn SSL_get_max_proto_version(s: *mut SSL) -> c_int; + } + } +} + +extern "C" { + pub fn SSL_CTX_set_cipher_list(ssl: *mut SSL_CTX, s: *const c_char) -> c_int; + pub fn SSL_CTX_new(method: *const SSL_METHOD) -> *mut SSL_CTX; + pub fn SSL_CTX_free(ctx: *mut SSL_CTX); + #[cfg(any(ossl110, libressl273))] + pub fn SSL_CTX_up_ref(x: *mut SSL_CTX) -> c_int; + pub fn SSL_CTX_get_cert_store(ctx: *const SSL_CTX) -> *mut X509_STORE; + pub fn SSL_CTX_set_cert_store(ctx: *mut SSL_CTX, store: *mut X509_STORE); + + pub fn SSL_get_current_cipher(ssl: *const SSL) -> *const SSL_CIPHER; + pub fn SSL_CIPHER_get_bits(cipher: *const SSL_CIPHER, alg_bits: *mut c_int) -> c_int; +} +const_ptr_api! { + extern "C" { + pub fn SSL_CIPHER_get_version(cipher: *const SSL_CIPHER) -> #[const_ptr_if(any(ossl110, libressl280))] c_char; + } +} +extern "C" { + #[cfg(ossl111)] + pub fn SSL_CIPHER_get_handshake_digest(cipher: *const SSL_CIPHER) -> *const EVP_MD; + pub fn SSL_CIPHER_get_name(cipher: *const SSL_CIPHER) -> *const c_char; + #[cfg(ossl111)] + pub fn SSL_CIPHER_standard_name(cipher: *const SSL_CIPHER) -> *const c_char; + #[cfg(ossl111)] + pub fn OPENSSL_cipher_name(rfc_name: *const c_char) -> *const c_char; + + pub fn SSL_pending(ssl: *const SSL) -> c_int; + pub fn SSL_set_bio(ssl: *mut SSL, rbio: *mut BIO, wbio: *mut BIO); + pub fn SSL_get_rbio(ssl: *const SSL) -> *mut BIO; + pub fn SSL_get_wbio(ssl: *const SSL) -> *mut BIO; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_CTX_set_ciphersuites(ctx: *mut SSL_CTX, str: *const c_char) -> c_int; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_set_ciphersuites(ssl: *mut SSL, str: *const c_char) -> c_int; + pub fn SSL_set_cipher_list(ssl: *mut SSL, s: *const c_char) -> c_int; + pub fn SSL_set_ssl_method(s: *mut SSL, method: *const SSL_METHOD) -> c_int; + pub fn SSL_set_verify( + ssl: *mut SSL, + mode: c_int, + // FIXME should be unsafe + verify_callback: Option c_int>, + ); + pub fn SSL_CTX_use_PrivateKey(ctx: *mut SSL_CTX, key: *mut EVP_PKEY) -> c_int; + pub fn SSL_CTX_use_certificate(ctx: *mut SSL_CTX, cert: *mut X509) -> c_int; + + pub fn SSL_CTX_use_PrivateKey_file( + ctx: *mut SSL_CTX, + key_file: *const c_char, + file_type: c_int, + ) -> c_int; + pub fn SSL_CTX_use_certificate_file( + ctx: *mut SSL_CTX, + cert_file: *const c_char, + file_type: c_int, + ) -> c_int; + pub fn SSL_CTX_use_certificate_chain_file( + ctx: *mut SSL_CTX, + cert_chain_file: *const c_char, + ) -> c_int; + pub fn SSL_use_PrivateKey_file(ssl: *mut SSL, file: *const c_char, type_: c_int) -> c_int; + pub fn SSL_use_PrivateKey(ssl: *mut SSL, pkey: *mut EVP_PKEY) -> c_int; + pub fn SSL_use_certificate(ssl: *mut SSL, x: *mut X509) -> c_int; + #[cfg(any(ossl110, libressl332))] + pub fn SSL_use_certificate_chain_file(ssl: *mut SSL, file: *const c_char) -> c_int; + pub fn SSL_set_client_CA_list(s: *mut SSL, name_list: *mut stack_st_X509_NAME); + pub fn SSL_add_client_CA(ssl: *mut SSL, x: *mut X509) -> c_int; + pub fn SSL_load_client_CA_file(file: *const c_char) -> *mut stack_st_X509_NAME; + + #[cfg(not(ossl110))] + pub fn SSL_load_error_strings(); + pub fn SSL_state_string(ssl: *const SSL) -> *const c_char; + pub fn SSL_state_string_long(ssl: *const SSL) -> *const c_char; + + pub fn SSL_SESSION_get_time(s: *const SSL_SESSION) -> c_long; + pub fn SSL_SESSION_get_timeout(s: *const SSL_SESSION) -> c_long; + #[cfg(any(ossl110, libressl270))] + pub fn SSL_SESSION_get_protocol_version(s: *const SSL_SESSION) -> c_int; + + #[cfg(any(ossl111, libressl340))] + pub fn SSL_SESSION_set_max_early_data(ctx: *mut SSL_SESSION, max_early_data: u32) -> c_int; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_SESSION_get_max_early_data(ctx: *const SSL_SESSION) -> u32; + + pub fn SSL_SESSION_get_id(s: *const SSL_SESSION, len: *mut c_uint) -> *const c_uchar; + #[cfg(any(ossl110, libressl273))] + pub fn SSL_SESSION_up_ref(ses: *mut SSL_SESSION) -> c_int; + pub fn SSL_SESSION_free(s: *mut SSL_SESSION); +} +const_ptr_api! { + extern "C" { + pub fn i2d_SSL_SESSION(s: #[const_ptr_if(ossl300)] SSL_SESSION, pp: *mut *mut c_uchar) -> c_int; + } +} +extern "C" { + pub fn SSL_set_session(ssl: *mut SSL, session: *mut SSL_SESSION) -> c_int; + pub fn SSL_CTX_add_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int; + pub fn SSL_CTX_remove_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int; + pub fn d2i_SSL_SESSION( + a: *mut *mut SSL_SESSION, + pp: *mut *const c_uchar, + len: c_long, + ) -> *mut SSL_SESSION; + + #[cfg(not(ossl300))] + pub fn SSL_get_peer_certificate(ssl: *const SSL) -> *mut X509; + #[cfg(ossl300)] + pub fn SSL_get1_peer_certificate(ssl: *const SSL) -> *mut X509; + + pub fn SSL_get_peer_cert_chain(ssl: *const SSL) -> *mut stack_st_X509; + + pub fn SSL_CTX_set_verify( + ctx: *mut SSL_CTX, + mode: c_int, + verify_callback: Option c_int>, + ); + pub fn SSL_CTX_set_verify_depth(ctx: *mut SSL_CTX, depth: c_int); + + #[cfg(any(ossl111, libressl340))] + pub fn SSL_CTX_set_post_handshake_auth(ctx: *mut SSL_CTX, val: c_int); + + pub fn SSL_CTX_check_private_key(ctx: *const SSL_CTX) -> c_int; + + pub fn SSL_CTX_set_session_id_context( + ssl: *mut SSL_CTX, + sid_ctx: *const c_uchar, + sid_ctx_len: c_uint, + ) -> c_int; + + pub fn SSL_new(ctx: *mut SSL_CTX) -> *mut SSL; + + #[cfg(any(ossl102, libressl261))] + pub fn SSL_CTX_get0_param(ctx: *mut SSL_CTX) -> *mut X509_VERIFY_PARAM; + + #[cfg(any(ossl102, libressl261))] + pub fn SSL_get0_param(ssl: *mut SSL) -> *mut X509_VERIFY_PARAM; +} + +#[cfg(ossl111)] +pub type SSL_client_hello_cb_fn = + Option c_int>; +extern "C" { + #[cfg(ossl111)] + pub fn SSL_CTX_set_client_hello_cb( + c: *mut SSL_CTX, + cb: SSL_client_hello_cb_fn, + arg: *mut c_void, + ); + #[cfg(ossl111)] + pub fn SSL_client_hello_isv2(s: *mut SSL) -> c_int; + #[cfg(ossl111)] + pub fn SSL_client_hello_get0_legacy_version(s: *mut SSL) -> c_uint; + #[cfg(ossl111)] + pub fn SSL_client_hello_get0_random(s: *mut SSL, out: *mut *const c_uchar) -> size_t; + #[cfg(ossl111)] + pub fn SSL_client_hello_get0_session_id(s: *mut SSL, out: *mut *const c_uchar) -> size_t; + #[cfg(ossl111)] + pub fn SSL_client_hello_get0_ciphers(s: *mut SSL, out: *mut *const c_uchar) -> size_t; + #[cfg(ossl111)] + pub fn SSL_client_hello_get0_compression_methods( + s: *mut SSL, + out: *mut *const c_uchar, + ) -> size_t; + #[cfg(ossl111)] + pub fn SSL_client_hello_get1_extensions_present( + s: *mut SSL, + out: *mut *mut c_int, + outlen: *mut size_t, + ) -> c_int; + #[cfg(ossl111)] + pub fn SSL_client_hello_get0_ext( + s: *mut SSL, + type_: c_uint, + out: *mut *const c_uchar, + outlen: *mut size_t, + ) -> c_int; + + pub fn SSL_free(ssl: *mut SSL); + pub fn SSL_accept(ssl: *mut SSL) -> c_int; + #[cfg(ossl111)] + pub fn SSL_stateless(s: *mut SSL) -> c_int; + pub fn SSL_connect(ssl: *mut SSL) -> c_int; + pub fn SSL_read(ssl: *mut SSL, buf: *mut c_void, num: c_int) -> c_int; + pub fn SSL_peek(ssl: *mut SSL, buf: *mut c_void, num: c_int) -> c_int; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_read_early_data( + s: *mut SSL, + buf: *mut c_void, + num: size_t, + readbytes: *mut size_t, + ) -> c_int; +} + +extern "C" { + pub fn SSL_write(ssl: *mut SSL, buf: *const c_void, num: c_int) -> c_int; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_write_early_data( + s: *mut SSL, + buf: *const c_void, + num: size_t, + written: *mut size_t, + ) -> c_int; + pub fn SSL_ctrl(ssl: *mut SSL, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long; + pub fn SSL_CTX_ctrl(ctx: *mut SSL_CTX, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long; + #[link_name = "SSL_CTX_callback_ctrl"] + pub fn SSL_CTX_callback_ctrl__fixed_rust( + ctx: *mut SSL_CTX, + cmd: c_int, + fp: Option, + ) -> c_long; +} + +cfg_if! { + if #[cfg(any(ossl110, libressl291))] { + extern "C" { + pub fn TLS_method() -> *const SSL_METHOD; + + pub fn DTLS_method() -> *const SSL_METHOD; + + pub fn TLS_server_method() -> *const SSL_METHOD; + + pub fn TLS_client_method() -> *const SSL_METHOD; + } + } else { + extern "C" { + #[cfg(not(osslconf = "OPENSSL_NO_SSL3_METHOD"))] + pub fn SSLv3_method() -> *const SSL_METHOD; + + pub fn SSLv23_method() -> *const SSL_METHOD; + + pub fn SSLv23_client_method() -> *const SSL_METHOD; + + pub fn SSLv23_server_method() -> *const SSL_METHOD; + + pub fn TLSv1_method() -> *const SSL_METHOD; + + pub fn TLSv1_1_method() -> *const SSL_METHOD; + + pub fn TLSv1_2_method() -> *const SSL_METHOD; + + pub fn DTLSv1_method() -> *const SSL_METHOD; + + #[cfg(ossl102)] + pub fn DTLSv1_2_method() -> *const SSL_METHOD; + } + } +} + +extern "C" { + pub fn SSL_get_error(ssl: *const SSL, ret: c_int) -> c_int; + pub fn SSL_get_version(ssl: *const SSL) -> *const c_char; + + pub fn SSL_do_handshake(ssl: *mut SSL) -> c_int; + pub fn SSL_shutdown(ssl: *mut SSL) -> c_int; + + pub fn SSL_CTX_set_client_CA_list(ctx: *mut SSL_CTX, list: *mut stack_st_X509_NAME); + + pub fn SSL_CTX_add_client_CA(ctx: *mut SSL_CTX, cacert: *mut X509) -> c_int; + + pub fn SSL_CTX_set_default_verify_paths(ctx: *mut SSL_CTX) -> c_int; + pub fn SSL_CTX_load_verify_locations( + ctx: *mut SSL_CTX, + CAfile: *const c_char, + CApath: *const c_char, + ) -> c_int; +} + +const_ptr_api! { + extern "C" { + pub fn SSL_get_ssl_method(ssl: #[const_ptr_if(ossl111b)] SSL) -> *const SSL_METHOD; + } +} + +extern "C" { + pub fn SSL_set_connect_state(s: *mut SSL); + pub fn SSL_set_accept_state(s: *mut SSL); + + #[cfg(not(ossl110))] + pub fn SSL_library_init() -> c_int; + + pub fn SSL_CIPHER_description( + cipher: *const SSL_CIPHER, + buf: *mut c_char, + size: c_int, + ) -> *mut c_char; + + pub fn SSL_get_certificate(ssl: *const SSL) -> *mut X509; +} +const_ptr_api! { + extern "C" { + pub fn SSL_get_privatekey(ssl: #[const_ptr_if(any(ossl102, libressl280))] SSL) -> *mut EVP_PKEY; + } +} + +extern "C" { + #[cfg(any(ossl102, libressl270))] + pub fn SSL_CTX_get0_certificate(ctx: *const SSL_CTX) -> *mut X509; + #[cfg(any(ossl102, libressl340))] + pub fn SSL_CTX_get0_privatekey(ctx: *const SSL_CTX) -> *mut EVP_PKEY; + + pub fn SSL_set_shutdown(ss: *mut SSL, mode: c_int); + pub fn SSL_get_shutdown(ssl: *const SSL) -> c_int; + pub fn SSL_version(ssl: *const SSL) -> c_int; + pub fn SSL_get_session(s: *const SSL) -> *mut SSL_SESSION; + pub fn SSL_get_SSL_CTX(ssl: *const SSL) -> *mut SSL_CTX; + pub fn SSL_set_SSL_CTX(ssl: *mut SSL, ctx: *mut SSL_CTX) -> *mut SSL_CTX; + + pub fn SSL_get_verify_result(ssl: *const SSL) -> c_long; + #[cfg(ossl110)] + pub fn SSL_get0_verified_chain(ssl: *const SSL) -> *mut stack_st_X509; + + #[cfg(any(ossl110, libressl270))] + pub fn SSL_get_client_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t; + #[cfg(any(ossl110, libressl270))] + pub fn SSL_get_server_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t; + #[cfg(any(ossl110, libressl273))] + pub fn SSL_SESSION_get_master_key( + session: *const SSL_SESSION, + out: *mut c_uchar, + outlen: size_t, + ) -> size_t; +} + +extern "C" { + #[cfg(not(ossl110))] + pub fn SSL_get_ex_new_index( + argl: c_long, + argp: *mut c_void, + new_func: Option, + dup_func: Option, + free_func: Option, + ) -> c_int; + + pub fn SSL_set_ex_data(ssl: *mut SSL, idx: c_int, data: *mut c_void) -> c_int; + pub fn SSL_get_ex_data(ssl: *const SSL, idx: c_int) -> *mut c_void; + + #[cfg(not(ossl110))] + pub fn SSL_CTX_get_ex_new_index( + argl: c_long, + argp: *mut c_void, + new_func: Option, + dup_func: Option, + free_func: Option, + ) -> c_int; + + pub fn SSL_CTX_set_ex_data(ctx: *mut SSL_CTX, idx: c_int, data: *mut c_void) -> c_int; + pub fn SSL_CTX_get_ex_data(ctx: *const SSL_CTX, idx: c_int) -> *mut c_void; + + pub fn SSL_get_ex_data_X509_STORE_CTX_idx() -> c_int; +} + +extern "C" { + #[link_name = "SSL_CTX_set_tmp_dh_callback"] + pub fn SSL_CTX_set_tmp_dh_callback__fixed_rust( + ctx: *mut SSL_CTX, + dh: Option< + unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH, + >, + ); + #[link_name = "SSL_set_tmp_dh_callback"] + pub fn SSL_set_tmp_dh_callback__fixed_rust( + ctx: *mut SSL, + dh: Option< + unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH, + >, + ); + #[cfg(not(ossl110))] + #[link_name = "SSL_CTX_set_tmp_ecdh_callback"] + pub fn SSL_CTX_set_tmp_ecdh_callback__fixed_rust( + ctx: *mut SSL_CTX, + ecdh: Option< + unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY, + >, + ); + #[cfg(not(ossl110))] + #[link_name = "SSL_set_tmp_ecdh_callback"] + pub fn SSL_set_tmp_ecdh_callback__fixed_rust( + ssl: *mut SSL, + ecdh: Option< + unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY, + >, + ); +} + +cfg_if! { + if #[cfg(libressl)] { + extern "C" { + pub fn SSL_get_current_compression(ssl: *mut SSL) -> *const libc::c_void; + } + } else if #[cfg(not(osslconf = "OPENSSL_NO_COMP"))] { + const_ptr_api! { + extern "C" { + pub fn SSL_get_current_compression(ssl: #[const_ptr_if(ossl111b)] SSL) -> *const COMP_METHOD; + } + } + } +} +cfg_if! { + if #[cfg(libressl)] { + extern "C" { + pub fn SSL_COMP_get_name(comp: *const libc::c_void) -> *const c_char; + } + } else if #[cfg(not(osslconf = "OPENSSL_NO_COMP"))] { + extern "C" { + pub fn SSL_COMP_get_name(comp: *const COMP_METHOD) -> *const c_char; + } + } +} + +#[cfg(not(osslconf = "OPENSSL_NO_COMP"))] +extern "C" { + #[cfg(ossl110)] + pub fn COMP_get_type(meth: *const COMP_METHOD) -> i32; +} + +extern "C" { + #[cfg(any(ossl110, libressl270))] + pub fn SSL_CIPHER_get_cipher_nid(c: *const SSL_CIPHER) -> c_int; + #[cfg(any(ossl110, libressl270))] + pub fn SSL_CIPHER_get_digest_nid(c: *const SSL_CIPHER) -> c_int; +} + +const_ptr_api! { + extern "C" { + #[cfg(ossl110)] + pub fn SSL_session_reused(ssl: #[const_ptr_if(ossl111c)] SSL) -> c_int; + } +} + +const_ptr_api! { + extern "C" { + #[cfg(any(ossl102, libressl273))] + pub fn SSL_is_server(s: #[const_ptr_if(any(ossl110f, libressl273))] SSL) -> c_int; + } +} + +extern "C" { + #[cfg(ossl110)] + pub fn OPENSSL_init_ssl(opts: u64, settings: *const OPENSSL_INIT_SETTINGS) -> c_int; +} + +extern "C" { + #[cfg(ossl111)] + pub fn SSL_CTX_set_num_tickets(ctx: *mut SSL_CTX, num_tickets: size_t) -> c_int; + + #[cfg(ossl111)] + pub fn SSL_set_num_tickets(s: *mut SSL, num_tickets: size_t) -> c_int; + + #[cfg(ossl111)] + pub fn SSL_CTX_get_num_tickets(ctx: *const SSL_CTX) -> size_t; + + #[cfg(ossl111)] + pub fn SSL_get_num_tickets(s: *const SSL) -> size_t; +} diff --git a/openssl-sys/src/handwritten/stack.rs b/openssl-sys/src/handwritten/stack.rs new file mode 100644 index 000000000..7f2feef6d --- /dev/null +++ b/openssl-sys/src/handwritten/stack.rs @@ -0,0 +1,45 @@ +use libc::*; + +cfg_if! { + if #[cfg(ossl110)] { + pub enum OPENSSL_STACK {} + } else { + #[repr(C)] + pub struct _STACK { + pub num: c_int, + pub data: *mut *mut c_char, + pub sorted: c_int, + pub num_alloc: c_int, + pub comp: Option c_int>, + } + } +} + +cfg_if! { + if #[cfg(ossl110)] { + extern "C" { + pub fn OPENSSL_sk_num(stack: *const OPENSSL_STACK) -> c_int; + pub fn OPENSSL_sk_value(stack: *const OPENSSL_STACK, idx: c_int) -> *mut c_void; + + pub fn OPENSSL_sk_new_null() -> *mut OPENSSL_STACK; + pub fn OPENSSL_sk_free(st: *mut OPENSSL_STACK); + pub fn OPENSSL_sk_pop_free( + st: *mut OPENSSL_STACK, + free: Option, + ); + pub fn OPENSSL_sk_push(st: *mut OPENSSL_STACK, data: *const c_void) -> c_int; + pub fn OPENSSL_sk_pop(st: *mut OPENSSL_STACK) -> *mut c_void; + } + } else { + extern "C" { + pub fn sk_num(st: *const _STACK) -> c_int; + pub fn sk_value(st: *const _STACK, n: c_int) -> *mut c_void; + + pub fn sk_new_null() -> *mut _STACK; + pub fn sk_free(st: *mut _STACK); + pub fn sk_pop_free(st: *mut _STACK, free: Option); + pub fn sk_push(st: *mut _STACK, data: *mut c_void) -> c_int; + pub fn sk_pop(st: *mut _STACK) -> *mut c_void; + } + } +} diff --git a/openssl-sys/src/handwritten/tls1.rs b/openssl-sys/src/handwritten/tls1.rs new file mode 100644 index 000000000..8cf992fbc --- /dev/null +++ b/openssl-sys/src/handwritten/tls1.rs @@ -0,0 +1,28 @@ +use super::super::*; +use libc::*; + +extern "C" { + pub fn SSL_get_servername(ssl: *const SSL, name_type: c_int) -> *const c_char; + + pub fn SSL_export_keying_material( + s: *mut SSL, + out: *mut c_uchar, + olen: size_t, + label: *const c_char, + llen: size_t, + context: *const c_uchar, + contextlen: size_t, + use_context: c_int, + ) -> c_int; + + #[cfg(ossl111)] + pub fn SSL_export_keying_material_early( + s: *mut SSL, + out: *mut c_uchar, + olen: size_t, + label: *const c_char, + llen: size_t, + context: *const c_uchar, + contextlen: size_t, + ) -> c_int; +} diff --git a/openssl-sys/src/handwritten/types.rs b/openssl-sys/src/handwritten/types.rs new file mode 100644 index 000000000..b229a3759 --- /dev/null +++ b/openssl-sys/src/handwritten/types.rs @@ -0,0 +1,1078 @@ +use libc::*; + +#[allow(unused_imports)] +use super::super::*; + +pub enum ASN1_INTEGER {} +pub enum ASN1_GENERALIZEDTIME {} +pub enum ASN1_STRING {} +pub enum ASN1_BIT_STRING {} +pub enum ASN1_TIME {} +pub enum ASN1_TYPE {} +pub enum ASN1_OBJECT {} +pub enum ASN1_OCTET_STRING {} + +pub enum bio_st {} // FIXME remove +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum BIO {} + } else { + #[repr(C)] + pub struct BIO { + pub method: *mut BIO_METHOD, + pub callback: Option< + unsafe extern "C" fn(*mut BIO, c_int, *const c_char, c_int, c_long, c_long) -> c_long, + >, + pub cb_arg: *mut c_char, + pub init: c_int, + pub shutdown: c_int, + pub flags: c_int, + pub retry_reason: c_int, + pub num: c_int, + pub ptr: *mut c_void, + pub next_bio: *mut BIO, + pub prev_bio: *mut BIO, + pub references: c_int, + pub num_read: c_ulong, + pub num_write: c_ulong, + pub ex_data: CRYPTO_EX_DATA, + } + } +} +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum BIGNUM {} + } else { + #[repr(C)] + pub struct BIGNUM { + pub d: *mut BN_ULONG, + pub top: c_int, + pub dmax: c_int, + pub neg: c_int, + pub flags: c_int, + } + } +} +pub enum BN_BLINDING {} +pub enum BN_MONT_CTX {} + +pub enum BN_CTX {} +pub enum BN_GENCB {} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum EVP_CIPHER {} + } else { + #[repr(C)] + pub struct EVP_CIPHER { + pub nid: c_int, + pub block_size: c_int, + pub key_len: c_int, + pub iv_len: c_int, + pub flags: c_ulong, + pub init: Option< + unsafe extern "C" fn(*mut EVP_CIPHER_CTX, *const c_uchar, *const c_uchar, c_int) -> c_int, + >, + pub do_cipher: Option< + unsafe extern "C" fn(*mut EVP_CIPHER_CTX, *mut c_uchar, *const c_uchar, size_t) -> c_int, + >, + pub cleanup: Option c_int>, + pub ctx_size: c_int, + pub set_asn1_parameters: + Option c_int>, + pub get_asn1_parameters: + Option c_int>, + pub ctrl: + Option c_int>, + pub app_data: *mut c_void, + } + } +} +pub enum EVP_CIPHER_CTX {} +pub enum EVP_MD {} +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum EVP_MD_CTX {} + } else { + #[repr(C)] + pub struct EVP_MD_CTX { + digest: *mut EVP_MD, + engine: *mut ENGINE, + flags: c_ulong, + md_data: *mut c_void, + pctx: *mut EVP_PKEY_CTX, + update: *mut c_void, + } + } +} + +pub enum PKCS8_PRIV_KEY_INFO {} + +pub enum EVP_PKEY_ASN1_METHOD {} + +pub enum EVP_PKEY_CTX {} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum HMAC_CTX {} + } else { + #[repr(C)] + pub struct HMAC_CTX { + md: *mut EVP_MD, + md_ctx: EVP_MD_CTX, + i_ctx: EVP_MD_CTX, + o_ctx: EVP_MD_CTX, + key_length: c_uint, + key: [c_uchar; 128], + } + } +} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum DH {} + } else { + #[repr(C)] + pub struct DH { + pub pad: c_int, + pub version: c_int, + pub p: *mut BIGNUM, + pub g: *mut BIGNUM, + pub length: c_long, + pub pub_key: *mut BIGNUM, + pub priv_key: *mut BIGNUM, + pub flags: c_int, + pub method_mont_p: *mut BN_MONT_CTX, + pub q: *mut BIGNUM, + pub j: *mut BIGNUM, + pub seed: *mut c_uchar, + pub seedlen: c_int, + pub counter: *mut BIGNUM, + pub references: c_int, + pub ex_data: CRYPTO_EX_DATA, + pub meth: *const DH_METHOD, + pub engine: *mut ENGINE, + } + } +} +pub enum DH_METHOD {} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum DSA {} + } else { + #[repr(C)] + pub struct DSA { + pub pad: c_int, + pub version: c_long, + pub write_params: c_int, + + pub p: *mut BIGNUM, + pub q: *mut BIGNUM, + pub g: *mut BIGNUM, + pub pub_key: *mut BIGNUM, + pub priv_key: *mut BIGNUM, + pub kinv: *mut BIGNUM, + pub r: *mut BIGNUM, + + pub flags: c_int, + pub method_mont_p: *mut BN_MONT_CTX, + pub references: c_int, + pub ex_data: CRYPTO_EX_DATA, + pub meth: *const DSA_METHOD, + pub engine: *mut ENGINE, + } + } +} +pub enum DSA_METHOD {} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum RSA {} + } else if #[cfg(libressl)] { + #[repr(C)] + pub struct RSA { + pub pad: c_int, + pub version: c_long, + pub meth: *const RSA_METHOD, + + pub engine: *mut ENGINE, + pub n: *mut BIGNUM, + pub e: *mut BIGNUM, + pub d: *mut BIGNUM, + pub p: *mut BIGNUM, + pub q: *mut BIGNUM, + pub dmp1: *mut BIGNUM, + pub dmq1: *mut BIGNUM, + pub iqmp: *mut BIGNUM, + + pub ex_data: CRYPTO_EX_DATA, + pub references: c_int, + pub flags: c_int, + + pub _method_mod_n: *mut BN_MONT_CTX, + pub _method_mod_p: *mut BN_MONT_CTX, + pub _method_mod_q: *mut BN_MONT_CTX, + + pub blinding: *mut BN_BLINDING, + pub mt_blinding: *mut BN_BLINDING, + } + } else { + #[repr(C)] + pub struct RSA { + pub pad: c_int, + pub version: c_long, + pub meth: *const RSA_METHOD, + + pub engine: *mut ENGINE, + pub n: *mut BIGNUM, + pub e: *mut BIGNUM, + pub d: *mut BIGNUM, + pub p: *mut BIGNUM, + pub q: *mut BIGNUM, + pub dmp1: *mut BIGNUM, + pub dmq1: *mut BIGNUM, + pub iqmp: *mut BIGNUM, + + pub ex_data: CRYPTO_EX_DATA, + pub references: c_int, + pub flags: c_int, + + pub _method_mod_n: *mut BN_MONT_CTX, + pub _method_mod_p: *mut BN_MONT_CTX, + pub _method_mod_q: *mut BN_MONT_CTX, + + pub bignum_data: *mut c_char, + pub blinding: *mut BN_BLINDING, + pub mt_blinding: *mut BN_BLINDING, + } + } +} +pub enum RSA_METHOD {} + +pub enum EC_KEY {} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum X509 {} + } else if #[cfg(libressl)] { + #[repr(C)] + pub struct X509 { + pub cert_info: *mut X509_CINF, + pub sig_alg: *mut X509_ALGOR, + pub signature: *mut ASN1_BIT_STRING, + pub valid: c_int, + pub references: c_int, + pub name: *mut c_char, + pub ex_data: CRYPTO_EX_DATA, + pub ex_pathlen: c_long, + pub ex_pcpathlen: c_long, + pub ex_flags: c_ulong, + pub ex_kusage: c_ulong, + pub ex_xkusage: c_ulong, + pub ex_nscert: c_ulong, + skid: *mut c_void, + akid: *mut c_void, + policy_cache: *mut c_void, + crldp: *mut c_void, + altname: *mut c_void, + nc: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_SHA"))] + sha1_hash: [c_uchar; 20], + aux: *mut c_void, + } + } else { + #[repr(C)] + pub struct X509 { + pub cert_info: *mut X509_CINF, + pub sig_alg: *mut X509_ALGOR, + pub signature: *mut ASN1_BIT_STRING, + pub valid: c_int, + pub references: c_int, + pub name: *mut c_char, + pub ex_data: CRYPTO_EX_DATA, + pub ex_pathlen: c_long, + pub ex_pcpathlen: c_long, + pub ex_flags: c_ulong, + pub ex_kusage: c_ulong, + pub ex_xkusage: c_ulong, + pub ex_nscert: c_ulong, + skid: *mut c_void, + akid: *mut c_void, + policy_cache: *mut c_void, + crldp: *mut c_void, + altname: *mut c_void, + nc: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_RFC3779"))] + rfc3779_addr: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_RFC3779"))] + rfc3779_asid: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_SHA"))] + sha1_hash: [c_uchar; 20], + aux: *mut c_void, + } + } +} +cfg_if! { + if #[cfg(ossl110)] { + pub enum X509_ALGOR {} + } else { + #[repr(C)] + pub struct X509_ALGOR { + pub algorithm: *mut ASN1_OBJECT, + parameter: *mut c_void, + } + } +} + +pub enum X509_LOOKUP_METHOD {} + +pub enum X509_NAME {} + +cfg_if! { + if #[cfg(any(ossl110, libressl270))] { + pub enum X509_STORE {} + } else { + #[repr(C)] + pub struct X509_STORE { + cache: c_int, + pub objs: *mut stack_st_X509_OBJECT, + get_cert_methods: *mut stack_st_X509_LOOKUP, + param: *mut X509_VERIFY_PARAM, + verify: Option c_int>, + verify_cb: Option c_int>, + get_issuer: Option< + extern "C" fn(issuer: *mut *mut X509, ctx: *mut X509_STORE_CTX, x: *mut X509) -> c_int, + >, + check_issued: + Option c_int>, + check_revocation: Option c_int>, + get_crl: Option< + extern "C" fn(ctx: *mut X509_STORE_CTX, crl: *mut *mut X509_CRL, x: *mut X509) -> c_int, + >, + check_crl: Option c_int>, + cert_crl: + Option c_int>, + lookup_certs: + Option *mut stack_st_X509>, + lookup_crls: Option< + extern "C" fn(ctx: *const X509_STORE_CTX, nm: *const X509_NAME) -> *mut stack_st_X509_CRL, + >, + cleanup: Option c_int>, + ex_data: CRYPTO_EX_DATA, + references: c_int, + } + } +} + +pub enum X509_STORE_CTX {} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum X509_VERIFY_PARAM {} + } else if #[cfg(libressl251)] { + #[repr(C)] + pub struct X509_VERIFY_PARAM { + pub name: *mut c_char, + pub check_time: time_t, + pub inh_flags: c_ulong, + pub flags: c_ulong, + pub purpose: c_int, + pub trust: c_int, + pub depth: c_int, + pub policies: *mut stack_st_ASN1_OBJECT, + id: *mut c_void, + } + } else if #[cfg(libressl)] { + #[repr(C)] + pub struct X509_VERIFY_PARAM { + pub name: *mut c_char, + pub check_time: time_t, + pub inh_flags: c_ulong, + pub flags: c_ulong, + pub purpose: c_int, + pub trust: c_int, + pub depth: c_int, + pub policies: *mut stack_st_ASN1_OBJECT, + //pub id: *mut X509_VERIFY_PARAM_ID, + } + } else { + #[repr(C)] + pub struct X509_VERIFY_PARAM { + pub name: *mut c_char, + pub check_time: time_t, + pub inh_flags: c_ulong, + pub flags: c_ulong, + pub purpose: c_int, + pub trust: c_int, + pub depth: c_int, + pub policies: *mut stack_st_ASN1_OBJECT, + #[cfg(ossl102)] + pub id: *mut X509_VERIFY_PARAM_ID, + } + } +} + +cfg_if! { + if #[cfg(any(ossl110, libressl270))] { + pub enum X509_OBJECT {} + } else { + #[repr(C)] + pub struct X509_OBJECT { + pub type_: c_int, + pub data: X509_OBJECT_data, + } + #[repr(C)] + pub union X509_OBJECT_data { + pub ptr: *mut c_char, + pub x509: *mut X509, + pub crl: *mut X509_CRL, + pub pkey: *mut EVP_PKEY, + } + } +} + +pub enum X509_LOOKUP {} + +#[repr(C)] +pub struct X509V3_CTX { + flags: c_int, + issuer_cert: *mut c_void, + subject_cert: *mut c_void, + subject_req: *mut c_void, + crl: *mut c_void, + db_meth: *mut c_void, + db: *mut c_void, + #[cfg(ossl300)] + issuer_pkey: *mut c_void, + // I like the last comment line, it is copied from OpenSSL sources: + // Maybe more here +} +pub enum CONF {} +#[cfg(ossl110)] +pub enum OPENSSL_INIT_SETTINGS {} + +pub enum ENGINE {} +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum SSL {} + } else if #[cfg(libressl251)] { + #[repr(C)] + pub struct SSL { + version: c_int, + method: *const SSL_METHOD, + rbio: *mut BIO, + wbio: *mut BIO, + bbio: *mut BIO, + pub server: c_int, + s3: *mut c_void, + d1: *mut c_void, + param: *mut c_void, + cipher_list: *mut stack_st_SSL_CIPHER, + cert: *mut c_void, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + session: *mut SSL_SESSION, + verify_mode: c_int, + error: c_int, + error_code: c_int, + ctx: *mut SSL_CTX, + verify_result: c_long, + references: c_int, + client_version: c_int, + max_send_fragment: c_uint, + tlsext_hostname: *mut c_char, + tlsext_status_type: c_int, + initial_ctx: *mut SSL_CTX, + enc_read_ctx: *mut EVP_CIPHER_CTX, + read_hash: *mut EVP_MD_CTX, + internal: *mut c_void, + } + } else if #[cfg(libressl)] { + #[repr(C)] + pub struct SSL { + version: c_int, + type_: c_int, + method: *const SSL_METHOD, + rbio: *mut c_void, + wbio: *mut c_void, + bbio: *mut c_void, + rwstate: c_int, + in_handshake: c_int, + handshake_func: Option c_int>, + pub server: c_int, + new_session: c_int, + quiet_shutdown: c_int, + shutdown: c_int, + state: c_int, + rstate: c_int, + init_buf: *mut c_void, + init_msg: *mut c_void, + init_num: c_int, + init_off: c_int, + packet: *mut c_uchar, + packet_length: c_uint, + s3: *mut c_void, + d1: *mut c_void, + read_ahead: c_int, + msg_callback: Option< + unsafe extern "C" fn(c_int, + c_int, + c_int, + *const c_void, + size_t, + *mut SSL, + *mut c_void), + >, + msg_callback_arg: *mut c_void, + hit: c_int, + param: *mut c_void, + cipher_list: *mut stack_st_SSL_CIPHER, + cipher_list_by_id: *mut stack_st_SSL_CIPHER, + mac_flags: c_int, + aead_read_ctx: *mut c_void, + enc_read_ctx: *mut EVP_CIPHER_CTX, + read_hash: *mut EVP_MD_CTX, + aead_write_ctx: *mut c_void, + enc_write_ctx: *mut EVP_CIPHER_CTX, + write_hash: *mut EVP_MD_CTX, + cert: *mut c_void, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + session: *mut SSL_SESSION, + generate_session_id: GEN_SESSION_CB, + verify_mode: c_int, + verify_callback: Option c_int>, + info_callback: Option, + error: c_int, + error_code: c_int, + ctx: *mut SSL_CTX, + debug: c_int, + verify_result: c_long, + ex_data: CRYPTO_EX_DATA, + client_CA: *mut stack_st_X509_NAME, + references: c_int, + options: c_ulong, + mode: c_ulong, + max_cert_list: c_long, + first_packet: c_int, + client_version: c_int, + max_send_fragment: c_uint, + tlsext_debug_cb: + Option, + tlsext_debug_arg: *mut c_void, + tlsext_hostname: *mut c_char, + servername_done: c_int, + tlsext_status_type: c_int, + tlsext_status_expected: c_int, + tlsext_ocsp_ids: *mut c_void, + tlsext_ocsp_exts: *mut c_void, + tlsext_ocsp_resp: *mut c_uchar, + tlsext_ocsp_resplen: c_int, + tlsext_ticket_expected: c_int, + tlsext_ecpointformatlist_length: size_t, + tlsext_ecpointformatlist: *mut c_uchar, + tlsext_ellipticcurvelist_length: size_t, + tlsext_ellipticcurvelist: *mut c_uchar, + tlsext_session_ticket: *mut c_void, + tlsext_session_ticket_ext_cb: tls_session_ticket_ext_cb_fn, + tls_session_ticket_ext_cb_arg: *mut c_void, + tls_session_secret_cb: tls_session_secret_cb_fn, + tls_session_secret_cb_arg: *mut c_void, + initial_ctx: *mut SSL_CTX, + next_proto_negotiated: *mut c_uchar, + next_proto_negotiated_len: c_uchar, + srtp_profiles: *mut c_void, + srtp_profile: *mut c_void, + tlsext_heartbeat: c_uint, + tlsext_hb_pending: c_uint, + tlsext_hb_seq: c_uint, + alpn_client_proto_list: *mut c_uchar, + alpn_client_proto_list_len: c_uint, + renegotiate: c_int, + } + } else { + #[repr(C)] + pub struct SSL { + version: c_int, + type_: c_int, + method: *const SSL_METHOD, + rbio: *mut c_void, + wbio: *mut c_void, + bbio: *mut c_void, + rwstate: c_int, + in_handshake: c_int, + handshake_func: Option c_int>, + pub server: c_int, + new_session: c_int, + quiet_session: c_int, + shutdown: c_int, + state: c_int, + rstate: c_int, + init_buf: *mut c_void, + init_msg: *mut c_void, + init_num: c_int, + init_off: c_int, + packet: *mut c_uchar, + packet_length: c_uint, + s2: *mut c_void, + s3: *mut c_void, + d1: *mut c_void, + read_ahead: c_int, + msg_callback: Option< + unsafe extern "C" fn(c_int, c_int, c_int, *const c_void, size_t, *mut SSL, *mut c_void), + >, + msg_callback_arg: *mut c_void, + hit: c_int, + param: *mut c_void, + cipher_list: *mut stack_st_SSL_CIPHER, + cipher_list_by_id: *mut stack_st_SSL_CIPHER, + mac_flags: c_int, + enc_read_ctx: *mut EVP_CIPHER_CTX, + read_hash: *mut EVP_MD_CTX, + expand: *mut c_void, + enc_write_ctx: *mut EVP_CIPHER_CTX, + write_hash: *mut EVP_MD_CTX, + compress: *mut c_void, + cert: *mut c_void, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + session: *mut SSL_SESSION, + generate_session_id: GEN_SESSION_CB, + verify_mode: c_int, + verify_callback: Option c_int>, + info_callback: Option, + error: c_int, + error_code: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_KRB5"))] + kssl_ctx: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_client_callback: Option< + unsafe extern "C" fn(*mut SSL, *const c_char, *mut c_char, c_uint, *mut c_uchar, c_uint) + -> c_uint, + >, + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_server_callback: + Option c_uint>, + ctx: *mut SSL_CTX, + debug: c_int, + verify_result: c_long, + ex_data: CRYPTO_EX_DATA, + client_CA: *mut stack_st_X509_NAME, + references: c_int, + options: c_ulong, + mode: c_ulong, + max_cert_list: c_long, + first_packet: c_int, + client_version: c_int, + max_send_fragment: c_uint, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_debug_cb: + Option, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_debug_arg: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_hostname: *mut c_char, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + servername_done: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_status_type: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_status_expected: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ocsp_ids: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ocsp_exts: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ocsp_resp: *mut c_uchar, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ocsp_resplen: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ticket_expected: c_int, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ecpointformatlist_length: size_t, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ecpointformatlist: *mut c_uchar, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ellipticcurvelist_length: size_t, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ellipticcurvelist: *mut c_uchar, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_opaque_prf_input: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_opaque_prf_input_len: size_t, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_session_ticket: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_session_ticket_ext_cb: tls_session_ticket_ext_cb_fn, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tls_session_ticket_ext_cb_arg: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tls_session_secret_cb: tls_session_secret_cb_fn, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tls_session_secret_cb_arg: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + initial_ctx: *mut SSL_CTX, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_NEXTPROTONEG") + ))] + next_proto_negotiated: *mut c_uchar, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_NEXTPROTONEG") + ))] + next_proto_negotiated_len: c_uchar, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + srtp_profiles: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + srtp_profile: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_heartbeat: c_uint, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_hb_pending: c_uint, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_hb_seq: c_uint, + renegotiate: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_SRP"))] + srp_ctx: SRP_CTX, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_client_proto_list: *mut c_uchar, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_client_proto_list_len: c_uint, + } + } +} +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum SSL_CTX {} + } else if #[cfg(libressl251)] { + #[repr(C)] + pub struct SSL_CTX { + method: *const SSL_METHOD, + cipher_list: *mut stack_st_SSL_CIPHER, + cert_store: *mut c_void, + session_timeout: c_long, + pub references: c_int, + extra_certs: *mut stack_st_X509, + verify_mode: c_int, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + param: *mut X509_VERIFY_PARAM, + default_passwd_callback: *mut c_void, + default_passwd_callback_userdata: *mut c_void, + internal: *mut c_void, + } + } else if #[cfg(libressl)] { + #[repr(C)] + pub struct SSL_CTX { + method: *mut c_void, + cipher_list: *mut c_void, + cipher_list_by_id: *mut c_void, + cert_store: *mut c_void, + sessions: *mut c_void, + session_cache_size: c_ulong, + session_cache_head: *mut c_void, + session_cache_tail: *mut c_void, + session_cache_mode: c_int, + session_timeout: c_long, + new_session_cb: *mut c_void, + remove_session_cb: *mut c_void, + get_session_cb: *mut c_void, + stats: [c_int; 11], + pub references: c_int, + app_verify_callback: *mut c_void, + app_verify_arg: *mut c_void, + default_passwd_callback: *mut c_void, + default_passwd_callback_userdata: *mut c_void, + client_cert_cb: *mut c_void, + app_gen_cookie_cb: *mut c_void, + app_verify_cookie_cb: *mut c_void, + ex_dat: CRYPTO_EX_DATA, + rsa_md5: *mut c_void, + md5: *mut c_void, + sha1: *mut c_void, + extra_certs: *mut c_void, + comp_methods: *mut c_void, + info_callback: *mut c_void, + client_CA: *mut c_void, + options: c_ulong, + mode: c_ulong, + max_cert_list: c_long, + cert: *mut c_void, + read_ahead: c_int, + msg_callback: *mut c_void, + msg_callback_arg: *mut c_void, + verify_mode: c_int, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; 32], + default_verify_callback: *mut c_void, + generate_session_id: *mut c_void, + param: *mut c_void, + quiet_shutdown: c_int, + max_send_fragment: c_uint, + + #[cfg(not(osslconf = "OPENSSL_NO_ENGINE"))] + client_cert_engine: *mut c_void, + + tlsext_servername_callback: *mut c_void, + tlsect_servername_arg: *mut c_void, + tlsext_tick_key_name: [c_uchar; 16], + tlsext_tick_hmac_key: [c_uchar; 16], + tlsext_tick_aes_key: [c_uchar; 16], + tlsext_ticket_key_cb: *mut c_void, + tlsext_status_cb: *mut c_void, + tlsext_status_arg: *mut c_void, + tlsext_opaque_prf_input_callback: *mut c_void, + tlsext_opaque_prf_input_callback_arg: *mut c_void, + + next_protos_advertised_cb: *mut c_void, + next_protos_advertised_cb_arg: *mut c_void, + next_proto_select_cb: *mut c_void, + next_proto_select_cb_arg: *mut c_void, + + srtp_profiles: *mut c_void, + } + } else { + #[repr(C)] + pub struct SSL_CTX { + method: *mut c_void, + cipher_list: *mut c_void, + cipher_list_by_id: *mut c_void, + cert_store: *mut c_void, + sessions: *mut c_void, + session_cache_size: c_ulong, + session_cache_head: *mut c_void, + session_cache_tail: *mut c_void, + session_cache_mode: c_int, + session_timeout: c_long, + new_session_cb: *mut c_void, + remove_session_cb: *mut c_void, + get_session_cb: *mut c_void, + stats: [c_int; 11], + pub references: c_int, + app_verify_callback: *mut c_void, + app_verify_arg: *mut c_void, + default_passwd_callback: *mut c_void, + default_passwd_callback_userdata: *mut c_void, + client_cert_cb: *mut c_void, + app_gen_cookie_cb: *mut c_void, + app_verify_cookie_cb: *mut c_void, + ex_dat: CRYPTO_EX_DATA, + rsa_md5: *mut c_void, + md5: *mut c_void, + sha1: *mut c_void, + extra_certs: *mut c_void, + comp_methods: *mut c_void, + info_callback: *mut c_void, + client_CA: *mut c_void, + options: c_ulong, + mode: c_ulong, + max_cert_list: c_long, + cert: *mut c_void, + read_ahead: c_int, + msg_callback: *mut c_void, + msg_callback_arg: *mut c_void, + verify_mode: c_int, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; 32], + default_verify_callback: *mut c_void, + generate_session_id: *mut c_void, + param: *mut c_void, + quiet_shutdown: c_int, + max_send_fragment: c_uint, + + #[cfg(not(osslconf = "OPENSSL_NO_ENGINE"))] + client_cert_engine: *mut c_void, + + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_servername_callback: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsect_servername_arg: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_tick_key_name: [c_uchar; 16], + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_tick_hmac_key: [c_uchar; 16], + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_tick_aes_key: [c_uchar; 16], + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ticket_key_cb: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_status_cb: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_status_arg: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_opaque_prf_input_callback: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_opaque_prf_input_callback_arg: *mut c_void, + + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_identity_hint: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_client_callback: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_server_callback: *mut c_void, + + #[cfg(not(osslconf = "OPENSSL_NO_BUF_FREELISTS"))] + freelist_max_len: c_uint, + #[cfg(not(osslconf = "OPENSSL_NO_BUF_FREELISTS"))] + wbuf_freelist: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_BUF_FREELISTS"))] + rbuf_freelist: *mut c_void, + + #[cfg(not(osslconf = "OPENSSL_NO_SRP"))] + srp_ctx: SRP_CTX, + + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_NEXTPROTONEG") + ))] + next_protos_advertised_cb: *mut c_void, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_NEXTPROTONEG") + ))] + next_protos_advertised_cb_arg: *mut c_void, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_NEXTPROTONEG") + ))] + next_proto_select_cb: *mut c_void, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_NEXTPROTONEG") + ))] + next_proto_select_cb_arg: *mut c_void, + + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl101))] + srtp_profiles: *mut c_void, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_select_cb: *mut c_void, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_select_cb_arg: *mut c_void, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_client_proto_list: *mut c_void, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_client_proto_list_len: c_uint, + + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC"), + ossl102 + ))] + tlsext_ecpointformatlist_length: size_t, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC"), + ossl102 + ))] + tlsext_ecpointformatlist: *mut c_uchar, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC"), + ossl102 + ))] + tlsext_ellipticcurvelist_length: size_t, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC"), + ossl102 + ))] + tlsext_ellipticcurvelist: *mut c_uchar, + } + + #[repr(C)] + #[cfg(not(osslconf = "OPENSSL_NO_SRP"))] + pub struct SRP_CTX { + SRP_cb_arg: *mut c_void, + TLS_ext_srp_username_callback: *mut c_void, + SRP_verify_param_callback: *mut c_void, + SRP_give_srp_client_pwd_callback: *mut c_void, + login: *mut c_void, + N: *mut c_void, + g: *mut c_void, + s: *mut c_void, + B: *mut c_void, + A: *mut c_void, + a: *mut c_void, + b: *mut c_void, + v: *mut c_void, + info: *mut c_void, + stringth: c_int, + srp_Mask: c_ulong, + } + } +} + +pub enum COMP_CTX {} + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum COMP_METHOD {} + } else { + #[repr(C)] + pub struct COMP_METHOD { + pub type_: c_int, + pub name: *const c_char, + init: Option c_int>, + finish: Option, + compress: Option< + unsafe extern "C" fn( + *mut COMP_CTX, + *mut c_uchar, + c_uint, + *mut c_uchar, + c_uint, + ) -> c_int, + >, + expand: Option< + unsafe extern "C" fn( + *mut COMP_CTX, + *mut c_uchar, + c_uint, + *mut c_uchar, + c_uint, + ) -> c_int, + >, + ctrl: Option c_long>, + callback_ctrl: Option c_long>, + } + } +} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum CRYPTO_EX_DATA {} + } else if #[cfg(libressl)] { + #[repr(C)] + pub struct CRYPTO_EX_DATA { + pub sk: *mut stack_st_void, + } + } else { + #[repr(C)] + pub struct CRYPTO_EX_DATA { + pub sk: *mut stack_st_void, + pub dummy: c_int, + } + } +} + +pub enum OCSP_RESPONSE {} + +#[cfg(ossl300)] +pub enum OSSL_PROVIDER {} + +#[cfg(ossl300)] +pub enum OSSL_LIB_CTX {} diff --git a/openssl-sys/src/handwritten/x509.rs b/openssl-sys/src/handwritten/x509.rs new file mode 100644 index 000000000..8762e5f98 --- /dev/null +++ b/openssl-sys/src/handwritten/x509.rs @@ -0,0 +1,666 @@ +use super::super::*; +use libc::*; + +#[repr(C)] +pub struct X509_VAL { + pub notBefore: *mut ASN1_TIME, + pub notAfter: *mut ASN1_TIME, +} + +pub enum X509_NAME_ENTRY {} + +stack!(stack_st_X509_NAME); + +pub enum X509_EXTENSION {} + +stack!(stack_st_X509_EXTENSION); + +stack!(stack_st_X509_ATTRIBUTE); + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum X509_REQ_INFO {} + } else { + #[repr(C)] + pub struct X509_REQ_INFO { + pub enc: ASN1_ENCODING, + pub version: *mut ASN1_INTEGER, + pub subject: *mut X509_NAME, + pubkey: *mut c_void, + pub attributes: *mut stack_st_X509_ATTRIBUTE, + } + } +} + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum X509_CRL {} + } else { + #[repr(C)] + pub struct X509_CRL { + pub crl: *mut X509_CRL_INFO, + sig_alg: *mut X509_ALGOR, + signature: *mut c_void, + references: c_int, + flags: c_int, + akid: *mut c_void, + idp: *mut c_void, + idp_flags: c_int, + idp_reasons: c_int, + crl_number: *mut ASN1_INTEGER, + base_crl_number: *mut ASN1_INTEGER, + sha1_hash: [c_uchar; 20], + issuers: *mut c_void, + meth: *const c_void, + meth_data: *mut c_void, + } + } +} + +stack!(stack_st_X509_CRL); + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum X509_CRL_INFO {} + } else { + #[repr(C)] + pub struct X509_CRL_INFO { + version: *mut ASN1_INTEGER, + sig_alg: *mut X509_ALGOR, + pub issuer: *mut X509_NAME, + pub lastUpdate: *mut ASN1_TIME, + pub nextUpdate: *mut ASN1_TIME, + pub revoked: *mut stack_st_X509_REVOKED, + extensions: *mut stack_st_X509_EXTENSION, + enc: ASN1_ENCODING, + } + } +} + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum X509_REVOKED {} + } else { + #[repr(C)] + pub struct X509_REVOKED { + pub serialNumber: *mut ASN1_INTEGER, + pub revocationDate: *mut ASN1_TIME, + pub extensions: *mut stack_st_X509_EXTENSION, + issuer: *mut stack_st_GENERAL_NAME, + reason: c_int, + sequence: c_int, + } + } +} + +stack!(stack_st_X509_REVOKED); + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum X509_REQ {} + } else { + #[repr(C)] + pub struct X509_REQ { + pub req_info: *mut X509_REQ_INFO, + sig_alg: *mut c_void, + signature: *mut c_void, + references: c_int, + } + } +} + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum X509_CINF {} + } else { + #[repr(C)] + pub struct X509_CINF { + version: *mut c_void, + serialNumber: *mut c_void, + signature: *mut c_void, + issuer: *mut c_void, + pub validity: *mut X509_VAL, + subject: *mut c_void, + key: *mut c_void, + issuerUID: *mut c_void, + subjectUID: *mut c_void, + pub extensions: *mut stack_st_X509_EXTENSION, + enc: ASN1_ENCODING, + } + } +} + +stack!(stack_st_X509); + +stack!(stack_st_X509_OBJECT); + +stack!(stack_st_X509_LOOKUP); + +extern "C" { + pub fn X509_verify_cert_error_string(n: c_long) -> *const c_char; + + pub fn X509_sign(x: *mut X509, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int; + + pub fn X509_digest( + x: *const X509, + digest: *const EVP_MD, + buf: *mut c_uchar, + len: *mut c_uint, + ) -> c_int; + + pub fn X509_REQ_sign(x: *mut X509_REQ, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int; +} + +const_ptr_api! { + extern "C" { + pub fn i2d_X509_bio(b: *mut BIO, x: #[const_ptr_if(ossl300)] X509) -> c_int; + pub fn i2d_X509_REQ_bio(b: *mut BIO, x: #[const_ptr_if(ossl300)] X509_REQ) -> c_int; + pub fn i2d_PrivateKey_bio(b: *mut BIO, x: #[const_ptr_if(ossl300)] EVP_PKEY) -> c_int; + pub fn i2d_PUBKEY_bio(b: *mut BIO, x: #[const_ptr_if(ossl300)] EVP_PKEY) -> c_int; + + pub fn i2d_PUBKEY(k: #[const_ptr_if(ossl300)] EVP_PKEY, buf: *mut *mut u8) -> c_int; + pub fn i2d_RSA_PUBKEY(k: #[const_ptr_if(ossl300)] RSA, buf: *mut *mut u8) -> c_int; + pub fn i2d_DSA_PUBKEY(a: #[const_ptr_if(ossl300)] DSA, pp: *mut *mut c_uchar) -> c_int; + pub fn i2d_PrivateKey(k: #[const_ptr_if(ossl300)] EVP_PKEY, buf: *mut *mut u8) -> c_int; + pub fn i2d_ECPrivateKey(ec_key: #[const_ptr_if(ossl300)] EC_KEY, pp: *mut *mut c_uchar) -> c_int; + pub fn i2d_EC_PUBKEY(a: #[const_ptr_if(ossl300)] EC_KEY, pp: *mut *mut c_uchar) -> c_int; + } +} +extern "C" { + pub fn d2i_PUBKEY(k: *mut *mut EVP_PKEY, buf: *mut *const u8, len: c_long) -> *mut EVP_PKEY; + pub fn d2i_RSA_PUBKEY(k: *mut *mut RSA, buf: *mut *const u8, len: c_long) -> *mut RSA; + pub fn d2i_DSA_PUBKEY(k: *mut *mut DSA, pp: *mut *const c_uchar, length: c_long) -> *mut DSA; + pub fn d2i_EC_PUBKEY( + a: *mut *mut EC_KEY, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut EC_KEY; + + pub fn d2i_ECPrivateKey( + k: *mut *mut EC_KEY, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut EC_KEY; +} + +const_ptr_api! { + extern "C" { + #[cfg(any(ossl102, libressl350))] + pub fn X509_ALGOR_get0( + paobj: *mut #[const_ptr_if(any(ossl110, libressl350))] ASN1_OBJECT, + pptype: *mut c_int, + ppval: *mut #[const_ptr_if(any(ossl110, libressl350))] c_void, + alg: #[const_ptr_if(any(ossl110, libressl350))] X509_ALGOR, + ); + } +} + +extern "C" { + pub fn X509_gmtime_adj(time: *mut ASN1_TIME, adj: c_long) -> *mut ASN1_TIME; + + pub fn X509_to_X509_REQ(x: *mut X509, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> *mut X509_REQ; + + pub fn X509_ALGOR_free(x: *mut X509_ALGOR); + + pub fn X509_REVOKED_new() -> *mut X509_REVOKED; + pub fn X509_REVOKED_free(x: *mut X509_REVOKED); +} +const_ptr_api! { + extern "C" { + #[cfg(any(ossl110, libressl270))] + pub fn X509_REVOKED_dup(rev: #[const_ptr_if(ossl300)] X509_REVOKED) -> *mut X509_REVOKED; + } +} + +extern "C" { + pub fn d2i_X509_REVOKED( + a: *mut *mut X509_REVOKED, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut X509_REVOKED; +} +const_ptr_api! { + extern "C" { + pub fn i2d_X509_REVOKED(x: #[const_ptr_if(ossl300)] X509_REVOKED, buf: *mut *mut u8) -> c_int; + } +} +extern "C" { + pub fn X509_CRL_new() -> *mut X509_CRL; + pub fn X509_CRL_free(x: *mut X509_CRL); + pub fn d2i_X509_CRL( + a: *mut *mut X509_CRL, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut X509_CRL; +} +const_ptr_api! { + extern "C" { + pub fn i2d_X509_CRL(x: #[const_ptr_if(ossl300)] X509_CRL, buf: *mut *mut u8) -> c_int; + #[cfg(any(ossl110, libressl270))] + pub fn X509_CRL_dup(x: #[const_ptr_if(ossl300)] X509_CRL) -> *mut X509_CRL; + } +} + +extern "C" { + pub fn X509_REQ_new() -> *mut X509_REQ; + pub fn X509_REQ_free(x: *mut X509_REQ); + pub fn d2i_X509_REQ( + a: *mut *mut X509_REQ, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut X509_REQ; +} +const_ptr_api! { + extern "C" { + pub fn i2d_X509_REQ(x: #[const_ptr_if(ossl300)] X509_REQ, buf: *mut *mut u8) -> c_int; + + #[cfg(any(ossl102, libressl273))] + pub fn X509_get0_signature( + psig: *mut #[const_ptr_if(any(ossl110, libressl273))] ASN1_BIT_STRING, + palg: *mut #[const_ptr_if(any(ossl110, libressl273))] X509_ALGOR, + x: *const X509, + ); + + #[cfg(any(ossl110, libressl270))] + pub fn X509_REQ_dup(x: #[const_ptr_if(ossl300)] X509_REQ) -> *mut X509_REQ; + } +} +extern "C" { + #[cfg(ossl102)] + pub fn X509_get_signature_nid(x: *const X509) -> c_int; + + pub fn X509_EXTENSION_free(ext: *mut X509_EXTENSION); + + pub fn X509_NAME_ENTRY_free(x: *mut X509_NAME_ENTRY); + + pub fn X509_NAME_new() -> *mut X509_NAME; + pub fn X509_NAME_free(x: *mut X509_NAME); + + pub fn X509_new() -> *mut X509; + pub fn X509_free(x: *mut X509); +} +const_ptr_api! { + extern "C" { + pub fn i2d_X509(x: #[const_ptr_if(ossl300)] X509, buf: *mut *mut u8) -> c_int; + #[cfg(any(ossl110, libressl270))] + pub fn X509_NAME_dup(x: #[const_ptr_if(ossl300)] X509_NAME) -> *mut X509_NAME; + #[cfg(any(ossl110, libressl270))] + pub fn X509_dup(x: #[const_ptr_if(ossl300)] X509) -> *mut X509; + #[cfg(any(ossl101, libressl350))] + pub fn X509_NAME_add_entry( + name: *mut X509_NAME, + ne: #[const_ptr_if(any(ossl110, libressl))] X509_NAME_ENTRY, + loc: c_int, + set: c_int, + ) -> c_int; + } +} +extern "C" { + pub fn d2i_X509(a: *mut *mut X509, pp: *mut *const c_uchar, length: c_long) -> *mut X509; + pub fn d2i_X509_bio(b: *mut BIO, a: *mut *mut X509) -> *mut X509; + + pub fn X509_get_pubkey(x: *mut X509) -> *mut EVP_PKEY; + + pub fn X509_set_version(x: *mut X509, version: c_long) -> c_int; + #[cfg(ossl110)] + pub fn X509_get_version(x: *const X509) -> c_long; + pub fn X509_set_serialNumber(x: *mut X509, sn: *mut ASN1_INTEGER) -> c_int; + pub fn X509_get_serialNumber(x: *mut X509) -> *mut ASN1_INTEGER; +} +const_ptr_api! { + extern "C" { + pub fn X509_set_issuer_name(x: *mut X509, name: #[const_ptr_if(ossl300)] X509_NAME) -> c_int; + } +} +extern "C" { + pub fn X509_issuer_name_hash(x: *mut X509) -> c_ulong; + pub fn X509_subject_name_hash(x: *mut X509) -> c_ulong; +} +const_ptr_api! { + extern "C" { + pub fn X509_get_issuer_name(x: #[const_ptr_if(any(ossl110, libressl280))] X509) -> *mut X509_NAME; + pub fn X509_set_subject_name(x: *mut X509, name: #[const_ptr_if(ossl300)] X509_NAME) -> c_int; + pub fn X509_get_subject_name(x: #[const_ptr_if(any(ossl110, libressl280))] X509) -> *mut X509_NAME; + } +} +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + extern "C" { + pub fn X509_set1_notBefore(x: *mut X509, tm: *const ASN1_TIME) -> c_int; + pub fn X509_set1_notAfter(x: *mut X509, tm: *const ASN1_TIME) -> c_int; + } + } else { + extern "C" { + pub fn X509_set_notBefore(x: *mut X509, tm: *const ASN1_TIME) -> c_int; + pub fn X509_set_notAfter(x: *mut X509, tm: *const ASN1_TIME) -> c_int; + } + } +} +extern "C" { + #[cfg(any(ossl110, libressl350))] + pub fn X509_REQ_get_version(req: *const X509_REQ) -> c_long; + pub fn X509_REQ_set_version(req: *mut X509_REQ, version: c_long) -> c_int; + #[cfg(any(ossl110, libressl350))] + pub fn X509_REQ_get_subject_name(req: *const X509_REQ) -> *mut X509_NAME; +} +const_ptr_api! { + extern "C" { + pub fn X509_REQ_set_subject_name(req: *mut X509_REQ, name: #[const_ptr_if(ossl300)] X509_NAME) -> c_int; + } +} +extern "C" { + pub fn X509_REQ_set_pubkey(req: *mut X509_REQ, pkey: *mut EVP_PKEY) -> c_int; + pub fn X509_REQ_get_pubkey(req: *mut X509_REQ) -> *mut EVP_PKEY; + pub fn X509_REQ_get_extensions(req: *mut X509_REQ) -> *mut stack_st_X509_EXTENSION; +} +const_ptr_api! { + extern "C" { + pub fn X509_REQ_add_extensions(req: *mut X509_REQ, exts: #[const_ptr_if(ossl300)] stack_st_X509_EXTENSION) + -> c_int; + } +} +extern "C" { + pub fn X509_set_pubkey(x: *mut X509, pkey: *mut EVP_PKEY) -> c_int; + pub fn X509_REQ_verify(req: *mut X509_REQ, pkey: *mut EVP_PKEY) -> c_int; + #[cfg(any(ossl110, libressl273))] + pub fn X509_getm_notBefore(x: *const X509) -> *mut ASN1_TIME; + #[cfg(any(ossl110, libressl273))] + pub fn X509_getm_notAfter(x: *const X509) -> *mut ASN1_TIME; + #[cfg(any(ossl110, libressl273))] + pub fn X509_up_ref(x: *mut X509) -> c_int; + + #[cfg(any(ossl110, libressl270))] + pub fn X509_REVOKED_get0_serialNumber(req: *const X509_REVOKED) -> *const ASN1_INTEGER; + #[cfg(any(ossl110, libressl270))] + pub fn X509_REVOKED_get0_revocationDate(req: *const X509_REVOKED) -> *const ASN1_TIME; + #[cfg(any(ossl110, libressl270))] + pub fn X509_REVOKED_get0_extensions(r: *const X509_REVOKED) -> *const stack_st_X509_EXTENSION; + + pub fn X509_REVOKED_set_serialNumber(r: *mut X509_REVOKED, serial: *mut ASN1_INTEGER) -> c_int; + pub fn X509_REVOKED_set_revocationDate(r: *mut X509_REVOKED, tm: *mut ASN1_TIME) -> c_int; + + pub fn X509_CRL_sign(x: *mut X509_CRL, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int; + pub fn X509_CRL_digest( + x: *const X509_CRL, + digest: *const EVP_MD, + md: *mut c_uchar, + len: *mut c_uint, + ) -> c_int; + pub fn X509_CRL_verify(crl: *mut X509_CRL, pkey: *mut EVP_PKEY) -> c_int; + pub fn X509_CRL_get0_by_cert( + x: *mut X509_CRL, + ret: *mut *mut X509_REVOKED, + cert: *mut X509, + ) -> c_int; +} +const_ptr_api! { + extern "C" { + pub fn X509_CRL_get0_by_serial( + x: *mut X509_CRL, + ret: *mut *mut X509_REVOKED, + serial: #[const_ptr_if(ossl300)] ASN1_INTEGER, + ) -> c_int; + } +} + +extern "C" { + #[cfg(any(ossl110, libressl281))] + pub fn X509_CRL_get_REVOKED(crl: *mut X509_CRL) -> *mut stack_st_X509_REVOKED; + #[cfg(any(ossl110, libressl281))] + pub fn X509_CRL_get0_nextUpdate(x: *const X509_CRL) -> *const ASN1_TIME; + #[cfg(any(ossl110, libressl281))] + pub