From 9e4fb095b15c2e1f380da8b55edd65e95070fff0 Mon Sep 17 00:00:00 2001 From: George Adams Date: Thu, 21 May 2026 11:10:05 +0100 Subject: [PATCH 1/7] update openssl backend to point to new location --- .../0001-Vendor-external-dependencies.patch | 36166 ++++++++++------ ...03-Implement-crypto-internal-backend.patch | 25 +- patches/0004-Use-crypto-backends.patch | 4 +- 3 files changed, 23182 insertions(+), 13013 deletions(-) diff --git a/patches/0001-Vendor-external-dependencies.patch b/patches/0001-Vendor-external-dependencies.patch index d916b69a288..3ec57301fb5 100644 --- a/patches/0001-Vendor-external-dependencies.patch +++ b/patches/0001-Vendor-external-dependencies.patch @@ -21,7 +21,7 @@ Use a 'go' that was recently built by the current branch to ensure stable result .../telemetry/internal/appinsights/client.go | 169 ++ .../internal/appinsights/inmemorychannel.go | 341 +++ .../internal/contracts/contexttagkeys.go | 50 + - .../internal/contracts/envelope.go | 123 ++ + .../internal/contracts/envelope.go | 123 + .../internal/contracts/response.go | 32 + .../internal/appinsights/jsonserializer.go | 33 + .../telemetry/internal/appinsights/package.go | 13 + @@ -30,54 +30,13 @@ Use a 'go' that was recently built by the current branch to ensure stable result .../telemetry/internal/config/config.go | 63 + .../telemetry/internal/telemetry/proginfo.go | 32 + .../telemetry/internal/telemetry/telemetry.go | 32 + - .../microsoft/go-infra/telemetry/telemetry.go | 125 ++ + .../microsoft/go-infra/telemetry/telemetry.go | 125 + src/cmd/vendor/modules.txt | 11 + src/crypto/internal/backend/deps_ignore.go | 22 + src/go.mod | 6 + src/go.sum | 6 + src/go/build/deps_test.go | 35 +- src/go/build/vendor_test.go | 4 + - .../golang-fips/openssl/v2/.gitignore | 2 + - .../golang-fips/openssl/v2/.gitleaks.toml | 9 + - .../github.com/golang-fips/openssl/v2/LICENSE | 20 + - .../golang-fips/openssl/v2/README.md | 66 + - .../github.com/golang-fips/openssl/v2/aes.go | 146 ++ - .../golang-fips/openssl/v2/bbig/big.go | 37 + - .../github.com/golang-fips/openssl/v2/big.go | 11 + - .../golang-fips/openssl/v2/cipher.go | 654 ++++++ - .../golang-fips/openssl/v2/const.go | 93 + - .../github.com/golang-fips/openssl/v2/des.go | 113 + - .../github.com/golang-fips/openssl/v2/dsa.go | 309 +++ - .../github.com/golang-fips/openssl/v2/ec.go | 67 + - .../github.com/golang-fips/openssl/v2/ecdh.go | 306 +++ - .../golang-fips/openssl/v2/ecdsa.go | 226 ++ - .../golang-fips/openssl/v2/ed25519.go | 229 ++ - .../github.com/golang-fips/openssl/v2/evp.go | 590 +++++ - .../github.com/golang-fips/openssl/v2/hash.go | 455 ++++ - .../golang-fips/openssl/v2/hashclone.go | 14 + - .../golang-fips/openssl/v2/hashclone_go125.go | 9 + - .../github.com/golang-fips/openssl/v2/hkdf.go | 434 ++++ - .../github.com/golang-fips/openssl/v2/hmac.go | 283 +++ - .../github.com/golang-fips/openssl/v2/init.go | 157 ++ - .../golang-fips/openssl/v2/init_unix.go | 31 + - .../golang-fips/openssl/v2/init_windows.go | 36 + - .../openssl/v2/internal/ossl/errors.go | 119 + - .../openssl/v2/internal/ossl/ossl.go | 81 + - .../openssl/v2/internal/ossl/shims.h | 399 ++++ - .../openssl/v2/internal/ossl/zossl.c | 1924 +++++++++++++++++ - .../openssl/v2/internal/ossl/zossl.go | 1329 ++++++++++++ - .../openssl/v2/internal/ossl/zossl.h | 335 +++ - .../openssl/v2/internal/ossl/zossl_go124.go | 37 + - .../golang-fips/openssl/v2/openssl.go | 384 ++++ - .../golang-fips/openssl/v2/params.go | 195 ++ - .../golang-fips/openssl/v2/pbkdf2.go | 55 + - .../golang-fips/openssl/v2/provideropenssl.go | 239 ++ - .../openssl/v2/providersymcrypt.go | 338 +++ - .../github.com/golang-fips/openssl/v2/rand.go | 22 + - .../github.com/golang-fips/openssl/v2/rc4.go | 69 + - .../github.com/golang-fips/openssl/v2/rsa.go | 366 ++++ - .../golang-fips/openssl/v2/tls1prf.go | 159 ++ - .../github.com/golang-fips/openssl/v2/zaes.go | 86 + .../microsoft/go-crypto-darwin/LICENSE | 21 + .../microsoft/go-crypto-darwin/bbig/big.go | 31 + .../internal/cryptokit/CryptoKit.o | Bin 0 -> 208856 bytes @@ -86,18 +45,18 @@ Use a 'go' that was recently built by the current branch to ensure stable result .../internal/cryptokit/cryptokit.h | 67 + .../internal/cryptokit/ed25519.go | 72 + .../internal/cryptokit/gcm.go | 36 + - .../internal/cryptokit/hash.go | 247 +++ + .../internal/cryptokit/hash.go | 247 ++ .../internal/cryptokit/hashclone.go | 17 + .../internal/cryptokit/hashclone_go125.go | 12 + .../internal/cryptokit/hkdf.go | 77 + - .../internal/cryptokit/hmac.go | 146 ++ + .../internal/cryptokit/hmac.go | 146 + .../microsoft/go-crypto-darwin/xcrypto/aes.go | 336 +++ .../microsoft/go-crypto-darwin/xcrypto/big.go | 16 + .../go-crypto-darwin/xcrypto/cgo_go124.go | 23 + - .../go-crypto-darwin/xcrypto/cipher.go | 122 ++ + .../go-crypto-darwin/xcrypto/cipher.go | 122 + .../microsoft/go-crypto-darwin/xcrypto/des.go | 117 + .../microsoft/go-crypto-darwin/xcrypto/ec.go | 32 + - .../go-crypto-darwin/xcrypto/ecdh.go | 135 ++ + .../go-crypto-darwin/xcrypto/ecdh.go | 135 + .../go-crypto-darwin/xcrypto/ecdsa.go | 181 ++ .../go-crypto-darwin/xcrypto/ed25519.go | 100 + .../microsoft/go-crypto-darwin/xcrypto/evp.go | 345 +++ @@ -109,35 +68,158 @@ Use a 'go' that was recently built by the current branch to ensure stable result .../microsoft/go-crypto-darwin/xcrypto/rc4.go | 83 + .../microsoft/go-crypto-darwin/xcrypto/rsa.go | 194 ++ .../go-crypto-darwin/xcrypto/xcrypto.go | 49 + + .../microsoft/go-crypto-openssl/LICENSE | 21 + + .../microsoft/go-crypto-openssl/bbig/big.go | 40 + + .../internal/fakecgo/abi_amd64.h | 99 + + .../internal/fakecgo/abi_arm64.h | 39 + + .../internal/fakecgo/abi_loong64.h | 60 + + .../internal/fakecgo/abi_ppc64x.h | 195 ++ + .../internal/fakecgo/abi_riscv64.h | 72 + + .../internal/fakecgo/asm_386.s | 29 + + .../internal/fakecgo/asm_amd64.s | 39 + + .../internal/fakecgo/asm_arm.s | 52 + + .../internal/fakecgo/asm_arm64.s | 36 + + .../internal/fakecgo/asm_loong64.s | 40 + + .../internal/fakecgo/asm_ppc64le.s | 82 + + .../internal/fakecgo/asm_riscv64.s | 37 + + .../internal/fakecgo/asm_s390x.s | 55 + + .../internal/fakecgo/callbacks.go | 93 + + .../internal/fakecgo/fakecgo.go | 14 + + .../internal/fakecgo/fakecgo.lock | 3 + + .../internal/fakecgo/freebsd.go | 27 + + .../internal/fakecgo/generate.go | 6 + + .../internal/fakecgo/go_darwin.go | 88 + + .../internal/fakecgo/go_freebsd.go | 79 + + .../internal/fakecgo/go_libinit.go | 72 + + .../internal/fakecgo/go_linux.go | 79 + + .../internal/fakecgo/go_setenv.go | 18 + + .../internal/fakecgo/go_util.go | 38 + + .../internal/fakecgo/iscgo.go | 19 + + .../internal/fakecgo/libcgo.go | 39 + + .../internal/fakecgo/libcgo_darwin.go | 26 + + .../internal/fakecgo/libcgo_freebsd.go | 20 + + .../internal/fakecgo/libcgo_linux.go | 20 + + .../internal/fakecgo/linux.go | 184 ++ + .../internal/fakecgo/setenv.go | 19 + + .../internal/fakecgo/trampolines_386.s | 121 + + .../internal/fakecgo/trampolines_amd64.s | 107 + + .../internal/fakecgo/trampolines_arm.s | 122 + + .../internal/fakecgo/trampolines_arm64.s | 81 + + .../internal/fakecgo/trampolines_linux_386.s | 78 + + .../fakecgo/trampolines_linux_amd64.s | 69 + + .../internal/fakecgo/trampolines_linux_arm.s | 69 + + .../fakecgo/trampolines_linux_arm64.s | 60 + + .../fakecgo/trampolines_linux_loong64.s | 60 + + .../fakecgo/trampolines_linux_ppc64le.s | 69 + + .../fakecgo/trampolines_linux_riscv64.s | 60 + + .../fakecgo/trampolines_linux_s390x.s | 53 + + .../internal/fakecgo/trampolines_loong64.s | 78 + + .../internal/fakecgo/trampolines_ppc64le.s | 128 + + .../internal/fakecgo/trampolines_riscv64.s | 76 + + .../internal/fakecgo/trampolines_s390x.s | 154 + + .../internal/fakecgo/zsymbols.go | 165 ++ + .../internal/fakecgo/zsymbols_darwin.go | 59 + + .../internal/fakecgo/zsymbols_freebsd.go | 48 + + .../internal/fakecgo/zsymbols_linux.go | 158 ++ + .../internal/fakecgo/ztrampolines_darwin.s | 19 + + .../internal/fakecgo/ztrampolines_freebsd.s | 16 + + .../internal/fakecgo/ztrampolines_linux.s | 46 + + .../internal/fakecgo/ztrampolines_stubs.s | 55 + + .../go-crypto-openssl/internal/ossl/asm_386.s | 101 + + .../internal/ossl/asm_amd64.s | 123 + + .../go-crypto-openssl/internal/ossl/asm_arm.s | 107 + + .../internal/ossl/asm_arm64.s | 100 + + .../internal/ossl/asm_loong64.s | 119 + + .../internal/ossl/asm_others.s | 10 + + .../internal/ossl/asm_ppc64le.s | 144 + + .../internal/ossl/asm_riscv64.s | 112 + + .../internal/ossl/asm_s390x.s | 120 + + .../go-crypto-openssl/internal/ossl/dl.h | 15 + + .../go-crypto-openssl/internal/ossl/errors.go | 37 + + .../internal/ossl/errors_cgo.go | 33 + + .../internal/ossl/errors_nocgo.go | 19 + + .../go-crypto-openssl/internal/ossl/ossl.go | 62 + + .../go-crypto-openssl/internal/ossl/shims.h | 446 +++ + .../internal/ossl/syscall_nocgo.go | 87 + + .../internal/ossl/syscall_nocgo_darwin.go | 8 + + .../internal/ossl/syscall_nocgo_freebsd.go | 8 + + .../internal/ossl/syscall_nocgo_linux.go | 8 + + .../internal/ossl/syscall_nocgo_unix.go | 23 + + .../internal/ossl/syscall_nocgo_windows.go | 25 + + .../go-crypto-openssl/internal/ossl/zdl.s | 58 + + .../internal/ossl/zdl_nocgo.go | 61 + + .../go-crypto-openssl/internal/ossl/zossl.c | 2083 ++++++++++++++ + .../go-crypto-openssl/internal/ossl/zossl.go | 76 + + .../go-crypto-openssl/internal/ossl/zossl.h | 375 +++ + .../internal/ossl/zossl_cgo.go | 1513 ++++++++++ + .../internal/ossl/zossl_nocgo.go | 2481 +++++++++++++++++ + .../go-crypto-openssl/openssl/aes.go | 158 ++ + .../go-crypto-openssl/openssl/big.go | 14 + + .../openssl/chacha20poly1305.go | 152 + + .../go-crypto-openssl/openssl/cipher.go | 666 +++++ + .../go-crypto-openssl/openssl/const.go | 109 + + .../go-crypto-openssl/openssl/cshake.go | 256 ++ + .../go-crypto-openssl/openssl/des.go | 121 + + .../go-crypto-openssl/openssl/dsa.go | 306 ++ + .../microsoft/go-crypto-openssl/openssl/ec.go | 132 + + .../go-crypto-openssl/openssl/ecdh.go | 341 +++ + .../go-crypto-openssl/openssl/ecdsa.go | 220 ++ + .../go-crypto-openssl/openssl/ed25519.go | 209 ++ + .../go-crypto-openssl/openssl/evp.go | 615 ++++ + .../go-crypto-openssl/openssl/hash.go | 521 ++++ + .../go-crypto-openssl/openssl/hkdf.go | 330 +++ + .../go-crypto-openssl/openssl/hmac.go | 280 ++ + .../go-crypto-openssl/openssl/mldsa.go | 449 +++ + .../go-crypto-openssl/openssl/mlkem.go | 369 +++ + .../go-crypto-openssl/openssl/openssl.go | 183 ++ + .../go-crypto-openssl/openssl/openssl_cgo.go | 17 + + .../openssl/openssl_nocgo.go | 35 + + .../go-crypto-openssl/openssl/params.go | 191 ++ + .../go-crypto-openssl/openssl/pbkdf2.go | 86 + + .../openssl/provideropenssl.go | 250 ++ + .../openssl/providersymcrypt.go | 331 +++ + .../go-crypto-openssl/openssl/rand.go | 37 + + .../go-crypto-openssl/openssl/rc4.go | 76 + + .../go-crypto-openssl/openssl/rsa.go | 712 +++++ + .../go-crypto-openssl/openssl/tls1prf.go | 157 ++ + .../go-crypto-openssl/openssl/zaes.go | 87 + + .../go-crypto-openssl/osslsetup/fips.go | 69 + + .../go-crypto-openssl/osslsetup/init.go | 170 ++ + .../osslsetup/init_cgo_unix.go | 34 + + .../osslsetup/init_nocgo_unix.go | 35 + + .../osslsetup/init_windows.go | 37 + + .../go-crypto-openssl/osslsetup/osslsetup.go | 109 + + .../osslsetup/osslsetup_cgo.go | 12 + + .../osslsetup/osslsetup_nocgo.go | 24 + .../microsoft/go-crypto-winnative/LICENSE | 21 + - .../microsoft/go-crypto-winnative/cng/aes.go | 427 ++++ + .../microsoft/go-crypto-winnative/cng/aes.go | 427 +++ .../go-crypto-winnative/cng/bbig/big.go | 31 + .../microsoft/go-crypto-winnative/cng/big.go | 30 + .../go-crypto-winnative/cng/cipher.go | 52 + - .../microsoft/go-crypto-winnative/cng/cng.go | 131 ++ + .../microsoft/go-crypto-winnative/cng/cng.go | 131 + .../microsoft/go-crypto-winnative/cng/des.go | 106 + - .../microsoft/go-crypto-winnative/cng/dsa.go | 465 ++++ - .../microsoft/go-crypto-winnative/cng/ecdh.go | 255 +++ + .../microsoft/go-crypto-winnative/cng/dsa.go | 465 +++ + .../microsoft/go-crypto-winnative/cng/ecdh.go | 255 ++ .../go-crypto-winnative/cng/ecdsa.go | 169 ++ .../microsoft/go-crypto-winnative/cng/hash.go | 315 +++ .../go-crypto-winnative/cng/hashclone.go | 18 + .../cng/hashclone_go125.go | 13 + - .../microsoft/go-crypto-winnative/cng/hkdf.go | 128 ++ + .../microsoft/go-crypto-winnative/cng/hkdf.go | 128 + .../microsoft/go-crypto-winnative/cng/hmac.go | 68 + .../microsoft/go-crypto-winnative/cng/keys.go | 220 ++ .../go-crypto-winnative/cng/pbkdf2.go | 70 + .../microsoft/go-crypto-winnative/cng/rand.go | 28 + .../microsoft/go-crypto-winnative/cng/rc4.go | 65 + - .../microsoft/go-crypto-winnative/cng/rsa.go | 396 ++++ + .../microsoft/go-crypto-winnative/cng/rsa.go | 396 +++ .../microsoft/go-crypto-winnative/cng/sha3.go | 311 +++ .../go-crypto-winnative/cng/tls1prf.go | 89 + - .../internal/bcrypt/bcrypt_windows.go | 368 ++++ + .../internal/bcrypt/bcrypt_windows.go | 368 +++ .../internal/bcrypt/ntstatus_windows.go | 45 + - .../internal/bcrypt/zsyscall_windows.go | 412 ++++ + .../internal/bcrypt/zsyscall_windows.go | 412 +++ .../internal/subtle/aliasing.go | 32 + .../internal/sysdll/sys_windows.go | 55 + - src/vendor/modules.txt | 17 + - 129 files changed, 19092 insertions(+), 7 deletions(-) + src/vendor/modules.txt | 19 + + 211 files changed, 28605 insertions(+), 7 deletions(-) create mode 100644 src/cmd/internal/telemetry/counter/deps_ignore.go create mode 100644 src/cmd/vendor/github.com/microsoft/go-infra/telemetry/LICENSE create mode 100644 src/cmd/vendor/github.com/microsoft/go-infra/telemetry/README.md @@ -160,47 +242,6 @@ Use a 'go' that was recently built by the current branch to ensure stable result create mode 100644 src/cmd/vendor/github.com/microsoft/go-infra/telemetry/internal/telemetry/telemetry.go create mode 100644 src/cmd/vendor/github.com/microsoft/go-infra/telemetry/telemetry.go create mode 100644 src/crypto/internal/backend/deps_ignore.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/.gitignore - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/.gitleaks.toml - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/LICENSE - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/README.md - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/aes.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/bbig/big.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/big.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/cipher.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/const.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/des.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/dsa.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/ec.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/ecdh.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/ecdsa.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/ed25519.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/evp.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/hash.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/hashclone.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/hashclone_go125.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/hkdf.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/hmac.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/init.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/init_unix.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/init_windows.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/errors.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/ossl.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/shims.h - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/zossl.c - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/zossl.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/zossl.h - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/zossl_go124.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/openssl.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/params.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/pbkdf2.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/provideropenssl.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/providersymcrypt.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/rand.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/rc4.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/rsa.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/tls1prf.go - create mode 100644 src/vendor/github.com/golang-fips/openssl/v2/zaes.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-darwin/LICENSE create mode 100644 src/vendor/github.com/microsoft/go-crypto-darwin/bbig/big.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/CryptoKit.o @@ -232,6 +273,129 @@ Use a 'go' that was recently built by the current branch to ensure stable result create mode 100644 src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/rc4.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/rsa.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/xcrypto.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/LICENSE + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/bbig/big.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_amd64.h + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_arm64.h + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_loong64.h + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_ppc64x.h + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_riscv64.h + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_386.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_amd64.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_arm.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_arm64.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_loong64.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_ppc64le.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_riscv64.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_s390x.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/callbacks.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/fakecgo.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/fakecgo.lock + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/freebsd.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/generate.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_darwin.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_freebsd.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_libinit.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_linux.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_setenv.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_util.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/iscgo.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_darwin.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_freebsd.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_linux.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/linux.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/setenv.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_386.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_amd64.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_arm.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_arm64.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_386.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_amd64.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_arm.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_arm64.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_loong64.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_ppc64le.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_riscv64.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_s390x.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_loong64.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_ppc64le.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_riscv64.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_s390x.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_darwin.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_freebsd.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_linux.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_darwin.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_freebsd.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_linux.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_stubs.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_386.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_amd64.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_arm.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_arm64.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_loong64.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_others.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_ppc64le.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_riscv64.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_s390x.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/dl.h + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors_cgo.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors_nocgo.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/ossl.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/shims.h + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_darwin.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_freebsd.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_linux.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_unix.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_windows.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zdl.s + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zdl_nocgo.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.c + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.h + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl_cgo.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl_nocgo.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/aes.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/big.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/chacha20poly1305.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/cipher.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/const.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/cshake.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/des.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/dsa.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ec.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdh.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdsa.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ed25519.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/evp.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hash.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hkdf.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hmac.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/mldsa.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/mlkem.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl_cgo.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl_nocgo.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/params.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/pbkdf2.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/provideropenssl.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/providersymcrypt.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rand.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rc4.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rsa.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/tls1prf.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/zaes.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/fips.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_cgo_unix.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_nocgo_unix.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_windows.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup_cgo.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup_nocgo.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-winnative/LICENSE create mode 100644 src/vendor/github.com/microsoft/go-crypto-winnative/cng/aes.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-winnative/cng/bbig/big.go @@ -1893,7 +2057,7 @@ index 542b27f2be9fe5..3d920e92c51813 100644 golang.org/x/arch/arm/armasm diff --git a/src/crypto/internal/backend/deps_ignore.go b/src/crypto/internal/backend/deps_ignore.go new file mode 100644 -index 00000000000000..ae4055d2d71303 +index 00000000000000..f5dc9afe4b0ead --- /dev/null +++ b/src/crypto/internal/backend/deps_ignore.go @@ -0,0 +1,22 @@ @@ -1906,8 +2070,8 @@ index 00000000000000..ae4055d2d71303 +package main + +import ( -+ _ "github.com/golang-fips/openssl/v2" -+ _ "github.com/golang-fips/openssl/v2/bbig" ++ _ "github.com/microsoft/go-crypto-openssl/bbig" ++ _ "github.com/microsoft/go-crypto-openssl/openssl" + + _ "github.com/microsoft/go-crypto-darwin/bbig" + _ "github.com/microsoft/go-crypto-darwin/xcrypto" @@ -1920,7 +2084,7 @@ index 00000000000000..ae4055d2d71303 +// that are used by the backend package. This allows to track +// their versions in a single patch file. diff --git a/src/go.mod b/src/go.mod -index 83bcb73a5d1fd5..7c485f1c2c45a2 100644 +index 83bcb73a5d1fd5..f7a63f1c057dce 100644 --- a/src/go.mod +++ b/src/go.mod @@ -11,3 +11,9 @@ require ( @@ -1929,26 +2093,26 @@ index 83bcb73a5d1fd5..7c485f1c2c45a2 100644 ) + +require ( -+ github.com/golang-fips/openssl/v2 v2.0.4-0.20260419202439-d4b2f5e5072f + github.com/microsoft/go-crypto-darwin v0.0.2-0.20250714125817-871ed82e87d7 ++ github.com/microsoft/go-crypto-openssl v0.0.0-20260521090922-bd6798f35c69 + github.com/microsoft/go-crypto-winnative v0.0.0-20250703113837-e4483837c98b +) diff --git a/src/go.sum b/src/go.sum -index e61a311a128012..1bd71a30ee7881 100644 +index e61a311a128012..3119437caf7ffe 100644 --- a/src/go.sum +++ b/src/go.sum @@ -1,3 +1,9 @@ -+github.com/golang-fips/openssl/v2 v2.0.4-0.20260419202439-d4b2f5e5072f h1:jcrhdAeUfhJg4QUhbYv0nNSvxz7DqAM4jtgesR0PVOg= -+github.com/golang-fips/openssl/v2 v2.0.4-0.20260419202439-d4b2f5e5072f/go.mod h1:OYUBsoxLpFu8OFyhZHxfpN8lgcsw8JhTC3BQK7+XUc0= +github.com/microsoft/go-crypto-darwin v0.0.2-0.20250714125817-871ed82e87d7 h1:6a0YcJOAJWLtEqDW55bUhhe4Nx/9Rpmm80KVMUxD6B4= +github.com/microsoft/go-crypto-darwin v0.0.2-0.20250714125817-871ed82e87d7/go.mod h1:LyP4oZ0QcysEJdqUTOk9ngNFArRFK94YRImkoJ8julQ= ++github.com/microsoft/go-crypto-openssl v0.0.0-20260521090922-bd6798f35c69 h1:gtZRTEEfTbjAKMNbDGXeayGoReqVhBIw+J8QzgWuBEs= ++github.com/microsoft/go-crypto-openssl v0.0.0-20260521090922-bd6798f35c69/go.mod h1:gJrjX+yWGi9pkbfPVDDh+ZbgjtQoRSXHjb/ZyjwKk34= +github.com/microsoft/go-crypto-winnative v0.0.0-20250703113837-e4483837c98b h1:Yf6lm9r6Aid3PG5FoeSX2v4iU+xWnAmCRQNjBxgceWI= +github.com/microsoft/go-crypto-winnative v0.0.0-20250703113837-e4483837c98b/go.mod h1:JkxQeL8dGcyCuKjn1Etz4NmQrOMImMy4BA9hptEfVFA= golang.org/x/crypto v0.39.0 h1:SHs+kF4LP+f+p14esP5jAoDpHU8Gu/v9lFRK6IT5imM= golang.org/x/crypto v0.39.0/go.mod h1:L+Xg3Wf6HoL4Bn4238Z6ft6KfEpN0tJGo53AAPC632U= golang.org/x/net v0.41.1-0.20260417201234-a9171bc8c6f1 h1:m1pqrn0a8dUQblLBpuciZTjkJ34uU561s+HLlQi2Kec= diff --git a/src/go/build/deps_test.go b/src/go/build/deps_test.go -index 641d1a325a5c07..9bfef9e125e8d3 100644 +index 641d1a325a5c07..4145c70f62440e 100644 --- a/src/go/build/deps_test.go +++ b/src/go/build/deps_test.go @@ -521,6 +521,24 @@ var depsRules = ` @@ -1964,8 +2128,8 @@ index 641d1a325a5c07..9bfef9e125e8d3 100644 + crypto/subtle, + hash, + crypto/cipher -+ < github.com/golang-fips/openssl/v2/internal/ossl -+ < github.com/golang-fips/openssl/v2 ++ < github.com/microsoft/go-crypto-openssl/internal/ossl ++ < github.com/microsoft/go-crypto-openssl/openssl + < github.com/microsoft/go-crypto-darwin/internal/cryptokit + < github.com/microsoft/go-crypto-darwin/xcrypto + < github.com/microsoft/go-crypto-winnative/internal/subtle @@ -1998,7 +2162,7 @@ index 641d1a325a5c07..9bfef9e125e8d3 100644 # CRYPTO-MATH is crypto that exposes math/big APIs - no cgo, net; fmt now ok. -+ math/big, github.com/golang-fips/openssl/v2 < github.com/golang-fips/openssl/v2/bbig; ++ math/big, github.com/microsoft/go-crypto-openssl/openssl < github.com/microsoft/go-crypto-openssl/bbig; + math/big, github.com/microsoft/go-crypto-darwin/xcrypto < github.com/microsoft/go-crypto-darwin/bbig; + math/big, github.com/microsoft/go-crypto-winnative/cng < github.com/microsoft/go-crypto-winnative/cng/bbig; + @@ -2019,7 +2183,7 @@ index 641d1a325a5c07..9bfef9e125e8d3 100644 var imports []string var haveImport = map[string]bool{} - if pkg == "crypto/internal/boring" { -+ if pkg == "crypto/internal/boring" || strings.HasPrefix(pkg, "github.com/golang-fips/openssl/v2") || strings.HasPrefix(pkg, "github.com/microsoft/go-crypto-darwin") { ++ if pkg == "crypto/internal/boring" || strings.HasPrefix(pkg, "github.com/microsoft/go-crypto-openssl/openssl") || strings.HasPrefix(pkg, "github.com/microsoft/go-crypto-darwin") { haveImport["C"] = true // kludge: prevent C from appearing in crypto/internal/boring imports } fset := token.NewFileSet() @@ -2038,10752 +2202,71 @@ index 7f6237ffd59c11..8f68bc361081f1 100644 } // Verify that the vendor directories contain only packages matching the list above. -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/.gitignore b/src/vendor/github.com/golang-fips/openssl/v2/.gitignore -new file mode 100644 -index 00000000000000..b6c942fc91eec7 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/.gitignore -@@ -0,0 +1,2 @@ -+**/.DS_Store -+.vscode/ -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/.gitleaks.toml b/src/vendor/github.com/golang-fips/openssl/v2/.gitleaks.toml -new file mode 100644 -index 00000000000000..aed2e22df2d555 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/.gitleaks.toml -@@ -0,0 +1,9 @@ -+# -+# GitLeaks Repo Specific Configuration -+# -+# This allowlist is used to ignore false positives during secret scans. -+ -+[allowlist] -+paths = [ -+ 'ecdh_test.go', -+] -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/LICENSE b/src/vendor/github.com/golang-fips/openssl/v2/LICENSE -new file mode 100644 -index 00000000000000..97e85154015761 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/LICENSE -@@ -0,0 +1,20 @@ -+The MIT License (MIT) -+ -+Copyright (c) 2022 The Golang FIPS Authors -+ -+Permission is hereby granted, free of charge, to any person obtaining a copy of -+this software and associated documentation files (the "Software"), to deal in -+the Software without restriction, including without limitation the rights to -+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of -+the Software, and to permit persons to whom the Software is furnished to do so, -+subject to the following conditions: -+ -+The above copyright notice and this permission notice shall be included in all -+copies or substantial portions of the Software. -+ -+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS -+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR -+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER -+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -\ No newline at end of file -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/README.md b/src/vendor/github.com/golang-fips/openssl/v2/README.md -new file mode 100644 -index 00000000000000..f63cf39e70c064 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/README.md -@@ -0,0 +1,66 @@ -+# Go OpenSSL bindings for FIPS compliance -+ -+[![Go Reference](https://pkg.go.dev/badge/github.com/golang-fips/openssl.svg)](https://pkg.go.dev/github.com/golang-fips/openssl) -+ -+The `openssl` package implements Go crypto primitives using OpenSSL shared libraries and cgo. When configured correctly, OpenSSL can be executed in FIPS mode, making the `openssl` package FIPS compliant. -+ -+The `openssl` package is designed to be used as a drop-in replacement for the [boring](https://pkg.go.dev/crypto/internal/boring) package in order to facilitate integrating `openssl` inside a forked Go toolchain. -+ -+## Disclaimer -+ -+A program directly or indirectly using this package in FIPS mode can claim it is using a FIPS-certified cryptographic module (OpenSSL), but it can't claim the program as a whole is FIPS certified without passing the certification process, nor claim it is FIPS compliant without ensuring all crypto APIs and workflows are implemented in a FIPS-compliant manner. -+ -+## Background -+ -+FIPS 140-2 is a U.S. government computer security standard used to approve cryptographic modules. FIPS compliance may come up when working with U.S. government and other regulated industries. -+ -+### Go FIPS compliance -+ -+The Go `crypto` package is not FIPS certified, and the Go team has stated that it won't be, e.g. in [golang/go/issues/21734](https://github.com/golang/go/issues/21734#issuecomment-326980213) Adam Langley says: -+ -+> The status of FIPS 140 for Go itself remains "no plans, basically zero chance". -+ -+On the other hand, Google maintains a branch that uses cgo and BoringSSL to implement various crypto primitives: https://github.com/golang/go/blob/dev.boringcrypto/README.boringcrypto.md. As BoringSSL is FIPS 140-2 certified, an application using that branch is more likely to be FIPS 140-2 compliant, yet Google does not provide any liability about the suitability of this code in relation to the FIPS 140-2 standard. -+ -+## Features -+ -+### Multiple OpenSSL versions supported -+ -+The `openssl` package has support for multiple OpenSSL versions, namely 1.1.0, 1.1.1 and 3.x. -+ -+All supported OpenSSL versions pass a small set of automatic tests that ensure they can be built and that there are no major regressions. -+These tests do not validate the cryptographic correctness of the `openssl` package. -+ -+On top of that, the [golang-fips Go fork](https://github.com/golang-fips/go) (maintained by Red Hat) and the [Microsoft build of Go](https://github.com/microsoft/go) test a subset of the supported OpenSSL versions when integrated with the Go `crypto` package. -+These tests are much more exhaustive and validate a specific OpenSSL version can produce working applications. -+ -+### Building without OpenSSL headers -+ -+The `openssl` package does not use any symbol from the OpenSSL headers. There is no need that have them installed to build an application which imports this library. -+ -+The CI tests in this repository verify that all the functions and constants defined in our headers match the ones in the OpenSSL headers for every supported OpenSSL version. -+ -+### Portable OpenSSL -+ -+The OpenSSL bindings are implemented in such a way that the OpenSSL version available when building a program does not have to match with the OpenSSL version used when running it. -+In fact, OpenSSL doesn't need to be present on the builder. -+For example, using the `openssl` package and `go build .` on a Windows host with `GOOS=linux` can produce a program that successfully runs on Linux and uses OpenSSL. -+ -+This feature does not require any additional configuration, but it only works with OpenSSL versions known and supported by the Go toolchain that integrates the `openssl` package. -+ -+## Limitations -+ -+- Only Unix, Unix-like and Windows platforms are supported. -+- The build must set `CGO_ENABLED=1`. -+ -+## Acknowledgements -+ -+The work done to support FIPS compatibility mode leverages code and ideas from other open-source projects: -+ -+- All crypto stubs are a mirror of Google's [dev.boringcrypto branch](https://github.com/golang/go/tree/dev.boringcrypto) and the release branch ports of that branch. -+- The mapping between BoringSSL and OpenSSL APIs is taken from the former [Red Hat Go fork](https://pagure.io/go). -+- The portable OpenSSL implementation is ported from Microsoft's [.NET runtime](https://github.com/dotnet/runtime) cryptography module. -+ -+## Code of Conduct -+ -+This project adopts the Go code of conduct: https://go.dev/conduct. -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/aes.go b/src/vendor/github.com/golang-fips/openssl/v2/aes.go +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/LICENSE b/src/vendor/github.com/microsoft/go-crypto-darwin/LICENSE new file mode 100644 -index 00000000000000..3b3e247e86c8ae +index 00000000000000..9e841e7a26e4eb --- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/aes.go -@@ -0,0 +1,146 @@ -+//go:build !cmd_go_bootstrap -+ -+package openssl -+ -+import "C" -+import ( -+ "crypto/cipher" -+ "errors" -+) -+ -+//go:generate go run github.com/golang-fips/openssl/v2/cmd/genaesmodes -in aes.go -modes CBC,CTR,GCM -out zaes.go -+//go:generate go run github.com/golang-fips/openssl/v2/cmd/gentestvectors -out vectors_test.go -+ -+// Steps to support a new AES mode, e.g. `FOO`: -+// 1. Add `FOO` to the list of modes in the `genaesmodes` command. -+// 2. Run `go generate` to update the generated code. -+// 3. Implement the necessary interfaces for the new struct, which will be named `cipherWithFOO`. -+ -+// NewAESCipher creates and returns a new AES cipher.Block. -+// The key argument should be the AES key, either 16, 24, or 32 bytes to select -+// AES-128, AES-192, or AES-256. -+// The returned cipher.Block implements the CBC, CTR, and/or GCM modes if -+// the underlying OpenSSL library supports them. -+func NewAESCipher(key []byte) (cipher.Block, error) { -+ var kind cipherKind -+ switch len(key) * 8 { -+ case 128: -+ kind = cipherAES128 -+ case 192: -+ kind = cipherAES192 -+ case 256: -+ kind = cipherAES256 -+ default: -+ return nil, errors.New("crypto/aes: invalid key size") -+ } -+ c, err := newEVPCipher(key, kind) -+ if err != nil { -+ return nil, err -+ } -+ return newAESBlock(c, kind), nil -+} -+ -+// NewGCMTLS returns a GCM cipher specific to TLS -+// and should not be used for non-TLS purposes. -+func NewGCMTLS(c cipher.Block) (cipher.AEAD, error) { -+ if c, ok := c.(interface { -+ NewGCMTLS() (cipher.AEAD, error) -+ }); ok { -+ return c.NewGCMTLS() -+ } -+ return nil, errors.New("GCM not supported") -+} -+ -+// NewGCMTLS13 returns a GCM cipher specific to TLS 1.3 and should not be used -+// for non-TLS purposes. -+func NewGCMTLS13(c cipher.Block) (cipher.AEAD, error) { -+ if c, ok := c.(interface { -+ NewGCMTLS13() (cipher.AEAD, error) -+ }); ok { -+ return c.NewGCMTLS13() -+ } -+ return nil, errors.New("GCM not supported") -+} -+ -+// aesCipher implements the cipher.Block interface. -+type aesCipher struct { -+ cipher *evpCipher -+} -+ -+func (c aesCipher) BlockSize() int { -+ return c.cipher.blockSize -+} -+ -+func (c aesCipher) Encrypt(dst, src []byte) { -+ if err := c.cipher.encrypt(dst, src); err != nil { -+ // crypto/aes expects that the panic message starts with "crypto/aes: ". -+ panic("crypto/aes: " + err.Error()) -+ } -+} -+ -+func (c aesCipher) Decrypt(dst, src []byte) { -+ if err := c.cipher.decrypt(dst, src); err != nil { -+ // crypto/aes expects that the panic message starts with "crypto/aes: ". -+ panic("crypto/aes: " + err.Error()) -+ } -+} -+ -+// Implement optional interfaces for AES modes. -+ -+func (c cipherWithCBC) NewCBCEncrypter(iv []byte) cipher.BlockMode { -+ return c.cipher.newCBC(iv, cipherOpEncrypt) -+} -+ -+func (c cipherWithCBC) NewCBCDecrypter(iv []byte) cipher.BlockMode { -+ return c.cipher.newCBC(iv, cipherOpDecrypt) -+} -+ -+func (c cipherWithCTR) NewCTR(iv []byte) cipher.Stream { -+ return c.cipher.newCTR(iv) -+} -+ -+func (c cipherWithGCM) NewGCM(nonceSize, tagSize int) (cipher.AEAD, error) { -+ return c.cipher.newGCMChecked(nonceSize, tagSize) -+} -+ -+func (c cipherWithGCM) NewGCMTLS() (cipher.AEAD, error) { -+ return c.cipher.newGCM(cipherGCMTLS12) -+} -+ -+func (c cipherWithGCM) NewGCMTLS13() (cipher.AEAD, error) { -+ return c.cipher.newGCM(cipherGCMTLS13) -+} -+ -+// The following interfaces have been copied out of crypto/aes/modes.go. -+ -+type gcmAble interface { -+ NewGCM(nonceSize, tagSize int) (cipher.AEAD, error) -+} -+ -+type cbcEncAble interface { -+ NewCBCEncrypter(iv []byte) cipher.BlockMode -+} -+ -+type cbcDecAble interface { -+ NewCBCDecrypter(iv []byte) cipher.BlockMode -+} -+ -+type ctrAble interface { -+ NewCTR(iv []byte) cipher.Stream -+} -+ -+// Test that the interfaces are implemented. ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/LICENSE +@@ -0,0 +1,21 @@ ++ MIT License + -+var ( -+ _ cipher.Block = (*aesCipher)(nil) ++ Copyright (c) Microsoft Corporation. + -+ _ cipher.Block = (*cipherWithCBC)(nil) -+ _ cbcEncAble = (*cipherWithCBC)(nil) -+ _ cbcDecAble = (*cipherWithCBC)(nil) ++ Permission is hereby granted, free of charge, to any person obtaining a copy ++ of this software and associated documentation files (the "Software"), to deal ++ in the Software without restriction, including without limitation the rights ++ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell ++ copies of the Software, and to permit persons to whom the Software is ++ furnished to do so, subject to the following conditions: + -+ _ cipher.Block = (*cipherWithCTR)(nil) -+ _ ctrAble = (*cipherWithCTR)(nil) ++ The above copyright notice and this permission notice shall be included in all ++ copies or substantial portions of the Software. + -+ _ cipher.Block = (*cipherWithGCM)(nil) -+ _ gcmAble = (*cipherWithGCM)(nil) -+) -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/bbig/big.go b/src/vendor/github.com/golang-fips/openssl/v2/bbig/big.go ++ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR ++ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, ++ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE ++ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER ++ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, ++ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE ++ SOFTWARE +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/bbig/big.go b/src/vendor/github.com/microsoft/go-crypto-darwin/bbig/big.go new file mode 100644 -index 00000000000000..a81cbdbef93148 +index 00000000000000..73891afeab93d7 --- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/bbig/big.go -@@ -0,0 +1,37 @@ -+// Copyright 2022 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+// This is a mirror of -+// https://github.com/golang/go/blob/36b87f273cc43e21685179dc1664ebb5493d26ae/src/crypto/internal/boring/bbig/big.go. ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/bbig/big.go +@@ -0,0 +1,31 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. + +package bbig + +import ( + "math/big" -+ "unsafe" + -+ "github.com/golang-fips/openssl/v2" ++ "github.com/microsoft/go-crypto-darwin/xcrypto" +) + -+func Enc(b *big.Int) openssl.BigInt { ++func Enc(b *big.Int) xcrypto.BigInt { + if b == nil { + return nil + } -+ x := b.Bits() ++ x := b.Bytes() + if len(x) == 0 { -+ return openssl.BigInt{} ++ return xcrypto.BigInt{} + } -+ return unsafe.Slice((*uint)(&x[0]), len(x)) ++ return x +} + -+func Dec(b openssl.BigInt) *big.Int { ++func Dec(b xcrypto.BigInt) *big.Int { + if b == nil { + return nil + } + if len(b) == 0 { + return new(big.Int) + } -+ x := unsafe.Slice((*big.Word)(&b[0]), len(b)) -+ return new(big.Int).SetBits(x) ++ return new(big.Int).SetBytes(b) +} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/big.go b/src/vendor/github.com/golang-fips/openssl/v2/big.go -new file mode 100644 -index 00000000000000..6461f241f863fc ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/big.go -@@ -0,0 +1,11 @@ -+package openssl -+ -+// This file does not have build constraints to -+// facilitate using BigInt in Go crypto. -+// Go crypto references BigInt unconditionally, -+// even if it is not finally used. -+ -+// A BigInt is the raw words from a BigInt. -+// This definition allows us to avoid importing math/big. -+// Conversion between BigInt and *big.Int is in openssl/bbig. -+type BigInt []uint -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/cipher.go b/src/vendor/github.com/golang-fips/openssl/v2/cipher.go -new file mode 100644 -index 00000000000000..e2b90fc0e9bfd4 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/cipher.go -@@ -0,0 +1,654 @@ -+//go:build !cmd_go_bootstrap -+ -+package openssl -+ -+import "C" -+ -+import ( -+ "crypto/cipher" -+ "errors" -+ "runtime" -+ "strconv" -+ "sync" -+ "unsafe" -+ -+ "github.com/golang-fips/openssl/v2/internal/ossl" -+) -+ -+type cipherKind int8 -+ -+const ( -+ cipherAES128 cipherKind = iota -+ cipherAES192 -+ cipherAES256 -+ cipherDES -+ cipherDES3 -+ cipherRC4 -+) -+ -+func (c cipherKind) String() string { -+ switch c { -+ case cipherAES128: -+ return "AES-128" -+ case cipherAES192: -+ return "AES-192" -+ case cipherAES256: -+ return "AES-256" -+ case cipherDES: -+ return "DES" -+ case cipherDES3: -+ return "DES3" -+ case cipherRC4: -+ return "RC4" -+ default: -+ panic("unknown cipher kind: " + strconv.Itoa(int(c))) -+ } -+} -+ -+type cipherMode int8 -+ -+const ( -+ cipherModeNone cipherMode = -1 -+ cipherModeECB cipherMode = iota -+ cipherModeCBC -+ cipherModeCTR -+ cipherModeGCM -+) -+ -+// cipherOp is the allowed operations for a cipher, -+// as documented in [EVP_CipherInit_ex]. -+// -+// [EVP_CipherInit_ex]: https://www.openssl.org/docs/man3.0/man3/EVP_CipherInit_ex.html -+type cipherOp int8 -+ -+const ( -+ cipherOpNone cipherOp = -1 // leaves the value of the previous call, if any. -+ cipherOpDecrypt cipherOp = 0 -+ cipherOpEncrypt cipherOp = 1 -+) -+ -+// cacheCipher is a cache of cipherKind to GO_EVP_CIPHER_PTR. -+var cacheCipher sync.Map -+ -+type cacheCipherKey struct { -+ kind cipherKind -+ mode cipherMode -+} -+ -+// loadCipher returns a cipher object for the given k. -+func loadCipher(k cipherKind, mode cipherMode) (cipher ossl.EVP_CIPHER_PTR) { -+ if v, ok := cacheCipher.Load(cacheCipherKey{k, mode}); ok { -+ return v.(ossl.EVP_CIPHER_PTR) -+ } -+ defer func() { -+ if cipher != nil && vMajor == 3 { -+ // On OpenSSL 3, directly operating on a EVP_CIPHER object -+ // not created by EVP_CIPHER has negative performance -+ // implications, as cipher operations will have -+ // to fetch it on every call. Better to just fetch it once here. -+ cipher, _ = ossl.EVP_CIPHER_fetch(nil, ossl.EVP_CIPHER_get0_name(cipher), nil) -+ } -+ cacheCipher.Store(cacheCipherKey{k, mode}, cipher) -+ }() -+ switch k { -+ case cipherAES128: -+ switch mode { -+ case cipherModeECB: -+ cipher = ossl.EVP_aes_128_ecb() -+ case cipherModeCBC: -+ cipher = ossl.EVP_aes_128_cbc() -+ case cipherModeCTR: -+ cipher = ossl.EVP_aes_128_ctr() -+ case cipherModeGCM: -+ cipher = ossl.EVP_aes_128_gcm() -+ } -+ case cipherAES192: -+ switch mode { -+ case cipherModeECB: -+ cipher = ossl.EVP_aes_192_ecb() -+ case cipherModeCBC: -+ cipher = ossl.EVP_aes_192_cbc() -+ case cipherModeCTR: -+ cipher = ossl.EVP_aes_192_ctr() -+ case cipherModeGCM: -+ cipher = ossl.EVP_aes_192_gcm() -+ } -+ case cipherAES256: -+ switch mode { -+ case cipherModeECB: -+ cipher = ossl.EVP_aes_256_ecb() -+ case cipherModeCBC: -+ cipher = ossl.EVP_aes_256_cbc() -+ case cipherModeCTR: -+ cipher = ossl.EVP_aes_256_ctr() -+ case cipherModeGCM: -+ cipher = ossl.EVP_aes_256_gcm() -+ } -+ case cipherDES: -+ switch mode { -+ case cipherModeECB: -+ cipher = ossl.EVP_des_ecb() -+ case cipherModeCBC: -+ cipher = ossl.EVP_des_cbc() -+ } -+ case cipherDES3: -+ switch mode { -+ case cipherModeECB: -+ cipher = ossl.EVP_des_ede3_ecb() -+ case cipherModeCBC: -+ cipher = ossl.EVP_des_ede3_cbc() -+ } -+ case cipherRC4: -+ cipher = ossl.EVP_rc4() -+ } -+ return cipher -+} -+ -+type evpCipher struct { -+ key []byte -+ kind cipherKind -+ blockSize int -+} -+ -+func newEVPCipher(key []byte, kind cipherKind) (*evpCipher, error) { -+ cipher := loadCipher(kind, cipherModeECB) -+ if cipher == nil { -+ return nil, errors.New("crypto/cipher: unsupported cipher: " + kind.String()) -+ } -+ c := &evpCipher{key: make([]byte, len(key)), kind: kind} -+ copy(c.key, key) -+ c.blockSize = int(ossl.EVP_CIPHER_get_block_size(cipher)) -+ return c, nil -+} -+ -+func (c *evpCipher) encrypt(dst, src []byte) error { -+ if len(src) < c.blockSize { -+ return errors.New("input not full block") -+ } -+ if len(dst) < c.blockSize { -+ return errors.New("output not full block") -+ } -+ // Only check for overlap between the parts of src and dst that will actually be used. -+ // This matches Go standard library behavior. -+ if inexactOverlap(dst[:c.blockSize], src[:c.blockSize]) { -+ return errors.New("invalid buffer overlap") -+ } -+ enc_ctx, err := newCipherCtx(c.kind, cipherModeECB, cipherOpEncrypt, c.key, nil) -+ if err != nil { -+ return err -+ } -+ defer ossl.EVP_CIPHER_CTX_free(enc_ctx) -+ -+ var outl int32 -+ if _, err := ossl.EVP_EncryptUpdate(enc_ctx, base(dst), &outl, base(src), int32(c.blockSize)); err != nil { -+ return err -+ } -+ runtime.KeepAlive(c) -+ return nil -+} -+ -+func (c *evpCipher) decrypt(dst, src []byte) error { -+ if len(src) < c.blockSize { -+ return errors.New("input not full block") -+ } -+ if len(dst) < c.blockSize { -+ return errors.New("output not full block") -+ } -+ // Only check for overlap between the parts of src and dst that will actually be used. -+ // This matches Go standard library behavior. -+ if inexactOverlap(dst[:c.blockSize], src[:c.blockSize]) { -+ return errors.New("invalid buffer overlap") -+ } -+ dec_ctx, err := newCipherCtx(c.kind, cipherModeECB, cipherOpDecrypt, c.key, nil) -+ if err != nil { -+ return err -+ } -+ defer ossl.EVP_CIPHER_CTX_free(dec_ctx) -+ -+ if _, err := ossl.EVP_CIPHER_CTX_set_padding(dec_ctx, 0); err != nil { -+ return err -+ } -+ -+ var outl int32 -+ ossl.EVP_DecryptUpdate(dec_ctx, base(dst), &outl, base(src), int32(c.blockSize)) -+ runtime.KeepAlive(c) -+ return nil -+} -+ -+type cipherCBC struct { -+ ctx ossl.EVP_CIPHER_CTX_PTR -+ blockSize int -+} -+ -+func (c *cipherCBC) finalize() { -+ ossl.EVP_CIPHER_CTX_free(c.ctx) -+} -+ -+func (x *cipherCBC) BlockSize() int { return x.blockSize } -+ -+func (x *cipherCBC) CryptBlocks(dst, src []byte) { -+ if inexactOverlap(dst, src) { -+ panic("crypto/cipher: invalid buffer overlap") -+ } -+ if len(src)%x.blockSize != 0 { -+ panic("crypto/cipher: input not full blocks") -+ } -+ if len(dst) < len(src) { -+ panic("crypto/cipher: output smaller than input") -+ } -+ if len(src) > 0 { -+ var outl int32 -+ if _, err := ossl.EVP_CipherUpdate(x.ctx, base(dst), &outl, base(src), int32(len(src))); err != nil { -+ panic("crypto/cipher: " + err.Error()) -+ } -+ runtime.KeepAlive(x) -+ } -+} -+ -+func (x *cipherCBC) SetIV(iv []byte) { -+ if len(iv) != x.blockSize { -+ panic("crypto/cipher: incorrect length IV") -+ } -+ if _, err := ossl.EVP_CipherInit_ex(x.ctx, nil, nil, nil, base(iv), int32(cipherOpNone)); err != nil { -+ panic("crypto/cipher: " + err.Error()) -+ } -+} -+ -+func (c *evpCipher) newCBC(iv []byte, op cipherOp) cipher.BlockMode { -+ ctx, err := newCipherCtx(c.kind, cipherModeCBC, op, c.key, iv) -+ if err != nil { -+ panic(err) -+ } -+ x := &cipherCBC{ctx: ctx, blockSize: c.blockSize} -+ runtime.SetFinalizer(x, (*cipherCBC).finalize) -+ if _, err := ossl.EVP_CIPHER_CTX_set_padding(x.ctx, 0); err != nil { -+ panic("crypto/cipher: " + err.Error()) -+ } -+ return x -+} -+ -+type cipherCTR struct { -+ ctx ossl.EVP_CIPHER_CTX_PTR -+} -+ -+func (x *cipherCTR) XORKeyStream(dst, src []byte) { -+ if inexactOverlap(dst, src) { -+ panic("crypto/cipher: invalid buffer overlap") -+ } -+ if len(dst) < len(src) { -+ panic("crypto/cipher: output smaller than input") -+ } -+ if len(src) == 0 { -+ return -+ } -+ var outl int32 -+ if _, err := ossl.EVP_EncryptUpdate(x.ctx, base(dst), &outl, base(src), int32(len(src))); err != nil { -+ panic("crypto/cipher: " + err.Error()) -+ } -+ runtime.KeepAlive(x) -+} -+ -+func (c *evpCipher) newCTR(iv []byte) cipher.Stream { -+ ctx, err := newCipherCtx(c.kind, cipherModeCTR, cipherOpEncrypt, c.key, iv) -+ if err != nil { -+ panic(err) -+ } -+ x := &cipherCTR{ctx: ctx} -+ runtime.SetFinalizer(x, (*cipherCTR).finalize) -+ return x -+} -+ -+func (c *cipherCTR) finalize() { -+ ossl.EVP_CIPHER_CTX_free(c.ctx) -+} -+ -+type cipherGCMTLS uint8 -+ -+const ( -+ cipherGCMTLSNone cipherGCMTLS = iota -+ cipherGCMTLS12 -+ cipherGCMTLS13 -+) -+ -+type cipherGCM struct { -+ c *evpCipher -+ tls cipherGCMTLS -+ // minNextNonce is the minimum value that the next nonce can be, enforced by -+ // all TLS modes. -+ minNextNonce uint64 -+ // mask is the nonce mask used in TLS 1.3 mode. -+ mask uint64 -+ // maskInitialized is true if mask has been initialized. This happens during -+ // the first Seal. The initialized mask may be 0. Used by TLS 1.3 mode. -+ maskInitialized bool -+ blockSize int -+} -+ -+const ( -+ aesBlockSize = 16 -+ gcmTagSize = 16 -+ gcmStandardNonceSize = 12 -+ // TLS 1.2 additional data is constructed as: -+ // -+ // additional_data = seq_num(8) + TLSCompressed.type(1) + TLSCompressed.version(2) + TLSCompressed.length(2); -+ gcmTls12AddSize = 13 -+ // TLS 1.3 additional data is constructed as: -+ // -+ // additional_data = TLSCiphertext.opaque_type(1) || TLSCiphertext.legacy_record_version(2) || TLSCiphertext.length(2) -+ gcmTls13AddSize = 5 -+ gcmTlsFixedNonceSize = 4 -+) -+ -+type noGCM struct { -+ *evpCipher -+} -+ -+func (g *noGCM) BlockSize() int { -+ return g.blockSize -+} -+ -+func (g *noGCM) Encrypt(dst, src []byte) { -+ g.encrypt(dst, src) -+} -+ -+func (g *noGCM) Decrypt(dst, src []byte) { -+ g.decrypt(dst, src) -+} -+ -+func (c *evpCipher) newGCMChecked(nonceSize, tagSize int) (cipher.AEAD, error) { -+ if nonceSize != gcmStandardNonceSize && tagSize != gcmTagSize { -+ return nil, errors.New("crypto/cipher: GCM tag and nonce sizes can't be non-standard at the same time") -+ } -+ // Fall back to standard library for GCM with non-standard nonce or tag size. -+ if nonceSize != gcmStandardNonceSize { -+ return cipher.NewGCMWithNonceSize(&noGCM{c}, nonceSize) -+ } -+ if tagSize != gcmTagSize { -+ return cipher.NewGCMWithTagSize(&noGCM{c}, tagSize) -+ } -+ return c.newGCM(cipherGCMTLSNone) -+} -+ -+func (c *evpCipher) newGCM(tls cipherGCMTLS) (cipher.AEAD, error) { -+ g := &cipherGCM{c: c, tls: tls, blockSize: c.blockSize} -+ return g, nil -+} -+ -+func (g *cipherGCM) NonceSize() int { -+ return gcmStandardNonceSize -+} -+ -+func (g *cipherGCM) Overhead() int { -+ return gcmTagSize -+} -+ -+func (g *cipherGCM) Seal(dst, nonce, plaintext, aad []byte) []byte { -+ if len(nonce) != gcmStandardNonceSize { -+ panic("cipher: incorrect nonce length given to GCM") -+ } -+ if uint64(len(plaintext)) > ((1<<32)-2)*uint64(g.blockSize) || len(plaintext)+gcmTagSize < len(plaintext) { -+ panic("cipher: message too large for GCM") -+ } -+ if len(dst)+len(plaintext)+gcmTagSize < len(dst) { -+ panic("cipher: message too large for buffer") -+ } -+ if g.tls != cipherGCMTLSNone { -+ if g.tls == cipherGCMTLS12 && len(aad) != gcmTls12AddSize { -+ panic("cipher: incorrect additional data length given to GCM TLS 1.2") -+ } else if g.tls == cipherGCMTLS13 && len(aad) != gcmTls13AddSize { -+ panic("cipher: incorrect additional data length given to GCM TLS 1.3") -+ } -+ counter := bigEndianUint64(nonce[gcmTlsFixedNonceSize:]) -+ if g.tls == cipherGCMTLS13 { -+ // In TLS 1.3, the counter in the nonce has a mask and requires -+ // further decoding. -+ if !g.maskInitialized { -+ // According to TLS 1.3 nonce construction details at -+ // https://tools.ietf.org/html/rfc8446#section-5.3: -+ // -+ // the first record transmitted under a particular traffic -+ // key MUST use sequence number 0. -+ // -+ // The padded sequence number is XORed with [a mask]. -+ // -+ // The resulting quantity (of length iv_length) is used as -+ // the per-record nonce. -+ // -+ // We need to convert from the given nonce to sequence numbers -+ // to keep track of minNextNonce and enforce the counter -+ // maximum. On the first call, we know counter^mask is 0^mask, -+ // so we can simply store it as the mask. -+ g.mask = counter -+ g.maskInitialized = true -+ } -+ counter ^= g.mask -+ } -+ // BoringCrypto enforces strictly monotonically increasing explicit nonces -+ // and to fail after 2^64 - 1 keys as per FIPS 140-2 IG A.5, -+ // but OpenSSL does not perform this check, so it is implemented here. -+ const maxUint64 = 1<<64 - 1 -+ if counter == maxUint64 { -+ panic("cipher: nonce counter must be less than 2^64 - 1") -+ } -+ if counter < g.minNextNonce { -+ panic("cipher: nonce counter must be strictly monotonically increasing") -+ } -+ defer func() { -+ g.minNextNonce = counter + 1 -+ }() -+ } -+ -+ // Make room in dst to append plaintext+overhead. -+ ret, out := sliceForAppend(dst, len(plaintext)+gcmTagSize) -+ -+ // Check delayed until now to make sure len(dst) is accurate. -+ if inexactOverlap(out, plaintext) { -+ panic("cipher: invalid buffer overlap") -+ } -+ -+ ctx, err := newCipherCtx(g.c.kind, cipherModeGCM, cipherOpNone, g.c.key, nil) -+ if err != nil { -+ panic(err) -+ } -+ defer ossl.EVP_CIPHER_CTX_free(ctx) -+ // Encrypt additional data. -+ // When sealing a TLS payload, OpenSSL app sets the additional data using -+ // '_EVP_CIPHER_CTX_ctrl(g.ctx, _EVP_CTRL_AEAD_TLS1_AAD, _EVP_AEAD_TLS1_AAD_LEN, base(additionalData))'. -+ // This makes the explicit nonce component to monotonically increase on every Seal operation without -+ // relying in the explicit nonce being securely set externally, -+ // and it also gives some interesting speed gains. -+ // Unfortunately we can't use it because Go expects AEAD.Seal to honor the provided nonce. -+ if _, err := ossl.EVP_EncryptInit_ex(ctx, nil, nil, nil, base(nonce)); err != nil { -+ panic(err) -+ } -+ var outl, discard int32 -+ if _, err := ossl.EVP_EncryptUpdate(ctx, nil, &discard, baseNeverEmpty(aad), int32(len(aad))); err != nil { -+ panic(err) -+ } -+ if _, err := ossl.EVP_EncryptUpdate(ctx, base(out), &outl, baseNeverEmpty(plaintext), int32(len(plaintext))); err != nil { -+ panic(err) -+ } -+ if len(plaintext) != int(outl) { -+ panic("cipher: incorrect length returned from GCM EncryptUpdate") -+ } -+ if _, err := ossl.EVP_EncryptFinal_ex(ctx, base(out[outl:]), &discard); err != nil { -+ panic(err) -+ } -+ if _, err := ossl.EVP_CIPHER_CTX_ctrl(ctx, ossl.EVP_CTRL_GCM_GET_TAG, 16, unsafe.Pointer(base(out[outl:]))); err != nil { -+ panic(err) -+ } -+ runtime.KeepAlive(g) -+ return ret -+} -+ -+func (g *cipherGCM) SealWithRandomNonce(out, nonce, plaintext, aad []byte) { -+ if uint64(len(plaintext)) > uint64((1<<32)-2)*aesBlockSize { -+ panic("crypto/cipher: message too large for GCM") -+ } -+ if len(nonce) != gcmStandardNonceSize { -+ panic("crypto/cipher: incorrect nonce length given to GCMWithRandomNonce") -+ } -+ if len(out) != len(plaintext)+gcmTagSize { -+ panic("crypto/cipher: incorrect output length given to GCMWithRandomNonce") -+ } -+ if inexactOverlap(out, plaintext) { -+ panic("crypto/cipher: invalid buffer overlap of output and input") -+ } -+ if anyOverlap(out, aad) { -+ panic("crypto/cipher: invalid buffer overlap of output and additional data") -+ } -+ -+ if g.tls != cipherGCMTLSNone { -+ panic("cipher: encryption failed") -+ } -+ -+ RandReader.Read(nonce) -+ ctx, err := newCipherCtx(g.c.kind, cipherModeGCM, cipherOpNone, g.c.key, nil) -+ if err != nil { -+ panic(err) -+ } -+ defer ossl.EVP_CIPHER_CTX_free(ctx) -+ -+ if _, err := ossl.EVP_EncryptInit_ex(ctx, nil, nil, nil, base(nonce)); err != nil { -+ panic(err) -+ } -+ var outl, discard int32 -+ if _, err := ossl.EVP_EncryptUpdate(ctx, nil, &discard, baseNeverEmpty(aad), int32(len(aad))); err != nil { -+ panic(err) -+ } -+ if _, err := ossl.EVP_EncryptUpdate(ctx, base(out), &outl, baseNeverEmpty(plaintext), int32(len(plaintext))); err != nil { -+ panic(err) -+ } -+ if len(plaintext) != int(outl) { -+ panic("cipher: incorrect length returned from GCM EncryptUpdate") -+ } -+ if _, err := ossl.EVP_EncryptFinal_ex(ctx, base(out[outl:]), &discard); err != nil { -+ panic(err) -+ } -+ if _, err := ossl.EVP_CIPHER_CTX_ctrl(ctx, ossl.EVP_CTRL_GCM_GET_TAG, 16, unsafe.Pointer(base(out[outl:]))); err != nil { -+ panic(err) -+ } -+ runtime.KeepAlive(g) -+} -+ -+var errOpen = errors.New("cipher: message authentication failed") -+ -+func (g *cipherGCM) Open(dst, nonce, ciphertext, aad []byte) (_ []byte, err error) { -+ if len(nonce) != gcmStandardNonceSize { -+ panic("cipher: incorrect nonce length given to GCM") -+ } -+ if len(ciphertext) < gcmTagSize { -+ return nil, errOpen -+ } -+ if uint64(len(ciphertext)) > ((1<<32)-2)*uint64(g.blockSize)+gcmTagSize { -+ return nil, errOpen -+ } -+ // BoringCrypto does not do any TLS check when decrypting, neither do we. -+ -+ tag := ciphertext[len(ciphertext)-gcmTagSize:] -+ ciphertext = ciphertext[:len(ciphertext)-gcmTagSize] -+ -+ // Make room in dst to append ciphertext without tag. -+ ret, out := sliceForAppend(dst, len(ciphertext)) -+ -+ // Check delayed until now to make sure len(dst) is accurate. -+ if inexactOverlap(out, ciphertext) { -+ panic("cipher: invalid buffer overlap") -+ } -+ -+ ctx, err := newCipherCtx(g.c.kind, cipherModeGCM, cipherOpNone, g.c.key, nil) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EVP_CIPHER_CTX_free(ctx) -+ -+ defer func() { -+ if err != nil { -+ // Zero output buffer on error. -+ for i := range out { -+ out[i] = 0 -+ } -+ } -+ }() -+ if _, err := ossl.EVP_DecryptInit_ex(ctx, nil, nil, nil, base(nonce)); err != nil { -+ return nil, errOpen -+ } -+ if _, err := ossl.EVP_CIPHER_CTX_ctrl(ctx, ossl.EVP_CTRL_GCM_SET_TAG, 16, unsafe.Pointer(base(tag))); err != nil { -+ return nil, errOpen -+ } -+ var outl, discard int32 -+ if _, err := ossl.EVP_DecryptUpdate(ctx, nil, &discard, baseNeverEmpty(aad), int32(len(aad))); err != nil { -+ return nil, errOpen -+ } -+ if _, err := ossl.EVP_DecryptUpdate(ctx, base(out), &outl, baseNeverEmpty(ciphertext), int32(len(ciphertext))); err != nil { -+ return nil, errOpen -+ } -+ if len(ciphertext) != int(outl) { -+ return nil, errOpen -+ } -+ if _, err := ossl.EVP_DecryptFinal_ex(ctx, base(out[outl:]), &discard); err != nil { -+ return nil, errOpen -+ } -+ runtime.KeepAlive(g) -+ return ret, nil -+} -+ -+// sliceForAppend is a mirror of crypto/cipher.sliceForAppend. -+func sliceForAppend(in []byte, n int) (head, tail []byte) { -+ if total := len(in) + n; cap(in) >= total { -+ head = in[:total] -+ } else { -+ head = make([]byte, total) -+ copy(head, in) -+ } -+ tail = head[len(in):] -+ return -+} -+ -+func newCipherCtx(kind cipherKind, mode cipherMode, encrypt cipherOp, key, iv []byte) (_ ossl.EVP_CIPHER_CTX_PTR, err error) { -+ cipher := loadCipher(kind, mode) -+ if cipher == nil { -+ panic("crypto/cipher: unsupported cipher: " + kind.String()) -+ } -+ ctx, err := ossl.EVP_CIPHER_CTX_new() -+ if err != nil { -+ return nil, err -+ } -+ defer func() { -+ if err != nil { -+ ossl.EVP_CIPHER_CTX_free(ctx) -+ } -+ }() -+ if kind == cipherRC4 { -+ // RC4 cipher supports a variable key length. -+ // We need to set the key length before setting the key, -+ // and to do so we need to have an initialized cipher ctx. -+ if _, err := ossl.EVP_CipherInit_ex(ctx, cipher, nil, nil, nil, int32(encrypt)); err != nil { -+ return nil, err -+ } -+ if _, err := ossl.EVP_CIPHER_CTX_set_key_length(ctx, int32(len(key))); err != nil { -+ return nil, err -+ } -+ // Pass nil to the next call to EVP_CipherInit_ex to avoid resetting ctx's cipher. -+ cipher = nil -+ } -+ if _, err := ossl.EVP_CipherInit_ex(ctx, cipher, nil, base(key), base(iv), int32(encrypt)); err != nil { -+ return nil, err -+ } -+ return ctx, nil -+} -+ -+// The following two functions are a mirror of golang.org/x/crypto/internal/subtle. -+ -+func anyOverlap(x, y []byte) bool { -+ return len(x) > 0 && len(y) > 0 && -+ uintptr(unsafe.Pointer(&x[0])) <= uintptr(unsafe.Pointer(&y[len(y)-1])) && -+ uintptr(unsafe.Pointer(&y[0])) <= uintptr(unsafe.Pointer(&x[len(x)-1])) -+} -+ -+func inexactOverlap(x, y []byte) bool { -+ if len(x) == 0 || len(y) == 0 || &x[0] == &y[0] { -+ return false -+ } -+ return anyOverlap(x, y) -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/const.go b/src/vendor/github.com/golang-fips/openssl/v2/const.go -new file mode 100644 -index 00000000000000..9f99a9dc456242 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/const.go -@@ -0,0 +1,93 @@ -+package openssl -+ -+import "C" -+import "unsafe" -+ -+// cString is a null-terminated string, -+// akin to C's char*. -+type cString string -+ -+// str returns the string value. -+func (s cString) str() string { -+ return string(s) -+} -+ -+// ptr returns a pointer to the string data. -+// It panics if the string is not null-terminated. -+// -+// The memory pointed to by the returned pointer should -+// not be modified and it must only be passed to -+// "const char*" parameters. Any attempt to modify it -+// will result in a runtime panic, as Go strings are -+// allocated in read-only memory. -+func (s cString) ptr() *byte { -+ if len(s) == 0 { -+ return nil -+ } -+ if s[len(s)-1] != 0 { -+ panic("must be null-terminated") -+ } -+ return unsafe.StringData(string(s)) -+} -+ -+const ( //checkheader:ignore -+ // Provider names -+ _ProviderNameFips cString = "fips\x00" -+ _ProviderNameDefault cString = "default\x00" -+ -+ // Property strings -+ _PropFIPSYes cString = "fips=yes\x00" -+ _PropFIPSNo cString = "-fips\x00" -+ -+ // Key types -+ _KeyTypeRSA cString = "RSA\x00" -+ _KeyTypeEC cString = "EC\x00" -+ _KeyTypeED25519 cString = "ED25519\x00" -+ -+ // Digest Names -+ _DigestNameSHA2_256 cString = "SHA2-256\x00" -+ -+ // KDF names -+ _OSSL_KDF_NAME_HKDF cString = "HKDF\x00" -+ _OSSL_KDF_NAME_PBKDF2 cString = "PBKDF2\x00" -+ _OSSL_KDF_NAME_TLS1_PRF cString = "TLS1-PRF\x00" -+ _OSSL_KDF_NAME_TLS13_KDF cString = "TLS13-KDF\x00" -+ _OSSL_MAC_NAME_HMAC cString = "HMAC\x00" -+ -+ // KDF parameters -+ _OSSL_KDF_PARAM_DIGEST cString = "digest\x00" -+ _OSSL_KDF_PARAM_SECRET cString = "secret\x00" -+ _OSSL_KDF_PARAM_SEED cString = "seed\x00" -+ _OSSL_KDF_PARAM_KEY cString = "key\x00" -+ _OSSL_KDF_PARAM_INFO cString = "info\x00" -+ _OSSL_KDF_PARAM_SALT cString = "salt\x00" -+ _OSSL_KDF_PARAM_MODE cString = "mode\x00" -+ -+ // TLS3-KDF parameters -+ _OSSL_KDF_PARAM_PREFIX cString = "prefix\x00" -+ _OSSL_KDF_PARAM_LABEL cString = "label\x00" -+ _OSSL_KDF_PARAM_DATA cString = "data\x00" -+ -+ // PKEY parameters -+ _OSSL_PKEY_PARAM_PUB_KEY cString = "pub\x00" -+ _OSSL_PKEY_PARAM_PRIV_KEY cString = "priv\x00" -+ _OSSL_PKEY_PARAM_GROUP_NAME cString = "group\x00" -+ _OSSL_PKEY_PARAM_EC_PUB_X cString = "qx\x00" -+ _OSSL_PKEY_PARAM_EC_PUB_Y cString = "qy\x00" -+ _OSSL_PKEY_PARAM_FFC_PBITS cString = "pbits\x00" -+ _OSSL_PKEY_PARAM_FFC_QBITS cString = "qbits\x00" -+ _OSSL_PKEY_PARAM_RSA_N cString = "n\x00" -+ _OSSL_PKEY_PARAM_RSA_E cString = "e\x00" -+ _OSSL_PKEY_PARAM_RSA_D cString = "d\x00" -+ _OSSL_PKEY_PARAM_FFC_P cString = "p\x00" -+ _OSSL_PKEY_PARAM_FFC_Q cString = "q\x00" -+ _OSSL_PKEY_PARAM_FFC_G cString = "g\x00" -+ _OSSL_PKEY_PARAM_RSA_FACTOR1 cString = "rsa-factor1\x00" -+ _OSSL_PKEY_PARAM_RSA_FACTOR2 cString = "rsa-factor2\x00" -+ _OSSL_PKEY_PARAM_RSA_EXPONENT1 cString = "rsa-exponent1\x00" -+ _OSSL_PKEY_PARAM_RSA_EXPONENT2 cString = "rsa-exponent2\x00" -+ _OSSL_PKEY_PARAM_RSA_COEFFICIENT1 cString = "rsa-coefficient1\x00" -+ -+ // MAC parameters -+ _OSSL_MAC_PARAM_DIGEST cString = "digest\x00" -+) -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/des.go b/src/vendor/github.com/golang-fips/openssl/v2/des.go -new file mode 100644 -index 00000000000000..78ecb9888e18cb ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/des.go -@@ -0,0 +1,113 @@ -+//go:build !cmd_go_bootstrap -+ -+package openssl -+ -+import "C" -+import ( -+ "crypto/cipher" -+ "errors" -+) -+ -+// SupportsDESCipher returns true if NewDESCipher is supported, -+// which uses ECB mode. -+// If CBC is also supported, then the returned cipher.Block -+// will also implement NewCBCEncrypter and NewCBCDecrypter. -+func SupportsDESCipher() bool { -+ // True for stock OpenSSL 1 w/o FIPS. -+ // False for stock OpenSSL 3 unless the legacy provider is available. -+ return (versionAtOrAbove(3, 0, 0) || !FIPS()) && loadCipher(cipherDES, cipherModeECB) != nil -+} -+ -+// SupportsTripleDESCipher returns true if NewTripleDESCipher is supported, -+// which uses ECB mode. -+// If CBC is also supported, then the returned cipher.Block -+// will also implement NewCBCEncrypter and NewCBCDecrypter. -+func SupportsTripleDESCipher() bool { -+ // Should always be true for stock OpenSSL, -+ // even when using the FIPS provider. -+ return loadCipher(cipherDES3, cipherModeECB) != nil -+} -+ -+func NewDESCipher(key []byte) (cipher.Block, error) { -+ if len(key) != 8 { -+ return nil, errors.New("crypto/des: invalid key size") -+ } -+ return newDESCipher(key, cipherDES) -+} -+ -+func NewTripleDESCipher(key []byte) (cipher.Block, error) { -+ if len(key) != 24 { -+ return nil, errors.New("crypto/des: invalid key size") -+ } -+ return newDESCipher(key, cipherDES3) -+} -+ -+func newDESCipher(key []byte, kind cipherKind) (cipher.Block, error) { -+ c, err := newEVPCipher(key, kind) -+ if err != nil { -+ return nil, err -+ } -+ if loadCipher(kind, cipherModeCBC) == nil { -+ return &desCipherWithoutCBC{c}, nil -+ } -+ return &desCipher{c}, nil -+} -+ -+type desExtraModes interface { -+ NewCBCEncrypter(iv []byte) cipher.BlockMode -+ NewCBCDecrypter(iv []byte) cipher.BlockMode -+} -+ -+var _ desExtraModes = (*desCipher)(nil) -+ -+type desCipher struct { -+ *evpCipher -+} -+ -+func (c *desCipher) BlockSize() int { -+ return c.blockSize -+} -+ -+func (c *desCipher) Encrypt(dst, src []byte) { -+ if err := c.encrypt(dst, src); err != nil { -+ // crypto/des expects that the panic message starts with "crypto/des: ". -+ panic("crypto/des: " + err.Error()) -+ } -+} -+ -+func (c *desCipher) Decrypt(dst, src []byte) { -+ if err := c.decrypt(dst, src); err != nil { -+ // crypto/des expects that the panic message starts with "crypto/des: ". -+ panic("crypto/des: " + err.Error()) -+ } -+} -+ -+func (c *desCipher) NewCBCEncrypter(iv []byte) cipher.BlockMode { -+ return c.newCBC(iv, cipherOpEncrypt) -+} -+ -+func (c *desCipher) NewCBCDecrypter(iv []byte) cipher.BlockMode { -+ return c.newCBC(iv, cipherOpDecrypt) -+} -+ -+type desCipherWithoutCBC struct { -+ *evpCipher -+} -+ -+func (c *desCipherWithoutCBC) BlockSize() int { -+ return c.blockSize -+} -+ -+func (c *desCipherWithoutCBC) Encrypt(dst, src []byte) { -+ if err := c.encrypt(dst, src); err != nil { -+ // crypto/des expects that the panic message starts with "crypto/des: ". -+ panic("crypto/des: " + err.Error()) -+ } -+} -+ -+func (c *desCipherWithoutCBC) Decrypt(dst, src []byte) { -+ if err := c.decrypt(dst, src); err != nil { -+ // crypto/des expects that the panic message starts with "crypto/des: ". -+ panic("crypto/des: " + err.Error()) -+ } -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/dsa.go b/src/vendor/github.com/golang-fips/openssl/v2/dsa.go -new file mode 100644 -index 00000000000000..37663591d7568a ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/dsa.go -@@ -0,0 +1,309 @@ -+//go:build !cmd_go_bootstrap -+ -+package openssl -+ -+import "C" -+import ( -+ "runtime" -+ "unsafe" -+ -+ "github.com/golang-fips/openssl/v2/internal/ossl" -+) -+ -+// SupportsDSA returns true if the OpenSSL library supports DSA. -+func SupportsDSA() bool { -+ ctx, err := ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_DSA, nil) -+ if err != nil { -+ return false -+ } -+ ossl.EVP_PKEY_CTX_free(ctx) -+ return true -+} -+ -+// DSAParameters contains the DSA parameters. -+type DSAParameters struct { -+ P, Q, G BigInt -+} -+ -+// PrivateKeyDSA represents a DSA private key. -+type PrivateKeyDSA struct { -+ DSAParameters -+ X, Y BigInt -+ -+ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. -+ _pkey ossl.EVP_PKEY_PTR -+} -+ -+func (k *PrivateKeyDSA) finalize() { -+ ossl.EVP_PKEY_free(k._pkey) -+} -+ -+func (k *PrivateKeyDSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { -+ defer runtime.KeepAlive(k) -+ return f(k._pkey) -+} -+ -+// PublicKeyDSA represents a DSA public key. -+type PublicKeyDSA struct { -+ DSAParameters -+ Y BigInt -+ -+ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. -+ _pkey ossl.EVP_PKEY_PTR -+} -+ -+func (k *PublicKeyDSA) finalize() { -+ ossl.EVP_PKEY_free(k._pkey) -+} -+ -+func (k *PublicKeyDSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { -+ defer runtime.KeepAlive(k) -+ return f(k._pkey) -+} -+ -+// GenerateParametersDSA generates a set of DSA parameters. -+func GenerateParametersDSA(l, n int) (DSAParameters, error) { -+ // The DSA parameters are generated by creating a new DSA key and -+ // extracting the domain parameters from it. -+ -+ // Generate a new DSA key context and set the known parameters. -+ ctx, err := ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_DSA, nil) -+ if err != nil { -+ return DSAParameters{}, err -+ } -+ defer ossl.EVP_PKEY_CTX_free(ctx) -+ if _, err := ossl.EVP_PKEY_paramgen_init(ctx); err != nil { -+ return DSAParameters{}, err -+ } -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_DSA, -1, ossl.EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, int32(l), nil); err != nil { -+ return DSAParameters{}, err -+ } -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_DSA, -1, ossl.EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, int32(n), nil); err != nil { -+ return DSAParameters{}, err -+ } -+ var pkey ossl.EVP_PKEY_PTR -+ if _, err := ossl.EVP_PKEY_paramgen(ctx, &pkey); err != nil { -+ return DSAParameters{}, err -+ } -+ defer ossl.EVP_PKEY_free(pkey) -+ -+ // Extract the domain parameters from the generated key. -+ var p, q, g ossl.BIGNUM_PTR -+ switch vMajor { -+ case 1: -+ dsa := getDSA(pkey) -+ ossl.DSA_get0_pqg(dsa, &p, &q, &g) -+ case 3: -+ defer func() { -+ ossl.BN_free(p) -+ ossl.BN_free(q) -+ ossl.BN_free(g) -+ }() -+ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_FFC_P.ptr(), &p); err != nil { -+ return DSAParameters{}, err -+ } -+ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_FFC_Q.ptr(), &q); err != nil { -+ return DSAParameters{}, err -+ } -+ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_FFC_G.ptr(), &g); err != nil { -+ return DSAParameters{}, err -+ } -+ default: -+ panic(errUnsupportedVersion()) -+ } -+ -+ return DSAParameters{ -+ P: bnToBig(p), -+ Q: bnToBig(q), -+ G: bnToBig(g), -+ }, nil -+} -+ -+// NewPrivateKeyDSA creates a new DSA private key from the given parameters. -+func NewPrivateKeyDSA(params DSAParameters, x, y BigInt) (*PrivateKeyDSA, error) { -+ if x == nil || y == nil { -+ panic("x and y must not be nil") -+ } -+ pkey, err := newDSA(params, x, y) -+ if err != nil { -+ return nil, err -+ } -+ k := &PrivateKeyDSA{params, x, y, pkey} -+ runtime.SetFinalizer(k, (*PrivateKeyDSA).finalize) -+ return k, nil -+} -+ -+// NewPublicKeyDSA creates a new DSA public key from the given parameters. -+func NewPublicKeyDSA(params DSAParameters, y BigInt) (*PublicKeyDSA, error) { -+ if y == nil { -+ panic("y must not be nil") -+ } -+ pkey, err := newDSA(params, nil, y) -+ if err != nil { -+ return nil, err -+ } -+ k := &PublicKeyDSA{params, y, pkey} -+ runtime.SetFinalizer(k, (*PublicKeyDSA).finalize) -+ return k, nil -+} -+ -+// GenerateKeyDSA generates a new private DSA key using the given parameters. -+func GenerateKeyDSA(params DSAParameters) (x, y BigInt, err error) { -+ pkey, err := newDSA(params, nil, nil) -+ if err != nil { -+ return nil, nil, err -+ } -+ defer ossl.EVP_PKEY_free(pkey) -+ var bx, by ossl.BIGNUM_PTR -+ switch vMajor { -+ case 1: -+ dsa := getDSA(pkey) -+ ossl.DSA_get0_key(dsa, &by, &bx) -+ case 3: -+ defer func() { -+ ossl.BN_clear_free(bx) -+ ossl.BN_free(by) -+ }() -+ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PUB_KEY.ptr(), &by); err != nil { -+ return nil, nil, err -+ } -+ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PRIV_KEY.ptr(), &bx); err != nil { -+ return nil, nil, err -+ } -+ default: -+ panic(errUnsupportedVersion()) -+ } -+ return bnToBig(bx), bnToBig(by), nil -+} -+ -+// SignDSA signs a hash (which should be the result of hashing a larger message). -+func SignDSA(priv *PrivateKeyDSA, hash []byte) ([]byte, error) { -+ return evpSign(priv.withKey, 0, 0, 0, hash) -+} -+ -+// VerifyDSA verifiessig using the public key, pub. -+func VerifyDSA(pub *PublicKeyDSA, hash []byte, sig []byte) bool { -+ return evpVerify(pub.withKey, 0, 0, 0, sig, hash) == nil -+} -+ -+func newDSA(params DSAParameters, x, y BigInt) (ossl.EVP_PKEY_PTR, error) { -+ switch vMajor { -+ case 1: -+ return newDSA1(params, x, y) -+ case 3: -+ return newDSA3(params, x, y) -+ default: -+ panic(errUnsupportedVersion()) -+ } -+} -+ -+func newDSA1(params DSAParameters, x, y BigInt) (pkey ossl.EVP_PKEY_PTR, err error) { -+ checkMajorVersion(1) -+ -+ dsa, err := ossl.DSA_new() -+ if err != nil { -+ return nil, err -+ } -+ defer func() { -+ if pkey == nil { -+ ossl.DSA_free(dsa) -+ } -+ }() -+ // No need to check for errors here, DSA_set0_* functions will fail -+ // if the BNs are NULL and we will free non-NULL BNs in the error handling. -+ p, _ := bigToBN(params.P) -+ q, _ := bigToBN(params.Q) -+ g, _ := bigToBN(params.G) -+ if _, err := ossl.DSA_set0_pqg(dsa, p, q, g); err != nil { -+ ossl.BN_free(p) -+ ossl.BN_free(q) -+ ossl.BN_free(g) -+ return nil, err -+ } -+ if y != nil { -+ pub, _ := bigToBN(y) -+ priv, _ := bigToBN(x) -+ if _, err := ossl.DSA_set0_key(dsa, pub, priv); err != nil { -+ ossl.BN_free(pub) -+ ossl.BN_clear_free(priv) -+ return nil, err -+ } -+ } else { -+ if _, err := ossl.DSA_generate_key(dsa); err != nil { -+ return nil, err -+ } -+ } -+ pkey, err = ossl.EVP_PKEY_new() -+ if err != nil { -+ return nil, err -+ } -+ if _, err := ossl.EVP_PKEY_assign(pkey, ossl.EVP_PKEY_DSA, unsafe.Pointer(dsa)); err != nil { -+ ossl.EVP_PKEY_free(pkey) -+ return nil, err -+ } -+ return pkey, nil -+} -+ -+func newDSA3(params DSAParameters, x, y BigInt) (ossl.EVP_PKEY_PTR, error) { -+ checkMajorVersion(3) -+ -+ bld, err := newParamBuilder() -+ if err != nil { -+ return nil, err -+ } -+ defer bld.finalize() -+ -+ bld.addBigInt(_OSSL_PKEY_PARAM_FFC_P, params.P, false) -+ bld.addBigInt(_OSSL_PKEY_PARAM_FFC_Q, params.Q, false) -+ bld.addBigInt(_OSSL_PKEY_PARAM_FFC_G, params.G, false) -+ selection := int32(ossl.EVP_PKEY_KEYPAIR) -+ if y != nil { -+ bld.addBigInt(_OSSL_PKEY_PARAM_PUB_KEY, y, false) -+ if x == nil { -+ selection = ossl.EVP_PKEY_PUBLIC_KEY -+ } -+ } -+ if x != nil { -+ bld.addBigInt(_OSSL_PKEY_PARAM_PRIV_KEY, x, true) -+ } -+ bldparams, err := bld.build() -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.OSSL_PARAM_free(bldparams) -+ pkey, err := newEvpFromParams(ossl.EVP_PKEY_DSA, selection, bldparams) -+ if err != nil { -+ return nil, err -+ } -+ if y != nil { -+ return pkey, nil -+ } -+ // pkey doesn't contain the public component, but the crypto/dsa package -+ // expects it to be always there. Generate a new key using pkey as domain -+ // parameters placeholder. -+ defer ossl.EVP_PKEY_free(pkey) -+ ctx, err := ossl.EVP_PKEY_CTX_new_from_pkey(nil, pkey, nil) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EVP_PKEY_CTX_free(ctx) -+ if _, err := ossl.EVP_PKEY_keygen_init(ctx); err != nil { -+ return nil, err -+ } -+ var gkey ossl.EVP_PKEY_PTR -+ if _, err := ossl.EVP_PKEY_keygen(ctx, &gkey); err != nil { -+ return nil, err -+ } -+ return gkey, nil -+} -+ -+// getDSA returns the DSA from pkey. -+// If pkey does not contain an DSA it panics. -+// The returned key should not be freed. -+func getDSA(pkey ossl.EVP_PKEY_PTR) ossl.DSA_PTR { -+ key, err := ossl.EVP_PKEY_get0_DSA(pkey) -+ if err != nil { -+ panic(err) -+ } -+ return key -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/ec.go b/src/vendor/github.com/golang-fips/openssl/v2/ec.go -new file mode 100644 -index 00000000000000..1a4e89dc5790b6 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/ec.go -@@ -0,0 +1,67 @@ -+//go:build !cmd_go_bootstrap -+ -+package openssl -+ -+import "C" -+import "github.com/golang-fips/openssl/v2/internal/ossl" -+ -+func curveNID(curve string) int32 { -+ switch curve { -+ case "P-224": -+ return ossl.NID_secp224r1 -+ case "P-256": -+ return ossl.NID_X9_62_prime256v1 -+ case "P-384": -+ return ossl.NID_secp384r1 -+ case "P-521": -+ return ossl.NID_secp521r1 -+ default: -+ panic("openssl: unknown curve " + curve) -+ } -+} -+ -+// curveSize returns the size of the curve in bytes. -+func curveSize(curve string) int { -+ switch curve { -+ case "P-224": -+ return 224 / 8 -+ case "P-256": -+ return 256 / 8 -+ case "P-384": -+ return 384 / 8 -+ case "P-521": -+ return (521 + 7) / 8 -+ default: -+ panic("openssl: unknown curve " + curve) -+ } -+} -+ -+// encodeEcPoint encodes pt. -+func encodeEcPoint(group ossl.EC_GROUP_PTR, pt ossl.EC_POINT_PTR) ([]byte, error) { -+ // Get encoded point size. -+ n, err := ossl.EC_POINT_point2oct(group, pt, ossl.POINT_CONVERSION_UNCOMPRESSED, nil, 0, nil) -+ if err != nil { -+ return nil, err -+ } -+ // Encode point into bytes. -+ bytes := make([]byte, n) -+ if _, err = ossl.EC_POINT_point2oct(group, pt, ossl.POINT_CONVERSION_UNCOMPRESSED, base(bytes), n, nil); err != nil { -+ return nil, err -+ } -+ return bytes, nil -+} -+ -+// generateAndEncodeEcPublicKey calls newPubKeyPointFn to generate a public key point and then encodes it. -+func generateAndEncodeEcPublicKey(nid int32, newPubKeyPointFn func(group ossl.EC_GROUP_PTR) (ossl.EC_POINT_PTR, error)) ([]byte, error) { -+ group, err := ossl.EC_GROUP_new_by_curve_name(nid) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EC_GROUP_free(group) -+ pt, err := newPubKeyPointFn(group) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EC_POINT_free(pt) -+ return encodeEcPoint(group, pt) -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/ecdh.go b/src/vendor/github.com/golang-fips/openssl/v2/ecdh.go -new file mode 100644 -index 00000000000000..d80d8b153f5a84 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/ecdh.go -@@ -0,0 +1,306 @@ -+//go:build !cmd_go_bootstrap -+ -+package openssl -+ -+import "C" -+import ( -+ "errors" -+ "runtime" -+ "slices" -+ "unsafe" -+ -+ "github.com/golang-fips/openssl/v2/internal/ossl" -+) -+ -+type PublicKeyECDH struct { -+ _pkey ossl.EVP_PKEY_PTR -+ bytes []byte -+} -+ -+func (k *PublicKeyECDH) finalize() { -+ ossl.EVP_PKEY_free(k._pkey) -+} -+ -+type PrivateKeyECDH struct { -+ _pkey ossl.EVP_PKEY_PTR -+ curve string -+} -+ -+func (k *PrivateKeyECDH) finalize() { -+ ossl.EVP_PKEY_free(k._pkey) -+} -+ -+func NewPublicKeyECDH(curve string, bytes []byte) (*PublicKeyECDH, error) { -+ if len(bytes) != 1+2*curveSize(curve) { -+ return nil, errors.New("NewPublicKeyECDH: wrong key length") -+ } -+ pkey, err := newECDHPkey(curve, bytes, false) -+ if err != nil { -+ return nil, err -+ } -+ k := &PublicKeyECDH{pkey, slices.Clone(bytes)} -+ runtime.SetFinalizer(k, (*PublicKeyECDH).finalize) -+ return k, nil -+} -+ -+func (k *PublicKeyECDH) Bytes() []byte { return k.bytes } -+ -+func NewPrivateKeyECDH(curve string, bytes []byte) (*PrivateKeyECDH, error) { -+ if len(bytes) != curveSize(curve) { -+ return nil, errors.New("NewPrivateKeyECDH: wrong key length") -+ } -+ pkey, err := newECDHPkey(curve, bytes, true) -+ if err != nil { -+ return nil, err -+ } -+ k := &PrivateKeyECDH{pkey, curve} -+ runtime.SetFinalizer(k, (*PrivateKeyECDH).finalize) -+ return k, nil -+} -+ -+func (k *PrivateKeyECDH) PublicKey() (*PublicKeyECDH, error) { -+ defer runtime.KeepAlive(k) -+ var pkey ossl.EVP_PKEY_PTR -+ defer func() { -+ ossl.EVP_PKEY_free(pkey) -+ }() -+ -+ var bytes []byte -+ switch vMajor { -+ case 1: -+ var err error -+ pkey, err = ossl.EVP_PKEY_new() -+ if err != nil { -+ return nil, err -+ } -+ key := getECKey(k._pkey) -+ if _, err := ossl.EVP_PKEY_set1_EC_KEY(pkey, key); err != nil { -+ return nil, err -+ } -+ pt := ossl.EC_KEY_get0_public_key(key) -+ if pt == nil { -+ return nil, fail("missing ECDH public key") -+ } -+ group := ossl.EC_KEY_get0_group(key) -+ if bytes, err = encodeEcPoint(group, pt); err != nil { -+ return nil, err -+ } -+ case 3: -+ pkey = k._pkey -+ if _, err := ossl.EVP_PKEY_up_ref(pkey); err != nil { -+ return nil, err -+ } -+ -+ var cbytes *byte -+ n, err := ossl.EVP_PKEY_get1_encoded_public_key(k._pkey, &cbytes) -+ if err != nil { -+ return nil, err -+ } -+ bytes = C.GoBytes(unsafe.Pointer(cbytes), C.int(n)) -+ cryptoFree(unsafe.Pointer(cbytes)) -+ default: -+ panic(errUnsupportedVersion()) -+ } -+ pub := &PublicKeyECDH{pkey, bytes} -+ pkey = nil -+ runtime.SetFinalizer(pub, (*PublicKeyECDH).finalize) -+ return pub, nil -+} -+ -+func newECDHPkey(curve string, bytes []byte, isPrivate bool) (ossl.EVP_PKEY_PTR, error) { -+ nid := curveNID(curve) -+ switch vMajor { -+ case 1: -+ return newECDHPkey1(nid, bytes, isPrivate) -+ case 3: -+ return newECDHPkey3(nid, bytes, isPrivate) -+ default: -+ panic(errUnsupportedVersion()) -+ } -+} -+ -+func newECDHPkey1(nid int32, bytes []byte, isPrivate bool) (pkey ossl.EVP_PKEY_PTR, err error) { -+ checkMajorVersion(1) -+ -+ key, err := ossl.EC_KEY_new_by_curve_name(nid) -+ if err != nil { -+ return nil, err -+ } -+ defer func() { -+ if pkey == nil { -+ ossl.EC_KEY_free(key) -+ } -+ }() -+ group := ossl.EC_KEY_get0_group(key) -+ if isPrivate { -+ priv, err := ossl.BN_bin2bn(base(bytes), int32(len(bytes)), nil) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.BN_clear_free(priv) -+ if _, err := ossl.EC_KEY_set_private_key(key, priv); err != nil { -+ return nil, err -+ } -+ pub, err := pointMult(group, priv) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EC_POINT_free(pub) -+ if _, err := ossl.EC_KEY_set_public_key(key, pub); err != nil { -+ return nil, err -+ } -+ } else { -+ pub, err := ossl.EC_POINT_new(group) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EC_POINT_free(pub) -+ if _, err := ossl.EC_POINT_oct2point(group, pub, base(bytes), len(bytes), nil); err != nil { -+ return nil, err -+ } -+ if _, err := ossl.EC_KEY_set_public_key(key, pub); err != nil { -+ return nil, err -+ } -+ } -+ if _, err := ossl.EC_KEY_check_key(key); err != nil { -+ // Match upstream error message. -+ if isPrivate { -+ return nil, errors.New("crypto/ecdh: invalid private key") -+ } else { -+ return nil, errors.New("crypto/ecdh: invalid public key") -+ } -+ } -+ return newEVPPKEY(key) -+} -+ -+func newECDHPkey3(nid int32, bytes []byte, isPrivate bool) (ossl.EVP_PKEY_PTR, error) { -+ checkMajorVersion(3) -+ -+ bld, err := newParamBuilder() -+ if err != nil { -+ return nil, err -+ } -+ defer bld.finalize() -+ bld.addUTF8String(_OSSL_PKEY_PARAM_GROUP_NAME, ossl.OBJ_nid2sn(nid), 0) -+ var selection int32 -+ if isPrivate { -+ priv, err := ossl.BN_bin2bn(base(bytes), int32(len(bytes)), nil) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.BN_clear_free(priv) -+ pubBytes, err := generateAndEncodeEcPublicKey(nid, func(group ossl.EC_GROUP_PTR) (ossl.EC_POINT_PTR, error) { -+ return pointMult(group, priv) -+ }) -+ if err != nil { -+ return nil, err -+ } -+ bld.addOctetString(_OSSL_PKEY_PARAM_PUB_KEY, pubBytes) -+ bld.addBN(_OSSL_PKEY_PARAM_PRIV_KEY, priv) -+ selection = ossl.EVP_PKEY_KEYPAIR -+ } else { -+ bld.addOctetString(_OSSL_PKEY_PARAM_PUB_KEY, bytes) -+ selection = ossl.EVP_PKEY_PUBLIC_KEY -+ } -+ -+ params, err := bld.build() -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.OSSL_PARAM_free(params) -+ pkey, err := newEvpFromParams(ossl.EVP_PKEY_EC, selection, params) -+ if err != nil { -+ return nil, err -+ } -+ -+ if err := checkPkey(pkey, isPrivate); err != nil { -+ ossl.EVP_PKEY_free(pkey) -+ return nil, errors.New("crypto/ecdh: " + err.Error()) -+ } -+ return pkey, nil -+} -+ -+func pointMult(group ossl.EC_GROUP_PTR, priv ossl.BIGNUM_PTR) (ossl.EC_POINT_PTR, error) { -+ // OpenSSL does not expose any method to generate the public -+ // key from the private key [1], so we have to calculate it here. -+ // [1] https://github.com/openssl/openssl/issues/18437#issuecomment-1144717206 -+ pt, err := ossl.EC_POINT_new(group) -+ if err != nil { -+ return nil, err -+ } -+ if _, err := ossl.EC_POINT_mul(group, pt, priv, nil, nil, nil); err != nil { -+ ossl.EC_POINT_free(pt) -+ return nil, err -+ } -+ return pt, nil -+} -+ -+func ECDH(priv *PrivateKeyECDH, pub *PublicKeyECDH) ([]byte, error) { -+ defer runtime.KeepAlive(priv) -+ defer runtime.KeepAlive(pub) -+ ctx, err := ossl.EVP_PKEY_CTX_new(priv._pkey, nil) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EVP_PKEY_CTX_free(ctx) -+ if _, err := ossl.EVP_PKEY_derive_init(ctx); err != nil { -+ return nil, err -+ } -+ if _, err := ossl.EVP_PKEY_derive_set_peer(ctx, pub._pkey); err != nil { -+ return nil, err -+ } -+ var keylen int -+ if _, err := ossl.EVP_PKEY_derive(ctx, nil, &keylen); err != nil { -+ return nil, err -+ } -+ out := make([]byte, keylen) -+ if _, err := ossl.EVP_PKEY_derive(ctx, base(out), &keylen); err != nil { -+ return nil, err -+ } -+ return out, nil -+} -+ -+func GenerateKeyECDH(curve string) (*PrivateKeyECDH, []byte, error) { -+ pkey, err := generateEVPPKey(ossl.EVP_PKEY_EC, 0, curve) -+ if err != nil { -+ return nil, nil, err -+ } -+ var k *PrivateKeyECDH -+ defer func() { -+ if k == nil { -+ ossl.EVP_PKEY_free(pkey) -+ } -+ }() -+ var priv ossl.BIGNUM_PTR -+ switch vMajor { -+ case 1: -+ key := getECKey(pkey) -+ priv = ossl.EC_KEY_get0_private_key(key) -+ if priv == nil { -+ return nil, nil, fail("missing ECDH private key") -+ } -+ case 3: -+ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PRIV_KEY.ptr(), &priv); err != nil { -+ return nil, nil, err -+ } -+ defer ossl.BN_clear_free(priv) -+ default: -+ panic(errUnsupportedVersion()) -+ } -+ // We should not leak bit length of the secret scalar in the key. -+ // For this reason, we use BN_bn2binpad instead of BN_bn2bin with fixed length. -+ // The fixed length is the order of the large prime subgroup of the curve, -+ // returned by EVP_PKEY_get_bits, which is generally the upper bound for -+ // generating a private ECDH key. -+ bits, err := ossl.EVP_PKEY_get_bits(pkey) -+ if err != nil { -+ return nil, nil, err -+ } -+ bytes := make([]byte, (bits+7)/8) -+ if err := bnToBinPad(priv, bytes); err != nil { -+ return nil, nil, err -+ } -+ k = &PrivateKeyECDH{pkey, curve} -+ runtime.SetFinalizer(k, (*PrivateKeyECDH).finalize) -+ return k, bytes, nil -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/ecdsa.go b/src/vendor/github.com/golang-fips/openssl/v2/ecdsa.go -new file mode 100644 -index 00000000000000..e4d504de2146ba ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/ecdsa.go -@@ -0,0 +1,226 @@ -+//go:build !cmd_go_bootstrap -+ -+package openssl -+ -+import "C" -+import ( -+ "crypto" -+ "errors" -+ "runtime" -+ -+ "github.com/golang-fips/openssl/v2/internal/ossl" -+) -+ -+type PrivateKeyECDSA struct { -+ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. -+ _pkey ossl.EVP_PKEY_PTR -+} -+ -+func (k *PrivateKeyECDSA) finalize() { -+ ossl.EVP_PKEY_free(k._pkey) -+} -+ -+func (k *PrivateKeyECDSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { -+ defer runtime.KeepAlive(k) -+ return f(k._pkey) -+} -+ -+type PublicKeyECDSA struct { -+ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. -+ _pkey ossl.EVP_PKEY_PTR -+} -+ -+func (k *PublicKeyECDSA) finalize() { -+ ossl.EVP_PKEY_free(k._pkey) -+} -+ -+func (k *PublicKeyECDSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { -+ defer runtime.KeepAlive(k) -+ return f(k._pkey) -+} -+ -+var errUnknownCurve = errors.New("openssl: unknown elliptic curve") -+ -+func NewPublicKeyECDSA(curve string, x, y BigInt) (*PublicKeyECDSA, error) { -+ pkey, err := newECDSAKey(curve, x, y, nil) -+ if err != nil { -+ return nil, err -+ } -+ k := &PublicKeyECDSA{_pkey: pkey} -+ runtime.SetFinalizer(k, (*PublicKeyECDSA).finalize) -+ return k, nil -+} -+ -+func NewPrivateKeyECDSA(curve string, x, y, d BigInt) (*PrivateKeyECDSA, error) { -+ pkey, err := newECDSAKey(curve, x, y, d) -+ if err != nil { -+ return nil, err -+ } -+ k := &PrivateKeyECDSA{_pkey: pkey} -+ runtime.SetFinalizer(k, (*PrivateKeyECDSA).finalize) -+ return k, nil -+} -+ -+func GenerateKeyECDSA(curve string) (x, y, d BigInt, err error) { -+ // Generate the private key. -+ pkey, err := generateEVPPKey(ossl.EVP_PKEY_EC, 0, curve) -+ if err != nil { -+ return nil, nil, nil, err -+ } -+ defer ossl.EVP_PKEY_free(pkey) -+ -+ var bx, by, bd ossl.BIGNUM_PTR -+ defer func() { -+ ossl.BN_free(bx) -+ ossl.BN_free(by) -+ }() -+ switch vMajor { -+ case 1: -+ // Retrieve the internal EC_KEY, which holds the X, Y, and D coordinates. -+ key := getECKey(pkey) -+ group := ossl.EC_KEY_get0_group(key) -+ pt := ossl.EC_KEY_get0_public_key(key) -+ // Allocate two big numbers to store the X and Y coordinates. -+ bx, err = ossl.BN_new() -+ if err != nil { -+ return nil, nil, nil, err -+ } -+ by, err = ossl.BN_new() -+ if err != nil { -+ return nil, nil, nil, err -+ } -+ // Get X and Y. -+ if _, err := ossl.EC_POINT_get_affine_coordinates_GFp(group, pt, bx, by, nil); err != nil { -+ return nil, nil, nil, err -+ } -+ // Get Z. We don't need to free it, get0 does not increase the reference count. -+ bd = ossl.EC_KEY_get0_private_key(key) -+ case 3: -+ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_EC_PUB_X.ptr(), &bx); err != nil { -+ return nil, nil, nil, err -+ } -+ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_EC_PUB_Y.ptr(), &by); err != nil { -+ return nil, nil, nil, err -+ } -+ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PRIV_KEY.ptr(), &bd); err != nil { -+ return nil, nil, nil, err -+ } -+ defer ossl.BN_clear_free(bd) -+ default: -+ panic(errUnsupportedVersion()) -+ } -+ -+ // Get D. -+ return bnToBig(bx), bnToBig(by), bnToBig(bd), nil -+} -+ -+func SignMarshalECDSA(priv *PrivateKeyECDSA, hash []byte) ([]byte, error) { -+ return evpSign(priv.withKey, 0, 0, 0, hash) -+} -+ -+func HashSignECDSA(priv *PrivateKeyECDSA, h crypto.Hash, msg []byte) ([]byte, error) { -+ return evpHashSign(priv.withKey, h, msg) -+} -+ -+func VerifyECDSA(pub *PublicKeyECDSA, hash []byte, sig []byte) bool { -+ return evpVerify(pub.withKey, 0, 0, 0, sig, hash) == nil -+} -+ -+func HashVerifyECDSA(pub *PublicKeyECDSA, h crypto.Hash, msg, sig []byte) bool { -+ return evpHashVerify(pub.withKey, h, msg, sig) == nil -+} -+ -+func newECDSAKey(curve string, x, y, d BigInt) (ossl.EVP_PKEY_PTR, error) { -+ nid := curveNID(curve) -+ bx, err := bigToBN(x) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.BN_free(bx) -+ by, err := bigToBN(y) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.BN_free(by) -+ var bd ossl.BIGNUM_PTR -+ if d != nil { -+ bd, err = bigToBN(d) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.BN_clear_free(bd) -+ } -+ switch vMajor { -+ case 1: -+ return newECDSAKey1(nid, bx, by, bd) -+ case 3: -+ return newECDSAKey3(nid, bx, by, bd) -+ default: -+ panic(errUnsupportedVersion()) -+ } -+} -+ -+func newECDSAKey1(nid int32, bx, by, bd ossl.BIGNUM_PTR) (pkey ossl.EVP_PKEY_PTR, err error) { -+ checkMajorVersion(1) -+ -+ key, err := ossl.EC_KEY_new_by_curve_name(nid) -+ if err != nil { -+ return nil, err -+ } -+ defer func() { -+ if pkey == nil { -+ defer ossl.EC_KEY_free(key) -+ } -+ }() -+ if _, err := ossl.EC_KEY_set_public_key_affine_coordinates(key, bx, by); err != nil { -+ return nil, err -+ } -+ if bd != nil { -+ if _, err := ossl.EC_KEY_set_private_key(key, bd); err != nil { -+ return nil, err -+ } -+ } -+ -+ return newEVPPKEY(key) -+} -+ -+func newECDSAKey3(nid int32, bx, by, bd ossl.BIGNUM_PTR) (ossl.EVP_PKEY_PTR, error) { -+ checkMajorVersion(3) -+ -+ // Create the encoded public key public key from bx and by. -+ pubBytes, err := generateAndEncodeEcPublicKey(nid, func(group ossl.EC_GROUP_PTR) (ossl.EC_POINT_PTR, error) { -+ pt, err := ossl.EC_POINT_new(group) -+ if err != nil { -+ return nil, err -+ } -+ if _, err := ossl.EC_POINT_set_affine_coordinates(group, pt, bx, by, nil); err != nil { -+ ossl.EC_POINT_free(pt) -+ return nil, err -+ } -+ return pt, nil -+ }) -+ if err != nil { -+ return nil, err -+ } -+ // Construct the parameters. -+ bld, err := newParamBuilder() -+ if err != nil { -+ return nil, err -+ } -+ defer bld.finalize() -+ bld.addUTF8String(_OSSL_PKEY_PARAM_GROUP_NAME, ossl.OBJ_nid2sn(nid), 0) -+ bld.addOctetString(_OSSL_PKEY_PARAM_PUB_KEY, pubBytes) -+ var selection int32 -+ if bd != nil { -+ bld.addBN(_OSSL_PKEY_PARAM_PRIV_KEY, bd) -+ selection = ossl.EVP_PKEY_KEYPAIR -+ } else { -+ selection = ossl.EVP_PKEY_PUBLIC_KEY -+ } -+ params, err := bld.build() -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.OSSL_PARAM_free(params) -+ return newEvpFromParams(ossl.EVP_PKEY_EC, selection, params) -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/ed25519.go b/src/vendor/github.com/golang-fips/openssl/v2/ed25519.go -new file mode 100644 -index 00000000000000..50fd06e5c89fbd ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/ed25519.go -@@ -0,0 +1,229 @@ -+//go:build !cmd_go_bootstrap -+ -+package openssl -+ -+import "C" -+import ( -+ "errors" -+ "runtime" -+ "strconv" -+ "sync" -+ -+ "github.com/golang-fips/openssl/v2/internal/ossl" -+) -+ -+const ( -+ // publicKeySizeEd25519 is the size, in bytes, of public keys as used in crypto/ed25519. -+ publicKeySizeEd25519 = 32 -+ // privateKeySizeEd25519 is the size, in bytes, of private keys as used in crypto/ed25519. -+ privateKeySizeEd25519 = 64 -+ // signatureSizeEd25519 is the size, in bytes, of signatures generated and verified by crypto/ed25519. -+ signatureSizeEd25519 = 64 -+ // seedSizeEd25519 is the size, in bytes, of private key seeds. These are the private key representations used by RFC 8032. -+ seedSizeEd25519 = 32 -+) -+ -+// TODO: Add support for Ed25519ph and Ed25519ctx when OpenSSL supports them, -+// which will probably be in 3.2.0 (https://github.com/openssl/openssl/issues/20418). -+ -+var supportsEd25519 = sync.OnceValue(func() bool { -+ switch vMajor { -+ case 1: -+ if versionAtOrAbove(1, 1, 1) { -+ ctx, _ := ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_ED25519, nil) -+ if ctx != nil { -+ ossl.EVP_PKEY_CTX_free(ctx) -+ return true -+ } -+ } -+ case 3: -+ sig, _ := ossl.EVP_SIGNATURE_fetch(nil, _KeyTypeED25519.ptr(), nil) -+ if sig != nil { -+ ossl.EVP_SIGNATURE_free(sig) -+ return true -+ } -+ } -+ return false -+}) -+ -+// SupportsEd25519 returns true if the current OpenSSL version supports -+// GenerateKeyEd25519, NewKeyFromSeedEd25519, SignEd25519 and VerifyEd25519. -+func SupportsEd25519() bool { -+ return supportsEd25519() -+} -+ -+type PublicKeyEd25519 struct { -+ _pkey ossl.EVP_PKEY_PTR -+} -+ -+func (k *PublicKeyEd25519) finalize() { -+ ossl.EVP_PKEY_free(k._pkey) -+} -+ -+func (k *PublicKeyEd25519) Bytes() ([]byte, error) { -+ defer runtime.KeepAlive(k) -+ pub := make([]byte, publicKeySizeEd25519) -+ if err := extractPKEYPubEd25519(k._pkey, pub); err != nil { -+ return nil, err -+ } -+ return pub, nil -+} -+ -+type PrivateKeyEd25519 struct { -+ _pkey ossl.EVP_PKEY_PTR -+} -+ -+func (k *PrivateKeyEd25519) finalize() { -+ ossl.EVP_PKEY_free(k._pkey) -+} -+ -+func (k *PrivateKeyEd25519) Bytes() ([]byte, error) { -+ defer runtime.KeepAlive(k) -+ priv := make([]byte, privateKeySizeEd25519) -+ if err := extractPKEYPrivEd25519(k._pkey, priv); err != nil { -+ return nil, err -+ } -+ return priv, nil -+} -+ -+func (k *PrivateKeyEd25519) Public() (*PublicKeyEd25519, error) { -+ pub := make([]byte, publicKeySizeEd25519) -+ if err := extractPKEYPubEd25519(k._pkey, pub); err != nil { -+ return nil, err -+ } -+ pubk, err := NewPublicKeyEd25519(pub) -+ if err != nil { -+ return nil, err -+ } -+ return pubk, nil -+} -+ -+// GenerateKeyEd25519 generates a private key. -+func GenerateKeyEd25519() (*PrivateKeyEd25519, error) { -+ pkeyPriv, err := generateEVPPKey(ossl.EVP_PKEY_ED25519, 0, "") -+ if err != nil { -+ return nil, err -+ } -+ priv := &PrivateKeyEd25519{_pkey: pkeyPriv} -+ runtime.SetFinalizer(priv, (*PrivateKeyEd25519).finalize) -+ return priv, nil -+} -+ -+// Deprecated: use NewPrivateKeyEd25519 instead. -+func NewPrivateKeyEd25119(priv []byte) (*PrivateKeyEd25519, error) { -+ return NewPrivateKeyEd25519(priv) -+} -+ -+func NewPrivateKeyEd25519(priv []byte) (*PrivateKeyEd25519, error) { -+ if len(priv) != privateKeySizeEd25519 { -+ panic("ed25519: bad private key length: " + strconv.Itoa(len(priv))) -+ } -+ return NewPrivateKeyEd25519FromSeed(priv[:seedSizeEd25519]) -+} -+ -+// Deprecated: use NewPublicKeyEd25519 instead. -+func NewPublicKeyEd25119(pub []byte) (*PublicKeyEd25519, error) { -+ return NewPublicKeyEd25519(pub) -+} -+ -+func NewPublicKeyEd25519(pub []byte) (*PublicKeyEd25519, error) { -+ if len(pub) != publicKeySizeEd25519 { -+ panic("ed25519: bad public key length: " + strconv.Itoa(len(pub))) -+ } -+ pkey, err := ossl.EVP_PKEY_new_raw_public_key(ossl.EVP_PKEY_ED25519, nil, base(pub), len(pub)) -+ if err != nil { -+ return nil, err -+ } -+ pubk := &PublicKeyEd25519{_pkey: pkey} -+ runtime.SetFinalizer(pubk, (*PublicKeyEd25519).finalize) -+ return pubk, nil -+} -+ -+// NewPrivateKeyEd25519FromSeed calculates a private key from a seed. It will panic if -+// len(seed) is not [SeedSize]. RFC 8032's private keys correspond to seeds in this -+// package. -+func NewPrivateKeyEd25519FromSeed(seed []byte) (*PrivateKeyEd25519, error) { -+ if len(seed) != seedSizeEd25519 { -+ panic("ed25519: bad seed length: " + strconv.Itoa(len(seed))) -+ } -+ pkey, err := ossl.EVP_PKEY_new_raw_private_key(ossl.EVP_PKEY_ED25519, nil, base(seed), len(seed)) -+ if err != nil { -+ return nil, err -+ } -+ priv := &PrivateKeyEd25519{_pkey: pkey} -+ runtime.SetFinalizer(priv, (*PrivateKeyEd25519).finalize) -+ return priv, nil -+} -+ -+func extractPKEYPubEd25519(pkey ossl.EVP_PKEY_PTR, pub []byte) error { -+ keylen := publicKeySizeEd25519 -+ if _, err := ossl.EVP_PKEY_get_raw_public_key(pkey, base(pub), &keylen); err != nil { -+ return err -+ } -+ if keylen != publicKeySizeEd25519 { -+ return errors.New("ed25519: bad public key length: " + strconv.Itoa(keylen)) -+ } -+ return nil -+} -+ -+func extractPKEYPrivEd25519(pkey ossl.EVP_PKEY_PTR, priv []byte) error { -+ if err := extractPKEYPubEd25519(pkey, priv[seedSizeEd25519:]); err != nil { -+ return err -+ } -+ keylen := seedSizeEd25519 -+ if _, err := ossl.EVP_PKEY_get_raw_private_key(pkey, base(priv), &keylen); err != nil { -+ return err -+ } -+ if keylen != seedSizeEd25519 { -+ return errors.New("ed25519: bad private key length: " + strconv.Itoa(keylen)) -+ } -+ return nil -+} -+ -+// SignEd25519 signs the message with priv and returns a signature. -+func SignEd25519(priv *PrivateKeyEd25519, message []byte) (sig []byte, err error) { -+ // Outline the function body so that the returned key can be stack-allocated. -+ sig = make([]byte, signatureSizeEd25519) -+ err = signEd25519(priv, sig, message) -+ if err != nil { -+ return nil, err -+ } -+ return sig, err -+} -+ -+func signEd25519(priv *PrivateKeyEd25519, sig, message []byte) error { -+ defer runtime.KeepAlive(priv) -+ ctx, err := ossl.EVP_MD_CTX_new() -+ if err != nil { -+ return err -+ } -+ defer ossl.EVP_MD_CTX_free(ctx) -+ if _, err := ossl.EVP_DigestSignInit(ctx, nil, nil, nil, priv._pkey); err != nil { -+ return err -+ } -+ siglen := signatureSizeEd25519 -+ if _, err := ossl.EVP_DigestSign(ctx, base(sig), &siglen, base(message), len(message)); err != nil { -+ return err -+ } -+ if siglen != signatureSizeEd25519 { -+ return errors.New("ed25519: bad signature length: " + strconv.Itoa(siglen)) -+ } -+ return nil -+} -+ -+// VerifyEd25519 reports whether sig is a valid signature of message by pub. -+func VerifyEd25519(pub *PublicKeyEd25519, message, sig []byte) error { -+ defer runtime.KeepAlive(pub) -+ ctx, err := ossl.EVP_MD_CTX_new() -+ if err != nil { -+ return err -+ } -+ defer ossl.EVP_MD_CTX_free(ctx) -+ if _, err := ossl.EVP_DigestVerifyInit(ctx, nil, nil, nil, pub._pkey); err != nil { -+ return err -+ } -+ if _, err := ossl.EVP_DigestVerify(ctx, base(sig), len(sig), base(message), len(message)); err != nil { -+ return errors.New("ed25519: invalid signature") -+ } -+ return nil -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/evp.go b/src/vendor/github.com/golang-fips/openssl/v2/evp.go -new file mode 100644 -index 00000000000000..a6ad55906ecd8a ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/evp.go -@@ -0,0 +1,590 @@ -+//go:build !cmd_go_bootstrap -+ -+package openssl -+ -+import "C" -+import ( -+ "crypto" -+ "errors" -+ "hash" -+ "strconv" -+ "sync" -+ "unsafe" -+ -+ "github.com/golang-fips/openssl/v2/internal/ossl" -+) -+ -+// cacheMD is a cache of crypto.Hash to GOossl.EVP_MD_PTR. -+var cacheMD sync.Map -+ -+// hashFuncHash calls fn() and returns its result. -+// If fn() panics, the panic is recovered and returned as an error. -+// This is used to avoid aborting the program when calling -+// an unsupported hash function. It is the caller's responsibility -+// to check the returned value. -+func hashFuncHash(fn func() hash.Hash) (h hash.Hash, err error) { -+ defer func() { -+ r := recover() -+ if r == nil { -+ return -+ } -+ h = nil -+ switch e := r.(type) { -+ case error: -+ err = e -+ case string: -+ err = errors.New(e) -+ default: -+ err = errors.New("unsupported panic") -+ } -+ }() -+ return fn(), nil -+} -+ -+// hashToMD converts a hash.Hash implementation from this package to a GOossl.EVP_MD_PTR. -+func hashToMD(h hash.Hash) ossl.EVP_MD_PTR { -+ if h, ok := h.(*evpHash); ok { -+ return h.alg.md -+ } -+ return nil -+} -+ -+// hashFuncToMD converts a hash.Hash function to a GOossl.EVP_MD_PTR. -+// See [hashFuncHash] for details on error handling. -+func hashFuncToMD(fn func() hash.Hash) (ossl.EVP_MD_PTR, error) { -+ h, err := hashFuncHash(fn) -+ if err != nil { -+ return nil, err -+ } -+ md := hashToMD(h) -+ if md == nil { -+ return nil, errors.New("unsupported hash function") -+ } -+ return md, nil -+} -+ -+// provider is an identifier for a known provider. -+type provider uint8 -+ -+const ( -+ providerNone provider = iota -+ providerOSSLDefault -+ providerOSSLFIPS -+ providerSymCrypt -+) -+ -+type hashAlgorithm struct { -+ md ossl.EVP_MD_PTR -+ ch crypto.Hash -+ size int -+ blockSize int -+ provider provider -+ marshallable bool -+ magic string -+ marshalledSize int -+} -+ -+// loadHash converts a crypto.Hash to a EVP_MD. -+func loadHash(ch crypto.Hash) *hashAlgorithm { -+ if v, ok := cacheMD.Load(ch); ok { -+ return v.(*hashAlgorithm) -+ } -+ -+ var hash hashAlgorithm -+ switch ch { -+ case crypto.RIPEMD160: -+ hash.md = ossl.EVP_ripemd160() -+ case crypto.MD4: -+ hash.md = ossl.EVP_md4() -+ case crypto.MD5: -+ hash.md = ossl.EVP_md5() -+ hash.magic = magicMD5 -+ hash.marshalledSize = marshaledSizeMD5 -+ case crypto.MD5SHA1: -+ hash.md = ossl.EVP_md5_sha1() -+ case crypto.SHA1: -+ hash.md = ossl.EVP_sha1() -+ hash.magic = magic1 -+ hash.marshalledSize = marshaledSize1 -+ case crypto.SHA224: -+ hash.md = ossl.EVP_sha224() -+ hash.magic = magic224 -+ hash.marshalledSize = marshaledSize256 -+ case crypto.SHA256: -+ hash.md = ossl.EVP_sha256() -+ hash.magic = magic256 -+ hash.marshalledSize = marshaledSize256 -+ case crypto.SHA384: -+ hash.md = ossl.EVP_sha384() -+ hash.magic = magic384 -+ hash.marshalledSize = marshaledSize512 -+ case crypto.SHA512: -+ hash.md = ossl.EVP_sha512() -+ hash.magic = magic512 -+ hash.marshalledSize = marshaledSize512 -+ case crypto.SHA512_224: -+ if versionAtOrAbove(1, 1, 1) { -+ hash.md = ossl.EVP_sha512_224() -+ hash.magic = magic512_224 -+ hash.marshalledSize = marshaledSize512 -+ } -+ case crypto.SHA512_256: -+ if versionAtOrAbove(1, 1, 1) { -+ hash.md = ossl.EVP_sha512_256() -+ hash.magic = magic512_256 -+ hash.marshalledSize = marshaledSize512 -+ } -+ case crypto.SHA3_224: -+ if versionAtOrAbove(1, 1, 1) { -+ hash.md = ossl.EVP_sha3_224() -+ } -+ case crypto.SHA3_256: -+ if versionAtOrAbove(1, 1, 1) { -+ hash.md = ossl.EVP_sha3_256() -+ } -+ case crypto.SHA3_384: -+ if versionAtOrAbove(1, 1, 1) { -+ hash.md = ossl.EVP_sha3_384() -+ } -+ case crypto.SHA3_512: -+ if versionAtOrAbove(1, 1, 1) { -+ hash.md = ossl.EVP_sha3_512() -+ } -+ } -+ if hash.md == nil { -+ cacheMD.Store(ch, (*hashAlgorithm)(nil)) -+ return nil -+ } -+ hash.ch = ch -+ hash.size = int(ossl.EVP_MD_get_size(hash.md)) -+ hash.blockSize = int(ossl.EVP_MD_get_block_size(hash.md)) -+ if vMajor == 3 { -+ // On OpenSSL 3, directly operating on a EVP_MD object -+ // not created by EVP_MD_fetch has negative performance -+ // implications, as digest operations will have -+ // to fetch it on every call. Better to just fetch it once here. -+ md, _ := ossl.EVP_MD_fetch(nil, ossl.EVP_MD_get0_name(hash.md), nil) -+ // Don't overwrite md in case it can't be fetched, as the md may still be used -+ // outside of EVP_MD_CTX, for example to sign and verify RSA signatures. -+ if md != nil { -+ hash.md = md -+ } -+ } -+ if hash.magic != "" { -+ if hash.marshalledSize == 0 { -+ panic("marshalledSize must be set for " + hash.magic) -+ } -+ } -+ -+ switch vMajor { -+ case 1: -+ hash.provider = providerOSSLDefault -+ case 3: -+ if prov := ossl.EVP_MD_get0_provider(hash.md); prov != nil { -+ cname := ossl.OSSL_PROVIDER_get0_name(prov) -+ switch C.GoString((*C.char)(unsafe.Pointer(cname))) { -+ case "default": -+ hash.provider = providerOSSLDefault -+ hash.marshallable = hash.magic != "" -+ case "fips": -+ hash.provider = providerOSSLFIPS -+ hash.marshallable = hash.magic != "" -+ case "symcryptprovider": -+ hash.provider = providerSymCrypt -+ hash.marshallable = hash.magic != "" && isSymCryptHashStateSerializable(hash.md) -+ } -+ } -+ default: -+ panic(errUnsupportedVersion()) -+ } -+ -+ cacheMD.Store(ch, &hash) -+ return &hash -+} -+ -+// generateEVPPKey generates a new EVP_PKEY with the given id and properties. -+func generateEVPPKey(id, bits int32, curve string) (ossl.EVP_PKEY_PTR, error) { -+ if bits != 0 && curve != "" { -+ return nil, fail("incorrect generateEVPPKey parameters") -+ } -+ var pkey ossl.EVP_PKEY_PTR -+ switch vMajor { -+ case 1: -+ ctx, err := ossl.EVP_PKEY_CTX_new_id(id, nil) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EVP_PKEY_CTX_free(ctx) -+ if _, err := ossl.EVP_PKEY_keygen_init(ctx); err != nil { -+ return nil, err -+ } -+ if bits != 0 { -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, id, -1, ossl.EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, nil); err != nil { -+ return nil, err -+ } -+ } -+ if curve != "" { -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, id, -1, ossl.EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, curveNID(curve), nil); err != nil { -+ return nil, err -+ } -+ } -+ if _, err := ossl.EVP_PKEY_keygen(ctx, &pkey); err != nil { -+ return nil, err -+ } -+ case 3: -+ var err error -+ switch id { -+ case ossl.EVP_PKEY_RSA: -+ pkey, err = ossl.EVP_PKEY_Q_keygen_RSA(nil, nil, _KeyTypeRSA.ptr(), int(bits)) -+ case ossl.EVP_PKEY_EC: -+ pkey, err = ossl.EVP_PKEY_Q_keygen_EC(nil, nil, _KeyTypeEC.ptr(), ossl.OBJ_nid2sn(curveNID(curve))) -+ case ossl.EVP_PKEY_ED25519: -+ pkey, err = ossl.EVP_PKEY_Q_keygen_ED25519(nil, nil, _KeyTypeED25519.ptr()) -+ default: -+ panic("unsupported key type '" + strconv.Itoa(int(id)) + "'") -+ } -+ if err != nil { -+ return nil, err -+ } -+ default: -+ panic(errUnsupportedVersion()) -+ } -+ -+ return pkey, nil -+} -+ -+type withKeyFunc func(func(ossl.EVP_PKEY_PTR) error) error -+type initFunc func(ossl.EVP_PKEY_CTX_PTR) error -+type cryptFunc func(ossl.EVP_PKEY_CTX_PTR, *byte, *int, *byte, int) error -+type verifyFunc func(ossl.EVP_PKEY_CTX_PTR, *byte, int, *byte, int) error -+ -+func setupEVP(withKey withKeyFunc, padding int32, -+ h, mgfHash hash.Hash, label []byte, saltLen int32, ch crypto.Hash, -+ init initFunc) (_ ossl.EVP_PKEY_CTX_PTR, err error) { -+ var ctx ossl.EVP_PKEY_CTX_PTR -+ if err := withKey(func(pkey ossl.EVP_PKEY_PTR) error { -+ ctx, err = ossl.EVP_PKEY_CTX_new(pkey, nil) -+ return err -+ }); err != nil { -+ return nil, err -+ } -+ defer func() { -+ if err != nil { -+ if ctx != nil { -+ ossl.EVP_PKEY_CTX_free(ctx) -+ ctx = nil -+ } -+ } -+ }() -+ if err := init(ctx); err != nil { -+ return nil, err -+ } -+ if padding == 0 { -+ return ctx, nil -+ } -+ // Each padding type has its own requirements in terms of when to apply the padding, -+ // so it can't be just set at this point. -+ setPadding := func() error { -+ _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_PADDING, padding, nil) -+ return err -+ } -+ switch padding { -+ case ossl.RSA_PKCS1_OAEP_PADDING: -+ md := hashToMD(h) -+ if md == nil { -+ return nil, errors.New("crypto/rsa: unsupported hash function") -+ } -+ var mgfMD ossl.EVP_MD_PTR -+ if mgfHash != nil { -+ // mgfHash is optional, but if it is set it must match a supported hash function. -+ mgfMD = hashToMD(mgfHash) -+ if mgfMD == nil { -+ return nil, errors.New("crypto/rsa: unsupported hash function") -+ } -+ } -+ // setPadding must happen before setting EVP_PKEY_CTRL_RSA_OAEP_MD. -+ if err := setPadding(); err != nil { -+ return nil, err -+ } -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_OAEP_MD, 0, unsafe.Pointer(md)); err != nil { -+ return nil, err -+ } -+ if mgfHash != nil { -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_MGF1_MD, 0, unsafe.Pointer(mgfMD)); err != nil { -+ return nil, err -+ } -+ } -+ // ctx takes ownership of label, so malloc a copy for OpenSSL to free. -+ // OpenSSL does not take ownership of the label if the length is zero, -+ // so better avoid the allocation. -+ var clabel *byte -+ if len(label) > 0 { -+ clabel = (*byte)(cryptoMalloc(len(label))) -+ copy((*[1 << 30]byte)(unsafe.Pointer(clabel))[:len(label)], label) -+ var err error -+ if vMajor == 3 { -+ _, err = ossl.EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, unsafe.Pointer(clabel), int32(len(label))) -+ } else { -+ _, err = ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_OAEP_LABEL, int32(len(label)), unsafe.Pointer(clabel)) -+ } -+ if err != nil { -+ cryptoFree(unsafe.Pointer(clabel)) -+ return nil, err -+ } -+ } -+ case ossl.RSA_PKCS1_PSS_PADDING: -+ alg := loadHash(ch) -+ if alg == nil { -+ return nil, errors.New("crypto/rsa: unsupported hash function") -+ } -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_MD, 0, unsafe.Pointer(alg.md)); err != nil { -+ return nil, err -+ } -+ // setPadding must happen after setting EVP_PKEY_CTRL_MD. -+ if err := setPadding(); err != nil { -+ return nil, err -+ } -+ if saltLen != 0 { -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_PSS_SALTLEN, saltLen, nil); err != nil { -+ return nil, err -+ } -+ } -+ -+ case ossl.RSA_PKCS1_PADDING: -+ if ch != 0 { -+ // We support unhashed messages. -+ alg := loadHash(ch) -+ if alg == nil { -+ return nil, errors.New("crypto/rsa: unsupported hash function") -+ } -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, -1, ossl.EVP_PKEY_CTRL_MD, 0, unsafe.Pointer(alg.md)); err != nil { -+ return nil, err -+ } -+ if err := setPadding(); err != nil { -+ return nil, err -+ } -+ } -+ default: -+ if err := setPadding(); err != nil { -+ return nil, err -+ } -+ } -+ return ctx, nil -+} -+ -+func cryptEVP(withKey withKeyFunc, padding int32, -+ h, mgfHash hash.Hash, label []byte, saltLen int32, ch crypto.Hash, -+ init initFunc, crypt cryptFunc, in []byte) ([]byte, error) { -+ -+ ctx, err := setupEVP(withKey, padding, h, mgfHash, label, saltLen, ch, init) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EVP_PKEY_CTX_free(ctx) -+ var pkeySize int32 -+ if err := withKey(func(pkey ossl.EVP_PKEY_PTR) (err error) { -+ pkeySize, err = ossl.EVP_PKEY_get_size(pkey) -+ return err -+ }); err != nil { -+ return nil, err -+ } -+ outLen := int(pkeySize) -+ out := make([]byte, pkeySize) -+ if err := crypt(ctx, base(out), &outLen, base(in), len(in)); err != nil { -+ return nil, err -+ } -+ // The size returned by EVP_PKEY_get_size() is only preliminary and not exact, -+ // so the final contents of the out buffer may be smaller. -+ return out[:outLen], nil -+} -+ -+func verifyEVP(withKey withKeyFunc, padding int32, -+ h hash.Hash, label []byte, saltLen int32, ch crypto.Hash, -+ init initFunc, verify verifyFunc, -+ sig, in []byte) error { -+ -+ ctx, err := setupEVP(withKey, padding, h, nil, label, saltLen, ch, init) -+ if err != nil { -+ return err -+ } -+ defer ossl.EVP_PKEY_CTX_free(ctx) -+ return verify(ctx, base(sig), len(sig), base(in), len(in)) -+} -+ -+func evpEncrypt(withKey withKeyFunc, padding int32, h, mgfHash hash.Hash, label, msg []byte) ([]byte, error) { -+ encryptInit := func(ctx ossl.EVP_PKEY_CTX_PTR) error { -+ _, err := ossl.EVP_PKEY_encrypt_init(ctx) -+ return err -+ } -+ encrypt := func(ctx ossl.EVP_PKEY_CTX_PTR, out *byte, outLen *int, in *byte, inLen int) error { -+ if _, err := ossl.EVP_PKEY_encrypt(ctx, out, outLen, in, inLen); err != nil { -+ return err -+ } -+ return nil -+ } -+ return cryptEVP(withKey, padding, h, mgfHash, label, 0, 0, encryptInit, encrypt, msg) -+} -+ -+func evpDecrypt(withKey withKeyFunc, padding int32, h, mgfHash hash.Hash, label, msg []byte) ([]byte, error) { -+ decryptInit := func(ctx ossl.EVP_PKEY_CTX_PTR) error { -+ _, err := ossl.EVP_PKEY_decrypt_init(ctx) -+ return err -+ } -+ decrypt := func(ctx ossl.EVP_PKEY_CTX_PTR, out *byte, outLen *int, in *byte, inLen int) error { -+ _, err := ossl.EVP_PKEY_decrypt(ctx, out, outLen, in, inLen) -+ return err -+ } -+ return cryptEVP(withKey, padding, h, mgfHash, label, 0, 0, decryptInit, decrypt, msg) -+} -+ -+func evpSign(withKey withKeyFunc, padding int32, saltLen int32, h crypto.Hash, hashed []byte) ([]byte, error) { -+ signtInit := func(ctx ossl.EVP_PKEY_CTX_PTR) error { -+ _, err := ossl.EVP_PKEY_sign_init(ctx) -+ return err -+ } -+ sign := func(ctx ossl.EVP_PKEY_CTX_PTR, out *byte, outLen *int, in *byte, inLen int) error { -+ _, err := ossl.EVP_PKEY_sign(ctx, out, outLen, in, inLen) -+ return err -+ } -+ return cryptEVP(withKey, padding, nil, nil, nil, saltLen, h, signtInit, sign, hashed) -+} -+ -+func evpVerify(withKey withKeyFunc, padding int32, saltLen int32, h crypto.Hash, sig, hashed []byte) error { -+ verifyInit := func(ctx ossl.EVP_PKEY_CTX_PTR) error { -+ _, err := ossl.EVP_PKEY_verify_init(ctx) -+ return err -+ } -+ verify := func(ctx ossl.EVP_PKEY_CTX_PTR, out *byte, outLen int, in *byte, inLen int) error { -+ _, err := ossl.EVP_PKEY_verify(ctx, out, outLen, in, inLen) -+ return err -+ } -+ return verifyEVP(withKey, padding, nil, nil, saltLen, h, verifyInit, verify, sig, hashed) -+} -+ -+func evpHashSign(withKey withKeyFunc, h crypto.Hash, msg []byte) ([]byte, error) { -+ alg := loadHash(h) -+ if alg == nil { -+ return nil, errors.New("unsupported hash function: " + strconv.Itoa(int(h))) -+ } -+ var out []byte -+ var outLen int -+ ctx, err := ossl.EVP_MD_CTX_new() -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EVP_MD_CTX_free(ctx) -+ if err := withKey(func(key ossl.EVP_PKEY_PTR) error { -+ _, err := ossl.EVP_DigestSignInit(ctx, nil, alg.md, nil, key) -+ return err -+ }); err != nil { -+ return nil, err -+ } -+ if len(msg) > 0 { -+ if _, err := ossl.EVP_DigestUpdate(ctx, pbase(msg), len(msg)); err != nil { -+ return nil, err -+ } -+ } -+ // Obtain the signature length -+ if _, err := ossl.EVP_DigestSignFinal(ctx, nil, &outLen); err != nil { -+ return nil, err -+ } -+ out = make([]byte, outLen) -+ // Obtain the signature -+ if _, err := ossl.EVP_DigestSignFinal(ctx, base(out), &outLen); err != nil { -+ return nil, err -+ } -+ return out[:outLen], nil -+} -+ -+func evpHashVerify(withKey withKeyFunc, h crypto.Hash, msg, sig []byte) error { -+ alg := loadHash(h) -+ if alg == nil { -+ return errors.New("unsupported hash function: " + strconv.Itoa(int(h))) -+ } -+ ctx, err := ossl.EVP_MD_CTX_new() -+ if err != nil { -+ return err -+ } -+ defer ossl.EVP_MD_CTX_free(ctx) -+ if err := withKey(func(key ossl.EVP_PKEY_PTR) error { -+ _, err := ossl.EVP_DigestVerifyInit(ctx, nil, alg.md, nil, key) -+ return err -+ }); err != nil { -+ return err -+ } -+ if len(msg) > 0 { -+ if _, err := ossl.EVP_DigestUpdate(ctx, pbase(msg), len(msg)); err != nil { -+ return err -+ } -+ } -+ if _, err := ossl.EVP_DigestVerifyFinal(ctx, base(sig), len(sig)); err != nil { -+ return err -+ } -+ return nil -+} -+ -+func newEVPPKEY(key ossl.EC_KEY_PTR) (ossl.EVP_PKEY_PTR, error) { -+ pkey, err := ossl.EVP_PKEY_new() -+ if err != nil { -+ return nil, err -+ } -+ if _, err := ossl.EVP_PKEY_assign(pkey, ossl.EVP_PKEY_EC, unsafe.Pointer(key)); err != nil { -+ ossl.EVP_PKEY_free(pkey) -+ return nil, err -+ } -+ return pkey, nil -+} -+ -+// getECKey returns the EC_KEY from pkey. -+// If pkey does not contain an EC_KEY it panics. -+// The returned key should not be freed. -+func getECKey(pkey ossl.EVP_PKEY_PTR) ossl.EC_KEY_PTR { -+ key, err := ossl.EVP_PKEY_get0_EC_KEY(pkey) -+ if err != nil { -+ panic(err) -+ } -+ return key -+} -+ -+func newEvpFromParams(id int32, selection int32, params ossl.OSSL_PARAM_PTR) (ossl.EVP_PKEY_PTR, error) { -+ ctx, err := ossl.EVP_PKEY_CTX_new_id(id, nil) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EVP_PKEY_CTX_free(ctx) -+ if _, err := ossl.EVP_PKEY_fromdata_init(ctx); err != nil { -+ return nil, err -+ } -+ var pkey ossl.EVP_PKEY_PTR -+ if _, err := ossl.EVP_PKEY_fromdata(ctx, &pkey, selection, params); err != nil { -+ if vMajor == 3 && vMinor <= 2 { -+ // OpenSSL 3.0.1 and 3.0.2 have a bug where EVP_PKEY_fromdata -+ // does not free the internally allocated EVP_PKEY on error. -+ // See https://github.com/openssl/openssl/issues/17407. -+ ossl.EVP_PKEY_free(pkey) -+ } -+ return nil, err -+ } -+ return pkey, nil -+} -+ -+func checkPkey(pkey ossl.EVP_PKEY_PTR, isPrivate bool) error { -+ ctx, err := ossl.EVP_PKEY_CTX_new(pkey, nil) -+ if err != nil { -+ return err -+ } -+ defer ossl.EVP_PKEY_CTX_free(ctx) -+ if isPrivate { -+ if _, err := ossl.EVP_PKEY_private_check(ctx); err != nil { -+ // Match upstream error message. -+ return errors.New("invalid private key") -+ } -+ } else { -+ // Upstream Go does a partial check here, so do we. -+ if _, err := ossl.EVP_PKEY_public_check_quick(ctx); err != nil { -+ // Match upstream error message. -+ return errors.New("invalid public key") -+ } -+ } -+ return nil -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/hash.go b/src/vendor/github.com/golang-fips/openssl/v2/hash.go -new file mode 100644 -index 00000000000000..621822102024f8 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/hash.go -@@ -0,0 +1,455 @@ -+//go:build !cmd_go_bootstrap -+ -+package openssl -+ -+import "C" -+import ( -+ "crypto" -+ "errors" -+ "hash" -+ "runtime" -+ "strconv" -+ "sync" -+ "unsafe" -+ -+ "github.com/golang-fips/openssl/v2/internal/ossl" -+) -+ -+const ( -+ magicMD5 = "md5\x01" -+ magic1 = "sha\x01" -+ magic224 = "sha\x02" -+ magic256 = "sha\x03" -+ magic384 = "sha\x04" -+ magic512_224 = "sha\x05" -+ magic512_256 = "sha\x06" -+ magic512 = "sha\x07" -+ -+ marshaledSizeMD5 = len(magicMD5) + 4*4 + 64 + 8 // from crypto/md5 -+ marshaledSize1 = len(magic1) + 5*4 + 64 + 8 // from crypto/sha1 -+ marshaledSize256 = len(magic256) + 8*4 + 64 + 8 // from crypto/sha256 -+ marshaledSize512 = len(magic512) + 8*8 + 128 + 8 // from crypto/sha512 -+) -+ -+// maxHashSize is the size of SHA52 and SHA3_512, the largest hashes we support. -+const maxHashSize = 64 -+ -+func hashOneShot(ch crypto.Hash, p []byte, sum []byte) bool { -+ _, err := ossl.EVP_Digest(pbaseNeverEmpty(p), len(p), base(sum), nil, loadHash(ch).md, nil) -+ return err == nil -+} -+ -+func MD4(p []byte) (sum [16]byte) { -+ if !hashOneShot(crypto.MD4, p, sum[:]) { -+ panic("openssl: MD4 failed") -+ } -+ return -+} -+ -+func MD5(p []byte) (sum [16]byte) { -+ if !hashOneShot(crypto.MD5, p, sum[:]) { -+ panic("openssl: MD5 failed") -+ } -+ return -+} -+ -+func SHA1(p []byte) (sum [20]byte) { -+ if !hashOneShot(crypto.SHA1, p, sum[:]) { -+ panic("openssl: SHA1 failed") -+ } -+ return -+} -+ -+func SHA224(p []byte) (sum [28]byte) { -+ if !hashOneShot(crypto.SHA224, p, sum[:]) { -+ panic("openssl: SHA224 failed") -+ } -+ return -+} -+ -+func SHA256(p []byte) (sum [32]byte) { -+ if !hashOneShot(crypto.SHA256, p, sum[:]) { -+ panic("openssl: SHA256 failed") -+ } -+ return -+} -+ -+func SHA384(p []byte) (sum [48]byte) { -+ if !hashOneShot(crypto.SHA384, p, sum[:]) { -+ panic("openssl: SHA384 failed") -+ } -+ return -+} -+ -+func SHA512(p []byte) (sum [64]byte) { -+ if !hashOneShot(crypto.SHA512, p, sum[:]) { -+ panic("openssl: SHA512 failed") -+ } -+ return -+} -+ -+func SHA512_224(p []byte) (sum [28]byte) { -+ if !hashOneShot(crypto.SHA512_224, p, sum[:]) { -+ panic("openssl: SHA512 failed") -+ } -+ return -+} -+ -+func SHA512_256(p []byte) (sum [32]byte) { -+ if !hashOneShot(crypto.SHA512_256, p, sum[:]) { -+ panic("openssl: SHA512_256 failed") -+ } -+ return -+} -+ -+// cacheHashSupported is a cache of crypto.Hash support. -+var cacheHashSupported sync.Map -+ -+// SupportsHash reports whether the current OpenSSL version supports the given hash. -+func SupportsHash(h crypto.Hash) bool { -+ if v, ok := cacheHashSupported.Load(h); ok { -+ return v.(bool) -+ } -+ alg := loadHash(h) -+ if alg == nil { -+ cacheHashSupported.Store(h, false) -+ return false -+ } -+ // EVP_MD objects can be non-nil even when they can't be used -+ // in a EVP_MD_CTX, e.g. MD5 in FIPS mode. We need to prove -+ // if they can be used by passing them to a EVP_MD_CTX. -+ var supported bool -+ if ctx, _ := ossl.EVP_MD_CTX_new(); ctx != nil { -+ _, err := ossl.EVP_DigestInit_ex(ctx, alg.md, nil) -+ supported = err == nil -+ ossl.EVP_MD_CTX_free(ctx) -+ } -+ cacheHashSupported.Store(h, supported) -+ return supported -+} -+ -+func SHA3_224(p []byte) (sum [28]byte) { -+ if !hashOneShot(crypto.SHA3_224, p, sum[:]) { -+ panic("openssl: SHA3_224 failed") -+ } -+ return -+} -+ -+func SHA3_256(p []byte) (sum [32]byte) { -+ if !hashOneShot(crypto.SHA3_256, p, sum[:]) { -+ panic("openssl: SHA3_256 failed") -+ } -+ return -+} -+ -+func SHA3_384(p []byte) (sum [48]byte) { -+ if !hashOneShot(crypto.SHA3_384, p, sum[:]) { -+ panic("openssl: SHA3_384 failed") -+ } -+ return -+} -+ -+func SHA3_512(p []byte) (sum [64]byte) { -+ if !hashOneShot(crypto.SHA3_512, p, sum[:]) { -+ panic("openssl: SHA3_512 failed") -+ } -+ return -+} -+ -+// NewMD4 returns a new MD4 hash. -+// The returned hash doesn't implement encoding.BinaryMarshaler and -+// encoding.BinaryUnmarshaler. -+func NewMD4() hash.Hash { -+ return newEvpHash(crypto.MD4) -+} -+ -+// NewMD5 returns a new MD5 hash. -+func NewMD5() hash.Hash { -+ return newEvpHash(crypto.MD5) -+} -+ -+// NewSHA1 returns a new SHA1 hash. -+func NewSHA1() hash.Hash { -+ return newEvpHash(crypto.SHA1) -+} -+ -+// NewSHA224 returns a new SHA224 hash. -+func NewSHA224() hash.Hash { -+ return newEvpHash(crypto.SHA224) -+} -+ -+// NewSHA256 returns a new SHA256 hash. -+func NewSHA256() hash.Hash { -+ return newEvpHash(crypto.SHA256) -+} -+ -+// NewSHA384 returns a new SHA384 hash. -+func NewSHA384() hash.Hash { -+ return newEvpHash(crypto.SHA384) -+} -+ -+// NewSHA512 returns a new SHA512 hash. -+func NewSHA512() hash.Hash { -+ return newEvpHash(crypto.SHA512) -+} -+ -+// NewSHA512_224 returns a new SHA512_224 hash. -+func NewSHA512_224() hash.Hash { -+ return newEvpHash(crypto.SHA512_224) -+} -+ -+// NewSHA512_256 returns a new SHA512_256 hash. -+func NewSHA512_256() hash.Hash { -+ return newEvpHash(crypto.SHA512_256) -+} -+ -+// NewSHA3_224 returns a new SHA3-224 hash. -+func NewSHA3_224() hash.Hash { -+ return newEvpHash(crypto.SHA3_224) -+} -+ -+// NewSHA3_256 returns a new SHA3-256 hash. -+func NewSHA3_256() hash.Hash { -+ return newEvpHash(crypto.SHA3_256) -+} -+ -+// NewSHA3_384 returns a new SHA3-384 hash. -+func NewSHA3_384() hash.Hash { -+ return newEvpHash(crypto.SHA3_384) -+} -+ -+// NewSHA3_512 returns a new SHA3-512 hash. -+func NewSHA3_512() hash.Hash { -+ return newEvpHash(crypto.SHA3_512) -+} -+ -+var _ hash.Hash = (*evpHash)(nil) -+var _ HashCloner = (*evpHash)(nil) -+ -+// evpHash implements generic hash methods. -+type evpHash struct { -+ alg *hashAlgorithm -+ ctx ossl.EVP_MD_CTX_PTR -+ // ctx2 is used in evpHash.sum to avoid changing -+ // the state of ctx. Having it here allows reusing the -+ // same allocated object multiple times. -+ ctx2 ossl.EVP_MD_CTX_PTR -+ out [maxHashSize]byte -+} -+ -+func newEvpHash(ch crypto.Hash) *evpHash { -+ alg := loadHash(ch) -+ if alg == nil { -+ panic("openssl: unsupported hash function: " + strconv.Itoa(int(ch))) -+ } -+ h := &evpHash{alg: alg} -+ // Don't call init() yet, it would be wasteful -+ // if the caller only wants to know the hash type. This -+ // is a common pattern in this package, as some functions -+ // accept a `func() hash.Hash` parameter and call it just -+ // to know the hash type. -+ return h -+} -+ -+func (h *evpHash) finalize() { -+ if h.ctx != nil { -+ ossl.EVP_MD_CTX_free(h.ctx) -+ } -+ if h.ctx2 != nil { -+ ossl.EVP_MD_CTX_free(h.ctx2) -+ } -+} -+ -+func (h *evpHash) init() { -+ if h.ctx != nil { -+ return -+ } -+ var err error -+ h.ctx, err = ossl.EVP_MD_CTX_new() -+ if err != nil { -+ panic(err) -+ } -+ if _, err := ossl.EVP_DigestInit_ex(h.ctx, h.alg.md, nil); err != nil { -+ ossl.EVP_MD_CTX_free(h.ctx) -+ panic(err) -+ } -+ h.ctx2, err = ossl.EVP_MD_CTX_new() -+ if err != nil { -+ ossl.EVP_MD_CTX_free(h.ctx) -+ panic(err) -+ } -+ runtime.SetFinalizer(h, (*evpHash).finalize) -+} -+ -+func (h *evpHash) Reset() { -+ if h.ctx == nil { -+ // The hash is not initialized yet, no need to reset. -+ return -+ } -+ // There is no need to reset h.ctx2 because it is always reset after -+ // use in evpHash.sum. -+ if _, err := ossl.EVP_DigestInit_ex(h.ctx, nil, nil); err != nil { -+ panic(err) -+ } -+ runtime.KeepAlive(h) -+} -+ -+func (h *evpHash) Write(p []byte) (int, error) { -+ if len(p) == 0 { -+ return 0, nil -+ } -+ h.init() -+ if _, err := ossl.EVP_DigestUpdate(h.ctx, pbase(p), len(p)); err != nil { -+ panic(err) -+ } -+ runtime.KeepAlive(h) -+ return len(p), nil -+} -+ -+func (h *evpHash) WriteString(s string) (int, error) { -+ if len(s) == 0 { -+ return 0, nil -+ } -+ h.init() -+ if _, err := ossl.EVP_DigestUpdate(h.ctx, unsafe.Pointer(unsafe.StringData(s)), len(s)); err != nil { -+ panic(err) -+ } -+ runtime.KeepAlive(h) -+ return len(s), nil -+} -+ -+func (h *evpHash) WriteByte(c byte) error { -+ h.init() -+ if _, err := ossl.EVP_DigestUpdate(h.ctx, unsafe.Pointer(&c), 1); err != nil { -+ panic(err) -+ } -+ runtime.KeepAlive(h) -+ return nil -+} -+ -+func (h *evpHash) Size() int { -+ return h.alg.size -+} -+ -+func (h *evpHash) BlockSize() int { -+ return h.alg.blockSize -+} -+ -+func (h *evpHash) Sum(in []byte) []byte { -+ h.init() -+ tmp := h.out[:h.Size()] // Create slice view -+ clear(tmp) -+ if err := ossl.HashSum(h.ctx, h.ctx2, tmp); err != nil { -+ panic(err) -+ } -+ runtime.KeepAlive(h) -+ return append(in, tmp...) -+} -+ -+// Clone returns a new evpHash object that is a deep clone of itself. -+// The duplicate object contains all state and data contained in the -+// original object at the point of duplication. -+func (h *evpHash) Clone() (HashCloner, error) { -+ h2 := &evpHash{alg: h.alg} -+ if h.ctx != nil { -+ var err error -+ h2.ctx, err = ossl.EVP_MD_CTX_new() -+ if err != nil { -+ panic(err) -+ } -+ if _, err := ossl.EVP_MD_CTX_copy_ex(h2.ctx, h.ctx); err != nil { -+ ossl.EVP_MD_CTX_free(h2.ctx) -+ panic(err) -+ } -+ h2.ctx2, err = ossl.EVP_MD_CTX_new() -+ if err != nil { -+ ossl.EVP_MD_CTX_free(h2.ctx) -+ panic(err) -+ } -+ runtime.SetFinalizer(h2, (*evpHash).finalize) -+ } -+ runtime.KeepAlive(h) -+ return h2, nil -+} -+ -+var errHashNotMarshallable = errors.New("openssl: hash state is not marshallable") -+ -+func (d *evpHash) MarshalBinary() ([]byte, error) { -+ if !d.alg.marshallable { -+ return nil, errHashNotMarshallable -+ } -+ buf := make([]byte, 0, d.alg.marshalledSize) -+ return d.AppendBinary(buf) -+} -+ -+func (d *evpHash) AppendBinary(buf []byte) ([]byte, error) { -+ defer runtime.KeepAlive(d) -+ if !d.alg.marshallable { -+ return nil, errHashNotMarshallable -+ } -+ d.init() -+ switch d.alg.provider { -+ case providerOSSLDefault, providerOSSLFIPS: -+ return osslHashAppendBinary(d.ctx, d.alg.ch, d.alg.magic, buf) -+ case providerSymCrypt: -+ return symCryptHashAppendBinary(d.ctx, d.alg.ch, d.alg.magic, buf) -+ default: -+ panic("openssl: unknown hash provider" + strconv.Itoa(int(d.alg.provider))) -+ } -+} -+ -+func (d *evpHash) UnmarshalBinary(b []byte) error { -+ defer runtime.KeepAlive(d) -+ d.init() -+ if !d.alg.marshallable { -+ return errHashNotMarshallable -+ } -+ if len(b) < len(d.alg.magic) || string(b[:len(d.alg.magic)]) != d.alg.magic { -+ return errors.New("openssl: invalid hash state identifier") -+ } -+ if len(b) != d.alg.marshalledSize { -+ return errors.New("openssl: invalid hash state size") -+ } -+ switch d.alg.provider { -+ case providerOSSLDefault, providerOSSLFIPS: -+ return osslHashUnmarshalBinary(d.ctx, d.alg.ch, d.alg.magic, b) -+ case providerSymCrypt: -+ return symCryptHashUnmarshalBinary(d.ctx, d.alg.ch, d.alg.magic, b) -+ default: -+ panic("openssl: unknown hash provider" + strconv.Itoa(int(d.alg.provider))) -+ } -+} -+ -+// appendUint64 appends x into b as a big endian byte sequence. -+func appendUint64(b []byte, x uint64) []byte { -+ return append(b, -+ byte(x>>56), -+ byte(x>>48), -+ byte(x>>40), -+ byte(x>>32), -+ byte(x>>24), -+ byte(x>>16), -+ byte(x>>8), -+ byte(x), -+ ) -+} -+ -+// appendUint32 appends x into b as a big endian byte sequence. -+func appendUint32(b []byte, x uint32) []byte { -+ return append(b, byte(x>>24), byte(x>>16), byte(x>>8), byte(x)) -+} -+ -+// consumeUint64 reads a big endian uint64 number from b. -+func consumeUint64(b []byte) ([]byte, uint64) { -+ _ = b[7] -+ x := uint64(b[7]) | uint64(b[6])<<8 | uint64(b[5])<<16 | uint64(b[4])<<24 | -+ uint64(b[3])<<32 | uint64(b[2])<<40 | uint64(b[1])<<48 | uint64(b[0])<<56 -+ return b[8:], x -+} -+ -+// consumeUint32 reads a big endian uint32 number from b. -+func consumeUint32(b []byte) ([]byte, uint32) { -+ _ = b[3] -+ x := uint32(b[3]) | uint32(b[2])<<8 | uint32(b[1])<<16 | uint32(b[0])<<24 -+ return b[4:], x -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/hashclone.go b/src/vendor/github.com/golang-fips/openssl/v2/hashclone.go -new file mode 100644 -index 00000000000000..423668c6acf239 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/hashclone.go -@@ -0,0 +1,14 @@ -+//go:build !go1.25 && !cmd_go_bootstrap -+ -+package openssl -+ -+import ( -+ "hash" -+) -+ -+// HashCloner is an interface that defines a Clone method. -+type HashCloner interface { -+ hash.Hash -+ // Clone returns a separate Hash instance with the same state as h. -+ Clone() (HashCloner, error) -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/hashclone_go125.go b/src/vendor/github.com/golang-fips/openssl/v2/hashclone_go125.go -new file mode 100644 -index 00000000000000..f1f2364c7246d4 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/hashclone_go125.go -@@ -0,0 +1,9 @@ -+//go:build go1.25 && !cmd_go_bootstrap -+ -+package openssl -+ -+import ( -+ "hash" -+) -+ -+type HashCloner = hash.Cloner -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/hkdf.go b/src/vendor/github.com/golang-fips/openssl/v2/hkdf.go -new file mode 100644 -index 00000000000000..0c2a431618f24b ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/hkdf.go -@@ -0,0 +1,434 @@ -+//go:build !cmd_go_bootstrap -+ -+package openssl -+ -+import "C" -+import ( -+ "errors" -+ "hash" -+ "io" -+ "runtime" -+ "sync" -+ "unsafe" -+ -+ "github.com/golang-fips/openssl/v2/internal/ossl" -+) -+ -+// SupprtHKDF reports whether the current OpenSSL version supports HKDF. -+func SupportsHKDF() bool { -+ switch vMajor { -+ case 1: -+ return versionAtOrAbove(1, 1, 1) -+ case 3: -+ _, err := fetchHKDF3() -+ return err == nil -+ default: -+ panic(errUnsupportedVersion()) -+ } -+} -+ -+// SupprtsTLS13KDF reports whether the current OpenSSL version supports TLS13-KDF. -+func SupportsTLS13KDF() bool { -+ switch vMajor { -+ case 1: -+ return false -+ case 3: -+ // TLS13-KDF is available in OpenSSL 3.0.0 and later. -+ _, err := fetchTLS13_KDF() -+ return err == nil -+ default: -+ panic(errUnsupportedVersion()) -+ } -+} -+ -+func newHKDFCtx1(md ossl.EVP_MD_PTR, mode int32, secret, salt, pseudorandomKey, info []byte) (ctx ossl.EVP_PKEY_CTX_PTR, err error) { -+ checkMajorVersion(1) -+ -+ ctx, err = ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_HKDF, nil) -+ if err != nil { -+ return nil, err -+ } -+ defer func() { -+ if err != nil { -+ ossl.EVP_PKEY_CTX_free(ctx) -+ } -+ }() -+ -+ if _, err := ossl.EVP_PKEY_derive_init(ctx); err != nil { -+ return ctx, err -+ } -+ -+ ctrlSlice := func(ctrl int32, data []byte) bool { -+ if err != nil { -+ return false -+ } -+ if len(data) == 0 { -+ return true // No data to set. -+ } -+ _, err = ossl.EVP_PKEY_CTX_ctrl(ctx, -1, ossl.EVP_PKEY_OP_DERIVE, ctrl, int32(len(data)), unsafe.Pointer(base(data))) -+ return err == nil -+ } -+ -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, ossl.EVP_PKEY_OP_DERIVE, ossl.EVP_PKEY_CTRL_HKDF_MODE, mode, nil); err != nil { -+ return ctx, err -+ } -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, ossl.EVP_PKEY_OP_DERIVE, ossl.EVP_PKEY_CTRL_HKDF_MD, 0, unsafe.Pointer(md)); err != nil { -+ return ctx, err -+ } -+ if ctrlSlice(ossl.EVP_PKEY_CTRL_HKDF_KEY, secret) && -+ ctrlSlice(ossl.EVP_PKEY_CTRL_HKDF_SALT, salt) && -+ ctrlSlice(ossl.EVP_PKEY_CTRL_HKDF_KEY, pseudorandomKey) && -+ ctrlSlice(ossl.EVP_PKEY_CTRL_HKDF_INFO, info) { -+ return ctx, err -+ } -+ return ctx, nil -+} -+ -+type hkdf1 struct { -+ ctx ossl.EVP_PKEY_CTX_PTR -+ -+ hashLen int -+ buf []byte -+} -+ -+func (c *hkdf1) finalize() { -+ if c.ctx != nil { -+ ossl.EVP_PKEY_CTX_free(c.ctx) -+ } -+} -+ -+func (c *hkdf1) Read(p []byte) (int, error) { -+ defer runtime.KeepAlive(c) -+ -+ // EVP_PKEY_derive doesn't support incremental output, each call -+ // derives the key from scratch and returns the requested bytes. -+ // To implement io.Reader, we need to ask for len(c.buf) + len(p) -+ // bytes and copy the last derived len(p) bytes to p. -+ // We use c.buf to know how many bytes we've already derived and -+ // to avoid allocating the whole output buffer on each call. -+ prevLen := len(c.buf) -+ needLen := len(p) -+ remains := 255*c.hashLen - prevLen -+ // Check whether enough data can be generated. -+ if remains < needLen { -+ return 0, errors.New("hkdf: entropy limit reached") -+ } -+ c.buf = append(c.buf, make([]byte, needLen)...) -+ outLen := prevLen + needLen -+ if _, err := ossl.EVP_PKEY_derive(c.ctx, base(c.buf), &outLen); err != nil { -+ return 0, err -+ } -+ n := copy(p, c.buf[prevLen:outLen]) -+ return n, nil -+} -+ -+// hkdfAllZerosSalt is a preallocated buffer of zeros used in ExtractHKDF(). -+// The size should be kept as large as the output length of any hash algorithm -+// used with HKDF. -+var hkdfAllZerosSalt [64]byte -+ -+// ExtractHDKF implements the HDKF extract step. -+// If salt is nil, then this function replaces it internally with a buffer of -+// zeros whose length equals the output length of the specified hash algorithm. -+func ExtractHKDF(h func() hash.Hash, secret, salt []byte) ([]byte, error) { -+ if !SupportsHKDF() { -+ return nil, errUnsupportedVersion() -+ } -+ -+ md, err := hashFuncToMD(h) -+ if err != nil { -+ return nil, err -+ } -+ -+ // If calling code specifies nil salt, replace it with a buffer of hashLen -+ // zeros, as specified in RFC 5896 and as OpenSSL EVP_KDF-HKDF documentation -+ // instructs. Take a slice of a preallocated buffer to avoid allocating new -+ // buffer per call, but fall back to allocating a buffer if preallocated -+ // buffer is not large enough. -+ if salt == nil { -+ hlen := h().Size() -+ if hlen > len(hkdfAllZerosSalt) { -+ salt = make([]byte, hlen) -+ } else { -+ salt = hkdfAllZerosSalt[:hlen] -+ } -+ } -+ -+ switch vMajor { -+ case 1: -+ ctx, err := newHKDFCtx1(md, ossl.EVP_KDF_HKDF_MODE_EXTRACT_ONLY, secret, salt, nil, nil) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EVP_PKEY_CTX_free(ctx) -+ var keylen int -+ if _, err := ossl.EVP_PKEY_derive(ctx, nil, &keylen); err != nil { -+ return nil, err -+ } -+ out := make([]byte, keylen) -+ if _, err := ossl.EVP_PKEY_derive(ctx, base(out), &keylen); err != nil { -+ return nil, err -+ } -+ return out[:keylen], nil -+ case 3: -+ ctx, err := newHKDFCtx3(md, ossl.EVP_KDF_HKDF_MODE_EXTRACT_ONLY, secret, salt, nil, nil) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EVP_KDF_CTX_free(ctx) -+ size, err := ossl.EVP_KDF_CTX_get_kdf_size(ctx) -+ if err != nil { -+ return nil, err -+ } -+ out := make([]byte, size) -+ if _, err := ossl.EVP_KDF_derive(ctx, base(out), len(out), nil); err != nil { -+ return nil, err -+ } -+ return out, nil -+ default: -+ panic(errUnsupportedVersion()) -+ } -+} -+ -+// ExpandHKDFOneShot derives a key from the given hash, key, and optional context info. -+func ExpandHKDFOneShot(h func() hash.Hash, pseudorandomKey, info []byte, keyLength int) ([]byte, error) { -+ if !SupportsHKDF() { -+ return nil, errUnsupportedVersion() -+ } -+ -+ md, err := hashFuncToMD(h) -+ if err != nil { -+ return nil, err -+ } -+ -+ out := make([]byte, keyLength) -+ switch vMajor { -+ case 1: -+ ctx, err := newHKDFCtx1(md, ossl.EVP_KDF_HKDF_MODE_EXPAND_ONLY, nil, nil, pseudorandomKey, info) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EVP_PKEY_CTX_free(ctx) -+ keylen := keyLength -+ if _, err := ossl.EVP_PKEY_derive(ctx, base(out), &keylen); err != nil { -+ return nil, err -+ } -+ case 3: -+ ctx, err := newHKDFCtx3(md, ossl.EVP_KDF_HKDF_MODE_EXPAND_ONLY, nil, nil, pseudorandomKey, info) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EVP_KDF_CTX_free(ctx) -+ if _, err := ossl.EVP_KDF_derive(ctx, base(out), keyLength, nil); err != nil { -+ return nil, err -+ } -+ default: -+ panic(errUnsupportedVersion()) -+ } -+ return out, nil -+} -+ -+// ExpandTLS13KDF derives a key from the given hash, key, label and context. It will use -+// "TLS13-KDF" algorithm to do so. -+func ExpandTLS13KDF(h func() hash.Hash, pseudorandomKey, label, context []byte, keyLength int) ([]byte, error) { -+ if !SupportsTLS13KDF() { -+ return nil, errUnsupportedVersion() -+ } -+ -+ md, err := hashFuncToMD(h) -+ if err != nil { -+ return nil, err -+ } -+ -+ out := make([]byte, keyLength) -+ -+ ctx, err := newTLS13KDFExpandCtx3(md, label, context, pseudorandomKey) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EVP_KDF_CTX_free(ctx) -+ if _, err := ossl.EVP_KDF_derive(ctx, base(out), keyLength, nil); err != nil { -+ return nil, err -+ } -+ return out, nil -+} -+ -+func ExpandHKDF(h func() hash.Hash, pseudorandomKey, info []byte) (io.Reader, error) { -+ if !SupportsHKDF() { -+ return nil, errUnsupportedVersion() -+ } -+ -+ md, err := hashFuncToMD(h) -+ if err != nil { -+ return nil, err -+ } -+ -+ size := int(ossl.EVP_MD_get_size(md)) -+ -+ switch vMajor { -+ case 1: -+ ctx, err := newHKDFCtx1(md, ossl.EVP_KDF_HKDF_MODE_EXPAND_ONLY, nil, nil, pseudorandomKey, info) -+ if err != nil { -+ return nil, err -+ } -+ c := &hkdf1{ctx: ctx, hashLen: size} -+ runtime.SetFinalizer(c, (*hkdf1).finalize) -+ return c, nil -+ case 3: -+ ctx, err := newHKDFCtx3(md, ossl.EVP_KDF_HKDF_MODE_EXPAND_ONLY, nil, nil, pseudorandomKey, info) -+ if err != nil { -+ return nil, err -+ } -+ c := &hkdf3{ctx: ctx, hashLen: size} -+ runtime.SetFinalizer(c, (*hkdf3).finalize) -+ return c, nil -+ default: -+ panic(errUnsupportedVersion()) -+ } -+} -+ -+type hkdf3 struct { -+ ctx ossl.EVP_KDF_CTX_PTR -+ -+ hashLen int -+ buf []byte -+} -+ -+func (c *hkdf3) finalize() { -+ if c.ctx != nil { -+ ossl.EVP_KDF_CTX_free(c.ctx) -+ } -+} -+ -+// fetchTLS13_KDF fetches the TLS13-KDF algorithm. -+// It is safe to call this function concurrently. -+// The returned EVP_KDF_PTR shouldn't be freed. -+var fetchTLS13_KDF = sync.OnceValues(func() (ossl.EVP_KDF_PTR, error) { -+ checkMajorVersion(3) -+ -+ kdf, err := ossl.EVP_KDF_fetch(nil, _OSSL_KDF_NAME_TLS13_KDF.ptr(), nil) -+ if err != nil { -+ return nil, err -+ } -+ return kdf, nil -+}) -+ -+// newTLS13KDFExpandCtx3 fetches the "TLS13-KDF" for TLS 1.3 handshakes. -+func newTLS13KDFExpandCtx3(md ossl.EVP_MD_PTR, label, context, pseudorandomKey []byte) (_ ossl.EVP_KDF_CTX_PTR, err error) { -+ checkMajorVersion(3) -+ -+ kdf, err := fetchTLS13_KDF() -+ if err != nil { -+ return nil, err -+ } -+ -+ ctx, err := ossl.EVP_KDF_CTX_new(kdf) -+ if err != nil { -+ return nil, err -+ } -+ defer func() { -+ if err != nil { -+ ossl.EVP_KDF_CTX_free(ctx) -+ } -+ }() -+ -+ bld, err := newParamBuilder() -+ if err != nil { -+ return ctx, err -+ } -+ bld.addUTF8String(_OSSL_KDF_PARAM_DIGEST, ossl.EVP_MD_get0_name(md), 0) -+ bld.addInt32(_OSSL_KDF_PARAM_MODE, int32(ossl.EVP_KDF_HKDF_MODE_EXPAND_ONLY)) -+ bld.addOctetString(_OSSL_KDF_PARAM_PREFIX, []byte("tls13 ")) -+ bld.addOctetString(_OSSL_KDF_PARAM_LABEL, label) -+ bld.addOctetString(_OSSL_KDF_PARAM_DATA, context) -+ bld.addOctetString(_OSSL_KDF_PARAM_KEY, pseudorandomKey) -+ -+ params, err := bld.build() -+ if err != nil { -+ return ctx, err -+ } -+ defer ossl.OSSL_PARAM_free(params) -+ -+ if _, err := ossl.EVP_KDF_CTX_set_params(ctx, params); err != nil { -+ return ctx, err -+ } -+ return ctx, nil -+} -+ -+// fetchHKDF3 fetches the HKDF algorithm. -+// It is safe to call this function concurrently. -+// The returned EVP_KDF_PTR shouldn't be freed. -+var fetchHKDF3 = sync.OnceValues(func() (ossl.EVP_KDF_PTR, error) { -+ checkMajorVersion(3) -+ -+ kdf, err := ossl.EVP_KDF_fetch(nil, _OSSL_KDF_NAME_HKDF.ptr(), nil) -+ if err != nil { -+ return nil, err -+ } -+ return kdf, nil -+}) -+ -+// newHKDFCtx3 implements HKDF for OpenSSL 3 using the EVP_KDF API. -+func newHKDFCtx3(md ossl.EVP_MD_PTR, mode int32, secret, salt, pseudorandomKey, info []byte) (_ ossl.EVP_KDF_CTX_PTR, err error) { -+ checkMajorVersion(3) -+ -+ kdf, err := fetchHKDF3() -+ if err != nil { -+ return nil, err -+ } -+ ctx, err := ossl.EVP_KDF_CTX_new(kdf) -+ if err != nil { -+ return nil, err -+ } -+ defer func() { -+ if err != nil { -+ ossl.EVP_KDF_CTX_free(ctx) -+ } -+ }() -+ -+ bld, err := newParamBuilder() -+ if err != nil { -+ return ctx, err -+ } -+ bld.addUTF8String(_OSSL_KDF_PARAM_DIGEST, ossl.EVP_MD_get0_name(md), 0) -+ bld.addInt32(_OSSL_KDF_PARAM_MODE, int32(mode)) -+ bld.addOctetString(_OSSL_KDF_PARAM_KEY, secret) -+ bld.addOctetString(_OSSL_KDF_PARAM_SALT, salt) -+ bld.addOctetString(_OSSL_KDF_PARAM_KEY, pseudorandomKey) -+ bld.addOctetString(_OSSL_KDF_PARAM_INFO, info) -+ params, err := bld.build() -+ if err != nil { -+ return ctx, err -+ } -+ defer ossl.OSSL_PARAM_free(params) -+ -+ if _, err := ossl.EVP_KDF_CTX_set_params(ctx, params); err != nil { -+ return ctx, err -+ } -+ return ctx, nil -+} -+ -+func (c *hkdf3) Read(p []byte) (int, error) { -+ defer runtime.KeepAlive(c) -+ -+ // EVP_KDF_derive doesn't support incremental output, each call -+ // derives the key from scratch and returns the requested bytes. -+ // To implement io.Reader, we need to ask for len(c.buf) + len(p) -+ // bytes and copy the last derived len(p) bytes to p. -+ // We use c.buf to know how many bytes we've already derived and -+ // to avoid allocating the whole output buffer on each call. -+ prevLen := len(c.buf) -+ needLen := len(p) -+ remains := 255*c.hashLen - prevLen -+ // Check whether enough data can be generated. -+ if remains < needLen { -+ return 0, errors.New("hkdf: entropy limit reached") -+ } -+ c.buf = append(c.buf, make([]byte, needLen)...) -+ outLen := prevLen + needLen -+ if _, err := ossl.EVP_KDF_derive(c.ctx, base(c.buf), outLen, nil); err != nil { -+ return 0, err -+ } -+ n := copy(p, c.buf[prevLen:outLen]) -+ return n, nil -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/hmac.go b/src/vendor/github.com/golang-fips/openssl/v2/hmac.go -new file mode 100644 -index 00000000000000..f600f0f4e036e4 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/hmac.go -@@ -0,0 +1,283 @@ -+//go:build !cmd_go_bootstrap -+ -+package openssl -+ -+import "C" -+import ( -+ "hash" -+ "runtime" -+ "slices" -+ "sync" -+ "unsafe" -+ -+ "github.com/golang-fips/openssl/v2/internal/ossl" -+) -+ -+// NewHMAC returns a new HMAC using OpenSSL. -+// The function h must return a hash implemented by -+// OpenSSL (for example, h could be openssl.NewSHA256). -+// If h is not recognized, NewHMAC returns nil. -+func NewHMAC(fh func() hash.Hash, key []byte) hash.Hash { -+ h, _ := hashFuncHash(fh) -+ md := hashToMD(h) -+ if md == nil { -+ return nil -+ } -+ -+ if len(key) == 0 { -+ // This is supported in OpenSSL/Standard lib and as such -+ // we must support it here. When using HMAC with a null key -+ // HMAC_Init will try and reuse the key from the ctx. This is -+ // not the behavior previously implemented, so as a workaround -+ // we pass an "empty" key. -+ key = make([]byte, ossl.EVP_MAX_MD_SIZE) -+ } -+ -+ hmac := &opensslHMAC{ -+ size: h.Size(), -+ blockSize: h.BlockSize(), -+ } -+ -+ switch vMajor { -+ case 1: -+ ctx := newHMAC1(key, md) -+ if ctx.ctx == nil { -+ return nil -+ } -+ hmac.ctx1 = ctx -+ case 3: -+ ctx := newHMAC3(key, md) -+ if ctx.ctx == nil { -+ return nil -+ } -+ hmac.ctx3 = ctx -+ default: -+ panic(errUnsupportedVersion()) -+ } -+ runtime.SetFinalizer(hmac, (*opensslHMAC).finalize) -+ return hmac -+} -+ -+// hmacCtx3 is used for OpenSSL 1. -+type hmacCtx1 struct { -+ ctx ossl.HMAC_CTX_PTR -+} -+ -+// hmacCtx3 is used for OpenSSL 3. -+type hmacCtx3 struct { -+ ctx ossl.EVP_MAC_CTX_PTR -+ key []byte // only set for OpenSSL 3.0.0, 3.0.1, and 3.0.2. -+} -+ -+type opensslHMAC struct { -+ ctx1 hmacCtx1 -+ ctx3 hmacCtx3 -+ size int -+ blockSize int -+ sum [maxHashSize]byte -+} -+ -+func newHMAC1(key []byte, md ossl.EVP_MD_PTR) hmacCtx1 { -+ ctx, err := ossl.HMAC_CTX_new() -+ if err != nil { -+ panic(err) -+ } -+ if _, err := ossl.HMAC_Init_ex(ctx, unsafe.Pointer(&key[0]), int32(len(key)), md, nil); err != nil { -+ panic(err) -+ } -+ return hmacCtx1{ctx} -+} -+ -+var hmacDigestsSupported sync.Map -+var fetchHMAC3 = sync.OnceValue(func() ossl.EVP_MAC_PTR { -+ mac, err := ossl.EVP_MAC_fetch(nil, _OSSL_MAC_NAME_HMAC.ptr(), nil) -+ if err != nil { -+ panic(err) -+ } -+ return mac -+}) -+ -+func buildHMAC3Params(md ossl.EVP_MD_PTR) (ossl.OSSL_PARAM_PTR, error) { -+ bld, err := newParamBuilder() -+ if err != nil { -+ return nil, err -+ } -+ defer bld.finalize() -+ bld.addUTF8String(_OSSL_MAC_PARAM_DIGEST, ossl.EVP_MD_get0_name(md), 0) -+ return bld.build() -+} -+ -+func isHMAC3DigestSupported(md ossl.EVP_MD_PTR) bool { -+ nid := ossl.EVP_MD_get_type(md) -+ if v, ok := hmacDigestsSupported.Load(nid); ok { -+ return v.(bool) -+ } -+ ctx, err := ossl.EVP_MAC_CTX_new(fetchHMAC3()) -+ if err != nil { -+ panic(err) -+ } -+ defer ossl.EVP_MAC_CTX_free(ctx) -+ -+ params, err := buildHMAC3Params(md) -+ if err != nil { -+ panic(err) -+ } -+ defer ossl.OSSL_PARAM_free(params) -+ -+ _, err = ossl.EVP_MAC_CTX_set_params(ctx, params) -+ supported := err == nil -+ hmacDigestsSupported.Store(nid, supported) -+ return supported -+} -+ -+func newHMAC3(key []byte, md ossl.EVP_MD_PTR) hmacCtx3 { -+ if !isHMAC3DigestSupported(md) { -+ // The digest is not supported by the HMAC provider. -+ // Don't panic here so the Go standard library to -+ // fall back to the Go implementation. -+ // See https://github.com/golang-fips/openssl/issues/153. -+ return hmacCtx3{} -+ } -+ params, err := buildHMAC3Params(md) -+ if err != nil { -+ panic(err) -+ } -+ defer ossl.OSSL_PARAM_free(params) -+ -+ ctx, err := ossl.EVP_MAC_CTX_new(fetchHMAC3()) -+ if err != nil { -+ panic(err) -+ } -+ -+ if _, err := ossl.EVP_MAC_init(ctx, base(key), len(key), params); err != nil { -+ ossl.EVP_MAC_CTX_free(ctx) -+ panic(err) -+ } -+ var hkey []byte -+ if vMinor == 0 && vPatch <= 2 { -+ // EVP_MAC_init only resets the ctx internal state if a key is passed -+ // when using OpenSSL 3.0.0, 3.0.1, and 3.0.2. Save a copy of the key -+ // in the context so Reset can use it later. New OpenSSL versions -+ // do not have this issue so it isn't necessary to save the key. -+ // See https://github.com/openssl/openssl/issues/17811. -+ hkey = make([]byte, len(key)) -+ copy(hkey, key) -+ } -+ return hmacCtx3{ctx, hkey} -+} -+ -+func (h *opensslHMAC) Reset() { -+ switch vMajor { -+ case 1: -+ if _, err := ossl.HMAC_Init_ex(h.ctx1.ctx, nil, 0, nil, nil); err != nil { -+ panic(err) -+ } -+ case 3: -+ if _, err := ossl.EVP_MAC_init(h.ctx3.ctx, base(h.ctx3.key), len(h.ctx3.key), nil); err != nil { -+ panic(err) -+ } -+ default: -+ panic(errUnsupportedVersion()) -+ } -+ -+ runtime.KeepAlive(h) // Next line will keep h alive too; just making doubly sure. -+} -+ -+func (h *opensslHMAC) finalize() { -+ if h.ctx1.ctx != nil { -+ ossl.HMAC_CTX_free(h.ctx1.ctx) -+ } -+ if h.ctx3.ctx != nil { -+ ossl.EVP_MAC_CTX_free(h.ctx3.ctx) -+ } -+} -+ -+func (h *opensslHMAC) Write(p []byte) (int, error) { -+ if len(p) > 0 { -+ switch vMajor { -+ case 1: -+ ossl.HMAC_Update(h.ctx1.ctx, base(p), len(p)) -+ case 3: -+ ossl.EVP_MAC_update(h.ctx3.ctx, base(p), len(p)) -+ default: -+ panic(errUnsupportedVersion()) -+ } -+ } -+ runtime.KeepAlive(h) -+ return len(p), nil -+} -+ -+func (h *opensslHMAC) Size() int { -+ return h.size -+} -+ -+func (h *opensslHMAC) BlockSize() int { -+ return h.blockSize -+} -+ -+func (h *opensslHMAC) Sum(in []byte) []byte { -+ // Make copy of context because Go hash.Hash mandates -+ // that Sum has no effect on the underlying stream. -+ // In particular it is OK to Sum, then Write more, then Sum again, -+ // and the second Sum acts as if the first didn't happen. -+ switch vMajor { -+ case 1: -+ ctx2, err := ossl.HMAC_CTX_new() -+ if err != nil { -+ panic(err) -+ } -+ defer ossl.HMAC_CTX_free(ctx2) -+ if _, err := ossl.HMAC_CTX_copy(ctx2, h.ctx1.ctx); err != nil { -+ panic(err) -+ } -+ ossl.HMAC_Final(ctx2, base(h.sum[:h.size]), nil) -+ case 3: -+ ctx2, err := ossl.EVP_MAC_CTX_dup(h.ctx3.ctx) -+ if err != nil { -+ panic(err) -+ } -+ defer ossl.EVP_MAC_CTX_free(ctx2) -+ ossl.EVP_MAC_final(ctx2, base(h.sum[:h.size]), nil, len(h.sum)) -+ default: -+ panic(errUnsupportedVersion()) -+ } -+ return append(in, h.sum[:h.size]...) -+} -+ -+func (h *opensslHMAC) Clone() (HashCloner, error) { -+ switch vMajor { -+ case 1: -+ ctx2, err := ossl.HMAC_CTX_new() -+ if err != nil { -+ panic(err) -+ } -+ if _, err := ossl.HMAC_CTX_copy(ctx2, h.ctx1.ctx); err != nil { -+ ossl.HMAC_CTX_free(ctx2) -+ panic(err) -+ } -+ cl := &opensslHMAC{ -+ ctx1: hmacCtx1{ctx: ctx2}, -+ size: h.size, -+ blockSize: h.blockSize, -+ } -+ runtime.SetFinalizer(cl, (*opensslHMAC).finalize) -+ return cl, nil -+ -+ case 3: -+ ctx2, err := ossl.EVP_MAC_CTX_dup(h.ctx3.ctx) -+ if err != nil { -+ panic(err) -+ } -+ -+ cl := &opensslHMAC{ -+ ctx3: hmacCtx3{ctx: ctx2, key: slices.Clone(h.ctx3.key)}, -+ size: h.size, -+ blockSize: h.blockSize, -+ } -+ runtime.SetFinalizer(cl, (*opensslHMAC).finalize) -+ return cl, nil -+ -+ default: -+ panic(errUnsupportedVersion()) -+ } -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/init.go b/src/vendor/github.com/golang-fips/openssl/v2/init.go -new file mode 100644 -index 00000000000000..3ea2a896a38c5a ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/init.go -@@ -0,0 +1,157 @@ -+//go:build !cmd_go_bootstrap -+ -+package openssl -+ -+import "C" -+import ( -+ "errors" -+ "unsafe" -+ -+ "github.com/golang-fips/openssl/v2/internal/ossl" -+) -+ -+// osslHandle is the handle to the OpenSSL shared library loaded in the [Init] function. -+var osslHandle unsafe.Pointer -+ -+// opensslInit loads and initializes OpenSSL. -+// -+// See [Init] for details about file. -+func opensslInit(file string) error { -+ // Load the OpenSSL shared library using dlopen. -+ handle, close, err := openLibrary(file) -+ if err != nil { -+ return err -+ } -+ -+ ossl.MkcgoLoad_(handle) -+ if vMajor == 1 { -+ ossl.MkcgoLoad_legacy_1(handle) -+ if vPatch == 1 { -+ ossl.MkcgoLoad_111(handle) -+ } -+ } else { -+ ossl.MkcgoLoad_111(handle) -+ ossl.MkcgoLoad_3(handle) -+ } -+ -+ // Initialize OpenSSL. -+ ossl.OPENSSL_init() -+ if _, err = ossl.OPENSSL_init_crypto( -+ ossl.OPENSSL_INIT_ADD_ALL_CIPHERS| -+ ossl.OPENSSL_INIT_ADD_ALL_DIGESTS| -+ ossl.OPENSSL_INIT_LOAD_CONFIG| -+ ossl.OPENSSL_INIT_LOAD_CRYPTO_STRINGS, -+ nil); err != nil { -+ close() -+ return err -+ } -+ osslHandle = handle -+ return nil -+} -+ -+// initForCheckVersion loads and initialize only the -+// functions required in [CheckVersion]. -+// It returns a close function that must be called to release the resources. -+// -+// This function modifies the vMajor, vMinor, and vPatch global variables as -+// well as other internal global variables that facilitate OpenSSL calls. -+// -+// If the function succeeds, calling the close function restores the previous -+// state of the global variables. If it fails, the global variables are restored -+// before returning. -+func initForCheckVersion(file string) (func(), error) { -+ prevMajor, prevMinor, prevPatch := vMajor, vMinor, vPatch -+ restoreVersion := func() { -+ vMajor, vMinor, vPatch = prevMajor, prevMinor, prevPatch -+ } -+ handle, close, err := openLibrary(file) -+ if err != nil { -+ restoreVersion() -+ return nil, err -+ } -+ initFuncs := func() (loadX func(unsafe.Pointer), unloadX func()) { -+ switch vMajor { -+ case 1: -+ loadX = ossl.MkcgoLoad_init_1 -+ unloadX = ossl.MkcgoUnload_init_1 -+ case 3: -+ loadX = ossl.MkcgoLoad_init_3 -+ unloadX = ossl.MkcgoUnload_init_3 -+ default: -+ // We shouldn't get here: openLibrary should have already returned an error. -+ panic(errUnsupportedVersion()) -+ } -+ return -+ } -+ loadX, unloadX := initFuncs() -+ loadX(handle) -+ return func() { -+ restoreVersion() -+ close() -+ unloadX() -+ if osslHandle != nil { -+ // If osslHandle is not nil, it means that the library was already loaded -+ // and initialized. In this case, we need to reload the functions from -+ // the original handle. -+ loadX, _ = initFuncs() -+ loadX(osslHandle) -+ } -+ }, nil -+} -+ -+// openLibrary loads and initialize the version of OpenSSL. -+// It returns the handle to the OpenSSL shared library -+// and a function that can be called to release the resources. -+func openLibrary(file string) (handle unsafe.Pointer, close func(), err error) { -+ vMajor, vMinor, vPatch = 0, 0, 0 -+ handle, err = dlopen(file) -+ if err != nil { -+ return nil, nil, err -+ } -+ // Retrieve the loaded OpenSSL version and check if it is supported. -+ // Notice that major and minor could not match with the version parameter -+ // in case the name of the shared library file differs from the OpenSSL -+ // version it contains. -+ ossl.MkcgoLoad_version(handle) -+ close = func() { -+ dlclose(handle) -+ if osslHandle == nil { -+ ossl.MkcgoUnload_version() -+ } else { -+ ossl.MkcgoLoad_version(osslHandle) -+ } -+ } -+ defer func() { -+ if err != nil { -+ close() -+ } -+ }() -+ -+ if ossl.OPENSSL_version_major_Available() && -+ ossl.OPENSSL_version_minor_Available() && -+ ossl.OPENSSL_version_patch_Available() { -+ // Likely OpenSSL 3 or later. -+ vMajor = uint(ossl.OPENSSL_version_major()) -+ vMinor = uint(ossl.OPENSSL_version_minor()) -+ vPatch = uint(ossl.OPENSSL_version_patch()) -+ } else if ossl.OpenSSL_version_num_Available() { -+ // Likely OpenSSL 1. -+ ver := ossl.OpenSSL_version_num() -+ vMajor = uint(ver >> 28) -+ vMinor = uint(ver >> 20 & 0xFF) -+ vPatch = uint(ver >> 12 & 0xFF) -+ } else { -+ return handle, nil, errors.New("openssl: version not available") -+ } -+ var supported bool -+ if vMajor == 1 { -+ supported = vMinor == 1 -+ } else if vMajor == 3 { -+ // OpenSSL guarantees API and ABI compatibility within the same major version since OpenSSL 3. -+ supported = true -+ } -+ if !supported { -+ return handle, nil, errUnsupportedVersion() -+ } -+ return handle, close, nil -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/init_unix.go b/src/vendor/github.com/golang-fips/openssl/v2/init_unix.go -new file mode 100644 -index 00000000000000..dbf5ac448fdf80 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/init_unix.go -@@ -0,0 +1,31 @@ -+//go:build unix && !cmd_go_bootstrap -+ -+package openssl -+ -+// #cgo LDFLAGS: -ldl -+// #include -+// #include -+import "C" -+import ( -+ "errors" -+ "unsafe" -+) -+ -+func dlopen(file string) (handle unsafe.Pointer, err error) { -+ cv := C.CString(file) -+ defer C.free(unsafe.Pointer(cv)) -+ handle = C.dlopen(cv, C.RTLD_LAZY|C.RTLD_LOCAL) -+ if handle == nil { -+ errstr := C.GoString(C.dlerror()) -+ return nil, errors.New("openssl: can't load " + file + ": " + errstr) -+ } -+ return handle, nil -+} -+ -+func dlclose(handle unsafe.Pointer) error { -+ if C.dlclose(handle) != 0 { -+ errstr := C.GoString(C.dlerror()) -+ return errors.New("openssl: can't close libcrypto: " + errstr) -+ } -+ return nil -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/init_windows.go b/src/vendor/github.com/golang-fips/openssl/v2/init_windows.go -new file mode 100644 -index 00000000000000..3778e21227abb9 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/init_windows.go -@@ -0,0 +1,36 @@ -+//go:build !cmd_go_bootstrap -+ -+package openssl -+ -+import ( -+ "syscall" -+ "unsafe" -+) -+ -+type dlopenError struct { -+ file string -+ err error -+} -+ -+func (e *dlopenError) Error() string { -+ return "openssl: can't load " + e.file + ": " + e.err.Error() -+} -+ -+func (e *dlopenError) Unwrap() error { -+ return e.err -+} -+ -+func dlopen(file string) (handle unsafe.Pointer, err error) { -+ // As Windows generally does not ship with a system OpenSSL library, let -+ // alone a FIPS 140 certified one, use the default library search order so -+ // that we preferentially load the DLL bundled with the application. -+ h, err := syscall.LoadLibrary(file) -+ if err != nil { -+ return nil, &dlopenError{file: file, err: err} -+ } -+ return unsafe.Pointer(h), nil -+} -+ -+func dlclose(handle unsafe.Pointer) error { -+ return syscall.FreeLibrary(syscall.Handle(handle)) -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/errors.go b/src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/errors.go -new file mode 100644 -index 00000000000000..68711f8e43d70f ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/errors.go -@@ -0,0 +1,119 @@ -+package ossl -+ -+/* -+#include // for calloc and free -+#include // for strdup -+#include "zossl.h" -+ -+// OpenSSL only allows a maximum of 16 errors to be stored in the error queue. -+#define ERR_NUM_MAX 16 -+ -+// ossl_err_state is a custom structure to hold the error state -+// of OpenSSL. -+typedef struct ossl_err_state_st { -+ unsigned long code[ERR_NUM_MAX]; -+ int line[ERR_NUM_MAX]; -+ char *file[ERR_NUM_MAX]; -+} ossl_err_state; -+ -+// mkcgo_err_retrieve retrieves the error state from OpenSSL. -+// It returns a pointer to a mkcgo_err_state structure -+// that contains the error codes, lines, and file names. -+// The caller is responsible for freeing the memory -+// by calling mkcgo_err_free. -+mkcgo_err_state mkcgo_err_retrieve() { -+ ossl_err_state *errs = (ossl_err_state *)calloc(1, sizeof(ossl_err_state)); -+ if (errs == NULL) return NULL; -+ -+ // Retrieve the errors from OpenSSL. -+ for (int i = 0; i < ERR_NUM_MAX; i++) { -+ const char *file; -+ if (_mkcgo_available_OPENSSL_version_major() == 1) { // Only available in OpenSSL 3. -+ // OpenSSL 3 error handling -+ errs->code[i] = _mkcgo_ERR_get_error_all(&file, &errs->line[i], NULL, NULL, NULL); -+ } else { -+ // OpenSSL 1 error handling -+ errs->code[i] = _mkcgo_ERR_get_error_line(&file, &errs->line[i]); -+ } -+ if (errs->code[i] == 0) { -+ break; -+ } -+ if (file != NULL) { -+ // Copy the file name as the pointer we just retrieved will be freed by OpenSSL -+ // when the error queue is cleared. -+ errs->file[i] = strdup(file); -+ } -+ } -+ return errs; -+} -+ -+// mkcgo_err_free frees the memory allocated for the mkcgo_err_state structure. -+void mkcgo_err_free(mkcgo_err_state errs) { -+ if (errs == NULL) return; -+ -+ ossl_err_state *oerrs = (ossl_err_state *)errs; -+ for (int i = 0; i < ERR_NUM_MAX; i++) { -+ if (oerrs->file[i] != NULL) { -+ free((void *)oerrs->file[i]); -+ } -+ } -+ free(errs); -+} -+*/ -+import "C" -+import ( -+ "bytes" -+ "errors" -+ "strconv" -+ "strings" -+ "unsafe" -+) -+ -+// newMkcgoErr creates a new error from the given mkcgo_err_state -+// and frees the state. If errst is nil, it returns nil. -+func newMkcgoErr(msg string, errst C.mkcgo_err_state) error { -+ if errst == nil { -+ return nil -+ } -+ defer C.mkcgo_err_free(errst) -+ oerrst := (*C.ossl_err_state)(unsafe.Pointer(errst)) -+ var b strings.Builder -+ b.WriteString(msg) -+ b.WriteString("\nopenssl error(s):") -+ for i := range C.ERR_NUM_MAX { -+ e := uint32(oerrst.code[i]) -+ if e == 0 { -+ break -+ } -+ b.WriteByte('\n') -+ var buf [256]byte -+ ERR_error_string_n(e, unsafe.SliceData(buf[:]), len(buf)) -+ if termIdx := bytes.IndexByte(buf[:], 0); termIdx != -1 { -+ b.Write(buf[:termIdx]) -+ } else { -+ b.Write(buf[:]) -+ } -+ if oerrst.file[i] == nil { -+ // info not available -+ continue -+ } -+ b.WriteString("\n\t") -+ b.Write(cstrBytes(oerrst.file[i])) -+ b.WriteByte(':') -+ b.WriteString(strconv.Itoa(int(oerrst.line[i]))) -+ } -+ return errors.New(b.String()) -+} -+ -+// cstrBytes returns a byte slice containing the contents of the C string -+// pointed to by p. The slice does not include the terminating null byte. -+func cstrBytes(p *C.char) []byte { -+ if p == nil { -+ return nil -+ } -+ end := unsafe.Pointer(p) -+ for *(*byte)(end) != 0 { -+ end = unsafe.Add(end, 1) -+ } -+ return unsafe.Slice((*byte)(unsafe.Pointer(p)), uintptr(end)-uintptr(unsafe.Pointer(p))) -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/ossl.go b/src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/ossl.go -new file mode 100644 -index 00000000000000..e0d0b8e8bd8cf3 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/ossl.go -@@ -0,0 +1,81 @@ -+// Package ossl provides a Go interface to OpenSSL. -+package ossl -+ -+//go:generate go run ../../cmd/mkcgo -out zossl.go -package ossl shims.h -+ -+/* -+#include "zossl.h" -+// go_hash_sum copies ctx into ctx2 and calls EVP_DigestFinal_ex using ctx2. -+// This is necessary because Go hash.Hash mandates that Sum has no effect -+// on the underlying stream. In particular it is OK to Sum, then Write more, -+// then Sum again, and the second Sum acts as if the first didn't happen. -+// It is written in C because Sum() tend to be in the hot path, -+// and doing one cgo call instead of two is a significant performance win. -+static inline int -+go_hash_sum(const _EVP_MD_CTX_PTR ctx, _EVP_MD_CTX_PTR ctx2, unsigned char *out, mkcgo_err_state *_err_state) -+{ -+ if (_mkcgo_EVP_MD_CTX_copy(ctx2, ctx, _err_state) != 1) -+ return -1; -+ if (_mkcgo_EVP_DigestFinal_ex(ctx2, out, NULL, _err_state) <= 0) -+ return -2; -+ return 1; -+} -+*/ -+import "C" -+import ( -+ "unsafe" -+) -+ -+func HashSum(ctx1, ctx2 EVP_MD_CTX_PTR, out []byte) error { -+ var errst C.mkcgo_err_state -+ if code := C.go_hash_sum(ctx1, ctx2, (*C.uchar)(unsafe.SliceData(out)), mkcgoNoEscape(&errst)); code != 1 { -+ msg := "go_hash_sum" -+ switch code { -+ case -1: -+ msg = "EVP_MD_CTX_copy" -+ case -2: -+ msg = "EVP_DigestFinal_ex" -+ } -+ return newMkcgoErr(msg, errst) -+ } -+ return nil -+} -+ -+const _OSSL_PARAM_UNMODIFIED uint = uint(^uintptr(0)) -+ -+// OSSL_PARAM is a structure to pass or request object parameters. -+// https://docs.openssl.org/3.0/man3/OSSL_PARAM/. -+type OSSL_PARAM struct { -+ Key *byte -+ DataType uint32 -+ Data unsafe.Pointer -+ DataSize uint -+ ReturnSize uint -+} -+ -+func ossl_param_construct(key *byte, dataType uint32, data unsafe.Pointer, dataSize int) OSSL_PARAM { -+ return OSSL_PARAM{ -+ Key: key, -+ DataType: dataType, -+ Data: data, -+ DataSize: uint(dataSize), -+ ReturnSize: _OSSL_PARAM_UNMODIFIED, -+ } -+} -+ -+func OSSL_PARAM_construct_octet_string(key *byte, data unsafe.Pointer, dataSize int) OSSL_PARAM { -+ return ossl_param_construct(key, OSSL_PARAM_OCTET_STRING, data, dataSize) -+} -+ -+func OSSL_PARAM_construct_int32(key *byte, data *int32) OSSL_PARAM { -+ return ossl_param_construct(key, OSSL_PARAM_INTEGER, unsafe.Pointer(data), 4) -+} -+ -+func OSSL_PARAM_construct_end() OSSL_PARAM { -+ return OSSL_PARAM{} -+} -+ -+func OSSL_PARAM_modified(param *OSSL_PARAM) bool { -+ // If ReturnSize is not set, the parameter has not been modified. -+ return param != nil && param.ReturnSize != _OSSL_PARAM_UNMODIFIED -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/shims.h b/src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/shims.h -new file mode 100644 -index 00000000000000..5790defeb6eb55 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/shims.h -@@ -0,0 +1,399 @@ -+// This header file is used by the mkcgo tool to generate cgo and Go bindings for the -+// OpenSSL C API. Run "go generate ." to regenerate the bindings. -+// Do not include this file, import "zossl.h" instead. -+ -+#ifndef _GO_OSSL_SHIMS_H // only include this header once -+#define _GO_OSSL_SHIMS_H -+ -+#include // size_t -+#include // uint64_t -+ -+// The following includes are used by the checkheader tool. -+// #include -+// #include -+// #include -+// #include -+// #include -+// #include -+// #include -+// #include -+// #include -+// #include -+// #if OPENSSL_VERSION_NUMBER >= 0x30000000L -+// #include -+// #include -+// #include -+// #include -+// #endif -+// #if OPENSSL_VERSION_NUMBER < 0x10100000L -+// #include -+// #endif -+ -+enum { -+ _POINT_CONVERSION_UNCOMPRESSED = 4, -+ -+ _OPENSSL_INIT_LOAD_CRYPTO_STRINGS = 0x00000002, -+ _OPENSSL_INIT_ADD_ALL_CIPHERS = 0x00000004, -+ _OPENSSL_INIT_ADD_ALL_DIGESTS = 0x00000008, -+ _OPENSSL_INIT_LOAD_CONFIG = 0x00000040, -+ -+ _EVP_CTRL_GCM_GET_TAG = 0x10, -+ _EVP_CTRL_GCM_SET_TAG = 0x11, -+ _EVP_PKEY_CTRL_MD = 1, -+ _EVP_PKEY_RSA = 6, -+ _EVP_PKEY_EC = 408, -+ _EVP_PKEY_TLS1_PRF = 1021, -+ _EVP_PKEY_HKDF = 1036, -+ _EVP_PKEY_ED25519 = 1087, -+ _EVP_PKEY_DSA = 116, -+ _EVP_PKEY_OP_DERIVE = (1 << 10), // this value differs between OpenSSL 1 and 3, but we only use it in 1 -+ _EVP_MAX_MD_SIZE = 64, -+ -+ _EVP_PKEY_PUBLIC_KEY = 0x86, -+ _EVP_PKEY_KEYPAIR = 0x87, -+ -+ _EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID = 0x1001, -+ -+ _EVP_KDF_HKDF_MODE_EXTRACT_ONLY = 1, -+ _EVP_KDF_HKDF_MODE_EXPAND_ONLY = 2, -+ -+ _EVP_PKEY_CTRL_TLS_MD = 0x1000, -+ _EVP_PKEY_CTRL_TLS_SECRET = 0x1001, -+ _EVP_PKEY_CTRL_TLS_SEED = 0x1002, -+ _EVP_PKEY_CTRL_HKDF_MD = 0x1003, -+ _EVP_PKEY_CTRL_HKDF_SALT = 0x1004, -+ _EVP_PKEY_CTRL_HKDF_KEY = 0x1005, -+ _EVP_PKEY_CTRL_HKDF_INFO = 0x1006, -+ _EVP_PKEY_CTRL_HKDF_MODE = 0x1007, -+ -+ _NID_X9_62_prime256v1 = 415, -+ _NID_secp224r1 = 713, -+ _NID_secp384r1 = 715, -+ _NID_secp521r1 = 716, -+ -+ _RSA_PKCS1_PADDING = 1, -+ _RSA_NO_PADDING = 3, -+ _RSA_PKCS1_OAEP_PADDING = 4, -+ _RSA_PKCS1_PSS_PADDING = 6, -+ _RSA_PSS_SALTLEN_DIGEST = -1, -+ _RSA_PSS_SALTLEN_AUTO = -2, -+ _RSA_PSS_SALTLEN_MAX_SIGN = -2, -+ _RSA_PSS_SALTLEN_MAX = -3, -+ _EVP_PKEY_CTRL_RSA_PADDING = 0x1001, -+ _EVP_PKEY_CTRL_RSA_PSS_SALTLEN = 0x1002, -+ _EVP_PKEY_CTRL_RSA_KEYGEN_BITS = 0x1003, -+ _EVP_PKEY_CTRL_RSA_MGF1_MD = 0x1005, -+ _EVP_PKEY_CTRL_RSA_OAEP_MD = 0x1009, -+ _EVP_PKEY_CTRL_RSA_OAEP_LABEL = 0x100A, -+ _EVP_PKEY_CTRL_DSA_PARAMGEN_BITS = 0x1001, -+ _EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS = 0x1002, -+ -+ _OSSL_PARAM_INTEGER = 1, -+ _OSSL_PARAM_OCTET_STRING = 5, -+}; -+ -+typedef void* _OPENSSL_INIT_SETTINGS_PTR; -+typedef void* _OSSL_LIB_CTX_PTR; -+typedef void* _OSSL_PROVIDER_PTR; -+typedef void* _ENGINE_PTR; -+typedef void* _EVP_PKEY_PTR; -+typedef void* _EVP_PKEY_CTX_PTR; -+typedef void* _EVP_MD_PTR; -+typedef void* _EVP_MD_CTX_PTR; -+typedef void* _HMAC_CTX_PTR; -+typedef void* _EVP_CIPHER_PTR; -+typedef void* _EVP_CIPHER_CTX_PTR; -+typedef void* _EC_KEY_PTR; -+typedef void* _EC_POINT_PTR; -+typedef void* _EC_GROUP_PTR; -+typedef void* _RSA_PTR; -+typedef void* _BIGNUM_PTR; -+typedef void* _BN_CTX_PTR; -+typedef void* _EVP_MAC_PTR; -+typedef void* _EVP_MAC_CTX_PTR; -+typedef void* _OSSL_PARAM_BLD_PTR; -+typedef void* _OSSL_PARAM_PTR; -+typedef void* _EVP_SIGNATURE_PTR; -+typedef void* _DSA_PTR; -+typedef void* _EVP_KDF_PTR; -+typedef void* _EVP_KDF_CTX_PTR; -+typedef int point_conversion_form_t; -+ -+// Tags used by mkcgo to determine which OpenSSL version each function is available in: -+// - no tag: OpenSSL 1.0 or later -+// - legacy_1: Only OpenSSL 1 -+// - 3: OpenSSL 3.0 or later -+// - 111: OpenSSL 1.1.1 or later -+ -+// The noescape/nocallback attributes are performance optimizations. -+// Only add functions that have been observed to benefit from these -+// directives, not every function that is merely expected to meet -+// the noescape/nocallback criteria. -+ -+// ERR API -+void ERR_error_string_n(unsigned long e, char *buf, size_t len); -+void ERR_clear_error(void) __attribute__((tag(""),tag("init_3"))); -+unsigned long ERR_get_error_line(const char **file, int *line) __attribute__((tag("legacy_1"),noerror)); -+unsigned long ERR_get_error_all(const char **file, int *line, const char **func, const char **data, int *flags) __attribute__((tag("3"),noerror)); -+ -+// OPENSSL API -+const char *OpenSSL_version(int type) __attribute__((noerror)); -+void OPENSSL_init(void); -+int OPENSSL_init_crypto(uint64_t ops, const _OPENSSL_INIT_SETTINGS_PTR settings); -+unsigned long OpenSSL_version_num(void) __attribute__((tag("version"),optional,noerror)); -+unsigned int OPENSSL_version_major(void) __attribute__((tag("version"),optional,noerror)); -+unsigned int OPENSSL_version_minor(void) __attribute__((tag("version"),optional,noerror)); -+unsigned int OPENSSL_version_patch(void) __attribute__((tag("version"),optional,noerror)); -+ -+// CRYPTO API -+void *CRYPTO_malloc(size_t num, const char *file, int line); -+void CRYPTO_free(void *str, const char *file, int line); -+ -+// FIPS API -+int FIPS_mode(void) __attribute__((tag("legacy_1"),tag("init_1"),noerror)); -+int FIPS_mode_set(int r) __attribute__((tag("legacy_1"),tag("init_1"))); -+ -+// EVP Config API -+int EVP_default_properties_is_fips_enabled(_OSSL_LIB_CTX_PTR libctx) __attribute__((tag("3"),tag("init_3"),noerror)); -+int EVP_default_properties_enable_fips(_OSSL_LIB_CTX_PTR libctx, int enable) __attribute__((tag("3"))); -+ -+// OSSL_PROVIDER API -+int OSSL_PROVIDER_available(_OSSL_LIB_CTX_PTR libctx, const char *name) __attribute__((tag("3"),noerror)); -+_OSSL_PROVIDER_PTR OSSL_PROVIDER_try_load(_OSSL_LIB_CTX_PTR libctx, const char *name, int retain_fallbacks) __attribute__((tag("3"))); -+const char *OSSL_PROVIDER_get0_name(const _OSSL_PROVIDER_PTR prov) __attribute__((tag("3"),noerror)); -+ -+// RAND API -+int RAND_bytes(unsigned char *arg0, int arg1) __attribute__((noescape,nocallback)); -+ -+// EVP_MD API -+_EVP_MD_PTR EVP_MD_fetch(_OSSL_LIB_CTX_PTR ctx, const char *algorithm, const char *properties) __attribute__((tag("3"),tag("init_3"))); -+void EVP_MD_free(_EVP_MD_PTR md) __attribute__((tag("3"),tag("init_3"))); -+const char *EVP_MD_get0_name(const _EVP_MD_PTR md) __attribute__((tag("3"),noerror)); -+int EVP_MD_get_type(const _EVP_MD_PTR md) __attribute__((tag("3"),noerror)); -+const _OSSL_PROVIDER_PTR EVP_MD_get0_provider(const _EVP_MD_PTR md) __attribute__((tag("3"),tag("init_3"),noerror)); -+int EVP_MD_get_size(const _EVP_MD_PTR md) __attribute__((tag("3"),tag("legacy_1","EVP_MD_size"),noerror)); -+int EVP_MD_get_block_size(const _EVP_MD_PTR md) __attribute__((tag("3"),tag("legacy_1","EVP_MD_block_size"),noerror)); -+const _EVP_MD_PTR EVP_md5_sha1(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_ripemd160(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_md4(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_md5(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_sha1(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_sha224(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_sha256(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_sha384(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_sha512(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_sha512_224(void) __attribute__((tag("111"),noerror)); -+const _EVP_MD_PTR EVP_sha512_256(void) __attribute__((tag("111"),noerror)); -+const _EVP_MD_PTR EVP_sha3_224(void) __attribute__((tag("111"),noerror)); -+const _EVP_MD_PTR EVP_sha3_256(void) __attribute__((tag("111"),noerror)); -+const _EVP_MD_PTR EVP_sha3_384(void) __attribute__((tag("111"),noerror)); -+const _EVP_MD_PTR EVP_sha3_512(void) __attribute__((tag("111"),noerror)); -+ -+_EVP_MD_CTX_PTR EVP_MD_CTX_new(void); -+void EVP_MD_CTX_free(_EVP_MD_CTX_PTR ctx); -+int EVP_MD_CTX_copy(_EVP_MD_CTX_PTR out, const _EVP_MD_CTX_PTR in) __attribute__((noescape,nocallback)); -+int EVP_MD_CTX_copy_ex(_EVP_MD_CTX_PTR out, const _EVP_MD_CTX_PTR in); -+const _OSSL_PARAM_PTR EVP_MD_CTX_gettable_params(_EVP_MD_CTX_PTR ctx) __attribute__((tag("3"))); -+const _OSSL_PARAM_PTR EVP_MD_CTX_settable_params(_EVP_MD_CTX_PTR ctx) __attribute__((tag("3"))); -+int EVP_MD_CTX_get_params(_EVP_MD_CTX_PTR ctx, _OSSL_PARAM_PTR params) __attribute__((tag("3"))); -+int EVP_MD_CTX_set_params(_EVP_MD_CTX_PTR ctx, const _OSSL_PARAM_PTR params) __attribute__((tag("3"))); -+int EVP_Digest(const void *data, size_t count, unsigned char *md, unsigned int *size, const _EVP_MD_PTR type, _ENGINE_PTR impl) __attribute__((noescape,nocallback,nocheckptr("data"))); -+int EVP_DigestInit_ex(_EVP_MD_CTX_PTR ctx, const _EVP_MD_PTR type, _ENGINE_PTR impl); -+int EVP_DigestInit(_EVP_MD_CTX_PTR ctx, const _EVP_MD_PTR type); -+int EVP_DigestUpdate(_EVP_MD_CTX_PTR ctx, const void *d, size_t cnt) __attribute__((noescape,nocallback,nocheckptr("d"))); -+int EVP_DigestFinal_ex(_EVP_MD_CTX_PTR ctx, unsigned char *md, unsigned int *s) __attribute__((noescape,nocallback)); -+int EVP_DigestSign(_EVP_MD_CTX_PTR ctx, unsigned char *sigret, size_t *siglen, const unsigned char *tbs, size_t tbslen) __attribute__((tag("111"),noescape,nocallback)); -+int EVP_DigestSignInit(_EVP_MD_CTX_PTR ctx, _EVP_PKEY_CTX_PTR *pctx, const _EVP_MD_PTR type, _ENGINE_PTR e, _EVP_PKEY_PTR pkey); -+int EVP_DigestSignFinal(_EVP_MD_CTX_PTR ctx, unsigned char *sig, size_t *siglen); -+int EVP_DigestVerifyInit(_EVP_MD_CTX_PTR ctx, _EVP_PKEY_CTX_PTR *pctx, const _EVP_MD_PTR type, _ENGINE_PTR e, _EVP_PKEY_PTR pkey); -+int EVP_DigestVerifyFinal(_EVP_MD_CTX_PTR ctx, const unsigned char *sig, size_t siglen); -+int EVP_DigestVerify(_EVP_MD_CTX_PTR ctx, const unsigned char *sigret, size_t siglen, const unsigned char *tbs, size_t tbslen) __attribute__((tag("111"))); -+ -+// HMAC API -+int HMAC_Init_ex(_HMAC_CTX_PTR arg0, const void *arg1, int arg2, const _EVP_MD_PTR arg3, _ENGINE_PTR arg4) __attribute__((tag("legacy_1"))); -+int HMAC_Update(_HMAC_CTX_PTR arg0, const unsigned char *arg1, size_t arg2) __attribute__((tag("legacy_1"))); -+int HMAC_Final(_HMAC_CTX_PTR arg0, unsigned char *arg1, unsigned int *arg2) __attribute__((tag("legacy_1"))); -+ -+_HMAC_CTX_PTR HMAC_CTX_new(void) __attribute__((tag("legacy_1"))); -+int HMAC_CTX_copy(_HMAC_CTX_PTR dest, _HMAC_CTX_PTR src) __attribute__((tag("legacy_1"))); -+void HMAC_CTX_free(_HMAC_CTX_PTR arg0) __attribute__((tag("legacy_1"))); -+ -+// EVP_CIPHER API -+_EVP_CIPHER_PTR EVP_CIPHER_fetch(_OSSL_LIB_CTX_PTR ctx, const char *algorithm, const char *properties) __attribute__((tag("3"))); -+const char *EVP_CIPHER_get0_name(const _EVP_CIPHER_PTR cipher) __attribute__((tag("3"),noerror)); -+const _EVP_CIPHER_PTR EVP_aes_128_gcm(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_aes_128_cbc(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_aes_128_ctr(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_aes_128_ecb(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_aes_192_gcm(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_aes_192_cbc(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_aes_192_ctr(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_aes_192_ecb(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_aes_256_cbc(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_aes_256_ctr(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_aes_256_ecb(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_aes_256_gcm(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_des_ecb(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_des_cbc(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_des_ede3_ecb(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_des_ede3_cbc(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_rc4(void) __attribute__((noerror)); -+int EVP_CIPHER_get_block_size(const _EVP_CIPHER_PTR cipher) __attribute__((tag("3"),tag("legacy_1","EVP_CIPHER_block_size"),noerror)); -+ -+_EVP_CIPHER_CTX_PTR EVP_CIPHER_CTX_new(void); -+int EVP_CIPHER_CTX_set_padding(_EVP_CIPHER_CTX_PTR x, int padding); -+int EVP_CIPHER_CTX_set_key_length(_EVP_CIPHER_CTX_PTR x, int keylen); -+void EVP_CIPHER_CTX_free(_EVP_CIPHER_CTX_PTR arg0); -+int EVP_CIPHER_CTX_ctrl(_EVP_CIPHER_CTX_PTR ctx, int type, int arg, void *ptr); -+int EVP_CipherInit_ex(_EVP_CIPHER_CTX_PTR ctx, const _EVP_CIPHER_PTR type, _ENGINE_PTR impl, const unsigned char *key, const unsigned char *iv, int enc); -+int EVP_CipherUpdate(_EVP_CIPHER_CTX_PTR ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) __attribute__((noescape,nocallback)); -+int EVP_EncryptInit_ex(_EVP_CIPHER_CTX_PTR ctx, const _EVP_CIPHER_PTR type, _ENGINE_PTR impl, const unsigned char *key, const unsigned char *iv); -+int EVP_EncryptUpdate(_EVP_CIPHER_CTX_PTR ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) __attribute__((noescape,nocallback)); -+int EVP_EncryptFinal_ex(_EVP_CIPHER_CTX_PTR ctx, unsigned char *out, int *outl) __attribute__((noescape,nocallback)); -+int EVP_DecryptInit_ex(_EVP_CIPHER_CTX_PTR ctx, const _EVP_CIPHER_PTR type, _ENGINE_PTR impl, const unsigned char *key, const unsigned char *iv); -+int EVP_DecryptUpdate(_EVP_CIPHER_CTX_PTR ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) __attribute__((noescape,nocallback)); -+int EVP_DecryptFinal_ex(_EVP_CIPHER_CTX_PTR ctx, unsigned char *outm, int *outl) __attribute__((noescape,nocallback)); -+ -+// EVP_PKEY API -+_EVP_PKEY_PTR EVP_PKEY_new(void); -+_EVP_PKEY_PTR EVP_PKEY_new_raw_private_key(int type, _ENGINE_PTR e, const unsigned char *key, size_t keylen) __attribute__((tag("111"))); -+_EVP_PKEY_PTR EVP_PKEY_new_raw_public_key(int type, _ENGINE_PTR e, const unsigned char *key, size_t keylen) __attribute__((tag("111"))); -+int EVP_PKEY_get_size(const _EVP_PKEY_PTR pkey) __attribute__((tag("3"),tag("legacy_1","EVP_PKEY_size"))); -+int EVP_PKEY_get_bits(const _EVP_PKEY_PTR pkey) __attribute__((tag("3"),tag("legacy_1","EVP_PKEY_bits"))); -+void EVP_PKEY_free(_EVP_PKEY_PTR arg0); -+_RSA_PTR EVP_PKEY_get1_RSA(_EVP_PKEY_PTR pkey) __attribute__((tag("legacy_1"))); -+int EVP_PKEY_assign(_EVP_PKEY_PTR pkey, int type, void *key) __attribute__((tag("legacy_1"))); -+_EC_KEY_PTR EVP_PKEY_get0_EC_KEY(_EVP_PKEY_PTR pkey) __attribute__((tag("legacy_1"))); -+_DSA_PTR EVP_PKEY_get0_DSA(_EVP_PKEY_PTR pkey) __attribute__((tag("legacy_1"))); -+int EVP_PKEY_set1_encoded_public_key(_EVP_PKEY_PTR pkey, const unsigned char *pub, size_t publen) __attribute__((tag("3"))); -+size_t EVP_PKEY_get1_encoded_public_key(_EVP_PKEY_PTR pkey, unsigned char **ppub) __attribute__((tag("3"))); -+int EVP_PKEY_get_bn_param(const _EVP_PKEY_PTR pkey, const char *key_name, _BIGNUM_PTR *bn) __attribute__((tag("3"))); -+int EVP_PKEY_up_ref(_EVP_PKEY_PTR key) __attribute__((tag("3"))); -+int EVP_PKEY_set1_EC_KEY(_EVP_PKEY_PTR pkey, _EC_KEY_PTR key) __attribute__((tag("legacy_1"))); -+int EVP_PKEY_CTX_set0_rsa_oaep_label(_EVP_PKEY_CTX_PTR ctx, void *label, int len) __attribute__((tag("3"))); -+int EVP_PKEY_get_raw_public_key(const _EVP_PKEY_PTR pkey, unsigned char *pub, size_t *len) __attribute__((tag("111"),noescape,nocallback)); -+int EVP_PKEY_get_raw_private_key(const _EVP_PKEY_PTR pkey, unsigned char *priv, size_t *len) __attribute__((tag("111"),noescape,nocallback)); -+int EVP_PKEY_fromdata_init(_EVP_PKEY_CTX_PTR ctx) __attribute__((tag("3"))); -+int EVP_PKEY_fromdata(_EVP_PKEY_CTX_PTR ctx, _EVP_PKEY_PTR *pkey, int selection, _OSSL_PARAM_PTR params) __attribute__((tag("3"))); -+int EVP_PKEY_paramgen_init(_EVP_PKEY_CTX_PTR ctx); -+int EVP_PKEY_paramgen(_EVP_PKEY_CTX_PTR ctx, _EVP_PKEY_PTR *ppkey); -+int EVP_PKEY_keygen_init(_EVP_PKEY_CTX_PTR ctx); -+int EVP_PKEY_keygen(_EVP_PKEY_CTX_PTR ctx, _EVP_PKEY_PTR *ppkey); -+int EVP_PKEY_decrypt(_EVP_PKEY_CTX_PTR arg0, unsigned char *arg1, size_t *arg2, const unsigned char *arg3, size_t arg4); -+int EVP_PKEY_encrypt(_EVP_PKEY_CTX_PTR arg0, unsigned char *arg1, size_t *arg2, const unsigned char *arg3, size_t arg4); -+int EVP_PKEY_decrypt_init(_EVP_PKEY_CTX_PTR arg0); -+int EVP_PKEY_encrypt_init(_EVP_PKEY_CTX_PTR arg0); -+int EVP_PKEY_sign_init(_EVP_PKEY_CTX_PTR arg0); -+int EVP_PKEY_verify_init(_EVP_PKEY_CTX_PTR arg0); -+int EVP_PKEY_sign(_EVP_PKEY_CTX_PTR arg0, unsigned char *arg1, size_t *arg2, const unsigned char *arg3, size_t arg4); -+int EVP_PKEY_verify(_EVP_PKEY_CTX_PTR ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen); -+int EVP_PKEY_derive_init(_EVP_PKEY_CTX_PTR ctx); -+int EVP_PKEY_derive_set_peer(_EVP_PKEY_CTX_PTR ctx, _EVP_PKEY_PTR peer); -+int EVP_PKEY_derive(_EVP_PKEY_CTX_PTR ctx, unsigned char *key, size_t *keylen) __attribute__((noescape,nocallback)); -+int EVP_PKEY_public_check_quick(_EVP_PKEY_CTX_PTR ctx) __attribute__((tag("3"))); -+int EVP_PKEY_private_check(_EVP_PKEY_CTX_PTR ctx) __attribute__((tag("3"))); -+_EVP_PKEY_PTR EVP_PKEY_Q_keygen(_OSSL_LIB_CTX_PTR ctx, const char *propq, const char *type, ...) __attribute__((tag("3"))); -+_EVP_PKEY_PTR EVP_PKEY_Q_keygen_RSA(_OSSL_LIB_CTX_PTR ctx, const char *propq, const char *type, size_t arg1) __attribute__((tag("3"),variadic("EVP_PKEY_Q_keygen"))); -+_EVP_PKEY_PTR EVP_PKEY_Q_keygen_EC(_OSSL_LIB_CTX_PTR ctx, const char *propq, const char *type, const char *arg1) __attribute__((tag("3"),variadic("EVP_PKEY_Q_keygen"))); -+_EVP_PKEY_PTR EVP_PKEY_Q_keygen_ED25519(_OSSL_LIB_CTX_PTR ctx, const char *propq, const char *type) __attribute__((tag("3"),variadic("EVP_PKEY_Q_keygen"))); -+ -+_EVP_PKEY_CTX_PTR EVP_PKEY_CTX_new(_EVP_PKEY_PTR arg0, _ENGINE_PTR arg1); -+_EVP_PKEY_CTX_PTR EVP_PKEY_CTX_new_id(int id, _ENGINE_PTR e); -+_EVP_PKEY_CTX_PTR EVP_PKEY_CTX_new_from_pkey(_OSSL_LIB_CTX_PTR libctx, _EVP_PKEY_PTR pkey, const char *propquery) __attribute__((tag("3"))); -+void EVP_PKEY_CTX_free(_EVP_PKEY_CTX_PTR arg0); -+int EVP_PKEY_CTX_ctrl(_EVP_PKEY_CTX_PTR ctx, int keytype, int optype, int cmd, int p1, void *p2); -+int EVP_PKEY_CTX_set_hkdf_mode(_EVP_PKEY_CTX_PTR arg0, int arg1) __attribute__((tag("3"))); -+int EVP_PKEY_CTX_set_hkdf_md(_EVP_PKEY_CTX_PTR arg0, const _EVP_MD_PTR arg1) __attribute__((tag("3"))); -+int EVP_PKEY_CTX_set1_hkdf_salt(_EVP_PKEY_CTX_PTR arg0, const unsigned char *arg1, int arg2) __attribute__((tag("3"))); -+int