BUF_MEM_new: 25| 1|BUF_MEM *BUF_MEM_new(void) { 26| 1| return reinterpret_cast(OPENSSL_zalloc(sizeof(BUF_MEM))); 27| 1|} BUF_MEM_free: 29| 1|void BUF_MEM_free(BUF_MEM *buf) { 30| 1| if (buf == nullptr) { ------------------ | Branch (30:7): [True: 0, False: 1] ------------------ 31| 0| return; 32| 0| } 33| 1| OPENSSL_free(buf->data); 34| 1| OPENSSL_free(buf); 35| 1|} CBB_zero: 27| 2.31k|void CBB_zero(CBB *cbb) { OPENSSL_memset(cbb, 0, sizeof(CBB)); } CBB_init: 39| 330|int CBB_init(CBB *cbb, size_t initial_capacity) { 40| 330| CBB_zero(cbb); 41| | 42| 330| uint8_t *buf = reinterpret_cast(OPENSSL_malloc(initial_capacity)); 43| 330| if (initial_capacity > 0 && buf == NULL) { ------------------ | Branch (43:7): [True: 330, False: 0] | Branch (43:31): [True: 0, False: 330] ------------------ 44| 0| return 0; 45| 0| } 46| | 47| 330| cbb_init(cbb, buf, initial_capacity, /*can_resize=*/1); 48| 330| return 1; 49| 330|} CBB_cleanup: 57| 375|void CBB_cleanup(CBB *cbb) { 58| | // Child |CBB|s are non-owning. They are implicitly discarded and should not 59| | // be used with |CBB_cleanup| or |ScopedCBB|. 60| 375| assert(!cbb->is_child); 61| 375| if (cbb->is_child) { ------------------ | Branch (61:7): [True: 0, False: 375] ------------------ 62| 0| return; 63| 0| } 64| | 65| 375| if (cbb->u.base.can_resize) { ------------------ | Branch (65:7): [True: 375, False: 0] ------------------ 66| 375| OPENSSL_free(cbb->u.base.buf); 67| 375| } 68| 375|} CBB_finish: 124| 45|int CBB_finish(CBB *cbb, uint8_t **out_data, size_t *out_len) { 125| 45| if (cbb->is_child) { ------------------ | Branch (125:7): [True: 0, False: 45] ------------------ 126| 0| OPENSSL_PUT_ERROR(CRYPTO, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 127| 0| return 0; 128| 0| } 129| | 130| 45| if (!CBB_flush(cbb)) { ------------------ | Branch (130:7): [True: 0, False: 45] ------------------ 131| 0| return 0; 132| 0| } 133| | 134| 45| if (cbb->u.base.can_resize && (out_data == NULL || out_len == NULL)) { ------------------ | Branch (134:7): [True: 45, False: 0] | Branch (134:34): [True: 0, False: 45] | Branch (134:54): [True: 0, False: 45] ------------------ 135| | // |out_data| and |out_len| can only be NULL if the CBB is fixed. 136| 0| return 0; 137| 0| } 138| | 139| 45| if (out_data != NULL) { ------------------ | Branch (139:7): [True: 45, False: 0] ------------------ 140| 45| *out_data = cbb->u.base.buf; 141| 45| } 142| 45| if (out_len != NULL) { ------------------ | Branch (142:7): [True: 45, False: 0] ------------------ 143| 45| *out_len = cbb->u.base.len; 144| 45| } 145| 45| cbb->u.base.buf = NULL; 146| 45| CBB_cleanup(cbb); 147| 45| return 1; 148| 45|} CBB_flush: 183| 6.08k|int CBB_flush(CBB *cbb) { 184| | // If |base| has hit an error, the buffer is in an undefined state, so 185| | // fail all following calls. In particular, |cbb->child| may point to invalid 186| | // memory. 187| 6.08k| struct cbb_buffer_st *base = cbb_get_base(cbb); 188| 6.08k| if (base == NULL || base->error) { ------------------ | Branch (188:7): [True: 0, False: 6.08k] | Branch (188:23): [True: 0, False: 6.08k] ------------------ 189| 0| return 0; 190| 0| } 191| | 192| 6.08k| if (cbb->child == NULL) { ------------------ | Branch (192:7): [True: 4.82k, False: 1.26k] ------------------ 193| | // Nothing to flush. 194| 4.82k| return 1; 195| 4.82k| } 196| | 197| 1.26k| assert(cbb->child->is_child); 198| 1.26k| struct cbb_child_st *child = &cbb->child->u.child; 199| 1.26k| assert(child->base == base); 200| 1.26k| size_t child_start = child->offset + child->pending_len_len; 201| | 202| 1.26k| size_t len; 203| 1.26k| if (!CBB_flush(cbb->child) || child_start < child->offset || ------------------ | Branch (203:7): [True: 0, False: 1.26k] | Branch (203:33): [True: 0, False: 1.26k] ------------------ 204| 1.26k| base->len < child_start) { ------------------ | Branch (204:7): [True: 0, False: 1.26k] ------------------ 205| 0| goto err; 206| 0| } 207| | 208| 1.26k| len = base->len - child_start; 209| | 210| 1.26k| if (child->pending_is_asn1) { ------------------ | Branch (210:7): [True: 0, False: 1.26k] ------------------ 211| | // For ASN.1 we assume that we'll only need a single byte for the length. 212| | // If that turned out to be incorrect, we have to move the contents along 213| | // in order to make space. 214| 0| uint8_t len_len; 215| 0| uint8_t initial_length_byte; 216| | 217| 0| assert(child->pending_len_len == 1); 218| | 219| 0| if (len > 0xfffffffe) { ------------------ | Branch (219:9): [True: 0, False: 0] ------------------ 220| 0| OPENSSL_PUT_ERROR(CRYPTO, ERR_R_OVERFLOW); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 221| | // Too large. 222| 0| goto err; 223| 0| } else if (len > 0xffffff) { ------------------ | Branch (223:16): [True: 0, False: 0] ------------------ 224| 0| len_len = 5; 225| 0| initial_length_byte = 0x80 | 4; 226| 0| } else if (len > 0xffff) { ------------------ | Branch (226:16): [True: 0, False: 0] ------------------ 227| 0| len_len = 4; 228| 0| initial_length_byte = 0x80 | 3; 229| 0| } else if (len > 0xff) { ------------------ | Branch (229:16): [True: 0, False: 0] ------------------ 230| 0| len_len = 3; 231| 0| initial_length_byte = 0x80 | 2; 232| 0| } else if (len > 0x7f) { ------------------ | Branch (232:16): [True: 0, False: 0] ------------------ 233| 0| len_len = 2; 234| 0| initial_length_byte = 0x80 | 1; 235| 0| } else { 236| 0| len_len = 1; 237| 0| initial_length_byte = (uint8_t)len; 238| 0| len = 0; 239| 0| } 240| | 241| 0| if (len_len != 1) { ------------------ | Branch (241:9): [True: 0, False: 0] ------------------ 242| | // We need to move the contents along in order to make space. 243| 0| size_t extra_bytes = len_len - 1; 244| 0| if (!cbb_buffer_add(base, NULL, extra_bytes)) { ------------------ | Branch (244:11): [True: 0, False: 0] ------------------ 245| 0| goto err; 246| 0| } 247| 0| OPENSSL_memmove(base->buf + child_start + extra_bytes, 248| 0| base->buf + child_start, len); 249| 0| } 250| 0| base->buf[child->offset++] = initial_length_byte; 251| 0| child->pending_len_len = len_len - 1; 252| 0| } 253| | 254| 3.17k| for (size_t i = child->pending_len_len - 1; i < child->pending_len_len; i--) { ------------------ | Branch (254:47): [True: 1.91k, False: 1.26k] ------------------ 255| 1.91k| base->buf[child->offset + i] = (uint8_t)len; 256| 1.91k| len >>= 8; 257| 1.91k| } 258| 1.26k| if (len != 0) { ------------------ | Branch (258:7): [True: 0, False: 1.26k] ------------------ 259| 0| OPENSSL_PUT_ERROR(CRYPTO, ERR_R_OVERFLOW); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 260| 0| goto err; 261| 0| } 262| | 263| 1.26k| child->base = NULL; 264| 1.26k| cbb->child = NULL; 265| | 266| 1.26k| return 1; 267| | 268| 0|err: 269| 0| cbb_on_error(cbb); 270| 0| return 0; 271| 1.26k|} CBB_data: 273| 228|const uint8_t *CBB_data(const CBB *cbb) { 274| 228| assert(cbb->child == NULL); 275| 228| if (cbb->is_child) { ------------------ | Branch (275:7): [True: 228, False: 0] ------------------ 276| 228| return cbb->u.child.base->buf + cbb->u.child.offset + 277| 228| cbb->u.child.pending_len_len; 278| 228| } 279| 0| return cbb->u.base.buf; 280| 228|} CBB_len: 282| 228|size_t CBB_len(const CBB *cbb) { 283| 228| assert(cbb->child == NULL); 284| 228| if (cbb->is_child) { ------------------ | Branch (284:7): [True: 228, False: 0] ------------------ 285| 228| assert(cbb->u.child.offset + cbb->u.child.pending_len_len <= 286| 228| cbb->u.child.base->len); 287| 228| return cbb->u.child.base->len - cbb->u.child.offset - 288| 228| cbb->u.child.pending_len_len; 289| 228| } 290| 0| return cbb->u.base.len; 291| 228|} CBB_add_u8_length_prefixed: 326| 660|int CBB_add_u8_length_prefixed(CBB *cbb, CBB *out_contents) { 327| 660| return cbb_add_length_prefixed(cbb, out_contents, 1); 328| 660|} CBB_add_u16_length_prefixed: 330| 660|int CBB_add_u16_length_prefixed(CBB *cbb, CBB *out_contents) { 331| 660| return cbb_add_length_prefixed(cbb, out_contents, 2); 332| 660|} CBB_add_u24_length_prefixed: 334| 330|int CBB_add_u24_length_prefixed(CBB *cbb, CBB *out_contents) { 335| 330| return cbb_add_length_prefixed(cbb, out_contents, 3); 336| 330|} CBB_add_bytes: 386| 1.75k|int CBB_add_bytes(CBB *cbb, const uint8_t *data, size_t len) { 387| 1.75k| uint8_t *out; 388| 1.75k| if (!CBB_add_space(cbb, &out, len)) { ------------------ | Branch (388:7): [True: 0, False: 1.75k] ------------------ 389| 0| return 0; 390| 0| } 391| 1.75k| OPENSSL_memcpy(out, data, len); 392| 1.75k| return 1; 393| 1.75k|} CBB_add_space: 404| 2.57k|int CBB_add_space(CBB *cbb, uint8_t **out_data, size_t len) { 405| 2.57k| if (!CBB_flush(cbb) || !cbb_buffer_add(cbb_get_base(cbb), out_data, len)) { ------------------ | Branch (405:7): [True: 0, False: 2.57k] | Branch (405:26): [True: 0, False: 2.57k] ------------------ 406| 0| return 0; 407| 0| } 408| 2.57k| return 1; 409| 2.57k|} CBB_add_u8: 449| 330|int CBB_add_u8(CBB *cbb, uint8_t value) { return cbb_add_u(cbb, value, 1); } CBB_add_u16: 451| 486|int CBB_add_u16(CBB *cbb, uint16_t value) { return cbb_add_u(cbb, value, 2); } cbb.cc:_ZL8cbb_initP6cbb_stPhmi: 29| 330|static void cbb_init(CBB *cbb, uint8_t *buf, size_t cap, int can_resize) { 30| 330| cbb->is_child = 0; 31| 330| cbb->child = NULL; 32| 330| cbb->u.base.buf = buf; 33| 330| cbb->u.base.len = 0; 34| 330| cbb->u.base.cap = cap; 35| 330| cbb->u.base.can_resize = can_resize; 36| 330| cbb->u.base.error = 0; 37| 330|} cbb.cc:_ZL12cbb_get_baseP6cbb_st: 150| 10.3k|static struct cbb_buffer_st *cbb_get_base(CBB *cbb) { 151| 10.3k| if (cbb->is_child) { ------------------ | Branch (151:7): [True: 8.94k, False: 1.36k] ------------------ 152| 8.94k| return cbb->u.child.base; 153| 8.94k| } 154| 1.36k| return &cbb->u.base; 155| 10.3k|} cbb.cc:_ZL14cbb_buffer_addP13cbb_buffer_stPPhm: 115| 4.22k| size_t len) { 116| 4.22k| if (!cbb_buffer_reserve(base, out, len)) { ------------------ | Branch (116:7): [True: 0, False: 4.22k] ------------------ 117| 0| return 0; 118| 0| } 119| | // This will not overflow or |cbb_buffer_reserve| would have failed. 120| 4.22k| base->len += len; 121| 4.22k| return 1; 122| 4.22k|} cbb.cc:_ZL23cbb_add_length_prefixedP6cbb_stS0_h: 318| 1.65k| uint8_t len_len) { 319| 1.65k| if (!CBB_flush(cbb)) { ------------------ | Branch (319:7): [True: 0, False: 1.65k] ------------------ 320| 0| return 0; 321| 0| } 322| | 323| 1.65k| return cbb_add_child(cbb, out_contents, len_len, /*is_asn1=*/0); 324| 1.65k|} cbb.cc:_ZL13cbb_add_childP6cbb_stS0_hi: 294| 1.65k| int is_asn1) { 295| 1.65k| assert(cbb->child == NULL); 296| 1.65k| assert(!is_asn1 || len_len == 1); 297| 1.65k| struct cbb_buffer_st *base = cbb_get_base(cbb); 298| 1.65k| size_t offset = base->len; 299| | 300| | // Reserve space for the length prefix. 301| 1.65k| uint8_t *prefix_bytes; 302| 1.65k| if (!cbb_buffer_add(base, &prefix_bytes, len_len)) { ------------------ | Branch (302:7): [True: 0, False: 1.65k] ------------------ 303| 0| return 0; 304| 0| } 305| 1.65k| OPENSSL_memset(prefix_bytes, 0, len_len); 306| | 307| 1.65k| CBB_zero(out_child); 308| 1.65k| out_child->is_child = 1; 309| 1.65k| out_child->u.child.base = base; 310| 1.65k| out_child->u.child.offset = offset; 311| 1.65k| out_child->u.child.pending_len_len = len_len; 312| 1.65k| out_child->u.child.pending_is_asn1 = is_asn1; 313| 1.65k| cbb->child = out_child; 314| 1.65k| return 1; 315| 1.65k|} cbb.cc:_ZL18cbb_buffer_reserveP13cbb_buffer_stPPhm: 71| 4.22k| size_t len) { 72| 4.22k| if (base == NULL) { ------------------ | Branch (72:7): [True: 0, False: 4.22k] ------------------ 73| 0| return 0; 74| 0| } 75| | 76| 4.22k| size_t newlen = base->len + len; 77| 4.22k| if (newlen < base->len) { ------------------ | Branch (77:7): [True: 0, False: 4.22k] ------------------ 78| | // Overflow 79| 0| OPENSSL_PUT_ERROR(CRYPTO, ERR_R_OVERFLOW); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 80| 0| goto err; 81| 0| } 82| | 83| 4.22k| if (newlen > base->cap) { ------------------ | Branch (83:7): [True: 233, False: 3.98k] ------------------ 84| 233| if (!base->can_resize) { ------------------ | Branch (84:9): [True: 0, False: 233] ------------------ 85| 0| OPENSSL_PUT_ERROR(CRYPTO, ERR_R_OVERFLOW); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 86| 0| goto err; 87| 0| } 88| | 89| 233| size_t newcap = base->cap * 2; 90| 233| if (newcap < base->cap || newcap < newlen) { ------------------ | Branch (90:9): [True: 0, False: 233] | Branch (90:31): [True: 90, False: 143] ------------------ 91| 90| newcap = newlen; 92| 90| } 93| 233| uint8_t *newbuf = 94| 233| reinterpret_cast(OPENSSL_realloc(base->buf, newcap)); 95| 233| if (newbuf == NULL) { ------------------ | Branch (95:9): [True: 0, False: 233] ------------------ 96| 0| goto err; 97| 0| } 98| | 99| 233| base->buf = newbuf; 100| 233| base->cap = newcap; 101| 233| } 102| | 103| 4.22k| if (out) { ------------------ | Branch (103:7): [True: 4.22k, False: 0] ------------------ 104| 4.22k| *out = base->buf + base->len; 105| 4.22k| } 106| | 107| 4.22k| return 1; 108| | 109| 0|err: 110| 0| base->error = 1; 111| 0| return 0; 112| 4.22k|} cbb.cc:_ZL9cbb_add_uP6cbb_stmm: 429| 816|static int cbb_add_u(CBB *cbb, uint64_t v, size_t len_len) { 430| 816| uint8_t *buf; 431| 816| if (!CBB_add_space(cbb, &buf, len_len)) { ------------------ | Branch (431:7): [True: 0, False: 816] ------------------ 432| 0| return 0; 433| 0| } 434| | 435| 2.11k| for (size_t i = len_len - 1; i < len_len; i--) { ------------------ | Branch (435:32): [True: 1.30k, False: 816] ------------------ 436| 1.30k| buf[i] = v; 437| 1.30k| v >>= 8; 438| 1.30k| } 439| | 440| | // |v| must fit in |len_len| bytes. 441| 816| if (v != 0) { ------------------ | Branch (441:7): [True: 0, False: 816] ------------------ 442| 0| cbb_on_error(cbb); 443| 0| return 0; 444| 0| } 445| | 446| 816| return 1; 447| 816|} CBS_get_u8: 95| 2.32k|int CBS_get_u8(CBS *cbs, uint8_t *out) { 96| 2.32k| const uint8_t *v; 97| 2.32k| if (!cbs_get(cbs, &v, 1)) { ------------------ | Branch (97:7): [True: 349, False: 1.97k] ------------------ 98| 349| return 0; 99| 349| } 100| 1.97k| *out = *v; 101| 1.97k| return 1; 102| 2.32k|} CBS_get_u16: 104| 254k|int CBS_get_u16(CBS *cbs, uint16_t *out) { 105| 254k| uint64_t v; 106| 254k| if (!cbs_get_u(cbs, &v, 2)) { ------------------ | Branch (106:7): [True: 101, False: 254k] ------------------ 107| 101| return 0; 108| 101| } 109| 254k| *out = v; 110| 254k| return 1; 111| 254k|} CBS_get_bytes: 166| 259k|int CBS_get_bytes(CBS *cbs, CBS *out, size_t len) { 167| 259k| const uint8_t *v; 168| 259k| if (!cbs_get(cbs, &v, len)) { ------------------ | Branch (168:7): [True: 133, False: 259k] ------------------ 169| 133| return 0; 170| 133| } 171| 259k| CBS_init(out, v, len); 172| 259k| return 1; 173| 259k|} CBS_get_u8_length_prefixed: 195| 2.63k|int CBS_get_u8_length_prefixed(CBS *cbs, CBS *out) { 196| 2.63k| return cbs_get_length_prefixed(cbs, out, 1); 197| 2.63k|} CBS_get_u16_length_prefixed: 199| 254k|int CBS_get_u16_length_prefixed(CBS *cbs, CBS *out) { 200| 254k| return cbs_get_length_prefixed(cbs, out, 2); 201| 254k|} CBS_get_u24_length_prefixed: 203| 783|int CBS_get_u24_length_prefixed(CBS *cbs, CBS *out) { 204| 783| return cbs_get_length_prefixed(cbs, out, 3); 205| 783|} cbs.cc:_ZL7cbs_getP6cbs_stPPKhm: 29| 773k|static int cbs_get(CBS *cbs, const uint8_t **p, size_t n) { 30| 773k| if (cbs->len < n) { ------------------ | Branch (30:7): [True: 629, False: 773k] ------------------ 31| 629| return 0; 32| 629| } 33| | 34| 773k| *p = cbs->data; 35| 773k| cbs->data += n; 36| 773k| cbs->len -= n; 37| 773k| return 1; 38| 773k|} cbs.cc:_ZL9cbs_get_uP6cbs_stPmm: 80| 512k|static int cbs_get_u(CBS *cbs, uint64_t *out, size_t len) { 81| 512k| uint64_t result = 0; 82| 512k| const uint8_t *data; 83| | 84| 512k| if (!cbs_get(cbs, &data, len)) { ------------------ | Branch (84:7): [True: 147, False: 512k] ------------------ 85| 147| return 0; 86| 147| } 87| 1.53M| for (size_t i = 0; i < len; i++) { ------------------ | Branch (87:22): [True: 1.02M, False: 512k] ------------------ 88| 1.02M| result <<= 8; 89| 1.02M| result |= data[i]; 90| 1.02M| } 91| 512k| *out = result; 92| 512k| return 1; 93| 512k|} cbs.cc:_ZL23cbs_get_length_prefixedP6cbs_stS0_m: 184| 257k|static int cbs_get_length_prefixed(CBS *cbs, CBS *out, size_t len_len) { 185| 257k| uint64_t len; 186| 257k| if (!cbs_get_u(cbs, &len, len_len)) { ------------------ | Branch (186:7): [True: 46, False: 257k] ------------------ 187| 46| return 0; 188| 46| } 189| | // If |len_len| <= 3 then we know that |len| will fit into a |size_t|, even on 190| | // 32-bit systems. 191| 257k| assert(len_len <= 3); 192| 257k| return CBS_get_bytes(cbs, out, len); 193| 257k|} CRYPTO_chacha_20: 100| 1| uint32_t counter) { 101| 1| assert(!buffers_alias(out, in_len, in, in_len) || in == out); 102| | 103| 1| uint32_t counter_nonce[4]; 104| 1| counter_nonce[0] = counter; 105| 1| counter_nonce[1] = CRYPTO_load_u32_le(nonce + 0); 106| 1| counter_nonce[2] = CRYPTO_load_u32_le(nonce + 4); 107| 1| counter_nonce[3] = CRYPTO_load_u32_le(nonce + 8); 108| | 109| 1| const uint32_t *key_ptr = (const uint32_t *)key; 110| |#if !defined(OPENSSL_X86) && !defined(OPENSSL_X86_64) 111| | // The assembly expects the key to be four-byte aligned. 112| | uint32_t key_u32[8]; 113| | if ((((uintptr_t)key) & 3) != 0) { 114| | key_u32[0] = CRYPTO_load_u32_le(key + 0); 115| | key_u32[1] = CRYPTO_load_u32_le(key + 4); 116| | key_u32[2] = CRYPTO_load_u32_le(key + 8); 117| | key_u32[3] = CRYPTO_load_u32_le(key + 12); 118| | key_u32[4] = CRYPTO_load_u32_le(key + 16); 119| | key_u32[5] = CRYPTO_load_u32_le(key + 20); 120| | key_u32[6] = CRYPTO_load_u32_le(key + 24); 121| | key_u32[7] = CRYPTO_load_u32_le(key + 28); 122| | 123| | key_ptr = key_u32; 124| | } 125| |#endif 126| | 127| 2| while (in_len > 0) { ------------------ | Branch (127:10): [True: 1, False: 1] ------------------ 128| | // The assembly functions do not have defined overflow behavior. While 129| | // overflow is almost always a bug in the caller, we prefer our functions to 130| | // behave the same across platforms, so divide into multiple calls to avoid 131| | // this case. 132| 1| uint64_t todo = 64 * ((UINT64_C(1) << 32) - counter_nonce[0]); 133| 1| if (todo > in_len) { ------------------ | Branch (133:9): [True: 1, False: 0] ------------------ 134| 1| todo = in_len; 135| 1| } 136| | 137| 1| ChaCha20_ctr32(out, in, (size_t)todo, key_ptr, counter_nonce); 138| 1| in += todo; 139| 1| out += todo; 140| 1| in_len -= todo; 141| | 142| | // We're either done and will next break out of the loop, or we stopped at 143| | // the wraparound point and the counter should continue at zero. 144| 1| counter_nonce[0] = 0; 145| 1| } 146| 1|} chacha.cc:_ZL14ChaCha20_ctr32PhPKhmPKjS3_: 65| 1| const uint32_t key[8], const uint32_t counter[4]) { 66| |#if defined(CHACHA20_ASM_NEON) 67| | if (ChaCha20_ctr32_neon_capable(in_len)) { 68| | ChaCha20_ctr32_neon(out, in, in_len, key, counter); 69| | return; 70| | } 71| |#endif 72| 1|#if defined(CHACHA20_ASM_AVX2) 73| 1| if (ChaCha20_ctr32_avx2_capable(in_len)) { ------------------ | Branch (73:7): [True: 0, False: 1] ------------------ 74| 0| ChaCha20_ctr32_avx2(out, in, in_len, key, counter); 75| 0| return; 76| 0| } 77| 1|#endif 78| 1|#if defined(CHACHA20_ASM_SSSE3_4X) 79| 1| if (ChaCha20_ctr32_ssse3_4x_capable(in_len)) { ------------------ | Branch (79:7): [True: 0, False: 1] ------------------ 80| 0| ChaCha20_ctr32_ssse3_4x(out, in, in_len, key, counter); 81| 0| return; 82| 0| } 83| 1|#endif 84| 1|#if defined(CHACHA20_ASM_SSSE3) 85| 1| if (ChaCha20_ctr32_ssse3_capable(in_len)) { ------------------ | Branch (85:7): [True: 0, False: 1] ------------------ 86| 0| ChaCha20_ctr32_ssse3(out, in, in_len, key, counter); 87| 0| return; 88| 0| } 89| 1|#endif 90| 1| if (in_len > 0) { ------------------ | Branch (90:7): [True: 1, False: 0] ------------------ 91| 1| ChaCha20_ctr32_nohw(out, in, in_len, key, counter); 92| 1| } 93| 1|} ChaCha20_ctr32_avx2_capable: 60| 1|inline int ChaCha20_ctr32_avx2_capable(size_t len) { 61| 1| return len > 128 && CRYPTO_is_AVX2_capable(); ------------------ | Branch (61:10): [True: 0, False: 1] | Branch (61:23): [True: 0, False: 0] ------------------ 62| 1|} ChaCha20_ctr32_ssse3_4x_capable: 67| 1|inline int ChaCha20_ctr32_ssse3_4x_capable(size_t len) { 68| 1| int capable = len > 128 && CRYPTO_is_SSSE3_capable(); ------------------ | Branch (68:17): [True: 0, False: 1] | Branch (68:30): [True: 0, False: 0] ------------------ 69| 1| int faster = len > 192 || !CRYPTO_cpu_perf_is_like_silvermont(); ------------------ | Branch (69:16): [True: 0, False: 1] | Branch (69:29): [True: 1, False: 0] ------------------ 70| 1| return capable && faster; ------------------ | Branch (70:10): [True: 0, False: 1] | Branch (70:21): [True: 0, False: 0] ------------------ 71| 1|} ChaCha20_ctr32_ssse3_capable: 76| 1|inline int ChaCha20_ctr32_ssse3_capable(size_t len) { 77| 1| return len > 128 && CRYPTO_is_SSSE3_capable(); ------------------ | Branch (77:10): [True: 0, False: 1] | Branch (77:23): [True: 0, False: 0] ------------------ 78| 1|} OPENSSL_cpuid_setup: 149| 1|void OPENSSL_cpuid_setup(void) { 150| | // Determine the vendor and maximum input value. 151| 1| uint32_t eax, ebx, ecx, edx; 152| 1| OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 0); 153| | 154| 1| uint32_t num_ids = eax; 155| | 156| 1| int is_intel = ebx == 0x756e6547 /* Genu */ && // ------------------ | Branch (156:18): [True: 0, False: 1] ------------------ 157| 1| edx == 0x49656e69 /* ineI */ && // ------------------ | Branch (157:18): [True: 0, False: 0] ------------------ 158| 1| ecx == 0x6c65746e /* ntel */; ------------------ | Branch (158:18): [True: 0, False: 0] ------------------ 159| 1| int is_amd = ebx == 0x68747541 /* Auth */ && // ------------------ | Branch (159:16): [True: 1, False: 0] ------------------ 160| 1| edx == 0x69746e65 /* enti */ && // ------------------ | Branch (160:16): [True: 1, False: 0] ------------------ 161| 1| ecx == 0x444d4163 /* cAMD */; ------------------ | Branch (161:16): [True: 1, False: 0] ------------------ 162| | 163| 1| uint32_t extended_features[2] = {0}; 164| 1| if (num_ids >= 7) { ------------------ | Branch (164:7): [True: 1, False: 0] ------------------ 165| 1| OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 7); 166| 1| extended_features[0] = ebx; 167| 1| extended_features[1] = ecx; 168| 1| } 169| | 170| 1| OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 1); 171| | 172| 1| const uint32_t base_family = (eax >> 8) & 15; 173| 1| const uint32_t base_model = (eax >> 4) & 15; 174| | 175| 1| uint32_t family = base_family; 176| 1| uint32_t model = base_model; 177| 1| if (base_family == 15) { ------------------ | Branch (177:7): [True: 1, False: 0] ------------------ 178| 1| const uint32_t ext_family = (eax >> 20) & 255; 179| 1| family += ext_family; 180| 1| } 181| 1| if (base_family == 6 || base_family == 15) { ------------------ | Branch (181:7): [True: 0, False: 1] | Branch (181:27): [True: 1, False: 0] ------------------ 182| 1| const uint32_t ext_model = (eax >> 16) & 15; 183| 1| model |= ext_model << 4; 184| 1| } 185| | 186| 1| if (is_amd) { ------------------ | Branch (186:7): [True: 1, False: 0] ------------------ 187| 1| if (family < 0x17 || (family == 0x17 && 0x70 <= model && model <= 0x7f)) { ------------------ | Branch (187:9): [True: 0, False: 1] | Branch (187:27): [True: 1, False: 0] | Branch (187:45): [True: 0, False: 1] | Branch (187:62): [True: 0, False: 0] ------------------ 188| | // Disable RDRAND on AMD families before 0x17 (Zen) due to reported 189| | // failures after suspend. 190| | // https://bugzilla.redhat.com/show_bug.cgi?id=1150286 191| | // Also disable for family 0x17, models 0x70–0x7f, due to possible RDRAND 192| | // failures there too. 193| 0| ecx &= ~(1u << 30); 194| 0| } 195| 1| } 196| | 197| | // Reserved bit #30 is repurposed to signal an Intel CPU. 198| 1| if (is_intel) { ------------------ | Branch (198:7): [True: 0, False: 1] ------------------ 199| 0| edx |= (1u << 30); 200| 1| } else { 201| 1| edx &= ~(1u << 30); 202| 1| } 203| | 204| 1| uint64_t xcr0 = 0; 205| 1| if (ecx & (1u << 27)) { ------------------ | Branch (205:7): [True: 1, False: 0] ------------------ 206| | // XCR0 may only be queried if the OSXSAVE bit is set. 207| 1| xcr0 = OPENSSL_xgetbv(0); 208| 1| } 209| | // See Intel manual, volume 1, section 14.3. 210| 1| if ((xcr0 & 6) != 6) { ------------------ | Branch (210:7): [True: 0, False: 1] ------------------ 211| | // YMM registers cannot be used. 212| 0| ecx &= ~(1u << 28); // AVX 213| 0| ecx &= ~(1u << 12); // FMA 214| 0| ecx &= ~(1u << 11); // AMD XOP 215| 0| extended_features[0] &= ~(1u << 5); // AVX2 216| 0| extended_features[1] &= ~(1u << 9); // VAES 217| 0| extended_features[1] &= ~(1u << 10); // VPCLMULQDQ 218| 0| } 219| | // See Intel manual, volume 1, sections 15.2 ("Detection of AVX-512 Foundation 220| | // Instructions") through 15.4 ("Detection of Intel AVX-512 Instruction Groups 221| | // Operating at 256 and 128-bit Vector Lengths"). 