fn X509_CRL_get0_lastUpdate(x: *const X509_CRL) -> *const ASN1_TIME; + #[cfg(any(ossl110, libressl281))] + pub fn X509_CRL_get_issuer(x: *const X509_CRL) -> *mut X509_NAME; + + #[cfg(ossl110)] + pub fn X509_get0_extensions(req: *const X509) -> *const stack_st_X509_EXTENSION; + + pub fn X509_CRL_set_version(crl: *mut X509_CRL, version: c_long) -> c_int; +} +const_ptr_api! { + extern "C" { + pub fn X509_CRL_set_issuer_name(crl: *mut X509_CRL, name: #[const_ptr_if(ossl300)] X509_NAME) -> c_int; + } +} +extern "C" { + pub fn X509_CRL_sort(crl: *mut X509_CRL) -> c_int; + + #[cfg(any(ossl110, libressl270))] + pub fn X509_CRL_up_ref(crl: *mut X509_CRL) -> c_int; + pub fn X509_CRL_add0_revoked(crl: *mut X509_CRL, rev: *mut X509_REVOKED) -> c_int; +} +cfg_if! { + if #[cfg(any(ossl110, libressl270))] { + extern "C" { + pub fn X509_CRL_set1_lastUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int; + pub fn X509_CRL_set1_nextUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int; + } + } else { + // libressl270 kept them, ossl110 "#define"s them to the variants above + extern "C" { + pub fn X509_CRL_set_lastUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int; + pub fn X509_CRL_set_nextUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int; + } + } +} + +const_ptr_api! { + extern "C" { + pub fn X509_NAME_entry_count(n: #[const_ptr_if(any(ossl110, libressl280))] X509_NAME) -> c_int; + pub fn X509_NAME_get_index_by_NID(n: #[const_ptr_if(any(ossl300, libressl280))] X509_NAME, nid: c_int, last_pos: c_int) -> c_int; + pub fn X509_NAME_get_entry(n: #[const_ptr_if(any(ossl110, libressl280))] X509_NAME, loc: c_int) -> *mut X509_NAME_ENTRY; + pub fn X509_NAME_add_entry_by_NID( + x: *mut X509_NAME, + field: c_int, + ty: c_int, + bytes: #[const_ptr_if(any(ossl110, libressl280))] c_uchar, + len: c_int, + loc: c_int, + set: c_int, + ) -> c_int; + pub fn i2d_X509_NAME(n: #[const_ptr_if(ossl300)] X509_NAME, buf: *mut *mut u8) -> c_int; + pub fn X509_NAME_ENTRY_get_object(ne: #[const_ptr_if(any(ossl110, libressl280))] X509_NAME_ENTRY) -> *mut ASN1_OBJECT; + pub fn X509_NAME_ENTRY_get_data(ne: #[const_ptr_if(any(ossl110, libressl280))] X509_NAME_ENTRY) -> *mut ASN1_STRING; + } +} +extern "C" { + pub fn X509_NAME_add_entry_by_txt( + x: *mut X509_NAME, + field: *const c_char, + ty: c_int, + bytes: *const c_uchar, + len: c_int, + loc: c_int, + set: c_int, + ) -> c_int; + pub fn d2i_X509_NAME( + n: *mut *mut X509_NAME, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut X509_NAME; +} + +// "raw" X509_EXTENSION related functions +extern "C" { + // in X509 + pub fn X509_delete_ext(x: *mut X509, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509_add_ext(x: *mut X509, ext: *mut X509_EXTENSION, loc: c_int) -> c_int; + pub fn X509_add1_ext_i2d( + x: *mut X509, + nid: c_int, + value: *mut c_void, + crit: c_int, + flags: c_ulong, + ) -> c_int; + // in X509_CRL + pub fn X509_CRL_delete_ext(x: *mut X509_CRL, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509_CRL_add_ext(x: *mut X509_CRL, ext: *mut X509_EXTENSION, loc: c_int) -> c_int; + pub fn X509_CRL_add1_ext_i2d( + x: *mut X509_CRL, + nid: c_int, + value: *mut c_void, + crit: c_int, + flags: c_ulong, + ) -> c_int; + // in X509_REVOKED + pub fn X509_REVOKED_delete_ext(x: *mut X509_REVOKED, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509_REVOKED_add_ext( + x: *mut X509_REVOKED, + ext: *mut X509_EXTENSION, + loc: c_int, + ) -> c_int; + pub fn X509_REVOKED_add1_ext_i2d( + x: *mut X509_REVOKED, + nid: c_int, + value: *mut c_void, + crit: c_int, + flags: c_ulong, + ) -> c_int; + // X509_EXTENSION stack + // - these getters always used *const STACK + pub fn X509v3_get_ext_count(x: *const stack_st_X509_EXTENSION) -> c_int; + pub fn X509v3_get_ext_by_NID( + x: *const stack_st_X509_EXTENSION, + nid: c_int, + lastpos: c_int, + ) -> c_int; + pub fn X509v3_get_ext_by_critical( + x: *const stack_st_X509_EXTENSION, + crit: c_int, + lastpos: c_int, + ) -> c_int; + pub fn X509v3_get_ext(x: *const stack_st_X509_EXTENSION, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509v3_delete_ext(x: *mut stack_st_X509_EXTENSION, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509v3_add_ext( + x: *mut *mut stack_st_X509_EXTENSION, + ex: *mut X509_EXTENSION, + loc: c_int, + ) -> *mut stack_st_X509_EXTENSION; + // - X509V3_add1_i2d in x509v3.rs + // X509_EXTENSION itself + pub fn X509_EXTENSION_create_by_NID( + ex: *mut *mut X509_EXTENSION, + nid: c_int, + crit: c_int, + data: *mut ASN1_OCTET_STRING, + ) -> *mut X509_EXTENSION; + pub fn X509_EXTENSION_set_critical(ex: *mut X509_EXTENSION, crit: c_int) -> c_int; + pub fn X509_EXTENSION_set_data(ex: *mut X509_EXTENSION, data: *mut ASN1_OCTET_STRING) -> c_int; + pub fn X509_EXTENSION_get_object(ext: *mut X509_EXTENSION) -> *mut ASN1_OBJECT; + pub fn X509_EXTENSION_get_data(ext: *mut X509_EXTENSION) -> *mut ASN1_OCTET_STRING; +} +const_ptr_api! { + extern "C" { + // in X509 + pub fn X509_get_ext_count(x: #[const_ptr_if(any(ossl110, libressl280))] X509) -> c_int; + pub fn X509_get_ext_by_NID(x: #[const_ptr_if(any(ossl110, libressl280))] X509, nid: c_int, lastpos: c_int) -> c_int; + pub fn X509_get_ext_by_OBJ(x: #[const_ptr_if(any(ossl110, libressl280))] X509, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, lastpos: c_int) -> c_int; + pub fn X509_get_ext_by_critical(x: #[const_ptr_if(any(ossl110, libressl280))] X509, crit: c_int, lastpos: c_int) -> c_int; + pub fn X509_get_ext(x: #[const_ptr_if(any(ossl110, libressl280))] X509, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509_get_ext_d2i( + x: #[const_ptr_if(any(ossl110, libressl280))] X509, + nid: c_int, + crit: *mut c_int, + idx: *mut c_int, + ) -> *mut c_void; + // in X509_CRL + pub fn X509_CRL_get_ext_count(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL) -> c_int; + pub fn X509_CRL_get_ext_by_NID(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, nid: c_int, lastpos: c_int) -> c_int; + pub fn X509_CRL_get_ext_by_OBJ(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, lastpos: c_int) -> c_int; + pub fn X509_CRL_get_ext_by_critical(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, crit: c_int, lastpos: c_int) -> c_int; + pub fn X509_CRL_get_ext(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509_CRL_get_ext_d2i( + x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, + nid: c_int, + crit: *mut c_int, + idx: *mut c_int, + ) -> *mut c_void; + // in X509_REVOKED + pub fn X509_REVOKED_get_ext_count(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED) -> c_int; + pub fn X509_REVOKED_get_ext_by_NID(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, nid: c_int, lastpos: c_int) -> c_int; + pub fn X509_REVOKED_get_ext_by_OBJ(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, lastpos: c_int) -> c_int; + pub fn X509_REVOKED_get_ext_by_critical(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, crit: c_int, lastpos: c_int) -> c_int; + pub fn X509_REVOKED_get_ext(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509_REVOKED_get_ext_d2i( + x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, + nid: c_int, + crit: *mut c_int, + idx: *mut c_int, + ) -> *mut c_void; + // X509_EXTENSION stack + pub fn X509v3_get_ext_by_OBJ(x: *const stack_st_X509_EXTENSION, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, lastpos: c_int) -> c_int; + // X509_EXTENSION itself + pub fn X509_EXTENSION_create_by_OBJ(ex: *mut *mut X509_EXTENSION, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, crit: c_int, data: *mut ASN1_OCTET_STRING) -> *mut X509_EXTENSION; + pub fn X509_EXTENSION_set_object(ex: *mut X509_EXTENSION, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT) -> c_int; + pub fn X509_EXTENSION_get_critical(ex: #[const_ptr_if(any(ossl110, libressl280))] X509_EXTENSION) -> c_int; + } +} + +extern "C" { + pub fn X509_verify_cert(ctx: *mut X509_STORE_CTX) -> c_int; +} + +const_ptr_api! { + extern "C" { + #[cfg(any(ossl110, libressl270))] + pub fn X509_STORE_get0_objects(ctx: #[const_ptr_if(ossl300)] X509_STORE) -> *mut stack_st_X509_OBJECT; + } +} +#[cfg(any(ossl110, libressl270))] +extern "C" { + pub fn X509_OBJECT_get0_X509(x: *const X509_OBJECT) -> *mut X509; +} + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + extern "C" { + pub fn X509_OBJECT_free(a: *mut X509_OBJECT); + } + } else { + extern "C" { + pub fn X509_OBJECT_free_contents(a: *mut X509_OBJECT); + } + } +} + +extern "C" { + pub fn X509_get_default_cert_file_env() -> *const c_char; + pub fn X509_get_default_cert_file() -> *const c_char; + pub fn X509_get_default_cert_dir_env() -> *const c_char; + pub fn X509_get_default_cert_dir() -> *const c_char; +} + +extern "C" { + pub fn X509_cmp(a: *const X509, b: *const X509) -> c_int; + pub fn X509_NAME_cmp(a: *const X509_NAME, b: *const X509_NAME) -> c_int; + pub fn X509_issuer_and_serial_cmp(a: *const X509, b: *const X509) -> c_int; + pub fn X509_issuer_name_cmp(a: *const X509, b: *const X509) -> c_int; + pub fn X509_subject_name_cmp(a: *const X509, b: *const X509) -> c_int; + pub fn X509_CRL_cmp(a: *const X509_CRL, b: *const X509_CRL) -> c_int; + pub fn X509_CRL_match(a: *const X509_CRL, b: *const X509_CRL) -> c_int; +} + +extern "C" { + pub fn X509_print(bio: *mut BIO, x509: *mut X509) -> c_int; + pub fn X509_REQ_print(bio: *mut BIO, req: *mut X509_REQ) -> c_int; +} + +#[repr(C)] +pub struct X509_PURPOSE { + pub purpose: c_int, + pub trust: c_int, // Default trust ID + pub flags: c_int, + pub check_purpose: + Option c_int>, + pub name: *mut c_char, + pub sname: *mut c_char, + pub usr_data: *mut c_void, +} + +const_ptr_api! { + extern "C" { + pub fn X509_PURPOSE_get_by_sname(sname: #[const_ptr_if(any(ossl110, libressl280))] c_char) -> c_int; + pub fn X509_PURPOSE_get0(idx: c_int) -> *mut X509_PURPOSE; + } +} diff --git a/openssl-sys/src/handwritten/x509_vfy.rs b/openssl-sys/src/handwritten/x509_vfy.rs new file mode 100644 index 000000000..9adf63fa0 --- /dev/null +++ b/openssl-sys/src/handwritten/x509_vfy.rs @@ -0,0 +1,132 @@ +use super::super::*; +use libc::*; + +#[cfg(any(libressl, all(ossl102, not(ossl110))))] +pub enum X509_VERIFY_PARAM_ID {} + +extern "C" { + #[cfg(ossl110)] + pub fn X509_LOOKUP_meth_free(method: *mut X509_LOOKUP_METHOD); +} + +extern "C" { + pub fn X509_LOOKUP_free(ctx: *mut X509_LOOKUP); + pub fn X509_LOOKUP_hash_dir() -> *mut X509_LOOKUP_METHOD; + pub fn X509_LOOKUP_file() -> *mut X509_LOOKUP_METHOD; + pub fn X509_LOOKUP_ctrl( + ctx: *mut X509_LOOKUP, + cmd: c_int, + argc: *const c_char, + argl: c_long, + ret: *mut *mut c_char, + ) -> c_int; + pub fn X509_load_cert_file(ctx: *mut X509_LOOKUP, file: *const c_char, _type: c_int) -> c_int; + pub fn X509_load_crl_file(ctx: *mut X509_LOOKUP, file: *const c_char, _type: c_int) -> c_int; +} + +extern "C" { + pub fn X509_STORE_new() -> *mut X509_STORE; + pub fn X509_STORE_free(store: *mut X509_STORE); + + pub fn X509_STORE_CTX_new() -> *mut X509_STORE_CTX; + + pub fn X509_STORE_CTX_free(ctx: *mut X509_STORE_CTX); + pub fn X509_STORE_CTX_init( + ctx: *mut X509_STORE_CTX, + store: *mut X509_STORE, + x509: *mut X509, + chain: *mut stack_st_X509, + ) -> c_int; + pub fn X509_STORE_CTX_cleanup(ctx: *mut X509_STORE_CTX); + + pub fn X509_STORE_add_cert(store: *mut X509_STORE, x: *mut X509) -> c_int; + + pub fn X509_STORE_add_lookup( + store: *mut X509_STORE, + meth: *mut X509_LOOKUP_METHOD, + ) -> *mut X509_LOOKUP; + + pub fn X509_STORE_set_default_paths(store: *mut X509_STORE) -> c_int; + pub fn X509_STORE_set_flags(store: *mut X509_STORE, flags: c_ulong) -> c_int; + pub fn X509_STORE_set_purpose(ctx: *mut X509_STORE, purpose: c_int) -> c_int; + pub fn X509_STORE_set_trust(ctx: *mut X509_STORE, trust: c_int) -> c_int; + +} + +const_ptr_api! { + extern "C" { + pub fn X509_STORE_set1_param(store: *mut X509_STORE, pm: #[const_ptr_if(ossl300)] X509_VERIFY_PARAM) -> c_int; + } +} + +const_ptr_api! { + extern "C" { + pub fn X509_STORE_CTX_get_ex_data(ctx: #[const_ptr_if(ossl300)] X509_STORE_CTX, idx: c_int) -> *mut c_void; + pub fn X509_STORE_CTX_get_error(ctx: #[const_ptr_if(ossl300)] X509_STORE_CTX) -> c_int; + pub fn X509_STORE_CTX_get_error_depth(ctx: #[const_ptr_if(ossl300)] X509_STORE_CTX) -> c_int; + pub fn X509_STORE_CTX_get_current_cert(ctx: #[const_ptr_if(ossl300)] X509_STORE_CTX) -> *mut X509; + } +} +extern "C" { + pub fn X509_STORE_CTX_set_error(ctx: *mut X509_STORE_CTX, error: c_int); +} +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + const_ptr_api! { + extern "C" { + pub fn X509_STORE_CTX_get0_chain(ctx: #[const_ptr_if(ossl300)] X509_STORE_CTX) -> *mut stack_st_X509; + } + } + } else { + extern "C" { + pub fn X509_STORE_CTX_get_chain(ctx: *mut X509_STORE_CTX) -> *mut stack_st_X509; + } + } +} + +extern "C" { + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_new() -> *mut X509_VERIFY_PARAM; + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_free(param: *mut X509_VERIFY_PARAM); + + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_set_flags(param: *mut X509_VERIFY_PARAM, flags: c_ulong) -> c_int; + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_clear_flags(param: *mut X509_VERIFY_PARAM, flags: c_ulong) -> c_int; + + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_set_time(param: *mut X509_VERIFY_PARAM, t: time_t); + + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_set_depth(param: *mut X509_VERIFY_PARAM, depth: c_int); +} +const_ptr_api! { + extern "C" { + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_get_flags(param: #[const_ptr_if(ossl300)] X509_VERIFY_PARAM) -> c_ulong; + } +} + +extern "C" { + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_set1_host( + param: *mut X509_VERIFY_PARAM, + name: *const c_char, + namelen: size_t, + ) -> c_int; + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_set_hostflags(param: *mut X509_VERIFY_PARAM, flags: c_uint); + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_set1_ip( + param: *mut X509_VERIFY_PARAM, + ip: *const c_uchar, + iplen: size_t, + ) -> c_int; + #[cfg(ossl110)] + pub fn X509_VERIFY_PARAM_set_auth_level(param: *mut X509_VERIFY_PARAM, lvl: c_int); + #[cfg(ossl110)] + pub fn X509_VERIFY_PARAM_get_auth_level(param: *const X509_VERIFY_PARAM) -> c_int; + #[cfg(ossl102)] + pub fn X509_VERIFY_PARAM_set_purpose(param: *mut X509_VERIFY_PARAM, purpose: c_int) -> c_int; +} diff --git a/openssl-sys/src/handwritten/x509v3.rs b/openssl-sys/src/handwritten/x509v3.rs new file mode 100644 index 000000000..d0923e32b --- /dev/null +++ b/openssl-sys/src/handwritten/x509v3.rs @@ -0,0 +1,104 @@ +use super::super::*; +use libc::*; + +pub enum CONF_METHOD {} + +extern "C" { + pub fn GENERAL_NAME_free(name: *mut GENERAL_NAME); +} + +#[repr(C)] +pub struct ACCESS_DESCRIPTION { + pub method: *mut ASN1_OBJECT, + pub location: *mut GENERAL_NAME, +} + +stack!(stack_st_ACCESS_DESCRIPTION); + +extern "C" { + pub fn ACCESS_DESCRIPTION_free(ad: *mut ACCESS_DESCRIPTION); +} + +#[repr(C)] +pub struct AUTHORITY_KEYID { + pub keyid: *mut ASN1_OCTET_STRING, + pub issuer: *mut stack_st_GENERAL_NAME, + pub serial: *mut ASN1_INTEGER, +} + +extern "C" { + pub fn AUTHORITY_KEYID_free(akid: *mut AUTHORITY_KEYID); +} + +const_ptr_api! { + extern "C" { + pub fn X509V3_EXT_nconf_nid( + conf: *mut CONF, + ctx: *mut X509V3_CTX, + ext_nid: c_int, + value: #[const_ptr_if(any(ossl110, libressl280))] c_char, + ) -> *mut X509_EXTENSION; + pub fn X509V3_EXT_nconf( + conf: *mut CONF, + ctx: *mut X509V3_CTX, + name: #[const_ptr_if(any(ossl110, libressl280))] c_char, + value: #[const_ptr_if(any(ossl110, libressl280))] c_char, + ) -> *mut X509_EXTENSION; + } +} + +extern "C" { + pub fn X509_check_issued(issuer: *mut X509, subject: *mut X509) -> c_int; + pub fn X509_verify(req: *mut X509, pkey: *mut EVP_PKEY) -> c_int; + + pub fn X509V3_set_nconf(ctx: *mut X509V3_CTX, conf: *mut CONF); + + pub fn X509V3_set_ctx( + ctx: *mut X509V3_CTX, + issuer: *mut X509, + subject: *mut X509, + req: *mut X509_REQ, + crl: *mut X509_CRL, + flags: c_int, + ); + + pub fn X509_get1_ocsp(x: *mut X509) -> *mut stack_st_OPENSSL_STRING; +} + +const_ptr_api! { + extern "C" { + pub fn X509V3_get_d2i( + x: #[const_ptr_if(any(ossl110, libressl280))] stack_st_X509_EXTENSION, + nid: c_int, + crit: *mut c_int, + idx: *mut c_int, + ) -> *mut c_void; + pub fn X509V3_extensions_print(out: *mut BIO, title: #[const_ptr_if(any(ossl110, libressl280))] c_char, exts: #[const_ptr_if(any(ossl110, libressl280))] stack_st_X509_EXTENSION, flag: c_ulong, indent: c_int) -> c_int; + } +} + +extern "C" { + pub fn X509V3_EXT_add_alias(nid_to: c_int, nid_from: c_int) -> c_int; + pub fn X509V3_EXT_d2i(ext: *mut X509_EXTENSION) -> *mut c_void; + pub fn X509V3_EXT_i2d(ext_nid: c_int, crit: c_int, ext: *mut c_void) -> *mut X509_EXTENSION; + pub fn X509V3_add1_i2d( + x: *mut *mut stack_st_X509_EXTENSION, + nid: c_int, + value: *mut c_void, + crit: c_int, + flags: c_ulong, + ) -> c_int; + pub fn X509V3_EXT_print( + out: *mut BIO, + ext: *mut X509_EXTENSION, + flag: c_ulong, + indent: c_int, + ) -> c_int; + + #[cfg(ossl110)] + pub fn X509_get_extension_flags(x: *mut X509) -> u32; + #[cfg(ossl110)] + pub fn X509_get_key_usage(x: *mut X509) -> u32; + #[cfg(ossl110)] + pub fn X509_get_extended_key_usage(x: *mut X509) -> u32; +} diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs new file mode 100644 index 000000000..b1d51a858 --- /dev/null +++ b/openssl-sys/src/lib.rs @@ -0,0 +1,198 @@ +#![allow( + clippy::missing_safety_doc, + clippy::unreadable_literal, + clippy::uninlined_format_args, + clippy::upper_case_acronyms, + dead_code, + non_camel_case_types, + non_snake_case, + non_upper_case_globals, + overflowing_literals, + unused_imports +)] +#![doc(html_root_url = "https://docs.rs/openssl-sys/0.9")] +#![recursion_limit = "128"] // configure fixed limit across all rust versions + +extern crate libc; +pub use libc::*; + +#[cfg(boringssl)] +extern crate bssl_sys; +#[cfg(boringssl)] +pub use bssl_sys::*; + +#[cfg(openssl)] +#[path = "."] +mod openssl { + use libc::*; + + #[cfg(feature = "bindgen")] + include!(concat!(env!("OUT_DIR"), "/bindgen.rs")); + + pub use self::aes::*; + pub use self::asn1::*; + pub use self::bio::*; + pub use self::bn::*; + pub use self::cms::*; + pub use self::crypto::*; + pub use self::dtls1::*; + pub use self::ec::*; + pub use self::err::*; + pub use self::evp::*; + #[cfg(not(feature = "bindgen"))] + pub use self::handwritten::*; + pub use self::obj_mac::*; + pub use self::ocsp::*; + pub use self::pem::*; + pub use self::pkcs7::*; + pub use self::rsa::*; + pub use self::sha::*; + pub use self::srtp::*; + pub use self::ssl::*; + pub use self::ssl3::*; + pub use self::tls1::*; + pub use self::types::*; + pub use self::x509::*; + pub use self::x509_vfy::*; + pub use self::x509v3::*; + + #[macro_use] + mod macros; + + mod aes; + mod asn1; + mod bio; + mod bn; + mod cms; + mod crypto; + mod dtls1; + mod ec; + mod err; + mod evp; + #[cfg(not(feature = "bindgen"))] + mod handwritten; + mod obj_mac; + mod ocsp; + mod pem; + mod pkcs7; + mod rsa; + mod sha; + mod srtp; + mod ssl; + mod ssl3; + mod tls1; + mod types; + mod x509; + mod x509_vfy; + mod x509v3; + + use std::sync::Once; + // explicitly initialize to work around https://github.com/openssl/openssl/issues/3505 + static INIT: Once = Once::new(); + + // FIXME remove + pub type PasswordCallback = unsafe extern "C" fn( + buf: *mut c_char, + size: c_int, + rwflag: c_int, + user_data: *mut c_void, + ) -> c_int; + + #[cfg(ossl110)] + pub fn init() { + use std::ptr; + + #[cfg(not(ossl111b))] + let init_options = OPENSSL_INIT_LOAD_SSL_STRINGS; + #[cfg(ossl111b)] + let init_options = OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_NO_ATEXIT; + + INIT.call_once(|| unsafe { + OPENSSL_init_ssl(init_options, ptr::null_mut()); + }) + } + + #[cfg(not(ossl110))] + pub fn init() { + use std::io::{self, Write}; + use std::mem; + use std::process; + use std::sync::{Mutex, MutexGuard}; + + static mut MUTEXES: *mut Vec> = 0 as *mut Vec>; + static mut GUARDS: *mut Vec>> = + 0 as *mut Vec>>; + + unsafe extern "C" fn locking_function( + mode: c_int, + n: c_int, + _file: *const c_char, + _line: c_int, + ) { + let mutex = &(*MUTEXES)[n as usize]; + + if mode & CRYPTO_LOCK != 0 { + (*GUARDS)[n as usize] = Some(mutex.lock().unwrap()); + } else { + if let None = (*GUARDS)[n as usize].take() { + let _ = writeln!( + io::stderr(), + "BUG: rust-openssl lock {} already unlocked, aborting", + n + ); + process::abort(); + } + } + } + + cfg_if! { + if #[cfg(unix)] { + fn set_id_callback() { + unsafe extern "C" fn thread_id() -> c_ulong { + ::libc::pthread_self() as c_ulong + } + + unsafe { + CRYPTO_set_id_callback__fixed_rust(Some(thread_id)); + } + } + } else { + fn set_id_callback() {} + } + } + + INIT.call_once(|| unsafe { + SSL_library_init(); + SSL_load_error_strings(); + OPENSSL_add_all_algorithms_noconf(); + + let num_locks = CRYPTO_num_locks(); + let mut mutexes = Box::new(Vec::new()); + for _ in 0..num_locks { + mutexes.push(Mutex::new(())); + } + MUTEXES = mem::transmute(mutexes); + let guards: Box>>> = + Box::new((0..num_locks).map(|_| None).collect()); + GUARDS = mem::transmute(guards); + + CRYPTO_set_locking_callback__fixed_rust(Some(locking_function)); + set_id_callback(); + }) + } + + /// Disable explicit initialization of the openssl libs. + /// + /// This is only appropriate to use if the openssl crate is being consumed by an application + /// that will be performing the initialization explicitly. + /// + /// # Safety + /// + /// In some versions of openssl, skipping initialization will fall back to the default procedure + /// while other will cause difficult to debug errors so care must be taken when calling this. + pub unsafe fn assume_init() { + INIT.call_once(|| {}); + } +} +#[cfg(openssl)] +pub use openssl::*; diff --git a/openssl-sys/src/macros.rs b/openssl-sys/src/macros.rs new file mode 100644 index 000000000..e1b08c467 --- /dev/null +++ b/openssl-sys/src/macros.rs @@ -0,0 +1,298 @@ +#![allow(unused_macros)] + +// vendored from the cfg-if crate to avoid breaking ctest +macro_rules! cfg_if { + // match if/else chains with a final `else` + ($( + if #[cfg($($meta:meta),*)] { $($it:item)* } + ) else * else { + $($it2:item)* + }) => { + cfg_if! { + @__items + () ; + $( ( ($($meta),*) ($($it)*) ), )* + ( () ($($it2)*) ), + } + }; + + // match if/else chains lacking a final `else` + ( + if #[cfg($($i_met:meta),*)] { $($i_it:item)* } + $( + else if #[cfg($($e_met:meta),*)] { $($e_it:item)* } + )* + ) => { + cfg_if! { + @__items + () ; + ( ($($i_met),*) ($($i_it)*) ), + $( ( ($($e_met),*) ($($e_it)*) ), )* + ( () () ), + } + }; + + // Internal and recursive macro to emit all the items + // + // Collects all the negated cfgs in a list at the beginning and after the + // semicolon is all the remaining items + (@__items ($($not:meta,)*) ; ) => {}; + (@__items ($($not:meta,)*) ; ( ($($m:meta),*) ($($it:item)*) ), $($rest:tt)*) => { + // Emit all items within one block, applying an appropriate #[cfg]. The + // #[cfg] will require all `$m` matchers specified and must also negate + // all previous matchers. + cfg_if! { @__apply cfg(all($($m,)* not(any($($not),*)))), $($it)* } + + // Recurse to emit all other items in `$rest`, and when we do so add all + // our `$m` matchers to the list of `$not` matchers as future emissions + // will have to negate everything we just matched as well. + cfg_if! { @__items ($($not,)* $($m,)*) ; $($rest)* } + }; + + // Internal macro to Apply a cfg attribute to a list of items + (@__apply $m:meta, $($it:item)*) => { + $(#[$m] $it)* + }; +} + +macro_rules! stack { + ($t:ident) => { + cfg_if! { + if #[cfg(ossl110)] { + pub enum $t {} + } else { + #[repr(C)] + pub struct $t { + pub stack: $crate::_STACK, + } + } + } + }; +} + +#[cfg(const_fn)] +macro_rules! const_fn { + ($(pub const fn $name:ident($($arg:ident: $t:ty),*) -> $ret:ty $b:block)*) => { + $( + pub const fn $name($($arg: $t),*) -> $ret $b + )* + } +} + +#[cfg(not(const_fn))] +macro_rules! const_fn { + ($(pub const fn $name:ident($($arg:ident: $t:ty),*) -> $ret:ty $b:block)*) => { + $( + pub fn $name($($arg: $t),*) -> $ret $b + )* + } +} + +// openssl changes `*mut` to `*const` in certain parameters in certain versions; +// in C this is ABI and (mostly) API compatible. +// +// We need to handle this explicitly, and this macro helps annotate which +// parameter got converted in which version. +// +// Input is: +// extern "C" { +// #[attributes...] +// pub fn name(args) -> rettype; // `-> rettype` optional +// // more functions... +// } +// +// This macro replaces `#[const_ptr_if(...)]` in types with `*const` or `*mut` +// (depending on the inner cfg flags) +// +// Walks through all argument and return types, but only finds inner types of +// `*const` and `*mut`; doesn't walk arrays or generics. +// +// NOTE: can't abstract `pub` as `$fn_vis:vis`, as ctest macro handling doesn't +// support it (old syntax crate). But we really only need `pub` anyway. +// +// NOTE: ctest seams to simply ignore macros it can't expand (whatever the +// reason) +macro_rules! const_ptr_api { + // ---------------------------------------------------------------- + // (partialarg): partial argument, waiting for "final" argument type + // MAGIC PART 1: hande conditional const ptr in argument type + ( (partialarg) + { $(#[$fn_attr:meta])* pub fn $fn_name:ident } + $args_packed:tt + [ $($part_arg:tt)* ] + [ #[const_ptr_if( $($cfg:tt)* )] $($arg_rem:tt)* ] + $ret_packed:tt + ) => { + const_ptr_api!( (partialarg) { #[cfg($($cfg)*)] $(#[$fn_attr])* pub fn $fn_name } $args_packed [ $($part_arg)* *const ] [ $($arg_rem)* ] $ret_packed ); + const_ptr_api!( (partialarg) { #[cfg(not($($cfg)*))] $(#[$fn_attr])* pub fn $fn_name } $args_packed [ $($part_arg)* *mut ] [ $($arg_rem)* ] $ret_packed ); + }; + // continue partial argument with `*mut` pointer (might need special const handling in inner type) + ( (partialarg) + $def_packed:tt + $args_packed:tt + [ $($part_arg:tt)* ] + [ *mut $($arg_rem:tt)* ] + $ret_packed:tt + ) => { + const_ptr_api!( (partialarg) $def_packed $args_packed [ $($part_arg)* *mut ] [ $($arg_rem)* ] $ret_packed ); + }; + // continue partial argument with `*const` pointer (might need special const handling in inner type) + ( (partialarg) + $def_packed:tt + $args_packed:tt + [ $($part_arg:tt)* ] + [ *const $($arg_rem:tt)* ] + $ret_packed:tt + ) => { + const_ptr_api!( (partialarg) $def_packed $args_packed [ $($part_arg)* *const ] [ $($arg_rem)* ] $ret_packed ); + }; + // finish partial argument with trailing comma + ( (partialarg) + $def_packed:tt + { $($args_tt:tt)* } + [ $($part_arg:tt)* ] + [ $arg_ty:ty, $($arg_rem:tt)* ] + $ret_packed:tt + ) => { + const_ptr_api!( (parseargs) $def_packed { $($args_tt)* { $($part_arg)* $arg_ty } } [ $($arg_rem)* ] $ret_packed ); + }; + // finish final partial argument (no trailing comma) + ( (partialarg) + $def_packed:tt + { $($args_tt:tt)* } + [ $($part_arg:tt)* ] + [ $arg_ty:ty ] + $ret_packed:tt + ) => { + const_ptr_api!( (parseargs) $def_packed { $($args_tt)* { $($part_arg)* $arg_ty } } [ ] $ret_packed ); + }; + + // ---------------------------------------------------------------- + // (parseargs): parsing arguments + // start next argument + ( (parseargs) + $def_packed:tt + $args_packed:tt + [ $arg_name:ident : $($arg_rem:tt)* ] + $ret_packed:tt + ) => { + const_ptr_api!( (partialarg) $def_packed $args_packed [ $arg_name: ] [ $($arg_rem)* ] $ret_packed ); + }; + // end of arguments, there is a return type; start parsing it + ( (parseargs) + $def_packed:tt + $args_packed:tt + [ ] + [ -> $($rem:tt)* ] + ) => { + const_ptr_api!( (partialret) $def_packed $args_packed [] [ $($rem)* ] ); + }; + // end of arguments, no return type + ( (parseargs) + $def_packed:tt + $args_packed:tt + [ ] + [ ] + ) => { + const_ptr_api!( (generate) $def_packed $args_packed { () } ); + }; + + // ---------------------------------------------------------------- + // (partialret): have partial return type, waiting for final return type + // MAGIC PART 2: hande conditional const ptr in return type + ( (partialret) + { $(#[$fn_attr:meta])* pub fn $fn_name:ident } + $args_packed:tt + [ $($part_ret:tt)* ] + [ #[const_ptr_if( $($cfg:tt)* )] $($rem:tt)* ] + ) => { + const_ptr_api!( (partialret) { #[cfg($($cfg)*)] $(#[$fn_attr])* pub fn $fn_name } $args_packed [ $($part_ret)* *const ] [ $($rem)* ] ); + const_ptr_api!( (partialret) { #[cfg(not($($cfg)*))] $(#[$fn_attr])* pub fn $fn_name } $args_packed [ $($part_ret)* *mut ] [ $($rem)* ] ); + }; + // `* mut` part in return type; continue parsing to find inner conditional const ptr + ( (partialret) + $def_packed:tt + $args_packed:tt + [ $($part_ret:tt)* ] + [ *mut $($rem:tt)* ] + ) => { + const_ptr_api!( (partialret) $def_packed $args_packed [ $($part_ret)* *mut ] [ $($rem)* ] ); + }; + // `* const` part in return type; continue parsing to find inner conditional const ptr + ( (partialret) + $def_packed:tt + $args_packed:tt + [ $($part_ret:tt)* ] + [ *const $($rem:tt)* ] + ) => { + const_ptr_api!( (partialret) $def_packed $args_packed [ $($part_ret)* *const ] [ $($rem)* ] ); + }; + // final part of return type + ( (partialret) + $def_packed:tt + $args_packed:tt + [ $($part_ret:tt)* ] + [ $ret_ty:ty ] + ) => { + const_ptr_api!( (generate) $def_packed $args_packed { $($part_ret)* $ret_ty } ); + }; + + // ---------------------------------------------------------------- + // generate + ( (generate) + { $(#[$fn_attr:meta])* pub fn $fn_name:ident } + { $({ $arg_name:ident: $($arg_ty:tt)* })* } + { $ret_ty:ty } + ) => { + extern "C" { + $(#[$fn_attr])* + pub fn $fn_name( $( + $arg_name: $($arg_ty)* + ),* ) -> $ret_ty; + } + }; + + // ---------------------------------------------------------------- + // (fn): gather tokens for return type until ";" + // found end; start parsing current function, and parse remaining functions + ( (fn) + $def_packed:tt + $arg_tts_packed:tt + $ret_packed:tt + [ ; $($rem:tt)* ] + ) => { + const_ptr_api!( (parseargs) $def_packed {} $arg_tts_packed $ret_packed ); + const_ptr_api!( (extern) [ $($rem)* ] ); + }; + // not ";" - all other tokens are part of the return type. + // don't expand return type yet; otherwise we'd have to remember in which branch `rem` needs + // to be used to parse further functions. + ( (fn) + $def_packed:tt + $arg_tts_packed:tt + [ $($ret_tt:tt)* ] + [ $tt:tt $($rem:tt)* ] + ) => { + const_ptr_api!( (fn) $def_packed $arg_tts_packed [ $($ret_tt)* $tt ] [ $($rem)* ] ); + }; + + // ---------------------------------------------------------------- + // (extern): in extern block, find next function + // try to split into functions as fast as possible to reduce recursion depth + ( (extern) [ + $(#[$fn_attr:meta])* + pub fn $fn_name:ident( $($arg_rem:tt)* ) $($rem:tt)* + ] ) => { + const_ptr_api!( (fn) + { $(#[$fn_attr])* pub fn $fn_name } [ $($arg_rem)* ] [] [ $($rem)* ] + ); + }; + // end of extern block + ( (extern) [] ) => {}; + + // ---------------------------------------------------------------- + // macro start; find extern block + ( extern "C" { $($rem:tt)* } ) => { + const_ptr_api!( (extern) [ $($rem)* ] ); + }; +} diff --git a/openssl-sys/src/obj_mac.rs b/openssl-sys/src/obj_mac.rs new file mode 100644 index 000000000..ed50ebcc5 --- /dev/null +++ b/openssl-sys/src/obj_mac.rs @@ -0,0 +1,978 @@ +use libc::*; + +pub const NID_undef: c_int = 0; +pub const NID_itu_t: c_int = 645; +pub const NID_ccitt: c_int = 404; +pub const NID_iso: c_int = 181; +pub const NID_joint_iso_itu_t: c_int = 646; +pub const NID_joint_iso_ccitt: c_int = 393; +pub const NID_member_body: c_int = 182; +pub const NID_identified_organization: c_int = 676; +pub const NID_hmac_md5: c_int = 780; +pub const NID_hmac_sha1: c_int = 781; +pub const NID_certicom_arc: c_int = 677; +pub const NID_international_organizations: c_int = 647; +pub const NID_wap: c_int = 678; +pub const NID_wap_wsg: c_int = 679; +pub const NID_selected_attribute_types: c_int = 394; +pub const NID_clearance: c_int = 395; +pub const NID_ISO_US: c_int = 183; +pub const NID_X9_57: c_int = 184; +pub const NID_X9cm: c_int = 185; +pub const NID_dsa: c_int = 116; +pub const NID_dsaWithSHA1: c_int = 113; +pub const NID_ansi_X9_62: c_int = 405; +pub const NID_X9_62_prime_field: c_int = 406; +pub const NID_X9_62_characteristic_two_field: c_int = 407; +pub const NID_X9_62_id_characteristic_two_basis: c_int = 680; +pub const NID_X9_62_onBasis: c_int = 681; +pub const NID_X9_62_tpBasis: c_int = 682; +pub const NID_X9_62_ppBasis: c_int = 683; +pub const NID_X9_62_id_ecPublicKey: c_int = 408; +pub const NID_X9_62_c2pnb163v1: c_int = 684; +pub const NID_X9_62_c2pnb163v2: c_int = 685; +pub const NID_X9_62_c2pnb163v3: c_int = 686; +pub const NID_X9_62_c2pnb176v1: c_int = 687; +pub const NID_X9_62_c2tnb191v1: c_int = 688; +pub const NID_X9_62_c2tnb191v2: c_int = 689; +pub const NID_X9_62_c2tnb191v3: c_int = 690; +pub const NID_X9_62_c2onb191v4: c_int = 691; +pub const NID_X9_62_c2onb191v5: c_int = 692; +pub const NID_X9_62_c2pnb208w1: c_int = 693; +pub const NID_X9_62_c2tnb239v1: c_int = 694; +pub const NID_X9_62_c2tnb239v2: c_int = 695; +pub const NID_X9_62_c2tnb239v3: c_int = 696; +pub const NID_X9_62_c2onb239v4: c_int = 697; +pub const NID_X9_62_c2onb239v5: c_int = 698; +pub const NID_X9_62_c2pnb272w1: c_int = 699; +pub const NID_X9_62_c2pnb304w1: c_int = 700; +pub const NID_X9_62_c2tnb359v1: c_int = 701; +pub const NID_X9_62_c2pnb368w1: c_int = 702; +pub const NID_X9_62_c2tnb431r1: c_int = 703; +pub const NID_X9_62_prime192v1: c_int = 409; +pub const NID_X9_62_prime192v2: c_int = 410; +pub const NID_X9_62_prime192v3: c_int = 411; +pub const NID_X9_62_prime239v1: c_int = 412; +pub const NID_X9_62_prime239v2: c_int = 413; +pub const NID_X9_62_prime239v3: c_int = 414; +pub const NID_X9_62_prime256v1: c_int = 415; +pub const NID_ecdsa_with_SHA1: c_int = 416; +pub const NID_ecdsa_with_Recommended: c_int = 791; +pub const NID_ecdsa_with_Specified: c_int = 792; +pub const NID_ecdsa_with_SHA224: c_int = 793; +pub const NID_ecdsa_with_SHA256: c_int = 794; +pub const NID_ecdsa_with_SHA384: c_int = 795; +pub const NID_ecdsa_with_SHA512: c_int = 796; +pub const NID_secp112r1: c_int = 704; +pub const NID_secp112r2: c_int = 705; +pub const NID_secp128r1: c_int = 706; +pub const NID_secp128r2: c_int = 707; +pub const NID_secp160k1: c_int = 708; +pub const NID_secp160r1: c_int = 709; +pub const NID_secp160r2: c_int = 710; +pub const NID_secp192k1: c_int = 711; +pub const NID_secp224k1: c_int = 712; +pub const NID_secp224r1: c_int = 713; +pub const NID_secp256k1: c_int = 714; +pub const NID_secp384r1: c_int = 715; +pub const NID_secp521r1: c_int = 716; +pub const NID_sect113r1: c_int = 717; +pub const NID_sect113r2: c_int = 718; +pub const NID_sect131r1: c_int = 719; +pub const NID_sect131r2: c_int = 720; +pub const NID_sect163k1: c_int = 721; +pub const NID_sect163r1: c_int = 722; +pub const NID_sect163r2: c_int = 723; +pub const NID_sect193r1: c_int = 724; +pub const NID_sect193r2: c_int = 725; +pub const NID_sect233k1: c_int = 726; +pub const NID_sect233r1: c_int = 727; +pub const NID_sect239k1: c_int = 728; +pub const NID_sect283k1: c_int = 729; +pub const NID_sect283r1: c_int = 730; +pub const NID_sect409k1: c_int = 731; +pub const NID_sect409r1: c_int = 732; +pub const NID_sect571k1: c_int = 733; +pub const NID_sect571r1: c_int = 734; +#[cfg(ossl110)] +pub const NID_brainpoolP256r1: c_int = 927; +#[cfg(ossl110)] +pub const NID_brainpoolP384r1: c_int = 931; +#[cfg(ossl110)] +pub const NID_brainpoolP512r1: c_int = 933; +pub const NID_wap_wsg_idm_ecid_wtls1: c_int = 735; +pub const NID_wap_wsg_idm_ecid_wtls3: c_int = 736; +pub const NID_wap_wsg_idm_ecid_wtls4: c_int = 737; +pub const NID_wap_wsg_idm_ecid_wtls5: c_int = 738; +pub const NID_wap_wsg_idm_ecid_wtls6: c_int = 739; +pub const NID_wap_wsg_idm_ecid_wtls7: c_int = 740; +pub const NID_wap_wsg_idm_ecid_wtls8: c_int = 741; +pub const NID_wap_wsg_idm_ecid_wtls9: c_int = 742; +pub const NID_wap_wsg_idm_ecid_wtls10: c_int = 743; +pub const NID_wap_wsg_idm_ecid_wtls11: c_int = 744; +pub const NID_wap_wsg_idm_ecid_wtls12: c_int = 745; +pub const NID_cast5_cbc: c_int = 108; +pub const NID_cast5_ecb: c_int = 109; +pub const NID_cast5_cfb64: c_int = 110; +pub const NID_cast5_ofb64: c_int = 111; +pub const NID_pbeWithMD5AndCast5_CBC: c_int = 112; +pub const NID_id_PasswordBasedMAC: c_int = 782; +pub const NID_id_DHBasedMac: c_int = 783; +pub const NID_rsadsi: c_int = 1; +pub const NID_pkcs: c_int = 2; +pub const NID_pkcs1: c_int = 186; +pub const NID_rsaEncryption: c_int = 6; +pub const NID_md2WithRSAEncryption: c_int = 7; +pub const NID_md4WithRSAEncryption: c_int = 396; +pub const NID_md5WithRSAEncryption: c_int = 8; +pub const NID_sha1WithRSAEncryption: c_int = 65; +pub const NID_rsaesOaep: c_int = 919; +pub const NID_mgf1: c_int = 911; +pub const NID_rsassaPss: c_int = 912; +pub const NID_sha256WithRSAEncryption: c_int = 668; +pub const NID_sha384WithRSAEncryption: c_int = 669; +pub const NID_sha512WithRSAEncryption: c_int = 670; +pub const NID_sha224WithRSAEncryption: c_int = 671; +pub const NID_pkcs3: c_int = 27; +pub const NID_dhKeyAgreement: c_int = 28; +pub const NID_pkcs5: c_int = 187; +pub const NID_pbeWithMD2AndDES_CBC: c_int = 9; +pub const NID_pbeWithMD5AndDES_CBC: c_int = 10; +pub const NID_pbeWithMD2AndRC2_CBC: c_int = 168; +pub const NID_pbeWithMD5AndRC2_CBC: c_int = 169; +pub const NID_pbeWithSHA1AndDES_CBC: c_int = 170; +pub const NID_pbeWithSHA1AndRC2_CBC: c_int = 68; +pub const NID_id_pbkdf2: c_int = 69; +pub const NID_pbes2: c_int = 161; +pub const NID_pbmac1: c_int = 162; +pub const NID_pkcs7: c_int = 20; +pub const NID_pkcs7_data: c_int = 21; +pub const NID_pkcs7_signed: c_int = 22; +pub const NID_pkcs7_enveloped: c_int = 23; +pub const NID_pkcs7_signedAndEnveloped: c_int = 24; +pub const NID_pkcs7_digest: c_int = 25; +pub const NID_pkcs7_encrypted: c_int = 26; +pub const NID_pkcs9: c_int = 47; +pub const NID_pkcs9_emailAddress: c_int = 48; +pub const NID_pkcs9_unstructuredName: c_int = 49; +pub const NID_pkcs9_contentType: c_int = 50; +pub const NID_pkcs9_messageDigest: c_int = 51; +pub const NID_pkcs9_signingTime: c_int = 52; +pub const NID_pkcs9_countersignature: c_int = 53; +pub const NID_pkcs9_challengePassword: c_int = 54; +pub const NID_pkcs9_unstructuredAddress: c_int = 55; +pub const NID_pkcs9_extCertAttributes: c_int = 56; +pub const NID_ext_req: c_int = 172; +pub const NID_SMIMECapabilities: c_int = 167; +pub const NID_SMIME: c_int = 188; +pub const NID_id_smime_mod: c_int = 189; +pub const NID_id_smime_ct: c_int = 190; +pub const NID_id_smime_aa: c_int = 191; +pub const NID_id_smime_alg: c_int = 192; +pub const NID_id_smime_cd: c_int = 193; +pub const NID_id_smime_spq: c_int = 194; +pub const NID_id_smime_cti: c_int = 195; +pub const NID_id_smime_mod_cms: c_int = 196; +pub const NID_id_smime_mod_ess: c_int = 197; +pub const NID_id_smime_mod_oid: c_int = 198; +pub const NID_id_smime_mod_msg_v3: c_int = 199; +pub const NID_id_smime_mod_ets_eSignature_88: c_int = 200; +pub const NID_id_smime_mod_ets_eSignature_97: c_int = 201; +pub const NID_id_smime_mod_ets_eSigPolicy_88: c_int = 202; +pub const NID_id_smime_mod_ets_eSigPolicy_97: c_int = 203; +pub const NID_id_smime_ct_receipt: c_int = 204; +pub const NID_id_smime_ct_authData: c_int = 205; +pub const NID_id_smime_ct_publishCert: c_int = 206; +pub const NID_id_smime_ct_TSTInfo: c_int = 207; +pub const NID_id_smime_ct_TDTInfo: c_int = 208; +pub const NID_id_smime_ct_contentInfo: c_int = 209; +pub const NID_id_smime_ct_DVCSRequestData: c_int = 210; +pub const NID_id_smime_ct_DVCSResponseData: c_int = 211; +pub const NID_id_smime_ct_compressedData: c_int = 786; +pub const NID_id_ct_asciiTextWithCRLF: c_int = 787; +pub const NID_id_smime_aa_receiptRequest: c_int = 212; +pub const NID_id_smime_aa_securityLabel: c_int = 213; +pub const NID_id_smime_aa_mlExpandHistory: c_int = 214; +pub const NID_id_smime_aa_contentHint: c_int = 215; +pub const NID_id_smime_aa_msgSigDigest: c_int = 216; +pub const NID_id_smime_aa_encapContentType: c_int = 217; +pub const NID_id_smime_aa_contentIdentifier: c_int = 218; +pub const NID_id_smime_aa_macValue: c_int = 219; +pub const NID_id_smime_aa_equivalentLabels: c_int = 220; +pub const NID_id_smime_aa_contentReference: c_int = 221; +pub const NID_id_smime_aa_encrypKeyPref: c_int = 222; +pub const NID_id_smime_aa_signingCertificate: c_int = 223; +pub const NID_id_smime_aa_smimeEncryptCerts: c_int = 224; +pub const NID_id_smime_aa_timeStampToken: c_int = 225; +pub const NID_id_smime_aa_ets_sigPolicyId: c_int = 226; +pub const NID_id_smime_aa_ets_commitmentType: c_int = 227; +pub const NID_id_smime_aa_ets_signerLocation: c_int = 228; +pub const NID_id_smime_aa_ets_signerAttr: c_int = 229; +pub const NID_id_smime_aa_ets_otherSigCert: c_int = 230; +pub const NID_id_smime_aa_ets_contentTimestamp: c_int = 231; +pub const NID_id_smime_aa_ets_CertificateRefs: c_int = 232; +pub const NID_id_smime_aa_ets_RevocationRefs: c_int = 233; +pub const NID_id_smime_aa_ets_certValues: c_int = 234; +pub const NID_id_smime_aa_ets_revocationValues: c_int = 235; +pub const NID_id_smime_aa_ets_escTimeStamp: c_int = 236; +pub const NID_id_smime_aa_ets_certCRLTimestamp: c_int = 237; +pub const NID_id_smime_aa_ets_archiveTimeStamp: c_int = 238; +pub const NID_id_smime_aa_signatureType: c_int = 239; +pub const NID_id_smime_aa_dvcs_dvc: c_int = 240; +pub const NID_id_smime_alg_ESDHwith3DES: c_int = 241; +pub const NID_id_smime_alg_ESDHwithRC2: c_int = 242; +pub const NID_id_smime_alg_3DESwrap: c_int = 243; +pub const NID_id_smime_alg_RC2wrap: c_int = 244; +pub const NID_id_smime_alg_ESDH: c_int = 245; +pub const NID_id_smime_alg_CMS3DESwrap: c_int = 246; +pub const NID_id_smime_alg_CMSRC2wrap: c_int = 247; +pub const NID_id_alg_PWRI_KEK: c_int = 893; +pub const NID_id_smime_cd_ldap: c_int = 248; +pub const NID_id_smime_spq_ets_sqt_uri: c_int = 249; +pub const NID_id_smime_spq_ets_sqt_unotice: c_int = 250; +pub const NID_id_smime_cti_ets_proofOfOrigin: c_int = 251; +pub const NID_id_smime_cti_ets_proofOfReceipt: c_int = 252; +pub const NID_id_smime_cti_ets_proofOfDelivery: c_int = 253; +pub const NID_id_smime_cti_ets_proofOfSender: c_int = 254; +pub const NID_id_smime_cti_ets_proofOfApproval: c_int = 255; +pub const NID_id_smime_cti_ets_proofOfCreation: c_int = 256; +pub const NID_friendlyName: c_int = 156; +pub const NID_localKeyID: c_int = 157; +pub const NID_ms_csp_name: c_int = 417; +pub const NID_LocalKeySet: c_int = 856; +pub const NID_x509Certificate: c_int = 158; +pub const NID_sdsiCertificate: c_int = 159; +pub const NID_x509Crl: c_int = 160; +pub const NID_pbe_WithSHA1And128BitRC4: c_int = 144; +pub const NID_pbe_WithSHA1And40BitRC4: c_int = 145; +pub const NID_pbe_WithSHA1And3_Key_TripleDES_CBC: c_int = 146; +pub const NID_pbe_WithSHA1And2_Key_TripleDES_CBC: c_int = 147; +pub const NID_pbe_WithSHA1And128BitRC2_CBC: c_int = 148; +pub const NID_pbe_WithSHA1And40BitRC2_CBC: c_int = 149; +pub const NID_keyBag: c_int = 150; +pub const NID_pkcs8ShroudedKeyBag: c_int = 151; +pub const NID_certBag: c_int = 152; +pub const NID_crlBag: c_int = 153; +pub const NID_secretBag: c_int = 154; +pub const NID_safeContentsBag: c_int = 155; +pub const NID_md2: c_int = 3; +pub const NID_md4: c_int = 257; +pub const NID_md5: c_int = 4; +pub const NID_md5_sha1: c_int = 114; +pub const NID_hmacWithMD5: c_int = 797; +pub const NID_hmacWithSHA1: c_int = 163; +pub const NID_hmacWithSHA224: c_int = 798; +pub const NID_hmacWithSHA256: c_int = 799; +pub const NID_hmacWithSHA384: c_int = 800; +pub const NID_hmacWithSHA512: c_int = 801; +pub const NID_rc2_cbc: c_int = 37; +pub const NID_rc2_ecb: c_int = 38; +pub const NID_rc2_cfb64: c_int = 39; +pub const NID_rc2_ofb64: c_int = 40; +pub const NID_rc2_40_cbc: c_int = 98; +pub const NID_rc2_64_cbc: c_int = 166; +pub const NID_rc4: c_int = 5; +pub const NID_rc4_40: c_int = 97; +pub const NID_des_ede3_cbc: c_int = 44; +pub const NID_rc5_cbc: c_int = 120; +pub const NID_rc5_ecb: c_int = 121; +pub const NID_rc5_cfb64: c_int = 122; +pub const NID_rc5_ofb64: c_int = 123; +pub const NID_ms_ext_req: c_int = 171; +pub const NID_ms_code_ind: c_int = 134; +pub const NID_ms_code_com: c_int = 135; +pub const NID_ms_ctl_sign: c_int = 136; +pub const NID_ms_sgc: c_int = 137; +pub const NID_ms_efs: c_int = 138; +pub const NID_ms_smartcard_login: c_int = 648; +pub const NID_ms_upn: c_int = 649; +pub const NID_idea_cbc: c_int = 34; +pub const NID_idea_ecb: c_int = 36; +pub const NID_idea_cfb64: c_int = 35; +pub const NID_idea_ofb64: c_int = 46; +pub const NID_bf_cbc: c_int = 91; +pub const NID_bf_ecb: c_int = 92; +pub const NID_bf_cfb64: c_int = 93; +pub const NID_bf_ofb64: c_int = 94; +pub const NID_id_pkix: c_int = 127; +pub const NID_id_pkix_mod: c_int = 258; +pub const NID_id_pe: c_int = 175; +pub const NID_id_qt: c_int = 259; +pub const NID_id_kp: c_int = 128; +pub const NID_id_it: c_int = 260; +pub const NID_id_pkip: c_int = 261; +pub const NID_id_alg: c_int = 262; +pub const NID_id_cmc: c_int = 263; +pub const NID_id_on: c_int = 264; +pub const NID_id_pda: c_int = 265; +pub const NID_id_aca: c_int = 266; +pub const NID_id_qcs: c_int = 267; +pub const NID_id_cct: c_int = 268; +pub const NID_id_ppl: c_int = 662; +pub const NID_id_ad: c_int = 176; +pub const NID_id_pkix1_explicit_88: c_int = 269; +pub const NID_id_pkix1_implicit_88: c_int = 270; +pub const NID_id_pkix1_explicit_93: c_int = 271; +pub const NID_id_pkix1_implicit_93: c_int = 272; +pub const NID_id_mod_crmf: c_int = 273; +pub const NID_id_mod_cmc: c_int = 274; +pub const NID_id_mod_kea_profile_88: c_int = 275; +pub const NID_id_mod_kea_profile_93: c_int = 276; +pub const NID_id_mod_cmp: c_int = 277; +pub const NID_id_mod_qualified_cert_88: c_int = 278; +pub const NID_id_mod_qualified_cert_93: c_int = 279; +pub const NID_id_mod_attribute_cert: c_int = 280; +pub const NID_id_mod_timestamp_protocol: c_int = 281; +pub const NID_id_mod_ocsp: c_int = 282; +pub const NID_id_mod_dvcs: c_int = 283; +pub const NID_id_mod_cmp2000: c_int = 284; +pub const NID_info_access: c_int = 177; +pub const NID_biometricInfo: c_int = 285; +pub const NID_qcStatements: c_int = 286; +pub const NID_ac_auditEntity: c_int = 287; +pub const NID_ac_targeting: c_int = 288; +pub const NID_aaControls: c_int = 289; +pub const NID_sbgp_ipAddrBlock: c_int = 290; +pub const NID_sbgp_autonomousSysNum: c_int = 291; +pub const NID_sbgp_routerIdentifier: c_int = 292; +pub const NID_ac_proxying: c_int = 397; +pub const NID_sinfo_access: c_int = 398; +pub const NID_proxyCertInfo: c_int = 663; +pub const NID_id_qt_cps: c_int = 164; +pub const NID_id_qt_unotice: c_int = 165; +pub const NID_textNotice: c_int = 293; +pub const NID_server_auth: c_int = 129; +pub const NID_client_auth: c_int = 130; +pub const NID_code_sign: c_int = 131; +pub const NID_email_protect: c_int = 132; +pub const NID_ipsecEndSystem: c_int = 294; +pub const NID_ipsecTunnel: c_int = 295; +pub const NID_ipsecUser: c_int = 296; +pub const NID_time_stamp: c_int = 133; +pub const NID_OCSP_sign: c_int = 180; +pub const NID_dvcs: c_int = 297; +pub const NID_id_it_caProtEncCert: c_int = 298; +pub const NID_id_it_signKeyPairTypes: c_int = 299; +pub const NID_id_it_encKeyPairTypes: c_int = 300; +pub const NID_id_it_preferredSymmAlg: c_int = 301; +pub const NID_id_it_caKeyUpdateInfo: c_int = 302; +pub const NID_id_it_currentCRL: c_int = 303; +pub const NID_id_it_unsupportedOIDs: c_int = 304; +pub const NID_id_it_subscriptionRequest: c_int = 305; +pub const NID_id_it_subscriptionResponse: c_int = 306; +pub const NID_id_it_keyPairParamReq: c_int = 307; +pub const NID_id_it_keyPairParamRep: c_int = 308; +pub const NID_id_it_revPassphrase: c_int = 309; +pub const NID_id_it_implicitConfirm: c_int = 310; +pub const NID_id_it_confirmWaitTime: c_int = 311; +pub const NID_id_it_origPKIMessage: c_int = 312; +pub const NID_id_it_suppLangTags: c_int = 784; +pub const NID_id_regCtrl: c_int = 313; +pub const NID_id_regInfo: c_int = 314; +pub const NID_id_regCtrl_regToken: c_int = 315; +pub const NID_id_regCtrl_authenticator: c_int = 316; +pub const NID_id_regCtrl_pkiPublicationInfo: c_int = 317; +pub const NID_id_regCtrl_pkiArchiveOptions: c_int = 318; +pub const NID_id_regCtrl_oldCertID: c_int = 319; +pub const NID_id_regCtrl_protocolEncrKey: c_int = 320; +pub const NID_id_regInfo_utf8Pairs: c_int = 321; +pub const NID_id_regInfo_certReq: c_int = 322; +pub const NID_id_alg_des40: c_int = 323; +pub const NID_id_alg_noSignature: c_int = 324; +pub const NID_id_alg_dh_sig_hmac_sha1: c_int = 325; +pub const NID_id_alg_dh_pop: c_int = 326; +pub const NID_id_cmc_statusInfo: c_int = 327; +pub const NID_id_cmc_identification: c_int = 328; +pub const NID_id_cmc_identityProof: c_int = 329; +pub const NID_id_cmc_dataReturn: c_int = 330; +pub const NID_id_cmc_transactionId: c_int = 331; +pub const NID_id_cmc_senderNonce: c_int = 332; +pub const NID_id_cmc_recipientNonce: c_int = 333; +pub const NID_id_cmc_addExtensions: c_int = 334; +pub const NID_id_cmc_encryptedPOP: c_int = 335; +pub const NID_id_cmc_decryptedPOP: c_int = 336; +pub const NID_id_cmc_lraPOPWitness: c_int = 337; +pub const NID_id_cmc_getCert: c_int = 338; +pub const NID_id_cmc_getCRL: c_int = 339; +pub const NID_id_cmc_revokeRequest: c_int = 340; +pub const NID_id_cmc_regInfo: c_int = 341; +pub const NID_id_cmc_responseInfo: c_int = 342; +pub const NID_id_cmc_queryPending: c_int = 343; +pub const NID_id_cmc_popLinkRandom: c_int = 344; +pub const NID_id_cmc_popLinkWitness: c_int = 345; +pub const NID_id_cmc_confirmCertAcceptance: c_int = 346; +pub const NID_id_on_personalData: c_int = 347; +pub const NID_id_on_permanentIdentifier: c_int = 858; +pub const NID_id_pda_dateOfBirth: c_int = 348; +pub const NID_id_pda_placeOfBirth: c_int = 349; +pub const NID_id_pda_gender: c_int = 351; +pub const NID_id_pda_countryOfCitizenship: c_int = 352; +pub const NID_id_pda_countryOfResidence: c_int = 353; +pub const NID_id_aca_authenticationInfo: c_int = 354; +pub const NID_id_aca_accessIdentity: c_int = 355; +pub const NID_id_aca_chargingIdentity: c_int = 356; +pub const NID_id_aca_group: c_int = 357; +pub const NID_id_aca_role: c_int = 358; +pub const NID_id_aca_encAttrs: c_int = 399; +pub const NID_id_qcs_pkixQCSyntax_v1: c_int = 359; +pub const NID_id_cct_crs: c_int = 360; +pub const NID_id_cct_PKIData: c_int = 361; +pub const NID_id_cct_PKIResponse: c_int = 362; +pub const NID_id_ppl_anyLanguage: c_int = 664; +pub const NID_id_ppl_inheritAll: c_int = 665; +pub const NID_Independent: c_int = 667; +pub const NID_ad_OCSP: c_int = 178; +pub const NID_ad_ca_issuers: c_int = 179; +pub const NID_ad_timeStamping: c_int = 363; +pub const NID_ad_dvcs: c_int = 364; +pub const NID_caRepository: c_int = 785; +pub const NID_id_pkix_OCSP_basic: c_int = 365; +pub const NID_id_pkix_OCSP_Nonce: c_int = 366; +pub const NID_id_pkix_OCSP_CrlID: c_int = 367; +pub const NID_id_pkix_OCSP_acceptableResponses: c_int = 368; +pub const NID_id_pkix_OCSP_noCheck: c_int = 369; +pub const NID_id_pkix_OCSP_archiveCutoff: c_int = 370; +pub const NID_id_pkix_OCSP_serviceLocator: c_int = 371; +pub const NID_id_pkix_OCSP_extendedStatus: c_int = 372; +pub const NID_id_pkix_OCSP_valid: c_int = 373; +pub const NID_id_pkix_OCSP_path: c_int = 374; +pub const NID_id_pkix_OCSP_trustRoot: c_int = 375; +pub const NID_algorithm: c_int = 376; +pub const NID_md5WithRSA: c_int = 104; +pub const NID_des_ecb: c_int = 29; +pub const NID_des_cbc: c_int = 31; +pub const NID_des_ofb64: c_int = 45; +pub const NID_des_cfb64: c_int = 30; +pub const NID_rsaSignature: c_int = 377; +pub const NID_dsa_2: c_int = 67; +pub const NID_dsaWithSHA: c_int = 66; +pub const NID_shaWithRSAEncryption: c_int = 42; +pub const NID_des_ede_ecb: c_int = 32; +pub const NID_des_ede3_ecb: c_int = 33; +pub const NID_des_ede_cbc: c_int = 43; +pub const NID_des_ede_cfb64: c_int = 60; +pub const NID_des_ede3_cfb64: c_int = 61; +pub const NID_des_ede_ofb64: c_int = 62; +pub const NID_des_ede3_ofb64: c_int = 63; +pub const NID_desx_cbc: c_int = 80; +pub const NID_sha: c_int = 41; +pub const NID_sha1: c_int = 64; +pub const NID_dsaWithSHA1_2: c_int = 70; +pub const NID_sha1WithRSA: c_int = 115; +pub const NID_ripemd160: c_int = 117; +pub const NID_ripemd160WithRSA: c_int = 119; +pub const NID_sxnet: c_int = 143; +pub const NID_X500: c_int = 11; +pub const NID_X509: c_int = 12; +pub const NID_commonName: c_int = 13; +pub const NID_surname: c_int = 100; +pub const NID_serialNumber: c_int = 105; +pub const NID_countryName: c_int = 14; +pub const NID_localityName: c_int = 15; +pub const NID_stateOrProvinceName: c_int = 16; +pub const NID_streetAddress: c_int = 660; +pub const NID_organizationName: c_int = 17; +pub const NID_organizationalUnitName: c_int = 18; +pub const NID_title: c_int = 106; +pub const NID_description: c_int = 107; +pub const NID_searchGuide: c_int = 859; +pub const NID_businessCategory: c_int = 860; +pub const NID_postalAddress: c_int = 861; +pub const NID_postalCode: c_int = 661; +pub const NID_postOfficeBox: c_int = 862; +pub const NID_physicalDeliveryOfficeName: c_int = 863; +pub const NID_telephoneNumber: c_int = 864; +pub const NID_telexNumber: c_int = 865; +pub const NID_teletexTerminalIdentifier: c_int = 866; +pub const NID_facsimileTelephoneNumber: c_int = 867; +pub const NID_x121Address: c_int = 868; +pub const NID_internationaliSDNNumber: c_int = 869; +pub const NID_registeredAddress: c_int = 870; +pub const NID_destinationIndicator: c_int = 871; +pub const NID_preferredDeliveryMethod: c_int = 872; +pub const NID_presentationAddress: c_int = 873; +pub const NID_supportedApplicationContext: c_int = 874; +pub const NID_member: c_int = 875; +pub const NID_owner: c_int = 876; +pub const NID_roleOccupant: c_int = 877; +pub const NID_seeAlso: c_int = 878; +pub const NID_userPassword: c_int = 879; +pub const NID_userCertificate: c_int = 880; +pub const NID_cACertificate: c_int = 881; +pub const NID_authorityRevocationList: c_int = 882; +pub const NID_certificateRevocationList: c_int = 883; +pub const NID_crossCertificatePair: c_int = 884; +pub const NID_name: c_int = 173; +pub const NID_givenName: c_int = 99; +pub const NID_initials: c_int = 101; +pub const NID_generationQualifier: c_int = 509; +pub const NID_x500UniqueIdentifier: c_int = 503; +pub const NID_dnQualifier: c_int = 174; +pub const NID_enhancedSearchGuide: c_int = 885; +pub const NID_protocolInformation: c_int = 886; +pub const NID_distinguishedName: c_int = 887; +pub const NID_uniqueMember: c_int = 888; +pub const NID_houseIdentifier: c_int = 889; +pub const NID_supportedAlgorithms: c_int = 890; +pub const NID_deltaRevocationList: c_int = 891; +pub const NID_dmdName: c_int = 892; +pub const NID_pseudonym: c_int = 510; +pub const NID_role: c_int = 400; +pub const NID_X500algorithms: c_int = 378; +pub const NID_rsa: c_int = 19; +pub const