EVP_PKEY_CTX_set1_hkdf_key(_EVP_PKEY_CTX_PTR arg0, const unsigned char *arg1, int arg2) __attribute__((tag("3"))); -+int EVP_PKEY_CTX_add1_hkdf_info(_EVP_PKEY_CTX_PTR arg0, const unsigned char *arg1, int arg2) __attribute__((tag("3"))); -+ -+// RSA API -+_RSA_PTR RSA_new(void) __attribute__((tag("legacy_1"))); -+void RSA_free(_RSA_PTR arg0) __attribute__((tag("legacy_1"))); -+void RSA_get0_factors(const _RSA_PTR rsa, const _BIGNUM_PTR *p, const _BIGNUM_PTR *q) __attribute__((tag("legacy_1"),noerror)); -+int RSA_set0_factors(_RSA_PTR rsa, _BIGNUM_PTR p, _BIGNUM_PTR q) __attribute__((tag("legacy_1"))); -+void RSA_get0_crt_params(const _RSA_PTR r, const _BIGNUM_PTR *dmp1, const _BIGNUM_PTR *dmq1, const _BIGNUM_PTR *iqmp) __attribute__((tag("legacy_1"),noerror)); -+int RSA_set0_crt_params(_RSA_PTR rsa, _BIGNUM_PTR dmp1, _BIGNUM_PTR dmp2, _BIGNUM_PTR iqmp) __attribute__((tag("legacy_1"))); -+void RSA_get0_key(const _RSA_PTR rsa, const _BIGNUM_PTR *n, const _BIGNUM_PTR *e, const _BIGNUM_PTR *d) __attribute__((tag("legacy_1"),noerror)); -+int RSA_set0_key(_RSA_PTR r, _BIGNUM_PTR n, _BIGNUM_PTR e, _BIGNUM_PTR d) __attribute__((tag("legacy_1"))); -+ -+// BIGNUM API -+_BIGNUM_PTR BN_new(void); -+void BN_free(_BIGNUM_PTR arg0); -+void BN_clear(_BIGNUM_PTR arg0); -+void BN_clear_free(_BIGNUM_PTR arg0); -+int BN_num_bits(const _BIGNUM_PTR arg0) __attribute__((noerror)); -+_BIGNUM_PTR BN_bin2bn(const unsigned char *arg0, int arg1, _BIGNUM_PTR arg2); -+_BIGNUM_PTR BN_lebin2bn(const unsigned char *s, int len, _BIGNUM_PTR ret); -+int BN_bn2lebinpad(const _BIGNUM_PTR a, unsigned char *to, int tolen) __attribute__((errcond("== -1"))); -+int BN_bn2binpad(const _BIGNUM_PTR a, unsigned char *to, int tolen) __attribute__((errcond("== -1"))); -+ -+// EC API -+int EC_KEY_set_public_key_affine_coordinates(_EC_KEY_PTR key, _BIGNUM_PTR x, _BIGNUM_PTR y) __attribute__((tag("legacy_1"))); -+int EC_KEY_set_public_key(_EC_KEY_PTR key, const _EC_POINT_PTR pub) __attribute__((tag("legacy_1"))); -+void EC_KEY_free(_EC_KEY_PTR arg0) __attribute__((tag("legacy_1"))); -+const _EC_GROUP_PTR EC_KEY_get0_group(const _EC_KEY_PTR arg0) __attribute__((tag("legacy_1"),noerror)); -+const _BIGNUM_PTR EC_KEY_get0_private_key(const _EC_KEY_PTR arg0) __attribute__((tag("legacy_1"),noerror)); -+const _EC_POINT_PTR EC_KEY_get0_public_key(const _EC_KEY_PTR arg0) __attribute__((tag("legacy_1"),noerror)); -+_EC_KEY_PTR EC_KEY_new_by_curve_name(int arg0) __attribute__((tag("legacy_1"))); -+int EC_KEY_set_private_key(_EC_KEY_PTR arg0, const _BIGNUM_PTR arg1) __attribute__((tag("legacy_1"))); -+int EC_KEY_check_key(const _EC_KEY_PTR key) __attribute__((tag("legacy_1"))); -+_EC_POINT_PTR EC_POINT_new(const _EC_GROUP_PTR arg0); -+void EC_POINT_free(_EC_POINT_PTR arg0); -+int EC_POINT_mul(const _EC_GROUP_PTR group, _EC_POINT_PTR r, const _BIGNUM_PTR n, const _EC_POINT_PTR q, const _BIGNUM_PTR m, _BN_CTX_PTR ctx); -+int EC_POINT_get_affine_coordinates_GFp(const _EC_GROUP_PTR arg0, const _EC_POINT_PTR arg1, _BIGNUM_PTR arg2, _BIGNUM_PTR arg3, _BN_CTX_PTR arg4) __attribute__((tag("legacy_1"))); -+int EC_POINT_set_affine_coordinates(const _EC_GROUP_PTR arg0, _EC_POINT_PTR arg1, const _BIGNUM_PTR arg2, const _BIGNUM_PTR arg3, _BN_CTX_PTR arg4) __attribute__((tag("3"))); -+size_t EC_POINT_point2oct(const _EC_GROUP_PTR group, const _EC_POINT_PTR p, point_conversion_form_t form, unsigned char *buf, size_t len, _BN_CTX_PTR ctx); -+int EC_POINT_oct2point(const _EC_GROUP_PTR group, _EC_POINT_PTR p, const unsigned char *buf, size_t len, _BN_CTX_PTR ctx); -+_EC_GROUP_PTR EC_GROUP_new_by_curve_name(int nid); -+void EC_GROUP_free(_EC_GROUP_PTR group); -+ -+// EVP_MAC API -+_EVP_MAC_PTR EVP_MAC_fetch(_OSSL_LIB_CTX_PTR ctx, const char *algorithm, const char *properties) __attribute__((tag("3"))); -+_EVP_MAC_CTX_PTR EVP_MAC_CTX_new(_EVP_MAC_PTR arg0) __attribute__((tag("3"))); -+int EVP_MAC_CTX_set_params(_EVP_MAC_CTX_PTR ctx, const _OSSL_PARAM_PTR params) __attribute__((tag("3"))); -+void EVP_MAC_CTX_free(_EVP_MAC_CTX_PTR arg0) __attribute__((tag("3"))); -+_EVP_MAC_CTX_PTR EVP_MAC_CTX_dup(const _EVP_MAC_CTX_PTR arg0) __attribute__((tag("3"))); -+int EVP_MAC_init(_EVP_MAC_CTX_PTR ctx, const unsigned char *key, size_t keylen, const _OSSL_PARAM_PTR params) __attribute__((tag("3"))); -+int EVP_MAC_update(_EVP_MAC_CTX_PTR ctx, const unsigned char *data, size_t datalen) __attribute__((tag("3"))); -+int EVP_MAC_final(_EVP_MAC_CTX_PTR ctx, unsigned char *out, size_t *outl, size_t outsize) __attribute__((tag("3"))); -+ -+// OSSL_PARAM API -+void OSSL_PARAM_free(_OSSL_PARAM_PTR p) __attribute__((tag("3"))); -+const _OSSL_PARAM_PTR OSSL_PARAM_locate_const(const _OSSL_PARAM_PTR p, const char *key) __attribute__((tag("3"))); -+_OSSL_PARAM_BLD_PTR OSSL_PARAM_BLD_new(void) __attribute__((tag("3"))); -+void OSSL_PARAM_BLD_free(_OSSL_PARAM_BLD_PTR bld) __attribute__((tag("3"))); -+_OSSL_PARAM_PTR OSSL_PARAM_BLD_to_param(_OSSL_PARAM_BLD_PTR bld) __attribute__((tag("3"))); -+int OSSL_PARAM_BLD_push_utf8_string(_OSSL_PARAM_BLD_PTR bld, const char *key, const char *buf, size_t bsize) __attribute__((tag("3"))); -+int OSSL_PARAM_BLD_push_octet_string(_OSSL_PARAM_BLD_PTR bld, const char *key, const void *buf, size_t bsize) __attribute__((tag("3"))); -+int OSSL_PARAM_BLD_push_BN(_OSSL_PARAM_BLD_PTR bld, const char *key, const _BIGNUM_PTR bn) __attribute__((tag("3"))); -+int OSSL_PARAM_BLD_push_int32(_OSSL_PARAM_BLD_PTR bld, const char *key, int32_t num) __attribute__((tag("3"))); -+ -+// EVP_SIGNATURE API -+_EVP_SIGNATURE_PTR EVP_SIGNATURE_fetch(_OSSL_LIB_CTX_PTR ctx, const char *algorithm, const char *properties) __attribute__((tag("3"))); -+void EVP_SIGNATURE_free(_EVP_SIGNATURE_PTR signature) __attribute__((tag("3"))); -+ -+// DSA API -+_DSA_PTR DSA_new(void) __attribute__((tag("legacy_1"))); -+void DSA_free(_DSA_PTR r) __attribute__((tag("legacy_1"))); -+int DSA_generate_key(_DSA_PTR a) __attribute__((tag("legacy_1"))); -+void DSA_get0_pqg(const _DSA_PTR d, const _BIGNUM_PTR *p, const _BIGNUM_PTR *q, const _BIGNUM_PTR *g) __attribute__((tag("legacy_1"))); -+int DSA_set0_pqg(_DSA_PTR d, _BIGNUM_PTR p, _BIGNUM_PTR q, _BIGNUM_PTR g) __attribute__((tag("legacy_1"))); -+void DSA_get0_key(const _DSA_PTR d, const _BIGNUM_PTR *pub_key, const _BIGNUM_PTR *priv_key) __attribute__((tag("legacy_1"))); -+int DSA_set0_key(_DSA_PTR d, _BIGNUM_PTR pub_key, _BIGNUM_PTR priv_key) __attribute__((tag("legacy_1"))); -+ -+// EVP_KDF API -+_EVP_KDF_PTR EVP_KDF_fetch(_OSSL_LIB_CTX_PTR libctx, const char *algorithm, const char *properties) __attribute__((tag("3"))); -+void EVP_KDF_free(_EVP_KDF_PTR kdf) __attribute__((tag("3"))); -+_EVP_KDF_CTX_PTR EVP_KDF_CTX_new(_EVP_KDF_PTR kdf) __attribute__((tag("3"))); -+int EVP_KDF_CTX_set_params(_EVP_KDF_CTX_PTR ctx, const _OSSL_PARAM_PTR params) __attribute__((tag("3"))); -+void EVP_KDF_CTX_free(_EVP_KDF_CTX_PTR ctx) __attribute__((tag("3"))); -+size_t EVP_KDF_CTX_get_kdf_size(_EVP_KDF_CTX_PTR ctx) __attribute__((tag("3"))); -+int EVP_KDF_derive(_EVP_KDF_CTX_PTR ctx, unsigned char *key, size_t keylen, const _OSSL_PARAM_PTR params) __attribute__((tag("3"))); -+int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, const _EVP_MD_PTR digest, int keylen, unsigned char *out); -+ -+// OBJ API -+const char *OBJ_nid2sn(int n) __attribute__((noerror)); -+ -+#endif // _GO_OSSL_SHIMS_H -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/zossl.c b/src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/zossl.c -new file mode 100644 -index 00000000000000..8124dfd70a22e3 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/zossl.c -@@ -0,0 +1,1924 @@ -+// Code generated by mkcgo. DO NOT EDIT. -+ -+#include -+#include -+#include -+#include -+#include "zossl.h" -+ -+#ifdef _WIN32 -+#include -+#define dlsym GetProcAddress -+#else -+#include -+#endif -+ -+_BIGNUM_PTR (*_g_BN_bin2bn)(const unsigned char*, int, _BIGNUM_PTR); -+int (*_g_BN_bn2binpad)(const _BIGNUM_PTR, unsigned char*, int); -+int (*_g_BN_bn2lebinpad)(const _BIGNUM_PTR, unsigned char*, int); -+void (*_g_BN_clear)(_BIGNUM_PTR); -+void (*_g_BN_clear_free)(_BIGNUM_PTR); -+void (*_g_BN_free)(_BIGNUM_PTR); -+_BIGNUM_PTR (*_g_BN_lebin2bn)(const unsigned char*, int, _BIGNUM_PTR); -+_BIGNUM_PTR (*_g_BN_new)(void); -+int (*_g_BN_num_bits)(const _BIGNUM_PTR); -+void (*_g_CRYPTO_free)(void*, const char*, int); -+void* (*_g_CRYPTO_malloc)(size_t, const char*, int); -+void (*_g_DSA_free)(_DSA_PTR); -+int (*_g_DSA_generate_key)(_DSA_PTR); -+void (*_g_DSA_get0_key)(const _DSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*); -+void (*_g_DSA_get0_pqg)(const _DSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); -+_DSA_PTR (*_g_DSA_new)(void); -+int (*_g_DSA_set0_key)(_DSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR); -+int (*_g_DSA_set0_pqg)(_DSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR); -+void (*_g_EC_GROUP_free)(_EC_GROUP_PTR); -+_EC_GROUP_PTR (*_g_EC_GROUP_new_by_curve_name)(int); -+int (*_g_EC_KEY_check_key)(const _EC_KEY_PTR); -+void (*_g_EC_KEY_free)(_EC_KEY_PTR); -+const _EC_GROUP_PTR (*_g_EC_KEY_get0_group)(const _EC_KEY_PTR); -+const _BIGNUM_PTR (*_g_EC_KEY_get0_private_key)(const _EC_KEY_PTR); -+const _EC_POINT_PTR (*_g_EC_KEY_get0_public_key)(const _EC_KEY_PTR); -+_EC_KEY_PTR (*_g_EC_KEY_new_by_curve_name)(int); -+int (*_g_EC_KEY_set_private_key)(_EC_KEY_PTR, const _BIGNUM_PTR); -+int (*_g_EC_KEY_set_public_key)(_EC_KEY_PTR, const _EC_POINT_PTR); -+int (*_g_EC_KEY_set_public_key_affine_coordinates)(_EC_KEY_PTR, _BIGNUM_PTR, _BIGNUM_PTR); -+void (*_g_EC_POINT_free)(_EC_POINT_PTR); -+int (*_g_EC_POINT_get_affine_coordinates_GFp)(const _EC_GROUP_PTR, const _EC_POINT_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BN_CTX_PTR); -+int (*_g_EC_POINT_mul)(const _EC_GROUP_PTR, _EC_POINT_PTR, const _BIGNUM_PTR, const _EC_POINT_PTR, const _BIGNUM_PTR, _BN_CTX_PTR); -+_EC_POINT_PTR (*_g_EC_POINT_new)(const _EC_GROUP_PTR); -+int (*_g_EC_POINT_oct2point)(const _EC_GROUP_PTR, _EC_POINT_PTR, const unsigned char*, size_t, _BN_CTX_PTR); -+size_t (*_g_EC_POINT_point2oct)(const _EC_GROUP_PTR, const _EC_POINT_PTR, point_conversion_form_t, unsigned char*, size_t, _BN_CTX_PTR); -+int (*_g_EC_POINT_set_affine_coordinates)(const _EC_GROUP_PTR, _EC_POINT_PTR, const _BIGNUM_PTR, const _BIGNUM_PTR, _BN_CTX_PTR); -+void (*_g_ERR_clear_error)(void); -+void (*_g_ERR_error_string_n)(unsigned long, char*, size_t); -+unsigned long (*_g_ERR_get_error_all)(const char**, int*, const char**, const char**, int*); -+unsigned long (*_g_ERR_get_error_line)(const char**, int*); -+int (*_g_EVP_CIPHER_CTX_ctrl)(_EVP_CIPHER_CTX_PTR, int, int, void*); -+void (*_g_EVP_CIPHER_CTX_free)(_EVP_CIPHER_CTX_PTR); -+_EVP_CIPHER_CTX_PTR (*_g_EVP_CIPHER_CTX_new)(void); -+int (*_g_EVP_CIPHER_CTX_set_key_length)(_EVP_CIPHER_CTX_PTR, int); -+int (*_g_EVP_CIPHER_CTX_set_padding)(_EVP_CIPHER_CTX_PTR, int); -+_EVP_CIPHER_PTR (*_g_EVP_CIPHER_fetch)(_OSSL_LIB_CTX_PTR, const char*, const char*); -+const char* (*_g_EVP_CIPHER_get0_name)(const _EVP_CIPHER_PTR); -+int (*_g_EVP_CIPHER_get_block_size)(const _EVP_CIPHER_PTR); -+int (*_g_EVP_CipherInit_ex)(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*, int); -+int (*_g_EVP_CipherUpdate)(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int); -+int (*_g_EVP_DecryptFinal_ex)(_EVP_CIPHER_CTX_PTR, unsigned char*, int*); -+int (*_g_EVP_DecryptInit_ex)(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*); -+int (*_g_EVP_DecryptUpdate)(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int); -+int (*_g_EVP_Digest)(const void*, size_t, unsigned char*, unsigned int*, const _EVP_MD_PTR, _ENGINE_PTR); -+int (*_g_EVP_DigestFinal_ex)(_EVP_MD_CTX_PTR, unsigned char*, unsigned int*); -+int (*_g_EVP_DigestInit)(_EVP_MD_CTX_PTR, const _EVP_MD_PTR); -+int (*_g_EVP_DigestInit_ex)(_EVP_MD_CTX_PTR, const _EVP_MD_PTR, _ENGINE_PTR); -+int (*_g_EVP_DigestSign)(_EVP_MD_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t); -+int (*_g_EVP_DigestSignFinal)(_EVP_MD_CTX_PTR, unsigned char*, size_t*); -+int (*_g_EVP_DigestSignInit)(_EVP_MD_CTX_PTR, _EVP_PKEY_CTX_PTR*, const _EVP_MD_PTR, _ENGINE_PTR, _EVP_PKEY_PTR); -+int (*_g_EVP_DigestUpdate)(_EVP_MD_CTX_PTR, const void*, size_t); -+int (*_g_EVP_DigestVerify)(_EVP_MD_CTX_PTR, const unsigned char*, size_t, const unsigned char*, size_t); -+int (*_g_EVP_DigestVerifyFinal)(_EVP_MD_CTX_PTR, const unsigned char*, size_t); -+int (*_g_EVP_DigestVerifyInit)(_EVP_MD_CTX_PTR, _EVP_PKEY_CTX_PTR*, const _EVP_MD_PTR, _ENGINE_PTR, _EVP_PKEY_PTR); -+int (*_g_EVP_EncryptFinal_ex)(_EVP_CIPHER_CTX_PTR, unsigned char*, int*); -+int (*_g_EVP_EncryptInit_ex)(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*); -+int (*_g_EVP_EncryptUpdate)(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int); -+void (*_g_EVP_KDF_CTX_free)(_EVP_KDF_CTX_PTR); -+size_t (*_g_EVP_KDF_CTX_get_kdf_size)(_EVP_KDF_CTX_PTR); -+_EVP_KDF_CTX_PTR (*_g_EVP_KDF_CTX_new)(_EVP_KDF_PTR); -+int (*_g_EVP_KDF_CTX_set_params)(_EVP_KDF_CTX_PTR, const _OSSL_PARAM_PTR); -+int (*_g_EVP_KDF_derive)(_EVP_KDF_CTX_PTR, unsigned char*, size_t, const _OSSL_PARAM_PTR); -+_EVP_KDF_PTR (*_g_EVP_KDF_fetch)(_OSSL_LIB_CTX_PTR, const char*, const char*); -+void (*_g_EVP_KDF_free)(_EVP_KDF_PTR); -+_EVP_MAC_CTX_PTR (*_g_EVP_MAC_CTX_dup)(const _EVP_MAC_CTX_PTR); -+void (*_g_EVP_MAC_CTX_free)(_EVP_MAC_CTX_PTR); -+_EVP_MAC_CTX_PTR (*_g_EVP_MAC_CTX_new)(_EVP_MAC_PTR); -+int (*_g_EVP_MAC_CTX_set_params)(_EVP_MAC_CTX_PTR, const _OSSL_PARAM_PTR); -+_EVP_MAC_PTR (*_g_EVP_MAC_fetch)(_OSSL_LIB_CTX_PTR, const char*, const char*); -+int (*_g_EVP_MAC_final)(_EVP_MAC_CTX_PTR, unsigned char*, size_t*, size_t); -+int (*_g_EVP_MAC_init)(_EVP_MAC_CTX_PTR, const unsigned char*, size_t, const _OSSL_PARAM_PTR); -+int (*_g_EVP_MAC_update)(_EVP_MAC_CTX_PTR, const unsigned char*, size_t); -+int (*_g_EVP_MD_CTX_copy)(_EVP_MD_CTX_PTR, const _EVP_MD_CTX_PTR); -+int (*_g_EVP_MD_CTX_copy_ex)(_EVP_MD_CTX_PTR, const _EVP_MD_CTX_PTR); -+void (*_g_EVP_MD_CTX_free)(_EVP_MD_CTX_PTR); -+int (*_g_EVP_MD_CTX_get_params)(_EVP_MD_CTX_PTR, _OSSL_PARAM_PTR); -+const _OSSL_PARAM_PTR (*_g_EVP_MD_CTX_gettable_params)(_EVP_MD_CTX_PTR); -+_EVP_MD_CTX_PTR (*_g_EVP_MD_CTX_new)(void); -+int (*_g_EVP_MD_CTX_set_params)(_EVP_MD_CTX_PTR, const _OSSL_PARAM_PTR); -+const _OSSL_PARAM_PTR (*_g_EVP_MD_CTX_settable_params)(_EVP_MD_CTX_PTR); -+_EVP_MD_PTR (*_g_EVP_MD_fetch)(_OSSL_LIB_CTX_PTR, const char*, const char*); -+void (*_g_EVP_MD_free)(_EVP_MD_PTR); -+const char* (*_g_EVP_MD_get0_name)(const _EVP_MD_PTR); -+const _OSSL_PROVIDER_PTR (*_g_EVP_MD_get0_provider)(const _EVP_MD_PTR); -+int (*_g_EVP_MD_get_block_size)(const _EVP_MD_PTR); -+int (*_g_EVP_MD_get_size)(const _EVP_MD_PTR); -+int (*_g_EVP_MD_get_type)(const _EVP_MD_PTR); -+int (*_g_EVP_PKEY_CTX_add1_hkdf_info)(_EVP_PKEY_CTX_PTR, const unsigned char*, int); -+int (*_g_EVP_PKEY_CTX_ctrl)(_EVP_PKEY_CTX_PTR, int, int, int, int, void*); -+void (*_g_EVP_PKEY_CTX_free)(_EVP_PKEY_CTX_PTR); -+_EVP_PKEY_CTX_PTR (*_g_EVP_PKEY_CTX_new)(_EVP_PKEY_PTR, _ENGINE_PTR); -+_EVP_PKEY_CTX_PTR (*_g_EVP_PKEY_CTX_new_from_pkey)(_OSSL_LIB_CTX_PTR, _EVP_PKEY_PTR, const char*); -+_EVP_PKEY_CTX_PTR (*_g_EVP_PKEY_CTX_new_id)(int, _ENGINE_PTR); -+int (*_g_EVP_PKEY_CTX_set0_rsa_oaep_label)(_EVP_PKEY_CTX_PTR, void*, int); -+int (*_g_EVP_PKEY_CTX_set1_hkdf_key)(_EVP_PKEY_CTX_PTR, const unsigned char*, int); -+int (*_g_EVP_PKEY_CTX_set1_hkdf_salt)(_EVP_PKEY_CTX_PTR, const unsigned char*, int); -+int (*_g_EVP_PKEY_CTX_set_hkdf_md)(_EVP_PKEY_CTX_PTR, const _EVP_MD_PTR); -+int (*_g_EVP_PKEY_CTX_set_hkdf_mode)(_EVP_PKEY_CTX_PTR, int); -+_EVP_PKEY_PTR (*_g_EVP_PKEY_Q_keygen)(_OSSL_LIB_CTX_PTR, const char*, const char*, ...); -+int (*_g_EVP_PKEY_assign)(_EVP_PKEY_PTR, int, void*); -+int (*_g_EVP_PKEY_decrypt)(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t); -+int (*_g_EVP_PKEY_decrypt_init)(_EVP_PKEY_CTX_PTR); -+int (*_g_EVP_PKEY_derive)(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*); -+int (*_g_EVP_PKEY_derive_init)(_EVP_PKEY_CTX_PTR); -+int (*_g_EVP_PKEY_derive_set_peer)(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR); -+int (*_g_EVP_PKEY_encrypt)(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t); -+int (*_g_EVP_PKEY_encrypt_init)(_EVP_PKEY_CTX_PTR); -+void (*_g_EVP_PKEY_free)(_EVP_PKEY_PTR); -+int (*_g_EVP_PKEY_fromdata)(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*, int, _OSSL_PARAM_PTR); -+int (*_g_EVP_PKEY_fromdata_init)(_EVP_PKEY_CTX_PTR); -+_DSA_PTR (*_g_EVP_PKEY_get0_DSA)(_EVP_PKEY_PTR); -+_EC_KEY_PTR (*_g_EVP_PKEY_get0_EC_KEY)(_EVP_PKEY_PTR); -+_RSA_PTR (*_g_EVP_PKEY_get1_RSA)(_EVP_PKEY_PTR); -+size_t (*_g_EVP_PKEY_get1_encoded_public_key)(_EVP_PKEY_PTR, unsigned char**); -+int (*_g_EVP_PKEY_get_bits)(const _EVP_PKEY_PTR); -+int (*_g_EVP_PKEY_get_bn_param)(const _EVP_PKEY_PTR, const char*, _BIGNUM_PTR*); -+int (*_g_EVP_PKEY_get_raw_private_key)(const _EVP_PKEY_PTR, unsigned char*, size_t*); -+int (*_g_EVP_PKEY_get_raw_public_key)(const _EVP_PKEY_PTR, unsigned char*, size_t*); -+int (*_g_EVP_PKEY_get_size)(const _EVP_PKEY_PTR); -+int (*_g_EVP_PKEY_keygen)(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*); -+int (*_g_EVP_PKEY_keygen_init)(_EVP_PKEY_CTX_PTR); -+_EVP_PKEY_PTR (*_g_EVP_PKEY_new)(void); -+_EVP_PKEY_PTR (*_g_EVP_PKEY_new_raw_private_key)(int, _ENGINE_PTR, const unsigned char*, size_t); -+_EVP_PKEY_PTR (*_g_EVP_PKEY_new_raw_public_key)(int, _ENGINE_PTR, const unsigned char*, size_t); -+int (*_g_EVP_PKEY_paramgen)(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*); -+int (*_g_EVP_PKEY_paramgen_init)(_EVP_PKEY_CTX_PTR); -+int (*_g_EVP_PKEY_private_check)(_EVP_PKEY_CTX_PTR); -+int (*_g_EVP_PKEY_public_check_quick)(_EVP_PKEY_CTX_PTR); -+int (*_g_EVP_PKEY_set1_EC_KEY)(_EVP_PKEY_PTR, _EC_KEY_PTR); -+int (*_g_EVP_PKEY_set1_encoded_public_key)(_EVP_PKEY_PTR, const unsigned char*, size_t); -+int (*_g_EVP_PKEY_sign)(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t); -+int (*_g_EVP_PKEY_sign_init)(_EVP_PKEY_CTX_PTR); -+int (*_g_EVP_PKEY_up_ref)(_EVP_PKEY_PTR); -+int (*_g_EVP_PKEY_verify)(_EVP_PKEY_CTX_PTR, const unsigned char*, size_t, const unsigned char*, size_t); -+int (*_g_EVP_PKEY_verify_init)(_EVP_PKEY_CTX_PTR); -+_EVP_SIGNATURE_PTR (*_g_EVP_SIGNATURE_fetch)(_OSSL_LIB_CTX_PTR, const char*, const char*); -+void (*_g_EVP_SIGNATURE_free)(_EVP_SIGNATURE_PTR); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_128_cbc)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_128_ctr)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_128_ecb)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_128_gcm)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_192_cbc)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_192_ctr)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_192_ecb)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_192_gcm)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_256_cbc)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_256_ctr)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_256_ecb)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_256_gcm)(void); -+int (*_g_EVP_default_properties_enable_fips)(_OSSL_LIB_CTX_PTR, int); -+int (*_g_EVP_default_properties_is_fips_enabled)(_OSSL_LIB_CTX_PTR); -+const _EVP_CIPHER_PTR (*_g_EVP_des_cbc)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_des_ecb)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_des_ede3_cbc)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_des_ede3_ecb)(void); -+const _EVP_MD_PTR (*_g_EVP_md4)(void); -+const _EVP_MD_PTR (*_g_EVP_md5)(void); -+const _EVP_MD_PTR (*_g_EVP_md5_sha1)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_rc4)(void); -+const _EVP_MD_PTR (*_g_EVP_ripemd160)(void); -+const _EVP_MD_PTR (*_g_EVP_sha1)(void); -+const _EVP_MD_PTR (*_g_EVP_sha224)(void); -+const _EVP_MD_PTR (*_g_EVP_sha256)(void); -+const _EVP_MD_PTR (*_g_EVP_sha384)(void); -+const _EVP_MD_PTR (*_g_EVP_sha3_224)(void); -+const _EVP_MD_PTR (*_g_EVP_sha3_256)(void); -+const _EVP_MD_PTR (*_g_EVP_sha3_384)(void); -+const _EVP_MD_PTR (*_g_EVP_sha3_512)(void); -+const _EVP_MD_PTR (*_g_EVP_sha512)(void); -+const _EVP_MD_PTR (*_g_EVP_sha512_224)(void); -+const _EVP_MD_PTR (*_g_EVP_sha512_256)(void); -+int (*_g_FIPS_mode)(void); -+int (*_g_FIPS_mode_set)(int); -+int (*_g_HMAC_CTX_copy)(_HMAC_CTX_PTR, _HMAC_CTX_PTR); -+void (*_g_HMAC_CTX_free)(_HMAC_CTX_PTR); -+_HMAC_CTX_PTR (*_g_HMAC_CTX_new)(void); -+int (*_g_HMAC_Final)(_HMAC_CTX_PTR, unsigned char*, unsigned int*); -+int (*_g_HMAC_Init_ex)(_HMAC_CTX_PTR, const void*, int, const _EVP_MD_PTR, _ENGINE_PTR); -+int (*_g_HMAC_Update)(_HMAC_CTX_PTR, const unsigned char*, size_t); -+const char* (*_g_OBJ_nid2sn)(int); -+void (*_g_OPENSSL_init)(void); -+int (*_g_OPENSSL_init_crypto)(uint64_t, const _OPENSSL_INIT_SETTINGS_PTR); -+unsigned int (*_g_OPENSSL_version_major)(void); -+unsigned int (*_g_OPENSSL_version_minor)(void); -+unsigned int (*_g_OPENSSL_version_patch)(void); -+void (*_g_OSSL_PARAM_BLD_free)(_OSSL_PARAM_BLD_PTR); -+_OSSL_PARAM_BLD_PTR (*_g_OSSL_PARAM_BLD_new)(void); -+int (*_g_OSSL_PARAM_BLD_push_BN)(_OSSL_PARAM_BLD_PTR, const char*, const _BIGNUM_PTR); -+int (*_g_OSSL_PARAM_BLD_push_int32)(_OSSL_PARAM_BLD_PTR, const char*, int32_t); -+int (*_g_OSSL_PARAM_BLD_push_octet_string)(_OSSL_PARAM_BLD_PTR, const char*, const void*, size_t); -+int (*_g_OSSL_PARAM_BLD_push_utf8_string)(_OSSL_PARAM_BLD_PTR, const char*, const char*, size_t); -+_OSSL_PARAM_PTR (*_g_OSSL_PARAM_BLD_to_param)(_OSSL_PARAM_BLD_PTR); -+void (*_g_OSSL_PARAM_free)(_OSSL_PARAM_PTR); -+const _OSSL_PARAM_PTR (*_g_OSSL_PARAM_locate_const)(const _OSSL_PARAM_PTR, const char*); -+int (*_g_OSSL_PROVIDER_available)(_OSSL_LIB_CTX_PTR, const char*); -+const char* (*_g_OSSL_PROVIDER_get0_name)(const _OSSL_PROVIDER_PTR); -+_OSSL_PROVIDER_PTR (*_g_OSSL_PROVIDER_try_load)(_OSSL_LIB_CTX_PTR, const char*, int); -+const char* (*_g_OpenSSL_version)(int); -+unsigned long (*_g_OpenSSL_version_num)(void); -+int (*_g_PKCS5_PBKDF2_HMAC)(const char*, int, const unsigned char*, int, int, const _EVP_MD_PTR, int, unsigned char*); -+int (*_g_RAND_bytes)(unsigned char*, int); -+void (*_g_RSA_free)(_RSA_PTR); -+void (*_g_RSA_get0_crt_params)(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); -+void (*_g_RSA_get0_factors)(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*); -+void (*_g_RSA_get0_key)(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); -+_RSA_PTR (*_g_RSA_new)(void); -+int (*_g_RSA_set0_crt_params)(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR); -+int (*_g_RSA_set0_factors)(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR); -+int (*_g_RSA_set0_key)(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR); -+ -+#define __mkcgo__dlsym_nocheck(varname, funcname) _g_##varname = (typeof(_g_##varname))dlsym(handle, #funcname); -+ -+#define __mkcgo__dlsym(name) __mkcgo__dlsym2(name, name) -+ -+#define __mkcgo__dlsym2(varname, funcname) \ -+ __mkcgo__dlsym_nocheck(varname, funcname) \ -+ if (_g_##varname == NULL) { \ -+ fprintf(stderr, "Cannot get required symbol " #funcname "\n"); \ -+ abort(); \ -+ } -+ -+void __mkcgo_load_(void* handle) { -+ __mkcgo__dlsym(BN_bin2bn) -+ __mkcgo__dlsym(BN_bn2binpad) -+ __mkcgo__dlsym(BN_bn2lebinpad) -+ __mkcgo__dlsym(BN_clear) -+ __mkcgo__dlsym(BN_clear_free) -+ __mkcgo__dlsym(BN_free) -+ __mkcgo__dlsym(BN_lebin2bn) -+ __mkcgo__dlsym(BN_new) -+ __mkcgo__dlsym(BN_num_bits) -+ __mkcgo__dlsym(CRYPTO_free) -+ __mkcgo__dlsym(CRYPTO_malloc) -+ __mkcgo__dlsym(EC_GROUP_free) -+ __mkcgo__dlsym(EC_GROUP_new_by_curve_name) -+ __mkcgo__dlsym(EC_POINT_free) -+ __mkcgo__dlsym(EC_POINT_mul) -+ __mkcgo__dlsym(EC_POINT_new) -+ __mkcgo__dlsym(EC_POINT_oct2point) -+ __mkcgo__dlsym(EC_POINT_point2oct) -+ __mkcgo__dlsym(ERR_clear_error) -+ __mkcgo__dlsym(ERR_error_string_n) -+ __mkcgo__dlsym(EVP_CIPHER_CTX_ctrl) -+ __mkcgo__dlsym(EVP_CIPHER_CTX_free) -+ __mkcgo__dlsym(EVP_CIPHER_CTX_new) -+ __mkcgo__dlsym(EVP_CIPHER_CTX_set_key_length) -+ __mkcgo__dlsym(EVP_CIPHER_CTX_set_padding) -+ __mkcgo__dlsym(EVP_CipherInit_ex) -+ __mkcgo__dlsym(EVP_CipherUpdate) -+ __mkcgo__dlsym(EVP_DecryptFinal_ex) -+ __mkcgo__dlsym(EVP_DecryptInit_ex) -+ __mkcgo__dlsym(EVP_DecryptUpdate) -+ __mkcgo__dlsym(EVP_Digest) -+ __mkcgo__dlsym(EVP_DigestFinal_ex) -+ __mkcgo__dlsym(EVP_DigestInit) -+ __mkcgo__dlsym(EVP_DigestInit_ex) -+ __mkcgo__dlsym(EVP_DigestSignFinal) -+ __mkcgo__dlsym(EVP_DigestSignInit) -+ __mkcgo__dlsym(EVP_DigestUpdate) -+ __mkcgo__dlsym(EVP_DigestVerifyFinal) -+ __mkcgo__dlsym(EVP_DigestVerifyInit) -+ __mkcgo__dlsym(EVP_EncryptFinal_ex) -+ __mkcgo__dlsym(EVP_EncryptInit_ex) -+ __mkcgo__dlsym(EVP_EncryptUpdate) -+ __mkcgo__dlsym(EVP_MD_CTX_copy) -+ __mkcgo__dlsym(EVP_MD_CTX_copy_ex) -+ __mkcgo__dlsym(EVP_MD_CTX_free) -+ __mkcgo__dlsym(EVP_MD_CTX_new) -+ __mkcgo__dlsym(EVP_PKEY_CTX_ctrl) -+ __mkcgo__dlsym(EVP_PKEY_CTX_free) -+ __mkcgo__dlsym(EVP_PKEY_CTX_new) -+ __mkcgo__dlsym(EVP_PKEY_CTX_new_id) -+ __mkcgo__dlsym(EVP_PKEY_decrypt) -+ __mkcgo__dlsym(EVP_PKEY_decrypt_init) -+ __mkcgo__dlsym(EVP_PKEY_derive) -+ __mkcgo__dlsym(EVP_PKEY_derive_init) -+ __mkcgo__dlsym(EVP_PKEY_derive_set_peer) -+ __mkcgo__dlsym(EVP_PKEY_encrypt) -+ __mkcgo__dlsym(EVP_PKEY_encrypt_init) -+ __mkcgo__dlsym(EVP_PKEY_free) -+ __mkcgo__dlsym(EVP_PKEY_keygen) -+ __mkcgo__dlsym(EVP_PKEY_keygen_init) -+ __mkcgo__dlsym(EVP_PKEY_new) -+ __mkcgo__dlsym(EVP_PKEY_paramgen) -+ __mkcgo__dlsym(EVP_PKEY_paramgen_init) -+ __mkcgo__dlsym(EVP_PKEY_sign) -+ __mkcgo__dlsym(EVP_PKEY_sign_init) -+ __mkcgo__dlsym(EVP_PKEY_verify) -+ __mkcgo__dlsym(EVP_PKEY_verify_init) -+ __mkcgo__dlsym(EVP_aes_128_cbc) -+ __mkcgo__dlsym(EVP_aes_128_ctr) -+ __mkcgo__dlsym(EVP_aes_128_ecb) -+ __mkcgo__dlsym(EVP_aes_128_gcm) -+ __mkcgo__dlsym(EVP_aes_192_cbc) -+ __mkcgo__dlsym(EVP_aes_192_ctr) -+ __mkcgo__dlsym(EVP_aes_192_ecb) -+ __mkcgo__dlsym(EVP_aes_192_gcm) -+ __mkcgo__dlsym(EVP_aes_256_cbc) -+ __mkcgo__dlsym(EVP_aes_256_ctr) -+ __mkcgo__dlsym(EVP_aes_256_ecb) -+ __mkcgo__dlsym(EVP_aes_256_gcm) -+ __mkcgo__dlsym(EVP_des_cbc) -+ __mkcgo__dlsym(EVP_des_ecb) -+ __mkcgo__dlsym(EVP_des_ede3_cbc) -+ __mkcgo__dlsym(EVP_des_ede3_ecb) -+ __mkcgo__dlsym(EVP_md4) -+ __mkcgo__dlsym(EVP_md5) -+ __mkcgo__dlsym(EVP_md5_sha1) -+ __mkcgo__dlsym(EVP_rc4) -+ __mkcgo__dlsym(EVP_ripemd160) -+ __mkcgo__dlsym(EVP_sha1) -+ __mkcgo__dlsym(EVP_sha224) -+ __mkcgo__dlsym(EVP_sha256) -+ __mkcgo__dlsym(EVP_sha384) -+ __mkcgo__dlsym(EVP_sha512) -+ __mkcgo__dlsym(OBJ_nid2sn) -+ __mkcgo__dlsym(OPENSSL_init) -+ __mkcgo__dlsym(OPENSSL_init_crypto) -+ __mkcgo__dlsym(OpenSSL_version) -+ __mkcgo__dlsym(PKCS5_PBKDF2_HMAC) -+ __mkcgo__dlsym(RAND_bytes) -+} -+ -+void __mkcgo_unload_() { -+ _g_BN_bin2bn = NULL; -+ _g_BN_bn2binpad = NULL; -+ _g_BN_bn2lebinpad = NULL; -+ _g_BN_clear = NULL; -+ _g_BN_clear_free = NULL; -+ _g_BN_free = NULL; -+ _g_BN_lebin2bn = NULL; -+ _g_BN_new = NULL; -+ _g_BN_num_bits = NULL; -+ _g_CRYPTO_free = NULL; -+ _g_CRYPTO_malloc = NULL; -+ _g_EC_GROUP_free = NULL; -+ _g_EC_GROUP_new_by_curve_name = NULL; -+ _g_EC_POINT_free = NULL; -+ _g_EC_POINT_mul = NULL; -+ _g_EC_POINT_new = NULL; -+ _g_EC_POINT_oct2point = NULL; -+ _g_EC_POINT_point2oct = NULL; -+ _g_ERR_clear_error = NULL; -+ _g_ERR_error_string_n = NULL; -+ _g_EVP_CIPHER_CTX_ctrl = NULL; -+ _g_EVP_CIPHER_CTX_free = NULL; -+ _g_EVP_CIPHER_CTX_new = NULL; -+ _g_EVP_CIPHER_CTX_set_key_length = NULL; -+ _g_EVP_CIPHER_CTX_set_padding = NULL; -+ _g_EVP_CipherInit_ex = NULL; -+ _g_EVP_CipherUpdate = NULL; -+ _g_EVP_DecryptFinal_ex = NULL; -+ _g_EVP_DecryptInit_ex = NULL; -+ _g_EVP_DecryptUpdate = NULL; -+ _g_EVP_Digest = NULL; -+ _g_EVP_DigestFinal_ex = NULL; -+ _g_EVP_DigestInit = NULL; -+ _g_EVP_DigestInit_ex = NULL; -+ _g_EVP_DigestSignFinal = NULL; -+ _g_EVP_DigestSignInit = NULL; -+ _g_EVP_DigestUpdate = NULL; -+ _g_EVP_DigestVerifyFinal = NULL; -+ _g_EVP_DigestVerifyInit = NULL; -+ _g_EVP_EncryptFinal_ex = NULL; -+ _g_EVP_EncryptInit_ex = NULL; -+ _g_EVP_EncryptUpdate = NULL; -+ _g_EVP_MD_CTX_copy = NULL; -+ _g_EVP_MD_CTX_copy_ex = NULL; -+ _g_EVP_MD_CTX_free = NULL; -+ _g_EVP_MD_CTX_new = NULL; -+ _g_EVP_PKEY_CTX_ctrl = NULL; -+ _g_EVP_PKEY_CTX_free = NULL; -+ _g_EVP_PKEY_CTX_new = NULL; -+ _g_EVP_PKEY_CTX_new_id = NULL; -+ _g_EVP_PKEY_decrypt = NULL; -+ _g_EVP_PKEY_decrypt_init = NULL; -+ _g_EVP_PKEY_derive = NULL; -+ _g_EVP_PKEY_derive_init = NULL; -+ _g_EVP_PKEY_derive_set_peer = NULL; -+ _g_EVP_PKEY_encrypt = NULL; -+ _g_EVP_PKEY_encrypt_init = NULL; -+ _g_EVP_PKEY_free = NULL; -+ _g_EVP_PKEY_keygen = NULL; -+ _g_EVP_PKEY_keygen_init = NULL; -+ _g_EVP_PKEY_new = NULL; -+ _g_EVP_PKEY_paramgen = NULL; -+ _g_EVP_PKEY_paramgen_init = NULL; -+ _g_EVP_PKEY_sign = NULL; -+ _g_EVP_PKEY_sign_init = NULL; -+ _g_EVP_PKEY_verify = NULL; -+ _g_EVP_PKEY_verify_init = NULL; -+ _g_EVP_aes_128_cbc = NULL; -+ _g_EVP_aes_128_ctr = NULL; -+ _g_EVP_aes_128_ecb = NULL; -+ _g_EVP_aes_128_gcm = NULL; -+ _g_EVP_aes_192_cbc = NULL; -+ _g_EVP_aes_192_ctr = NULL; -+ _g_EVP_aes_192_ecb = NULL; -+ _g_EVP_aes_192_gcm = NULL; -+ _g_EVP_aes_256_cbc = NULL; -+ _g_EVP_aes_256_ctr = NULL; -+ _g_EVP_aes_256_ecb = NULL; -+ _g_EVP_aes_256_gcm = NULL; -+ _g_EVP_des_cbc = NULL; -+ _g_EVP_des_ecb = NULL; -+ _g_EVP_des_ede3_cbc = NULL; -+ _g_EVP_des_ede3_ecb = NULL; -+ _g_EVP_md4 = NULL; -+ _g_EVP_md5 = NULL; -+ _g_EVP_md5_sha1 = NULL; -+ _g_EVP_rc4 = NULL; -+ _g_EVP_ripemd160 = NULL; -+ _g_EVP_sha1 = NULL; -+ _g_EVP_sha224 = NULL; -+ _g_EVP_sha256 = NULL; -+ _g_EVP_sha384 = NULL; -+ _g_EVP_sha512 = NULL; -+ _g_OBJ_nid2sn = NULL; -+ _g_OPENSSL_init = NULL; -+ _g_OPENSSL_init_crypto = NULL; -+ _g_OpenSSL_version = NULL; -+ _g_PKCS5_PBKDF2_HMAC = NULL; -+ _g_RAND_bytes = NULL; -+} -+ -+void __mkcgo_load_111(void* handle) { -+ __mkcgo__dlsym(EVP_DigestSign) -+ __mkcgo__dlsym(EVP_DigestVerify) -+ __mkcgo__dlsym(EVP_PKEY_get_raw_private_key) -+ __mkcgo__dlsym(EVP_PKEY_get_raw_public_key) -+ __mkcgo__dlsym(EVP_PKEY_new_raw_private_key) -+ __mkcgo__dlsym(EVP_PKEY_new_raw_public_key) -+ __mkcgo__dlsym(EVP_sha3_224) -+ __mkcgo__dlsym(EVP_sha3_256) -+ __mkcgo__dlsym(EVP_sha3_384) -+ __mkcgo__dlsym(EVP_sha3_512) -+ __mkcgo__dlsym(EVP_sha512_224) -+ __mkcgo__dlsym(EVP_sha512_256) -+} -+ -+void __mkcgo_unload_111() { -+ _g_EVP_DigestSign = NULL; -+ _g_EVP_DigestVerify = NULL; -+ _g_EVP_PKEY_get_raw_private_key = NULL; -+ _g_EVP_PKEY_get_raw_public_key = NULL; -+ _g_EVP_PKEY_new_raw_private_key = NULL; -+ _g_EVP_PKEY_new_raw_public_key = NULL; -+ _g_EVP_sha3_224 = NULL; -+ _g_EVP_sha3_256 = NULL; -+ _g_EVP_sha3_384 = NULL; -+ _g_EVP_sha3_512 = NULL; -+ _g_EVP_sha512_224 = NULL; -+ _g_EVP_sha512_256 = NULL; -+} -+ -+void __mkcgo_load_3(void* handle) { -+ __mkcgo__dlsym(EC_POINT_set_affine_coordinates) -+ __mkcgo__dlsym(ERR_get_error_all) -+ __mkcgo__dlsym(EVP_CIPHER_fetch) -+ __mkcgo__dlsym(EVP_CIPHER_get0_name) -+ __mkcgo__dlsym(EVP_CIPHER_get_block_size) -+ __mkcgo__dlsym(EVP_KDF_CTX_free) -+ __mkcgo__dlsym(EVP_KDF_CTX_get_kdf_size) -+ __mkcgo__dlsym(EVP_KDF_CTX_new) -+ __mkcgo__dlsym(EVP_KDF_CTX_set_params) -+ __mkcgo__dlsym(EVP_KDF_derive) -+ __mkcgo__dlsym(EVP_KDF_fetch) -+ __mkcgo__dlsym(EVP_KDF_free) -+ __mkcgo__dlsym(EVP_MAC_CTX_dup) -+ __mkcgo__dlsym(EVP_MAC_CTX_free) -+ __mkcgo__dlsym(EVP_MAC_CTX_new) -+ __mkcgo__dlsym(EVP_MAC_CTX_set_params) -+ __mkcgo__dlsym(EVP_MAC_fetch) -+ __mkcgo__dlsym(EVP_MAC_final) -+ __mkcgo__dlsym(EVP_MAC_init) -+ __mkcgo__dlsym(EVP_MAC_update) -+ __mkcgo__dlsym(EVP_MD_CTX_get_params) -+ __mkcgo__dlsym(EVP_MD_CTX_gettable_params) -+ __mkcgo__dlsym(EVP_MD_CTX_set_params) -+ __mkcgo__dlsym(EVP_MD_CTX_settable_params) -+ __mkcgo__dlsym(EVP_MD_fetch) -+ __mkcgo__dlsym(EVP_MD_free) -+ __mkcgo__dlsym(EVP_MD_get0_name) -+ __mkcgo__dlsym(EVP_MD_get0_provider) -+ __mkcgo__dlsym(EVP_MD_get_block_size) -+ __mkcgo__dlsym(EVP_MD_get_size) -+ __mkcgo__dlsym(EVP_MD_get_type) -+ __mkcgo__dlsym(EVP_PKEY_CTX_add1_hkdf_info) -+ __mkcgo__dlsym(EVP_PKEY_CTX_new_from_pkey) -+ __mkcgo__dlsym(EVP_PKEY_CTX_set0_rsa_oaep_label) -+ __mkcgo__dlsym(EVP_PKEY_CTX_set1_hkdf_key) -+ __mkcgo__dlsym(EVP_PKEY_CTX_set1_hkdf_salt) -+ __mkcgo__dlsym(EVP_PKEY_CTX_set_hkdf_md) -+ __mkcgo__dlsym(EVP_PKEY_CTX_set_hkdf_mode) -+ __mkcgo__dlsym(EVP_PKEY_Q_keygen) -+ __mkcgo__dlsym(EVP_PKEY_fromdata) -+ __mkcgo__dlsym(EVP_PKEY_fromdata_init) -+ __mkcgo__dlsym(EVP_PKEY_get1_encoded_public_key) -+ __mkcgo__dlsym(EVP_PKEY_get_bits) -+ __mkcgo__dlsym(EVP_PKEY_get_bn_param) -+ __mkcgo__dlsym(EVP_PKEY_get_size) -+ __mkcgo__dlsym(EVP_PKEY_private_check) -+ __mkcgo__dlsym(EVP_PKEY_public_check_quick) -+ __mkcgo__dlsym(EVP_PKEY_set1_encoded_public_key) -+ __mkcgo__dlsym(EVP_PKEY_up_ref) -+ __mkcgo__dlsym(EVP_SIGNATURE_fetch) -+ __mkcgo__dlsym(EVP_SIGNATURE_free) -+ __mkcgo__dlsym(EVP_default_properties_enable_fips) -+ __mkcgo__dlsym(EVP_default_properties_is_fips_enabled) -+ __mkcgo__dlsym(OSSL_PARAM_BLD_free) -+ __mkcgo__dlsym(OSSL_PARAM_BLD_new) -+ __mkcgo__dlsym(OSSL_PARAM_BLD_push_BN) -+ __mkcgo__dlsym(OSSL_PARAM_BLD_push_int32) -+ __mkcgo__dlsym(OSSL_PARAM_BLD_push_octet_string) -+ __mkcgo__dlsym(OSSL_PARAM_BLD_push_utf8_string) -+ __mkcgo__dlsym(OSSL_PARAM_BLD_to_param) -+ __mkcgo__dlsym(OSSL_PARAM_free) -+ __mkcgo__dlsym(OSSL_PARAM_locate_const) -+ __mkcgo__dlsym(OSSL_PROVIDER_available) -+ __mkcgo__dlsym(OSSL_PROVIDER_get0_name) -+ __mkcgo__dlsym(OSSL_PROVIDER_try_load) -+} -+ -+void __mkcgo_unload_3() { -+ _g_EC_POINT_set_affine_coordinates = NULL; -+ _g_ERR_get_error_all = NULL; -+ _g_EVP_CIPHER_fetch = NULL; -+ _g_EVP_CIPHER_get0_name = NULL; -+ _g_EVP_CIPHER_get_block_size = NULL; -+ _g_EVP_KDF_CTX_free = NULL; -+ _g_EVP_KDF_CTX_get_kdf_size = NULL; -+ _g_EVP_KDF_CTX_new = NULL; -+ _g_EVP_KDF_CTX_set_params = NULL; -+ _g_EVP_KDF_derive = NULL; -+ _g_EVP_KDF_fetch = NULL; -+ _g_EVP_KDF_free = NULL; -+ _g_EVP_MAC_CTX_dup = NULL; -+ _g_EVP_MAC_CTX_free = NULL; -+ _g_EVP_MAC_CTX_new = NULL; -+ _g_EVP_MAC_CTX_set_params = NULL; -+ _g_EVP_MAC_fetch = NULL; -+ _g_EVP_MAC_final = NULL; -+ _g_EVP_MAC_init = NULL; -+ _g_EVP_MAC_update = NULL; -+ _g_EVP_MD_CTX_get_params = NULL; -+ _g_EVP_MD_CTX_gettable_params = NULL; -+ _g_EVP_MD_CTX_set_params = NULL; -+ _g_EVP_MD_CTX_settable_params = NULL; -+ _g_EVP_MD_fetch = NULL; -+ _g_EVP_MD_free = NULL; -+ _g_EVP_MD_get0_name = NULL; -+ _g_EVP_MD_get0_provider = NULL; -+ _g_EVP_MD_get_block_size = NULL; -+ _g_EVP_MD_get_size = NULL; -+ _g_EVP_MD_get_type = NULL; -+ _g_EVP_PKEY_CTX_add1_hkdf_info = NULL; -+ _g_EVP_PKEY_CTX_new_from_pkey = NULL; -+ _g_EVP_PKEY_CTX_set0_rsa_oaep_label = NULL; -+ _g_EVP_PKEY_CTX_set1_hkdf_key = NULL; -+ _g_EVP_PKEY_CTX_set1_hkdf_salt = NULL; -+ _g_EVP_PKEY_CTX_set_hkdf_md = NULL; -+ _g_EVP_PKEY_CTX_set_hkdf_mode = NULL; -+ _g_EVP_PKEY_Q_keygen = NULL; -+ _g_EVP_PKEY_fromdata = NULL; -+ _g_EVP_PKEY_fromdata_init = NULL; -+ _g_EVP_PKEY_get1_encoded_public_key = NULL; -+ _g_EVP_PKEY_get_bits = NULL; -+ _g_EVP_PKEY_get_bn_param = NULL; -+ _g_EVP_PKEY_get_size = NULL; -+ _g_EVP_PKEY_private_check = NULL; -+ _g_EVP_PKEY_public_check_quick = NULL; -+ _g_EVP_PKEY_set1_encoded_public_key = NULL; -+ _g_EVP_PKEY_up_ref = NULL; -+ _g_EVP_SIGNATURE_fetch = NULL; -+ _g_EVP_SIGNATURE_free = NULL; -+ _g_EVP_default_properties_enable_fips = NULL; -+ _g_EVP_default_properties_is_fips_enabled = NULL; -+ _g_OSSL_PARAM_BLD_free = NULL; -+ _g_OSSL_PARAM_BLD_new = NULL; -+ _g_OSSL_PARAM_BLD_push_BN = NULL; -+ _g_OSSL_PARAM_BLD_push_int32 = NULL; -+ _g_OSSL_PARAM_BLD_push_octet_string = NULL; -+ _g_OSSL_PARAM_BLD_push_utf8_string = NULL; -+ _g_OSSL_PARAM_BLD_to_param = NULL; -+ _g_OSSL_PARAM_free = NULL; -+ _g_OSSL_PARAM_locate_const = NULL; -+ _g_OSSL_PROVIDER_available = NULL; -+ _g_OSSL_PROVIDER_get0_name = NULL; -+ _g_OSSL_PROVIDER_try_load = NULL; -+} -+ -+void __mkcgo_load_init_1(void* handle) { -+ __mkcgo__dlsym(FIPS_mode) -+ __mkcgo__dlsym(FIPS_mode_set) -+} -+ -+void __mkcgo_unload_init_1() { -+ _g_FIPS_mode = NULL; -+ _g_FIPS_mode_set = NULL; -+} -+ -+void __mkcgo_load_init_3(void* handle) { -+ __mkcgo__dlsym(ERR_clear_error) -+ __mkcgo__dlsym(EVP_MD_fetch) -+ __mkcgo__dlsym(EVP_MD_free) -+ __mkcgo__dlsym(EVP_MD_get0_provider) -+ __mkcgo__dlsym(EVP_default_properties_is_fips_enabled) -+} -+ -+void __mkcgo_unload_init_3() { -+ _g_ERR_clear_error = NULL; -+ _g_EVP_MD_fetch = NULL; -+ _g_EVP_MD_free = NULL; -+ _g_EVP_MD_get0_provider = NULL; -+ _g_EVP_default_properties_is_fips_enabled = NULL; -+} -+ -+void __mkcgo_load_legacy_1(void* handle) { -+ __mkcgo__dlsym(DSA_free) -+ __mkcgo__dlsym(DSA_generate_key) -+ __mkcgo__dlsym(DSA_get0_key) -+ __mkcgo__dlsym(DSA_get0_pqg) -+ __mkcgo__dlsym(DSA_new) -+ __mkcgo__dlsym(DSA_set0_key) -+ __mkcgo__dlsym(DSA_set0_pqg) -+ __mkcgo__dlsym(EC_KEY_check_key) -+ __mkcgo__dlsym(EC_KEY_free) -+ __mkcgo__dlsym(EC_KEY_get0_group) -+ __mkcgo__dlsym(EC_KEY_get0_private_key) -+ __mkcgo__dlsym(EC_KEY_get0_public_key) -+ __mkcgo__dlsym(EC_KEY_new_by_curve_name) -+ __mkcgo__dlsym(EC_KEY_set_private_key) -+ __mkcgo__dlsym(EC_KEY_set_public_key) -+ __mkcgo__dlsym(EC_KEY_set_public_key_affine_coordinates) -+ __mkcgo__dlsym(EC_POINT_get_affine_coordinates_GFp) -+ __mkcgo__dlsym(ERR_get_error_line) -+ __mkcgo__dlsym2(EVP_CIPHER_get_block_size, EVP_CIPHER_block_size) -+ __mkcgo__dlsym2(EVP_MD_get_block_size, EVP_MD_block_size) -+ __mkcgo__dlsym2(EVP_MD_get_size, EVP_MD_size) -+ __mkcgo__dlsym(EVP_PKEY_assign) -+ __mkcgo__dlsym(EVP_PKEY_get0_DSA) -+ __mkcgo__dlsym(EVP_PKEY_get0_EC_KEY) -+ __mkcgo__dlsym(EVP_PKEY_get1_RSA) -+ __mkcgo__dlsym2(EVP_PKEY_get_bits, EVP_PKEY_bits) -+ __mkcgo__dlsym2(EVP_PKEY_get_size, EVP_PKEY_size) -+ __mkcgo__dlsym(EVP_PKEY_set1_EC_KEY) -+ __mkcgo__dlsym(FIPS_mode) -+ __mkcgo__dlsym(FIPS_mode_set) -+ __mkcgo__dlsym(HMAC_CTX_copy) -+ __mkcgo__dlsym(HMAC_CTX_free) -+ __mkcgo__dlsym(HMAC_CTX_new) -+ __mkcgo__dlsym(HMAC_Final) -+ __mkcgo__dlsym(HMAC_Init_ex) -+ __mkcgo__dlsym(HMAC_Update) -+ __mkcgo__dlsym(RSA_free) -+ __mkcgo__dlsym(RSA_get0_crt_params) -+ __mkcgo__dlsym(RSA_get0_factors) -+ __mkcgo__dlsym(RSA_get0_key) -+ __mkcgo__dlsym(RSA_new) -+ __mkcgo__dlsym(RSA_set0_crt_params) -+ __mkcgo__dlsym(RSA_set0_factors) -+ __mkcgo__dlsym(RSA_set0_key) -+} -+ -+void __mkcgo_unload_legacy_1() { -+ _g_DSA_free = NULL; -+ _g_DSA_generate_key = NULL; -+ _g_DSA_get0_key = NULL; -+ _g_DSA_get0_pqg = NULL; -+ _g_DSA_new = NULL; -+ _g_DSA_set0_key = NULL; -+ _g_DSA_set0_pqg = NULL; -+ _g_EC_KEY_check_key = NULL; -+ _g_EC_KEY_free = NULL; -+ _g_EC_KEY_get0_group = NULL; -+ _g_EC_KEY_get0_private_key = NULL; -+ _g_EC_KEY_get0_public_key = NULL; -+ _g_EC_KEY_new_by_curve_name = NULL; -+ _g_EC_KEY_set_private_key = NULL; -+ _g_EC_KEY_set_public_key = NULL; -+ _g_EC_KEY_set_public_key_affine_coordinates = NULL; -+ _g_EC_POINT_get_affine_coordinates_GFp = NULL; -+ _g_ERR_get_error_line = NULL; -+ _g_EVP_CIPHER_get_block_size = NULL; -+ _g_EVP_MD_get_block_size = NULL; -+ _g_EVP_MD_get_size = NULL; -+ _g_EVP_PKEY_assign = NULL; -+ _g_EVP_PKEY_get0_DSA = NULL; -+ _g_EVP_PKEY_get0_EC_KEY = NULL; -+ _g_EVP_PKEY_get1_RSA = NULL; -+ _g_EVP_PKEY_get_bits = NULL; -+ _g_EVP_PKEY_get_size = NULL; -+ _g_EVP_PKEY_set1_EC_KEY = NULL; -+ _g_FIPS_mode = NULL; -+ _g_FIPS_mode_set = NULL; -+ _g_HMAC_CTX_copy = NULL; -+ _g_HMAC_CTX_free = NULL; -+ _g_HMAC_CTX_new = NULL; -+ _g_HMAC_Final = NULL; -+ _g_HMAC_Init_ex = NULL; -+ _g_HMAC_Update = NULL; -+ _g_RSA_free = NULL; -+ _g_RSA_get0_crt_params = NULL; -+ _g_RSA_get0_factors = NULL; -+ _g_RSA_get0_key = NULL; -+ _g_RSA_new = NULL; -+ _g_RSA_set0_crt_params = NULL; -+ _g_RSA_set0_factors = NULL; -+ _g_RSA_set0_key = NULL; -+} -+ -+void __mkcgo_load_version(void* handle) { -+ __mkcgo__dlsym_nocheck(OPENSSL_version_major, OPENSSL_version_major) -+ __mkcgo__dlsym_nocheck(OPENSSL_version_minor, OPENSSL_version_minor) -+ __mkcgo__dlsym_nocheck(OPENSSL_version_patch, OPENSSL_version_patch) -+ __mkcgo__dlsym_nocheck(OpenSSL_version_num, OpenSSL_version_num) -+} -+ -+void __mkcgo_unload_version() { -+ _g_OPENSSL_version_major = NULL; -+ _g_OPENSSL_version_minor = NULL; -+ _g_OPENSSL_version_patch = NULL; -+ _g_OpenSSL_version_num = NULL; -+} -+ -+_BIGNUM_PTR _mkcgo_BN_bin2bn(const unsigned char* _arg0, int _arg1, _BIGNUM_PTR _arg2, mkcgo_err_state *_err_state) { -+ _BIGNUM_PTR _ret = _g_BN_bin2bn(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_BN_bn2binpad(const _BIGNUM_PTR _arg0, unsigned char* _arg1, int _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_BN_bn2binpad(_arg0, _arg1, _arg2); -+ if (_ret == -1) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_BN_bn2lebinpad(const _BIGNUM_PTR _arg0, unsigned char* _arg1, int _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_BN_bn2lebinpad(_arg0, _arg1, _arg2); -+ if (_ret == -1) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_BN_clear(_BIGNUM_PTR _arg0) { -+ _g_BN_clear(_arg0); -+} -+ -+void _mkcgo_BN_clear_free(_BIGNUM_PTR _arg0) { -+ _g_BN_clear_free(_arg0); -+} -+ -+void _mkcgo_BN_free(_BIGNUM_PTR _arg0) { -+ _g_BN_free(_arg0); -+} -+ -+_BIGNUM_PTR _mkcgo_BN_lebin2bn(const unsigned char* _arg0, int _arg1, _BIGNUM_PTR _arg2, mkcgo_err_state *_err_state) { -+ _BIGNUM_PTR _ret = _g_BN_lebin2bn(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_BIGNUM_PTR _mkcgo_BN_new(mkcgo_err_state *_err_state) { -+ _BIGNUM_PTR _ret = _g_BN_new(); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_BN_num_bits(const _BIGNUM_PTR _arg0) { -+ return _g_BN_num_bits(_arg0); -+} -+ -+void _mkcgo_CRYPTO_free(void* _arg0, const char* _arg1, int _arg2) { -+ _g_CRYPTO_free(_arg0, _arg1, _arg2); -+} -+ -+void* _mkcgo_CRYPTO_malloc(size_t _arg0, const char* _arg1, int _arg2, mkcgo_err_state *_err_state) { -+ void* _ret = _g_CRYPTO_malloc(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_DSA_free(_DSA_PTR _arg0) { -+ _g_DSA_free(_arg0); -+} -+ -+int _mkcgo_DSA_generate_key(_DSA_PTR _arg0, mkcgo_err_state *_err_state) { -+ int _ret = _g_DSA_generate_key(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_DSA_get0_key(const _DSA_PTR _arg0, const _BIGNUM_PTR* _arg1, const _BIGNUM_PTR* _arg2) { -+ _g_DSA_get0_key(_arg0, _arg1, _arg2); -+} -+ -+void _mkcgo_DSA_get0_pqg(const _DSA_PTR _arg0, const _BIGNUM_PTR* _arg1, const _BIGNUM_PTR* _arg2, const _BIGNUM_PTR* _arg3) { -+ _g_DSA_get0_pqg(_arg0, _arg1, _arg2, _arg3); -+} -+ -+_DSA_PTR _mkcgo_DSA_new(mkcgo_err_state *_err_state) { -+ _DSA_PTR _ret = _g_DSA_new(); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_DSA_set0_key(_DSA_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_DSA_set0_key(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_DSA_set0_pqg(_DSA_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, _BIGNUM_PTR _arg3, mkcgo_err_state *_err_state) { -+ int _ret = _g_DSA_set0_pqg(_arg0, _arg1, _arg2, _arg3); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EC_GROUP_free(_EC_GROUP_PTR _arg0) { -+ _g_EC_GROUP_free(_arg0); -+} -+ -+_EC_GROUP_PTR _mkcgo_EC_GROUP_new_by_curve_name(int _arg0, mkcgo_err_state *_err_state) { -+ _EC_GROUP_PTR _ret = _g_EC_GROUP_new_by_curve_name(_arg0); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EC_KEY_check_key(const _EC_KEY_PTR _arg0, mkcgo_err_state *_err_state) { -+ int _ret = _g_EC_KEY_check_key(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EC_KEY_free(_EC_KEY_PTR _arg0) { -+ _g_EC_KEY_free(_arg0); -+} -+ -+const _EC_GROUP_PTR _mkcgo_EC_KEY_get0_group(const _EC_KEY_PTR _arg0) { -+ return _g_EC_KEY_get0_group(_arg0); -+} -+ -+const _BIGNUM_PTR _mkcgo_EC_KEY_get0_private_key(const _EC_KEY_PTR _arg0) { -+ return _g_EC_KEY_get0_private_key(_arg0); -+} -+ -+const _EC_POINT_PTR _mkcgo_EC_KEY_get0_public_key(const _EC_KEY_PTR _arg0) { -+ return _g_EC_KEY_get0_public_key(_arg0); -+} -+ -+_EC_KEY_PTR _mkcgo_EC_KEY_new_by_curve_name(int _arg0, mkcgo_err_state *_err_state) { -+ _EC_KEY_PTR _ret = _g_EC_KEY_new_by_curve_name(_arg0); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EC_KEY_set_private_key(_EC_KEY_PTR _arg0, const _BIGNUM_PTR _arg1, mkcgo_err_state *_err_state) { -+ int _ret = _g_EC_KEY_set_private_key(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EC_KEY_set_public_key(_EC_KEY_PTR _arg0, const _EC_POINT_PTR _arg1, mkcgo_err_state *_err_state) { -+ int _ret = _g_EC_KEY_set_public_key(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EC_KEY_set_public_key_affine_coordinates(_EC_KEY_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_EC_KEY_set_public_key_affine_coordinates(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EC_POINT_free(_EC_POINT_PTR _arg0) { -+ _g_EC_POINT_free(_arg0); -+} -+ -+int _mkcgo_EC_POINT_get_affine_coordinates_GFp(const _EC_GROUP_PTR _arg0, const _EC_POINT_PTR _arg1, _BIGNUM_PTR _arg2, _BIGNUM_PTR _arg3, _BN_CTX_PTR _arg4, mkcgo_err_state *_err_state) { -+ int _ret = _g_EC_POINT_get_affine_coordinates_GFp(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EC_POINT_mul(const _EC_GROUP_PTR _arg0, _EC_POINT_PTR _arg1, const _BIGNUM_PTR _arg2, const _EC_POINT_PTR _arg3, const _BIGNUM_PTR _arg4, _BN_CTX_PTR _arg5, mkcgo_err_state *_err_state) { -+ int _ret = _g_EC_POINT_mul(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EC_POINT_PTR _mkcgo_EC_POINT_new(const _EC_GROUP_PTR _arg0, mkcgo_err_state *_err_state) { -+ _EC_POINT_PTR _ret = _g_EC_POINT_new(_arg0); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EC_POINT_oct2point(const _EC_GROUP_PTR _arg0, _EC_POINT_PTR _arg1, const unsigned char* _arg2, size_t _arg3, _BN_CTX_PTR _arg4, mkcgo_err_state *_err_state) { -+ int _ret = _g_EC_POINT_oct2point(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+size_t _mkcgo_EC_POINT_point2oct(const _EC_GROUP_PTR _arg0, const _EC_POINT_PTR _arg1, point_conversion_form_t _arg2, unsigned char* _arg3, size_t _arg4, _BN_CTX_PTR _arg5, mkcgo_err_state *_err_state) { -+ size_t _ret = _g_EC_POINT_point2oct(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EC_POINT_set_affine_coordinates(const _EC_GROUP_PTR _arg0, _EC_POINT_PTR _arg1, const _BIGNUM_PTR _arg2, const _BIGNUM_PTR _arg3, _BN_CTX_PTR _arg4, mkcgo_err_state *_err_state) { -+ int _ret = _g_EC_POINT_set_affine_coordinates(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_ERR_clear_error(void) { -+ _g_ERR_clear_error(); -+} -+ -+void _mkcgo_ERR_error_string_n(unsigned long _arg0, char* _arg1, size_t _arg2) { -+ _g_ERR_error_string_n(_arg0, _arg1, _arg2); -+} -+ -+unsigned long _mkcgo_ERR_get_error_all(const char** _arg0, int* _arg1, const char** _arg2, const char** _arg3, int* _arg4) { -+ return _g_ERR_get_error_all(_arg0, _arg1, _arg2, _arg3, _arg4); -+} -+ -+unsigned long _mkcgo_ERR_get_error_line(const char** _arg0, int* _arg1) { -+ return _g_ERR_get_error_line(_arg0, _arg1); -+} -+ -+int _mkcgo_EVP_CIPHER_CTX_ctrl(_EVP_CIPHER_CTX_PTR _arg0, int _arg1, int _arg2, void* _arg3, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_CIPHER_CTX_ctrl(_arg0, _arg1, _arg2, _arg3); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EVP_CIPHER_CTX_free(_EVP_CIPHER_CTX_PTR _arg0) { -+ _g_EVP_CIPHER_CTX_free(_arg0); -+} -+ -+_EVP_CIPHER_CTX_PTR _mkcgo_EVP_CIPHER_CTX_new(mkcgo_err_state *_err_state) { -+ _EVP_CIPHER_CTX_PTR _ret = _g_EVP_CIPHER_CTX_new(); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_CIPHER_CTX_set_key_length(_EVP_CIPHER_CTX_PTR _arg0, int _arg1, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_CIPHER_CTX_set_key_length(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_CIPHER_CTX_set_padding(_EVP_CIPHER_CTX_PTR _arg0, int _arg1, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_CIPHER_CTX_set_padding(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_CIPHER_PTR _mkcgo_EVP_CIPHER_fetch(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, mkcgo_err_state *_err_state) { -+ _EVP_CIPHER_PTR _ret = _g_EVP_CIPHER_fetch(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+const char* _mkcgo_EVP_CIPHER_get0_name(const _EVP_CIPHER_PTR _arg0) { -+ return _g_EVP_CIPHER_get0_name(_arg0); -+} -+ -+int _mkcgo_EVP_CIPHER_get_block_size(const _EVP_CIPHER_PTR _arg0) { -+ return _g_EVP_CIPHER_get_block_size(_arg0); -+} -+ -+int _mkcgo_EVP_CipherInit_ex(_EVP_CIPHER_CTX_PTR _arg0, const _EVP_CIPHER_PTR _arg1, _ENGINE_PTR _arg2, const unsigned char* _arg3, const unsigned char* _arg4, int _arg5, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_CipherInit_ex(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_CipherUpdate(_EVP_CIPHER_CTX_PTR _arg0, unsigned char* _arg1, int* _arg2, const unsigned char* _arg3, int _arg4, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_CipherUpdate(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DecryptFinal_ex(_EVP_CIPHER_CTX_PTR _arg0, unsigned char* _arg1, int* _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_DecryptFinal_ex(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DecryptInit_ex(_EVP_CIPHER_CTX_PTR _arg0, const _EVP_CIPHER_PTR _arg1, _ENGINE_PTR _arg2, const unsigned char* _arg3, const unsigned char* _arg4, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_DecryptInit_ex(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DecryptUpdate(_EVP_CIPHER_CTX_PTR _arg0, unsigned char* _arg1, int* _arg2, const unsigned char* _arg3, int _arg4, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_DecryptUpdate(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_Digest(const void* _arg0, size_t _arg1, unsigned char* _arg2, unsigned int* _arg3, const _EVP_MD_PTR _arg4, _ENGINE_PTR _arg5, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_Digest(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DigestFinal_ex(_EVP_MD_CTX_PTR _arg0, unsigned char* _arg1, unsigned int* _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_DigestFinal_ex(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DigestInit(_EVP_MD_CTX_PTR _arg0, const _EVP_MD_PTR _arg1, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_DigestInit(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DigestInit_ex(_EVP_MD_CTX_PTR _arg0, const _EVP_MD_PTR _arg1, _ENGINE_PTR _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_DigestInit_ex(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DigestSign(_EVP_MD_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, const unsigned char* _arg3, size_t _arg4, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_DigestSign(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DigestSignFinal(_EVP_MD_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_DigestSignFinal(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DigestSignInit(_EVP_MD_CTX_PTR _arg0, _EVP_PKEY_CTX_PTR* _arg1, const _EVP_MD_PTR _arg2, _ENGINE_PTR _arg3, _EVP_PKEY_PTR _arg4, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_DigestSignInit(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DigestUpdate(_EVP_MD_CTX_PTR _arg0, const void* _arg1, size_t _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_DigestUpdate(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DigestVerify(_EVP_MD_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, const unsigned char* _arg3, size_t _arg4, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_DigestVerify(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DigestVerifyFinal(_EVP_MD_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_DigestVerifyFinal(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DigestVerifyInit(_EVP_MD_CTX_PTR _arg0, _EVP_PKEY_CTX_PTR* _arg1, const _EVP_MD_PTR _arg2, _ENGINE_PTR _arg3, _EVP_PKEY_PTR _arg4, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_DigestVerifyInit(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_EncryptFinal_ex(_EVP_CIPHER_CTX_PTR _arg0, unsigned char* _arg1, int* _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_EncryptFinal_ex(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_EncryptInit_ex(_EVP_CIPHER_CTX_PTR _arg0, const _EVP_CIPHER_PTR _arg1, _ENGINE_PTR _arg2, const unsigned char* _arg3, const unsigned char* _arg4, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_EncryptInit_ex(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_EncryptUpdate(_EVP_CIPHER_CTX_PTR _arg0, unsigned char* _arg1, int* _arg2, const unsigned char* _arg3, int _arg4, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_EncryptUpdate(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EVP_KDF_CTX_free(_EVP_KDF_CTX_PTR _arg0) { -+ _g_EVP_KDF_CTX_free(_arg0); -+} -+ -+size_t _mkcgo_EVP_KDF_CTX_get_kdf_size(_EVP_KDF_CTX_PTR _arg0, mkcgo_err_state *_err_state) { -+ size_t _ret = _g_EVP_KDF_CTX_get_kdf_size(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_KDF_CTX_PTR _mkcgo_EVP_KDF_CTX_new(_EVP_KDF_PTR _arg0, mkcgo_err_state *_err_state) { -+ _EVP_KDF_CTX_PTR _ret = _g_EVP_KDF_CTX_new(_arg0); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_KDF_CTX_set_params(_EVP_KDF_CTX_PTR _arg0, const _OSSL_PARAM_PTR _arg1, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_KDF_CTX_set_params(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_KDF_derive(_EVP_KDF_CTX_PTR _arg0, unsigned char* _arg1, size_t _arg2, const _OSSL_PARAM_PTR _arg3, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_KDF_derive(_arg0, _arg1, _arg2, _arg3); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_KDF_PTR _mkcgo_EVP_KDF_fetch(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, mkcgo_err_state *_err_state) { -+ _EVP_KDF_PTR _ret = _g_EVP_KDF_fetch(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EVP_KDF_free(_EVP_KDF_PTR _arg0) { -+ _g_EVP_KDF_free(_arg0); -+} -+ -+_EVP_MAC_CTX_PTR _mkcgo_EVP_MAC_CTX_dup(const _EVP_MAC_CTX_PTR _arg0, mkcgo_err_state *_err_state) { -+ _EVP_MAC_CTX_PTR _ret = _g_EVP_MAC_CTX_dup(_arg0); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EVP_MAC_CTX_free(_EVP_MAC_CTX_PTR _arg0) { -+ _g_EVP_MAC_CTX_free(_arg0); -+} -+ -+_EVP_MAC_CTX_PTR _mkcgo_EVP_MAC_CTX_new(_EVP_MAC_PTR _arg0, mkcgo_err_state *_err_state) { -+ _EVP_MAC_CTX_PTR _ret = _g_EVP_MAC_CTX_new(_arg0); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_MAC_CTX_set_params(_EVP_MAC_CTX_PTR _arg0, const _OSSL_PARAM_PTR _arg1, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_MAC_CTX_set_params(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_MAC_PTR _mkcgo_EVP_MAC_fetch(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, mkcgo_err_state *_err_state) { -+ _EVP_MAC_PTR _ret = _g_EVP_MAC_fetch(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_MAC_final(_EVP_MAC_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, size_t _arg3, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_MAC_final(_arg0, _arg1, _arg2, _arg3); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_MAC_init(_EVP_MAC_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, const _OSSL_PARAM_PTR _arg3, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_MAC_init(_arg0, _arg1, _arg2, _arg3); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_MAC_update(_EVP_MAC_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_MAC_update(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_MD_CTX_copy(_EVP_MD_CTX_PTR _arg0, const _EVP_MD_CTX_PTR _arg1, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_MD_CTX_copy(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_MD_CTX_copy_ex(_EVP_MD_CTX_PTR _arg0, const _EVP_MD_CTX_PTR _arg1, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_MD_CTX_copy_ex(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EVP_MD_CTX_free(_EVP_MD_CTX_PTR _arg0) { -+ _g_EVP_MD_CTX_free(_arg0); -+} -+ -+int _mkcgo_EVP_MD_CTX_get_params(_EVP_MD_CTX_PTR _arg0, _OSSL_PARAM_PTR _arg1, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_MD_CTX_get_params(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+const _OSSL_PARAM_PTR _mkcgo_EVP_MD_CTX_gettable_params(_EVP_MD_CTX_PTR _arg0, mkcgo_err_state *_err_state) { -+ const _OSSL_PARAM_PTR _ret = _g_EVP_MD_CTX_gettable_params(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_MD_CTX_PTR _mkcgo_EVP_MD_CTX_new(mkcgo_err_state *_err_state) { -+ _EVP_MD_CTX_PTR _ret = _g_EVP_MD_CTX_new(); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_MD_CTX_set_params(_EVP_MD_CTX_PTR _arg0, const _OSSL_PARAM_PTR _arg1, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_MD_CTX_set_params(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+const _OSSL_PARAM_PTR _mkcgo_EVP_MD_CTX_settable_params(_EVP_MD_CTX_PTR _arg0, mkcgo_err_state *_err_state) { -+ const _OSSL_PARAM_PTR _ret = _g_EVP_MD_CTX_settable_params(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_MD_PTR _mkcgo_EVP_MD_fetch(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, mkcgo_err_state *_err_state) { -+ _EVP_MD_PTR _ret = _g_EVP_MD_fetch(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EVP_MD_free(_EVP_MD_PTR _arg0) { -+ _g_EVP_MD_free(_arg0); -+} -+ -+const char* _mkcgo_EVP_MD_get0_name(const _EVP_MD_PTR _arg0) { -+ return _g_EVP_MD_get0_name(_arg0); -+} -+ -+const _OSSL_PROVIDER_PTR _mkcgo_EVP_MD_get0_provider(const _EVP_MD_PTR _arg0) { -+ return _g_EVP_MD_get0_provider(_arg0); -+} -+ -+int _mkcgo_EVP_MD_get_block_size(const _EVP_MD_PTR _arg0) { -+ return _g_EVP_MD_get_block_size(_arg0); -+} -+ -+int _mkcgo_EVP_MD_get_size(const _EVP_MD_PTR _arg0) { -+ return _g_EVP_MD_get_size(_arg0); -+} -+ -+int _mkcgo_EVP_MD_get_type(const _EVP_MD_PTR _arg0) { -+ return _g_EVP_MD_get_type(_arg0); -+} -+ -+int _mkcgo_EVP_PKEY_CTX_add1_hkdf_info(_EVP_PKEY_CTX_PTR _arg0, const unsigned char* _arg1, int _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_CTX_add1_hkdf_info(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_CTX_ctrl(_EVP_PKEY_CTX_PTR _arg0, int _arg1, int _arg2, int _arg3, int _arg4, void* _arg5, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_CTX_ctrl(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EVP_PKEY_CTX_free(_EVP_PKEY_CTX_PTR _arg0) { -+ _g_EVP_PKEY_CTX_free(_arg0); -+} -+ -+_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new(_EVP_PKEY_PTR _arg0, _ENGINE_PTR _arg1, mkcgo_err_state *_err_state) { -+ _EVP_PKEY_CTX_PTR _ret = _g_EVP_PKEY_CTX_new(_arg0, _arg1); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new_from_pkey(_OSSL_LIB_CTX_PTR _arg0, _EVP_PKEY_PTR _arg1, const char* _arg2, mkcgo_err_state *_err_state) { -+ _EVP_PKEY_CTX_PTR _ret = _g_EVP_PKEY_CTX_new_from_pkey(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new_id(int _arg0, _ENGINE_PTR _arg1, mkcgo_err_state *_err_state) { -+ _EVP_PKEY_CTX_PTR _ret = _g_EVP_PKEY_CTX_new_id(_arg0, _arg1); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_CTX_set0_rsa_oaep_label(_EVP_PKEY_CTX_PTR _arg0, void* _arg1, int _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_CTX_set0_rsa_oaep_label(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_CTX_set1_hkdf_key(_EVP_PKEY_CTX_PTR _arg0, const unsigned char* _arg1, int _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_CTX_set1_hkdf_key(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_CTX_set1_hkdf_salt(_EVP_PKEY_CTX_PTR _arg0, const unsigned char* _arg1, int _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_CTX_set1_hkdf_salt(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_CTX_set_hkdf_md(_EVP_PKEY_CTX_PTR _arg0, const _EVP_MD_PTR _arg1, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_CTX_set_hkdf_md(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_CTX_set_hkdf_mode(_EVP_PKEY_CTX_PTR _arg0, int _arg1, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_CTX_set_hkdf_mode(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_EC(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, const char* _arg3, mkcgo_err_state *_err_state) { -+ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_Q_keygen(_arg0, _arg1, _arg2, _arg3); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_ED25519(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, mkcgo_err_state *_err_state) { -+ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_Q_keygen(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_RSA(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, size_t _arg3, mkcgo_err_state *_err_state) { -+ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_Q_keygen(_arg0, _arg1, _arg2, _arg3); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_assign(_EVP_PKEY_PTR _arg0, int _arg1, void* _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_assign(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_decrypt(_EVP_PKEY_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, const unsigned char* _arg3, size_t _arg4, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_decrypt(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_decrypt_init(_EVP_PKEY_CTX_PTR _arg0, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_decrypt_init(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_derive(_EVP_PKEY_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_derive(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_derive_init(_EVP_PKEY_CTX_PTR _arg0, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_derive_init(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_derive_set_peer(_EVP_PKEY_CTX_PTR _arg0, _EVP_PKEY_PTR _arg1, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_derive_set_peer(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_encrypt(_EVP_PKEY_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, const unsigned char* _arg3, size_t _arg4, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_encrypt(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_encrypt_init(_EVP_PKEY_CTX_PTR _arg0, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_encrypt_init(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EVP_PKEY_free(_EVP_PKEY_PTR _arg0) { -+ _g_EVP_PKEY_free(_arg0); -+} -+ -+int _mkcgo_EVP_PKEY_fromdata(_EVP_PKEY_CTX_PTR _arg0, _EVP_PKEY_PTR* _arg1, int _arg2, _OSSL_PARAM_PTR _arg3, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_fromdata(_arg0, _arg1, _arg2, _arg3); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_fromdata_init(_EVP_PKEY_CTX_PTR _arg0, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_fromdata_init(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_DSA_PTR _mkcgo_EVP_PKEY_get0_DSA(_EVP_PKEY_PTR _arg0, mkcgo_err_state *_err_state) { -+ _DSA_PTR _ret = _g_EVP_PKEY_get0_DSA(_arg0); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EC_KEY_PTR _mkcgo_EVP_PKEY_get0_EC_KEY(_EVP_PKEY_PTR _arg0, mkcgo_err_state *_err_state) { -+ _EC_KEY_PTR _ret = _g_EVP_PKEY_get0_EC_KEY(_arg0); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_RSA_PTR _mkcgo_EVP_PKEY_get1_RSA(_EVP_PKEY_PTR _arg0, mkcgo_err_state *_err_state) { -+ _RSA_PTR _ret = _g_EVP_PKEY_get1_RSA(_arg0); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+size_t _mkcgo_EVP_PKEY_get1_encoded_public_key(_EVP_PKEY_PTR _arg0, unsigned char** _arg1, mkcgo_err_state *_err_state) { -+ size_t _ret = _g_EVP_PKEY_get1_encoded_public_key(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_get_bits(const _EVP_PKEY_PTR _arg0, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_get_bits(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_get_bn_param(const _EVP_PKEY_PTR _arg0, const char* _arg1, _BIGNUM_PTR* _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_get_bn_param(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_get_raw_private_key(const _EVP_PKEY_PTR _arg0, unsigned char* _arg1, size_t* _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_get_raw_private_key(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_get_raw_public_key(const _EVP_PKEY_PTR _arg0, unsigned char* _arg1, size_t* _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_get_raw_public_key(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_get_size(const _EVP_PKEY_PTR _arg0, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_get_size(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_keygen(_EVP_PKEY_CTX_PTR _arg0, _EVP_PKEY_PTR* _arg1, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_keygen(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_keygen_init(_EVP_PKEY_CTX_PTR _arg0, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_keygen_init(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new(mkcgo_err_state *_err_state) { -+ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_new(); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new_raw_private_key(int _arg0, _ENGINE_PTR _arg1, const unsigned char* _arg2, size_t _arg3, mkcgo_err_state *_err_state) { -+ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_new_raw_private_key(_arg0, _arg1, _arg2, _arg3); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new_raw_public_key(int _arg0, _ENGINE_PTR _arg1, const unsigned char* _arg2, size_t _arg3, mkcgo_err_state *_err_state) { -+ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_new_raw_public_key(_arg0, _arg1, _arg2, _arg3); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_paramgen(_EVP_PKEY_CTX_PTR _arg0, _EVP_PKEY_PTR* _arg1, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_paramgen(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_paramgen_init(_EVP_PKEY_CTX_PTR _arg0, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_paramgen_init(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_private_check(_EVP_PKEY_CTX_PTR _arg0, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_private_check(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_public_check_quick(_EVP_PKEY_CTX_PTR _arg0, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_public_check_quick(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_set1_EC_KEY(_EVP_PKEY_PTR _arg0, _EC_KEY_PTR _arg1, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_set1_EC_KEY(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_set1_encoded_public_key(_EVP_PKEY_PTR _arg0, const unsigned char* _arg1, size_t _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_set1_encoded_public_key(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_sign(_EVP_PKEY_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, const unsigned char* _arg3, size_t _arg4, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_sign(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_sign_init(_EVP_PKEY_CTX_PTR _arg0, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_sign_init(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_up_ref(_EVP_PKEY_PTR _arg0, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_up_ref(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_verify(_EVP_PKEY_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, const unsigned char* _arg3, size_t _arg4, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_verify(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_verify_init(_EVP_PKEY_CTX_PTR _arg0, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_PKEY_verify_init(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_SIGNATURE_PTR _mkcgo_EVP_SIGNATURE_fetch(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, mkcgo_err_state *_err_state) { -+ _EVP_SIGNATURE_PTR _ret = _g_EVP_SIGNATURE_fetch(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EVP_SIGNATURE_free(_EVP_SIGNATURE_PTR _arg0) { -+ _g_EVP_SIGNATURE_free(_arg0); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_cbc(void) { -+ return _g_EVP_aes_128_cbc(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_ctr(void) { -+ return _g_EVP_aes_128_ctr(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_ecb(void) { -+ return _g_EVP_aes_128_ecb(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_gcm(void) { -+ return _g_EVP_aes_128_gcm(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_cbc(void) { -+ return _g_EVP_aes_192_cbc(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_ctr(void) { -+ return _g_EVP_aes_192_ctr(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_ecb(void) { -+ return _g_EVP_aes_192_ecb(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_gcm(void) { -+ return _g_EVP_aes_192_gcm(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_cbc(void) { -+ return _g_EVP_aes_256_cbc(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_ctr(void) { -+ return _g_EVP_aes_256_ctr(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_ecb(void) { -+ return _g_EVP_aes_256_ecb(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_gcm(void) { -+ return _g_EVP_aes_256_gcm(); -+} -+ -+int _mkcgo_EVP_default_properties_enable_fips(_OSSL_LIB_CTX_PTR _arg0, int _arg1, mkcgo_err_state *_err_state) { -+ int _ret = _g_EVP_default_properties_enable_fips(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_default_properties_is_fips_enabled(_OSSL_LIB_CTX_PTR _arg0) { -+ return _g_EVP_default_properties_is_fips_enabled(_arg0); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_des_cbc(void) { -+ return _g_EVP_des_cbc(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_des_ecb(void) { -+ return _g_EVP_des_ecb(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_des_ede3_cbc(void) { -+ return _g_EVP_des_ede3_cbc(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_des_ede3_ecb(void) { -+ return _g_EVP_des_ede3_ecb(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_md4(void) { -+ return _g_EVP_md4(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_md5(void) { -+ return _g_EVP_md5(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_md5_sha1(void) { -+ return _g_EVP_md5_sha1(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_rc4(void) { -+ return _g_EVP_rc4(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_ripemd160(void) { -+ return _g_EVP_ripemd160(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_sha1(void) { -+ return _g_EVP_sha1(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_sha224(void) { -+ return _g_EVP_sha224(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_sha256(void) { -+ return _g_EVP_sha256(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_sha384(void) { -+ return _g_EVP_sha384(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_sha3_224(void) { -+ return _g_EVP_sha3_224(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_sha3_256(void) { -+ return _g_EVP_sha3_256(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_sha3_384(void) { -+ return _g_EVP_sha3_384(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_sha3_512(void) { -+ return _g_EVP_sha3_512(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_sha512(void) { -+ return _g_EVP_sha512(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_sha512_224(void) { -+ return _g_EVP_sha512_224(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_sha512_256(void) { -+ return _g_EVP_sha512_256(); -+} -+ -+int _mkcgo_FIPS_mode(void) { -+ return _g_FIPS_mode(); -+} -+ -+int _mkcgo_FIPS_mode_set(int _arg0, mkcgo_err_state *_err_state) { -+ int _ret = _g_FIPS_mode_set(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_HMAC_CTX_copy(_HMAC_CTX_PTR _arg0, _HMAC_CTX_PTR _arg1, mkcgo_err_state *_err_state) { -+ int _ret = _g_HMAC_CTX_copy(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_HMAC_CTX_free(_HMAC_CTX_PTR _arg0) { -+ _g_HMAC_CTX_free(_arg0); -+} -+ -+_HMAC_CTX_PTR _mkcgo_HMAC_CTX_new(mkcgo_err_state *_err_state) { -+ _HMAC_CTX_PTR _ret = _g_HMAC_CTX_new(); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_HMAC_Final(_HMAC_CTX_PTR _arg0, unsigned char* _arg1, unsigned int* _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_HMAC_Final(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_HMAC_Init_ex(_HMAC_CTX_PTR _arg0, const void* _arg1, int _arg2, const _EVP_MD_PTR _arg3, _ENGINE_PTR _arg4, mkcgo_err_state *_err_state) { -+ int _ret = _g_HMAC_Init_ex(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_HMAC_Update(_HMAC_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_HMAC_Update(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+const char* _mkcgo_OBJ_nid2sn(int _arg0) { -+ return _g_OBJ_nid2sn(_arg0); -+} -+ -+void _mkcgo_OPENSSL_init(void) { -+ _g_OPENSSL_init(); -+} -+ -+int _mkcgo_OPENSSL_init_crypto(uint64_t _arg0, const _OPENSSL_INIT_SETTINGS_PTR _arg1, mkcgo_err_state *_err_state) { -+ int _ret = _g_OPENSSL_init_crypto(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_available_OPENSSL_version_major() { -+ return _g_OPENSSL_version_major != NULL; -+} -+ -+unsigned int _mkcgo_OPENSSL_version_major(void) { -+ return _g_OPENSSL_version_major(); -+} -+ -+int _mkcgo_available_OPENSSL_version_minor() { -+ return _g_OPENSSL_version_minor != NULL; -+} -+ -+unsigned int _mkcgo_OPENSSL_version_minor(void) { -+ return _g_OPENSSL_version_minor(); -+} -+ -+int _mkcgo_available_OPENSSL_version_patch() { -+ return _g_OPENSSL_version_patch != NULL; -+} -+ -+unsigned int _mkcgo_OPENSSL_version_patch(void) { -+ return _g_OPENSSL_version_patch(); -+} -+ -+void _mkcgo_OSSL_PARAM_BLD_free(_OSSL_PARAM_BLD_PTR _arg0) { -+ _g_OSSL_PARAM_BLD_free(_arg0); -+} -+ -+_OSSL_PARAM_BLD_PTR _mkcgo_OSSL_PARAM_BLD_new(mkcgo_err_state *_err_state) { -+ _OSSL_PARAM_BLD_PTR _ret = _g_OSSL_PARAM_BLD_new(); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_OSSL_PARAM_BLD_push_BN(_OSSL_PARAM_BLD_PTR _arg0, const char* _arg1, const _BIGNUM_PTR _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_OSSL_PARAM_BLD_push_BN(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_OSSL_PARAM_BLD_push_int32(_OSSL_PARAM_BLD_PTR _arg0, const char* _arg1, int32_t _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_OSSL_PARAM_BLD_push_int32(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_OSSL_PARAM_BLD_push_octet_string(_OSSL_PARAM_BLD_PTR _arg0, const char* _arg1, const void* _arg2, size_t _arg3, mkcgo_err_state *_err_state) { -+ int _ret = _g_OSSL_PARAM_BLD_push_octet_string(_arg0, _arg1, _arg2, _arg3); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_OSSL_PARAM_BLD_push_utf8_string(_OSSL_PARAM_BLD_PTR _arg0, const char* _arg1, const char* _arg2, size_t _arg3, mkcgo_err_state *_err_state) { -+ int _ret = _g_OSSL_PARAM_BLD_push_utf8_string(_arg0, _arg1, _arg2, _arg3); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_OSSL_PARAM_PTR _mkcgo_OSSL_PARAM_BLD_to_param(_OSSL_PARAM_BLD_PTR _arg0, mkcgo_err_state *_err_state) { -+ _OSSL_PARAM_PTR _ret = _g_OSSL_PARAM_BLD_to_param(_arg0); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_OSSL_PARAM_free(_OSSL_PARAM_PTR _arg0) { -+ _g_OSSL_PARAM_free(_arg0); -+} -+ -+const _OSSL_PARAM_PTR _mkcgo_OSSL_PARAM_locate_const(const _OSSL_PARAM_PTR _arg0, const char* _arg1, mkcgo_err_state *_err_state) { -+ const _OSSL_PARAM_PTR _ret = _g_OSSL_PARAM_locate_const(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_OSSL_PROVIDER_available(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1) { -+ return _g_OSSL_PROVIDER_available(_arg0, _arg1); -+} -+ -+const char* _mkcgo_OSSL_PROVIDER_get0_name(const _OSSL_PROVIDER_PTR _arg0) { -+ return _g_OSSL_PROVIDER_get0_name(_arg0); -+} -+ -+_OSSL_PROVIDER_PTR _mkcgo_OSSL_PROVIDER_try_load(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, int _arg2, mkcgo_err_state *_err_state) { -+ _OSSL_PROVIDER_PTR _ret = _g_OSSL_PROVIDER_try_load(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+const char* _mkcgo_OpenSSL_version(int _arg0) { -+ return _g_OpenSSL_version(_arg0); -+} -+ -+int _mkcgo_available_OpenSSL_version_num() { -+ return _g_OpenSSL_version_num != NULL; -+} -+ -+unsigned long _mkcgo_OpenSSL_version_num(void) { -+ return _g_OpenSSL_version_num(); -+} -+ -+int _mkcgo_PKCS5_PBKDF2_HMAC(const char* _arg0, int _arg1, const unsigned char* _arg2, int _arg3, int _arg4, const _EVP_MD_PTR _arg5, int _arg6, unsigned char* _arg7, mkcgo_err_state *_err_state) { -+ int _ret = _g_PKCS5_PBKDF2_HMAC(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5, _arg6, _arg7); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_RAND_bytes(unsigned char* _arg0, int _arg1, mkcgo_err_state *_err_state) { -+ int _ret = _g_RAND_bytes(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_RSA_free(_RSA_PTR _arg0) { -+ _g_RSA_free(_arg0); -+} -+ -+void _mkcgo_RSA_get0_crt_params(const _RSA_PTR _arg0, const _BIGNUM_PTR* _arg1, const _BIGNUM_PTR* _arg2, const _BIGNUM_PTR* _arg3) { -+ _g_RSA_get0_crt_params(_arg0, _arg1, _arg2, _arg3); -+} -+ -+void _mkcgo_RSA_get0_factors(const _RSA_PTR _arg0, const _BIGNUM_PTR* _arg1, const _BIGNUM_PTR* _arg2) { -+ _g_RSA_get0_factors(_arg0, _arg1, _arg2); -+} -+ -+void _mkcgo_RSA_get0_key(const _RSA_PTR _arg0, const _BIGNUM_PTR* _arg1, const _BIGNUM_PTR* _arg2, const _BIGNUM_PTR* _arg3) { -+ _g_RSA_get0_key(_arg0, _arg1, _arg2, _arg3); -+} -+ -+_RSA_PTR _mkcgo_RSA_new(mkcgo_err_state *_err_state) { -+ _RSA_PTR _ret = _g_RSA_new(); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_RSA_set0_crt_params(_RSA_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, _BIGNUM_PTR _arg3, mkcgo_err_state *_err_state) { -+ int _ret = _g_RSA_set0_crt_params(_arg0, _arg1, _arg2, _arg3); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_RSA_set0_factors(_RSA_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, mkcgo_err_state *_err_state) { -+ int _ret = _g_RSA_set0_factors(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_RSA_set0_key(_RSA_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, _BIGNUM_PTR _arg3, mkcgo_err_state *_err_state) { -+ int _ret = _g_RSA_set0_key(_arg0, _arg1, _arg2, _arg3); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/zossl.go b/src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/zossl.go -new file mode 100644 -index 00000000000000..9079f7a0cffc40 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/zossl.go -@@ -0,0 +1,1329 @@ -+// Code generated by mkcgo. DO NOT EDIT. -+ -+package ossl -+ -+/* -+#cgo CFLAGS: -Wno-attributes -+#cgo unix LDFLAGS: -ldl -+ -+#include "zossl.h" -+*/ -+import "C" -+import "unsafe" -+ -+const ( -+ POINT_CONVERSION_UNCOMPRESSED = 4 -+ OPENSSL_INIT_LOAD_CRYPTO_STRINGS = 0x00000002 -+ OPENSSL_INIT_ADD_ALL_CIPHERS = 0x00000004 -+ OPENSSL_INIT_ADD_ALL_DIGESTS = 0x00000008 -+ OPENSSL_INIT_LOAD_CONFIG = 0x00000040 -+ EVP_CTRL_GCM_GET_TAG = 0x10 -+ EVP_CTRL_GCM_SET_TAG = 0x11 -+ EVP_PKEY_CTRL_MD = 1 -+ EVP_PKEY_RSA = 6 -+ EVP_PKEY_EC = 408 -+ EVP_PKEY_TLS1_PRF = 1021 -+ EVP_PKEY_HKDF = 1036 -+ EVP_PKEY_ED25519 = 1087 -+ EVP_PKEY_DSA = 116 -+ EVP_PKEY_OP_DERIVE = (1 << 10) -+ EVP_MAX_MD_SIZE = 64 -+ EVP_PKEY_PUBLIC_KEY = 0x86 -+ EVP_PKEY_KEYPAIR = 0x87 -+ EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID = 0x1001 -+ EVP_KDF_HKDF_MODE_EXTRACT_ONLY = 1 -+ EVP_KDF_HKDF_MODE_EXPAND_ONLY = 2 -+ EVP_PKEY_CTRL_TLS_MD = 0x1000 -+ EVP_PKEY_CTRL_TLS_SECRET = 0x1001 -+ EVP_PKEY_CTRL_TLS_SEED = 0x1002 -+ EVP_PKEY_CTRL_HKDF_MD = 0x1003 -+ EVP_PKEY_CTRL_HKDF_SALT = 0x1004 -+ EVP_PKEY_CTRL_HKDF_KEY = 0x1005 -+ EVP_PKEY_CTRL_HKDF_INFO = 0x1006 -+ EVP_PKEY_CTRL_HKDF_MODE = 0x1007 -+ NID_X9_62_prime256v1 = 415 -+ NID_secp224r1 = 713 -+ NID_secp384r1 = 715 -+ NID_secp521r1 = 716 -+ RSA_PKCS1_PADDING = 1 -+ RSA_NO_PADDING = 3 -+ RSA_PKCS1_OAEP_PADDING = 4 -+ RSA_PKCS1_PSS_PADDING = 6 -+ RSA_PSS_SALTLEN_DIGEST = -1 -+ RSA_PSS_SALTLEN_AUTO = -2 -+ RSA_PSS_SALTLEN_MAX_SIGN = -2 -+ RSA_PSS_SALTLEN_MAX = -3 -+ EVP_PKEY_CTRL_RSA_PADDING = 0x1001 -+ EVP_PKEY_CTRL_RSA_PSS_SALTLEN = 0x1002 -+ EVP_PKEY_CTRL_RSA_KEYGEN_BITS = 0x1003 -+ EVP_PKEY_CTRL_RSA_MGF1_MD = 0x1005 -+ EVP_PKEY_CTRL_RSA_OAEP_MD = 0x1009 -+ EVP_PKEY_CTRL_RSA_OAEP_LABEL = 0x100A -+ EVP_PKEY_CTRL_DSA_PARAMGEN_BITS = 0x1001 -+ EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS = 0x1002 -+ OSSL_PARAM_INTEGER = 1 -+ OSSL_PARAM_OCTET_STRING = 5 -+) -+ -+type BIGNUM_PTR = C._BIGNUM_PTR -+type BN_CTX_PTR = C._BN_CTX_PTR -+type DSA_PTR = C._DSA_PTR -+type EC_GROUP_PTR = C._EC_GROUP_PTR -+type EC_KEY_PTR = C._EC_KEY_PTR -+type EC_POINT_PTR = C._EC_POINT_PTR -+type ENGINE_PTR = C._ENGINE_PTR -+type EVP_CIPHER_CTX_PTR = C._EVP_CIPHER_CTX_PTR -+type EVP_CIPHER_PTR = C._EVP_CIPHER_PTR -+type EVP_KDF_CTX_PTR = C._EVP_KDF_CTX_PTR -+type EVP_KDF_PTR = C._EVP_KDF_PTR -+type EVP_MAC_CTX_PTR = C._EVP_MAC_CTX_PTR -+type EVP_MAC_PTR = C._EVP_MAC_PTR -+type EVP_MD_CTX_PTR = C._EVP_MD_CTX_PTR -+type EVP_MD_PTR = C._EVP_MD_PTR -+type EVP_PKEY_CTX_PTR = C._EVP_PKEY_CTX_PTR -+type EVP_PKEY_PTR = C._EVP_PKEY_PTR -+type EVP_SIGNATURE_PTR = C._EVP_SIGNATURE_PTR -+type HMAC_CTX_PTR = C._HMAC_CTX_PTR -+type OPENSSL_INIT_SETTINGS_PTR = C._OPENSSL_INIT_SETTINGS_PTR -+type OSSL_LIB_CTX_PTR = C._OSSL_LIB_CTX_PTR -+type OSSL_PARAM_BLD_PTR = C._OSSL_PARAM_BLD_PTR -+type OSSL_PARAM_PTR = C._OSSL_PARAM_PTR -+type OSSL_PROVIDER_PTR = C._OSSL_PROVIDER_PTR -+type RSA_PTR = C._RSA_PTR -+type Point_conversion_form_t = C.point_conversion_form_t -+ -+func MkcgoLoad_(handle unsafe.Pointer) { -+ C.__mkcgo_load_(handle) -+} -+ -+func MkcgoUnload_() { -+ C.__mkcgo_unload_() -+} -+ -+func MkcgoLoad_111(handle unsafe.Pointer) { -+ C.__mkcgo_load_111(handle) -+} -+ -+func MkcgoUnload_111() { -+ C.__mkcgo_unload_111() -+} -+ -+func MkcgoLoad_3(handle unsafe.Pointer) { -+ C.__mkcgo_load_3(handle) -+} -+ -+func MkcgoUnload_3() { -+ C.__mkcgo_unload_3() -+} -+ -+func MkcgoLoad_init_1(handle unsafe.Pointer) { -+ C.__mkcgo_load_init_1(handle) -+} -+ -+func MkcgoUnload_init_1() { -+ C.__mkcgo_unload_init_1() -+} -+ -+func MkcgoLoad_init_3(handle unsafe.Pointer) { -+ C.__mkcgo_load_init_3(handle) -+} -+ -+func MkcgoUnload_init_3() { -+ C.__mkcgo_unload_init_3() -+} -+ -+func MkcgoLoad_legacy_1(handle unsafe.Pointer) { -+ C.__mkcgo_load_legacy_1(handle) -+} -+ -+func MkcgoUnload_legacy_1() { -+ C.__mkcgo_unload_legacy_1() -+} -+ -+func MkcgoLoad_version(handle unsafe.Pointer) { -+ C.__mkcgo_load_version(handle) -+} -+ -+func MkcgoUnload_version() { -+ C.__mkcgo_unload_version() -+} -+ -+//go:nosplit -+func mkcgoNoEscape(p *C.mkcgo_err_state) *C.mkcgo_err_state { -+ x := uintptr(unsafe.Pointer(p)) -+ return (*C.mkcgo_err_state)(unsafe.Pointer(x ^ 0)) -+} -+ -+func BN_bin2bn(arg0 *byte, arg1 int32, arg2 BIGNUM_PTR) (BIGNUM_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_BN_bin2bn((*C.uchar)(unsafe.Pointer(arg0)), C.int(arg1), arg2, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("BN_bin2bn", _err) -+} -+ -+func BN_bn2binpad(a BIGNUM_PTR, to *byte, tolen int32) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_BN_bn2binpad(a, (*C.uchar)(unsafe.Pointer(to)), C.int(tolen), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("BN_bn2binpad", _err) -+} -+ -+func BN_bn2lebinpad(a BIGNUM_PTR, to *byte, tolen int32) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_BN_bn2lebinpad(a, (*C.uchar)(unsafe.Pointer(to)), C.int(tolen), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("BN_bn2lebinpad", _err) -+} -+ -+func BN_clear(arg0 BIGNUM_PTR) { -+ C._mkcgo_BN_clear(arg0) -+} -+ -+func BN_clear_free(arg0 BIGNUM_PTR) { -+ C._mkcgo_BN_clear_free(arg0) -+} -+ -+func BN_free(arg0 BIGNUM_PTR) { -+ C._mkcgo_BN_free(arg0) -+} -+ -+func BN_lebin2bn(s *byte, len int32, ret BIGNUM_PTR) (BIGNUM_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_BN_lebin2bn((*C.uchar)(unsafe.Pointer(s)), C.int(len), ret, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("BN_lebin2bn", _err) -+} -+ -+func BN_new() (BIGNUM_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_BN_new(mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("BN_new", _err) -+} -+ -+func BN_num_bits(arg0 BIGNUM_PTR) int32 { -+ return int32(C._mkcgo_BN_num_bits(arg0)) -+} -+ -+func CRYPTO_free(str unsafe.Pointer, file *byte, line int32) { -+ C._mkcgo_CRYPTO_free(str, (*C.char)(unsafe.Pointer(file)), C.int(line)) -+} -+ -+func CRYPTO_malloc(num int, file *byte, line int32) (unsafe.Pointer, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_CRYPTO_malloc(C.size_t(num), (*C.char)(unsafe.Pointer(file)), C.int(line), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("CRYPTO_malloc", _err) -+} -+ -+func DSA_free(r DSA_PTR) { -+ C._mkcgo_DSA_free(r) -+} -+ -+func DSA_generate_key(a DSA_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_DSA_generate_key(a, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("DSA_generate_key", _err) -+} -+ -+func DSA_get0_key(d DSA_PTR, pub_key *BIGNUM_PTR, priv_key *BIGNUM_PTR) { -+ C._mkcgo_DSA_get0_key(d, pub_key, priv_key) -+} -+ -+func DSA_get0_pqg(d DSA_PTR, p *BIGNUM_PTR, q *BIGNUM_PTR, g *BIGNUM_PTR) { -+ C._mkcgo_DSA_get0_pqg(d, p, q, g) -+} -+ -+func DSA_new() (DSA_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_DSA_new(mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("DSA_new", _err) -+} -+ -+func DSA_set0_key(d DSA_PTR, pub_key BIGNUM_PTR, priv_key BIGNUM_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_DSA_set0_key(d, pub_key, priv_key, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("DSA_set0_key", _err) -+} -+ -+func DSA_set0_pqg(d DSA_PTR, p BIGNUM_PTR, q BIGNUM_PTR, g BIGNUM_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_DSA_set0_pqg(d, p, q, g, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("DSA_set0_pqg", _err) -+} -+ -+func EC_GROUP_free(group EC_GROUP_PTR) { -+ C._mkcgo_EC_GROUP_free(group) -+} -+ -+func EC_GROUP_new_by_curve_name(nid int32) (EC_GROUP_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EC_GROUP_new_by_curve_name(C.int(nid), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EC_GROUP_new_by_curve_name", _err) -+} -+ -+func EC_KEY_check_key(key EC_KEY_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EC_KEY_check_key(key, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EC_KEY_check_key", _err) -+} -+ -+func EC_KEY_free(arg0 EC_KEY_PTR) { -+ C._mkcgo_EC_KEY_free(arg0) -+} -+ -+func EC_KEY_get0_group(arg0 EC_KEY_PTR) EC_GROUP_PTR { -+ return C._mkcgo_EC_KEY_get0_group(arg0) -+} -+ -+func EC_KEY_get0_private_key(arg0 EC_KEY_PTR) BIGNUM_PTR { -+ return C._mkcgo_EC_KEY_get0_private_key(arg0) -+} -+ -+func EC_KEY_get0_public_key(arg0 EC_KEY_PTR) EC_POINT_PTR { -+ return C._mkcgo_EC_KEY_get0_public_key(arg0) -+} -+ -+func EC_KEY_new_by_curve_name(arg0 int32) (EC_KEY_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EC_KEY_new_by_curve_name(C.int(arg0), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EC_KEY_new_by_curve_name", _err) -+} -+ -+func EC_KEY_set_private_key(arg0 EC_KEY_PTR, arg1 BIGNUM_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EC_KEY_set_private_key(arg0, arg1, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EC_KEY_set_private_key", _err) -+} -+ -+func EC_KEY_set_public_key(key EC_KEY_PTR, pub EC_POINT_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EC_KEY_set_public_key(key, pub, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EC_KEY_set_public_key", _err) -+} -+ -+func EC_KEY_set_public_key_affine_coordinates(key EC_KEY_PTR, x BIGNUM_PTR, y BIGNUM_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EC_KEY_set_public_key_affine_coordinates(key, x, y, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EC_KEY_set_public_key_affine_coordinates", _err) -+} -+ -+func EC_POINT_free(arg0 EC_POINT_PTR) { -+ C._mkcgo_EC_POINT_free(arg0) -+} -+ -+func EC_POINT_get_affine_coordinates_GFp(arg0 EC_GROUP_PTR, arg1 EC_POINT_PTR, arg2 BIGNUM_PTR, arg3 BIGNUM_PTR, arg4 BN_CTX_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EC_POINT_get_affine_coordinates_GFp(arg0, arg1, arg2, arg3, arg4, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EC_POINT_get_affine_coordinates_GFp", _err) -+} -+ -+func EC_POINT_mul(group EC_GROUP_PTR, r EC_POINT_PTR, n BIGNUM_PTR, q EC_POINT_PTR, m BIGNUM_PTR, ctx BN_CTX_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EC_POINT_mul(group, r, n, q, m, ctx, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EC_POINT_mul", _err) -+} -+ -+func EC_POINT_new(arg0 EC_GROUP_PTR) (EC_POINT_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EC_POINT_new(arg0, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EC_POINT_new", _err) -+} -+ -+func EC_POINT_oct2point(group EC_GROUP_PTR, p EC_POINT_PTR, buf *byte, len int, ctx BN_CTX_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EC_POINT_oct2point(group, p, (*C.uchar)(unsafe.Pointer(buf)), C.size_t(len), ctx, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EC_POINT_oct2point", _err) -+} -+ -+func EC_POINT_point2oct(group EC_GROUP_PTR, p EC_POINT_PTR, form Point_conversion_form_t, buf *byte, len int, ctx BN_CTX_PTR) (int, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EC_POINT_point2oct(group, p, form, (*C.uchar)(unsafe.Pointer(buf)), C.size_t(len), ctx, mkcgoNoEscape(&_err)) -+ return int(_ret), newMkcgoErr("EC_POINT_point2oct", _err) -+} -+ -+func EC_POINT_set_affine_coordinates(arg0 EC_GROUP_PTR, arg1 EC_POINT_PTR, arg2 BIGNUM_PTR, arg3 BIGNUM_PTR, arg4 BN_CTX_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EC_POINT_set_affine_coordinates(arg0, arg1, arg2, arg3, arg4, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EC_POINT_set_affine_coordinates", _err) -+} -+ -+func ERR_clear_error() { -+ C._mkcgo_ERR_clear_error() -+} -+ -+func ERR_error_string_n(e uint32, buf *byte, len int) { -+ C._mkcgo_ERR_error_string_n(C.ulong(e), (*C.char)(unsafe.Pointer(buf)), C.size_t(len)) -+} -+ -+func ERR_get_error_all(file **byte, line *int32, __func **byte, data **byte, flags *int32) uint32 { -+ return uint32(C._mkcgo_ERR_get_error_all((**C.char)(unsafe.Pointer(file)), (*C.int)(unsafe.Pointer(line)), (**C.char)(unsafe.Pointer(__func)), (**C.char)(unsafe.Pointer(data)), (*C.int)(unsafe.Pointer(flags)))) -+} -+ -+func ERR_get_error_line(file **byte, line *int32) uint32 { -+ return uint32(C._mkcgo_ERR_get_error_line((**C.char)(unsafe.Pointer(file)), (*C.int)(unsafe.Pointer(line)))) -+} -+ -+func EVP_CIPHER_CTX_ctrl(ctx EVP_CIPHER_CTX_PTR, __type int32, arg int32, ptr unsafe.Pointer) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_CIPHER_CTX_ctrl(ctx, C.int(__type), C.int(arg), ptr, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_CIPHER_CTX_ctrl", _err) -+} -+ -+func EVP_CIPHER_CTX_free(arg0 EVP_CIPHER_CTX_PTR) { -+ C._mkcgo_EVP_CIPHER_CTX_free(arg0) -+} -+ -+func EVP_CIPHER_CTX_new() (EVP_CIPHER_CTX_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_CIPHER_CTX_new(mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_CIPHER_CTX_new", _err) -+} -+ -+func EVP_CIPHER_CTX_set_key_length(x EVP_CIPHER_CTX_PTR, keylen int32) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_CIPHER_CTX_set_key_length(x, C.int(keylen), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_CIPHER_CTX_set_key_length", _err) -+} -+ -+func EVP_CIPHER_CTX_set_padding(x EVP_CIPHER_CTX_PTR, padding int32) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_CIPHER_CTX_set_padding(x, C.int(padding), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_CIPHER_CTX_set_padding", _err) -+} -+ -+func EVP_CIPHER_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_CIPHER_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_CIPHER_fetch(ctx, (*C.char)(unsafe.Pointer(algorithm)), (*C.char)(unsafe.Pointer(properties)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_CIPHER_fetch", _err) -+} -+ -+func EVP_CIPHER_get0_name(cipher EVP_CIPHER_PTR) *byte { -+ return (*byte)(unsafe.Pointer(C._mkcgo_EVP_CIPHER_get0_name(cipher))) -+} -+ -+func EVP_CIPHER_get_block_size(cipher EVP_CIPHER_PTR) int32 { -+ return int32(C._mkcgo_EVP_CIPHER_get_block_size(cipher)) -+} -+ -+func EVP_CipherInit_ex(ctx EVP_CIPHER_CTX_PTR, __type EVP_CIPHER_PTR, impl ENGINE_PTR, key *byte, iv *byte, enc int32) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_CipherInit_ex(ctx, __type, impl, (*C.uchar)(unsafe.Pointer(key)), (*C.uchar)(unsafe.Pointer(iv)), C.int(enc), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_CipherInit_ex", _err) -+} -+ -+func EVP_CipherUpdate(ctx EVP_CIPHER_CTX_PTR, out *byte, outl *int32, in *byte, inl int32) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_CipherUpdate(ctx, (*C.uchar)(unsafe.Pointer(out)), (*C.int)(unsafe.Pointer(outl)), (*C.uchar)(unsafe.Pointer(in)), C.int(inl), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_CipherUpdate", _err) -+} -+ -+func EVP_DecryptFinal_ex(ctx EVP_CIPHER_CTX_PTR, outm *byte, outl *int32) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_DecryptFinal_ex(ctx, (*C.uchar)(unsafe.Pointer(outm)), (*C.int)(unsafe.Pointer(outl)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DecryptFinal_ex", _err) -+} -+ -+func EVP_DecryptInit_ex(ctx EVP_CIPHER_CTX_PTR, __type EVP_CIPHER_PTR, impl ENGINE_PTR, key *byte, iv *byte) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_DecryptInit_ex(ctx, __type, impl, (*C.uchar)(unsafe.Pointer(key)), (*C.uchar)(unsafe.Pointer(iv)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DecryptInit_ex", _err) -+} -+ -+func EVP_DecryptUpdate(ctx EVP_CIPHER_CTX_PTR, out *byte, outl *int32, in *byte, inl int32) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_DecryptUpdate(ctx, (*C.uchar)(unsafe.Pointer(out)), (*C.int)(unsafe.Pointer(outl)), (*C.uchar)(unsafe.Pointer(in)), C.int(inl), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DecryptUpdate", _err) -+} -+ -+func EVP_Digest(data unsafe.Pointer, count int, md *byte, size *uint32, __type EVP_MD_PTR, impl ENGINE_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_Digest(unsafe.Pointer(&*(*byte)(data)), C.size_t(count), (*C.uchar)(unsafe.Pointer(md)), (*C.uint)(unsafe.Pointer(size)), __type, impl, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_Digest", _err) -+} -+ -+func EVP_DigestFinal_ex(ctx EVP_MD_CTX_PTR, md *byte, s *uint32) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_DigestFinal_ex(ctx, (*C.uchar)(unsafe.Pointer(md)), (*C.uint)(unsafe.Pointer(s)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DigestFinal_ex", _err) -+} -+ -+func EVP_DigestInit(ctx EVP_MD_CTX_PTR, __type EVP_MD_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_DigestInit(ctx, __type, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DigestInit", _err) -+} -+ -+func EVP_DigestInit_ex(ctx EVP_MD_CTX_PTR, __type EVP_MD_PTR, impl ENGINE_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_DigestInit_ex(ctx, __type, impl, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DigestInit_ex", _err) -+} -+ -+func EVP_DigestSign(ctx EVP_MD_CTX_PTR, sigret *byte, siglen *int, tbs *byte, tbslen int) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_DigestSign(ctx, (*C.uchar)(unsafe.Pointer(sigret)), (*C.size_t)(unsafe.Pointer(siglen)), (*C.uchar)(unsafe.Pointer(tbs)), C.size_t(tbslen), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DigestSign", _err) -+} -+ -+func EVP_DigestSignFinal(ctx EVP_MD_CTX_PTR, sig *byte, siglen *int) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_DigestSignFinal(ctx, (*C.uchar)(unsafe.Pointer(sig)), (*C.size_t)(unsafe.Pointer(siglen)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DigestSignFinal", _err) -+} -+ -+func EVP_DigestSignInit(ctx EVP_MD_CTX_PTR, pctx *EVP_PKEY_CTX_PTR, __type EVP_MD_PTR, e ENGINE_PTR, pkey EVP_PKEY_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_DigestSignInit(ctx, pctx, __type, e, pkey, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DigestSignInit", _err) -+} -+ -+func EVP_DigestUpdate(ctx EVP_MD_CTX_PTR, d unsafe.Pointer, cnt int) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_DigestUpdate(ctx, unsafe.Pointer(&*(*byte)(d)), C.size_t(cnt), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DigestUpdate", _err) -+} -+ -+func EVP_DigestVerify(ctx EVP_MD_CTX_PTR, sigret *byte, siglen int, tbs *byte, tbslen int) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_DigestVerify(ctx, (*C.uchar)(unsafe.Pointer(sigret)), C.size_t(siglen), (*C.uchar)(unsafe.Pointer(tbs)), C.size_t(tbslen), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DigestVerify", _err) -+} -+ -+func EVP_DigestVerifyFinal(ctx EVP_MD_CTX_PTR, sig *byte, siglen int) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_DigestVerifyFinal(ctx, (*C.uchar)(unsafe.Pointer(sig)), C.size_t(siglen), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DigestVerifyFinal", _err) -+} -+ -+func EVP_DigestVerifyInit(ctx EVP_MD_CTX_PTR, pctx *EVP_PKEY_CTX_PTR, __type EVP_MD_PTR, e ENGINE_PTR, pkey EVP_PKEY_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_DigestVerifyInit(ctx, pctx, __type, e, pkey, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DigestVerifyInit", _err) -+} -+ -+func EVP_EncryptFinal_ex(ctx EVP_CIPHER_CTX_PTR, out *byte, outl *int32) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_EncryptFinal_ex(ctx, (*C.uchar)(unsafe.Pointer(out)), (*C.int)(unsafe.Pointer(outl)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_EncryptFinal_ex", _err) -+} -+ -+func EVP_EncryptInit_ex(ctx EVP_CIPHER_CTX_PTR, __type EVP_CIPHER_PTR, impl ENGINE_PTR, key *byte, iv *byte) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_EncryptInit_ex(ctx, __type, impl, (*C.uchar)(unsafe.Pointer(key)), (*C.uchar)(unsafe.Pointer(iv)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_EncryptInit_ex", _err) -+} -+ -+func EVP_EncryptUpdate(ctx EVP_CIPHER_CTX_PTR, out *byte, outl *int32, in *byte, inl int32) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_EncryptUpdate(ctx, (*C.uchar)(unsafe.Pointer(out)), (*C.int)(unsafe.Pointer(outl)), (*C.uchar)(unsafe.Pointer(in)), C.int(inl), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_EncryptUpdate", _err) -+} -+ -+func EVP_KDF_CTX_free(ctx EVP_KDF_CTX_PTR) { -+ C._mkcgo_EVP_KDF_CTX_free(ctx) -+} -+ -+func EVP_KDF_CTX_get_kdf_size(ctx EVP_KDF_CTX_PTR) (int, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_KDF_CTX_get_kdf_size(ctx, mkcgoNoEscape(&_err)) -+ return int(_ret), newMkcgoErr("EVP_KDF_CTX_get_kdf_size", _err) -+} -+ -+func EVP_KDF_CTX_new(kdf EVP_KDF_PTR) (EVP_KDF_CTX_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_KDF_CTX_new(kdf, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_KDF_CTX_new", _err) -+} -+ -+func EVP_KDF_CTX_set_params(ctx EVP_KDF_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_KDF_CTX_set_params(ctx, params, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_KDF_CTX_set_params", _err) -+} -+ -+func EVP_KDF_derive(ctx EVP_KDF_CTX_PTR, key *byte, keylen int, params OSSL_PARAM_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_KDF_derive(ctx, (*C.uchar)(unsafe.Pointer(key)), C.size_t(keylen), params, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_KDF_derive", _err) -+} -+ -+func EVP_KDF_fetch(libctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_KDF_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_KDF_fetch(libctx, (*C.char)(unsafe.Pointer(algorithm)), (*C.char)(unsafe.Pointer(properties)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_KDF_fetch", _err) -+} -+ -+func EVP_KDF_free(kdf EVP_KDF_PTR) { -+ C._mkcgo_EVP_KDF_free(kdf) -+} -+ -+func EVP_MAC_CTX_dup(arg0 EVP_MAC_CTX_PTR) (EVP_MAC_CTX_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_MAC_CTX_dup(arg0, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_MAC_CTX_dup", _err) -+} -+ -+func EVP_MAC_CTX_free(arg0 EVP_MAC_CTX_PTR) { -+ C._mkcgo_EVP_MAC_CTX_free(arg0) -+} -+ -+func EVP_MAC_CTX_new(arg0 EVP_MAC_PTR) (EVP_MAC_CTX_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_MAC_CTX_new(arg0, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_MAC_CTX_new", _err) -+} -+ -+func EVP_MAC_CTX_set_params(ctx EVP_MAC_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_MAC_CTX_set_params(ctx, params, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_MAC_CTX_set_params", _err) -+} -+ -+func EVP_MAC_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_MAC_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_MAC_fetch(ctx, (*C.char)(unsafe.Pointer(algorithm)), (*C.char)(unsafe.Pointer(properties)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_MAC_fetch", _err) -+} -+ -+func EVP_MAC_final(ctx EVP_MAC_CTX_PTR, out *byte, outl *int, outsize int) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_MAC_final(ctx, (*C.uchar)(unsafe.Pointer(out)), (*C.size_t)(unsafe.Pointer(outl)), C.size_t(outsize), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_MAC_final", _err) -+} -+ -+func EVP_MAC_init(ctx EVP_MAC_CTX_PTR, key *byte, keylen int, params OSSL_PARAM_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_MAC_init(ctx, (*C.uchar)(unsafe.Pointer(key)), C.size_t(keylen), params, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_MAC_init", _err) -+} -+ -+func EVP_MAC_update(ctx EVP_MAC_CTX_PTR, data *byte, datalen int) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_MAC_update(ctx, (*C.uchar)(unsafe.Pointer(data)), C.size_t(datalen), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_MAC_update", _err) -+} -+ -+func EVP_MD_CTX_copy(out EVP_MD_CTX_PTR, in EVP_MD_CTX_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_MD_CTX_copy(out, in, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_MD_CTX_copy", _err) -+} -+ -+func EVP_MD_CTX_copy_ex(out EVP_MD_CTX_PTR, in EVP_MD_CTX_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_MD_CTX_copy_ex(out, in, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_MD_CTX_copy_ex", _err) -+} -+ -+func EVP_MD_CTX_free(ctx EVP_MD_CTX_PTR) { -+ C._mkcgo_EVP_MD_CTX_free(ctx) -+} -+ -+func EVP_MD_CTX_get_params(ctx EVP_MD_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_MD_CTX_get_params(ctx, params, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_MD_CTX_get_params", _err) -+} -+ -+func EVP_MD_CTX_gettable_params(ctx EVP_MD_CTX_PTR) (OSSL_PARAM_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_MD_CTX_gettable_params(ctx, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_MD_CTX_gettable_params", _err) -+} -+ -+func EVP_MD_CTX_new() (EVP_MD_CTX_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_MD_CTX_new(mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_MD_CTX_new", _err) -+} -+ -+func EVP_MD_CTX_set_params(ctx EVP_MD_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_MD_CTX_set_params(ctx, params, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_MD_CTX_set_params", _err) -+} -+ -+func EVP_MD_CTX_settable_params(ctx EVP_MD_CTX_PTR) (OSSL_PARAM_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_MD_CTX_settable_params(ctx, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_MD_CTX_settable_params", _err) -+} -+ -+func EVP_MD_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_MD_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_MD_fetch(ctx, (*C.char)(unsafe.Pointer(algorithm)), (*C.char)(unsafe.Pointer(properties)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_MD_fetch", _err) -+} -+ -+func EVP_MD_free(md EVP_MD_PTR) { -+ C._mkcgo_EVP_MD_free(md) -+} -+ -+func EVP_MD_get0_name(md EVP_MD_PTR) *byte { -+ return (*byte)(unsafe.Pointer(C._mkcgo_EVP_MD_get0_name(md))) -+} -+ -+func EVP_MD_get0_provider(md EVP_MD_PTR) OSSL_PROVIDER_PTR { -+ return C._mkcgo_EVP_MD_get0_provider(md) -+} -+ -+func EVP_MD_get_block_size(md EVP_MD_PTR) int32 { -+ return int32(C._mkcgo_EVP_MD_get_block_size(md)) -+} -+ -+func EVP_MD_get_size(md EVP_MD_PTR) int32 { -+ return int32(C._mkcgo_EVP_MD_get_size(md)) -+} -+ -+func EVP_MD_get_type(md EVP_MD_PTR) int32 { -+ return int32(C._mkcgo_EVP_MD_get_type(md)) -+} -+ -+func EVP_PKEY_CTX_add1_hkdf_info(arg0 EVP_PKEY_CTX_PTR, arg1 *byte, arg2 int32) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_CTX_add1_hkdf_info(arg0, (*C.uchar)(unsafe.Pointer(arg1)), C.int(arg2), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_add1_hkdf_info", _err) -+} -+ -+func EVP_PKEY_CTX_ctrl(ctx EVP_PKEY_CTX_PTR, keytype int32, optype int32, cmd int32, p1 int32, p2 unsafe.Pointer) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_CTX_ctrl(ctx, C.int(keytype), C.int(optype), C.int(cmd), C.int(p1), p2, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_ctrl", _err) -+} -+ -+func EVP_PKEY_CTX_free(arg0 EVP_PKEY_CTX_PTR) { -+ C._mkcgo_EVP_PKEY_CTX_free(arg0) -+} -+ -+func EVP_PKEY_CTX_new(arg0 EVP_PKEY_PTR, arg1 ENGINE_PTR) (EVP_PKEY_CTX_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_CTX_new(arg0, arg1, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_CTX_new", _err) -+} -+ -+func EVP_PKEY_CTX_new_from_pkey(libctx OSSL_LIB_CTX_PTR, pkey EVP_PKEY_PTR, propquery *byte) (EVP_PKEY_CTX_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_CTX_new_from_pkey(libctx, pkey, (*C.char)(unsafe.Pointer(propquery)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_CTX_new_from_pkey", _err) -+} -+ -+func EVP_PKEY_CTX_new_id(id int32, e ENGINE_PTR) (EVP_PKEY_CTX_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_CTX_new_id(C.int(id), e, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_CTX_new_id", _err) -+} -+ -+func EVP_PKEY_CTX_set0_rsa_oaep_label(ctx EVP_PKEY_CTX_PTR, label unsafe.Pointer, len int32) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, label, C.int(len), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_set0_rsa_oaep_label", _err) -+} -+ -+func EVP_PKEY_CTX_set1_hkdf_key(arg0 EVP_PKEY_CTX_PTR, arg1 *byte, arg2 int32) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_CTX_set1_hkdf_key(arg0, (*C.uchar)(unsafe.Pointer(arg1)), C.int(arg2), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_set1_hkdf_key", _err) -+} -+ -+func EVP_PKEY_CTX_set1_hkdf_salt(arg0 EVP_PKEY_CTX_PTR, arg1 *byte, arg2 int32) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_CTX_set1_hkdf_salt(arg0, (*C.uchar)(unsafe.Pointer(arg1)), C.int(arg2), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_set1_hkdf_salt", _err) -+} -+ -+func EVP_PKEY_CTX_set_hkdf_md(arg0 EVP_PKEY_CTX_PTR, arg1 EVP_MD_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_CTX_set_hkdf_md(arg0, arg1, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_set_hkdf_md", _err) -+} -+ -+func EVP_PKEY_CTX_set_hkdf_mode(arg0 EVP_PKEY_CTX_PTR, arg1 int32) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_CTX_set_hkdf_mode(arg0, C.int(arg1), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_set_hkdf_mode", _err) -+} -+ -+func EVP_PKEY_Q_keygen_EC(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte, arg1 *byte) (EVP_PKEY_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_Q_keygen_EC(ctx, (*C.char)(unsafe.Pointer(propq)), (*C.char)(unsafe.Pointer(__type)), (*C.char)(unsafe.Pointer(arg1)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_Q_keygen_EC", _err) -+} -+ -+func EVP_PKEY_Q_keygen_ED25519(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte) (EVP_PKEY_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_Q_keygen_ED25519(ctx, (*C.char)(unsafe.Pointer(propq)), (*C.char)(unsafe.Pointer(__type)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_Q_keygen_ED25519", _err) -+} -+ -+func EVP_PKEY_Q_keygen_RSA(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte, arg1 int) (EVP_PKEY_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_Q_keygen_RSA(ctx, (*C.char)(unsafe.Pointer(propq)), (*C.char)(unsafe.Pointer(__type)), C.size_t(arg1), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_Q_keygen_RSA", _err) -+} -+ -+func EVP_PKEY_assign(pkey EVP_PKEY_PTR, __type int32, key unsafe.Pointer) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_assign(pkey, C.int(__type), key, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_assign", _err) -+} -+ -+func EVP_PKEY_decrypt(arg0 EVP_PKEY_CTX_PTR, arg1 *byte, arg2 *int, arg3 *byte, arg4 int) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_decrypt(arg0, (*C.uchar)(unsafe.Pointer(arg1)), (*C.size_t)(unsafe.Pointer(arg2)), (*C.uchar)(unsafe.Pointer(arg3)), C.size_t(arg4), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_decrypt", _err) -+} -+ -+func EVP_PKEY_decrypt_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_decrypt_init(arg0, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_decrypt_init", _err) -+} -+ -+func EVP_PKEY_derive(ctx EVP_PKEY_CTX_PTR, key *byte, keylen *int) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_derive(ctx, (*C.uchar)(unsafe.Pointer(key)), (*C.size_t)(unsafe.Pointer(keylen)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_derive", _err) -+} -+ -+func EVP_PKEY_derive_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_derive_init(ctx, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_derive_init", _err) -+} -+ -+func EVP_PKEY_derive_set_peer(ctx EVP_PKEY_CTX_PTR, peer EVP_PKEY_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_derive_set_peer(ctx, peer, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_derive_set_peer", _err) -+} -+ -+func EVP_PKEY_encrypt(arg0 EVP_PKEY_CTX_PTR, arg1 *byte, arg2 *int, arg3 *byte, arg4 int) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_encrypt(arg0, (*C.uchar)(unsafe.Pointer(arg1)), (*C.size_t)(unsafe.Pointer(arg2)), (*C.uchar)(unsafe.Pointer(arg3)), C.size_t(arg4), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_encrypt", _err) -+} -+ -+func EVP_PKEY_encrypt_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_encrypt_init(arg0, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_encrypt_init", _err) -+} -+ -+func EVP_PKEY_free(arg0 EVP_PKEY_PTR) { -+ C._mkcgo_EVP_PKEY_free(arg0) -+} -+ -+func EVP_PKEY_fromdata(ctx EVP_PKEY_CTX_PTR, pkey *EVP_PKEY_PTR, selection int32, params OSSL_PARAM_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_fromdata(ctx, pkey, C.int(selection), params, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_fromdata", _err) -+} -+ -+func EVP_PKEY_fromdata_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_fromdata_init(ctx, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_fromdata_init", _err) -+} -+ -+func EVP_PKEY_get0_DSA(pkey EVP_PKEY_PTR) (DSA_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_get0_DSA(pkey, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_get0_DSA", _err) -+} -+ -+func EVP_PKEY_get0_EC_KEY(pkey EVP_PKEY_PTR) (EC_KEY_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_get0_EC_KEY(pkey, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_get0_EC_KEY", _err) -+} -+ -+func EVP_PKEY_get1_RSA(pkey EVP_PKEY_PTR) (RSA_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_get1_RSA(pkey, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_get1_RSA", _err) -+} -+ -+func EVP_PKEY_get1_encoded_public_key(pkey EVP_PKEY_PTR, ppub **byte) (int, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_get1_encoded_public_key(pkey, (**C.uchar)(unsafe.Pointer(ppub)), mkcgoNoEscape(&_err)) -+ return int(_ret), newMkcgoErr("EVP_PKEY_get1_encoded_public_key", _err) -+} -+ -+func EVP_PKEY_get_bits(pkey EVP_PKEY_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_get_bits(pkey, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_get_bits", _err) -+} -+ -+func EVP_PKEY_get_bn_param(pkey EVP_PKEY_PTR, key_name *byte, bn *BIGNUM_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_get_bn_param(pkey, (*C.char)(unsafe.Pointer(key_name)), bn, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_get_bn_param", _err) -+} -+ -+func EVP_PKEY_get_raw_private_key(pkey EVP_PKEY_PTR, priv *byte, len *int) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_get_raw_private_key(pkey, (*C.uchar)(unsafe.Pointer(priv)), (*C.size_t)(unsafe.Pointer(len)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_get_raw_private_key", _err) -+} -+ -+func EVP_PKEY_get_raw_public_key(pkey EVP_PKEY_PTR, pub *byte, len *int) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_get_raw_public_key(pkey, (*C.uchar)(unsafe.Pointer(pub)), (*C.size_t)(unsafe.Pointer(len)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_get_raw_public_key", _err) -+} -+ -+func EVP_PKEY_get_size(pkey EVP_PKEY_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_get_size(pkey, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_get_size", _err) -+} -+ -+func EVP_PKEY_keygen(ctx EVP_PKEY_CTX_PTR, ppkey *EVP_PKEY_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_keygen(ctx, ppkey, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_keygen", _err) -+} -+ -+func EVP_PKEY_keygen_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_keygen_init(ctx, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_keygen_init", _err) -+} -+ -+func EVP_PKEY_new() (EVP_PKEY_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_new(mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_new", _err) -+} -+ -+func EVP_PKEY_new_raw_private_key(__type int32, e ENGINE_PTR, key *byte, keylen int) (EVP_PKEY_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_new_raw_private_key(C.int(__type), e, (*C.uchar)(unsafe.Pointer(key)), C.size_t(keylen), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_new_raw_private_key", _err) -+} -+ -+func EVP_PKEY_new_raw_public_key(__type int32, e ENGINE_PTR, key *byte, keylen int) (EVP_PKEY_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_new_raw_public_key(C.int(__type), e, (*C.uchar)(unsafe.Pointer(key)), C.size_t(keylen), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_new_raw_public_key", _err) -+} -+ -+func EVP_PKEY_paramgen(ctx EVP_PKEY_CTX_PTR, ppkey *EVP_PKEY_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_paramgen(ctx, ppkey, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_paramgen", _err) -+} -+ -+func EVP_PKEY_paramgen_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_paramgen_init(ctx, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_paramgen_init", _err) -+} -+ -+func EVP_PKEY_private_check(ctx EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_private_check(ctx, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_private_check", _err) -+} -+ -+func EVP_PKEY_public_check_quick(ctx EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_public_check_quick(ctx, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_public_check_quick", _err) -+} -+ -+func EVP_PKEY_set1_EC_KEY(pkey EVP_PKEY_PTR, key EC_KEY_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_set1_EC_KEY(pkey, key, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_set1_EC_KEY", _err) -+} -+ -+func EVP_PKEY_set1_encoded_public_key(pkey EVP_PKEY_PTR, pub *byte, publen int) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_set1_encoded_public_key(pkey, (*C.uchar)(unsafe.Pointer(pub)), C.size_t(publen), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_set1_encoded_public_key", _err) -+} -+ -+func EVP_PKEY_sign(arg0 EVP_PKEY_CTX_PTR, arg1 *byte, arg2 *int, arg3 *byte, arg4 int) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_sign(arg0, (*C.uchar)(unsafe.Pointer(arg1)), (*C.size_t)(unsafe.Pointer(arg2)), (*C.uchar)(unsafe.Pointer(arg3)), C.size_t(arg4), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_sign", _err) -+} -+ -+func EVP_PKEY_sign_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_sign_init(arg0, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_sign_init", _err) -+} -+ -+func EVP_PKEY_up_ref(key EVP_PKEY_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_up_ref(key, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_up_ref", _err) -+} -+ -+func EVP_PKEY_verify(ctx EVP_PKEY_CTX_PTR, sig *byte, siglen int, tbs *byte, tbslen int) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_verify(ctx, (*C.uchar)(unsafe.Pointer(sig)), C.size_t(siglen), (*C.uchar)(unsafe.Pointer(tbs)), C.size_t(tbslen), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_verify", _err) -+} -+ -+func EVP_PKEY_verify_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_PKEY_verify_init(arg0, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_verify_init", _err) -+} -+ -+func EVP_SIGNATURE_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_SIGNATURE_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_SIGNATURE_fetch(ctx, (*C.char)(unsafe.Pointer(algorithm)), (*C.char)(unsafe.Pointer(properties)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_SIGNATURE_fetch", _err) -+} -+ -+func EVP_SIGNATURE_free(signature EVP_SIGNATURE_PTR) { -+ C._mkcgo_EVP_SIGNATURE_free(signature) -+} -+ -+func EVP_aes_128_cbc() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_128_cbc() -+} -+ -+func EVP_aes_128_ctr() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_128_ctr() -+} -+ -+func EVP_aes_128_ecb() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_128_ecb() -+} -+ -+func EVP_aes_128_gcm() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_128_gcm() -+} -+ -+func EVP_aes_192_cbc() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_192_cbc() -+} -+ -+func EVP_aes_192_ctr() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_192_ctr() -+} -+ -+func EVP_aes_192_ecb() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_192_ecb() -+} -+ -+func EVP_aes_192_gcm() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_192_gcm() -+} -+ -+func EVP_aes_256_cbc() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_256_cbc() -+} -+ -+func EVP_aes_256_ctr() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_256_ctr() -+} -+ -+func EVP_aes_256_ecb() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_256_ecb() -+} -+ -+func EVP_aes_256_gcm() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_256_gcm() -+} -+ -+func EVP_default_properties_enable_fips(libctx OSSL_LIB_CTX_PTR, enable int32) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_EVP_default_properties_enable_fips(libctx, C.int(enable), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_default_properties_enable_fips", _err) -+} -+ -+func EVP_default_properties_is_fips_enabled(libctx OSSL_LIB_CTX_PTR) int32 { -+ return int32(C._mkcgo_EVP_default_properties_is_fips_enabled(libctx)) -+} -+ -+func EVP_des_cbc() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_des_cbc() -+} -+ -+func EVP_des_ecb() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_des_ecb() -+} -+ -+func EVP_des_ede3_cbc() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_des_ede3_cbc() -+} -+ -+func EVP_des_ede3_ecb() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_des_ede3_ecb() -+} -+ -+func EVP_md4() EVP_MD_PTR { -+ return C._mkcgo_EVP_md4() -+} -+ -+func EVP_md5() EVP_MD_PTR { -+ return C._mkcgo_EVP_md5() -+} -+ -+func EVP_md5_sha1() EVP_MD_PTR { -+ return C._mkcgo_EVP_md5_sha1() -+} -+ -+func EVP_rc4() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_rc4() -+} -+ -+func EVP_ripemd160() EVP_MD_PTR { -+ return C._mkcgo_EVP_ripemd160() -+} -+ -+func EVP_sha1() EVP_MD_PTR { -+ return C._mkcgo_EVP_sha1() -+} -+ -+func EVP_sha224() EVP_MD_PTR { -+ return C._mkcgo_EVP_sha224() -+} -+ -+func EVP_sha256() EVP_MD_PTR { -+ return C._mkcgo_EVP_sha256() -+} -+ -+func EVP_sha384() EVP_MD_PTR { -+ return C._mkcgo_EVP_sha384() -+} -+ -+func EVP_sha3_224() EVP_MD_PTR { -+ return C._mkcgo_EVP_sha3_224() -+} -+ -+func EVP_sha3_256() EVP_MD_PTR { -+ return C._mkcgo_EVP_sha3_256() -+} -+ -+func EVP_sha3_384() EVP_MD_PTR { -+ return C._mkcgo_EVP_sha3_384() -+} -+ -+func EVP_sha3_512() EVP_MD_PTR { -+ return C._mkcgo_EVP_sha3_512() -+} -+ -+func EVP_sha512() EVP_MD_PTR { -+ return C._mkcgo_EVP_sha512() -+} -+ -+func EVP_sha512_224() EVP_MD_PTR { -+ return C._mkcgo_EVP_sha512_224() -+} -+ -+func EVP_sha512_256() EVP_MD_PTR { -+ return C._mkcgo_EVP_sha512_256() -+} -+ -+func FIPS_mode() int32 { -+ return int32(C._mkcgo_FIPS_mode()) -+} -+ -+func FIPS_mode_set(r int32) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_FIPS_mode_set(C.int(r), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("FIPS_mode_set", _err) -+} -+ -+func HMAC_CTX_copy(dest HMAC_CTX_PTR, src HMAC_CTX_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_HMAC_CTX_copy(dest, src, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("HMAC_CTX_copy", _err) -+} -+ -+func HMAC_CTX_free(arg0 HMAC_CTX_PTR) { -+ C._mkcgo_HMAC_CTX_free(arg0) -+} -+ -+func HMAC_CTX_new() (HMAC_CTX_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_HMAC_CTX_new(mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("HMAC_CTX_new", _err) -+} -+ -+func HMAC_Final(arg0 HMAC_CTX_PTR, arg1 *byte, arg2 *uint32) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_HMAC_Final(arg0, (*C.uchar)(unsafe.Pointer(arg1)), (*C.uint)(unsafe.Pointer(arg2)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("HMAC_Final", _err) -+} -+ -+func HMAC_Init_ex(arg0 HMAC_CTX_PTR, arg1 unsafe.Pointer, arg2 int32, arg3 EVP_MD_PTR, arg4 ENGINE_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_HMAC_Init_ex(arg0, arg1, C.int(arg2), arg3, arg4, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("HMAC_Init_ex", _err) -+} -+ -+func HMAC_Update(arg0 HMAC_CTX_PTR, arg1 *byte, arg2 int) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_HMAC_Update(arg0, (*C.uchar)(unsafe.Pointer(arg1)), C.size_t(arg2), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("HMAC_Update", _err) -+} -+ -+func OBJ_nid2sn(n int32) *byte { -+ return (*byte)(unsafe.Pointer(C._mkcgo_OBJ_nid2sn(C.int(n)))) -+} -+ -+func OPENSSL_init() { -+ C._mkcgo_OPENSSL_init() -+} -+ -+func OPENSSL_init_crypto(ops uint64, settings OPENSSL_INIT_SETTINGS_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_OPENSSL_init_crypto(C.uint64_t(ops), settings, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("OPENSSL_init_crypto", _err) -+} -+ -+func OPENSSL_version_major_Available() bool { -+ return C._mkcgo_available_OPENSSL_version_major() != 0 -+} -+ -+func OPENSSL_version_major() uint32 { -+ return uint32(C._mkcgo_OPENSSL_version_major()) -+} -+ -+func OPENSSL_version_minor_Available() bool { -+ return C._mkcgo_available_OPENSSL_version_minor() != 0 -+} -+ -+func OPENSSL_version_minor() uint32 { -+ return uint32(C._mkcgo_OPENSSL_version_minor()) -+} -+ -+func OPENSSL_version_patch_Available() bool { -+ return C._mkcgo_available_OPENSSL_version_patch() != 0 -+} -+ -+func OPENSSL_version_patch() uint32 { -+ return uint32(C._mkcgo_OPENSSL_version_patch()) -+} -+ -+func OSSL_PARAM_BLD_free(bld OSSL_PARAM_BLD_PTR) { -+ C._mkcgo_OSSL_PARAM_BLD_free(bld) -+} -+ -+func OSSL_PARAM_BLD_new() (OSSL_PARAM_BLD_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_OSSL_PARAM_BLD_new(mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("OSSL_PARAM_BLD_new", _err) -+} -+ -+func OSSL_PARAM_BLD_push_BN(bld OSSL_PARAM_BLD_PTR, key *byte, bn BIGNUM_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_OSSL_PARAM_BLD_push_BN(bld, (*C.char)(unsafe.Pointer(key)), bn, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("OSSL_PARAM_BLD_push_BN", _err) -+} -+ -+func OSSL_PARAM_BLD_push_int32(bld OSSL_PARAM_BLD_PTR, key *byte, num int32) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_OSSL_PARAM_BLD_push_int32(bld, (*C.char)(unsafe.Pointer(key)), C.int32_t(num), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("OSSL_PARAM_BLD_push_int32", _err) -+} -+ -+func OSSL_PARAM_BLD_push_octet_string(bld OSSL_PARAM_BLD_PTR, key *byte, buf unsafe.Pointer, bsize int) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_OSSL_PARAM_BLD_push_octet_string(bld, (*C.char)(unsafe.Pointer(key)), buf, C.size_t(bsize), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("OSSL_PARAM_BLD_push_octet_string", _err) -+} -+ -+func OSSL_PARAM_BLD_push_utf8_string(bld OSSL_PARAM_BLD_PTR, key *byte, buf *byte, bsize int) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_OSSL_PARAM_BLD_push_utf8_string(bld, (*C.char)(unsafe.Pointer(key)), (*C.char)(unsafe.Pointer(buf)), C.size_t(bsize), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("OSSL_PARAM_BLD_push_utf8_string", _err) -+} -+ -+func OSSL_PARAM_BLD_to_param(bld OSSL_PARAM_BLD_PTR) (OSSL_PARAM_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_OSSL_PARAM_BLD_to_param(bld, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("OSSL_PARAM_BLD_to_param", _err) -+} -+ -+func OSSL_PARAM_free(p OSSL_PARAM_PTR) { -+ C._mkcgo_OSSL_PARAM_free(p) -+} -+ -+func OSSL_PARAM_locate_const(p OSSL_PARAM_PTR, key *byte) (OSSL_PARAM_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_OSSL_PARAM_locate_const(p, (*C.char)(unsafe.Pointer(key)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("OSSL_PARAM_locate_const", _err) -+} -+ -+func OSSL_PROVIDER_available(libctx OSSL_LIB_CTX_PTR, name *byte) int32 { -+ return int32(C._mkcgo_OSSL_PROVIDER_available(libctx, (*C.char)(unsafe.Pointer(name)))) -+} -+ -+func OSSL_PROVIDER_get0_name(prov OSSL_PROVIDER_PTR) *byte { -+ return (*byte)(unsafe.Pointer(C._mkcgo_OSSL_PROVIDER_get0_name(prov))) -+} -+ -+func OSSL_PROVIDER_try_load(libctx OSSL_LIB_CTX_PTR, name *byte, retain_fallbacks int32) (OSSL_PROVIDER_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_OSSL_PROVIDER_try_load(libctx, (*C.char)(unsafe.Pointer(name)), C.int(retain_fallbacks), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("OSSL_PROVIDER_try_load", _err) -+} -+ -+func OpenSSL_version(__type int32) *byte { -+ return (*byte)(unsafe.Pointer(C._mkcgo_OpenSSL_version(C.int(__type)))) -+} -+ -+func OpenSSL_version_num_Available() bool { -+ return C._mkcgo_available_OpenSSL_version_num() != 0 -+} -+ -+func OpenSSL_version_num() uint32 { -+ return uint32(C._mkcgo_OpenSSL_version_num()) -+} -+ -+func PKCS5_PBKDF2_HMAC(pass *byte, passlen int32, salt *byte, saltlen int32, iter int32, digest EVP_MD_PTR, keylen int32, out *byte) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_PKCS5_PBKDF2_HMAC((*C.char)(unsafe.Pointer(pass)), C.int(passlen), (*C.uchar)(unsafe.Pointer(salt)), C.int(saltlen), C.int(iter), digest, C.int(keylen), (*C.uchar)(unsafe.Pointer(out)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("PKCS5_PBKDF2_HMAC", _err) -+} -+ -+func RAND_bytes(arg0 *byte, arg1 int32) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_RAND_bytes((*C.uchar)(unsafe.Pointer(arg0)), C.int(arg1), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("RAND_bytes", _err) -+} -+ -+func RSA_free(arg0 RSA_PTR) { -+ C._mkcgo_RSA_free(arg0) -+} -+ -+func RSA_get0_crt_params(r RSA_PTR, dmp1 *BIGNUM_PTR, dmq1 *BIGNUM_PTR, iqmp *BIGNUM_PTR) { -+ C._mkcgo_RSA_get0_crt_params(r, dmp1, dmq1, iqmp) -+} -+ -+func RSA_get0_factors(rsa RSA_PTR, p *BIGNUM_PTR, q *BIGNUM_PTR) { -+ C._mkcgo_RSA_get0_factors(rsa, p, q) -+} -+ -+func RSA_get0_key(rsa RSA_PTR, n *BIGNUM_PTR, e *BIGNUM_PTR, d *BIGNUM_PTR) { -+ C._mkcgo_RSA_get0_key(rsa, n, e, d) -+} -+ -+func RSA_new() (RSA_PTR, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_RSA_new(mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("RSA_new", _err) -+} -+ -+func RSA_set0_crt_params(rsa RSA_PTR, dmp1 BIGNUM_PTR, dmp2 BIGNUM_PTR, iqmp BIGNUM_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_RSA_set0_crt_params(rsa, dmp1, dmp2, iqmp, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("RSA_set0_crt_params", _err) -+} -+ -+func RSA_set0_factors(rsa RSA_PTR, p BIGNUM_PTR, q BIGNUM_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_RSA_set0_factors(rsa, p, q, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("RSA_set0_factors", _err) -+} -+ -+func RSA_set0_key(r RSA_PTR, n BIGNUM_PTR, e BIGNUM_PTR, d BIGNUM_PTR) (int32, error) { -+ var _err C.mkcgo_err_state -+ _ret := C._mkcgo_RSA_set0_key(r, n, e, d, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("RSA_set0_key", _err) -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/zossl.h b/src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/zossl.h -new file mode 100644 -index 00000000000000..335d129bb345cd ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/zossl.h -@@ -0,0 +1,335 @@ -+// Code generated by mkcgo. DO NOT EDIT. -+ -+#ifndef MKCGO_H // only include this header once -+#define MKCGO_H -+ -+#include -+#include -+ -+typedef void* _OPENSSL_INIT_SETTINGS_PTR; -+typedef void* _OSSL_LIB_CTX_PTR; -+typedef void* _OSSL_PROVIDER_PTR; -+typedef void* _ENGINE_PTR; -+typedef void* _EVP_PKEY_PTR; -+typedef void* _EVP_PKEY_CTX_PTR; -+typedef void* _EVP_MD_PTR; -+typedef void* _EVP_MD_CTX_PTR; -+typedef void* _HMAC_CTX_PTR; -+typedef void* _EVP_CIPHER_PTR; -+typedef void* _EVP_CIPHER_CTX_PTR; -+typedef void* _EC_KEY_PTR; -+typedef void* _EC_POINT_PTR; -+typedef void* _EC_GROUP_PTR; -+typedef void* _RSA_PTR; -+typedef void* _BIGNUM_PTR; -+typedef void* _BN_CTX_PTR; -+typedef void* _EVP_MAC_PTR; -+typedef void* _EVP_MAC_CTX_PTR; -+typedef void* _OSSL_PARAM_BLD_PTR; -+typedef void* _OSSL_PARAM_PTR; -+typedef void* _EVP_SIGNATURE_PTR; -+typedef void* _DSA_PTR; -+typedef void* _EVP_KDF_PTR; -+typedef void* _EVP_KDF_CTX_PTR; -+typedef int point_conversion_form_t; -+ -+enum { -+ _POINT_CONVERSION_UNCOMPRESSED = 4, -+ _OPENSSL_INIT_LOAD_CRYPTO_STRINGS = 0x00000002, -+ _OPENSSL_INIT_ADD_ALL_CIPHERS = 0x00000004, -+ _OPENSSL_INIT_ADD_ALL_DIGESTS = 0x00000008, -+ _OPENSSL_INIT_LOAD_CONFIG = 0x00000040, -+ _EVP_CTRL_GCM_GET_TAG = 0x10, -+ _EVP_CTRL_GCM_SET_TAG = 0x11, -+ _EVP_PKEY_CTRL_MD = 1, -+ _EVP_PKEY_RSA = 6, -+ _EVP_PKEY_EC = 408, -+ _EVP_PKEY_TLS1_PRF = 1021, -+ _EVP_PKEY_HKDF = 1036, -+ _EVP_PKEY_ED25519 = 1087, -+ _EVP_PKEY_DSA = 116, -+ _EVP_PKEY_OP_DERIVE = (1 << 10), -+ _EVP_MAX_MD_SIZE = 64, -+ _EVP_PKEY_PUBLIC_KEY = 0x86, -+ _EVP_PKEY_KEYPAIR = 0x87, -+ _EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID = 0x1001, -+ _EVP_KDF_HKDF_MODE_EXTRACT_ONLY = 1, -+ _EVP_KDF_HKDF_MODE_EXPAND_ONLY = 2, -+ _EVP_PKEY_CTRL_TLS_MD = 0x1000, -+ _EVP_PKEY_CTRL_TLS_SECRET = 0x1001, -+ _EVP_PKEY_CTRL_TLS_SEED = 0x1002, -+ _EVP_PKEY_CTRL_HKDF_MD = 0x1003, -+ _EVP_PKEY_CTRL_HKDF_SALT = 0x1004, -+ _EVP_PKEY_CTRL_HKDF_KEY = 0x1005, -+ _EVP_PKEY_CTRL_HKDF_INFO = 0x1006, -+ _EVP_PKEY_CTRL_HKDF_MODE = 0x1007, -+ _NID_X9_62_prime256v1 = 415, -+ _NID_secp224r1 = 713, -+ _NID_secp384r1 = 715, -+ _NID_secp521r1 = 716, -+ _RSA_PKCS1_PADDING = 1, -+ _RSA_NO_PADDING = 3, -+ _RSA_PKCS1_OAEP_PADDING = 4, -+ _RSA_PKCS1_PSS_PADDING = 6, -+ _RSA_PSS_SALTLEN_DIGEST = -1, -+ _RSA_PSS_SALTLEN_AUTO = -2, -+ _RSA_PSS_SALTLEN_MAX_SIGN = -2, -+ _RSA_PSS_SALTLEN_MAX = -3, -+ _EVP_PKEY_CTRL_RSA_PADDING = 0x1001, -+ _EVP_PKEY_CTRL_RSA_PSS_SALTLEN = 0x1002, -+ _EVP_PKEY_CTRL_RSA_KEYGEN_BITS = 0x1003, -+ _EVP_PKEY_CTRL_RSA_MGF1_MD = 0x1005, -+ _EVP_PKEY_CTRL_RSA_OAEP_MD = 0x1009, -+ _EVP_PKEY_CTRL_RSA_OAEP_LABEL = 0x100A, -+ _EVP_PKEY_CTRL_DSA_PARAMGEN_BITS = 0x1001, -+ _EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS = 0x1002, -+ _OSSL_PARAM_INTEGER = 1, -+ _OSSL_PARAM_OCTET_STRING = 5, -+}; -+ -+typedef void* mkcgo_err_state; -+mkcgo_err_state mkcgo_err_retrieve(); -+void mkcgo_err_free(mkcgo_err_state); -+void __mkcgo_load_(void* handle); -+void __mkcgo_unload_(); -+void __mkcgo_load_111(void* handle); -+void __mkcgo_unload_111(); -+void __mkcgo_load_3(void* handle); -+void __mkcgo_unload_3(); -+void __mkcgo_load_init_1(void* handle); -+void __mkcgo_unload_init_1(); -+void __mkcgo_load_init_3(void* handle); -+void __mkcgo_unload_init_3(); -+void __mkcgo_load_legacy_1(void* handle); -+void __mkcgo_unload_legacy_1(); -+void __mkcgo_load_version(void* handle); -+void __mkcgo_unload_version(); -+ -+int _mkcgo_available_OPENSSL_version_major(); -+int _mkcgo_available_OPENSSL_version_minor(); -+int _mkcgo_available_OPENSSL_version_patch(); -+int _mkcgo_available_OpenSSL_version_num(); -+ -+_BIGNUM_PTR _mkcgo_BN_bin2bn(const unsigned char*, int, _BIGNUM_PTR, mkcgo_err_state *); -+int _mkcgo_BN_bn2binpad(const _BIGNUM_PTR, unsigned char*, int, mkcgo_err_state *); -+int _mkcgo_BN_bn2lebinpad(const _BIGNUM_PTR, unsigned char*, int, mkcgo_err_state *); -+void _mkcgo_BN_clear(_BIGNUM_PTR); -+void _mkcgo_BN_clear_free(_BIGNUM_PTR); -+void _mkcgo_BN_free(_BIGNUM_PTR); -+_BIGNUM_PTR _mkcgo_BN_lebin2bn(const unsigned char*, int, _BIGNUM_PTR, mkcgo_err_state *); -+_BIGNUM_PTR _mkcgo_BN_new(mkcgo_err_state *); -+int _mkcgo_BN_num_bits(const _BIGNUM_PTR); -+void _mkcgo_CRYPTO_free(void*, const char*, int); -+void* _mkcgo_CRYPTO_malloc(size_t, const char*, int, mkcgo_err_state *); -+void _mkcgo_DSA_free(_DSA_PTR); -+int _mkcgo_DSA_generate_key(_DSA_PTR, mkcgo_err_state *); -+void _mkcgo_DSA_get0_key(const _DSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*); -+void _mkcgo_DSA_get0_pqg(const _DSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); -+_DSA_PTR _mkcgo_DSA_new(mkcgo_err_state *); -+int _mkcgo_DSA_set0_key(_DSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, mkcgo_err_state *); -+int _mkcgo_DSA_set0_pqg(_DSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR, mkcgo_err_state *); -+void _mkcgo_EC_GROUP_free(_EC_GROUP_PTR); -+_EC_GROUP_PTR _mkcgo_EC_GROUP_new_by_curve_name(int, mkcgo_err_state *); -+int _mkcgo_EC_KEY_check_key(const _EC_KEY_PTR, mkcgo_err_state *); -+void _mkcgo_EC_KEY_free(_EC_KEY_PTR); -+const _EC_GROUP_PTR _mkcgo_EC_KEY_get0_group(const _EC_KEY_PTR); -+const _BIGNUM_PTR _mkcgo_EC_KEY_get0_private_key(const _EC_KEY_PTR); -+const _EC_POINT_PTR _mkcgo_EC_KEY_get0_public_key(const _EC_KEY_PTR); -+_EC_KEY_PTR _mkcgo_EC_KEY_new_by_curve_name(int, mkcgo_err_state *); -+int _mkcgo_EC_KEY_set_private_key(_EC_KEY_PTR, const _BIGNUM_PTR, mkcgo_err_state *); -+int _mkcgo_EC_KEY_set_public_key(_EC_KEY_PTR, const _EC_POINT_PTR, mkcgo_err_state *); -+int _mkcgo_EC_KEY_set_public_key_affine_coordinates(_EC_KEY_PTR, _BIGNUM_PTR, _BIGNUM_PTR, mkcgo_err_state *); -+void _mkcgo_EC_POINT_free(_EC_POINT_PTR); -+int _mkcgo_EC_POINT_get_affine_coordinates_GFp(const _EC_GROUP_PTR, const _EC_POINT_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BN_CTX_PTR, mkcgo_err_state *); -+int _mkcgo_EC_POINT_mul(const _EC_GROUP_PTR, _EC_POINT_PTR, const _BIGNUM_PTR, const _EC_POINT_PTR, const _BIGNUM_PTR, _BN_CTX_PTR, mkcgo_err_state *); -+_EC_POINT_PTR _mkcgo_EC_POINT_new(const _EC_GROUP_PTR, mkcgo_err_state *); -+int _mkcgo_EC_POINT_oct2point(const _EC_GROUP_PTR, _EC_POINT_PTR, const unsigned char*, size_t, _BN_CTX_PTR, mkcgo_err_state *); -+size_t _mkcgo_EC_POINT_point2oct(const _EC_GROUP_PTR, const _EC_POINT_PTR, point_conversion_form_t, unsigned char*, size_t, _BN_CTX_PTR, mkcgo_err_state *); -+int _mkcgo_EC_POINT_set_affine_coordinates(const _EC_GROUP_PTR, _EC_POINT_PTR, const _BIGNUM_PTR, const _BIGNUM_PTR, _BN_CTX_PTR, mkcgo_err_state *); -+void _mkcgo_ERR_clear_error(void); -+void _mkcgo_ERR_error_string_n(unsigned long, char*, size_t); -+unsigned long _mkcgo_ERR_get_error_all(const char**, int*, const char**, const char**, int*); -+unsigned long _mkcgo_ERR_get_error_line(const char**, int*); -+int _mkcgo_EVP_CIPHER_CTX_ctrl(_EVP_CIPHER_CTX_PTR, int, int, void*, mkcgo_err_state *); -+void _mkcgo_EVP_CIPHER_CTX_free(_EVP_CIPHER_CTX_PTR); -+_EVP_CIPHER_CTX_PTR _mkcgo_EVP_CIPHER_CTX_new(mkcgo_err_state *); -+int _mkcgo_EVP_CIPHER_CTX_set_key_length(_EVP_CIPHER_CTX_PTR, int, mkcgo_err_state *); -+int _mkcgo_EVP_CIPHER_CTX_set_padding(_EVP_CIPHER_CTX_PTR, int, mkcgo_err_state *); -+_EVP_CIPHER_PTR _mkcgo_EVP_CIPHER_fetch(_OSSL_LIB_CTX_PTR, const char*, const char*, mkcgo_err_state *); -+const char* _mkcgo_EVP_CIPHER_get0_name(const _EVP_CIPHER_PTR); -+int _mkcgo_EVP_CIPHER_get_block_size(const _EVP_CIPHER_PTR); -+int _mkcgo_EVP_CipherInit_ex(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*, int, mkcgo_err_state *); -+int _mkcgo_EVP_CipherUpdate(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int, mkcgo_err_state *); -+int _mkcgo_EVP_DecryptFinal_ex(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, mkcgo_err_state *); -+int _mkcgo_EVP_DecryptInit_ex(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*, mkcgo_err_state *); -+int _mkcgo_EVP_DecryptUpdate(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int, mkcgo_err_state *); -+int _mkcgo_EVP_Digest(const void*, size_t, unsigned char*, unsigned int*, const _EVP_MD_PTR, _ENGINE_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_DigestFinal_ex(_EVP_MD_CTX_PTR, unsigned char*, unsigned int*, mkcgo_err_state *); -+int _mkcgo_EVP_DigestInit(_EVP_MD_CTX_PTR, const _EVP_MD_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_DigestInit_ex(_EVP_MD_CTX_PTR, const _EVP_MD_PTR, _ENGINE_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_DigestSign(_EVP_MD_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t, mkcgo_err_state *); -+int _mkcgo_EVP_DigestSignFinal(_EVP_MD_CTX_PTR, unsigned char*, size_t*, mkcgo_err_state *); -+int _mkcgo_EVP_DigestSignInit(_EVP_MD_CTX_PTR, _EVP_PKEY_CTX_PTR*, const _EVP_MD_PTR, _ENGINE_PTR, _EVP_PKEY_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_DigestUpdate(_EVP_MD_CTX_PTR, const void*, size_t, mkcgo_err_state *); -+int _mkcgo_EVP_DigestVerify(_EVP_MD_CTX_PTR, const unsigned char*, size_t, const unsigned char*, size_t, mkcgo_err_state *); -+int _mkcgo_EVP_DigestVerifyFinal(_EVP_MD_CTX_PTR, const unsigned char*, size_t, mkcgo_err_state *); -+int _mkcgo_EVP_DigestVerifyInit(_EVP_MD_CTX_PTR, _EVP_PKEY_CTX_PTR*, const _EVP_MD_PTR, _ENGINE_PTR, _EVP_PKEY_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_EncryptFinal_ex(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, mkcgo_err_state *); -+int _mkcgo_EVP_EncryptInit_ex(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*, mkcgo_err_state *); -+int _mkcgo_EVP_EncryptUpdate(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int, mkcgo_err_state *); -+void _mkcgo_EVP_KDF_CTX_free(_EVP_KDF_CTX_PTR); -+size_t _mkcgo_EVP_KDF_CTX_get_kdf_size(_EVP_KDF_CTX_PTR, mkcgo_err_state *); -+_EVP_KDF_CTX_PTR _mkcgo_EVP_KDF_CTX_new(_EVP_KDF_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_KDF_CTX_set_params(_EVP_KDF_CTX_PTR, const _OSSL_PARAM_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_KDF_derive(_EVP_KDF_CTX_PTR, unsigned char*, size_t, const _OSSL_PARAM_PTR, mkcgo_err_state *); -+_EVP_KDF_PTR _mkcgo_EVP_KDF_fetch(_OSSL_LIB_CTX_PTR, const char*, const char*, mkcgo_err_state *); -+void _mkcgo_EVP_KDF_free(_EVP_KDF_PTR); -+_EVP_MAC_CTX_PTR _mkcgo_EVP_MAC_CTX_dup(const _EVP_MAC_CTX_PTR, mkcgo_err_state *); -+void _mkcgo_EVP_MAC_CTX_free(_EVP_MAC_CTX_PTR); -+_EVP_MAC_CTX_PTR _mkcgo_EVP_MAC_CTX_new(_EVP_MAC_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_MAC_CTX_set_params(_EVP_MAC_CTX_PTR, const _OSSL_PARAM_PTR, mkcgo_err_state *); -+_EVP_MAC_PTR _mkcgo_EVP_MAC_fetch(_OSSL_LIB_CTX_PTR, const char*, const char*, mkcgo_err_state *); -+int _mkcgo_EVP_MAC_final(_EVP_MAC_CTX_PTR, unsigned char*, size_t*, size_t, mkcgo_err_state *); -+int _mkcgo_EVP_MAC_init(_EVP_MAC_CTX_PTR, const unsigned char*, size_t, const _OSSL_PARAM_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_MAC_update(_EVP_MAC_CTX_PTR, const unsigned char*, size_t, mkcgo_err_state *); -+int _mkcgo_EVP_MD_CTX_copy(_EVP_MD_CTX_PTR, const _EVP_MD_CTX_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_MD_CTX_copy_ex(_EVP_MD_CTX_PTR, const _EVP_MD_CTX_PTR, mkcgo_err_state *); -+void _mkcgo_EVP_MD_CTX_free(_EVP_MD_CTX_PTR); -+int _mkcgo_EVP_MD_CTX_get_params(_EVP_MD_CTX_PTR, _OSSL_PARAM_PTR, mkcgo_err_state *); -+const _OSSL_PARAM_PTR _mkcgo_EVP_MD_CTX_gettable_params(_EVP_MD_CTX_PTR, mkcgo_err_state *); -+_EVP_MD_CTX_PTR _mkcgo_EVP_MD_CTX_new(mkcgo_err_state *); -+int _mkcgo_EVP_MD_CTX_set_params(_EVP_MD_CTX_PTR, const _OSSL_PARAM_PTR, mkcgo_err_state *); -+const _OSSL_PARAM_PTR _mkcgo_EVP_MD_CTX_settable_params(_EVP_MD_CTX_PTR, mkcgo_err_state *); -+_EVP_MD_PTR _mkcgo_EVP_MD_fetch(_OSSL_LIB_CTX_PTR, const char*, const char*, mkcgo_err_state *); -+void _mkcgo_EVP_MD_free(_EVP_MD_PTR); -+const char* _mkcgo_EVP_MD_get0_name(const _EVP_MD_PTR); -+const _OSSL_PROVIDER_PTR _mkcgo_EVP_MD_get0_provider(const _EVP_MD_PTR); -+int _mkcgo_EVP_MD_get_block_size(const _EVP_MD_PTR); -+int _mkcgo_EVP_MD_get_size(const _EVP_MD_PTR); -+int _mkcgo_EVP_MD_get_type(const _EVP_MD_PTR); -+int _mkcgo_EVP_PKEY_CTX_add1_hkdf_info(_EVP_PKEY_CTX_PTR, const unsigned char*, int, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_CTX_ctrl(_EVP_PKEY_CTX_PTR, int, int, int, int, void*, mkcgo_err_state *); -+void _mkcgo_EVP_PKEY_CTX_free(_EVP_PKEY_CTX_PTR); -+_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new(_EVP_PKEY_PTR, _ENGINE_PTR, mkcgo_err_state *); -+_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new_from_pkey(_OSSL_LIB_CTX_PTR, _EVP_PKEY_PTR, const char*, mkcgo_err_state *); -+_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new_id(int, _ENGINE_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_CTX_set0_rsa_oaep_label(_EVP_PKEY_CTX_PTR, void*, int, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_CTX_set1_hkdf_key(_EVP_PKEY_CTX_PTR, const unsigned char*, int, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_CTX_set1_hkdf_salt(_EVP_PKEY_CTX_PTR, const unsigned char*, int, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_CTX_set_hkdf_md(_EVP_PKEY_CTX_PTR, const _EVP_MD_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_CTX_set_hkdf_mode(_EVP_PKEY_CTX_PTR, int, mkcgo_err_state *); -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_EC(_OSSL_LIB_CTX_PTR, const char*, const char*, const char*, mkcgo_err_state *); -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_ED25519(_OSSL_LIB_CTX_PTR, const char*, const char*, mkcgo_err_state *); -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_RSA(_OSSL_LIB_CTX_PTR, const char*, const char*, size_t, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_assign(_EVP_PKEY_PTR, int, void*, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_decrypt(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_decrypt_init(_EVP_PKEY_CTX_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_derive(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_derive_init(_EVP_PKEY_CTX_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_derive_set_peer(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_encrypt(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_encrypt_init(_EVP_PKEY_CTX_PTR, mkcgo_err_state *); -+void _mkcgo_EVP_PKEY_free(_EVP_PKEY_PTR); -+int _mkcgo_EVP_PKEY_fromdata(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*, int, _OSSL_PARAM_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_fromdata_init(_EVP_PKEY_CTX_PTR, mkcgo_err_state *); -+_DSA_PTR _mkcgo_EVP_PKEY_get0_DSA(_EVP_PKEY_PTR, mkcgo_err_state *); -+_EC_KEY_PTR _mkcgo_EVP_PKEY_get0_EC_KEY(_EVP_PKEY_PTR, mkcgo_err_state *); -+_RSA_PTR _mkcgo_EVP_PKEY_get1_RSA(_EVP_PKEY_PTR, mkcgo_err_state *); -+size_t _mkcgo_EVP_PKEY_get1_encoded_public_key(_EVP_PKEY_PTR, unsigned char**, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_get_bits(const _EVP_PKEY_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_get_bn_param(const _EVP_PKEY_PTR, const char*, _BIGNUM_PTR*, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_get_raw_private_key(const _EVP_PKEY_PTR, unsigned char*, size_t*, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_get_raw_public_key(const _EVP_PKEY_PTR, unsigned char*, size_t*, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_get_size(const _EVP_PKEY_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_keygen(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_keygen_init(_EVP_PKEY_CTX_PTR, mkcgo_err_state *); -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new(mkcgo_err_state *); -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new_raw_private_key(int, _ENGINE_PTR, const unsigned char*, size_t, mkcgo_err_state *); -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new_raw_public_key(int, _ENGINE_PTR, const unsigned char*, size_t, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_paramgen(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_paramgen_init(_EVP_PKEY_CTX_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_private_check(_EVP_PKEY_CTX_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_public_check_quick(_EVP_PKEY_CTX_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_set1_EC_KEY(_EVP_PKEY_PTR, _EC_KEY_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_set1_encoded_public_key(_EVP_PKEY_PTR, const unsigned char*, size_t, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_sign(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_sign_init(_EVP_PKEY_CTX_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_up_ref(_EVP_PKEY_PTR, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_verify(_EVP_PKEY_CTX_PTR, const unsigned char*, size_t, const unsigned char*, size_t, mkcgo_err_state *); -+int _mkcgo_EVP_PKEY_verify_init(_EVP_PKEY_CTX_PTR, mkcgo_err_state *); -+_EVP_SIGNATURE_PTR _mkcgo_EVP_SIGNATURE_fetch(_OSSL_LIB_CTX_PTR, const char*, const char*, mkcgo_err_state *); -+void _mkcgo_EVP_SIGNATURE_free(_EVP_SIGNATURE_PTR); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_cbc(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_ctr(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_ecb(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_gcm(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_cbc(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_ctr(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_ecb(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_gcm(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_cbc(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_ctr(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_ecb(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_gcm(void); -+int _mkcgo_EVP_default_properties_enable_fips(_OSSL_LIB_CTX_PTR, int, mkcgo_err_state *); -+int _mkcgo_EVP_default_properties_is_fips_enabled(_OSSL_LIB_CTX_PTR); -+const _EVP_CIPHER_PTR _mkcgo_EVP_des_cbc(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_des_ecb(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_des_ede3_cbc(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_des_ede3_ecb(void); -+const _EVP_MD_PTR _mkcgo_EVP_md4(void); -+const _EVP_MD_PTR _mkcgo_EVP_md5(void); -+const _EVP_MD_PTR _mkcgo_EVP_md5_sha1(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_rc4(void); -+const _EVP_MD_PTR _mkcgo_EVP_ripemd160(void); -+const _EVP_MD_PTR _mkcgo_EVP_sha1(void); -+const _EVP_MD_PTR _mkcgo_EVP_sha224(void); -+const _EVP_MD_PTR _mkcgo_EVP_sha256(void); -+const _EVP_MD_PTR _mkcgo_EVP_sha384(void); -+const _EVP_MD_PTR _mkcgo_EVP_sha3_224(void); -+const _EVP_MD_PTR _mkcgo_EVP_sha3_256(void); -+const _EVP_MD_PTR _mkcgo_EVP_sha3_384(void); -+const _EVP_MD_PTR _mkcgo_EVP_sha3_512(void); -+const _EVP_MD_PTR _mkcgo_EVP_sha512(void); -+const _EVP_MD_PTR _mkcgo_EVP_sha512_224(void); -+const _EVP_MD_PTR _mkcgo_EVP_sha512_256(void); -+int _mkcgo_FIPS_mode(void); -+int _mkcgo_FIPS_mode_set(int, mkcgo_err_state *); -+int _mkcgo_HMAC_CTX_copy(_HMAC_CTX_PTR, _HMAC_CTX_PTR, mkcgo_err_state *); -+void _mkcgo_HMAC_CTX_free(_HMAC_CTX_PTR); -+_HMAC_CTX_PTR _mkcgo_HMAC_CTX_new(mkcgo_err_state *); -+int _mkcgo_HMAC_Final(_HMAC_CTX_PTR, unsigned char*, unsigned int*, mkcgo_err_state *); -+int _mkcgo_HMAC_Init_ex(_HMAC_CTX_PTR, const void*, int, const _EVP_MD_PTR, _ENGINE_PTR, mkcgo_err_state *); -+int _mkcgo_HMAC_Update(_HMAC_CTX_PTR, const unsigned char*, size_t, mkcgo_err_state *); -+const char* _mkcgo_OBJ_nid2sn(int); -+void _mkcgo_OPENSSL_init(void); -+int _mkcgo_OPENSSL_init_crypto(uint64_t, const _OPENSSL_INIT_SETTINGS_PTR, mkcgo_err_state *); -+unsigned int _mkcgo_OPENSSL_version_major(void); -+unsigned int _mkcgo_OPENSSL_version_minor(void); -+unsigned int _mkcgo_OPENSSL_version_patch(void); -+void _mkcgo_OSSL_PARAM_BLD_free(_OSSL_PARAM_BLD_PTR); -+_OSSL_PARAM_BLD_PTR _mkcgo_OSSL_PARAM_BLD_new(mkcgo_err_state *); -+int _mkcgo_OSSL_PARAM_BLD_push_BN(_OSSL_PARAM_BLD_PTR, const char*, const _BIGNUM_PTR, mkcgo_err_state *); -+int _mkcgo_OSSL_PARAM_BLD_push_int32(_OSSL_PARAM_BLD_PTR, const char*, int32_t, mkcgo_err_state *); -+int _mkcgo_OSSL_PARAM_BLD_push_octet_string(_OSSL_PARAM_BLD_PTR, const char*, const void*, size_t, mkcgo_err_state *); -+int _mkcgo_OSSL_PARAM_BLD_push_utf8_string(_OSSL_PARAM_BLD_PTR, const char*, const char*, size_t, mkcgo_err_state *); -+_OSSL_PARAM_PTR _mkcgo_OSSL_PARAM_BLD_to_param(_OSSL_PARAM_BLD_PTR, mkcgo_err_state *); -+void _mkcgo_OSSL_PARAM_free(_OSSL_PARAM_PTR); -+const _OSSL_PARAM_PTR _mkcgo_OSSL_PARAM_locate_const(const _OSSL_PARAM_PTR, const char*, mkcgo_err_state *); -+int _mkcgo_OSSL_PROVIDER_available(_OSSL_LIB_CTX_PTR, const char*); -+const char* _mkcgo_OSSL_PROVIDER_get0_name(const _OSSL_PROVIDER_PTR); -+_OSSL_PROVIDER_PTR _mkcgo_OSSL_PROVIDER_try_load(_OSSL_LIB_CTX_PTR, const char*, int, mkcgo_err_state *); -+const char* _mkcgo_OpenSSL_version(int); -+unsigned long _mkcgo_OpenSSL_version_num(void); -+int _mkcgo_PKCS5_PBKDF2_HMAC(const char*, int, const unsigned char*, int, int, const _EVP_MD_PTR, int, unsigned char*, mkcgo_err_state *); -+int _mkcgo_RAND_bytes(unsigned char*, int, mkcgo_err_state *); -+void _mkcgo_RSA_free(_RSA_PTR); -+void _mkcgo_RSA_get0_crt_params(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); -+void _mkcgo_RSA_get0_factors(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*); -+void _mkcgo_RSA_get0_key(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); -+_RSA_PTR _mkcgo_RSA_new(mkcgo_err_state *); -+int _mkcgo_RSA_set0_crt_params(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR, mkcgo_err_state *); -+int _mkcgo_RSA_set0_factors(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, mkcgo_err_state *); -+int _mkcgo_RSA_set0_key(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR, mkcgo_err_state *); -+ -+#endif // MKCGO_H -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/zossl_go124.go b/src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/zossl_go124.go -new file mode 100644 -index 00000000000000..ae64d2f7ee9990 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/internal/ossl/zossl_go124.go -@@ -0,0 +1,37 @@ -+// Code generated by mkcgo. DO NOT EDIT. -+ -+//go:build go1.24 && !cmd_go_bootstrap -+ -+package ossl -+ -+/* -+#cgo noescape _mkcgo_EVP_CipherUpdate -+#cgo nocallback _mkcgo_EVP_CipherUpdate -+#cgo noescape _mkcgo_EVP_DecryptFinal_ex -+#cgo nocallback _mkcgo_EVP_DecryptFinal_ex -+#cgo noescape _mkcgo_EVP_DecryptUpdate -+#cgo nocallback _mkcgo_EVP_DecryptUpdate -+#cgo noescape _mkcgo_EVP_Digest -+#cgo nocallback _mkcgo_EVP_Digest -+#cgo noescape _mkcgo_EVP_DigestFinal_ex -+#cgo nocallback _mkcgo_EVP_DigestFinal_ex -+#cgo noescape _mkcgo_EVP_DigestSign -+#cgo nocallback _mkcgo_EVP_DigestSign -+#cgo noescape _mkcgo_EVP_DigestUpdate -+#cgo nocallback _mkcgo_EVP_DigestUpdate -+#cgo noescape _mkcgo_EVP_EncryptFinal_ex -+#cgo nocallback _mkcgo_EVP_EncryptFinal_ex -+#cgo noescape _mkcgo_EVP_EncryptUpdate -+#cgo nocallback _mkcgo_EVP_EncryptUpdate -+#cgo noescape _mkcgo_EVP_MD_CTX_copy -+#cgo nocallback _mkcgo_EVP_MD_CTX_copy -+#cgo noescape _mkcgo_EVP_PKEY_derive -+#cgo nocallback _mkcgo_EVP_PKEY_derive -+#cgo noescape _mkcgo_EVP_PKEY_get_raw_private_key -+#cgo nocallback _mkcgo_EVP_PKEY_get_raw_private_key -+#cgo noescape _mkcgo_EVP_PKEY_get_raw_public_key -+#cgo nocallback _mkcgo_EVP_PKEY_get_raw_public_key -+#cgo noescape _mkcgo_RAND_bytes -+#cgo nocallback _mkcgo_RAND_bytes -+*/ -+import "C" -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/openssl.go b/src/vendor/github.com/golang-fips/openssl/v2/openssl.go -new file mode 100644 -index 00000000000000..f3377d72c8aa46 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/openssl.go -@@ -0,0 +1,384 @@ -+//go:build !cmd_go_bootstrap -+ -+// Package openssl provides access to OpenSSL cryptographic functions. -+package openssl -+ -+/* -+#include // for free() -+ -+static inline void -+go_openssl_do_leak_check(void) -+{ -+#ifndef __has_feature -+#define __has_feature(x) 0 -+#endif -+ -+#if (defined(__SANITIZE_ADDRESS__) && __SANITIZE_ADDRESS__) || \ -+ __has_feature(address_sanitizer) -+ extern void __lsan_do_leak_check(void); -+ __lsan_do_leak_check(); -+#endif -+} -+*/ -+import "C" -+import ( -+ "errors" -+ "math/bits" -+ "strconv" -+ "sync" -+ "unsafe" -+ -+ "github.com/golang-fips/openssl/v2/internal/ossl" -+) -+ -+var ( -+ // vMajor and vMinor hold the major/minor OpenSSL version. -+ // It is only populated if Init has been called. -+ vMajor, vMinor, vPatch uint -+) -+ -+var ( -+ initOnce sync.Once -+ initErr error -+) -+ -+var isBigEndian bool -+ -+// CheckVersion checks if the OpenSSL version can be loaded -+// and if the FIPS mode is enabled. -+// This function can be called before Init. -+// All OpenSSL functions used in here should be tagged with "init_1" or "init_3" in shims.h. -+func CheckVersion(version string) (exists, fips bool) { -+ close, err := initForCheckVersion(version) -+ if err != nil { -+ return false, false -+ } -+ defer close() -+ return true, FIPS() -+} -+ -+// Init loads and initializes OpenSSL from the shared library at path. -+// It must be called before any other OpenSSL call, except CheckVersion. -+// -+// Only the first call to Init is effective. -+// Subsequent calls will return the same error result as the one from the first call. -+// -+// The file is passed to dlopen() verbatim to load the OpenSSL shared library. -+// For example, `file=libcrypto.so.1.1.1k-fips` makes Init look for the shared -+// library libcrypto.so.1.1.1k-fips. -+func Init(file string) error { -+ initOnce.Do(func() { -+ buf := [2]byte{} -+ *(*uint16)(unsafe.Pointer(&buf[0])) = uint16(0xABCD) -+ -+ switch buf { -+ case [2]byte{0xCD, 0xAB}: -+ isBigEndian = false -+ case [2]byte{0xAB, 0xCD}: -+ isBigEndian = true -+ default: -+ panic("Could not determine native endianness.") -+ } -+ initErr = opensslInit(file) -+ }) -+ return initErr -+} -+ -+func utoa(n uint) string { -+ return strconv.FormatUint(uint64(n), 10) -+} -+ -+func errUnsupportedVersion() error { -+ return errors.New("openssl: OpenSSL version: " + utoa(vMajor) + "." + utoa(vMinor) + "." + utoa(vPatch)) -+} -+ -+// checkMajorVersion panics if the current major version is not expected. -+func checkMajorVersion(expected uint) { -+ if vMajor != expected { -+ panic("openssl: incorrect major version (" + strconv.Itoa(int(vMajor)) + "), expected " + strconv.Itoa(int(expected))) -+ } -+} -+ -+type fail string -+ -+func (e fail) Error() string { return "openssl: " + string(e) + " failed" } -+ -+// VersionText returns the version text of the OpenSSL currently loaded. -+func VersionText() string { -+ return C.GoString((*C.char)(unsafe.Pointer(ossl.OpenSSL_version(0)))) -+} -+ -+// FIPS returns true if OpenSSL is running in FIPS mode and there is -+// a provider available that supports FIPS. It returns false otherwise. -+// All OpenSSL functions used in here should be tagged with "init_1" or "init_3" in shims.h. -+func FIPS() bool { -+ switch vMajor { -+ case 1: -+ return ossl.FIPS_mode() == 1 -+ case 3: -+ // Check if the default properties contain `fips=1`. -+ if ossl.EVP_default_properties_is_fips_enabled(nil) != 1 { -+ // Note that it is still possible that the provider used by default is FIPS-compliant, -+ // but that wouldn't be a system or user requirement. -+ return false -+ } -+ // Check if the SHA-256 algorithm is available. If it is, then we can be sure that there is a provider available that matches -+ // the `fips=1` query. Most notably, this works for the common case of using the built-in FIPS provider. -+ // -+ // Note that this approach has a small chance of false negative if the FIPS provider doesn't provide the SHA-256 algorithm, -+ // but that is highly unlikely because SHA-256 is one of the most common algorithms and fundamental to many cryptographic operations. -+ // It also has a small chance of false positive if the FIPS provider implements the SHA-256 algorithm but not the other algorithms -+ // used by the caller application, but that is also unlikely because the FIPS provider should provide all common algorithms. -+ return proveSHA256("") -+ default: -+ panic(errUnsupportedVersion()) -+ } -+} -+ -+// FIPSCapable returns true if the provider used by default matches the `fips=yes` query. -+// It is useful for checking whether OpenSSL is capable of running in FIPS mode regardless -+// of whether FIPS mode is explicitly enabled. For example, Azure Linux 3 doesn't set the -+// `fips=yes` query in the default properties, but sets the default provider to be SCOSSL, -+// which is FIPS-capable. -+// -+// Considerations: -+// - Multiple calls to FIPSCapable can return different values if [SetFIPS] is called in between. -+// - Can return true even if [FIPS] returns false, because [FIPS] also checks whether -+// the default properties contain `fips=yes`. -+// - When using OpenSSL 3, will always return true if [FIPS] returns true. -+// - When using OpenSSL 1, Will always return the same value as [FIPS]. -+// - OpenSSL 3 doesn't provide a way to know if a provider is FIPS-capable. This function uses -+// some heuristics that should be treated as an implementation detail that may change in the future. -+func FIPSCapable() bool { -+ if FIPS() { -+ return true -+ } -+ if vMajor == 3 { -+ // Load the provider with and without the `fips=yes` query. -+ // If the providers are the same, then the default provider is FIPS-capable. -+ provFIPS := sha256Provider(_ProviderNameFips) -+ if provFIPS == nil { -+ return false -+ } -+ provDefault := sha256Provider("") -+ return provFIPS == provDefault -+ } -+ return false -+} -+ -+// isProviderAvailable checks if the provider with the given name is available. -+// This function is used in export_test.go, but must be defined here as test files can't access C functions. -+func isProviderAvailable(name string) bool { -+ if vMajor == 1 { -+ return false -+ } -+ providerName := C.CString(name) -+ defer C.free(unsafe.Pointer(providerName)) -+ return ossl.OSSL_PROVIDER_available(nil, (*byte)(unsafe.Pointer(providerName))) == 1 -+} -+ -+// SetFIPS enables or disables FIPS mode. -+// -+// For OpenSSL 3, if there is no provider available that supports FIPS mode, -+// SetFIPS will try to load a built-in provider that supports FIPS mode. -+func SetFIPS(enable bool) error { -+ if FIPS() == enable { -+ // Already in the desired state. -+ return nil -+ } -+ var mode int32 -+ if enable { -+ mode = int32(1) -+ } else { -+ mode = int32(0) -+ } -+ switch vMajor { -+ case 1: -+ if _, err := ossl.FIPS_mode_set(mode); err != nil { -+ return err -+ } -+ return nil -+ case 3: -+ var shaProps, provName cString -+ if enable { -+ shaProps = _PropFIPSYes -+ provName = _ProviderNameFips -+ } else { -+ shaProps = _PropFIPSNo -+ provName = _ProviderNameDefault -+ } -+ if !proveSHA256(shaProps) { -+ // There is no provider available that supports the desired FIPS mode. -+ // Try to load the built-in provider associated with the given mode. -+ if p, _ := ossl.OSSL_PROVIDER_try_load(nil, provName.ptr(), 1); p == nil { -+ // The built-in provider was not loaded successfully, we can't enable FIPS mode. -+ ossl.ERR_clear_error() -+ return errors.New("openssl: FIPS mode not supported by any provider") -+ } -+ } -+ _, err := ossl.EVP_default_properties_enable_fips(nil, mode) -+ return err -+ default: -+ panic(errUnsupportedVersion()) -+ } -+} -+ -+// sha256Provider returns the provider for the SHA-256 algorithm -+// using the given properties. -+func sha256Provider(props cString) ossl.OSSL_PROVIDER_PTR { -+ md, _ := ossl.EVP_MD_fetch(nil, _DigestNameSHA2_256.ptr(), props.ptr()) -+ if md == nil { -+ ossl.ERR_clear_error() -+ return nil -+ } -+ defer ossl.EVP_MD_free(md) -+ return ossl.EVP_MD_get0_provider(md) -+} -+ -+// proveSHA256 checks if the SHA-256 algorithm is available -+// using the given properties. -+func proveSHA256(props cString) bool { -+ return sha256Provider(props) != nil -+} -+ -+var zero byte -+ -+// baseNeverEmpty returns the address of the underlying array in b. -+// If b has zero length, it returns a pointer to a zero byte. -+func baseNeverEmpty(b []byte) *byte { -+ if len(b) == 0 { -+ return &zero -+ } -+ return unsafe.SliceData(b) -+} -+ -+// pbaseNeverEmpty returns the address of the underlying array in b. -+// If b has zero length, it returns a pointer to a zero byte. -+func pbaseNeverEmpty(b []byte) unsafe.Pointer { -+ return unsafe.Pointer(baseNeverEmpty(b)) -+} -+ -+// pbase returns the address of the underlying array in b, -+// being careful not to panic when b has zero length. -+func pbase(b []byte) unsafe.Pointer { -+ return unsafe.Pointer(base(b)) -+} -+ -+// base returns the address of the underlying array in b, -+// being careful not to panic when b has zero length. -+func base(b []byte) *byte { -+ if len(b) == 0 { -+ return nil -+ } -+ return unsafe.SliceData(b) -+} -+ -+// cryptoMalloc allocates n bytes of memory on the OpenSSL heap, which may be -+// different from the heap which C.malloc allocates on. The allocated object -+// must be freed using cryptoFree. cryptoMalloc is equivalent to the -+// OPENSSL_malloc macro. -+// -+// Like C.malloc, this function is guaranteed to never return nil. If OpenSSL's -+// malloc indicates out of memory, it crashes the program. -+// -+// Only objects which the OpenSSL library will take ownership of (i.e. will be -+// freed by OPENSSL_free / CRYPTO_free) need to be allocated on the OpenSSL -+// heap. -+func cryptoMalloc(n int) unsafe.Pointer { -+ p, _ := ossl.CRYPTO_malloc(n, nil, 0) -+ if p == nil { -+ // Un-recover()-ably crash the program in the same manner as the -+ // C.malloc() wrapper function. -+ runtime_throw("openssl: CRYPTO_malloc failed") -+ } -+ return p -+} -+ -+// cryptoFree frees an object allocated on the OpenSSL heap, which may be -+// different from the heap which C.malloc allocates on. cryptoFree is equivalent -+// to the OPENSSL_free macro. -+func cryptoFree(p unsafe.Pointer) { -+ ossl.CRYPTO_free(p, nil, 0) -+} -+ -+const wordBytes = bits.UintSize / 8 -+ -+// Reverse each limb of z. -+func (z BigInt) byteSwap() { -+ for i, d := range z { -+ var n uint = 0 -+ for j := range wordBytes { -+ n |= uint(byte(d)) << (8 * (wordBytes - j - 1)) -+ d >>= 8 -+ } -+ z[i] = n -+ } -+} -+ -+func wbase(b BigInt) *byte { -+ if len(b) == 0 { -+ return nil -+ } -+ return (*byte)(unsafe.Pointer(unsafe.SliceData(b))) -+} -+ -+func bigToBN(x BigInt) (ossl.BIGNUM_PTR, error) { -+ if len(x) == 0 { -+ return nil, nil -+ } -+ if isBigEndian { -+ z := make(BigInt, len(x)) -+ copy(z, x) -+ z.byteSwap() -+ x = z -+ } -+ // Limbs are always ordered in LSB first, so we can safely apply -+ // BN_lebin2bn regardless of host endianness. -+ bn, err := ossl.BN_lebin2bn(wbase(x), int32(len(x)*wordBytes), nil) -+ if err != nil { -+ return nil, err -+ } -+ return bn, nil -+} -+ -+func bnToBig(bn ossl.BIGNUM_PTR) BigInt { -+ if bn == nil { -+ return nil -+ } -+ -+ // Limbs are always ordered in LSB first, so we can safely apply -+ // BN_bn2lebinpad regardless of host endianness. -+ x := make(BigInt, ossl.BN_num_bits(bn)) -+ if _, err := ossl.BN_bn2lebinpad(bn, wbase(x), int32(len(x)*wordBytes)); err != nil { -+ panic(err) -+ } -+ if isBigEndian { -+ x.byteSwap() -+ } -+ return x -+} -+ -+// bnToBinPad converts the absolute value of bn into big-endian form and stores -+// it at to, padding with zeroes if necessary. If len(to) is not large enough to -+// hold the result, an error is returned. -+func bnToBinPad(bn ossl.BIGNUM_PTR, to []byte) error { -+ _, err := ossl.BN_bn2binpad(bn, base(to), int32(len(to))) -+ return err -+} -+ -+func CheckLeaks() { -+ C.go_openssl_do_leak_check() -+} -+ -+// versionAtOrAbove returns true when -+// (vMajor, vMinor, vPatch) >= (major, minor, patch), -+// compared lexicographically. -+func versionAtOrAbove(major, minor, patch uint) bool { -+ return vMajor > major || (vMajor == major && vMinor > minor) || (vMajor == major && vMinor == minor && vPatch >= patch) -+} -+ -+func bigEndianUint64(b []byte) uint64 { -+ _ = b[7] // bounds check hint to compiler; see golang.org/issue/14808 -+ return uint64(b[7]) | uint64(b[6])<<8 | uint64(b[5])<<16 | uint64(b[4])<<24 | -+ uint64(b[3])<<32 | uint64(b[2])<<40 | uint64(b[1])<<48 | uint64(b[0])<<56 -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/params.go b/src/vendor/github.com/golang-fips/openssl/v2/params.go -new file mode 100644 -index 00000000000000..807f741a732735 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/params.go -@@ -0,0 +1,195 @@ -+//go:build !cmd_go_bootstrap -+ -+package openssl -+ -+import "C" -+import ( -+ "runtime" -+ -+ "github.com/golang-fips/openssl/v2/internal/ossl" -+) -+ -+type addParamError struct { -+ name string -+ err error -+} -+ -+func (e addParamError) Error() string { -+ return "failed to add parameter " + e.name + ": " + e.err.Error() -+} -+ -+type bnParam struct { -+ value ossl.BIGNUM_PTR -+ private bool -+} -+ -+// paramBuilder is a helper for building OSSL_PARAMs. -+// If an error occurs when adding a new parameter, -+// subsequent calls to add parameters are ignored -+// and build() will return the error. -+type paramBuilder struct { -+ bld ossl.OSSL_PARAM_BLD_PTR -+ pinner runtime.Pinner -+ bnToFree []bnParam -+ -+ err error -+} -+ -+// newParamBuilder creates a new paramBuilder. -+func newParamBuilder() (*paramBuilder, error) { -+ bld, err := ossl.OSSL_PARAM_BLD_new() -+ if err != nil { -+ return nil, err -+ } -+ pb := ¶mBuilder{ -+ bld: bld, -+ bnToFree: make([]bnParam, 0, 8), // the maximum known number of BIGNUMs to free are 8 for RSA -+ } -+ runtime.SetFinalizer(pb, (*paramBuilder).finalize) -+ return pb, nil -+} -+ -+// finalize frees the builder. -+func (b *paramBuilder) finalize() { -+ if b.bld != nil { -+ b.pinner.Unpin() -+ for _, bn := range b.bnToFree { -+ if bn.private { -+ ossl.BN_clear_free(bn.value) -+ } else { -+ ossl.BN_free(bn.value) -+ } -+ } -+ ossl.OSSL_PARAM_BLD_free(b.bld) -+ b.bld = nil -+ } -+} -+ -+// check is used internally to enforce invariants and should not be called by users of paramBuilder. -+// Returns true if it's ok to add parameters to the builder or build it. -+// Returns false if there has been an error while adding a parameter. -+// Panics if the paramBuilder has been freed, e.g. if it has already been built. -+func (b *paramBuilder) check() bool { -+ if b.err != nil { -+ return false -+ } -+ if b.bld == nil { -+ panic("openssl: paramBuilder has been freed") -+ } -+ return true -+} -+ -+// build creates an OSSL_PARAM from the builder. -+// The returned OSSL_PARAM must be freed with OSSL_PARAM_free. -+// If an error occurred while adding parameters, the error is returned -+// and the OSSL_PARAM is nil. Once build() is called, the builder is finalized -+// and cannot be reused. -+func (b *paramBuilder) build() (ossl.OSSL_PARAM_PTR, error) { -+ defer b.finalize() -+ if !b.check() { -+ return nil, b.err -+ } -+ param, err := ossl.OSSL_PARAM_BLD_to_param(b.bld) -+ if err != nil { -+ return nil, err -+ } -+ return param, nil -+} -+ -+// addUTF8String adds a NUL-terminated UTF-8 string to the builder. -+// size should not include the terminating NUL byte. If size is zero, then it will be calculated. -+func (b *paramBuilder) addUTF8String(name cString, value *byte, size int) { -+ if !b.check() { -+ return -+ } -+ // OSSL_PARAM_BLD_push_utf8_string calculates the size if it is zero. -+ if _, err := ossl.OSSL_PARAM_BLD_push_utf8_string(b.bld, name.ptr(), value, size); err != nil { -+ b.err = addParamError{name.str(), err} -+ } -+} -+ -+// addOctetString adds an octet string to the builder. -+// The value is pinned and will be unpinned when the builder is freed. -+func (b *paramBuilder) addOctetString(name cString, value []byte) { -+ if !b.check() { -+ return -+ } -+ if value == nil { -+ // Short-circuit a nil slice: don't pass anything at all to OpenSSL. -+ // OpenSSL 3.5.6 raises an error when passed null, and expects users -+ // to not call this function at all in this case. -+ // See https://github.com/openssl/openssl/issues/30728 -+ // -+ // Don't short-circuit empty slices, as they might have a meaning. -+ // For example, in KDFs an empty salt is different from a nil salt. -+ return -+ } -+ if len(value) != 0 { -+ b.pinner.Pin(&value[0]) -+ } -+ if _, err := ossl.OSSL_PARAM_BLD_push_octet_string(b.bld, name.ptr(), pbaseNeverEmpty(value), len(value)); err != nil { -+ b.err = addParamError{name.str(), err} -+ } -+} -+ -+// addInt32 adds an int32 to the builder. -+func (b *paramBuilder) addInt32(name cString, value int32) { -+ if !b.check() { -+ return -+ } -+ if _, err := ossl.OSSL_PARAM_BLD_push_int32(b.bld, name.ptr(), value); err != nil { -+ b.err = addParamError{name.str(), err} -+ } -+} -+ -+// addBN adds a GOossl.BIGNUM_PTR to the builder. -+func (b *paramBuilder) addBN(name cString, value ossl.BIGNUM_PTR) { -+ if !b.check() { -+ return -+ } -+ if _, err := ossl.OSSL_PARAM_BLD_push_BN(b.bld, name.ptr(), value); err != nil { -+ b.err = addParamError{name.str(), err} -+ } -+} -+ -+// addBin adds a byte slice to the builder. -+// The slice is converted to a BIGNUM using BN_bin2bn and freed when the builder is finalized. -+// If private is true, the BIGNUM will be cleared with BN_clear_free, -+// otherwise it will be freed with BN_free. -+func (b *paramBuilder) addBin(name cString, value []byte, private bool) { -+ if !b.check() { -+ return -+ } -+ if len(value) == 0 { -+ // Nothing to do. -+ return -+ } -+ bn, err := ossl.BN_bin2bn(base(value), int32(len(value)), nil) -+ if err != nil { -+ b.err = err -+ return -+ } -+ b.bnToFree = append(b.bnToFree, bnParam{bn, private}) -+ b.addBN(name, bn) -+} -+ -+// addBigInt adds a BigInt to the builder. -+// The BigInt is converted using bigToBN to a BIGNUM that is freed when the builder is finalized. -+// If private is true, the BIGNUM will be cleared with BN_clear_free, -+// otherwise it will be freed with BN_free. -+func (b *paramBuilder) addBigInt(name cString, value BigInt, private bool) { -+ if !b.check() { -+ return -+ } -+ if len(value) == 0 { -+ // Nothing to do. -+ return -+ } -+ bn, err := bigToBN(value) -+ if err != nil { -+ b.err = err -+ return -+ } -+ b.bnToFree = append(b.bnToFree, bnParam{bn, private}) -+ b.addBN(name, bn) -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/pbkdf2.go b/src/vendor/github.com/golang-fips/openssl/v2/pbkdf2.go -new file mode 100644 -index 00000000000000..ace373e6d7bb0f ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/pbkdf2.go -@@ -0,0 +1,55 @@ -+//go:build !cmd_go_bootstrap -+ -+package openssl -+ -+import "C" -+import ( -+ "errors" -+ "hash" -+ "sync" -+ -+ "github.com/golang-fips/openssl/v2/internal/ossl" -+) -+ -+// SupportsPBKDF2 reports whether the current OpenSSL version supports PBKDF2. -+func SupportsPBKDF2() bool { -+ switch vMajor { -+ case 1: -+ return true -+ case 3: -+ _, err := fetchPBKDF2() -+ return err == nil -+ default: -+ panic(errUnsupportedVersion()) -+ } -+} -+ -+// fetchPBKDF2 fetches the PBKDF2 algorithm. -+// It is safe to call this function concurrently. -+// The returned EVP_KDF_PTR shouldn't be freed. -+var fetchPBKDF2 = sync.OnceValues(func() (ossl.EVP_KDF_PTR, error) { -+ checkMajorVersion(3) -+ -+ kdf, err := ossl.EVP_KDF_fetch(nil, _OSSL_KDF_NAME_PBKDF2.ptr(), nil) -+ if err != nil { -+ return nil, err -+ } -+ return kdf, nil -+}) -+ -+func PBKDF2(password, salt []byte, iter, keyLen int, fh func() hash.Hash) ([]byte, error) { -+ h, err := hashFuncHash(fh) -+ if err != nil { -+ return nil, err -+ } -+ md := hashToMD(h) -+ if md == nil { -+ return nil, errors.New("unsupported hash function") -+ } -+ out := make([]byte, keyLen) -+ _, err = ossl.PKCS5_PBKDF2_HMAC(base(password), int32(len(password)), base(salt), int32(len(salt)), int32(iter), md, int32(keyLen), base(out)) -+ if err != nil { -+ return nil, err -+ } -+ return out, nil -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/provideropenssl.go b/src/vendor/github.com/golang-fips/openssl/v2/provideropenssl.go -new file mode 100644 -index 00000000000000..1d8f3ad00ead7e ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/provideropenssl.go -@@ -0,0 +1,239 @@ -+//go:build !cmd_go_bootstrap && cgo -+ -+package openssl -+ -+import ( -+ "crypto" -+ "errors" -+ "unsafe" -+ -+ "github.com/golang-fips/openssl/v2/internal/ossl" -+) -+ -+// This file contains code specific to the built-in OpenSSL providers. -+ -+// _OSSL_MD5_CTX layout is taken from -+// https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/include/openssl/md5.h#L33. -+type _OSSL_MD5_CTX struct { -+ h [4]uint32 -+ nl, nh uint32 -+ x [64]byte -+ nx uint32 -+} -+ -+func (d *_OSSL_MD5_CTX) UnmarshalBinary(b []byte) error { -+ b, d.h[0] = consumeUint32(b) -+ b, d.h[1] = consumeUint32(b) -+ b, d.h[2] = consumeUint32(b) -+ b, d.h[3] = consumeUint32(b) -+ b = b[copy(d.x[:], b):] -+ _, n := consumeUint64(b) -+ d.nl = uint32(n << 3) -+ d.nh = uint32(n >> 29) -+ d.nx = uint32(n) % 64 -+ return nil -+} -+ -+func (d *_OSSL_MD5_CTX) AppendBinary(buf []byte) ([]byte, error) { -+ buf = appendUint32(buf, d.h[0]) -+ buf = appendUint32(buf, d.h[1]) -+ buf = appendUint32(buf, d.h[2]) -+ buf = appendUint32(buf, d.h[3]) -+ buf = append(buf, d.x[:d.nx]...) -+ buf = append(buf, make([]byte, len(d.x)-int(d.nx))...) -+ buf = appendUint64(buf, uint64(d.nl)>>3|uint64(d.nh)<<29) -+ return buf, nil -+} -+ -+// _OSSL_SHA_CTX layout is taken from -+// https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/include/openssl/sha.h#L34. -+type _OSSL_SHA_CTX struct { -+ h [5]uint32 -+ nl, nh uint32 -+ x [64]byte -+ nx uint32 -+} -+ -+func (d *_OSSL_SHA_CTX) UnmarshalBinary(b []byte) error { -+ b, d.h[0] = consumeUint32(b) -+ b, d.h[1] = consumeUint32(b) -+ b, d.h[2] = consumeUint32(b) -+ b, d.h[3] = consumeUint32(b) -+ b, d.h[4] = consumeUint32(b) -+ b = b[copy(d.x[:], b):] -+ _, n := consumeUint64(b) -+ d.nl = uint32(n << 3) -+ d.nh = uint32(n >> 29) -+ d.nx = uint32(n) % 64 -+ return nil -+} -+ -+func (d *_OSSL_SHA_CTX) AppendBinary(buf []byte) ([]byte, error) { -+ buf = appendUint32(buf, d.h[0]) -+ buf = appendUint32(buf, d.h[1]) -+ buf = appendUint32(buf, d.h[2]) -+ buf = appendUint32(buf, d.h[3]) -+ buf = appendUint32(buf, d.h[4]) -+ buf = append(buf, d.x[:d.nx]...) -+ buf = append(buf, make([]byte, len(d.x)-int(d.nx))...) -+ buf = appendUint64(buf, uint64(d.nl)>>3|uint64(d.nh)<<29) -+ return buf, nil -+} -+ -+// _OSSL_SHA256_CTX layout is taken from -+// https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/include/openssl/sha.h#L51. -+type _OSSL_SHA256_CTX struct { -+ h [8]uint32 -+ nl, nh uint32 -+ x [64]byte -+ nx uint32 -+} -+ -+func (d *_OSSL_SHA256_CTX) UnmarshalBinary(b []byte) error { -+ b, d.h[0] = consumeUint32(b) -+ b, d.h[1] = consumeUint32(b) -+ b, d.h[2] = consumeUint32(b) -+ b, d.h[3] = consumeUint32(b) -+ b, d.h[4] = consumeUint32(b) -+ b, d.h[5] = consumeUint32(b) -+ b, d.h[6] = consumeUint32(b) -+ b, d.h[7] = consumeUint32(b) -+ b = b[copy(d.x[:], b):] -+ _, n := consumeUint64(b) -+ d.nl = uint32(n << 3) -+ d.nh = uint32(n >> 29) -+ d.nx = uint32(n) % 64 -+ return nil -+} -+ -+func (d *_OSSL_SHA256_CTX) AppendBinary(buf []byte) ([]byte, error) { -+ buf = appendUint32(buf, d.h[0]) -+ buf = appendUint32(buf, d.h[1]) -+ buf = appendUint32(buf, d.h[2]) -+ buf = appendUint32(buf, d.h[3]) -+ buf = appendUint32(buf, d.h[4]) -+ buf = appendUint32(buf, d.h[5]) -+ buf = appendUint32(buf, d.h[6]) -+ buf = appendUint32(buf, d.h[7]) -+ buf = append(buf, d.x[:d.nx]...) -+ buf = append(buf, make([]byte, len(d.x)-int(d.nx))...) -+ buf = appendUint64(buf, uint64(d.nl)>>3|uint64(d.nh)<<29) -+ return buf, nil -+} -+ -+// _OSSL_SHA512_CTX layout is taken from -+// https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/include/openssl/sha.h#L95. -+type _OSSL_SHA512_CTX struct { -+ h [8]uint64 -+ nl, nh uint64 -+ x [128]byte -+ nx uint32 -+} -+ -+func (d *_OSSL_SHA512_CTX) UnmarshalBinary(b []byte) error { -+ b, d.h[0] = consumeUint64(b) -+ b, d.h[1] = consumeUint64(b) -+ b, d.h[2] = consumeUint64(b) -+ b, d.h[3] = consumeUint64(b) -+ b, d.h[4] = consumeUint64(b) -+ b, d.h[5] = consumeUint64(b) -+ b, d.h[6] = consumeUint64(b) -+ b, d.h[7] = consumeUint64(b) -+ b = b[copy(d.x[:], b):] -+ _, n := consumeUint64(b) -+ d.nl = n << 3 -+ d.nh = n >> 61 -+ d.nx = uint32(n) % 128 -+ return nil -+} -+ -+func (d *_OSSL_SHA512_CTX) AppendBinary(buf []byte) ([]byte, error) { -+ buf = appendUint64(buf, d.h[0]) -+ buf = appendUint64(buf, d.h[1]) -+ buf = appendUint64(buf, d.h[2]) -+ buf = appendUint64(buf, d.h[3]) -+ buf = appendUint64(buf, d.h[4]) -+ buf = appendUint64(buf, d.h[5]) -+ buf = appendUint64(buf, d.h[6]) -+ buf = appendUint64(buf, d.h[7]) -+ buf = append(buf, d.x[:d.nx]...) -+ buf = append(buf, make([]byte, len(d.x)-int(d.nx))...) -+ buf = appendUint64(buf, d.nl>>3|d.nh<<61) -+ return buf, nil -+} -+ -+func getOSSLDigetsContext(ctx ossl.EVP_MD_CTX_PTR) unsafe.Pointer { -+ switch vMajor { -+ case 1: -+ // https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/crypto/evp/evp_local.h#L12. -+ type mdCtx struct { -+ _ [2]unsafe.Pointer -+ _ uint32 -+ md_data unsafe.Pointer -+ } -+ return (*mdCtx)(unsafe.Pointer(ctx)).md_data -+ case 3: -+ // The EVP_MD_CTX memory layout has changed in OpenSSL 3 -+ // and the property holding the internal structure is no longer md_data but algctx. -+ // https://github.com/openssl/openssl/blob/5675a5aaf6a2e489022bcfc18330dae9263e598e/crypto/evp/evp_local.h#L16. -+ type mdCtx struct { -+ _ [3]unsafe.Pointer -+ _ uint32 -+ _ [3]unsafe.Pointer -+ algctx unsafe.Pointer -+ } -+ return (*mdCtx)(unsafe.Pointer(ctx)).algctx -+ default: -+ panic(errUnsupportedVersion()) -+ } -+} -+ -+var errHashStateInvalid = errors.New("openssl: can't retrieve hash state") -+ -+func osslHashAppendBinary(ctx ossl.EVP_MD_CTX_PTR, ch crypto.Hash, magic string, buf []byte) ([]byte, error) { -+ algctx := getOSSLDigetsContext(ctx) -+ if algctx == nil { -+ return nil, errHashStateInvalid -+ } -+ buf = append(buf, magic...) -+ switch ch { -+ case crypto.MD5: -+ d := (*_OSSL_MD5_CTX)(unsafe.Pointer(algctx)) -+ return d.AppendBinary(buf) -+ case crypto.SHA1: -+ d := (*_OSSL_SHA_CTX)(unsafe.Pointer(algctx)) -+ return d.AppendBinary(buf) -+ case crypto.SHA224, crypto.SHA256: -+ d := (*_OSSL_SHA256_CTX)(unsafe.Pointer(algctx)) -+ return d.AppendBinary(buf) -+ case crypto.SHA384, crypto.SHA512_224, crypto.SHA512_256, crypto.SHA512: -+ d := (*_OSSL_SHA512_CTX)(unsafe.Pointer(algctx)) -+ return d.AppendBinary(buf) -+ default: -+ panic("unsupported hash " + ch.String()) -+ } -+} -+ -+func osslHashUnmarshalBinary(ctx ossl.EVP_MD_CTX_PTR, ch crypto.Hash, magic string, b []byte) error { -+ algctx := getOSSLDigetsContext(ctx) -+ if algctx == nil { -+ return errHashStateInvalid -+ } -+ b = b[len(magic):] -+ switch ch { -+ case crypto.MD5: -+ d := (*_OSSL_MD5_CTX)(unsafe.Pointer(algctx)) -+ return d.UnmarshalBinary(b) -+ case crypto.SHA1: -+ d := (*_OSSL_SHA_CTX)(unsafe.Pointer(algctx)) -+ return d.UnmarshalBinary(b) -+ case crypto.SHA224, crypto.SHA256: -+ d := (*_OSSL_SHA256_CTX)(unsafe.Pointer(algctx)) -+ return d.UnmarshalBinary(b) -+ case crypto.SHA384, crypto.SHA512_224, crypto.SHA512_256, crypto.SHA512: -+ d := (*_OSSL_SHA512_CTX)(unsafe.Pointer(algctx)) -+ return d.UnmarshalBinary(b) -+ default: -+ panic("unsupported hash " + ch.String()) -+ } -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/providersymcrypt.go b/src/vendor/github.com/golang-fips/openssl/v2/providersymcrypt.go -new file mode 100644 -index 00000000000000..693849f152f9c1 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/providersymcrypt.go -@@ -0,0 +1,338 @@ -+//go:build !cmd_go_bootstrap && cgo -+ -+package openssl -+ -+import ( -+ "crypto" -+ "errors" -+ "runtime" -+ "unsafe" -+ -+ "github.com/golang-fips/openssl/v2/internal/ossl" -+) -+ -+// This file contains code specific to the SymCrypt provider. -+ -+const ( -+ _SCOSSL_DIGEST_PARAM_STATE cString = "state\x00" -+ _SCOSSL_DIGEST_PARAM_RECOMPUTE_CHECKSUM cString = "recompute_checksum\x00" -+) -+ -+const ( -+ _SYMCRYPT_BLOB_MAGIC = 0x636D7973 // "cysm" in little-endian -+ -+ _SymCryptBlobTypeHashState = 0x100 -+ _SymCryptBlobTypeMd2State = _SymCryptBlobTypeHashState + 1 -+ _SymCryptBlobTypeMd4State = _SymCryptBlobTypeHashState + 2 -+ _SymCryptBlobTypeMd5State = _SymCryptBlobTypeHashState + 3 -+ _SymCryptBlobTypeSha1State = _SymCryptBlobTypeHashState + 4 -+ _SymCryptBlobTypeSha256State = _SymCryptBlobTypeHashState + 5 -+ _SymCryptBlobTypeSha384State = _SymCryptBlobTypeHashState + 6 -+ _SymCryptBlobTypeSha512State = _SymCryptBlobTypeHashState + 7 -+ _SymCryptBlobTypeSha3_256State = _SymCryptBlobTypeHashState + 8 -+ _SymCryptBlobTypeSha3_384State = _SymCryptBlobTypeHashState + 9 -+ _SymCryptBlobTypeSha3_512State = _SymCryptBlobTypeHashState + 10 -+ _SymCryptBlobTypeSha224State = _SymCryptBlobTypeHashState + 11 -+ _SymCryptBlobTypeSha512_224State = _SymCryptBlobTypeHashState + 12 -+ _SymCryptBlobTypeSha512_256State = _SymCryptBlobTypeHashState + 13 -+ _SymCryptBlobTypeSha3_224State = _SymCryptBlobTypeHashState + 14 -+ -+ _SYMCRYPT_MD5_STATE_EXPORT_SIZE = uint32(unsafe.Sizeof(_SYMCRYPT_MD5_STATE_EXPORT_BLOB{})) -+ _SYMCRYPT_SHA1_STATE_EXPORT_SIZE = uint32(unsafe.Sizeof(_SYMCRYPT_SHA1_STATE_EXPORT_BLOB{})) -+ _SYMCRYPT_SHA256_STATE_EXPORT_SIZE = uint32(unsafe.Sizeof(_SYMCRYPT_SHA256_STATE_EXPORT_BLOB{})) -+ _SYMCRYPT_SHA512_STATE_EXPORT_SIZE = uint32(unsafe.Sizeof(_SYMCRYPT_SHA512_STATE_EXPORT_BLOB{})) -+) -+ -+type _SYMCRYPT_BLOB_HEADER struct { -+ magic uint32 -+ size uint32 -+ _type uint32 -+} -+ -+type _SYMCRYPT_BLOB_TRAILER struct { -+ checksum [8]uint8 -+} -+ -+// _UINT64 is a 64-bit unsigned integer, stored in native endianess. -+// It is used to represent a SymCrypt UINT64 type without making the -+// parent struct 8-byte aligned, given that the Windows ABI makes -+// the struct 4-byte aligned. -+type _UINT64 [2]uint32 -+ -+func newUINT64(v uint64) _UINT64 { -+ var u _UINT64 -+ if isBigEndian { -+ u[0], u[1] = uint32(v>>32), uint32(v) -+ } else { -+ u[0], u[1] = uint32(v), uint32(v>>32) -+ } -+ return u -+} -+ -+func (u *_UINT64) uint64() uint64 { -+ if isBigEndian { -+ return uint64(u[0])<<32 | (uint64(u[1])) -+ } -+ return uint64(u[0]) | (uint64(u[1]) << 32) -+} -+ -+// symCryptAppendBinary appends the binary representation of a SymCrypt state -+// to the given destination slice. -+func symCryptAppendBinary(dst, chain, buffer []byte, blength _UINT64) []byte { -+ length := blength.uint64() -+ var nx uint64 -+ if len(buffer) <= 64 { -+ nx = length & 0x3f -+ } else { -+ nx = length & 0x7f -+ } -+ dst = append(dst, chain...) -+ dst = append(dst, buffer[:nx]...) -+ dst = append(dst, make([]byte, len(buffer)-int(nx))...) -+ dst = appendUint64(dst, length) -+ return dst -+} -+ -+// symCryptUnmarshalBinary unmarshals the binary representation of a SymCrypt state -+// from the given source slice. It returns the length of the data. -+func symCryptUnmarshalBinary(d []byte, chain, buffer []byte) _UINT64 { -+ copy(chain[:], d) -+ d = d[len(chain):] -+ copy(buffer[:], d) -+ d = d[len(buffer):] -+ _, length := consumeUint64(d) -+ return newUINT64(length) -+} -+ -+// swapEndianessUint32 swaps the endianness of the given byte slice -+// in place. It assumes the slice is a backup of a 32-bit integer array. -+func swapEndianessUint32(d []uint8) { -+ for i := 0; i < len(d); i += 4 { -+ d[i], d[i+3] = d[i+3], d[i] -+ d[i+1], d[i+2] = d[i+2], d[i+1] -+ } -+ -+} -+ -+type _SYMCRYPT_MD5_STATE_EXPORT_BLOB struct { -+ header _SYMCRYPT_BLOB_HEADER -+ chain [16]uint8 // little endian -+ length _UINT64 // native endian -+ buffer [64]uint8 -+ _ [8]uint8 // reserved -+ _ _SYMCRYPT_BLOB_TRAILER -+} -+ -+func (b *_SYMCRYPT_MD5_STATE_EXPORT_BLOB) appendBinary(d []byte) ([]byte, error) { -+ // b.chain is little endian, but Go expects big endian, -+ // we need to swap the bytes. -+ swapEndianessUint32(b.chain[:]) -+ return symCryptAppendBinary(d, b.chain[:], b.buffer[:], b.length), nil -+} -+ -+func (b *_SYMCRYPT_MD5_STATE_EXPORT_BLOB) unmarshalBinary(d []byte) { -+ b.length = symCryptUnmarshalBinary(d, b.chain[:], b.buffer[:]) -+ swapEndianessUint32(b.chain[:]) -+} -+ -+type _SYMCRYPT_SHA1_STATE_EXPORT_BLOB struct { -+ header _SYMCRYPT_BLOB_HEADER -+ chain [20]uint8 // big endian -+ length _UINT64 // native endian -+ buffer [64]uint8 -+ _ [8]uint8 // reserved -+ _ _SYMCRYPT_BLOB_TRAILER -+} -+ -+func (b *_SYMCRYPT_SHA1_STATE_EXPORT_BLOB) appendBinary(d []byte) ([]byte, error) { -+ return symCryptAppendBinary(d, b.chain[:], b.buffer[:], b.length), nil -+} -+ -+func (b *_SYMCRYPT_SHA1_STATE_EXPORT_BLOB) unmarshalBinary(d []byte) { -+ b.length = symCryptUnmarshalBinary(d, b.chain[:], b.buffer[:]) -+} -+ -+type _SYMCRYPT_SHA256_STATE_EXPORT_BLOB struct { -+ header _SYMCRYPT_BLOB_HEADER -+ chain [32]uint8 // big endian -+ length _UINT64 // native endian -+ buffer [64]uint8 -+ _ [8]uint8 // reserved -+ _ _SYMCRYPT_BLOB_TRAILER -+} -+ -+func (b *_SYMCRYPT_SHA256_STATE_EXPORT_BLOB) appendBinary(d []byte) ([]byte, error) { -+ return symCryptAppendBinary(d, b.chain[:], b.buffer[:], b.length), nil -+} -+ -+func (b *_SYMCRYPT_SHA256_STATE_EXPORT_BLOB) unmarshalBinary(d []byte) { -+ b.length = symCryptUnmarshalBinary(d, b.chain[:], b.buffer[:]) -+} -+ -+type _SYMCRYPT_SHA512_STATE_EXPORT_BLOB struct { -+ header _SYMCRYPT_BLOB_HEADER -+ chain [64]uint8 // big endian -+ lengthL _UINT64 // native endian -+ lengthH _UINT64 // native endian -+ buffer [128]uint8 -+ _ [8]uint8 // reserved -+ _ _SYMCRYPT_BLOB_TRAILER -+} -+ -+func (b *_SYMCRYPT_SHA512_STATE_EXPORT_BLOB) appendBinary(d []byte) ([]byte, error) { -+ if b.lengthH.uint64() != 0 { -+ return nil, errors.New("exporting state with more than 2^63-1 bytes of data is not supported") -+ } -+ return symCryptAppendBinary(d, b.chain[:], b.buffer[:], b.lengthL), nil -+} -+ -+func (b *_SYMCRYPT_SHA512_STATE_EXPORT_BLOB) unmarshalBinary(d []byte) { -+ b.lengthL = symCryptUnmarshalBinary(d, b.chain[:], b.buffer[:]) -+} -+ -+func symCryptHashAppendBinary(ctx ossl.EVP_MD_CTX_PTR, ch crypto.Hash, magic string, buf []byte) ([]byte, error) { -+ size, typ := symCryptHashStateInfo(ch) -+ state := make([]byte, size, _SYMCRYPT_SHA512_STATE_EXPORT_SIZE) // 512 is the largest size -+ var pinner runtime.Pinner -+ pinner.Pin(&state[0]) -+ defer pinner.Unpin() -+ params := [2]ossl.OSSL_PARAM{ -+ ossl.OSSL_PARAM_construct_octet_string(_SCOSSL_DIGEST_PARAM_STATE.ptr(), unsafe.Pointer(&state[0]), len(state)), -+ ossl.OSSL_PARAM_construct_end(), -+ } -+ if _, err := ossl.EVP_MD_CTX_get_params(ctx, (ossl.OSSL_PARAM_PTR)(unsafe.Pointer(¶ms[0]))); err != nil { -+ return nil, err -+ } -+ if !ossl.OSSL_PARAM_modified(¶ms[0]) { -+ return nil, errors.New("EVP_MD_CTX_get_params did not retrieve the state") -+ } -+ -+ header := (*_SYMCRYPT_BLOB_HEADER)(unsafe.Pointer(&state[0])) -+ if header.magic != _SYMCRYPT_BLOB_MAGIC { -+ return nil, errors.New("invalid blob magic") -+ } -+ if header.size != size { -+ return nil, errors.New("invalid blob size") -+ } -+ if header._type != typ { -+ return nil, errors.New("invalid blob type") -+ } -+ -+ buf = append(buf, magic...) -+ switch ch { -+ case crypto.MD5: -+ blob := (*_SYMCRYPT_MD5_STATE_EXPORT_BLOB)(unsafe.Pointer(&state[0])) -+ return blob.appendBinary(buf) -+ case crypto.SHA1: -+ blob := (*_SYMCRYPT_SHA1_STATE_EXPORT_BLOB)(unsafe.Pointer(&state[0])) -+ return blob.appendBinary(buf) -+ case crypto.SHA224, crypto.SHA256: -+ blob := (*_SYMCRYPT_SHA256_STATE_EXPORT_BLOB)(unsafe.Pointer(&state[0])) -+ return blob.appendBinary(buf) -+ case crypto.SHA384, crypto.SHA512_224, crypto.SHA512_256, crypto.SHA512: -+ blob := (*_SYMCRYPT_SHA512_STATE_EXPORT_BLOB)(unsafe.Pointer(&state[0])) -+ return blob.appendBinary(buf) -+ default: -+ panic("unsupported hash " + ch.String()) -+ } -+} -+ -+func symCryptHashUnmarshalBinary(ctx ossl.EVP_MD_CTX_PTR, ch crypto.Hash, magic string, b []byte) error { -+ size, typ := symCryptHashStateInfo(ch) -+ hdr := _SYMCRYPT_BLOB_HEADER{ -+ magic: _SYMCRYPT_BLOB_MAGIC, -+ size: size, -+ _type: typ, -+ } -+ var blobPtr unsafe.Pointer -+ b = b[len(magic):] -+ switch ch { -+ case crypto.MD5: -+ var blob _SYMCRYPT_MD5_STATE_EXPORT_BLOB -+ blobPtr = unsafe.Pointer(&blob) -+ blob.header = hdr -+ blob.unmarshalBinary(b) -+ case crypto.SHA1: -+ var blob _SYMCRYPT_SHA1_STATE_EXPORT_BLOB -+ blobPtr = unsafe.Pointer(&blob) -+ blob.header = hdr -+ blob.unmarshalBinary(b) -+ case crypto.SHA224, crypto.SHA256: -+ var blob _SYMCRYPT_SHA256_STATE_EXPORT_BLOB -+ blobPtr = unsafe.Pointer(&blob) -+ blob.header = hdr -+ blob.unmarshalBinary(b) -+ case crypto.SHA384, crypto.SHA512_224, crypto.SHA512_256, crypto.SHA512: -+ var blob _SYMCRYPT_SHA512_STATE_EXPORT_BLOB -+ blobPtr = unsafe.Pointer(&blob) -+ blob.header = hdr -+ blob.unmarshalBinary(b) -+ default: -+ panic("unsupported hash " + ch.String()) -+ } -+ var checksum int32 = 1 -+ var pinner runtime.Pinner -+ pinner.Pin(blobPtr) -+ pinner.Pin(&checksum) -+ defer pinner.Unpin() -+ params := [3]ossl.OSSL_PARAM{ -+ ossl.OSSL_PARAM_construct_octet_string(_SCOSSL_DIGEST_PARAM_STATE.ptr(), blobPtr, int(hdr.size)), -+ ossl.OSSL_PARAM_construct_int32(_SCOSSL_DIGEST_PARAM_RECOMPUTE_CHECKSUM.ptr(), &checksum), -+ ossl.OSSL_PARAM_construct_end(), -+ } -+ _, err := ossl.EVP_MD_CTX_set_params(ctx, (ossl.OSSL_PARAM_PTR)(unsafe.Pointer(¶ms[0]))) -+ return err -+} -+ -+func symCryptHashStateInfo(ch crypto.Hash) (size, typ uint32) { -+ switch ch { -+ case crypto.MD5: -+ return _SYMCRYPT_MD5_STATE_EXPORT_SIZE, _SymCryptBlobTypeMd5State -+ case crypto.SHA1: -+ return _SYMCRYPT_SHA1_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha1State -+ case crypto.SHA224: -+ return _SYMCRYPT_SHA256_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha224State -+ case crypto.SHA256: -+ return _SYMCRYPT_SHA256_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha256State -+ case crypto.SHA384: -+ return _SYMCRYPT_SHA512_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha384State -+ case crypto.SHA512_224: -+ return _SYMCRYPT_SHA512_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha512_224State -+ case crypto.SHA512_256: -+ return _SYMCRYPT_SHA512_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha512_256State -+ case crypto.SHA512: -+ return _SYMCRYPT_SHA512_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha512State -+ default: -+ panic("unsupported hash " + ch.String()) -+ } -+} -+ -+// isSymCryptHashStateSerializable checks if the SymCrypt hash state is serializable. -+func isSymCryptHashStateSerializable(md ossl.EVP_MD_PTR) bool { -+ ctx, err := ossl.EVP_MD_CTX_new() -+ if err != nil { -+ return false -+ } -+ defer ossl.EVP_MD_CTX_free(ctx) -+ if _, err := ossl.EVP_DigestInit_ex(ctx, md, nil); err != nil { -+ return false -+ } -+ params, err := ossl.EVP_MD_CTX_gettable_params(ctx) -+ if err != nil { -+ return false -+ } -+ if _, err = ossl.OSSL_PARAM_locate_const(params, _SCOSSL_DIGEST_PARAM_STATE.ptr()); err != nil { -+ return false -+ } -+ params, err = ossl.EVP_MD_CTX_settable_params(ctx) -+ if err != nil { -+ return false -+ } -+ if _, err = ossl.OSSL_PARAM_locate_const(params, _SCOSSL_DIGEST_PARAM_STATE.ptr()); err != nil { -+ return false -+ } -+ if _, err = ossl.OSSL_PARAM_locate_const(params, _SCOSSL_DIGEST_PARAM_RECOMPUTE_CHECKSUM.ptr()); err != nil { -+ return false -+ } -+ return true -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/rand.go b/src/vendor/github.com/golang-fips/openssl/v2/rand.go -new file mode 100644 -index 00000000000000..34f376bed8f091 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/rand.go -@@ -0,0 +1,22 @@ -+//go:build !cmd_go_bootstrap -+ -+package openssl -+ -+import "C" -+import "github.com/golang-fips/openssl/v2/internal/ossl" -+ -+type randReader int -+ -+func (randReader) Read(b []byte) (int, error) { -+ if len(b) == 0 { -+ return 0, nil -+ } -+ // Note: RAND_bytes should never fail; the return value exists only for historical reasons. -+ // We check it even so. -+ if _, err := ossl.RAND_bytes(base(b), int32(len(b))); err != nil { -+ return 0, err -+ } -+ return len(b), nil -+} -+ -+const RandReader = randReader(0) -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/rc4.go b/src/vendor/github.com/golang-fips/openssl/v2/rc4.go -new file mode 100644 -index 00000000000000..b585668e281d2a ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/rc4.go -@@ -0,0 +1,69 @@ -+//go:build !cmd_go_bootstrap -+ -+package openssl -+ -+import "C" -+import ( -+ "runtime" -+ -+ "github.com/golang-fips/openssl/v2/internal/ossl" -+) -+ -+// SupportsRC4 returns true if NewRC4Cipher is supported. -+func SupportsRC4() bool { -+ // True for stock OpenSSL 1 w/o FIPS. -+ // False for stock OpenSSL 3 unless the legacy provider is available. -+ return (versionAtOrAbove(3, 0, 0) || !FIPS()) && loadCipher(cipherRC4, cipherModeNone) != nil -+} -+ -+// A RC4Cipher is an instance of RC4 using a particular key. -+type RC4Cipher struct { -+ ctx ossl.EVP_CIPHER_CTX_PTR -+} -+ -+// NewRC4Cipher creates and returns a new Cipher. -+func NewRC4Cipher(key []byte) (*RC4Cipher, error) { -+ ctx, err := newCipherCtx(cipherRC4, cipherModeNone, cipherOpEncrypt, key, nil) -+ if err != nil { -+ return nil, err -+ } -+ c := &RC4Cipher{ctx} -+ runtime.SetFinalizer(c, (*RC4Cipher).finalize) -+ return c, nil -+} -+ -+func (c *RC4Cipher) finalize() { -+ if c.ctx != nil { -+ ossl.EVP_CIPHER_CTX_free(c.ctx) -+ } -+} -+ -+// Reset zeros the key data and makes the Cipher unusable. -+func (c *RC4Cipher) Reset() { -+ if c.ctx != nil { -+ ossl.EVP_CIPHER_CTX_free(c.ctx) -+ c.ctx = nil -+ } -+} -+ -+// XORKeyStream sets dst to the result of XORing src with the key stream. -+// Dst and src must overlap entirely or not at all. -+func (c *RC4Cipher) XORKeyStream(dst, src []byte) { -+ if c.ctx == nil || len(src) == 0 { -+ return -+ } -+ if inexactOverlap(dst[:len(src)], src) { -+ panic("crypto/rc4: invalid buffer overlap") -+ } -+ // panic if len(dst) < len(src) with a runtime out of bound error, -+ // which is what crypto/rc4 does. -+ _ = dst[len(src)-1] -+ var outLen int32 -+ if _, err := ossl.EVP_EncryptUpdate(c.ctx, base(dst), &outLen, base(src), int32(len(src))); err != nil { -+ panic("crypto/rc4: " + err.Error()) -+ } -+ if int(outLen) != len(src) { -+ panic("crypto/rc4: src not fully XORed") -+ } -+ runtime.KeepAlive(c) -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/rsa.go b/src/vendor/github.com/golang-fips/openssl/v2/rsa.go -new file mode 100644 -index 00000000000000..7c1a3f06f5ec40 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/rsa.go -@@ -0,0 +1,366 @@ -+//go:build !cmd_go_bootstrap -+ -+package openssl -+ -+import "C" -+import ( -+ "crypto" -+ "crypto/subtle" -+ "errors" -+ "hash" -+ "runtime" -+ "unsafe" -+ -+ "github.com/golang-fips/openssl/v2/internal/ossl" -+) -+ -+func GenerateKeyRSA(bits int) (N, E, D, P, Q, Dp, Dq, Qinv BigInt, err error) { -+ bad := func(e error) (N, E, D, P, Q, Dp, Dq, Qinv BigInt, err error) { -+ return nil, nil, nil, nil, nil, nil, nil, nil, e -+ } -+ pkey, err := generateEVPPKey(ossl.EVP_PKEY_RSA, int32(bits), "") -+ if err != nil { -+ return bad(err) -+ } -+ defer ossl.EVP_PKEY_free(pkey) -+ switch vMajor { -+ case 1: -+ key, err := ossl.EVP_PKEY_get1_RSA(pkey) -+ if err != nil { -+ return bad(err) -+ } -+ defer ossl.RSA_free(key) -+ var n, e, d, p, q, dmp1, dmq1, iqmp ossl.BIGNUM_PTR -+ ossl.RSA_get0_key(key, &n, &e, &d) -+ ossl.RSA_get0_factors(key, &p, &q) -+ ossl.RSA_get0_crt_params(key, &dmp1, &dmq1, &iqmp) -+ N, E, D = bnToBig(n), bnToBig(e), bnToBig(d) -+ P, Q = bnToBig(p), bnToBig(q) -+ Dp, Dq, Qinv = bnToBig(dmp1), bnToBig(dmq1), bnToBig(iqmp) -+ case 3: -+ tmp, err := ossl.BN_new() -+ if err != nil { -+ return bad(err) -+ } -+ defer func() { -+ ossl.BN_clear_free(tmp) -+ }() -+ setBigInt := func(bi *BigInt, param cString) bool { -+ if err != nil { -+ return false -+ } -+ if _, err = ossl.EVP_PKEY_get_bn_param(pkey, param.ptr(), &tmp); err != nil { -+ return false -+ } -+ *bi = bnToBig(tmp) -+ ossl.BN_clear(tmp) -+ return true -+ } -+ if !