222| 1| if (!os_supports_avx512(xcr0)) { ------------------ | Branch (222:7): [True: 1, False: 0] ------------------ 223| | // Without XCR0.111xx11x, no AVX512 feature can be used. This includes ZMM 224| | // registers, masking, SIMD registers 16-31 (even if accessed as YMM or 225| | // XMM), and EVEX-coded instructions (even on YMM or XMM). Even if only 226| | // XCR0.ZMM_Hi256 is missing, it isn't valid to use AVX512 features on 227| | // shorter vectors, since AVX512 ties everything to the availability of 228| | // 512-bit vectors. See the above-mentioned sections of the Intel manual, 229| | // which say that *all* these XCR0 bits must be checked even when just using 230| | // 128-bit or 256-bit vectors, and also volume 2a section 2.7.11 ("#UD 231| | // Equations for EVEX") which says that all EVEX-coded instructions raise an 232| | // undefined-instruction exception if any of these XCR0 bits is zero. 233| 1| extended_features[0] &= ~(1u << 16); // AVX512F 234| 1| extended_features[0] &= ~(1u << 17); // AVX512DQ 235| 1| extended_features[0] &= ~(1u << 21); // AVX512IFMA 236| 1| extended_features[0] &= ~(1u << 26); // AVX512PF 237| 1| extended_features[0] &= ~(1u << 27); // AVX512ER 238| 1| extended_features[0] &= ~(1u << 28); // AVX512CD 239| 1| extended_features[0] &= ~(1u << 30); // AVX512BW 240| 1| extended_features[0] &= ~(1u << 31); // AVX512VL 241| 1| extended_features[1] &= ~(1u << 1); // AVX512VBMI 242| 1| extended_features[1] &= ~(1u << 6); // AVX512VBMI2 243| 1| extended_features[1] &= ~(1u << 11); // AVX512VNNI 244| 1| extended_features[1] &= ~(1u << 12); // AVX512BITALG 245| 1| extended_features[1] &= ~(1u << 14); // AVX512VPOPCNTDQ 246| 1| } 247| | 248| | // Repurpose the bit for the removed MPX feature to indicate when using zmm 249| | // registers should be avoided even when they are supported. (When set, AVX512 250| | // features can still be used, but only using ymm or xmm registers.) Skylake 251| | // suffered from severe downclocking when zmm registers were used, which 252| | // affected unrelated code running on the system, making zmm registers not too 253| | // useful outside of benchmarks. The situation improved significantly by Ice 254| | // Lake, but a small amount of downclocking remained. (See 255| | // https://lore.kernel.org/linux-crypto/e8ce1146-3952-6977-1d0e-a22758e58914@intel.com/) 256| | // We take a conservative approach of not allowing zmm registers until after 257| | // Ice Lake and Tiger Lake, i.e. until Sapphire Rapids on the server side. 258| | // 259| | // AMD CPUs, which support AVX512 starting with Zen 4, have not been reported 260| | // to have any downclocking problem when zmm registers are used. 261| 1| if (is_intel && family == 6 && ------------------ | Branch (261:7): [True: 0, False: 1] | Branch (261:19): [True: 0, False: 0] ------------------ 262| 1| (model == 85 || // Skylake, Cascade Lake, Cooper Lake (server) ------------------ | Branch (262:8): [True: 0, False: 0] ------------------ 263| 0| model == 106 || // Ice Lake (server) ------------------ | Branch (263:8): [True: 0, False: 0] ------------------ 264| 0| model == 108 || // Ice Lake (micro server) ------------------ | Branch (264:8): [True: 0, False: 0] ------------------ 265| 0| model == 125 || // Ice Lake (client) ------------------ | Branch (265:8): [True: 0, False: 0] ------------------ 266| 0| model == 126 || // Ice Lake (mobile) ------------------ | Branch (266:8): [True: 0, False: 0] ------------------ 267| 0| model == 140 || // Tiger Lake (mobile) ------------------ | Branch (267:8): [True: 0, False: 0] ------------------ 268| 0| model == 141)) { // Tiger Lake (client) ------------------ | Branch (268:8): [True: 0, False: 0] ------------------ 269| 0| extended_features[0] |= 1u << 14; 270| 1| } else { 271| 1| extended_features[0] &= ~(1u << 14); 272| 1| } 273| | 274| 1| OPENSSL_ia32cap_P[0] = edx; 275| 1| OPENSSL_ia32cap_P[1] = ecx; 276| 1| OPENSSL_ia32cap_P[2] = extended_features[0]; 277| 1| OPENSSL_ia32cap_P[3] = extended_features[1]; 278| | 279| 1| const char *env = getenv("OPENSSL_ia32cap"); 280| 1| if (env != nullptr) { ------------------ | Branch (280:7): [True: 0, False: 1] ------------------ 281| 0| OPENSSL_adjust_ia32cap(OPENSSL_ia32cap_P, env); 282| 0| } 283| 1|} cpu_intel.cc:_ZL13OPENSSL_cpuidPjS_S_S_j: 38| 3| uint32_t *out_ecx, uint32_t *out_edx, uint32_t leaf) { 39| |#if defined(_MSC_VER) 40| | int tmp[4]; 41| | __cpuid(tmp, (int)leaf); 42| | *out_eax = (uint32_t)tmp[0]; 43| | *out_ebx = (uint32_t)tmp[1]; 44| | *out_ecx = (uint32_t)tmp[2]; 45| | *out_edx = (uint32_t)tmp[3]; 46| |#elif defined(__pic__) && defined(OPENSSL_32_BIT) 47| | // Inline assembly may not clobber the PIC register. For 32-bit, this is EBX. 48| | // See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=47602. 49| | __asm__ volatile( 50| | "xor %%ecx, %%ecx\n" 51| | "mov %%ebx, %%edi\n" 52| | "cpuid\n" 53| | "xchg %%edi, %%ebx\n" 54| | : "=a"(*out_eax), "=D"(*out_ebx), "=c"(*out_ecx), "=d"(*out_edx) 55| | : "a"(leaf)); 56| |#else 57| 3| __asm__ volatile( 58| 3| "xor %%ecx, %%ecx\n" 59| 3| "cpuid\n" 60| 3| : "=a"(*out_eax), "=b"(*out_ebx), "=c"(*out_ecx), "=d"(*out_edx) 61| 3| : "a"(leaf)); 62| 3|#endif 63| 3|} cpu_intel.cc:_ZL14OPENSSL_xgetbvj: 67| 1|static uint64_t OPENSSL_xgetbv(uint32_t xcr) { 68| |#if defined(_MSC_VER) 69| | return (uint64_t)_xgetbv(xcr); 70| |#else 71| 1| uint32_t eax, edx; 72| 1| __asm__ volatile("xgetbv" : "=a"(eax), "=d"(edx) : "c"(xcr)); 73| 1| return (((uint64_t)edx) << 32) | eax; 74| 1|#endif 75| 1|} cpu_intel.cc:_ZL18os_supports_avx512m: 77| 1|static bool os_supports_avx512(uint64_t xcr0) { 78| |#if defined(__APPLE__) 79| | // The Darwin kernel had a bug where it could corrupt the opmask registers. 80| | // See 81| | // https://community.intel.com/t5/Software-Tuning-Performance/MacOS-Darwin-kernel-bug-clobbers-AVX-512-opmask-register-state/m-p/1327259 82| | // Darwin also does not initially set the XCR0 bits for AVX512, but they are 83| | // set if the thread tries to use AVX512 anyway. Thus, to safely and 84| | // consistently use AVX512 on macOS we'd need to check the kernel version as 85| | // well as detect AVX512 support using a macOS-specific method. We don't 86| | // bother with this, especially given Apple's transition to arm64. 87| | return false; 88| |#else 89| 1| return (xcr0 & 0xe6) == 0xe6; 90| 1|#endif 91| 1|} OPENSSL_get_ia32cap: 65| 10|uint32_t OPENSSL_get_ia32cap(int idx) { 66| 10| OPENSSL_init_cpuid(); 67| 10| return OPENSSL_ia32cap_P[idx]; 68| 10|} OPENSSL_init_cpuid: 87| 10|void OPENSSL_init_cpuid(void) { CRYPTO_once(&once, OPENSSL_cpuid_setup); } ERR_put_error: 583| 715| unsigned line) { 584| 715| ERR_STATE *const state = err_get_state(); 585| 715| struct err_error_st *error; 586| | 587| 715| if (state == NULL) { ------------------ | Branch (587:7): [True: 0, False: 715] ------------------ 588| 0| return; 589| 0| } 590| | 591| 715| if (library == ERR_LIB_SYS && reason == 0) { ------------------ | Branch (591:7): [True: 0, False: 715] | Branch (591:33): [True: 0, False: 0] ------------------ 592| |#if defined(OPENSSL_WINDOWS) 593| | reason = GetLastError(); 594| |#else 595| 0| reason = errno; 596| 0|#endif 597| 0| } 598| | 599| 715| state->top = (state->top + 1) % ERR_NUM_ERRORS; ------------------ | | 397| 715|#define ERR_NUM_ERRORS 16 ------------------ 600| 715| if (state->top == state->bottom) { ------------------ | Branch (600:7): [True: 700, False: 15] ------------------ 601| 700| state->bottom = (state->bottom + 1) % ERR_NUM_ERRORS; ------------------ | | 397| 700|#define ERR_NUM_ERRORS 16 ------------------ 602| 700| } 603| | 604| 715| error = &state->errors[state->top]; 605| 715| err_clear(error); 606| 715| error->file = file; 607| 715| error->line = line; 608| 715| error->packed = ERR_PACK(library, reason); ------------------ | | 400| 715| (((((uint32_t)(lib)) & 0xff) << 24) | ((((uint32_t)(reason)) & 0xfff))) ------------------ 609| 715|} err.cc:_ZL13err_get_statev: 124| 715|static ERR_STATE *err_get_state(void) { 125| 715| ERR_STATE *state = reinterpret_cast( 126| 715| CRYPTO_get_thread_local(OPENSSL_THREAD_LOCAL_ERR)); 127| 715| if (state == NULL) { ------------------ | Branch (127:7): [True: 1, False: 714] ------------------ 128| 1| state = reinterpret_cast(malloc(sizeof(ERR_STATE))); 129| 1| if (state == NULL) { ------------------ | Branch (129:9): [True: 0, False: 1] ------------------ 130| 0| return NULL; 131| 0| } 132| 1| OPENSSL_memset(state, 0, sizeof(ERR_STATE)); 133| 1| if (!CRYPTO_set_thread_local(OPENSSL_THREAD_LOCAL_ERR, state, ------------------ | Branch (133:9): [True: 0, False: 1] ------------------ 134| 1| err_state_free)) { 135| 0| return NULL; 136| 0| } 137| 1| } 138| | 139| 715| return state; 140| 715|} err.cc:_ZL9err_clearPN12_GLOBAL__N_112err_error_stE: 84| 715|static void err_clear(struct err_error_st *error) { 85| 715| free(error->data); 86| 715| OPENSSL_memset(error, 0, sizeof(struct err_error_st)); 87| 715|} CRYPTO_new_ex_data: 109| 5|void CRYPTO_new_ex_data(CRYPTO_EX_DATA *ad) { ad->sk = NULL; } CRYPTO_free_ex_data: 112| 5| CRYPTO_EX_DATA *ad) { 113| 5| if (ad->sk == NULL) { ------------------ | Branch (113:7): [True: 5, False: 0] ------------------ 114| | // Nothing to do. 115| 5| return; 116| 5| } 117| | 118| 0| uint32_t num_funcs = CRYPTO_atomic_load_u32(&ex_data_class->num_funcs); 119| | // |CRYPTO_get_ex_new_index_ex| will not allocate indices beyond |INT_MAX|. 120| 0| assert(num_funcs <= (size_t)(INT_MAX - ex_data_class->num_reserved)); 121| | 122| | // Defer dereferencing |ex_data_class->funcs| and |funcs->next|. It must come 123| | // after the |num_funcs| comparison to be correctly synchronized. 124| 0| CRYPTO_EX_DATA_FUNCS *const *funcs = &ex_data_class->funcs; 125| 0| for (uint32_t i = 0; i < num_funcs; i++) { ------------------ | Branch (125:24): [True: 0, False: 0] ------------------ 126| 0| if ((*funcs)->free_func != NULL) { ------------------ | Branch (126:9): [True: 0, False: 0] ------------------ 127| 0| int index = (int)i + ex_data_class->num_reserved; 128| 0| void *ptr = CRYPTO_get_ex_data(ad, index); 129| 0| (*funcs)->free_func(/*parent=*/nullptr, ptr, /*ad*/ nullptr, index, 130| 0| (*funcs)->argl, (*funcs)->argp); 131| 0| } 132| 0| funcs = &(*funcs)->next; 133| 0| } 134| | 135| 0| sk_void_free(ad->sk); 136| 0| ad->sk = NULL; 137| 0|} aes_hw_set_encrypt_key: 96| 3|int aes_hw_set_encrypt_key(const uint8_t *user_key, int bits, AES_KEY *key) { 97| 3| if (aes_hw_set_encrypt_key_alt_preferred()) { ------------------ | Branch (97:7): [True: 3, False: 0] ------------------ 98| 3| return aes_hw_set_encrypt_key_alt(user_key, bits, key); 99| 3| } else { 100| 0| return aes_hw_set_encrypt_key_base(user_key, bits, key); 101| 0| } 102| 3|} aes_ctr_set_key: 164| 3| size_t key_bytes) { 165| | // This function assumes the key length was previously validated. 166| 3| assert(key_bytes == 128 / 8 || key_bytes == 192 / 8 || key_bytes == 256 / 8); 167| 3| if (hwaes_capable()) { ------------------ | Branch (167:7): [True: 3, False: 0] ------------------ 168| 3| aes_hw_set_encrypt_key(key, (int)key_bytes * 8, aes_key); 169| 3| if (out_is_hwaes) { ------------------ | Branch (169:9): [True: 0, False: 3] ------------------ 170| 0| *out_is_hwaes = 1; 171| 0| } 172| 3| if (out_block) { ------------------ | Branch (172:9): [True: 3, False: 0] ------------------ 173| 3| *out_block = aes_hw_encrypt; 174| 3| } 175| 3| return aes_hw_ctr32_encrypt_blocks; 176| 3| } 177| | 178| 0| if (vpaes_capable()) { ------------------ | Branch (178:7): [True: 0, False: 0] ------------------ 179| 0| vpaes_set_encrypt_key(key, (int)key_bytes * 8, aes_key); 180| 0| if (out_block) { ------------------ | Branch (180:9): [True: 0, False: 0] ------------------ 181| 0| *out_block = vpaes_encrypt; 182| 0| } 183| 0| if (out_is_hwaes) { ------------------ | Branch (183:9): [True: 0, False: 0] ------------------ 184| 0| *out_is_hwaes = 0; 185| 0| } 186| |#if defined(BSAES) 187| | assert(bsaes_capable()); 188| | return vpaes_ctr32_encrypt_blocks_with_bsaes; 189| |#else 190| 0| return vpaes_ctr32_encrypt_blocks; 191| 0|#endif 192| 0| } 193| | 194| 0| aes_nohw_set_encrypt_key(key, (int)key_bytes * 8, aes_key); 195| 0| if (out_is_hwaes) { ------------------ | Branch (195:7): [True: 0, False: 0] ------------------ 196| 0| *out_is_hwaes = 0; 197| 0| } 198| 0| if (out_block) { ------------------ | Branch (198:7): [True: 0, False: 0] ------------------ 199| 0| *out_block = aes_nohw_encrypt; 200| 0| } 201| 0| return aes_nohw_ctr32_encrypt_blocks; 202| 0|} crypto_gcm_clmul_enabled: 597| 1|int crypto_gcm_clmul_enabled(void) { 598| 1|#if defined(GHASH_ASM_X86) || defined(GHASH_ASM_X86_64) 599| 1| return CRYPTO_is_PCLMUL_capable() && CRYPTO_is_SSSE3_capable(); ------------------ | Branch (599:10): [True: 1, False: 0] | Branch (599:40): [True: 1, False: 0] ------------------ 600| |#else 601| | return 0; 602| |#endif 603| 1|} hwaes_capable: 60| 7|inline int hwaes_capable(void) { return CRYPTO_is_AESNI_capable(); } aes_hw_set_encrypt_key_alt_preferred: 118| 3|inline int aes_hw_set_encrypt_key_alt_preferred(void) { 119| 3| return hwaes_capable() && CRYPTO_is_AVX_capable(); ------------------ | Branch (119:10): [True: 3, False: 0] | Branch (119:29): [True: 3, False: 0] ------------------ 120| 3|} EVP_AEAD_CTX_zero: 36| 3|void EVP_AEAD_CTX_zero(EVP_AEAD_CTX *ctx) { 37| 3| OPENSSL_memset(ctx, 0, sizeof(EVP_AEAD_CTX)); 38| 3|} EVP_AEAD_CTX_cleanup: 103| 3|void EVP_AEAD_CTX_cleanup(EVP_AEAD_CTX *ctx) { 104| 3| if (ctx->aead == NULL) { ------------------ | Branch (104:7): [True: 3, False: 0] ------------------ 105| 3| return; 106| 3| } 107| 0| ctx->aead->cleanup(ctx); 108| 0| ctx->aead = NULL; 109| 0|} EVP_has_aes_hardware: 1227| 1|int EVP_has_aes_hardware(void) { 1228| 1|#if defined(OPENSSL_X86) || defined(OPENSSL_X86_64) 1229| 1| return hwaes_capable() && crypto_gcm_clmul_enabled(); ------------------ | Branch (1229:10): [True: 1, False: 0] | Branch (1229:29): [True: 1, False: 0] ------------------ 1230| |#elif defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64) 1231| | return hwaes_capable() && CRYPTO_is_ARMv8_PMULL_capable(); 1232| |#else 1233| | return 0; 1234| |#endif 1235| 1|} EVP_MD_CTX_init: 38| 6|void EVP_MD_CTX_init(EVP_MD_CTX *ctx) { 39| 6| ctx->digest = nullptr; 40| 6| ctx->pctx = nullptr; 41| 6| ctx->pctx_ops = nullptr; 42| 6|} EVP_MD_CTX_cleanup: 57| 3|int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) { 58| 3| assert(ctx->pctx == NULL || ctx->pctx_ops != NULL); 59| 3| if (ctx->pctx_ops) { ------------------ | Branch (59:7): [True: 0, False: 3] ------------------ 60| 0| ctx->pctx_ops->free(ctx->pctx); 61| 0| } 62| | 63| 3| EVP_MD_CTX_init(ctx); 64| | 65| 3| return 1; 66| 3|} CTR_DRBG_init: 50| 1| const uint8_t *personalization, size_t personalization_len) { 51| | // Section 10.2.1.3.1 52| 1| if (personalization_len > CTR_DRBG_ENTROPY_LEN) { ------------------ | | 36| 1|#define CTR_DRBG_ENTROPY_LEN 48 ------------------ | Branch (52:7): [True: 0, False: 1] ------------------ 53| 0| return 0; 54| 0| } 55| | 56| 1| uint8_t seed_material[CTR_DRBG_ENTROPY_LEN]; 57| 1| OPENSSL_memcpy(seed_material, entropy, CTR_DRBG_ENTROPY_LEN); ------------------ | | 36| 1|#define CTR_DRBG_ENTROPY_LEN 48 ------------------ 58| | 59| 1| for (size_t i = 0; i < personalization_len; i++) { ------------------ | Branch (59:22): [True: 0, False: 1] ------------------ 60| 0| seed_material[i] ^= personalization[i]; 61| 0| } 62| | 63| | // Section 10.2.1.2 64| | 65| | // kInitMask is the result of encrypting blocks with big-endian value 1, 2 66| | // and 3 with the all-zero AES-256 key. 67| 1| static const uint8_t kInitMask[CTR_DRBG_ENTROPY_LEN] = { 68| 1| 0x53, 0x0f, 0x8a, 0xfb, 0xc7, 0x45, 0x36, 0xb9, 0xa9, 0x63, 0xb4, 0xf1, 69| 1| 0xc4, 0xcb, 0x73, 0x8b, 0xce, 0xa7, 0x40, 0x3d, 0x4d, 0x60, 0x6b, 0x6e, 70| 1| 0x07, 0x4e, 0xc5, 0xd3, 0xba, 0xf3, 0x9d, 0x18, 0x72, 0x60, 0x03, 0xca, 71| 1| 0x37, 0xa6, 0x2a, 0x74, 0xd1, 0xa2, 0xf5, 0x8e, 0x75, 0x06, 0x35, 0x8e, 72| 1| }; 73| | 74| 49| for (size_t i = 0; i < sizeof(kInitMask); i++) { ------------------ | Branch (74:22): [True: 48, False: 1] ------------------ 75| 48| seed_material[i] ^= kInitMask[i]; 76| 48| } 77| | 78| 1| drbg->ctr = aes_ctr_set_key(&drbg->ks, NULL, &drbg->block, seed_material, 32); 79| 1| OPENSSL_memcpy(drbg->counter, seed_material + 32, 16); 80| 1| drbg->reseed_counter = 1; 81| | 82| 1| return 1; 83| 1|} CTR_DRBG_generate: 151| 1| size_t additional_data_len) { 152| | // See 9.3.1 153| 1| if (out_len > CTR_DRBG_MAX_GENERATE_LENGTH) { ------------------ | | 40| 1|#define CTR_DRBG_MAX_GENERATE_LENGTH 65536 ------------------ | Branch (153:7): [True: 0, False: 1] ------------------ 154| 0| return 0; 155| 0| } 156| | 157| | // See 10.2.1.5.1 158| 1| if (drbg->reseed_counter > kMaxReseedCount) { ------------------ | Branch (158:7): [True: 0, False: 1] ------------------ 159| 0| return 0; 160| 0| } 161| | 162| 1| if (additional_data_len != 0 && ------------------ | Branch (162:7): [True: 1, False: 0] ------------------ 163| 1| !ctr_drbg_update(drbg, additional_data, additional_data_len)) { ------------------ | Branch (163:7): [True: 0, False: 1] ------------------ 164| 0| return 0; 165| 0| } 166| | 167| | // kChunkSize is used to interact better with the cache. Since the AES-CTR 168| | // code assumes that it's encrypting rather than just writing keystream, the 169| | // buffer has to be zeroed first. Without chunking, large reads would zero 170| | // the whole buffer, flushing the L1 cache, and then do another pass (missing 171| | // the cache every time) to “encrypt” it. The code can avoid this by 172| | // chunking. 173| 1| static const size_t kChunkSize = 8 * 1024; 174| | 175| 1| while (out_len >= AES_BLOCK_SIZE) { ------------------ | | 34| 1|#define AES_BLOCK_SIZE 16 ------------------ | Branch (175:10): [True: 0, False: 1] ------------------ 176| 0| size_t todo = kChunkSize; 177| 0| if (todo > out_len) { ------------------ | Branch (177:9): [True: 0, False: 0] ------------------ 178| 0| todo = out_len; 179| 0| } 180| | 181| 0| todo &= ~(AES_BLOCK_SIZE - 1); ------------------ | | 34| 0|#define AES_BLOCK_SIZE 16 ------------------ 182| 0| const size_t num_blocks = todo / AES_BLOCK_SIZE; ------------------ | | 34| 0|#define AES_BLOCK_SIZE 16 ------------------ 183| | 184| 0| OPENSSL_memset(out, 0, todo); 185| 0| ctr32_add(drbg, 1); 186| 0| drbg->ctr(out, out, num_blocks, &drbg->ks, drbg->counter); 187| 0| ctr32_add(drbg, (uint32_t)(num_blocks - 1)); 188| | 189| 0| out += todo; 190| 0| out_len -= todo; 191| 0| } 192| | 193| 1| if (out_len > 0) { ------------------ | Branch (193:7): [True: 1, False: 0] ------------------ 194| 1| uint8_t block[AES_BLOCK_SIZE]; 195| 1| ctr32_add(drbg, 1); 196| 1| drbg->block(drbg->counter, block, &drbg->ks); 197| | 198| 1| OPENSSL_memcpy(out, block, out_len); 199| 1| } 200| | 201| | // Right-padding |additional_data| in step 2.2 is handled implicitly by 202| | // |ctr_drbg_update|, to save a copy. 203| 1| if (!ctr_drbg_update(drbg, additional_data, additional_data_len)) { ------------------ | Branch (203:7): [True: 0, False: 1] ------------------ 204| 0| return 0; 205| 0| } 206| | 207| 1| drbg->reseed_counter++; 208| 1| FIPS_service_indicator_update_state(); 209| 1| return 1; 210| 1|} bcm.cc:_ZL15ctr_drbg_updateP17ctr_drbg_state_stPKhm: 96| 2| size_t data_len) { 97| | // Per section 10.2.1.2, |data_len| must be |CTR_DRBG_ENTROPY_LEN|. Here, we 98| | // allow shorter inputs and right-pad them with zeros. This is equivalent to 99| | // the specified algorithm but saves a copy in |CTR_DRBG_generate|. 100| 2| if (data_len > CTR_DRBG_ENTROPY_LEN) { ------------------ | | 36| 2|#define CTR_DRBG_ENTROPY_LEN 48 ------------------ | Branch (100:7): [True: 0, False: 2] ------------------ 101| 0| return 0; 102| 0| } 103| | 104| 2| uint8_t temp[CTR_DRBG_ENTROPY_LEN]; 105| 8| for (size_t i = 0; i < CTR_DRBG_ENTROPY_LEN; i += AES_BLOCK_SIZE) { ------------------ | | 36| 8|#define CTR_DRBG_ENTROPY_LEN 48 ------------------ for (size_t i = 0; i < CTR_DRBG_ENTROPY_LEN; i += AES_BLOCK_SIZE) { ------------------ | | 34| 6|#define AES_BLOCK_SIZE 16 ------------------ | Branch (105:22): [True: 6, False: 2] ------------------ 106| 6| ctr32_add(drbg, 1); 107| 6| drbg->block(drbg->counter, temp + i, &drbg->ks); 108| 6| } 109| | 110| 66| for (size_t i = 0; i < data_len; i++) { ------------------ | Branch (110:22): [True: 64, False: 2] ------------------ 111| 64| temp[i] ^= data[i]; 112| 64| } 113| | 114| 2| drbg->ctr = aes_ctr_set_key(&drbg->ks, NULL, &drbg->block, temp, 32); 115| 2| OPENSSL_memcpy(drbg->counter, temp + 32, 16); 116| | 117| 2| return 1; 118| 2|} bcm.cc:_ZL9ctr32_addP17ctr_drbg_state_stj: 90| 7|static void ctr32_add(CTR_DRBG_STATE *drbg, uint32_t n) { 91| 7| uint32_t ctr = CRYPTO_load_u32_be(drbg->counter + 12); 92| 7| CRYPTO_store_u32_be(drbg->counter + 12, ctr + n); 93| 7|} have_fast_rdrand: 58| 1|inline int have_fast_rdrand(void) { 59| 1| return CRYPTO_is_RDRAND_capable() && CRYPTO_is_intel_cpu(); ------------------ | Branch (59:10): [True: 1, False: 0] | Branch (59:40): [True: 0, False: 1] ------------------ 60| 1|} BCM_rand_bytes_with_additional_data: 333| 1| uint8_t *out, size_t out_len, const uint8_t user_additional_data[32]) { 334| 1| if (out_len == 0) { ------------------ | Branch (334:7): [True: 0, False: 1] ------------------ 335| 0| return bcm_infallible::approved; 336| 0| } 337| | 338| 1| const uint64_t fork_generation = CRYPTO_get_fork_generation(); 339| 1| const int fork_unsafe_buffering = rand_fork_unsafe_buffering_enabled(); 340| | 341| | // Additional data is mixed into every CTR-DRBG call to protect, as best we 342| | // can, against forks & VM clones. We do not over-read this information and 343| | // don't reseed with it so, from the point of view of FIPS, this doesn't 344| | // provide “prediction resistance”. But, in practice, it does. 345| 1| uint8_t additional_data[32]; 346| | // Intel chips have fast RDRAND instructions while, in other cases, RDRAND can 347| | // be _slower_ than a system call. 348| 1| if (!have_fast_rdrand() || ------------------ | Branch (348:7): [True: 1, False: 0] ------------------ 349| 1| !rdrand(additional_data, sizeof(additional_data))) { ------------------ | Branch (349:7): [True: 0, False: 0] ------------------ 350| | // Without a hardware RNG to save us from address-space duplication, the OS 351| | // entropy is used. This can be expensive (one read per |RAND_bytes| call) 352| | // and so is disabled when we have fork detection, or if the application has 353| | // promised not to fork. 354| 1| if (fork_generation != 0 || fork_unsafe_buffering) { ------------------ | Branch (354:9): [True: 1, False: 0] | Branch (354:33): [True: 0, False: 0] ------------------ 355| 1| OPENSSL_memset(additional_data, 0, sizeof(additional_data)); 356| 1| } else if (!have_rdrand()) { ------------------ | Branch (356:16): [True: 0, False: 0] ------------------ 357| | // No alternative so block for OS entropy. 358| 0| CRYPTO_sysrand(additional_data, sizeof(additional_data)); 359| 0| } else if (!CRYPTO_sysrand_if_available(additional_data, ------------------ | Branch (359:16): [True: 0, False: 0] ------------------ 360| 0| sizeof(additional_data)) && 361| 0| !rdrand(additional_data, sizeof(additional_data))) { ------------------ | Branch (361:16): [True: 0, False: 0] ------------------ 362| | // RDRAND failed: block for OS entropy. 363| 0| CRYPTO_sysrand(additional_data, sizeof(additional_data)); 364| 0| } 365| 1| } 366| | 367| 33| for (size_t i = 0; i < sizeof(additional_data); i++) { ------------------ | Branch (367:22): [True: 32, False: 1] ------------------ 368| 32| additional_data[i] ^= user_additional_data[i]; 369| 32| } 370| | 371| 1| struct rand_thread_state stack_state; 372| 1| struct rand_thread_state *state = reinterpret_cast( 373| 1| CRYPTO_get_thread_local(OPENSSL_THREAD_LOCAL_RAND)); 374| | 375| 1| if (state == NULL) { ------------------ | Branch (375:7): [True: 1, False: 0] ------------------ 376| 1| state = reinterpret_cast( 377| 1| OPENSSL_zalloc(sizeof(struct rand_thread_state))); 378| 1| if (state == NULL || ------------------ | Branch (378:9): [True: 0, False: 1] ------------------ 379| 1| !CRYPTO_set_thread_local(OPENSSL_THREAD_LOCAL_RAND, state, ------------------ | Branch (379:9): [True: 0, False: 1] ------------------ 380| 1| rand_thread_state_free)) { 381| | // If the system is out of memory, use an ephemeral state on the 382| | // stack. 383| 0| state = &stack_state; 384| 0| } 385| | 386| 1| state->last_block_valid = 0; 387| 1| uint8_t seed[CTR_DRBG_ENTROPY_LEN]; 388| 1| uint8_t personalization[CTR_DRBG_ENTROPY_LEN] = {0}; 389| 1| size_t personalization_len = 0; 390| 1| rand_get_seed(state, seed, personalization, &personalization_len); 391| | 392| 1| if (!CTR_DRBG_init(&state->drbg, seed, personalization, ------------------ | Branch (392:9): [True: 0, False: 1] ------------------ 393| 1| personalization_len)) { 394| 0| abort(); 395| 0| } 396| 1| state->calls = 0; 397| 1| state->fork_generation = fork_generation; 398| 1| state->fork_unsafe_buffering = fork_unsafe_buffering; 399| | 400| |#if defined(BORINGSSL_FIPS) 401| | CRYPTO_MUTEX_init(&state->clear_drbg_lock); 402| | if (state != &stack_state) { 403| | CRYPTO_MUTEX_lock_write(thread_states_list_lock_bss_get()); 404| | struct rand_thread_state **states_list = thread_states_list_bss_get(); 405| | state->next = *states_list; 406| | if (state->next != NULL) { 407| | state->next->prev = state; 408| | } 409| | state->prev = NULL; 410| | *states_list = state; 411| | CRYPTO_MUTEX_unlock_write(thread_states_list_lock_bss_get()); 412| | } 413| |#endif 414| 1| } 415| | 416| 1| if (state->calls >= kReseedInterval || ------------------ | Branch (416:7): [True: 0, False: 1] ------------------ 417| | // If we've forked since |state| was last seeded, reseed. 418| 1| state->fork_generation != fork_generation || ------------------ | Branch (418:7): [True: 0, False: 1] ------------------ 419| | // If |state| was seeded from a state with different fork-safety 420| | // preferences, reseed. Suppose |state| was fork-safe, then forked into 421| | // two children, but each of the children never fork and disable fork 422| | // safety. The children must reseed to avoid working from the same PRNG 423| | // state. 424| 1| state->fork_unsafe_buffering != fork_unsafe_buffering) { ------------------ | Branch (424:7): [True: 0, False: 1] ------------------ 425| 0| uint8_t seed[CTR_DRBG_ENTROPY_LEN]; 426| 0| uint8_t reseed_additional_data[CTR_DRBG_ENTROPY_LEN] = {0}; 427| 0| size_t reseed_additional_data_len = 0; 428| 0| rand_get_seed(state, seed, reseed_additional_data, 429| 0| &reseed_additional_data_len); 430| |#if defined(BORINGSSL_FIPS) 431| | // Take a read lock around accesses to |state->drbg|. This is needed to 432| | // avoid returning bad entropy if we race with 433| | // |rand_thread_state_clear_all|. 434| | CRYPTO_MUTEX_lock_read(&state->clear_drbg_lock); 435| |#endif 436| 0| if (!CTR_DRBG_reseed(&state->drbg, seed, reseed_additional_data, ------------------ | Branch (436:9): [True: 0, False: 0] ------------------ 437| 0| reseed_additional_data_len)) { 438| 0| abort(); 439| 0| } 440| 0| state->calls = 0; 441| 0| state->fork_generation = fork_generation; 442| 0| state->fork_unsafe_buffering = fork_unsafe_buffering; 443| 1| } else { 444| |#if defined(BORINGSSL_FIPS) 445| | CRYPTO_MUTEX_lock_read(&state->clear_drbg_lock); 446| |#endif 447| 1| } 448| | 449| 1| int first_call = 1; 450| 2| while (out_len > 0) { ------------------ | Branch (450:10): [True: 1, False: 1] ------------------ 451| 1| size_t todo = out_len; 452| 1| if (todo > CTR_DRBG_MAX_GENERATE_LENGTH) { ------------------ | | 40| 1|#define CTR_DRBG_MAX_GENERATE_LENGTH 65536 ------------------ | Branch (452:9): [True: 0, False: 1] ------------------ 453| 0| todo = CTR_DRBG_MAX_GENERATE_LENGTH; ------------------ | | 40| 0|#define CTR_DRBG_MAX_GENERATE_LENGTH 65536 ------------------ 454| 0| } 455| | 456| 1| if (!CTR_DRBG_generate(&state->drbg, out, todo, additional_data, ------------------ | Branch (456:9): [True: 0, False: 1] ------------------ 457| 1| first_call ? sizeof(additional_data) : 0)) { ------------------ | Branch (457:28): [True: 1, False: 0] ------------------ 458| 0| abort(); 459| 0| } 460| | 461| 1| out += todo; 462| 1| out_len -= todo; 463| | // Though we only check before entering the loop, this cannot add enough to 464| | // overflow a |size_t|. 465| 1| state->calls++; 466| 1| first_call = 0; 467| 1| } 468| | 469| 1| if (state == &stack_state) { ------------------ | Branch (469:7): [True: 0, False: 1] ------------------ 470| 0| CTR_DRBG_clear(&state->drbg); 471| 0| } 472| | 473| |#if defined(BORINGSSL_FIPS) 474| | CRYPTO_MUTEX_unlock_read(&state->clear_drbg_lock); 475| |#endif 476| 1| return bcm_infallible::approved; 477| 1|} BCM_rand_bytes: 479| 1|bcm_infallible BCM_rand_bytes(uint8_t *out, size_t out_len) { 480| 1| static const uint8_t kZeroAdditionalData[32] = {0}; 481| 1| BCM_rand_bytes_with_additional_data(out, out_len, kZeroAdditionalData); 482| 1| return bcm_infallible::approved; 483| 1|} bcm.cc:_ZL13rand_get_seedPN12_GLOBAL__N_117rand_thread_stateEPhS2_Pm: 323| 1| size_t *out_additional_input_len) { 324| | // If not in FIPS mode, we don't overread from the system entropy source and 325| | // we don't depend only on the hardware RDRAND. 