NID_mdc2WithRSA: c_int = 96; +pub const NID_mdc2: c_int = 95; +pub const NID_id_ce: c_int = 81; +pub const NID_subject_directory_attributes: c_int = 769; +pub const NID_subject_key_identifier: c_int = 82; +pub const NID_key_usage: c_int = 83; +pub const NID_private_key_usage_period: c_int = 84; +pub const NID_subject_alt_name: c_int = 85; +pub const NID_issuer_alt_name: c_int = 86; +pub const NID_basic_constraints: c_int = 87; +pub const NID_crl_number: c_int = 88; +pub const NID_crl_reason: c_int = 141; +pub const NID_invalidity_date: c_int = 142; +pub const NID_delta_crl: c_int = 140; +pub const NID_issuing_distribution_point: c_int = 770; +pub const NID_certificate_issuer: c_int = 771; +pub const NID_name_constraints: c_int = 666; +pub const NID_crl_distribution_points: c_int = 103; +pub const NID_certificate_policies: c_int = 89; +pub const NID_any_policy: c_int = 746; +pub const NID_policy_mappings: c_int = 747; +pub const NID_authority_key_identifier: c_int = 90; +pub const NID_policy_constraints: c_int = 401; +pub const NID_ext_key_usage: c_int = 126; +pub const NID_freshest_crl: c_int = 857; +pub const NID_inhibit_any_policy: c_int = 748; +pub const NID_target_information: c_int = 402; +pub const NID_no_rev_avail: c_int = 403; +pub const NID_anyExtendedKeyUsage: c_int = 910; +pub const NID_netscape: c_int = 57; +pub const NID_netscape_cert_extension: c_int = 58; +pub const NID_netscape_data_type: c_int = 59; +pub const NID_netscape_cert_type: c_int = 71; +pub const NID_netscape_base_url: c_int = 72; +pub const NID_netscape_revocation_url: c_int = 73; +pub const NID_netscape_ca_revocation_url: c_int = 74; +pub const NID_netscape_renewal_url: c_int = 75; +pub const NID_netscape_ca_policy_url: c_int = 76; +pub const NID_netscape_ssl_server_name: c_int = 77; +pub const NID_netscape_comment: c_int = 78; +pub const NID_netscape_cert_sequence: c_int = 79; +pub const NID_ns_sgc: c_int = 139; +pub const NID_org: c_int = 379; +pub const NID_dod: c_int = 380; +pub const NID_iana: c_int = 381; +pub const NID_Directory: c_int = 382; +pub const NID_Management: c_int = 383; +pub const NID_Experimental: c_int = 384; +pub const NID_Private: c_int = 385; +pub const NID_Security: c_int = 386; +pub const NID_SNMPv2: c_int = 387; +pub const NID_Mail: c_int = 388; +pub const NID_Enterprises: c_int = 389; +pub const NID_dcObject: c_int = 390; +pub const NID_mime_mhs: c_int = 504; +pub const NID_mime_mhs_headings: c_int = 505; +pub const NID_mime_mhs_bodies: c_int = 506; +pub const NID_id_hex_partial_message: c_int = 507; +pub const NID_id_hex_multipart_message: c_int = 508; +pub const NID_zlib_compression: c_int = 125; +pub const NID_aes_128_ecb: c_int = 418; +pub const NID_aes_128_cbc: c_int = 419; +pub const NID_aes_128_ofb128: c_int = 420; +pub const NID_aes_128_cfb128: c_int = 421; +pub const NID_id_aes128_wrap: c_int = 788; +pub const NID_aes_128_gcm: c_int = 895; +pub const NID_aes_128_ccm: c_int = 896; +pub const NID_id_aes128_wrap_pad: c_int = 897; +pub const NID_aes_192_ecb: c_int = 422; +pub const NID_aes_192_cbc: c_int = 423; +pub const NID_aes_192_ofb128: c_int = 424; +pub const NID_aes_192_cfb128: c_int = 425; +pub const NID_id_aes192_wrap: c_int = 789; +pub const NID_aes_192_gcm: c_int = 898; +pub const NID_aes_192_ccm: c_int = 899; +pub const NID_id_aes192_wrap_pad: c_int = 900; +pub const NID_aes_256_ecb: c_int = 426; +pub const NID_aes_256_cbc: c_int = 427; +pub const NID_aes_256_ofb128: c_int = 428; +pub const NID_aes_256_cfb128: c_int = 429; +pub const NID_id_aes256_wrap: c_int = 790; +pub const NID_aes_256_gcm: c_int = 901; +pub const NID_aes_256_ccm: c_int = 902; +pub const NID_id_aes256_wrap_pad: c_int = 903; +pub const NID_aes_128_cfb1: c_int = 650; +pub const NID_aes_192_cfb1: c_int = 651; +pub const NID_aes_256_cfb1: c_int = 652; +pub const NID_aes_128_cfb8: c_int = 653; +pub const NID_aes_192_cfb8: c_int = 654; +pub const NID_aes_256_cfb8: c_int = 655; +pub const NID_aes_128_ctr: c_int = 904; +pub const NID_aes_192_ctr: c_int = 905; +pub const NID_aes_256_ctr: c_int = 906; +pub const NID_aes_128_xts: c_int = 913; +pub const NID_aes_256_xts: c_int = 914; +pub const NID_des_cfb1: c_int = 656; +pub const NID_des_cfb8: c_int = 657; +pub const NID_des_ede3_cfb1: c_int = 658; +pub const NID_des_ede3_cfb8: c_int = 659; +pub const NID_sha256: c_int = 672; +pub const NID_sha384: c_int = 673; +pub const NID_sha512: c_int = 674; +pub const NID_sha224: c_int = 675; +pub const NID_dsa_with_SHA224: c_int = 802; +pub const NID_dsa_with_SHA256: c_int = 803; +pub const NID_hold_instruction_code: c_int = 430; +pub const NID_hold_instruction_none: c_int = 431; +pub const NID_hold_instruction_call_issuer: c_int = 432; +pub const NID_hold_instruction_reject: c_int = 433; +pub const NID_data: c_int = 434; +pub const NID_pss: c_int = 435; +pub const NID_ucl: c_int = 436; +pub const NID_pilot: c_int = 437; +pub const NID_pilotAttributeType: c_int = 438; +pub const NID_pilotAttributeSyntax: c_int = 439; +pub const NID_pilotObjectClass: c_int = 440; +pub const NID_pilotGroups: c_int = 441; +pub const NID_iA5StringSyntax: c_int = 442; +pub const NID_caseIgnoreIA5StringSyntax: c_int = 443; +pub const NID_pilotObject: c_int = 444; +pub const NID_pilotPerson: c_int = 445; +pub const NID_account: c_int = 446; +pub const NID_document: c_int = 447; +pub const NID_room: c_int = 448; +pub const NID_documentSeries: c_int = 449; +pub const NID_Domain: c_int = 392; +pub const NID_rFC822localPart: c_int = 450; +pub const NID_dNSDomain: c_int = 451; +pub const NID_domainRelatedObject: c_int = 452; +pub const NID_friendlyCountry: c_int = 453; +pub const NID_simpleSecurityObject: c_int = 454; +pub const NID_pilotOrganization: c_int = 455; +pub const NID_pilotDSA: c_int = 456; +pub const NID_qualityLabelledData: c_int = 457; +pub const NID_userId: c_int = 458; +pub const NID_textEncodedORAddress: c_int = 459; +pub const NID_rfc822Mailbox: c_int = 460; +pub const NID_info: c_int = 461; +pub const NID_favouriteDrink: c_int = 462; +pub const NID_roomNumber: c_int = 463; +pub const NID_photo: c_int = 464; +pub const NID_userClass: c_int = 465; +pub const NID_host: c_int = 466; +pub const NID_manager: c_int = 467; +pub const NID_documentIdentifier: c_int = 468; +pub const NID_documentTitle: c_int = 469; +pub const NID_documentVersion: c_int = 470; +pub const NID_documentAuthor: c_int = 471; +pub const NID_documentLocation: c_int = 472; +pub const NID_homeTelephoneNumber: c_int = 473; +pub const NID_secretary: c_int = 474; +pub const NID_otherMailbox: c_int = 475; +pub const NID_lastModifiedTime: c_int = 476; +pub const NID_lastModifiedBy: c_int = 477; +pub const NID_domainComponent: c_int = 391; +pub const NID_aRecord: c_int = 478; +pub const NID_pilotAttributeType27: c_int = 479; +pub const NID_mXRecord: c_int = 480; +pub const NID_nSRecord: c_int = 481; +pub const NID_sOARecord: c_int = 482; +pub const NID_cNAMERecord: c_int = 483; +pub const NID_associatedDomain: c_int = 484; +pub const NID_associatedName: c_int = 485; +pub const NID_homePostalAddress: c_int = 486; +pub const NID_personalTitle: c_int = 487; +pub const NID_mobileTelephoneNumber: c_int = 488; +pub const NID_pagerTelephoneNumber: c_int = 489; +pub const NID_friendlyCountryName: c_int = 490; +pub const NID_organizationalStatus: c_int = 491; +pub const NID_janetMailbox: c_int = 492; +pub const NID_mailPreferenceOption: c_int = 493; +pub const NID_buildingName: c_int = 494; +pub const NID_dSAQuality: c_int = 495; +pub const NID_singleLevelQuality: c_int = 496; +pub const NID_subtreeMinimumQuality: c_int = 497; +pub const NID_subtreeMaximumQuality: c_int = 498; +pub const NID_personalSignature: c_int = 499; +pub const NID_dITRedirect: c_int = 500; +pub const NID_audio: c_int = 501; +pub const NID_documentPublisher: c_int = 502; +pub const NID_id_set: c_int = 512; +pub const NID_set_ctype: c_int = 513; +pub const NID_set_msgExt: c_int = 514; +pub const NID_set_attr: c_int = 515; +pub const NID_set_policy: c_int = 516; +pub const NID_set_certExt: c_int = 517; +pub const NID_set_brand: c_int = 518; +pub const NID_setct_PANData: c_int = 519; +pub const NID_setct_PANToken: c_int = 520; +pub const NID_setct_PANOnly: c_int = 521; +pub const NID_setct_OIData: c_int = 522; +pub const NID_setct_PI: c_int = 523; +pub const NID_setct_PIData: c_int = 524; +pub const NID_setct_PIDataUnsigned: c_int = 525; +pub const NID_setct_HODInput: c_int = 526; +pub const NID_setct_AuthResBaggage: c_int = 527; +pub const NID_setct_AuthRevReqBaggage: c_int = 528; +pub const NID_setct_AuthRevResBaggage: c_int = 529; +pub const NID_setct_CapTokenSeq: c_int = 530; +pub const NID_setct_PInitResData: c_int = 531; +pub const NID_setct_PI_TBS: c_int = 532; +pub const NID_setct_PResData: c_int = 533; +pub const NID_setct_AuthReqTBS: c_int = 534; +pub const NID_setct_AuthResTBS: c_int = 535; +pub const NID_setct_AuthResTBSX: c_int = 536; +pub const NID_setct_AuthTokenTBS: c_int = 537; +pub const NID_setct_CapTokenData: c_int = 538; +pub const NID_setct_CapTokenTBS: c_int = 539; +pub const NID_setct_AcqCardCodeMsg: c_int = 540; +pub const NID_setct_AuthRevReqTBS: c_int = 541; +pub const NID_setct_AuthRevResData: c_int = 542; +pub const NID_setct_AuthRevResTBS: c_int = 543; +pub const NID_setct_CapReqTBS: c_int = 544; +pub const NID_setct_CapReqTBSX: c_int = 545; +pub const NID_setct_CapResData: c_int = 546; +pub const NID_setct_CapRevReqTBS: c_int = 547; +pub const NID_setct_CapRevReqTBSX: c_int = 548; +pub const NID_setct_CapRevResData: c_int = 549; +pub const NID_setct_CredReqTBS: c_int = 550; +pub const NID_setct_CredReqTBSX: c_int = 551; +pub const NID_setct_CredResData: c_int = 552; +pub const NID_setct_CredRevReqTBS: c_int = 553; +pub const NID_setct_CredRevReqTBSX: c_int = 554; +pub const NID_setct_CredRevResData: c_int = 555; +pub const NID_setct_PCertReqData: c_int = 556; +pub const NID_setct_PCertResTBS: c_int = 557; +pub const NID_setct_BatchAdminReqData: c_int = 558; +pub const NID_setct_BatchAdminResData: c_int = 559; +pub const NID_setct_CardCInitResTBS: c_int = 560; +pub const NID_setct_MeAqCInitResTBS: c_int = 561; +pub const NID_setct_RegFormResTBS: c_int = 562; +pub const NID_setct_CertReqData: c_int = 563; +pub const NID_setct_CertReqTBS: c_int = 564; +pub const NID_setct_CertResData: c_int = 565; +pub const NID_setct_CertInqReqTBS: c_int = 566; +pub const NID_setct_ErrorTBS: c_int = 567; +pub const NID_setct_PIDualSignedTBE: c_int = 568; +pub const NID_setct_PIUnsignedTBE: c_int = 569; +pub const NID_setct_AuthReqTBE: c_int = 570; +pub const NID_setct_AuthResTBE: c_int = 571; +pub const NID_setct_AuthResTBEX: c_int = 572; +pub const NID_setct_AuthTokenTBE: c_int = 573; +pub const NID_setct_CapTokenTBE: c_int = 574; +pub const NID_setct_CapTokenTBEX: c_int = 575; +pub const NID_setct_AcqCardCodeMsgTBE: c_int = 576; +pub const NID_setct_AuthRevReqTBE: c_int = 577; +pub const NID_setct_AuthRevResTBE: c_int = 578; +pub const NID_setct_AuthRevResTBEB: c_int = 579; +pub const NID_setct_CapReqTBE: c_int = 580; +pub const NID_setct_CapReqTBEX: c_int = 581; +pub const NID_setct_CapResTBE: c_int = 582; +pub const NID_setct_CapRevReqTBE: c_int = 583; +pub const NID_setct_CapRevReqTBEX: c_int = 584; +pub const NID_setct_CapRevResTBE: c_int = 585; +pub const NID_setct_CredReqTBE: c_int = 586; +pub const NID_setct_CredReqTBEX: c_int = 587; +pub const NID_setct_CredResTBE: c_int = 588; +pub const NID_setct_CredRevReqTBE: c_int = 589; +pub const NID_setct_CredRevReqTBEX: c_int = 590; +pub const NID_setct_CredRevResTBE: c_int = 591; +pub const NID_setct_BatchAdminReqTBE: c_int = 592; +pub const NID_setct_BatchAdminResTBE: c_int = 593; +pub const NID_setct_RegFormReqTBE: c_int = 594; +pub const NID_setct_CertReqTBE: c_int = 595; +pub const NID_setct_CertReqTBEX: c_int = 596; +pub const NID_setct_CertResTBE: c_int = 597; +pub const NID_setct_CRLNotificationTBS: c_int = 598; +pub const NID_setct_CRLNotificationResTBS: c_int = 599; +pub const NID_setct_BCIDistributionTBS: c_int = 600; +pub const NID_setext_genCrypt: c_int = 601; +pub const NID_setext_miAuth: c_int = 602; +pub const NID_setext_pinSecure: c_int = 603; +pub const NID_setext_pinAny: c_int = 604; +pub const NID_setext_track2: c_int = 605; +pub const NID_setext_cv: c_int = 606; +pub const NID_set_policy_root: c_int = 607; +pub const NID_setCext_hashedRoot: c_int = 608; +pub const NID_setCext_certType: c_int = 609; +pub const NID_setCext_merchData: c_int = 610; +pub const NID_setCext_cCertRequired: c_int = 611; +pub const NID_setCext_tunneling: c_int = 612; +pub const NID_setCext_setExt: c_int = 613; +pub const NID_setCext_setQualf: c_int = 614; +pub const NID_setCext_PGWYcapabilities: c_int = 615; +pub const NID_setCext_TokenIdentifier: c_int = 616; +pub const NID_setCext_Track2Data: c_int = 617; +pub const NID_setCext_TokenType: c_int = 618; +pub const NID_setCext_IssuerCapabilities: c_int = 619; +pub const NID_setAttr_Cert: c_int = 620; +pub const NID_setAttr_PGWYcap: c_int = 621; +pub const NID_setAttr_TokenType: c_int = 622; +pub const NID_setAttr_IssCap: c_int = 623; +pub const NID_set_rootKeyThumb: c_int = 624; +pub const NID_set_addPolicy: c_int = 625; +pub const NID_setAttr_Token_EMV: c_int = 626; +pub const NID_setAttr_Token_B0Prime: c_int = 627; +pub const NID_setAttr_IssCap_CVM: c_int = 628; +pub const NID_setAttr_IssCap_T2: c_int = 629; +pub const NID_setAttr_IssCap_Sig: c_int = 630; +pub const NID_setAttr_GenCryptgrm: c_int = 631; +pub const NID_setAttr_T2Enc: c_int = 632; +pub const NID_setAttr_T2cleartxt: c_int = 633; +pub const NID_setAttr_TokICCsig: c_int = 634; +pub const NID_setAttr_SecDevSig: c_int = 635; +pub const NID_set_brand_IATA_ATA: c_int = 636; +pub const NID_set_brand_Diners: c_int = 637; +pub const NID_set_brand_AmericanExpress: c_int = 638; +pub const NID_set_brand_JCB: c_int = 639; +pub const NID_set_brand_Visa: c_int = 640; +pub const NID_set_brand_MasterCard: c_int = 641; +pub const NID_set_brand_Novus: c_int = 642; +pub const NID_des_cdmf: c_int = 643; +pub const NID_rsaOAEPEncryptionSET: c_int = 644; +pub const NID_ipsec3: c_int = 749; +pub const NID_ipsec4: c_int = 750; +pub const NID_whirlpool: c_int = 804; +pub const NID_cryptopro: c_int = 805; +pub const NID_cryptocom: c_int = 806; +pub const NID_id_GostR3411_94_with_GostR3410_2001: c_int = 807; +pub const NID_id_GostR3411_94_with_GostR3410_94: c_int = 808; +pub const NID_id_GostR3411_94: c_int = 809; +pub const NID_id_HMACGostR3411_94: c_int = 810; +pub const NID_id_GostR3410_2001: c_int = 811; +pub const NID_id_GostR3410_94: c_int = 812; +pub const NID_id_Gost28147_89: c_int = 813; +pub const NID_gost89_cnt: c_int = 814; +pub const NID_id_Gost28147_89_MAC: c_int = 815; +pub const NID_id_GostR3411_94_prf: c_int = 816; +pub const NID_id_GostR3410_2001DH: c_int = 817; +pub const NID_id_GostR3410_94DH: c_int = 818; +pub const NID_id_Gost28147_89_CryptoPro_KeyMeshing: c_int = 819; +pub const NID_id_Gost28147_89_None_KeyMeshing: c_int = 820; +pub const NID_id_GostR3411_94_TestParamSet: c_int = 821; +pub const NID_id_GostR3411_94_CryptoProParamSet: c_int = 822; +pub const NID_id_Gost28147_89_TestParamSet: c_int = 823; +pub const NID_id_Gost28147_89_CryptoPro_A_ParamSet: c_int = 824; +pub const NID_id_Gost28147_89_CryptoPro_B_ParamSet: c_int = 825; +pub const NID_id_Gost28147_89_CryptoPro_C_ParamSet: c_int = 826; +pub const NID_id_Gost28147_89_CryptoPro_D_ParamSet: c_int = 827; +pub const NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet: c_int = 828; +pub const NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet: c_int = 829; +pub const NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet: c_int = 830; +pub const NID_id_GostR3410_94_TestParamSet: c_int = 831; +pub const NID_id_GostR3410_94_CryptoPro_A_ParamSet: c_int = 832; +pub const NID_id_GostR3410_94_CryptoPro_B_ParamSet: c_int = 833; +pub const NID_id_GostR3410_94_CryptoPro_C_ParamSet: c_int = 834; +pub const NID_id_GostR3410_94_CryptoPro_D_ParamSet: c_int = 835; +pub const NID_id_GostR3410_94_CryptoPro_XchA_ParamSet: c_int = 836; +pub const NID_id_GostR3410_94_CryptoPro_XchB_ParamSet: c_int = 837; +pub const NID_id_GostR3410_94_CryptoPro_XchC_ParamSet: c_int = 838; +pub const NID_id_GostR3410_2001_TestParamSet: c_int = 839; +pub const NID_id_GostR3410_2001_CryptoPro_A_ParamSet: c_int = 840; +pub const NID_id_GostR3410_2001_CryptoPro_B_ParamSet: c_int = 841; +pub const NID_id_GostR3410_2001_CryptoPro_C_ParamSet: c_int = 842; +pub const NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet: c_int = 843; +pub const NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet: c_int = 844; +pub const NID_id_GostR3410_94_a: c_int = 845; +pub const NID_id_GostR3410_94_aBis: c_int = 846; +pub const NID_id_GostR3410_94_b: c_int = 847; +pub const NID_id_GostR3410_94_bBis: c_int = 848; +pub const NID_id_Gost28147_89_cc: c_int = 849; +pub const NID_id_GostR3410_94_cc: c_int = 850; +pub const NID_id_GostR3410_2001_cc: c_int = 851; +pub const NID_id_GostR3411_94_with_GostR3410_94_cc: c_int = 852; +pub const NID_id_GostR3411_94_with_GostR3410_2001_cc: c_int = 853; +pub const NID_id_GostR3410_2001_ParamSet_cc: c_int = 854; +pub const NID_camellia_128_cbc: c_int = 751; +pub const NID_camellia_192_cbc: c_int = 752; +pub const NID_camellia_256_cbc: c_int = 753; +pub const NID_id_camellia128_wrap: c_int = 907; +pub const NID_id_camellia192_wrap: c_int = 908; +pub const NID_id_camellia256_wrap: c_int = 909; +pub const NID_camellia_128_ecb: c_int = 754; +pub const NID_camellia_128_ofb128: c_int = 766; +pub const NID_camellia_128_cfb128: c_int = 757; +pub const NID_camellia_192_ecb: c_int = 755; +pub const NID_camellia_192_ofb128: c_int = 767; +pub const NID_camellia_192_cfb128: c_int = 758; +pub const NID_camellia_256_ecb: c_int = 756; +pub const NID_camellia_256_ofb128: c_int = 768; +pub const NID_camellia_256_cfb128: c_int = 759; +pub const NID_camellia_128_cfb1: c_int = 760; +pub const NID_camellia_192_cfb1: c_int = 761; +pub const NID_camellia_256_cfb1: c_int = 762; +pub const NID_camellia_128_cfb8: c_int = 763; +pub const NID_camellia_192_cfb8: c_int = 764; +pub const NID_camellia_256_cfb8: c_int = 765; +pub const NID_kisa: c_int = 773; +pub const NID_seed_ecb: c_int = 776; +pub const NID_seed_cbc: c_int = 777; +pub const NID_seed_cfb128: c_int = 779; +pub const NID_seed_ofb128: c_int = 778; +pub const NID_hmac: c_int = 855; +pub const NID_cmac: c_int = 894; +pub const NID_rc4_hmac_md5: c_int = 915; +pub const NID_aes_128_cbc_hmac_sha1: c_int = 916; +pub const NID_aes_192_cbc_hmac_sha1: c_int = 917; +pub const NID_aes_256_cbc_hmac_sha1: c_int = 918; +#[cfg(ossl111)] +pub const NID_X25519: c_int = 1034; +#[cfg(ossl111)] +pub const NID_X448: c_int = 1035; +#[cfg(ossl110)] +pub const NID_hkdf: c_int = 1036; +#[cfg(ossl111)] +pub const NID_ED25519: c_int = 1087; +#[cfg(ossl111)] +pub const NID_ED448: c_int = 1088; +#[cfg(ossl111)] +pub const NID_sm3: c_int = 1143; +#[cfg(libressl291)] +pub const NID_sm3: c_int = 968; +#[cfg(ossl111)] +pub const NID_sm3WithRSAEncryption: c_int = 1144; +#[cfg(libressl291)] +pub const NID_sm3WithRSAEncryption: c_int = 969; +#[cfg(ossl111)] +pub const NID_sm4_ecb: c_int = 1133; +#[cfg(libressl291)] +pub const NID_sm4_ecb: c_int = 973; +#[cfg(ossl111)] +pub const NID_sm4_cbc: c_int = 1134; +#[cfg(libressl291)] +pub const NID_sm4_cbc: c_int = 974; +#[cfg(ossl111)] +pub const NID_sm4_ofb128: c_int = 1135; +#[cfg(libressl291)] +pub const NID_sm4_ofb128: c_int = 975; +#[cfg(ossl111)] +pub const NID_sm4_cfb128: c_int = 1137; +#[cfg(libressl291)] +pub const NID_sm4_cfb128: c_int = 976; +#[cfg(ossl111)] +pub const NID_sm4_cfb1: c_int = 1136; +#[cfg(libressl291)] +pub const NID_sm4_cfb1: c_int = 977; +#[cfg(ossl111)] +pub const NID_sm4_cfb8: c_int = 1138; +#[cfg(libressl291)] +pub const NID_sm4_cfb8: c_int = 978; +#[cfg(ossl111)] +pub const NID_sm4_ctr: c_int = 1139; +#[cfg(libressl291)] +pub const NID_sm4_ctr: c_int = 979; +#[cfg(ossl111)] +pub const NID_sha3_224: c_int = 1096; +#[cfg(ossl111)] +pub const NID_sha3_256: c_int = 1097; +#[cfg(ossl111)] +pub const NID_sha3_384: c_int = 1098; +#[cfg(ossl111)] +pub const NID_sha3_512: c_int = 1099; +#[cfg(ossl111)] +pub const NID_shake128: c_int = 1100; +#[cfg(ossl111)] +pub const NID_shake256: c_int = 1101; diff --git a/openssl-sys/src/ocsp.rs b/openssl-sys/src/ocsp.rs new file mode 100644 index 000000000..fc0db39e9 --- /dev/null +++ b/openssl-sys/src/ocsp.rs @@ -0,0 +1,35 @@ +use libc::*; + +pub const OCSP_REVOKED_STATUS_NOSTATUS: c_int = -1; +pub const OCSP_REVOKED_STATUS_UNSPECIFIED: c_int = 0; +pub const OCSP_REVOKED_STATUS_KEYCOMPROMISE: c_int = 1; +pub const OCSP_REVOKED_STATUS_CACOMPROMISE: c_int = 2; +pub const OCSP_REVOKED_STATUS_AFFILIATIONCHANGED: c_int = 3; +pub const OCSP_REVOKED_STATUS_SUPERSEDED: c_int = 4; +pub const OCSP_REVOKED_STATUS_CESSATIONOFOPERATION: c_int = 5; +pub const OCSP_REVOKED_STATUS_CERTIFICATEHOLD: c_int = 6; +pub const OCSP_REVOKED_STATUS_REMOVEFROMCRL: c_int = 8; + +pub const OCSP_NOCERTS: c_ulong = 0x1; +pub const OCSP_NOINTERN: c_ulong = 0x2; +pub const OCSP_NOSIGS: c_ulong = 0x4; +pub const OCSP_NOCHAIN: c_ulong = 0x8; +pub const OCSP_NOVERIFY: c_ulong = 0x10; +pub const OCSP_NOEXPLICIT: c_ulong = 0x20; +pub const OCSP_NOCASIGN: c_ulong = 0x40; +pub const OCSP_NODELEGATED: c_ulong = 0x80; +pub const OCSP_NOCHECKS: c_ulong = 0x100; +pub const OCSP_TRUSTOTHER: c_ulong = 0x200; +pub const OCSP_RESPID_KEY: c_ulong = 0x400; +pub const OCSP_NOTIME: c_ulong = 0x800; + +pub const OCSP_RESPONSE_STATUS_SUCCESSFUL: c_int = 0; +pub const OCSP_RESPONSE_STATUS_MALFORMEDREQUEST: c_int = 1; +pub const OCSP_RESPONSE_STATUS_INTERNALERROR: c_int = 2; +pub const OCSP_RESPONSE_STATUS_TRYLATER: c_int = 3; +pub const OCSP_RESPONSE_STATUS_SIGREQUIRED: c_int = 5; +pub const OCSP_RESPONSE_STATUS_UNAUTHORIZED: c_int = 6; + +pub const V_OCSP_CERTSTATUS_GOOD: c_int = 0; +pub const V_OCSP_CERTSTATUS_REVOKED: c_int = 1; +pub const V_OCSP_CERTSTATUS_UNKNOWN: c_int = 2; diff --git a/openssl-sys/src/pem.rs b/openssl-sys/src/pem.rs new file mode 100644 index 000000000..f7dd8ac30 --- /dev/null +++ b/openssl-sys/src/pem.rs @@ -0,0 +1,3 @@ +use libc::*; + +pub const PEM_R_NO_START_LINE: c_int = 108; diff --git a/openssl-sys/src/pkcs7.rs b/openssl-sys/src/pkcs7.rs new file mode 100644 index 000000000..0a56225a9 --- /dev/null +++ b/openssl-sys/src/pkcs7.rs @@ -0,0 +1,20 @@ +use libc::*; + +pub const PKCS7_TEXT: c_int = 0x1; +pub const PKCS7_NOCERTS: c_int = 0x2; +pub const PKCS7_NOSIGS: c_int = 0x4; +pub const PKCS7_NOCHAIN: c_int = 0x8; +pub const PKCS7_NOINTERN: c_int = 0x10; +pub const PKCS7_NOVERIFY: c_int = 0x20; +pub const PKCS7_DETACHED: c_int = 0x40; +pub const PKCS7_BINARY: c_int = 0x80; +pub const PKCS7_NOATTR: c_int = 0x100; +pub const PKCS7_NOSMIMECAP: c_int = 0x200; +pub const PKCS7_NOOLDMIMETYPE: c_int = 0x400; +pub const PKCS7_CRLFEOL: c_int = 0x800; +pub const PKCS7_STREAM: c_int = 0x1000; +pub const PKCS7_NOCRL: c_int = 0x2000; +pub const PKCS7_PARTIAL: c_int = 0x4000; +pub const PKCS7_REUSE_DIGEST: c_int = 0x8000; +#[cfg(not(any(ossl101, ossl102, libressl)))] +pub const PKCS7_NO_DUAL_CONTENT: c_int = 0x10000; diff --git a/openssl-sys/src/rsa.rs b/openssl-sys/src/rsa.rs new file mode 100644 index 000000000..ff30cf1e2 --- /dev/null +++ b/openssl-sys/src/rsa.rs @@ -0,0 +1,101 @@ +use libc::*; +use std::ptr; + +use super::super::*; + +pub const RSA_F4: c_long = 0x10001; + +cfg_if! { + if #[cfg(not(ossl300))] { + pub unsafe fn EVP_PKEY_CTX_set_rsa_padding(ctx: *mut EVP_PKEY_CTX, pad: c_int) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + EVP_PKEY_RSA, + -1, + EVP_PKEY_CTRL_RSA_PADDING, + pad, + ptr::null_mut(), + ) + } + pub unsafe fn EVP_PKEY_CTX_get_rsa_padding(ctx: *mut EVP_PKEY_CTX, ppad: *mut c_int) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + EVP_PKEY_RSA, + -1, + EVP_PKEY_CTRL_GET_RSA_PADDING, + 0, + ppad as *mut c_void, + ) + } + + pub unsafe fn EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx: *mut EVP_PKEY_CTX, len: c_int) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + EVP_PKEY_RSA, + EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY, + EVP_PKEY_CTRL_RSA_PSS_SALTLEN, + len, + ptr::null_mut(), + ) + } + + pub unsafe fn EVP_PKEY_CTX_set_rsa_mgf1_md(ctx: *mut EVP_PKEY_CTX, md: *mut EVP_MD) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + EVP_PKEY_RSA, + EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, + EVP_PKEY_CTRL_RSA_MGF1_MD, + 0, + md as *mut c_void, + ) + } + } +} + +#[cfg(any(ossl102, libressl310))] +pub unsafe fn EVP_PKEY_CTX_set_rsa_oaep_md(ctx: *mut EVP_PKEY_CTX, md: *mut EVP_MD) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + EVP_PKEY_RSA, + EVP_PKEY_OP_TYPE_CRYPT, + EVP_PKEY_CTRL_RSA_OAEP_MD, + 0, + md as *mut c_void, + ) +} + +#[cfg(any(ossl102, libressl310))] +pub unsafe fn EVP_PKEY_CTX_set0_rsa_oaep_label( + ctx: *mut EVP_PKEY_CTX, + label: *mut c_void, + len: c_int, +) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + EVP_PKEY_RSA, + EVP_PKEY_OP_TYPE_CRYPT, + EVP_PKEY_CTRL_RSA_OAEP_LABEL, + len, + label as *mut c_void, + ) +} + +pub const EVP_PKEY_CTRL_RSA_PADDING: c_int = EVP_PKEY_ALG_CTRL + 1; +pub const EVP_PKEY_CTRL_RSA_PSS_SALTLEN: c_int = EVP_PKEY_ALG_CTRL + 2; + +pub const EVP_PKEY_CTRL_RSA_MGF1_MD: c_int = EVP_PKEY_ALG_CTRL + 5; + +pub const EVP_PKEY_CTRL_GET_RSA_PADDING: c_int = EVP_PKEY_ALG_CTRL + 6; + +#[cfg(any(ossl102, libressl310))] +pub const EVP_PKEY_CTRL_RSA_OAEP_MD: c_int = EVP_PKEY_ALG_CTRL + 9; +#[cfg(any(ossl102, libressl310))] +pub const EVP_PKEY_CTRL_RSA_OAEP_LABEL: c_int = EVP_PKEY_ALG_CTRL + 10; + +pub const RSA_PKCS1_PADDING: c_int = 1; +#[cfg(not(ossl300))] +pub const RSA_SSLV23_PADDING: c_int = 2; +pub const RSA_NO_PADDING: c_int = 3; +pub const RSA_PKCS1_OAEP_PADDING: c_int = 4; +pub const RSA_X931_PADDING: c_int = 5; +pub const RSA_PKCS1_PSS_PADDING: c_int = 6; diff --git a/openssl-sys/src/sha.rs b/openssl-sys/src/sha.rs new file mode 100644 index 000000000..4ad0c17cd --- /dev/null +++ b/openssl-sys/src/sha.rs @@ -0,0 +1,103 @@ +use super::*; +use libc::*; +use std::ptr; + +#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] +pub const SHA_LBLOCK: c_int = 16; + +#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] +pub type SHA_LONG = c_uint; + +cfg_if! { + if #[cfg(ossl300)] { + #[cfg(ossl300)] + // Ideally we'd macro define these, but that crashes ctest :( + pub unsafe fn SHA1(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar { + if EVP_Q_digest( + ptr::null_mut(), + "SHA1\0".as_ptr() as *const c_char, + ptr::null(), + d as *const c_void, + n, + md, + ptr::null_mut(), + ) != 0 + { + md + } else { + ptr::null_mut() + } + } + + pub unsafe fn SHA224(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar { + if EVP_Q_digest( + ptr::null_mut(), + "SHA224\0".as_ptr() as *const c_char, + ptr::null(), + d as *const c_void, + n, + md, + ptr::null_mut(), + ) != 0 { + md + } else { + ptr::null_mut() + } + } + + pub unsafe fn SHA256(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar { + if EVP_Q_digest( + ptr::null_mut(), + "SHA256\0".as_ptr() as *const c_char, + ptr::null(), + d as *const c_void, + n, + md, + ptr::null_mut(), + ) != 0 { + md + } else { + ptr::null_mut() + } + } + } +} + +#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] +pub type SHA_LONG64 = u64; + +cfg_if! { + if #[cfg(ossl300)] { + pub unsafe fn SHA384(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar { + if EVP_Q_digest( + ptr::null_mut(), + "SHA384\0".as_ptr() as *const c_char, + ptr::null(), + d as *const c_void, + n, + md, + ptr::null_mut(), + ) != 0 { + md + } else { + ptr::null_mut() + } + } + + pub unsafe fn SHA512(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar { + if EVP_Q_digest( + ptr::null_mut(), + "SHA512\0".as_ptr() as *const c_char, + ptr::null(), + d as *const c_void, + n, + md, + ptr::null_mut(), + ) != 0 { + md + } else { + ptr::null_mut() + } + } + } +} diff --git a/openssl-sys/src/srtp.rs b/openssl-sys/src/srtp.rs new file mode 100644 index 000000000..93c77970c --- /dev/null +++ b/openssl-sys/src/srtp.rs @@ -0,0 +1,14 @@ +use libc::*; + +pub const SRTP_AES128_CM_SHA1_80: c_ulong = 0x0001; +pub const SRTP_AES128_CM_SHA1_32: c_ulong = 0x0002; +pub const SRTP_AES128_F8_SHA1_80: c_ulong = 0x0003; +pub const SRTP_AES128_F8_SHA1_32: c_ulong = 0x0004; +pub const SRTP_NULL_SHA1_80: c_ulong = 0x0005; +pub const SRTP_NULL_SHA1_32: c_ulong = 0x0006; + +/* AEAD SRTP protection profiles from RFC 7714 */ +#[cfg(ossl110)] +pub const SRTP_AEAD_AES_128_GCM: c_ulong = 0x0007; +#[cfg(ossl110)] +pub const SRTP_AEAD_AES_256_GCM: c_ulong = 0x0008; diff --git a/openssl-sys/src/ssl.rs b/openssl-sys/src/ssl.rs new file mode 100644 index 000000000..e81267333 --- /dev/null +++ b/openssl-sys/src/ssl.rs @@ -0,0 +1,631 @@ +use libc::*; +use std::ptr; + +use super::*; + +#[cfg(not(ossl110))] +pub const SSL_MAX_KRB5_PRINCIPAL_LENGTH: c_int = 256; + +#[cfg(not(ossl110))] +pub const SSL_MAX_SSL_SESSION_ID_LENGTH: c_int = 32; +#[cfg(not(ossl110))] +pub const SSL_MAX_SID_CTX_LENGTH: c_int = 32; + +#[cfg(not(ossl110))] +pub const SSL_MAX_KEY_ARG_LENGTH: c_int = 8; +#[cfg(not(ossl110))] +pub const SSL_MAX_MASTER_KEY_LENGTH: c_int = 48; + +pub const SSL_SENT_SHUTDOWN: c_int = 1; +pub const SSL_RECEIVED_SHUTDOWN: c_int = 2; + +pub const SSL_FILETYPE_PEM: c_int = X509_FILETYPE_PEM; +pub const SSL_FILETYPE_ASN1: c_int = X509_FILETYPE_ASN1; + +#[cfg(ossl111)] +pub const SSL_EXT_TLS_ONLY: c_uint = 0x0001; +/* This extension is only allowed in DTLS */ +#[cfg(ossl111)] +pub const SSL_EXT_DTLS_ONLY: c_uint = 0x0002; +/* Some extensions may be allowed in DTLS but we don't implement them for it */ +#[cfg(ossl111)] +pub const SSL_EXT_TLS_IMPLEMENTATION_ONLY: c_uint = 0x0004; +/* Most extensions are not defined for SSLv3 but EXT_TYPE_renegotiate is */ +#[cfg(ossl111)] +pub const SSL_EXT_SSL3_ALLOWED: c_uint = 0x0008; +/* Extension is only defined for TLS1.2 and below */ +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_2_AND_BELOW_ONLY: c_uint = 0x0010; +/* Extension is only defined for TLS1.3 and above */ +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_3_ONLY: c_uint = 0x0020; +/* Ignore this extension during parsing if we are resuming */ +#[cfg(ossl111)] +pub const SSL_EXT_IGNORE_ON_RESUMPTION: c_uint = 0x0040; +#[cfg(ossl111)] +pub const SSL_EXT_CLIENT_HELLO: c_uint = 0x0080; +/* Really means TLS1.2 or below */ +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_2_SERVER_HELLO: c_uint = 0x0100; +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_3_SERVER_HELLO: c_uint = 0x0200; +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS: c_uint = 0x0400; +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST: c_uint = 0x0800; +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_3_CERTIFICATE: c_uint = 0x1000; +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_3_NEW_SESSION_TICKET: c_uint = 0x2000; +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_3_CERTIFICATE_REQUEST: c_uint = 0x4000; + +cfg_if! { + if #[cfg(ossl300)] { + macro_rules! ssl_op_type { + () => {u64}; + } + } else { + macro_rules! ssl_op_type { + () => {c_ulong}; + } + } +} + +pub const SSL_OP_LEGACY_SERVER_CONNECT: ssl_op_type!() = 0x00000004; +cfg_if! { + if #[cfg(libressl261)] { + pub const SSL_OP_TLSEXT_PADDING: ssl_op_type!() = 0x0; + } else if #[cfg(any(ossl102, libressl))] { + pub const SSL_OP_TLSEXT_PADDING: ssl_op_type!() = 0x10; + } +} +#[cfg(ossl101)] +pub const SSL_OP_SAFARI_ECDHE_ECDSA_BUG: ssl_op_type!() = 0x00000040; + +pub const SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS: ssl_op_type!() = 0x00000800; + +pub const SSL_OP_NO_QUERY_MTU: ssl_op_type!() = 0x00001000; +pub const SSL_OP_COOKIE_EXCHANGE: ssl_op_type!() = 0x00002000; +pub const SSL_OP_NO_TICKET: ssl_op_type!() = 0x00004000; +cfg_if! { + if #[cfg(ossl101)] { + pub const SSL_OP_CISCO_ANYCONNECT: ssl_op_type!() = 0x00008000; + } else { + pub const SSL_OP_CISCO_ANYCONNECT: ssl_op_type!() = 0x0; + } +} + +pub const SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION: ssl_op_type!() = 0x00010000; +cfg_if! { + if #[cfg(ossl101)] { + pub const SSL_OP_NO_COMPRESSION: ssl_op_type!() = 0x00020000; + pub const SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION: ssl_op_type!() = 0x00040000; + } else { + pub const SSL_OP_NO_COMPRESSION: ssl_op_type!() = 0x0; + pub const SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION: ssl_op_type!() = 0x0; + } +} + +#[cfg(ossl111)] +pub const SSL_OP_ENABLE_MIDDLEBOX_COMPAT: ssl_op_type!() = 0x00100000; +#[cfg(ossl111)] +pub const SSL_OP_PRIORITIZE_CHACHA: ssl_op_type!() = 0x00200000; + +pub const SSL_OP_CIPHER_SERVER_PREFERENCE: ssl_op_type!() = 0x00400000; +cfg_if! { + if #[cfg(libressl280)] { + pub const SSL_OP_TLS_ROLLBACK_BUG: ssl_op_type!() = 0; + } else { + pub const SSL_OP_TLS_ROLLBACK_BUG: ssl_op_type!() = 0x00800000; + } +} + +cfg_if! { + if #[cfg(ossl101)] { + pub const SSL_OP_NO_SSLv3: ssl_op_type!() = 0x02000000; + } else { + pub const SSL_OP_NO_SSLv3: ssl_op_type!() = 0x0; + } +} +pub const SSL_OP_NO_TLSv1_1: ssl_op_type!() = 0x10000000; +pub const SSL_OP_NO_TLSv1_2: ssl_op_type!() = 0x08000000; + +pub const SSL_OP_NO_TLSv1: ssl_op_type!() = 0x04000000; +cfg_if! { + if #[cfg(ossl102)] { + pub const SSL_OP_NO_DTLSv1: ssl_op_type!() = 0x04000000; + pub const SSL_OP_NO_DTLSv1_2: ssl_op_type!() = 0x08000000; + } else if #[cfg(libressl332)] { + pub const SSL_OP_NO_DTLSv1: ssl_op_type!() = 0x40000000; + pub const SSL_OP_NO_DTLSv1_2: ssl_op_type!() = 0x80000000; + } +} +#[cfg(any(ossl111, libressl340))] +pub const SSL_OP_NO_TLSv1_3: ssl_op_type!() = 0x20000000; + +#[cfg(ossl110h)] +pub const SSL_OP_NO_RENEGOTIATION: ssl_op_type!() = 0x40000000; + +cfg_if! { + if #[cfg(ossl111)] { + pub const SSL_OP_NO_SSL_MASK: ssl_op_type!() = SSL_OP_NO_SSLv2 + | SSL_OP_NO_SSLv3 + | SSL_OP_NO_TLSv1 + | SSL_OP_NO_TLSv1_1 + | SSL_OP_NO_TLSv1_2 + | SSL_OP_NO_TLSv1_3; + } else if #[cfg(ossl102)] { + pub const SSL_OP_NO_SSL_MASK: ssl_op_type!() = + SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2; + } +} + +cfg_if! { + if #[cfg(libressl261)] { + pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: ssl_op_type!() = 0x0; + } else { + pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: ssl_op_type!() = 0x80000000; + } +} + +cfg_if! { + if #[cfg(ossl300)] { + pub const SSL_OP_ALL: ssl_op_type!() = SSL_OP_CRYPTOPRO_TLSEXT_BUG + | SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS + | SSL_OP_TLSEXT_PADDING + | SSL_OP_SAFARI_ECDHE_ECDSA_BUG; + } else if #[cfg(ossl110f)] { + pub const SSL_OP_ALL: ssl_op_type!() = SSL_OP_CRYPTOPRO_TLSEXT_BUG + | SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS + | SSL_OP_LEGACY_SERVER_CONNECT + | SSL_OP_TLSEXT_PADDING + | SSL_OP_SAFARI_ECDHE_ECDSA_BUG; + } else if #[cfg(libressl261)] { + pub const SSL_OP_ALL: ssl_op_type!() = 0x4; + } else if #[cfg(libressl)] { + pub const SSL_OP_ALL: ssl_op_type!() = 0x80000014; + } else { + pub const SSL_OP_ALL: ssl_op_type!() = 0x80000BFF; + } +} + +cfg_if! { + if #[cfg(ossl110)] { + pub const SSL_OP_MICROSOFT_SESS_ID_BUG: ssl_op_type!() = 0x00000000; + pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: ssl_op_type!() = 0x00000000; + pub const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG: ssl_op_type!() = 0x00000000; + pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: ssl_op_type!() = 0x00000000; + pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: ssl_op_type!() = 0x00000000; + pub const SSL_OP_TLS_D5_BUG: ssl_op_type!() = 0x00000000; + pub const SSL_OP_TLS_BLOCK_PADDING_BUG: ssl_op_type!() = 0x00000000; + pub const SSL_OP_SINGLE_ECDH_USE: ssl_op_type!() = 0x00000000; + pub const SSL_OP_SINGLE_DH_USE: ssl_op_type!() = 0x00000000; + pub const SSL_OP_NO_SSLv2: ssl_op_type!() = 0x00000000; + } else if #[cfg(ossl101)] { + pub const SSL_OP_MICROSOFT_SESS_ID_BUG: ssl_op_type!() = 0x00000001; + pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: ssl_op_type!() = 0x00000002; + pub const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG: ssl_op_type!() = 0x00000008; + pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: ssl_op_type!() = 0x00000020; + pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: ssl_op_type!() = 0x00000080; + pub const SSL_OP_TLS_D5_BUG: ssl_op_type!() = 0x00000100; + pub const SSL_OP_TLS_BLOCK_PADDING_BUG: ssl_op_type!() = 0x00000200; + pub const SSL_OP_SINGLE_ECDH_USE: ssl_op_type!() = 0x00080000; + pub const SSL_OP_SINGLE_DH_USE: ssl_op_type!() = 0x00100000; + pub const SSL_OP_NO_SSLv2: ssl_op_type!() = 0x01000000; + } else { + pub const SSL_OP_MICROSOFT_SESS_ID_BUG: ssl_op_type!() = 0x0; + pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: ssl_op_type!() = 0x0; + pub const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG: ssl_op_type!() = 0x0; + pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: ssl_op_type!() = 0x0; + pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: ssl_op_type!() = 0x0; + pub const SSL_OP_TLS_D5_BUG: ssl_op_type!() = 0x0; + pub const SSL_OP_TLS_BLOCK_PADDING_BUG: ssl_op_type!() = 0x0; + #[cfg(libressl261)] + pub const SSL_OP_SINGLE_ECDH_USE: ssl_op_type!() = 0x0; + #[cfg(not(libressl261))] + pub const SSL_OP_SINGLE_ECDH_USE: ssl_op_type!() = 0x00080000; + pub const SSL_OP_SINGLE_DH_USE: ssl_op_type!() = 0x00100000; + pub const SSL_OP_NO_SSLv2: ssl_op_type!() = 0x0; + } +} + +pub const SSL_MODE_ENABLE_PARTIAL_WRITE: c_long = 0x1; +pub const SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER: c_long = 0x2; +pub const SSL_MODE_AUTO_RETRY: c_long = 0x4; +pub const SSL_MODE_NO_AUTO_CHAIN: c_long = 0x8; +pub const SSL_MODE_RELEASE_BUFFERS: c_long = 0x10; +#[cfg(ossl101)] +pub const SSL_MODE_SEND_CLIENTHELLO_TIME: c_long = 0x20; +#[cfg(ossl101)] +pub const SSL_MODE_SEND_SERVERHELLO_TIME: c_long = 0x40; +#[cfg(ossl101)] +pub const SSL_MODE_SEND_FALLBACK_SCSV: c_long = 0x80; + +pub unsafe fn SSL_CTX_set_mode(ctx: *mut SSL_CTX, op: c_long) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_MODE, op, ptr::null_mut()) +} + +#[cfg(ossl111)] +pub const SSL_COOKIE_LENGTH: c_int = 4096; + +cfg_if! { + if #[cfg(not(ossl110))] { + pub unsafe fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> c_ulong { + SSL_CTX_ctrl(ctx as *mut _, SSL_CTRL_OPTIONS, 0, ptr::null_mut()) as c_ulong + } + + pub unsafe fn SSL_CTX_set_options(ctx: *const SSL_CTX, op: c_ulong) -> c_ulong { + SSL_CTX_ctrl( + ctx as *mut _, + SSL_CTRL_OPTIONS, + op as c_long, + ptr::null_mut(), + ) as c_ulong + } + + pub unsafe fn SSL_CTX_clear_options(ctx: *const SSL_CTX, op: c_ulong) -> c_ulong { + SSL_CTX_ctrl( + ctx as *mut _, + SSL_CTRL_CLEAR_OPTIONS, + op as c_long, + ptr::null_mut(), + ) as c_ulong + } + } +} + +pub unsafe fn SSL_set_mtu(ssl: *mut SSL, mtu: c_long) -> c_long { + SSL_ctrl(ssl, SSL_CTRL_SET_MTU, mtu, ptr::null_mut()) +} + +#[cfg(ossl110)] +pub unsafe fn SSL_get_extms_support(ssl: *mut SSL) -> c_long { + SSL_ctrl(ssl, SSL_CTRL_GET_EXTMS_SUPPORT, 0, ptr::null_mut()) +} + +pub const SSL_SESS_CACHE_OFF: c_long = 0x0; +pub const SSL_SESS_CACHE_CLIENT: c_long = 0x1; +pub const SSL_SESS_CACHE_SERVER: c_long = 0x2; +pub const SSL_SESS_CACHE_BOTH: c_long = SSL_SESS_CACHE_CLIENT | SSL_SESS_CACHE_SERVER; +pub const SSL_SESS_CACHE_NO_AUTO_CLEAR: c_long = 0x80; +pub const SSL_SESS_CACHE_NO_INTERNAL_LOOKUP: c_long = 0x100; +pub const SSL_SESS_CACHE_NO_INTERNAL_STORE: c_long = 0x200; +pub const SSL_SESS_CACHE_NO_INTERNAL: c_long = + SSL_SESS_CACHE_NO_INTERNAL_LOOKUP | SSL_SESS_CACHE_NO_INTERNAL_STORE; + +pub const OPENSSL_NPN_UNSUPPORTED: c_int = 0; +pub const OPENSSL_NPN_NEGOTIATED: c_int = 1; +pub const OPENSSL_NPN_NO_OVERLAP: c_int = 2; + +pub const SSL_AD_ILLEGAL_PARAMETER: c_int = SSL3_AD_ILLEGAL_PARAMETER; +pub const SSL_AD_DECODE_ERROR: c_int = TLS1_AD_DECODE_ERROR; +pub const SSL_AD_UNRECOGNIZED_NAME: c_int = TLS1_AD_UNRECOGNIZED_NAME; +pub const SSL_ERROR_NONE: c_int = 0; +pub const SSL_ERROR_SSL: c_int = 1; +pub const SSL_ERROR_SYSCALL: c_int = 5; +pub const SSL_ERROR_WANT_ACCEPT: c_int = 8; +pub const SSL_ERROR_WANT_CONNECT: c_int = 7; +pub const SSL_ERROR_WANT_READ: c_int = 2; +pub const SSL_ERROR_WANT_WRITE: c_int = 3; +pub const SSL_ERROR_WANT_X509_LOOKUP: c_int = 4; +pub const SSL_ERROR_ZERO_RETURN: c_int = 6; +#[cfg(ossl111)] +pub const SSL_ERROR_WANT_CLIENT_HELLO_CB: c_int = 11; +pub const SSL_VERIFY_NONE: c_int = 0; +pub const SSL_VERIFY_PEER: c_int = 1; +pub const SSL_VERIFY_FAIL_IF_NO_PEER_CERT: c_int = 2; +pub const SSL_CTRL_SET_TMP_DH: c_int = 3; +pub const SSL_CTRL_SET_TMP_ECDH: c_int = 4; +#[cfg(any(libressl, all(ossl101, not(ossl110))))] +pub const SSL_CTRL_GET_SESSION_REUSED: c_int = 8; +pub const SSL_CTRL_EXTRA_CHAIN_CERT: c_int = 14; +pub const SSL_CTRL_SET_MTU: c_int = 17; +#[cfg(any(libressl, all(ossl101, not(ossl110))))] +pub const SSL_CTRL_OPTIONS: c_int = 32; +pub const SSL_CTRL_MODE: c_int = 33; +pub const SSL_CTRL_SET_READ_AHEAD: c_int = 41; +pub const SSL_CTRL_SET_SESS_CACHE_SIZE: c_int = 42; +pub const SSL_CTRL_GET_SESS_CACHE_SIZE: c_int = 43; +pub const SSL_CTRL_SET_SESS_CACHE_MODE: c_int = 44; +pub const SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: c_int = 53; +pub const SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG: c_int = 54; +pub const SSL_CTRL_SET_TLSEXT_HOSTNAME: c_int = 55; +pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB: c_int = 63; +pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG: c_int = 64; +pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE: c_int = 65; +pub const SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP: c_int = 70; +pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: c_int = 71; +#[cfg(any(libressl, all(ossl101, not(ossl110))))] +pub const SSL_CTRL_CLEAR_OPTIONS: c_int = 77; +pub const SSL_CTRL_GET_EXTRA_CHAIN_CERTS: c_int = 82; +#[cfg(ossl102)] +pub const SSL_CTRL_CHAIN_CERT: c_int = 89; +#[cfg(any(ossl111, libressl252))] +pub const SSL_CTRL_SET_GROUPS_LIST: c_int = 92; +#[cfg(any(libressl, all(ossl102, not(ossl110))))] +pub const SSL_CTRL_SET_ECDH_AUTO: c_int = 94; +#[cfg(ossl102)] +pub const SSL_CTRL_SET_SIGALGS_LIST: c_int = 98; +#[cfg(ossl102)] +pub const SSL_CTRL_SET_VERIFY_CERT_STORE: c_int = 106; +#[cfg(ossl110)] +pub const SSL_CTRL_GET_EXTMS_SUPPORT: c_int = 122; +#[cfg(any(ossl110, libressl261))] +pub const SSL_CTRL_SET_MIN_PROTO_VERSION: c_int = 123; +#[cfg(any(ossl110, libressl261))] +pub const SSL_CTRL_SET_MAX_PROTO_VERSION: c_int = 124; +#[cfg(any(ossl110g, libressl270))] +pub const SSL_CTRL_GET_MIN_PROTO_VERSION: c_int = 130; +#[cfg(any(ossl110g, libressl270))] +pub const SSL_CTRL_GET_MAX_PROTO_VERSION: c_int = 131; + +pub unsafe fn SSL_CTX_set_tmp_dh(ctx: *mut SSL_CTX, dh: *mut DH) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_DH, 0, dh as *mut c_void) +} + +pub unsafe fn SSL_CTX_set_tmp_ecdh(ctx: *mut SSL_CTX, key: *mut EC_KEY) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH, 0, key as *mut c_void) +} + +pub unsafe fn SSL_set_tmp_dh(ssl: *mut SSL, dh: *mut DH) -> c_long { + SSL_ctrl(ssl, SSL_CTRL_SET_TMP_DH, 0, dh as *mut c_void) +} + +pub unsafe fn SSL_set_tmp_ecdh(ssl: *mut SSL, key: *mut EC_KEY) -> c_long { + SSL_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH, 0, key as *mut c_void) +} + +pub unsafe fn SSL_CTX_add_extra_chain_cert(ctx: *mut SSL_CTX, x509: *mut X509) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, x509 as *mut c_void) +} + +pub unsafe fn SSL_CTX_get_extra_chain_certs( + ctx: *mut SSL_CTX, + chain: *mut *mut stack_st_X509, +) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 0, chain as *mut c_void) +} + +#[cfg(ossl102)] +pub unsafe fn SSL_CTX_set0_verify_cert_store(ctx: *mut SSL_CTX, st: *mut X509_STORE) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, st as *mut c_void) +} + +#[cfg(ossl102)] +pub unsafe fn SSL_set0_verify_cert_store(ssl: *mut SSL, st: *mut X509_STORE) -> c_long { + SSL_ctrl(ssl, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, st as *mut c_void) +} + +cfg_if! { + if #[cfg(ossl111)] { + pub unsafe fn SSL_CTX_set1_groups_list(ctx: *mut SSL_CTX, s: *const c_char) -> c_long { + SSL_CTX_ctrl( + ctx, + SSL_CTRL_SET_GROUPS_LIST, + 0, + s as *const c_void as *mut c_void, + ) + } + } else if #[cfg(libressl251)] { + extern "C" { + pub fn SSL_CTX_set1_groups_list(ctx: *mut SSL_CTX, s: *const c_char) -> c_int; + } + } +} + +#[cfg(ossl102)] +pub unsafe fn SSL_add0_chain_cert(ssl: *mut SSL, ptr: *mut X509) -> c_long { + SSL_ctrl(ssl, SSL_CTRL_CHAIN_CERT, 0, ptr as *mut c_void) +} + +#[cfg(ossl102)] +pub unsafe fn SSL_CTX_set1_sigalgs_list(ctx: *mut SSL_CTX, s: *const c_char) -> c_long { + SSL_CTX_ctrl( + ctx, + SSL_CTRL_SET_SIGALGS_LIST, + 0, + s as *const c_void as *mut c_void, + ) +} + +#[cfg(any(libressl, all(ossl102, not(ossl110))))] +pub unsafe fn SSL_CTX_set_ecdh_auto(ctx: *mut SSL_CTX, onoff: c_int) -> c_int { + SSL_CTX_ctrl( + ctx, + SSL_CTRL_SET_ECDH_AUTO, + onoff as c_long, + ptr::null_mut(), + ) as c_int +} + +#[cfg(any(libressl, all(ossl102, not(ossl110))))] +pub unsafe fn SSL_set_ecdh_auto(ssl: *mut SSL, onoff: c_int) -> c_int { + SSL_ctrl( + ssl, + SSL_CTRL_SET_ECDH_AUTO, + onoff as c_long, + ptr::null_mut(), + ) as c_int +} + +cfg_if! { + if #[cfg(ossl110)] { + pub unsafe fn SSL_CTX_set_min_proto_version(ctx: *mut SSL_CTX, version: c_int) -> c_int { + SSL_CTX_ctrl( + ctx, + SSL_CTRL_SET_MIN_PROTO_VERSION, + version as c_long, + ptr::null_mut(), + ) as c_int + } + + pub unsafe fn SSL_CTX_set_max_proto_version(ctx: *mut SSL_CTX, version: c_int) -> c_int { + SSL_CTX_ctrl( + ctx, + SSL_CTRL_SET_MAX_PROTO_VERSION, + version as c_long, + ptr::null_mut(), + ) as c_int + } + + pub unsafe fn SSL_set_min_proto_version(s: *mut SSL, version: c_int) -> c_int { + SSL_ctrl( + s, + SSL_CTRL_SET_MIN_PROTO_VERSION, + version as c_long, + ptr::null_mut(), + ) as c_int + } + + pub unsafe fn SSL_set_max_proto_version(s: *mut SSL, version: c_int) -> c_int { + SSL_ctrl( + s, + SSL_CTRL_SET_MAX_PROTO_VERSION, + version as c_long, + ptr::null_mut(), + ) as c_int + } + } +} + +cfg_if! { + if #[cfg(ossl110g)] { + pub unsafe fn SSL_CTX_get_min_proto_version(ctx: *mut SSL_CTX) -> c_int { + SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, ptr::null_mut()) as c_int + } + + pub unsafe fn SSL_CTX_get_max_proto_version(ctx: *mut SSL_CTX) -> c_int { + SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, ptr::null_mut()) as c_int + } + pub unsafe fn SSL_get_min_proto_version(s: *mut SSL) -> c_int { + SSL_ctrl(s, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, ptr::null_mut()) as c_int + } + pub unsafe fn SSL_get_max_proto_version(s: *mut SSL) -> c_int { + SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, ptr::null_mut()) as c_int + } + } +} + +#[cfg(ossl111)] +pub const SSL_CLIENT_HELLO_SUCCESS: c_int = 1; +#[cfg(ossl111)] +pub const SSL_CLIENT_HELLO_ERROR: c_int = 0; +#[cfg(ossl111)] +pub const SSL_CLIENT_HELLO_RETRY: c_int = -1; + +#[cfg(any(ossl111, libressl340))] +pub const SSL_READ_EARLY_DATA_ERROR: c_int = 0; +#[cfg(any(ossl111, libressl340))] +pub const SSL_READ_EARLY_DATA_SUCCESS: c_int = 1; +#[cfg(any(ossl111, libressl340))] +pub const SSL_READ_EARLY_DATA_FINISH: c_int = 2; + +cfg_if! { + if #[cfg(ossl110)] { + pub unsafe fn SSL_get_ex_new_index( + l: c_long, + p: *mut c_void, + newf: Option, + dupf: Option, + freef: Option, + ) -> c_int { + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, l, p, newf, dupf, freef) + } + } +} +cfg_if! { + if #[cfg(ossl110)] { + pub unsafe fn SSL_CTX_get_ex_new_index( + l: c_long, + p: *mut c_void, + newf: Option, + dupf: Option, + freef: Option, + ) -> c_int { + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, l, p, newf, dupf, freef) + } + } +} + +pub unsafe fn SSL_CTX_sess_set_cache_size(ctx: *mut SSL_CTX, t: c_long) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_SIZE, t, ptr::null_mut()) +} + +pub unsafe fn SSL_CTX_sess_get_cache_size(ctx: *mut SSL_CTX) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_GET_SESS_CACHE_SIZE, 0, ptr::null_mut()) +} + +pub unsafe fn SSL_CTX_set_session_cache_mode(ctx: *mut SSL_CTX, m: c_long) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_MODE, m, ptr::null_mut()) +} + +pub unsafe fn SSL_CTX_set_read_ahead(ctx: *mut SSL_CTX, m: c_long) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_READ_AHEAD, m, ptr::null_mut()) +} + +#[allow(clashing_extern_declarations)] +extern "C" { + #[deprecated(note = "use SSL_CTX_set_tmp_dh_callback__fixed_rust instead")] + pub fn SSL_CTX_set_tmp_dh_callback( + ctx: *mut SSL_CTX, + dh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH, + ); + #[deprecated(note = "use SSL_set_tmp_dh_callback__fixed_rust instead")] + pub fn SSL_set_tmp_dh_callback( + ctx: *mut SSL, + dh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH, + ); + #[deprecated(note = "use SSL_CTX_set_tmp_ecdh_callback__fixed_rust instead")] + #[cfg(not(ossl110))] + pub fn SSL_CTX_set_tmp_ecdh_callback( + ctx: *mut SSL_CTX, + ecdh: unsafe extern "C" fn( + ssl: *mut SSL, + is_export: c_int, + keylength: c_int, + ) -> *mut EC_KEY, + ); + #[deprecated(note = "use SSL_set_tmp_ecdh_callback__fixed_rust instead")] + #[cfg(not(ossl110))] + pub fn SSL_set_tmp_ecdh_callback( + ssl: *mut SSL, + ecdh: unsafe extern "C" fn( + ssl: *mut SSL, + is_export: c_int, + keylength: c_int, + ) -> *mut EC_KEY, + ); + + #[deprecated(note = "use SSL_CTX_callback_ctrl__fixed_rust instead")] + pub fn SSL_CTX_callback_ctrl( + ctx: *mut SSL_CTX, + cmd: c_int, + fp: Option, + ) -> c_long; + + #[deprecated(note = "use SSL_CTX_set_alpn_select_cb__fixed_rust instead")] + #[cfg(any(ossl102, libressl261))] + pub fn SSL_CTX_set_alpn_select_cb( + ssl: *mut SSL_CTX, + cb: extern "C" fn( + ssl: *mut SSL, + out: *mut *const c_uchar, + outlen: *mut c_uchar, + inbuf: *const c_uchar, + inlen: c_uint, + arg: *mut c_void, + ) -> c_int, + arg: *mut c_void, + ); +} + +#[cfg(not(ossl110))] +pub unsafe fn SSL_session_reused(ssl: *mut SSL) -> c_int { + SSL_ctrl(ssl, SSL_CTRL_GET_SESSION_REUSED, 0, ptr::null_mut()) as c_int +} + +#[cfg(ossl110)] +pub const OPENSSL_INIT_LOAD_SSL_STRINGS: u64 = 0x00200000; +#[cfg(ossl111b)] +pub const OPENSSL_INIT_NO_ATEXIT: u64 = 0x00080000; diff --git a/openssl-sys/src/ssl3.rs b/openssl-sys/src/ssl3.rs new file mode 100644 index 000000000..822613eb2 --- /dev/null +++ b/openssl-sys/src/ssl3.rs @@ -0,0 +1,5 @@ +use libc::*; + +pub const SSL3_VERSION: c_int = 0x300; + +pub const SSL3_AD_ILLEGAL_PARAMETER: c_int = 47; diff --git a/openssl-sys/src/tls1.rs b/openssl-sys/src/tls1.rs new file mode 100644 index 000000000..f7ae30204 --- /dev/null +++ b/openssl-sys/src/tls1.rs @@ -0,0 +1,94 @@ +use libc::*; +use std::mem; +use std::ptr; + +use super::*; + +pub const TLS1_VERSION: c_int = 0x301; +pub const TLS1_1_VERSION: c_int = 0x302; +pub const TLS1_2_VERSION: c_int = 0x303; +#[cfg(any(ossl111, libressl340))] +pub const TLS1_3_VERSION: c_int = 0x304; + +pub const TLS1_AD_DECODE_ERROR: c_int = 50; +pub const TLS1_AD_UNRECOGNIZED_NAME: c_int = 112; + +pub const TLSEXT_NAMETYPE_host_name: c_int = 0; +pub const TLSEXT_STATUSTYPE_ocsp: c_int = 1; + +pub unsafe fn SSL_set_tlsext_host_name(s: *mut SSL, name: *mut c_char) -> c_long { + SSL_ctrl( + s, + SSL_CTRL_SET_TLSEXT_HOSTNAME, + TLSEXT_NAMETYPE_host_name as c_long, + name as *mut c_void, + ) +} + +pub unsafe fn SSL_set_tlsext_status_type(s: *mut SSL, type_: c_int) -> c_long { + SSL_ctrl( + s, + SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE, + type_ as c_long, + ptr::null_mut(), + ) +} + +pub unsafe fn SSL_get_tlsext_status_ocsp_resp(ssl: *mut SSL, resp: *mut *mut c_uchar) -> c_long { + SSL_ctrl( + ssl, + SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP, + 0, + resp as *mut c_void, + ) +} + +pub unsafe fn SSL_set_tlsext_status_ocsp_resp( + ssl: *mut SSL, + resp: *mut c_uchar, + len: c_long, +) -> c_long { + SSL_ctrl( + ssl, + SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP, + len, + resp as *mut c_void, + ) +} + +#[deprecated(note = "use SSL_CTX_set_tlsext_servername_callback__fixed_rust instead")] +#[allow(deprecated)] +pub unsafe fn SSL_CTX_set_tlsext_servername_callback( + ctx: *mut SSL_CTX, + // FIXME should have the right signature + cb: Option, +) -> c_long { + SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TLSEXT_SERVERNAME_CB, cb) +} + +pub unsafe fn SSL_CTX_set_tlsext_servername_callback__fixed_rust( + ctx: *mut SSL_CTX, + cb: Option c_int>, +) -> c_long { + SSL_CTX_callback_ctrl__fixed_rust(ctx, SSL_CTRL_SET_TLSEXT_SERVERNAME_CB, mem::transmute(cb)) +} + +pub const SSL_TLSEXT_ERR_OK: c_int = 0; +pub const SSL_TLSEXT_ERR_ALERT_WARNING: c_int = 1; +pub const SSL_TLSEXT_ERR_ALERT_FATAL: c_int = 2; +pub const SSL_TLSEXT_ERR_NOACK: c_int = 3; + +pub unsafe fn SSL_CTX_set_tlsext_servername_arg(ctx: *mut SSL_CTX, arg: *mut c_void) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG, 0, arg) +} + +pub unsafe fn SSL_CTX_set_tlsext_status_cb( + ctx: *mut SSL_CTX, + cb: Option c_int>, +) -> c_long { + SSL_CTX_callback_ctrl__fixed_rust(ctx, SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB, mem::transmute(cb)) +} + +pub unsafe fn SSL_CTX_set_tlsext_status_arg(ctx: *mut SSL_CTX, arg: *mut c_void) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG, 0, arg) +} diff --git a/openssl-sys/src/types.rs b/openssl-sys/src/types.rs new file mode 100644 index 000000000..10c8f6771 --- /dev/null +++ b/openssl-sys/src/types.rs @@ -0,0 +1,21 @@ +use libc::*; + +use super::*; + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum EVP_PKEY {} + } else { + #[repr(C)] + pub struct EVP_PKEY { + pub type_: c_int, + pub save_type: c_int, + pub references: c_int, + pub ameth: *const EVP_PKEY_ASN1_METHOD, + pub engine: *mut ENGINE, + pub pkey: *mut c_void, + pub save_parameters: c_int, + pub attributes: *mut stack_st_X509_ATTRIBUTE, + } + } +} diff --git a/openssl-sys/src/x509.rs b/openssl-sys/src/x509.rs new file mode 100644 index 000000000..714b06c9b --- /dev/null +++ b/openssl-sys/src/x509.rs @@ -0,0 +1,15 @@ +use libc::*; + +pub const X509_FILETYPE_PEM: c_int = 1; +pub const X509_FILETYPE_ASN1: c_int = 2; +pub const X509_FILETYPE_DEFAULT: c_int = 3; + +pub const ASN1_R_HEADER_TOO_LONG: c_int = 123; + +cfg_if! { + if #[cfg(not(any(ossl110, libressl350)))] { + pub const X509_LU_FAIL: c_int = 0; + pub const X509_LU_X509: c_int = 1; + pub const X509_LU_CRL: c_int = 2; + } +} diff --git a/openssl-sys/src/x509_vfy.rs b/openssl-sys/src/x509_vfy.rs new file mode 100644 index 000000000..2fa176fed --- /dev/null +++ b/openssl-sys/src/x509_vfy.rs @@ -0,0 +1,149 @@ +use libc::*; + +use super::*; + +pub const X509_V_OK: c_int = 0; +#[cfg(ossl102f)] +pub const X509_V_ERR_UNSPECIFIED: c_int = 1; +pub const X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: c_int = 2; +pub const X509_V_ERR_UNABLE_TO_GET_CRL: c_int = 3; +pub const X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: c_int = 4; +pub const X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: c_int = 5; +pub const X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: c_int = 6; +pub const X509_V_ERR_CERT_SIGNATURE_FAILURE: c_int = 7; +pub const X509_V_ERR_CRL_SIGNATURE_FAILURE: c_int = 8; +pub const X509_V_ERR_CERT_NOT_YET_VALID: c_int = 9; +pub const X509_V_ERR_CERT_HAS_EXPIRED: c_int = 10; +pub const X509_V_ERR_CRL_NOT_YET_VALID: c_int = 11; +pub const X509_V_ERR_CRL_HAS_EXPIRED: c_int = 12; +pub const X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: c_int = 13; +pub const X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: c_int = 14; +pub const X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: c_int = 15; +pub const X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: c_int = 16; +pub const X509_V_ERR_OUT_OF_MEM: c_int = 17; +pub const X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: c_int = 18; +pub const X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: c_int = 19; +pub const X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: c_int = 20; +pub const X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: c_int = 21; +pub const X509_V_ERR_CERT_CHAIN_TOO_LONG: c_int = 22; +pub const X509_V_ERR_CERT_REVOKED: c_int = 23; +cfg_if! { + if #[cfg(ossl300)] { + pub const X509_V_ERR_NO_ISSUER_PUBLIC_KEY: c_int = 24; + } else { + pub const X509_V_ERR_INVALID_CA: c_int = 24; + } +} +pub const X509_V_ERR_PATH_LENGTH_EXCEEDED: c_int = 25; +pub const X509_V_ERR_INVALID_PURPOSE: c_int = 26; +pub const X509_V_ERR_CERT_UNTRUSTED: c_int = 27; +pub const X509_V_ERR_CERT_REJECTED: c_int = 28; +pub const X509_V_ERR_SUBJECT_ISSUER_MISMATCH: c_int = 29; +pub const X509_V_ERR_AKID_SKID_MISMATCH: c_int = 30; +pub const X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: c_int = 31; +pub const X509_V_ERR_KEYUSAGE_NO_CERTSIGN: c_int = 32; +pub const X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER: c_int = 33; +pub const X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION: c_int = 34; +pub const X509_V_ERR_KEYUSAGE_NO_CRL_SIGN: c_int = 35; +pub const X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION: c_int = 36; +pub const X509_V_ERR_INVALID_NON_CA: c_int = 37; +pub const X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED: c_int = 38; +pub const X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE: c_int = 39; +pub const X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED: c_int = 40; +pub const X509_V_ERR_INVALID_EXTENSION: c_int = 41; +pub const X509_V_ERR_INVALID_POLICY_EXTENSION: c_int = 42; +pub const X509_V_ERR_NO_EXPLICIT_POLICY: c_int = 43; +pub const X509_V_ERR_DIFFERENT_CRL_SCOPE: c_int = 44; +pub const X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: c_int = 45; +pub const X509_V_ERR_UNNESTED_RESOURCE: c_int = 46; +pub const X509_V_ERR_PERMITTED_VIOLATION: c_int = 47; +pub const X509_V_ERR_EXCLUDED_VIOLATION: c_int = 48; +pub const X509_V_ERR_SUBTREE_MINMAX: c_int = 49; +pub const X509_V_ERR_APPLICATION_VERIFICATION: c_int = 50; +pub const X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: c_int = 51; +pub const X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: c_int = 52; +pub const X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: c_int = 53; +pub const X509_V_ERR_CRL_PATH_VALIDATION_ERROR: c_int = 54; +#[cfg(ossl102)] +pub const X509_V_ERR_SUITE_B_INVALID_VERSION: c_int = 56; +#[cfg(ossl102)] +pub const X509_V_ERR_SUITE_B_INVALID_ALGORITHM: c_int = 57; +#[cfg(ossl102)] +pub const X509_V_ERR_SUITE_B_INVALID_CURVE: c_int = 58; +#[cfg(ossl102)] +pub const X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM: c_int = 59; +#[cfg(ossl102)] +pub const X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED: c_int = 60; +#[cfg(ossl102)] +pub const X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256: c_int = 61; +#[cfg(ossl102)] +pub const X509_V_ERR_HOSTNAME_MISMATCH: c_int = 62; +#[cfg(ossl102)] +pub const X509_V_ERR_EMAIL_MISMATCH: c_int = 63; +#[cfg(ossl102)] +pub const X509_V_ERR_IP_ADDRESS_MISMATCH: c_int = 64; +cfg_if! { + if #[cfg(ossl110)] { + pub const X509_V_ERR_DANE_NO_MATCH: c_int = 65; + pub const X509_V_ERR_EE_KEY_TOO_SMALL: c_int = 66; + pub const X509_V_ERR_CA_KEY_TOO_SMALL: c_int = 67; + pub const X509_V_ERR_CA_MD_TOO_WEAK: c_int = 68; + pub const X509_V_ERR_INVALID_CALL: c_int = 69; + pub const X509_V_ERR_STORE_LOOKUP: c_int = 70; + pub const X509_V_ERR_NO_VALID_SCTS: c_int = 71; + } else if #[cfg(ossl102h)] { + pub const X509_V_ERR_INVALID_CALL: c_int = 65; + pub const X509_V_ERR_STORE_LOOKUP: c_int = 66; + pub const X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION: c_int = 67; + } +} +#[cfg(ossl300)] +pub const X509_V_ERR_INVALID_CA: c_int = 79; + +#[cfg(not(any(ossl110, libressl370)))] +pub const X509_V_FLAG_CB_ISSUER_CHECK: c_ulong = 0x1; +#[cfg(any(ossl110, libressl370))] +pub const X509_V_FLAG_CB_ISSUER_CHECK: c_ulong = 0x0; +pub const X509_V_FLAG_USE_CHECK_TIME: c_ulong = 0x2; +pub const X509_V_FLAG_CRL_CHECK: c_ulong = 0x4; +pub const X509_V_FLAG_CRL_CHECK_ALL: c_ulong = 0x8; +pub const X509_V_FLAG_IGNORE_CRITICAL: c_ulong = 0x10; +pub const X509_V_FLAG_X509_STRICT: c_ulong = 0x20; +pub const X509_V_FLAG_ALLOW_PROXY_CERTS: c_ulong = 0x40; +pub const X509_V_FLAG_POLICY_CHECK: c_ulong = 0x80; +pub const X509_V_FLAG_EXPLICIT_POLICY: c_ulong = 0x100; +pub const X509_V_FLAG_INHIBIT_ANY: c_ulong = 0x200; +pub const X509_V_FLAG_INHIBIT_MAP: c_ulong = 0x400; +pub const X509_V_FLAG_NOTIFY_POLICY: c_ulong = 0x800; +pub const X509_V_FLAG_EXTENDED_CRL_SUPPORT: c_ulong = 0x1000; +pub const X509_V_FLAG_USE_DELTAS: c_ulong = 0x2000; +pub const X509_V_FLAG_CHECK_SS_SIGNATURE: c_ulong = 0x4000; +#[cfg(ossl102)] +pub const X509_V_FLAG_TRUSTED_FIRST: c_ulong = 0x8000; +#[cfg(ossl102)] +pub const X509_V_FLAG_SUITEB_128_LOS_ONLY: c_ulong = 0x10000; +#[cfg(ossl102)] +pub const X509_V_FLAG_SUITEB_192_LOS: c_ulong = 0x20000; +#[cfg(ossl102)] +pub const X509_V_FLAG_SUITEB_128_LOS: c_ulong = 0x30000; +#[cfg(ossl102)] +pub const X509_V_FLAG_PARTIAL_CHAIN: c_ulong = 0x80000; +#[cfg(ossl110)] +pub const X509_V_FLAG_NO_ALT_CHAINS: c_ulong = 0x100000; +#[cfg(ossl110)] +pub const X509_V_FLAG_NO_CHECK_TIME: c_ulong = 0x200000; + +pub unsafe fn X509_LOOKUP_add_dir( + ctx: *mut X509_LOOKUP, + name: *const c_char, + _type: c_int, +) -> c_int { + const X509_L_ADD_DIR: c_int = 2; + X509_LOOKUP_ctrl( + ctx, + X509_L_ADD_DIR, + name, + _type as c_long, + std::ptr::null_mut(), + ) +} diff --git a/openssl-sys/src/x509v3.rs b/openssl-sys/src/x509v3.rs new file mode 100644 index 000000000..5ae443908 --- /dev/null +++ b/openssl-sys/src/x509v3.rs @@ -0,0 +1,93 @@ +use libc::*; + +use super::*; + +#[repr(C)] +pub struct GENERAL_NAME { + pub type_: c_int, + // FIXME should be a union + pub d: *mut c_void, +} + +stack!