(setBigInt(&N, _OSSL_PKEY_PARAM_RSA_N) && -+ setBigInt(&E, _OSSL_PKEY_PARAM_RSA_E) && -+ setBigInt(&D, _OSSL_PKEY_PARAM_RSA_D) && -+ setBigInt(&P, _OSSL_PKEY_PARAM_RSA_FACTOR1) && -+ setBigInt(&Q, _OSSL_PKEY_PARAM_RSA_FACTOR2) && -+ setBigInt(&Dp, _OSSL_PKEY_PARAM_RSA_EXPONENT1) && -+ setBigInt(&Dq, _OSSL_PKEY_PARAM_RSA_EXPONENT2) && -+ setBigInt(&Qinv, _OSSL_PKEY_PARAM_RSA_COEFFICIENT1)) { -+ return bad(err) -+ } -+ default: -+ panic(errUnsupportedVersion()) -+ } -+ return -+} -+ -+type PublicKeyRSA struct { -+ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. -+ _pkey ossl.EVP_PKEY_PTR -+} -+ -+func NewPublicKeyRSA(n, e BigInt) (*PublicKeyRSA, error) { -+ var pkey ossl.EVP_PKEY_PTR -+ switch vMajor { -+ case 1: -+ key, err := ossl.RSA_new() -+ if err != nil { -+ return nil, err -+ } -+ // No need to check for errors here, RSA_set0_* functions will fail -+ // if the BNs are NULL and we will free non-NULL BNs in the error handling. -+ bn, _ := bigToBN(n) -+ be, _ := bigToBN(e) -+ if _, err := ossl.RSA_set0_key(key, bn, be, nil); err != nil { -+ ossl.BN_free(bn) -+ ossl.BN_free(be) -+ ossl.RSA_free(key) -+ return nil, err -+ } -+ pkey, err = ossl.EVP_PKEY_new() -+ if err != nil { -+ ossl.RSA_free(key) -+ return nil, err -+ } -+ if _, err := ossl.EVP_PKEY_assign(pkey, ossl.EVP_PKEY_RSA, (unsafe.Pointer)(key)); err != nil { -+ ossl.RSA_free(key) -+ ossl.EVP_PKEY_free(pkey) -+ return nil, err -+ } -+ case 3: -+ var err error -+ if pkey, err = newRSAKey3(false, n, e, nil, nil, nil, nil, nil, nil); err != nil { -+ return nil, err -+ } -+ default: -+ panic(errUnsupportedVersion()) -+ } -+ k := &PublicKeyRSA{_pkey: pkey} -+ runtime.SetFinalizer(k, (*PublicKeyRSA).finalize) -+ return k, nil -+} -+ -+func (k *PublicKeyRSA) finalize() { -+ ossl.EVP_PKEY_free(k._pkey) -+} -+ -+func (k *PublicKeyRSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { -+ // Because of the finalizer, any time _pkey is passed to cgo, that call must -+ // be followed by a call to runtime.KeepAlive, to make sure k is not -+ // collected (and finalized) before the cgo call returns. -+ defer runtime.KeepAlive(k) -+ return f(k._pkey) -+} -+ -+type PrivateKeyRSA struct { -+ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. -+ _pkey ossl.EVP_PKEY_PTR -+} -+ -+func NewPrivateKeyRSA(n, e, d, p, q, dp, dq, qinv BigInt) (*PrivateKeyRSA, error) { -+ var pkey ossl.EVP_PKEY_PTR -+ switch vMajor { -+ case 1: -+ key, err := ossl.RSA_new() -+ if err != nil { -+ return nil, err -+ } -+ // No need to check for errors here, RSA_set0_* functions will fail -+ // if the BNs are NULL and we will free non-NULL BNs in the error handling. -+ bn, _ := bigToBN(n) -+ be, _ := bigToBN(e) -+ bd, _ := bigToBN(d) -+ if _, err := ossl.RSA_set0_key(key, bn, be, bd); err != nil { -+ ossl.BN_free(bn) -+ ossl.BN_free(be) -+ ossl.BN_clear_free(bd) -+ return nil, err -+ } -+ if p != nil && q != nil { -+ bp, _ := bigToBN(p) -+ bq, _ := bigToBN(q) -+ if _, err := ossl.RSA_set0_factors(key, bp, bq); err != nil { -+ ossl.BN_clear_free(bp) -+ ossl.BN_clear_free(bq) -+ return nil, err -+ } -+ } -+ if dp != nil && dq != nil && qinv != nil { -+ bdp, _ := bigToBN(dp) -+ bdq, _ := bigToBN(dq) -+ bqinv, _ := bigToBN(qinv) -+ if _, err := ossl.RSA_set0_crt_params(key, bdp, bdq, bqinv); err != nil { -+ ossl.BN_free(bdp) -+ ossl.BN_free(bdq) -+ ossl.BN_free(bqinv) -+ return nil, err -+ } -+ } -+ pkey, err = ossl.EVP_PKEY_new() -+ if err != nil { -+ ossl.RSA_free(key) -+ return nil, err -+ } -+ if _, err := ossl.EVP_PKEY_assign(pkey, ossl.EVP_PKEY_RSA, (unsafe.Pointer)(key)); err != nil { -+ ossl.RSA_free(key) -+ ossl.EVP_PKEY_free(pkey) -+ return nil, err -+ } -+ case 3: -+ var err error -+ if pkey, err = newRSAKey3(true, n, e, d, p, q, dp, dq, qinv); err != nil { -+ return nil, err -+ } -+ default: -+ panic(errUnsupportedVersion()) -+ } -+ k := &PrivateKeyRSA{_pkey: pkey} -+ runtime.SetFinalizer(k, (*PrivateKeyRSA).finalize) -+ return k, nil -+} -+ -+func (k *PrivateKeyRSA) finalize() { -+ ossl.EVP_PKEY_free(k._pkey) -+} -+ -+func (k *PrivateKeyRSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { -+ // Because of the finalizer, any time _pkey is passed to cgo, that call must -+ // be followed by a call to runtime.KeepAlive, to make sure k is not -+ // collected (and finalized) before the cgo call returns. -+ defer runtime.KeepAlive(k) -+ return f(k._pkey) -+} -+ -+func DecryptRSAOAEP(h, mgfHash hash.Hash, priv *PrivateKeyRSA, ciphertext, label []byte) ([]byte, error) { -+ return evpDecrypt(priv.withKey, ossl.RSA_PKCS1_OAEP_PADDING, h, mgfHash, label, ciphertext) -+} -+ -+func EncryptRSAOAEP(h, mgfHash hash.Hash, pub *PublicKeyRSA, msg, label []byte) ([]byte, error) { -+ return evpEncrypt(pub.withKey, ossl.RSA_PKCS1_OAEP_PADDING, h, mgfHash, label, msg) -+} -+ -+func DecryptRSAPKCS1(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error) { -+ return evpDecrypt(priv.withKey, ossl.RSA_PKCS1_PADDING, nil, nil, nil, ciphertext) -+} -+ -+func EncryptRSAPKCS1(pub *PublicKeyRSA, msg []byte) ([]byte, error) { -+ return evpEncrypt(pub.withKey, ossl.RSA_PKCS1_PADDING, nil, nil, nil, msg) -+} -+ -+func DecryptRSANoPadding(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error) { -+ ret, err := evpDecrypt(priv.withKey, ossl.RSA_NO_PADDING, nil, nil, nil, ciphertext) -+ if err != nil { -+ return nil, err -+ } -+ // We could return here, but the Go standard library test expects DecryptRSANoPadding to verify the result -+ // in order to defend against errors in the CRT computation. -+ // -+ // The following code tries to replicate the verification implemented in the upstream function decryptAndCheck, found at -+ // https://github.com/golang/go/blob/9de1ac6ac2cad3871760d0aa288f5ca713afd0a6/src/crypto/rsa/rsa.go#L569-L582. -+ pub := &PublicKeyRSA{_pkey: priv._pkey} -+ // A private EVP_PKEY can be used as a public key as it contains the public information. -+ enc, err := EncryptRSANoPadding(pub, ret) -+ if err != nil { -+ return nil, err -+ } -+ // Upstream does not do a constant time comparison because it works with math/big instead of byte slices, -+ // and math/big does not support constant-time arithmetic yet. See #20654 for more info. -+ if subtle.ConstantTimeCompare(ciphertext, enc) != 1 { -+ return nil, errors.New("rsa: internal error") -+ } -+ return ret, nil -+} -+ -+func EncryptRSANoPadding(pub *PublicKeyRSA, msg []byte) ([]byte, error) { -+ return evpEncrypt(pub.withKey, ossl.RSA_NO_PADDING, nil, nil, nil, msg) -+} -+ -+func saltLength(saltLen int, sign bool) (int32, error) { -+ // A salt length of -2 is valid in OpenSSL, but not in crypto/rsa, so reject -+ // it, and lengths < -2, before we convert to the OpenSSL sentinel values. -+ if saltLen <= -2 { -+ return 0, errors.New("crypto/rsa: invalid PSS salt length") -+ } -+ // OpenSSL uses sentinel salt length values like Go crypto does, -+ // but the values don't fully match for rsa.PSSSaltLengthAuto (0). -+ if saltLen == 0 { -+ if sign { -+ if vMajor == 1 { -+ // OpenSSL 1.x uses -2 to mean maximal size when signing where Go crypto uses 0. -+ return ossl.RSA_PSS_SALTLEN_MAX_SIGN, nil -+ } -+ // OpenSSL 3.x deprecated RSA_PSS_SALTLEN_MAX_SIGN -+ // and uses -3 to mean maximal size when signing where Go crypto uses 0. -+ return ossl.RSA_PSS_SALTLEN_MAX, nil -+ } -+ // OpenSSL uses -2 to mean auto-detect size when verifying where Go crypto uses 0. -+ return ossl.RSA_PSS_SALTLEN_AUTO, nil -+ } -+ return int32(saltLen), nil -+} -+ -+func SignRSAPSS(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte, saltLen int) ([]byte, error) { -+ cSaltLen, err := saltLength(saltLen, true) -+ if err != nil { -+ return nil, err -+ } -+ return evpSign(priv.withKey, ossl.RSA_PKCS1_PSS_PADDING, cSaltLen, h, hashed) -+} -+ -+func VerifyRSAPSS(pub *PublicKeyRSA, h crypto.Hash, hashed, sig []byte, saltLen int) error { -+ cSaltLen, err := saltLength(saltLen, false) -+ if err != nil { -+ return err -+ } -+ return evpVerify(pub.withKey, ossl.RSA_PKCS1_PSS_PADDING, cSaltLen, h, sig, hashed) -+} -+ -+func SignRSAPKCS1v15(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte) ([]byte, error) { -+ return evpSign(priv.withKey, ossl.RSA_PKCS1_PADDING, 0, h, hashed) -+} -+ -+func HashSignRSAPKCS1v15(priv *PrivateKeyRSA, h crypto.Hash, msg []byte) ([]byte, error) { -+ return evpHashSign(priv.withKey, h, msg) -+} -+ -+func VerifyRSAPKCS1v15(pub *PublicKeyRSA, h crypto.Hash, hashed, sig []byte) error { -+ defer runtime.KeepAlive(pub) -+ var size int32 -+ if err := pub.withKey(func(pkey ossl.EVP_PKEY_PTR) (err error) { -+ size, err = ossl.EVP_PKEY_get_size(pkey) -+ if err != nil { -+ return err -+ } -+ if len(sig) < int(size) { -+ return errors.New("crypto/rsa: verification error") -+ } -+ return nil -+ }); err != nil { -+ return err -+ } -+ return evpVerify(pub.withKey, ossl.RSA_PKCS1_PADDING, 0, h, sig, hashed) -+} -+ -+func HashVerifyRSAPKCS1v15(pub *PublicKeyRSA, h crypto.Hash, msg, sig []byte) error { -+ return evpHashVerify(pub.withKey, h, msg, sig) -+} -+ -+func newRSAKey3(isPriv bool, n, e, d, p, q, dp, dq, qinv BigInt) (ossl.EVP_PKEY_PTR, error) { -+ bld, err := newParamBuilder() -+ if err != nil { -+ return nil, err -+ } -+ defer bld.finalize() -+ -+ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_N, n, false) -+ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_E, e, false) -+ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_D, d, false) -+ -+ if p != nil && q != nil { -+ allPrecomputedExists := dp != nil && dq != nil && qinv != nil -+ // The precomputed values should only be passed if P and Q are present -+ // and every precomputed value is present. (If any precomputed value is -+ // missing, don't pass any of them.) -+ // -+ // In OpenSSL 3.0 and 3.1, we must also omit P and Q if any precomputed -+ // value is missing. See https://github.com/openssl/openssl/pull/22334 -+ if vMinor >= 2 || allPrecomputedExists { -+ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_FACTOR1, p, true) -+ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_FACTOR2, q, true) -+ } -+ if allPrecomputedExists { -+ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_EXPONENT1, dp, true) -+ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_EXPONENT2, dq, true) -+ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_COEFFICIENT1, qinv, true) -+ } -+ } -+ -+ params, err := bld.build() -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.OSSL_PARAM_free(params) -+ selection := ossl.EVP_PKEY_PUBLIC_KEY -+ if isPriv { -+ selection = ossl.EVP_PKEY_KEYPAIR -+ } -+ return newEvpFromParams(ossl.EVP_PKEY_RSA, int32(selection), params) -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/tls1prf.go b/src/vendor/github.com/golang-fips/openssl/v2/tls1prf.go -new file mode 100644 -index 00000000000000..55fc0332c22d74 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/tls1prf.go -@@ -0,0 +1,159 @@ -+//go:build !cmd_go_bootstrap -+ -+package openssl -+ -+import "C" -+import ( -+ "crypto" -+ "errors" -+ "hash" -+ "sync" -+ "unsafe" -+ -+ "github.com/golang-fips/openssl/v2/internal/ossl" -+) -+ -+func SupportsTLS1PRF() bool { -+ switch vMajor { -+ case 1: -+ return vMinor >= 1 -+ case 3: -+ _, err := fetchTLS1PRF3() -+ return err == nil -+ default: -+ panic(errUnsupportedVersion()) -+ } -+} -+ -+// TLS1PRF implements the TLS 1.0/1.1 pseudo-random function if h is nil, -+// else it implements the TLS 1.2 pseudo-random function. -+// The pseudo-random number will be written to result and will be of length len(result). -+func TLS1PRF(result, secret, label, seed []byte, fh func() hash.Hash) error { -+ var md ossl.EVP_MD_PTR -+ if fh == nil { -+ // TLS 1.0/1.1 PRF doesn't allow to specify the hash function, -+ // it always uses MD5SHA1. If h is nil, then assume -+ // that the caller wants to use TLS 1.0/1.1 PRF. -+ // OpenSSL detects this case by checking if the hash -+ // function is MD5SHA1. -+ md = loadHash(crypto.MD5SHA1).md -+ } else { -+ h, err := hashFuncHash(fh) -+ if err != nil { -+ return err -+ } -+ md = hashToMD(h) -+ } -+ if md == nil { -+ return errors.New("unsupported hash function") -+ } -+ -+ switch vMajor { -+ case 1: -+ return tls1PRF1(result, secret, label, seed, md) -+ case 3: -+ return tls1PRF3(result, secret, label, seed, md) -+ default: -+ return errUnsupportedVersion() -+ } -+} -+ -+// tls1PRF1 implements TLS1PRF for OpenSSL 1 using the EVP_PKEY API. -+func tls1PRF1(result, secret, label, seed []byte, md ossl.EVP_MD_PTR) error { -+ checkMajorVersion(1) -+ -+ ctx, err := ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_TLS1_PRF, nil) -+ if err != nil { -+ return err -+ } -+ defer func() { -+ ossl.EVP_PKEY_CTX_free(ctx) -+ }() -+ -+ if _, err := ossl.EVP_PKEY_derive_init(ctx); err != nil { -+ return err -+ } -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, -+ ossl.EVP_PKEY_OP_DERIVE, -+ ossl.EVP_PKEY_CTRL_TLS_MD, -+ 0, unsafe.Pointer(md)); err != nil { -+ return err -+ } -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, -+ ossl.EVP_PKEY_OP_DERIVE, -+ ossl.EVP_PKEY_CTRL_TLS_SECRET, -+ int32(len(secret)), unsafe.Pointer(base(secret))); err != nil { -+ return err -+ } -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, -+ ossl.EVP_PKEY_OP_DERIVE, -+ ossl.EVP_PKEY_CTRL_TLS_SEED, -+ int32(len(label)), unsafe.Pointer(base(label))); err != nil { -+ return err -+ } -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, -+ ossl.EVP_PKEY_OP_DERIVE, -+ ossl.EVP_PKEY_CTRL_TLS_SEED, -+ int32(len(seed)), unsafe.Pointer(base(seed))); err != nil { -+ return err -+ } -+ outLen := len(result) -+ if _, err := ossl.EVP_PKEY_derive(ctx, base(result), &outLen); err != nil { -+ return err -+ } -+ // The Go standard library expects TLS1PRF to return the requested number of bytes, -+ // fail if it doesn't. While there is no known situation where this will happen, -+ // EVP_PKEY_derive handles multiple algorithms and there could be a subtle mismatch -+ // after more code changes in the future. -+ if outLen != len(result) { -+ return errors.New("tls1-prf: derived less bytes than requested") -+ } -+ return nil -+} -+ -+// fetchTLS1PRF3 fetches the TLS1-PRF KDF algorithm. -+// It is safe to call this function concurrently. -+// The returned EVP_KDF_PTR shouldn't be freed. -+var fetchTLS1PRF3 = sync.OnceValues(func() (ossl.EVP_KDF_PTR, error) { -+ checkMajorVersion(3) -+ -+ kdf, err := ossl.EVP_KDF_fetch(nil, _OSSL_KDF_NAME_TLS1_PRF.ptr(), nil) -+ if err != nil { -+ return nil, err -+ } -+ return kdf, nil -+}) -+ -+// tls1PRF3 implements TLS1PRF for OpenSSL 3 using the EVP_KDF API. -+func tls1PRF3(result, secret, label, seed []byte, md ossl.EVP_MD_PTR) error { -+ checkMajorVersion(3) -+ -+ kdf, err := fetchTLS1PRF3() -+ if err != nil { -+ return err -+ } -+ ctx, err := ossl.EVP_KDF_CTX_new(kdf) -+ if err != nil { -+ return err -+ } -+ defer ossl.EVP_KDF_CTX_free(ctx) -+ -+ bld, err := newParamBuilder() -+ if err != nil { -+ return err -+ } -+ bld.addUTF8String(_OSSL_KDF_PARAM_DIGEST, ossl.EVP_MD_get0_name(md), 0) -+ bld.addOctetString(_OSSL_KDF_PARAM_SECRET, secret) -+ bld.addOctetString(_OSSL_KDF_PARAM_SEED, label) -+ bld.addOctetString(_OSSL_KDF_PARAM_SEED, seed) -+ params, err := bld.build() -+ if err != nil { -+ return err -+ } -+ defer ossl.OSSL_PARAM_free(params) -+ -+ if _, err := ossl.EVP_KDF_derive(ctx, base(result), len(result), params); err != nil { -+ return err -+ } -+ return nil -+} -diff --git a/src/vendor/github.com/golang-fips/openssl/v2/zaes.go b/src/vendor/github.com/golang-fips/openssl/v2/zaes.go -new file mode 100644 -index 00000000000000..e60a5dde390be6 ---- /dev/null -+++ b/src/vendor/github.com/golang-fips/openssl/v2/zaes.go -@@ -0,0 +1,86 @@ -+// Code generated by cmd/genaesmodes. DO NOT EDIT. -+ -+//go:build cgo && !cmd_go_bootstrap -+ -+package openssl -+ -+import "crypto/cipher" -+ -+type cipherWithCBC struct { -+ aesCipher -+} -+ -+type cipherWithCTR struct { -+ aesCipher -+} -+ -+type cipherWithCBC_CTR struct { -+ aesCipher -+ cipherWithCBC -+ cipherWithCTR -+} -+ -+type cipherWithGCM struct { -+ aesCipher -+} -+ -+type cipherWithCBC_GCM struct { -+ aesCipher -+ cipherWithCBC -+ cipherWithGCM -+} -+ -+type cipherWithCTR_GCM struct { -+ aesCipher -+ cipherWithCTR -+ cipherWithGCM -+} -+ -+type cipherWithCBC_CTR_GCM struct { -+ aesCipher -+ cipherWithCBC -+ cipherWithCTR -+ cipherWithGCM -+} -+ -+func newAESBlock(c *evpCipher, kind cipherKind) cipher.Block { -+ aes := aesCipher{c} -+ var block cipher.Block -+ supportsCBC := loadCipher(kind, cipherModeCBC) != nil -+ supportsCTR := loadCipher(kind, cipherModeCTR) != nil -+ supportsGCM := loadCipher(kind, cipherModeGCM) != nil -+ switch { -+ case !supportsCBC && !supportsCTR && !supportsGCM: -+ block = aes -+ case supportsCBC && !supportsCTR && !supportsGCM: -+ block = cipherWithCBC{aes} -+ case !supportsCBC && supportsCTR && !supportsGCM: -+ block = cipherWithCTR{aes} -+ case supportsCBC && supportsCTR && !supportsGCM: -+ block = cipherWithCBC_CTR{aes, -+ cipherWithCBC{aes}, -+ cipherWithCTR{aes}, -+ } -+ case !supportsCBC && !supportsCTR && supportsGCM: -+ block = cipherWithGCM{aes} -+ case supportsCBC && !supportsCTR && supportsGCM: -+ block = cipherWithCBC_GCM{aes, -+ cipherWithCBC{aes}, -+ cipherWithGCM{aes}, -+ } -+ case !supportsCBC && supportsCTR && supportsGCM: -+ block = cipherWithCTR_GCM{aes, -+ cipherWithCTR{aes}, -+ cipherWithGCM{aes}, -+ } -+ case supportsCBC && supportsCTR && supportsGCM: -+ block = cipherWithCBC_CTR_GCM{aes, -+ cipherWithCBC{aes}, -+ cipherWithCTR{aes}, -+ cipherWithGCM{aes}, -+ } -+ default: -+ panic("unreachable") -+ } -+ return block -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/LICENSE b/src/vendor/github.com/microsoft/go-crypto-darwin/LICENSE -new file mode 100644 -index 00000000000000..9e841e7a26e4eb ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/LICENSE -@@ -0,0 +1,21 @@ -+ MIT License -+ -+ Copyright (c) Microsoft Corporation. -+ -+ Permission is hereby granted, free of charge, to any person obtaining a copy -+ of this software and associated documentation files (the "Software"), to deal -+ in the Software without restriction, including without limitation the rights -+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -+ copies of the Software, and to permit persons to whom the Software is -+ furnished to do so, subject to the following conditions: -+ -+ The above copyright notice and this permission notice shall be included in all -+ copies or substantial portions of the Software. -+ -+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -+ SOFTWARE -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/bbig/big.go b/src/vendor/github.com/microsoft/go-crypto-darwin/bbig/big.go -new file mode 100644 -index 00000000000000..73891afeab93d7 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/bbig/big.go -@@ -0,0 +1,31 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+package bbig -+ -+import ( -+ "math/big" -+ -+ "github.com/microsoft/go-crypto-darwin/xcrypto" -+) -+ -+func Enc(b *big.Int) xcrypto.BigInt { -+ if b == nil { -+ return nil -+ } -+ x := b.Bytes() -+ if len(x) == 0 { -+ return xcrypto.BigInt{} -+ } -+ return x -+} -+ -+func Dec(b xcrypto.BigInt) *big.Int { -+ if b == nil { -+ return nil -+ } -+ if len(b) == 0 { -+ return new(big.Int) -+ } -+ return new(big.Int).SetBytes(b) -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/CryptoKit.o b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/CryptoKit.o +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/CryptoKit.o b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/CryptoKit.o new file mode 100644 index 0000000000000000000000000000000000000000..0f28482a272ec4195170331ca856d75840fb8859 GIT binary patch @@ -13854,2903 +3337,23586 @@ HcmV?d00001 diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/cgo_go124.go b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/cgo_go124.go new file mode 100644 -index 00000000000000..d0c5f989546d15 +index 00000000000000..d0c5f989546d15 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/cgo_go124.go +@@ -0,0 +1,40 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build go1.24 && darwin ++ ++package cryptokit ++ ++// See xcrypto/cgo_go124.go for context. ++ ++/* ++#cgo noescape MD5 ++#cgo nocallback MD5 ++#cgo noescape SHA1 ++#cgo nocallback SHA1 ++#cgo noescape SHA256 ++#cgo nocallback SHA256 ++#cgo noescape SHA384 ++#cgo nocallback SHA384 ++#cgo noescape SHA512 ++#cgo nocallback SHA512 ++ ++#cgo noescape hashWrite ++#cgo noescape hashSum ++#cgo nocallback hashNew ++#cgo nocallback hashWrite ++#cgo nocallback hashSum ++#cgo nocallback hashReset ++#cgo nocallback hashSize ++#cgo nocallback hashBlockSize ++#cgo nocallback hashCopy ++#cgo nocallback hashFree ++ ++#cgo noescape updateHMAC ++#cgo noescape finalizeHMAC ++#cgo nocallback initHMAC ++#cgo nocallback freeHMAC ++#cgo nocallback updateHMAC ++#cgo nocallback finalizeHMAC ++*/ ++import "C" +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/cryptokit.go b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/cryptokit.go +new file mode 100644 +index 00000000000000..9f05af66b277d3 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/cryptokit.go +@@ -0,0 +1,39 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build darwin ++ ++package cryptokit ++ ++// #cgo CFLAGS: -Wno-deprecated-declarations ++// #cgo LDFLAGS: -framework Security -framework CoreFoundation -L /Library/Developer/CommandLineTools/usr/lib/swift/macosx ${SRCDIR}/CryptoKit.o ++import "C" ++import "unsafe" ++ ++// base returns the address of the underlying array in b, ++// being careful not to panic when b has zero length. ++func base(b []byte) *C.uchar { ++ return (*C.uchar)(unsafe.Pointer(addr(b))) ++} ++ ++// base returns the address of the underlying array in b, ++// being careful not to panic when b has zero length. ++func addr(b []byte) *byte { ++ if len(b) == 0 { ++ return nil ++ } ++ return unsafe.SliceData(b) ++} ++ ++var zero byte ++ ++// addrNeverEmpty returns the address of the underlying array in b, ++// being careful not to panic when b has zero length. ++// If b is empty, it returns a pointer to a zero byte ++// so that it can always be dereferenced. ++func addrNeverEmpty(b []byte) *byte { ++ if len(b) == 0 { ++ return &zero ++ } ++ return unsafe.SliceData(b) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/cryptokit.h b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/cryptokit.h +new file mode 100644 +index 00000000000000..8306f0f74e055b +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/cryptokit.h +@@ -0,0 +1,67 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++#ifndef CRYPTOKIT_H ++#define CRYPTOKIT_H ++ ++#include ++#include ++ ++// AES GCM encryption and decryption ++int encryptAESGCM(const uint8_t *key, size_t keyLength, const uint8_t *data, ++ size_t dataLength, const uint8_t *nonce, size_t nonceLength, ++ const uint8_t *aad, size_t aadLength, uint8_t *cipherText, ++ size_t cipherTextLength, uint8_t *tag); ++int decryptAESGCM(const uint8_t *key, size_t keyLength, const uint8_t *data, ++ size_t dataLength, const uint8_t *nonce, size_t nonceLength, ++ const uint8_t *aad, size_t aadLength, const uint8_t *tag, ++ size_t tagLength, uint8_t *out, size_t *outLength); ++ ++// Generates an Ed25519 keypair. ++// The private key is 64 bytes (first 32 bytes are the seed, next 32 bytes are ++// the public key). The public key is 32 bytes. ++void generateKeyEd25519(uint8_t *key); ++int newPrivateKeyEd25519FromSeed(uint8_t *key, const uint8_t *seed); ++int newPublicKeyEd25519(uint8_t *key, const uint8_t *pub); ++int signEd25519(const uint8_t *privateKey, const uint8_t *message, ++ size_t messageLength, uint8_t *sigBuffer); ++int verifyEd25519(const uint8_t *publicKey, const uint8_t *message, ++ size_t messageLength, const uint8_t *sig); ++ ++// HKDF key derivation ++int extractHKDF(int32_t hashFunction, const uint8_t *secret, ++ size_t secretLength, const uint8_t *salt, size_t saltLength, ++ uint8_t *prk, size_t prkLength); ++int expandHKDF(int32_t hashFunction, const uint8_t *prk, size_t prkLength, ++ const uint8_t *info, size_t infoLength, uint8_t *okm, ++ size_t okmLength); ++ ++void *initHMAC(int32_t hashFunction, const uint8_t *key, int keyLength); ++void freeHMAC(int32_t hashFunction, void *ptr); ++void updateHMAC(int32_t hashFunction, void *ptr, const uint8_t *data, ++ int length); ++void finalizeHMAC(int32_t hashFunction, void *ptr, uint8_t *outputPointer); ++void *copyHMAC(int32_t hashAlgorithm, void *ptr); ++ ++void MD5(const uint8_t *inputPointer, size_t inputLength, ++ const uint8_t *outputPointer); ++void SHA1(const uint8_t *inputPointer, size_t inputLength, ++ const uint8_t *outputPointer); ++void SHA256(const uint8_t *inputPointer, size_t inputLength, ++ const uint8_t *outputPointer); ++void SHA384(const uint8_t *inputPointer, size_t inputLength, ++ const uint8_t *outputPointer); ++void SHA512(const uint8_t *inputPointer, size_t inputLength, ++ const uint8_t *outputPointer); ++ ++void *hashNew(int32_t hashAlgorithm); ++void hashWrite(int32_t hashAlgorithm, void *ptr, const uint8_t *data, ++ int length); ++void hashSum(int32_t hashAlgorithm, void *ptr, uint8_t *outputPointer); ++void hashReset(int32_t hashAlgorithm, void *ptr); ++int hashSize(int32_t hashAlgorithm); ++int hashBlockSize(int32_t hashAlgorithm); ++void *hashCopy(int32_t hashAlgorithm, void *ptr); ++void hashFree(int32_t hashAlgorithm, void *ptr); ++ ++#endif /* CRYPTOKIT_H */ +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/ed25519.go b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/ed25519.go +new file mode 100644 +index 00000000000000..2fa15c8fa5529a +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/ed25519.go +@@ -0,0 +1,72 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build darwin ++ ++package cryptokit ++ ++// #include "cryptokit.h" ++import "C" ++import ( ++ "errors" ++) ++ ++// GenerateKeyEd25519 generates an Ed25519 private key using the Swift implementation. ++func GenerateKeyEd25519(key []byte) { ++ C.generateKeyEd25519(base(key)) ++} ++ ++// NewPrivateKeyEd25519FromSeed generates an Ed25519 private key from a seed. ++func NewPrivateKeyEd25519FromSeed(key, seed []byte) error { ++ result := C.newPrivateKeyEd25519FromSeed(base(key), base(seed)) ++ if result != 0 { ++ return errors.New("failed to generate Ed25519 key from seed") ++ } ++ return nil ++} ++ ++// NewPublicKeyEd25519 creates a new Ed25519 public key from raw bytes. ++func NewPublicKeyEd25519(key, pub []byte) error { ++ result := C.newPublicKeyEd25519(base(key), base(pub)) ++ if result != 0 { ++ return errors.New("failed to create Ed25519 public key") ++ } ++ return nil ++} ++ ++// SignEd25519 signs a message using the provided private key. ++func SignEd25519(sig, privateKey, message []byte) error { ++ result := C.signEd25519(base(privateKey), base(message), C.size_t(len(message)), base(sig)) ++ if result < 0 { ++ switch result { ++ case -1: ++ return errors.New("invalid inputs to SignEd25519") ++ case -2: ++ return errors.New("failed to reconstruct private key") ++ case -3: ++ return errors.New("failed to sign the message") ++ case -4: ++ return errors.New("signature buffer too small") ++ default: ++ return errors.New("unknown error in SignEd25519") ++ } ++ } ++ return nil ++} ++ ++// VerifyEd25519 verifies a signature using the provided public key and message. ++func VerifyEd25519(publicKey, message, sig []byte) error { ++ result := C.verifyEd25519(base(publicKey), base(message), C.size_t(len(message)), base(sig)) ++ switch result { ++ case 1: ++ return nil // Valid signature ++ case 0: ++ return errors.New("ed25519: invalid signature") ++ case -1: ++ return errors.New("invalid inputs to VerifyEd25519") ++ case -2: ++ return errors.New("failed to reconstruct public key") ++ default: ++ return errors.New("unknown error in VerifyEd25519") ++ } ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/gcm.go b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/gcm.go +new file mode 100644 +index 00000000000000..458e9eb57416b1 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/gcm.go +@@ -0,0 +1,36 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build darwin ++ ++package cryptokit ++ ++// #include "cryptokit.h" ++import "C" ++ ++// EncryptAESGCM performs AES-GCM encryption using Swift. ++func EncryptAESGCM(key, plaintext, nonce, additionalData, ciphertext, tag []byte) int { ++ err := C.encryptAESGCM( ++ base(key), C.size_t(len(key)), ++ base(plaintext), C.size_t(len(plaintext)), ++ base(nonce), C.size_t(len(nonce)), ++ base(additionalData), C.size_t(len(additionalData)), ++ base(ciphertext), C.size_t(len(ciphertext)), ++ base(tag), ++ ) ++ return int(err) ++} ++ ++// DecryptAESGCM performs AES-GCM decryption using Swift. ++func DecryptAESGCM(key, ciphertext, nonce, additionalData, tag, plaintext []byte) (int, int) { ++ var decSize C.size_t ++ err := C.decryptAESGCM( ++ base(key), C.size_t(len(key)), ++ base(ciphertext), C.size_t(len(ciphertext)), ++ base(nonce), C.size_t(len(nonce)), ++ base(additionalData), C.size_t(len(additionalData)), ++ base(tag), C.size_t(len(tag)), ++ base(plaintext), &decSize, ++ ) ++ return int(decSize), int(err) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hash.go b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hash.go +new file mode 100644 +index 00000000000000..977ee3152ada71 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hash.go +@@ -0,0 +1,247 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build darwin ++ ++package cryptokit ++ ++// #include "cryptokit.h" ++import "C" ++import ( ++ "errors" ++ "hash" ++ "runtime" ++ "unsafe" ++) ++ ++func MD5(p []byte) (sum [16]byte) { ++ C.MD5((*C.uint8_t)(&*addrNeverEmpty(p)), C.size_t(len(p)), base(sum[:])) ++ return ++} ++ ++func SHA1(p []byte) (sum [20]byte) { ++ C.SHA1((*C.uint8_t)(&*addrNeverEmpty(p)), C.size_t(len(p)), base(sum[:])) ++ return ++} ++ ++func SHA256(p []byte) (sum [32]byte) { ++ C.SHA256((*C.uint8_t)(&*addrNeverEmpty(p)), C.size_t(len(p)), base(sum[:])) ++ return ++} ++ ++func SHA384(p []byte) (sum [48]byte) { ++ C.SHA384((*C.uint8_t)(&*addrNeverEmpty(p)), C.size_t(len(p)), base(sum[:])) ++ return ++} ++ ++func SHA512(p []byte) (sum [64]byte) { ++ C.SHA512((*C.uint8_t)(&*addrNeverEmpty(p)), C.size_t(len(p)), base(sum[:])) ++ return ++} ++ ++const ( ++ md5 = 1 ++ sha1 = 2 ++ sha256 = 3 ++ sha384 = 4 ++ sha512 = 5 ++) ++ ++var ( ++ MD5BlockSize = int(C.hashBlockSize(md5)) ++ MD5Size = int(C.hashSize(md5)) ++ SHA1BlockSize = int(C.hashBlockSize(sha1)) ++ SHA1Size = int(C.hashSize(sha1)) ++ SHA256BlockSize = int(C.hashBlockSize(sha256)) ++ SHA256Size = int(C.hashSize(sha256)) ++ SHA384BlockSize = int(C.hashBlockSize(sha384)) ++ SHA384Size = int(C.hashSize(sha384)) ++ SHA512BlockSize = int(C.hashBlockSize(sha512)) ++ SHA512Size = int(C.hashSize(sha512)) ++) ++ ++var _ hash.Hash = (*evpHash)(nil) ++var _ HashCloner = (*evpHash)(nil) ++ ++type evpHash struct { ++ ptr unsafe.Pointer ++ hashAlgorithm C.int ++ blockSize int ++ size int ++} ++ ++func newEVPHash(hashAlgorithm C.int, blockSize, size int) *evpHash { ++ h := &evpHash{ ++ ptr: C.hashNew(hashAlgorithm), ++ hashAlgorithm: hashAlgorithm, ++ blockSize: blockSize, ++ size: size, ++ } ++ ++ runtime.SetFinalizer(h, (*evpHash).finalize) ++ ++ return h ++} ++ ++func (h *evpHash) finalize() { ++ if h.ptr != nil { ++ C.hashFree(h.hashAlgorithm, h.ptr) ++ h.ptr = nil ++ } ++} ++ ++func (h *evpHash) Clone() (HashCloner, error) { ++ if h.ptr == nil { ++ panic("cryptokit: hash already finalized") ++ } ++ ++ newHash := &evpHash{ ++ ptr: C.hashCopy(h.hashAlgorithm, h.ptr), ++ hashAlgorithm: h.hashAlgorithm, ++ blockSize: h.blockSize, ++ size: h.size, ++ } ++ ++ runtime.SetFinalizer(newHash, (*evpHash).finalize) ++ ++ runtime.KeepAlive(h) ++ ++ return newHash, nil ++} ++ ++func (h *evpHash) Write(p []byte) (int, error) { ++ if len(p) == 0 { ++ return 0, nil ++ } ++ C.hashWrite(h.hashAlgorithm, h.ptr, (*C.uint8_t)(&*addrNeverEmpty(p)), C.int(len(p))) ++ ++ runtime.KeepAlive(h) ++ ++ return len(p), nil ++} ++ ++func (h *evpHash) WriteString(s string) (int, error) { ++ if len(s) == 0 { ++ return 0, nil ++ } ++ C.hashWrite(h.hashAlgorithm, h.ptr, (*C.uchar)(unsafe.Pointer(unsafe.StringData(s))), C.int(len(s))) ++ ++ runtime.KeepAlive(h) ++ ++ return len(s), nil ++} ++ ++func (h *evpHash) WriteByte(c byte) error { ++ C.hashWrite(h.hashAlgorithm, h.ptr, base([]byte{c}), 1) ++ ++ runtime.KeepAlive(h) ++ ++ return nil ++} ++ ++func (h *evpHash) Sum(b []byte) []byte { ++ hashSlice := make([]byte, h.size, 64) // explicit cap to allow stack allocation ++ C.hashSum(h.hashAlgorithm, h.ptr, base(hashSlice)) ++ runtime.KeepAlive(h) ++ ++ b = append(b, hashSlice...) ++ return b ++} ++ ++func (h *evpHash) MarshalBinary() ([]byte, error) { ++ return nil, errors.New("cryptokit: hash state is not marshallable") ++} ++ ++func (h *evpHash) AppendBinary(b []byte) ([]byte, error) { ++ return nil, errors.New("cryptokit: hash state is not marshallable") ++} ++ ++func (h *evpHash) UnmarshalBinary(data []byte) error { ++ return errors.New("cryptokit: hash state is not marshallable") ++} ++ ++func (h *evpHash) Reset() { ++ C.hashReset(h.hashAlgorithm, h.ptr) ++} ++ ++func (h *evpHash) BlockSize() int { ++ return h.blockSize ++} ++ ++func (h *evpHash) Size() int { ++ return h.size ++} ++ ++type MD5Hash struct { ++ *evpHash ++} ++ ++func NewMD5() hash.Hash { ++ return MD5Hash{ ++ evpHash: newEVPHash( ++ C.int(md5), ++ MD5BlockSize, ++ MD5Size, ++ ), ++ } ++} ++ ++type SHA1Hash struct { ++ *evpHash ++} ++ ++// NewSHA1 initializes a new SHA1 hasher. ++func NewSHA1() hash.Hash { ++ return SHA1Hash{ ++ evpHash: newEVPHash( ++ sha1, ++ SHA1BlockSize, ++ SHA1Size, ++ ), ++ } ++} ++ ++type SHA256Hash struct { ++ *evpHash ++} ++ ++// NewSHA256 initializes a new SHA256 hasher. ++func NewSHA256() hash.Hash { ++ return SHA256Hash{ ++ evpHash: newEVPHash( ++ sha256, ++ SHA256BlockSize, ++ SHA256Size, ++ ), ++ } ++} ++ ++type SHA384Hash struct { ++ *evpHash ++} ++ ++// NewSHA384 initializes a new SHA384 hasher. ++func NewSHA384() hash.Hash { ++ return SHA384Hash{ ++ evpHash: newEVPHash( ++ sha384, ++ SHA384BlockSize, ++ SHA384Size, ++ ), ++ } ++} ++ ++type SHA512Hash struct { ++ *evpHash ++} ++ ++// NewSHA512 initializes a new SHA512 hasher. ++func NewSHA512() hash.Hash { ++ return SHA512Hash{ ++ evpHash: newEVPHash( ++ sha512, ++ SHA512BlockSize, ++ SHA512Size, ++ ), ++ } ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hashclone.go b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hashclone.go +new file mode 100644 +index 00000000000000..5416b7882c1891 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hashclone.go +@@ -0,0 +1,17 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build !go1.25 && darwin ++ ++package cryptokit ++ ++import ( ++ "hash" ++) ++ ++// HashCloner is an interface that defines a Clone method. ++type HashCloner interface { ++ hash.Hash ++ // Clone returns a separate Hash instance with the same state as h. ++ Clone() (HashCloner, error) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hashclone_go125.go b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hashclone_go125.go +new file mode 100644 +index 00000000000000..d690254202bde6 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hashclone_go125.go +@@ -0,0 +1,12 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build go1.25 && darwin ++ ++package cryptokit ++ ++import ( ++ "hash" ++) ++ ++type HashCloner = hash.Cloner +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hkdf.go b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hkdf.go +new file mode 100644 +index 00000000000000..da161adcd88ea6 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hkdf.go +@@ -0,0 +1,77 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build darwin ++ ++package cryptokit ++ ++// #include "cryptokit.h" ++import "C" ++import ( ++ "crypto" ++ "errors" ++) ++ ++// ExtractHKDF performs the extract step of HKDF using the specified hash function. ++func ExtractHKDF(hash crypto.Hash, secret, salt []byte) ([]byte, error) { ++ h, err := cryptoHashToSwift(hash) ++ if err != nil { ++ return nil, err ++ } ++ ++ // Allocate buffer for derived key ++ prk := make([]byte, hash.Size()) ++ ++ // Call Swift function ++ result := C.extractHKDF( ++ h, ++ base(secret), C.size_t(len(secret)), ++ base(salt), C.size_t(len(salt)), ++ base(prk), C.size_t(len(prk)), ++ ) ++ ++ if result != 0 { ++ return nil, errors.New("HKDF derivation failed") ++ } ++ ++ return prk, nil ++} ++ ++func ExpandHKDF(hash crypto.Hash, pseudorandomKey, info []byte, keyLength int) ([]byte, error) { ++ h, err := cryptoHashToSwift(hash) ++ if err != nil { ++ return nil, err ++ } ++ ++ // Allocate buffer for derived key ++ expandedKey := make([]byte, keyLength) ++ ++ // Call Swift function ++ result := C.expandHKDF( ++ h, ++ base(pseudorandomKey), C.size_t(len(pseudorandomKey)), ++ base(info), C.size_t(len(info)), ++ base(expandedKey), C.size_t(len(expandedKey)), ++ ) ++ ++ if result != 0 { ++ return nil, errors.New("HKDF derivation failed") ++ } ++ ++ return expandedKey, nil ++} ++ ++func cryptoHashToSwift(hash crypto.Hash) (C.int32_t, error) { ++ switch hash { ++ case crypto.SHA1: ++ return 1, nil ++ case crypto.SHA256: ++ return 2, nil ++ case crypto.SHA384: ++ return 3, nil ++ case crypto.SHA512: ++ return 4, nil ++ default: ++ return 0, errors.New("unsupported hash function") ++ } ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hmac.go b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hmac.go +new file mode 100644 +index 00000000000000..f06abe11e3854d +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hmac.go +@@ -0,0 +1,146 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build darwin ++ ++package cryptokit ++ ++// #include "cryptokit.h" ++import "C" ++import ( ++ "hash" ++ "runtime" ++ "slices" ++ "unsafe" ++) ++ ++var _ hash.Hash = (*cryptoKitHMAC)(nil) ++var _ HashCloner = (*cryptoKitHMAC)(nil) ++ ++type cryptoKitHMAC struct { ++ ptr unsafe.Pointer ++ ++ kind int ++ key []byte ++ ++ blockSize int ++ size int ++} ++ ++func NewHMAC(fh func() hash.Hash, key []byte) hash.Hash { ++ h := fh() ++ if h == nil { ++ return nil ++ } ++ ++ // copying the key here to ensure that it is not modified ++ // while this algorithm is using it. ++ key = slices.Clone(key) ++ kind := hashToHMACEnum(h) ++ if kind == 0 { ++ // The hash function is not supported by the HMAC implementation. ++ return nil ++ } ++ ++ hmac := &cryptoKitHMAC{ ++ ptr: C.initHMAC( ++ C.int(kind), ++ base(key), C.int(len(key)), ++ ), ++ kind: kind, ++ key: key, ++ blockSize: h.BlockSize(), ++ size: h.Size(), ++ } ++ ++ runtime.SetFinalizer(hmac, func(h *cryptoKitHMAC) { ++ C.freeHMAC( ++ C.int(h.kind), ++ h.ptr, ++ ) ++ }) ++ ++ return hmac ++} ++ ++func (h *cryptoKitHMAC) Write(p []byte) (n int, err error) { ++ C.updateHMAC(C.int(h.kind), ++ h.ptr, ++ (*C.uint8_t)(&*addrNeverEmpty(p)), C.int(len(p))) ++ ++ runtime.KeepAlive(h) ++ ++ return len(p), nil ++} ++ ++func (h *cryptoKitHMAC) Sum(b []byte) []byte { ++ hashSlice := make([]byte, h.size, 64) // explicit cap to allow stack allocation ++ C.finalizeHMAC( ++ C.int(h.kind), ++ h.ptr, ++ base(hashSlice), ++ ) ++ runtime.KeepAlive(h) ++ ++ b = append(b, hashSlice...) ++ ++ return b ++} ++ ++func (h *cryptoKitHMAC) Clone() (HashCloner, error) { ++ if h.ptr == nil { ++ panic("cryptokit: hash already finalized") ++ } ++ ++ hmac := &cryptoKitHMAC{ptr: C.copyHMAC(C.int(h.kind), h.ptr), kind: h.kind, key: slices.Clone(h.key), blockSize: h.blockSize, size: h.size} ++ ++ runtime.KeepAlive(h) ++ ++ runtime.SetFinalizer(hmac, func(h *cryptoKitHMAC) { ++ C.freeHMAC( ++ C.int(h.kind), ++ h.ptr, ++ ) ++ }) ++ ++ return hmac, nil ++} ++ ++func (h *cryptoKitHMAC) Reset() { ++ C.freeHMAC( ++ C.int(h.kind), ++ h.ptr, ++ ) ++ ++ h.ptr = C.initHMAC( ++ C.int(h.kind), ++ (*C.uint8_t)(&*addrNeverEmpty(h.key)), C.int(len(h.key)), ++ ) ++ ++ runtime.KeepAlive(h) ++} ++ ++func (h *cryptoKitHMAC) Size() int { ++ return h.size ++} ++ ++func (h *cryptoKitHMAC) BlockSize() int { ++ return h.blockSize ++} ++ ++func hashToHMACEnum(h hash.Hash) int { ++ switch h.(type) { ++ case MD5Hash: ++ return 1 ++ case SHA1Hash: ++ return 2 ++ case SHA256Hash: ++ return 3 ++ case SHA384Hash: ++ return 4 ++ case SHA512Hash: ++ return 5 ++ default: ++ return 0 ++ } ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/aes.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/aes.go +new file mode 100644 +index 00000000000000..c9611eef5e2697 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/aes.go +@@ -0,0 +1,336 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build darwin ++ ++package xcrypto ++ ++// #include ++import "C" ++import ( ++ "crypto/cipher" ++ "errors" ++ "slices" ++ ++ "github.com/microsoft/go-crypto-darwin/internal/cryptokit" ++) ++ ++//go:generate go run github.com/microsoft/go-crypto-darwin/cmd/gentestvectors -out vectors_test.go ++ ++type cipherGCMTLS uint8 ++ ++const ( ++ cipherGCMTLSNone cipherGCMTLS = iota ++ cipherGCMTLS12 ++ cipherGCMTLS13 ++) ++ ++const ( ++ // AES block size is the same for all key sizes ++ aesBlockSize = C.kCCBlockSizeAES128 ++ gcmTagSize = 16 ++ gcmStandardNonceSize = 12 ++ // TLS 1.2 additional data is constructed as: ++ // ++ // additional_data = seq_num(8) + TLSCompressed.type(1) + TLSCompressed.version(2) + TLSCompressed.length(2); ++ gcmTls12AddSize = 13 ++ // TLS 1.3 additional data is constructed as: ++ // ++ // additional_data = TLSCiphertext.opaque_type(1) || TLSCiphertext.legacy_record_version(2) || TLSCiphertext.length(2) ++ gcmTls13AddSize = 5 ++ gcmTlsFixedNonceSize = 4 ++) ++ ++type aesCipher struct { ++ key []byte ++ kind C.CCAlgorithm ++} ++ ++func NewAESCipher(key []byte) (cipher.Block, error) { ++ var alg C.CCAlgorithm ++ switch len(key) { ++ case 16, 24, 32: ++ alg = C.kCCAlgorithmAES ++ default: ++ return nil, errors.New("crypto/aes: invalid key size") ++ } ++ c := &aesCipher{ ++ key: slices.Clone(key), ++ kind: alg, ++ } ++ return c, nil ++} ++ ++func (c *aesCipher) BlockSize() int { return aesBlockSize } ++ ++func (c *aesCipher) Encrypt(dst, src []byte) { ++ blockSize := c.BlockSize() ++ if len(src) < blockSize || len(dst) < blockSize { ++ panic("crypto/aes: input or output block is too small") ++ } ++ ++ src, dst = src[:blockSize], dst[:blockSize] ++ ++ if inexactOverlap(dst, src) { ++ panic("crypto/aes: invalid buffer overlap") ++ } ++ ++ status := C.CCCrypt( ++ C.kCCEncrypt, // Operation ++ C.CCAlgorithm(c.kind), // Algorithm ++ 0, // Options ++ pbase(c.key), // Key ++ C.size_t(len(c.key)), // Key length ++ nil, // IV ++ pbase(src), // Input ++ C.size_t(blockSize), // Input length ++ pbase(dst), // Output ++ C.size_t(blockSize), // Output length ++ nil, // Output length ++ ) ++ if status != C.kCCSuccess { ++ panic("crypto/aes: encryption failed") ++ } ++} ++ ++func (c *aesCipher) Decrypt(dst, src []byte) { ++ blockSize := c.BlockSize() ++ if len(src) < blockSize || len(dst) < blockSize { ++ panic("crypto/aes: input or output block is too small") ++ } ++ ++ src, dst = src[:blockSize], dst[:blockSize] ++ ++ if inexactOverlap(dst, src) { ++ panic("crypto/aes: invalid buffer overlap") ++ } ++ ++ status := C.CCCrypt( ++ C.kCCDecrypt, // Operation ++ C.CCAlgorithm(c.kind), // Algorithm ++ 0, // Options ++ pbase(c.key), // Key ++ C.size_t(len(c.key)), // Key length ++ nil, // IV ++ pbase(src), // Input ++ C.size_t(blockSize), // Input length ++ pbase(dst), // Output ++ C.size_t(blockSize), // Output length ++ nil, // Output length ++ ) ++ if status != C.kCCSuccess { ++ panic("crypto/aes: decryption failed") ++ } ++} ++ ++type aesGCM struct { ++ key []byte ++ tls cipherGCMTLS ++ // minNextNonce is the minimum value that the next nonce can be, enforced by ++ // all TLS modes. ++ minNextNonce uint64 ++ // mask is the nonce mask used in TLS 1.3 mode. ++ mask uint64 ++ // maskInitialized is true if mask has been initialized. This happens during ++ // the first Seal. The initialized mask may be 0. Used by TLS 1.3 mode. ++ maskInitialized bool ++} ++ ++type noGCM struct { ++ cipher.Block ++} ++ ++// NewGCM constructs a GCM block mode for AES using the cryptokit package ++func (c *aesCipher) NewGCM(nonceSize, tagSize int) (cipher.AEAD, error) { ++ if nonceSize != gcmStandardNonceSize && tagSize != gcmTagSize { ++ return nil, errors.New("crypto/aes: GCM tag and nonce sizes can't be non-standard at the same time") ++ } ++ // Fall back to standard library for GCM with non-standard nonce or tag size. ++ if nonceSize != gcmStandardNonceSize { ++ return cipher.NewGCMWithNonceSize(&noGCM{c}, nonceSize) ++ } ++ if tagSize != gcmTagSize { ++ return cipher.NewGCMWithTagSize(&noGCM{c}, tagSize) ++ } ++ return &aesGCM{key: c.key, tls: cipherGCMTLSNone}, nil ++} ++ ++func (g *aesGCM) NonceSize() int { return gcmStandardNonceSize } ++ ++func (g *aesGCM) Overhead() int { return gcmTagSize } ++ ++func (g *aesGCM) Seal(dst, nonce, plaintext, additionalData []byte) []byte { ++ if len(nonce) != gcmStandardNonceSize { ++ panic("cipher: incorrect nonce length given to GCM") ++ } ++ if uint64(len(plaintext)) > ((1<<32)-2)*aesBlockSize || len(plaintext)+gcmTagSize < len(plaintext) { ++ panic("cipher: message too large for GCM") ++ } ++ if len(dst)+len(plaintext)+gcmTagSize < len(dst) { ++ panic("cipher: message too large for buffer") ++ } ++ ++ if g.tls != cipherGCMTLSNone { ++ if g.tls == cipherGCMTLS12 && len(additionalData) != gcmTls12AddSize { ++ panic("cipher: incorrect additional data length given to GCM TLS 1.2") ++ } else if g.tls == cipherGCMTLS13 && len(additionalData) != gcmTls13AddSize { ++ panic("cipher: incorrect additional data length given to GCM TLS 1.3") ++ } ++ counter := bigUint64(nonce[gcmTlsFixedNonceSize:]) ++ ++ // TLS 1.3 Masking ++ if g.tls == cipherGCMTLS13 { ++ if !g.maskInitialized { ++ g.mask = counter ++ g.maskInitialized = true ++ } ++ // Apply mask to the counter ++ counter ^= g.mask ++ } ++ ++ // Enforce monotonicity and max limit ++ const maxUint64 = 1<<64 - 1 ++ if counter == maxUint64 { ++ panic("cipher: nonce counter must be less than 2^64 - 1") ++ } ++ if counter < g.minNextNonce { ++ panic("cipher: nonce counter must be strictly monotonically increasing") ++ } ++ ++ defer func() { ++ g.minNextNonce = counter + 1 ++ }() ++ } ++ ++ // Make room in dst to append plaintext+overhead. ++ ret, out := sliceForAppend(dst, len(plaintext)+gcmTagSize) ++ ++ // Check delayed until now to make sure len(dst) is accurate. ++ if inexactOverlap(out, plaintext) { ++ panic("cipher: invalid buffer overlap") ++ } ++ ++ tag := out[len(out)-gcmTagSize:] ++ err := cryptokit.EncryptAESGCM(g.key, plaintext, nonce, additionalData, out[:len(out)-gcmTagSize], tag) ++ if err != 0 { ++ panic("cipher: encryption failed") ++ } ++ return ret ++} ++ ++func (g *aesGCM) SealWithRandomNonce(out, nonce, plaintext, additionalData []byte) { ++ if uint64(len(plaintext)) > uint64((1<<32)-2)*aesBlockSize { ++ panic("crypto/cipher: message too large for GCM") ++ } ++ if len(nonce) != gcmStandardNonceSize { ++ panic("crypto/cipher: incorrect nonce length given to GCMWithRandomNonce") ++ } ++ if len(out) != len(plaintext)+gcmTagSize { ++ panic("crypto/cipher: incorrect output length given to GCMWithRandomNonce") ++ } ++ if inexactOverlap(out, plaintext) { ++ panic("crypto/cipher: invalid buffer overlap of output and input") ++ } ++ if anyOverlap(out, additionalData) { ++ panic("crypto/cipher: invalid buffer overlap of output and additional data") ++ } ++ ++ if g.tls != cipherGCMTLSNone { ++ panic("cipher: TLS 1.2 and 1.3 modes do not support random nonce") ++ } ++ ++ tag := out[len(out)-gcmTagSize:] ++ // Generate a random nonce ++ RandReader.Read(nonce) ++ err := cryptokit.EncryptAESGCM(g.key, plaintext, nonce, additionalData, out[:len(out)-gcmTagSize], tag) ++ if err != 0 { ++ panic("cipher: encryption failed") ++ } ++} ++ ++var errOpen = errors.New("cipher: message authentication failed") ++ ++func (g *aesGCM) Open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error) { ++ if len(nonce) != gcmStandardNonceSize { ++ panic("cipher: incorrect nonce length given to GCM") ++ } ++ if len(ciphertext) < gcmTagSize { ++ return nil, errOpen ++ } ++ if uint64(len(ciphertext)) > ((1<<32)-2)*aesBlockSize+gcmTagSize { ++ return nil, errOpen ++ } ++ // BoringCrypto does not do any TLS check when decrypting, neither do we. ++ ++ // Ensure we don't process if ciphertext lacks both ciphertext and tag ++ if len(ciphertext) < gcmTagSize { ++ return nil, errors.New("decryption failed: ciphertext too short for tag") ++ } ++ ++ tag := ciphertext[len(ciphertext)-gcmTagSize:] ++ ciphertext = ciphertext[:len(ciphertext)-gcmTagSize] ++ ++ // Make room in dst to append ciphertext without tag. ++ ret, out := sliceForAppend(dst, len(ciphertext)) ++ ++ // Check delayed until now to make sure len(dst) is accurate. ++ if inexactOverlap(out, ciphertext) { ++ panic("cipher: invalid buffer overlap") ++ } ++ ++ decSize, err := cryptokit.DecryptAESGCM(g.key, ciphertext, nonce, additionalData, tag, out) ++ if err != 0 || int(decSize) != len(ciphertext) { ++ // If the decrypted data size does not match, zero out `out` and return `errOpen` ++ for i := range out { ++ out[i] = 0 ++ } ++ return nil, errOpen ++ } ++ return ret, nil ++} ++ ++// NewGCMTLS returns a GCM cipher specific to TLS ++// and should not be used for non-TLS purposes. ++func NewGCMTLS(block cipher.Block) (cipher.AEAD, error) { ++ cipher, ok := block.(*aesCipher) ++ if !ok { ++ return nil, errors.New("crypto/aes: invalid block cipher") ++ } ++ return &aesGCM{key: cipher.key, tls: cipherGCMTLS12}, nil ++} ++ ++// NewGCMTLS13 returns a GCM cipher specific to TLS 1.3 and should not be used ++// for non-TLS purposes. ++func NewGCMTLS13(block cipher.Block) (cipher.AEAD, error) { ++ cipher, ok := block.(*aesCipher) ++ if !ok { ++ return nil, errors.New("crypto/aes: invalid block cipher") ++ } ++ return &aesGCM{key: cipher.key, tls: cipherGCMTLS13}, nil ++} ++ ++func (c *aesCipher) NewCBCEncrypter(iv []byte) cipher.BlockMode { ++ return newCBC(C.kCCEncrypt, c.kind, c.key, iv) ++} ++ ++func (c *aesCipher) NewCBCDecrypter(iv []byte) cipher.BlockMode { ++ return newCBC(C.kCCDecrypt, c.kind, c.key, iv) ++} ++ ++// sliceForAppend is a mirror of crypto/cipher.sliceForAppend. ++func sliceForAppend(in []byte, n int) (head, tail []byte) { ++ if total := len(in) + n; cap(in) >= total { ++ head = in[:total] ++ } else { ++ head = make([]byte, total) ++ copy(head, in) ++ } ++ tail = head[len(in):] ++ return ++} ++ ++func bigUint64(b []byte) uint64 { ++ _ = b[7] // bounds check hint to compiler; see go.dev/issue/14808 ++ return uint64(b[7]) | uint64(b[6])<<8 | uint64(b[5])<<16 | uint64(b[4])<<24 | ++ uint64(b[3])<<32 | uint64(b[2])<<40 | uint64(b[1])<<48 | uint64(b[0])<<56 ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/big.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/big.go +new file mode 100644 +index 00000000000000..865e22ab6a3dda +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/big.go +@@ -0,0 +1,16 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++package xcrypto ++ ++// This file does not have build constraints to ++// facilitate using BigInt in Go crypto. ++// Go crypto references BigInt unconditionally, ++// even if it is not finally used. ++ ++// A BigInt is the big-endian bytes from a math/big BigInt, ++// which are normalized to remove any leading 0 byte. ++// Windows BCrypt accepts this specific data format. ++// This definition allows us to avoid importing math/big. ++// Conversion between BigInt and *big.Int is in xcrypto/bbig. ++type BigInt []byte +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/cgo_go124.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/cgo_go124.go +new file mode 100644 +index 00000000000000..02f265fe56b592 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/cgo_go124.go +@@ -0,0 +1,23 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build go1.24 && darwin ++ ++package xcrypto ++ ++// The following noescape and nocallback directives are used to prevent the Go ++// compiler from allocating function parameters on the heap. See ++// https://github.com/golang/go/blob/0733682e5ff4cd294f5eccb31cbe87a543147bc6/src/cmd/cgo/doc.go#L439-L461 ++// ++// If possible, write a C wrapper function to optimize a call rather than using ++// this feature so the optimization will work for all supported Go versions. ++// ++// This is just a performance optimization. Only add functions that have been ++// observed to benefit from these directives, not every function that is merely ++// expected to meet the noescape/nocallback criteria. ++ ++/* ++#cgo noescape SecRandomCopyBytes ++#cgo nocallback SecRandomCopyBytes ++*/ ++import "C" +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/cipher.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/cipher.go +new file mode 100644 +index 00000000000000..9f3a8f92bd43fc +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/cipher.go +@@ -0,0 +1,122 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build darwin ++ ++package xcrypto ++ ++// #include ++import "C" ++ ++import ( ++ "runtime" ++ "unsafe" ++) ++ ++type cbcCipher struct { ++ blockSize int ++ cryptor C.CCCryptorRef ++} ++ ++func newCBC(operation C.CCOperation, kind C.CCAlgorithm, key, iv []byte) *cbcCipher { ++ var blockSize int ++ switch kind { ++ case C.kCCAlgorithmAES: ++ blockSize = aesBlockSize ++ case C.kCCAlgorithmDES, C.kCCAlgorithm3DES: ++ blockSize = desBlockSize ++ default: ++ panic("invalid algorithm") ++ } ++ ++ // Create and initialize the cbcMode struct with CCCryptorCreate here ++ x := &cbcCipher{blockSize: blockSize} ++ status := C.CCCryptorCreateWithMode( ++ operation, // Specifies whether encryption or decryption is performed (kCCEncrypt or kCCDecrypt). ++ C.kCCModeCBC, // Mode of operation, here explicitly set to CBC (Cipher Block Chaining). ++ C.CCAlgorithm(kind), // The encryption algorithm (e.g., kCCAlgorithmAES128, kCCAlgorithmDES). ++ C.ccNoPadding, // Padding option, set to no padding; padding can be handled at a higher level if necessary. ++ pbase(iv), // Initialization Vector (IV) for the cipher, required for CBC mode. Should be nil for ECB mode. ++ pbase(key), // Pointer to the encryption key. ++ C.size_t(len(key)), // Length of the encryption key in bytes. ++ nil, // Tweak key, used only for XTS mode; here set to nil as it’s not required for CBC. ++ 0, // Length of the tweak key, set to 0 as tweak is nil. ++ 0, // Number of rounds, mainly for RC2 and Blowfish; not used here, so set to 0. ++ 0, // Mode options for CTR and F8 modes; not used for CBC, so set to 0. ++ &x.cryptor, // Pointer to the CCCryptorRef output, which will hold the state for encryption or decryption. ++ ) ++ ++ if status != C.kCCSuccess { ++ panic("crypto/des: CCCryptorCreate failed") ++ } ++ ++ runtime.SetFinalizer(x, (*cbcCipher).finalize) ++ return x ++ ++} ++ ++func (x *cbcCipher) finalize() { ++ if x.cryptor != nil { ++ C.CCCryptorRelease(x.cryptor) ++ x.cryptor = nil ++ } ++} ++ ++func (x *cbcCipher) BlockSize() int { return x.blockSize } ++ ++func (x *cbcCipher) CryptBlocks(dst, src []byte) { ++ if inexactOverlap(dst, src) { ++ panic("crypto/cipher: invalid buffer overlap") ++ } ++ if len(src)%x.blockSize != 0 { ++ panic("crypto/cipher: input not full blocks") ++ } ++ if len(dst) < len(src) { ++ panic("crypto/cipher: output smaller than input") ++ } ++ if len(src) == 0 { ++ return ++ } ++ var outLength C.size_t ++ status := C.CCCryptorUpdate( ++ x.cryptor, // CCCryptorRef created by CCCryptorCreateWithMode; holds the encryption/decryption state. ++ pbase(src), // Pointer to the input data (source buffer) to be encrypted or decrypted. ++ C.size_t(len(src)), // Length of the input data in bytes. ++ pbase(dst), // Pointer to the output buffer (destination buffer) where the result will be stored. ++ C.size_t(len(dst)), // Size of the output buffer in bytes; must be large enough to hold the processed data. ++ &outLength, // Pointer to a variable that will contain the number of bytes written to the output buffer. ++ ) ++ if status != C.kCCSuccess { ++ panic("crypto/cipher: CCCryptorUpdate failed") ++ } ++ runtime.KeepAlive(x) ++} ++ ++func (x *cbcCipher) SetIV(iv []byte) { ++ if len(iv) != x.blockSize { ++ panic("crypto/cipher: incorrect IV length") ++ } ++ status := C.CCCryptorReset( ++ x.cryptor, // CCCryptorRef created by CCCryptorCreateWithMode; holds the encryption/decryption state. ++ pbase(iv), // Pointer to the new IV to be set. ++ ) ++ if status != C.kCCSuccess { ++ panic("crypto/cipher: CCCryptorReset failed") ++ } ++ runtime.KeepAlive(x) ++} ++ ++// The following two functions are a mirror of golang.org/x/crypto/internal/subtle. ++ ++func anyOverlap(x, y []byte) bool { ++ return len(x) > 0 && len(y) > 0 && ++ uintptr(unsafe.Pointer(&x[0])) <= uintptr(unsafe.Pointer(&y[len(y)-1])) && ++ uintptr(unsafe.Pointer(&y[0])) <= uintptr(unsafe.Pointer(&x[len(x)-1])) ++} ++ ++func inexactOverlap(x, y []byte) bool { ++ if len(x) == 0 || len(y) == 0 || &x[0] == &y[0] { ++ return false ++ } ++ return anyOverlap(x, y) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/des.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/des.go +new file mode 100644 +index 00000000000000..ce490c1167c536 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/des.go +@@ -0,0 +1,117 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build darwin ++ ++package xcrypto ++ ++// #include ++import "C" ++import ( ++ "crypto/cipher" ++ "errors" ++ "slices" ++) ++ ++const desBlockSize = C.kCCBlockSizeDES ++ ++type desCipher struct { ++ key []byte ++ kind C.CCAlgorithm ++} ++ ++// NewDESCipher creates a new DES cipher block using the specified key (8 bytes). ++func NewDESCipher(key []byte) (cipher.Block, error) { ++ if len(key) != 8 { ++ return nil, errors.New("crypto/des: invalid key size for DES") ++ } ++ ++ c := &desCipher{ ++ key: slices.Clone(key), ++ kind: C.kCCAlgorithmDES, ++ } ++ return c, nil ++} ++ ++// NewTripleDESCipher creates a new 3DES cipher block using the specified key (24 bytes). ++func NewTripleDESCipher(key []byte) (cipher.Block, error) { ++ if len(key) != 24 { ++ return nil, errors.New("crypto/des: invalid key size for 3DES") ++ } ++ ++ c := &desCipher{ ++ key: slices.Clone(key), ++ kind: C.kCCAlgorithm3DES, ++ } ++ return c, nil ++} ++ ++func (c *desCipher) BlockSize() int { return desBlockSize } ++ ++func (c *desCipher) Encrypt(dst, src []byte) { ++ blockSize := c.BlockSize() ++ if len(src) < blockSize || len(dst) < blockSize { ++ panic("crypto/des: input or output block is too small") ++ } ++ ++ if inexactOverlap(dst[:blockSize], src[:blockSize]) { ++ panic("crypto/des: invalid buffer overlap") ++ } ++ ++ var outLength C.size_t ++ status := C.CCCrypt( ++ C.kCCEncrypt, ++ C.CCAlgorithm(c.kind), ++ C.kCCOptionECBMode, ++ pbase(c.key), ++ C.size_t(len(c.key)), ++ nil, ++ pbase(src[:blockSize]), ++ C.size_t(blockSize), ++ pbase(dst[:blockSize]), ++ C.size_t(blockSize), ++ &outLength, ++ ) ++ if status != C.kCCSuccess { ++ panic("crypto/des: encryption failed") ++ } ++} ++ ++func (c *desCipher) Decrypt(dst, src []byte) { ++ blockSize := c.BlockSize() ++ if len(src) < blockSize || len(dst) < blockSize { ++ panic("crypto/des: input or output block is too small") ++ } ++ ++ if inexactOverlap(dst[:blockSize], src[:blockSize]) { ++ panic("crypto/des: invalid buffer overlap") ++ } ++ ++ var outLength C.size_t ++ status := C.CCCrypt( ++ C.kCCDecrypt, ++ C.CCAlgorithm(c.kind), ++ C.kCCOptionECBMode, ++ pbase(c.key), ++ C.size_t(len(c.key)), ++ nil, ++ pbase(src[:blockSize]), ++ C.size_t(blockSize), ++ pbase(dst[:blockSize]), ++ C.size_t(blockSize), ++ &outLength, ++ ) ++ if status != C.kCCSuccess { ++ panic("crypto/des: decryption failed") ++ } ++} ++ ++// CBC mode encrypter ++func (c *desCipher) NewCBCEncrypter(iv []byte) cipher.BlockMode { ++ return newCBC(C.kCCEncrypt, c.kind, c.key, iv) ++} ++ ++// CBC mode decrypter ++func (c *desCipher) NewCBCDecrypter(iv []byte) cipher.BlockMode { ++ return newCBC(C.kCCDecrypt, c.kind, c.key, iv) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ec.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ec.go +new file mode 100644 +index 00000000000000..e57bde33af4c98 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ec.go +@@ -0,0 +1,32 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build darwin ++ ++package xcrypto ++ ++func curveToKeySizeInBits(curve string) int { ++ switch curve { ++ case "P-256": ++ return 256 ++ case "P-384": ++ return 384 ++ case "P-521": ++ return 521 ++ default: ++ return 0 ++ } ++} ++ ++func curveToKeySizeInBytes(curve string) int { ++ switch curve { ++ case "P-256": ++ return (256 + 7) / 8 ++ case "P-384": ++ return (384 + 7) / 8 ++ case "P-521": ++ return (521 + 7) / 8 ++ default: ++ return 0 ++ } ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ecdh.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ecdh.go +new file mode 100644 +index 00000000000000..3bdd3937670285 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ecdh.go +@@ -0,0 +1,135 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build darwin ++ ++package xcrypto ++ ++// #include ++import "C" ++import ( ++ "errors" ++ "runtime" ++ "slices" ++) ++ ++type PublicKeyECDH struct { ++ _pkey C.SecKeyRef ++ bytes []byte ++} ++ ++func (k *PublicKeyECDH) finalize() { ++ if k._pkey != 0 { ++ C.CFRelease(C.CFTypeRef(k._pkey)) ++ } ++} ++ ++type PrivateKeyECDH struct { ++ _pkey C.SecKeyRef ++ pub []byte ++} ++ ++func (k *PrivateKeyECDH) finalize() { ++ if k._pkey != 0 { ++ C.CFRelease(C.CFTypeRef(k._pkey)) ++ } ++} ++ ++func NewPublicKeyECDH(curve string, bytes []byte) (*PublicKeyECDH, error) { ++ if len(bytes) < 1 { ++ return nil, errors.New("NewPublicKeyECDH: missing key") ++ } ++ pubKeyRef, err := createSecKeyWithData(bytes, C.kSecAttrKeyTypeECSECPrimeRandom, C.kSecAttrKeyClassPublic) ++ if err != nil { ++ return nil, err ++ } ++ pubKey := &PublicKeyECDH{pubKeyRef, slices.Clone(bytes)} ++ runtime.SetFinalizer(pubKey, (*PublicKeyECDH).finalize) ++ return pubKey, nil ++} ++ ++func (k *PublicKeyECDH) Bytes() []byte { return k.bytes } ++ ++// bytes expects the public key to be in uncompressed ANSI X9.63 format ++func NewPrivateKeyECDH(curve string, pub, priv []byte) (*PrivateKeyECDH, error) { ++ key := append(slices.Clone(pub), priv...) ++ privKeyRef, err := createSecKeyWithData(key, C.kSecAttrKeyTypeECSECPrimeRandom, C.kSecAttrKeyClassPrivate) ++ if err != nil { ++ return nil, err ++ } ++ privKey := &PrivateKeyECDH{privKeyRef, pub} ++ runtime.SetFinalizer(privKey, (*PrivateKeyECDH).finalize) ++ return privKey, nil ++} ++ ++func (k *PrivateKeyECDH) PublicKey() (*PublicKeyECDH, error) { ++ defer runtime.KeepAlive(k) ++ pubKeyRef := C.SecKeyCopyPublicKey(k._pkey) ++ if pubKeyRef == 0 { ++ return nil, errors.New("failed to extract public key") ++ } ++ pubKey := &PublicKeyECDH{pubKeyRef, k.pub} ++ runtime.SetFinalizer(pubKey, (*PublicKeyECDH).finalize) ++ return pubKey, nil ++} ++ ++func ECDH(priv *PrivateKeyECDH, pub *PublicKeyECDH) ([]byte, error) { ++ defer runtime.KeepAlive(priv) ++ defer runtime.KeepAlive(pub) ++ ++ var algorithm C.CFStringRef = C.kSecKeyAlgorithmECDHKeyExchangeStandard ++ ++ supported := C.SecKeyIsAlgorithmSupported(priv._pkey, C.kSecKeyOperationTypeKeyExchange, algorithm) ++ if supported == 0 { ++ return nil, errors.New("ECDH algorithm not supported for the given private key") ++ } ++ ++ var cfErr C.CFErrorRef ++ // Perform the key exchange ++ sharedSecretRef := C.SecKeyCopyKeyExchangeResult( ++ priv._pkey, ++ algorithm, ++ pub._pkey, ++ C.CFDictionaryRef(0), ++ &cfErr, ++ ) ++ if err := goCFErrorRef(cfErr); err != nil { ++ return nil, err ++ } ++ defer C.CFRelease(C.CFTypeRef(sharedSecretRef)) ++ ++ sharedSecret := cfDataToBytes(sharedSecretRef) ++ return sharedSecret, nil ++} ++ ++func GenerateKeyECDH(curve string) (*PrivateKeyECDH, []byte, error) { ++ keySize := curveToKeySizeInBytes(curve) ++ if keySize == 0 { ++ return nil, nil, errors.New("unsupported curve") ++ } ++ keySizeInBits := curveToKeySizeInBits(curve) ++ // Generate the private key and get its DER representation ++ privKeyDER, privKeyRef, err := createSecKeyRandom(C.kSecAttrKeyTypeECSECPrimeRandom, keySizeInBits) ++ if err != nil { ++ return nil, nil, err ++ } ++ pub, priv, err := extractECDHComponents(privKeyDER, keySize) ++ if err != nil { ++ C.CFRelease(C.CFTypeRef(privKeyRef)) ++ return nil, nil, err ++ } ++ k := &PrivateKeyECDH{privKeyRef, pub} ++ runtime.SetFinalizer(k, (*PrivateKeyECDH).finalize) ++ return k, priv, nil ++} ++ ++func extractECDHComponents(der []byte, keySize int) (pub, priv []byte, err error) { ++ // The private component is the last of the three equally-sized chunks ++ // for the elliptic curve private key. ++ if len(der) != 1+keySize*3 { ++ return nil, nil, errors.New("invalid key length: insufficient data for private component") ++ } ++ pub = der[:1+keySize*2] ++ priv = der[1+keySize*2:] ++ return ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ecdsa.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ecdsa.go +new file mode 100644 +index 00000000000000..fb0e207a89ff67 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ecdsa.go +@@ -0,0 +1,181 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build darwin ++ ++package xcrypto ++ ++// #include ++import "C" ++import ( ++ "errors" ++ "runtime" ++) ++ ++type PrivateKeyECDSA struct { ++ _pkey C.SecKeyRef ++} ++ ++func (k *PrivateKeyECDSA) finalize() { ++ if k._pkey != 0 { ++ C.CFRelease(C.CFTypeRef(k._pkey)) ++ } ++} ++ ++func (k *PrivateKeyECDSA) withKey(f func(C.SecKeyRef) C.int) C.int { ++ defer runtime.KeepAlive(k) ++ return f(k._pkey) ++} ++ ++type PublicKeyECDSA struct { ++ _pkey C.SecKeyRef ++} ++ ++func (k *PublicKeyECDSA) finalize() { ++ if k._pkey != 0 { ++ C.CFRelease(C.CFTypeRef(k._pkey)) ++ } ++} ++ ++func (k *PublicKeyECDSA) withKey(f func(C.SecKeyRef) C.int) C.int { ++ defer runtime.KeepAlive(k) ++ return f(k._pkey) ++} ++ ++func NewPublicKeyECDSA(curve string, x, y BigInt) (*PublicKeyECDSA, error) { ++ keySize := curveToKeySizeInBytes(curve) ++ if keySize == 0 { ++ return nil, errors.New("unsupported curve") ++ } ++ encodedKey, err := encodeToUncompressedAnsiX963Key(x, y, nil, keySize) ++ if err != nil { ++ return nil, errors.New("failed to encode public key to uncompressed ANSI X9.63 format") ++ } ++ ++ pubKeyRef, err := createSecKeyWithData(encodedKey, C.kSecAttrKeyTypeECSECPrimeRandom, C.kSecAttrKeyClassPublic) ++ if err != nil { ++ return nil, err ++ } ++ ++ pubKey := &PublicKeyECDSA{_pkey: pubKeyRef} ++ runtime.SetFinalizer(pubKey, (*PublicKeyECDSA).finalize) ++ return pubKey, nil ++} ++ ++// NewPrivateKeyECDSA creates a new ECDSA private key using the provided curve name and parameters (x, y, d). ++func NewPrivateKeyECDSA(curve string, x, y, d BigInt) (*PrivateKeyECDSA, error) { ++ keySize := curveToKeySizeInBytes(curve) ++ if keySize == 0 { ++ return nil, errors.New("unsupported curve") ++ } ++ encodedKey, err := encodeToUncompressedAnsiX963Key(x, y, d, keySize) ++ if err != nil { ++ return nil, errors.New("crypto/ecdsa: failed to encode private key: " + err.Error()) ++ } ++ ++ privKeyRef, err := createSecKeyWithData(encodedKey, C.kSecAttrKeyTypeECSECPrimeRandom, C.kSecAttrKeyClassPrivate) ++ if err != nil { ++ return nil, err ++ } ++ ++ // Wrap and finalize ++ k := &PrivateKeyECDSA{_pkey: privKeyRef} ++ runtime.SetFinalizer(k, (*PrivateKeyECDSA).finalize) ++ return k, nil ++} ++ ++func GenerateKeyECDSA(curve string) (x, y, d BigInt, err error) { ++ keySize := curveToKeySizeInBytes(curve) ++ if keySize == 0 { ++ return nil, nil, nil, errors.New("unsupported curve") ++ } ++ ++ keySizeInBits := curveToKeySizeInBits(curve) ++ privKeyDER, privKeyRef, err := createSecKeyRandom(C.kSecAttrKeyTypeECSECPrimeRandom, keySizeInBits) ++ if err != nil { ++ return nil, nil, nil, err ++ } ++ defer C.CFRelease(C.CFTypeRef(privKeyRef)) ++ return decodeFromUncompressedAnsiX963Key(privKeyDER, keySize) ++} ++ ++func SignMarshalECDSA(priv *PrivateKeyECDSA, hashed []byte) ([]byte, error) { ++ return evpSign(priv.withKey, algorithmTypeECDSA, 0, hashed) ++} ++ ++func VerifyECDSA(pub *PublicKeyECDSA, hashed []byte, sig []byte) bool { ++ return evpVerify(pub.withKey, algorithmTypeECDSA, 0, hashed, sig) == nil ++} ++ ++// encodeToUncompressedAnsiX963Key encodes the given elliptic curve point (x, y) and optional private key (d) ++// into an uncompressed ANSI X9.63 format byte slice. ++func encodeToUncompressedAnsiX963Key(x, y, d BigInt, keySize int) ([]byte, error) { ++ // Build the uncompressed key point (0x04 || x || y { || d }) ++ size := 1 + keySize*2 ++ if d != nil { ++ size += keySize ++ } ++ out := make([]byte, size) ++ out[0] = 0x04 ++ err := encodeBigInt(out[1:], []sizedBigInt{ ++ {x, keySize}, {y, keySize}, ++ {d, keySize}, ++ }) ++ if err != nil { ++ return nil, err ++ } ++ return out, nil ++} ++ ++// decodeFromUncompressedAnsiX963Key decodes the given uncompressed ANSI X9.63 format byte slice into ++// the elliptic curve point (x, y) and optional private key (d). ++func decodeFromUncompressedAnsiX963Key(key []byte, keySize int) (x, y, d BigInt, err error) { ++ if len(key) < 1 || key[0] != 0x04 { ++ return nil, nil, nil, errors.New("invalid uncompressed key format") ++ } ++ if len(key) < 1+keySize*2 { ++ return nil, nil, nil, errors.New("invalid key length") ++ } ++ x = normalizeBigInt(key[1 : 1+keySize]) ++ y = normalizeBigInt(key[1+keySize : 1+keySize*2]) ++ if len(key) > 1+keySize*2 { ++ d = normalizeBigInt(key[1+keySize*2:]) ++ return x, y, d, nil ++ } ++ return x, y, nil, nil ++} ++ ++func normalizeBigInt(b []byte) BigInt { ++ // Remove leading zero bytes ++ for len(b) > 0 && b[0] == 0 { ++ b = b[1:] ++ } ++ return b ++} ++ ++// sizedBigInt defines a big integer with ++// a size that can be different from the ++// one provided by len(b). ++type sizedBigInt struct { ++ b BigInt ++ size int ++} ++ ++// encodeBigInt encodes ints into data. ++// It stops iterating over ints when it finds one nil element. ++func encodeBigInt(data []byte, ints []sizedBigInt) error { ++ for _, v := range ints { ++ if v.b == nil { ++ return nil ++ } ++ normalized := normalizeBigInt(v.b) ++ // b might be shorter than size if the original big number contained leading zeros. ++ leadingZeros := int(v.size) - len(normalized) ++ if leadingZeros < 0 { ++ return errors.New("commoncrypto: invalid parameters") ++ } ++ copy(data[leadingZeros:], normalized) ++ data = data[v.size:] ++ } ++ return nil ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ed25519.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ed25519.go +new file mode 100644 +index 00000000000000..f59e6f9af58cd4 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ed25519.go +@@ -0,0 +1,100 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build darwin && cgo ++ ++package xcrypto ++ ++import ( ++ "strconv" ++ ++ "github.com/microsoft/go-crypto-darwin/internal/cryptokit" ++) ++ ++const ( ++ // publicKeySizeEd25519 is the size, in bytes, of public keys as used in crypto/ed25519. ++ publicKeySizeEd25519 = 32 ++ // privateKeySizeEd25519 is the size, in bytes, of private keys as used in crypto/ed25519. ++ privateKeySizeEd25519 = 64 ++ // signatureSizeEd25519 is the size, in bytes, of signatures generated and verified by crypto/ed25519. ++ signatureSizeEd25519 = 64 ++ // seedSizeEd25519 is the size, in bytes, of private key seeds. These are the private key representations used by RFC 8032. ++ seedSizeEd25519 = 32 ++) ++ ++// PublicKeyEd25519 represents an Ed25519 public key. ++type PublicKeyEd25519 []byte ++ ++// PrivateKeyEd25519 represents an Ed25519 private key. ++type PrivateKeyEd25519 []byte ++ ++func (k PrivateKeyEd25519) Public() PublicKeyEd25519 { ++ publicKey := make([]byte, publicKeySizeEd25519) ++ copy(publicKey, k[seedSizeEd25519:]) ++ return PublicKeyEd25519(publicKey) ++} ++ ++// GenerateKeyEd25519 generates a new Ed25519 private key. ++func GenerateKeyEd25519() PrivateKeyEd25519 { ++ pkeyPriv := make([]byte, privateKeySizeEd25519) ++ cryptokit.GenerateKeyEd25519(pkeyPriv) ++ return pkeyPriv ++} ++ ++func NewPrivateKeyEd25519(priv []byte) (PrivateKeyEd25519, error) { ++ if len(priv) != privateKeySizeEd25519 { ++ panic("ed25519: bad private key length: " + strconv.Itoa(len(priv))) ++ } ++ return NewPrivateKeyEd25519FromSeed(priv[:seedSizeEd25519]) ++} ++ ++func (k PrivateKeyEd25519) Bytes() ([]byte, error) { ++ return k, nil ++} ++ ++func NewPublicKeyEd25519(pub []byte) (PublicKeyEd25519, error) { ++ if len(pub) != publicKeySizeEd25519 { ++ panic("ed25519: bad public key length: " + strconv.Itoa(len(pub))) ++ } ++ pkey := make([]byte, publicKeySizeEd25519) ++ err := cryptokit.NewPublicKeyEd25519(pkey, pub) ++ if err != nil { ++ return nil, err ++ } ++ return pkey, nil ++} ++ ++func (k PublicKeyEd25519) Bytes() ([]byte, error) { ++ return k, nil ++} ++ ++// NewPrivateKeyEd25519FromSeed calculates a private key from a seed. It will panic if ++// len(seed) is not [SeedSize]. RFC 8032's private keys correspond to seeds in this ++// package. ++// NewPrivateKeyEd25519FromSeed creates an Ed25519 private key from a seed. ++func NewPrivateKeyEd25519FromSeed(seed []byte) (PrivateKeyEd25519, error) { ++ if len(seed) != seedSizeEd25519 { ++ panic("ed25519: bad seed length: " + strconv.Itoa(len(seed))) ++ } ++ pkey := make([]byte, privateKeySizeEd25519) ++ err := cryptokit.NewPrivateKeyEd25519FromSeed(pkey, seed) ++ if err != nil { ++ return nil, err ++ } ++ return pkey, nil ++} ++ ++// SignEd25519 signs the message with priv and returns a signature. ++func SignEd25519(priv PrivateKeyEd25519, message []byte) ([]byte, error) { ++ sig := make([]byte, signatureSizeEd25519) ++ err := cryptokit.SignEd25519(sig, priv, message) ++ if err != nil { ++ return nil, err ++ } ++ return sig, nil ++} ++ ++// VerifyEd25519 reports whether sig is a valid signature of message by pub. ++func VerifyEd25519(pub PublicKeyEd25519, message, sig []byte) error { ++ return cryptokit.VerifyEd25519(pub, message, sig) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/evp.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/evp.go +new file mode 100644 +index 00000000000000..6928418b4d26b9 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/evp.go +@@ -0,0 +1,345 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build darwin ++ ++package xcrypto ++ ++// #include ++import "C" ++import ( ++ "crypto" ++ "errors" ++ "hash" ++ "strconv" ++ "unsafe" ++ ++ "github.com/microsoft/go-crypto-darwin/internal/cryptokit" ++) ++ ++type algorithmType int ++ ++const ( ++ algorithmTypePSS algorithmType = iota ++ algorithmTypeRAW ++ algorithmTypePKCS1v15Enc ++ algorithmTypePKCS1v15Sig ++ algorithmTypeOAEP ++ algorithmTypeECDSA ++) ++ ++type withKeyFunc func(func(C.SecKeyRef) C.int) C.int ++ ++// Encrypt encrypts a plaintext message using a given key and algorithm. ++func evpEncrypt(withKey withKeyFunc, algorithmType algorithmType, plaintext []byte, hash hash.Hash) ([]byte, error) { ++ var cryptoHash crypto.Hash ++ if hash != nil { ++ var err error ++ cryptoHash, err = hashToCryptoHash(hash) ++ if err != nil { ++ return nil, err ++ } ++ } ++ algorithm, err := selectAlgorithm(cryptoHash, algorithmType) ++ if err != nil { ++ return nil, err ++ } ++ ++ dataRef := bytesToCFData(plaintext) ++ defer cfRelease(unsafe.Pointer(dataRef)) ++ ++ var encryptedDataRef C.CFDataRef ++ result := withKey(func(key C.SecKeyRef) C.int { ++ if C.SecKeyIsAlgorithmSupported(key, C.kSecKeyOperationTypeEncrypt, algorithm) != 1 { ++ return -1 // Algorithm not supported by the key ++ } ++ encryptedDataRef = C.SecKeyCreateEncryptedData(key, algorithm, dataRef, nil) ++ if encryptedDataRef == 0 { ++ return -1 // Encryption failed ++ } ++ return 0 ++ }) ++ if result != 0 { ++ return nil, errors.New("encryption failed") ++ } ++ defer cfRelease(unsafe.Pointer(encryptedDataRef)) ++ ++ return cfDataToBytes(encryptedDataRef), nil ++} ++ ++// Decrypt decrypts a ciphertext using a given key and algorithm. ++func evpDecrypt(withKey withKeyFunc, algorithmType algorithmType, ciphertext []byte, hash hash.Hash) ([]byte, error) { ++ var cryptoHash crypto.Hash ++ if hash != nil { ++ var err error ++ cryptoHash, err = hashToCryptoHash(hash) ++ if err != nil { ++ return nil, err ++ } ++ } ++ algorithm, err := selectAlgorithm(cryptoHash, algorithmType) ++ if err != nil { ++ return nil, err ++ } ++ ++ msg := bytesToCFData(ciphertext) ++ ++ var decryptedDataRef C.CFDataRef ++ var cfErr C.CFErrorRef ++ result := withKey(func(key C.SecKeyRef) C.int { ++ if C.SecKeyIsAlgorithmSupported(key, C.kSecKeyOperationTypeDecrypt, algorithm) != 1 { ++ return -1 // Algorithm not supported by the key ++ } ++ decryptedDataRef = C.SecKeyCreateDecryptedData(key, algorithm, msg, &cfErr) ++ if decryptedDataRef == 0 { ++ return -1 // Decryption failed ++ } ++ return 0 // Success ++ }) ++ ++ if err := goCFErrorRef(cfErr); err != nil { ++ return nil, err ++ } ++ ++ if result != 0 || decryptedDataRef == 0 { ++ return nil, errors.New("decryption failed") ++ } ++ defer cfRelease(unsafe.Pointer(decryptedDataRef)) ++ ++ return cfDataToBytes(decryptedDataRef), nil ++} ++ ++func evpSign(withKey withKeyFunc, algorithmType algorithmType, hash crypto.Hash, hashed []byte) ([]byte, error) { ++ algorithm, err := selectAlgorithm(hash, algorithmType) ++ if err != nil { ++ return nil, err ++ } ++ ++ var signedDataRef C.CFDataRef ++ var cfErr C.CFErrorRef ++ result := withKey(func(key C.SecKeyRef) C.int { ++ if C.SecKeyIsAlgorithmSupported(key, C.kSecKeyOperationTypeSign, algorithm) != 1 { ++ return -1 // Algorithm not supported by the key ++ } ++ signedDataRef = C.SecKeyCreateSignature(key, algorithm, bytesToCFData(hashed), &cfErr) ++ if signedDataRef == 0 { ++ return -1 // Signing failed ++ } ++ return 0 // Success ++ }) ++ ++ if err := goCFErrorRef(cfErr); err != nil { ++ return nil, err ++ } ++ ++ if result != 0 || signedDataRef == 0 { ++ return nil, errors.New("signing failed") ++ } ++ defer cfRelease(unsafe.Pointer(signedDataRef)) ++ ++ return cfDataToBytes(signedDataRef), nil ++} ++ ++func evpVerify(withKey withKeyFunc, algorithmType algorithmType, hash crypto.Hash, hashed, signature []byte) error { ++ algorithm, err := selectAlgorithm(hash, algorithmType) ++ if err != nil { ++ return err ++ } ++ ++ var cfErr C.CFErrorRef ++ result := withKey(func(key C.SecKeyRef) C.int { ++ if C.SecKeyIsAlgorithmSupported(key, C.kSecKeyOperationTypeVerify, algorithm) != 1 { ++ return -1 // Algorithm not supported by the key ++ } ++ if C.SecKeyVerifySignature(key, algorithm, bytesToCFData(hashed), bytesToCFData(signature), &cfErr) != 1 { ++ return -1 // Verification failed ++ } ++ return 0 // Success ++ }) ++ ++ if err := goCFErrorRef(cfErr); err != nil { ++ return err ++ } ++ ++ if result != 0 { ++ return errors.New("verification failed") ++ } ++ return nil ++} ++ ++// hashToCryptoHash converts a hash.Hash to a crypto.Hash. ++func hashToCryptoHash(hash hash.Hash) (crypto.Hash, error) { ++ switch hash.(type) { ++ case cryptokit.SHA1Hash: ++ return crypto.SHA1, nil ++ case cryptokit.SHA256Hash: ++ return crypto.SHA256, nil ++ case cryptokit.SHA384Hash: ++ return crypto.SHA384, nil ++ case cryptokit.SHA512Hash: ++ return crypto.SHA512, nil ++ default: ++ return 0, errors.New("unsupported hash function") ++ } ++} ++ ++// selectAlgorithm selects the appropriate SecKeyAlgorithm based on hash and algorithm type. ++func selectAlgorithm(hash crypto.Hash, algorithmType algorithmType) (C.CFStringRef, error) { ++ var algo C.CFStringRef ++ switch algorithmType { ++ case algorithmTypePSS: ++ switch hash { ++ case crypto.SHA1: ++ algo = C.kSecKeyAlgorithmRSASignatureDigestPSSSHA1 ++ case crypto.SHA224: ++ algo = C.kSecKeyAlgorithmRSASignatureDigestPSSSHA224 ++ case crypto.SHA256: ++ algo = C.kSecKeyAlgorithmRSASignatureDigestPSSSHA256 ++ case crypto.SHA384: ++ algo = C.kSecKeyAlgorithmRSASignatureDigestPSSSHA384 ++ case crypto.SHA512: ++ algo = C.kSecKeyAlgorithmRSASignatureDigestPSSSHA512 ++ default: ++ return 0, errors.New("unsupported PSS hash: " + hash.String()) ++ } ++ case algorithmTypeRAW: ++ algo = C.kSecKeyAlgorithmRSAEncryptionRaw ++ case algorithmTypePKCS1v15Enc: ++ return C.kSecKeyAlgorithmRSAEncryptionPKCS1, nil ++ case algorithmTypePKCS1v15Sig: ++ switch hash { ++ case crypto.SHA1: ++ algo = C.kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA1 ++ case crypto.SHA224: ++ algo = C.kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA224 ++ case crypto.SHA256: ++ algo = C.kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA256 ++ case crypto.SHA384: ++ algo = C.kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA384 ++ case crypto.SHA512: ++ algo = C.kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA512 ++ case 0: ++ algo = C.kSecKeyAlgorithmRSASignatureDigestPKCS1v15Raw ++ default: ++ return 0, errors.New("unsupported PKCS1v15 hash: " + hash.String()) ++ } ++ case algorithmTypeOAEP: ++ switch hash { ++ case crypto.SHA1: ++ algo = C.kSecKeyAlgorithmRSAEncryptionOAEPSHA1 ++ case crypto.SHA224: ++ algo = C.kSecKeyAlgorithmRSAEncryptionOAEPSHA224 ++ case crypto.SHA256: ++ algo = C.kSecKeyAlgorithmRSAEncryptionOAEPSHA256 ++ case crypto.SHA384: ++ algo = C.kSecKeyAlgorithmRSAEncryptionOAEPSHA384 ++ case crypto.SHA512: ++ algo = C.kSecKeyAlgorithmRSAEncryptionOAEPSHA512 ++ default: ++ return 0, errors.New("unsupported OAEP hash: " + hash.String()) ++ } ++ case algorithmTypeECDSA: ++ return C.kSecKeyAlgorithmECDSASignatureDigestX962, nil ++ default: ++ return 0, errors.New("unsupported algorithm type: " + strconv.Itoa(int(algorithmType))) ++ } ++ return algo, nil ++} ++ ++// bytesToCFData turns a byte slice into a CFDataRef. Caller then "owns" the ++// CFDataRef and must CFRelease the CFDataRef when done. ++func bytesToCFData(buf []byte) C.CFDataRef { ++ return C.CFDataCreate(C.kCFAllocatorDefault, base(buf), C.CFIndex(len(buf))) ++} ++ ++// cfDataToBytes turns a CFDataRef into a byte slice. ++func cfDataToBytes(cfData C.CFDataRef) []byte { ++ return C.GoBytes(unsafe.Pointer(C.CFDataGetBytePtr(cfData)), C.int(C.CFDataGetLength(cfData))) ++} ++ ++// cfRelease releases a CoreFoundation object. ++func cfRelease(ref unsafe.Pointer) { ++ C.CFRelease(C.CFTypeRef(ref)) ++} ++ ++// createSecKeyWithData creates a SecKey from the provided encoded key and attributes dictionary. ++func createSecKeyWithData(encodedKey []byte, keyType, keyClass C.CFStringRef) (C.SecKeyRef, error) { ++ encodedKeyCF := C.CFDataCreate(C.kCFAllocatorDefault, base(encodedKey), C.CFIndex(len(encodedKey))) ++ if encodedKeyCF == 0 { ++ return 0, errors.New("xcrypto: failed to create CFData for private key") ++ } ++ defer C.CFRelease(C.CFTypeRef(encodedKeyCF)) ++ ++ attrKeys := []C.CFTypeRef{ ++ C.CFTypeRef(C.kSecAttrKeyType), ++ C.CFTypeRef(C.kSecAttrKeyClass), ++ } ++ ++ attrValues := []C.CFTypeRef{ ++ C.CFTypeRef(keyType), ++ C.CFTypeRef(keyClass), ++ } ++ ++ // Create attributes dictionary for the key ++ attrDict := C.CFDictionaryCreate( ++ C.kCFAllocatorDefault, ++ (*unsafe.Pointer)(unsafe.Pointer(&attrKeys[0])), ++ (*unsafe.Pointer)(unsafe.Pointer(&attrValues[0])), ++ C.CFIndex(len(attrKeys)), ++ nil, ++ nil, ++ ) ++ if attrDict == 0 { ++ return 0, errors.New("xcrypto: failed to create attributes dictionary") ++ } ++ defer C.CFRelease(C.CFTypeRef(attrDict)) ++ ++ // Generate the SecKey ++ var errorRef C.CFErrorRef ++ key := C.SecKeyCreateWithData(encodedKeyCF, attrDict, &errorRef) ++ if err := goCFErrorRef(errorRef); err != nil { ++ return 0, err ++ } ++ return key, nil ++} ++ ++// createSecKeyRandom creates a new SecKey with the provided attributes dictionary. ++func createSecKeyRandom(keyType C.CFStringRef, keySize int) ([]byte, C.SecKeyRef, error) { ++ keyAttrs := C.CFDictionaryCreateMutable(C.kCFAllocatorDefault, 0, nil, nil) ++ if keyAttrs == 0 { ++ return nil, 0, errors.New("failed to create key attributes dictionary") ++ } ++ defer C.CFRelease(C.CFTypeRef(keyAttrs)) ++ ++ C.CFDictionarySetValue( ++ keyAttrs, ++ unsafe.Pointer(C.kSecAttrKeyType), ++ unsafe.Pointer(keyType), ++ ) ++ ++ C.CFDictionarySetValue( ++ keyAttrs, ++ unsafe.Pointer(C.kSecAttrKeySizeInBits), ++ unsafe.Pointer(C.CFNumberCreate(C.kCFAllocatorDefault, C.kCFNumberIntType, unsafe.Pointer(&keySize))), ++ ) ++ ++ // Generate the private key ++ var errorRef C.CFErrorRef ++ var privKeyRef C.SecKeyRef = C.SecKeyCreateRandomKey(C.CFDictionaryRef(keyAttrs), &errorRef) ++ if err := goCFErrorRef(errorRef); err != nil { ++ return nil, 0, err ++ } ++ ++ // Export the private key as DER ++ privData := C.SecKeyCopyExternalRepresentation(privKeyRef, &errorRef) ++ if err := goCFErrorRef(errorRef); err != nil { ++ return nil, 0, err ++ } ++ defer C.CFRelease(C.CFTypeRef(privData)) ++ ++ privKeyDER := cfDataToBytes(privData) ++ if privKeyDER == nil { ++ return nil, 0, errors.New("failed to convert CFData to bytes") ++ } ++ return privKeyDER, privKeyRef, nil ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/hash.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/hash.go +new file mode 100644 +index 00000000000000..b03a3ca13bdc7f +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/hash.go +@@ -0,0 +1,68 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build darwin && cgo ++ ++package xcrypto ++ ++import ( ++ "crypto" ++ "hash" ++ ++ "github.com/microsoft/go-crypto-darwin/internal/cryptokit" ++) ++ ++// SupportsHash returns true if a hash.Hash implementation is supported for h. ++func SupportsHash(h crypto.Hash) bool { ++ switch h { ++ case crypto.MD5, crypto.SHA1, crypto.SHA256, crypto.SHA384, crypto.SHA512: ++ return true ++ default: ++ return false ++ } ++} ++ ++func MD5(p []byte) (sum [16]byte) { ++ return cryptokit.MD5(p) ++} ++ ++func SHA1(p []byte) (sum [20]byte) { ++ return cryptokit.SHA1(p) ++} ++ ++func SHA256(p []byte) (sum [32]byte) { ++ return cryptokit.SHA256(p) ++} ++ ++func SHA384(p []byte) (sum [48]byte) { ++ return cryptokit.SHA384(p) ++} ++ ++func SHA512(p []byte) (sum [64]byte) { ++ return cryptokit.SHA512(p) ++} ++ ++// NewMD5 initializes a new MD5 hasher. ++func NewMD5() hash.Hash { ++ return cryptokit.NewMD5() ++} ++ ++// NewSHA1 initializes a new SHA1 hasher. ++func NewSHA1() hash.Hash { ++ return cryptokit.NewSHA1() ++} ++ ++// NewSHA256 initializes a new SHA256 hasher. ++func NewSHA256() hash.Hash { ++ return cryptokit.NewSHA256() ++} ++ ++// NewSHA384 initializes a new SHA384 hasher. ++func NewSHA384() hash.Hash { ++ return cryptokit.NewSHA384() ++} ++ ++// NewSHA512 initializes a new SHA512 hasher. ++func NewSHA512() hash.Hash { ++ return cryptokit.NewSHA512() ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/hkdf.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/hkdf.go +new file mode 100644 +index 00000000000000..3cc2d5d31927e0 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/hkdf.go +@@ -0,0 +1,66 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build darwin && cgo ++ ++package xcrypto ++ ++import ( ++ "errors" ++ "hash" ++ ++ "github.com/microsoft/go-crypto-darwin/internal/cryptokit" ++) ++ ++// ExtractHKDF performs the extract step of HKDF using the specified hash function. ++func ExtractHKDF(h func() hash.Hash, secret, salt []byte) ([]byte, error) { ++ // Handle empty secret ++ if len(secret) == 0 { ++ return nil, errors.New("secret cannot be empty") ++ } ++ ++ hash, err := hashToCryptoHash(h()) ++ if err != nil { ++ return nil, err ++ } ++ ++ // Default salt to a zero-filled array if not provided ++ if len(salt) == 0 { ++ salt = make([]byte, hash.Size()) ++ } ++ ++ prk, err := cryptokit.ExtractHKDF(hash, secret, salt) ++ if err != nil { ++ return nil, err ++ } ++ ++ return prk, nil ++} ++ ++// ExpandHKDF performs the expand step of HKDF using the specified hash function. ++func ExpandHKDF(h func() hash.Hash, pseudorandomKey, info []byte, keyLength int) ([]byte, error) { ++ // Handle empty secret ++ if len(pseudorandomKey) == 0 { ++ return nil, errors.New("pseudorandom key cannot be empty") ++ } ++ ++ hash, err := hashToCryptoHash(h()) ++ if err != nil { ++ return nil, err ++ } ++ ++ // Determine the maximum expandable key length based on the hash function ++ maxAllowedLength := hash.Size() * 255 ++ ++ // Validate requested key length ++ if keyLength > maxAllowedLength { ++ return nil, errors.New("requested key length exceeds maximum allowable size") ++ } ++ ++ expandedKey, err := cryptokit.ExpandHKDF(hash, pseudorandomKey, info, keyLength) ++ if err != nil { ++ return nil, err ++ } ++ ++ return expandedKey, nil ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/hmac.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/hmac.go +new file mode 100644 +index 00000000000000..ceb33c5cf99ca2 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/hmac.go +@@ -0,0 +1,21 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build darwin ++ ++package xcrypto ++ ++import "C" ++import ( ++ "hash" ++ ++ "github.com/microsoft/go-crypto-darwin/internal/cryptokit" ++) ++ ++// NewHMAC returns a new HMAC using xcrypto. ++// The function h must return a hash implemented by ++// CommonCrypto (for example, h could be xcrypto.NewSHA256). ++// If h is not recognized, NewHMAC returns nil. ++func NewHMAC(fh func() hash.Hash, key []byte) hash.Hash { ++ return cryptokit.NewHMAC(fh, key) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/pbkdf2.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/pbkdf2.go +new file mode 100644 +index 00000000000000..1f1b25d36981c3 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/pbkdf2.go +@@ -0,0 +1,65 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build darwin ++ ++package xcrypto ++ ++// #include ++import "C" ++import ( ++ "errors" ++ "hash" ++ "unsafe" ++ ++ "github.com/microsoft/go-crypto-darwin/internal/cryptokit" ++) ++ ++func PBKDF2(password, salt []byte, iter, keyLen int, fh func() hash.Hash) ([]byte, error) { ++ // Map Go hash function to CommonCrypto hash constant ++ ccDigest, err := hashToCCDigestPBKDF2(fh()) ++ if err != nil { ++ return nil, err ++ } ++ ++ if len(password) == 0 { ++ // CommonCrypto requires a non-empty password ++ // Substitute empty password with placeholder ++ password = make([]byte, 1) ++ } ++ ++ // Allocate output buffer for the derived key ++ derivedKey := make([]byte, keyLen) ++ ++ // Call CommonCrypto's PBKDF2 implementation ++ status := C.CCKeyDerivationPBKDF( ++ C.kCCPBKDF2, // PBKDF2 algorithm ++ sbase(password), C.size_t(len(password)), // Password and its length ++ base(salt), C.size_t(len(salt)), // Salt and its length ++ ccDigest, // Digest algorithm ++ C.uint(iter), // Iteration count ++ (*C.uchar)(unsafe.Pointer(&derivedKey[0])), C.size_t(keyLen), // Output buffer for derived key and its length ++ ) ++ ++ if status != C.kCCSuccess { ++ return nil, errors.New("PBKDF2 key derivation failed") ++ } ++ ++ return derivedKey, nil ++} ++ ++// Mapping Go hash functions to CommonCrypto hash constants ++func hashToCCDigestPBKDF2(hash hash.Hash) (C.CCAlgorithm, error) { ++ switch hash.(type) { ++ case cryptokit.SHA1Hash: ++ return C.kCCPRFHmacAlgSHA1, nil ++ case cryptokit.SHA256Hash: ++ return C.kCCPRFHmacAlgSHA256, nil ++ case cryptokit.SHA384Hash: ++ return C.kCCPRFHmacAlgSHA384, nil ++ case cryptokit.SHA512Hash: ++ return C.kCCPRFHmacAlgSHA512, nil ++ default: ++ return 0, errors.New("unsupported hash function") ++ } ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/rand.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/rand.go +new file mode 100644 +index 00000000000000..e58c0b3b19a68b +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/rand.go +@@ -0,0 +1,26 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build darwin ++ ++package xcrypto ++ ++// #include ++import "C" ++import ( ++ "errors" ++ "unsafe" ++) ++ ++type randReader int ++ ++func (randReader) Read(b []byte) (int, error) { ++ // Note: RAND_bytes should never fail; the return value exists only for historical reasons. ++ // We check it even so. ++ if len(b) > 0 && C.SecRandomCopyBytes(C.kSecRandomDefault, C.size_t(len(b)), unsafe.Pointer(&b[0])) != 0 { ++ return 0, errors.New("crypto/rand: unable to read from source") ++ } ++ return len(b), nil ++} ++ ++const RandReader = randReader(0) +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/rc4.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/rc4.go +new file mode 100644 +index 00000000000000..e30a9e10ae3730 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/rc4.go +@@ -0,0 +1,83 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build darwin ++ ++package xcrypto ++ ++// #include ++import "C" ++import ( ++ "errors" ++ "runtime" ++ "slices" ++ "unsafe" ++) ++ ++// RC4Cipher is an instance of RC4 using a particular key. ++type RC4Cipher struct { ++ ctx C.CCCryptorRef ++} ++ ++// NewRC4Cipher creates and returns a new RC4 cipher with the given key. ++func NewRC4Cipher(key []byte) (*RC4Cipher, error) { ++ // Clone the key to prevent modification. ++ key = slices.Clone(key) ++ var ctx C.CCCryptorRef ++ status := C.CCCryptorCreate( ++ C.kCCEncrypt, // Operation (RC4 stream) ++ C.kCCAlgorithmRC4, // Algorithm ++ 0, // No padding or other options ++ pbase(key), // Key ++ C.size_t(len(key)), // Key length ++ nil, // No IV needed for RC4 ++ &ctx, // Output: CCCryptorRef ++ ) ++ if status != C.kCCSuccess { ++ return nil, errors.New("failed to create RC4 cipher") ++ } ++ c := &RC4Cipher{ctx: ctx} ++ runtime.SetFinalizer(c, (*RC4Cipher).finalize) ++ return c, nil ++} ++ ++// finalize releases the RC4 cipher context when no longer needed. ++func (c *RC4Cipher) finalize() { ++ if c.ctx != nil { ++ C.CCCryptorRelease(c.ctx) ++ } ++} ++ ++// Reset zeros the key data and makes the cipher unusable. ++func (c *RC4Cipher) Reset() { ++ if c.ctx != nil { ++ C.CCCryptorRelease(c.ctx) ++ c.ctx = nil ++ } ++} ++ ++// XORKeyStream sets dst to the result of XORing src with the key stream. ++func (c *RC4Cipher) XORKeyStream(dst, src []byte) { ++ if c.ctx == nil || len(src) == 0 { ++ return ++ } ++ if inexactOverlap(dst[:len(src)], src) { ++ panic("crypto/rc4: invalid buffer overlap") ++ } ++ // Ensures `dst` has sufficient space. ++ _ = dst[len(src)-1] ++ var outLen C.size_t ++ status := C.CCCryptorUpdate( ++ c.ctx, ++ unsafe.Pointer(&*addrNeverEmpty(src)), C.size_t(len(src)), // Input ++ unsafe.Pointer(&*addrNeverEmpty(dst)), C.size_t(len(dst)), // Output ++ &outLen, ++ ) ++ if status != C.kCCSuccess { ++ panic("crypto/cipher: CCCryptorUpdate failed") ++ } ++ if int(outLen) != len(src) { ++ panic("crypto/rc4: src not fully XORed") ++ } ++ runtime.KeepAlive(c) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/rsa.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/rsa.go +new file mode 100644 +index 00000000000000..63df684569e671 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/rsa.go +@@ -0,0 +1,194 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build darwin ++ ++package xcrypto ++ ++// #include ++import "C" ++import ( ++ "crypto" ++ "errors" ++ "hash" ++ "runtime" ++ "strconv" ++) ++ ++// GenerateKeyRSA generates an RSA key pair on macOS. ++// asn1Data is encoded as PKCS#1 ASN1 DER. ++func GenerateKeyRSA(bits int) (asn1Data []byte, err error) { ++ privKeyDER, privKeyRef, err := createSecKeyRandom(C.kSecAttrKeyTypeRSA, bits) ++ if err != nil { ++ return nil, err ++ } ++ C.CFRelease(C.CFTypeRef(privKeyRef)) ++ return privKeyDER, nil ++} ++ ++type PublicKeyRSA struct { ++ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. ++ _pkey C.SecKeyRef ++} ++ ++func (k *PublicKeyRSA) finalize() { ++ if k._pkey != 0 { ++ C.CFRelease(C.CFTypeRef(k._pkey)) ++ } ++} ++ ++// NewPublicKeyRSA creates a new RSA public key from ASN1 DER encoded data. ++func NewPublicKeyRSA(asn1Data []byte) (*PublicKeyRSA, error) { ++ pubKeyRef, err := createSecKeyWithData(asn1Data, C.kSecAttrKeyTypeRSA, C.kSecAttrKeyClassPublic) ++ if err != nil { ++ return nil, err ++ } ++ ++ key := &PublicKeyRSA{_pkey: pubKeyRef} ++ runtime.SetFinalizer(key, (*PublicKeyRSA).finalize) ++ return key, nil ++} ++ ++func (k *PublicKeyRSA) withKey(f func(C.SecKeyRef) C.int) C.int { ++ // Because of the finalizer, any time key is passed to cgo, that call must ++ // be followed by a call to runtime.KeepAlive, to make sure k is not ++ // collected (and finalized) before the cgo call returns. ++ defer runtime.KeepAlive(k) ++ return f(k._pkey) ++} ++ ++type PrivateKeyRSA struct { ++ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. ++ _pkey C.SecKeyRef ++} ++ ++func (k *PrivateKeyRSA) finalize() { ++ if k._pkey != 0 { ++ C.CFRelease(C.CFTypeRef(k._pkey)) ++ } ++} ++ ++// NewPrivateKeyRSA creates a new RSA private key from ASN1 DER encoded data. ++func NewPrivateKeyRSA(asn1Data []byte) (*PrivateKeyRSA, error) { ++ privKeyRef, err := createSecKeyWithData(asn1Data, C.kSecAttrKeyTypeRSA, C.kSecAttrKeyClassPrivate) ++ if err != nil { ++ return nil, err ++ } ++ ++ key := &PrivateKeyRSA{_pkey: privKeyRef} ++ runtime.SetFinalizer(key, (*PrivateKeyRSA).finalize) ++ return key, nil ++} ++ ++func (k *PrivateKeyRSA) PublicKey() *PublicKeyRSA { ++ var pubKeyRef C.SecKeyRef ++ k.withKey(func(key C.SecKeyRef) C.int { ++ pubKeyRef = C.SecKeyCopyPublicKey(k._pkey) ++ return 0 ++ }) ++ pubKey := &PublicKeyRSA{_pkey: pubKeyRef} ++ runtime.SetFinalizer(pubKey, (*PublicKeyRSA).finalize) ++ return pubKey ++} ++ ++func (k *PrivateKeyRSA) withKey(f func(C.SecKeyRef) C.int) C.int { ++ // Because of the finalizer, any time _pkey is passed to cgo, that call must ++ // be followed by a call to runtime.KeepAlive, to make sure k is not ++ // collected (and finalized) before the cgo call returns. ++ defer runtime.KeepAlive(k) ++ return f(k._pkey) ++} ++ ++// DecryptRSAOAEP decrypts data using RSA-OAEP. ++func DecryptRSAOAEP(h hash.Hash, priv *PrivateKeyRSA, ciphertext, label []byte) ([]byte, error) { ++ if len(label) > 0 { ++ // https://github.com/microsoft/go-crypto-darwin/issues/22 ++ panic("crypto/rsa: label is not supported on macOS") ++ } ++ return evpDecrypt(priv.withKey, algorithmTypeOAEP, ciphertext, h) ++} ++ ++// EncryptRSAOAEP encrypts data using RSA-OAEP. ++func EncryptRSAOAEP(h hash.Hash, pub *PublicKeyRSA, msg, label []byte) ([]byte, error) { ++ if len(label) > 0 { ++ // https://github.com/microsoft/go-crypto-darwin/issues/22 ++ panic("crypto/rsa: label is not supported on macOS") ++ } ++ return evpEncrypt(pub.withKey, algorithmTypeOAEP, msg, h) ++} ++ ++// SignRSAPSS signs data with RSA-PSS. ++func SignRSAPSS(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte, saltLen int) ([]byte, error) { ++ return evpSign(priv.withKey, algorithmTypePSS, h, hashed) ++} ++ ++// VerifyRSAPSS verifies data with RSA-PSS. ++func VerifyRSAPSS(pub *PublicKeyRSA, h crypto.Hash, hashed, sig []byte, saltLen int) error { ++ return evpVerify(pub.withKey, algorithmTypePSS, h, hashed, sig) ++} ++ ++func SignRSAPKCS1v15(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte) ([]byte, error) { ++ return evpSign(priv.withKey, algorithmTypePKCS1v15Sig, h, hashed) ++} ++ ++func VerifyRSAPKCS1v15(pub *PublicKeyRSA, h crypto.Hash, hashed, sig []byte) error { ++ if pub.withKey(func(key C.SecKeyRef) C.int { ++ size := C.SecKeyGetBlockSize(key) ++ if len(sig) < int(size) { ++ return 0 ++ } ++ return 1 ++ }) == 0 { ++ return errors.New("crypto/rsa: verification error") ++ } ++ return evpVerify(pub.withKey, algorithmTypePKCS1v15Sig, h, hashed, sig) ++} ++ ++// DecryptRSAPKCS1 decrypts data using RSA PKCS#1 v1.5 padding. ++func DecryptRSAPKCS1(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error) { ++ return evpDecrypt(priv.withKey, algorithmTypePKCS1v15Enc, ciphertext, nil) ++} ++ ++// EncryptRSAPKCS1 encrypts data using RSA PKCS#1 v1.5 padding. ++func EncryptRSAPKCS1(pub *PublicKeyRSA, msg []byte) ([]byte, error) { ++ return evpEncrypt(pub.withKey, algorithmTypePKCS1v15Enc, msg, nil) ++} ++ ++func DecryptRSANoPadding(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error) { ++ return evpDecrypt(priv.withKey, algorithmTypeRAW, ciphertext, nil) ++} ++ ++func EncryptRSANoPadding(pub *PublicKeyRSA, msg []byte) ([]byte, error) { ++ return evpEncrypt(pub.withKey, algorithmTypeRAW, msg, nil) ++} ++ ++// Helper functions ++ ++type cfError struct { ++ code int ++ message string ++} ++ ++func (e *cfError) Error() string { ++ if e.message == "" { ++ return "CFError(" + strconv.Itoa(e.code) + "): unknown error" ++ } ++ return "CFError(" + strconv.Itoa(e.code) + "): " + e.message ++} ++ ++func goCFErrorRef(ref C.CFErrorRef) error { ++ if ref == 0 { ++ return nil ++ } ++ var message string ++ if desc := C.CFErrorCopyDescription(ref); desc != C.CFStringRef(0) { ++ defer C.CFRelease(C.CFTypeRef(desc)) ++ if cstr := C.CFStringGetCStringPtr(desc, C.kCFStringEncodingUTF8); cstr != nil { ++ message = C.GoString(cstr) ++ } ++ } ++ return &cfError{ ++ code: int(C.CFErrorGetCode(ref)), ++ message: message, ++ } ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/xcrypto.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/xcrypto.go +new file mode 100644 +index 00000000000000..d6b428e7ebb68b +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/xcrypto.go +@@ -0,0 +1,49 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build darwin ++ ++package xcrypto ++ ++// #cgo CFLAGS: -Wno-deprecated-declarations ++// #cgo LDFLAGS: -framework Security -framework CoreFoundation ++import "C" ++import "unsafe" ++ ++var zero byte ++ ++// base returns the address of the underlying array in b, ++// being careful not to panic when b has zero length. ++func base(b []byte) *C.uchar { ++ return (*C.uchar)(unsafe.Pointer(addr(b))) ++} ++ ++func sbase(b []byte) *C.char { ++ return (*C.char)(unsafe.Pointer(addr(b))) ++} ++ ++func pbase(b []byte) unsafe.Pointer { ++ return unsafe.Pointer(addr(b)) ++} ++ ++// base returns the address of the underlying array in b, ++// being careful not to panic when b has zero length. ++// If b is empty, it returns a pointer to a zero byte ++// so that it can always be dereferenced. ++func addr(b []byte) *byte { ++ if len(b) == 0 { ++ return &zero ++ } ++ return unsafe.SliceData(b) ++} ++ ++// addrNeverEmpty returns the address of the underlying array in b, ++// being careful not to panic when b has zero length. ++// If b is empty, it returns a pointer to a zero byte ++// so that it can always be dereferenced. ++func addrNeverEmpty(b []byte) *byte { ++ if len(b) == 0 { ++ return &zero ++ } ++ return unsafe.SliceData(b) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/LICENSE b/src/vendor/github.com/microsoft/go-crypto-openssl/LICENSE +new file mode 100644 +index 00000000000000..48ea6616b5b858 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/LICENSE +@@ -0,0 +1,21 @@ ++MIT License ++ ++Copyright (c) Microsoft Corporation. ++ ++Permission is hereby granted, free of charge, to any person obtaining a copy ++of this software and associated documentation files (the "Software"), to deal ++in the Software without restriction, including without limitation the rights ++to use, copy, modify, merge, publish, distribute, sublicense, and/or sell ++copies of the Software, and to permit persons to whom the Software is ++furnished to do so, subject to the following conditions: ++ ++The above copyright notice and this permission notice shall be included in all ++copies or substantial portions of the Software. ++ ++THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR ++IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, ++FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE ++AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER ++LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, ++OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE ++SOFTWARE +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/bbig/big.go b/src/vendor/github.com/microsoft/go-crypto-openssl/bbig/big.go +new file mode 100644 +index 00000000000000..32ce383bd966c2 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/bbig/big.go +@@ -0,0 +1,40 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++// Copyright 2022 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++// This is a mirror of ++// https://github.com/golang/go/blob/36b87f273cc43e21685179dc1664ebb5493d26ae/src/crypto/internal/boring/bbig/big.go. ++ ++package bbig ++ ++import ( ++ "math/big" ++ "unsafe" ++ ++ "github.com/microsoft/go-crypto-openssl/openssl" ++) ++ ++func Enc(b *big.Int) openssl.BigInt { ++ if b == nil { ++ return nil ++ } ++ x := b.Bits() ++ if len(x) == 0 { ++ return openssl.BigInt{} ++ } ++ return unsafe.Slice((*uint)(&x[0]), len(x)) ++} ++ ++func Dec(b openssl.BigInt) *big.Int { ++ if b == nil { ++ return nil ++ } ++ if len(b) == 0 { ++ return new(big.Int) ++ } ++ x := unsafe.Slice((*big.Word)(&b[0]), len(b)) ++ return new(big.Int).SetBits(x) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_amd64.h b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_amd64.h +new file mode 100644 +index 00000000000000..9949435fe9e0ae +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_amd64.h +@@ -0,0 +1,99 @@ ++// Copyright 2021 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++// Macros for transitioning from the host ABI to Go ABI0. ++// ++// These save the frame pointer, so in general, functions that use ++// these should have zero frame size to suppress the automatic frame ++// pointer, though it's harmless to not do this. ++ ++#ifdef GOOS_windows ++ ++// REGS_HOST_TO_ABI0_STACK is the stack bytes used by ++// PUSH_REGS_HOST_TO_ABI0. ++#define REGS_HOST_TO_ABI0_STACK (28*8 + 8) ++ ++// PUSH_REGS_HOST_TO_ABI0 prepares for transitioning from ++// the host ABI to Go ABI0 code. It saves all registers that are ++// callee-save in the host ABI and caller-save in Go ABI0 and prepares ++// for entry to Go. ++// ++// Save DI SI BP BX R12 R13 R14 R15 X6-X15 registers and the DF flag. ++// Clear the DF flag for the Go ABI. ++// MXCSR matches the Go ABI, so we don't have to set that, ++// and Go doesn't modify it, so we don't have to save it. ++#define PUSH_REGS_HOST_TO_ABI0() \ ++ PUSHFQ \ ++ CLD \ ++ ADJSP $(REGS_HOST_TO_ABI0_STACK - 8) \ ++ MOVQ DI, (0*0)(SP) \ ++ MOVQ SI, (1*8)(SP) \ ++ MOVQ BP, (2*8)(SP) \ ++ MOVQ BX, (3*8)(SP) \ ++ MOVQ R12, (4*8)(SP) \ ++ MOVQ R13, (5*8)(SP) \ ++ MOVQ R14, (6*8)(SP) \ ++ MOVQ R15, (7*8)(SP) \ ++ MOVUPS X6, (8*8)(SP) \ ++ MOVUPS X7, (10*8)(SP) \ ++ MOVUPS X8, (12*8)(SP) \ ++ MOVUPS X9, (14*8)(SP) \ ++ MOVUPS X10, (16*8)(SP) \ ++ MOVUPS X11, (18*8)(SP) \ ++ MOVUPS X12, (20*8)(SP) \ ++ MOVUPS X13, (22*8)(SP) \ ++ MOVUPS X14, (24*8)(SP) \ ++ MOVUPS X15, (26*8)(SP) ++ ++#define POP_REGS_HOST_TO_ABI0() \ ++ MOVQ (0*0)(SP), DI \ ++ MOVQ (1*8)(SP), SI \ ++ MOVQ (2*8)(SP), BP \ ++ MOVQ (3*8)(SP), BX \ ++ MOVQ (4*8)(SP), R12 \ ++ MOVQ (5*8)(SP), R13 \ ++ MOVQ (6*8)(SP), R14 \ ++ MOVQ (7*8)(SP), R15 \ ++ MOVUPS (8*8)(SP), X6 \ ++ MOVUPS (10*8)(SP), X7 \ ++ MOVUPS (12*8)(SP), X8 \ ++ MOVUPS (14*8)(SP), X9 \ ++ MOVUPS (16*8)(SP), X10 \ ++ MOVUPS (18*8)(SP), X11 \ ++ MOVUPS (20*8)(SP), X12 \ ++ MOVUPS (22*8)(SP), X13 \ ++ MOVUPS (24*8)(SP), X14 \ ++ MOVUPS (26*8)(SP), X15 \ ++ ADJSP $-(REGS_HOST_TO_ABI0_STACK - 8) \ ++ POPFQ ++ ++#else ++// SysV ABI ++ ++#define REGS_HOST_TO_ABI0_STACK (6*8) ++ ++// SysV MXCSR matches the Go ABI, so we don't have to set that, ++// and Go doesn't modify it, so we don't have to save it. ++// Both SysV and Go require DF to be cleared, so that's already clear. ++// The SysV and Go frame pointer conventions are compatible. ++#define PUSH_REGS_HOST_TO_ABI0() \ ++ ADJSP $(REGS_HOST_TO_ABI0_STACK) \ ++ MOVQ BP, (5*8)(SP) \ ++ LEAQ (5*8)(SP), BP \ ++ MOVQ BX, (0*8)(SP) \ ++ MOVQ R12, (1*8)(SP) \ ++ MOVQ R13, (2*8)(SP) \ ++ MOVQ R14, (3*8)(SP) \ ++ MOVQ R15, (4*8)(SP) ++ ++#define POP_REGS_HOST_TO_ABI0() \ ++ MOVQ (0*8)(SP), BX \ ++ MOVQ (1*8)(SP), R12 \ ++ MOVQ (2*8)(SP), R13 \ ++ MOVQ (3*8)(SP), R14 \ ++ MOVQ (4*8)(SP), R15 \ ++ MOVQ (5*8)(SP), BP \ ++ ADJSP $-(REGS_HOST_TO_ABI0_STACK) ++ ++#endif +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_arm64.h b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_arm64.h +new file mode 100644 +index 00000000000000..5d5061ec1dbf8c +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_arm64.h +@@ -0,0 +1,39 @@ ++// Copyright 2021 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++// Macros for transitioning from the host ABI to Go ABI0. ++// ++// These macros save and restore the callee-saved registers ++// from the stack, but they don't adjust stack pointer, so ++// the user should prepare stack space in advance. ++// SAVE_R19_TO_R28(offset) saves R19 ~ R28 to the stack space ++// of ((offset)+0*8)(RSP) ~ ((offset)+9*8)(RSP). ++// ++// SAVE_F8_TO_F15(offset) saves F8 ~ F15 to the stack space ++// of ((offset)+0*8)(RSP) ~ ((offset)+7*8)(RSP). ++// ++// R29 is not saved because Go will save and restore it. ++ ++#define SAVE_R19_TO_R28(offset) \ ++ STP (R19, R20), ((offset)+0*8)(RSP) \ ++ STP (R21, R22), ((offset)+2*8)(RSP) \ ++ STP (R23, R24), ((offset)+4*8)(RSP) \ ++ STP (R25, R26), ((offset)+6*8)(RSP) \ ++ STP (R27, g), ((offset)+8*8)(RSP) ++#define RESTORE_R19_TO_R28(offset) \ ++ LDP ((offset)+0*8)(RSP), (R19, R20) \ ++ LDP ((offset)+2*8)(RSP), (R21, R22) \ ++ LDP ((offset)+4*8)(RSP), (R23, R24) \ ++ LDP ((offset)+6*8)(RSP), (R25, R26) \ ++ LDP ((offset)+8*8)(RSP), (R27, g) /* R28 */ ++#define SAVE_F8_TO_F15(offset) \ ++ FSTPD (F8, F9), ((offset)+0*8)(RSP) \ ++ FSTPD (F10, F11), ((offset)+2*8)(RSP) \ ++ FSTPD (F12, F13), ((offset)+4*8)(RSP) \ ++ FSTPD (F14, F15), ((offset)+6*8)(RSP) ++#define RESTORE_F8_TO_F15(offset) \ ++ FLDPD ((offset)+0*8)(RSP), (F8, F9) \ ++ FLDPD ((offset)+2*8)(RSP), (F10, F11) \ ++ FLDPD ((offset)+4*8)(RSP), (F12, F13) \ ++ FLDPD ((offset)+6*8)(RSP), (F14, F15) +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_loong64.h b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_loong64.h +new file mode 100644 +index 00000000000000..b10d83732f1c6e +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_loong64.h +@@ -0,0 +1,60 @@ ++// Copyright 2022 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++// Macros for transitioning from the host ABI to Go ABI0. ++// ++// These macros save and restore the callee-saved registers ++// from the stack, but they don't adjust stack pointer, so ++// the user should prepare stack space in advance. ++// SAVE_R22_TO_R31(offset) saves R22 ~ R31 to the stack space ++// of ((offset)+0*8)(R3) ~ ((offset)+9*8)(R3). ++// ++// SAVE_F24_TO_F31(offset) saves F24 ~ F31 to the stack space ++// of ((offset)+0*8)(R3) ~ ((offset)+7*8)(R3). ++// ++// Note: g is R22 ++ ++#define SAVE_R22_TO_R31(offset) \ ++ MOVV g, ((offset)+(0*8))(R3) \ ++ MOVV R23, ((offset)+(1*8))(R3) \ ++ MOVV R24, ((offset)+(2*8))(R3) \ ++ MOVV R25, ((offset)+(3*8))(R3) \ ++ MOVV R26, ((offset)+(4*8))(R3) \ ++ MOVV R27, ((offset)+(5*8))(R3) \ ++ MOVV R28, ((offset)+(6*8))(R3) \ ++ MOVV R29, ((offset)+(7*8))(R3) \ ++ MOVV R30, ((offset)+(8*8))(R3) \ ++ MOVV R31, ((offset)+(9*8))(R3) ++ ++#define SAVE_F24_TO_F31(offset) \ ++ MOVD F24, ((offset)+(0*8))(R3) \ ++ MOVD F25, ((offset)+(1*8))(R3) \ ++ MOVD F26, ((offset)+(2*8))(R3) \ ++ MOVD F27, ((offset)+(3*8))(R3) \ ++ MOVD F28, ((offset)+(4*8))(R3) \ ++ MOVD F29, ((offset)+(5*8))(R3) \ ++ MOVD F30, ((offset)+(6*8))(R3) \ ++ MOVD F31, ((offset)+(7*8))(R3) ++ ++#define RESTORE_R22_TO_R31(offset) \ ++ MOVV ((offset)+(0*8))(R3), g \ ++ MOVV ((offset)+(1*8))(R3), R23 \ ++ MOVV ((offset)+(2*8))(R3), R24 \ ++ MOVV ((offset)+(3*8))(R3), R25 \ ++ MOVV ((offset)+(4*8))(R3), R26 \ ++ MOVV ((offset)+(5*8))(R3), R27 \ ++ MOVV ((offset)+(6*8))(R3), R28 \ ++ MOVV ((offset)+(7*8))(R3), R29 \ ++ MOVV ((offset)+(8*8))(R3), R30 \ ++ MOVV ((offset)+(9*8))(R3), R31 ++ ++#define RESTORE_F24_TO_F31(offset) \ ++ MOVD ((offset)+(0*8))(R3), F24 \ ++ MOVD ((offset)+(1*8))(R3), F25 \ ++ MOVD ((offset)+(2*8))(R3), F26 \ ++ MOVD ((offset)+(3*8))(R3), F27 \ ++ MOVD ((offset)+(4*8))(R3), F28 \ ++ MOVD ((offset)+(5*8))(R3), F29 \ ++ MOVD ((offset)+(6*8))(R3), F30 \ ++ MOVD ((offset)+(7*8))(R3), F31 +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_ppc64x.h b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_ppc64x.h +new file mode 100644 +index 00000000000000..245a5266f6e9fa +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_ppc64x.h +@@ -0,0 +1,195 @@ ++// Copyright 2023 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++// Macros for transitioning from the host ABI to Go ABI ++// ++// On PPC64/ELFv2 targets, the following registers are callee ++// saved when called from C. They must be preserved before ++// calling into Go which does not preserve any of them. ++// ++// R14-R31 ++// CR2-4 ++// VR20-31 ++// F14-F31 ++// ++// xcoff(aix) and ELFv1 are similar, but may only require a ++// subset of these. ++// ++// These macros assume a 16 byte aligned stack pointer. This ++// is required by ELFv1, ELFv2, and AIX PPC64. ++ ++#define SAVE_GPR_SIZE (18*8) ++#define SAVE_GPR(offset) \ ++ MOVD R14, (offset+8*0)(R1) \ ++ MOVD R15, (offset+8*1)(R1) \ ++ MOVD R16, (offset+8*2)(R1) \ ++ MOVD R17, (offset+8*3)(R1) \ ++ MOVD R18, (offset+8*4)(R1) \ ++ MOVD R19, (offset+8*5)(R1) \ ++ MOVD R20, (offset+8*6)(R1) \ ++ MOVD R21, (offset+8*7)(R1) \ ++ MOVD R22, (offset+8*8)(R1) \ ++ MOVD R23, (offset+8*9)(R1) \ ++ MOVD R24, (offset+8*10)(R1) \ ++ MOVD R25, (offset+8*11)(R1) \ ++ MOVD R26, (offset+8*12)(R1) \ ++ MOVD R27, (offset+8*13)(R1) \ ++ MOVD R28, (offset+8*14)(R1) \ ++ MOVD R29, (offset+8*15)(R1) \ ++ MOVD g, (offset+8*16)(R1) \ ++ MOVD R31, (offset+8*17)(R1) ++ ++#define RESTORE_GPR(offset) \ ++ MOVD (offset+8*0)(R1), R14 \ ++ MOVD (offset+8*1)(R1), R15 \ ++ MOVD (offset+8*2)(R1), R16 \ ++ MOVD (offset+8*3)(R1), R17 \ ++ MOVD (offset+8*4)(R1), R18 \ ++ MOVD (offset+8*5)(R1), R19 \ ++ MOVD (offset+8*6)(R1), R20 \ ++ MOVD (offset+8*7)(R1), R21 \ ++ MOVD (offset+8*8)(R1), R22 \ ++ MOVD (offset+8*9)(R1), R23 \ ++ MOVD (offset+8*10)(R1), R24 \ ++ MOVD (offset+8*11)(R1), R25 \ ++ MOVD (offset+8*12)(R1), R26 \ ++ MOVD (offset+8*13)(R1), R27 \ ++ MOVD (offset+8*14)(R1), R28 \ ++ MOVD (offset+8*15)(R1), R29 \ ++ MOVD (offset+8*16)(R1), g \ ++ MOVD (offset+8*17)(R1), R31 ++ ++#define SAVE_FPR_SIZE (18*8) ++#define SAVE_FPR(offset) \ ++ FMOVD F14, (offset+8*0)(R1) \ ++ FMOVD F15, (offset+8*1)(R1) \ ++ FMOVD F16, (offset+8*2)(R1) \ ++ FMOVD F17, (offset+8*3)(R1) \ ++ FMOVD F18, (offset+8*4)(R1) \ ++ FMOVD F19, (offset+8*5)(R1) \ ++ FMOVD F20, (offset+8*6)(R1) \ ++ FMOVD F21, (offset+8*7)(R1) \ ++ FMOVD F22, (offset+8*8)(R1) \ ++ FMOVD F23, (offset+8*9)(R1) \ ++ FMOVD F24, (offset+8*10)(R1) \ ++ FMOVD F25, (offset+8*11)(R1) \ ++ FMOVD F26, (offset+8*12)(R1) \ ++ FMOVD F27, (offset+8*13)(R1) \ ++ FMOVD F28, (offset+8*14)(R1) \ ++ FMOVD F29, (offset+8*15)(R1) \ ++ FMOVD F30, (offset+8*16)(R1) \ ++ FMOVD F31, (offset+8*17)(R1) ++ ++#define RESTORE_FPR(offset) \ ++ FMOVD (offset+8*0)(R1), F14 \ ++ FMOVD (offset+8*1)(R1), F15 \ ++ FMOVD (offset+8*2)(R1), F16 \ ++ FMOVD (offset+8*3)(R1), F17 \ ++ FMOVD (offset+8*4)(R1), F18 \ ++ FMOVD (offset+8*5)(R1), F19 \ ++ FMOVD (offset+8*6)(R1), F20 \ ++ FMOVD (offset+8*7)(R1), F21 \ ++ FMOVD (offset+8*8)(R1), F22 \ ++ FMOVD (offset+8*9)(R1), F23 \ ++ FMOVD (offset+8*10)(R1), F24 \ ++ FMOVD (offset+8*11)(R1), F25 \ ++ FMOVD (offset+8*12)(R1), F26 \ ++ FMOVD (offset+8*13)(R1), F27 \ ++ FMOVD (offset+8*14)(R1), F28 \ ++ FMOVD (offset+8*15)(R1), F29 \ ++ FMOVD (offset+8*16)(R1), F30 \ ++ FMOVD (offset+8*17)(R1), F31 ++ ++// Save and restore VR20-31 (aka VSR56-63). These ++// macros must point to a 16B aligned offset. ++#define SAVE_VR_SIZE (12*16) ++#define SAVE_VR(offset, rtmp) \ ++ MOVD $(offset+16*0), rtmp \ ++ STVX V20, (rtmp)(R1) \ ++ MOVD $(offset+16*1), rtmp \ ++ STVX V21, (rtmp)(R1) \ ++ MOVD $(offset+16*2), rtmp \ ++ STVX V22, (rtmp)(R1) \ ++ MOVD $(offset+16*3), rtmp \ ++ STVX V23, (rtmp)(R1) \ ++ MOVD $(offset+16*4), rtmp \ ++ STVX V24, (rtmp)(R1) \ ++ MOVD $(offset+16*5), rtmp \ ++ STVX V25, (rtmp)(R1) \ ++ MOVD $(offset+16*6), rtmp \ ++ STVX V26, (rtmp)(R1) \ ++ MOVD $(offset+16*7), rtmp \ ++ STVX V27, (rtmp)(R1) \ ++ MOVD $(offset+16*8), rtmp \ ++ STVX V28, (rtmp)(R1) \ ++ MOVD $(offset+16*9), rtmp \ ++ STVX V29, (rtmp)(R1) \ ++ MOVD $(offset+16*10), rtmp \ ++ STVX V30, (rtmp)(R1) \ ++ MOVD $(offset+16*11), rtmp \ ++ STVX V31, (rtmp)(R1) ++ ++#define RESTORE_VR(offset, rtmp) \ ++ MOVD $(offset+16*0), rtmp \ ++ LVX (rtmp)(R1), V20 \ ++ MOVD $(offset+16*1), rtmp \ ++ LVX (rtmp)(R1), V21 \ ++ MOVD $(offset+16*2), rtmp \ ++ LVX (rtmp)(R1), V22 \ ++ MOVD $(offset+16*3), rtmp \ ++ LVX (rtmp)(R1), V23 \ ++ MOVD $(offset+16*4), rtmp \ ++ LVX (rtmp)(R1), V24 \ ++ MOVD $(offset+16*5), rtmp \ ++ LVX (rtmp)(R1), V25 \ ++ MOVD $(offset+16*6), rtmp \ ++ LVX (rtmp)(R1), V26 \ ++ MOVD $(offset+16*7), rtmp \ ++ LVX (rtmp)(R1), V27 \ ++ MOVD $(offset+16*8), rtmp \ ++ LVX (rtmp)(R1), V28 \ ++ MOVD $(offset+16*9), rtmp \ ++ LVX (rtmp)(R1), V29 \ ++ MOVD $(offset+16*10), rtmp \ ++ LVX (rtmp)(R1), V30 \ ++ MOVD $(offset+16*11), rtmp \ ++ LVX (rtmp)(R1), V31 ++ ++// LR and CR are saved in the caller's frame. The callee must ++// make space for all other callee-save registers. ++#define SAVE_ALL_REG_SIZE (SAVE_GPR_SIZE+SAVE_FPR_SIZE+SAVE_VR_SIZE) ++ ++// Stack a frame and save all callee-save registers following the ++// host OS's ABI. Fortunately, this is identical for AIX, ELFv1, and ++// ELFv2. All host ABIs require the stack pointer to maintain 16 byte ++// alignment, and save the callee-save registers in the same places. ++// ++// To restate, R1 is assumed to be aligned when this macro is used. ++// This assumes the caller's frame is compliant with the host ABI. ++// CR and LR are saved into the caller's frame per the host ABI. ++// R0 is initialized to $0 as expected by Go. ++#define STACK_AND_SAVE_HOST_TO_GO_ABI(extra) \ ++ MOVD LR, R0 \ ++ MOVD R0, 16(R1) \ ++ MOVW CR, R0 \ ++ MOVD R0, 8(R1) \ ++ MOVDU R1, -(extra)-FIXED_FRAME-SAVE_ALL_REG_SIZE(R1) \ ++ SAVE_GPR(extra+FIXED_FRAME) \ ++ SAVE_FPR(extra+FIXED_FRAME+SAVE_GPR_SIZE) \ ++ SAVE_VR(extra+FIXED_FRAME+SAVE_GPR_SIZE+SAVE_FPR_SIZE, R0) \ ++ MOVD $0, R0 ++ ++// This unstacks the frame, restoring all callee-save registers ++// as saved by STACK_AND_SAVE_HOST_TO_GO_ABI. ++// ++// R0 is not guaranteed to contain $0 after this macro. ++#define UNSTACK_AND_RESTORE_GO_TO_HOST_ABI(extra) \ ++ RESTORE_GPR(extra+FIXED_FRAME) \ ++ RESTORE_FPR(extra+FIXED_FRAME+SAVE_GPR_SIZE) \ ++ RESTORE_VR(extra+FIXED_FRAME+SAVE_GPR_SIZE+SAVE_FPR_SIZE, R0) \ ++ ADD $(extra+FIXED_FRAME+SAVE_ALL_REG_SIZE), R1 \ ++ MOVD 16(R1), R0 \ ++ MOVD R0, LR \ ++ MOVD 8(R1), R0 \ ++ MOVW R0, CR +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_riscv64.h b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_riscv64.h +new file mode 100644 +index 00000000000000..b9322e0c53e2ac +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_riscv64.h +@@ -0,0 +1,72 @@ ++// Copyright 2026 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++// Macros for transitioning from the host ABI to Go ABI0. ++// ++// These macros save and restore the callee-saved registers ++// from the stack, but they don't adjust stack pointer, so ++// the user should prepare stack space in advance. ++// SAVE_GPR(offset) saves X8, X9, X18-X27 to the stack space ++// of ((offset)+0*8)(X2) ~ ((offset)+11*8)(X2). ++// ++// SAVE_FPR(offset) saves F8, F9, F18-F27 to the stack space ++// of ((offset)+0*8)(X2) ~ ((offset)+11*8)(X2). ++// ++// Note: g is X27 ++ ++#define SAVE_GPR(offset) \ ++ MOV X8, ((offset)+0*8)(X2) \ ++ MOV X9, ((offset)+1*8)(X2) \ ++ MOV X18, ((offset)+2*8)(X2) \ ++ MOV X19, ((offset)+3*8)(X2) \ ++ MOV X20, ((offset)+4*8)(X2) \ ++ MOV X21, ((offset)+5*8)(X2) \ ++ MOV X22, ((offset)+6*8)(X2) \ ++ MOV X23, ((offset)+7*8)(X2) \ ++ MOV X24, ((offset)+8*8)(X2) \ ++ MOV X25, ((offset)+9*8)(X2) \ ++ MOV X26, ((offset)+10*8)(X2) \ ++ MOV g, ((offset)+11*8)(X2) ++ ++#define RESTORE_GPR(offset) \ ++ MOV ((offset)+0*8)(X2), X8 \ ++ MOV ((offset)+1*8)(X2), X9 \ ++ MOV ((offset)+2*8)(X2), X18 \ ++ MOV ((offset)+3*8)(X2), X19 \ ++ MOV ((offset)+4*8)(X2), X20 \ ++ MOV ((offset)+5*8)(X2), X21 \ ++ MOV ((offset)+6*8)(X2), X22 \ ++ MOV ((offset)+7*8)(X2), X23 \ ++ MOV ((offset)+8*8)(X2), X24 \ ++ MOV ((offset)+9*8)(X2), X25 \ ++ MOV ((offset)+10*8)(X2), X26 \ ++ MOV ((offset)+11*8)(X2), g ++ ++#define SAVE_FPR(offset) \ ++ MOVD F8, ((offset)+0*8)(X2) \ ++ MOVD F9, ((offset)+1*8)(X2) \ ++ MOVD F18, ((offset)+2*8)(X2) \ ++ MOVD F19, ((offset)+3*8)(X2) \ ++ MOVD F20, ((offset)+4*8)(X2) \ ++ MOVD F21, ((offset)+5*8)(X2) \ ++ MOVD F22, ((offset)+6*8)(X2) \ ++ MOVD F23, ((offset)+7*8)(X2) \ ++ MOVD F24, ((offset)+8*8)(X2) \ ++ MOVD F25, ((offset)+9*8)(X2) \ ++ MOVD F26, ((offset)+10*8)(X2) \ ++ MOVD F27, ((offset)+11*8)(X2) ++ ++#define RESTORE_FPR(offset) \ ++ MOVD ((offset)+0*8)(X2), F8 \ ++ MOVD ((offset)+1*8)(X2), F9 \ ++ MOVD ((offset)+2*8)(X2), F18 \ ++ MOVD ((offset)+3*8)(X2), F19 \ ++ MOVD ((offset)+4*8)(X2), F20 \ ++ MOVD ((offset)+5*8)(X2), F21 \ ++ MOVD ((offset)+6*8)(X2), F22 \ ++ MOVD ((offset)+7*8)(X2), F23 \ ++ MOVD ((offset)+8*8)(X2), F24 \ ++ MOVD ((offset)+9*8)(X2), F25 \ ++ MOVD ((offset)+10*8)(X2), F26 \ ++ MOVD ((offset)+11*8)(X2), F27 +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_386.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_386.s +new file mode 100644 +index 00000000000000..7475ec8a0b21fc +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_386.s +@@ -0,0 +1,29 @@ ++// Copyright 2009 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++#include "textflag.h" ++ ++// Called by C code generated by cmd/cgo. ++// func crosscall2(fn, a unsafe.Pointer, n int32, ctxt uintptr) ++// Saves C callee-saved registers and calls cgocallback with three arguments. ++// fn is the PC of a func(a unsafe.Pointer) function. ++TEXT crosscall2(SB), NOSPLIT, $28-16 ++ MOVL BP, 24(SP) ++ MOVL BX, 20(SP) ++ MOVL SI, 16(SP) ++ MOVL DI, 12(SP) ++ ++ MOVL ctxt+12(FP), AX ++ MOVL AX, 8(SP) ++ MOVL a+4(FP), AX ++ MOVL AX, 4(SP) ++ MOVL fn+0(FP), AX ++ MOVL AX, 0(SP) ++ CALL runtime·cgocallback(SB) ++ ++ MOVL 12(SP), DI ++ MOVL 16(SP), SI ++ MOVL 20(SP), BX ++ MOVL 24(SP), BP ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_amd64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_amd64.s +new file mode 100644 +index 00000000000000..2b7eb57f8ae783 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_amd64.s +@@ -0,0 +1,39 @@ ++// Copyright 2009 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++#include "textflag.h" ++#include "abi_amd64.h" ++ ++// Called by C code generated by cmd/cgo. ++// func crosscall2(fn, a unsafe.Pointer, n int32, ctxt uintptr) ++// Saves C callee-saved registers and calls cgocallback with three arguments. ++// fn is the PC of a func(a unsafe.Pointer) function. ++// This signature is known to SWIG, so we can't change it. ++TEXT crosscall2(SB), NOSPLIT, $0-0 ++ PUSH_REGS_HOST_TO_ABI0() ++ ++ // Make room for arguments to cgocallback. ++ ADJSP $0x18 ++ ++#ifndef GOOS_windows ++ MOVQ DI, 0x0(SP) // fn ++ MOVQ SI, 0x8(SP) // arg ++ ++ // Skip n in DX. ++ MOVQ CX, 0x10(SP) // ctxt ++ ++#else ++ MOVQ CX, 0x0(SP) // fn ++ MOVQ DX, 0x8(SP) // arg ++ ++ // Skip n in R8. ++ MOVQ R9, 0x10(SP) // ctxt ++ ++#endif ++ ++ CALL runtime·cgocallback(SB) ++ ++ ADJSP $-0x18 ++ POP_REGS_HOST_TO_ABI0() ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_arm.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_arm.s +new file mode 100644 +index 00000000000000..68034e6035aa44 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_arm.s +@@ -0,0 +1,52 @@ ++// Copyright 2012 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++#include "textflag.h" ++ ++// Called by C code generated by cmd/cgo. ++// func crosscall2(fn, a unsafe.Pointer, n int32, ctxt uintptr) ++// Saves C callee-saved registers and calls cgocallback with three arguments. ++// fn is the PC of a func(a unsafe.Pointer) function. ++TEXT crosscall2(SB), NOSPLIT|NOFRAME, $0 ++ SUB $(8*9), R13 // Reserve space for the floating point registers. ++ ++ // The C arguments arrive in R0, R1, R2, and R3. We want to ++ // pass R0, R1, and R3 to Go, so we push those on the stack. ++ // Also, save C callee-save registers R4-R12. ++ MOVM.WP [R0, R1, R3, R4, R5, R6, R7, R8, R9, g, R11, R12], (R13) ++ ++ // Finally, save the link register R14. This also puts the ++ // arguments we pushed for cgocallback where they need to be, ++ // starting at 4(R13). ++ MOVW.W R14, -4(R13) ++ ++ // Save VFP callee-saved registers D8-D15 (same as S16-S31). ++ // Note: We always save these since we target hard-float ABI. ++ MOVD F8, (13*4+8*1)(R13) ++ MOVD F9, (13*4+8*2)(R13) ++ MOVD F10, (13*4+8*3)(R13) ++ MOVD F11, (13*4+8*4)(R13) ++ MOVD F12, (13*4+8*5)(R13) ++ MOVD F13, (13*4+8*6)(R13) ++ MOVD F14, (13*4+8*7)(R13) ++ MOVD F15, (13*4+8*8)(R13) ++ ++ BL runtime·load_g(SB) ++ ++ // We set up the arguments to cgocallback when saving registers above. ++ BL runtime·cgocallback(SB) ++ ++ MOVD (13*4+8*1)(R13), F8 ++ MOVD (13*4+8*2)(R13), F9 ++ MOVD (13*4+8*3)(R13), F10 ++ MOVD (13*4+8*4)(R13), F11 ++ MOVD (13*4+8*5)(R13), F12 ++ MOVD (13*4+8*6)(R13), F13 ++ MOVD (13*4+8*7)(R13), F14 ++ MOVD (13*4+8*8)(R13), F15 ++ ++ MOVW.P 4(R13), R14 ++ MOVM.IAW (R13), [R0, R1, R3, R4, R5, R6, R7, R8, R9, g, R11, R12] ++ ADD $(8*9), R13 ++ MOVW R14, R15 +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_arm64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_arm64.s +new file mode 100644 +index 00000000000000..50e5261d922c56 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_arm64.s +@@ -0,0 +1,36 @@ ++// Copyright 2015 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++#include "textflag.h" ++#include "abi_arm64.h" ++ ++// Called by C code generated by cmd/cgo. ++// func crosscall2(fn, a unsafe.Pointer, n int32, ctxt uintptr) ++// Saves C callee-saved registers and calls cgocallback with three arguments. ++// fn is the PC of a func(a unsafe.Pointer) function. ++TEXT crosscall2(SB), NOSPLIT|NOFRAME, $0 ++/* ++ * We still need to save all callee save register as before, and then ++ * push 3 args for fn (R0, R1, R3), skipping R2. ++ * Also note that at procedure entry in gc world, 8(RSP) will be the ++ * first arg. ++ */ ++ SUB $(8*24), RSP ++ STP (R0, R1), (8*1)(RSP) ++ MOVD R3, (8*3)(RSP) ++ ++ SAVE_R19_TO_R28(8*4) ++ SAVE_F8_TO_F15(8*14) ++ STP (R29, R30), (8*22)(RSP) ++ ++ // Initialize Go ABI environment ++ BL runtime·load_g(SB) ++ BL runtime·cgocallback(SB) ++ ++ RESTORE_R19_TO_R28(8*4) ++ RESTORE_F8_TO_F15(8*14) ++ LDP (8*22)(RSP), (R29, R30) ++ ++ ADD $(8*24), RSP ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_loong64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_loong64.s +new file mode 100644 +index 00000000000000..e81df86a56e4ad +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_loong64.s +@@ -0,0 +1,40 @@ ++// Copyright 2022 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++#include "textflag.h" ++#include "abi_loong64.h" ++ ++// Called by C code generated by cmd/cgo. ++// func crosscall2(fn, a unsafe.Pointer, n int32, ctxt uintptr) ++// Saves C callee-saved registers and calls cgocallback with three arguments. ++// fn is the PC of a func(a unsafe.Pointer) function. ++TEXT crosscall2(SB), NOSPLIT|NOFRAME, $0 ++/* ++ * We still need to save all callee save register as before, and then ++ * push 3 args for fn (R4, R5, R7), skipping R6. ++ * Also note that at procedure entry in gc world, 8(R29) will be the ++ * first arg. ++ */ ++ ++ ADDV $(-23*8), R3 ++ MOVV R4, (1*8)(R3) // fn unsafe.Pointer ++ MOVV R5, (2*8)(R3) // a unsafe.Pointer ++ MOVV R7, (3*8)(R3) // ctxt uintptr ++ ++ SAVE_R22_TO_R31((4*8)) ++ SAVE_F24_TO_F31((14*8)) ++ MOVV R1, (22*8)(R3) ++ ++ // Initialize Go ABI environment ++ JAL runtime·load_g(SB) ++ ++ JAL runtime·cgocallback(SB) ++ ++ RESTORE_R22_TO_R31((4*8)) ++ RESTORE_F24_TO_F31((14*8)) ++ MOVV (22*8)(R3), R1 ++ ++ ADDV $(23*8), R3 ++ ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_ppc64le.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_ppc64le.s +new file mode 100644 +index 00000000000000..6d1938cd8d8bcd +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_ppc64le.s +@@ -0,0 +1,82 @@ ++// Copyright 2014 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++#include "textflag.h" ++#include "abi_ppc64x.h" ++ ++// Called by C code generated by cmd/cgo. ++// func crosscall2(fn, a unsafe.Pointer, n int32, ctxt uintptr) ++// Saves C callee-saved registers and calls cgocallback with three arguments. ++// fn is the PC of a func(a unsafe.Pointer) function. ++// ++// This is a simplified version that only saves GPR and FPR registers, ++// not vector registers. This keeps the stack frame smaller to avoid ++// exceeding the nosplit stack limit. ++// ++// On PPC64LE ELFv2, callee-save registers are: ++// R14-R31 (18 GPRs = 144 bytes) ++// F14-F31 (18 FPRs = 144 bytes) ++// CR2-CR4 (saved in CR field) ++// ++// Stack layout (must be 16-byte aligned): ++// 32 (FIXED_FRAME) + 24 (args) + 144 (GPR) + 144 (FPR) = 344 ++// Rounded to 352 for 16-byte alignment. ++ ++#define FIXED_FRAME 32 ++#define SAVE_SIZE 352 ++#define GPR_OFFSET (FIXED_FRAME+24) ++#define FPR_OFFSET (GPR_OFFSET+SAVE_GPR_SIZE) ++ ++TEXT crosscall2(SB), NOSPLIT|NOFRAME, $0 ++ // Save LR and CR in caller's frame per ELFv2 ABI ++ MOVD LR, R0 ++ MOVD R0, 16(R1) ++ MOVW CR, R0 ++ MOVD R0, 8(R1) ++ ++ // Allocate our stack frame ++ MOVDU R1, -SAVE_SIZE(R1) ++ ++ // Save TOC (R2) in case needed ++ MOVD R2, 24(R1) ++ ++ // Save callee-save GPRs ++ SAVE_GPR(GPR_OFFSET) ++ ++ // Save callee-save FPRs ++ SAVE_FPR(FPR_OFFSET) ++ ++ // Initialize R0 to 0 as expected by Go ++ MOVD $0, R0 ++ ++ // Load the current g. ++ BL runtime·load_g(SB) ++ ++ // Set up arguments for cgocallback ++ MOVD R3, FIXED_FRAME+0(R1) // fn unsafe.Pointer ++ MOVD R4, FIXED_FRAME+8(R1) // a unsafe.Pointer ++ ++ // Skip R5 = n uint32 ++ MOVD R6, FIXED_FRAME+16(R1) // ctxt uintptr ++ BL runtime·cgocallback(SB) ++ ++ // Restore callee-save FPRs ++ RESTORE_FPR(FPR_OFFSET) ++ ++ // Restore callee-save GPRs ++ RESTORE_GPR(GPR_OFFSET) ++ ++ // Restore TOC ++ MOVD 24(R1), R2 ++ ++ // Deallocate stack frame ++ ADD $SAVE_SIZE, R1 ++ ++ // Restore LR and CR from caller's frame ++ MOVD 16(R1), R0 ++ MOVD R0, LR ++ MOVD 8(R1), R0 ++ MOVW R0, CR ++ ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_riscv64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_riscv64.s +new file mode 100644 +index 00000000000000..d34699e5a84d2a +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_riscv64.s +@@ -0,0 +1,37 @@ ++// Copyright 2020 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++#include "textflag.h" ++#include "abi_riscv64.h" ++ ++// Called by C code generated by cmd/cgo. ++// func crosscall2(fn, a unsafe.Pointer, n int32, ctxt uintptr) ++// Saves C callee-saved registers and calls cgocallback with three arguments. ++// fn is the PC of a func(a unsafe.Pointer) function. ++TEXT crosscall2(SB), NOSPLIT|NOFRAME, $0 ++/* ++ * Push arguments for fn (X10, X11, X13), along with all callee-save ++ * registers. Note that at procedure entry the first argument is at ++ * 8(X2). ++ */ ++ ADD $(-8*29), X2 ++ MOV X10, (8*1)(X2) // fn unsafe.Pointer ++ MOV X11, (8*2)(X2) // a unsafe.Pointer ++ MOV X13, (8*3)(X2) // ctxt uintptr ++ ++ SAVE_GPR((8*4)) ++ MOV X1, (8*16)(X2) ++ SAVE_FPR((8*17)) ++ ++ // Initialize Go ABI environment ++ CALL runtime·load_g(SB) ++ CALL runtime·cgocallback(SB) ++ ++ RESTORE_GPR((8*4)) ++ MOV (8*16)(X2), X1 ++ RESTORE_FPR((8*17)) ++ ++ ADD $(8*29), X2 ++ ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_s390x.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_s390x.s +new file mode 100644 +index 00000000000000..b64466501dee38 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_s390x.s +@@ -0,0 +1,55 @@ ++// Copyright 2016 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++#include "textflag.h" ++ ++// Called by C code generated by cmd/cgo. ++// func crosscall2(fn, a unsafe.Pointer, n int32, ctxt uintptr) ++// Saves C callee-saved registers and calls cgocallback with three arguments. ++// fn is the PC of a func(a unsafe.Pointer) function. ++TEXT crosscall2(SB), NOSPLIT|NOFRAME, $0 ++ // Start with standard C stack frame layout and linkage. ++ ++ // Save R6-R15 in the register save area of the calling function. ++ STMG R6, R15, 48(R15) ++ ++ // Allocate 96 bytes on the stack. ++ MOVD $-96(R15), R15 ++ ++ // Save F8-F15 in our stack frame. ++ FMOVD F8, 32(R15) ++ FMOVD F9, 40(R15) ++ FMOVD F10, 48(R15) ++ FMOVD F11, 56(R15) ++ FMOVD F12, 64(R15) ++ FMOVD F13, 72(R15) ++ FMOVD F14, 80(R15) ++ FMOVD F15, 88(R15) ++ ++ // Initialize Go ABI environment. ++ BL runtime·load_g(SB) ++ ++ MOVD R2, 8(R15) // fn unsafe.Pointer ++ MOVD R3, 16(R15) // a unsafe.Pointer ++ ++ // Skip R4 = n uint32 ++ MOVD R5, 24(R15) // ctxt uintptr ++ BL runtime·cgocallback(SB) ++ ++ FMOVD 32(R15), F8 ++ FMOVD 40(R15), F9 ++ FMOVD 48(R15), F10 ++ FMOVD 56(R15), F11 ++ FMOVD 64(R15), F12 ++ FMOVD 72(R15), F13 ++ FMOVD 80(R15), F14 ++ FMOVD 88(R15), F15 ++ ++ // De-allocate stack frame. ++ MOVD $96(R15), R15 ++ ++ // Restore R6-R15. ++ LMG 48(R15), R6, R15 ++ ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/callbacks.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/callbacks.go +new file mode 100644 +index 00000000000000..f29e690cc15b3a +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/callbacks.go +@@ -0,0 +1,93 @@ ++// Copyright 2011 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++//go:build !cgo && (darwin || freebsd || linux) ++ ++package fakecgo ++ ++import ( ++ _ "unsafe" ++) ++ ++// TODO: decide if we need _runtime_cgo_panic_internal ++ ++//go:linkname x_cgo_init_trampoline x_cgo_init_trampoline ++//go:linkname _cgo_init _cgo_init ++var x_cgo_init_trampoline byte ++var _cgo_init = &x_cgo_init_trampoline ++ ++// Creates a new system thread without updating any Go state. ++// ++// This method is invoked during shared library loading to create a new OS ++// thread to perform the runtime initialization. This method is similar to ++// _cgo_sys_thread_start except that it doesn't update any Go state. ++ ++//go:linkname x_cgo_thread_start_trampoline x_cgo_thread_start_trampoline ++//go:linkname _cgo_thread_start _cgo_thread_start ++var x_cgo_thread_start_trampoline byte ++var _cgo_thread_start = &x_cgo_thread_start_trampoline ++ ++// Notifies that the runtime has been initialized. ++// ++// We currently block at every CGO entry point (via _cgo_wait_runtime_init_done) ++// to ensure that the runtime has been initialized before the CGO call is ++// executed. This is necessary for shared libraries where we kickoff runtime ++// initialization in a separate thread and return without waiting for this ++// thread to complete the init. ++ ++//go:linkname x_cgo_notify_runtime_init_done_trampoline x_cgo_notify_runtime_init_done_trampoline ++//go:linkname _cgo_notify_runtime_init_done _cgo_notify_runtime_init_done ++var x_cgo_notify_runtime_init_done_trampoline byte ++var _cgo_notify_runtime_init_done = &x_cgo_notify_runtime_init_done_trampoline ++ ++// Indicates whether a dummy thread key has been created or not. ++// ++// When calling go exported function from C, we register a destructor ++// callback, for a dummy thread key, by using pthread_key_create. ++ ++//go:linkname _cgo_pthread_key_created _cgo_pthread_key_created ++var x_cgo_pthread_key_created uintptr ++var _cgo_pthread_key_created = &x_cgo_pthread_key_created ++ ++// Set the x_crosscall2_ptr C function pointer variable point to crosscall2. ++// It's for the runtime package to call at init time. ++func set_crosscall2() { ++ // nothing needs to be done here for fakecgo ++ // because it's possible to just call cgocallback directly ++} ++ ++//go:linkname _set_crosscall2 runtime.set_crosscall2 ++var _set_crosscall2 = set_crosscall2 ++ ++// Store the g into the thread-specific value. ++// So that pthread_key_destructor will dropm when the thread is exiting. ++ ++//go:linkname x_cgo_bindm_trampoline x_cgo_bindm_trampoline ++//go:linkname _cgo_bindm _cgo_bindm ++var x_cgo_bindm_trampoline byte ++var _cgo_bindm = &x_cgo_bindm_trampoline ++ ++// TODO: decide if we need x_cgo_set_context_function ++// TODO: decide if we need _cgo_yield ++ ++var ( ++ // In Go 1.20 the race detector was rewritten to pure Go ++ // on darwin. This means that when CGO_ENABLED=0 is set ++ // fakecgo is built with race detector code. This is not ++ // good since this code is pretending to be C. The go:norace ++ // pragma is not enough, since it only applies to the native ++ // ABIInternal function. The ABIO wrapper (which is necessary, ++ // since all references to text symbols from assembly will use it) ++ // does not inherit the go:norace pragma, so it will still be ++ // instrumented by the race detector. ++ // ++ // To circumvent this issue, using closure calls in the ++ // assembly, which forces the compiler to use the ABIInternal ++ // native implementation (which has go:norace) instead. ++ threadentry_call = threadentry ++ x_cgo_init_call = x_cgo_init ++ x_cgo_setenv_call = x_cgo_setenv ++ x_cgo_unsetenv_call = x_cgo_unsetenv ++ x_cgo_thread_start_call = x_cgo_thread_start ++) +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/fakecgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/fakecgo.go +new file mode 100644 +index 00000000000000..58b95e1f4157f2 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/fakecgo.go +@@ -0,0 +1,14 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2025 The Ebitengine Authors ++ ++//go:build !cgo && (darwin || freebsd || linux) ++ ++package fakecgo ++ ++import _ "unsafe" ++ ++// setg_trampoline calls setg with the G provided ++func setg_trampoline(setg uintptr, G uintptr) ++ ++// call5 takes fn the C function and 5 arguments and calls the function with those arguments ++func call5(fn, a1, a2, a3, a4, a5 uintptr) uintptr +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/fakecgo.lock b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/fakecgo.lock +new file mode 100644 +index 00000000000000..9b0650d53777bd +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/fakecgo.lock +@@ -0,0 +1,3 @@ ++{ ++ "commit_hash": "5110604b3385278be6887d0feead513a1bfe7a82" ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/freebsd.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/freebsd.go +new file mode 100644 +index 00000000000000..bb73a709e69188 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/freebsd.go +@@ -0,0 +1,27 @@ ++// Copyright 2010 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++//go:build freebsd && !cgo ++ ++package fakecgo ++ ++import _ "unsafe" // for go:linkname ++ ++// Supply environ and __progname, because we don't ++// link against the standard FreeBSD crt0.o and the ++// libc dynamic library needs them. ++ ++// Note: when building with cross-compiling or CGO_ENABLED=0, add ++// the following argument to `go` so that these symbols are defined by ++// making fakecgo the Cgo. ++// -gcflags="github.com/ebitengine/purego/internal/fakecgo=-std" ++ ++//go:linkname _environ environ ++//go:linkname _progname __progname ++ ++//go:cgo_export_dynamic environ ++//go:cgo_export_dynamic __progname ++ ++var _environ uintptr ++var _progname uintptr +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/generate.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/generate.go +new file mode 100644 +index 00000000000000..88c4cdf9ec04cc +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/generate.go +@@ -0,0 +1,6 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++package fakecgo ++ ++//go:generate go run update_tool.go +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_darwin.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_darwin.go +new file mode 100644 +index 00000000000000..d0868f0f790351 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_darwin.go +@@ -0,0 +1,88 @@ ++// Copyright 2011 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++//go:build !cgo ++ ++package fakecgo ++ ++import "unsafe" ++ ++//go:nosplit ++//go:norace ++func _cgo_sys_thread_start(ts *ThreadStart) { ++ var attr pthread_attr_t ++ var ign, oset sigset_t ++ var p pthread_t ++ var size size_t ++ var err int ++ ++ sigfillset(&ign) ++ pthread_sigmask(SIG_SETMASK, &ign, &oset) ++ ++ size = pthread_get_stacksize_np(pthread_self()) ++ pthread_attr_init(&attr) ++ pthread_attr_setstacksize(&attr, size) ++ // Leave stacklo=0 and set stackhi=size; mstart will do the rest. ++ ts.g.stackhi = uintptr(size) ++ ++ err = _cgo_try_pthread_create(&p, &attr, unsafe.Pointer(threadentry_trampolineABI0), ts) ++ ++ pthread_sigmask(SIG_SETMASK, &oset, nil) ++ ++ if err != 0 { ++ print("fakecgo: pthread_create failed: ") ++ println(err) ++ abort() ++ } ++} ++ ++// threadentry_trampolineABI0 maps the C ABI to Go ABI then calls the Go function ++// ++//go:linkname x_threadentry_trampoline threadentry_trampoline ++var x_threadentry_trampoline byte ++var threadentry_trampolineABI0 = &x_threadentry_trampoline ++ ++//go:nosplit ++//go:norace ++func threadentry(v unsafe.Pointer) unsafe.Pointer { ++ ts := *(*ThreadStart)(v) ++ free(v) ++ ++ // TODO: support ios ++ //#if TARGET_OS_IPHONE ++ // darwin_arm_init_thread_exception_port(); ++ //#endif ++ setg_trampoline(setg_func, uintptr(unsafe.Pointer(ts.g))) ++ ++ // faking funcs in go is a bit a... involved - but the following works :) ++ fn := uintptr(unsafe.Pointer(&ts.fn)) ++ (*(*func())(unsafe.Pointer(&fn)))() ++ ++ return nil ++} ++ ++// here we will store a pointer to the provided setg func ++var setg_func uintptr ++ ++// x_cgo_init(G *g, void (*setg)(void*)) (runtime/cgo/gcc_linux_amd64.c) ++// This get's called during startup, adjusts stacklo, and provides a pointer to setg_gcc for us ++// Additionally, if we set _cgo_init to non-null, go won't do it's own TLS setup ++// This function can't be go:systemstack since go is not in a state where the systemcheck would work. ++// ++//go:nosplit ++//go:norace ++func x_cgo_init(g *G, setg uintptr) { ++ var size size_t ++ ++ setg_func = setg ++ size = pthread_get_stacksize_np(pthread_self()) ++ g.stacklo = uintptr(unsafe.Add(unsafe.Pointer(&size), -size+4096)) ++ ++ //TODO: support ios ++ //#if TARGET_OS_IPHONE ++ // darwin_arm_init_mach_exception_handler(); ++ // darwin_arm_init_thread_exception_port(); ++ // init_working_dir(); ++ //#endif ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_freebsd.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_freebsd.go +new file mode 100644 +index 00000000000000..55ff71e2672086 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_freebsd.go +@@ -0,0 +1,79 @@ ++// Copyright 2011 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++//go:build !cgo ++ ++package fakecgo ++ ++import "unsafe" ++ ++//go:nosplit ++func _cgo_sys_thread_start(ts *ThreadStart) { ++ var attr pthread_attr_t ++ var ign, oset sigset_t ++ var p pthread_t ++ var size size_t ++ var err int ++ ++ // fprintf(stderr, "runtime/cgo: _cgo_sys_thread_start: fn=%p, g=%p\n", ts->fn, ts->g); // debug ++ sigfillset(&ign) ++ pthread_sigmask(SIG_SETMASK, &ign, &oset) ++ ++ pthread_attr_init(&attr) ++ pthread_attr_getstacksize(&attr, &size) ++ // Leave stacklo=0 and set stackhi=size; mstart will do the rest. ++ ts.g.stackhi = uintptr(size) ++ ++ err = _cgo_try_pthread_create(&p, &attr, unsafe.Pointer(threadentry_trampolineABI0), ts) ++ ++ pthread_sigmask(SIG_SETMASK, &oset, nil) ++ ++ if err != 0 { ++ print("fakecgo: pthread_create failed: ") ++ println(err) ++ abort() ++ } ++} ++ ++// threadentry_trampolineABI0 maps the C ABI to Go ABI then calls the Go function ++// ++//go:linkname x_threadentry_trampoline threadentry_trampoline ++var x_threadentry_trampoline byte ++var threadentry_trampolineABI0 = &x_threadentry_trampoline ++ ++//go:nosplit ++func threadentry(v unsafe.Pointer) unsafe.Pointer { ++ ts := *(*ThreadStart)(v) ++ free(v) ++ ++ setg_trampoline(setg_func, uintptr(unsafe.Pointer(ts.g))) ++ ++ // faking funcs in go is a bit a... involved - but the following works :) ++ fn := uintptr(unsafe.Pointer(&ts.fn)) ++ (*(*func())(unsafe.Pointer(&fn)))() ++ ++ return nil ++} ++ ++// here we will store a pointer to the provided setg func ++var setg_func uintptr ++ ++// x_cgo_init(G *g, void (*setg)(void*)) (runtime/cgo/gcc_linux_amd64.c) ++// This get's called during startup, adjusts stacklo, and provides a pointer to setg_gcc for us ++// Additionally, if we set _cgo_init to non-null, go won't do it's own TLS setup ++// This function can't be go:systemstack since go is not in a state where the systemcheck would work. ++// ++//go:nosplit ++func x_cgo_init(g *G, setg uintptr) { ++ var size size_t ++ var attr pthread_attr_t ++ ++ setg_func = setg ++ pthread_attr_init(&attr) ++ pthread_attr_getstacksize(&attr, &size) ++ // runtime/cgo uses __builtin_frame_address(0) instead of `uintptr(unsafe.Pointer(&size))` ++ // but this should be OK since we are taking the address of the first variable in this function. ++ g.stacklo = uintptr(unsafe.Pointer(&size)) - uintptr(size) + 4096 ++ pthread_attr_destroy(&attr) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_libinit.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_libinit.go +new file mode 100644 +index 00000000000000..e5a66f39d4f3f5 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_libinit.go +@@ -0,0 +1,72 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2022 The Ebitengine Authors ++ ++//go:build !cgo && (darwin || freebsd || linux) ++ ++package fakecgo ++ ++import ( ++ "syscall" ++ "unsafe" ++) ++ ++var ( ++ pthread_g pthread_key_t ++ ++ runtime_init_cond = PTHREAD_COND_INITIALIZER ++ runtime_init_mu = PTHREAD_MUTEX_INITIALIZER ++ runtime_init_done int ++) ++ ++//go:nosplit ++//go:norace ++func x_cgo_notify_runtime_init_done() { ++ pthread_mutex_lock(&runtime_init_mu) ++ runtime_init_done = 1 ++ pthread_cond_broadcast(&runtime_init_cond) ++ pthread_mutex_unlock(&runtime_init_mu) ++} ++ ++// Store the g into a thread-specific value associated with the pthread key pthread_g. ++// And pthread_key_destructor will dropm when the thread is exiting. ++// ++//go:norace ++func x_cgo_bindm(g unsafe.Pointer) { ++ // We assume this will always succeed, otherwise, there might be extra M leaking, ++ // when a C thread exits after a cgo call. ++ // We only invoke this function once per thread in runtime.needAndBindM, ++ // and the next calls just reuse the bound m. ++ pthread_setspecific(pthread_g, g) ++} ++ ++// _cgo_try_pthread_create retries pthread_create if it fails with ++// EAGAIN. ++// ++//go:nosplit ++//go:norace ++func _cgo_try_pthread_create(thread *pthread_t, attr *pthread_attr_t, pfn unsafe.Pointer, arg *ThreadStart) int { ++ var ts syscall.Timespec ++ // tries needs to be the same type as syscall.Timespec.Nsec ++ // but the fields are int32 on 32bit and int64 on 64bit. ++ // tries is assigned to syscall.Timespec.Nsec in order to match its type. ++ tries := ts.Nsec ++ var err int ++ ++ for tries = 0; tries < 20; tries++ { ++ // inlined this call because it ran out of stack when inlining was disabled ++ err = int(call5(pthread_createABI0, uintptr(unsafe.Pointer(thread)), uintptr(unsafe.Pointer(attr)), uintptr(pfn), uintptr(unsafe.Pointer(arg)), 0)) ++ if err == 0 { ++ // inlined this call because it ran out of stack when inlining was disabled ++ call5(pthread_detachABI0, uintptr(*thread), 0, 0, 0, 0) ++ return 0 ++ } ++ if err != int(syscall.EAGAIN) { ++ return err ++ } ++ ts.Sec = 0 ++ ts.Nsec = (tries + 1) * 1000 * 1000 // Milliseconds. ++ // inlined this call because it ran out of stack when inlining was disabled ++ call5(nanosleepABI0, uintptr(unsafe.Pointer(&ts)), 0, 0, 0, 0) ++ } ++ return int(syscall.EAGAIN) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_linux.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_linux.go +new file mode 100644 +index 00000000000000..089d9fe489407b +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_linux.go +@@ -0,0 +1,79 @@ ++// Copyright 2011 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++//go:build !cgo ++ ++package fakecgo ++ ++import "unsafe" ++ ++//go:nosplit ++func _cgo_sys_thread_start(ts *ThreadStart) { ++ var attr pthread_attr_t ++ var ign, oset sigset_t ++ var p pthread_t ++ var size size_t ++ var err int ++ ++ //fprintf(stderr, "runtime/cgo: _cgo_sys_thread_start: fn=%p, g=%p\n", ts->fn, ts->g); // debug ++ sigfillset(&ign) ++ pthread_sigmask(SIG_SETMASK, &ign, &oset) ++ ++ pthread_attr_init(&attr) ++ pthread_attr_getstacksize(&attr, &size) ++ // Leave stacklo=0 and set stackhi=size; mstart will do the rest. ++ ts.g.stackhi = uintptr(size) ++ ++ err = _cgo_try_pthread_create(&p, &attr, unsafe.Pointer(threadentry_trampolineABI0), ts) ++ ++ pthread_sigmask(SIG_SETMASK, &oset, nil) ++ ++ if err != 0 { ++ print("fakecgo: pthread_create failed: ") ++ println(err) ++ abort() ++ } ++} ++ ++// threadentry_trampolineABI0 maps the C ABI to Go ABI then calls the Go function ++// ++//go:linkname x_threadentry_trampoline threadentry_trampoline ++var x_threadentry_trampoline byte ++var threadentry_trampolineABI0 = &x_threadentry_trampoline ++ ++//go:nosplit ++func threadentry(v unsafe.Pointer) unsafe.Pointer { ++ ts := *(*ThreadStart)(v) ++ free(v) ++ ++ setg_trampoline(setg_func, uintptr(unsafe.Pointer(ts.g))) ++ ++ // faking funcs in go is a bit a... involved - but the following works :) ++ fn := uintptr(unsafe.Pointer(&ts.fn)) ++ (*(*func())(unsafe.Pointer(&fn)))() ++ ++ return nil ++} ++ ++// here we will store a pointer to the provided setg func ++var setg_func uintptr ++ ++// x_cgo_init(G *g, void (*setg)(void*)) (runtime/cgo/gcc_linux_amd64.c) ++// This get's called during startup, adjusts stacklo, and provides a pointer to setg_gcc for us ++// Additionally, if we set _cgo_init to non-null, go won't do it's own TLS setup ++// This function can't be go:systemstack since go is not in a state where the systemcheck would work. ++// ++//go:nosplit ++func x_cgo_init(g *G, setg uintptr) { ++ var size size_t ++ var attr pthread_attr_t ++ ++ setg_func = setg ++ pthread_attr_init(&attr) ++ pthread_attr_getstacksize(&attr, &size) ++ // runtime/cgo uses __builtin_frame_address(0) instead of `uintptr(unsafe.Pointer(&size))` ++ // but this should be OK since we are taking the address of the first variable in this function. ++ g.stacklo = uintptr(unsafe.Pointer(&size)) - uintptr(size) + 4096 ++ pthread_attr_destroy(&attr) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_setenv.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_setenv.go +new file mode 100644 +index 00000000000000..e42d84f0b75ea6 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_setenv.go +@@ -0,0 +1,18 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2022 The Ebitengine Authors ++ ++//go:build !cgo && (darwin || freebsd || linux) ++ ++package fakecgo ++ ++//go:nosplit ++//go:norace ++func x_cgo_setenv(arg *[2]*byte) { ++ setenv(arg[0], arg[1], 1) ++} ++ ++//go:nosplit ++//go:norace ++func x_cgo_unsetenv(arg *[1]*byte) { ++ unsetenv(arg[0]) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_util.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_util.go +new file mode 100644 +index 00000000000000..ff190007e8b6c0 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_util.go +@@ -0,0 +1,38 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2022 The Ebitengine Authors ++ ++//go:build !cgo && (darwin || freebsd || linux) ++ ++package fakecgo ++ ++import "unsafe" ++ ++// _cgo_thread_start is split into three parts in cgo since only one part is system dependent (keep it here for easier handling) ++ ++// _cgo_thread_start(ThreadStart *arg) (runtime/cgo/gcc_util.c) ++// This get's called instead of the go code for creating new threads ++// -> pthread_* stuff is used, so threads are setup correctly for C ++// If this is missing, TLS is only setup correctly on thread 1! ++// This function should be go:systemstack instead of go:nosplit (but that requires runtime) ++// ++//go:nosplit ++//go:norace ++func x_cgo_thread_start(arg *ThreadStart) { ++ var ts *ThreadStart ++ // Make our own copy that can persist after we return. ++ // _cgo_tsan_acquire(); ++ ts = (*ThreadStart)(malloc(unsafe.Sizeof(*ts))) ++ // _cgo_tsan_release(); ++ if ts == nil { ++ println("fakecgo: out of memory in thread_start") ++ abort() ++ } ++ // *ts = *arg would cause a writebarrier so copy using slices ++ const ptrSize = unsafe.Sizeof(uintptr(0)) ++ s1 := unsafe.Slice((*uintptr)(unsafe.Pointer(ts)), unsafe.Sizeof(*ts)/ptrSize) ++ s2 := unsafe.Slice((*uintptr)(unsafe.Pointer(arg)), unsafe.Sizeof(*arg)/ptrSize) ++ for i := range s2 { ++ s1[i] = s2[i] ++ } ++ _cgo_sys_thread_start(ts) // OS-dependent half ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/iscgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/iscgo.go +new file mode 100644 +index 00000000000000..28af41cc640724 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/iscgo.go +@@ -0,0 +1,19 @@ ++// Copyright 2010 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++//go:build !cgo && (darwin || freebsd || linux) ++ ++// The runtime package contains an uninitialized definition ++// for runtime·iscgo. Override it to tell the runtime we're here. ++// There are various function pointers that should be set too, ++// but those depend on dynamic linker magic to get initialized ++// correctly, and sometimes they break. This variable is a ++// backup: it depends only on old C style static linking rules. ++ ++package fakecgo ++ ++import _ "unsafe" // for go:linkname ++ ++//go:linkname _iscgo runtime.iscgo ++var _iscgo bool = true +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo.go +new file mode 100644 +index 00000000000000..38f94419397d8d +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo.go +@@ -0,0 +1,39 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2022 The Ebitengine Authors ++ ++//go:build !cgo && (darwin || freebsd || linux) ++ ++package fakecgo ++ ++type ( ++ size_t uintptr ++ // Sources: ++ // Darwin (32 bytes) - https://github.com/apple/darwin-xnu/blob/2ff845c2e033bd0ff64b5b6aa6063a1f8f65aa32/bsd/sys/_types.h#L74 ++ // FreeBSD (32 bytes) - https://github.com/DoctorWkt/xv6-freebsd/blob/d2a294c2a984baed27676068b15ed9a29b06ab6f/include/signal.h#L98C9-L98C21 ++ // Linux (128 bytes) - https://github.com/torvalds/linux/blob/ab75170520d4964f3acf8bb1f91d34cbc650688e/arch/x86/include/asm/signal.h#L25 ++ sigset_t [128]byte ++ pthread_attr_t [64]byte ++ pthread_t int ++ pthread_key_t uint64 ++) ++ ++// for pthread_sigmask: ++ ++type sighow int32 ++ ++const ( ++ SIG_BLOCK sighow = 0 ++ SIG_UNBLOCK sighow = 1 ++ SIG_SETMASK sighow = 2 ++) ++ ++type G struct { ++ stacklo uintptr ++ stackhi uintptr ++} ++ ++type ThreadStart struct { ++ g *G ++ tls *uintptr ++ fn uintptr ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_darwin.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_darwin.go +new file mode 100644 +index 00000000000000..ecdcb2e7852560 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_darwin.go +@@ -0,0 +1,26 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2022 The Ebitengine Authors ++ ++//go:build !cgo ++ ++package fakecgo ++ ++type ( ++ pthread_mutex_t struct { ++ sig int64 ++ opaque [56]byte ++ } ++ pthread_cond_t struct { ++ sig int64 ++ opaque [40]byte ++ } ++) ++ ++var ( ++ PTHREAD_COND_INITIALIZER = pthread_cond_t{sig: 0x3CB0B1BB} ++ PTHREAD_MUTEX_INITIALIZER = pthread_mutex_t{sig: 0x32AAABA7} ++) ++ ++type stack_t struct { ++ /* not implemented */ ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_freebsd.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_freebsd.go +new file mode 100644 +index 00000000000000..4bfb70c3d5ee9a +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_freebsd.go +@@ -0,0 +1,20 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2022 The Ebitengine Authors ++ ++//go:build !cgo ++ ++package fakecgo ++ ++type ( ++ pthread_cond_t uintptr ++ pthread_mutex_t uintptr ++) ++ ++var ( ++ PTHREAD_COND_INITIALIZER = pthread_cond_t(0) ++ PTHREAD_MUTEX_INITIALIZER = pthread_mutex_t(0) ++) ++ ++type stack_t struct { ++ /* not implemented */ ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_linux.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_linux.go +new file mode 100644 +index 00000000000000..b08a44a1001bc0 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_linux.go +@@ -0,0 +1,20 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2022 The Ebitengine Authors ++ ++//go:build !cgo ++ ++package fakecgo ++ ++type ( ++ pthread_cond_t [48]byte ++ pthread_mutex_t [48]byte ++) ++ ++var ( ++ PTHREAD_COND_INITIALIZER = pthread_cond_t{} ++ PTHREAD_MUTEX_INITIALIZER = pthread_mutex_t{} ++) ++ ++type stack_t struct { ++ /* not implemented */ ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/linux.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/linux.go +new file mode 100644 +index 00000000000000..f98e272e42720e +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/linux.go +@@ -0,0 +1,184 @@ ++// Copyright 2016 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++//go:build !cgo && linux ++ ++package fakecgo ++ ++import "unsafe" ++ ++// argset matches runtime/cgocall.go:argset. ++type argset struct { ++ args *uintptr ++ retval uintptr ++} ++ ++//go:nosplit ++//go:norace ++func (a *argset) arg(i int) unsafe.Pointer { ++ return *(*unsafe.Pointer)(unsafe.Add(unsafe.Pointer(a.args), uintptr(i)*unsafe.Sizeof(uintptr(0)))) ++} ++ ++//go:linkname _cgo_libc_setegid syscall.cgo_libc_setegid ++//go:linkname _cgo_libc_seteuid syscall.cgo_libc_seteuid ++//go:linkname _cgo_libc_setgid syscall.cgo_libc_setgid ++//go:linkname _cgo_libc_setregid syscall.cgo_libc_setregid ++//go:linkname _cgo_libc_setresgid syscall.cgo_libc_setresgid ++//go:linkname _cgo_libc_setresuid syscall.cgo_libc_setresuid ++//go:linkname _cgo_libc_setreuid syscall.cgo_libc_setreuid ++//go:linkname _cgo_libc_setuid syscall.cgo_libc_setuid ++//go:linkname _cgo_libc_setgroups syscall.cgo_libc_setgroups ++ ++var _cgo_libc_setegid = &_cgo_purego_setegid_trampoline ++var _cgo_libc_seteuid = &_cgo_purego_seteuid_trampoline ++var _cgo_libc_setgid = &_cgo_purego_setgid_trampoline ++var _cgo_libc_setregid = &_cgo_purego_setregid_trampoline ++var _cgo_libc_setresgid = &_cgo_purego_setresgid_trampoline ++var _cgo_libc_setresuid = &_cgo_purego_setresuid_trampoline ++var _cgo_libc_setreuid = &_cgo_purego_setreuid_trampoline ++var _cgo_libc_setuid = &_cgo_purego_setuid_trampoline ++var _cgo_libc_setgroups = &_cgo_purego_setgroups_trampoline ++ ++//go:nosplit ++//go:norace ++func errno() int32 { ++ // this indirection is to avoid go vet complaining about possible misuse of unsafe.Pointer ++ loc := __errno_location() ++ return **(**int32)(unsafe.Pointer(&loc)) ++} ++ ++//go:linkname _cgo_purego_setegid_trampoline _cgo_purego_setegid_trampoline ++var _cgo_purego_setegid_trampoline byte ++var x_cgo_purego_setegid_call = x_cgo_purego_setegid ++ ++//go:nosplit ++//go:norace ++func x_cgo_purego_setegid(c *argset) { ++ ret := setegid(uint32(uintptr(c.arg(0)))) ++ if ret == -1 { ++ c.retval = uintptr(errno()) ++ } else { ++ c.retval = uintptr(ret) ++ } ++} ++ ++//go:linkname _cgo_purego_seteuid_trampoline _cgo_purego_seteuid_trampoline ++var _cgo_purego_seteuid_trampoline byte ++var x_cgo_purego_seteuid_call = x_cgo_purego_seteuid ++ ++//go:nosplit ++//go:norace ++func x_cgo_purego_seteuid(c *argset) { ++ ret := seteuid(uint32(uintptr(c.arg(0)))) ++ if ret == -1 { ++ c.retval = uintptr(errno()) ++ } else { ++ c.retval = uintptr(ret) ++ } ++} ++ ++//go:linkname _cgo_purego_setgid_trampoline _cgo_purego_setgid_trampoline ++var _cgo_purego_setgid_trampoline byte ++var x_cgo_purego_setgid_call = x_cgo_purego_setgid ++ ++//go:nosplit ++//go:norace ++func x_cgo_purego_setgid(c *argset) { ++ ret := setgid(uint32(uintptr(c.arg(0)))) ++ if ret == -1 { ++ c.retval = uintptr(errno()) ++ } else { ++ c.retval = uintptr(ret) ++ } ++} ++ ++//go:linkname _cgo_purego_setregid_trampoline _cgo_purego_setregid_trampoline ++var _cgo_purego_setregid_trampoline byte ++var x_cgo_purego_setregid_call = x_cgo_purego_setregid ++ ++//go:nosplit ++//go:norace ++func x_cgo_purego_setregid(c *argset) { ++ ret := setregid(uint32(uintptr(c.arg(0))), uint32(uintptr(c.arg(1)))) ++ if ret == -1 { ++ c.retval = uintptr(errno()) ++ } else { ++ c.retval = uintptr(ret) ++ } ++} ++ ++//go:linkname _cgo_purego_setresgid_trampoline _cgo_purego_setresgid_trampoline ++var _cgo_purego_setresgid_trampoline byte ++var x_cgo_purego_setresgid_call = x_cgo_purego_setresgid ++ ++//go:nosplit ++//go:norace ++func x_cgo_purego_setresgid(c *argset) { ++ ret := setresgid(uint32(uintptr(c.arg(0))), uint32(uintptr(c.arg(1))), uint32(uintptr(c.arg(2)))) ++ if ret == -1 { ++ c.retval = uintptr(errno()) ++ } else { ++ c.retval = uintptr(ret) ++ } ++} ++ ++//go:linkname _cgo_purego_setresuid_trampoline _cgo_purego_setresuid_trampoline ++var _cgo_purego_setresuid_trampoline byte ++var x_cgo_purego_setresuid_call = x_cgo_purego_setresuid ++ ++//go:nosplit ++//go:norace ++func x_cgo_purego_setresuid(c *argset) { ++ ret := setresuid(uint32(uintptr(c.arg(0))), uint32(uintptr(c.arg(1))), uint32(uintptr(c.arg(2)))) ++ if ret == -1 { ++ c.retval = uintptr(errno()) ++ } else { ++ c.retval = uintptr(ret) ++ } ++} ++ ++//go:linkname _cgo_purego_setreuid_trampoline _cgo_purego_setreuid_trampoline ++var _cgo_purego_setreuid_trampoline byte ++var x_cgo_purego_setreuid_call = x_cgo_purego_setreuid ++ ++//go:nosplit ++//go:norace ++func x_cgo_purego_setreuid(c *argset) { ++ ret := setreuid(uint32(uintptr(c.arg(0))), uint32(uintptr(c.arg(1)))) ++ if ret == -1 { ++ c.retval = uintptr(errno()) ++ } else { ++ c.retval = uintptr(ret) ++ } ++} ++ ++//go:linkname _cgo_purego_setuid_trampoline _cgo_purego_setuid_trampoline ++var _cgo_purego_setuid_trampoline byte ++var x_cgo_purego_setuid_call = x_cgo_purego_setuid ++ ++//go:nosplit ++//go:norace ++func x_cgo_purego_setuid(c *argset) { ++ ret := setuid(uint32(uintptr(c.arg(0)))) ++ if ret == -1 { ++ c.retval = uintptr(errno()) ++ } else { ++ c.retval = uintptr(ret) ++ } ++} ++ ++//go:linkname _cgo_purego_setgroups_trampoline _cgo_purego_setgroups_trampoline ++var _cgo_purego_setgroups_trampoline byte ++var x_cgo_purego_setgroups_call = x_cgo_purego_setgroups ++ ++//go:nosplit ++//go:norace ++func x_cgo_purego_setgroups(c *argset) { ++ ret := setgroups(uint32(uintptr(c.arg(0))), (*uint32)(c.arg(1))) ++ if ret == -1 { ++ c.retval = uintptr(errno()) ++ } else { ++ c.retval = uintptr(ret) ++ } ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/setenv.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/setenv.go +new file mode 100644 +index 00000000000000..f30af0e1515699 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/setenv.go +@@ -0,0 +1,19 @@ ++// Copyright 2011 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++//go:build !cgo && (darwin || freebsd || linux) ++ ++package fakecgo ++ ++import _ "unsafe" // for go:linkname ++ ++//go:linkname x_cgo_setenv_trampoline x_cgo_setenv_trampoline ++//go:linkname _cgo_setenv runtime._cgo_setenv ++var x_cgo_setenv_trampoline byte ++var _cgo_setenv = &x_cgo_setenv_trampoline ++ ++//go:linkname x_cgo_unsetenv_trampoline x_cgo_unsetenv_trampoline ++//go:linkname _cgo_unsetenv runtime._cgo_unsetenv ++var x_cgo_unsetenv_trampoline byte ++var _cgo_unsetenv = &x_cgo_unsetenv_trampoline +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_386.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_386.s +new file mode 100644 +index 00000000000000..cf56a6c71575eb +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_386.s +@@ -0,0 +1,121 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2026 The Ebitengine Authors ++ ++//go:build !cgo && (darwin || freebsd || linux) ++ ++#include "textflag.h" ++#include "go_asm.h" ++ ++// These trampolines map the gcc ABI to Go ABI0 and then call into the Go equivalent functions. ++// On i386, both GCC and Go use stack-based calling conventions. ++// ++// When C calls a function, the stack looks like: ++// 0(SP) = return address ++// 4(SP) = arg1 ++// 8(SP) = arg2 ++// ... ++// ++// When we declare a Go function with frame size $N-0, Go's prologue ++// effectively does SUB $N, SP, so the C arguments shift up by N bytes: ++// N+0(SP) = return address ++// N+4(SP) = arg1 ++// N+8(SP) = arg2 ++// ++// Go ABI0 on 386 expects arguments starting at 0(FP) which equals N+4(SP) ++// after the prologue (where N is the local frame size). ++ ++TEXT x_cgo_init_trampoline(SB), NOSPLIT, $8-0 ++ // C args at 12(SP) and 16(SP) after frame setup (8 bytes local + 4 bytes ret addr) ++ // Go function expects args at 0(SP) and 4(SP) in local frame ++ MOVL 12(SP), AX // first C arg ++ MOVL 16(SP), BX // second C arg ++ MOVL AX, 0(SP) // Go arg 1 ++ MOVL BX, 4(SP) // Go arg 2 ++ MOVL ·x_cgo_init_call(SB), CX ++ MOVL (CX), CX ++ CALL CX ++ RET ++ ++TEXT x_cgo_thread_start_trampoline(SB), NOSPLIT, $4-0 ++ // C args at 8(SP) after frame setup (4 bytes local + 4 bytes ret addr) ++ MOVL 8(SP), AX // first C arg ++ MOVL AX, 0(SP) // Go arg 1 ++ MOVL ·x_cgo_thread_start_call(SB), CX ++ MOVL (CX), CX ++ CALL CX ++ RET ++ ++TEXT x_cgo_setenv_trampoline(SB), NOSPLIT, $4-0 ++ MOVL 8(SP), AX // first C arg ++ MOVL AX, 0(SP) // Go arg 1 ++ MOVL ·x_cgo_setenv_call(SB), CX ++ MOVL (CX), CX ++ CALL CX ++ RET ++ ++TEXT x_cgo_unsetenv_trampoline(SB), NOSPLIT, $4-0 ++ MOVL 8(SP), AX // first C arg ++ MOVL AX, 0(SP) // Go arg 1 ++ MOVL ·x_cgo_unsetenv_call(SB), CX ++ MOVL (CX), CX ++ CALL CX ++ RET ++ ++TEXT x_cgo_notify_runtime_init_done_trampoline(SB), NOSPLIT, $0-0 ++ CALL ·x_cgo_notify_runtime_init_done(SB) ++ RET ++ ++TEXT x_cgo_bindm_trampoline(SB), NOSPLIT, $0 ++ CALL ·x_cgo_bindm(SB) ++ RET ++ ++// func setg_trampoline(setg uintptr, g uintptr) ++// This is called from Go, so args are at normal FP positions ++TEXT ·setg_trampoline(SB), NOSPLIT, $4-8 ++ MOVL g+4(FP), AX ++ MOVL setg+0(FP), BX ++ ++ // setg expects g in 0(SP) ++ MOVL AX, 0(SP) ++ CALL BX ++ RET ++ ++TEXT threadentry_trampoline(SB), NOSPLIT, $24-4 ++ // Save callee-saved registers ++ MOVL BP, 20(SP) ++ MOVL BX, 16(SP) ++ MOVL SI, 12(SP) ++ MOVL DI, 8(SP) ++ ++ // Move C argument (arg) to stack for Go function ++ MOVL arg+0(FP), AX ++ MOVL AX, 0(SP) ++ ++ MOVL ·threadentry_call(SB), CX ++ MOVL (CX), CX ++ CALL CX ++ ++ // Restore callee-saved registers ++ MOVL 8(SP), DI ++ MOVL 12(SP), SI ++ MOVL 16(SP), BX ++ MOVL 20(SP), BP ++ RET ++ ++TEXT ·call5(SB), NOSPLIT, $24-28 ++ MOVL fn+0(FP), AX ++ MOVL a1+4(FP), BX ++ MOVL a2+8(FP), CX ++ MOVL a3+12(FP), DX ++ MOVL a4+16(FP), SI ++ MOVL a5+20(FP), DI ++ ++ // Place arguments on local stack frame for C calling convention ++ MOVL BX, 0(SP) // a1 ++ MOVL CX, 4(SP) // a2 ++ MOVL DX, 8(SP) // a3 ++ MOVL SI, 12(SP) // a4 ++ MOVL DI, 16(SP) // a5 ++ CALL AX ++ MOVL AX, r1+24(FP) ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_amd64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_amd64.s +new file mode 100644 +index 00000000000000..a4ca5ea98214fd +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_amd64.s +@@ -0,0 +1,107 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2022 The Ebitengine Authors ++ ++//go:build !cgo && (darwin || freebsd || linux) ++ ++/* ++trampoline for emulating required C functions for cgo in go (see cgo.go) ++(we convert cdecl calling convention to go and vice-versa) ++ ++C Calling convention cdecl used here (we only need integer args): ++1. arg: DI ++2. arg: SI ++3. arg: DX ++4. arg: CX ++5. arg: R8 ++6. arg: R9 ++We don't need floats with these functions -> AX=0 ++return value will be in AX ++temporary register is R11 ++*/ ++#include "textflag.h" ++#include "go_asm.h" ++#include "abi_amd64.h" ++ ++// these trampolines map the gcc ABI to Go ABI and then calls into the Go equivalent functions. ++ ++TEXT x_cgo_init_trampoline(SB), NOSPLIT, $16 ++ MOVQ DI, AX ++ MOVQ SI, BX ++ MOVQ ·x_cgo_init_call(SB), R11 ++ MOVQ (R11), R11 ++ CALL R11 ++ RET ++ ++TEXT x_cgo_thread_start_trampoline(SB), NOSPLIT, $8 ++ MOVQ DI, AX ++ MOVQ ·x_cgo_thread_start_call(SB), R11 ++ MOVQ (R11), R11 ++ CALL R11 ++ RET ++ ++TEXT x_cgo_setenv_trampoline(SB), NOSPLIT, $8 ++ MOVQ DI, AX ++ MOVQ ·x_cgo_setenv_call(SB), R11 ++ MOVQ (R11), R11 ++ CALL R11 ++ RET ++ ++TEXT x_cgo_unsetenv_trampoline(SB), NOSPLIT, $8 ++ MOVQ DI, AX ++ MOVQ ·x_cgo_unsetenv_call(SB), R11 ++ MOVQ (R11), R11 ++ CALL R11 ++ RET ++ ++TEXT x_cgo_notify_runtime_init_done_trampoline(SB), NOSPLIT, $0 ++ JMP ·x_cgo_notify_runtime_init_done(SB) ++ ++TEXT x_cgo_bindm_trampoline(SB), NOSPLIT, $0 ++ JMP ·x_cgo_bindm(SB) ++ ++// func setg_trampoline(setg uintptr, g uintptr) ++TEXT ·setg_trampoline(SB), NOSPLIT, $0-16 ++ MOVQ G+8(FP), DI ++ MOVQ setg+0(FP), R11 ++ XORL AX, AX ++ CALL R11 ++ RET ++ ++TEXT threadentry_trampoline(SB), NOSPLIT, $0 ++ // See crosscall2. ++ PUSH_REGS_HOST_TO_ABI0() ++ ++ // X15 is designated by Go as a fixed zero register. ++ // Calling directly into ABIInternal, ensure it is zero. ++ PXOR X15, X15 ++ ++ MOVQ DI, AX ++ MOVQ ·threadentry_call(SB), R11 ++ MOVQ (R11), R11 ++ CALL R11 ++ ++ POP_REGS_HOST_TO_ABI0() ++ RET ++ ++TEXT ·call5(SB), NOSPLIT, $0-56 ++ MOVQ fn+0(FP), R11 ++ MOVQ a1+8(FP), DI ++ MOVQ a2+16(FP), SI ++ MOVQ a3+24(FP), DX ++ MOVQ a4+32(FP), CX ++ MOVQ a5+40(FP), R8 ++ ++ XORL AX, AX // no floats ++ ++ PUSHQ BP // save BP ++ MOVQ SP, BP // save SP inside BP bc BP is callee-saved ++ SUBQ $16, SP // allocate space for alignment ++ ANDQ $-16, SP // align on 16 bytes for SSE ++ ++ CALL R11 ++ ++ MOVQ BP, SP // get SP back ++ POPQ BP // restore BP ++ ++ MOVQ AX, ret+48(FP) ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_arm.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_arm.s +new file mode 100644 +index 00000000000000..c17925d60d6787 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_arm.s +@@ -0,0 +1,122 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2026 The Ebitengine Authors ++ ++//go:build !cgo && (darwin || freebsd || linux) ++ ++#include "textflag.h" ++#include "go_asm.h" ++ ++// These trampolines map the gcc ABI to Go ABI0 and then call into the Go equivalent functions. ++// On ARM32, Go ABI0 uses stack-based calling convention. ++// Arguments are placed on the stack starting at 4(SP) after the prologue. ++ ++TEXT x_cgo_init_trampoline(SB), NOSPLIT, $8-0 ++ MOVW R0, 4(R13) ++ MOVW R1, 8(R13) ++ MOVW ·x_cgo_init_call(SB), R12 ++ MOVW (R12), R12 ++ CALL (R12) ++ RET ++ ++TEXT x_cgo_thread_start_trampoline(SB), NOSPLIT, $8-0 ++ MOVW R0, 4(R13) ++ MOVW ·x_cgo_thread_start_call(SB), R12 ++ MOVW (R12), R12 ++ CALL (R12) ++ RET ++ ++TEXT x_cgo_setenv_trampoline(SB), NOSPLIT, $8-0 ++ MOVW R0, 4(R13) ++ MOVW ·x_cgo_setenv_call(SB), R12 ++ MOVW (R12), R12 ++ CALL (R12) ++ RET ++ ++TEXT x_cgo_unsetenv_trampoline(SB), NOSPLIT, $8-0 ++ MOVW R0, 4(R13) ++ MOVW ·x_cgo_unsetenv_call(SB), R12 ++ MOVW (R12), R12 ++ CALL (R12) ++ RET ++ ++TEXT x_cgo_notify_runtime_init_done_trampoline(SB), NOSPLIT, $0-0 ++ CALL ·x_cgo_notify_runtime_init_done(SB) ++ RET ++ ++TEXT x_cgo_bindm_trampoline(SB), NOSPLIT, $0 ++ CALL ·x_cgo_bindm(SB) ++ RET ++ ++// func setg_trampoline(setg uintptr, g uintptr) ++TEXT ·setg_trampoline(SB), NOSPLIT, $0-8 ++ MOVW G+4(FP), R0 ++ MOVW setg+0(FP), R12 ++ BL (R12) ++ RET ++ ++TEXT threadentry_trampoline(SB), NOSPLIT, $104-0 ++ // Save C callee-saved registers at C-to-Go boundary. ++ // See crosscall2 in asm_arm.s. ++ // ARM AAPCS callee-saved: R4-R11 (includes g=R10), D8-D15. ++ // LR is saved/restored by the Go-managed frame prologue/epilogue. ++ MOVW R0, 4(R13) // arg for threadentry_call ++ ++ MOVW R4, 8(R13) ++ MOVW R5, 12(R13) ++ MOVW R6, 16(R13) ++ MOVW R7, 20(R13) ++ MOVW R8, 24(R13) ++ MOVW R9, 28(R13) ++ MOVW g, 32(R13) // R10 ++ MOVW R11, 36(R13) ++ ++ MOVD F8, 40(R13) ++ MOVD F9, 48(R13) ++ MOVD F10, 56(R13) ++ MOVD F11, 64(R13) ++ MOVD F12, 72(R13) ++ MOVD F13, 80(R13) ++ MOVD F14, 88(R13) ++ MOVD F15, 96(R13) ++ ++ MOVW ·threadentry_call(SB), R12 ++ MOVW (R12), R12 ++ CALL (R12) ++ ++ MOVD 40(R13), F8 ++ MOVD 48(R13), F9 ++ MOVD 56(R13), F10 ++ MOVD 64(R13), F11 ++ MOVD 72(R13), F12 ++ MOVD 80(R13), F13 ++ MOVD 88(R13), F14 ++ MOVD 96(R13), F15 ++ ++ MOVW 8(R13), R4 ++ MOVW 12(R13), R5 ++ MOVW 16(R13), R6 ++ MOVW 20(R13), R7 ++ MOVW 24(R13), R8 ++ MOVW 28(R13), R9 ++ MOVW 32(R13), g ++ MOVW 36(R13), R11 ++ ++ RET ++ ++TEXT ·call5(SB), NOSPLIT, $8-28 ++ MOVW fn+0(FP), R12 ++ MOVW a1+4(FP), R0 ++ MOVW a2+8(FP), R1 ++ MOVW a3+12(FP), R2 ++ MOVW a4+16(FP), R3 ++ MOVW a5+20(FP), R4 ++ ++ // Store 5th arg below SP (in local frame area) ++ MOVW R4, arg5-8(SP) ++ ++ // Align SP to 8 bytes for call (required by ARM AAPCS) ++ SUB $8, R13 ++ CALL (R12) ++ ADD $8, R13 ++ MOVW R0, r1+24(FP) ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_arm64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_arm64.s +new file mode 100644 +index 00000000000000..1deb2747ad3245 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_arm64.s +@@ -0,0 +1,81 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2022 The Ebitengine Authors ++ ++//go:build !cgo && (darwin || freebsd || linux) ++ ++#include "textflag.h" ++#include "go_asm.h" ++#include "abi_arm64.h" ++ ++// These trampolines map the gcc ABI to Go ABIInternal and then calls into the Go equivalent functions. ++// Note that C arguments are passed in R0-R7, which matches Go ABIInternal for the first eight arguments. ++// R9 is used as a temporary register. ++ ++TEXT x_cgo_init_trampoline(SB), NOSPLIT, $0-0 ++ MOVD ·x_cgo_init_call(SB), R9 ++ MOVD (R9), R9 ++ CALL R9 ++ RET ++ ++TEXT x_cgo_thread_start_trampoline(SB), NOSPLIT, $0-0 ++ MOVD ·x_cgo_thread_start_call(SB), R9 ++ MOVD (R9), R9 ++ CALL R9 ++ RET ++ ++TEXT x_cgo_setenv_trampoline(SB), NOSPLIT, $0-0 ++ MOVD ·x_cgo_setenv_call(SB), R9 ++ MOVD (R9), R9 ++ CALL R9 ++ RET ++ ++TEXT x_cgo_unsetenv_trampoline(SB), NOSPLIT, $0-0 ++ MOVD ·x_cgo_unsetenv_call(SB), R9 ++ MOVD (R9), R9 ++ CALL R9 ++ RET ++ ++TEXT x_cgo_notify_runtime_init_done_trampoline(SB), NOSPLIT, $0-0 ++ CALL ·x_cgo_notify_runtime_init_done(SB) ++ RET ++ ++TEXT x_cgo_bindm_trampoline(SB), NOSPLIT, $0 ++ CALL ·x_cgo_bindm(SB) ++ RET ++ ++// func setg_trampoline(setg uintptr, g uintptr) ++TEXT ·setg_trampoline(SB), NOSPLIT, $0-16 ++ MOVD G+8(FP), R0 ++ MOVD setg+0(FP), R9 ++ CALL R9 ++ RET ++ ++TEXT threadentry_trampoline(SB), NOSPLIT, $0-0 ++ // See crosscall2. ++ SUB $(8*24), RSP ++ STP (R0, R1), (8*1)(RSP) ++ MOVD R3, (8*3)(RSP) ++ ++ SAVE_R19_TO_R28(8*4) ++ SAVE_F8_TO_F15(8*14) ++ ++ MOVD ·threadentry_call(SB), R9 ++ MOVD (R9), R9 ++ CALL R9 ++ MOVD $0, R0 // TODO: get the return value from threadentry ++ ++ RESTORE_R19_TO_R28(8*4) ++ RESTORE_F8_TO_F15(8*14) ++ ADD $(8*24), RSP ++ RET ++ ++TEXT ·call5(SB), NOSPLIT, $0-0 ++ MOVD fn+0(FP), R9 ++ MOVD a1+8(FP), R0 ++ MOVD a2+16(FP), R1 ++ MOVD a3+24(FP), R2 ++ MOVD a4+32(FP), R3 ++ MOVD a5+40(FP), R4 ++ CALL R9 ++ MOVD R0, ret+48(FP) ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_386.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_386.s +new file mode 100644 +index 00000000000000..eea96638fa9a9b +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_386.s +@@ -0,0 +1,78 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2026 The Ebitengine Authors ++ ++//go:build !cgo && linux ++ ++#include "textflag.h" ++ ++TEXT _cgo_purego_setegid_trampoline(SB), NOSPLIT, $4-0 ++ MOVL 8(SP), AX ++ MOVL AX, 0(SP) ++ MOVL ·x_cgo_purego_setegid_call(SB), CX ++ MOVL (CX), CX ++ CALL CX ++ RET ++ ++TEXT _cgo_purego_seteuid_trampoline(SB), NOSPLIT, $4-0 ++ MOVL 8(SP), AX ++ MOVL AX, 0(SP) ++ MOVL ·x_cgo_purego_seteuid_call(SB), CX ++ MOVL (CX), CX ++ CALL CX ++ RET ++ ++TEXT _cgo_purego_setgid_trampoline(SB), NOSPLIT, $4-0 ++ MOVL 8(SP), AX ++ MOVL AX, 0(SP) ++ MOVL ·x_cgo_purego_setgid_call(SB), CX ++ MOVL (CX), CX ++ CALL CX ++ RET ++ ++TEXT _cgo_purego_setregid_trampoline(SB), NOSPLIT, $4-0 ++ MOVL 8(SP), AX ++ MOVL AX, 0(SP) ++ MOVL ·x_cgo_purego_setregid_call(SB), CX ++ MOVL (CX), CX ++ CALL CX ++ RET ++ ++TEXT _cgo_purego_setresgid_trampoline(SB), NOSPLIT, $4-0 ++ MOVL 8(SP), AX ++ MOVL AX, 0(SP) ++ MOVL ·x_cgo_purego_setresgid_call(SB), CX ++ MOVL (CX), CX ++ CALL CX ++ RET ++ ++TEXT _cgo_purego_setresuid_trampoline(SB), NOSPLIT, $4-0 ++ MOVL 8(SP), AX ++ MOVL AX, 0(SP) ++ MOVL ·x_cgo_purego_setresuid_call(SB), CX ++ MOVL (CX), CX ++ CALL CX ++ RET ++ ++TEXT _cgo_purego_setreuid_trampoline(SB), NOSPLIT, $4-0 ++ MOVL 8(SP), AX ++ MOVL AX, 0(SP) ++ MOVL ·x_cgo_purego_setreuid_call(SB), CX ++ MOVL (CX), CX ++ CALL CX ++ RET ++ ++TEXT _cgo_purego_setuid_trampoline(SB), NOSPLIT, $4-0 ++ MOVL 8(SP), AX ++ MOVL AX, 0(SP) ++ MOVL ·x_cgo_purego_setuid_call(SB), CX ++ MOVL (CX), CX ++ CALL CX ++ RET ++ ++TEXT _cgo_purego_setgroups_trampoline(SB), NOSPLIT, $4-0 ++ MOVL 8(SP), AX ++ MOVL AX, 0(SP) ++ MOVL ·x_cgo_purego_setgroups_call(SB), CX ++ MOVL (CX), CX ++ CALL CX ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_amd64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_amd64.s +new file mode 100644 +index 00000000000000..424ebc1e7cbb42 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_amd64.s +@@ -0,0 +1,69 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2026 The Ebitengine Authors ++ ++//go:build !cgo && linux ++ ++#include "textflag.h" ++ ++TEXT _cgo_purego_setegid_trampoline(SB), NOSPLIT, $8 ++ MOVQ DI, AX ++ MOVQ ·x_cgo_purego_setegid_call(SB), R11 ++ MOVQ (R11), R11 ++ CALL R11 ++ RET ++ ++TEXT _cgo_purego_seteuid_trampoline(SB), NOSPLIT, $8 ++ MOVQ DI, AX ++ MOVQ ·x_cgo_purego_seteuid_call(SB), R11 ++ MOVQ (R11), R11 ++ CALL R11 ++ RET ++ ++TEXT _cgo_purego_setgid_trampoline(SB), NOSPLIT, $8 ++ MOVQ DI, AX ++ MOVQ ·x_cgo_purego_setgid_call(SB), R11 ++ MOVQ (R11), R11 ++ CALL R11 ++ RET ++ ++TEXT _cgo_purego_setregid_trampoline(SB), NOSPLIT, $8 ++ MOVQ DI, AX ++ MOVQ ·x_cgo_purego_setregid_call(SB), R11 ++ MOVQ (R11), R11 ++ CALL R11 ++ RET ++ ++TEXT _cgo_purego_setresgid_trampoline(SB), NOSPLIT, $8 ++ MOVQ DI, AX ++ MOVQ ·x_cgo_purego_setresgid_call(SB), R11 ++ MOVQ (R11), R11 ++ CALL R11 ++ RET ++ ++TEXT _cgo_purego_setresuid_trampoline(SB), NOSPLIT, $8 ++ MOVQ DI, AX ++ MOVQ ·x_cgo_purego_setresuid_call(SB), R11 ++ MOVQ (R11), R11 ++ CALL R11 ++ RET ++ ++TEXT _cgo_purego_setreuid_trampoline(SB), NOSPLIT, $8 ++ MOVQ DI, AX ++ MOVQ ·x_cgo_purego_setreuid_call(SB), R11 ++ MOVQ (R11), R11 ++ CALL R11 ++ RET ++ ++TEXT _cgo_purego_setuid_trampoline(SB), NOSPLIT, $8 ++ MOVQ DI, AX ++ MOVQ ·x_cgo_purego_setuid_call(SB), R11 ++ MOVQ (R11), R11 ++ CALL R11 ++ RET ++ ++TEXT _cgo_purego_setgroups_trampoline(SB), NOSPLIT, $8 ++ MOVQ DI, AX ++ MOVQ ·x_cgo_purego_setgroups_call(SB), R11 ++ MOVQ (R11), R11 ++ CALL R11 ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_arm.