/src/gnutls/lib/crau/crau.h

Source
/* SPDX-License-Identifier: MIT OR Unlicense */
/* Copyright (C) 2022-2025 The crypto-auditing developers. */

/* This file declares a set of high-level functions to insert probe
 * points used for crypto-auditing into the application programs. See
 * <crau/macros.h> for the low-level interface.
 *
 * As this is a header-only library, one of C files that includes
 * this file should do:
 *
 * #define CRAU_IMPLEMENTATION
 * #include "crau/crau.h"
 *
 * to get the necessary functions are defined.
 *
 * The following configuration macros can also be set to override the
 * behavior of the implementation:
 *
 * * CRAU_CONTEXT_STACK_DEPTH: depth of the thread-local context stack
 *   (default: 3)
 *
 * * CRAU_RETURN_ADDRESS: return address of the current function
 *   (default: auto-detected)
 *
 * * CRAU_THREAD_LOCAL: thread-local modifier of the C language
 *   (default: auto-detected)
 *
 * * CRAU_MAYBE_UNUSED: an attribute to suppress warnings when a
 *   function argument is not used in the function body (default:
 *   auto-detected)
 *
 * Unless ENABLE_CRYPTO_AUDITING is defined, all functions turn to
 * no-op.
 */

#ifndef CRAU_CRAU_H
#define CRAU_CRAU_H

#include <stdarg.h>
#include <stddef.h>
#include <stdint.h>

/* A special context value used to represent a context which is
 * automatically assigned based on the current call frame.
 */
#ifndef CRAU_AUTO_CONTEXT
# ifdef __GNUC__
#  define CRAU_AUTO_CONTEXT (long)(intptr_t)(char *)__builtin_return_address(0)
# elif defined(__CC_ARM)
#  define CRAU_AUTO_CONTEXT (long)(intptr_t)(char *)__return_address()
# else
#  define CRAU_AUTO_CONTEXT CRAU_ORPHANED_CONTEXT
# endif
#endif /* CRAU_AUTO_CONTEXT */

/* A special context value used to represent a context which is not
 * associated with any parent nor children.
 */
#define CRAU_ORPHANED_CONTEXT ((long)-1)

#ifndef CRAU_CONTEXT_STACK_DEPTH
# define CRAU_CONTEXT_STACK_DEPTH 3
#endif /* CRAU_CONTEXT_STACK_DEPTH */

struct crau_context_stack_st {
  long stack[CRAU_CONTEXT_STACK_DEPTH];
  size_t top;
};

/* Types of crypto-auditing event data. CRAU_WORD means an integer in
 * a machine word, CRAU_STRING means a NUL-terminated
 * string. CRAU_BLOB means an explicitly sized binary blob.
 */
enum crau_data_type_t {
  CRAU_WORD,
  CRAU_STRING,
  CRAU_BLOB,
};

/* Push a context CONTEXT onto the given context stack STACK. If the depth of
 * the stack exceeds CRAU_CONTEXT_STACK_DEPTH, the older element will be
 * removed.
 *
 * This call shall be followed by a `crau_pop_context`.
 */
void crau_push_context(struct crau_context_stack_st *stack,
           long context);

/* Pop a context from the given context stack STACK. If the stack is empty, it
 * returns a CRAU_ORPHANED_CONTEXT.
 */
long crau_pop_context(struct crau_context_stack_st *stack);

/* Return the context currently active in the given context stack STACK. If
 * there is no active context, it returns a CRAU_ORPHANED_CONTEXT.
 */
long crau_current_context(struct crau_context_stack_st *stack);

/* Push a context CONTEXT onto the given context stack STACK,
 * optionally emitting events through varargs.
 *
 * If the depth of the stack exceeds CRAU_CONTEXT_STACK_DEPTH, the
 * older element will be removed.  This call shall be followed by a
 * `crau_pop_context`.
 */
void crau_push_context_with_data(struct crau_context_stack_st *stack,
         long context, ...);

void crau_push_context_with_datav(struct crau_context_stack_st *stack,
          long context, va_list ap);