(stack_st_GENERAL_NAME); + +pub const GEN_OTHERNAME: c_int = 0; +pub const GEN_EMAIL: c_int = 1; +pub const GEN_DNS: c_int = 2; +pub const GEN_X400: c_int = 3; +pub const GEN_DIRNAME: c_int = 4; +pub const GEN_EDIPARTY: c_int = 5; +pub const GEN_URI: c_int = 6; +pub const GEN_IPADD: c_int = 7; +pub const GEN_RID: c_int = 8; + +#[cfg(any(ossl102, libressl261))] +pub const X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT: c_uint = 0x1; +#[cfg(any(ossl102, libressl261))] +pub const X509_CHECK_FLAG_NO_WILDCARDS: c_uint = 0x2; +#[cfg(any(ossl102, libressl261))] +pub const X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS: c_uint = 0x4; +#[cfg(any(ossl102, libressl261))] +pub const X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS: c_uint = 0x8; +#[cfg(any(ossl102, libressl261))] +pub const X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS: c_uint = 0x10; +#[cfg(ossl110)] +pub const X509_CHECK_FLAG_NEVER_CHECK_SUBJECT: c_uint = 0x20; + +pub const X509V3_ADD_DEFAULT: c_ulong = 0; +pub const X509V3_ADD_APPEND: c_ulong = 1; +pub const X509V3_ADD_REPLACE: c_ulong = 2; +pub const X509V3_ADD_REPLACE_EXISTING: c_ulong = 3; +pub const X509V3_ADD_KEEP_EXISTING: c_ulong = 4; +pub const X509V3_ADD_DELETE: c_ulong = 5; +pub const X509V3_ADD_SILENT: c_ulong = 0x10; + +pub const EXFLAG_BCONS: u32 = 0x1; +pub const EXFLAG_KUSAGE: u32 = 0x2; +pub const EXFLAG_XKUSAGE: u32 = 0x4; +pub const EXFLAG_NSCERT: u32 = 0x8; +pub const EXFLAG_CA: u32 = 0x10; +pub const EXFLAG_SI: u32 = 0x20; +pub const EXFLAG_V1: u32 = 0x40; +pub const EXFLAG_INVALID: u32 = 0x80; +pub const EXFLAG_SET: u32 = 0x100; +pub const EXFLAG_CRITICAL: u32 = 0x200; +pub const EXFLAG_PROXY: u32 = 0x400; +pub const EXFLAG_INVALID_POLICY: u32 = 0x800; +pub const EXFLAG_FRESHEST: u32 = 0x1000; +#[cfg(any(ossl102, libressl261))] +pub const EXFLAG_SS: u32 = 0x2000; + +pub const X509v3_KU_DIGITAL_SIGNATURE: u32 = 0x0080; +pub const X509v3_KU_NON_REPUDIATION: u32 = 0x0040; +pub const X509v3_KU_KEY_ENCIPHERMENT: u32 = 0x0020; +pub const X509v3_KU_DATA_ENCIPHERMENT: u32 = 0x0010; +pub const X509v3_KU_KEY_AGREEMENT: u32 = 0x0008; +pub const X509v3_KU_KEY_CERT_SIGN: u32 = 0x0004; +pub const X509v3_KU_CRL_SIGN: u32 = 0x0002; +pub const X509v3_KU_ENCIPHER_ONLY: u32 = 0x0001; +pub const X509v3_KU_DECIPHER_ONLY: u32 = 0x8000; +pub const X509v3_KU_UNDEF: u32 = 0xffff; + +pub const XKU_SSL_SERVER: u32 = 0x1; +pub const XKU_SSL_CLIENT: u32 = 0x2; +pub const XKU_SMIME: u32 = 0x4; +pub const XKU_CODE_SIGN: u32 = 0x8; +pub const XKU_SGC: u32 = 0x10; +pub const XKU_OCSP_SIGN: u32 = 0x20; +pub const XKU_TIMESTAMP: u32 = 0x40; +pub const XKU_DVCS: u32 = 0x80; +#[cfg(ossl110)] +pub const XKU_ANYEKU: u32 = 0x100; + +pub const X509_PURPOSE_SSL_CLIENT: c_int = 1; +pub const X509_PURPOSE_SSL_SERVER: c_int = 2; +pub const X509_PURPOSE_NS_SSL_SERVER: c_int = 3; +pub const X509_PURPOSE_SMIME_SIGN: c_int = 4; +pub const X509_PURPOSE_SMIME_ENCRYPT: c_int = 5; +pub const X509_PURPOSE_CRL_SIGN: c_int = 6; +pub const X509_PURPOSE_ANY: c_int = 7; +pub const X509_PURPOSE_OCSP_HELPER: c_int = 8; +pub const X509_PURPOSE_TIMESTAMP_SIGN: c_int = 9; +pub const X509_PURPOSE_MIN: c_int = 1; +pub const X509_PURPOSE_MAX: c_int = 9; diff --git a/openssl-zt/Cargo.toml b/openssl-zt/Cargo.toml new file mode 100644 index 000000000..26c151e08 --- /dev/null +++ b/openssl-zt/Cargo.toml @@ -0,0 +1,29 @@ +[package] +name = "openssl-zt" +version = "0.0.1" +authors = ["Steven Fackler "] +license = "Apache-2.0" +description = "OpenSSL bindings" +repository = "https://github.com/sfackler/rust-openssl" +readme = "README.md" +keywords = ["crypto", "tls", "ssl", "dtls"] +categories = ["cryptography", "api-bindings"] +edition = "2018" + +[features] +vendored = ['ffi/vendored'] +bindgen = ['ffi/bindgen'] +default = [] + +[dependencies] +cfg-if = "1.0" +foreign-types = "0.5.0" +libc = "0.2" +lazy_static = "^1" +rand_core = "0.5.1" + +ffi = { package = "openssl-sys", version = "0.9.80", path = "../openssl-sys" } + +[dev-dependencies] +hex = "0.4.3" +hex-literal = "0.3.4" diff --git a/openssl-zt/LICENSE b/openssl-zt/LICENSE new file mode 100644 index 000000000..f259067e9 --- /dev/null +++ b/openssl-zt/LICENSE @@ -0,0 +1,15 @@ +Copyright 2011-2017 Google Inc. + 2013 Jack Lloyd + 2013-2014 Steven Fackler + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. diff --git a/openssl-zt/README.md b/openssl-zt/README.md new file mode 120000 index 000000000..32d46ee88 --- /dev/null +++ b/openssl-zt/README.md @@ -0,0 +1 @@ +../README.md \ No newline at end of file diff --git a/openssl-zt/build.rs b/openssl-zt/build.rs new file mode 100644 index 000000000..7651429f3 --- /dev/null +++ b/openssl-zt/build.rs @@ -0,0 +1,110 @@ +#![allow( + clippy::inconsistent_digit_grouping, + clippy::uninlined_format_args, + clippy::unusual_byte_groupings +)] + +use std::env; + +fn main() { + if env::var("DEP_OPENSSL_LIBRESSL").is_ok() { + println!("cargo:rustc-cfg=libressl"); + } + + if env::var("CARGO_FEATURE_UNSTABLE_BORINGSSL").is_ok() { + println!("cargo:rustc-cfg=boringssl"); + return; + } + + if let Ok(v) = env::var("DEP_OPENSSL_LIBRESSL_VERSION") { + println!("cargo:rustc-cfg=libressl{}", v); + } + + if let Ok(vars) = env::var("DEP_OPENSSL_CONF") { + for var in vars.split(',') { + println!("cargo:rustc-cfg=osslconf=\"{}\"", var); + } + } + + if let Ok(version) = env::var("DEP_OPENSSL_VERSION_NUMBER") { + let version = u64::from_str_radix(&version, 16).unwrap(); + + if version >= 0x1_00_01_00_0 { + println!("cargo:rustc-cfg=ossl101"); + } + if version >= 0x1_00_02_00_0 { + println!("cargo:rustc-cfg=ossl102"); + } + if version >= 0x1_01_00_00_0 { + println!("cargo:rustc-cfg=ossl110"); + } + if version >= 0x1_01_00_07_0 { + println!("cargo:rustc-cfg=ossl110g"); + } + if version >= 0x1_01_00_08_0 { + println!("cargo:rustc-cfg=ossl110h"); + } + if version >= 0x1_01_01_00_0 { + println!("cargo:rustc-cfg=ossl111"); + } + if version >= 0x3_00_00_00_0 { + println!("cargo:rustc-cfg=ossl300"); + } + } + + if let Ok(version) = env::var("DEP_OPENSSL_LIBRESSL_VERSION_NUMBER") { + let version = u64::from_str_radix(&version, 16).unwrap(); + + if version >= 0x2_05_01_00_0 { + println!("cargo:rustc-cfg=libressl251"); + } + + if version >= 0x2_06_01_00_0 { + println!("cargo:rustc-cfg=libressl261"); + } + + if version >= 0x2_07_00_00_0 { + println!("cargo:rustc-cfg=libressl270"); + } + + if version >= 0x2_07_01_00_0 { + println!("cargo:rustc-cfg=libressl271"); + } + + if version >= 0x2_07_03_00_0 { + println!("cargo:rustc-cfg=libressl273"); + } + + if version >= 0x2_08_00_00_0 { + println!("cargo:rustc-cfg=libressl280"); + } + + if version >= 0x2_09_01_00_0 { + println!("cargo:rustc-cfg=libressl291"); + } + + if version >= 0x3_02_01_00_0 { + println!("cargo:rustc-cfg=libressl321"); + } + + if version >= 0x3_03_02_00_0 { + println!("cargo:rustc-cfg=libressl332"); + } + + if version >= 0x3_04_00_00_0 { + println!("cargo:rustc-cfg=libressl340"); + } + + if version >= 0x3_05_00_00_0 { + println!("cargo:rustc-cfg=libressl350"); + } + + if version >= 0x3_06_00_00_0 { + println!("cargo:rustc-cfg=libressl360"); + } + + if version >= 0x3_06_01_00_0 { + println!("cargo:rustc-cfg=libressl361"); + } + } +} diff --git a/openssl-zt/src/aes.rs b/openssl-zt/src/aes.rs new file mode 100644 index 000000000..af36308b9 --- /dev/null +++ b/openssl-zt/src/aes.rs @@ -0,0 +1,3279 @@ + +use std::{ptr, mem::MaybeUninit}; + +use foreign_types::ForeignType; + +use crate::{secret::Secret, cipher_ctx::CipherCtx}; + +pub struct AesGcm (CipherCtx); + +impl AesGcm { + pub fn new(key: &Secret) -> Self { + let mut ctx = CipherCtx::new().unwrap(); + unsafe { + let t = match KEY_SIZE { + 16 => ffi::EVP_aes_128_gcm(), + 24 => ffi::EVP_aes_192_gcm(), + 32 => ffi::EVP_aes_256_gcm(), + _ => panic!("Aes KEY_SIZE must be 16, 24 or 32") + }; + ctx.cipher_init::(t, key.as_ptr(), ptr::null()).unwrap(); + ffi::EVP_CIPHER_CTX_set_padding(ctx.as_ptr(), 0); + } + let ret = AesGcm(ctx); + ret + } + + pub fn set_iv(&mut self, iv: &[u8]) { + debug_assert_eq!(iv.len(), 12, "Aes IV must be 12 bytes long"); + unsafe { + self.0.cipher_init::(ptr::null(), ptr::null(), iv.as_ptr()).unwrap(); + } + } + + #[inline(always)] + pub fn aad(&mut self, aad: &[u8]) { + unsafe { self.0.update::(aad, ptr::null_mut()).unwrap() }; + } + + /// Encrypt or decrypt (same operation with CTR mode) + #[inline(always)] + pub fn crypt(&mut self, input: &[u8], output: &mut [u8]) { + debug_assert!(output.len() >= input.len(), "output buffer must fit the size of the input buffer"); + unsafe { self.0.update::(input, output.as_mut_ptr()).unwrap() }; + } + + /// Encrypt or decrypt in place (same operation with CTR mode) + #[inline(always)] + pub fn crypt_in_place(&mut self, data: &mut [u8]) { + let ptr = data.as_mut_ptr(); + unsafe { self.0.update::(data, ptr).unwrap() } + } +} +impl AesGcm { + #[inline(always)] + pub fn finish_encrypt(&mut self) -> [u8; 16] { + unsafe { + let mut tag = MaybeUninit::<[u8; 16]>::uninit(); + self.0.finalize::(tag.as_mut_ptr().cast()).unwrap(); + self.0.tag(&mut *tag.as_mut_ptr()).unwrap(); + tag.assume_init() + } + } +} +impl AesGcm { + #[inline(always)] + pub fn finish_decrypt(&mut self, expected_tag: &[u8]) -> bool { + debug_assert_eq!(expected_tag.len(), 16); + if self.0.set_tag(expected_tag).is_ok() { + unsafe { self.0.finalize::(ptr::null_mut()).is_ok() } + } else { + false + } + } +} + + + +pub struct AesCtr (CipherCtx); + +impl AesCtr { + pub fn new(key: &Secret) -> Self { + let mut ctx = CipherCtx::new().unwrap(); + unsafe { + let t = match KEY_SIZE { + 16 => ffi::EVP_aes_128_ctr(), + 24 => ffi::EVP_aes_192_ctr(), + 32 => ffi::EVP_aes_256_ctr(), + _ => panic!("Aes KEY_SIZE must be 16, 24 or 32") + }; + ctx.cipher_init::(t, key.as_ptr(), ptr::null()).unwrap(); + ffi::EVP_CIPHER_CTX_set_padding(ctx.as_ptr(), 0); + } + let ret = AesCtr(ctx); + ret + } + + //`iv` must be exactly 12 bytes in length. + pub fn set_iv(&mut self, iv: &[u8]) { + debug_assert_eq!(iv.len(), 12, "Aes IV must be 12 bytes long"); + unsafe { + self.0.cipher_init::(ptr::null(), ptr::null(), iv.as_ptr()).unwrap(); + } + } + + /// Encrypt or decrypt + #[inline(always)] + pub fn crypt(&mut self, input: &[u8], output: &mut [u8]) { + debug_assert!(output.len() >= input.len(), "output buffer must fit the size of the input buffer"); + unsafe { self.0.update::(input, output.as_mut_ptr()).unwrap() }; + } + + /// Encrypt or decrypt in place + #[inline(always)] + pub fn crypt_in_place(&mut self, data: &mut [u8]) { + let ptr = data.as_mut_ptr(); + unsafe { self.0.update::(data, ptr).unwrap() } + } +} + +const AES_BLOCK_SIZE: usize = 16; +pub struct AesEcb (CipherCtx); + +impl AesEcb { + pub fn new(key: &Secret) -> Self { + let mut ctx = CipherCtx::new().unwrap(); + unsafe { + let t = match KEY_SIZE { + 16 => ffi::EVP_aes_128_ecb(), + 24 => ffi::EVP_aes_192_ecb(), + 32 => ffi::EVP_aes_256_ecb(), + _ => panic!("Aes KEY_SIZE must be 16, 24 or 32") + }; + ctx.cipher_init::(t, key.as_ptr(), ptr::null()).unwrap(); + ffi::EVP_CIPHER_CTX_set_padding(ctx.as_ptr(), 0); + debug_assert_eq!(ffi::EVP_CIPHER_CTX_get_block_size(ctx.as_ptr()) as usize, AES_BLOCK_SIZE, "Aes block size is incorrect, something is very wrong."); + } + let ret = AesEcb(ctx); + ret + } + + /// Do not ever encrypt the same plaintext twice. Make sure data is always different between calls. + #[inline(always)] + pub fn crypt_in_place(&mut self, data: &mut [u8]) { + let ptr = data.as_mut_ptr(); + unsafe { self.0.update::(data, ptr).unwrap() } + } +} + + + +#[cfg(test)] +mod test { + use crate::init; + use super::*; + + #[test] + fn aes_256_gcm() { + init(); + let key = Secret::move_bytes([1u8; 32]); + let mut enc = AesGcm::::new(&key); + let mut dec = AesGcm::::new(&key); + + let plain = [2u8; 127]; + let iv0 = [3u8; 12]; + let iv1 = [4u8; 12]; + let mut tag_out; + let mut cipher_out = [0u8; 127]; + let mut plain_out = [0u8; 127]; + + enc.set_iv(&iv0); + enc.crypt(&plain, &mut cipher_out); + tag_out = enc.finish_encrypt(); + + dec.set_iv(&iv0); + dec.crypt(&cipher_out, &mut plain_out); + assert!(dec.finish_decrypt(&tag_out)); + + assert_eq!(plain, plain_out); + + enc.set_iv(&iv1); + enc.crypt(&plain, &mut cipher_out); + tag_out = enc.finish_encrypt(); + + dec.set_iv(&iv1); + dec.crypt(&cipher_out, &mut plain_out); + assert!(dec.finish_decrypt(&tag_out)); + + assert_eq!(plain, plain_out); + + enc.set_iv(&iv0); + enc.crypt(&plain, &mut cipher_out); + tag_out = enc.finish_encrypt(); + + dec.set_iv(&iv1); + dec.crypt(&cipher_out, &mut plain_out); + assert!(!dec.finish_decrypt(&tag_out)); + } + use super::AesGcm; + use hex_literal::hex; + use std::time::SystemTime; + + #[test] + fn quick_benchmark() { + let mut buf = [0_u8; 12345]; + for i in 1..12345 { + buf[i] = i as u8; + } + let iv = [1_u8; 12]; + + let mut c = AesGcm::::new(&Secret::move_bytes([1_u8; 32])); + + let benchmark_iterations: usize = 80000; + let start = SystemTime::now(); + for _ in 0..benchmark_iterations { + c.set_iv(&iv); + c.crypt_in_place(&mut buf); + } + let duration = SystemTime::now().duration_since(start).unwrap(); + println!( + "AES-256-GCM encrypt benchmark: {} MiB/sec", + (((benchmark_iterations * buf.len()) as f64) / 1048576.0) / duration.as_secs_f64() + ); + + let mut c = AesGcm::::new(&Secret::move_bytes([1_u8; 32])); + + let start = SystemTime::now(); + for _ in 0..benchmark_iterations { + c.set_iv(&iv); + c.crypt_in_place(&mut buf); + } + let duration = SystemTime::now().duration_since(start).unwrap(); + println!( + "AES-256-GCM decrypt benchmark: {} MiB/sec", + (((benchmark_iterations * buf.len()) as f64) / 1048576.0) / duration.as_secs_f64() + ); + } + + #[test] + fn aes_gcm_test_vectors() { + // Even though we are just wrapping other implementations, it's still good to test thoroughly! + for tv in NIST_AES_GCM_TEST_VECTORS.iter() { + let mut gcm = AesGcm::new(unsafe { &Secret::<32>::from_bytes(tv.key) }); + gcm.set_iv(tv.nonce); + gcm.aad(tv.aad); + let mut ciphertext = Vec::new(); + ciphertext.resize(tv.plaintext.len(), 0); + gcm.crypt(tv.plaintext, ciphertext.as_mut()); + let mut tag = gcm.finish_encrypt(); + assert!(tag.eq(tv.tag)); + assert!(ciphertext.as_slice().eq(tv.ciphertext)); + + let mut gcm = AesGcm::new(unsafe { &Secret::<32>::from_bytes(tv.key) }); + gcm.set_iv(tv.nonce); + gcm.aad(tv.aad); + let mut ct_copy = ciphertext.clone(); + gcm.crypt_in_place(ct_copy.as_mut()); + assert!(gcm.finish_decrypt(&tag)); + + gcm.set_iv(tv.nonce); + gcm.aad(tv.aad); + gcm.crypt_in_place(ciphertext.as_mut()); + tag[0] ^= 1; + assert!(!gcm.finish_decrypt(&tag)); + } + } + + struct GcmTV { + pub key: &'static K, + pub nonce: &'static [u8; 12], + pub aad: &'static [u8], + pub plaintext: &'static [u8], + pub ciphertext: &'static [u8], + pub tag: &'static [u8; 16], + } + + /// + const NIST_AES_GCM_TEST_VECTORS: &[GcmTV<[u8; 32]>] = &[ + GcmTV { + key: &hex!("b52c505a37d78eda5dd34f20c22540ea1b58963cf8e5bf8ffa85f9f2492505b4"), + nonce: &hex!("516c33929df5a3284ff463d7"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("bdc1ac884d332457a1d2664f168c76f0"), + }, + GcmTV { + key: &hex!("5fe0861cdc2690ce69b3658c7f26f8458eec1c9243c5ba0845305d897e96ca0f"), + nonce: &hex!("770ac1a5a3d476d5d96944a1"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("196d691e1047093ca4b3d2ef4baba216"), + }, + GcmTV { + key: &hex!("7620b79b17b21b06d97019aa70e1ca105e1c03d2a0cf8b20b5a0ce5c3903e548"), + nonce: &hex!("60f56eb7a4b38d4f03395511"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("f570c38202d94564bab39f75617bc87a"), + }, + GcmTV { + key: &hex!("7e2db00321189476d144c5f27e787087302a48b5f7786cd91e93641628c2328b"), + nonce: &hex!("ea9d525bf01de7b2234b606a"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("db9df5f14f6c9f2ae81fd421412ddbbb"), + }, + GcmTV { + key: &hex!("a23dfb84b5976b46b1830d93bcf61941cae5e409e4f5551dc684bdcef9876480"), + nonce: &hex!("5aa345908048de10a2bd3d32"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("f28217649230bd7a40a9a4ddabc67c43"), + }, + GcmTV { + key: &hex!("dfe928f86430b78add7bb7696023e6153d76977e56103b180253490affb9431c"), + nonce: &hex!("1dd0785af9f58979a10bd62d"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("a55eb09e9edef58d9f671d72207f8b3c"), + }, + GcmTV { + key: &hex!("34048db81591ee68224956bd6989e1630fcf068d7ff726ae81e5b29f548cfcfb"), + nonce: &hex!("1621d34cff2a5b250c7b76fc"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("4992ec3d57cccfa58fd8916c59b70b11"), + }, + GcmTV { + key: &hex!("a1114f8749c72b8cef62e7503f1ad921d33eeede32b0b5b8e0d6807aa233d0ad"), + nonce: &hex!("a190ed3ff2e238be56f90bd6"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("c8464d95d540fb191156fbbc1608842a"), + }, + GcmTV { + key: &hex!("ddbb99dc3102d31102c0e14b238518605766c5b23d9bea52c7c5a771042c85a0"), + nonce: &hex!("95d15ed75c6a109aac1b1d86"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("813d1da3775cacd78e96d86f036cff96"), + }, + GcmTV { + key: &hex!("1faa506b8f13a2e6660af78d92915adf333658f748f4e48fa20135a29e9abe5f"), + nonce: &hex!("e50f278d3662c99d750f60d3"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("aec7ece66b7344afd6f6cc7419cf6027"), + }, + GcmTV { + key: &hex!("f30b5942faf57d4c13e7a82495aedf1b4e603539b2e1599317cc6e53225a2493"), + nonce: &hex!("336c388e18e6abf92bb739a9"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("ddaf8ef4cb2f8a6d401f3be5ff0baf6a"), + }, + GcmTV { + key: &hex!("daf4d9c12c5d29fc3fa936532c96196e56ae842e47063a4b29bfff2a35ed9280"), + nonce: &hex!("5381f21197e093b96cdac4fa"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("7f1832c7f7cd7812a004b79c3d399473"), + }, + GcmTV { + key: &hex!("6b524754149c81401d29a4b8a6f4a47833372806b2d4083ff17f2db3bfc17bca"), + nonce: &hex!("ac7d3d618ab690555ec24408"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("db07a885e2bd39da74116d06c316a5c9"), + }, + GcmTV { + key: &hex!("cff083303ff40a1f66c4aed1ac7f50628fe7e9311f5d037ebf49f4a4b9f0223f"), + nonce: &hex!("45d46e1baadcfbc8f0e922ff"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("1687c6d459ea481bf88e4b2263227906"), + }, + GcmTV { + key: &hex!("3954f60cddbb39d2d8b058adf545d5b82490c8ae9283afa5278689041d415a3a"), + nonce: &hex!("8fb3d98ef24fba03746ac84f"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("7fb130855dfe7a373313361f33f55237"), + }, + GcmTV { + key: &hex!("78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"), + nonce: &hex!("d79cf22d504cc793c3fb6c8a"), + plaintext: b"", + aad: &hex!("b96baa8c1c75a671bfb2d08d06be5f36"), + ciphertext: b"", + tag: &hex!("3e5d486aa2e30b22e040b85723a06e76"), + }, + GcmTV { + key: &hex!("4457ff33683cca6ca493878bdc00373893a9763412eef8cddb54f91318e0da88"), + nonce: &hex!("699d1f29d7b8c55300bb1fd2"), + plaintext: b"", + aad: &hex!("6749daeea367d0e9809e2dc2f309e6e3"), + ciphertext: b"", + tag: &hex!("d60c74d2517fde4a74e0cd4709ed43a9"), + }, + GcmTV { + key: &hex!("4d01c96ef9d98d4fb4e9b61be5efa772c9788545b3eac39eb1cacb997a5f0792"), + nonce: &hex!("32124a4d9e576aea2589f238"), + plaintext: b"", + aad: &hex!("d72bad0c38495eda50d55811945ee205"), + ciphertext: b"", + tag: &hex!("6d6397c9e2030f5b8053bfe510f3f2cf"), + }, + GcmTV { + key: &hex!("8378193a4ce64180814bd60591d1054a04dbc4da02afde453799cd6888ee0c6c"), + nonce: &hex!("bd8b4e352c7f69878a475435"), + plaintext: b"", + aad: &hex!("1c6b343c4d045cbba562bae3e5ff1b18"), + ciphertext: b"", + tag: &hex!("0833967a6a53ba24e75c0372a6a17bda"), + }, + GcmTV { + key: &hex!("22fc82db5b606998ad45099b7978b5b4f9dd4ea6017e57370ac56141caaabd12"), + nonce: &hex!("880d05c5ee599e5f151e302f"), + plaintext: b"", + aad: &hex!("3e3eb5747e390f7bc80e748233484ffc"), + ciphertext: b"", + tag: &hex!("2e122a478e64463286f8b489dcdd09c8"), + }, + GcmTV { + key: &hex!("fc00960ddd698d35728c5ac607596b51b3f89741d14c25b8badac91976120d99"), + nonce: &hex!("a424a32a237f0df530f05e30"), + plaintext: b"", + aad: &hex!("cfb7e05e3157f0c90549d5c786506311"), + ciphertext: b"", + tag: &hex!("dcdcb9e4004b852a0da12bdf255b4ddd"), + }, + GcmTV { + key: &hex!("69749943092f5605bf971e185c191c618261b2c7cc1693cda1080ca2fd8d5111"), + nonce: &hex!("bd0d62c02ee682069bd1e128"), + plaintext: b"", + aad: &hex!("6967dce878f03b643bf5cdba596a7af3"), + ciphertext: b"", + tag: &hex!("378f796ae543e1b29115cc18acd193f4"), + }, + GcmTV { + key: &hex!("fc4875db84819834b1cb43828d2f0ae3473aa380111c2737e82a9ab11fea1f19"), + nonce: &hex!("da6a684d3ff63a2d109decd6"), + plaintext: b"", + aad: &hex!("91b6fa2ab4de44282ffc86c8cde6e7f5"), + ciphertext: b"", + tag: &hex!("504e81d2e7877e4dad6f31cdeb07bdbd"), + }, + GcmTV { + key: &hex!("9f9fe7d2a26dcf59d684f1c0945b5ffafe0a4746845ed317d35f3ed76c93044d"), + nonce: &hex!("13b59971cd4dd36b19ac7104"), + plaintext: b"", + aad: &hex!("190a6934f45f89c90067c2f62e04c53b"), + ciphertext: b"", + tag: &hex!("4f636a294bfbf51fc0e131d694d5c222"), + }, + GcmTV { + key: &hex!("ab9155d7d81ba6f33193695cf4566a9b6e97a3e409f57159ae6ca49655cca071"), + nonce: &hex!("26a9f8d665d163ddb92d035d"), + plaintext: b"", + aad: &hex!("4a203ac26b951a1f673c6605653ec02d"), + ciphertext: b"", + tag: &hex!("437ea77a3879f010691e288d6269a996"), + }, + GcmTV { + key: &hex!("0f1c62dd80b4a6d09ee9d787b1b04327aa361529ffa3407560414ac47b7ef7bc"), + nonce: &hex!("c87613a3b70d2a048f32cb9a"), + plaintext: b"", + aad: &hex!("8f23d404be2d9e888d219f1b40aa29e8"), + ciphertext: b"", + tag: &hex!("36d8a309acbb8716c9c08c7f5de4911e"), + }, + GcmTV { + key: &hex!("f3e954a38956df890255f01709e457b33f4bfe7ecb36d0ee50f2500471eebcde"), + nonce: &hex!("9799abd3c52110c704b0f36a"), + plaintext: b"", + aad: &hex!("ddb70173f44157755b6c9b7058f40cb7"), + ciphertext: b"", + tag: &hex!("b323ae3abcb415c7f420876c980f4858"), + }, + GcmTV { + key: &hex!("0625316534fbd82fe8fdea50fa573c462022c42f79e8b21360e5a6dce66dde28"), + nonce: &hex!("da64a674907cd6cf248f5fbb"), + plaintext: b"", + aad: &hex!("f24d48e04f5a0d987ba7c745b73b0364"), + ciphertext: b"", + tag: &hex!("df360b810f27e794673a8bb2dc0d68b0"), + }, + GcmTV { + key: &hex!("28f045ac7c4fe5d4b01a9dcd5f1ad3efff1c4f170fc8ab8758d97292868d5828"), + nonce: &hex!("5d85de95b0bdc44514143919"), + plaintext: b"", + aad: &hex!("601d2158f17ab3c7b4dcb6950fbdcdde"), + ciphertext: b"", + tag: &hex!("42c3f527418cf2c3f5d5010ccba8f271"), + }, + GcmTV { + key: &hex!("19310eed5f5f44eb47075c105eb31e36bbfd1310f741b9baa66a81138d357242"), + nonce: &hex!("a1247120138fa4f0e96c992c"), + plaintext: b"", + aad: &hex!("29d746414333e0f72b4c3f44ec6bfe42"), + ciphertext: b"", + tag: &hex!("d5997e2f956df3fa2c2388e20f30c480"), + }, + GcmTV { + key: &hex!("886cff5f3e6b8d0e1ad0a38fcdb26de97e8acbe79f6bed66959a598fa5047d65"), + nonce: &hex!("3a8efa1cd74bbab5448f9945"), + plaintext: b"", + aad: &hex!("519fee519d25c7a304d6c6aa1897ee1eb8c59655"), + ciphertext: b"", + tag: &hex!("f6d47505ec96c98a42dc3ae719877b87"), + }, + GcmTV { + key: &hex!("6937a57d35fe6dc3fc420b123bccdce874bd4c18f2e7c01ce2faf33d3944fd9d"), + nonce: &hex!("a87247797b758467b96310f3"), + plaintext: b"", + aad: &hex!("ead961939a33dd578f8e93db8b28a1c85362905f"), + ciphertext: b"", + tag: &hex!("599de3ecf22cb867f03f7f6d9fd7428a"), + }, + GcmTV { + key: &hex!("e65a331776c9dcdf5eba6c59e05ec079d97473bcdce84daf836be323456263a0"), + nonce: &hex!("ca731f768da01d02eb8e727e"), + plaintext: b"", + aad: &hex!("d7274586517bf1d8da866f4a47ad0bcf2948a862"), + ciphertext: b"", + tag: &hex!("a8abe7a8085f25130a7206d37a8aaf6d"), + }, + GcmTV { + key: &hex!("77bb1b6ef898683c981b2fc899319ffbb6000edca22566b634db3a3c804059e5"), + nonce: &hex!("354a19283769b3b991b05a4c"), + plaintext: b"", + aad: &hex!("b5566251a8a8bec212dc08113229ff8590168800"), + ciphertext: b"", + tag: &hex!("e5c2dccf8fc7f296cac95d7071cb8d7d"), + }, + GcmTV { + key: &hex!("2a43308d520a59ed51e47a3a915e1dbf20a91f0886506e481ad3de65d50975b4"), + nonce: &hex!("bcbf99733d8ec90cb23e6ce6"), + plaintext: b"", + aad: &hex!("eb88288729289d26fe0e757a99ad8eec96106053"), + ciphertext: b"", + tag: &hex!("01b0196933aa49123eab4e1571250383"), + }, + GcmTV { + key: &hex!("2379b35f85102db4e7aecc52b705bc695d4768d412e2d7bebe999236783972ff"), + nonce: &hex!("918998c4801037b1cd102faa"), + plaintext: b"", + aad: &hex!("b3722309e0f066225e8d1659084ebb07a93b435d"), + ciphertext: b"", + tag: &hex!("dfb18aee99d1f67f5748d4b4843cb649"), + }, + GcmTV { + key: &hex!("98b3cb7537167e6d14a2a8b2310fe94b715c729fdf85216568150b556d0797ba"), + nonce: &hex!("bca5e2e5a6b30f18d263c6b2"), + plaintext: b"", + aad: &hex!("260d3d72db70d677a4e3e1f3e11431217a2e4713"), + ciphertext: b"", + tag: &hex!("d6b7560f8ac2f0a90bad42a6a07204bc"), + }, + GcmTV { + key: &hex!("30341ae0f199b10a15175d00913d5029526ab7f761c0b936a7dd5f1b1583429d"), + nonce: &hex!("dbe109a8ce5f7b241e99f7af"), + plaintext: b"", + aad: &hex!("fe4bdee5ca9c4806fa024715fbf66ab845285fa7"), + ciphertext: b"", + tag: &hex!("ae91daed658e26c0d126575147af9899"), + }, + GcmTV { + key: &hex!("8232b6a1d2e367e9ce1ea8d42fcfc83a4bc8bdec465c6ba326e353ad9255f207"), + nonce: &hex!("cd2fb5ff9cf0f39868ad8685"), + plaintext: b"", + aad: &hex!("02418b3dde54924a9628de06004c0882ae4ec3bb"), + ciphertext: b"", + tag: &hex!("d5308f63708675ced19b2710afd2db49"), + }, + GcmTV { + key: &hex!("f9a132a50a508145ffd8294e68944ea436ce0f9a97e181f5e0d6c5d272311fc1"), + nonce: &hex!("892991b54e94b9d57442ccaf"), + plaintext: b"", + aad: &hex!("4e0fbd3799da250fa27911b7e68d7623bfe60a53"), + ciphertext: b"", + tag: &hex!("89881d5f786e6d53e0d19c3b4e6887d8"), + }, + GcmTV { + key: &hex!("0e3746e5064633ea9311b2b8427c536af92717de20eeb6260db1333c3d8a8114"), + nonce: &hex!("f84c3a1c94533f7f25cec0ac"), + plaintext: b"", + aad: &hex!("8c0d41e6135338c8d3e63e2a5fa0a9667ec9a580"), + ciphertext: b"", + tag: &hex!("479ccfe9241de2c474f2edebbb385c09"), + }, + GcmTV { + key: &hex!("b997e9b0746abaaed6e64b63bdf64882526ad92e24a2f5649df055c9ec0f1daa"), + nonce: &hex!("f141d8d71b033755022f0a7d"), + plaintext: b"", + aad: &hex!("681d6583f527b1a92f66caae9b1d4d028e2e631e"), + ciphertext: b"", + tag: &hex!("b30442a6395ec13246c48b21ffc65509"), + }, + GcmTV { + key: &hex!("87660ec1700d4e9f88a323a49f0b871e6aaf434a2d8448d04d4a22f6561028e0"), + nonce: &hex!("2a07b42593cd24f0a6fe406c"), + plaintext: b"", + aad: &hex!("1dd239b57185b7e457ced73ebba043057f049edd"), + ciphertext: b"", + tag: &hex!("df7a501049b37a534098cb45cb9c21b7"), + }, + GcmTV { + key: &hex!("ea4792e1f1717b77a00de4d109e627549b165c82af35f33ca7e1a6b8ed62f14f"), + nonce: &hex!("7453cc8b46fe4b93bcc48381"), + plaintext: b"", + aad: &hex!("46d98970a636e7cd7b76fc362ae88298436f834f"), + ciphertext: b"", + tag: &hex!("518dbacd36be6fba5c12871678a55516"), + }, + GcmTV { + key: &hex!("34892cdd1d48ca166f7ba73182cb97336c2c754ac160a3e37183d6fb5078cec3"), + nonce: &hex!("ed3198c5861b78c71a6a4eec"), + plaintext: b"", + aad: &hex!("a6fa6d0dd1e0b95b4609951bbbe714de0ae0ccfa"), + ciphertext: b"", + tag: &hex!("c6387795096b348ecf1d1f6caaa3c813"), + }, + GcmTV { + key: &hex!("f4069bb739d07d0cafdcbc609ca01597f985c43db63bbaaa0debbb04d384e49c"), + nonce: &hex!("d25ff30fdc3d464fe173e805"), + plaintext: b"", + aad: &hex!("3e1449c4837f0892f9d55127c75c4b25d69be334baf5f19394d2d8bb460cbf2120e14736d0f634aa792feca20e455f11"), + ciphertext: b"", + tag: &hex!("805ec2931c2181e5bfb74fa0a975f0cf"), + }, + GcmTV { + key: &hex!("62189dcc4beb97462d6c0927d8a270d39a1b07d72d0ad28840badd4f68cf9c8b"), + nonce: &hex!("859fda5247c888823a4b8032"), + plaintext: b"", + aad: &hex!("b28d1621ee110f4c9d709fad764bba2dd6d291bc003748faac6d901937120d41c1b7ce67633763e99e05c71363fceca8"), + ciphertext: b"", + tag: &hex!("27330907d0002880bbb4c1a1d23c0be2"), + }, + GcmTV { + key: &hex!("59012d85a1b90aeb0359e6384c9991e7be219319f5b891c92c384ade2f371816"), + nonce: &hex!("3c9cde00c23912cff9689c7c"), + plaintext: b"", + aad: &hex!("e5daf473a470860b55210a483c0d1a978d8add843c2c097f73a3cda49ac4a614c8e887d94e6692309d2ed97ebe1eaf5d"), + ciphertext: b"", + tag: &hex!("048239e4e5c2c8b33890a7c950cda852"), + }, + GcmTV { + key: &hex!("4be09b408ad68b890f94be5efa7fe9c917362712a3480c57cd3844935f35acb7"), + nonce: &hex!("8f350bd3b8eea173fc7370bc"), + plaintext: b"", + aad: &hex!("2819d65aec942198ca97d4435efd9dd4d4393b96cf5ba44f09bce4ba135fc8636e8275dcb515414b8befd32f91fc4822"), + ciphertext: b"", + tag: &hex!("a133cb7a7d0471dbac61fb41589a2efe"), + }, + GcmTV { + key: &hex!("13cb965a4d9d1a36efad9f6ca1ba76386a5bb160d80b0917277102357ac7afc8"), + nonce: &hex!("f313adec42a66d13c3958180"), + plaintext: b"", + aad: &hex!("717b48358898e5ccfea4289049adcc1bb0db3b3ebd1767ac24fb2b7d37dc80ea2316c17f14fb51b5e18cd5bb09afe414"), + ciphertext: b"", + tag: &hex!("81b4ef7a84dc4a0b1fddbefe37f53852"), + }, + GcmTV { + key: &hex!("d27f1bebbbdef0edca393a6261b0338abbc491262eab0737f55246458f6668cc"), + nonce: &hex!("fc062f857886e278f3a567d2"), + plaintext: b"", + aad: &hex!("2bae92dea64aa99189de8ea4c046745306002e02cfb46a41444ce8bfcc329bd4205963d9ab5357b026a4a34b1a861771"), + ciphertext: b"", + tag: &hex!("5c5a6c4613f1e522596330d45f243fdd"), + }, + GcmTV { + key: &hex!("7b4d19cd3569f74c7b5df61ab78379ee6bfa15105d21b10bf6096699539006d0"), + nonce: &hex!("fbed5695c4a739eded97b1e3"), + plaintext: b"", + aad: &hex!("c6f2e5d663bfaf668d014550ef2e66bf89978799a785f1f2c79a2cb3eb3f2fd4076207d5f7e1c284b4af5cffc4e46198"), + ciphertext: b"", + tag: &hex!("7101b434fb90c7f95b9b7a0deeeb5c81"), + }, + GcmTV { + key: &hex!("d3431488d8f048590bd76ec66e71421ef09f655d7cf8043bf32f75b4b2e7efcc"), + nonce: &hex!("cc766e98b40a81519fa46392"), + plaintext: b"", + aad: &hex!("93320179fdb40cbc1ccf00b872a3b4a5f6c70b56e43a84fcac5eb454a0a19a747d452042611bf3bbaafd925e806ffe8e"), + ciphertext: b"", + tag: &hex!("3afcc336ce8b7191eab04ad679163c2a"), + }, + GcmTV { + key: &hex!("a440948c0378561c3956813c031f81573208c7ffa815114ef2eee1eb642e74c6"), + nonce: &hex!("c1f4ffe54b8680832eed8819"), + plaintext: b"", + aad: &hex!("253438f132b18e8483074561898c5652b43a82cc941e8b4ae37e792a8ed6ec5ce2bcec9f1ffcf4216e46696307bb774a"), + ciphertext: b"", + tag: &hex!("129445f0a3c979a112a3afb10a24e245"), + }, + GcmTV { + key: &hex!("798706b651033d9e9bf2ce064fb12be7df7308cf45df44776588cd391c49ff85"), + nonce: &hex!("5a43368a39e7ffb775edfaf4"), + plaintext: b"", + aad: &hex!("926b74fe6381ebd35757e42e8e557601f2287bfc133a13fd86d61c01aa84f39713bf99a8dc07b812f0274c9d3280a138"), + ciphertext: b"", + tag: &hex!("89fe481a3d95c03a0a9d4ee3e3f0ed4a"), + }, + GcmTV { + key: &hex!("c3aa2a39a9fef4a466618d1288bb62f8da7b1cb760ccc8f1be3e99e076f08eff"), + nonce: &hex!("9965ba5e23d9453d7267ca5b"), + plaintext: b"", + aad: &hex!("93efb6a2affc304cb25dfd49aa3e3ccdb25ceac3d3cea90dd99e38976978217ad5f2b990d10b91725c7fd2035ecc6a30"), + ciphertext: b"", + tag: &hex!("00a94c18a4572dcf4f9e2226a03d4c07"), + }, + GcmTV { + key: &hex!("14e06858008f7e77186a2b3a7928a0c7fcee22136bc36f53553f20fa5c37edcd"), + nonce: &hex!("32ebe0dc9ada849b5eda7b48"), + plaintext: b"", + aad: &hex!("6c0152abfa485b8cd67c154a5f0411f22121379774d745f40ee577b028fd0e188297581561ae972223d75a24b488aed7"), + ciphertext: b"", + tag: &hex!("2625b0ba6ee02b58bc529e43e2eb471b"), + }, + GcmTV { + key: &hex!("fbb56b11c51a093ce169a6990399c4d741f62b3cc61f9e8a609a1b6ae8e7e965"), + nonce: &hex!("9c5a953247e91aceceb9defb"), + plaintext: b"", + aad: &hex!("46cb5c4f617916a9b1b2e03272cb0590ce716498533047d73c81e4cbe9278a3686116f5632753ea2df52efb3551aea2d"), + ciphertext: b"", + tag: &hex!("4f3b82e6be4f08756071f2c46c31fedf"), + }, + GcmTV { + key: &hex!("b303bf02f6a8dbb5bc4baccab0800db5ee06de648e2fae299b95f135c9b107cc"), + nonce: &hex!("906495b67ef4ce00b44422fa"), + plaintext: b"", + aad: &hex!("872c6c370926535c3fa1baec031e31e7c6c82808c8a060742dbef114961c314f1986b2131a9d91f30f53067ec012c6b7"), + ciphertext: b"", + tag: &hex!("64dde37169082d181a69107f60c5c6bb"), + }, + GcmTV { + key: &hex!("29f5f8075903063cb6d7050669b1f74e08a3f79ef566292dfdef1c06a408e1ab"), + nonce: &hex!("35f25c48b4b5355e78b9fb3a"), + plaintext: b"", + aad: &hex!("107e2e23159fc5c0748ca7a077e5cc053fa5c682ff5269d350ee817f8b5de4d3972041d107b1e2f2e54ca93b72cd0408"), + ciphertext: b"", + tag: &hex!("fee5a9baebb5be0165deaa867e967a9e"), + }, + GcmTV { + key: &hex!("03ccb7dbc7b8425465c2c3fc39ed0593929ffd02a45ff583bd89b79c6f646fe9"), + nonce: &hex!("fd119985533bd5520b301d12"), + plaintext: b"", + aad: &hex!("98e68c10bf4b5ae62d434928fc6405147c6301417303ef3a703dcfd2c0c339a4d0a89bd29fe61fecf1066ab06d7a5c31a48ffbfed22f749b17e9bd0dc1c6f8fbd6fd4587184db964d5456132106d782338c3f117ec05229b0899"), + ciphertext: b"", + tag: &hex!("cf54e7141349b66f248154427810c87a"), + }, + GcmTV { + key: &hex!("57e112cd45f2c57ddb819ea651c206763163ef016ceead5c4eae40f2bbe0e4b4"), + nonce: &hex!("188022c2125d2b1fcf9e4769"), + plaintext: b"", + aad: &hex!("09c8f445ce5b71465695f838c4bb2b00624a1c9185a3d552546d9d2ee4870007aaf3007008f8ae9affb7588b88d09a90e58b457f88f1e3752e3fb949ce378670b67a95f8cf7f5c7ceb650efd735dbc652cae06e546a5dbd861bd"), + ciphertext: b"", + tag: &hex!("9efcddfa0be21582a05749f4050d29fe"), + }, + GcmTV { + key: &hex!("a4ddf3cab7453aaefad616fd65d63d13005e9459c17d3173cd6ed7f2a86c921f"), + nonce: &hex!("06177b24c58f3be4f3dd4920"), + plaintext: b"", + aad: &hex!("f95b046d80485e411c56b834209d3abd5a8a9ddf72b1b916679adfdde893044315a5f4967fd0405ec297aa332f676ff0fa5bd795eb609b2e4f088db1cdf37ccff0735a5e53c4c12173a0026aea42388a7d7153a8830b8a901cf9"), + ciphertext: b"", + tag: &hex!("9d1bd8ecb3276906138d0b03fcb8c1bb"), + }, + GcmTV { + key: &hex!("24a92b24e85903cd4aaabfe07c310df5a4f8f459e03a63cbd1b47855b09c0be8"), + nonce: &hex!("22e756dc898d4cf122080612"), + plaintext: b"", + aad: &hex!("2e01b2536dbe376be144296f5c38fb099e008f962b9f0e896334b6408393bff1020a0e442477abfdb1727213b6ccc577f5e16cb057c8945a07e307264b65979aed96b5995f40250ffbaaa1a1f0eccf394015f6290f5e64dfe5ca"), + ciphertext: b"", + tag: &hex!("0d7f1aed4708a03b0c80b2a18785c96d"), + }, + GcmTV { + key: &hex!("15276fc64438578e0ec53366b90a0e23d93910fec10dc3003d9b3f3fa72db702"), + nonce: &hex!("c5e931946d5caebc227656d2"), + plaintext: b"", + aad: &hex!("3f967c83ba02e77c14e9d41185eb87f172250e93edb0f82b6742c124298ab69418358eddefa39fedc3cade9d80f036d864a59ead37c87727c56c701a8cd9634469ff31c704f5ee39354157e6558467b92824da36b1c071bedfe9"), + ciphertext: b"", + tag: &hex!("a0ffa19adcf31d061cd0dd46d24015ef"), + }, + GcmTV { + key: &hex!("ec09804a048bb854c71618b5a3a1c590910fc8a68455139b719486d2280ea59a"), + nonce: &hex!("d0b1247e7121a9276ac18ca3"), + plaintext: b"", + aad: &hex!("66b1d39d414596308e866b04476e053b71acd1cd07ce80939577ebbeace0430f7e4c0c185fe1d97ac7569950c83db40bbed0f1d173e1aa0dc28b4773705032d97551f7fcef7f55e4b69f88df650032dfc5232c156641104b5397"), + ciphertext: b"", + tag: &hex!("8440e6d864ab778f9be478f203162d86"), + }, + GcmTV { + key: &hex!("4adf86bfa547725e4b80365a5a327c107040facfff007dc35102066bd6a995c4"), + nonce: &hex!("b1018cc331911255a55a0795"), + plaintext: b"", + aad: &hex!("053ca4428c990b4456d3c1895d5d52deff675896de9faa53d8cf241255f4a31dc3399f15d83be380256616e5af043abfb37552655adf4f2e68dda24bc3736951134f359d9c0e288bb798b6c3ea46239231a3cb280066db9862e7"), + ciphertext: b"", + tag: &hex!("c7424f38084930bfc5edc1fcf1e7608d"), + }, + GcmTV { + key: &hex!("3c92e0d1e39a3c766573c4646c768c402ccff48a56682a93433512abf0456e00"), + nonce: &hex!("d57f319e590191841d2b98bd"), + plaintext: b"", + aad: &hex!("840d9394aa240e52ba152151c12acd1cd44881e8549dc832b71a45da7efcc74fb7e844d9fec25e5d497b8fb8f47f328c8d99045a19e366e6ce5e19dc26f67a81a94fa6c97c314d886e7b56eff144c09f6fa519db6308bc73422e"), + ciphertext: b"", + tag: &hex!("cb4ef72dbda4914d7434f9686f823e2f"), + }, + GcmTV { + key: &hex!("b66ba39733888a9e0a2e30452844161dc33cb383c02ce16c4efad5452509b5b5"), + nonce: &hex!("937cb665e37059b2e40359f2"), + plaintext: b"", + aad: &hex!("dbcd9694a8834860034e8ede3a5bd419fcf91c005ad99f488aa623f581622093f9d41e6a68e20fd202f302bcfc4417ca89090bfcd4d5224e8ff4eb5bbae4ecb27baa239f59c2f99cd47c0a269c497906b41a8f320a3dd2dc2de2"), + ciphertext: b"", + tag: &hex!("bdc8249302d9d666cf7168317c118743"), + }, + GcmTV { + key: &hex!("2f9fcd1043455695638c991a1b1d35ad57c18ef0727322747b7991abc3d787f3"), + nonce: &hex!("d06cf548f62869f4bed7a318"), + plaintext: b"", + aad: &hex!("432023c12cf1f614e1005112a17dbe6c5d54022a95cf6335a5bc55004c75f09a5699739ecf928e1c78d03dad5096a17a084afe1cc22041bbdfb5985bd08b0dcc59d2b08cd86b7aad597c4cd7b4ba6d6a7370b83995a6511a1f9e"), + ciphertext: b"", + tag: &hex!("322eb84fb6884f10cfb766c2e3ec779e"), + }, + GcmTV { + key: &hex!("21c5839a63e1230c06b086341c96ab74585e69bced94332caeb1fa77d510c24f"), + nonce: &hex!("5ab6e5ed6ee733be7250858c"), + plaintext: b"", + aad: &hex!("c92f08e30f67d42516133c48e97b65cc9e124365e110aba5e7b2cbe83debcc99edf4eb0007af052bda22d85900271b1897af4fd9ace6a2d09d984ac3de79d05de0b105a81b12542b2c48e27d409fd6992dd062d6055d6fc66842"), + ciphertext: b"", + tag: &hex!("53b0e450309d146459f2a1e46c9d9e23"), + }, + GcmTV { + key: &hex!("25a144f0fdba184125d81a87e7ed82fad33c701a094a67a81fe4692dc69afa31"), + nonce: &hex!("8bf575c5c2b45b4efc6746e4"), + plaintext: b"", + aad: &hex!("2a367cb0d3b7c5b8320b3cf95e82b6ba0bba1d09a2055885dedd9ef5641623682212103238b8f775cce42ddfd4f66382f2c3a5e8d6dff9163ced83580a75705574026b55db90f75f8abb3014c9a707021dedc075da38bebbf0a0"), + ciphertext: b"", + tag: &hex!("0e2ce9cac8dfcedb0572ec6cab621efd"), + }, + GcmTV { + key: &hex!("42bc841b3b03a807cd366a35ecec8a6aebef7c4cba0ec8cb8da0da41df8ccef1"), + nonce: &hex!("1bd46f85df5f4b3a126ee315"), + plaintext: b"", + aad: &hex!("ede3dcddbdc7d8e5d034c01661332ec349cb4e7a9fbaaf7abe2c647587db86cd427ce66908e070bc49ef838747e06b45ac486dfbea6f8698b4625e21e69db8327ec05cfd74accbe67ab644948cdb554af179a1e264e08fe16641"), + ciphertext: b"", + tag: &hex!("633ab6aaf5b32b53a794f6be6262fc5f"), + }, + GcmTV { + key: &hex!("c25b8500be73210596fc4a9fb4d84d1a3379a91e3f0a6cc4177d996046627679"), + nonce: &hex!("b56c48c0c4cd318b20437002"), + plaintext: b"", + aad: &hex!("bcd14dd043fdc8c327957e1c1428698543ec8602521a7c74788d296d37d4828f10f90656883d2531c702ebda2dc0a68dab00154577454455fad986ff8e0973098dbf370ff703ed98222b945726ed9be7909210ddbc672e99fdd9"), + ciphertext: b"", + tag: &hex!("8171d4ff60fe7ef6de0288326aa73223"), + }, + GcmTV { + key: &hex!("dd95259bc8eefa3e493cb1a6ba1d8ee2b341d5230d50363094a2cc3433b3d9b9"), + nonce: &hex!("a1a6ced084f4f13990750a9e"), + plaintext: b"", + aad: &hex!("d46db90e13684b26149cb3b7f776e228a0538fa1892c418aaad07aa08d3076f4a52bee8f130ff560db2b8d1009e9260fa6233fc22733e050c9e4f7cc699062765e261dffff1159e9060b26c8065dfab04055b58c82c340d987c9"), + ciphertext: b"", + tag: &hex!("9e120b01899fe2cb3e3a0b0c05045940"), + }, + GcmTV { + key: &hex!("31bdadd96698c204aa9ce1448ea94ae1fb4a9a0b3c9d773b51bb1822666b8f22"), + nonce: &hex!("0d18e06c7c725ac9e362e1ce"), + plaintext: &hex!("2db5168e932556f8089a0622981d017d"), + aad: b"", + ciphertext: &hex!("fa4362189661d163fcd6a56d8bf0405a"), + tag: &hex!("d636ac1bbedd5cc3ee727dc2ab4a9489"), + }, + GcmTV { + key: &hex!("460fc864972261c2560e1eb88761ff1c992b982497bd2ac36c04071cbb8e5d99"), + nonce: &hex!("8a4a16b9e210eb68bcb6f58d"), + plaintext: &hex!("99e4e926ffe927f691893fb79a96b067"), + aad: b"", + ciphertext: &hex!("133fc15751621b5f325c7ff71ce08324"), + tag: &hex!("ec4e87e0cf74a13618d0b68636ba9fa7"), + }, + GcmTV { + key: &hex!("f78a2ba3c5bd164de134a030ca09e99463ea7e967b92c4b0a0870796480297e5"), + nonce: &hex!("2bb92fcb726c278a2fa35a88"), + plaintext: &hex!("f562509ed139a6bbe7ab545ac616250c"), + aad: b"", + ciphertext: &hex!("e2f787996e37d3b47294bf7ebba5ee25"), + tag: &hex!("00f613eee9bdad6c9ee7765db1cb45c0"), + }, + GcmTV { + key: &hex!("48e6af212da1386500454c94a201640c2151b28079240e40d72d2a5fd7d54234"), + nonce: &hex!("ef0ff062220eb817dc2ece94"), + plaintext: &hex!("c7afeecec1408ad155b177c2dc7138b0"), + aad: b"", + ciphertext: &hex!("9432a620e6a22307e06a321d66846fd4"), + tag: &hex!("e3ea499192f2cd8d3ab3edfc55897415"), + }, + GcmTV { + key: &hex!("79cd8d750fc8ea62a2714edcd9b32867c7c4da906c56e23a644552f5b812e75a"), + nonce: &hex!("9bbfdb81015d2b57dead2de5"), + plaintext: &hex!("f980ad8c55ebd31ee6f98f44e92bff55"), + aad: b"", + ciphertext: &hex!("41a34d1e759c859e91b8cf5d3ded1970"), + tag: &hex!("68cd98406d5b322571e750c30aa49834"), + }, + GcmTV { + key: &hex!("130ae450c18efb851057aaa79575a0a090194be8b2c95469a0e8e380a8f48f42"), + nonce: &hex!("b269115396f81b39e0c38f47"), + plaintext: &hex!("036cf36280dee8355c82abc4c1fdb778"), + aad: b"", + ciphertext: &hex!("09f7568fd8181652e556f0dda5a49ed5"), + tag: &hex!("d10b61947cae275b7034f5259ba6fc28"), + }, + GcmTV { + key: &hex!("9c7121289aefc67090cabed53ad11658be72a5372761b9d735e81d2bfc0e3267"), + nonce: &hex!("ade1702d2051b8dd203b5419"), + plaintext: &hex!("b95bcaa2b31403d76859a4c301c50b56"), + aad: b"", + ciphertext: &hex!("628285e6489090dde1b9a60674785003"), + tag: &hex!("9f516af3f3b93d610edbc5ba6e2d115f"), + }, + GcmTV { + key: &hex!("0400b42897011fc20fd2280a52ef905d6ebf1b055b48c97067bd786d678ec4ea"), + nonce: &hex!("0abfb0a41496b453358409d9"), + plaintext: &hex!("20c8230191e35f4e9b269d59cf5521f6"), + aad: b"", + ciphertext: &hex!("dd8c38087daffbbb3ebb57ebf5ee5f78"), + tag: &hex!("bfb07aa5049ee350ec6fb1397f37087b"), + }, + GcmTV { + key: &hex!("56690798978c154ff250ba78e463765f2f0ce69709a4551bd8cb3addeda087b6"), + nonce: &hex!("cf37c286c18ad4ea3d0ba6a0"), + plaintext: &hex!("2d328124a8d58d56d0775eed93de1a88"), + aad: b"", + ciphertext: &hex!("3b0a0267f6ecde3a78b30903ebd4ca6e"), + tag: &hex!("1fd2006409fc636379f3d4067eca0988"), + }, + GcmTV { + key: &hex!("8a02a33bdf87e7845d7a8ae3c8727e704f4fd08c1f2083282d8cb3a5d3cedee9"), + nonce: &hex!("599f5896851c968ed808323b"), + plaintext: &hex!("4ade8b32d56723fb8f65ce40825e27c9"), + aad: b"", + ciphertext: &hex!("cb9133796b9075657840421a46022b63"), + tag: &hex!("a79e453c6fad8a5a4c2a8e87821c7f88"), + }, + GcmTV { + key: &hex!("23aaa78a5915b14f00cf285f38ee275a2db97cb4ab14d1aac8b9a73ff1e66467"), + nonce: &hex!("4a675ec9be1aab9632dd9f59"), + plaintext: &hex!("56659c06a00a2e8ed1ac60572eee3ef7"), + aad: b"", + ciphertext: &hex!("e6c01723bfbfa398d9c9aac8c683bb12"), + tag: &hex!("4a2f78a9975d4a1b5f503a4a2cb71553"), + }, + GcmTV { + key: &hex!("fe647f72e95c469027f4d7778429a2e8e90d090268d4fa7df44f65c0af84190a"), + nonce: &hex!("4f40ae2a83a9b480e4686c90"), + plaintext: &hex!("31fd6cce3f0d2b0d18e0af01c4b5609e"), + aad: b"", + ciphertext: &hex!("54c769fd542f0d3022f1335a7c410b61"), + tag: &hex!("106cb7cbcd967da6cad646039c753474"), + }, + GcmTV { + key: &hex!("fce205515f0551b1797128a2132d8e002ea5ab1beb99c5e7e8329398cf478e10"), + nonce: &hex!("20209a0d4a3b9bfddeef39a0"), + plaintext: &hex!("7d663e31a2f6ffef17e536684dae2e87"), + aad: b"", + ciphertext: &hex!("6529712030fb659dc11ab719f6a4c402"), + tag: &hex!("58699464d062aba505508c576c4e07dd"), + }, + GcmTV { + key: &hex!("cd33003ff18f6f3369dd9a35381261ba660ce0a769864475152e677066540337"), + nonce: &hex!("20bffe9064ce76d275204138"), + plaintext: &hex!("acaf53d4dd2fe12cd44450b0d9adcc92"), + aad: b"", + ciphertext: &hex!("a669fda0444b180165f90815dc992b33"), + tag: &hex!("6e31f5a56c4790cedcc2368c51d0639b"), + }, + GcmTV { + key: &hex!("381873b5f9579d8241f0c61f0d9e327bb9f678691714aaa48ea7d92678d43fe7"), + nonce: &hex!("3fc8bec23603158e012d65e5"), + plaintext: &hex!("7b622e9b408fe91f6fa800ecef838d36"), + aad: b"", + ciphertext: &hex!("8ca4de5b4e2ab22431a009f3ddd01bae"), + tag: &hex!("b3a7f80e3edf322622731550164cd747"), + }, + GcmTV { + key: &hex!("92e11dcdaa866f5ce790fd24501f92509aacf4cb8b1339d50c9c1240935dd08b"), + nonce: &hex!("ac93a1a6145299bde902f21a"), + plaintext: &hex!("2d71bcfa914e4ac045b2aa60955fad24"), + aad: &hex!("1e0889016f67601c8ebea4943bc23ad6"), + ciphertext: &hex!("8995ae2e6df3dbf96fac7b7137bae67f"), + tag: &hex!("eca5aa77d51d4a0a14d9c51e1da474ab"), + }, + GcmTV { + key: &hex!("7da3bccaffb3464178ca7c722379836db50ce0bfb47640b9572163865332e486"), + nonce: &hex!("c04fd2e701c3dc62b68738b3"), + plaintext: &hex!("fd671cab1ee21f0df6bb610bf94f0e69"), + aad: &hex!("fec0311013202e4ffdc4204926ae0ddf"), + ciphertext: &hex!("6be61b17b7f7d494a7cdf270562f37ba"), + tag: &hex!("5e702a38323fe1160b780d17adad3e96"), + }, + GcmTV { + key: &hex!("a359b9584beec189527f8842dda6b6d4c6a5db2f889635715fa3bcd7967c0a71"), + nonce: &hex!("8616c4cde11b34a944caba32"), + plaintext: &hex!("33a46b7539d64c6e1bdb91ba221e3007"), + aad: &hex!("e1796fca20cb3d3ab0ade69b2a18891e"), + ciphertext: &hex!("b0d316e95f3f3390ba10d0274965c62b"), + tag: &hex!("aeaedcf8a012cc32ef25a62790e9334c"), + }, + GcmTV { + key: &hex!("8c83238e7b3b58278200b54940d779d0a0750673aab0bf2f5808dd15dc1a8c49"), + nonce: &hex!("70f8f4ebe408f61a35077956"), + plaintext: &hex!("6e57f8572dd5b2247410f0d4c7424186"), + aad: &hex!("e1cbf83924f1b8d1014b97db56c25a15"), + ciphertext: &hex!("4a11acb9611251df01f79f16f8201ffb"), + tag: &hex!("9732be4ad0569586753d90fabb06f62c"), + }, + GcmTV { + key: &hex!("fe21919bb320af8744c9e862b5b7cf8b81ad3ad1fb0e7d7d710a688d3eed154b"), + nonce: &hex!("38bc3917aa1925f40850c082"), + plaintext: &hex!("aea53b1ea79a71c3a4b83c92a0c979f1"), + aad: &hex!("f24102fa7e6b819bb3ff47f90844db9c"), + ciphertext: &hex!("2fb8b697bf8f7a2eea25fe702a3ae0a9"), + tag: &hex!("5be77e827737ad7c4f79e0e343fe010d"), + }, + GcmTV { + key: &hex!("499e8a3f39ac4abc62dd4e1a6133042e74785972b6b501bfaffefc8bb29fd312"), + nonce: &hex!("5c728dbbef9dcc0ff483e891"), + plaintext: &hex!("b44014c7fc6b3f15d126a881fbe2bd2b"), + aad: &hex!("82300dab592f840ae991efa3623a6203"), + ciphertext: &hex!("578fe5e1aef7619f392c027c838a239e"), + tag: &hex!("49fdc724f05eb56ea9e3fd14b61ad567"), + }, + GcmTV { + key: &hex!("2775d3e7a8fc665bb9a59edc22eb136add194824ed8f2adb449177404c739716"), + nonce: &hex!("73f16c054e166696df679a2e"), + plaintext: &hex!("c9f3bce40310b6c0a3fd62742e4f3617"), + aad: &hex!("23199a1c9b7244913952ca4f7e7444f4"), + ciphertext: &hex!("72c85c10756266d00a9a4340b2cb3137"), + tag: &hex!("5881e4565b42394e62d5daf0d1ebc593"), + }, + GcmTV { + key: &hex!("425a341c67e6d873870f54e2cc5a2984c734e81729c0dbaaeee050309f1ce674"), + nonce: &hex!("0c09b7b4e9e097317b791433"), + plaintext: &hex!("76dda644b3faca509b37def0319f30cc"), + aad: &hex!("4300a721547846761e4bf8df2b6ec1d6"), + ciphertext: &hex!("1dd80daa0fc9e47e43897c64a6663f5e"), + tag: &hex!("5d69b34d8c3b12f783faaea7e93685db"), + }, + GcmTV { + key: &hex!("dd5c48988a6e9f9f60be801ba5c090f224a1b53d6601ec5858eab7b7784a8d5e"), + nonce: &hex!("43562d48cd4110a66d9ca64e"), + plaintext: &hex!("2cda2761fd0be2b03f9714fce8d0e303"), + aad: &hex!("55e568309fc6cb0fb0e0e7d2511d4116"), + ciphertext: &hex!("f2cfb6f5446e7aa172adfcd66b92a98d"), + tag: &hex!("e099c64d2966e780ce7d2eaae97f47d8"), + }, + GcmTV { + key: &hex!("2bdad9c3e5de6e4e101b7f16e727c690db95eacf4b0ccbdec7aab6fb9fc80486"), + nonce: &hex!("a5cf3967d244074d2153c576"), + plaintext: &hex!("84c867ec36cc6fe3487f5192fdfd390b"), + aad: &hex!("6bdae72b5ed0e4d1f10064ebd02cf85c"), + ciphertext: &hex!("53c8fa437c1b5fa91abbd6508b3878ce"), + tag: &hex!("7859593d127324be8b9cf1d43ead4d82"), + }, + GcmTV { + key: &hex!("01e92afdb5d956be12d38b09252966c5728d26f3c72e54bb62bbc55ae590e716"), + nonce: &hex!("886e55364eeb90e87ac79bbe"), + plaintext: &hex!("6c6570385f3d6d937e54a3a2e95bc9eb"), + aad: &hex!("c76aabb7f44b942a81feb50249d2131a"), + ciphertext: &hex!("423b749a507f437b431114962180d352"), + tag: &hex!("54d859320a49281368297da7d4e37326"), + }, + GcmTV { + key: &hex!("46921319217598cb64256fe49abca1f18a9d1dbca360f8630afb5c6137cb42b5"), + nonce: &hex!("290827cf981415760ec3b37a"), + plaintext: &hex!("480d32b191c2e201aed03680f93ea2da"), + aad: &hex!("535ee80b12f581baaf8027e6e3900e31"), + ciphertext: &hex!("89ace4f73583fb1ac260dea99b54055e"), + tag: &hex!("7b8b8358363c175a66e6fb48d1bc2222"), + }, + GcmTV { + key: &hex!("e18cd9b01b59bc0de1502efb74c3642997fe7dfb8d80c8a73caffe7726807d33"), + nonce: &hex!("bd087b384c40841b3839ba02"), + plaintext: &hex!("62f7f3a12b8c5f6747fcfe192d850b19"), + aad: &hex!("fe69f837961b1d83f27fbf68e6791a1c"), + ciphertext: &hex!("bacfccf6397424e96caf761e71dd3e3a"), + tag: &hex!("9c9a5b65420f83e766c7c051680e8e58"), + }, + GcmTV { + key: &hex!("68ee463b3153d9a042e5e3685def6f90f7659a203441de337fb94831cbeae9b2"), + nonce: &hex!("9c4a9254c485236cf838de7e"), + plaintext: &hex!("73731054514f3fb0102c7a1df809f212"), + aad: &hex!("d55820e7acbb27d23c7df32938cf7d42"), + ciphertext: &hex!("13b7823cac37f40eb811e3c966d16a67"), + tag: &hex!("76288c33a66ff6451e2cec6c4ba4935e"), + }, + GcmTV { + key: &hex!("64bd594daf279e3172f9aa713b35b7fce8f43083792bc7d1f10919131f400a7b"), + nonce: &hex!