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_arm.s +new file mode 100644 +index 00000000000000..284fe5d0e3a87a +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_arm.s +@@ -0,0 +1,69 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2026 The Ebitengine Authors ++ ++//go:build !cgo && linux ++ ++#include "textflag.h" ++ ++TEXT _cgo_purego_setegid_trampoline(SB), NOSPLIT, $8-0 ++ MOVW R0, 4(R13) ++ MOVW ·x_cgo_purego_setegid_call(SB), R12 ++ MOVW (R12), R12 ++ CALL (R12) ++ RET ++ ++TEXT _cgo_purego_seteuid_trampoline(SB), NOSPLIT, $8-0 ++ MOVW R0, 4(R13) ++ MOVW ·x_cgo_purego_seteuid_call(SB), R12 ++ MOVW (R12), R12 ++ CALL (R12) ++ RET ++ ++TEXT _cgo_purego_setgid_trampoline(SB), NOSPLIT, $8-0 ++ MOVW R0, 4(R13) ++ MOVW ·x_cgo_purego_setgid_call(SB), R12 ++ MOVW (R12), R12 ++ CALL (R12) ++ RET ++ ++TEXT _cgo_purego_setregid_trampoline(SB), NOSPLIT, $8-0 ++ MOVW R0, 4(R13) ++ MOVW ·x_cgo_purego_setregid_call(SB), R12 ++ MOVW (R12), R12 ++ CALL (R12) ++ RET ++ ++TEXT _cgo_purego_setresgid_trampoline(SB), NOSPLIT, $8-0 ++ MOVW R0, 4(R13) ++ MOVW ·x_cgo_purego_setresgid_call(SB), R12 ++ MOVW (R12), R12 ++ CALL (R12) ++ RET ++ ++TEXT _cgo_purego_setresuid_trampoline(SB), NOSPLIT, $8-0 ++ MOVW R0, 4(R13) ++ MOVW ·x_cgo_purego_setresuid_call(SB), R12 ++ MOVW (R12), R12 ++ CALL (R12) ++ RET ++ ++TEXT _cgo_purego_setreuid_trampoline(SB), NOSPLIT, $8-0 ++ MOVW R0, 4(R13) ++ MOVW ·x_cgo_purego_setreuid_call(SB), R12 ++ MOVW (R12), R12 ++ CALL (R12) ++ RET ++ ++TEXT _cgo_purego_setuid_trampoline(SB), NOSPLIT, $8-0 ++ MOVW R0, 4(R13) ++ MOVW ·x_cgo_purego_setuid_call(SB), R12 ++ MOVW (R12), R12 ++ CALL (R12) ++ RET ++ ++TEXT _cgo_purego_setgroups_trampoline(SB), NOSPLIT, $8-0 ++ MOVW R0, 4(R13) ++ MOVW ·x_cgo_purego_setgroups_call(SB), R12 ++ MOVW (R12), R12 ++ CALL (R12) ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_arm64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_arm64.s +new file mode 100644 +index 00000000000000..771910817b7686 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_arm64.s +@@ -0,0 +1,60 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2026 The Ebitengine Authors ++ ++//go:build !cgo && linux ++ ++#include "textflag.h" ++ ++TEXT _cgo_purego_setegid_trampoline(SB), NOSPLIT, $0-0 ++ MOVD ·x_cgo_purego_setegid_call(SB), R9 ++ MOVD (R9), R9 ++ CALL R9 ++ RET ++ ++TEXT _cgo_purego_seteuid_trampoline(SB), NOSPLIT, $0-0 ++ MOVD ·x_cgo_purego_seteuid_call(SB), R9 ++ MOVD (R9), R9 ++ CALL R9 ++ RET ++ ++TEXT _cgo_purego_setgid_trampoline(SB), NOSPLIT, $0-0 ++ MOVD ·x_cgo_purego_setgid_call(SB), R9 ++ MOVD (R9), R9 ++ CALL R9 ++ RET ++ ++TEXT _cgo_purego_setregid_trampoline(SB), NOSPLIT, $0-0 ++ MOVD ·x_cgo_purego_setregid_call(SB), R9 ++ MOVD (R9), R9 ++ CALL R9 ++ RET ++ ++TEXT _cgo_purego_setresgid_trampoline(SB), NOSPLIT, $0-0 ++ MOVD ·x_cgo_purego_setresgid_call(SB), R9 ++ MOVD (R9), R9 ++ CALL R9 ++ RET ++ ++TEXT _cgo_purego_setresuid_trampoline(SB), NOSPLIT, $0-0 ++ MOVD ·x_cgo_purego_setresuid_call(SB), R9 ++ MOVD (R9), R9 ++ CALL R9 ++ RET ++ ++TEXT _cgo_purego_setreuid_trampoline(SB), NOSPLIT, $0-0 ++ MOVD ·x_cgo_purego_setreuid_call(SB), R9 ++ MOVD (R9), R9 ++ CALL R9 ++ RET ++ ++TEXT _cgo_purego_setuid_trampoline(SB), NOSPLIT, $0-0 ++ MOVD ·x_cgo_purego_setuid_call(SB), R9 ++ MOVD (R9), R9 ++ CALL R9 ++ RET ++ ++TEXT _cgo_purego_setgroups_trampoline(SB), NOSPLIT, $0-0 ++ MOVD ·x_cgo_purego_setgroups_call(SB), R9 ++ MOVD (R9), R9 ++ CALL R9 ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_loong64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_loong64.s +new file mode 100644 +index 00000000000000..ebcc1176c0a0a6 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_loong64.s +@@ -0,0 +1,60 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2026 The Ebitengine Authors ++ ++//go:build !cgo && linux ++ ++#include "textflag.h" ++ ++TEXT _cgo_purego_setegid_trampoline(SB), NOSPLIT, $8 ++ MOVV ·x_cgo_purego_setegid_call(SB), R23 ++ MOVV (R23), R23 ++ CALL (R23) ++ RET ++ ++TEXT _cgo_purego_seteuid_trampoline(SB), NOSPLIT, $8 ++ MOVV ·x_cgo_purego_seteuid_call(SB), R23 ++ MOVV (R23), R23 ++ CALL (R23) ++ RET ++ ++TEXT _cgo_purego_setgid_trampoline(SB), NOSPLIT, $8 ++ MOVV ·x_cgo_purego_setgid_call(SB), R23 ++ MOVV (R23), R23 ++ CALL (R23) ++ RET ++ ++TEXT _cgo_purego_setregid_trampoline(SB), NOSPLIT, $8 ++ MOVV ·x_cgo_purego_setregid_call(SB), R23 ++ MOVV (R23), R23 ++ CALL (R23) ++ RET ++ ++TEXT _cgo_purego_setresgid_trampoline(SB), NOSPLIT, $8 ++ MOVV ·x_cgo_purego_setresgid_call(SB), R23 ++ MOVV (R23), R23 ++ CALL (R23) ++ RET ++ ++TEXT _cgo_purego_setresuid_trampoline(SB), NOSPLIT, $8 ++ MOVV ·x_cgo_purego_setresuid_call(SB), R23 ++ MOVV (R23), R23 ++ CALL (R23) ++ RET ++ ++TEXT _cgo_purego_setreuid_trampoline(SB), NOSPLIT, $8 ++ MOVV ·x_cgo_purego_setreuid_call(SB), R23 ++ MOVV (R23), R23 ++ CALL (R23) ++ RET ++ ++TEXT _cgo_purego_setuid_trampoline(SB), NOSPLIT, $8 ++ MOVV ·x_cgo_purego_setuid_call(SB), R23 ++ MOVV (R23), R23 ++ CALL (R23) ++ RET ++ ++TEXT _cgo_purego_setgroups_trampoline(SB), NOSPLIT, $8 ++ MOVV ·x_cgo_purego_setgroups_call(SB), R23 ++ MOVV (R23), R23 ++ CALL (R23) ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_ppc64le.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_ppc64le.s +new file mode 100644 +index 00000000000000..59a95a929fb5c2 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_ppc64le.s +@@ -0,0 +1,69 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2026 The Ebitengine Authors ++ ++//go:build !cgo && linux ++ ++#include "textflag.h" ++ ++TEXT _cgo_purego_setegid_trampoline(SB), NOSPLIT, $8-0 ++ MOVD ·x_cgo_purego_setegid_call(SB), R12 ++ MOVD (R12), R12 ++ MOVD R12, CTR ++ CALL CTR ++ RET ++ ++TEXT _cgo_purego_seteuid_trampoline(SB), NOSPLIT, $8-0 ++ MOVD ·x_cgo_purego_seteuid_call(SB), R12 ++ MOVD (R12), R12 ++ MOVD R12, CTR ++ CALL CTR ++ RET ++ ++TEXT _cgo_purego_setgid_trampoline(SB), NOSPLIT, $8-0 ++ MOVD ·x_cgo_purego_setgid_call(SB), R12 ++ MOVD (R12), R12 ++ MOVD R12, CTR ++ CALL CTR ++ RET ++ ++TEXT _cgo_purego_setregid_trampoline(SB), NOSPLIT, $8-0 ++ MOVD ·x_cgo_purego_setregid_call(SB), R12 ++ MOVD (R12), R12 ++ MOVD R12, CTR ++ CALL CTR ++ RET ++ ++TEXT _cgo_purego_setresgid_trampoline(SB), NOSPLIT, $8-0 ++ MOVD ·x_cgo_purego_setresgid_call(SB), R12 ++ MOVD (R12), R12 ++ MOVD R12, CTR ++ CALL CTR ++ RET ++ ++TEXT _cgo_purego_setresuid_trampoline(SB), NOSPLIT, $8-0 ++ MOVD ·x_cgo_purego_setresuid_call(SB), R12 ++ MOVD (R12), R12 ++ MOVD R12, CTR ++ CALL CTR ++ RET ++ ++TEXT _cgo_purego_setreuid_trampoline(SB), NOSPLIT, $8-0 ++ MOVD ·x_cgo_purego_setreuid_call(SB), R12 ++ MOVD (R12), R12 ++ MOVD R12, CTR ++ CALL CTR ++ RET ++ ++TEXT _cgo_purego_setuid_trampoline(SB), NOSPLIT, $8-0 ++ MOVD ·x_cgo_purego_setuid_call(SB), R12 ++ MOVD (R12), R12 ++ MOVD R12, CTR ++ CALL CTR ++ RET ++ ++TEXT _cgo_purego_setgroups_trampoline(SB), NOSPLIT, $8-0 ++ MOVD ·x_cgo_purego_setgroups_call(SB), R12 ++ MOVD (R12), R12 ++ MOVD R12, CTR ++ CALL CTR ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_riscv64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_riscv64.s +new file mode 100644 +index 00000000000000..9e892dbd2daf71 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_riscv64.s +@@ -0,0 +1,60 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2026 The Ebitengine Authors ++ ++//go:build !cgo && linux ++ ++#include "textflag.h" ++ ++TEXT _cgo_purego_setegid_trampoline(SB), NOSPLIT, $8 ++ MOV ·x_cgo_purego_setegid_call(SB), X5 ++ MOV (X5), X5 ++ CALL X5 ++ RET ++ ++TEXT _cgo_purego_seteuid_trampoline(SB), NOSPLIT, $8 ++ MOV ·x_cgo_purego_seteuid_call(SB), X5 ++ MOV (X5), X5 ++ CALL X5 ++ RET ++ ++TEXT _cgo_purego_setgid_trampoline(SB), NOSPLIT, $8 ++ MOV ·x_cgo_purego_setgid_call(SB), X5 ++ MOV (X5), X5 ++ CALL X5 ++ RET ++ ++TEXT _cgo_purego_setregid_trampoline(SB), NOSPLIT, $8 ++ MOV ·x_cgo_purego_setregid_call(SB), X5 ++ MOV (X5), X5 ++ CALL X5 ++ RET ++ ++TEXT _cgo_purego_setresgid_trampoline(SB), NOSPLIT, $8 ++ MOV ·x_cgo_purego_setresgid_call(SB), X5 ++ MOV (X5), X5 ++ CALL X5 ++ RET ++ ++TEXT _cgo_purego_setresuid_trampoline(SB), NOSPLIT, $8 ++ MOV ·x_cgo_purego_setresuid_call(SB), X5 ++ MOV (X5), X5 ++ CALL X5 ++ RET ++ ++TEXT _cgo_purego_setreuid_trampoline(SB), NOSPLIT, $8 ++ MOV ·x_cgo_purego_setreuid_call(SB), X5 ++ MOV (X5), X5 ++ CALL X5 ++ RET ++ ++TEXT _cgo_purego_setuid_trampoline(SB), NOSPLIT, $8 ++ MOV ·x_cgo_purego_setuid_call(SB), X5 ++ MOV (X5), X5 ++ CALL X5 ++ RET ++ ++TEXT _cgo_purego_setgroups_trampoline(SB), NOSPLIT, $8 ++ MOV ·x_cgo_purego_setgroups_call(SB), X5 ++ MOV (X5), X5 ++ CALL X5 ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_s390x.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_s390x.s +new file mode 100644 +index 00000000000000..ce4247c989f4c1 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_s390x.s +@@ -0,0 +1,53 @@ ++// Code generated by 'go generate' with gen.go. DO NOT EDIT. ++ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2022 The Ebitengine Authors ++ ++//go:build go1.27 && !cgo ++ ++#include "textflag.h" ++ ++TEXT _cgo_purego_setegid_trampoline(SB), NOSPLIT|NOFRAME, $0 ++ MOVD ·x_cgo_purego_setegid_call(SB), R1 ++ MOVD (R1), R1 ++ BR R1 ++ ++TEXT _cgo_purego_seteuid_trampoline(SB), NOSPLIT|NOFRAME, $0 ++ MOVD ·x_cgo_purego_seteuid_call(SB), R1 ++ MOVD (R1), R1 ++ BR R1 ++ ++TEXT _cgo_purego_setgid_trampoline(SB), NOSPLIT|NOFRAME, $0 ++ MOVD ·x_cgo_purego_setgid_call(SB), R1 ++ MOVD (R1), R1 ++ BR R1 ++ ++TEXT _cgo_purego_setregid_trampoline(SB), NOSPLIT|NOFRAME, $0 ++ MOVD ·x_cgo_purego_setregid_call(SB), R1 ++ MOVD (R1), R1 ++ BR R1 ++ ++TEXT _cgo_purego_setresgid_trampoline(SB), NOSPLIT|NOFRAME, $0 ++ MOVD ·x_cgo_purego_setresgid_call(SB), R1 ++ MOVD (R1), R1 ++ BR R1 ++ ++TEXT _cgo_purego_setresuid_trampoline(SB), NOSPLIT|NOFRAME, $0 ++ MOVD ·x_cgo_purego_setresuid_call(SB), R1 ++ MOVD (R1), R1 ++ BR R1 ++ ++TEXT _cgo_purego_setreuid_trampoline(SB), NOSPLIT|NOFRAME, $0 ++ MOVD ·x_cgo_purego_setreuid_call(SB), R1 ++ MOVD (R1), R1 ++ BR R1 ++ ++TEXT _cgo_purego_setuid_trampoline(SB), NOSPLIT|NOFRAME, $0 ++ MOVD ·x_cgo_purego_setuid_call(SB), R1 ++ MOVD (R1), R1 ++ BR R1 ++ ++TEXT _cgo_purego_setgroups_trampoline(SB), NOSPLIT|NOFRAME, $0 ++ MOVD ·x_cgo_purego_setgroups_call(SB), R1 ++ MOVD (R1), R1 ++ BR R1 +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_loong64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_loong64.s +new file mode 100644 +index 00000000000000..b93b5da90a8333 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_loong64.s +@@ -0,0 +1,78 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2025 The Ebitengine Authors ++ ++//go:build !cgo && (darwin || freebsd || linux) ++ ++#include "textflag.h" ++#include "go_asm.h" ++#include "abi_loong64.h" ++ ++// these trampolines map the gcc ABI to Go ABI and then calls into the Go equivalent functions. ++// R23 is used as temporary register. ++ ++TEXT x_cgo_init_trampoline(SB), NOSPLIT, $16 ++ MOVV ·x_cgo_init_call(SB), R23 ++ MOVV (R23), R23 ++ CALL (R23) ++ RET ++ ++TEXT x_cgo_thread_start_trampoline(SB), NOSPLIT, $8 ++ MOVV ·x_cgo_thread_start_call(SB), R23 ++ MOVV (R23), R23 ++ CALL (R23) ++ RET ++ ++TEXT x_cgo_setenv_trampoline(SB), NOSPLIT, $8 ++ MOVV ·x_cgo_setenv_call(SB), R23 ++ MOVV (R23), R23 ++ CALL (R23) ++ RET ++ ++TEXT x_cgo_unsetenv_trampoline(SB), NOSPLIT, $8 ++ MOVV ·x_cgo_unsetenv_call(SB), R23 ++ MOVV (R23), R23 ++ CALL (R23) ++ RET ++ ++TEXT x_cgo_notify_runtime_init_done_trampoline(SB), NOSPLIT, $0 ++ CALL ·x_cgo_notify_runtime_init_done(SB) ++ RET ++ ++TEXT x_cgo_bindm_trampoline(SB), NOSPLIT, $0 ++ CALL ·x_cgo_bindm(SB) ++ RET ++ ++// func setg_trampoline(setg uintptr, g uintptr) ++TEXT ·setg_trampoline(SB), NOSPLIT, $0 ++ MOVV G+8(FP), R4 ++ MOVV setg+0(FP), R23 ++ CALL (R23) ++ RET ++ ++TEXT threadentry_trampoline(SB), NOSPLIT, $176 ++ // See crosscall2. ++ MOVV R4, (1*8)(R3) // fn unsafe.Pointer ++ MOVV R5, (2*8)(R3) // a unsafe.Pointer ++ MOVV R7, (3*8)(R3) // ctxt uintptr ++ ++ SAVE_R22_TO_R31((4*8)) ++ SAVE_F24_TO_F31((14*8)) ++ ++ MOVV ·threadentry_call(SB), R23 ++ MOVV (R23), R23 ++ CALL (R23) ++ ++ RESTORE_R22_TO_R31((4*8)) ++ RESTORE_F24_TO_F31((14*8)) ++ RET ++ ++TEXT ·call5(SB), NOSPLIT, $0-0 ++ MOVV fn+0(FP), R23 ++ MOVV a1+8(FP), R4 ++ MOVV a2+16(FP), R5 ++ MOVV a3+24(FP), R6 ++ MOVV a4+32(FP), R7 ++ MOVV a5+40(FP), R8 ++ CALL (R23) ++ MOVV R4, ret+48(FP) ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_ppc64le.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_ppc64le.s +new file mode 100644 +index 00000000000000..444529d8ae820b +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_ppc64le.s +@@ -0,0 +1,128 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2026 The Ebitengine Authors ++ ++//go:build !cgo && (darwin || freebsd || linux) ++ ++#include "textflag.h" ++#include "go_asm.h" ++#include "abi_ppc64x.h" ++ ++// These trampolines map the C ABI to Go ABI and call into the Go equivalent functions. ++ ++TEXT x_cgo_init_trampoline(SB), NOSPLIT, $0-0 ++ MOVD ·x_cgo_init_call(SB), R12 ++ MOVD (R12), R12 ++ MOVD R12, CTR ++ CALL CTR ++ RET ++ ++TEXT x_cgo_thread_start_trampoline(SB), NOSPLIT, $0-0 ++ MOVD ·x_cgo_thread_start_call(SB), R12 ++ MOVD (R12), R12 ++ MOVD R12, CTR ++ CALL CTR ++ RET ++ ++TEXT x_cgo_setenv_trampoline(SB), NOSPLIT, $0-0 ++ MOVD ·x_cgo_setenv_call(SB), R12 ++ MOVD (R12), R12 ++ MOVD R12, CTR ++ CALL CTR ++ RET ++ ++TEXT x_cgo_unsetenv_trampoline(SB), NOSPLIT, $0-0 ++ MOVD ·x_cgo_unsetenv_call(SB), R12 ++ MOVD (R12), R12 ++ MOVD R12, CTR ++ CALL CTR ++ RET ++ ++TEXT x_cgo_notify_runtime_init_done_trampoline(SB), NOSPLIT, $0-0 ++ CALL ·x_cgo_notify_runtime_init_done(SB) ++ RET ++ ++TEXT x_cgo_bindm_trampoline(SB), NOSPLIT, $0-0 ++ CALL ·x_cgo_bindm(SB) ++ RET ++ ++// func setg_trampoline(setg uintptr, g uintptr) ++TEXT ·setg_trampoline(SB), NOSPLIT, $16-16 ++ MOVD R31, 8(R1) // save R31 (load_g clobbers it) ++ ++ MOVD setg+0(FP), R12 ++ MOVD newg+8(FP), R3 ++ ++ MOVD R12, CTR ++ CALL CTR ++ ++ CALL runtime·load_g(SB) ++ ++ MOVD 8(R1), R31 ++ XOR R0, R0, R0 ++ RET ++ ++TEXT threadentry_trampoline(SB), NOSPLIT|NOFRAME, $0-0 ++ // Called from C (pthread_create). Must save all C callee-saved registers. ++ // Uses NOFRAME for proper ELFv2 backchain via MOVDU. ++ MOVD LR, R0 ++ MOVD R0, 16(R1) ++ MOVW CR, R0 ++ MOVD R0, 8(R1) ++ ++ MOVDU R1, -320(R1) ++ ++ SAVE_GPR(32) ++ SAVE_FPR(32+SAVE_GPR_SIZE) ++ ++ MOVD $0, R0 ++ ++ MOVD ·threadentry_call(SB), R12 ++ MOVD (R12), R12 ++ MOVD R12, CTR ++ CALL CTR ++ ++ RESTORE_FPR(32+SAVE_GPR_SIZE) ++ RESTORE_GPR(32) ++ ++ ADD $320, R1 ++ ++ MOVD 16(R1), R0 ++ MOVD R0, LR ++ MOVD 8(R1), R0 ++ MOVW R0, CR ++ RET ++ ++TEXT ·call5(SB), NOSPLIT|NOFRAME, $0-56 ++ MOVD LR, R20 ++ MOVW CR, R21 ++ ++ // Load arguments from Go stack into C argument registers ++ // Go placed args at 32(R1), 40(R1), etc. ++ MOVD 32(R1), R12 // fn ++ MOVD 40(R1), R3 // a1 → first C arg ++ MOVD 48(R1), R4 // a2 → second C arg ++ MOVD 56(R1), R5 // a3 → third C arg ++ MOVD 64(R1), R6 // a4 → fourth C arg ++ MOVD 72(R1), R7 // a5 → fifth C arg ++ ++ MOVDU R1, -32(R1) ++ ++ MOVD R12, CTR ++ CALL CTR ++ ++ // Store return value ++ // After MOVDU -32, original 80(R1) is now at 80+32=112(R1) ++ MOVD R3, (80+32)(R1) ++ ++ // Deallocate frame ++ ADD $32, R1 ++ ++ // Clear R0 before returning to Go code. ++ // Go uses R0 as a constant 0 register for things like "std r0,X(r1)" ++ // to zero stack locations. C functions may leave garbage in R0. ++ XOR R0, R0, R0 ++ ++ // Restore LR/CR from non-volatile registers ++ MOVD R20, LR ++ MOVW R21, CR ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_riscv64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_riscv64.s +new file mode 100644 +index 00000000000000..b162fdde234629 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_riscv64.s +@@ -0,0 +1,76 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2026 The Ebitengine Authors ++ ++//go:build !cgo && (darwin || freebsd || linux) ++ ++#include "textflag.h" ++#include "go_asm.h" ++#include "abi_riscv64.h" ++ ++// these trampolines map the gcc ABI to Go ABI and then calls into the Go equivalent functions. ++// X5 is used as temporary register. ++ ++TEXT x_cgo_init_trampoline(SB), NOSPLIT, $16 ++ MOV ·x_cgo_init_call(SB), X5 ++ MOV (X5), X5 ++ CALL X5 ++ RET ++ ++TEXT x_cgo_thread_start_trampoline(SB), NOSPLIT, $8 ++ MOV ·x_cgo_thread_start_call(SB), X5 ++ MOV (X5), X5 ++ CALL X5 ++ RET ++ ++TEXT x_cgo_setenv_trampoline(SB), NOSPLIT, $8 ++ MOV ·x_cgo_setenv_call(SB), X5 ++ MOV (X5), X5 ++ CALL X5 ++ RET ++ ++TEXT x_cgo_unsetenv_trampoline(SB), NOSPLIT, $8 ++ MOV ·x_cgo_unsetenv_call(SB), X5 ++ MOV (X5), X5 ++ CALL X5 ++ RET ++ ++TEXT x_cgo_notify_runtime_init_done_trampoline(SB), NOSPLIT, $0 ++ CALL ·x_cgo_notify_runtime_init_done(SB) ++ RET ++ ++TEXT x_cgo_bindm_trampoline(SB), NOSPLIT, $0 ++ CALL ·x_cgo_bindm(SB) ++ RET ++ ++// func setg_trampoline(setg uintptr, g uintptr) ++TEXT ·setg_trampoline(SB), NOSPLIT, $0 ++ MOV gp+8(FP), X10 ++ MOV setg+0(FP), X5 ++ CALL X5 ++ RET ++ ++TEXT threadentry_trampoline(SB), NOSPLIT, $200 ++ MOV X10, 8(SP) ++ ++ SAVE_GPR(8*2) ++ SAVE_FPR(8*14) ++ ++ MOV ·threadentry_call(SB), X5 ++ MOV (X5), X5 ++ CALL X5 ++ ++ RESTORE_GPR(8*2) ++ RESTORE_FPR(8*14) ++ ++ RET ++ ++TEXT ·call5(SB), NOSPLIT, $0-48 ++ MOV fn+0(FP), X5 ++ MOV a1+8(FP), X10 ++ MOV a2+16(FP), X11 ++ MOV a3+24(FP), X12 ++ MOV a4+32(FP), X13 ++ MOV a5+40(FP), X14 ++ CALL X5 ++ MOV X10, ret+48(FP) ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_s390x.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_s390x.s +new file mode 100644 +index 00000000000000..2b68d438e4ec1d +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_s390x.s +@@ -0,0 +1,154 @@ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2026 The Ebitengine Authors ++ ++//go:build go1.27 && !cgo && linux ++ ++#include "textflag.h" ++#include "go_asm.h" ++ ++// these trampolines map the gcc ABI to Go ABI and then calls into the Go equivalent functions. ++// Note that C arguments are passed in R2-R6, which matches Go ABIInternal for the first five arguments. ++// R1 is used as a temporary register. ++ ++TEXT x_cgo_init_trampoline(SB), NOSPLIT|NOFRAME, $0-0 ++ MOVD R15, R1 ++ SUB $192, R15 ++ MOVD R1, 0(R15) // backchain ++ MOVD R14, 160(R15) // save R14 ++ MOVD R9, 168(R15) // save R9 (Go runtime needs this preserved) ++ ++ MOVD ·x_cgo_init_call(SB), R1 ++ MOVD (R1), R1 ++ BL R1 ++ ++ MOVD 168(R15), R9 ++ MOVD 160(R15), R14 ++ ADD $192, R15 ++ BR R14 ++ ++TEXT x_cgo_thread_start_trampoline(SB), NOSPLIT|NOFRAME, $0-0 ++ MOVD R15, R1 ++ SUB $176, R15 ++ MOVD R1, 0(R15) // backchain ++ MOVD R14, 152(R15) // save R14 ++ ++ MOVD ·x_cgo_thread_start_call(SB), R1 ++ MOVD (R1), R1 ++ BL R1 ++ ++ MOVD 152(R15), R14 ++ ADD $176, R15 ++ BR R14 ++ ++TEXT x_cgo_setenv_trampoline(SB), NOSPLIT|NOFRAME, $0-0 ++ MOVD R15, R1 ++ SUB $176, R15 ++ MOVD R1, 0(R15) // backchain ++ MOVD R14, 152(R15) // save R14 ++ ++ MOVD ·x_cgo_setenv_call(SB), R1 ++ MOVD (R1), R1 ++ BL R1 ++ ++ MOVD 152(R15), R14 ++ ADD $176, R15 ++ BR R14 ++ ++TEXT x_cgo_unsetenv_trampoline(SB), NOSPLIT|NOFRAME, $0-0 ++ MOVD R15, R1 ++ SUB $176, R15 ++ MOVD R1, 0(R15) // backchain ++ MOVD R14, 152(R15) // save R14 ++ ++ MOVD ·x_cgo_unsetenv_call(SB), R1 ++ MOVD (R1), R1 ++ BL R1 ++ ++ MOVD 152(R15), R14 ++ ADD $176, R15 ++ BR R14 ++ ++// These just tail-call into Go functions ++TEXT x_cgo_notify_runtime_init_done_trampoline(SB), NOSPLIT|NOFRAME, $0-0 ++ BR ·x_cgo_notify_runtime_init_done(SB) ++ ++TEXT x_cgo_bindm_trampoline(SB), NOSPLIT|NOFRAME, $0-0 ++ BR ·x_cgo_bindm(SB) ++ ++// setg_trampoline(setg uintptr, g uintptr) - called from Go ++TEXT ·setg_trampoline(SB), NOSPLIT|NOFRAME, $0-16 ++ MOVD 8(R15), R1 // setg function pointer ++ MOVD 16(R15), R2 // g pointer -> C arg ++ ++ MOVD R14, R0 ++ MOVD R15, R3 ++ SUB $160, R15 ++ MOVD R3, 0(R15) ++ MOVD R0, 112(R15) ++ ++ BL R1 // call setg_gcc ++ BL runtime·load_g(SB) ++ ++ MOVD 112(R15), R14 ++ ADD $160, R15 ++ BR R14 ++ ++TEXT threadentry_trampoline(SB), NOSPLIT|NOFRAME, $0-0 ++ STMG R6, R15, 48(R15) // C save area ++ MOVD R15, R1 ++ SUB $176, R15 ++ MOVD R1, 0(R15) // backchain ++ ++ MOVD ·threadentry_call(SB), R1 ++ MOVD (R1), R1 ++ BL R1 ++ ++ ADD $176, R15 ++ LMG 48(R15), R6, R15 ++ RET ++ ++TEXT ·call5(SB), NOSPLIT|NOFRAME, $0-56 ++ // Load Go args before modifying R15 ++ MOVD 8(R15), R1 // fn ++ MOVD 16(R15), R7 // a1 ++ MOVD 24(R15), R8 // a2 ++ MOVD 32(R15), R9 // a3 ++ MOVD 40(R15), R10 // a4 ++ MOVD 48(R15), R11 // a5 ++ ++ // Save state ++ MOVD R15, R0 // original R15 ++ MOVD R12, R6 // Go's R12 ++ ADD $-128, R15 ++ ++ // Set up C frame with backchain ++ MOVD R0, 0(R15) // backchain -> original R15 ++ MOVD R0, R3 // R3 = original R15 (can't use R0 as base!) ++ MOVD 0(R3), R7 // save 0(original R15) ++ MOVD $0, 0(R3) // terminate backchain ++ ++ // Save context ++ MOVD R14, 8(R15) ++ MOVD R6, 16(R15) // R12 ++ MOVD R0, 24(R15) // original R15 ++ MOVD R7, 32(R15) // saved backchain ++ ++ // Set up C args (reload a1 since R7 was clobbered) ++ MOVD 16(R3), R2 // a1 (use R3 as base, not R0!) ++ MOVD R8, R3 // a2 ++ MOVD R9, R4 // a3 ++ MOVD R10, R5 // a4 ++ MOVD R11, R6 // a5 ++ ++ BL R1 ++ ++ // Store result and restore ++ MOVD 24(R15), R3 // original R15 ++ MOVD R2, 56(R3) // return value ++ MOVD 32(R15), R7 ++ MOVD R7, 0(R3) // restore backchain ++ ++ MOVD 8(R15), R14 ++ MOVD 16(R15), R12 ++ MOVD 24(R15), R15 ++ BR R14 +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols.go +new file mode 100644 +index 00000000000000..e1339193b9764d +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols.go +@@ -0,0 +1,165 @@ ++// Code generated by 'go generate' with gen.go. DO NOT EDIT. ++ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2022 The Ebitengine Authors ++ ++//go:build !cgo && (darwin || freebsd || linux) ++ ++package fakecgo ++ ++import ( ++ "syscall" ++ "unsafe" ++) ++ ++//go:nosplit ++//go:norace ++func malloc(size uintptr) unsafe.Pointer { ++ ret := call5(mallocABI0, uintptr(size), 0, 0, 0, 0) ++ // this indirection is to avoid go vet complaining about possible misuse of unsafe.Pointer ++ return *(*unsafe.Pointer)(unsafe.Pointer(&ret)) ++} ++ ++//go:nosplit ++//go:norace ++func free(ptr unsafe.Pointer) { ++ call5(freeABI0, uintptr(ptr), 0, 0, 0, 0) ++} ++ ++//go:nosplit ++//go:norace ++func setenv(name *byte, value *byte, overwrite int32) int32 { ++ return int32(call5(setenvABI0, uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(value)), uintptr(overwrite), 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func unsetenv(name *byte) int32 { ++ return int32(call5(unsetenvABI0, uintptr(unsafe.Pointer(name)), 0, 0, 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func sigfillset(set *sigset_t) int32 { ++ return int32(call5(sigfillsetABI0, uintptr(unsafe.Pointer(set)), 0, 0, 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func nanosleep(ts *syscall.Timespec, rem *syscall.Timespec) int32 { ++ return int32(call5(nanosleepABI0, uintptr(unsafe.Pointer(ts)), uintptr(unsafe.Pointer(rem)), 0, 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func abort() { ++ call5(abortABI0, 0, 0, 0, 0, 0) ++} ++ ++//go:nosplit ++//go:norace ++func pthread_attr_init(attr *pthread_attr_t) int32 { ++ return int32(call5(pthread_attr_initABI0, uintptr(unsafe.Pointer(attr)), 0, 0, 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func pthread_create(thread *pthread_t, attr *pthread_attr_t, start unsafe.Pointer, arg unsafe.Pointer) int32 { ++ return int32(call5(pthread_createABI0, uintptr(unsafe.Pointer(thread)), uintptr(unsafe.Pointer(attr)), uintptr(start), uintptr(arg), 0)) ++} ++ ++//go:nosplit ++//go:norace ++func pthread_detach(thread pthread_t) int32 { ++ return int32(call5(pthread_detachABI0, uintptr(thread), 0, 0, 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func pthread_sigmask(how sighow, ign *sigset_t, oset *sigset_t) int32 { ++ return int32(call5(pthread_sigmaskABI0, uintptr(how), uintptr(unsafe.Pointer(ign)), uintptr(unsafe.Pointer(oset)), 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func pthread_mutex_lock(mutex *pthread_mutex_t) int32 { ++ return int32(call5(pthread_mutex_lockABI0, uintptr(unsafe.Pointer(mutex)), 0, 0, 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func pthread_mutex_unlock(mutex *pthread_mutex_t) int32 { ++ return int32(call5(pthread_mutex_unlockABI0, uintptr(unsafe.Pointer(mutex)), 0, 0, 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func pthread_cond_broadcast(cond *pthread_cond_t) int32 { ++ return int32(call5(pthread_cond_broadcastABI0, uintptr(unsafe.Pointer(cond)), 0, 0, 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func pthread_setspecific(key pthread_key_t, value unsafe.Pointer) int32 { ++ return int32(call5(pthread_setspecificABI0, uintptr(key), uintptr(value), 0, 0, 0)) ++} ++ ++//go:linkname _malloc _malloc ++var _malloc uint8 ++var mallocABI0 = uintptr(unsafe.Pointer(&_malloc)) ++ ++//go:linkname _free _free ++var _free uint8 ++var freeABI0 = uintptr(unsafe.Pointer(&_free)) ++ ++//go:linkname _setenv _setenv ++var _setenv uint8 ++var setenvABI0 = uintptr(unsafe.Pointer(&_setenv)) ++ ++//go:linkname _unsetenv _unsetenv ++var _unsetenv uint8 ++var unsetenvABI0 = uintptr(unsafe.Pointer(&_unsetenv)) ++ ++//go:linkname _sigfillset _sigfillset ++var _sigfillset uint8 ++var sigfillsetABI0 = uintptr(unsafe.Pointer(&_sigfillset)) ++ ++//go:linkname _nanosleep _nanosleep ++var _nanosleep uint8 ++var nanosleepABI0 = uintptr(unsafe.Pointer(&_nanosleep)) ++ ++//go:linkname _abort _abort ++var _abort uint8 ++var abortABI0 = uintptr(unsafe.Pointer(&_abort)) ++ ++//go:linkname _pthread_attr_init _pthread_attr_init ++var _pthread_attr_init uint8 ++var pthread_attr_initABI0 = uintptr(unsafe.Pointer(&_pthread_attr_init)) ++ ++//go:linkname _pthread_create _pthread_create ++var _pthread_create uint8 ++var pthread_createABI0 = uintptr(unsafe.Pointer(&_pthread_create)) ++ ++//go:linkname _pthread_detach _pthread_detach ++var _pthread_detach uint8 ++var pthread_detachABI0 = uintptr(unsafe.Pointer(&_pthread_detach)) ++ ++//go:linkname _pthread_sigmask _pthread_sigmask ++var _pthread_sigmask uint8 ++var pthread_sigmaskABI0 = uintptr(unsafe.Pointer(&_pthread_sigmask)) ++ ++//go:linkname _pthread_mutex_lock _pthread_mutex_lock ++var _pthread_mutex_lock uint8 ++var pthread_mutex_lockABI0 = uintptr(unsafe.Pointer(&_pthread_mutex_lock)) ++ ++//go:linkname _pthread_mutex_unlock _pthread_mutex_unlock ++var _pthread_mutex_unlock uint8 ++var pthread_mutex_unlockABI0 = uintptr(unsafe.Pointer(&_pthread_mutex_unlock)) ++ ++//go:linkname _pthread_cond_broadcast _pthread_cond_broadcast ++var _pthread_cond_broadcast uint8 ++var pthread_cond_broadcastABI0 = uintptr(unsafe.Pointer(&_pthread_cond_broadcast)) ++ ++//go:linkname _pthread_setspecific _pthread_setspecific ++var _pthread_setspecific uint8 ++var pthread_setspecificABI0 = uintptr(unsafe.Pointer(&_pthread_setspecific)) +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_darwin.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_darwin.go +new file mode 100644 +index 00000000000000..960f8168eb88d7 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_darwin.go +@@ -0,0 +1,59 @@ ++// Code generated by 'go generate' with gen.go. DO NOT EDIT. ++ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2022 The Ebitengine Authors ++ ++//go:build !cgo ++ ++package fakecgo ++ ++import "unsafe" ++ ++//go:cgo_import_dynamic purego_malloc malloc "/usr/lib/libSystem.B.dylib" ++//go:cgo_import_dynamic purego_free free "/usr/lib/libSystem.B.dylib" ++//go:cgo_import_dynamic purego_setenv setenv "/usr/lib/libSystem.B.dylib" ++//go:cgo_import_dynamic purego_unsetenv unsetenv "/usr/lib/libSystem.B.dylib" ++//go:cgo_import_dynamic purego_sigfillset sigfillset "/usr/lib/libSystem.B.dylib" ++//go:cgo_import_dynamic purego_nanosleep nanosleep "/usr/lib/libSystem.B.dylib" ++//go:cgo_import_dynamic purego_abort abort "/usr/lib/libSystem.B.dylib" ++//go:cgo_import_dynamic purego_pthread_attr_init pthread_attr_init "/usr/lib/libSystem.B.dylib" ++//go:cgo_import_dynamic purego_pthread_create pthread_create "/usr/lib/libSystem.B.dylib" ++//go:cgo_import_dynamic purego_pthread_detach pthread_detach "/usr/lib/libSystem.B.dylib" ++//go:cgo_import_dynamic purego_pthread_sigmask pthread_sigmask "/usr/lib/libSystem.B.dylib" ++//go:cgo_import_dynamic purego_pthread_mutex_lock pthread_mutex_lock "/usr/lib/libSystem.B.dylib" ++//go:cgo_import_dynamic purego_pthread_mutex_unlock pthread_mutex_unlock "/usr/lib/libSystem.B.dylib" ++//go:cgo_import_dynamic purego_pthread_cond_broadcast pthread_cond_broadcast "/usr/lib/libSystem.B.dylib" ++//go:cgo_import_dynamic purego_pthread_setspecific pthread_setspecific "/usr/lib/libSystem.B.dylib" ++//go:cgo_import_dynamic purego_pthread_self pthread_self "/usr/lib/libSystem.B.dylib" ++//go:cgo_import_dynamic purego_pthread_get_stacksize_np pthread_get_stacksize_np "/usr/lib/libSystem.B.dylib" ++//go:cgo_import_dynamic purego_pthread_attr_setstacksize pthread_attr_setstacksize "/usr/lib/libSystem.B.dylib" ++ ++//go:nosplit ++//go:norace ++func pthread_self() pthread_t { ++ return pthread_t(call5(pthread_selfABI0, 0, 0, 0, 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func pthread_get_stacksize_np(thread pthread_t) size_t { ++ return size_t(call5(pthread_get_stacksize_npABI0, uintptr(thread), 0, 0, 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func pthread_attr_setstacksize(attr *pthread_attr_t, size size_t) int32 { ++ return int32(call5(pthread_attr_setstacksizeABI0, uintptr(unsafe.Pointer(attr)), uintptr(size), 0, 0, 0)) ++} ++ ++//go:linkname _pthread_self _pthread_self ++var _pthread_self uint8 ++var pthread_selfABI0 = uintptr(unsafe.Pointer(&_pthread_self)) ++ ++//go:linkname _pthread_get_stacksize_np _pthread_get_stacksize_np ++var _pthread_get_stacksize_np uint8 ++var pthread_get_stacksize_npABI0 = uintptr(unsafe.Pointer(&_pthread_get_stacksize_np)) ++ ++//go:linkname _pthread_attr_setstacksize _pthread_attr_setstacksize ++var _pthread_attr_setstacksize uint8 ++var pthread_attr_setstacksizeABI0 = uintptr(unsafe.Pointer(&_pthread_attr_setstacksize)) +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_freebsd.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_freebsd.go +new file mode 100644 +index 00000000000000..d69775596fddf3 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_freebsd.go +@@ -0,0 +1,48 @@ ++// Code generated by 'go generate' with gen.go. DO NOT EDIT. ++ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2022 The Ebitengine Authors ++ ++//go:build !cgo ++ ++package fakecgo ++ ++import "unsafe" ++ ++//go:cgo_import_dynamic purego_malloc malloc "libc.so.7" ++//go:cgo_import_dynamic purego_free free "libc.so.7" ++//go:cgo_import_dynamic purego_setenv setenv "libc.so.7" ++//go:cgo_import_dynamic purego_unsetenv unsetenv "libc.so.7" ++//go:cgo_import_dynamic purego_sigfillset sigfillset "libc.so.7" ++//go:cgo_import_dynamic purego_nanosleep nanosleep "libc.so.7" ++//go:cgo_import_dynamic purego_abort abort "libc.so.7" ++//go:cgo_import_dynamic purego_pthread_attr_init pthread_attr_init "libpthread.so" ++//go:cgo_import_dynamic purego_pthread_create pthread_create "libpthread.so" ++//go:cgo_import_dynamic purego_pthread_detach pthread_detach "libpthread.so" ++//go:cgo_import_dynamic purego_pthread_sigmask pthread_sigmask "libpthread.so" ++//go:cgo_import_dynamic purego_pthread_mutex_lock pthread_mutex_lock "libpthread.so" ++//go:cgo_import_dynamic purego_pthread_mutex_unlock pthread_mutex_unlock "libpthread.so" ++//go:cgo_import_dynamic purego_pthread_cond_broadcast pthread_cond_broadcast "libpthread.so" ++//go:cgo_import_dynamic purego_pthread_setspecific pthread_setspecific "libpthread.so" ++//go:cgo_import_dynamic purego_pthread_attr_getstacksize pthread_attr_getstacksize "libpthread.so" ++//go:cgo_import_dynamic purego_pthread_attr_destroy pthread_attr_destroy "libpthread.so" ++ ++//go:nosplit ++//go:norace ++func pthread_attr_getstacksize(attr *pthread_attr_t, stacksize *size_t) int32 { ++ return int32(call5(pthread_attr_getstacksizeABI0, uintptr(unsafe.Pointer(attr)), uintptr(unsafe.Pointer(stacksize)), 0, 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func pthread_attr_destroy(attr *pthread_attr_t) int32 { ++ return int32(call5(pthread_attr_destroyABI0, uintptr(unsafe.Pointer(attr)), 0, 0, 0, 0)) ++} ++ ++//go:linkname _pthread_attr_getstacksize _pthread_attr_getstacksize ++var _pthread_attr_getstacksize uint8 ++var pthread_attr_getstacksizeABI0 = uintptr(unsafe.Pointer(&_pthread_attr_getstacksize)) ++ ++//go:linkname _pthread_attr_destroy _pthread_attr_destroy ++var _pthread_attr_destroy uint8 ++var pthread_attr_destroyABI0 = uintptr(unsafe.Pointer(&_pthread_attr_destroy)) +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_linux.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_linux.go +new file mode 100644 +index 00000000000000..cbb120431ab6bb +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_linux.go +@@ -0,0 +1,158 @@ ++// Code generated by 'go generate' with gen.go. DO NOT EDIT. ++ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2022 The Ebitengine Authors ++ ++//go:build !cgo ++ ++package fakecgo ++ ++import "unsafe" ++ ++//go:cgo_import_dynamic purego_malloc malloc "libc.so.6" ++//go:cgo_import_dynamic purego_free free "libc.so.6" ++//go:cgo_import_dynamic purego_setenv setenv "libc.so.6" ++//go:cgo_import_dynamic purego_unsetenv unsetenv "libc.so.6" ++//go:cgo_import_dynamic purego_sigfillset sigfillset "libc.so.6" ++//go:cgo_import_dynamic purego_nanosleep nanosleep "libc.so.6" ++//go:cgo_import_dynamic purego_abort abort "libc.so.6" ++//go:cgo_import_dynamic purego___errno_location __errno_location "libc.so.6" ++//go:cgo_import_dynamic purego_setegid setegid "libc.so.6" ++//go:cgo_import_dynamic purego_seteuid seteuid "libc.so.6" ++//go:cgo_import_dynamic purego_setgid setgid "libc.so.6" ++//go:cgo_import_dynamic purego_setregid setregid "libc.so.6" ++//go:cgo_import_dynamic purego_setresgid setresgid "libc.so.6" ++//go:cgo_import_dynamic purego_setresuid setresuid "libc.so.6" ++//go:cgo_import_dynamic purego_setreuid setreuid "libc.so.6" ++//go:cgo_import_dynamic purego_setuid setuid "libc.so.6" ++//go:cgo_import_dynamic purego_setgroups setgroups "libc.so.6" ++//go:cgo_import_dynamic purego_pthread_attr_init pthread_attr_init "libpthread.so.0" ++//go:cgo_import_dynamic purego_pthread_create pthread_create "libpthread.so.0" ++//go:cgo_import_dynamic purego_pthread_detach pthread_detach "libpthread.so.0" ++//go:cgo_import_dynamic purego_pthread_sigmask pthread_sigmask "libpthread.so.0" ++//go:cgo_import_dynamic purego_pthread_mutex_lock pthread_mutex_lock "libpthread.so.0" ++//go:cgo_import_dynamic purego_pthread_mutex_unlock pthread_mutex_unlock "libpthread.so.0" ++//go:cgo_import_dynamic purego_pthread_cond_broadcast pthread_cond_broadcast "libpthread.so.0" ++//go:cgo_import_dynamic purego_pthread_setspecific pthread_setspecific "libpthread.so.0" ++//go:cgo_import_dynamic purego_pthread_attr_getstacksize pthread_attr_getstacksize "libpthread.so.0" ++//go:cgo_import_dynamic purego_pthread_attr_destroy pthread_attr_destroy "libpthread.so.0" ++ ++//go:nosplit ++//go:norace ++func __errno_location() uintptr { ++ return uintptr(call5(__errno_locationABI0, 0, 0, 0, 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func setegid(egid uint32) int32 { ++ return int32(call5(setegidABI0, uintptr(egid), 0, 0, 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func seteuid(euid uint32) int32 { ++ return int32(call5(seteuidABI0, uintptr(euid), 0, 0, 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func setgid(gid uint32) int32 { ++ return int32(call5(setgidABI0, uintptr(gid), 0, 0, 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func setregid(rgid uint32, egid uint32) int32 { ++ return int32(call5(setregidABI0, uintptr(rgid), uintptr(egid), 0, 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func setresgid(rgid uint32, egid uint32, sgid uint32) int32 { ++ return int32(call5(setresgidABI0, uintptr(rgid), uintptr(egid), uintptr(sgid), 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func setresuid(ruid uint32, euid uint32, suid uint32) int32 { ++ return int32(call5(setresuidABI0, uintptr(ruid), uintptr(euid), uintptr(suid), 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func setreuid(ruid uint32, euid uint32) int32 { ++ return int32(call5(setreuidABI0, uintptr(ruid), uintptr(euid), 0, 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func setuid(uid uint32) int32 { ++ return int32(call5(setuidABI0, uintptr(uid), 0, 0, 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func setgroups(ngid uint32, gidset *uint32) int32 { ++ return int32(call5(setgroupsABI0, uintptr(ngid), uintptr(unsafe.Pointer(gidset)), 0, 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func pthread_attr_getstacksize(attr *pthread_attr_t, stacksize *size_t) int32 { ++ return int32(call5(pthread_attr_getstacksizeABI0, uintptr(unsafe.Pointer(attr)), uintptr(unsafe.Pointer(stacksize)), 0, 0, 0)) ++} ++ ++//go:nosplit ++//go:norace ++func pthread_attr_destroy(attr *pthread_attr_t) int32 { ++ return int32(call5(pthread_attr_destroyABI0, uintptr(unsafe.Pointer(attr)), 0, 0, 0, 0)) ++} ++ ++//go:linkname ___errno_location ___errno_location ++var ___errno_location uint8 ++var __errno_locationABI0 = uintptr(unsafe.Pointer(&___errno_location)) ++ ++//go:linkname _setegid _setegid ++var _setegid uint8 ++var setegidABI0 = uintptr(unsafe.Pointer(&_setegid)) ++ ++//go:linkname _seteuid _seteuid ++var _seteuid uint8 ++var seteuidABI0 = uintptr(unsafe.Pointer(&_seteuid)) ++ ++//go:linkname _setgid _setgid ++var _setgid uint8 ++var setgidABI0 = uintptr(unsafe.Pointer(&_setgid)) ++ ++//go:linkname _setregid _setregid ++var _setregid uint8 ++var setregidABI0 = uintptr(unsafe.Pointer(&_setregid)) ++ ++//go:linkname _setresgid _setresgid ++var _setresgid uint8 ++var setresgidABI0 = uintptr(unsafe.Pointer(&_setresgid)) ++ ++//go:linkname _setresuid _setresuid ++var _setresuid uint8 ++var setresuidABI0 = uintptr(unsafe.Pointer(&_setresuid)) ++ ++//go:linkname _setreuid _setreuid ++var _setreuid uint8 ++var setreuidABI0 = uintptr(unsafe.Pointer(&_setreuid)) ++ ++//go:linkname _setuid _setuid ++var _setuid uint8 ++var setuidABI0 = uintptr(unsafe.Pointer(&_setuid)) ++ ++//go:linkname _setgroups _setgroups ++var _setgroups uint8 ++var setgroupsABI0 = uintptr(unsafe.Pointer(&_setgroups)) ++ ++//go:linkname _pthread_attr_getstacksize _pthread_attr_getstacksize ++var _pthread_attr_getstacksize uint8 ++var pthread_attr_getstacksizeABI0 = uintptr(unsafe.Pointer(&_pthread_attr_getstacksize)) ++ ++//go:linkname _pthread_attr_destroy _pthread_attr_destroy ++var _pthread_attr_destroy uint8 ++var pthread_attr_destroyABI0 = uintptr(unsafe.Pointer(&_pthread_attr_destroy)) +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_darwin.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_darwin.s +new file mode 100644 +index 00000000000000..35ef7ac11cb955 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_darwin.s +@@ -0,0 +1,19 @@ ++// Code generated by 'go generate' with gen.go. DO NOT EDIT. ++ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2022 The Ebitengine Authors ++ ++//go:build !cgo ++ ++#include "textflag.h" ++ ++// these stubs are here because it is not possible to go:linkname directly the C functions ++ ++TEXT _pthread_self(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_pthread_self(SB) ++ ++TEXT _pthread_get_stacksize_np(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_pthread_get_stacksize_np(SB) ++ ++TEXT _pthread_attr_setstacksize(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_pthread_attr_setstacksize(SB) +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_freebsd.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_freebsd.s +new file mode 100644 +index 00000000000000..da07005c0bc988 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_freebsd.s +@@ -0,0 +1,16 @@ ++// Code generated by 'go generate' with gen.go. DO NOT EDIT. ++ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2022 The Ebitengine Authors ++ ++//go:build !cgo ++ ++#include "textflag.h" ++ ++// these stubs are here because it is not possible to go:linkname directly the C functions ++ ++TEXT _pthread_attr_getstacksize(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_pthread_attr_getstacksize(SB) ++ ++TEXT _pthread_attr_destroy(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_pthread_attr_destroy(SB) +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_linux.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_linux.s +new file mode 100644 +index 00000000000000..ba2cb38918d538 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_linux.s +@@ -0,0 +1,46 @@ ++// Code generated by 'go generate' with gen.go. DO NOT EDIT. ++ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2022 The Ebitengine Authors ++ ++//go:build !cgo ++ ++#include "textflag.h" ++ ++// these stubs are here because it is not possible to go:linkname directly the C functions ++ ++TEXT ___errno_location(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego___errno_location(SB) ++ ++TEXT _setegid(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_setegid(SB) ++ ++TEXT _seteuid(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_seteuid(SB) ++ ++TEXT _setgid(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_setgid(SB) ++ ++TEXT _setregid(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_setregid(SB) ++ ++TEXT _setresgid(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_setresgid(SB) ++ ++TEXT _setresuid(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_setresuid(SB) ++ ++TEXT _setreuid(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_setreuid(SB) ++ ++TEXT _setuid(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_setuid(SB) ++ ++TEXT _setgroups(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_setgroups(SB) ++ ++TEXT _pthread_attr_getstacksize(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_pthread_attr_getstacksize(SB) ++ ++TEXT _pthread_attr_destroy(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_pthread_attr_destroy(SB) +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_stubs.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_stubs.s +new file mode 100644 +index 00000000000000..067583d68517a9 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_stubs.s +@@ -0,0 +1,55 @@ ++// Code generated by 'go generate' with gen.go. DO NOT EDIT. ++ ++// SPDX-License-Identifier: Apache-2.0 ++// SPDX-FileCopyrightText: 2022 The Ebitengine Authors ++ ++//go:build !cgo && (darwin || freebsd || linux) ++ ++#include "textflag.h" ++ ++// these stubs are here because it is not possible to go:linkname directly the C functions ++ ++TEXT _malloc(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_malloc(SB) ++ ++TEXT _free(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_free(SB) ++ ++TEXT _setenv(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_setenv(SB) ++ ++TEXT _unsetenv(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_unsetenv(SB) ++ ++TEXT _sigfillset(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_sigfillset(SB) ++ ++TEXT _nanosleep(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_nanosleep(SB) ++ ++TEXT _abort(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_abort(SB) ++ ++TEXT _pthread_attr_init(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_pthread_attr_init(SB) ++ ++TEXT _pthread_create(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_pthread_create(SB) ++ ++TEXT _pthread_detach(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_pthread_detach(SB) ++ ++TEXT _pthread_sigmask(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_pthread_sigmask(SB) ++ ++TEXT _pthread_mutex_lock(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_pthread_mutex_lock(SB) ++ ++TEXT _pthread_mutex_unlock(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_pthread_mutex_unlock(SB) ++ ++TEXT _pthread_cond_broadcast(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_pthread_cond_broadcast(SB) ++ ++TEXT _pthread_setspecific(SB), NOSPLIT|NOFRAME, $0-0 ++ JMP purego_pthread_setspecific(SB) +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_386.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_386.s +new file mode 100644 +index 00000000000000..4442c19e74564e +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_386.s +@@ -0,0 +1,101 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++// Copyright 2026 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++//go:build !cgo ++ ++#include "go_asm.h" ++#include "textflag.h" ++ ++TEXT ·syscallNSystemStack_trampoline(SB), NOSPLIT, $16-0 ++ MOVL 20(SP), AX // libcArgs from C caller (frame_size + ret_addr = 16 + 4) ++ MOVL AX, 0(SP) // pass to Go function ++ CALL ·syscallNSystemStack(SB) ++ RET ++ ++TEXT ·syscallNAsm(SB), NOSPLIT, $16-4 ++ // Frame layout: 16 bytes local storage ++ // 0(SP) - saved BP (original SP) ++ // 4(SP) - saved libcArgs pointer ++ // 8(SP) - saved fn pointer ++ // 12(SP) - scratch ++ ++ // Load args pointer FIRST before any stack modifications ++ MOVL libcArgs+0(FP), SI ++ ++ // Save original SP and libcArgs in local frame ++ MOVL SP, BP ++ ADDL $16, BP // BP = original SP (before frame allocation) ++ MOVL BP, 0(SP) // save original SP ++ MOVL SI, 4(SP) // save libcArgs pointer ++ ++ // Load struct fields ++ MOVL libcCallInfo_fn(SI), AX ++ MOVL AX, 8(SP) // save fn pointer ++ MOVL libcCallInfo_n(SI), CX ++ MOVL libcCallInfo_args(SI), BX ++ ++ // Allocate 16 bytes for fast path (0-3 args) ++ MOVL SP, BP ++ SUBL $16, SP ++ ++ // Fast path for 0-3 args, otherwise fall through to manyargs ++ CMPL CX, $0; JE _0args ++ CMPL CX, $1; JE _1args ++ CMPL CX, $2; JE _2args ++ CMPL CX, $3; JE _3args ++ ++ // manyargs: 4+ args, restore SP and reallocate ++ MOVL BP, SP ++ ++ // Calculate stack space needed: n*4 bytes, aligned to 16 ++ MOVL CX, AX ++ SHLL $2, AX // AX = n * 4 ++ ADDL $15, AX ++ ANDL $~15, AX // 16-byte align ++ SUBL AX, SP ++ ++ // Copy all args to stack ++ // BX = args pointer, CX = count, DI = dest ++ MOVL SP, DI ++ ++copy_loop: ++ DECL CX ++ MOVL (BX)(CX*4), AX ++ MOVL AX, (DI)(CX*4) ++ CMPL CX, $0 ++ JNE copy_loop ++ JMP _0args ++ ++// Fast path: fall through to copy args ++_3args: ++ MOVL 8(BX), AX ++ MOVL AX, 8(SP) ++ ++_2args: ++ MOVL 4(BX), AX ++ MOVL AX, 4(SP) ++ ++_1args: ++ MOVL 0(BX), AX ++ MOVL AX, 0(SP) ++ ++_0args: ++ MOVL 8(BP), DX // fn pointer from saved location ++ CALL DX ++ MOVL BP, SP ++ ++ret: ++ // Reload libcArgs pointer from saved location ++ MOVL 4(SP), SI ++ ++ // Save return values (AX already has r1, need to save DX before it's clobbered) ++ MOVL DX, 12(SP) // temporarily save r2 ++ MOVL AX, libcCallInfo_r1(SI) ++ MOVL 12(SP), AX ++ MOVL AX, libcCallInfo_r2(SI) ++ ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_amd64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_amd64.s +new file mode 100644 +index 00000000000000..8be7dba90de142 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_amd64.s +@@ -0,0 +1,123 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++// Copyright 2009 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++//go:build !cgo ++ ++#include "go_asm.h" ++#include "textflag.h" ++ ++TEXT ·syscallNSystemStack_trampoline(SB), NOSPLIT, $16 ++#ifdef GOOS_windows ++ MOVQ CX, 0(SP) ++ ++#else ++ MOVQ DI, 0(SP) ++ ++#endif ++ CALL ·syscallNSystemStack(SB) ++ RET ++ ++#ifdef GOOS_windows ++#define RegArgsN 4 ++#else ++#define RegArgsN 6 ++#endif ++ ++TEXT ·syscallNAsm(SB), NOSPLIT, $16-8 ++ // Load pointer from stack (ABI0 calling convention) ++ // Store argument and original SP in a callee-saved register ++ MOVQ libcArgs+0(FP), R13 ++ MOVQ SP, R14 ++ ++ // Align stack to 16 bytes ++ ANDQ $~15, SP ++ ++ MOVQ libcCallInfo_fn(R13), R11 ++ MOVQ libcCallInfo_n(R13), CX ++ MOVQ libcCallInfo_args(R13), R10 ++ ++ // Fast version, do not store args on the stack. ++ CMPL CX, $0; JE _0args ++ CMPL CX, $1; JE _1args ++ CMPL CX, $2; JE _2args ++ CMPL CX, $3; JE _3args ++ CMPL CX, $4; JE _4args ++ ++#ifndef GOOS_windows // Windows does not pass more than 4 args in registers ++ CMPL CX, $5; JE _5args ++ CMPL CX, $6; JE _6args ++ ++#endif ++ ++ // Reserve stack space for remaining args ++ MOVQ CX, R12 ++ SUBQ $RegArgsN, R12 ++ ADDQ $1, R12 // make even number of words for stack alignment ++ ANDQ $~1, R12 ++ SHLQ $3, R12 ++ SUBQ R12, SP ++ ++ // Copy args to the stack. ++ // CX: count of stack arguments (n-RegArgsN) ++ // SI: &args[RegArgsN] ++ // DI: copy of RSP ++ SUBQ $RegArgsN, CX ++ MOVQ R10, SI ++ ADDQ $(8*RegArgsN), SI ++ MOVQ SP, DI ++ CLD ++ REP; MOVSQ ++ ++#ifndef GOOS_windows ++_6args: ++ MOVQ (5*8)(R10), R9 ++ ++_5args: ++ MOVQ (4*8)(R10), R8 ++ ++#endif ++_4args: ++ MOVQ (3*8)(R10), CX ++ ++_3args: ++ MOVQ (2*8)(R10), DX ++ ++_2args: ++ MOVQ (1*8)(R10), SI ++ ++_1args: ++ MOVQ (0*8)(R10), DI ++ ++_0args: ++ ++ XORL AX, AX // vararg: say "no float args" ++ ++#ifdef GOOS_windows ++ // Windows x64 syscall ABI: first four integer args in CX, DX, R8, R9 ++ // and 32 bytes of shadow space on the stack. ++ ADJSP $32 ++ MOVQ CX, R9 ++ MOVQ DX, R8 ++ MOVQ SI, DX ++ MOVQ DI, CX ++ ++#endif ++ ++ CALL R11 ++ ++#ifdef GOOS_windows ++ ADJSP $-32 ++ ++#endif ++ ++ MOVQ R14, SP // free stack space ++ ++ // Return result. ++ MOVQ AX, libcCallInfo_r1(R13) ++ MOVQ DX, libcCallInfo_r2(R13) ++ ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_arm.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_arm.s +new file mode 100644 +index 00000000000000..948ff9cf4a84e1 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_arm.s +@@ -0,0 +1,107 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++// Copyright 2026 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++//go:build !cgo ++ ++#include "go_asm.h" ++#include "textflag.h" ++ ++TEXT ·syscallNSystemStack_trampoline(SB), NOSPLIT, $8 ++ MOVW R0, 4(R13) ++ CALL ·syscallNSystemStack(SB) ++ RET ++ ++TEXT ·syscallNAsm(SB), NOSPLIT, $0-4 ++ // Load args pointer first, before modifying SP ++ MOVW libcArgs+0(FP), R0 ++ ++ // Save callee-saved registers R4-R7 and LR. ++ // We use R4 for libcArgs pointer. ++ // We use R5 for args pointer. ++ // We use R6 for n, then reused for saving SP. ++ // We use R7 for scratch. ++ MOVM.DB.W [R4-R7, R14], (R13) ++ ++ MOVW R0, R4 // Move libcArgs to R4 ++ ++ MOVW libcCallInfo_n(R4), R6 ++ MOVW libcCallInfo_args(R4), R5 ++ MOVW libcCallInfo_fn(R4), R12 ++ ++ CMP $4, R6 ++ BGT args_stack ++ ++ CMP $0, R6 ++ BEQ call ++ CMP $1, R6 ++ BEQ args_1 ++ CMP $2, R6 ++ BEQ args_2 ++ CMP $3, R6 ++ BEQ args_3 ++ ++args_4: ++ MOVM.IA (R5), [R0, R1, R2, R3] ++ B call ++ ++args_3: ++ MOVM.IA (R5), [R0, R1, R2] ++ B call ++ ++args_2: ++ MOVM.IA (R5), [R0, R1] ++ B call ++ ++args_1: ++ MOVW (R5), R0 ++ B call ++ ++args_stack: ++ // Calculate stack space needed: (n-4)*4 ++ SUB $4, R6, R7 ++ MOVW R7, R2 ++ SLL $2, R2 // bytes ++ ++ // Save SP (R6 is free now, n no longer needed) ++ MOVW R13, R6 ++ ++ // Allocate stack ++ SUB R2, R13 ++ BIC $7, R13 // Align to 8 bytes ++ ++ // Copy args ++ ADD $16, R5, R14 // Src = args + 16 ++ MOVW R13, R3 // Dst = SP ++ ++copy_loop: ++ MOVW.P 4(R14), R1 // read ++ MOVW.P R1, 4(R3) // write ++ SUB $1, R7 ++ CMP $0, R7 ++ BNE copy_loop ++ ++ // Load first 4 args ++ MOVM.IA (R5), [R0, R1, R2, R3] ++ ++ // Reload fn ++ MOVW libcCallInfo_fn(R4), R12 ++ ++ BL (R12) ++ ++ // Restore SP ++ MOVW R6, R13 ++ B ret ++ ++call: ++ BL (R12) ++ ++ret: ++ MOVW R0, libcCallInfo_r1(R4) ++ MOVW R1, libcCallInfo_r2(R4) ++ ++ MOVM.IA.W (R13), [R4-R7, R14] ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_arm64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_arm64.s +new file mode 100644 +index 00000000000000..ea2a33662a89f0 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_arm64.s +@@ -0,0 +1,100 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++// Copyright 2015 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++//go:build !cgo ++ ++#include "go_asm.h" ++#include "textflag.h" ++ ++TEXT ·syscallNSystemStack_trampoline(SB), NOSPLIT, $16 ++ MOVD R0, 8(RSP) ++ CALL ·syscallNSystemStack(SB) ++ RET ++ ++TEXT ·syscallNAsm(SB), NOSPLIT, $0-16 ++ // Save original stack pointer ++ MOVD RSP, R20 ++ ++ // Load pointer from stack (ABI0 calling convention) ++ MOVD libcArgs+0(FP), R3 ++ ++ MOVD libcCallInfo_args(R3), R12 ++ MOVD libcCallInfo_fn(R3), R13 ++ ++ // Do we have more than 8 arguments? ++ MOVD libcCallInfo_n(R3), R0 ++ CMP $0, R0; BEQ _0args ++ CMP $1, R0; BEQ _1args ++ CMP $2, R0; BEQ _2args ++ CMP $3, R0; BEQ _3args ++ CMP $4, R0; BEQ _4args ++ CMP $5, R0; BEQ _5args ++ CMP $6, R0; BEQ _6args ++ CMP $7, R0; BEQ _7args ++ CMP $8, R0; BEQ _8args ++ ++ // Reserve stack space for remaining args ++ SUB $8, R0, R2 ++ ADD $1, R2, R3 // make even number of words for stack alignment ++ AND $~1, R3 ++ LSL $3, R3 ++ SUB R3, RSP ++ ++ // R4: size of stack arguments (n-8)*8 ++ // R5: &args[8] ++ // R6: loop counter, from 0 to (n-8)*8 ++ // R7: scratch ++ // R8: copy of RSP - (R2)(RSP) assembles as (R2)(ZR) ++ SUB $8, R0, R4 ++ LSL $3, R4 ++ ADD $(8*8), R12, R5 ++ MOVD $0, R6 ++ MOVD RSP, R8 ++ ++stackargs: ++ MOVD (R6)(R5), R7 ++ MOVD R7, (R6)(R8) ++ ADD $8, R6 ++ CMP R6, R4 ++ BNE stackargs ++ ++_8args: ++ MOVD (7*8)(R12), R7 ++ ++_7args: ++ MOVD (6*8)(R12), R6 ++ ++_6args: ++ MOVD (5*8)(R12), R5 ++ ++_5args: ++ MOVD (4*8)(R12), R4 ++ ++_4args: ++ MOVD (3*8)(R12), R3 ++ ++_3args: ++ MOVD (2*8)(R12), R2 ++ ++_2args: ++ MOVD (1*8)(R12), R1 ++ ++_1args: ++ MOVD (0*8)(R12), R0 ++ ++_0args: ++ ++ BL (R13) ++ ++ // Restore original stack pointer ++ MOVD R20, RSP ++ ++ MOVD libcArgs+0(FP), R3 ++ MOVD R0, libcCallInfo_r1(R3) // save r1 ++ MOVD R1, libcCallInfo_r2(R3) // save r2 ++ ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_loong64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_loong64.s +new file mode 100644 +index 00000000000000..0036346faededf +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_loong64.s +@@ -0,0 +1,119 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++// Copyright 2015 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++//go:build !cgo ++ ++#include "go_asm.h" ++#include "textflag.h" ++ ++TEXT ·syscallNSystemStack_trampoline(SB), NOSPLIT, $16 ++ MOVV R4, 8(R3) ++ CALL ·syscallNSystemStack(SB) ++ RET ++ ++TEXT ·syscallNAsm(SB), NOSPLIT, $0-8 ++ // Load pointer from stack (ABI0 calling convention) ++ MOVV libcArgs+0(FP), R12 ++ ++ // Save original stack pointer ++ MOVV R3, R23 ++ ++ // Align stack to 16 bytes for C calling convention ++ MOVV $-16, R15 ++ AND R15, R3 ++ ++ MOVV libcCallInfo_args(R12), R13 ++ MOVV libcCallInfo_fn(R12), R14 ++ ++ // Do we have more than 8 arguments? ++ MOVV libcCallInfo_n(R12), R4 ++ BEQ R4, R0, _0args ++ MOVV $1, R15 ++ BEQ R4, R15, _1args ++ MOVV $2, R15 ++ BEQ R4, R15, _2args ++ MOVV $3, R15 ++ BEQ R4, R15, _3args ++ MOVV $4, R15 ++ BEQ R4, R15, _4args ++ MOVV $5, R15 ++ BEQ R4, R15, _5args ++ MOVV $6, R15 ++ BEQ R4, R15, _6args ++ MOVV $7, R15 ++ BEQ R4, R15, _7args ++ MOVV $8, R15 ++ BEQ R4, R15, _8args ++ ++ // Reserve stack space for remaining args ++ MOVV R4, R16 ++ ADDV $-8, R16 // R16 = n-8 ++ MOVV R16, R12 // R12 = n-8 (reuse R12, no longer need libcArgs) ++ ADDV $1, R12 // R12 = (n-8)+1 ++ MOVV $-2, R15 ++ AND R15, R12 // make even number of words for stack alignment ++ SLLV $3, R12 // R12 = bytes to reserve ++ SUBV R12, R3 // SP -= bytes ++ ++ // R16: size of stack arguments (n-8)*8 ++ // R15: &args[8] ++ // R17: loop counter, from 0 to (n-8)*8 ++ // R18: scratch ++ // R19: copy of R3 (SP) ++ // R20: scratch ++ SLLV $3, R16 // R16 = (n-8)*8 ++ MOVV R13, R15 ++ ADDV $(8*8), R15 // R15 = args + 64 = &args[8] ++ MOVV R0, R17 // R17 = 0 (loop counter) ++ MOVV R3, R19 // R19 = SP copy ++ ++stackargs: ++ MOVV R15, R18 ++ ADDV R17, R18 // R18 = &args[8] + counter ++ MOVV (R18), R18 // R18 = args[8 + counter/8] ++ MOVV R19, R20 ++ ADDV R17, R20 // R20 = SP_copy + counter ++ MOVV R18, (R20) // stack[counter/8] = R18 ++ ADDV $8, R17 // counter += 8 ++ BNE R17, R16, stackargs // while counter != (n-8)*8 ++ ++_8args: ++ MOVV (7*8)(R13), R11 ++ ++_7args: ++ MOVV (6*8)(R13), R10 ++ ++_6args: ++ MOVV (5*8)(R13), R9 ++ ++_5args: ++ MOVV (4*8)(R13), R8 ++ ++_4args: ++ MOVV (3*8)(R13), R7 ++ ++_3args: ++ MOVV (2*8)(R13), R6 ++ ++_2args: ++ MOVV (1*8)(R13), R5 ++ ++_1args: ++ MOVV (0*8)(R13), R4 ++ ++_0args: ++ ++ CALL (R14) ++ ++ // Restore original stack pointer ++ MOVV R23, R3 ++ ++ MOVV libcArgs+0(FP), R12 ++ MOVV R4, libcCallInfo_r1(R12) // save r1 ++ MOVV R5, libcCallInfo_r2(R12) // save r2 ++ ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_others.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_others.s +new file mode 100644 +index 00000000000000..05b68fa204a71b +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_others.s +@@ -0,0 +1,10 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++// Copyright 2009 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++//go:build !cgo && !arm && !arm64 && !386 && !amd64 && !loong64 && !ppc64le && !riscv64 && (!s390x || !go1.27) ++ ++// This file silences errors about body-less functions. +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_ppc64le.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_ppc64le.s +new file mode 100644 +index 00000000000000..1eacc7832ab330 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_ppc64le.s +@@ -0,0 +1,144 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++// Copyright 2009 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++//go:build !cgo ++ ++#include "go_asm.h" ++#include "textflag.h" ++ ++TEXT ·syscallNSystemStack_trampoline(SB), NOSPLIT|NOFRAME, $0-0 ++ // R3 already contains the libcArgs pointer from cgocall ++ MOVD LR, R0 ++ MOVD R0, 16(R1) ++ MOVDU R1, -32(R1) ++ MOVD R3, 32(R1) ++ CALL ·syscallNSystemStack(SB) ++ ADD $32, R1 ++ MOVD 16(R1), R0 ++ MOVD R0, LR ++ RET ++ ++// PPC64LE ELFv2 ABI: R3-R10 args, R3-R4 return, R14-R31 callee-saved ++// Go ABI: R3-R10, R14-R17 args, R20-R21 scratch, R30=g, R31=scratch ++// We use R24-R28 which are callee-saved in both ABIs. ++// Go frame: 48 locals + 32 linkage = 80 bytes. Locals start at 32(R1). ++ ++TEXT ·syscallNAsm(SB), NOSPLIT, $48-8 ++ // Save callee-saved registers we'll use ++ MOVD R24, 32(R1) ++ MOVD R25, 40(R1) ++ MOVD R26, 48(R1) ++ MOVD R27, 56(R1) ++ MOVD R28, 64(R1) ++ ++ // Load libcArgs pointer from stack (ABI0 calling convention) ++ MOVD libcArgs+0(FP), R11 ++ ++ // Store values we need across the C call in callee-saved registers ++ MOVD R1, R24 // R24 = original SP ++ MOVD R11, R25 // R25 = libcArgs ++ MOVD libcCallInfo_args(R11), R26 // R26 = args ++ MOVD libcCallInfo_fn(R11), R27 // R27 = fn ++ MOVD libcCallInfo_n(R11), R28 // R28 = n ++ ++ // Do we have more than 8 arguments? ++ CMP R28, $8 ++ BLE _allocsmall ++ ++ // >8 args: allocate large frame ((n-8+1) & ~1) * 8 + 96 ++ SUB $8, R28, R3 ++ ADD $1, R3 ++ MOVD $~1, R4 ++ AND R4, R3 ++ SLD $3, R3 ++ ADD $96, R3 ++ NEG R3, R4 ++ ADD R4, R24, R1 ++ MOVD $~15, R3 ++ AND R3, R1 // 16-byte align ++ MOVD R24, 0(R1) // back chain ++ MOVD R2, 24(R1) // save TOC ++ ++ // Copy args[8..n-1] to stack at offset 96 ++ MOVD $8, R3 ++ ++_stackargs: ++ SLD $3, R3, R5 ++ MOVD (R26)(R5), R6 ++ SUB $8, R3, R7 ++ SLD $3, R7 ++ ADD $96, R7 ++ MOVD R6, (R1)(R7) ++ ADD $1, R3 ++ CMP R3, R28 ++ BLT _stackargs ++ BR _8args ++ ++_allocsmall: ++ // <=8 args: allocate minimum 96-byte C frame ++ ADD $-96, R24, R1 ++ MOVD $~15, R3 ++ AND R3, R1 ++ MOVD R24, 0(R1) // back chain ++ MOVD R2, 24(R1) // save TOC ++ ++ // Branch to appropriate label based on arg count ++ CMP R28, $0; BEQ _0args ++ CMP R28, $1; BEQ _1args ++ CMP R28, $2; BEQ _2args ++ CMP R28, $3; BEQ _3args ++ CMP R28, $4; BEQ _4args ++ CMP R28, $5; BEQ _5args ++ CMP R28, $6; BEQ _6args ++ CMP R28, $7; BEQ _7args ++ ++_8args: ++ MOVD (7*8)(R26), R10 ++ ++_7args: ++ MOVD (6*8)(R26), R9 ++ ++_6args: ++ MOVD (5*8)(R26), R8 ++ ++_5args: ++ MOVD (4*8)(R26), R7 ++ ++_4args: ++ MOVD (3*8)(R26), R6 ++ ++_3args: ++ MOVD (2*8)(R26), R5 ++ ++_2args: ++ MOVD (1*8)(R26), R4 ++ ++_1args: ++ MOVD (0*8)(R26), R3 ++ ++_0args: ++ // ELFv2: function address in R12 and CTR ++ MOVD R27, R12 ++ MOVD R12, CTR ++ BL (CTR) ++ ++ // Restore TOC and stack pointer ++ MOVD 24(R1), R2 ++ MOVD R24, R1 ++ ++ // Save return values ++ MOVD R3, libcCallInfo_r1(R25) ++ MOVD R4, libcCallInfo_r2(R25) ++ ++ // Restore callee-saved registers ++ MOVD 32(R1), R24 ++ MOVD 40(R1), R25 ++ MOVD 48(R1), R26 ++ MOVD 56(R1), R27 ++ MOVD 64(R1), R28 ++ ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_riscv64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_riscv64.s +new file mode 100644 +index 00000000000000..e7676e6aa8c2ef +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_riscv64.s +@@ -0,0 +1,112 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++// Copyright 2015 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++//go:build !cgo ++ ++#include "go_asm.h" ++#include "textflag.h" ++ ++TEXT ·syscallNSystemStack_trampoline(SB), NOSPLIT, $16 ++ MOV A0, 8(X2) ++ CALL ·syscallNSystemStack(SB) ++ RET ++ ++TEXT ·syscallNAsm(SB), NOSPLIT, $0-8 ++ // Load pointer from stack (ABI0 calling convention) ++ MOV libcArgs+0(FP), X5 ++ ++ // Save original stack pointer ++ MOV X2, X20 ++ ++ // Align stack to 16 bytes for C calling convention ++ ANDI $-16, X2, X2 ++ ++ MOV libcCallInfo_args(X5), X30 ++ MOV libcCallInfo_fn(X5), X29 ++ ++ // Do we have more than 8 arguments? ++ MOV libcCallInfo_n(X5), X10 ++ BEQ X10, ZERO, _0args ++ MOV $1, X6 ++ BEQ X10, X6, _1args ++ MOV $2, X6 ++ BEQ X10, X6, _2args ++ MOV $3, X6 ++ BEQ X10, X6, _3args ++ MOV $4, X6 ++ BEQ X10, X6, _4args ++ MOV $5, X6 ++ BEQ X10, X6, _5args ++ MOV $6, X6 ++ BEQ X10, X6, _6args ++ MOV $7, X6 ++ BEQ X10, X6, _7args ++ MOV $8, X6 ++ BEQ X10, X6, _8args ++ ++ // Reserve stack space for remaining args ++ ADDI $-8, X10, X7 ++ ADDI $1, X7, X5 // make even number of words for stack alignment ++ ANDI $-2, X5, X5 ++ SLLI $3, X5, X5 ++ SUB X5, X2, X2 ++ ++ // X6: size of stack arguments (n-8)*8 ++ // X7: &args[8] ++ // X8: loop counter, from 0 to (n-8)*8 ++ // X9: scratch ++ // X28: copy of X2 (SP) ++ ADDI $-8, X10, X6 ++ SLLI $3, X6, X6 ++ ADDI $(8*8), X7, X7 ++ MOV ZERO, X8 ++ MOV X2, X28 ++ ++stackargs: ++ ADD X8, X7, X9 ++ MOV (X9), X9 ++ ADD X8, X28, X31 ++ MOV X9, (X31) ++ ADDI $8, X8, X8 ++ BNE X8, X6, stackargs ++ ++_8args: ++ MOV (7*8)(X30), X17 ++ ++_7args: ++ MOV (6*8)(X30), X16 ++ ++_6args: ++ MOV (5*8)(X30), X15 ++ ++_5args: ++ MOV (4*8)(X30), X14 ++ ++_4args: ++ MOV (3*8)(X30), X13 ++ ++_3args: ++ MOV (2*8)(X30), X12 ++ ++_2args: ++ MOV (1*8)(X30), X11 ++ ++_1args: ++ MOV (0*8)(X30), X10 ++ ++_0args: ++ ++ CALL X29 ++ ++ // Restore original stack pointer ++ MOV X20, X2 ++ ++ MOV libcArgs+0(FP), X5 ++ MOV X10, libcCallInfo_r1(X5) // save r1 ++ MOV X11, libcCallInfo_r2(X5) // save r2 ++ ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_s390x.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_s390x.s +new file mode 100644 +index 00000000000000..6a8c18c0f111c6 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_s390x.s +@@ -0,0 +1,120 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++// Copyright 2009 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++//go:build go1.27 && !cgo ++ ++#include "go_asm.h" ++#include "textflag.h" ++ ++// S390X ELF ABI: ++// - Args in R2-R6, float args in F0, F2, F4, F6 ++// - Return values in R2, R3 (and F0 for floats) ++// - Callee-saved: R6-R13, R15, F8-F15 ++// - R14 is link register (return address) ++// - R15 is stack pointer ++// - Standard frame: 160 bytes minimum with register save area at 48(R15) ++ ++TEXT ·syscallNSystemStack_trampoline(SB), NOSPLIT|NOFRAME, $0-0 ++ // R2 already contains the libcArgs pointer from cgocall ++ // Save callee-saved registers to caller's save area ++ STMG R6, R15, 48(R15) ++ MOVD R15, R1 ++ SUB $32, R15 ++ MOVD R1, 0(R15) ++ MOVD R2, 8(R15) ++ BL ·syscallNSystemStack(SB) ++ ADD $32, R15 ++ LMG 48(R15), R6, R15 ++ RET ++ ++TEXT ·syscallNAsm(SB), NOSPLIT, $64-8 ++ // Save callee-saved registers we'll use (R6-R11) ++ STMG R6, R11, 8(R15) ++ ++ // Load libcArgs pointer from stack (ABI0 calling convention) ++ MOVD libcArgs+0(FP), R11 ++ ++ // Store values we need across the C call in callee-saved registers ++ MOVD R15, R7 // R7 = original SP ++ MOVD R11, R8 // R8 = libcArgs ++ MOVD libcCallInfo_args(R11), R9 // R9 = args ++ MOVD libcCallInfo_fn(R11), R10 // R10 = fn ++ MOVD libcCallInfo_n(R11), R6 // R6 = n ++ ++ // Do we have more than 5 arguments? ++ CMPBLE R6, $5, _allocsmall ++ ++ // >5 args: allocate frame for stack args ((n-5+1) & ~1) * 8 + 160 ++ MOVD R6, R1 ++ SUB $5, R1 ++ ADD $1, R1 ++ MOVD $~1, R0 ++ AND R0, R1 ++ SLD $3, R1 ++ ADD $160, R1 ++ SUB R1, R7, R15 ++ MOVD $~15, R0 ++ AND R0, R15 // 16-byte align ++ MOVD R7, 0(R15) // back chain ++ ++ // Copy args[5..n-1] to stack at offset 160 ++ MOVD $5, R1 ++ ++_stackargs: ++ SLD $3, R1, R3 ++ MOVD (R9)(R3*1), R0 ++ SUB $5, R1, R4 ++ SLD $3, R4 ++ ADD $160, R4 ++ MOVD R0, (R15)(R4*1) ++ ADD $1, R1 ++ CMP R1, R6 ++ BLT _stackargs ++ BR _5args ++ ++_allocsmall: ++ // <=5 args: allocate minimum 160-byte C frame ++ SUB $160, R7, R15 ++ MOVD $~15, R0 ++ AND R0, R15 ++ MOVD R7, 0(R15) // back chain ++ ++ // Branch to appropriate label based on arg count ++ CMPBEQ R6, $0, _0args ++ CMPBEQ R6, $1, _1args ++ CMPBEQ R6, $2, _2args ++ CMPBEQ R6, $3, _3args ++ CMPBEQ R6, $4, _4args ++ ++_5args: ++ MOVD (4*8)(R9), R6 ++ ++_4args: ++ MOVD (3*8)(R9), R5 ++ ++_3args: ++ MOVD (2*8)(R9), R4 ++ ++_2args: ++ MOVD (1*8)(R9), R3 ++ ++_1args: ++ MOVD (0*8)(R9), R2 ++ ++_0args: ++ BL R10 ++ ++ // Restore stack pointer ++ MOVD R7, R15 ++ ++ // Save return values ++ MOVD R2, libcCallInfo_r1(R8) ++ MOVD R3, libcCallInfo_r2(R8) ++ ++ // Restore callee-saved registers (R6-R11) ++ LMG 8(R15), R6, R11 ++ RET +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/dl.h b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/dl.h +new file mode 100644 +index 00000000000000..4ff00b18668375 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/dl.h +@@ -0,0 +1,15 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++// This header file is used by the mkcgo tool to generate cgo and Go bindings for the ++// OpenSSL C API. Run "go generate ." to regenerate the bindings. ++ ++#ifndef _GO_DL_SHIMS_H // only include this header once ++#define _GO_DL_SHIMS_H ++ ++void *dlopen(const char *path, int flags); ++int dlclose(void *handle); ++void *dlsym(void *handle, const char *symbol); ++char *dlerror(void); ++ ++#endif // _GO_DL_SHIMS_H +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors.go +new file mode 100644 +index 00000000000000..5f589254830a4d +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors.go +@@ -0,0 +1,37 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++package ossl ++ ++import ( ++ "errors" ++ "unsafe" ++) ++ ++// newMkcgoErr constructs an error from the given message and OpenSSL error state. ++func newMkcgoErr(msg string, state uintptr) error { ++ if state == 0 { ++ // No error ++ return nil ++ } ++ bio := BIO_PTR(state) ++ defer BIO_free(bio) ++ // Retrieve pointer to data, which is owned by bio. ++ var data *byte ++ n := BIO_ctrl(bio, BIO_CTRL_INFO, 0, unsafe.Pointer(&data)) ++ if n == 0 { ++ // If no errors in queue, return simple message ++ return errors.New(msg + " failed") ++ } ++ const extra = "\nopenssl error(s):\n" ++ buf := make([]byte, len(msg)+len(extra)+int(n)) ++ copy(buf, msg) ++ copy(buf[len(msg):], extra) ++ copy(buf[len(msg)+len(extra):], unsafe.Slice(data, n)) ++ // Remove trailing line jump if present. ++ if buf[len(buf)-1] == '\n' { ++ buf = buf[:len(buf)-1] ++ } ++ // Avoid an allocation by constructing the string directly from the byte slice. ++ return errors.New(unsafe.String(unsafe.SliceData(buf), len(buf))) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors_cgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors_cgo.go +new file mode 100644 +index 00000000000000..86b001762fba83 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors_cgo.go +@@ -0,0 +1,33 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++package ossl ++ ++/* ++#include "zossl.h" ++ ++// Force mkcgo_err_retrieve to be stack-guarded, ++// even when it doesn't actually need it. ++// This is necessary to ensure Go binaries built ++// with -fstack-protector-strong comply with BinSkim BA3003, ++// so that at least one function in the binary uses __stack_chk_guard. ++// See https://github.com/microsoft/go/issues/2240. ++ ++#define MKCGO_STACK_PROTECT ++ ++#if defined(__has_attribute) ++#if __has_attribute(stack_protect) ++#undef MKCGO_STACK_PROTECT ++#define MKCGO_STACK_PROTECT __attribute__((stack_protect)) ++#endif ++#endif ++ ++// mkcgo_err_retrieve retrieves the error state from OpenSSL. ++uintptr_t MKCGO_STACK_PROTECT mkcgo_err_retrieve() { ++ // BIO operations using BIO_s_mem should not fail. ++ _BIO_PTR bio = _mkcgo_BIO_new(_mkcgo_BIO_s_mem(), NULL); ++ _mkcgo_ERR_print_errors(bio); ++ return (uintptr_t)bio; ++} ++*/ ++import "C" +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors_nocgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors_nocgo.go +new file mode 100644 +index 00000000000000..ec42d4f6f9c26c +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors_nocgo.go +@@ -0,0 +1,19 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build !cgo ++ ++package ossl ++ ++// retrieveErrorState retrieves errors from the OpenSSL error queue. ++// It might run on the system stack, so it can't allocate Go memory ++// nor grow the stack over the nosplit limit. ++// ++//go:nosplit ++func retrieveErrorState() uintptr { ++ // BIO operations using BIO_s_mem should not fail. ++ smem := syscallNRaw(_mkcgo_BIO_s_mem) ++ bio := syscallNRaw(_mkcgo_BIO_new, smem) ++ syscallNRaw(_mkcgo_ERR_print_errors, bio) ++ return bio ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/ossl.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/ossl.go +new file mode 100644 +index 00000000000000..9acac55865dc17 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/ossl.go +@@ -0,0 +1,62 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++// Package ossl provides a Go interface to OpenSSL. ++package ossl ++ ++//go:generate go run ../../cmd/mkcgo -out zossl.go -mode dynload -package ossl shims.h ++//go:generate go run ../../cmd/mkcgo -out zossl.go -nocgo -mode dynload -package ossl shims.h ++//go:generate go run ../../cmd/mkcgo -out zdl.go -nocgo -mode dynamic -noerrors -package ossl -tags unix dl.h ++ ++import "unsafe" ++ ++const _OSSL_PARAM_UNMODIFIED uint = uint(^uintptr(0)) ++ ++// OSSL_PARAM is a structure to pass or request object parameters. ++// https://docs.openssl.org/3.0/man3/OSSL_PARAM/. ++type OSSL_PARAM struct { ++ Key *byte ++ DataType uint32 ++ Data unsafe.Pointer ++ DataSize uint ++ ReturnSize uint ++} ++ ++func ossl_param_construct(key *byte, dataType uint32, data unsafe.Pointer, dataSize int) OSSL_PARAM { ++ return OSSL_PARAM{ ++ Key: key, ++ DataType: dataType, ++ Data: data, ++ DataSize: uint(dataSize), ++ ReturnSize: _OSSL_PARAM_UNMODIFIED, ++ } ++} ++ ++func OSSL_PARAM_construct_octet_string(key *byte, data unsafe.Pointer, dataSize int) OSSL_PARAM { ++ return ossl_param_construct(key, OSSL_PARAM_OCTET_STRING, data, dataSize) ++} ++ ++func OSSL_PARAM_construct_int32(key *byte, data *int32) OSSL_PARAM { ++ return ossl_param_construct(key, OSSL_PARAM_INTEGER, unsafe.Pointer(data), 4) ++} ++ ++func OSSL_PARAM_construct_end() OSSL_PARAM { ++ return OSSL_PARAM{} ++} ++ ++func OSSL_PARAM_modified(param *OSSL_PARAM) bool { ++ // If ReturnSize is not set, the parameter has not been modified. ++ return param != nil && param.ReturnSize != _OSSL_PARAM_UNMODIFIED ++} ++ ++// goString converts a C string (byte pointer) to a Go string ++func goString(p *byte) string { ++ if p == nil { ++ return "" ++ } ++ end := unsafe.Pointer(p) ++ for *(*byte)(end) != 0 { ++ end = unsafe.Add(end, 1) ++ } ++ return string(unsafe.Slice(p, uintptr(end)-uintptr(unsafe.Pointer(p)))) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/shims.h b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/shims.h +new file mode 100644 +index 00000000000000..9a47c5bf820472 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/shims.h +@@ -0,0 +1,446 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++// This header file is used by the mkcgo tool to generate cgo and Go bindings for the ++// OpenSSL C API. Run "go generate ." to regenerate the bindings. ++// Do not include this file, import "zossl.h" instead. ++ ++#ifndef _GO_OSSL_SHIMS_H // only include this header once ++#define _GO_OSSL_SHIMS_H ++ ++#include // size_t ++#include // uint64_t ++ ++// The following includes are used by the checkheader tool. ++// #include ++// #include ++// #include ++// #include ++// #include ++// #include ++// #include ++// #include ++// #include ++// #include ++// #include ++// #if OPENSSL_VERSION_NUMBER >= 0x30000000L ++// #include ++// #include ++// #include ++// #include ++// #endif ++// #if OPENSSL_VERSION_NUMBER < 0x10100000L ++// #include ++// #endif ++ ++enum { ++ _POINT_CONVERSION_UNCOMPRESSED = 4, ++ ++ _OPENSSL_INIT_LOAD_CRYPTO_STRINGS = 0x00000002, ++ _OPENSSL_INIT_ADD_ALL_CIPHERS = 0x00000004, ++ _OPENSSL_INIT_ADD_ALL_DIGESTS = 0x00000008, ++ _OPENSSL_INIT_LOAD_CONFIG = 0x00000040, ++ ++ _EVP_CTRL_GCM_GET_TAG = 0x10, ++ _EVP_CTRL_GCM_SET_TAG = 0x11, ++ _EVP_CTRL_AEAD_SET_IVLEN = 0x9, ++ _EVP_CTRL_AEAD_GET_TAG = 0x10, ++ _EVP_CTRL_AEAD_SET_TAG = 0x11, ++ _EVP_PKEY_CTRL_MD = 1, ++ _EVP_PKEY_RSA = 6, ++ _EVP_PKEY_EC = 408, ++ _EVP_PKEY_TLS1_PRF = 1021, ++ _EVP_PKEY_X25519 = 1034, ++ _EVP_PKEY_HKDF = 1036, ++ _EVP_PKEY_ED25519 = 1087, ++ _EVP_PKEY_DSA = 116, ++ _EVP_PKEY_MLKEM_768 = 1455, ++ _EVP_PKEY_MLKEM_1024 = 1456, ++ _EVP_PKEY_ML_DSA_44 = 1457, ++ _EVP_PKEY_ML_DSA_65 = 1458, ++ _EVP_PKEY_ML_DSA_87 = 1459, ++ _EVP_PKEY_OP_DERIVE = (1 << 10), // this value differs between OpenSSL 1 and 3, but we only use it in 1 ++ _EVP_MAX_MD_SIZE = 64, ++ ++ _EVP_PKEY_PUBLIC_KEY = 0x86, ++ _EVP_PKEY_KEYPAIR = 0x87, ++ ++ _EVP_MD_CTRL_XOF_LEN = 0x3, ++ ++ _EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID = 0x1001, ++ ++ _EVP_KDF_HKDF_MODE_EXTRACT_ONLY = 1, ++ _EVP_KDF_HKDF_MODE_EXPAND_ONLY = 2, ++ ++ _EVP_PKEY_CTRL_TLS_MD = 0x1000, ++ _EVP_PKEY_CTRL_TLS_SECRET = 0x1001, ++ _EVP_PKEY_CTRL_TLS_SEED = 0x1002, ++ _EVP_PKEY_CTRL_HKDF_MD = 0x1003, ++ _EVP_PKEY_CTRL_HKDF_SALT = 0x1004, ++ _EVP_PKEY_CTRL_HKDF_KEY = 0x1005, ++ _EVP_PKEY_CTRL_HKDF_INFO = 0x1006, ++ _EVP_PKEY_CTRL_HKDF_MODE = 0x1007, ++ ++ _NID_X9_62_prime256v1 = 415, ++ _NID_secp224r1 = 713, ++ _NID_secp384r1 = 715, ++ _NID_secp521r1 = 716, ++ ++ _NID_ML_KEM_768 = 1455, ++ _NID_ML_KEM_1024 = 1456, ++ _NID_ML_DSA_44 = 1457, ++ _NID_ML_DSA_65 = 1458, ++ _NID_ML_DSA_87 = 1459, ++ ++ _RSA_PKCS1_PADDING = 1, ++ _RSA_NO_PADDING = 3, ++ _RSA_PKCS1_OAEP_PADDING = 4, ++ _RSA_PKCS1_PSS_PADDING = 6, ++ _RSA_PSS_SALTLEN_DIGEST = -1, ++ _RSA_PSS_SALTLEN_AUTO = -2, ++ _RSA_PSS_SALTLEN_MAX_SIGN = -2, ++ _RSA_PSS_SALTLEN_MAX = -3, ++ _EVP_PKEY_CTRL_RSA_PADDING = 0x1001, ++ _EVP_PKEY_CTRL_RSA_PSS_SALTLEN = 0x1002, ++ _EVP_PKEY_CTRL_RSA_KEYGEN_BITS = 0x1003, ++ _EVP_PKEY_CTRL_RSA_MGF1_MD = 0x1005, ++ _EVP_PKEY_CTRL_RSA_OAEP_MD = 0x1009, ++ _EVP_PKEY_CTRL_RSA_OAEP_LABEL = 0x100A, ++ _EVP_PKEY_CTRL_DSA_PARAMGEN_BITS = 0x1001, ++ _EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS = 0x1002, ++ ++ _OSSL_PARAM_INTEGER = 1, ++ _OSSL_PARAM_OCTET_STRING = 5, ++ ++ BIO_CTRL_INFO = 3, ++}; ++ ++typedef void* _OPENSSL_INIT_SETTINGS_PTR; ++typedef void* _OSSL_LIB_CTX_PTR; ++typedef void* _OSSL_PROVIDER_PTR; ++typedef void* _ENGINE_PTR; ++typedef void* _EVP_PKEY_PTR; ++typedef void* _EVP_PKEY_CTX_PTR; ++typedef void* _EVP_MD_PTR; ++typedef void* _EVP_MD_CTX_PTR; ++typedef void* _HMAC_CTX_PTR; ++typedef void* _EVP_CIPHER_PTR; ++typedef void* _EVP_CIPHER_CTX_PTR; ++typedef void* _EC_KEY_PTR; ++typedef void* _EC_POINT_PTR; ++typedef void* _EC_GROUP_PTR; ++typedef void* _RSA_PTR; ++typedef void* _BIGNUM_PTR; ++typedef void* _BN_CTX_PTR; ++typedef void* _EVP_MAC_PTR; ++typedef void* _EVP_MAC_CTX_PTR; ++typedef void* _OSSL_PARAM_BLD_PTR; ++typedef void* _OSSL_PARAM_PTR; ++typedef void* _EVP_SIGNATURE_PTR; ++typedef void* _EVP_KEYMGMT_PTR; ++typedef void* _DSA_PTR; ++typedef void* _EVP_KDF_PTR; ++typedef void* _EVP_KDF_CTX_PTR; ++typedef void* _BIO_METHOD_PTR; ++typedef void* _BIO_PTR; ++typedef int point_conversion_form_t; ++ ++// Tags used by mkcgo to determine which OpenSSL version each function is available in: ++// - no tag: available in all supported versions (OpenSSL 1.1.1+) ++// - legacy_1: Only OpenSSL 1 ++// - 3: OpenSSL 3.0 or later ++// - 33: OpenSSL 3.3 or later ++ ++// The noescape/nocallback attributes are performance optimizations. ++// Only add functions that have been observed to benefit from these ++// directives, not every function that is merely expected to meet ++// the noescape/nocallback criteria. ++ ++// BIO API ++const _BIO_METHOD_PTR BIO_s_mem(void) __attribute__((tag(""),tag("init_3"),noerror)); ++_BIO_PTR BIO_new(const _BIO_METHOD_PTR type) __attribute__((tag(""),tag("init_3"))); ++int BIO_free(_BIO_PTR a) __attribute__((tag(""),tag("init_3"),noerror,noescape,nocallback)); ++long BIO_ctrl(_BIO_PTR bp, int cmd, long larg, void *parg) __attribute__((tag(""),tag("init_3"),noerror,noescape,nocallback)); ++ ++// ERR API ++unsigned long ERR_peek_error(void) __attribute__((noerror)); ++void ERR_print_errors(_BIO_PTR bp) __attribute__((tag(""),tag("init_3"),noescape,nocallback)); ++ ++// OPENSSL API ++const char *OpenSSL_version(int type) __attribute__((noerror)); ++void OPENSSL_init(void); ++int OPENSSL_init_crypto(uint64_t ops, const _OPENSSL_INIT_SETTINGS_PTR settings); ++unsigned long OpenSSL_version_num(void) __attribute__((tag("version"),optional,noerror)); ++unsigned int OPENSSL_version_major(void) __attribute__((tag("version"),optional,noerror)); ++unsigned int OPENSSL_version_minor(void) __attribute__((tag("version"),optional,noerror)); ++unsigned int OPENSSL_version_patch(void) __attribute__((tag("version"),optional,noerror)); ++ ++// CRYPTO API ++void *CRYPTO_malloc(size_t num, const char *file, int line); ++void CRYPTO_free(void *str, const char *file, int line); ++ ++// FIPS API ++int FIPS_mode(void) __attribute__((tag("legacy_1"),tag("init_1"),noerror)); ++int FIPS_mode_set(int r) __attribute__((tag("legacy_1"),tag("init_1"))); ++ ++// EVP Config API ++int EVP_default_properties_is_fips_enabled(_OSSL_LIB_CTX_PTR libctx) __attribute__((tag("3"),tag("init_3"),noerror)); ++int EVP_default_properties_enable_fips(_OSSL_LIB_CTX_PTR libctx, int enable) __attribute__((tag("3"))); ++ ++// OSSL_PROVIDER API ++int OSSL_PROVIDER_available(_OSSL_LIB_CTX_PTR libctx, const char *name) __attribute__((tag("3"),noerror)); ++_OSSL_PROVIDER_PTR OSSL_PROVIDER_try_load(_OSSL_LIB_CTX_PTR libctx, const char *name, int retain_fallbacks) __attribute__((tag("3"))); ++const char *OSSL_PROVIDER_get0_name(const _OSSL_PROVIDER_PTR prov) __attribute__((tag("3"),noerror)); ++ ++// RAND API ++int RAND_bytes(unsigned char *buf, int num) __attribute__((tag("legacy_1"),noescape,nocallback,slice("buf","num"))); ++int RAND_bytes_ex(_OSSL_LIB_CTX_PTR ctx, unsigned char *buf, size_t num, unsigned int strength) __attribute__((tag("3"),noescape,nocallback,slice("buf","num"))); ++ ++// EVP_MD API ++_EVP_MD_PTR EVP_MD_fetch(_OSSL_LIB_CTX_PTR ctx, const char *algorithm, const char *properties) __attribute__((tag("3"),tag("init_3"))); ++void EVP_MD_free(_EVP_MD_PTR md) __attribute__((tag("3"),tag("init_3"))); ++const char *EVP_MD_get0_name(const _EVP_MD_PTR md) __attribute__((tag("3"),noerror)); ++int EVP_MD_get_type(const _EVP_MD_PTR md) __attribute__((tag("3"),noerror)); ++const _OSSL_PROVIDER_PTR EVP_MD_get0_provider(const _EVP_MD_PTR md) __attribute__((tag("3"),tag("init_3"),noerror)); ++int EVP_MD_get_size(const _EVP_MD_PTR md) __attribute__((tag("3"),tag("legacy_1","EVP_MD_size"),noerror)); ++int EVP_MD_get_block_size(const _EVP_MD_PTR md) __attribute__((tag("3"),tag("legacy_1","EVP_MD_block_size"),noerror)); ++const _EVP_MD_PTR EVP_md5_sha1(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_ripemd160(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_md4(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_md5(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_sha1(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_sha224(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_sha256(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_sha384(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_sha512(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_sha512_224(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_sha512_256(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_sha3_224(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_sha3_256(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_sha3_384(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_sha3_512(void) __attribute__((noerror)); ++ ++_EVP_MD_CTX_PTR EVP_MD_CTX_new(void); ++void EVP_MD_CTX_free(_EVP_MD_CTX_PTR ctx); ++int EVP_MD_CTX_ctrl(_EVP_MD_CTX_PTR ctx, int cmd, int p1, void *p2); ++int EVP_MD_CTX_copy_ex(_EVP_MD_CTX_PTR out, const _EVP_MD_CTX_PTR in); ++const _OSSL_PARAM_PTR EVP_MD_CTX_gettable_params(_EVP_MD_CTX_PTR ctx) __attribute__((tag("3"))); ++const _OSSL_PARAM_PTR EVP_MD_CTX_settable_params(_EVP_MD_CTX_PTR ctx) __attribute__((tag("3"))); ++int EVP_MD_CTX_get_params(_EVP_MD_CTX_PTR ctx, _OSSL_PARAM_PTR params) __attribute__((tag("3"),noescape,nocallback)); ++int EVP_MD_CTX_set_params(_EVP_MD_CTX_PTR ctx, const _OSSL_PARAM_PTR params) __attribute__((tag("3"),noescape,nocallback)); ++int EVP_Digest(const void *data, size_t count, unsigned char *md, unsigned int *size, const _EVP_MD_PTR type, _ENGINE_PTR impl) __attribute__((noescape,nocallback,slice("data","count"),slice("md","size"))); ++int EVP_DigestInit_ex(_EVP_MD_CTX_PTR ctx, const _EVP_MD_PTR type, _ENGINE_PTR impl); ++int EVP_DigestInit(_EVP_MD_CTX_PTR ctx, const _EVP_MD_PTR type); ++int EVP_DigestUpdate(_EVP_MD_CTX_PTR ctx, const void *d, size_t cnt) __attribute__((noescape,nocallback,slice("d","cnt"))); ++int EVP_DigestFinal_ex(_EVP_MD_CTX_PTR ctx, unsigned char *md, unsigned int *s) __attribute__((noescape,nocallback,slice("md","s"))); ++int EVP_DigestFinalXOF(_EVP_MD_CTX_PTR ctx, unsigned char *md, size_t mdlen) __attribute__((tag("33"),noescape,nocallback,slice("md","mdlen"))); ++int EVP_DigestSqueeze(_EVP_MD_CTX_PTR ctx, unsigned char *out, size_t outlen) __attribute__((tag("33"),optional,noescape,nocallback,slice("out","outlen"))); ++int EVP_DigestSign(_EVP_MD_CTX_PTR ctx, unsigned char *sigret, size_t *siglen, const unsigned char *tbs, size_t tbslen) __attribute__((noescape,nocallback,slice("sigret","siglen"),slice("tbs","tbslen"))); ++int EVP_DigestSignInit(_EVP_MD_CTX_PTR ctx, _EVP_PKEY_CTX_PTR *pctx, const _EVP_MD_PTR type, _ENGINE_PTR e, _EVP_PKEY_PTR pkey); ++int EVP_DigestSignFinal(_EVP_MD_CTX_PTR ctx, unsigned char *sig, size_t *siglen) __attribute__((slice("sig","siglen"))); ++int EVP_DigestVerifyInit(_EVP_MD_CTX_PTR ctx, _EVP_PKEY_CTX_PTR *pctx, const _EVP_MD_PTR type, _ENGINE_PTR e, _EVP_PKEY_PTR pkey); ++int EVP_DigestVerifyFinal(_EVP_MD_CTX_PTR ctx, const unsigned char *sig, size_t siglen) __attribute__((slice("sig","siglen"))); ++int EVP_DigestVerify(_EVP_MD_CTX_PTR ctx, const unsigned char *sigret, size_t siglen, const unsigned char *tbs, size_t tbslen) __attribute__((slice("sigret","siglen"),slice("tbs","tbslen"))); ++ ++// HMAC API ++int HMAC_Init_ex(_HMAC_CTX_PTR arg0, const void *arg1, int arg2, const _EVP_MD_PTR arg3, _ENGINE_PTR arg4) __attribute__((tag("legacy_1"),noescape,nocallback,slice("arg1","arg2"))); ++int HMAC_Update(_HMAC_CTX_PTR arg0, const unsigned char *arg1, size_t arg2) __attribute__((tag("legacy_1"),noescape,nocallback,slice("arg1","arg2"))); ++int HMAC_Final(_HMAC_CTX_PTR arg0, unsigned char *arg1, unsigned int *arg2) __attribute__((tag("legacy_1"),noescape,nocallback,slice("arg1","arg2"))); ++ ++_HMAC_CTX_PTR HMAC_CTX_new(void) __attribute__((tag("legacy_1"))); ++int HMAC_CTX_copy(_HMAC_CTX_PTR dest, _HMAC_CTX_PTR src) __attribute__((tag("legacy_1"),noescape,nocallback)); ++void HMAC_CTX_free(_HMAC_CTX_PTR arg0) __attribute__((tag("legacy_1"),noescape,nocallback)); ++ ++// EVP_CIPHER API ++_EVP_CIPHER_PTR EVP_CIPHER_fetch(_OSSL_LIB_CTX_PTR ctx, const char *algorithm, const char *properties) __attribute__((tag("3"))); ++const char *EVP_CIPHER_get0_name(const _EVP_CIPHER_PTR cipher) __attribute__((tag("3"),noerror)); ++const _EVP_CIPHER_PTR EVP_aes_128_gcm(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_aes_128_cbc(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_aes_128_ctr(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_aes_128_ecb(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_aes_192_gcm(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_aes_192_cbc(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_aes_192_ctr(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_aes_192_ecb(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_aes_256_cbc(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_aes_256_ctr(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_aes_256_ecb(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_aes_256_gcm(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_des_ecb(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_des_cbc(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_des_ede3_ecb(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_des_ede3_cbc(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_rc4(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_chacha20_poly1305(void) __attribute__((optional,noerror)); ++int EVP_CIPHER_get_block_size(const _EVP_CIPHER_PTR cipher) __attribute__((tag("3"),tag("legacy_1","EVP_CIPHER_block_size"),noerror)); ++ ++_EVP_CIPHER_CTX_PTR EVP_CIPHER_CTX_new(void); ++int EVP_CIPHER_CTX_set_padding(_EVP_CIPHER_CTX_PTR x, int padding); ++int EVP_CIPHER_CTX_set_key_length(_EVP_CIPHER_CTX_PTR x, int keylen); ++void EVP_CIPHER_CTX_free(_EVP_CIPHER_CTX_PTR arg0); ++int EVP_CIPHER_CTX_ctrl(_EVP_CIPHER_CTX_PTR ctx, int type, int arg, void *ptr); ++int EVP_CipherInit_ex(_EVP_CIPHER_CTX_PTR ctx, const _EVP_CIPHER_PTR type, _ENGINE_PTR impl, const unsigned char *key, const unsigned char *iv, int enc); ++int EVP_CipherUpdate(_EVP_CIPHER_CTX_PTR ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) __attribute__((noescape,nocallback,slice("out","outl"),slice("in","inl"))); ++int EVP_EncryptInit_ex(_EVP_CIPHER_CTX_PTR ctx, const _EVP_CIPHER_PTR type, _ENGINE_PTR impl, const unsigned char *key, const unsigned char *iv); ++int EVP_EncryptUpdate(_EVP_CIPHER_CTX_PTR ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) __attribute__((noescape,nocallback,slice("out","outl"),slice("in","inl"))); ++int EVP_EncryptFinal_ex(_EVP_CIPHER_CTX_PTR ctx, unsigned char *out, int *outl) __attribute__((noescape,nocallback,slice("out","outl"))); ++int EVP_DecryptInit_ex(_EVP_CIPHER_CTX_PTR ctx, const _EVP_CIPHER_PTR type, _ENGINE_PTR impl, const unsigned char *key, const unsigned char *iv); ++int EVP_DecryptUpdate(_EVP_CIPHER_CTX_PTR ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) __attribute__((noescape,nocallback,slice("out","outl"),slice("in","inl"))); ++int EVP_DecryptFinal_ex(_EVP_CIPHER_CTX_PTR ctx, unsigned char *outm, int *outl) __attribute__((noescape,nocallback,slice("outm","outl"))); ++ ++// EVP_PKEY API ++_EVP_PKEY_PTR EVP_PKEY_new(void); ++_EVP_PKEY_PTR EVP_PKEY_new_raw_private_key(int type, _ENGINE_PTR e, const unsigned char *key, size_t keylen) __attribute__((slice("key","keylen"))); ++_EVP_PKEY_PTR EVP_PKEY_new_raw_public_key(int type, _ENGINE_PTR e, const unsigned char *key, size_t keylen) __attribute__((slice("key","keylen"))); ++int EVP_PKEY_get_size(const _EVP_PKEY_PTR pkey) __attribute__((tag("3"),tag("legacy_1","EVP_PKEY_size"))); ++int EVP_PKEY_get_bits(const _EVP_PKEY_PTR pkey) __attribute__((tag("3"),tag("legacy_1","EVP_PKEY_bits"))); ++void EVP_PKEY_free(_EVP_PKEY_PTR arg0); ++_RSA_PTR EVP_PKEY_get1_RSA(_EVP_PKEY_PTR pkey) __attribute__((tag("legacy_1"))); ++int EVP_PKEY_assign(_EVP_PKEY_PTR pkey, int type, void *key) __attribute__((tag("legacy_1"))); ++_EC_KEY_PTR EVP_PKEY_get0_EC_KEY(_EVP_PKEY_PTR pkey) __attribute__((tag("legacy_1"))); ++_DSA_PTR EVP_PKEY_get0_DSA(_EVP_PKEY_PTR pkey) __attribute__((tag("legacy_1"))); ++int EVP_PKEY_set1_encoded_public_key(_EVP_PKEY_PTR pkey, const unsigned char *pub, size_t publen) __attribute__((tag("3"),slice("pub","publen"))); ++size_t EVP_PKEY_get1_encoded_public_key(_EVP_PKEY_PTR pkey, unsigned char **ppub) __attribute__((tag("3"))); ++int EVP_PKEY_get_bn_param(const _EVP_PKEY_PTR pkey, const char *key_name, _BIGNUM_PTR *bn) __attribute__((tag("3"),noescape,nocallback)); ++int EVP_PKEY_get_octet_string_param(const _EVP_PKEY_PTR pkey, const char *key_name, unsigned char *buf, size_t buf_len, size_t *out_len) __attribute__((tag("3"),slice("buf","buf_len"))); ++int EVP_PKEY_up_ref(_EVP_PKEY_PTR key); ++int EVP_PKEY_set1_EC_KEY(_EVP_PKEY_PTR pkey, _EC_KEY_PTR key) __attribute__((tag("legacy_1"))); ++int EVP_PKEY_CTX_set0_rsa_oaep_label(_EVP_PKEY_CTX_PTR ctx, void *label, int labellen) __attribute__((tag("3"),slice("label","labellen"))); ++int EVP_PKEY_get_raw_public_key(const _EVP_PKEY_PTR pkey, unsigned char *pub, size_t *publen) __attribute__((noescape,nocallback,slice("pub","publen"))); ++int EVP_PKEY_get_raw_private_key(const _EVP_PKEY_PTR pkey, unsigned char *priv, size_t *privlen) __attribute__((noescape,nocallback,slice("priv","privlen"))); ++int EVP_PKEY_fromdata_init(_EVP_PKEY_CTX_PTR ctx) __attribute__((tag("3"))); ++int EVP_PKEY_fromdata(_EVP_PKEY_CTX_PTR ctx, _EVP_PKEY_PTR *pkey, int selection, _OSSL_PARAM_PTR params) __attribute__((tag("3"))); ++int EVP_PKEY_paramgen_init(_EVP_PKEY_CTX_PTR ctx); ++int EVP_PKEY_paramgen(_EVP_PKEY_CTX_PTR ctx, _EVP_PKEY_PTR *ppkey); ++int EVP_PKEY_keygen_init(_EVP_PKEY_CTX_PTR ctx); ++int EVP_PKEY_keygen(_EVP_PKEY_CTX_PTR ctx, _EVP_PKEY_PTR *ppkey) __attribute__((noescape,nocallback)); ++int EVP_PKEY_decrypt(_EVP_PKEY_CTX_PTR arg0, unsigned char *arg1, size_t *arg2, const unsigned char *arg3, size_t arg4) __attribute__((slice("arg1","arg2"),slice("arg3","arg4"))); ++int EVP_PKEY_encrypt(_EVP_PKEY_CTX_PTR arg0, unsigned char *arg1, size_t *arg2, const unsigned char *arg3, size_t arg4) __attribute__((slice("arg1","arg2"),slice("arg3","arg4"))); ++int EVP_PKEY_decrypt_init(_EVP_PKEY_CTX_PTR arg0); ++int EVP_PKEY_encrypt_init(_EVP_PKEY_CTX_PTR arg0); ++int EVP_PKEY_sign_init(_EVP_PKEY_CTX_PTR arg0); ++int EVP_PKEY_verify_init(_EVP_PKEY_CTX_PTR arg0); ++int EVP_PKEY_sign(_EVP_PKEY_CTX_PTR arg0, unsigned char *arg1, size_t *arg2, const unsigned char *arg3, size_t arg4) __attribute__((slice("arg1","arg2"),slice("arg3","arg4"))); ++int EVP_PKEY_verify(_EVP_PKEY_CTX_PTR ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen) __attribute__((slice("sig","siglen"),slice("tbs","tbslen"))); ++int EVP_PKEY_derive_init(_EVP_PKEY_CTX_PTR ctx); ++int EVP_PKEY_derive_set_peer(_EVP_PKEY_CTX_PTR ctx, _EVP_PKEY_PTR peer); ++int EVP_PKEY_derive(_EVP_PKEY_CTX_PTR ctx, unsigned char *key, size_t *keylen) __attribute__((noescape,nocallback,slice("key","keylen"))); ++int EVP_PKEY_public_check_quick(_EVP_PKEY_CTX_PTR ctx) __attribute__((tag("3"))); ++int EVP_PKEY_private_check(_EVP_PKEY_CTX_PTR ctx) __attribute__((tag("3"))); ++_EVP_PKEY_PTR EVP_PKEY_Q_keygen(_OSSL_LIB_CTX_PTR ctx, const char *propq, const char *type, ...) __attribute__((tag("3"))); ++_EVP_PKEY_PTR EVP_PKEY_Q_keygen_RSA(_OSSL_LIB_CTX_PTR ctx, const char *propq, const char *type, size_t arg1) __attribute__((tag("3"),variadic("EVP_PKEY_Q_keygen"),noescape,nocallback)); ++_EVP_PKEY_PTR EVP_PKEY_Q_keygen_EC(_OSSL_LIB_CTX_PTR ctx, const char *propq, const char *type, const char *arg1) __attribute__((tag("3"),variadic("EVP_PKEY_Q_keygen"),noescape,nocallback)); ++_EVP_PKEY_PTR EVP_PKEY_Q_keygen_ED25519(_OSSL_LIB_CTX_PTR ctx, const char *propq, const char *type) __attribute__((tag("3"),variadic("EVP_PKEY_Q_keygen"),noescape,nocallback)); ++_EVP_PKEY_PTR EVP_PKEY_Q_keygen_X25519(_OSSL_LIB_CTX_PTR ctx, const char *propq, const char *type) __attribute__((tag("3"),variadic("EVP_PKEY_Q_keygen"),noescape,nocallback)); ++_EVP_PKEY_PTR EVP_PKEY_Q_keygen_MLKEM(_OSSL_LIB_CTX_PTR ctx, const char *propq, const char *type) __attribute__((tag("3"),variadic("EVP_PKEY_Q_keygen"),noescape,nocallback)); ++_EVP_PKEY_PTR EVP_PKEY_Q_keygen_MLDSA(_OSSL_LIB_CTX_PTR ctx, const char *propq, const char *type) __attribute__((tag("3"),variadic("EVP_PKEY_Q_keygen"),noescape,nocallback)); ++ ++_EVP_PKEY_CTX_PTR EVP_PKEY_CTX_new(_EVP_PKEY_PTR arg0, _ENGINE_PTR arg1); ++_EVP_PKEY_CTX_PTR EVP_PKEY_CTX_new_id(int id, _ENGINE_PTR e); ++_EVP_PKEY_CTX_PTR EVP_PKEY_CTX_new_from_pkey(_OSSL_LIB_CTX_PTR libctx, _EVP_PKEY_PTR pkey, const char *propquery) __attribute__((tag("3"))); ++void EVP_PKEY_CTX_free(_EVP_PKEY_CTX_PTR arg0); ++int EVP_PKEY_CTX_ctrl(_EVP_PKEY_CTX_PTR ctx, int keytype, int optype, int cmd, int p1, void *p2); ++int EVP_PKEY_CTX_set_params(_EVP_PKEY_CTX_PTR ctx, const _OSSL_PARAM_PTR params) __attribute__((tag("3"),noescape,nocallback)); ++int EVP_PKEY_CTX_set_hkdf_mode(_EVP_PKEY_CTX_PTR arg0, int arg1) __attribute__((tag("3"))); ++int EVP_PKEY_CTX_set_hkdf_md(_EVP_PKEY_CTX_PTR arg0, const _EVP_MD_PTR arg1) __attribute__((tag("3"))); ++int EVP_PKEY_CTX_set1_hkdf_salt(_EVP_PKEY_CTX_PTR arg0, const unsigned char *arg1, int arg2) __attribute__((tag("3"),slice("arg1","arg2"))); ++int EVP_PKEY_CTX_set1_hkdf_key(_EVP_PKEY_CTX_PTR arg0, const unsigned char *arg1, int arg2) __attribute__((tag("3"),slice("arg1","arg2"))); ++int EVP_PKEY_CTX_add1_hkdf_info(_EVP_PKEY_CTX_PTR arg0, const unsigned char *arg1, int arg2) __attribute__((tag("3"),slice("arg1","arg2"))); ++ ++// RSA API ++_RSA_PTR RSA_new(void) __attribute__((tag("legacy_1"))); ++void RSA_free(_RSA_PTR arg0) __attribute__((tag("legacy_1"))); ++void RSA_get0_factors(const _RSA_PTR rsa, const _BIGNUM_PTR *p, const _BIGNUM_PTR *q) __attribute__((tag("legacy_1"),noerror)); ++int RSA_set0_factors(_RSA_PTR rsa, _BIGNUM_PTR p, _BIGNUM_PTR q) __attribute__((tag("legacy_1"))); ++void RSA_get0_crt_params(const _RSA_PTR r, const _BIGNUM_PTR *dmp1, const _BIGNUM_PTR *dmq1, const _BIGNUM_PTR *iqmp) __attribute__((tag("legacy_1"),noerror)); ++int RSA_set0_crt_params(_RSA_PTR rsa, _BIGNUM_PTR dmp1, _BIGNUM_PTR dmp2, _BIGNUM_PTR iqmp) __attribute__((tag("legacy_1"))); ++void RSA_get0_key(const _RSA_PTR rsa, const _BIGNUM_PTR *n, const _BIGNUM_PTR *e, const _BIGNUM_PTR *d) __attribute__((tag("legacy_1"),noerror)); ++int RSA_set0_key(_RSA_PTR r, _BIGNUM_PTR n, _BIGNUM_PTR e, _BIGNUM_PTR d) __attribute__((tag("legacy_1"))); ++ ++// BIGNUM API ++_BIGNUM_PTR BN_new(void); ++void BN_free(_BIGNUM_PTR arg0); ++void BN_clear(_BIGNUM_PTR arg0); ++void BN_clear_free(_BIGNUM_PTR arg0); ++int BN_num_bits(const _BIGNUM_PTR arg0) __attribute__((noerror)); ++_BIGNUM_PTR BN_bin2bn(const unsigned char *arg0, int arg1, _BIGNUM_PTR arg2) __attribute__((slice("arg0","arg1"))); ++_BIGNUM_PTR BN_lebin2bn(const unsigned char *s, int slen, _BIGNUM_PTR ret) __attribute__((slice("s","slen"))); ++int BN_bn2lebinpad(const _BIGNUM_PTR a, unsigned char *to, int tolen) __attribute__((errcond("== -1"),slice("to","tolen"))); ++int BN_bn2binpad(const _BIGNUM_PTR a, unsigned char *to, int tolen) __attribute__((errcond("== -1"),slice("to","tolen"))); ++ ++// EC API ++int EC_KEY_set_public_key_affine_coordinates(_EC_KEY_PTR key, _BIGNUM_PTR x, _BIGNUM_PTR y) __attribute__((tag("legacy_1"))); ++int EC_KEY_set_public_key(_EC_KEY_PTR key, const _EC_POINT_PTR pub) __attribute__((tag("legacy_1"))); ++void EC_KEY_free(_EC_KEY_PTR arg0) __attribute__((tag("legacy_1"))); ++const _EC_GROUP_PTR EC_KEY_get0_group(const _EC_KEY_PTR arg0) __attribute__((tag("legacy_1"),noerror)); ++const _BIGNUM_PTR EC_KEY_get0_private_key(const _EC_KEY_PTR arg0) __attribute__((tag("legacy_1"),noerror)); ++const _EC_POINT_PTR EC_KEY_get0_public_key(const _EC_KEY_PTR arg0) __attribute__((tag("legacy_1"),noerror)); ++_EC_KEY_PTR EC_KEY_new_by_curve_name(int arg0) __attribute__((tag("legacy_1"))); ++int EC_KEY_set_private_key(_EC_KEY_PTR arg0, const _BIGNUM_PTR arg1) __attribute__((tag("legacy_1"))); ++int EC_KEY_check_key(const _EC_KEY_PTR key) __attribute__((tag("legacy_1"))); ++_EC_POINT_PTR EC_POINT_new(const _EC_GROUP_PTR arg0); ++void EC_POINT_free(_EC_POINT_PTR arg0); ++int EC_POINT_mul(const _EC_GROUP_PTR group, _EC_POINT_PTR r, const _BIGNUM_PTR n, const _EC_POINT_PTR q, const _BIGNUM_PTR m, _BN_CTX_PTR ctx); ++int EC_POINT_get_affine_coordinates_GFp(const _EC_GROUP_PTR arg0, const _EC_POINT_PTR arg1, _BIGNUM_PTR arg2, _BIGNUM_PTR arg3, _BN_CTX_PTR arg4) __attribute__((tag("legacy_1"))); ++int EC_POINT_set_affine_coordinates(const _EC_GROUP_PTR arg0, _EC_POINT_PTR arg1, const _BIGNUM_PTR arg2, const _BIGNUM_PTR arg3, _BN_CTX_PTR arg4) __attribute__((tag("3"))); ++size_t EC_POINT_point2oct(const _EC_GROUP_PTR group, const _EC_POINT_PTR p, point_conversion_form_t form, unsigned char *buf, size_t buflen, _BN_CTX_PTR ctx) __attribute__((slice("buf","buflen"))); ++int EC_POINT_oct2point(const _EC_GROUP_PTR group, _EC_POINT_PTR p, const unsigned char *buf, size_t buflen, _BN_CTX_PTR ctx) __attribute__((slice("buf","buflen"))); ++_EC_GROUP_PTR EC_GROUP_new_by_curve_name(int nid); ++void EC_GROUP_free(_EC_GROUP_PTR group); ++ ++// EVP_MAC API ++_EVP_MAC_PTR EVP_MAC_fetch(_OSSL_LIB_CTX_PTR ctx, const char *algorithm, const char *properties) __attribute__((tag("3"))); ++_EVP_MAC_CTX_PTR EVP_MAC_CTX_new(_EVP_MAC_PTR arg0) __attribute__((tag("3"))); ++int EVP_MAC_CTX_set_params(_EVP_MAC_CTX_PTR ctx, const _OSSL_PARAM_PTR params) __attribute__((tag("3"))); ++void EVP_MAC_CTX_free(_EVP_MAC_CTX_PTR arg0) __attribute__((tag("3"),noescape,nocallback)); ++_EVP_MAC_CTX_PTR EVP_MAC_CTX_dup(const _EVP_MAC_CTX_PTR arg0) __attribute__((tag("3"))); ++int EVP_MAC_init(_EVP_MAC_CTX_PTR ctx, const unsigned char *key, size_t keylen, const _OSSL_PARAM_PTR params) __attribute__((tag("3"),noescape,nocallback,slice("key","keylen"))); ++int EVP_MAC_update(_EVP_MAC_CTX_PTR ctx, const unsigned char *data, size_t datalen) __attribute__((tag("3"),noescape,nocallback,slice("data","datalen"))); ++int EVP_MAC_final(_EVP_MAC_CTX_PTR ctx, unsigned char *out, size_t *outl, size_t outsize) __attribute__((tag("3"),noescape,nocallback,slice("out","outsize"))); ++ ++// OSSL_PARAM API ++void OSSL_PARAM_free(_OSSL_PARAM_PTR p) __attribute__((tag("3"))); ++const _OSSL_PARAM_PTR OSSL_PARAM_locate_const(const _OSSL_PARAM_PTR p, const char *key) __attribute__((tag("3"))); ++_OSSL_PARAM_BLD_PTR OSSL_PARAM_BLD_new(void) __attribute__((tag("3"),noerror)); ++void OSSL_PARAM_BLD_free(_OSSL_PARAM_BLD_PTR bld) __attribute__((tag("3"))); ++_OSSL_PARAM_PTR OSSL_PARAM_BLD_to_param(_OSSL_PARAM_BLD_PTR bld) __attribute__((tag("3"))); ++int OSSL_PARAM_BLD_push_utf8_string(_OSSL_PARAM_BLD_PTR bld, const char *key, const char *buf, size_t bsize) __attribute__((tag("3"),slice("buf","bsize"))); ++int OSSL_PARAM_BLD_push_octet_string(_OSSL_PARAM_BLD_PTR bld, const char *key, const void *buf, size_t bsize) __attribute__((tag("3"),slice("buf","bsize"))); ++int OSSL_PARAM_BLD_push_BN(_OSSL_PARAM_BLD_PTR bld, const char *key, const _BIGNUM_PTR bn) __attribute__((tag("3"))); ++int OSSL_PARAM_BLD_push_int32(_OSSL_PARAM_BLD_PTR bld, const char *key, int32_t num) __attribute__((tag("3"))); ++ ++// EVP_SIGNATURE API ++_EVP_SIGNATURE_PTR EVP_SIGNATURE_fetch(_OSSL_LIB_CTX_PTR ctx, const char *algorithm, const char *properties) __attribute__((tag("3"))); ++void EVP_SIGNATURE_free(_EVP_SIGNATURE_PTR signature) __attribute__((tag("3"))); ++ ++// DSA API ++_DSA_PTR DSA_new(void) __attribute__((tag("legacy_1"))); ++void DSA_free(_DSA_PTR r) __attribute__((tag("legacy_1"))); ++int DSA_generate_key(_DSA_PTR a) __attribute__((tag("legacy_1"))); ++void DSA_get0_pqg(const _DSA_PTR d, const _BIGNUM_PTR *p, const _BIGNUM_PTR *q, const _BIGNUM_PTR *g) __attribute__((tag("legacy_1"))); ++int DSA_set0_pqg(_DSA_PTR d, _BIGNUM_PTR p, _BIGNUM_PTR q, _BIGNUM_PTR g) __attribute__((tag("legacy_1"))); ++void DSA_get0_key(const _DSA_PTR d, const _BIGNUM_PTR *pub_key, const _BIGNUM_PTR *priv_key) __attribute__((tag("legacy_1"))); ++int DSA_set0_key(_DSA_PTR d, _BIGNUM_PTR pub_key, _BIGNUM_PTR priv_key) __attribute__((tag("legacy_1"))); ++ ++// EVP_KDF API ++_EVP_KDF_PTR EVP_KDF_fetch(_OSSL_LIB_CTX_PTR libctx, const char *algorithm, const char *properties) __attribute__((tag("3"))); ++void EVP_KDF_free(_EVP_KDF_PTR kdf) __attribute__((tag("3"))); ++_EVP_KDF_CTX_PTR EVP_KDF_CTX_new(_EVP_KDF_PTR kdf) __attribute__((tag("3"))); ++int EVP_KDF_CTX_set_params(_EVP_KDF_CTX_PTR ctx, const _OSSL_PARAM_PTR params) __attribute__((tag("3"))); ++void EVP_KDF_CTX_free(_EVP_KDF_CTX_PTR ctx) __attribute__((tag("3"))); ++size_t EVP_KDF_CTX_get_kdf_size(_EVP_KDF_CTX_PTR ctx) __attribute__((tag("3"))); ++int EVP_KDF_derive(_EVP_KDF_CTX_PTR ctx, unsigned char *key, size_t keylen, const _OSSL_PARAM_PTR params) __attribute__((tag("3"),slice("key","keylen"))); ++int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, const _EVP_MD_PTR digest, int keylen, unsigned char *out) __attribute__((tag("legacy_1"),slice("pass","passlen"),slice("salt","saltlen"),slice("out","keylen"))); ++ ++// OBJ API ++const char *OBJ_nid2sn(int n) __attribute__((noerror)); ++ ++// EVP KEM API for ML-KEM (OpenSSL 3.x) ++_EVP_KEYMGMT_PTR EVP_KEYMGMT_fetch(_OSSL_LIB_CTX_PTR libctx, const char *algorithm, const char *properties) __attribute__((tag("3"),optional)); ++void EVP_KEYMGMT_free(_EVP_KEYMGMT_PTR keymgmt) __attribute__((tag("3"))); ++int EVP_PKEY_encapsulate_init(_EVP_PKEY_CTX_PTR ctx, const _OSSL_PARAM_PTR params) __attribute__((tag("3"))); ++int EVP_PKEY_encapsulate(_EVP_PKEY_CTX_PTR ctx, unsigned char *wrappedkey, size_t *wrappedkeylen, unsigned char *genkey, size_t *genkeylen) __attribute__((tag("3"))); ++int EVP_PKEY_decapsulate_init(_EVP_PKEY_CTX_PTR ctx, const _OSSL_PARAM_PTR params) __attribute__((tag("3"))); ++int EVP_PKEY_decapsulate(_EVP_PKEY_CTX_PTR ctx, unsigned char *genkey, size_t *genkeylen, const unsigned char *wrappedkey, size_t wrappedkeylen) __attribute__((tag("3"))); ++ ++#endif // _GO_OSSL_SHIMS_H +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo.go +new file mode 100644 +index 00000000000000..45c9ce7215a2bd +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo.go +@@ -0,0 +1,87 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build !cgo ++ ++package ossl ++ ++import ( ++ "unsafe" ++) ++ ++//go:linkname runtime_cgocall runtime.cgocall ++ ++//go:noescape ++func runtime_cgocall(fn uintptr, arg unsafe.Pointer) int32 // from runtime/sys_libc.go ++ ++//go:linkname noescape ++//go:nosplit ++func noescape(p unsafe.Pointer) unsafe.Pointer { ++ x := uintptr(p) ++ return unsafe.Pointer(x ^ 0) ++} ++ ++type libcCallInfo struct { ++ fn uintptr ++ n uintptr // number of parameters ++ args uintptr // parameters ++ r1, r2 uintptr // return values ++ errType uintptr ++} ++ ++//go:noescape ++func syscallNAsm(libcArgs *libcCallInfo) ++ ++// syscallNSystemStack performs a syscall on the system stack. ++// It can't allocate Go memory nor grow the stack over the nosplit limit. ++// ++//go:nosplit ++func syscallNSystemStack(libcArgs *libcCallInfo) { ++ if libcArgs.errType != 0 { ++ libcArgs.n-- ++ } ++ syscallNAsm(libcArgs) ++ if libcArgs.errType != 0 { ++ _mkcgo_error_check(libcArgs.errType, libcArgs.r1, libcArgs.args, libcArgs.n) ++ } ++} ++ ++var syscallNSystemStack_trampoline byte ++var syscallNSystemStackABIInternal = uintptr(unsafe.Pointer(&syscallNSystemStack_trampoline)) ++ ++// syscallN performs a syscall with the given function and arguments. ++// ++// All its parameters and return values must be uintptr in order ++// for the Go compiler to automatically set the //go:uintptrkeepalive ++// directive (which we can't set manually here). ++// See https://github.com/golang/go/blob/9a5a1202f4c4d5a7048b149b65c3e5b82a2de9aa/src/cmd/compile/internal/escape/call.go#L275. ++// ++//go:nosplit ++func syscallN(errType uintptr, fn uintptr, args ...uintptr) (r1, r2 uintptr) { ++ libcArgs := libcCallInfo{ ++ fn: fn, ++ n: uintptr(len(args)), ++ errType: errType, ++ } ++ if libcArgs.n != 0 { ++ libcArgs.args = uintptr(noescape(unsafe.Pointer(&args[0]))) ++ } ++ runtime_cgocall(syscallNSystemStackABIInternal, unsafe.Pointer(&libcArgs)) ++ return libcArgs.r1, libcArgs.r2 ++} ++ ++// syscallNRaw performs a syscall with the given function and arguments, ++// without any error checking nor switching to the system stack. ++// ++//go:nosplit ++func syscallNRaw(fn uintptr, args ...uintptr) uintptr { ++ libcArgs := libcCallInfo{ ++ fn: fn, ++ n: uintptr(len(args)), ++ } ++ if libcArgs.n != 0 { ++ libcArgs.args = uintptr(noescape(unsafe.Pointer(&args[0]))) ++ } ++ syscallNAsm(&libcArgs) ++ return libcArgs.r1 ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_darwin.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_darwin.go +new file mode 100644 +index 00000000000000..70dbcb15a9142d +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_darwin.go +@@ -0,0 +1,8 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build !cgo ++ ++package ossl ++ ++//go:cgo_import_dynamic _ _ "/usr/lib/libSystem.B.dylib" +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_freebsd.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_freebsd.go +new file mode 100644 +index 00000000000000..4a8747b4d6b2a9 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_freebsd.go +@@ -0,0 +1,8 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build !cgo ++ ++package ossl ++ ++//go:cgo_import_dynamic _ _ "libc.so.7" +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_linux.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_linux.go +new file mode 100644 +index 00000000000000..236f6361eb0935 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_linux.go +@@ -0,0 +1,8 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build !cgo ++ ++package ossl ++ ++//go:cgo_import_dynamic _ _ "libdl.so.2" +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_unix.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_unix.go +new file mode 100644 +index 00000000000000..24c7b8aaa3e5bd +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_unix.go +@@ -0,0 +1,23 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build !cgo && unix && (go1.27 || !s390x) ++ ++package ossl ++ ++import ( ++ "unsafe" ++ ++ _ "github.com/microsoft/go-crypto-openssl/internal/fakecgo" ++) ++ ++func dlsym(handle unsafe.Pointer, symbol string, optional bool) uintptr { ++ r0 := Dlsym(handle, unsafe.StringData(symbol)) ++ if r0 == nil { ++ if !optional { ++ panic("cannot get required symbol " + symbol) ++ } ++ return 0 ++ } ++ return uintptr(r0) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_windows.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_windows.go +new file mode 100644 +index 00000000000000..38fb4882eb487d +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_windows.go +@@ -0,0 +1,25 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build !cgo && windows ++ ++package ossl ++ ++import ( ++ "syscall" ++ "unsafe" ++) ++ ++var modkernel32 = syscall.NewLazyDLL("kernel32.dll") ++var procGetProcAddress = modkernel32.NewProc("GetProcAddress") ++ ++func dlsym(handle unsafe.Pointer, symbol string, optional bool) uintptr { ++ r0, _, err := syscall.SyscallN(procGetProcAddress.Addr(), uintptr(handle), uintptr(unsafe.Pointer(unsafe.StringData(symbol)))) ++ if err != 0 { ++ if !optional { ++ panic("cannot get required symbol " + symbol + ": " + err.Error()) ++ } ++ return 0 ++ } ++ return r0 ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zdl.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zdl.s +new file mode 100644 +index 00000000000000..51fd1af1cf33fd +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zdl.s +@@ -0,0 +1,58 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++// Code generated by mkcgo. DO NOT EDIT. ++ ++//go:build !cgo && unix ++ ++#include "textflag.h" ++ ++#ifndef GOARCH_amd64 ++#ifndef GOARCH_arm64 ++#ifndef GOARCH_riscv64 ++#ifndef GOARCH_loong64 ++#ifndef GOARCH_mips64 ++#ifndef GOARCH_mips64le ++#ifndef GOARCH_ppc64 ++#ifndef GOARCH_ppc64le ++#ifndef GOARCH_s390x ++#ifndef GOARCH_sparc64 ++#define _GOPTRSIZE 4 ++#endif ++#endif ++#endif ++#endif ++#endif ++#endif ++#endif ++#endif ++#endif ++#endif ++ ++#ifndef _GOPTRSIZE ++#define _GOPTRSIZE 8 ++#endif ++TEXT _mkcgo_dlclose_trampoline<>(SB), NOSPLIT, $0-0 ++ JMP _mkcgo_dlclose(SB) ++ ++GLOBL ·_mkcgo_dlclose_trampoline_addr(SB), RODATA, $_GOPTRSIZE ++DATA ·_mkcgo_dlclose_trampoline_addr(SB)/_GOPTRSIZE, $_mkcgo_dlclose_trampoline<>(SB) ++ ++TEXT _mkcgo_dlerror_trampoline<>(SB), NOSPLIT, $0-0 ++ JMP _mkcgo_dlerror(SB) ++ ++GLOBL ·_mkcgo_dlerror_trampoline_addr(SB), RODATA, $_GOPTRSIZE ++DATA ·_mkcgo_dlerror_trampoline_addr(SB)/_GOPTRSIZE, $_mkcgo_dlerror_trampoline<>(SB) ++ ++TEXT _mkcgo_dlopen_trampoline<>(SB), NOSPLIT, $0-0 ++ JMP _mkcgo_dlopen(SB) ++ ++GLOBL ·_mkcgo_dlopen_trampoline_addr(SB), RODATA, $_GOPTRSIZE ++DATA ·_mkcgo_dlopen_trampoline_addr(SB)/_GOPTRSIZE, $_mkcgo_dlopen_trampoline<>(SB) ++ ++TEXT _mkcgo_dlsym_trampoline<>(SB), NOSPLIT, $0-0 ++ JMP _mkcgo_dlsym(SB) ++ ++GLOBL ·_mkcgo_dlsym_trampoline_addr(SB), RODATA, $_GOPTRSIZE ++DATA ·_mkcgo_dlsym_trampoline_addr(SB)/_GOPTRSIZE, $_mkcgo_dlsym_trampoline<>(SB) ++ +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zdl_nocgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zdl_nocgo.go +new file mode 100644 +index 00000000000000..7d382b9a5c288c +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zdl_nocgo.go +@@ -0,0 +1,61 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++// Code generated by mkcgo. DO NOT EDIT. ++ ++//go:build !cgo && unix ++ ++package ossl ++ ++import ( ++ "runtime" ++ "unsafe" ++) ++ ++var _ = runtime.GOOS ++ ++var _mkcgoAlwaysFalseDl bool ++var _mkcgoEscapeSinkDl unsafe.Pointer ++ ++// mkcgoEscapePtrDl forces p to escape to the heap. ++// This implementation is also used in the standard library: ++// https://github.com/golang/go/blob/f71432d223eeb2139b460957817400750fd13655/src/internal/abi/escape.go#L24-L33 ++func mkcgoEscapePtrDl(p unsafe.Pointer) unsafe.Pointer { ++ if _mkcgoAlwaysFalseDl { ++ _mkcgoEscapeSinkDl = p ++ } ++ return p ++} ++ ++//go:cgo_import_dynamic _mkcgo_dlclose dlclose "" ++//go:cgo_import_dynamic _mkcgo_dlerror dlerror "" ++//go:cgo_import_dynamic _mkcgo_dlopen dlopen "" ++//go:cgo_import_dynamic _mkcgo_dlsym dlsym "" ++ ++var _mkcgo_dlclose_trampoline_addr uintptr ++ ++func Dlclose(handle unsafe.Pointer) int32 { ++ r0, _ := syscallN(0, _mkcgo_dlclose_trampoline_addr, uintptr(handle)) ++ return int32(r0) ++} ++ ++var _mkcgo_dlerror_trampoline_addr uintptr ++ ++func Dlerror() *byte { ++ r0, _ := syscallN(0, _mkcgo_dlerror_trampoline_addr) ++ return (*byte)(unsafe.Pointer(r0)) ++} ++ ++var _mkcgo_dlopen_trampoline_addr uintptr ++ ++func Dlopen(path *byte, flags int32) unsafe.Pointer { ++ r0, _ := syscallN(0, _mkcgo_dlopen_trampoline_addr, uintptr(mkcgoEscapePtrDl(unsafe.Pointer(path))), uintptr(flags)) ++ return unsafe.Pointer(r0) ++} ++ ++var _mkcgo_dlsym_trampoline_addr uintptr ++ ++func Dlsym(handle unsafe.Pointer, symbol *byte) unsafe.Pointer { ++ r0, _ := syscallN(0, _mkcgo_dlsym_trampoline_addr, uintptr(handle), uintptr(mkcgoEscapePtrDl(unsafe.Pointer(symbol)))) ++ return unsafe.Pointer(r0) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.c b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.c +new file mode 100644 +index 00000000000000..8abb6430c2a6e7 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.c +@@ -0,0 +1,2083 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++// Code generated by mkcgo. DO NOT EDIT. ++ ++#include ++#include ++#include ++#include ++#include "zossl.h" ++ ++#ifdef _WIN32 ++#include ++#define dlsym GetProcAddress ++#else ++#include ++#endif ++ ++long (*_g_BIO_ctrl)(_BIO_PTR, int, long, void*); ++int (*_g_BIO_free)(_BIO_PTR); ++_BIO_PTR (*_g_BIO_new)(const _BIO_METHOD_PTR); ++const _BIO_METHOD_PTR (*_g_BIO_s_mem)(void); ++_BIGNUM_PTR (*_g_BN_bin2bn)(const unsigned char*, int, _BIGNUM_PTR); ++int (*_g_BN_bn2binpad)(const _BIGNUM_PTR, unsigned char*, int); ++int (*_g_BN_bn2lebinpad)(const _BIGNUM_PTR, unsigned char*, int); ++void (*_g_BN_clear)(_BIGNUM_PTR); ++void (*_g_BN_clear_free)(_BIGNUM_PTR); ++void (*_g_BN_free)(_BIGNUM_PTR); ++_BIGNUM_PTR (*_g_BN_lebin2bn)(const unsigned char*, int, _BIGNUM_PTR); ++_BIGNUM_PTR (*_g_BN_new)(void); ++int (*_g_BN_num_bits)(const _BIGNUM_PTR); ++void (*_g_CRYPTO_free)(void*, const char*, int); ++void* (*_g_CRYPTO_malloc)(size_t, const char*, int); ++void (*_g_DSA_free)(_DSA_PTR); ++int (*_g_DSA_generate_key)(_DSA_PTR); ++void (*_g_DSA_get0_key)(const _DSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*); ++void (*_g_DSA_get0_pqg)(const _DSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); ++_DSA_PTR (*_g_DSA_new)(void); ++int (*_g_DSA_set0_key)(_DSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR); ++int (*_g_DSA_set0_pqg)(_DSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR); ++void (*_g_EC_GROUP_free)(_EC_GROUP_PTR); ++_EC_GROUP_PTR (*_g_EC_GROUP_new_by_curve_name)(int); ++int (*_g_EC_KEY_check_key)(const _EC_KEY_PTR); ++void (*_g_EC_KEY_free)(_EC_KEY_PTR); ++const _EC_GROUP_PTR (*_g_EC_KEY_get0_group)(const _EC_KEY_PTR); ++const _BIGNUM_PTR (*_g_EC_KEY_get0_private_key)(const _EC_KEY_PTR); ++const _EC_POINT_PTR (*_g_EC_KEY_get0_public_key)(const _EC_KEY_PTR); ++_EC_KEY_PTR (*_g_EC_KEY_new_by_curve_name)(int); ++int (*_g_EC_KEY_set_private_key)(_EC_KEY_PTR, const _BIGNUM_PTR); ++int (*_g_EC_KEY_set_public_key)(_EC_KEY_PTR, const _EC_POINT_PTR); ++int (*_g_EC_KEY_set_public_key_affine_coordinates)(_EC_KEY_PTR, _BIGNUM_PTR, _BIGNUM_PTR); ++void (*_g_EC_POINT_free)(_EC_POINT_PTR); ++int (*_g_EC_POINT_get_affine_coordinates_GFp)(const _EC_GROUP_PTR, const _EC_POINT_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BN_CTX_PTR); ++int (*_g_EC_POINT_mul)(const _EC_GROUP_PTR, _EC_POINT_PTR, const _BIGNUM_PTR, const _EC_POINT_PTR, const _BIGNUM_PTR, _BN_CTX_PTR); ++_EC_POINT_PTR (*_g_EC_POINT_new)(const _EC_GROUP_PTR); ++int (*_g_EC_POINT_oct2point)(const _EC_GROUP_PTR, _EC_POINT_PTR, const unsigned char*, size_t, _BN_CTX_PTR); ++size_t (*_g_EC_POINT_point2oct)(const _EC_GROUP_PTR, const _EC_POINT_PTR, point_conversion_form_t, unsigned char*, size_t, _BN_CTX_PTR); ++int (*_g_EC_POINT_set_affine_coordinates)(const _EC_GROUP_PTR, _EC_POINT_PTR, const _BIGNUM_PTR, const _BIGNUM_PTR, _BN_CTX_PTR); ++unsigned long (*_g_ERR_peek_error)(void); ++void (*_g_ERR_print_errors)(_BIO_PTR); ++int (*_g_EVP_CIPHER_CTX_ctrl)(_EVP_CIPHER_CTX_PTR, int, int, void*); ++void (*_g_EVP_CIPHER_CTX_free)(_EVP_CIPHER_CTX_PTR); ++_EVP_CIPHER_CTX_PTR (*_g_EVP_CIPHER_CTX_new)(void); ++int (*_g_EVP_CIPHER_CTX_set_key_length)(_EVP_CIPHER_CTX_PTR, int); ++int (*_g_EVP_CIPHER_CTX_set_padding)(_EVP_CIPHER_CTX_PTR, int); ++_EVP_CIPHER_PTR (*_g_EVP_CIPHER_fetch)(_OSSL_LIB_CTX_PTR, const char*, const char*); ++const char* (*_g_EVP_CIPHER_get0_name)(const _EVP_CIPHER_PTR); ++int (*_g_EVP_CIPHER_get_block_size)(const _EVP_CIPHER_PTR); ++int (*_g_EVP_CipherInit_ex)(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*, int); ++int (*_g_EVP_CipherUpdate)(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int); ++int (*_g_EVP_DecryptFinal_ex)(_EVP_CIPHER_CTX_PTR, unsigned char*, int*); ++int (*_g_EVP_DecryptInit_ex)(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*); ++int (*_g_EVP_DecryptUpdate)(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int); ++int (*_g_EVP_Digest)(const unsigned char*, size_t, unsigned char*, unsigned int*, const _EVP_MD_PTR, _ENGINE_PTR); ++int (*_g_EVP_DigestFinalXOF)(_EVP_MD_CTX_PTR, unsigned char*, size_t); ++int (*_g_EVP_DigestFinal_ex)(_EVP_MD_CTX_PTR, unsigned char*, unsigned int*); ++int (*_g_EVP_DigestInit)(_EVP_MD_CTX_PTR, const _EVP_MD_PTR); ++int (*_g_EVP_DigestInit_ex)(_EVP_MD_CTX_PTR, const _EVP_MD_PTR, _ENGINE_PTR); ++int (*_g_EVP_DigestSign)(_EVP_MD_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t); ++int (*_g_EVP_DigestSignFinal)(_EVP_MD_CTX_PTR, unsigned char*, size_t*); ++int (*_g_EVP_DigestSignInit)(_EVP_MD_CTX_PTR, _EVP_PKEY_CTX_PTR*, const _EVP_MD_PTR, _ENGINE_PTR, _EVP_PKEY_PTR); ++int (*_g_EVP_DigestSqueeze)(_EVP_MD_CTX_PTR, unsigned char*, size_t); ++int (*_g_EVP_DigestUpdate)(_EVP_MD_CTX_PTR, const unsigned char*, size_t); ++int (*_g_EVP_DigestVerify)(_EVP_MD_CTX_PTR, const unsigned char*, size_t, const unsigned char*, size_t); ++int (*_g_EVP_DigestVerifyFinal)(_EVP_MD_CTX_PTR, const unsigned char*, size_t); ++int (*_g_EVP_DigestVerifyInit)(_EVP_MD_CTX_PTR, _EVP_PKEY_CTX_PTR*, const _EVP_MD_PTR, _ENGINE_PTR, _EVP_PKEY_PTR); ++int (*_g_EVP_EncryptFinal_ex)(_EVP_CIPHER_CTX_PTR, unsigned char*, int*); ++int (*_g_EVP_EncryptInit_ex)(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*); ++int (*_g_EVP_EncryptUpdate)(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int); ++void (*_g_EVP_KDF_CTX_free)(_EVP_KDF_CTX_PTR); ++size_t (*_g_EVP_KDF_CTX_get_kdf_size)(_EVP_KDF_CTX_PTR); ++_EVP_KDF_CTX_PTR (*_g_EVP_KDF_CTX_new)(_EVP_KDF_PTR); ++int (*_g_EVP_KDF_CTX_set_params)(_EVP_KDF_CTX_PTR, const _OSSL_PARAM_PTR); ++int (*_g_EVP_KDF_derive)(_EVP_KDF_CTX_PTR, unsigned char*, size_t, const _OSSL_PARAM_PTR); ++_EVP_KDF_PTR (*_g_EVP_KDF_fetch)(_OSSL_LIB_CTX_PTR, const char*, const char*); ++void (*_g_EVP_KDF_free)(_EVP_KDF_PTR); ++_EVP_KEYMGMT_PTR (*_g_EVP_KEYMGMT_fetch)(_OSSL_LIB_CTX_PTR, const char*, const char*); ++void (*_g_EVP_KEYMGMT_free)(_EVP_KEYMGMT_PTR); ++_EVP_MAC_CTX_PTR (*_g_EVP_MAC_CTX_dup)(const _EVP_MAC_CTX_PTR); ++void (*_g_EVP_MAC_CTX_free)(_EVP_MAC_CTX_PTR); ++_EVP_MAC_CTX_PTR (*_g_EVP_MAC_CTX_new)(_EVP_MAC_PTR); ++int (*_g_EVP_MAC_CTX_set_params)(_EVP_MAC_CTX_PTR, const _OSSL_PARAM_PTR); ++_EVP_MAC_PTR (*_g_EVP_MAC_fetch)(_OSSL_LIB_CTX_PTR, const char*, const char*); ++int (*_g_EVP_MAC_final)(_EVP_MAC_CTX_PTR, unsigned char*, size_t*, size_t); ++int (*_g_EVP_MAC_init)(_EVP_MAC_CTX_PTR, const unsigned char*, size_t, const _OSSL_PARAM_PTR); ++int (*_g_EVP_MAC_update)(_EVP_MAC_CTX_PTR, const unsigned char*, size_t); ++int (*_g_EVP_MD_CTX_copy_ex)(_EVP_MD_CTX_PTR, const _EVP_MD_CTX_PTR); ++int (*_g_EVP_MD_CTX_ctrl)(_EVP_MD_CTX_PTR, int, int, void*); ++void (*_g_EVP_MD_CTX_free)(_EVP_MD_CTX_PTR); ++int (*_g_EVP_MD_CTX_get_params)(_EVP_MD_CTX_PTR, _OSSL_PARAM_PTR); ++const _OSSL_PARAM_PTR (*_g_EVP_MD_CTX_gettable_params)(_EVP_MD_CTX_PTR); ++_EVP_MD_CTX_PTR (*_g_EVP_MD_CTX_new)(void); ++int (*_g_EVP_MD_CTX_set_params)(_EVP_MD_CTX_PTR, const _OSSL_PARAM_PTR); ++const _OSSL_PARAM_PTR (*_g_EVP_MD_CTX_settable_params)(_EVP_MD_CTX_PTR); ++_EVP_MD_PTR (*_g_EVP_MD_fetch)(_OSSL_LIB_CTX_PTR, const char*, const char*); ++void (*_g_EVP_MD_free)(_EVP_MD_PTR); ++const char* (*_g_EVP_MD_get0_name)(const _EVP_MD_PTR); ++const _OSSL_PROVIDER_PTR (*_g_EVP_MD_get0_provider)(const _EVP_MD_PTR); ++int (*_g_EVP_MD_get_block_size)(const _EVP_MD_PTR); ++int (*_g_EVP_MD_get_size)(const _EVP_MD_PTR); ++int (*_g_EVP_MD_get_type)(const _EVP_MD_PTR); ++int (*_g_EVP_PKEY_CTX_add1_hkdf_info)(_EVP_PKEY_CTX_PTR, const unsigned char*, int); ++int (*_g_EVP_PKEY_CTX_ctrl)(_EVP_PKEY_CTX_PTR, int, int, int, int, void*); ++void (*_g_EVP_PKEY_CTX_free)(_EVP_PKEY_CTX_PTR); ++_EVP_PKEY_CTX_PTR (*_g_EVP_PKEY_CTX_new)(_EVP_PKEY_PTR, _ENGINE_PTR); ++_EVP_PKEY_CTX_PTR (*_g_EVP_PKEY_CTX_new_from_pkey)(_OSSL_LIB_CTX_PTR, _EVP_PKEY_PTR, const char*); ++_EVP_PKEY_CTX_PTR (*_g_EVP_PKEY_CTX_new_id)(int, _ENGINE_PTR); ++int (*_g_EVP_PKEY_CTX_set0_rsa_oaep_label)(_EVP_PKEY_CTX_PTR, unsigned char*, int); ++int (*_g_EVP_PKEY_CTX_set1_hkdf_key)(_EVP_PKEY_CTX_PTR, const unsigned char*, int); ++int (*_g_EVP_PKEY_CTX_set1_hkdf_salt)(_EVP_PKEY_CTX_PTR, const unsigned char*, int); ++int (*_g_EVP_PKEY_CTX_set_hkdf_md)(_EVP_PKEY_CTX_PTR, const _EVP_MD_PTR); ++int (*_g_EVP_PKEY_CTX_set_hkdf_mode)(_EVP_PKEY_CTX_PTR, int); ++int (*_g_EVP_PKEY_CTX_set_params)(_EVP_PKEY_CTX_PTR, const _OSSL_PARAM_PTR); ++_EVP_PKEY_PTR (*_g_EVP_PKEY_Q_keygen)(_OSSL_LIB_CTX_PTR, const char*, const char*, ...); ++int (*_g_EVP_PKEY_assign)(_EVP_PKEY_PTR, int, void*); ++int (*_g_EVP_PKEY_decapsulate)(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t); ++int (*_g_EVP_PKEY_decapsulate_init)(_EVP_PKEY_CTX_PTR, const _OSSL_PARAM_PTR); ++int (*_g_EVP_PKEY_decrypt)(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t); ++int (*_g_EVP_PKEY_decrypt_init)(_EVP_PKEY_CTX_PTR); ++int (*_g_EVP_PKEY_derive)(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*); ++int (*_g_EVP_PKEY_derive_init)(_EVP_PKEY_CTX_PTR); ++int (*_g_EVP_PKEY_derive_set_peer)(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR); ++int (*_g_EVP_PKEY_encapsulate)(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, unsigned char*, size_t*); ++int (*_g_EVP_PKEY_encapsulate_init)(_EVP_PKEY_CTX_PTR, const _OSSL_PARAM_PTR); ++int (*_g_EVP_PKEY_encrypt)(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t); ++int (*_g_EVP_PKEY_encrypt_init)(_EVP_PKEY_CTX_PTR); ++void (*_g_EVP_PKEY_free)(_EVP_PKEY_PTR); ++int (*_g_EVP_PKEY_fromdata)(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*, int, _OSSL_PARAM_PTR); ++int (*_g_EVP_PKEY_fromdata_init)(_EVP_PKEY_CTX_PTR); ++_DSA_PTR (*_g_EVP_PKEY_get0_DSA)(_EVP_PKEY_PTR); ++_EC_KEY_PTR (*_g_EVP_PKEY_get0_EC_KEY)(_EVP_PKEY_PTR); ++_RSA_PTR (*_g_EVP_PKEY_get1_RSA)(_EVP_PKEY_PTR); ++size_t (*_g_EVP_PKEY_get1_encoded_public_key)(_EVP_PKEY_PTR, unsigned char**); ++int (*_g_EVP_PKEY_get_bits)(const _EVP_PKEY_PTR); ++int (*_g_EVP_PKEY_get_bn_param)(const _EVP_PKEY_PTR, const char*, _BIGNUM_PTR*); ++int (*_g_EVP_PKEY_get_octet_string_param)(const _EVP_PKEY_PTR, const char*, unsigned char*, size_t, size_t*); ++int (*_g_EVP_PKEY_get_raw_private_key)(const _EVP_PKEY_PTR, unsigned char*, size_t*); ++int (*_g_EVP_PKEY_get_raw_public_key)(const _EVP_PKEY_PTR, unsigned char*, size_t*); ++int (*_g_EVP_PKEY_get_size)(const _EVP_PKEY_PTR); ++int (*_g_EVP_PKEY_keygen)(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*); ++int (*_g_EVP_PKEY_keygen_init)(_EVP_PKEY_CTX_PTR); ++_EVP_PKEY_PTR (*_g_EVP_PKEY_new)(void); ++_EVP_PKEY_PTR (*_g_EVP_PKEY_new_raw_private_key)(int, _ENGINE_PTR, const unsigned char*, size_t); ++_EVP_PKEY_PTR (*_g_EVP_PKEY_new_raw_public_key)(int, _ENGINE_PTR, const unsigned char*, size_t); ++int (*_g_EVP_PKEY_paramgen)(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*); ++int (*_g_EVP_PKEY_paramgen_init)(_EVP_PKEY_CTX_PTR); ++int (*_g_EVP_PKEY_private_check)(_EVP_PKEY_CTX_PTR); ++int (*_g_EVP_PKEY_public_check_quick)(_EVP_PKEY_CTX_PTR); ++int (*_g_EVP_PKEY_set1_EC_KEY)(_EVP_PKEY_PTR, _EC_KEY_PTR); ++int (*_g_EVP_PKEY_set1_encoded_public_key)(_EVP_PKEY_PTR, const unsigned char*, size_t); ++int (*_g_EVP_PKEY_sign)(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t); ++int (*_g_EVP_PKEY_sign_init)(_EVP_PKEY_CTX_PTR); ++int (*_g_EVP_PKEY_up_ref)(_EVP_PKEY_PTR); ++int (*_g_EVP_PKEY_verify)(_EVP_PKEY_CTX_PTR, const unsigned char*, size_t, const unsigned char*, size_t); ++int (*_g_EVP_PKEY_verify_init)(_EVP_PKEY_CTX_PTR); ++_EVP_SIGNATURE_PTR (*_g_EVP_SIGNATURE_fetch)(_OSSL_LIB_CTX_PTR, const char*, const char*); ++void (*_g_EVP_SIGNATURE_free)(_EVP_SIGNATURE_PTR); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_128_cbc)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_128_ctr)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_128_ecb)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_128_gcm)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_192_cbc)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_192_ctr)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_192_ecb)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_192_gcm)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_256_cbc)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_256_ctr)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_256_ecb)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_256_gcm)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_chacha20_poly1305)(void); ++int (*_g_EVP_default_properties_enable_fips)(_OSSL_LIB_CTX_PTR, int); ++int (*_g_EVP_default_properties_is_fips_enabled)(_OSSL_LIB_CTX_PTR); ++const _EVP_CIPHER_PTR (*_g_EVP_des_cbc)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_des_ecb)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_des_ede3_cbc)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_des_ede3_ecb)(void); ++const _EVP_MD_PTR (*_g_EVP_md4)(void); ++const _EVP_MD_PTR (*_g_EVP_md5)(void); ++const _EVP_MD_PTR (*_g_EVP_md5_sha1)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_rc4)(void); ++const _EVP_MD_PTR (*_g_EVP_ripemd160)(void); ++const _EVP_MD_PTR (*_g_EVP_sha1)(void); ++const _EVP_MD_PTR (*_g_EVP_sha224)(void); ++const _EVP_MD_PTR (*_g_EVP_sha256)(void); ++const _EVP_MD_PTR (*_g_EVP_sha384)(void); ++const _EVP_MD_PTR (*_g_EVP_sha3_224)(void); ++const _EVP_MD_PTR (*_g_EVP_sha3_256)(void); ++const _EVP_MD_PTR (*_g_EVP_sha3_384)(void); ++const _EVP_MD_PTR (*_g_EVP_sha3_512)(void); ++const _EVP_MD_PTR (*_g_EVP_sha512)(void); ++const _EVP_MD_PTR (*_g_EVP_sha512_224)(void); ++const _EVP_MD_PTR (*_g_EVP_sha512_256)(void); ++int (*_g_FIPS_mode)(void); ++int (*_g_FIPS_mode_set)(int); ++int (*_g_HMAC_CTX_copy)(_HMAC_CTX_PTR, _HMAC_CTX_PTR); ++void (*_g_HMAC_CTX_free)(_HMAC_CTX_PTR); ++_HMAC_CTX_PTR (*_g_HMAC_CTX_new)(void); ++int (*_g_HMAC_Final)(_HMAC_CTX_PTR, unsigned char*, unsigned int*); ++int (*_g_HMAC_Init_ex)(_HMAC_CTX_PTR, const unsigned char*, int, const _EVP_MD_PTR, _ENGINE_PTR); ++int (*_g_HMAC_Update)(_HMAC_CTX_PTR, const unsigned char*, size_t); ++const char* (*_g_OBJ_nid2sn)(int); ++void (*_g_OPENSSL_init)(void); ++int (*_g_OPENSSL_init_crypto)(uint64_t, const _OPENSSL_INIT_SETTINGS_PTR); ++unsigned int (*_g_OPENSSL_version_major)(void); ++unsigned int (*_g_OPENSSL_version_minor)(void); ++unsigned int (*_g_OPENSSL_version_patch)(void); ++void (*_g_OSSL_PARAM_BLD_free)(_OSSL_PARAM_BLD_PTR); ++_OSSL_PARAM_BLD_PTR (*_g_OSSL_PARAM_BLD_new)(void); ++int (*_g_OSSL_PARAM_BLD_push_BN)(_OSSL_PARAM_BLD_PTR, const char*, const _BIGNUM_PTR); ++int (*_g_OSSL_PARAM_BLD_push_int32)(_OSSL_PARAM_BLD_PTR, const char*, int32_t); ++int (*_g_OSSL_PARAM_BLD_push_octet_string)(_OSSL_PARAM_BLD_PTR, const char*, const unsigned char*, size_t); ++int (*_g_OSSL_PARAM_BLD_push_utf8_string)(_OSSL_PARAM_BLD_PTR, const char*, const char*, size_t); ++_OSSL_PARAM_PTR (*_g_OSSL_PARAM_BLD_to_param)(_OSSL_PARAM_BLD_PTR); ++void (*_g_OSSL_PARAM_free)(_OSSL_PARAM_PTR); ++const _OSSL_PARAM_PTR (*_g_OSSL_PARAM_locate_const)(const _OSSL_PARAM_PTR, const char*); ++int (*_g_OSSL_PROVIDER_available)(_OSSL_LIB_CTX_PTR, const char*); ++const char* (*_g_OSSL_PROVIDER_get0_name)(const _OSSL_PROVIDER_PTR); ++_OSSL_PROVIDER_PTR (*_g_OSSL_PROVIDER_try_load)(_OSSL_LIB_CTX_PTR, const char*, int); ++const char* (*_g_OpenSSL_version)(int); ++unsigned long (*_g_OpenSSL_version_num)(void); ++int (*_g_PKCS5_PBKDF2_HMAC)(const char*, int, const unsigned char*, int, int, const _EVP_MD_PTR, int, unsigned char*); ++int (*_g_RAND_bytes)(unsigned char*, int); ++int (*_g_RAND_bytes_ex)(_OSSL_LIB_CTX_PTR, unsigned char*, size_t, unsigned int); ++void (*_g_RSA_free)(_RSA_PTR); ++void (*_g_RSA_get0_crt_params)(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); ++void (*_g_RSA_get0_factors)(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*); ++void (*_g_RSA_get0_key)(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); ++_RSA_PTR (*_g_RSA_new)(void); ++int (*_g_RSA_set0_crt_params)(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR); ++int (*_g_RSA_set0_factors)(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR); ++int (*_g_RSA_set0_key)(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR); ++ ++#define __mkcgo__dlsym_nocheck(varname, funcname) _g_##varname = (typeof(_g_##varname))dlsym(handle, #funcname); ++ ++#define __mkcgo__dlsym(name) __mkcgo__dlsym2(name, name) ++ ++#define __mkcgo__dlsym2(varname, funcname) \ ++ __mkcgo__dlsym_nocheck(varname, funcname) \ ++ if (_g_##varname == NULL) { \ ++ fprintf(stderr, "Cannot get required symbol " #funcname "\n"); \ ++ abort(); \ ++ } ++ ++void __mkcgo_load_(void* handle) { ++ __mkcgo__dlsym(BIO_ctrl) ++ __mkcgo__dlsym(BIO_free) ++ __mkcgo__dlsym(BIO_new) ++ __mkcgo__dlsym(BIO_s_mem) ++ __mkcgo__dlsym(BN_bin2bn) ++ __mkcgo__dlsym(BN_bn2binpad) ++ __mkcgo__dlsym(BN_bn2lebinpad) ++ __mkcgo__dlsym(BN_clear) ++ __mkcgo__dlsym(BN_clear_free) ++ __mkcgo__dlsym(BN_free) ++ __mkcgo__dlsym(BN_lebin2bn) ++ __mkcgo__dlsym(BN_new) ++ __mkcgo__dlsym(BN_num_bits) ++ __mkcgo__dlsym(CRYPTO_free) ++ __mkcgo__dlsym(CRYPTO_malloc) ++ __mkcgo__dlsym(EC_GROUP_free) ++ __mkcgo__dlsym(EC_GROUP_new_by_curve_name) ++ __mkcgo__dlsym(EC_POINT_free) ++ __mkcgo__dlsym(EC_POINT_mul) ++ __mkcgo__dlsym(EC_POINT_new) ++ __mkcgo__dlsym(EC_POINT_oct2point) ++ __mkcgo__dlsym(EC_POINT_point2oct) ++ __mkcgo__dlsym(ERR_peek_error) ++ __mkcgo__dlsym(ERR_print_errors) ++ __mkcgo__dlsym(EVP_CIPHER_CTX_ctrl) ++ __mkcgo__dlsym(EVP_CIPHER_CTX_free) ++ __mkcgo__dlsym(EVP_CIPHER_CTX_new) ++ __mkcgo__dlsym(EVP_CIPHER_CTX_set_key_length) ++ __mkcgo__dlsym(EVP_CIPHER_CTX_set_padding) ++ __mkcgo__dlsym(EVP_CipherInit_ex) ++ __mkcgo__dlsym(EVP_CipherUpdate) ++ __mkcgo__dlsym(EVP_DecryptFinal_ex) ++ __mkcgo__dlsym(EVP_DecryptInit_ex) ++ __mkcgo__dlsym(EVP_DecryptUpdate) ++ __mkcgo__dlsym(EVP_Digest) ++ __mkcgo__dlsym(EVP_DigestFinal_ex) ++ __mkcgo__dlsym(EVP_DigestInit) ++ __mkcgo__dlsym(EVP_DigestInit_ex) ++ __mkcgo__dlsym(EVP_DigestSign) ++ __mkcgo__dlsym(EVP_DigestSignFinal) ++ __mkcgo__dlsym(EVP_DigestSignInit) ++ __mkcgo__dlsym(EVP_DigestUpdate) ++ __mkcgo__dlsym(EVP_DigestVerify) ++ __mkcgo__dlsym(EVP_DigestVerifyFinal) ++ __mkcgo__dlsym(EVP_DigestVerifyInit) ++ __mkcgo__dlsym(EVP_EncryptFinal_ex) ++ __mkcgo__dlsym(EVP_EncryptInit_ex) ++ __mkcgo__dlsym(EVP_EncryptUpdate) ++ __mkcgo__dlsym(EVP_MD_CTX_copy_ex) ++ __mkcgo__dlsym(EVP_MD_CTX_ctrl) ++ __mkcgo__dlsym(EVP_MD_CTX_free) ++ __mkcgo__dlsym(EVP_MD_CTX_new) ++ __mkcgo__dlsym(EVP_PKEY_CTX_ctrl) ++ __mkcgo__dlsym(EVP_PKEY_CTX_free) ++ __mkcgo__dlsym(EVP_PKEY_CTX_new) ++ __mkcgo__dlsym(EVP_PKEY_CTX_new_id) ++ __mkcgo__dlsym(EVP_PKEY_decrypt) ++ __mkcgo__dlsym(EVP_PKEY_decrypt_init) ++ __mkcgo__dlsym(EVP_PKEY_derive) ++ __mkcgo__dlsym(EVP_PKEY_derive_init) ++ __mkcgo__dlsym(EVP_PKEY_derive_set_peer) ++ __mkcgo__dlsym(EVP_PKEY_encrypt) ++ __mkcgo__dlsym(EVP_PKEY_encrypt_init) ++ __mkcgo__dlsym(EVP_PKEY_free) ++ __mkcgo__dlsym(EVP_PKEY_get_raw_private_key) ++ __mkcgo__dlsym(EVP_PKEY_get_raw_public_key) ++ __mkcgo__dlsym(EVP_PKEY_keygen) ++ __mkcgo__dlsym(EVP_PKEY_keygen_init) ++ __mkcgo__dlsym(EVP_PKEY_new) ++ __mkcgo__dlsym(EVP_PKEY_new_raw_private_key) ++ __mkcgo__dlsym(EVP_PKEY_new_raw_public_key) ++ __mkcgo__dlsym(EVP_PKEY_paramgen) ++ __mkcgo__dlsym(EVP_PKEY_paramgen_init) ++ __mkcgo__dlsym(EVP_PKEY_sign) ++ __mkcgo__dlsym(EVP_PKEY_sign_init) ++ __mkcgo__dlsym(EVP_PKEY_up_ref) ++ __mkcgo__dlsym(EVP_PKEY_verify) ++ __mkcgo__dlsym(EVP_PKEY_verify_init) ++ __mkcgo__dlsym(EVP_aes_128_cbc) ++ __mkcgo__dlsym(EVP_aes_128_ctr) ++ __mkcgo__dlsym(EVP_aes_128_ecb) ++ __mkcgo__dlsym(EVP_aes_128_gcm) ++ __mkcgo__dlsym(EVP_aes_192_cbc) ++ __mkcgo__dlsym(EVP_aes_192_ctr) ++ __mkcgo__dlsym(EVP_aes_192_ecb) ++ __mkcgo__dlsym(EVP_aes_192_gcm) ++ __mkcgo__dlsym(EVP_aes_256_cbc) ++ __mkcgo__dlsym(EVP_aes_256_ctr) ++ __mkcgo__dlsym(EVP_aes_256_ecb) ++ __mkcgo__dlsym(EVP_aes_256_gcm) ++ __mkcgo__dlsym_nocheck(EVP_chacha20_poly1305, EVP_chacha20_poly1305) ++ __mkcgo__dlsym(EVP_des_cbc) ++ __mkcgo__dlsym(EVP_des_ecb) ++ __mkcgo__dlsym(EVP_des_ede3_cbc) ++ __mkcgo__dlsym(EVP_des_ede3_ecb) ++ __mkcgo__dlsym(EVP_md4) ++ __mkcgo__dlsym(EVP_md5) ++ __mkcgo__dlsym(EVP_md5_sha1) ++ __mkcgo__dlsym(EVP_rc4) ++ __mkcgo__dlsym(EVP_ripemd160) ++ __mkcgo__dlsym(EVP_sha1) ++ __mkcgo__dlsym(EVP_sha224) ++ __mkcgo__dlsym(EVP_sha256) ++ __mkcgo__dlsym(EVP_sha384) ++ __mkcgo__dlsym(EVP_sha3_224) ++ __mkcgo__dlsym(EVP_sha3_256) ++ __mkcgo__dlsym(EVP_sha3_384) ++ __mkcgo__dlsym(EVP_sha3_512) ++ __mkcgo__dlsym(EVP_sha512) ++ __mkcgo__dlsym(EVP_sha512_224) ++ __mkcgo__dlsym(EVP_sha512_256) ++ __mkcgo__dlsym(OBJ_nid2sn) ++ __mkcgo__dlsym(OPENSSL_init) ++ __mkcgo__dlsym(OPENSSL_init_crypto) ++ __mkcgo__dlsym(OpenSSL_version) ++} ++ ++void __mkcgo_unload_() { ++ _g_BIO_ctrl = NULL; ++ _g_BIO_free = NULL; ++ _g_BIO_new = NULL; ++ _g_BIO_s_mem = NULL; ++ _g_BN_bin2bn = NULL; ++ _g_BN_bn2binpad = NULL; ++ _g_BN_bn2lebinpad = NULL; ++ _g_BN_clear = NULL; ++ _g_BN_clear_free = NULL; ++ _g_BN_free = NULL; ++ _g_BN_lebin2bn = NULL; ++ _g_BN_new = NULL; ++ _g_BN_num_bits = NULL; ++ _g_CRYPTO_free = NULL; ++ _g_CRYPTO_malloc = NULL; ++ _g_EC_GROUP_free = NULL; ++ _g_EC_GROUP_new_by_curve_name = NULL; ++ _g_EC_POINT_free = NULL; ++ _g_EC_POINT_mul = NULL; ++ _g_EC_POINT_new = NULL; ++ _g_EC_POINT_oct2point = NULL; ++ _g_EC_POINT_point2oct = NULL; ++ _g_ERR_peek_error = NULL; ++ _g_ERR_print_errors = NULL; ++ _g_EVP_CIPHER_CTX_ctrl = NULL; ++ _g_EVP_CIPHER_CTX_free = NULL; ++ _g_EVP_CIPHER_CTX_new = NULL; ++ _g_EVP_CIPHER_CTX_set_key_length = NULL; ++ _g_EVP_CIPHER_CTX_set_padding = NULL; ++ _g_EVP_CipherInit_ex = NULL; ++ _g_EVP_CipherUpdate = NULL; ++ _g_EVP_DecryptFinal_ex = NULL; ++ _g_EVP_DecryptInit_ex = NULL; ++ _g_EVP_DecryptUpdate = NULL; ++ _g_EVP_Digest = NULL; ++ _g_EVP_DigestFinal_ex = NULL; ++ _g_EVP_DigestInit = NULL; ++ _g_EVP_DigestInit_ex = NULL; ++ _g_EVP_DigestSign = NULL; ++ _g_EVP_DigestSignFinal = NULL; ++ _g_EVP_DigestSignInit = NULL; ++ _g_EVP_DigestUpdate = NULL; ++ _g_EVP_DigestVerify = NULL; ++ _g_EVP_DigestVerifyFinal = NULL; ++ _g_EVP_DigestVerifyInit = NULL; ++ _g_EVP_EncryptFinal_ex = NULL; ++ _g_EVP_EncryptInit_ex = NULL; ++ _g_EVP_EncryptUpdate = NULL; ++ _g_EVP_MD_CTX_copy_ex = NULL; ++ _g_EVP_MD_CTX_ctrl = NULL; ++ _g_EVP_MD_CTX_free = NULL; ++ _g_EVP_MD_CTX_new = NULL; ++ _g_EVP_PKEY_CTX_ctrl = NULL; ++ _g_EVP_PKEY_CTX_free = NULL; ++ _g_EVP_PKEY_CTX_new = NULL; ++ _g_EVP_PKEY_CTX_new_id = NULL; ++ _g_EVP_PKEY_decrypt = NULL; ++ _g_EVP_PKEY_decrypt_init = NULL; ++ _g_EVP_PKEY_derive = NULL; ++ _g_EVP_PKEY_derive_init = NULL; ++ _g_EVP_PKEY_derive_set_peer = NULL; ++ _g_EVP_PKEY_encrypt = NULL; ++ _g_EVP_PKEY_encrypt_init = NULL; ++ _g_EVP_PKEY_free = NULL; ++ _g_EVP_PKEY_get_raw_private_key = NULL; ++ _g_EVP_PKEY_get_raw_public_key = NULL; ++ _g_EVP_PKEY_keygen = NULL; ++ _g_EVP_PKEY_keygen_init = NULL; ++ _g_EVP_PKEY_new = NULL; ++ _g_EVP_PKEY_new_raw_private_key = NULL; ++ _g_EVP_PKEY_new_raw_public_key = NULL; ++ _g_EVP_PKEY_paramgen = NULL; ++ _g_EVP_PKEY_paramgen_init = NULL; ++ _g_EVP_PKEY_sign = NULL; ++ _g_EVP_PKEY_sign_init = NULL; ++ _g_EVP_PKEY_up_ref = NULL; ++ _g_EVP_PKEY_verify = NULL; ++ _g_EVP_PKEY_verify_init = NULL; ++ _g_EVP_aes_128_cbc = NULL; ++ _g_EVP_aes_128_ctr = NULL; ++ _g_EVP_aes_128_ecb = NULL; ++ _g_EVP_aes_128_gcm = NULL; ++ _g_EVP_aes_192_cbc = NULL; ++ _g_EVP_aes_192_ctr = NULL; ++ _g_EVP_aes_192_ecb = NULL; ++ _g_EVP_aes_192_gcm = NULL; ++ _g_EVP_aes_256_cbc = NULL; ++ _g_EVP_aes_256_ctr = NULL; ++ _g_EVP_aes_256_ecb = NULL; ++ _g_EVP_aes_256_gcm = NULL; ++ _g_EVP_chacha20_poly1305 = NULL; ++ _g_EVP_des_cbc = NULL; ++ _g_EVP_des_ecb = NULL; ++ _g_EVP_des_ede3_cbc = NULL; ++ _g_EVP_des_ede3_ecb = NULL; ++ _g_EVP_md4 = NULL; ++ _g_EVP_md5 = NULL; ++ _g_EVP_md5_sha1 = NULL; ++ _g_EVP_rc4 = NULL; ++ _g_EVP_ripemd160 = NULL; ++ _g_EVP_sha1 = NULL; ++ _g_EVP_sha224 = NULL; ++ _g_EVP_sha256 = NULL; ++ _g_EVP_sha384 = NULL; ++ _g_EVP_sha3_224 = NULL; ++ _g_EVP_sha3_256 = NULL; ++ _g_EVP_sha3_384 = NULL; ++ _g_EVP_sha3_512 = NULL; ++ _g_EVP_sha512 = NULL; ++ _g_EVP_sha512_224 = NULL; ++ _g_EVP_sha512_256 = NULL; ++ _g_OBJ_nid2sn = NULL; ++ _g_OPENSSL_init = NULL; ++ _g_OPENSSL_init_crypto = NULL; ++ _g_OpenSSL_version = NULL; ++} ++ ++void __mkcgo_load_3(void* handle) { ++ __mkcgo__dlsym(EC_POINT_set_affine_coordinates) ++ __mkcgo__dlsym(EVP_CIPHER_fetch) ++ __mkcgo__dlsym(EVP_CIPHER_get0_name) ++ __mkcgo__dlsym(EVP_CIPHER_get_block_size) ++ __mkcgo__dlsym(EVP_KDF_CTX_free) ++ __mkcgo__dlsym(EVP_KDF_CTX_get_kdf_size) ++ __mkcgo__dlsym(EVP_KDF_CTX_new) ++ __mkcgo__dlsym(EVP_KDF_CTX_set_params) ++ __mkcgo__dlsym(EVP_KDF_derive) ++ __mkcgo__dlsym(EVP_KDF_fetch) ++ __mkcgo__dlsym(EVP_KDF_free) ++ __mkcgo__dlsym_nocheck(EVP_KEYMGMT_fetch, EVP_KEYMGMT_fetch) ++ __mkcgo__dlsym(EVP_KEYMGMT_free) ++ __mkcgo__dlsym(EVP_MAC_CTX_dup) ++ __mkcgo__dlsym(EVP_MAC_CTX_free) ++ __mkcgo__dlsym(EVP_MAC_CTX_new) ++ __mkcgo__dlsym(EVP_MAC_CTX_set_params) ++ __mkcgo__dlsym(EVP_MAC_fetch) ++ __mkcgo__dlsym(EVP_MAC_final) ++ __mkcgo__dlsym(EVP_MAC_init) ++ __mkcgo__dlsym(EVP_MAC_update) ++ __mkcgo__dlsym(EVP_MD_CTX_get_params) ++ __mkcgo__dlsym(EVP_MD_CTX_gettable_params) ++ __mkcgo__dlsym(EVP_MD_CTX_set_params) ++ __mkcgo__dlsym(EVP_MD_CTX_settable_params) ++ __mkcgo__dlsym(EVP_MD_fetch) ++ __mkcgo__dlsym(EVP_MD_free) ++ __mkcgo__dlsym(EVP_MD_get0_name) ++ __mkcgo__dlsym(EVP_MD_get0_provider) ++ __mkcgo__dlsym(EVP_MD_get_block_size) ++ __mkcgo__dlsym(EVP_MD_get_size) ++ __mkcgo__dlsym(EVP_MD_get_type) ++ __mkcgo__dlsym(EVP_PKEY_CTX_add1_hkdf_info) ++ __mkcgo__dlsym(EVP_PKEY_CTX_new_from_pkey) ++ __mkcgo__dlsym(EVP_PKEY_CTX_set0_rsa_oaep_label) ++ __mkcgo__dlsym(EVP_PKEY_CTX_set1_hkdf_key) ++ __mkcgo__dlsym(EVP_PKEY_CTX_set1_hkdf_salt) ++ __mkcgo__dlsym(EVP_PKEY_CTX_set_hkdf_md) ++ __mkcgo__dlsym(EVP_PKEY_CTX_set_hkdf_mode) ++ __mkcgo__dlsym(EVP_PKEY_CTX_set_params) ++ __mkcgo__dlsym(EVP_PKEY_Q_keygen) ++ __mkcgo__dlsym(EVP_PKEY_decapsulate) ++ __mkcgo__dlsym(EVP_PKEY_decapsulate_init) ++ __mkcgo__dlsym(EVP_PKEY_encapsulate) ++ __mkcgo__dlsym(EVP_PKEY_encapsulate_init) ++ __mkcgo__dlsym(EVP_PKEY_fromdata) ++ __mkcgo__dlsym(EVP_PKEY_fromdata_init) ++ __mkcgo__dlsym(EVP_PKEY_get1_encoded_public_key) ++ __mkcgo__dlsym(EVP_PKEY_get_bits) ++ __mkcgo__dlsym(EVP_PKEY_get_bn_param) ++ __mkcgo__dlsym(EVP_PKEY_get_octet_string_param) ++ __mkcgo__dlsym(EVP_PKEY_get_size) ++ __mkcgo__dlsym(EVP_PKEY_private_check) ++ __mkcgo__dlsym(EVP_PKEY_public_check_quick) ++ __mkcgo__dlsym(EVP_PKEY_set1_encoded_public_key) ++ __mkcgo__dlsym(EVP_SIGNATURE_fetch) ++ __mkcgo__dlsym(EVP_SIGNATURE_free) ++ __mkcgo__dlsym(EVP_default_properties_enable_fips) ++ __mkcgo__dlsym(EVP_default_properties_is_fips_enabled) ++ __mkcgo__dlsym(OSSL_PARAM_BLD_free) ++ __mkcgo__dlsym(OSSL_PARAM_BLD_new) ++ __mkcgo__dlsym(OSSL_PARAM_BLD_push_BN) ++ __mkcgo__dlsym(OSSL_PARAM_BLD_push_int32) ++ __mkcgo__dlsym(OSSL_PARAM_BLD_push_octet_string) ++ __mkcgo__dlsym(OSSL_PARAM_BLD_push_utf8_string) ++ __mkcgo__dlsym(OSSL_PARAM_BLD_to_param) ++ __mkcgo__dlsym(OSSL_PARAM_free) ++ __mkcgo__dlsym(OSSL_PARAM_locate_const) ++ __mkcgo__dlsym(OSSL_PROVIDER_available) ++ __mkcgo__dlsym(OSSL_PROVIDER_get0_name) ++ __mkcgo__dlsym(OSSL_PROVIDER_try_load) ++ __mkcgo__dlsym(RAND_bytes_ex) ++} ++ ++void __mkcgo_unload_3() { ++ _g_EC_POINT_set_affine_coordinates = NULL; ++ _g_EVP_CIPHER_fetch = NULL; ++ _g_EVP_CIPHER_get0_name = NULL; ++ _g_EVP_CIPHER_get_block_size = NULL; ++ _g_EVP_KDF_CTX_free = NULL; ++ _g_EVP_KDF_CTX_get_kdf_size = NULL; ++ _g_EVP_KDF_CTX_new = NULL; ++ _g_EVP_KDF_CTX_set_params = NULL; ++ _g_EVP_KDF_derive = NULL; ++ _g_EVP_KDF_fetch = NULL; ++ _g_EVP_KDF_free = NULL; ++ _g_EVP_KEYMGMT_fetch = NULL; ++ _g_EVP_KEYMGMT_free = NULL; ++ _g_EVP_MAC_CTX_dup = NULL; ++ _g_EVP_MAC_CTX_free = NULL; ++ _g_EVP_MAC_CTX_new = NULL; ++ _g_EVP_MAC_CTX_set_params = NULL; ++ _g_EVP_MAC_fetch = NULL; ++ _g_EVP_MAC_final = NULL; ++ _g_EVP_MAC_init = NULL; ++ _g_EVP_MAC_update = NULL; ++ _g_EVP_MD_CTX_get_params = NULL; ++ _g_EVP_MD_CTX_gettable_params = NULL; ++ _g_EVP_MD_CTX_set_params = NULL; ++ _g_EVP_MD_CTX_settable_params = NULL; ++ _g_EVP_MD_fetch = NULL; ++ _g_EVP_MD_free = NULL; ++ _g_EVP_MD_get0_name = NULL; ++ _g_EVP_MD_get0_provider = NULL; ++ _g_EVP_MD_get_block_size = NULL; ++ _g_EVP_MD_get_size = NULL; ++ _g_EVP_MD_get_type = NULL; ++ _g_EVP_PKEY_CTX_add1_hkdf_info = NULL; ++ _g_EVP_PKEY_CTX_new_from_pkey = NULL; ++ _g_EVP_PKEY_CTX_set0_rsa_oaep_label = NULL; ++ _g_EVP_PKEY_CTX_set1_hkdf_key = NULL; ++ _g_EVP_PKEY_CTX_set1_hkdf_salt = NULL; ++ _g_EVP_PKEY_CTX_set_hkdf_md = NULL; ++ _g_EVP_PKEY_CTX_set_hkdf_mode = NULL; ++ _g_EVP_PKEY_CTX_set_params = NULL; ++ _g_EVP_PKEY_Q_keygen = NULL; ++ _g_EVP_PKEY_decapsulate = NULL; ++ _g_EVP_PKEY_decapsulate_init = NULL; ++ _g_EVP_PKEY_encapsulate = NULL; ++ _g_EVP_PKEY_encapsulate_init = NULL; ++ _g_EVP_PKEY_fromdata = NULL; ++ _g_EVP_PKEY_fromdata_init = NULL; ++ _g_EVP_PKEY_get1_encoded_public_key = NULL; ++ _g_EVP_PKEY_get_bits = NULL; ++ _g_EVP_PKEY_get_bn_param = NULL; ++ _g_EVP_PKEY_get_octet_string_param = NULL; ++ _g_EVP_PKEY_get_size = NULL; ++ _g_EVP_PKEY_private_check = NULL; ++ _g_EVP_PKEY_public_check_quick = NULL; ++ _g_EVP_PKEY_set1_encoded_public_key = NULL; ++ _g_EVP_SIGNATURE_fetch = NULL; ++ _g_EVP_SIGNATURE_free = NULL; ++ _g_EVP_default_properties_enable_fips = NULL; ++ _g_EVP_default_properties_is_fips_enabled = NULL; ++ _g_OSSL_PARAM_BLD_free = NULL; ++ _g_OSSL_PARAM_BLD_new = NULL; ++ _g_OSSL_PARAM_BLD_push_BN = NULL; ++ _g_OSSL_PARAM_BLD_push_int32 = NULL; ++ _g_OSSL_PARAM_BLD_push_octet_string = NULL; ++ _g_OSSL_PARAM_BLD_push_utf8_string = NULL; ++ _g_OSSL_PARAM_BLD_to_param = NULL; ++ _g_OSSL_PARAM_free = NULL; ++ _g_OSSL_PARAM_locate_const = NULL; ++ _g_OSSL_PROVIDER_available = NULL; ++ _g_OSSL_PROVIDER_get0_name = NULL; ++ _g_OSSL_PROVIDER_try_load = NULL; ++ _g_RAND_bytes_ex = NULL; ++} ++ ++void __mkcgo_load_33(void* handle) { ++ __mkcgo__dlsym(EVP_DigestFinalXOF) ++ __mkcgo__dlsym_nocheck(EVP_DigestSqueeze, EVP_DigestSqueeze) ++} ++ ++void __mkcgo_unload_33() { ++ _g_EVP_DigestFinalXOF = NULL; ++ _g_EVP_DigestSqueeze = NULL; ++} ++ ++void __mkcgo_load_init_1(void* handle) { ++ __mkcgo__dlsym(FIPS_mode) ++ __mkcgo__dlsym(FIPS_mode_set) ++} ++ ++void __mkcgo_unload_init_1() { ++ _g_FIPS_mode = NULL; ++ _g_FIPS_mode_set = NULL; ++} ++ ++void __mkcgo_load_init_3(void* handle) { ++ __mkcgo__dlsym(BIO_ctrl) ++ __mkcgo__dlsym(BIO_free) ++ __mkcgo__dlsym(BIO_new) ++ __mkcgo__dlsym(BIO_s_mem) ++ __mkcgo__dlsym(ERR_print_errors) ++ __mkcgo__dlsym(EVP_MD_fetch) ++ __mkcgo__dlsym(EVP_MD_free) ++ __mkcgo__dlsym(EVP_MD_get0_provider) ++ __mkcgo__dlsym(EVP_default_properties_is_fips_enabled) ++} ++ ++void __mkcgo_unload_init_3() { ++ _g_BIO_ctrl = NULL; ++ _g_BIO_free = NULL; ++ _g_BIO_new = NULL; ++ _g_BIO_s_mem = NULL; ++ _g_ERR_print_errors = NULL; ++ _g_EVP_MD_fetch = NULL; ++ _g_EVP_MD_free = NULL; ++ _g_EVP_MD_get0_provider = NULL; ++ _g_EVP_default_properties_is_fips_enabled = NULL; ++} ++ ++void __mkcgo_load_legacy_1(void* handle) { ++ __mkcgo__dlsym(DSA_free) ++ __mkcgo__dlsym(DSA_generate_key) ++ __mkcgo__dlsym(DSA_get0_key) ++ __mkcgo__dlsym(DSA_get0_pqg) ++ __mkcgo__dlsym(DSA_new) ++ __mkcgo__dlsym(DSA_set0_key) ++ __mkcgo__dlsym(DSA_set0_pqg) ++ __mkcgo__dlsym(EC_KEY_check_key) ++ __mkcgo__dlsym(EC_KEY_free) ++ __mkcgo__dlsym(EC_KEY_get0_group) ++ __mkcgo__dlsym(EC_KEY_get0_private_key) ++ __mkcgo__dlsym(EC_KEY_get0_public_key) ++ __mkcgo__dlsym(EC_KEY_new_by_curve_name) ++ __mkcgo__dlsym(EC_KEY_set_private_key) ++ __mkcgo__dlsym(EC_KEY_set_public_key) ++ __mkcgo__dlsym(EC_KEY_set_public_key_affine_coordinates) ++ __mkcgo__dlsym(EC_POINT_get_affine_coordinates_GFp) ++ __mkcgo__dlsym2(EVP_CIPHER_get_block_size, EVP_CIPHER_block_size) ++ __mkcgo__dlsym2(EVP_MD_get_block_size, EVP_MD_block_size) ++ __mkcgo__dlsym2(EVP_MD_get_size, EVP_MD_size) ++ __mkcgo__dlsym(EVP_PKEY_assign) ++ __mkcgo__dlsym(EVP_PKEY_get0_DSA) ++ __mkcgo__dlsym(EVP_PKEY_get0_EC_KEY) ++ __mkcgo__dlsym(EVP_PKEY_get1_RSA) ++ __mkcgo__dlsym2(EVP_PKEY_get_bits, EVP_PKEY_bits) ++ __mkcgo__dlsym2(EVP_PKEY_get_size, EVP_PKEY_size) ++ __mkcgo__dlsym(EVP_PKEY_set1_EC_KEY) ++ __mkcgo__dlsym(FIPS_mode) ++ __mkcgo__dlsym(FIPS_mode_set) ++ __mkcgo__dlsym(HMAC_CTX_copy) ++ __mkcgo__dlsym(HMAC_CTX_free) ++ __mkcgo__dlsym(HMAC_CTX_new) ++ __mkcgo__dlsym(HMAC_Final) ++ __mkcgo__dlsym(HMAC_Init_ex) ++ __mkcgo__dlsym(HMAC_Update) ++ __mkcgo__dlsym(PKCS5_PBKDF2_HMAC) ++ __mkcgo__dlsym(RAND_bytes) ++ __mkcgo__dlsym(RSA_free) ++ __mkcgo__dlsym(RSA_get0_crt_params) ++ __mkcgo__dlsym(RSA_get0_factors) ++ __mkcgo__dlsym(RSA_get0_key) ++ __mkcgo__dlsym(RSA_new) ++ __mkcgo__dlsym(RSA_set0_crt_params) ++ __mkcgo__dlsym(RSA_set0_factors) ++ __mkcgo__dlsym(RSA_set0_key) ++} ++ ++void __mkcgo_unload_legacy_1() { ++ _g_DSA_free = NULL; ++ _g_DSA_generate_key = NULL; ++ _g_DSA_get0_key = NULL; ++ _g_DSA_get0_pqg = NULL; ++ _g_DSA_new = NULL; ++ _g_DSA_set0_key = NULL; ++ _g_DSA_set0_pqg = NULL; ++ _g_EC_KEY_check_key = NULL; ++ _g_EC_KEY_free = NULL; ++ _g_EC_KEY_get0_group = NULL; ++ _g_EC_KEY_get0_private_key = NULL; ++ _g_EC_KEY_get0_public_key = NULL; ++ _g_EC_KEY_new_by_curve_name = NULL; ++ _g_EC_KEY_set_private_key = NULL; ++ _g_EC_KEY_set_public_key = NULL; ++ _g_EC_KEY_set_public_key_affine_coordinates = NULL; ++ _g_EC_POINT_get_affine_coordinates_GFp = NULL; ++ _g_EVP_CIPHER_get_block_size = NULL; ++ _g_EVP_MD_get_block_size = NULL; ++ _g_EVP_MD_get_size = NULL; ++ _g_EVP_PKEY_assign = NULL; ++ _g_EVP_PKEY_get0_DSA = NULL; ++ _g_EVP_PKEY_get0_EC_KEY = NULL; ++ _g_EVP_PKEY_get1_RSA = NULL; ++ _g_EVP_PKEY_get_bits = NULL; ++ _g_EVP_PKEY_get_size = NULL; ++ _g_EVP_PKEY_set1_EC_KEY = NULL; ++ _g_FIPS_mode = NULL; ++ _g_FIPS_mode_set = NULL; ++ _g_HMAC_CTX_copy = NULL; ++ _g_HMAC_CTX_free = NULL; ++ _g_HMAC_CTX_new = NULL; ++ _g_HMAC_Final = NULL; ++ _g_HMAC_Init_ex = NULL; ++ _g_HMAC_Update = NULL; ++ _g_PKCS5_PBKDF2_HMAC = NULL; ++ _g_RAND_bytes = NULL; ++ _g_RSA_free = NULL; ++ _g_RSA_get0_crt_params = NULL; ++ _g_RSA_get0_factors = NULL; ++ _g_RSA_get0_key = NULL; ++ _g_RSA_new = NULL; ++ _g_RSA_set0_crt_params = NULL; ++ _g_RSA_set0_factors = NULL; ++ _g_RSA_set0_key = NULL; ++} ++ ++void __mkcgo_load_version(void* handle) { ++ __mkcgo__dlsym_nocheck(OPENSSL_version_major, OPENSSL_version_major) ++ __mkcgo__dlsym_nocheck(OPENSSL_version_minor, OPENSSL_version_minor) ++ __mkcgo__dlsym_nocheck(OPENSSL_version_patch, OPENSSL_version_patch) ++ __mkcgo__dlsym_nocheck(OpenSSL_version_num, OpenSSL_version_num) ++} ++ ++void __mkcgo_unload_version() { ++ _g_OPENSSL_version_major = NULL; ++ _g_OPENSSL_version_minor = NULL; ++ _g_OPENSSL_version_patch = NULL; ++ _g_OpenSSL_version_num = NULL; ++} ++ ++long _mkcgo_BIO_ctrl(_BIO_PTR _arg0, int _arg1, long _arg2, void* _arg3) { ++ return _g_BIO_ctrl(_arg0, _arg1, _arg2, _arg3); ++} ++ ++int _mkcgo_BIO_free(_BIO_PTR _arg0) { ++ return _g_BIO_free(_arg0); ++} ++ ++_BIO_PTR _mkcgo_BIO_new(const _BIO_METHOD_PTR _arg0, uintptr_t *_err_state) { ++ _BIO_PTR _ret = _g_BIO_new(_arg0); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++const _BIO_METHOD_PTR _mkcgo_BIO_s_mem(void) { ++ return _g_BIO_s_mem(); ++} ++ ++_BIGNUM_PTR _mkcgo_BN_bin2bn(const unsigned char* _arg0, int _arg1, _BIGNUM_PTR _arg2, uintptr_t *_err_state) { ++ _BIGNUM_PTR _ret = _g_BN_bin2bn(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_BN_bn2binpad(const _BIGNUM_PTR _arg0, unsigned char* _arg1, int _arg2, uintptr_t *_err_state) { ++ int _ret = _g_BN_bn2binpad(_arg0, _arg1, _arg2); ++ if (_ret == -1) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_BN_bn2lebinpad(const _BIGNUM_PTR _arg0, unsigned char* _arg1, int _arg2, uintptr_t *_err_state) { ++ int _ret = _g_BN_bn2lebinpad(_arg0, _arg1, _arg2); ++ if (_ret == -1) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++void _mkcgo_BN_clear(_BIGNUM_PTR _arg0) { ++ _g_BN_clear(_arg0); ++} ++ ++void _mkcgo_BN_clear_free(_BIGNUM_PTR _arg0) { ++ _g_BN_clear_free(_arg0); ++} ++ ++void _mkcgo_BN_free(_BIGNUM_PTR _arg0) { ++ _g_BN_free(_arg0); ++} ++ ++_BIGNUM_PTR _mkcgo_BN_lebin2bn(const unsigned char* _arg0, int _arg1, _BIGNUM_PTR _arg2, uintptr_t *_err_state) { ++ _BIGNUM_PTR _ret = _g_BN_lebin2bn(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_BIGNUM_PTR _mkcgo_BN_new(uintptr_t *_err_state) { ++ _BIGNUM_PTR _ret = _g_BN_new(); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_BN_num_bits(const _BIGNUM_PTR _arg0) { ++ return _g_BN_num_bits(_arg0); ++} ++ ++void _mkcgo_CRYPTO_free(void* _arg0, const char* _arg1, int _arg2) { ++ _g_CRYPTO_free(_arg0, _arg1, _arg2); ++} ++ ++void* _mkcgo_CRYPTO_malloc(size_t _arg0, const char* _arg1, int _arg2, uintptr_t *_err_state) { ++ void* _ret = _g_CRYPTO_malloc(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++void _mkcgo_DSA_free(_DSA_PTR _arg0) { ++ _g_DSA_free(_arg0); ++} ++ ++int _mkcgo_DSA_generate_key(_DSA_PTR _arg0, uintptr_t *_err_state) { ++ int _ret = _g_DSA_generate_key(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++void _mkcgo_DSA_get0_key(const _DSA_PTR _arg0, const _BIGNUM_PTR* _arg1, const _BIGNUM_PTR* _arg2) { ++ _g_DSA_get0_key(_arg0, _arg1, _arg2); ++} ++ ++void _mkcgo_DSA_get0_pqg(const _DSA_PTR _arg0, const _BIGNUM_PTR* _arg1, const _BIGNUM_PTR* _arg2, const _BIGNUM_PTR* _arg3) { ++ _g_DSA_get0_pqg(_arg0, _arg1, _arg2, _arg3); ++} ++ ++_DSA_PTR _mkcgo_DSA_new(uintptr_t *_err_state) { ++ _DSA_PTR _ret = _g_DSA_new(); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_DSA_set0_key(_DSA_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, uintptr_t *_err_state) { ++ int _ret = _g_DSA_set0_key(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_DSA_set0_pqg(_DSA_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, _BIGNUM_PTR _arg3, uintptr_t *_err_state) { ++ int _ret = _g_DSA_set0_pqg(_arg0, _arg1, _arg2, _arg3); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++void _mkcgo_EC_GROUP_free(_EC_GROUP_PTR _arg0) { ++ _g_EC_GROUP_free(_arg0); ++} ++ ++_EC_GROUP_PTR _mkcgo_EC_GROUP_new_by_curve_name(int _arg0, uintptr_t *_err_state) { ++ _EC_GROUP_PTR _ret = _g_EC_GROUP_new_by_curve_name(_arg0); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EC_KEY_check_key(const _EC_KEY_PTR _arg0, uintptr_t *_err_state) { ++ int _ret = _g_EC_KEY_check_key(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++void _mkcgo_EC_KEY_free(_EC_KEY_PTR _arg0) { ++ _g_EC_KEY_free(_arg0); ++} ++ ++const _EC_GROUP_PTR _mkcgo_EC_KEY_get0_group(const _EC_KEY_PTR _arg0) { ++ return _g_EC_KEY_get0_group(_arg0); ++} ++ ++const _BIGNUM_PTR _mkcgo_EC_KEY_get0_private_key(const _EC_KEY_PTR _arg0) { ++ return _g_EC_KEY_get0_private_key(_arg0); ++} ++ ++const _EC_POINT_PTR _mkcgo_EC_KEY_get0_public_key(const _EC_KEY_PTR _arg0) { ++ return _g_EC_KEY_get0_public_key(_arg0); ++} ++ ++_EC_KEY_PTR _mkcgo_EC_KEY_new_by_curve_name(int _arg0, uintptr_t *_err_state) { ++ _EC_KEY_PTR _ret = _g_EC_KEY_new_by_curve_name(_arg0); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EC_KEY_set_private_key(_EC_KEY_PTR _arg0, const _BIGNUM_PTR _arg1, uintptr_t *_err_state) { ++ int _ret = _g_EC_KEY_set_private_key(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EC_KEY_set_public_key(_EC_KEY_PTR _arg0, const _EC_POINT_PTR _arg1, uintptr_t *_err_state) { ++ int _ret = _g_EC_KEY_set_public_key(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EC_KEY_set_public_key_affine_coordinates(_EC_KEY_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, uintptr_t *_err_state) { ++ int _ret = _g_EC_KEY_set_public_key_affine_coordinates(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++void _mkcgo_EC_POINT_free(_EC_POINT_PTR _arg0) { ++ _g_EC_POINT_free(_arg0); ++} ++ ++int _mkcgo_EC_POINT_get_affine_coordinates_GFp(const _EC_GROUP_PTR _arg0, const _EC_POINT_PTR _arg1, _BIGNUM_PTR _arg2, _BIGNUM_PTR _arg3, _BN_CTX_PTR _arg4, uintptr_t *_err_state) { ++ int _ret = _g_EC_POINT_get_affine_coordinates_GFp(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EC_POINT_mul(const _EC_GROUP_PTR _arg0, _EC_POINT_PTR _arg1, const _BIGNUM_PTR _arg2, const _EC_POINT_PTR _arg3, const _BIGNUM_PTR _arg4, _BN_CTX_PTR _arg5, uintptr_t *_err_state) { ++ int _ret = _g_EC_POINT_mul(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_EC_POINT_PTR _mkcgo_EC_POINT_new(const _EC_GROUP_PTR _arg0, uintptr_t *_err_state) { ++ _EC_POINT_PTR _ret = _g_EC_POINT_new(_arg0); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EC_POINT_oct2point(const _EC_GROUP_PTR _arg0, _EC_POINT_PTR _arg1, const unsigned char* _arg2, size_t _arg3, _BN_CTX_PTR _arg4, uintptr_t *_err_state) { ++ int _ret = _g_EC_POINT_oct2point(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++size_t _mkcgo_EC_POINT_point2oct(const _EC_GROUP_PTR _arg0, const _EC_POINT_PTR _arg1, point_conversion_form_t _arg2, unsigned char* _arg3, size_t _arg4, _BN_CTX_PTR _arg5, uintptr_t *_err_state) { ++ size_t _ret = _g_EC_POINT_point2oct(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EC_POINT_set_affine_coordinates(const _EC_GROUP_PTR _arg0, _EC_POINT_PTR _arg1, const _BIGNUM_PTR _arg2, const _BIGNUM_PTR _arg3, _BN_CTX_PTR _arg4, uintptr_t *_err_state) { ++ int _ret = _g_EC_POINT_set_affine_coordinates(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++unsigned long _mkcgo_ERR_peek_error(void) { ++ return _g_ERR_peek_error(); ++} ++ ++void _mkcgo_ERR_print_errors(_BIO_PTR _arg0) { ++ _g_ERR_print_errors(_arg0); ++} ++ ++int _mkcgo_EVP_CIPHER_CTX_ctrl(_EVP_CIPHER_CTX_PTR _arg0, int _arg1, int _arg2, void* _arg3, uintptr_t *_err_state) { ++ int _ret = _g_EVP_CIPHER_CTX_ctrl(_arg0, _arg1, _arg2, _arg3); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++void _mkcgo_EVP_CIPHER_CTX_free(_EVP_CIPHER_CTX_PTR _arg0) { ++ _g_EVP_CIPHER_CTX_free(_arg0); ++} ++ ++_EVP_CIPHER_CTX_PTR _mkcgo_EVP_CIPHER_CTX_new(uintptr_t *_err_state) { ++ _EVP_CIPHER_CTX_PTR _ret = _g_EVP_CIPHER_CTX_new(); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_CIPHER_CTX_set_key_length(_EVP_CIPHER_CTX_PTR _arg0, int _arg1, uintptr_t *_err_state) { ++ int _ret = _g_EVP_CIPHER_CTX_set_key_length(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_CIPHER_CTX_set_padding(_EVP_CIPHER_CTX_PTR _arg0, int _arg1, uintptr_t *_err_state) { ++ int _ret = _g_EVP_CIPHER_CTX_set_padding(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_EVP_CIPHER_PTR _mkcgo_EVP_CIPHER_fetch(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, uintptr_t *_err_state) { ++ _EVP_CIPHER_PTR _ret = _g_EVP_CIPHER_fetch(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++const char* _mkcgo_EVP_CIPHER_get0_name(const _EVP_CIPHER_PTR _arg0) { ++ return _g_EVP_CIPHER_get0_name(_arg0); ++} ++ ++int _mkcgo_EVP_CIPHER_get_block_size(const _EVP_CIPHER_PTR _arg0) { ++ return _g_EVP_CIPHER_get_block_size(_arg0); ++} ++ ++int _mkcgo_EVP_CipherInit_ex(_EVP_CIPHER_CTX_PTR _arg0, const _EVP_CIPHER_PTR _arg1, _ENGINE_PTR _arg2, const unsigned char* _arg3, const unsigned char* _arg4, int _arg5, uintptr_t *_err_state) { ++ int _ret = _g_EVP_CipherInit_ex(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_CipherUpdate(_EVP_CIPHER_CTX_PTR _arg0, unsigned char* _arg1, int* _arg2, const unsigned char* _arg3, int _arg4, uintptr_t *_err_state) { ++ int _ret = _g_EVP_CipherUpdate(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_DecryptFinal_ex(_EVP_CIPHER_CTX_PTR _arg0, unsigned char* _arg1, int* _arg2, uintptr_t *_err_state) { ++ int _ret = _g_EVP_DecryptFinal_ex(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_DecryptInit_ex(_EVP_CIPHER_CTX_PTR _arg0, const _EVP_CIPHER_PTR _arg1, _ENGINE_PTR _arg2, const unsigned char* _arg3, const unsigned char* _arg4, uintptr_t *_err_state) { ++ int _ret = _g_EVP_DecryptInit_ex(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_DecryptUpdate(_EVP_CIPHER_CTX_PTR _arg0, unsigned char* _arg1, int* _arg2, const unsigned char* _arg3, int _arg4, uintptr_t *_err_state) { ++ int _ret = _g_EVP_DecryptUpdate(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_Digest(const unsigned char* _arg0, size_t _arg1, unsigned char* _arg2, unsigned int* _arg3, const _EVP_MD_PTR _arg4, _ENGINE_PTR _arg5, uintptr_t *_err_state) { ++ int _ret = _g_EVP_Digest(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_DigestFinalXOF(_EVP_MD_CTX_PTR _arg0, unsigned char* _arg1, size_t _arg2, uintptr_t *_err_state) { ++ int _ret = _g_EVP_DigestFinalXOF(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_DigestFinal_ex(_EVP_MD_CTX_PTR _arg0, unsigned char* _arg1, unsigned int* _arg2, uintptr_t *_err_state) { ++ int _ret = _g_EVP_DigestFinal_ex(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_DigestInit(_EVP_MD_CTX_PTR _arg0, const _EVP_MD_PTR _arg1, uintptr_t *_err_state) { ++ int _ret = _g_EVP_DigestInit(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_DigestInit_ex(_EVP_MD_CTX_PTR _arg0, const _EVP_MD_PTR _arg1, _ENGINE_PTR _arg2, uintptr_t *_err_state) { ++ int _ret = _g_EVP_DigestInit_ex(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_DigestSign(_EVP_MD_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, const unsigned char* _arg3, size_t _arg4, uintptr_t *_err_state) { ++ int _ret = _g_EVP_DigestSign(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_DigestSignFinal(_EVP_MD_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, uintptr_t *_err_state) { ++ int _ret = _g_EVP_DigestSignFinal(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_DigestSignInit(_EVP_MD_CTX_PTR _arg0, _EVP_PKEY_CTX_PTR* _arg1, const _EVP_MD_PTR _arg2, _ENGINE_PTR _arg3, _EVP_PKEY_PTR _arg4, uintptr_t *_err_state) { ++ int _ret = _g_EVP_DigestSignInit(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_available_EVP_DigestSqueeze() { ++ return _g_EVP_DigestSqueeze != NULL; ++} ++ ++int _mkcgo_EVP_DigestSqueeze(_EVP_MD_CTX_PTR _arg0, unsigned char* _arg1, size_t _arg2, uintptr_t *_err_state) { ++ int _ret = _g_EVP_DigestSqueeze(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_DigestUpdate(_EVP_MD_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, uintptr_t *_err_state) { ++ int _ret = _g_EVP_DigestUpdate(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_DigestVerify(_EVP_MD_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, const unsigned char* _arg3, size_t _arg4, uintptr_t *_err_state) { ++ int _ret = _g_EVP_DigestVerify(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_DigestVerifyFinal(_EVP_MD_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, uintptr_t *_err_state) { ++ int _ret = _g_EVP_DigestVerifyFinal(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_DigestVerifyInit(_EVP_MD_CTX_PTR _arg0, _EVP_PKEY_CTX_PTR* _arg1, const _EVP_MD_PTR _arg2, _ENGINE_PTR _arg3, _EVP_PKEY_PTR _arg4, uintptr_t *_err_state) { ++ int _ret = _g_EVP_DigestVerifyInit(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_EncryptFinal_ex(_EVP_CIPHER_CTX_PTR _arg0, unsigned char* _arg1, int* _arg2, uintptr_t *_err_state) { ++ int _ret = _g_EVP_EncryptFinal_ex(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_EncryptInit_ex(_EVP_CIPHER_CTX_PTR _arg0, const _EVP_CIPHER_PTR _arg1, _ENGINE_PTR _arg2, const unsigned char* _arg3, const unsigned char* _arg4, uintptr_t *_err_state) { ++ int _ret = _g_EVP_EncryptInit_ex(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_EncryptUpdate(_EVP_CIPHER_CTX_PTR _arg0, unsigned char* _arg1, int* _arg2, const unsigned char* _arg3, int _arg4, uintptr_t *_err_state) { ++ int _ret = _g_EVP_EncryptUpdate(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++void _mkcgo_EVP_KDF_CTX_free(_EVP_KDF_CTX_PTR _arg0) { ++ _g_EVP_KDF_CTX_free(_arg0); ++} ++ ++size_t _mkcgo_EVP_KDF_CTX_get_kdf_size(_EVP_KDF_CTX_PTR _arg0, uintptr_t *_err_state) { ++ size_t _ret = _g_EVP_KDF_CTX_get_kdf_size(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_EVP_KDF_CTX_PTR _mkcgo_EVP_KDF_CTX_new(_EVP_KDF_PTR _arg0, uintptr_t *_err_state) { ++ _EVP_KDF_CTX_PTR _ret = _g_EVP_KDF_CTX_new(_arg0); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_KDF_CTX_set_params(_EVP_KDF_CTX_PTR _arg0, const _OSSL_PARAM_PTR _arg1, uintptr_t *_err_state) { ++ int _ret = _g_EVP_KDF_CTX_set_params(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_KDF_derive(_EVP_KDF_CTX_PTR _arg0, unsigned char* _arg1, size_t _arg2, const _OSSL_PARAM_PTR _arg3, uintptr_t *_err_state) { ++ int _ret = _g_EVP_KDF_derive(_arg0, _arg1, _arg2, _arg3); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_EVP_KDF_PTR _mkcgo_EVP_KDF_fetch(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, uintptr_t *_err_state) { ++ _EVP_KDF_PTR _ret = _g_EVP_KDF_fetch(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++void _mkcgo_EVP_KDF_free(_EVP_KDF_PTR _arg0) { ++ _g_EVP_KDF_free(_arg0); ++} ++ ++int _mkcgo_available_EVP_KEYMGMT_fetch() { ++ return _g_EVP_KEYMGMT_fetch != NULL; ++} ++ ++_EVP_KEYMGMT_PTR _mkcgo_EVP_KEYMGMT_fetch(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, uintptr_t *_err_state) { ++ _EVP_KEYMGMT_PTR _ret = _g_EVP_KEYMGMT_fetch(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++void _mkcgo_EVP_KEYMGMT_free(_EVP_KEYMGMT_PTR _arg0) { ++ _g_EVP_KEYMGMT_free(_arg0); ++} ++ ++_EVP_MAC_CTX_PTR _mkcgo_EVP_MAC_CTX_dup(const _EVP_MAC_CTX_PTR _arg0, uintptr_t *_err_state) { ++ _EVP_MAC_CTX_PTR _ret = _g_EVP_MAC_CTX_dup(_arg0); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++void _mkcgo_EVP_MAC_CTX_free(_EVP_MAC_CTX_PTR _arg0) { ++ _g_EVP_MAC_CTX_free(_arg0); ++} ++ ++_EVP_MAC_CTX_PTR _mkcgo_EVP_MAC_CTX_new(_EVP_MAC_PTR _arg0, uintptr_t *_err_state) { ++ _EVP_MAC_CTX_PTR _ret = _g_EVP_MAC_CTX_new(_arg0); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_MAC_CTX_set_params(_EVP_MAC_CTX_PTR _arg0, const _OSSL_PARAM_PTR _arg1, uintptr_t *_err_state) { ++ int _ret = _g_EVP_MAC_CTX_set_params(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_EVP_MAC_PTR _mkcgo_EVP_MAC_fetch(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, uintptr_t *_err_state) { ++ _EVP_MAC_PTR _ret = _g_EVP_MAC_fetch(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_MAC_final(_EVP_MAC_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, size_t _arg3, uintptr_t *_err_state) { ++ int _ret = _g_EVP_MAC_final(_arg0, _arg1, _arg2, _arg3); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_MAC_init(_EVP_MAC_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, const _OSSL_PARAM_PTR _arg3, uintptr_t *_err_state) { ++ int _ret = _g_EVP_MAC_init(_arg0, _arg1, _arg2, _arg3); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_MAC_update(_EVP_MAC_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, uintptr_t *_err_state) { ++ int _ret = _g_EVP_MAC_update(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_MD_CTX_copy_ex(_EVP_MD_CTX_PTR _arg0, const _EVP_MD_CTX_PTR _arg1, uintptr_t *_err_state) { ++ int _ret = _g_EVP_MD_CTX_copy_ex(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_MD_CTX_ctrl(_EVP_MD_CTX_PTR _arg0, int _arg1, int _arg2, void* _arg3, uintptr_t *_err_state) { ++ int _ret = _g_EVP_MD_CTX_ctrl(_arg0, _arg1, _arg2, _arg3); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++void _mkcgo_EVP_MD_CTX_free(_EVP_MD_CTX_PTR _arg0) { ++ _g_EVP_MD_CTX_free(_arg0); ++} ++ ++int _mkcgo_EVP_MD_CTX_get_params(_EVP_MD_CTX_PTR _arg0, _OSSL_PARAM_PTR _arg1, uintptr_t *_err_state) { ++ int _ret = _g_EVP_MD_CTX_get_params(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++const _OSSL_PARAM_PTR _mkcgo_EVP_MD_CTX_gettable_params(_EVP_MD_CTX_PTR _arg0, uintptr_t *_err_state) { ++ const _OSSL_PARAM_PTR _ret = _g_EVP_MD_CTX_gettable_params(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_EVP_MD_CTX_PTR _mkcgo_EVP_MD_CTX_new(uintptr_t *_err_state) { ++ _EVP_MD_CTX_PTR _ret = _g_EVP_MD_CTX_new(); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_MD_CTX_set_params(_EVP_MD_CTX_PTR _arg0, const _OSSL_PARAM_PTR _arg1, uintptr_t *_err_state) { ++ int _ret = _g_EVP_MD_CTX_set_params(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++const _OSSL_PARAM_PTR _mkcgo_EVP_MD_CTX_settable_params(_EVP_MD_CTX_PTR _arg0, uintptr_t *_err_state) { ++ const _OSSL_PARAM_PTR _ret = _g_EVP_MD_CTX_settable_params(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_EVP_MD_PTR _mkcgo_EVP_MD_fetch(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, uintptr_t *_err_state) { ++ _EVP_MD_PTR _ret = _g_EVP_MD_fetch(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++void _mkcgo_EVP_MD_free(_EVP_MD_PTR _arg0) { ++ _g_EVP_MD_free(_arg0); ++} ++ ++const char* _mkcgo_EVP_MD_get0_name(const _EVP_MD_PTR _arg0) { ++ return _g_EVP_MD_get0_name(_arg0); ++} ++ ++const _OSSL_PROVIDER_PTR _mkcgo_EVP_MD_get0_provider(const _EVP_MD_PTR _arg0) { ++ return _g_EVP_MD_get0_provider(_arg0); ++} ++ ++int _mkcgo_EVP_MD_get_block_size(const _EVP_MD_PTR _arg0) { ++ return _g_EVP_MD_get_block_size(_arg0); ++} ++ ++int _mkcgo_EVP_MD_get_size(const _EVP_MD_PTR _arg0) { ++ return _g_EVP_MD_get_size(_arg0); ++} ++ ++int _mkcgo_EVP_MD_get_type(const _EVP_MD_PTR _arg0) { ++ return _g_EVP_MD_get_type(_arg0); ++} ++ ++int _mkcgo_EVP_PKEY_CTX_add1_hkdf_info(_EVP_PKEY_CTX_PTR _arg0, const unsigned char* _arg1, int _arg2, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_CTX_add1_hkdf_info(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_CTX_ctrl(_EVP_PKEY_CTX_PTR _arg0, int _arg1, int _arg2, int _arg3, int _arg4, void* _arg5, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_CTX_ctrl(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++void _mkcgo_EVP_PKEY_CTX_free(_EVP_PKEY_CTX_PTR _arg0) { ++ _g_EVP_PKEY_CTX_free(_arg0); ++} ++ ++_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new(_EVP_PKEY_PTR _arg0, _ENGINE_PTR _arg1, uintptr_t *_err_state) { ++ _EVP_PKEY_CTX_PTR _ret = _g_EVP_PKEY_CTX_new(_arg0, _arg1); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new_from_pkey(_OSSL_LIB_CTX_PTR _arg0, _EVP_PKEY_PTR _arg1, const char* _arg2, uintptr_t *_err_state) { ++ _EVP_PKEY_CTX_PTR _ret = _g_EVP_PKEY_CTX_new_from_pkey(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new_id(int _arg0, _ENGINE_PTR _arg1, uintptr_t *_err_state) { ++ _EVP_PKEY_CTX_PTR _ret = _g_EVP_PKEY_CTX_new_id(_arg0, _arg1); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_CTX_set0_rsa_oaep_label(_EVP_PKEY_CTX_PTR _arg0, unsigned char* _arg1, int _arg2, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_CTX_set0_rsa_oaep_label(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_CTX_set1_hkdf_key(_EVP_PKEY_CTX_PTR _arg0, const unsigned char* _arg1, int _arg2, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_CTX_set1_hkdf_key(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_CTX_set1_hkdf_salt(_EVP_PKEY_CTX_PTR _arg0, const unsigned char* _arg1, int _arg2, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_CTX_set1_hkdf_salt(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_CTX_set_hkdf_md(_EVP_PKEY_CTX_PTR _arg0, const _EVP_MD_PTR _arg1, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_CTX_set_hkdf_md(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_CTX_set_hkdf_mode(_EVP_PKEY_CTX_PTR _arg0, int _arg1, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_CTX_set_hkdf_mode(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_CTX_set_params(_EVP_PKEY_CTX_PTR _arg0, const _OSSL_PARAM_PTR _arg1, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_CTX_set_params(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_EC(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, const char* _arg3, uintptr_t *_err_state) { ++ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_Q_keygen(_arg0, _arg1, _arg2, _arg3); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_ED25519(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, uintptr_t *_err_state) { ++ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_Q_keygen(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_MLDSA(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, uintptr_t *_err_state) { ++ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_Q_keygen(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_MLKEM(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, uintptr_t *_err_state) { ++ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_Q_keygen(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_RSA(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, size_t _arg3, uintptr_t *_err_state) { ++ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_Q_keygen(_arg0, _arg1, _arg2, _arg3); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_X25519(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, uintptr_t *_err_state) { ++ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_Q_keygen(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_assign(_EVP_PKEY_PTR _arg0, int _arg1, void* _arg2, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_assign(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_decapsulate(_EVP_PKEY_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, const unsigned char* _arg3, size_t _arg4, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_decapsulate(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_decapsulate_init(_EVP_PKEY_CTX_PTR _arg0, const _OSSL_PARAM_PTR _arg1, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_decapsulate_init(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_decrypt(_EVP_PKEY_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, const unsigned char* _arg3, size_t _arg4, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_decrypt(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_decrypt_init(_EVP_PKEY_CTX_PTR _arg0, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_decrypt_init(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_derive(_EVP_PKEY_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_derive(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_derive_init(_EVP_PKEY_CTX_PTR _arg0, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_derive_init(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_derive_set_peer(_EVP_PKEY_CTX_PTR _arg0, _EVP_PKEY_PTR _arg1, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_derive_set_peer(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_encapsulate(_EVP_PKEY_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, unsigned char* _arg3, size_t* _arg4, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_encapsulate(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_encapsulate_init(_EVP_PKEY_CTX_PTR _arg0, const _OSSL_PARAM_PTR _arg1, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_encapsulate_init(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_encrypt(_EVP_PKEY_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, const unsigned char* _arg3, size_t _arg4, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_encrypt(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_encrypt_init(_EVP_PKEY_CTX_PTR _arg0, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_encrypt_init(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++void _mkcgo_EVP_PKEY_free(_EVP_PKEY_PTR _arg0) { ++ _g_EVP_PKEY_free(_arg0); ++} ++ ++int _mkcgo_EVP_PKEY_fromdata(_EVP_PKEY_CTX_PTR _arg0, _EVP_PKEY_PTR* _arg1, int _arg2, _OSSL_PARAM_PTR _arg3, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_fromdata(_arg0, _arg1, _arg2, _arg3); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_fromdata_init(_EVP_PKEY_CTX_PTR _arg0, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_fromdata_init(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_DSA_PTR _mkcgo_EVP_PKEY_get0_DSA(_EVP_PKEY_PTR _arg0, uintptr_t *_err_state) { ++ _DSA_PTR _ret = _g_EVP_PKEY_get0_DSA(_arg0); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_EC_KEY_PTR _mkcgo_EVP_PKEY_get0_EC_KEY(_EVP_PKEY_PTR _arg0, uintptr_t *_err_state) { ++ _EC_KEY_PTR _ret = _g_EVP_PKEY_get0_EC_KEY(_arg0); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_RSA_PTR _mkcgo_EVP_PKEY_get1_RSA(_EVP_PKEY_PTR _arg0, uintptr_t *_err_state) { ++ _RSA_PTR _ret = _g_EVP_PKEY_get1_RSA(_arg0); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++size_t _mkcgo_EVP_PKEY_get1_encoded_public_key(_EVP_PKEY_PTR _arg0, unsigned char** _arg1, uintptr_t *_err_state) { ++ size_t _ret = _g_EVP_PKEY_get1_encoded_public_key(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_get_bits(const _EVP_PKEY_PTR _arg0, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_get_bits(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_get_bn_param(const _EVP_PKEY_PTR _arg0, const char* _arg1, _BIGNUM_PTR* _arg2, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_get_bn_param(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_get_octet_string_param(const _EVP_PKEY_PTR _arg0, const char* _arg1, unsigned char* _arg2, size_t _arg3, size_t* _arg4, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_get_octet_string_param(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_get_raw_private_key(const _EVP_PKEY_PTR _arg0, unsigned char* _arg1, size_t* _arg2, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_get_raw_private_key(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_get_raw_public_key(const _EVP_PKEY_PTR _arg0, unsigned char* _arg1, size_t* _arg2, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_get_raw_public_key(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_get_size(const _EVP_PKEY_PTR _arg0, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_get_size(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_keygen(_EVP_PKEY_CTX_PTR _arg0, _EVP_PKEY_PTR* _arg1, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_keygen(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_keygen_init(_EVP_PKEY_CTX_PTR _arg0, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_keygen_init(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new(uintptr_t *_err_state) { ++ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_new(); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new_raw_private_key(int _arg0, _ENGINE_PTR _arg1, const unsigned char* _arg2, size_t _arg3, uintptr_t *_err_state) { ++ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_new_raw_private_key(_arg0, _arg1, _arg2, _arg3); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new_raw_public_key(int _arg0, _ENGINE_PTR _arg1, const unsigned char* _arg2, size_t _arg3, uintptr_t *_err_state) { ++ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_new_raw_public_key(_arg0, _arg1, _arg2, _arg3); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_paramgen(_EVP_PKEY_CTX_PTR _arg0, _EVP_PKEY_PTR* _arg1, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_paramgen(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_paramgen_init(_EVP_PKEY_CTX_PTR _arg0, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_paramgen_init(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_private_check(_EVP_PKEY_CTX_PTR _arg0, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_private_check(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_public_check_quick(_EVP_PKEY_CTX_PTR _arg0, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_public_check_quick(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_set1_EC_KEY(_EVP_PKEY_PTR _arg0, _EC_KEY_PTR _arg1, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_set1_EC_KEY(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_set1_encoded_public_key(_EVP_PKEY_PTR _arg0, const unsigned char* _arg1, size_t _arg2, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_set1_encoded_public_key(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_sign(_EVP_PKEY_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, const unsigned char* _arg3, size_t _arg4, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_sign(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_sign_init(_EVP_PKEY_CTX_PTR _arg0, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_sign_init(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_up_ref(_EVP_PKEY_PTR _arg0, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_up_ref(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_verify(_EVP_PKEY_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, const unsigned char* _arg3, size_t _arg4, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_verify(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_PKEY_verify_init(_EVP_PKEY_CTX_PTR _arg0, uintptr_t *_err_state) { ++ int _ret = _g_EVP_PKEY_verify_init(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_EVP_SIGNATURE_PTR _mkcgo_EVP_SIGNATURE_fetch(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, uintptr_t *_err_state) { ++ _EVP_SIGNATURE_PTR _ret = _g_EVP_SIGNATURE_fetch(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++void _mkcgo_EVP_SIGNATURE_free(_EVP_SIGNATURE_PTR _arg0) { ++ _g_EVP_SIGNATURE_free(_arg0); ++} ++ ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_cbc(void) { ++ return _g_EVP_aes_128_cbc(); ++} ++ ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_ctr(void) { ++ return _g_EVP_aes_128_ctr(); ++} ++ ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_ecb(void) { ++ return _g_EVP_aes_128_ecb(); ++} ++ ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_gcm(void) { ++ return _g_EVP_aes_128_gcm(); ++} ++ ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_cbc(void) { ++ return _g_EVP_aes_192_cbc(); ++} ++ ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_ctr(void) { ++ return _g_EVP_aes_192_ctr(); ++} ++ ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_ecb(void) { ++ return _g_EVP_aes_192_ecb(); ++} ++ ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_gcm(void) { ++ return _g_EVP_aes_192_gcm(); ++} ++ ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_cbc(void) { ++ return _g_EVP_aes_256_cbc(); ++} ++ ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_ctr(void) { ++ return _g_EVP_aes_256_ctr(); ++} ++ ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_ecb(void) { ++ return _g_EVP_aes_256_ecb(); ++} ++ ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_gcm(void) { ++ return _g_EVP_aes_256_gcm(); ++} ++ ++int _mkcgo_available_EVP_chacha20_poly1305() { ++ return _g_EVP_chacha20_poly1305 != NULL; ++} ++ ++const _EVP_CIPHER_PTR _mkcgo_EVP_chacha20_poly1305(void) { ++ return _g_EVP_chacha20_poly1305(); ++} ++ ++int _mkcgo_EVP_default_properties_enable_fips(_OSSL_LIB_CTX_PTR _arg0, int _arg1, uintptr_t *_err_state) { ++ int _ret = _g_EVP_default_properties_enable_fips(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_EVP_default_properties_is_fips_enabled(_OSSL_LIB_CTX_PTR _arg0) { ++ return _g_EVP_default_properties_is_fips_enabled(_arg0); ++} ++ ++const _EVP_CIPHER_PTR _mkcgo_EVP_des_cbc(void) { ++ return _g_EVP_des_cbc(); ++} ++ ++const _EVP_CIPHER_PTR _mkcgo_EVP_des_ecb(void) { ++ return _g_EVP_des_ecb(); ++} ++ ++const _EVP_CIPHER_PTR _mkcgo_EVP_des_ede3_cbc(void) { ++ return _g_EVP_des_ede3_cbc(); ++} ++ ++const _EVP_CIPHER_PTR _mkcgo_EVP_des_ede3_ecb(void) { ++ return _g_EVP_des_ede3_ecb(); ++} ++ ++const _EVP_MD_PTR _mkcgo_EVP_md4(void) { ++ return _g_EVP_md4(); ++} ++ ++const _EVP_MD_PTR _mkcgo_EVP_md5(void) { ++ return _g_EVP_md5(); ++} ++ ++const _EVP_MD_PTR _mkcgo_EVP_md5_sha1(void) { ++ return _g_EVP_md5_sha1(); ++} ++ ++const _EVP_CIPHER_PTR _mkcgo_EVP_rc4(void) { ++ return _g_EVP_rc4(); ++} ++ ++const _EVP_MD_PTR _mkcgo_EVP_ripemd160(void) { ++ return _g_EVP_ripemd160(); ++} ++ ++const _EVP_MD_PTR _mkcgo_EVP_sha1(void) { ++ return _g_EVP_sha1(); ++} ++ ++const _EVP_MD_PTR _mkcgo_EVP_sha224(void) { ++ return _g_EVP_sha224(); ++} ++ ++const _EVP_MD_PTR _mkcgo_EVP_sha256(void) { ++ return _g_EVP_sha256(); ++} ++ ++const _EVP_MD_PTR _mkcgo_EVP_sha384(void) { ++ return _g_EVP_sha384(); ++} ++ ++const _EVP_MD_PTR _mkcgo_EVP_sha3_224(void) { ++ return _g_EVP_sha3_224(); ++} ++ ++const _EVP_MD_PTR _mkcgo_EVP_sha3_256(void) { ++ return _g_EVP_sha3_256(); ++} ++ ++const _EVP_MD_PTR _mkcgo_EVP_sha3_384(void) { ++ return _g_EVP_sha3_384(); ++} ++ ++const _EVP_MD_PTR _mkcgo_EVP_sha3_512(void) { ++ return _g_EVP_sha3_512(); ++} ++ ++const _EVP_MD_PTR _mkcgo_EVP_sha512(void) { ++ return _g_EVP_sha512(); ++} ++ ++const _EVP_MD_PTR _mkcgo_EVP_sha512_224(void) { ++ return _g_EVP_sha512_224(); ++} ++ ++const _EVP_MD_PTR _mkcgo_EVP_sha512_256(void) { ++ return _g_EVP_sha512_256(); ++} ++ ++int _mkcgo_FIPS_mode(void) { ++ return _g_FIPS_mode(); ++} ++ ++int _mkcgo_FIPS_mode_set(int _arg0, uintptr_t *_err_state) { ++ int _ret = _g_FIPS_mode_set(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_HMAC_CTX_copy(_HMAC_CTX_PTR _arg0, _HMAC_CTX_PTR _arg1, uintptr_t *_err_state) { ++ int _ret = _g_HMAC_CTX_copy(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++void _mkcgo_HMAC_CTX_free(_HMAC_CTX_PTR _arg0) { ++ _g_HMAC_CTX_free(_arg0); ++} ++ ++_HMAC_CTX_PTR _mkcgo_HMAC_CTX_new(uintptr_t *_err_state) { ++ _HMAC_CTX_PTR _ret = _g_HMAC_CTX_new(); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_HMAC_Final(_HMAC_CTX_PTR _arg0, unsigned char* _arg1, unsigned int* _arg2, uintptr_t *_err_state) { ++ int _ret = _g_HMAC_Final(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_HMAC_Init_ex(_HMAC_CTX_PTR _arg0, const unsigned char* _arg1, int _arg2, const _EVP_MD_PTR _arg3, _ENGINE_PTR _arg4, uintptr_t *_err_state) { ++ int _ret = _g_HMAC_Init_ex(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_HMAC_Update(_HMAC_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, uintptr_t *_err_state) { ++ int _ret = _g_HMAC_Update(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++const char* _mkcgo_OBJ_nid2sn(int _arg0) { ++ return _g_OBJ_nid2sn(_arg0); ++} ++ ++void _mkcgo_OPENSSL_init(void) { ++ _g_OPENSSL_init(); ++} ++ ++int _mkcgo_OPENSSL_init_crypto(uint64_t _arg0, const _OPENSSL_INIT_SETTINGS_PTR _arg1, uintptr_t *_err_state) { ++ int _ret = _g_OPENSSL_init_crypto(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_available_OPENSSL_version_major() { ++ return _g_OPENSSL_version_major != NULL; ++} ++ ++unsigned int _mkcgo_OPENSSL_version_major(void) { ++ return _g_OPENSSL_version_major(); ++} ++ ++int _mkcgo_available_OPENSSL_version_minor() { ++ return _g_OPENSSL_version_minor != NULL; ++} ++ ++unsigned int _mkcgo_OPENSSL_version_minor(void) { ++ return _g_OPENSSL_version_minor(); ++} ++ ++int _mkcgo_available_OPENSSL_version_patch() { ++ return _g_OPENSSL_version_patch != NULL; ++} ++ ++unsigned int _mkcgo_OPENSSL_version_patch(void) { ++ return _g_OPENSSL_version_patch(); ++} ++ ++void _mkcgo_OSSL_PARAM_BLD_free(_OSSL_PARAM_BLD_PTR _arg0) { ++ _g_OSSL_PARAM_BLD_free(_arg0); ++} ++ ++_OSSL_PARAM_BLD_PTR _mkcgo_OSSL_PARAM_BLD_new(void) { ++ return _g_OSSL_PARAM_BLD_new(); ++} ++ ++int _mkcgo_OSSL_PARAM_BLD_push_BN(_OSSL_PARAM_BLD_PTR _arg0, const char* _arg1, const _BIGNUM_PTR _arg2, uintptr_t *_err_state) { ++ int _ret = _g_OSSL_PARAM_BLD_push_BN(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_OSSL_PARAM_BLD_push_int32(_OSSL_PARAM_BLD_PTR _arg0, const char* _arg1, int32_t _arg2, uintptr_t *_err_state) { ++ int _ret = _g_OSSL_PARAM_BLD_push_int32(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_OSSL_PARAM_BLD_push_octet_string(_OSSL_PARAM_BLD_PTR _arg0, const char* _arg1, const unsigned char* _arg2, size_t _arg3, uintptr_t *_err_state) { ++ int _ret = _g_OSSL_PARAM_BLD_push_octet_string(_arg0, _arg1, _arg2, _arg3); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_OSSL_PARAM_BLD_push_utf8_string(_OSSL_PARAM_BLD_PTR _arg0, const char* _arg1, const char* _arg2, size_t _arg3, uintptr_t *_err_state) { ++ int _ret = _g_OSSL_PARAM_BLD_push_utf8_string(_arg0, _arg1, _arg2, _arg3); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++_OSSL_PARAM_PTR _mkcgo_OSSL_PARAM_BLD_to_param(_OSSL_PARAM_BLD_PTR _arg0, uintptr_t *_err_state) { ++ _OSSL_PARAM_PTR _ret = _g_OSSL_PARAM_BLD_to_param(_arg0); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++void _mkcgo_OSSL_PARAM_free(_OSSL_PARAM_PTR _arg0) { ++ _g_OSSL_PARAM_free(_arg0); ++} ++ ++const _OSSL_PARAM_PTR _mkcgo_OSSL_PARAM_locate_const(const _OSSL_PARAM_PTR _arg0, const char* _arg1, uintptr_t *_err_state) { ++ const _OSSL_PARAM_PTR _ret = _g_OSSL_PARAM_locate_const(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_OSSL_PROVIDER_available(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1) { ++ return _g_OSSL_PROVIDER_available(_arg0, _arg1); ++} ++ ++const char* _mkcgo_OSSL_PROVIDER_get0_name(const _OSSL_PROVIDER_PTR _arg0) { ++ return _g_OSSL_PROVIDER_get0_name(_arg0); ++} ++ ++_OSSL_PROVIDER_PTR _mkcgo_OSSL_PROVIDER_try_load(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, int _arg2, uintptr_t *_err_state) { ++ _OSSL_PROVIDER_PTR _ret = _g_OSSL_PROVIDER_try_load(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++const char* _mkcgo_OpenSSL_version(int _arg0) { ++ return _g_OpenSSL_version(_arg0); ++} ++ ++int _mkcgo_available_OpenSSL_version_num() { ++ return _g_OpenSSL_version_num != NULL; ++} ++ ++unsigned long _mkcgo_OpenSSL_version_num(void) { ++ return _g_OpenSSL_version_num(); ++} ++ ++int _mkcgo_PKCS5_PBKDF2_HMAC(const char* _arg0, int _arg1, const unsigned char* _arg2, int _arg3, int _arg4, const _EVP_MD_PTR _arg5, int _arg6, unsigned char* _arg7, uintptr_t *_err_state) { ++ int _ret = _g_PKCS5_PBKDF2_HMAC(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5, _arg6, _arg7); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_RAND_bytes(unsigned char* _arg0, int _arg1, uintptr_t *_err_state) { ++ int _ret = _g_RAND_bytes(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_RAND_bytes_ex(_OSSL_LIB_CTX_PTR _arg0, unsigned char* _arg1, size_t _arg2, unsigned int _arg3, uintptr_t *_err_state) { ++ int _ret = _g_RAND_bytes_ex(_arg0, _arg1, _arg2, _arg3); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++void _mkcgo_RSA_free(_RSA_PTR _arg0) { ++ _g_RSA_free(_arg0); ++} ++ ++void _mkcgo_RSA_get0_crt_params(const _RSA_PTR _arg0, const _BIGNUM_PTR* _arg1, const _BIGNUM_PTR* _arg2, const _BIGNUM_PTR* _arg3) { ++ _g_RSA_get0_crt_params(_arg0, _arg1, _arg2, _arg3); ++} ++ ++void _mkcgo_RSA_get0_factors(const _RSA_PTR _arg0, const _BIGNUM_PTR* _arg1, const _BIGNUM_PTR* _arg2) { ++ _g_RSA_get0_factors(_arg0, _arg1, _arg2); ++} ++ ++void _mkcgo_RSA_get0_key(const _RSA_PTR _arg0, const _BIGNUM_PTR* _arg1, const _BIGNUM_PTR* _arg2, const _BIGNUM_PTR* _arg3) { ++ _g_RSA_get0_key(_arg0, _arg1, _arg2, _arg3); ++} ++ ++_RSA_PTR _mkcgo_RSA_new(uintptr_t *_err_state) { ++ _RSA_PTR _ret = _g_RSA_new(); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_RSA_set0_crt_params(_RSA_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, _BIGNUM_PTR _arg3, uintptr_t *_err_state) { ++ int _ret = _g_RSA_set0_crt_params(_arg0, _arg1, _arg2, _arg3); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_RSA_set0_factors(_RSA_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, uintptr_t *_err_state) { ++ int _ret = _g_RSA_set0_factors(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ ++int _mkcgo_RSA_set0_key(_RSA_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, _BIGNUM_PTR _arg3, uintptr_t *_err_state) { ++ int _ret = _g_RSA_set0_key(_arg0, _arg1, _arg2, _arg3); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} ++ +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.go +new file mode 100644 +index 00000000000000..a73b6a785f0265 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.go +@@ -0,0 +1,76 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++// Code generated by mkcgo. DO NOT EDIT. ++ ++package ossl ++ ++const ( ++ POINT_CONVERSION_UNCOMPRESSED = 4 ++ OPENSSL_INIT_LOAD_CRYPTO_STRINGS = 0x00000002 ++ OPENSSL_INIT_ADD_ALL_CIPHERS = 0x00000004 ++ OPENSSL_INIT_ADD_ALL_DIGESTS = 0x00000008 ++ OPENSSL_INIT_LOAD_CONFIG = 0x00000040 ++ EVP_CTRL_GCM_GET_TAG = 0x10 ++ EVP_CTRL_GCM_SET_TAG = 0x11 ++ EVP_CTRL_AEAD_SET_IVLEN = 0x9 ++ EVP_CTRL_AEAD_GET_TAG = 0x10 ++ EVP_CTRL_AEAD_SET_TAG = 0x11 ++ EVP_PKEY_CTRL_MD = 1 ++ EVP_PKEY_RSA = 6 ++ EVP_PKEY_EC = 408 ++ EVP_PKEY_TLS1_PRF = 1021 ++ EVP_PKEY_X25519 = 1034 ++ EVP_PKEY_HKDF = 1036 ++ EVP_PKEY_ED25519 = 1087 ++ EVP_PKEY_DSA = 116 ++ EVP_PKEY_MLKEM_768 = 1455 ++ EVP_PKEY_MLKEM_1024 = 1456 ++ EVP_PKEY_ML_DSA_44 = 1457 ++ EVP_PKEY_ML_DSA_65 = 1458 ++ EVP_PKEY_ML_DSA_87 = 1459 ++ EVP_PKEY_OP_DERIVE = (1 << 10) ++ EVP_MAX_MD_SIZE = 64 ++ EVP_PKEY_PUBLIC_KEY = 0x86 ++ EVP_PKEY_KEYPAIR = 0x87 ++ EVP_MD_CTRL_XOF_LEN = 0x3 ++ EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID = 0x1001 ++ EVP_KDF_HKDF_MODE_EXTRACT_ONLY = 1 ++ EVP_KDF_HKDF_MODE_EXPAND_ONLY = 2 ++ EVP_PKEY_CTRL_TLS_MD = 0x1000 ++ EVP_PKEY_CTRL_TLS_SECRET = 0x1001 ++ EVP_PKEY_CTRL_TLS_SEED = 0x1002 ++ EVP_PKEY_CTRL_HKDF_MD = 0x1003 ++ EVP_PKEY_CTRL_HKDF_SALT = 0x1004 ++ EVP_PKEY_CTRL_HKDF_KEY = 0x1005 ++ EVP_PKEY_CTRL_HKDF_INFO = 0x1006 ++ EVP_PKEY_CTRL_HKDF_MODE = 0x1007 ++ NID_X9_62_prime256v1 = 415 ++ NID_secp224r1 = 713 ++ NID_secp384r1 = 715 ++ NID_secp521r1 = 716 ++ NID_ML_KEM_768 = 1455 ++ NID_ML_KEM_1024 = 1456 ++ NID_ML_DSA_44 = 1457 ++ NID_ML_DSA_65 = 1458 ++ NID_ML_DSA_87 = 1459 ++ RSA_PKCS1_PADDING = 1 ++ RSA_NO_PADDING = 3 ++ RSA_PKCS1_OAEP_PADDING = 4 ++ RSA_PKCS1_PSS_PADDING = 6 ++ RSA_PSS_SALTLEN_DIGEST = -1 ++ RSA_PSS_SALTLEN_AUTO = -2 ++ RSA_PSS_SALTLEN_MAX_SIGN = -2 ++ RSA_PSS_SALTLEN_MAX = -3 ++ EVP_PKEY_CTRL_RSA_PADDING = 0x1001 ++ EVP_PKEY_CTRL_RSA_PSS_SALTLEN = 0x1002 ++ EVP_PKEY_CTRL_RSA_KEYGEN_BITS = 0x1003 ++ EVP_PKEY_CTRL_RSA_MGF1_MD = 0x1005 ++ EVP_PKEY_CTRL_RSA_OAEP_MD = 0x1009 ++ EVP_PKEY_CTRL_RSA_OAEP_LABEL = 0x100A ++ EVP_PKEY_CTRL_DSA_PARAMGEN_BITS = 0x1001 ++ EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS = 0x1002 ++ OSSL_PARAM_INTEGER = 1 ++ OSSL_PARAM_OCTET_STRING = 5 ++ BIO_CTRL_INFO = 3 ++) +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.h b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.h +new file mode 100644 +index 00000000000000..152e26e99367e9 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.h +@@ -0,0 +1,375 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++// Code generated by mkcgo. DO NOT EDIT. ++ ++#ifndef MKCGO_H // only include this header once ++#define MKCGO_H ++ ++#include ++#include ++ ++typedef void* _OPENSSL_INIT_SETTINGS_PTR; ++typedef void* _OSSL_LIB_CTX_PTR; ++typedef void* _OSSL_PROVIDER_PTR; ++typedef void* _ENGINE_PTR; ++typedef void* _EVP_PKEY_PTR; ++typedef void* _EVP_PKEY_CTX_PTR; ++typedef void* _EVP_MD_PTR; ++typedef void* _EVP_MD_CTX_PTR; ++typedef void* _HMAC_CTX_PTR; ++typedef void* _EVP_CIPHER_PTR; ++typedef void* _EVP_CIPHER_CTX_PTR; ++typedef void* _EC_KEY_PTR; ++typedef void* _EC_POINT_PTR; ++typedef void* _EC_GROUP_PTR; ++typedef void* _RSA_PTR; ++typedef void* _BIGNUM_PTR; ++typedef void* _BN_CTX_PTR; ++typedef void* _EVP_MAC_PTR; ++typedef void* _EVP_MAC_CTX_PTR; ++typedef void* _OSSL_PARAM_BLD_PTR; ++typedef void* _OSSL_PARAM_PTR; ++typedef void* _EVP_SIGNATURE_PTR; ++typedef void* _EVP_KEYMGMT_PTR; ++typedef void* _DSA_PTR; ++typedef void* _EVP_KDF_PTR; ++typedef void* _EVP_KDF_CTX_PTR; ++typedef void* _BIO_METHOD_PTR; ++typedef void* _BIO_PTR; ++typedef int point_conversion_form_t; ++ ++enum { ++ _POINT_CONVERSION_UNCOMPRESSED = 4, ++ _OPENSSL_INIT_LOAD_CRYPTO_STRINGS = 0x00000002, ++ _OPENSSL_INIT_ADD_ALL_CIPHERS = 0x00000004, ++ _OPENSSL_INIT_ADD_ALL_DIGESTS = 0x00000008, ++ _OPENSSL_INIT_LOAD_CONFIG = 0x00000040, ++ _EVP_CTRL_GCM_GET_TAG = 0x10, ++ _EVP_CTRL_GCM_SET_TAG = 0x11, ++ _EVP_CTRL_AEAD_SET_IVLEN = 0x9, ++ _EVP_CTRL_AEAD_GET_TAG = 0x10, ++ _EVP_CTRL_AEAD_SET_TAG = 0x11, ++ _EVP_PKEY_CTRL_MD = 1, ++ _EVP_PKEY_RSA = 6, ++ _EVP_PKEY_EC = 408, ++ _EVP_PKEY_TLS1_PRF = 1021, ++ _EVP_PKEY_X25519 = 1034, ++ _EVP_PKEY_HKDF = 1036, ++ _EVP_PKEY_ED25519 = 1087, ++ _EVP_PKEY_DSA = 116, ++ _EVP_PKEY_MLKEM_768 = 1455, ++ _EVP_PKEY_MLKEM_1024 = 1456, ++ _EVP_PKEY_ML_DSA_44 = 1457, ++ _EVP_PKEY_ML_DSA_65 = 1458, ++ _EVP_PKEY_ML_DSA_87 = 1459, ++ _EVP_PKEY_OP_DERIVE = (1 << 10), ++ _EVP_MAX_MD_SIZE = 64, ++ _EVP_PKEY_PUBLIC_KEY = 0x86, ++ _EVP_PKEY_KEYPAIR = 0x87, ++ _EVP_MD_CTRL_XOF_LEN = 0x3, ++ _EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID = 0x1001, ++ _EVP_KDF_HKDF_MODE_EXTRACT_ONLY = 1, ++ _EVP_KDF_HKDF_MODE_EXPAND_ONLY = 2, ++ _EVP_PKEY_CTRL_TLS_MD = 0x1000, ++ _EVP_PKEY_CTRL_TLS_SECRET = 0x1001, ++ _EVP_PKEY_CTRL_TLS_SEED = 0x1002, ++ _EVP_PKEY_CTRL_HKDF_MD = 0x1003, ++ _EVP_PKEY_CTRL_HKDF_SALT = 0x1004, ++ _EVP_PKEY_CTRL_HKDF_KEY = 0x1005, ++ _EVP_PKEY_CTRL_HKDF_INFO = 0x1006, ++ _EVP_PKEY_CTRL_HKDF_MODE = 0x1007, ++ _NID_X9_62_prime256v1 = 415, ++ _NID_secp224r1 = 713, ++ _NID_secp384r1 = 715, ++ _NID_secp521r1 = 716, ++ _NID_ML_KEM_768 = 1455, ++ _NID_ML_KEM_1024 = 1456, ++ _NID_ML_DSA_44 = 1457, ++ _NID_ML_DSA_65 = 1458, ++ _NID_ML_DSA_87 = 1459, ++ _RSA_PKCS1_PADDING = 1, ++ _RSA_NO_PADDING = 3, ++ _RSA_PKCS1_OAEP_PADDING = 4, ++ _RSA_PKCS1_PSS_PADDING = 6, ++ _RSA_PSS_SALTLEN_DIGEST = -1, ++ _RSA_PSS_SALTLEN_AUTO = -2, ++ _RSA_PSS_SALTLEN_MAX_SIGN = -2, ++ _RSA_PSS_SALTLEN_MAX = -3, ++ _EVP_PKEY_CTRL_RSA_PADDING = 0x1001, ++ _EVP_PKEY_CTRL_RSA_PSS_SALTLEN = 0x1002, ++ _EVP_PKEY_CTRL_RSA_KEYGEN_BITS = 0x1003, ++ _EVP_PKEY_CTRL_RSA_MGF1_MD = 0x1005, ++ _EVP_PKEY_CTRL_RSA_OAEP_MD = 0x1009, ++ _EVP_PKEY_CTRL_RSA_OAEP_LABEL = 0x100A, ++ _EVP_PKEY_CTRL_DSA_PARAMGEN_BITS = 0x1001, ++ _EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS = 0x1002, ++ _OSSL_PARAM_INTEGER = 1, ++ _OSSL_PARAM_OCTET_STRING = 5, ++ BIO_CTRL_INFO = 3, ++}; ++ ++uintptr_t mkcgo_err_retrieve(); ++void __mkcgo_load_(void* handle); ++void __mkcgo_unload_(); ++void __mkcgo_load_3(void* handle); ++void __mkcgo_unload_3(); ++void __mkcgo_load_33(void* handle); ++void __mkcgo_unload_33(); ++void __mkcgo_load_init_1(void* handle); ++void __mkcgo_unload_init_1(); ++void __mkcgo_load_init_3(void* handle); ++void __mkcgo_unload_init_3(); ++void __mkcgo_load_legacy_1(void* handle); ++void __mkcgo_unload_legacy_1(); ++void __mkcgo_load_version(void* handle); ++void __mkcgo_unload_version(); ++ ++int _mkcgo_available_EVP_DigestSqueeze(); ++int _mkcgo_available_EVP_KEYMGMT_fetch(); ++int _mkcgo_available_EVP_chacha20_poly1305(); ++int _mkcgo_available_OPENSSL_version_major(); ++int _mkcgo_available_OPENSSL_version_minor(); ++int _mkcgo_available_OPENSSL_version_patch(); ++int _mkcgo_available_OpenSSL_version_num(); ++ ++long _mkcgo_BIO_ctrl(_BIO_PTR, int, long, void*); ++int _mkcgo_BIO_free(_BIO_PTR); ++_BIO_PTR _mkcgo_BIO_new(const _BIO_METHOD_PTR, uintptr_t *); ++const _BIO_METHOD_PTR _mkcgo_BIO_s_mem(void); ++_BIGNUM_PTR _mkcgo_BN_bin2bn(const unsigned char*, int, _BIGNUM_PTR, uintptr_t *); ++int _mkcgo_BN_bn2binpad(const _BIGNUM_PTR, unsigned char*, int, uintptr_t *); ++int _mkcgo_BN_bn2lebinpad(const _BIGNUM_PTR, unsigned char*, int, uintptr_t *); ++void _mkcgo_BN_clear(_BIGNUM_PTR); ++void _mkcgo_BN_clear_free(_BIGNUM_PTR); ++void _mkcgo_BN_free(_BIGNUM_PTR); ++_BIGNUM_PTR _mkcgo_BN_lebin2bn(const unsigned char*, int, _BIGNUM_PTR, uintptr_t *); ++_BIGNUM_PTR _mkcgo_BN_new(uintptr_t *); ++int _mkcgo_BN_num_bits(const _BIGNUM_PTR); ++void _mkcgo_CRYPTO_free(void*, const char*, int); ++void* _mkcgo_CRYPTO_malloc(size_t, const char*, int, uintptr_t *); ++void _mkcgo_DSA_free(_DSA_PTR); ++int _mkcgo_DSA_generate_key(_DSA_PTR, uintptr_t *); ++void _mkcgo_DSA_get0_key(const _DSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*); ++void _mkcgo_DSA_get0_pqg(const _DSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); ++_DSA_PTR _mkcgo_DSA_new(uintptr_t *); ++int _mkcgo_DSA_set0_key(_DSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, uintptr_t *); ++int _mkcgo_DSA_set0_pqg(_DSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR, uintptr_t *); ++void _mkcgo_EC_GROUP_free(_EC_GROUP_PTR); ++_EC_GROUP_PTR _mkcgo_EC_GROUP_new_by_curve_name(int, uintptr_t *); ++int _mkcgo_EC_KEY_check_key(const _EC_KEY_PTR, uintptr_t *); ++void _mkcgo_EC_KEY_free(_EC_KEY_PTR); ++const _EC_GROUP_PTR _mkcgo_EC_KEY_get0_group(const _EC_KEY_PTR); ++const _BIGNUM_PTR _mkcgo_EC_KEY_get0_private_key(const _EC_KEY_PTR); ++const _EC_POINT_PTR _mkcgo_EC_KEY_get0_public_key(const _EC_KEY_PTR); ++_EC_KEY_PTR _mkcgo_EC_KEY_new_by_curve_name(int, uintptr_t *); ++int _mkcgo_EC_KEY_set_private_key(_EC_KEY_PTR, const _BIGNUM_PTR, uintptr_t *); ++int _mkcgo_EC_KEY_set_public_key(_EC_KEY_PTR, const _EC_POINT_PTR, uintptr_t *); ++int _mkcgo_EC_KEY_set_public_key_affine_coordinates(_EC_KEY_PTR, _BIGNUM_PTR, _BIGNUM_PTR, uintptr_t *); ++void _mkcgo_EC_POINT_free(_EC_POINT_PTR); ++int _mkcgo_EC_POINT_get_affine_coordinates_GFp(const _EC_GROUP_PTR, const _EC_POINT_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BN_CTX_PTR, uintptr_t *); ++int _mkcgo_EC_POINT_mul(const _EC_GROUP_PTR, _EC_POINT_PTR, const _BIGNUM_PTR, const _EC_POINT_PTR, const _BIGNUM_PTR, _BN_CTX_PTR, uintptr_t *); ++_EC_POINT_PTR _mkcgo_EC_POINT_new(const _EC_GROUP_PTR, uintptr_t *); ++int _mkcgo_EC_POINT_oct2point(const _EC_GROUP_PTR, _EC_POINT_PTR, const unsigned char*, size_t, _BN_CTX_PTR, uintptr_t *); ++size_t _mkcgo_EC_POINT_point2oct(const _EC_GROUP_PTR, const _EC_POINT_PTR, point_conversion_form_t, unsigned char*, size_t, _BN_CTX_PTR, uintptr_t *); ++int _mkcgo_EC_POINT_set_affine_coordinates(const _EC_GROUP_PTR, _EC_POINT_PTR, const _BIGNUM_PTR, const _BIGNUM_PTR, _BN_CTX_PTR, uintptr_t *); ++unsigned long _mkcgo_ERR_peek_error(void); ++void _mkcgo_ERR_print_errors(_BIO_PTR); ++int _mkcgo_EVP_CIPHER_CTX_ctrl(_EVP_CIPHER_CTX_PTR, int, int, void*, uintptr_t *); ++void _mkcgo_EVP_CIPHER_CTX_free(_EVP_CIPHER_CTX_PTR); ++_EVP_CIPHER_CTX_PTR _mkcgo_EVP_CIPHER_CTX_new(uintptr_t *); ++int _mkcgo_EVP_CIPHER_CTX_set_key_length(_EVP_CIPHER_CTX_PTR, int, uintptr_t *); ++int _mkcgo_EVP_CIPHER_CTX_set_padding(_EVP_CIPHER_CTX_PTR, int, uintptr_t *); ++_EVP_CIPHER_PTR _mkcgo_EVP_CIPHER_fetch(_OSSL_LIB_CTX_PTR, const char*, const char*, uintptr_t *); ++const char* _mkcgo_EVP_CIPHER_get0_name(const _EVP_CIPHER_PTR); ++int _mkcgo_EVP_CIPHER_get_block_size(const _EVP_CIPHER_PTR); ++int _mkcgo_EVP_CipherInit_ex(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*, int, uintptr_t *); ++int _mkcgo_EVP_CipherUpdate(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int, uintptr_t *); ++int _mkcgo_EVP_DecryptFinal_ex(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, uintptr_t *); ++int _mkcgo_EVP_DecryptInit_ex(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*, uintptr_t *); ++int _mkcgo_EVP_DecryptUpdate(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int, uintptr_t *); ++int _mkcgo_EVP_Digest(const unsigned char*, size_t, unsigned char*, unsigned int*, const _EVP_MD_PTR, _ENGINE_PTR, uintptr_t *); ++int _mkcgo_EVP_DigestFinalXOF(_EVP_MD_CTX_PTR, unsigned char*, size_t, uintptr_t *); ++int _mkcgo_EVP_DigestFinal_ex(_EVP_MD_CTX_PTR, unsigned char*, unsigned int*, uintptr_t *); ++int _mkcgo_EVP_DigestInit(_EVP_MD_CTX_PTR, const _EVP_MD_PTR, uintptr_t *); ++int _mkcgo_EVP_DigestInit_ex(_EVP_MD_CTX_PTR, const _EVP_MD_PTR, _ENGINE_PTR, uintptr_t *); ++int _mkcgo_EVP_DigestSign(_EVP_MD_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t, uintptr_t *); ++int _mkcgo_EVP_DigestSignFinal(_EVP_MD_CTX_PTR, unsigned char*, size_t*, uintptr_t *); ++int _mkcgo_EVP_DigestSignInit(_EVP_MD_CTX_PTR, _EVP_PKEY_CTX_PTR*, const _EVP_MD_PTR, _ENGINE_PTR, _EVP_PKEY_PTR, uintptr_t *); ++int _mkcgo_EVP_DigestSqueeze(_EVP_MD_CTX_PTR, unsigned char*, size_t, uintptr_t *); ++int _mkcgo_EVP_DigestUpdate(_EVP_MD_CTX_PTR, const unsigned char*, size_t, uintptr_t *); ++int _mkcgo_EVP_DigestVerify(_EVP_MD_CTX_PTR, const unsigned char*, size_t, const unsigned char*, size_t, uintptr_t *); ++int _mkcgo_EVP_DigestVerifyFinal(_EVP_MD_CTX_PTR, const unsigned char*, size_t, uintptr_t *); ++int _mkcgo_EVP_DigestVerifyInit(_EVP_MD_CTX_PTR, _EVP_PKEY_CTX_PTR*, const _EVP_MD_PTR, _ENGINE_PTR, _EVP_PKEY_PTR, uintptr_t *); ++int _mkcgo_EVP_EncryptFinal_ex(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, uintptr_t *); ++int _mkcgo_EVP_EncryptInit_ex(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*, uintptr_t *); ++int _mkcgo_EVP_EncryptUpdate(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int, uintptr_t *); ++void _mkcgo_EVP_KDF_CTX_free(_EVP_KDF_CTX_PTR); ++size_t _mkcgo_EVP_KDF_CTX_get_kdf_size(_EVP_KDF_CTX_PTR, uintptr_t *); ++_EVP_KDF_CTX_PTR _mkcgo_EVP_KDF_CTX_new(_EVP_KDF_PTR, uintptr_t *); ++int _mkcgo_EVP_KDF_CTX_set_params(_EVP_KDF_CTX_PTR, const _OSSL_PARAM_PTR, uintptr_t *); ++int _mkcgo_EVP_KDF_derive(_EVP_KDF_CTX_PTR, unsigned char*, size_t, const _OSSL_PARAM_PTR, uintptr_t *); ++_EVP_KDF_PTR _mkcgo_EVP_KDF_fetch(_OSSL_LIB_CTX_PTR, const char*, const char*, uintptr_t *); ++void _mkcgo_EVP_KDF_free(_EVP_KDF_PTR); ++_EVP_KEYMGMT_PTR _mkcgo_EVP_KEYMGMT_fetch(_OSSL_LIB_CTX_PTR, const char*, const char*, uintptr_t *); ++void _mkcgo_EVP_KEYMGMT_free(_EVP_KEYMGMT_PTR); ++_EVP_MAC_CTX_PTR _mkcgo_EVP_MAC_CTX_dup(const _EVP_MAC_CTX_PTR, uintptr_t *); ++void _mkcgo_EVP_MAC_CTX_free(_EVP_MAC_CTX_PTR); ++_EVP_MAC_CTX_PTR _mkcgo_EVP_MAC_CTX_new(_EVP_MAC_PTR, uintptr_t *); ++int _mkcgo_EVP_MAC_CTX_set_params(_EVP_MAC_CTX_PTR, const _OSSL_PARAM_PTR, uintptr_t *); ++_EVP_MAC_PTR _mkcgo_EVP_MAC_fetch(_OSSL_LIB_CTX_PTR, const char*, const char*, uintptr_t *); ++int _mkcgo_EVP_MAC_final(_EVP_MAC_CTX_PTR, unsigned char*, size_t*, size_t, uintptr_t *); ++int _mkcgo_EVP_MAC_init(_EVP_MAC_CTX_PTR, const unsigned char*, size_t, const _OSSL_PARAM_PTR, uintptr_t *); ++int _mkcgo_EVP_MAC_update(_EVP_MAC_CTX_PTR, const unsigned char*, size_t, uintptr_t *); ++int _mkcgo_EVP_MD_CTX_copy_ex(_EVP_MD_CTX_PTR, const _EVP_MD_CTX_PTR, uintptr_t *); ++int _mkcgo_EVP_MD_CTX_ctrl(_EVP_MD_CTX_PTR, int, int, void*, uintptr_t *); ++void _mkcgo_EVP_MD_CTX_free(_EVP_MD_CTX_PTR); ++int _mkcgo_EVP_MD_CTX_get_params(_EVP_MD_CTX_PTR, _OSSL_PARAM_PTR, uintptr_t *); ++const _OSSL_PARAM_PTR _mkcgo_EVP_MD_CTX_gettable_params(_EVP_MD_CTX_PTR, uintptr_t *); ++_EVP_MD_CTX_PTR _mkcgo_EVP_MD_CTX_new(uintptr_t *); ++int _mkcgo_EVP_MD_CTX_set_params(_EVP_MD_CTX_PTR, const _OSSL_PARAM_PTR, uintptr_t *); ++const _OSSL_PARAM_PTR _mkcgo_EVP_MD_CTX_settable_params(_EVP_MD_CTX_PTR, uintptr_t *); ++_EVP_MD_PTR _mkcgo_EVP_MD_fetch(_OSSL_LIB_CTX_PTR, const char*, const char*, uintptr_t *); ++void _mkcgo_EVP_MD_free(_EVP_MD_PTR); ++const char* _mkcgo_EVP_MD_get0_name(const _EVP_MD_PTR); ++const _OSSL_PROVIDER_PTR _mkcgo_EVP_MD_get0_provider(const _EVP_MD_PTR); ++int _mkcgo_EVP_MD_get_block_size(const _EVP_MD_PTR); ++int _mkcgo_EVP_MD_get_size(const _EVP_MD_PTR); ++int _mkcgo_EVP_MD_get_type(const _EVP_MD_PTR); ++int _mkcgo_EVP_PKEY_CTX_add1_hkdf_info(_EVP_PKEY_CTX_PTR, const unsigned char*, int, uintptr_t *); ++int _mkcgo_EVP_PKEY_CTX_ctrl(_EVP_PKEY_CTX_PTR, int, int, int, int, void*, uintptr_t *); ++void _mkcgo_EVP_PKEY_CTX_free(_EVP_PKEY_CTX_PTR); ++_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new(_EVP_PKEY_PTR, _ENGINE_PTR, uintptr_t *); ++_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new_from_pkey(_OSSL_LIB_CTX_PTR, _EVP_PKEY_PTR, const char*, uintptr_t *); ++_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new_id(int, _ENGINE_PTR, uintptr_t *); ++int _mkcgo_EVP_PKEY_CTX_set0_rsa_oaep_label(_EVP_PKEY_CTX_PTR, unsigned char*, int, uintptr_t *); ++int _mkcgo_EVP_PKEY_CTX_set1_hkdf_key(_EVP_PKEY_CTX_PTR, const unsigned char*, int, uintptr_t *); ++int _mkcgo_EVP_PKEY_CTX_set1_hkdf_salt(_EVP_PKEY_CTX_PTR, const unsigned char*, int, uintptr_t *); ++int _mkcgo_EVP_PKEY_CTX_set_hkdf_md(_EVP_PKEY_CTX_PTR, const _EVP_MD_PTR, uintptr_t *); ++int _mkcgo_EVP_PKEY_CTX_set_hkdf_mode(_EVP_PKEY_CTX_PTR, int, uintptr_t *); ++int _mkcgo_EVP_PKEY_CTX_set_params(_EVP_PKEY_CTX_PTR, const _OSSL_PARAM_PTR, uintptr_t *); ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_EC(_OSSL_LIB_CTX_PTR, const char*, const char*, const char*, uintptr_t *); ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_ED25519(_OSSL_LIB_CTX_PTR, const char*, const char*, uintptr_t *); ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_MLDSA(_OSSL_LIB_CTX_PTR, const char*, const char*, uintptr_t *); ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_MLKEM(_OSSL_LIB_CTX_PTR, const char*, const char*, uintptr_t *); ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_RSA(_OSSL_LIB_CTX_PTR, const char*, const char*, size_t, uintptr_t *); ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_X25519(_OSSL_LIB_CTX_PTR, const char*, const char*, uintptr_t *); ++int _mkcgo_EVP_PKEY_assign(_EVP_PKEY_PTR, int, void*, uintptr_t *); ++int _mkcgo_EVP_PKEY_decapsulate(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t, uintptr_t *); ++int _mkcgo_EVP_PKEY_decapsulate_init(_EVP_PKEY_CTX_PTR, const _OSSL_PARAM_PTR, uintptr_t *); ++int _mkcgo_EVP_PKEY_decrypt(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t, uintptr_t *); ++int _mkcgo_EVP_PKEY_decrypt_init(_EVP_PKEY_CTX_PTR, uintptr_t *); ++int _mkcgo_EVP_PKEY_derive(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, uintptr_t *); ++int _mkcgo_EVP_PKEY_derive_init(_EVP_PKEY_CTX_PTR, uintptr_t *); ++int _mkcgo_EVP_PKEY_derive_set_peer(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR, uintptr_t *); ++int _mkcgo_EVP_PKEY_encapsulate(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, unsigned char*, size_t*, uintptr_t *); ++int _mkcgo_EVP_PKEY_encapsulate_init(_EVP_PKEY_CTX_PTR, const _OSSL_PARAM_PTR, uintptr_t *); ++int _mkcgo_EVP_PKEY_encrypt(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t, uintptr_t *); ++int _mkcgo_EVP_PKEY_encrypt_init(_EVP_PKEY_CTX_PTR, uintptr_t *); ++void _mkcgo_EVP_PKEY_free(_EVP_PKEY_PTR); ++int _mkcgo_EVP_PKEY_fromdata(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*, int, _OSSL_PARAM_PTR, uintptr_t *); ++int _mkcgo_EVP_PKEY_fromdata_init(_EVP_PKEY_CTX_PTR, uintptr_t *); ++_DSA_PTR _mkcgo_EVP_PKEY_get0_DSA(_EVP_PKEY_PTR, uintptr_t *); ++_EC_KEY_PTR _mkcgo_EVP_PKEY_get0_EC_KEY(_EVP_PKEY_PTR, uintptr_t *); ++_RSA_PTR _mkcgo_EVP_PKEY_get1_RSA(_EVP_PKEY_PTR, uintptr_t *); ++size_t _mkcgo_EVP_PKEY_get1_encoded_public_key(_EVP_PKEY_PTR, unsigned char**, uintptr_t *); ++int _mkcgo_EVP_PKEY_get_bits(const _EVP_PKEY_PTR, uintptr_t *); ++int _mkcgo_EVP_PKEY_get_bn_param(const _EVP_PKEY_PTR, const char*, _BIGNUM_PTR*, uintptr_t *); ++int _mkcgo_EVP_PKEY_get_octet_string_param(const _EVP_PKEY_PTR, const char*, unsigned char*, size_t, size_t*, uintptr_t *); ++int _mkcgo_EVP_PKEY_get_raw_private_key(const _EVP_PKEY_PTR, unsigned char*, size_t*, uintptr_t *); ++int _mkcgo_EVP_PKEY_get_raw_public_key(const _EVP_PKEY_PTR, unsigned char*, size_t*, uintptr_t *); ++int _mkcgo_EVP_PKEY_get_size(const _EVP_PKEY_PTR, uintptr_t *); ++int _mkcgo_EVP_PKEY_keygen(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*, uintptr_t *); ++int _mkcgo_EVP_PKEY_keygen_init(_EVP_PKEY_CTX_PTR, uintptr_t *); ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new(uintptr_t *); ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new_raw_private_key(int, _ENGINE_PTR, const unsigned char*, size_t, uintptr_t *); ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new_raw_public_key(int, _ENGINE_PTR, const unsigned char*, size_t, uintptr_t *); ++int _mkcgo_EVP_PKEY_paramgen(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*, uintptr_t *); ++int _mkcgo_EVP_PKEY_paramgen_init(_EVP_PKEY_CTX_PTR, uintptr_t *); ++int _mkcgo_EVP_PKEY_private_check(_EVP_PKEY_CTX_PTR, uintptr_t *); ++int _mkcgo_EVP_PKEY_public_check_quick(_EVP_PKEY_CTX_PTR, uintptr_t *); ++int _mkcgo_EVP_PKEY_set1_EC_KEY(_EVP_PKEY_PTR, _EC_KEY_PTR, uintptr_t *); ++int _mkcgo_EVP_PKEY_set1_encoded_public_key(_EVP_PKEY_PTR, const unsigned char*, size_t, uintptr_t *); ++int _mkcgo_EVP_PKEY_sign(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t, uintptr_t *); ++int _mkcgo_EVP_PKEY_sign_init(_EVP_PKEY_CTX_PTR, uintptr_t *); ++int _mkcgo_EVP_PKEY_up_ref(_EVP_PKEY_PTR, uintptr_t *); ++int _mkcgo_EVP_PKEY_verify(_EVP_PKEY_CTX_PTR, const unsigned char*, size_t, const unsigned char*, size_t, uintptr_t *); ++int _mkcgo_EVP_PKEY_verify_init(_EVP_PKEY_CTX_PTR, uintptr_t *); ++_EVP_SIGNATURE_PTR _mkcgo_EVP_SIGNATURE_fetch(_OSSL_LIB_CTX_PTR, const char*, const char*, uintptr_t *); ++void _mkcgo_EVP_SIGNATURE_free(_EVP_SIGNATURE_PTR); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_cbc(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_ctr(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_ecb(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_gcm(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_cbc(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_ctr(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_ecb(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_gcm(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_cbc(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_ctr(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_ecb(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_gcm(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_chacha20_poly1305(void); ++int _mkcgo_EVP_default_properties_enable_fips(_OSSL_LIB_CTX_PTR, int, uintptr_t *); ++int _mkcgo_EVP_default_properties_is_fips_enabled(_OSSL_LIB_CTX_PTR); ++const _EVP_CIPHER_PTR _mkcgo_EVP_des_cbc(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_des_ecb(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_des_ede3_cbc(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_des_ede3_ecb(void); ++const _EVP_MD_PTR _mkcgo_EVP_md4(void); ++const _EVP_MD_PTR _mkcgo_EVP_md5(void); ++const _EVP_MD_PTR _mkcgo_EVP_md5_sha1(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_rc4(void); ++const _EVP_MD_PTR _mkcgo_EVP_ripemd160(void); ++const _EVP_MD_PTR _mkcgo_EVP_sha1(void); ++const _EVP_MD_PTR _mkcgo_EVP_sha224(void); ++const _EVP_MD_PTR _mkcgo_EVP_sha256(void); ++const _EVP_MD_PTR _mkcgo_EVP_sha384(void); ++const _EVP_MD_PTR _mkcgo_EVP_sha3_224(void); ++const _EVP_MD_PTR _mkcgo_EVP_sha3_256(void); ++const _EVP_MD_PTR _mkcgo_EVP_sha3_384(void); ++const _EVP_MD_PTR _mkcgo_EVP_sha3_512(void); ++const _EVP_MD_PTR _mkcgo_EVP_sha512(void); ++const _EVP_MD_PTR _mkcgo_EVP_sha512_224(void); ++const _EVP_MD_PTR _mkcgo_EVP_sha512_256(void); ++int _mkcgo_FIPS_mode(void); ++int _mkcgo_FIPS_mode_set(int, uintptr_t *); ++int _mkcgo_HMAC_CTX_copy(_HMAC_CTX_PTR, _HMAC_CTX_PTR, uintptr_t *); ++void _mkcgo_HMAC_CTX_free(_HMAC_CTX_PTR); ++_HMAC_CTX_PTR _mkcgo_HMAC_CTX_new(uintptr_t *); ++int _mkcgo_HMAC_Final(_HMAC_CTX_PTR, unsigned char*, unsigned int*, uintptr_t *); ++int _mkcgo_HMAC_Init_ex(_HMAC_CTX_PTR, const unsigned char*, int, const _EVP_MD_PTR, _ENGINE_PTR, uintptr_t *); ++int _mkcgo_HMAC_Update(_HMAC_CTX_PTR, const unsigned char*, size_t, uintptr_t *); ++const char* _mkcgo_OBJ_nid2sn(int); ++void _mkcgo_OPENSSL_init(void); ++int _mkcgo_OPENSSL_init_crypto(uint64_t, const _OPENSSL_INIT_SETTINGS_PTR, uintptr_t *); ++unsigned int _mkcgo_OPENSSL_version_major(void); ++unsigned int _mkcgo_OPENSSL_version_minor(void); ++unsigned int _mkcgo_OPENSSL_version_patch(void); ++void _mkcgo_OSSL_PARAM_BLD_free(_OSSL_PARAM_BLD_PTR); ++_OSSL_PARAM_BLD_PTR _mkcgo_OSSL_PARAM_BLD_new(void); ++int _mkcgo_OSSL_PARAM_BLD_push_BN(_OSSL_PARAM_BLD_PTR, const char*, const _BIGNUM_PTR, uintptr_t *); ++int _mkcgo_OSSL_PARAM_BLD_push_int32(_OSSL_PARAM_BLD_PTR, const char*, int32_t, uintptr_t *); ++int _mkcgo_OSSL_PARAM_BLD_push_octet_string(_OSSL_PARAM_BLD_PTR, const char*, const unsigned char*, size_t, uintptr_t *); ++int _mkcgo_OSSL_PARAM_BLD_push_utf8_string(_OSSL_PARAM_BLD_PTR, const char*, const char*, size_t, uintptr_t *); ++_OSSL_PARAM_PTR _mkcgo_OSSL_PARAM_BLD_to_param(_OSSL_PARAM_BLD_PTR, uintptr_t *); ++void _mkcgo_OSSL_PARAM_free(_OSSL_PARAM_PTR); ++const _OSSL_PARAM_PTR _mkcgo_OSSL_PARAM_locate_const(const _OSSL_PARAM_PTR, const char*, uintptr_t *); ++int _mkcgo_OSSL_PROVIDER_available(_OSSL_LIB_CTX_PTR, const char*); ++const char* _mkcgo_OSSL_PROVIDER_get0_name(const _OSSL_PROVIDER_PTR); ++_OSSL_PROVIDER_PTR _mkcgo_OSSL_PROVIDER_try_load(_OSSL_LIB_CTX_PTR, const char*, int, uintptr_t *); ++const char* _mkcgo_OpenSSL_version(int); ++unsigned long _mkcgo_OpenSSL_version_num(void); ++int _mkcgo_PKCS5_PBKDF2_HMAC(const char*, int, const unsigned char*, int, int, const _EVP_MD_PTR, int, unsigned char*, uintptr_t *); ++int _mkcgo_RAND_bytes(unsigned char*, int, uintptr_t *); ++int _mkcgo_RAND_bytes_ex(_OSSL_LIB_CTX_PTR, unsigned char*, size_t, unsigned int, uintptr_t *); ++void _mkcgo_RSA_free(_RSA_PTR); ++void _mkcgo_RSA_get0_crt_params(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); ++void _mkcgo_RSA_get0_factors(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*); ++void _mkcgo_RSA_get0_key(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); ++_RSA_PTR _mkcgo_RSA_new(uintptr_t *); ++int _mkcgo_RSA_set0_crt_params(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR, uintptr_t *); ++int _mkcgo_RSA_set0_factors(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, uintptr_t *); ++int _mkcgo_RSA_set0_key(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR, uintptr_t *); ++ ++#endif // MKCGO_H +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl_cgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl_cgo.go +new file mode 100644 +index 00000000000000..2eb57068990277 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl_cgo.go +@@ -0,0 +1,1513 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++// Code generated by mkcgo. DO NOT EDIT. ++ ++package ossl ++ ++/* ++#cgo CFLAGS: -Wno-attributes ++#cgo unix LDFLAGS: -ldl ++ ++#include "zossl.h" ++#cgo noescape _mkcgo_BIO_ctrl ++#cgo nocallback _mkcgo_BIO_ctrl ++#cgo noescape _mkcgo_BIO_free ++#cgo nocallback _mkcgo_BIO_free ++#cgo noescape _mkcgo_ERR_print_errors ++#cgo nocallback _mkcgo_ERR_print_errors ++#cgo noescape _mkcgo_EVP_CipherUpdate ++#cgo nocallback _mkcgo_EVP_CipherUpdate ++#cgo noescape _mkcgo_EVP_DecryptFinal_ex ++#cgo nocallback _mkcgo_EVP_DecryptFinal_ex ++#cgo noescape _mkcgo_EVP_DecryptUpdate ++#cgo nocallback _mkcgo_EVP_DecryptUpdate ++#cgo noescape _mkcgo_EVP_Digest ++#cgo nocallback _mkcgo_EVP_Digest ++#cgo noescape _mkcgo_EVP_DigestFinalXOF ++#cgo nocallback _mkcgo_EVP_DigestFinalXOF ++#cgo noescape _mkcgo_EVP_DigestFinal_ex ++#cgo nocallback _mkcgo_EVP_DigestFinal_ex ++#cgo noescape _mkcgo_EVP_DigestSign ++#cgo nocallback _mkcgo_EVP_DigestSign ++#cgo noescape _mkcgo_EVP_DigestSqueeze ++#cgo nocallback _mkcgo_EVP_DigestSqueeze ++#cgo noescape _mkcgo_EVP_DigestUpdate ++#cgo nocallback _mkcgo_EVP_DigestUpdate ++#cgo noescape _mkcgo_EVP_EncryptFinal_ex ++#cgo nocallback _mkcgo_EVP_EncryptFinal_ex ++#cgo noescape _mkcgo_EVP_EncryptUpdate ++#cgo nocallback _mkcgo_EVP_EncryptUpdate ++#cgo noescape _mkcgo_EVP_MAC_CTX_free ++#cgo nocallback _mkcgo_EVP_MAC_CTX_free ++#cgo noescape _mkcgo_EVP_MAC_final ++#cgo nocallback _mkcgo_EVP_MAC_final ++#cgo noescape _mkcgo_EVP_MAC_init ++#cgo nocallback _mkcgo_EVP_MAC_init ++#cgo noescape _mkcgo_EVP_MAC_update ++#cgo nocallback _mkcgo_EVP_MAC_update ++#cgo noescape _mkcgo_EVP_MD_CTX_get_params ++#cgo nocallback _mkcgo_EVP_MD_CTX_get_params ++#cgo noescape _mkcgo_EVP_MD_CTX_set_params ++#cgo nocallback _mkcgo_EVP_MD_CTX_set_params ++#cgo noescape _mkcgo_EVP_PKEY_CTX_set_params ++#cgo nocallback _mkcgo_EVP_PKEY_CTX_set_params ++#cgo noescape _mkcgo_EVP_PKEY_Q_keygen_EC ++#cgo nocallback _mkcgo_EVP_PKEY_Q_keygen_EC ++#cgo noescape _mkcgo_EVP_PKEY_Q_keygen_ED25519 ++#cgo nocallback _mkcgo_EVP_PKEY_Q_keygen_ED25519 ++#cgo noescape _mkcgo_EVP_PKEY_Q_keygen_MLDSA ++#cgo nocallback _mkcgo_EVP_PKEY_Q_keygen_MLDSA ++#cgo noescape _mkcgo_EVP_PKEY_Q_keygen_MLKEM ++#cgo nocallback _mkcgo_EVP_PKEY_Q_keygen_MLKEM ++#cgo noescape _mkcgo_EVP_PKEY_Q_keygen_RSA ++#cgo nocallback _mkcgo_EVP_PKEY_Q_keygen_RSA ++#cgo noescape _mkcgo_EVP_PKEY_Q_keygen_X25519 ++#cgo nocallback _mkcgo_EVP_PKEY_Q_keygen_X25519 ++#cgo noescape _mkcgo_EVP_PKEY_derive ++#cgo nocallback _mkcgo_EVP_PKEY_derive ++#cgo noescape _mkcgo_EVP_PKEY_get_bn_param ++#cgo nocallback _mkcgo_EVP_PKEY_get_bn_param ++#cgo noescape _mkcgo_EVP_PKEY_get_raw_private_key ++#cgo nocallback _mkcgo_EVP_PKEY_get_raw_private_key ++#cgo noescape _mkcgo_EVP_PKEY_get_raw_public_key ++#cgo nocallback _mkcgo_EVP_PKEY_get_raw_public_key ++#cgo noescape _mkcgo_EVP_PKEY_keygen ++#cgo nocallback _mkcgo_EVP_PKEY_keygen ++#cgo noescape _mkcgo_HMAC_CTX_copy ++#cgo nocallback _mkcgo_HMAC_CTX_copy ++#cgo noescape _mkcgo_HMAC_CTX_free ++#cgo nocallback _mkcgo_HMAC_CTX_free ++#cgo noescape _mkcgo_HMAC_Final ++#cgo nocallback _mkcgo_HMAC_Final ++#cgo noescape _mkcgo_HMAC_Init_ex ++#cgo nocallback _mkcgo_HMAC_Init_ex ++#cgo noescape _mkcgo_HMAC_Update ++#cgo nocallback _mkcgo_HMAC_Update ++#cgo noescape _mkcgo_RAND_bytes ++#cgo nocallback _mkcgo_RAND_bytes ++#cgo noescape _mkcgo_RAND_bytes_ex ++#cgo nocallback _mkcgo_RAND_bytes_ex ++*/ ++import "C" ++import "unsafe" ++ ++type BIGNUM_PTR = C._BIGNUM_PTR ++type BIO_METHOD_PTR = C._BIO_METHOD_PTR ++type BIO_PTR = C._BIO_PTR ++type BN_CTX_PTR = C._BN_CTX_PTR ++type DSA_PTR = C._DSA_PTR ++type EC_GROUP_PTR = C._EC_GROUP_PTR ++type EC_KEY_PTR = C._EC_KEY_PTR ++type EC_POINT_PTR = C._EC_POINT_PTR ++type ENGINE_PTR = C._ENGINE_PTR ++type EVP_CIPHER_CTX_PTR = C._EVP_CIPHER_CTX_PTR ++type EVP_CIPHER_PTR = C._EVP_CIPHER_PTR ++type EVP_KDF_CTX_PTR = C._EVP_KDF_CTX_PTR ++type EVP_KDF_PTR = C._EVP_KDF_PTR ++type EVP_KEYMGMT_PTR = C._EVP_KEYMGMT_PTR ++type EVP_MAC_CTX_PTR = C._EVP_MAC_CTX_PTR ++type EVP_MAC_PTR = C._EVP_MAC_PTR ++type EVP_MD_CTX_PTR = C._EVP_MD_CTX_PTR ++type EVP_MD_PTR = C._EVP_MD_PTR ++type EVP_PKEY_CTX_PTR = C._EVP_PKEY_CTX_PTR ++type EVP_PKEY_PTR = C._EVP_PKEY_PTR ++type EVP_SIGNATURE_PTR = C._EVP_SIGNATURE_PTR ++type HMAC_CTX_PTR = C._HMAC_CTX_PTR ++type OPENSSL_INIT_SETTINGS_PTR = C._OPENSSL_INIT_SETTINGS_PTR ++type OSSL_LIB_CTX_PTR = C._OSSL_LIB_CTX_PTR ++type OSSL_PARAM_BLD_PTR = C._OSSL_PARAM_BLD_PTR ++type OSSL_PARAM_PTR = C._OSSL_PARAM_PTR ++type OSSL_PROVIDER_PTR = C._OSSL_PROVIDER_PTR ++type RSA_PTR = C._RSA_PTR ++type Point_conversion_form_t = C.point_conversion_form_t ++ ++func MkcgoLoad_(handle unsafe.Pointer) { ++ C.__mkcgo_load_(handle) ++} ++ ++func MkcgoUnload_() { ++ C.__mkcgo_unload_() ++} ++ ++func MkcgoLoad_3(handle unsafe.Pointer) { ++ C.__mkcgo_load_3(handle) ++} ++ ++func MkcgoUnload_3() { ++ C.__mkcgo_unload_3() ++} ++ ++func MkcgoLoad_33(handle unsafe.Pointer) { ++ C.__mkcgo_load_33(handle) ++} ++ ++func MkcgoUnload_33() { ++ C.__mkcgo_unload_33() ++} ++ ++func MkcgoLoad_init_1(handle unsafe.Pointer) { ++ C.__mkcgo_load_init_1(handle) ++} ++ ++func MkcgoUnload_init_1() { ++ C.__mkcgo_unload_init_1() ++} ++ ++func MkcgoLoad_init_3(handle unsafe.Pointer) { ++ C.__mkcgo_load_init_3(handle) ++} ++ ++func MkcgoUnload_init_3() { ++ C.__mkcgo_unload_init_3() ++} ++ ++func MkcgoLoad_legacy_1(handle unsafe.Pointer) { ++ C.__mkcgo_load_legacy_1(handle) ++} ++ ++func MkcgoUnload_legacy_1() { ++ C.__mkcgo_unload_legacy_1() ++} ++ ++func MkcgoLoad_version(handle unsafe.Pointer) { ++ C.__mkcgo_load_version(handle) ++} ++ ++func MkcgoUnload_version() { ++ C.__mkcgo_unload_version() ++} ++ ++//go:nosplit ++func mkcgoNoEscape(p *C.uintptr_t) *C.uintptr_t { ++ x := uintptr(unsafe.Pointer(p)) ++ return (*C.uintptr_t)(unsafe.Pointer(x ^ 0)) ++} ++ ++func BIO_ctrl(bp BIO_PTR, cmd int32, larg int64, parg unsafe.Pointer) int64 { ++ return int64(C._mkcgo_BIO_ctrl(bp, C.int(cmd), C.long(larg), parg)) ++} ++ ++func BIO_free(a BIO_PTR) int32 { ++ return int32(C._mkcgo_BIO_free(a)) ++} ++ ++func BIO_new(__type BIO_METHOD_PTR) (BIO_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_BIO_new(__type, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("BIO_new", uintptr(_err)) ++} ++ ++func BIO_s_mem() BIO_METHOD_PTR { ++ return C._mkcgo_BIO_s_mem() ++} ++ ++func BN_bin2bn(arg0 []byte, arg2 BIGNUM_PTR) (BIGNUM_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_BN_bin2bn((*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg0))), C.int(len(arg0)), arg2, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("BN_bin2bn", uintptr(_err)) ++} ++ ++func BN_bn2binpad(a BIGNUM_PTR, to []byte) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_BN_bn2binpad(a, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(to))), C.int(len(to)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("BN_bn2binpad", uintptr(_err)) ++} ++ ++func BN_bn2lebinpad(a BIGNUM_PTR, to []byte) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_BN_bn2lebinpad(a, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(to))), C.int(len(to)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("BN_bn2lebinpad", uintptr(_err)) ++} ++ ++func BN_clear(arg0 BIGNUM_PTR) { ++ C._mkcgo_BN_clear(arg0) ++} ++ ++func BN_clear_free(arg0 BIGNUM_PTR) { ++ C._mkcgo_BN_clear_free(arg0) ++} ++ ++func BN_free(arg0 BIGNUM_PTR) { ++ C._mkcgo_BN_free(arg0) ++} ++ ++func BN_lebin2bn(s []byte, ret BIGNUM_PTR) (BIGNUM_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_BN_lebin2bn((*C.uchar)(unsafe.Pointer(unsafe.SliceData(s))), C.int(len(s)), ret, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("BN_lebin2bn", uintptr(_err)) ++} ++ ++func BN_new() (BIGNUM_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_BN_new(mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("BN_new", uintptr(_err)) ++} ++ ++func BN_num_bits(arg0 BIGNUM_PTR) int32 { ++ return int32(C._mkcgo_BN_num_bits(arg0)) ++} ++ ++func CRYPTO_free(str unsafe.Pointer, file *byte, line int32) { ++ C._mkcgo_CRYPTO_free(str, (*C.char)(unsafe.Pointer(file)), C.int(line)) ++} ++ ++func CRYPTO_malloc(num int, file *byte, line int32) (unsafe.Pointer, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_CRYPTO_malloc(C.size_t(num), (*C.char)(unsafe.Pointer(file)), C.int(line), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("CRYPTO_malloc", uintptr(_err)) ++} ++ ++func DSA_free(r DSA_PTR) { ++ C._mkcgo_DSA_free(r) ++} ++ ++func DSA_generate_key(a DSA_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_DSA_generate_key(a, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("DSA_generate_key", uintptr(_err)) ++} ++ ++func DSA_get0_key(d DSA_PTR, pub_key *BIGNUM_PTR, priv_key *BIGNUM_PTR) { ++ C._mkcgo_DSA_get0_key(d, pub_key, priv_key) ++} ++ ++func DSA_get0_pqg(d DSA_PTR, p *BIGNUM_PTR, q *BIGNUM_PTR, g *BIGNUM_PTR) { ++ C._mkcgo_DSA_get0_pqg(d, p, q, g) ++} ++ ++func DSA_new() (DSA_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_DSA_new(mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("DSA_new", uintptr(_err)) ++} ++ ++func DSA_set0_key(d DSA_PTR, pub_key BIGNUM_PTR, priv_key BIGNUM_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_DSA_set0_key(d, pub_key, priv_key, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("DSA_set0_key", uintptr(_err)) ++} ++ ++func DSA_set0_pqg(d DSA_PTR, p BIGNUM_PTR, q BIGNUM_PTR, g BIGNUM_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_DSA_set0_pqg(d, p, q, g, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("DSA_set0_pqg", uintptr(_err)) ++} ++ ++func EC_GROUP_free(group EC_GROUP_PTR) { ++ C._mkcgo_EC_GROUP_free(group) ++} ++ ++func EC_GROUP_new_by_curve_name(nid int32) (EC_GROUP_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EC_GROUP_new_by_curve_name(C.int(nid), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EC_GROUP_new_by_curve_name", uintptr(_err)) ++} ++ ++func EC_KEY_check_key(key EC_KEY_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EC_KEY_check_key(key, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EC_KEY_check_key", uintptr(_err)) ++} ++ ++func EC_KEY_free(arg0 EC_KEY_PTR) { ++ C._mkcgo_EC_KEY_free(arg0) ++} ++ ++func EC_KEY_get0_group(arg0 EC_KEY_PTR) EC_GROUP_PTR { ++ return C._mkcgo_EC_KEY_get0_group(arg0) ++} ++ ++func EC_KEY_get0_private_key(arg0 EC_KEY_PTR) BIGNUM_PTR { ++ return C._mkcgo_EC_KEY_get0_private_key(arg0) ++} ++ ++func EC_KEY_get0_public_key(arg0 EC_KEY_PTR) EC_POINT_PTR { ++ return C._mkcgo_EC_KEY_get0_public_key(arg0) ++} ++ ++func EC_KEY_new_by_curve_name(arg0 int32) (EC_KEY_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EC_KEY_new_by_curve_name(C.int(arg0), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EC_KEY_new_by_curve_name", uintptr(_err)) ++} ++ ++func EC_KEY_set_private_key(arg0 EC_KEY_PTR, arg1 BIGNUM_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EC_KEY_set_private_key(arg0, arg1, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EC_KEY_set_private_key", uintptr(_err)) ++} ++ ++func EC_KEY_set_public_key(key EC_KEY_PTR, pub EC_POINT_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EC_KEY_set_public_key(key, pub, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EC_KEY_set_public_key", uintptr(_err)) ++} ++ ++func EC_KEY_set_public_key_affine_coordinates(key EC_KEY_PTR, x BIGNUM_PTR, y BIGNUM_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EC_KEY_set_public_key_affine_coordinates(key, x, y, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EC_KEY_set_public_key_affine_coordinates", uintptr(_err)) ++} ++ ++func EC_POINT_free(arg0 EC_POINT_PTR) { ++ C._mkcgo_EC_POINT_free(arg0) ++} ++ ++func EC_POINT_get_affine_coordinates_GFp(arg0 EC_GROUP_PTR, arg1 EC_POINT_PTR, arg2 BIGNUM_PTR, arg3 BIGNUM_PTR, arg4 BN_CTX_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EC_POINT_get_affine_coordinates_GFp(arg0, arg1, arg2, arg3, arg4, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EC_POINT_get_affine_coordinates_GFp", uintptr(_err)) ++} ++ ++func EC_POINT_mul(group EC_GROUP_PTR, r EC_POINT_PTR, n BIGNUM_PTR, q EC_POINT_PTR, m BIGNUM_PTR, ctx BN_CTX_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EC_POINT_mul(group, r, n, q, m, ctx, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EC_POINT_mul", uintptr(_err)) ++} ++ ++func EC_POINT_new(arg0 EC_GROUP_PTR) (EC_POINT_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EC_POINT_new(arg0, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EC_POINT_new", uintptr(_err)) ++} ++ ++func EC_POINT_oct2point(group EC_GROUP_PTR, p EC_POINT_PTR, buf []byte, ctx BN_CTX_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EC_POINT_oct2point(group, p, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(buf))), C.size_t(len(buf)), ctx, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EC_POINT_oct2point", uintptr(_err)) ++} ++ ++func EC_POINT_point2oct(group EC_GROUP_PTR, p EC_POINT_PTR, form Point_conversion_form_t, buf []byte, ctx BN_CTX_PTR) (int, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EC_POINT_point2oct(group, p, form, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(buf))), C.size_t(len(buf)), ctx, mkcgoNoEscape(&_err)) ++ return int(_ret), newMkcgoErr("EC_POINT_point2oct", uintptr(_err)) ++} ++ ++func EC_POINT_set_affine_coordinates(arg0 EC_GROUP_PTR, arg1 EC_POINT_PTR, arg2 BIGNUM_PTR, arg3 BIGNUM_PTR, arg4 BN_CTX_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EC_POINT_set_affine_coordinates(arg0, arg1, arg2, arg3, arg4, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EC_POINT_set_affine_coordinates", uintptr(_err)) ++} ++ ++func ERR_peek_error() uint64 { ++ return uint64(C._mkcgo_ERR_peek_error()) ++} ++ ++func ERR_print_errors(bp BIO_PTR) { ++ C._mkcgo_ERR_print_errors(bp) ++} ++ ++func EVP_CIPHER_CTX_ctrl(ctx EVP_CIPHER_CTX_PTR, __type int32, arg int32, ptr unsafe.Pointer) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_CIPHER_CTX_ctrl(ctx, C.int(__type), C.int(arg), ptr, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_CIPHER_CTX_ctrl", uintptr(_err)) ++} ++ ++func EVP_CIPHER_CTX_free(arg0 EVP_CIPHER_CTX_PTR) { ++ C._mkcgo_EVP_CIPHER_CTX_free(arg0) ++} ++ ++func EVP_CIPHER_CTX_new() (EVP_CIPHER_CTX_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_CIPHER_CTX_new(mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_CIPHER_CTX_new", uintptr(_err)) ++} ++ ++func EVP_CIPHER_CTX_set_key_length(x EVP_CIPHER_CTX_PTR, keylen int32) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_CIPHER_CTX_set_key_length(x, C.int(keylen), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_CIPHER_CTX_set_key_length", uintptr(_err)) ++} ++ ++func EVP_CIPHER_CTX_set_padding(x EVP_CIPHER_CTX_PTR, padding int32) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_CIPHER_CTX_set_padding(x, C.int(padding), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_CIPHER_CTX_set_padding", uintptr(_err)) ++} ++ ++func EVP_CIPHER_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_CIPHER_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_CIPHER_fetch(ctx, (*C.char)(unsafe.Pointer(algorithm)), (*C.char)(unsafe.Pointer(properties)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_CIPHER_fetch", uintptr(_err)) ++} ++ ++func EVP_CIPHER_get0_name(cipher EVP_CIPHER_PTR) *byte { ++ return (*byte)(unsafe.Pointer(C._mkcgo_EVP_CIPHER_get0_name(cipher))) ++} ++ ++func EVP_CIPHER_get_block_size(cipher EVP_CIPHER_PTR) int32 { ++ return int32(C._mkcgo_EVP_CIPHER_get_block_size(cipher)) ++} ++ ++func EVP_CipherInit_ex(ctx EVP_CIPHER_CTX_PTR, __type EVP_CIPHER_PTR, impl ENGINE_PTR, key *byte, iv *byte, enc int32) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_CipherInit_ex(ctx, __type, impl, (*C.uchar)(unsafe.Pointer(key)), (*C.uchar)(unsafe.Pointer(iv)), C.int(enc), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_CipherInit_ex", uintptr(_err)) ++} ++ ++func EVP_CipherUpdate(ctx EVP_CIPHER_CTX_PTR, out []byte, outl *int32, in []byte) (int32, error) { ++ if outl != nil && int(*outl) > len(out) { ++ panic("EVP_CipherUpdate: *outl exceeds len(out)") ++ } ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_CipherUpdate(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(out))), (*C.int)(unsafe.Pointer(outl)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(in))), C.int(len(in)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_CipherUpdate", uintptr(_err)) ++} ++ ++func EVP_DecryptFinal_ex(ctx EVP_CIPHER_CTX_PTR, outm []byte, outl *int32) (int32, error) { ++ if outl != nil && int(*outl) > len(outm) { ++ panic("EVP_DecryptFinal_ex: *outl exceeds len(outm)") ++ } ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_DecryptFinal_ex(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(outm))), (*C.int)(unsafe.Pointer(outl)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DecryptFinal_ex", uintptr(_err)) ++} ++ ++func EVP_DecryptInit_ex(ctx EVP_CIPHER_CTX_PTR, __type EVP_CIPHER_PTR, impl ENGINE_PTR, key *byte, iv *byte) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_DecryptInit_ex(ctx, __type, impl, (*C.uchar)(unsafe.Pointer(key)), (*C.uchar)(unsafe.Pointer(iv)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DecryptInit_ex", uintptr(_err)) ++} ++ ++func EVP_DecryptUpdate(ctx EVP_CIPHER_CTX_PTR, out []byte, outl *int32, in []byte) (int32, error) { ++ if outl != nil && int(*outl) > len(out) { ++ panic("EVP_DecryptUpdate: *outl exceeds len(out)") ++ } ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_DecryptUpdate(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(out))), (*C.int)(unsafe.Pointer(outl)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(in))), C.int(len(in)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DecryptUpdate", uintptr(_err)) ++} ++ ++func EVP_Digest(data []byte, md []byte, size *uint32, __type EVP_MD_PTR, impl ENGINE_PTR) (int32, error) { ++ if size != nil && int(*size) > len(md) { ++ panic("EVP_Digest: *size exceeds len(md)") ++ } ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_Digest((*C.uchar)(unsafe.Pointer(unsafe.SliceData(data))), C.size_t(len(data)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(md))), (*C.uint)(unsafe.Pointer(size)), __type, impl, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_Digest", uintptr(_err)) ++} ++ ++func EVP_DigestFinalXOF(ctx EVP_MD_CTX_PTR, md []byte) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_DigestFinalXOF(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(md))), C.size_t(len(md)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DigestFinalXOF", uintptr(_err)) ++} ++ ++func EVP_DigestFinal_ex(ctx EVP_MD_CTX_PTR, md []byte, s *uint32) (int32, error) { ++ if s != nil && int(*s) > len(md) { ++ panic("EVP_DigestFinal_ex: *s exceeds len(md)") ++ } ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_DigestFinal_ex(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(md))), (*C.uint)(unsafe.Pointer(s)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DigestFinal_ex", uintptr(_err)) ++} ++ ++func EVP_DigestInit(ctx EVP_MD_CTX_PTR, __type EVP_MD_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_DigestInit(ctx, __type, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DigestInit", uintptr(_err)) ++} ++ ++func EVP_DigestInit_ex(ctx EVP_MD_CTX_PTR, __type EVP_MD_PTR, impl ENGINE_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_DigestInit_ex(ctx, __type, impl, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DigestInit_ex", uintptr(_err)) ++} ++ ++func EVP_DigestSign(ctx EVP_MD_CTX_PTR, sigret []byte, siglen *int, tbs []byte) (int32, error) { ++ if siglen != nil && int(*siglen) > len(sigret) { ++ panic("EVP_DigestSign: *siglen exceeds len(sigret)") ++ } ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_DigestSign(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(sigret))), (*C.size_t)(unsafe.Pointer(siglen)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(tbs))), C.size_t(len(tbs)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DigestSign", uintptr(_err)) ++} ++ ++func EVP_DigestSignFinal(ctx EVP_MD_CTX_PTR, sig []byte, siglen *int) (int32, error) { ++ if siglen != nil && int(*siglen) > len(sig) { ++ panic("EVP_DigestSignFinal: *siglen exceeds len(sig)") ++ } ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_DigestSignFinal(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(sig))), (*C.size_t)(unsafe.Pointer(siglen)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DigestSignFinal", uintptr(_err)) ++} ++ ++func EVP_DigestSignInit(ctx EVP_MD_CTX_PTR, pctx *EVP_PKEY_CTX_PTR, __type EVP_MD_PTR, e ENGINE_PTR, pkey EVP_PKEY_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_DigestSignInit(ctx, pctx, __type, e, pkey, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DigestSignInit", uintptr(_err)) ++} ++ ++func EVP_DigestSqueeze_Available() bool { ++ return C._mkcgo_available_EVP_DigestSqueeze() != 0 ++} ++ ++func EVP_DigestSqueeze(ctx EVP_MD_CTX_PTR, out []byte) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_DigestSqueeze(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(out))), C.size_t(len(out)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DigestSqueeze", uintptr(_err)) ++} ++ ++func EVP_DigestUpdate(ctx EVP_MD_CTX_PTR, d []byte) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_DigestUpdate(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(d))), C.size_t(len(d)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DigestUpdate", uintptr(_err)) ++} ++ ++func EVP_DigestVerify(ctx EVP_MD_CTX_PTR, sigret []byte, tbs []byte) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_DigestVerify(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(sigret))), C.size_t(len(sigret)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(tbs))), C.size_t(len(tbs)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DigestVerify", uintptr(_err)) ++} ++ ++func EVP_DigestVerifyFinal(ctx EVP_MD_CTX_PTR, sig []byte) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_DigestVerifyFinal(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(sig))), C.size_t(len(sig)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DigestVerifyFinal", uintptr(_err)) ++} ++ ++func EVP_DigestVerifyInit(ctx EVP_MD_CTX_PTR, pctx *EVP_PKEY_CTX_PTR, __type EVP_MD_PTR, e ENGINE_PTR, pkey EVP_PKEY_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_DigestVerifyInit(ctx, pctx, __type, e, pkey, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DigestVerifyInit", uintptr(_err)) ++} ++ ++func EVP_EncryptFinal_ex(ctx EVP_CIPHER_CTX_PTR, out []byte, outl *int32) (int32, error) { ++ if outl != nil && int(*outl) > len(out) { ++ panic("EVP_EncryptFinal_ex: *outl exceeds len(out)") ++ } ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_EncryptFinal_ex(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(out))), (*C.int)(unsafe.Pointer(outl)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_EncryptFinal_ex", uintptr(_err)) ++} ++ ++func EVP_EncryptInit_ex(ctx EVP_CIPHER_CTX_PTR, __type EVP_CIPHER_PTR, impl ENGINE_PTR, key *byte, iv *byte) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_EncryptInit_ex(ctx, __type, impl, (*C.uchar)(unsafe.Pointer(key)), (*C.uchar)(unsafe.Pointer(iv)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_EncryptInit_ex", uintptr(_err)) ++} ++ ++func EVP_EncryptUpdate(ctx EVP_CIPHER_CTX_PTR, out []byte, outl *int32, in []byte) (int32, error) { ++ if outl != nil && int(*outl) > len(out) { ++ panic("EVP_EncryptUpdate: *outl exceeds len(out)") ++ } ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_EncryptUpdate(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(out))), (*C.int)(unsafe.Pointer(outl)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(in))), C.int(len(in)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_EncryptUpdate", uintptr(_err)) ++} ++ ++func EVP_KDF_CTX_free(ctx EVP_KDF_CTX_PTR) { ++ C._mkcgo_EVP_KDF_CTX_free(ctx) ++} ++ ++func EVP_KDF_CTX_get_kdf_size(ctx EVP_KDF_CTX_PTR) (int, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_KDF_CTX_get_kdf_size(ctx, mkcgoNoEscape(&_err)) ++ return int(_ret), newMkcgoErr("EVP_KDF_CTX_get_kdf_size", uintptr(_err)) ++} ++ ++func EVP_KDF_CTX_new(kdf EVP_KDF_PTR) (EVP_KDF_CTX_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_KDF_CTX_new(kdf, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_KDF_CTX_new", uintptr(_err)) ++} ++ ++func EVP_KDF_CTX_set_params(ctx EVP_KDF_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_KDF_CTX_set_params(ctx, params, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_KDF_CTX_set_params", uintptr(_err)) ++} ++ ++func EVP_KDF_derive(ctx EVP_KDF_CTX_PTR, key []byte, params OSSL_PARAM_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_KDF_derive(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(key))), C.size_t(len(key)), params, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_KDF_derive", uintptr(_err)) ++} ++ ++func EVP_KDF_fetch(libctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_KDF_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_KDF_fetch(libctx, (*C.char)(unsafe.Pointer(algorithm)), (*C.char)(unsafe.Pointer(properties)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_KDF_fetch", uintptr(_err)) ++} ++ ++func EVP_KDF_free(kdf EVP_KDF_PTR) { ++ C._mkcgo_EVP_KDF_free(kdf) ++} ++ ++func EVP_KEYMGMT_fetch_Available() bool { ++ return C._mkcgo_available_EVP_KEYMGMT_fetch() != 0 ++} ++ ++func EVP_KEYMGMT_fetch(libctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_KEYMGMT_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_KEYMGMT_fetch(libctx, (*C.char)(unsafe.Pointer(algorithm)), (*C.char)(unsafe.Pointer(properties)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_KEYMGMT_fetch", uintptr(_err)) ++} ++ ++func EVP_KEYMGMT_free(keymgmt EVP_KEYMGMT_PTR) { ++ C._mkcgo_EVP_KEYMGMT_free(keymgmt) ++} ++ ++func EVP_MAC_CTX_dup(arg0 EVP_MAC_CTX_PTR) (EVP_MAC_CTX_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_MAC_CTX_dup(arg0, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_MAC_CTX_dup", uintptr(_err)) ++} ++ ++func EVP_MAC_CTX_free(arg0 EVP_MAC_CTX_PTR) { ++ C._mkcgo_EVP_MAC_CTX_free(arg0) ++} ++ ++func EVP_MAC_CTX_new(arg0 EVP_MAC_PTR) (EVP_MAC_CTX_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_MAC_CTX_new(arg0, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_MAC_CTX_new", uintptr(_err)) ++} ++ ++func EVP_MAC_CTX_set_params(ctx EVP_MAC_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_MAC_CTX_set_params(ctx, params, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_MAC_CTX_set_params", uintptr(_err)) ++} ++ ++func EVP_MAC_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_MAC_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_MAC_fetch(ctx, (*C.char)(unsafe.Pointer(algorithm)), (*C.char)(unsafe.Pointer(properties)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_MAC_fetch", uintptr(_err)) ++} ++ ++func EVP_MAC_final(ctx EVP_MAC_CTX_PTR, out []byte, outl *int) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_MAC_final(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(out))), (*C.size_t)(unsafe.Pointer(outl)), C.size_t(len(out)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_MAC_final", uintptr(_err)) ++} ++ ++func EVP_MAC_init(ctx EVP_MAC_CTX_PTR, key []byte, params OSSL_PARAM_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_MAC_init(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(key))), C.size_t(len(key)), params, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_MAC_init", uintptr(_err)) ++} ++ ++func EVP_MAC_update(ctx EVP_MAC_CTX_PTR, data []byte) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_MAC_update(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(data))), C.size_t(len(data)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_MAC_update", uintptr(_err)) ++} ++ ++func EVP_MD_CTX_copy_ex(out EVP_MD_CTX_PTR, in EVP_MD_CTX_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_MD_CTX_copy_ex(out, in, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_MD_CTX_copy_ex", uintptr(_err)) ++} ++ ++func EVP_MD_CTX_ctrl(ctx EVP_MD_CTX_PTR, cmd int32, p1 int32, p2 unsafe.Pointer) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_MD_CTX_ctrl(ctx, C.int(cmd), C.int(p1), p2, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_MD_CTX_ctrl", uintptr(_err)) ++} ++ ++func EVP_MD_CTX_free(ctx EVP_MD_CTX_PTR) { ++ C._mkcgo_EVP_MD_CTX_free(ctx) ++} ++ ++func EVP_MD_CTX_get_params(ctx EVP_MD_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_MD_CTX_get_params(ctx, params, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_MD_CTX_get_params", uintptr(_err)) ++} ++ ++func EVP_MD_CTX_gettable_params(ctx EVP_MD_CTX_PTR) (OSSL_PARAM_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_MD_CTX_gettable_params(ctx, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_MD_CTX_gettable_params", uintptr(_err)) ++} ++ ++func EVP_MD_CTX_new() (EVP_MD_CTX_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_MD_CTX_new(mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_MD_CTX_new", uintptr(_err)) ++} ++ ++func EVP_MD_CTX_set_params(ctx EVP_MD_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_MD_CTX_set_params(ctx, params, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_MD_CTX_set_params", uintptr(_err)) ++} ++ ++func EVP_MD_CTX_settable_params(ctx EVP_MD_CTX_PTR) (OSSL_PARAM_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_MD_CTX_settable_params(ctx, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_MD_CTX_settable_params", uintptr(_err)) ++} ++ ++func EVP_MD_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_MD_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_MD_fetch(ctx, (*C.char)(unsafe.Pointer(algorithm)), (*C.char)(unsafe.Pointer(properties)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_MD_fetch", uintptr(_err)) ++} ++ ++func EVP_MD_free(md EVP_MD_PTR) { ++ C._mkcgo_EVP_MD_free(md) ++} ++ ++func EVP_MD_get0_name(md EVP_MD_PTR) *byte { ++ return (*byte)(unsafe.Pointer(C._mkcgo_EVP_MD_get0_name(md))) ++} ++ ++func EVP_MD_get0_provider(md EVP_MD_PTR) OSSL_PROVIDER_PTR { ++ return C._mkcgo_EVP_MD_get0_provider(md) ++} ++ ++func EVP_MD_get_block_size(md EVP_MD_PTR) int32 { ++ return int32(C._mkcgo_EVP_MD_get_block_size(md)) ++} ++ ++func EVP_MD_get_size(md EVP_MD_PTR) int32 { ++ return int32(C._mkcgo_EVP_MD_get_size(md)) ++} ++ ++func EVP_MD_get_type(md EVP_MD_PTR) int32 { ++ return int32(C._mkcgo_EVP_MD_get_type(md)) ++} ++ ++func EVP_PKEY_CTX_add1_hkdf_info(arg0 EVP_PKEY_CTX_PTR, arg1 []byte) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_CTX_add1_hkdf_info(arg0, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg1))), C.int(len(arg1)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_add1_hkdf_info", uintptr(_err)) ++} ++ ++func EVP_PKEY_CTX_ctrl(ctx EVP_PKEY_CTX_PTR, keytype int32, optype int32, cmd int32, p1 int32, p2 unsafe.Pointer) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_CTX_ctrl(ctx, C.int(keytype), C.int(optype), C.int(cmd), C.int(p1), p2, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_ctrl", uintptr(_err)) ++} ++ ++func EVP_PKEY_CTX_free(arg0 EVP_PKEY_CTX_PTR) { ++ C._mkcgo_EVP_PKEY_CTX_free(arg0) ++} ++ ++func EVP_PKEY_CTX_new(arg0 EVP_PKEY_PTR, arg1 ENGINE_PTR) (EVP_PKEY_CTX_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_CTX_new(arg0, arg1, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_CTX_new", uintptr(_err)) ++} ++ ++func EVP_PKEY_CTX_new_from_pkey(libctx OSSL_LIB_CTX_PTR, pkey EVP_PKEY_PTR, propquery *byte) (EVP_PKEY_CTX_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_CTX_new_from_pkey(libctx, pkey, (*C.char)(unsafe.Pointer(propquery)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_CTX_new_from_pkey", uintptr(_err)) ++} ++ ++func EVP_PKEY_CTX_new_id(id int32, e ENGINE_PTR) (EVP_PKEY_CTX_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_CTX_new_id(C.int(id), e, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_CTX_new_id", uintptr(_err)) ++} ++ ++func EVP_PKEY_CTX_set0_rsa_oaep_label(ctx EVP_PKEY_CTX_PTR, label []byte) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(label))), C.int(len(label)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_set0_rsa_oaep_label", uintptr(_err)) ++} ++ ++func EVP_PKEY_CTX_set1_hkdf_key(arg0 EVP_PKEY_CTX_PTR, arg1 []byte) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_CTX_set1_hkdf_key(arg0, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg1))), C.int(len(arg1)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_set1_hkdf_key", uintptr(_err)) ++} ++ ++func EVP_PKEY_CTX_set1_hkdf_salt(arg0 EVP_PKEY_CTX_PTR, arg1 []byte) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_CTX_set1_hkdf_salt(arg0, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg1))), C.int(len(arg1)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_set1_hkdf_salt", uintptr(_err)) ++} ++ ++func EVP_PKEY_CTX_set_hkdf_md(arg0 EVP_PKEY_CTX_PTR, arg1 EVP_MD_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_CTX_set_hkdf_md(arg0, arg1, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_set_hkdf_md", uintptr(_err)) ++} ++ ++func EVP_PKEY_CTX_set_hkdf_mode(arg0 EVP_PKEY_CTX_PTR, arg1 int32) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_CTX_set_hkdf_mode(arg0, C.int(arg1), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_set_hkdf_mode", uintptr(_err)) ++} ++ ++func EVP_PKEY_CTX_set_params(ctx EVP_PKEY_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_CTX_set_params(ctx, params, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_set_params", uintptr(_err)) ++} ++ ++func EVP_PKEY_Q_keygen_EC(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte, arg1 *byte) (EVP_PKEY_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_Q_keygen_EC(ctx, (*C.char)(unsafe.Pointer(propq)), (*C.char)(unsafe.Pointer(__type)), (*C.char)(unsafe.Pointer(arg1)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_Q_keygen_EC", uintptr(_err)) ++} ++ ++func EVP_PKEY_Q_keygen_ED25519(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte) (EVP_PKEY_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_Q_keygen_ED25519(ctx, (*C.char)(unsafe.Pointer(propq)), (*C.char)(unsafe.Pointer(__type)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_Q_keygen_ED25519", uintptr(_err)) ++} ++ ++func EVP_PKEY_Q_keygen_MLDSA(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte) (EVP_PKEY_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_Q_keygen_MLDSA(ctx, (*C.char)(unsafe.Pointer(propq)), (*C.char)(unsafe.Pointer(__type)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_Q_keygen_MLDSA", uintptr(_err)) ++} ++ ++func EVP_PKEY_Q_keygen_MLKEM(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte) (EVP_PKEY_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_Q_keygen_MLKEM(ctx, (*C.char)(unsafe.Pointer(propq)), (*C.char)(unsafe.Pointer(__type)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_Q_keygen_MLKEM", uintptr(_err)) ++} ++ ++func EVP_PKEY_Q_keygen_RSA(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte, arg1 int) (EVP_PKEY_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_Q_keygen_RSA(ctx, (*C.char)(unsafe.Pointer(propq)), (*C.char)(unsafe.Pointer(__type)), C.size_t(arg1), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_Q_keygen_RSA", uintptr(_err)) ++} ++ ++func EVP_PKEY_Q_keygen_X25519(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte) (EVP_PKEY_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_Q_keygen_X25519(ctx, (*C.char)(unsafe.Pointer(propq)), (*C.char)(unsafe.Pointer(__type)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_Q_keygen_X25519", uintptr(_err)) ++} ++ ++func EVP_PKEY_assign(pkey EVP_PKEY_PTR, __type int32, key unsafe.Pointer) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_assign(pkey, C.int(__type), key, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_assign", uintptr(_err)) ++} ++ ++func EVP_PKEY_decapsulate(ctx EVP_PKEY_CTX_PTR, genkey *byte, genkeylen *int, wrappedkey *byte, wrappedkeylen int) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_decapsulate(ctx, (*C.uchar)(unsafe.Pointer(genkey)), (*C.size_t)(unsafe.Pointer(genkeylen)), (*C.uchar)(unsafe.Pointer(wrappedkey)), C.size_t(wrappedkeylen), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_decapsulate", uintptr(_err)) ++} ++ ++func EVP_PKEY_decapsulate_init(ctx EVP_PKEY_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_decapsulate_init(ctx, params, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_decapsulate_init", uintptr(_err)) ++} ++ ++func EVP_PKEY_decrypt(arg0 EVP_PKEY_CTX_PTR, arg1 []byte, arg2 *int, arg3 []byte) (int32, error) { ++ if arg2 != nil && int(*arg2) > len(arg1) { ++ panic("EVP_PKEY_decrypt: *arg2 exceeds len(arg1)") ++ } ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_decrypt(arg0, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg1))), (*C.size_t)(unsafe.Pointer(arg2)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg3))), C.size_t(len(arg3)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_decrypt", uintptr(_err)) ++} ++ ++func EVP_PKEY_decrypt_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_decrypt_init(arg0, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_decrypt_init", uintptr(_err)) ++} ++ ++func EVP_PKEY_derive(ctx EVP_PKEY_CTX_PTR, key []byte, keylen *int) (int32, error) { ++ if keylen != nil && int(*keylen) > len(key) { ++ panic("EVP_PKEY_derive: *keylen exceeds len(key)") ++ } ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_derive(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(key))), (*C.size_t)(unsafe.Pointer(keylen)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_derive", uintptr(_err)) ++} ++ ++func EVP_PKEY_derive_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_derive_init(ctx, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_derive_init", uintptr(_err)) ++} ++ ++func EVP_PKEY_derive_set_peer(ctx EVP_PKEY_CTX_PTR, peer EVP_PKEY_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_derive_set_peer(ctx, peer, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_derive_set_peer", uintptr(_err)) ++} ++ ++func EVP_PKEY_encapsulate(ctx EVP_PKEY_CTX_PTR, wrappedkey *byte, wrappedkeylen *int, genkey *byte, genkeylen *int) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_encapsulate(ctx, (*C.uchar)(unsafe.Pointer(wrappedkey)), (*C.size_t)(unsafe.Pointer(wrappedkeylen)), (*C.uchar)(unsafe.Pointer(genkey)), (*C.size_t)(unsafe.Pointer(genkeylen)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_encapsulate", uintptr(_err)) ++} ++ ++func EVP_PKEY_encapsulate_init(ctx EVP_PKEY_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_encapsulate_init(ctx, params, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_encapsulate_init", uintptr(_err)) ++} ++ ++func EVP_PKEY_encrypt(arg0 EVP_PKEY_CTX_PTR, arg1 []byte, arg2 *int, arg3 []byte) (int32, error) { ++ if arg2 != nil && int(*arg2) > len(arg1) { ++ panic("EVP_PKEY_encrypt: *arg2 exceeds len(arg1)") ++ } ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_encrypt(arg0, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg1))), (*C.size_t)(unsafe.Pointer(arg2)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg3))), C.size_t(len(arg3)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_encrypt", uintptr(_err)) ++} ++ ++func EVP_PKEY_encrypt_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_encrypt_init(arg0, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_encrypt_init", uintptr(_err)) ++} ++ ++func EVP_PKEY_free(arg0 EVP_PKEY_PTR) { ++ C._mkcgo_EVP_PKEY_free(arg0) ++} ++ ++func EVP_PKEY_fromdata(ctx EVP_PKEY_CTX_PTR, pkey *EVP_PKEY_PTR, selection int32, params OSSL_PARAM_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_fromdata(ctx, pkey, C.int(selection), params, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_fromdata", uintptr(_err)) ++} ++ ++func EVP_PKEY_fromdata_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_fromdata_init(ctx, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_fromdata_init", uintptr(_err)) ++} ++ ++func EVP_PKEY_get0_DSA(pkey EVP_PKEY_PTR) (DSA_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_get0_DSA(pkey, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_get0_DSA", uintptr(_err)) ++} ++ ++func EVP_PKEY_get0_EC_KEY(pkey EVP_PKEY_PTR) (EC_KEY_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_get0_EC_KEY(pkey, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_get0_EC_KEY", uintptr(_err)) ++} ++ ++func EVP_PKEY_get1_RSA(pkey EVP_PKEY_PTR) (RSA_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_get1_RSA(pkey, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_get1_RSA", uintptr(_err)) ++} ++ ++func EVP_PKEY_get1_encoded_public_key(pkey EVP_PKEY_PTR, ppub **byte) (int, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_get1_encoded_public_key(pkey, (**C.uchar)(unsafe.Pointer(ppub)), mkcgoNoEscape(&_err)) ++ return int(_ret), newMkcgoErr("EVP_PKEY_get1_encoded_public_key", uintptr(_err)) ++} ++ ++func EVP_PKEY_get_bits(pkey EVP_PKEY_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_get_bits(pkey, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_get_bits", uintptr(_err)) ++} ++ ++func EVP_PKEY_get_bn_param(pkey EVP_PKEY_PTR, key_name *byte, bn *BIGNUM_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_get_bn_param(pkey, (*C.char)(unsafe.Pointer(key_name)), bn, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_get_bn_param", uintptr(_err)) ++} ++ ++func EVP_PKEY_get_octet_string_param(pkey EVP_PKEY_PTR, key_name *byte, buf []byte, out_len *int) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_get_octet_string_param(pkey, (*C.char)(unsafe.Pointer(key_name)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(buf))), C.size_t(len(buf)), (*C.size_t)(unsafe.Pointer(out_len)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_get_octet_string_param", uintptr(_err)) ++} ++ ++func EVP_PKEY_get_raw_private_key(pkey EVP_PKEY_PTR, priv []byte, privlen *int) (int32, error) { ++ if privlen != nil && int(*privlen) > len(priv) { ++ panic("EVP_PKEY_get_raw_private_key: *privlen exceeds len(priv)") ++ } ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_get_raw_private_key(pkey, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(priv))), (*C.size_t)(unsafe.Pointer(privlen)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_get_raw_private_key", uintptr(_err)) ++} ++ ++func EVP_PKEY_get_raw_public_key(pkey EVP_PKEY_PTR, pub []byte, publen *int) (int32, error) { ++ if publen != nil && int(*publen) > len(pub) { ++ panic("EVP_PKEY_get_raw_public_key: *publen exceeds len(pub)") ++ } ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_get_raw_public_key(pkey, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(pub))), (*C.size_t)(unsafe.Pointer(publen)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_get_raw_public_key", uintptr(_err)) ++} ++ ++func EVP_PKEY_get_size(pkey EVP_PKEY_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_get_size(pkey, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_get_size", uintptr(_err)) ++} ++ ++func EVP_PKEY_keygen(ctx EVP_PKEY_CTX_PTR, ppkey *EVP_PKEY_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_keygen(ctx, ppkey, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_keygen", uintptr(_err)) ++} ++ ++func EVP_PKEY_keygen_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_keygen_init(ctx, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_keygen_init", uintptr(_err)) ++} ++ ++func EVP_PKEY_new() (EVP_PKEY_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_new(mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_new", uintptr(_err)) ++} ++ ++func EVP_PKEY_new_raw_private_key(__type int32, e ENGINE_PTR, key []byte) (EVP_PKEY_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_new_raw_private_key(C.int(__type), e, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(key))), C.size_t(len(key)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_new_raw_private_key", uintptr(_err)) ++} ++ ++func EVP_PKEY_new_raw_public_key(__type int32, e ENGINE_PTR, key []byte) (EVP_PKEY_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_new_raw_public_key(C.int(__type), e, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(key))), C.size_t(len(key)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_new_raw_public_key", uintptr(_err)) ++} ++ ++func EVP_PKEY_paramgen(ctx EVP_PKEY_CTX_PTR, ppkey *EVP_PKEY_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_paramgen(ctx, ppkey, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_paramgen", uintptr(_err)) ++} ++ ++func EVP_PKEY_paramgen_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_paramgen_init(ctx, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_paramgen_init", uintptr(_err)) ++} ++ ++func EVP_PKEY_private_check(ctx EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_private_check(ctx, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_private_check", uintptr(_err)) ++} ++ ++func EVP_PKEY_public_check_quick(ctx EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_public_check_quick(ctx, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_public_check_quick", uintptr(_err)) ++} ++ ++func EVP_PKEY_set1_EC_KEY(pkey EVP_PKEY_PTR, key EC_KEY_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_set1_EC_KEY(pkey, key, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_set1_EC_KEY", uintptr(_err)) ++} ++ ++func EVP_PKEY_set1_encoded_public_key(pkey EVP_PKEY_PTR, pub []byte) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_set1_encoded_public_key(pkey, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(pub))), C.size_t(len(pub)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_set1_encoded_public_key", uintptr(_err)) ++} ++ ++func EVP_PKEY_sign(arg0 EVP_PKEY_CTX_PTR, arg1 []byte, arg2 *int, arg3 []byte) (int32, error) { ++ if arg2 != nil && int(*arg2) > len(arg1) { ++ panic("EVP_PKEY_sign: *arg2 exceeds len(arg1)") ++ } ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_sign(arg0, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg1))), (*C.size_t)(unsafe.Pointer(arg2)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg3))), C.size_t(len(arg3)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_sign", uintptr(_err)) ++} ++ ++func EVP_PKEY_sign_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_sign_init(arg0, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_sign_init", uintptr(_err)) ++} ++ ++func EVP_PKEY_up_ref(key EVP_PKEY_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_up_ref(key, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_up_ref", uintptr(_err)) ++} ++ ++func EVP_PKEY_verify(ctx EVP_PKEY_CTX_PTR, sig []byte, tbs []byte) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_verify(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(sig))), C.size_t(len(sig)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(tbs))), C.size_t(len(tbs)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_verify", uintptr(_err)) ++} ++ ++func EVP_PKEY_verify_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_PKEY_verify_init(arg0, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_verify_init", uintptr(_err)) ++} ++ ++func EVP_SIGNATURE_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_SIGNATURE_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_SIGNATURE_fetch(ctx, (*C.char)(unsafe.Pointer(algorithm)), (*C.char)(unsafe.Pointer(properties)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_SIGNATURE_fetch", uintptr(_err)) ++} ++ ++func EVP_SIGNATURE_free(signature EVP_SIGNATURE_PTR) { ++ C._mkcgo_EVP_SIGNATURE_free(signature) ++} ++ ++func EVP_aes_128_cbc() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_128_cbc() ++} ++ ++func EVP_aes_128_ctr() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_128_ctr() ++} ++ ++func EVP_aes_128_ecb() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_128_ecb() ++} ++ ++func EVP_aes_128_gcm() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_128_gcm() ++} ++ ++func EVP_aes_192_cbc() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_192_cbc() ++} ++ ++func EVP_aes_192_ctr() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_192_ctr() ++} ++ ++func EVP_aes_192_ecb() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_192_ecb() ++} ++ ++func EVP_aes_192_gcm() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_192_gcm() ++} ++ ++func EVP_aes_256_cbc() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_256_cbc() ++} ++ ++func EVP_aes_256_ctr() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_256_ctr() ++} ++ ++func EVP_aes_256_ecb() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_256_ecb() ++} ++ ++func EVP_aes_256_gcm() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_256_gcm() ++} ++ ++func EVP_chacha20_poly1305_Available() bool { ++ return C._mkcgo_available_EVP_chacha20_poly1305() != 0 ++} ++ ++func EVP_chacha20_poly1305() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_chacha20_poly1305() ++} ++ ++func EVP_default_properties_enable_fips(libctx OSSL_LIB_CTX_PTR, enable int32) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_EVP_default_properties_enable_fips(libctx, C.int(enable), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_default_properties_enable_fips", uintptr(_err)) ++} ++ ++func EVP_default_properties_is_fips_enabled(libctx OSSL_LIB_CTX_PTR) int32 { ++ return int32(C._mkcgo_EVP_default_properties_is_fips_enabled(libctx)) ++} ++ ++func EVP_des_cbc() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_des_cbc() ++} ++ ++func EVP_des_ecb() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_des_ecb() ++} ++ ++func EVP_des_ede3_cbc() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_des_ede3_cbc() ++} ++ ++func EVP_des_ede3_ecb() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_des_ede3_ecb() ++} ++ ++func EVP_md4() EVP_MD_PTR { ++ return C._mkcgo_EVP_md4() ++} ++ ++func EVP_md5() EVP_MD_PTR { ++ return C._mkcgo_EVP_md5() ++} ++ ++func EVP_md5_sha1() EVP_MD_PTR { ++ return C._mkcgo_EVP_md5_sha1() ++} ++ ++func EVP_rc4() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_rc4() ++} ++ ++func EVP_ripemd160() EVP_MD_PTR { ++ return C._mkcgo_EVP_ripemd160() ++} ++ ++func EVP_sha1() EVP_MD_PTR { ++ return C._mkcgo_EVP_sha1() ++} ++ ++func EVP_sha224() EVP_MD_PTR { ++ return C._mkcgo_EVP_sha224() ++} ++ ++func EVP_sha256() EVP_MD_PTR { ++ return C._mkcgo_EVP_sha256() ++} ++ ++func EVP_sha384() EVP_MD_PTR { ++ return C._mkcgo_EVP_sha384() ++} ++ ++func EVP_sha3_224() EVP_MD_PTR { ++ return C._mkcgo_EVP_sha3_224() ++} ++ ++func EVP_sha3_256() EVP_MD_PTR { ++ return C._mkcgo_EVP_sha3_256() ++} ++ ++func EVP_sha3_384() EVP_MD_PTR { ++ return C._mkcgo_EVP_sha3_384() ++} ++ ++func EVP_sha3_512() EVP_MD_PTR { ++ return C._mkcgo_EVP_sha3_512() ++} ++ ++func EVP_sha512() EVP_MD_PTR { ++ return C._mkcgo_EVP_sha512() ++} ++ ++func EVP_sha512_224() EVP_MD_PTR { ++ return C._mkcgo_EVP_sha512_224() ++} ++ ++func EVP_sha512_256() EVP_MD_PTR { ++ return C._mkcgo_EVP_sha512_256() ++} ++ ++func FIPS_mode() int32 { ++ return int32(C._mkcgo_FIPS_mode()) ++} ++ ++func FIPS_mode_set(r int32) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_FIPS_mode_set(C.int(r), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("FIPS_mode_set", uintptr(_err)) ++} ++ ++func HMAC_CTX_copy(dest HMAC_CTX_PTR, src HMAC_CTX_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_HMAC_CTX_copy(dest, src, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("HMAC_CTX_copy", uintptr(_err)) ++} ++ ++func HMAC_CTX_free(arg0 HMAC_CTX_PTR) { ++ C._mkcgo_HMAC_CTX_free(arg0) ++} ++ ++func HMAC_CTX_new() (HMAC_CTX_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_HMAC_CTX_new(mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("HMAC_CTX_new", uintptr(_err)) ++} ++ ++func HMAC_Final(arg0 HMAC_CTX_PTR, arg1 []byte, arg2 *uint32) (int32, error) { ++ if arg2 != nil && int(*arg2) > len(arg1) { ++ panic("HMAC_Final: *arg2 exceeds len(arg1)") ++ } ++ var _err C.uintptr_t ++ _ret := C._mkcgo_HMAC_Final(arg0, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg1))), (*C.uint)(unsafe.Pointer(arg2)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("HMAC_Final", uintptr(_err)) ++} ++ ++func HMAC_Init_ex(arg0 HMAC_CTX_PTR, arg1 []byte, arg3 EVP_MD_PTR, arg4 ENGINE_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_HMAC_Init_ex(arg0, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg1))), C.int(len(arg1)), arg3, arg4, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("HMAC_Init_ex", uintptr(_err)) ++} ++ ++func HMAC_Update(arg0 HMAC_CTX_PTR, arg1 []byte) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_HMAC_Update(arg0, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg1))), C.size_t(len(arg1)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("HMAC_Update", uintptr(_err)) ++} ++ ++func OBJ_nid2sn(n int32) *byte { ++ return (*byte)(unsafe.Pointer(C._mkcgo_OBJ_nid2sn(C.int(n)))) ++} ++ ++func OPENSSL_init() { ++ C._mkcgo_OPENSSL_init() ++} ++ ++func OPENSSL_init_crypto(ops uint64, settings OPENSSL_INIT_SETTINGS_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_OPENSSL_init_crypto(C.uint64_t(ops), settings, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("OPENSSL_init_crypto", uintptr(_err)) ++} ++ ++func OPENSSL_version_major_Available() bool { ++ return C._mkcgo_available_OPENSSL_version_major() != 0 ++} ++ ++func OPENSSL_version_major() uint32 { ++ return uint32(C._mkcgo_OPENSSL_version_major()) ++} ++ ++func OPENSSL_version_minor_Available() bool { ++ return C._mkcgo_available_OPENSSL_version_minor() != 0 ++} ++ ++func OPENSSL_version_minor() uint32 { ++ return uint32(C._mkcgo_OPENSSL_version_minor()) ++} ++ ++func OPENSSL_version_patch_Available() bool { ++ return C._mkcgo_available_OPENSSL_version_patch() != 0 ++} ++ ++func OPENSSL_version_patch() uint32 { ++ return uint32(C._mkcgo_OPENSSL_version_patch()) ++} ++ ++func OSSL_PARAM_BLD_free(bld OSSL_PARAM_BLD_PTR) { ++ C._mkcgo_OSSL_PARAM_BLD_free(bld) ++} ++ ++func OSSL_PARAM_BLD_new() OSSL_PARAM_BLD_PTR { ++ return C._mkcgo_OSSL_PARAM_BLD_new() ++} ++ ++func OSSL_PARAM_BLD_push_BN(bld OSSL_PARAM_BLD_PTR, key *byte, bn BIGNUM_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_OSSL_PARAM_BLD_push_BN(bld, (*C.char)(unsafe.Pointer(key)), bn, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("OSSL_PARAM_BLD_push_BN", uintptr(_err)) ++} ++ ++func OSSL_PARAM_BLD_push_int32(bld OSSL_PARAM_BLD_PTR, key *byte, num int32) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_OSSL_PARAM_BLD_push_int32(bld, (*C.char)(unsafe.Pointer(key)), C.int32_t(num), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("OSSL_PARAM_BLD_push_int32", uintptr(_err)) ++} ++ ++func OSSL_PARAM_BLD_push_octet_string(bld OSSL_PARAM_BLD_PTR, key *byte, buf []byte) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_OSSL_PARAM_BLD_push_octet_string(bld, (*C.char)(unsafe.Pointer(key)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(buf))), C.size_t(len(buf)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("OSSL_PARAM_BLD_push_octet_string", uintptr(_err)) ++} ++ ++func OSSL_PARAM_BLD_push_utf8_string(bld OSSL_PARAM_BLD_PTR, key *byte, buf []byte) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_OSSL_PARAM_BLD_push_utf8_string(bld, (*C.char)(unsafe.Pointer(key)), (*C.char)(unsafe.Pointer(unsafe.SliceData(buf))), C.size_t(len(buf)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("OSSL_PARAM_BLD_push_utf8_string", uintptr(_err)) ++} ++ ++func OSSL_PARAM_BLD_to_param(bld OSSL_PARAM_BLD_PTR) (OSSL_PARAM_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_OSSL_PARAM_BLD_to_param(bld, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("OSSL_PARAM_BLD_to_param", uintptr(_err)) ++} ++ ++func OSSL_PARAM_free(p OSSL_PARAM_PTR) { ++ C._mkcgo_OSSL_PARAM_free(p) ++} ++ ++func OSSL_PARAM_locate_const(p OSSL_PARAM_PTR, key *byte) (OSSL_PARAM_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_OSSL_PARAM_locate_const(p, (*C.char)(unsafe.Pointer(key)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("OSSL_PARAM_locate_const", uintptr(_err)) ++} ++ ++func OSSL_PROVIDER_available(libctx OSSL_LIB_CTX_PTR, name *byte) int32 { ++ return int32(C._mkcgo_OSSL_PROVIDER_available(libctx, (*C.char)(unsafe.Pointer(name)))) ++} ++ ++func OSSL_PROVIDER_get0_name(prov OSSL_PROVIDER_PTR) *byte { ++ return (*byte)(unsafe.Pointer(C._mkcgo_OSSL_PROVIDER_get0_name(prov))) ++} ++ ++func OSSL_PROVIDER_try_load(libctx OSSL_LIB_CTX_PTR, name *byte, retain_fallbacks int32) (OSSL_PROVIDER_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_OSSL_PROVIDER_try_load(libctx, (*C.char)(unsafe.Pointer(name)), C.int(retain_fallbacks), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("OSSL_PROVIDER_try_load", uintptr(_err)) ++} ++ ++func OpenSSL_version(__type int32) *byte { ++ return (*byte)(unsafe.Pointer(C._mkcgo_OpenSSL_version(C.int(__type)))) ++} ++ ++func OpenSSL_version_num_Available() bool { ++ return C._mkcgo_available_OpenSSL_version_num() != 0 ++} ++ ++func OpenSSL_version_num() uint64 { ++ return uint64(C._mkcgo_OpenSSL_version_num()) ++} ++ ++func PKCS5_PBKDF2_HMAC(pass []byte, salt []byte, iter int32, digest EVP_MD_PTR, out []byte) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_PKCS5_PBKDF2_HMAC((*C.char)(unsafe.Pointer(unsafe.SliceData(pass))), C.int(len(pass)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(salt))), C.int(len(salt)), C.int(iter), digest, C.int(len(out)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(out))), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("PKCS5_PBKDF2_HMAC", uintptr(_err)) ++} ++ ++func RAND_bytes(buf []byte) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_RAND_bytes((*C.uchar)(unsafe.Pointer(unsafe.SliceData(buf))), C.int(len(buf)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("RAND_bytes", uintptr(_err)) ++} ++ ++func RAND_bytes_ex(ctx OSSL_LIB_CTX_PTR, buf []byte, strength uint32) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_RAND_bytes_ex(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(buf))), C.size_t(len(buf)), C.uint(strength), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("RAND_bytes_ex", uintptr(_err)) ++} ++ ++func RSA_free(arg0 RSA_PTR) { ++ C._mkcgo_RSA_free(arg0) ++} ++ ++func RSA_get0_crt_params(r RSA_PTR, dmp1 *BIGNUM_PTR, dmq1 *BIGNUM_PTR, iqmp *BIGNUM_PTR) { ++ C._mkcgo_RSA_get0_crt_params(r, dmp1, dmq1, iqmp) ++} ++ ++func RSA_get0_factors(rsa RSA_PTR, p *BIGNUM_PTR, q *BIGNUM_PTR) { ++ C._mkcgo_RSA_get0_factors(rsa, p, q) ++} ++ ++func RSA_get0_key(rsa RSA_PTR, n *BIGNUM_PTR, e *BIGNUM_PTR, d *BIGNUM_PTR) { ++ C._mkcgo_RSA_get0_key(rsa, n, e, d) ++} ++ ++func RSA_new() (RSA_PTR, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_RSA_new(mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("RSA_new", uintptr(_err)) ++} ++ ++func RSA_set0_crt_params(rsa RSA_PTR, dmp1 BIGNUM_PTR, dmp2 BIGNUM_PTR, iqmp BIGNUM_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_RSA_set0_crt_params(rsa, dmp1, dmp2, iqmp, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("RSA_set0_crt_params", uintptr(_err)) ++} ++ ++func RSA_set0_factors(rsa RSA_PTR, p BIGNUM_PTR, q BIGNUM_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_RSA_set0_factors(rsa, p, q, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("RSA_set0_factors", uintptr(_err)) ++} ++ ++func RSA_set0_key(r RSA_PTR, n BIGNUM_PTR, e BIGNUM_PTR, d BIGNUM_PTR) (int32, error) { ++ var _err C.uintptr_t ++ _ret := C._mkcgo_RSA_set0_key(r, n, e, d, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("RSA_set0_key", uintptr(_err)) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl_nocgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl_nocgo.go +new file mode 100644 +index 00000000000000..4323bdad14f62f +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl_nocgo.go +@@ -0,0 +1,2481 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++// Code generated by mkcgo. DO NOT EDIT. ++ ++//go:build !cgo ++ ++package ossl ++ ++import ( ++ "runtime" ++ "unsafe" ++) ++ ++var _ = runtime.GOOS ++ ++var _mkcgoAlwaysFalseOssl bool ++var _mkcgoEscapeSinkOssl unsafe.Pointer ++ ++// mkcgoEscapePtrOssl forces p to escape to the heap. ++// This implementation is also used in the standard library: ++// https://github.com/golang/go/blob/f71432d223eeb2139b460957817400750fd13655/src/internal/abi/escape.go#L24-L33 ++func mkcgoEscapePtrOssl(p unsafe.Pointer) unsafe.Pointer { ++ if _mkcgoAlwaysFalseOssl { ++ _mkcgoEscapeSinkOssl = p ++ } ++ return p ++} ++ ++type OPENSSL_INIT_SETTINGS_PTR unsafe.Pointer ++type OSSL_LIB_CTX_PTR unsafe.Pointer ++type OSSL_PROVIDER_PTR unsafe.Pointer ++type ENGINE_PTR unsafe.Pointer ++type EVP_PKEY_PTR unsafe.Pointer ++type EVP_PKEY_CTX_PTR unsafe.Pointer ++type EVP_MD_PTR unsafe.Pointer ++type EVP_MD_CTX_PTR unsafe.Pointer ++type HMAC_CTX_PTR unsafe.Pointer ++type EVP_CIPHER_PTR unsafe.Pointer ++type EVP_CIPHER_CTX_PTR unsafe.Pointer ++type EC_KEY_PTR unsafe.Pointer ++type EC_POINT_PTR unsafe.Pointer ++type EC_GROUP_PTR unsafe.Pointer ++type RSA_PTR unsafe.Pointer ++type BIGNUM_PTR unsafe.Pointer ++type BN_CTX_PTR unsafe.Pointer ++type EVP_MAC_PTR unsafe.Pointer ++type EVP_MAC_CTX_PTR unsafe.Pointer ++type OSSL_PARAM_BLD_PTR unsafe.Pointer ++type OSSL_PARAM_PTR unsafe.Pointer ++type EVP_SIGNATURE_PTR unsafe.Pointer ++type EVP_KEYMGMT_PTR unsafe.Pointer ++type DSA_PTR unsafe.Pointer ++type EVP_KDF_PTR unsafe.Pointer ++type EVP_KDF_CTX_PTR unsafe.Pointer ++type BIO_METHOD_PTR unsafe.Pointer ++type BIO_PTR unsafe.Pointer ++type Point_conversion_form_t = int32 ++ ++var _mkcgo_BIO_ctrl uintptr ++ ++func BIO_ctrl(bp BIO_PTR, cmd int32, larg int64, parg unsafe.Pointer) int64 { ++ r0, _ := syscallN(0, _mkcgo_BIO_ctrl, uintptr(bp), uintptr(cmd), uintptr(larg), uintptr(parg)) ++ return int64(r0) ++} ++ ++var _mkcgo_BIO_free uintptr ++ ++func BIO_free(a BIO_PTR) int32 { ++ r0, _ := syscallN(0, _mkcgo_BIO_free, uintptr(a)) ++ return int32(r0) ++} ++ ++var _mkcgo_BIO_new uintptr ++ ++func BIO_new(__type BIO_METHOD_PTR) (BIO_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_BIO_new, uintptr(__type), uintptr(unsafe.Pointer(&_err))) ++ return BIO_PTR(r0), newMkcgoErr("BIO_new", _err) ++} ++ ++var _mkcgo_BIO_s_mem uintptr ++ ++func BIO_s_mem() BIO_METHOD_PTR { ++ r0, _ := syscallN(0, _mkcgo_BIO_s_mem) ++ return BIO_METHOD_PTR(r0) ++} ++ ++var _mkcgo_BN_bin2bn uintptr ++ ++func BN_bin2bn(arg0 []byte, arg2 BIGNUM_PTR) (BIGNUM_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_BN_bin2bn, uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(arg0)))), uintptr(len(arg0)), uintptr(arg2), uintptr(unsafe.Pointer(&_err))) ++ return BIGNUM_PTR(r0), newMkcgoErr("BN_bin2bn", _err) ++} ++ ++var _mkcgo_BN_bn2binpad uintptr ++ ++func BN_bn2binpad(a BIGNUM_PTR, to []byte) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(2, _mkcgo_BN_bn2binpad, uintptr(a), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(to)))), uintptr(len(to)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("BN_bn2binpad", _err) ++} ++ ++var _mkcgo_BN_bn2lebinpad uintptr ++ ++func BN_bn2lebinpad(a BIGNUM_PTR, to []byte) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(2, _mkcgo_BN_bn2lebinpad, uintptr(a), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(to)))), uintptr(len(to)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("BN_bn2lebinpad", _err) ++} ++ ++var _mkcgo_BN_clear uintptr ++ ++func BN_clear(arg0 BIGNUM_PTR) { ++ syscallN(0, _mkcgo_BN_clear, uintptr(arg0)) ++} ++ ++var _mkcgo_BN_clear_free uintptr ++ ++func BN_clear_free(arg0 BIGNUM_PTR) { ++ syscallN(0, _mkcgo_BN_clear_free, uintptr(arg0)) ++} ++ ++var _mkcgo_BN_free uintptr ++ ++func BN_free(arg0 BIGNUM_PTR) { ++ syscallN(0, _mkcgo_BN_free, uintptr(arg0)) ++} ++ ++var _mkcgo_BN_lebin2bn uintptr ++ ++func BN_lebin2bn(s []byte, ret BIGNUM_PTR) (BIGNUM_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_BN_lebin2bn, uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(s)))), uintptr(len(s)), uintptr(ret), uintptr(unsafe.Pointer(&_err))) ++ return BIGNUM_PTR(r0), newMkcgoErr("BN_lebin2bn", _err) ++} ++ ++var _mkcgo_BN_new uintptr ++ ++func BN_new() (BIGNUM_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_BN_new, uintptr(unsafe.Pointer(&_err))) ++ return BIGNUM_PTR(r0), newMkcgoErr("BN_new", _err) ++} ++ ++var _mkcgo_BN_num_bits uintptr ++ ++func BN_num_bits(arg0 BIGNUM_PTR) int32 { ++ r0, _ := syscallN(0, _mkcgo_BN_num_bits, uintptr(arg0)) ++ return int32(r0) ++} ++ ++var _mkcgo_CRYPTO_free uintptr ++ ++func CRYPTO_free(str unsafe.Pointer, file *byte, line int32) { ++ syscallN(0, _mkcgo_CRYPTO_free, uintptr(str), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(file))), uintptr(line)) ++} ++ ++var _mkcgo_CRYPTO_malloc uintptr ++ ++func CRYPTO_malloc(num int, file *byte, line int32) (unsafe.Pointer, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_CRYPTO_malloc, uintptr(num), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(file))), uintptr(line), uintptr(unsafe.Pointer(&_err))) ++ return unsafe.Pointer(r0), newMkcgoErr("CRYPTO_malloc", _err) ++} ++ ++var _mkcgo_DSA_free uintptr ++ ++func DSA_free(r DSA_PTR) { ++ syscallN(0, _mkcgo_DSA_free, uintptr(r)) ++} ++ ++var _mkcgo_DSA_generate_key uintptr ++ ++func DSA_generate_key(a DSA_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_DSA_generate_key, uintptr(a), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("DSA_generate_key", _err) ++} ++ ++var _mkcgo_DSA_get0_key uintptr ++ ++func DSA_get0_key(d DSA_PTR, pub_key *BIGNUM_PTR, priv_key *BIGNUM_PTR) { ++ syscallN(0, _mkcgo_DSA_get0_key, uintptr(d), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(pub_key))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(priv_key)))) ++} ++ ++var _mkcgo_DSA_get0_pqg uintptr ++ ++func DSA_get0_pqg(d DSA_PTR, p *BIGNUM_PTR, q *BIGNUM_PTR, g *BIGNUM_PTR) { ++ syscallN(0, _mkcgo_DSA_get0_pqg, uintptr(d), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(p))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(q))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(g)))) ++} ++ ++var _mkcgo_DSA_new uintptr ++ ++func DSA_new() (DSA_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_DSA_new, uintptr(unsafe.Pointer(&_err))) ++ return DSA_PTR(r0), newMkcgoErr("DSA_new", _err) ++} ++ ++var _mkcgo_DSA_set0_key uintptr ++ ++func DSA_set0_key(d DSA_PTR, pub_key BIGNUM_PTR, priv_key BIGNUM_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_DSA_set0_key, uintptr(d), uintptr(pub_key), uintptr(priv_key), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("DSA_set0_key", _err) ++} ++ ++var _mkcgo_DSA_set0_pqg uintptr ++ ++func DSA_set0_pqg(d DSA_PTR, p BIGNUM_PTR, q BIGNUM_PTR, g BIGNUM_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_DSA_set0_pqg, uintptr(d), uintptr(p), uintptr(q), uintptr(g), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("DSA_set0_pqg", _err) ++} ++ ++var _mkcgo_EC_GROUP_free uintptr ++ ++func EC_GROUP_free(group EC_GROUP_PTR) { ++ syscallN(0, _mkcgo_EC_GROUP_free, uintptr(group)) ++} ++ ++var _mkcgo_EC_GROUP_new_by_curve_name uintptr ++ ++func EC_GROUP_new_by_curve_name(nid int32) (EC_GROUP_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EC_GROUP_new_by_curve_name, uintptr(nid), uintptr(unsafe.Pointer(&_err))) ++ return EC_GROUP_PTR(r0), newMkcgoErr("EC_GROUP_new_by_curve_name", _err) ++} ++ ++var _mkcgo_EC_KEY_check_key uintptr ++ ++func EC_KEY_check_key(key EC_KEY_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EC_KEY_check_key, uintptr(key), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EC_KEY_check_key", _err) ++} ++ ++var _mkcgo_EC_KEY_free uintptr ++ ++func EC_KEY_free(arg0 EC_KEY_PTR) { ++ syscallN(0, _mkcgo_EC_KEY_free, uintptr(arg0)) ++} ++ ++var _mkcgo_EC_KEY_get0_group uintptr ++ ++func EC_KEY_get0_group(arg0 EC_KEY_PTR) EC_GROUP_PTR { ++ r0, _ := syscallN(0, _mkcgo_EC_KEY_get0_group, uintptr(arg0)) ++ return EC_GROUP_PTR(r0) ++} ++ ++var _mkcgo_EC_KEY_get0_private_key uintptr ++ ++func EC_KEY_get0_private_key(arg0 EC_KEY_PTR) BIGNUM_PTR { ++ r0, _ := syscallN(0, _mkcgo_EC_KEY_get0_private_key, uintptr(arg0)) ++ return BIGNUM_PTR(r0) ++} ++ ++var _mkcgo_EC_KEY_get0_public_key uintptr ++ ++func EC_KEY_get0_public_key(arg0 EC_KEY_PTR) EC_POINT_PTR { ++ r0, _ := syscallN(0, _mkcgo_EC_KEY_get0_public_key, uintptr(arg0)) ++ return EC_POINT_PTR(r0) ++} ++ ++var _mkcgo_EC_KEY_new_by_curve_name uintptr ++ ++func EC_KEY_new_by_curve_name(arg0 int32) (EC_KEY_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EC_KEY_new_by_curve_name, uintptr(arg0), uintptr(unsafe.Pointer(&_err))) ++ return EC_KEY_PTR(r0), newMkcgoErr("EC_KEY_new_by_curve_name", _err) ++} ++ ++var _mkcgo_EC_KEY_set_private_key uintptr ++ ++func EC_KEY_set_private_key(arg0 EC_KEY_PTR, arg1 BIGNUM_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EC_KEY_set_private_key, uintptr(arg0), uintptr(arg1), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EC_KEY_set_private_key", _err) ++} ++ ++var _mkcgo_EC_KEY_set_public_key uintptr ++ ++func EC_KEY_set_public_key(key EC_KEY_PTR, pub EC_POINT_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EC_KEY_set_public_key, uintptr(key), uintptr(pub), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EC_KEY_set_public_key", _err) ++} ++ ++var _mkcgo_EC_KEY_set_public_key_affine_coordinates uintptr ++ ++func EC_KEY_set_public_key_affine_coordinates(key EC_KEY_PTR, x BIGNUM_PTR, y BIGNUM_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EC_KEY_set_public_key_affine_coordinates, uintptr(key), uintptr(x), uintptr(y), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EC_KEY_set_public_key_affine_coordinates", _err) ++} ++ ++var _mkcgo_EC_POINT_free uintptr ++ ++func EC_POINT_free(arg0 EC_POINT_PTR) { ++ syscallN(0, _mkcgo_EC_POINT_free, uintptr(arg0)) ++} ++ ++var _mkcgo_EC_POINT_get_affine_coordinates_GFp uintptr ++ ++func EC_POINT_get_affine_coordinates_GFp(arg0 EC_GROUP_PTR, arg1 EC_POINT_PTR, arg2 BIGNUM_PTR, arg3 BIGNUM_PTR, arg4 BN_CTX_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EC_POINT_get_affine_coordinates_GFp, uintptr(arg0), uintptr(arg1), uintptr(arg2), uintptr(arg3), uintptr(arg4), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EC_POINT_get_affine_coordinates_GFp", _err) ++} ++ ++var _mkcgo_EC_POINT_mul uintptr ++ ++func EC_POINT_mul(group EC_GROUP_PTR, r EC_POINT_PTR, n BIGNUM_PTR, q EC_POINT_PTR, m BIGNUM_PTR, ctx BN_CTX_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EC_POINT_mul, uintptr(group), uintptr(r), uintptr(n), uintptr(q), uintptr(m), uintptr(ctx), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EC_POINT_mul", _err) ++} ++ ++var _mkcgo_EC_POINT_new uintptr ++ ++func EC_POINT_new(arg0 EC_GROUP_PTR) (EC_POINT_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EC_POINT_new, uintptr(arg0), uintptr(unsafe.Pointer(&_err))) ++ return EC_POINT_PTR(r0), newMkcgoErr("EC_POINT_new", _err) ++} ++ ++var _mkcgo_EC_POINT_oct2point uintptr ++ ++func EC_POINT_oct2point(group EC_GROUP_PTR, p EC_POINT_PTR, buf []byte, ctx BN_CTX_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EC_POINT_oct2point, uintptr(group), uintptr(p), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(buf)))), uintptr(len(buf)), uintptr(ctx), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EC_POINT_oct2point", _err) ++} ++ ++var _mkcgo_EC_POINT_point2oct uintptr ++ ++func EC_POINT_point2oct(group EC_GROUP_PTR, p EC_POINT_PTR, form Point_conversion_form_t, buf []byte, ctx BN_CTX_PTR) (int, error) { ++ var _err uintptr ++ r0, _ := syscallN(4, _mkcgo_EC_POINT_point2oct, uintptr(group), uintptr(p), uintptr(form), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(buf)))), uintptr(len(buf)), uintptr(ctx), uintptr(unsafe.Pointer(&_err))) ++ return int(r0), newMkcgoErr("EC_POINT_point2oct", _err) ++} ++ ++var _mkcgo_EC_POINT_set_affine_coordinates uintptr ++ ++func EC_POINT_set_affine_coordinates(arg0 EC_GROUP_PTR, arg1 EC_POINT_PTR, arg2 BIGNUM_PTR, arg3 BIGNUM_PTR, arg4 BN_CTX_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EC_POINT_set_affine_coordinates, uintptr(arg0), uintptr(arg1), uintptr(arg2), uintptr(arg3), uintptr(arg4), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EC_POINT_set_affine_coordinates", _err) ++} ++ ++var _mkcgo_ERR_peek_error uintptr ++ ++func ERR_peek_error() uint64 { ++ r0, _ := syscallN(0, _mkcgo_ERR_peek_error) ++ return uint64(r0) ++} ++ ++var _mkcgo_ERR_print_errors uintptr ++ ++func ERR_print_errors(bp BIO_PTR) { ++ syscallN(0, _mkcgo_ERR_print_errors, uintptr(bp)) ++} ++ ++var _mkcgo_EVP_CIPHER_CTX_ctrl uintptr ++ ++func EVP_CIPHER_CTX_ctrl(ctx EVP_CIPHER_CTX_PTR, __type int32, arg int32, ptr unsafe.Pointer) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_CIPHER_CTX_ctrl, uintptr(ctx), uintptr(__type), uintptr(arg), uintptr(ptr), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_CIPHER_CTX_ctrl", _err) ++} ++ ++var _mkcgo_EVP_CIPHER_CTX_free uintptr ++ ++func EVP_CIPHER_CTX_free(arg0 EVP_CIPHER_CTX_PTR) { ++ syscallN(0, _mkcgo_EVP_CIPHER_CTX_free, uintptr(arg0)) ++} ++ ++var _mkcgo_EVP_CIPHER_CTX_new uintptr ++ ++func EVP_CIPHER_CTX_new() (EVP_CIPHER_CTX_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_CIPHER_CTX_new, uintptr(unsafe.Pointer(&_err))) ++ return EVP_CIPHER_CTX_PTR(r0), newMkcgoErr("EVP_CIPHER_CTX_new", _err) ++} ++ ++var _mkcgo_EVP_CIPHER_CTX_set_key_length uintptr ++ ++func EVP_CIPHER_CTX_set_key_length(x EVP_CIPHER_CTX_PTR, keylen int32) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_CIPHER_CTX_set_key_length, uintptr(x), uintptr(keylen), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_CIPHER_CTX_set_key_length", _err) ++} ++ ++var _mkcgo_EVP_CIPHER_CTX_set_padding uintptr ++ ++func EVP_CIPHER_CTX_set_padding(x EVP_CIPHER_CTX_PTR, padding int32) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_CIPHER_CTX_set_padding, uintptr(x), uintptr(padding), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_CIPHER_CTX_set_padding", _err) ++} ++ ++var _mkcgo_EVP_CIPHER_fetch uintptr ++ ++func EVP_CIPHER_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_CIPHER_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_CIPHER_fetch, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(algorithm))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(properties))), uintptr(unsafe.Pointer(&_err))) ++ return EVP_CIPHER_PTR(r0), newMkcgoErr("EVP_CIPHER_fetch", _err) ++} ++ ++var _mkcgo_EVP_CIPHER_get0_name uintptr ++ ++func EVP_CIPHER_get0_name(cipher EVP_CIPHER_PTR) *byte { ++ r0, _ := syscallN(0, _mkcgo_EVP_CIPHER_get0_name, uintptr(cipher)) ++ return (*byte)(unsafe.Pointer(r0)) ++} ++ ++var _mkcgo_EVP_CIPHER_get_block_size uintptr ++ ++func EVP_CIPHER_get_block_size(cipher EVP_CIPHER_PTR) int32 { ++ r0, _ := syscallN(0, _mkcgo_EVP_CIPHER_get_block_size, uintptr(cipher)) ++ return int32(r0) ++} ++ ++var _mkcgo_EVP_CipherInit_ex uintptr ++ ++func EVP_CipherInit_ex(ctx EVP_CIPHER_CTX_PTR, __type EVP_CIPHER_PTR, impl ENGINE_PTR, key *byte, iv *byte, enc int32) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_CipherInit_ex, uintptr(ctx), uintptr(__type), uintptr(impl), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(key))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(iv))), uintptr(enc), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_CipherInit_ex", _err) ++} ++ ++var _mkcgo_EVP_CipherUpdate uintptr ++ ++func EVP_CipherUpdate(ctx EVP_CIPHER_CTX_PTR, out []byte, outl *int32, in []byte) (int32, error) { ++ if outl != nil && int(*outl) > len(out) { ++ panic("EVP_CipherUpdate: *outl exceeds len(out)") ++ } ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_CipherUpdate, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(out))), uintptr(unsafe.Pointer(outl)), uintptr(unsafe.Pointer(unsafe.SliceData(in))), uintptr(len(in)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_CipherUpdate", _err) ++} ++ ++var _mkcgo_EVP_DecryptFinal_ex uintptr ++ ++func EVP_DecryptFinal_ex(ctx EVP_CIPHER_CTX_PTR, outm []byte, outl *int32) (int32, error) { ++ if outl != nil && int(*outl) > len(outm) { ++ panic("EVP_DecryptFinal_ex: *outl exceeds len(outm)") ++ } ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_DecryptFinal_ex, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(outm))), uintptr(unsafe.Pointer(outl)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_DecryptFinal_ex", _err) ++} ++ ++var _mkcgo_EVP_DecryptInit_ex uintptr ++ ++func EVP_DecryptInit_ex(ctx EVP_CIPHER_CTX_PTR, __type EVP_CIPHER_PTR, impl ENGINE_PTR, key *byte, iv *byte) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_DecryptInit_ex, uintptr(ctx), uintptr(__type), uintptr(impl), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(key))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(iv))), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_DecryptInit_ex", _err) ++} ++ ++var _mkcgo_EVP_DecryptUpdate uintptr ++ ++func EVP_DecryptUpdate(ctx EVP_CIPHER_CTX_PTR, out []byte, outl *int32, in []byte) (int32, error) { ++ if outl != nil && int(*outl) > len(out) { ++ panic("EVP_DecryptUpdate: *outl exceeds len(out)") ++ } ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_DecryptUpdate, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(out))), uintptr(unsafe.Pointer(outl)), uintptr(unsafe.Pointer(unsafe.SliceData(in))), uintptr(len(in)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_DecryptUpdate", _err) ++} ++ ++var _mkcgo_EVP_Digest uintptr ++ ++func EVP_Digest(data []byte, md []byte, size *uint32, __type EVP_MD_PTR, impl ENGINE_PTR) (int32, error) { ++ if size != nil && int(*size) > len(md) { ++ panic("EVP_Digest: *size exceeds len(md)") ++ } ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_Digest, uintptr(unsafe.Pointer(unsafe.SliceData(data))), uintptr(len(data)), uintptr(unsafe.Pointer(unsafe.SliceData(md))), uintptr(unsafe.Pointer(size)), uintptr(__type), uintptr(impl), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_Digest", _err) ++} ++ ++var _mkcgo_EVP_DigestFinalXOF uintptr ++ ++func EVP_DigestFinalXOF(ctx EVP_MD_CTX_PTR, md []byte) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_DigestFinalXOF, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(md))), uintptr(len(md)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_DigestFinalXOF", _err) ++} ++ ++var _mkcgo_EVP_DigestFinal_ex uintptr ++ ++func EVP_DigestFinal_ex(ctx EVP_MD_CTX_PTR, md []byte, s *uint32) (int32, error) { ++ if s != nil && int(*s) > len(md) { ++ panic("EVP_DigestFinal_ex: *s exceeds len(md)") ++ } ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_DigestFinal_ex, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(md))), uintptr(unsafe.Pointer(s)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_DigestFinal_ex", _err) ++} ++ ++var _mkcgo_EVP_DigestInit uintptr ++ ++func EVP_DigestInit(ctx EVP_MD_CTX_PTR, __type EVP_MD_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_DigestInit, uintptr(ctx), uintptr(__type), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_DigestInit", _err) ++} ++ ++var _mkcgo_EVP_DigestInit_ex uintptr ++ ++func EVP_DigestInit_ex(ctx EVP_MD_CTX_PTR, __type EVP_MD_PTR, impl ENGINE_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_DigestInit_ex, uintptr(ctx), uintptr(__type), uintptr(impl), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_DigestInit_ex", _err) ++} ++ ++var _mkcgo_EVP_DigestSign uintptr ++ ++func EVP_DigestSign(ctx EVP_MD_CTX_PTR, sigret []byte, siglen *int, tbs []byte) (int32, error) { ++ if siglen != nil && int(*siglen) > len(sigret) { ++ panic("EVP_DigestSign: *siglen exceeds len(sigret)") ++ } ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_DigestSign, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(sigret))), uintptr(unsafe.Pointer(siglen)), uintptr(unsafe.Pointer(unsafe.SliceData(tbs))), uintptr(len(tbs)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_DigestSign", _err) ++} ++ ++var _mkcgo_EVP_DigestSignFinal uintptr ++ ++func EVP_DigestSignFinal(ctx EVP_MD_CTX_PTR, sig []byte, siglen *int) (int32, error) { ++ if siglen != nil && int(*siglen) > len(sig) { ++ panic("EVP_DigestSignFinal: *siglen exceeds len(sig)") ++ } ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_DigestSignFinal, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(sig)))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(siglen))), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_DigestSignFinal", _err) ++} ++ ++var _mkcgo_EVP_DigestSignInit uintptr ++ ++func EVP_DigestSignInit(ctx EVP_MD_CTX_PTR, pctx *EVP_PKEY_CTX_PTR, __type EVP_MD_PTR, e ENGINE_PTR, pkey EVP_PKEY_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_DigestSignInit, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(pctx))), uintptr(__type), uintptr(e), uintptr(pkey), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_DigestSignInit", _err) ++} ++ ++func EVP_DigestSqueeze_Available() bool { ++ return _mkcgo_EVP_DigestSqueeze != 0 ++} ++ ++var _mkcgo_EVP_DigestSqueeze uintptr ++ ++func EVP_DigestSqueeze(ctx EVP_MD_CTX_PTR, out []byte) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_DigestSqueeze, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(out))), uintptr(len(out)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_DigestSqueeze", _err) ++} ++ ++var _mkcgo_EVP_DigestUpdate uintptr ++ ++func EVP_DigestUpdate(ctx EVP_MD_CTX_PTR, d []byte) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_DigestUpdate, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(d))), uintptr(len(d)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_DigestUpdate", _err) ++} ++ ++var _mkcgo_EVP_DigestVerify uintptr ++ ++func EVP_DigestVerify(ctx EVP_MD_CTX_PTR, sigret []byte, tbs []byte) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_DigestVerify, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(sigret)))), uintptr(len(sigret)), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(tbs)))), uintptr(len(tbs)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_DigestVerify", _err) ++} ++ ++var _mkcgo_EVP_DigestVerifyFinal uintptr ++ ++func EVP_DigestVerifyFinal(ctx EVP_MD_CTX_PTR, sig []byte) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_DigestVerifyFinal, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(sig)))), uintptr(len(sig)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_DigestVerifyFinal", _err) ++} ++ ++var _mkcgo_EVP_DigestVerifyInit uintptr ++ ++func EVP_DigestVerifyInit(ctx EVP_MD_CTX_PTR, pctx *EVP_PKEY_CTX_PTR, __type EVP_MD_PTR, e ENGINE_PTR, pkey EVP_PKEY_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_DigestVerifyInit, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(pctx))), uintptr(__type), uintptr(e), uintptr(pkey), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_DigestVerifyInit", _err) ++} ++ ++var _mkcgo_EVP_EncryptFinal_ex uintptr ++ ++func EVP_EncryptFinal_ex(ctx EVP_CIPHER_CTX_PTR, out []byte, outl *int32) (int32, error) { ++ if outl != nil && int(*outl) > len(out) { ++ panic("EVP_EncryptFinal_ex: *outl exceeds len(out)") ++ } ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_EncryptFinal_ex, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(out))), uintptr(unsafe.Pointer(outl)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_EncryptFinal_ex", _err) ++} ++ ++var _mkcgo_EVP_EncryptInit_ex uintptr ++ ++func EVP_EncryptInit_ex(ctx EVP_CIPHER_CTX_PTR, __type EVP_CIPHER_PTR, impl ENGINE_PTR, key *byte, iv *byte) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_EncryptInit_ex, uintptr(ctx), uintptr(__type), uintptr(impl), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(key))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(iv))), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_EncryptInit_ex", _err) ++} ++ ++var _mkcgo_EVP_EncryptUpdate uintptr ++ ++func EVP_EncryptUpdate(ctx EVP_CIPHER_CTX_PTR, out []byte, outl *int32, in []byte) (int32, error) { ++ if outl != nil && int(*outl) > len(out) { ++ panic("EVP_EncryptUpdate: *outl exceeds len(out)") ++ } ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_EncryptUpdate, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(out))), uintptr(unsafe.Pointer(outl)), uintptr(unsafe.Pointer(unsafe.SliceData(in))), uintptr(len(in)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_EncryptUpdate", _err) ++} ++ ++var _mkcgo_EVP_KDF_CTX_free uintptr ++ ++func EVP_KDF_CTX_free(ctx EVP_KDF_CTX_PTR) { ++ syscallN(0, _mkcgo_EVP_KDF_CTX_free, uintptr(ctx)) ++} ++ ++var _mkcgo_EVP_KDF_CTX_get_kdf_size uintptr ++ ++func EVP_KDF_CTX_get_kdf_size(ctx EVP_KDF_CTX_PTR) (int, error) { ++ var _err uintptr ++ r0, _ := syscallN(4, _mkcgo_EVP_KDF_CTX_get_kdf_size, uintptr(ctx), uintptr(unsafe.Pointer(&_err))) ++ return int(r0), newMkcgoErr("EVP_KDF_CTX_get_kdf_size", _err) ++} ++ ++var _mkcgo_EVP_KDF_CTX_new uintptr ++ ++func EVP_KDF_CTX_new(kdf EVP_KDF_PTR) (EVP_KDF_CTX_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_KDF_CTX_new, uintptr(kdf), uintptr(unsafe.Pointer(&_err))) ++ return EVP_KDF_CTX_PTR(r0), newMkcgoErr("EVP_KDF_CTX_new", _err) ++} ++ ++var _mkcgo_EVP_KDF_CTX_set_params uintptr ++ ++func EVP_KDF_CTX_set_params(ctx EVP_KDF_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_KDF_CTX_set_params, uintptr(ctx), uintptr(params), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_KDF_CTX_set_params", _err) ++} ++ ++var _mkcgo_EVP_KDF_derive uintptr ++ ++func EVP_KDF_derive(ctx EVP_KDF_CTX_PTR, key []byte, params OSSL_PARAM_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_KDF_derive, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(key)))), uintptr(len(key)), uintptr(params), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_KDF_derive", _err) ++} ++ ++var _mkcgo_EVP_KDF_fetch uintptr ++ ++func EVP_KDF_fetch(libctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_KDF_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_KDF_fetch, uintptr(libctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(algorithm))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(properties))), uintptr(unsafe.Pointer(&_err))) ++ return EVP_KDF_PTR(r0), newMkcgoErr("EVP_KDF_fetch", _err) ++} ++ ++var _mkcgo_EVP_KDF_free uintptr ++ ++func EVP_KDF_free(kdf EVP_KDF_PTR) { ++ syscallN(0, _mkcgo_EVP_KDF_free, uintptr(kdf)) ++} ++ ++func EVP_KEYMGMT_fetch_Available() bool { ++ return _mkcgo_EVP_KEYMGMT_fetch != 0 ++} ++ ++var _mkcgo_EVP_KEYMGMT_fetch uintptr ++ ++func EVP_KEYMGMT_fetch(libctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_KEYMGMT_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_KEYMGMT_fetch, uintptr(libctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(algorithm))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(properties))), uintptr(unsafe.Pointer(&_err))) ++ return EVP_KEYMGMT_PTR(r0), newMkcgoErr("EVP_KEYMGMT_fetch", _err) ++} ++ ++var _mkcgo_EVP_KEYMGMT_free uintptr ++ ++func EVP_KEYMGMT_free(keymgmt EVP_KEYMGMT_PTR) { ++ syscallN(0, _mkcgo_EVP_KEYMGMT_free, uintptr(keymgmt)) ++} ++ ++var _mkcgo_EVP_MAC_CTX_dup uintptr ++ ++func EVP_MAC_CTX_dup(arg0 EVP_MAC_CTX_PTR) (EVP_MAC_CTX_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_MAC_CTX_dup, uintptr(arg0), uintptr(unsafe.Pointer(&_err))) ++ return EVP_MAC_CTX_PTR(r0), newMkcgoErr("EVP_MAC_CTX_dup", _err) ++} ++ ++var _mkcgo_EVP_MAC_CTX_free uintptr ++ ++func EVP_MAC_CTX_free(arg0 EVP_MAC_CTX_PTR) { ++ syscallN(0, _mkcgo_EVP_MAC_CTX_free, uintptr(arg0)) ++} ++ ++var _mkcgo_EVP_MAC_CTX_new uintptr ++ ++func EVP_MAC_CTX_new(arg0 EVP_MAC_PTR) (EVP_MAC_CTX_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_MAC_CTX_new, uintptr(arg0), uintptr(unsafe.Pointer(&_err))) ++ return EVP_MAC_CTX_PTR(r0), newMkcgoErr("EVP_MAC_CTX_new", _err) ++} ++ ++var _mkcgo_EVP_MAC_CTX_set_params uintptr ++ ++func EVP_MAC_CTX_set_params(ctx EVP_MAC_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_MAC_CTX_set_params, uintptr(ctx), uintptr(params), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_MAC_CTX_set_params", _err) ++} ++ ++var _mkcgo_EVP_MAC_fetch uintptr ++ ++func EVP_MAC_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_MAC_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_MAC_fetch, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(algorithm))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(properties))), uintptr(unsafe.Pointer(&_err))) ++ return EVP_MAC_PTR(r0), newMkcgoErr("EVP_MAC_fetch", _err) ++} ++ ++var _mkcgo_EVP_MAC_final uintptr ++ ++func EVP_MAC_final(ctx EVP_MAC_CTX_PTR, out []byte, outl *int) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_MAC_final, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(out))), uintptr(unsafe.Pointer(outl)), uintptr(len(out)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_MAC_final", _err) ++} ++ ++var _mkcgo_EVP_MAC_init uintptr ++ ++func EVP_MAC_init(ctx EVP_MAC_CTX_PTR, key []byte, params OSSL_PARAM_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_MAC_init, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(key))), uintptr(len(key)), uintptr(params), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_MAC_init", _err) ++} ++ ++var _mkcgo_EVP_MAC_update uintptr ++ ++func EVP_MAC_update(ctx EVP_MAC_CTX_PTR, data []byte) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_MAC_update, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(data))), uintptr(len(data)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_MAC_update", _err) ++} ++ ++var _mkcgo_EVP_MD_CTX_copy_ex uintptr ++ ++func EVP_MD_CTX_copy_ex(out EVP_MD_CTX_PTR, in EVP_MD_CTX_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_MD_CTX_copy_ex, uintptr(out), uintptr(in), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_MD_CTX_copy_ex", _err) ++} ++ ++var _mkcgo_EVP_MD_CTX_ctrl uintptr ++ ++func EVP_MD_CTX_ctrl(ctx EVP_MD_CTX_PTR, cmd int32, p1 int32, p2 unsafe.Pointer) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_MD_CTX_ctrl, uintptr(ctx), uintptr(cmd), uintptr(p1), uintptr(p2), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_MD_CTX_ctrl", _err) ++} ++ ++var _mkcgo_EVP_MD_CTX_free uintptr ++ ++func EVP_MD_CTX_free(ctx EVP_MD_CTX_PTR) { ++ syscallN(0, _mkcgo_EVP_MD_CTX_free, uintptr(ctx)) ++} ++ ++var _mkcgo_EVP_MD_CTX_get_params uintptr ++ ++func EVP_MD_CTX_get_params(ctx EVP_MD_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_MD_CTX_get_params, uintptr(ctx), uintptr(params), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_MD_CTX_get_params", _err) ++} ++ ++var _mkcgo_EVP_MD_CTX_gettable_params uintptr ++ ++func EVP_MD_CTX_gettable_params(ctx EVP_MD_CTX_PTR) (OSSL_PARAM_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_MD_CTX_gettable_params, uintptr(ctx), uintptr(unsafe.Pointer(&_err))) ++ return OSSL_PARAM_PTR(r0), newMkcgoErr("EVP_MD_CTX_gettable_params", _err) ++} ++ ++var _mkcgo_EVP_MD_CTX_new uintptr ++ ++func EVP_MD_CTX_new() (EVP_MD_CTX_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_MD_CTX_new, uintptr(unsafe.Pointer(&_err))) ++ return EVP_MD_CTX_PTR(r0), newMkcgoErr("EVP_MD_CTX_new", _err) ++} ++ ++var _mkcgo_EVP_MD_CTX_set_params uintptr ++ ++func EVP_MD_CTX_set_params(ctx EVP_MD_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_MD_CTX_set_params, uintptr(ctx), uintptr(params), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_MD_CTX_set_params", _err) ++} ++ ++var _mkcgo_EVP_MD_CTX_settable_params uintptr ++ ++func EVP_MD_CTX_settable_params(ctx EVP_MD_CTX_PTR) (OSSL_PARAM_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_MD_CTX_settable_params, uintptr(ctx), uintptr(unsafe.Pointer(&_err))) ++ return OSSL_PARAM_PTR(r0), newMkcgoErr("EVP_MD_CTX_settable_params", _err) ++} ++ ++var _mkcgo_EVP_MD_fetch uintptr ++ ++func EVP_MD_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_MD_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_MD_fetch, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(algorithm))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(properties))), uintptr(unsafe.Pointer(&_err))) ++ return EVP_MD_PTR(r0), newMkcgoErr("EVP_MD_fetch", _err) ++} ++ ++var _mkcgo_EVP_MD_free uintptr ++ ++func EVP_MD_free(md EVP_MD_PTR) { ++ syscallN(0, _mkcgo_EVP_MD_free, uintptr(md)) ++} ++ ++var _mkcgo_EVP_MD_get0_name uintptr ++ ++func EVP_MD_get0_name(md EVP_MD_PTR) *byte { ++ r0, _ := syscallN(0, _mkcgo_EVP_MD_get0_name, uintptr(md)) ++ return (*byte)(unsafe.Pointer(r0)) ++} ++ ++var _mkcgo_EVP_MD_get0_provider uintptr ++ ++func EVP_MD_get0_provider(md EVP_MD_PTR) OSSL_PROVIDER_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_MD_get0_provider, uintptr(md)) ++ return OSSL_PROVIDER_PTR(r0) ++} ++ ++var _mkcgo_EVP_MD_get_block_size uintptr ++ ++func EVP_MD_get_block_size(md EVP_MD_PTR) int32 { ++ r0, _ := syscallN(0, _mkcgo_EVP_MD_get_block_size, uintptr(md)) ++ return int32(r0) ++} ++ ++var _mkcgo_EVP_MD_get_size uintptr ++ ++func EVP_MD_get_size(md EVP_MD_PTR) int32 { ++ r0, _ := syscallN(0, _mkcgo_EVP_MD_get_size, uintptr(md)) ++ return int32(r0) ++} ++ ++var _mkcgo_EVP_MD_get_type uintptr ++ ++func EVP_MD_get_type(md EVP_MD_PTR) int32 { ++ r0, _ := syscallN(0, _mkcgo_EVP_MD_get_type, uintptr(md)) ++ return int32(r0) ++} ++ ++var _mkcgo_EVP_PKEY_CTX_add1_hkdf_info uintptr ++ ++func EVP_PKEY_CTX_add1_hkdf_info(arg0 EVP_PKEY_CTX_PTR, arg1 []byte) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_CTX_add1_hkdf_info, uintptr(arg0), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(arg1)))), uintptr(len(arg1)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_CTX_add1_hkdf_info", _err) ++} ++ ++var _mkcgo_EVP_PKEY_CTX_ctrl uintptr ++ ++func EVP_PKEY_CTX_ctrl(ctx EVP_PKEY_CTX_PTR, keytype int32, optype int32, cmd int32, p1 int32, p2 unsafe.Pointer) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_CTX_ctrl, uintptr(ctx), uintptr(keytype), uintptr(optype), uintptr(cmd), uintptr(p1), uintptr(p2), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_CTX_ctrl", _err) ++} ++ ++var _mkcgo_EVP_PKEY_CTX_free uintptr ++ ++func EVP_PKEY_CTX_free(arg0 EVP_PKEY_CTX_PTR) { ++ syscallN(0, _mkcgo_EVP_PKEY_CTX_free, uintptr(arg0)) ++} ++ ++var _mkcgo_EVP_PKEY_CTX_new uintptr ++ ++func EVP_PKEY_CTX_new(arg0 EVP_PKEY_PTR, arg1 ENGINE_PTR) (EVP_PKEY_CTX_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_CTX_new, uintptr(arg0), uintptr(arg1), uintptr(unsafe.Pointer(&_err))) ++ return EVP_PKEY_CTX_PTR(r0), newMkcgoErr("EVP_PKEY_CTX_new", _err) ++} ++ ++var _mkcgo_EVP_PKEY_CTX_new_from_pkey uintptr ++ ++func EVP_PKEY_CTX_new_from_pkey(libctx OSSL_LIB_CTX_PTR, pkey EVP_PKEY_PTR, propquery *byte) (EVP_PKEY_CTX_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_CTX_new_from_pkey, uintptr(libctx), uintptr(pkey), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(propquery))), uintptr(unsafe.Pointer(&_err))) ++ return EVP_PKEY_CTX_PTR(r0), newMkcgoErr("EVP_PKEY_CTX_new_from_pkey", _err) ++} ++ ++var _mkcgo_EVP_PKEY_CTX_new_id uintptr ++ ++func EVP_PKEY_CTX_new_id(id int32, e ENGINE_PTR) (EVP_PKEY_CTX_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_CTX_new_id, uintptr(id), uintptr(e), uintptr(unsafe.Pointer(&_err))) ++ return EVP_PKEY_CTX_PTR(r0), newMkcgoErr("EVP_PKEY_CTX_new_id", _err) ++} ++ ++var _mkcgo_EVP_PKEY_CTX_set0_rsa_oaep_label uintptr ++ ++func EVP_PKEY_CTX_set0_rsa_oaep_label(ctx EVP_PKEY_CTX_PTR, label []byte) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_CTX_set0_rsa_oaep_label, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(label)))), uintptr(len(label)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_CTX_set0_rsa_oaep_label", _err) ++} ++ ++var _mkcgo_EVP_PKEY_CTX_set1_hkdf_key uintptr ++ ++func EVP_PKEY_CTX_set1_hkdf_key(arg0 EVP_PKEY_CTX_PTR, arg1 []byte) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_CTX_set1_hkdf_key, uintptr(arg0), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(arg1)))), uintptr(len(arg1)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_CTX_set1_hkdf_key", _err) ++} ++ ++var _mkcgo_EVP_PKEY_CTX_set1_hkdf_salt uintptr ++ ++func EVP_PKEY_CTX_set1_hkdf_salt(arg0 EVP_PKEY_CTX_PTR, arg1 []byte) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_CTX_set1_hkdf_salt, uintptr(arg0), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(arg1)))), uintptr(len(arg1)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_CTX_set1_hkdf_salt", _err) ++} ++ ++var _mkcgo_EVP_PKEY_CTX_set_hkdf_md uintptr ++ ++func EVP_PKEY_CTX_set_hkdf_md(arg0 EVP_PKEY_CTX_PTR, arg1 EVP_MD_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_CTX_set_hkdf_md, uintptr(arg0), uintptr(arg1), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_CTX_set_hkdf_md", _err) ++} ++ ++var _mkcgo_EVP_PKEY_CTX_set_hkdf_mode uintptr ++ ++func EVP_PKEY_CTX_set_hkdf_mode(arg0 EVP_PKEY_CTX_PTR, arg1 int32) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_CTX_set_hkdf_mode, uintptr(arg0), uintptr(arg1), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_CTX_set_hkdf_mode", _err) ++} ++ ++var _mkcgo_EVP_PKEY_CTX_set_params uintptr ++ ++func EVP_PKEY_CTX_set_params(ctx EVP_PKEY_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_CTX_set_params, uintptr(ctx), uintptr(params), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_CTX_set_params", _err) ++} ++ ++var _mkcgo_EVP_PKEY_Q_keygen uintptr ++ ++func EVP_PKEY_Q_keygen_EC(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte, arg1 *byte) (EVP_PKEY_PTR, error) { ++ var _err uintptr ++ var r0 uintptr ++ if runtime.GOOS == "darwin" && runtime.GOARCH == "arm64" { ++ r0, _ = syscallN(1, _mkcgo_EVP_PKEY_Q_keygen, uintptr(ctx), uintptr(unsafe.Pointer(propq)), uintptr(unsafe.Pointer(__type)), 0, 0, 0, 0, 0, uintptr(unsafe.Pointer(arg1)), uintptr(unsafe.Pointer(&_err))) ++ } else { ++ r0, _ = syscallN(1, _mkcgo_EVP_PKEY_Q_keygen, uintptr(ctx), uintptr(unsafe.Pointer(propq)), uintptr(unsafe.Pointer(__type)), uintptr(unsafe.Pointer(arg1)), uintptr(unsafe.Pointer(&_err))) ++ } ++ return EVP_PKEY_PTR(r0), newMkcgoErr("EVP_PKEY_Q_keygen_EC", _err) ++} ++ ++func EVP_PKEY_Q_keygen_ED25519(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte) (EVP_PKEY_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_Q_keygen, uintptr(ctx), uintptr(unsafe.Pointer(propq)), uintptr(unsafe.Pointer(__type)), uintptr(unsafe.Pointer(&_err))) ++ return EVP_PKEY_PTR(r0), newMkcgoErr("EVP_PKEY_Q_keygen_ED25519", _err) ++} ++ ++func EVP_PKEY_Q_keygen_MLDSA(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte) (EVP_PKEY_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_Q_keygen, uintptr(ctx), uintptr(unsafe.Pointer(propq)), uintptr(unsafe.Pointer(__type)), uintptr(unsafe.Pointer(&_err))) ++ return EVP_PKEY_PTR(r0), newMkcgoErr("EVP_PKEY_Q_keygen_MLDSA", _err) ++} ++ ++func EVP_PKEY_Q_keygen_MLKEM(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte) (EVP_PKEY_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_Q_keygen, uintptr(ctx), uintptr(unsafe.Pointer(propq)), uintptr(unsafe.Pointer(__type)), uintptr(unsafe.Pointer(&_err))) ++ return EVP_PKEY_PTR(r0), newMkcgoErr("EVP_PKEY_Q_keygen_MLKEM", _err) ++} ++ ++func EVP_PKEY_Q_keygen_RSA(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte, arg1 int) (EVP_PKEY_PTR, error) { ++ var _err uintptr ++ var r0 uintptr ++ if runtime.GOOS == "darwin" && runtime.GOARCH == "arm64" { ++ r0, _ = syscallN(1, _mkcgo_EVP_PKEY_Q_keygen, uintptr(ctx), uintptr(unsafe.Pointer(propq)), uintptr(unsafe.Pointer(__type)), 0, 0, 0, 0, 0, uintptr(arg1), uintptr(unsafe.Pointer(&_err))) ++ } else { ++ r0, _ = syscallN(1, _mkcgo_EVP_PKEY_Q_keygen, uintptr(ctx), uintptr(unsafe.Pointer(propq)), uintptr(unsafe.Pointer(__type)), uintptr(arg1), uintptr(unsafe.Pointer(&_err))) ++ } ++ return EVP_PKEY_PTR(r0), newMkcgoErr("EVP_PKEY_Q_keygen_RSA", _err) ++} ++ ++func EVP_PKEY_Q_keygen_X25519(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte) (EVP_PKEY_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_Q_keygen, uintptr(ctx), uintptr(unsafe.Pointer(propq)), uintptr(unsafe.Pointer(__type)), uintptr(unsafe.Pointer(&_err))) ++ return EVP_PKEY_PTR(r0), newMkcgoErr("EVP_PKEY_Q_keygen_X25519", _err) ++} ++ ++var _mkcgo_EVP_PKEY_assign uintptr ++ ++func EVP_PKEY_assign(pkey EVP_PKEY_PTR, __type int32, key unsafe.Pointer) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_assign, uintptr(pkey), uintptr(__type), uintptr(key), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_assign", _err) ++} ++ ++var _mkcgo_EVP_PKEY_decapsulate uintptr ++ ++func EVP_PKEY_decapsulate(ctx EVP_PKEY_CTX_PTR, genkey *byte, genkeylen *int, wrappedkey *byte, wrappedkeylen int) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_decapsulate, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(genkey))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(genkeylen))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(wrappedkey))), uintptr(wrappedkeylen), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_decapsulate", _err) ++} ++ ++var _mkcgo_EVP_PKEY_decapsulate_init uintptr ++ ++func EVP_PKEY_decapsulate_init(ctx EVP_PKEY_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_decapsulate_init, uintptr(ctx), uintptr(params), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_decapsulate_init", _err) ++} ++ ++var _mkcgo_EVP_PKEY_decrypt uintptr ++ ++func EVP_PKEY_decrypt(arg0 EVP_PKEY_CTX_PTR, arg1 []byte, arg2 *int, arg3 []byte) (int32, error) { ++ if arg2 != nil && int(*arg2) > len(arg1) { ++ panic("EVP_PKEY_decrypt: *arg2 exceeds len(arg1)") ++ } ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_decrypt, uintptr(arg0), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(arg1)))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(arg2))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(arg3)))), uintptr(len(arg3)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_decrypt", _err) ++} ++ ++var _mkcgo_EVP_PKEY_decrypt_init uintptr ++ ++func EVP_PKEY_decrypt_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_decrypt_init, uintptr(arg0), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_decrypt_init", _err) ++} ++ ++var _mkcgo_EVP_PKEY_derive uintptr ++ ++func EVP_PKEY_derive(ctx EVP_PKEY_CTX_PTR, key []byte, keylen *int) (int32, error) { ++ if keylen != nil && int(*keylen) > len(key) { ++ panic("EVP_PKEY_derive: *keylen exceeds len(key)") ++ } ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_derive, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(key))), uintptr(unsafe.Pointer(keylen)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_derive", _err) ++} ++ ++var _mkcgo_EVP_PKEY_derive_init uintptr ++ ++func EVP_PKEY_derive_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_derive_init, uintptr(ctx), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_derive_init", _err) ++} ++ ++var _mkcgo_EVP_PKEY_derive_set_peer uintptr ++ ++func EVP_PKEY_derive_set_peer(ctx EVP_PKEY_CTX_PTR, peer EVP_PKEY_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_derive_set_peer, uintptr(ctx), uintptr(peer), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_derive_set_peer", _err) ++} ++ ++var _mkcgo_EVP_PKEY_encapsulate uintptr ++ ++func EVP_PKEY_encapsulate(ctx EVP_PKEY_CTX_PTR, wrappedkey *byte, wrappedkeylen *int, genkey *byte, genkeylen *int) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_encapsulate, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(wrappedkey))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(wrappedkeylen))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(genkey))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(genkeylen))), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_encapsulate", _err) ++} ++ ++var _mkcgo_EVP_PKEY_encapsulate_init uintptr ++ ++func EVP_PKEY_encapsulate_init(ctx EVP_PKEY_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_encapsulate_init, uintptr(ctx), uintptr(params), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_encapsulate_init", _err) ++} ++ ++var _mkcgo_EVP_PKEY_encrypt uintptr ++ ++func EVP_PKEY_encrypt(arg0 EVP_PKEY_CTX_PTR, arg1 []byte, arg2 *int, arg3 []byte) (int32, error) { ++ if arg2 != nil && int(*arg2) > len(arg1) { ++ panic("EVP_PKEY_encrypt: *arg2 exceeds len(arg1)") ++ } ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_encrypt, uintptr(arg0), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(arg1)))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(arg2))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(arg3)))), uintptr(len(arg3)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_encrypt", _err) ++} ++ ++var _mkcgo_EVP_PKEY_encrypt_init uintptr ++ ++func EVP_PKEY_encrypt_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_encrypt_init, uintptr(arg0), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_encrypt_init", _err) ++} ++ ++var _mkcgo_EVP_PKEY_free uintptr ++ ++func EVP_PKEY_free(arg0 EVP_PKEY_PTR) { ++ syscallN(0, _mkcgo_EVP_PKEY_free, uintptr(arg0)) ++} ++ ++var _mkcgo_EVP_PKEY_fromdata uintptr ++ ++func EVP_PKEY_fromdata(ctx EVP_PKEY_CTX_PTR, pkey *EVP_PKEY_PTR, selection int32, params OSSL_PARAM_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_fromdata, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(pkey))), uintptr(selection), uintptr(params), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_fromdata", _err) ++} ++ ++var _mkcgo_EVP_PKEY_fromdata_init uintptr ++ ++func EVP_PKEY_fromdata_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_fromdata_init, uintptr(ctx), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_fromdata_init", _err) ++} ++ ++var _mkcgo_EVP_PKEY_get0_DSA uintptr ++ ++func EVP_PKEY_get0_DSA(pkey EVP_PKEY_PTR) (DSA_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_get0_DSA, uintptr(pkey), uintptr(unsafe.Pointer(&_err))) ++ return DSA_PTR(r0), newMkcgoErr("EVP_PKEY_get0_DSA", _err) ++} ++ ++var _mkcgo_EVP_PKEY_get0_EC_KEY uintptr ++ ++func EVP_PKEY_get0_EC_KEY(pkey EVP_PKEY_PTR) (EC_KEY_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_get0_EC_KEY, uintptr(pkey), uintptr(unsafe.Pointer(&_err))) ++ return EC_KEY_PTR(r0), newMkcgoErr("EVP_PKEY_get0_EC_KEY", _err) ++} ++ ++var _mkcgo_EVP_PKEY_get1_RSA uintptr ++ ++func EVP_PKEY_get1_RSA(pkey EVP_PKEY_PTR) (RSA_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_get1_RSA, uintptr(pkey), uintptr(unsafe.Pointer(&_err))) ++ return RSA_PTR(r0), newMkcgoErr("EVP_PKEY_get1_RSA", _err) ++} ++ ++var _mkcgo_EVP_PKEY_get1_encoded_public_key uintptr ++ ++func EVP_PKEY_get1_encoded_public_key(pkey EVP_PKEY_PTR, ppub **byte) (int, error) { ++ var _err uintptr ++ r0, _ := syscallN(4, _mkcgo_EVP_PKEY_get1_encoded_public_key, uintptr(pkey), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(ppub))), uintptr(unsafe.Pointer(&_err))) ++ return int(r0), newMkcgoErr("EVP_PKEY_get1_encoded_public_key", _err) ++} ++ ++var _mkcgo_EVP_PKEY_get_bits uintptr ++ ++func EVP_PKEY_get_bits(pkey EVP_PKEY_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_get_bits, uintptr(pkey), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_get_bits", _err) ++} ++ ++var _mkcgo_EVP_PKEY_get_bn_param uintptr ++ ++func EVP_PKEY_get_bn_param(pkey EVP_PKEY_PTR, key_name *byte, bn *BIGNUM_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_get_bn_param, uintptr(pkey), uintptr(unsafe.Pointer(key_name)), uintptr(unsafe.Pointer(bn)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_get_bn_param", _err) ++} ++ ++var _mkcgo_EVP_PKEY_get_octet_string_param uintptr ++ ++func EVP_PKEY_get_octet_string_param(pkey EVP_PKEY_PTR, key_name *byte, buf []byte, out_len *int) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_get_octet_string_param, uintptr(pkey), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(key_name))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(buf)))), uintptr(len(buf)), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(out_len))), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_get_octet_string_param", _err) ++} ++ ++var _mkcgo_EVP_PKEY_get_raw_private_key uintptr ++ ++func EVP_PKEY_get_raw_private_key(pkey EVP_PKEY_PTR, priv []byte, privlen *int) (int32, error) { ++ if privlen != nil && int(*privlen) > len(priv) { ++ panic("EVP_PKEY_get_raw_private_key: *privlen exceeds len(priv)") ++ } ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_get_raw_private_key, uintptr(pkey), uintptr(unsafe.Pointer(unsafe.SliceData(priv))), uintptr(unsafe.Pointer(privlen)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_get_raw_private_key", _err) ++} ++ ++var _mkcgo_EVP_PKEY_get_raw_public_key uintptr ++ ++func EVP_PKEY_get_raw_public_key(pkey EVP_PKEY_PTR, pub []byte, publen *int) (int32, error) { ++ if publen != nil && int(*publen) > len(pub) { ++ panic("EVP_PKEY_get_raw_public_key: *publen exceeds len(pub)") ++ } ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_get_raw_public_key, uintptr(pkey), uintptr(unsafe.Pointer(unsafe.SliceData(pub))), uintptr(unsafe.Pointer(publen)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_get_raw_public_key", _err) ++} ++ ++var _mkcgo_EVP_PKEY_get_size uintptr ++ ++func EVP_PKEY_get_size(pkey EVP_PKEY_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_get_size, uintptr(pkey), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_get_size", _err) ++} ++ ++var _mkcgo_EVP_PKEY_keygen uintptr ++ ++func EVP_PKEY_keygen(ctx EVP_PKEY_CTX_PTR, ppkey *EVP_PKEY_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_keygen, uintptr(ctx), uintptr(unsafe.Pointer(ppkey)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_keygen", _err) ++} ++ ++var _mkcgo_EVP_PKEY_keygen_init uintptr ++ ++func EVP_PKEY_keygen_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_keygen_init, uintptr(ctx), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_keygen_init", _err) ++} ++ ++var _mkcgo_EVP_PKEY_new uintptr ++ ++func EVP_PKEY_new() (EVP_PKEY_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_new, uintptr(unsafe.Pointer(&_err))) ++ return EVP_PKEY_PTR(r0), newMkcgoErr("EVP_PKEY_new", _err) ++} ++ ++var _mkcgo_EVP_PKEY_new_raw_private_key uintptr ++ ++func EVP_PKEY_new_raw_private_key(__type int32, e ENGINE_PTR, key []byte) (EVP_PKEY_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_new_raw_private_key, uintptr(__type), uintptr(e), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(key)))), uintptr(len(key)), uintptr(unsafe.Pointer(&_err))) ++ return EVP_PKEY_PTR(r0), newMkcgoErr("EVP_PKEY_new_raw_private_key", _err) ++} ++ ++var _mkcgo_EVP_PKEY_new_raw_public_key uintptr ++ ++func EVP_PKEY_new_raw_public_key(__type int32, e ENGINE_PTR, key []byte) (EVP_PKEY_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_new_raw_public_key, uintptr(__type), uintptr(e), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(key)))), uintptr(len(key)), uintptr(unsafe.Pointer(&_err))) ++ return EVP_PKEY_PTR(r0), newMkcgoErr("EVP_PKEY_new_raw_public_key", _err) ++} ++ ++var _mkcgo_EVP_PKEY_paramgen uintptr ++ ++func EVP_PKEY_paramgen(ctx EVP_PKEY_CTX_PTR, ppkey *EVP_PKEY_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_paramgen, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(ppkey))), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_paramgen", _err) ++} ++ ++var _mkcgo_EVP_PKEY_paramgen_init uintptr ++ ++func EVP_PKEY_paramgen_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_paramgen_init, uintptr(ctx), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_paramgen_init", _err) ++} ++ ++var _mkcgo_EVP_PKEY_private_check uintptr ++ ++func EVP_PKEY_private_check(ctx EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_private_check, uintptr(ctx), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_private_check", _err) ++} ++ ++var _mkcgo_EVP_PKEY_public_check_quick uintptr ++ ++func EVP_PKEY_public_check_quick(ctx EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_public_check_quick, uintptr(ctx), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_public_check_quick", _err) ++} ++ ++var _mkcgo_EVP_PKEY_set1_EC_KEY uintptr ++ ++func EVP_PKEY_set1_EC_KEY(pkey EVP_PKEY_PTR, key EC_KEY_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_set1_EC_KEY, uintptr(pkey), uintptr(key), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_set1_EC_KEY", _err) ++} ++ ++var _mkcgo_EVP_PKEY_set1_encoded_public_key uintptr ++ ++func EVP_PKEY_set1_encoded_public_key(pkey EVP_PKEY_PTR, pub []byte) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_set1_encoded_public_key, uintptr(pkey), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(pub)))), uintptr(len(pub)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_set1_encoded_public_key", _err) ++} ++ ++var _mkcgo_EVP_PKEY_sign uintptr ++ ++func EVP_PKEY_sign(arg0 EVP_PKEY_CTX_PTR, arg1 []byte, arg2 *int, arg3 []byte) (int32, error) { ++ if arg2 != nil && int(*arg2) > len(arg1) { ++ panic("EVP_PKEY_sign: *arg2 exceeds len(arg1)") ++ } ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_sign, uintptr(arg0), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(arg1)))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(arg2))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(arg3)))), uintptr(len(arg3)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_sign", _err) ++} ++ ++var _mkcgo_EVP_PKEY_sign_init uintptr ++ ++func EVP_PKEY_sign_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_sign_init, uintptr(arg0), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_sign_init", _err) ++} ++ ++var _mkcgo_EVP_PKEY_up_ref uintptr ++ ++func EVP_PKEY_up_ref(key EVP_PKEY_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_up_ref, uintptr(key), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_up_ref", _err) ++} ++ ++var _mkcgo_EVP_PKEY_verify uintptr ++ ++func EVP_PKEY_verify(ctx EVP_PKEY_CTX_PTR, sig []byte, tbs []byte) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_verify, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(sig)))), uintptr(len(sig)), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(tbs)))), uintptr(len(tbs)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_verify", _err) ++} ++ ++var _mkcgo_EVP_PKEY_verify_init uintptr ++ ++func EVP_PKEY_verify_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_verify_init, uintptr(arg0), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_PKEY_verify_init", _err) ++} ++ ++var _mkcgo_EVP_SIGNATURE_fetch uintptr ++ ++func EVP_SIGNATURE_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_SIGNATURE_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_EVP_SIGNATURE_fetch, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(algorithm))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(properties))), uintptr(unsafe.Pointer(&_err))) ++ return EVP_SIGNATURE_PTR(r0), newMkcgoErr("EVP_SIGNATURE_fetch", _err) ++} ++ ++var _mkcgo_EVP_SIGNATURE_free uintptr ++ ++func EVP_SIGNATURE_free(signature EVP_SIGNATURE_PTR) { ++ syscallN(0, _mkcgo_EVP_SIGNATURE_free, uintptr(signature)) ++} ++ ++var _mkcgo_EVP_aes_128_cbc uintptr ++ ++func EVP_aes_128_cbc() EVP_CIPHER_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_aes_128_cbc) ++ return EVP_CIPHER_PTR(r0) ++} ++ ++var _mkcgo_EVP_aes_128_ctr uintptr ++ ++func EVP_aes_128_ctr() EVP_CIPHER_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_aes_128_ctr) ++ return EVP_CIPHER_PTR(r0) ++} ++ ++var _mkcgo_EVP_aes_128_ecb uintptr ++ ++func EVP_aes_128_ecb() EVP_CIPHER_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_aes_128_ecb) ++ return EVP_CIPHER_PTR(r0) ++} ++ ++var _mkcgo_EVP_aes_128_gcm uintptr ++ ++func EVP_aes_128_gcm() EVP_CIPHER_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_aes_128_gcm) ++ return EVP_CIPHER_PTR(r0) ++} ++ ++var _mkcgo_EVP_aes_192_cbc uintptr ++ ++func EVP_aes_192_cbc() EVP_CIPHER_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_aes_192_cbc) ++ return EVP_CIPHER_PTR(r0) ++} ++ ++var _mkcgo_EVP_aes_192_ctr uintptr ++ ++func EVP_aes_192_ctr() EVP_CIPHER_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_aes_192_ctr) ++ return EVP_CIPHER_PTR(r0) ++} ++ ++var _mkcgo_EVP_aes_192_ecb uintptr ++ ++func EVP_aes_192_ecb() EVP_CIPHER_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_aes_192_ecb) ++ return EVP_CIPHER_PTR(r0) ++} ++ ++var _mkcgo_EVP_aes_192_gcm uintptr ++ ++func EVP_aes_192_gcm() EVP_CIPHER_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_aes_192_gcm) ++ return EVP_CIPHER_PTR(r0) ++} ++ ++var _mkcgo_EVP_aes_256_cbc uintptr ++ ++func EVP_aes_256_cbc() EVP_CIPHER_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_aes_256_cbc) ++ return EVP_CIPHER_PTR(r0) ++} ++ ++var _mkcgo_EVP_aes_256_ctr uintptr ++ ++func EVP_aes_256_ctr() EVP_CIPHER_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_aes_256_ctr) ++ return EVP_CIPHER_PTR(r0) ++} ++ ++var _mkcgo_EVP_aes_256_ecb uintptr ++ ++func EVP_aes_256_ecb() EVP_CIPHER_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_aes_256_ecb) ++ return EVP_CIPHER_PTR(r0) ++} ++ ++var _mkcgo_EVP_aes_256_gcm uintptr ++ ++func EVP_aes_256_gcm() EVP_CIPHER_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_aes_256_gcm) ++ return EVP_CIPHER_PTR(r0) ++} ++ ++func EVP_chacha20_poly1305_Available() bool { ++ return _mkcgo_EVP_chacha20_poly1305 != 0 ++} ++ ++var _mkcgo_EVP_chacha20_poly1305 uintptr ++ ++func EVP_chacha20_poly1305() EVP_CIPHER_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_chacha20_poly1305) ++ return EVP_CIPHER_PTR(r0) ++} ++ ++var _mkcgo_EVP_default_properties_enable_fips uintptr ++ ++func EVP_default_properties_enable_fips(libctx OSSL_LIB_CTX_PTR, enable int32) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_EVP_default_properties_enable_fips, uintptr(libctx), uintptr(enable), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("EVP_default_properties_enable_fips", _err) ++} ++ ++var _mkcgo_EVP_default_properties_is_fips_enabled uintptr ++ ++func EVP_default_properties_is_fips_enabled(libctx OSSL_LIB_CTX_PTR) int32 { ++ r0, _ := syscallN(0, _mkcgo_EVP_default_properties_is_fips_enabled, uintptr(libctx)) ++ return int32(r0) ++} ++ ++var _mkcgo_EVP_des_cbc uintptr ++ ++func EVP_des_cbc() EVP_CIPHER_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_des_cbc) ++ return EVP_CIPHER_PTR(r0) ++} ++ ++var _mkcgo_EVP_des_ecb uintptr ++ ++func EVP_des_ecb() EVP_CIPHER_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_des_ecb) ++ return EVP_CIPHER_PTR(r0) ++} ++ ++var _mkcgo_EVP_des_ede3_cbc uintptr ++ ++func EVP_des_ede3_cbc() EVP_CIPHER_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_des_ede3_cbc) ++ return EVP_CIPHER_PTR(r0) ++} ++ ++var _mkcgo_EVP_des_ede3_ecb uintptr ++ ++func EVP_des_ede3_ecb() EVP_CIPHER_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_des_ede3_ecb) ++ return EVP_CIPHER_PTR(r0) ++} ++ ++var _mkcgo_EVP_md4 uintptr ++ ++func EVP_md4() EVP_MD_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_md4) ++ return EVP_MD_PTR(r0) ++} ++ ++var _mkcgo_EVP_md5 uintptr ++ ++func EVP_md5() EVP_MD_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_md5) ++ return EVP_MD_PTR(r0) ++} ++ ++var _mkcgo_EVP_md5_sha1 uintptr ++ ++func EVP_md5_sha1() EVP_MD_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_md5_sha1) ++ return EVP_MD_PTR(r0) ++} ++ ++var _mkcgo_EVP_rc4 uintptr ++ ++func EVP_rc4() EVP_CIPHER_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_rc4) ++ return EVP_CIPHER_PTR(r0) ++} ++ ++var _mkcgo_EVP_ripemd160 uintptr ++ ++func EVP_ripemd160() EVP_MD_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_ripemd160) ++ return EVP_MD_PTR(r0) ++} ++ ++var _mkcgo_EVP_sha1 uintptr ++ ++func EVP_sha1() EVP_MD_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_sha1) ++ return EVP_MD_PTR(r0) ++} ++ ++var _mkcgo_EVP_sha224 uintptr ++ ++func EVP_sha224() EVP_MD_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_sha224) ++ return EVP_MD_PTR(r0) ++} ++ ++var _mkcgo_EVP_sha256 uintptr ++ ++func EVP_sha256() EVP_MD_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_sha256) ++ return EVP_MD_PTR(r0) ++} ++ ++var _mkcgo_EVP_sha384 uintptr ++ ++func EVP_sha384() EVP_MD_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_sha384) ++ return EVP_MD_PTR(r0) ++} ++ ++var _mkcgo_EVP_sha3_224 uintptr ++ ++func EVP_sha3_224() EVP_MD_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_sha3_224) ++ return EVP_MD_PTR(r0) ++} ++ ++var _mkcgo_EVP_sha3_256 uintptr ++ ++func EVP_sha3_256() EVP_MD_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_sha3_256) ++ return EVP_MD_PTR(r0) ++} ++ ++var _mkcgo_EVP_sha3_384 uintptr ++ ++func EVP_sha3_384() EVP_MD_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_sha3_384) ++ return EVP_MD_PTR(r0) ++} ++ ++var _mkcgo_EVP_sha3_512 uintptr ++ ++func EVP_sha3_512() EVP_MD_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_sha3_512) ++ return EVP_MD_PTR(r0) ++} ++ ++var _mkcgo_EVP_sha512 uintptr ++ ++func EVP_sha512() EVP_MD_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_sha512) ++ return EVP_MD_PTR(r0) ++} ++ ++var _mkcgo_EVP_sha512_224 uintptr ++ ++func EVP_sha512_224() EVP_MD_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_sha512_224) ++ return EVP_MD_PTR(r0) ++} ++ ++var _mkcgo_EVP_sha512_256 uintptr ++ ++func EVP_sha512_256() EVP_MD_PTR { ++ r0, _ := syscallN(0, _mkcgo_EVP_sha512_256) ++ return EVP_MD_PTR(r0) ++} ++ ++var _mkcgo_FIPS_mode uintptr ++ ++func FIPS_mode() int32 { ++ r0, _ := syscallN(0, _mkcgo_FIPS_mode) ++ return int32(r0) ++} ++ ++var _mkcgo_FIPS_mode_set uintptr ++ ++func FIPS_mode_set(r int32) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_FIPS_mode_set, uintptr(r), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("FIPS_mode_set", _err) ++} ++ ++var _mkcgo_HMAC_CTX_copy uintptr ++ ++func HMAC_CTX_copy(dest HMAC_CTX_PTR, src HMAC_CTX_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_HMAC_CTX_copy, uintptr(dest), uintptr(src), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("HMAC_CTX_copy", _err) ++} ++ ++var _mkcgo_HMAC_CTX_free uintptr ++ ++func HMAC_CTX_free(arg0 HMAC_CTX_PTR) { ++ syscallN(0, _mkcgo_HMAC_CTX_free, uintptr(arg0)) ++} ++ ++var _mkcgo_HMAC_CTX_new uintptr ++ ++func HMAC_CTX_new() (HMAC_CTX_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_HMAC_CTX_new, uintptr(unsafe.Pointer(&_err))) ++ return HMAC_CTX_PTR(r0), newMkcgoErr("HMAC_CTX_new", _err) ++} ++ ++var _mkcgo_HMAC_Final uintptr ++ ++func HMAC_Final(arg0 HMAC_CTX_PTR, arg1 []byte, arg2 *uint32) (int32, error) { ++ if arg2 != nil && int(*arg2) > len(arg1) { ++ panic("HMAC_Final: *arg2 exceeds len(arg1)") ++ } ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_HMAC_Final, uintptr(arg0), uintptr(unsafe.Pointer(unsafe.SliceData(arg1))), uintptr(unsafe.Pointer(arg2)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("HMAC_Final", _err) ++} ++ ++var _mkcgo_HMAC_Init_ex uintptr ++ ++func HMAC_Init_ex(arg0 HMAC_CTX_PTR, arg1 []byte, arg3 EVP_MD_PTR, arg4 ENGINE_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_HMAC_Init_ex, uintptr(arg0), uintptr(unsafe.Pointer(unsafe.SliceData(arg1))), uintptr(len(arg1)), uintptr(arg3), uintptr(arg4), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("HMAC_Init_ex", _err) ++} ++ ++var _mkcgo_HMAC_Update uintptr ++ ++func HMAC_Update(arg0 HMAC_CTX_PTR, arg1 []byte) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_HMAC_Update, uintptr(arg0), uintptr(unsafe.Pointer(unsafe.SliceData(arg1))), uintptr(len(arg1)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("HMAC_Update", _err) ++} ++ ++var _mkcgo_OBJ_nid2sn uintptr ++ ++func OBJ_nid2sn(n int32) *byte { ++ r0, _ := syscallN(0, _mkcgo_OBJ_nid2sn, uintptr(n)) ++ return (*byte)(unsafe.Pointer(r0)) ++} ++ ++var _mkcgo_OPENSSL_init uintptr ++ ++func OPENSSL_init() { ++ syscallN(0, _mkcgo_OPENSSL_init) ++} ++ ++var _mkcgo_OPENSSL_init_crypto uintptr ++ ++func OPENSSL_init_crypto(ops uint64, settings OPENSSL_INIT_SETTINGS_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_OPENSSL_init_crypto, uintptr(ops), uintptr(settings), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("OPENSSL_init_crypto", _err) ++} ++ ++func OPENSSL_version_major_Available() bool { ++ return _mkcgo_OPENSSL_version_major != 0 ++} ++ ++var _mkcgo_OPENSSL_version_major uintptr ++ ++func OPENSSL_version_major() uint32 { ++ r0, _ := syscallN(0, _mkcgo_OPENSSL_version_major) ++ return uint32(r0) ++} ++ ++func OPENSSL_version_minor_Available() bool { ++ return _mkcgo_OPENSSL_version_minor != 0 ++} ++ ++var _mkcgo_OPENSSL_version_minor uintptr ++ ++func OPENSSL_version_minor() uint32 { ++ r0, _ := syscallN(0, _mkcgo_OPENSSL_version_minor) ++ return uint32(r0) ++} ++ ++func OPENSSL_version_patch_Available() bool { ++ return _mkcgo_OPENSSL_version_patch != 0 ++} ++ ++var _mkcgo_OPENSSL_version_patch uintptr ++ ++func OPENSSL_version_patch() uint32 { ++ r0, _ := syscallN(0, _mkcgo_OPENSSL_version_patch) ++ return uint32(r0) ++} ++ ++var _mkcgo_OSSL_PARAM_BLD_free uintptr ++ ++func OSSL_PARAM_BLD_free(bld OSSL_PARAM_BLD_PTR) { ++ syscallN(0, _mkcgo_OSSL_PARAM_BLD_free, uintptr(bld)) ++} ++ ++var _mkcgo_OSSL_PARAM_BLD_new uintptr ++ ++func OSSL_PARAM_BLD_new() OSSL_PARAM_BLD_PTR { ++ r0, _ := syscallN(0, _mkcgo_OSSL_PARAM_BLD_new) ++ return OSSL_PARAM_BLD_PTR(r0) ++} ++ ++var _mkcgo_OSSL_PARAM_BLD_push_BN uintptr ++ ++func OSSL_PARAM_BLD_push_BN(bld OSSL_PARAM_BLD_PTR, key *byte, bn BIGNUM_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_OSSL_PARAM_BLD_push_BN, uintptr(bld), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(key))), uintptr(bn), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("OSSL_PARAM_BLD_push_BN", _err) ++} ++ ++var _mkcgo_OSSL_PARAM_BLD_push_int32 uintptr ++ ++func OSSL_PARAM_BLD_push_int32(bld OSSL_PARAM_BLD_PTR, key *byte, num int32) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_OSSL_PARAM_BLD_push_int32, uintptr(bld), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(key))), uintptr(num), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("OSSL_PARAM_BLD_push_int32", _err) ++} ++ ++var _mkcgo_OSSL_PARAM_BLD_push_octet_string uintptr ++ ++func OSSL_PARAM_BLD_push_octet_string(bld OSSL_PARAM_BLD_PTR, key *byte, buf []byte) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_OSSL_PARAM_BLD_push_octet_string, uintptr(bld), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(key))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(buf)))), uintptr(len(buf)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("OSSL_PARAM_BLD_push_octet_string", _err) ++} ++ ++var _mkcgo_OSSL_PARAM_BLD_push_utf8_string uintptr ++ ++func OSSL_PARAM_BLD_push_utf8_string(bld OSSL_PARAM_BLD_PTR, key *byte, buf []byte) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_OSSL_PARAM_BLD_push_utf8_string, uintptr(bld), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(key))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(buf)))), uintptr(len(buf)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("OSSL_PARAM_BLD_push_utf8_string", _err) ++} ++ ++var _mkcgo_OSSL_PARAM_BLD_to_param uintptr ++ ++func OSSL_PARAM_BLD_to_param(bld OSSL_PARAM_BLD_PTR) (OSSL_PARAM_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_OSSL_PARAM_BLD_to_param, uintptr(bld), uintptr(unsafe.Pointer(&_err))) ++ return OSSL_PARAM_PTR(r0), newMkcgoErr("OSSL_PARAM_BLD_to_param", _err) ++} ++ ++var _mkcgo_OSSL_PARAM_free uintptr ++ ++func OSSL_PARAM_free(p OSSL_PARAM_PTR) { ++ syscallN(0, _mkcgo_OSSL_PARAM_free, uintptr(p)) ++} ++ ++var _mkcgo_OSSL_PARAM_locate_const uintptr ++ ++func OSSL_PARAM_locate_const(p OSSL_PARAM_PTR, key *byte) (OSSL_PARAM_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_OSSL_PARAM_locate_const, uintptr(p), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(key))), uintptr(unsafe.Pointer(&_err))) ++ return OSSL_PARAM_PTR(r0), newMkcgoErr("OSSL_PARAM_locate_const", _err) ++} ++ ++var _mkcgo_OSSL_PROVIDER_available uintptr ++ ++func OSSL_PROVIDER_available(libctx OSSL_LIB_CTX_PTR, name *byte) int32 { ++ r0, _ := syscallN(0, _mkcgo_OSSL_PROVIDER_available, uintptr(libctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(name)))) ++ return int32(r0) ++} ++ ++var _mkcgo_OSSL_PROVIDER_get0_name uintptr ++ ++func OSSL_PROVIDER_get0_name(prov OSSL_PROVIDER_PTR) *byte { ++ r0, _ := syscallN(0, _mkcgo_OSSL_PROVIDER_get0_name, uintptr(prov)) ++ return (*byte)(unsafe.Pointer(r0)) ++} ++ ++var _mkcgo_OSSL_PROVIDER_try_load uintptr ++ ++func OSSL_PROVIDER_try_load(libctx OSSL_LIB_CTX_PTR, name *byte, retain_fallbacks int32) (OSSL_PROVIDER_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_OSSL_PROVIDER_try_load, uintptr(libctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(name))), uintptr(retain_fallbacks), uintptr(unsafe.Pointer(&_err))) ++ return OSSL_PROVIDER_PTR(r0), newMkcgoErr("OSSL_PROVIDER_try_load", _err) ++} ++ ++var _mkcgo_OpenSSL_version uintptr ++ ++func OpenSSL_version(__type int32) *byte { ++ r0, _ := syscallN(0, _mkcgo_OpenSSL_version, uintptr(__type)) ++ return (*byte)(unsafe.Pointer(r0)) ++} ++ ++func OpenSSL_version_num_Available() bool { ++ return _mkcgo_OpenSSL_version_num != 0 ++} ++ ++var _mkcgo_OpenSSL_version_num uintptr ++ ++func OpenSSL_version_num() uint64 { ++ r0, _ := syscallN(0, _mkcgo_OpenSSL_version_num) ++ return uint64(r0) ++} ++ ++var _mkcgo_PKCS5_PBKDF2_HMAC uintptr ++ ++func PKCS5_PBKDF2_HMAC(pass []byte, salt []byte, iter int32, digest EVP_MD_PTR, out []byte) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_PKCS5_PBKDF2_HMAC, uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(pass)))), uintptr(len(pass)), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(salt)))), uintptr(len(salt)), uintptr(iter), uintptr(digest), uintptr(len(out)), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(out)))), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("PKCS5_PBKDF2_HMAC", _err) ++} ++ ++var _mkcgo_RAND_bytes uintptr ++ ++func RAND_bytes(buf []byte) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_RAND_bytes, uintptr(unsafe.Pointer(unsafe.SliceData(buf))), uintptr(len(buf)), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("RAND_bytes", _err) ++} ++ ++var _mkcgo_RAND_bytes_ex uintptr ++ ++func RAND_bytes_ex(ctx OSSL_LIB_CTX_PTR, buf []byte, strength uint32) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_RAND_bytes_ex, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(buf))), uintptr(len(buf)), uintptr(strength), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("RAND_bytes_ex", _err) ++} ++ ++var _mkcgo_RSA_free uintptr ++ ++func RSA_free(arg0 RSA_PTR) { ++ syscallN(0, _mkcgo_RSA_free, uintptr(arg0)) ++} ++ ++var _mkcgo_RSA_get0_crt_params uintptr ++ ++func RSA_get0_crt_params(r RSA_PTR, dmp1 *BIGNUM_PTR, dmq1 *BIGNUM_PTR, iqmp *BIGNUM_PTR) { ++ syscallN(0, _mkcgo_RSA_get0_crt_params, uintptr(r), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(dmp1))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(dmq1))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(iqmp)))) ++} ++ ++var _mkcgo_RSA_get0_factors uintptr ++ ++func RSA_get0_factors(rsa RSA_PTR, p *BIGNUM_PTR, q *BIGNUM_PTR) { ++ syscallN(0, _mkcgo_RSA_get0_factors, uintptr(rsa), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(p))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(q)))) ++} ++ ++var _mkcgo_RSA_get0_key uintptr ++ ++func RSA_get0_key(rsa RSA_PTR, n *BIGNUM_PTR, e *BIGNUM_PTR, d *BIGNUM_PTR) { ++ syscallN(0, _mkcgo_RSA_get0_key, uintptr(rsa), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(n))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(e))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(d)))) ++} ++ ++var _mkcgo_RSA_new uintptr ++ ++func RSA_new() (RSA_PTR, error) { ++ var _err uintptr ++ r0, _ := syscallN(1, _mkcgo_RSA_new, uintptr(unsafe.Pointer(&_err))) ++ return RSA_PTR(r0), newMkcgoErr("RSA_new", _err) ++} ++ ++var _mkcgo_RSA_set0_crt_params uintptr ++ ++func RSA_set0_crt_params(rsa RSA_PTR, dmp1 BIGNUM_PTR, dmp2 BIGNUM_PTR, iqmp BIGNUM_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_RSA_set0_crt_params, uintptr(rsa), uintptr(dmp1), uintptr(dmp2), uintptr(iqmp), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("RSA_set0_crt_params", _err) ++} ++ ++var _mkcgo_RSA_set0_factors uintptr ++ ++func RSA_set0_factors(rsa RSA_PTR, p BIGNUM_PTR, q BIGNUM_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_RSA_set0_factors, uintptr(rsa), uintptr(p), uintptr(q), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("RSA_set0_factors", _err) ++} ++ ++var _mkcgo_RSA_set0_key uintptr ++ ++func RSA_set0_key(r RSA_PTR, n BIGNUM_PTR, e BIGNUM_PTR, d BIGNUM_PTR) (int32, error) { ++ var _err uintptr ++ r0, _ := syscallN(3, _mkcgo_RSA_set0_key, uintptr(r), uintptr(n), uintptr(e), uintptr(d), uintptr(unsafe.Pointer(&_err))) ++ return int32(r0), newMkcgoErr("RSA_set0_key", _err) ++} ++ ++//go:nosplit ++func _mkcgo_error_check(errType, r1, args, n uintptr) { ++ var hasError bool ++ switch errType { ++ case 1: ++ hasError = r1 == 0 ++ case 2: ++ hasError = int32(r1) == -1 ++ case 3: ++ hasError = int32(r1) <= 0 ++ case 4: ++ hasError = int64(r1) <= 0 ++ default: ++ panic("invalid error check type") ++ } ++ if hasError { ++ **(**uintptr)(unsafe.Pointer(args + unsafe.Sizeof(uintptr(0))*n)) = retrieveErrorState() ++ } ++} ++ ++func MkcgoLoad_(handle unsafe.Pointer) { ++ _mkcgo_BIO_ctrl = dlsym(handle, "BIO_ctrl\x00", false) ++ _mkcgo_BIO_free = dlsym(handle, "BIO_free\x00", false) ++ _mkcgo_BIO_new = dlsym(handle, "BIO_new\x00", false) ++ _mkcgo_BIO_s_mem = dlsym(handle, "BIO_s_mem\x00", false) ++ _mkcgo_BN_bin2bn = dlsym(handle, "BN_bin2bn\x00", false) ++ _mkcgo_BN_bn2binpad = dlsym(handle, "BN_bn2binpad\x00", false) ++ _mkcgo_BN_bn2lebinpad = dlsym(handle, "BN_bn2lebinpad\x00", false) ++ _mkcgo_BN_clear = dlsym(handle, "BN_clear\x00", false) ++ _mkcgo_BN_clear_free = dlsym(handle, "BN_clear_free\x00", false) ++ _mkcgo_BN_free = dlsym(handle, "BN_free\x00", false) ++ _mkcgo_BN_lebin2bn = dlsym(handle, "BN_lebin2bn\x00", false) ++ _mkcgo_BN_new = dlsym(handle, "BN_new\x00", false) ++ _mkcgo_BN_num_bits = dlsym(handle, "BN_num_bits\x00", false) ++ _mkcgo_CRYPTO_free = dlsym(handle, "CRYPTO_free\x00", false) ++ _mkcgo_CRYPTO_malloc = dlsym(handle, "CRYPTO_malloc\x00", false) ++ _mkcgo_EC_GROUP_free = dlsym(handle, "EC_GROUP_free\x00", false) ++ _mkcgo_EC_GROUP_new_by_curve_name = dlsym(handle, "EC_GROUP_new_by_curve_name\x00", false) ++ _mkcgo_EC_POINT_free = dlsym(handle, "EC_POINT_free\x00", false) ++ _mkcgo_EC_POINT_mul = dlsym(handle, "EC_POINT_mul\x00", false) ++ _mkcgo_EC_POINT_new = dlsym(handle, "EC_POINT_new\x00", false) ++ _mkcgo_EC_POINT_oct2point = dlsym(handle, "EC_POINT_oct2point\x00", false) ++ _mkcgo_EC_POINT_point2oct = dlsym(handle, "EC_POINT_point2oct\x00", false) ++ _mkcgo_ERR_peek_error = dlsym(handle, "ERR_peek_error\x00", false) ++ _mkcgo_ERR_print_errors = dlsym(handle, "ERR_print_errors\x00", false) ++ _mkcgo_EVP_CIPHER_CTX_ctrl = dlsym(handle, "EVP_CIPHER_CTX_ctrl\x00", false) ++ _mkcgo_EVP_CIPHER_CTX_free = dlsym(handle, "EVP_CIPHER_CTX_free\x00", false) ++ _mkcgo_EVP_CIPHER_CTX_new = dlsym(handle, "EVP_CIPHER_CTX_new\x00", false) ++ _mkcgo_EVP_CIPHER_CTX_set_key_length = dlsym(handle, "EVP_CIPHER_CTX_set_key_length\x00", false) ++ _mkcgo_EVP_CIPHER_CTX_set_padding = dlsym(handle, "EVP_CIPHER_CTX_set_padding\x00", false) ++ _mkcgo_EVP_CipherInit_ex = dlsym(handle, "EVP_CipherInit_ex\x00", false) ++ _mkcgo_EVP_CipherUpdate = dlsym(handle, "EVP_CipherUpdate\x00", false) ++ _mkcgo_EVP_DecryptFinal_ex = dlsym(handle, "EVP_DecryptFinal_ex\x00", false) ++ _mkcgo_EVP_DecryptInit_ex = dlsym(handle, "EVP_DecryptInit_ex\x00", false) ++ _mkcgo_EVP_DecryptUpdate = dlsym(handle, "EVP_DecryptUpdate\x00", false) ++ _mkcgo_EVP_Digest = dlsym(handle, "EVP_Digest\x00", false) ++ _mkcgo_EVP_DigestFinal_ex = dlsym(handle, "EVP_DigestFinal_ex\x00", false) ++ _mkcgo_EVP_DigestInit = dlsym(handle, "EVP_DigestInit\x00", false) ++ _mkcgo_EVP_DigestInit_ex = dlsym(handle, "EVP_DigestInit_ex\x00", false) ++ _mkcgo_EVP_DigestSign = dlsym(handle, "EVP_DigestSign\x00", false) ++ _mkcgo_EVP_DigestSignFinal = dlsym(handle, "EVP_DigestSignFinal\x00", false) ++ _mkcgo_EVP_DigestSignInit = dlsym(handle, "EVP_DigestSignInit\x00", false) ++ _mkcgo_EVP_DigestUpdate = dlsym(handle, "EVP_DigestUpdate\x00", false) ++ _mkcgo_EVP_DigestVerify = dlsym(handle, "EVP_DigestVerify\x00", false) ++ _mkcgo_EVP_DigestVerifyFinal = dlsym(handle, "EVP_DigestVerifyFinal\x00", false) ++ _mkcgo_EVP_DigestVerifyInit = dlsym(handle, "EVP_DigestVerifyInit\x00", false) ++ _mkcgo_EVP_EncryptFinal_ex = dlsym(handle, "EVP_EncryptFinal_ex\x00", false) ++ _mkcgo_EVP_EncryptInit_ex = dlsym(handle, "EVP_EncryptInit_ex\x00", false) ++ _mkcgo_EVP_EncryptUpdate = dlsym(handle, "EVP_EncryptUpdate\x00", false) ++ _mkcgo_EVP_MD_CTX_copy_ex = dlsym(handle, "EVP_MD_CTX_copy_ex\x00", false) ++ _mkcgo_EVP_MD_CTX_ctrl = dlsym(handle, "EVP_MD_CTX_ctrl\x00", false) ++ _mkcgo_EVP_MD_CTX_free = dlsym(handle, "EVP_MD_CTX_free\x00", false) ++ _mkcgo_EVP_MD_CTX_new = dlsym(handle, "EVP_MD_CTX_new\x00", false) ++ _mkcgo_EVP_PKEY_CTX_ctrl = dlsym(handle, "EVP_PKEY_CTX_ctrl\x00", false) ++ _mkcgo_EVP_PKEY_CTX_free = dlsym(handle, "EVP_PKEY_CTX_free\x00", false) ++ _mkcgo_EVP_PKEY_CTX_new = dlsym(handle, "EVP_PKEY_CTX_new\x00", false) ++ _mkcgo_EVP_PKEY_CTX_new_id = dlsym(handle, "EVP_PKEY_CTX_new_id\x00", false) ++ _mkcgo_EVP_PKEY_decrypt = dlsym(handle, "EVP_PKEY_decrypt\x00", false) ++ _mkcgo_EVP_PKEY_decrypt_init = dlsym(handle, "EVP_PKEY_decrypt_init\x00", false) ++ _mkcgo_EVP_PKEY_derive = dlsym(handle, "EVP_PKEY_derive\x00", false) ++ _mkcgo_EVP_PKEY_derive_init = dlsym(handle, "EVP_PKEY_derive_init\x00", false) ++ _mkcgo_EVP_PKEY_derive_set_peer = dlsym(handle, "EVP_PKEY_derive_set_peer\x00", false) ++ _mkcgo_EVP_PKEY_encrypt = dlsym(handle, "EVP_PKEY_encrypt\x00", false) ++ _mkcgo_EVP_PKEY_encrypt_init = dlsym(handle, "EVP_PKEY_encrypt_init\x00", false) ++ _mkcgo_EVP_PKEY_free = dlsym(handle, "EVP_PKEY_free\x00", false) ++ _mkcgo_EVP_PKEY_get_raw_private_key = dlsym(handle, "EVP_PKEY_get_raw_private_key\x00", false) ++ _mkcgo_EVP_PKEY_get_raw_public_key = dlsym(handle, "EVP_PKEY_get_raw_public_key\x00", false) ++ _mkcgo_EVP_PKEY_keygen = dlsym(handle, "EVP_PKEY_keygen\x00", false) ++ _mkcgo_EVP_PKEY_keygen_init = dlsym(handle, "EVP_PKEY_keygen_init\x00", false) ++ _mkcgo_EVP_PKEY_new = dlsym(handle, "EVP_PKEY_new\x00", false) ++ _mkcgo_EVP_PKEY_new_raw_private_key = dlsym(handle, "EVP_PKEY_new_raw_private_key\x00", false) ++ _mkcgo_EVP_PKEY_new_raw_public_key = dlsym(handle, "EVP_PKEY_new_raw_public_key\x00", false) ++ _mkcgo_EVP_PKEY_paramgen = dlsym(handle, "EVP_PKEY_paramgen\x00", false) ++ _mkcgo_EVP_PKEY_paramgen_init = dlsym(handle, "EVP_PKEY_paramgen_init\x00", false) ++ _mkcgo_EVP_PKEY_sign = dlsym(handle, "EVP_PKEY_sign\x00", false) ++ _mkcgo_EVP_PKEY_sign_init = dlsym(handle, "EVP_PKEY_sign_init\x00", false) ++ _mkcgo_EVP_PKEY_up_ref = dlsym(handle, "EVP_PKEY_up_ref\x00", false) ++ _mkcgo_EVP_PKEY_verify = dlsym(handle, "EVP_PKEY_verify\x00", false) ++ _mkcgo_EVP_PKEY_verify_init = dlsym(handle, "EVP_PKEY_verify_init\x00", false) ++ _mkcgo_EVP_aes_128_cbc = dlsym(handle, "EVP_aes_128_cbc\x00", false) ++ _mkcgo_EVP_aes_128_ctr = dlsym(handle, "EVP_aes_128_ctr\x00", false) ++ _mkcgo_EVP_aes_128_ecb = dlsym(handle, "EVP_aes_128_ecb\x00", false) ++ _mkcgo_EVP_aes_128_gcm = dlsym(handle, "EVP_aes_128_gcm\x00", false) ++ _mkcgo_EVP_aes_192_cbc = dlsym(handle, "EVP_aes_192_cbc\x00", false) ++ _mkcgo_EVP_aes_192_ctr = dlsym(handle, "EVP_aes_192_ctr\x00", false) ++ _mkcgo_EVP_aes_192_ecb = dlsym(handle, "EVP_aes_192_ecb\x00", false) ++ _mkcgo_EVP_aes_192_gcm = dlsym(handle, "EVP_aes_192_gcm\x00", false) ++ _mkcgo_EVP_aes_256_cbc = dlsym(handle, "EVP_aes_256_cbc\x00", false) ++ _mkcgo_EVP_aes_256_ctr = dlsym(handle, "EVP_aes_256_ctr\x00", false) ++ _mkcgo_EVP_aes_256_ecb = dlsym(handle, "EVP_aes_256_ecb\x00", false) ++ _mkcgo_EVP_aes_256_gcm = dlsym(handle, "EVP_aes_256_gcm\x00", false) ++ _mkcgo_EVP_chacha20_poly1305 = dlsym(handle, "EVP_chacha20_poly1305\x00", true) ++ _mkcgo_EVP_des_cbc = dlsym(handle, "EVP_des_cbc\x00", false) ++ _mkcgo_EVP_des_ecb = dlsym(handle, "EVP_des_ecb\x00", false) ++ _mkcgo_EVP_des_ede3_cbc = dlsym(handle, "EVP_des_ede3_cbc\x00", false) ++ _mkcgo_EVP_des_ede3_ecb = dlsym(handle, "EVP_des_ede3_ecb\x00", false) ++ _mkcgo_EVP_md4 = dlsym(handle, "EVP_md4\x00", false) ++ _mkcgo_EVP_md5 = dlsym(handle, "EVP_md5\x00", false) ++ _mkcgo_EVP_md5_sha1 = dlsym(handle, "EVP_md5_sha1\x00", false) ++ _mkcgo_EVP_rc4 = dlsym(handle, "EVP_rc4\x00", false) ++ _mkcgo_EVP_ripemd160 = dlsym(handle, "EVP_ripemd160\x00", false) ++ _mkcgo_EVP_sha1 = dlsym(handle, "EVP_sha1\x00", false) ++ _mkcgo_EVP_sha224 = dlsym(handle, "EVP_sha224\x00", false) ++ _mkcgo_EVP_sha256 = dlsym(handle, "EVP_sha256\x00", false) ++ _mkcgo_EVP_sha384 = dlsym(handle, "EVP_sha384\x00", false) ++ _mkcgo_EVP_sha3_224 = dlsym(handle, "EVP_sha3_224\x00", false) ++ _mkcgo_EVP_sha3_256 = dlsym(handle, "EVP_sha3_256\x00", false) ++ _mkcgo_EVP_sha3_384 = dlsym(handle, "EVP_sha3_384\x00", false) ++ _mkcgo_EVP_sha3_512 = dlsym(handle, "EVP_sha3_512\x00", false) ++ _mkcgo_EVP_sha512 = dlsym(handle, "EVP_sha512\x00", false) ++ _mkcgo_EVP_sha512_224 = dlsym(handle, "EVP_sha512_224\x00", false) ++ _mkcgo_EVP_sha512_256 = dlsym(handle, "EVP_sha512_256\x00", false) ++ _mkcgo_OBJ_nid2sn = dlsym(handle, "OBJ_nid2sn\x00", false) ++ _mkcgo_OPENSSL_init = dlsym(handle, "OPENSSL_init\x00", false) ++ _mkcgo_OPENSSL_init_crypto = dlsym(handle, "OPENSSL_init_crypto\x00", false) ++ _mkcgo_OpenSSL_version = dlsym(handle, "OpenSSL_version\x00", false) ++} ++ ++func MkcgoUnload_() { ++ _mkcgo_BIO_ctrl = 0 ++ _mkcgo_BIO_free = 0 ++ _mkcgo_BIO_new = 0 ++ _mkcgo_BIO_s_mem = 0 ++ _mkcgo_BN_bin2bn = 0 ++ _mkcgo_BN_bn2binpad = 0 ++ _mkcgo_BN_bn2lebinpad = 0 ++ _mkcgo_BN_clear = 0 ++ _mkcgo_BN_clear_free = 0 ++ _mkcgo_BN_free = 0 ++ _mkcgo_BN_lebin2bn = 0 ++ _mkcgo_BN_new = 0 ++ _mkcgo_BN_num_bits = 0 ++ _mkcgo_CRYPTO_free = 0 ++ _mkcgo_CRYPTO_malloc = 0 ++ _mkcgo_EC_GROUP_free = 0 ++ _mkcgo_EC_GROUP_new_by_curve_name = 0 ++ _mkcgo_EC_POINT_free = 0 ++ _mkcgo_EC_POINT_mul = 0 ++ _mkcgo_EC_POINT_new = 0 ++ _mkcgo_EC_POINT_oct2point = 0 ++ _mkcgo_EC_POINT_point2oct = 0 ++ _mkcgo_ERR_peek_error = 0 ++ _mkcgo_ERR_print_errors = 0 ++ _mkcgo_EVP_CIPHER_CTX_ctrl = 0 ++ _mkcgo_EVP_CIPHER_CTX_free = 0 ++ _mkcgo_EVP_CIPHER_CTX_new = 0 ++ _mkcgo_EVP_CIPHER_CTX_set_key_length = 0 ++ _mkcgo_EVP_CIPHER_CTX_set_padding = 0 ++ _mkcgo_EVP_CipherInit_ex = 0 ++ _mkcgo_EVP_CipherUpdate = 0 ++ _mkcgo_EVP_DecryptFinal_ex = 0 ++ _mkcgo_EVP_DecryptInit_ex = 0 ++ _mkcgo_EVP_DecryptUpdate = 0 ++ _mkcgo_EVP_Digest = 0 ++ _mkcgo_EVP_DigestFinal_ex = 0 ++ _mkcgo_EVP_DigestInit = 0 ++ _mkcgo_EVP_DigestInit_ex = 0 ++ _mkcgo_EVP_DigestSign = 0 ++ _mkcgo_EVP_DigestSignFinal = 0 ++ _mkcgo_EVP_DigestSignInit = 0 ++ _mkcgo_EVP_DigestUpdate = 0 ++ _mkcgo_EVP_DigestVerify = 0 ++ _mkcgo_EVP_DigestVerifyFinal = 0 ++ _mkcgo_EVP_DigestVerifyInit = 0 ++ _mkcgo_EVP_EncryptFinal_ex = 0 ++ _mkcgo_EVP_EncryptInit_ex = 0 ++ _mkcgo_EVP_EncryptUpdate = 0 ++ _mkcgo_EVP_MD_CTX_copy_ex = 0 ++ _mkcgo_EVP_MD_CTX_ctrl = 0 ++ _mkcgo_EVP_MD_CTX_free = 0 ++ _mkcgo_EVP_MD_CTX_new = 0 ++ _mkcgo_EVP_PKEY_CTX_ctrl = 0 ++ _mkcgo_EVP_PKEY_CTX_free = 0 ++ _mkcgo_EVP_PKEY_CTX_new = 0 ++ _mkcgo_EVP_PKEY_CTX_new_id = 0 ++ _mkcgo_EVP_PKEY_decrypt = 0 ++ _mkcgo_EVP_PKEY_decrypt_init = 0 ++ _mkcgo_EVP_PKEY_derive = 0 ++ _mkcgo_EVP_PKEY_derive_init = 0 ++ _mkcgo_EVP_PKEY_derive_set_peer = 0 ++ _mkcgo_EVP_PKEY_encrypt = 0 ++ _mkcgo_EVP_PKEY_encrypt_init = 0 ++ _mkcgo_EVP_PKEY_free = 0 ++ _mkcgo_EVP_PKEY_get_raw_private_key = 0 ++ _mkcgo_EVP_PKEY_get_raw_public_key = 0 ++ _mkcgo_EVP_PKEY_keygen = 0 ++ _mkcgo_EVP_PKEY_keygen_init = 0 ++ _mkcgo_EVP_PKEY_new = 0 ++ _mkcgo_EVP_PKEY_new_raw_private_key = 0 ++ _mkcgo_EVP_PKEY_new_raw_public_key = 0 ++ _mkcgo_EVP_PKEY_paramgen = 0 ++ _mkcgo_EVP_PKEY_paramgen_init = 0 ++ _mkcgo_EVP_PKEY_sign = 0 ++ _mkcgo_EVP_PKEY_sign_init = 0 ++ _mkcgo_EVP_PKEY_up_ref = 0 ++ _mkcgo_EVP_PKEY_verify = 0 ++ _mkcgo_EVP_PKEY_verify_init = 0 ++ _mkcgo_EVP_aes_128_cbc = 0 ++ _mkcgo_EVP_aes_128_ctr = 0 ++ _mkcgo_EVP_aes_128_ecb = 0 ++ _mkcgo_EVP_aes_128_gcm = 0 ++ _mkcgo_EVP_aes_192_cbc = 0 ++ _mkcgo_EVP_aes_192_ctr = 0 ++ _mkcgo_EVP_aes_192_ecb = 0 ++ _mkcgo_EVP_aes_192_gcm = 0 ++ _mkcgo_EVP_aes_256_cbc = 0 ++ _mkcgo_EVP_aes_256_ctr = 0 ++ _mkcgo_EVP_aes_256_ecb = 0 ++ _mkcgo_EVP_aes_256_gcm = 0 ++ _mkcgo_EVP_chacha20_poly1305 = 0 ++ _mkcgo_EVP_des_cbc = 0 ++ _mkcgo_EVP_des_ecb = 0 ++ _mkcgo_EVP_des_ede3_cbc = 0 ++ _mkcgo_EVP_des_ede3_ecb = 0 ++ _mkcgo_EVP_md4 = 0 ++ _mkcgo_EVP_md5 = 0 ++ _mkcgo_EVP_md5_sha1 = 0 ++ _mkcgo_EVP_rc4 = 0 ++ _mkcgo_EVP_ripemd160 = 0 ++ _mkcgo_EVP_sha1 = 0 ++ _mkcgo_EVP_sha224 = 0 ++ _mkcgo_EVP_sha256 = 0 ++ _mkcgo_EVP_sha384 = 0 ++ _mkcgo_EVP_sha3_224 = 0 ++ _mkcgo_EVP_sha3_256 = 0 ++ _mkcgo_EVP_sha3_384 = 0 ++ _mkcgo_EVP_sha3_512 = 0 ++ _mkcgo_EVP_sha512 = 0 ++ _mkcgo_EVP_sha512_224 = 0 ++ _mkcgo_EVP_sha512_256 = 0 ++ _mkcgo_OBJ_nid2sn = 0 ++ _mkcgo_OPENSSL_init = 0 ++ _mkcgo_OPENSSL_init_crypto = 0 ++ _mkcgo_OpenSSL_version = 0 ++} ++ ++func MkcgoLoad_3(handle unsafe.Pointer) { ++ _mkcgo_EC_POINT_set_affine_coordinates = dlsym(handle, "EC_POINT_set_affine_coordinates\x00", false) ++ _mkcgo_EVP_CIPHER_fetch = dlsym(handle, "EVP_CIPHER_fetch\x00", false) ++ _mkcgo_EVP_CIPHER_get0_name = dlsym(handle, "EVP_CIPHER_get0_name\x00", false) ++ _mkcgo_EVP_CIPHER_get_block_size = dlsym(handle, "EVP_CIPHER_get_block_size\x00", false) ++ _mkcgo_EVP_KDF_CTX_free = dlsym(handle, "EVP_KDF_CTX_free\x00", false) ++ _mkcgo_EVP_KDF_CTX_get_kdf_size = dlsym(handle, "EVP_KDF_CTX_get_kdf_size\x00", false) ++ _mkcgo_EVP_KDF_CTX_new = dlsym(handle, "EVP_KDF_CTX_new\x00", false) ++ _mkcgo_EVP_KDF_CTX_set_params = dlsym(handle, "EVP_KDF_CTX_set_params\x00", false) ++ _mkcgo_EVP_KDF_derive = dlsym(handle, "EVP_KDF_derive\x00", false) ++ _mkcgo_EVP_KDF_fetch = dlsym(handle, "EVP_KDF_fetch\x00", false) ++ _mkcgo_EVP_KDF_free = dlsym(handle, "EVP_KDF_free\x00", false) ++ _mkcgo_EVP_KEYMGMT_fetch = dlsym(handle, "EVP_KEYMGMT_fetch\x00", true) ++ _mkcgo_EVP_KEYMGMT_free = dlsym(handle, "EVP_KEYMGMT_free\x00", false) ++ _mkcgo_EVP_MAC_CTX_dup = dlsym(handle, "EVP_MAC_CTX_dup\x00", false) ++ _mkcgo_EVP_MAC_CTX_free = dlsym(handle, "EVP_MAC_CTX_free\x00", false) ++ _mkcgo_EVP_MAC_CTX_new = dlsym(handle, "EVP_MAC_CTX_new\x00", false) ++ _mkcgo_EVP_MAC_CTX_set_params = dlsym(handle, "EVP_MAC_CTX_set_params\x00", false) ++ _mkcgo_EVP_MAC_fetch = dlsym(handle, "EVP_MAC_fetch\x00", false) ++ _mkcgo_EVP_MAC_final = dlsym(handle, "EVP_MAC_final\x00", false) ++ _mkcgo_EVP_MAC_init = dlsym(handle, "EVP_MAC_init\x00", false) ++ _mkcgo_EVP_MAC_update = dlsym(handle, "EVP_MAC_update\x00", false) ++ _mkcgo_EVP_MD_CTX_get_params = dlsym(handle, "EVP_MD_CTX_get_params\x00", false) ++ _mkcgo_EVP_MD_CTX_gettable_params = dlsym(handle, "EVP_MD_CTX_gettable_params\x00", false) ++ _mkcgo_EVP_MD_CTX_set_params = dlsym(handle, "EVP_MD_CTX_set_params\x00", false) ++ _mkcgo_EVP_MD_CTX_settable_params = dlsym(handle, "EVP_MD_CTX_settable_params\x00", false) ++ _mkcgo_EVP_MD_fetch = dlsym(handle, "EVP_MD_fetch\x00", false) ++ _mkcgo_EVP_MD_free = dlsym(handle, "EVP_MD_free\x00", false) ++ _mkcgo_EVP_MD_get0_name = dlsym(handle, "EVP_MD_get0_name\x00", false) ++ _mkcgo_EVP_MD_get0_provider = dlsym(handle, "EVP_MD_get0_provider\x00", false) ++ _mkcgo_EVP_MD_get_block_size = dlsym(handle, "EVP_MD_get_block_size\x00", false) ++ _mkcgo_EVP_MD_get_size = dlsym(handle, "EVP_MD_get_size\x00", false) ++ _mkcgo_EVP_MD_get_type = dlsym(handle, "EVP_MD_get_type\x00", false) ++ _mkcgo_EVP_PKEY_CTX_add1_hkdf_info = dlsym(handle, "EVP_PKEY_CTX_add1_hkdf_info\x00", false) ++ _mkcgo_EVP_PKEY_CTX_new_from_pkey = dlsym(handle, "EVP_PKEY_CTX_new_from_pkey\x00", false) ++ _mkcgo_EVP_PKEY_CTX_set0_rsa_oaep_label = dlsym(handle, "EVP_PKEY_CTX_set0_rsa_oaep_label\x00", false) ++ _mkcgo_EVP_PKEY_CTX_set1_hkdf_key = dlsym(handle, "EVP_PKEY_CTX_set1_hkdf_key\x00", false) ++ _mkcgo_EVP_PKEY_CTX_set1_hkdf_salt = dlsym(handle, "EVP_PKEY_CTX_set1_hkdf_salt\x00", false) ++ _mkcgo_EVP_PKEY_CTX_set_hkdf_md = dlsym(handle, "EVP_PKEY_CTX_set_hkdf_md\x00", false) ++ _mkcgo_EVP_PKEY_CTX_set_hkdf_mode = dlsym(handle, "EVP_PKEY_CTX_set_hkdf_mode\x00", false) ++ _mkcgo_EVP_PKEY_CTX_set_params = dlsym(handle, "EVP_PKEY_CTX_set_params\x00", false) ++ _mkcgo_EVP_PKEY_Q_keygen = dlsym(handle, "EVP_PKEY_Q_keygen\x00", false) ++ _mkcgo_EVP_PKEY_decapsulate = dlsym(handle, "EVP_PKEY_decapsulate\x00", false) ++ _mkcgo_EVP_PKEY_decapsulate_init = dlsym(handle, "EVP_PKEY_decapsulate_init\x00", false) ++ _mkcgo_EVP_PKEY_encapsulate = dlsym(handle, "EVP_PKEY_encapsulate\x00", false) ++ _mkcgo_EVP_PKEY_encapsulate_init = dlsym(handle, "EVP_PKEY_encapsulate_init\x00", false) ++ _mkcgo_EVP_PKEY_fromdata = dlsym(handle, "EVP_PKEY_fromdata\x00", false) ++ _mkcgo_EVP_PKEY_fromdata_init = dlsym(handle, "EVP_PKEY_fromdata_init\x00", false) ++ _mkcgo_EVP_PKEY_get1_encoded_public_key = dlsym(handle, "EVP_PKEY_get1_encoded_public_key\x00", false) ++ _mkcgo_EVP_PKEY_get_bits = dlsym(handle, "EVP_PKEY_get_bits\x00", false) ++ _mkcgo_EVP_PKEY_get_bn_param = dlsym(handle, "EVP_PKEY_get_bn_param\x00", false) ++ _mkcgo_EVP_PKEY_get_octet_string_param = dlsym(handle, "EVP_PKEY_get_octet_string_param\x00", false) ++ _mkcgo_EVP_PKEY_get_size = dlsym(handle, "EVP_PKEY_get_size\x00", false) ++ _mkcgo_EVP_PKEY_private_check = dlsym(handle, "EVP_PKEY_private_check\x00", false) ++ _mkcgo_EVP_PKEY_public_check_quick = dlsym(handle, "EVP_PKEY_public_check_quick\x00", false) ++ _mkcgo_EVP_PKEY_set1_encoded_public_key = dlsym(handle, "EVP_PKEY_set1_encoded_public_key\x00", false) ++ _mkcgo_EVP_SIGNATURE_fetch = dlsym(handle, "EVP_SIGNATURE_fetch\x00", false) ++ _mkcgo_EVP_SIGNATURE_free = dlsym(handle, "EVP_SIGNATURE_free\x00", false) ++ _mkcgo_EVP_default_properties_enable_fips = dlsym(handle, "EVP_default_properties_enable_fips\x00", false) ++ _mkcgo_EVP_default_properties_is_fips_enabled = dlsym(handle, "EVP_default_properties_is_fips_enabled\x00", false) ++ _mkcgo_OSSL_PARAM_BLD_free = dlsym(handle, "OSSL_PARAM_BLD_free\x00", false) ++ _mkcgo_OSSL_PARAM_BLD_new = dlsym(handle, "OSSL_PARAM_BLD_new\x00", false) ++ _mkcgo_OSSL_PARAM_BLD_push_BN = dlsym(handle, "OSSL_PARAM_BLD_push_BN\x00", false) ++ _mkcgo_OSSL_PARAM_BLD_push_int32 = dlsym(handle, "OSSL_PARAM_BLD_push_int32\x00", false) ++ _mkcgo_OSSL_PARAM_BLD_push_octet_string = dlsym(handle, "OSSL_PARAM_BLD_push_octet_string\x00", false) ++ _mkcgo_OSSL_PARAM_BLD_push_utf8_string = dlsym(handle, "OSSL_PARAM_BLD_push_utf8_string\x00", false) ++ _mkcgo_OSSL_PARAM_BLD_to_param = dlsym(handle, "OSSL_PARAM_BLD_to_param\x00", false) ++ _mkcgo_OSSL_PARAM_free = dlsym(handle, "OSSL_PARAM_free\x00", false) ++ _mkcgo_OSSL_PARAM_locate_const = dlsym(handle, "OSSL_PARAM_locate_const\x00", false) ++ _mkcgo_OSSL_PROVIDER_available = dlsym(handle, "OSSL_PROVIDER_available\x00", false) ++ _mkcgo_OSSL_PROVIDER_get0_name = dlsym(handle, "OSSL_PROVIDER_get0_name\x00", false) ++ _mkcgo_OSSL_PROVIDER_try_load = dlsym(handle, "OSSL_PROVIDER_try_load\x00", false) ++ _mkcgo_RAND_bytes_ex = dlsym(handle, "RAND_bytes_ex\x00", false) ++} ++ ++func MkcgoUnload_3() { ++ _mkcgo_EC_POINT_set_affine_coordinates = 0 ++ _mkcgo_EVP_CIPHER_fetch = 0 ++ _mkcgo_EVP_CIPHER_get0_name = 0 ++ _mkcgo_EVP_CIPHER_get_block_size = 0 ++ _mkcgo_EVP_KDF_CTX_free = 0 ++ _mkcgo_EVP_KDF_CTX_get_kdf_size = 0 ++ _mkcgo_EVP_KDF_CTX_new = 0 ++ _mkcgo_EVP_KDF_CTX_set_params = 0 ++ _mkcgo_EVP_KDF_derive = 0 ++ _mkcgo_EVP_KDF_fetch = 0 ++ _mkcgo_EVP_KDF_free = 0 ++ _mkcgo_EVP_KEYMGMT_fetch = 0 ++ _mkcgo_EVP_KEYMGMT_free = 0 ++ _mkcgo_EVP_MAC_CTX_dup = 0 ++ _mkcgo_EVP_MAC_CTX_free = 0 ++ _mkcgo_EVP_MAC_CTX_new = 0 ++ _mkcgo_EVP_MAC_CTX_set_params = 0 ++ _mkcgo_EVP_MAC_fetch = 0 ++ _mkcgo_EVP_MAC_final = 0 ++ _mkcgo_EVP_MAC_init = 0 ++ _mkcgo_EVP_MAC_update = 0 ++ _mkcgo_EVP_MD_CTX_get_params = 0 ++ _mkcgo_EVP_MD_CTX_gettable_params = 0 ++ _mkcgo_EVP_MD_CTX_set_params = 0 ++ _mkcgo_EVP_MD_CTX_settable_params = 0 ++ _mkcgo_EVP_MD_fetch = 0 ++ _mkcgo_EVP_MD_free = 0 ++ _mkcgo_EVP_MD_get0_name = 0 ++ _mkcgo_EVP_MD_get0_provider = 0 ++ _mkcgo_EVP_MD_get_block_size = 0 ++ _mkcgo_EVP_MD_get_size = 0 ++ _mkcgo_EVP_MD_get_type = 0 ++ _mkcgo_EVP_PKEY_CTX_add1_hkdf_info = 0 ++ _mkcgo_EVP_PKEY_CTX_new_from_pkey = 0 ++ _mkcgo_EVP_PKEY_CTX_set0_rsa_oaep_label = 0 ++ _mkcgo_EVP_PKEY_CTX_set1_hkdf_key = 0 ++ _mkcgo_EVP_PKEY_CTX_set1_hkdf_salt = 0 ++ _mkcgo_EVP_PKEY_CTX_set_hkdf_md = 0 ++ _mkcgo_EVP_PKEY_CTX_set_hkdf_mode = 0 ++ _mkcgo_EVP_PKEY_CTX_set_params = 0 ++ _mkcgo_EVP_PKEY_Q_keygen = 0 ++ _mkcgo_EVP_PKEY_decapsulate = 0 ++ _mkcgo_EVP_PKEY_decapsulate_init = 0 ++ _mkcgo_EVP_PKEY_encapsulate = 0 ++ _mkcgo_EVP_PKEY_encapsulate_init = 0 ++ _mkcgo_EVP_PKEY_fromdata = 0 ++ _mkcgo_EVP_PKEY_fromdata_init = 0 ++ _mkcgo_EVP_PKEY_get1_encoded_public_key = 0 ++ _mkcgo_EVP_PKEY_get_bits = 0 ++ _mkcgo_EVP_PKEY_get_bn_param = 0 ++ _mkcgo_EVP_PKEY_get_octet_string_param = 0 ++ _mkcgo_EVP_PKEY_get_size = 0 ++ _mkcgo_EVP_PKEY_private_check = 0 ++ _mkcgo_EVP_PKEY_public_check_quick = 0 ++ _mkcgo_EVP_PKEY_set1_encoded_public_key = 0 ++ _mkcgo_EVP_SIGNATURE_fetch = 0 ++ _mkcgo_EVP_SIGNATURE_free = 0 ++ _mkcgo_EVP_default_properties_enable_fips = 0 ++ _mkcgo_EVP_default_properties_is_fips_enabled = 0 ++ _mkcgo_OSSL_PARAM_BLD_free = 0 ++ _mkcgo_OSSL_PARAM_BLD_new = 0 ++ _mkcgo_OSSL_PARAM_BLD_push_BN = 0 ++ _mkcgo_OSSL_PARAM_BLD_push_int32 = 0 ++ _mkcgo_OSSL_PARAM_BLD_push_octet_string = 0 ++ _mkcgo_OSSL_PARAM_BLD_push_utf8_string = 0 ++ _mkcgo_OSSL_PARAM_BLD_to_param = 0 ++ _mkcgo_OSSL_PARAM_free = 0 ++ _mkcgo_OSSL_PARAM_locate_const = 0 ++ _mkcgo_OSSL_PROVIDER_available = 0 ++ _mkcgo_OSSL_PROVIDER_get0_name = 0 ++ _mkcgo_OSSL_PROVIDER_try_load = 0 ++ _mkcgo_RAND_bytes_ex = 0 ++} ++ ++func MkcgoLoad_33(handle unsafe.Pointer) { ++ _mkcgo_EVP_DigestFinalXOF = dlsym(handle, "EVP_DigestFinalXOF\x00", false) ++ _mkcgo_EVP_DigestSqueeze = dlsym(handle, "EVP_DigestSqueeze\x00", true) ++} ++ ++func MkcgoUnload_33() { ++ _mkcgo_EVP_DigestFinalXOF = 0 ++ _mkcgo_EVP_DigestSqueeze = 0 ++} ++ ++func MkcgoLoad_init_1(handle unsafe.Pointer) { ++ _mkcgo_FIPS_mode = dlsym(handle, "FIPS_mode\x00", false) ++ _mkcgo_FIPS_mode_set = dlsym(handle, "FIPS_mode_set\x00", false) ++} ++ ++func MkcgoUnload_init_1() { ++ _mkcgo_FIPS_mode = 0 ++ _mkcgo_FIPS_mode_set = 0 ++} ++ ++func MkcgoLoad_init_3(handle unsafe.Pointer) { ++ _mkcgo_BIO_ctrl = dlsym(handle, "BIO_ctrl\x00", false) ++ _mkcgo_BIO_free = dlsym(handle, "BIO_free\x00", false) ++ _mkcgo_BIO_new = dlsym(handle, "BIO_new\x00", false) ++ _mkcgo_BIO_s_mem = dlsym(handle, "BIO_s_mem\x00", false) ++ _mkcgo_ERR_print_errors = dlsym(handle, "ERR_print_errors\x00", false) ++ _mkcgo_EVP_MD_fetch = dlsym(handle, "EVP_MD_fetch\x00", false) ++ _mkcgo_EVP_MD_free = dlsym(handle, "EVP_MD_free\x00", false) ++ _mkcgo_EVP_MD_get0_provider = dlsym(handle, "EVP_MD_get0_provider\x00", false) ++ _mkcgo_EVP_default_properties_is_fips_enabled = dlsym(handle, "EVP_default_properties_is_fips_enabled\x00", false) ++} ++ ++func MkcgoUnload_init_3() { ++ _mkcgo_BIO_ctrl = 0 ++ _mkcgo_BIO_free = 0 ++ _mkcgo_BIO_new = 0 ++ _mkcgo_BIO_s_mem = 0 ++ _mkcgo_ERR_print_errors = 0 ++ _mkcgo_EVP_MD_fetch = 0 ++ _mkcgo_EVP_MD_free = 0 ++ _mkcgo_EVP_MD_get0_provider = 0 ++ _mkcgo_EVP_default_properties_is_fips_enabled = 0 ++} ++ ++func MkcgoLoad_legacy_1(handle unsafe.Pointer) { ++ _mkcgo_DSA_free = dlsym(handle, "DSA_free\x00", false) ++ _mkcgo_DSA_generate_key = dlsym(handle, "DSA_generate_key\x00", false) ++ _mkcgo_DSA_get0_key = dlsym(handle, "DSA_get0_key\x00", false) ++ _mkcgo_DSA_get0_pqg = dlsym(handle, "DSA_get0_pqg\x00", false) ++ _mkcgo_DSA_new = dlsym(handle, "DSA_new\x00", false) ++ _mkcgo_DSA_set0_key = dlsym(handle, "DSA_set0_key\x00", false) ++ _mkcgo_DSA_set0_pqg = dlsym(handle, "DSA_set0_pqg\x00", false) ++ _mkcgo_EC_KEY_check_key = dlsym(handle, "EC_KEY_check_key\x00", false) ++ _mkcgo_EC_KEY_free = dlsym(handle, "EC_KEY_free\x00", false) ++ _mkcgo_EC_KEY_get0_group = dlsym(handle, "EC_KEY_get0_group\x00", false) ++ _mkcgo_EC_KEY_get0_private_key = dlsym(handle, "EC_KEY_get0_private_key\x00", false) ++ _mkcgo_EC_KEY_get0_public_key = dlsym(handle, "EC_KEY_get0_public_key\x00", false) ++ _mkcgo_EC_KEY_new_by_curve_name = dlsym(handle, "EC_KEY_new_by_curve_name\x00", false) ++ _mkcgo_EC_KEY_set_private_key = dlsym(handle, "EC_KEY_set_private_key\x00", false) ++ _mkcgo_EC_KEY_set_public_key = dlsym(handle, "EC_KEY_set_public_key\x00", false) ++ _mkcgo_EC_KEY_set_public_key_affine_coordinates = dlsym(handle, "EC_KEY_set_public_key_affine_coordinates\x00", false) ++ _mkcgo_EC_POINT_get_affine_coordinates_GFp = dlsym(handle, "EC_POINT_get_affine_coordinates_GFp\x00", false) ++ _mkcgo_EVP_CIPHER_get_block_size = dlsym(handle, "EVP_CIPHER_block_size\x00", false) ++ _mkcgo_EVP_MD_get_block_size = dlsym(handle, "EVP_MD_block_size\x00", false) ++ _mkcgo_EVP_MD_get_size = dlsym(handle, "EVP_MD_size\x00", false) ++ _mkcgo_EVP_PKEY_assign = dlsym(handle, "EVP_PKEY_assign\x00", false) ++ _mkcgo_EVP_PKEY_get0_DSA = dlsym(handle, "EVP_PKEY_get0_DSA\x00", false) ++ _mkcgo_EVP_PKEY_get0_EC_KEY = dlsym(handle, "EVP_PKEY_get0_EC_KEY\x00", false) ++ _mkcgo_EVP_PKEY_get1_RSA = dlsym(handle, "EVP_PKEY_get1_RSA\x00", false) ++ _mkcgo_EVP_PKEY_get_bits = dlsym(handle, "EVP_PKEY_bits\x00", false) ++ _mkcgo_EVP_PKEY_get_size = dlsym(handle, "EVP_PKEY_size\x00", false) ++ _mkcgo_EVP_PKEY_set1_EC_KEY = dlsym(handle, "EVP_PKEY_set1_EC_KEY\x00", false) ++ _mkcgo_FIPS_mode = dlsym(handle, "FIPS_mode\x00", false) ++ _mkcgo_FIPS_mode_set = dlsym(handle, "FIPS_mode_set\x00", false) ++ _mkcgo_HMAC_CTX_copy = dlsym(handle, "HMAC_CTX_copy\x00", false) ++ _mkcgo_HMAC_CTX_free = dlsym(handle, "HMAC_CTX_free\x00", false) ++ _mkcgo_HMAC_CTX_new = dlsym(handle, "HMAC_CTX_new\x00", false) ++ _mkcgo_HMAC_Final = dlsym(handle, "HMAC_Final\x00", false) ++ _mkcgo_HMAC_Init_ex = dlsym(handle, "HMAC_Init_ex\x00", false) ++ _mkcgo_HMAC_Update = dlsym(handle, "HMAC_Update\x00", false) ++ _mkcgo_PKCS5_PBKDF2_HMAC = dlsym(handle, "PKCS5_PBKDF2_HMAC\x00", false) ++ _mkcgo_RAND_bytes = dlsym(handle, "RAND_bytes\x00", false) ++ _mkcgo_RSA_free = dlsym(handle, "RSA_free\x00", false) ++ _mkcgo_RSA_get0_crt_params = dlsym(handle, "RSA_get0_crt_params\x00", false) ++ _mkcgo_RSA_get0_factors = dlsym(handle, "RSA_get0_factors\x00", false) ++ _mkcgo_RSA_get0_key = dlsym(handle, "RSA_get0_key\x00", false) ++ _mkcgo_RSA_new = dlsym(handle, "RSA_new\x00", false) ++ _mkcgo_RSA_set0_crt_params = dlsym(handle, "RSA_set0_crt_params\x00", false) ++ _mkcgo_RSA_set0_factors = dlsym(handle, "RSA_set0_factors\x00", false) ++ _mkcgo_RSA_set0_key = dlsym(handle, "RSA_set0_key\x00", false) ++} ++ ++func MkcgoUnload_legacy_1() { ++ _mkcgo_DSA_free = 0 ++ _mkcgo_DSA_generate_key = 0 ++ _mkcgo_DSA_get0_key = 0 ++ _mkcgo_DSA_get0_pqg = 0 ++ _mkcgo_DSA_new = 0 ++ _mkcgo_DSA_set0_key = 0 ++ _mkcgo_DSA_set0_pqg = 0 ++ _mkcgo_EC_KEY_check_key = 0 ++ _mkcgo_EC_KEY_free = 0 ++ _mkcgo_EC_KEY_get0_group = 0 ++ _mkcgo_EC_KEY_get0_private_key = 0 ++ _mkcgo_EC_KEY_get0_public_key = 0 ++ _mkcgo_EC_KEY_new_by_curve_name = 0 ++ _mkcgo_EC_KEY_set_private_key = 0 ++ _mkcgo_EC_KEY_set_public_key = 0 ++ _mkcgo_EC_KEY_set_public_key_affine_coordinates = 0 ++ _mkcgo_EC_POINT_get_affine_coordinates_GFp = 0 ++ _mkcgo_EVP_CIPHER_get_block_size = 0 ++ _mkcgo_EVP_MD_get_block_size = 0 ++ _mkcgo_EVP_MD_get_size = 0 ++ _mkcgo_EVP_PKEY_assign = 0 ++ _mkcgo_EVP_PKEY_get0_DSA = 0 ++ _mkcgo_EVP_PKEY_get0_EC_KEY = 0 ++ _mkcgo_EVP_PKEY_get1_RSA = 0 ++ _mkcgo_EVP_PKEY_get_bits = 0 ++ _mkcgo_EVP_PKEY_get_size = 0 ++ _mkcgo_EVP_PKEY_set1_EC_KEY = 0 ++ _mkcgo_FIPS_mode = 0 ++ _mkcgo_FIPS_mode_set = 0 ++ _mkcgo_HMAC_CTX_copy = 0 ++ _mkcgo_HMAC_CTX_free = 0 ++ _mkcgo_HMAC_CTX_new = 0 ++ _mkcgo_HMAC_Final = 0 ++ _mkcgo_HMAC_Init_ex = 0 ++ _mkcgo_HMAC_Update = 0 ++ _mkcgo_PKCS5_PBKDF2_HMAC = 0 ++ _mkcgo_RAND_bytes = 0 ++ _mkcgo_RSA_free = 0 ++ _mkcgo_RSA_get0_crt_params = 0 ++ _mkcgo_RSA_get0_factors = 0 ++ _mkcgo_RSA_get0_key = 0 ++ _mkcgo_RSA_new = 0 ++ _mkcgo_RSA_set0_crt_params = 0 ++ _mkcgo_RSA_set0_factors = 0 ++ _mkcgo_RSA_set0_key = 0 ++} ++ ++func MkcgoLoad_version(handle unsafe.Pointer) { ++ _mkcgo_OPENSSL_version_major = dlsym(handle, "OPENSSL_version_major\x00", true) ++ _mkcgo_OPENSSL_version_minor = dlsym(handle, "OPENSSL_version_minor\x00", true) ++ _mkcgo_OPENSSL_version_patch = dlsym(handle, "OPENSSL_version_patch\x00", true) ++ _mkcgo_OpenSSL_version_num = dlsym(handle, "OpenSSL_version_num\x00", true) ++} ++ ++func MkcgoUnload_version() { ++ _mkcgo_OPENSSL_version_major = 0 ++ _mkcgo_OPENSSL_version_minor = 0 ++ _mkcgo_OPENSSL_version_patch = 0 ++ _mkcgo_OpenSSL_version_num = 0 ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/aes.