/* Push a new context (inferred from the current call stack) onto the given
 * context stack STACK, optionally emitting events through varargs.
 *
 * Typical usage example is as follows:
 *
 * crau_new_context_with_data(
 *   stack,
 *   "name", CRAU_STRING, "pk::sign",
 *   "pk::algorithm", CRAU_STRING, "mldsa",
 *   "pk::bits", CRAU_WORD, 1952 * 8,
 *   NULL);
 *
 * If the depth of the stack exceeds CRAU_CONTEXT_STACK_DEPTH, the
 * older element will be removed.  This call shall be followed by a
 * `crau_pop_context`.
 */
#define crau_new_context_with_data(stack, ...)        \
  crau_push_context_with_data((stack), CRAU_AUTO_CONTEXT, __VA_ARGS__)

#define crau_new_context_with_datav(stack, ap)        \
  crau_push_context_with_datav((stack), CRAU_AUTO_CONTEXT, (ap))

/* Emit events through varargs, under the currently active context in the given
 * context stack STACK. Unlike `crau_new_context_with_data`, this does not push
 * a new context.
 */
void crau_data(struct crau_context_stack_st *stack, ...);

void crau_datav(struct crau_context_stack_st *stack, va_list ap);

#ifdef CRAU_IMPLEMENTATION

#include "macros.h"

/* Avoid name clash with crau_data_type_t */
#undef CRAU_WORD
#undef CRAU_STRING
#undef CRAU_BLOB

# ifdef ENABLE_CRYPTO_AUDITING

static inline void push_context(struct crau_context_stack_st *stack,
        long context)
{
  stack->stack[stack->top++ % CRAU_CONTEXT_STACK_DEPTH] = context;
}

void crau_push_context(struct crau_context_stack_st *stack,
           long context)
{
  CRAU_NEW_CONTEXT(context, crau_current_context(stack));
  push_context(stack, context);
}

long crau_pop_context(struct crau_context_stack_st *stack)
{
  return stack->top == 0 ? CRAU_ORPHANED_CONTEXT :
    stack->stack[--stack->top];
}

long crau_current_context(struct crau_context_stack_st *stack)
{
  return stack->top == 0 ? CRAU_ORPHANED_CONTEXT :
    stack->stack[stack->top - 1];
}

static inline unsigned long
crau_accumulate_datav(struct crypto_auditing_data data[CRAU_MAX_DATA_ELEMS],
          va_list ap)
{
  unsigned long count = 0;
  char *key_ptr;

  for (key_ptr = va_arg(ap, char *);
       key_ptr != NULL && count < CRAU_MAX_DATA_ELEMS;
       key_ptr = va_arg(ap, char *), count++) {
    data[count].key_ptr = key_ptr;

    switch (va_arg(ap, enum crau_data_type_t)) {
    case CRAU_WORD:
      data[count].value_ptr = (void *)va_arg(ap, intptr_t);
      data[count].value_size = (unsigned long)-2;
      break;
    case CRAU_STRING:
      data[count].value_ptr = (void *)va_arg(ap, char *);
      data[count].value_size = (unsigned long)-1;
      break;
    case CRAU_BLOB:
      data[count].value_ptr = va_arg(ap, void *);
      data[count].value_size = va_arg(ap, unsigned long);
      break;
    }
  }

  return count;
}

void crau_push_context_with_datav(struct crau_context_stack_st *stack,
          long context, va_list ap)
{
  struct crypto_auditing_data data[CRAU_MAX_DATA_ELEMS];
  unsigned long count;

  count = crau_accumulate_datav(data, ap);

  CRAU_NEW_CONTEXT_WITH_DATA(context, crau_current_context(stack), data,
           count);
  push_context(stack, context);
}

void crau_push_context_with_data(struct crau_context_stack_st *stack,
         long context, ...)
{
  va_list ap;

  va_start(ap, context);
  crau_push_context_with_datav(stack, context, ap);
  va_end(ap);
}

void crau_datav(struct crau_context_stack_st *stack, va_list ap)
{
  struct crypto_auditing_data data[CRAU_MAX_DATA_ELEMS];
  size_t count;

  count = crau_accumulate_datav(data, ap);