("339a2c40e9d9507c34228649"), + plaintext: &hex!("2b794cb4c98450463a3e225ab33f3f30"), + aad: &hex!("2b9544807b362ebfd88146e2b02c9270"), + ciphertext: &hex!("434d703b8d1069ad8036288b7c2d1ae6"), + tag: &hex!("7d31e397c0c943cbb16cfb9539a6a17d"), + }, + GcmTV { + key: &hex!("83688deb4af8007f9b713b47cfa6c73e35ea7a3aa4ecdb414dded03bf7a0fd3a"), + nonce: &hex!("0b459724904e010a46901cf3"), + plaintext: &hex!("33d893a2114ce06fc15d55e454cf90c3"), + aad: &hex!("794a14ccd178c8ebfd1379dc704c5e208f9d8424"), + ciphertext: &hex!("cc66bee423e3fcd4c0865715e9586696"), + tag: &hex!("0fb291bd3dba94a1dfd8b286cfb97ac5"), + }, + GcmTV { + key: &hex!("013f549af9ecc2ee0259d5fc2311059cb6f10f6cd6ced3b543babe7438a88251"), + nonce: &hex!("e45e759a3bfe4b652dc66d5b"), + plaintext: &hex!("79490d4d233ba594ece1142e310a9857"), + aad: &hex!("b5fe530a5bafce7ae79b3c15471fa68334ab378e"), + ciphertext: &hex!("619443034e4437b893a45a4c89fad851"), + tag: &hex!("6da8a991b690ff6a442087a356f8e9e3"), + }, + GcmTV { + key: &hex!("4b2815c531d2fceab303ec8bca739a97abca9373b7d415ad9d6c6fa9782518cc"), + nonce: &hex!("47d647a72b3b5fe19f5d80f7"), + plaintext: &hex!("d3f6a645779e07517bd0688872e0a49b"), + aad: &hex!("20fd79bd0ee538f42b7264a5d098af9a30959bf5"), + ciphertext: &hex!("00be3b295899c455110a0ae833140c4d"), + tag: &hex!("d054e3997c0085e87055b79829ec3629"), + }, + GcmTV { + key: &hex!("2503b909a569f618f7eb186e4c4b81dbfe974c553e2a16a29aea6846293e1a51"), + nonce: &hex!("e4fa3dc131a910c75f61a38b"), + plaintext: &hex!("188d542f8a815695c48c3a882158958c"), + aad: &hex!("f80edf9b51f8fd66f57ce9af5967ec028245eb6e"), + ciphertext: &hex!("4d39b5494ca12b770099a8eb0c178aca"), + tag: &hex!("adda54ad0c7f848c1c72758406b49355"), + }, + GcmTV { + key: &hex!("6c8f34f14569f625aad7b232f59fa8b187ab24fadcdbaf7d8eb45da8f914e673"), + nonce: &hex!("6e2f886dd97be0e4c5bd488b"), + plaintext: &hex!("ac8aa71cfbf1e968ef5515531576e314"), + aad: &hex!("772ec23e49dbe1d923b1018fc2bef4b579e46241"), + ciphertext: &hex!("cb0ce70345e950b429e710c47d9c8d9b"), + tag: &hex!("9dceea98c438b1d9c154e5386180966d"), + }, + GcmTV { + key: &hex!("182fe560614e1c6adfd1566ac44856df723dcb7e171a7c5796b6d3f83ef3d233"), + nonce: &hex!("8484abca6877a8622bfd2e3c"), + plaintext: &hex!("92ca46b40f2c75755a28943a68a8d81c"), + aad: &hex!("2618c0f7fe97772a0c97638cca238a967987c5e5"), + ciphertext: &hex!("ed1941b330f4275d05899f8677d73637"), + tag: &hex!("3fe93f1f5ffa4844963de1dc964d1996"), + }, + GcmTV { + key: &hex!("65a290b2fabe7cd5fb2f6d627e9f1f79c2c714bffb4fb86e9df3e5eab28320ed"), + nonce: &hex!("5a5ed4d5592a189f0737cf47"), + plaintext: &hex!("662dda0f9c8f92bc906e90288100501c"), + aad: &hex!("ad1c7f7a7fb7f8fef4819c1dd1a67e007c99a87b"), + ciphertext: &hex!("8eb7cb5f0418da43f7e051c588776186"), + tag: &hex!("2b15399ee23690bbf5252fb26a01ae34"), + }, + GcmTV { + key: &hex!("7b720d31cd62966dd4d002c9ea41bcfc419e6d285dfab0023ba21b34e754cb2f"), + nonce: &hex!("e1fb1f9229b451b72f89c333"), + plaintext: &hex!("1aa2948ed804f24e5d783b1bc959e086"), + aad: &hex!("7fdae42d0cf6a13873d3092c41dd3a19a9ea90f9"), + ciphertext: &hex!("8631d3c6b6647866b868421b6a3a548a"), + tag: &hex!("a31febbe169d8d6f391a5e60ef6243a0"), + }, + GcmTV { + key: &hex!("a2aec8f3438ab4d6d9ae566a2cf9101ad3a3cc20f83674c2e208e8ca5abac2bb"), + nonce: &hex!("815c020686c52ae5ddc81680"), + plaintext: &hex!("a5ccf8b4eac22f0e1aac10b8d62cdc69"), + aad: &hex!("86120ce3aa81445a86d971fdb7b3b33c07b25bd6"), + ciphertext: &hex!("364c9ade7097e75f99187e5571ec2e52"), + tag: &hex!("64c322ae7a8dbf3d2407b12601e50942"), + }, + GcmTV { + key: &hex!("e5104cfcbfa30e56915d9cf79efcf064a1d4ce1919b8c20de47eab0c106d67c1"), + nonce: &hex!("d1a5ec793597745c7a31b605"), + plaintext: &hex!("7b6b303381441f3fdf9a0cf79ee2e9e0"), + aad: &hex!("9931678430ff3aa765b871b703dfcc43fb1b8594"), + ciphertext: &hex!("425d48a76001bed9da270636be1f770b"), + tag: &hex!("76ff43a157a6748250a3fdee7446ed22"), + }, + GcmTV { + key: &hex!("f461d1b75a72d942aa096384dc20cf8514a9ad9a9720660add3f318284ca3014"), + nonce: &hex!("d0495f25874e5714a1149e94"), + plaintext: &hex!("d9e4b967fdca8c8bae838a5da95d7cce"), + aad: &hex!("1133f372e3db22456e7ea92f29dff7f1d92864d3"), + ciphertext: &hex!("1df711e6fbcba22b0564c6e36051a3f7"), + tag: &hex!("f0563b7494d5159289b644afc4e8e397"), + }, + GcmTV { + key: &hex!("a9a98ef5076ceb45c4b60a93aeba102507f977bc9b70ded1ad7d422108cdaa65"), + nonce: &hex!("54a1bc67e3a8a3e44deec232"), + plaintext: &hex!("ede93dd1eaa7c9859a0f709f86a48776"), + aad: &hex!("10cfef05e2cd1edd30db5c028bd936a03df03bdc"), + ciphertext: &hex!("3d3b61f553ab59a9f093cac45afa5ac0"), + tag: &hex!("7814cfc873b3398d997d8bb38ead58ef"), + }, + GcmTV { + key: &hex!("d9e17c9882600dd4d2edbeae9a224d8588ff5aa210bd902d1080a6911010c5c5"), + nonce: &hex!("817f3501e977a45a9e110fd4"), + plaintext: &hex!("d74d968ea80121aea0d7a2a45cd5388c"), + aad: &hex!("d216284811321b7591528f0af5a3f2768429e4e8"), + ciphertext: &hex!("1587c8b00e2c197f32a21019feeee99a"), + tag: &hex!("63ea43c03d00f8ae5724589cb6f64480"), + }, + GcmTV { + key: &hex!("ec251b45cb70259846db530aff11b63be00a951827020e9d746659bef2b1fd6f"), + nonce: &hex!("e41652e57b624abd84fe173a"), + plaintext: &hex!("75023f51ba81b680b44ea352c43f700c"), + aad: &hex!("92dd2b00b9dc6c613011e5dee477e10a6e52389c"), + ciphertext: &hex!("29274599a95d63f054ae0c9b9df3e68d"), + tag: &hex!("eb19983b9f90a0e9f556213d7c4df0f9"), + }, + GcmTV { + key: &hex!("61f71fdbe29f56bb0fdf8a9da80cef695c969a2776a88e62cb3d39fca47b18e3"), + nonce: &hex!("77f1d75ab0e3a0ed9bf2b981"), + plaintext: &hex!("110a5c09703482ef1343396d0c3852d3"), + aad: &hex!("c882691811d3de6c927d1c9f2a0f15f782d55c21"), + ciphertext: &hex!("7e9daa4983283facd29a93037eb70bb0"), + tag: &hex!("244930965913ebe0fa7a0eb547b159fb"), + }, + GcmTV { + key: &hex!("e4fed339c7b0cd267305d11ab0d5c3273632e8872d35bdc367a1363438239a35"), + nonce: &hex!("0365882cf75432cfd23cbd42"), + plaintext: &hex!("fff39a087de39a03919fbd2f2fa5f513"), + aad: &hex!("8a97d2af5d41160ac2ff7dd8ba098e7aa4d618f0f455957d6a6d0801796747ba57c32dfbaaaf15176528fe3a0e4550c9"), + ciphertext: &hex!("8d9e68f03f7e5f4a0ffaa7650d026d08"), + tag: &hex!("3554542c478c0635285a61d1b51f6afa"), + }, + GcmTV { + key: &hex!("bd93c7bfc850b33c86484e04859ed374beaee9d613bdca6f072d1d182aeebd04"), + nonce: &hex!("6414c7749effb9af7e5c4762"), + plaintext: &hex!("b6de1699931f2252efc98d491d22ee12"), + aad: &hex!("76f43d5664c7ac1b4de43f2e2c4bc71f6918e0762f40e5dd5597ef4ff215855a4fd26d3ea6ccbd4e10789948fa692433"), + ciphertext: &hex!("a6c7e52f2018b823506e48064ffe6ee4"), + tag: &hex!("175e653c9036f66835f10cf1c82d1741"), + }, + GcmTV { + key: &hex!("df0125a826c7fe49243d89cbdd7562aafd2103fa2783cf901976b5f5d481cdcb"), + nonce: &hex!("f63c1461b2964929d035d9bf"), + plaintext: &hex!("cc27ff68f981e4d6fb1918427c3d6b9e"), + aad: &hex!("0bf602ec47593e44ac1b88244455fa04359e338057b0a0ba057cb506d546d4d6d8538640fe7dd3d5864bd33b5a33d768"), + ciphertext: &hex!("b8fa150af93078574ac7c4615f88647d"), + tag: &hex!("4584553ac3ccdf8b0efae517652d3a18"), + }, + GcmTV { + key: &hex!("d33ea320cec0e43dfc1e3d1d8ccca2dd7e30ad3ea18ad7141cc83645d18771ae"), + nonce: &hex!("540009f321f41d00202e473b"), + plaintext: &hex!("e56cdd522d526d8d0cd18131a19ee4fd"), + aad: &hex!("a41162e1fe875a81fbb5667f73c5d4cbbb9c3956002f7867047edec15bdcac1206e519ee9c238c371a38a485c710da60"), + ciphertext: &hex!("8b624b6f5483f42f36c85dc7cf3e9609"), + tag: &hex!("2651e978d9eaa6c5f4db52391ac9bc7c"), + }, + GcmTV { + key: &hex!("7f35f5979b23321e6449f0f5ef99f2e7b796d52d560cc77aabfb621dbf3a6530"), + nonce: &hex!("cf0f6f3eed4cf374da714c77"), + plaintext: &hex!("4e9f53affdb5b1e91bf423d29c54401a"), + aad: &hex!("a676d35d93e12bfe0603f6aef2c3dd892a9b1ad22d476c3509d313256d4e98e4dda4e46e93b54cf59c2b90608a8fb3ad"), + ciphertext: &hex!("1714d55ef83df2927ee95ff22f1d90e6"), + tag: &hex!("4962a91d1071dd2c05934968d21eb43c"), + }, + GcmTV { + key: &hex!("06ecc134993506cf539b1e797a519fe1d9f34321fe6a0b05f1936285c35c93a4"), + nonce: &hex!("f2190861d1140bd080d79906"), + plaintext: &hex!("519c1fc45a628ec16c515427796711f7"), + aad: &hex!("a04f2723c2521181437ad63f7910481d5de98f3e2561cec3a177bdbcb5048619738852e0fb212a3caa741a353e4e89a8"), + ciphertext: &hex!("b36c793224ce3bb1b54144398fbdedb6"), + tag: &hex!("0030e6e84f6f8eb474ce8e071c2953dd"), + }, + GcmTV { + key: &hex!("734fa8b423b91e0ecccc7f554480eef57a82423a9f92b28d464320fba405a71c"), + nonce: &hex!("a6b5c78bb5791f4d121390ce"), + plaintext: &hex!("b496a99b39e0e94bb5829cfc3d7b3856"), + aad: &hex!("9ce25ff9b55dfa04e4271999a47cba8af8e83a390b090d1c4306b40ce8882624b662ff5867896396789295c19ec80d07"), + ciphertext: &hex!("904081a40484bb6454fc52cb6674e737"), + tag: &hex!("6a0787cf3921a71c35b5054954527823"), + }, + GcmTV { + key: &hex!("d106280b84f25b294f71c261f66a65c2efd9680e19f50316d237975052796392"), + nonce: &hex!("cfc6aa2aeba468c66bf4553f"), + plaintext: &hex!("57e937f8b9b814e965bb569fcf63aaac"), + aad: &hex!("012a43f9903a3808bf34fd6f77d831d9154205ded589964cae60d2e49c856b7a4100a55c8cd02f5e476f62e988dcbd2b"), + ciphertext: &hex!("c835f5d4fd30fe9b2edb4aff24803c60"), + tag: &hex!("e88426bb4619807f18a9cc9839754777"), + }, + GcmTV { + key: &hex!("81eb63bc47aba313d964a5335cfb039051520b3112fa54cab368e5243947d450"), + nonce: &hex!("18cc5dd875753ff51cc6f441"), + plaintext: &hex!("45f51399dff6a0dcd43f35256616d6be"), + aad: &hex!("24f766c56777312494245a4e6c7dbebbae4026e0907eadbc20a488982678161de7b924473c0a81ee59a0fa6905952b33"), + ciphertext: &hex!("a2fc7b0784ec4233142f9cde12ab9e98"), + tag: &hex!("4e60b8561cacfe7133740cd2bddefaa0"), + }, + GcmTV { + key: &hex!("0a997863786a4e97332224ed484ffca508b166f0603687200d99fd6accd45d83"), + nonce: &hex!("7a9acabd4b8d3e1036293a07"), + plaintext: &hex!("9d2c9ff39f57c96ecce287c68c5cd6eb"), + aad: &hex!("525fc5ac7fe93c183a3ef7c75e3fbd52dce956855aff385966f4d79966bdb3ec2019c466584d21bfee74511a77d82adb"), + ciphertext: &hex!("238441c65b2a1c41b302da0f52d40770"), + tag: &hex!("c351d93ab9491cdfb7fa15e7a251de22"), + }, + GcmTV { + key: &hex!("acbfeb7c595b704960c1097e93d3906534c23444c8acc1f8e969ce6c3fe8a46b"), + nonce: &hex!("28922ecac3013806c11660e6"), + plaintext: &hex!("e0d8c52d60c6ed6980abd4348f3f96f1"), + aad: &hex!("b1fe886107013ebdeb19315a9d096ed81803951a508f56f68202a7df00bebae0742dd1128c200952a049ef0cd7cfe4e6"), + ciphertext: &hex!("56fe1cf2c1d193b9b33badbf846f52cc"), + tag: &hex!("1cb4c14f50a54a64813ffc810f31f9f8"), + }, + GcmTV { + key: &hex!("f6e768475c33269596da1f5a5a38547a885006bebb9134e21274d8456e9f5529"), + nonce: &hex!("3579e5ac51d1f1b82ea352ca"), + plaintext: &hex!("0aa481f856f8b96547672e5ae5370f9e"), + aad: &hex!("6929b6053ba148304366164f79b1b9f592c9cb9bce65094cec5cb8b0fc63e20d86b17c8bf5a7b089a63c5eac1824ee93"), + ciphertext: &hex!("b2f4edf5f0b0bfc590fead6239b0f2fb"), + tag: &hex!("2540ceb5ef247c95d63df84c46468533"), + }, + GcmTV { + key: &hex!("2ca76112300bed65b87ba6ec887cd514f4633c1c96565fec8e3e69ae2ba88401"), + nonce: &hex!("964864510a8c957dcfb97d2f"), + plaintext: &hex!("0aff24b4c5aa45b81ce08ec2439be446"), + aad: &hex!("5aebdfd153a18763f36ecc9e8e9a01cb7b3f21e435b35b0da937c67e87c9ec058d08060a95e1eda0a5ab6546cca45094"), + ciphertext: &hex!("03da1f5a1403dbdd9f75a26113608ec0"), + tag: &hex!("a1c215d0c552a6061aa2b60afc3667a6"), + }, + GcmTV { + key: &hex!("c0ff018b6c337dde685c8279cf6de59d7ce4b288032b819e074b671e72abbc91"), + nonce: &hex!("f12e6b1e85f87ef4c9ccbb7b"), + plaintext: &hex!("f7512bbfa2d40d14be71b70f70701c99"), + aad: &hex!("0577e8d28c0e9e5cde3c8b2a1a2aa8e2fc3ec8e96768405fcfbd623be7fc4e2e395c59b5b3a8ea117ef211320bc1f857"), + ciphertext: &hex!("0187b4c2d52486b4417e5a013d553e5e"), + tag: &hex!("dba451e7339be8ebed3ea9683d1b4552"), + }, + GcmTV { + key: &hex!("d90c6948ac2353867e943069196a2c4d0c4d51e34e2505661b1d76f3e5f17ac5"), + nonce: &hex!("07e5623f474e2f0fe9f4c7d2"), + plaintext: &hex!("8a9fb1b384c0d1728099a4f7cb002f07"), + aad: &hex!("0de97574ae1bc6d3ef06c6ce03513ca47dff4728803e0aacc50564ee32b775fd535f5c8c30186550d99bff6f384af2dd"), + ciphertext: &hex!("4234a3a9fb199c3b293357983e8ac30b"), + tag: &hex!("d51e6f071dbab126f5fc9732967108ef"), + }, + GcmTV { + key: &hex!("80d755e24d129e68a5259ec2cf618e39317074a83c8961d3768ceb2ed8d5c3d7"), + nonce: &hex!("7598c07ba7b16cd12cf50813"), + plaintext: &hex!("5e7fd1298c4f15aa0f1c1e47217aa7a9"), + aad: &hex!("0e94f4c48fd0c9690c853ad2a5e197c5de262137b69ed0cdfa28d8d12413e4ffff15374e1cccb0423e8ed829a954a335ed705a272ad7f9abd1057c849bb0d54b768e9d79879ec552461cc04adb6ca0040c5dd5bc733d21a93702"), + ciphertext: &hex!("5762a38cf3f2fdf3645d2f6696a7eead"), + tag: &hex!("8a6708e69468915c5367573924fe1ae3"), + }, + GcmTV { + key: &hex!("dda7977efa1be95a0e41ed8bcd2aa648621945c95a9e28b63919e1d92d269fc3"), + nonce: &hex!("053f6e1be42af8894a6e86a0"), + plaintext: &hex!("6fa9b08176e9963927afba1e5f969a42"), + aad: &hex!("cb5114a001989339657427eb88329d6ce9c69694dc91a69b7557d62184e57832ec76d162fc9c47490bb3d78e5899445cecf85d36cb1f07fed5a3d82aaf7e9590f3ed74ad13b13c8adbfc7f29d7b151448d6f29d11d0bd3d03b76"), + ciphertext: &hex!("d4adbff3ec8edade29b9a1b748c31b54"), + tag: &hex!("3b331733c753858c22d309ceb0f9488c"), + }, + GcmTV { + key: &hex!("d7da934ad057dc06bd1ec234fcc4efdc5119037a440b5827de25915f22dd47e5"), + nonce: &hex!("1b54c4ea37d2395ef70dcc72"), + plaintext: &hex!("86d5567658361198348207ede7a46da6"), + aad: &hex!("735de4596a80e64e38a12ab24ef73881d6ed3b533cb2c101025c3615acd2114150feeca84ade4e563bc4a300eb4a0cd97a184a293f0ac063e4f3c61e7fcdb331bcc6459fafaf0e2dda881f34eb717f4ee8c4b6890d3ef59721f3"), + ciphertext: &hex!("70a1c1d7c200ba5ae1b6f29917bb19f2"), + tag: &hex!("a25d51cccb198bed33de0b98df249c2d"), + }, + GcmTV { + key: &hex!("930ebb4b9b9c35094be374cc0b700c437b3c46b45d489a716c30f93cd5f986c9"), + nonce: &hex!("7a21e5febd82ec9b97bfbe83"), + plaintext: &hex!("980086665d08a365f6bbe20ae51116f7"), + aad: &hex!("9f2ed5f6cf9e2d6505d3c99a8f81a7dfc5658dd085eba966c8b3206230973a086ec36fe948573baee108fca941bce53dad73180877cd497976209c1adf8a9861f0215560df064caf0ef2f99445c11816f5b8deeafedd682b5fb2"), + ciphertext: &hex!("05baaefdeb0c33674a8064a2e9951aaf"), + tag: &hex!("2ec7efd2564d4e09a6ab852f3af49939"), + }, + GcmTV { + key: &hex!("70213d8949a65f463d13206071fab1b4c6b614fd3cee0d340d2d806de6714a93"), + nonce: &hex!("f8529d3e4f155cbb1ffb3d0a"), + plaintext: &hex!("47d47a5fd32a2a416f921cc7f00c0f81"), + aad: &hex!("112360db39b867dabaaa1d777bd881df2104b69fba15a4f37a832f5da38ad8a8c7c46db93e5b4eadf8b9a5a75508ad1457994c133c5ac85509eedfb13b90a2cf6c56a3c778582939362008608b08f9c4866a0e38744572114598"), + ciphertext: &hex!("b220b69bd851a17fbc5b725fb912f11e"), + tag: &hex!("4c3436943d58501c0826ae5827bc063e"), + }, + GcmTV { + key: &hex!("7a5834230ebbbf616630f2edb3ad4320182433c0546ac1e34bc9fd046e4a0ed9"), + nonce: &hex!("d27dd6212b6defdcbbc701bb"), + plaintext: &hex!("b4def1251427ade064a9614e353dda3f"), + aad: &hex!("3bc12f3bb88ea4f8a2184959bb9cd68911a78458b27e9b528ccecafe7f13f303dc714722875f26b136d18a3acfe82b53ad5e13c71f3f6db4b0fd59fffd9cd4422c73f2c31ac97010e5edf5950dc908e8df3d7e1cbf7c34a8521e"), + ciphertext: &hex!("88f94965b4350750e11a2dc139ccaef1"), + tag: &hex!("8a61f0166e70c9bfdd198403e53a68a5"), + }, + GcmTV { + key: &hex!("c3f10586f246aacadcce3701441770c03cfec940afe1908c4c537df4e01c50a0"), + nonce: &hex!("4f52faa1fa67a0e5f4196452"), + plaintext: &hex!("79d97ea3a2edd65045821ea745a44742"), + aad: &hex!("46f9a22b4e52e1526513a952dbee3b91f69595501e0177d50ff364638588c08d92fab8c58a969bdcc84c468d8498c4f06392b99ed5e0c484507fc48dc18d87c40e2ed848b43150be9d36f14cf2cef1310ba4a745adcc7bdc41f6"), + ciphertext: &hex!("560cf716e56190e9397c2f103629eb1f"), + tag: &hex!("ff7c9124879644e80555687d273c55d8"), + }, + GcmTV { + key: &hex!("ad70ebcf889e88b867ded0e4838ca66d6991499046a5671d99e91ed463ae78b1"), + nonce: &hex!("561e13b335718fcbee364100"), + plaintext: &hex!("82d5568872a4cef12238c0feb14f0fb4"), + aad: &hex!("e037bd7306eec185b9cb4e3bf295232da19005957086d62e6fb342284f05feaa0e81d6c95071e7e4d7b6aad7b00f7e7863dd0fc16303a8304bb8855305f28067f4be71eed95ff90e046382116229f0fd3d2c3ef2e87e0d0e7950"), + ciphertext: &hex!("771c6d091f8190ddbdb8886d9ce2ebd5"), + tag: &hex!("5009abd1ebeb26dab852346ea6d8aee3"), + }, + GcmTV { + key: &hex!("a452fa24b381e7165ee90f3371c2b0db2176f848a0354c78e92f2f1f89bbc511"), + nonce: &hex!("4bd904dfe18241eb5455d912"), + plaintext: &hex!("3f43df23ea940f3680a4b679b56db579"), + aad: &hex!("64f1a9d21deb183cff84f1aef5be83dbfc72e275f229eb5d59ace143605e8901dfa8f4724be24c86b5429bc84b629971fe1f9663b7537427b45dfb67d5f04506df4ee2c33d7f15af9f6e86058b131b7e6042b43a55bf6915f048"), + ciphertext: &hex!("c054974c4562f8536aef2734f10e09fc"), + tag: &hex!("2c5cafaf7b1f7581c5ec13080994e33c"), + }, + GcmTV { + key: &hex!("209ea3c4dd0420a4d63dbb72099a0202c9b0709f3b1221565f890511eef8005b"), + nonce: &hex!("43775083e4008816129f5d40"), + plaintext: &hex!("b4967f8c4fb1b34b6ff43a22d34fae5c"), + aad: &hex!("9abc653a2347fc6e5a8cb9bdc251dff7c56109797c387494c0ed55570330961eb5b11087603e08ad293d0dd55571008e62d1163f67cf829e28d27beba65553bd11d8838f8a7a5f1fe05500befbaf97839801e99ecf998882c707"), + ciphertext: &hex!("a8d22a6e25232938d3f8600a66be80da"), + tag: &hex!("2ef93cc03c17bbfb6626144697fd2422"), + }, + GcmTV { + key: &hex!("dabd63ac5274b26842c2695c9850d7accc1693ee2aeee1e2e1338bbbc5b80f87"), + nonce: &hex!("fd6790d620f12870b1d99b31"), + plaintext: &hex!("4a28048f5683679a557630a661f030e2"), + aad: &hex!("e4a06b9b205a7faadb21dc7fea8a0de0e013d717b61b24ec42f81afc8cdbc055573e971375da2fa5103a091317eab13b6a110ea211af257feabf52abafec23fd5b114b013d5c052199020573f8b7b7ae6958f733e87efa0426c2"), + ciphertext: &hex!("196d0345df259b47665bc233b798ebba"), + tag: &hex!("b0729d8b427ad048a7396cedf2257338"), + }, + GcmTV { + key: &hex!("b238df5e52e649d4b0a05e53020ac59e7d5bf49b8d04f8c30c356ed62dba9ed1"), + nonce: &hex!("f153f093c9a3479f999eda04"), + plaintext: &hex!("d48e779766afa73d7e04fc6fc3fa825e"), + aad: &hex!("45b5df0c15140e5ce7a19f4e02834e6027971e3e0e719626c29081a6301e95c71214345afac1908bb75ff2d3281261e6c5f41dc4e4796f054174a64f8e177f3f33321edfbd263e204135699428a09f34eb344211bfb9fac9afba"), + ciphertext: &hex!("b1989eb510843d8f35205dc3f949522f"), + tag: &hex!("616089990729228f673099514824d9b4"), + }, + GcmTV { + key: &hex!("f3dc2456d3b8947591a2d82b7319226b0f346cd4361bcc13b56da43e072a2774"), + nonce: &hex!("7a8acb5a84d7d01e3c00499e"), + plaintext: &hex!("ad075da908231ff9aae30daa6b847143"), + aad: &hex!("5e6be069effee27d34a8087c0d193f9f13e6440dc9fabfe24f6c867f831d06789d0dce92b2e3ff3ab9fe14202a8b42f384c25e3f3753dd503ec907a9b877f1707d64e4ac42909a7dee00c87c4a09d04de331515460ed101f5187"), + ciphertext: &hex!("9f224f2a1a1fbaade8b87b748971c0ac"), + tag: &hex!("cb5089d9dfaebf98e4b36ebc5f9a1a50"), + }, + GcmTV { + key: &hex!("f5a56b69a1562c77e8edebc327a20295c2eba7d406d899a622c53539626c9d72"), + nonce: &hex!("a395b8aca4508a6a5f3cb4d8"), + plaintext: &hex!("7de4638701bd2b600d7f8d26da7a75bc"), + aad: &hex!("2e4fca2b163e4403971716015386cd81bdd1e57f00f2936da408098341011f2644a38ddad799f70eaa54f6e430d4853ff2b9c44a35123670879a83120bd555c76b95b70de0c8054f9d08539a5795e70a2446d7b9fab3f7887c6b"), + ciphertext: &hex!("6508be2698ba9889b4e445b99190a5c5"), + tag: &hex!("3394106f257c2e15c815430f60bc24ba"), + }, + GcmTV { + key: &hex!("376371a780947256c52f07d80bb25a4d7e919ca8bd693b1a0ccbca748d2ce620"), + nonce: &hex!("27d7170f6f70f2fc40dfca78"), + plaintext: &hex!("7a279f9f8568b7c307490549b259226c"), + aad: &hex!("272c3559398ad774fa4b6895afc92870b2b92d310fa0debf0b7960e1fe38bfda64acd2fef26d6b177d8ab11d8afceee77374c6c18ad405d5ae323ad65fb6b04f0c809319133712f47636c5e042f15ed02f37ee7a10c643d7b178"), + ciphertext: &hex!("32284379d8c40ec18ee5774085d7d870"), + tag: &hex!("dcdee1a757f9758c944d296b1dabe7b2"), + }, + GcmTV { + key: &hex!("82c4f12eeec3b2d3d157b0f992d292b237478d2cecc1d5f161389b97f999057a"), + nonce: &hex!("7b40b20f5f397177990ef2d1"), + plaintext: &hex!("982a296ee1cd7086afad976945"), + aad: b"", + ciphertext: &hex!("ec8e05a0471d6b43a59ca5335f"), + tag: &hex!("113ddeafc62373cac2f5951bb9165249"), + }, + GcmTV { + key: &hex!("db4340af2f835a6c6d7ea0ca9d83ca81ba02c29b7410f221cb6071114e393240"), + nonce: &hex!("40e438357dd80a85cac3349e"), + plaintext: &hex!("8ddb3397bd42853193cb0f80c9"), + aad: b"", + ciphertext: &hex!("b694118c85c41abf69e229cb0f"), + tag: &hex!("c07f1b8aafbd152f697eb67f2a85fe45"), + }, + GcmTV { + key: &hex!("acad4a3588a7c5ec67832baee242b007c8f42ed7425d5a7e57b1070b7be2677e"), + nonce: &hex!("b11704ba368abadf8b0c2b98"), + plaintext: &hex!("2656b5fbec8a3666cad5f460b7"), + aad: b"", + ciphertext: &hex!("35c7114cabe39203df19413a99"), + tag: &hex!("16f4c7e5becf00db1223476a14c43ebc"), + }, + GcmTV { + key: &hex!("e5a0eb92cc2b064e1bc80891faf1fab5e9a17a9c3a984e25416720e30e6c2b21"), + nonce: &hex!("4742357c335913153ff0eb0f"), + plaintext: &hex!("8499893e16b0ba8b007d54665a"), + aad: b"", + ciphertext: &hex!("eb8e6175f1fe38eb1acf95fd51"), + tag: &hex!("88a8b74bb74fda553e91020a23deed45"), + }, + GcmTV { + key: &hex!("e78c477053f5dae5c02941061d397bc38dda5de3c9c8660a19de66c56c57fd22"), + nonce: &hex!("4f52c67c2bb748d192a5a4e2"), + plaintext: &hex!("91593e21e1f883af5c32d9be07"), + aad: b"", + ciphertext: &hex!("e37fbc56b0af200a7aa1bbe34e"), + tag: &hex!("29fe54eaaccf5e382601a15603c9f28c"), + }, + GcmTV { + key: &hex!("d0b13482037639aa797471a52b60f353b42e0ed271daa4f38a9293191cb78b72"), + nonce: &hex!("40fb7cae46adf3771bf3756a"), + plaintext: &hex!("938f40ac8e0e3b956aac5e9184"), + aad: b"", + ciphertext: &hex!("7dca05a1abe81928ccfb2164dd"), + tag: &hex!("5ea53ee170d9ab5f6cc047854e47cf60"), + }, + GcmTV { + key: &hex!("46da5ec688feead76a1ddcd60befb45074a2ef2254d7be26abdfd84629dbbc32"), + nonce: &hex!("9fb3b2b03925f476fc9a35f3"), + plaintext: &hex!("a41adc9fb4e25a8adef1180ec8"), + aad: b"", + ciphertext: &hex!("f55d4cbe9b14cea051fe7a2477"), + tag: &hex!("824753da0113d21186699dbb366c0589"), + }, + GcmTV { + key: &hex!("de3adf89f2fe246c07b0ce035f4af73cf2f65e5034dcfecfe9d7690ae1bdbd96"), + nonce: &hex!("a94aa4df0d8451644a5056c0"), + plaintext: &hex!("96825f6d6301db14a8d78fc2f4"), + aad: b"", + ciphertext: &hex!("784c6c3c24a022637cbc907c48"), + tag: &hex!("1eeaeddcdb4c72c4e8966950a319a4ef"), + }, + GcmTV { + key: &hex!("03c362288883327f6289bc1824e1c329ce485e0ce0e8d3405245283cf0f2eae2"), + nonce: &hex!("5de9f882c915c72729b2245c"), + plaintext: &hex!("f5c1c8d41de01d9c08d9f47ece"), + aad: b"", + ciphertext: &hex!("61af621953a126a2d1de559e92"), + tag: &hex!("fbdeb761238f2b70c5fb3dde0a7978f3"), + }, + GcmTV { + key: &hex!("e9ead7c59100b768aa6367d80c04a49bcd19fa8cc2e158dc8edeec3ea39b657d"), + nonce: &hex!("e81854665d2e0a97150fbab3"), + plaintext: &hex!("f8ccf69c52a873695367a42940"), + aad: b"", + ciphertext: &hex!("af2a7199602ee9ed2020c7b4cd"), + tag: &hex!("29715945ab1c034ecfcd91a466fc822e"), + }, + GcmTV { + key: &hex!("bc3e5b0fe423205904c32f870b9adec9d736a1616624043e819533fa97ed9b79"), + nonce: &hex!("335fe5180135673ce1a75144"), + plaintext: &hex!("295df9665eef999204f92acf24"), + aad: b"", + ciphertext: &hex!("3ac2a8a1b505a84677adfdb396"), + tag: &hex!("21f20aa0bb77d46d7290bc9c97a7a7bd"), + }, + GcmTV { + key: &hex!("ce889c73e0d64e272aba4bf9777afc7ee6457ddc9626ad931708ed7530d71b99"), + nonce: &hex!("fe61a6cda62fecd4e3b0c562"), + plaintext: &hex!("e2ae40ba5b4103b1a3066c1b57"), + aad: b"", + ciphertext: &hex!("185aa3508a37e6712b28191ec2"), + tag: &hex!("9ec1d567585aa467730cce92e536728e"), + }, + GcmTV { + key: &hex!("41e0cb1aed2fe53e0b688acb042a0c710a3c3ae3205b07c0af5191073abdfba9"), + nonce: &hex!("2f56e35216d88d34d08f6872"), + plaintext: &hex!("6482df0e4150e73dac51dc3220"), + aad: b"", + ciphertext: &hex!("9cb09b9927dfbe0f228e0a4307"), + tag: &hex!("fe7e87a596d63e2ab2aae46b64d466e8"), + }, + GcmTV { + key: &hex!("52a7662954d525cb00602b1ff5e937d41065ac4b921e284ffac73c04cfd462a0"), + nonce: &hex!("baffe73856ab1a47fb1feebf"), + plaintext: &hex!("9d0b5ca712f97caa1875d3ad87"), + aad: b"", + ciphertext: &hex!("fd01165380aedd6be226a66af3"), + tag: &hex!("35a492e39952c26456850b0172d723d1"), + }, + GcmTV { + key: &hex!("c4badb9766986faeb888b1db33060a9cd1f02e1afe7aaaea072d905750cb7352"), + nonce: &hex!("cc6966e9d81a298a561416d4"), + plaintext: &hex!("de68fb51731b45e7c2c5063923"), + aad: b"", + ciphertext: &hex!("f5be41f2c8c32e01098d433057"), + tag: &hex!("c82b1b012916ab6ed851d59829dad8ab"), + }, + GcmTV { + key: &hex!("dad89d9be9bba138cdcf8752c45b579d7e27c3dbb40f53e771dd8cfd500aa2d5"), + nonce: &hex!("cfb2aec82cfa6c7d89ee72ff"), + plaintext: &hex!("b526ba1050177d05b0f72f8d67"), + aad: &hex!("6e43784a91851a77667a02198e28dc32"), + ciphertext: &hex!("8b29e66e924ecae84f6d8f7d68"), + tag: &hex!("1e365805c8f28b2ed8a5cadfd9079158"), + }, + GcmTV { + key: &hex!("0d35d3dbd99cd5e088caf686b1cead9defe0c6001463e92e6d9fcdc2b0dcbaf6"), + nonce: &hex!("f9139eb9368d69ac48479d1f"), + plaintext: &hex!("5e2103eb3e739298c9f5c6ba0e"), + aad: &hex!("825cc713bb41c789c1ace0f2d0dd3377"), + ciphertext: &hex!("8ff3870eec0176d9f0c6c1b1a2"), + tag: &hex!("344234475538dc78c01f249f673e0862"), + }, + GcmTV { + key: &hex!("d35d64f1872bdcb422228f0d63f8e48977ed68d143f648ae2cd852f944b0e6dd"), + nonce: &hex!("0b2184aadbe8b515924dda5e"), + plaintext: &hex!("c8f999aa1a08871d74db490cf3"), + aad: &hex!("888f328d9e9eebbb9cb2704b5b880d66"), + ciphertext: &hex!("ad0d5e7c1065a34b27a256d144"), + tag: &hex!("8c8e7076950f7f2aeba62e1e761650d5"), + }, + GcmTV { + key: &hex!("9484b7ce3c118a8a2d556c2f7ba41fca34f60c9ea1070171459c9e7487c9537e"), + nonce: &hex!("87bc033522ae84d2abe863c5"), + plaintext: &hex!("14d8004793190563825e273dda"), + aad: &hex!("07ee18737b9bf8223979a01c59a90eb4"), + ciphertext: &hex!("43034a2c57ccacc367796d766a"), + tag: &hex!("4c981ca8b6e9e52092f5435e7ef55fbb"), + }, + GcmTV { + key: &hex!("4f4539e4a80ec01a14d6bb1bae0010f8a8b3f2cd0ac01adf239a9b2b755f0614"), + nonce: &hex!("2b6f00ce1570432bf52fdcac"), + plaintext: &hex!("820cc9389e7e74ca1cbb5a5fe6"), + aad: &hex!("0d72a13effe40544c57cc18005b998cb"), + ciphertext: &hex!("99553fdf3e777e2a4b3b6a5538"), + tag: &hex!("3cbf51640a3a93c3662c738e98fb36a2"), + }, + GcmTV { + key: &hex!("2f5e93ee24a8cd2fc6d3765f12d2179ddb8397783e136af9e0ac75f16fca451e"), + nonce: &hex!("0dc3c70a191f3722641fd701"), + plaintext: &hex!("4e96463793cdeda403668c4aee"), + aad: &hex!("ebab30cbcc99905354e4ee6f07c7db87"), + ciphertext: &hex!("ab03f8ca7b1b150bdc26d4e691"), + tag: &hex!("020546afff4290c4c8ef7fc38035ebfd"), + }, + GcmTV { + key: &hex!("a902e15d06ef5ad334d0ec6502e936ee53ef3f3608f7708848b11cefa92983d1"), + nonce: &hex!("b9f3e966efa43ab4aca1f2d8"), + plaintext: &hex!("393ff3dfe51cd43543e4e29fcc"), + aad: &hex!("2eaa35c00bf1cf8a81919bd04b43fd97"), + ciphertext: &hex!("7e8928b450c622ac8efe29d5a0"), + tag: &hex!("5a285de95990aef171629350bbcaf46e"), + }, + GcmTV { + key: &hex!("96657976da7692004e271b594e8304f77db9c9e77859246bb30a16239ba76a53"), + nonce: &hex!("79226100afea30644876e79a"), + plaintext: &hex!("2b0833a065c3853ee27c8968d0"), + aad: &hex!("ede7a9072a0086b9a1e55d900747cf76"), + ciphertext: &hex!("19373168f1a4052a57c6b8146f"), + tag: &hex!("debbf044325384b90a0c442d95455fb9"), + }, + GcmTV { + key: &hex!("630ea13eb5f52378b976ba2662f824dc622920759a15d2e341c446b03ea7bd5c"), + nonce: &hex!("0f9ebe47682f93d44c4db314"), + plaintext: &hex!("5c734964878a4250a3bf61fdd6"), + aad: &hex!("5ad8e9cffe622e9f35bdb185473868e5"), + ciphertext: &hex!("67cb6d943340d002d3323fcc4e"), + tag: &hex!("f5dc0f88f236560c4e2a6d6c15d3c0de"), + }, + GcmTV { + key: &hex!("c64f8a3ac230dce61b53d7b584f2309384274d4b32d404bc0c491f129781e52d"), + nonce: &hex!("7f4b3bcf763f9e2d08516a6d"), + plaintext: &hex!("fe581128ae9832d27ec58bd7ac"), + aad: &hex!("89ed6945547ee5998de1bb2d2f0bef1e"), + ciphertext: &hex!("81d7a8fdaf42b5716b892199c9"), + tag: &hex!("8183aaff4c0973fe56c02c2e0c7e4457"), + }, + GcmTV { + key: &hex!("dd73670fb221f7ee185f5818065e22dda3780fc900fc02ef00232c661d7bffce"), + nonce: &hex!("c33de65344cfbf228e1652bd"), + plaintext: &hex!("ada4d98147b30e5a901229952a"), + aad: &hex!("e1a5e52427f1c5b887575a6f2c445429"), + ciphertext: &hex!("6ed4e4bd1f953d47c5288c48f4"), + tag: &hex!("404e3a9b9f5ddab9ee169a7c7c2cf7af"), + }, + GcmTV { + key: &hex!("f6c5d9562b7dbdd0bf628ddc9d660c27841b06a638f56601f408f23aa2f66f4e"), + nonce: &hex!("67280bcb945ba6eda1c6c80a"), + plaintext: &hex!("f4caead242d180fbd2e6d32d0c"), + aad: &hex!("5b33716567b6c67b78ea5cd9349bcaaf"), + ciphertext: &hex!("fdfa39517d89ea47e6ccb0f831"), + tag: &hex!("91f9b540ca90e310a1f5c12c03d8c25e"), + }, + GcmTV { + key: &hex!("ce1d242f13de7638b870e0aa85843ea43a9255a4fa4d32057347f38e0267daeb"), + nonce: &hex!("86562be4621b4d5eb1983075"), + plaintext: &hex!("d20e59a8ef1a7de9096c3e6746"), + aad: &hex!("d48a9490a0b7deb023460608b7db79ce"), + ciphertext: &hex!("35ce69fb15d01159c52266537c"), + tag: &hex!("dc48f7b8d3feeeb26fcf63c0d2a889ec"), + }, + GcmTV { + key: &hex!("512753cea7c8a6165f2ebbd3768cc7b951029bd527b126233cf0841aff7568c7"), + nonce: &hex!("b79221802d8d97978041fe84"), + plaintext: &hex!("c63d6c1006b615275c085730b1"), + aad: &hex!("22fa0605b955a33468f3e60160b907f2"), + ciphertext: &hex!("bdb5d7f24732bdba1d2a429108"), + tag: &hex!("fca923d2941a6fd9d596b86c3afb0ad9"), + }, + GcmTV { + key: &hex!("e7b18429e3edded2d992ca27afab99e438b8aff25fc8460201fabe08e7d48ec2"), + nonce: &hex!("9db9b7320aaac68538e37bf7"), + plaintext: &hex!("c4713bc67a59928eee50039901"), + aad: &hex!("283e12a26e1646087b5b9d8c123dde1f"), + ciphertext: &hex!("a5932f92bda107d28f2a8aaa74"), + tag: &hex!("9a1357fd8ed21fe14d1ca2e597c3ef17"), + }, + GcmTV { + key: &hex!("69b458f2644af9020463b40ee503cdf083d693815e2659051ae0d039e606a970"), + nonce: &hex!("8d1da8ab5f91ccd09205944b"), + plaintext: &hex!("f3e0e09224256bf21a83a5de8d"), + aad: &hex!("036ad5e5494ef817a8af2f5828784a4bfedd1653"), + ciphertext: &hex!("c0a62d77e6031bfdc6b13ae217"), + tag: &hex!("a794a9aaee48cd92e47761bf1baff0af"), + }, + GcmTV { + key: &hex!("97431e565e8370a4879de962746a2fd67eca868b1c8e51eece2c1f94f74af407"), + nonce: &hex!("17fb63066e2726d282ecc610"), + plaintext: &hex!("e21629cc973fbe40176e621d9d"), + aad: &hex!("78e7374da7c77be5938de8dd76cf0308618306a9"), + ciphertext: &hex!("80dbd469de480389ba6c2fca52"), + tag: &hex!("4e284abb8b4f9f13c7497ae56df05fa5"), + }, + GcmTV { + key: &hex!("2b14ad68f442f7f92a72c7ba909bcf995c827b439d39a02f77c9bf8f84ab04dc"), + nonce: &hex!("4c847ea59f83d82b0ac0bc37"), + plaintext: &hex!("b3c4b26ebbfc717f51e874587d"), + aad: &hex!("8eb650f662be23191e88f1cd0422e57453090e21"), + ciphertext: &hex!("3e288478688e60178920090814"), + tag: &hex!("a928dc026986823062f37ec825c67b95"), + }, + GcmTV { + key: &hex!("11f41bf7d4b9ac7b0035ce54481ed1502ff05cfae02ffba9e502f61bfe785351"), + nonce: &hex!("06f5cf8c12c236e094c32014"), + plaintext: &hex!("bee374a32293cad5e1b28419b3"), + aad: &hex!("d15cbde6290b7723625c99ffa82a9c4c03ed214d"), + ciphertext: &hex!("3f8122deb6dbe0ff596441203d"), + tag: &hex!("60ef7f3723710b9ab744f8eea00267f7"), + }, + GcmTV { + key: &hex!("18ca572da055a2ebb479be6d6d7164e78f592b159cdea76e9fe208062d7b3fa1"), + nonce: &hex!("1b041e534ae20748262f3929"), + plaintext: &hex!("cda2fa0015361ecf684c6ba7d1"), + aad: &hex!("e8a925d7ce18dd456b071cb4c46655940efbe991"), + ciphertext: &hex!("740d8d578e2e7522c31019f471"), + tag: &hex!("f2eeb5af1bfedd10570a137fe2566c3f"), + }, + GcmTV { + key: &hex!("0de2ac5bfec9e8a859c3b6b86dde0537029cdca2d0844bf3e1d98f370e199be1"), + nonce: &hex!("1778e308e0221288f1eb4c5a"), + plaintext: &hex!("575d93a3416763cbd371b5a671"), + aad: &hex!("1362264f5655f71986aa788efd48f6fc13bb6ab4"), + ciphertext: &hex!("8f8df7ca83bf876b63c78e2c9a"), + tag: &hex!("16c74e315aab97efafbe95c9dcaa2d0c"), + }, + GcmTV { + key: &hex!("b381535a085bc4808fa7a139c7204e8a87c7145dfc8f3900df1fa9a9844fab35"), + nonce: &hex!("21ddc54d3c633f4a344a0e42"), + plaintext: &hex!("e4d958cee583010bbfd3a53021"), + aad: &hex!("7ac3ba600e08363ddb57c45a8670bb4abb869db0"), + ciphertext: &hex!("c42c81a312759cdb032aafe852"), + tag: &hex!("0c472591db3df8a7c67164591542dcc9"), + }, + GcmTV { + key: &hex!("29f21e5029ea4964b96dc6f4c34b2df4cce02f2fcf0f168ffd470e7858e0a0ad"), + nonce: &hex!("63a1c1ccc328280a90ff96fe"), + plaintext: &hex!("dc12113764c13c21432ca1ba33"), + aad: &hex!("454f447433f0948581956c4be1b19d932e89b492"), + ciphertext: &hex!("1cb45aac5def93daef806b781e"), + tag: &hex!("f4b0723c89607b66c392049ba042db63"), + }, + GcmTV { + key: &hex!("2733d3aa52a9d70a9fbd6ce2364bb5f9004902aa5eeb17446e08f2bdcc41db15"), + nonce: &hex!("196c4addb84a58beb3674a7a"), + plaintext: &hex!("cbc50cafda2544bcd291e8a025"), + aad: &hex!("c9826fe31f29b55b9d0f9da9795869a1a98befe5"), + ciphertext: &hex!("7a89cc58ccb97ad3e54ca4a9c8"), + tag: &hex!("3990d9aba210182996fdbd91c2ae4801"), + }, + GcmTV { + key: &hex!("0c4b9005b407415c19672bcd0ebe169f66fe404f22529baf55568e0901e94922"), + nonce: &hex!("e51381e959a1f5688c938576"), + plaintext: &hex!("c6179bd3451d9299b727e8bd0a"), + aad: &hex!("0b512faeb4da740dcc1e30d3c7ea61035e8570b7"), + ciphertext: &hex!("4d3fe086c990f16020b4c5eed6"), + tag: &hex!("9ff2297845814719f851ab0943117efb"), + }, + GcmTV { + key: &hex!("fee442ba37c351ec094a48794216a51d208c6a5ba0e5bdb8f3c0f0dfc1e4ed63"), + nonce: &hex!("a666f2f0d42214dbaa6a2658"), + plaintext: &hex!("a2cf3ea0e43e435261cb663a3b"), + aad: &hex!("7198c12810345403862c5374092cc79b669baecc"), + ciphertext: &hex!("713d4050f8c7fd63c0c1bf2ad9"), + tag: &hex!("250a35e2b45ba6b0fe24512f8213d8cb"), + }, + GcmTV { + key: &hex!("77f754d0cf7dbdaf75cfe965ab131e8cd39087ee6d986dec4ad2ff08ebd7f14b"), + nonce: &hex!("e28a14f3107ca190d824ed5f"), + plaintext: &hex!("54a97a74889e55d8043451c796"), + aad: &hex!("1decf0cbc50a9da6dad4a785a941e4b95ce5aaa8"), + ciphertext: &hex!("eedbf8dd81eb19184589dcb157"), + tag: &hex!("7749edd752fab7e50dbc3b0b47678bf6"), + }, + GcmTV { + key: &hex!("0523f232001e68bd65a79837bbaf70ec2e20851301d8e12fddb5926acb2100cb"), + nonce: &hex!("2bb8d5cb3ceb15107582e1fa"), + plaintext: &hex!("6b4cdc9f9c5082d86a1d2e68fe"), + aad: &hex!("1f55bba71cb63df431ef8832c77499ee3c502067"), + ciphertext: &hex!("079fe90ef517ed2f614a3cd8ce"), + tag: &hex!("539c30590a2527f1d52dfae92920794c"), + }, + GcmTV { + key: &hex!("54c56ee869ebb112a408717eb40af6937fe51eb061b42277a10537e7db346b6a"), + nonce: &hex!("5bfb63e2f3e5b2e1b4343480"), + plaintext: &hex!("75f9496b8d0ca96ed3af02dcab"), + aad: &hex!("740ab07b9c5de2afa37f0788ae5230535c18203d"), + ciphertext: &hex!("827902e58c4c8b7af976f61842"), + tag: &hex!("036ee6473c2138f2a2c2841438cb0edc"), + }, + GcmTV { + key: &hex!("d968ffdbed6ffc259b4310e2e97e42d877ef5d86d2169928c51031983779a485"), + nonce: &hex!("633d0d8d3613c83b40df99dd"), + plaintext: &hex!("08cfc65fea9b07f0c01d29dfdf"), + aad: &hex!("9aadc8d8975ec0a3f5c960ce72aaec8ef0b42034"), + ciphertext: &hex!("7b450f162bdedc301b96a3ac36"), + tag: &hex!("970d97344b1451f3f969aeb972d352e6"), + }, + GcmTV { + key: &hex!("5f671466378f470ba5f5160e2209f3d95a48b7e560625d5a08654414de23aee2"), + nonce: &hex!("6b3c08a663d04132243dd96c"), + plaintext: &hex!("c428592d9f8a7f107ec4d0df05"), + aad: &hex!("12965559c31d538f937bda6eee9c93b0387318dc5d9496fb1c3a0b9b978dbfebff2a5823974ee9d679834dbe59f7ec51"), + ciphertext: &hex!("1d8d7fe4357080c817303ce19c"), + tag: &hex!("e88d6b566fdc7b4fd62106bd2eb806ec"), + }, + GcmTV { + key: &hex!("fbcc2e7faa4295080e40b141bef829ba9d34e0691231ad6c62b5109009d74b5e"), + nonce: &hex!("7f35d9ec651c5b0966573e2f"), + plaintext: &hex!("cdd251d449551fec080425d565"), + aad: &hex!("6330d16002a8fd51762043f2df06ecc9c535c96ebe33526d8faf767c2c2af3cd01f4e02fa102f15ce0236d9c9cef26de"), + ciphertext: &hex!("514c5523024dd4c7d59bd73b15"), + tag: &hex!("d3a399843e5776aa348e3e5e56482fff"), + }, + GcmTV { + key: &hex!("04ef660ec041f5c0c24209f959ccf1a2a7cdb0dba22b134ea9f75e6f1efdae4a"), + nonce: &hex!("0f5f6fbca29358217c8a6b67"), + plaintext: &hex!("0835b312191f30f931e65aa05f"), + aad: &hex!("505e205d13ec945391c7d6516af86255e82f38433f40404d4f1e42d23b33eb9e6dea5820dad60622d3a825fc8f01a5d2"), + ciphertext: &hex!("5ddc0f5963f0290c1a0fb65be7"), + tag: &hex!("106d1f8d26abe4b4b1e590cd5d85e737"), + }, + GcmTV { + key: &hex!("42d3ff74284395fb9db9b8c7a444fa400f7fc6b985a7fec2478667c7f17cf3ba"), + nonce: &hex!("89230fbed59d1226a093ad28"), + plaintext: &hex!("d8339e3618ba57a243a27c85d6"), + aad: &hex!("60342f97310446266b2e47b18e008979d07fc181151ac0939b495e7f31de1d0e74042532840ab91686efd7a402d27a94"), + ciphertext: &hex!("9bb6fa36fa167016109d521ac0"), + tag: &hex!("600909ef32ca62951ecbdc811caa7778"), + }, + GcmTV { + key: &hex!("e115c6468606a5f9b8e9a7c220d7d7684d686c9210a669770b6e4bf24447cd17"), + nonce: &hex!("029c7c9ee2d3ab26843e8b41"), + plaintext: &hex!("7abf84842f9867cfc5eabc7032"), + aad: &hex!("1befd9f97f99fc096deafde5e158ac86716c0ba32454988fe48ba4737684361849a221c03fc0948cb25b5f29d6a0cb2a"), + ciphertext: &hex!("851c7047fb09646fbddb824531"), + tag: &hex!("d0ac4110c8d768f0a804ecda387cfa30"), + }, + GcmTV { + key: &hex!("56552f0cef34673a4c958ff55ad0b32c6ababa06cb3ae90178ab1c9a1f29c0e5"), + nonce: &hex!("b34d24935407e8592247ffff"), + plaintext: &hex!("dbd6cc358b28ab66a69f5238d4"), + aad: &hex!("b199437da189486a8fd1c2fa1fe3ebbb116f0ef41415bb7c8065272fb0b2fe8edca9cd0d4255d467e77f2834be557474"), + ciphertext: &hex!("76dc8d035e5ca4001e4e3fcb18"), + tag: &hex!("49c01f735da1131cd42b01b746fd38de"), + }, + GcmTV { + key: &hex!("d4f405ba556e6fe74b7e6dbdd7a8eae36376d1ca7a98d567d108729aeae5c326"), + nonce: &hex!("df6637c98a6592843e0b81ef"), + plaintext: &hex!("abe87641e9a5169f90179d3099"), + aad: &hex!("a5328cbabdfe6c3c1d4f5152189072dade71e2bacd857d3ce37ee9e3161eb0f20de5a29b7999fd9c7c60cdc03751bd1b"), + ciphertext: &hex!("06f9cf9677745e78c6c02bf06b"), + tag: &hex!("5a3a76da0703c24a9588afb2ac1a9e13"), + }, + GcmTV { + key: &hex!("4f667f65ea4569264456e25de498579036d6a604c18baf770bb626d8a1c68e4f"), + nonce: &hex!("43e27d275abefdd45137c8ff"), + plaintext: &hex!("eaa2498ce27e5658489381b6ec"), + aad: &hex!("264b807b4631d7c87ee9f1507082f5af9218f531b4630141f3c94939aa7cf81c71ea540783995560bf7e6e02d196227f"), + ciphertext: &hex!("bac018bf2e7090e7f217ab3365"), + tag: &hex!("13e5a16a9ce7a88cda640de2c4fdc07e"), + }, + GcmTV { + key: &hex!("f5624a166759ef0b8168af6565649f7797fa92476e008c407458101e75831312"), + nonce: &hex!("521ca79ffc8930349abfc052"), + plaintext: &hex!("1fab3def2ea13e815f8746093b"), + aad: &hex!("6e2771ecd637361cb6b947148910f7d9206d6af176c510bb5dd5bc9b97ac015fb05537affbc1756625715374172fb456"), + ciphertext: &hex!("ca72ff15a7eb62a2839bcf0c43"), + tag: &hex!("475fff6d9e2382583c9614020844b92a"), + }, + GcmTV { + key: &hex!("ac1383a3c783d3d0667e944cbe1a6159647b96afa922557eb1cb6407546b98ca"), + nonce: &hex!("70366112dbe1bd905b900e3a"), + plaintext: &hex!("b8dd871f9d866867efbe551c3b"), + aad: &hex!("b7c1865927737bee802415277cf1a25b7380774a9d27b6a3253f077d36e9c4142df2bbbf3c03414ac09161626ce9367c"), + ciphertext: &hex!("ba181874380841791f64881534"), + tag: &hex!("c5641edf42c446873372bbbde1146642"), + }, + GcmTV { + key: &hex!("f37499d9b6ad2e7618e30a23082673008f3ae1938b9397c02a4da2453fb7e403"), + nonce: &hex!("18e112ea6a998d6f9705f7e0"), + plaintext: &hex!("31560b2114a248ffe0696fa130"), + aad: &hex!("736f1a71fb259f46c6519bb87451f238f47d80c74a016604499b02568f1c7bedf70f9597d7b62c1698c4f2631f4e9706"), + ciphertext: &hex!("0163f558be0142ebabde29a7bc"), + tag: &hex!("45579ce07ee64cdac3a7a42109ff44e7"), + }, + GcmTV { + key: &hex!("50b7f5118ef7ee22b107d93ceab9881ef9658931e80385d1ae92501b95e47d62"), + nonce: &hex!("d5113665039169978b7dc4db"), + plaintext: &hex!("9ba4cd5e600277f4c786ce827e"), + aad: &hex!("68ff6c63e94cb7dd2b8413662a56c88dc130b79b8b2e2388c1089b61fa51ea37819109b5ef64da1250f5d6b5d74cc392"), + ciphertext: &hex!("67842199482b28be56f7570d11"), + tag: &hex!("79e03841843fe32337b7c7409a2153bc"), + }, + GcmTV { + key: &hex!("d396941c9c59e6a7bc7d71bd56daf6eabe4bfb943151cdb9895103384b8f38b4"), + nonce: &hex!("f408f8c21f3825d7a87643ed"), + plaintext: &hex!("dc8ad6a50812b25f1b0af70bee"), + aad: &hex!("947bd9a904e03fdd2c91d038d26d48ac6e32afcad908eacd42a25f6240964656d5a493242d3f8a19119a4cd9957d9c42"), + ciphertext: &hex!("57e6d821079bb8a79027f30e25"), + tag: &hex!("de8c26d5a3da6be24b3f6ea1e2a0f0c6"), + }, + GcmTV { + key: &hex!("eca22b3a29761fd40031b5c27d60adbcfac3a8e87feb9380c429cfbcda27bd06"), + nonce: &hex!("4e6fe3d1f989d2efb8293168"), + plaintext: &hex!("44d6a6af7d90be17aac02049a4"), + aad: &hex!("29beb1f0bb6b568268b9c7383991a09fd03da7e1639488169e4f58ec6451cad6d4c62086eee59df64e52a36527733d8c"), + ciphertext: &hex!("9aaa295bb3db7f6335a4c8cf2f"), + tag: &hex!("55f7577163a130c0dbcde243ef216885"), + }, + GcmTV { + key: &hex!("fa3ce8b099f3a392624bc433b5265235b65c0952cfc54817be2a8003d057903c"), + nonce: &hex!("3168b4e50efe96b3d3aed600"), + plaintext: &hex!("84ed3ccd428d3783ecea180b3b"), + aad: &hex!("d451fa64d73b7d7eee8f8143c40bab8e3f7a58ee018acda23224974f64ac7e1e389f5058ec08664bf56492b932d15f42"), + ciphertext: &hex!("ee2bd527568a4e7537c8f939b6"), + tag: &hex!("f4615f7dfdffec8a2d52c992456210ad"), + }, + GcmTV { + key: &hex!("ff9506b4d46ba54128876fadfcc673a4c927c618ea7d95cfcaa508cbc8f7fc66"), + nonce: &hex!("3742ad2208a0484345eee1be"), + plaintext: &hex!("7fd0d6cadc92cad27bb2d7d8c8"), + aad: &hex!("f1360a27fdc244be8739d85af6491c762a693aafe668c449515fdeeedb6a90aeee3891bbc8b69adc6a6426cb12fcdebc32c9f58c5259d128b91efa28620a3a9a0168b0ff5e76951cb41647ba4aa1f87fac0d97ac580e42cffc7e"), + ciphertext: &hex!("bdb8346b28eb4d7226493611a6"), + tag: &hex!("7484d827b767647f44c7f94a39f8175c"), + }, + GcmTV { + key: &hex!("b65b7e27d552395f5f444f031d5118fb4fb226deb0ac4e82784b901accd43c51"), + nonce: &hex!("2493026855dd1c1da3af7b7e"), + plaintext: &hex!("8adb36d2c2358e505b5d214ad0"), + aad: &hex!("b78e31b1793c2b758494e9c8ae7d3cee6e3697d40ffba04d3c6cbe25e12eeea365d5a2e7b46c4245771b7b2eb2062a640e6090d9f81caf63207865bb4f2c4cf6af81898560e3aeaa521dcd2c336e0ec57faffef58683a72710b9"), + ciphertext: &hex!("e9f19548d66ef3c16b711b89e2"), + tag: &hex!("e7efc91bbf2026c3519010d65628e85f"), + }, + GcmTV { + key: &hex!("8e4f8859bc838f6a2e7deb1849c27b78878285e00caad67507d5e79105669674"), + nonce: &hex!("e71d0ebb691a4c31fdd9879c"), + plaintext: &hex!("bd1713d8d276df4367bf3cbb81"), + aad: &hex!("47ca6cef3ca77997ef1b04e3721469be440ad6812aa3674ae92ca016b391d202e29932edfa83029eccae90bd8dbe4b434e7304b28fe249b380b2c3c49324fd5b3e469e3e135abc1c9fd77828b409c7482e6a63461c0597b14e5c"), + ciphertext: &hex!("eecbfb74e314628b0e3f827881"), + tag: &hex!("c9ea890294d7e10f38b88e7c7493c5f8"), + }, + GcmTV { + key: &hex!("2530cdcb2a789000822588a31bdc87c09234838da2d6ae1259c7049186525f11"), + nonce: &hex!("0c509faa257dbb0e743a53ac"), + plaintext: &hex!("a8edc524930ce4c20897c66f75"), + aad: &hex!("92a92cb8c1984ede806028cc45ac95574167ee83f03a707cc4b0fb8ad70907e0016e38b650f4a75bc83a625e3c670701d43bfb0326d1c4fe7c68410733c0c874c920389d164bf67a9032e2e837f5e9e324b97932d1f917ba7dca"), + ciphertext: &hex!("1f658c7a1f41152b22999ed1b7"), + tag: &hex!("cf3e4fef775d9c6ff3695be2602a90d8"), + }, + GcmTV { + key: &hex!("54c31fb2fb4aab6a82ce188e6afa71a3354811099d1203fe1f991746f7342f90"), + nonce: &hex!("f0fe974bdbe1694dc3b06cc6"), + plaintext: &hex!("fbb7b3730f0cd7b1052a5298ee"), + aad: &hex!("2879e05e0f8dd4402425eabb0dc184dcd07d46d54d775d7c2b76b0f76b3eed5f7ca93c6ae71bf509c270490269ea869ed6603fdf7113aa625648ab8ed88210f8b30ec9c94bca5757ca3d77491f64109101165636b068e3095cb4"), + ciphertext: &hex!("3a5a2a8aa93c462cfb80f1f728"), + tag: &hex!("59ef9d54ee01fb6cd54bd0e08f74096f"), + }, + GcmTV { + key: &hex!("8084061d0f7858a65c3a3557215ed46f1590278ca97a45dcb095d2a0979f2e3f"), + nonce: &hex!("6973898b1a8f72856415675b"), + plaintext: &hex!("200d0445cb09eb52f54d2f74c6"), + aad: &hex!("8b543e294546848c3308ccea302f0238b7dffc1706d03657c190ea745cc75bcd5a437993e787828ea7fe42fea1d5c6f7229a72ea65f0d0c190989a590ab49c54726633282c689eef8cf852af263b5edf63e449fd5440730003ca"), + ciphertext: &hex!("ec242c358193ca6187c89aa7a5"), + tag: &hex!("967428ac6956525ba81d5901ed259407"), + }, + GcmTV { + key: &hex!("2aad7db82df4a0d2ec85218da9d61ade98f65feeb8532d8eb728ef8aac220da6"), + nonce: &hex!("029ac2e9f5dc3d76b0d1f9df"), + plaintext: &hex!("ba363912f6207c54aecd26b627"), + aad: &hex!("d6f4b6232d17b1bc307912a15f39ccd185a465ee860279e98eb9551498d7b078271ebabdda7211e6b4ab187043171bc5e4bf9ffcf89a778430e735df29410a45ca354b0003433c6bc8593ee82e7c096a32eac76d11daa7d64150"), + ciphertext: &hex!("bfcad32611da275a0f0821517c"), + tag: &hex!("9ea37bdcaafad69caf06d67fb18dd001"), + }, + GcmTV { + key: &hex!("f70bb950ab56f12f1efc2376d32a59d16ef3ef5969e0106ab40cc314c9b0c7e8"), + nonce: &hex!("3b3b29ba422c2bacafeeb8b3"), + plaintext: &hex!("029929277043dc0379f152a484"), + aad: &hex!("464ac0c84b9ff17a0e7c39a65f89682a89b8787553a6275f0d55effaabef2114072c739f9831a5d5a5133ae4de14eb51346b318b255a1bff57e50c433e1e69a00fe1a8b6f6b621d515d670d89e148f6b65d6eb4c54878cb819ce"), + ciphertext: &hex!("c0b97d6d1a95d708d6dc7d2b95"), + tag: &hex!("322eb4395bf4d4dd070b8f9f6195f8ee"), + }, + GcmTV { + key: &hex!("f4950f01cb11fdd9afb297f7aa852facfac354ff96557befa5f657678de6cefb"), + nonce: &hex!("aba7d864f29cbc449cd93e33"), + plaintext: &hex!("e6daf59ef54ac7405984fc4c4e"), + aad: &hex!("852f624cea7a8c20e189e0c79f578c0d770c4bf7c4e691649eba992f6de89d7bf2078aff94803a3dc62628e02a80a01957722e2a931fc56283d84ab68ce11ae867835c2d9700df130048ea8eaaca41f1a9059be2acaea6e0f7f2"), + ciphertext: &hex!("d01d36ff8009b4082279abb906"), + tag: &hex!("d9a36c8008493bd95c09049299cbd075"), + }, + GcmTV { + key: &hex!("714261ef4f02fb4efb0e6b5aed96d7b3ceac6551a57cf679da179c01aac5ee0e"), + nonce: &hex!("3b7d15c7fd877461a789255a"), + plaintext: &hex!("815de8b0382fe60cb0d3782ee9"), + aad: &hex!("7621e58152336ee415f037f2e11581fe4da545c18d6e80177d5ab5dda89a25e8057d6fccec3757759a6e86e631080c0b17baa8be0b8fe579d3bfa97937ee242b6faacfc09425853df4dc26bc263ed1083a73ffc978c9265f8069"), + ciphertext: &hex!("29c566ea47752a31a380fd0e7c"), + tag: &hex!("b279340a384dbbae721c54e9183b3966"), + }, + GcmTV { + key: &hex!("53459ba5a2e49d1a7c2fb6ad9e6961b4dbe5158cb9266eff425d6dcccaaf8073"), + nonce: &hex!("3c97dc635a75fbe2c33c9a41"), + plaintext: &hex!("03fbfe5842ed781990ca8be728"), + aad: &hex!("7fe308afe58a927680bee3368301f4dc7c47811fc09f1b9922a092a497b9c6b67c857fdcc32da1011acb110b3c1475bef303f1a609479485cc400ee8f38381c45d078708ad49f226f95dd9c81478d1ee2b53c3b906d96f8ddd76"), + ciphertext: &hex!("5865e5a1ec711732a4ee871bff"), + tag: &hex!("856a653ec214178096bed423e30a36e9"), + }, + GcmTV { + key: &hex!("f0501583c226d2519ed23fcc6f2cffd2f013eb91aa07b3a5a2073d6e2bd10cef"), + nonce: &hex!("29a922ad9bdeddc2e298b99f"), + plaintext: &hex!("035eb6922345c02a81435d9e77"), + aad: &hex!("d84f54bac09ea92afe0a7335cb0bb5f68425490fd2fb6c3b99218f49856ed427ec902e510b899d54951fe84cdbfd112608d1e999f64ecc9cd4be3a0114c1c34875dbf35a1b0be421659f99d69b32e968cebfca6f95837e3edeb4"), + ciphertext: &hex!("095971f99af467805a62bfb882"), + tag: &hex!("d5ff2b7beac260e517ea3eca13ff1e77"), + }, + GcmTV { + key: &hex!("78e6789b596c71cb3becc833cf823d2ebb18ca2e26c27e26a55ef95df7353971"), + nonce: &hex!("65da9c7a9f17b11246bcf8db"), + plaintext: &hex!("003e82a147df3c953400f87ab5"), + aad: &hex!("d49aee7ffd31e7c8d831d97ae894a00473adbc5071f6099d567caaef85c295d5143a1316ff82753cc35d3efc60f7e5101ddd811336b404d598f6c439cce6b47fcbebb15d1c342e4151b355025a03b4397260b4a7e6444fa57b5b"), + ciphertext: &hex!("abcceced40209fc30a5590fee8"), + tag: &hex!("0a203973b81375949ebd932597efd495"), + }, + GcmTV { + key: &hex!("816b3e6ca31d59688c20bcd1fa4285197735d8734289ca19a4730e56f1631ccf"), + nonce: &hex!("4c191ac994f86985c180ccd4"), + plaintext: &hex!("b2060dd86bc307133b7d365830"), + aad: &hex!("b3dcd643c68ccce186570c63288c8722b8a13dfaf9e71f44f1eeb454a44dddf5f955540cd46c9f3b6f820588f71936d7a8c54c7b7bc43f58bb48e6416149feae7a3f8d8198a970811627489266a871e8cb87878cdb3a48be65f5"), + ciphertext: &hex!("53e65880ad0012a75f1188996f"), + tag: &hex!("9ca8a71a45eb4402a6b03106bae330d1"), + }, + GcmTV { + key: &hex!("a07ba57478061bd7abddd762971cf2e47141891f76c3d1c150b53eee5704557d"), + nonce: &hex!("5adfb85b2d9e239c5146501d"), + plaintext: &hex!("67c8824c1837cfdec6edcd719c"), + aad: &hex!("937b3ed73e67ca0b02f9eb736a668362d4d0447c15f6083099a7f90c7c49318dd72f6baa74da22ff53b56c24fb9a1b1d6c4e29f4ac4d917220ebe3c8d760999da7be9e1e8f6a171133640c9196f9ee3cdb76a5a342a95a05c8c4"), + ciphertext: &hex!("1eb85c6682850e849eb37927e5"), + tag: &hex!("8079f705cf551a5484132cd0f0c5297c"), + }, + GcmTV { + key: &hex!("268ed1b5d7c9c7304f9cae5fc437b4cd3aebe2ec65f0d85c3918d3d3b5bba89b"), + nonce: &hex!("9ed9d8180564e0e945f5e5d4"), + plaintext: &hex!("fe29a40d8ebf57262bdb87191d01843f4ca4b2de97d88273154a0b7d9e2fdb80"), + aad: b"", + ciphertext: &hex!("791a4a026f16f3a5ea06274bf02baab469860abde5e645f3dd473a5acddeecfc"), + tag: &hex!("05b2b74db0662550435ef1900e136b15"), + }, + GcmTV { + key: &hex!("c772a8d5e9f3384f16be2c34bf9afd9ebf86b69e6f610cd195a9db169e9be17e"), + nonce: &hex!("9b8e079f9971d7352e6810a3"), + plaintext: &hex!("7f13fcaf0db79d792823a9271b1213a98d116eff7e8e3c86ddeb6a0a03f13afa"), + aad: b"", + ciphertext: &hex!("d29e2bf3518668a14f17a3e4e76e1b43685734b801118d33a23238f34d18aa40"), + tag: &hex!("8e02b0b7d172cf5e2578f5b30fac2e7a"), + }, + GcmTV { + key: &hex!("d5924b31676e2354fe7dafffaf529749598ea1bf5e4c44f5b60240e09d8036aa"), + nonce: &hex!("5d847784f0bcd79cb84fcf1d"), + plaintext: &hex!("6fd80c8f0d4de081a93c16b84dec697a1e4f9d80a6af497c561572645eac0d63"), + aad: b"", + ciphertext: &hex!("282cc9d2308a443019cfdc4d79854accc7731ee36902bafe3ffaca6484327b82"), + tag: &hex!("4dc5e0f2ab91bdfd31f2bdcf06af9667"), + }, + GcmTV { + key: &hex!("b328c6d7946221a08c4f0509b52992a139890cdd8eae1956851f110c49602cb5"), + nonce: &hex!("1a433c33ca12ce26cf3dffff"), + plaintext: &hex!("217bdc314a4d335c72b5267b424fc8e31f4bb118e6cfaeacf5548f4ba8f51980"), + aad: b"", + ciphertext: &hex!("a322944e07bf84ab424ffa75fd0309e8691c9036b08f344ba76ce0774f43b351"), + tag: &hex!("14dd6b1c2b224533ccc9fee8d2881358"), + }, + GcmTV { + key: &hex!("c2080965d21d229c0d0d6c56cbce83880120c21a48172a64560b90dc4ce1ffbe"), + nonce: &hex!("928d6c0195f5f0974f38730b"), + plaintext: &hex!("864397271e1b242aa1dff38e78aa89353e1554ba907318a0aaad44f26fcd567d"), + aad: b"", + ciphertext: &hex!("7de4f941f44bd0f268b2a47b9c4927cc10537bbed739d52ab099fde4033041d1"), + tag: &hex!("b51a59931817257619e7be1091128c49"), + }, + GcmTV { + key: &hex!("dd6b7e2584edf1f1e6c2c0dd1f72161a92d2cba99856554f820de1256d48c099"), + nonce: &hex!("fe9d553c75067e8dbae1ab67"), + plaintext: &hex!("f9f86f7762859f11d6e7ef56178657ddcded532843446f86a23eac35aa2dd3c0"), + aad: b"", + ciphertext: &hex!("f7aaa1711c8092783b05b4e5e6c9c6944e991bd59c94b9d0356df00a66e2db5b"), + tag: &hex!("c61edd176c8322a01d8c5f3df09252e9"), + }, + GcmTV { + key: &hex!("37f39137416bafde6f75022a7a527cc593b6000a83ff51ec04871a0ff5360e4e"), + nonce: &hex!("a291484c3de8bec6b47f525f"), + plaintext: &hex!("fafd94cede8b5a0730394bec68a8e77dba288d6ccaa8e1563a81d6e7ccc7fc97"), + aad: b"", + ciphertext: &hex!("44dc868006b21d49284016565ffb3979cc4271d967628bf7cdaf86db888e92e5"), + tag: &hex!("01a2b578aa2f41ec6379a44a31cc019c"), + }, + GcmTV { + key: &hex!("a2ef619054164073c06a191b6431c4c0bc2690508dcb6e88a8396a1391291483"), + nonce: &hex!("16c6d20224b556a8ad7e6007"), + plaintext: &hex!("949a9f85966f4a317cf592e70c5fb59c4cacbd08140c8169ba10b2e8791ae57b"), + aad: b"", + ciphertext: &hex!("b5054a392e5f0672e7922ac243b93b432e8c58274ff4a6d3aa8cb654e494e2f2"), + tag: &hex!("cf2bbdb740369c140e93e251e6f5c875"), + }, + GcmTV { + key: &hex!("76f386bc8b93831903901b5eda1f7795af8adcecffa8aef004b754a353c62d8e"), + nonce: &hex!("96618b357c41f41a2c48343b"), + plaintext: &hex!("36108edad5de3bfb0258df7709fbbb1a157c36321f8de72eb8320e9aa1794933"), + aad: b"", + ciphertext: &hex!("b2093a4fc8ff0daefc1c786b6b04324a80d77941a88e0a7a6ef0a62beb8ed283"), + tag: &hex!("e55ea0456af9cdff2cad4eebbf00da1b"), + }, + GcmTV { + key: &hex!("6fb2d130bbad1924cab37d071553b12169e978a805bf74cb4c23d5ccd393d7bb"), + nonce: &hex!("76826741225a391fdce4d3b6"), + plaintext: &hex!("c49b80080e2efeb5724b9e5b53ba0c302e97bd16f1a6bbec01e1ca6c35a42a3c"), + aad: b"", + ciphertext: &hex!("62fbe5466a7ff83ff719f4927e00e9319e1bb7e835c5d6b4e9d4bc5a8d6e2beb"), + tag: &hex!("df72da7a66cb5257836f3c19ecadcd55"), + }, + GcmTV { + key: &hex!("402e8113970257d9437807620098370243536a105cca4fbc81a1ff2d48874f48"), + nonce: &hex!("c924c19c4d14905a2bdf63bf"), + plaintext: &hex!("917b9585f65e59bf4d242bb0802966045dd29fbc66911277baecdfcc818c3c35"), + aad: b"", + ciphertext: &hex!("5b6594edcddbb338f4e813687f4f23a75a64c21e3cf5d2e7c9af0f7e3ee3e616"), + tag: &hex!("f1cccd93a4411247c8b6830addd72c6f"), + }, + GcmTV { + key: &hex!("2aac499cb0eb72b4598acff4330df6cd764978997d5ace51da88e0c18671bde9"), + nonce: &hex!("fd16cdc39d7f0b92e1f95c97"), + plaintext: &hex!("e7b75bfa35c9a004d0b68265623a9b06b6d4493ea0ad4f6c777ba5add8c7bbbb"), + aad: b"", + ciphertext: &hex!("c3d0a0f7ce9720c95aac86151aad634884ddfa62df58f18394537f6504d9a8aa"), + tag: &hex!("76749a1ec70236b267fc340d5fbb6da3"), + }, + GcmTV { + key: &hex!("a2a502d6bb19089351e228d5cbff203e54fc31f2772253df08557875d964c231"), + nonce: &hex!("0ebb5af4a462a1e6ded7164a"), + plaintext: &hex!("bbecc89450c07b8de631155e5d7cc7a9d26376bb57d7458d49b4c36e140490f3"), + aad: b"", + ciphertext: &hex!("fd09c950890441fcaaa8809a8998079abb88741c6672abae12383ffd724f8299"), + tag: &hex!("22fac246058bf142c5f26812a635b480"), + }, + GcmTV { + key: &hex!("ce2d289e20c76f75c135c8118d5cbf5f2828026f0b639588a3eb4ad752cea548"), + nonce: &hex!("bb08526dd8bd1c3bb58d0999"), + plaintext: &hex!("56f5db1e796a0c4633a8d570182c39e3c8451e7ba485b98d38a2c926a1b92a46"), + aad: b"", + ciphertext: &hex!("a41005df18734d4f3f99f19ef8fc43b16ef431207cb0466341bf164b58e23533"), + tag: &hex!("a45c2a1ef6aec75cc22d71807dab3c27"), + }, + GcmTV { + key: &hex!("66e418d0ec97b420b1b5365d1b6d5cd7c5ac1a5653739120d4aec3c94c93c287"), + nonce: &hex!("989f94480266e3652488184e"), + plaintext: &hex!("e5052b19d7f827fd60f45c8925809fd2217ec4d16aa89bbf95c86a1c1e42bd36"), + aad: b"", + ciphertext: &hex!("f341630574ee92942cf4c5ecd3721ae74b32c557379dfe8351bd1c6661a240da"), + tag: &hex!("e85fb655ef432e19580e0426dd405a3e"), + }, + GcmTV { + key: &hex!("37ccdba1d929d6436c16bba5b5ff34deec88ed7df3d15d0f4ddf80c0c731ee1f"), + nonce: &hex!("5c1b21c8998ed6299006d3f9"), + plaintext: &hex!("ad4260e3cdc76bcc10c7b2c06b80b3be948258e5ef20c508a81f51e96a518388"), + aad: &hex!("22ed235946235a85a45bc5fad7140bfa"), + ciphertext: &hex!("3b335f8b08d33ccdcad228a74700f1007542a4d1e7fc1ebe3f447fe71af29816"), + tag: &hex!("1fbf49cc46f458bf6e88f6370975e6d4"), + }, + GcmTV { + key: &hex!("2c11470e6f136bec73351619288f819fb2bbba451857aadfb78384074612778a"), + nonce: &hex!("4e6cc2bcc15a46d51e88958d"), + plaintext: &hex!("3b3186a02475f536d80d8bd326ecc8b33dd04f66f8ba1d20917952410b05c2ed"), + aad: &hex!("05d29369922fdac1a7b37f07953fe175"), + ciphertext: &hex!("6380945a08977e87b294b9e412a26aebeeb8960c512439bac36636763cd91c0c"), + tag: &hex!("1029a3c4be1d90123c1b404513efde53"), + }, + GcmTV { + key: &hex!("df25ea377c784d743846555a10cfaa044936535649e94da21811bad9cea957b5"), + nonce: &hex!("35f5f8e950c1f57ad3dfb1fa"), + plaintext: &hex!("98941a807ac8f16eef0b3d3c7bbdfd55d01736c5b3360d92b4358a5a8919380b"), + aad: &hex!("28eb4677110ccb6edc8d2013dc8f46ec"), + ciphertext: &hex!("24a07532e981aaf3106eab8dfbb2d2078342e2eaee027e148f06aca68f6a1c50"), + tag: &hex!("131373ed4a0e3f584ae978d42daa6f3a"), + }, + GcmTV { + key: &hex!