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/aes.go +new file mode 100644 +index 00000000000000..e487d1f1688cb7 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/aes.go +@@ -0,0 +1,158 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++package openssl ++ ++import ( ++ "crypto/cipher" ++ "errors" ++) ++ ++//go:generate go run github.com/microsoft/go-crypto-openssl/cmd/genaesmodes -in aes.go -modes CBC,CTR,GCM -out zaes.go ++//go:generate go run github.com/microsoft/go-crypto-openssl/cmd/gentestvectors -out vectors_test.go ++ ++// Steps to support a new AES mode, e.g. `FOO`: ++// 1. Add `FOO` to the list of modes in the `genaesmodes` command. ++// 2. Run `go generate` to update the generated code. ++// 3. Implement the necessary interfaces for the new struct, which will be named `cipherWithFOO`. ++ ++// NewAESCipher creates and returns a new AES cipher.Block. ++// The key argument should be the AES key, either 16, 24, or 32 bytes to select ++// AES-128, AES-192, or AES-256. ++// The returned cipher.Block implements the CBC, CTR, and/or GCM modes if ++// the underlying OpenSSL library supports them. ++func NewAESCipher(key []byte) (cipher.Block, error) { ++ var kind cipherKind ++ switch len(key) * 8 { ++ case 128: ++ kind = cipherAES128 ++ case 192: ++ kind = cipherAES192 ++ case 256: ++ kind = cipherAES256 ++ default: ++ return nil, errors.New("crypto/aes: invalid key size") ++ } ++ c, err := newEVPCipher(key, kind) ++ if err != nil { ++ return nil, err ++ } ++ return newAESBlock(c, kind), nil ++} ++ ++// NewGCMTLS returns a GCM cipher specific to TLS ++// and should not be used for non-TLS purposes. ++func NewGCMTLS(c cipher.Block) (cipher.AEAD, error) { ++ if c, ok := c.(interface { ++ NewGCMTLS() (cipher.AEAD, error) ++ }); ok { ++ return c.NewGCMTLS() ++ } ++ return nil, errors.New("GCM not supported") ++} ++ ++// NewGCMTLS13 returns a GCM cipher specific to TLS 1.3 and should not be used ++// for non-TLS purposes. ++func NewGCMTLS13(c cipher.Block) (cipher.AEAD, error) { ++ if c, ok := c.(interface { ++ NewGCMTLS13() (cipher.AEAD, error) ++ }); ok { ++ return c.NewGCMTLS13() ++ } ++ return nil, errors.New("GCM not supported") ++} ++ ++// aesCipher implements the cipher.Block interface. ++type aesCipher struct { ++ cipher *evpCipher ++} ++ ++func (c aesCipher) BlockSize() int { ++ return c.cipher.blockSize ++} ++ ++func (c aesCipher) Encrypt(dst, src []byte) { ++ if err := c.cipher.encrypt(dst, src); err != nil { ++ // crypto/aes expects that the panic message starts with "crypto/aes: ". ++ panic("crypto/aes: " + err.Error()) ++ } ++} ++ ++func (c aesCipher) Decrypt(dst, src []byte) { ++ if err := c.cipher.decrypt(dst, src); err != nil { ++ // crypto/aes expects that the panic message starts with "crypto/aes: ". ++ panic("crypto/aes: " + err.Error()) ++ } ++} ++ ++// Implement optional interfaces for AES modes. ++ ++func (c cipherWithCBC) NewCBCEncrypter(iv []byte) cipher.BlockMode { ++ return c.cipher.newCBC(iv, cipherOpEncrypt) ++} ++ ++func (c cipherWithCBC) NewFIPSCBCEncrypter(iv []byte) cipher.BlockMode { ++ return c.cipher.newCBC(iv, cipherOpEncrypt) ++} ++ ++func (c cipherWithCBC) NewCBCDecrypter(iv []byte) cipher.BlockMode { ++ return c.cipher.newCBC(iv, cipherOpDecrypt) ++} ++ ++func (c cipherWithCBC) NewFIPSCBCDecrypter(iv []byte) cipher.BlockMode { ++ return c.cipher.newCBC(iv, cipherOpDecrypt) ++} ++ ++func (c cipherWithCTR) NewCTR(iv []byte) cipher.Stream { ++ return c.cipher.newCTR(iv) ++} ++ ++func (c cipherWithCTR) NewFIPSCTR(iv []byte) cipher.Stream { ++ return c.cipher.newCTR(iv) ++} ++ ++func (c cipherWithGCM) NewGCM(nonceSize, tagSize int) (cipher.AEAD, error) { ++ return c.cipher.newGCMChecked(nonceSize, tagSize) ++} ++ ++func (c cipherWithGCM) NewGCMTLS() (cipher.AEAD, error) { ++ return c.cipher.newGCM(cipherGCMTLS12) ++} ++ ++func (c cipherWithGCM) NewGCMTLS13() (cipher.AEAD, error) { ++ return c.cipher.newGCM(cipherGCMTLS13) ++} ++ ++// The following interfaces have been copied out of crypto/aes/modes.go. ++ ++type gcmAble interface { ++ NewGCM(nonceSize, tagSize int) (cipher.AEAD, error) ++} ++ ++type cbcEncAble interface { ++ NewCBCEncrypter(iv []byte) cipher.BlockMode ++} ++ ++type cbcDecAble interface { ++ NewCBCDecrypter(iv []byte) cipher.BlockMode ++} ++ ++type ctrAble interface { ++ NewCTR(iv []byte) cipher.Stream ++} ++ ++// Test that the interfaces are implemented. ++ ++var ( ++ _ cipher.Block = (*aesCipher)(nil) ++ ++ _ cipher.Block = (*cipherWithCBC)(nil) ++ _ cbcEncAble = (*cipherWithCBC)(nil) ++ _ cbcDecAble = (*cipherWithCBC)(nil) ++ ++ _ cipher.Block = (*cipherWithCTR)(nil) ++ _ ctrAble = (*cipherWithCTR)(nil) ++ ++ _ cipher.Block = (*cipherWithGCM)(nil) ++ _ gcmAble = (*cipherWithGCM)(nil) ++) +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/big.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/big.go +new file mode 100644 +index 00000000000000..a5d005176e63f9 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/big.go +@@ -0,0 +1,14 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++package openssl ++ ++// This file does not have build constraints to ++// facilitate using BigInt in Go crypto. ++// Go crypto references BigInt unconditionally, ++// even if it is not finally used. ++ ++// A BigInt is the raw words from a BigInt. ++// This definition allows us to avoid importing math/big. ++// Conversion between BigInt and *big.Int is in openssl/bbig. ++type BigInt []uint +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/chacha20poly1305.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/chacha20poly1305.go +new file mode 100644 +index 00000000000000..410829738931c7 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/chacha20poly1305.go +@@ -0,0 +1,152 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++package openssl ++ ++import ( ++ "crypto/cipher" ++ "errors" ++ "runtime" ++ "sync" ++ "unsafe" ++ ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) ++ ++const ( ++ chacha20Poly1305KeySize = 32 ++ chacha20Poly1305NonceSize = 12 ++ chacha20Poly1305Overhead = 16 ++) ++ ++var supportsChaCha20Poly1305 = sync.OnceValue(func() bool { ++ return loadCipher(cipherChaCha20Poly1305, cipherModeNone) != nil ++}) ++ ++func SupportsChaCha20Poly1305() bool { ++ return supportsChaCha20Poly1305() ++} ++ ++type chacha20poly1305 struct { ++ key [chacha20Poly1305KeySize]byte ++} ++ ++// NewChaCha20Poly1305 returns a ChaCha20-Poly1305 AEAD that uses the given 256-bit key. ++func NewChaCha20Poly1305(key []byte) (cipher.AEAD, error) { ++ if len(key) != chacha20Poly1305KeySize { ++ return nil, errors.New("chacha20poly1305: bad key length") ++ } ++ ret := new(chacha20poly1305) ++ copy(ret.key[:], key) ++ return ret, nil ++} ++ ++func (c *chacha20poly1305) NonceSize() int { ++ return chacha20Poly1305NonceSize ++} ++ ++func (c *chacha20poly1305) Overhead() int { ++ return chacha20Poly1305Overhead ++} ++ ++func (c *chacha20poly1305) Seal(dst, nonce, plaintext, additionalData []byte) []byte { ++ if len(nonce) != chacha20Poly1305NonceSize { ++ panic("chacha20poly1305: bad nonce length passed to Seal") ++ } ++ if uint64(len(plaintext)) > (1<<38)-64 { ++ panic("chacha20poly1305: plaintext too large") ++ } ++ ret, out := sliceForAppend(dst, len(plaintext)+chacha20Poly1305Overhead) ++ if inexactOverlap(out, plaintext) { ++ panic("chacha20poly1305: invalid buffer overlap of output and input") ++ } ++ if anyOverlap(out, additionalData) { ++ panic("chacha20poly1305: invalid buffer overlap of output and additional data") ++ } ++ ctx, err := newCipherCtx(cipherChaCha20Poly1305, cipherModeNone, cipherOpEncrypt, c.key[:], nil) ++ if err != nil { ++ panic(err) ++ } ++ defer ossl.EVP_CIPHER_CTX_free(ctx) ++ if _, err := ossl.EVP_CIPHER_CTX_ctrl(ctx, ossl.EVP_CTRL_AEAD_SET_IVLEN, int32(len(nonce)), nil); err != nil { ++ panic(err) ++ } ++ if _, err := ossl.EVP_EncryptInit_ex(ctx, nil, nil, nil, base(nonce)); err != nil { ++ panic(err) ++ } ++ if len(additionalData) > 0 { ++ var discard int32 ++ if _, err := ossl.EVP_EncryptUpdate(ctx, nil, &discard, additionalData); err != nil { ++ panic(err) ++ } ++ } ++ var outl int32 ++ if len(plaintext) > 0 { ++ if _, err := ossl.EVP_EncryptUpdate(ctx, out, &outl, plaintext); err != nil { ++ panic(err) ++ } ++ } ++ var discard int32 ++ if _, err := ossl.EVP_EncryptFinal_ex(ctx, out[outl:], &discard); err != nil { ++ panic(err) ++ } ++ tag := out[len(out)-chacha20Poly1305Overhead:] ++ if _, err := ossl.EVP_CIPHER_CTX_ctrl(ctx, ossl.EVP_CTRL_AEAD_GET_TAG, 16, unsafe.Pointer(base(tag))); err != nil { ++ panic(err) ++ } ++ runtime.KeepAlive(c) ++ return ret ++} ++ ++func (c *chacha20poly1305) Open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error) { ++ if len(nonce) != chacha20Poly1305NonceSize { ++ panic("chacha20poly1305: bad nonce length passed to Open") ++ } ++ if len(ciphertext) < 16 { ++ return nil, errOpen ++ } ++ if uint64(len(ciphertext)) > (1<<38)-48 { ++ panic("chacha20poly1305: ciphertext too large") ++ } ++ tag := ciphertext[len(ciphertext)-chacha20Poly1305Overhead:] ++ ciphertext = ciphertext[:len(ciphertext)-chacha20Poly1305Overhead] ++ ret, out := sliceForAppend(dst, len(ciphertext)) ++ if inexactOverlap(out, ciphertext) { ++ panic("chacha20poly1305: invalid buffer overlap of output and input") ++ } ++ if anyOverlap(out, additionalData) { ++ panic("chacha20poly1305: invalid buffer overlap of output and additional data") ++ } ++ ctx, err := newCipherCtx(cipherChaCha20Poly1305, cipherModeNone, cipherOpDecrypt, c.key[:], nil) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_CIPHER_CTX_free(ctx) ++ if _, err := ossl.EVP_CIPHER_CTX_ctrl(ctx, ossl.EVP_CTRL_AEAD_SET_IVLEN, int32(len(nonce)), nil); err != nil { ++ return nil, err ++ } ++ if _, err := ossl.EVP_CIPHER_CTX_ctrl(ctx, ossl.EVP_CTRL_AEAD_SET_TAG, 16, unsafe.Pointer(base(tag))); err != nil { ++ return nil, err ++ } ++ if _, err := ossl.EVP_DecryptInit_ex(ctx, nil, nil, nil, base(nonce)); err != nil { ++ return nil, err ++ } ++ if len(additionalData) > 0 { ++ var discard int32 ++ if _, err := ossl.EVP_DecryptUpdate(ctx, nil, &discard, additionalData); err != nil { ++ return nil, err ++ } ++ } ++ var outl int32 ++ if len(ciphertext) > 0 { ++ if _, err := ossl.EVP_DecryptUpdate(ctx, out, &outl, ciphertext); err != nil { ++ return nil, err ++ } ++ } ++ var discard int32 ++ if _, err := ossl.EVP_DecryptFinal_ex(ctx, out[outl:], &discard); err != nil { ++ return nil, errOpen ++ } ++ runtime.KeepAlive(c) ++ return ret[:len(dst)+len(ciphertext)], nil ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/cipher.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/cipher.go +new file mode 100644 +index 00000000000000..24615432053f01 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/cipher.go +@@ -0,0 +1,666 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++package openssl ++ ++import ( ++ "crypto/cipher" ++ "errors" ++ "runtime" ++ "strconv" ++ "sync" ++ "unsafe" ++ ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) ++ ++type cipherKind int8 ++ ++const ( ++ cipherAES128 cipherKind = iota ++ cipherAES192 ++ cipherAES256 ++ cipherDES ++ cipherDES3 ++ cipherRC4 ++ cipherChaCha20Poly1305 ++) ++ ++func (c cipherKind) String() string { ++ switch c { ++ case cipherAES128: ++ return "AES-128" ++ case cipherAES192: ++ return "AES-192" ++ case cipherAES256: ++ return "AES-256" ++ case cipherDES: ++ return "DES" ++ case cipherDES3: ++ return "DES3" ++ case cipherRC4: ++ return "RC4" ++ case cipherChaCha20Poly1305: ++ return "ChaCha20-Poly1305" ++ default: ++ panic("unknown cipher kind: " + strconv.Itoa(int(c))) ++ } ++} ++ ++type cipherMode int8 ++ ++const ( ++ cipherModeNone cipherMode = -1 ++ cipherModeECB cipherMode = iota ++ cipherModeCBC ++ cipherModeCTR ++ cipherModeGCM ++) ++ ++// cipherOp is the allowed operations for a cipher, ++// as documented in [EVP_CipherInit_ex]. ++// ++// [EVP_CipherInit_ex]: https://www.openssl.org/docs/man3.0/man3/EVP_CipherInit_ex.html ++type cipherOp int8 ++ ++const ( ++ cipherOpNone cipherOp = -1 // leaves the value of the previous call, if any. ++ cipherOpDecrypt cipherOp = 0 ++ cipherOpEncrypt cipherOp = 1 ++) ++ ++// cacheCipher is a cache of cipherKind to GO_EVP_CIPHER_PTR. ++var cacheCipher sync.Map ++ ++type cacheCipherKey struct { ++ kind cipherKind ++ mode cipherMode ++} ++ ++// loadCipher returns a cipher object for the given k. ++func loadCipher(k cipherKind, mode cipherMode) (cipher ossl.EVP_CIPHER_PTR) { ++ if v, ok := cacheCipher.Load(cacheCipherKey{k, mode}); ok { ++ return v.(ossl.EVP_CIPHER_PTR) ++ } ++ defer func() { ++ if cipher != nil { ++ switch major() { ++ case 3, 4: ++ // On OpenSSL 3, directly operating on a EVP_CIPHER object ++ // not created by EVP_CIPHER has negative performance ++ // implications, as cipher operations will have ++ // to fetch it on every call. Better to just fetch it once here. ++ cipher, _ = ossl.EVP_CIPHER_fetch(nil, ossl.EVP_CIPHER_get0_name(cipher), nil) ++ } ++ } ++ cacheCipher.Store(cacheCipherKey{k, mode}, cipher) ++ }() ++ switch k { ++ case cipherAES128: ++ switch mode { ++ case cipherModeECB: ++ cipher = ossl.EVP_aes_128_ecb() ++ case cipherModeCBC: ++ cipher = ossl.EVP_aes_128_cbc() ++ case cipherModeCTR: ++ cipher = ossl.EVP_aes_128_ctr() ++ case cipherModeGCM: ++ cipher = ossl.EVP_aes_128_gcm() ++ } ++ case cipherAES192: ++ switch mode { ++ case cipherModeECB: ++ cipher = ossl.EVP_aes_192_ecb() ++ case cipherModeCBC: ++ cipher = ossl.EVP_aes_192_cbc() ++ case cipherModeCTR: ++ cipher = ossl.EVP_aes_192_ctr() ++ case cipherModeGCM: ++ cipher = ossl.EVP_aes_192_gcm() ++ } ++ case cipherAES256: ++ switch mode { ++ case cipherModeECB: ++ cipher = ossl.EVP_aes_256_ecb() ++ case cipherModeCBC: ++ cipher = ossl.EVP_aes_256_cbc() ++ case cipherModeCTR: ++ cipher = ossl.EVP_aes_256_ctr() ++ case cipherModeGCM: ++ cipher = ossl.EVP_aes_256_gcm() ++ } ++ case cipherDES: ++ switch mode { ++ case cipherModeECB: ++ cipher = ossl.EVP_des_ecb() ++ case cipherModeCBC: ++ cipher = ossl.EVP_des_cbc() ++ } ++ case cipherDES3: ++ switch mode { ++ case cipherModeECB: ++ cipher = ossl.EVP_des_ede3_ecb() ++ case cipherModeCBC: ++ cipher = ossl.EVP_des_ede3_cbc() ++ } ++ case cipherRC4: ++ cipher = ossl.EVP_rc4() ++ case cipherChaCha20Poly1305: ++ if ossl.EVP_chacha20_poly1305_Available() { ++ cipher = ossl.EVP_chacha20_poly1305() ++ } ++ } ++ return cipher ++} ++ ++type evpCipher struct { ++ key []byte ++ kind cipherKind ++ blockSize int ++} ++ ++func newEVPCipher(key []byte, kind cipherKind) (*evpCipher, error) { ++ cipher := loadCipher(kind, cipherModeECB) ++ if cipher == nil { ++ return nil, errors.New("crypto/cipher: unsupported cipher: " + kind.String()) ++ } ++ c := &evpCipher{key: make([]byte, len(key)), kind: kind} ++ copy(c.key, key) ++ c.blockSize = int(ossl.EVP_CIPHER_get_block_size(cipher)) ++ return c, nil ++} ++ ++func (c *evpCipher) encrypt(dst, src []byte) error { ++ if len(src) < c.blockSize { ++ return errors.New("input not full block") ++ } ++ if len(dst) < c.blockSize { ++ return errors.New("output not full block") ++ } ++ // Only check for overlap between the parts of src and dst that will actually be used. ++ // This matches Go standard library behavior. ++ if inexactOverlap(dst[:c.blockSize], src[:c.blockSize]) { ++ return errors.New("invalid buffer overlap") ++ } ++ enc_ctx, err := newCipherCtx(c.kind, cipherModeECB, cipherOpEncrypt, c.key, nil) ++ if err != nil { ++ return err ++ } ++ defer ossl.EVP_CIPHER_CTX_free(enc_ctx) ++ ++ var outl int32 ++ if _, err := ossl.EVP_EncryptUpdate(enc_ctx, dst[:c.blockSize], &outl, src[:c.blockSize]); err != nil { ++ return err ++ } ++ runtime.KeepAlive(c) ++ return nil ++} ++ ++func (c *evpCipher) decrypt(dst, src []byte) error { ++ if len(src) < c.blockSize { ++ return errors.New("input not full block") ++ } ++ if len(dst) < c.blockSize { ++ return errors.New("output not full block") ++ } ++ // Only check for overlap between the parts of src and dst that will actually be used. ++ // This matches Go standard library behavior. ++ if inexactOverlap(dst[:c.blockSize], src[:c.blockSize]) { ++ return errors.New("invalid buffer overlap") ++ } ++ dec_ctx, err := newCipherCtx(c.kind, cipherModeECB, cipherOpDecrypt, c.key, nil) ++ if err != nil { ++ return err ++ } ++ defer ossl.EVP_CIPHER_CTX_free(dec_ctx) ++ ++ if _, err := ossl.EVP_CIPHER_CTX_set_padding(dec_ctx, 0); err != nil { ++ return err ++ } ++ ++ var outl int32 ++ ossl.EVP_DecryptUpdate(dec_ctx, dst[:c.blockSize], &outl, src[:c.blockSize]) ++ runtime.KeepAlive(c) ++ return nil ++} ++ ++type cipherCBC struct { ++ ctx ossl.EVP_CIPHER_CTX_PTR ++ blockSize int ++} ++ ++func (c *cipherCBC) finalize() { ++ ossl.EVP_CIPHER_CTX_free(c.ctx) ++} ++ ++func (x *cipherCBC) BlockSize() int { return x.blockSize } ++ ++func (x *cipherCBC) CryptBlocks(dst, src []byte) { ++ if inexactOverlap(dst, src) { ++ panic("crypto/cipher: invalid buffer overlap") ++ } ++ if len(src)%x.blockSize != 0 { ++ panic("crypto/cipher: input not full blocks") ++ } ++ if len(dst) < len(src) { ++ panic("crypto/cipher: output smaller than input") ++ } ++ if len(src) > 0 { ++ var outl int32 ++ if _, err := ossl.EVP_CipherUpdate(x.ctx, dst, &outl, src); err != nil { ++ panic("crypto/cipher: " + err.Error()) ++ } ++ runtime.KeepAlive(x) ++ } ++} ++ ++func (x *cipherCBC) SetIV(iv []byte) { ++ if len(iv) != x.blockSize { ++ panic("crypto/cipher: incorrect length IV") ++ } ++ if _, err := ossl.EVP_CipherInit_ex(x.ctx, nil, nil, nil, base(iv), int32(cipherOpNone)); err != nil { ++ panic("crypto/cipher: " + err.Error()) ++ } ++} ++ ++func (c *evpCipher) newCBC(iv []byte, op cipherOp) cipher.BlockMode { ++ ctx, err := newCipherCtx(c.kind, cipherModeCBC, op, c.key, iv) ++ if err != nil { ++ panic(err) ++ } ++ x := &cipherCBC{ctx: ctx, blockSize: c.blockSize} ++ runtime.SetFinalizer(x, (*cipherCBC).finalize) ++ if _, err := ossl.EVP_CIPHER_CTX_set_padding(x.ctx, 0); err != nil { ++ panic("crypto/cipher: " + err.Error()) ++ } ++ return x ++} ++ ++type cipherCTR struct { ++ ctx ossl.EVP_CIPHER_CTX_PTR ++} ++ ++func (x *cipherCTR) XORKeyStream(dst, src []byte) { ++ if inexactOverlap(dst, src) { ++ panic("crypto/cipher: invalid buffer overlap") ++ } ++ if len(dst) < len(src) { ++ panic("crypto/cipher: output smaller than input") ++ } ++ if len(src) == 0 { ++ return ++ } ++ var outl int32 ++ if _, err := ossl.EVP_EncryptUpdate(x.ctx, dst, &outl, src); err != nil { ++ panic("crypto/cipher: " + err.Error()) ++ } ++ runtime.KeepAlive(x) ++} ++ ++func (c *evpCipher) newCTR(iv []byte) cipher.Stream { ++ ctx, err := newCipherCtx(c.kind, cipherModeCTR, cipherOpEncrypt, c.key, iv) ++ if err != nil { ++ panic(err) ++ } ++ x := &cipherCTR{ctx: ctx} ++ runtime.SetFinalizer(x, (*cipherCTR).finalize) ++ return x ++} ++ ++func (c *cipherCTR) finalize() { ++ ossl.EVP_CIPHER_CTX_free(c.ctx) ++} ++ ++type cipherGCMTLS uint8 ++ ++const ( ++ cipherGCMTLSNone cipherGCMTLS = iota ++ cipherGCMTLS12 ++ cipherGCMTLS13 ++) ++ ++type cipherGCM struct { ++ c *evpCipher ++ tls cipherGCMTLS ++ // minNextNonce is the minimum value that the next nonce can be, enforced by ++ // all TLS modes. ++ minNextNonce uint64 ++ // mask is the nonce mask used in TLS 1.3 mode. ++ mask uint64 ++ // maskInitialized is true if mask has been initialized. This happens during ++ // the first Seal. The initialized mask may be 0. Used by TLS 1.3 mode. ++ maskInitialized bool ++ blockSize int ++} ++ ++const ( ++ aesBlockSize = 16 ++ gcmTagSize = 16 ++ gcmStandardNonceSize = 12 ++ // TLS 1.2 additional data is constructed as: ++ // ++ // additional_data = seq_num(8) + TLSCompressed.type(1) + TLSCompressed.version(2) + TLSCompressed.length(2); ++ gcmTls12AddSize = 13 ++ // TLS 1.3 additional data is constructed as: ++ // ++ // additional_data = TLSCiphertext.opaque_type(1) || TLSCiphertext.legacy_record_version(2) || TLSCiphertext.length(2) ++ gcmTls13AddSize = 5 ++ gcmTlsFixedNonceSize = 4 ++) ++ ++type noGCM struct { ++ *evpCipher ++} ++ ++func (g *noGCM) BlockSize() int { ++ return g.blockSize ++} ++ ++func (g *noGCM) Encrypt(dst, src []byte) { ++ g.encrypt(dst, src) ++} ++ ++func (g *noGCM) Decrypt(dst, src []byte) { ++ g.decrypt(dst, src) ++} ++ ++func (c *evpCipher) newGCMChecked(nonceSize, tagSize int) (cipher.AEAD, error) { ++ if nonceSize != gcmStandardNonceSize && tagSize != gcmTagSize { ++ return nil, errors.New("crypto/cipher: GCM tag and nonce sizes can't be non-standard at the same time") ++ } ++ // Fall back to standard library for GCM with non-standard nonce or tag size. ++ if nonceSize != gcmStandardNonceSize { ++ return cipher.NewGCMWithNonceSize(&noGCM{c}, nonceSize) ++ } ++ if tagSize != gcmTagSize { ++ return cipher.NewGCMWithTagSize(&noGCM{c}, tagSize) ++ } ++ return c.newGCM(cipherGCMTLSNone) ++} ++ ++func (c *evpCipher) newGCM(tls cipherGCMTLS) (cipher.AEAD, error) { ++ g := &cipherGCM{c: c, tls: tls, blockSize: c.blockSize} ++ return g, nil ++} ++ ++func (g *cipherGCM) NonceSize() int { ++ return gcmStandardNonceSize ++} ++ ++func (g *cipherGCM) Overhead() int { ++ return gcmTagSize ++} ++ ++func (g *cipherGCM) Seal(dst, nonce, plaintext, aad []byte) []byte { ++ if len(nonce) != gcmStandardNonceSize { ++ panic("cipher: incorrect nonce length given to GCM") ++ } ++ if uint64(len(plaintext)) > ((1<<32)-2)*uint64(g.blockSize) || len(plaintext)+gcmTagSize < len(plaintext) { ++ panic("cipher: message too large for GCM") ++ } ++ if len(dst)+len(plaintext)+gcmTagSize < len(dst) { ++ panic("cipher: message too large for buffer") ++ } ++ if g.tls != cipherGCMTLSNone { ++ if g.tls == cipherGCMTLS12 && len(aad) != gcmTls12AddSize { ++ panic("cipher: incorrect additional data length given to GCM TLS 1.2") ++ } else if g.tls == cipherGCMTLS13 && len(aad) != gcmTls13AddSize { ++ panic("cipher: incorrect additional data length given to GCM TLS 1.3") ++ } ++ counter := bigEndianUint64(nonce[gcmTlsFixedNonceSize:]) ++ if g.tls == cipherGCMTLS13 { ++ // In TLS 1.3, the counter in the nonce has a mask and requires ++ // further decoding. ++ if !g.maskInitialized { ++ // According to TLS 1.3 nonce construction details at ++ // https://tools.ietf.org/html/rfc8446#section-5.3: ++ // ++ // the first record transmitted under a particular traffic ++ // key MUST use sequence number 0. ++ // ++ // The padded sequence number is XORed with [a mask]. ++ // ++ // The resulting quantity (of length iv_length) is used as ++ // the per-record nonce. ++ // ++ // We need to convert from the given nonce to sequence numbers ++ // to keep track of minNextNonce and enforce the counter ++ // maximum. On the first call, we know counter^mask is 0^mask, ++ // so we can simply store it as the mask. ++ g.mask = counter ++ g.maskInitialized = true ++ } ++ counter ^= g.mask ++ } ++ // BoringCrypto enforces strictly monotonically increasing explicit nonces ++ // and to fail after 2^64 - 1 keys as per FIPS 140-2 IG A.5, ++ // but OpenSSL does not perform this check, so it is implemented here. ++ const maxUint64 = 1<<64 - 1 ++ if counter == maxUint64 { ++ panic("cipher: nonce counter must be less than 2^64 - 1") ++ } ++ if counter < g.minNextNonce { ++ panic("cipher: nonce counter must be strictly monotonically increasing") ++ } ++ defer func() { ++ g.minNextNonce = counter + 1 ++ }() ++ } ++ ++ // Make room in dst to append plaintext+overhead. ++ ret, out := sliceForAppend(dst, len(plaintext)+gcmTagSize) ++ ++ // Check delayed until now to make sure len(dst) is accurate. ++ if inexactOverlap(out, plaintext) { ++ panic("cipher: invalid buffer overlap") ++ } ++ ++ ctx, err := newCipherCtx(g.c.kind, cipherModeGCM, cipherOpNone, g.c.key, nil) ++ if err != nil { ++ panic(err) ++ } ++ defer ossl.EVP_CIPHER_CTX_free(ctx) ++ // Encrypt additional data. ++ // When sealing a TLS payload, OpenSSL app sets the additional data using ++ // '_EVP_CIPHER_CTX_ctrl(g.ctx, _EVP_CTRL_AEAD_TLS1_AAD, _EVP_AEAD_TLS1_AAD_LEN, base(additionalData))'. ++ // This makes the explicit nonce component to monotonically increase on every Seal operation without ++ // relying in the explicit nonce being securely set externally, ++ // and it also gives some interesting speed gains. ++ // Unfortunately we can't use it because Go expects AEAD.Seal to honor the provided nonce. ++ if _, err := ossl.EVP_EncryptInit_ex(ctx, nil, nil, nil, base(nonce)); err != nil { ++ panic(err) ++ } ++ var outl, discard int32 ++ if _, err := ossl.EVP_EncryptUpdate(ctx, nil, &discard, sliceNeverNil(aad)); err != nil { ++ panic(err) ++ } ++ if _, err := ossl.EVP_EncryptUpdate(ctx, out, &outl, sliceNeverNil(plaintext)); err != nil { ++ panic(err) ++ } ++ if len(plaintext) != int(outl) { ++ panic("cipher: incorrect length returned from GCM EncryptUpdate") ++ } ++ discard = 0 ++ if _, err := ossl.EVP_EncryptFinal_ex(ctx, out[outl:], &discard); err != nil { ++ panic(err) ++ } ++ if _, err := ossl.EVP_CIPHER_CTX_ctrl(ctx, ossl.EVP_CTRL_GCM_GET_TAG, 16, unsafe.Pointer(base(out[outl:]))); err != nil { ++ panic(err) ++ } ++ runtime.KeepAlive(g) ++ return ret ++} ++ ++func (g *cipherGCM) SealWithRandomNonce(out, nonce, plaintext, aad []byte) { ++ if uint64(len(plaintext)) > uint64((1<<32)-2)*aesBlockSize { ++ panic("crypto/cipher: message too large for GCM") ++ } ++ if len(nonce) != gcmStandardNonceSize { ++ panic("crypto/cipher: incorrect nonce length given to GCMWithRandomNonce") ++ } ++ if len(out) != len(plaintext)+gcmTagSize { ++ panic("crypto/cipher: incorrect output length given to GCMWithRandomNonce") ++ } ++ if inexactOverlap(out, plaintext) { ++ panic("crypto/cipher: invalid buffer overlap of output and input") ++ } ++ if anyOverlap(out, aad) { ++ panic("crypto/cipher: invalid buffer overlap of output and additional data") ++ } ++ ++ if g.tls != cipherGCMTLSNone { ++ panic("cipher: encryption failed") ++ } ++ ++ RandReader.Read(nonce) ++ ctx, err := newCipherCtx(g.c.kind, cipherModeGCM, cipherOpNone, g.c.key, nil) ++ if err != nil { ++ panic(err) ++ } ++ defer ossl.EVP_CIPHER_CTX_free(ctx) ++ ++ if _, err := ossl.EVP_EncryptInit_ex(ctx, nil, nil, nil, base(nonce)); err != nil { ++ panic(err) ++ } ++ var outl, discard int32 ++ if _, err := ossl.EVP_EncryptUpdate(ctx, nil, &discard, sliceNeverNil(aad)); err != nil { ++ panic(err) ++ } ++ if _, err := ossl.EVP_EncryptUpdate(ctx, out, &outl, sliceNeverNil(plaintext)); err != nil { ++ panic(err) ++ } ++ if len(plaintext) != int(outl) { ++ panic("cipher: incorrect length returned from GCM EncryptUpdate") ++ } ++ discard = 0 ++ if _, err := ossl.EVP_EncryptFinal_ex(ctx, out[outl:], &discard); err != nil { ++ panic(err) ++ } ++ if _, err := ossl.EVP_CIPHER_CTX_ctrl(ctx, ossl.EVP_CTRL_GCM_GET_TAG, 16, unsafe.Pointer(base(out[outl:]))); err != nil { ++ panic(err) ++ } ++ runtime.KeepAlive(g) ++} ++ ++var errOpen = errors.New("cipher: message authentication failed") ++ ++func (g *cipherGCM) Open(dst, nonce, ciphertext, aad []byte) (_ []byte, err error) { ++ if len(nonce) != gcmStandardNonceSize { ++ panic("cipher: incorrect nonce length given to GCM") ++ } ++ if len(ciphertext) < gcmTagSize { ++ return nil, errOpen ++ } ++ if uint64(len(ciphertext)) > ((1<<32)-2)*uint64(g.blockSize)+gcmTagSize { ++ return nil, errOpen ++ } ++ // BoringCrypto does not do any TLS check when decrypting, neither do we. ++ ++ tag := ciphertext[len(ciphertext)-gcmTagSize:] ++ ciphertext = ciphertext[:len(ciphertext)-gcmTagSize] ++ ++ // Make room in dst to append ciphertext without tag. ++ ret, out := sliceForAppend(dst, len(ciphertext)) ++ ++ // Check delayed until now to make sure len(dst) is accurate. ++ if inexactOverlap(out, ciphertext) { ++ panic("cipher: invalid buffer overlap") ++ } ++ ++ ctx, err := newCipherCtx(g.c.kind, cipherModeGCM, cipherOpNone, g.c.key, nil) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_CIPHER_CTX_free(ctx) ++ ++ defer func() { ++ if err != nil { ++ // Zero output buffer on error. ++ for i := range out { ++ out[i] = 0 ++ } ++ } ++ }() ++ if _, err := ossl.EVP_DecryptInit_ex(ctx, nil, nil, nil, base(nonce)); err != nil { ++ return nil, errOpen ++ } ++ if _, err := ossl.EVP_CIPHER_CTX_ctrl(ctx, ossl.EVP_CTRL_GCM_SET_TAG, 16, unsafe.Pointer(base(tag))); err != nil { ++ return nil, errOpen ++ } ++ var outl, discard int32 ++ if _, err := ossl.EVP_DecryptUpdate(ctx, nil, &discard, sliceNeverNil(aad)); err != nil { ++ return nil, errOpen ++ } ++ if _, err := ossl.EVP_DecryptUpdate(ctx, out, &outl, sliceNeverNil(ciphertext)); err != nil { ++ return nil, errOpen ++ } ++ if len(ciphertext) != int(outl) { ++ return nil, errOpen ++ } ++ discard = 0 ++ if _, err := ossl.EVP_DecryptFinal_ex(ctx, out[outl:], &discard); err != nil { ++ return nil, errOpen ++ } ++ runtime.KeepAlive(g) ++ return ret, nil ++} ++ ++// sliceForAppend is a mirror of crypto/cipher.sliceForAppend. ++func sliceForAppend(in []byte, n int) (head, tail []byte) { ++ if total := len(in) + n; cap(in) >= total { ++ head = in[:total] ++ } else { ++ head = make([]byte, total) ++ copy(head, in) ++ } ++ tail = head[len(in):] ++ return ++} ++ ++func newCipherCtx(kind cipherKind, mode cipherMode, encrypt cipherOp, key, iv []byte) (_ ossl.EVP_CIPHER_CTX_PTR, err error) { ++ cipher := loadCipher(kind, mode) ++ if cipher == nil { ++ panic("crypto/cipher: unsupported cipher: " + kind.String()) ++ } ++ ctx, err := ossl.EVP_CIPHER_CTX_new() ++ if err != nil { ++ return nil, err ++ } ++ defer func() { ++ if err != nil { ++ ossl.EVP_CIPHER_CTX_free(ctx) ++ } ++ }() ++ if kind == cipherRC4 { ++ // RC4 cipher supports a variable key length. ++ // We need to set the key length before setting the key, ++ // and to do so we need to have an initialized cipher ctx. ++ if _, err := ossl.EVP_CipherInit_ex(ctx, cipher, nil, nil, nil, int32(encrypt)); err != nil { ++ return nil, err ++ } ++ if _, err := ossl.EVP_CIPHER_CTX_set_key_length(ctx, int32(len(key))); err != nil { ++ return nil, err ++ } ++ // Pass nil to the next call to EVP_CipherInit_ex to avoid resetting ctx's cipher. ++ cipher = nil ++ } ++ if _, err := ossl.EVP_CipherInit_ex(ctx, cipher, nil, base(key), base(iv), int32(encrypt)); err != nil { ++ return nil, err ++ } ++ return ctx, nil ++} ++ ++// The following two functions are a mirror of golang.org/x/crypto/internal/subtle. ++ ++func anyOverlap(x, y []byte) bool { ++ return len(x) > 0 && len(y) > 0 && ++ uintptr(unsafe.Pointer(&x[0])) <= uintptr(unsafe.Pointer(&y[len(y)-1])) && ++ uintptr(unsafe.Pointer(&y[0])) <= uintptr(unsafe.Pointer(&x[len(x)-1])) ++} ++ ++func inexactOverlap(x, y []byte) bool { ++ if len(x) == 0 || len(y) == 0 || &x[0] == &y[0] { ++ return false ++ } ++ return anyOverlap(x, y) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/const.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/const.go +new file mode 100644 +index 00000000000000..7817e37ffdc40f +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/const.go +@@ -0,0 +1,109 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++package openssl ++ ++import "unsafe" ++ ++// cString is a null-terminated string, ++// akin to C's char*. ++type cString string ++ ++// str returns the string value. ++func (s cString) str() string { ++ return string(s) ++} ++ ++// ptr returns a pointer to the string data. ++// It panics if the string is not null-terminated. ++// ++// The memory pointed to by the returned pointer should ++// not be modified and it must only be passed to ++// "const char*" parameters. Any attempt to modify it ++// will result in a runtime panic, as Go strings are ++// allocated in read-only memory. ++func (s cString) ptr() *byte { ++ if len(s) == 0 { ++ return nil ++ } ++ if s[len(s)-1] != 0 { ++ panic("must be null-terminated") ++ } ++ return unsafe.StringData(string(s)) ++} ++ ++const ( //checkheader:ignore ++ // Key types ++ _KeyTypeRSA cString = "RSA\x00" ++ _KeyTypeEC cString = "EC\x00" ++ _KeyTypeED25519 cString = "ED25519\x00" ++ _KeyTypeX25519 cString = "X25519\x00" ++ _KeyTypeMLKEM768 cString = "ML-KEM-768\x00" ++ _KeyTypeMLKEM1024 cString = "ML-KEM-1024\x00" ++ _KeyTypeMLDSA44 cString = "ML-DSA-44\x00" ++ _KeyTypeMLDSA65 cString = "ML-DSA-65\x00" ++ _KeyTypeMLDSA87 cString = "ML-DSA-87\x00" ++ _KeyTypeChacha20Poly1305 cString = "CHACHA20-POLY1305\x00" ++ ++ // Digest names ++ _DigestNameSHAKE128 cString = "SHAKE-128\x00" ++ _DigestNameSHAKE256 cString = "SHAKE-256\x00" ++ ++ // KDF names ++ _OSSL_KDF_NAME_HKDF cString = "HKDF\x00" ++ _OSSL_KDF_NAME_PBKDF2 cString = "PBKDF2\x00" ++ _OSSL_KDF_NAME_TLS1_PRF cString = "TLS1-PRF\x00" ++ _OSSL_KDF_NAME_TLS13_KDF cString = "TLS13-KDF\x00" ++ _OSSL_MAC_NAME_HMAC cString = "HMAC\x00" ++ ++ // KDF parameters ++ _OSSL_KDF_PARAM_DIGEST cString = "digest\x00" ++ _OSSL_KDF_PARAM_SECRET cString = "secret\x00" ++ _OSSL_KDF_PARAM_SEED cString = "seed\x00" ++ _OSSL_KDF_PARAM_KEY cString = "key\x00" ++ _OSSL_KDF_PARAM_PASSWORD cString = "pass\x00" ++ _OSSL_KDF_PARAM_ITER cString = "iter\x00" ++ _OSSL_KDF_PARAM_PKCS5 cString = "pkcs5\x00" ++ _OSSL_KDF_PARAM_INFO cString = "info\x00" ++ _OSSL_KDF_PARAM_SALT cString = "salt\x00" ++ _OSSL_KDF_PARAM_MODE cString = "mode\x00" ++ ++ // KDF FIPS parameters ++ _OSSL_KDF_PARAM_FIPS_KEY_CHECK cString = "key-check\x00" ++ ++ // TLS3-KDF parameters ++ _OSSL_KDF_PARAM_PREFIX cString = "prefix\x00" ++ _OSSL_KDF_PARAM_LABEL cString = "label\x00" ++ _OSSL_KDF_PARAM_DATA cString = "data\x00" ++ ++ // PKEY parameters ++ _OSSL_PKEY_PARAM_PUB_KEY cString = "pub\x00" ++ _OSSL_PKEY_PARAM_PRIV_KEY cString = "priv\x00" ++ _OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY cString = "encoded-pub-key\x00" ++ _OSSL_PKEY_PARAM_GROUP_NAME cString = "group\x00" ++ _OSSL_PKEY_PARAM_EC_PUB_X cString = "qx\x00" ++ _OSSL_PKEY_PARAM_EC_PUB_Y cString = "qy\x00" ++ _OSSL_PKEY_PARAM_FFC_PBITS cString = "pbits\x00" ++ _OSSL_PKEY_PARAM_FFC_QBITS cString = "qbits\x00" ++ _OSSL_PKEY_PARAM_RSA_N cString = "n\x00" ++ _OSSL_PKEY_PARAM_RSA_E cString = "e\x00" ++ _OSSL_PKEY_PARAM_RSA_D cString = "d\x00" ++ _OSSL_PKEY_PARAM_FFC_P cString = "p\x00" ++ _OSSL_PKEY_PARAM_FFC_Q cString = "q\x00" ++ _OSSL_PKEY_PARAM_FFC_G cString = "g\x00" ++ _OSSL_PKEY_PARAM_RSA_FACTOR1 cString = "rsa-factor1\x00" ++ _OSSL_PKEY_PARAM_RSA_FACTOR2 cString = "rsa-factor2\x00" ++ _OSSL_PKEY_PARAM_RSA_EXPONENT1 cString = "rsa-exponent1\x00" ++ _OSSL_PKEY_PARAM_RSA_EXPONENT2 cString = "rsa-exponent2\x00" ++ _OSSL_PKEY_PARAM_RSA_COEFFICIENT1 cString = "rsa-coefficient1\x00" ++ _OSSL_PKEY_PARAM_ML_KEM_SEED cString = "seed\x00" ++ _OSSL_PKEY_PARAM_ML_DSA_SEED cString = "seed\x00" ++ ++ // Signature parameters ++ _OSSL_SIGNATURE_PARAM_CONTEXT_STRING cString = "context-string\x00" ++ _OSSL_SIGNATURE_PARAM_MU cString = "mu\x00" ++ ++ // MAC parameters ++ _OSSL_MAC_PARAM_DIGEST cString = "digest\x00" ++ _OSSL_MAC_PARAM_FIPS_KEY_CHECK cString = "key-check\x00" ++) +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/cshake.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/cshake.go +new file mode 100644 +index 00000000000000..ece9605829f12d +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/cshake.go +@@ -0,0 +1,256 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++package openssl ++ ++import ( ++ "runtime" ++ "strconv" ++ "sync" ++ ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) ++ ++// shakeOneShot applies the SHAKE extendable output function to data and ++// writes the output to out. ++func shakeOneShot(secuirtyBits int, data []byte, out []byte) { ++ // Can't use EVP_Digest because it doesn't support output lengths ++ // larger than the block size, while crypto/sha3 supports any length. ++ alg := loadShake(secuirtyBits) ++ if alg == nil { ++ panic("openssl: unsupported SHAKE" + strconv.Itoa(secuirtyBits) + " function") ++ } ++ ctx, err := ossl.EVP_MD_CTX_new() ++ if err != nil { ++ panic(err) ++ } ++ defer ossl.EVP_MD_CTX_free(ctx) ++ if _, err := ossl.EVP_DigestInit_ex(ctx, alg.md, nil); err != nil { ++ panic(err) ++ } ++ if _, err := ossl.EVP_DigestUpdate(ctx, data); err != nil { ++ panic(err) ++ } ++ if _, err := ossl.EVP_DigestFinalXOF(ctx, out); err != nil { ++ panic(err) ++ } ++} ++ ++// SumSHAKE128 applies the SHAKE128 extendable output function to data and ++// returns an output of the given length in bytes. ++func SumSHAKE128(data []byte, length int) []byte { ++ out := make([]byte, length) ++ shakeOneShot(128, data, out) ++ return out ++} ++ ++// SumSHAKE256 applies the SHAKE256 extendable output function to data and ++// returns an output of the given length in bytes. ++func SumSHAKE256(data []byte, length int) []byte { ++ out := make([]byte, length) ++ shakeOneShot(256, data, out) ++ return out ++} ++ ++var shakeSupported sync.Map ++ ++var hasDigestSqueeze = sync.OnceValue(ossl.EVP_DigestSqueeze_Available) ++ ++// SupportsSHAKE returns true if the SHAKE extendable output functions ++// with the given securityBits are supported. ++func SupportsSHAKE(securityBits int) bool { ++ if !hasDigestSqueeze() { ++ // SHAKE MD's are supported since OpenSSL 1.1.1, but ++ // EVP_DigestSqueeze (added in OpenSSL 3.3) is required to ++ // implement [sha3.SHAKE]'s streaming Read API. ++ return false ++ } ++ if v, ok := shakeSupported.Load(securityBits); ok { ++ return v.(bool) ++ } ++ alg := loadShake(securityBits) ++ if alg == nil { ++ shakeSupported.Store(securityBits, false) ++ return false ++ } ++ // EVP_MD objects can be non-nil but the underlying provider may not ++ // support EVP_DigestSqueeze. We need to test it. ++ var supported bool ++ if ctx, _ := ossl.EVP_MD_CTX_new(); ctx != nil { ++ defer ossl.EVP_MD_CTX_free(ctx) ++ if _, err := ossl.EVP_DigestInit_ex(ctx, alg.md, nil); err == nil { ++ var tmp [1]byte ++ _, err := ossl.EVP_DigestSqueeze(ctx, tmp[:]) ++ supported = err == nil ++ } ++ } ++ shakeSupported.Store(securityBits, supported) ++ return supported ++} ++ ++// SupportsCSHAKE returns true if the CSHAKE extendable output functions ++// with the given securityBits are supported. ++func SupportsCSHAKE(securityBits int) bool { ++ // OpenSSL tracker issue https://github.com/openssl/openssl/issues/28358 ++ return false ++} ++ ++// SHAKE is an instance of a SHAKE extendable output function. ++type SHAKE struct { ++ alg *shakeAlgorithm ++ ctx ossl.EVP_MD_CTX_PTR ++ lastXofLen int ++} ++ ++// NewSHAKE128 creates a new SHAKE128 XOF. ++func NewSHAKE128() *SHAKE { ++ return newSHAKE(128) ++} ++ ++// NewSHAKE256 creates a new SHAKE256 XOF. ++func NewSHAKE256() *SHAKE { ++ return newSHAKE(256) ++} ++ ++// NewCSHAKE128 creates a new cSHAKE128 XOF. ++// ++// N is used to define functions based on cSHAKE, it can be empty when plain ++// cSHAKE is desired. S is a customization byte string used for domain ++// separation. When N and S are both empty, this is equivalent to NewSHAKE128. ++func NewCSHAKE128(N, S []byte) *SHAKE { ++ if len(N) == 0 && len(S) == 0 { ++ return NewSHAKE128() ++ } ++ return nil ++} ++ ++// NewCSHAKE256 creates a new cSHAKE256 XOF. ++// ++// N is used to define functions based on cSHAKE, it can be empty when plain ++// cSHAKE is desired. S is a customization byte string used for domain ++// separation. When N and S are both empty, this is equivalent to NewSHAKE256. ++func NewCSHAKE256(N, S []byte) *SHAKE { ++ if len(N) == 0 && len(S) == 0 { ++ return NewSHAKE256() ++ } ++ return nil ++} ++ ++func newSHAKE(securityBits int) *SHAKE { ++ alg := loadShake(securityBits) ++ if alg == nil { ++ panic("openssl: unsupported SHAKE" + strconv.Itoa(securityBits) + " function") ++ } ++ ctx, err := ossl.EVP_MD_CTX_new() ++ if err != nil { ++ panic(err) ++ } ++ if _, err := ossl.EVP_DigestInit_ex(ctx, alg.md, nil); err != nil { ++ ossl.EVP_MD_CTX_free(ctx) ++ panic(err) ++ } ++ s := &SHAKE{alg: alg, ctx: ctx} ++ runtime.SetFinalizer(s, (*SHAKE).finalize) ++ return s ++} ++ ++func (s *SHAKE) finalize() { ++ ossl.EVP_MD_CTX_free(s.ctx) ++} ++ ++// Write absorbs more data into the XOF's state. ++// ++// It panics if any output has already been read. ++func (s *SHAKE) Write(p []byte) (n int, err error) { ++ defer runtime.KeepAlive(s) ++ if len(p) == 0 { ++ return 0, nil ++ } ++ if _, err := ossl.EVP_DigestUpdate(s.ctx, p); err != nil { ++ panic(err) ++ } ++ return len(p), nil ++} ++ ++// Read squeezes more output from the XOF. ++// ++// Any call to Write after a call to Read will panic. ++func (s *SHAKE) Read(p []byte) (n int, err error) { ++ defer runtime.KeepAlive(s) ++ if len(p) == 0 { ++ return 0, nil ++ } ++ if len(p) != s.lastXofLen { ++ if _, err := ossl.EVP_MD_CTX_ctrl(s.ctx, ossl.EVP_MD_CTRL_XOF_LEN, int32(len(p)), nil); err != nil { ++ panic(err) ++ } ++ s.lastXofLen = len(p) ++ } ++ if _, err := ossl.EVP_DigestSqueeze(s.ctx, p); err != nil { ++ panic(err) ++ } ++ return len(p), nil ++} ++ ++// Reset resets the XOF to its initial state. ++func (s *SHAKE) Reset() { ++ defer runtime.KeepAlive(s) ++ if _, err := ossl.EVP_DigestInit_ex(s.ctx, nil, nil); err != nil { ++ panic(err) ++ } ++ s.lastXofLen = 0 ++} ++ ++// BlockSize returns the rate of the XOF. ++func (s *SHAKE) BlockSize() int { ++ return s.alg.blockSize ++} ++ ++func (s *SHAKE) MarshalBinary() ([]byte, error) { ++ return nil, errMarshallUnsupported{} ++} ++ ++func (s *SHAKE) AppendBinary(b []byte) ([]byte, error) { ++ return nil, errMarshallUnsupported{} ++} ++ ++func (s *SHAKE) UnmarshalBinary(data []byte) error { ++ return errMarshallUnsupported{} ++} ++ ++type shakeAlgorithm struct { ++ md ossl.EVP_MD_PTR ++ blockSize int ++} ++ ++var cacheSHAKE sync.Map ++ ++// loadShake converts a crypto.Hash to a EVP_MD. ++func loadShake(securityBits int) (alg *shakeAlgorithm) { ++ if v, ok := cacheSHAKE.Load(securityBits); ok { ++ return v.(*shakeAlgorithm) ++ } ++ defer func() { ++ cacheSHAKE.Store(securityBits, alg) ++ }() ++ ++ var name cString ++ switch securityBits { ++ case 128: ++ name = _DigestNameSHAKE128 ++ case 256: ++ name = _DigestNameSHAKE256 ++ default: ++ return nil ++ } ++ ++ md, err := ossl.EVP_MD_fetch(nil, name.ptr(), nil) ++ if err != nil || md == nil { ++ return nil ++ } ++ ++ alg = new(shakeAlgorithm) ++ alg.md = md ++ alg.blockSize = int(ossl.EVP_MD_get_block_size(md)) ++ return alg ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/des.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/des.go +new file mode 100644 +index 00000000000000..6ae4a6372f8d08 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/des.go +@@ -0,0 +1,121 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++package openssl ++ ++import ( ++ "crypto/cipher" ++ "errors" ++ ++ "github.com/microsoft/go-crypto-openssl/osslsetup" ++) ++ ++// SupportsDESCipher returns true if NewDESCipher is supported, ++// which uses ECB mode. ++// If CBC is also supported, then the returned cipher.Block ++// will also implement NewCBCEncrypter and NewCBCDecrypter. ++func SupportsDESCipher() bool { ++ switch major() { ++ case 1: ++ // DES is not part of the OpenSSL 1.x FIPS module. ++ return !osslsetup.FIPS() && loadCipher(cipherDES, cipherModeECB) != nil ++ default: ++ // On OpenSSL 3+ availability is decided by the algorithm probe: ++ // EVP_CIPHER_fetch returns nil unless the legacy provider is loaded. ++ return loadCipher(cipherDES, cipherModeECB) != nil ++ } ++} ++ ++// SupportsTripleDESCipher returns true if NewTripleDESCipher is supported, ++// which uses ECB mode. ++// If CBC is also supported, then the returned cipher.Block ++// will also implement NewCBCEncrypter and NewCBCDecrypter. ++func SupportsTripleDESCipher() bool { ++ // Should always be true for stock OpenSSL, ++ // even when using the FIPS provider. ++ return loadCipher(cipherDES3, cipherModeECB) != nil ++} ++ ++func NewDESCipher(key []byte) (cipher.Block, error) { ++ if len(key) != 8 { ++ return nil, errors.New("crypto/des: invalid key size") ++ } ++ return newDESCipher(key, cipherDES) ++} ++ ++func NewTripleDESCipher(key []byte) (cipher.Block, error) { ++ if len(key) != 24 { ++ return nil, errors.New("crypto/des: invalid key size") ++ } ++ return newDESCipher(key, cipherDES3) ++} ++ ++func newDESCipher(key []byte, kind cipherKind) (cipher.Block, error) { ++ c, err := newEVPCipher(key, kind) ++ if err != nil { ++ return nil, err ++ } ++ if loadCipher(kind, cipherModeCBC) == nil { ++ return &desCipherWithoutCBC{c}, nil ++ } ++ return &desCipher{c}, nil ++} ++ ++type desExtraModes interface { ++ NewCBCEncrypter(iv []byte) cipher.BlockMode ++ NewCBCDecrypter(iv []byte) cipher.BlockMode ++} ++ ++var _ desExtraModes = (*desCipher)(nil) ++ ++type desCipher struct { ++ *evpCipher ++} ++ ++func (c *desCipher) BlockSize() int { ++ return c.blockSize ++} ++ ++func (c *desCipher) Encrypt(dst, src []byte) { ++ if err := c.encrypt(dst, src); err != nil { ++ // crypto/des expects that the panic message starts with "crypto/des: ". ++ panic("crypto/des: " + err.Error()) ++ } ++} ++ ++func (c *desCipher) Decrypt(dst, src []byte) { ++ if err := c.decrypt(dst, src); err != nil { ++ // crypto/des expects that the panic message starts with "crypto/des: ". ++ panic("crypto/des: " + err.Error()) ++ } ++} ++ ++func (c *desCipher) NewCBCEncrypter(iv []byte) cipher.BlockMode { ++ return c.newCBC(iv, cipherOpEncrypt) ++} ++ ++func (c *desCipher) NewCBCDecrypter(iv []byte) cipher.BlockMode { ++ return c.newCBC(iv, cipherOpDecrypt) ++} ++ ++type desCipherWithoutCBC struct { ++ *evpCipher ++} ++ ++func (c *desCipherWithoutCBC) BlockSize() int { ++ return c.blockSize ++} ++ ++func (c *desCipherWithoutCBC) Encrypt(dst, src []byte) { ++ if err := c.encrypt(dst, src); err != nil { ++ // crypto/des expects that the panic message starts with "crypto/des: ". ++ panic("crypto/des: " + err.Error()) ++ } ++} ++ ++func (c *desCipherWithoutCBC) Decrypt(dst, src []byte) { ++ if err := c.decrypt(dst, src); err != nil { ++ // crypto/des expects that the panic message starts with "crypto/des: ". ++ panic("crypto/des: " + err.Error()) ++ } ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/dsa.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/dsa.go +new file mode 100644 +index 00000000000000..82b7b1081468de +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/dsa.go +@@ -0,0 +1,306 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++package openssl ++ ++import ( ++ "runtime" ++ "unsafe" ++ ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) ++ ++// SupportsDSA returns true if the OpenSSL library supports DSA. ++func SupportsDSA() bool { ++ ctx, err := ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_DSA, nil) ++ if err != nil { ++ return false ++ } ++ ossl.EVP_PKEY_CTX_free(ctx) ++ return true ++} ++ ++// DSAParameters contains the DSA parameters. ++type DSAParameters struct { ++ P, Q, G BigInt ++} ++ ++// PrivateKeyDSA represents a DSA private key. ++type PrivateKeyDSA struct { ++ DSAParameters ++ X, Y BigInt ++ ++ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. ++ _pkey ossl.EVP_PKEY_PTR ++} ++ ++func (k *PrivateKeyDSA) finalize() { ++ ossl.EVP_PKEY_free(k._pkey) ++} ++ ++func (k *PrivateKeyDSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { ++ defer runtime.KeepAlive(k) ++ return f(k._pkey) ++} ++ ++// PublicKeyDSA represents a DSA public key. ++type PublicKeyDSA struct { ++ DSAParameters ++ Y BigInt ++ ++ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. ++ _pkey ossl.EVP_PKEY_PTR ++} ++ ++func (k *PublicKeyDSA) finalize() { ++ ossl.EVP_PKEY_free(k._pkey) ++} ++ ++func (k *PublicKeyDSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { ++ defer runtime.KeepAlive(k) ++ return f(k._pkey) ++} ++ ++// GenerateParametersDSA generates a set of DSA parameters. ++func GenerateParametersDSA(l, n int) (DSAParameters, error) { ++ // The DSA parameters are generated by creating a new DSA key and ++ // extracting the domain parameters from it. ++ ++ // Generate a new DSA key context and set the known parameters. ++ ctx, err := ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_DSA, nil) ++ if err != nil { ++ return DSAParameters{}, err ++ } ++ defer ossl.EVP_PKEY_CTX_free(ctx) ++ if _, err := ossl.EVP_PKEY_paramgen_init(ctx); err != nil { ++ return DSAParameters{}, err ++ } ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_DSA, -1, ossl.EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, int32(l), nil); err != nil { ++ return DSAParameters{}, err ++ } ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_DSA, -1, ossl.EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, int32(n), nil); err != nil { ++ return DSAParameters{}, err ++ } ++ var pkey ossl.EVP_PKEY_PTR ++ if _, err := ossl.EVP_PKEY_paramgen(ctx, &pkey); err != nil { ++ return DSAParameters{}, err ++ } ++ defer ossl.EVP_PKEY_free(pkey) ++ ++ // Extract the domain parameters from the generated key. ++ var p, q, g ossl.BIGNUM_PTR ++ switch major() { ++ case 1: ++ dsa := getDSA(pkey) ++ ossl.DSA_get0_pqg(dsa, &p, &q, &g) ++ case 3, 4: ++ defer func() { ++ ossl.BN_free(p) ++ ossl.BN_free(q) ++ ossl.BN_free(g) ++ }() ++ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_FFC_P.ptr(), &p); err != nil { ++ return DSAParameters{}, err ++ } ++ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_FFC_Q.ptr(), &q); err != nil { ++ return DSAParameters{}, err ++ } ++ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_FFC_G.ptr(), &g); err != nil { ++ return DSAParameters{}, err ++ } ++ default: ++ panic(errUnsupportedVersion()) ++ } ++ ++ return DSAParameters{ ++ P: bnToBig(p), ++ Q: bnToBig(q), ++ G: bnToBig(g), ++ }, nil ++} ++ ++// NewPrivateKeyDSA creates a new DSA private key from the given parameters. ++func NewPrivateKeyDSA(params DSAParameters, x, y BigInt) (*PrivateKeyDSA, error) { ++ if x == nil || y == nil { ++ panic("x and y must not be nil") ++ } ++ pkey, err := newDSA(params, x, y) ++ if err != nil { ++ return nil, err ++ } ++ k := &PrivateKeyDSA{params, x, y, pkey} ++ runtime.SetFinalizer(k, (*PrivateKeyDSA).finalize) ++ return k, nil ++} ++ ++// NewPublicKeyDSA creates a new DSA public key from the given parameters. ++func NewPublicKeyDSA(params DSAParameters, y BigInt) (*PublicKeyDSA, error) { ++ if y == nil { ++ panic("y must not be nil") ++ } ++ pkey, err := newDSA(params, nil, y) ++ if err != nil { ++ return nil, err ++ } ++ k := &PublicKeyDSA{params, y, pkey} ++ runtime.SetFinalizer(k, (*PublicKeyDSA).finalize) ++ return k, nil ++} ++ ++// GenerateKeyDSA generates a new private DSA key using the given parameters. ++func GenerateKeyDSA(params DSAParameters) (x, y BigInt, err error) { ++ pkey, err := newDSA(params, nil, nil) ++ if err != nil { ++ return nil, nil, err ++ } ++ defer ossl.EVP_PKEY_free(pkey) ++ var bx, by ossl.BIGNUM_PTR ++ switch major() { ++ case 1: ++ dsa := getDSA(pkey) ++ ossl.DSA_get0_key(dsa, &by, &bx) ++ case 3, 4: ++ defer func() { ++ ossl.BN_clear_free(bx) ++ ossl.BN_free(by) ++ }() ++ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PUB_KEY.ptr(), &by); err != nil { ++ return nil, nil, err ++ } ++ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PRIV_KEY.ptr(), &bx); err != nil { ++ return nil, nil, err ++ } ++ default: ++ panic(errUnsupportedVersion()) ++ } ++ return bnToBig(bx), bnToBig(by), nil ++} ++ ++// SignDSA signs a hash (which should be the result of hashing a larger message). ++func SignDSA(priv *PrivateKeyDSA, hash []byte) ([]byte, error) { ++ return evpSign(priv.withKey, 0, 0, 0, hash) ++} ++ ++// VerifyDSA verifiessig using the public key, pub. ++func VerifyDSA(pub *PublicKeyDSA, hash []byte, sig []byte) bool { ++ return evpVerify(pub.withKey, 0, 0, 0, sig, hash) == nil ++} ++ ++func newDSA(params DSAParameters, x, y BigInt) (ossl.EVP_PKEY_PTR, error) { ++ switch major() { ++ case 1: ++ return newDSA1(params, x, y) ++ case 3, 4: ++ return newDSA3(params, x, y) ++ default: ++ panic(errUnsupportedVersion()) ++ } ++} ++ ++func newDSA1(params DSAParameters, x, y BigInt) (pkey ossl.EVP_PKEY_PTR, err error) { ++ checkMajorVersion(1) ++ ++ dsa, err := ossl.DSA_new() ++ if err != nil { ++ return nil, err ++ } ++ defer func() { ++ if pkey == nil { ++ ossl.DSA_free(dsa) ++ } ++ }() ++ // No need to check for errors here, DSA_set0_* functions will fail ++ // if the BNs are NULL and we will free non-NULL BNs in the error handling. ++ p, _ := bigToBN(params.P) ++ q, _ := bigToBN(params.Q) ++ g, _ := bigToBN(params.G) ++ if _, err := ossl.DSA_set0_pqg(dsa, p, q, g); err != nil { ++ ossl.BN_free(p) ++ ossl.BN_free(q) ++ ossl.BN_free(g) ++ return nil, err ++ } ++ if y != nil { ++ pub, _ := bigToBN(y) ++ priv, _ := bigToBN(x) ++ if _, err := ossl.DSA_set0_key(dsa, pub, priv); err != nil { ++ ossl.BN_free(pub) ++ ossl.BN_clear_free(priv) ++ return nil, err ++ } ++ } else { ++ if _, err := ossl.DSA_generate_key(dsa); err != nil { ++ return nil, err ++ } ++ } ++ pkey, err = ossl.EVP_PKEY_new() ++ if err != nil { ++ return nil, err ++ } ++ if _, err := ossl.EVP_PKEY_assign(pkey, ossl.EVP_PKEY_DSA, unsafe.Pointer(dsa)); err != nil { ++ ossl.EVP_PKEY_free(pkey) ++ return nil, err ++ } ++ return pkey, nil ++} ++ ++func newDSA3(params DSAParameters, x, y BigInt) (ossl.EVP_PKEY_PTR, error) { ++ checkMajorVersion(3, 4) ++ ++ bld := newParamBuilder() ++ defer bld.finalize() ++ ++ bld.addBigInt(_OSSL_PKEY_PARAM_FFC_P, params.P, false) ++ bld.addBigInt(_OSSL_PKEY_PARAM_FFC_Q, params.Q, false) ++ bld.addBigInt(_OSSL_PKEY_PARAM_FFC_G, params.G, false) ++ selection := int32(ossl.EVP_PKEY_KEYPAIR) ++ if y != nil { ++ bld.addBigInt(_OSSL_PKEY_PARAM_PUB_KEY, y, false) ++ if x == nil { ++ selection = ossl.EVP_PKEY_PUBLIC_KEY ++ } ++ } ++ if x != nil { ++ bld.addBigInt(_OSSL_PKEY_PARAM_PRIV_KEY, x, true) ++ } ++ bldparams, err := bld.build() ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.OSSL_PARAM_free(bldparams) ++ pkey, err := newEvpFromParams(ossl.EVP_PKEY_DSA, selection, bldparams) ++ if err != nil { ++ return nil, err ++ } ++ if y != nil { ++ return pkey, nil ++ } ++ // pkey doesn't contain the public component, but the crypto/dsa package ++ // expects it to be always there. Generate a new key using pkey as domain ++ // parameters placeholder. ++ defer ossl.EVP_PKEY_free(pkey) ++ ctx, err := ossl.EVP_PKEY_CTX_new_from_pkey(nil, pkey, nil) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_PKEY_CTX_free(ctx) ++ if _, err := ossl.EVP_PKEY_keygen_init(ctx); err != nil { ++ return nil, err ++ } ++ var gkey ossl.EVP_PKEY_PTR ++ if _, err := ossl.EVP_PKEY_keygen(ctx, &gkey); err != nil { ++ return nil, err ++ } ++ return gkey, nil ++} ++ ++// getDSA returns the DSA from pkey. ++// If pkey does not contain an DSA it panics. ++// The returned key should not be freed. ++func getDSA(pkey ossl.EVP_PKEY_PTR) ossl.DSA_PTR { ++ key, err := ossl.EVP_PKEY_get0_DSA(pkey) ++ if err != nil { ++ panic(err) ++ } ++ return key ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ec.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ec.go +new file mode 100644 +index 00000000000000..d871a04b37942b +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ec.go +@@ -0,0 +1,132 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++package openssl ++ ++import ( ++ "errors" ++ "strconv" ++ "sync" ++ ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) ++ ++func SupportsCurve(curve string) bool { ++ switch curve { ++ case "P-224", "P-256", "P-384", "P-521": ++ return true ++ case "X25519": ++ return supportsX25519() ++ default: ++ return false ++ } ++} ++ ++var supportsX25519 = sync.OnceValue(func() bool { ++ ctx, _ := ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_X25519, nil) ++ if ctx != nil { ++ ossl.EVP_PKEY_CTX_free(ctx) ++ return true ++ } ++ return false ++}) ++ ++func curveID(curve string) int32 { ++ switch curve { ++ case "P-224": ++ return ossl.EVP_PKEY_EC ++ case "P-256": ++ return ossl.EVP_PKEY_EC ++ case "P-384": ++ return ossl.EVP_PKEY_EC ++ case "P-521": ++ return ossl.EVP_PKEY_EC ++ case "X25519": ++ return ossl.EVP_PKEY_X25519 ++ default: ++ panic("openssl: unknown curve " + curve) ++ } ++} ++ ++func curveNID(curve string) int32 { ++ switch curve { ++ case "P-224": ++ return ossl.NID_secp224r1 ++ case "P-256": ++ return ossl.NID_X9_62_prime256v1 ++ case "P-384": ++ return ossl.NID_secp384r1 ++ case "P-521": ++ return ossl.NID_secp521r1 ++ default: ++ panic("openssl: unknown curve " + curve) ++ } ++} ++ ++// curveSize returns the size of the curve in bytes. ++func curveSize(curve string) int { ++ switch curve { ++ case "P-224": ++ return 224 / 8 ++ case "P-256": ++ return 256 / 8 ++ case "P-384": ++ return 384 / 8 ++ case "P-521": ++ return (521 + 7) / 8 ++ default: ++ panic("openssl: unknown curve " + curve) ++ } ++} ++ ++// encodeEcPoint encodes pt. ++func encodeEcPoint(group ossl.EC_GROUP_PTR, pt ossl.EC_POINT_PTR) ([]byte, error) { ++ // Get encoded point size. ++ n, err := ossl.EC_POINT_point2oct(group, pt, ossl.POINT_CONVERSION_UNCOMPRESSED, nil, nil) ++ if err != nil { ++ return nil, err ++ } ++ // Encode point into bytes. ++ bytes := make([]byte, n) ++ if _, err = ossl.EC_POINT_point2oct(group, pt, ossl.POINT_CONVERSION_UNCOMPRESSED, bytes, nil); err != nil { ++ return nil, err ++ } ++ return bytes, nil ++} ++ ++// generateAndEncodeEcPublicKey calls newPubKeyPointFn to generate a public key point and then encodes it. ++func generateAndEncodeEcPublicKey(nid int32, newPubKeyPointFn func(group ossl.EC_GROUP_PTR) (ossl.EC_POINT_PTR, error)) ([]byte, error) { ++ group, err := ossl.EC_GROUP_new_by_curve_name(nid) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EC_GROUP_free(group) ++ pt, err := newPubKeyPointFn(group) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EC_POINT_free(pt) ++ return encodeEcPoint(group, pt) ++} ++ ++func extractPKEYRawPublic(pkey ossl.EVP_PKEY_PTR, pub []byte) error { ++ keylen := len(pub) ++ if _, err := ossl.EVP_PKEY_get_raw_public_key(pkey, pub, &keylen); err != nil { ++ return err ++ } ++ if keylen != len(pub) { ++ return errors.New("bad public key length: " + strconv.Itoa(keylen)) ++ } ++ return nil ++} ++ ++func extractPKEYRawPrivate(pkey ossl.EVP_PKEY_PTR, pub []byte) error { ++ keylen := len(pub) ++ if _, err := ossl.EVP_PKEY_get_raw_private_key(pkey, pub, &keylen); err != nil { ++ return err ++ } ++ if keylen != len(pub) { ++ return errors.New("bad private key length: " + strconv.Itoa(keylen)) ++ } ++ return nil ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdh.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdh.go +new file mode 100644 +index 00000000000000..7289538d753dc8 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdh.go +@@ -0,0 +1,341 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++package openssl ++ ++import ( ++ "errors" ++ "runtime" ++ "slices" ++ "unsafe" ++ ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) ++ ++const publicKeySizeX25519 = 32 ++const privateKeySizeX25519 = 32 ++ ++type PublicKeyECDH struct { ++ _pkey ossl.EVP_PKEY_PTR ++ bytes []byte ++} ++ ++func (k *PublicKeyECDH) finalize() { ++ ossl.EVP_PKEY_free(k._pkey) ++} ++ ++type PrivateKeyECDH struct { ++ _pkey ossl.EVP_PKEY_PTR ++ curve string ++} ++ ++func (k *PrivateKeyECDH) finalize() { ++ ossl.EVP_PKEY_free(k._pkey) ++} ++ ++func NewPublicKeyECDH(curve string, bytes []byte) (*PublicKeyECDH, error) { ++ expectedLen := publicKeySizeX25519 ++ if curve != "X25519" { ++ expectedLen = 1 + 2*curveSize(curve) ++ } ++ if len(bytes) != expectedLen { ++ return nil, errors.New("NewPublicKeyECDH: wrong key length") ++ } ++ ++ pkey, err := newECDHPkey(curve, bytes, false) ++ if err != nil { ++ return nil, err ++ } ++ k := &PublicKeyECDH{pkey, slices.Clone(bytes)} ++ runtime.SetFinalizer(k, (*PublicKeyECDH).finalize) ++ return k, nil ++} ++ ++func (k *PublicKeyECDH) Bytes() []byte { return k.bytes } ++ ++func NewPrivateKeyECDH(curve string, bytes []byte) (*PrivateKeyECDH, error) { ++ expectedLen := privateKeySizeX25519 ++ if curve != "X25519" { ++ expectedLen = curveSize(curve) ++ } ++ if len(bytes) != expectedLen { ++ return nil, errors.New("NewPrivateKeyECDH: wrong key length") ++ } ++ pkey, err := newECDHPkey(curve, bytes, true) ++ if err != nil { ++ return nil, err ++ } ++ k := &PrivateKeyECDH{pkey, curve} ++ runtime.SetFinalizer(k, (*PrivateKeyECDH).finalize) ++ return k, nil ++} ++ ++func (k *PrivateKeyECDH) PublicKey() (*PublicKeyECDH, error) { ++ defer runtime.KeepAlive(k) ++ var pkey ossl.EVP_PKEY_PTR ++ defer func() { ++ ossl.EVP_PKEY_free(pkey) ++ }() ++ ++ var bytes []byte ++ if k.curve == "X25519" { ++ pkey = k._pkey ++ if _, err := ossl.EVP_PKEY_up_ref(pkey); err != nil { ++ return nil, err ++ } ++ bytes = make([]byte, publicKeySizeX25519) ++ if err := extractPKEYRawPublic(pkey, bytes); err != nil { ++ return nil, err ++ } ++ } else { ++ switch major() { ++ case 1: ++ var err error ++ pkey, err = ossl.EVP_PKEY_new() ++ if err != nil { ++ return nil, err ++ } ++ key := getECKey(k._pkey) ++ if _, err := ossl.EVP_PKEY_set1_EC_KEY(pkey, key); err != nil { ++ return nil, err ++ } ++ pt := ossl.EC_KEY_get0_public_key(key) ++ if pt == nil { ++ return nil, fail("missing ECDH public key") ++ } ++ group := ossl.EC_KEY_get0_group(key) ++ if bytes, err = encodeEcPoint(group, pt); err != nil { ++ return nil, err ++ } ++ case 3, 4: ++ pkey = k._pkey ++ if _, err := ossl.EVP_PKEY_up_ref(pkey); err != nil { ++ return nil, err ++ } ++ var cbytes *byte ++ n, err := ossl.EVP_PKEY_get1_encoded_public_key(k._pkey, &cbytes) ++ if err != nil { ++ return nil, err ++ } ++ bytes = goBytes(unsafe.Pointer(cbytes), n) ++ cryptoFree(unsafe.Pointer(cbytes)) ++ default: ++ panic(errUnsupportedVersion()) ++ } ++ } ++ pub := &PublicKeyECDH{pkey, bytes} ++ pkey = nil ++ runtime.SetFinalizer(pub, (*PublicKeyECDH).finalize) ++ return pub, nil ++} ++ ++func newECDHPkey(curve string, bytes []byte, isPrivate bool) (ossl.EVP_PKEY_PTR, error) { ++ if curve == "X25519" { ++ if isPrivate { ++ return ossl.EVP_PKEY_new_raw_private_key(ossl.EVP_PKEY_X25519, nil, bytes) ++ } else { ++ return ossl.EVP_PKEY_new_raw_public_key(ossl.EVP_PKEY_X25519, nil, bytes) ++ } ++ } ++ nid := curveNID(curve) ++ switch major() { ++ case 1: ++ return newECDHPkey1(nid, bytes, isPrivate) ++ case 3, 4: ++ return newECDHPkey3(nid, bytes, isPrivate) ++ default: ++ panic(errUnsupportedVersion()) ++ } ++} ++ ++func newECDHPkey1(nid int32, bytes []byte, isPrivate bool) (pkey ossl.EVP_PKEY_PTR, err error) { ++ checkMajorVersion(1) ++ ++ key, err := ossl.EC_KEY_new_by_curve_name(nid) ++ if err != nil { ++ return nil, err ++ } ++ defer func() { ++ if pkey == nil { ++ ossl.EC_KEY_free(key) ++ } ++ }() ++ group := ossl.EC_KEY_get0_group(key) ++ if isPrivate { ++ priv, err := ossl.BN_bin2bn(bytes, nil) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.BN_clear_free(priv) ++ if _, err := ossl.EC_KEY_set_private_key(key, priv); err != nil { ++ return nil, err ++ } ++ pub, err := pointMult(group, priv) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EC_POINT_free(pub) ++ if _, err := ossl.EC_KEY_set_public_key(key, pub); err != nil { ++ return nil, err ++ } ++ } else { ++ pub, err := ossl.EC_POINT_new(group) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EC_POINT_free(pub) ++ if _, err := ossl.EC_POINT_oct2point(group, pub, bytes, nil); err != nil { ++ return nil, err ++ } ++ if _, err := ossl.EC_KEY_set_public_key(key, pub); err != nil { ++ return nil, err ++ } ++ } ++ if _, err := ossl.EC_KEY_check_key(key); err != nil { ++ // Match upstream error message. ++ if isPrivate { ++ return nil, errors.New("crypto/ecdh: invalid private key") ++ } else { ++ return nil, errors.New("crypto/ecdh: invalid public key") ++ } ++ } ++ return newEVPPKEY(key) ++} ++ ++func newECDHPkey3(nid int32, bytes []byte, isPrivate bool) (ossl.EVP_PKEY_PTR, error) { ++ checkMajorVersion(3, 4) ++ ++ bld := newParamBuilder() ++ defer bld.finalize() ++ bld.addUTF8String(_OSSL_PKEY_PARAM_GROUP_NAME, ossl.OBJ_nid2sn(nid), 0) ++ var selection int32 ++ if isPrivate { ++ priv, err := ossl.BN_bin2bn(bytes, nil) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.BN_clear_free(priv) ++ pubBytes, err := generateAndEncodeEcPublicKey(nid, func(group ossl.EC_GROUP_PTR) (ossl.EC_POINT_PTR, error) { ++ return pointMult(group, priv) ++ }) ++ if err != nil { ++ return nil, err ++ } ++ bld.addOctetString(_OSSL_PKEY_PARAM_PUB_KEY, pubBytes) ++ bld.addBN(_OSSL_PKEY_PARAM_PRIV_KEY, priv) ++ selection = ossl.EVP_PKEY_KEYPAIR ++ } else { ++ bld.addOctetString(_OSSL_PKEY_PARAM_PUB_KEY, bytes) ++ selection = ossl.EVP_PKEY_PUBLIC_KEY ++ } ++ ++ params, err := bld.build() ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.OSSL_PARAM_free(params) ++ pkey, err := newEvpFromParams(ossl.EVP_PKEY_EC, selection, params) ++ if err != nil { ++ return nil, err ++ } ++ ++ if err := checkPkey(pkey, isPrivate); err != nil { ++ ossl.EVP_PKEY_free(pkey) ++ return nil, errors.New("crypto/ecdh: " + err.Error()) ++ } ++ return pkey, nil ++} ++ ++func pointMult(group ossl.EC_GROUP_PTR, priv ossl.BIGNUM_PTR) (ossl.EC_POINT_PTR, error) { ++ // OpenSSL does not expose any method to generate the public ++ // key from the private key [1], so we have to calculate it here. ++ // [1] https://github.com/openssl/openssl/issues/18437#issuecomment-1144717206 ++ pt, err := ossl.EC_POINT_new(group) ++ if err != nil { ++ return nil, err ++ } ++ if _, err := ossl.EC_POINT_mul(group, pt, priv, nil, nil, nil); err != nil { ++ ossl.EC_POINT_free(pt) ++ return nil, err ++ } ++ return pt, nil ++} ++ ++func ECDH(priv *PrivateKeyECDH, pub *PublicKeyECDH) ([]byte, error) { ++ defer runtime.KeepAlive(priv) ++ defer runtime.KeepAlive(pub) ++ ctx, err := ossl.EVP_PKEY_CTX_new(priv._pkey, nil) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_PKEY_CTX_free(ctx) ++ if _, err := ossl.EVP_PKEY_derive_init(ctx); err != nil { ++ return nil, err ++ } ++ if _, err := ossl.EVP_PKEY_derive_set_peer(ctx, pub._pkey); err != nil { ++ return nil, err ++ } ++ var keylen int ++ if _, err := ossl.EVP_PKEY_derive(ctx, nil, &keylen); err != nil { ++ return nil, err ++ } ++ out := make([]byte, keylen) ++ if _, err := ossl.EVP_PKEY_derive(ctx, out, &keylen); err != nil { ++ return nil, err ++ } ++ return out, nil ++} ++ ++func GenerateKeyECDH(curve string) (*PrivateKeyECDH, []byte, error) { ++ pkey, err := generateEVPPKey(curveID(curve), 0, curve) ++ if err != nil { ++ return nil, nil, err ++ } ++ var k *PrivateKeyECDH ++ defer func() { ++ if k == nil { ++ ossl.EVP_PKEY_free(pkey) ++ } ++ }() ++ var bytes []byte ++ if curve == "X25519" { ++ bytes = make([]byte, privateKeySizeX25519) ++ keylen := len(bytes) ++ if _, err := ossl.EVP_PKEY_get_raw_private_key(pkey, bytes, &keylen); err != nil { ++ return nil, nil, err ++ } ++ } else { ++ var priv ossl.BIGNUM_PTR ++ switch major() { ++ case 1: ++ key := getECKey(pkey) ++ priv = ossl.EC_KEY_get0_private_key(key) ++ if priv == nil { ++ return nil, nil, fail("missing ECDH private key") ++ } ++ case 3, 4: ++ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PRIV_KEY.ptr(), &priv); err != nil { ++ return nil, nil, err ++ } ++ defer ossl.BN_clear_free(priv) ++ default: ++ panic(errUnsupportedVersion()) ++ } ++ // We should not leak bit length of the secret scalar in the key. ++ // For this reason, we use BN_bn2binpad instead of BN_bn2bin with fixed length. ++ // The fixed length is the order of the large prime subgroup of the curve, ++ // returned by EVP_PKEY_get_bits, which is generally the upper bound for ++ // generating a private ECDH key. ++ bits, err := ossl.EVP_PKEY_get_bits(pkey) ++ if err != nil { ++ return nil, nil, err ++ } ++ bytes = make([]byte, (bits+7)/8) ++ if err := bnToBinPad(priv, bytes); err != nil { ++ return nil, nil, err ++ } ++ } ++ k = &PrivateKeyECDH{pkey, curve} ++ runtime.SetFinalizer(k, (*PrivateKeyECDH).finalize) ++ return k, bytes, nil ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdsa.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdsa.go +new file mode 100644 +index 00000000000000..d96c368fe1ca76 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdsa.go +@@ -0,0 +1,220 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++package openssl ++ ++import ( ++ "crypto" ++ "runtime" ++ ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) ++ ++type PrivateKeyECDSA struct { ++ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. ++ _pkey ossl.EVP_PKEY_PTR ++} ++ ++func (k *PrivateKeyECDSA) finalize() { ++ ossl.EVP_PKEY_free(k._pkey) ++} ++ ++func (k *PrivateKeyECDSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { ++ defer runtime.KeepAlive(k) ++ return f(k._pkey) ++} ++ ++type PublicKeyECDSA struct { ++ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. ++ _pkey ossl.EVP_PKEY_PTR ++} ++ ++func (k *PublicKeyECDSA) finalize() { ++ ossl.EVP_PKEY_free(k._pkey) ++} ++ ++func (k *PublicKeyECDSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { ++ defer runtime.KeepAlive(k) ++ return f(k._pkey) ++} ++ ++func NewPublicKeyECDSA(curve string, x, y BigInt) (*PublicKeyECDSA, error) { ++ pkey, err := newECDSAKey(curve, x, y, nil) ++ if err != nil { ++ return nil, err ++ } ++ k := &PublicKeyECDSA{_pkey: pkey} ++ runtime.SetFinalizer(k, (*PublicKeyECDSA).finalize) ++ return k, nil ++} ++ ++func NewPrivateKeyECDSA(curve string, x, y, d BigInt) (*PrivateKeyECDSA, error) { ++ pkey, err := newECDSAKey(curve, x, y, d) ++ if err != nil { ++ return nil, err ++ } ++ k := &PrivateKeyECDSA{_pkey: pkey} ++ runtime.SetFinalizer(k, (*PrivateKeyECDSA).finalize) ++ return k, nil ++} ++ ++func GenerateKeyECDSA(curve string) (x, y, d BigInt, err error) { ++ // Generate the private key. ++ pkey, err := generateEVPPKey(ossl.EVP_PKEY_EC, 0, curve) ++ if err != nil { ++ return nil, nil, nil, err ++ } ++ defer ossl.EVP_PKEY_free(pkey) ++ ++ var bx, by, bd ossl.BIGNUM_PTR ++ defer func() { ++ ossl.BN_free(bx) ++ ossl.BN_free(by) ++ }() ++ switch major() { ++ case 1: ++ // Retrieve the internal EC_KEY, which holds the X, Y, and D coordinates. ++ key := getECKey(pkey) ++ group := ossl.EC_KEY_get0_group(key) ++ pt := ossl.EC_KEY_get0_public_key(key) ++ // Allocate two big numbers to store the X and Y coordinates. ++ bx, err = ossl.BN_new() ++ if err != nil { ++ return nil, nil, nil, err ++ } ++ by, err = ossl.BN_new() ++ if err != nil { ++ return nil, nil, nil, err ++ } ++ // Get X and Y. ++ if _, err := ossl.EC_POINT_get_affine_coordinates_GFp(group, pt, bx, by, nil); err != nil { ++ return nil, nil, nil, err ++ } ++ // Get Z. We don't need to free it, get0 does not increase the reference count. ++ bd = ossl.EC_KEY_get0_private_key(key) ++ case 3, 4: ++ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_EC_PUB_X.ptr(), &bx); err != nil { ++ return nil, nil, nil, err ++ } ++ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_EC_PUB_Y.ptr(), &by); err != nil { ++ return nil, nil, nil, err ++ } ++ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PRIV_KEY.ptr(), &bd); err != nil { ++ return nil, nil, nil, err ++ } ++ defer ossl.BN_clear_free(bd) ++ default: ++ panic(errUnsupportedVersion()) ++ } ++ ++ // Get D. ++ return bnToBig(bx), bnToBig(by), bnToBig(bd), nil ++} ++ ++func SignMarshalECDSA(priv *PrivateKeyECDSA, hash []byte) ([]byte, error) { ++ return evpSign(priv.withKey, 0, 0, 0, hash) ++} ++ ++func HashSignECDSA(priv *PrivateKeyECDSA, h crypto.Hash, msg []byte) ([]byte, error) { ++ return evpHashSign(priv.withKey, h, msg) ++} ++ ++func VerifyECDSA(pub *PublicKeyECDSA, hash []byte, sig []byte) bool { ++ return evpVerify(pub.withKey, 0, 0, 0, sig, hash) == nil ++} ++ ++func HashVerifyECDSA(pub *PublicKeyECDSA, h crypto.Hash, msg, sig []byte) bool { ++ return evpHashVerify(pub.withKey, h, msg, sig) == nil ++} ++ ++func newECDSAKey(curve string, x, y, d BigInt) (ossl.EVP_PKEY_PTR, error) { ++ nid := curveNID(curve) ++ bx, err := bigToBN(x) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.BN_free(bx) ++ by, err := bigToBN(y) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.BN_free(by) ++ var bd ossl.BIGNUM_PTR ++ if d != nil { ++ bd, err = bigToBN(d) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.BN_clear_free(bd) ++ } ++ switch major() { ++ case 1: ++ return newECDSAKey1(nid, bx, by, bd) ++ case 3, 4: ++ return newECDSAKey3(nid, bx, by, bd) ++ default: ++ panic(errUnsupportedVersion()) ++ } ++} ++ ++func newECDSAKey1(nid int32, bx, by, bd ossl.BIGNUM_PTR) (pkey ossl.EVP_PKEY_PTR, err error) { ++ checkMajorVersion(1) ++ ++ key, err := ossl.EC_KEY_new_by_curve_name(nid) ++ if err != nil { ++ return nil, err ++ } ++ defer func() { ++ if pkey == nil { ++ defer ossl.EC_KEY_free(key) ++ } ++ }() ++ if _, err := ossl.EC_KEY_set_public_key_affine_coordinates(key, bx, by); err != nil { ++ return nil, err ++ } ++ if bd != nil { ++ if _, err := ossl.EC_KEY_set_private_key(key, bd); err != nil { ++ return nil, err ++ } ++ } ++ ++ return newEVPPKEY(key) ++} ++ ++func newECDSAKey3(nid int32, bx, by, bd ossl.BIGNUM_PTR) (ossl.EVP_PKEY_PTR, error) { ++ checkMajorVersion(3, 4) ++ ++ // Create the encoded public key public key from bx and by. ++ pubBytes, err := generateAndEncodeEcPublicKey(nid, func(group ossl.EC_GROUP_PTR) (ossl.EC_POINT_PTR, error) { ++ pt, err := ossl.EC_POINT_new(group) ++ if err != nil { ++ return nil, err ++ } ++ if _, err := ossl.EC_POINT_set_affine_coordinates(group, pt, bx, by, nil); err != nil { ++ ossl.EC_POINT_free(pt) ++ return nil, err ++ } ++ return pt, nil ++ }) ++ if err != nil { ++ return nil, err ++ } ++ // Construct the parameters. ++ bld := newParamBuilder() ++ defer bld.finalize() ++ bld.addUTF8String(_OSSL_PKEY_PARAM_GROUP_NAME, ossl.OBJ_nid2sn(nid), 0) ++ bld.addOctetString(_OSSL_PKEY_PARAM_PUB_KEY, pubBytes) ++ var selection int32 ++ if bd != nil { ++ bld.addBN(_OSSL_PKEY_PARAM_PRIV_KEY, bd) ++ selection = ossl.EVP_PKEY_KEYPAIR ++ } else { ++ selection = ossl.EVP_PKEY_PUBLIC_KEY ++ } ++ params, err := bld.build() ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.OSSL_PARAM_free(params) ++ return newEvpFromParams(ossl.EVP_PKEY_EC, selection, params) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ed25519.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ed25519.go +new file mode 100644 +index 00000000000000..205b01cd36b206 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ed25519.go +@@ -0,0 +1,209 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++package openssl ++ ++import ( ++ "errors" ++ "runtime" ++ "strconv" ++ "sync" ++ ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) ++ ++const ( ++ // publicKeySizeEd25519 is the size, in bytes, of public keys as used in crypto/ed25519. ++ publicKeySizeEd25519 = 32 ++ // privateKeySizeEd25519 is the size, in bytes, of private keys as used in crypto/ed25519. ++ privateKeySizeEd25519 = 64 ++ // signatureSizeEd25519 is the size, in bytes, of signatures generated and verified by crypto/ed25519. ++ signatureSizeEd25519 = 64 ++ // seedSizeEd25519 is the size, in bytes, of private key seeds. These are the private key representations used by RFC 8032. ++ seedSizeEd25519 = 32 ++) ++ ++// TODO: Add support for Ed25519ph and Ed25519ctx when OpenSSL supports them, ++// which will probably be in 3.2.0 (https://github.com/openssl/openssl/issues/20418). ++ ++var supportsEd25519 = sync.OnceValue(func() bool { ++ switch major() { ++ case 1: ++ ctx, _ := ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_ED25519, nil) ++ if ctx != nil { ++ ossl.EVP_PKEY_CTX_free(ctx) ++ return true ++ } ++ case 3, 4: ++ sig, _ := ossl.EVP_SIGNATURE_fetch(nil, _KeyTypeED25519.ptr(), nil) ++ if sig != nil { ++ ossl.EVP_SIGNATURE_free(sig) ++ return true ++ } ++ } ++ return false ++}) ++ ++// SupportsEd25519 returns true if the current OpenSSL version supports ++// GenerateKeyEd25519, NewKeyFromSeedEd25519, SignEd25519 and VerifyEd25519. ++func SupportsEd25519() bool { ++ return supportsEd25519() ++} ++ ++type PublicKeyEd25519 struct { ++ _pkey ossl.EVP_PKEY_PTR ++} ++ ++func (k *PublicKeyEd25519) finalize() { ++ ossl.EVP_PKEY_free(k._pkey) ++} ++ ++func (k *PublicKeyEd25519) Bytes() ([]byte, error) { ++ defer runtime.KeepAlive(k) ++ pub := make([]byte, publicKeySizeEd25519) ++ if err := extractPKEYRawPublic(k._pkey, pub); err != nil { ++ return nil, err ++ } ++ return pub, nil ++} ++ ++type PrivateKeyEd25519 struct { ++ _pkey ossl.EVP_PKEY_PTR ++} ++ ++func (k *PrivateKeyEd25519) finalize() { ++ ossl.EVP_PKEY_free(k._pkey) ++} ++ ++func (k *PrivateKeyEd25519) Bytes() ([]byte, error) { ++ defer runtime.KeepAlive(k) ++ priv := make([]byte, privateKeySizeEd25519) ++ if err := extractPKEYPrivEd25519(k._pkey, priv); err != nil { ++ return nil, err ++ } ++ return priv, nil ++} ++ ++func (k *PrivateKeyEd25519) Public() (*PublicKeyEd25519, error) { ++ pub := make([]byte, publicKeySizeEd25519) ++ if err := extractPKEYRawPublic(k._pkey, pub); err != nil { ++ return nil, err ++ } ++ pubk, err := NewPublicKeyEd25519(pub) ++ if err != nil { ++ return nil, err ++ } ++ return pubk, nil ++} ++ ++// GenerateKeyEd25519 generates a private key. ++func GenerateKeyEd25519() (*PrivateKeyEd25519, error) { ++ pkeyPriv, err := generateEVPPKey(ossl.EVP_PKEY_ED25519, 0, "") ++ if err != nil { ++ return nil, err ++ } ++ priv := &PrivateKeyEd25519{_pkey: pkeyPriv} ++ runtime.SetFinalizer(priv, (*PrivateKeyEd25519).finalize) ++ return priv, nil ++} ++ ++// Deprecated: use NewPrivateKeyEd25519 instead. ++func NewPrivateKeyEd25119(priv []byte) (*PrivateKeyEd25519, error) { ++ return NewPrivateKeyEd25519(priv) ++} ++ ++func NewPrivateKeyEd25519(priv []byte) (*PrivateKeyEd25519, error) { ++ if len(priv) != privateKeySizeEd25519 { ++ panic("ed25519: bad private key length: " + strconv.Itoa(len(priv))) ++ } ++ return NewPrivateKeyEd25519FromSeed(priv[:seedSizeEd25519]) ++} ++ ++// Deprecated: use NewPublicKeyEd25519 instead. ++func NewPublicKeyEd25119(pub []byte) (*PublicKeyEd25519, error) { ++ return NewPublicKeyEd25519(pub) ++} ++ ++func NewPublicKeyEd25519(pub []byte) (*PublicKeyEd25519, error) { ++ if len(pub) != publicKeySizeEd25519 { ++ panic("ed25519: bad public key length: " + strconv.Itoa(len(pub))) ++ } ++ pkey, err := ossl.EVP_PKEY_new_raw_public_key(ossl.EVP_PKEY_ED25519, nil, pub) ++ if err != nil { ++ return nil, err ++ } ++ pubk := &PublicKeyEd25519{_pkey: pkey} ++ runtime.SetFinalizer(pubk, (*PublicKeyEd25519).finalize) ++ return pubk, nil ++} ++ ++// NewPrivateKeyEd25519FromSeed calculates a private key from a seed. It will panic if ++// len(seed) is not [SeedSize]. RFC 8032's private keys correspond to seeds in this ++// package. ++func NewPrivateKeyEd25519FromSeed(seed []byte) (*PrivateKeyEd25519, error) { ++ if len(seed) != seedSizeEd25519 { ++ panic("ed25519: bad seed length: " + strconv.Itoa(len(seed))) ++ } ++ pkey, err := ossl.EVP_PKEY_new_raw_private_key(ossl.EVP_PKEY_ED25519, nil, seed) ++ if err != nil { ++ return nil, err ++ } ++ priv := &PrivateKeyEd25519{_pkey: pkey} ++ runtime.SetFinalizer(priv, (*PrivateKeyEd25519).finalize) ++ return priv, nil ++} ++ ++func extractPKEYPrivEd25519(pkey ossl.EVP_PKEY_PTR, priv []byte) error { ++ if err := extractPKEYRawPublic(pkey, priv[seedSizeEd25519:]); err != nil { ++ return err ++ } ++ return extractPKEYRawPrivate(pkey, priv[:seedSizeEd25519]) ++} ++ ++// SignEd25519 signs the message with priv and returns a signature. ++func SignEd25519(priv *PrivateKeyEd25519, message []byte) (sig []byte, err error) { ++ // Outline the function body so that the returned key can be stack-allocated. ++ sig = make([]byte, signatureSizeEd25519) ++ err = signEd25519(priv, sig, message) ++ if err != nil { ++ return nil, err ++ } ++ return sig, err ++} ++ ++func signEd25519(priv *PrivateKeyEd25519, sig, message []byte) error { ++ defer runtime.KeepAlive(priv) ++ ctx, err := ossl.EVP_MD_CTX_new() ++ if err != nil { ++ return err ++ } ++ defer ossl.EVP_MD_CTX_free(ctx) ++ if _, err := ossl.EVP_DigestSignInit(ctx, nil, nil, nil, priv._pkey); err != nil { ++ return err ++ } ++ siglen := signatureSizeEd25519 ++ if _, err := ossl.EVP_DigestSign(ctx, sig, &siglen, message); err != nil { ++ return err ++ } ++ if siglen != signatureSizeEd25519 { ++ return errors.New("ed25519: bad signature length: " + strconv.Itoa(siglen)) ++ } ++ return nil ++} ++ ++// VerifyEd25519 reports whether sig is a valid signature of message by pub. ++func VerifyEd25519(pub *PublicKeyEd25519, message, sig []byte) error { ++ defer runtime.KeepAlive(pub) ++ ctx, err := ossl.EVP_MD_CTX_new() ++ if err != nil { ++ return err ++ } ++ defer ossl.EVP_MD_CTX_free(ctx) ++ if _, err := ossl.EVP_DigestVerifyInit(ctx, nil, nil, nil, pub._pkey); err != nil { ++ return err ++ } ++ if _, err := ossl.EVP_DigestVerify(ctx, sig, message); err != nil { ++ return errors.New("ed25519: invalid signature") ++ } ++ return nil ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/evp.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/evp.go +new file mode 100644 +index 00000000000000..65f4d2ddcbc6fb +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/evp.go +@@ -0,0 +1,615 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++package openssl ++ ++import ( ++ "crypto" ++ "errors" ++ "hash" ++ "strconv" ++ "sync" ++ "unsafe" ++ ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) ++ ++// cacheMD is a cache of crypto.Hash to GOossl.EVP_MD_PTR. ++var cacheMD sync.Map ++ ++// hashFuncHash calls fn() and returns its result. ++// If fn() panics, the panic is recovered and returned as an error. ++// This is used to avoid aborting the program when calling ++// an unsupported hash function. It is the caller's responsibility ++// to check the returned value. ++func hashFuncHash(fn func() hash.Hash) (h hash.Hash, err error) { ++ defer func() { ++ r := recover() ++ if r == nil { ++ return ++ } ++ h = nil ++ switch e := r.(type) { ++ case error: ++ err = e ++ case string: ++ err = errors.New(e) ++ default: ++ err = errors.New("unsupported panic") ++ } ++ }() ++ return fn(), nil ++} ++ ++// hashToMD converts a hash.Hash implementation from this package to a GOossl.EVP_MD_PTR. ++func hashToMD(h hash.Hash) ossl.EVP_MD_PTR { ++ if h, ok := h.(*Hash); ok { ++ return h.alg.md ++ } ++ return nil ++} ++ ++// hashToCryptoHash converts a hash.Hash implementation from this package to a crypto.Hash. ++func hashToCryptoHash(h hash.Hash) crypto.Hash { ++ if h, ok := h.(*Hash); ok { ++ return h.alg.ch ++ } ++ return 0 ++} ++ ++// hashFuncToMD converts a hash.Hash function to a GOossl.EVP_MD_PTR. ++// See [hashFuncHash] for details on error handling. ++func hashFuncToMD(fn func() hash.Hash) (ossl.EVP_MD_PTR, error) { ++ h, err := hashFuncHash(fn) ++ if err != nil { ++ return nil, err ++ } ++ md := hashToMD(h) ++ if md == nil { ++ return nil, errors.New("unsupported hash function") ++ } ++ return md, nil ++} ++ ++// provider is an identifier for a known provider. ++type provider uint8 ++ ++const ( ++ providerNone provider = iota ++ providerOSSLDefault ++ providerOSSLFIPS ++ providerSymCrypt ++) ++ ++type hashAlgorithm struct { ++ md ossl.EVP_MD_PTR ++ ch crypto.Hash ++ size int ++ blockSize int ++ provider provider ++ marshallable bool ++ magic string ++ marshalledSize int ++} ++ ++// loadHash converts a crypto.Hash to a EVP_MD. ++func loadHash(ch crypto.Hash, must bool) (h *hashAlgorithm) { ++ defer func() { ++ if h == nil && must { ++ panic("openssl: unsupported hash function: " + strconv.Itoa(int(ch))) ++ } ++ }() ++ if v, ok := cacheMD.Load(ch); ok { ++ return v.(*hashAlgorithm) ++ } ++ ++ var hash hashAlgorithm ++ switch ch { ++ case crypto.RIPEMD160: ++ hash.md = ossl.EVP_ripemd160() ++ case crypto.MD4: ++ hash.md = ossl.EVP_md4() ++ case crypto.MD5: ++ hash.md = ossl.EVP_md5() ++ hash.magic = magicMD5 ++ hash.marshalledSize = marshaledSizeMD5 ++ case crypto.MD5SHA1: ++ hash.md = ossl.EVP_md5_sha1() ++ case crypto.SHA1: ++ hash.md = ossl.EVP_sha1() ++ hash.magic = magic1 ++ hash.marshalledSize = marshaledSize1 ++ case crypto.SHA224: ++ hash.md = ossl.EVP_sha224() ++ hash.magic = magic224 ++ hash.marshalledSize = marshaledSize256 ++ case crypto.SHA256: ++ hash.md = ossl.EVP_sha256() ++ hash.magic = magic256 ++ hash.marshalledSize = marshaledSize256 ++ case crypto.SHA384: ++ hash.md = ossl.EVP_sha384() ++ hash.magic = magic384 ++ hash.marshalledSize = marshaledSize512 ++ case crypto.SHA512: ++ hash.md = ossl.EVP_sha512() ++ hash.magic = magic512 ++ hash.marshalledSize = marshaledSize512 ++ case crypto.SHA512_224: ++ hash.md = ossl.EVP_sha512_224() ++ hash.magic = magic512_224 ++ hash.marshalledSize = marshaledSize512 ++ case crypto.SHA512_256: ++ hash.md = ossl.EVP_sha512_256() ++ hash.magic = magic512_256 ++ hash.marshalledSize = marshaledSize512 ++ case crypto.SHA3_224: ++ hash.md = ossl.EVP_sha3_224() ++ case crypto.SHA3_256: ++ hash.md = ossl.EVP_sha3_256() ++ case crypto.SHA3_384: ++ hash.md = ossl.EVP_sha3_384() ++ case crypto.SHA3_512: ++ hash.md = ossl.EVP_sha3_512() ++ } ++ if hash.md == nil { ++ cacheMD.Store(ch, (*hashAlgorithm)(nil)) ++ return nil ++ } ++ hash.ch = ch ++ hash.size = int(ossl.EVP_MD_get_size(hash.md)) ++ hash.blockSize = int(ossl.EVP_MD_get_block_size(hash.md)) ++ switch major() { ++ case 3, 4: ++ // On OpenSSL 3, directly operating on a EVP_MD object ++ // not created by EVP_MD_fetch has negative performance ++ // implications, as digest operations will have ++ // to fetch it on every call. Better to just fetch it once here. ++ md, _ := ossl.EVP_MD_fetch(nil, ossl.EVP_MD_get0_name(hash.md), nil) ++ // Don't overwrite md in case it can't be fetched, as the md may still be used ++ // outside of EVP_MD_CTX, for example to sign and verify RSA signatures. ++ if md != nil { ++ hash.md = md ++ } ++ } ++ if hash.magic != "" { ++ if hash.marshalledSize == 0 { ++ panic("marshalledSize must be set for " + hash.magic) ++ } ++ } ++ ++ switch major() { ++ case 1: ++ hash.provider = providerOSSLDefault ++ case 3, 4: ++ if prov := ossl.EVP_MD_get0_provider(hash.md); prov != nil { ++ cname := ossl.OSSL_PROVIDER_get0_name(prov) ++ switch goString(cname) { ++ case "default": ++ hash.provider = providerOSSLDefault ++ hash.marshallable = hash.magic != "" ++ case "fips": ++ hash.provider = providerOSSLFIPS ++ hash.marshallable = hash.magic != "" ++ case "symcryptprovider": ++ hash.provider = providerSymCrypt ++ hash.marshallable = hash.magic != "" && isSymCryptHashStateSerializable(hash.md) ++ } ++ } ++ default: ++ panic(errUnsupportedVersion()) ++ } ++ ++ cacheMD.Store(ch, &hash) ++ return &hash ++} ++ ++// generateEVPPKey generates a new EVP_PKEY with the given id and properties. ++func generateEVPPKey(id, bits int32, curve string) (ossl.EVP_PKEY_PTR, error) { ++ if bits != 0 && curve != "" { ++ return nil, fail("incorrect generateEVPPKey parameters") ++ } ++ var pkey ossl.EVP_PKEY_PTR ++ switch major() { ++ case 1: ++ ctx, err := ossl.EVP_PKEY_CTX_new_id(id, nil) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_PKEY_CTX_free(ctx) ++ if _, err := ossl.EVP_PKEY_keygen_init(ctx); err != nil { ++ return nil, err ++ } ++ if bits != 0 { ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, id, -1, ossl.EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, nil); err != nil { ++ return nil, err ++ } ++ } ++ if id == ossl.EVP_PKEY_EC && curve != "" { ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, id, -1, ossl.EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, curveNID(curve), nil); err != nil { ++ return nil, err ++ } ++ } ++ if _, err := ossl.EVP_PKEY_keygen(ctx, &pkey); err != nil { ++ return nil, err ++ } ++ case 3, 4: ++ var err error ++ switch id { ++ case ossl.EVP_PKEY_RSA: ++ pkey, err = ossl.EVP_PKEY_Q_keygen_RSA(nil, nil, _KeyTypeRSA.ptr(), int(bits)) ++ case ossl.EVP_PKEY_EC: ++ pkey, err = ossl.EVP_PKEY_Q_keygen_EC(nil, nil, _KeyTypeEC.ptr(), ossl.OBJ_nid2sn(curveNID(curve))) ++ case ossl.EVP_PKEY_ED25519: ++ pkey, err = ossl.EVP_PKEY_Q_keygen_ED25519(nil, nil, _KeyTypeED25519.ptr()) ++ case ossl.EVP_PKEY_X25519: ++ pkey, err = ossl.EVP_PKEY_Q_keygen_X25519(nil, nil, _KeyTypeX25519.ptr()) ++ case ossl.EVP_PKEY_MLKEM_768: ++ pkey, err = ossl.EVP_PKEY_Q_keygen_MLKEM(nil, nil, _KeyTypeMLKEM768.ptr()) ++ case ossl.EVP_PKEY_MLKEM_1024: ++ pkey, err = ossl.EVP_PKEY_Q_keygen_MLKEM(nil, nil, _KeyTypeMLKEM1024.ptr()) ++ case ossl.EVP_PKEY_ML_DSA_44: ++ pkey, err = ossl.EVP_PKEY_Q_keygen_MLDSA(nil, nil, _KeyTypeMLDSA44.ptr()) ++ case ossl.EVP_PKEY_ML_DSA_65: ++ pkey, err = ossl.EVP_PKEY_Q_keygen_MLDSA(nil, nil, _KeyTypeMLDSA65.ptr()) ++ case ossl.EVP_PKEY_ML_DSA_87: ++ pkey, err = ossl.EVP_PKEY_Q_keygen_MLDSA(nil, nil, _KeyTypeMLDSA87.ptr()) ++ default: ++ panic("unsupported key type '" + strconv.Itoa(int(id)) + "'") ++ } ++ if err != nil { ++ return nil, err ++ } ++ default: ++ panic(errUnsupportedVersion()) ++ } ++ ++ return pkey, nil ++} ++ ++type withKeyFunc func(func(ossl.EVP_PKEY_PTR) error) error ++type initFunc func(ossl.EVP_PKEY_CTX_PTR) error ++type cryptFunc func(ossl.EVP_PKEY_CTX_PTR, []byte, *int, []byte) error ++type verifyFunc func(ossl.EVP_PKEY_CTX_PTR, []byte, []byte) error ++ ++func setupEVP(withKey withKeyFunc, padding int32, ++ h, mgfHash hash.Hash, label []byte, saltLen int32, ch crypto.Hash, ++ init initFunc) (_ ossl.EVP_PKEY_CTX_PTR, err error) { ++ var ctx ossl.EVP_PKEY_CTX_PTR ++ if err := withKey(func(pkey ossl.EVP_PKEY_PTR) error { ++ ctx, err = ossl.EVP_PKEY_CTX_new(pkey, nil) ++ return err ++ }); err != nil { ++ return nil, err ++ } ++ defer func() { ++ if err != nil { ++ if ctx != nil { ++ ossl.EVP_PKEY_CTX_free(ctx) ++ ctx = nil ++ } ++ } ++ }() ++ if err := init(ctx); err != nil { ++ return nil, err ++ } ++ if padding == 0 { ++ return ctx, nil ++ } ++ // Each padding type has its own requirements in terms of when to apply the padding, ++ // so it can't be just set at this point. ++ switch padding { ++ case ossl.RSA_PKCS1_OAEP_PADDING: ++ err = setOAEPPadding(ctx, h, mgfHash, label) ++ case ossl.RSA_PKCS1_PSS_PADDING: ++ err = setPSSPadding(ctx, saltLen, ch) ++ case ossl.RSA_PKCS1_PADDING: ++ err = setPKCS1Padding(ctx, ch) ++ default: ++ _, err = ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_PADDING, padding, nil) ++ } ++ if err != nil { ++ return nil, err ++ } ++ return ctx, nil ++} ++ ++func setPSSPadding(ctx ossl.EVP_PKEY_CTX_PTR, saltLen int32, ch crypto.Hash) error { ++ alg := loadHash(ch, false) ++ if alg == nil { ++ return errors.New("crypto/rsa: unsupported hash function") ++ } ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_MD, 0, unsafe.Pointer(alg.md)); err != nil { ++ return err ++ } ++ // setPadding must happen after setting EVP_PKEY_CTRL_MD. ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_PADDING, ossl.RSA_PKCS1_PSS_PADDING, nil); err != nil { ++ return err ++ } ++ if saltLen != 0 { ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_PSS_SALTLEN, saltLen, nil); err != nil { ++ return err ++ } ++ } ++ return nil ++} ++ ++func setPKCS1Padding(ctx ossl.EVP_PKEY_CTX_PTR, ch crypto.Hash) error { ++ if ch == 0 { ++ // We support unhashed messages. ++ return nil ++ } ++ alg := loadHash(ch, false) ++ if alg == nil { ++ return errors.New("crypto/rsa: unsupported hash function") ++ } ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, -1, ossl.EVP_PKEY_CTRL_MD, 0, unsafe.Pointer(alg.md)); err != nil { ++ return err ++ } ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_PADDING, ossl.RSA_PKCS1_PADDING, nil); err != nil { ++ return err ++ } ++ return nil ++} ++ ++func setOAEPPadding(ctx ossl.EVP_PKEY_CTX_PTR, h, mgfHash hash.Hash, label []byte) error { ++ md := hashToMD(h) ++ if md == nil { ++ return errors.New("crypto/rsa: unsupported hash function") ++ } ++ var mgfMD ossl.EVP_MD_PTR ++ if mgfHash != nil { ++ // mgfHash is optional, but if it is set it must match a supported hash function. ++ mgfMD = hashToMD(mgfHash) ++ if mgfMD == nil { ++ return errors.New("crypto/rsa: unsupported hash function") ++ } ++ } ++ // setPadding must happen before setting EVP_PKEY_CTRL_RSA_OAEP_MD. ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_PADDING, ossl.RSA_PKCS1_OAEP_PADDING, nil); err != nil { ++ return err ++ } ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_OAEP_MD, 0, unsafe.Pointer(md)); err != nil { ++ return err ++ } ++ if mgfHash != nil { ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_MGF1_MD, 0, unsafe.Pointer(mgfMD)); err != nil { ++ return err ++ } ++ } ++ // ctx takes ownership of label, so malloc a copy for OpenSSL to free. ++ // OpenSSL does not take ownership of the label if the length is zero, ++ // so better avoid the allocation. ++ var clabel *byte ++ if len(label) > 0 { ++ clabel = (*byte)(cryptoMalloc(len(label))) ++ copy((*[1 << 30]byte)(unsafe.Pointer(clabel))[:len(label)], label) ++ var err error ++ switch major() { ++ case 3, 4: ++ _, err = ossl.EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, unsafe.Slice(clabel, len(label))) ++ default: ++ _, err = ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_OAEP_LABEL, int32(len(label)), unsafe.Pointer(clabel)) ++ } ++ if err != nil { ++ cryptoFree(unsafe.Pointer(clabel)) ++ return err ++ } ++ } ++ return nil ++} ++ ++func cryptEVP(withKey withKeyFunc, padding int32, ++ h, mgfHash hash.Hash, label []byte, saltLen int32, ch crypto.Hash, ++ init initFunc, crypt cryptFunc, in []byte) ([]byte, error) { ++ ++ ctx, err := setupEVP(withKey, padding, h, mgfHash, label, saltLen, ch, init) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_PKEY_CTX_free(ctx) ++ var pkeySize int32 ++ if err := withKey(func(pkey ossl.EVP_PKEY_PTR) (err error) { ++ pkeySize, err = ossl.EVP_PKEY_get_size(pkey) ++ return err ++ }); err != nil { ++ return nil, err ++ } ++ outLen := int(pkeySize) ++ out := make([]byte, pkeySize) ++ if err := crypt(ctx, out, &outLen, in); err != nil { ++ return nil, err ++ } ++ // The size returned by EVP_PKEY_get_size() is only preliminary and not exact, ++ // so the final contents of the out buffer may be smaller. ++ return out[:outLen], nil ++} ++ ++func verifyEVP(withKey withKeyFunc, padding int32, ++ h hash.Hash, label []byte, saltLen int32, ch crypto.Hash, ++ init initFunc, verify verifyFunc, ++ sig, in []byte) error { ++ ++ ctx, err := setupEVP(withKey, padding, h, nil, label, saltLen, ch, init) ++ if err != nil { ++ return err ++ } ++ defer ossl.EVP_PKEY_CTX_free(ctx) ++ return verify(ctx, sig, in) ++} ++ ++func evpEncrypt(withKey withKeyFunc, padding int32, h, mgfHash hash.Hash, label, msg []byte) ([]byte, error) { ++ encryptInit := func(ctx ossl.EVP_PKEY_CTX_PTR) error { ++ _, err := ossl.EVP_PKEY_encrypt_init(ctx) ++ return err ++ } ++ encrypt := func(ctx ossl.EVP_PKEY_CTX_PTR, out []byte, outLen *int, in []byte) error { ++ if _, err := ossl.EVP_PKEY_encrypt(ctx, out, outLen, in); err != nil { ++ return err ++ } ++ return nil ++ } ++ return cryptEVP(withKey, padding, h, mgfHash, label, 0, 0, encryptInit, encrypt, msg) ++} ++ ++func evpDecrypt(withKey withKeyFunc, padding int32, h, mgfHash hash.Hash, label, msg []byte) ([]byte, error) { ++ decryptInit := func(ctx ossl.EVP_PKEY_CTX_PTR) error { ++ _, err := ossl.EVP_PKEY_decrypt_init(ctx) ++ return err ++ } ++ decrypt := func(ctx ossl.EVP_PKEY_CTX_PTR, out []byte, outLen *int, in []byte) error { ++ _, err := ossl.EVP_PKEY_decrypt(ctx, out, outLen, in) ++ return err ++ } ++ return cryptEVP(withKey, padding, h, mgfHash, label, 0, 0, decryptInit, decrypt, msg) ++} ++ ++func evpSign(withKey withKeyFunc, padding int32, saltLen int32, h crypto.Hash, hashed []byte) ([]byte, error) { ++ signtInit := func(ctx ossl.EVP_PKEY_CTX_PTR) error { ++ _, err := ossl.EVP_PKEY_sign_init(ctx) ++ return err ++ } ++ sign := func(ctx ossl.EVP_PKEY_CTX_PTR, out []byte, outLen *int, in []byte) error { ++ _, err := ossl.EVP_PKEY_sign(ctx, out, outLen, in) ++ return err ++ } ++ return cryptEVP(withKey, padding, nil, nil, nil, saltLen, h, signtInit, sign, hashed) ++} ++ ++func evpVerify(withKey withKeyFunc, padding int32, saltLen int32, h crypto.Hash, sig, hashed []byte) error { ++ verifyInit := func(ctx ossl.EVP_PKEY_CTX_PTR) error { ++ _, err := ossl.EVP_PKEY_verify_init(ctx) ++ return err ++ } ++ verify := func(ctx ossl.EVP_PKEY_CTX_PTR, sig []byte, in []byte) error { ++ _, err := ossl.EVP_PKEY_verify(ctx, sig, in) ++ return err ++ } ++ return verifyEVP(withKey, padding, nil, nil, saltLen, h, verifyInit, verify, sig, hashed) ++} ++ ++func evpHashSign(withKey withKeyFunc, h crypto.Hash, msg []byte) ([]byte, error) { ++ alg := loadHash(h, false) ++ if alg == nil { ++ return nil, errors.New("unsupported hash function: " + strconv.Itoa(int(h))) ++ } ++ var out []byte ++ var outLen int ++ ctx, err := ossl.EVP_MD_CTX_new() ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_MD_CTX_free(ctx) ++ if err := withKey(func(key ossl.EVP_PKEY_PTR) error { ++ _, err := ossl.EVP_DigestSignInit(ctx, nil, alg.md, nil, key) ++ return err ++ }); err != nil { ++ return nil, err ++ } ++ if len(msg) > 0 { ++ if _, err := ossl.EVP_DigestUpdate(ctx, msg); err != nil { ++ return nil, err ++ } ++ } ++ // Obtain the signature length ++ if _, err := ossl.EVP_DigestSignFinal(ctx, nil, &outLen); err != nil { ++ return nil, err ++ } ++ out = make([]byte, outLen) ++ // Obtain the signature ++ if _, err := ossl.EVP_DigestSignFinal(ctx, out, &outLen); err != nil { ++ return nil, err ++ } ++ return out[:outLen], nil ++} ++ ++func evpHashVerify(withKey withKeyFunc, h crypto.Hash, msg, sig []byte) error { ++ alg := loadHash(h, false) ++ if alg == nil { ++ return errors.New("unsupported hash function: " + strconv.Itoa(int(h))) ++ } ++ ctx, err := ossl.EVP_MD_CTX_new() ++ if err != nil { ++ return err ++ } ++ defer ossl.EVP_MD_CTX_free(ctx) ++ if err := withKey(func(key ossl.EVP_PKEY_PTR) error { ++ _, err := ossl.EVP_DigestVerifyInit(ctx, nil, alg.md, nil, key) ++ return err ++ }); err != nil { ++ return err ++ } ++ if len(msg) > 0 { ++ if _, err := ossl.EVP_DigestUpdate(ctx, msg); err != nil { ++ return err ++ } ++ } ++ if _, err := ossl.EVP_DigestVerifyFinal(ctx, sig); err != nil { ++ return err ++ } ++ return nil ++} ++ ++func newEVPPKEY(key ossl.EC_KEY_PTR) (ossl.EVP_PKEY_PTR, error) { ++ pkey, err := ossl.EVP_PKEY_new() ++ if err != nil { ++ return nil, err ++ } ++ if _, err := ossl.EVP_PKEY_assign(pkey, ossl.EVP_PKEY_EC, unsafe.Pointer(key)); err != nil { ++ ossl.EVP_PKEY_free(pkey) ++ return nil, err ++ } ++ return pkey, nil ++} ++ ++// getECKey returns the EC_KEY from pkey. ++// If pkey does not contain an EC_KEY it panics. ++// The returned key should not be freed. ++func getECKey(pkey ossl.EVP_PKEY_PTR) ossl.EC_KEY_PTR { ++ key, err := ossl.EVP_PKEY_get0_EC_KEY(pkey) ++ if err != nil { ++ panic(err) ++ } ++ return key ++} ++ ++func newEvpFromParams(id int32, selection int32, params ossl.OSSL_PARAM_PTR) (ossl.EVP_PKEY_PTR, error) { ++ ctx, err := ossl.EVP_PKEY_CTX_new_id(id, nil) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_PKEY_CTX_free(ctx) ++ if _, err := ossl.EVP_PKEY_fromdata_init(ctx); err != nil { ++ return nil, err ++ } ++ var pkey ossl.EVP_PKEY_PTR ++ if _, err := ossl.EVP_PKEY_fromdata(ctx, &pkey, selection, params); err != nil { ++ //versionguardcheck:ignore OpenSSL 3.0.0–3.0.2 leak EVP_PKEY on error: https://github.com/openssl/openssl/issues/17407. ++ if major() == 3 && minor() == 0 && patch() <= 2 { ++ ossl.EVP_PKEY_free(pkey) ++ } ++ return nil, err ++ } ++ return pkey, nil ++} ++ ++func checkPkey(pkey ossl.EVP_PKEY_PTR, isPrivate bool) error { ++ ctx, err := ossl.EVP_PKEY_CTX_new(pkey, nil) ++ if err != nil { ++ return err ++ } ++ defer ossl.EVP_PKEY_CTX_free(ctx) ++ if isPrivate { ++ if _, err := ossl.EVP_PKEY_private_check(ctx); err != nil { ++ // Match upstream error message. ++ return errors.New("invalid private key") ++ } ++ } else { ++ // Upstream Go does a partial check here, so do we. ++ if _, err := ossl.EVP_PKEY_public_check_quick(ctx); err != nil { ++ // Match upstream error message. ++ return errors.New("invalid public key") ++ } ++ } ++ return nil ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hash.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hash.go +new file mode 100644 +index 00000000000000..020323eb7be25e +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hash.go +@@ -0,0 +1,521 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++package openssl ++ ++import ( ++ "crypto" ++ "errors" ++ "hash" ++ "runtime" ++ "strconv" ++ "sync" ++ "unsafe" ++ ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) ++ ++const ( ++ magicMD5 = "md5\x01" ++ magic1 = "sha\x01" ++ magic224 = "sha\x02" ++ magic256 = "sha\x03" ++ magic384 = "sha\x04" ++ magic512_224 = "sha\x05" ++ magic512_256 = "sha\x06" ++ magic512 = "sha\x07" ++ ++ marshaledSizeMD5 = len(magicMD5) + 4*4 + 64 + 8 // from crypto/md5 ++ marshaledSize1 = len(magic1) + 5*4 + 64 + 8 // from crypto/sha1 ++ marshaledSize256 = len(magic256) + 8*4 + 64 + 8 // from crypto/sha256 ++ marshaledSize512 = len(magic512) + 8*8 + 128 + 8 // from crypto/sha512 ++) ++ ++// maxHashSize is the size of SHA52 and SHA3_512, the largest hashes we support. ++const maxHashSize = 64 ++ ++type HashCloner = hash.Cloner ++ ++func hashOneShot(ch crypto.Hash, p []byte, sum []byte) bool { ++ _, err := ossl.EVP_Digest(p, sum, nil, loadHash(ch, true).md, nil) ++ return err == nil ++} ++ ++func MD4(p []byte) (sum [16]byte) { ++ if !hashOneShot(crypto.MD4, p, sum[:]) { ++ panic("openssl: MD4 failed") ++ } ++ return ++} ++ ++func MD5(p []byte) (sum [16]byte) { ++ if !hashOneShot(crypto.MD5, p, sum[:]) { ++ panic("openssl: MD5 failed") ++ } ++ return ++} ++ ++func SHA1(p []byte) (sum [20]byte) { ++ if !hashOneShot(crypto.SHA1, p, sum[:]) { ++ panic("openssl: SHA1 failed") ++ } ++ return ++} ++ ++func SHA224(p []byte) (sum [28]byte) { ++ if !hashOneShot(crypto.SHA224, p, sum[:]) { ++ panic("openssl: SHA224 failed") ++ } ++ return ++} ++ ++func SHA256(p []byte) (sum [32]byte) { ++ if !hashOneShot(crypto.SHA256, p, sum[:]) { ++ panic("openssl: SHA256 failed") ++ } ++ return ++} ++ ++func SHA384(p []byte) (sum [48]byte) { ++ if !hashOneShot(crypto.SHA384, p, sum[:]) { ++ panic("openssl: SHA384 failed") ++ } ++ return ++} ++ ++func SHA512(p []byte) (sum [64]byte) { ++ if !hashOneShot(crypto.SHA512, p, sum[:]) { ++ panic("openssl: SHA512 failed") ++ } ++ return ++} ++ ++func SHA512_224(p []byte) (sum [28]byte) { ++ if !hashOneShot(crypto.SHA512_224, p, sum[:]) { ++ panic("openssl: SHA512 failed") ++ } ++ return ++} ++ ++func SHA512_256(p []byte) (sum [32]byte) { ++ if !hashOneShot(crypto.SHA512_256, p, sum[:]) { ++ panic("openssl: SHA512_256 failed") ++ } ++ return ++} ++ ++// cacheHashSupported is a cache of crypto.Hash support. ++var cacheHashSupported sync.Map ++ ++// SupportsHash reports whether the current OpenSSL version supports the given hash. ++func SupportsHash(h crypto.Hash) bool { ++ if v, ok := cacheHashSupported.Load(h); ok { ++ return v.(bool) ++ } ++ alg := loadHash(h, false) ++ if alg == nil { ++ cacheHashSupported.Store(h, false) ++ return false ++ } ++ // EVP_MD objects can be non-nil even when they can't be used ++ // in a EVP_MD_CTX, e.g. MD5 in FIPS mode. We need to prove ++ // if they can be used by passing them to a EVP_MD_CTX. ++ var supported bool ++ if ctx, _ := ossl.EVP_MD_CTX_new(); ctx != nil { ++ _, err := ossl.EVP_DigestInit_ex(ctx, alg.md, nil) ++ supported = err == nil ++ ossl.EVP_MD_CTX_free(ctx) ++ } ++ cacheHashSupported.Store(h, supported) ++ return supported ++} ++ ++func SumSHA3_224(p []byte) (sum [28]byte) { ++ if !hashOneShot(crypto.SHA3_224, p, sum[:]) { ++ panic("openssl: SHA3_224 failed") ++ } ++ return ++} ++ ++func SumSHA3_256(p []byte) (sum [32]byte) { ++ if !hashOneShot(crypto.SHA3_256, p, sum[:]) { ++ panic("openssl: SHA3_256 failed") ++ } ++ return ++} ++ ++func SumSHA3_384(p []byte) (sum [48]byte) { ++ if !hashOneShot(crypto.SHA3_384, p, sum[:]) { ++ panic("openssl: SHA3_384 failed") ++ } ++ return ++} ++ ++func SumSHA3_512(p []byte) (sum [64]byte) { ++ if !hashOneShot(crypto.SHA3_512, p, sum[:]) { ++ panic("openssl: SHA3_512 failed") ++ } ++ return ++} ++ ++// NewMD4 returns a new MD4 hash. ++// The returned hash doesn't implement encoding.BinaryMarshaler and ++// encoding.BinaryUnmarshaler. ++func NewMD4() hash.Hash { ++ return newHash(crypto.MD4) ++} ++ ++// NewMD5 returns a new MD5 hash. ++func NewMD5() hash.Hash { ++ return newHash(crypto.MD5) ++} ++ ++// NewSHA1 returns a new SHA1 hash. ++func NewSHA1() hash.Hash { ++ return newHash(crypto.SHA1) ++} ++ ++// NewSHA224 returns a new SHA224 hash. ++func NewSHA224() hash.Hash { ++ return newHash(crypto.SHA224) ++} ++ ++// NewSHA256 returns a new SHA256 hash. ++func NewSHA256() hash.Hash { ++ return newHash(crypto.SHA256) ++} ++ ++// NewSHA384 returns a new SHA384 hash. ++func NewSHA384() hash.Hash { ++ return newHash(crypto.SHA384) ++} ++ ++// NewSHA512 returns a new SHA512 hash. ++func NewSHA512() hash.Hash { ++ return newHash(crypto.SHA512) ++} ++ ++// NewSHA512_224 returns a new SHA512_224 hash. ++func NewSHA512_224() hash.Hash { ++ return newHash(crypto.SHA512_224) ++} ++ ++// NewSHA512_256 returns a new SHA512_256 hash. ++func NewSHA512_256() hash.Hash { ++ return newHash(crypto.SHA512_256) ++} ++ ++// NewSHA3_224 returns a new SHA3-224 hash. ++func NewSHA3_224() *Hash { ++ return newHash(crypto.SHA3_224) ++} ++ ++// NewSHA3_256 creates a new SHA3-256 hash. ++func NewSHA3_256() *Hash { ++ return newHash(crypto.SHA3_256) ++} ++ ++// NewSHA3_384 creates a new SHA3-384 hash. ++func NewSHA3_384() *Hash { ++ return newHash(crypto.SHA3_384) ++} ++ ++// NewSHA3_512 creates a new SHA3-512 hash. ++func NewSHA3_512() *Hash { ++ return newHash(crypto.SHA3_512) ++} ++ ++var _ hash.Hash = (*Hash)(nil) ++var _ HashCloner = (*Hash)(nil) ++ ++// FIPSApprovedHash reports whether this hash algorithm is FIPS 140-3 approved. ++func FIPSApprovedHash(h hash.Hash) bool { ++ xh, ok := h.(*Hash) ++ if !ok { ++ return false ++ } ++ switch xh.alg.ch { ++ case crypto.SHA224, crypto.SHA256, crypto.SHA384, crypto.SHA512, ++ crypto.SHA512_224, crypto.SHA512_256, ++ crypto.SHA3_224, crypto.SHA3_256, crypto.SHA3_384, crypto.SHA3_512: ++ return true ++ default: ++ return false ++ } ++} ++ ++// hashBufSize is the size of the buffer used for hashing. ++// 256 bytes is a reasonable compromise for general purpose use, ++// and the resulting evpHash size is still similar to the ++// upstream sha512 hash object. ++const hashBufSize = 256 ++ ++// Hash implements generic hash methods. ++type Hash struct { ++ alg *hashAlgorithm ++ ctx ossl.EVP_MD_CTX_PTR ++ // ctx2 is used in Hash.Sum to avoid changing ++ // the state of ctx. Having it here allows reusing the ++ // same allocated object multiple times. ++ ctx2 ossl.EVP_MD_CTX_PTR ++ ++ // buf is a buffer for data not yet written to ctx. ++ // It is used to reduce calls into OpenSSL for small writes. ++ // The buffer size is a trade-off between memory usage and ++ // number of calls into OpenSSL. ++ buf [hashBufSize]byte ++ nbuf int ++} ++ ++func newHash(ch crypto.Hash) *Hash { ++ // Don't call init() yet, it would be wasteful ++ // if the caller only wants to know the hash type. This ++ // is a common pattern in this package, as some functions ++ // accept a `func() hash.Hash` parameter and call it just ++ // to know the hash type. ++ return &Hash{alg: loadHash(ch, true)} ++} ++ ++func (h *Hash) finalize() { ++ if h.ctx != nil { ++ ossl.EVP_MD_CTX_free(h.ctx) ++ } ++ if h.ctx2 != nil { ++ ossl.EVP_MD_CTX_free(h.ctx2) ++ } ++} ++ ++func (h *Hash) init() { ++ if h.ctx != nil { ++ return ++ } ++ var err error ++ h.ctx, err = ossl.EVP_MD_CTX_new() ++ if err != nil { ++ panic(err) ++ } ++ if _, err := ossl.EVP_DigestInit_ex(h.ctx, h.alg.md, nil); err != nil { ++ ossl.EVP_MD_CTX_free(h.ctx) ++ panic(err) ++ } ++ h.ctx2, err = ossl.EVP_MD_CTX_new() ++ if err != nil { ++ ossl.EVP_MD_CTX_free(h.ctx) ++ panic(err) ++ } ++ runtime.SetFinalizer(h, (*Hash).finalize) ++} ++ ++func (h *Hash) write(p []byte) int { ++ if len(p) == 0 { ++ return 0 ++ } ++ if h.nbuf > 0 && h.nbuf+len(p) > len(h.buf) { ++ // We have buffered data and adding p would exceed the buffer, ++ // flush the buffer first. ++ h.flush() ++ } ++ if len(p) > len(h.buf) { ++ // p is larger than the buffer, write it directly. ++ h.init() ++ if _, err := ossl.EVP_DigestUpdate(h.ctx, p); err != nil { ++ panic(err) ++ } ++ } else { ++ // Otherwise, buffer it. ++ h.nbuf += copy(h.buf[h.nbuf:], p) ++ } ++ runtime.KeepAlive(h) ++ return len(p) ++} ++ ++func (h *Hash) flush() { ++ h.init() ++ if h.nbuf > 0 { ++ if _, err := ossl.EVP_DigestUpdate(h.ctx, h.buf[:h.nbuf]); err != nil { ++ panic(err) ++ } ++ h.nbuf = 0 ++ } ++} ++ ++func (h *Hash) Reset() { ++ h.nbuf = 0 ++ if h.ctx == nil { ++ // The hash is not initialized yet, no need to reset ctx. ++ return ++ } ++ // There is no need to reset h.ctx2 because it is always reset in evpHash.Sum. ++ if _, err := ossl.EVP_DigestInit_ex(h.ctx, nil, nil); err != nil { ++ panic(err) ++ } ++ runtime.KeepAlive(h) ++} ++ ++func (h *Hash) Write(p []byte) (int, error) { ++ return h.write(p), nil ++} ++ ++func (h *Hash) WriteString(s string) (int, error) { ++ return h.write(unsafe.Slice(unsafe.StringData(s), len(s))), nil ++} ++ ++func (h *Hash) WriteByte(c byte) error { ++ h.write(unsafe.Slice(&c, 1)) ++ return nil ++} ++ ++func (h *Hash) Size() int { ++ return h.alg.size ++} ++ ++func (h *Hash) BlockSize() int { ++ return h.alg.blockSize ++} ++ ++func (h *Hash) Sum(in []byte) []byte { ++ out := append(in, make([]byte, h.Size(), maxHashSize)...) ++ if h.ctx == nil { ++ // Fast path: if ctx hasn't been initialized, all data is in the buffer ++ // and we can use the one-shot EVP_Digest function. ++ if _, err := ossl.EVP_Digest(h.buf[:h.nbuf], out[len(in):], nil, h.alg.md, nil); err != nil { ++ panic(err) ++ } ++ return out ++ } ++ // Slow path: copy h.ctx into h.ctx2 and call EVP_DigestFinal_ex using h.ctx2. ++ // This is necessary because Go hash.Hash mandates that Sum has no effect ++ // on the underlying stream. In particular it is OK to Sum, then Write more, ++ // then Sum again, and the second Sum acts as if the first didn't happen. ++ if _, err := ossl.EVP_MD_CTX_copy_ex(h.ctx2, h.ctx); err != nil { ++ panic(err) ++ } ++ if h.nbuf > 0 { ++ // If we have buffered data, update ctx2 with it ++ if _, err := ossl.EVP_DigestUpdate(h.ctx2, h.buf[:h.nbuf]); err != nil { ++ panic(err) ++ } ++ } ++ if _, err := ossl.EVP_DigestFinal_ex(h.ctx2, out[len(in):], nil); err != nil { ++ panic(err) ++ } ++ runtime.KeepAlive(h) ++ return out ++} ++ ++// Clone returns a new Hash object that is a deep clone of itself. ++// The duplicate object contains all state and data contained in the ++// original object at the point of duplication. ++func (h *Hash) Clone() (HashCloner, error) { ++ h2 := &Hash{alg: h.alg, nbuf: h.nbuf} ++ copy(h2.buf[:h.nbuf], h.buf[:h.nbuf]) ++ if h.ctx != nil { ++ var err error ++ h2.ctx, err = ossl.EVP_MD_CTX_new() ++ if err != nil { ++ panic(err) ++ } ++ if _, err := ossl.EVP_MD_CTX_copy_ex(h2.ctx, h.ctx); err != nil { ++ ossl.EVP_MD_CTX_free(h2.ctx) ++ panic(err) ++ } ++ h2.ctx2, err = ossl.EVP_MD_CTX_new() ++ if err != nil { ++ ossl.EVP_MD_CTX_free(h2.ctx) ++ panic(err) ++ } ++ runtime.SetFinalizer(h2, (*Hash).finalize) ++ } ++ runtime.KeepAlive(h) ++ return h2, nil ++} ++ ++type errMarshallUnsupported struct{} ++ ++func (e errMarshallUnsupported) Error() string { ++ return "cryptokit: hash state is not marshallable" ++} ++ ++func (e errMarshallUnsupported) Unwrap() error { ++ return errors.ErrUnsupported ++} ++ ++func (d *Hash) MarshalBinary() ([]byte, error) { ++ if d.alg == nil || !d.alg.marshallable { ++ return nil, errMarshallUnsupported{} ++ } ++ buf := make([]byte, 0, d.alg.marshalledSize) ++ return d.AppendBinary(buf) ++} ++ ++func (d *Hash) AppendBinary(buf []byte) ([]byte, error) { ++ defer runtime.KeepAlive(d) ++ if d.alg == nil || !d.alg.marshallable { ++ return nil, errMarshallUnsupported{} ++ } ++ d.flush() ++ switch d.alg.provider { ++ case providerOSSLDefault, providerOSSLFIPS: ++ return osslHashAppendBinary(d.ctx, d.alg.ch, d.alg.magic, buf) ++ case providerSymCrypt: ++ return symCryptHashAppendBinary(d.ctx, d.alg.ch, d.alg.magic, buf) ++ default: ++ panic("openssl: unknown hash provider" + strconv.Itoa(int(d.alg.provider))) ++ } ++} ++ ++func (d *Hash) UnmarshalBinary(b []byte) error { ++ defer runtime.KeepAlive(d) ++ d.flush() ++ if d.alg == nil || !d.alg.marshallable { ++ return errMarshallUnsupported{} ++ } ++ if len(b) < len(d.alg.magic) || string(b[:len(d.alg.magic)]) != d.alg.magic { ++ return errors.New("openssl: invalid hash state identifier") ++ } ++ if len(b) != d.alg.marshalledSize { ++ return errors.New("openssl: invalid hash state size") ++ } ++ switch d.alg.provider { ++ case providerOSSLDefault, providerOSSLFIPS: ++ return osslHashUnmarshalBinary(d.ctx, d.alg.ch, d.alg.magic, b) ++ case providerSymCrypt: ++ return symCryptHashUnmarshalBinary(d.ctx, d.alg.ch, d.alg.magic, b) ++ default: ++ panic("openssl: unknown hash provider" + strconv.Itoa(int(d.alg.provider))) ++ } ++} ++ ++// appendUint64 appends x into b as a big endian byte sequence. ++func appendUint64(b []byte, x uint64) []byte { ++ return append(b, ++ byte(x>>56), ++ byte(x>>48), ++ byte(x>>40), ++ byte(x>>32), ++ byte(x>>24), ++ byte(x>>16), ++ byte(x>>8), ++ byte(x), ++ ) ++} ++ ++// appendUint32 appends x into b as a big endian byte sequence. ++func appendUint32(b []byte, x uint32) []byte { ++ return append(b, byte(x>>24), byte(x>>16), byte(x>>8), byte(x)) ++} ++ ++// consumeUint64 reads a big endian uint64 number from b. ++func consumeUint64(b []byte) ([]byte, uint64) { ++ _ = b[7] ++ x := uint64(b[7]) | uint64(b[6])<<8 | uint64(b[5])<<16 | uint64(b[4])<<24 | ++ uint64(b[3])<<32 | uint64(b[2])<<40 | uint64(b[1])<<48 | uint64(b[0])<<56 ++ return b[8:], x ++} ++ ++// consumeUint32 reads a big endian uint32 number from b. ++func consumeUint32(b []byte) ([]byte, uint32) { ++ _ = b[3] ++ x := uint32(b[3]) | uint32(b[2])<<8 | uint32(b[1])<<16 | uint32(b[0])<<24 ++ return b[4:], x ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hkdf.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hkdf.go +new file mode 100644 +index 00000000000000..75207faf1aa043 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/cgo_go124.go -@@ -0,0 +1,40 @@ ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hkdf.go +@@ -0,0 +1,330 @@ +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT License. + -+//go:build go1.24 && darwin ++package openssl + -+package cryptokit ++import ( ++ "hash" ++ "sync" ++ "unsafe" + -+// See xcrypto/cgo_go124.go for context. ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) + -+/* -+#cgo noescape MD5 -+#cgo nocallback MD5 -+#cgo noescape SHA1 -+#cgo nocallback SHA1 -+#cgo noescape SHA256 -+#cgo nocallback SHA256 -+#cgo noescape SHA384 -+#cgo nocallback SHA384 -+#cgo noescape SHA512 -+#cgo nocallback SHA512 ++// SupprtHKDF reports whether the current OpenSSL version supports HKDF. ++func SupportsHKDF() bool { ++ switch major() { ++ case 1: ++ return true ++ case 3, 4: ++ _, err := fetchHKDF3() ++ return err == nil ++ default: ++ panic(errUnsupportedVersion()) ++ } ++} + -+#cgo noescape hashWrite -+#cgo noescape hashSum -+#cgo nocallback hashNew -+#cgo nocallback hashWrite -+#cgo nocallback hashSum -+#cgo nocallback hashReset -+#cgo nocallback hashSize -+#cgo nocallback hashBlockSize -+#cgo nocallback hashCopy -+#cgo nocallback hashFree ++// SupprtsTLS13KDF reports whether the current OpenSSL version supports TLS13-KDF. ++func SupportsTLS13KDF() bool { ++ switch major() { ++ case 1: ++ return false ++ case 3, 4: ++ // TLS13-KDF is available in OpenSSL 3.0.0 and later. ++ _, err := fetchTLS13_KDF() ++ return err == nil ++ default: ++ panic(errUnsupportedVersion()) ++ } ++} + -+#cgo noescape updateHMAC -+#cgo noescape finalizeHMAC -+#cgo nocallback initHMAC -+#cgo nocallback freeHMAC -+#cgo nocallback updateHMAC -+#cgo nocallback finalizeHMAC -+*/ -+import "C" -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/cryptokit.go b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/cryptokit.go -new file mode 100644 -index 00000000000000..9f05af66b277d3 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/cryptokit.go -@@ -0,0 +1,39 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. ++func newHKDFCtx1(md ossl.EVP_MD_PTR, mode int32, secret, salt, pseudorandomKey, info []byte) (ctx ossl.EVP_PKEY_CTX_PTR, err error) { ++ checkMajorVersion(1) ++ ++ ctx, err = ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_HKDF, nil) ++ if err != nil { ++ return nil, err ++ } ++ defer func() { ++ if err != nil { ++ ossl.EVP_PKEY_CTX_free(ctx) ++ } ++ }() ++ ++ if _, err := ossl.EVP_PKEY_derive_init(ctx); err != nil { ++ return ctx, err ++ } ++ ++ ctrlSlice := func(ctrl int32, data []byte) bool { ++ if err != nil { ++ return false ++ } ++ if len(data) == 0 { ++ return true // No data to set. ++ } ++ _, err = ossl.EVP_PKEY_CTX_ctrl(ctx, -1, ossl.EVP_PKEY_OP_DERIVE, ctrl, int32(len(data)), unsafe.Pointer(base(data))) ++ return err == nil ++ } ++ ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, ossl.EVP_PKEY_OP_DERIVE, ossl.EVP_PKEY_CTRL_HKDF_MODE, mode, nil); err != nil { ++ return ctx, err ++ } ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, ossl.EVP_PKEY_OP_DERIVE, ossl.EVP_PKEY_CTRL_HKDF_MD, 0, unsafe.Pointer(md)); err != nil { ++ return ctx, err ++ } ++ if ctrlSlice(ossl.EVP_PKEY_CTRL_HKDF_KEY, secret) && ++ ctrlSlice(ossl.EVP_PKEY_CTRL_HKDF_SALT, salt) && ++ ctrlSlice(ossl.EVP_PKEY_CTRL_HKDF_KEY, pseudorandomKey) && ++ ctrlSlice(ossl.EVP_PKEY_CTRL_HKDF_INFO, info) { ++ return ctx, err ++ } ++ return ctx, nil ++} ++ ++// hkdfAllZerosSalt is a preallocated buffer of zeros used in ExtractHKDF(). ++// The size should be kept as large as the output length of any hash algorithm ++// used with HKDF. ++var hkdfAllZerosSalt [64]byte ++ ++// ExtractHDKF implements the HDKF extract step. ++// If salt is nil, then this function replaces it internally with a buffer of ++// zeros whose length equals the output length of the specified hash algorithm. ++func ExtractHKDF(h func() hash.Hash, secret, salt []byte) ([]byte, error) { ++ if !SupportsHKDF() { ++ return nil, errUnsupportedVersion() ++ } ++ ++ md, err := hashFuncToMD(h) ++ if err != nil { ++ return nil, err ++ } ++ ++ // If calling code specifies nil salt, replace it with a buffer of hashLen ++ // zeros, as specified in RFC 5896 and as OpenSSL EVP_KDF-HKDF documentation ++ // instructs. Take a slice of a preallocated buffer to avoid allocating new ++ // buffer per call, but fall back to allocating a buffer if preallocated ++ // buffer is not large enough. ++ if salt == nil { ++ hlen := h().Size() ++ if hlen > len(hkdfAllZerosSalt) { ++ salt = make([]byte, hlen) ++ } else { ++ salt = hkdfAllZerosSalt[:hlen] ++ } ++ } ++ ++ switch major() { ++ case 1: ++ ctx, err := newHKDFCtx1(md, ossl.EVP_KDF_HKDF_MODE_EXTRACT_ONLY, secret, salt, nil, nil) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_PKEY_CTX_free(ctx) ++ var keylen int ++ if _, err := ossl.EVP_PKEY_derive(ctx, nil, &keylen); err != nil { ++ return nil, err ++ } ++ out := make([]byte, keylen) ++ if _, err := ossl.EVP_PKEY_derive(ctx, out, &keylen); err != nil { ++ return nil, err ++ } ++ return out[:keylen], nil ++ case 3, 4: ++ ctx, err := newHKDFCtx3(md, ossl.EVP_KDF_HKDF_MODE_EXTRACT_ONLY, secret, salt, nil, nil) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_KDF_CTX_free(ctx) ++ size, err := ossl.EVP_KDF_CTX_get_kdf_size(ctx) ++ if err != nil { ++ return nil, err ++ } ++ out := make([]byte, size) ++ if _, err := ossl.EVP_KDF_derive(ctx, out, nil); err != nil { ++ return nil, err ++ } ++ return out, nil ++ default: ++ panic(errUnsupportedVersion()) ++ } ++} ++ ++// ExpandHKDF derives a key from the given hash, key, and optional context info. ++func ExpandHKDF(h func() hash.Hash, pseudorandomKey, info []byte, keyLength int) ([]byte, error) { ++ if !SupportsHKDF() { ++ return nil, errUnsupportedVersion() ++ } ++ ++ md, err := hashFuncToMD(h) ++ if err != nil { ++ return nil, err ++ } ++ ++ out := make([]byte, keyLength) ++ switch major() { ++ case 1: ++ ctx, err := newHKDFCtx1(md, ossl.EVP_KDF_HKDF_MODE_EXPAND_ONLY, nil, nil, pseudorandomKey, info) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_PKEY_CTX_free(ctx) ++ if len(out) == 0 { ++ // Nothing to do, so exit early. ++ // We also can't call EVP_PKEY_derive because some engines error on zero-length output. ++ // We can only exit after calling newHKDFCtx1 because we still need it to validate the parameters. ++ return out, nil ++ } ++ keylen := keyLength ++ if _, err := ossl.EVP_PKEY_derive(ctx, out, &keylen); err != nil { ++ return nil, err ++ } ++ case 3, 4: ++ ctx, err := newHKDFCtx3(md, ossl.EVP_KDF_HKDF_MODE_EXPAND_ONLY, nil, nil, pseudorandomKey, info) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_KDF_CTX_free(ctx) ++ if len(out) == 0 { ++ // Nothing to do, so exit early. ++ // We also can't call EVP_PKEY_derive because some engines error on zero-length output. ++ // We can only exit after calling newHKDFCtx3 because we still need it to validate the parameters. ++ return out, nil ++ } ++ if _, err := ossl.EVP_KDF_derive(ctx, out, nil); err != nil { ++ return nil, err ++ } ++ default: ++ panic(errUnsupportedVersion()) ++ } ++ return out, nil ++} ++ ++// ExpandTLS13KDF derives a key from the given hash, key, label and context. It will use ++// "TLS13-KDF" algorithm to do so. ++func ExpandTLS13KDF(h func() hash.Hash, pseudorandomKey, label, context []byte, keyLength int) ([]byte, error) { ++ if !SupportsTLS13KDF() { ++ return nil, errUnsupportedVersion() ++ } ++ ++ md, err := hashFuncToMD(h) ++ if err != nil { ++ return nil, err ++ } ++ ++ out := make([]byte, keyLength) ++ ++ ctx, err := newTLS13KDFExpandCtx3(md, label, context, pseudorandomKey) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_KDF_CTX_free(ctx) ++ if _, err := ossl.EVP_KDF_derive(ctx, out, nil); err != nil { ++ return nil, err ++ } ++ return out, nil ++} ++ ++// fetchTLS13_KDF fetches the TLS13-KDF algorithm. ++// It is safe to call this function concurrently. ++// The returned EVP_KDF_PTR shouldn't be freed. ++var fetchTLS13_KDF = sync.OnceValues(func() (ossl.EVP_KDF_PTR, error) { ++ checkMajorVersion(3, 4) ++ ++ kdf, err := ossl.EVP_KDF_fetch(nil, _OSSL_KDF_NAME_TLS13_KDF.ptr(), nil) ++ if err != nil { ++ return nil, err ++ } ++ return kdf, nil ++}) + -+//go:build darwin ++// newTLS13KDFExpandCtx3 fetches the "TLS13-KDF" for TLS 1.3 handshakes. ++func newTLS13KDFExpandCtx3(md ossl.EVP_MD_PTR, label, context, pseudorandomKey []byte) (_ ossl.EVP_KDF_CTX_PTR, err error) { ++ checkMajorVersion(3, 4) + -+package cryptokit ++ kdf, err := fetchTLS13_KDF() ++ if err != nil { ++ return nil, err ++ } + -+// #cgo CFLAGS: -Wno-deprecated-declarations -+// #cgo LDFLAGS: -framework Security -framework CoreFoundation -L /Library/Developer/CommandLineTools/usr/lib/swift/macosx ${SRCDIR}/CryptoKit.o -+import "C" -+import "unsafe" ++ ctx, err := ossl.EVP_KDF_CTX_new(kdf) ++ if err != nil { ++ return nil, err ++ } ++ defer func() { ++ if err != nil { ++ ossl.EVP_KDF_CTX_free(ctx) ++ } ++ }() + -+// base returns the address of the underlying array in b, -+// being careful not to panic when b has zero length. -+func base(b []byte) *C.uchar { -+ return (*C.uchar)(unsafe.Pointer(addr(b))) -+} ++ bld := newParamBuilder() ++ defer bld.finalize() ++ bld.addUTF8String(_OSSL_KDF_PARAM_DIGEST, ossl.EVP_MD_get0_name(md), 0) ++ bld.addInt32(_OSSL_KDF_PARAM_MODE, int32(ossl.EVP_KDF_HKDF_MODE_EXPAND_ONLY)) ++ bld.addOctetString(_OSSL_KDF_PARAM_PREFIX, []byte("tls13 ")) ++ bld.addOctetString(_OSSL_KDF_PARAM_LABEL, label) ++ bld.addOctetString(_OSSL_KDF_PARAM_DATA, context) ++ bld.addOctetString(_OSSL_KDF_PARAM_KEY, pseudorandomKey) + -+// base returns the address of the underlying array in b, -+// being careful not to panic when b has zero length. -+func addr(b []byte) *byte { -+ if len(b) == 0 { -+ return nil ++ params, err := bld.build() ++ if err != nil { ++ return ctx, err + } -+ return unsafe.SliceData(b) ++ defer ossl.OSSL_PARAM_free(params) ++ ++ if _, err := ossl.EVP_KDF_CTX_set_params(ctx, params); err != nil { ++ return ctx, err ++ } ++ return ctx, nil +} + -+var zero byte ++// fetchHKDF3 fetches the HKDF algorithm. ++// It is safe to call this function concurrently. ++// The returned EVP_KDF_PTR shouldn't be freed. ++var fetchHKDF3 = sync.OnceValues(func() (ossl.EVP_KDF_PTR, error) { ++ checkMajorVersion(3, 4) + -+// addrNeverEmpty returns the address of the underlying array in b, -+// being careful not to panic when b has zero length. -+// If b is empty, it returns a pointer to a zero byte -+// so that it can always be dereferenced. -+func addrNeverEmpty(b []byte) *byte { -+ if len(b) == 0 { -+ return &zero ++ kdf, err := ossl.EVP_KDF_fetch(nil, _OSSL_KDF_NAME_HKDF.ptr(), nil) ++ if err != nil { ++ return nil, err + } -+ return unsafe.SliceData(b) ++ return kdf, nil ++}) ++ ++// newHKDFCtx3 implements HKDF for OpenSSL 3 using the EVP_KDF API. ++func newHKDFCtx3(md ossl.EVP_MD_PTR, mode int32, secret, salt, pseudorandomKey, info []byte) (_ ossl.EVP_KDF_CTX_PTR, err error) { ++ checkMajorVersion(3, 4) ++ ++ kdf, err := fetchHKDF3() ++ if err != nil { ++ return nil, err ++ } ++ ctx, err := ossl.EVP_KDF_CTX_new(kdf) ++ if err != nil { ++ return nil, err ++ } ++ defer func() { ++ if err != nil { ++ ossl.EVP_KDF_CTX_free(ctx) ++ } ++ }() ++ ++ bld := newParamBuilder() ++ defer bld.finalize() ++ bld.addInt32(_OSSL_KDF_PARAM_FIPS_KEY_CHECK, 0) ++ bld.addUTF8String(_OSSL_KDF_PARAM_DIGEST, ossl.EVP_MD_get0_name(md), 0) ++ bld.addInt32(_OSSL_KDF_PARAM_MODE, int32(mode)) ++ bld.addOctetString(_OSSL_KDF_PARAM_KEY, secret) ++ bld.addOctetString(_OSSL_KDF_PARAM_SALT, salt) ++ bld.addOctetString(_OSSL_KDF_PARAM_KEY, pseudorandomKey) ++ bld.addOctetString(_OSSL_KDF_PARAM_INFO, info) ++ params, err := bld.build() ++ if err != nil { ++ return ctx, err ++ } ++ defer ossl.OSSL_PARAM_free(params) ++ ++ if _, err := ossl.EVP_KDF_CTX_set_params(ctx, params); err != nil { ++ return ctx, err ++ } ++ return ctx, nil +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/cryptokit.h b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/cryptokit.h +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hmac.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hmac.go new file mode 100644 -index 00000000000000..8306f0f74e055b +index 00000000000000..88f6ce7eb85ca1 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/cryptokit.h -@@ -0,0 +1,67 @@ ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hmac.go +@@ -0,0 +1,280 @@ +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT License. + -+#ifndef CRYPTOKIT_H -+#define CRYPTOKIT_H ++package openssl + -+#include -+#include ++import ( ++ "hash" ++ "runtime" ++ "slices" ++ "sync" + -+// AES GCM encryption and decryption -+int encryptAESGCM(const uint8_t *key, size_t keyLength, const uint8_t *data, -+ size_t dataLength, const uint8_t *nonce, size_t nonceLength, -+ const uint8_t *aad, size_t aadLength, uint8_t *cipherText, -+ size_t cipherTextLength, uint8_t *tag); -+int decryptAESGCM(const uint8_t *key, size_t keyLength, const uint8_t *data, -+ size_t dataLength, const uint8_t *nonce, size_t nonceLength, -+ const uint8_t *aad, size_t aadLength, const uint8_t *tag, -+ size_t tagLength, uint8_t *out, size_t *outLength); ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) + -+// Generates an Ed25519 keypair. -+// The private key is 64 bytes (first 32 bytes are the seed, next 32 bytes are -+// the public key). The public key is 32 bytes. -+void generateKeyEd25519(uint8_t *key); -+int newPrivateKeyEd25519FromSeed(uint8_t *key, const uint8_t *seed); -+int newPublicKeyEd25519(uint8_t *key, const uint8_t *pub); -+int signEd25519(const uint8_t *privateKey, const uint8_t *message, -+ size_t messageLength, uint8_t *sigBuffer); -+int verifyEd25519(const uint8_t *publicKey, const uint8_t *message, -+ size_t messageLength, const uint8_t *sig); ++// NewHMAC returns a new HMAC using OpenSSL. ++// The function h must return a hash implemented by ++// OpenSSL (for example, h could be openssl.NewSHA256). ++// If h is not recognized, NewHMAC returns nil. ++func NewHMAC(fh func() hash.Hash, key []byte) hash.Hash { ++ h, _ := hashFuncHash(fh) ++ md := hashToMD(h) ++ if md == nil { ++ return nil ++ } + -+// HKDF key derivation -+int extractHKDF(int32_t hashFunction, const uint8_t *secret, -+ size_t secretLength, const uint8_t *salt, size_t saltLength, -+ uint8_t *prk, size_t prkLength); -+int expandHKDF(int32_t hashFunction, const uint8_t *prk, size_t prkLength, -+ const uint8_t *info, size_t infoLength, uint8_t *okm, -+ size_t okmLength); ++ if len(key) == 0 { ++ // This is supported in OpenSSL/Standard lib and as such ++ // we must support it here. When using HMAC with a null key ++ // HMAC_Init will try and reuse the key from the ctx. This is ++ // not the behavior previously implemented, so as a workaround ++ // we pass an "empty" key. ++ key = make([]byte, ossl.EVP_MAX_MD_SIZE) ++ } + -+void *initHMAC(int32_t hashFunction, const uint8_t *key, int keyLength); -+void freeHMAC(int32_t hashFunction, void *ptr); -+void updateHMAC(int32_t hashFunction, void *ptr, const uint8_t *data, -+ int length); -+void finalizeHMAC(int32_t hashFunction, void *ptr, uint8_t *outputPointer); -+void *copyHMAC(int32_t hashAlgorithm, void *ptr); ++ hmac := &opensslHMAC{ ++ size: h.Size(), ++ blockSize: h.BlockSize(), ++ } + -+void MD5(const uint8_t *inputPointer, size_t inputLength, -+ const uint8_t *outputPointer); -+void SHA1(const uint8_t *inputPointer, size_t inputLength, -+ const uint8_t *outputPointer); -+void SHA256(const uint8_t *inputPointer, size_t inputLength, -+ const uint8_t *outputPointer); -+void SHA384(const uint8_t *inputPointer, size_t inputLength, -+ const uint8_t *outputPointer); -+void SHA512(const uint8_t *inputPointer, size_t inputLength, -+ const uint8_t *outputPointer); ++ switch major() { ++ case 1: ++ ctx := newHMAC1(key, md) ++ if ctx.ctx == nil { ++ return nil ++ } ++ hmac.ctx1 = ctx ++ case 3, 4: ++ ctx := newHMAC3(key, md) ++ if ctx.ctx == nil { ++ return nil ++ } ++ hmac.ctx3 = ctx ++ default: ++ panic(errUnsupportedVersion()) ++ } ++ runtime.SetFinalizer(hmac, (*opensslHMAC).finalize) ++ return hmac ++} + -+void *hashNew(int32_t hashAlgorithm); -+void hashWrite(int32_t hashAlgorithm, void *ptr, const uint8_t *data, -+ int length); -+void hashSum(int32_t hashAlgorithm, void *ptr, uint8_t *outputPointer); -+void hashReset(int32_t hashAlgorithm, void *ptr); -+int hashSize(int32_t hashAlgorithm); -+int hashBlockSize(int32_t hashAlgorithm); -+void *hashCopy(int32_t hashAlgorithm, void *ptr); -+void hashFree(int32_t hashAlgorithm, void *ptr); ++// hmacCtx3 is used for OpenSSL 1. ++type hmacCtx1 struct { ++ ctx ossl.HMAC_CTX_PTR ++} + -+#endif /* CRYPTOKIT_H */ -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/ed25519.go b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/ed25519.go -new file mode 100644 -index 00000000000000..2fa15c8fa5529a ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/ed25519.go -@@ -0,0 +1,72 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. ++// hmacCtx3 is used for OpenSSL 3. ++type hmacCtx3 struct { ++ ctx ossl.EVP_MAC_CTX_PTR ++ key []byte // only set for OpenSSL 3.0.0, 3.0.1, and 3.0.2. ++} ++ ++type opensslHMAC struct { ++ ctx1 hmacCtx1 ++ ctx3 hmacCtx3 ++ size int ++ blockSize int ++ sum [maxHashSize]byte ++} ++ ++func newHMAC1(key []byte, md ossl.EVP_MD_PTR) hmacCtx1 { ++ ctx, err := ossl.HMAC_CTX_new() ++ if err != nil { ++ panic(err) ++ } ++ if _, err := ossl.HMAC_Init_ex(ctx, key, md, nil); err != nil { ++ panic(err) ++ } ++ return hmacCtx1{ctx} ++} ++ ++var hmacDigestsSupported sync.Map ++var fetchHMAC3 = sync.OnceValue(func() ossl.EVP_MAC_PTR { ++ mac, err := ossl.EVP_MAC_fetch(nil, _OSSL_MAC_NAME_HMAC.ptr(), nil) ++ if err != nil { ++ panic(err) ++ } ++ return mac ++}) + -+//go:build darwin ++func buildHMAC3Params(md ossl.EVP_MD_PTR) (ossl.OSSL_PARAM_PTR, error) { ++ bld := newParamBuilder() ++ defer bld.finalize() ++ bld.addUTF8String(_OSSL_MAC_PARAM_DIGEST, ossl.EVP_MD_get0_name(md), 0) ++ bld.addInt32(_OSSL_MAC_PARAM_FIPS_KEY_CHECK, 0) ++ return bld.build() ++} + -+package cryptokit ++func isHMAC3DigestSupported(md ossl.EVP_MD_PTR) bool { ++ nid := ossl.EVP_MD_get_type(md) ++ if v, ok := hmacDigestsSupported.Load(nid); ok { ++ return v.(bool) ++ } ++ ctx, err := ossl.EVP_MAC_CTX_new(fetchHMAC3()) ++ if err != nil { ++ panic(err) ++ } ++ defer ossl.EVP_MAC_CTX_free(ctx) + -+// #include "cryptokit.h" -+import "C" -+import ( -+ "errors" -+) ++ params, err := buildHMAC3Params(md) ++ if err != nil { ++ panic(err) ++ } ++ defer ossl.OSSL_PARAM_free(params) + -+// GenerateKeyEd25519 generates an Ed25519 private key using the Swift implementation. -+func GenerateKeyEd25519(key []byte) { -+ C.generateKeyEd25519(base(key)) ++ _, err = ossl.EVP_MAC_CTX_set_params(ctx, params) ++ supported := err == nil ++ hmacDigestsSupported.Store(nid, supported) ++ return supported +} + -+// NewPrivateKeyEd25519FromSeed generates an Ed25519 private key from a seed. -+func NewPrivateKeyEd25519FromSeed(key, seed []byte) error { -+ result := C.newPrivateKeyEd25519FromSeed(base(key), base(seed)) -+ if result != 0 { -+ return errors.New("failed to generate Ed25519 key from seed") ++func newHMAC3(key []byte, md ossl.EVP_MD_PTR) hmacCtx3 { ++ if !isHMAC3DigestSupported(md) { ++ // The digest is not supported by the HMAC provider. ++ // Don't panic here so the Go standard library to ++ // fall back to the Go implementation. ++ // See https://github.com/golang-fips/openssl/issues/153. ++ return hmacCtx3{} + } -+ return nil -+} ++ params, err := buildHMAC3Params(md) ++ if err != nil { ++ panic(err) ++ } ++ defer ossl.OSSL_PARAM_free(params) + -+// NewPublicKeyEd25519 creates a new Ed25519 public key from raw bytes. -+func NewPublicKeyEd25519(key, pub []byte) error { -+ result := C.newPublicKeyEd25519(base(key), base(pub)) -+ if result != 0 { -+ return errors.New("failed to create Ed25519 public key") ++ ctx, err := ossl.EVP_MAC_CTX_new(fetchHMAC3()) ++ if err != nil { ++ panic(err) + } -+ return nil -+} + -+// SignEd25519 signs a message using the provided private key. -+func SignEd25519(sig, privateKey, message []byte) error { -+ result := C.signEd25519(base(privateKey), base(message), C.size_t(len(message)), base(sig)) -+ if result < 0 { -+ switch result { -+ case -1: -+ return errors.New("invalid inputs to SignEd25519") -+ case -2: -+ return errors.New("failed to reconstruct private key") -+ case -3: -+ return errors.New("failed to sign the message") -+ case -4: -+ return errors.New("signature buffer too small") -+ default: -+ return errors.New("unknown error in SignEd25519") -+ } ++ if _, err := ossl.EVP_MAC_init(ctx, key, params); err != nil { ++ ossl.EVP_MAC_CTX_free(ctx) ++ panic(err) + } -+ return nil ++ var hkey []byte ++ //versionguardcheck:ignore OpenSSL 3.0.0–3.0.2 EVP_MAC_init does not reset without a key: https://github.com/openssl/openssl/issues/17811. ++ if major() == 3 && minor() == 0 && patch() <= 2 { ++ // EVP_MAC_init only resets the ctx internal state if a key is passed ++ // when using OpenSSL 3.0.0, 3.0.1, and 3.0.2. Save a copy of the key ++ // in the context so Reset can use it later. New OpenSSL versions ++ // do not have this issue so it isn't necessary to save the key. ++ hkey = make([]byte, len(key)) ++ copy(hkey, key) ++ } ++ return hmacCtx3{ctx, hkey} +} + -+// VerifyEd25519 verifies a signature using the provided public key and message. -+func VerifyEd25519(publicKey, message, sig []byte) error { -+ result := C.verifyEd25519(base(publicKey), base(message), C.size_t(len(message)), base(sig)) -+ switch result { ++func (h *opensslHMAC) Reset() { ++ switch major() { + case 1: -+ return nil // Valid signature -+ case 0: -+ return errors.New("ed25519: invalid signature") -+ case -1: -+ return errors.New("invalid inputs to VerifyEd25519") -+ case -2: -+ return errors.New("failed to reconstruct public key") ++ if _, err := ossl.HMAC_Init_ex(h.ctx1.ctx, nil, nil, nil); err != nil { ++ panic(err) ++ } ++ case 3, 4: ++ if _, err := ossl.EVP_MAC_init(h.ctx3.ctx, h.ctx3.key, nil); err != nil { ++ panic(err) ++ } + default: -+ return errors.New("unknown error in VerifyEd25519") ++ panic(errUnsupportedVersion()) + } -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/gcm.go b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/gcm.go -new file mode 100644 -index 00000000000000..458e9eb57416b1 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/gcm.go -@@ -0,0 +1,36 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+//go:build darwin + -+package cryptokit -+ -+// #include "cryptokit.h" -+import "C" -+ -+// EncryptAESGCM performs AES-GCM encryption using Swift. -+func EncryptAESGCM(key, plaintext, nonce, additionalData, ciphertext, tag []byte) int { -+ err := C.encryptAESGCM( -+ base(key), C.size_t(len(key)), -+ base(plaintext), C.size_t(len(plaintext)), -+ base(nonce), C.size_t(len(nonce)), -+ base(additionalData), C.size_t(len(additionalData)), -+ base(ciphertext), C.size_t(len(ciphertext)), -+ base(tag), -+ ) -+ return int(err) ++ runtime.KeepAlive(h) // Next line will keep h alive too; just making doubly sure. +} + -+// DecryptAESGCM performs AES-GCM decryption using Swift. -+func DecryptAESGCM(key, ciphertext, nonce, additionalData, tag, plaintext []byte) (int, int) { -+ var decSize C.size_t -+ err := C.decryptAESGCM( -+ base(key), C.size_t(len(key)), -+ base(ciphertext), C.size_t(len(ciphertext)), -+ base(nonce), C.size_t(len(nonce)), -+ base(additionalData), C.size_t(len(additionalData)), -+ base(tag), C.size_t(len(tag)), -+ base(plaintext), &decSize, -+ ) -+ return int(decSize), int(err) ++func (h *opensslHMAC) finalize() { ++ if h.ctx1.ctx != nil { ++ ossl.HMAC_CTX_free(h.ctx1.ctx) ++ } ++ if h.ctx3.ctx != nil { ++ ossl.EVP_MAC_CTX_free(h.ctx3.ctx) ++ } +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hash.go b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hash.go -new file mode 100644 -index 00000000000000..977ee3152ada71 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hash.go -@@ -0,0 +1,247 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+//go:build darwin -+ -+package cryptokit -+ -+// #include "cryptokit.h" -+import "C" -+import ( -+ "errors" -+ "hash" -+ "runtime" -+ "unsafe" -+) + -+func MD5(p []byte) (sum [16]byte) { -+ C.MD5((*C.uint8_t)(&*addrNeverEmpty(p)), C.size_t(len(p)), base(sum[:])) -+ return ++func (h *opensslHMAC) Write(p []byte) (int, error) { ++ if len(p) > 0 { ++ switch major() { ++ case 1: ++ ossl.HMAC_Update(h.ctx1.ctx, p) ++ case 3, 4: ++ ossl.EVP_MAC_update(h.ctx3.ctx, p) ++ default: ++ panic(errUnsupportedVersion()) ++ } ++ } ++ runtime.KeepAlive(h) ++ return len(p), nil +} + -+func SHA1(p []byte) (sum [20]byte) { -+ C.SHA1((*C.uint8_t)(&*addrNeverEmpty(p)), C.size_t(len(p)), base(sum[:])) -+ return ++func (h *opensslHMAC) Size() int { ++ return h.size +} + -+func SHA256(p []byte) (sum [32]byte) { -+ C.SHA256((*C.uint8_t)(&*addrNeverEmpty(p)), C.size_t(len(p)), base(sum[:])) -+ return ++func (h *opensslHMAC) BlockSize() int { ++ return h.blockSize +} + -+func SHA384(p []byte) (sum [48]byte) { -+ C.SHA384((*C.uint8_t)(&*addrNeverEmpty(p)), C.size_t(len(p)), base(sum[:])) -+ return ++func (h *opensslHMAC) Sum(in []byte) []byte { ++ // Make copy of context because Go hash.Hash mandates ++ // that Sum has no effect on the underlying stream. ++ // In particular it is OK to Sum, then Write more, then Sum again, ++ // and the second Sum acts as if the first didn't happen. ++ switch major() { ++ case 1: ++ ctx2, err := ossl.HMAC_CTX_new() ++ if err != nil { ++ panic(err) ++ } ++ defer ossl.HMAC_CTX_free(ctx2) ++ if _, err := ossl.HMAC_CTX_copy(ctx2, h.ctx1.ctx); err != nil { ++ panic(err) ++ } ++ ossl.HMAC_Final(ctx2, h.sum[:h.size], nil) ++ case 3, 4: ++ ctx2, err := ossl.EVP_MAC_CTX_dup(h.ctx3.ctx) ++ if err != nil { ++ panic(err) ++ } ++ defer ossl.EVP_MAC_CTX_free(ctx2) ++ ossl.EVP_MAC_final(ctx2, h.sum[:h.size], nil) ++ default: ++ panic(errUnsupportedVersion()) ++ } ++ return append(in, h.sum[:h.size]...) +} + -+func SHA512(p []byte) (sum [64]byte) { -+ C.SHA512((*C.uint8_t)(&*addrNeverEmpty(p)), C.size_t(len(p)), base(sum[:])) -+ return ++func (h *opensslHMAC) Clone() (HashCloner, error) { ++ switch major() { ++ case 1: ++ ctx2, err := ossl.HMAC_CTX_new() ++ if err != nil { ++ panic(err) ++ } ++ if _, err := ossl.HMAC_CTX_copy(ctx2, h.ctx1.ctx); err != nil { ++ ossl.HMAC_CTX_free(ctx2) ++ panic(err) ++ } ++ cl := &opensslHMAC{ ++ ctx1: hmacCtx1{ctx: ctx2}, ++ size: h.size, ++ blockSize: h.blockSize, ++ } ++ runtime.SetFinalizer(cl, (*opensslHMAC).finalize) ++ return cl, nil ++ ++ case 3, 4: ++ ctx2, err := ossl.EVP_MAC_CTX_dup(h.ctx3.ctx) ++ if err != nil { ++ panic(err) ++ } ++ ++ cl := &opensslHMAC{ ++ ctx3: hmacCtx3{ctx: ctx2, key: slices.Clone(h.ctx3.key)}, ++ size: h.size, ++ blockSize: h.blockSize, ++ } ++ runtime.SetFinalizer(cl, (*opensslHMAC).finalize) ++ return cl, nil ++ ++ default: ++ panic(errUnsupportedVersion()) ++ } +} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/mldsa.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/mldsa.go +new file mode 100644 +index 00000000000000..49481d99023c12 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/mldsa.go +@@ -0,0 +1,449 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. + -+const ( -+ md5 = 1 -+ sha1 = 2 -+ sha256 = 3 -+ sha384 = 4 -+ sha512 = 5 -+) ++package openssl + -+var ( -+ MD5BlockSize = int(C.hashBlockSize(md5)) -+ MD5Size = int(C.hashSize(md5)) -+ SHA1BlockSize = int(C.hashBlockSize(sha1)) -+ SHA1Size = int(C.hashSize(sha1)) -+ SHA256BlockSize = int(C.hashBlockSize(sha256)) -+ SHA256Size = int(C.hashSize(sha256)) -+ SHA384BlockSize = int(C.hashBlockSize(sha384)) -+ SHA384Size = int(C.hashSize(sha384)) -+ SHA512BlockSize = int(C.hashBlockSize(sha512)) -+ SHA512Size = int(C.hashSize(sha512)) -+) ++import ( ++ "errors" ++ "sync" + -+var _ hash.Hash = (*evpHash)(nil) -+var _ HashCloner = (*evpHash)(nil) ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) + -+type evpHash struct { -+ ptr unsafe.Pointer -+ hashAlgorithm C.int -+ blockSize int -+ size int -+} ++const ( ++ // privateKeySizeMLDSA is the size of an ML-DSA private key seed. ++ privateKeySizeMLDSA = 32 + -+func newEVPHash(hashAlgorithm C.int, blockSize, size int) *evpHash { -+ h := &evpHash{ -+ ptr: C.hashNew(hashAlgorithm), -+ hashAlgorithm: hashAlgorithm, -+ blockSize: blockSize, -+ size: size, -+ } ++ // publicKeySizeMLDSA44 is the size of an ML-DSA-44 public key encoding. ++ publicKeySizeMLDSA44 = 1312 + -+ runtime.SetFinalizer(h, (*evpHash).finalize) ++ // publicKeySizeMLDSA65 is the size of an ML-DSA-65 public key encoding. ++ publicKeySizeMLDSA65 = 1952 + -+ return h -+} ++ // publicKeySizeMLDSA87 is the size of an ML-DSA-87 public key encoding. ++ publicKeySizeMLDSA87 = 2592 + -+func (h *evpHash) finalize() { -+ if h.ptr != nil { -+ C.hashFree(h.hashAlgorithm, h.ptr) -+ h.ptr = nil -+ } -+} ++ // signatureSizeMLDSA44 is the size of an ML-DSA-44 signature. ++ signatureSizeMLDSA44 = 2420 + -+func (h *evpHash) Clone() (HashCloner, error) { -+ if h.ptr == nil { -+ panic("cryptokit: hash already finalized") -+ } ++ // signatureSizeMLDSA65 is the size of an ML-DSA-65 signature. ++ signatureSizeMLDSA65 = 3309 + -+ newHash := &evpHash{ -+ ptr: C.hashCopy(h.hashAlgorithm, h.ptr), -+ hashAlgorithm: h.hashAlgorithm, -+ blockSize: h.blockSize, -+ size: h.size, -+ } ++ // signatureSizeMLDSA87 is the size of an ML-DSA-87 signature. ++ signatureSizeMLDSA87 = 4627 + -+ runtime.SetFinalizer(newHash, (*evpHash).finalize) ++ // muSizeMLDSA is the size of the pre-hashed mu input to the external-mu ++ // variants of Sign and Verify. ++ muSizeMLDSA = 64 + -+ runtime.KeepAlive(h) ++ // maxContextSizeMLDSA is the maximum allowed length of the context string ++ // passed to Sign and Verify. ++ maxContextSizeMLDSA = 255 ++) + -+ return newHash, nil ++// SupportsMLDSA returns true if the given ML-DSA parameter set is supported ++// on this platform. Providers may not implement every security level, so ++// callers must probe each parameter set they intend to use. ++func SupportsMLDSA(params MLDSAParameters) bool { ++ switch params.keyType { ++ case ossl.EVP_PKEY_ML_DSA_44: ++ return supportsMLDSA44() ++ case ossl.EVP_PKEY_ML_DSA_65: ++ return supportsMLDSA65() ++ case ossl.EVP_PKEY_ML_DSA_87: ++ return supportsMLDSA87() ++ default: ++ return false ++ } +} + -+func (h *evpHash) Write(p []byte) (int, error) { -+ if len(p) == 0 { -+ return 0, nil ++// probeMLDSA reports whether the OpenSSL provider exposes the given ML-DSA ++// algorithm via the keymgmt fetch interface. ML-DSA was added in OpenSSL 3.5; ++// older 3.x releases return nil for unknown algorithm names, and 1.x lacks ++// the fetch interface entirely. ++func probeMLDSA(name cString) bool { ++ if !ossl.EVP_KEYMGMT_fetch_Available() { ++ return false + } -+ C.hashWrite(h.hashAlgorithm, h.ptr, (*C.uint8_t)(&*addrNeverEmpty(p)), C.int(len(p))) ++ mgmt, _ := ossl.EVP_KEYMGMT_fetch(nil, name.ptr(), nil) ++ if mgmt == nil { ++ return false ++ } ++ ossl.EVP_KEYMGMT_free(mgmt) ++ return true ++} + -+ runtime.KeepAlive(h) ++var ( ++ supportsMLDSA44 = sync.OnceValue(func() bool { return probeMLDSA(_KeyTypeMLDSA44) }) ++ supportsMLDSA65 = sync.OnceValue(func() bool { return probeMLDSA(_KeyTypeMLDSA65) }) ++ supportsMLDSA87 = sync.OnceValue(func() bool { return probeMLDSA(_KeyTypeMLDSA87) }) ++) + -+ return len(p), nil ++// MLDSAParameters represents one of the fixed ML-DSA parameter sets. ++type MLDSAParameters struct { ++ name string ++ keyType int32 ++ keyTypeName cString ++ publicKeySize int ++ signatureSize int +} + -+func (h *evpHash) WriteString(s string) (int, error) { -+ if len(s) == 0 { -+ return 0, nil ++var ( ++ mldsa44 = MLDSAParameters{ ++ name: "ML-DSA-44", ++ keyType: ossl.EVP_PKEY_ML_DSA_44, ++ keyTypeName: _KeyTypeMLDSA44, ++ publicKeySize: publicKeySizeMLDSA44, ++ signatureSize: signatureSizeMLDSA44, ++ } ++ mldsa65 = MLDSAParameters{ ++ name: "ML-DSA-65", ++ keyType: ossl.EVP_PKEY_ML_DSA_65, ++ keyTypeName: _KeyTypeMLDSA65, ++ publicKeySize: publicKeySizeMLDSA65, ++ signatureSize: signatureSizeMLDSA65, ++ } ++ mldsa87 = MLDSAParameters{ ++ name: "ML-DSA-87", ++ keyType: ossl.EVP_PKEY_ML_DSA_87, ++ keyTypeName: _KeyTypeMLDSA87, ++ publicKeySize: publicKeySizeMLDSA87, ++ signatureSize: signatureSizeMLDSA87, + } -+ C.hashWrite(h.hashAlgorithm, h.ptr, (*C.uchar)(unsafe.Pointer(unsafe.StringData(s))), C.int(len(s))) -+ -+ runtime.KeepAlive(h) ++) + -+ return len(s), nil -+} ++// MLDSA44 returns the ML-DSA-44 parameter set. ++func MLDSA44() MLDSAParameters { return mldsa44 } + -+func (h *evpHash) WriteByte(c byte) error { -+ C.hashWrite(h.hashAlgorithm, h.ptr, base([]byte{c}), 1) ++// MLDSA65 returns the ML-DSA-65 parameter set. ++func MLDSA65() MLDSAParameters { return mldsa65 } + -+ runtime.KeepAlive(h) ++// MLDSA87 returns the ML-DSA-87 parameter set. ++func MLDSA87() MLDSAParameters { return mldsa87 } + -+ return nil ++func (params MLDSAParameters) valid() bool { ++ switch params { ++ case mldsa44, mldsa65, mldsa87: ++ return true ++ default: ++ return false ++ } +} + -+func (h *evpHash) Sum(b []byte) []byte { -+ hashSlice := make([]byte, h.size, 64) // explicit cap to allow stack allocation -+ C.hashSum(h.hashAlgorithm, h.ptr, base(hashSlice)) -+ runtime.KeepAlive(h) ++// PublicKeySize returns the size of public keys for this parameter set, in bytes. ++func (params MLDSAParameters) PublicKeySize() int { return params.publicKeySize } + -+ b = append(b, hashSlice...) -+ return b -+} ++// SignatureSize returns the size of signatures for this parameter set, in bytes. ++func (params MLDSAParameters) SignatureSize() int { return params.signatureSize } + -+func (h *evpHash) MarshalBinary() ([]byte, error) { -+ return nil, errors.New("cryptokit: hash state is not marshallable") -+} ++// String returns the name of the parameter set. ++func (params MLDSAParameters) String() string { return params.name } + -+func (h *evpHash) AppendBinary(b []byte) ([]byte, error) { -+ return nil, errors.New("cryptokit: hash state is not marshallable") -+} ++var errInvalidMLDSAParameters = errors.New("mldsa: invalid parameters") + -+func (h *evpHash) UnmarshalBinary(data []byte) error { -+ return errors.New("cryptokit: hash state is not marshallable") ++// PrivateKeyMLDSA is an ML-DSA private key seed. ++type PrivateKeyMLDSA struct { ++ params MLDSAParameters ++ seed [privateKeySizeMLDSA]byte +} + -+func (h *evpHash) Reset() { -+ C.hashReset(h.hashAlgorithm, h.ptr) ++// GenerateKeyMLDSA generates a new ML-DSA private key. ++func GenerateKeyMLDSA(params MLDSAParameters) (*PrivateKeyMLDSA, error) { ++ if !params.valid() { ++ return nil, errInvalidMLDSAParameters ++ } ++ key := &PrivateKeyMLDSA{params: params} ++ if err := generateMLDSASeed(params.keyType, key.seed[:]); err != nil { ++ return nil, err ++ } ++ return key, nil +} + -+func (h *evpHash) BlockSize() int { -+ return h.blockSize ++// NewPrivateKeyMLDSA constructs an ML-DSA private key from its 32-byte seed. ++func NewPrivateKeyMLDSA(params MLDSAParameters, seed []byte) (*PrivateKeyMLDSA, error) { ++ if !params.valid() { ++ return nil, errInvalidMLDSAParameters ++ } ++ if len(seed) != privateKeySizeMLDSA { ++ return nil, errors.New("mldsa: invalid private key size") ++ } ++ key := &PrivateKeyMLDSA{params: params} ++ copy(key.seed[:], seed) ++ return key, nil +} + -+func (h *evpHash) Size() int { -+ return h.size ++// Bytes returns the private key seed. ++func (key *PrivateKeyMLDSA) Bytes() []byte { ++ return key.seed[:] +} + -+type MD5Hash struct { -+ *evpHash -+} ++// Parameters returns the parameters associated with this private key. ++func (key *PrivateKeyMLDSA) Parameters() MLDSAParameters { return key.params } + -+func NewMD5() hash.Hash { -+ return MD5Hash{ -+ evpHash: newEVPHash( -+ C.int(md5), -+ MD5BlockSize, -+ MD5Size, -+ ), ++// PublicKey returns the corresponding public key. ++func (key *PrivateKeyMLDSA) PublicKey() *PublicKeyMLDSA { ++ publicKey := &PublicKeyMLDSA{params: key.params} ++ if err := mldsaExtractPublicKey(key.params, key.seed[:], publicKey.bytes[:key.params.publicKeySize]); err != nil { ++ panic(err) + } ++ return publicKey +} + -+type SHA1Hash struct { -+ *evpHash ++// Sign signs message with the private key, optionally binding the signature ++// to a context string. The context string must be at most 255 bytes long. ++func (key *PrivateKeyMLDSA) Sign(message []byte, context string) ([]byte, error) { ++ return mldsaSign(key.params, key.seed[:], message, context) +} + -+// NewSHA1 initializes a new SHA1 hasher. -+func NewSHA1() hash.Hash { -+ return SHA1Hash{ -+ evpHash: newEVPHash( -+ sha1, -+ SHA1BlockSize, -+ SHA1Size, -+ ), ++// SignExternalMu signs a pre-hashed mu message representative using ML-DSA. ++// mu must be exactly 64 bytes long. ++func (key *PrivateKeyMLDSA) SignExternalMu(mu []byte) ([]byte, error) { ++ if len(mu) != muSizeMLDSA { ++ return nil, errors.New("mldsa: invalid message hash length") + } ++ return mldsaSignExternalMu(key.params, key.seed[:], mu) +} + -+type SHA256Hash struct { -+ *evpHash ++// PublicKeyMLDSA is an ML-DSA public key. ++type PublicKeyMLDSA struct { ++ params MLDSAParameters ++ bytes [publicKeySizeMLDSA87]byte +} + -+// NewSHA256 initializes a new SHA256 hasher. -+func NewSHA256() hash.Hash { -+ return SHA256Hash{ -+ evpHash: newEVPHash( -+ sha256, -+ SHA256BlockSize, -+ SHA256Size, -+ ), ++// NewPublicKeyMLDSA constructs an ML-DSA public key from its encoding. ++func NewPublicKeyMLDSA(params MLDSAParameters, publicKey []byte) (*PublicKeyMLDSA, error) { ++ if !params.valid() { ++ return nil, errInvalidMLDSAParameters ++ } ++ if len(publicKey) != params.publicKeySize { ++ return nil, errors.New("mldsa: invalid public key size") ++ } ++ // Validate by attempting a key import. ++ pkey, err := createMLDSAPublicKey(params.keyType, publicKey) ++ if err != nil { ++ return nil, err + } ++ ossl.EVP_PKEY_free(pkey) ++ key := &PublicKeyMLDSA{params: params} ++ copy(key.bytes[:], publicKey) ++ return key, nil +} + -+type SHA384Hash struct { -+ *evpHash ++// Bytes returns the public key encoding. ++func (key *PublicKeyMLDSA) Bytes() []byte { ++ return key.bytes[:key.params.publicKeySize] +} + -+// NewSHA384 initializes a new SHA384 hasher. -+func NewSHA384() hash.Hash { -+ return SHA384Hash{ -+ evpHash: newEVPHash( -+ sha384, -+ SHA384BlockSize, -+ SHA384Size, -+ ), -+ } -+} ++// Parameters returns the parameters associated with this public key. ++func (key *PublicKeyMLDSA) Parameters() MLDSAParameters { return key.params } + -+type SHA512Hash struct { -+ *evpHash ++// Verify verifies an ML-DSA signature over message bound to the given context. ++func (key *PublicKeyMLDSA) Verify(message, signature []byte, context string) error { ++ return mldsaVerify(key.params, key.bytes[:key.params.publicKeySize], message, signature, context) +} + -+// NewSHA512 initializes a new SHA512 hasher. -+func NewSHA512() hash.Hash { -+ return SHA512Hash{ -+ evpHash: newEVPHash( -+ sha512, -+ SHA512BlockSize, -+ SHA512Size, -+ ), ++// VerifyExternalMu verifies an ML-DSA signature over a pre-hashed mu message ++// representative. mu must be exactly 64 bytes long. ++func (key *PublicKeyMLDSA) VerifyExternalMu(mu, signature []byte) error { ++ if len(mu) != muSizeMLDSA { ++ return errors.New("mldsa: invalid message hash length") + } ++ return mldsaVerifyExternalMu(key.params, key.bytes[:key.params.publicKeySize], mu, signature) +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hashclone.go b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hashclone.go -new file mode 100644 -index 00000000000000..5416b7882c1891 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hashclone.go -@@ -0,0 +1,17 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+//go:build !go1.25 && darwin -+ -+package cryptokit -+ -+import ( -+ "hash" -+) -+ -+// HashCloner is an interface that defines a Clone method. -+type HashCloner interface { -+ hash.Hash -+ // Clone returns a separate Hash instance with the same state as h. -+ Clone() (HashCloner, error) -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hashclone_go125.go b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hashclone_go125.go -new file mode 100644 -index 00000000000000..d690254202bde6 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hashclone_go125.go -@@ -0,0 +1,12 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. + -+//go:build go1.25 && darwin -+ -+package cryptokit -+ -+import ( -+ "hash" -+) -+ -+type HashCloner = hash.Cloner -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hkdf.go b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hkdf.go -new file mode 100644 -index 00000000000000..da161adcd88ea6 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hkdf.go -@@ -0,0 +1,77 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+//go:build darwin -+ -+package cryptokit -+ -+// #include "cryptokit.h" -+import "C" -+import ( -+ "crypto" -+ "errors" -+) ++// Helper functions + -+// ExtractHKDF performs the extract step of HKDF using the specified hash function. -+func ExtractHKDF(hash crypto.Hash, secret, salt []byte) ([]byte, error) { -+ h, err := cryptoHashToSwift(hash) ++// generateMLDSASeed generates a new ML-DSA private key and extracts the seed. ++func generateMLDSASeed(keyType int32, seed []byte) error { ++ pkey, err := generateEVPPKey(keyType, 0, "") + if err != nil { -+ return nil, err ++ return err + } ++ defer ossl.EVP_PKEY_free(pkey) + -+ // Allocate buffer for derived key -+ prk := make([]byte, hash.Size()) -+ -+ // Call Swift function -+ result := C.extractHKDF( -+ h, -+ base(secret), C.size_t(len(secret)), -+ base(salt), C.size_t(len(salt)), -+ base(prk), C.size_t(len(prk)), -+ ) ++ _, err = ossl.EVP_PKEY_get_octet_string_param(pkey, _OSSL_PKEY_PARAM_ML_DSA_SEED.ptr(), seed, nil) ++ return err ++} + -+ if result != 0 { -+ return nil, errors.New("HKDF derivation failed") ++// createMLDSAPrivateKey creates an ML-DSA EVP_PKEY from a 32-byte seed. ++func createMLDSAPrivateKey(id int32, seed []byte) (ossl.EVP_PKEY_PTR, error) { ++ if len(seed) != privateKeySizeMLDSA { ++ return nil, errors.New("mldsa: invalid seed size") + } + -+ return prk, nil -+} ++ bld := newParamBuilder() ++ defer bld.finalize() + -+func ExpandHKDF(hash crypto.Hash, pseudorandomKey, info []byte, keyLength int) ([]byte, error) { -+ h, err := cryptoHashToSwift(hash) ++ bld.addOctetString(_OSSL_PKEY_PARAM_ML_DSA_SEED, seed) ++ ++ params, err := bld.build() + if err != nil { + return nil, err + } ++ defer ossl.OSSL_PARAM_free(params) + -+ // Allocate buffer for derived key -+ expandedKey := make([]byte, keyLength) ++ return newEvpFromParams(id, ossl.EVP_PKEY_KEYPAIR, params) ++} + -+ // Call Swift function -+ result := C.expandHKDF( -+ h, -+ base(pseudorandomKey), C.size_t(len(pseudorandomKey)), -+ base(info), C.size_t(len(info)), -+ base(expandedKey), C.size_t(len(expandedKey)), -+ ) ++// createMLDSAPublicKey creates an ML-DSA EVP_PKEY from encoded public key bytes. ++func createMLDSAPublicKey(id int32, pubKeyBytes []byte) (ossl.EVP_PKEY_PTR, error) { ++ bld := newParamBuilder() ++ defer bld.finalize() + -+ if result != 0 { -+ return nil, errors.New("HKDF derivation failed") ++ bld.addOctetString(_OSSL_PKEY_PARAM_PUB_KEY, pubKeyBytes) ++ ++ params, err := bld.build() ++ if err != nil { ++ return nil, err + } ++ defer ossl.OSSL_PARAM_free(params) + -+ return expandedKey, nil ++ return newEvpFromParams(id, ossl.EVP_PKEY_PUBLIC_KEY, params) +} + -+func cryptoHashToSwift(hash crypto.Hash) (C.int32_t, error) { -+ switch hash { -+ case crypto.SHA1: -+ return 1, nil -+ case crypto.SHA256: -+ return 2, nil -+ case crypto.SHA384: -+ return 3, nil -+ case crypto.SHA512: -+ return 4, nil -+ default: -+ return 0, errors.New("unsupported hash function") ++// mldsaExtractPublicKey derives and copies the encoded public key bytes from ++// a private key seed. ++func mldsaExtractPublicKey(params MLDSAParameters, seed, dst []byte) error { ++ pkey, err := createMLDSAPrivateKey(params.keyType, seed) ++ if err != nil { ++ return err + } -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hmac.go b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hmac.go -new file mode 100644 -index 00000000000000..f06abe11e3854d ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/internal/cryptokit/hmac.go -@@ -0,0 +1,146 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+//go:build darwin ++ defer ossl.EVP_PKEY_free(pkey) + -+package cryptokit ++ var pubLen int ++ if _, err := ossl.EVP_PKEY_get_octet_string_param(pkey, _OSSL_PKEY_PARAM_PUB_KEY.ptr(), dst, &pubLen); err != nil { ++ return err ++ } ++ if pubLen != params.publicKeySize { ++ return errors.New("mldsa: unexpected public key size") ++ } ++ return nil ++} + -+// #include "cryptokit.h" -+import "C" -+import ( -+ "hash" -+ "runtime" -+ "slices" -+ "unsafe" -+) ++// mldsaSigParams builds the OSSL_PARAM array used to bind a context string ++// (and/or the external-mu flag) to an ML-DSA Sign or Verify operation. ++// Returns nil params when neither is set. ++func mldsaSigParams(context string, externalMu bool) (ossl.OSSL_PARAM_PTR, error) { ++ if len(context) > maxContextSizeMLDSA { ++ return nil, errors.New("mldsa: context too long") ++ } ++ if context == "" && !externalMu { ++ return nil, nil ++ } ++ bld := newParamBuilder() ++ defer bld.finalize() ++ if context != "" { ++ bld.addOctetString(_OSSL_SIGNATURE_PARAM_CONTEXT_STRING, []byte(context)) ++ } ++ if externalMu { ++ bld.addInt32(_OSSL_SIGNATURE_PARAM_MU, 1) ++ } ++ return bld.build() ++} + -+var _ hash.Hash = (*cryptoKitHMAC)(nil) -+var _ HashCloner = (*cryptoKitHMAC)(nil) ++func mldsaSign(params MLDSAParameters, seed, message []byte, context string) ([]byte, error) { ++ pkey, err := createMLDSAPrivateKey(params.keyType, seed) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_PKEY_free(pkey) + -+type cryptoKitHMAC struct { -+ ptr unsafe.Pointer ++ return mldsaSignWithKey(pkey, params, message, context, false) ++} + -+ kind int -+ key []byte ++func mldsaSignExternalMu(params MLDSAParameters, seed, mu []byte) ([]byte, error) { ++ pkey, err := createMLDSAPrivateKey(params.keyType, seed) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_PKEY_free(pkey) + -+ blockSize int -+ size int ++ return mldsaSignWithKey(pkey, params, mu, "", true) +} + -+func NewHMAC(fh func() hash.Hash, key []byte) hash.Hash { -+ h := fh() -+ if h == nil { -+ return nil ++func mldsaSignWithKey(pkey ossl.EVP_PKEY_PTR, params MLDSAParameters, message []byte, context string, externalMu bool) ([]byte, error) { ++ mdctx, err := ossl.EVP_MD_CTX_new() ++ if err != nil { ++ return nil, err + } ++ defer ossl.EVP_MD_CTX_free(mdctx) + -+ // copying the key here to ensure that it is not modified -+ // while this algorithm is using it. -+ key = slices.Clone(key) -+ kind := hashToHMACEnum(h) -+ if kind == 0 { -+ // The hash function is not supported by the HMAC implementation. -+ return nil ++ var pctx ossl.EVP_PKEY_CTX_PTR ++ if _, err := ossl.EVP_DigestSignInit(mdctx, &pctx, nil, nil, pkey); err != nil { ++ return nil, err ++ } ++ sigParams, err := mldsaSigParams(context, externalMu) ++ if err != nil { ++ return nil, err ++ } ++ if sigParams != nil { ++ defer ossl.OSSL_PARAM_free(sigParams) ++ if _, err := ossl.EVP_PKEY_CTX_set_params(pctx, sigParams); err != nil { ++ return nil, err ++ } + } + -+ hmac := &cryptoKitHMAC{ -+ ptr: C.initHMAC( -+ C.int(kind), -+ base(key), C.int(len(key)), -+ ), -+ kind: kind, -+ key: key, -+ blockSize: h.BlockSize(), -+ size: h.Size(), ++ signature := make([]byte, params.signatureSize) ++ siglen := params.signatureSize ++ if _, err := ossl.EVP_DigestSign(mdctx, signature, &siglen, message); err != nil { ++ return nil, err ++ } ++ if siglen != params.signatureSize { ++ return nil, errors.New("mldsa: unexpected signature length") + } ++ return signature[:siglen], nil ++} + -+ runtime.SetFinalizer(hmac, func(h *cryptoKitHMAC) { -+ C.freeHMAC( -+ C.int(h.kind), -+ h.ptr, -+ ) -+ }) ++func mldsaVerify(params MLDSAParameters, publicKey, message, signature []byte, context string) error { ++ if len(signature) != params.signatureSize { ++ return errors.New("mldsa: invalid signature length") ++ } ++ pkey, err := createMLDSAPublicKey(params.keyType, publicKey) ++ if err != nil { ++ return err ++ } ++ defer ossl.EVP_PKEY_free(pkey) + -+ return hmac ++ return mldsaVerifyWithKey(pkey, message, signature, context, false) +} + -+func (h *cryptoKitHMAC) Write(p []byte) (n int, err error) { -+ C.updateHMAC(C.int(h.kind), -+ h.ptr, -+ (*C.uint8_t)(&*addrNeverEmpty(p)), C.int(len(p))) -+ -+ runtime.KeepAlive(h) ++func mldsaVerifyExternalMu(params MLDSAParameters, publicKey, mu, signature []byte) error { ++ if len(signature) != params.signatureSize { ++ return errors.New("mldsa: invalid signature length") ++ } ++ pkey, err := createMLDSAPublicKey(params.keyType, publicKey) ++ if err != nil { ++ return err ++ } ++ defer ossl.EVP_PKEY_free(pkey) + -+ return len(p), nil ++ return mldsaVerifyWithKey(pkey, mu, signature, "", true) +} + -+func (h *cryptoKitHMAC) Sum(b []byte) []byte { -+ hashSlice := make([]byte, h.size, 64) // explicit cap to allow stack allocation -+ C.finalizeHMAC( -+ C.int(h.kind), -+ h.ptr, -+ base(hashSlice), -+ ) -+ runtime.KeepAlive(h) ++func mldsaVerifyWithKey(pkey ossl.EVP_PKEY_PTR, message, signature []byte, context string, externalMu bool) error { ++ mdctx, err := ossl.EVP_MD_CTX_new() ++ if err != nil { ++ return err ++ } ++ defer ossl.EVP_MD_CTX_free(mdctx) + -+ b = append(b, hashSlice...) ++ var pctx ossl.EVP_PKEY_CTX_PTR ++ if _, err := ossl.EVP_DigestVerifyInit(mdctx, &pctx, nil, nil, pkey); err != nil { ++ return err ++ } ++ sigParams, err := mldsaSigParams(context, externalMu) ++ if err != nil { ++ return err ++ } ++ if sigParams != nil { ++ defer ossl.OSSL_PARAM_free(sigParams) ++ if _, err := ossl.EVP_PKEY_CTX_set_params(pctx, sigParams); err != nil { ++ return err ++ } ++ } + -+ return b ++ if _, err := ossl.EVP_DigestVerify(mdctx, signature, message); err != nil { ++ return errors.New("mldsa: invalid signature") ++ } ++ return nil +} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/mlkem.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/mlkem.go +new file mode 100644 +index 00000000000000..5c2ffbabe92e15 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/mlkem.go +@@ -0,0 +1,369 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. + -+func (h *cryptoKitHMAC) Clone() (HashCloner, error) { -+ if h.ptr == nil { -+ panic("cryptokit: hash already finalized") -+ } ++package openssl + -+ hmac := &cryptoKitHMAC{ptr: C.copyHMAC(C.int(h.kind), h.ptr), kind: h.kind, key: slices.Clone(h.key), blockSize: h.blockSize, size: h.size} ++import ( ++ "errors" ++ "sync" ++ "unsafe" + -+ runtime.KeepAlive(h) ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) + -+ runtime.SetFinalizer(hmac, func(h *cryptoKitHMAC) { -+ C.freeHMAC( -+ C.int(h.kind), -+ h.ptr, -+ ) -+ }) ++const ( ++ // sharedKeySizeMLKEM is the size of a shared key produced by ML-KEM. ++ sharedKeySizeMLKEM = 32 + -+ return hmac, nil -+} ++ // seedSizeMLKEM is the size of a seed used to generate a decapsulation key. ++ seedSizeMLKEM = 64 + -+func (h *cryptoKitHMAC) Reset() { -+ C.freeHMAC( -+ C.int(h.kind), -+ h.ptr, -+ ) ++ // ciphertextSizeMLKEM768 is the size of a ciphertext produced by ML-KEM-768. ++ ciphertextSizeMLKEM768 = 1088 + -+ h.ptr = C.initHMAC( -+ C.int(h.kind), -+ (*C.uint8_t)(&*addrNeverEmpty(h.key)), C.int(len(h.key)), -+ ) ++ // encapsulationKeySizeMLKEM768 is the size of an ML-KEM-768 encapsulation key. ++ encapsulationKeySizeMLKEM768 = 1184 + -+ runtime.KeepAlive(h) -+} ++ // ciphertextSizeMLKEM1024 is the size of a ciphertext produced by ML-KEM-1024. ++ ciphertextSizeMLKEM1024 = 1568 + -+func (h *cryptoKitHMAC) Size() int { -+ return h.size ++ // encapsulationKeySizeMLKEM1024 is the size of an ML-KEM-1024 encapsulation key. ++ encapsulationKeySizeMLKEM1024 = 1568 ++) ++ ++// SupportsMLKEM768 returns true if ML-KEM-768 is supported on this platform. ++func SupportsMLKEM768() bool { ++ return supportsMLKEM768() +} + -+func (h *cryptoKitHMAC) BlockSize() int { -+ return h.blockSize ++// SupportsMLKEM1024 returns true if ML-KEM-1024 is supported on this platform. ++func SupportsMLKEM1024() bool { ++ return supportsMLKEM1024() +} + -+func hashToHMACEnum(h hash.Hash) int { -+ switch h.(type) { -+ case MD5Hash: -+ return 1 -+ case SHA1Hash: -+ return 2 -+ case SHA256Hash: -+ return 3 -+ case SHA384Hash: -+ return 4 -+ case SHA512Hash: -+ return 5 -+ default: -+ return 0 ++var supportsMLKEM768 = sync.OnceValue(func() bool { ++ // EVP_KEYMGMT_fetch was added in OpenSSL 3.0; if it is not available we ++ // are on 1.x and ML-KEM is not supported. On 3.0–3.4 the fetch returns ++ // nil for the ML-KEM algorithm name, which the probe reports as false. ++ if !ossl.EVP_KEYMGMT_fetch_Available() { ++ return false ++ } ++ sig, _ := ossl.EVP_KEYMGMT_fetch(nil, _KeyTypeMLKEM768.ptr(), nil) ++ if sig == nil { ++ return false ++ } ++ ossl.EVP_KEYMGMT_free(sig) ++ return true ++}) ++ ++var supportsMLKEM1024 = sync.OnceValue(func() bool { ++ if !ossl.EVP_KEYMGMT_fetch_Available() { ++ return false ++ } ++ sig, _ := ossl.EVP_KEYMGMT_fetch(nil, _KeyTypeMLKEM1024.ptr(), nil) ++ if sig == nil { ++ return false ++ } ++ ossl.EVP_KEYMGMT_free(sig) ++ return true ++}) ++ ++// DecapsulationKeyMLKEM768 is the secret key used to decapsulate a shared key ++// from a ciphertext. It includes various precomputed values. ++type DecapsulationKeyMLKEM768 [seedSizeMLKEM]byte ++ ++// GenerateKeyMLKEM768 generates a new decapsulation key, drawing random bytes from ++// the default crypto/rand source. The decapsulation key must be kept secret. ++func GenerateKeyMLKEM768() (DecapsulationKeyMLKEM768, error) { ++ var dk DecapsulationKeyMLKEM768 ++ if err := generateMLKEMSeed(ossl.EVP_PKEY_MLKEM_768, dk[:]); err != nil { ++ return DecapsulationKeyMLKEM768{}, err + } ++ return dk, nil +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/aes.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/aes.go -new file mode 100644 -index 00000000000000..c9611eef5e2697 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/aes.go -@@ -0,0 +1,336 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. + -+//go:build darwin ++// NewDecapsulationKeyMLKEM768 expands a decapsulation key from a 64-byte seed in the ++// "d || z" form. The seed must be uniformly random. ++func NewDecapsulationKeyMLKEM768(seed []byte) (DecapsulationKeyMLKEM768, error) { ++ if len(seed) != seedSizeMLKEM { ++ return DecapsulationKeyMLKEM768{}, errors.New("mlkem: invalid seed size") ++ } + -+package xcrypto ++ var dk DecapsulationKeyMLKEM768 ++ copy(dk[:], seed) ++ return dk, nil ++} + -+// #include -+import "C" -+import ( -+ "crypto/cipher" -+ "errors" -+ "slices" ++// Bytes returns the decapsulation key as a 64-byte seed in the "d || z" form. ++// ++// The decapsulation key must be kept secret. ++func (dk DecapsulationKeyMLKEM768) Bytes() []byte { ++ return dk[:] ++} + -+ "github.com/microsoft/go-crypto-darwin/internal/cryptokit" -+) ++// Decapsulate generates a shared key from a ciphertext and a decapsulation ++// key. If the ciphertext is not valid, Decapsulate returns an error. ++// ++// The shared key must be kept secret. ++func (dk DecapsulationKeyMLKEM768) Decapsulate(ciphertext []byte) (sharedKey []byte, err error) { ++ return performDecapsulation(ossl.NID_ML_KEM_768, dk[:], ciphertext) ++} + -+//go:generate go run github.com/microsoft/go-crypto-darwin/cmd/gentestvectors -out vectors_test.go ++// EncapsulationKey returns the public encapsulation key necessary to produce ++// ciphertexts. ++func (dk DecapsulationKeyMLKEM768) EncapsulationKey() EncapsulationKeyMLKEM768 { ++ ekBytes := extractEncapsulationKeyBytes(ossl.NID_ML_KEM_768, dk[:], encapsulationKeySizeMLKEM768) ++ var ek EncapsulationKeyMLKEM768 ++ copy(ek[:], ekBytes) ++ return ek ++} + -+type cipherGCMTLS uint8 ++// An EncapsulationKeyMLKEM768 is the public key used to produce ciphertexts to be ++// decapsulated by the corresponding DecapsulationKeyMLKEM768. ++type EncapsulationKeyMLKEM768 [encapsulationKeySizeMLKEM768]byte + -+const ( -+ cipherGCMTLSNone cipherGCMTLS = iota -+ cipherGCMTLS12 -+ cipherGCMTLS13 -+) ++// NewEncapsulationKeyMLKEM768 parses an encapsulation key from its encoded form. If ++// the encapsulation key is not valid, NewEncapsulationKeyMLKEM768 returns an error. ++func NewEncapsulationKeyMLKEM768(encapsulationKey []byte) (EncapsulationKeyMLKEM768, error) { ++ if len(encapsulationKey) != encapsulationKeySizeMLKEM768 { ++ return EncapsulationKeyMLKEM768{}, errors.New("mlkem: invalid encapsulation key size") ++ } + -+const ( -+ // AES block size is the same for all key sizes -+ aesBlockSize = C.kCCBlockSizeAES128 -+ gcmTagSize = 16 -+ gcmStandardNonceSize = 12 -+ // TLS 1.2 additional data is constructed as: -+ // -+ // additional_data = seq_num(8) + TLSCompressed.type(1) + TLSCompressed.version(2) + TLSCompressed.length(2); -+ gcmTls12AddSize = 13 -+ // TLS 1.3 additional data is constructed as: -+ // -+ // additional_data = TLSCiphertext.opaque_type(1) || TLSCiphertext.legacy_record_version(2) || TLSCiphertext.length(2) -+ gcmTls13AddSize = 5 -+ gcmTlsFixedNonceSize = 4 -+) ++ var ek EncapsulationKeyMLKEM768 ++ copy(ek[:], encapsulationKey) ++ return ek, nil ++} + -+type aesCipher struct { -+ key []byte -+ kind C.CCAlgorithm ++// Bytes returns the encapsulation key as a byte slice. ++func (ek EncapsulationKeyMLKEM768) Bytes() []byte { ++ return ek[:] +} + -+func NewAESCipher(key []byte) (cipher.Block, error) { -+ var alg C.CCAlgorithm -+ switch len(key) { -+ case 16, 24, 32: -+ alg = C.kCCAlgorithmAES -+ default: -+ return nil, errors.New("crypto/aes: invalid key size") ++// Encapsulate generates a shared key and an associated ciphertext from an ++// encapsulation key, drawing random bytes from the default crypto/rand source. ++// ++// The shared key must be kept secret. ++func (ek EncapsulationKeyMLKEM768) Encapsulate() (sharedKey, ciphertext []byte) { ++ return performEncapsulation(ossl.NID_ML_KEM_768, ciphertextSizeMLKEM768, ek[:]) ++} ++ ++func performEncapsulation(id int32, ciphertextSize int, ek []byte) (sharedKey, ciphertext []byte) { ++ pkey, err := createMLKEMPublicKey(id, ek) ++ if err != nil { ++ panic(err) + } -+ c := &aesCipher{ -+ key: slices.Clone(key), -+ kind: alg, ++ defer ossl.EVP_PKEY_free(pkey) ++ ++ // Create encapsulation context ++ ctx, err := ossl.EVP_PKEY_CTX_new_from_pkey(nil, pkey, nil) ++ if err != nil { ++ panic(err) + } -+ return c, nil ++ defer ossl.EVP_PKEY_CTX_free(ctx) ++ ++ // Initialize encapsulation ++ if _, err := ossl.EVP_PKEY_encapsulate_init(ctx, nil); err != nil { ++ panic(err) ++ } ++ ++ // Perform encapsulation - allocate buffers based on the key size ++ sharedKey = make([]byte, sharedKeySizeMLKEM) ++ ciphertext = make([]byte, ciphertextSize) ++ ++ sharedKeyLen := len(sharedKey) ++ ciphertextLen := len(ciphertext) ++ ++ if _, err := ossl.EVP_PKEY_encapsulate(ctx, base(ciphertext), &ciphertextLen, base(sharedKey), &sharedKeyLen); err != nil { ++ panic(err) ++ } ++ ++ return sharedKey[:sharedKeyLen], ciphertext[:ciphertextLen] +} + -+func (c *aesCipher) BlockSize() int { return aesBlockSize } ++func performDecapsulation(id int32, seed, ciphertext []byte) (sharedKey []byte, err error) { ++ if len(ciphertext) == 0 { ++ return nil, errors.New("mlkem: invalid ciphertext size") ++ } + -+func (c *aesCipher) Encrypt(dst, src []byte) { -+ blockSize := c.BlockSize() -+ if len(src) < blockSize || len(dst) < blockSize { -+ panic("crypto/aes: input or output block is too small") ++ pkey, err := createMLKEMPrivateKey(id, seed) ++ if err != nil { ++ return nil, err + } ++ defer ossl.EVP_PKEY_free(pkey) + -+ src, dst = src[:blockSize], dst[:blockSize] ++ // Create decapsulation context ++ ctx, err := ossl.EVP_PKEY_CTX_new_from_pkey(nil, pkey, nil) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_PKEY_CTX_free(ctx) + -+ if inexactOverlap(dst, src) { -+ panic("crypto/aes: invalid buffer overlap") ++ // Initialize decapsulation ++ if _, err := ossl.EVP_PKEY_decapsulate_init(ctx, nil); err != nil { ++ return nil, err + } + -+ status := C.CCCrypt( -+ C.kCCEncrypt, // Operation -+ C.CCAlgorithm(c.kind), // Algorithm -+ 0, // Options -+ pbase(c.key), // Key -+ C.size_t(len(c.key)), // Key length -+ nil, // IV -+ pbase(src), // Input -+ C.size_t(blockSize), // Input length -+ pbase(dst), // Output -+ C.size_t(blockSize), // Output length -+ nil, // Output length -+ ) -+ if status != C.kCCSuccess { -+ panic("crypto/aes: encryption failed") ++ // Perform decapsulation ++ sharedKey = make([]byte, sharedKeySizeMLKEM) ++ sharedKeyLen := len(sharedKey) ++ if _, err := ossl.EVP_PKEY_decapsulate(ctx, base(sharedKey), &sharedKeyLen, base(ciphertext), len(ciphertext)); err != nil { ++ return nil, err + } ++ ++ return sharedKey[:sharedKeyLen], nil +} + -+func (c *aesCipher) Decrypt(dst, src []byte) { -+ blockSize := c.BlockSize() -+ if len(src) < blockSize || len(dst) < blockSize { -+ panic("crypto/aes: input or output block is too small") -+ } ++// DecapsulationKeyMLKEM1024 is the secret key used to decapsulate a shared key ++// from a ciphertext. It includes various precomputed values. ++type DecapsulationKeyMLKEM1024 [seedSizeMLKEM]byte + -+ src, dst = src[:blockSize], dst[:blockSize] ++// GenerateKeyMLKEM1024 generates a new decapsulation key, drawing random bytes from ++// the default crypto/rand source. The decapsulation key must be kept secret. ++func GenerateKeyMLKEM1024() (DecapsulationKeyMLKEM1024, error) { ++ var dk DecapsulationKeyMLKEM1024 ++ if err := generateMLKEMSeed(ossl.EVP_PKEY_MLKEM_1024, dk[:]); err != nil { ++ return DecapsulationKeyMLKEM1024{}, err ++ } ++ return dk, nil ++} + -+ if inexactOverlap(dst, src) { -+ panic("crypto/aes: invalid buffer overlap") ++// NewDecapsulationKeyMLKEM1024 expands a decapsulation key from a 64-byte seed in the ++// "d || z" form. The seed must be uniformly random. ++func NewDecapsulationKeyMLKEM1024(seed []byte) (DecapsulationKeyMLKEM1024, error) { ++ if len(seed) != seedSizeMLKEM { ++ return DecapsulationKeyMLKEM1024{}, errors.New("mlkem: invalid seed size") + } + -+ status := C.CCCrypt( -+ C.kCCDecrypt, // Operation -+ C.CCAlgorithm(c.kind), // Algorithm -+ 0, // Options -+ pbase(c.key), // Key -+ C.size_t(len(c.key)), // Key length -+ nil, // IV -+ pbase(src), // Input -+ C.size_t(blockSize), // Input length -+ pbase(dst), // Output -+ C.size_t(blockSize), // Output length -+ nil, // Output length -+ ) -+ if status != C.kCCSuccess { -+ panic("crypto/aes: decryption failed") ++ var dk DecapsulationKeyMLKEM1024 ++ copy(dk[:], seed) ++ return dk, nil ++} ++ ++// Bytes returns the decapsulation key as a 64-byte seed in the "d || z" form. ++// ++// The decapsulation key must be kept secret. ++func (dk DecapsulationKeyMLKEM1024) Bytes() []byte { ++ return dk[:] ++} ++ ++// Decapsulate generates a shared key from a ciphertext and a decapsulation ++// key. If the ciphertext is not valid, Decapsulate returns an error. ++// ++// The shared key must be kept secret. ++func (dk DecapsulationKeyMLKEM1024) Decapsulate(ciphertext []byte) (sharedKey []byte, err error) { ++ return performDecapsulation(ossl.NID_ML_KEM_1024, dk[:], ciphertext) ++} ++ ++// EncapsulationKey returns the public encapsulation key necessary to produce ++// ciphertexts. ++func (dk DecapsulationKeyMLKEM1024) EncapsulationKey() EncapsulationKeyMLKEM1024 { ++ ekBytes := extractEncapsulationKeyBytes(ossl.NID_ML_KEM_1024, dk[:], encapsulationKeySizeMLKEM1024) ++ var ek EncapsulationKeyMLKEM1024 ++ copy(ek[:], ekBytes) ++ return ek ++} ++ ++// An EncapsulationKeyMLKEM1024 is the public key used to produce ciphertexts to be ++// decapsulated by the corresponding DecapsulationKeyMLKEM1024. ++type EncapsulationKeyMLKEM1024 [encapsulationKeySizeMLKEM1024]byte ++ ++// NewEncapsulationKeyMLKEM1024 parses an encapsulation key from its encoded form. If ++// the encapsulation key is not valid, NewEncapsulationKeyMLKEM1024 returns an error. ++func NewEncapsulationKeyMLKEM1024(encapsulationKey []byte) (EncapsulationKeyMLKEM1024, error) { ++ if len(encapsulationKey) != encapsulationKeySizeMLKEM1024 { ++ return EncapsulationKeyMLKEM1024{}, errors.New("mlkem: invalid encapsulation key size") + } ++ ++ var ek EncapsulationKeyMLKEM1024 ++ copy(ek[:], encapsulationKey) ++ return ek, nil +} + -+type aesGCM struct { -+ key []byte -+ tls cipherGCMTLS -+ // minNextNonce is the minimum value that the next nonce can be, enforced by -+ // all TLS modes. -+ minNextNonce uint64 -+ // mask is the nonce mask used in TLS 1.3 mode. -+ mask uint64 -+ // maskInitialized is true if mask has been initialized. This happens during -+ // the first Seal. The initialized mask may be 0. Used by TLS 1.3 mode. -+ maskInitialized bool ++// Bytes returns the encapsulation key as a byte slice. ++func (ek EncapsulationKeyMLKEM1024) Bytes() []byte { ++ return ek[:] +} + -+type noGCM struct { -+ cipher.Block ++// Encapsulate generates a shared key and an associated ciphertext from an ++// encapsulation key, drawing random bytes from the default crypto/rand source. ++// ++// The shared key must be kept secret. ++func (ek EncapsulationKeyMLKEM1024) Encapsulate() (sharedKey, ciphertext []byte) { ++ return performEncapsulation(ossl.NID_ML_KEM_1024, ciphertextSizeMLKEM1024, ek[:]) +} + -+// NewGCM constructs a GCM block mode for AES using the cryptokit package -+func (c *aesCipher) NewGCM(nonceSize, tagSize int) (cipher.AEAD, error) { -+ if nonceSize != gcmStandardNonceSize && tagSize != gcmTagSize { -+ return nil, errors.New("crypto/aes: GCM tag and nonce sizes can't be non-standard at the same time") ++// Helper functions ++ ++// generateMLKEMSeed generates a new ML-KEM seed by creating a key and extracting its seed parameter. ++func generateMLKEMSeed(keyType int32, seed []byte) error { ++ pkey, err := generateEVPPKey(keyType, 0, "") ++ if err != nil { ++ return err + } -+ // Fall back to standard library for GCM with non-standard nonce or tag size. -+ if nonceSize != gcmStandardNonceSize { -+ return cipher.NewGCMWithNonceSize(&noGCM{c}, nonceSize) ++ defer ossl.EVP_PKEY_free(pkey) ++ ++ _, err = ossl.EVP_PKEY_get_octet_string_param(pkey, _OSSL_PKEY_PARAM_ML_KEM_SEED.ptr(), seed, nil) ++ return err ++} ++ ++// createMLKEMPrivateKey creates an ML-KEM private key from a seed ++func createMLKEMPrivateKey(id int32, seed []byte) (ossl.EVP_PKEY_PTR, error) { ++ if len(seed) != seedSizeMLKEM { ++ return nil, errors.New("mlkem: invalid seed size") + } -+ if tagSize != gcmTagSize { -+ return cipher.NewGCMWithTagSize(&noGCM{c}, tagSize) ++ ++ bld := newParamBuilder() ++ defer bld.finalize() ++ ++ bld.addOctetString(_OSSL_PKEY_PARAM_ML_KEM_SEED, seed) ++ ++ params, err := bld.build() ++ if err != nil { ++ return nil, err + } -+ return &aesGCM{key: c.key, tls: cipherGCMTLSNone}, nil ++ defer ossl.OSSL_PARAM_free(params) ++ ++ return newEvpFromParams(id, ossl.EVP_PKEY_KEYPAIR, params) +} + -+func (g *aesGCM) NonceSize() int { return gcmStandardNonceSize } ++// createMLKEMPublicKey creates an ML-KEM public key from encoded bytes. ++func createMLKEMPublicKey(id int32, pubKeyBytes []byte) (ossl.EVP_PKEY_PTR, error) { ++ bld := newParamBuilder() ++ defer bld.finalize() + -+func (g *aesGCM) Overhead() int { return gcmTagSize } ++ bld.addOctetString(_OSSL_PKEY_PARAM_PUB_KEY, pubKeyBytes) + -+func (g *aesGCM) Seal(dst, nonce, plaintext, additionalData []byte) []byte { -+ if len(nonce) != gcmStandardNonceSize { -+ panic("cipher: incorrect nonce length given to GCM") ++ params, err := bld.build() ++ if err != nil { ++ return nil, err + } -+ if uint64(len(plaintext)) > ((1<<32)-2)*aesBlockSize || len(plaintext)+gcmTagSize < len(plaintext) { -+ panic("cipher: message too large for GCM") ++ defer ossl.OSSL_PARAM_free(params) ++ ++ return newEvpFromParams(id, ossl.EVP_PKEY_PUBLIC_KEY, params) ++} ++ ++// extractEncapsulationKeyBytes extracts the encapsulation key bytes from a decapsulation key. ++func extractEncapsulationKeyBytes(id int32, seed []byte, expectedSize int) []byte { ++ pkey, err := createMLKEMPrivateKey(id, seed) ++ if err != nil { ++ panic(err) + } -+ if len(dst)+len(plaintext)+gcmTagSize < len(dst) { -+ panic("cipher: message too large for buffer") ++ defer ossl.EVP_PKEY_free(pkey) ++ ++ // Extract public key bytes ++ var pubBytes *byte ++ pubLen, err := ossl.EVP_PKEY_get1_encoded_public_key(pkey, &pubBytes) ++ if err != nil { ++ panic(err) + } ++ defer cryptoFree(unsafe.Pointer(pubBytes)) + -+ if g.tls != cipherGCMTLSNone { -+ if g.tls == cipherGCMTLS12 && len(additionalData) != gcmTls12AddSize { -+ panic("cipher: incorrect additional data length given to GCM TLS 1.2") -+ } else if g.tls == cipherGCMTLS13 && len(additionalData) != gcmTls13AddSize { -+ panic("cipher: incorrect additional data length given to GCM TLS 1.3") -+ } -+ counter := bigUint64(nonce[gcmTlsFixedNonceSize:]) ++ if pubLen != expectedSize { ++ panic(errors.New("mlkem: invalid encapsulation key size")) ++ } + -+ // TLS 1.3 Masking -+ if g.tls == cipherGCMTLS13 { -+ if !g.maskInitialized { -+ g.mask = counter -+ g.maskInitialized = true -+ } -+ // Apply mask to the counter -+ counter ^= g.mask -+ } ++ // Copy the bytes before pubBytes is freed ++ result := make([]byte, pubLen) ++ copy(result, unsafe.Slice(pubBytes, pubLen)) ++ return result ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl.go +new file mode 100644 +index 00000000000000..94fd563ac87978 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl.go +@@ -0,0 +1,183 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++// Package openssl provides access to OpenSSL cryptographic functions. ++package openssl ++ ++import ( ++ "errors" ++ "math/bits" ++ "strconv" ++ "sync" ++ "unsafe" ++ ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++ "github.com/microsoft/go-crypto-openssl/osslsetup" ++) + -+ // Enforce monotonicity and max limit -+ const maxUint64 = 1<<64 - 1 -+ if counter == maxUint64 { -+ panic("cipher: nonce counter must be less than 2^64 - 1") -+ } -+ if counter < g.minNextNonce { -+ panic("cipher: nonce counter must be strictly monotonically increasing") -+ } ++var isBigEndian = sync.OnceValue(func() bool { ++ buf := [2]byte{} ++ *(*uint16)(unsafe.Pointer(&buf[0])) = uint16(0xABCD) + -+ defer func() { -+ g.minNextNonce = counter + 1 -+ }() ++ switch buf { ++ case [2]byte{0xCD, 0xAB}: ++ return false ++ case [2]byte{0xAB, 0xCD}: ++ return true ++ default: ++ panic("Could not determine native endianness.") + } ++}) + -+ // Make room in dst to append plaintext+overhead. -+ ret, out := sliceForAppend(dst, len(plaintext)+gcmTagSize) ++func major() int { ++ return osslsetup.VersionMajor() ++} + -+ // Check delayed until now to make sure len(dst) is accurate. -+ if inexactOverlap(out, plaintext) { -+ panic("cipher: invalid buffer overlap") -+ } ++func minor() int { ++ return osslsetup.VersionMinor() ++} + -+ tag := out[len(out)-gcmTagSize:] -+ err := cryptokit.EncryptAESGCM(g.key, plaintext, nonce, additionalData, out[:len(out)-gcmTagSize], tag) -+ if err != 0 { -+ panic("cipher: encryption failed") -+ } -+ return ret ++func patch() int { ++ return osslsetup.VersionPatch() +} + -+func (g *aesGCM) SealWithRandomNonce(out, nonce, plaintext, additionalData []byte) { -+ if uint64(len(plaintext)) > uint64((1<<32)-2)*aesBlockSize { -+ panic("crypto/cipher: message too large for GCM") -+ } -+ if len(nonce) != gcmStandardNonceSize { -+ panic("crypto/cipher: incorrect nonce length given to GCMWithRandomNonce") -+ } -+ if len(out) != len(plaintext)+gcmTagSize { -+ panic("crypto/cipher: incorrect output length given to GCMWithRandomNonce") -+ } -+ if inexactOverlap(out, plaintext) { -+ panic("crypto/cipher: invalid buffer overlap of output and input") -+ } -+ if anyOverlap(out, additionalData) { -+ panic("crypto/cipher: invalid buffer overlap of output and additional data") -+ } ++func utoa(n int) string { ++ return strconv.FormatUint(uint64(n), 10) ++} + -+ if g.tls != cipherGCMTLSNone { -+ panic("cipher: TLS 1.2 and 1.3 modes do not support random nonce") -+ } ++func errUnsupportedVersion() error { ++ return errors.New("openssl: unsupported OpenSSL version: " + utoa(major()) + "." + utoa(minor()) + "." + utoa(patch()) + " (minimum supported version is 1.1.1)") ++} + -+ tag := out[len(out)-gcmTagSize:] -+ // Generate a random nonce -+ RandReader.Read(nonce) -+ err := cryptokit.EncryptAESGCM(g.key, plaintext, nonce, additionalData, out[:len(out)-gcmTagSize], tag) -+ if err != 0 { -+ panic("cipher: encryption failed") ++// checkMajorVersion panics if the current major version is not one of the expected versions. ++func checkMajorVersion(expected ...int) { ++ for _, v := range expected { ++ if major() == v { ++ return ++ } + } ++ panic("openssl: incorrect major version (" + strconv.Itoa(major()) + ")") +} + -+var errOpen = errors.New("cipher: message authentication failed") ++type fail string + -+func (g *aesGCM) Open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error) { -+ if len(nonce) != gcmStandardNonceSize { -+ panic("cipher: incorrect nonce length given to GCM") -+ } -+ if len(ciphertext) < gcmTagSize { -+ return nil, errOpen -+ } -+ if uint64(len(ciphertext)) > ((1<<32)-2)*aesBlockSize+gcmTagSize { -+ return nil, errOpen -+ } -+ // BoringCrypto does not do any TLS check when decrypting, neither do we. ++func (e fail) Error() string { return "openssl: " + string(e) + " failed" } + -+ // Ensure we don't process if ciphertext lacks both ciphertext and tag -+ if len(ciphertext) < gcmTagSize { -+ return nil, errors.New("decryption failed: ciphertext too short for tag") ++// sliceNeverNil returns b if non-nil, and a non-nil zero-length slice otherwise. ++func sliceNeverNil(b []byte) []byte { ++ if b == nil { ++ return []byte{} + } ++ return b ++} + -+ tag := ciphertext[len(ciphertext)-gcmTagSize:] -+ ciphertext = ciphertext[:len(ciphertext)-gcmTagSize] ++// base returns the address of the underlying array in b, ++// being careful not to panic when b has zero length. ++func base(b []byte) *byte { ++ if len(b) == 0 { ++ return nil ++ } ++ return unsafe.SliceData(b) ++} + -+ // Make room in dst to append ciphertext without tag. -+ ret, out := sliceForAppend(dst, len(ciphertext)) ++//go:linkname throw runtime.throw ++func throw(string) + -+ // Check delayed until now to make sure len(dst) is accurate. -+ if inexactOverlap(out, ciphertext) { -+ panic("cipher: invalid buffer overlap") ++// cryptoMalloc allocates n bytes of memory on the OpenSSL heap, which may be ++// different from the heap which C.malloc allocates on. The allocated object ++// must be freed using cryptoFree. cryptoMalloc is equivalent to the ++// OPENSSL_malloc macro. ++// ++// Like C.malloc, this function is guaranteed to never return nil. If OpenSSL's ++// malloc indicates out of memory, it crashes the program. ++// ++// Only objects which the OpenSSL library will take ownership of (i.e. will be ++// freed by OPENSSL_free / CRYPTO_free) need to be allocated on the OpenSSL ++// heap. ++func cryptoMalloc(n int) unsafe.Pointer { ++ p, _ := ossl.CRYPTO_malloc(n, nil, 0) ++ if p == nil { ++ // Un-recover()-ably crash the program in the same manner as the ++ // C.malloc() wrapper function. ++ throw("openssl: CRYPTO_malloc failed") + } ++ return p ++} + -+ decSize, err := cryptokit.DecryptAESGCM(g.key, ciphertext, nonce, additionalData, tag, out) -+ if err != 0 || int(decSize) != len(ciphertext) { -+ // If the decrypted data size does not match, zero out `out` and return `errOpen` -+ for i := range out { -+ out[i] = 0 ++// cryptoFree frees an object allocated on the OpenSSL heap, which may be ++// different from the heap which C.malloc allocates on. cryptoFree is equivalent ++// to the OPENSSL_free macro. ++func cryptoFree(p unsafe.Pointer) { ++ ossl.CRYPTO_free(p, nil, 0) ++} ++ ++const wordBytes = bits.UintSize / 8 ++ ++// Reverse each limb of z. ++func (z BigInt) byteSwap() { ++ for i, d := range z { ++ var n uint = 0 ++ for j := range wordBytes { ++ n |= uint(byte(d)) << (8 * (wordBytes - j - 1)) ++ d >>= 8 + } -+ return nil, errOpen ++ z[i] = n + } -+ return ret, nil +} + -+// NewGCMTLS returns a GCM cipher specific to TLS -+// and should not be used for non-TLS purposes. -+func NewGCMTLS(block cipher.Block) (cipher.AEAD, error) { -+ cipher, ok := block.