326| 1| CRYPTO_sysrand_for_seed(seed, CTR_DRBG_ENTROPY_LEN); ------------------ | | 36| 1|#define CTR_DRBG_ENTROPY_LEN 48 ------------------ 327| 1| *out_additional_input_len = 0; 328| 1|} _Z35FIPS_service_indicator_update_statev: 75| 1|inline void FIPS_service_indicator_update_state(void) {} EVP_HPKE_CTX_zero: 842| 1|void EVP_HPKE_CTX_zero(EVP_HPKE_CTX *ctx) { 843| 1| OPENSSL_memset(ctx, 0, sizeof(EVP_HPKE_CTX)); 844| 1| EVP_AEAD_CTX_zero(&ctx->aead_ctx); 845| 1|} EVP_HPKE_CTX_cleanup: 847| 1|void EVP_HPKE_CTX_cleanup(EVP_HPKE_CTX *ctx) { 848| 1| EVP_AEAD_CTX_cleanup(&ctx->aead_ctx); 849| 1|} CRYPTO_atomic_load_u32: 532| 11|inline uint32_t CRYPTO_atomic_load_u32(const CRYPTO_atomic_u32 *val) { 533| 11| return val->load(std::memory_order_seq_cst); 534| 11|} CRYPTO_atomic_compare_exchange_weak_u32: 538| 9| uint32_t desired) { 539| 9| return val->compare_exchange_weak( 540| 9| *expected, desired, std::memory_order_seq_cst, std::memory_order_seq_cst); 541| 9|} CRYPTO_atomic_store_u32: 543| 1|inline void CRYPTO_atomic_store_u32(CRYPTO_atomic_u32 *val, uint32_t desired) { 544| 1| val->store(desired, std::memory_order_seq_cst); 545| 1|} CRYPTO_is_intel_cpu: 1120| 1|inline int CRYPTO_is_intel_cpu(void) { 1121| | // The reserved bit 30 is used to indicate an Intel CPU. 1122| 1| return (OPENSSL_get_ia32cap(0) & (1u << 30)) != 0; 1123| 1|} CRYPTO_is_PCLMUL_capable: 1127| 1|inline int CRYPTO_is_PCLMUL_capable(void) { 1128| |#if defined(__PCLMUL__) 1129| | return 1; 1130| |#else 1131| 1| return (OPENSSL_get_ia32cap(1) & (1u << 1)) != 0; 1132| 1|#endif 1133| 1|} CRYPTO_is_SSSE3_capable: 1135| 1|inline int CRYPTO_is_SSSE3_capable(void) { 1136| |#if defined(__SSSE3__) 1137| | return 1; 1138| |#else 1139| 1| return (OPENSSL_get_ia32cap(1) & (1u << 9)) != 0; 1140| 1|#endif 1141| 1|} CRYPTO_is_AESNI_capable: 1159| 7|inline int CRYPTO_is_AESNI_capable(void) { 1160| |#if defined(__AES__) 1161| | return 1; 1162| |#else 1163| 7| return (OPENSSL_get_ia32cap(1) & (1u << 25)) != 0; 1164| 7|#endif 1165| 7|} CRYPTO_is_AVX_capable: 1170| 3|inline int CRYPTO_is_AVX_capable(void) { 1171| |#if defined(__AVX__) 1172| | return 1; 1173| |#else 1174| 3| return (OPENSSL_get_ia32cap(1) & (1u << 28)) != 0; 1175| 3|#endif 1176| 3|} CRYPTO_is_RDRAND_capable: 1178| 1|inline int CRYPTO_is_RDRAND_capable(void) { 1179| | // We intentionally do not check |__RDRND__| here. On some AMD processors, we 1180| | // will act as if the hardware is RDRAND-incapable, even it actually supports 1181| | // it. See cpu_intel.c. 1182| 1| return (OPENSSL_get_ia32cap(1) & (1u << 30)) != 0; 1183| 1|} CRYPTO_cpu_perf_is_like_silvermont: 1238| 1|inline int CRYPTO_cpu_perf_is_like_silvermont(void) { 1239| | // WARNING: This MUST NOT be used to guard the execution of the XSAVE 1240| | // instruction. This is the "hardware supports XSAVE" bit, not the OSXSAVE bit 1241| | // that indicates whether we can safely execute XSAVE. This bit may be set 1242| | // even when XSAVE is disabled (by the operating system). See how the users of 1243| | // this bit use it. 1244| | // 1245| | // Historically, the XSAVE bit was artificially cleared on Knights Landing 1246| | // and Knights Mill chips, but as Intel has removed all support from GCC, 1247| | // LLVM, and SDE, we assume they are no longer worth special-casing. 1248| 1| int hardware_supports_xsave = (OPENSSL_get_ia32cap(1) & (1u << 26)) != 0; 1249| 1| return !hardware_supports_xsave && CRYPTO_is_MOVBE_capable(); ------------------ | Branch (1249:10): [True: 0, False: 1] | Branch (1249:38): [True: 0, False: 0] ------------------ 1250| 1|} _ZN4bssl8internal13MutexLockBaseIXadL_Z23CRYPTO_MUTEX_lock_writeEEXadL_Z25CRYPTO_MUTEX_unlock_writeEEEC2EP16pthread_rwlock_t: 650| 1| explicit MutexLockBase(CRYPTO_MUTEX *mu) : mu_(mu) { 651| 1| assert(mu_ != nullptr); 652| 1| LockFunc(mu_); 653| 1| } _ZN4bssl8internal13MutexLockBaseIXadL_Z23CRYPTO_MUTEX_lock_writeEEXadL_Z25CRYPTO_MUTEX_unlock_writeEEED2Ev: 654| 1| ~MutexLockBase() { ReleaseFunc(mu_); } extensions.cc:_ZL14OPENSSL_memsetPvim: 874| 1.39k|static inline void *OPENSSL_memset(void *dst, int c, size_t n) { 875| 1.39k| if (n == 0) { ------------------ | Branch (875:7): [True: 0, False: 1.39k] ------------------ 876| 0| return dst; 877| 0| } 878| | 879| 1.39k| return memset(dst, c, n); 880| 1.39k|} bcm.cc:_ZL18CRYPTO_load_u32_bePKv: 910| 7|static inline uint32_t CRYPTO_load_u32_be(const void *in) { 911| 7| uint32_t v; 912| 7| OPENSSL_memcpy(&v, in, sizeof(v)); 913| 7| return CRYPTO_bswap4(v); 914| 7|} bcm.cc:_ZL13CRYPTO_bswap4j: 775| 14|static inline uint32_t CRYPTO_bswap4(uint32_t x) { 776| 14| return __builtin_bswap32(x); 777| 14|} bcm.cc:_ZL19CRYPTO_store_u32_bePvj: 916| 7|static inline void CRYPTO_store_u32_be(void *out, uint32_t v) { 917| 7| v = CRYPTO_bswap4(v); 918| 7| OPENSSL_memcpy(out, &v, sizeof(v)); 919| 7|} bcm.cc:_ZL14OPENSSL_memcpyPvPKvm: 858| 19|static inline void *OPENSSL_memcpy(void *dst, const void *src, size_t n) { 859| 19| if (n == 0) { ------------------ | Branch (859:7): [True: 0, False: 19] ------------------ 860| 0| return dst; 861| 0| } 862| | 863| 19| return memcpy(dst, src, n); 864| 19|} bcm.cc:_ZL14OPENSSL_memsetPvim: 874| 4|static inline void *OPENSSL_memset(void *dst, int c, size_t n) { 875| 4| if (n == 0) { ------------------ | Branch (875:7): [True: 0, False: 4] ------------------ 876| 0| return dst; 877| 0| } 878| | 879| 4| return memset(dst, c, n); 880| 4|} cbb.cc:_ZL14OPENSSL_memsetPvim: 874| 3.96k|static inline void *OPENSSL_memset(void *dst, int c, size_t n) { 875| 3.96k| if (n == 0) { ------------------ | Branch (875:7): [True: 0, False: 3.96k] ------------------ 876| 0| return dst; 877| 0| } 878| | 879| 3.96k| return memset(dst, c, n); 880| 3.96k|} cbb.cc:_ZL14OPENSSL_memcpyPvPKvm: 858| 1.75k|static inline void *OPENSSL_memcpy(void *dst, const void *src, size_t n) { 859| 1.75k| if (n == 0) { ------------------ | Branch (859:7): [True: 404, False: 1.35k] ------------------ 860| 404| return dst; 861| 404| } 862| | 863| 1.35k| return memcpy(dst, src, n); 864| 1.75k|} chacha.cc:_ZL14OPENSSL_memcpyPvPKvm: 858| 3|static inline void *OPENSSL_memcpy(void *dst, const void *src, size_t n) { 859| 3| if (n == 0) { ------------------ | Branch (859:7): [True: 0, False: 3] ------------------ 860| 0| return dst; 861| 0| } 862| | 863| 3| return memcpy(dst, src, n); 864| 3|} chacha.cc:_ZL13buffers_aliasPKvmS0_m: 168| 1| size_t b_bytes) { 169| | // Cast |a| and |b| to integers. In C, pointer comparisons between unrelated 170| | // objects are undefined whereas pointer to integer conversions are merely 171| | // implementation-defined. We assume the implementation defined it in a sane 172| | // way. 173| 1| uintptr_t a_u = (uintptr_t)a; 174| 1| uintptr_t b_u = (uintptr_t)b; 175| 1| return a_u + a_bytes > b_u && b_u + b_bytes > a_u; ------------------ | Branch (175:10): [True: 1, False: 0] | Branch (175:33): [True: 1, False: 0] ------------------ 176| 1|} chacha.cc:_ZL18CRYPTO_load_u32_lePKv: 900| 3|static inline uint32_t CRYPTO_load_u32_le(const void *in) { 901| 3| uint32_t v; 902| 3| OPENSSL_memcpy(&v, in, sizeof(v)); 903| 3| return v; 904| 3|} err.cc:_ZL14OPENSSL_memsetPvim: 874| 716|static inline void *OPENSSL_memset(void *dst, int c, size_t n) { 875| 716| if (n == 0) { ------------------ | Branch (875:7): [True: 0, False: 716] ------------------ 876| 0| return dst; 877| 0| } 878| | 879| 716| return memset(dst, c, n); 880| 716|} hpke.cc:_ZL14OPENSSL_memsetPvim: 874| 1|static inline void *OPENSSL_memset(void *dst, int c, size_t n) { 875| 1| if (n == 0) { ------------------ | Branch (875:7): [True: 0, False: 1] ------------------ 876| 0| return dst; 877| 0| } 878| | 879| 1| return memset(dst, c, n); 880| 1|} mem.cc:_ZL14OPENSSL_memsetPvim: 874| 1.73k|static inline void *OPENSSL_memset(void *dst, int c, size_t n) { 875| 1.73k| if (n == 0) { ------------------ | Branch (875:7): [True: 0, False: 1.73k] ------------------ 876| 0| return dst; 877| 0| } 878| | 879| 1.73k| return memset(dst, c, n); 880| 1.73k|} deterministic.cc:_ZL14OPENSSL_memsetPvim: 874| 2|static inline void *OPENSSL_memset(void *dst, int c, size_t n) { 875| 2| if (n == 0) { ------------------ | Branch (875:7): [True: 0, False: 2] ------------------ 876| 0| return dst; 877| 0| } 878| | 879| 2| return memset(dst, c, n); 880| 2|} deterministic.cc:_ZL14OPENSSL_memcpyPvPKvm: 858| 1|static inline void *OPENSSL_memcpy(void *dst, const void *src, size_t n) { 859| 1| if (n == 0) { ------------------ | Branch (859:7): [True: 0, False: 1] ------------------ 860| 0| return dst; 861| 0| } 862| | 863| 1| return memcpy(dst, src, n); 864| 1|} thread_pthread.cc:_ZL14OPENSSL_memsetPvim: 874| 1|static inline void *OPENSSL_memset(void *dst, int c, size_t n) { 875| 1| if (n == 0) { ------------------ | Branch (875:7): [True: 0, False: 1] ------------------ 876| 0| return dst; 877| 0| } 878| | 879| 1| return memset(dst, c, n); 880| 1|} _Z18lh_SSL_SESSION_newPFjPK14ssl_session_stEPFiS1_S1_E: 150| 1| lhash_##type##_cmp_func comp) { \ 151| 1| return (LHASH_OF(type) *)OPENSSL_lh_new((lhash_hash_func)hash, \ 152| 1| (lhash_cmp_func)comp); \ 153| 1| } \ _Z19lh_SSL_SESSION_freeP20lhash_st_SSL_SESSION: 155| 1| inline void lh_##type##_free(LHASH_OF(type) *lh) { \ 156| 1| OPENSSL_lh_free((_LHASH *)lh); \ 157| 1| } \ _Z24lh_SSL_SESSION_doall_argP20lhash_st_SSL_SESSIONPFvP14ssl_session_stPvES3_: 215| 1| void (*func)(type *, void *), void *arg) { \ 216| 1| LHASH_DOALL_##type cb = {func, arg}; \ 217| 1| OPENSSL_lh_doall_arg((_LHASH *)lh, lh_##type##_call_doall_arg, &cb); \ 218| 1| } \ OPENSSL_lh_new: 62| 1|_LHASH *OPENSSL_lh_new(lhash_hash_func hash, lhash_cmp_func comp) { 63| 1| _LHASH *ret = reinterpret_cast<_LHASH *>(OPENSSL_zalloc(sizeof(_LHASH))); 64| 1| if (ret == NULL) { ------------------ | Branch (64:7): [True: 0, False: 1] ------------------ 65| 0| return NULL; 66| 0| } 67| | 68| 1| ret->num_buckets = kMinNumBuckets; 69| 1| ret->buckets = reinterpret_cast( 70| 1| OPENSSL_calloc(ret->num_buckets, sizeof(LHASH_ITEM *))); 71| 1| if (ret->buckets == NULL) { ------------------ | Branch (71:7): [True: 0, False: 1] ------------------ 72| 0| OPENSSL_free(ret); 73| 0| return NULL; 74| 0| } 75| | 76| 1| ret->comp = comp; 77| 1| ret->hash = hash; 78| 1| return ret; 79| 1|} OPENSSL_lh_free: 81| 1|void OPENSSL_lh_free(_LHASH *lh) { 82| 1| if (lh == NULL) { ------------------ | Branch (82:7): [True: 0, False: 1] ------------------ 83| 0| return; 84| 0| } 85| | 86| 17| for (size_t i = 0; i < lh->num_buckets; i++) { ------------------ | Branch (86:22): [True: 16, False: 1] ------------------ 87| 16| LHASH_ITEM *next; 88| 16| for (LHASH_ITEM *n = lh->buckets[i]; n != NULL; n = next) { ------------------ | Branch (88:42): [True: 0, False: 16] ------------------ 89| 0| next = n->next; 90| 0| OPENSSL_free(n); 91| 0| } 92| 16| } 93| | 94| 1| OPENSSL_free(lh->buckets); 95| 1| OPENSSL_free(lh); 96| 1|} OPENSSL_lh_doall_arg: 281| 1|void OPENSSL_lh_doall_arg(_LHASH *lh, void (*func)(void *, void *), void *arg) { 282| 1| if (lh == NULL) { ------------------ | Branch (282:7): [True: 0, False: 1] ------------------ 283| 0| return; 284| 0| } 285| | 286| 1| if (lh->callback_depth < UINT_MAX) { ------------------ | Branch (286:7): [True: 1, False: 0] ------------------ 287| | // |callback_depth| is a saturating counter. 288| 1| lh->callback_depth++; 289| 1| } 290| | 291| 17| for (size_t i = 0; i < lh->num_buckets; i++) { ------------------ | Branch (291:22): [True: 16, False: 1] ------------------ 292| 16| LHASH_ITEM *next; 293| 16| for (LHASH_ITEM *cur = lh->buckets[i]; cur != NULL; cur = next) { ------------------ | Branch (293:44): [True: 0, False: 16] ------------------ 294| 0| next = cur->next; 295| 0| func(cur->data, arg); 296| 0| } 297| 16| } 298| | 299| 1| if (lh->callback_depth < UINT_MAX) { ------------------ | Branch (299:7): [True: 1, False: 0] ------------------ 300| 1| lh->callback_depth--; 301| 1| } 302| | 303| | // The callback may have added or removed elements and the non-zero value of 304| | // |callback_depth| will have suppressed any resizing. Thus any needed 305| | // resizing is done here. 306| 1| lh_maybe_resize(lh); 307| 1|} lhash.cc:_ZL15lh_maybe_resizeP8lhash_st: 193| 1|static void lh_maybe_resize(_LHASH *lh) { 194| 1| size_t avg_chain_length; 195| | 196| 1| if (lh->callback_depth > 0) { ------------------ | Branch (196:7): [True: 0, False: 1] ------------------ 197| | // Don't resize the hash if we are currently iterating over it. 198| 0| return; 199| 0| } 200| | 201| 1| assert(lh->num_buckets >= kMinNumBuckets); 202| 1| avg_chain_length = lh->num_items / lh->num_buckets; 203| | 204| 1| if (avg_chain_length > kMaxAverageChainLength) { ------------------ | Branch (204:7): [True: 0, False: 1] ------------------ 205| 0| const size_t new_num_buckets = lh->num_buckets * 2; 206| | 207| 0| if (new_num_buckets > lh->num_buckets) { ------------------ | Branch (207:9): [True: 0, False: 0] ------------------ 208| 0| lh_rebucket(lh, new_num_buckets); 209| 0| } 210| 1| } else if (avg_chain_length < kMinAverageChainLength && ------------------ | Branch (210:14): [True: 1, False: 0] ------------------ 211| 1| lh->num_buckets > kMinNumBuckets) { ------------------ | Branch (211:14): [True: 0, False: 1] ------------------ 212| 0| size_t new_num_buckets = lh->num_buckets / 2; 213| | 214| 0| if (new_num_buckets < kMinNumBuckets) { ------------------ | Branch (214:9): [True: 0, False: 0] ------------------ 215| 0| new_num_buckets = kMinNumBuckets; 216| 0| } 217| | 218| 0| lh_rebucket(lh, new_num_buckets); 219| 0| } 220| 1|} OPENSSL_malloc: 185| 1.71k|void *OPENSSL_malloc(size_t size) { 186| 1.71k| void *ptr = nullptr; 187| 1.71k| if (should_fail_allocation()) { ------------------ | Branch (187:7): [True: 0, False: 1.71k] ------------------ 188| 0| goto err; 189| 0| } 190| | 191| 1.71k| if (OPENSSL_memory_alloc != NULL) { ------------------ | Branch (191:7): [True: 0, False: 1.71k] ------------------ 192| 0| assert(OPENSSL_memory_free != NULL); 193| 0| assert(OPENSSL_memory_get_size != NULL); 194| 0| void *ptr2 = OPENSSL_memory_alloc(size); 195| 0| if (ptr2 == NULL && size != 0) { ------------------ | Branch (195:9): [True: 0, False: 0] | Branch (195:25): [True: 0, False: 0] ------------------ 196| 0| goto err; 197| 0| } 198| 0| return ptr2; 199| 0| } 200| | 201| 1.71k| if (size + OPENSSL_MALLOC_PREFIX < size) { ------------------ | | 39| 1.71k|#define OPENSSL_MALLOC_PREFIX 8 ------------------ | Branch (201:7): [True: 0, False: 1.71k] ------------------ 202| 0| goto err; 203| 0| } 204| | 205| 1.71k| ptr = malloc(size + OPENSSL_MALLOC_PREFIX); ------------------ | | 39| 1.71k|#define OPENSSL_MALLOC_PREFIX 8 ------------------ 206| 1.71k| if (ptr == NULL) { ------------------ | Branch (206:7): [True: 0, False: 1.71k] ------------------ 207| 0| goto err; 208| 0| } 209| | 210| 1.71k| *(size_t *)ptr = size; 211| | 212| 1.71k| __asan_poison_memory_region(ptr, OPENSSL_MALLOC_PREFIX); ------------------ | | 39| 1.71k|#define OPENSSL_MALLOC_PREFIX 8 ------------------ 213| 1.71k| return ((uint8_t *)ptr) + OPENSSL_MALLOC_PREFIX; ------------------ | | 39| 1.71k|#define OPENSSL_MALLOC_PREFIX 8 ------------------ 214| | 215| 0|err: 216| | // This only works because ERR does not call OPENSSL_malloc. 217| 0| OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 218| 0| return NULL; 219| 1.71k|} OPENSSL_zalloc: 221| 18|void *OPENSSL_zalloc(size_t size) { 222| 18| void *ret = OPENSSL_malloc(size); 223| 18| if (ret != NULL) { ------------------ | Branch (223:7): [True: 18, False: 0] ------------------ 224| 18| OPENSSL_memset(ret, 0, size); 225| 18| } 226| 18| return ret; 227| 18|} OPENSSL_calloc: 229| 6|void *OPENSSL_calloc(size_t num, size_t size) { 230| 6| if (size != 0 && num > SIZE_MAX / size) { ------------------ | Branch (230:7): [True: 6, False: 0] | Branch (230:20): [True: 0, False: 6] ------------------ 231| 0| OPENSSL_PUT_ERROR(CRYPTO, ERR_R_OVERFLOW); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 232| 0| return NULL; 233| 0| } 234| | 235| 6| return OPENSSL_zalloc(num * size); 236| 6|} OPENSSL_free: 238| 4.07k|void OPENSSL_free(void *orig_ptr) { 239| 4.07k| if (orig_ptr == NULL) { ------------------ | Branch (239:7): [True: 2.35k, False: 1.71k] ------------------ 240| 2.35k| return; 241| 2.35k| } 242| | 243| 1.71k| if (OPENSSL_memory_free != NULL) { ------------------ | Branch (243:7): [True: 0, False: 1.71k] ------------------ 244| 0| OPENSSL_memory_free(orig_ptr); 245| 0| return; 246| 0| } 247| | 248| 1.71k| void *ptr = ((uint8_t *)orig_ptr) - OPENSSL_MALLOC_PREFIX; ------------------ | | 39| 1.71k|#define OPENSSL_MALLOC_PREFIX 8 ------------------ 249| 1.71k| __asan_unpoison_memory_region(ptr, OPENSSL_MALLOC_PREFIX); ------------------ | | 39| 1.71k|#define OPENSSL_MALLOC_PREFIX 8 ------------------ 250| | 251| 1.71k| size_t size = *(size_t *)ptr; 252| 1.71k| OPENSSL_cleanse(ptr, size + OPENSSL_MALLOC_PREFIX); ------------------ | | 39| 1.71k|#define OPENSSL_MALLOC_PREFIX 8 ------------------ 253| | 254| |// ASan knows to intercept malloc and free, but not sdallocx. 255| |#if defined(OPENSSL_ASAN) 256| | (void)sdallocx; 257| | free(ptr); 258| |#else 259| 1.71k| if (sdallocx) { ------------------ | Branch (259:7): [Folded - Ignored] ------------------ 260| 0| sdallocx(ptr, size + OPENSSL_MALLOC_PREFIX, 0 /* flags */); ------------------ | | 39| 0|#define OPENSSL_MALLOC_PREFIX 8 ------------------ 261| 1.71k| } else { 262| 1.71k| free(ptr); 263| 1.71k| } 264| 1.71k|#endif 265| 1.71k|} OPENSSL_realloc: 267| 236|void *OPENSSL_realloc(void *orig_ptr, size_t new_size) { 268| 236| if (orig_ptr == NULL) { ------------------ | Branch (268:7): [True: 0, False: 236] ------------------ 269| 0| return OPENSSL_malloc(new_size); 270| 0| } 271| | 272| 236| size_t old_size; 273| 236| if (OPENSSL_memory_get_size != NULL) { ------------------ | Branch (273:7): [True: 0, False: 236] ------------------ 274| 0| old_size = OPENSSL_memory_get_size(orig_ptr); 275| 236| } else { 276| 236| void *ptr = ((uint8_t *)orig_ptr) - OPENSSL_MALLOC_PREFIX; ------------------ | | 39| 236|#define OPENSSL_MALLOC_PREFIX 8 ------------------ 277| 236| __asan_unpoison_memory_region(ptr, OPENSSL_MALLOC_PREFIX); ------------------ | | 39| 236|#define OPENSSL_MALLOC_PREFIX 8 ------------------ 278| 236| old_size = *(size_t *)ptr; 279| 236| __asan_poison_memory_region(ptr, OPENSSL_MALLOC_PREFIX); ------------------ | | 39| 236|#define OPENSSL_MALLOC_PREFIX 8 ------------------ 280| 236| } 281| | 282| 236| void *ret = OPENSSL_malloc(new_size); 283| 236| if (ret == NULL) { ------------------ | Branch (283:7): [True: 0, False: 236] ------------------ 284| 0| return NULL; 285| 0| } 286| | 287| 236| size_t to_copy = new_size; 288| 236| if (old_size < to_copy) { ------------------ | Branch (288:7): [True: 236, False: 0] ------------------ 289| 236| to_copy = old_size; 290| 236| } 291| | 292| 236| memcpy(ret, orig_ptr, to_copy); 293| 236| OPENSSL_free(orig_ptr); 294| | 295| 236| return ret; 296| 236|} OPENSSL_cleanse: 298| 1.71k|void OPENSSL_cleanse(void *ptr, size_t len) { 299| |#if defined(OPENSSL_WINDOWS) 300| | SecureZeroMemory(ptr, len); 301| |#else 302| 1.71k| OPENSSL_memset(ptr, 0, len); 303| | 304| 1.71k|#if !defined(OPENSSL_NO_ASM) 305| | /* As best as we can tell, this is sufficient to break any optimisations that 306| | might try to eliminate "superfluous" memsets. If there's an easy way to 307| | detect memset_s, it would be better to use that. */ 308| 1.71k| __asm__ __volatile__("" : : "r"(ptr) : "memory"); 309| 1.71k|#endif 310| 1.71k|#endif // !OPENSSL_NO_ASM 311| 1.71k|} OPENSSL_isalpha: 375| 4|int OPENSSL_isalpha(int c) { 376| 4| return (c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z'); ------------------ | Branch (376:11): [True: 0, False: 4] | Branch (376:23): [True: 0, False: 0] | Branch (376:37): [True: 3, False: 1] | Branch (376:49): [True: 3, False: 0] ------------------ 377| 4|} OPENSSL_isdigit: 379| 1|int OPENSSL_isdigit(int c) { return c >= '0' && c <= '9'; } ------------------ | Branch (379:37): [True: 0, False: 1] | Branch (379:49): [True: 0, False: 0] ------------------ OPENSSL_isalnum: 401| 4|int OPENSSL_isalnum(int c) { return OPENSSL_isalpha(c) || OPENSSL_isdigit(c); } ------------------ | Branch (401:37): [True: 3, False: 1] | Branch (401:59): [True: 0, False: 1] ------------------ mem.cc:_ZL22should_fail_allocationv: 182| 1.71k|static int should_fail_allocation(void) { return 0; } mem.cc:_ZL27__asan_poison_memory_regionPKvm: 48| 1.95k|static void __asan_poison_memory_region(const void *addr, size_t size) {} mem.cc:_ZL29__asan_unpoison_memory_regionPKvm: 49| 1.95k|static void __asan_unpoison_memory_region(const void *addr, size_t size) {} _ZNK4bssl5ArrayIhE4dataEv: 103| 414| const T *data() const { return data_; } _ZNK4bssl5ArrayIhE4sizeEv: 105| 414| size_t size() const { return size_; } _ZN4bssl5ArrayIhEC2Ev: 90| 1.20k| Array() {} _ZN4bssl5ArrayIhED2Ev: 94| 1.20k| ~Array() { Reset(); } _ZN4bssl5ArrayIhE5ResetEv: 139| 1.96k| void Reset() { Reset(nullptr, 0); } _ZN4bssl5ArrayIhE5ResetEPhm: 143| 2.00k| void Reset(T *new_data, size_t new_size) { 144| 2.00k| std::destroy_n(data_, size_); 145| 2.00k| OPENSSL_free(data_); 146| 2.00k| data_ = new_data; 147| 2.00k| size_ = new_size; 148| 2.00k| } _ZN4bssl5ArrayIhE8CopyFromENS_4SpanIKhEE: 184| 754| [[nodiscard]] bool CopyFrom(Span in) { 185| 754| if (!InitUninitialized(in.size())) { ------------------ | Branch (185:9): [True: 0, False: 754] ------------------ 186| 0| return false; 187| 0| } 188| 754| std::uninitialized_copy(in.begin(), in.end(), data_); 189| 754| return true; 190| 754| } _ZN4bssl5ArrayIhE17InitUninitializedEm: 206| 754| bool InitUninitialized(size_t new_size) { 207| 754| Reset(); 208| 754| if (new_size == 0) { ------------------ | Branch (208:9): [True: 330, False: 424] ------------------ 209| 330| return true; 210| 330| } 211| | 212| 424| if (new_size > SIZE_MAX / sizeof(T)) { ------------------ | Branch (212:9): [True: 0, False: 424] ------------------ 213| 0| OPENSSL_PUT_ERROR(CRYPTO, ERR_R_OVERFLOW); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 214| 0| return false; 215| 0| } 216| 424| data_ = reinterpret_cast(OPENSSL_malloc(new_size * sizeof(T))); 217| 424| if (data_ == nullptr) { ------------------ | Branch (217:9): [True: 0, False: 424] ------------------ 218| 0| return false; 219| 0| } 220| 424| size_ = new_size; 221| 424| return true; 222| 424| } _ZN4bssl5ArrayItEC2Ev: 90| 706| Array() {} _ZN4bssl5ArrayItE16InitForOverwriteEm: 174| 696| [[nodiscard]] bool InitForOverwrite(size_t new_size) { 175| 696| if (!InitUninitialized(new_size)) { ------------------ | Branch (175:9): [True: 0, False: 696] ------------------ 176| 0| return false; 177| 0| } 178| 696| std::uninitialized_default_construct_n(data_, size_); 179| 696| return true; 180| 696| } _ZN4bssl5ArrayItE17InitUninitializedEm: 206| 699| bool InitUninitialized(size_t new_size) { 207| 699| Reset(); 208| 699| if (new_size == 0) { ------------------ | Branch (208:9): [True: 3, False: 696] ------------------ 209| 3| return true; 210| 3| } 211| | 212| 696| if (new_size > SIZE_MAX / sizeof(T)) { ------------------ | Branch (212:9): [True: 0, False: 696] ------------------ 213| 0| OPENSSL_PUT_ERROR(CRYPTO, ERR_R_OVERFLOW); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 214| 0| return false; 215| 0| } 216| 696| data_ = reinterpret_cast(OPENSSL_malloc(new_size * sizeof(T))); 217| 696| if (data_ == nullptr) { ------------------ | Branch (217:9): [True: 0, False: 696] ------------------ 218| 0| return false; 219| 0| } 220| 696| size_ = new_size; 221| 696| return true; 222| 696| } _ZN4bssl5ArrayItE5ResetEv: 139| 1.40k| void Reset() { Reset(nullptr, 0); } _ZN4bssl5ArrayItE5ResetEPtm: 143| 1.40k| void Reset(T *new_data, size_t new_size) { 144| 1.40k| std::destroy_n(data_, size_); 145| 1.40k| OPENSSL_free(data_); 146| 1.40k| data_ = new_data; 147| 1.40k| size_ = new_size; 148| 1.40k| } _ZNK4bssl5ArrayItE4sizeEv: 105| 125k| size_t size() const { return size_; } _ZN4bssl5ArrayItEixEm: 112| 127k| T &operator[](size_t i) { 113| 127k| BSSL_CHECK(i < size_); ------------------ | | 384| 127k| do { \ | | 385| 127k| if (!(condition)) { \ | | ------------------ | | | Branch (385:9): [True: 0, False: 127k] | | ------------------ | | 386| 0| abort(); \ | | 387| 0| } \ | | 388| 127k| } while (0); | | ------------------ | | | Branch (388:12): [Folded - Ignored] | | ------------------ ------------------ 114| 127k| return data_[i]; 115| 127k| } _ZN4bssl5ArrayItE5beginEv: 134| 696| T *begin() { return data_; } _ZN4bssl5ArrayItE3endEv: 136| 696| T *end() { return data_ + size_; } _ZN4bssl5ArrayItED2Ev: 94| 706| ~Array() { Reset(); } _ZNK4bssl5ArrayItE4dataEv: 103| 3| const T *data() const { return data_; } _ZN4bssl13InplaceVectorIhLm12EE4dataEv: 398| 4| T *data() { return reinterpret_cast(storage_); } _ZN4bssl6VectorINSt3__110unique_ptrI17ssl_credential_stNS_8internal7DeleterEEEE5beginEv: 277| 1| T *begin() { return data_; } _ZN4bssl6VectorINSt3__110unique_ptrI17ssl_credential_stNS_8internal7DeleterEEEE3endEv: 279| 1| T *end() { return data_ + size_; } _ZN4bssl13InplaceVectorIhLm32EE6ShrinkEm: 444| 4| void Shrink(size_t new_size) { 445| 4| BSSL_CHECK(new_size <= size_); ------------------ | | 384| 4| do { \ | | 385| 4| if (!(condition)) { \ | | ------------------ | | | Branch (385:9): [True: 0, False: 4] | | ------------------ | | 386| 0| abort(); \ | | 387| 0| } \ | | 388| 4| } while (0); | | ------------------ | | | Branch (388:12): [Folded - Ignored] | | ------------------ ------------------ 446| 4| std::destroy_n(data() + new_size, size_ - new_size); 447| 4| size_ = static_cast>(new_size); 448| 4| } _ZN4bssl13InplaceVectorIhLm32EE8capacityEv: 400| 1| static constexpr size_t capacity() { return N; } _ZN4bssl13InplaceVectorIhLm32EE4dataEv: 398| 5| T *data() { return reinterpret_cast(storage_); } _ZN4bssl13InplaceVectorIhLm48EE4dataEv: 398| 10| T *data() { return reinterpret_cast(storage_); } _ZN4bssl13InplaceVectorIhLm48EE6ShrinkEm: 444| 10| void Shrink(size_t new_size) { 445| 10| BSSL_CHECK(new_size <= size_); ------------------ | | 384| 10| do { \ | | 385| 10| if (!(condition)) { \ | | ------------------ | | | Branch (385:9): [True: 0, False: 10] | | ------------------ | | 386| 0| abort(); \ | | 387| 0| } \ | | 388| 10| } while (0); | | ------------------ | | | Branch (388:12): [Folded - Ignored] | | ------------------ ------------------ 446| 10| std::destroy_n(data() + new_size, size_ - new_size); 447| 10| size_ = static_cast>(new_size); 448| 10| } _ZN4bssl13InplaceVectorIhLm48EEC2Ev: 380| 10| InplaceVector() = default; _ZN4bssl13InplaceVectorIhLm32EEC2Ev: 380| 3| InplaceVector() = default; _ZN4bssl13InplaceVectorIhLm48EED2Ev: 383| 10| ~InplaceVector() { clear(); } _ZN4bssl13InplaceVectorIhLm48EE5clearEv: 434| 10| void clear() { Shrink(0); } _ZN4bssl13InplaceVectorIhLm32EED2Ev: 383| 3| ~InplaceVector() { clear(); } _ZN4bssl13InplaceVectorIhLm32EE5clearEv: 434| 4| void clear() { Shrink(0); } _ZN4bssl10MakeUniqueINS_13SSL_HANDSHAKEEJRP6ssl_stEEENSt3__110unique_ptrIT_NS_8internal7DeleterEEEDpOT0_: 78| 1|UniquePtr MakeUnique(Args &&...args) { 79| 1| return UniquePtr(New(std::forward(args)...)); 80| 1|} _ZN4bssl3NewINS_13SSL_HANDSHAKEEJRP6ssl_stEEEPT_DpOT0_: 47| 1|T *New(Args &&...args) { 48| 1| void *t = OPENSSL_malloc(sizeof(T)); 49| 1| if (t == nullptr) { ------------------ | Branch (49:7): [True: 0, False: 1] ------------------ 50| 0| return nullptr; 51| 0| } 52| 1| return new (t) T(std::forward(args)...); 53| 1|} _ZN4bssl8internal11DeleterImplINS_13SSL_HANDSHAKEEvE4FreeEPS2_: 71| 1| static void Free(T *t) { Delete(t); } _ZN4bssl6DeleteINS_13SSL_HANDSHAKEEEEvPT_: 59| 1|void Delete(T *t) { 60| 1| if (t != nullptr) { ------------------ | Branch (60:7): [True: 1, False: 0] ------------------ 61| 1| t->~T(); 62| 1| OPENSSL_free(t); 63| 1| } 64| 1|} _ZN4bssl13InplaceVectorIhLm12EE5clearEv: 434| 4| void clear() { Shrink(0); } _ZN4bssl13InplaceVectorIhLm12EE6ShrinkEm: 444| 4| void Shrink(size_t new_size) { 445| 4| BSSL_CHECK(new_size <= size_); ------------------ | | 384| 4| do { \ | | 385| 4| if (!