("106168ea651f22c54196a06f1a10bcf4e620d93e4dc0824d798f44f9219c6177"), + nonce: &hex!("4064dcbd631cf20b05ae22de"), + plaintext: &hex!("b0d3da2b96b8889c92e445abbea4c6d0d5d44d7fbcc7dade4c92f6bcddbf06e1"), + aad: &hex!("a36e2fb9cd96a8ca9ae2b193aa498efd"), + ciphertext: &hex!("f55a6d8a6965ea451637bec7548cfb1ffe59fc0ce6ea6a937cb5dd32b3d45d5f"), + tag: &hex!("8d1bf2715041f817f11631fc9910c629"), + }, + GcmTV { + key: &hex!("272d1649a3dd804de0962d3e07064a7054c00a6234ab1b0cdcf685ab394837e5"), + nonce: &hex!("955b5897f6b9806bbec5c33e"), + plaintext: &hex!("36e57c29c08c51ad7fa91c0416f976cfd011780eb44cc5abd34c7b431b093b8d"), + aad: &hex!("33e618ecbbe5eb0566df21c3c34b7e25"), + ciphertext: &hex!("cd6aeb345081dc0bb2c8b4d19b280658fb87c0f2bd0f4c9da694dc1feeb32f4e"), + tag: &hex!("dd37eac6bd6a4d3618241738779735d7"), + }, + GcmTV { + key: &hex!("3dab6a51bb7af334dd4b79a7d139550c88f0778d43c21fc4ad33f983a13515cb"), + nonce: &hex!("362eaa67cab3d1ed48e9f388"), + plaintext: &hex!("3eb7f5f0a4ca9aa7000497602c6124433a60a8fcd91b20175b4ee87e6b10a2d7"), + aad: &hex!("52852150786e6547a2618e15c77110b6"), + ciphertext: &hex!("cc3316041b88733839249b756ffa00bbec6211942f604f26c4a35ed32e6eeaff"), + tag: &hex!("5936c5500240d50c0da0fcdc248f176e"), + }, + GcmTV { + key: &hex!("0ea606521b935d5b4b66df89fb372d35c4d6d2c03767367e38de0d4c27761d56"), + nonce: &hex!("0d3168318a4f76392699640b"), + plaintext: &hex!("f450b36d6c49411897bce39001d73ff01b5e8566179e36dacac7064cab5c6270"), + aad: &hex!("3bd8849070cf034c4298f40f33b0b839"), + ciphertext: &hex!("3b15fad18726c4eaa70502b3f3b32c5092d1d92835e6460665fc50dda953a191"), + tag: &hex!("11fd3fddf61e010c17fbedd4bd5fb012"), + }, + GcmTV { + key: &hex!("c8c4f9e0bd289ef1bd16104a8074fb073dd9035ab937ab076fb5801e2295aa2f"), + nonce: &hex!("be699d9d98ec1f724da8bd0f"), + plaintext: &hex!("49fe9407a719d41e658587809cfed7a5b49941c2d6378f3c0afe612f54f058a1"), + aad: &hex!("a985c7489732038c3190cb52be23737c"), + ciphertext: &hex!("17a9aaa6a3c68ba1f6cb26fdd6536c207e3c9ce58f43e4ecfd38d3387a798a0f"), + tag: &hex!("d832cb4814142562fedfe45b36126cb8"), + }, + GcmTV { + key: &hex!("52d0f20b0ca7a6f9e5c5b8549d5910f1b5b344fc6852392f983558e3c593be24"), + nonce: &hex!("d5c618a940a5a5d9cc813f27"), + plaintext: &hex!("a9fed8a29355685321f978e59c40135309306cd41b25349fe671dc7990951c68"), + aad: &hex!("61823f7e39ed76143ca7249d149bdf57"), + ciphertext: &hex!("509c540e558d0bf0a3b776cddfbfddc15486748a7f9952b17c1cbd6869c263f4"), + tag: &hex!("42e35ee3f7119f87fb52b5d75b8ab8ec"), + }, + GcmTV { + key: &hex!("5d291a8f1a6433a41076702d9d8a8c196e464550ed900ce8c2a36f4d10483954"), + nonce: &hex!("c4ba743ee692e5d00b5ae2c6"), + plaintext: &hex!("605d519b26182458fea68dddd86033390fc545f843ae817850a2a4574add015d"), + aad: &hex!("878fa6720ab30e0287f6903acd2dca19"), + ciphertext: &hex!("1c2f153f2374d3945cca9757dc18d9a15a93276526285a6e316ee32a72092c34"), + tag: &hex!("e7905e856c88c6ece4bb47781becf923"), + }, + GcmTV { + key: &hex!("09e2724d4017cd57e967000e4da2cd5c5c18ccfb06c33b7ce62a7641e4bb0b73"), + nonce: &hex!("9ea18b420a10177289ab370b"), + plaintext: &hex!("6f5dfa86d5df4febd752265c56390049e7cda60c2644c84ab413932faad15b15"), + aad: &hex!("a8e77939423d5894d307fd60278d162a"), + ciphertext: &hex!("35e37a9b913eb58b72262e92d7584d44bf9a8442f1b2f3da3a5d05ec6a2a31e2"), + tag: &hex!("1a95023b1a4a3e885520ec79e1a3aef9"), + }, + GcmTV { + key: &hex!("8544a9f4f6c0efdff3da90cfa3ee53fbe1f8de159d29537c803e1651da153718"), + nonce: &hex!("be406029a1d0c25d09af94cf"), + plaintext: &hex!("7e88a65646ed138b7c749366d16e41dbafd9987ad2373bb9d0b6ce0c1a4d6661"), + aad: &hex!("599dbb73897d045a1bd87385e60323a2"), + ciphertext: &hex!("38ffbf9ffff8d6a92090584e6dace1c6a47d3d5709a25e470557d5c8f5dd1851"), + tag: &hex!("d5b2e83c47df404de9a7cd95d3cbe7ab"), + }, + GcmTV { + key: &hex!("35b9d2a5db3b06e7720cec794dae615029a491c417f235498e0496cd8183d1bf"), + nonce: &hex!("b382987916e19752dd9ecc0c"), + plaintext: &hex!("76b290496901c5824ad167433dbb6d6b5856d41913ee97ec81e70cf6a170e35c"), + aad: &hex!("e0aa3a1f1df601366c59a390f4f06c3b"), + ciphertext: &hex!("78347400d6799e77e11e76c0ecfd311becf31f74f14b3a71e6d526ce57015c8b"), + tag: &hex!("bf8dec2feac7cfe9f330bdfc92737b33"), + }, + GcmTV { + key: &hex!("d707eab3c167b73efeb08c50e12b1569a275487ea136f52736c0f3ce66b69fa3"), + nonce: &hex!("11116f34182e52428642e747"), + plaintext: &hex!("a0c4818362035b16b50de445d558ea5cf8844bf5c84b96232999a2279806cc45"), + aad: &hex!("ae9f90331800c358716c92667f79f748"), + ciphertext: &hex!("91c77404b20028ef0fd4dd7f8b65b6594af94a1e7fc79cfbdb108265354fc71b"), + tag: &hex!("6c3410d4b915dbad745715202c04e9a4"), + }, + GcmTV { + key: &hex!("405d13ee48d3b9fc26bcfca776b2af6c745d8fc34171622f8c6c4be5a54b8b65"), + nonce: &hex!("add1524abb1b846f0f6577da"), + plaintext: &hex!("e06475990d6e3990266de1bd025c3b1910c0736c81050885f2bfc13ec78e9d96"), + aad: &hex!("0b1c4c3ba877bca5846b2c1f2b0e2105"), + ciphertext: &hex!("6399f7e6d6c680fc41bac8bee3836b9a4241403d5a19e4919f396ce37b238d38"), + tag: &hex!("e754f400d76c76e03c63ea88cf64ccba"), + }, + GcmTV { + key: &hex!("5853c020946b35f2c58ec427152b840420c40029636adcbb027471378cfdde0f"), + nonce: &hex!("eec313dd07cc1b3e6b068a47"), + plaintext: &hex!("ce7458e56aef9061cb0c42ec2315565e6168f5a6249ffd31610b6d17ab64935e"), + aad: &hex!("1389b522c24a774181700553f0246bbabdd38d6f"), + ciphertext: &hex!("eadc3b8766a77ded1a58cb727eca2a9790496c298654cda78febf0da16b6903b"), + tag: &hex!("3d49a5b32fde7eafcce90079217ffb57"), + }, + GcmTV { + key: &hex!("5019ac0617fea10517a2a2714e6cd369c681be340c2a24611306edcd9d5c3928"), + nonce: &hex!("fd1fa6b5cab9aa8d56418abb"), + plaintext: &hex!("4349221f6647a906a47e64b5a7a1deb2f7caf5c3fef16f0b968d625bca363dca"), + aad: &hex!("953bcbd731a139c5de3a2b75e9ffa4f48018266a"), + ciphertext: &hex!("dbce650508dab5f499767651ee734692f7b157341977692d2ca879799e8f54aa"), + tag: &hex!("20239e97e2db4985f07e271ba545bbbf"), + }, + GcmTV { + key: &hex!("c8cee90a8b9ad6094d469e5d1edc30d667608e89b26200cac77efd7e52af36fd"), + nonce: &hex!("5a1aa9c8e635281ee1fb9df7"), + plaintext: &hex!("728d9221891bd75c8e60b7dd6f53edcfd1ab1cebc63a6ce54be220b5b362233b"), + aad: &hex!("0538b3b64da72aac591bc59991a140eff206b3f7"), + ciphertext: &hex!("b753eb6b87f0c8778c3ea3a74fba3b31ced6d2da94d43d482ab0431806a80d75"), + tag: &hex!("b21d29cf6fd04571ffcaf317d384df11"), + }, + GcmTV { + key: &hex!("b4b77710f86ffd463fc14bb9eaa4424b2b3a581778e5511a094a08fb204cab59"), + nonce: &hex!("3e4b12bf55633bf48d104620"), + plaintext: &hex!("6f44a8df11dce27df075ea10ddeb7566ca6c988a334cf56e8540f71166d7c0d1"), + aad: &hex!("3e3b4c9369266266098326217b5677a40297cb87"), + ciphertext: &hex!("31f82f5cb1cd5c4b4819b61aa9377abebe8fca76978b1199178462c7c1c4e2b2"), + tag: &hex!("1b3a535768e8480d75ec91b2e7b55efd"), + }, + GcmTV { + key: &hex!("0a8fb75498a139223c763d52bbe3d42f813de370fa36b81edc4553d4219d2d5d"), + nonce: &hex!("7d6cb675fded3efef908a11a"), + plaintext: &hex!("81b69ca354de3b04d76ee62334cb981e55f0210f1174d391655d0f6712921a0e"), + aad: &hex!("2314ad86b248f1ed2878e7c562b533bf2dda5a29"), + ciphertext: &hex!("6a23d30737f4a72b1e07ba23d17fde43a4498e2e60d3e1b0c8e6ea26a2bb331a"), + tag: &hex!("7fcac442fb657910c62a74b1d0638902"), + }, + GcmTV { + key: &hex!("a84315058849690c2b88062aef81134d338526baa7090e865fcaad94bbf51ca5"), + nonce: &hex!("a487cfa701447b495aab41e0"), + plaintext: &hex!("18074e14dc0a14d4439f1d710927ed8c200154c8492f77f10f653e0bf6070ca6"), + aad: &hex!("7c4416b0cf13ac76bec6687a6840dc703e91bb86"), + ciphertext: &hex!("80f40b7e335d40fc5859e87f385e14798a253818e8ad73b1799c1419638246a4"), + tag: &hex!("b4c7c76d8863e784eb6029cd160ef6de"), + }, + GcmTV { + key: &hex!("82833bcaaec56f6abbb3378f7d65daf6e6f6f2a0d1e858c7219f53a7840f4e00"), + nonce: &hex!("4bc9b028a00be8feb5232978"), + plaintext: &hex!("d9b2383123a27a93bce85add8392b938093b40e82f182e484bf4f84fa3bfb3f0"), + aad: &hex!("76fc8ed57154cd8a9b3d02c87061edd2a8157811"), + ciphertext: &hex!("383efe971438cd2b2cbb399d74a3fb3eedd394f1862addc58e9fdd4c421402d2"), + tag: &hex!("fd803c4fa917f7ff649a6aac013a96b1"), + }, + GcmTV { + key: &hex!("ee4634c49c5672c660968a42862698f6c1b2c7b79efd1605c24af8ff9ff8366c"), + nonce: &hex!("877912b2f35888d2810612cc"), + plaintext: &hex!("9512a5268a0cb3fbd916ddb820dce77f1e0dbb52c8ffc7a74be077119e9245e4"), + aad: &hex!("93bd669db4f1354ef6c8addb0cf729e46d5c3846"), + ciphertext: &hex!("69af0ac954e0d69043851d89f1538ebcb42769857eba27dbe4ad4fd60fd75537"), + tag: &hex!("3ee443873e2f7f7ea601fe3d7e5211e2"), + }, + GcmTV { + key: &hex!("442f4bbc468433411e49486a15c5eed577f5007380ff126d9974f3bd3fe4e3c4"), + nonce: &hex!("1e7133aaa8af826dc646ec62"), + plaintext: &hex!("7f8069e5c356ece135d98bb563c8b411ea90ea3b673dfd92e1ba9c459efae61f"), + aad: &hex!("577662f611446b5b31814930029edb949a30dcb9"), + ciphertext: &hex!("b962952750eb2bce313e1a85a72e3c9cc2ea7e58c353ea37df2c9f0723995ca7"), + tag: &hex!("e633fe9f10cedf0f0d02aa2ddcf47d86"), + }, + GcmTV { + key: &hex!("3a29aec009f44fdd2b1bc07cb7836f29d8589774bd0d74089a68d9e67827d6d8"), + nonce: &hex!("a42c5fb61573c72688ac31d8"), + plaintext: &hex!("d36eb81506c0a0e4ebcac9b4b1acebb38b94b8f2ce3d6f85a8f705fa40cb987a"), + aad: &hex!("2ee2582d544e1663f1d7a0b5033bcb0fce13b3e5"), + ciphertext: &hex!("179ef449daaacb961f88c39b4457d6638f304762bd695924ca9ebd01a3e99b9f"), + tag: &hex!("1fee176c7a5d214748e1d47b77f4bcc8"), + }, + GcmTV { + key: &hex!("ed47660054294f3c913c97b869317cbddc395d757bef7d29b8ccbdd2c54e99d3"), + nonce: &hex!("770a00642c67eff93c9f1f56"), + plaintext: &hex!("034193397cbd0eb414459273a88808db2d0711e46f80d7883212c443d9e31b54"), + aad: &hex!("06210fca2018d2357256c09197730e9777caea96"), + ciphertext: &hex!("6a250ebd3390229d46b691142743dba1c432c0feaa0f0dd19d0ce4e6a8918d80"), + tag: &hex!("a5f6e975592b472907c34b93bfc69dde"), + }, + GcmTV { + key: &hex!("9539844493362dc3f913308f7e12a2a0e02afdbd8869877b30ce0397fb0349dc"), + nonce: &hex!("eadda3132079195a54fde2c1"), + plaintext: &hex!("62349a0b1e40a9f31eadf27073682da15f0a05cf4566ee718b28325f7d8eaba0"), + aad: &hex!("0ae4a90cb292c4e519b525755af6c720b3145a1e"), + ciphertext: &hex!("ad6c9521bf78d1d95673edd150f2b8dd28f10625d67fa25f1fb42d132ba7fcfa"), + tag: &hex!("916242a9cb80dffcb6d3ae05c278819a"), + }, + GcmTV { + key: &hex!("3b4eb08d27ae0b77605ae628a1b54a5402026550679fab0a20752bee510d3d92"), + nonce: &hex!("28a20c40f49a00493da3488a"), + plaintext: &hex!("c8a47edcf84872f53f96ef41ce05ca37cbc3854b556d6e606f0a8a32d0861907"), + aad: &hex!("0591390e2d14ebe62aeb1741c26448ce55b28cab"), + ciphertext: &hex!("a3e8cbf84df8529838f79315c7f1a0b7bb3ad4c4d036ec317b1810b274ee3080"), + tag: &hex!("0a8f66daeb7f0a88756909c4e93fcd36"), + }, + GcmTV { + key: &hex!("0cccea8f1f6ce141690e246cf4cb9f35b66baf6e6986b8e0b4cfdd13fcdbc8c3"), + nonce: &hex!("929f07be5aa7bae7607bae3c"), + plaintext: &hex!("9fa5214c599523c695d37937b02f78837f6406960b2a03bf9a6db34bd35e3dc7"), + aad: &hex!("b851e610be70a994808b34ca73f45f1ea973de65"), + ciphertext: &hex!("917ecc8b00b53f7fb0732d66848a106e91f60acf2dcf180832a74d5993c658da"), + tag: &hex!("2959e20746bbb6ab66dfd29b9477799a"), + }, + GcmTV { + key: &hex!("ecbfaef2345b34f31fbf6d68efb385e5833df8b6e6ae621ede02baf9735d2dba"), + nonce: &hex!("50c3527b1a35ccb318b446de"), + plaintext: &hex!("634f6dd60783d1f952353fd1d359b9ee4f4afa53cc13e81c5adfe24b46baf08f"), + aad: &hex!("f8981548bde6ee6c1745f947de191bf29997fadf"), + ciphertext: &hex!("705e5f67ab889ba238118e3fd9b90b68be801995ae307378d93b50977cf90588"), + tag: &hex!("12d14468ac18cc9936bd565f8ad42d0d"), + }, + GcmTV { + key: &hex!("dc776f0156c15d032623854b625c61868e5db84b7b6f9fbd3672f12f0025e0f6"), + nonce: &hex!("67130951c4a57f6ae7f13241"), + plaintext: &hex!("9378a727a5119595ad631b12a5a6bc8a91756ef09c8d6eaa2b718fe86876da20"), + aad: &hex!("fd0920faeb7b212932280a009bac969145e5c316cf3922622c3705c3457c4e9f124b2076994323fbcfb523f8ed16d241"), + ciphertext: &hex!("6d958c20870d401a3c1f7a0ac092c97774d451c09f7aae992a8841ff0ab9d60d"), + tag: &hex!("b876831b4ecd7242963b040aa45c4114"), + }, + GcmTV { + key: &hex!("07b3b8735d67a05632c557076ac41293f52540bac0521573e8c0414ec36f7220"), + nonce: &hex!("0046420eee8d56de35e2f7d5"), + plaintext: &hex!("4835d489828325a0cb38a59fc29cfeedccae25f2e9c399281d9b7641fb609765"), + aad: &hex!("d51cedf9a30e476de37c90b2f60882193630c7497a921ab01590a26bce8cb247e3b5590e7b07b955956ca89c7a041988"), + ciphertext: &hex!("46eb31cd98b6cc3ecafe1cd1fc2d45fa693667cbd3a7d2c5f8c10296827ea83c"), + tag: &hex!("36cd4e76dd0679887477bfb96cf1c5f6"), + }, + GcmTV { + key: &hex!("0219f14b9ca6506c1388177c4ae6ee64ad2ac0256ebbf8c219b40df6e8571d70"), + nonce: &hex!("3420a87c4b9b23ba81eb221e"), + plaintext: &hex!("348f7a4ca944f252e4562c66dacf01fb10d70a3c8f5b280a2829567a2a94e47e"), + aad: &hex!("54dc2277b8d1aae660ffcc326e2c5d9e16b8ca17288601aacd02b3eea8bc5cc60718639aa189506b7b333b87da86e940"), + ciphertext: &hex!("58c92119bfb6ad53e387cac6728ce73b82e18f6e5bfbfca5f5acc370cd8c76a4"), + tag: &hex!("e7f9e3e3dae6d0a3470d8f597291180c"), + }, + GcmTV { + key: &hex!("87440ee7f6febf3e14ef0a917a87c5d61260fefc979eeaeac0a64662c98cb4f7"), + nonce: &hex!("7c48bc75e58f21cc9989d691"), + plaintext: &hex!("f8e40a6a985f424898a7996307a077c487406c5312eefe055ea5b17a4b22087b"), + aad: &hex!("e0c66e5db1c7665a015ba7e21e08ff3de5b4a5fcd5d35e41db7e97ccd0c3df657ae803c3529d375420ad75ac9621cea0"), + ciphertext: &hex!("5a118fc3dbdaf6bc9490d372b7623af76da7841bf9820a9c6624a15eff6a69c2"), + tag: &hex!("0ddc2ae087d9b8ca2249ea5aa3dbd4c7"), + }, + GcmTV { + key: &hex!("b12425796f63bf5435740f9039fa66367fc7702d675c61b2dec4435feeea07f8"), + nonce: &hex!("f26727053e6d67c2d2bf1e69"), + plaintext: &hex!("9df079d98a6e4dbe277a8545f4f6c19fe130f4a84bdd6b760a049fba21d4e99a"), + aad: &hex!("e50fca2e5a81ae56ca07f34c4b5da140d368cceab08494f5e28f746cbfefdc285b79b33cf4969fe618b77ab7baafe271"), + ciphertext: &hex!("845f00202e2e894516d8f4a4021430e531967098c9a94024c7113c9a1b91c8cd"), + tag: &hex!("3566c75967ae00198e39ebe9f0ac697f"), + }, + GcmTV { + key: &hex!("674dfb625b8b0ce1dadbbbcbf7e151c5b2cecf0a1bc4e07f4734f3a6792350cd"), + nonce: &hex!("99e7b76e6686449616ad36c7"), + plaintext: &hex!("0a744a72e536a0484db47091609228d803bcfa9a8daf579e3039e3645f7688e2"), + aad: &hex!("2ab1573e5a94ca2997590840bd9c62e6add55e4d3eac12c895d2ec637791caa41d46ed91e6064db627e1fbef71d31d01"), + ciphertext: &hex!("e550ee77069709f5199be3c618f2a4178e4d719ab73df41cbfe32c52777138ff"), + tag: &hex!("134ac3fa8bd4af7ee836f4a3421d9e99"), + }, + GcmTV { + key: &hex!("10c1de5f741560dae5be23e15649f0114db52949560bb6cdf2d4883247392ee1"), + nonce: &hex!("7cf73c1472cd60d8d35fde51"), + plaintext: &hex!("05becd366aebaa2e609f507dd2dd4433b2aba0634b0eb9a5bf7ded4cc8fbed72"), + aad: &hex!("d3fa8b6f607a20a18dd7eac85eabef69d4fb5a074d8e7d1bf15d07732ed80e020163b475f209c4b0cbfa00d65d1e82ef"), + ciphertext: &hex!("280f0c306e1a3aab8ff9ab3e4a9adc2e9ae4e4e1a06f190d11b3b4dc4280e4f3"), + tag: &hex!("3bc8be845bf5ff844c07337c2cfd5f80"), + }, + GcmTV { + key: &hex!("e8d6ab5e514645dd7e051b028f5bfe624c72f44f30279577365aea65d4a8a819"), + nonce: &hex!("30b0d654ee5b79c2cfb24100"), + plaintext: &hex!("19be7e0feedd402bf4b05995a38e5f423c033de016e3ae83ea8c3c1cba658e1e"), + aad: &hex!("082e534bf860d0061ec2dad34d6b0db8cba1c651f2c705356ff271e47365b0b18f8ddb3a3c2269b437fb0703c9ad367a"), + ciphertext: &hex!("8573800c737d2480b2885ce714ac6a15f23287b1d12949a3d76effbe82b593bd"), + tag: &hex!("50110884292151f51213ccb2fe934d88"), + }, + GcmTV { + key: &hex!("2d1eaf5e62ca80fd1515a811c0e4c045aba8c769df03d57f7493eb623ed8b941"), + nonce: &hex!("abf190b05df2e6556cb34b47"), + plaintext: &hex!("9c7cd522ed5c0af3e57da08d2653ef77eb973734f360572bbcb15a2a6cbd60b9"), + aad: &hex!("75ab9bd39c24e498a54d85a8b76a4126dc1879f2a30270a42609763e045a4021785b6134f283fd81c195c3188e78752d"), + ciphertext: &hex!("5fdfdaccb105e5408c375af8ca63a67afaba7ccbcd591acca9a86d92f92fd0f7"), + tag: &hex!("49940b7610618b3a5cb3912339e06b3c"), + }, + GcmTV { + key: &hex!("b6020677e098c59e19eacf26732473d843aafd6bf999c707bb08ab896406918d"), + nonce: &hex!("807167ef2b84b32d1df4a94c"), + plaintext: &hex!("3199d6b95d133ba5b7eadc420080a0b249c84f4960bd369d6bf9e313627cf670"), + aad: &hex!("06225d410ada3e04157da7e5481d7d9f2285845824aac0c0e033244ed4c1b19615354c224ba8b7093c5651d10ef952fe"), + ciphertext: &hex!("4618adbfa5ea4ee260e310140b385232b7c3ad46887aa2107f7dafffd85cda22"), + tag: &hex!("2d76307bf55826dfeb58a171b6fa80e4"), + }, + GcmTV { + key: &hex!("f75456c4918d0bea72f546a9a1e2db0b6ab9bcd9782b5eb1c2700e729921d666"), + nonce: &hex!("c75b83134e7b9188e5800ffe"), + plaintext: &hex!("f9a23abbd0f2b367ce16c2a0613cd293ac7e66cbe020eaeb5deb09d5031fd992"), + aad: &hex!("5ef46c9eb5865cab2c8a35f9c4c434614a6c9f1b5c479739f7434d3326cff1e70b0d2877c084a71c7a9d33d258d304bb"), + ciphertext: &hex!("56e4efe6c0944153b65ed4909845219842b9b88f54d8d8394051132afb95d391"), + tag: &hex!("255e2c8c43f8979c440c3581bff6cf65"), + }, + GcmTV { + key: &hex!("9831c5c12e53e8a961642e93ddb2e13a38506acd0cf422e6ad9fbaeabce7b3f2"), + nonce: &hex!("bff29de3d6869e5fa75b96f9"), + plaintext: &hex!("b1edbed58ed34e99f718db0608e54dd31883baec1c8a0799c4ff8a5dad468de4"), + aad: &hex!("67ebeecb74cc81fdfee8065f8b1c1f5012bf788953bec9525e896611b827084a8e6baa0ce40ee70bc699b152bc6ed903"), + ciphertext: &hex!("13845db7e33bab1f5766a7fadfb942748e779753d97f143e645ccfcbd7c23b23"), + tag: &hex!("10dbe8a3e1901c8b88b0ab1441664d32"), + }, + GcmTV { + key: &hex!("a02c2d4a43f0f7f1db57c07f13f07f588edfe069a9d83c9b76e9511946c4fc48"), + nonce: &hex!("84677438592dcaf683d08a67"), + plaintext: &hex!("ad5a884dad20ffa88794c4fca39f2ca01c6f67657ab38e5cf86ac5597318ef07"), + aad: &hex!("d5dea0cd6080af49a1c6b4d69ace674a622f84f9f190b2db8a22e084a66500b52ff20a8d04f62a7aeaedb67e2258598c"), + ciphertext: &hex!("83da16ae07ee0e885484c1330a6255a6e7ac22915c63cbefaabc6f9f059dd69d"), + tag: &hex!("42c4a270705493d85ad7bbcfda86dffb"), + }, + GcmTV { + key: &hex!("feba412b641bc762bfa79ef17c3ea16e5630605470db096e36ffd33813641ace"), + nonce: &hex!("e3633f21e7c63a459d5d1670"), + plaintext: &hex!("9326572bd33551322ca42fcfb7cef8be41d78725f392c34907ecd1fe5572bff1"), + aad: &hex!("b7ee0233863b0e185b2f46181eb5fc0718832e1e76e7d4115a4c1f7e998c41319ccef44f5db89e8c5f077bd553d7bf42"), + ciphertext: &hex!("5019ea98cc9dc9368432c6d58f9e144f55446e763c0a8b4d8a6ce26f3dd95260"), + tag: &hex!("1010beb9cd6e9b611280a5395f08bca9"), + }, + GcmTV { + key: &hex!("21bd5691f7af1ce765f099e3c5c09786936982834efd81dd5527c7c322f90e83"), + nonce: &hex!("36a59e523df04bc7feb74944"), + plaintext: &hex!("77e539dfdab4cfb9309a75c2ee9f9e9aa1b4651568b05390d73da19f12ccbe78"), + aad: &hex!("48aef5872f67f524b54598781c3b28f9cbcf353066c3670370fca44e132761203100b5e6c7352a930f7e9cbf28a8e1ce"), + ciphertext: &hex!("c21483731f7fe1b8a17d6e133eda16db7d73ddd7e34b47eec2f99b3bbc9669aa"), + tag: &hex!("15f9265bc523298cefb20337f878b283"), + }, + GcmTV { + key: &hex!("26bf255bee60ef0f653769e7034db95b8c791752754e575c761059e9ee8dcf78"), + nonce: &hex!("cecd97ab07ce57c1612744f5"), + plaintext: &hex!("96983917a036650763aca2b4e927d95ffc74339519ed40c4336dba91edfbf9ad"), + aad: &hex!("afebbe9f260f8c118e52b84d8880a34622675faef334cdb41be9385b7d059b79c0f8a432d25f8b71e781b177fce4d4c57ac5734543e85d7513f96382ff4b2d4b95b2f1fdbaf9e78bbd1db13a7dd26e8a4ac83a3e8ab42d1d545f"), + ciphertext: &hex!("e34b1540a769f7913331d66796e00bdc3ee0f258cf244eb7663375cc5ad6c658"), + tag: &hex!("3841f02beb7a7fca7e578922d0a2f80c"), + }, + GcmTV { + key: &hex!("74ce3121c18bbff4756ad10d0f293bb1ea3f93490daad0249cd3b05e223c9747"), + nonce: &hex!("81107afb4c264f65ae0002b1"), + plaintext: &hex!("7a133385ead593c3907806bec12240943f00a8c3c1b0ac73b8b81af2d3192c6f"), + aad: &hex!("f00847f848d758494afd90b6c49375e0e76e26dcba284e9a608eae33b87ad2deac28ccf40d2db154bbe10dc0fd69b09c9b8920f0f74ea62dd68df275074e288e76a290336b3bf6b485c0159525c362092408f51167c8e59e218f"), + ciphertext: &hex!("64bd17f3e8f71a4844b970d4ebc119961812efb9015b818e8d88b906d5efbd76"), + tag: &hex!("46d0e42aa046237efee17eab6d9cfb75"), + }, + GcmTV { + key: &hex!("4c669a1969c97d56da30a46236c15407e06aada686205eed3bd7796b02c97a4b"), + nonce: &hex!("0a07758d5ad44766e051da6c"), + plaintext: &hex!("cd59bb307be76f11304f69ac8b151e1628ac61dec81086e7f24fd5bd83df8856"), + aad: &hex!("0b8277114cbf7ee16c9bbda1ab40419a02e469ebb295883f0a833c3cb755ded44a3c410034a201f7d91b43519fbabb55b974834be5d5afc7aea7c84b44a14e8e16dd68a3e8cc79ad2bf76d0ceb33d58ddb6378b45681ceaa0f2f"), + ciphertext: &hex!("bc62ce0b23cf4aa8e16b4450c8ab8c629a53949f01e68b875ecc5c45ff6d3ab0"), + tag: &hex!("5ffeda728914031006f271c3d9986f2d"), + }, + GcmTV { + key: &hex!("a23296632913051e438114deb782fb955b75acc35e86e7e9fdaf4e9025b87f12"), + nonce: &hex!("ad50db40f80f15214e43ffd7"), + plaintext: &hex!("b71116cc27b5a5844d9b51a4a720cb3f06d55d6aaeaeaf921236424db8617204"), + aad: &hex!("a6f96f5a89bfd8c8f34cd07045270d80e58ea62f1f0b10f2506a954f272af0bc71df96ad3fa8eed52c45e0b868091dc4f75d9e0eaf15a0a858a71bf7036c5607110cbfe47ad9b6d02e942fcfae88d4c792a1f824e60e3cf98a37"), + ciphertext: &hex!("8e9e4b0ac93ab8e73688d6b4723d8c5ef399ead72246c7aa7a0783a8bfe29936"), + tag: &hex!("b7dea91e4b357ce805edeea3f91392d2"), + }, + GcmTV { + key: &hex!("4036a07bdd4e10eb545f3d9124c9f766d2d0c8c59fc0d5835ac55dcfaebfc3a1"), + nonce: &hex!("815828fbb964497cdadccaad"), + plaintext: &hex!("717f22faff8066182e46d32dbac7831ec24272871c45c7c12ca779f868e7739a"), + aad: &hex!("0bc0e3931388bcb091463bae2989a93bde103bc14fc5d39f9448ca90367e86336b188f73218b2b0ab72a9a564ad5ff32544c5afeacecadfa55d2fb66925a88299dbf58f425cf49e31f42ac4edace743fdf9680d20ec845afc278"), + ciphertext: &hex!("e8c3b0342964c7a71f084d44ba2f93742bccd9821b30087d11b53bbe8b085808"), + tag: &hex!("86ddd9c469849cb6b100c339ca62717d"), + }, + GcmTV { + key: &hex!("714bc3ba3839ac6707863a40aa3db5a2eebcb38dc6ec6d22b083cef244fb09f7"), + nonce: &hex!("2cfe1c51d894e5ef2f5a2c3c"), + plaintext: &hex!("0cc4a18bbfea87de0ac3446c777be38ca843d16f93be2c12c790fda4de94c9bf"), + aad: &hex!("84e3d46af2ecb717a39024d62bbc24d119f5aff57569dfef94e7db71ad5aff864abacdc5f8554e18ed5129cfb3366d349c52b3d1a111b867e8772140749e7f33e2e64259968486e32f047d21120da73c77757c4595ccac1b5713"), + ciphertext: &hex!("0857c8fb93412fde69bad287b43deea36506d7ee061d6844d00a7e77418f702f"), + tag: &hex!("24a9e5290957074807d55ad705adaa89"), + }, + GcmTV { + key: &hex!("2f93b5a37be1a43853bf1fd578061d0744e6bd89337cde20177d1e95a2b642c4"), + nonce: &hex!("52b6d91557ae15aa792ce4b7"), + plaintext: &hex!("0fcaa316a135d81052509dd85f688aed2e5fd4261e174f435cf1c4115aa6f354"), + aad: &hex!("992ba9efa287a5c3e5177bd4931af498982a1728b56b3d7c4b28476905e29f83326c4f3223a28844fc9b9d84d4f6cd859074aff647a35dde28e1ee889faab3bb9c09a4c3fbf2a16460d48a40dc53378d4673f4325e6aa3992a71"), + ciphertext: &hex!("f99774cef3c15af33cda3cb449cd335ffe4f27435edf83aff4a4f4c2d2df6647"), + tag: &hex!("c5e09b83b1c2cc81e48a1f7c62b7bb35"), + }, + GcmTV { + key: &hex!("531ca845af7bf731c49c3136407322b1c0f6b32b8eaebf03744b2edc1202d096"), + nonce: &hex!("baf13b85202bbfc899fc73f7"), + plaintext: &hex!("d4e9783f537c738200e7ba7526605f359a98c9f10cafaa2f433c40f3e5081a36"), + aad: &hex!("e2ba9cf548b4f6fb206f224250d85af327fde8d08916686ae770203dc29c694f8902b02222fd287f28ce6091006368c3949bea2937ff0bdedb7dbbd013ccf0a15ee0af8c56fe211b7c311e182f27707f59e09492b3604e80c6c5"), + ciphertext: &hex!("642f544929202128a783b985d36f60964c7d78e1d41f5d1bfe27de3ae0180df3"), + tag: &hex!("e333528c59ee1909750ed72fd1309ee1"), + }, + GcmTV { + key: &hex!("3add17568daa9d441aa7a89bf88fa4e6998a921d57e494a254080445bc9b6f35"), + nonce: &hex!("b290f4a52496380218c3dcf5"), + plaintext: &hex!("2c6908cb34215f89a3f3a3c892e8887f2efa496a15ab913fc7d34cc70c0dff79"), + aad: &hex!("0bc9cc13eb2890aa60515c2297a99f092f6e516236c0dec9f986ea98b8a180680f2c6c20bd4354c33433a4c6f6a25e632f90ebef3a383c3592268b483eebf5f5db006929e7987edbcac4755d3afd1cdf9b02954ebd4fef53d5f6"), + ciphertext: &hex!("2cf3beae94fd5e6a4126a8ec8a7166b0aacb8b8bbce45d6106b78d3456d05149"), + tag: &hex!("ce1509b1bd5c47a593702618b0d79f6c"), + }, + GcmTV { + key: &hex!("1c1dcfd4c4cc4beb71d6e368f739d8e681dfe48fbae39728386c9dfc08825743"), + nonce: &hex!("0deceb69ce0dc776a3a71b4c"), + plaintext: &hex!("b12700258ace7b16e40f4e86886892837168b256a170937a3b89063a9a0d68f7"), + aad: &hex!("a3af2db672292431fa8ee1fa5b197593b13e58a68c4129401d0942474d5f4cbe62093aaa5453f6d355d2f4b6dc8abde58ce863d1be5f9ecf39730a49565b3b6882a0a641c0b5d156a4107309dd150fd1f1634ea4e5100b3d4f88"), + ciphertext: &hex!("3ea7f1c0d613323e095558ddde53247420fa0eef17997a1e9c5ba93d5f24c46f"), + tag: &hex!("70534a87c258905d35806f4439f6906e"), + }, + GcmTV { + key: &hex!("f2724153aac9d50f350878d3c498bc3dd782d90cce5cce4ae14126c0e1fbb3cf"), + nonce: &hex!("1c07b61c5316659bad65cca9"), + plaintext: &hex!("067ccbd0206f1f05d2872210dc5717a0585e8195d72afd0c77da11b9b3710e44"), + aad: &hex!("e69db7fcd3b590a6d32052612034036d5c8bffa5e5e9b742ffe75a9fbba89dd576dec08154cf4e6d36f0fdd4419bdf50adc1974a80ea313421c926dffa87565b4bd0c1e84f2ff305af91877f830f145bb13dfa7efa5e3aa682e6"), + ciphertext: &hex!("9aba433eef383466a1291bd486c3ce5e0ed126010e0a77bf037c5eaed2c72460"), + tag: &hex!("f30a155e35400bb0540883e8e09b4afd"), + }, + GcmTV { + key: &hex!("a2544eb2047c97cfcaf0ec1427c5df395472285233a93ffccda8fee660aced56"), + nonce: &hex!("a751bea3c769bb5db25ab109"), + plaintext: &hex!("b9514cc01a357605918f9cc19123dcc8db328c605ca0eb9d69d871afeea1dcfb"), + aad: &hex!("eb9e09884de1454d6aeb0d6c82375f2428992031ea6cabf6a29aa6a4de49a353e4ffae043dad18ae651b20b7bca13f5c327ca9f132014bfa86e716d4724e05a1ef675521a6607a536756e6a8c16bb885b64815f1eb5ec282ce8e"), + ciphertext: &hex!("cb442b17088f6ac5f24c7a04f0050559386f3a57131b92a54142c7a556fdb935"), + tag: &hex!("5f80c5c0cdf0c7890bfd1fbd58c33081"), + }, + GcmTV { + key: &hex!("ceb057782efb1e85d805448af946a9b4d4128bf09a12473cce1e8ef8bfd2869d"), + nonce: &hex!("406f9730e9b1e421e428439b"), + plaintext: &hex!("0815723d5367b1328cac632fa26e23f2b814a1d59a2971d94d02ebd7ecf5c14a"), + aad: &hex!("0772ae00e1ca05d096cf533fd3de2818ac783edfca0eee7686a6290f3357481e883fb2f895b9a4f4004c56b8a1265242cfdf1fb4af7edc41ed78c5f4ffe9c4080d4a17318f9c56ecdb3a06f3c748535387d56a096943a76d46f6"), + ciphertext: &hex!("9d82355d8e460896201be15fd95fed48a8524666d987ab078550883034d0253c"), + tag: &hex!("a0bee8ac0e636d64d3b1eb33fd6f21d4"), + }, + GcmTV { + key: &hex!("7dbdbdfe36d4936940ad6d6f76c67c2851a0477f0aa7d6797bfdf2b7878ef7e0"), + nonce: &hex!("bc672b224b4b6b91fc3fd697"), + plaintext: &hex!("dfea463d35f0fa20487b606d6ccfd422a5b707f16527b422bf1d68a77db67e9c"), + aad: &hex!("faacb84ec7cfadd731de2f7c0892d7e38cbfb782b48412331af0b3eab602a722cad1069dea0052beb5ca70e2ee476c340c6193bcc60f939aabe446bf3ce958fe11a2ffc90241f0a7e4e274f0c1441def795893895bd848bf0f0e"), + ciphertext: &hex!("0ddc2281b1fcb904864a43657bc72357cf73fc1f16520caad7cddde10f846bd9"), + tag: &hex!("9d96699450aa9707695e5de56597101b"), + }, + GcmTV { + key: &hex!("187214df6e2d80ee8e9aae1fc569acd41589e952ddcbe8da018550d103767122"), + nonce: &hex!("56db334422b6c5e93460d013"), + plaintext: &hex!("53355283186719a9146c7305e3d1959a11ccf197570b855a43cbc7563a053c73"), + aad: &hex!("cbedb7ccfbf56dfd72e530bfe16b4f5aac48a90204bcb7a8cae1046010882cfc8b526e7562a7880914e61b60cbd605165242737d85eeed583c98cab3443874e5989ec9cde001adf7de9c9967de5178f75b8412b0c4d6fec5af72"), + ciphertext: &hex!("c2262585966bc9c23dc7cc1059d060211e86f3b3161d38b153635fbea4a28c05"), + tag: &hex!("a94297c584dfcd10ee5df19a2ee5c3d2"), + }, + GcmTV { + key: &hex!("1fded32d5999de4a76e0f8082108823aef60417e1896cf4218a2fa90f632ec8a"), + nonce: &hex!("1f3afa4711e9474f32e70462"), + plaintext: &hex!("06b2c75853df9aeb17befd33cea81c630b0fc53667ff45199c629c8e15dce41e530aa792f796b8138eeab2e86c7b7bee1d40b0"), + aad: b"", + ciphertext: &hex!("91fbd061ddc5a7fcc9513fcdfdc9c3a7c5d4d64cedf6a9c24ab8a77c36eefbf1c5dc00bc50121b96456c8cd8b6ff1f8b3e480f"), + tag: &hex!("30096d340f3d5c42d82a6f475def23eb"), + }, + GcmTV { + key: &hex!("b405ac89724f8b555bfee1eaa369cd854003e9fae415f28c5a199d4d6efc83d6"), + nonce: &hex!("cec71a13b14c4d9bd024ef29"), + plaintext: &hex!("ab4fd35bef66addfd2856b3881ff2c74fdc09c82abe339f49736d69b2bd0a71a6b4fe8fc53f50f8b7d6d6d6138ab442c7f653f"), + aad: b"", + ciphertext: &hex!("69a079bca9a6a26707bbfa7fd83d5d091edc88a7f7ff08bd8656d8f2c92144ff23400fcb5c370b596ad6711f386e18f2629e76"), + tag: &hex!("6d2b7861a3c59ba5a3e3a11c92bb2b14"), + }, + GcmTV { + key: &hex!("fad40c82264dc9b8d9a42c10a234138344b0133a708d8899da934bfee2bdd6b8"), + nonce: &hex!("0dade2c95a9b85a8d2bc13ef"), + plaintext: &hex!("664ea95d511b2cfdb9e5fb87efdd41cbfb88f3ff47a7d2b8830967e39071a89b948754ffb0ed34c357ed6d4b4b2f8a76615c03"), + aad: b"", + ciphertext: &hex!("ea94dcbf52b22226dda91d9bfc96fb382730b213b66e30960b0d20d2417036cbaa9e359984eea947232526e175f49739095e69"), + tag: &hex!("5ca8905d469fffec6fba7435ebdffdaf"), + }, + GcmTV { + key: &hex!("aa5fca688cc83283ecf39454679948f4d30aa8cb43db7cc4da4eff1669d6c52f"), + nonce: &hex!("4b2d7b699a5259f9b541fa49"), + plaintext: &hex!("c691f3b8f3917efb76825108c0e37dc33e7a8342764ce68a62a2dc1a5c940594961fcd5c0df05394a5c0fff66c254c6b26a549"), + aad: b"", + ciphertext: &hex!("2cd380ebd6b2cf1b80831cff3d6dc2b6770778ad0d0a91d03eb8553696800f84311d337302519d1036feaab8c8eb845882c5f0"), + tag: &hex!("5de4ef67bf8896fbe82c01dca041d590"), + }, + GcmTV { + key: &hex!("1c7690d5d845fceabba227b11ca221f4d6d302233641016d9cd3a158c3e36017"), + nonce: &hex!("93bca8de6b11a4830c5f5f64"), + plaintext: &hex!("3c79a39878a605f3ac63a256f68c8a66369cc3cd7af680d19692b485a7ba58ce1d536707c55eda5b256c8b29bbf0b4cbeb4fc4"), + aad: b"", + ciphertext: &hex!("c9e48684df13afccdb1d9ceaa483759022e59c3111188c1eceb02eaf308035b0428db826de862d925a3c55af0b61fd8f09a74d"), + tag: &hex!("8f577e8730c19858cad8e0124f311dd9"), + }, + GcmTV { + key: &hex!("dbdb5132f126e62ce5b74bf85a2ac33b276588a3fc91d1bb5c7405a1bf68418b"), + nonce: &hex!("64f9e16489995e1a99568118"), + plaintext: &hex!("b2740a3d5647aa5aaeb98a2e7bbf31edaea1ebacd63ad96b4e2688f1ff08af8ee4071bf26941c517d74523668ca1f9dfdbcaab"), + aad: b"", + ciphertext: &hex!("e5fec362d26a1286b7fd2ec0fa876017437c7bce242293ff03d72c2f321d9e39316a6aa7404a65ccd84890c2f527c1232b58d5"), + tag: &hex!("dfa591ee2372699758d2cc43bfcbd2ba"), + }, + GcmTV { + key: &hex!("8433a85f16c7c921476c83d042cb713eb11a83fc0cffe31dde97907f060b4ee9"), + nonce: &hex!("55ffc85ffd1cdea8b8c48382"), + plaintext: &hex!("23bc3983ba5b3be91c8a6aa148a99995241ee9e82ce44e1184beb742affbe48f545c9a980480cf1fab758a46e4711ea9267466"), + aad: b"", + ciphertext: &hex!("2f4bdc7b8b8cec1863e3145871554778c43963b527f8413bb9779935c138a34d86d7c76a9e6af689902f316191e12f34126a42"), + tag: &hex!("7dc63156b12c9868e6b9a5843df2d79e"), + }, + GcmTV { + key: &hex!("5d7bf55457929c65e4f2a97cbdcc9b432405b1352451ccc958bceebce557491d"), + nonce: &hex!("f45ae70c264ed6e1cc132978"), + plaintext: &hex!("ba5ac2a16d84b0df5a6e40f097d9d44bf21de1fcec06e4c7857463963e5c65c936d37d78867f253ce25690811bf39463e5702a"), + aad: b"", + ciphertext: &hex!("47c16f87ebf00ba3e50416b44b99976c2db579423c3a3420479c477cd5ef57621c9c0cee7520acb55e739cc5435bc8665a2a0c"), + tag: &hex!("456054ecb55cf7e75f9543def2c6e98c"), + }, + GcmTV { + key: &hex!("595f259c55abe00ae07535ca5d9b09d6efb9f7e9abb64605c337acbd6b14fc7e"), + nonce: &hex!("92f258071d79af3e63672285"), + plaintext: &hex!("a6fee33eb110a2d769bbc52b0f36969c287874f665681477a25fc4c48015c541fbe2394133ba490a34ee2dd67b898177849a91"), + aad: b"", + ciphertext: &hex!("bbca4a9e09ae9690c0f6f8d405e53dccd666aa9c5fa13c8758bc30abe1ddd1bcce0d36a1eaaaaffef20cd3c5970b9673f8a65c"), + tag: &hex!("26ccecb9976fd6ac9c2c0f372c52c821"), + }, + GcmTV { + key: &hex!("251227f72c481a7e064cbbaa5489bc85d740c1e6edea2282154507877ed56819"), + nonce: &hex!("db7193d9cd7aeced99062a1c"), + plaintext: &hex!("cccffd58fded7e589481da18beec51562481f4b28c2944819c37f7125d56dceca0ef0bb6f7d7eeb5b7a2bd6b551254e9edff3a"), + aad: b"", + ciphertext: &hex!("1cc08d75a03d32ee9a7ae88e0071406dbee1c306383cf41731f3c547f3377b92f7cc28b3c1066601f54753fbd689af5dbc5448"), + tag: &hex!("a0c7b7444229a8cfef24a31ee2de9961"), + }, + GcmTV { + key: &hex!("f256504fc78fff7139c42ed1510edf9ac5de27da706401aa9c67fd982d435911"), + nonce: &hex!("8adcf2d678abcef9dd45e8f9"), + plaintext: &hex!("d1b6db2b2c81751170d9e1a39997539e3e926ca4a43298cdd3eb6fe8678b508cdb90a8a94171abe2673894405eda5977694d7a"), + aad: b"", + ciphertext: &hex!("76205d63b9c5144e5daa8ac7e51f19fa96e71a3106ab779b67a8358ab5d60ef77197706266e2c214138334a3ed66ceccb5a6cd"), + tag: &hex!("c1fe53cf85fbcbff932c6e1d026ea1d5"), + }, + GcmTV { + key: &hex!("21d296335f58515a90537a6ca3a38536eba1f899a2927447a3be3f0add70bea5"), + nonce: &hex!("2be3ad164fcbcf8ee6708535"), + plaintext: &hex!("ad278650092883d348be63e991231ef857641e5efc0cab9bb28f360becc3c103d2794785024f187beaf9665b986380c92946a7"), + aad: b"", + ciphertext: &hex!("b852aeba704e9d89448ba180a0bfde9e975a21cc073d0c02701215872ed7469f00fe349294ba2d72bf3c7780b72c76101ba148"), + tag: &hex!("bdd6d708b45ae54cd8482e4c5480a3c1"), + }, + GcmTV { + key: &hex!("d42380580e3491ddfbc0ec32424e3a281cbe71aa7505ff5ab8d24e64fbe47518"), + nonce: &hex!("fbed88de61d605a7137ffeb2"), + plaintext: &hex!("4887a6ef947888bf80e4c40d9769650506eb4f4a5fd241b42c9046e3a2cf119db002f89a9eba1d11b7a378be6b27d6f8fc86c9"), + aad: b"", + ciphertext: &hex!("87aa27f96187ce27e26caf71ba5ba4e37705fd86ca9291ea68d6c6f9030291cdbff58bff1e6741590b268367e1f1b8c4b94cd4"), + tag: &hex!("d1690a6fe403c4754fd3773d89395ecd"), + }, + GcmTV { + key: &hex!("5511727ecd92acec510d5d8c0c49b3caacd2140431cf51e09437ebd8ca82e2ce"), + nonce: &hex!("ae80d03696e23464c881ccff"), + plaintext: &hex!("184b086646ef95111ccb3d319f3124f4d4d241f9d731ce26662ea39e43457e30b0bd739b5d5dbceb353ce0c3647a3a4c87e3b0"), + aad: b"", + ciphertext: &hex!("aa28cb257698963dfc3e3fe86368d881ac066eb8ee215a7c0ed72e4d081db0b940071e2e64ff6204960da8e3464daf4cb7f37b"), + tag: &hex!("c1578aa6e3325ee4b5e9fb9ee62a7028"), + }, + GcmTV { + key: &hex!("d48f3072bbd535a2df0a2864feb33b488596cd523ad1623b1cefe7b8cbefcf4a"), + nonce: &hex!("bbf2a537d285444d94f5e944"), + plaintext: &hex!("060c585bd51539afdd8ff871440db36bfdce33b7f039321b0a63273a318bd25375a2d9615b236cfe63d627c6c561535ddfb6bd"), + aad: b"", + ciphertext: &hex!("993d5d692c218570d294ab90d5f7aa683dc0e470efac279a776040f3b49386813f68b0db6a7aef59025cc38520fb318a1eac55"), + tag: &hex!("8cd808438a8f5b6a69ff3ae255bf2cb2"), + }, + GcmTV { + key: &hex!("5fe01c4baf01cbe07796d5aaef6ec1f45193a98a223594ae4f0ef4952e82e330"), + nonce: &hex!("bd587321566c7f1a5dd8652d"), + plaintext: &hex!("881dc6c7a5d4509f3c4bd2daab08f165ddc204489aa8134562a4eac3d0bcad7965847b102733bb63d1e5c598ece0c3e5dadddd"), + aad: &hex!("9013617817dda947e135ee6dd3653382"), + ciphertext: &hex!("16e375b4973b339d3f746c1c5a568bc7526e909ddff1e19c95c94a6ccff210c9a4a40679de5760c396ac0e2ceb1234f9f5fe26"), + tag: &hex!("abd3d26d65a6275f7a4f56b422acab49"), + }, + GcmTV { + key: &hex!("885a9b124137e40bd0f697771317e401ce36327e61a8f9d0b80f4798f30a731d"), + nonce: &hex!("beebc2f5a26fd2cab1e9c395"), + plaintext: &hex!("427ec568ad8367c202f5d9999240f9994cc113500154f7f49e9ca27cc8154143b855238bca5c7bd6d9852b4eebd41e4eb98f16"), + aad: &hex!("2e8bdde32258a5fcd8cd21037d0545eb"), + ciphertext: &hex!("a1d83aab6864db463d9d7c22419462bde0740355c1147c62b4c4f23ceeaf65b16b873b1cc7e698dff6e3d19cf9da33e8cbcba7"), + tag: &hex!("4fdbfd5210afa3556ec0fdc48b98e1eb"), + }, + GcmTV { + key: &hex!("21c190e2b52e27b107f7a24b913a34bd5b7022060c5a4dec9ab289ff8ae67e2d"), + nonce: &hex!("b28a61e6c1dfa7f76d086063"), + plaintext: &hex!("4e1b9528cf46b1dd889858d3904d41d3174dcb225923f923d80adbfe6eec144b1d4eb3690d0b8519c99beaee25bb50fd2d148f"), + aad: &hex!("d80657377ddbbed1f9b8d824b3c4d876"), + ciphertext: &hex!("7126fa807aa6b61a60958fe4cc8682bb256e5bbdc499d04a6caa81b23f9e67d3da4cf1994b5a8ecc7bce641864d0519a6509cd"), + tag: &hex!("d3e96568f2cd1a48771ee4f67ad042c1"), + }, + GcmTV { + key: &hex!("11c33ae37680130c51ed11bfaf0fcb6ed4fc7d903ff432b811763d2c7ef83a33"), + nonce: &hex!("0f224d26dbf632cebdce3b8b"), + plaintext: &hex!("f8a2affe5a7e67f2c62622e4a56804b48e529d1faf9096f94409224129921ce46aed898dd5391746e8170e05f91e0524166625"), + aad: &hex!("dee803732ff662cba9f861227f8b67cf"), + ciphertext: &hex!("3856558375c363b25e8f9e9e2eb63cf0e76a1c6e228893c7b22da4a69b682528b4a4ca2b99e7a537390e2d1e05a68f3e39c4e9"), + tag: &hex!("9b12691b2002ca9227035c68ea941ef3"), + }, + GcmTV { + key: &hex!("3b291794fbb9152c3e4f4de4608a9137d277bd651f97e738afaa548d97b4ec60"), + nonce: &hex!("4d1c69c6da96c085d31422ba"), + plaintext: &hex!("21b3ca1f47a0c7f6ebd097eda69d9e5b5fbf5c24d781658003cfd443ae7096be19e1cd3c14fe9738efb00847697fccb466ae1b"), + aad: &hex!("f3a5fa61a4e987413a8fab4aa51d895d"), + ciphertext: &hex!("6c1439cd2cb564e7944fd52f316e84aeffc3fd8024df5a7d95a87c4d31a0f8ea17f21442c709a83b326d067d5f8e3005ebe22a"), + tag: &hex!("e58048f2c1f806e09552c2e5cdf1b9d9"), + }, + GcmTV { + key: &hex!("8e7a8e7b129326e5410c8ae67fbd318de1909caba1d2b79210793c6b2c6e61c7"), + nonce: &hex!("8e48513fdd971861ef7b5dc3"), + plaintext: &hex!("ef6b4145910139293631db87a0d7782a1d95db568e857598128582e8914b4fa7c03c1b83e5624a2eb4c340c8ad7e6736a3e700"), + aad: &hex!("80bb66a4727095b6c201fb3d82b0fcf5"), + ciphertext: &hex!("e302687c0548973897a27c31911fc87ee93d8758c4ded68d6bd6415eaaf86bcc45fa6a1ef8a6ae068820549b170405b3fc0925"), + tag: &hex!("ff5c193952558e5a120e672f566be411"), + }, + GcmTV { + key: &hex!("d687e0262f7af2768570df90b698094e03b668ce6183b6c6b6ca385dcd622729"), + nonce: &hex!("50f6904f2d8466daa33c2461"), + plaintext: &hex!("79e3067d94464e019a7c8af10b53adf5b09426d35f2257c3cbaffe1ff720565c07e77aeef06f9d03a2353053992073a4ed1fc8"), + aad: &hex!("e8fa99432929d66f10205ad3e9592151"), + ciphertext: &hex!("18f6e6aeecc8dc5a3d0b63a2a8b7bfaf695bd9c49a7392dbfa8ed44771eebe27f94589d8a430da4cf03a8693bc7525e1fcac82"), + tag: &hex!("3c864eaa1b0ae44a7f0ad9ba287ba800"), + }, + GcmTV { + key: &hex!("26dc5ce74b4d64d1dc2221cdd6a63d7a9226134708299cd719a68f636b6b5ebd"), + nonce: &hex!("0294c54ff4ed30782222c834"), + plaintext: &hex!("ae4c7f040d3a5ff108e29381e7a0830221d5378b13b87ef0703c327686d30af004902d4ddb59d5787fecea4731eaa8042443d5"), + aad: &hex!("2a9fb326f98bbe2d2cf57bae9ecbeff7"), + ciphertext: &hex!("9601aec6bc6e8a09d054a01e500a4e4cdcc7c2cf83122656be7c26fc7dc1a773a40be7e8a049a6cdf059e93a23ca441ef1ca96"), + tag: &hex!("b620a8a0c8fe6117f22735c0ca29434c"), + }, + GcmTV { + key: &hex!("7fa0644efc7f2e8df4b311f54ba8b8c975b2c2aa97962f8ca8a322541bedaa9d"), + nonce: &hex!("5e774e45a07eeb9721734412"), + plaintext: &hex!("84d1c75455e4c57419a9d78a90efc232c179517fe94aff53a4b8f7575db5af627f3d008006f216ecfc49ab8da8927ff5dc3959"), + aad: &hex!("6ad673daa8c412bf280ea39ba0d9b6d4"), + ciphertext: &hex!("e2f00b5a86b3dec2b77e54db328c8d954d4b716f9735e5798b05d65c512674d56e88bda0d486685a45d5c249719884329e3297"), + tag: &hex!("0ce8eb54d5ad35dd2cb3fa75e7b70e33"), + }, + GcmTV { + key: &hex!("91d0429f2c45cf8ab01d50b9f04daaaccbe0503c9f115f9457c83a043dc83b23"), + nonce: &hex!("34401d8d922eebac1829f22e"), + plaintext: &hex!("d600d82a3c20c94792362959de440c93119a718ac749fa88aa606fc99cb02b4ca9ba958d28dc85f0523c99d82f43f58c5f979b"), + aad: &hex!("1b29de9321aebc3ff9d1c2507aee80e9"), + ciphertext: &hex!("84cbc9936eb7270080bb7024780113d064eccb63d3da0bd6bce4f8737d28304bfb6102f3ae9c394cc6452633fc551582bbfe1d"), + tag: &hex!("e132dc8a31d21f24ea0e69dfb6b26557"), + }, + GcmTV { + key: &hex!("44e6411b9fbfcef387d0ca07b719181c7567e27dba59e8e1c3cc1763cfeaca04"), + nonce: &hex!("25a1cfd97bd8e63de5d65974"), + plaintext: &hex!("db28a592b1f3603c287991a69cc64eacdd62046445a8ba4067575f12553de155d06a9b40ddf58fec56c8171687b9cb54b1f346"), + aad: &hex!("4b1751b074ab649d27fd3f2c4d7ee33a"), + ciphertext: &hex!("36bf6bb761b2248fe71a620e34e9d18e12a74ca42c9a9a21d30345995a83eb44bcae3c67c020730cd8d5e51a741694cc396469"), + tag: &hex!("e69ebf80a88d6eca41ae87cdcab4e1f2"), + }, + GcmTV { + key: &hex!("a94bfcefae90f9078860db80ccc50819eadf7cce29df3279f94f5eea97009ef2"), + nonce: &hex!("f481bcb7f5da296e9454ff78"), + plaintext: &hex!("97d0c7dfcab32a386f51d92e89333ec84eecd552e68d14cf48b75067bf0e1946ad03a5d063b852ca053c929088af45d0884a88"), + aad: &hex!("9f80d845577818df9ba984ee552ae203"), + ciphertext: &hex!("18a1c9bfe1b1dfdd06e465df347c1e942b37b3e48cb0c905841a593b5b0d0330feb3b8970dbc9429252a897f0f8e12860ea39a"), + tag: &hex!("10cf4d335b8d8e7e8bbaf49222a1cd66"), + }, + GcmTV { + key: &hex!("a50a60e568ff35a610ef9479c08bbc7bb64c373fc853f37fa6b350250a26f232"), + nonce: &hex!("5ada1d4aca883d7bd6fa869f"), + plaintext: &hex!("9ea44e72a1d21395cd81d20db05816441010efd8f811b75bb143ab47f55eefce4eec5f606fa5d98b260d7e5df4a7474cbd8599"), + aad: &hex!("cc7a7a541be7a6d1b846354cb6a571e6"), + ciphertext: &hex!("4165b135187faeb395d4531c062738e0d47df8bed91982eb32e391a6b3711f117b6fae0afde791de3e72fcf96d2b53ff1a621a"), + tag: &hex!("e2cbfea2100585b2cbe5107da17ff77a"), + }, + GcmTV { + key: &hex!("5ff3311461d247ceb1eaf591292fcba54308dd3484fd1851e09a12b8f6663fc1"), + nonce: &hex!("61af2e6aec183129cf053c2b"), + plaintext: &hex!("920df8b2888a74022ede6919ed0bf48ccf51e395fe5bfa69a6209ff9a46674024eaa4f43ae2c933730b9fdc8ad216130447cc8"), + aad: &hex!("5eafed6674f2ae83397df923e059db49"), + ciphertext: &hex!("0e35e1208168b639e012df398bc8bf2b19b08d46af0353cd78f6d1b7ae14e6224c1da6fdc9433b171f1cd2b512d5f1acd84f03"), + tag: &hex!("5bc77eb02e4d51e2019446b468498d0e"), + }, + GcmTV { + key: &hex!("42e93547eee7e18ec9620dd3dc0e2b1cf3e5d448198a902ded3f935da9d35b33"), + nonce: &hex!("e02e12ba92a6046af11adf0e"), + plaintext: &hex!("6c3704b32527ace3d5236687c4a98a1ad5a4f83c04af2f62c9e87e7f3d0469327919d810bb6c44fd3c9b146852583a44ed2f3c"), + aad: &hex!("ac3d536981e3cabc81211646e14f2f92"), + ciphertext: &hex!("8b6506af703ae3158eb61e2f9c2b63de403b2ebc6b1e6759ceb99c08aa66cb07d1d913ac4acd7af9b9e03b3af602bcaf2bb65e"), + tag: &hex!("a6ce2ccb236fc99e87b76cc412a79031"), + }, + GcmTV { + key: &hex!("24501ad384e473963d476edcfe08205237acfd49b5b8f33857f8114e863fec7f"), + nonce: &hex!("9ff18563b978ec281b3f2794"), + plaintext: &hex!("27f348f9cdc0c5bd5e66b1ccb63ad920ff2219d14e8d631b3872265cf117ee86757accb158bd9abb3868fdc0d0b074b5f01b2c"), + aad: &hex!("adb5ec720ccf9898500028bf34afccbcaca126ef"), + ciphertext: &hex!("eb7cb754c824e8d96f7c6d9b76c7d26fb874ffbf1d65c6f64a698d839b0b06145dae82057ad55994cf59ad7f67c0fa5e85fab8"), + tag: &hex!("bc95c532fecc594c36d1550286a7a3f0"), + }, + GcmTV { + key: &hex!("fb43f5ab4a1738a30c1e053d484a94254125d55dccee1ad67c368bc1a985d235"), + nonce: &hex!("9fbb5f8252db0bca21f1c230"), + plaintext: &hex!("34b797bb82250e23c5e796db2c37e488b3b99d1b981cea5e5b0c61a0b39adb6bd6ef1f50722e2e4f81115cfcf53f842e2a6c08"), + aad: &hex!("98f8ae1735c39f732e2cbee1156dabeb854ec7a2"), + ciphertext: &hex!("871cd53d95a8b806bd4821e6c4456204d27fd704ba3d07ce25872dc604ea5c5ea13322186b7489db4fa060c1fd4159692612c8"), + tag: &hex!("07b48e4a32fac47e115d7ac7445d8330"), + }, + GcmTV { + key: &hex!("9f953b9f2f3bb4103a4b34d8ca2ec3720df7fedf8c69cac900bd75338beababe"), + nonce: &hex!("eb731ae04e39f3eb88cc77fa"), + plaintext: &hex!("3b80d5ac12ba9dad9d9ff30a73732674e11c9edf9bb057fd1c6adc97cf6c5fa3ee8690ad4c51b10b3bd5da9a28e6275cbe28cb"), + aad: &hex!("d44a07d869ac0d89b15262a1e8e1aa74f09bcb82"), + ciphertext: &hex!("1533ce8e2fc6ab485aef6fcfb08ded83ae549a7111fce2a1d8a3f691f35182ce46fce6204d7dafb8d3206c4e4b645bc3f5afd1"), + tag: &hex!("f09265c21f90ef79b309a93db73d9290"), + }, + GcmTV { + key: &hex!("2426e2d1cd9545ec2fb7ab9137ad852734333925bfc5674763d6ee906e81c091"), + nonce: &hex!("49a094a71d393b36daa4a591"), + plaintext: &hex!("7cbe7982d365a55d147c954583f9760a09948ab73ebbe1b2c1d69ed58e092a347392192cfe8bce18ca43ee19af7652331bd92c"), + aad: &hex!("177309cfc913e3f5c093e8b1319ba81826d43ce5"), + ciphertext: &hex!("cab992e17cf6ec69fd3c67ea0424bcd67475a7f1f16e6733c4419d1b5a755f78d6eda8e368360d403800a08f0d52b4bc0aa0ab"), + tag: &hex!("b125f8caee9e54b9f9414b1c09021ed8"), + }, + GcmTV { + key: &hex!("8dc1b24bcbbee3cb8e14b344166d461d00c7490041edc9fa07e19cc82a3ed9c4"), + nonce: &hex!("31768ad18c971b188d947019"), + plaintext: &hex!("84e4f79dbb7209cbaf70e4fefe137c494786c899602783e9c034296978d7f0c571f7ea9d80ed0cc4723124872d7326890300c1"), + aad: &hex!("eb3673b64560cca7bda76a1de7ae1014ee1acaee"), + ciphertext: &hex!("2402acd865d4b731bc9395eae0e57d38fdf5ce847ac7aef75791a52c7573ea9b3a296e62cb1ed97c4bd34be50ee7f3d75747cf"), + tag: &hex!("665abb725498ede2b0df655fc1765a2b"), + }, + GcmTV { + key: &hex!("bc898f643a5f2cd864c10b507b4b803b4ff4ace61fadcc7bcd98af394731b791"), + nonce: &hex!("cc447d83c0a6734a79778c64"), + plaintext: &hex!("124eb963cdb56fa49c70a9b1aa682445c55065f26859f1d16eef7cfe491587533eedd7e23deabddfc5550c2fa6a08b17822699"), + aad: &hex!("e932bd2e0e6c550d136f725e14c53d27ffb20f6a"), + ciphertext: &hex!("45d8908ef9eef369e78b7ea0b7d023a92c63648271927efe9b0220eb09ed96f3b635c6ec8bfc68b4c228b712494bb37f4c7f1a"), + tag: &hex!("47899857494bac28d2176a9c923026b2"), + }, + GcmTV { + key: &hex!("8e82a85466ee024eb1ae10c4982d6a95e6dbe5582299ab37fe89a9db80ab51a6"), + nonce: &hex!("04cfd489e18eeb7a4a8ab36b"), + plaintext: &hex!("3aa2e4eaed18c4602715ae77379e9083708af9f9b49031324d41abca61440319c8c8e6dbcc20006a825b12ced00b2286848a94"), + aad: &hex!("7bb54b1a6ed0ca387268a146430c0bfa2602a8fd"), + ciphertext: &hex!("674b1391937074642408eeae9b748ca629da9fd00281824f5a108f6078ee78f98749392bb6e29b53e53e4b11739ac53a8e653b"), + tag: &hex!("e320a873a9c2e8ef455698c37ea59a6d"), + }, + GcmTV { + key: &hex!("f1f2c5503ebf35ac1373c29e2305e963f89f6ed015a181b70fb549429805d5d9"), + nonce: &hex!("2fb5c6a24f406872755db05c"), + plaintext: &hex!("b4a2809198035c277637bb1c2927fb5c60b49ef9087c800012d8663d997983fcb78d51a054114a24e1e1b5214b58e7dee47195"), + aad: &hex!("92c1f3489aed90aedafb55562a34b3f4be29e101"), + ciphertext: &hex!("f051a3a968278a46630b2894a0d386c18fa034960d8ddd14e88e1071afbbca5baf02967c2270117b4fb2bd4cfd032174505f99"), + tag: &hex!("6f1db5293660b6904f7f008e409bdc06"), + }, + GcmTV { + key: &hex!("f0338d26d74bd1768da5bb79c59fab2b4abe1966324048790c44bc98a6b34b6c"), + nonce: &hex!("c8269e4406fa0be1cf057b2f"), + plaintext: &hex!("323c373e4d85a1fd21f387fdd8c7e6aeebd5aae893d7af286cb214600cba8b9eb06df085a2dc5aed870259f7f3cc81d3eb53bd"), + aad: &hex!("13fb0edcba095cef9c4343a0629fd5020f03729d"), + ciphertext: &hex!("08572b9cf9bcfd21d4403a1218d94476b9ee8c3b94c56625c21ccaf4c0efa34cf22a532389210793699c9de1ab14f8c4c52928"), + tag: &hex!("29968c9fb610940cee9fd5b2f7c8ba21"), + }, + GcmTV { + key: &hex!("a67648285b65b9196060aaa02af279170164353e38fb77c3968c403cfa9acdc8"), + nonce: &hex!("0822d6b3e91eccb7e14245fd"), + plaintext: &hex!("b5d271768c12ccabf89eb2d58cbde840c26d1c9b3692581f90c8b0d7b2cff31ae9192d284f5448de7d924a7b08f115edae75aa"), + aad: &hex!("0d9a5af7ac27438d92534d97ff4378274790e59f"), + ciphertext: &hex!("b59041eed7abc2ff507d1932b5c55ac52728e5ac6648dcc74b38870db6181b1989f95a0144f0db368ec50414cfda0b977141e3"), + tag: &hex!("1d12ce89e1261d73470f3ae36ab87288"), + }, + GcmTV { + key: &hex!("51162b2435f3cf43471f4cc0ffac98b438501ee9b887843a66e9951ca35b8767"), + nonce: &hex!("dcb902eaa837ed22bf5fa636"), + plaintext: &hex!("3edf43358f5109a4dfb4a02987170a67cdd170f6028f7708bdd7726f476b882b9640270f2270f7babfa384181c8e58c15d04c4"), + aad: &hex!("4d459905ff89aed07dcda43a3d191a3da9309faa"), + ciphertext: &hex!("046a2313d36cbc43b6d0787e5ef37d153090a31d0f6656004034be72b9b07ace3a8abe8614362282d87da40c29c60a1a9f5c40"), + tag: &hex!("c7410b5cb94d2877c189983791cee82e"), + }, + GcmTV { + key: &hex!("2fa2beb1cde2226f28fb42a5fb0af3fc58fbb76bf14aa436e6535d466456a0f4"), + nonce: &hex!("50190514a3740b3c0b1df576"), + plaintext: &hex!("a5e0b4837dfca263ba286abf7940b6e70fabb55d8dee5028617c1190fbd327f79b79d2f34db6076ab07cecff7114b15ca02a33"), + aad: &hex!("25142928c1ae9c7b850309e07df359389db539fc"), + ciphertext: &hex!("850fd22bd0897b98ce40bc6c1345a9d59abf796b1b8c34ee8b377e54ee7d59dec05c022ecae96ffdfa1311bdd4e7a9d35aac47"), + tag: &hex!("4b5ab89b4f627ca32d12a1791c286870"), + }, + GcmTV { + key: &hex!("a92a797ce2b2f382030b77a1abe94c8076eee88de2dc4929350b244dbdaddd30"), + nonce: &hex!("716f577401a7893c42c91710"), + plaintext: &hex!("9d26ff79a89720fab6e4cda85887e3c0c3f86a4670d065c8ea68042b6f9f16dd2c5b31acb36331f5b1e50f08c492dc12eebd9e"), + aad: &hex!("8642681f1839b88990c2a939f00c9b90766dadac"), + ciphertext: &hex!("3080bcf3604cf81f5f2c6edc80dfe5d877168a9903598a700a0bbae188fadc7a8b76a04b40400f9252d7f9437fa8f024a3bdeb"), + tag: &hex!("8fc56f6bf48efb00476886b2a03ecb89"), + }, + GcmTV { + key: &hex!("89d0723e5a087456b7b709b8b21be380b463ba3dc9b79170e9947526798fe91c"), + nonce: &hex!("68e2f307b7d49d4d9c041755"), + plaintext: &hex!("7fe2afb710e8fd49cca1c2ba8fd0814594fba4d667017630e170a8a379fa5837bf370ca1cd4c98bd8c4f13eb7068ffa71ab07c"), + aad: &hex!("b34805b30703a62b6d37c93f2443e1a33154b5fb"), + ciphertext: &hex!("b841012752bbf1dfa7b59366dbf353bf98b61ff2e6e7a13d64d9dcb58b771003c8842ac002aac1fa8ca00a21eaf101ab44f380"), + tag: &hex!("73a93e2722db63c2bbf470d5193b2230"), + }, + GcmTV { + key: &hex!("329a6e94b1cce693e445694650d62b8c2c9ab03a09e6d4eca05c48291e576b89"), + nonce: &hex!("78f471bc32f8637a213e87ac"), + plaintext: &hex!("65264d75e1a176a7e966e59109cd074ac5d54740eb0c58084af023e5599eb611846199579d95ba94b6d25ee4d9074b9714f231"), + aad: &hex!("c00c465524e2e2f8a55c0793ed9af851be45a70e"), + ciphertext: &hex!("964d665d1e3c1018dfd883e217cfe4c856cc844f7644b53bb68fbe66f8541fa43ac54e92a2b194d6d8929fe031e94b3e70eca0"), + tag: &hex!("fd511385711236f2e99e6da5042007b7"), + }, + GcmTV { + key: &hex!("463b412911767d57a0b33969e674ffe7845d313b88c6fe312f3d724be68e1fca"), + nonce: &hex!("611ce6f9a6880750de7da6cb"), + plaintext: &hex!("e7d1dcf668e2876861940e012fe52a98dacbd78ab63c08842cc9801ea581682ad54af0c34d0d7f6f59e8ee0bf4900e0fd85042"), + aad: &hex!("0a682fbc6192e1b47a5e0868787ffdafe5a50cead3575849990cdd2ea9b3597749403efb4a56684f0c6bde352d4aeec5"), + ciphertext: &hex!("8886e196010cb3849d9c1a182abe1eeab0a5f3ca423c3669a4a8703c0f146e8e956fb122e0d721b869d2b6fcd4216d7d4d3758"), + tag: &hex!("2469cecd70fd98fec9264f71df1aee9a"), + }, + GcmTV { + key: &hex!("55f9171a03c21e09e3a5fd771e56bffb775ebb190319f3dc214c4b19f72e5482"), + nonce: &hex!("14f3bf95a08e8f52eb46fbf9"), + plaintext: &hex!("af6b17fd67bc1173b063fc6f0941483cee9cbbbbed3a4dcff55a74b0c9535b977efa640e5b1a30faa859fd3daa8dd780cc94a0"), + aad: &hex!("bac1ddefd111d471e75f0efb0f8127b4da923ecc788a5c91e3e2f65e2943e4caf42f54896604af19ed0b4d8697d45ab9"), + ciphertext: &hex!("3ae8678089522371fe4bd4da99ffd83a32988e0728aa3a4970ded1fe73bc30c2eb1fe24c0ff5ab549ac7e567d7036628fd718d"), + tag: &hex!("cf59603e05f4ed1d2da04e19399b8512"), + }, + GcmTV { + key: &hex!("54601d1538e5f04dc3fe95e483e40dec0aaa58375dc868da167c9a599ed345d9"), + nonce: &hex!("c5150872e45c341c2b99c69a"), + plaintext: &hex!("ae87c08c7610a125e7aa6f93fac0f80472530b2ce4d7194f5f4cb8ac025323c6c43a806788ef50c5028764ec32f2839005c813"), + aad: &hex!("93cd7ee8648a64c59d54cdac455b05ffdfc2effe8b19b50babd8c1a8c21f5dc8dc6050e2347f4cd28701594b9f8d4de5"), + ciphertext: &hex!("d5f005dc67bdc9738407ce2401977f59c9c83520e262d0c8db7fe47ae0eada30d674694f008e222f9733a6e63d81499e247567"), + tag: &hex!("3470155144c74929980134db6995dd88"), + }, + GcmTV { + key: &hex!("e966c470cbecc819260640d5404c84382e6e649da96d29cad2d4412e671ed802"), + nonce: &hex!("b3a92d6f49fe2cb9c144d339"), + plaintext: &hex!("7adf6fcb41d59b8d2b663010c3d4cf5f5f0b95cf754f76f8626c4428467e5c6684e77e7857b1cc755762e9ea9117e3bb077040"), + aad: &hex!("dfa62a3a4b5b3af6770cfd3cef3bbb4cce3f64925782a9a8a6e15fe3744d8f9310400dd04e8d7966c03850539e440aa5"), + ciphertext: &hex!("5f5b09486e6cd2a854e5622b4988e2408fddaca42c21d946c5cd789fe5a1306ef33c8cd44467ad7aa4c8152bce656a20367284"), + tag: &hex!("2b388109afdada6473435230d747b4eb"), + }, + GcmTV { + key: &hex!("4a8a12c0575ec65ae1c5784d2829bc7b04818eb00bd4c90a0d032ea281076e27"), + nonce: &hex!("959f113b705397fb738018b0"), + plaintext: &hex!("0c5571195586e4fc7096fb86cfcd6684081446f3d7adc33a897f03ac4ff6c3cc2019b67bd3184c86070764f6deaa8a10d0d81f"), + aad: &hex!("adb8bc96142a1025122dc22f826957197af33dcdcf6b7ab56bc1a5e17e8534e48b8daf685faf9543bb343614bdf6737f"), + ciphertext: &hex!("84212d5991231d35c4e8621163e5b370a0105a05856866e74df72c0808c062981570d32d274ea732fa4d29f9cfa7839cadbe6a"), + tag: &hex!("39cee3b8fa0bf92605666ccd9eb19840"), + }, + GcmTV { + key: &hex!("6197a4fa7cfcedeff223f69ea68b4ddf54b683350c20875be353077e9bbce346"), + nonce: &hex!("1a69ecabd42c53c0ec64fcd0"), + plaintext: &hex!("40a487b4daf866c20f3c4911a0586709c3344aa988dc9c464bcf36cc4e3d92701e611e60cf69f3edbf76cd27ff6ba935026d7f"), + aad: &hex!("b20a7ca5b5b603f661587e01f7ef171823ef463c187ded77a3d616400cc1d2b0b688ac9e927498341560cbc8eb9a4198"), + ciphertext: &hex!("06420fa038ee62db30cc05bfe34c8d2c39a9d439653907c512ed606511921fe76110913a5bfb6b6c7b23d7f8883f5ab65f4b14"), + tag: &hex!("4d3097c9919002cd1da83f29820312ed"), + }, + GcmTV { + key: &hex!("c9dbe185023ecaa78be9bfac1b91b9da6bd7c11349feb69e6b0be83a838e77b2"), + nonce: &hex!("8940fa7c6afd3f7a09ec93b6"), + plaintext: &hex!("075be0d61273e6975978d0b88b3fa38fc398d4d0f22a342a8afa5562af0e7c8fa548f0d8faec898a20c97e851754992c1ed4a3"), + aad: &hex!("f17bd357608365e66b98e49191cdc2a3813bba5a1b7988aa8aaaaad4b86d0ef4e2698cad799d63fcd2a5e87c0e3e929a"), + ciphertext: &hex!("615c1097d577363a77bfc7dd57179acb68166e78021b3397d7029ce33cbc848f036b9c07989eeb9f42aeaeebe8542f103b1d32"), + tag: &hex!("a22ab25fd8a6127469e8ce9ff686d575"), + }, + GcmTV { + key: &hex!("e6cdcf497a6e119009bf43ac183d2dd4d4e967964ef92811f69eb18d92923305"), + nonce: &hex!("3e88459a76e1dcc890788297"), + plaintext: &hex!("72a3dfb555ba0029fc3d1c85b836f76135bd1858189efdde2db29045f2c26e6a65627d81a0b85ca42e8269d432a41154e929ac"), + aad: &hex!("a359f86ec918537d80a84da7b66bca700c1ff9ec7f8695a30808d484da218d15ae89c5f943e71778445130191f779001"), + ciphertext: &hex!("9ae3f8ccae0bb5789b1105118760c406e41175a76612435cb0c8be225ea6b368c9d08c9d9a24b512d1458e94af79e3060ab69e"), + tag: &hex!("ac3bbc8fd6a7097df6f298411c23e385"), + }, + GcmTV { + key: &hex!("de5531b50888b61d63af2210ee23f46d91a5e60312bd578584af586bf22ea756"), + nonce: &hex!("0fde8689b0348bbcfaa89fec"), + plaintext: &hex!("80621e54eef1c92afb1f64ed860e39311eea7e2cca6f5624008c1d2e581d7112b7ee0b559fc3db575b7b7c42ee4f2a20442dc0"), + aad: &hex!("22db97cd5f359f12aec66c51c7da79ba629db4c8c7e5501be2ec1e4cc3f3944b6e3057d093bc68b735b5156950f91804"), + ciphertext: &hex!("933018419a32b7bf65f9777c44889a44b32d61ceddbb46839366ce2ca2ffeb1833f46559e59c93bb07f622d9633f13932cf7f1"), + tag: &hex!("25023a4ee9bdbf525cfef888e2480f86"), + }, + GcmTV { + key: &hex!("bc0c6368a9bb2622f6d5ba12de581f003336c298adac34499bf26b11e630f891"), + nonce: &hex!("2aa8f30b567cf1edd818e42d"), + plaintext: &hex!("1dcc1a3167fba55c00d3383e26d386eaa0449154599992da7f7f6598f41b3eb8e4d0a9143dfcab963f5c390a6ae2010fbcf6ec"), + aad: &hex!("0e28ebf87eb757e83031fb836f7b049a46bd740b0a39c9b798d2407e1150da86dfe84121c7c98449559453ad7558e779"), + ciphertext: &hex!("78d00a6e3302369817b9cf1f24ea13c41751382e3fea74403d094737e32fb507184cfebce48d10b4ce8db12ef961e4df2c8e95"), + tag: &hex!("c0aff3594f86b58e229c7ad05c2b84f0"), + }, + GcmTV { + key: &hex!("5d98a0c7ad6f9c0b116613ca5082250356a6a9bca55fe1a4a2962b733214dac4"), + nonce: &hex!("8b2d8e8d83bdd6a3125dd997"), + plaintext: &hex!("4f3685c2cfbc856379d1fd00f9611fe4c0a4b9c4013fe1bee144449709a6a7e31ff6fb0da74ed464b066b03b50f19cd7f5f9bc"), + aad: &hex!