diff --git a/cgo_go124.go b/internal/ossl/cgo_go124.go similarity index 87% rename from cgo_go124.go rename to internal/ossl/cgo_go124.go index 933a7518..2da663e2 100644 --- a/cgo_go124.go +++ b/internal/ossl/cgo_go124.go @@ -1,6 +1,6 @@ //go:build go1.24 && !cmd_go_bootstrap -package openssl +package ossl // The following noescape and nocallback directives are used to prevent the Go // compiler from allocating function parameters on the heap. See @@ -13,6 +13,6 @@ package openssl // observed to benefit from these directives, not every function that is merely // expected to meet the noescape/nocallback criteria. -// #cgo noescape go_openssl_RAND_bytes -// #cgo nocallback go_openssl_RAND_bytes +// #cgo noescape RAND_bytes +// #cgo nocallback RAND_bytes import "C" diff --git a/port_dsa.c b/internal/ossl/port_dsa.c similarity index 61% rename from port_dsa.c rename to internal/ossl/port_dsa.c index 5a948eaf..345af5f8 100644 --- a/port_dsa.c +++ b/internal/ossl/port_dsa.c @@ -3,24 +3,25 @@ // on the OpenSSL_1_1_0-stable branch. Only pqg and key getters/setters // are backported. -#include "goopenssl.h" +#include "api.h" +#include struct dsa_st { int _ignored0; long _ignored1; int _ignored2; - GO_BIGNUM_PTR p; - GO_BIGNUM_PTR q; - GO_BIGNUM_PTR g; - GO_BIGNUM_PTR pub_key; - GO_BIGNUM_PTR priv_key; + BIGNUM_PTR p; + BIGNUM_PTR q; + BIGNUM_PTR g; + BIGNUM_PTR pub_key; + BIGNUM_PTR priv_key; // The following members are not used by our backport, // so we don't define them here. }; -void go_openssl_DSA_get0_pqg_backport(const GO_DSA_PTR dsa, - GO_BIGNUM_PTR *p, GO_BIGNUM_PTR *q, GO_BIGNUM_PTR *g) +void go_openssl_DSA_get0_pqg_backport(const DSA_PTR dsa, + BIGNUM_PTR *p, BIGNUM_PTR *q, BIGNUM_PTR *g) { const struct dsa_st *d = dsa; if (p != NULL) @@ -31,8 +32,8 @@ void go_openssl_DSA_get0_pqg_backport(const GO_DSA_PTR dsa, *g = d->g; } -int go_openssl_DSA_set0_pqg_backport(GO_DSA_PTR dsa, - GO_BIGNUM_PTR p, GO_BIGNUM_PTR q, GO_BIGNUM_PTR g) +int go_openssl_DSA_set0_pqg_backport(DSA_PTR dsa, + BIGNUM_PTR p, BIGNUM_PTR q, BIGNUM_PTR g) { struct dsa_st *d = dsa; if ((d->p == NULL && p == NULL) @@ -41,23 +42,23 @@ int go_openssl_DSA_set0_pqg_backport(GO_DSA_PTR dsa, return 0; if (p != NULL) { - go_openssl_BN_free(d->p); + BN_free(d->p); d->p = p; } if (q != NULL) { - go_openssl_BN_free(d->q); + BN_free(d->q); d->q = q; } if (g != NULL) { - go_openssl_BN_free(d->g); + BN_free(d->g); d->g = g; } return 1; } -void go_openssl_DSA_get0_key_backport(const GO_DSA_PTR dsa, - GO_BIGNUM_PTR *pub_key, GO_BIGNUM_PTR *priv_key) +void go_openssl_DSA_get0_key_backport(const DSA_PTR dsa, + BIGNUM_PTR *pub_key, BIGNUM_PTR *priv_key) { const struct dsa_st *d = dsa; if (pub_key != NULL) @@ -66,18 +67,18 @@ void go_openssl_DSA_get0_key_backport(const GO_DSA_PTR dsa, *priv_key = d->priv_key; } -int go_openssl_DSA_set0_key_backport(GO_DSA_PTR dsa, GO_BIGNUM_PTR pub_key, GO_BIGNUM_PTR priv_key) +int go_openssl_DSA_set0_key_backport(DSA_PTR dsa, BIGNUM_PTR pub_key, BIGNUM_PTR priv_key) { struct dsa_st *d = dsa; if (d->pub_key == NULL && pub_key == NULL) return 0; if (pub_key != NULL) { - go_openssl_BN_free(d->pub_key); + BN_free(d->pub_key); d->pub_key = pub_key; } if (priv_key != NULL) { - go_openssl_BN_free(d->priv_key); + BN_free(d->priv_key); d->priv_key = priv_key; } diff --git a/port_evp_md5_sha1.c b/internal/ossl/port_evp_md5_sha1.c similarity index 86% rename from