(condition)) { \ | | ------------------ | | | Branch (385:9): [True: 0, False: 4] | | ------------------ | | 386| 0| abort(); \ | | 387| 0| } \ | | 388| 4| } while (0); | | ------------------ | | | Branch (388:12): [Folded - Ignored] | | ------------------ ------------------ 446| 4| std::destroy_n(data() + new_size, size_ - new_size); 447| 4| size_ = static_cast>(new_size); 448| 4| } _ZN4bssl13InplaceVectorIhLm32EEaSERKS1_: 384| 1| InplaceVector &operator=(const InplaceVector &other) { 385| 1| if (this != &other) { ------------------ | Branch (385:9): [True: 1, False: 0] ------------------ 386| 1| CopyFrom(other); 387| 1| } 388| 1| return *this; 389| 1| } _ZN4bssl13InplaceVectorIhLm32EE8CopyFromENS_4SpanIKhEE: 512| 1| void CopyFrom(Span in) { BSSL_CHECK(TryCopyFrom(in)); } ------------------ | | 384| 1| do { \ | | 385| 1| if (!(condition)) { \ | | ------------------ | | | Branch (385:9): [True: 0, False: 1] | | ------------------ | | 386| 0| abort(); \ | | 387| 0| } \ | | 388| 1| } while (0); | | ------------------ | | | Branch (388:12): [Folded - Ignored] | | ------------------ ------------------ _ZN4bssl13InplaceVectorIhLm32EE11TryCopyFromENS_4SpanIKhEE: 484| 1| [[nodiscard]] bool TryCopyFrom(Span in) { 485| 1| if (in.size() > capacity()) { ------------------ | Branch (485:9): [True: 0, False: 1] ------------------ 486| 0| return false; 487| 0| } 488| 1| clear(); 489| 1| std::uninitialized_copy(in.begin(), in.end(), data()); 490| 1| size_ = in.size(); 491| 1| return true; 492| 1| } _ZNK4bssl13InplaceVectorIhLm32EE4dataEv: 397| 1| const T *data() const { return reinterpret_cast(storage_); } _ZNK4bssl13InplaceVectorIhLm32EE4sizeEv: 399| 1| size_t size() const { return size_; } _ZN4bssl13InplaceVectorIhLm12EEC2Ev: 380| 4| InplaceVector() = default; _ZN4bssl13InplaceVectorIhLm12EED2Ev: 383| 4| ~InplaceVector() { clear(); } _ZN4bssl10MakeUniqueINS_14SSLAEADContextEJDnEEENSt3__110unique_ptrIT_NS_8internal7DeleterEEEDpOT0_: 78| 2|UniquePtr MakeUnique(Args &&...args) { 79| 2| return UniquePtr(New(std::forward(args)...)); 80| 2|} _ZN4bssl3NewINS_14SSLAEADContextEJDnEEEPT_DpOT0_: 47| 2|T *New(Args &&...args) { 48| 2| void *t = OPENSSL_malloc(sizeof(T)); 49| 2| if (t == nullptr) { ------------------ | Branch (49:7): [True: 0, False: 2] ------------------ 50| 0| return nullptr; 51| 0| } 52| 2| return new (t) T(std::forward(args)...); 53| 2|} _ZN4bssl8internal11DeleterImplINS_14SSLAEADContextEvE4FreeEPS2_: 71| 2| static void Free(T *t) { Delete(t); } _ZN4bssl6DeleteINS_14SSLAEADContextEEEvPT_: 59| 2|void Delete(T *t) { 60| 2| if (t != nullptr) { ------------------ | Branch (60:7): [True: 2, False: 0] ------------------ 61| 2| t->~T(); 62| 2| OPENSSL_free(t); 63| 2| } 64| 2|} _ZN4bssl6VectorINSt3__110unique_ptrI17ssl_credential_stNS_8internal7DeleterEEEEC2Ev: 232| 2| Vector() = default; _ZN4bssl10MakeUniqueI17ssl_credential_stJNS_17SSLCredentialTypeEEEENSt3__110unique_ptrIT_NS_8internal7DeleterEEEDpOT0_: 78| 2|UniquePtr MakeUnique(Args &&...args) { 79| 2| return UniquePtr(New(std::forward(args)...)); 80| 2|} _ZN4bssl3NewI17ssl_credential_stJNS_17SSLCredentialTypeEEEEPT_DpOT0_: 47| 2|T *New(Args &&...args) { 48| 2| void *t = OPENSSL_malloc(sizeof(T)); 49| 2| if (t == nullptr) { ------------------ | Branch (49:7): [True: 0, False: 2] ------------------ 50| 0| return nullptr; 51| 0| } 52| 2| return new (t) T(std::forward(args)...); 53| 2|} _ZN4bssl6VectorINSt3__110unique_ptrI17ssl_credential_stNS_8internal7DeleterEEEED2Ev: 235| 2| ~Vector() { clear(); } _ZN4bssl10MakeUniqueINS_4CERTEJRPKNS_15SSL_X509_METHODEEEENSt3__110unique_ptrIT_NS_8internal7DeleterEEEDpOT0_: 78| 1|UniquePtr MakeUnique(Args &&...args) { 79| 1| return UniquePtr(New(std::forward(args)...)); 80| 1|} _ZN4bssl3NewINS_4CERTEJRPKNS_15SSL_X509_METHODEEEEPT_DpOT0_: 47| 1|T *New(Args &&...args) { 48| 1| void *t = OPENSSL_malloc(sizeof(T)); 49| 1| if (t == nullptr) { ------------------ | Branch (49:7): [True: 0, False: 1] ------------------ 50| 0| return nullptr; 51| 0| } 52| 1| return new (t) T(std::forward(args)...); 53| 1|} _ZN4bssl8internal11DeleterImplINS_4CERTEvE4FreeEPS2_: 71| 2| static void Free(T *t) { Delete(t); } _ZN4bssl6DeleteINS_4CERTEEEvPT_: 59| 2|void Delete(T *t) { 60| 2| if (t != nullptr) { ------------------ | Branch (60:7): [True: 2, False: 0] ------------------ 61| 2| t->~T(); 62| 2| OPENSSL_free(t); 63| 2| } 64| 2|} _ZN4bssl6VectorINSt3__110unique_ptrI17ssl_credential_stNS_8internal7DeleterEEEE5clearEv: 282| 2| void clear() { 283| 2| std::destroy_n(data_, size_); 284| 2| OPENSSL_free(data_); 285| 2| data_ = nullptr; 286| 2| size_ = 0; 287| 2| capacity_ = 0; 288| 2| } _ZNK4bssl5ArrayIbE4dataEv: 103| 1| const T *data() const { return data_; } _ZNK4bssl5ArrayIbE4sizeEv: 105| 1| size_t size() const { return size_; } _ZN4bssl5ArrayIbEC2Ev: 90| 2| Array() {} _ZN4bssl5ArrayIbED2Ev: 94| 2| ~Array() { Reset(); } _ZN4bssl5ArrayIbE5ResetEv: 139| 4| void Reset() { Reset(nullptr, 0); } _ZN4bssl5ArrayIbE5ResetEPbm: 143| 4| void Reset(T *new_data, size_t new_size) { 144| 4| std::destroy_n(data_, size_); 145| 4| OPENSSL_free(data_); 146| 4| data_ = new_data; 147| 4| size_ = new_size; 148| 4| } _ZN4bssl5ArrayIbE8CopyFromENS_4SpanIKbEE: 184| 1| [[nodiscard]] bool CopyFrom(Span in) { 185| 1| if (!InitUninitialized(in.size())) { ------------------ | Branch (185:9): [True: 0, False: 1] ------------------ 186| 0| return false; 187| 0| } 188| 1| std::uninitialized_copy(in.begin(), in.end(), data_); 189| 1| return true; 190| 1| } _ZN4bssl5ArrayIbE17InitUninitializedEm: 206| 2| bool InitUninitialized(size_t new_size) { 207| 2| Reset(); 208| 2| if (new_size == 0) { ------------------ | Branch (208:9): [True: 0, False: 2] ------------------ 209| 0| return true; 210| 0| } 211| | 212| 2| if (new_size > SIZE_MAX / sizeof(T)) { ------------------ | Branch (212:9): [True: 0, False: 2] ------------------ 213| 0| OPENSSL_PUT_ERROR(CRYPTO, ERR_R_OVERFLOW); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 214| 0| return false; 215| 0| } 216| 2| data_ = reinterpret_cast(OPENSSL_malloc(new_size * sizeof(T))); 217| 2| if (data_ == nullptr) { ------------------ | Branch (217:9): [True: 0, False: 2] ------------------ 218| 0| return false; 219| 0| } 220| 2| size_ = new_size; 221| 2| return true; 222| 2| } _ZN4bssl5ArrayIbE7ReleaseEPPbPm: 152| 1| void Release(T **out, size_t *out_size) { 153| 1| *out = data_; 154| 1| *out_size = size_; 155| 1| data_ = nullptr; 156| 1| size_ = 0; 157| 1| } _ZN4bssl5ArrayIbE16InitForOverwriteEm: 174| 1| [[nodiscard]] bool InitForOverwrite(size_t new_size) { 175| 1| if (!InitUninitialized(new_size)) { ------------------ | Branch (175:9): [True: 0, False: 1] ------------------ 176| 0| return false; 177| 0| } 178| 1| std::uninitialized_default_construct_n(data_, size_); 179| 1| return true; 180| 1| } _ZN4bssl5ArrayIbEixEm: 112| 19| T &operator[](size_t i) { 113| 19| BSSL_CHECK(i < size_); ------------------ | | 384| 19| do { \ | | 385| 19| if (!(condition)) { \ | | ------------------ | | | Branch (385:9): [True: 0, False: 19] | | ------------------ | | 386| 0| abort(); \ | | 387| 0| } \ | | 388| 19| } while (0); | | ------------------ | | | Branch (388:12): [Folded - Ignored] | | ------------------ ------------------ 114| 19| return data_[i]; 115| 19| } _ZN4bssl5ArrayIbE6ShrinkEm: 194| 1| void Shrink(size_t new_size) { 195| 1| if (new_size > size_) { ------------------ | Branch (195:9): [True: 0, False: 1] ------------------ 196| 0| abort(); 197| 0| } 198| 1| std::destroy_n(data_ + new_size, size_ - new_size); 199| 1| size_ = new_size; 200| 1| } _ZN4bssl10MakeUniqueINS_23SSLCipherPreferenceListEJEEENSt3__110unique_ptrIT_NS_8internal7DeleterEEEDpOT0_: 78| 1|UniquePtr MakeUnique(Args &&...args) { 79| 1| return UniquePtr(New(std::forward(args)...)); 80| 1|} _ZN4bssl3NewINS_23SSLCipherPreferenceListEJEEEPT_DpOT0_: 47| 1|T *New(Args &&...args) { 48| 1| void *t = OPENSSL_malloc(sizeof(T)); 49| 1| if (t == nullptr) { ------------------ | Branch (49:7): [True: 0, False: 1] ------------------ 50| 0| return nullptr; 51| 0| } 52| 1| return new (t) T(std::forward(args)...); 53| 1|} _ZN4bssl8internal11DeleterImplINS_23SSLCipherPreferenceListEvE4FreeEPS2_: 71| 1| static void Free(T *t) { Delete(t); } _ZN4bssl6DeleteINS_23SSLCipherPreferenceListEEEvPT_: 59| 1|void Delete(T *t) { 60| 1| if (t != nullptr) { ------------------ | Branch (60:7): [True: 1, False: 0] ------------------ 61| 1| t->~T(); 62| 1| OPENSSL_free(t); 63| 1| } 64| 1|} _ZN4bssl10MakeUniqueI17ssl_credential_stJRKNS_17SSLCredentialTypeEEEENSt3__110unique_ptrIT_NS_8internal7DeleterEEEDpOT0_: 78| 1|UniquePtr MakeUnique(Args &&...args) { 79| 1| return UniquePtr(New(std::forward(args)...)); 80| 1|} _ZN4bssl3NewI17ssl_credential_stJRKNS_17SSLCredentialTypeEEEEPT_DpOT0_: 47| 1|T *New(Args &&...args) { 48| 1| void *t = OPENSSL_malloc(sizeof(T)); 49| 1| if (t == nullptr) { ------------------ | Branch (49:7): [True: 0, False: 1] ------------------ 50| 0| return nullptr; 51| 0| } 52| 1| return new (t) T(std::forward(args)...); 53| 1|} _ZN4bssl5ArrayItE8CopyFromENS_4SpanIKtEE: 184| 3| [[nodiscard]] bool CopyFrom(Span in) { 185| 3| if (!InitUninitialized(in.size())) { ------------------ | Branch (185:9): [True: 0, False: 3] ------------------ 186| 0| return false; 187| 0| } 188| 3| std::uninitialized_copy(in.begin(), in.end(), data_); 189| 3| return true; 190| 3| } _ZN4bssl6VectorINS_18CertCompressionAlgEEC2Ev: 232| 1| Vector() = default; _ZN4bssl6VectorINS_10ALPSConfigEEC2Ev: 232| 1| Vector() = default; _ZN4bssl8internal11DeleterImplINS_10SSL_CONFIGEvE4FreeEPS2_: 71| 1| static void Free(T *t) { Delete(t); } _ZN4bssl6DeleteINS_10SSL_CONFIGEEEvPT_: 59| 1|void Delete(T *t) { 60| 1| if (t != nullptr) { ------------------ | Branch (60:7): [True: 1, False: 0] ------------------ 61| 1| t->~T(); 62| 1| OPENSSL_free(t); 63| 1| } 64| 1|} _ZN4bssl6VectorINS_18CertCompressionAlgEED2Ev: 235| 1| ~Vector() { clear(); } _ZN4bssl6VectorINS_18CertCompressionAlgEE5clearEv: 282| 1| void clear() { 283| 1| std::destroy_n(data_, size_); 284| 1| OPENSSL_free(data_); 285| 1| data_ = nullptr; 286| 1| size_ = 0; 287| 1| capacity_ = 0; 288| 1| } _ZN4bssl10MakeUniqueI10ssl_ctx_stJRPK13ssl_method_stEEENSt3__110unique_ptrIT_NS_8internal7DeleterEEEDpOT0_: 78| 1|UniquePtr MakeUnique(Args &&...args) { 79| 1| return UniquePtr(New(std::forward(args)...)); 80| 1|} _ZN4bssl3NewI10ssl_ctx_stJRPK13ssl_method_stEEEPT_DpOT0_: 47| 1|T *New(Args &&...args) { 48| 1| void *t = OPENSSL_malloc(sizeof(T)); 49| 1| if (t == nullptr) { ------------------ | Branch (49:7): [True: 0, False: 1] ------------------ 50| 0| return nullptr; 51| 0| } 52| 1| return new (t) T(std::forward(args)...); 53| 1|} _ZN4bssl10MakeUniqueINS_4CERTEJRKPKNS_15SSL_X509_METHODEEEENSt3__110unique_ptrIT_NS_8internal7DeleterEEEDpOT0_: 78| 1|UniquePtr MakeUnique(Args &&...args) { 79| 1| return UniquePtr(New(std::forward(args)...)); 80| 1|} _ZN4bssl3NewINS_4CERTEJRKPKNS_15SSL_X509_METHODEEEEPT_DpOT0_: 47| 1|T *New(Args &&...args) { 48| 1| void *t = OPENSSL_malloc(sizeof(T)); 49| 1| if (t == nullptr) { ------------------ | Branch (49:7): [True: 0, False: 1] ------------------ 50| 0| return nullptr; 51| 0| } 52| 1| return new (t) T(std::forward(args)...); 53| 1|} _ZN4bssl10MakeUniqueI6ssl_stJRP10ssl_ctx_stEEENSt3__110unique_ptrIT_NS_8internal7DeleterEEEDpOT0_: 78| 1|UniquePtr MakeUnique(Args &&...args) { 79| 1| return UniquePtr(New(std::forward(args)...)); 80| 1|} _ZN4bssl3NewI6ssl_stJRP10ssl_ctx_stEEEPT_DpOT0_: 47| 1|T *New(Args &&...args) { 48| 1| void *t = OPENSSL_malloc(sizeof(T)); 49| 1| if (t == nullptr) { ------------------ | Branch (49:7): [True: 0, False: 1] ------------------ 50| 0| return nullptr; 51| 0| } 52| 1| return new (t) T(std::forward(args)...); 53| 1|} _ZN4bssl10MakeUniqueINS_10SSL_CONFIGEJP6ssl_stEEENSt3__110unique_ptrIT_NS_8internal7DeleterEEEDpOT0_: 78| 1|UniquePtr MakeUnique(Args &&...args) { 79| 1| return UniquePtr(New(std::forward(args)...)); 80| 1|} _ZN4bssl3NewINS_10SSL_CONFIGEJP6ssl_stEEEPT_DpOT0_: 47| 1|T *New(Args &&...args) { 48| 1| void *t = OPENSSL_malloc(sizeof(T)); 49| 1| if (t == nullptr) { ------------------ | Branch (49:7): [True: 0, False: 1] ------------------ 50| 0| return nullptr; 51| 0| } 52| 1| return new (t) T(std::forward(args)...); 53| 1|} _ZN4bssl6VectorINS_10ALPSConfigEED2Ev: 235| 1| ~Vector() { clear(); } _ZN4bssl6VectorINS_10ALPSConfigEE5clearEv: 282| 1| void clear() { 283| 1| std::destroy_n(data_, size_); 284| 1| OPENSSL_free(data_); 285| 1| data_ = nullptr; 286| 1| size_ = 0; 287| 1| capacity_ = 0; 288| 1| } _ZN4bssl6DeleteI6ssl_stEEvPT_: 59| 1|void Delete(T *t) { 60| 1| if (t != nullptr) { ------------------ | Branch (60:7): [True: 1, False: 0] ------------------ 61| 1| t->~T(); 62| 1| OPENSSL_free(t); 63| 1| } 64| 1|} _ZN4bssl10MakeUniqueINS_10SSL3_STATEEJEEENSt3__110unique_ptrIT_NS_8internal7DeleterEEEDpOT0_: 78| 1|UniquePtr MakeUnique(Args &&...args) { 79| 1| return UniquePtr(New(std::forward(args)...)); 80| 1|} _ZN4bssl3NewINS_10SSL3_STATEEJEEEPT_DpOT0_: 47| 1|T *New(Args &&...args) { 48| 1| void *t = OPENSSL_malloc(sizeof(T)); 49| 1| if (t == nullptr) { ------------------ | Branch (49:7): [True: 0, False: 1] ------------------ 50| 0| return nullptr; 51| 0| } 52| 1| return new (t) T(std::forward(args)...); 53| 1|} _ZN4bssl6DeleteINS_10SSL3_STATEEEEvPT_: 59| 1|void Delete(T *t) { 60| 1| if (t != nullptr) { ------------------ | Branch (60:7): [True: 1, False: 0] ------------------ 61| 1| t->~T(); 62| 1| OPENSSL_free(t); 63| 1| } 64| 1|} CRYPTO_sysrand: 41| 1|void CRYPTO_sysrand(uint8_t *out, size_t requested) { 42| 1| static const uint8_t kZeroKey[32] = {0}; 43| | 44| 1| CRYPTO_MUTEX_lock_write(&g_num_calls_lock); 45| 1| uint64_t num_calls = g_num_calls++; 46| 1| CRYPTO_MUTEX_unlock_write(&g_num_calls_lock); 47| | 48| 1| uint8_t nonce[12]; 49| 1| OPENSSL_memset(nonce, 0, sizeof(nonce)); 50| 1| OPENSSL_memcpy(nonce, &num_calls, sizeof(num_calls)); 51| | 52| 1| OPENSSL_memset(out, 0, requested); 53| 1| CRYPTO_chacha_20(out, out, requested, kZeroKey, nonce, 0); 54| 1|} CRYPTO_sysrand_for_seed: 61| 1|void CRYPTO_sysrand_for_seed(uint8_t *out, size_t requested) { 62| 1| CRYPTO_sysrand(out, requested); 63| 1|} CRYPTO_get_fork_generation: 80| 1|uint64_t CRYPTO_get_fork_generation(void) { 81| 1| CRYPTO_once(&g_fork_detect_once, init_fork_detect); 82| | 83| | // In a single-threaded process, there are obviously no races because there's 84| | // only a single mutator in the address space. 85| | // 86| | // In a multi-threaded environment, |CRYPTO_once| ensures that the flag byte 87| | // is initialised atomically, even if multiple threads enter this function 88| | // concurrently. 89| | // 90| | // Additionally, while the kernel will only clear WIPEONFORK at a point when a 91| | // child process is single-threaded, the child may become multi-threaded 92| | // before it observes this. Therefore, we must synchronize the logic below. 93| | 94| 1| CRYPTO_atomic_u32 *const flag_ptr = g_fork_detect_addr; 95| 1| if (flag_ptr == NULL) { ------------------ | Branch (95:7): [True: 0, False: 1] ------------------ 96| | // Our kernel is too old to support |MADV_WIPEONFORK| or 97| | // |g_force_madv_wipeonfork| is set. 98| 0| if (g_force_madv_wipeonfork && g_force_madv_wipeonfork_enabled) { ------------------ | Branch (98:9): [True: 0, False: 0] | Branch (98:36): [True: 0, False: 0] ------------------ 99| | // A constant generation number to simulate support, even if the kernel 100| | // doesn't support it. 101| 0| return 42; 102| 0| } 103| | // With Linux and clone(), we do not believe that pthread_atfork() is 104| | // sufficient for detecting all forms of address space duplication. At this 105| | // point we have a kernel that does not support MADV_WIPEONFORK. We could 106| | // return the generation number from pthread_atfork() here and it would 107| | // probably be safe in almost any situation, but to ensure safety we return 108| | // 0 and force an entropy draw on every call. 109| 0| return 0; 110| 0| } 111| | 112| | // In the common case, try to observe the flag without taking a lock. This 113| | // avoids cacheline contention in the PRNG. 114| 1| uint64_t *const generation_ptr = &g_fork_generation; 115| 1| if (CRYPTO_atomic_load_u32(flag_ptr) != 0) { ------------------ | Branch (115:7): [True: 1, False: 0] ------------------ 116| | // If we observe a non-zero flag, it is safe to read |generation_ptr| 117| | // without a lock. The flag and generation number are fixed for this copy of 118| | // the address space. 119| 1| return *generation_ptr; 120| 1| } 121| | 122| | // The flag was zero. The generation number must be incremented, but other 123| | // threads may have concurrently observed the zero, so take a lock before 124| | // incrementing. 125| 0| CRYPTO_MUTEX *const lock = &g_fork_detect_lock; 126| 0| CRYPTO_MUTEX_lock_write(lock); 127| 0| uint64_t current_generation = *generation_ptr; 128| 0| if (CRYPTO_atomic_load_u32(flag_ptr) == 0) { ------------------ | Branch (128:7): [True: 0, False: 0] ------------------ 129| | // A fork has occurred. 130| 0| current_generation++; 131| 0| if (current_generation == 0) { ------------------ | Branch (131:9): [True: 0, False: 0] ------------------ 132| | // Zero means fork detection isn't supported, so skip that value. 133| 0| current_generation = 1; 134| 0| } 135| | 136| | // We must update |generation_ptr| before |flag_ptr|. Other threads may 137| | // observe |flag_ptr| without taking a lock. 138| 0| *generation_ptr = current_generation; 139| 0| CRYPTO_atomic_store_u32(flag_ptr, 1); 140| 0| } 141| 0| CRYPTO_MUTEX_unlock_write(lock); 142| | 143| 0| return current_generation; 144| 1|} fork_detect.cc:_ZL16init_fork_detectv: 47| 1|static void init_fork_detect(void) { 48| 1| if (g_force_madv_wipeonfork) { ------------------ | Branch (48:7): [True: 0, False: 1] ------------------ 49| 0| return; 50| 0| } 51| | 52| 1| long page_size = sysconf(_SC_PAGESIZE); 53| 1| if (page_size <= 0) { ------------------ | Branch (53:7): [True: 0, False: 1] ------------------ 54| 0| return; 55| 0| } 56| | 57| 1| void *addr = mmap(NULL, (size_t)page_size, PROT_READ | PROT_WRITE, 58| 1| MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 59| 1| if (addr == MAP_FAILED) { ------------------ | Branch (59:7): [True: 0, False: 1] ------------------ 60| 0| return; 61| 0| } 62| | 63| | // Some versions of qemu (up to at least 5.0.0-rc4, see linux-user/syscall.c) 64| | // ignore |madvise| calls and just return zero (i.e. success). But we need to 65| | // know whether MADV_WIPEONFORK actually took effect. Therefore try an invalid 66| | // call to check that the implementation of |madvise| is actually rejecting 67| | // unknown |advice| values. 68| 1| if (madvise(addr, (size_t)page_size, -1) == 0 || ------------------ | Branch (68:7): [True: 0, False: 1] ------------------ 69| 1| madvise(addr, (size_t)page_size, MADV_WIPEONFORK) != 0) { ------------------ | Branch (69:7): [True: 0, False: 1] ------------------ 70| 0| munmap(addr, (size_t)page_size); 71| 0| return; 72| 0| } 73| | 74| 1| CRYPTO_atomic_u32 *const atomic = reinterpret_cast(addr); 75| 1| CRYPTO_atomic_store_u32(atomic, 1); 76| 1| g_fork_detect_addr = atomic; 77| 1| g_fork_generation = 1; 78| 1|} rand_fork_unsafe_buffering_enabled: 42| 1|int rand_fork_unsafe_buffering_enabled(void) { 43| 1| return CRYPTO_atomic_load_u32(&g_buffering_enabled) != 0; 44| 1|} RAND_bytes: 23| 1|int RAND_bytes(uint8_t *buf, size_t len) { 24| 1| BCM_rand_bytes(buf, len); 25| 1| return 1; 26| 1|} CRYPTO_refcount_inc: 21| 2|void CRYPTO_refcount_inc(CRYPTO_refcount_t *count) { 22| 2| uint32_t expected = CRYPTO_atomic_load_u32(count); 23| | 24| 2| while (expected != CRYPTO_REFCOUNT_MAX) { ------------------ | | 580| 2|#define CRYPTO_REFCOUNT_MAX 0xffffffff ------------------ | Branch (24:10): [True: 2, False: 0] ------------------ 25| 2| uint32_t new_value = expected + 1; 26| 2| if (CRYPTO_atomic_compare_exchange_weak_u32(count, &expected, new_value)) { ------------------ | Branch (26:9): [True: 2, False: 0] ------------------ 27| 2| break; 28| 2| } 29| 2| } 30| 2|} CRYPTO_refcount_dec_and_test_zero: 32| 7|int CRYPTO_refcount_dec_and_test_zero(CRYPTO_refcount_t *count) { 33| 7| uint32_t expected = CRYPTO_atomic_load_u32(count); 34| | 35| 7| for (;;) { 36| 7| if (expected == 0) { ------------------ | Branch (36:9): [True: 0, False: 7] ------------------ 37| 0| abort(); 38| 7| } else if (expected == CRYPTO_REFCOUNT_MAX) { ------------------ | | 580| 7|#define CRYPTO_REFCOUNT_MAX 0xffffffff ------------------ | Branch (38:16): [True: 0, False: 7] ------------------ 39| 0| return 0; 40| 7| } else { 41| 7| const uint32_t new_value = expected - 1; 42| 7| if (CRYPTO_atomic_compare_exchange_weak_u32(count, &expected, ------------------ | Branch (42:11): [True: 7, False: 0] ------------------ 43| 7| new_value)) { 44| 7| return new_value == 0; 45| 7| } 46| 7| } 47| 7| } 48| 7|} OPENSSL_sk_new: 44| 5|OPENSSL_STACK *OPENSSL_sk_new(OPENSSL_sk_cmp_func comp) { 45| 5| OPENSSL_STACK *ret = 46| 5| reinterpret_cast(OPENSSL_zalloc(sizeof(OPENSSL_STACK))); 47| 5| if (ret == NULL) { ------------------ | Branch (47:7): [True: 0, False: 5] ------------------ 48| 0| return NULL; 49| 0| } 50| | 51| 5| ret->data = 52| 5| reinterpret_cast(OPENSSL_calloc(kMinSize, sizeof(void *))); 53| 5| if (ret->data == NULL) { ------------------ | Branch (53:7): [True: 0, False: 5] ------------------ 54| 0| goto err; 55| 0| } 56| | 57| 5| ret->comp = comp; 58| 5| ret->num_alloc = kMinSize; 59| | 60| 5| return ret; 61| | 62| 0|err: 63| 0| OPENSSL_free(ret); 64| 0| return NULL; 65| 5|} OPENSSL_sk_new_null: 67| 4|OPENSSL_STACK *OPENSSL_sk_new_null(void) { return OPENSSL_sk_new(NULL); } OPENSSL_sk_num: 69| 2|size_t OPENSSL_sk_num(const OPENSSL_STACK *sk) { 70| 2| if (sk == NULL) { ------------------ | Branch (70:7): [True: 0, False: 2] ------------------ 71| 0| return 0; 72| 0| } 73| 2| return sk->num; 74| 2|} OPENSSL_sk_free: 99| 5|void OPENSSL_sk_free(OPENSSL_STACK *sk) { 100| 5| if (sk == NULL) { ------------------ | Branch (100:7): [True: 0, False: 5] ------------------ 101| 0| return; 102| 0| } 103| 5| OPENSSL_free(sk->data); 104| 5| OPENSSL_free(sk); 105| 5|} OPENSSL_sk_pop_free_ex: 109| 15| OPENSSL_sk_free_func free_func) { 110| 15| if (sk == NULL) { ------------------ | Branch (110:7): [True: 11, False: 4] ------------------ 111| 11| return; 112| 11| } 113| | 114| 4| for (size_t i = 0; i < sk->num; i++) { ------------------ | Branch (114:22): [True: 0, False: 4] ------------------ 115| 0| if (sk->data[i] != NULL) { ------------------ | Branch (115:9): [True: 0, False: 0] ------------------ 116| 0| call_free_func(free_func, sk->data[i]); 117| 0| } 118| 0| } 119| 4| OPENSSL_sk_free(sk); 120| 4|} OPENSSL_sk_insert: 133| 19|size_t OPENSSL_sk_insert(OPENSSL_STACK *sk, void *p, size_t where) { 134| 19| if (sk == NULL) { ------------------ | Branch (134:7): [True: 0, False: 19] ------------------ 135| 0| return 0; 136| 0| } 137| | 138| 19| if (sk->num >= INT_MAX) { ------------------ | Branch (138:7): [True: 0, False: 19] ------------------ 139| 0| OPENSSL_PUT_ERROR(CRYPTO, ERR_R_OVERFLOW); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 140| 0| return 0; 141| 0| } 142| | 143| 19| if (sk->num_alloc <= sk->num + 1) { ------------------ | Branch (143:7): [True: 3, False: 16] ------------------ 144| | // Attempt to double the size of the array. 145| 3| size_t new_alloc = sk->num_alloc << 1; 146| 3| size_t alloc_size = new_alloc * sizeof(void *); 147| 3| void **data; 148| | 149| | // If the doubling overflowed, try to increment. 