("2f20636d46ce37e9bb0ca0c41d819e3eabcedacbd1ca3ced112d3ad620bbd3b2effe80d3ec8760706e8f14db83139a70"), + ciphertext: &hex!("8e178c0e3e5d22b3be897e0b8879b0d53fef2efb9946ccff6d717b001e3033f2cc22d01d9551e9c0749de704fbe3189328cbb0"), + tag: &hex!("541b7db823e37b5ed323626b9c6748f6"), + }, + GcmTV { + key: &hex!("d80a2703e982de1a2fe706ffe6e389f351ab356ccf056df045e2941b42ef21a4"), + nonce: &hex!("1521ab8f7242cba05427f429"), + plaintext: &hex!("6f9fde28e85776a49cfbad1459d94611757a3cd996aa6e2d702d0483a4d88d532131ebd405b351226b16d19d30d32807a1d511"), + aad: &hex!("5395de90d6bec7c159ab9d6cfa663bdc6295d025e1fcc8b760b9ba42d785eda218dabc6fa7c0f733ad77f61682bff2db"), + ciphertext: &hex!("1e72a8495ceadaf0d31b28ba7cb7c37ccb117761d38fe7dd98eb230ff4ea0b400401e9b5311a7be9b2a533523ad469e2fdb233"), + tag: &hex!("bb174b7624c935ff75b3b77ff7068a98"), + }, + GcmTV { + key: &hex!("6d5c69d7135c0b5b7fef512c127fa788092f1a908358ab658b8f23e463409aa5"), + nonce: &hex!("b36cccad38cd6148a384a026"), + plaintext: &hex!("b4e74f5c56f2ea056d9ff931525944dfad207e063ba226c354e0320a50449967e964580d9b57028c14005aba6865f8bc6a3ef8"), + aad: &hex!("b19f4616bb1452251a2a7dbf78f920194f139e0424d27683621d1ee1e865737c2466e058439c8e122e582a7b63607ce9"), + ciphertext: &hex!("1ce12cd5502efa9ea259584ae9b3c7dbd9444380d4b77a2c787f9b2257019b23ee183dffebb3106a26b18d8a23445626a578e2"), + tag: &hex!("62945e31bae3181855b69c37898ac5bf"), + }, + GcmTV { + key: &hex!("e6afe3c4db2c1d13edb1c5931b2b4b515ec0fd6201139ee1ea55cec92263830e"), + nonce: &hex!("358bd9ea64177d1e23a41726"), + plaintext: &hex!("710bb3394b094ee7d053bc6599b26dafd337e8a61c580d0446c3bf195e77ca5132c8ec3a47a61579dce38360bba7c65e4d5634"), + aad: &hex!("7e0f841cddd7eeebd1ec7b7b8d0e2f71656e5e9ff3cfa739c0b9d0ec4941a0b3f3b396690dbe5f5082d6fb6dd701c68d"), + ciphertext: &hex!("4574a8db515b41c14c2a962dff34e2161a7195c491b11b79889aff93c5b79a6455df9fe8ef5c5b9edb5da1aa9fe66058b9065f"), + tag: &hex!("7c928d7f5cbac9bb4b5928fe727899eb"), + }, + GcmTV { + key: &hex!("5cb962278d79417b7795499e8b92befe4228f3ba5f31992201aa356a6d139a67"), + nonce: &hex!("76f7e7608f09a05f336994cf"), + plaintext: &hex!("2e12cbd468086aa70e2ecd1ddef561e85c225dd083e5956f5c67503344b0ea982bb5044dafbcc02a5b9be1e9b988902d80172b"), + aad: &hex!("032de3fdec273fc8446c2bf767e201f2c7c190acf9d6d321a24a0462cbc3356e798fe23d6c1b4fe83be9c95d71c05504"), + ciphertext: &hex!("c959344a46aa5216d2b37c832436eb72a4a363a6df5642cfbbfd640dea1d64c80bd97eabc1aab192969ee0b799e592a13d2351"), + tag: &hex!("51b227eaf7228a4419f2f3b79b53463a"), + }, + GcmTV { + key: &hex!("148579a3cbca86d5520d66c0ec71ca5f7e41ba78e56dc6eebd566fed547fe691"), + nonce: &hex!("b08a5ea1927499c6ecbfd4e0"), + plaintext: &hex!("9d0b15fdf1bd595f91f8b3abc0f7dec927dfd4799935a1795d9ce00c9b879434420fe42c275a7cd7b39d638fb81ca52b49dc41"), + aad: &hex!("e4f963f015ffbb99ee3349bbaf7e8e8e6c2a71c230a48f9d59860a29091d2747e01a5ca572347e247d25f56ba7ae8e05cde2be3c97931292c02370208ecd097ef692687fecf2f419d3200162a6480a57dad408a0dfeb492e2c5d"), + ciphertext: &hex!("2097e372950a5e9383c675e89eea1c314f999159f5611344b298cda45e62843716f215f82ee663919c64002a5c198d7878fd3f"), + tag: &hex!("adbecdb0d5c2224d804d2886ff9a5760"), + }, + GcmTV { + key: &hex!("e49af19182faef0ebeeba9f2d3be044e77b1212358366e4ef59e008aebcd9788"), + nonce: &hex!("e7f37d79a6a487a5a703edbb"), + plaintext: &hex!("461cd0caf7427a3d44408d825ed719237272ecd503b9094d1f62c97d63ed83a0b50bdc804ffdd7991da7a5b6dcf48d4bcd2cbc"), + aad: &hex!("19a9a1cfc647346781bef51ed9070d05f99a0e0192a223c5cd2522dbdf97d9739dd39fb178ade3339e68774b058aa03e9a20a9a205bc05f32381df4d63396ef691fefd5a71b49a2ad82d5ea428778ca47ee1398792762413cff4"), + ciphertext: &hex!("32ca3588e3e56eb4c8301b009d8b84b8a900b2b88ca3c21944205e9dd7311757b51394ae90d8bb3807b471677614f4198af909"), + tag: &hex!("3e403d035c71d88f1be1a256c89ba6ad"), + }, + GcmTV { + key: &hex!("c277df045d0a1a3956958f271055c229d2634427b1d73e99d54920da69f72e01"), + nonce: &hex!("79e24f84bc77a21a6cb14ee2"), + plaintext: &hex!("5ca68d858cc30b1cb0514c4e9de98e1a1a835df401f69e9ec6f1bcb1158f09114dff551683b3827457f77e17a7097b1ea69eac"), + aad: &hex!("ca09282238d492029afbd30ea9b4aa9d448d77b4b41a791c35ebe3f8e5034ac71210117a843fae647cea020712c27e5c8f85acf933d5e28430c7770862d8dbb197cbbcfe49dd63f6aa05fbd13e32c459342698dfee5935c7c321"), + ciphertext: &hex!("5c5223c8eda59a8dc28b08e6c21482a46e5d84d32c7050bf144fc57f4e8094de133198da7b4b8398b167204aff837da15d9ab2"), + tag: &hex!("378885950a4491bee3cd681d3c957b9a"), + }, + GcmTV { + key: &hex!("4d07f78d19e6d8bb32bf209f138307890f0f1ae39362779ff2bf1f9b734fe653"), + nonce: &hex!("d983a5d5af78a3b1cd5fbd58"), + plaintext: &hex!("94f0bbc4340d97d854e25cc7ce85ea1e781e68bf6f639e0a981bb03e3c209cbf5127171cb0fff65bc3ecac92774d10146d1ac5"), + aad: &hex!("a3dc9ff9210bc4b3276909883db2c2aa0762cd22b46901a248c0372d073e7778b9c1d8469b26bb42406e484ef7747f71dea785fc0020a2eac17e0ac3fbe0453629efd68d5678fbecc10af8ffbe7828f826defb638763f4ecfe82"), + ciphertext: &hex!("6543b4d97fccd273b36436fef719ac31bf0e5c4c058ea71aea2a0e5b60e329be6ea81ce386e6e9fe4480e58363c3b2036865ac"), + tag: &hex!("924cf7c0770f228a4b92e9b2a11fc70b"), + }, + GcmTV { + key: &hex!("9572b9c57abdf1caae3bebc0e4bbf9e556b5cbacca2c4756050fefd10a666155"), + nonce: &hex!("de292a9858caaccdcab6a433"), + plaintext: &hex!("6f420a32708ccd4df0d3149e8c1d88dceba66ee4546f38db07046ebf30f47627f7fdda1dd79783adabe5f6b6853857b99b864c"), + aad: &hex!("a042d97a9b8f6caf51c5f24522d7ed83e2c5d8ec6b37ef2598134a30e57319300c3fdf92fb1d9797f5ef00971f662aae768f69f9ca0455bd6d1059d5f85b8ecb977006b833f90ac2d5bbf4498c83f4d1a42584c0dfc4a2e2453c"), + ciphertext: &hex!("a9af961d61ab578cc1348eb6f729603f481c5d9bf9bee3a13eda022bd09c03a4f207c21c45c0232a9742ae8f0c54b4278a3a63"), + tag: &hex!("eff9bb26156ec76f0060cd93a959e055"), + }, + GcmTV { + key: &hex!("3cc8671c4d25c3cbc887f4dcbd64e531e91cf6252f6ee9c29d9988d20ab6747f"), + nonce: &hex!("f960a09c0b5067280926a9c3"), + plaintext: &hex!("5b58717b0b32076566b58bf37c6133e61468b2be67715fb0007fe390c4b5578decf55502a4e3c12e7bdf0ba98784d126e4753a"), + aad: &hex!("79d73a7ff86698e6114a0f465373fbee029e042424c439b22e3ad37b36b9e02bab82e16844114e99e39c169f462fe61b87c4627c394384acc9531680706e4e56491a304c6075cca37c64db24468c1fb9519605c83f0ee3e0316a"), + ciphertext: &hex!("1d0be097470c1ac30619f63c3961152ab27db88ce694b7bba4db185cb31803cc7bab890e931c90766621bfe5d887eb0cd6995d"), + tag: &hex!("dbd57ea091ff16fc7dbc5435030cc74e"), + }, + GcmTV { + key: &hex!("882068be4552d7ad224fc8fa2af00d6abf76ccf1a7689d75f6f0e9bd82c1215e"), + nonce: &hex!("890a5315992f12674d1c8018"), + plaintext: &hex!("8464c03e0280cb1f63c054a24a050e980f60cc7313f09f2092c45d77bbe9ad2a8c1f6cdca2acd8c57c87e887edadb66bcb66c4"), + aad: &hex!("916721df816b1cad531dee8e4a8e634d43ed87db99609bcc986d16bfac2cff577d536d749a5c3625de53c5351825c228911f0a64be1fc9738a26394efe5332c0762bf59b65d3f1c5aafa9ca2e63eccd59568e6c0269950911a71"), + ciphertext: &hex!("020e297d907177dba12dde4bfe1b0ff9b6a9d9db0695193e4181449e157137b59b488616ba151b06d889f8498ce373d2396ab9"), + tag: &hex!("e48537ecb27460b477a6e7c3463dbcb0"), + }, + GcmTV { + key: &hex!("4deadcf0f7e19231f8afcb6fb902b105bef23f2fa9323a51833ff8368ccb4f91"), + nonce: &hex!("6d4d01abd587ed110e512ed2"), + plaintext: &hex!("75686e0fdd3fd96f3e6dfafd7a2a907f9f375d93943cb2229bd72b032bf624af4fc72071289386e3dccc45959e47ab42b261a2"), + aad: &hex!("31a2797318104b2dc9977e599435b041c56bafe5e7d901a58614c2d3fb9d220e3fd3e2828cef69e0604ed73340cb1e21967294dcd874893942442200b2a5b860ee8cf91e1d8eb3d364d0e43e84f6379f434a1ae17c236b216842"), + ciphertext: &hex!("8feaf9a089599812117a67aed2f4bf3431ff1f6cfd64ea5ff475287abb4ff1ab6b3e4f8a55d1c6b3f08594f403e771ec7e9956"), + tag: &hex!("5040407621712e053591179e1689698e"), + }, + GcmTV { + key: &hex!("80f1c515f10d79cdbee275213aa9ac0845e2cf42874f7e695081cb103abf1a27"), + nonce: &hex!("399d5f9b218b62ff60c267bd"), + plaintext: &hex!("9e95221873f65282dd1ec75494d2500e62a2b6edda5a6f33b3d4dd7516ef25cf4154472e61c6aed2749c5a7d86637052b00f54"), + aad: &hex!("d2a8fff8ae24a6a5efc75764549a765222df317e323a798cbb8a23d1af8fdf8a3b767f55703b1c0feba3912d4234441978191262f1999c69caa4e9a3e0454c143af0022cd6e44cec14149f9e9964a1f2c5e5a6e3e768bd870060"), + ciphertext: &hex!("4f996562e23ebbfd4fe26523aee9525b13d6e134e72d21bdc7f195c6403501fd8300b6e597b668f199f93591ba742a91b54454"), + tag: &hex!("2da1c7325f58575d275abf96c7fa9e51"), + }, + GcmTV { + key: &hex!("c2c6e9be5a480a4a56bfcd0e268faa2276093bd1f7e8ce61e746d003decc761e"), + nonce: &hex!("c1541eb25721d4856df8f928"), + plaintext: &hex!("87d22e0318fbbb420b86b0585bd12c14645ff2c742e5639b3a114cc96c5f738edfbe2055116f259e3d6c14cb6d8fca45708289"), + aad: &hex!("f34e79e5fe437eda03ccfef2f1d6319df51a71c9891863e4b98a7298bd64490460354db5a28b0fadcb815024ea17f3b84810e27954afb1fdf44f0defb930b1793684a781310b9af95b4bcf0a727a2cb0ac529b805811b3721d98"), + ciphertext: &hex!("b5d6e57c7aa0240e0b6e332d3b3323b525a3d8a553ad041ba599e909188da537c3293d1687fb967882d16a5615b84e95f9dd77"), + tag: &hex!("1cce334cec4b51216cac0fc620cdadf9"), + }, + GcmTV { + key: &hex!("ea0d6184a71456e27f9ac82dfc7f6694c898f7c0d19d1cb0db4e575dd0094bb6"), + nonce: &hex!("5018fb816d515511bfb939d5"), + plaintext: &hex!("083147d0c80f134f7393855c8a95bf6e6abd6f9a7b1fca584e8bfc6b5dc13a8edbfd473e232c041d9be9ee7709dc86b3aa320a"), + aad: &hex!("8bc6bd0a263212bd7281fd1a45e512fca104f859358eae9293a297c529a0abaffd8a77507b9069040f2b3141a7620691e110a8b593b956d8e3e71694506b89018a03861c1ba6082687adce15a874c73477430cef075eba077a93"), + ciphertext: &hex!("f0a5c4941782e2f2941dd05acee29b65341773f2e8d51935a3f4fa6f268ff030c880976cf1ee858f6571abd8411b695a2fadf0"), + tag: &hex!("067d8cc2d38c30697272daa00c7f70cf"), + }, + GcmTV { + key: &hex!("c624feb6cb0d78d634b627134c692f0bf5debf84d8639e22ff27ce2ace49d438"), + nonce: &hex!("a54f4f1204255f6b312222cd"), + plaintext: &hex!("ec34f45c1b70fd56518cc5c404cc13330ab7d51c10f4d2cfeb26b097ae76897191ec1b3953b0086e425c7da221d29f65d5ccf3"), + aad: &hex!("d9099ba6be50dca77e0b9803766ad993132479fbab43b8f4126a7f9ef673ac0caf2de235e1e84ad9fe505c43d1ac779f5072c025c14ea0d930ce39db8c5930baada23b3e4654470e559fcb6eb1c133a77318b87cc7913e12d404"), + ciphertext: &hex!("713d28a5123d65e82cca6e7fd919e1e5e3bdaab12ae715cf8b7c974eb5f62be8c3b42637074c6b891f6c6033eb4b7e61db9f0b"), + tag: &hex!("01ededff6e4d1dce4ac790218e208ebe"), + }, + GcmTV { + key: &hex!("1afc68b32596198ae0f3a8612751c2413322e8054ff2ac6bede3d4a1ee20ee62"), + nonce: &hex!("356860e76e794492de6a68f3"), + plaintext: &hex!("293041038f9e8edee23d2f18bce87b522380f1fa18b3021830a54ab891da8548095228ed9860176152e27945d66254f0db8590"), + aad: &hex!("205e44009e0ef963838aff615b35c9f1271d487cf719677d956718bce8ab676cceb636ad381432c5c790c26b07051b661a2fec4e607f9644f84993c8335db21ae36b6008bab2883ad7541809bf5f49272295c1c1f1cf8c678553"), + ciphertext: &hex!("e06109680d5fefd345665ec9a5b2e7bf3ece3af1b62841a95c453e7753b5a1d6d8a10b3c6c42df1f23832b74e74871821f1c0b"), + tag: &hex!("953d8d04f70e2af055ac902a455235b2"), + }, + GcmTV { + key: &hex!("f61b723359e798fefecc26b10b168dc331c639079598f1f651166cc58c671ee1"), + nonce: &hex!("b07e9407b592d4fd95509343"), + plaintext: &hex!("2724f1ad6b5b409a59c7f2ff649eb24b4a33a03d7a0426e29a6ea3aa91b4f00699fbed75bb7189964303e2e9fe3a7e5f74b7a1"), + aad: &hex!("1429c6f27828cb94ad5e62451da10fd574660cec2b8f279a19bbb8a167a630d3ac60db04e8faa02204792e49aed4501844a419d3ecdff0d03799866fee81a91187b08a44d5bb617ff3b2cef79cd48750ea20903e1d3627a17730"), + ciphertext: &hex!("362bad8de943dce8f53edf682d02e1d893c23c5272b13fd35b492f8477083a8c34027db32b6131931f03555ac5fbc6dbb13801"), + tag: &hex!("a51775606343755691f125019b44fdfc"), + }, + GcmTV { + key: &hex!("6be7f4d18ff0fbdd9b3b3cacaba4629a0c617387079add62f6ce1584b33faad1"), + nonce: &hex!("fda568c9cb13d9c176bcef03"), + plaintext: &hex!("4df668e99d5068604a48bcca5baa8245435928558a83d68d7b0b081861224e9bd39ea8f2d55a635949e66c6f6a7ff5cc34dd94"), + aad: &hex!("11ebeb97dd4a9925c1fbe2b9af77392058d2d971e42db15da39f090d7bc132573c34bf7d92a2d72dc66ee6840c3ff07985b8976ee8d8f36bf47ae330b899fdc60652dd5a23c45f3680f11951f019e0697c8acfcaa95f01b9c7dd"), + ciphertext: &hex!("488b40ad594e1845ccdd9e9467fc5e1afbbfde34e57d45bfcd30b61cc326d57fe8e3f31a39cdebf00f60bbd2c3cdf69f756eff"), + tag: &hex!("3bf3fbab9b48486fd08a5552604df639"), + }, + ]; +} diff --git a/openssl-zt/src/bn.rs b/openssl-zt/src/bn.rs new file mode 100644 index 000000000..f49cf6a79 --- /dev/null +++ b/openssl-zt/src/bn.rs @@ -0,0 +1,1153 @@ +//! BigNum implementation +//! +//! Large numbers are important for a cryptographic library. OpenSSL implementation +//! of BigNum uses dynamically assigned memory to store an array of bit chunks. This +//! allows numbers of any size to be compared and mathematical functions performed. +//! +//! OpenSSL wiki describes the [`BIGNUM`] data structure. +//! +//! [`BIGNUM`]: https://wiki.openssl.org/index.php/Manual:Bn_internal(3) +use cfg_if::cfg_if; +use foreign_types::{ForeignType, ForeignTypeRef, foreign_type}; +use libc::c_int; +use std::cmp::Ordering; +use std::ffi::CString; +use std::ops::{Add, Deref, Div, Mul, Neg, Rem, Shl, Shr, Sub}; +use std::ptr; + +use crate::error::{ErrorStack, cvt, cvt_n, cvt_p}; + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + use ffi::{ + BN_get_rfc2409_prime_1024, BN_get_rfc2409_prime_768, BN_get_rfc3526_prime_1536, + BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, + BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192, BN_is_negative, + }; + } else if #[cfg(boringssl)] { + use ffi::BN_is_negative; + } else { + use ffi::{ + get_rfc2409_prime_1024 as BN_get_rfc2409_prime_1024, + get_rfc2409_prime_768 as BN_get_rfc2409_prime_768, + get_rfc3526_prime_1536 as BN_get_rfc3526_prime_1536, + get_rfc3526_prime_2048 as BN_get_rfc3526_prime_2048, + get_rfc3526_prime_3072 as BN_get_rfc3526_prime_3072, + get_rfc3526_prime_4096 as BN_get_rfc3526_prime_4096, + get_rfc3526_prime_6144 as BN_get_rfc3526_prime_6144, + get_rfc3526_prime_8192 as BN_get_rfc3526_prime_8192, + }; + + #[allow(bad_style)] + unsafe fn BN_is_negative(bn: *const ffi::BIGNUM) -> c_int { + (*bn).neg + } + } +} + +/// Options for the most significant bits of a randomly generated `BigNum`. +pub struct MsbOption(c_int); + +impl MsbOption { + /// The most significant bit of the number may be 0. + pub const MAYBE_ZERO: MsbOption = MsbOption(-1); + + /// The most significant bit of the number must be 1. + pub const ONE: MsbOption = MsbOption(0); + + /// The most significant two bits of the number must be 1. + /// + /// The number of bits in the product of two such numbers will always be exactly twice the + /// number of bits in the original numbers. + pub const TWO_ONES: MsbOption = MsbOption(1); +} + +foreign_type! { + pub unsafe type BigNumContext { + type CType = ffi::BN_CTX; + fn drop = ffi::BN_CTX_free; + } +} + +impl BigNumContext { + /// Returns a new `BigNumContext`. + pub fn new() -> Result { + unsafe { + cvt_p(ffi::BN_CTX_new()).map(|x| BigNumContext::from_ptr(x)) + } + } +} + +foreign_type! { + /// Dynamically sized large number implementation + /// + /// Perform large number mathematics. Create a new BigNum + /// with [`new`]. Perform standard mathematics on large numbers using + /// methods from [`Dref`] + /// + /// OpenSSL documentation at [`BN_new`]. + /// + /// [`new`]: struct.BigNum.html#method.new + /// [`Dref`]: struct.BigNum.html#deref-methods + /// [`BN_new`]: https://www.openssl.org/docs/man1.1.0/crypto/BN_new.html + pub unsafe type BigNum { + type CType = ffi::BIGNUM; + fn drop = ffi::BN_free; + } +} + +impl BigNumRef { + /// Erases the memory used by this `BigNum`, resetting its value to 0. + /// + /// This can be used to destroy sensitive data such as keys when they are no longer needed. + pub fn clear(&mut self) { + unsafe { ffi::BN_clear(self.as_ptr()) } + } + + /// Adds a `u32` to `self`. + pub fn add_word(&mut self, w: u32) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_add_word(self.as_ptr(), w as ffi::BN_ULONG)).map(|_| ()) } + } + + /// Subtracts a `u32` from `self`. + pub fn sub_word(&mut self, w: u32) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_sub_word(self.as_ptr(), w as ffi::BN_ULONG)).map(|_| ()) } + } + + /// Multiplies a `u32` by `self`. + pub fn mul_word(&mut self, w: u32) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_mul_word(self.as_ptr(), w as ffi::BN_ULONG)).map(|_| ()) } + } + + /// Divides `self` by a `u32`, returning the remainder. + #[allow(clippy::useless_conversion)] + pub fn div_word(&mut self, w: u32) -> Result { + unsafe { + let r = ffi::BN_div_word(self.as_ptr(), w.into()); + if r == ffi::BN_ULONG::max_value() { + Err(ErrorStack::get()) + } else { + Ok(r.into()) + } + } + } + + /// Returns the result of `self` modulo `w`. + #[allow(clippy::useless_conversion)] + pub fn mod_word(&self, w: u32) -> Result { + unsafe { + let r = ffi::BN_mod_word(self.as_ptr(), w.into()); + if r == ffi::BN_ULONG::max_value() { + Err(ErrorStack::get()) + } else { + Ok(r.into()) + } + } + } + + /// Places a cryptographically-secure pseudo-random nonnegative + /// number less than `self` in `rnd`. + pub fn rand_range(&self, rnd: &mut BigNumRef) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_rand_range(rnd.as_ptr(), self.as_ptr())).map(|_| ()) } + } + + /// The cryptographically weak counterpart to `rand_in_range`. + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + pub fn pseudo_rand_range(&self, rnd: &mut BigNumRef) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_pseudo_rand_range(rnd.as_ptr(), self.as_ptr())).map(|_| ()) } + } + + /// Sets bit `n`. Equivalent to `self |= (1 << n)`. + /// + /// When setting a bit outside of `self`, it is expanded. + #[allow(clippy::useless_conversion)] + pub fn set_bit(&mut self, n: i32) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_set_bit(self.as_ptr(), n.into())).map(|_| ()) } + } + + /// Clears bit `n`, setting it to 0. Equivalent to `self &= ~(1 << n)`. + /// + /// When clearing a bit outside of `self`, an error is returned. + #[allow(clippy::useless_conversion)] + pub fn clear_bit(&mut self, n: i32) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_clear_bit(self.as_ptr(), n.into())).map(|_| ()) } + } + + /// Returns `true` if the `n`th bit of `self` is set to 1, `false` otherwise. + #[allow(clippy::useless_conversion)] + pub fn is_bit_set(&self, n: i32) -> bool { + unsafe { ffi::BN_is_bit_set(self.as_ptr(), n.into()) == 1 } + } + + /// Truncates `self` to the lowest `n` bits. + /// + /// An error occurs if `self` is already shorter than `n` bits. + #[allow(clippy::useless_conversion)] + pub fn mask_bits(&mut self, n: i32) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_mask_bits(self.as_ptr(), n.into())).map(|_| ()) } + } + + /// Places `a << 1` in `self`. Equivalent to `self * 2`. + pub fn lshift1(&mut self, a: &BigNumRef) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_lshift1(self.as_ptr(), a.as_ptr())).map(|_| ()) } + } + + /// Places `a >> 1` in `self`. Equivalent to `self / 2`. + pub fn rshift1(&mut self, a: &BigNumRef) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_rshift1(self.as_ptr(), a.as_ptr())).map(|_| ()) } + } + + /// Places `a + b` in `self`. [`core::ops::Add`] is also implemented for `BigNumRef`. + /// + /// [`core::ops::Add`]: struct.BigNumRef.html#method.add + pub fn checked_add(&mut self, a: &BigNumRef, b: &BigNumRef) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_add(self.as_ptr(), a.as_ptr(), b.as_ptr())).map(|_| ()) } + } + + /// Places `a - b` in `self`. [`core::ops::Sub`] is also implemented for `BigNumRef`. + /// + /// [`core::ops::Sub`]: struct.BigNumRef.html#method.sub + pub fn checked_sub(&mut self, a: &BigNumRef, b: &BigNumRef) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_sub(self.as_ptr(), a.as_ptr(), b.as_ptr())).map(|_| ()) } + } + + /// Places `a << n` in `self`. Equivalent to `a * 2 ^ n`. + #[allow(clippy::useless_conversion)] + pub fn lshift(&mut self, a: &BigNumRef, n: i32) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_lshift(self.as_ptr(), a.as_ptr(), n.into())).map(|_| ()) } + } + + /// Places `a >> n` in `self`. Equivalent to `a / 2 ^ n`. + #[allow(clippy::useless_conversion)] + pub fn rshift(&mut self, a: &BigNumRef, n: i32) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_rshift(self.as_ptr(), a.as_ptr(), n.into())).map(|_| ()) } + } + + /// Creates a new BigNum with the same value. + pub fn to_owned(&self) -> Result { + unsafe { cvt_p(ffi::BN_dup(self.as_ptr())).map(|b| BigNum::from_ptr(b)) } + } + + /// Sets the sign of `self`. Pass true to set `self` to a negative. False sets + /// `self` positive. + pub fn set_negative(&mut self, negative: bool) { + unsafe { ffi::BN_set_negative(self.as_ptr(), negative as c_int) } + } + + /// Compare the absolute values of `self` and `oth`. + pub fn ucmp(&self, oth: &BigNumRef) -> Ordering { + unsafe { ffi::BN_ucmp(self.as_ptr(), oth.as_ptr()).cmp(&0) } + } + + /// Returns `true` if `self` is negative. + pub fn is_negative(&self) -> bool { + unsafe { BN_is_negative(self.as_ptr()) == 1 } + } + + /// Returns the number of significant bits in `self`. + #[allow(clippy::unnecessary_cast)] + pub fn num_bits(&self) -> i32 { + unsafe { ffi::BN_num_bits(self.as_ptr()) as i32 } + } + + /// Returns the size of `self` in bytes. Implemented natively. + pub fn num_bytes(&self) -> i32 { + (self.num_bits() + 7) / 8 + } + + /// Generates a cryptographically strong pseudo-random `BigNum`, placing it in `self`. + /// + /// # Parameters + /// + /// * `bits`: Length of the number in bits. + /// * `msb`: The desired properties of the most significant bit. See [`constants`]. + /// * `odd`: If `true`, the generated number will be odd. + /// + /// [`constants`]: index.html#constants + #[allow(clippy::useless_conversion)] + pub fn rand(&mut self, bits: i32, msb: MsbOption, odd: bool) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_rand( + self.as_ptr(), + bits.into(), + msb.0, + odd as c_int, + )) + .map(|_| ()) + } + } + + /// The cryptographically weak counterpart to `rand`. Not suitable for key generation. + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + #[allow(clippy::useless_conversion)] + pub fn pseudo_rand(&mut self, bits: i32, msb: MsbOption, odd: bool) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_pseudo_rand( + self.as_ptr(), + bits.into(), + msb.0, + odd as c_int, + )) + .map(|_| ()) + } + } + + /// Generates a prime number, placing it in `self`. + /// + /// # Parameters + /// + /// * `bits`: The length of the prime in bits (lower bound). + /// * `safe`: If true, returns a "safe" prime `p` so that `(p-1)/2` is also prime. + /// * `add`/`rem`: If `add` is set to `Some(add)`, `p % add == rem` will hold, where `p` is the + /// generated prime and `rem` is `1` if not specified (`None`). + pub fn generate_prime( + &mut self, + bits: i32, + safe: bool, + add: Option<&BigNumRef>, + rem: Option<&BigNumRef>, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_generate_prime_ex( + self.as_ptr(), + bits as c_int, + safe as c_int, + add.map(|n| n.as_ptr()).unwrap_or(ptr::null_mut()), + rem.map(|n| n.as_ptr()).unwrap_or(ptr::null_mut()), + ptr::null_mut(), + )) + .map(|_| ()) + } + } + + /// Places the result of `a * b` in `self`. + /// [`core::ops::Mul`] is also implemented for `BigNumRef`. + /// + /// [`core::ops::Mul`]: struct.BigNumRef.html#method.mul + pub fn checked_mul( + &mut self, + a: &BigNumRef, + b: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_mul( + self.as_ptr(), + a.as_ptr(), + b.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the result of `a / b` in `self`. The remainder is discarded. + /// [`core::ops::Div`] is also implemented for `BigNumRef`. + /// + /// [`core::ops::Div`]: struct.BigNumRef.html#method.div + pub fn checked_div( + &mut self, + a: &BigNumRef, + b: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_div( + self.as_ptr(), + ptr::null_mut(), + a.as_ptr(), + b.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the result of `a % b` in `self`. + pub fn checked_rem( + &mut self, + a: &BigNumRef, + b: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_div( + ptr::null_mut(), + self.as_ptr(), + a.as_ptr(), + b.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the result of `a / b` in `self` and `a % b` in `rem`. + pub fn div_rem( + &mut self, + rem: &mut BigNumRef, + a: &BigNumRef, + b: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_div( + self.as_ptr(), + rem.as_ptr(), + a.as_ptr(), + b.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the result of `a²` in `self`. + pub fn sqr(&mut self, a: &BigNumRef, ctx: &mut BigNumContextRef) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_sqr(self.as_ptr(), a.as_ptr(), ctx.as_ptr())).map(|_| ()) } + } + + /// Places the result of `a mod m` in `self`. As opposed to `div_rem` + /// the result is non-negative. + pub fn nnmod( + &mut self, + a: &BigNumRef, + m: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_nnmod( + self.as_ptr(), + a.as_ptr(), + m.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the result of `(a + b) mod m` in `self`. + pub fn mod_add( + &mut self, + a: &BigNumRef, + b: &BigNumRef, + m: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_mod_add( + self.as_ptr(), + a.as_ptr(), + b.as_ptr(), + m.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the result of `(a - b) mod m` in `self`. + pub fn mod_sub( + &mut self, + a: &BigNumRef, + b: &BigNumRef, + m: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_mod_sub( + self.as_ptr(), + a.as_ptr(), + b.as_ptr(), + m.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the result of `(a * b) mod m` in `self`. + pub fn mod_mul( + &mut self, + a: &BigNumRef, + b: &BigNumRef, + m: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_mod_mul( + self.as_ptr(), + a.as_ptr(), + b.as_ptr(), + m.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the result of `a² mod m` in `self`. + pub fn mod_sqr( + &mut self, + a: &BigNumRef, + m: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_mod_sqr( + self.as_ptr(), + a.as_ptr(), + m.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the result of `a^p` in `self`. + pub fn exp( + &mut self, + a: &BigNumRef, + p: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_exp( + self.as_ptr(), + a.as_ptr(), + p.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the result of `a^p mod m` in `self`. + pub fn mod_exp( + &mut self, + a: &BigNumRef, + p: &BigNumRef, + m: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_mod_exp( + self.as_ptr(), + a.as_ptr(), + p.as_ptr(), + m.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the inverse of `a` modulo `n` in `self`. + pub fn mod_inverse( + &mut self, + a: &BigNumRef, + n: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt_p(ffi::BN_mod_inverse( + self.as_ptr(), + a.as_ptr(), + n.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the greatest common denominator of `a` and `b` in `self`. + pub fn gcd( + &mut self, + a: &BigNumRef, + b: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_gcd( + self.as_ptr(), + a.as_ptr(), + b.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Checks whether `self` is prime. + /// + /// Performs a Miller-Rabin probabilistic primality test with `checks` iterations. + /// + /// # Return Value + /// + /// Returns `true` if `self` is prime with an error probability of less than `0.25 ^ checks`. + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + #[allow(clippy::useless_conversion)] + pub fn is_prime(&self, checks: i32, ctx: &mut BigNumContextRef) -> Result { + unsafe { + cvt_n(ffi::BN_is_prime_ex( + self.as_ptr(), + checks.into(), + ctx.as_ptr(), + ptr::null_mut(), + )) + .map(|r| r != 0) + } + } + + /// Checks whether `self` is prime with optional trial division. + /// + /// If `do_trial_division` is `true`, first performs trial division by a number of small primes. + /// Then, like `is_prime`, performs a Miller-Rabin probabilistic primality test with `checks` + /// iterations. + /// + /// # Return Value + /// + /// Returns `true` if `self` is prime with an error probability of less than `0.25 ^ checks`. + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + #[allow(clippy::useless_conversion)] + pub fn is_prime_fasttest( + &self, + checks: i32, + ctx: &mut BigNumContextRef, + do_trial_division: bool, + ) -> Result { + unsafe { + cvt_n(ffi::BN_is_prime_fasttest_ex( + self.as_ptr(), + checks.into(), + ctx.as_ptr(), + do_trial_division as c_int, + ptr::null_mut(), + )) + .map(|r| r != 0) + } + } + + /// Returns a big-endian byte vector representation of the absolute value of `self`. + /// + /// `self` can be recreated by using `from_slice`. + pub fn to_vec(&self) -> Vec { + let size = self.num_bytes() as usize; + let mut v = Vec::with_capacity(size); + unsafe { + ffi::BN_bn2bin(self.as_ptr(), v.as_mut_ptr()); + v.set_len(size); + } + v + } + + /// Returns a big-endian byte vector representation of the absolute value of `self`. + /// + /// `self` can be recreated by using `from_slice`. + pub fn to_bytes(&self, buf: &mut [u8]) -> Result { + debug_assert!(buf.len() >= self.num_bytes() as usize, "The buffer must be at least as large as the BigNum, see BigNum::num_bytes()"); + unsafe { + cvt_n(ffi::BN_bn2bin(self.as_ptr(), buf.as_mut_ptr())).map(|x| x as usize) + } + } + + /// Returns a big-endian byte vector representation of the absolute value of `self` padded + /// to `pad_to` bytes. + /// + /// If `pad_to` is less than `self.num_bytes()` then an error is returned. + /// + /// `self` can be recreated by using `from_slice`. + /// + #[cfg(ossl110)] + pub fn to_vec_padded(&self, pad_to: i32) -> Result, ErrorStack> { + let mut v = Vec::with_capacity(pad_to as usize); + unsafe { + cvt(ffi::BN_bn2binpad(self.as_ptr(), v.as_mut_ptr(), pad_to))?; + v.set_len(pad_to as usize); + } + Ok(v) + } + + /// Force constant time computation on this value. + #[cfg(ossl110)] + pub fn set_const_time(&mut self) { + unsafe { ffi::BN_set_flags(self.as_ptr(), ffi::BN_FLG_CONSTTIME) } + } + + /// Returns true if `self` is in const time mode. + #[cfg(ossl110)] + pub fn is_const_time(&self) -> bool { + unsafe { + let ret = ffi::BN_get_flags(self.as_ptr(), ffi::BN_FLG_CONSTTIME); + ret == ffi::BN_FLG_CONSTTIME + } + } + + /// Returns true if `self` was created with [`BigNum::new_secure`]. + #[cfg(ossl110)] + pub fn is_secure(&self) -> bool { + unsafe { + let ret = ffi::BN_get_flags(self.as_ptr(), ffi::BN_FLG_SECURE); + ret == ffi::BN_FLG_SECURE + } + } +} + +impl BigNum { + /// Creates a new `BigNum` with the value 0. + pub fn new() -> Result { + unsafe { + let v = cvt_p(ffi::BN_new())?; + Ok(BigNum::from_ptr(v)) + } + } + + /// Returns a new secure `BigNum`. + #[cfg(ossl110)] + pub fn new_secure() -> Result { + unsafe { + let v = cvt_p(ffi::BN_secure_new())?; + Ok(BigNum::from_ptr(v)) + } + } + + /// Creates a new `BigNum` with the given value. + pub fn from_u32(n: u32) -> Result { + BigNum::new().and_then(|v| unsafe { + cvt(ffi::BN_set_word(v.as_ptr(), n as ffi::BN_ULONG)).map(|_| v) + }) + } + + /// Creates a `BigNum` from a decimal string. + pub fn from_dec_str(s: &str) -> Result { + unsafe { + let c_str = CString::new(s.as_bytes()).unwrap(); + let mut bn = ptr::null_mut(); + cvt(ffi::BN_dec2bn(&mut bn, c_str.as_ptr() as *const _))?; + Ok(BigNum::from_ptr(bn)) + } + } + + /// Creates a `BigNum` from a hexadecimal string. + pub fn from_hex_str(s: &str) -> Result { + unsafe { + let c_str = CString::new(s.as_bytes()).unwrap(); + let mut bn = ptr::null_mut(); + cvt(ffi::BN_hex2bn(&mut bn, c_str.as_ptr() as *const _))?; + Ok(BigNum::from_ptr(bn)) + } + } + + /// Returns a constant used in IKE as defined in [`RFC 2409`]. This prime number is in + /// the order of magnitude of `2 ^ 768`. This number is used during calculated key + /// exchanges such as Diffie-Hellman. This number is labeled Oakley group id 1. + /// + /// [`RFC 2409`]: https://tools.ietf.org/html/rfc2409#page-21 + #[cfg(not(boringssl))] + pub fn get_rfc2409_prime_768() -> Result { + unsafe { + cvt_p(BN_get_rfc2409_prime_768(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) + } + } + + /// Returns a constant used in IKE as defined in [`RFC 2409`]. This prime number is in + /// the order of magnitude of `2 ^ 1024`. This number is used during calculated key + /// exchanges such as Diffie-Hellman. This number is labeled Oakly group 2. + /// + /// [`RFC 2409`]: https://tools.ietf.org/html/rfc2409#page-21 + #[cfg(not(boringssl))] + pub fn get_rfc2409_prime_1024() -> Result { + unsafe { + cvt_p(BN_get_rfc2409_prime_1024(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) + } + } + + /// Returns a constant used in IKE as defined in [`RFC 3526`]. The prime is in the order + /// of magnitude of `2 ^ 1536`. This number is used during calculated key + /// exchanges such as Diffie-Hellman. This number is labeled MODP group 5. + /// + /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-3 + #[cfg(not(boringssl))] + pub fn get_rfc3526_prime_1536() -> Result { + unsafe { + cvt_p(BN_get_rfc3526_prime_1536(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) + } + } + + /// Returns a constant used in IKE as defined in [`RFC 3526`]. The prime is in the order + /// of magnitude of `2 ^ 2048`. This number is used during calculated key + /// exchanges such as Diffie-Hellman. This number is labeled MODP group 14. + /// + /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-3 + #[cfg(not(boringssl))] + pub fn get_rfc3526_prime_2048() -> Result { + unsafe { + cvt_p(BN_get_rfc3526_prime_2048(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) + } + } + + /// Returns a constant used in IKE as defined in [`RFC 3526`]. The prime is in the order + /// of magnitude of `2 ^ 3072`. This number is used during calculated key + /// exchanges such as Diffie-Hellman. This number is labeled MODP group 15. + /// + /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-4 + #[cfg(not(boringssl))] + pub fn get_rfc3526_prime_3072() -> Result { + unsafe { + cvt_p(BN_get_rfc3526_prime_3072(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) + } + } + + /// Returns a constant used in IKE as defined in [`RFC 3526`]. The prime is in the order + /// of magnitude of `2 ^ 4096`. This number is used during calculated key + /// exchanges such as Diffie-Hellman. This number is labeled MODP group 16. + /// + /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-4 + #[cfg(not(boringssl))] + pub fn get_rfc3526_prime_4096() -> Result { + unsafe { + cvt_p(BN_get_rfc3526_prime_4096(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) + } + } + + /// Returns a constant used in IKE as defined in [`RFC 3526`]. The prime is in the order + /// of magnitude of `2 ^ 6144`. This number is used during calculated key + /// exchanges such as Diffie-Hellman. This number is labeled MODP group 17. + /// + /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-6 + #[cfg(not(boringssl))] + pub fn get_rfc3526_prime_6144() -> Result { + unsafe { + cvt_p(BN_get_rfc3526_prime_6144(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) + } + } + + /// Returns a constant used in IKE as defined in [`RFC 3526`]. The prime is in the order + /// of magnitude of `2 ^ 8192`. This number is used during calculated key + /// exchanges such as Diffie-Hellman. This number is labeled MODP group 18. + /// + /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-6 + #[cfg(not(boringssl))] + pub fn get_rfc3526_prime_8192() -> Result { + unsafe { + cvt_p(BN_get_rfc3526_prime_8192(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) + } + } + + /// Creates a new `BigNum` from an unsigned, big-endian encoded number of arbitrary length. + /// + /// OpenSSL documentation at [`BN_bin2bn`] + /// + /// [`BN_bin2bn`]: https://www.openssl.org/docs/man1.1.0/crypto/BN_bin2bn.html + pub fn from_slice(n: &[u8]) -> Result { + unsafe { + assert!(n.len() <= c_int::max_value() as usize); + + cvt_p(ffi::BN_bin2bn( + n.as_ptr(), + n.len() as c_int, + ptr::null_mut(), + )) + .map(|p| BigNum::from_ptr(p)) + } + } + + /// Copies data from a slice overwriting what was in the BigNum. + /// + /// This function can be used to copy data from a slice to a + /// [secure BigNum][`BigNum::new_secure`]. + pub fn copy_from_slice(&mut self, n: &[u8]) -> Result<(), ErrorStack> { + unsafe { + assert!(n.len() <= c_int::max_value() as usize); + + cvt_p(ffi::BN_bin2bn(n.as_ptr(), n.len() as c_int, self.as_mut().as_ptr()))?; + Ok(()) + } + } +} + + +impl PartialEq for BigNumRef { + fn eq(&self, oth: &BigNumRef) -> bool { + self.cmp(oth) == Ordering::Equal + } +} + +impl PartialEq for BigNumRef { + fn eq(&self, oth: &BigNum) -> bool { + self.eq(oth.deref()) + } +} + +impl Eq for BigNumRef {} + +impl PartialEq for BigNum { + fn eq(&self, oth: &BigNum) -> bool { + self.deref().eq(oth) + } +} + +impl PartialEq for BigNum { + fn eq(&self, oth: &BigNumRef) -> bool { + self.deref().eq(oth) + } +} + +impl Eq for BigNum {} + +impl PartialOrd for BigNumRef { + fn partial_cmp(&self, oth: &BigNumRef) -> Option { + Some(self.cmp(oth)) + } +} + +impl PartialOrd for BigNumRef { + fn partial_cmp(&self, oth: &BigNum) -> Option { + Some(self.cmp(oth.deref())) + } +} + +impl Ord for BigNumRef { + fn cmp(&self, oth: &BigNumRef) -> Ordering { + unsafe { ffi::BN_cmp(self.as_ptr(), oth.as_ptr()).cmp(&0) } + } +} + +impl PartialOrd for BigNum { + fn partial_cmp(&self, oth: &BigNum) -> Option { + self.deref().partial_cmp(oth.deref()) + } +} + +impl PartialOrd for BigNum { + fn partial_cmp(&self, oth: &BigNumRef) -> Option { + self.deref().partial_cmp(oth) + } +} + +impl Ord for BigNum { + fn cmp(&self, oth: &BigNum) -> Ordering { + self.deref().cmp(oth.deref()) + } +} + +macro_rules! delegate { + ($t:ident, $m:ident) => { + impl<'a, 'b> $t<&'b BigNum> for &'a BigNumRef { + type Output = BigNum; + + fn $m(self, oth: &BigNum) -> BigNum { + $t::$m(self, oth.deref()) + } + } + + impl<'a, 'b> $t<&'b BigNumRef> for &'a BigNum { + type Output = BigNum; + + fn $m(self, oth: &BigNumRef) -> BigNum { + $t::$m(self.deref(), oth) + } + } + + impl<'a, 'b> $t<&'b BigNum> for &'a BigNum { + type Output = BigNum; + + fn $m(self, oth: &BigNum) -> BigNum { + $t::$m(self.deref(), oth.deref()) + } + } + }; +} + +impl<'a, 'b> Add<&'b BigNumRef> for &'a BigNumRef { + type Output = BigNum; + + fn add(self, oth: &BigNumRef) -> BigNum { + let mut r = BigNum::new().unwrap(); + r.checked_add(self, oth).unwrap(); + r + } +} + +delegate!(Add, add); + +impl<'a, 'b> Sub<&'b BigNumRef> for &'a BigNumRef { + type Output = BigNum; + + fn sub(self, oth: &BigNumRef) -> BigNum { + let mut r = BigNum::new().unwrap(); + r.checked_sub(self, oth).unwrap(); + r + } +} + +delegate!(Sub, sub); + +impl<'a, 'b> Mul<&'b BigNumRef> for &'a BigNumRef { + type Output = BigNum; + + fn mul(self, oth: &BigNumRef) -> BigNum { + let mut ctx = BigNumContext::new().unwrap(); + let mut r = BigNum::new().unwrap(); + r.checked_mul(self, oth, &mut ctx).unwrap(); + r + } +} + +delegate!(Mul, mul); + +impl<'a, 'b> Div<&'b BigNumRef> for &'a BigNumRef { + type Output = BigNum; + + fn div(self, oth: &'b BigNumRef) -> BigNum { + let mut ctx = BigNumContext::new().unwrap(); + let mut r = BigNum::new().unwrap(); + r.checked_div(self, oth, &mut ctx).unwrap(); + r + } +} + +delegate!(Div, div); + +impl<'a, 'b> Rem<&'b BigNumRef> for &'a BigNumRef { + type Output = BigNum; + + fn rem(self, oth: &'b BigNumRef) -> BigNum { + let mut ctx = BigNumContext::new().unwrap(); + let mut r = BigNum::new().unwrap(); + r.checked_rem(self, oth, &mut ctx).unwrap(); + r + } +} + +delegate!(Rem, rem); + +impl<'a> Shl for &'a BigNumRef { + type Output = BigNum; + + fn shl(self, n: i32) -> BigNum { + let mut r = BigNum::new().unwrap(); + r.lshift(self, n).unwrap(); + r + } +} + +impl<'a> Shl for &'a BigNum { + type Output = BigNum; + + fn shl(self, n: i32) -> BigNum { + self.deref().shl(n) + } +} + +impl<'a> Shr for &'a BigNumRef { + type Output = BigNum; + + fn shr(self, n: i32) -> BigNum { + let mut r = BigNum::new().unwrap(); + r.rshift(self, n).unwrap(); + r + } +} + +impl<'a> Shr for &'a BigNum { + type Output = BigNum; + + fn shr(self, n: i32) -> BigNum { + self.deref().shr(n) + } +} + +impl<'a> Neg for &'a BigNumRef { + type Output = BigNum; + + fn neg(self) -> BigNum { + self.to_owned().unwrap().neg() + } +} + +impl<'a> Neg for &'a BigNum { + type Output = BigNum; + + fn neg(self) -> BigNum { + self.deref().neg() + } +} + +impl Neg for BigNum { + type Output = BigNum; + + fn neg(mut self) -> BigNum { + let negative = self.is_negative(); + self.set_negative(!negative); + self + } +} + +#[cfg(test)] +mod tests { + use crate::{bn::{BigNum, BigNumContext}, init}; + + #[test] + fn test_to_from_slice() { + init(); + let v0 = BigNum::from_u32(10_203_004).unwrap(); + let vec = v0.to_vec(); + let v1 = BigNum::from_slice(&vec).unwrap(); + + assert!(v0 == v1); + } + + #[test] + fn test_negation() { + init(); + let a = BigNum::from_u32(909_829_283).unwrap(); + + assert!(!a.is_negative()); + assert!((-a).is_negative()); + } + + #[test] + fn test_shift() { + init(); + let a = BigNum::from_u32(909_829_283).unwrap(); + + assert!(a == &(&a << 1) >> 1); + } + + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + #[test] + fn test_prime_numbers() { + init(); + let a = BigNum::from_u32(19_029_017).unwrap(); + let mut p = BigNum::new().unwrap(); + p.generate_prime(128, true, None, Some(&a)).unwrap(); + + let mut ctx = BigNumContext::new().unwrap(); + assert!(p.is_prime(100, &mut ctx).unwrap()); + assert!(p.is_prime_fasttest(100, &mut ctx, true).unwrap()); + } + + #[cfg(ossl110)] + #[test] + fn test_secure_bn() { + init(); + let a = BigNum::new().unwrap(); + assert!(!a.is_secure()); + + let b = BigNum::new_secure().unwrap(); + assert!(b.is_secure()) + } + + #[cfg(ossl110)] + #[test] + fn test_const_time_bn() { + init(); + let a = BigNum::new().unwrap(); + assert!(!a.is_const_time()); + + let mut b = BigNum::new().unwrap(); + b.set_const_time(); + assert!(b.is_const_time()) + } +} diff --git a/openssl-zt/src/cipher.rs b/openssl-zt/src/cipher.rs new file mode 100644 index 000000000..2b66df03c --- /dev/null +++ b/openssl-zt/src/cipher.rs @@ -0,0 +1,484 @@ +//! Symmetric ciphers. + +#[cfg(ossl300)] +use crate::cvt_p; +#[cfg(ossl300)] +use crate::error::ErrorStack; +#[cfg(ossl300)] +use crate::lib_ctx::LibCtxRef; +use crate::nid::Nid; +use cfg_if::cfg_if; +use foreign_types::{ForeignTypeRef, Opaque}; +use openssl_macros::corresponds; +#[cfg(ossl300)] +use std::ffi::CString; +#[cfg(ossl300)] +use std::ptr; + +cfg_if! { + if #[cfg(any(boringssl, ossl110, libressl273))] { + use ffi::{EVP_CIPHER_block_size, EVP_CIPHER_iv_length, EVP_CIPHER_key_length}; + } else { + use libc::c_int; + + #[allow(bad_style)] + pub unsafe fn EVP_CIPHER_iv_length(ptr: *const ffi::EVP_CIPHER) -> c_int { + (*ptr).iv_len + } + + #[allow(bad_style)] + pub unsafe fn EVP_CIPHER_block_size(ptr: *const ffi::EVP_CIPHER) -> c_int { + (*ptr).block_size + } + + #[allow(bad_style)] + pub unsafe fn EVP_CIPHER_key_length(ptr: *const ffi::EVP_CIPHER) -> c_int { + (*ptr).key_len + } + } +} + +cfg_if! { + if #[cfg(ossl300)] { + use foreign_types::ForeignType; + use std::ops::{Deref, DerefMut}; + + type Inner = *mut ffi::EVP_CIPHER; + + impl Drop for Cipher { + #[inline] + fn drop(&mut self) { + unsafe { + ffi::EVP_CIPHER_free(self.as_ptr()); + } + } + } + + unsafe impl ForeignType for Cipher { + type CType = ffi::EVP_CIPHER; + type Ref = CipherRef; + + #[inline] + unsafe fn from_ptr(ptr: *mut Self::CType) -> Self { + Cipher(ptr) + } + + #[inline] + fn as_ptr(&self) -> *mut Self::CType { + self.0 + } + } + + impl Deref for Cipher { + type Target = CipherRef; + + #[inline] + fn deref(&self) -> &Self::Target { + unsafe { + CipherRef::from_ptr(self.as_ptr()) + } + } + } + + impl DerefMut for Cipher { + #[inline] + fn deref_mut(&mut self) -> &mut Self::Target { + unsafe { + CipherRef::from_ptr_mut(self.as_ptr()) + } + } + } + } else { + enum Inner {} + } +} + +/// A symmetric cipher. +pub struct Cipher(Inner); + +unsafe impl Sync for Cipher {} +unsafe impl Send for Cipher {} + +impl Cipher { + /// Looks up the cipher for a certain nid. + #[corresponds(EVP_get_cipherbynid)] + pub fn from_nid(nid: Nid) -> Option<&'static CipherRef> { + unsafe { + let ptr = ffi::EVP_get_cipherbyname(ffi::OBJ_nid2sn(nid.as_raw())); + if ptr.is_null() { + None + } else { + Some(CipherRef::from_ptr(ptr as *mut _)) + } + } + } + + /// Fetches a cipher object corresponding to the specified algorithm name and properties. + /// + /// Requires OpenSSL 3.0.0 or newer. + #[corresponds(EVP_CIPHER_fetch)] + #[cfg(ossl300)] + pub fn fetch( + ctx: Option<&LibCtxRef>, + algorithm: &str, + properties: Option<&str>, + ) -> Result { + let algorithm = CString::new(algorithm).unwrap(); + let properties = properties.map(|s| CString::new(s).unwrap()); + + unsafe { + let ptr = cvt_p(ffi::EVP_CIPHER_fetch( + ctx.map_or(ptr::null_mut(), ForeignTypeRef::as_ptr), + algorithm.as_ptr(), + properties.map_or(ptr::null_mut(), |s| s.as_ptr()), + ))?; + + Ok(Cipher::from_ptr(ptr)) + } + } + + pub fn aes_128_ecb() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_ecb() as *mut _) } + } + + pub fn aes_128_cbc() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_cbc() as *mut _) } + } + + #[cfg(not(boringssl))] + pub fn aes_128_xts() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_xts() as *mut _) } + } + + #[cfg(not(boringssl))] + pub fn aes_128_ctr() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_ctr() as *mut _) } + } + + #[cfg(not(boringssl))] + pub fn aes_128_cfb1() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_cfb1() as *mut _) } + } + + #[cfg(not(boringssl))] + pub fn aes_128_cfb128() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_cfb128() as *mut _) } + } + + #[cfg(not(boringssl))] + pub fn aes_128_cfb8() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_cfb8() as *mut _) } + } + + #[cfg(not(boringssl))] + pub fn aes_128_gcm() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_gcm() as *mut _) } + } + + #[cfg(not(boringssl))] + pub fn aes_128_ccm() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_ccm() as *mut _) } + } + + #[cfg(not(boringssl))] + pub fn aes_128_ofb() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_ofb() as *mut _) } + } + + /// Requires OpenSSL 1.1.0 or newer. + #[cfg(ossl110)] + pub fn aes_128_ocb() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_ocb() as *mut _) } + } + + pub fn aes_192_ecb() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_ecb() as *mut _) } + } + + pub fn aes_192_cbc() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_cbc() as *mut _) } + } + + pub fn aes_192_ctr() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_ctr() as *mut _) } + } + + #[cfg(not(boringssl))] + pub fn aes_192_cfb1() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_cfb1() as *mut _) } + } + + pub fn aes_192_cfb128() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_cfb128() as *mut _) } + } + + #[cfg(not(boringssl))] + pub fn aes_192_cfb8() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_cfb8() as *mut _) } + } + + pub fn aes_192_gcm() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_gcm() as *mut _) } + } + + #[cfg(not(boringssl))] + pub fn aes_192_ccm() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_ccm() as *mut _) } + } + + pub fn aes_192_ofb() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_ofb() as *mut _) } + } + + /// Requires OpenSSL 1.1.0 or newer. + #[cfg(ossl110)] + pub fn aes_192_ocb() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_ocb() as *mut _) } + } + + pub fn aes_256_ecb() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_ecb() as *mut _) } + } + + pub fn aes_256_cbc() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_cbc() as *mut _) } + } + + pub fn aes_256_ctr() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_ctr() as *mut _) } + } + + #[cfg(not(boringssl))] + pub fn aes_256_cfb1() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_cfb1() as *mut _) } + } + + pub fn aes_256_cfb128() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_cfb128() as *mut _) } + } + + #[cfg(not(boringssl))] + pub fn aes_256_cfb8() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_cfb8() as *mut _) } + } + + pub fn aes_256_gcm() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_gcm() as *mut _) } + } + + #[cfg(not(boringssl))] + pub fn aes_256_ccm() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_ccm() as *mut _) } + } + + pub fn aes_256_ofb() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_ofb() as *mut _) } + } + + /// Requires OpenSSL 1.1.0 or newer. + #[cfg(ossl110)] + pub fn aes_256_ocb() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_ocb() as *mut _) } + } + + #[cfg(not(osslconf = "OPENSSL_NO_BF"))] + pub fn bf_cbc() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_bf_cbc() as *mut _) } + } + + #[cfg(not(osslconf = "OPENSSL_NO_BF"))] + pub fn bf_ecb() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_bf_ecb() as *mut _) } + } + + #[cfg(not(osslconf = "OPENSSL_NO_BF"))] + #[cfg(not(boringssl))] + pub fn bf_cfb64() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_bf_cfb64() as *mut _) } + } + + #[cfg(not(osslconf = "OPENSSL_NO_BF"))] + #[cfg(not(boringssl))] + pub fn bf_ofb() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_bf_ofb() as *mut _) } + } + + pub fn des_cbc() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_des_cbc() as *mut _) } + } + + pub fn des_ecb() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_des_ecb() as *mut _) } + } + + pub fn des_ede3() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_des_ede3() as *mut _) } + } + + pub fn des_ede3_cbc() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_des_ede3_cbc() as *mut _) } + } + + #[cfg(not(boringssl))] + pub fn des_ede3_cfb64() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_des_ede3_cfb64() as *mut _) } + } + + pub fn rc4() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_rc4() as *mut _) } + } + + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn camellia128_cfb128() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_camellia_128_cfb128() as *mut _) } + } + + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn camellia128_ecb() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_camellia_128_ecb() as *mut _) } + } + + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn camellia192_cfb128() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_camellia_192_cfb128() as *mut _) } + } + + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn camellia192_ecb() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_camellia_192_ecb() as *mut _) } + } + + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn camellia256_cfb128() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_camellia_256_cfb128() as *mut _) } + } + + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn camellia256_ecb() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_camellia_256_ecb() as *mut _) } + } + + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAST")))] + pub fn cast5_cfb64() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_cast5_cfb64() as *mut _) } + } + + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAST")))] + pub fn cast5_ecb() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_cast5_ecb() as *mut _) } + } + + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_IDEA")))] + pub fn idea_cfb64() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_idea_cfb64() as *mut _) } + } + + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_IDEA")))] + pub fn idea_ecb() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_idea_ecb() as *mut _) } + } + + #[cfg(all(ossl110, not(osslconf = "OPENSSL_NO_CHACHA")))] + pub fn chacha20() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_chacha20() as *mut _) } + } + + #[cfg(all(ossl110, not(osslconf = "OPENSSL_NO_CHACHA")))] + pub fn chacha20_poly1305() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_chacha20_poly1305() as *mut _) } + } + + #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] + #[cfg(not(boringssl))] + pub fn seed_cbc() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_seed_cbc() as *mut _) } + } + + #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] + #[cfg(not(boringssl))] + pub fn seed_cfb128() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_seed_cfb128() as *mut _) } + } + + #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] + #[cfg(not(boringssl))] + pub fn seed_ecb() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_seed_ecb() as *mut _) } + } + + #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] + #[cfg(not(boringssl))] + pub fn seed_ofb() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_seed_ofb() as *mut _) } + } + + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM4")))] + pub fn sm4_ecb() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_sm4_ecb() as *mut _) } + } + + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM4")))] + pub fn sm4_cbc() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_sm4_cbc() as *mut _) } + } + + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM4")))] + pub fn sm4_ctr() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_sm4_ctr() as *mut _) } + } + + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM4")))] + pub fn sm4_cfb128() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_sm4_cfb128() as *mut _) } + } + + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM4")))] + pub fn sm4_ofb() -> &'static CipherRef { + unsafe { CipherRef::from_ptr(ffi::EVP_sm4_ofb() as *mut _) } + } +} + +/// A reference to a [`Cipher`]. +pub struct CipherRef(Opaque); + +unsafe impl ForeignTypeRef for CipherRef { + type CType = ffi::EVP_CIPHER; +} + +unsafe impl Sync for CipherRef {} +unsafe impl Send for CipherRef {} + +impl CipherRef { + /// Returns the cipher's Nid. + #[corresponds(EVP_CIPHER_nid)] + pub fn nid(&self) -> Nid { + let nid = unsafe { ffi::EVP_CIPHER_nid(self.as_ptr()) }; + Nid::from_raw(nid) + } + + /// Returns the length of keys used with this cipher. + #[corresponds(EVP_CIPHER_key_length)] + pub fn key_length(&self) -> usize { + unsafe { EVP_CIPHER_key_length(self.as_ptr()) as usize } + } + + /// Returns the length of the IV used with this cipher. + /// + /// # Note + /// + /// Ciphers that do not use an IV have an IV length of 0. + #[corresponds(EVP_CIPHER_iv_length)] + pub fn iv_length(&self) -> usize { + unsafe { EVP_CIPHER_iv_length(self.as_ptr()) as usize } + } + + /// Returns the block size of the cipher. + /// + /// # Note + /// + /// Stream ciphers have a block size of 1. + #[corresponds(EVP_CIPHER_block_size)] + pub fn block_size(&self) -> usize { + unsafe { EVP_CIPHER_block_size(self.as_ptr()) as usize } + } +} diff --git a/openssl-zt/src/cipher_ctx.rs b/openssl-zt/src/cipher_ctx.rs new file mode 100644 index 000000000..a1f01f527 --- /dev/null +++ b/openssl-zt/src/cipher_ctx.rs @@ -0,0 +1,168 @@ + +use std::ptr; + +use crate::error::{ErrorStack, cvt_p, cvt}; +use foreign_types::{ForeignType, foreign_type, ForeignTypeRef}; +use libc::c_int; + +foreign_type! { + pub unsafe type CipherCtx { + type CType = ffi::EVP_CIPHER_CTX; + fn drop = ffi::EVP_CIPHER_CTX_free; + } +} + +impl CipherCtx { + /// Creates a new context. + pub fn new() -> Result { + unsafe { + let ptr = cvt_p(ffi::EVP_CIPHER_CTX_new())?; + Ok(CipherCtx::from_ptr(ptr)) + } + } +} +impl CipherCtxRef { + + /// Initializes the context for encryption or decryption. + /// All pointer fields can be null, in which case the corresponding field in the context is not updated. + pub unsafe fn cipher_init(&mut self, t: *const ffi::EVP_CIPHER, key: *const u8, iv: *const u8) -> Result<(), ErrorStack>{ + let evp_f = if ENCRYPT { ffi::EVP_EncryptInit_ex } else { ffi::EVP_DecryptInit_ex }; + + cvt(evp_f( + self.as_ptr(), + t, + ptr::null_mut(), + key, + iv, + ))?; + Ok(()) + } + + + /// Writes data into the context. + /// + /// Providing no output buffer will cause the input to be considered additional authenticated data (AAD). + /// + /// Returns the number of bytes written to `output`. + /// + /// This function is the same as [`Self::cipher_update`] but with the + /// output size check removed. It can be used when the exact + /// buffer size control is maintained by the caller. + /// + /// SAFETY: The caller is expected to provide `output` buffer + /// large enough to contain correct number of bytes. For streaming + /// ciphers the output buffer size should be at least as big as + /// the input buffer. For block ciphers the size of the output + /// buffer depends on the state of partially updated blocks. + pub unsafe fn update( + &mut self, + input: &[u8], + output: *mut u8, + ) -> Result<(), ErrorStack> { + let evp_f = if ENCRYPT { ffi::EVP_EncryptUpdate } else { ffi::EVP_DecryptUpdate }; + + let mut outlen = 0; + + cvt(evp_f( + self.as_ptr(), + output, + &mut outlen, + input.as_ptr(), + input.len() as c_int, + ))?; + + Ok(()) + } + + + /// Finalizes the encryption or decryption process. + /// + /// Any remaining data will be written to the output buffer. + /// + /// Returns the number of bytes written to `output`. + /// + /// This function is the same as [`Self::cipher_final`] but with + /// the output buffer size check removed. + /// + /// SAFETY: The caller is expected to provide `output` buffer + /// large enough to contain correct number of bytes. For streaming + /// ciphers the output buffer can be empty, for block ciphers the + /// output buffer should be at least as big as the block. + pub unsafe fn finalize( + &mut self, + output: *mut u8, + ) -> Result<(), ErrorStack> { + let evp_f = if ENCRYPT { ffi::EVP_EncryptFinal_ex } else { ffi::EVP_DecryptFinal_ex }; + let mut outl = 0; + + cvt(evp_f( + self.as_ptr(), + output, + &mut outl, + ))?; + + Ok(()) + } + + /// Retrieves the calculated authentication tag from the context. + /// + /// This should be called after [`Self::cipher_final`], and is only supported by authenticated ciphers. + /// + /// The size of the buffer indicates the size of the tag. While some ciphers support a range of tag sizes, it is + /// recommended to pick the maximum size. + pub fn tag(&self, tag: &mut [u8]) -> Result<(), ErrorStack> { + + unsafe { + cvt(ffi::EVP_CIPHER_CTX_ctrl( + self.as_ptr(), + ffi::EVP_CTRL_GCM_GET_TAG, + tag.len() as c_int, + tag.as_mut_ptr() as *mut _, + ))?; + } + + Ok(()) + } + + /// Sets the authentication tag for verification during decryption. + pub fn set_tag(&mut self, tag: &[u8]) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::EVP_CIPHER_CTX_ctrl( + self.as_ptr(), + ffi::EVP_CTRL_GCM_SET_TAG, + tag.len() as c_int, + tag.as_ptr() as *mut _, + ))?; + } + + Ok(()) + } +} + +#[cfg(test)] +mod test { + use crate::init; + use super::*; + + #[test] + fn aes_128_ecb() { + init(); + let key = [1u8; 16]; + let mut ctx = CipherCtx::new().unwrap(); + unsafe { + ctx.cipher_init::(ffi::EVP_aes_128_ecb(), key.as_ptr(), ptr::null()).unwrap(); + ffi::EVP_CIPHER_CTX_set_padding(ctx.as_ptr(), 0); + assert_eq!