port_evp_md5_sha1.c rename to internal/ossl/port_evp_md5_sha1.c index 50d49b1f..12f37191 100644 --- a/port_evp_md5_sha1.c +++ b/internal/ossl/port_evp_md5_sha1.c @@ -11,7 +11,8 @@ * https://www.openssl.org/source/license.html */ -#include "goopenssl.h" +#include "api.h" +#include #define NID_md5_sha1 114 @@ -81,24 +82,24 @@ struct md5_sha1_ctx { static int md5_sha1_init(EVP_MD_CTX *ctx) { struct md5_sha1_ctx *mctx = ctx->md_data; - if (!go_openssl_MD5_Init(&mctx->md5)) + if (!MD5_Init(&mctx->md5)) return 0; - return go_openssl_SHA1_Init(&mctx->sha1); + return SHA1_Init(&mctx->sha1); } static int md5_sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count) { struct md5_sha1_ctx *mctx = ctx->md_data; - if (!go_openssl_MD5_Update(&mctx->md5, data, count)) + if (!MD5_Update(&mctx->md5, data, count)) return 0; - return go_openssl_SHA1_Update(&mctx->sha1, data, count); + return SHA1_Update(&mctx->sha1, data, count); } static int md5_sha1_final(EVP_MD_CTX *ctx, unsigned char *md) { struct md5_sha1_ctx *mctx = ctx->md_data; - if (!go_openssl_MD5_Final(md, &mctx->md5)) + if (!MD5_Final(md, &mctx->md5)) return 0; - return go_openssl_SHA1_Final(md + MD5_DIGEST_LENGTH, &mctx->sha1); + return SHA1_Final(md + MD5_DIGEST_LENGTH, &mctx->sha1); } // Change: Removed: @@ -121,6 +122,6 @@ static const EVP_MD md5_sha1_md = { }; // Change: Apply name mangling. -const GO_EVP_MD_PTR go_openssl_EVP_md5_sha1_backport(void) { - return (const GO_EVP_MD_PTR)&md5_sha1_md; +const EVP_MD_PTR go_openssl_EVP_md5_sha1_backport(void) { + return (const EVP_MD_PTR)&md5_sha1_md; } diff --git a/thread_setup.go b/internal/ossl/thread_setup.go similarity index 87% rename from thread_setup.go rename to internal/ossl/thread_setup.go index 5e0da7e3..04bd2413 100644 --- a/thread_setup.go +++ b/internal/ossl/thread_setup.go @@ -1,6 +1,6 @@ -//go:build !cmd_go_bootstrap +//go:build !cmd_go_bootstrap && cgo -package openssl +package ossl // Go wrappers for testing the thread setup code as _test.go files cannot import "C". diff --git a/thread_setup.h b/internal/ossl/thread_setup.h similarity index 100% rename from thread_setup.h rename to internal/ossl/thread_setup.h diff --git a/thread_setup_test.go b/internal/ossl/thread_setup_test.go similarity index 96% rename from thread_setup_test.go rename to internal/ossl/thread_setup_test.go index 57e41aaa..10a70991 100644 --- a/thread_setup_test.go +++ b/internal/ossl/thread_setup_test.go @@ -1,4 +1,4 @@ -package openssl +package ossl import ( "runtime" @@ -28,7 +28,7 @@ func TestThreadCleanup(t *testing.T) { runtime.LockOSThread() // Checking for errors has the side effect of initializing // the thread-local OpenSSL error queue. - _ = newOpenSSLError("") + _ = newError("") }() <-done time.Sleep(100 * time.Millisecond) // Give some time for the thread to terminate. diff --git a/thread_setup_unix.c b/internal/ossl/thread_setup_unix.c similarity index 82% rename from thread_setup_unix.c rename to internal/ossl/thread_setup_unix.c index c837f9cb..b2e5adaf 100644 --- a/thread_setup_unix.c +++ b/internal/ossl/thread_setup_unix.c @@ -1,6 +1,6 @@ //go:build unix -#include "goopenssl.h" +#include "ossl.h" #include "thread_setup.h" #include @@ -22,7 +22,7 @@ static void locking_function(int mode, int n, const char *file, int line) static void thread_id(GO_CRYPTO_THREADID_PTR tid) { - go_openssl_CRYPTO_THREADID_set_numeric(tid, (unsigned