150| 3| if (new_alloc < sk->num_alloc || alloc_size / sizeof(void *) != new_alloc) { ------------------ | Branch (150:9): [True: 0, False: 3] | Branch (150:38): [True: 0, False: 3] ------------------ 151| 0| new_alloc = sk->num_alloc + 1; 152| 0| alloc_size = new_alloc * sizeof(void *); 153| 0| } 154| | 155| | // If the increment also overflowed, fail. 156| 3| if (new_alloc < sk->num_alloc || alloc_size / sizeof(void *) != new_alloc) { ------------------ | Branch (156:9): [True: 0, False: 3] | Branch (156:38): [True: 0, False: 3] ------------------ 157| 0| return 0; 158| 0| } 159| | 160| 3| data = reinterpret_cast(OPENSSL_realloc(sk->data, alloc_size)); 161| 3| if (data == NULL) { ------------------ | Branch (161:9): [True: 0, False: 3] ------------------ 162| 0| return 0; 163| 0| } 164| | 165| 3| sk->data = data; 166| 3| sk->num_alloc = new_alloc; 167| 3| } 168| | 169| 19| if (where >= sk->num) { ------------------ | Branch (169:7): [True: 19, False: 0] ------------------ 170| 19| sk->data[sk->num] = p; 171| 19| } else { 172| 0| OPENSSL_memmove(&sk->data[where + 1], &sk->data[where], 173| 0| sizeof(void *) * (sk->num - where)); 174| 0| sk->data[where] = p; 175| 0| } 176| | 177| 19| sk->num++; 178| 19| sk->sorted = 0; 179| | 180| 19| return sk->num; 181| 19|} OPENSSL_sk_push: 311| 19|size_t OPENSSL_sk_push(OPENSSL_STACK *sk, void *p) { 312| 19| return OPENSSL_sk_insert(sk, p, sk->num); 313| 19|} CRYPTO_MUTEX_init: 26| 2|void CRYPTO_MUTEX_init(CRYPTO_MUTEX *lock) { 27| 2| if (pthread_rwlock_init(lock, NULL) != 0) { ------------------ | Branch (27:7): [True: 0, False: 2] ------------------ 28| 0| abort(); 29| 0| } 30| 2|} CRYPTO_MUTEX_lock_write: 38| 2|void CRYPTO_MUTEX_lock_write(CRYPTO_MUTEX *lock) { 39| 2| if (pthread_rwlock_wrlock(lock) != 0) { ------------------ | Branch (39:7): [True: 0, False: 2] ------------------ 40| 0| abort(); 41| 0| } 42| 2|} CRYPTO_MUTEX_unlock_write: 50| 2|void CRYPTO_MUTEX_unlock_write(CRYPTO_MUTEX *lock) { 51| 2| if (pthread_rwlock_unlock(lock) != 0) { ------------------ | Branch (51:7): [True: 0, False: 2] ------------------ 52| 0| abort(); 53| 0| } 54| 2|} CRYPTO_MUTEX_cleanup: 56| 2|void CRYPTO_MUTEX_cleanup(CRYPTO_MUTEX *lock) { pthread_rwlock_destroy(lock); } CRYPTO_once: 58| 729|void CRYPTO_once(CRYPTO_once_t *once, void (*init)(void)) { 59| 729| if (pthread_once(once, init) != 0) { ------------------ | Branch (59:7): [True: 0, False: 729] ------------------ 60| 0| abort(); 61| 0| } 62| 729|} CRYPTO_get_thread_local: 101| 716|void *CRYPTO_get_thread_local(thread_local_data_t index) { 102| 716| CRYPTO_once(&g_thread_local_init_once, thread_local_init); 103| 716| if (!g_thread_local_key_created) { ------------------ | Branch (103:7): [True: 0, False: 716] ------------------ 104| 0| return NULL; 105| 0| } 106| | 107| 716| void **pointers = 108| 716| reinterpret_cast(pthread_getspecific(g_thread_local_key)); 109| 716| if (pointers == NULL) { ------------------ | Branch (109:7): [True: 1, False: 715] ------------------ 110| 1| return NULL; 111| 1| } 112| 715| return pointers[index]; 113| 716|} CRYPTO_set_thread_local: 116| 2| thread_local_destructor_t destructor) { 117| 2| CRYPTO_once(&g_thread_local_init_once, thread_local_init); 118| 2| if (!g_thread_local_key_created) { ------------------ | Branch (118:7): [True: 0, False: 2] ------------------ 119| 0| destructor(value); 120| 0| return 0; 121| 0| } 122| | 123| 2| void **pointers = 124| 2| reinterpret_cast(pthread_getspecific(g_thread_local_key)); 125| 2| if (pointers == NULL) { ------------------ | Branch (125:7): [True: 1, False: 1] ------------------ 126| 1| pointers = reinterpret_cast( 127| 1| malloc(sizeof(void *) * NUM_OPENSSL_THREAD_LOCALS)); 128| 1| if (pointers == NULL) { ------------------ | Branch (128:9): [True: 0, False: 1] ------------------ 129| 0| destructor(value); 130| 0| return 0; 131| 0| } 132| 1| OPENSSL_memset(pointers, 0, sizeof(void *) * NUM_OPENSSL_THREAD_LOCALS); 133| 1| if (pthread_setspecific(g_thread_local_key, pointers) != 0) { ------------------ | Branch (133:9): [True: 0, False: 1] ------------------ 134| 0| free(pointers); 135| 0| destructor(value); 136| 0| return 0; 137| 0| } 138| 1| } 139| | 140| 2| if (pthread_mutex_lock(&g_destructors_lock) != 0) { ------------------ | Branch (140:7): [True: 0, False: 2] ------------------ 141| 0| destructor(value); 142| 0| return 0; 143| 0| } 144| 2| g_destructors[index] = destructor; 145| 2| pthread_mutex_unlock(&g_destructors_lock); 146| | 147| 2| pointers[index] = value; 148| 2| return 1; 149| 2|} thread_pthread.cc:_ZL17thread_local_initv: 96| 1|static void thread_local_init(void) { 97| 1| g_thread_local_key_created = 98| 1| pthread_key_create(&g_thread_local_key, thread_local_destructor) == 0; 99| 1|} X509_STORE_new: 110| 1|X509_STORE *X509_STORE_new(void) { 111| 1| X509_STORE *ret = 112| 1| reinterpret_cast(OPENSSL_zalloc(sizeof(X509_STORE))); 113| 1| if (ret == NULL) { ------------------ | Branch (113:7): [True: 0, False: 1] ------------------ 114| 0| return NULL; 115| 0| } 116| | 117| 1| ret->references = 1; 118| 1| CRYPTO_MUTEX_init(&ret->objs_lock); 119| 1| ret->objs = sk_X509_OBJECT_new(x509_object_cmp_sk); 120| 1| ret->get_cert_methods = sk_X509_LOOKUP_new_null(); 121| 1| ret->param = X509_VERIFY_PARAM_new(); 122| 1| if (ret->objs == NULL || ret->get_cert_methods == NULL || ------------------ | Branch (122:7): [True: 0, False: 1] | Branch (122:28): [True: 0, False: 1] ------------------ 123| 1| ret->param == NULL) { ------------------ | Branch (123:7): [True: 0, False: 1] ------------------ 124| 0| X509_STORE_free(ret); 125| 0| return NULL; 126| 0| } 127| | 128| 1| return ret; 129| 1|} X509_STORE_free: 136| 3|void X509_STORE_free(X509_STORE *vfy) { 137| 3| if (vfy == nullptr || !CRYPTO_refcount_dec_and_test_zero(&vfy->references)) { ------------------ | Branch (137:7): [True: 2, False: 1] | Branch (137:25): [True: 0, False: 1] ------------------ 138| 2| return; 139| 2| } 140| | 141| 1| CRYPTO_MUTEX_cleanup(&vfy->objs_lock); 142| 1| sk_X509_LOOKUP_pop_free(vfy->get_cert_methods, X509_LOOKUP_free); 143| 1| sk_X509_OBJECT_pop_free(vfy->objs, X509_OBJECT_free); 144| 1| X509_VERIFY_PARAM_free(vfy->param); 145| 1| OPENSSL_free(vfy); 146| 1|} X509_VERIFY_PARAM_new: 76| 3|X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void) { 77| 3| X509_VERIFY_PARAM *param = reinterpret_cast( 78| 3| OPENSSL_zalloc(sizeof(X509_VERIFY_PARAM))); 79| 3| if (!param) { ------------------ | Branch (79:7): [True: 0, False: 3] ------------------ 80| 0| return NULL; 81| 0| } 82| 3| param->depth = -1; 83| 3| return param; 84| 3|} X509_VERIFY_PARAM_free: 86| 3|void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param) { 87| 3| if (param == NULL) { ------------------ | Branch (87:7): [True: 0, False: 3] ------------------ 88| 0| return; 89| 0| } 90| 3| sk_ASN1_OBJECT_pop_free(param->policies, ASN1_OBJECT_free); 91| 3| sk_OPENSSL_STRING_pop_free(param->hosts, str_free); 92| 3| OPENSSL_free(param->email); 93| 3| OPENSSL_free(param->ip); 94| 3| OPENSSL_free(param); 95| 3|} X509_VERIFY_PARAM_inherit: 178| 1| const X509_VERIFY_PARAM *src) { 179| | // Prefer the destination. That is, this function only changes unset 180| | // parameters in |dest|. 181| 1| return x509_verify_param_copy(dest, src, /*prefer_src=*/0); 182| 1|} x509_vpm.cc:_ZL22x509_verify_param_copyP20X509_VERIFY_PARAM_stPKS_i: 119| 1| int prefer_src) { 120| 1| if (src == NULL) { ------------------ | Branch (120:7): [True: 0, False: 1] ------------------ 121| 0| return 1; 122| 0| } 123| | 124| 1| copy_int_param(&dest->purpose, &src->purpose, /*default_val=*/0, prefer_src); 125| 1| copy_int_param(&dest->trust, &src->trust, /*default_val=*/0, prefer_src); 126| 1| copy_int_param(&dest->depth, &src->depth, /*default_val=*/-1, prefer_src); 127| | 128| | // |check_time|, unlike all other parameters, does not honor |prefer_src|. 129| | // This means |X509_VERIFY_PARAM_set1| will not overwrite it. This behavior 130| | // comes from OpenSSL but may have been a bug. 131| 1| if (!(dest->flags & X509_V_FLAG_USE_CHECK_TIME)) { ------------------ | | 3276| 1|#define X509_V_FLAG_USE_CHECK_TIME 0x2 ------------------ | Branch (131:7): [True: 1, False: 0] ------------------ 132| 1| dest->check_time = src->check_time; 133| | // The source |X509_V_FLAG_USE_CHECK_TIME| flag, if set, is copied below. 134| 1| } 135| | 136| 1| dest->flags |= src->flags; 137| | 138| 1| if (should_copy(dest->policies != NULL, src->policies != NULL, prefer_src)) { ------------------ | Branch (138:7): [True: 0, False: 1] ------------------ 139| 0| if (!X509_VERIFY_PARAM_set1_policies(dest, src->policies)) { ------------------ | Branch (139:9): [True: 0, False: 0] ------------------ 140| 0| return 0; 141| 0| } 142| 0| } 143| | 144| 1| if (should_copy(dest->hosts != NULL, src->hosts != NULL, prefer_src)) { ------------------ | Branch (144:7): [True: 0, False: 1] ------------------ 145| 0| sk_OPENSSL_STRING_pop_free(dest->hosts, str_free); 146| 0| dest->hosts = NULL; 147| 0| if (src->hosts) { ------------------ | Branch (147:9): [True: 0, False: 0] ------------------ 148| 0| dest->hosts = 149| 0| sk_OPENSSL_STRING_deep_copy(src->hosts, OPENSSL_strdup, str_free); 150| 0| if (dest->hosts == NULL) { ------------------ | Branch (150:11): [True: 0, False: 0] ------------------ 151| 0| return 0; 152| 0| } 153| | // Copy the host flags if and only if we're copying the host list. Note 154| | // this means mechanisms like |X509_STORE_CTX_set_default| cannot be used 155| | // to set host flags. E.g. we cannot change the defaults using 156| | // |kDefaultParam| below. 157| 0| dest->hostflags = src->hostflags; 158| 0| } 159| 0| } 160| | 161| 1| if (should_copy(dest->email != NULL, src->email != NULL, prefer_src)) { ------------------ | Branch (161:7): [True: 0, False: 1] ------------------ 162| 0| if (!X509_VERIFY_PARAM_set1_email(dest, src->email, src->emaillen)) { ------------------ | Branch (162:9): [True: 0, False: 0] ------------------ 163| 0| return 0; 164| 0| } 165| 0| } 166| | 167| 1| if (should_copy(dest->ip != NULL, src->ip != NULL, prefer_src)) { ------------------ | Branch (167:7): [True: 0, False: 1] ------------------ 168| 0| if (!X509_VERIFY_PARAM_set1_ip(dest, src->ip, src->iplen)) { ------------------ | Branch (168:9): [True: 0, False: 0] ------------------ 169| 0| return 0; 170| 0| } 171| 0| } 172| | 173| 1| dest->poison = src->poison; 174| 1| return 1; 175| 1|} x509_vpm.cc:_ZL14copy_int_paramPiPKiii: 108| 3| int prefer_src) { 109| 3| if (should_copy(*dest != default_val, *src != default_val, prefer_src)) { ------------------ | Branch (109:7): [True: 0, False: 3] ------------------ 110| 0| *dest = *src; 111| 0| } 112| 3|} x509_vpm.cc:_ZL11should_copyiii: 97| 7|static int should_copy(int dest_is_set, int src_is_set, int prefer_src) { 98| 7| if (prefer_src) { ------------------ | Branch (98:7): [True: 0, False: 7] ------------------ 99| | // We prefer the source, so as long as there is a value to copy, copy it. 100| 0| return src_is_set; 101| 0| } 102| | 103| | // We prefer the destination, so only copy if the destination is unset. 104| 7| return src_is_set && !dest_is_set; ------------------ | Branch (104:10): [True: 0, False: 7] | Branch (104:24): [True: 0, False: 0] ------------------ 105| 7|} X509_free: 83| 4|void X509_free(X509 *x509) { 84| 4| if (x509 == NULL || !CRYPTO_refcount_dec_and_test_zero(&x509->references)) { ------------------ | Branch (84:7): [True: 4, False: 0] | Branch (84:23): [True: 0, False: 0] ------------------ 85| 4| return; 86| 4| } 87| | 88| 0| CRYPTO_free_ex_data(&g_ex_data_class, &x509->ex_data); 89| | 90| 0| X509_CINF_free(x509->cert_info); 91| 0| X509_ALGOR_free(x509->sig_alg); 92| 0| ASN1_BIT_STRING_free(x509->signature); 93| 0| ASN1_OCTET_STRING_free(x509->skid); 94| 0| AUTHORITY_KEYID_free(x509->akid); 95| 0| CRL_DIST_POINTS_free(x509->crldp); 96| 0| GENERAL_NAMES_free(x509->altname); 97| 0| NAME_CONSTRAINTS_free(x509->nc); 98| 0| X509_CERT_AUX_free(x509->aux); 99| 0| CRYPTO_MUTEX_cleanup(&x509->lock); 100| | 101| 0| OPENSSL_free(x509); 102| 0|} LLVMFuzzerTestOneInput: 22| 783|extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) { 23| 783| static bssl::UniquePtr ctx(SSL_CTX_new(TLS_method())); 24| 783| static bssl::UniquePtr ssl(SSL_new(ctx.get())); 25| | 26| 783| CBS reader(bssl::Span(buf, len)); 27| 783| CBS encoded_client_hello_inner_cbs; 28| | 29| 783| if (!CBS_get_u24_length_prefixed(&reader, &encoded_client_hello_inner_cbs)) { ------------------ | Branch (29:7): [True: 30, False: 753] ------------------ 30| 30| return 0; 31| 30| } 32| | 33| 753| bssl::Array encoded_client_hello_inner; 34| 753| if (!encoded_client_hello_inner.CopyFrom(encoded_client_hello_inner_cbs)) { ------------------ | Branch (34:7): [True: 0, False: 753] ------------------ 35| 0| return 0; 36| 0| } 37| | 38| | // Use the remaining bytes in |reader| as the ClientHelloOuter. 39| 753| SSL_CLIENT_HELLO client_hello_outer; 40| 753| if (!SSL_parse_client_hello(ssl.get(), &client_hello_outer, CBS_data(&reader), ------------------ | Branch (40:7): [True: 340, False: 413] ------------------ 41| 753| CBS_len(&reader))) { 42| 340| return 0; 43| 340| } 44| | 45| | // Recover the ClientHelloInner from the EncodedClientHelloInner and 46| | // ClientHelloOuter. 47| 413| uint8_t alert_unused; 48| 413| bssl::Array client_hello_inner; 49| 413| bssl::ssl_decode_client_hello_inner( 50| 413| ssl.get(), &alert_unused, &client_hello_inner, encoded_client_hello_inner, 51| 413| &client_hello_outer); 52| 413| return 0; 53| 753|} _ZN4bssl8internal7DeleterclI10ssl_ctx_stEEvPT_: 449| 3| void operator()(T *ptr) { 450| | // Rather than specialize Deleter for each type, we specialize 451| | // DeleterImpl. This allows bssl::UniquePtr to be used while only 452| | // including base.h as long as the destructor is not emitted. This matches 453| | // std::unique_ptr's behavior on forward-declared types. 454| | // 455| | // DeleterImpl itself is specialized in the corresponding module's header 456| | // and must be included to release an object. If not included, the compiler 457| | // will error that DeleterImpl does not have a method Free. 458| 3| DeleterImpl::Free(ptr); 459| 3| } _ZN4bssl8internal11DeleterImplI10ssl_ctx_stvE4FreeEPS2_: 524| 3| static void Free(type *ptr) { deleter(ptr); } \ _ZN4bssl8internal7DeleterclI6ssl_stEEvPT_: 449| 1| void operator()(T *ptr) { 450| | // Rather than specialize Deleter for each type, we specialize 451| | // DeleterImpl. This allows bssl::UniquePtr to be used while only 452| | // including base.h as long as the destructor is not emitted. This matches 453| | // std::unique_ptr's behavior on forward-declared types. 454| | // 455| | // DeleterImpl itself is specialized in the corresponding module's header 456| | // and must be included to release an object. If not included, the compiler 457| | // will error that DeleterImpl does not have a method Free. 458| 1| DeleterImpl::Free(ptr); 459| 1| } _ZN4bssl8internal11DeleterImplI6ssl_stvE4FreeEPS2_: 524| 1| static void Free(type *ptr) { deleter(ptr); } \ _ZN4bssl8internal11DeleterImplI10buf_mem_stvE4FreeEPS2_: 524| 1| static void Free(type *ptr) { deleter(ptr); } \ _ZN4bssl5UpRefEP11evp_pkey_st: 535| 3| inline UniquePtr UpRef(type *v) { \ 536| 3| if (v != nullptr) { \ ------------------ | Branch (536:9): [True: 0, False: 3] ------------------ 537| 0| up_ref_func(v); \ 538| 0| } \ 539| 3| return UniquePtr(v); \ 540| 3| } \ _ZN4bssl5UpRefERKNSt3__110unique_ptrI11evp_pkey_stNS_8internal7DeleterEEE: 542| 3| inline UniquePtr UpRef(const UniquePtr &ptr) { \ 543| 3| return UpRef(ptr.get()); \ 544| 3| } _ZN4bssl5UpRefEP16crypto_buffer_st: 535| 3| inline UniquePtr UpRef(type *v) { \ 536| 3| if (v != nullptr) { \ ------------------ | Branch (536:9): [True: 0, False: 3] ------------------ 537| 0| up_ref_func(v); \ 538| 0| } \ 539| 3| return UniquePtr(v); \ 540| 3| } \ _ZN4bssl5UpRefERKNSt3__110unique_ptrI16crypto_buffer_stNS_8internal7DeleterEEE: 542| 3| inline UniquePtr UpRef(const UniquePtr &ptr) { \ 543| 3| return UpRef(ptr.get()); \ 544| 3| } _ZN4bssl8internal11DeleterImplI17ssl_credential_stvE4FreeEPS2_: 524| 3| static void Free(type *ptr) { deleter(ptr); } \ _ZN4bssl5UpRefEP10ssl_ctx_st: 535| 2| inline UniquePtr UpRef(type *v) { \ 536| 2| if (v != nullptr) { \ ------------------ | Branch (536:9): [True: 2, False: 0] ------------------ 537| 2| up_ref_func(v); \ 538| 2| } \ 539| 2| return UniquePtr(v); \ 540| 2| } \ _ZN4bssl8internal7DeleterclI17ssl_credential_stEEvPT_: 449| 3| void operator()(T *ptr) { 450| | // Rather than specialize Deleter for each type, we specialize 451| | // DeleterImpl. This allows bssl::UniquePtr to be used while only 452| | // including base.h as long as the destructor is not emitted. This matches 453| | // std::unique_ptr's behavior on forward-declared types. 454| | // 455| | // DeleterImpl itself is specialized in the corresponding module's header 456| | // and must be included to release an object. If not included, the compiler 457| | // will error that DeleterImpl does not have a method Free. 458| 3| DeleterImpl::Free(ptr); 459| 3| } _ZN4bssl8internal14StackAllocatedI6cbb_stvXadL_Z8CBB_zeroEEXadL_Z11CBB_cleanupEEEC2Ev: 466| 330| StackAllocated() { init(&ctx_); } _ZN4bssl8internal14StackAllocatedI6cbb_stvXadL_Z8CBB_zeroEEXadL_Z11CBB_cleanupEEED2Ev: 467| 330| ~StackAllocated() { cleanup(&ctx_); } _ZN4bssl8internal14StackAllocatedI6cbb_stvXadL_Z8CBB_zeroEEXadL_Z11CBB_cleanupEEE3getEv: 472| 375| T *get() { return &ctx_; } _ZN4bssl8internal7DeleterclI22stack_st_CRYPTO_BUFFEREEvPT_: 449| 2| void operator()(T *ptr) { 450| | // Rather than specialize Deleter for each type, we specialize 451| | // DeleterImpl. This allows bssl::UniquePtr to be used while only 452| | // including base.h as long as the destructor is not emitted. This matches 453| | // std::unique_ptr's behavior on forward-declared types. 454| | // 455| | // DeleterImpl itself is specialized in the corresponding module's header 456| | // and must be included to release an object. If not included, the compiler 457| | // will error that DeleterImpl does not have a method Free. 458| 2| DeleterImpl::Free(ptr); 459| 2| } _ZN4bssl8internal14StackAllocatedI15evp_hpke_ctx_stvXadL_Z17EVP_HPKE_CTX_zeroEEXadL_Z20EVP_HPKE_CTX_cleanupEEEC2Ev: 466| 1| StackAllocated() { init(&ctx_); } _ZN4bssl8internal14StackAllocatedI15evp_hpke_ctx_stvXadL_Z17EVP_HPKE_CTX_zeroEEXadL_Z20EVP_HPKE_CTX_cleanupEEED2Ev: 467| 1| ~StackAllocated() { cleanup(&ctx_); } _ZN4bssl8internal7DeleterclINS_13SSL_HANDSHAKEEEEvPT_: 449| 1| void operator()(T *ptr) { 450| | // Rather than specialize Deleter for each type, we specialize 451| | // DeleterImpl. This allows bssl::UniquePtr to be used while only 452| | // including base.h as long as the destructor is not emitted. This matches 453| | // std::unique_ptr's behavior on forward-declared types. 454| | // 455| | // DeleterImpl itself is specialized in the corresponding module's header 456| | // and must be included to release an object. If not included, the compiler 457| | // will error that DeleterImpl does not have a method Free. 458| 1| DeleterImpl::Free(ptr); 459| 1| } _ZN4bssl8internal7DeleterclI19stack_st_SSL_CIPHEREEvPT_: 449| 1| void operator()(T *ptr) { 450| | // Rather than specialize Deleter for each type, we specialize 451| | // DeleterImpl. This allows bssl::UniquePtr to be used while only 452| | // including base.h as long as the destructor is not emitted. This matches 453| | // std::unique_ptr's behavior on forward-declared types. 454| | // 455| | // DeleterImpl itself is specialized in the corresponding module's header 456| | // and must be included to release an object. If not included, the compiler 457| | // will error that DeleterImpl does not have a method Free. 458| 1| DeleterImpl::Free(ptr); 459| 1| } _ZN4bssl8internal7DeleterclI10buf_mem_stEEvPT_: 449| 1| void operator()(T *ptr) { 450| | // Rather than specialize Deleter for each type, we specialize 451| | // DeleterImpl. This allows bssl::UniquePtr to be used while only 452| | // including base.h as long as the destructor is not emitted. This matches 453| | // std::unique_ptr's behavior on forward-declared types. 454| | // 455| | // DeleterImpl itself is specialized in the corresponding module's header 456| | // and must be included to release an object. If not included, the compiler 457| | // will error that DeleterImpl does not have a method Free. 458| 1| DeleterImpl::Free(ptr); 459| 1| } _ZN4bssl8internal14StackAllocatedI15evp_aead_ctx_stvXadL_Z17EVP_AEAD_CTX_zeroEEXadL_Z20EVP_AEAD_CTX_cleanupEEEC2Ev: 466| 2| StackAllocated() { init(&ctx_); } _ZN4bssl8internal14StackAllocatedI15evp_aead_ctx_stvXadL_Z17EVP_AEAD_CTX_zeroEEXadL_Z20EVP_AEAD_CTX_cleanupEEED2Ev: 467| 2| ~StackAllocated() { cleanup(&ctx_); } _ZN4bssl8internal7DeleterclINS_14SSLAEADContextEEEvPT_: 449| 2| void operator()(T *ptr) { 450| | // Rather than specialize Deleter for each type, we specialize 451| | // DeleterImpl. This allows bssl::UniquePtr to be used while only 452| | // including base.h as long as the destructor is not emitted. This matches 453| | // std::unique_ptr's behavior on forward-declared types. 454| | // 455| | // DeleterImpl itself is specialized in the corresponding module's header 456| | // and must be included to release an object. If not included, the compiler 457| | // will error that DeleterImpl does not have a method Free. 458| 2| DeleterImpl::Free(ptr); 459| 2| } _ZN4bssl8internal7DeleterclINS_4CERTEEEvPT_: 449| 2| void operator()(T *ptr) { 450| | // Rather than specialize Deleter for each type, we specialize 451| | // DeleterImpl. This allows bssl::UniquePtr to be used while only 452| | // including base.h as long as the destructor is not emitted. This matches 453| | // std::unique_ptr's behavior on forward-declared types. 454| | // 455| | // DeleterImpl itself is specialized in the corresponding module's header 456| | // and must be included to release an object. If not included, the compiler 457| | // will error that DeleterImpl does not have a method Free. 458| 2| DeleterImpl::Free(ptr); 459| 2| } _ZN4bssl8internal7DeleterclINS_23SSLCipherPreferenceListEEEvPT_: 449| 1| void operator()(T *ptr) { 450| | // Rather than specialize Deleter for each type, we specialize 451| | // DeleterImpl. This allows bssl::UniquePtr to be used while only 452| | // including base.h as long as the destructor is not emitted. This matches 453| | // std::unique_ptr's behavior on forward-declared types. 454| | // 455| | // DeleterImpl itself is specialized in the corresponding module's header 456| | // and must be included to release an object. If not included, the compiler 457| | // will error that DeleterImpl does not have a method Free. 458| 1| DeleterImpl::Free(ptr); 459| 1| } _ZN4bssl8internal7DeleterclINS_10SSL_CONFIGEEEvPT_: 449| 1| void operator()(T *ptr) { 450| | // Rather than specialize Deleter for each type, we specialize 451| | // DeleterImpl. This allows bssl::UniquePtr to be used while only 452| | // including base.h as long as the destructor is not emitted. This matches 453| | // std::unique_ptr's behavior on forward-declared types. 454| | // 455| | // DeleterImpl itself is specialized in the corresponding module's header 456| | // and must be included to release an object. If not included, the compiler 457| | // will error that DeleterImpl does not have a method Free. 458| 1| DeleterImpl::Free(ptr); 459| 1| } _ZN4bssl8internal21StackAllocatedMovableI13env_md_ctx_stiXadL_Z15EVP_MD_CTX_initEEXadL_Z18EVP_MD_CTX_cleanupEEXadL_Z15EVP_MD_CTX_moveEEEC2Ev: 491| 2| StackAllocatedMovable() { init(&ctx_); } _ZN4bssl8internal21StackAllocatedMovableI13env_md_ctx_stiXadL_Z15EVP_MD_CTX_initEEXadL_Z18EVP_MD_CTX_cleanupEEXadL_Z15EVP_MD_CTX_moveEEED2Ev: 492| 2| ~StackAllocatedMovable() { cleanup(&ctx_); } _ZN4bssl8internal21StackAllocatedMovableI13env_md_ctx_stiXadL_Z15EVP_MD_CTX_initEEXadL_Z18EVP_MD_CTX_cleanupEEXadL_Z15EVP_MD_CTX_moveEEE5ResetEv: 509| 1| void Reset() { 510| 1| cleanup(&ctx_); 511| 1| init(&ctx_); 512| 1| } _ZN6cbs_stC2EN4bssl4SpanIKhEE: 47| 2.17k| : data(span.data()), len(span.size()) {} _ZNK6cbs_stcvN4bssl4SpanIKhEEEv: 48| 753| operator bssl::Span() const { return bssl::Span(data, len); } CBS_data: 69| 7.55k|OPENSSL_INLINE const uint8_t *CBS_data(const CBS *cbs) { return cbs->data; } CBS_len: 72| 145k|OPENSSL_INLINE size_t CBS_len(const CBS *cbs) { return cbs->len; } CBS_init: 59| 259k|OPENSSL_INLINE void CBS_init(CBS *cbs, const uint8_t *data, size_t len) { 60| 259k| cbs->data = data; 61| 259k| cbs->len = len; 62| 259k|} _ZN4bssl4SpanIKhEC2EPS1_m: 127| 3.33k| constexpr Span(T *ptr, size_t len) : data_(ptr), size_(len) {} _ZNK4bssl4SpanIKhE4dataEv: 142| 2.88k| constexpr T *data() const { return data_; } _ZNK4bssl4SpanIKhE4sizeEv: 143| 3.51k| constexpr size_t size() const { return size_; } _ZN4bssl4SpanIKhEC2INS_5ArrayIhEEvS5_EERKT_: 135| 414| : data_(container.data()), size_(container.size()) {} _ZNK4bssl4SpanIKhE5beginEv: 146| 755| constexpr iterator begin() const { return data_; } _ZNK4bssl4SpanIKhE3endEv: 148| 755| constexpr iterator end() const { return data_ + size_; } _ZNK4bssl4SpanIKhE7subspanEmm: 172| 256| constexpr Span subspan(size_t pos = 0, size_t len = npos) const { 173| 256| if (pos > size_) { ------------------ | Branch (173:9): [True: 0, False: 256] ------------------ 174| | // absl::Span throws an exception here. Note std::span and Chromium 175| | // base::span additionally forbid pos + len being out of range, with a 176| | // special case at npos/dynamic_extent, while absl::Span::subspan clips 177| | // the span. For now, we align with absl::Span in case we switch to it in 178| | // the future. 179| 0| abort(); 180| 0| } 181| 256| return Span(data_ + pos, std::min(size_ - pos, len)); 182| 256| } _ZN4bssl4SpanIKhEC2Ev: 126| 1| constexpr Span() : Span(nullptr, 0) {} _ZN4bssl4SpanIhEC2EPhm: 127| 1| constexpr Span(T *ptr, size_t len) : data_(ptr), size_(len) {} _ZN4bssl4SpanIKtEC2INS_5ArrayItEEvS5_EERKT_: 135| 3| : data_(container.data()), size_(container.size()) {} _ZNK4bssl4SpanIKtE5beginEv: 146| 3| constexpr iterator begin() const { return data_; } _ZNK4bssl4SpanIKtE3endEv: 148| 3| constexpr iterator end() const { return data_ + size_; } _ZNK4bssl4SpanIKtE4sizeEv: 143| 3| constexpr size_t size() const { return size_; } _ZN4bssl4SpanIKhEC2INS_13InplaceVectorIhLm32EEEvS5_EERKT_: 135| 1| : data_(container.data()), size_(container.size()) {} _ZN4bssl4SpanIhEC2Ev: 126| 1| constexpr Span() : Span(nullptr, 0) {} _ZNK4bssl4SpanIKbE4sizeEv: 143| 2| constexpr size_t size() const { return size_; } _ZN4bssl4SpanIKbEC2INS_5ArrayIbEEvS5_EERKT_: 135| 1| : data_(container.data()), size_(container.size()) {} _ZNK4bssl4SpanIKbE5beginEv: 146| 1| constexpr iterator begin() const { return data_; } _ZNK4bssl4SpanIKbE3endEv: 148| 1| constexpr iterator end() const { return data_ + size_; } sk_OPENSSL_STRING_pop_free: 435| 3| sk_##name##_free_func free_func) { \ 436| 3| OPENSSL_sk_pop_free_ex((OPENSSL_STACK *)sk, sk_##name##_call_free_func, \ 437| 3| (OPENSSL_sk_free_func)free_func); \ 438| 3| } \ sk_ASN1_OBJECT_pop_free: 435| 3| sk_##name##_free_func free_func) { \ 436| 3| OPENSSL_sk_pop_free_ex((OPENSSL_STACK *)sk, sk_##name##_call_free_func, \ 437| 3| (OPENSSL_sk_free_func)free_func); \ 438| 3| } \ sk_CRYPTO_BUFFER_new_null: 408| 2| OPENSSL_INLINE STACK_OF(name) *sk_##name##_new_null(void) { \ 409| 2| return (STACK_OF(name) *)OPENSSL_sk_new_null(); \ 410| 2| } \ sk_X509_pop_free: 435| 2| sk_##name##_free_func free_func) { \ 436| 2| OPENSSL_sk_pop_free_ex((OPENSSL_STACK *)sk, sk_##name##_call_free_func, \ 437| 2| (OPENSSL_sk_free_func)free_func); \ 438| 2| } \ sk_X509_NAME_pop_free: 435| 3| sk_##name##_free_func free_func) { \ 436| 3| OPENSSL_sk_pop_free_ex((OPENSSL_STACK *)sk, sk_##name##_call_free_func, \ 437| 3| (OPENSSL_sk_free_func)free_func); \ 438| 3| } \ sk_X509_OBJECT_new: 404| 1| OPENSSL_INLINE STACK_OF(name) *sk_##name##_new(sk_##name##_cmp_func comp) { \ 405| 1| return (STACK_OF(name) *)OPENSSL_sk_new((OPENSSL_sk_cmp_func)comp); \ 406| 1| } \ sk_X509_OBJECT_pop_free: 435| 1| sk_##name##_free_func free_func) { \ 436| 1| OPENSSL_sk_pop_free_ex((OPENSSL_STACK *)sk, sk_##name##_call_free_func, \ 437| 1| (OPENSSL_sk_free_func)free_func); \ 438| 1| } \ sk_SSL_CIPHER_new_null: 408| 1| OPENSSL_INLINE STACK_OF(name) *sk_##name##_new_null(void) { \ 409| 1| return (STACK_OF(name) *)OPENSSL_sk_new_null(); \ 410| 1| } \ sk_SSL_CIPHER_num: 412| 2| OPENSSL_INLINE size_t sk_##name##_num(const STACK_OF(name) *sk) { \ 413| 2| return OPENSSL_sk_num((const OPENSSL_STACK *)sk); \ 414| 2| } \ sk_SSL_CIPHER_push: 472| 19| OPENSSL_INLINE size_t sk_##name##_push(STACK_OF(name) *sk, ptrtype p) { \ 473| 19| return OPENSSL_sk_push((OPENSSL_STACK *)sk, (void *)p); \ 474| 19| } \ _ZN4bssl8internal11DeleterImplI22stack_st_CRYPTO_BUFFERvE4FreeEPS2_: 544| 2| static void Free(Stack *sk) { 545| | // sk_FOO_pop_free is defined by macros and bound by name, so we cannot 546| | // access it from C++ here. 547| 2| using Type = typename StackTraits::Type; 548| 2| OPENSSL_sk_pop_free_ex( 549| 2| reinterpret_cast(sk), 550| 2| [](OPENSSL_sk_free_func /* unused */, void *ptr) { 551| 2| DeleterImpl::Free(reinterpret_cast(ptr)); 552| 2| }, 553| 2| nullptr); 554| 2| } _ZN4bssl8internal11DeleterImplI19stack_st_SSL_CIPHERvE4FreeEPS2_: 535| 1| static void Free(Stack *sk) { 536| 1| OPENSSL_sk_free(reinterpret_cast(sk)); 537| 1| } sk_X509_LOOKUP_new_null: 408| 1| OPENSSL_INLINE STACK_OF(name) *sk_##name##_new_null(void) { \ 409| 1| return (STACK_OF(name) *)OPENSSL_sk_new_null(); \ 410| 1| } \ sk_X509_LOOKUP_pop_free: 435| 1| sk_##name##_free_func free_func) { \ 436| 1| OPENSSL_sk_pop_free_ex((OPENSSL_STACK *)sk, sk_##name##_call_free_func, \ 437| 1| (OPENSSL_sk_free_func)free_func); \ 438| 1| } \ _ZN4bssl29ssl_decode_client_hello_innerEP6ssl_stPhPNS_5ArrayIhEENS_4SpanIKhEEPK22ssl_early_callback_ctx: 138| 413| const SSL_CLIENT_HELLO *client_hello_outer) { 139| 413| SSL_CLIENT_HELLO client_hello_inner; 140| 413| CBS cbs = encoded_client_hello_inner; 141| 413| if (!ssl_parse_client_hello_with_trailing_data(ssl, &cbs, ------------------ | Branch (141:7): [True: 49, False: 364] ------------------ 142| 413| &client_hello_inner)) { 143| 49| return false; 144| 49| } 145| | // The remaining data is padding. 