  CRAU_DATA(crau_current_context(stack), data, count);
}

void crau_data(struct crau_context_stack_st *stack, ...)
{
  va_list ap;

  va_start(ap, stack);
  crau_datav(stack, ap);
  va_end(ap);
}

# else

#  ifndef CRAU_MAYBE_UNUSED
#   if defined(__has_c_attribute) && \
    __has_c_attribute (__maybe_unused__)
#    define CRAU_MAYBE_UNUSED [[__maybe_unused__]]
#   elif defined(__GNUC__)
#    define CRAU_MAYBE_UNUSED __attribute__((__unused__))
#   endif
#  endif /* CRAU_MAYBE_UNUSED */

void crau_push_context(struct crau_context_stack_st *stack CRAU_MAYBE_UNUSED,
           long context CRAU_MAYBE_UNUSED)
{
}

long
crau_pop_context(struct crau_context_stack_st *stack CRAU_MAYBE_UNUSED)
{
  return CRAU_ORPHANED_CONTEXT;
}

long
crau_current_context(struct crau_context_stack_st *stack CRAU_MAYBE_UNUSED)
{
  return CRAU_ORPHANED_CONTEXT;
}

void crau_push_context_with_datav(struct crau_context_stack_st *stack CRAU_MAYBE_UNUSED,
          long context CRAU_MAYBE_UNUSED,
          va_list ap CRAU_MAYBE_UNUSED)
{
}

void crau_push_context_with_data(struct crau_context_stack_st *stack CRAU_MAYBE_UNUSED,
         long context CRAU_MAYBE_UNUSED, ...)
{
}

void crau_datav(struct crau_context_stack_st *stack CRAU_MAYBE_UNUSED,
    va_list ap CRAU_MAYBE_UNUSED)
{
}