long)pthread_self()); + CRYPTO_THREADID_set_numeric(tid, (unsigned long)pthread_self()); // OpenSSL fetches the current thread ID whenever it does anything with the // per-thread error state, so this function is guaranteed to be executed at @@ -38,7 +38,7 @@ static void thread_id(GO_CRYPTO_THREADID_PTR tid) static void cleanup_thread_state(void *ignored) { UNUSED(ignored); - go_openssl_ERR_remove_thread_state(NULL); + ERR_remove_thread_state(NULL); // ERR_remove_thread_state(NULL) in turn calls our registered thread_id // callback via CRYPTO_THREADID_current(), which sets the thread-local // variable associated with this destructor to a non-NULL value. We have to @@ -52,13 +52,13 @@ int go_openssl_thread_setup(void) { if (pthread_key_create(&destructor_key, cleanup_thread_state) != 0) return 0; - mutex_buf = malloc(go_openssl_CRYPTO_num_locks()*sizeof(pthread_mutex_t)); + mutex_buf = malloc(CRYPTO_num_locks()*sizeof(pthread_mutex_t)); if (!mutex_buf) return 0; int i; - for (i = 0; i < go_openssl_CRYPTO_num_locks(); i++) + for (i = 0; i < CRYPTO_num_locks(); i++) pthread_mutex_init(&mutex_buf[i], NULL); - go_openssl_CRYPTO_THREADID_set_callback(thread_id); - go_openssl_CRYPTO_set_locking_callback(locking_function); + CRYPTO_THREADID_set_callback(thread_id); + CRYPTO_set_locking_callback(locking_function); return 1; } diff --git a/thread_setup_windows.c b/internal/ossl/thread_setup_windows.c similarity index 75% rename from thread_setup_windows.c rename to internal/ossl/thread_setup_windows.c index 93281d6c..dc76ffd3 100644 --- a/thread_setup_windows.c +++ b/internal/ossl/thread_setup_windows.c @@ -1,6 +1,6 @@ //go:build windows -#include "goopenssl.h" +#include "api.h" #include "thread_setup.h" #include @@ -22,9 +22,9 @@ static void locking_function(int mode, int n, const char *file, int line) ReleaseMutex(mutex_buf[n]); } -static void thread_id(GO_CRYPTO_THREADID_PTR tid) +static void thread_id(CRYPTO_THREADID_PTR tid) { - go_openssl_CRYPTO_THREADID_set_numeric(tid, (unsigned long)GetCurrentThreadId()); + CRYPTO_THREADID_set_numeric(tid, (unsigned long)GetCurrentThreadId()); // OpenSSL fetches the current thread ID whenever it does anything with the // per-thread error state, so this function is guaranteed to be executed at @@ -39,7 +39,7 @@ static void thread_id(GO_CRYPTO_THREADID_PTR tid) static void cleanup_thread_state(void *ignored) { UNUSED(ignored); - go_openssl_ERR_remove_thread_state(NULL); + ERR_remove_thread_state(NULL); } int go_openssl_thread_setup(void) @@ -49,16 +49,16 @@ int go_openssl_thread_setup(void) fls_index = FlsAlloc(cleanup_thread_state); if (fls_index == FLS_OUT_OF_INDEXES) return 0; - mutex_buf = malloc(go_openssl_CRYPTO_num_locks()*sizeof(HANDLE)); + mutex_buf = malloc(CRYPTO_num_locks()*sizeof(HANDLE)); if (!mutex_buf) return 0; int i; - for (i = 0; i < go_openssl_CRYPTO_num_locks(); i++) + for (i = 0; i < CRYPTO_num_locks(); i++) mutex_buf[i] = CreateMutex(NULL, FALSE, NULL); - go_openssl_CRYPTO_set_locking_callback(locking_function); - // go_openssl_CRYPTO_set_id_callback is not strictly needed on Windows + CRYPTO_set_locking_callback(locking_function); + // CRYPTO_set_id_callback is not strictly needed on Windows // as OpenSSL uses GetCurrentThreadId() by default. // But we need to piggyback off the callback for our own purposes. - go_openssl_CRYPTO_THREADID_set_callback(thread_id); + CRYPTO_THREADID_set_callback(thread_id); return 1; }