146| 364| uint8_t padding; 147| 2.32k| while (CBS_get_u8(&cbs, &padding)) { ------------------ | Branch (147:10): [True: 1.97k, False: 349] ------------------ 148| 1.97k| if (padding != 0) { ------------------ | Branch (148:9): [True: 15, False: 1.95k] ------------------ 149| 15| OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); ------------------ | | 361| 15| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 150| 15| *out_alert = SSL_AD_ILLEGAL_PARAMETER; ------------------ | | 4379| 15|#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER | | ------------------ | | | | 189| 15|#define SSL3_AD_ILLEGAL_PARAMETER 47 // fatal | | ------------------ ------------------ 151| 15| return false; 152| 15| } 153| 1.97k| } 154| | 155| | // TLS 1.3 ClientHellos must have extensions, and EncodedClientHelloInners use 156| | // ClientHelloOuter's session_id. 157| 349| if (client_hello_inner.extensions_len == 0 || ------------------ | Branch (157:7): [True: 14, False: 335] ------------------ 158| 349| client_hello_inner.session_id_len != 0) { ------------------ | Branch (158:7): [True: 5, False: 330] ------------------ 159| 19| OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); ------------------ | | 361| 19| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 160| 19| return false; 161| 19| } 162| 330| client_hello_inner.session_id = client_hello_outer->session_id; 163| 330| client_hello_inner.session_id_len = client_hello_outer->session_id_len; 164| | 165| | // Begin serializing a message containing the ClientHelloInner in |cbb|. 166| 330| ScopedCBB cbb; 167| 330| CBB body, extensions_cbb; 168| 330| if (!ssl->method->init_message(ssl, cbb.get(), &body, SSL3_MT_CLIENT_HELLO) || ------------------ | | 195| 330|#define SSL3_MT_CLIENT_HELLO 1 ------------------ | Branch (168:7): [True: 0, False: 330] ------------------ 169| 330| !ssl_client_hello_write_without_extensions(&client_hello_inner, &body) || ------------------ | Branch (169:7): [True: 0, False: 330] ------------------ 170| 330| !CBB_add_u16_length_prefixed(&body, &extensions_cbb)) { ------------------ | Branch (170:7): [True: 0, False: 330] ------------------ 171| 0| OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 172| 0| return false; 173| 0| } 174| | 175| 330| auto inner_extensions = 176| 330| Span(client_hello_inner.extensions, client_hello_inner.extensions_len); 177| 330| CBS ext_list_wrapper; 178| 330| if (!ssl_client_hello_get_extension(&client_hello_inner, &ext_list_wrapper, ------------------ | Branch (178:7): [True: 202, False: 128] ------------------ 179| 330| TLSEXT_TYPE_ech_outer_extensions)) { ------------------ | | 120| 330|#define TLSEXT_TYPE_ech_outer_extensions 0xfd00 ------------------ 180| | // No ech_outer_extensions. Copy everything. 181| 202| if (!CBB_add_bytes(&extensions_cbb, inner_extensions.data(), ------------------ | Branch (181:9): [True: 0, False: 202] ------------------ 182| 202| inner_extensions.size())) { 183| 0| OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 184| 0| return false; 185| 0| } 186| 202| } else { 187| 128| const size_t offset = CBS_data(&ext_list_wrapper) - inner_extensions.data(); 188| 128| auto inner_extensions_before = 189| 128| inner_extensions.subspan(0, offset - 4 /* extension header */); 190| 128| auto inner_extensions_after = 191| 128| inner_extensions.subspan(offset + CBS_len(&ext_list_wrapper)); 192| 128| if (!CBB_add_bytes(&extensions_cbb, inner_extensions_before.data(), ------------------ | Branch (192:9): [True: 0, False: 128] ------------------ 193| 128| inner_extensions_before.size())) { 194| 0| OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 195| 0| return false; 196| 0| } 197| | 198| | // Expand ech_outer_extensions. See draft-ietf-tls-esni-13, Appendix B. 199| 128| CBS ext_list; 200| 128| if (!CBS_get_u8_length_prefixed(&ext_list_wrapper, &ext_list) || ------------------ | Branch (200:9): [True: 24, False: 104] ------------------ 201| 128| CBS_len(&ext_list) == 0 || CBS_len(&ext_list_wrapper) != 0) { ------------------ | Branch (201:9): [True: 8, False: 96] | Branch (201:36): [True: 20, False: 76] ------------------ 202| 52| OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); ------------------ | | 361| 52| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 203| 52| return false; 204| 52| } 205| 76| CBS outer_extensions; 206| 76| CBS_init(&outer_extensions, client_hello_outer->extensions, 207| 76| client_hello_outer->extensions_len); 208| 154| while (CBS_len(&ext_list) != 0) { ------------------ | Branch (208:12): [True: 128, False: 26] ------------------ 209| | // Find the next extension to copy. 210| 128| uint16_t want; 211| 128| if (!CBS_get_u16(&ext_list, &want)) { ------------------ | Branch (211:11): [True: 2, False: 126] ------------------ 212| 2| OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); ------------------ | | 361| 2| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 213| 2| return false; 214| 2| } 215| | // The ECH extension itself is not in the AAD and may not be referenced. 216| 126| if (want == TLSEXT_TYPE_encrypted_client_hello) { ------------------ | | 119| 126|#define TLSEXT_TYPE_encrypted_client_hello 0xfe0d ------------------ | Branch (216:11): [True: 2, False: 124] ------------------ 217| 2| *out_alert = SSL_AD_ILLEGAL_PARAMETER; ------------------ | | 4379| 2|#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER | | ------------------ | | | | 189| 2|#define SSL3_AD_ILLEGAL_PARAMETER 47 // fatal | | ------------------ ------------------ 218| 2| OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_OUTER_EXTENSION); ------------------ | | 361| 2| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 219| 2| return false; 220| 2| } 221| | // Seek to |want| in |outer_extensions|. |ext_list| is required to match 222| | // ClientHelloOuter in order. 223| 124| uint16_t found; 224| 124| CBS ext_body; 225| 227| do { 226| 227| if (CBS_len(&outer_extensions) == 0) { ------------------ | Branch (226:13): [True: 46, False: 181] ------------------ 227| 46| *out_alert = SSL_AD_ILLEGAL_PARAMETER; ------------------ | | 4379| 46|#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER | | ------------------ | | | | 189| 46|#define SSL3_AD_ILLEGAL_PARAMETER 47 // fatal | | ------------------ ------------------ 228| 46| OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_OUTER_EXTENSION); ------------------ | | 361| 46| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 229| 46| return false; 230| 46| } 231| 181| if (!CBS_get_u16(&outer_extensions, &found) || ------------------ | Branch (231:13): [True: 0, False: 181] ------------------ 232| 181| !CBS_get_u16_length_prefixed(&outer_extensions, &ext_body)) { ------------------ | Branch (232:13): [True: 0, False: 181] ------------------ 233| 0| OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 234| 0| return false; 235| 0| } 236| 181| } while (found != want); ------------------ | Branch (236:16): [True: 103, False: 78] ------------------ 237| | // Copy the extension. 238| 78| if (!CBB_add_u16(&extensions_cbb, found) || ------------------ | Branch (238:11): [True: 0, False: 78] ------------------ 239| 78| !CBB_add_u16(&extensions_cbb, CBS_len(&ext_body)) || ------------------ | Branch (239:11): [True: 0, False: 78] ------------------ 240| 78| !CBB_add_bytes(&extensions_cbb, CBS_data(&ext_body), ------------------ | Branch (240:11): [True: 0, False: 78] ------------------ 241| 78| CBS_len(&ext_body))) { 242| 0| OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 243| 0| return false; 244| 0| } 245| 78| } 246| | 247| 26| if (!CBB_add_bytes(&extensions_cbb, inner_extensions_after.data(), ------------------ | Branch (247:9): [True: 0, False: 26] ------------------ 248| 26| inner_extensions_after.size())) { 249| 0| OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 250| 0| return false; 251| 0| } 252| 26| } 253| 228| if (!CBB_flush(&body)) { ------------------ | Branch (253:7): [True: 0, False: 228] ------------------ 254| 0| OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 255| 0| return false; 256| 0| } 257| | 258| 228| if (!is_valid_client_hello_inner(ssl, out_alert, ------------------ | Branch (258:7): [True: 183, False: 45] ------------------ 259| 228| Span(CBB_data(&body), CBB_len(&body)))) { 260| 183| return false; 261| 183| } 262| | 263| 45| if (!ssl->method->finish_message(ssl, cbb.get(), out_client_hello_inner)) { ------------------ | Branch (263:7): [True: 0, False: 45] ------------------ 264| 0| OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 265| 0| return false; 266| 0| } 267| 45| return true; 268| 45|} encrypted_client_hello.cc:_ZN4bsslL41ssl_client_hello_write_without_extensionsEPK22ssl_early_callback_ctxP6cbb_st: 63| 330| const SSL_CLIENT_HELLO *client_hello, CBB *out) { 64| 330| CBB cbb; 65| 330| if (!CBB_add_u16(out, client_hello->version) || ------------------ | Branch (65:7): [True: 0, False: 330] ------------------ 66| 330| !CBB_add_bytes(out, client_hello->random, client_hello->random_len) || ------------------ | Branch (66:7): [True: 0, False: 330] ------------------ 67| 330| !CBB_add_u8_length_prefixed(out, &cbb) || ------------------ | Branch (67:7): [True: 0, False: 330] ------------------ 68| 330| !CBB_add_bytes(&cbb, client_hello->session_id, ------------------ | Branch (68:7): [True: 0, False: 330] ------------------ 69| 330| client_hello->session_id_len)) { 70| 0| return false; 71| 0| } 72| 330| if (SSL_is_dtls(client_hello->ssl)) { ------------------ | Branch (72:7): [True: 0, False: 330] ------------------ 73| 0| if (!CBB_add_u8_length_prefixed(out, &cbb) || ------------------ | Branch (73:9): [True: 0, False: 0] ------------------ 74| 0| !CBB_add_bytes(&cbb, client_hello->dtls_cookie, ------------------ | Branch (74:9): [True: 0, False: 0] ------------------ 75| 0| client_hello->dtls_cookie_len)) { 76| 0| return false; 77| 0| } 78| 0| } 79| 330| if (!CBB_add_u16_length_prefixed(out, &cbb) || ------------------ | Branch (79:7): [True: 0, False: 330] ------------------ 80| 330| !CBB_add_bytes(&cbb, client_hello->cipher_suites, ------------------ | Branch (80:7): [True: 0, False: 330] ------------------ 81| 330| client_hello->cipher_suites_len) || 82| 330| !CBB_add_u8_length_prefixed(out, &cbb) || ------------------ | Branch (82:7): [True: 0, False: 330] ------------------ 83| 330| !CBB_add_bytes(&cbb, client_hello->compression_methods, ------------------ | Branch (83:7): [True: 0, False: 330] ------------------ 84| 330| client_hello->compression_methods_len) || 85| 330| !CBB_flush(out)) { ------------------ | Branch (85:7): [True: 0, False: 330] ------------------ 86| 0| return false; 87| 0| } 88| 330| return true; 89| 330|} encrypted_client_hello.cc:_ZN4bsslL27is_valid_client_hello_innerEP6ssl_stPhNS_4SpanIKhEE: 92| 228| Span body) { 93| | // See draft-ietf-tls-esni-13, section 7.1. 94| 228| SSL_CLIENT_HELLO client_hello; 95| 228| CBS extension; 96| 228| if (!SSL_parse_client_hello(ssl, &client_hello, body.data(), body.size()) || ------------------ | Branch (96:7): [True: 7, False: 221] ------------------ 97| 228| !ssl_client_hello_get_extension(&client_hello, &extension, ------------------ | Branch (97:7): [True: 95, False: 126] ------------------ 98| 221| TLSEXT_TYPE_encrypted_client_hello) || ------------------ | | 119| 221|#define TLSEXT_TYPE_encrypted_client_hello 0xfe0d ------------------ 99| 228| CBS_len(&extension) != 1 || // ------------------ | Branch (99:7): [True: 16, False: 110] ------------------ 100| 228| CBS_data(&extension)[0] != ECH_CLIENT_INNER || ------------------ | | 1313| 338|#define ECH_CLIENT_INNER 1 ------------------ | Branch (100:7): [True: 9, False: 101] ------------------ 101| 228| !ssl_client_hello_get_extension(&client_hello, &extension, ------------------ | Branch (101:7): [True: 14, False: 87] ------------------ 102| 141| TLSEXT_TYPE_supported_versions)) { ------------------ | | 99| 101|#define TLSEXT_TYPE_supported_versions 43 ------------------ 103| 141| *out_alert = SSL_AD_ILLEGAL_PARAMETER; ------------------ | | 4379| 141|#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER | | ------------------ | | | | 189| 141|#define SSL3_AD_ILLEGAL_PARAMETER 47 // fatal | | ------------------ ------------------ 104| 141| OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_CLIENT_HELLO_INNER); ------------------ | | 361| 141| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 105| 141| return false; 106| 141| } 107| | // Parse supported_versions and reject TLS versions prior to TLS 1.3. Older 108| | // versions are incompatible with ECH. 109| 87| CBS versions; 110| 87| if (!CBS_get_u8_length_prefixed(&extension, &versions) || ------------------ | Branch (110:7): [True: 4, False: 83] ------------------ 111| 87| CBS_len(&extension) != 0 || // ------------------ | Branch (111:7): [True: 11, False: 72] ------------------ 112| 87| CBS_len(&versions) == 0) { ------------------ | Branch (112:7): [True: 4, False: 68] ------------------ 113| 19| *out_alert = SSL_AD_DECODE_ERROR; ------------------ | | 4382| 19|#define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR | | ------------------ | | | | 32| 19|#define TLS1_AD_DECODE_ERROR 50 | | ------------------ ------------------ 114| 19| OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); ------------------ | | 361| 19| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 115| 19| return false; 116| 19| } 117| 469| while (CBS_len(&versions) != 0) { ------------------ | Branch (117:10): [True: 424, False: 45] ------------------ 118| 424| uint16_t version; 119| 424| if (!CBS_get_u16(&versions, &version)) { ------------------ | Branch (119:9): [True: 8, False: 416] ------------------ 120| 8| *out_alert = SSL_AD_DECODE_ERROR; ------------------ | | 4382| 8|#define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR | | ------------------ | | | | 32| 8|#define TLS1_AD_DECODE_ERROR 50 | | ------------------ ------------------ 121| 8| OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR); ------------------ | | 361| 8| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 122| 8| return false; 123| 8| } 124| 416| if (version == SSL3_VERSION || version == TLS1_VERSION || ------------------ | | 541| 832|#define SSL3_VERSION 0x0300 ------------------ if (version == SSL3_VERSION || version == TLS1_VERSION || ------------------ | | 542| 829|#define TLS1_VERSION 0x0301 ------------------ | Branch (124:9): [True: 3, False: 413] | Branch (124:36): [True: 3, False: 410] ------------------ 125| 416| version == TLS1_1_VERSION || version == TLS1_2_VERSION || ------------------ | | 543| 826|#define TLS1_1_VERSION 0x0302 ------------------ version == TLS1_1_VERSION || version == TLS1_2_VERSION || ------------------ | | 544| 825|#define TLS1_2_VERSION 0x0303 ------------------ | Branch (125:9): [True: 1, False: 409] | Branch (125:38): [True: 1, False: 408] ------------------ 126| 416| version == DTLS1_VERSION || version == DTLS1_2_VERSION) { ------------------ | | 547| 824|#define DTLS1_VERSION 0xfeff ------------------ version == DTLS1_VERSION || version == DTLS1_2_VERSION) { ------------------ | | 548| 402|#define DTLS1_2_VERSION 0xfefd ------------------ | Branch (126:9): [True: 6, False: 402] | Branch (126:37): [True: 1, False: 401] ------------------ 127| 15| *out_alert = SSL_AD_ILLEGAL_PARAMETER; ------------------ | | 4379| 15|#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER | | ------------------ | | | | 189| 15|#define SSL3_AD_ILLEGAL_PARAMETER 47 // fatal | | ------------------ ------------------ 128| 15| OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_CLIENT_HELLO_INNER); ------------------ | | 361| 15| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 129| 15| return false; 130| 15| } 131| 416| } 132| 45| return true; 133| 68|} _ZN4bssl41ssl_parse_client_hello_with_trailing_dataEPK6ssl_stP6cbs_stP22ssl_early_callback_ctx: 112| 1.39k| SSL_CLIENT_HELLO *out) { 113| 1.39k| OPENSSL_memset(out, 0, sizeof(*out)); 114| 1.39k| out->ssl = const_cast(ssl); 115| | 116| 1.39k| CBS copy = *cbs; 117| 1.39k| CBS random, session_id; 118| 1.39k| if (!CBS_get_u16(cbs, &out->version) || ------------------ | Branch (118:7): [True: 89, False: 1.30k] ------------------ 119| 1.39k| !CBS_get_bytes(cbs, &random, SSL3_RANDOM_SIZE) || ------------------ | | 102| 1.30k|#define SSL3_RANDOM_SIZE 32 ------------------ | Branch (119:7): [True: 23, False: 1.28k] ------------------ 120| 1.39k| !CBS_get_u8_length_prefixed(cbs, &session_id) || ------------------ | Branch (120:7): [True: 11, False: 1.27k] ------------------ 121| 1.39k| CBS_len(&session_id) > SSL_MAX_SSL_SESSION_ID_LENGTH) { ------------------ | | 1904| 1.27k|#define SSL_MAX_SSL_SESSION_ID_LENGTH 32 ------------------ | Branch (121:7): [True: 27, False: 1.24k] ------------------ 122| 150| OPENSSL_PUT_ERROR(SSL, SSL_R_CLIENTHELLO_PARSE_FAILED); ------------------ | | 361| 150| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 123| 150| return false; 124| 150| } 125| | 126| 1.24k| out->random = CBS_data(&random); 127| 1.24k| out->random_len = CBS_len(&random); 128| 1.24k| out->session_id = CBS_data(&session_id); 129| 1.24k| out->session_id_len = CBS_len(&session_id); 130| | 131| 1.24k| if (SSL_is_dtls(out->ssl)) { ------------------ | Branch (131:7): [True: 0, False: 1.24k] ------------------ 132| 0| CBS cookie; 133| 0| if (!CBS_get_u8_length_prefixed(cbs, &cookie)) { ------------------ | Branch (133:9): [True: 0, False: 0] ------------------ 134| 0| OPENSSL_PUT_ERROR(SSL, SSL_R_CLIENTHELLO_PARSE_FAILED); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 135| 0| return false; 136| 0| } 137| 0| out->dtls_cookie = CBS_data(&cookie); 138| 0| out->dtls_cookie_len = CBS_len(&cookie); 139| 1.24k| } else { 140| 1.24k| out->dtls_cookie = nullptr; 141| 1.24k| out->dtls_cookie_len = 0; 142| 1.24k| } 143| | 144| 1.24k| CBS cipher_suites, compression_methods; 145| 1.24k| if (!CBS_get_u16_length_prefixed(cbs, &cipher_suites) || ------------------ | Branch (145:7): [True: 36, False: 1.20k] ------------------ 146| 1.24k| CBS_len(&cipher_suites) < 2 || (CBS_len(&cipher_suites) & 1) != 0 || ------------------ | Branch (146:7): [True: 50, False: 1.15k] | Branch (146:38): [True: 24, False: 1.13k] ------------------ 147| 1.24k| !CBS_get_u8_length_prefixed(cbs, &compression_methods) || ------------------ | Branch (147:7): [True: 3, False: 1.13k] ------------------ 148| 1.24k| CBS_len(&compression_methods) < 1) { ------------------ | Branch (148:7): [True: 3, False: 1.12k] ------------------ 149| 116| OPENSSL_PUT_ERROR(SSL, SSL_R_CLIENTHELLO_PARSE_FAILED); ------------------ | | 361| 116| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 150| 116| return false; 151| 116| } 152| | 153| 1.12k| out->cipher_suites = CBS_data(&cipher_suites); 154| 1.12k| out->cipher_suites_len = CBS_len(&cipher_suites); 155| 1.12k| out->compression_methods = CBS_data(&compression_methods); 156| 1.12k| out->compression_methods_len = CBS_len(&compression_methods); 157| | 158| | // If the ClientHello ends here then it's valid, but doesn't have any 159| | // extensions. 160| 1.12k| if (CBS_len(cbs) == 0) { ------------------ | Branch (160:7): [True: 326, False: 802] ------------------ 161| 326| out->extensions = nullptr; 162| 326| out->extensions_len = 0; 163| 802| } else { 164| | // Extract extensions and check it is valid. 165| 802| CBS extensions; 166| 802| if (!CBS_get_u16_length_prefixed(cbs, &extensions) || ------------------ | Branch (166:9): [True: 23, False: 779] ------------------ 167| 802| !tls1_check_duplicate_extensions(&extensions)) { ------------------ | Branch (167:9): [True: 73, False: 706] ------------------ 168| 96| OPENSSL_PUT_ERROR(SSL, SSL_R_CLIENTHELLO_PARSE_FAILED); ------------------ | | 361| 96| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 169| 96| return false; 170| 96| } 171| 706| out->extensions = CBS_data(&extensions); 172| 706| out->extensions_len = CBS_len(&extensions); 173| 706| } 174| | 175| 1.03k| out->client_hello = CBS_data(©); 176| 1.03k| out->client_hello_len = CBS_len(©) - CBS_len(cbs); 177| 1.03k| return true; 178| 1.12k|} _ZN4bssl30ssl_client_hello_get_extensionEPK22ssl_early_callback_ctxP6cbs_stt: 181| 652| CBS *out, uint16_t extension_type) { 182| 652| CBS extensions; 183| 652| CBS_init(&extensions, client_hello->extensions, client_hello->extensions_len); 184| 1.90k| while (CBS_len(&extensions) != 0) { ------------------ | Branch (184:10): [True: 1.59k, False: 311] ------------------ 185| | // Decode the next extension. 186| 1.59k| uint16_t type; 187| 1.59k| CBS extension; 188| 1.59k| if (!CBS_get_u16(&extensions, &type) || ------------------ | Branch (188:9): [True: 0, False: 1.59k] ------------------ 189| 1.59k| !CBS_get_u16_length_prefixed(&extensions, &extension)) { ------------------ | Branch (189:9): [True: 0, False: 1.59k] ------------------ 190| 0| return false; 191| 0| } 192| | 193| 1.59k| if (type == extension_type) { ------------------ | Branch (193:9): [True: 341, False: 1.25k] ------------------ 194| 341| *out = extension; 195| 341| return true; 196| 341| } 197| 1.59k| } 198| | 199| 311| return false; 200| 652|} SSL_parse_client_hello: 4768| 981| const uint8_t *in, size_t len) { 4769| 981| CBS cbs = Span(in, len); 4770| 981| if (!ssl_parse_client_hello_with_trailing_data(ssl, &cbs, out)) { ------------------ | Branch (4770:7): [True: 313, False: 668] ------------------ 4771| 313| return 0; 4772| 313| } 4773| 668| if (CBS_len(&cbs) != 0) { ------------------ | Branch (4773:7): [True: 34, False: 634] ------------------ 4774| 34| OPENSSL_PUT_ERROR(SSL, SSL_R_CLIENTHELLO_PARSE_FAILED); ------------------ | | 361| 34| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 4775| 34| return 0; 4776| 34| } 4777| 634| return 1; 4778| 668|} extensions.cc:_ZN4bsslL31tls1_check_duplicate_extensionsEPK6cbs_st: 52| 779|static bool tls1_check_duplicate_extensions(const CBS *cbs) { 53| | // First pass: count the extensions. 54| 779| size_t num_extensions = 0; 55| 779| CBS extensions = *cbs; 56| 126k| while (CBS_len(&extensions) > 0) { ------------------ | Branch (56:10): [True: 126k, False: 752] ------------------ 57| 126k| uint16_t type; 58| 126k| CBS extension; 59| | 60| 126k| if (!CBS_get_u16(&extensions, &type) || ------------------ | Branch (60:9): [True: 2, False: 126k] ------------------ 61| 126k| !CBS_get_u16_length_prefixed(&extensions, &extension)) { ------------------ | Branch (61:9): [True: 25, False: 126k] ------------------ 62| 27| return false; 63| 27| } 64| | 65| 126k| num_extensions++; 66| 126k| } 67| | 68| 752| if (num_extensions == 0) { ------------------ | Branch (68:7): [True: 56, False: 696] ------------------ 69| 56| return true; 70| 56| } 71| | 72| 696| Array extension_types; 73| 696| if (!extension_types.InitForOverwrite(num_extensions)) { ------------------ | Branch (73:7): [True: 0, False: 696] ------------------ 74| 0| return false; 75| 0| } 76| | 77| | // Second pass: gather the extension types. 78| 696| extensions = *cbs; 79| 125k| for (size_t i = 0; i < extension_types.size(); i++) { ------------------ | Branch (79:22): [True: 124k, False: 696] ------------------ 80| 124k| CBS extension; 81| | 82| 124k| if (!CBS_get_u16(&extensions, &extension_types[i]) || ------------------ | Branch (82:9): [True: 0, False: 124k] ------------------ 83| 124k| !CBS_get_u16_length_prefixed(&extensions, &extension)) { ------------------ | Branch (83:9): [True: 0, False: 124k] ------------------ 84| | // This should not happen. 85| 0| return false; 86| 0| } 87| 124k| } 88| 696| assert(CBS_len(&extensions) == 0); 89| | 90| | // Sort the extensions and make sure there are no duplicates. 91| 696| std::sort(extension_types.begin(), extension_types.end()); 92| 2.13k| for (size_t i = 1; i < num_extensions; i++) { ------------------ | Branch (92:22): [True: 1.48k, False: 650] ------------------ 93| 1.48k| if (extension_types[i - 1] == extension_types[i]) { ------------------ | Branch (93:9): [True: 46, False: 1.43k] ------------------ 94| 46| return false; 95| 46| } 96| 1.48k| } 97| | 98| 650| return true; 99| 696|} _ZN4bssl13SSL_HANDSHAKEC2EP6ssl_st: 32| 1| : ssl(ssl_arg), 33| 1| transcript(SSL_is_dtls(ssl_arg)), 34| 1| inner_transcript(SSL_is_dtls(ssl_arg)), 35| 1| ech_is_inner(false), 36| 1| ech_authenticated_reject(false), 37| 1| scts_requested(false), 38| 1| handshake_finalized(false), 39| 1| accept_psk_mode(false), 40| 1| cert_request(false), 41| 1| certificate_status_expected(false), 42| 1| ocsp_stapling_requested(false), 43| 1| should_ack_sni(false), 44| 1| in_false_start(false), 45| 1| in_early_data(false), 46| 1| early_data_offered(false), 47| 1| can_early_read(false), 48| 1| can_early_write(false), 49| 1| is_early_version(false), 50| 1| next_proto_neg_seen(false), 51| 1| ticket_expected(false), 52| 1| extended_master_secret(false), 53| 1| pending_private_key_op(false), 54| 1| handback(false), 55| 1| hints_requested(false), 56| 1| cert_compression_negotiated(false), 57| 1| apply_jdk11_workaround(false), 58| 1| can_release_private_key(false), 59| 1| channel_id_negotiated(false), 60| 1| received_hello_verify_request(false), 61| 1| matched_peer_trust_anchor(false), 62| 1| peer_matched_trust_anchor(false) { 63| 1| assert(ssl); 64| | 65| | // Draw entropy for all GREASE values at once. This avoids calling 66| | // |RAND_bytes| repeatedly and makes the values consistent within a 67| | // connection. The latter is so the second ClientHello matches after 68| | // HelloRetryRequest and so supported_groups and key_shares are consistent. 69| 1| RAND_bytes(grease_seed, sizeof(grease_seed)); 70| 1|} _ZN4bssl13SSL_HANDSHAKED2Ev: 72| 1|SSL_HANDSHAKE::~SSL_HANDSHAKE() { 73| 1| ssl->ctx->x509_method->hs_flush_cached_ca_names(this); 74| 1|} _ZN4bssl17ssl_handshake_newEP6ssl_st: 100| 1|UniquePtr ssl_handshake_new(SSL *ssl) { 101| 1| UniquePtr hs = MakeUnique(ssl); 102| 1| if (!hs || !hs->transcript.Init()) { ------------------ | Branch (102:7): [True: 0, False: 1] | Branch (102:14): [True: 0, False: 1] ------------------ 103| 0| return nullptr; 104| 0| } 105| 1| hs->config = ssl->config.get(); 106| 1| if (!hs->config) { ------------------ | Branch (106:7): [True: 0, False: 1] ------------------ 107| 0| assert(hs->config); 108| 0| return nullptr; 109| 0| } 110| 1| return hs; 111| 1|} _ZN4bssl9SSLBufferC2Ev: 1033| 2| SSLBuffer() {} _ZN4bssl9SSLBufferD2Ev: 1034| 2| ~SSLBuffer() { Clear(); } _ZNK4bssl4CERT8is_validEv: 2391| 1| bool is_valid() const { return legacy_credential != nullptr; } _ZN4bssl23SSLCipherPreferenceListC2Ev: 332| 1| SSLCipherPreferenceList() = default; _ZN4bssl10RefCountedI17ssl_credential_stEC2ENS2_13CheckSubClassE: 168| 3| RefCounted(CheckSubClass) { 169| 3| static_assert(std::is_base_of::value, 170| 3| "Derived must subclass RefCounted"); 171| 3| } _ZN4bssl10RefCountedI17ssl_credential_stE14DecRefInternalEv: 151| 3| void DecRefInternal() { 152| 3| if (CRYPTO_refcount_dec_and_test_zero(&references_)) { ------------------ | Branch (152:9): [True: 3, False: 0] ------------------ 153| 3| Derived *d = static_cast(this); 154| 3| d->~Derived(); 155| 3| OPENSSL_free(d); 156| 3| } 157| 3| } _ZN4bssl10RefCountedI10ssl_ctx_stEC2ENS2_13CheckSubClassE: 168| 1| RefCounted(CheckSubClass) { 169| 1| static_assert(std::is_base_of::value, 170| 1| "Derived must subclass RefCounted"); 171| 1| } _ZN4bssl10RefCountedI10ssl_ctx_stE13UpRefInternalEv: 150| 2| void UpRefInternal() { CRYPTO_refcount_inc(&references_); } _ZN4bssl10RefCountedI10ssl_ctx_stE14DecRefInternalEv: 151| 3| void DecRefInternal() { 152| 3| if (CRYPTO_refcount_dec_and_test_zero(&references_)) { ------------------ | Branch (152:9): [True: 1, False: 2] ------------------ 153| 1| Derived *d = static_cast(this); 154| 1| d->~Derived(); 155| 1| OPENSSL_free(d); 156| 1| } 157| 3| } _ZN4bssl16tls_init_messageEPK6ssl_stP6cbb_stS4_h: 74| 330|bool tls_init_message(const SSL *ssl, CBB *cbb, CBB *body, uint8_t type) { 75| | // Pick a modest size hint to save most of the |realloc| calls. 