void crau_data(struct crau_context_stack_st *stack CRAU_MAYBE_UNUSED, ...)
{
}

# endif /* ENABLE_CRYPTO_AUDITING */

#endif /* CRAU_IMPLEMENTATION */

#endif /* CRAU_CRAU_H */

Coverage Report

Created: 2025-11-16 07:49

Line	Count	Source
1		/* SPDX-License-Identifier: MIT OR Unlicense */
2		/* Copyright (C) 2022-2025 The crypto-auditing developers. */
3
4		/* This file declares a set of high-level functions to insert probe
5		* points used for crypto-auditing into the application programs. See
6		* <crau/macros.h> for the low-level interface.
7		*
8		* As this is a header-only library, one of C files that includes
9		* this file should do:
10		*
11		* #define CRAU_IMPLEMENTATION
12		* #include "crau/crau.h"
13		*
14		* to get the necessary functions are defined.
15		*
16		* The following configuration macros can also be set to override the
17		* behavior of the implementation:
18		*
19		* * CRAU_CONTEXT_STACK_DEPTH: depth of the thread-local context stack
20		* (default: 3)
21		*
22		* * CRAU_RETURN_ADDRESS: return address of the current function
23		* (default: auto-detected)
24		*
25		* * CRAU_THREAD_LOCAL: thread-local modifier of the C language
26		* (default: auto-detected)
27		*
28		* * CRAU_MAYBE_UNUSED: an attribute to suppress warnings when a
29		* function argument is not used in the function body (default:
30		* auto-detected)
31		*
32		* Unless ENABLE_CRYPTO_AUDITING is defined, all functions turn to
33		* no-op.
34		*/
35
36		#ifndef CRAU_CRAU_H
37		#define CRAU_CRAU_H
38
39		#include <stdarg.h>
40		#include <stddef.h>
41		#include <stdint.h>
42
43		/* A special context value used to represent a context which is
44		* automatically assigned based on the current call frame.
45		*/
46		#ifndef CRAU_AUTO_CONTEXT
47		# ifdef __GNUC__
48	0	# define CRAU_AUTO_CONTEXT (long)(intptr_t)(char *)__builtin_return_address(0)
49		# elif defined(__CC_ARM)
50		# define CRAU_AUTO_CONTEXT (long)(intptr_t)(char *)__return_address()
51		# else
52		# define CRAU_AUTO_CONTEXT CRAU_ORPHANED_CONTEXT
53		# endif
54		#endif /* CRAU_AUTO_CONTEXT */
55
56		/* A special context value used to represent a context which is not
57		* associated with any parent nor children.
58		*/
59	0	#define CRAU_ORPHANED_CONTEXT ((long)-1)
60
61		#ifndef CRAU_CONTEXT_STACK_DEPTH
62		# define CRAU_CONTEXT_STACK_DEPTH 3
63		#endif /* CRAU_CONTEXT_STACK_DEPTH */
64
65		struct crau_context_stack_st {
66		long stack[CRAU_CONTEXT_STACK_DEPTH];
67		size_t top;
68		};
69
70		/* Types of crypto-auditing event data. CRAU_WORD means an integer in
71		* a machine word, CRAU_STRING means a NUL-terminated
72		* string. CRAU_BLOB means an explicitly sized binary blob.
73		*/
74		enum crau_data_type_t {
75		CRAU_WORD,
76		CRAU_STRING,
77		CRAU_BLOB,
78		};
79
80		/* Push a context CONTEXT onto the given context stack STACK. If the depth of
81		* the stack exceeds CRAU_CONTEXT_STACK_DEPTH, the older element will be
82		* removed.
83		*
84		* This call shall be followed by a `crau_pop_context`.
85		*/
86		void crau_push_context(struct crau_context_stack_st *stack,
87		long context);
88
89		/* Pop a context from the given context stack STACK. If the stack is empty, it
90		* returns a CRAU_ORPHANED_CONTEXT.
91		*/
92		long crau_pop_context(struct crau_context_stack_st *stack);
93
94		/* Return the context currently active in the given context stack STACK. If
95		* there is no active context, it returns a CRAU_ORPHANED_CONTEXT.
96		*/
97		long crau_current_context(struct crau_context_stack_st *stack);
98
99		/* Push a context CONTEXT onto the given context stack STACK,
100		* optionally emitting events through varargs.
101		*
102		* If the depth of the stack exceeds CRAU_CONTEXT_STACK_DEPTH, the
103		* older element will be removed. This call shall be followed by a
104		* `crau_pop_context`.
105		*/
106		void crau_push_context_with_data(struct crau_context_stack_st *stack,
107		long context, ...);
108
109		void crau_push_context_with_datav(struct crau_context_stack_st *stack,
110		long context, va_list ap);
111
112		/* Push a new context (inferred from the current call stack) onto the given
113		* context stack STACK, optionally emitting events through varargs.
114		*
115		* Typical usage example is as follows:
116		*
117		* crau_new_context_with_data(
118		* stack,
119		* "name", CRAU_STRING, "pk::sign",
120		* "pk::algorithm", CRAU_STRING, "mldsa",
121		* "pk::bits", CRAU_WORD, 1952 * 8,
122		* NULL);
123		*
124		* If the depth of the stack exceeds CRAU_CONTEXT_STACK_DEPTH, the
125		* older element will be removed. This call shall be followed by a
126		* `crau_pop_context`.
127		*/
128		#define crau_new_context_with_data(stack, ...) \
129		crau_push_context_with_data((stack), CRAU_AUTO_CONTEXT, __VA_ARGS__)
130
131		#define crau_new_context_with_datav(stack, ap) \