(*aesCipher) -+ if !ok { -+ return nil, errors.New("crypto/aes: invalid block cipher") ++func wbase(b BigInt) *byte { ++ if len(b) == 0 { ++ return nil + } -+ return &aesGCM{key: cipher.key, tls: cipherGCMTLS12}, nil ++ return (*byte)(unsafe.Pointer(unsafe.SliceData(b))) +} + -+// NewGCMTLS13 returns a GCM cipher specific to TLS 1.3 and should not be used -+// for non-TLS purposes. -+func NewGCMTLS13(block cipher.Block) (cipher.AEAD, error) { -+ cipher, ok := block.(*aesCipher) -+ if !ok { -+ return nil, errors.New("crypto/aes: invalid block cipher") ++func bigToBN(x BigInt) (ossl.BIGNUM_PTR, error) { ++ if len(x) == 0 { ++ return nil, nil + } -+ return &aesGCM{key: cipher.key, tls: cipherGCMTLS13}, nil ++ if isBigEndian() { ++ z := make(BigInt, len(x)) ++ copy(z, x) ++ z.byteSwap() ++ x = z ++ } ++ // Limbs are always ordered in LSB first, so we can safely apply ++ // BN_lebin2bn regardless of host endianness. ++ bn, err := ossl.BN_lebin2bn(unsafe.Slice(wbase(x), len(x)*wordBytes), nil) ++ if err != nil { ++ return nil, err ++ } ++ return bn, nil +} + -+func (c *aesCipher) NewCBCEncrypter(iv []byte) cipher.BlockMode { -+ return newCBC(C.kCCEncrypt, c.kind, c.key, iv) -+} ++func bnToBig(bn ossl.BIGNUM_PTR) BigInt { ++ if bn == nil { ++ return nil ++ } + -+func (c *aesCipher) NewCBCDecrypter(iv []byte) cipher.BlockMode { -+ return newCBC(C.kCCDecrypt, c.kind, c.key, iv) ++ // Limbs are always ordered in LSB first, so we can safely apply ++ // BN_bn2lebinpad regardless of host endianness. ++ x := make(BigInt, ossl.BN_num_bits(bn)) ++ if _, err := ossl.BN_bn2lebinpad(bn, unsafe.Slice(wbase(x), len(x)*wordBytes)); err != nil { ++ panic(err) ++ } ++ if isBigEndian() { ++ x.byteSwap() ++ } ++ return x +} + -+// sliceForAppend is a mirror of crypto/cipher.sliceForAppend. -+func sliceForAppend(in []byte, n int) (head, tail []byte) { -+ if total := len(in) + n; cap(in) >= total { -+ head = in[:total] -+ } else { -+ head = make([]byte, total) -+ copy(head, in) -+ } -+ tail = head[len(in):] -+ return ++// bnToBinPad converts the absolute value of bn into big-endian form and stores ++// it at to, padding with zeroes if necessary. If len(to) is not large enough to ++// hold the result, an error is returned. ++func bnToBinPad(bn ossl.BIGNUM_PTR, to []byte) error { ++ _, err := ossl.BN_bn2binpad(bn, to) ++ return err +} + -+func bigUint64(b []byte) uint64 { -+ _ = b[7] // bounds check hint to compiler; see go.dev/issue/14808 ++func bigEndianUint64(b []byte) uint64 { ++ _ = b[7] // bounds check hint to compiler; see golang.org/issue/14808 + return uint64(b[7]) | uint64(b[6])<<8 | uint64(b[5])<<16 | uint64(b[4])<<24 | + uint64(b[3])<<32 | uint64(b[2])<<40 | uint64(b[1])<<48 | uint64(b[0])<<56 +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/big.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/big.go +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl_cgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl_cgo.go new file mode 100644 -index 00000000000000..865e22ab6a3dda +index 00000000000000..092c8046462b6f --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/big.go -@@ -0,0 +1,16 @@ ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl_cgo.go +@@ -0,0 +1,17 @@ +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT License. + -+package xcrypto ++package openssl + -+// This file does not have build constraints to -+// facilitate using BigInt in Go crypto. -+// Go crypto references BigInt unconditionally, -+// even if it is not finally used. ++import "C" ++import "unsafe" + -+// A BigInt is the big-endian bytes from a math/big BigInt, -+// which are normalized to remove any leading 0 byte. -+// Windows BCrypt accepts this specific data format. -+// This definition allows us to avoid importing math/big. -+// Conversion between BigInt and *big.Int is in xcrypto/bbig. -+type BigInt []byte -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/cgo_go124.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/cgo_go124.go ++// goString converts a C string pointer to a Go string for cgo mode ++func goString(ptr *byte) string { ++ return C.GoString((*C.char)(unsafe.Pointer(ptr))) ++} ++ ++// goBytes converts a C byte array to a Go byte slice for cgo mode ++func goBytes(ptr unsafe.Pointer, length int) []byte { ++ return C.GoBytes(ptr, C.int(length)) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl_nocgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl_nocgo.go new file mode 100644 -index 00000000000000..02f265fe56b592 +index 00000000000000..5dc44cacea9c05 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/cgo_go124.go -@@ -0,0 +1,23 @@ ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl_nocgo.go +@@ -0,0 +1,35 @@ +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT License. + -+//go:build go1.24 && darwin ++//go:build !cgo + -+package xcrypto ++package openssl + -+// The following noescape and nocallback directives are used to prevent the Go -+// compiler from allocating function parameters on the heap. See -+// https://github.com/golang/go/blob/0733682e5ff4cd294f5eccb31cbe87a543147bc6/src/cmd/cgo/doc.go#L439-L461 -+// -+// If possible, write a C wrapper function to optimize a call rather than using -+// this feature so the optimization will work for all supported Go versions. -+// -+// This is just a performance optimization. Only add functions that have been -+// observed to benefit from these directives, not every function that is merely -+// expected to meet the noescape/nocallback criteria. ++import "unsafe" + -+/* -+#cgo noescape SecRandomCopyBytes -+#cgo nocallback SecRandomCopyBytes -+*/ -+import "C" -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/cipher.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/cipher.go ++// goString converts a C string pointer to a Go string for nocgo mode ++func goString(ptr *byte) string { ++ if ptr == nil { ++ return "" ++ } ++ var result []byte ++ for i := 0; ; i++ { ++ b := *(*byte)(unsafe.Pointer(uintptr(unsafe.Pointer(ptr)) + uintptr(i))) ++ if b == 0 { ++ break ++ } ++ result = append(result, b) ++ } ++ return string(result) ++} ++ ++// goBytes converts a C byte array to a Go byte slice for nocgo mode ++func goBytes(ptr unsafe.Pointer, length int) []byte { ++ if ptr == nil || length == 0 { ++ return nil ++ } ++ // Copy the data to Go memory, similar to C.GoBytes ++ result := make([]byte, length) ++ copy(result, unsafe.Slice((*byte)(ptr), length)) ++ return result ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/params.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/params.go new file mode 100644 -index 00000000000000..9f3a8f92bd43fc +index 00000000000000..8bd651d6493707 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/cipher.go -@@ -0,0 +1,122 @@ ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/params.go +@@ -0,0 +1,191 @@ +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT License. + -+//go:build darwin -+ -+package xcrypto -+ -+// #include -+import "C" ++package openssl + +import ( + "runtime" + "unsafe" ++ ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" +) + -+type cbcCipher struct { -+ blockSize int -+ cryptor C.CCCryptorRef ++type addParamError struct { ++ name string ++ err error +} + -+func newCBC(operation C.CCOperation, kind C.CCAlgorithm, key, iv []byte) *cbcCipher { -+ var blockSize int -+ switch kind { -+ case C.kCCAlgorithmAES: -+ blockSize = aesBlockSize -+ case C.kCCAlgorithmDES, C.kCCAlgorithm3DES: -+ blockSize = desBlockSize -+ default: -+ panic("invalid algorithm") ++func (e addParamError) Error() string { ++ return "failed to add parameter " + e.name + ": " + e.err.Error() ++} ++ ++type bnParam struct { ++ value ossl.BIGNUM_PTR ++ private bool ++} ++ ++// paramBuilder is a helper for building OSSL_PARAMs. ++// If an error occurs when adding a new parameter, ++// subsequent calls to add parameters are ignored ++// and build() will return the error. ++type paramBuilder struct { ++ bld ossl.OSSL_PARAM_BLD_PTR ++ pinner runtime.Pinner ++ bnToFree []bnParam ++ ++ err error ++} ++ ++// newParamBuilder creates a new paramBuilder. ++// [paramBuilder.finalize] must be called to free the builder. ++func newParamBuilder() *paramBuilder { ++ bld := ossl.OSSL_PARAM_BLD_new() ++ if bld == nil { ++ // If this happens it indicates an issue allocating memory. ++ panic("openssl: failed to create OSSL_PARAM_BLD") + } ++ return ¶mBuilder{bld: bld} ++} + -+ // Create and initialize the cbcMode struct with CCCryptorCreate here -+ x := &cbcCipher{blockSize: blockSize} -+ status := C.CCCryptorCreateWithMode( -+ operation, // Specifies whether encryption or decryption is performed (kCCEncrypt or kCCDecrypt). -+ C.kCCModeCBC, // Mode of operation, here explicitly set to CBC (Cipher Block Chaining). -+ C.CCAlgorithm(kind), // The encryption algorithm (e.g., kCCAlgorithmAES128, kCCAlgorithmDES). -+ C.ccNoPadding, // Padding option, set to no padding; padding can be handled at a higher level if necessary. -+ pbase(iv), // Initialization Vector (IV) for the cipher, required for CBC mode. Should be nil for ECB mode. -+ pbase(key), // Pointer to the encryption key. -+ C.size_t(len(key)), // Length of the encryption key in bytes. -+ nil, // Tweak key, used only for XTS mode; here set to nil as it’s not required for CBC. -+ 0, // Length of the tweak key, set to 0 as tweak is nil. -+ 0, // Number of rounds, mainly for RC2 and Blowfish; not used here, so set to 0. -+ 0, // Mode options for CTR and F8 modes; not used for CBC, so set to 0. -+ &x.cryptor, // Pointer to the CCCryptorRef output, which will hold the state for encryption or decryption. -+ ) ++// finalize frees the builder. ++func (b *paramBuilder) finalize() { ++ if b.bld != nil { ++ b.pinner.Unpin() ++ for _, bn := range b.bnToFree { ++ if bn.private { ++ ossl.BN_clear_free(bn.value) ++ } else { ++ ossl.BN_free(bn.value) ++ } ++ } ++ ossl.OSSL_PARAM_BLD_free(b.bld) ++ b.bld = nil ++ } ++} + -+ if status != C.kCCSuccess { -+ panic("crypto/des: CCCryptorCreate failed") ++// check is used internally to enforce invariants and should not be called by users of paramBuilder. ++// Returns true if it's ok to add parameters to the builder or build it. ++// Returns false if there has been an error while adding a parameter. ++// Panics if the paramBuilder has been freed, e.g. if it has already been built. ++func (b *paramBuilder) check() bool { ++ if b.err != nil { ++ return false ++ } ++ if b.bld == nil { ++ panic("openssl: paramBuilder has been freed") + } ++ return true ++} + -+ runtime.SetFinalizer(x, (*cbcCipher).finalize) -+ return x ++// build creates an OSSL_PARAM from the builder. ++// The returned OSSL_PARAM must be freed with OSSL_PARAM_free. ++// If an error occurred while adding parameters, the error is returned ++// and the OSSL_PARAM is nil. Once build() is called, the builder is finalized ++// and cannot be reused. ++func (b *paramBuilder) build() (ossl.OSSL_PARAM_PTR, error) { ++ defer b.finalize() ++ if !b.check() { ++ return nil, b.err ++ } ++ param, err := ossl.OSSL_PARAM_BLD_to_param(b.bld) ++ if err != nil { ++ return nil, err ++ } ++ return param, nil ++} ++ ++// addUTF8String adds a NUL-terminated UTF-8 string to the builder. ++// size should not include the terminating NUL byte. If size is zero, then it will be calculated. ++func (b *paramBuilder) addUTF8String(name cString, value *byte, size int) { ++ if !b.check() { ++ return ++ } ++ // OSSL_PARAM_BLD_push_utf8_string calculates the size if it is zero. ++ if size == 0 { ++ size = cStringLen(value) ++ } ++ if _, err := ossl.OSSL_PARAM_BLD_push_utf8_string(b.bld, name.ptr(), unsafe.Slice(value, size)); err != nil { ++ b.err = addParamError{name.str(), err} ++ } ++} + ++// addOctetString adds an octet string to the builder. ++// The value is pinned and will be unpinned when the builder is freed. ++func (b *paramBuilder) addOctetString(name cString, value []byte) { ++ if !b.check() { ++ return ++ } ++ if value == nil { ++ // Short-circuit a nil slice: don't pass anything at all to OpenSSL. ++ // OpenSSL 3.5.6 raises an error when passed null, and expects users ++ // to not call this function at all in this case. ++ // See https://github.com/openssl/openssl/issues/30728 ++ // ++ // Don't short-circuit empty slices, as they might have a meaning. ++ // For example, in KDFs an empty salt is different from a nil salt. ++ return ++ } ++ if len(value) != 0 { ++ b.pinner.Pin(&value[0]) ++ } ++ if _, err := ossl.OSSL_PARAM_BLD_push_octet_string(b.bld, name.ptr(), value); err != nil { ++ b.err = addParamError{name.str(), err} ++ } +} + -+func (x *cbcCipher) finalize() { -+ if x.cryptor != nil { -+ C.CCCryptorRelease(x.cryptor) -+ x.cryptor = nil ++func cStringLen(ptr *byte) int { ++ if ptr == nil { ++ return 0 ++ } ++ for n := 0; ; n++ { ++ if *(*byte)(unsafe.Pointer(uintptr(unsafe.Pointer(ptr)) + uintptr(n))) == 0 { ++ return n ++ } + } +} + -+func (x *cbcCipher) BlockSize() int { return x.blockSize } ++// addInt32 adds an int32 to the builder. ++func (b *paramBuilder) addInt32(name cString, value int32) { ++ if !b.check() { ++ return ++ } ++ if _, err := ossl.OSSL_PARAM_BLD_push_int32(b.bld, name.ptr(), value); err != nil { ++ b.err = addParamError{name.str(), err} ++ } ++} + -+func (x *cbcCipher) CryptBlocks(dst, src []byte) { -+ if inexactOverlap(dst, src) { -+ panic("crypto/cipher: invalid buffer overlap") ++// addBN adds a GOossl.BIGNUM_PTR to the builder. ++func (b *paramBuilder) addBN(name cString, value ossl.BIGNUM_PTR) { ++ if !b.check() { ++ return + } -+ if len(src)%x.blockSize != 0 { -+ panic("crypto/cipher: input not full blocks") ++ if _, err := ossl.OSSL_PARAM_BLD_push_BN(b.bld, name.ptr(), value); err != nil { ++ b.err = addParamError{name.str(), err} + } -+ if len(dst) < len(src) { -+ panic("crypto/cipher: output smaller than input") ++} ++ ++// addBigInt adds a BigInt to the builder. ++// The BigInt is converted using bigToBN to a BIGNUM that is freed when the builder is finalized. ++// If private is true, the BIGNUM will be cleared with BN_clear_free, ++// otherwise it will be freed with BN_free. ++func (b *paramBuilder) addBigInt(name cString, value BigInt, private bool) { ++ if !b.check() { ++ return + } -+ if len(src) == 0 { ++ if len(value) == 0 { ++ // Nothing to do. + return + } -+ var outLength C.size_t -+ status := C.CCCryptorUpdate( -+ x.cryptor, // CCCryptorRef created by CCCryptorCreateWithMode; holds the encryption/decryption state. -+ pbase(src), // Pointer to the input data (source buffer) to be encrypted or decrypted. -+ C.size_t(len(src)), // Length of the input data in bytes. -+ pbase(dst), // Pointer to the output buffer (destination buffer) where the result will be stored. -+ C.size_t(len(dst)), // Size of the output buffer in bytes; must be large enough to hold the processed data. -+ &outLength, // Pointer to a variable that will contain the number of bytes written to the output buffer. -+ ) -+ if status != C.kCCSuccess { -+ panic("crypto/cipher: CCCryptorUpdate failed") ++ bn, err := bigToBN(value) ++ if err != nil { ++ b.err = err ++ return + } -+ runtime.KeepAlive(x) ++ if b.bnToFree == nil { ++ // Preallocate the slice to avoid growing it later, which would cause allocations and copies. ++ // The maximum known number of BIGNUMs to free are 8 for RSA, so we use that as the capacity. ++ b.bnToFree = make([]bnParam, 0, 8) ++ } ++ b.bnToFree = append(b.bnToFree, bnParam{bn, private}) ++ b.addBN(name, bn) +} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/pbkdf2.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/pbkdf2.go +new file mode 100644 +index 00000000000000..66af2060e2cf87 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/pbkdf2.go +@@ -0,0 +1,86 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. + -+func (x *cbcCipher) SetIV(iv []byte) { -+ if len(iv) != x.blockSize { -+ panic("crypto/cipher: incorrect IV length") ++package openssl ++ ++import ( ++ "errors" ++ "hash" ++ "sync" ++ ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) ++ ++// SupportsPBKDF2 reports whether the current OpenSSL version supports PBKDF2. ++func SupportsPBKDF2() bool { ++ switch major() { ++ case 1: ++ return true ++ case 3, 4: ++ _, err := fetchPBKDF2() ++ return err == nil ++ default: ++ panic(errUnsupportedVersion()) ++ } ++} ++ ++// fetchPBKDF2 fetches the PBKDF2 algorithm. ++// It is safe to call this function concurrently. ++// The returned EVP_KDF_PTR shouldn't be freed. ++var fetchPBKDF2 = sync.OnceValues(func() (ossl.EVP_KDF_PTR, error) { ++ checkMajorVersion(3, 4) ++ ++ kdf, err := ossl.EVP_KDF_fetch(nil, _OSSL_KDF_NAME_PBKDF2.ptr(), nil) ++ if err != nil { ++ return nil, err ++ } ++ return kdf, nil ++}) ++ ++func PBKDF2(password, salt []byte, iter, keyLen int, fh func() hash.Hash) ([]byte, error) { ++ h, err := hashFuncHash(fh) ++ if err != nil { ++ return nil, err + } -+ status := C.CCCryptorReset( -+ x.cryptor, // CCCryptorRef created by CCCryptorCreateWithMode; holds the encryption/decryption state. -+ pbase(iv), // Pointer to the new IV to be set. -+ ) -+ if status != C.kCCSuccess { -+ panic("crypto/cipher: CCCryptorReset failed") ++ md := hashToMD(h) ++ if md == nil { ++ return nil, errors.New("unsupported hash function") + } -+ runtime.KeepAlive(x) -+} -+ -+// The following two functions are a mirror of golang.org/x/crypto/internal/subtle. ++ out := make([]byte, keyLen) ++ switch major() { ++ case 1: ++ if _, err = ossl.PKCS5_PBKDF2_HMAC(password, salt, int32(iter), md, out); err != nil { ++ return nil, err ++ } ++ default: ++ kdf, err := fetchPBKDF2() ++ if err != nil { ++ return nil, err ++ } ++ ctx, err := ossl.EVP_KDF_CTX_new(kdf) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_KDF_CTX_free(ctx) + -+func anyOverlap(x, y []byte) bool { -+ return len(x) > 0 && len(y) > 0 && -+ uintptr(unsafe.Pointer(&x[0])) <= uintptr(unsafe.Pointer(&y[len(y)-1])) && -+ uintptr(unsafe.Pointer(&y[0])) <= uintptr(unsafe.Pointer(&x[len(x)-1])) -+} ++ bld := newParamBuilder() ++ defer bld.finalize() ++ bld.addOctetString(_OSSL_KDF_PARAM_PASSWORD, password) ++ bld.addOctetString(_OSSL_KDF_PARAM_SALT, salt) ++ bld.addInt32(_OSSL_KDF_PARAM_ITER, int32(iter)) ++ bld.addInt32(_OSSL_KDF_PARAM_PKCS5, 1) // disable SP800-132 compliance checks, they are done at the crypto/pbkdf2 level ++ bld.addUTF8String(_OSSL_KDF_PARAM_DIGEST, ossl.EVP_MD_get0_name(md), 0) ++ params, err := bld.build() ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.OSSL_PARAM_free(params) + -+func inexactOverlap(x, y []byte) bool { -+ if len(x) == 0 || len(y) == 0 || &x[0] == &y[0] { -+ return false ++ _, err = ossl.EVP_KDF_derive(ctx, out, params) ++ if err != nil { ++ return nil, err ++ } + } -+ return anyOverlap(x, y) ++ ++ return out, nil +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/des.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/des.go +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/provideropenssl.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/provideropenssl.go new file mode 100644 -index 00000000000000..ce490c1167c536 +index 00000000000000..f6a4b1ac20b654 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/des.go -@@ -0,0 +1,117 @@ ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/provideropenssl.go +@@ -0,0 +1,250 @@ +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT License. + -+//go:build darwin -+ -+package xcrypto ++package openssl + -+// #include -+import "C" +import ( -+ "crypto/cipher" ++ "crypto" + "errors" -+ "slices" ++ "unsafe" ++ ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" +) + -+const desBlockSize = C.kCCBlockSizeDES ++// This file contains code specific to the built-in OpenSSL providers. + -+type desCipher struct { -+ key []byte -+ kind C.CCAlgorithm ++// _OSSL_MD5_CTX layout is taken from ++// https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/include/openssl/md5.h#L33. ++type _OSSL_MD5_CTX struct { ++ h [4]uint32 ++ nl, nh uint32 ++ x [64]byte ++ nx uint32 +} + -+// NewDESCipher creates a new DES cipher block using the specified key (8 bytes). -+func NewDESCipher(key []byte) (cipher.Block, error) { -+ if len(key) != 8 { -+ return nil, errors.New("crypto/des: invalid key size for DES") -+ } -+ -+ c := &desCipher{ -+ key: slices.Clone(key), -+ kind: C.kCCAlgorithmDES, -+ } -+ return c, nil ++func (d *_OSSL_MD5_CTX) UnmarshalBinary(b []byte) error { ++ b, d.h[0] = consumeUint32(b) ++ b, d.h[1] = consumeUint32(b) ++ b, d.h[2] = consumeUint32(b) ++ b, d.h[3] = consumeUint32(b) ++ b = b[copy(d.x[:], b):] ++ _, n := consumeUint64(b) ++ d.nl = uint32(n << 3) ++ d.nh = uint32(n >> 29) ++ d.nx = uint32(n) % 64 ++ return nil +} + -+// NewTripleDESCipher creates a new 3DES cipher block using the specified key (24 bytes). -+func NewTripleDESCipher(key []byte) (cipher.Block, error) { -+ if len(key) != 24 { -+ return nil, errors.New("crypto/des: invalid key size for 3DES") -+ } -+ -+ c := &desCipher{ -+ key: slices.Clone(key), -+ kind: C.kCCAlgorithm3DES, -+ } -+ return c, nil ++func (d *_OSSL_MD5_CTX) AppendBinary(buf []byte) ([]byte, error) { ++ buf = appendUint32(buf, d.h[0]) ++ buf = appendUint32(buf, d.h[1]) ++ buf = appendUint32(buf, d.h[2]) ++ buf = appendUint32(buf, d.h[3]) ++ buf = append(buf, d.x[:d.nx]...) ++ buf = append(buf, make([]byte, len(d.x)-int(d.nx))...) ++ buf = appendUint64(buf, uint64(d.nl)>>3|uint64(d.nh)<<29) ++ return buf, nil +} + -+func (c *desCipher) BlockSize() int { return desBlockSize } ++// _OSSL_SHA_CTX layout is taken from ++// https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/include/openssl/sha.h#L34. ++type _OSSL_SHA_CTX struct { ++ h [5]uint32 ++ nl, nh uint32 ++ x [64]byte ++ nx uint32 ++} + -+func (c *desCipher) Encrypt(dst, src []byte) { -+ blockSize := c.BlockSize() -+ if len(src) < blockSize || len(dst) < blockSize { -+ panic("crypto/des: input or output block is too small") -+ } ++func (d *_OSSL_SHA_CTX) UnmarshalBinary(b []byte) error { ++ b, d.h[0] = consumeUint32(b) ++ b, d.h[1] = consumeUint32(b) ++ b, d.h[2] = consumeUint32(b) ++ b, d.h[3] = consumeUint32(b) ++ b, d.h[4] = consumeUint32(b) ++ b = b[copy(d.x[:], b):] ++ _, n := consumeUint64(b) ++ d.nl = uint32(n << 3) ++ d.nh = uint32(n >> 29) ++ d.nx = uint32(n) % 64 ++ return nil ++} + -+ if inexactOverlap(dst[:blockSize], src[:blockSize]) { -+ panic("crypto/des: invalid buffer overlap") -+ } ++func (d *_OSSL_SHA_CTX) AppendBinary(buf []byte) ([]byte, error) { ++ buf = appendUint32(buf, d.h[0]) ++ buf = appendUint32(buf, d.h[1]) ++ buf = appendUint32(buf, d.h[2]) ++ buf = appendUint32(buf, d.h[3]) ++ buf = appendUint32(buf, d.h[4]) ++ buf = append(buf, d.x[:d.nx]...) ++ buf = append(buf, make([]byte, len(d.x)-int(d.nx))...) ++ buf = appendUint64(buf, uint64(d.nl)>>3|uint64(d.nh)<<29) ++ return buf, nil ++} + -+ var outLength C.size_t -+ status := C.CCCrypt( -+ C.kCCEncrypt, -+ C.CCAlgorithm(c.kind), -+ C.kCCOptionECBMode, -+ pbase(c.key), -+ C.size_t(len(c.key)), -+ nil, -+ pbase(src[:blockSize]), -+ C.size_t(blockSize), -+ pbase(dst[:blockSize]), -+ C.size_t(blockSize), -+ &outLength, -+ ) -+ if status != C.kCCSuccess { -+ panic("crypto/des: encryption failed") -+ } ++// _OSSL_SHA256_CTX layout is taken from ++// https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/include/openssl/sha.h#L51. ++type _OSSL_SHA256_CTX struct { ++ h [8]uint32 ++ nl, nh uint32 ++ x [64]byte ++ nx uint32 +} + -+func (c *desCipher) Decrypt(dst, src []byte) { -+ blockSize := c.BlockSize() -+ if len(src) < blockSize || len(dst) < blockSize { -+ panic("crypto/des: input or output block is too small") -+ } ++func (d *_OSSL_SHA256_CTX) UnmarshalBinary(b []byte) error { ++ b, d.h[0] = consumeUint32(b) ++ b, d.h[1] = consumeUint32(b) ++ b, d.h[2] = consumeUint32(b) ++ b, d.h[3] = consumeUint32(b) ++ b, d.h[4] = consumeUint32(b) ++ b, d.h[5] = consumeUint32(b) ++ b, d.h[6] = consumeUint32(b) ++ b, d.h[7] = consumeUint32(b) ++ b = b[copy(d.x[:], b):] ++ _, n := consumeUint64(b) ++ d.nl = uint32(n << 3) ++ d.nh = uint32(n >> 29) ++ d.nx = uint32(n) % 64 ++ return nil ++} + -+ if inexactOverlap(dst[:blockSize], src[:blockSize]) { -+ panic("crypto/des: invalid buffer overlap") -+ } ++func (d *_OSSL_SHA256_CTX) AppendBinary(buf []byte) ([]byte, error) { ++ buf = appendUint32(buf, d.h[0]) ++ buf = appendUint32(buf, d.h[1]) ++ buf = appendUint32(buf, d.h[2]) ++ buf = appendUint32(buf, d.h[3]) ++ buf = appendUint32(buf, d.h[4]) ++ buf = appendUint32(buf, d.h[5]) ++ buf = appendUint32(buf, d.h[6]) ++ buf = appendUint32(buf, d.h[7]) ++ buf = append(buf, d.x[:d.nx]...) ++ buf = append(buf, make([]byte, len(d.x)-int(d.nx))...) ++ buf = appendUint64(buf, uint64(d.nl)>>3|uint64(d.nh)<<29) ++ return buf, nil ++} + -+ var outLength C.size_t -+ status := C.CCCrypt( -+ C.kCCDecrypt, -+ C.CCAlgorithm(c.kind), -+ C.kCCOptionECBMode, -+ pbase(c.key), -+ C.size_t(len(c.key)), -+ nil, -+ pbase(src[:blockSize]), -+ C.size_t(blockSize), -+ pbase(dst[:blockSize]), -+ C.size_t(blockSize), -+ &outLength, -+ ) -+ if status != C.kCCSuccess { -+ panic("crypto/des: decryption failed") -+ } ++// _OSSL_SHA512_CTX layout is taken from ++// https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/include/openssl/sha.h#L95. ++type _OSSL_SHA512_CTX struct { ++ h [8]uint64 ++ nl, nh uint64 ++ x [128]byte ++ nx uint32 +} + -+// CBC mode encrypter -+func (c *desCipher) NewCBCEncrypter(iv []byte) cipher.BlockMode { -+ return newCBC(C.kCCEncrypt, c.kind, c.key, iv) ++func (d *_OSSL_SHA512_CTX) UnmarshalBinary(b []byte) error { ++ b, d.h[0] = consumeUint64(b) ++ b, d.h[1] = consumeUint64(b) ++ b, d.h[2] = consumeUint64(b) ++ b, d.h[3] = consumeUint64(b) ++ b, d.h[4] = consumeUint64(b) ++ b, d.h[5] = consumeUint64(b) ++ b, d.h[6] = consumeUint64(b) ++ b, d.h[7] = consumeUint64(b) ++ b = b[copy(d.x[:], b):] ++ _, n := consumeUint64(b) ++ d.nl = n << 3 ++ d.nh = n >> 61 ++ d.nx = uint32(n) % 128 ++ return nil +} + -+// CBC mode decrypter -+func (c *desCipher) NewCBCDecrypter(iv []byte) cipher.BlockMode { -+ return newCBC(C.kCCDecrypt, c.kind, c.key, iv) ++func (d *_OSSL_SHA512_CTX) AppendBinary(buf []byte) ([]byte, error) { ++ buf = appendUint64(buf, d.h[0]) ++ buf = appendUint64(buf, d.h[1]) ++ buf = appendUint64(buf, d.h[2]) ++ buf = appendUint64(buf, d.h[3]) ++ buf = appendUint64(buf, d.h[4]) ++ buf = appendUint64(buf, d.h[5]) ++ buf = appendUint64(buf, d.h[6]) ++ buf = appendUint64(buf, d.h[7]) ++ buf = append(buf, d.x[:d.nx]...) ++ buf = append(buf, make([]byte, len(d.x)-int(d.nx))...) ++ buf = appendUint64(buf, d.nl>>3|d.nh<<61) ++ return buf, nil +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ec.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ec.go -new file mode 100644 -index 00000000000000..e57bde33af4c98 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ec.go -@@ -0,0 +1,32 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. + -+//go:build darwin ++func getOSSLDigetsContext(ctx ossl.EVP_MD_CTX_PTR) unsafe.Pointer { ++ switch major() { ++ case 1: ++ // https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/crypto/evp/evp_local.h#L12. ++ type mdCtx struct { ++ _ [2]unsafe.Pointer ++ _ uint32 ++ md_data unsafe.Pointer ++ } ++ return (*mdCtx)(unsafe.Pointer(ctx)).md_data ++ case 3: ++ // The EVP_MD_CTX memory layout has changed in OpenSSL 3 ++ // and the property holding the internal structure is no longer md_data but algctx. ++ // https://github.com/openssl/openssl/blob/5675a5aaf6a2e489022bcfc18330dae9263e598e/crypto/evp/evp_local.h#L16. ++ type mdCtx struct { ++ _ [3]unsafe.Pointer ++ _ uint32 ++ _ [3]unsafe.Pointer ++ algctx unsafe.Pointer ++ } ++ return (*mdCtx)(unsafe.Pointer(ctx)).algctx ++ case 4: ++ // OpenSSL 4 removed the ENGINE, md_data, and update fields from EVP_MD_CTX. ++ // https://github.com/openssl/openssl/blob/openssl-4.0.0-alpha1/crypto/evp/evp_local.h ++ type mdCtx struct { ++ _ [2]unsafe.Pointer // reqdigest, digest ++ _ uint32 // flags ++ _ unsafe.Pointer // pctx ++ algctx unsafe.Pointer ++ } ++ return (*mdCtx)(unsafe.Pointer(ctx)).algctx ++ default: ++ panic(errUnsupportedVersion()) ++ } ++} + -+package xcrypto ++var errHashStateInvalid = errors.New("openssl: can't retrieve hash state") + -+func curveToKeySizeInBits(curve string) int { -+ switch curve { -+ case "P-256": -+ return 256 -+ case "P-384": -+ return 384 -+ case "P-521": -+ return 521 ++func osslHashAppendBinary(ctx ossl.EVP_MD_CTX_PTR, ch crypto.Hash, magic string, buf []byte) ([]byte, error) { ++ algctx := getOSSLDigetsContext(ctx) ++ if algctx == nil { ++ return nil, errHashStateInvalid ++ } ++ buf = append(buf, magic...) ++ switch ch { ++ case crypto.MD5: ++ d := (*_OSSL_MD5_CTX)(unsafe.Pointer(algctx)) ++ return d.AppendBinary(buf) ++ case crypto.SHA1: ++ d := (*_OSSL_SHA_CTX)(unsafe.Pointer(algctx)) ++ return d.AppendBinary(buf) ++ case crypto.SHA224, crypto.SHA256: ++ d := (*_OSSL_SHA256_CTX)(unsafe.Pointer(algctx)) ++ return d.AppendBinary(buf) ++ case crypto.SHA384, crypto.SHA512_224, crypto.SHA512_256, crypto.SHA512: ++ d := (*_OSSL_SHA512_CTX)(unsafe.Pointer(algctx)) ++ return d.AppendBinary(buf) + default: -+ return 0 ++ panic("unsupported hash " + ch.String()) + } +} + -+func curveToKeySizeInBytes(curve string) int { -+ switch curve { -+ case "P-256": -+ return (256 + 7) / 8 -+ case "P-384": -+ return (384 + 7) / 8 -+ case "P-521": -+ return (521 + 7) / 8 ++func osslHashUnmarshalBinary(ctx ossl.EVP_MD_CTX_PTR, ch crypto.Hash, magic string, b []byte) error { ++ algctx := getOSSLDigetsContext(ctx) ++ if algctx == nil { ++ return errHashStateInvalid ++ } ++ b = b[len(magic):] ++ switch ch { ++ case crypto.MD5: ++ d := (*_OSSL_MD5_CTX)(unsafe.Pointer(algctx)) ++ return d.UnmarshalBinary(b) ++ case crypto.SHA1: ++ d := (*_OSSL_SHA_CTX)(unsafe.Pointer(algctx)) ++ return d.UnmarshalBinary(b) ++ case crypto.SHA224, crypto.SHA256: ++ d := (*_OSSL_SHA256_CTX)(unsafe.Pointer(algctx)) ++ return d.UnmarshalBinary(b) ++ case crypto.SHA384, crypto.SHA512_224, crypto.SHA512_256, crypto.SHA512: ++ d := (*_OSSL_SHA512_CTX)(unsafe.Pointer(algctx)) ++ return d.UnmarshalBinary(b) + default: -+ return 0 ++ panic("unsupported hash " + ch.String()) + } +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ecdh.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ecdh.go +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/providersymcrypt.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/providersymcrypt.go new file mode 100644 -index 00000000000000..3bdd3937670285 +index 00000000000000..1fc14f756a0ce4 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ecdh.go -@@ -0,0 +1,135 @@ ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/providersymcrypt.go +@@ -0,0 +1,331 @@ +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT License. + -+//go:build darwin -+ -+package xcrypto ++package openssl + -+// #include -+import "C" +import ( ++ "crypto" + "errors" -+ "runtime" -+ "slices" ++ "unsafe" ++ ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" +) + -+type PublicKeyECDH struct { -+ _pkey C.SecKeyRef -+ bytes []byte -+} ++// This file contains code specific to the SymCrypt provider. + -+func (k *PublicKeyECDH) finalize() { -+ if k._pkey != 0 { -+ C.CFRelease(C.CFTypeRef(k._pkey)) -+ } -+} ++const ( ++ _SCOSSL_DIGEST_PARAM_STATE cString = "state\x00" ++ _SCOSSL_DIGEST_PARAM_RECOMPUTE_CHECKSUM cString = "recompute_checksum\x00" ++) + -+type PrivateKeyECDH struct { -+ _pkey C.SecKeyRef -+ pub []byte -+} ++const ( ++ _SYMCRYPT_BLOB_MAGIC = 0x636D7973 // "cysm" in little-endian + -+func (k *PrivateKeyECDH) finalize() { -+ if k._pkey != 0 { -+ C.CFRelease(C.CFTypeRef(k._pkey)) -+ } ++ _SymCryptBlobTypeHashState = 0x100 ++ _SymCryptBlobTypeMd2State = _SymCryptBlobTypeHashState + 1 ++ _SymCryptBlobTypeMd4State = _SymCryptBlobTypeHashState + 2 ++ _SymCryptBlobTypeMd5State = _SymCryptBlobTypeHashState + 3 ++ _SymCryptBlobTypeSha1State = _SymCryptBlobTypeHashState + 4 ++ _SymCryptBlobTypeSha256State = _SymCryptBlobTypeHashState + 5 ++ _SymCryptBlobTypeSha384State = _SymCryptBlobTypeHashState + 6 ++ _SymCryptBlobTypeSha512State = _SymCryptBlobTypeHashState + 7 ++ _SymCryptBlobTypeSha3_256State = _SymCryptBlobTypeHashState + 8 ++ _SymCryptBlobTypeSha3_384State = _SymCryptBlobTypeHashState + 9 ++ _SymCryptBlobTypeSha3_512State = _SymCryptBlobTypeHashState + 10 ++ _SymCryptBlobTypeSha224State = _SymCryptBlobTypeHashState + 11 ++ _SymCryptBlobTypeSha512_224State = _SymCryptBlobTypeHashState + 12 ++ _SymCryptBlobTypeSha512_256State = _SymCryptBlobTypeHashState + 13 ++ _SymCryptBlobTypeSha3_224State = _SymCryptBlobTypeHashState + 14 ++ ++ _SYMCRYPT_MD5_STATE_EXPORT_SIZE = uint32(unsafe.Sizeof(_SYMCRYPT_MD5_STATE_EXPORT_BLOB{})) ++ _SYMCRYPT_SHA1_STATE_EXPORT_SIZE = uint32(unsafe.Sizeof(_SYMCRYPT_SHA1_STATE_EXPORT_BLOB{})) ++ _SYMCRYPT_SHA256_STATE_EXPORT_SIZE = uint32(unsafe.Sizeof(_SYMCRYPT_SHA256_STATE_EXPORT_BLOB{})) ++ _SYMCRYPT_SHA512_STATE_EXPORT_SIZE = uint32(unsafe.Sizeof(_SYMCRYPT_SHA512_STATE_EXPORT_BLOB{})) ++) ++ ++type _SYMCRYPT_BLOB_HEADER struct { ++ magic uint32 ++ size uint32 ++ _type uint32 +} + -+func NewPublicKeyECDH(curve string, bytes []byte) (*PublicKeyECDH, error) { -+ if len(bytes) < 1 { -+ return nil, errors.New("NewPublicKeyECDH: missing key") -+ } -+ pubKeyRef, err := createSecKeyWithData(bytes, C.kSecAttrKeyTypeECSECPrimeRandom, C.kSecAttrKeyClassPublic) -+ if err != nil { -+ return nil, err -+ } -+ pubKey := &PublicKeyECDH{pubKeyRef, slices.Clone(bytes)} -+ runtime.SetFinalizer(pubKey, (*PublicKeyECDH).finalize) -+ return pubKey, nil ++type _SYMCRYPT_BLOB_TRAILER struct { ++ checksum [8]uint8 +} + -+func (k *PublicKeyECDH) Bytes() []byte { return k.bytes } ++// _UINT64 is a 64-bit unsigned integer, stored in native endianess. ++// It is used to represent a SymCrypt UINT64 type without making the ++// parent struct 8-byte aligned, given that the Windows ABI makes ++// the struct 4-byte aligned. ++type _UINT64 [2]uint32 + -+// bytes expects the public key to be in uncompressed ANSI X9.63 format -+func NewPrivateKeyECDH(curve string, pub, priv []byte) (*PrivateKeyECDH, error) { -+ key := append(slices.Clone(pub), priv...) -+ privKeyRef, err := createSecKeyWithData(key, C.kSecAttrKeyTypeECSECPrimeRandom, C.kSecAttrKeyClassPrivate) -+ if err != nil { -+ return nil, err ++func newUINT64(v uint64) _UINT64 { ++ var u _UINT64 ++ if isBigEndian() { ++ u[0], u[1] = uint32(v>>32), uint32(v) ++ } else { ++ u[0], u[1] = uint32(v), uint32(v>>32) + } -+ privKey := &PrivateKeyECDH{privKeyRef, pub} -+ runtime.SetFinalizer(privKey, (*PrivateKeyECDH).finalize) -+ return privKey, nil ++ return u +} + -+func (k *PrivateKeyECDH) PublicKey() (*PublicKeyECDH, error) { -+ defer runtime.KeepAlive(k) -+ pubKeyRef := C.SecKeyCopyPublicKey(k._pkey) -+ if pubKeyRef == 0 { -+ return nil, errors.New("failed to extract public key") ++func (u *_UINT64) uint64() uint64 { ++ if isBigEndian() { ++ return uint64(u[0])<<32 | (uint64(u[1])) + } -+ pubKey := &PublicKeyECDH{pubKeyRef, k.pub} -+ runtime.SetFinalizer(pubKey, (*PublicKeyECDH).finalize) -+ return pubKey, nil ++ return uint64(u[0]) | (uint64(u[1]) << 32) +} + -+func ECDH(priv *PrivateKeyECDH, pub *PublicKeyECDH) ([]byte, error) { -+ defer runtime.KeepAlive(priv) -+ defer runtime.KeepAlive(pub) -+ -+ var algorithm C.CFStringRef = C.kSecKeyAlgorithmECDHKeyExchangeStandard -+ -+ supported := C.SecKeyIsAlgorithmSupported(priv._pkey, C.kSecKeyOperationTypeKeyExchange, algorithm) -+ if supported == 0 { -+ return nil, errors.New("ECDH algorithm not supported for the given private key") ++// symCryptAppendBinary appends the binary representation of a SymCrypt state ++// to the given destination slice. ++func symCryptAppendBinary(dst, chain, buffer []byte, blength _UINT64) []byte { ++ length := blength.uint64() ++ var nx uint64 ++ if len(buffer) <= 64 { ++ nx = length & 0x3f ++ } else { ++ nx = length & 0x7f + } ++ dst = append(dst, chain...) ++ dst = append(dst, buffer[:nx]...) ++ dst = append(dst, make([]byte, len(buffer)-int(nx))...) ++ dst = appendUint64(dst, length) ++ return dst ++} ++ ++// symCryptUnmarshalBinary unmarshals the binary representation of a SymCrypt state ++// from the given source slice. It returns the length of the data. ++func symCryptUnmarshalBinary(d []byte, chain, buffer []byte) _UINT64 { ++ copy(chain[:], d) ++ d = d[len(chain):] ++ copy(buffer[:], d) ++ d = d[len(buffer):] ++ _, length := consumeUint64(d) ++ return newUINT64(length) ++} + -+ var cfErr C.CFErrorRef -+ // Perform the key exchange -+ sharedSecretRef := C.SecKeyCopyKeyExchangeResult( -+ priv._pkey, -+ algorithm, -+ pub._pkey, -+ C.CFDictionaryRef(0), -+ &cfErr, -+ ) -+ if err := goCFErrorRef(cfErr); err != nil { -+ return nil, err ++// swapEndianessUint32 swaps the endianness of the given byte slice ++// in place. It assumes the slice is a backup of a 32-bit integer array. ++func swapEndianessUint32(d []uint8) { ++ for i := 0; i < len(d); i += 4 { ++ d[i], d[i+3] = d[i+3], d[i] ++ d[i+1], d[i+2] = d[i+2], d[i+1] + } -+ defer C.CFRelease(C.CFTypeRef(sharedSecretRef)) + -+ sharedSecret := cfDataToBytes(sharedSecretRef) -+ return sharedSecret, nil +} + -+func GenerateKeyECDH(curve string) (*PrivateKeyECDH, []byte, error) { -+ keySize := curveToKeySizeInBytes(curve) -+ if keySize == 0 { -+ return nil, nil, errors.New("unsupported curve") -+ } -+ keySizeInBits := curveToKeySizeInBits(curve) -+ // Generate the private key and get its DER representation -+ privKeyDER, privKeyRef, err := createSecKeyRandom(C.kSecAttrKeyTypeECSECPrimeRandom, keySizeInBits) -+ if err != nil { -+ return nil, nil, err -+ } -+ pub, priv, err := extractECDHComponents(privKeyDER, keySize) -+ if err != nil { -+ C.CFRelease(C.CFTypeRef(privKeyRef)) -+ return nil, nil, err -+ } -+ k := &PrivateKeyECDH{privKeyRef, pub} -+ runtime.SetFinalizer(k, (*PrivateKeyECDH).finalize) -+ return k, priv, nil ++type _SYMCRYPT_MD5_STATE_EXPORT_BLOB struct { ++ header _SYMCRYPT_BLOB_HEADER ++ chain [16]uint8 // little endian ++ length _UINT64 // native endian ++ buffer [64]uint8 ++ _ [8]uint8 // reserved ++ _ _SYMCRYPT_BLOB_TRAILER +} + -+func extractECDHComponents(der []byte, keySize int) (pub, priv []byte, err error) { -+ // The private component is the last of the three equally-sized chunks -+ // for the elliptic curve private key. -+ if len(der) != 1+keySize*3 { -+ return nil, nil, errors.New("invalid key length: insufficient data for private component") -+ } -+ pub = der[:1+keySize*2] -+ priv = der[1+keySize*2:] -+ return ++func (b *_SYMCRYPT_MD5_STATE_EXPORT_BLOB) appendBinary(d []byte) ([]byte, error) { ++ // b.chain is little endian, but Go expects big endian, ++ // we need to swap the bytes. ++ swapEndianessUint32(b.chain[:]) ++ return symCryptAppendBinary(d, b.chain[:], b.buffer[:], b.length), nil +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ecdsa.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ecdsa.go -new file mode 100644 -index 00000000000000..fb0e207a89ff67 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ecdsa.go -@@ -0,0 +1,181 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. + -+//go:build darwin ++func (b *_SYMCRYPT_MD5_STATE_EXPORT_BLOB) unmarshalBinary(d []byte) { ++ b.length = symCryptUnmarshalBinary(d, b.chain[:], b.buffer[:]) ++ swapEndianessUint32(b.chain[:]) ++} + -+package xcrypto ++type _SYMCRYPT_SHA1_STATE_EXPORT_BLOB struct { ++ header _SYMCRYPT_BLOB_HEADER ++ chain [20]uint8 // big endian ++ length _UINT64 // native endian ++ buffer [64]uint8 ++ _ [8]uint8 // reserved ++ _ _SYMCRYPT_BLOB_TRAILER ++} + -+// #include -+import "C" -+import ( -+ "errors" -+ "runtime" -+) ++func (b *_SYMCRYPT_SHA1_STATE_EXPORT_BLOB) appendBinary(d []byte) ([]byte, error) { ++ return symCryptAppendBinary(d, b.chain[:], b.buffer[:], b.length), nil ++} + -+type PrivateKeyECDSA struct { -+ _pkey C.SecKeyRef ++func (b *_SYMCRYPT_SHA1_STATE_EXPORT_BLOB) unmarshalBinary(d []byte) { ++ b.length = symCryptUnmarshalBinary(d, b.chain[:], b.buffer[:]) +} + -+func (k *PrivateKeyECDSA) finalize() { -+ if k._pkey != 0 { -+ C.CFRelease(C.CFTypeRef(k._pkey)) -+ } ++type _SYMCRYPT_SHA256_STATE_EXPORT_BLOB struct { ++ header _SYMCRYPT_BLOB_HEADER ++ chain [32]uint8 // big endian ++ length _UINT64 // native endian ++ buffer [64]uint8 ++ _ [8]uint8 // reserved ++ _ _SYMCRYPT_BLOB_TRAILER +} + -+func (k *PrivateKeyECDSA) withKey(f func(C.SecKeyRef) C.int) C.int { -+ defer runtime.KeepAlive(k) -+ return f(k._pkey) ++func (b *_SYMCRYPT_SHA256_STATE_EXPORT_BLOB) appendBinary(d []byte) ([]byte, error) { ++ return symCryptAppendBinary(d, b.chain[:], b.buffer[:], b.length), nil +} + -+type PublicKeyECDSA struct { -+ _pkey C.SecKeyRef ++func (b *_SYMCRYPT_SHA256_STATE_EXPORT_BLOB) unmarshalBinary(d []byte) { ++ b.length = symCryptUnmarshalBinary(d, b.chain[:], b.buffer[:]) +} + -+func (k *PublicKeyECDSA) finalize() { -+ if k._pkey != 0 { -+ C.CFRelease(C.CFTypeRef(k._pkey)) ++type _SYMCRYPT_SHA512_STATE_EXPORT_BLOB struct { ++ header _SYMCRYPT_BLOB_HEADER ++ chain [64]uint8 // big endian ++ lengthL _UINT64 // native endian ++ lengthH _UINT64 // native endian ++ buffer [128]uint8 ++ _ [8]uint8 // reserved ++ _ _SYMCRYPT_BLOB_TRAILER ++} ++ ++func (b *_SYMCRYPT_SHA512_STATE_EXPORT_BLOB) appendBinary(d []byte) ([]byte, error) { ++ if b.lengthH.uint64() != 0 { ++ return nil, errors.New("exporting state with more than 2^63-1 bytes of data is not supported") + } ++ return symCryptAppendBinary(d, b.chain[:], b.buffer[:], b.lengthL), nil +} + -+func (k *PublicKeyECDSA) withKey(f func(C.SecKeyRef) C.int) C.int { -+ defer runtime.KeepAlive(k) -+ return f(k._pkey) ++func (b *_SYMCRYPT_SHA512_STATE_EXPORT_BLOB) unmarshalBinary(d []byte) { ++ b.lengthL = symCryptUnmarshalBinary(d, b.chain[:], b.buffer[:]) +} + -+func NewPublicKeyECDSA(curve string, x, y BigInt) (*PublicKeyECDSA, error) { -+ keySize := curveToKeySizeInBytes(curve) -+ if keySize == 0 { -+ return nil, errors.New("unsupported curve") ++func symCryptHashAppendBinary(ctx ossl.EVP_MD_CTX_PTR, ch crypto.Hash, magic string, buf []byte) ([]byte, error) { ++ size, typ := symCryptHashStateInfo(ch) ++ state := make([]byte, size, _SYMCRYPT_SHA512_STATE_EXPORT_SIZE) // 512 is the largest size ++ params := [2]ossl.OSSL_PARAM{ ++ ossl.OSSL_PARAM_construct_octet_string(_SCOSSL_DIGEST_PARAM_STATE.ptr(), unsafe.Pointer(&state[0]), len(state)), ++ ossl.OSSL_PARAM_construct_end(), + } -+ encodedKey, err := encodeToUncompressedAnsiX963Key(x, y, nil, keySize) -+ if err != nil { -+ return nil, errors.New("failed to encode public key to uncompressed ANSI X9.63 format") ++ if _, err := ossl.EVP_MD_CTX_get_params(ctx, (ossl.OSSL_PARAM_PTR)(unsafe.Pointer(¶ms[0]))); err != nil { ++ return nil, err ++ } ++ if !ossl.OSSL_PARAM_modified(¶ms[0]) { ++ return nil, errors.New("EVP_MD_CTX_get_params did not retrieve the state") + } + -+ pubKeyRef, err := createSecKeyWithData(encodedKey, C.kSecAttrKeyTypeECSECPrimeRandom, C.kSecAttrKeyClassPublic) -+ if err != nil { -+ return nil, err ++ header := (*_SYMCRYPT_BLOB_HEADER)(unsafe.Pointer(&state[0])) ++ if header.magic != _SYMCRYPT_BLOB_MAGIC { ++ return nil, errors.New("invalid blob magic") ++ } ++ if header.size != size { ++ return nil, errors.New("invalid blob size") ++ } ++ if header._type != typ { ++ return nil, errors.New("invalid blob type") + } + -+ pubKey := &PublicKeyECDSA{_pkey: pubKeyRef} -+ runtime.SetFinalizer(pubKey, (*PublicKeyECDSA).finalize) -+ return pubKey, nil ++ buf = append(buf, magic...) ++ switch ch { ++ case crypto.MD5: ++ blob := (*_SYMCRYPT_MD5_STATE_EXPORT_BLOB)(unsafe.Pointer(&state[0])) ++ return blob.appendBinary(buf) ++ case crypto.SHA1: ++ blob := (*_SYMCRYPT_SHA1_STATE_EXPORT_BLOB)(unsafe.Pointer(&state[0])) ++ return blob.appendBinary(buf) ++ case crypto.SHA224, crypto.SHA256: ++ blob := (*_SYMCRYPT_SHA256_STATE_EXPORT_BLOB)(unsafe.Pointer(&state[0])) ++ return blob.appendBinary(buf) ++ case crypto.SHA384, crypto.SHA512_224, crypto.SHA512_256, crypto.SHA512: ++ blob := (*_SYMCRYPT_SHA512_STATE_EXPORT_BLOB)(unsafe.Pointer(&state[0])) ++ return blob.appendBinary(buf) ++ default: ++ panic("unsupported hash " + ch.String()) ++ } +} + -+// NewPrivateKeyECDSA creates a new ECDSA private key using the provided curve name and parameters (x, y, d). -+func NewPrivateKeyECDSA(curve string, x, y, d BigInt) (*PrivateKeyECDSA, error) { -+ keySize := curveToKeySizeInBytes(curve) -+ if keySize == 0 { -+ return nil, errors.New("unsupported curve") ++func symCryptHashUnmarshalBinary(ctx ossl.EVP_MD_CTX_PTR, ch crypto.Hash, magic string, b []byte) error { ++ size, typ := symCryptHashStateInfo(ch) ++ hdr := _SYMCRYPT_BLOB_HEADER{ ++ magic: _SYMCRYPT_BLOB_MAGIC, ++ size: size, ++ _type: typ, + } -+ encodedKey, err := encodeToUncompressedAnsiX963Key(x, y, d, keySize) -+ if err != nil { -+ return nil, errors.New("crypto/ecdsa: failed to encode private key: " + err.Error()) ++ var blobPtr unsafe.Pointer ++ b = b[len(magic):] ++ switch ch { ++ case crypto.MD5: ++ var blob _SYMCRYPT_MD5_STATE_EXPORT_BLOB ++ blobPtr = unsafe.Pointer(&blob) ++ blob.header = hdr ++ blob.unmarshalBinary(b) ++ case crypto.SHA1: ++ var blob _SYMCRYPT_SHA1_STATE_EXPORT_BLOB ++ blobPtr = unsafe.Pointer(&blob) ++ blob.header = hdr ++ blob.unmarshalBinary(b) ++ case crypto.SHA224, crypto.SHA256: ++ var blob _SYMCRYPT_SHA256_STATE_EXPORT_BLOB ++ blobPtr = unsafe.Pointer(&blob) ++ blob.header = hdr ++ blob.unmarshalBinary(b) ++ case crypto.SHA384, crypto.SHA512_224, crypto.SHA512_256, crypto.SHA512: ++ var blob _SYMCRYPT_SHA512_STATE_EXPORT_BLOB ++ blobPtr = unsafe.Pointer(&blob) ++ blob.header = hdr ++ blob.unmarshalBinary(b) ++ default: ++ panic("unsupported hash " + ch.String()) ++ } ++ var checksum int32 = 1 ++ params := [3]ossl.OSSL_PARAM{ ++ ossl.OSSL_PARAM_construct_octet_string(_SCOSSL_DIGEST_PARAM_STATE.ptr(), blobPtr, int(hdr.size)), ++ ossl.OSSL_PARAM_construct_int32(_SCOSSL_DIGEST_PARAM_RECOMPUTE_CHECKSUM.ptr(), &checksum), ++ ossl.OSSL_PARAM_construct_end(), ++ } ++ _, err := ossl.EVP_MD_CTX_set_params(ctx, (ossl.OSSL_PARAM_PTR)(unsafe.Pointer(¶ms[0]))) ++ return err ++} ++ ++func symCryptHashStateInfo(ch crypto.Hash) (size, typ uint32) { ++ switch ch { ++ case crypto.MD5: ++ return _SYMCRYPT_MD5_STATE_EXPORT_SIZE, _SymCryptBlobTypeMd5State ++ case crypto.SHA1: ++ return _SYMCRYPT_SHA1_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha1State ++ case crypto.SHA224: ++ return _SYMCRYPT_SHA256_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha224State ++ case crypto.SHA256: ++ return _SYMCRYPT_SHA256_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha256State ++ case crypto.SHA384: ++ return _SYMCRYPT_SHA512_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha384State ++ case crypto.SHA512_224: ++ return _SYMCRYPT_SHA512_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha512_224State ++ case crypto.SHA512_256: ++ return _SYMCRYPT_SHA512_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha512_256State ++ case crypto.SHA512: ++ return _SYMCRYPT_SHA512_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha512State ++ default: ++ panic("unsupported hash " + ch.String()) + } ++} + -+ privKeyRef, err := createSecKeyWithData(encodedKey, C.kSecAttrKeyTypeECSECPrimeRandom, C.kSecAttrKeyClassPrivate) ++// isSymCryptHashStateSerializable checks if the SymCrypt hash state is serializable. ++func isSymCryptHashStateSerializable(md ossl.EVP_MD_PTR) bool { ++ ctx, err := ossl.EVP_MD_CTX_new() + if err != nil { -+ return nil, err ++ return false + } -+ -+ // Wrap and finalize -+ k := &PrivateKeyECDSA{_pkey: privKeyRef} -+ runtime.SetFinalizer(k, (*PrivateKeyECDSA).finalize) -+ return k, nil -+} -+ -+func GenerateKeyECDSA(curve string) (x, y, d BigInt, err error) { -+ keySize := curveToKeySizeInBytes(curve) -+ if keySize == 0 { -+ return nil, nil, nil, errors.New("unsupported curve") ++ defer ossl.EVP_MD_CTX_free(ctx) ++ if _, err := ossl.EVP_DigestInit_ex(ctx, md, nil); err != nil { ++ return false + } -+ -+ keySizeInBits := curveToKeySizeInBits(curve) -+ privKeyDER, privKeyRef, err := createSecKeyRandom(C.kSecAttrKeyTypeECSECPrimeRandom, keySizeInBits) ++ params, err := ossl.EVP_MD_CTX_gettable_params(ctx) + if err != nil { -+ return nil, nil, nil, err ++ return false + } -+ defer C.CFRelease(C.CFTypeRef(privKeyRef)) -+ return decodeFromUncompressedAnsiX963Key(privKeyDER, keySize) -+} -+ -+func SignMarshalECDSA(priv *PrivateKeyECDSA, hashed []byte) ([]byte, error) { -+ return evpSign(priv.withKey, algorithmTypeECDSA, 0, hashed) -+} -+ -+func VerifyECDSA(pub *PublicKeyECDSA, hashed []byte, sig []byte) bool { -+ return evpVerify(pub.withKey, algorithmTypeECDSA, 0, hashed, sig) == nil -+} -+ -+// encodeToUncompressedAnsiX963Key encodes the given elliptic curve point (x, y) and optional private key (d) -+// into an uncompressed ANSI X9.63 format byte slice. -+func encodeToUncompressedAnsiX963Key(x, y, d BigInt, keySize int) ([]byte, error) { -+ // Build the uncompressed key point (0x04 || x || y { || d }) -+ size := 1 + keySize*2 -+ if d != nil { -+ size += keySize ++ if _, err = ossl.OSSL_PARAM_locate_const(params, _SCOSSL_DIGEST_PARAM_STATE.ptr()); err != nil { ++ return false + } -+ out := make([]byte, size) -+ out[0] = 0x04 -+ err := encodeBigInt(out[1:], []sizedBigInt{ -+ {x, keySize}, {y, keySize}, -+ {d, keySize}, -+ }) ++ params, err = ossl.EVP_MD_CTX_settable_params(ctx) + if err != nil { -+ return nil, err -+ } -+ return out, nil -+} -+ -+// decodeFromUncompressedAnsiX963Key decodes the given uncompressed ANSI X9.63 format byte slice into -+// the elliptic curve point (x, y) and optional private key (d). -+func decodeFromUncompressedAnsiX963Key(key []byte, keySize int) (x, y, d BigInt, err error) { -+ if len(key) < 1 || key[0] != 0x04 { -+ return nil, nil, nil, errors.New("invalid uncompressed key format") ++ return false + } -+ if len(key) < 1+keySize*2 { -+ return nil, nil, nil, errors.New("invalid key length") ++ if _, err = ossl.OSSL_PARAM_locate_const(params, _SCOSSL_DIGEST_PARAM_STATE.ptr()); err != nil { ++ return false + } -+ x = normalizeBigInt(key[1 : 1+keySize]) -+ y = normalizeBigInt(key[1+keySize : 1+keySize*2]) -+ if len(key) > 1+keySize*2 { -+ d = normalizeBigInt(key[1+keySize*2:]) -+ return x, y, d, nil ++ if _, err = ossl.OSSL_PARAM_locate_const(params, _SCOSSL_DIGEST_PARAM_RECOMPUTE_CHECKSUM.ptr()); err != nil { ++ return false + } -+ return x, y, nil, nil ++ return true +} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rand.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rand.go +new file mode 100644 +index 00000000000000..cd8a656a8bae65 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rand.go +@@ -0,0 +1,37 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. + -+func normalizeBigInt(b []byte) BigInt { -+ // Remove leading zero bytes -+ for len(b) > 0 && b[0] == 0 { -+ b = b[1:] -+ } -+ return b -+} ++package openssl + -+// sizedBigInt defines a big integer with -+// a size that can be different from the -+// one provided by len(b). -+type sizedBigInt struct { -+ b BigInt -+ size int -+} ++import ( ++ "math" + -+// encodeBigInt encodes ints into data. -+// It stops iterating over ints when it finds one nil element. -+func encodeBigInt(data []byte, ints []sizedBigInt) error { -+ for _, v := range ints { -+ if v.b == nil { -+ return nil ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) ++ ++type randReader int ++ ++func (randReader) Read(b []byte) (int, error) { ++ if len(b) == 0 { ++ return 0, nil ++ } ++ switch major() { ++ case 1: ++ if len(b) > math.MaxInt32 { ++ // OpenSSL 1 does not support reading more than 2^31-1 bytes at once. ++ // Instead of erroring out, read only up to 2^31-1 bytes and return ++ // the number of bytes read. ++ b = b[:math.MaxInt32] + } -+ normalized := normalizeBigInt(v.b) -+ // b might be shorter than size if the original big number contained leading zeros. -+ leadingZeros := int(v.size) - len(normalized) -+ if leadingZeros < 0 { -+ return errors.New("commoncrypto: invalid parameters") ++ if _, err := ossl.RAND_bytes(b); err != nil { ++ return 0, err ++ } ++ default: ++ if _, err := ossl.RAND_bytes_ex(nil, b, 0); err != nil { ++ return 0, err + } -+ copy(data[leadingZeros:], normalized) -+ data = data[v.size:] + } -+ return nil ++ return len(b), nil +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ed25519.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ed25519.go ++ ++const RandReader = randReader(0) +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rc4.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rc4.go new file mode 100644 -index 00000000000000..f59e6f9af58cd4 +index 00000000000000..37d12ec889a91e --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/ed25519.go -@@ -0,0 +1,100 @@ ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rc4.go +@@ -0,0 +1,76 @@ +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT License. + -+//go:build darwin && cgo -+ -+package xcrypto ++package openssl + +import ( -+ "strconv" -+ -+ "github.com/microsoft/go-crypto-darwin/internal/cryptokit" -+) ++ "runtime" + -+const ( -+ // publicKeySizeEd25519 is the size, in bytes, of public keys as used in crypto/ed25519. -+ publicKeySizeEd25519 = 32 -+ // privateKeySizeEd25519 is the size, in bytes, of private keys as used in crypto/ed25519. -+ privateKeySizeEd25519 = 64 -+ // signatureSizeEd25519 is the size, in bytes, of signatures generated and verified by crypto/ed25519. -+ signatureSizeEd25519 = 64 -+ // seedSizeEd25519 is the size, in bytes, of private key seeds. These are the private key representations used by RFC 8032. -+ seedSizeEd25519 = 32 ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++ "github.com/microsoft/go-crypto-openssl/osslsetup" +) + -+// PublicKeyEd25519 represents an Ed25519 public key. -+type PublicKeyEd25519 []byte -+ -+// PrivateKeyEd25519 represents an Ed25519 private key. -+type PrivateKeyEd25519 []byte -+ -+func (k PrivateKeyEd25519) Public() PublicKeyEd25519 { -+ publicKey := make([]byte, publicKeySizeEd25519) -+ copy(publicKey, k[seedSizeEd25519:]) -+ return PublicKeyEd25519(publicKey) -+} -+ -+// GenerateKeyEd25519 generates a new Ed25519 private key. -+func GenerateKeyEd25519() PrivateKeyEd25519 { -+ pkeyPriv := make([]byte, privateKeySizeEd25519) -+ cryptokit.GenerateKeyEd25519(pkeyPriv) -+ return pkeyPriv -+} -+ -+func NewPrivateKeyEd25519(priv []byte) (PrivateKeyEd25519, error) { -+ if len(priv) != privateKeySizeEd25519 { -+ panic("ed25519: bad private key length: " + strconv.Itoa(len(priv))) ++// SupportsRC4 returns true if NewRC4Cipher is supported. ++func SupportsRC4() bool { ++ switch major() { ++ case 1: ++ // RC4 is not part of the OpenSSL 1.x FIPS module. ++ return !osslsetup.FIPS() && loadCipher(cipherRC4, cipherModeNone) != nil ++ default: ++ // On OpenSSL 3+ availability is decided by the algorithm probe: ++ // EVP_CIPHER_fetch returns nil unless the legacy provider is loaded. ++ return loadCipher(cipherRC4, cipherModeNone) != nil + } -+ return NewPrivateKeyEd25519FromSeed(priv[:seedSizeEd25519]) +} + -+func (k PrivateKeyEd25519) Bytes() ([]byte, error) { -+ return k, nil ++// A RC4Cipher is an instance of RC4 using a particular key. ++type RC4Cipher struct { ++ ctx ossl.EVP_CIPHER_CTX_PTR +} + -+func NewPublicKeyEd25519(pub []byte) (PublicKeyEd25519, error) { -+ if len(pub) != publicKeySizeEd25519 { -+ panic("ed25519: bad public key length: " + strconv.Itoa(len(pub))) -+ } -+ pkey := make([]byte, publicKeySizeEd25519) -+ err := cryptokit.NewPublicKeyEd25519(pkey, pub) ++// NewRC4Cipher creates and returns a new Cipher. ++func NewRC4Cipher(key []byte) (*RC4Cipher, error) { ++ ctx, err := newCipherCtx(cipherRC4, cipherModeNone, cipherOpEncrypt, key, nil) + if err != nil { + return nil, err + } -+ return pkey, nil -+} -+ -+func (k PublicKeyEd25519) Bytes() ([]byte, error) { -+ return k, nil ++ c := &RC4Cipher{ctx} ++ runtime.SetFinalizer(c, (*RC4Cipher).finalize) ++ return c, nil +} + -+// NewPrivateKeyEd25519FromSeed calculates a private key from a seed. It will panic if -+// len(seed) is not [SeedSize]. RFC 8032's private keys correspond to seeds in this -+// package. -+// NewPrivateKeyEd25519FromSeed creates an Ed25519 private key from a seed. -+func NewPrivateKeyEd25519FromSeed(seed []byte) (PrivateKeyEd25519, error) { -+ if len(seed) != seedSizeEd25519 { -+ panic("ed25519: bad seed length: " + strconv.Itoa(len(seed))) -+ } -+ pkey := make([]byte, privateKeySizeEd25519) -+ err := cryptokit.NewPrivateKeyEd25519FromSeed(pkey, seed) -+ if err != nil { -+ return nil, err ++func (c *RC4Cipher) finalize() { ++ if c.ctx != nil { ++ ossl.EVP_CIPHER_CTX_free(c.ctx) + } -+ return pkey, nil +} + -+// SignEd25519 signs the message with priv and returns a signature. -+func SignEd25519(priv PrivateKeyEd25519, message []byte) ([]byte, error) { -+ sig := make([]byte, signatureSizeEd25519) -+ err := cryptokit.SignEd25519(sig, priv, message) -+ if err != nil { -+ return nil, err ++// Reset zeros the key data and makes the Cipher unusable. ++func (c *RC4Cipher) Reset() { ++ if c.ctx != nil { ++ ossl.EVP_CIPHER_CTX_free(c.ctx) ++ c.ctx = nil + } -+ return sig, nil +} + -+// VerifyEd25519 reports whether sig is a valid signature of message by pub. -+func VerifyEd25519(pub PublicKeyEd25519, message, sig []byte) error { -+ return cryptokit.VerifyEd25519(pub, message, sig) ++// XORKeyStream sets dst to the result of XORing src with the key stream. ++// Dst and src must overlap entirely or not at all. ++func (c *RC4Cipher) XORKeyStream(dst, src []byte) { ++ if c.ctx == nil || len(src) == 0 { ++ return ++ } ++ if inexactOverlap(dst[:len(src)], src) { ++ panic("crypto/rc4: invalid buffer overlap") ++ } ++ // panic if len(dst) < len(src) with a runtime out of bound error, ++ // which is what crypto/rc4 does. ++ _ = dst[len(src)-1] ++ var outLen int32 ++ if _, err := ossl.EVP_EncryptUpdate(c.ctx, dst, &outLen, src); err != nil { ++ panic("crypto/rc4: " + err.Error()) ++ } ++ if int(outLen) != len(src) { ++ panic("crypto/rc4: src not fully XORed") ++ } ++ runtime.KeepAlive(c) +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/evp.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/evp.go +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rsa.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rsa.go new file mode 100644 -index 00000000000000..6928418b4d26b9 +index 00000000000000..36f84902a21ece --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/evp.go -@@ -0,0 +1,345 @@ ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rsa.go +@@ -0,0 +1,712 @@ +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT License. + -+//go:build darwin -+ -+package xcrypto ++package openssl + -+// #include -+import "C" +import ( + "crypto" ++ "crypto/subtle" + "errors" + "hash" -+ "strconv" ++ "runtime" ++ "sync" + "unsafe" + -+ "github.com/microsoft/go-crypto-darwin/internal/cryptokit" -+) -+ -+type algorithmType int -+ -+const ( -+ algorithmTypePSS algorithmType = iota -+ algorithmTypeRAW -+ algorithmTypePKCS1v15Enc -+ algorithmTypePKCS1v15Sig -+ algorithmTypeOAEP -+ algorithmTypeECDSA ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" +) + -+type withKeyFunc func(func(C.SecKeyRef) C.int) C.int -+ -+// Encrypt encrypts a plaintext message using a given key and algorithm. -+func evpEncrypt(withKey withKeyFunc, algorithmType algorithmType, plaintext []byte, hash hash.Hash) ([]byte, error) { -+ var cryptoHash crypto.Hash -+ if hash != nil { -+ var err error -+ cryptoHash, err = hashToCryptoHash(hash) -+ if err != nil { -+ return nil, err -+ } ++func GenerateKeyRSA(bits int) (N, E, D, P, Q, Dp, Dq, Qinv BigInt, err error) { ++ bad := func(e error) (N, E, D, P, Q, Dp, Dq, Qinv BigInt, err error) { ++ return nil, nil, nil, nil, nil, nil, nil, nil, e + } -+ algorithm, err := selectAlgorithm(cryptoHash, algorithmType) ++ pkey, err := generateEVPPKey(ossl.EVP_PKEY_RSA, int32(bits), "") + if err != nil { -+ return nil, err ++ return bad(err) + } -+ -+ dataRef := bytesToCFData(plaintext) -+ defer cfRelease(unsafe.Pointer(dataRef)) -+ -+ var encryptedDataRef C.CFDataRef -+ result := withKey(func(key C.SecKeyRef) C.int { -+ if C.SecKeyIsAlgorithmSupported(key, C.kSecKeyOperationTypeEncrypt, algorithm) != 1 { -+ return -1 // Algorithm not supported by the key ++ defer ossl.EVP_PKEY_free(pkey) ++ switch major() { ++ case 1: ++ key, err := ossl.EVP_PKEY_get1_RSA(pkey) ++ if err != nil { ++ return bad(err) + } -+ encryptedDataRef = C.SecKeyCreateEncryptedData(key, algorithm, dataRef, nil) -+ if encryptedDataRef == 0 { -+ return -1 // Encryption failed ++ defer ossl.RSA_free(key) ++ var n, e, d, p, q, dmp1, dmq1, iqmp ossl.BIGNUM_PTR ++ ossl.RSA_get0_key(key, &n, &e, &d) ++ ossl.RSA_get0_factors(key, &p, &q) ++ ossl.RSA_get0_crt_params(key, &dmp1, &dmq1, &iqmp) ++ N, E, D = bnToBig(n), bnToBig(e), bnToBig(d) ++ P, Q = bnToBig(p), bnToBig(q) ++ Dp, Dq, Qinv = bnToBig(dmp1), bnToBig(dmq1), bnToBig(iqmp) ++ case 3, 4: ++ tmp, err := ossl.BN_new() ++ if err != nil { ++ return bad(err) + } -+ return 0 -+ }) -+ if result != 0 { -+ return nil, errors.New("encryption failed") ++ defer func() { ++ ossl.BN_clear_free(tmp) ++ }() ++ setBigInt := func(bi *BigInt, param cString) bool { ++ if err != nil { ++ return false ++ } ++ if _, err = ossl.EVP_PKEY_get_bn_param(pkey, param.ptr(), &tmp); err != nil { ++ return false ++ } ++ *bi = bnToBig(tmp) ++ ossl.BN_clear(tmp) ++ return true ++ } ++ if !(setBigInt(&N, _OSSL_PKEY_PARAM_RSA_N) && ++ setBigInt(&E, _OSSL_PKEY_PARAM_RSA_E) && ++ setBigInt(&D, _OSSL_PKEY_PARAM_RSA_D) && ++ setBigInt(&P, _OSSL_PKEY_PARAM_RSA_FACTOR1) && ++ setBigInt(&Q, _OSSL_PKEY_PARAM_RSA_FACTOR2) && ++ setBigInt(&Dp, _OSSL_PKEY_PARAM_RSA_EXPONENT1) && ++ setBigInt(&Dq, _OSSL_PKEY_PARAM_RSA_EXPONENT2) && ++ setBigInt(&Qinv, _OSSL_PKEY_PARAM_RSA_COEFFICIENT1)) { ++ return bad(err) ++ } ++ default: ++ panic(errUnsupportedVersion()) + } -+ defer cfRelease(unsafe.Pointer(encryptedDataRef)) ++ return ++} + -+ return cfDataToBytes(encryptedDataRef), nil ++type PublicKeyRSA struct { ++ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. ++ _pkey ossl.EVP_PKEY_PTR +} + -+// Decrypt decrypts a ciphertext using a given key and algorithm. -+func evpDecrypt(withKey withKeyFunc, algorithmType algorithmType, ciphertext []byte, hash hash.Hash) ([]byte, error) { -+ var cryptoHash crypto.Hash -+ if hash != nil { -+ var err error -+ cryptoHash, err = hashToCryptoHash(hash) ++func NewPublicKeyRSA(n, e BigInt) (*PublicKeyRSA, error) { ++ var pkey ossl.EVP_PKEY_PTR ++ switch major() { ++ case 1: ++ key, err := ossl.RSA_new() + if err != nil { + return nil, err + } ++ // No need to check for errors here, RSA_set0_* functions will fail ++ // if the BNs are NULL and we will free non-NULL BNs in the error handling. ++ bn, _ := bigToBN(n) ++ be, _ := bigToBN(e) ++ if _, err := ossl.RSA_set0_key(key, bn, be, nil); err != nil { ++ ossl.BN_free(bn) ++ ossl.BN_free(be) ++ ossl.RSA_free(key) ++ return nil, err ++ } ++ pkey, err = ossl.EVP_PKEY_new() ++ if err != nil { ++ ossl.RSA_free(key) ++ return nil, err ++ } ++ if _, err := ossl.EVP_PKEY_assign(pkey, ossl.EVP_PKEY_RSA, (unsafe.Pointer)(key)); err != nil { ++ ossl.RSA_free(key) ++ ossl.EVP_PKEY_free(pkey) ++ return nil, err ++ } ++ case 3, 4: ++ var err error ++ if pkey, err = newRSAKey3(false, n, e, nil, nil, nil, nil, nil, nil); err != nil { ++ return nil, err ++ } ++ default: ++ panic(errUnsupportedVersion()) + } -+ algorithm, err := selectAlgorithm(cryptoHash, algorithmType) -+ if err != nil { -+ return nil, err -+ } ++ k := &PublicKeyRSA{_pkey: pkey} ++ runtime.SetFinalizer(k, (*PublicKeyRSA).finalize) ++ return k, nil ++} + -+ msg := bytesToCFData(ciphertext) ++func (k *PublicKeyRSA) finalize() { ++ ossl.EVP_PKEY_free(k._pkey) ++} + -+ var decryptedDataRef C.CFDataRef -+ var cfErr C.CFErrorRef -+ result := withKey(func(key C.SecKeyRef) C.int { -+ if C.SecKeyIsAlgorithmSupported(key, C.kSecKeyOperationTypeDecrypt, algorithm) != 1 { -+ return -1 // Algorithm not supported by the key ++func (k *PublicKeyRSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { ++ // Because of the finalizer, any time _pkey is passed to cgo, that call must ++ // be followed by a call to runtime.KeepAlive, to make sure k is not ++ // collected (and finalized) before the cgo call returns. ++ defer runtime.KeepAlive(k) ++ return f(k._pkey) ++} ++ ++type PrivateKeyRSA struct { ++ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. ++ _pkey ossl.EVP_PKEY_PTR ++} ++ ++func NewPrivateKeyRSA(n, e, d, p, q, dp, dq, qinv BigInt) (*PrivateKeyRSA, error) { ++ var pkey ossl.EVP_PKEY_PTR ++ switch major() { ++ case 1: ++ key, err := ossl.RSA_new() ++ if err != nil { ++ return nil, err + } -+ decryptedDataRef = C.SecKeyCreateDecryptedData(key, algorithm, msg, &cfErr) -+ if decryptedDataRef == 0 { -+ return -1 // Decryption failed ++ // No need to check for errors here, RSA_set0_* functions will fail ++ // if the BNs are NULL and we will free non-NULL BNs in the error handling. ++ bn, _ := bigToBN(n) ++ be, _ := bigToBN(e) ++ bd, _ := bigToBN(d) ++ if _, err := ossl.RSA_set0_key(key, bn, be, bd); err != nil { ++ ossl.BN_free(bn) ++ ossl.BN_free(be) ++ ossl.BN_clear_free(bd) ++ return nil, err + } -+ return 0 // Success -+ }) -+ -+ if err := goCFErrorRef(cfErr); err != nil { -+ return nil, err ++ if p != nil && q != nil { ++ bp, _ := bigToBN(p) ++ bq, _ := bigToBN(q) ++ if _, err := ossl.RSA_set0_factors(key, bp, bq); err != nil { ++ ossl.BN_clear_free(bp) ++ ossl.BN_clear_free(bq) ++ return nil, err ++ } ++ } ++ if dp != nil && dq != nil && qinv != nil { ++ bdp, _ := bigToBN(dp) ++ bdq, _ := bigToBN(dq) ++ bqinv, _ := bigToBN(qinv) ++ if _, err := ossl.RSA_set0_crt_params(key, bdp, bdq, bqinv); err != nil { ++ ossl.BN_free(bdp) ++ ossl.BN_free(bdq) ++ ossl.BN_free(bqinv) ++ return nil, err ++ } ++ } ++ pkey, err = ossl.EVP_PKEY_new() ++ if err != nil { ++ ossl.RSA_free(key) ++ return nil, err ++ } ++ if _, err := ossl.EVP_PKEY_assign(pkey, ossl.EVP_PKEY_RSA, (unsafe.Pointer)(key)); err != nil { ++ ossl.RSA_free(key) ++ ossl.EVP_PKEY_free(pkey) ++ return nil, err ++ } ++ case 3, 4: ++ var err error ++ if pkey, err = newRSAKey3(true, n, e, d, p, q, dp, dq, qinv); err != nil { ++ return nil, err ++ } ++ default: ++ panic(errUnsupportedVersion()) + } ++ k := &PrivateKeyRSA{_pkey: pkey} ++ runtime.SetFinalizer(k, (*PrivateKeyRSA).finalize) ++ return k, nil ++} ++ ++func (k *PrivateKeyRSA) finalize() { ++ ossl.EVP_PKEY_free(k._pkey) ++} ++ ++func (k *PrivateKeyRSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { ++ // Because of the finalizer, any time _pkey is passed to cgo, that call must ++ // be followed by a call to runtime.KeepAlive, to make sure k is not ++ // collected (and finalized) before the cgo call returns. ++ defer runtime.KeepAlive(k) ++ return f(k._pkey) ++} ++ ++func DecryptRSAOAEP(h, mgfHash hash.Hash, priv *PrivateKeyRSA, ciphertext, label []byte) ([]byte, error) { ++ return evpDecrypt(priv.withKey, ossl.RSA_PKCS1_OAEP_PADDING, h, mgfHash, label, ciphertext) ++} ++ ++func EncryptRSAOAEP(h, mgfHash hash.Hash, pub *PublicKeyRSA, msg, label []byte) ([]byte, error) { ++ return evpEncrypt(pub.withKey, ossl.RSA_PKCS1_OAEP_PADDING, h, mgfHash, label, msg) ++} + -+ if result != 0 || decryptedDataRef == 0 { -+ return nil, errors.New("decryption failed") -+ } -+ defer cfRelease(unsafe.Pointer(decryptedDataRef)) ++func DecryptRSAPKCS1(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error) { ++ return evpDecrypt(priv.withKey, ossl.RSA_PKCS1_PADDING, nil, nil, nil, ciphertext) ++} + -+ return cfDataToBytes(decryptedDataRef), nil ++func EncryptRSAPKCS1(pub *PublicKeyRSA, msg []byte) ([]byte, error) { ++ return evpEncrypt(pub.withKey, ossl.RSA_PKCS1_PADDING, nil, nil, nil, msg) +} + -+func evpSign(withKey withKeyFunc, algorithmType algorithmType, hash crypto.Hash, hashed []byte) ([]byte, error) { -+ algorithm, err := selectAlgorithm(hash, algorithmType) ++func DecryptRSANoPadding(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error) { ++ ret, err := evpDecrypt(priv.withKey, ossl.RSA_NO_PADDING, nil, nil, nil, ciphertext) + if err != nil { + return nil, err + } -+ -+ var signedDataRef C.CFDataRef -+ var cfErr C.CFErrorRef -+ result := withKey(func(key C.SecKeyRef) C.int { -+ if C.SecKeyIsAlgorithmSupported(key, C.kSecKeyOperationTypeSign, algorithm) != 1 { -+ return -1 // Algorithm not supported by the key -+ } -+ signedDataRef = C.SecKeyCreateSignature(key, algorithm, bytesToCFData(hashed), &cfErr) -+ if signedDataRef == 0 { -+ return -1 // Signing failed -+ } -+ return 0 // Success -+ }) -+ -+ if err := goCFErrorRef(cfErr); err != nil { ++ // We could return here, but the Go standard library test expects DecryptRSANoPadding to verify the result ++ // in order to defend against errors in the CRT computation. ++ // ++ // The following code tries to replicate the verification implemented in the upstream function decryptAndCheck, found at ++ // https://github.com/golang/go/blob/9de1ac6ac2cad3871760d0aa288f5ca713afd0a6/src/crypto/rsa/rsa.go#L569-L582. ++ pub := &PublicKeyRSA{_pkey: priv._pkey} ++ // A private EVP_PKEY can be used as a public key as it contains the public information. ++ enc, err := EncryptRSANoPadding(pub, ret) ++ if err != nil { + return nil, err + } -+ -+ if result != 0 || signedDataRef == 0 { -+ return nil, errors.New("signing failed") ++ // Upstream does not do a constant time comparison because it works with math/big instead of byte slices, ++ // and math/big does not support constant-time arithmetic yet. See #20654 for more info. ++ if subtle.ConstantTimeCompare(ciphertext, enc) != 1 { ++ return nil, errors.New("rsa: internal error") + } -+ defer cfRelease(unsafe.Pointer(signedDataRef)) ++ return ret, nil ++} + -+ return cfDataToBytes(signedDataRef), nil ++func EncryptRSANoPadding(pub *PublicKeyRSA, msg []byte) ([]byte, error) { ++ return evpEncrypt(pub.withKey, ossl.RSA_NO_PADDING, nil, nil, nil, msg) +} + -+func evpVerify(withKey withKeyFunc, algorithmType algorithmType, hash crypto.Hash, hashed, signature []byte) error { -+ algorithm, err := selectAlgorithm(hash, algorithmType) -+ if err != nil { -+ return err ++func saltLength(saltLen int, sign bool) (int32, error) { ++ // A salt length of -2 is valid in OpenSSL, but not in crypto/rsa, so reject ++ // it, and lengths < -2, before we convert to the OpenSSL sentinel values. ++ if saltLen <= -2 { ++ return 0, errors.New("crypto/rsa: invalid PSS salt length") + } -+ -+ var cfErr C.CFErrorRef -+ result := withKey(func(key C.SecKeyRef) C.int { -+ if C.SecKeyIsAlgorithmSupported(key, C.kSecKeyOperationTypeVerify, algorithm) != 1 { -+ return -1 // Algorithm not supported by the key -+ } -+ if C.SecKeyVerifySignature(key, algorithm, bytesToCFData(hashed), bytesToCFData(signature), &cfErr) != 1 { -+ return -1 // Verification failed ++ // OpenSSL uses sentinel salt length values like Go crypto does, ++ // but the values don't fully match for rsa.PSSSaltLengthAuto (0). ++ if saltLen == 0 { ++ if sign { ++ if major() == 1 { ++ // OpenSSL 1.x uses -2 to mean maximal size when signing where Go crypto uses 0. ++ return ossl.RSA_PSS_SALTLEN_MAX_SIGN, nil ++ } ++ // OpenSSL 3.x deprecated RSA_PSS_SALTLEN_MAX_SIGN ++ // and uses -3 to mean maximal size when signing where Go crypto uses 0. ++ return ossl.RSA_PSS_SALTLEN_MAX, nil + } -+ return 0 // Success -+ }) -+ -+ if err := goCFErrorRef(cfErr); err != nil { -+ return err ++ // OpenSSL uses -2 to mean auto-detect size when verifying where Go crypto uses 0. ++ return ossl.RSA_PSS_SALTLEN_AUTO, nil + } ++ return int32(saltLen), nil ++} + -+ if result != 0 { -+ return errors.New("verification failed") ++func SignRSAPSS(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte, saltLen int) ([]byte, error) { ++ cSaltLen, err := saltLength(saltLen, true) ++ if err != nil { ++ return nil, err + } -+ return nil ++ return evpSign(priv.withKey, ossl.RSA_PKCS1_PSS_PADDING, cSaltLen, h, hashed) +} + -+// hashToCryptoHash converts a hash.Hash to a crypto.Hash. -+func hashToCryptoHash(hash hash.Hash) (crypto.Hash, error) { -+ switch hash.(type) { -+ case cryptokit.SHA1Hash: -+ return crypto.SHA1, nil -+ case cryptokit.SHA256Hash: -+ return crypto.SHA256, nil -+ case cryptokit.SHA384Hash: -+ return crypto.SHA384, nil -+ case cryptokit.SHA512Hash: -+ return crypto.SHA512, nil -+ default: -+ return 0, errors.New("unsupported hash function") ++func VerifyRSAPSS(pub *PublicKeyRSA, h crypto.Hash, hashed, sig []byte, saltLen int) error { ++ cSaltLen, err := saltLength(saltLen, false) ++ if err != nil { ++ return err + } ++ return evpVerify(pub.withKey, ossl.RSA_PKCS1_PSS_PADDING, cSaltLen, h, sig, hashed) +} + -+// selectAlgorithm selects the appropriate SecKeyAlgorithm based on hash and algorithm type. -+func selectAlgorithm(hash crypto.Hash, algorithmType algorithmType) (C.CFStringRef, error) { -+ var algo C.CFStringRef -+ switch algorithmType { -+ case algorithmTypePSS: -+ switch hash { -+ case crypto.SHA1: -+ algo = C.kSecKeyAlgorithmRSASignatureDigestPSSSHA1 -+ case crypto.SHA224: -+ algo = C.kSecKeyAlgorithmRSASignatureDigestPSSSHA224 -+ case crypto.SHA256: -+ algo = C.kSecKeyAlgorithmRSASignatureDigestPSSSHA256 -+ case crypto.SHA384: -+ algo = C.kSecKeyAlgorithmRSASignatureDigestPSSSHA384 -+ case crypto.SHA512: -+ algo = C.kSecKeyAlgorithmRSASignatureDigestPSSSHA512 -+ default: -+ return 0, errors.New("unsupported PSS hash: " + hash.String()) -+ } -+ case algorithmTypeRAW: -+ algo = C.kSecKeyAlgorithmRSAEncryptionRaw -+ case algorithmTypePKCS1v15Enc: -+ return C.kSecKeyAlgorithmRSAEncryptionPKCS1, nil -+ case algorithmTypePKCS1v15Sig: -+ switch hash { -+ case crypto.SHA1: -+ algo = C.kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA1 -+ case crypto.SHA224: -+ algo = C.kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA224 -+ case crypto.SHA256: -+ algo = C.kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA256 -+ case crypto.SHA384: -+ algo = C.kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA384 -+ case crypto.SHA512: -+ algo = C.kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA512 -+ case 0: -+ algo = C.kSecKeyAlgorithmRSASignatureDigestPKCS1v15Raw -+ default: -+ return 0, errors.New("unsupported PKCS1v15 hash: " + hash.String()) ++func SignRSAPKCS1v15(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte) ([]byte, error) { ++ return evpSign(priv.withKey, ossl.RSA_PKCS1_PADDING, 0, h, hashed) ++} ++ ++func HashSignRSAPKCS1v15(priv *PrivateKeyRSA, h crypto.Hash, msg []byte) ([]byte, error) { ++ return evpHashSign(priv.withKey, h, msg) ++} ++ ++func VerifyRSAPKCS1v15(pub *PublicKeyRSA, h crypto.Hash, hashed, sig []byte) error { ++ defer runtime.KeepAlive(pub) ++ var size int32 ++ if err := pub.withKey(func(pkey ossl.EVP_PKEY_PTR) (err error) { ++ size, err = ossl.EVP_PKEY_get_size(pkey) ++ if err != nil { ++ return err + } -+ case algorithmTypeOAEP: -+ switch hash { -+ case crypto.SHA1: -+ algo = C.kSecKeyAlgorithmRSAEncryptionOAEPSHA1 -+ case crypto.SHA224: -+ algo = C.kSecKeyAlgorithmRSAEncryptionOAEPSHA224 -+ case crypto.SHA256: -+ algo = C.kSecKeyAlgorithmRSAEncryptionOAEPSHA256 -+ case crypto.SHA384: -+ algo = C.kSecKeyAlgorithmRSAEncryptionOAEPSHA384 -+ case crypto.SHA512: -+ algo = C.kSecKeyAlgorithmRSAEncryptionOAEPSHA512 -+ default: -+ return 0, errors.New("unsupported OAEP hash: " + hash.String()) ++ if len(sig) < int(size) { ++ return errors.New("crypto/rsa: verification error") + } -+ case algorithmTypeECDSA: -+ return C.kSecKeyAlgorithmECDSASignatureDigestX962, nil -+ default: -+ return 0, errors.New("unsupported algorithm type: " + strconv.Itoa(int(algorithmType))) ++ return nil ++ }); err != nil { ++ return err + } -+ return algo, nil ++ return evpVerify(pub.withKey, ossl.RSA_PKCS1_PADDING, 0, h, sig, hashed) +} + -+// bytesToCFData turns a byte slice into a CFDataRef. Caller then "owns" the -+// CFDataRef and must CFRelease the CFDataRef when done. -+func bytesToCFData(buf []byte) C.CFDataRef { -+ return C.CFDataCreate(C.kCFAllocatorDefault, base(buf), C.CFIndex(len(buf))) ++func HashVerifyRSAPKCS1v15(pub *PublicKeyRSA, h crypto.Hash, msg, sig []byte) error { ++ return evpHashVerify(pub.withKey, h, msg, sig) +} + -+// cfDataToBytes turns a CFDataRef into a byte slice. -+func cfDataToBytes(cfData C.CFDataRef) []byte { -+ return C.GoBytes(unsafe.Pointer(C.CFDataGetBytePtr(cfData)), C.int(C.CFDataGetLength(cfData))) -+} ++func newRSAKey3(isPriv bool, n, e, d, p, q, dp, dq, qinv BigInt) (ossl.EVP_PKEY_PTR, error) { ++ bld := newParamBuilder() ++ defer bld.finalize() + -+// cfRelease releases a CoreFoundation object. -+func cfRelease(ref unsafe.Pointer) { -+ C.CFRelease(C.CFTypeRef(ref)) -+} ++ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_N, n, false) ++ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_E, e, false) ++ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_D, d, false) + -+// createSecKeyWithData creates a SecKey from the provided encoded key and attributes dictionary. -+func createSecKeyWithData(encodedKey []byte, keyType, keyClass C.CFStringRef) (C.SecKeyRef, error) { -+ encodedKeyCF := C.CFDataCreate(C.kCFAllocatorDefault, base(encodedKey), C.CFIndex(len(encodedKey))) -+ if encodedKeyCF == 0 { -+ return 0, errors.New("xcrypto: failed to create CFData for private key") ++ // OpenSSL 3.0 and 3.1 required all the precomputed values if ++ // P and Q are present. See: ++ // https://github.com/openssl/openssl/pull/22334 ++ // ++ // We could only set P and Q if they exist when using OpenSSL 3.2 ++ // or newer, but the RSA provider might be built with an older ++ // OpenSSL version, in which case it would still require all the ++ // precomputed values. So better always provide all the values or ++ // none of them. ++ if p != nil && q != nil && dp != nil && dq != nil && qinv != nil { ++ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_FACTOR1, p, true) ++ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_FACTOR2, q, true) ++ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_EXPONENT1, dp, true) ++ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_EXPONENT2, dq, true) ++ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_COEFFICIENT1, qinv, true) + } -+ defer C.CFRelease(C.CFTypeRef(encodedKeyCF)) + -+ attrKeys := []C.CFTypeRef{ -+ C.CFTypeRef(C.kSecAttrKeyType), -+ C.CFTypeRef(C.kSecAttrKeyClass), ++ params, err := bld.build() ++ if err != nil { ++ return nil, err + } -+ -+ attrValues := []C.CFTypeRef{ -+ C.CFTypeRef(keyType), -+ C.CFTypeRef(keyClass), ++ defer ossl.OSSL_PARAM_free(params) ++ selection := ossl.EVP_PKEY_PUBLIC_KEY ++ if isPriv { ++ selection = ossl.EVP_PKEY_KEYPAIR + } ++ return newEvpFromParams(ossl.EVP_PKEY_RSA, int32(selection), params) ++} + -+ // Create attributes dictionary for the key -+ attrDict := C.CFDictionaryCreate( -+ C.kCFAllocatorDefault, -+ (*unsafe.Pointer)(unsafe.Pointer(&attrKeys[0])), -+ (*unsafe.Pointer)(unsafe.Pointer(&attrValues[0])), -+ C.CFIndex(len(attrKeys)), -+ nil, -+ nil, -+ ) -+ if attrDict == 0 { -+ return 0, errors.New("xcrypto: failed to create attributes dictionary") ++// SupportsRSAPKCS1v15Encryption returns true if the RSA PKCS1 v1.5 padding is supported for encryption and decryption. ++var SupportsRSAPKCS1v15Encryption = sync.OnceValue(func() bool { ++ pkey := testRSAPrivateKey() ++ ctx, err := ossl.EVP_PKEY_CTX_new(pkey, nil) ++ if err != nil { ++ return false + } -+ defer C.CFRelease(C.CFTypeRef(attrDict)) -+ -+ // Generate the SecKey -+ var errorRef C.CFErrorRef -+ key := C.SecKeyCreateWithData(encodedKeyCF, attrDict, &errorRef) -+ if err := goCFErrorRef(errorRef); err != nil { -+ return 0, err ++ defer ossl.EVP_PKEY_CTX_free(ctx) ++ ++ if _, err := ossl.EVP_PKEY_encrypt_init(ctx); err != nil { ++ return false + } -+ return key, nil -+} + -+// createSecKeyRandom creates a new SecKey with the provided attributes dictionary. -+func createSecKeyRandom(keyType C.CFStringRef, keySize int) ([]byte, C.SecKeyRef, error) { -+ keyAttrs := C.CFDictionaryCreateMutable(C.kCFAllocatorDefault, 0, nil, nil) -+ if keyAttrs == 0 { -+ return nil, 0, errors.New("failed to create key attributes dictionary") ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_PADDING, ossl.RSA_PKCS1_PADDING, nil); err != nil { ++ return false + } -+ defer C.CFRelease(C.CFTypeRef(keyAttrs)) + -+ C.CFDictionarySetValue( -+ keyAttrs, -+ unsafe.Pointer(C.kSecAttrKeyType), -+ unsafe.Pointer(keyType), -+ ) ++ // In FIPS mode, setting the padding might succeed, but the actual encryption will fail. ++ // So we need to try to encrypt something to be sure. ++ in := []byte("test") ++ var outLen int ++ if _, err := ossl.EVP_PKEY_encrypt(ctx, nil, &outLen, in); err != nil { ++ return false ++ } ++ return true ++}) + -+ C.CFDictionarySetValue( -+ keyAttrs, -+ unsafe.Pointer(C.kSecAttrKeySizeInBits), -+ unsafe.Pointer(C.CFNumberCreate(C.kCFAllocatorDefault, C.kCFNumberIntType, unsafe.Pointer(&keySize))), -+ ) ++var rsaPKCS1SignatureSupport sync.Map + -+ // Generate the private key -+ var errorRef C.CFErrorRef -+ var privKeyRef C.SecKeyRef = C.SecKeyCreateRandomKey(C.CFDictionaryRef(keyAttrs), &errorRef) -+ if err := goCFErrorRef(errorRef); err != nil { -+ return nil, 0, err ++// SupportsRSAPKCS1v15Signature returns true if the RSA PKCS1 v1.5 padding is supported for signatures with the given hash. ++func SupportsRSAPKCS1v15Signature(ch crypto.Hash) (supported bool) { ++ v, ok := rsaPKCS1SignatureSupport.Load(ch) ++ if ok { ++ return v.(bool) + } ++ defer func() { ++ rsaPKCS1SignatureSupport.Store(ch, supported) ++ }() + -+ // Export the private key as DER -+ privData := C.SecKeyCopyExternalRepresentation(privKeyRef, &errorRef) -+ if err := goCFErrorRef(errorRef); err != nil { -+ return nil, 0, err ++ pkey := testRSAPrivateKey() ++ ctx, err := ossl.EVP_PKEY_CTX_new(pkey, nil) ++ if err != nil { ++ return false + } -+ defer C.CFRelease(C.CFTypeRef(privData)) -+ -+ privKeyDER := cfDataToBytes(privData) -+ if privKeyDER == nil { -+ return nil, 0, errors.New("failed to convert CFData to bytes") ++ defer ossl.EVP_PKEY_CTX_free(ctx) ++ if _, err := ossl.EVP_PKEY_sign_init(ctx); err != nil { ++ return false + } -+ return privKeyDER, privKeyRef, nil ++ if setPKCS1Padding(ctx, ch) != nil { ++ return false ++ } ++ // In FIPS mode, setting the padding might succeed, but the actual signature will fail. ++ // So we need to try to sign something to be sure. ++ size := 1 ++ if ch != 0 { ++ size = ch.Size() ++ } ++ in := make([]byte, size, maxHashSize) ++ var outLen int ++ if _, err := ossl.EVP_PKEY_sign(ctx, nil, &outLen, in); err != nil { ++ return false ++ } ++ return true +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/hash.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/hash.go -new file mode 100644 -index 00000000000000..b03a3ca13bdc7f ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/hash.go -@@ -0,0 +1,68 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+//go:build darwin && cgo + -+package xcrypto ++var rsaPSSSupport sync.Map + -+import ( -+ "crypto" -+ "hash" ++// SupportsRSAPSS returns true if the RSA PSS padding is supported for signatures with the given hash. ++func SupportsRSAPSS(ch crypto.Hash) (supported bool) { ++ v, ok := rsaPSSSupport.Load(ch) ++ if ok { ++ return v.(bool) ++ } ++ defer func() { ++ rsaPSSSupport.Store(ch, supported) ++ }() + -+ "github.com/microsoft/go-crypto-darwin/internal/cryptokit" -+) ++ if !SupportsHash(ch) { ++ // Short-circuit if the hash itself is not supported. ++ return false ++ } + -+// SupportsHash returns true if a hash.Hash implementation is supported for h. -+func SupportsHash(h crypto.Hash) bool { -+ switch h { -+ case crypto.MD5, crypto.SHA1, crypto.SHA256, crypto.SHA384, crypto.SHA512: -+ return true -+ default: ++ pkey := testRSAPrivateKey() ++ ctx, err := ossl.EVP_PKEY_CTX_new(pkey, nil) ++ if err != nil { ++ return false ++ } ++ defer ossl.EVP_PKEY_CTX_free(ctx) ++ if _, err := ossl.EVP_PKEY_sign_init(ctx); err != nil { ++ return false ++ } ++ if setPSSPadding(ctx, 0, ch) != nil { + return false + } ++ // In FIPS mode, setting the padding might succeed, but the actual signature will fail. ++ // So we need to try to sign something to be sure. ++ in := make([]byte, ch.Size(), maxHashSize) ++ var outLen int ++ if _, err := ossl.EVP_PKEY_sign(ctx, nil, &outLen, in); err != nil { ++ return false ++ } ++ return true +} + -+func MD5(p []byte) (sum [16]byte) { -+ return cryptokit.MD5(p) -+} ++var rsaOAEPSupport sync.Map + -+func SHA1(p []byte) (sum [20]byte) { -+ return cryptokit.SHA1(p) ++type rsaOAEPSupportEntry struct { ++ ch crypto.Hash ++ mgfHash crypto.Hash +} + -+func SHA256(p []byte) (sum [32]byte) { -+ return cryptokit.SHA256(p) -+} ++// SupportsRSAOAEP returns true if the RSA OAEP padding is supported for encryption/decryption ++// with the given hash and MGF hash. ++func SupportsRSAOAEP(h, mgfHash hash.Hash) (supported bool) { ++ ch := hashToCryptoHash(h) ++ if ch == 0 { ++ return false ++ } ++ mgfCh := hashToCryptoHash(mgfHash) ++ if mgfCh == 0 { ++ return false ++ } ++ entry := rsaOAEPSupportEntry{ch, mgfCh} ++ v, ok := rsaOAEPSupport.Load(entry) ++ if ok { ++ return v.(bool) ++ } ++ defer func() { ++ rsaOAEPSupport.Store(entry, supported) ++ }() + -+func SHA384(p []byte) (sum [48]byte) { -+ return cryptokit.SHA384(p) -+} ++ if !SupportsHash(ch) { ++ // Short-circuit if the hash itself is not supported. ++ return false ++ } + -+func SHA512(p []byte) (sum [64]byte) { -+ return cryptokit.SHA512(p) -+} ++ pkey := testRSAPrivateKey() ++ ctx, err := ossl.EVP_PKEY_CTX_new(pkey, nil) ++ if err != nil { ++ return false ++ } ++ defer ossl.EVP_PKEY_CTX_free(ctx) + -+// NewMD5 initializes a new MD5 hasher. -+func NewMD5() hash.Hash { -+ return cryptokit.NewMD5() -+} ++ if _, err := ossl.EVP_PKEY_encrypt_init(ctx); err != nil { ++ return false ++ } + -+// NewSHA1 initializes a new SHA1 hasher. -+func NewSHA1() hash.Hash { -+ return cryptokit.NewSHA1() -+} ++ if setOAEPPadding(ctx, h, mgfHash, nil) != nil { ++ return false ++ } + -+// NewSHA256 initializes a new SHA256 hasher. -+func NewSHA256() hash.Hash { -+ return cryptokit.NewSHA256() ++ // In FIPS mode, setting the padding might succeed, but the actual encryption will fail. ++ // So we need to try to encrypt something to be sure. ++ in := []byte("test") ++ var outLen int ++ if _, err := ossl.EVP_PKEY_encrypt(ctx, nil, &outLen, in); err != nil { ++ return false ++ } ++ return true +} + -+// NewSHA384 initializes a new SHA384 hasher. -+func NewSHA384() hash.Hash { -+ return cryptokit.NewSHA384() -+} ++// testRSAPrivateKey returns a test RSA private key for use in capability probing functions. ++// ++// The key is constructed from hard-coded parameters to avoid ++// spurious failures due to key generation issues and to avoid the speed cost of ++// key generation. ++var testRSAPrivateKey = sync.OnceValue(func() ossl.EVP_PKEY_PTR { ++ // RSA-2048 key "testRSA2048": ++ // https://www.rfc-editor.org/rfc/rfc9500.html#section-2.1 ++ N := []byte{ ++ 0xB0, 0xF9, 0xE8, 0x19, 0x43, 0xA7, 0xAE, 0x98, ++ 0x92, 0xAA, 0xDE, 0x17, 0xCA, 0x7C, 0x40, 0xF8, ++ 0x74, 0x4F, 0xED, 0x2F, 0x81, 0x48, 0xE6, 0xC8, ++ 0xEA, 0xA2, 0x7B, 0x7D, 0x00, 0x15, 0x48, 0xFB, ++ 0x51, 0x92, 0xAB, 0x28, 0xB5, 0x6C, 0x50, 0x60, ++ 0xB1, 0x18, 0xCC, 0xD1, 0x31, 0xE5, 0x94, 0x87, ++ 0x4C, 0x6C, 0xA9, 0x89, 0xB5, 0x6C, 0x27, 0x29, ++ 0x6F, 0x09, 0xFB, 0x93, 0xA0, 0x34, 0xDF, 0x32, ++ 0xE9, 0x7C, 0x6F, 0xF0, 0x99, 0x8C, 0xFD, 0x8E, ++ 0x6F, 0x42, 0xDD, 0xA5, 0x8A, 0xCD, 0x1F, 0xA9, ++ 0x79, 0x86, 0xF1, 0x44, 0xF3, 0xD1, 0x54, 0xD6, ++ 0x76, 0x50, 0x17, 0x5E, 0x68, 0x54, 0xB3, 0xA9, ++ 0x52, 0x00, 0x3B, 0xC0, 0x68, 0x87, 0xB8, 0x45, ++ 0x5A, 0xC2, 0xB1, 0x9F, 0x7B, 0x2F, 0x76, 0x50, ++ 0x4E, 0xBC, 0x98, 0xEC, 0x94, 0x55, 0x71, 0xB0, ++ 0x78, 0x92, 0x15, 0x0D, 0xDC, 0x6A, 0x74, 0xCA, ++ 0x0F, 0xBC, 0xD3, 0x54, 0x97, 0xCE, 0x81, 0x53, ++ 0x4D, 0xAF, 0x94, 0x18, 0x84, 0x4B, 0x13, 0xAE, ++ 0xA3, 0x1F, 0x9D, 0x5A, 0x6B, 0x95, 0x57, 0xBB, ++ 0xDF, 0x61, 0x9E, 0xFD, 0x4E, 0x88, 0x7F, 0x2D, ++ 0x42, 0xB8, 0xDD, 0x8B, 0xC9, 0x87, 0xEA, 0xE1, ++ 0xBF, 0x89, 0xCA, 0xB8, 0x5E, 0xE2, 0x1E, 0x35, ++ 0x63, 0x05, 0xDF, 0x6C, 0x07, 0xA8, 0x83, 0x8E, ++ 0x3E, 0xF4, 0x1C, 0x59, 0x5D, 0xCC, 0xE4, 0x3D, ++ 0xAF, 0xC4, 0x91, 0x23, 0xEF, 0x4D, 0x8A, 0xBB, ++ 0xA9, 0x3D, 0x39, 0x05, 0xE4, 0x02, 0x8D, 0x7B, ++ 0xA9, 0x14, 0x84, 0xA2, 0x75, 0x96, 0xE0, 0x7B, ++ 0x4B, 0x6E, 0xD9, 0x92, 0xF0, 0x77, 0xB5, 0x24, ++ 0xD3, 0xDC, 0xFE, 0x7D, 0xDD, 0x55, 0x49, 0xBE, ++ 0x7C, 0xCE, 0x8D, 0xA0, 0x35, 0xCF, 0xA0, 0xB3, ++ 0xFB, 0x8F, 0x9E, 0x46, 0xF7, 0x32, 0xB2, 0xA8, ++ 0x6B, 0x46, 0x01, 0x65, 0xC0, 0x8F, 0x53, 0x13} ++ E := []byte{0x01, 0x00, 0x01} ++ d := []byte{ ++ 0x41, 0x18, 0x8B, 0x20, 0xCF, 0xDB, 0xDB, 0xC2, ++ 0xCF, 0x1F, 0xFE, 0x75, 0x2D, 0xCB, 0xAA, 0x72, ++ 0x39, 0x06, 0x35, 0x2E, 0x26, 0x15, 0xD4, 0x9D, ++ 0xCE, 0x80, 0x59, 0x7F, 0xCF, 0x0A, 0x05, 0x40, ++ 0x3B, 0xEF, 0x00, 0xFA, 0x06, 0x51, 0x82, 0xF7, ++ 0x2D, 0xEC, 0xFB, 0x59, 0x6F, 0x4B, 0x0C, 0xE8, ++ 0xFF, 0x59, 0x70, 0xBA, 0xF0, 0x7A, 0x89, 0xA5, ++ 0x19, 0xEC, 0xC8, 0x16, 0xB2, 0xF4, 0xFF, 0xAC, ++ 0x50, 0x69, 0xAF, 0x1B, 0x06, 0xBF, 0xEF, 0x7B, ++ 0xF6, 0xBC, 0xD7, 0x9E, 0x4E, 0x81, 0xC8, 0xC5, ++ 0xA3, 0xA7, 0xD9, 0x13, 0x0D, 0xC3, 0xCF, 0xBA, ++ 0xDA, 0xE5, 0xF6, 0xD2, 0x88, 0xF9, 0xAE, 0xE3, ++ 0xF6, 0xFF, 0x92, 0xFA, 0xE0, 0xF8, 0x1A, 0xF5, ++ 0x97, 0xBE, 0xC9, 0x6A, 0xE9, 0xFA, 0xB9, 0x40, ++ 0x2C, 0xD5, 0xFE, 0x41, 0xF7, 0x05, 0xBE, 0xBD, ++ 0xB4, 0x7B, 0xB7, 0x36, 0xD3, 0xFE, 0x6C, 0x5A, ++ 0x51, 0xE0, 0xE2, 0x07, 0x32, 0xA9, 0x7B, 0x5E, ++ 0x46, 0xC1, 0xCB, 0xDB, 0x26, 0xD7, 0x48, 0x54, ++ 0xC6, 0xB6, 0x60, 0x4A, 0xED, 0x46, 0x37, 0x35, ++ 0xFF, 0x90, 0x76, 0x04, 0x65, 0x57, 0xCA, 0xF9, ++ 0x49, 0xBF, 0x44, 0x88, 0x95, 0xC2, 0x04, 0x32, ++ 0xC1, 0xE0, 0x9C, 0x01, 0x4E, 0xA7, 0x56, 0x60, ++ 0x43, 0x4F, 0x1A, 0x0F, 0x3B, 0xE2, 0x94, 0xBA, ++ 0xBC, 0x5D, 0x53, 0x0E, 0x6A, 0x10, 0x21, 0x3F, ++ 0x53, 0xB6, 0x03, 0x75, 0xFC, 0x84, 0xA7, 0x57, ++ 0x3F, 0x2A, 0xF1, 0x21, 0x55, 0x84, 0xF5, 0xB4, ++ 0xBD, 0xA6, 0xD4, 0xE8, 0xF9, 0xE1, 0x7A, 0x78, ++ 0xD9, 0x7E, 0x77, 0xB8, 0x6D, 0xA4, 0xA1, 0x84, ++ 0x64, 0x75, 0x31, 0x8A, 0x7A, 0x10, 0xA5, 0x61, ++ 0x01, 0x4E, 0xFF, 0xA2, 0x3A, 0x81, 0xEC, 0x56, ++ 0xE9, 0xE4, 0x10, 0x9D, 0xEF, 0x8C, 0xB3, 0xF7, ++ 0x97, 0x22, 0x3F, 0x7D, 0x8D, 0x0D, 0x43, 0x51} ++ p := []byte{ ++ 0xDD, 0x10, 0x57, 0x02, 0x38, 0x2F, 0x23, 0x2B, ++ 0x36, 0x81, 0xF5, 0x37, 0x91, 0xE2, 0x26, 0x17, ++ 0xC7, 0xBF, 0x4E, 0x9A, 0xCB, 0x81, 0xED, 0x48, ++ 0xDA, 0xF6, 0xD6, 0x99, 0x5D, 0xA3, 0xEA, 0xB6, ++ 0x42, 0x83, 0x9A, 0xFF, 0x01, 0x2D, 0x2E, 0xA6, ++ 0x28, 0xB9, 0x0A, 0xF2, 0x79, 0xFD, 0x3E, 0x6F, ++ 0x7C, 0x93, 0xCD, 0x80, 0xF0, 0x72, 0xF0, 0x1F, ++ 0xF2, 0x44, 0x3B, 0x3E, 0xE8, 0xF2, 0x4E, 0xD4, ++ 0x69, 0xA7, 0x96, 0x13, 0xA4, 0x1B, 0xD2, 0x40, ++ 0x20, 0xF9, 0x2F, 0xD1, 0x10, 0x59, 0xBD, 0x1D, ++ 0x0F, 0x30, 0x1B, 0x5B, 0xA7, 0xA9, 0xD3, 0x63, ++ 0x7C, 0xA8, 0xD6, 0x5C, 0x1A, 0x98, 0x15, 0x41, ++ 0x7D, 0x8E, 0xAB, 0x73, 0x4B, 0x0B, 0x4F, 0x3A, ++ 0x2C, 0x66, 0x1D, 0x9A, 0x1A, 0x82, 0xF3, 0xAC, ++ 0x73, 0x4C, 0x40, 0x53, 0x06, 0x69, 0xAB, 0x8E, ++ 0x47, 0x30, 0x45, 0xA5, 0x8E, 0x65, 0x53, 0x9D} ++ q := []byte{ ++ 0xCC, 0xF1, 0xE5, 0xBB, 0x90, 0xC8, 0xE9, 0x78, ++ 0x1E, 0xA7, 0x5B, 0xEB, 0xF1, 0x0B, 0xC2, 0x52, ++ 0xE1, 0x1E, 0xB0, 0x23, 0xA0, 0x26, 0x0F, 0x18, ++ 0x87, 0x55, 0x2A, 0x56, 0x86, 0x3F, 0x4A, 0x64, ++ 0x21, 0xE8, 0xC6, 0x00, 0xBF, 0x52, 0x3D, 0x6C, ++ 0xB1, 0xB0, 0xAD, 0xBD, 0xD6, 0x5B, 0xFE, 0xE4, ++ 0xA8, 0x8A, 0x03, 0x7E, 0x3D, 0x1A, 0x41, 0x5E, ++ 0x5B, 0xB9, 0x56, 0x48, 0xDA, 0x5A, 0x0C, 0xA2, ++ 0x6B, 0x54, 0xF4, 0xA6, 0x39, 0x48, 0x52, 0x2C, ++ 0x3D, 0x5F, 0x89, 0xB9, 0x4A, 0x72, 0xEF, 0xFF, ++ 0x95, 0x13, 0x4D, 0x59, 0x40, 0xCE, 0x45, 0x75, ++ 0x8F, 0x30, 0x89, 0x80, 0x90, 0x89, 0x56, 0x58, ++ 0x8E, 0xEF, 0x57, 0x5B, 0x3E, 0x4B, 0xC4, 0xC3, ++ 0x68, 0xCF, 0xE8, 0x13, 0xEE, 0x9C, 0x25, 0x2C, ++ 0x2B, 0x02, 0xE0, 0xDF, 0x91, 0xF1, 0xAA, 0x01, ++ 0x93, 0x8D, 0x38, 0x68, 0x5D, 0x60, 0xBA, 0x6F} ++ qInv := []byte{ ++ 0x0A, 0x81, 0xD8, 0xA6, 0x18, 0x31, 0x4A, 0x80, ++ 0x3A, 0xF6, 0x1C, 0x06, 0x71, 0x1F, 0x2C, 0x39, ++ 0xB2, 0x66, 0xFF, 0x41, 0x4D, 0x53, 0x47, 0x6D, ++ 0x1D, 0xA5, 0x2A, 0x43, 0x18, 0xAA, 0xFE, 0x4B, ++ 0x96, 0xF0, 0xDA, 0x07, 0x15, 0x5F, 0x8A, 0x51, ++ 0x34, 0xDA, 0xB8, 0x8E, 0xE2, 0x9E, 0x81, 0x68, ++ 0x07, 0x6F, 0xCD, 0x78, 0xCA, 0x79, 0x1A, 0xC6, ++ 0x34, 0x42, 0xA8, 0x1C, 0xD0, 0x69, 0x39, 0x27, ++ 0xD8, 0x08, 0xE3, 0x35, 0xE8, 0xD8, 0xCB, 0xF2, ++ 0x12, 0x19, 0x07, 0x50, 0x9A, 0x57, 0x75, 0x9B, ++ 0x4F, 0x9A, 0x18, 0xFA, 0x3A, 0x7B, 0x33, 0x37, ++ 0x79, 0xED, 0xDE, 0x7A, 0x45, 0x93, 0x84, 0xF8, ++ 0x44, 0x4A, 0xDA, 0xEC, 0xFF, 0xEC, 0x95, 0xFD, ++ 0x55, 0x2B, 0x0C, 0xFC, 0xB6, 0xC7, 0xF6, 0x92, ++ 0x62, 0x6D, 0xDE, 0x1E, 0xF2, 0x68, 0xA4, 0x0D, ++ 0x2F, 0x67, 0xB5, 0xC8, 0xAA, 0x38, 0x7F, 0xF7} ++ dP := []byte{ ++ 0x09, 0xED, 0x54, 0xEA, 0xED, 0x98, 0xF8, 0x4C, ++ 0x55, 0x7B, 0x4A, 0x86, 0xBF, 0x4F, 0x57, 0x84, ++ 0x93, 0xDC, 0xBC, 0x6B, 0xE9, 0x1D, 0xA1, 0x89, ++ 0x37, 0x04, 0x04, 0xA9, 0x08, 0x72, 0x76, 0xF4, ++ 0xCE, 0x51, 0xD8, 0xA1, 0x00, 0xED, 0x85, 0x7D, ++ 0xC2, 0xB0, 0x64, 0x94, 0x74, 0xF3, 0xF1, 0x5C, ++ 0xD2, 0x4C, 0x54, 0xDB, 0x28, 0x71, 0x10, 0xE5, ++ 0x6E, 0x5C, 0xB0, 0x08, 0x68, 0x2F, 0x91, 0x68, ++ 0xAA, 0x81, 0xF3, 0x14, 0x58, 0xB7, 0x43, 0x1E, ++ 0xCC, 0x1C, 0x44, 0x90, 0x6F, 0xDA, 0x87, 0xCA, ++ 0x89, 0x47, 0x10, 0xC3, 0x71, 0xE9, 0x07, 0x6C, ++ 0x1D, 0x49, 0xFB, 0xAE, 0x51, 0x27, 0x69, 0x34, ++ 0xF2, 0xAD, 0x78, 0x77, 0x89, 0xF4, 0x2D, 0x0F, ++ 0xA0, 0xB4, 0xC9, 0x39, 0x85, 0x5D, 0x42, 0x12, ++ 0x09, 0x6F, 0x70, 0x28, 0x0A, 0x4E, 0xAE, 0x7C, ++ 0x8A, 0x27, 0xD9, 0xC8, 0xD0, 0x77, 0x2E, 0x65} ++ dQ := []byte{ ++ 0x8C, 0xB6, 0x85, 0x7A, 0x7B, 0xD5, 0x46, 0x5F, ++ 0x80, 0x04, 0x7E, 0x9B, 0x87, 0xBC, 0x00, 0x27, ++ 0x31, 0x84, 0x05, 0x81, 0xE0, 0x62, 0x61, 0x39, ++ 0x01, 0x2A, 0x5B, 0x50, 0x5F, 0x0A, 0x33, 0x84, ++ 0x7E, 0xB7, 0xB8, 0xC3, 0x28, 0x99, 0x49, 0xAD, ++ 0x48, 0x6F, 0x3B, 0x4B, 0x3D, 0x53, 0x9A, 0xB5, ++ 0xDA, 0x76, 0x30, 0x21, 0xCB, 0xC8, 0x2C, 0x1B, ++ 0xA2, 0x34, 0xA5, 0x66, 0x8D, 0xED, 0x08, 0x01, ++ 0xB8, 0x59, 0xF3, 0x43, 0xF1, 0xCE, 0x93, 0x04, ++ 0xE6, 0xFA, 0xA2, 0xB0, 0x02, 0xCA, 0xD9, 0xB7, ++ 0x8C, 0xDE, 0x5C, 0xDC, 0x2C, 0x1F, 0xB4, 0x17, ++ 0x1C, 0x42, 0x42, 0x16, 0x70, 0xA6, 0xAB, 0x0F, ++ 0x50, 0xCC, 0x4A, 0x19, 0x4E, 0xB3, 0x6D, 0x1C, ++ 0x91, 0xE9, 0x35, 0xBA, 0x01, 0xB9, 0x59, 0xD8, ++ 0x72, 0x8B, 0x9E, 0x64, 0x42, 0x6B, 0x3F, 0xC3, ++ 0xA7, 0x50, 0x6D, 0xEB, 0x52, 0x39, 0xA8, 0xA7} ++ ++ // Convert []byte to BigInt using BN_bin2bn and bnToBig ++ bytesToBigInt := func(b []byte) BigInt { ++ bn, err := ossl.BN_bin2bn(b, nil) ++ if err != nil { ++ panic(err) ++ } ++ defer ossl.BN_free(bn) ++ return bnToBig(bn) ++ } + -+// NewSHA512 initializes a new SHA512 hasher. -+func NewSHA512() hash.Hash { -+ return cryptokit.NewSHA512() -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/hkdf.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/hkdf.go ++ priv, err := NewPrivateKeyRSA( ++ bytesToBigInt(N), ++ bytesToBigInt(E), ++ bytesToBigInt(d), ++ bytesToBigInt(p), ++ bytesToBigInt(q), ++ bytesToBigInt(dP), ++ bytesToBigInt(dQ), ++ bytesToBigInt(qInv), ++ ) ++ if err != nil { ++ panic("failed to create test RSA private key: " + err.Error()) ++ } ++ // Prevent finalization to avoid freeing OpenSSL objects. ++ runtime.SetFinalizer(priv, nil) ++ return priv._pkey ++}) +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/tls1prf.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/tls1prf.go new file mode 100644 -index 00000000000000..3cc2d5d31927e0 +index 00000000000000..87fe3879ab48d3 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/hkdf.go -@@ -0,0 +1,66 @@ ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/tls1prf.go +@@ -0,0 +1,157 @@ +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT License. + -+//go:build darwin && cgo -+ -+package xcrypto ++package openssl + +import ( ++ "crypto" + "errors" + "hash" ++ "sync" ++ "unsafe" + -+ "github.com/microsoft/go-crypto-darwin/internal/cryptokit" ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" +) + -+// ExtractHKDF performs the extract step of HKDF using the specified hash function. -+func ExtractHKDF(h func() hash.Hash, secret, salt []byte) ([]byte, error) { -+ // Handle empty secret -+ if len(secret) == 0 { -+ return nil, errors.New("secret cannot be empty") ++func SupportsTLS1PRF() bool { ++ switch major() { ++ case 1: ++ return minor() >= 1 ++ case 3, 4: ++ _, err := fetchTLS1PRF3() ++ return err == nil ++ default: ++ panic(errUnsupportedVersion()) + } ++} + -+ hash, err := hashToCryptoHash(h()) ++// TLS1PRF implements the TLS 1.0/1.1 pseudo-random function if h is nil, ++// else it implements the TLS 1.2 pseudo-random function. ++// The pseudo-random number will be written to result and will be of length len(result). ++func TLS1PRF(result, secret, label, seed []byte, fh func() hash.Hash) error { ++ var md ossl.EVP_MD_PTR ++ if fh == nil { ++ // TLS 1.0/1.1 PRF doesn't allow to specify the hash function, ++ // it always uses MD5SHA1. If h is nil, then assume ++ // that the caller wants to use TLS 1.0/1.1 PRF. ++ // OpenSSL detects this case by checking if the hash ++ // function is MD5SHA1. ++ md = loadHash(crypto.MD5SHA1, false).md ++ } else { ++ h, err := hashFuncHash(fh) ++ if err != nil { ++ return err ++ } ++ md = hashToMD(h) ++ } ++ if md == nil { ++ return errors.New("unsupported hash function") ++ } ++ ++ switch major() { ++ case 1: ++ return tls1PRF1(result, secret, label, seed, md) ++ case 3, 4: ++ return tls1PRF3(result, secret, label, seed, md) ++ default: ++ return errUnsupportedVersion() ++ } ++} ++ ++// tls1PRF1 implements TLS1PRF for OpenSSL 1 using the EVP_PKEY API. ++func tls1PRF1(result, secret, label, seed []byte, md ossl.EVP_MD_PTR) error { ++ checkMajorVersion(1) ++ ++ ctx, err := ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_TLS1_PRF, nil) + if err != nil { -+ return nil, err ++ return err + } ++ defer func() { ++ ossl.EVP_PKEY_CTX_free(ctx) ++ }() + -+ // Default salt to a zero-filled array if not provided -+ if len(salt) == 0 { -+ salt = make([]byte, hash.Size()) ++ if _, err := ossl.EVP_PKEY_derive_init(ctx); err != nil { ++ return err ++ } ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, ++ ossl.EVP_PKEY_OP_DERIVE, ++ ossl.EVP_PKEY_CTRL_TLS_MD, ++ 0, unsafe.Pointer(md)); err != nil { ++ return err ++ } ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, ++ ossl.EVP_PKEY_OP_DERIVE, ++ ossl.EVP_PKEY_CTRL_TLS_SECRET, ++ int32(len(secret)), unsafe.Pointer(base(secret))); err != nil { ++ return err ++ } ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, ++ ossl.EVP_PKEY_OP_DERIVE, ++ ossl.EVP_PKEY_CTRL_TLS_SEED, ++ int32(len(label)), unsafe.Pointer(base(label))); err != nil { ++ return err ++ } ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, ++ ossl.EVP_PKEY_OP_DERIVE, ++ ossl.EVP_PKEY_CTRL_TLS_SEED, ++ int32(len(seed)), unsafe.Pointer(base(seed))); err != nil { ++ return err + } -+ -+ prk, err := cryptokit.ExtractHKDF(hash, secret, salt) -+ if err != nil { -+ return nil, err ++ outLen := len(result) ++ if _, err := ossl.EVP_PKEY_derive(ctx, result, &outLen); err != nil { ++ return err + } -+ -+ return prk, nil ++ // The Go standard library expects TLS1PRF to return the requested number of bytes, ++ // fail if it doesn't. While there is no known situation where this will happen, ++ // EVP_PKEY_derive handles multiple algorithms and there could be a subtle mismatch ++ // after more code changes in the future. ++ if outLen != len(result) { ++ return errors.New("tls1-prf: derived less bytes than requested") ++ } ++ return nil +} + -+// ExpandHKDF performs the expand step of HKDF using the specified hash function. -+func ExpandHKDF(h func() hash.Hash, pseudorandomKey, info []byte, keyLength int) ([]byte, error) { -+ // Handle empty secret -+ if len(pseudorandomKey) == 0 { -+ return nil, errors.New("pseudorandom key cannot be empty") -+ } ++// fetchTLS1PRF3 fetches the TLS1-PRF KDF algorithm. ++// It is safe to call this function concurrently. ++// The returned EVP_KDF_PTR shouldn't be freed. ++var fetchTLS1PRF3 = sync.OnceValues(func() (ossl.EVP_KDF_PTR, error) { ++ checkMajorVersion(3, 4) + -+ hash, err := hashToCryptoHash(h()) ++ kdf, err := ossl.EVP_KDF_fetch(nil, _OSSL_KDF_NAME_TLS1_PRF.ptr(), nil) + if err != nil { + return nil, err + } ++ return kdf, nil ++}) + -+ // Determine the maximum expandable key length based on the hash function -+ maxAllowedLength := hash.Size() * 255 ++// tls1PRF3 implements TLS1PRF for OpenSSL 3 using the EVP_KDF API. ++func tls1PRF3(result, secret, label, seed []byte, md ossl.EVP_MD_PTR) error { ++ checkMajorVersion(3, 4) + -+ // Validate requested key length -+ if keyLength > maxAllowedLength { -+ return nil, errors.New("requested key length exceeds maximum allowable size") ++ kdf, err := fetchTLS1PRF3() ++ if err != nil { ++ return err + } ++ ctx, err := ossl.EVP_KDF_CTX_new(kdf) ++ if err != nil { ++ return err ++ } ++ defer ossl.EVP_KDF_CTX_free(ctx) + -+ expandedKey, err := cryptokit.ExpandHKDF(hash, pseudorandomKey, info, keyLength) ++ bld := newParamBuilder() ++ defer bld.finalize() ++ bld.addUTF8String(_OSSL_KDF_PARAM_DIGEST, ossl.EVP_MD_get0_name(md), 0) ++ bld.addOctetString(_OSSL_KDF_PARAM_SECRET, secret) ++ bld.addOctetString(_OSSL_KDF_PARAM_SEED, label) ++ bld.addOctetString(_OSSL_KDF_PARAM_SEED, seed) ++ params, err := bld.build() + if err != nil { -+ return nil, err ++ return err + } ++ defer ossl.OSSL_PARAM_free(params) + -+ return expandedKey, nil ++ if _, err := ossl.EVP_KDF_derive(ctx, result, params); err != nil { ++ return err ++ } ++ return nil +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/hmac.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/hmac.go +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/zaes.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/zaes.go new file mode 100644 -index 00000000000000..ceb33c5cf99ca2 +index 00000000000000..ac79a864271eee --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/hmac.go -@@ -0,0 +1,21 @@ ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/zaes.go +@@ -0,0 +1,87 @@ +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT License. + -+//go:build darwin -+ -+package xcrypto ++// Code generated by cmd/genaesmodes. DO NOT EDIT. + -+import "C" -+import ( -+ "hash" ++package openssl + -+ "github.com/microsoft/go-crypto-darwin/internal/cryptokit" -+) ++import "crypto/cipher" + -+// NewHMAC returns a new HMAC using xcrypto. -+// The function h must return a hash implemented by -+// CommonCrypto (for example, h could be xcrypto.NewSHA256). -+// If h is not recognized, NewHMAC returns nil. -+func NewHMAC(fh func() hash.Hash, key []byte) hash.Hash { -+ return cryptokit.NewHMAC(fh, key) ++type cipherWithCBC struct { ++ aesCipher +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/pbkdf2.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/pbkdf2.go -new file mode 100644 -index 00000000000000..1f1b25d36981c3 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/pbkdf2.go -@@ -0,0 +1,65 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+//go:build darwin -+ -+package xcrypto -+ -+// #include -+import "C" -+import ( -+ "errors" -+ "hash" -+ "unsafe" -+ -+ "github.com/microsoft/go-crypto-darwin/internal/cryptokit" -+) + -+func PBKDF2(password, salt []byte, iter, keyLen int, fh func() hash.Hash) ([]byte, error) { -+ // Map Go hash function to CommonCrypto hash constant -+ ccDigest, err := hashToCCDigestPBKDF2(fh()) -+ if err != nil { -+ return nil, err -+ } ++type cipherWithCTR struct { ++ aesCipher ++} + -+ if len(password) == 0 { -+ // CommonCrypto requires a non-empty password -+ // Substitute empty password with placeholder -+ password = make([]byte, 1) -+ } ++type cipherWithCBC_CTR struct { ++ aesCipher ++ cipherWithCBC ++ cipherWithCTR ++} + -+ // Allocate output buffer for the derived key -+ derivedKey := make([]byte, keyLen) ++type cipherWithGCM struct { ++ aesCipher ++} + -+ // Call CommonCrypto's PBKDF2 implementation -+ status := C.CCKeyDerivationPBKDF( -+ C.kCCPBKDF2, // PBKDF2 algorithm -+ sbase(password), C.size_t(len(password)), // Password and its length -+ base(salt), C.size_t(len(salt)), // Salt and its length -+ ccDigest, // Digest algorithm -+ C.uint(iter), // Iteration count -+ (*C.uchar)(unsafe.Pointer(&derivedKey[0])), C.size_t(keyLen), // Output buffer for derived key and its length -+ ) ++type cipherWithCBC_GCM struct { ++ aesCipher ++ cipherWithCBC ++ cipherWithGCM ++} + -+ if status != C.kCCSuccess { -+ return nil, errors.New("PBKDF2 key derivation failed") -+ } ++type cipherWithCTR_GCM struct { ++ aesCipher ++ cipherWithCTR ++ cipherWithGCM ++} + -+ return derivedKey, nil ++type cipherWithCBC_CTR_GCM struct { ++ aesCipher ++ cipherWithCBC ++ cipherWithCTR ++ cipherWithGCM +} + -+// Mapping Go hash functions to CommonCrypto hash constants -+func hashToCCDigestPBKDF2(hash hash.Hash) (C.CCAlgorithm, error) { -+ switch hash.(type) { -+ case cryptokit.SHA1Hash: -+ return C.kCCPRFHmacAlgSHA1, nil -+ case cryptokit.SHA256Hash: -+ return C.kCCPRFHmacAlgSHA256, nil -+ case cryptokit.SHA384Hash: -+ return C.kCCPRFHmacAlgSHA384, nil -+ case cryptokit.SHA512Hash: -+ return C.kCCPRFHmacAlgSHA512, nil ++func newAESBlock(c *evpCipher, kind cipherKind) cipher.Block { ++ aes := aesCipher{c} ++ var block cipher.Block ++ supportsCBC := loadCipher(kind, cipherModeCBC) != nil ++ supportsCTR := loadCipher(kind, cipherModeCTR) != nil ++ supportsGCM := loadCipher(kind, cipherModeGCM) != nil ++ switch { ++ case !supportsCBC && !supportsCTR && !supportsGCM: ++ block = aes ++ case supportsCBC && !supportsCTR && !supportsGCM: ++ block = cipherWithCBC{aes} ++ case !supportsCBC && supportsCTR && !supportsGCM: ++ block = cipherWithCTR{aes} ++ case supportsCBC && supportsCTR && !supportsGCM: ++ block = cipherWithCBC_CTR{aes, ++ cipherWithCBC{aes}, ++ cipherWithCTR{aes}, ++ } ++ case !supportsCBC && !supportsCTR && supportsGCM: ++ block = cipherWithGCM{aes} ++ case supportsCBC && !supportsCTR && supportsGCM: ++ block = cipherWithCBC_GCM{aes, ++ cipherWithCBC{aes}, ++ cipherWithGCM{aes}, ++ } ++ case !supportsCBC && supportsCTR && supportsGCM: ++ block = cipherWithCTR_GCM{aes, ++ cipherWithCTR{aes}, ++ cipherWithGCM{aes}, ++ } ++ case supportsCBC && supportsCTR && supportsGCM: ++ block = cipherWithCBC_CTR_GCM{aes, ++ cipherWithCBC{aes}, ++ cipherWithCTR{aes}, ++ cipherWithGCM{aes}, ++ } + default: -+ return 0, errors.New("unsupported hash function") ++ panic("unreachable") + } ++ return block +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/rand.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/rand.go +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/fips.go b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/fips.go new file mode 100644 -index 00000000000000..e58c0b3b19a68b +index 00000000000000..2084b384b9f3a9 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/rand.go -@@ -0,0 +1,26 @@ ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/fips.go +@@ -0,0 +1,69 @@ +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT License. + -+//go:build darwin -+ -+package xcrypto ++package osslsetup + -+// #include -+import "C" +import ( -+ "errors" + "unsafe" ++ ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" +) + -+type randReader int ++// cString is a null-terminated string, ++// akin to C's char*. ++type cString string + -+func (randReader) Read(b []byte) (int, error) { -+ // Note: RAND_bytes should never fail; the return value exists only for historical reasons. -+ // We check it even so. -+ if len(b) > 0 && C.SecRandomCopyBytes(C.kSecRandomDefault, C.size_t(len(b)), unsafe.Pointer(&b[0])) != 0 { -+ return 0, errors.New("crypto/rand: unable to read from source") ++// ptr returns a pointer to the string data. ++// It panics if the string is not null-terminated. ++// ++// The memory pointed to by the returned pointer should ++// not be modified and it must only be passed to ++// "const char*" parameters. Any attempt to modify it ++// will result in a runtime panic, as Go strings are ++// allocated in read-only memory. ++func (s cString) ptr() *byte { ++ if len(s) == 0 { ++ return nil ++ } ++ if s[len(s)-1] != 0 { ++ panic("must be null-terminated") ++ } ++ return unsafe.StringData(string(s)) ++} ++ ++const ( ++ _ProviderNameFips cString = "fips\x00" ++ _DigestNameSHA2_256 cString = "SHA2-256\x00" ++) ++ ++// FIPS returns true if the provider used by default matches the `fips=yes` query. ++// It is useful for checking whether OpenSSL is capable of running in FIPS mode regardless ++// of whether the `fips=yes` query is explicitly enabled. For example, Azure Linux 3 doesn't set the ++// `fips=yes` query in the default properties, but sets the default provider to be SCOSSL, ++// which is FIPS-capable. ++func FIPS() bool { ++ switch vMajor { ++ case 1: ++ return ossl.FIPS_mode() == 1 ++ default: ++ // Load the provider with and without the `fips=yes` query. ++ // If the providers are the same, then the default provider is FIPS-capable. ++ provFIPS := sha256Provider(_ProviderNameFips) ++ if provFIPS == nil { ++ return false ++ } ++ provDefault := sha256Provider("") ++ return provFIPS == provDefault + } -+ return len(b), nil +} + -+const RandReader = randReader(0) -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/rc4.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/rc4.go ++// sha256Provider returns the provider for the SHA-256 algorithm ++// using the given properties. ++func sha256Provider(props cString) ossl.OSSL_PROVIDER_PTR { ++ md, _ := ossl.EVP_MD_fetch(nil, _DigestNameSHA2_256.ptr(), props.ptr()) ++ if md == nil { ++ return nil ++ } ++ defer ossl.EVP_MD_free(md) ++ return ossl.EVP_MD_get0_provider(md) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init.go b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init.go new file mode 100644 -index 00000000000000..e30a9e10ae3730 +index 00000000000000..720a446838ea7d --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/rc4.go -@@ -0,0 +1,83 @@ ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init.go +@@ -0,0 +1,170 @@ +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT License. + -+//go:build darwin -+ -+package xcrypto ++package osslsetup + -+// #include -+import "C" +import ( + "errors" -+ "runtime" -+ "slices" + "unsafe" ++ ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" +) + -+// RC4Cipher is an instance of RC4 using a particular key. -+type RC4Cipher struct { -+ ctx C.CCCryptorRef -+} ++// osslHandle is the handle to the OpenSSL shared library loaded in the [Init] function. ++var osslHandle unsafe.Pointer + -+// NewRC4Cipher creates and returns a new RC4 cipher with the given key. -+func NewRC4Cipher(key []byte) (*RC4Cipher, error) { -+ // Clone the key to prevent modification. -+ key = slices.Clone(key) -+ var ctx C.CCCryptorRef -+ status := C.CCCryptorCreate( -+ C.kCCEncrypt, // Operation (RC4 stream) -+ C.kCCAlgorithmRC4, // Algorithm -+ 0, // No padding or other options -+ pbase(key), // Key -+ C.size_t(len(key)), // Key length -+ nil, // No IV needed for RC4 -+ &ctx, // Output: CCCryptorRef -+ ) -+ if status != C.kCCSuccess { -+ return nil, errors.New("failed to create RC4 cipher") ++// opensslInit loads and initializes OpenSSL. ++// ++// See [Init] for details about file. ++func opensslInit(file string) error { ++ // Load the OpenSSL shared library using dlopen. ++ handle, close, err := openLibrary(file) ++ if err != nil { ++ return err + } -+ c := &RC4Cipher{ctx: ctx} -+ runtime.SetFinalizer(c, (*RC4Cipher).finalize) -+ return c, nil -+} + -+// finalize releases the RC4 cipher context when no longer needed. -+func (c *RC4Cipher) finalize() { -+ if c.ctx != nil { -+ C.CCCryptorRelease(c.ctx) ++ ossl.MkcgoLoad_(handle) ++ if vMajor == 1 { ++ ossl.MkcgoLoad_legacy_1(handle) ++ } else { ++ ossl.MkcgoLoad_3(handle) ++ if vMajor > 3 || (vMajor == 3 && vMinor >= 3) { ++ ossl.MkcgoLoad_33(handle) ++ } + } -+} + -+// Reset zeros the key data and makes the cipher unusable. -+func (c *RC4Cipher) Reset() { -+ if c.ctx != nil { -+ C.CCCryptorRelease(c.ctx) -+ c.ctx = nil ++ // Initialize OpenSSL. ++ ossl.OPENSSL_init() ++ if _, err = ossl.OPENSSL_init_crypto( ++ ossl.OPENSSL_INIT_ADD_ALL_CIPHERS| ++ ossl.OPENSSL_INIT_ADD_ALL_DIGESTS| ++ ossl.OPENSSL_INIT_LOAD_CONFIG| ++ ossl.OPENSSL_INIT_LOAD_CRYPTO_STRINGS, ++ nil); err != nil { ++ close() ++ return err + } ++ osslHandle = handle ++ return nil +} + -+// XORKeyStream sets dst to the result of XORing src with the key stream. -+func (c *RC4Cipher) XORKeyStream(dst, src []byte) { -+ if c.ctx == nil || len(src) == 0 { ++// initForCheckVersion loads and initialize only the ++// functions required in [CheckVersion]. ++// It returns a close function that must be called to release the resources. ++// ++// This function modifies the vMajor, vMinor, and vPatch global variables as ++// well as other internal global variables that facilitate OpenSSL calls. ++// ++// If the function succeeds, calling the close function restores the previous ++// state of the global variables. If it fails, the global variables are restored ++// before returning. ++func initForCheckVersion(file string) (func(), error) { ++ prevMajor, prevMinor, prevPatch := vMajor, vMinor, vPatch ++ restoreVersion := func() { ++ vMajor, vMinor, vPatch = prevMajor, prevMinor, prevPatch ++ } ++ handle, close, err := openLibrary(file) ++ if err != nil { ++ restoreVersion() ++ return nil, err ++ } ++ initFuncs := func() (loadX func(unsafe.Pointer), unloadX func()) { ++ switch vMajor { ++ case 1: ++ loadX = ossl.MkcgoLoad_init_1 ++ unloadX = ossl.MkcgoUnload_init_1 ++ default: ++ if vMajor < 3 { ++ // openLibrary should have already rejected this. ++ panic(errUnsupportedVersion()) ++ } ++ // Any 3+ major uses the OpenSSL 3 init shim: 3+ guarantees ++ // ABI/API compatibility within the same major. ++ loadX = ossl.MkcgoLoad_init_3 ++ unloadX = ossl.MkcgoUnload_init_3 ++ } + return + } -+ if inexactOverlap(dst[:len(src)], src) { -+ panic("crypto/rc4: invalid buffer overlap") ++ loadX, unloadX := initFuncs() ++ loadX(handle) ++ return func() { ++ restoreVersion() ++ close() ++ unloadX() ++ if osslHandle != nil { ++ // If osslHandle is not nil, it means that the library was already loaded ++ // and initialized. In this case, we need to reload the functions from ++ // the original handle. ++ loadX, _ = initFuncs() ++ loadX(osslHandle) ++ } ++ }, nil ++} ++ ++// openLibrary loads and initialize the version of OpenSSL. ++// It returns the handle to the OpenSSL shared library ++// and a function that can be called to release the resources. ++func openLibrary(file string) (handle unsafe.Pointer, close func(), err error) { ++ vMajor, vMinor, vPatch = 0, 0, 0 ++ handle, err = dlopen(file) ++ if err != nil { ++ return nil, nil, err + } -+ // Ensures `dst` has sufficient space. -+ _ = dst[len(src)-1] -+ var outLen C.size_t -+ status := C.CCCryptorUpdate( -+ c.ctx, -+ unsafe.Pointer(&*addrNeverEmpty(src)), C.size_t(len(src)), // Input -+ unsafe.Pointer(&*addrNeverEmpty(dst)), C.size_t(len(dst)), // Output -+ &outLen, -+ ) -+ if status != C.kCCSuccess { -+ panic("crypto/cipher: CCCryptorUpdate failed") ++ // Retrieve the loaded OpenSSL version and check if it is supported. ++ // Notice that major and minor could not match with the version parameter ++ // in case the name of the shared library file differs from the OpenSSL ++ // version it contains. ++ ossl.MkcgoLoad_version(handle) ++ close = func() { ++ dlclose(handle) ++ if osslHandle == nil { ++ ossl.MkcgoUnload_version() ++ } else { ++ ossl.MkcgoLoad_version(osslHandle) ++ } + } -+ if int(outLen) != len(src) { -+ panic("crypto/rc4: src not fully XORed") ++ defer func() { ++ if err != nil { ++ close() ++ } ++ }() ++ ++ if ossl.OPENSSL_version_major_Available() && ++ ossl.OPENSSL_version_minor_Available() && ++ ossl.OPENSSL_version_patch_Available() { ++ // Likely OpenSSL 3 or later. ++ vMajor = int(ossl.OPENSSL_version_major()) ++ vMinor = int(ossl.OPENSSL_version_minor()) ++ vPatch = int(ossl.OPENSSL_version_patch()) ++ } else if ossl.OpenSSL_version_num_Available() { ++ // Likely OpenSSL 1. ++ ver := ossl.OpenSSL_version_num() ++ vMajor = int(ver >> 28) ++ vMinor = int(ver >> 20 & 0xFF) ++ vPatch = int(ver >> 12 & 0xFF) ++ } else { ++ return handle, nil, errors.New("openssl: version not available") + } -+ runtime.KeepAlive(c) ++ var supported bool ++ switch vMajor { ++ case 1: ++ supported = vMinor == 1 && vPatch >= 1 ++ default: ++ // 3+ guarantees ABI/API compatibility within the same major, ++ // so any tested major is supported. Untested 3+ majors require ++ // GODEBUG=ms_opensslallowuntested=1. ++ for _, m := range testedMajors { ++ if vMajor == m { ++ supported = true ++ break ++ } ++ } ++ if !supported && vMajor >= 3 && allowUntestedMajor() { ++ supported = true ++ } ++ } ++ if !supported { ++ return handle, nil, errUnsupportedVersion() ++ } ++ return handle, close, nil +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/rsa.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/rsa.go +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_cgo_unix.go b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_cgo_unix.go new file mode 100644 -index 00000000000000..63df684569e671 +index 00000000000000..45903c12e802df --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/rsa.go -@@ -0,0 +1,194 @@ ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_cgo_unix.go +@@ -0,0 +1,34 @@ +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT License. + -+//go:build darwin ++//go:build unix + -+package xcrypto ++package osslsetup + -+// #include ++// #cgo LDFLAGS: -ldl ++// #include ++// #include +import "C" +import ( -+ "crypto" + "errors" -+ "hash" -+ "runtime" -+ "strconv" ++ "unsafe" +) + -+// GenerateKeyRSA generates an RSA key pair on macOS. -+// asn1Data is encoded as PKCS#1 ASN1 DER. -+func GenerateKeyRSA(bits int) (asn1Data []byte, err error) { -+ privKeyDER, privKeyRef, err := createSecKeyRandom(C.kSecAttrKeyTypeRSA, bits) -+ if err != nil { -+ return nil, err ++func dlopen(file string) (handle unsafe.Pointer, err error) { ++ cv := C.CString(file) ++ defer C.free(unsafe.Pointer(cv)) ++ handle = C.dlopen(cv, C.RTLD_LAZY|C.RTLD_LOCAL) ++ if handle == nil { ++ errstr := C.GoString(C.dlerror()) ++ return nil, errors.New("openssl: can't load " + file + ": " + errstr) + } -+ C.CFRelease(C.CFTypeRef(privKeyRef)) -+ return privKeyDER, nil -+} -+ -+type PublicKeyRSA struct { -+ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. -+ _pkey C.SecKeyRef ++ return handle, nil +} + -+func (k *PublicKeyRSA) finalize() { -+ if k._pkey != 0 { -+ C.CFRelease(C.CFTypeRef(k._pkey)) ++func dlclose(handle unsafe.Pointer) error { ++ if C.dlclose(handle) != 0 { ++ errstr := C.GoString(C.dlerror()) ++ return errors.New("openssl: can't close libcrypto: " + errstr) + } ++ return nil +} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_nocgo_unix.go b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_nocgo_unix.go +new file mode 100644 +index 00000000000000..e91d5df6b7685a +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_nocgo_unix.go +@@ -0,0 +1,35 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. ++ ++//go:build unix && !cgo && (go1.27 || !s390x) + -+// NewPublicKeyRSA creates a new RSA public key from ASN1 DER encoded data. -+func NewPublicKeyRSA(asn1Data []byte) (*PublicKeyRSA, error) { -+ pubKeyRef, err := createSecKeyWithData(asn1Data, C.kSecAttrKeyTypeRSA, C.kSecAttrKeyClassPublic) -+ if err != nil { -+ return nil, err -+ } ++package osslsetup + -+ key := &PublicKeyRSA{_pkey: pubKeyRef} -+ runtime.SetFinalizer(key, (*PublicKeyRSA).finalize) -+ return key, nil -+} ++import ( ++ "errors" ++ "runtime" ++ "unsafe" + -+func (k *PublicKeyRSA) withKey(f func(C.SecKeyRef) C.int) C.int { -+ // Because of the finalizer, any time key is passed to cgo, that call must -+ // be followed by a call to runtime.KeepAlive, to make sure k is not -+ // collected (and finalized) before the cgo call returns. -+ defer runtime.KeepAlive(k) -+ return f(k._pkey) -+} ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) + -+type PrivateKeyRSA struct { -+ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. -+ _pkey C.SecKeyRef ++func dlopen(file string) (handle unsafe.Pointer, err error) { ++ const RTLD_LAZY = 1 ++ var RTLD_LOCAL = 0 ++ if runtime.GOOS == "darwin" { ++ RTLD_LOCAL = 4 // darwin uses 4 as RTLD_LOCAL ++ } ++ handle = ossl.Dlopen(unsafe.StringData(file+"\x00"), int32(RTLD_LAZY|RTLD_LOCAL)) ++ if handle == nil { ++ return nil, errors.New("openssl: can't load " + file + ": " + goString(ossl.Dlerror())) ++ } ++ return handle, nil +} + -+func (k *PrivateKeyRSA) finalize() { -+ if k._pkey != 0 { -+ C.CFRelease(C.CFTypeRef(k._pkey)) ++func dlclose(handle unsafe.Pointer) error { ++ if ossl.Dlclose(handle) != 0 { ++ errstr := goString(ossl.Dlerror()) ++ return errors.New("openssl: can't close libcrypto: " + errstr) + } ++ return nil +} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_windows.go b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_windows.go +new file mode 100644 +index 00000000000000..312dfc88d7f311 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_windows.go +@@ -0,0 +1,37 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. + -+// NewPrivateKeyRSA creates a new RSA private key from ASN1 DER encoded data. -+func NewPrivateKeyRSA(asn1Data []byte) (*PrivateKeyRSA, error) { -+ privKeyRef, err := createSecKeyWithData(asn1Data, C.kSecAttrKeyTypeRSA, C.kSecAttrKeyClassPrivate) -+ if err != nil { -+ return nil, err -+ } ++package osslsetup + -+ key := &PrivateKeyRSA{_pkey: privKeyRef} -+ runtime.SetFinalizer(key, (*PrivateKeyRSA).finalize) -+ return key, nil -+} ++import ( ++ "syscall" ++ "unsafe" ++) + -+func (k *PrivateKeyRSA) PublicKey() *PublicKeyRSA { -+ var pubKeyRef C.SecKeyRef -+ k.withKey(func(key C.SecKeyRef) C.int { -+ pubKeyRef = C.SecKeyCopyPublicKey(k._pkey) -+ return 0 -+ }) -+ pubKey := &PublicKeyRSA{_pkey: pubKeyRef} -+ runtime.SetFinalizer(pubKey, (*PublicKeyRSA).finalize) -+ return pubKey ++type dlopenError struct { ++ file string ++ err error +} + -+func (k *PrivateKeyRSA) withKey(f func(C.SecKeyRef) C.int) C.int { -+ // Because of the finalizer, any time _pkey is passed to cgo, that call must -+ // be followed by a call to runtime.KeepAlive, to make sure k is not -+ // collected (and finalized) before the cgo call returns. -+ defer runtime.KeepAlive(k) -+ return f(k._pkey) ++func (e *dlopenError) Error() string { ++ return "openssl: can't load " + e.file + ": " + e.err.Error() +} + -+// DecryptRSAOAEP decrypts data using RSA-OAEP. -+func DecryptRSAOAEP(h hash.Hash, priv *PrivateKeyRSA, ciphertext, label []byte) ([]byte, error) { -+ if len(label) > 0 { -+ // https://github.com/microsoft/go-crypto-darwin/issues/22 -+ panic("crypto/rsa: label is not supported on macOS") -+ } -+ return evpDecrypt(priv.withKey, algorithmTypeOAEP, ciphertext, h) ++func (e *dlopenError) Unwrap() error { ++ return e.err +} + -+// EncryptRSAOAEP encrypts data using RSA-OAEP. -+func EncryptRSAOAEP(h hash.Hash, pub *PublicKeyRSA, msg, label []byte) ([]byte, error) { -+ if len(label) > 0 { -+ // https://github.com/microsoft/go-crypto-darwin/issues/22 -+ panic("crypto/rsa: label is not supported on macOS") ++func dlopen(file string) (handle unsafe.Pointer, err error) { ++ // As Windows generally does not ship with a system OpenSSL library, let ++ // alone a FIPS 140 certified one, use the default library search order so ++ // that we preferentially load the DLL bundled with the application. ++ h, err := syscall.LoadLibrary(file) ++ if err != nil { ++ return nil, &dlopenError{file: file, err: err} + } -+ return evpEncrypt(pub.withKey, algorithmTypeOAEP, msg, h) ++ return unsafe.Pointer(h), nil +} + -+// SignRSAPSS signs data with RSA-PSS. -+func SignRSAPSS(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte, saltLen int) ([]byte, error) { -+ return evpSign(priv.withKey, algorithmTypePSS, h, hashed) ++func dlclose(handle unsafe.Pointer) error { ++ return syscall.FreeLibrary(syscall.Handle(handle)) +} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup.go b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup.go +new file mode 100644 +index 00000000000000..189335d93c80f8 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup.go +@@ -0,0 +1,109 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. + -+// VerifyRSAPSS verifies data with RSA-PSS. -+func VerifyRSAPSS(pub *PublicKeyRSA, h crypto.Hash, hashed, sig []byte, saltLen int) error { -+ return evpVerify(pub.withKey, algorithmTypePSS, h, hashed, sig) -+} ++package osslsetup + -+func SignRSAPKCS1v15(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte) ([]byte, error) { -+ return evpSign(priv.withKey, algorithmTypePKCS1v15Sig, h, hashed) -+} ++import ( ++ "errors" ++ "strconv" ++ "sync" ++ "syscall" + -+func VerifyRSAPKCS1v15(pub *PublicKeyRSA, h crypto.Hash, hashed, sig []byte) error { -+ if pub.withKey(func(key C.SecKeyRef) C.int { -+ size := C.SecKeyGetBlockSize(key) -+ if len(sig) < int(size) { -+ return 0 ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) ++ ++var ( ++ vMajor, vMinor, vPatch int ++) ++ ++// testedMajors lists the OpenSSL major versions this backend has been ++// tested against. [openLibrary] rejects majors not in this list unless ++// GODEBUG=ms_opensslallowuntested=1 is set. OpenSSL 1 is supported only ++// at 1.1.1+; that minor/patch constraint is enforced separately in ++// [openLibrary]. ++var testedMajors = [...]int{1, 3, 4} ++ ++// allowUntestedMajor reports whether the user has set ++// GODEBUG=ms_opensslallowuntested=1. The "ms_" prefix marks this as a ++// Microsoft-defined GODEBUG so it will not collide with upstream Go. ++var allowUntestedMajor = sync.OnceValue(func() bool { ++ godebug, _ := syscall.Getenv("GODEBUG") ++ return godebugAllowUntested(godebug) ++}) ++ ++// godebugAllowUntested reports whether the comma-separated GODEBUG string ++// contains ms_opensslallowuntested=1. Matches internal/godebug parsing: ++// no whitespace trimming. ++func godebugAllowUntested(godebug string) bool { ++ const key = "ms_opensslallowuntested=1" ++ var start int = 0 ++ for i := 0; i <= len(godebug); i++ { ++ if i < len(godebug) && godebug[i] != ',' { ++ continue + } -+ return 1 -+ }) == 0 { -+ return errors.New("crypto/rsa: verification error") ++ if godebug[start:i] == key { ++ return true ++ } ++ start = i + 1 + } -+ return evpVerify(pub.withKey, algorithmTypePKCS1v15Sig, h, hashed, sig) ++ return false +} + -+// DecryptRSAPKCS1 decrypts data using RSA PKCS#1 v1.5 padding. -+func DecryptRSAPKCS1(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error) { -+ return evpDecrypt(priv.withKey, algorithmTypePKCS1v15Enc, ciphertext, nil) ++func VersionMajor() int { ++ return vMajor +} + -+// EncryptRSAPKCS1 encrypts data using RSA PKCS#1 v1.5 padding. -+func EncryptRSAPKCS1(pub *PublicKeyRSA, msg []byte) ([]byte, error) { -+ return evpEncrypt(pub.withKey, algorithmTypePKCS1v15Enc, msg, nil) ++func VersionMinor() int { ++ return vMinor +} + -+func DecryptRSANoPadding(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error) { -+ return evpDecrypt(priv.withKey, algorithmTypeRAW, ciphertext, nil) ++func VersionPatch() int { ++ return vPatch +} + -+func EncryptRSANoPadding(pub *PublicKeyRSA, msg []byte) ([]byte, error) { -+ return evpEncrypt(pub.withKey, algorithmTypeRAW, msg, nil) ++func utoa(n int) string { ++ return strconv.FormatUint(uint64(n), 10) +} + -+// Helper functions ++func errUnsupportedVersion() error { ++ return errors.New("openssl: unsupported OpenSSL version: " + utoa(vMajor) + "." + utoa(vMinor) + "." + utoa(vPatch) + " (minimum supported version is 1.1.1)") ++} + -+type cfError struct { -+ code int -+ message string ++var ( ++ initOnce sync.Once ++ initErr error ++) ++ ++// Init loads and initializes OpenSSL from the shared library at path. ++// It must be called before any other OpenSSL call, except CheckVersion. ++// ++// Only the first call to Init is effective. ++// Subsequent calls will return the same error result as the one from the first call. ++// ++// The file is passed to dlopen() verbatim to load the OpenSSL shared library. ++// For example, `file=libcrypto.so.1.1.1k-fips` makes Init look for the shared ++// library libcrypto.so.1.1.1k-fips. ++func Init(file string) error { ++ initOnce.Do(func() { ++ initErr = opensslInit(file) ++ }) ++ return initErr +} + -+func (e *cfError) Error() string { -+ if e.message == "" { -+ return "CFError(" + strconv.Itoa(e.code) + "): unknown error" -+ } -+ return "CFError(" + strconv.Itoa(e.code) + "): " + e.message ++// VersionText returns the version text of the OpenSSL currently loaded. ++func VersionText() string { ++ return goString(ossl.OpenSSL_version(0)) +} + -+func goCFErrorRef(ref C.CFErrorRef) error { -+ if ref == 0 { -+ return nil -+ } -+ var message string -+ if desc := C.CFErrorCopyDescription(ref); desc != C.CFStringRef(0) { -+ defer C.CFRelease(C.CFTypeRef(desc)) -+ if cstr := C.CFStringGetCStringPtr(desc, C.kCFStringEncodingUTF8); cstr != nil { -+ message = C.GoString(cstr) -+ } -+ } -+ return &cfError{ -+ code: int(C.CFErrorGetCode(ref)), -+ message: message, ++// CheckVersion checks if the OpenSSL version can be loaded ++// and if the FIPS mode is enabled. ++// This function can be called before Init. ++// All OpenSSL functions used in here should be tagged with "init_1" or "init_3" in shims.h. ++func CheckVersion(version string) (exists, fips bool) { ++ close, err := initForCheckVersion(version) ++ if err != nil { ++ return false, false + } ++ defer close() ++ return true, FIPS() +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/xcrypto.go b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/xcrypto.go +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup_cgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup_cgo.go new file mode 100644 -index 00000000000000..d6b428e7ebb68b +index 00000000000000..079fbceb2cdc56 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/xcrypto.go -@@ -0,0 +1,49 @@ ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup_cgo.go +@@ -0,0 +1,12 @@ +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT License. + -+//go:build darwin -+ -+package xcrypto ++package osslsetup + -+// #cgo CFLAGS: -Wno-deprecated-declarations -+// #cgo LDFLAGS: -framework Security -framework CoreFoundation +import "C" +import "unsafe" + -+var zero byte -+ -+// base returns the address of the underlying array in b, -+// being careful not to panic when b has zero length. -+func base(b []byte) *C.uchar { -+ return (*C.uchar)(unsafe.Pointer(addr(b))) ++// goString converts a C string pointer to a Go string for cgo mode ++func goString(ptr *byte) string { ++ return C.GoString((*C.char)(unsafe.Pointer(ptr))) +} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup_nocgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup_nocgo.go +new file mode 100644 +index 00000000000000..fe075ff0822c29 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup_nocgo.go +@@ -0,0 +1,24 @@ ++// Copyright (c) Microsoft Corporation. ++// Licensed under the MIT License. + -+func sbase(b []byte) *C.char { -+ return (*C.char)(unsafe.Pointer(addr(b))) -+} ++//go:build !cgo + -+func pbase(b []byte) unsafe.Pointer { -+ return unsafe.Pointer(addr(b)) -+} ++package osslsetup + -+// base returns the address of the underlying array in b, -+// being careful not to panic when b has zero length. -+// If b is empty, it returns a pointer to a zero byte -+// so that it can always be dereferenced. -+func addr(b []byte) *byte { -+ if len(b) == 0 { -+ return &zero -+ } -+ return unsafe.SliceData(b) -+} ++import "unsafe" + -+// addrNeverEmpty returns the address of the underlying array in b, -+// being careful not to panic when b has zero length. -+// If b is empty, it returns a pointer to a zero byte -+// so that it can always be dereferenced. -+func addrNeverEmpty(b []byte) *byte { -+ if len(b) == 0 { -+ return &zero ++// goString converts a C string pointer to a Go string for nocgo mode ++func goString(ptr *byte) string { ++ if ptr == nil { ++ return "" + } -+ return unsafe.SliceData(b) ++ var result []byte ++ for i := 0; ; i++ { ++ b := *(*byte)(unsafe.Pointer(uintptr(unsafe.Pointer(ptr)) + uintptr(i))) ++ if b == 0 { ++ break ++ } ++ result = append(result, b) ++ } ++ return string(result) +} diff --git a/src/vendor/github.com/microsoft/go-crypto-winnative/LICENSE b/src/vendor/github.com/microsoft/go-crypto-winnative/LICENSE new file mode 100644 @@ -21235,20 +31401,22 @@ index 00000000000000..1722410e5af193 + return getSystemDirectory() + "\\" + dll +} diff --git a/src/vendor/modules.txt b/src/vendor/modules.txt -index a6b711219383c2..1cd73c0693cc59 100644 +index a6b711219383c2..e6e8ef24250f7b 100644 --- a/src/vendor/modules.txt +++ b/src/vendor/modules.txt -@@ -1,3 +1,20 @@ -+# github.com/golang-fips/openssl/v2 v2.0.4-0.20260419202439-d4b2f5e5072f -+## explicit; go 1.22 -+github.com/golang-fips/openssl/v2 -+github.com/golang-fips/openssl/v2/bbig -+github.com/golang-fips/openssl/v2/internal/ossl +@@ -1,3 +1,22 @@ +# github.com/microsoft/go-crypto-darwin v0.0.2-0.20250714125817-871ed82e87d7 +## explicit; go 1.22 +github.com/microsoft/go-crypto-darwin/bbig +github.com/microsoft/go-crypto-darwin/internal/cryptokit +github.com/microsoft/go-crypto-darwin/xcrypto ++# github.com/microsoft/go-crypto-openssl v0.0.0-20260521090922-bd6798f35c69 ++## explicit; go 1.25 ++github.com/microsoft/go-crypto-openssl/bbig ++github.com/microsoft/go-crypto-openssl/internal/fakecgo ++github.com/microsoft/go-crypto-openssl/internal/ossl ++github.com/microsoft/go-crypto-openssl/openssl ++github.com/microsoft/go-crypto-openssl/osslsetup +# github.com/microsoft/go-crypto-winnative v0.0.0-20250703113837-e4483837c98b +## explicit; go 1.22 +github.com/microsoft/go-crypto-winnative/cng diff --git a/patches/0003-Implement-crypto-internal-backend.patch b/patches/0003-Implement-crypto-internal-backend.patch index 70f73731388..1664ee68862 100644 --- a/patches/0003-Implement-crypto-internal-backend.patch +++ b/patches/0003-Implement-crypto-internal-backend.patch @@ -868,7 +868,7 @@ index 00000000000000..e6695dd66b1d02 + +package bbig + -+import "github.com/golang-fips/openssl/v2/bbig" ++import "github.com/microsoft/go-crypto-openssl/bbig" + +var Enc = bbig.Enc +var Dec = bbig.Dec @@ -1655,7 +1655,7 @@ index 00000000000000..fea0f284de2439 +} diff --git a/src/crypto/internal/backend/fips140/cng.go b/src/crypto/internal/backend/fips140/cng.go new file mode 100644 -index 00000000000000..e4a1ddeeb7dc09 +index 00000000000000..c9131d096ec32d --- /dev/null +++ b/src/crypto/internal/backend/fips140/cng.go @@ -0,0 +1,35 @@ @@ -1858,7 +1858,7 @@ index 00000000000000..a24db78572f528 + _ "crypto/internal/backend/internal/opensslsetup" + "syscall" + -+ "github.com/golang-fips/openssl/v2" ++ "github.com/microsoft/go-crypto-openssl/osslsetup" +) + +const backendEnabled = true @@ -1999,7 +1999,7 @@ index 00000000000000..d816f1be17b6a1 +import ( + "syscall" + -+ "github.com/golang-fips/openssl/v2" ++ "github.com/microsoft/go-crypto-openssl/osslsetup" +) + +// knownVersions is a list of supported and well-known libcrypto.so suffixes in decreasing version order. @@ -2447,7 +2447,8 @@ index 00000000000000..02c3c67f822ae2 + "crypto/internal/boring/sig" + "hash" + -+ "github.com/golang-fips/openssl/v2" ++ "github.com/microsoft/go-crypto-openssl/openssl" ++ "github.com/microsoft/go-crypto-openssl/osslsetup" +) + +// Enabled controls whether FIPS crypto is enabled. @@ -2460,13 +2461,13 @@ index 00000000000000..02c3c67f822ae2 + // but they configure OpenSSL to use a FIPS-compliant provider (in the case of Azure Linux 3, the SCOSSL provider). + // In this cases, openssl.FIPS would return `false` and openssl.FIPSCapable would return `true`. + // We don't care about the `fips=yes` property as long as the provider is FIPS-compliant, so use -+ // openssl.FIPSCapable to determine whether FIPS mode is enabled. -+ if err := fips140.Check(func() bool { return openssl.FIPSCapable() }); err != nil { ++ // openssl.FIPS to determine whether FIPS mode is enabled. ++ if err := fips140.Check(func() bool { return openssl.FIPS() }); err != nil { + // This path can be reached for the following reasons: + // - In OpenSSL 1, the active engine doesn't support FIPS mode. + // - In OpenSSL 1, the active engine supports FIPS mode, but it is not enabled. + // - In OpenSSL 3, the provider used by default doesn't match the `fips=yes` query. -+ panic("opensslcrypto: " + err.Error() + ": " + openssl.VersionText()) ++ panic("opensslcrypto: " + err.Error() + ": " + osslsetup.VersionText()) + } + sig.BoringCrypto() +} @@ -2628,7 +2629,7 @@ index 00000000000000..02c3c67f822ae2 +} + +func ExpandHKDF(h func() hash.Hash, pseudorandomKey, info []byte, keyLength int) ([]byte, error) { -+ return openssl.ExpandHKDFOneShot(h, pseudorandomKey, info, keyLength) ++ return openssl.ExpandHKDF(h, pseudorandomKey, info, keyLength) +} + +func ExtractHKDF(h func() hash.Hash, secret, salt []byte) ([]byte, error) { @@ -2815,7 +2816,7 @@ index 9bfef9e125e8d3..ba601c2d1d0c6e 100644 < github.com/microsoft/go-crypto-winnative/cng; + syscall, -+ github.com/golang-fips/openssl/v2 ++ github.com/microsoft/go-crypto-openssl/osslsetup + < crypto/internal/backend/internal/opensslsetup + < crypto/internal/backend/fips140; + @@ -2832,7 +2833,7 @@ index 9bfef9e125e8d3..ba601c2d1d0c6e 100644 + + crypto/internal/boring/sig, + crypto/internal/backend/fips140, -+ github.com/golang-fips/openssl/v2, ++ github.com/microsoft/go-crypto-openssl/openssl, + github.com/microsoft/go-crypto-darwin/xcrypto, + github.com/microsoft/go-crypto-winnative/cng + < crypto/internal/backend; @@ -2862,7 +2863,7 @@ index 9bfef9e125e8d3..ba601c2d1d0c6e 100644 + < crypto/internal/boring/bbig; + + CRYPTO, FMT, math/big, internal/saferio, -+ github.com/golang-fips/openssl/v2/bbig, ++ github.com/microsoft/go-crypto-openssl/bbig, + github.com/microsoft/go-crypto-darwin/bbig, + github.com/microsoft/go-crypto-winnative/cng/bbig + < crypto/internal/backend/bbig diff --git a/patches/0004-Use-crypto-backends.patch b/patches/0004-Use-crypto-backends.patch index 4d228485104..3b3e68b794d 100644 --- a/patches/0004-Use-crypto-backends.patch +++ b/patches/0004-Use-crypto-backends.patch @@ -263,8 +263,8 @@ index 7f22b6ba1c5bf0..6d9c27f5537700 100644 // These packages can use internal linking mode. // Others trigger external mode. var internalpkg = []string{ -+ "vendor/github.com/golang-fips/openssl/v2/internal/ossl", -+ "vendor/github.com/golang-fips/openssl/v2", ++ "vendor/github.com/microsoft/go-crypto-openssl/internal/ossl", ++ "vendor/github.com/microsoft/go-crypto-openssl/openssl", "crypto/internal/boring", "crypto/internal/boring/syso", "crypto/x509", From d4af096380685a4501ae3d0f28d6691c5645332c Mon Sep 17 00:00:00 2001 From: George Adams Date: Thu, 21 May 2026 14:25:42 +0100 Subject: [PATCH 2/7] update docs --- eng/doc/fips/README.md | 5 ++--- eng/doc/fips/UserGuide.md | 4 ++-- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/eng/doc/fips/README.md b/eng/doc/fips/README.md index 3addcf40d6d..bd38c21f555 100644 --- a/eng/doc/fips/README.md +++ b/eng/doc/fips/README.md @@ -32,7 +32,7 @@ The Microsoft build of Go modifies the Go runtime to call into a platform-provid Depending on the platform, this is done using cgo or syscalls. This allows Go programs to use a platform-provided FIPS 140 certified crypto library. -On Linux, the fork uses [OpenSSL](https://www.openssl.org/) through the [golang-fips/openssl] module in Go 1.21+ and the [go-crypto-openssl] module in earlier versions. On Windows, [CNG](https://docs.microsoft.com/en-us/windows/win32/seccng/about-cng), using [go-crypto-winnative]. Since 1.24, on macOS, [CommonCrypto](https://developer.apple.com/library/archive/documentation/System/Conceptual/ManPages_iPhoneOS/man3/Common%20Crypto.3cc.html) and [CryptoKit](https://developer.apple.com/documentation/cryptokit) using [go-crypto-darwin]. Similar to BoringSSL, certain OpenSSL, CNG and CommonCrypto/CryptoKit versions are FIPS 140 certified. +On Linux, the fork uses [OpenSSL](https://www.openssl.org/) through the [go-crypto-openssl] module in Go 1.21+ and the [go-crypto-openssl] module in earlier versions. On Windows, [CNG](https://docs.microsoft.com/en-us/windows/win32/seccng/about-cng), using [go-crypto-winnative]. On macOS, [CommonCrypto](https://developer.apple.com/library/archive/documentation/System/Conceptual/ManPages_iPhoneOS/man3/Common%20Crypto.3cc.html) and [CryptoKit](https://developer.apple.com/documentation/cryptokit) using [go-crypto-darwin]. Similar to BoringSSL, certain OpenSSL, CNG and CommonCrypto/CryptoKit versions are FIPS 140 certified. > [!IMPORTANT] > An application built with Microsoft's Go toolchain and running in FIPS compatible mode is not FIPS compliant _per-se_. @@ -394,7 +394,7 @@ The `opensslcrypto` Go runtime supports multiple OpenSSL versions. It discovers Not all OpenSSL versions are supported. OpenSSL does not maintain ABI compatibility between different releases, even if only the patch version is increased, it needs specific attention to implement support. The relative importance of each version also results in a different amount of automated testing that has been implemented for various supported version. These are supported versions and the amount of automated validation for each one: - OpenSSL 1.1.1: the Microsoft CI builds official releases and runs the Go toolset test suite with this version. -- OpenSSL 1.1.0, 1.1.1, and 3.0.2: the [golang-fips/openssl] and [go-crypto-openssl] repository CI tests basic operation, but not the integration with the Go runtime. +- OpenSSL 1.1.0, 1.1.1, and 3.0.2: the [go-crypto-openssl] repository CI tests basic operation, but not the integration with the Go runtime. - Prior to Go 1.25, this list includes 1.0.2. Versions not listed above are not supported at all. @@ -522,7 +522,6 @@ See the [Microsoft build of Go 1.24 FIPS changes](https://devblogs.microsoft.com - For historical information about Go 1.16-1.18, see [the FIPS documentation in the 1.20 release branch](https://github.com/microsoft/go/tree/microsoft/release-branch.go1.20/eng/doc/fips). It includes details about FIPS in 1.18 and the changes in 1.19. [go-crypto-openssl]: https://github.com/microsoft/go-crypto-openssl -[golang-fips/openssl]: https://github.com/golang-fips/openssl [go-crypto-winnative]: https://github.com/microsoft/go-crypto-winnative [go-crypto-darwin]: https://github.com/microsoft/go-crypto-darwin [dlopen]: https://man7.org/linux/man-pages/man3/dlopen.3.html diff --git a/eng/doc/fips/UserGuide.md b/eng/doc/fips/UserGuide.md index af6c9599579..91f9c5b5c5c 100644 --- a/eng/doc/fips/UserGuide.md +++ b/eng/doc/fips/UserGuide.md @@ -97,11 +97,11 @@ The Go crypto documentation is available online at https://pkg.go.dev/crypto. ## The Microsoft build of Go crypto backends -The OpenSSL backend uses [golang-fips/openssl]. +The OpenSSL backend uses [go-crypto-openssl]. The CNG backend uses [go-crypto-winnative]. For more general information about the backends, such as how to enable them, see the [Microsoft build of Go FIPS README](./README.md). -[golang-fips/openssl]: https://github.com/golang-fips/openssl +[go-crypto-openssl]: https://github.com/microsoft/go-crypto-openssl [go-crypto-winnative]: https://github.com/microsoft/go-crypto-winnative > [!NOTE] From 82101d08163841ca38c1b9aea440dd0bdca22210 Mon Sep 17 00:00:00 2001 From: George Adams Date: Thu, 21 May 2026 14:35:19 +0100 Subject: [PATCH 3/7] fix import path --- ...03-Implement-crypto-internal-backend.patch | 21 +++++++++---------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/patches/0003-Implement-crypto-internal-backend.patch b/patches/0003-Implement-crypto-internal-backend.patch index 1664ee68862..5e908409f42 100644 --- a/patches/0003-Implement-crypto-internal-backend.patch +++ b/patches/0003-Implement-crypto-internal-backend.patch @@ -55,7 +55,7 @@ desired goexperiments and build tags. src/internal/buildcfg/exp.go | 54 +++ src/runtime/runtime_boring.go | 5 + src/syscall/exec_linux_test.go | 2 +- - 46 files changed, 2317 insertions(+), 23 deletions(-) + 46 files changed, 2318 insertions(+), 22 deletions(-) create mode 100644 src/cmd/go/systemcrypto_test.go create mode 100644 src/crypto/internal/backend/backend_test.go create mode 100644 src/crypto/internal/backend/bbig/big.go @@ -677,7 +677,7 @@ index 2f46a6b44bffe1..69071289e2de81 100644 ! go build -o $devnull cmd/buildid diff --git a/src/cmd/internal/testdir/testdir_test.go b/src/cmd/internal/testdir/testdir_test.go -index 483a9ec33c6798..fad922e3f844ab 100644 +index 529445a7dab59d..e2d64bb8335119 100644 --- a/src/cmd/internal/testdir/testdir_test.go +++ b/src/cmd/internal/testdir/testdir_test.go @@ -118,6 +118,13 @@ func Test(t *testing.T) { @@ -856,7 +856,7 @@ index 00000000000000..77f3ca5d262769 +var Dec = bbig.Dec diff --git a/src/crypto/internal/backend/bbig/big_openssl.go b/src/crypto/internal/backend/bbig/big_openssl.go new file mode 100644 -index 00000000000000..e6695dd66b1d02 +index 00000000000000..13f667a140e05f --- /dev/null +++ b/src/crypto/internal/backend/bbig/big_openssl.go @@ -0,0 +1,12 @@ @@ -1655,7 +1655,7 @@ index 00000000000000..fea0f284de2439 +} diff --git a/src/crypto/internal/backend/fips140/cng.go b/src/crypto/internal/backend/fips140/cng.go new file mode 100644 -index 00000000000000..c9131d096ec32d +index 00000000000000..e4a1ddeeb7dc09 --- /dev/null +++ b/src/crypto/internal/backend/fips140/cng.go @@ -0,0 +1,35 @@ @@ -1842,7 +1842,7 @@ index 00000000000000..289d6594eac54b +} diff --git a/src/crypto/internal/backend/fips140/openssl_cgo.go b/src/crypto/internal/backend/fips140/openssl_cgo.go new file mode 100644 -index 00000000000000..a24db78572f528 +index 00000000000000..5f99705f9d8c20 --- /dev/null +++ b/src/crypto/internal/backend/fips140/openssl_cgo.go @@ -0,0 +1,59 @@ @@ -1981,7 +1981,7 @@ index 00000000000000..d3d39fd77f98db +const isSkipFIPSCheck = true diff --git a/src/crypto/internal/backend/internal/opensslsetup/opensslsetup.go b/src/crypto/internal/backend/internal/opensslsetup/opensslsetup.go new file mode 100644 -index 00000000000000..d816f1be17b6a1 +index 00000000000000..cc720b20984666 --- /dev/null +++ b/src/crypto/internal/backend/internal/opensslsetup/opensslsetup.go @@ -0,0 +1,68 @@ @@ -2011,7 +2011,7 @@ index 00000000000000..d816f1be17b6a1 + +func init() { + lib := library() -+ if err := openssl.Init(lib); err != nil { ++ if err := osslsetup.Init(lib); err != nil { + panic("opensslcrypto: can't initialize OpenSSL " + lib + ": " + err.Error()) + } +} @@ -2032,7 +2032,7 @@ index 00000000000000..d816f1be17b6a1 + +// checkVersion is a variable that holds the openssl.CheckVersion function. +// It is initialized in the init function to allow overriding in tests. -+var checkVersion = openssl.CheckVersion ++var checkVersion = osslsetup.CheckVersion + +// searchKnownLibrary returns the name of the highest available FIPS-enabled version of OpenSSL +// using the known library suffixes. @@ -2424,7 +2424,7 @@ index 00000000000000..ce267825dc6ddc +} diff --git a/src/crypto/internal/backend/openssl_linux.go b/src/crypto/internal/backend/openssl_linux.go new file mode 100644 -index 00000000000000..02c3c67f822ae2 +index 00000000000000..941edd3d1dc98c --- /dev/null +++ b/src/crypto/internal/backend/openssl_linux.go @@ -0,0 +1,332 @@ @@ -2760,7 +2760,6 @@ index 00000000000000..02c3c67f822ae2 + } + + return openssl.VerifyDSA(pub, hashed, sig) -+} diff --git a/src/crypto/internal/backend/stub.s b/src/crypto/internal/backend/stub.s new file mode 100644 index 00000000000000..5e4b436554d44d @@ -2799,7 +2798,7 @@ index 00000000000000..13782a8241b99a + ` +} diff --git a/src/go/build/deps_test.go b/src/go/build/deps_test.go -index 9bfef9e125e8d3..ba601c2d1d0c6e 100644 +index 4145c70f62440e..df7c5f9181be80 100644 --- a/src/go/build/deps_test.go +++ b/src/go/build/deps_test.go @@ -353,7 +353,7 @@ var depsRules = ` From a8fd14e818906f619c3c00d40a6a1e1688d6b41e Mon Sep 17 00:00:00 2001 From: George Adams Date: Thu, 21 May 2026 14:37:26 +0100 Subject: [PATCH 4/7] fix pathes --- patches/0001-Vendor-external-dependencies.patch | 2 +- patches/0004-Use-crypto-backends.patch | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/patches/0001-Vendor-external-dependencies.patch b/patches/0001-Vendor-external-dependencies.patch index 3ec57301fb5..84d810f657d 100644 --- a/patches/0001-Vendor-external-dependencies.patch +++ b/patches/0001-Vendor-external-dependencies.patch @@ -2195,7 +2195,7 @@ index 7f6237ffd59c11..8f68bc361081f1 100644 "github.com/google/pprof", "github.com/ianlancetaylor/demangle", "rsc.io/markdown", -+ "github.com/golang-fips/openssl", ++ "github.com/microsoft/go-crypto-openssl", + "github.com/microsoft/go-crypto-winnative", + "github.com/microsoft/go-crypto-darwin", + "github.com/microsoft/go-infra/telemetry", diff --git a/patches/0004-Use-crypto-backends.patch b/patches/0004-Use-crypto-backends.patch index 3b3e68b794d..f0a42f43117 100644 --- a/patches/0004-Use-crypto-backends.patch +++ b/patches/0004-Use-crypto-backends.patch @@ -218,7 +218,7 @@ index 4aaf46b5d0f0dc..ec58a217400caa 100644 env GO111MODULE=off +# Disable systemcrypto while evaluating test dependencies to avoid importing -+# vendored crypto module dependencies like golang-fips/openssl. This test script ++# vendored crypto module dependencies like go-crypto-openssl. This test script +# is not set up to handle any vendored libraries being imported other than +# golang.org/x/net/http2/hpack, so we must make sure it is the only one. +# From f595b6022155a14945b56be7199981ad304cc63e Mon Sep 17 00:00:00 2001 From: George Adams Date: Thu, 21 May 2026 14:42:24 +0100 Subject: [PATCH 5/7] fix osslsetup.FIPS --- patches/0003-Implement-crypto-internal-backend.patch | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/patches/0003-Implement-crypto-internal-backend.patch b/patches/0003-Implement-crypto-internal-backend.patch index 5e908409f42..269a773b8b2 100644 --- a/patches/0003-Implement-crypto-internal-backend.patch +++ b/patches/0003-Implement-crypto-internal-backend.patch @@ -1870,7 +1870,7 @@ index 00000000000000..5f99705f9d8c20 + if kernelFIPSMode() { + return true + } -+ return openssl.FIPS() ++ return osslsetup.FIPS() +} + +// kernelFIPSMode reports whether the kernel is in FIPS mode. @@ -2459,10 +2459,10 @@ index 00000000000000..941edd3d1dc98c +func init() { + // Some distributions, e.g. Azure Linux 3, don't set the `fips=yes` property when running in FIPS mode, + // but they configure OpenSSL to use a FIPS-compliant provider (in the case of Azure Linux 3, the SCOSSL provider). -+ // In this cases, openssl.FIPS would return `false` and openssl.FIPSCapable would return `true`. ++ // In this cases, osslsetup.FIPS would return `false` and osslsetup.FIPSCapable would return `true`. + // We don't care about the `fips=yes` property as long as the provider is FIPS-compliant, so use -+ // openssl.FIPS to determine whether FIPS mode is enabled. -+ if err := fips140.Check(func() bool { return openssl.FIPS() }); err != nil { ++ // osslsetup.FIPS to determine whether FIPS mode is enabled. ++ if err := fips140.Check(func() bool { return osslsetup.FIPS() }); err != nil { + // This path can be reached for the following reasons: + // - In OpenSSL 1, the active engine doesn't support FIPS mode. + // - In OpenSSL 1, the active engine supports FIPS mode, but it is not enabled. From 220720245a6fc4ab1e3faf753b9676bc66e319bd Mon Sep 17 00:00:00 2001 From: George Adams Date: Thu, 21 May 2026 15:25:50 +0100 Subject: [PATCH 6/7] revert back to 1.25 release branch --- .../0001-Vendor-external-dependencies.patch | 26953 +++++----------- ...03-Implement-crypto-internal-backend.patch | 24 +- 2 files changed, 8354 insertions(+), 18623 deletions(-) diff --git a/patches/0001-Vendor-external-dependencies.patch b/patches/0001-Vendor-external-dependencies.patch index 84d810f657d..3d6cdfd5739 100644 --- a/patches/0001-Vendor-external-dependencies.patch +++ b/patches/0001-Vendor-external-dependencies.patch @@ -21,7 +21,7 @@ Use a 'go' that was recently built by the current branch to ensure stable result .../telemetry/internal/appinsights/client.go | 169 ++ .../internal/appinsights/inmemorychannel.go | 341 +++ .../internal/contracts/contexttagkeys.go | 50 + - .../internal/contracts/envelope.go | 123 + + .../internal/contracts/envelope.go | 123 ++ .../internal/contracts/response.go | 32 + .../internal/appinsights/jsonserializer.go | 33 + .../telemetry/internal/appinsights/package.go | 13 + @@ -30,7 +30,7 @@ Use a 'go' that was recently built by the current branch to ensure stable result .../telemetry/internal/config/config.go | 63 + .../telemetry/internal/telemetry/proginfo.go | 32 + .../telemetry/internal/telemetry/telemetry.go | 32 + - .../microsoft/go-infra/telemetry/telemetry.go | 125 + + .../microsoft/go-infra/telemetry/telemetry.go | 125 ++ src/cmd/vendor/modules.txt | 11 + src/crypto/internal/backend/deps_ignore.go | 22 + src/go.mod | 6 + @@ -45,18 +45,18 @@ Use a 'go' that was recently built by the current branch to ensure stable result .../internal/cryptokit/cryptokit.h | 67 + .../internal/cryptokit/ed25519.go | 72 + .../internal/cryptokit/gcm.go | 36 + - .../internal/cryptokit/hash.go | 247 ++ + .../internal/cryptokit/hash.go | 247 +++ .../internal/cryptokit/hashclone.go | 17 + .../internal/cryptokit/hashclone_go125.go | 12 + .../internal/cryptokit/hkdf.go | 77 + - .../internal/cryptokit/hmac.go | 146 + + .../internal/cryptokit/hmac.go | 146 ++ .../microsoft/go-crypto-darwin/xcrypto/aes.go | 336 +++ .../microsoft/go-crypto-darwin/xcrypto/big.go | 16 + .../go-crypto-darwin/xcrypto/cgo_go124.go | 23 + - .../go-crypto-darwin/xcrypto/cipher.go | 122 + + .../go-crypto-darwin/xcrypto/cipher.go | 122 ++ .../microsoft/go-crypto-darwin/xcrypto/des.go | 117 + .../microsoft/go-crypto-darwin/xcrypto/ec.go | 32 + - .../go-crypto-darwin/xcrypto/ecdh.go | 135 + + .../go-crypto-darwin/xcrypto/ecdh.go | 135 ++ .../go-crypto-darwin/xcrypto/ecdsa.go | 181 ++ .../go-crypto-darwin/xcrypto/ed25519.go | 100 + .../microsoft/go-crypto-darwin/xcrypto/evp.go | 345 +++ @@ -68,158 +68,73 @@ Use a 'go' that was recently built by the current branch to ensure stable result .../microsoft/go-crypto-darwin/xcrypto/rc4.go | 83 + .../microsoft/go-crypto-darwin/xcrypto/rsa.go | 194 ++ .../go-crypto-darwin/xcrypto/xcrypto.go | 49 + - .../microsoft/go-crypto-openssl/LICENSE | 21 + - .../microsoft/go-crypto-openssl/bbig/big.go | 40 + - .../internal/fakecgo/abi_amd64.h | 99 + - .../internal/fakecgo/abi_arm64.h | 39 + - .../internal/fakecgo/abi_loong64.h | 60 + - .../internal/fakecgo/abi_ppc64x.h | 195 ++ - .../internal/fakecgo/abi_riscv64.h | 72 + - .../internal/fakecgo/asm_386.s | 29 + - .../internal/fakecgo/asm_amd64.s | 39 + - .../internal/fakecgo/asm_arm.s | 52 + - .../internal/fakecgo/asm_arm64.s | 36 + - .../internal/fakecgo/asm_loong64.s | 40 + - .../internal/fakecgo/asm_ppc64le.s | 82 + - .../internal/fakecgo/asm_riscv64.s | 37 + - .../internal/fakecgo/asm_s390x.s | 55 + - .../internal/fakecgo/callbacks.go | 93 + - .../internal/fakecgo/fakecgo.go | 14 + - .../internal/fakecgo/fakecgo.lock | 3 + - .../internal/fakecgo/freebsd.go | 27 + - .../internal/fakecgo/generate.go | 6 + - .../internal/fakecgo/go_darwin.go | 88 + - .../internal/fakecgo/go_freebsd.go | 79 + - .../internal/fakecgo/go_libinit.go | 72 + - .../internal/fakecgo/go_linux.go | 79 + - .../internal/fakecgo/go_setenv.go | 18 + - .../internal/fakecgo/go_util.go | 38 + - .../internal/fakecgo/iscgo.go | 19 + - .../internal/fakecgo/libcgo.go | 39 + - .../internal/fakecgo/libcgo_darwin.go | 26 + - .../internal/fakecgo/libcgo_freebsd.go | 20 + - .../internal/fakecgo/libcgo_linux.go | 20 + - .../internal/fakecgo/linux.go | 184 ++ - .../internal/fakecgo/setenv.go | 19 + - .../internal/fakecgo/trampolines_386.s | 121 + - .../internal/fakecgo/trampolines_amd64.s | 107 + - .../internal/fakecgo/trampolines_arm.s | 122 + - .../internal/fakecgo/trampolines_arm64.s | 81 + - .../internal/fakecgo/trampolines_linux_386.s | 78 + - .../fakecgo/trampolines_linux_amd64.s | 69 + - .../internal/fakecgo/trampolines_linux_arm.s | 69 + - .../fakecgo/trampolines_linux_arm64.s | 60 + - .../fakecgo/trampolines_linux_loong64.s | 60 + - .../fakecgo/trampolines_linux_ppc64le.s | 69 + - .../fakecgo/trampolines_linux_riscv64.s | 60 + - .../fakecgo/trampolines_linux_s390x.s | 53 + - .../internal/fakecgo/trampolines_loong64.s | 78 + - .../internal/fakecgo/trampolines_ppc64le.s | 128 + - .../internal/fakecgo/trampolines_riscv64.s | 76 + - .../internal/fakecgo/trampolines_s390x.s | 154 + - .../internal/fakecgo/zsymbols.go | 165 ++ - .../internal/fakecgo/zsymbols_darwin.go | 59 + - .../internal/fakecgo/zsymbols_freebsd.go | 48 + - .../internal/fakecgo/zsymbols_linux.go | 158 ++ - .../internal/fakecgo/ztrampolines_darwin.s | 19 + - .../internal/fakecgo/ztrampolines_freebsd.s | 16 + - .../internal/fakecgo/ztrampolines_linux.s | 46 + - .../internal/fakecgo/ztrampolines_stubs.s | 55 + - .../go-crypto-openssl/internal/ossl/asm_386.s | 101 + - .../internal/ossl/asm_amd64.s | 123 + - .../go-crypto-openssl/internal/ossl/asm_arm.s | 107 + - .../internal/ossl/asm_arm64.s | 100 + - .../internal/ossl/asm_loong64.s | 119 + - .../internal/ossl/asm_others.s | 10 + - .../internal/ossl/asm_ppc64le.s | 144 + - .../internal/ossl/asm_riscv64.s | 112 + - .../internal/ossl/asm_s390x.s | 120 + - .../go-crypto-openssl/internal/ossl/dl.h | 15 + - .../go-crypto-openssl/internal/ossl/errors.go | 37 + - .../internal/ossl/errors_cgo.go | 33 + - .../internal/ossl/errors_nocgo.go | 19 + - .../go-crypto-openssl/internal/ossl/ossl.go | 62 + - .../go-crypto-openssl/internal/ossl/shims.h | 446 +++ - .../internal/ossl/syscall_nocgo.go | 87 + - .../internal/ossl/syscall_nocgo_darwin.go | 8 + - .../internal/ossl/syscall_nocgo_freebsd.go | 8 + - .../internal/ossl/syscall_nocgo_linux.go | 8 + - .../internal/ossl/syscall_nocgo_unix.go | 23 + - .../internal/ossl/syscall_nocgo_windows.go | 25 + - .../go-crypto-openssl/internal/ossl/zdl.s | 58 + - .../internal/ossl/zdl_nocgo.go | 61 + - .../go-crypto-openssl/internal/ossl/zossl.c | 2083 ++++++++++++++ - .../go-crypto-openssl/internal/ossl/zossl.go | 76 + - .../go-crypto-openssl/internal/ossl/zossl.h | 375 +++ - .../internal/ossl/zossl_cgo.go | 1513 ++++++++++ - .../internal/ossl/zossl_nocgo.go | 2481 +++++++++++++++++ - .../go-crypto-openssl/openssl/aes.go | 158 ++ - .../go-crypto-openssl/openssl/big.go | 14 + - .../openssl/chacha20poly1305.go | 152 + - .../go-crypto-openssl/openssl/cipher.go | 666 +++++ - .../go-crypto-openssl/openssl/const.go | 109 + - .../go-crypto-openssl/openssl/cshake.go | 256 ++ - .../go-crypto-openssl/openssl/des.go | 121 + - .../go-crypto-openssl/openssl/dsa.go | 306 ++ - .../microsoft/go-crypto-openssl/openssl/ec.go | 132 + - .../go-crypto-openssl/openssl/ecdh.go | 341 +++ - .../go-crypto-openssl/openssl/ecdsa.go | 220 ++ - .../go-crypto-openssl/openssl/ed25519.go | 209 ++ - .../go-crypto-openssl/openssl/evp.go | 615 ++++ - .../go-crypto-openssl/openssl/hash.go | 521 ++++ - .../go-crypto-openssl/openssl/hkdf.go | 330 +++ - .../go-crypto-openssl/openssl/hmac.go | 280 ++ - .../go-crypto-openssl/openssl/mldsa.go | 449 +++ - .../go-crypto-openssl/openssl/mlkem.go | 369 +++ - .../go-crypto-openssl/openssl/openssl.go | 183 ++ - .../go-crypto-openssl/openssl/openssl_cgo.go | 17 + - .../openssl/openssl_nocgo.go | 35 + - .../go-crypto-openssl/openssl/params.go | 191 ++ - .../go-crypto-openssl/openssl/pbkdf2.go | 86 + - .../openssl/provideropenssl.go | 250 ++ - .../openssl/providersymcrypt.go | 331 +++ - .../go-crypto-openssl/openssl/rand.go | 37 + - .../go-crypto-openssl/openssl/rc4.go | 76 + - .../go-crypto-openssl/openssl/rsa.go | 712 +++++ - .../go-crypto-openssl/openssl/tls1prf.go | 157 ++ - .../go-crypto-openssl/openssl/zaes.go | 87 + - .../go-crypto-openssl/osslsetup/fips.go | 69 + - .../go-crypto-openssl/osslsetup/init.go | 170 ++ - .../osslsetup/init_cgo_unix.go | 34 + - .../osslsetup/init_nocgo_unix.go | 35 + - .../osslsetup/init_windows.go | 37 + - .../go-crypto-openssl/osslsetup/osslsetup.go | 109 + - .../osslsetup/osslsetup_cgo.go | 12 + - .../osslsetup/osslsetup_nocgo.go | 24 + + .../microsoft/go-crypto-openssl/LICENSE | 20 + + .../microsoft/go-crypto-openssl/bbig/big.go | 37 + + .../go-crypto-openssl/internal/ossl/errors.go | 119 + + .../go-crypto-openssl/internal/ossl/ossl.go | 81 + + .../go-crypto-openssl/internal/ossl/shims.h | 399 ++++ + .../go-crypto-openssl/internal/ossl/zossl.c | 1924 +++++++++++++++++ + .../go-crypto-openssl/internal/ossl/zossl.go | 1329 ++++++++++++ + .../go-crypto-openssl/internal/ossl/zossl.h | 335 +++ + .../internal/ossl/zossl_go124.go | 37 + + .../go-crypto-openssl/openssl/aes.go | 146 ++ + .../go-crypto-openssl/openssl/big.go | 11 + + .../go-crypto-openssl/openssl/cipher.go | 654 ++++++ + .../go-crypto-openssl/openssl/const.go | 93 + + .../go-crypto-openssl/openssl/des.go | 113 + + .../go-crypto-openssl/openssl/dsa.go | 309 +++ + .../microsoft/go-crypto-openssl/openssl/ec.go | 67 + + .../go-crypto-openssl/openssl/ecdh.go | 306 +++ + .../go-crypto-openssl/openssl/ecdsa.go | 226 ++ + .../go-crypto-openssl/openssl/ed25519.go | 229 ++ + .../go-crypto-openssl/openssl/evp.go | 590 +++++ + .../go-crypto-openssl/openssl/hash.go | 455 ++++ + .../go-crypto-openssl/openssl/hashclone.go | 14 + + .../openssl/hashclone_go125.go | 9 + + .../go-crypto-openssl/openssl/hkdf.go | 434 ++++ + .../go-crypto-openssl/openssl/hmac.go | 283 +++ + .../go-crypto-openssl/openssl/init.go | 157 ++ + .../go-crypto-openssl/openssl/init_unix.go | 31 + + .../go-crypto-openssl/openssl/init_windows.go | 36 + + .../go-crypto-openssl/openssl/openssl.go | 384 ++++ + .../go-crypto-openssl/openssl/params.go | 195 ++ + .../go-crypto-openssl/openssl/pbkdf2.go | 55 + + .../openssl/provideropenssl.go | 239 ++ + .../openssl/providersymcrypt.go | 338 +++ + .../go-crypto-openssl/openssl/rand.go | 22 + + .../go-crypto-openssl/openssl/rc4.go | 69 + + .../go-crypto-openssl/openssl/rsa.go | 366 ++++ + .../go-crypto-openssl/openssl/tls1prf.go | 159 ++ + .../go-crypto-openssl/openssl/zaes.go | 86 + .../microsoft/go-crypto-winnative/LICENSE | 21 + - .../microsoft/go-crypto-winnative/cng/aes.go | 427 +++ + .../microsoft/go-crypto-winnative/cng/aes.go | 427 ++++ .../go-crypto-winnative/cng/bbig/big.go | 31 + .../microsoft/go-crypto-winnative/cng/big.go | 30 + .../go-crypto-winnative/cng/cipher.go | 52 + - .../microsoft/go-crypto-winnative/cng/cng.go | 131 + + .../microsoft/go-crypto-winnative/cng/cng.go | 131 ++ .../microsoft/go-crypto-winnative/cng/des.go | 106 + - .../microsoft/go-crypto-winnative/cng/dsa.go | 465 +++ - .../microsoft/go-crypto-winnative/cng/ecdh.go | 255 ++ + .../microsoft/go-crypto-winnative/cng/dsa.go | 465 ++++ + .../microsoft/go-crypto-winnative/cng/ecdh.go | 255 +++ .../go-crypto-winnative/cng/ecdsa.go | 169 ++ .../microsoft/go-crypto-winnative/cng/hash.go | 315 +++ .../go-crypto-winnative/cng/hashclone.go | 18 + .../cng/hashclone_go125.go | 13 + - .../microsoft/go-crypto-winnative/cng/hkdf.go | 128 + + .../microsoft/go-crypto-winnative/cng/hkdf.go | 128 ++ .../microsoft/go-crypto-winnative/cng/hmac.go | 68 + .../microsoft/go-crypto-winnative/cng/keys.go | 220 ++ .../go-crypto-winnative/cng/pbkdf2.go | 70 + .../microsoft/go-crypto-winnative/cng/rand.go | 28 + .../microsoft/go-crypto-winnative/cng/rc4.go | 65 + - .../microsoft/go-crypto-winnative/cng/rsa.go | 396 +++ + .../microsoft/go-crypto-winnative/cng/rsa.go | 396 ++++ .../microsoft/go-crypto-winnative/cng/sha3.go | 311 +++ .../go-crypto-winnative/cng/tls1prf.go | 89 + - .../internal/bcrypt/bcrypt_windows.go | 368 +++ + .../internal/bcrypt/bcrypt_windows.go | 368 ++++ .../internal/bcrypt/ntstatus_windows.go | 45 + - .../internal/bcrypt/zsyscall_windows.go | 412 +++ + .../internal/bcrypt/zsyscall_windows.go | 412 ++++ .../internal/subtle/aliasing.go | 32 + .../internal/sysdll/sys_windows.go | 55 + - src/vendor/modules.txt | 19 + - 211 files changed, 28605 insertions(+), 7 deletions(-) + src/vendor/modules.txt | 17 + + 126 files changed, 19015 insertions(+), 7 deletions(-) create mode 100644 src/cmd/internal/telemetry/counter/deps_ignore.go create mode 100644 src/cmd/vendor/github.com/microsoft/go-infra/telemetry/LICENSE create mode 100644 src/cmd/vendor/github.com/microsoft/go-infra/telemetry/README.md @@ -275,95 +190,17 @@ Use a 'go' that was recently built by the current branch to ensure stable result create mode 100644 src/vendor/github.com/microsoft/go-crypto-darwin/xcrypto/xcrypto.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/LICENSE create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/bbig/big.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_amd64.h - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_arm64.h - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_loong64.h - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_ppc64x.h - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_riscv64.h - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_386.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_amd64.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_arm.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_arm64.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_loong64.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_ppc64le.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_riscv64.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_s390x.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/callbacks.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/fakecgo.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/fakecgo.lock - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/freebsd.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/generate.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_darwin.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_freebsd.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_libinit.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_linux.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_setenv.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_util.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/iscgo.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_darwin.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_freebsd.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_linux.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/linux.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/setenv.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_386.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_amd64.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_arm.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_arm64.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_386.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_amd64.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_arm.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_arm64.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_loong64.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_ppc64le.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_riscv64.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_s390x.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_loong64.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_ppc64le.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_riscv64.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_s390x.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_darwin.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_freebsd.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_linux.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_darwin.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_freebsd.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_linux.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_stubs.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_386.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_amd64.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_arm.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_arm64.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_loong64.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_others.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_ppc64le.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_riscv64.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_s390x.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/dl.h create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors_cgo.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors_nocgo.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/ossl.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/shims.h - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_darwin.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_freebsd.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_linux.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_unix.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_windows.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zdl.s - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zdl_nocgo.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.c create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.h - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl_cgo.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl_nocgo.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl_go124.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/aes.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/big.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/chacha20poly1305.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/cipher.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/const.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/cshake.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/des.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/dsa.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ec.go @@ -372,13 +209,14 @@ Use a 'go' that was recently built by the current branch to ensure stable result create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ed25519.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/evp.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hash.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hashclone.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hashclone_go125.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hkdf.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hmac.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/mldsa.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/mlkem.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/init.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/init_unix.go + create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/init_windows.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl_cgo.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl_nocgo.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/params.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/pbkdf2.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/provideropenssl.go @@ -388,14 +226,6 @@ Use a 'go' that was recently built by the current branch to ensure stable result create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rsa.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/tls1prf.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/openssl/zaes.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/fips.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_cgo_unix.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_nocgo_unix.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_windows.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup_cgo.go - create mode 100644 src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup_nocgo.