76| 330| if (!CBB_init(cbb, 64) || // ------------------ | Branch (76:7): [True: 0, False: 330] ------------------ 77| 330| !CBB_add_u8(cbb, type) || // ------------------ | Branch (77:7): [True: 0, False: 330] ------------------ 78| 330| !CBB_add_u24_length_prefixed(cbb, body)) { ------------------ | Branch (78:7): [True: 0, False: 330] ------------------ 79| 0| OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 80| 0| CBB_cleanup(cbb); 81| 0| return false; 82| 0| } 83| | 84| 330| return true; 85| 330|} _ZN4bssl18tls_finish_messageEPK6ssl_stP6cbb_stPNS_5ArrayIhEE: 87| 45|bool tls_finish_message(const SSL *ssl, CBB *cbb, Array *out_msg) { 88| 45| return CBBFinishArray(cbb, out_msg); 89| 45|} _ZN4bssl10SSL3_STATEC2Ev: 35| 1| : skip_early_data(false), 36| 1| v2_hello_done(false), 37| 1| is_v2_hello(false), 38| 1| has_message(false), 39| 1| initial_handshake_complete(false), 40| 1| session_reused(false), 41| 1| send_connection_binding(false), 42| 1| channel_id_valid(false), 43| 1| key_update_pending(false), 44| 1| early_data_accepted(false), 45| 1| alert_dispatch(false), 46| 1| renegotiate_pending(false), 47| 1| used_hello_retry_request(false), 48| 1| was_key_usage_invalid(false) {} _ZN4bssl10SSL3_STATED2Ev: 50| 1|SSL3_STATE::~SSL3_STATE() {} _ZN4bssl7tls_newEP6ssl_st: 52| 1|bool tls_new(SSL *ssl) { 53| 1| UniquePtr s3 = MakeUnique(); 54| 1| if (!s3) { ------------------ | Branch (54:7): [True: 0, False: 1] ------------------ 55| 0| return false; 56| 0| } 57| | 58| | // TODO(crbug.com/368805255): Fields that aren't used in DTLS should not be 59| | // allocated at all. 60| | // TODO(crbug.com/371998381): Don't create these in QUIC either, once the 61| | // placeholder QUIC ones for subsequent epochs are removed. 62| 1| if (!SSL_is_dtls(ssl)) { ------------------ | Branch (62:7): [True: 1, False: 0] ------------------ 63| 1| s3->aead_read_ctx = SSLAEADContext::CreateNullCipher(); 64| 1| s3->aead_write_ctx = SSLAEADContext::CreateNullCipher(); 65| 1| if (!s3->aead_read_ctx || !s3->aead_write_ctx) { ------------------ | Branch (65:9): [True: 0, False: 1] | Branch (65:31): [True: 0, False: 1] ------------------ 66| 0| return false; 67| 0| } 68| 1| } 69| | 70| 1| s3->hs = ssl_handshake_new(ssl); 71| 1| if (!s3->hs) { ------------------ | Branch (71:7): [True: 0, False: 1] ------------------ 72| 0| return false; 73| 0| } 74| | 75| 1| ssl->s3 = s3.release(); 76| 1| return true; 77| 1|} _ZN4bssl8tls_freeEP6ssl_st: 79| 1|void tls_free(SSL *ssl) { 80| 1| if (ssl->s3 == NULL) { ------------------ | Branch (80:7): [True: 0, False: 1] ------------------ 81| 0| return; 82| 0| } 83| | 84| 1| Delete(ssl->s3); 85| 1| ssl->s3 = NULL; 86| 1|} _ZN4bssl14SSLAEADContextC2EPK13ssl_cipher_st: 31| 2| : cipher_(cipher_arg), 32| 2| variable_nonce_included_in_record_(false), 33| 2| random_variable_nonce_(false), 34| 2| xor_fixed_nonce_(false), 35| 2| omit_length_in_ad_(false), 36| 2| ad_is_header_(false) {} _ZN4bssl14SSLAEADContextD2Ev: 38| 2|SSLAEADContext::~SSLAEADContext() {} _ZN4bssl14SSLAEADContext16CreateNullCipherEv: 40| 2|UniquePtr SSLAEADContext::CreateNullCipher() { 41| 2| return MakeUnique(/*cipher=*/nullptr); 42| 2|} _ZN4bssl9SSLBuffer5ClearEv: 39| 2|void SSLBuffer::Clear() { 40| 2| if (buf_ != inline_buf_) { ------------------ | Branch (40:7): [True: 2, False: 0] ------------------ 41| 2| free(buf_); // Allocated with malloc(). 42| 2| } 43| 2| buf_ = nullptr; 44| 2| offset_ = 0; 45| 2| size_ = 0; 46| 2| cap_ = 0; 47| 2|} _ZN4bssl4CERTC2EPKNS_15SSL_X509_METHODE: 39| 2| : legacy_credential(MakeUnique(SSLCredentialType::kX509)), 40| 2| x509_method(x509_method_arg) {} _ZN4bssl4CERTD2Ev: 42| 2|CERT::~CERT() { x509_method->cert_free(this); } _ZN4bssl12ssl_cert_dupEPNS_4CERTE: 44| 1|UniquePtr ssl_cert_dup(CERT *cert) { 45| 1| UniquePtr ret = MakeUnique(cert->x509_method); 46| 1| if (!ret) { ------------------ | Branch (46:7): [True: 0, False: 1] ------------------ 47| 0| return nullptr; 48| 0| } 49| | 50| | // TODO(crbug.com/boringssl/431): This should just be |CopyFrom|. 51| 1| for (const auto &cred : cert->credentials) { ------------------ | Branch (51:25): [True: 0, False: 1] ------------------ 52| 0| if (!ret->credentials.Push(UpRef(cred))) { ------------------ | Branch (52:9): [True: 0, False: 0] ------------------ 53| 0| return nullptr; 54| 0| } 55| 0| } 56| | 57| | // |legacy_credential| is mutable, so it must be copied. We cannot simply 58| | // bump the reference count. 59| 1| ret->legacy_credential = cert->legacy_credential->Dup(); 60| 1| if (ret->legacy_credential == nullptr) { ------------------ | Branch (60:7): [True: 0, False: 1] ------------------ 61| 0| return nullptr; 62| 0| } 63| | 64| 1| ret->cert_cb = cert->cert_cb; 65| 1| ret->cert_cb_arg = cert->cert_cb_arg; 66| | 67| 1| ret->x509_method->cert_dup(ret.get(), cert); 68| | 69| 1| ret->sid_ctx = cert->sid_ctx; 70| 1| return ret; 71| 1|} _ZN4bssl23SSLCipherPreferenceListD2Ev: 596| 1|SSLCipherPreferenceList::~SSLCipherPreferenceList() { 597| 1| OPENSSL_free(in_group_flags); 598| 1|} _ZN4bssl23SSLCipherPreferenceList4InitENSt3__110unique_ptrI19stack_st_SSL_CIPHERNS_8internal7DeleterEEENS_4SpanIKbEE: 601| 1| Span in_group_flags_arg) { 602| 1| if (sk_SSL_CIPHER_num(ciphers_arg.get()) != in_group_flags_arg.size()) { ------------------ | Branch (602:7): [True: 0, False: 1] ------------------ 603| 0| OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 604| 0| return false; 605| 0| } 606| | 607| 1| Array copy; 608| 1| if (!copy.CopyFrom(in_group_flags_arg)) { ------------------ | Branch (608:7): [True: 0, False: 1] ------------------ 609| 0| return false; 610| 0| } 611| 1| ciphers = std::move(ciphers_arg); 612| 1| size_t unused_len; 613| 1| copy.Release(&in_group_flags, &unused_len); 614| 1| return true; 615| 1|} _ZN4bssl24ssl_cipher_is_deprecatedEPK13ssl_cipher_st: 642| 21|bool ssl_cipher_is_deprecated(const SSL_CIPHER *cipher) { 643| 21| return cipher->id == TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA256 || ------------------ | | 291| 42|#define TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0x0300C027 ------------------ | Branch (643:10): [True: 1, False: 20] ------------------ 644| 21| cipher->algorithm_enc == SSL_3DES; ------------------ | | 276| 20|#define SSL_3DES 0x00000001u ------------------ | Branch (644:10): [True: 1, False: 19] ------------------ 645| 21|} _ZN4bssl22ssl_create_cipher_listEPNSt3__110unique_ptrINS_23SSLCipherPreferenceListENS_8internal7DeleterEEEbPKcb: 1002| 1| bool strict) { 1003| | // Return with error if nothing to do. 1004| 1| if (rule_str == NULL || out_cipher_list == NULL) { ------------------ | Branch (1004:7): [True: 0, False: 1] | Branch (1004:27): [True: 0, False: 1] ------------------ 1005| 0| return false; 1006| 0| } 1007| | 1008| | // We prefer ECDHE ciphers over non-PFS ciphers. Then we prefer AEAD over 1009| | // non-AEAD. The constants are masked by 0xffff to remove the vestigial 0x03 1010| | // byte from SSL 2.0. 1011| 1| static const uint16_t kAESCiphers[] = { 1012| 1| TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 & 0xffff, ------------------ | | 322| 1|#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02B ------------------ 1013| 1| TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256 & 0xffff, ------------------ | | 326| 1|#define TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0x0300C02F ------------------ 1014| 1| TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 & 0xffff, ------------------ | | 323| 1|#define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02C ------------------ 1015| 1| TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384 & 0xffff, ------------------ | | 327| 1|#define TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0x0300C030 ------------------ 1016| 1| }; 1017| 1| static const uint16_t kChaChaCiphers[] = { 1018| 1| TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 & 0xffff, ------------------ | | 333| 1|#define TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 0x0300CCA9 ------------------ 1019| 1| TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 & 0xffff, ------------------ | | 332| 1|#define TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0x0300CCA8 ------------------ 1020| 1| TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 & 0xffff, ------------------ | | 334| 1|#define TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0x0300CCAC ------------------ 1021| 1| }; 1022| 1| static const uint16_t kLegacyCiphers[] = { 1023| 1| TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA & 0xffff, ------------------ | | 276| 1|#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0x0300C009 ------------------ 1024| 1| TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA & 0xffff, ------------------ | | 288| 1|#define TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA 0x0300C013 ------------------ 1025| 1| TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA & 0xffff, ------------------ | | 179| 1|#define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA 0x0300C035 ------------------ 1026| 1| TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA & 0xffff, ------------------ | | 277| 1|#define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0x0300C00A ------------------ 1027| 1| TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA & 0xffff, ------------------ | | 289| 1|#define TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA 0x0300C014 ------------------ 1028| 1| TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA & 0xffff, ------------------ | | 180| 1|#define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA 0x0300C036 ------------------ 1029| 1| TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA256 & 0xffff, ------------------ | | 291| 1|#define TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0x0300C027 ------------------ 1030| 1| TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 & 0xffff, ------------------ | | 253| 1|#define TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 0x0300009C ------------------ 1031| 1| TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 & 0xffff, ------------------ | | 254| 1|#define TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 0x0300009D ------------------ 1032| 1| TLS1_CK_RSA_WITH_AES_128_SHA & 0xffff, ------------------ | | 197| 1|#define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F ------------------ 1033| 1| TLS1_CK_PSK_WITH_AES_128_CBC_SHA & 0xffff, ------------------ | | 175| 1|#define TLS1_CK_PSK_WITH_AES_128_CBC_SHA 0x0300008C ------------------ 1034| 1| TLS1_CK_RSA_WITH_AES_256_SHA & 0xffff, ------------------ | | 204| 1|#define TLS1_CK_RSA_WITH_AES_256_SHA 0x03000035 ------------------ 1035| 1| TLS1_CK_PSK_WITH_AES_256_CBC_SHA & 0xffff, ------------------ | | 176| 1|#define TLS1_CK_PSK_WITH_AES_256_CBC_SHA 0x0300008D ------------------ 1036| 1| SSL3_CK_RSA_DES_192_CBC3_SHA & 0xffff, ------------------ | | 45| 1|#define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A ------------------ 1037| 1| }; 1038| | 1039| | // Set up a linked list of ciphers. 1040| 1| CIPHER_ORDER co_list[OPENSSL_ARRAY_SIZE(kAESCiphers) + 1041| 1| OPENSSL_ARRAY_SIZE(kChaChaCiphers) + 1042| 1| OPENSSL_ARRAY_SIZE(kLegacyCiphers)]; 1043| 22| for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(co_list); i++) { ------------------ | | 103| 22|#define OPENSSL_ARRAY_SIZE(array) (sizeof(array) / sizeof((array)[0])) ------------------ | Branch (1043:22): [True: 21, False: 1] ------------------ 1044| 21| co_list[i].next = 1045| 21| i + 1 < OPENSSL_ARRAY_SIZE(co_list) ? &co_list[i + 1] : nullptr; ------------------ | | 103| 21|#define OPENSSL_ARRAY_SIZE(array) (sizeof(array) / sizeof((array)[0])) ------------------ | Branch (1045:9): [True: 20, False: 1] ------------------ 1046| 21| co_list[i].prev = i == 0 ? nullptr : &co_list[i - 1]; ------------------ | Branch (1046:23): [True: 1, False: 20] ------------------ 1047| 21| co_list[i].active = false; 1048| 21| co_list[i].in_group = false; 1049| 21| } 1050| 1| CIPHER_ORDER *head = &co_list[0]; 1051| 1| CIPHER_ORDER *tail = &co_list[OPENSSL_ARRAY_SIZE(co_list) - 1]; ------------------ | | 103| 1|#define OPENSSL_ARRAY_SIZE(array) (sizeof(array) / sizeof((array)[0])) ------------------ 1052| | 1053| | // Order AES ciphers vs ChaCha ciphers based on whether we have AES hardware. 1054| | // 1055| | // TODO(crbug.com/boringssl/29): We should also set up equipreference groups 1056| | // as a server. 1057| 1| size_t num = 0; 1058| 1| if (has_aes_hw) { ------------------ | Branch (1058:7): [True: 1, False: 0] ------------------ 1059| 4| for (uint16_t id : kAESCiphers) { ------------------ | Branch (1059:22): [True: 4, False: 1] ------------------ 1060| 4| co_list[num++].cipher = SSL_get_cipher_by_value(id); 1061| 4| assert(co_list[num - 1].cipher != nullptr); 1062| 4| } 1063| 1| } 1064| 3| for (uint16_t id : kChaChaCiphers) { ------------------ | Branch (1064:20): [True: 3, False: 1] ------------------ 1065| 3| co_list[num++].cipher = SSL_get_cipher_by_value(id); 1066| 3| assert(co_list[num - 1].cipher != nullptr); 1067| 3| } 1068| 1| if (!has_aes_hw) { ------------------ | Branch (1068:7): [True: 0, False: 1] ------------------ 1069| 0| for (uint16_t id : kAESCiphers) { ------------------ | Branch (1069:22): [True: 0, False: 0] ------------------ 1070| 0| co_list[num++].cipher = SSL_get_cipher_by_value(id); 1071| 0| assert(co_list[num - 1].cipher != nullptr); 1072| 0| } 1073| 0| } 1074| 14| for (uint16_t id : kLegacyCiphers) { ------------------ | Branch (1074:20): [True: 14, False: 1] ------------------ 1075| 14| co_list[num++].cipher = SSL_get_cipher_by_value(id); 1076| 14| assert(co_list[num - 1].cipher != nullptr); 1077| 14| } 1078| 1| assert(num == OPENSSL_ARRAY_SIZE(co_list)); 1079| 1| static_assert(OPENSSL_ARRAY_SIZE(co_list) + NumTLS13Ciphers() == 1080| 1| OPENSSL_ARRAY_SIZE(kCiphers), 1081| 1| "Not all ciphers are included in the cipher order"); 1082| | 1083| | // If the rule_string begins with DEFAULT, apply the default rule before 1084| | // using the (possibly available) additional rules. 1085| 1| const char *rule_p = rule_str; 1086| 1| if (strncmp(rule_str, "DEFAULT", 7) == 0) { ------------------ | Branch (1086:7): [True: 0, False: 1] ------------------ 1087| 0| if (!ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST, &head, &tail, ------------------ | | 1669| 0|#define SSL_DEFAULT_CIPHER_LIST "ALL" ------------------ | Branch (1087:9): [True: 0, False: 0] ------------------ 1088| 0| strict)) { 1089| 0| return false; 1090| 0| } 1091| 0| rule_p += 7; 1092| 0| if (*rule_p == ':') { ------------------ | Branch (1092:9): [True: 0, False: 0] ------------------ 1093| 0| rule_p++; 1094| 0| } 1095| 0| } 1096| | 1097| 1| if (*rule_p != '\0' && ------------------ | Branch (1097:7): [True: 1, False: 0] ------------------ 1098| 1| !ssl_cipher_process_rulestr(rule_p, &head, &tail, strict)) { ------------------ | Branch (1098:7): [True: 0, False: 1] ------------------ 1099| 0| return false; 1100| 0| } 1101| | 1102| | // Allocate new "cipherstack" for the result, return with error 1103| | // if we cannot get one. 1104| 1| UniquePtr cipherstack(sk_SSL_CIPHER_new_null()); 1105| 1| Array in_group_flags; 1106| 1| if (cipherstack == nullptr || ------------------ | Branch (1106:7): [True: 0, False: 1] ------------------ 1107| 1| !in_group_flags.InitForOverwrite(OPENSSL_ARRAY_SIZE(kCiphers))) { ------------------ | | 103| 1|#define OPENSSL_ARRAY_SIZE(array) (sizeof(array) / sizeof((array)[0])) ------------------ | Branch (1107:7): [True: 0, False: 1] ------------------ 1108| 0| return false; 1109| 0| } 1110| | 1111| | // The cipher selection for the list is done. The ciphers are added 1112| | // to the resulting precedence to the STACK_OF(SSL_CIPHER). 1113| 1| size_t num_in_group_flags = 0; 1114| 22| for (CIPHER_ORDER *curr = head; curr != NULL; curr = curr->next) { ------------------ | Branch (1114:35): [True: 21, False: 1] ------------------ 1115| 21| if (curr->active) { ------------------ | Branch (1115:9): [True: 19, False: 2] ------------------ 1116| 19| if (!sk_SSL_CIPHER_push(cipherstack.get(), curr->cipher)) { ------------------ | Branch (1116:11): [True: 0, False: 19] ------------------ 1117| 0| return false; 1118| 0| } 1119| 19| in_group_flags[num_in_group_flags++] = curr->in_group; 1120| 19| } 1121| 21| } 1122| 1| in_group_flags.Shrink(num_in_group_flags); 1123| | 1124| 1| UniquePtr pref_list = 1125| 1| MakeUnique(); 1126| 1| if (!pref_list || !pref_list->Init(std::move(cipherstack), in_group_flags)) { ------------------ | Branch (1126:7): [True: 0, False: 1] | Branch (1126:7): [True: 0, False: 1] | Branch (1126:21): [True: 0, False: 1] ------------------ 1127| 0| return false; 1128| 0| } 1129| | 1130| 1| *out_cipher_list = std::move(pref_list); 1131| | 1132| | // Configuring an empty cipher list is an error but still updates the 1133| | // output. 1134| 1| if (sk_SSL_CIPHER_num((*out_cipher_list)->ciphers.get()) == 0) { ------------------ | Branch (1134:7): [True: 0, False: 1] ------------------ 1135| 0| OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CIPHER_MATCH); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 1136| 0| return false; 1137| 0| } 1138| | 1139| 1| return true; 1140| 1|} SSL_get_cipher_by_value: 1219| 21|const SSL_CIPHER *SSL_get_cipher_by_value(uint16_t value) { 1220| 21| SSL_CIPHER c; 1221| | 1222| 21| c.id = 0x03000000L | value; 1223| 21| return reinterpret_cast( 1224| 21| bsearch(&c, kCiphers, OPENSSL_ARRAY_SIZE(kCiphers), sizeof(SSL_CIPHER), ------------------ | | 103| 21|#define OPENSSL_ARRAY_SIZE(array) (sizeof(array) / sizeof((array)[0])) ------------------ 1225| 21| ssl_cipher_id_cmp_void)); 1226| 21|} ssl_cipher.cc:_ZN4bsslL26ssl_cipher_process_rulestrEPKcPPNS_15cipher_order_stES4_b: 819| 1| CIPHER_ORDER **tail_p, bool strict) { 820| 1| const char *l, *buf; 821| 1| bool in_group = false, has_group = false; 822| 1| size_t j, buf_len; 823| 1| char ch; 824| | 825| 1| l = rule_str; 826| 2| for (;;) { 827| 2| ch = *l; 828| | 829| 2| if (ch == '\0') { ------------------ | Branch (829:9): [True: 1, False: 1] ------------------ 830| 1| break; // done 831| 1| } 832| | 833| 1| int rule; 834| 1| if (in_group) { ------------------ | Branch (834:9): [True: 0, False: 1] ------------------ 835| 0| if (ch == ']') { ------------------ | Branch (835:11): [True: 0, False: 0] ------------------ 836| 0| if (*tail_p) { ------------------ | Branch (836:13): [True: 0, False: 0] ------------------ 837| 0| (*tail_p)->in_group = false; 838| 0| } 839| 0| in_group = false; 840| 0| l++; 841| 0| continue; 842| 0| } 843| | 844| 0| if (ch == '|') { ------------------ | Branch (844:11): [True: 0, False: 0] ------------------ 845| 0| rule = CIPHER_ADD; ------------------ | | 354| 0|#define CIPHER_ADD 1 ------------------ 846| 0| l++; 847| 0| continue; 848| 0| } else if (!OPENSSL_isalnum(ch)) { ------------------ | Branch (848:18): [True: 0, False: 0] ------------------ 849| 0| OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_OPERATOR_IN_GROUP); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 850| 0| return false; 851| 0| } else { 852| 0| rule = CIPHER_ADD; ------------------ | | 354| 0|#define CIPHER_ADD 1 ------------------ 853| 0| } 854| 1| } else if (ch == '-') { ------------------ | Branch (854:16): [True: 0, False: 1] ------------------ 855| 0| rule = CIPHER_DEL; ------------------ | | 356| 0|#define CIPHER_DEL 3 ------------------ 856| 0| l++; 857| 1| } else if (ch == '+') { ------------------ | Branch (857:16): [True: 0, False: 1] ------------------ 858| 0| rule = CIPHER_ORD; ------------------ | | 357| 0|#define CIPHER_ORD 4 ------------------ 859| 0| l++; 860| 1| } else if (ch == '!') { ------------------ | Branch (860:16): [True: 0, False: 1] ------------------ 861| 0| rule = CIPHER_KILL; ------------------ | | 355| 0|#define CIPHER_KILL 2 ------------------ 862| 0| l++; 863| 1| } else if (ch == '@') { ------------------ | Branch (863:16): [True: 0, False: 1] ------------------ 864| 0| rule = CIPHER_SPECIAL; ------------------ | | 358| 0|#define CIPHER_SPECIAL 5 ------------------ 865| 0| l++; 866| 1| } else if (ch == '[') { ------------------ | Branch (866:16): [True: 0, False: 1] ------------------ 867| 0| assert(!in_group); 868| 0| in_group = true; 869| 0| has_group = true; 870| 0| l++; 871| 0| continue; 872| 1| } else { 873| 1| rule = CIPHER_ADD; ------------------ | | 354| 1|#define CIPHER_ADD 1 ------------------ 874| 1| } 875| | 876| | // If preference groups are enabled, the only legal operator is +. 877| | // Otherwise the in_group bits will get mixed up. 878| 1| if (has_group && rule != CIPHER_ADD) { ------------------ | | 354| 0|#define CIPHER_ADD 1 ------------------ | Branch (878:9): [True: 0, False: 1] | Branch (878:22): [True: 0, False: 0] ------------------ 879| 0| OPENSSL_PUT_ERROR(SSL, SSL_R_MIXED_SPECIAL_OPERATOR_WITH_GROUPS); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 880| 0| return false; 881| 0| } 882| | 883| 1| if (is_cipher_list_separator(ch, strict)) { ------------------ | Branch (883:9): [True: 0, False: 1] ------------------ 884| 0| l++; 885| 0| continue; 886| 0| } 887| | 888| 1| bool multi = false; 889| 1| uint32_t cipher_id = 0; 890| 1| CIPHER_ALIAS alias; 891| 1| bool skip_rule = false; 892| | 893| | // When adding, exclude deprecated ciphers by default. 894| 1| alias.include_deprecated = rule != CIPHER_ADD; ------------------ | | 354| 1|#define CIPHER_ADD 1 ------------------ 895| | 896| 1| for (;;) { 897| 1| ch = *l; 898| 1| buf = l; 899| 1| buf_len = 0; 900| 4| while (OPENSSL_isalnum(ch) || ch == '-' || ch == '.' || ch == '_') { ------------------ | Branch (900:14): [True: 3, False: 1] | Branch (900:37): [True: 0, False: 1] | Branch (900:50): [True: 0, False: 1] | Branch (900:63): [True: 0, False: 1] ------------------ 901| 3| ch = *(++l); 902| 3| buf_len++; 903| 3| } 904| | 905| 1| if (buf_len == 0) { ------------------ | Branch (905:11): [True: 0, False: 1] ------------------ 906| | // We hit something we cannot deal with, it is no command or separator 907| | // nor alphanumeric, so we call this an error. 908| 0| OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_COMMAND); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 909| 0| return false; 910| 0| } 911| | 912| 1| if (rule == CIPHER_SPECIAL) { ------------------ | | 358| 1|#define CIPHER_SPECIAL 5 ------------------ | Branch (912:11): [True: 0, False: 1] ------------------ 913| 0| break; 914| 0| } 915| | 916| | // Look for a matching exact cipher. These aren't allowed in multipart 917| | // rules. 918| 1| if (!multi && ch != '+') { ------------------ | Branch (918:11): [True: 1, False: 0] | Branch (918:21): [True: 1, False: 0] ------------------ 919| 25| for (j = 0; j < OPENSSL_ARRAY_SIZE(kCiphers); j++) { ------------------ | | 103| 25|#define OPENSSL_ARRAY_SIZE(array) (sizeof(array) / sizeof((array)[0])) ------------------ | Branch (919:21): [True: 24, False: 1] ------------------ 920| 24| const SSL_CIPHER *cipher = &kCiphers[j]; 921| 24| if (rule_equals(cipher->name, buf, buf_len) || ------------------ | Branch (921:15): [True: 0, False: 24] ------------------ 922| 24| rule_equals(cipher->standard_name, buf, buf_len)) { ------------------ | Branch (922:15): [True: 0, False: 24] ------------------ 923| 0| cipher_id = cipher->id; 924| 0| break; 925| 0| } 926| 24| } 927| 1| } 928| 1| if (cipher_id == 0) { ------------------ | Branch (928:11): [True: 1, False: 0] ------------------ 929| | // If not an exact cipher, look for a matching cipher alias. 930| 1| for (j = 0; j < kCipherAliasesLen; j++) { ------------------ | Branch (930:21): [True: 1, False: 0] ------------------ 931| 1| if (rule_equals(kCipherAliases[j].name, buf, buf_len)) { ------------------ | Branch (931:15): [True: 1, False: 0] ------------------ 932| 1| alias.algorithm_mkey &= kCipherAliases[j].algorithm_mkey; 933| 1| alias.algorithm_auth &= kCipherAliases[j].algorithm_auth; 934| 1| alias.algorithm_enc &= kCipherAliases[j].algorithm_enc; 935| 1| alias.algorithm_mac &= kCipherAliases[j].algorithm_mac; 936| | 937| | // When specifying a combination of aliases, if any aliases 938| | // enables deprecated ciphers, deprecated ciphers are included. This 939| | // is slightly different from the bitmasks in that adding aliases 940| | // can increase the set of matched ciphers. This is so that an alias 941| | // like "RSA" will only specifiy AES-based RSA ciphers, but 942| | // "RSA+3DES" will still specify 3DES. 943| 1| alias.include_deprecated |= kCipherAliases[j].include_deprecated; 944| | 945| 1| if (alias.min_version != 0 && ------------------ | Branch (945:17): [True: 0, False: 1] ------------------ 946| 1| alias.min_version != kCipherAliases[j].min_version) { ------------------ | Branch (946:17): [True: 0, False: 0] ------------------ 947| 0| skip_rule = true; 948| 1| } else { 949| 1| alias.min_version = kCipherAliases[j].min_version; 950| 1| } 951| 1| break; 952| 1| } 953| 1| } 954| 1| if (j == kCipherAliasesLen) { ------------------ | Branch (954:13): [True: 0, False: 1] ------------------ 955| 0| skip_rule = true; 956| 0| if (strict) { ------------------ | Branch (956:15): [True: 0, False: 0] ------------------ 957| 0| OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_COMMAND); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 958| 0| return false; 959| 0| } 960| 0| } 961| 1| } 962| | 963| | // Check for a multipart rule. 964| 1| if (ch != '+') { ------------------ | Branch (964:11): [True: 1, False: 0] ------------------ 965| 1| break; 966| 1| } 967| 0| l++; 968| 0| multi = true; 969| 0| } 970| | 971| | // Ok, we have the rule, now apply it. 972| 1| if (rule == CIPHER_SPECIAL) { ------------------ | | 358| 1|#define CIPHER_SPECIAL 5 ------------------ | Branch (972:9): [True: 0, False: 1] ------------------ 973| 0| if (buf_len != 8 || strncmp(buf, "STRENGTH", 8) != 0) { ------------------ | Branch (973:11): [True: 0, False: 0] | Branch (973:27): [True: 0, False: 0] ------------------ 974| 0| OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_COMMAND); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 975| 0| return false; 976| 0| } 977| 0| if (!ssl_cipher_strength_sort(head_p, tail_p)) { ------------------ | Branch (977:11): [True: 0, False: 0] ------------------ 978| 0| return false; 979| 0| } 980| | 981| | // We do not support any "multi" options together with "@", so throw away 982| | // the rest of the command, if any left, until end or ':' is found. 983| 0| while (*l != '\0' && !is_cipher_list_separator(*l, strict)) { ------------------ | Branch (983:14): [True: 0, False: 0] | Branch (983:28): [True: 0, False: 0] ------------------ 984| 0| l++; 985| 0| } 986| 1| } else if (!skip_rule) { ------------------ | Branch (986:16): [True: 1, False: 0] ------------------ 987| 1| ssl_cipher_apply_rule(cipher_id, &alias, rule, -1, in_group, head_p, 988| 1| tail_p); 989| 1| } 990| 1| } 991| | 992| 1| if (in_group) { ------------------ | Branch (992:7): [True: 0, False: 1] ------------------ 993| 0| OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_COMMAND); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 994| 0| return false; 995| 0| } 996| | 997| 1| return true; 998| 1|} ssl_cipher.cc:_ZN4bsslL24is_cipher_list_separatorEcb: 542| 1|static bool is_cipher_list_separator(char c, bool is_strict) { 543| 1| if (c == ':') { ------------------ | Branch (543:7): [True: 0, False: 1] ------------------ 544| 0| return true; 545| 0| } 546| 1| return !is_strict && (c == ' ' || c == ';' || c == ','); ------------------ | Branch (546:10): [True: 0, False: 1] | Branch (546:25): [True: 0, False: 0] | Branch (546:37): [True: 0, False: 0] | Branch (546:49): [True: 0, False: 0] ------------------ 547| 1|} ssl_cipher.cc:_ZN4bsslL11rule_equalsEPKcS1_m: 551| 49|static bool rule_equals(const char *rule, const char *buf, size_t buf_len) { 552| | // |strncmp| alone only checks that |buf| is a prefix of |rule|. 