(ffi::EVP_CIPHER_CTX_get_block_size(ctx.as_ptr()) as usize, 16); + + let origin = [2u8; 16]; + let mut val = origin.clone(); + let p = val.as_mut_ptr(); + + ctx.update::(&val, p).unwrap(); + ctx.cipher_init::(ptr::null(), key.as_ptr(), ptr::null()).unwrap(); + ctx.update::(&val, p).unwrap(); + + assert_eq!(val, origin); + } + } +} diff --git a/openssl-zt/src/ec.rs b/openssl-zt/src/ec.rs new file mode 100644 index 000000000..9c2c248d4 --- /dev/null +++ b/openssl-zt/src/ec.rs @@ -0,0 +1,191 @@ + +use std::ptr; + +use foreign_types::{ForeignType, foreign_type, ForeignTypeRef}; +use crate::bn::{BigNumContext, BigNumRef, BigNumContextRef}; +use crate::error::{ErrorStack, cvt_p, cvt, cvt_n}; + + +foreign_type! { + #[derive(Clone)] + pub unsafe type EcGroup: Send + Sync { + type CType = ffi::EC_GROUP; + fn drop = ffi::EC_GROUP_free; + } + /// Public and optional private key on the given curve. + #[derive(Clone)] + pub unsafe type EcKey { + type CType = ffi::EC_KEY; + fn drop = ffi::EC_KEY_free; + } + + pub unsafe type EcPoint { + type CType = ffi::EC_POINT; + fn drop = ffi::EC_POINT_free; + } +} + +impl EcKeyRef { + /// Returns the public key. The returned EcPoint must be treated as read only. + pub fn public_key(&self) -> &EcPointRef { + unsafe { + let ptr = ffi::EC_KEY_get0_public_key(self.as_ptr()); + &*ptr.cast() + } + } + + /// Returns the private key value. The returned BigNum must be treated as read only. + pub fn private_key(&self) -> &BigNumRef { + unsafe { + let ptr = ffi::EC_KEY_get0_private_key(self.as_ptr()); + &*ptr.cast() + } + } + + /// Checks the key for validity. + pub fn check_key(&self) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::EC_KEY_check_key(self.as_ptr())).map(|_| ()) } + } +} +impl EcKey { + /// Generates a new public/private key pair on the specified curve. + pub fn generate(group: &EcGroupRef) -> Result { + unsafe { + cvt_p(ffi::EC_KEY_new()) + .map(|p| EcKey::from_ptr(p)) + .and_then(|key| { + cvt(ffi::EC_KEY_set_group(key.as_ptr(), group.as_ptr())).map(|_| key) + }) + .and_then(|key| cvt(ffi::EC_KEY_generate_key(key.as_ptr())).map(|_| key)) + } + } + /// Constructs an `EcKey` from the specified group with the associated [`EcPoint`]: `public_key`. + /// + /// This will only have the associated `public_key`. + pub fn from_public_key( + group: &EcGroupRef, + public_key: &EcPointRef, + ) -> Result { + unsafe { + cvt_p(ffi::EC_KEY_new()) + .map(|p| EcKey::from_ptr(p)) + .and_then(|key| { + cvt(ffi::EC_KEY_set_group(key.as_ptr(), group.as_ptr())).map(|_| key) + }) + .and_then(|key| { + cvt(ffi::EC_KEY_set_public_key( + key.as_ptr(), + public_key.as_ptr(), + )) + .map(|_| key) + }) + } + } + + /// Constructs an public/private key pair given a curve, a private key and a public key point. + pub fn from_private_components( + group: &EcGroupRef, + private_number: &BigNumRef, + public_key: &EcPointRef, + ) -> Result { + unsafe { + cvt_p(ffi::EC_KEY_new()) + .map(|p| EcKey::from_ptr(p)) + .and_then(|key| { + cvt(ffi::EC_KEY_set_group(key.as_ptr(), group.as_ptr())).map(|_| key) + }) + .and_then(|key| { + cvt(ffi::EC_KEY_set_private_key( + key.as_ptr(), + private_number.as_ptr(), + )) + .map(|_| key) + }) + .and_then(|key| { + cvt(ffi::EC_KEY_set_public_key( + key.as_ptr(), + public_key.as_ptr(), + )) + .map(|_| key) + }) + } + } +} + +impl EcPoint { + /// Creates a new point on the specified curve. + pub fn new(group: &EcGroupRef) -> Result { + unsafe { cvt_p(ffi::EC_POINT_new(group.as_ptr())).map(|x| EcPoint::from_ptr(x)) } + } + /// Creates point from a binary representation + pub fn from_bytes( + group: &EcGroupRef, + buf: &[u8], + ctx: &mut BigNumContext, + ) -> Result { + let point = EcPoint::new(group)?; + unsafe { + cvt(ffi::EC_POINT_oct2point( + group.as_ptr(), + point.as_ptr(), + buf.as_ptr(), + buf.len(), + ctx.as_ptr(), + ))?; + } + Ok(point) + } +} + +impl EcPointRef { + /// Serializes the point to a binary representation. + pub fn to_bytes( + &self, + group: &EcGroupRef, + form: ffi::point_conversion_form_t, + ctx: &BigNumContextRef, + ) -> Result, ErrorStack> { + unsafe { + let len = ffi::EC_POINT_point2oct( + group.as_ptr(), + self.as_ptr(), + form, + ptr::null_mut(), + 0, + ctx.as_ptr(), + ); + if len == 0 { + return Err(ErrorStack::get()); + } + let mut buf = vec![0; len]; + let len = ffi::EC_POINT_point2oct( + group.as_ptr(), + self.as_ptr(), + form, + buf.as_mut_ptr(), + len, + ctx.as_ptr(), + ); + if len == 0 { + Err(ErrorStack::get()) + } else { + Ok(buf) + } + } + } + /// Checks if point is on a given curve + pub fn is_on_curve( + &self, + group: &EcGroupRef, + ctx: &BigNumContextRef, + ) -> Result { + unsafe { + let res = cvt_n(ffi::EC_POINT_is_on_curve( + group.as_ptr(), + self.as_ptr(), + ctx.as_ptr(), + ))?; + Ok(res == 1) + } + } +} diff --git a/openssl-zt/src/error.rs b/openssl-zt/src/error.rs new file mode 100644 index 000000000..939a0a2fe --- /dev/null +++ b/openssl-zt/src/error.rs @@ -0,0 +1,394 @@ + +use cfg_if::cfg_if; +use libc::{c_char, c_int}; +use std::borrow::Cow; +#[cfg(boringssl)] +use std::convert::TryInto; +use std::error; +use std::ffi::CStr; +use std::fmt; +use std::io; +use std::ptr; +use std::str; + +#[cfg(not(boringssl))] +type ErrType = libc::c_ulong; +#[cfg(boringssl)] +type ErrType = libc::c_uint; + +/// Collection of [`Error`]s from OpenSSL. +/// +/// [`Error`]: struct.Error.html +#[derive(Debug, Clone)] +pub struct ErrorStack(Vec); + +impl ErrorStack { + /// Returns the contents of the OpenSSL error stack. + pub fn get() -> ErrorStack { + let mut vec = vec![]; + while let Some(err) = Error::get() { + vec.push(err); + } + ErrorStack(vec) + } + + /// Pushes the errors back onto the OpenSSL error stack. + pub fn put(&self) { + for error in self.errors() { + error.put(); + } + } +} + +impl ErrorStack { + /// Returns the errors in the stack. + pub fn errors(&self) -> &[Error] { + &self.0 + } +} + +impl fmt::Display for ErrorStack { + fn fmt(&self, fmt: &mut fmt::Formatter<'_>) -> fmt::Result { + if self.0.is_empty() { + return fmt.write_str("OpenSSL error"); + } + + let mut first = true; + for err in &self.0 { + if !first { + fmt.write_str(", ")?; + } + write!(fmt, "{}", err)?; + first = false; + } + Ok(()) + } +} + +impl error::Error for ErrorStack {} + +impl From for io::Error { + fn from(e: ErrorStack) -> io::Error { + io::Error::new(io::ErrorKind::Other, e) + } +} + +impl From for fmt::Error { + fn from(_: ErrorStack) -> fmt::Error { + fmt::Error + } +} + +/// An error reported from OpenSSL. +#[derive(Clone)] +pub struct Error { + code: ErrType, + file: ShimStr, + line: c_int, + func: Option, + data: Option>, +} + +unsafe impl Sync for Error {} +unsafe impl Send for Error {} + +impl Error { + /// Returns the first error on the OpenSSL error stack. + pub fn get() -> Option { + unsafe { + let mut file = ptr::null(); + let mut line = 0; + let mut func = ptr::null(); + let mut data = ptr::null(); + let mut flags = 0; + match ERR_get_error_all(&mut file, &mut line, &mut func, &mut data, &mut flags) { + 0 => None, + code => { + // The memory referenced by data is only valid until that slot is overwritten + // in the error stack, so we'll need to copy it off if it's dynamic + let data = if flags & ffi::ERR_TXT_STRING != 0 { + let bytes = CStr::from_ptr(data as *const _).to_bytes(); + let data = str::from_utf8(bytes).unwrap(); + #[cfg(not(boringssl))] + let data = if flags & ffi::ERR_TXT_MALLOCED != 0 { + Cow::Owned(data.to_string()) + } else { + Cow::Borrowed(data) + }; + #[cfg(boringssl)] + let data = Cow::Borrowed(data); + Some(data) + } else { + None + }; + + let file = ShimStr::new(file); + + let func = if func.is_null() { + None + } else { + Some(ShimStr::new(func)) + }; + + Some(Error { + code, + file, + line, + func, + data, + }) + } + } + } + } + + /// Pushes the error back onto the OpenSSL error stack. + pub fn put(&self) { + self.put_error(); + + unsafe { + let data = match self.data { + Some(Cow::Borrowed(data)) => Some((data.as_ptr() as *mut c_char, 0)), + Some(Cow::Owned(ref data)) => { + let ptr = ffi::CRYPTO_malloc( + (data.len() + 1) as _, + concat!(file!(), "\0").as_ptr() as _, + line!() as _, + ) as *mut c_char; + if ptr.is_null() { + None + } else { + ptr::copy_nonoverlapping(data.as_ptr(), ptr as *mut u8, data.len()); + *ptr.add(data.len()) = 0; + Some((ptr, ffi::ERR_TXT_MALLOCED)) + } + } + None => None, + }; + if let Some((ptr, flags)) = data { + ffi::ERR_set_error_data(ptr, flags | ffi::ERR_TXT_STRING); + } + } + } + + #[cfg(ossl300)] + fn put_error(&self) { + unsafe { + ffi::ERR_new(); + ffi::ERR_set_debug( + self.file.as_ptr(), + self.line, + self.func.as_ref().map_or(ptr::null(), |s| s.as_ptr()), + ); + ffi::ERR_set_error( + ffi::ERR_GET_LIB(self.code), + ffi::ERR_GET_REASON(self.code), + ptr::null(), + ); + } + } + + #[cfg(not(ossl300))] + fn put_error(&self) { + #[cfg(not(boringssl))] + let line = self.line; + #[cfg(boringssl)] + let line = self.line.try_into().unwrap(); + unsafe { + ffi::ERR_put_error( + ffi::ERR_GET_LIB(self.code), + ffi::ERR_GET_FUNC(self.code), + ffi::ERR_GET_REASON(self.code), + self.file.as_ptr(), + line, + ); + } + } + + /// Returns the raw OpenSSL error code for this error. + pub fn code(&self) -> ErrType { + self.code + } + + /// Returns the name of the library reporting the error, if available. + pub fn library(&self) -> Option<&'static str> { + unsafe { + let cstr = ffi::ERR_lib_error_string(self.code); + if cstr.is_null() { + return None; + } + let bytes = CStr::from_ptr(cstr as *const _).to_bytes(); + Some(str::from_utf8(bytes).unwrap()) + } + } + + /// Returns the name of the function reporting the error. + pub fn function(&self) -> Option> { + self.func.as_ref().map(|s| s.as_str()) + } + + /// Returns the reason for the error. + pub fn reason(&self) -> Option<&'static str> { + unsafe { + let cstr = ffi::ERR_reason_error_string(self.code); + if cstr.is_null() { + return None; + } + let bytes = CStr::from_ptr(cstr as *const _).to_bytes(); + Some(str::from_utf8(bytes).unwrap()) + } + } + + /// Returns the name of the source file which encountered the error. + pub fn file(&self) -> RetStr<'_> { + self.file.as_str() + } + + /// Returns the line in the source file which encountered the error. + pub fn line(&self) -> u32 { + self.line as u32 + } + + /// Returns additional data describing the error. + #[allow(clippy::option_as_ref_deref)] + pub fn data(&self) -> Option<&str> { + self.data.as_ref().map(|s| &**s) + } +} + +impl fmt::Debug for Error { + fn fmt(&self, fmt: &mut fmt::Formatter<'_>) -> fmt::Result { + let mut builder = fmt.debug_struct("Error"); + builder.field("code", &self.code()); + if let Some(library) = self.library() { + builder.field("library", &library); + } + if let Some(function) = self.function() { + builder.field("function", &function); + } + if let Some(reason) = self.reason() { + builder.field("reason", &reason); + } + builder.field("file", &self.file()); + builder.field("line", &self.line()); + if let Some(data) = self.data() { + builder.field("data", &data); + } + builder.finish() + } +} + +impl fmt::Display for Error { + fn fmt(&self, fmt: &mut fmt::Formatter<'_>) -> fmt::Result { + write!(fmt, "error:{:08X}", self.code())?; + match self.library() { + Some(l) => write!(fmt, ":{}", l)?, + None => write!(fmt, ":lib({})", ffi::ERR_GET_LIB(self.code()))?, + } + match self.function() { + Some(f) => write!(fmt, ":{}", f)?, + None => write!(fmt, ":func({})", ffi::ERR_GET_FUNC(self.code()))?, + } + match self.reason() { + Some(r) => write!(fmt, ":{}", r)?, + None => write!(fmt, ":reason({})", ffi::ERR_GET_REASON(self.code()))?, + } + write!( + fmt, + ":{}:{}:{}", + self.file(), + self.line(), + self.data().unwrap_or("") + ) + } +} + +impl error::Error for Error {} + +cfg_if! { + if #[cfg(ossl300)] { + use std::ffi::{CString}; + use ffi::ERR_get_error_all; + + type RetStr<'a> = &'a str; + + #[derive(Clone)] + struct ShimStr(CString); + + impl ShimStr { + unsafe fn new(s: *const c_char) -> Self { + ShimStr(CStr::from_ptr(s).to_owned()) + } + + fn as_ptr(&self) -> *const c_char { + self.0.as_ptr() + } + + fn as_str(&self) -> &str { + self.0.to_str().unwrap() + } + } + } else { + #[allow(bad_style)] + unsafe extern "C" fn ERR_get_error_all( + file: *mut *const c_char, + line: *mut c_int, + func: *mut *const c_char, + data: *mut *const c_char, + flags: *mut c_int, + ) -> ErrType { + let code = ffi::ERR_get_error_line_data(file, line, data, flags); + *func = ffi::ERR_func_error_string(code); + code + } + + type RetStr<'a> = &'static str; + + #[derive(Clone)] + struct ShimStr(*const c_char); + + impl ShimStr { + unsafe fn new(s: *const c_char) -> Self { + ShimStr(s) + } + + fn as_ptr(&self) -> *const c_char { + self.0 + } + + fn as_str(&self) -> &'static str { + unsafe { + CStr::from_ptr(self.0).to_str().unwrap() + } + } + } + } +} + + +#[inline] +pub fn cvt_p(r: *mut T) -> Result<*mut T, ErrorStack> { + if r.is_null() { + Err(ErrorStack::get()) + } else { + Ok(r) + } +} + +#[inline] +pub fn cvt(r: c_int) -> Result { + if r <= 0 { + Err(ErrorStack::get()) + } else { + Ok(r) + } +} + +#[inline] +pub fn cvt_n(r: c_int) -> Result { + if r < 0 { + Err(ErrorStack::get()) + } else { + Ok(r) + } +} diff --git a/openssl-zt/src/hash.rs b/openssl-zt/src/hash.rs new file mode 100644 index 000000000..2badb9c9a --- /dev/null +++ b/openssl-zt/src/hash.rs @@ -0,0 +1,289 @@ +// (c) 2020-2022 ZeroTier, Inc. -- currently proprietary pending actual release and licensing. See LICENSE.md. + +use std::ffi::c_void; +use std::io::Write; +use std::mem::MaybeUninit; +use std::os::raw::{c_int, c_uint}; +use std::ptr::null; + +pub const SHA512_HASH_SIZE: usize = 64; +pub const SHA384_HASH_SIZE: usize = 48; +pub const HMAC_SHA512_SIZE: usize = 64; +pub const HMAC_SHA384_SIZE: usize = 48; + +pub struct SHA512(ffi::SHA512_CTX); + +impl SHA512 { + #[inline(always)] + pub fn hash(data: &[u8]) -> [u8; SHA512_HASH_SIZE] { + unsafe { + let mut hash = MaybeUninit::<[u8; 64]>::uninit(); + ffi::SHA512(data.as_ptr(), data.len(), hash.as_mut_ptr() as *mut _); + hash.assume_init() + } + } + + /// Creates a new hasher. + #[inline(always)] + pub fn new() -> Self { + unsafe { + let mut ctx = MaybeUninit::uninit(); + ffi::SHA512_Init(ctx.as_mut_ptr()); + SHA512(ctx.assume_init()) + } + } + + /// Feeds some data into the hasher. + /// + /// This can be called multiple times. + #[inline(always)] + pub fn reset(&mut self) { + unsafe { ffi::SHA512_Init(&mut self.0) }; + } + + #[inline(always)] + pub fn update(&mut self, buf: &[u8]) { + unsafe { + ffi::SHA512_Update(&mut self.0, buf.as_ptr() as *const c_void, buf.len()); + } + } + + /// Returns the hash of the data. + #[inline(always)] + pub fn finish(&mut self) -> [u8; SHA512_HASH_SIZE] { + unsafe { + let mut hash = MaybeUninit::<[u8; 64]>::uninit(); + ffi::SHA512_Final(hash.as_mut_ptr() as *mut _, &mut self.0); + hash.assume_init() + } + } +} + +impl Write for SHA512 { + #[inline(always)] + fn write(&mut self, b: &[u8]) -> std::io::Result { + self.update(b); + Ok(b.len()) + } + + #[inline(always)] + fn flush(&mut self) -> std::io::Result<()> { + Ok(()) + } +} + +unsafe impl Send for SHA512 {} + +pub struct SHA384(ffi::SHA512_CTX); + +impl SHA384 { + #[inline(always)] + pub fn hash(data: &[u8]) -> [u8; SHA384_HASH_SIZE] { + unsafe { + let mut hash = MaybeUninit::<[u8; 48]>::uninit(); + ffi::SHA384(data.as_ptr(), data.len(), hash.as_mut_ptr() as *mut _); + hash.assume_init() + } + } + + #[inline(always)] + pub fn new() -> Self { + unsafe { + let mut ctx = MaybeUninit::uninit(); + ffi::SHA384_Init(ctx.as_mut_ptr()); + SHA384(ctx.assume_init()) + } + } + + #[inline(always)] + pub fn reset(&mut self) { + unsafe { + ffi::SHA384_Init(&mut self.0); + } + } + + #[inline(always)] + pub fn update(&mut self, buf: &[u8]) { + unsafe { + ffi::SHA384_Update(&mut self.0, buf.as_ptr() as *const c_void, buf.len()); + } + } + + #[inline(always)] + pub fn finish(&mut self) -> [u8; SHA384_HASH_SIZE] { + unsafe { + let mut hash = MaybeUninit::<[u8; 48]>::uninit(); + ffi::SHA384_Final(hash.as_mut_ptr() as *mut _, &mut self.0); + hash.assume_init() + } + } +} + +impl Write for SHA384 { + #[inline(always)] + fn write(&mut self, b: &[u8]) -> std::io::Result { + self.update(b); + Ok(b.len()) + } + + #[inline(always)] + fn flush(&mut self) -> std::io::Result<()> { + Ok(()) + } +} + +unsafe impl Send for SHA384 {} + +//#[link(name="crypto")] +extern "C" { + fn HMAC_CTX_new() -> *mut c_void; + fn HMAC_CTX_reset(ctx: *mut c_void) -> c_int; + fn HMAC_Init_ex(ctx: *mut c_void, key: *const c_void, key_len: c_int, evp_md: *const c_void, _impl: *const c_void) -> c_int; + fn HMAC_Update(ctx: *mut c_void, data: *const c_void, len: usize) -> c_int; + fn HMAC_Final(ctx: *mut c_void, output: *mut c_void, output_len: *mut c_uint) -> c_int; + fn HMAC_CTX_free(ctx: *mut c_void); + fn EVP_sha384() -> *const c_void; + fn EVP_sha512() -> *const c_void; +} + +pub struct HMACSHA512 { + ctx: *mut c_void, + evp_md: *const c_void, +} + +impl HMACSHA512 { + #[inline(always)] + pub fn new(key: &[u8]) -> Self { + unsafe { + let hm = Self { ctx: HMAC_CTX_new(), evp_md: EVP_sha512() }; + assert!(!hm.ctx.is_null()); + assert_ne!(HMAC_Init_ex(hm.ctx, key.as_ptr().cast(), key.len() as c_int, hm.evp_md, null()), 0); + hm + } + } + + #[inline(always)] + pub fn reset(&mut self) { + unsafe { + assert_ne!(HMAC_CTX_reset(self.ctx), 0); + } + } + + #[inline(always)] + pub fn update(&mut self, b: &[u8]) { + unsafe { + assert_ne!(HMAC_Update(self.ctx, b.as_ptr().cast(), b.len()), 0); + } + } + + #[inline(always)] + pub fn finish_into(&mut self, md: &mut [u8]) { + unsafe { + assert_eq!(md.len(), 64); + let mut mdlen: c_uint = 64; + assert_ne!(HMAC_Final(self.ctx, md.as_mut_ptr().cast(), &mut mdlen), 0); + assert_eq!(mdlen, 64); + } + } + + #[inline(always)] + pub fn finish(&mut self) -> [u8; 64] { + let mut tmp = [0u8; 64]; + self.finish_into(&mut tmp); + tmp + } +} + +impl Drop for HMACSHA512 { + #[inline(always)] + fn drop(&mut self) { + unsafe { HMAC_CTX_free(self.ctx) }; + } +} + +unsafe impl Send for HMACSHA512 {} + +pub struct HMACSHA384 { + ctx: *mut c_void, + evp_md: *const c_void, +} + +impl HMACSHA384 { + #[inline(always)] + pub fn new(key: &[u8]) -> Self { + unsafe { + let hm = Self { ctx: HMAC_CTX_new(), evp_md: EVP_sha384() }; + assert!(!hm.ctx.is_null()); + assert_ne!(HMAC_Init_ex(hm.ctx, key.as_ptr().cast(), key.len() as c_int, hm.evp_md, null()), 0); + hm + } + } + + #[inline(always)] + pub fn reset(&mut self) { + unsafe { + assert_ne!(HMAC_CTX_reset(self.ctx), 0); + } + } + + #[inline(always)] + pub fn update(&mut self, b: &[u8]) { + unsafe { + assert_ne!(HMAC_Update(self.ctx, b.as_ptr().cast(), b.len()), 0); + } + } + + #[inline(always)] + pub fn finish_into(&mut self, md: &mut [u8]) { + unsafe { + assert_eq!(md.len(), 48); + let mut mdlen: c_uint = 48; + assert_ne!(HMAC_Final(self.ctx, md.as_mut_ptr().cast(), &mut mdlen), 0); + assert_eq!(mdlen, 48); + } + } + + #[inline(always)] + pub fn finish(&mut self) -> [u8; 48] { + let mut tmp = [0u8; 48]; + self.finish_into(&mut tmp); + tmp + } +} + +impl Drop for HMACSHA384 { + #[inline(always)] + fn drop(&mut self) { + unsafe { HMAC_CTX_free(self.ctx) }; + } +} + +unsafe impl Send for HMACSHA384 {} + +#[inline(always)] +pub fn hmac_sha512(key: &[u8], msg: &[u8]) -> [u8; 64] { + let mut hm = HMACSHA512::new(key); + hm.update(msg); + hm.finish() +} + +#[inline(always)] +pub fn hmac_sha512_into(key: &[u8], msg: &[u8], md: &mut [u8]) { + let mut hm = HMACSHA512::new(key); + hm.update(msg); + hm.finish_into(md); +} + +#[inline(always)] +pub fn hmac_sha384(key: &[u8], msg: &[u8]) -> [u8; 48] { + let mut hm = HMACSHA384::new(key); + hm.update(msg); + hm.finish() +} + +#[inline(always)] +pub fn hmac_sha384_into(key: &[u8], msg: &[u8], md: &mut [u8]) { + let mut hm = HMACSHA384::new(key); + hm.update(msg); + hm.finish_into(md); +} diff --git a/openssl-zt/src/lib.rs b/openssl-zt/src/lib.rs new file mode 100644 index 000000000..c5d6d2263 --- /dev/null +++ b/openssl-zt/src/lib.rs @@ -0,0 +1,32 @@ + +mod error; +mod cipher_ctx; +mod bn; +mod ec; + +pub mod secret; +pub mod random; +pub mod aes; +pub mod hash; +pub mod p384; + +/// This must be called before using any function from this library. +pub fn init() { + ffi::init(); + lazy_static::initialize(&p384::GROUP_P384); +} + +/// Constant time byte slice equality. +#[inline] +pub fn secure_eq + ?Sized, B: AsRef<[u8]> + ?Sized>(a: &A, b: &B) -> bool { + let (a, b) = (a.as_ref(), b.as_ref()); + if a.len() == b.len() { + let mut x = 0u8; + for (aa, bb) in a.iter().zip(b.iter()) { + x |= *aa ^ *bb; + } + x == 0 + } else { + false + } +} diff --git a/crypto/src/p384.rs b/openssl-zt/src/p384.rs similarity index 86% rename from crypto/src/p384.rs rename to openssl-zt/src/p384.rs index 4baea80d9..80526afa2 100644 --- a/crypto/src/p384.rs +++ b/openssl-zt/src/p384.rs @@ -19,17 +19,15 @@ pub const P384_ECDH_SHARED_SECRET_SIZE: usize = 48; #[cfg(not(target_feature = "builtin_nist_ecc"))] mod openssl_based { use std::convert::TryInto; + use std::{mem, ptr}; use std::os::raw::{c_int, c_ulong, c_void}; - use std::ptr::{null, write_volatile}; use foreign_types::{ForeignType, ForeignTypeRef}; use lazy_static::lazy_static; - use openssl::bn::{BigNum, BigNumContext}; - use openssl::ec::{EcKey, EcPoint, EcPointRef, PointConversionForm}; - use openssl::ecdsa::EcdsaSig; - use openssl::nid::Nid; - use openssl::pkey::{Private, Public}; + use crate::bn::{BigNum, BigNumContext}; + use crate::ec::{EcGroup, EcKey, EcPoint, EcPointRef}; + use crate::error::cvt_p; use crate::hash::SHA384; use crate::secret::Secret; use crate::secure_eq; @@ -42,13 +40,15 @@ mod openssl_based { } lazy_static! { - static ref GROUP_P384: openssl::ec::EcGroup = openssl::ec::EcGroup::from_curve_name(Nid::SECP384R1).unwrap(); + pub(crate) static ref GROUP_P384: EcGroup = unsafe { + EcGroup::from_ptr(cvt_p(ffi::EC_GROUP_new_by_curve_name(ffi::NID_secp384r1)).unwrap()) + }; } /// A NIST P-384 ECDH/ECDSA public key. #[derive(Clone)] pub struct P384PublicKey { - key: EcKey, + key: EcKey, bytes: [u8; 49], } @@ -56,12 +56,12 @@ mod openssl_based { fn new_from_point(key: &EcPointRef) -> Self { let mut bnc = BigNumContext::new().unwrap(); let kb = key - .to_bytes(GROUP_P384.as_ref(), PointConversionForm::COMPRESSED, &mut bnc) - .unwrap(); + .to_bytes(&GROUP_P384, ffi::point_conversion_form_t::POINT_CONVERSION_COMPRESSED, &bnc) + .unwrap(); let mut bytes = [0_u8; 49]; bytes[(49 - kb.len())..].copy_from_slice(kb.as_slice()); Self { - key: EcKey::from_public_key(GROUP_P384.as_ref(), key).unwrap(), + key: EcKey::from_public_key(&GROUP_P384, key).unwrap(), bytes, } } @@ -69,13 +69,10 @@ mod openssl_based { pub fn from_bytes(b: &[u8]) -> Option { if b.len() == 49 { let mut bnc = BigNumContext::new().unwrap(); - let key = EcPoint::from_bytes(GROUP_P384.as_ref(), b, &mut bnc); - if key.is_ok() { - let key = key.unwrap(); - if key.is_on_curve(GROUP_P384.as_ref(), &mut bnc).unwrap_or(false) { - let key = EcKey::from_public_key(GROUP_P384.as_ref(), key.as_ref()); - if key.is_ok() { - return Some(Self { key: key.unwrap(), bytes: b.try_into().unwrap() }); + if let Ok(point) = EcPoint::from_bytes(&GROUP_P384, b, &mut bnc) { + if point.is_on_curve(&GROUP_P384, &bnc).unwrap_or(false) { + if let Ok(key) = EcKey::from_public_key(&GROUP_P384, &point) { + return Some(Self { key, bytes: b.try_into().unwrap() }); } } } @@ -87,16 +84,27 @@ mod openssl_based { if signature.len() == 96 { let r = BigNum::from_slice(&signature[0..48]); let s = BigNum::from_slice(&signature[48..96]); - if r.is_ok() && s.is_ok() { - let r = r.unwrap(); - let s = s.unwrap(); + if let (Ok(r), Ok(s)) = (r, s) { let z = BigNum::from_u32(0).unwrap(); // Check that r and s are >=1 just in case the OpenSSL version or an OpenSSL API lookalike is // vulnerable to this, since a bunch of vulnerabilities involving zero r/s just made the rounds. if r.gt(&z) && s.gt(&z) { - let sig = EcdsaSig::from_private_components(r, s); - if sig.is_ok() { - return sig.unwrap().verify(&SHA384::hash(msg), self.key.as_ref()).unwrap_or(false); + unsafe { + let sig = ffi::ECDSA_SIG_new(); + if !sig.is_null() { + if ffi::ECDSA_SIG_set0(sig, r.as_ptr(), s.as_ptr()) == 1 { + mem::forget((r, s)); + + let data = &SHA384::hash(msg); + + return ffi::ECDSA_do_verify( + data.as_ptr(), + data.len() as c_int, + sig, + self.key.as_ptr(), + ) == 1 + } + } } } } @@ -122,38 +130,30 @@ mod openssl_based { /// A NIST P-384 ECDH/ECDSA public/private key pair. #[derive(Clone)] pub struct P384KeyPair { - pair: EcKey, + pair: EcKey, public: P384PublicKey, } impl P384KeyPair { pub fn generate() -> P384KeyPair { - let pair = EcKey::generate(GROUP_P384.as_ref()).unwrap(); // failure implies a serious problem - assert!(pair.check_key().is_ok()); // also would imply a serious problem + let pair = EcKey::generate(&GROUP_P384).unwrap(); // failure implies a serious problem let public = P384PublicKey::new_from_point(pair.public_key()); Self { pair, public } } pub fn from_bytes(public_bytes: &[u8], secret_bytes: &[u8]) -> Option { if public_bytes.len() == 49 && secret_bytes.len() == 48 { - P384PublicKey::from_bytes(public_bytes).map_or(None, |public| { - BigNum::from_slice(secret_bytes).map_or(None, |private| { - let pair = EcKey::from_private_components(GROUP_P384.as_ref(), private.as_ref(), public.key.public_key()); - if pair.is_ok() { - let pair = pair.unwrap(); + if let Some(public) = P384PublicKey::from_bytes(public_bytes) { + if let Ok(private) = BigNum::from_slice(secret_bytes) { + if let Ok(pair) = EcKey::from_private_components(&GROUP_P384, &private, public.key.public_key()) { if pair.check_key().is_ok() { - Some(Self { pair, public }) - } else { - None + return Some(Self { pair, public }) } - } else { - None } - }) - }) - } else { - None + } + } } + return None } pub fn public_key(&self) -> &P384PublicKey { @@ -166,28 +166,36 @@ mod openssl_based { pub fn secret_key_bytes(&self) -> Secret { let mut tmp: Secret = Secret::default(); - let mut k = self.pair.private_key().to_vec(); - tmp.0[(48 - k.len())..].copy_from_slice(k.as_slice()); - unsafe { - // Force zero memory occupied by temporary vector before releasing. - let kp = k.as_mut_ptr(); - for i in 0..k.len() { - write_volatile(kp.add(i), 0); - } - } + let size = self.pair.private_key().to_bytes(&mut tmp.0).unwrap(); + tmp.0.copy_within(..size, P384_SECRET_KEY_SIZE - size); tmp } /// Sign a message with ECDSA/SHA384. pub fn sign(&self, msg: &[u8]) -> [u8; P384_ECDSA_SIGNATURE_SIZE] { - let sig = EcdsaSig::sign(&SHA384::hash(msg), self.pair.as_ref()).unwrap(); - let r = sig.r().to_vec(); - let s = sig.s().to_vec(); - assert!(!r.is_empty() && !s.is_empty() && r.len() <= 48 && s.len() <= 48); - let mut b = [0_u8; P384_ECDSA_SIGNATURE_SIZE]; - b[(48 - r.len())..48].copy_from_slice(r.as_slice()); - b[(96 - s.len())..96].copy_from_slice(s.as_slice()); - b + let data = &SHA384::hash(msg); + unsafe { + let sig = ffi::ECDSA_do_sign( + data.as_ptr(), + data.len() as c_int, + self.pair.as_ref().as_ptr(), + ); + assert!(!sig.is_null()); + + let mut r = ptr::null(); + let mut s = ptr::null(); + ffi::ECDSA_SIG_get0(sig, &mut r, &mut s); + let r_len = ((ffi::BN_num_bits(r) + 7) / 8) as usize; + let s_len = ((ffi::BN_num_bits(s) + 7) / 8) as usize; + const CAP: usize = P384_ECDSA_SIGNATURE_SIZE/2; + assert!(r_len > 0 && s_len > 0 && r_len <= CAP && s_len <= CAP); + + let mut b = [0_u8; P384_ECDSA_SIGNATURE_SIZE]; + ffi::BN_bn2bin(r, b[(CAP - r_len)..CAP].as_mut_ptr()); + ffi::BN_bn2bin(s, b[(P384_ECDSA_SIGNATURE_SIZE - s_len)..P384_ECDSA_SIGNATURE_SIZE].as_mut_ptr()); + b + } + } /// Perform ECDH key agreement, returning the raw (un-hashed!) ECDH secret. @@ -201,7 +209,7 @@ mod openssl_based { 48, other_public.key.public_key().as_ptr().cast(), self.pair.as_ptr().cast(), - null(), + ptr::null(), ) == 48 { Some(s) @@ -260,49 +268,49 @@ mod builtin { pub y: [u64; 6], } static mut curve_p: [uint64_t; 6] = [ - 0xffffffff as libc::c_uint as uint64_t, - 0xffffffff00000000 as libc::c_ulong, - 0xfffffffffffffffe as libc::c_ulong, - 0xffffffffffffffff as libc::c_ulong, - 0xffffffffffffffff as libc::c_ulong, - 0xffffffffffffffff as libc::c_ulong, + 0xffffffff as libc::c_uint as uint64_t, + 0xffffffff00000000 as libc::c_ulong, + 0xfffffffffffffffe as libc::c_ulong, + 0xffffffffffffffff as libc::c_ulong, + 0xffffffffffffffff as libc::c_ulong, + 0xffffffffffffffff as libc::c_ulong, ]; static mut curve_b: [uint64_t; 6] = [ - 0x2a85c8edd3ec2aef as libc::c_long as uint64_t, - 0xc656398d8a2ed19d as libc::c_ulong, - 0x314088f5013875a as libc::c_long as uint64_t, - 0x181d9c6efe814112 as libc::c_long as uint64_t, - 0x988e056be3f82d19 as libc::c_ulong, - 0xb3312fa7e23ee7e4 as libc::c_ulong, + 0x2a85c8edd3ec2aef as libc::c_long as uint64_t, + 0xc656398d8a2ed19d as libc::c_ulong, + 0x314088f5013875a as libc::c_long as uint64_t, + 0x181d9c6efe814112 as libc::c_long as uint64_t, + 0x988e056be3f82d19 as libc::c_ulong, + 0xb3312fa7e23ee7e4 as libc::c_ulong, ]; static mut curve_G: EccPoint = { let mut init = EccPoint { x: [ - 0x3a545e3872760ab7 as libc::c_long as uint64_t, - 0x5502f25dbf55296c as libc::c_long as uint64_t, - 0x59f741e082542a38 as libc::c_long as uint64_t, - 0x6e1d3b628ba79b98 as libc::c_long as uint64_t, - 0x8eb1c71ef320ad74 as libc::c_ulong, - 0xaa87ca22be8b0537 as libc::c_ulong, + 0x3a545e3872760ab7 as libc::c_long as uint64_t, + 0x5502f25dbf55296c as libc::c_long as uint64_t, + 0x59f741e082542a38 as libc::c_long as uint64_t, + 0x6e1d3b628ba79b98 as libc::c_long as uint64_t, + 0x8eb1c71ef320ad74 as libc::c_ulong, + 0xaa87ca22be8b0537 as libc::c_ulong, ], y: [ - 0x7a431d7c90ea0e5f as libc::c_long as uint64_t, - 0xa60b1ce1d7e819d as libc::c_long as uint64_t, - 0xe9da3113b5f0b8c0 as libc::c_ulong, - 0xf8f41dbd289a147c as libc::c_ulong, - 0x5d9e98bf9292dc29 as libc::c_long as uint64_t, - 0x3617de4a96262c6f as libc::c_long as uint64_t, + 0x7a431d7c90ea0e5f as libc::c_long as uint64_t, + 0xa60b1ce1d7e819d as libc::c_long as uint64_t, + 0xe9da3113b5f0b8c0 as libc::c_ulong, + 0xf8f41dbd289a147c as libc::c_ulong, + 0x5d9e98bf9292dc29 as libc::c_long as uint64_t, + 0x3617de4a96262c6f as libc::c_long as uint64_t, ], }; init }; static mut curve_n: [uint64_t; 6] = [ - 0xecec196accc52973 as libc::c_ulong, - 0x581a0db248b0a77a as libc::c_long as uint64_t, - 0xc7634d81f4372ddf as libc::c_ulong, - 0xffffffffffffffff as libc::c_ulong, - 0xffffffffffffffff as libc::c_ulong, - 0xffffffffffffffff as libc::c_ulong, + 0xecec196accc52973 as libc::c_ulong, + 0x581a0db248b0a77a as libc::c_long as uint64_t, + 0xc7634d81f4372ddf as libc::c_ulong, + 0xffffffffffffffff as libc::c_ulong, + 0xffffffffffffffff as libc::c_ulong, + 0xffffffffffffffff as libc::c_ulong, ]; unsafe fn getRandomNumber(mut p_vli: *mut uint64_t) -> libc::c_int { @@ -335,7 +343,7 @@ mod builtin { unsafe fn vli_testBit(mut p_vli: *mut uint64_t, mut p_bit: uint) -> uint64_t { return *p_vli.offset(p_bit.wrapping_div(64 as libc::c_int as libc::c_uint) as isize) - & (1 as libc::c_int as uint64_t) << p_bit.wrapping_rem(64 as libc::c_int as libc::c_uint); + & (1 as libc::c_int as uint64_t) << p_bit.wrapping_rem(64 as libc::c_int as libc::c_uint); } /* Counts the number of 64-bit "digits" in p_vli. */ @@ -365,9 +373,9 @@ mod builtin { i = i.wrapping_add(1) } return l_numDigits - .wrapping_sub(1 as libc::c_int as libc::c_uint) - .wrapping_mul(64 as libc::c_int as libc::c_uint) - .wrapping_add(i); + .wrapping_sub(1 as libc::c_int as libc::c_uint) + .wrapping_mul(64 as libc::c_int as libc::c_uint) + .wrapping_add(i); } /* Sets p_dest = p_src. */ @@ -435,8 +443,8 @@ mod builtin { i = 0 as libc::c_int as uint; while i < (48 as libc::c_int / 8 as libc::c_int) as libc::c_uint { let mut l_sum: uint64_t = (*p_left.offset(i as isize)) - .wrapping_add(*p_right.offset(i as isize)) - .wrapping_add(l_carry); + .wrapping_add(*p_right.offset(i as isize)) + .wrapping_add(l_carry); if l_sum != *p_left.offset(i as isize) { l_carry = (l_sum < *p_left.offset(i as isize)) as libc::c_int as uint64_t } @@ -453,8 +461,8 @@ mod builtin { i = 0 as libc::c_int as uint; while i < (48 as libc::c_int / 8 as libc::c_int) as libc::c_uint { let mut l_diff: uint64_t = (*p_left.offset(i as isize)) - .wrapping_sub(*p_right.offset(i as isize)) - .wrapping_sub(l_borrow); + .wrapping_sub(*p_right.offset(i as isize)) + .wrapping_sub(l_borrow); if l_diff != *p_left.offset(i as isize) { l_borrow = (l_diff > *p_left.offset(i as isize)) as libc::c_int as uint64_t } @@ -477,12 +485,12 @@ mod builtin { 0 as libc::c_int as libc::c_uint } else { k.wrapping_add(1 as libc::c_int as libc::c_uint) - .wrapping_sub((48 as libc::c_int / 8 as libc::c_int) as libc::c_uint) + .wrapping_sub((48 as libc::c_int / 8 as libc::c_int) as libc::c_uint) }; i = l_min; while i <= k && i < (48 as libc::c_int / 8 as libc::c_int) as libc::c_uint { let mut l_product: uint128_t = - (*p_left.offset(i as isize) as uint128_t).wrapping_mul(*p_right.offset(k.wrapping_sub(i) as isize) as u128); + (*p_left.offset(i as isize) as uint128_t).wrapping_mul(*p_right.offset(k.wrapping_sub(i) as isize) as u128); r01 = (r01 as u128).wrapping_add(l_product) as uint128_t as uint128_t; r2 = (r2 as libc::c_ulong).wrapping_add((r01 < l_product) as libc::c_int as libc::c_ulong) as uint64_t as uint64_t; i = i.wrapping_add(1) @@ -507,12 +515,12 @@ mod builtin { 0 as libc::c_int as libc::c_uint } else { k.wrapping_add(1 as libc::c_int as libc::c_uint) - .wrapping_sub((48 as libc::c_int / 8 as libc::c_int) as libc::c_uint) + .wrapping_sub((48 as libc::c_int / 8 as libc::c_int) as libc::c_uint) }; i = l_min; while i <= k && i <= k.wrapping_sub(i) { let mut l_product: uint128_t = - (*p_left.offset(i as isize) as uint128_t).wrapping_mul(*p_left.offset(k.wrapping_sub(i) as isize) as u128); + (*p_left.offset(i as isize) as uint128_t).wrapping_mul(*p_left.offset(k.wrapping_sub(i) as isize) as u128); if i < k.wrapping_sub(i) { r2 = (r2 as u128).wrapping_add(l_product >> 127 as libc::c_int) as uint64_t as uint64_t; l_product = (l_product as u128).wrapping_mul(2 as libc::c_int as u128) as uint128_t as uint128_t @@ -608,8 +616,8 @@ mod builtin { i = 0 as libc::c_int as uint; while i < (48 as libc::c_int / 8 as libc::c_int + 3 as libc::c_int) as libc::c_uint { let mut l_sum: uint64_t = (*p_product.offset(i as isize)) - .wrapping_add(l_tmp[i as usize]) - .wrapping_add(l_carry); + .wrapping_add(l_tmp[i as usize]) + .wrapping_add(l_carry); if l_sum != *p_product.offset(i as isize) { l_carry = (l_sum < *p_product.offset(i as isize)) as libc::c_int as uint64_t } @@ -671,8 +679,8 @@ mod builtin { vli_rshift1(u.as_mut_ptr()); if l_carry != 0 { u[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] = - (u[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong - | 0x8000000000000000 as libc::c_ulonglong) as uint64_t + (u[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong + | 0x8000000000000000 as libc::c_ulonglong) as uint64_t } } else if b[0 as libc::c_int as usize] & 1 as libc::c_int as libc::c_ulong == 0 { vli_rshift1(b.as_mut_ptr()); @@ -682,8 +690,8 @@ mod builtin { vli_rshift1(v.as_mut_ptr()); if l_carry != 0 { v[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] = - (v[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong - | 0x8000000000000000 as libc::c_ulonglong) as uint64_t + (v[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong + | 0x8000000000000000 as libc::c_ulonglong) as uint64_t } } else if l_cmpResult > 0 as libc::c_int { vli_sub(a.as_mut_ptr(), a.as_mut_ptr(), b.as_mut_ptr()); @@ -698,8 +706,8 @@ mod builtin { vli_rshift1(u.as_mut_ptr()); if l_carry != 0 { u[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] = - (u[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong - | 0x8000000000000000 as libc::c_ulonglong) as uint64_t + (u[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong + | 0x8000000000000000 as libc::c_ulonglong) as uint64_t } } else { vli_sub(b.as_mut_ptr(), b.as_mut_ptr(), a.as_mut_ptr()); @@ -714,8 +722,8 @@ mod builtin { vli_rshift1(v.as_mut_ptr()); if l_carry != 0 { v[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] = - (v[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong - | 0x8000000000000000 as libc::c_ulonglong) as uint64_t + (v[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong + | 0x8000000000000000 as libc::c_ulonglong) as uint64_t } } } @@ -934,17 +942,17 @@ mod builtin { while i < (48 as libc::c_int / 8 as libc::c_int) as libc::c_uint { let mut p_digit: *const uint8_t = p_bytes.offset( (8 as libc::c_int as libc::c_uint) - .wrapping_mul(((48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as libc::c_uint).wrapping_sub(i)) - as isize, + .wrapping_mul(((48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as libc::c_uint).wrapping_sub(i)) + as isize, ); *p_native.offset(i as isize) = (*p_digit.offset(0 as libc::c_int as isize) as uint64_t) << 56 as libc::c_int - | (*p_digit.offset(1 as libc::c_int as isize) as uint64_t) << 48 as libc::c_int - | (*p_digit.offset(2 as libc::c_int as isize) as uint64_t) << 40 as libc::c_int - | (*p_digit.offset(3 as libc::c_int as isize) as uint64_t) << 32 as libc::c_int - | (*p_digit.offset(4 as libc::c_int as isize) as uint64_t) << 24 as libc::c_int - | (*p_digit.offset(5 as libc::c_int as isize) as uint64_t) << 16 as libc::c_int - | (*p_digit.offset(6 as libc::c_int as isize) as uint64_t) << 8 as libc::c_int - | *p_digit.offset(7 as libc::c_int as isize) as uint64_t; + | (*p_digit.offset(1 as libc::c_int as isize) as uint64_t) << 48 as libc::c_int + | (*p_digit.offset(2 as libc::c_int as isize) as uint64_t) << 40 as libc::c_int + | (*p_digit.offset(3 as libc::c_int as isize) as uint64_t) << 32 as libc::c_int + | (*p_digit.offset(4 as libc::c_int as isize) as uint64_t) << 24 as libc::c_int + | (*p_digit.offset(5 as libc::c_int as isize) as uint64_t) << 16 as libc::c_int + | (*p_digit.offset(6 as libc::c_int as isize) as uint64_t) << 8 as libc::c_int + | *p_digit.offset(7 as libc::c_int as isize) as uint64_t; i = i.wrapping_add(1) } } @@ -955,8 +963,8 @@ mod builtin { while i < (48 as libc::c_int / 8 as libc::c_int) as libc::c_uint { let mut p_digit: *mut uint8_t = p_bytes.offset( (8 as libc::c_int as libc::c_uint) - .wrapping_mul(((48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as libc::c_uint).wrapping_sub(i)) - as isize, + .wrapping_mul(((48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as libc::c_uint).wrapping_sub(i)) + as isize, ); *p_digit.offset(0 as libc::c_int as isize) = (*p_native.offset(i as isize) >> 56 as libc::c_int) as uint8_t; *p_digit.offset(1 as libc::c_int as isize) = (*p_native.offset(i as isize) >> 48 as libc::c_int) as uint8_t; @@ -1009,7 +1017,7 @@ mod builtin { ); mod_sqrt((*p_point).y.as_mut_ptr()); if (*p_point).y[0 as libc::c_int as usize] & 0x1 as libc::c_int as libc::c_ulong - != (*p_compressed.offset(0 as libc::c_int as isize) as libc::c_int & 0x1 as libc::c_int) as libc::c_ulong + != (*p_compressed.offset(0 as libc::c_int as isize) as libc::c_int & 0x1 as libc::c_int) as libc::c_ulong { vli_sub((*p_point).y.as_mut_ptr(), curve_p.as_mut_ptr(), (*p_point).y.as_mut_ptr()); }; @@ -1044,8 +1052,8 @@ mod builtin { l_public.x.as_mut_ptr() as *const uint64_t, ); *p_publicKey.offset(0 as libc::c_int as isize) = (2 as libc::c_int as libc::c_ulong) - .wrapping_add(l_public.y[0 as libc::c_int as usize] & 0x1 as libc::c_int as libc::c_ulong) - as uint8_t; + .wrapping_add(l_public.y[0 as libc::c_int as usize] & 0x1 as libc::c_int as libc::c_ulong) + as uint8_t; return 1 as libc::c_int; } pub unsafe fn ecdh_shared_secret( @@ -1080,8 +1088,8 @@ mod builtin { l_productBits = vli_numBits(l_product.as_mut_ptr().offset((48 as libc::c_int / 8 as libc::c_int) as isize)); if l_productBits != 0 { l_productBits = (l_productBits as libc::c_uint) - .wrapping_add((48 as libc::c_int / 8 as libc::c_int * 64 as libc::c_int) as libc::c_uint) - as uint as uint + .wrapping_add((48 as libc::c_int / 8 as libc::c_int * 64 as libc::c_int) as libc::c_uint) + as uint as uint } else { l_productBits = vli_numBits(l_product.as_mut_ptr()) } @@ -1095,14 +1103,14 @@ mod builtin { vli_clear(l_modMultiple.as_mut_ptr()); vli_clear(l_modMultiple.as_mut_ptr().offset((48 as libc::c_int / 8 as libc::c_int) as isize)); l_digitShift = l_productBits - .wrapping_sub(l_modBits) - .wrapping_div(64 as libc::c_int as libc::c_uint); + .wrapping_sub(l_modBits) + .wrapping_div(64 as libc::c_int as libc::c_uint); l_bitShift = l_productBits - .wrapping_sub(l_modBits) - .wrapping_rem(64 as libc::c_int as libc::c_uint); + .wrapping_sub(l_modBits) + .wrapping_rem(64 as libc::c_int as libc::c_uint); if l_bitShift != 0 { l_modMultiple[l_digitShift.wrapping_add((48 as libc::c_int / 8 as libc::c_int) as libc::c_uint) as usize] = - vli_lshift(l_modMultiple.as_mut_ptr().offset(l_digitShift as isize), p_mod, l_bitShift) + vli_lshift(l_modMultiple.as_mut_ptr().offset(l_digitShift as isize), p_mod, l_bitShift) } else { vli_set(l_modMultiple.as_mut_ptr().offset(l_digitShift as isize), p_mod); } @@ -1110,14 +1118,14 @@ mod builtin { vli_clear(p_result); /* Use p_result as a temp var to store 1 (for subtraction) */ *p_result.offset(0 as libc::c_int as isize) = 1 as libc::c_int as uint64_t; while l_productBits > (48 as libc::c_int / 8 as libc::c_int * 64 as libc::c_int) as libc::c_uint - || vli_cmp(l_modMultiple.as_mut_ptr(), p_mod) >= 0 as libc::c_int + || vli_cmp(l_modMultiple.as_mut_ptr(), p_mod) >= 0 as libc::c_int { let mut l_cmp: libc::c_int = vli_cmp( l_modMultiple.as_mut_ptr().offset((48 as libc::c_int / 8 as libc::c_int) as isize), l_product.as_mut_ptr().offset((48 as libc::c_int / 8 as libc::c_int) as isize), ); if l_cmp < 0 as libc::c_int - || l_cmp == 0 as libc::c_int && vli_cmp(l_modMultiple.as_mut_ptr(), l_product.as_mut_ptr()) <= 0 as libc::c_int + || l_cmp == 0 as libc::c_int && vli_cmp(l_modMultiple.as_mut_ptr(), l_product.as_mut_ptr()) <= 0 as libc::c_int { if vli_sub(l_product.as_mut_ptr(), l_product.as_mut_ptr(), l_modMultiple.as_mut_ptr()) != 0 { /* borrow */ @@ -1134,7 +1142,7 @@ mod builtin { ); } let mut l_carry: uint64_t = - (l_modMultiple[(48 as libc::c_int / 8 as libc::c_int) as usize] & 0x1 as libc::c_int as libc::c_ulong) << 63 as libc::c_int; + (l_modMultiple[(48 as libc::c_int / 8 as libc::c_int) as usize] & 0x1 as libc::c_int as libc::c_ulong) << 63 as libc::c_int; vli_rshift1(l_modMultiple.as_mut_ptr().offset((48 as libc::c_int / 8 as libc::c_int) as isize)); vli_rshift1(l_modMultiple.as_mut_ptr()); l_modMultiple[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] |= l_carry; @@ -1211,7 +1219,7 @@ mod builtin { return 0 as libc::c_int; } if vli_cmp(curve_n.as_mut_ptr(), l_r.as_mut_ptr()) != 1 as libc::c_int - || vli_cmp(curve_n.as_mut_ptr(), l_s.as_mut_ptr()) != 1 as libc::c_int + || vli_cmp(curve_n.as_mut_ptr(), l_s.as_mut_ptr()) != 1 as libc::c_int { /* r, s must be < n. */ return 0 as libc::c_int; @@ -1234,9 +1242,9 @@ mod builtin { let mut l_points: [*mut EccPoint; 4] = [0 as *mut EccPoint, &mut curve_G, &mut l_public, &mut l_sum]; /* Z = x2 - x1 */ let mut l_numBits: uint = umax(vli_numBits(u1.as_mut_ptr()), vli_numBits(u2.as_mut_ptr())); /* Z = 1/Z */ let mut l_point: *mut EccPoint = l_points[((vli_testBit(u1.as_mut_ptr(), l_numBits.wrapping_sub(1 as libc::c_int as libc::c_uint)) - != 0) as libc::c_int - | ((vli_testBit(u2.as_mut_ptr(), l_numBits.wrapping_sub(1 as libc::c_int as libc::c_uint)) != 0) as libc::c_int) - << 1 as libc::c_int) as usize]; + != 0) as libc::c_int + | ((vli_testBit(u2.as_mut_ptr(), l_numBits.wrapping_sub(1 as libc::c_int as libc::c_uint)) != 0) as libc::c_int) + << 1 as libc::c_int) as usize]; vli_set(rx.as_mut_ptr(), (*l_point).x.as_mut_ptr()); vli_set(ry.as_mut_ptr(), (*l_point).y.as_mut_ptr()); vli_clear(z.as_mut_ptr()); @@ -1246,7 +1254,7 @@ mod builtin { while i >= 0 as libc::c_int { EccPoint_double_jacobian(rx.as_mut_ptr(), ry.as_mut_ptr(), z.as_mut_ptr()); let mut l_index: libc::c_int = (vli_testBit(u1.as_mut_ptr(), i as uint) != 0) as libc::c_int - | ((vli_testBit(u2.as_mut_ptr(), i as uint) != 0) as libc::c_int) << 1 as libc::c_int; + | ((vli_testBit(u2.as_mut_ptr(), i as uint) != 0) as libc::c_int) << 1 as libc::c_int; let mut l_point_0: *mut EccPoint = l_points[l_index as usize]; if !l_point_0.is_null() { vli_set(tx.as_mut_ptr(), (*l_point_0).x.as_mut_ptr()); @@ -1356,10 +1364,11 @@ pub use openssl_based::*; #[cfg(test)] mod tests { - use crate::{p384::P384KeyPair, secure_eq}; + use crate::{p384::P384KeyPair, secure_eq, init}; #[test] fn generate_sign_verify_agree() { + init(); let kp = P384KeyPair::generate(); let kp2 = P384KeyPair::generate(); @@ -1377,7 +1386,16 @@ mod tests { panic!("ECDH secrets do not match"); } - let kp3 = P384KeyPair::from_bytes(kp.public_key_bytes(), kp.secret_key_bytes().as_ref()).unwrap(); + let pkb = kp.public_key_bytes(); + let skb = kp.secret_key_bytes(); + let kp3 = P384KeyPair::from_bytes(pkb, skb.as_ref()).unwrap(); + + let pkb3 = kp3.public_key_bytes(); + let skb3 = kp3.secret_key_bytes(); + + assert_eq!(pkb, pkb3); + assert_eq!(skb.as_bytes(), skb3.as_bytes()); + let sig = kp3.sign(&[3_u8; 16]); if !kp.public_key().verify(&[3_u8; 16], &sig) { panic!("ECDSA verify failed (from key reconstructed from bytes)"); diff --git a/openssl-zt/src/rand.rs b/openssl-zt/src/rand.rs new file mode 100644 index 000000000..bd679512e --- /dev/null +++ b/openssl-zt/src/rand.rs @@ -0,0 +1,56 @@ +//! Utilities for secure random number generation. +//! +//! # Examples +//! +//! To generate a buffer with cryptographically strong bytes: +//! +//! ``` +//! use openssl::rand::rand_bytes; +//! +//! let mut buf = [0; 256]; +//! rand_bytes(&mut buf).unwrap(); +//! ``` +use libc::c_int; + +use crate::error::ErrorStack; +use crate::cvt; + +/// Fill buffer with cryptographically strong pseudo-random bytes. +/// +/// # Examples +/// +/// To generate a buffer with cryptographically strong random bytes: +/// +/// ``` +/// use openssl::rand::rand_bytes; +/// +/// let mut buf = [0; 256]; +/// rand_bytes(&mut buf).unwrap(); +/// ``` +pub fn rand_bytes(buf: &mut [u8]) -> Result<(), ErrorStack> { + unsafe { + debug_assert!(buf.len() <= c_int::max_value() as usize); + cvt(ffi::RAND_bytes(buf.as_mut_ptr(), buf.len() as LenType)).map(|_| ()) + } +} + +/// Controls random device file descriptor behavior. +/// +/// Requires OpenSSL 1.1.1 or newer. +#[cfg(ossl111)] +pub fn keep_random_devices_open(keep: bool) { + unsafe { + ffi::RAND_keep_random_devices_open(keep as LenType); + } +} + +#[cfg(test)] +mod tests { + use super::rand_bytes; + + #[test] + fn test_rand_bytes() { + let mut buf = [0; 32]; + rand_bytes(&mut buf).unwrap(); + } +} diff --git a/crypto/src/random.rs b/openssl-zt/src/random.rs similarity index 68% rename from crypto/src/random.rs rename to openssl-zt/src/random.rs index 37cdfa19f..5ef20b6fd 100644 --- a/crypto/src/random.rs +++ b/openssl-zt/src/random.rs @@ -2,12 +2,23 @@ use std::sync::atomic::{AtomicU64, Ordering}; -use openssl::rand::rand_bytes; +use libc::c_int; + +use crate::error::{ErrorStack, cvt}; + +/// Fill buffer with cryptographically strong pseudo-random bytes. +fn rand_bytes(buf: &mut [u8]) -> Result<(), ErrorStack> { + unsafe { + assert!(buf.len() <= c_int::max_value() as usize); + cvt(ffi::RAND_bytes(buf.as_mut_ptr(), buf.len() as c_int)).map(|_| ()) + } +} + pub fn next_u32_secure() -> u32 { unsafe { let mut tmp = [0u32; 1]; - assert!(rand_bytes(&mut *(tmp.as_mut_ptr().cast::<[u8; 4]>())).is_ok()); + rand_bytes(&mut *(tmp.as_mut_ptr().cast::<[u8; 4]>())).unwrap(); tmp[0] } } @@ -15,7 +26,7 @@ pub fn next_u32_secure() -> u32 { pub fn next_u64_secure() -> u64 { unsafe { let mut tmp = [0u64; 1]; - assert!(rand_bytes(&mut *(tmp.as_mut_ptr().cast::<[u8; 8]>())).is_ok()); + rand_bytes(&mut *(tmp.as_mut_ptr().cast::<[u8; 8]>())).unwrap(); tmp[0] } } @@ -23,20 +34,20 @@ pub fn next_u64_secure() -> u64 { pub fn next_u128_secure() -> u128 { unsafe { let mut tmp = [0u128; 1]; - assert!(rand_bytes(&mut *(tmp.as_mut_ptr().cast::<[u8; 16]>())).is_ok()); + rand_bytes(&mut *(tmp.as_mut_ptr().cast::<[u8; 16]>())).unwrap(); tmp[0] } } #[inline(always)] pub fn fill_bytes_secure(dest: &mut [u8]) { - assert!(rand_bytes(dest).is_ok()); + rand_bytes(dest).unwrap(); } #[inline(always)] pub fn get_bytes_secure() -> [u8; COUNT] { let mut tmp = [0u8; COUNT]; - assert!(rand_bytes(&mut tmp).is_ok()); + rand_bytes(&mut tmp).unwrap(); tmp } @@ -81,31 +92,6 @@ impl rand_core::RngCore for SecureRandom { impl rand_core::CryptoRng for SecureRandom {} -impl rand_core_062::RngCore for SecureRandom { - #[inline(always)] - fn next_u32(&mut self) -> u32 { - next_u32_secure() - } - - #[inline(always)] - fn next_u64(&mut self) -> u64 { - next_u64_secure() - } - - #[inline(always)] - fn fill_bytes(&mut self, dest: &mut [u8]) { - fill_bytes_secure(dest); - } - - #[inline(always)] - fn try_fill_bytes(&mut self, dest: &mut [u8]) -> Result<(), rand_core_062::Error> { - fill_bytes_secure(dest); - Ok(()) - } -} - -impl rand_core_062::CryptoRng for SecureRandom {} - unsafe impl Sync for SecureRandom {} unsafe impl Send for SecureRandom {} diff --git a/crypto/src/secret.rs b/openssl-zt/src/secret.rs similarity index 77% rename from crypto/src/secret.rs rename to openssl-zt/src/secret.rs index 8705f37cf..e67dc73ec 100644 --- a/crypto/src/secret.rs +++ b/openssl-zt/src/secret.rs @@ -1,6 +1,6 @@ // (c) 2020-2022 ZeroTier, Inc. -- currently proprietary pending actual release and licensing. See LICENSE.md. -use std::ffi::c_void; +use std::{ffi::c_void, convert::TryInto}; extern "C" { fn OPENSSL_cleanse(ptr: *mut c_void, len: usize); @@ -26,16 +26,31 @@ impl Secret { Self([0_u8; L]) } - /// Copy bytes into secret, will panic if the slice does not match the size of this secret. + /// Moves bytes into secret, will panic if the slice does not match the size of this secret. #[inline(always)] - pub fn from_bytes(b: &[u8]) -> Self { - Self(b.try_into().unwrap()) + pub fn move_bytes(b: [u8; L]) -> Self { + Self(b) + } + + /// Copy bytes into secret, then nuke the previous value, will panic if the slice does not match the size of this secret. + #[inline(always)] + pub fn from_bytes_then_nuke(b: &mut [u8]) -> Self { + let ret = Self (b.try_into().unwrap()); + unsafe { OPENSSL_cleanse(b.as_mut_ptr().cast(), L) }; + ret + } + pub unsafe fn from_bytes(b: &[u8]) -> Self { + Self (b.try_into().unwrap()) } #[inline(always)] pub fn as_bytes(&self) -> &[u8; L] { &self.0 } + #[inline(always)] + pub fn as_ptr(&self) -> *const u8 { + self.0.as_ptr() + } #[inline(always)] pub fn as_bytes_mut(&mut self) -> &mut [u8; L] { @@ -60,7 +75,7 @@ impl Secret { /// This can be used to force a secret to be forgotten under e.g. key lifetime exceeded or error conditions. #[inline(always)] pub fn nuke(&self) { - unsafe { OPENSSL_cleanse(std::mem::transmute(self.0.as_ptr().cast::()), L) }; + unsafe { OPENSSL_cleanse(self.0.as_ptr().cast_mut().cast(), L) }; } }