132		crau_push_context_with_datav((stack), CRAU_AUTO_CONTEXT, (ap))
133
134		/* Emit events through varargs, under the currently active context in the given
135		* context stack STACK. Unlike `crau_new_context_with_data`, this does not push
136		* a new context.
137		*/
138		void crau_data(struct crau_context_stack_st *stack, ...);
139
140		void crau_datav(struct crau_context_stack_st *stack, va_list ap);
141
142		#ifdef CRAU_IMPLEMENTATION
143
144		#include "macros.h"
145
146		/* Avoid name clash with crau_data_type_t */
147		#undef CRAU_WORD
148		#undef CRAU_STRING
149		#undef CRAU_BLOB
150
151		# ifdef ENABLE_CRYPTO_AUDITING
152
153		static inline void push_context(struct crau_context_stack_st *stack,
154		long context)
155		{
156		stack->stack[stack->top++ % CRAU_CONTEXT_STACK_DEPTH] = context;
157		}
158
159		void crau_push_context(struct crau_context_stack_st *stack,
160		long context)
161		{
162		CRAU_NEW_CONTEXT(context, crau_current_context(stack));
163		push_context(stack, context);
164		}
165
166		long crau_pop_context(struct crau_context_stack_st *stack)
167		{
168		return stack->top == 0 ? CRAU_ORPHANED_CONTEXT :
169		stack->stack[--stack->top];
170		}
171
172		long crau_current_context(struct crau_context_stack_st *stack)
173		{
174		return stack->top == 0 ? CRAU_ORPHANED_CONTEXT :
175		stack->stack[stack->top - 1];
176		}
177
178		static inline unsigned long
179		crau_accumulate_datav(struct crypto_auditing_data data[CRAU_MAX_DATA_ELEMS],
180		va_list ap)
181		{
182		unsigned long count = 0;
183		char *key_ptr;
184
185		for (key_ptr = va_arg(ap, char *);
186		key_ptr != NULL && count < CRAU_MAX_DATA_ELEMS;
187		key_ptr = va_arg(ap, char *), count++) {
188		data[count].key_ptr = key_ptr;
189
190		switch (va_arg(ap, enum crau_data_type_t)) {
191		case CRAU_WORD:
192		data[count].value_ptr = (void *)va_arg(ap, intptr_t);
193		data[count].value_size = (unsigned long)-2;
194		break;
195		case CRAU_STRING:
196		data[count].value_ptr = (void )va_arg(ap, char );
197		data[count].value_size = (unsigned long)-1;
198		break;
199		case CRAU_BLOB:
200		data[count].value_ptr = va_arg(ap, void *);
201		data[count].value_size = va_arg(ap, unsigned long);
202		break;
203		}
204		}
205
206		return count;
207		}
208
209		void crau_push_context_with_datav(struct crau_context_stack_st *stack,
210		long context, va_list ap)
211		{
212		struct crypto_auditing_data data[CRAU_MAX_DATA_ELEMS];
213		unsigned long count;
214
215		count = crau_accumulate_datav(data, ap);
216
217		CRAU_NEW_CONTEXT_WITH_DATA(context, crau_current_context(stack), data,
218		count);
219		push_context(stack, context);
220		}
221
222		void crau_push_context_with_data(struct crau_context_stack_st *stack,
223		long context, ...)
224		{
225		va_list ap;
226
227		va_start(ap, context);
228		crau_push_context_with_datav(stack, context, ap);
229		va_end(ap);
230		}
231
232		void crau_datav(struct crau_context_stack_st *stack, va_list ap)
233		{
234		struct crypto_auditing_data data[CRAU_MAX_DATA_ELEMS];
235		size_t count;
236
237		count = crau_accumulate_datav(data, ap);
238
239		CRAU_DATA(crau_current_context(stack), data, count);
240		}
241
242		void crau_data(struct crau_context_stack_st *stack, ...)
243		{
244		va_list ap;
245
246		va_start(ap, stack);
247		crau_datav(stack, ap);
248		va_end(ap);
249		}
250
251		# else
252
253		# ifndef CRAU_MAYBE_UNUSED
254		# if defined(__has_c_attribute) && \
255		__has_c_attribute (__maybe_unused__)
256		# define CRAU_MAYBE_UNUSED [[__maybe_unused__]]
257		# elif defined(__GNUC__)
258		# define CRAU_MAYBE_UNUSED __attribute__((__unused__))
259		# endif
260		# endif /* CRAU_MAYBE_UNUSED */
261
262		void crau_push_context(struct crau_context_stack_st *stack CRAU_MAYBE_UNUSED,
263		long context CRAU_MAYBE_UNUSED)
264	0	{
265	0	}
266
267		long
268		crau_pop_context(struct crau_context_stack_st *stack CRAU_MAYBE_UNUSED)
269	0	{
270	0	return CRAU_ORPHANED_CONTEXT;
271	0	}
272
273		long
274		crau_current_context(struct crau_context_stack_st *stack CRAU_MAYBE_UNUSED)
275	0	{
276	0	return CRAU_ORPHANED_CONTEXT;
277	0	}
278
279		void crau_push_context_with_datav(struct crau_context_stack_st *stack CRAU_MAYBE_UNUSED,
280		long context CRAU_MAYBE_UNUSED,
281		va_list ap CRAU_MAYBE_UNUSED)
282	0	{
283	0	}
284
285		void crau_push_context_with_data(struct crau_context_stack_st *stack CRAU_MAYBE_UNUSED,
286		long context CRAU_MAYBE_UNUSED, ...)
287	0	{
288	0	}
289
290		void crau_datav(struct crau_context_stack_st *stack CRAU_MAYBE_UNUSED,
291		va_list ap CRAU_MAYBE_UNUSED)
292	0	{
293	0	}
294
295		void crau_data(struct crau_context_stack_st *stack CRAU_MAYBE_UNUSED, ...)
296	0	{
297	0	}
298
299		# endif /* ENABLE_CRYPTO_AUDITING */
300
301		#endif /* CRAU_IMPLEMENTATION */
302
303		#endif /* CRAU_CRAU_H */