553| 49| return strncmp(rule, buf, buf_len) == 0 && rule[buf_len] == '\0'; ------------------ | Branch (553:10): [True: 1, False: 48] | Branch (553:46): [True: 1, False: 0] ------------------ 554| 49|} ssl_cipher.cc:_ZN4bsslL21ssl_cipher_apply_ruleEjPKNS_15cipher_alias_stEiibPPNS_15cipher_order_stES5_: 659| 1| CIPHER_ORDER **tail_p) { 660| 1| CIPHER_ORDER *head, *tail, *curr, *next, *last; 661| 1| const SSL_CIPHER *cp; 662| 1| bool reverse = false; 663| | 664| 1| if (cipher_id == 0 && strength_bits == -1 && alias->min_version == 0 && ------------------ | Branch (664:7): [True: 1, False: 0] | Branch (664:25): [True: 1, False: 0] | Branch (664:48): [True: 1, False: 0] ------------------ 665| 1| (alias->algorithm_mkey == 0 || alias->algorithm_auth == 0 || ------------------ | Branch (665:8): [True: 0, False: 1] | Branch (665:38): [True: 0, False: 1] ------------------ 666| 1| alias->algorithm_enc == 0 || alias->algorithm_mac == 0)) { ------------------ | Branch (666:8): [True: 0, False: 1] | Branch (666:37): [True: 0, False: 1] ------------------ 667| | // The rule matches nothing, so bail early. 668| 0| return; 669| 0| } 670| | 671| 1| if (rule == CIPHER_DEL) { ------------------ | | 356| 1|#define CIPHER_DEL 3 ------------------ | Branch (671:7): [True: 0, False: 1] ------------------ 672| | // needed to maintain sorting between currently deleted ciphers 673| 0| reverse = true; 674| 0| } 675| | 676| 1| head = *head_p; 677| 1| tail = *tail_p; 678| | 679| 1| if (reverse) { ------------------ | Branch (679:7): [True: 0, False: 1] ------------------ 680| 0| next = tail; 681| 0| last = head; 682| 1| } else { 683| 1| next = head; 684| 1| last = tail; 685| 1| } 686| | 687| 1| curr = NULL; 688| 22| for (;;) { 689| 22| if (curr == last) { ------------------ | Branch (689:9): [True: 1, False: 21] ------------------ 690| 1| break; 691| 1| } 692| | 693| 21| curr = next; 694| 21| if (curr == NULL) { ------------------ | Branch (694:9): [True: 0, False: 21] ------------------ 695| 0| break; 696| 0| } 697| | 698| 21| next = reverse ? curr->prev : curr->next; ------------------ | Branch (698:12): [True: 0, False: 21] ------------------ 699| 21| cp = curr->cipher; 700| | 701| | // Selection criteria is either a specific cipher, the value of 702| | // |strength_bits|, or the algorithms used. 703| 21| if (cipher_id != 0) { ------------------ | Branch (703:9): [True: 0, False: 21] ------------------ 704| 0| if (cipher_id != cp->id) { ------------------ | Branch (704:11): [True: 0, False: 0] ------------------ 705| 0| continue; 706| 0| } 707| 21| } else if (strength_bits >= 0) { ------------------ | Branch (707:16): [True: 0, False: 21] ------------------ 708| 0| if (strength_bits != SSL_CIPHER_get_bits(cp, NULL)) { ------------------ | Branch (708:11): [True: 0, False: 0] ------------------ 709| 0| continue; 710| 0| } 711| 21| } else { 712| 21| if (!(alias->algorithm_mkey & cp->algorithm_mkey) || ------------------ | Branch (712:11): [True: 0, False: 21] ------------------ 713| 21| !(alias->algorithm_auth & cp->algorithm_auth) || ------------------ | Branch (713:11): [True: 0, False: 21] ------------------ 714| 21| !(alias->algorithm_enc & cp->algorithm_enc) || ------------------ | Branch (714:11): [True: 0, False: 21] ------------------ 715| 21| !(alias->algorithm_mac & cp->algorithm_mac) || ------------------ | Branch (715:11): [True: 0, False: 21] ------------------ 716| 21| (alias->min_version != 0 && ------------------ | Branch (716:12): [True: 0, False: 21] ------------------ 717| 21| SSL_CIPHER_get_min_version(cp) != alias->min_version) || ------------------ | Branch (717:12): [True: 0, False: 0] ------------------ 718| 21| (!alias->include_deprecated && ssl_cipher_is_deprecated(cp))) { ------------------ | Branch (718:12): [True: 21, False: 0] | Branch (718:42): [True: 2, False: 19] ------------------ 719| 2| continue; 720| 2| } 721| 21| } 722| | 723| | // add the cipher if it has not been added yet. 724| 19| if (rule == CIPHER_ADD) { ------------------ | | 354| 19|#define CIPHER_ADD 1 ------------------ | Branch (724:9): [True: 19, False: 0] ------------------ 725| | // reverse == false 726| 19| if (!curr->active) { ------------------ | Branch (726:11): [True: 19, False: 0] ------------------ 727| 19| ll_append_tail(&head, curr, &tail); 728| 19| curr->active = true; 729| 19| curr->in_group = in_group; 730| 19| } 731| 19| } 732| | 733| | // Move the added cipher to this location 734| 0| else if (rule == CIPHER_ORD) { ------------------ | | 357| 0|#define CIPHER_ORD 4 ------------------ | Branch (734:14): [True: 0, False: 0] ------------------ 735| | // reverse == false 736| 0| if (curr->active) { ------------------ | Branch (736:11): [True: 0, False: 0] ------------------ 737| 0| ll_append_tail(&head, curr, &tail); 738| 0| curr->in_group = false; 739| 0| } 740| 0| } else if (rule == CIPHER_DEL) { ------------------ | | 356| 0|#define CIPHER_DEL 3 ------------------ | Branch (740:16): [True: 0, False: 0] ------------------ 741| | // reverse == true 742| 0| if (curr->active) { ------------------ | Branch (742:11): [True: 0, False: 0] ------------------ 743| | // most recently deleted ciphersuites get best positions 744| | // for any future CIPHER_ADD (note that the CIPHER_DEL loop 745| | // works in reverse to maintain the order) 746| 0| ll_append_head(&head, curr, &tail); 747| 0| curr->active = false; 748| 0| curr->in_group = false; 749| 0| } 750| 0| } else if (rule == CIPHER_KILL) { ------------------ | | 355| 0|#define CIPHER_KILL 2 ------------------ | Branch (750:16): [True: 0, False: 0] ------------------ 751| | // reverse == false 752| 0| if (head == curr) { ------------------ | Branch (752:11): [True: 0, False: 0] ------------------ 753| 0| head = curr->next; 754| 0| } else { 755| 0| curr->prev->next = curr->next; 756| 0| } 757| | 758| 0| if (tail == curr) { ------------------ | Branch (758:11): [True: 0, False: 0] ------------------ 759| 0| tail = curr->prev; 760| 0| } 761| 0| curr->active = false; 762| 0| if (curr->next != NULL) { ------------------ | Branch (762:11): [True: 0, False: 0] ------------------ 763| 0| curr->next->prev = curr->prev; 764| 0| } 765| 0| if (curr->prev != NULL) { ------------------ | Branch (765:11): [True: 0, False: 0] ------------------ 766| 0| curr->prev->next = curr->next; 767| 0| } 768| 0| curr->next = NULL; 769| 0| curr->prev = NULL; 770| 0| } 771| 19| } 772| | 773| 1| *head_p = head; 774| 1| *tail_p = tail; 775| 1|} ssl_cipher.cc:_ZN4bsslL14ll_append_tailEPPNS_15cipher_order_stES1_S2_: 557| 19| CIPHER_ORDER **tail) { 558| 19| if (curr == *tail) { ------------------ | Branch (558:7): [True: 0, False: 19] ------------------ 559| 0| return; 560| 0| } 561| 19| if (curr == *head) { ------------------ | Branch (561:7): [True: 13, False: 6] ------------------ 562| 13| *head = curr->next; 563| 13| } 564| 19| if (curr->prev != NULL) { ------------------ | Branch (564:7): [True: 6, False: 13] ------------------ 565| 6| curr->prev->next = curr->next; 566| 6| } 567| 19| if (curr->next != NULL) { ------------------ | Branch (567:7): [True: 19, False: 0] ------------------ 568| 19| curr->next->prev = curr->prev; 569| 19| } 570| 19| (*tail)->next = curr; 571| 19| curr->prev = *tail; 572| 19| curr->next = NULL; 573| 19| *tail = curr; 574| 19|} ssl_cipher.cc:_ZL22ssl_cipher_id_cmp_voidPKvS0_: 1201| 82|static int ssl_cipher_id_cmp_void(const void *in_a, const void *in_b) { 1202| 82| return ssl_cipher_id_cmp(reinterpret_cast(in_a), 1203| 82| reinterpret_cast(in_b)); 1204| 82|} ssl_cipher.cc:_ZL17ssl_cipher_id_cmpPK13ssl_cipher_stS1_: 1191| 82| const SSL_CIPHER *b) { 1192| 82| if (a->id > b->id) { ------------------ | Branch (1192:7): [True: 27, False: 55] ------------------ 1193| 27| return 1; 1194| 27| } 1195| 55| if (a->id < b->id) { ------------------ | Branch (1195:7): [True: 34, False: 21] ------------------ 1196| 34| return -1; 1197| 34| } 1198| 21| return 0; 1199| 55|} _ZN17ssl_credential_stC2EN4bssl17SSLCredentialTypeE: 111| 3| : RefCounted(CheckSubClass()), type(type_arg) { 112| 3| CRYPTO_new_ex_data(&ex_data); 113| 3|} _ZN17ssl_credential_stD2Ev: 115| 3|ssl_credential_st::~ssl_credential_st() { 116| 3| CRYPTO_free_ex_data(&g_ex_data_class, &ex_data); 117| 3|} _ZNK17ssl_credential_st3DupEv: 124| 1|UniquePtr ssl_credential_st::Dup() const { 125| 1| assert(type == SSLCredentialType::kX509); 126| 1| UniquePtr ret = MakeUnique(type); 127| 1| if (ret == nullptr) { ------------------ | Branch (127:7): [True: 0, False: 1] ------------------ 128| 0| return nullptr; 129| 0| } 130| | 131| 1| ret->pubkey = UpRef(pubkey); 132| 1| ret->privkey = UpRef(privkey); 133| 1| ret->key_method = key_method; 134| 1| if (!ret->sigalgs.CopyFrom(sigalgs)) { ------------------ | Branch (134:7): [True: 0, False: 1] ------------------ 135| 0| return nullptr; 136| 0| } 137| | 138| 1| if (chain) { ------------------ | Branch (138:7): [True: 0, False: 1] ------------------ 139| 0| ret->chain.reset(sk_CRYPTO_BUFFER_deep_copy(chain.get(), buffer_up_ref, 140| 0| CRYPTO_BUFFER_free)); 141| 0| if (!ret->chain) { ------------------ | Branch (141:9): [True: 0, False: 0] ------------------ 142| 0| return nullptr; 143| 0| } 144| 0| } 145| | 146| 1| ret->dc = UpRef(dc); 147| 1| ret->signed_cert_timestamp_list = UpRef(signed_cert_timestamp_list); 148| 1| ret->ocsp_response = UpRef(ocsp_response); 149| 1| ret->dc_algorithm = dc_algorithm; 150| 1| return ret; 151| 1|} SSL_CREDENTIAL_free: 340| 3|void SSL_CREDENTIAL_free(SSL_CREDENTIAL *cred) { 341| 3| if (cred != nullptr) { ------------------ | Branch (341:7): [True: 3, False: 0] ------------------ 342| 3| cred->DecRefInternal(); 343| 3| } 344| 3|} _ZN4bssl14CBBFinishArrayEP6cbb_stPNS_5ArrayIhEE: 72| 45|bool CBBFinishArray(CBB *cbb, Array *out) { 73| 45| uint8_t *ptr; 74| 45| size_t len; 75| 45| if (!CBB_finish(cbb, &ptr, &len)) { ------------------ | Branch (75:7): [True: 0, False: 45] ------------------ 76| 0| OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 77| 0| return false; 78| 0| } 79| 45| out->Reset(ptr, len); 80| 45| return true; 81| 45|} _ZN10ssl_ctx_stC2EPK13ssl_method_st: 387| 1| : RefCounted(CheckSubClass()), 388| 1| method(ssl_method->method), 389| 1| x509_method(ssl_method->x509_method), 390| 1| retain_only_sha256_of_client_certs(false), 391| 1| quiet_shutdown(false), 392| 1| ocsp_stapling_enabled(false), 393| 1| signed_cert_timestamps_enabled(false), 394| 1| channel_id_enabled(false), 395| 1| grease_enabled(false), 396| 1| permute_extensions(false), 397| 1| allow_unknown_alpn_protos(false), 398| 1| false_start_allowed_without_alpn(false), 399| 1| handoff(false), 400| 1| enable_early_data(false), 401| 1| aes_hw_override(false), 402| 1| aes_hw_override_value(false), 403| 1| resumption_across_names_enabled(false) { 404| 1| CRYPTO_MUTEX_init(&lock); 405| 1| CRYPTO_new_ex_data(&ex_data); 406| 1|} _ZN10ssl_ctx_stD2Ev: 408| 1|ssl_ctx_st::~ssl_ctx_st() { 409| | // Free the internal session cache. Note that this calls the caller-supplied 410| | // remove callback, so we must do it before clearing ex_data. (See ticket 411| | // [openssl.org #212].) 412| 1| SSL_CTX_flush_sessions(this, 0); 413| | 414| 1| CRYPTO_free_ex_data(&g_ex_data_class_ssl_ctx, &ex_data); 415| | 416| 1| CRYPTO_MUTEX_cleanup(&lock); 417| 1| lh_SSL_SESSION_free(sessions); 418| 1| x509_method->ssl_ctx_free(this); 419| 1|} SSL_CTX_new: 421| 1|SSL_CTX *SSL_CTX_new(const SSL_METHOD *method) { 422| 1| if (method == NULL) { ------------------ | Branch (422:7): [True: 0, False: 1] ------------------ 423| 0| OPENSSL_PUT_ERROR(SSL, SSL_R_NULL_SSL_METHOD_PASSED); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 424| 0| return nullptr; 425| 0| } 426| | 427| 1| UniquePtr ret = MakeUnique(method); 428| 1| if (!ret) { ------------------ | Branch (428:7): [True: 0, False: 1] ------------------ 429| 0| return nullptr; 430| 0| } 431| | 432| 1| ret->cert = MakeUnique(method->x509_method); 433| 1| ret->sessions = lh_SSL_SESSION_new(ssl_session_hash, ssl_session_cmp); 434| 1| ret->client_CA.reset(sk_CRYPTO_BUFFER_new_null()); 435| 1| ret->CA_names.reset(sk_CRYPTO_BUFFER_new_null()); 436| 1| if (ret->cert == nullptr || // ------------------ | Branch (436:7): [True: 0, False: 1] ------------------ 437| 1| !ret->cert->is_valid() || // ------------------ | Branch (437:7): [True: 0, False: 1] ------------------ 438| 1| ret->sessions == nullptr || // ------------------ | Branch (438:7): [True: 0, False: 1] ------------------ 439| 1| ret->client_CA == nullptr || // ------------------ | Branch (439:7): [True: 0, False: 1] ------------------ 440| 1| ret->CA_names == nullptr || // ------------------ | Branch (440:7): [True: 0, False: 1] ------------------ 441| 1| !ret->x509_method->ssl_ctx_new(ret.get())) { ------------------ | Branch (441:7): [True: 0, False: 1] ------------------ 442| 0| return nullptr; 443| 0| } 444| | 445| 1| if (!SSL_CTX_set_strict_cipher_list(ret.get(), SSL_DEFAULT_CIPHER_LIST) || ------------------ | | 1669| 1|#define SSL_DEFAULT_CIPHER_LIST "ALL" ------------------ | Branch (445:7): [True: 0, False: 1] ------------------ 446| | // Lock the SSL_CTX to the specified version, for compatibility with 447| | // legacy uses of SSL_METHOD. 448| 1| !SSL_CTX_set_max_proto_version(ret.get(), method->version) || ------------------ | Branch (448:7): [True: 0, False: 1] ------------------ 449| 1| !SSL_CTX_set_min_proto_version(ret.get(), method->version)) { ------------------ | Branch (449:7): [True: 0, False: 1] ------------------ 450| 0| OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 451| 0| return nullptr; 452| 0| } 453| | 454| 1| return ret.release(); 455| 1|} SSL_CTX_up_ref: 457| 2|int SSL_CTX_up_ref(SSL_CTX *ctx) { 458| 2| ctx->UpRefInternal(); 459| 2| return 1; 460| 2|} SSL_CTX_free: 462| 3|void SSL_CTX_free(SSL_CTX *ctx) { 463| 3| if (ctx != nullptr) { ------------------ | Branch (463:7): [True: 3, False: 0] ------------------ 464| 3| ctx->DecRefInternal(); 465| 3| } 466| 3|} _ZN6ssl_stC2EP10ssl_ctx_st: 469| 1| : method(ctx_arg->method), 470| 1| max_send_fragment(ctx_arg->max_send_fragment), 471| 1| msg_callback(ctx_arg->msg_callback), 472| 1| msg_callback_arg(ctx_arg->msg_callback_arg), 473| 1| ctx(UpRef(ctx_arg)), 474| 1| session_ctx(UpRef(ctx_arg)), 475| 1| options(ctx->options), 476| 1| mode(ctx->mode), 477| 1| max_cert_list(ctx->max_cert_list), 478| 1| server(false), 479| 1| quiet_shutdown(ctx->quiet_shutdown), 480| 1| enable_early_data(ctx->enable_early_data), 481| 1| resumption_across_names_enabled(ctx->resumption_across_names_enabled) { 482| 1| CRYPTO_new_ex_data(&ex_data); 483| 1|} _ZN6ssl_stD2Ev: 485| 1|ssl_st::~ssl_st() { 486| 1| CRYPTO_free_ex_data(&g_ex_data_class_ssl, &ex_data); 487| | // |config| refers to |this|, so we must release it earlier. 488| 1| config.reset(); 489| 1| if (method != NULL) { ------------------ | Branch (489:7): [True: 1, False: 0] ------------------ 490| 1| method->ssl_free(this); 491| 1| } 492| 1|} SSL_new: 494| 1|SSL *SSL_new(SSL_CTX *ctx) { 495| 1| if (ctx == nullptr) { ------------------ | Branch (495:7): [True: 0, False: 1] ------------------ 496| 0| OPENSSL_PUT_ERROR(SSL, SSL_R_NULL_SSL_CTX); ------------------ | | 361| 0| ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) ------------------ 497| 0| return nullptr; 498| 0| } 499| | 500| 1| UniquePtr ssl = MakeUnique(ctx); 501| 1| if (ssl == nullptr) { ------------------ | Branch (501:7): [True: 0, False: 1] ------------------ 502| 0| return nullptr; 503| 0| } 504| | 505| 1| ssl->config = MakeUnique(ssl.get()); 506| 1| if (ssl->config == nullptr) { ------------------ | Branch (506:7): [True: 0, False: 1] ------------------ 507| 0| return nullptr; 508| 0| } 509| 1| ssl->config->conf_min_version = ctx->conf_min_version; 510| 1| ssl->config->conf_max_version = ctx->conf_max_version; 511| | 512| 1| ssl->config->cert = ssl_cert_dup(ctx->cert.get()); 513| 1| if (ssl->config->cert == nullptr) { ------------------ | Branch (513:7): [True: 0, False: 1] ------------------ 514| 0| return nullptr; 515| 0| } 516| | 517| 1| ssl->config->verify_mode = ctx->verify_mode; 518| 1| ssl->config->verify_callback = ctx->default_verify_callback; 519| 1| ssl->config->custom_verify_callback = ctx->custom_verify_callback; 520| 1| ssl->config->retain_only_sha256_of_client_certs = 521| 1| ctx->retain_only_sha256_of_client_certs; 522| 1| ssl->config->permute_extensions = ctx->permute_extensions; 523| 1| ssl->config->aes_hw_override = ctx->aes_hw_override; 524| 1| ssl->config->aes_hw_override_value = ctx->aes_hw_override_value; 525| 1| ssl->config->compliance_policy = ctx->compliance_policy; 526| | 527| 1| if (!ssl->config->supported_group_list.CopyFrom(ctx->supported_group_list) || ------------------ | Branch (527:7): [True: 0, False: 1] ------------------ 528| 1| !ssl->config->alpn_client_proto_list.CopyFrom( ------------------ | Branch (528:7): [True: 0, False: 1] ------------------ 529| 1| ctx->alpn_client_proto_list) || 530| 1| !ssl->config->verify_sigalgs.CopyFrom(ctx->verify_sigalgs)) { ------------------ | Branch (530:7): [True: 0, False: 1] ------------------ 531| 0| return nullptr; 532| 0| } 533| | 534| 1| if (ctx->requested_trust_anchors) { ------------------ | Branch (534:7): [True: 0, False: 1] ------------------ 535| 0| ssl->config->requested_trust_anchors.emplace(); 536| 0| if (!ssl->config->requested_trust_anchors->CopyFrom( ------------------ | Branch (536:9): [True: 0, False: 0] ------------------ 537| 0| *ctx->requested_trust_anchors)) { 538| 0| return nullptr; 539| 0| } 540| 0| } 541| | 542| 1| if (ctx->psk_identity_hint) { ------------------ | Branch (542:7): [True: 0, False: 1] ------------------ 543| 0| ssl->config->psk_identity_hint.reset( 544| 0| OPENSSL_strdup(ctx->psk_identity_hint.get())); 545| 0| if (ssl->config->psk_identity_hint == nullptr) { ------------------ | Branch (545:9): [True: 0, False: 0] ------------------ 546| 0| return nullptr; 547| 0| } 548| 0| } 549| 1| ssl->config->psk_client_callback = ctx->psk_client_callback; 550| 1| ssl->config->psk_server_callback = ctx->psk_server_callback; 551| | 552| 1| ssl->config->channel_id_enabled = ctx->channel_id_enabled; 553| 1| ssl->config->channel_id_private = UpRef(ctx->channel_id_private); 554| | 555| 1| ssl->config->signed_cert_timestamps_enabled = 556| 1| ctx->signed_cert_timestamps_enabled; 557| 1| ssl->config->ocsp_stapling_enabled = ctx->ocsp_stapling_enabled; 558| 1| ssl->config->handoff = ctx->handoff; 559| 1| ssl->quic_method = ctx->quic_method; 560| | 561| 1| if (!ssl->method->ssl_new(ssl.get()) || ------------------ | Branch (561:7): [True: 0, False: 1] ------------------ 562| 1| !ssl->ctx->x509_method->ssl_new(ssl->s3->hs.get())) { ------------------ | Branch (562:7): [True: 0, False: 1] ------------------ 563| 0| return nullptr; 564| 0| } 565| | 566| 1| return ssl.release(); 567| 1|} _ZN4bssl10SSL_CONFIGC2EP6ssl_st: 570| 1| : ssl(ssl_arg), 571| 1| ech_grease_enabled(false), 572| 1| signed_cert_timestamps_enabled(false), 573| 1| ocsp_stapling_enabled(false), 574| 1| channel_id_enabled(false), 575| 1| enforce_rsa_key_usage(true), 576| 1| retain_only_sha256_of_client_certs(false), 577| 1| handoff(false), 578| 1| shed_handshake_config(false), 579| 1| jdk11_workaround(false), 580| 1| quic_use_legacy_codepoint(false), 581| 1| permute_extensions(false), 582| 1| alps_use_new_codepoint(true) { 583| 1| assert(ssl); 584| 1|} _ZN4bssl10SSL_CONFIGD2Ev: 586| 1|SSL_CONFIG::~SSL_CONFIG() { 587| 1| if (ssl->ctx != nullptr) { ------------------ | Branch (587:7): [True: 1, False: 0] ------------------ 588| 1| ssl->ctx->x509_method->ssl_config_free(this); 589| 1| } 590| 1|} SSL_free: 592| 1|void SSL_free(SSL *ssl) { Delete(ssl); } SSL_CTX_set_strict_cipher_list: 1990| 1|int SSL_CTX_set_strict_cipher_list(SSL_CTX *ctx, const char *str) { 1991| 1| const bool has_aes_hw = ctx->aes_hw_override ? ctx->aes_hw_override_value ------------------ | Branch (1991:27): [True: 0, False: 1] ------------------ 1992| 1| : EVP_has_aes_hardware(); 1993| 1| return ssl_create_cipher_list(&ctx->cipher_list, has_aes_hw, str, 1994| 1| true /* strict */); 1995| 1|} SSL_is_dtls: 2756| 1.57k|int SSL_is_dtls(const SSL *ssl) { return ssl->method->is_dtls; } SSL_CTX_flush_sessions: 1158| 1|void SSL_CTX_flush_sessions(SSL_CTX *ctx, uint64_t time) { 1159| 1| TIMEOUT_PARAM tp; 1160| | 1161| 1| tp.ctx = ctx; 1162| 1| tp.cache = ctx->sessions; 1163| 1| if (tp.cache == NULL) { ------------------ | Branch (1163:7): [True: 0, False: 1] ------------------ 1164| 0| return; 1165| 0| } 1166| 1| tp.time = time; 1167| 1| MutexWriteLock lock(&ctx->lock); 1168| 1| lh_SSL_SESSION_doall_arg(tp.cache, timeout_doall_arg, &tp); 1169| 1|} _ZN4bssl13SSLTranscriptC2Eb: 29| 2|SSLTranscript::SSLTranscript(bool is_dtls) : is_dtls_(is_dtls) {} _ZN4bssl13SSLTranscriptD2Ev: 31| 2|SSLTranscript::~SSLTranscript() {} _ZN4bssl13SSLTranscript4InitEv: 33| 1|bool SSLTranscript::Init() { 34| 1| buffer_.reset(BUF_MEM_new()); 35| 1| if (!buffer_) { ------------------ | Branch (35:7): [True: 0, False: 1] ------------------ 36| 0| return false; 37| 0| } 38| | 39| 1| hash_.Reset(); 40| 1| return true; 41| 1|} SSL_CTX_set_min_proto_version: 357| 1|int SSL_CTX_set_min_proto_version(SSL_CTX *ctx, uint16_t version) { 358| 1| return set_min_version(ctx->method, &ctx->conf_min_version, version); 359| 1|} SSL_CTX_set_max_proto_version: 361| 1|int SSL_CTX_set_max_proto_version(SSL_CTX *ctx, uint16_t version) { 362| 1| return set_max_version(ctx->method, &ctx->conf_max_version, version); 363| 1|} ssl_versions.cc:_ZN4bsslL15set_min_versionEPKNS_19SSL_PROTOCOL_METHODEPtt: 146| 1| uint16_t version) { 147| | // Zero is interpreted as the default minimum version. 148| 1| if (version == 0) { ------------------ | Branch (148:7): [True: 1, False: 0] ------------------ 149| 1| *out = method->is_dtls ? DTLS1_2_VERSION : TLS1_2_VERSION; ------------------ | | 548| 0|#define DTLS1_2_VERSION 0xfefd ------------------ *out = method->is_dtls ? DTLS1_2_VERSION : TLS1_2_VERSION; ------------------ | | 544| 2|#define TLS1_2_VERSION 0x0303 ------------------ | Branch (149:12): [True: 0, False: 1] ------------------ 150| 1| return true; 151| 1| } 152| | 153| 0| return set_version_bound(method, out, version); 154| 1|} ssl_versions.cc:_ZN4bsslL15set_max_versionEPKNS_19SSL_PROTOCOL_METHODEPtt: 157| 1| uint16_t version) { 158| | // Zero is interpreted as the default maximum version. 159| | // TODO(crbug.com/42290594): Enable DTLS 1.3 by default, after it's 160| | // successfully shipped in WebRTC. 161| 1| if (version == 0) { ------------------ | Branch (161:7): [True: 1, False: 0] ------------------ 162| 1| *out = method->is_dtls ? DTLS1_2_VERSION : TLS1_3_VERSION; ------------------ | | 548| 0|#define DTLS1_2_VERSION 0xfefd ------------------ *out = method->is_dtls ? DTLS1_2_VERSION : TLS1_3_VERSION; ------------------ | | 545| 2|#define TLS1_3_VERSION 0x0304 ------------------ | Branch (162:12): [True: 0, False: 1] ------------------ 163| 1| return true; 164| 1| } 165| | 166| 0| return set_version_bound(method, out, version); 167| 1|} ssl_x509.cc:_ZN4bsslL26ssl_crypto_x509_cert_clearEPNS_4CERTE: 105| 2|static void ssl_crypto_x509_cert_clear(CERT *cert) { 106| 2| ssl_crypto_x509_cert_flush_cached_leaf(cert); 107| 2| ssl_crypto_x509_cert_flush_cached_chain(cert); 108| | 109| 2| X509_free(cert->x509_stash); 110| 2| cert->x509_stash = nullptr; 111| 2|} ssl_x509.cc:_ZN4bsslL25ssl_crypto_x509_cert_freeEPNS_4CERTE: 113| 2|static void ssl_crypto_x509_cert_free(CERT *cert) { 114| 2| ssl_crypto_x509_cert_clear(cert); 115| 2| X509_STORE_free(cert->verify_store); 116| 2|} ssl_x509.cc:_ZN4bsslL24ssl_crypto_x509_cert_dupEPNS_4CERTEPKS0_: 118| 1|static void ssl_crypto_x509_cert_dup(CERT *new_cert, const CERT *cert) { 119| 1| if (cert->verify_store != nullptr) { ------------------ | Branch (119:7): [True: 0, False: 1] ------------------ 120| 0| X509_STORE_up_ref(cert->verify_store); 121| 0| new_cert->verify_store = cert->verify_store; 122| 0| } 123| 1|} ssl_x509.cc:_ZN4bsslL39ssl_crypto_x509_cert_flush_cached_chainEPNS_4CERTE: 67| 2|static void ssl_crypto_x509_cert_flush_cached_chain(CERT *cert) { 68| 2| sk_X509_pop_free(cert->x509_chain, X509_free); 69| 2| cert->x509_chain = nullptr; 70| 2|} ssl_x509.cc:_ZN4bsslL38ssl_crypto_x509_cert_flush_cached_leafEPNS_4CERTE: 62| 2|static void ssl_crypto_x509_cert_flush_cached_leaf(CERT *cert) { 63| 2| X509_free(cert->x509_leaf); 64| 2| cert->x509_leaf = nullptr; 65| 2|} ssl_x509.cc:_ZN4bsslL40ssl_crypto_x509_hs_flush_cached_ca_namesEPNS_13SSL_HANDSHAKEE: 266| 1|static void ssl_crypto_x509_hs_flush_cached_ca_names(SSL_HANDSHAKE *hs) { 267| 1| sk_X509_NAME_pop_free(hs->cached_x509_ca_names, X509_NAME_free); 268| 1| hs->cached_x509_ca_names = nullptr; 269| 1|} ssl_x509.cc:_ZN4bsslL23ssl_crypto_x509_ssl_newEPNS_13SSL_HANDSHAKEE: 271| 1|static bool ssl_crypto_x509_ssl_new(SSL_HANDSHAKE *hs) { 272| 1| hs->config->param = X509_VERIFY_PARAM_new(); 273| 1| if (hs->config->param == nullptr) { ------------------ | Branch (273:7): [True: 0, False: 1] ------------------ 274| 0| return false; 275| 0| } 276| 1| X509_VERIFY_PARAM_inherit(hs->config->param, hs->ssl->ctx->param); 277| 1| return true; 278| 1|} ssl_x509.cc:_ZN4bsslL31ssl_crypto_x509_ssl_config_freeEPNS_10SSL_CONFIGE: 285| 1|static void ssl_crypto_x509_ssl_config_free(SSL_CONFIG *cfg) { 286| 1| sk_X509_NAME_pop_free(cfg->cached_x509_client_CA, X509_NAME_free); 287| 1| cfg->cached_x509_client_CA = nullptr; 288| 1| X509_VERIFY_PARAM_free(cfg->param); 289| 1|} ssl_x509.cc:_ZN4bsslL27ssl_crypto_x509_ssl_ctx_newEP10ssl_ctx_st: 334| 1|static bool ssl_crypto_x509_ssl_ctx_new(SSL_CTX *ctx) { 335| 1| ctx->cert_store = X509_STORE_new(); 336| 1| ctx->param = X509_VERIFY_PARAM_new(); 337| 1| return (ctx->cert_store != nullptr && ctx->param != nullptr); ------------------ | Branch (337:11): [True: 1, False: 0] | Branch (337:41): [True: 1, False: 0] ------------------ 338| 1|} ssl_x509.cc:_ZN4bsslL28ssl_crypto_x509_ssl_ctx_freeEP10ssl_ctx_st: 340| 1|static void ssl_crypto_x509_ssl_ctx_free(SSL_CTX *ctx) { 341| 1| ssl_crypto_x509_ssl_ctx_flush_cached_client_CA(ctx); 342| 1| X509_VERIFY_PARAM_free(ctx->param); 343| 1| X509_STORE_free(ctx->cert_store); 344| 1|} ssl_x509.cc:_ZN4bsslL46ssl_crypto_x509_ssl_ctx_flush_cached_client_CAEP10ssl_ctx_st: 329| 1|static void ssl_crypto_x509_ssl_ctx_flush_cached_client_CA(SSL_CTX *ctx) { 330| 1| sk_X509_NAME_pop_free(ctx->cached_x509_client_CA, X509_NAME_free); 331| 1| ctx->cached_x509_client_CA = nullptr; 332| 1|} TLS_method: 197| 1|const SSL_METHOD *TLS_method(void) { 198| 1| static const SSL_METHOD kMethod = { 199| 1| 0, 200| 1| &kTLSProtocolMethod, 201| 1| &ssl_crypto_x509_method, 202| 1| }; 203| 1| return &kMethod; 204| 1|}