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-winnative/LICENSE create mode 100644 src/vendor/github.com/microsoft/go-crypto-winnative/cng/aes.go create mode 100644 src/vendor/github.com/microsoft/go-crypto-winnative/cng/bbig/big.go @@ -2084,7 +1914,7 @@ index 00000000000000..f5dc9afe4b0ead +// that are used by the backend package. This allows to track +// their versions in a single patch file. diff --git a/src/go.mod b/src/go.mod -index 83bcb73a5d1fd5..f7a63f1c057dce 100644 +index 83bcb73a5d1fd5..1eb2a37cfd88d1 100644 --- a/src/go.mod +++ b/src/go.mod @@ -11,3 +11,9 @@ require ( @@ -2094,18 +1924,18 @@ index 83bcb73a5d1fd5..f7a63f1c057dce 100644 + +require ( + github.com/microsoft/go-crypto-darwin v0.0.2-0.20250714125817-871ed82e87d7 -+ github.com/microsoft/go-crypto-openssl v0.0.0-20260521090922-bd6798f35c69 ++ github.com/microsoft/go-crypto-openssl v0.0.0-20260521141647-8d2a891ca446 + github.com/microsoft/go-crypto-winnative v0.0.0-20250703113837-e4483837c98b +) diff --git a/src/go.sum b/src/go.sum -index e61a311a128012..3119437caf7ffe 100644 +index e61a311a128012..42117e45cb313a 100644 --- a/src/go.sum +++ b/src/go.sum @@ -1,3 +1,9 @@ +github.com/microsoft/go-crypto-darwin v0.0.2-0.20250714125817-871ed82e87d7 h1:6a0YcJOAJWLtEqDW55bUhhe4Nx/9Rpmm80KVMUxD6B4= +github.com/microsoft/go-crypto-darwin v0.0.2-0.20250714125817-871ed82e87d7/go.mod h1:LyP4oZ0QcysEJdqUTOk9ngNFArRFK94YRImkoJ8julQ= -+github.com/microsoft/go-crypto-openssl v0.0.0-20260521090922-bd6798f35c69 h1:gtZRTEEfTbjAKMNbDGXeayGoReqVhBIw+J8QzgWuBEs= -+github.com/microsoft/go-crypto-openssl v0.0.0-20260521090922-bd6798f35c69/go.mod h1:gJrjX+yWGi9pkbfPVDDh+ZbgjtQoRSXHjb/ZyjwKk34= ++github.com/microsoft/go-crypto-openssl v0.0.0-20260521141647-8d2a891ca446 h1:2DvoWXOQqjeb/Tjlvg46BEXNMcm+KtjtD4IG6kyDiy8= ++github.com/microsoft/go-crypto-openssl v0.0.0-20260521141647-8d2a891ca446/go.mod h1:zcqLMscmUJNmPj62PZjpwThp7/Un27PHel+yazZdMzs= +github.com/microsoft/go-crypto-winnative v0.0.0-20250703113837-e4483837c98b h1:Yf6lm9r6Aid3PG5FoeSX2v4iU+xWnAmCRQNjBxgceWI= +github.com/microsoft/go-crypto-winnative v0.0.0-20250703113837-e4483837c98b/go.mod h1:JkxQeL8dGcyCuKjn1Etz4NmQrOMImMy4BA9hptEfVFA= golang.org/x/crypto v0.39.0 h1:SHs+kF4LP+f+p14esP5jAoDpHU8Gu/v9lFRK6IT5imM= @@ -2188,7 +2018,7 @@ index 641d1a325a5c07..4145c70f62440e 100644 } fset := token.NewFileSet() diff --git a/src/go/build/vendor_test.go b/src/go/build/vendor_test.go -index 7f6237ffd59c11..8f68bc361081f1 100644 +index 7f6237ffd59c11..18a3b42927d800 100644 --- a/src/go/build/vendor_test.go +++ b/src/go/build/vendor_test.go @@ -22,6 +22,10 @@ var allowedPackagePrefixes = []string{ @@ -6237,40 +6067,37 @@ index 00000000000000..d6b428e7ebb68b +} diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/LICENSE b/src/vendor/github.com/microsoft/go-crypto-openssl/LICENSE new file mode 100644 -index 00000000000000..48ea6616b5b858 +index 00000000000000..97e85154015761 --- /dev/null +++ b/src/vendor/github.com/microsoft/go-crypto-openssl/LICENSE -@@ -0,0 +1,21 @@ -+MIT License +@@ -0,0 +1,20 @@ ++The MIT License (MIT) + -+Copyright (c) Microsoft Corporation. ++Copyright (c) 2022 The Golang FIPS Authors + -+Permission is hereby granted, free of charge, to any person obtaining a copy -+of this software and associated documentation files (the "Software"), to deal -+in the Software without restriction, including without limitation the rights -+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -+copies of the Software, and to permit persons to whom the Software is -+furnished to do so, subject to the following conditions: ++Permission is hereby granted, free of charge, to any person obtaining a copy of ++this software and associated documentation files (the "Software"), to deal in ++the Software without restriction, including without limitation the rights to ++use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of ++the Software, and to permit persons to whom the Software is furnished to do so, ++subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -+SOFTWARE ++IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS ++FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR ++COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER ++IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN ++CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +\ No newline at end of file diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/bbig/big.go b/src/vendor/github.com/microsoft/go-crypto-openssl/bbig/big.go new file mode 100644 -index 00000000000000..32ce383bd966c2 +index 00000000000000..1bf236d9d4b29d --- /dev/null +++ b/src/vendor/github.com/microsoft/go-crypto-openssl/bbig/big.go -@@ -0,0 +1,40 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ +@@ -0,0 +1,37 @@ +// Copyright 2022 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. @@ -6308,20615 +6135,10521 @@ index 00000000000000..32ce383bd966c2 + x := unsafe.Slice((*big.Word)(&b[0]), len(b)) + return new(big.Int).SetBits(x) +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_amd64.h b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_amd64.h -new file mode 100644 -index 00000000000000..9949435fe9e0ae ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_amd64.h -@@ -0,0 +1,99 @@ -+// Copyright 2021 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+// Macros for transitioning from the host ABI to Go ABI0. -+// -+// These save the frame pointer, so in general, functions that use -+// these should have zero frame size to suppress the automatic frame -+// pointer, though it's harmless to not do this. -+ -+#ifdef GOOS_windows -+ -+// REGS_HOST_TO_ABI0_STACK is the stack bytes used by -+// PUSH_REGS_HOST_TO_ABI0. -+#define REGS_HOST_TO_ABI0_STACK (28*8 + 8) -+ -+// PUSH_REGS_HOST_TO_ABI0 prepares for transitioning from -+// the host ABI to Go ABI0 code. It saves all registers that are -+// callee-save in the host ABI and caller-save in Go ABI0 and prepares -+// for entry to Go. -+// -+// Save DI SI BP BX R12 R13 R14 R15 X6-X15 registers and the DF flag. -+// Clear the DF flag for the Go ABI. -+// MXCSR matches the Go ABI, so we don't have to set that, -+// and Go doesn't modify it, so we don't have to save it. -+#define PUSH_REGS_HOST_TO_ABI0() \ -+ PUSHFQ \ -+ CLD \ -+ ADJSP $(REGS_HOST_TO_ABI0_STACK - 8) \ -+ MOVQ DI, (0*0)(SP) \ -+ MOVQ SI, (1*8)(SP) \ -+ MOVQ BP, (2*8)(SP) \ -+ MOVQ BX, (3*8)(SP) \ -+ MOVQ R12, (4*8)(SP) \ -+ MOVQ R13, (5*8)(SP) \ -+ MOVQ R14, (6*8)(SP) \ -+ MOVQ R15, (7*8)(SP) \ -+ MOVUPS X6, (8*8)(SP) \ -+ MOVUPS X7, (10*8)(SP) \ -+ MOVUPS X8, (12*8)(SP) \ -+ MOVUPS X9, (14*8)(SP) \ -+ MOVUPS X10, (16*8)(SP) \ -+ MOVUPS X11, (18*8)(SP) \ -+ MOVUPS X12, (20*8)(SP) \ -+ MOVUPS X13, (22*8)(SP) \ -+ MOVUPS X14, (24*8)(SP) \ -+ MOVUPS X15, (26*8)(SP) -+ -+#define POP_REGS_HOST_TO_ABI0() \ -+ MOVQ (0*0)(SP), DI \ -+ MOVQ (1*8)(SP), SI \ -+ MOVQ (2*8)(SP), BP \ -+ MOVQ (3*8)(SP), BX \ -+ MOVQ (4*8)(SP), R12 \ -+ MOVQ (5*8)(SP), R13 \ -+ MOVQ (6*8)(SP), R14 \ -+ MOVQ (7*8)(SP), R15 \ -+ MOVUPS (8*8)(SP), X6 \ -+ MOVUPS (10*8)(SP), X7 \ -+ MOVUPS (12*8)(SP), X8 \ -+ MOVUPS (14*8)(SP), X9 \ -+ MOVUPS (16*8)(SP), X10 \ -+ MOVUPS (18*8)(SP), X11 \ -+ MOVUPS (20*8)(SP), X12 \ -+ MOVUPS (22*8)(SP), X13 \ -+ MOVUPS (24*8)(SP), X14 \ -+ MOVUPS (26*8)(SP), X15 \ -+ ADJSP $-(REGS_HOST_TO_ABI0_STACK - 8) \ -+ POPFQ -+ -+#else -+// SysV ABI -+ -+#define REGS_HOST_TO_ABI0_STACK (6*8) -+ -+// SysV MXCSR matches the Go ABI, so we don't have to set that, -+// and Go doesn't modify it, so we don't have to save it. -+// Both SysV and Go require DF to be cleared, so that's already clear. -+// The SysV and Go frame pointer conventions are compatible. -+#define PUSH_REGS_HOST_TO_ABI0() \ -+ ADJSP $(REGS_HOST_TO_ABI0_STACK) \ -+ MOVQ BP, (5*8)(SP) \ -+ LEAQ (5*8)(SP), BP \ -+ MOVQ BX, (0*8)(SP) \ -+ MOVQ R12, (1*8)(SP) \ -+ MOVQ R13, (2*8)(SP) \ -+ MOVQ R14, (3*8)(SP) \ -+ MOVQ R15, (4*8)(SP) -+ -+#define POP_REGS_HOST_TO_ABI0() \ -+ MOVQ (0*8)(SP), BX \ -+ MOVQ (1*8)(SP), R12 \ -+ MOVQ (2*8)(SP), R13 \ -+ MOVQ (3*8)(SP), R14 \ -+ MOVQ (4*8)(SP), R15 \ -+ MOVQ (5*8)(SP), BP \ -+ ADJSP $-(REGS_HOST_TO_ABI0_STACK) -+ -+#endif -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_arm64.h b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_arm64.h -new file mode 100644 -index 00000000000000..5d5061ec1dbf8c ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_arm64.h -@@ -0,0 +1,39 @@ -+// Copyright 2021 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+// Macros for transitioning from the host ABI to Go ABI0. -+// -+// These macros save and restore the callee-saved registers -+// from the stack, but they don't adjust stack pointer, so -+// the user should prepare stack space in advance. -+// SAVE_R19_TO_R28(offset) saves R19 ~ R28 to the stack space -+// of ((offset)+0*8)(RSP) ~ ((offset)+9*8)(RSP). -+// -+// SAVE_F8_TO_F15(offset) saves F8 ~ F15 to the stack space -+// of ((offset)+0*8)(RSP) ~ ((offset)+7*8)(RSP). -+// -+// R29 is not saved because Go will save and restore it. -+ -+#define SAVE_R19_TO_R28(offset) \ -+ STP (R19, R20), ((offset)+0*8)(RSP) \ -+ STP (R21, R22), ((offset)+2*8)(RSP) \ -+ STP (R23, R24), ((offset)+4*8)(RSP) \ -+ STP (R25, R26), ((offset)+6*8)(RSP) \ -+ STP (R27, g), ((offset)+8*8)(RSP) -+#define RESTORE_R19_TO_R28(offset) \ -+ LDP ((offset)+0*8)(RSP), (R19, R20) \ -+ LDP ((offset)+2*8)(RSP), (R21, R22) \ -+ LDP ((offset)+4*8)(RSP), (R23, R24) \ -+ LDP ((offset)+6*8)(RSP), (R25, R26) \ -+ LDP ((offset)+8*8)(RSP), (R27, g) /* R28 */ -+#define SAVE_F8_TO_F15(offset) \ -+ FSTPD (F8, F9), ((offset)+0*8)(RSP) \ -+ FSTPD (F10, F11), ((offset)+2*8)(RSP) \ -+ FSTPD (F12, F13), ((offset)+4*8)(RSP) \ -+ FSTPD (F14, F15), ((offset)+6*8)(RSP) -+#define RESTORE_F8_TO_F15(offset) \ -+ FLDPD ((offset)+0*8)(RSP), (F8, F9) \ -+ FLDPD ((offset)+2*8)(RSP), (F10, F11) \ -+ FLDPD ((offset)+4*8)(RSP), (F12, F13) \ -+ FLDPD ((offset)+6*8)(RSP), (F14, F15) -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_loong64.h b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_loong64.h -new file mode 100644 -index 00000000000000..b10d83732f1c6e ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_loong64.h -@@ -0,0 +1,60 @@ -+// Copyright 2022 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+// Macros for transitioning from the host ABI to Go ABI0. -+// -+// These macros save and restore the callee-saved registers -+// from the stack, but they don't adjust stack pointer, so -+// the user should prepare stack space in advance. -+// SAVE_R22_TO_R31(offset) saves R22 ~ R31 to the stack space -+// of ((offset)+0*8)(R3) ~ ((offset)+9*8)(R3). -+// -+// SAVE_F24_TO_F31(offset) saves F24 ~ F31 to the stack space -+// of ((offset)+0*8)(R3) ~ ((offset)+7*8)(R3). -+// -+// Note: g is R22 -+ -+#define SAVE_R22_TO_R31(offset) \ -+ MOVV g, ((offset)+(0*8))(R3) \ -+ MOVV R23, ((offset)+(1*8))(R3) \ -+ MOVV R24, ((offset)+(2*8))(R3) \ -+ MOVV R25, ((offset)+(3*8))(R3) \ -+ MOVV R26, ((offset)+(4*8))(R3) \ -+ MOVV R27, ((offset)+(5*8))(R3) \ -+ MOVV R28, ((offset)+(6*8))(R3) \ -+ MOVV R29, ((offset)+(7*8))(R3) \ -+ MOVV R30, ((offset)+(8*8))(R3) \ -+ MOVV R31, ((offset)+(9*8))(R3) -+ -+#define SAVE_F24_TO_F31(offset) \ -+ MOVD F24, ((offset)+(0*8))(R3) \ -+ MOVD F25, ((offset)+(1*8))(R3) \ -+ MOVD F26, ((offset)+(2*8))(R3) \ -+ MOVD F27, ((offset)+(3*8))(R3) \ -+ MOVD F28, ((offset)+(4*8))(R3) \ -+ MOVD F29, ((offset)+(5*8))(R3) \ -+ MOVD F30, ((offset)+(6*8))(R3) \ -+ MOVD F31, ((offset)+(7*8))(R3) -+ -+#define RESTORE_R22_TO_R31(offset) \ -+ MOVV ((offset)+(0*8))(R3), g \ -+ MOVV ((offset)+(1*8))(R3), R23 \ -+ MOVV ((offset)+(2*8))(R3), R24 \ -+ MOVV ((offset)+(3*8))(R3), R25 \ -+ MOVV ((offset)+(4*8))(R3), R26 \ -+ MOVV ((offset)+(5*8))(R3), R27 \ -+ MOVV ((offset)+(6*8))(R3), R28 \ -+ MOVV ((offset)+(7*8))(R3), R29 \ -+ MOVV ((offset)+(8*8))(R3), R30 \ -+ MOVV ((offset)+(9*8))(R3), R31 -+ -+#define RESTORE_F24_TO_F31(offset) \ -+ MOVD ((offset)+(0*8))(R3), F24 \ -+ MOVD ((offset)+(1*8))(R3), F25 \ -+ MOVD ((offset)+(2*8))(R3), F26 \ -+ MOVD ((offset)+(3*8))(R3), F27 \ -+ MOVD ((offset)+(4*8))(R3), F28 \ -+ MOVD ((offset)+(5*8))(R3), F29 \ -+ MOVD ((offset)+(6*8))(R3), F30 \ -+ MOVD ((offset)+(7*8))(R3), F31 -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_ppc64x.h b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_ppc64x.h -new file mode 100644 -index 00000000000000..245a5266f6e9fa ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_ppc64x.h -@@ -0,0 +1,195 @@ -+// Copyright 2023 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+// Macros for transitioning from the host ABI to Go ABI -+// -+// On PPC64/ELFv2 targets, the following registers are callee -+// saved when called from C. They must be preserved before -+// calling into Go which does not preserve any of them. -+// -+// R14-R31 -+// CR2-4 -+// VR20-31 -+// F14-F31 -+// -+// xcoff(aix) and ELFv1 are similar, but may only require a -+// subset of these. -+// -+// These macros assume a 16 byte aligned stack pointer. This -+// is required by ELFv1, ELFv2, and AIX PPC64. -+ -+#define SAVE_GPR_SIZE (18*8) -+#define SAVE_GPR(offset) \ -+ MOVD R14, (offset+8*0)(R1) \ -+ MOVD R15, (offset+8*1)(R1) \ -+ MOVD R16, (offset+8*2)(R1) \ -+ MOVD R17, (offset+8*3)(R1) \ -+ MOVD R18, (offset+8*4)(R1) \ -+ MOVD R19, (offset+8*5)(R1) \ -+ MOVD R20, (offset+8*6)(R1) \ -+ MOVD R21, (offset+8*7)(R1) \ -+ MOVD R22, (offset+8*8)(R1) \ -+ MOVD R23, (offset+8*9)(R1) \ -+ MOVD R24, (offset+8*10)(R1) \ -+ MOVD R25, (offset+8*11)(R1) \ -+ MOVD R26, (offset+8*12)(R1) \ -+ MOVD R27, (offset+8*13)(R1) \ -+ MOVD R28, (offset+8*14)(R1) \ -+ MOVD R29, (offset+8*15)(R1) \ -+ MOVD g, (offset+8*16)(R1) \ -+ MOVD R31, (offset+8*17)(R1) -+ -+#define RESTORE_GPR(offset) \ -+ MOVD (offset+8*0)(R1), R14 \ -+ MOVD (offset+8*1)(R1), R15 \ -+ MOVD (offset+8*2)(R1), R16 \ -+ MOVD (offset+8*3)(R1), R17 \ -+ MOVD (offset+8*4)(R1), R18 \ -+ MOVD (offset+8*5)(R1), R19 \ -+ MOVD (offset+8*6)(R1), R20 \ -+ MOVD (offset+8*7)(R1), R21 \ -+ MOVD (offset+8*8)(R1), R22 \ -+ MOVD (offset+8*9)(R1), R23 \ -+ MOVD (offset+8*10)(R1), R24 \ -+ MOVD (offset+8*11)(R1), R25 \ -+ MOVD (offset+8*12)(R1), R26 \ -+ MOVD (offset+8*13)(R1), R27 \ -+ MOVD (offset+8*14)(R1), R28 \ -+ MOVD (offset+8*15)(R1), R29 \ -+ MOVD (offset+8*16)(R1), g \ -+ MOVD (offset+8*17)(R1), R31 -+ -+#define SAVE_FPR_SIZE (18*8) -+#define SAVE_FPR(offset) \ -+ FMOVD F14, (offset+8*0)(R1) \ -+ FMOVD F15, (offset+8*1)(R1) \ -+ FMOVD F16, (offset+8*2)(R1) \ -+ FMOVD F17, (offset+8*3)(R1) \ -+ FMOVD F18, (offset+8*4)(R1) \ -+ FMOVD F19, (offset+8*5)(R1) \ -+ FMOVD F20, (offset+8*6)(R1) \ -+ FMOVD F21, (offset+8*7)(R1) \ -+ FMOVD F22, (offset+8*8)(R1) \ -+ FMOVD F23, (offset+8*9)(R1) \ -+ FMOVD F24, (offset+8*10)(R1) \ -+ FMOVD F25, (offset+8*11)(R1) \ -+ FMOVD F26, (offset+8*12)(R1) \ -+ FMOVD F27, (offset+8*13)(R1) \ -+ FMOVD F28, (offset+8*14)(R1) \ -+ FMOVD F29, (offset+8*15)(R1) \ -+ FMOVD F30, (offset+8*16)(R1) \ -+ FMOVD F31, (offset+8*17)(R1) -+ -+#define RESTORE_FPR(offset) \ -+ FMOVD (offset+8*0)(R1), F14 \ -+ FMOVD (offset+8*1)(R1), F15 \ -+ FMOVD (offset+8*2)(R1), F16 \ -+ FMOVD (offset+8*3)(R1), F17 \ -+ FMOVD (offset+8*4)(R1), F18 \ -+ FMOVD (offset+8*5)(R1), F19 \ -+ FMOVD (offset+8*6)(R1), F20 \ -+ FMOVD (offset+8*7)(R1), F21 \ -+ FMOVD (offset+8*8)(R1), F22 \ -+ FMOVD (offset+8*9)(R1), F23 \ -+ FMOVD (offset+8*10)(R1), F24 \ -+ FMOVD (offset+8*11)(R1), F25 \ -+ FMOVD (offset+8*12)(R1), F26 \ -+ FMOVD (offset+8*13)(R1), F27 \ -+ FMOVD (offset+8*14)(R1), F28 \ -+ FMOVD (offset+8*15)(R1), F29 \ -+ FMOVD (offset+8*16)(R1), F30 \ -+ FMOVD (offset+8*17)(R1), F31 -+ -+// Save and restore VR20-31 (aka VSR56-63). These -+// macros must point to a 16B aligned offset. -+#define SAVE_VR_SIZE (12*16) -+#define SAVE_VR(offset, rtmp) \ -+ MOVD $(offset+16*0), rtmp \ -+ STVX V20, (rtmp)(R1) \ -+ MOVD $(offset+16*1), rtmp \ -+ STVX V21, (rtmp)(R1) \ -+ MOVD $(offset+16*2), rtmp \ -+ STVX V22, (rtmp)(R1) \ -+ MOVD $(offset+16*3), rtmp \ -+ STVX V23, (rtmp)(R1) \ -+ MOVD $(offset+16*4), rtmp \ -+ STVX V24, (rtmp)(R1) \ -+ MOVD $(offset+16*5), rtmp \ -+ STVX V25, (rtmp)(R1) \ -+ MOVD $(offset+16*6), rtmp \ -+ STVX V26, (rtmp)(R1) \ -+ MOVD $(offset+16*7), rtmp \ -+ STVX V27, (rtmp)(R1) \ -+ MOVD $(offset+16*8), rtmp \ -+ STVX V28, (rtmp)(R1) \ -+ MOVD $(offset+16*9), rtmp \ -+ STVX V29, (rtmp)(R1) \ -+ MOVD $(offset+16*10), rtmp \ -+ STVX V30, (rtmp)(R1) \ -+ MOVD $(offset+16*11), rtmp \ -+ STVX V31, (rtmp)(R1) -+ -+#define RESTORE_VR(offset, rtmp) \ -+ MOVD $(offset+16*0), rtmp \ -+ LVX (rtmp)(R1), V20 \ -+ MOVD $(offset+16*1), rtmp \ -+ LVX (rtmp)(R1), V21 \ -+ MOVD $(offset+16*2), rtmp \ -+ LVX (rtmp)(R1), V22 \ -+ MOVD $(offset+16*3), rtmp \ -+ LVX (rtmp)(R1), V23 \ -+ MOVD $(offset+16*4), rtmp \ -+ LVX (rtmp)(R1), V24 \ -+ MOVD $(offset+16*5), rtmp \ -+ LVX (rtmp)(R1), V25 \ -+ MOVD $(offset+16*6), rtmp \ -+ LVX (rtmp)(R1), V26 \ -+ MOVD $(offset+16*7), rtmp \ -+ LVX (rtmp)(R1), V27 \ -+ MOVD $(offset+16*8), rtmp \ -+ LVX (rtmp)(R1), V28 \ -+ MOVD $(offset+16*9), rtmp \ -+ LVX (rtmp)(R1), V29 \ -+ MOVD $(offset+16*10), rtmp \ -+ LVX (rtmp)(R1), V30 \ -+ MOVD $(offset+16*11), rtmp \ -+ LVX (rtmp)(R1), V31 -+ -+// LR and CR are saved in the caller's frame. The callee must -+// make space for all other callee-save registers. -+#define SAVE_ALL_REG_SIZE (SAVE_GPR_SIZE+SAVE_FPR_SIZE+SAVE_VR_SIZE) -+ -+// Stack a frame and save all callee-save registers following the -+// host OS's ABI. Fortunately, this is identical for AIX, ELFv1, and -+// ELFv2. All host ABIs require the stack pointer to maintain 16 byte -+// alignment, and save the callee-save registers in the same places. -+// -+// To restate, R1 is assumed to be aligned when this macro is used. -+// This assumes the caller's frame is compliant with the host ABI. -+// CR and LR are saved into the caller's frame per the host ABI. -+// R0 is initialized to $0 as expected by Go. -+#define STACK_AND_SAVE_HOST_TO_GO_ABI(extra) \ -+ MOVD LR, R0 \ -+ MOVD R0, 16(R1) \ -+ MOVW CR, R0 \ -+ MOVD R0, 8(R1) \ -+ MOVDU R1, -(extra)-FIXED_FRAME-SAVE_ALL_REG_SIZE(R1) \ -+ SAVE_GPR(extra+FIXED_FRAME) \ -+ SAVE_FPR(extra+FIXED_FRAME+SAVE_GPR_SIZE) \ -+ SAVE_VR(extra+FIXED_FRAME+SAVE_GPR_SIZE+SAVE_FPR_SIZE, R0) \ -+ MOVD $0, R0 -+ -+// This unstacks the frame, restoring all callee-save registers -+// as saved by STACK_AND_SAVE_HOST_TO_GO_ABI. -+// -+// R0 is not guaranteed to contain $0 after this macro. -+#define UNSTACK_AND_RESTORE_GO_TO_HOST_ABI(extra) \ -+ RESTORE_GPR(extra+FIXED_FRAME) \ -+ RESTORE_FPR(extra+FIXED_FRAME+SAVE_GPR_SIZE) \ -+ RESTORE_VR(extra+FIXED_FRAME+SAVE_GPR_SIZE+SAVE_FPR_SIZE, R0) \ -+ ADD $(extra+FIXED_FRAME+SAVE_ALL_REG_SIZE), R1 \ -+ MOVD 16(R1), R0 \ -+ MOVD R0, LR \ -+ MOVD 8(R1), R0 \ -+ MOVW R0, CR -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_riscv64.h b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_riscv64.h -new file mode 100644 -index 00000000000000..b9322e0c53e2ac ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/abi_riscv64.h -@@ -0,0 +1,72 @@ -+// Copyright 2026 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+// Macros for transitioning from the host ABI to Go ABI0. -+// -+// These macros save and restore the callee-saved registers -+// from the stack, but they don't adjust stack pointer, so -+// the user should prepare stack space in advance. -+// SAVE_GPR(offset) saves X8, X9, X18-X27 to the stack space -+// of ((offset)+0*8)(X2) ~ ((offset)+11*8)(X2). -+// -+// SAVE_FPR(offset) saves F8, F9, F18-F27 to the stack space -+// of ((offset)+0*8)(X2) ~ ((offset)+11*8)(X2). -+// -+// Note: g is X27 -+ -+#define SAVE_GPR(offset) \ -+ MOV X8, ((offset)+0*8)(X2) \ -+ MOV X9, ((offset)+1*8)(X2) \ -+ MOV X18, ((offset)+2*8)(X2) \ -+ MOV X19, ((offset)+3*8)(X2) \ -+ MOV X20, ((offset)+4*8)(X2) \ -+ MOV X21, ((offset)+5*8)(X2) \ -+ MOV X22, ((offset)+6*8)(X2) \ -+ MOV X23, ((offset)+7*8)(X2) \ -+ MOV X24, ((offset)+8*8)(X2) \ -+ MOV X25, ((offset)+9*8)(X2) \ -+ MOV X26, ((offset)+10*8)(X2) \ -+ MOV g, ((offset)+11*8)(X2) -+ -+#define RESTORE_GPR(offset) \ -+ MOV ((offset)+0*8)(X2), X8 \ -+ MOV ((offset)+1*8)(X2), X9 \ -+ MOV ((offset)+2*8)(X2), X18 \ -+ MOV ((offset)+3*8)(X2), X19 \ -+ MOV ((offset)+4*8)(X2), X20 \ -+ MOV ((offset)+5*8)(X2), X21 \ -+ MOV ((offset)+6*8)(X2), X22 \ -+ MOV ((offset)+7*8)(X2), X23 \ -+ MOV ((offset)+8*8)(X2), X24 \ -+ MOV ((offset)+9*8)(X2), X25 \ -+ MOV ((offset)+10*8)(X2), X26 \ -+ MOV ((offset)+11*8)(X2), g -+ -+#define SAVE_FPR(offset) \ -+ MOVD F8, ((offset)+0*8)(X2) \ -+ MOVD F9, ((offset)+1*8)(X2) \ -+ MOVD F18, ((offset)+2*8)(X2) \ -+ MOVD F19, ((offset)+3*8)(X2) \ -+ MOVD F20, ((offset)+4*8)(X2) \ -+ MOVD F21, ((offset)+5*8)(X2) \ -+ MOVD F22, ((offset)+6*8)(X2) \ -+ MOVD F23, ((offset)+7*8)(X2) \ -+ MOVD F24, ((offset)+8*8)(X2) \ -+ MOVD F25, ((offset)+9*8)(X2) \ -+ MOVD F26, ((offset)+10*8)(X2) \ -+ MOVD F27, ((offset)+11*8)(X2) -+ -+#define RESTORE_FPR(offset) \ -+ MOVD ((offset)+0*8)(X2), F8 \ -+ MOVD ((offset)+1*8)(X2), F9 \ -+ MOVD ((offset)+2*8)(X2), F18 \ -+ MOVD ((offset)+3*8)(X2), F19 \ -+ MOVD ((offset)+4*8)(X2), F20 \ -+ MOVD ((offset)+5*8)(X2), F21 \ -+ MOVD ((offset)+6*8)(X2), F22 \ -+ MOVD ((offset)+7*8)(X2), F23 \ -+ MOVD ((offset)+8*8)(X2), F24 \ -+ MOVD ((offset)+9*8)(X2), F25 \ -+ MOVD ((offset)+10*8)(X2), F26 \ -+ MOVD ((offset)+11*8)(X2), F27 -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_386.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_386.s -new file mode 100644 -index 00000000000000..7475ec8a0b21fc ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_386.s -@@ -0,0 +1,29 @@ -+// Copyright 2009 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+#include "textflag.h" -+ -+// Called by C code generated by cmd/cgo. -+// func crosscall2(fn, a unsafe.Pointer, n int32, ctxt uintptr) -+// Saves C callee-saved registers and calls cgocallback with three arguments. -+// fn is the PC of a func(a unsafe.Pointer) function. -+TEXT crosscall2(SB), NOSPLIT, $28-16 -+ MOVL BP, 24(SP) -+ MOVL BX, 20(SP) -+ MOVL SI, 16(SP) -+ MOVL DI, 12(SP) -+ -+ MOVL ctxt+12(FP), AX -+ MOVL AX, 8(SP) -+ MOVL a+4(FP), AX -+ MOVL AX, 4(SP) -+ MOVL fn+0(FP), AX -+ MOVL AX, 0(SP) -+ CALL runtime·cgocallback(SB) -+ -+ MOVL 12(SP), DI -+ MOVL 16(SP), SI -+ MOVL 20(SP), BX -+ MOVL 24(SP), BP -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_amd64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_amd64.s +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors.go new file mode 100644 -index 00000000000000..2b7eb57f8ae783 +index 00000000000000..68711f8e43d70f --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_amd64.s -@@ -0,0 +1,39 @@ -+// Copyright 2009 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+#include "textflag.h" -+#include "abi_amd64.h" -+ -+// Called by C code generated by cmd/cgo. -+// func crosscall2(fn, a unsafe.Pointer, n int32, ctxt uintptr) -+// Saves C callee-saved registers and calls cgocallback with three arguments. -+// fn is the PC of a func(a unsafe.Pointer) function. -+// This signature is known to SWIG, so we can't change it. -+TEXT crosscall2(SB), NOSPLIT, $0-0 -+ PUSH_REGS_HOST_TO_ABI0() -+ -+ // Make room for arguments to cgocallback. -+ ADJSP $0x18 ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors.go +@@ -0,0 +1,119 @@ ++package ossl + -+#ifndef GOOS_windows -+ MOVQ DI, 0x0(SP) // fn -+ MOVQ SI, 0x8(SP) // arg ++/* ++#include // for calloc and free ++#include // for strdup ++#include "zossl.h" + -+ // Skip n in DX. -+ MOVQ CX, 0x10(SP) // ctxt ++// OpenSSL only allows a maximum of 16 errors to be stored in the error queue. ++#define ERR_NUM_MAX 16 + -+#else -+ MOVQ CX, 0x0(SP) // fn -+ MOVQ DX, 0x8(SP) // arg ++// ossl_err_state is a custom structure to hold the error state ++// of OpenSSL. ++typedef struct ossl_err_state_st { ++ unsigned long code[ERR_NUM_MAX]; ++ int line[ERR_NUM_MAX]; ++ char *file[ERR_NUM_MAX]; ++} ossl_err_state; + -+ // Skip n in R8. -+ MOVQ R9, 0x10(SP) // ctxt ++// mkcgo_err_retrieve retrieves the error state from OpenSSL. ++// It returns a pointer to a mkcgo_err_state structure ++// that contains the error codes, lines, and file names. ++// The caller is responsible for freeing the memory ++// by calling mkcgo_err_free. ++mkcgo_err_state mkcgo_err_retrieve() { ++ ossl_err_state *errs = (ossl_err_state *)calloc(1, sizeof(ossl_err_state)); ++ if (errs == NULL) return NULL; ++ ++ // Retrieve the errors from OpenSSL. ++ for (int i = 0; i < ERR_NUM_MAX; i++) { ++ const char *file; ++ if (_mkcgo_available_OPENSSL_version_major() == 1) { // Only available in OpenSSL 3. ++ // OpenSSL 3 error handling ++ errs->code[i] = _mkcgo_ERR_get_error_all(&file, &errs->line[i], NULL, NULL, NULL); ++ } else { ++ // OpenSSL 1 error handling ++ errs->code[i] = _mkcgo_ERR_get_error_line(&file, &errs->line[i]); ++ } ++ if (errs->code[i] == 0) { ++ break; ++ } ++ if (file != NULL) { ++ // Copy the file name as the pointer we just retrieved will be freed by OpenSSL ++ // when the error queue is cleared. ++ errs->file[i] = strdup(file); ++ } ++ } ++ return errs; ++} + -+#endif ++// mkcgo_err_free frees the memory allocated for the mkcgo_err_state structure. ++void mkcgo_err_free(mkcgo_err_state errs) { ++ if (errs == NULL) return; + -+ CALL runtime·cgocallback(SB) ++ ossl_err_state *oerrs = (ossl_err_state *)errs; ++ for (int i = 0; i < ERR_NUM_MAX; i++) { ++ if (oerrs->file[i] != NULL) { ++ free((void *)oerrs->file[i]); ++ } ++ } ++ free(errs); ++} ++*/ ++import "C" ++import ( ++ "bytes" ++ "errors" ++ "strconv" ++ "strings" ++ "unsafe" ++) + -+ ADJSP $-0x18 -+ POP_REGS_HOST_TO_ABI0() -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_arm.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_arm.s -new file mode 100644 -index 00000000000000..68034e6035aa44 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_arm.s -@@ -0,0 +1,52 @@ -+// Copyright 2012 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. ++// newMkcgoErr creates a new error from the given mkcgo_err_state ++// and frees the state. If errst is nil, it returns nil. ++func newMkcgoErr(msg string, errst C.mkcgo_err_state) error { ++ if errst == nil { ++ return nil ++ } ++ defer C.mkcgo_err_free(errst) ++ oerrst := (*C.ossl_err_state)(unsafe.Pointer(errst)) ++ var b strings.Builder ++ b.WriteString(msg) ++ b.WriteString("\nopenssl error(s):") ++ for i := range C.ERR_NUM_MAX { ++ e := uint32(oerrst.code[i]) ++ if e == 0 { ++ break ++ } ++ b.WriteByte('\n') ++ var buf [256]byte ++ ERR_error_string_n(e, unsafe.SliceData(buf[:]), len(buf)) ++ if termIdx := bytes.IndexByte(buf[:], 0); termIdx != -1 { ++ b.Write(buf[:termIdx]) ++ } else { ++ b.Write(buf[:]) ++ } ++ if oerrst.file[i] == nil { ++ // info not available ++ continue ++ } ++ b.WriteString("\n\t") ++ b.Write(cstrBytes(oerrst.file[i])) ++ b.WriteByte(':') ++ b.WriteString(strconv.Itoa(int(oerrst.line[i]))) ++ } ++ return errors.New(b.String()) ++} + -+#include "textflag.h" -+ -+// Called by C code generated by cmd/cgo. -+// func crosscall2(fn, a unsafe.Pointer, n int32, ctxt uintptr) -+// Saves C callee-saved registers and calls cgocallback with three arguments. -+// fn is the PC of a func(a unsafe.Pointer) function. -+TEXT crosscall2(SB), NOSPLIT|NOFRAME, $0 -+ SUB $(8*9), R13 // Reserve space for the floating point registers. -+ -+ // The C arguments arrive in R0, R1, R2, and R3. We want to -+ // pass R0, R1, and R3 to Go, so we push those on the stack. -+ // Also, save C callee-save registers R4-R12. -+ MOVM.WP [R0, R1, R3, R4, R5, R6, R7, R8, R9, g, R11, R12], (R13) -+ -+ // Finally, save the link register R14. This also puts the -+ // arguments we pushed for cgocallback where they need to be, -+ // starting at 4(R13). -+ MOVW.W R14, -4(R13) -+ -+ // Save VFP callee-saved registers D8-D15 (same as S16-S31). -+ // Note: We always save these since we target hard-float ABI. -+ MOVD F8, (13*4+8*1)(R13) -+ MOVD F9, (13*4+8*2)(R13) -+ MOVD F10, (13*4+8*3)(R13) -+ MOVD F11, (13*4+8*4)(R13) -+ MOVD F12, (13*4+8*5)(R13) -+ MOVD F13, (13*4+8*6)(R13) -+ MOVD F14, (13*4+8*7)(R13) -+ MOVD F15, (13*4+8*8)(R13) -+ -+ BL runtime·load_g(SB) -+ -+ // We set up the arguments to cgocallback when saving registers above. -+ BL runtime·cgocallback(SB) -+ -+ MOVD (13*4+8*1)(R13), F8 -+ MOVD (13*4+8*2)(R13), F9 -+ MOVD (13*4+8*3)(R13), F10 -+ MOVD (13*4+8*4)(R13), F11 -+ MOVD (13*4+8*5)(R13), F12 -+ MOVD (13*4+8*6)(R13), F13 -+ MOVD (13*4+8*7)(R13), F14 -+ MOVD (13*4+8*8)(R13), F15 -+ -+ MOVW.P 4(R13), R14 -+ MOVM.IAW (R13), [R0, R1, R3, R4, R5, R6, R7, R8, R9, g, R11, R12] -+ ADD $(8*9), R13 -+ MOVW R14, R15 -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_arm64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_arm64.s ++// cstrBytes returns a byte slice containing the contents of the C string ++// pointed to by p. The slice does not include the terminating null byte. ++func cstrBytes(p *C.char) []byte { ++ if p == nil { ++ return nil ++ } ++ end := unsafe.Pointer(p) ++ for *(*byte)(end) != 0 { ++ end = unsafe.Add(end, 1) ++ } ++ return unsafe.Slice((*byte)(unsafe.Pointer(p)), uintptr(end)-uintptr(unsafe.Pointer(p))) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/ossl.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/ossl.go new file mode 100644 -index 00000000000000..50e5261d922c56 +index 00000000000000..e0d0b8e8bd8cf3 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_arm64.s -@@ -0,0 +1,36 @@ -+// Copyright 2015 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/ossl.go +@@ -0,0 +1,81 @@ ++// Package ossl provides a Go interface to OpenSSL. ++package ossl + -+#include "textflag.h" -+#include "abi_arm64.h" ++//go:generate go run ../../cmd/mkcgo -out zossl.go -package ossl shims.h + -+// Called by C code generated by cmd/cgo. -+// func crosscall2(fn, a unsafe.Pointer, n int32, ctxt uintptr) -+// Saves C callee-saved registers and calls cgocallback with three arguments. -+// fn is the PC of a func(a unsafe.Pointer) function. -+TEXT crosscall2(SB), NOSPLIT|NOFRAME, $0 +/* -+ * We still need to save all callee save register as before, and then -+ * push 3 args for fn (R0, R1, R3), skipping R2. -+ * Also note that at procedure entry in gc world, 8(RSP) will be the -+ * first arg. -+ */ -+ SUB $(8*24), RSP -+ STP (R0, R1), (8*1)(RSP) -+ MOVD R3, (8*3)(RSP) -+ -+ SAVE_R19_TO_R28(8*4) -+ SAVE_F8_TO_F15(8*14) -+ STP (R29, R30), (8*22)(RSP) -+ -+ // Initialize Go ABI environment -+ BL runtime·load_g(SB) -+ BL runtime·cgocallback(SB) -+ -+ RESTORE_R19_TO_R28(8*4) -+ RESTORE_F8_TO_F15(8*14) -+ LDP (8*22)(RSP), (R29, R30) -+ -+ ADD $(8*24), RSP -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_loong64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_loong64.s -new file mode 100644 -index 00000000000000..e81df86a56e4ad ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_loong64.s -@@ -0,0 +1,40 @@ -+// Copyright 2022 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+#include "textflag.h" -+#include "abi_loong64.h" ++#include "zossl.h" ++// go_hash_sum copies ctx into ctx2 and calls EVP_DigestFinal_ex using ctx2. ++// This is necessary because Go hash.Hash mandates that Sum has no effect ++// on the underlying stream. In particular it is OK to Sum, then Write more, ++// then Sum again, and the second Sum acts as if the first didn't happen. ++// It is written in C because Sum() tend to be in the hot path, ++// and doing one cgo call instead of two is a significant performance win. ++static inline int ++go_hash_sum(const _EVP_MD_CTX_PTR ctx, _EVP_MD_CTX_PTR ctx2, unsigned char *out, mkcgo_err_state *_err_state) ++{ ++ if (_mkcgo_EVP_MD_CTX_copy(ctx2, ctx, _err_state) != 1) ++ return -1; ++ if (_mkcgo_EVP_DigestFinal_ex(ctx2, out, NULL, _err_state) <= 0) ++ return -2; ++ return 1; ++} ++*/ ++import "C" ++import ( ++ "unsafe" ++) + -+// Called by C code generated by cmd/cgo. -+// func crosscall2(fn, a unsafe.Pointer, n int32, ctxt uintptr) -+// Saves C callee-saved registers and calls cgocallback with three arguments. -+// fn is the PC of a func(a unsafe.Pointer) function. -+TEXT crosscall2(SB), NOSPLIT|NOFRAME, $0 -+/* -+ * We still need to save all callee save register as before, and then -+ * push 3 args for fn (R4, R5, R7), skipping R6. -+ * Also note that at procedure entry in gc world, 8(R29) will be the -+ * first arg. -+ */ ++func HashSum(ctx1, ctx2 EVP_MD_CTX_PTR, out []byte) error { ++ var errst C.mkcgo_err_state ++ if code := C.go_hash_sum(ctx1, ctx2, (*C.uchar)(unsafe.SliceData(out)), mkcgoNoEscape(&errst)); code != 1 { ++ msg := "go_hash_sum" ++ switch code { ++ case -1: ++ msg = "EVP_MD_CTX_copy" ++ case -2: ++ msg = "EVP_DigestFinal_ex" ++ } ++ return newMkcgoErr(msg, errst) ++ } ++ return nil ++} + -+ ADDV $(-23*8), R3 -+ MOVV R4, (1*8)(R3) // fn unsafe.Pointer -+ MOVV R5, (2*8)(R3) // a unsafe.Pointer -+ MOVV R7, (3*8)(R3) // ctxt uintptr ++const _OSSL_PARAM_UNMODIFIED uint = uint(^uintptr(0)) + -+ SAVE_R22_TO_R31((4*8)) -+ SAVE_F24_TO_F31((14*8)) -+ MOVV R1, (22*8)(R3) ++// OSSL_PARAM is a structure to pass or request object parameters. ++// https://docs.openssl.org/3.0/man3/OSSL_PARAM/. ++type OSSL_PARAM struct { ++ Key *byte ++ DataType uint32 ++ Data unsafe.Pointer ++ DataSize uint ++ ReturnSize uint ++} + -+ // Initialize Go ABI environment -+ JAL runtime·load_g(SB) ++func ossl_param_construct(key *byte, dataType uint32, data unsafe.Pointer, dataSize int) OSSL_PARAM { ++ return OSSL_PARAM{ ++ Key: key, ++ DataType: dataType, ++ Data: data, ++ DataSize: uint(dataSize), ++ ReturnSize: _OSSL_PARAM_UNMODIFIED, ++ } ++} + -+ JAL runtime·cgocallback(SB) ++func OSSL_PARAM_construct_octet_string(key *byte, data unsafe.Pointer, dataSize int) OSSL_PARAM { ++ return ossl_param_construct(key, OSSL_PARAM_OCTET_STRING, data, dataSize) ++} + -+ RESTORE_R22_TO_R31((4*8)) -+ RESTORE_F24_TO_F31((14*8)) -+ MOVV (22*8)(R3), R1 ++func OSSL_PARAM_construct_int32(key *byte, data *int32) OSSL_PARAM { ++ return ossl_param_construct(key, OSSL_PARAM_INTEGER, unsafe.Pointer(data), 4) ++} + -+ ADDV $(23*8), R3 ++func OSSL_PARAM_construct_end() OSSL_PARAM { ++ return OSSL_PARAM{} ++} + -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_ppc64le.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_ppc64le.s ++func OSSL_PARAM_modified(param *OSSL_PARAM) bool { ++ // If ReturnSize is not set, the parameter has not been modified. ++ return param != nil && param.ReturnSize != _OSSL_PARAM_UNMODIFIED ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/shims.h b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/shims.h new file mode 100644 -index 00000000000000..6d1938cd8d8bcd +index 00000000000000..5790defeb6eb55 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_ppc64le.s -@@ -0,0 +1,82 @@ -+// Copyright 2014 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+#include "textflag.h" -+#include "abi_ppc64x.h" -+ -+// Called by C code generated by cmd/cgo. -+// func crosscall2(fn, a unsafe.Pointer, n int32, ctxt uintptr) -+// Saves C callee-saved registers and calls cgocallback with three arguments. -+// fn is the PC of a func(a unsafe.Pointer) function. -+// -+// This is a simplified version that only saves GPR and FPR registers, -+// not vector registers. This keeps the stack frame smaller to avoid -+// exceeding the nosplit stack limit. -+// -+// On PPC64LE ELFv2, callee-save registers are: -+// R14-R31 (18 GPRs = 144 bytes) -+// F14-F31 (18 FPRs = 144 bytes) -+// CR2-CR4 (saved in CR field) -+// -+// Stack layout (must be 16-byte aligned): -+// 32 (FIXED_FRAME) + 24 (args) + 144 (GPR) + 144 (FPR) = 344 -+// Rounded to 352 for 16-byte alignment. -+ -+#define FIXED_FRAME 32 -+#define SAVE_SIZE 352 -+#define GPR_OFFSET (FIXED_FRAME+24) -+#define FPR_OFFSET (GPR_OFFSET+SAVE_GPR_SIZE) -+ -+TEXT crosscall2(SB), NOSPLIT|NOFRAME, $0 -+ // Save LR and CR in caller's frame per ELFv2 ABI -+ MOVD LR, R0 -+ MOVD R0, 16(R1) -+ MOVW CR, R0 -+ MOVD R0, 8(R1) ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/shims.h +@@ -0,0 +1,399 @@ ++// This header file is used by the mkcgo tool to generate cgo and Go bindings for the ++// OpenSSL C API. Run "go generate ." to regenerate the bindings. ++// Do not include this file, import "zossl.h" instead. + -+ // Allocate our stack frame -+ MOVDU R1, -SAVE_SIZE(R1) ++#ifndef _GO_OSSL_SHIMS_H // only include this header once ++#define _GO_OSSL_SHIMS_H + -+ // Save TOC (R2) in case needed -+ MOVD R2, 24(R1) ++#include // size_t ++#include // uint64_t + -+ // Save callee-save GPRs -+ SAVE_GPR(GPR_OFFSET) ++// The following includes are used by the checkheader tool. ++// #include ++// #include ++// #include ++// #include ++// #include ++// #include ++// #include ++// #include ++// #include ++// #include ++// #if OPENSSL_VERSION_NUMBER >= 0x30000000L ++// #include ++// #include ++// #include ++// #include ++// #endif ++// #if OPENSSL_VERSION_NUMBER < 0x10100000L ++// #include ++// #endif + -+ // Save callee-save FPRs -+ SAVE_FPR(FPR_OFFSET) ++enum { ++ _POINT_CONVERSION_UNCOMPRESSED = 4, + -+ // Initialize R0 to 0 as expected by Go -+ MOVD $0, R0 ++ _OPENSSL_INIT_LOAD_CRYPTO_STRINGS = 0x00000002, ++ _OPENSSL_INIT_ADD_ALL_CIPHERS = 0x00000004, ++ _OPENSSL_INIT_ADD_ALL_DIGESTS = 0x00000008, ++ _OPENSSL_INIT_LOAD_CONFIG = 0x00000040, + -+ // Load the current g. -+ BL runtime·load_g(SB) ++ _EVP_CTRL_GCM_GET_TAG = 0x10, ++ _EVP_CTRL_GCM_SET_TAG = 0x11, ++ _EVP_PKEY_CTRL_MD = 1, ++ _EVP_PKEY_RSA = 6, ++ _EVP_PKEY_EC = 408, ++ _EVP_PKEY_TLS1_PRF = 1021, ++ _EVP_PKEY_HKDF = 1036, ++ _EVP_PKEY_ED25519 = 1087, ++ _EVP_PKEY_DSA = 116, ++ _EVP_PKEY_OP_DERIVE = (1 << 10), // this value differs between OpenSSL 1 and 3, but we only use it in 1 ++ _EVP_MAX_MD_SIZE = 64, + -+ // Set up arguments for cgocallback -+ MOVD R3, FIXED_FRAME+0(R1) // fn unsafe.Pointer -+ MOVD R4, FIXED_FRAME+8(R1) // a unsafe.Pointer ++ _EVP_PKEY_PUBLIC_KEY = 0x86, ++ _EVP_PKEY_KEYPAIR = 0x87, + -+ // Skip R5 = n uint32 -+ MOVD R6, FIXED_FRAME+16(R1) // ctxt uintptr -+ BL runtime·cgocallback(SB) ++ _EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID = 0x1001, + -+ // Restore callee-save FPRs -+ RESTORE_FPR(FPR_OFFSET) ++ _EVP_KDF_HKDF_MODE_EXTRACT_ONLY = 1, ++ _EVP_KDF_HKDF_MODE_EXPAND_ONLY = 2, + -+ // Restore callee-save GPRs -+ RESTORE_GPR(GPR_OFFSET) ++ _EVP_PKEY_CTRL_TLS_MD = 0x1000, ++ _EVP_PKEY_CTRL_TLS_SECRET = 0x1001, ++ _EVP_PKEY_CTRL_TLS_SEED = 0x1002, ++ _EVP_PKEY_CTRL_HKDF_MD = 0x1003, ++ _EVP_PKEY_CTRL_HKDF_SALT = 0x1004, ++ _EVP_PKEY_CTRL_HKDF_KEY = 0x1005, ++ _EVP_PKEY_CTRL_HKDF_INFO = 0x1006, ++ _EVP_PKEY_CTRL_HKDF_MODE = 0x1007, + -+ // Restore TOC -+ MOVD 24(R1), R2 ++ _NID_X9_62_prime256v1 = 415, ++ _NID_secp224r1 = 713, ++ _NID_secp384r1 = 715, ++ _NID_secp521r1 = 716, + -+ // Deallocate stack frame -+ ADD $SAVE_SIZE, R1 -+ -+ // Restore LR and CR from caller's frame -+ MOVD 16(R1), R0 -+ MOVD R0, LR -+ MOVD 8(R1), R0 -+ MOVW R0, CR ++ _RSA_PKCS1_PADDING = 1, ++ _RSA_NO_PADDING = 3, ++ _RSA_PKCS1_OAEP_PADDING = 4, ++ _RSA_PKCS1_PSS_PADDING = 6, ++ _RSA_PSS_SALTLEN_DIGEST = -1, ++ _RSA_PSS_SALTLEN_AUTO = -2, ++ _RSA_PSS_SALTLEN_MAX_SIGN = -2, ++ _RSA_PSS_SALTLEN_MAX = -3, ++ _EVP_PKEY_CTRL_RSA_PADDING = 0x1001, ++ _EVP_PKEY_CTRL_RSA_PSS_SALTLEN = 0x1002, ++ _EVP_PKEY_CTRL_RSA_KEYGEN_BITS = 0x1003, ++ _EVP_PKEY_CTRL_RSA_MGF1_MD = 0x1005, ++ _EVP_PKEY_CTRL_RSA_OAEP_MD = 0x1009, ++ _EVP_PKEY_CTRL_RSA_OAEP_LABEL = 0x100A, ++ _EVP_PKEY_CTRL_DSA_PARAMGEN_BITS = 0x1001, ++ _EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS = 0x1002, + -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_riscv64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_riscv64.s -new file mode 100644 -index 00000000000000..d34699e5a84d2a ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_riscv64.s -@@ -0,0 +1,37 @@ -+// Copyright 2020 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. ++ _OSSL_PARAM_INTEGER = 1, ++ _OSSL_PARAM_OCTET_STRING = 5, ++}; + -+#include "textflag.h" -+#include "abi_riscv64.h" ++typedef void* _OPENSSL_INIT_SETTINGS_PTR; ++typedef void* _OSSL_LIB_CTX_PTR; ++typedef void* _OSSL_PROVIDER_PTR; ++typedef void* _ENGINE_PTR; ++typedef void* _EVP_PKEY_PTR; ++typedef void* _EVP_PKEY_CTX_PTR; ++typedef void* _EVP_MD_PTR; ++typedef void* _EVP_MD_CTX_PTR; ++typedef void* _HMAC_CTX_PTR; ++typedef void* _EVP_CIPHER_PTR; ++typedef void* _EVP_CIPHER_CTX_PTR; ++typedef void* _EC_KEY_PTR; ++typedef void* _EC_POINT_PTR; ++typedef void* _EC_GROUP_PTR; ++typedef void* _RSA_PTR; ++typedef void* _BIGNUM_PTR; ++typedef void* _BN_CTX_PTR; ++typedef void* _EVP_MAC_PTR; ++typedef void* _EVP_MAC_CTX_PTR; ++typedef void* _OSSL_PARAM_BLD_PTR; ++typedef void* _OSSL_PARAM_PTR; ++typedef void* _EVP_SIGNATURE_PTR; ++typedef void* _DSA_PTR; ++typedef void* _EVP_KDF_PTR; ++typedef void* _EVP_KDF_CTX_PTR; ++typedef int point_conversion_form_t; + -+// Called by C code generated by cmd/cgo. -+// func crosscall2(fn, a unsafe.Pointer, n int32, ctxt uintptr) -+// Saves C callee-saved registers and calls cgocallback with three arguments. -+// fn is the PC of a func(a unsafe.Pointer) function. -+TEXT crosscall2(SB), NOSPLIT|NOFRAME, $0 -+/* -+ * Push arguments for fn (X10, X11, X13), along with all callee-save -+ * registers. Note that at procedure entry the first argument is at -+ * 8(X2). -+ */ -+ ADD $(-8*29), X2 -+ MOV X10, (8*1)(X2) // fn unsafe.Pointer -+ MOV X11, (8*2)(X2) // a unsafe.Pointer -+ MOV X13, (8*3)(X2) // ctxt uintptr -+ -+ SAVE_GPR((8*4)) -+ MOV X1, (8*16)(X2) -+ SAVE_FPR((8*17)) -+ -+ // Initialize Go ABI environment -+ CALL runtime·load_g(SB) -+ CALL runtime·cgocallback(SB) -+ -+ RESTORE_GPR((8*4)) -+ MOV (8*16)(X2), X1 -+ RESTORE_FPR((8*17)) -+ -+ ADD $(8*29), X2 -+ -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_s390x.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_s390x.s -new file mode 100644 -index 00000000000000..b64466501dee38 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/asm_s390x.s -@@ -0,0 +1,55 @@ -+// Copyright 2016 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. ++// Tags used by mkcgo to determine which OpenSSL version each function is available in: ++// - no tag: OpenSSL 1.0 or later ++// - legacy_1: Only OpenSSL 1 ++// - 3: OpenSSL 3.0 or later ++// - 111: OpenSSL 1.1.1 or later + -+#include "textflag.h" -+ -+// Called by C code generated by cmd/cgo. -+// func crosscall2(fn, a unsafe.Pointer, n int32, ctxt uintptr) -+// Saves C callee-saved registers and calls cgocallback with three arguments. -+// fn is the PC of a func(a unsafe.Pointer) function. -+TEXT crosscall2(SB), NOSPLIT|NOFRAME, $0 -+ // Start with standard C stack frame layout and linkage. -+ -+ // Save R6-R15 in the register save area of the calling function. -+ STMG R6, R15, 48(R15) -+ -+ // Allocate 96 bytes on the stack. -+ MOVD $-96(R15), R15 -+ -+ // Save F8-F15 in our stack frame. -+ FMOVD F8, 32(R15) -+ FMOVD F9, 40(R15) -+ FMOVD F10, 48(R15) -+ FMOVD F11, 56(R15) -+ FMOVD F12, 64(R15) -+ FMOVD F13, 72(R15) -+ FMOVD F14, 80(R15) -+ FMOVD F15, 88(R15) -+ -+ // Initialize Go ABI environment. -+ BL runtime·load_g(SB) -+ -+ MOVD R2, 8(R15) // fn unsafe.Pointer -+ MOVD R3, 16(R15) // a unsafe.Pointer -+ -+ // Skip R4 = n uint32 -+ MOVD R5, 24(R15) // ctxt uintptr -+ BL runtime·cgocallback(SB) -+ -+ FMOVD 32(R15), F8 -+ FMOVD 40(R15), F9 -+ FMOVD 48(R15), F10 -+ FMOVD 56(R15), F11 -+ FMOVD 64(R15), F12 -+ FMOVD 72(R15), F13 -+ FMOVD 80(R15), F14 -+ FMOVD 88(R15), F15 -+ -+ // De-allocate stack frame. -+ MOVD $96(R15), R15 -+ -+ // Restore R6-R15. -+ LMG 48(R15), R6, R15 -+ -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/callbacks.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/callbacks.go -new file mode 100644 -index 00000000000000..f29e690cc15b3a ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/callbacks.go -@@ -0,0 +1,93 @@ -+// Copyright 2011 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. ++// The noescape/nocallback attributes are performance optimizations. ++// Only add functions that have been observed to benefit from these ++// directives, not every function that is merely expected to meet ++// the noescape/nocallback criteria. + -+//go:build !cgo && (darwin || freebsd || linux) ++// ERR API ++void ERR_error_string_n(unsigned long e, char *buf, size_t len); ++void ERR_clear_error(void) __attribute__((tag(""),tag("init_3"))); ++unsigned long ERR_get_error_line(const char **file, int *line) __attribute__((tag("legacy_1"),noerror)); ++unsigned long ERR_get_error_all(const char **file, int *line, const char **func, const char **data, int *flags) __attribute__((tag("3"),noerror)); + -+package fakecgo ++// OPENSSL API ++const char *OpenSSL_version(int type) __attribute__((noerror)); ++void OPENSSL_init(void); ++int OPENSSL_init_crypto(uint64_t ops, const _OPENSSL_INIT_SETTINGS_PTR settings); ++unsigned long OpenSSL_version_num(void) __attribute__((tag("version"),optional,noerror)); ++unsigned int OPENSSL_version_major(void) __attribute__((tag("version"),optional,noerror)); ++unsigned int OPENSSL_version_minor(void) __attribute__((tag("version"),optional,noerror)); ++unsigned int OPENSSL_version_patch(void) __attribute__((tag("version"),optional,noerror)); + -+import ( -+ _ "unsafe" -+) ++// CRYPTO API ++void *CRYPTO_malloc(size_t num, const char *file, int line); ++void CRYPTO_free(void *str, const char *file, int line); + -+// TODO: decide if we need _runtime_cgo_panic_internal ++// FIPS API ++int FIPS_mode(void) __attribute__((tag("legacy_1"),tag("init_1"),noerror)); ++int FIPS_mode_set(int r) __attribute__((tag("legacy_1"),tag("init_1"))); + -+//go:linkname x_cgo_init_trampoline x_cgo_init_trampoline -+//go:linkname _cgo_init _cgo_init -+var x_cgo_init_trampoline byte -+var _cgo_init = &x_cgo_init_trampoline ++// EVP Config API ++int EVP_default_properties_is_fips_enabled(_OSSL_LIB_CTX_PTR libctx) __attribute__((tag("3"),tag("init_3"),noerror)); ++int EVP_default_properties_enable_fips(_OSSL_LIB_CTX_PTR libctx, int enable) __attribute__((tag("3"))); + -+// Creates a new system thread without updating any Go state. -+// -+// This method is invoked during shared library loading to create a new OS -+// thread to perform the runtime initialization. This method is similar to -+// _cgo_sys_thread_start except that it doesn't update any Go state. ++// OSSL_PROVIDER API ++int OSSL_PROVIDER_available(_OSSL_LIB_CTX_PTR libctx, const char *name) __attribute__((tag("3"),noerror)); ++_OSSL_PROVIDER_PTR OSSL_PROVIDER_try_load(_OSSL_LIB_CTX_PTR libctx, const char *name, int retain_fallbacks) __attribute__((tag("3"))); ++const char *OSSL_PROVIDER_get0_name(const _OSSL_PROVIDER_PTR prov) __attribute__((tag("3"),noerror)); + -+//go:linkname x_cgo_thread_start_trampoline x_cgo_thread_start_trampoline -+//go:linkname _cgo_thread_start _cgo_thread_start -+var x_cgo_thread_start_trampoline byte -+var _cgo_thread_start = &x_cgo_thread_start_trampoline ++// RAND API ++int RAND_bytes(unsigned char *arg0, int arg1) __attribute__((noescape,nocallback)); + -+// Notifies that the runtime has been initialized. -+// -+// We currently block at every CGO entry point (via _cgo_wait_runtime_init_done) -+// to ensure that the runtime has been initialized before the CGO call is -+// executed. This is necessary for shared libraries where we kickoff runtime -+// initialization in a separate thread and return without waiting for this -+// thread to complete the init. -+ -+//go:linkname x_cgo_notify_runtime_init_done_trampoline x_cgo_notify_runtime_init_done_trampoline -+//go:linkname _cgo_notify_runtime_init_done _cgo_notify_runtime_init_done -+var x_cgo_notify_runtime_init_done_trampoline byte -+var _cgo_notify_runtime_init_done = &x_cgo_notify_runtime_init_done_trampoline -+ -+// Indicates whether a dummy thread key has been created or not. -+// -+// When calling go exported function from C, we register a destructor -+// callback, for a dummy thread key, by using pthread_key_create. ++// EVP_MD API ++_EVP_MD_PTR EVP_MD_fetch(_OSSL_LIB_CTX_PTR ctx, const char *algorithm, const char *properties) __attribute__((tag("3"),tag("init_3"))); ++void EVP_MD_free(_EVP_MD_PTR md) __attribute__((tag("3"),tag("init_3"))); ++const char *EVP_MD_get0_name(const _EVP_MD_PTR md) __attribute__((tag("3"),noerror)); ++int EVP_MD_get_type(const _EVP_MD_PTR md) __attribute__((tag("3"),noerror)); ++const _OSSL_PROVIDER_PTR EVP_MD_get0_provider(const _EVP_MD_PTR md) __attribute__((tag("3"),tag("init_3"),noerror)); ++int EVP_MD_get_size(const _EVP_MD_PTR md) __attribute__((tag("3"),tag("legacy_1","EVP_MD_size"),noerror)); ++int EVP_MD_get_block_size(const _EVP_MD_PTR md) __attribute__((tag("3"),tag("legacy_1","EVP_MD_block_size"),noerror)); ++const _EVP_MD_PTR EVP_md5_sha1(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_ripemd160(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_md4(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_md5(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_sha1(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_sha224(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_sha256(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_sha384(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_sha512(void) __attribute__((noerror)); ++const _EVP_MD_PTR EVP_sha512_224(void) __attribute__((tag("111"),noerror)); ++const _EVP_MD_PTR EVP_sha512_256(void) __attribute__((tag("111"),noerror)); ++const _EVP_MD_PTR EVP_sha3_224(void) __attribute__((tag("111"),noerror)); ++const _EVP_MD_PTR EVP_sha3_256(void) __attribute__((tag("111"),noerror)); ++const _EVP_MD_PTR EVP_sha3_384(void) __attribute__((tag("111"),noerror)); ++const _EVP_MD_PTR EVP_sha3_512(void) __attribute__((tag("111"),noerror)); + -+//go:linkname _cgo_pthread_key_created _cgo_pthread_key_created -+var x_cgo_pthread_key_created uintptr -+var _cgo_pthread_key_created = &x_cgo_pthread_key_created ++_EVP_MD_CTX_PTR EVP_MD_CTX_new(void); ++void EVP_MD_CTX_free(_EVP_MD_CTX_PTR ctx); ++int EVP_MD_CTX_copy(_EVP_MD_CTX_PTR out, const _EVP_MD_CTX_PTR in) __attribute__((noescape,nocallback)); ++int EVP_MD_CTX_copy_ex(_EVP_MD_CTX_PTR out, const _EVP_MD_CTX_PTR in); ++const _OSSL_PARAM_PTR EVP_MD_CTX_gettable_params(_EVP_MD_CTX_PTR ctx) __attribute__((tag("3"))); ++const _OSSL_PARAM_PTR EVP_MD_CTX_settable_params(_EVP_MD_CTX_PTR ctx) __attribute__((tag("3"))); ++int EVP_MD_CTX_get_params(_EVP_MD_CTX_PTR ctx, _OSSL_PARAM_PTR params) __attribute__((tag("3"))); ++int EVP_MD_CTX_set_params(_EVP_MD_CTX_PTR ctx, const _OSSL_PARAM_PTR params) __attribute__((tag("3"))); ++int EVP_Digest(const void *data, size_t count, unsigned char *md, unsigned int *size, const _EVP_MD_PTR type, _ENGINE_PTR impl) __attribute__((noescape,nocallback,nocheckptr("data"))); ++int EVP_DigestInit_ex(_EVP_MD_CTX_PTR ctx, const _EVP_MD_PTR type, _ENGINE_PTR impl); ++int EVP_DigestInit(_EVP_MD_CTX_PTR ctx, const _EVP_MD_PTR type); ++int EVP_DigestUpdate(_EVP_MD_CTX_PTR ctx, const void *d, size_t cnt) __attribute__((noescape,nocallback,nocheckptr("d"))); ++int EVP_DigestFinal_ex(_EVP_MD_CTX_PTR ctx, unsigned char *md, unsigned int *s) __attribute__((noescape,nocallback)); ++int EVP_DigestSign(_EVP_MD_CTX_PTR ctx, unsigned char *sigret, size_t *siglen, const unsigned char *tbs, size_t tbslen) __attribute__((tag("111"),noescape,nocallback)); ++int EVP_DigestSignInit(_EVP_MD_CTX_PTR ctx, _EVP_PKEY_CTX_PTR *pctx, const _EVP_MD_PTR type, _ENGINE_PTR e, _EVP_PKEY_PTR pkey); ++int EVP_DigestSignFinal(_EVP_MD_CTX_PTR ctx, unsigned char *sig, size_t *siglen); ++int EVP_DigestVerifyInit(_EVP_MD_CTX_PTR ctx, _EVP_PKEY_CTX_PTR *pctx, const _EVP_MD_PTR type, _ENGINE_PTR e, _EVP_PKEY_PTR pkey); ++int EVP_DigestVerifyFinal(_EVP_MD_CTX_PTR ctx, const unsigned char *sig, size_t siglen); ++int EVP_DigestVerify(_EVP_MD_CTX_PTR ctx, const unsigned char *sigret, size_t siglen, const unsigned char *tbs, size_t tbslen) __attribute__((tag("111"))); + -+// Set the x_crosscall2_ptr C function pointer variable point to crosscall2. -+// It's for the runtime package to call at init time. -+func set_crosscall2() { -+ // nothing needs to be done here for fakecgo -+ // because it's possible to just call cgocallback directly -+} ++// HMAC API ++int HMAC_Init_ex(_HMAC_CTX_PTR arg0, const void *arg1, int arg2, const _EVP_MD_PTR arg3, _ENGINE_PTR arg4) __attribute__((tag("legacy_1"))); ++int HMAC_Update(_HMAC_CTX_PTR arg0, const unsigned char *arg1, size_t arg2) __attribute__((tag("legacy_1"))); ++int HMAC_Final(_HMAC_CTX_PTR arg0, unsigned char *arg1, unsigned int *arg2) __attribute__((tag("legacy_1"))); + -+//go:linkname _set_crosscall2 runtime.set_crosscall2 -+var _set_crosscall2 = set_crosscall2 ++_HMAC_CTX_PTR HMAC_CTX_new(void) __attribute__((tag("legacy_1"))); ++int HMAC_CTX_copy(_HMAC_CTX_PTR dest, _HMAC_CTX_PTR src) __attribute__((tag("legacy_1"))); ++void HMAC_CTX_free(_HMAC_CTX_PTR arg0) __attribute__((tag("legacy_1"))); + -+// Store the g into the thread-specific value. -+// So that pthread_key_destructor will dropm when the thread is exiting. ++// EVP_CIPHER API ++_EVP_CIPHER_PTR EVP_CIPHER_fetch(_OSSL_LIB_CTX_PTR ctx, const char *algorithm, const char *properties) __attribute__((tag("3"))); ++const char *EVP_CIPHER_get0_name(const _EVP_CIPHER_PTR cipher) __attribute__((tag("3"),noerror)); ++const _EVP_CIPHER_PTR EVP_aes_128_gcm(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_aes_128_cbc(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_aes_128_ctr(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_aes_128_ecb(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_aes_192_gcm(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_aes_192_cbc(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_aes_192_ctr(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_aes_192_ecb(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_aes_256_cbc(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_aes_256_ctr(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_aes_256_ecb(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_aes_256_gcm(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_des_ecb(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_des_cbc(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_des_ede3_ecb(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_des_ede3_cbc(void) __attribute__((noerror)); ++const _EVP_CIPHER_PTR EVP_rc4(void) __attribute__((noerror)); ++int EVP_CIPHER_get_block_size(const _EVP_CIPHER_PTR cipher) __attribute__((tag("3"),tag("legacy_1","EVP_CIPHER_block_size"),noerror)); + -+//go:linkname x_cgo_bindm_trampoline x_cgo_bindm_trampoline -+//go:linkname _cgo_bindm _cgo_bindm -+var x_cgo_bindm_trampoline byte -+var _cgo_bindm = &x_cgo_bindm_trampoline ++_EVP_CIPHER_CTX_PTR EVP_CIPHER_CTX_new(void); ++int EVP_CIPHER_CTX_set_padding(_EVP_CIPHER_CTX_PTR x, int padding); ++int EVP_CIPHER_CTX_set_key_length(_EVP_CIPHER_CTX_PTR x, int keylen); ++void EVP_CIPHER_CTX_free(_EVP_CIPHER_CTX_PTR arg0); ++int EVP_CIPHER_CTX_ctrl(_EVP_CIPHER_CTX_PTR ctx, int type, int arg, void *ptr); ++int EVP_CipherInit_ex(_EVP_CIPHER_CTX_PTR ctx, const _EVP_CIPHER_PTR type, _ENGINE_PTR impl, const unsigned char *key, const unsigned char *iv, int enc); ++int EVP_CipherUpdate(_EVP_CIPHER_CTX_PTR ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) __attribute__((noescape,nocallback)); ++int EVP_EncryptInit_ex(_EVP_CIPHER_CTX_PTR ctx, const _EVP_CIPHER_PTR type, _ENGINE_PTR impl, const unsigned char *key, const unsigned char *iv); ++int EVP_EncryptUpdate(_EVP_CIPHER_CTX_PTR ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) __attribute__((noescape,nocallback)); ++int EVP_EncryptFinal_ex(_EVP_CIPHER_CTX_PTR ctx, unsigned char *out, int *outl) __attribute__((noescape,nocallback)); ++int EVP_DecryptInit_ex(_EVP_CIPHER_CTX_PTR ctx, const _EVP_CIPHER_PTR type, _ENGINE_PTR impl, const unsigned char *key, const unsigned char *iv); ++int EVP_DecryptUpdate(_EVP_CIPHER_CTX_PTR ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) __attribute__((noescape,nocallback)); ++int EVP_DecryptFinal_ex(_EVP_CIPHER_CTX_PTR ctx, unsigned char *outm, int *outl) __attribute__((noescape,nocallback)); + -+// TODO: decide if we need x_cgo_set_context_function -+// TODO: decide if we need _cgo_yield ++// EVP_PKEY API ++_EVP_PKEY_PTR EVP_PKEY_new(void); ++_EVP_PKEY_PTR EVP_PKEY_new_raw_private_key(int type, _ENGINE_PTR e, const unsigned char *key, size_t keylen) __attribute__((tag("111"))); ++_EVP_PKEY_PTR EVP_PKEY_new_raw_public_key(int type, _ENGINE_PTR e, const unsigned char *key, size_t keylen) __attribute__((tag("111"))); ++int EVP_PKEY_get_size(const _EVP_PKEY_PTR pkey) __attribute__((tag("3"),tag("legacy_1","EVP_PKEY_size"))); ++int EVP_PKEY_get_bits(const _EVP_PKEY_PTR pkey) __attribute__((tag("3"),tag("legacy_1","EVP_PKEY_bits"))); ++void EVP_PKEY_free(_EVP_PKEY_PTR arg0); ++_RSA_PTR EVP_PKEY_get1_RSA(_EVP_PKEY_PTR pkey) __attribute__((tag("legacy_1"))); ++int EVP_PKEY_assign(_EVP_PKEY_PTR pkey, int type, void *key) __attribute__((tag("legacy_1"))); ++_EC_KEY_PTR EVP_PKEY_get0_EC_KEY(_EVP_PKEY_PTR pkey) __attribute__((tag("legacy_1"))); ++_DSA_PTR EVP_PKEY_get0_DSA(_EVP_PKEY_PTR pkey) __attribute__((tag("legacy_1"))); ++int EVP_PKEY_set1_encoded_public_key(_EVP_PKEY_PTR pkey, const unsigned char *pub, size_t publen) __attribute__((tag("3"))); ++size_t EVP_PKEY_get1_encoded_public_key(_EVP_PKEY_PTR pkey, unsigned char **ppub) __attribute__((tag("3"))); ++int EVP_PKEY_get_bn_param(const _EVP_PKEY_PTR pkey, const char *key_name, _BIGNUM_PTR *bn) __attribute__((tag("3"))); ++int EVP_PKEY_up_ref(_EVP_PKEY_PTR key) __attribute__((tag("3"))); ++int EVP_PKEY_set1_EC_KEY(_EVP_PKEY_PTR pkey, _EC_KEY_PTR key) __attribute__((tag("legacy_1"))); ++int EVP_PKEY_CTX_set0_rsa_oaep_label(_EVP_PKEY_CTX_PTR ctx, void *label, int len) __attribute__((tag("3"))); ++int EVP_PKEY_get_raw_public_key(const _EVP_PKEY_PTR pkey, unsigned char *pub, size_t *len) __attribute__((tag("111"),noescape,nocallback)); ++int EVP_PKEY_get_raw_private_key(const _EVP_PKEY_PTR pkey, unsigned char *priv, size_t *len) __attribute__((tag("111"),noescape,nocallback)); ++int EVP_PKEY_fromdata_init(_EVP_PKEY_CTX_PTR ctx) __attribute__((tag("3"))); ++int EVP_PKEY_fromdata(_EVP_PKEY_CTX_PTR ctx, _EVP_PKEY_PTR *pkey, int selection, _OSSL_PARAM_PTR params) __attribute__((tag("3"))); ++int EVP_PKEY_paramgen_init(_EVP_PKEY_CTX_PTR ctx); ++int EVP_PKEY_paramgen(_EVP_PKEY_CTX_PTR ctx, _EVP_PKEY_PTR *ppkey); ++int EVP_PKEY_keygen_init(_EVP_PKEY_CTX_PTR ctx); ++int EVP_PKEY_keygen(_EVP_PKEY_CTX_PTR ctx, _EVP_PKEY_PTR *ppkey); ++int EVP_PKEY_decrypt(_EVP_PKEY_CTX_PTR arg0, unsigned char *arg1, size_t *arg2, const unsigned char *arg3, size_t arg4); ++int EVP_PKEY_encrypt(_EVP_PKEY_CTX_PTR arg0, unsigned char *arg1, size_t *arg2, const unsigned char *arg3, size_t arg4); ++int EVP_PKEY_decrypt_init(_EVP_PKEY_CTX_PTR arg0); ++int EVP_PKEY_encrypt_init(_EVP_PKEY_CTX_PTR arg0); ++int EVP_PKEY_sign_init(_EVP_PKEY_CTX_PTR arg0); ++int EVP_PKEY_verify_init(_EVP_PKEY_CTX_PTR arg0); ++int EVP_PKEY_sign(_EVP_PKEY_CTX_PTR arg0, unsigned char *arg1, size_t *arg2, const unsigned char *arg3, size_t arg4); ++int EVP_PKEY_verify(_EVP_PKEY_CTX_PTR ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen); ++int EVP_PKEY_derive_init(_EVP_PKEY_CTX_PTR ctx); ++int EVP_PKEY_derive_set_peer(_EVP_PKEY_CTX_PTR ctx, _EVP_PKEY_PTR peer); ++int EVP_PKEY_derive(_EVP_PKEY_CTX_PTR ctx, unsigned char *key, size_t *keylen) __attribute__((noescape,nocallback)); ++int EVP_PKEY_public_check_quick(_EVP_PKEY_CTX_PTR ctx) __attribute__((tag("3"))); ++int EVP_PKEY_private_check(_EVP_PKEY_CTX_PTR ctx) __attribute__((tag("3"))); ++_EVP_PKEY_PTR EVP_PKEY_Q_keygen(_OSSL_LIB_CTX_PTR ctx, const char *propq, const char *type, ...) __attribute__((tag("3"))); ++_EVP_PKEY_PTR EVP_PKEY_Q_keygen_RSA(_OSSL_LIB_CTX_PTR ctx, const char *propq, const char *type, size_t arg1) __attribute__((tag("3"),variadic("EVP_PKEY_Q_keygen"))); ++_EVP_PKEY_PTR EVP_PKEY_Q_keygen_EC(_OSSL_LIB_CTX_PTR ctx, const char *propq, const char *type, const char *arg1) __attribute__((tag("3"),variadic("EVP_PKEY_Q_keygen"))); ++_EVP_PKEY_PTR EVP_PKEY_Q_keygen_ED25519(_OSSL_LIB_CTX_PTR ctx, const char *propq, const char *type) __attribute__((tag("3"),variadic("EVP_PKEY_Q_keygen"))); + -+var ( -+ // In Go 1.20 the race detector was rewritten to pure Go -+ // on darwin. This means that when CGO_ENABLED=0 is set -+ // fakecgo is built with race detector code. This is not -+ // good since this code is pretending to be C. The go:norace -+ // pragma is not enough, since it only applies to the native -+ // ABIInternal function. The ABIO wrapper (which is necessary, -+ // since all references to text symbols from assembly will use it) -+ // does not inherit the go:norace pragma, so it will still be -+ // instrumented by the race detector. -+ // -+ // To circumvent this issue, using closure calls in the -+ // assembly, which forces the compiler to use the ABIInternal -+ // native implementation (which has go:norace) instead. -+ threadentry_call = threadentry -+ x_cgo_init_call = x_cgo_init -+ x_cgo_setenv_call = x_cgo_setenv -+ x_cgo_unsetenv_call = x_cgo_unsetenv -+ x_cgo_thread_start_call = x_cgo_thread_start -+) -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/fakecgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/fakecgo.go -new file mode 100644 -index 00000000000000..58b95e1f4157f2 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/fakecgo.go -@@ -0,0 +1,14 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2025 The Ebitengine Authors ++_EVP_PKEY_CTX_PTR EVP_PKEY_CTX_new(_EVP_PKEY_PTR arg0, _ENGINE_PTR arg1); ++_EVP_PKEY_CTX_PTR EVP_PKEY_CTX_new_id(int id, _ENGINE_PTR e); ++_EVP_PKEY_CTX_PTR EVP_PKEY_CTX_new_from_pkey(_OSSL_LIB_CTX_PTR libctx, _EVP_PKEY_PTR pkey, const char *propquery) __attribute__((tag("3"))); ++void EVP_PKEY_CTX_free(_EVP_PKEY_CTX_PTR arg0); ++int EVP_PKEY_CTX_ctrl(_EVP_PKEY_CTX_PTR ctx, int keytype, int optype, int cmd, int p1, void *p2); ++int EVP_PKEY_CTX_set_hkdf_mode(_EVP_PKEY_CTX_PTR arg0, int arg1) __attribute__((tag("3"))); ++int EVP_PKEY_CTX_set_hkdf_md(_EVP_PKEY_CTX_PTR arg0, const _EVP_MD_PTR arg1) __attribute__((tag("3"))); ++int EVP_PKEY_CTX_set1_hkdf_salt(_EVP_PKEY_CTX_PTR arg0, const unsigned char *arg1, int arg2) __attribute__((tag("3"))); ++int EVP_PKEY_CTX_set1_hkdf_key(_EVP_PKEY_CTX_PTR arg0, const unsigned char *arg1, int arg2) __attribute__((tag("3"))); ++int EVP_PKEY_CTX_add1_hkdf_info(_EVP_PKEY_CTX_PTR arg0, const unsigned char *arg1, int arg2) __attribute__((tag("3"))); + -+//go:build !cgo && (darwin || freebsd || linux) ++// RSA API ++_RSA_PTR RSA_new(void) __attribute__((tag("legacy_1"))); ++void RSA_free(_RSA_PTR arg0) __attribute__((tag("legacy_1"))); ++void RSA_get0_factors(const _RSA_PTR rsa, const _BIGNUM_PTR *p, const _BIGNUM_PTR *q) __attribute__((tag("legacy_1"),noerror)); ++int RSA_set0_factors(_RSA_PTR rsa, _BIGNUM_PTR p, _BIGNUM_PTR q) __attribute__((tag("legacy_1"))); ++void RSA_get0_crt_params(const _RSA_PTR r, const _BIGNUM_PTR *dmp1, const _BIGNUM_PTR *dmq1, const _BIGNUM_PTR *iqmp) __attribute__((tag("legacy_1"),noerror)); ++int RSA_set0_crt_params(_RSA_PTR rsa, _BIGNUM_PTR dmp1, _BIGNUM_PTR dmp2, _BIGNUM_PTR iqmp) __attribute__((tag("legacy_1"))); ++void RSA_get0_key(const _RSA_PTR rsa, const _BIGNUM_PTR *n, const _BIGNUM_PTR *e, const _BIGNUM_PTR *d) __attribute__((tag("legacy_1"),noerror)); ++int RSA_set0_key(_RSA_PTR r, _BIGNUM_PTR n, _BIGNUM_PTR e, _BIGNUM_PTR d) __attribute__((tag("legacy_1"))); + -+package fakecgo ++// BIGNUM API ++_BIGNUM_PTR BN_new(void); ++void BN_free(_BIGNUM_PTR arg0); ++void BN_clear(_BIGNUM_PTR arg0); ++void BN_clear_free(_BIGNUM_PTR arg0); ++int BN_num_bits(const _BIGNUM_PTR arg0) __attribute__((noerror)); ++_BIGNUM_PTR BN_bin2bn(const unsigned char *arg0, int arg1, _BIGNUM_PTR arg2); ++_BIGNUM_PTR BN_lebin2bn(const unsigned char *s, int len, _BIGNUM_PTR ret); ++int BN_bn2lebinpad(const _BIGNUM_PTR a, unsigned char *to, int tolen) __attribute__((errcond("== -1"))); ++int BN_bn2binpad(const _BIGNUM_PTR a, unsigned char *to, int tolen) __attribute__((errcond("== -1"))); + -+import _ "unsafe" ++// EC API ++int EC_KEY_set_public_key_affine_coordinates(_EC_KEY_PTR key, _BIGNUM_PTR x, _BIGNUM_PTR y) __attribute__((tag("legacy_1"))); ++int EC_KEY_set_public_key(_EC_KEY_PTR key, const _EC_POINT_PTR pub) __attribute__((tag("legacy_1"))); ++void EC_KEY_free(_EC_KEY_PTR arg0) __attribute__((tag("legacy_1"))); ++const _EC_GROUP_PTR EC_KEY_get0_group(const _EC_KEY_PTR arg0) __attribute__((tag("legacy_1"),noerror)); ++const _BIGNUM_PTR EC_KEY_get0_private_key(const _EC_KEY_PTR arg0) __attribute__((tag("legacy_1"),noerror)); ++const _EC_POINT_PTR EC_KEY_get0_public_key(const _EC_KEY_PTR arg0) __attribute__((tag("legacy_1"),noerror)); ++_EC_KEY_PTR EC_KEY_new_by_curve_name(int arg0) __attribute__((tag("legacy_1"))); ++int EC_KEY_set_private_key(_EC_KEY_PTR arg0, const _BIGNUM_PTR arg1) __attribute__((tag("legacy_1"))); ++int EC_KEY_check_key(const _EC_KEY_PTR key) __attribute__((tag("legacy_1"))); ++_EC_POINT_PTR EC_POINT_new(const _EC_GROUP_PTR arg0); ++void EC_POINT_free(_EC_POINT_PTR arg0); ++int EC_POINT_mul(const _EC_GROUP_PTR group, _EC_POINT_PTR r, const _BIGNUM_PTR n, const _EC_POINT_PTR q, const _BIGNUM_PTR m, _BN_CTX_PTR ctx); ++int EC_POINT_get_affine_coordinates_GFp(const _EC_GROUP_PTR arg0, const _EC_POINT_PTR arg1, _BIGNUM_PTR arg2, _BIGNUM_PTR arg3, _BN_CTX_PTR arg4) __attribute__((tag("legacy_1"))); ++int EC_POINT_set_affine_coordinates(const _EC_GROUP_PTR arg0, _EC_POINT_PTR arg1, const _BIGNUM_PTR arg2, const _BIGNUM_PTR arg3, _BN_CTX_PTR arg4) __attribute__((tag("3"))); ++size_t EC_POINT_point2oct(const _EC_GROUP_PTR group, const _EC_POINT_PTR p, point_conversion_form_t form, unsigned char *buf, size_t len, _BN_CTX_PTR ctx); ++int EC_POINT_oct2point(const _EC_GROUP_PTR group, _EC_POINT_PTR p, const unsigned char *buf, size_t len, _BN_CTX_PTR ctx); ++_EC_GROUP_PTR EC_GROUP_new_by_curve_name(int nid); ++void EC_GROUP_free(_EC_GROUP_PTR group); + -+// setg_trampoline calls setg with the G provided -+func setg_trampoline(setg uintptr, G uintptr) ++// EVP_MAC API ++_EVP_MAC_PTR EVP_MAC_fetch(_OSSL_LIB_CTX_PTR ctx, const char *algorithm, const char *properties) __attribute__((tag("3"))); ++_EVP_MAC_CTX_PTR EVP_MAC_CTX_new(_EVP_MAC_PTR arg0) __attribute__((tag("3"))); ++int EVP_MAC_CTX_set_params(_EVP_MAC_CTX_PTR ctx, const _OSSL_PARAM_PTR params) __attribute__((tag("3"))); ++void EVP_MAC_CTX_free(_EVP_MAC_CTX_PTR arg0) __attribute__((tag("3"))); ++_EVP_MAC_CTX_PTR EVP_MAC_CTX_dup(const _EVP_MAC_CTX_PTR arg0) __attribute__((tag("3"))); ++int EVP_MAC_init(_EVP_MAC_CTX_PTR ctx, const unsigned char *key, size_t keylen, const _OSSL_PARAM_PTR params) __attribute__((tag("3"))); ++int EVP_MAC_update(_EVP_MAC_CTX_PTR ctx, const unsigned char *data, size_t datalen) __attribute__((tag("3"))); ++int EVP_MAC_final(_EVP_MAC_CTX_PTR ctx, unsigned char *out, size_t *outl, size_t outsize) __attribute__((tag("3"))); + -+// call5 takes fn the C function and 5 arguments and calls the function with those arguments -+func call5(fn, a1, a2, a3, a4, a5 uintptr) uintptr -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/fakecgo.lock b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/fakecgo.lock -new file mode 100644 -index 00000000000000..9b0650d53777bd ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/fakecgo.lock -@@ -0,0 +1,3 @@ -+{ -+ "commit_hash": "5110604b3385278be6887d0feead513a1bfe7a82" -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/freebsd.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/freebsd.go -new file mode 100644 -index 00000000000000..bb73a709e69188 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/freebsd.go -@@ -0,0 +1,27 @@ -+// Copyright 2010 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. ++// OSSL_PARAM API ++void OSSL_PARAM_free(_OSSL_PARAM_PTR p) __attribute__((tag("3"))); ++const _OSSL_PARAM_PTR OSSL_PARAM_locate_const(const _OSSL_PARAM_PTR p, const char *key) __attribute__((tag("3"))); ++_OSSL_PARAM_BLD_PTR OSSL_PARAM_BLD_new(void) __attribute__((tag("3"))); ++void OSSL_PARAM_BLD_free(_OSSL_PARAM_BLD_PTR bld) __attribute__((tag("3"))); ++_OSSL_PARAM_PTR OSSL_PARAM_BLD_to_param(_OSSL_PARAM_BLD_PTR bld) __attribute__((tag("3"))); ++int OSSL_PARAM_BLD_push_utf8_string(_OSSL_PARAM_BLD_PTR bld, const char *key, const char *buf, size_t bsize) __attribute__((tag("3"))); ++int OSSL_PARAM_BLD_push_octet_string(_OSSL_PARAM_BLD_PTR bld, const char *key, const void *buf, size_t bsize) __attribute__((tag("3"))); ++int OSSL_PARAM_BLD_push_BN(_OSSL_PARAM_BLD_PTR bld, const char *key, const _BIGNUM_PTR bn) __attribute__((tag("3"))); ++int OSSL_PARAM_BLD_push_int32(_OSSL_PARAM_BLD_PTR bld, const char *key, int32_t num) __attribute__((tag("3"))); + -+//go:build freebsd && !cgo ++// EVP_SIGNATURE API ++_EVP_SIGNATURE_PTR EVP_SIGNATURE_fetch(_OSSL_LIB_CTX_PTR ctx, const char *algorithm, const char *properties) __attribute__((tag("3"))); ++void EVP_SIGNATURE_free(_EVP_SIGNATURE_PTR signature) __attribute__((tag("3"))); + -+package fakecgo ++// DSA API ++_DSA_PTR DSA_new(void) __attribute__((tag("legacy_1"))); ++void DSA_free(_DSA_PTR r) __attribute__((tag("legacy_1"))); ++int DSA_generate_key(_DSA_PTR a) __attribute__((tag("legacy_1"))); ++void DSA_get0_pqg(const _DSA_PTR d, const _BIGNUM_PTR *p, const _BIGNUM_PTR *q, const _BIGNUM_PTR *g) __attribute__((tag("legacy_1"))); ++int DSA_set0_pqg(_DSA_PTR d, _BIGNUM_PTR p, _BIGNUM_PTR q, _BIGNUM_PTR g) __attribute__((tag("legacy_1"))); ++void DSA_get0_key(const _DSA_PTR d, const _BIGNUM_PTR *pub_key, const _BIGNUM_PTR *priv_key) __attribute__((tag("legacy_1"))); ++int DSA_set0_key(_DSA_PTR d, _BIGNUM_PTR pub_key, _BIGNUM_PTR priv_key) __attribute__((tag("legacy_1"))); + -+import _ "unsafe" // for go:linkname -+ -+// Supply environ and __progname, because we don't -+// link against the standard FreeBSD crt0.o and the -+// libc dynamic library needs them. -+ -+// Note: when building with cross-compiling or CGO_ENABLED=0, add -+// the following argument to `go` so that these symbols are defined by -+// making fakecgo the Cgo. -+// -gcflags="github.com/ebitengine/purego/internal/fakecgo=-std" -+ -+//go:linkname _environ environ -+//go:linkname _progname __progname -+ -+//go:cgo_export_dynamic environ -+//go:cgo_export_dynamic __progname -+ -+var _environ uintptr -+var _progname uintptr -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/generate.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/generate.go -new file mode 100644 -index 00000000000000..88c4cdf9ec04cc ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/generate.go -@@ -0,0 +1,6 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. ++// EVP_KDF API ++_EVP_KDF_PTR EVP_KDF_fetch(_OSSL_LIB_CTX_PTR libctx, const char *algorithm, const char *properties) __attribute__((tag("3"))); ++void EVP_KDF_free(_EVP_KDF_PTR kdf) __attribute__((tag("3"))); ++_EVP_KDF_CTX_PTR EVP_KDF_CTX_new(_EVP_KDF_PTR kdf) __attribute__((tag("3"))); ++int EVP_KDF_CTX_set_params(_EVP_KDF_CTX_PTR ctx, const _OSSL_PARAM_PTR params) __attribute__((tag("3"))); ++void EVP_KDF_CTX_free(_EVP_KDF_CTX_PTR ctx) __attribute__((tag("3"))); ++size_t EVP_KDF_CTX_get_kdf_size(_EVP_KDF_CTX_PTR ctx) __attribute__((tag("3"))); ++int EVP_KDF_derive(_EVP_KDF_CTX_PTR ctx, unsigned char *key, size_t keylen, const _OSSL_PARAM_PTR params) __attribute__((tag("3"))); ++int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, const _EVP_MD_PTR digest, int keylen, unsigned char *out); + -+package fakecgo ++// OBJ API ++const char *OBJ_nid2sn(int n) __attribute__((noerror)); + -+//go:generate go run update_tool.go -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_darwin.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_darwin.go ++#endif // _GO_OSSL_SHIMS_H +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.c b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.c new file mode 100644 -index 00000000000000..d0868f0f790351 +index 00000000000000..8124dfd70a22e3 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_darwin.go -@@ -0,0 +1,88 @@ -+// Copyright 2011 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+//go:build !cgo -+ -+package fakecgo ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.c +@@ -0,0 +1,1924 @@ ++// Code generated by mkcgo. DO NOT EDIT. + -+import "unsafe" ++#include ++#include ++#include ++#include ++#include "zossl.h" + -+//go:nosplit -+//go:norace -+func _cgo_sys_thread_start(ts *ThreadStart) { -+ var attr pthread_attr_t -+ var ign, oset sigset_t -+ var p pthread_t -+ var size size_t -+ var err int ++#ifdef _WIN32 ++#include ++#define dlsym GetProcAddress ++#else ++#include ++#endif + -+ sigfillset(&ign) -+ pthread_sigmask(SIG_SETMASK, &ign, &oset) ++_BIGNUM_PTR (*_g_BN_bin2bn)(const unsigned char*, int, _BIGNUM_PTR); ++int (*_g_BN_bn2binpad)(const _BIGNUM_PTR, unsigned char*, int); ++int (*_g_BN_bn2lebinpad)(const _BIGNUM_PTR, unsigned char*, int); ++void (*_g_BN_clear)(_BIGNUM_PTR); ++void (*_g_BN_clear_free)(_BIGNUM_PTR); ++void (*_g_BN_free)(_BIGNUM_PTR); ++_BIGNUM_PTR (*_g_BN_lebin2bn)(const unsigned char*, int, _BIGNUM_PTR); ++_BIGNUM_PTR (*_g_BN_new)(void); ++int (*_g_BN_num_bits)(const _BIGNUM_PTR); ++void (*_g_CRYPTO_free)(void*, const char*, int); ++void* (*_g_CRYPTO_malloc)(size_t, const char*, int); ++void (*_g_DSA_free)(_DSA_PTR); ++int (*_g_DSA_generate_key)(_DSA_PTR); ++void (*_g_DSA_get0_key)(const _DSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*); ++void (*_g_DSA_get0_pqg)(const _DSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); ++_DSA_PTR (*_g_DSA_new)(void); ++int (*_g_DSA_set0_key)(_DSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR); ++int (*_g_DSA_set0_pqg)(_DSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR); ++void (*_g_EC_GROUP_free)(_EC_GROUP_PTR); ++_EC_GROUP_PTR (*_g_EC_GROUP_new_by_curve_name)(int); ++int (*_g_EC_KEY_check_key)(const _EC_KEY_PTR); ++void (*_g_EC_KEY_free)(_EC_KEY_PTR); ++const _EC_GROUP_PTR (*_g_EC_KEY_get0_group)(const _EC_KEY_PTR); ++const _BIGNUM_PTR (*_g_EC_KEY_get0_private_key)(const _EC_KEY_PTR); ++const _EC_POINT_PTR (*_g_EC_KEY_get0_public_key)(const _EC_KEY_PTR); ++_EC_KEY_PTR (*_g_EC_KEY_new_by_curve_name)(int); ++int (*_g_EC_KEY_set_private_key)(_EC_KEY_PTR, const _BIGNUM_PTR); ++int (*_g_EC_KEY_set_public_key)(_EC_KEY_PTR, const _EC_POINT_PTR); ++int (*_g_EC_KEY_set_public_key_affine_coordinates)(_EC_KEY_PTR, _BIGNUM_PTR, _BIGNUM_PTR); ++void (*_g_EC_POINT_free)(_EC_POINT_PTR); ++int (*_g_EC_POINT_get_affine_coordinates_GFp)(const _EC_GROUP_PTR, const _EC_POINT_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BN_CTX_PTR); ++int (*_g_EC_POINT_mul)(const _EC_GROUP_PTR, _EC_POINT_PTR, const _BIGNUM_PTR, const _EC_POINT_PTR, const _BIGNUM_PTR, _BN_CTX_PTR); ++_EC_POINT_PTR (*_g_EC_POINT_new)(const _EC_GROUP_PTR); ++int (*_g_EC_POINT_oct2point)(const _EC_GROUP_PTR, _EC_POINT_PTR, const unsigned char*, size_t, _BN_CTX_PTR); ++size_t (*_g_EC_POINT_point2oct)(const _EC_GROUP_PTR, const _EC_POINT_PTR, point_conversion_form_t, unsigned char*, size_t, _BN_CTX_PTR); ++int (*_g_EC_POINT_set_affine_coordinates)(const _EC_GROUP_PTR, _EC_POINT_PTR, const _BIGNUM_PTR, const _BIGNUM_PTR, _BN_CTX_PTR); ++void (*_g_ERR_clear_error)(void); ++void (*_g_ERR_error_string_n)(unsigned long, char*, size_t); ++unsigned long (*_g_ERR_get_error_all)(const char**, int*, const char**, const char**, int*); ++unsigned long (*_g_ERR_get_error_line)(const char**, int*); ++int (*_g_EVP_CIPHER_CTX_ctrl)(_EVP_CIPHER_CTX_PTR, int, int, void*); ++void (*_g_EVP_CIPHER_CTX_free)(_EVP_CIPHER_CTX_PTR); ++_EVP_CIPHER_CTX_PTR (*_g_EVP_CIPHER_CTX_new)(void); ++int (*_g_EVP_CIPHER_CTX_set_key_length)(_EVP_CIPHER_CTX_PTR, int); ++int (*_g_EVP_CIPHER_CTX_set_padding)(_EVP_CIPHER_CTX_PTR, int); ++_EVP_CIPHER_PTR (*_g_EVP_CIPHER_fetch)(_OSSL_LIB_CTX_PTR, const char*, const char*); ++const char* (*_g_EVP_CIPHER_get0_name)(const _EVP_CIPHER_PTR); ++int (*_g_EVP_CIPHER_get_block_size)(const _EVP_CIPHER_PTR); ++int (*_g_EVP_CipherInit_ex)(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*, int); ++int (*_g_EVP_CipherUpdate)(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int); ++int (*_g_EVP_DecryptFinal_ex)(_EVP_CIPHER_CTX_PTR, unsigned char*, int*); ++int (*_g_EVP_DecryptInit_ex)(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*); ++int (*_g_EVP_DecryptUpdate)(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int); ++int (*_g_EVP_Digest)(const void*, size_t, unsigned char*, unsigned int*, const _EVP_MD_PTR, _ENGINE_PTR); ++int (*_g_EVP_DigestFinal_ex)(_EVP_MD_CTX_PTR, unsigned char*, unsigned int*); ++int (*_g_EVP_DigestInit)(_EVP_MD_CTX_PTR, const _EVP_MD_PTR); ++int (*_g_EVP_DigestInit_ex)(_EVP_MD_CTX_PTR, const _EVP_MD_PTR, _ENGINE_PTR); ++int (*_g_EVP_DigestSign)(_EVP_MD_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t); ++int (*_g_EVP_DigestSignFinal)(_EVP_MD_CTX_PTR, unsigned char*, size_t*); ++int (*_g_EVP_DigestSignInit)(_EVP_MD_CTX_PTR, _EVP_PKEY_CTX_PTR*, const _EVP_MD_PTR, _ENGINE_PTR, _EVP_PKEY_PTR); ++int (*_g_EVP_DigestUpdate)(_EVP_MD_CTX_PTR, const void*, size_t); ++int (*_g_EVP_DigestVerify)(_EVP_MD_CTX_PTR, const unsigned char*, size_t, const unsigned char*, size_t); ++int (*_g_EVP_DigestVerifyFinal)(_EVP_MD_CTX_PTR, const unsigned char*, size_t); ++int (*_g_EVP_DigestVerifyInit)(_EVP_MD_CTX_PTR, _EVP_PKEY_CTX_PTR*, const _EVP_MD_PTR, _ENGINE_PTR, _EVP_PKEY_PTR); ++int (*_g_EVP_EncryptFinal_ex)(_EVP_CIPHER_CTX_PTR, unsigned char*, int*); ++int (*_g_EVP_EncryptInit_ex)(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*); ++int (*_g_EVP_EncryptUpdate)(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int); ++void (*_g_EVP_KDF_CTX_free)(_EVP_KDF_CTX_PTR); ++size_t (*_g_EVP_KDF_CTX_get_kdf_size)(_EVP_KDF_CTX_PTR); ++_EVP_KDF_CTX_PTR (*_g_EVP_KDF_CTX_new)(_EVP_KDF_PTR); ++int (*_g_EVP_KDF_CTX_set_params)(_EVP_KDF_CTX_PTR, const _OSSL_PARAM_PTR); ++int (*_g_EVP_KDF_derive)(_EVP_KDF_CTX_PTR, unsigned char*, size_t, const _OSSL_PARAM_PTR); ++_EVP_KDF_PTR (*_g_EVP_KDF_fetch)(_OSSL_LIB_CTX_PTR, const char*, const char*); ++void (*_g_EVP_KDF_free)(_EVP_KDF_PTR); ++_EVP_MAC_CTX_PTR (*_g_EVP_MAC_CTX_dup)(const _EVP_MAC_CTX_PTR); ++void (*_g_EVP_MAC_CTX_free)(_EVP_MAC_CTX_PTR); ++_EVP_MAC_CTX_PTR (*_g_EVP_MAC_CTX_new)(_EVP_MAC_PTR); ++int (*_g_EVP_MAC_CTX_set_params)(_EVP_MAC_CTX_PTR, const _OSSL_PARAM_PTR); ++_EVP_MAC_PTR (*_g_EVP_MAC_fetch)(_OSSL_LIB_CTX_PTR, const char*, const char*); ++int (*_g_EVP_MAC_final)(_EVP_MAC_CTX_PTR, unsigned char*, size_t*, size_t); ++int (*_g_EVP_MAC_init)(_EVP_MAC_CTX_PTR, const unsigned char*, size_t, const _OSSL_PARAM_PTR); ++int (*_g_EVP_MAC_update)(_EVP_MAC_CTX_PTR, const unsigned char*, size_t); ++int (*_g_EVP_MD_CTX_copy)(_EVP_MD_CTX_PTR, const _EVP_MD_CTX_PTR); ++int (*_g_EVP_MD_CTX_copy_ex)(_EVP_MD_CTX_PTR, const _EVP_MD_CTX_PTR); ++void (*_g_EVP_MD_CTX_free)(_EVP_MD_CTX_PTR); ++int (*_g_EVP_MD_CTX_get_params)(_EVP_MD_CTX_PTR, _OSSL_PARAM_PTR); ++const _OSSL_PARAM_PTR (*_g_EVP_MD_CTX_gettable_params)(_EVP_MD_CTX_PTR); ++_EVP_MD_CTX_PTR (*_g_EVP_MD_CTX_new)(void); ++int (*_g_EVP_MD_CTX_set_params)(_EVP_MD_CTX_PTR, const _OSSL_PARAM_PTR); ++const _OSSL_PARAM_PTR (*_g_EVP_MD_CTX_settable_params)(_EVP_MD_CTX_PTR); ++_EVP_MD_PTR (*_g_EVP_MD_fetch)(_OSSL_LIB_CTX_PTR, const char*, const char*); ++void (*_g_EVP_MD_free)(_EVP_MD_PTR); ++const char* (*_g_EVP_MD_get0_name)(const _EVP_MD_PTR); ++const _OSSL_PROVIDER_PTR (*_g_EVP_MD_get0_provider)(const _EVP_MD_PTR); ++int (*_g_EVP_MD_get_block_size)(const _EVP_MD_PTR); ++int (*_g_EVP_MD_get_size)(const _EVP_MD_PTR); ++int (*_g_EVP_MD_get_type)(const _EVP_MD_PTR); ++int (*_g_EVP_PKEY_CTX_add1_hkdf_info)(_EVP_PKEY_CTX_PTR, const unsigned char*, int); ++int (*_g_EVP_PKEY_CTX_ctrl)(_EVP_PKEY_CTX_PTR, int, int, int, int, void*); ++void (*_g_EVP_PKEY_CTX_free)(_EVP_PKEY_CTX_PTR); ++_EVP_PKEY_CTX_PTR (*_g_EVP_PKEY_CTX_new)(_EVP_PKEY_PTR, _ENGINE_PTR); ++_EVP_PKEY_CTX_PTR (*_g_EVP_PKEY_CTX_new_from_pkey)(_OSSL_LIB_CTX_PTR, _EVP_PKEY_PTR, const char*); ++_EVP_PKEY_CTX_PTR (*_g_EVP_PKEY_CTX_new_id)(int, _ENGINE_PTR); ++int (*_g_EVP_PKEY_CTX_set0_rsa_oaep_label)(_EVP_PKEY_CTX_PTR, void*, int); ++int (*_g_EVP_PKEY_CTX_set1_hkdf_key)(_EVP_PKEY_CTX_PTR, const unsigned char*, int); ++int (*_g_EVP_PKEY_CTX_set1_hkdf_salt)(_EVP_PKEY_CTX_PTR, const unsigned char*, int); ++int (*_g_EVP_PKEY_CTX_set_hkdf_md)(_EVP_PKEY_CTX_PTR, const _EVP_MD_PTR); ++int (*_g_EVP_PKEY_CTX_set_hkdf_mode)(_EVP_PKEY_CTX_PTR, int); ++_EVP_PKEY_PTR (*_g_EVP_PKEY_Q_keygen)(_OSSL_LIB_CTX_PTR, const char*, const char*, ...); ++int (*_g_EVP_PKEY_assign)(_EVP_PKEY_PTR, int, void*); ++int (*_g_EVP_PKEY_decrypt)(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t); ++int (*_g_EVP_PKEY_decrypt_init)(_EVP_PKEY_CTX_PTR); ++int (*_g_EVP_PKEY_derive)(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*); ++int (*_g_EVP_PKEY_derive_init)(_EVP_PKEY_CTX_PTR); ++int (*_g_EVP_PKEY_derive_set_peer)(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR); ++int (*_g_EVP_PKEY_encrypt)(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t); ++int (*_g_EVP_PKEY_encrypt_init)(_EVP_PKEY_CTX_PTR); ++void (*_g_EVP_PKEY_free)(_EVP_PKEY_PTR); ++int (*_g_EVP_PKEY_fromdata)(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*, int, _OSSL_PARAM_PTR); ++int (*_g_EVP_PKEY_fromdata_init)(_EVP_PKEY_CTX_PTR); ++_DSA_PTR (*_g_EVP_PKEY_get0_DSA)(_EVP_PKEY_PTR); ++_EC_KEY_PTR (*_g_EVP_PKEY_get0_EC_KEY)(_EVP_PKEY_PTR); ++_RSA_PTR (*_g_EVP_PKEY_get1_RSA)(_EVP_PKEY_PTR); ++size_t (*_g_EVP_PKEY_get1_encoded_public_key)(_EVP_PKEY_PTR, unsigned char**); ++int (*_g_EVP_PKEY_get_bits)(const _EVP_PKEY_PTR); ++int (*_g_EVP_PKEY_get_bn_param)(const _EVP_PKEY_PTR, const char*, _BIGNUM_PTR*); ++int (*_g_EVP_PKEY_get_raw_private_key)(const _EVP_PKEY_PTR, unsigned char*, size_t*); ++int (*_g_EVP_PKEY_get_raw_public_key)(const _EVP_PKEY_PTR, unsigned char*, size_t*); ++int (*_g_EVP_PKEY_get_size)(const _EVP_PKEY_PTR); ++int (*_g_EVP_PKEY_keygen)(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*); ++int (*_g_EVP_PKEY_keygen_init)(_EVP_PKEY_CTX_PTR); ++_EVP_PKEY_PTR (*_g_EVP_PKEY_new)(void); ++_EVP_PKEY_PTR (*_g_EVP_PKEY_new_raw_private_key)(int, _ENGINE_PTR, const unsigned char*, size_t); ++_EVP_PKEY_PTR (*_g_EVP_PKEY_new_raw_public_key)(int, _ENGINE_PTR, const unsigned char*, size_t); ++int (*_g_EVP_PKEY_paramgen)(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*); ++int (*_g_EVP_PKEY_paramgen_init)(_EVP_PKEY_CTX_PTR); ++int (*_g_EVP_PKEY_private_check)(_EVP_PKEY_CTX_PTR); ++int (*_g_EVP_PKEY_public_check_quick)(_EVP_PKEY_CTX_PTR); ++int (*_g_EVP_PKEY_set1_EC_KEY)(_EVP_PKEY_PTR, _EC_KEY_PTR); ++int (*_g_EVP_PKEY_set1_encoded_public_key)(_EVP_PKEY_PTR, const unsigned char*, size_t); ++int (*_g_EVP_PKEY_sign)(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t); ++int (*_g_EVP_PKEY_sign_init)(_EVP_PKEY_CTX_PTR); ++int (*_g_EVP_PKEY_up_ref)(_EVP_PKEY_PTR); ++int (*_g_EVP_PKEY_verify)(_EVP_PKEY_CTX_PTR, const unsigned char*, size_t, const unsigned char*, size_t); ++int (*_g_EVP_PKEY_verify_init)(_EVP_PKEY_CTX_PTR); ++_EVP_SIGNATURE_PTR (*_g_EVP_SIGNATURE_fetch)(_OSSL_LIB_CTX_PTR, const char*, const char*); ++void (*_g_EVP_SIGNATURE_free)(_EVP_SIGNATURE_PTR); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_128_cbc)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_128_ctr)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_128_ecb)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_128_gcm)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_192_cbc)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_192_ctr)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_192_ecb)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_192_gcm)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_256_cbc)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_256_ctr)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_256_ecb)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_aes_256_gcm)(void); ++int (*_g_EVP_default_properties_enable_fips)(_OSSL_LIB_CTX_PTR, int); ++int (*_g_EVP_default_properties_is_fips_enabled)(_OSSL_LIB_CTX_PTR); ++const _EVP_CIPHER_PTR (*_g_EVP_des_cbc)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_des_ecb)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_des_ede3_cbc)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_des_ede3_ecb)(void); ++const _EVP_MD_PTR (*_g_EVP_md4)(void); ++const _EVP_MD_PTR (*_g_EVP_md5)(void); ++const _EVP_MD_PTR (*_g_EVP_md5_sha1)(void); ++const _EVP_CIPHER_PTR (*_g_EVP_rc4)(void); ++const _EVP_MD_PTR (*_g_EVP_ripemd160)(void); ++const _EVP_MD_PTR (*_g_EVP_sha1)(void); ++const _EVP_MD_PTR (*_g_EVP_sha224)(void); ++const _EVP_MD_PTR (*_g_EVP_sha256)(void); ++const _EVP_MD_PTR (*_g_EVP_sha384)(void); ++const _EVP_MD_PTR (*_g_EVP_sha3_224)(void); ++const _EVP_MD_PTR (*_g_EVP_sha3_256)(void); ++const _EVP_MD_PTR (*_g_EVP_sha3_384)(void); ++const _EVP_MD_PTR (*_g_EVP_sha3_512)(void); ++const _EVP_MD_PTR (*_g_EVP_sha512)(void); ++const _EVP_MD_PTR (*_g_EVP_sha512_224)(void); ++const _EVP_MD_PTR (*_g_EVP_sha512_256)(void); ++int (*_g_FIPS_mode)(void); ++int (*_g_FIPS_mode_set)(int); ++int (*_g_HMAC_CTX_copy)(_HMAC_CTX_PTR, _HMAC_CTX_PTR); ++void (*_g_HMAC_CTX_free)(_HMAC_CTX_PTR); ++_HMAC_CTX_PTR (*_g_HMAC_CTX_new)(void); ++int (*_g_HMAC_Final)(_HMAC_CTX_PTR, unsigned char*, unsigned int*); ++int (*_g_HMAC_Init_ex)(_HMAC_CTX_PTR, const void*, int, const _EVP_MD_PTR, _ENGINE_PTR); ++int (*_g_HMAC_Update)(_HMAC_CTX_PTR, const unsigned char*, size_t); ++const char* (*_g_OBJ_nid2sn)(int); ++void (*_g_OPENSSL_init)(void); ++int (*_g_OPENSSL_init_crypto)(uint64_t, const _OPENSSL_INIT_SETTINGS_PTR); ++unsigned int (*_g_OPENSSL_version_major)(void); ++unsigned int (*_g_OPENSSL_version_minor)(void); ++unsigned int (*_g_OPENSSL_version_patch)(void); ++void (*_g_OSSL_PARAM_BLD_free)(_OSSL_PARAM_BLD_PTR); ++_OSSL_PARAM_BLD_PTR (*_g_OSSL_PARAM_BLD_new)(void); ++int (*_g_OSSL_PARAM_BLD_push_BN)(_OSSL_PARAM_BLD_PTR, const char*, const _BIGNUM_PTR); ++int (*_g_OSSL_PARAM_BLD_push_int32)(_OSSL_PARAM_BLD_PTR, const char*, int32_t); ++int (*_g_OSSL_PARAM_BLD_push_octet_string)(_OSSL_PARAM_BLD_PTR, const char*, const void*, size_t); ++int (*_g_OSSL_PARAM_BLD_push_utf8_string)(_OSSL_PARAM_BLD_PTR, const char*, const char*, size_t); ++_OSSL_PARAM_PTR (*_g_OSSL_PARAM_BLD_to_param)(_OSSL_PARAM_BLD_PTR); ++void (*_g_OSSL_PARAM_free)(_OSSL_PARAM_PTR); ++const _OSSL_PARAM_PTR (*_g_OSSL_PARAM_locate_const)(const _OSSL_PARAM_PTR, const char*); ++int (*_g_OSSL_PROVIDER_available)(_OSSL_LIB_CTX_PTR, const char*); ++const char* (*_g_OSSL_PROVIDER_get0_name)(const _OSSL_PROVIDER_PTR); ++_OSSL_PROVIDER_PTR (*_g_OSSL_PROVIDER_try_load)(_OSSL_LIB_CTX_PTR, const char*, int); ++const char* (*_g_OpenSSL_version)(int); ++unsigned long (*_g_OpenSSL_version_num)(void); ++int (*_g_PKCS5_PBKDF2_HMAC)(const char*, int, const unsigned char*, int, int, const _EVP_MD_PTR, int, unsigned char*); ++int (*_g_RAND_bytes)(unsigned char*, int); ++void (*_g_RSA_free)(_RSA_PTR); ++void (*_g_RSA_get0_crt_params)(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); ++void (*_g_RSA_get0_factors)(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*); ++void (*_g_RSA_get0_key)(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); ++_RSA_PTR (*_g_RSA_new)(void); ++int (*_g_RSA_set0_crt_params)(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR); ++int (*_g_RSA_set0_factors)(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR); ++int (*_g_RSA_set0_key)(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR); + -+ size = pthread_get_stacksize_np(pthread_self()) -+ pthread_attr_init(&attr) -+ pthread_attr_setstacksize(&attr, size) -+ // Leave stacklo=0 and set stackhi=size; mstart will do the rest. -+ ts.g.stackhi = uintptr(size) ++#define __mkcgo__dlsym_nocheck(varname, funcname) _g_##varname = (typeof(_g_##varname))dlsym(handle, #funcname); + -+ err = _cgo_try_pthread_create(&p, &attr, unsafe.Pointer(threadentry_trampolineABI0), ts) ++#define __mkcgo__dlsym(name) __mkcgo__dlsym2(name, name) + -+ pthread_sigmask(SIG_SETMASK, &oset, nil) ++#define __mkcgo__dlsym2(varname, funcname) \ ++ __mkcgo__dlsym_nocheck(varname, funcname) \ ++ if (_g_##varname == NULL) { \ ++ fprintf(stderr, "Cannot get required symbol " #funcname "\n"); \ ++ abort(); \ ++ } + -+ if err != 0 { -+ print("fakecgo: pthread_create failed: ") -+ println(err) -+ abort() -+ } -+} -+ -+// threadentry_trampolineABI0 maps the C ABI to Go ABI then calls the Go function -+// -+//go:linkname x_threadentry_trampoline threadentry_trampoline -+var x_threadentry_trampoline byte -+var threadentry_trampolineABI0 = &x_threadentry_trampoline -+ -+//go:nosplit -+//go:norace -+func threadentry(v unsafe.Pointer) unsafe.Pointer { -+ ts := *(*ThreadStart)(v) -+ free(v) -+ -+ // TODO: support ios -+ //#if TARGET_OS_IPHONE -+ // darwin_arm_init_thread_exception_port(); -+ //#endif -+ setg_trampoline(setg_func, uintptr(unsafe.Pointer(ts.g))) -+ -+ // faking funcs in go is a bit a... involved - but the following works :) -+ fn := uintptr(unsafe.Pointer(&ts.fn)) -+ (*(*func())(unsafe.Pointer(&fn)))() -+ -+ return nil -+} -+ -+// here we will store a pointer to the provided setg func -+var setg_func uintptr -+ -+// x_cgo_init(G *g, void (*setg)(void*)) (runtime/cgo/gcc_linux_amd64.c) -+// This get's called during startup, adjusts stacklo, and provides a pointer to setg_gcc for us -+// Additionally, if we set _cgo_init to non-null, go won't do it's own TLS setup -+// This function can't be go:systemstack since go is not in a state where the systemcheck would work. -+// -+//go:nosplit -+//go:norace -+func x_cgo_init(g *G, setg uintptr) { -+ var size size_t -+ -+ setg_func = setg -+ size = pthread_get_stacksize_np(pthread_self()) -+ g.stacklo = uintptr(unsafe.Add(unsafe.Pointer(&size), -size+4096)) -+ -+ //TODO: support ios -+ //#if TARGET_OS_IPHONE -+ // darwin_arm_init_mach_exception_handler(); -+ // darwin_arm_init_thread_exception_port(); -+ // init_working_dir(); -+ //#endif -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_freebsd.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_freebsd.go -new file mode 100644 -index 00000000000000..55ff71e2672086 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_freebsd.go -@@ -0,0 +1,79 @@ -+// Copyright 2011 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+//go:build !cgo -+ -+package fakecgo -+ -+import "unsafe" -+ -+//go:nosplit -+func _cgo_sys_thread_start(ts *ThreadStart) { -+ var attr pthread_attr_t -+ var ign, oset sigset_t -+ var p pthread_t -+ var size size_t -+ var err int -+ -+ // fprintf(stderr, "runtime/cgo: _cgo_sys_thread_start: fn=%p, g=%p\n", ts->fn, ts->g); // debug -+ sigfillset(&ign) -+ pthread_sigmask(SIG_SETMASK, &ign, &oset) -+ -+ pthread_attr_init(&attr) -+ pthread_attr_getstacksize(&attr, &size) -+ // Leave stacklo=0 and set stackhi=size; mstart will do the rest. -+ ts.g.stackhi = uintptr(size) -+ -+ err = _cgo_try_pthread_create(&p, &attr, unsafe.Pointer(threadentry_trampolineABI0), ts) -+ -+ pthread_sigmask(SIG_SETMASK, &oset, nil) -+ -+ if err != 0 { -+ print("fakecgo: pthread_create failed: ") -+ println(err) -+ abort() -+ } -+} -+ -+// threadentry_trampolineABI0 maps the C ABI to Go ABI then calls the Go function -+// -+//go:linkname x_threadentry_trampoline threadentry_trampoline -+var x_threadentry_trampoline byte -+var threadentry_trampolineABI0 = &x_threadentry_trampoline -+ -+//go:nosplit -+func threadentry(v unsafe.Pointer) unsafe.Pointer { -+ ts := *(*ThreadStart)(v) -+ free(v) -+ -+ setg_trampoline(setg_func, uintptr(unsafe.Pointer(ts.g))) -+ -+ // faking funcs in go is a bit a... involved - but the following works :) -+ fn := uintptr(unsafe.Pointer(&ts.fn)) -+ (*(*func())(unsafe.Pointer(&fn)))() -+ -+ return nil -+} -+ -+// here we will store a pointer to the provided setg func -+var setg_func uintptr -+ -+// x_cgo_init(G *g, void (*setg)(void*)) (runtime/cgo/gcc_linux_amd64.c) -+// This get's called during startup, adjusts stacklo, and provides a pointer to setg_gcc for us -+// Additionally, if we set _cgo_init to non-null, go won't do it's own TLS setup -+// This function can't be go:systemstack since go is not in a state where the systemcheck would work. -+// -+//go:nosplit -+func x_cgo_init(g *G, setg uintptr) { -+ var size size_t -+ var attr pthread_attr_t -+ -+ setg_func = setg -+ pthread_attr_init(&attr) -+ pthread_attr_getstacksize(&attr, &size) -+ // runtime/cgo uses __builtin_frame_address(0) instead of `uintptr(unsafe.Pointer(&size))` -+ // but this should be OK since we are taking the address of the first variable in this function. -+ g.stacklo = uintptr(unsafe.Pointer(&size)) - uintptr(size) + 4096 -+ pthread_attr_destroy(&attr) -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_libinit.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_libinit.go -new file mode 100644 -index 00000000000000..e5a66f39d4f3f5 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_libinit.go -@@ -0,0 +1,72 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2022 The Ebitengine Authors -+ -+//go:build !cgo && (darwin || freebsd || linux) -+ -+package fakecgo -+ -+import ( -+ "syscall" -+ "unsafe" -+) -+ -+var ( -+ pthread_g pthread_key_t -+ -+ runtime_init_cond = PTHREAD_COND_INITIALIZER -+ runtime_init_mu = PTHREAD_MUTEX_INITIALIZER -+ runtime_init_done int -+) -+ -+//go:nosplit -+//go:norace -+func x_cgo_notify_runtime_init_done() { -+ pthread_mutex_lock(&runtime_init_mu) -+ runtime_init_done = 1 -+ pthread_cond_broadcast(&runtime_init_cond) -+ pthread_mutex_unlock(&runtime_init_mu) -+} -+ -+// Store the g into a thread-specific value associated with the pthread key pthread_g. -+// And pthread_key_destructor will dropm when the thread is exiting. -+// -+//go:norace -+func x_cgo_bindm(g unsafe.Pointer) { -+ // We assume this will always succeed, otherwise, there might be extra M leaking, -+ // when a C thread exits after a cgo call. -+ // We only invoke this function once per thread in runtime.needAndBindM, -+ // and the next calls just reuse the bound m. -+ pthread_setspecific(pthread_g, g) -+} -+ -+// _cgo_try_pthread_create retries pthread_create if it fails with -+// EAGAIN. -+// -+//go:nosplit -+//go:norace -+func _cgo_try_pthread_create(thread *pthread_t, attr *pthread_attr_t, pfn unsafe.Pointer, arg *ThreadStart) int { -+ var ts syscall.Timespec -+ // tries needs to be the same type as syscall.Timespec.Nsec -+ // but the fields are int32 on 32bit and int64 on 64bit. -+ // tries is assigned to syscall.Timespec.Nsec in order to match its type. -+ tries := ts.Nsec -+ var err int -+ -+ for tries = 0; tries < 20; tries++ { -+ // inlined this call because it ran out of stack when inlining was disabled -+ err = int(call5(pthread_createABI0, uintptr(unsafe.Pointer(thread)), uintptr(unsafe.Pointer(attr)), uintptr(pfn), uintptr(unsafe.Pointer(arg)), 0)) -+ if err == 0 { -+ // inlined this call because it ran out of stack when inlining was disabled -+ call5(pthread_detachABI0, uintptr(*thread), 0, 0, 0, 0) -+ return 0 -+ } -+ if err != int(syscall.EAGAIN) { -+ return err -+ } -+ ts.Sec = 0 -+ ts.Nsec = (tries + 1) * 1000 * 1000 // Milliseconds. -+ // inlined this call because it ran out of stack when inlining was disabled -+ call5(nanosleepABI0, uintptr(unsafe.Pointer(&ts)), 0, 0, 0, 0) -+ } -+ return int(syscall.EAGAIN) -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_linux.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_linux.go -new file mode 100644 -index 00000000000000..089d9fe489407b ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_linux.go -@@ -0,0 +1,79 @@ -+// Copyright 2011 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+//go:build !cgo -+ -+package fakecgo -+ -+import "unsafe" -+ -+//go:nosplit -+func _cgo_sys_thread_start(ts *ThreadStart) { -+ var attr pthread_attr_t -+ var ign, oset sigset_t -+ var p pthread_t -+ var size size_t -+ var err int -+ -+ //fprintf(stderr, "runtime/cgo: _cgo_sys_thread_start: fn=%p, g=%p\n", ts->fn, ts->g); // debug -+ sigfillset(&ign) -+ pthread_sigmask(SIG_SETMASK, &ign, &oset) -+ -+ pthread_attr_init(&attr) -+ pthread_attr_getstacksize(&attr, &size) -+ // Leave stacklo=0 and set stackhi=size; mstart will do the rest. -+ ts.g.stackhi = uintptr(size) -+ -+ err = _cgo_try_pthread_create(&p, &attr, unsafe.Pointer(threadentry_trampolineABI0), ts) -+ -+ pthread_sigmask(SIG_SETMASK, &oset, nil) -+ -+ if err != 0 { -+ print("fakecgo: pthread_create failed: ") -+ println(err) -+ abort() -+ } -+} -+ -+// threadentry_trampolineABI0 maps the C ABI to Go ABI then calls the Go function -+// -+//go:linkname x_threadentry_trampoline threadentry_trampoline -+var x_threadentry_trampoline byte -+var threadentry_trampolineABI0 = &x_threadentry_trampoline -+ -+//go:nosplit -+func threadentry(v unsafe.Pointer) unsafe.Pointer { -+ ts := *(*ThreadStart)(v) -+ free(v) -+ -+ setg_trampoline(setg_func, uintptr(unsafe.Pointer(ts.g))) -+ -+ // faking funcs in go is a bit a... involved - but the following works :) -+ fn := uintptr(unsafe.Pointer(&ts.fn)) -+ (*(*func())(unsafe.Pointer(&fn)))() -+ -+ return nil -+} -+ -+// here we will store a pointer to the provided setg func -+var setg_func uintptr -+ -+// x_cgo_init(G *g, void (*setg)(void*)) (runtime/cgo/gcc_linux_amd64.c) -+// This get's called during startup, adjusts stacklo, and provides a pointer to setg_gcc for us -+// Additionally, if we set _cgo_init to non-null, go won't do it's own TLS setup -+// This function can't be go:systemstack since go is not in a state where the systemcheck would work. -+// -+//go:nosplit -+func x_cgo_init(g *G, setg uintptr) { -+ var size size_t -+ var attr pthread_attr_t -+ -+ setg_func = setg -+ pthread_attr_init(&attr) -+ pthread_attr_getstacksize(&attr, &size) -+ // runtime/cgo uses __builtin_frame_address(0) instead of `uintptr(unsafe.Pointer(&size))` -+ // but this should be OK since we are taking the address of the first variable in this function. -+ g.stacklo = uintptr(unsafe.Pointer(&size)) - uintptr(size) + 4096 -+ pthread_attr_destroy(&attr) -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_setenv.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_setenv.go -new file mode 100644 -index 00000000000000..e42d84f0b75ea6 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_setenv.go -@@ -0,0 +1,18 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2022 The Ebitengine Authors -+ -+//go:build !cgo && (darwin || freebsd || linux) -+ -+package fakecgo -+ -+//go:nosplit -+//go:norace -+func x_cgo_setenv(arg *[2]*byte) { -+ setenv(arg[0], arg[1], 1) -+} -+ -+//go:nosplit -+//go:norace -+func x_cgo_unsetenv(arg *[1]*byte) { -+ unsetenv(arg[0]) -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_util.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_util.go -new file mode 100644 -index 00000000000000..ff190007e8b6c0 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/go_util.go -@@ -0,0 +1,38 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2022 The Ebitengine Authors -+ -+//go:build !cgo && (darwin || freebsd || linux) -+ -+package fakecgo -+ -+import "unsafe" -+ -+// _cgo_thread_start is split into three parts in cgo since only one part is system dependent (keep it here for easier handling) -+ -+// _cgo_thread_start(ThreadStart *arg) (runtime/cgo/gcc_util.c) -+// This get's called instead of the go code for creating new threads -+// -> pthread_* stuff is used, so threads are setup correctly for C -+// If this is missing, TLS is only setup correctly on thread 1! -+// This function should be go:systemstack instead of go:nosplit (but that requires runtime) -+// -+//go:nosplit -+//go:norace -+func x_cgo_thread_start(arg *ThreadStart) { -+ var ts *ThreadStart -+ // Make our own copy that can persist after we return. -+ // _cgo_tsan_acquire(); -+ ts = (*ThreadStart)(malloc(unsafe.Sizeof(*ts))) -+ // _cgo_tsan_release(); -+ if ts == nil { -+ println("fakecgo: out of memory in thread_start") -+ abort() -+ } -+ // *ts = *arg would cause a writebarrier so copy using slices -+ const ptrSize = unsafe.Sizeof(uintptr(0)) -+ s1 := unsafe.Slice((*uintptr)(unsafe.Pointer(ts)), unsafe.Sizeof(*ts)/ptrSize) -+ s2 := unsafe.Slice((*uintptr)(unsafe.Pointer(arg)), unsafe.Sizeof(*arg)/ptrSize) -+ for i := range s2 { -+ s1[i] = s2[i] -+ } -+ _cgo_sys_thread_start(ts) // OS-dependent half -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/iscgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/iscgo.go -new file mode 100644 -index 00000000000000..28af41cc640724 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/iscgo.go -@@ -0,0 +1,19 @@ -+// Copyright 2010 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+//go:build !cgo && (darwin || freebsd || linux) -+ -+// The runtime package contains an uninitialized definition -+// for runtime·iscgo. Override it to tell the runtime we're here. -+// There are various function pointers that should be set too, -+// but those depend on dynamic linker magic to get initialized -+// correctly, and sometimes they break. This variable is a -+// backup: it depends only on old C style static linking rules. -+ -+package fakecgo -+ -+import _ "unsafe" // for go:linkname -+ -+//go:linkname _iscgo runtime.iscgo -+var _iscgo bool = true -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo.go -new file mode 100644 -index 00000000000000..38f94419397d8d ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo.go -@@ -0,0 +1,39 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2022 The Ebitengine Authors -+ -+//go:build !cgo && (darwin || freebsd || linux) -+ -+package fakecgo -+ -+type ( -+ size_t uintptr -+ // Sources: -+ // Darwin (32 bytes) - https://github.com/apple/darwin-xnu/blob/2ff845c2e033bd0ff64b5b6aa6063a1f8f65aa32/bsd/sys/_types.h#L74 -+ // FreeBSD (32 bytes) - https://github.com/DoctorWkt/xv6-freebsd/blob/d2a294c2a984baed27676068b15ed9a29b06ab6f/include/signal.h#L98C9-L98C21 -+ // Linux (128 bytes) - https://github.com/torvalds/linux/blob/ab75170520d4964f3acf8bb1f91d34cbc650688e/arch/x86/include/asm/signal.h#L25 -+ sigset_t [128]byte -+ pthread_attr_t [64]byte -+ pthread_t int -+ pthread_key_t uint64 -+) -+ -+// for pthread_sigmask: -+ -+type sighow int32 -+ -+const ( -+ SIG_BLOCK sighow = 0 -+ SIG_UNBLOCK sighow = 1 -+ SIG_SETMASK sighow = 2 -+) -+ -+type G struct { -+ stacklo uintptr -+ stackhi uintptr -+} -+ -+type ThreadStart struct { -+ g *G -+ tls *uintptr -+ fn uintptr -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_darwin.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_darwin.go -new file mode 100644 -index 00000000000000..ecdcb2e7852560 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_darwin.go -@@ -0,0 +1,26 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2022 The Ebitengine Authors -+ -+//go:build !cgo -+ -+package fakecgo -+ -+type ( -+ pthread_mutex_t struct { -+ sig int64 -+ opaque [56]byte -+ } -+ pthread_cond_t struct { -+ sig int64 -+ opaque [40]byte -+ } -+) -+ -+var ( -+ PTHREAD_COND_INITIALIZER = pthread_cond_t{sig: 0x3CB0B1BB} -+ PTHREAD_MUTEX_INITIALIZER = pthread_mutex_t{sig: 0x32AAABA7} -+) -+ -+type stack_t struct { -+ /* not implemented */ -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_freebsd.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_freebsd.go -new file mode 100644 -index 00000000000000..4bfb70c3d5ee9a ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_freebsd.go -@@ -0,0 +1,20 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2022 The Ebitengine Authors -+ -+//go:build !cgo -+ -+package fakecgo -+ -+type ( -+ pthread_cond_t uintptr -+ pthread_mutex_t uintptr -+) -+ -+var ( -+ PTHREAD_COND_INITIALIZER = pthread_cond_t(0) -+ PTHREAD_MUTEX_INITIALIZER = pthread_mutex_t(0) -+) -+ -+type stack_t struct { -+ /* not implemented */ -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_linux.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_linux.go -new file mode 100644 -index 00000000000000..b08a44a1001bc0 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/libcgo_linux.go -@@ -0,0 +1,20 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2022 The Ebitengine Authors -+ -+//go:build !cgo -+ -+package fakecgo -+ -+type ( -+ pthread_cond_t [48]byte -+ pthread_mutex_t [48]byte -+) -+ -+var ( -+ PTHREAD_COND_INITIALIZER = pthread_cond_t{} -+ PTHREAD_MUTEX_INITIALIZER = pthread_mutex_t{} -+) -+ -+type stack_t struct { -+ /* not implemented */ -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/linux.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/linux.go -new file mode 100644 -index 00000000000000..f98e272e42720e ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/linux.go -@@ -0,0 +1,184 @@ -+// Copyright 2016 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+//go:build !cgo && linux -+ -+package fakecgo -+ -+import "unsafe" -+ -+// argset matches runtime/cgocall.go:argset. -+type argset struct { -+ args *uintptr -+ retval uintptr -+} -+ -+//go:nosplit -+//go:norace -+func (a *argset) arg(i int) unsafe.Pointer { -+ return *(*unsafe.Pointer)(unsafe.Add(unsafe.Pointer(a.args), uintptr(i)*unsafe.Sizeof(uintptr(0)))) -+} -+ -+//go:linkname _cgo_libc_setegid syscall.cgo_libc_setegid -+//go:linkname _cgo_libc_seteuid syscall.cgo_libc_seteuid -+//go:linkname _cgo_libc_setgid syscall.cgo_libc_setgid -+//go:linkname _cgo_libc_setregid syscall.cgo_libc_setregid -+//go:linkname _cgo_libc_setresgid syscall.cgo_libc_setresgid -+//go:linkname _cgo_libc_setresuid syscall.cgo_libc_setresuid -+//go:linkname _cgo_libc_setreuid syscall.cgo_libc_setreuid -+//go:linkname _cgo_libc_setuid syscall.cgo_libc_setuid -+//go:linkname _cgo_libc_setgroups syscall.cgo_libc_setgroups -+ -+var _cgo_libc_setegid = &_cgo_purego_setegid_trampoline -+var _cgo_libc_seteuid = &_cgo_purego_seteuid_trampoline -+var _cgo_libc_setgid = &_cgo_purego_setgid_trampoline -+var _cgo_libc_setregid = &_cgo_purego_setregid_trampoline -+var _cgo_libc_setresgid = &_cgo_purego_setresgid_trampoline -+var _cgo_libc_setresuid = &_cgo_purego_setresuid_trampoline -+var _cgo_libc_setreuid = &_cgo_purego_setreuid_trampoline -+var _cgo_libc_setuid = &_cgo_purego_setuid_trampoline -+var _cgo_libc_setgroups = &_cgo_purego_setgroups_trampoline -+ -+//go:nosplit -+//go:norace -+func errno() int32 { -+ // this indirection is to avoid go vet complaining about possible misuse of unsafe.Pointer -+ loc := __errno_location() -+ return **(**int32)(unsafe.Pointer(&loc)) -+} -+ -+//go:linkname _cgo_purego_setegid_trampoline _cgo_purego_setegid_trampoline -+var _cgo_purego_setegid_trampoline byte -+var x_cgo_purego_setegid_call = x_cgo_purego_setegid -+ -+//go:nosplit -+//go:norace -+func x_cgo_purego_setegid(c *argset) { -+ ret := setegid(uint32(uintptr(c.arg(0)))) -+ if ret == -1 { -+ c.retval = uintptr(errno()) -+ } else { -+ c.retval = uintptr(ret) -+ } -+} -+ -+//go:linkname _cgo_purego_seteuid_trampoline _cgo_purego_seteuid_trampoline -+var _cgo_purego_seteuid_trampoline byte -+var x_cgo_purego_seteuid_call = x_cgo_purego_seteuid -+ -+//go:nosplit -+//go:norace -+func x_cgo_purego_seteuid(c *argset) { -+ ret := seteuid(uint32(uintptr(c.arg(0)))) -+ if ret == -1 { -+ c.retval = uintptr(errno()) -+ } else { -+ c.retval = uintptr(ret) -+ } -+} -+ -+//go:linkname _cgo_purego_setgid_trampoline _cgo_purego_setgid_trampoline -+var _cgo_purego_setgid_trampoline byte -+var x_cgo_purego_setgid_call = x_cgo_purego_setgid -+ -+//go:nosplit -+//go:norace -+func x_cgo_purego_setgid(c *argset) { -+ ret := setgid(uint32(uintptr(c.arg(0)))) -+ if ret == -1 { -+ c.retval = uintptr(errno()) -+ } else { -+ c.retval = uintptr(ret) -+ } -+} -+ -+//go:linkname _cgo_purego_setregid_trampoline _cgo_purego_setregid_trampoline -+var _cgo_purego_setregid_trampoline byte -+var x_cgo_purego_setregid_call = x_cgo_purego_setregid -+ -+//go:nosplit -+//go:norace -+func x_cgo_purego_setregid(c *argset) { -+ ret := setregid(uint32(uintptr(c.arg(0))), uint32(uintptr(c.arg(1)))) -+ if ret == -1 { -+ c.retval = uintptr(errno()) -+ } else { -+ c.retval = uintptr(ret) -+ } -+} -+ -+//go:linkname _cgo_purego_setresgid_trampoline _cgo_purego_setresgid_trampoline -+var _cgo_purego_setresgid_trampoline byte -+var x_cgo_purego_setresgid_call = x_cgo_purego_setresgid -+ -+//go:nosplit -+//go:norace -+func x_cgo_purego_setresgid(c *argset) { -+ ret := setresgid(uint32(uintptr(c.arg(0))), uint32(uintptr(c.arg(1))), uint32(uintptr(c.arg(2)))) -+ if ret == -1 { -+ c.retval = uintptr(errno()) -+ } else { -+ c.retval = uintptr(ret) -+ } -+} -+ -+//go:linkname _cgo_purego_setresuid_trampoline _cgo_purego_setresuid_trampoline -+var _cgo_purego_setresuid_trampoline byte -+var x_cgo_purego_setresuid_call = x_cgo_purego_setresuid -+ -+//go:nosplit -+//go:norace -+func x_cgo_purego_setresuid(c *argset) { -+ ret := setresuid(uint32(uintptr(c.arg(0))), uint32(uintptr(c.arg(1))), uint32(uintptr(c.arg(2)))) -+ if ret == -1 { -+ c.retval = uintptr(errno()) -+ } else { -+ c.retval = uintptr(ret) -+ } -+} -+ -+//go:linkname _cgo_purego_setreuid_trampoline _cgo_purego_setreuid_trampoline -+var _cgo_purego_setreuid_trampoline byte -+var x_cgo_purego_setreuid_call = x_cgo_purego_setreuid -+ -+//go:nosplit -+//go:norace -+func x_cgo_purego_setreuid(c *argset) { -+ ret := setreuid(uint32(uintptr(c.arg(0))), uint32(uintptr(c.arg(1)))) -+ if ret == -1 { -+ c.retval = uintptr(errno()) -+ } else { -+ c.retval = uintptr(ret) -+ } -+} -+ -+//go:linkname _cgo_purego_setuid_trampoline _cgo_purego_setuid_trampoline -+var _cgo_purego_setuid_trampoline byte -+var x_cgo_purego_setuid_call = x_cgo_purego_setuid -+ -+//go:nosplit -+//go:norace -+func x_cgo_purego_setuid(c *argset) { -+ ret := setuid(uint32(uintptr(c.arg(0)))) -+ if ret == -1 { -+ c.retval = uintptr(errno()) -+ } else { -+ c.retval = uintptr(ret) -+ } -+} -+ -+//go:linkname _cgo_purego_setgroups_trampoline _cgo_purego_setgroups_trampoline -+var _cgo_purego_setgroups_trampoline byte -+var x_cgo_purego_setgroups_call = x_cgo_purego_setgroups -+ -+//go:nosplit -+//go:norace -+func x_cgo_purego_setgroups(c *argset) { -+ ret := setgroups(uint32(uintptr(c.arg(0))), (*uint32)(c.arg(1))) -+ if ret == -1 { -+ c.retval = uintptr(errno()) -+ } else { -+ c.retval = uintptr(ret) -+ } -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/setenv.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/setenv.go -new file mode 100644 -index 00000000000000..f30af0e1515699 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/setenv.go -@@ -0,0 +1,19 @@ -+// Copyright 2011 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+//go:build !cgo && (darwin || freebsd || linux) -+ -+package fakecgo -+ -+import _ "unsafe" // for go:linkname -+ -+//go:linkname x_cgo_setenv_trampoline x_cgo_setenv_trampoline -+//go:linkname _cgo_setenv runtime._cgo_setenv -+var x_cgo_setenv_trampoline byte -+var _cgo_setenv = &x_cgo_setenv_trampoline -+ -+//go:linkname x_cgo_unsetenv_trampoline x_cgo_unsetenv_trampoline -+//go:linkname _cgo_unsetenv runtime._cgo_unsetenv -+var x_cgo_unsetenv_trampoline byte -+var _cgo_unsetenv = &x_cgo_unsetenv_trampoline -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_386.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_386.s -new file mode 100644 -index 00000000000000..cf56a6c71575eb ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_386.s -@@ -0,0 +1,121 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2026 The Ebitengine Authors -+ -+//go:build !cgo && (darwin || freebsd || linux) -+ -+#include "textflag.h" -+#include "go_asm.h" -+ -+// These trampolines map the gcc ABI to Go ABI0 and then call into the Go equivalent functions. -+// On i386, both GCC and Go use stack-based calling conventions. -+// -+// When C calls a function, the stack looks like: -+// 0(SP) = return address -+// 4(SP) = arg1 -+// 8(SP) = arg2 -+// ... -+// -+// When we declare a Go function with frame size $N-0, Go's prologue -+// effectively does SUB $N, SP, so the C arguments shift up by N bytes: -+// N+0(SP) = return address -+// N+4(SP) = arg1 -+// N+8(SP) = arg2 -+// -+// Go ABI0 on 386 expects arguments starting at 0(FP) which equals N+4(SP) -+// after the prologue (where N is the local frame size). -+ -+TEXT x_cgo_init_trampoline(SB), NOSPLIT, $8-0 -+ // C args at 12(SP) and 16(SP) after frame setup (8 bytes local + 4 bytes ret addr) -+ // Go function expects args at 0(SP) and 4(SP) in local frame -+ MOVL 12(SP), AX // first C arg -+ MOVL 16(SP), BX // second C arg -+ MOVL AX, 0(SP) // Go arg 1 -+ MOVL BX, 4(SP) // Go arg 2 -+ MOVL ·x_cgo_init_call(SB), CX -+ MOVL (CX), CX -+ CALL CX -+ RET -+ -+TEXT x_cgo_thread_start_trampoline(SB), NOSPLIT, $4-0 -+ // C args at 8(SP) after frame setup (4 bytes local + 4 bytes ret addr) -+ MOVL 8(SP), AX // first C arg -+ MOVL AX, 0(SP) // Go arg 1 -+ MOVL ·x_cgo_thread_start_call(SB), CX -+ MOVL (CX), CX -+ CALL CX -+ RET -+ -+TEXT x_cgo_setenv_trampoline(SB), NOSPLIT, $4-0 -+ MOVL 8(SP), AX // first C arg -+ MOVL AX, 0(SP) // Go arg 1 -+ MOVL ·x_cgo_setenv_call(SB), CX -+ MOVL (CX), CX -+ CALL CX -+ RET -+ -+TEXT x_cgo_unsetenv_trampoline(SB), NOSPLIT, $4-0 -+ MOVL 8(SP), AX // first C arg -+ MOVL AX, 0(SP) // Go arg 1 -+ MOVL ·x_cgo_unsetenv_call(SB), CX -+ MOVL (CX), CX -+ CALL CX -+ RET -+ -+TEXT x_cgo_notify_runtime_init_done_trampoline(SB), NOSPLIT, $0-0 -+ CALL ·x_cgo_notify_runtime_init_done(SB) -+ RET -+ -+TEXT x_cgo_bindm_trampoline(SB), NOSPLIT, $0 -+ CALL ·x_cgo_bindm(SB) -+ RET -+ -+// func setg_trampoline(setg uintptr, g uintptr) -+// This is called from Go, so args are at normal FP positions -+TEXT ·setg_trampoline(SB), NOSPLIT, $4-8 -+ MOVL g+4(FP), AX -+ MOVL setg+0(FP), BX -+ -+ // setg expects g in 0(SP) -+ MOVL AX, 0(SP) -+ CALL BX -+ RET -+ -+TEXT threadentry_trampoline(SB), NOSPLIT, $24-4 -+ // Save callee-saved registers -+ MOVL BP, 20(SP) -+ MOVL BX, 16(SP) -+ MOVL SI, 12(SP) -+ MOVL DI, 8(SP) -+ -+ // Move C argument (arg) to stack for Go function -+ MOVL arg+0(FP), AX -+ MOVL AX, 0(SP) -+ -+ MOVL ·threadentry_call(SB), CX -+ MOVL (CX), CX -+ CALL CX -+ -+ // Restore callee-saved registers -+ MOVL 8(SP), DI -+ MOVL 12(SP), SI -+ MOVL 16(SP), BX -+ MOVL 20(SP), BP -+ RET -+ -+TEXT ·call5(SB), NOSPLIT, $24-28 -+ MOVL fn+0(FP), AX -+ MOVL a1+4(FP), BX -+ MOVL a2+8(FP), CX -+ MOVL a3+12(FP), DX -+ MOVL a4+16(FP), SI -+ MOVL a5+20(FP), DI -+ -+ // Place arguments on local stack frame for C calling convention -+ MOVL BX, 0(SP) // a1 -+ MOVL CX, 4(SP) // a2 -+ MOVL DX, 8(SP) // a3 -+ MOVL SI, 12(SP) // a4 -+ MOVL DI, 16(SP) // a5 -+ CALL AX -+ MOVL AX, r1+24(FP) -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_amd64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_amd64.s -new file mode 100644 -index 00000000000000..a4ca5ea98214fd ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_amd64.s -@@ -0,0 +1,107 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2022 The Ebitengine Authors -+ -+//go:build !cgo && (darwin || freebsd || linux) -+ -+/* -+trampoline for emulating required C functions for cgo in go (see cgo.go) -+(we convert cdecl calling convention to go and vice-versa) -+ -+C Calling convention cdecl used here (we only need integer args): -+1. arg: DI -+2. arg: SI -+3. arg: DX -+4. arg: CX -+5. arg: R8 -+6. arg: R9 -+We don't need floats with these functions -> AX=0 -+return value will be in AX -+temporary register is R11 -+*/ -+#include "textflag.h" -+#include "go_asm.h" -+#include "abi_amd64.h" -+ -+// these trampolines map the gcc ABI to Go ABI and then calls into the Go equivalent functions. -+ -+TEXT x_cgo_init_trampoline(SB), NOSPLIT, $16 -+ MOVQ DI, AX -+ MOVQ SI, BX -+ MOVQ ·x_cgo_init_call(SB), R11 -+ MOVQ (R11), R11 -+ CALL R11 -+ RET -+ -+TEXT x_cgo_thread_start_trampoline(SB), NOSPLIT, $8 -+ MOVQ DI, AX -+ MOVQ ·x_cgo_thread_start_call(SB), R11 -+ MOVQ (R11), R11 -+ CALL R11 -+ RET -+ -+TEXT x_cgo_setenv_trampoline(SB), NOSPLIT, $8 -+ MOVQ DI, AX -+ MOVQ ·x_cgo_setenv_call(SB), R11 -+ MOVQ (R11), R11 -+ CALL R11 -+ RET -+ -+TEXT x_cgo_unsetenv_trampoline(SB), NOSPLIT, $8 -+ MOVQ DI, AX -+ MOVQ ·x_cgo_unsetenv_call(SB), R11 -+ MOVQ (R11), R11 -+ CALL R11 -+ RET -+ -+TEXT x_cgo_notify_runtime_init_done_trampoline(SB), NOSPLIT, $0 -+ JMP ·x_cgo_notify_runtime_init_done(SB) -+ -+TEXT x_cgo_bindm_trampoline(SB), NOSPLIT, $0 -+ JMP ·x_cgo_bindm(SB) -+ -+// func setg_trampoline(setg uintptr, g uintptr) -+TEXT ·setg_trampoline(SB), NOSPLIT, $0-16 -+ MOVQ G+8(FP), DI -+ MOVQ setg+0(FP), R11 -+ XORL AX, AX -+ CALL R11 -+ RET -+ -+TEXT threadentry_trampoline(SB), NOSPLIT, $0 -+ // See crosscall2. -+ PUSH_REGS_HOST_TO_ABI0() -+ -+ // X15 is designated by Go as a fixed zero register. -+ // Calling directly into ABIInternal, ensure it is zero. -+ PXOR X15, X15 -+ -+ MOVQ DI, AX -+ MOVQ ·threadentry_call(SB), R11 -+ MOVQ (R11), R11 -+ CALL R11 -+ -+ POP_REGS_HOST_TO_ABI0() -+ RET -+ -+TEXT ·call5(SB), NOSPLIT, $0-56 -+ MOVQ fn+0(FP), R11 -+ MOVQ a1+8(FP), DI -+ MOVQ a2+16(FP), SI -+ MOVQ a3+24(FP), DX -+ MOVQ a4+32(FP), CX -+ MOVQ a5+40(FP), R8 -+ -+ XORL AX, AX // no floats -+ -+ PUSHQ BP // save BP -+ MOVQ SP, BP // save SP inside BP bc BP is callee-saved -+ SUBQ $16, SP // allocate space for alignment -+ ANDQ $-16, SP // align on 16 bytes for SSE -+ -+ CALL R11 -+ -+ MOVQ BP, SP // get SP back -+ POPQ BP // restore BP -+ -+ MOVQ AX, ret+48(FP) -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_arm.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_arm.s -new file mode 100644 -index 00000000000000..c17925d60d6787 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_arm.s -@@ -0,0 +1,122 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2026 The Ebitengine Authors -+ -+//go:build !cgo && (darwin || freebsd || linux) -+ -+#include "textflag.h" -+#include "go_asm.h" -+ -+// These trampolines map the gcc ABI to Go ABI0 and then call into the Go equivalent functions. -+// On ARM32, Go ABI0 uses stack-based calling convention. -+// Arguments are placed on the stack starting at 4(SP) after the prologue. -+ -+TEXT x_cgo_init_trampoline(SB), NOSPLIT, $8-0 -+ MOVW R0, 4(R13) -+ MOVW R1, 8(R13) -+ MOVW ·x_cgo_init_call(SB), R12 -+ MOVW (R12), R12 -+ CALL (R12) -+ RET -+ -+TEXT x_cgo_thread_start_trampoline(SB), NOSPLIT, $8-0 -+ MOVW R0, 4(R13) -+ MOVW ·x_cgo_thread_start_call(SB), R12 -+ MOVW (R12), R12 -+ CALL (R12) -+ RET -+ -+TEXT x_cgo_setenv_trampoline(SB), NOSPLIT, $8-0 -+ MOVW R0, 4(R13) -+ MOVW ·x_cgo_setenv_call(SB), R12 -+ MOVW (R12), R12 -+ CALL (R12) -+ RET -+ -+TEXT x_cgo_unsetenv_trampoline(SB), NOSPLIT, $8-0 -+ MOVW R0, 4(R13) -+ MOVW ·x_cgo_unsetenv_call(SB), R12 -+ MOVW (R12), R12 -+ CALL (R12) -+ RET -+ -+TEXT x_cgo_notify_runtime_init_done_trampoline(SB), NOSPLIT, $0-0 -+ CALL ·x_cgo_notify_runtime_init_done(SB) -+ RET -+ -+TEXT x_cgo_bindm_trampoline(SB), NOSPLIT, $0 -+ CALL ·x_cgo_bindm(SB) -+ RET -+ -+// func setg_trampoline(setg uintptr, g uintptr) -+TEXT ·setg_trampoline(SB), NOSPLIT, $0-8 -+ MOVW G+4(FP), R0 -+ MOVW setg+0(FP), R12 -+ BL (R12) -+ RET -+ -+TEXT threadentry_trampoline(SB), NOSPLIT, $104-0 -+ // Save C callee-saved registers at C-to-Go boundary. -+ // See crosscall2 in asm_arm.s. -+ // ARM AAPCS callee-saved: R4-R11 (includes g=R10), D8-D15. -+ // LR is saved/restored by the Go-managed frame prologue/epilogue. -+ MOVW R0, 4(R13) // arg for threadentry_call -+ -+ MOVW R4, 8(R13) -+ MOVW R5, 12(R13) -+ MOVW R6, 16(R13) -+ MOVW R7, 20(R13) -+ MOVW R8, 24(R13) -+ MOVW R9, 28(R13) -+ MOVW g, 32(R13) // R10 -+ MOVW R11, 36(R13) -+ -+ MOVD F8, 40(R13) -+ MOVD F9, 48(R13) -+ MOVD F10, 56(R13) -+ MOVD F11, 64(R13) -+ MOVD F12, 72(R13) -+ MOVD F13, 80(R13) -+ MOVD F14, 88(R13) -+ MOVD F15, 96(R13) -+ -+ MOVW ·threadentry_call(SB), R12 -+ MOVW (R12), R12 -+ CALL (R12) -+ -+ MOVD 40(R13), F8 -+ MOVD 48(R13), F9 -+ MOVD 56(R13), F10 -+ MOVD 64(R13), F11 -+ MOVD 72(R13), F12 -+ MOVD 80(R13), F13 -+ MOVD 88(R13), F14 -+ MOVD 96(R13), F15 -+ -+ MOVW 8(R13), R4 -+ MOVW 12(R13), R5 -+ MOVW 16(R13), R6 -+ MOVW 20(R13), R7 -+ MOVW 24(R13), R8 -+ MOVW 28(R13), R9 -+ MOVW 32(R13), g -+ MOVW 36(R13), R11 -+ -+ RET -+ -+TEXT ·call5(SB), NOSPLIT, $8-28 -+ MOVW fn+0(FP), R12 -+ MOVW a1+4(FP), R0 -+ MOVW a2+8(FP), R1 -+ MOVW a3+12(FP), R2 -+ MOVW a4+16(FP), R3 -+ MOVW a5+20(FP), R4 -+ -+ // Store 5th arg below SP (in local frame area) -+ MOVW R4, arg5-8(SP) -+ -+ // Align SP to 8 bytes for call (required by ARM AAPCS) -+ SUB $8, R13 -+ CALL (R12) -+ ADD $8, R13 -+ MOVW R0, r1+24(FP) -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_arm64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_arm64.s -new file mode 100644 -index 00000000000000..1deb2747ad3245 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_arm64.s -@@ -0,0 +1,81 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2022 The Ebitengine Authors -+ -+//go:build !cgo && (darwin || freebsd || linux) -+ -+#include "textflag.h" -+#include "go_asm.h" -+#include "abi_arm64.h" -+ -+// These trampolines map the gcc ABI to Go ABIInternal and then calls into the Go equivalent functions. -+// Note that C arguments are passed in R0-R7, which matches Go ABIInternal for the first eight arguments. -+// R9 is used as a temporary register. -+ -+TEXT x_cgo_init_trampoline(SB), NOSPLIT, $0-0 -+ MOVD ·x_cgo_init_call(SB), R9 -+ MOVD (R9), R9 -+ CALL R9 -+ RET -+ -+TEXT x_cgo_thread_start_trampoline(SB), NOSPLIT, $0-0 -+ MOVD ·x_cgo_thread_start_call(SB), R9 -+ MOVD (R9), R9 -+ CALL R9 -+ RET -+ -+TEXT x_cgo_setenv_trampoline(SB), NOSPLIT, $0-0 -+ MOVD ·x_cgo_setenv_call(SB), R9 -+ MOVD (R9), R9 -+ CALL R9 -+ RET -+ -+TEXT x_cgo_unsetenv_trampoline(SB), NOSPLIT, $0-0 -+ MOVD ·x_cgo_unsetenv_call(SB), R9 -+ MOVD (R9), R9 -+ CALL R9 -+ RET -+ -+TEXT x_cgo_notify_runtime_init_done_trampoline(SB), NOSPLIT, $0-0 -+ CALL ·x_cgo_notify_runtime_init_done(SB) -+ RET -+ -+TEXT x_cgo_bindm_trampoline(SB), NOSPLIT, $0 -+ CALL ·x_cgo_bindm(SB) -+ RET -+ -+// func setg_trampoline(setg uintptr, g uintptr) -+TEXT ·setg_trampoline(SB), NOSPLIT, $0-16 -+ MOVD G+8(FP), R0 -+ MOVD setg+0(FP), R9 -+ CALL R9 -+ RET -+ -+TEXT threadentry_trampoline(SB), NOSPLIT, $0-0 -+ // See crosscall2. -+ SUB $(8*24), RSP -+ STP (R0, R1), (8*1)(RSP) -+ MOVD R3, (8*3)(RSP) -+ -+ SAVE_R19_TO_R28(8*4) -+ SAVE_F8_TO_F15(8*14) -+ -+ MOVD ·threadentry_call(SB), R9 -+ MOVD (R9), R9 -+ CALL R9 -+ MOVD $0, R0 // TODO: get the return value from threadentry -+ -+ RESTORE_R19_TO_R28(8*4) -+ RESTORE_F8_TO_F15(8*14) -+ ADD $(8*24), RSP -+ RET -+ -+TEXT ·call5(SB), NOSPLIT, $0-0 -+ MOVD fn+0(FP), R9 -+ MOVD a1+8(FP), R0 -+ MOVD a2+16(FP), R1 -+ MOVD a3+24(FP), R2 -+ MOVD a4+32(FP), R3 -+ MOVD a5+40(FP), R4 -+ CALL R9 -+ MOVD R0, ret+48(FP) -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_386.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_386.s -new file mode 100644 -index 00000000000000..eea96638fa9a9b ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_386.s -@@ -0,0 +1,78 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2026 The Ebitengine Authors -+ -+//go:build !cgo && linux -+ -+#include "textflag.h" -+ -+TEXT _cgo_purego_setegid_trampoline(SB), NOSPLIT, $4-0 -+ MOVL 8(SP), AX -+ MOVL AX, 0(SP) -+ MOVL ·x_cgo_purego_setegid_call(SB), CX -+ MOVL (CX), CX -+ CALL CX -+ RET -+ -+TEXT _cgo_purego_seteuid_trampoline(SB), NOSPLIT, $4-0 -+ MOVL 8(SP), AX -+ MOVL AX, 0(SP) -+ MOVL ·x_cgo_purego_seteuid_call(SB), CX -+ MOVL (CX), CX -+ CALL CX -+ RET -+ -+TEXT _cgo_purego_setgid_trampoline(SB), NOSPLIT, $4-0 -+ MOVL 8(SP), AX -+ MOVL AX, 0(SP) -+ MOVL ·x_cgo_purego_setgid_call(SB), CX -+ MOVL (CX), CX -+ CALL CX -+ RET -+ -+TEXT _cgo_purego_setregid_trampoline(SB), NOSPLIT, $4-0 -+ MOVL 8(SP), AX -+ MOVL AX, 0(SP) -+ MOVL ·x_cgo_purego_setregid_call(SB), CX -+ MOVL (CX), CX -+ CALL CX -+ RET -+ -+TEXT _cgo_purego_setresgid_trampoline(SB), NOSPLIT, $4-0 -+ MOVL 8(SP), AX -+ MOVL AX, 0(SP) -+ MOVL ·x_cgo_purego_setresgid_call(SB), CX -+ MOVL (CX), CX -+ CALL CX -+ RET -+ -+TEXT _cgo_purego_setresuid_trampoline(SB), NOSPLIT, $4-0 -+ MOVL 8(SP), AX -+ MOVL AX, 0(SP) -+ MOVL ·x_cgo_purego_setresuid_call(SB), CX -+ MOVL (CX), CX -+ CALL CX -+ RET -+ -+TEXT _cgo_purego_setreuid_trampoline(SB), NOSPLIT, $4-0 -+ MOVL 8(SP), AX -+ MOVL AX, 0(SP) -+ MOVL ·x_cgo_purego_setreuid_call(SB), CX -+ MOVL (CX), CX -+ CALL CX -+ RET -+ -+TEXT _cgo_purego_setuid_trampoline(SB), NOSPLIT, $4-0 -+ MOVL 8(SP), AX -+ MOVL AX, 0(SP) -+ MOVL ·x_cgo_purego_setuid_call(SB), CX -+ MOVL (CX), CX -+ CALL CX -+ RET -+ -+TEXT _cgo_purego_setgroups_trampoline(SB), NOSPLIT, $4-0 -+ MOVL 8(SP), AX -+ MOVL AX, 0(SP) -+ MOVL ·x_cgo_purego_setgroups_call(SB), CX -+ MOVL (CX), CX -+ CALL CX -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_amd64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_amd64.s -new file mode 100644 -index 00000000000000..424ebc1e7cbb42 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_amd64.s -@@ -0,0 +1,69 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2026 The Ebitengine Authors -+ -+//go:build !cgo && linux -+ -+#include "textflag.h" -+ -+TEXT _cgo_purego_setegid_trampoline(SB), NOSPLIT, $8 -+ MOVQ DI, AX -+ MOVQ ·x_cgo_purego_setegid_call(SB), R11 -+ MOVQ (R11), R11 -+ CALL R11 -+ RET -+ -+TEXT _cgo_purego_seteuid_trampoline(SB), NOSPLIT, $8 -+ MOVQ DI, AX -+ MOVQ ·x_cgo_purego_seteuid_call(SB), R11 -+ MOVQ (R11), R11 -+ CALL R11 -+ RET -+ -+TEXT _cgo_purego_setgid_trampoline(SB), NOSPLIT, $8 -+ MOVQ DI, AX -+ MOVQ ·x_cgo_purego_setgid_call(SB), R11 -+ MOVQ (R11), R11 -+ CALL R11 -+ RET -+ -+TEXT _cgo_purego_setregid_trampoline(SB), NOSPLIT, $8 -+ MOVQ DI, AX -+ MOVQ ·x_cgo_purego_setregid_call(SB), R11 -+ MOVQ (R11), R11 -+ CALL R11 -+ RET -+ -+TEXT _cgo_purego_setresgid_trampoline(SB), NOSPLIT, $8 -+ MOVQ DI, AX -+ MOVQ ·x_cgo_purego_setresgid_call(SB), R11 -+ MOVQ (R11), R11 -+ CALL R11 -+ RET -+ -+TEXT _cgo_purego_setresuid_trampoline(SB), NOSPLIT, $8 -+ MOVQ DI, AX -+ MOVQ ·x_cgo_purego_setresuid_call(SB), R11 -+ MOVQ (R11), R11 -+ CALL R11 -+ RET -+ -+TEXT _cgo_purego_setreuid_trampoline(SB), NOSPLIT, $8 -+ MOVQ DI, AX -+ MOVQ ·x_cgo_purego_setreuid_call(SB), R11 -+ MOVQ (R11), R11 -+ CALL R11 -+ RET -+ -+TEXT _cgo_purego_setuid_trampoline(SB), NOSPLIT, $8 -+ MOVQ DI, AX -+ MOVQ ·x_cgo_purego_setuid_call(SB), R11 -+ MOVQ (R11), R11 -+ CALL R11 -+ RET -+ -+TEXT _cgo_purego_setgroups_trampoline(SB), NOSPLIT, $8 -+ MOVQ DI, AX -+ MOVQ ·x_cgo_purego_setgroups_call(SB), R11 -+ MOVQ (R11), R11 -+ CALL R11 -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_arm.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_arm.s -new file mode 100644 -index 00000000000000..284fe5d0e3a87a ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_arm.s -@@ -0,0 +1,69 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2026 The Ebitengine Authors -+ -+//go:build !cgo && linux -+ -+#include "textflag.h" -+ -+TEXT _cgo_purego_setegid_trampoline(SB), NOSPLIT, $8-0 -+ MOVW R0, 4(R13) -+ MOVW ·x_cgo_purego_setegid_call(SB), R12 -+ MOVW (R12), R12 -+ CALL (R12) -+ RET -+ -+TEXT _cgo_purego_seteuid_trampoline(SB), NOSPLIT, $8-0 -+ MOVW R0, 4(R13) -+ MOVW ·x_cgo_purego_seteuid_call(SB), R12 -+ MOVW (R12), R12 -+ CALL (R12) -+ RET -+ -+TEXT _cgo_purego_setgid_trampoline(SB), NOSPLIT, $8-0 -+ MOVW R0, 4(R13) -+ MOVW ·x_cgo_purego_setgid_call(SB), R12 -+ MOVW (R12), R12 -+ CALL (R12) -+ RET -+ -+TEXT _cgo_purego_setregid_trampoline(SB), NOSPLIT, $8-0 -+ MOVW R0, 4(R13) -+ MOVW ·x_cgo_purego_setregid_call(SB), R12 -+ MOVW (R12), R12 -+ CALL (R12) -+ RET -+ -+TEXT _cgo_purego_setresgid_trampoline(SB), NOSPLIT, $8-0 -+ MOVW R0, 4(R13) -+ MOVW ·x_cgo_purego_setresgid_call(SB), R12 -+ MOVW (R12), R12 -+ CALL (R12) -+ RET -+ -+TEXT _cgo_purego_setresuid_trampoline(SB), NOSPLIT, $8-0 -+ MOVW R0, 4(R13) -+ MOVW ·x_cgo_purego_setresuid_call(SB), R12 -+ MOVW (R12), R12 -+ CALL (R12) -+ RET -+ -+TEXT _cgo_purego_setreuid_trampoline(SB), NOSPLIT, $8-0 -+ MOVW R0, 4(R13) -+ MOVW ·x_cgo_purego_setreuid_call(SB), R12 -+ MOVW (R12), R12 -+ CALL (R12) -+ RET -+ -+TEXT _cgo_purego_setuid_trampoline(SB), NOSPLIT, $8-0 -+ MOVW R0, 4(R13) -+ MOVW ·x_cgo_purego_setuid_call(SB), R12 -+ MOVW (R12), R12 -+ CALL (R12) -+ RET -+ -+TEXT _cgo_purego_setgroups_trampoline(SB), NOSPLIT, $8-0 -+ MOVW R0, 4(R13) -+ MOVW ·x_cgo_purego_setgroups_call(SB), R12 -+ MOVW (R12), R12 -+ CALL (R12) -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_arm64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_arm64.s -new file mode 100644 -index 00000000000000..771910817b7686 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_arm64.s -@@ -0,0 +1,60 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2026 The Ebitengine Authors -+ -+//go:build !cgo && linux -+ -+#include "textflag.h" -+ -+TEXT _cgo_purego_setegid_trampoline(SB), NOSPLIT, $0-0 -+ MOVD ·x_cgo_purego_setegid_call(SB), R9 -+ MOVD (R9), R9 -+ CALL R9 -+ RET -+ -+TEXT _cgo_purego_seteuid_trampoline(SB), NOSPLIT, $0-0 -+ MOVD ·x_cgo_purego_seteuid_call(SB), R9 -+ MOVD (R9), R9 -+ CALL R9 -+ RET -+ -+TEXT _cgo_purego_setgid_trampoline(SB), NOSPLIT, $0-0 -+ MOVD ·x_cgo_purego_setgid_call(SB), R9 -+ MOVD (R9), R9 -+ CALL R9 -+ RET -+ -+TEXT _cgo_purego_setregid_trampoline(SB), NOSPLIT, $0-0 -+ MOVD ·x_cgo_purego_setregid_call(SB), R9 -+ MOVD (R9), R9 -+ CALL R9 -+ RET -+ -+TEXT _cgo_purego_setresgid_trampoline(SB), NOSPLIT, $0-0 -+ MOVD ·x_cgo_purego_setresgid_call(SB), R9 -+ MOVD (R9), R9 -+ CALL R9 -+ RET -+ -+TEXT _cgo_purego_setresuid_trampoline(SB), NOSPLIT, $0-0 -+ MOVD ·x_cgo_purego_setresuid_call(SB), R9 -+ MOVD (R9), R9 -+ CALL R9 -+ RET -+ -+TEXT _cgo_purego_setreuid_trampoline(SB), NOSPLIT, $0-0 -+ MOVD ·x_cgo_purego_setreuid_call(SB), R9 -+ MOVD (R9), R9 -+ CALL R9 -+ RET -+ -+TEXT _cgo_purego_setuid_trampoline(SB), NOSPLIT, $0-0 -+ MOVD ·x_cgo_purego_setuid_call(SB), R9 -+ MOVD (R9), R9 -+ CALL R9 -+ RET -+ -+TEXT _cgo_purego_setgroups_trampoline(SB), NOSPLIT, $0-0 -+ MOVD ·x_cgo_purego_setgroups_call(SB), R9 -+ MOVD (R9), R9 -+ CALL R9 -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_loong64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_loong64.s -new file mode 100644 -index 00000000000000..ebcc1176c0a0a6 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_loong64.s -@@ -0,0 +1,60 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2026 The Ebitengine Authors -+ -+//go:build !cgo && linux -+ -+#include "textflag.h" -+ -+TEXT _cgo_purego_setegid_trampoline(SB), NOSPLIT, $8 -+ MOVV ·x_cgo_purego_setegid_call(SB), R23 -+ MOVV (R23), R23 -+ CALL (R23) -+ RET -+ -+TEXT _cgo_purego_seteuid_trampoline(SB), NOSPLIT, $8 -+ MOVV ·x_cgo_purego_seteuid_call(SB), R23 -+ MOVV (R23), R23 -+ CALL (R23) -+ RET -+ -+TEXT _cgo_purego_setgid_trampoline(SB), NOSPLIT, $8 -+ MOVV ·x_cgo_purego_setgid_call(SB), R23 -+ MOVV (R23), R23 -+ CALL (R23) -+ RET -+ -+TEXT _cgo_purego_setregid_trampoline(SB), NOSPLIT, $8 -+ MOVV ·x_cgo_purego_setregid_call(SB), R23 -+ MOVV (R23), R23 -+ CALL (R23) -+ RET -+ -+TEXT _cgo_purego_setresgid_trampoline(SB), NOSPLIT, $8 -+ MOVV ·x_cgo_purego_setresgid_call(SB), R23 -+ MOVV (R23), R23 -+ CALL (R23) -+ RET -+ -+TEXT _cgo_purego_setresuid_trampoline(SB), NOSPLIT, $8 -+ MOVV ·x_cgo_purego_setresuid_call(SB), R23 -+ MOVV (R23), R23 -+ CALL (R23) -+ RET -+ -+TEXT _cgo_purego_setreuid_trampoline(SB), NOSPLIT, $8 -+ MOVV ·x_cgo_purego_setreuid_call(SB), R23 -+ MOVV (R23), R23 -+ CALL (R23) -+ RET -+ -+TEXT _cgo_purego_setuid_trampoline(SB), NOSPLIT, $8 -+ MOVV ·x_cgo_purego_setuid_call(SB), R23 -+ MOVV (R23), R23 -+ CALL (R23) -+ RET -+ -+TEXT _cgo_purego_setgroups_trampoline(SB), NOSPLIT, $8 -+ MOVV ·x_cgo_purego_setgroups_call(SB), R23 -+ MOVV (R23), R23 -+ CALL (R23) -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_ppc64le.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_ppc64le.s -new file mode 100644 -index 00000000000000..59a95a929fb5c2 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_ppc64le.s -@@ -0,0 +1,69 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2026 The Ebitengine Authors -+ -+//go:build !cgo && linux -+ -+#include "textflag.h" -+ -+TEXT _cgo_purego_setegid_trampoline(SB), NOSPLIT, $8-0 -+ MOVD ·x_cgo_purego_setegid_call(SB), R12 -+ MOVD (R12), R12 -+ MOVD R12, CTR -+ CALL CTR -+ RET -+ -+TEXT _cgo_purego_seteuid_trampoline(SB), NOSPLIT, $8-0 -+ MOVD ·x_cgo_purego_seteuid_call(SB), R12 -+ MOVD (R12), R12 -+ MOVD R12, CTR -+ CALL CTR -+ RET -+ -+TEXT _cgo_purego_setgid_trampoline(SB), NOSPLIT, $8-0 -+ MOVD ·x_cgo_purego_setgid_call(SB), R12 -+ MOVD (R12), R12 -+ MOVD R12, CTR -+ CALL CTR -+ RET -+ -+TEXT _cgo_purego_setregid_trampoline(SB), NOSPLIT, $8-0 -+ MOVD ·x_cgo_purego_setregid_call(SB), R12 -+ MOVD (R12), R12 -+ MOVD R12, CTR -+ CALL CTR -+ RET -+ -+TEXT _cgo_purego_setresgid_trampoline(SB), NOSPLIT, $8-0 -+ MOVD ·x_cgo_purego_setresgid_call(SB), R12 -+ MOVD (R12), R12 -+ MOVD R12, CTR -+ CALL CTR -+ RET -+ -+TEXT _cgo_purego_setresuid_trampoline(SB), NOSPLIT, $8-0 -+ MOVD ·x_cgo_purego_setresuid_call(SB), R12 -+ MOVD (R12), R12 -+ MOVD R12, CTR -+ CALL CTR -+ RET -+ -+TEXT _cgo_purego_setreuid_trampoline(SB), NOSPLIT, $8-0 -+ MOVD ·x_cgo_purego_setreuid_call(SB), R12 -+ MOVD (R12), R12 -+ MOVD R12, CTR -+ CALL CTR -+ RET -+ -+TEXT _cgo_purego_setuid_trampoline(SB), NOSPLIT, $8-0 -+ MOVD ·x_cgo_purego_setuid_call(SB), R12 -+ MOVD (R12), R12 -+ MOVD R12, CTR -+ CALL CTR -+ RET -+ -+TEXT _cgo_purego_setgroups_trampoline(SB), NOSPLIT, $8-0 -+ MOVD ·x_cgo_purego_setgroups_call(SB), R12 -+ MOVD (R12), R12 -+ MOVD R12, CTR -+ CALL CTR -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_riscv64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_riscv64.s -new file mode 100644 -index 00000000000000..9e892dbd2daf71 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_riscv64.s -@@ -0,0 +1,60 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2026 The Ebitengine Authors -+ -+//go:build !cgo && linux -+ -+#include "textflag.h" -+ -+TEXT _cgo_purego_setegid_trampoline(SB), NOSPLIT, $8 -+ MOV ·x_cgo_purego_setegid_call(SB), X5 -+ MOV (X5), X5 -+ CALL X5 -+ RET -+ -+TEXT _cgo_purego_seteuid_trampoline(SB), NOSPLIT, $8 -+ MOV ·x_cgo_purego_seteuid_call(SB), X5 -+ MOV (X5), X5 -+ CALL X5 -+ RET -+ -+TEXT _cgo_purego_setgid_trampoline(SB), NOSPLIT, $8 -+ MOV ·x_cgo_purego_setgid_call(SB), X5 -+ MOV (X5), X5 -+ CALL X5 -+ RET -+ -+TEXT _cgo_purego_setregid_trampoline(SB), NOSPLIT, $8 -+ MOV ·x_cgo_purego_setregid_call(SB), X5 -+ MOV (X5), X5 -+ CALL X5 -+ RET -+ -+TEXT _cgo_purego_setresgid_trampoline(SB), NOSPLIT, $8 -+ MOV ·x_cgo_purego_setresgid_call(SB), X5 -+ MOV (X5), X5 -+ CALL X5 -+ RET -+ -+TEXT _cgo_purego_setresuid_trampoline(SB), NOSPLIT, $8 -+ MOV ·x_cgo_purego_setresuid_call(SB), X5 -+ MOV (X5), X5 -+ CALL X5 -+ RET -+ -+TEXT _cgo_purego_setreuid_trampoline(SB), NOSPLIT, $8 -+ MOV ·x_cgo_purego_setreuid_call(SB), X5 -+ MOV (X5), X5 -+ CALL X5 -+ RET -+ -+TEXT _cgo_purego_setuid_trampoline(SB), NOSPLIT, $8 -+ MOV ·x_cgo_purego_setuid_call(SB), X5 -+ MOV (X5), X5 -+ CALL X5 -+ RET -+ -+TEXT _cgo_purego_setgroups_trampoline(SB), NOSPLIT, $8 -+ MOV ·x_cgo_purego_setgroups_call(SB), X5 -+ MOV (X5), X5 -+ CALL X5 -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_s390x.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_s390x.s -new file mode 100644 -index 00000000000000..ce4247c989f4c1 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_linux_s390x.s -@@ -0,0 +1,53 @@ -+// Code generated by 'go generate' with gen.go. DO NOT EDIT. -+ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2022 The Ebitengine Authors -+ -+//go:build go1.27 && !cgo -+ -+#include "textflag.h" -+ -+TEXT _cgo_purego_setegid_trampoline(SB), NOSPLIT|NOFRAME, $0 -+ MOVD ·x_cgo_purego_setegid_call(SB), R1 -+ MOVD (R1), R1 -+ BR R1 -+ -+TEXT _cgo_purego_seteuid_trampoline(SB), NOSPLIT|NOFRAME, $0 -+ MOVD ·x_cgo_purego_seteuid_call(SB), R1 -+ MOVD (R1), R1 -+ BR R1 -+ -+TEXT _cgo_purego_setgid_trampoline(SB), NOSPLIT|NOFRAME, $0 -+ MOVD ·x_cgo_purego_setgid_call(SB), R1 -+ MOVD (R1), R1 -+ BR R1 -+ -+TEXT _cgo_purego_setregid_trampoline(SB), NOSPLIT|NOFRAME, $0 -+ MOVD ·x_cgo_purego_setregid_call(SB), R1 -+ MOVD (R1), R1 -+ BR R1 -+ -+TEXT _cgo_purego_setresgid_trampoline(SB), NOSPLIT|NOFRAME, $0 -+ MOVD ·x_cgo_purego_setresgid_call(SB), R1 -+ MOVD (R1), R1 -+ BR R1 -+ -+TEXT _cgo_purego_setresuid_trampoline(SB), NOSPLIT|NOFRAME, $0 -+ MOVD ·x_cgo_purego_setresuid_call(SB), R1 -+ MOVD (R1), R1 -+ BR R1 -+ -+TEXT _cgo_purego_setreuid_trampoline(SB), NOSPLIT|NOFRAME, $0 -+ MOVD ·x_cgo_purego_setreuid_call(SB), R1 -+ MOVD (R1), R1 -+ BR R1 -+ -+TEXT _cgo_purego_setuid_trampoline(SB), NOSPLIT|NOFRAME, $0 -+ MOVD ·x_cgo_purego_setuid_call(SB), R1 -+ MOVD (R1), R1 -+ BR R1 -+ -+TEXT _cgo_purego_setgroups_trampoline(SB), NOSPLIT|NOFRAME, $0 -+ MOVD ·x_cgo_purego_setgroups_call(SB), R1 -+ MOVD (R1), R1 -+ BR R1 -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_loong64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_loong64.s -new file mode 100644 -index 00000000000000..b93b5da90a8333 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_loong64.s -@@ -0,0 +1,78 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2025 The Ebitengine Authors -+ -+//go:build !cgo && (darwin || freebsd || linux) -+ -+#include "textflag.h" -+#include "go_asm.h" -+#include "abi_loong64.h" -+ -+// these trampolines map the gcc ABI to Go ABI and then calls into the Go equivalent functions. -+// R23 is used as temporary register. -+ -+TEXT x_cgo_init_trampoline(SB), NOSPLIT, $16 -+ MOVV ·x_cgo_init_call(SB), R23 -+ MOVV (R23), R23 -+ CALL (R23) -+ RET -+ -+TEXT x_cgo_thread_start_trampoline(SB), NOSPLIT, $8 -+ MOVV ·x_cgo_thread_start_call(SB), R23 -+ MOVV (R23), R23 -+ CALL (R23) -+ RET -+ -+TEXT x_cgo_setenv_trampoline(SB), NOSPLIT, $8 -+ MOVV ·x_cgo_setenv_call(SB), R23 -+ MOVV (R23), R23 -+ CALL (R23) -+ RET -+ -+TEXT x_cgo_unsetenv_trampoline(SB), NOSPLIT, $8 -+ MOVV ·x_cgo_unsetenv_call(SB), R23 -+ MOVV (R23), R23 -+ CALL (R23) -+ RET -+ -+TEXT x_cgo_notify_runtime_init_done_trampoline(SB), NOSPLIT, $0 -+ CALL ·x_cgo_notify_runtime_init_done(SB) -+ RET -+ -+TEXT x_cgo_bindm_trampoline(SB), NOSPLIT, $0 -+ CALL ·x_cgo_bindm(SB) -+ RET -+ -+// func setg_trampoline(setg uintptr, g uintptr) -+TEXT ·setg_trampoline(SB), NOSPLIT, $0 -+ MOVV G+8(FP), R4 -+ MOVV setg+0(FP), R23 -+ CALL (R23) -+ RET -+ -+TEXT threadentry_trampoline(SB), NOSPLIT, $176 -+ // See crosscall2. -+ MOVV R4, (1*8)(R3) // fn unsafe.Pointer -+ MOVV R5, (2*8)(R3) // a unsafe.Pointer -+ MOVV R7, (3*8)(R3) // ctxt uintptr -+ -+ SAVE_R22_TO_R31((4*8)) -+ SAVE_F24_TO_F31((14*8)) -+ -+ MOVV ·threadentry_call(SB), R23 -+ MOVV (R23), R23 -+ CALL (R23) -+ -+ RESTORE_R22_TO_R31((4*8)) -+ RESTORE_F24_TO_F31((14*8)) -+ RET -+ -+TEXT ·call5(SB), NOSPLIT, $0-0 -+ MOVV fn+0(FP), R23 -+ MOVV a1+8(FP), R4 -+ MOVV a2+16(FP), R5 -+ MOVV a3+24(FP), R6 -+ MOVV a4+32(FP), R7 -+ MOVV a5+40(FP), R8 -+ CALL (R23) -+ MOVV R4, ret+48(FP) -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_ppc64le.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_ppc64le.s -new file mode 100644 -index 00000000000000..444529d8ae820b ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_ppc64le.s -@@ -0,0 +1,128 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2026 The Ebitengine Authors -+ -+//go:build !cgo && (darwin || freebsd || linux) -+ -+#include "textflag.h" -+#include "go_asm.h" -+#include "abi_ppc64x.h" -+ -+// These trampolines map the C ABI to Go ABI and call into the Go equivalent functions. -+ -+TEXT x_cgo_init_trampoline(SB), NOSPLIT, $0-0 -+ MOVD ·x_cgo_init_call(SB), R12 -+ MOVD (R12), R12 -+ MOVD R12, CTR -+ CALL CTR -+ RET -+ -+TEXT x_cgo_thread_start_trampoline(SB), NOSPLIT, $0-0 -+ MOVD ·x_cgo_thread_start_call(SB), R12 -+ MOVD (R12), R12 -+ MOVD R12, CTR -+ CALL CTR -+ RET -+ -+TEXT x_cgo_setenv_trampoline(SB), NOSPLIT, $0-0 -+ MOVD ·x_cgo_setenv_call(SB), R12 -+ MOVD (R12), R12 -+ MOVD R12, CTR -+ CALL CTR -+ RET -+ -+TEXT x_cgo_unsetenv_trampoline(SB), NOSPLIT, $0-0 -+ MOVD ·x_cgo_unsetenv_call(SB), R12 -+ MOVD (R12), R12 -+ MOVD R12, CTR -+ CALL CTR -+ RET -+ -+TEXT x_cgo_notify_runtime_init_done_trampoline(SB), NOSPLIT, $0-0 -+ CALL ·x_cgo_notify_runtime_init_done(SB) -+ RET -+ -+TEXT x_cgo_bindm_trampoline(SB), NOSPLIT, $0-0 -+ CALL ·x_cgo_bindm(SB) -+ RET -+ -+// func setg_trampoline(setg uintptr, g uintptr) -+TEXT ·setg_trampoline(SB), NOSPLIT, $16-16 -+ MOVD R31, 8(R1) // save R31 (load_g clobbers it) -+ -+ MOVD setg+0(FP), R12 -+ MOVD newg+8(FP), R3 -+ -+ MOVD R12, CTR -+ CALL CTR -+ -+ CALL runtime·load_g(SB) -+ -+ MOVD 8(R1), R31 -+ XOR R0, R0, R0 -+ RET -+ -+TEXT threadentry_trampoline(SB), NOSPLIT|NOFRAME, $0-0 -+ // Called from C (pthread_create). Must save all C callee-saved registers. -+ // Uses NOFRAME for proper ELFv2 backchain via MOVDU. -+ MOVD LR, R0 -+ MOVD R0, 16(R1) -+ MOVW CR, R0 -+ MOVD R0, 8(R1) -+ -+ MOVDU R1, -320(R1) -+ -+ SAVE_GPR(32) -+ SAVE_FPR(32+SAVE_GPR_SIZE) -+ -+ MOVD $0, R0 -+ -+ MOVD ·threadentry_call(SB), R12 -+ MOVD (R12), R12 -+ MOVD R12, CTR -+ CALL CTR -+ -+ RESTORE_FPR(32+SAVE_GPR_SIZE) -+ RESTORE_GPR(32) -+ -+ ADD $320, R1 -+ -+ MOVD 16(R1), R0 -+ MOVD R0, LR -+ MOVD 8(R1), R0 -+ MOVW R0, CR -+ RET -+ -+TEXT ·call5(SB), NOSPLIT|NOFRAME, $0-56 -+ MOVD LR, R20 -+ MOVW CR, R21 -+ -+ // Load arguments from Go stack into C argument registers -+ // Go placed args at 32(R1), 40(R1), etc. -+ MOVD 32(R1), R12 // fn -+ MOVD 40(R1), R3 // a1 → first C arg -+ MOVD 48(R1), R4 // a2 → second C arg -+ MOVD 56(R1), R5 // a3 → third C arg -+ MOVD 64(R1), R6 // a4 → fourth C arg -+ MOVD 72(R1), R7 // a5 → fifth C arg -+ -+ MOVDU R1, -32(R1) -+ -+ MOVD R12, CTR -+ CALL CTR -+ -+ // Store return value -+ // After MOVDU -32, original 80(R1) is now at 80+32=112(R1) -+ MOVD R3, (80+32)(R1) -+ -+ // Deallocate frame -+ ADD $32, R1 -+ -+ // Clear R0 before returning to Go code. -+ // Go uses R0 as a constant 0 register for things like "std r0,X(r1)" -+ // to zero stack locations. C functions may leave garbage in R0. -+ XOR R0, R0, R0 -+ -+ // Restore LR/CR from non-volatile registers -+ MOVD R20, LR -+ MOVW R21, CR -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_riscv64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_riscv64.s -new file mode 100644 -index 00000000000000..b162fdde234629 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_riscv64.s -@@ -0,0 +1,76 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2026 The Ebitengine Authors -+ -+//go:build !cgo && (darwin || freebsd || linux) -+ -+#include "textflag.h" -+#include "go_asm.h" -+#include "abi_riscv64.h" -+ -+// these trampolines map the gcc ABI to Go ABI and then calls into the Go equivalent functions. -+// X5 is used as temporary register. -+ -+TEXT x_cgo_init_trampoline(SB), NOSPLIT, $16 -+ MOV ·x_cgo_init_call(SB), X5 -+ MOV (X5), X5 -+ CALL X5 -+ RET -+ -+TEXT x_cgo_thread_start_trampoline(SB), NOSPLIT, $8 -+ MOV ·x_cgo_thread_start_call(SB), X5 -+ MOV (X5), X5 -+ CALL X5 -+ RET -+ -+TEXT x_cgo_setenv_trampoline(SB), NOSPLIT, $8 -+ MOV ·x_cgo_setenv_call(SB), X5 -+ MOV (X5), X5 -+ CALL X5 -+ RET -+ -+TEXT x_cgo_unsetenv_trampoline(SB), NOSPLIT, $8 -+ MOV ·x_cgo_unsetenv_call(SB), X5 -+ MOV (X5), X5 -+ CALL X5 -+ RET -+ -+TEXT x_cgo_notify_runtime_init_done_trampoline(SB), NOSPLIT, $0 -+ CALL ·x_cgo_notify_runtime_init_done(SB) -+ RET -+ -+TEXT x_cgo_bindm_trampoline(SB), NOSPLIT, $0 -+ CALL ·x_cgo_bindm(SB) -+ RET -+ -+// func setg_trampoline(setg uintptr, g uintptr) -+TEXT ·setg_trampoline(SB), NOSPLIT, $0 -+ MOV gp+8(FP), X10 -+ MOV setg+0(FP), X5 -+ CALL X5 -+ RET -+ -+TEXT threadentry_trampoline(SB), NOSPLIT, $200 -+ MOV X10, 8(SP) -+ -+ SAVE_GPR(8*2) -+ SAVE_FPR(8*14) -+ -+ MOV ·threadentry_call(SB), X5 -+ MOV (X5), X5 -+ CALL X5 -+ -+ RESTORE_GPR(8*2) -+ RESTORE_FPR(8*14) -+ -+ RET -+ -+TEXT ·call5(SB), NOSPLIT, $0-48 -+ MOV fn+0(FP), X5 -+ MOV a1+8(FP), X10 -+ MOV a2+16(FP), X11 -+ MOV a3+24(FP), X12 -+ MOV a4+32(FP), X13 -+ MOV a5+40(FP), X14 -+ CALL X5 -+ MOV X10, ret+48(FP) -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_s390x.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_s390x.s -new file mode 100644 -index 00000000000000..2b68d438e4ec1d ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/trampolines_s390x.s -@@ -0,0 +1,154 @@ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2026 The Ebitengine Authors -+ -+//go:build go1.27 && !cgo && linux -+ -+#include "textflag.h" -+#include "go_asm.h" -+ -+// these trampolines map the gcc ABI to Go ABI and then calls into the Go equivalent functions. -+// Note that C arguments are passed in R2-R6, which matches Go ABIInternal for the first five arguments. -+// R1 is used as a temporary register. -+ -+TEXT x_cgo_init_trampoline(SB), NOSPLIT|NOFRAME, $0-0 -+ MOVD R15, R1 -+ SUB $192, R15 -+ MOVD R1, 0(R15) // backchain -+ MOVD R14, 160(R15) // save R14 -+ MOVD R9, 168(R15) // save R9 (Go runtime needs this preserved) -+ -+ MOVD ·x_cgo_init_call(SB), R1 -+ MOVD (R1), R1 -+ BL R1 -+ -+ MOVD 168(R15), R9 -+ MOVD 160(R15), R14 -+ ADD $192, R15 -+ BR R14 -+ -+TEXT x_cgo_thread_start_trampoline(SB), NOSPLIT|NOFRAME, $0-0 -+ MOVD R15, R1 -+ SUB $176, R15 -+ MOVD R1, 0(R15) // backchain -+ MOVD R14, 152(R15) // save R14 -+ -+ MOVD ·x_cgo_thread_start_call(SB), R1 -+ MOVD (R1), R1 -+ BL R1 -+ -+ MOVD 152(R15), R14 -+ ADD $176, R15 -+ BR R14 -+ -+TEXT x_cgo_setenv_trampoline(SB), NOSPLIT|NOFRAME, $0-0 -+ MOVD R15, R1 -+ SUB $176, R15 -+ MOVD R1, 0(R15) // backchain -+ MOVD R14, 152(R15) // save R14 -+ -+ MOVD ·x_cgo_setenv_call(SB), R1 -+ MOVD (R1), R1 -+ BL R1 -+ -+ MOVD 152(R15), R14 -+ ADD $176, R15 -+ BR R14 -+ -+TEXT x_cgo_unsetenv_trampoline(SB), NOSPLIT|NOFRAME, $0-0 -+ MOVD R15, R1 -+ SUB $176, R15 -+ MOVD R1, 0(R15) // backchain -+ MOVD R14, 152(R15) // save R14 -+ -+ MOVD ·x_cgo_unsetenv_call(SB), R1 -+ MOVD (R1), R1 -+ BL R1 -+ -+ MOVD 152(R15), R14 -+ ADD $176, R15 -+ BR R14 -+ -+// These just tail-call into Go functions -+TEXT x_cgo_notify_runtime_init_done_trampoline(SB), NOSPLIT|NOFRAME, $0-0 -+ BR ·x_cgo_notify_runtime_init_done(SB) -+ -+TEXT x_cgo_bindm_trampoline(SB), NOSPLIT|NOFRAME, $0-0 -+ BR ·x_cgo_bindm(SB) -+ -+// setg_trampoline(setg uintptr, g uintptr) - called from Go -+TEXT ·setg_trampoline(SB), NOSPLIT|NOFRAME, $0-16 -+ MOVD 8(R15), R1 // setg function pointer -+ MOVD 16(R15), R2 // g pointer -> C arg -+ -+ MOVD R14, R0 -+ MOVD R15, R3 -+ SUB $160, R15 -+ MOVD R3, 0(R15) -+ MOVD R0, 112(R15) -+ -+ BL R1 // call setg_gcc -+ BL runtime·load_g(SB) -+ -+ MOVD 112(R15), R14 -+ ADD $160, R15 -+ BR R14 -+ -+TEXT threadentry_trampoline(SB), NOSPLIT|NOFRAME, $0-0 -+ STMG R6, R15, 48(R15) // C save area -+ MOVD R15, R1 -+ SUB $176, R15 -+ MOVD R1, 0(R15) // backchain -+ -+ MOVD ·threadentry_call(SB), R1 -+ MOVD (R1), R1 -+ BL R1 -+ -+ ADD $176, R15 -+ LMG 48(R15), R6, R15 -+ RET -+ -+TEXT ·call5(SB), NOSPLIT|NOFRAME, $0-56 -+ // Load Go args before modifying R15 -+ MOVD 8(R15), R1 // fn -+ MOVD 16(R15), R7 // a1 -+ MOVD 24(R15), R8 // a2 -+ MOVD 32(R15), R9 // a3 -+ MOVD 40(R15), R10 // a4 -+ MOVD 48(R15), R11 // a5 -+ -+ // Save state -+ MOVD R15, R0 // original R15 -+ MOVD R12, R6 // Go's R12 -+ ADD $-128, R15 -+ -+ // Set up C frame with backchain -+ MOVD R0, 0(R15) // backchain -> original R15 -+ MOVD R0, R3 // R3 = original R15 (can't use R0 as base!) -+ MOVD 0(R3), R7 // save 0(original R15) -+ MOVD $0, 0(R3) // terminate backchain -+ -+ // Save context -+ MOVD R14, 8(R15) -+ MOVD R6, 16(R15) // R12 -+ MOVD R0, 24(R15) // original R15 -+ MOVD R7, 32(R15) // saved backchain -+ -+ // Set up C args (reload a1 since R7 was clobbered) -+ MOVD 16(R3), R2 // a1 (use R3 as base, not R0!) -+ MOVD R8, R3 // a2 -+ MOVD R9, R4 // a3 -+ MOVD R10, R5 // a4 -+ MOVD R11, R6 // a5 -+ -+ BL R1 -+ -+ // Store result and restore -+ MOVD 24(R15), R3 // original R15 -+ MOVD R2, 56(R3) // return value -+ MOVD 32(R15), R7 -+ MOVD R7, 0(R3) // restore backchain -+ -+ MOVD 8(R15), R14 -+ MOVD 16(R15), R12 -+ MOVD 24(R15), R15 -+ BR R14 -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols.go -new file mode 100644 -index 00000000000000..e1339193b9764d ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols.go -@@ -0,0 +1,165 @@ -+// Code generated by 'go generate' with gen.go. DO NOT EDIT. -+ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2022 The Ebitengine Authors -+ -+//go:build !cgo && (darwin || freebsd || linux) -+ -+package fakecgo -+ -+import ( -+ "syscall" -+ "unsafe" -+) -+ -+//go:nosplit -+//go:norace -+func malloc(size uintptr) unsafe.Pointer { -+ ret := call5(mallocABI0, uintptr(size), 0, 0, 0, 0) -+ // this indirection is to avoid go vet complaining about possible misuse of unsafe.Pointer -+ return *(*unsafe.Pointer)(unsafe.Pointer(&ret)) -+} -+ -+//go:nosplit -+//go:norace -+func free(ptr unsafe.Pointer) { -+ call5(freeABI0, uintptr(ptr), 0, 0, 0, 0) -+} -+ -+//go:nosplit -+//go:norace -+func setenv(name *byte, value *byte, overwrite int32) int32 { -+ return int32(call5(setenvABI0, uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(value)), uintptr(overwrite), 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func unsetenv(name *byte) int32 { -+ return int32(call5(unsetenvABI0, uintptr(unsafe.Pointer(name)), 0, 0, 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func sigfillset(set *sigset_t) int32 { -+ return int32(call5(sigfillsetABI0, uintptr(unsafe.Pointer(set)), 0, 0, 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func nanosleep(ts *syscall.Timespec, rem *syscall.Timespec) int32 { -+ return int32(call5(nanosleepABI0, uintptr(unsafe.Pointer(ts)), uintptr(unsafe.Pointer(rem)), 0, 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func abort() { -+ call5(abortABI0, 0, 0, 0, 0, 0) -+} -+ -+//go:nosplit -+//go:norace -+func pthread_attr_init(attr *pthread_attr_t) int32 { -+ return int32(call5(pthread_attr_initABI0, uintptr(unsafe.Pointer(attr)), 0, 0, 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func pthread_create(thread *pthread_t, attr *pthread_attr_t, start unsafe.Pointer, arg unsafe.Pointer) int32 { -+ return int32(call5(pthread_createABI0, uintptr(unsafe.Pointer(thread)), uintptr(unsafe.Pointer(attr)), uintptr(start), uintptr(arg), 0)) -+} -+ -+//go:nosplit -+//go:norace -+func pthread_detach(thread pthread_t) int32 { -+ return int32(call5(pthread_detachABI0, uintptr(thread), 0, 0, 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func pthread_sigmask(how sighow, ign *sigset_t, oset *sigset_t) int32 { -+ return int32(call5(pthread_sigmaskABI0, uintptr(how), uintptr(unsafe.Pointer(ign)), uintptr(unsafe.Pointer(oset)), 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func pthread_mutex_lock(mutex *pthread_mutex_t) int32 { -+ return int32(call5(pthread_mutex_lockABI0, uintptr(unsafe.Pointer(mutex)), 0, 0, 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func pthread_mutex_unlock(mutex *pthread_mutex_t) int32 { -+ return int32(call5(pthread_mutex_unlockABI0, uintptr(unsafe.Pointer(mutex)), 0, 0, 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func pthread_cond_broadcast(cond *pthread_cond_t) int32 { -+ return int32(call5(pthread_cond_broadcastABI0, uintptr(unsafe.Pointer(cond)), 0, 0, 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func pthread_setspecific(key pthread_key_t, value unsafe.Pointer) int32 { -+ return int32(call5(pthread_setspecificABI0, uintptr(key), uintptr(value), 0, 0, 0)) -+} -+ -+//go:linkname _malloc _malloc -+var _malloc uint8 -+var mallocABI0 = uintptr(unsafe.Pointer(&_malloc)) -+ -+//go:linkname _free _free -+var _free uint8 -+var freeABI0 = uintptr(unsafe.Pointer(&_free)) -+ -+//go:linkname _setenv _setenv -+var _setenv uint8 -+var setenvABI0 = uintptr(unsafe.Pointer(&_setenv)) -+ -+//go:linkname _unsetenv _unsetenv -+var _unsetenv uint8 -+var unsetenvABI0 = uintptr(unsafe.Pointer(&_unsetenv)) -+ -+//go:linkname _sigfillset _sigfillset -+var _sigfillset uint8 -+var sigfillsetABI0 = uintptr(unsafe.Pointer(&_sigfillset)) -+ -+//go:linkname _nanosleep _nanosleep -+var _nanosleep uint8 -+var nanosleepABI0 = uintptr(unsafe.Pointer(&_nanosleep)) -+ -+//go:linkname _abort _abort -+var _abort uint8 -+var abortABI0 = uintptr(unsafe.Pointer(&_abort)) -+ -+//go:linkname _pthread_attr_init _pthread_attr_init -+var _pthread_attr_init uint8 -+var pthread_attr_initABI0 = uintptr(unsafe.Pointer(&_pthread_attr_init)) -+ -+//go:linkname _pthread_create _pthread_create -+var _pthread_create uint8 -+var pthread_createABI0 = uintptr(unsafe.Pointer(&_pthread_create)) -+ -+//go:linkname _pthread_detach _pthread_detach -+var _pthread_detach uint8 -+var pthread_detachABI0 = uintptr(unsafe.Pointer(&_pthread_detach)) -+ -+//go:linkname _pthread_sigmask _pthread_sigmask -+var _pthread_sigmask uint8 -+var pthread_sigmaskABI0 = uintptr(unsafe.Pointer(&_pthread_sigmask)) -+ -+//go:linkname _pthread_mutex_lock _pthread_mutex_lock -+var _pthread_mutex_lock uint8 -+var pthread_mutex_lockABI0 = uintptr(unsafe.Pointer(&_pthread_mutex_lock)) -+ -+//go:linkname _pthread_mutex_unlock _pthread_mutex_unlock -+var _pthread_mutex_unlock uint8 -+var pthread_mutex_unlockABI0 = uintptr(unsafe.Pointer(&_pthread_mutex_unlock)) -+ -+//go:linkname _pthread_cond_broadcast _pthread_cond_broadcast -+var _pthread_cond_broadcast uint8 -+var pthread_cond_broadcastABI0 = uintptr(unsafe.Pointer(&_pthread_cond_broadcast)) -+ -+//go:linkname _pthread_setspecific _pthread_setspecific -+var _pthread_setspecific uint8 -+var pthread_setspecificABI0 = uintptr(unsafe.Pointer(&_pthread_setspecific)) -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_darwin.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_darwin.go -new file mode 100644 -index 00000000000000..960f8168eb88d7 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_darwin.go -@@ -0,0 +1,59 @@ -+// Code generated by 'go generate' with gen.go. DO NOT EDIT. -+ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2022 The Ebitengine Authors -+ -+//go:build !cgo -+ -+package fakecgo -+ -+import "unsafe" -+ -+//go:cgo_import_dynamic purego_malloc malloc "/usr/lib/libSystem.B.dylib" -+//go:cgo_import_dynamic purego_free free "/usr/lib/libSystem.B.dylib" -+//go:cgo_import_dynamic purego_setenv setenv "/usr/lib/libSystem.B.dylib" -+//go:cgo_import_dynamic purego_unsetenv unsetenv "/usr/lib/libSystem.B.dylib" -+//go:cgo_import_dynamic purego_sigfillset sigfillset "/usr/lib/libSystem.B.dylib" -+//go:cgo_import_dynamic purego_nanosleep nanosleep "/usr/lib/libSystem.B.dylib" -+//go:cgo_import_dynamic purego_abort abort "/usr/lib/libSystem.B.dylib" -+//go:cgo_import_dynamic purego_pthread_attr_init pthread_attr_init "/usr/lib/libSystem.B.dylib" -+//go:cgo_import_dynamic purego_pthread_create pthread_create "/usr/lib/libSystem.B.dylib" -+//go:cgo_import_dynamic purego_pthread_detach pthread_detach "/usr/lib/libSystem.B.dylib" -+//go:cgo_import_dynamic purego_pthread_sigmask pthread_sigmask "/usr/lib/libSystem.B.dylib" -+//go:cgo_import_dynamic purego_pthread_mutex_lock pthread_mutex_lock "/usr/lib/libSystem.B.dylib" -+//go:cgo_import_dynamic purego_pthread_mutex_unlock pthread_mutex_unlock "/usr/lib/libSystem.B.dylib" -+//go:cgo_import_dynamic purego_pthread_cond_broadcast pthread_cond_broadcast "/usr/lib/libSystem.B.dylib" -+//go:cgo_import_dynamic purego_pthread_setspecific pthread_setspecific "/usr/lib/libSystem.B.dylib" -+//go:cgo_import_dynamic purego_pthread_self pthread_self "/usr/lib/libSystem.B.dylib" -+//go:cgo_import_dynamic purego_pthread_get_stacksize_np pthread_get_stacksize_np "/usr/lib/libSystem.B.dylib" -+//go:cgo_import_dynamic purego_pthread_attr_setstacksize pthread_attr_setstacksize "/usr/lib/libSystem.B.dylib" -+ -+//go:nosplit -+//go:norace -+func pthread_self() pthread_t { -+ return pthread_t(call5(pthread_selfABI0, 0, 0, 0, 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func pthread_get_stacksize_np(thread pthread_t) size_t { -+ return size_t(call5(pthread_get_stacksize_npABI0, uintptr(thread), 0, 0, 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func pthread_attr_setstacksize(attr *pthread_attr_t, size size_t) int32 { -+ return int32(call5(pthread_attr_setstacksizeABI0, uintptr(unsafe.Pointer(attr)), uintptr(size), 0, 0, 0)) -+} -+ -+//go:linkname _pthread_self _pthread_self -+var _pthread_self uint8 -+var pthread_selfABI0 = uintptr(unsafe.Pointer(&_pthread_self)) -+ -+//go:linkname _pthread_get_stacksize_np _pthread_get_stacksize_np -+var _pthread_get_stacksize_np uint8 -+var pthread_get_stacksize_npABI0 = uintptr(unsafe.Pointer(&_pthread_get_stacksize_np)) -+ -+//go:linkname _pthread_attr_setstacksize _pthread_attr_setstacksize -+var _pthread_attr_setstacksize uint8 -+var pthread_attr_setstacksizeABI0 = uintptr(unsafe.Pointer(&_pthread_attr_setstacksize)) -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_freebsd.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_freebsd.go -new file mode 100644 -index 00000000000000..d69775596fddf3 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_freebsd.go -@@ -0,0 +1,48 @@ -+// Code generated by 'go generate' with gen.go. DO NOT EDIT. -+ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2022 The Ebitengine Authors -+ -+//go:build !cgo -+ -+package fakecgo -+ -+import "unsafe" -+ -+//go:cgo_import_dynamic purego_malloc malloc "libc.so.7" -+//go:cgo_import_dynamic purego_free free "libc.so.7" -+//go:cgo_import_dynamic purego_setenv setenv "libc.so.7" -+//go:cgo_import_dynamic purego_unsetenv unsetenv "libc.so.7" -+//go:cgo_import_dynamic purego_sigfillset sigfillset "libc.so.7" -+//go:cgo_import_dynamic purego_nanosleep nanosleep "libc.so.7" -+//go:cgo_import_dynamic purego_abort abort "libc.so.7" -+//go:cgo_import_dynamic purego_pthread_attr_init pthread_attr_init "libpthread.so" -+//go:cgo_import_dynamic purego_pthread_create pthread_create "libpthread.so" -+//go:cgo_import_dynamic purego_pthread_detach pthread_detach "libpthread.so" -+//go:cgo_import_dynamic purego_pthread_sigmask pthread_sigmask "libpthread.so" -+//go:cgo_import_dynamic purego_pthread_mutex_lock pthread_mutex_lock "libpthread.so" -+//go:cgo_import_dynamic purego_pthread_mutex_unlock pthread_mutex_unlock "libpthread.so" -+//go:cgo_import_dynamic purego_pthread_cond_broadcast pthread_cond_broadcast "libpthread.so" -+//go:cgo_import_dynamic purego_pthread_setspecific pthread_setspecific "libpthread.so" -+//go:cgo_import_dynamic purego_pthread_attr_getstacksize pthread_attr_getstacksize "libpthread.so" -+//go:cgo_import_dynamic purego_pthread_attr_destroy pthread_attr_destroy "libpthread.so" -+ -+//go:nosplit -+//go:norace -+func pthread_attr_getstacksize(attr *pthread_attr_t, stacksize *size_t) int32 { -+ return int32(call5(pthread_attr_getstacksizeABI0, uintptr(unsafe.Pointer(attr)), uintptr(unsafe.Pointer(stacksize)), 0, 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func pthread_attr_destroy(attr *pthread_attr_t) int32 { -+ return int32(call5(pthread_attr_destroyABI0, uintptr(unsafe.Pointer(attr)), 0, 0, 0, 0)) -+} -+ -+//go:linkname _pthread_attr_getstacksize _pthread_attr_getstacksize -+var _pthread_attr_getstacksize uint8 -+var pthread_attr_getstacksizeABI0 = uintptr(unsafe.Pointer(&_pthread_attr_getstacksize)) -+ -+//go:linkname _pthread_attr_destroy _pthread_attr_destroy -+var _pthread_attr_destroy uint8 -+var pthread_attr_destroyABI0 = uintptr(unsafe.Pointer(&_pthread_attr_destroy)) -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_linux.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_linux.go -new file mode 100644 -index 00000000000000..cbb120431ab6bb ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/zsymbols_linux.go -@@ -0,0 +1,158 @@ -+// Code generated by 'go generate' with gen.go. DO NOT EDIT. -+ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2022 The Ebitengine Authors -+ -+//go:build !cgo -+ -+package fakecgo -+ -+import "unsafe" -+ -+//go:cgo_import_dynamic purego_malloc malloc "libc.so.6" -+//go:cgo_import_dynamic purego_free free "libc.so.6" -+//go:cgo_import_dynamic purego_setenv setenv "libc.so.6" -+//go:cgo_import_dynamic purego_unsetenv unsetenv "libc.so.6" -+//go:cgo_import_dynamic purego_sigfillset sigfillset "libc.so.6" -+//go:cgo_import_dynamic purego_nanosleep nanosleep "libc.so.6" -+//go:cgo_import_dynamic purego_abort abort "libc.so.6" -+//go:cgo_import_dynamic purego___errno_location __errno_location "libc.so.6" -+//go:cgo_import_dynamic purego_setegid setegid "libc.so.6" -+//go:cgo_import_dynamic purego_seteuid seteuid "libc.so.6" -+//go:cgo_import_dynamic purego_setgid setgid "libc.so.6" -+//go:cgo_import_dynamic purego_setregid setregid "libc.so.6" -+//go:cgo_import_dynamic purego_setresgid setresgid "libc.so.6" -+//go:cgo_import_dynamic purego_setresuid setresuid "libc.so.6" -+//go:cgo_import_dynamic purego_setreuid setreuid "libc.so.6" -+//go:cgo_import_dynamic purego_setuid setuid "libc.so.6" -+//go:cgo_import_dynamic purego_setgroups setgroups "libc.so.6" -+//go:cgo_import_dynamic purego_pthread_attr_init pthread_attr_init "libpthread.so.0" -+//go:cgo_import_dynamic purego_pthread_create pthread_create "libpthread.so.0" -+//go:cgo_import_dynamic purego_pthread_detach pthread_detach "libpthread.so.0" -+//go:cgo_import_dynamic purego_pthread_sigmask pthread_sigmask "libpthread.so.0" -+//go:cgo_import_dynamic purego_pthread_mutex_lock pthread_mutex_lock "libpthread.so.0" -+//go:cgo_import_dynamic purego_pthread_mutex_unlock pthread_mutex_unlock "libpthread.so.0" -+//go:cgo_import_dynamic purego_pthread_cond_broadcast pthread_cond_broadcast "libpthread.so.0" -+//go:cgo_import_dynamic purego_pthread_setspecific pthread_setspecific "libpthread.so.0" -+//go:cgo_import_dynamic purego_pthread_attr_getstacksize pthread_attr_getstacksize "libpthread.so.0" -+//go:cgo_import_dynamic purego_pthread_attr_destroy pthread_attr_destroy "libpthread.so.0" -+ -+//go:nosplit -+//go:norace -+func __errno_location() uintptr { -+ return uintptr(call5(__errno_locationABI0, 0, 0, 0, 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func setegid(egid uint32) int32 { -+ return int32(call5(setegidABI0, uintptr(egid), 0, 0, 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func seteuid(euid uint32) int32 { -+ return int32(call5(seteuidABI0, uintptr(euid), 0, 0, 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func setgid(gid uint32) int32 { -+ return int32(call5(setgidABI0, uintptr(gid), 0, 0, 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func setregid(rgid uint32, egid uint32) int32 { -+ return int32(call5(setregidABI0, uintptr(rgid), uintptr(egid), 0, 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func setresgid(rgid uint32, egid uint32, sgid uint32) int32 { -+ return int32(call5(setresgidABI0, uintptr(rgid), uintptr(egid), uintptr(sgid), 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func setresuid(ruid uint32, euid uint32, suid uint32) int32 { -+ return int32(call5(setresuidABI0, uintptr(ruid), uintptr(euid), uintptr(suid), 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func setreuid(ruid uint32, euid uint32) int32 { -+ return int32(call5(setreuidABI0, uintptr(ruid), uintptr(euid), 0, 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func setuid(uid uint32) int32 { -+ return int32(call5(setuidABI0, uintptr(uid), 0, 0, 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func setgroups(ngid uint32, gidset *uint32) int32 { -+ return int32(call5(setgroupsABI0, uintptr(ngid), uintptr(unsafe.Pointer(gidset)), 0, 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func pthread_attr_getstacksize(attr *pthread_attr_t, stacksize *size_t) int32 { -+ return int32(call5(pthread_attr_getstacksizeABI0, uintptr(unsafe.Pointer(attr)), uintptr(unsafe.Pointer(stacksize)), 0, 0, 0)) -+} -+ -+//go:nosplit -+//go:norace -+func pthread_attr_destroy(attr *pthread_attr_t) int32 { -+ return int32(call5(pthread_attr_destroyABI0, uintptr(unsafe.Pointer(attr)), 0, 0, 0, 0)) -+} -+ -+//go:linkname ___errno_location ___errno_location -+var ___errno_location uint8 -+var __errno_locationABI0 = uintptr(unsafe.Pointer(&___errno_location)) -+ -+//go:linkname _setegid _setegid -+var _setegid uint8 -+var setegidABI0 = uintptr(unsafe.Pointer(&_setegid)) -+ -+//go:linkname _seteuid _seteuid -+var _seteuid uint8 -+var seteuidABI0 = uintptr(unsafe.Pointer(&_seteuid)) -+ -+//go:linkname _setgid _setgid -+var _setgid uint8 -+var setgidABI0 = uintptr(unsafe.Pointer(&_setgid)) -+ -+//go:linkname _setregid _setregid -+var _setregid uint8 -+var setregidABI0 = uintptr(unsafe.Pointer(&_setregid)) -+ -+//go:linkname _setresgid _setresgid -+var _setresgid uint8 -+var setresgidABI0 = uintptr(unsafe.Pointer(&_setresgid)) -+ -+//go:linkname _setresuid _setresuid -+var _setresuid uint8 -+var setresuidABI0 = uintptr(unsafe.Pointer(&_setresuid)) -+ -+//go:linkname _setreuid _setreuid -+var _setreuid uint8 -+var setreuidABI0 = uintptr(unsafe.Pointer(&_setreuid)) -+ -+//go:linkname _setuid _setuid -+var _setuid uint8 -+var setuidABI0 = uintptr(unsafe.Pointer(&_setuid)) -+ -+//go:linkname _setgroups _setgroups -+var _setgroups uint8 -+var setgroupsABI0 = uintptr(unsafe.Pointer(&_setgroups)) -+ -+//go:linkname _pthread_attr_getstacksize _pthread_attr_getstacksize -+var _pthread_attr_getstacksize uint8 -+var pthread_attr_getstacksizeABI0 = uintptr(unsafe.Pointer(&_pthread_attr_getstacksize)) -+ -+//go:linkname _pthread_attr_destroy _pthread_attr_destroy -+var _pthread_attr_destroy uint8 -+var pthread_attr_destroyABI0 = uintptr(unsafe.Pointer(&_pthread_attr_destroy)) -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_darwin.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_darwin.s -new file mode 100644 -index 00000000000000..35ef7ac11cb955 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_darwin.s -@@ -0,0 +1,19 @@ -+// Code generated by 'go generate' with gen.go. DO NOT EDIT. -+ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2022 The Ebitengine Authors -+ -+//go:build !cgo -+ -+#include "textflag.h" -+ -+// these stubs are here because it is not possible to go:linkname directly the C functions -+ -+TEXT _pthread_self(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_pthread_self(SB) -+ -+TEXT _pthread_get_stacksize_np(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_pthread_get_stacksize_np(SB) -+ -+TEXT _pthread_attr_setstacksize(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_pthread_attr_setstacksize(SB) -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_freebsd.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_freebsd.s -new file mode 100644 -index 00000000000000..da07005c0bc988 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_freebsd.s -@@ -0,0 +1,16 @@ -+// Code generated by 'go generate' with gen.go. DO NOT EDIT. -+ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2022 The Ebitengine Authors -+ -+//go:build !cgo -+ -+#include "textflag.h" -+ -+// these stubs are here because it is not possible to go:linkname directly the C functions -+ -+TEXT _pthread_attr_getstacksize(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_pthread_attr_getstacksize(SB) -+ -+TEXT _pthread_attr_destroy(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_pthread_attr_destroy(SB) -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_linux.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_linux.s -new file mode 100644 -index 00000000000000..ba2cb38918d538 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_linux.s -@@ -0,0 +1,46 @@ -+// Code generated by 'go generate' with gen.go. DO NOT EDIT. -+ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2022 The Ebitengine Authors -+ -+//go:build !cgo -+ -+#include "textflag.h" -+ -+// these stubs are here because it is not possible to go:linkname directly the C functions -+ -+TEXT ___errno_location(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego___errno_location(SB) -+ -+TEXT _setegid(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_setegid(SB) -+ -+TEXT _seteuid(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_seteuid(SB) -+ -+TEXT _setgid(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_setgid(SB) -+ -+TEXT _setregid(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_setregid(SB) -+ -+TEXT _setresgid(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_setresgid(SB) -+ -+TEXT _setresuid(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_setresuid(SB) -+ -+TEXT _setreuid(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_setreuid(SB) -+ -+TEXT _setuid(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_setuid(SB) -+ -+TEXT _setgroups(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_setgroups(SB) -+ -+TEXT _pthread_attr_getstacksize(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_pthread_attr_getstacksize(SB) -+ -+TEXT _pthread_attr_destroy(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_pthread_attr_destroy(SB) -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_stubs.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_stubs.s -new file mode 100644 -index 00000000000000..067583d68517a9 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/fakecgo/ztrampolines_stubs.s -@@ -0,0 +1,55 @@ -+// Code generated by 'go generate' with gen.go. DO NOT EDIT. -+ -+// SPDX-License-Identifier: Apache-2.0 -+// SPDX-FileCopyrightText: 2022 The Ebitengine Authors -+ -+//go:build !cgo && (darwin || freebsd || linux) -+ -+#include "textflag.h" -+ -+// these stubs are here because it is not possible to go:linkname directly the C functions -+ -+TEXT _malloc(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_malloc(SB) -+ -+TEXT _free(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_free(SB) -+ -+TEXT _setenv(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_setenv(SB) -+ -+TEXT _unsetenv(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_unsetenv(SB) -+ -+TEXT _sigfillset(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_sigfillset(SB) -+ -+TEXT _nanosleep(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_nanosleep(SB) -+ -+TEXT _abort(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_abort(SB) -+ -+TEXT _pthread_attr_init(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_pthread_attr_init(SB) -+ -+TEXT _pthread_create(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_pthread_create(SB) -+ -+TEXT _pthread_detach(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_pthread_detach(SB) -+ -+TEXT _pthread_sigmask(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_pthread_sigmask(SB) -+ -+TEXT _pthread_mutex_lock(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_pthread_mutex_lock(SB) -+ -+TEXT _pthread_mutex_unlock(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_pthread_mutex_unlock(SB) -+ -+TEXT _pthread_cond_broadcast(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_pthread_cond_broadcast(SB) -+ -+TEXT _pthread_setspecific(SB), NOSPLIT|NOFRAME, $0-0 -+ JMP purego_pthread_setspecific(SB) -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_386.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_386.s -new file mode 100644 -index 00000000000000..4442c19e74564e ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_386.s -@@ -0,0 +1,101 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+// Copyright 2026 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+//go:build !cgo -+ -+#include "go_asm.h" -+#include "textflag.h" -+ -+TEXT ·syscallNSystemStack_trampoline(SB), NOSPLIT, $16-0 -+ MOVL 20(SP), AX // libcArgs from C caller (frame_size + ret_addr = 16 + 4) -+ MOVL AX, 0(SP) // pass to Go function -+ CALL ·syscallNSystemStack(SB) -+ RET -+ -+TEXT ·syscallNAsm(SB), NOSPLIT, $16-4 -+ // Frame layout: 16 bytes local storage -+ // 0(SP) - saved BP (original SP) -+ // 4(SP) - saved libcArgs pointer -+ // 8(SP) - saved fn pointer -+ // 12(SP) - scratch -+ -+ // Load args pointer FIRST before any stack modifications -+ MOVL libcArgs+0(FP), SI -+ -+ // Save original SP and libcArgs in local frame -+ MOVL SP, BP -+ ADDL $16, BP // BP = original SP (before frame allocation) -+ MOVL BP, 0(SP) // save original SP -+ MOVL SI, 4(SP) // save libcArgs pointer -+ -+ // Load struct fields -+ MOVL libcCallInfo_fn(SI), AX -+ MOVL AX, 8(SP) // save fn pointer -+ MOVL libcCallInfo_n(SI), CX -+ MOVL libcCallInfo_args(SI), BX -+ -+ // Allocate 16 bytes for fast path (0-3 args) -+ MOVL SP, BP -+ SUBL $16, SP -+ -+ // Fast path for 0-3 args, otherwise fall through to manyargs -+ CMPL CX, $0; JE _0args -+ CMPL CX, $1; JE _1args -+ CMPL CX, $2; JE _2args -+ CMPL CX, $3; JE _3args -+ -+ // manyargs: 4+ args, restore SP and reallocate -+ MOVL BP, SP -+ -+ // Calculate stack space needed: n*4 bytes, aligned to 16 -+ MOVL CX, AX -+ SHLL $2, AX // AX = n * 4 -+ ADDL $15, AX -+ ANDL $~15, AX // 16-byte align -+ SUBL AX, SP -+ -+ // Copy all args to stack -+ // BX = args pointer, CX = count, DI = dest -+ MOVL SP, DI -+ -+copy_loop: -+ DECL CX -+ MOVL (BX)(CX*4), AX -+ MOVL AX, (DI)(CX*4) -+ CMPL CX, $0 -+ JNE copy_loop -+ JMP _0args -+ -+// Fast path: fall through to copy args -+_3args: -+ MOVL 8(BX), AX -+ MOVL AX, 8(SP) -+ -+_2args: -+ MOVL 4(BX), AX -+ MOVL AX, 4(SP) -+ -+_1args: -+ MOVL 0(BX), AX -+ MOVL AX, 0(SP) -+ -+_0args: -+ MOVL 8(BP), DX // fn pointer from saved location -+ CALL DX -+ MOVL BP, SP -+ -+ret: -+ // Reload libcArgs pointer from saved location -+ MOVL 4(SP), SI -+ -+ // Save return values (AX already has r1, need to save DX before it's clobbered) -+ MOVL DX, 12(SP) // temporarily save r2 -+ MOVL AX, libcCallInfo_r1(SI) -+ MOVL 12(SP), AX -+ MOVL AX, libcCallInfo_r2(SI) -+ -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_amd64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_amd64.s -new file mode 100644 -index 00000000000000..8be7dba90de142 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_amd64.s -@@ -0,0 +1,123 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+// Copyright 2009 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+//go:build !cgo -+ -+#include "go_asm.h" -+#include "textflag.h" -+ -+TEXT ·syscallNSystemStack_trampoline(SB), NOSPLIT, $16 -+#ifdef GOOS_windows -+ MOVQ CX, 0(SP) -+ -+#else -+ MOVQ DI, 0(SP) -+ -+#endif -+ CALL ·syscallNSystemStack(SB) -+ RET -+ -+#ifdef GOOS_windows -+#define RegArgsN 4 -+#else -+#define RegArgsN 6 -+#endif -+ -+TEXT ·syscallNAsm(SB), NOSPLIT, $16-8 -+ // Load pointer from stack (ABI0 calling convention) -+ // Store argument and original SP in a callee-saved register -+ MOVQ libcArgs+0(FP), R13 -+ MOVQ SP, R14 -+ -+ // Align stack to 16 bytes -+ ANDQ $~15, SP -+ -+ MOVQ libcCallInfo_fn(R13), R11 -+ MOVQ libcCallInfo_n(R13), CX -+ MOVQ libcCallInfo_args(R13), R10 -+ -+ // Fast version, do not store args on the stack. -+ CMPL CX, $0; JE _0args -+ CMPL CX, $1; JE _1args -+ CMPL CX, $2; JE _2args -+ CMPL CX, $3; JE _3args -+ CMPL CX, $4; JE _4args -+ -+#ifndef GOOS_windows // Windows does not pass more than 4 args in registers -+ CMPL CX, $5; JE _5args -+ CMPL CX, $6; JE _6args -+ -+#endif -+ -+ // Reserve stack space for remaining args -+ MOVQ CX, R12 -+ SUBQ $RegArgsN, R12 -+ ADDQ $1, R12 // make even number of words for stack alignment -+ ANDQ $~1, R12 -+ SHLQ $3, R12 -+ SUBQ R12, SP -+ -+ // Copy args to the stack. -+ // CX: count of stack arguments (n-RegArgsN) -+ // SI: &args[RegArgsN] -+ // DI: copy of RSP -+ SUBQ $RegArgsN, CX -+ MOVQ R10, SI -+ ADDQ $(8*RegArgsN), SI -+ MOVQ SP, DI -+ CLD -+ REP; MOVSQ -+ -+#ifndef GOOS_windows -+_6args: -+ MOVQ (5*8)(R10), R9 -+ -+_5args: -+ MOVQ (4*8)(R10), R8 -+ -+#endif -+_4args: -+ MOVQ (3*8)(R10), CX -+ -+_3args: -+ MOVQ (2*8)(R10), DX -+ -+_2args: -+ MOVQ (1*8)(R10), SI -+ -+_1args: -+ MOVQ (0*8)(R10), DI -+ -+_0args: -+ -+ XORL AX, AX // vararg: say "no float args" -+ -+#ifdef GOOS_windows -+ // Windows x64 syscall ABI: first four integer args in CX, DX, R8, R9 -+ // and 32 bytes of shadow space on the stack. -+ ADJSP $32 -+ MOVQ CX, R9 -+ MOVQ DX, R8 -+ MOVQ SI, DX -+ MOVQ DI, CX -+ -+#endif -+ -+ CALL R11 -+ -+#ifdef GOOS_windows -+ ADJSP $-32 -+ -+#endif -+ -+ MOVQ R14, SP // free stack space -+ -+ // Return result. -+ MOVQ AX, libcCallInfo_r1(R13) -+ MOVQ DX, libcCallInfo_r2(R13) -+ -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_arm.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_arm.s -new file mode 100644 -index 00000000000000..948ff9cf4a84e1 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_arm.s -@@ -0,0 +1,107 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+// Copyright 2026 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+//go:build !cgo -+ -+#include "go_asm.h" -+#include "textflag.h" -+ -+TEXT ·syscallNSystemStack_trampoline(SB), NOSPLIT, $8 -+ MOVW R0, 4(R13) -+ CALL ·syscallNSystemStack(SB) -+ RET -+ -+TEXT ·syscallNAsm(SB), NOSPLIT, $0-4 -+ // Load args pointer first, before modifying SP -+ MOVW libcArgs+0(FP), R0 -+ -+ // Save callee-saved registers R4-R7 and LR. -+ // We use R4 for libcArgs pointer. -+ // We use R5 for args pointer. -+ // We use R6 for n, then reused for saving SP. -+ // We use R7 for scratch. -+ MOVM.DB.W [R4-R7, R14], (R13) -+ -+ MOVW R0, R4 // Move libcArgs to R4 -+ -+ MOVW libcCallInfo_n(R4), R6 -+ MOVW libcCallInfo_args(R4), R5 -+ MOVW libcCallInfo_fn(R4), R12 -+ -+ CMP $4, R6 -+ BGT args_stack -+ -+ CMP $0, R6 -+ BEQ call -+ CMP $1, R6 -+ BEQ args_1 -+ CMP $2, R6 -+ BEQ args_2 -+ CMP $3, R6 -+ BEQ args_3 -+ -+args_4: -+ MOVM.IA (R5), [R0, R1, R2, R3] -+ B call -+ -+args_3: -+ MOVM.IA (R5), [R0, R1, R2] -+ B call -+ -+args_2: -+ MOVM.IA (R5), [R0, R1] -+ B call -+ -+args_1: -+ MOVW (R5), R0 -+ B call -+ -+args_stack: -+ // Calculate stack space needed: (n-4)*4 -+ SUB $4, R6, R7 -+ MOVW R7, R2 -+ SLL $2, R2 // bytes -+ -+ // Save SP (R6 is free now, n no longer needed) -+ MOVW R13, R6 -+ -+ // Allocate stack -+ SUB R2, R13 -+ BIC $7, R13 // Align to 8 bytes -+ -+ // Copy args -+ ADD $16, R5, R14 // Src = args + 16 -+ MOVW R13, R3 // Dst = SP -+ -+copy_loop: -+ MOVW.P 4(R14), R1 // read -+ MOVW.P R1, 4(R3) // write -+ SUB $1, R7 -+ CMP $0, R7 -+ BNE copy_loop -+ -+ // Load first 4 args -+ MOVM.IA (R5), [R0, R1, R2, R3] -+ -+ // Reload fn -+ MOVW libcCallInfo_fn(R4), R12 -+ -+ BL (R12) -+ -+ // Restore SP -+ MOVW R6, R13 -+ B ret -+ -+call: -+ BL (R12) -+ -+ret: -+ MOVW R0, libcCallInfo_r1(R4) -+ MOVW R1, libcCallInfo_r2(R4) -+ -+ MOVM.IA.W (R13), [R4-R7, R14] -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_arm64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_arm64.s -new file mode 100644 -index 00000000000000..ea2a33662a89f0 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_arm64.s -@@ -0,0 +1,100 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+// Copyright 2015 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+//go:build !cgo -+ -+#include "go_asm.h" -+#include "textflag.h" -+ -+TEXT ·syscallNSystemStack_trampoline(SB), NOSPLIT, $16 -+ MOVD R0, 8(RSP) -+ CALL ·syscallNSystemStack(SB) -+ RET -+ -+TEXT ·syscallNAsm(SB), NOSPLIT, $0-16 -+ // Save original stack pointer -+ MOVD RSP, R20 -+ -+ // Load pointer from stack (ABI0 calling convention) -+ MOVD libcArgs+0(FP), R3 -+ -+ MOVD libcCallInfo_args(R3), R12 -+ MOVD libcCallInfo_fn(R3), R13 -+ -+ // Do we have more than 8 arguments? -+ MOVD libcCallInfo_n(R3), R0 -+ CMP $0, R0; BEQ _0args -+ CMP $1, R0; BEQ _1args -+ CMP $2, R0; BEQ _2args -+ CMP $3, R0; BEQ _3args -+ CMP $4, R0; BEQ _4args -+ CMP $5, R0; BEQ _5args -+ CMP $6, R0; BEQ _6args -+ CMP $7, R0; BEQ _7args -+ CMP $8, R0; BEQ _8args -+ -+ // Reserve stack space for remaining args -+ SUB $8, R0, R2 -+ ADD $1, R2, R3 // make even number of words for stack alignment -+ AND $~1, R3 -+ LSL $3, R3 -+ SUB R3, RSP -+ -+ // R4: size of stack arguments (n-8)*8 -+ // R5: &args[8] -+ // R6: loop counter, from 0 to (n-8)*8 -+ // R7: scratch -+ // R8: copy of RSP - (R2)(RSP) assembles as (R2)(ZR) -+ SUB $8, R0, R4 -+ LSL $3, R4 -+ ADD $(8*8), R12, R5 -+ MOVD $0, R6 -+ MOVD RSP, R8 -+ -+stackargs: -+ MOVD (R6)(R5), R7 -+ MOVD R7, (R6)(R8) -+ ADD $8, R6 -+ CMP R6, R4 -+ BNE stackargs -+ -+_8args: -+ MOVD (7*8)(R12), R7 -+ -+_7args: -+ MOVD (6*8)(R12), R6 -+ -+_6args: -+ MOVD (5*8)(R12), R5 -+ -+_5args: -+ MOVD (4*8)(R12), R4 -+ -+_4args: -+ MOVD (3*8)(R12), R3 -+ -+_3args: -+ MOVD (2*8)(R12), R2 -+ -+_2args: -+ MOVD (1*8)(R12), R1 -+ -+_1args: -+ MOVD (0*8)(R12), R0 -+ -+_0args: -+ -+ BL (R13) -+ -+ // Restore original stack pointer -+ MOVD R20, RSP -+ -+ MOVD libcArgs+0(FP), R3 -+ MOVD R0, libcCallInfo_r1(R3) // save r1 -+ MOVD R1, libcCallInfo_r2(R3) // save r2 -+ -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_loong64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_loong64.s -new file mode 100644 -index 00000000000000..0036346faededf ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_loong64.s -@@ -0,0 +1,119 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+// Copyright 2015 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+//go:build !cgo -+ -+#include "go_asm.h" -+#include "textflag.h" -+ -+TEXT ·syscallNSystemStack_trampoline(SB), NOSPLIT, $16 -+ MOVV R4, 8(R3) -+ CALL ·syscallNSystemStack(SB) -+ RET -+ -+TEXT ·syscallNAsm(SB), NOSPLIT, $0-8 -+ // Load pointer from stack (ABI0 calling convention) -+ MOVV libcArgs+0(FP), R12 -+ -+ // Save original stack pointer -+ MOVV R3, R23 -+ -+ // Align stack to 16 bytes for C calling convention -+ MOVV $-16, R15 -+ AND R15, R3 -+ -+ MOVV libcCallInfo_args(R12), R13 -+ MOVV libcCallInfo_fn(R12), R14 -+ -+ // Do we have more than 8 arguments? -+ MOVV libcCallInfo_n(R12), R4 -+ BEQ R4, R0, _0args -+ MOVV $1, R15 -+ BEQ R4, R15, _1args -+ MOVV $2, R15 -+ BEQ R4, R15, _2args -+ MOVV $3, R15 -+ BEQ R4, R15, _3args -+ MOVV $4, R15 -+ BEQ R4, R15, _4args -+ MOVV $5, R15 -+ BEQ R4, R15, _5args -+ MOVV $6, R15 -+ BEQ R4, R15, _6args -+ MOVV $7, R15 -+ BEQ R4, R15, _7args -+ MOVV $8, R15 -+ BEQ R4, R15, _8args -+ -+ // Reserve stack space for remaining args -+ MOVV R4, R16 -+ ADDV $-8, R16 // R16 = n-8 -+ MOVV R16, R12 // R12 = n-8 (reuse R12, no longer need libcArgs) -+ ADDV $1, R12 // R12 = (n-8)+1 -+ MOVV $-2, R15 -+ AND R15, R12 // make even number of words for stack alignment -+ SLLV $3, R12 // R12 = bytes to reserve -+ SUBV R12, R3 // SP -= bytes -+ -+ // R16: size of stack arguments (n-8)*8 -+ // R15: &args[8] -+ // R17: loop counter, from 0 to (n-8)*8 -+ // R18: scratch -+ // R19: copy of R3 (SP) -+ // R20: scratch -+ SLLV $3, R16 // R16 = (n-8)*8 -+ MOVV R13, R15 -+ ADDV $(8*8), R15 // R15 = args + 64 = &args[8] -+ MOVV R0, R17 // R17 = 0 (loop counter) -+ MOVV R3, R19 // R19 = SP copy -+ -+stackargs: -+ MOVV R15, R18 -+ ADDV R17, R18 // R18 = &args[8] + counter -+ MOVV (R18), R18 // R18 = args[8 + counter/8] -+ MOVV R19, R20 -+ ADDV R17, R20 // R20 = SP_copy + counter -+ MOVV R18, (R20) // stack[counter/8] = R18 -+ ADDV $8, R17 // counter += 8 -+ BNE R17, R16, stackargs // while counter != (n-8)*8 -+ -+_8args: -+ MOVV (7*8)(R13), R11 -+ -+_7args: -+ MOVV (6*8)(R13), R10 -+ -+_6args: -+ MOVV (5*8)(R13), R9 -+ -+_5args: -+ MOVV (4*8)(R13), R8 -+ -+_4args: -+ MOVV (3*8)(R13), R7 -+ -+_3args: -+ MOVV (2*8)(R13), R6 -+ -+_2args: -+ MOVV (1*8)(R13), R5 -+ -+_1args: -+ MOVV (0*8)(R13), R4 -+ -+_0args: -+ -+ CALL (R14) -+ -+ // Restore original stack pointer -+ MOVV R23, R3 -+ -+ MOVV libcArgs+0(FP), R12 -+ MOVV R4, libcCallInfo_r1(R12) // save r1 -+ MOVV R5, libcCallInfo_r2(R12) // save r2 -+ -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_others.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_others.s -new file mode 100644 -index 00000000000000..05b68fa204a71b ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_others.s -@@ -0,0 +1,10 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+// Copyright 2009 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+//go:build !cgo && !arm && !arm64 && !386 && !amd64 && !loong64 && !ppc64le && !riscv64 && (!s390x || !go1.27) -+ -+// This file silences errors about body-less functions. -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_ppc64le.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_ppc64le.s -new file mode 100644 -index 00000000000000..1eacc7832ab330 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_ppc64le.s -@@ -0,0 +1,144 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+// Copyright 2009 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+//go:build !cgo -+ -+#include "go_asm.h" -+#include "textflag.h" -+ -+TEXT ·syscallNSystemStack_trampoline(SB), NOSPLIT|NOFRAME, $0-0 -+ // R3 already contains the libcArgs pointer from cgocall -+ MOVD LR, R0 -+ MOVD R0, 16(R1) -+ MOVDU R1, -32(R1) -+ MOVD R3, 32(R1) -+ CALL ·syscallNSystemStack(SB) -+ ADD $32, R1 -+ MOVD 16(R1), R0 -+ MOVD R0, LR -+ RET -+ -+// PPC64LE ELFv2 ABI: R3-R10 args, R3-R4 return, R14-R31 callee-saved -+// Go ABI: R3-R10, R14-R17 args, R20-R21 scratch, R30=g, R31=scratch -+// We use R24-R28 which are callee-saved in both ABIs. -+// Go frame: 48 locals + 32 linkage = 80 bytes. Locals start at 32(R1). -+ -+TEXT ·syscallNAsm(SB), NOSPLIT, $48-8 -+ // Save callee-saved registers we'll use -+ MOVD R24, 32(R1) -+ MOVD R25, 40(R1) -+ MOVD R26, 48(R1) -+ MOVD R27, 56(R1) -+ MOVD R28, 64(R1) -+ -+ // Load libcArgs pointer from stack (ABI0 calling convention) -+ MOVD libcArgs+0(FP), R11 -+ -+ // Store values we need across the C call in callee-saved registers -+ MOVD R1, R24 // R24 = original SP -+ MOVD R11, R25 // R25 = libcArgs -+ MOVD libcCallInfo_args(R11), R26 // R26 = args -+ MOVD libcCallInfo_fn(R11), R27 // R27 = fn -+ MOVD libcCallInfo_n(R11), R28 // R28 = n -+ -+ // Do we have more than 8 arguments? -+ CMP R28, $8 -+ BLE _allocsmall -+ -+ // >8 args: allocate large frame ((n-8+1) & ~1) * 8 + 96 -+ SUB $8, R28, R3 -+ ADD $1, R3 -+ MOVD $~1, R4 -+ AND R4, R3 -+ SLD $3, R3 -+ ADD $96, R3 -+ NEG R3, R4 -+ ADD R4, R24, R1 -+ MOVD $~15, R3 -+ AND R3, R1 // 16-byte align -+ MOVD R24, 0(R1) // back chain -+ MOVD R2, 24(R1) // save TOC -+ -+ // Copy args[8..n-1] to stack at offset 96 -+ MOVD $8, R3 -+ -+_stackargs: -+ SLD $3, R3, R5 -+ MOVD (R26)(R5), R6 -+ SUB $8, R3, R7 -+ SLD $3, R7 -+ ADD $96, R7 -+ MOVD R6, (R1)(R7) -+ ADD $1, R3 -+ CMP R3, R28 -+ BLT _stackargs -+ BR _8args -+ -+_allocsmall: -+ // <=8 args: allocate minimum 96-byte C frame -+ ADD $-96, R24, R1 -+ MOVD $~15, R3 -+ AND R3, R1 -+ MOVD R24, 0(R1) // back chain -+ MOVD R2, 24(R1) // save TOC -+ -+ // Branch to appropriate label based on arg count -+ CMP R28, $0; BEQ _0args -+ CMP R28, $1; BEQ _1args -+ CMP R28, $2; BEQ _2args -+ CMP R28, $3; BEQ _3args -+ CMP R28, $4; BEQ _4args -+ CMP R28, $5; BEQ _5args -+ CMP R28, $6; BEQ _6args -+ CMP R28, $7; BEQ _7args -+ -+_8args: -+ MOVD (7*8)(R26), R10 -+ -+_7args: -+ MOVD (6*8)(R26), R9 -+ -+_6args: -+ MOVD (5*8)(R26), R8 -+ -+_5args: -+ MOVD (4*8)(R26), R7 -+ -+_4args: -+ MOVD (3*8)(R26), R6 -+ -+_3args: -+ MOVD (2*8)(R26), R5 -+ -+_2args: -+ MOVD (1*8)(R26), R4 -+ -+_1args: -+ MOVD (0*8)(R26), R3 -+ -+_0args: -+ // ELFv2: function address in R12 and CTR -+ MOVD R27, R12 -+ MOVD R12, CTR -+ BL (CTR) -+ -+ // Restore TOC and stack pointer -+ MOVD 24(R1), R2 -+ MOVD R24, R1 -+ -+ // Save return values -+ MOVD R3, libcCallInfo_r1(R25) -+ MOVD R4, libcCallInfo_r2(R25) -+ -+ // Restore callee-saved registers -+ MOVD 32(R1), R24 -+ MOVD 40(R1), R25 -+ MOVD 48(R1), R26 -+ MOVD 56(R1), R27 -+ MOVD 64(R1), R28 -+ -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_riscv64.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_riscv64.s -new file mode 100644 -index 00000000000000..e7676e6aa8c2ef ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_riscv64.s -@@ -0,0 +1,112 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+// Copyright 2015 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+//go:build !cgo -+ -+#include "go_asm.h" -+#include "textflag.h" -+ -+TEXT ·syscallNSystemStack_trampoline(SB), NOSPLIT, $16 -+ MOV A0, 8(X2) -+ CALL ·syscallNSystemStack(SB) -+ RET -+ -+TEXT ·syscallNAsm(SB), NOSPLIT, $0-8 -+ // Load pointer from stack (ABI0 calling convention) -+ MOV libcArgs+0(FP), X5 -+ -+ // Save original stack pointer -+ MOV X2, X20 -+ -+ // Align stack to 16 bytes for C calling convention -+ ANDI $-16, X2, X2 -+ -+ MOV libcCallInfo_args(X5), X30 -+ MOV libcCallInfo_fn(X5), X29 -+ -+ // Do we have more than 8 arguments? -+ MOV libcCallInfo_n(X5), X10 -+ BEQ X10, ZERO, _0args -+ MOV $1, X6 -+ BEQ X10, X6, _1args -+ MOV $2, X6 -+ BEQ X10, X6, _2args -+ MOV $3, X6 -+ BEQ X10, X6, _3args -+ MOV $4, X6 -+ BEQ X10, X6, _4args -+ MOV $5, X6 -+ BEQ X10, X6, _5args -+ MOV $6, X6 -+ BEQ X10, X6, _6args -+ MOV $7, X6 -+ BEQ X10, X6, _7args -+ MOV $8, X6 -+ BEQ X10, X6, _8args -+ -+ // Reserve stack space for remaining args -+ ADDI $-8, X10, X7 -+ ADDI $1, X7, X5 // make even number of words for stack alignment -+ ANDI $-2, X5, X5 -+ SLLI $3, X5, X5 -+ SUB X5, X2, X2 -+ -+ // X6: size of stack arguments (n-8)*8 -+ // X7: &args[8] -+ // X8: loop counter, from 0 to (n-8)*8 -+ // X9: scratch -+ // X28: copy of X2 (SP) -+ ADDI $-8, X10, X6 -+ SLLI $3, X6, X6 -+ ADDI $(8*8), X7, X7 -+ MOV ZERO, X8 -+ MOV X2, X28 -+ -+stackargs: -+ ADD X8, X7, X9 -+ MOV (X9), X9 -+ ADD X8, X28, X31 -+ MOV X9, (X31) -+ ADDI $8, X8, X8 -+ BNE X8, X6, stackargs -+ -+_8args: -+ MOV (7*8)(X30), X17 -+ -+_7args: -+ MOV (6*8)(X30), X16 -+ -+_6args: -+ MOV (5*8)(X30), X15 -+ -+_5args: -+ MOV (4*8)(X30), X14 -+ -+_4args: -+ MOV (3*8)(X30), X13 -+ -+_3args: -+ MOV (2*8)(X30), X12 -+ -+_2args: -+ MOV (1*8)(X30), X11 -+ -+_1args: -+ MOV (0*8)(X30), X10 -+ -+_0args: -+ -+ CALL X29 -+ -+ // Restore original stack pointer -+ MOV X20, X2 -+ -+ MOV libcArgs+0(FP), X5 -+ MOV X10, libcCallInfo_r1(X5) // save r1 -+ MOV X11, libcCallInfo_r2(X5) // save r2 -+ -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_s390x.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_s390x.s -new file mode 100644 -index 00000000000000..6a8c18c0f111c6 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/asm_s390x.s -@@ -0,0 +1,120 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+// Copyright 2009 The Go Authors. All rights reserved. -+// Use of this source code is governed by a BSD-style -+// license that can be found in the LICENSE file. -+ -+//go:build go1.27 && !cgo -+ -+#include "go_asm.h" -+#include "textflag.h" -+ -+// S390X ELF ABI: -+// - Args in R2-R6, float args in F0, F2, F4, F6 -+// - Return values in R2, R3 (and F0 for floats) -+// - Callee-saved: R6-R13, R15, F8-F15 -+// - R14 is link register (return address) -+// - R15 is stack pointer -+// - Standard frame: 160 bytes minimum with register save area at 48(R15) -+ -+TEXT ·syscallNSystemStack_trampoline(SB), NOSPLIT|NOFRAME, $0-0 -+ // R2 already contains the libcArgs pointer from cgocall -+ // Save callee-saved registers to caller's save area -+ STMG R6, R15, 48(R15) -+ MOVD R15, R1 -+ SUB $32, R15 -+ MOVD R1, 0(R15) -+ MOVD R2, 8(R15) -+ BL ·syscallNSystemStack(SB) -+ ADD $32, R15 -+ LMG 48(R15), R6, R15 -+ RET -+ -+TEXT ·syscallNAsm(SB), NOSPLIT, $64-8 -+ // Save callee-saved registers we'll use (R6-R11) -+ STMG R6, R11, 8(R15) -+ -+ // Load libcArgs pointer from stack (ABI0 calling convention) -+ MOVD libcArgs+0(FP), R11 -+ -+ // Store values we need across the C call in callee-saved registers -+ MOVD R15, R7 // R7 = original SP -+ MOVD R11, R8 // R8 = libcArgs -+ MOVD libcCallInfo_args(R11), R9 // R9 = args -+ MOVD libcCallInfo_fn(R11), R10 // R10 = fn -+ MOVD libcCallInfo_n(R11), R6 // R6 = n -+ -+ // Do we have more than 5 arguments? -+ CMPBLE R6, $5, _allocsmall -+ -+ // >5 args: allocate frame for stack args ((n-5+1) & ~1) * 8 + 160 -+ MOVD R6, R1 -+ SUB $5, R1 -+ ADD $1, R1 -+ MOVD $~1, R0 -+ AND R0, R1 -+ SLD $3, R1 -+ ADD $160, R1 -+ SUB R1, R7, R15 -+ MOVD $~15, R0 -+ AND R0, R15 // 16-byte align -+ MOVD R7, 0(R15) // back chain -+ -+ // Copy args[5..n-1] to stack at offset 160 -+ MOVD $5, R1 -+ -+_stackargs: -+ SLD $3, R1, R3 -+ MOVD (R9)(R3*1), R0 -+ SUB $5, R1, R4 -+ SLD $3, R4 -+ ADD $160, R4 -+ MOVD R0, (R15)(R4*1) -+ ADD $1, R1 -+ CMP R1, R6 -+ BLT _stackargs -+ BR _5args -+ -+_allocsmall: -+ // <=5 args: allocate minimum 160-byte C frame -+ SUB $160, R7, R15 -+ MOVD $~15, R0 -+ AND R0, R15 -+ MOVD R7, 0(R15) // back chain -+ -+ // Branch to appropriate label based on arg count -+ CMPBEQ R6, $0, _0args -+ CMPBEQ R6, $1, _1args -+ CMPBEQ R6, $2, _2args -+ CMPBEQ R6, $3, _3args -+ CMPBEQ R6, $4, _4args -+ -+_5args: -+ MOVD (4*8)(R9), R6 -+ -+_4args: -+ MOVD (3*8)(R9), R5 -+ -+_3args: -+ MOVD (2*8)(R9), R4 -+ -+_2args: -+ MOVD (1*8)(R9), R3 -+ -+_1args: -+ MOVD (0*8)(R9), R2 -+ -+_0args: -+ BL R10 -+ -+ // Restore stack pointer -+ MOVD R7, R15 -+ -+ // Save return values -+ MOVD R2, libcCallInfo_r1(R8) -+ MOVD R3, libcCallInfo_r2(R8) -+ -+ // Restore callee-saved registers (R6-R11) -+ LMG 8(R15), R6, R11 -+ RET -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/dl.h b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/dl.h -new file mode 100644 -index 00000000000000..4ff00b18668375 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/dl.h -@@ -0,0 +1,15 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+// This header file is used by the mkcgo tool to generate cgo and Go bindings for the -+// OpenSSL C API. Run "go generate ." to regenerate the bindings. -+ -+#ifndef _GO_DL_SHIMS_H // only include this header once -+#define _GO_DL_SHIMS_H -+ -+void *dlopen(const char *path, int flags); -+int dlclose(void *handle); -+void *dlsym(void *handle, const char *symbol); -+char *dlerror(void); -+ -+#endif // _GO_DL_SHIMS_H -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors.go -new file mode 100644 -index 00000000000000..5f589254830a4d ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors.go -@@ -0,0 +1,37 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+package ossl -+ -+import ( -+ "errors" -+ "unsafe" -+) -+ -+// newMkcgoErr constructs an error from the given message and OpenSSL error state. -+func newMkcgoErr(msg string, state uintptr) error { -+ if state == 0 { -+ // No error -+ return nil -+ } -+ bio := BIO_PTR(state) -+ defer BIO_free(bio) -+ // Retrieve pointer to data, which is owned by bio. -+ var data *byte -+ n := BIO_ctrl(bio, BIO_CTRL_INFO, 0, unsafe.Pointer(&data)) -+ if n == 0 { -+ // If no errors in queue, return simple message -+ return errors.New(msg + " failed") -+ } -+ const extra = "\nopenssl error(s):\n" -+ buf := make([]byte, len(msg)+len(extra)+int(n)) -+ copy(buf, msg) -+ copy(buf[len(msg):], extra) -+ copy(buf[len(msg)+len(extra):], unsafe.Slice(data, n)) -+ // Remove trailing line jump if present. -+ if buf[len(buf)-1] == '\n' { -+ buf = buf[:len(buf)-1] -+ } -+ // Avoid an allocation by constructing the string directly from the byte slice. -+ return errors.New(unsafe.String(unsafe.SliceData(buf), len(buf))) -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors_cgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors_cgo.go -new file mode 100644 -index 00000000000000..86b001762fba83 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors_cgo.go -@@ -0,0 +1,33 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+package ossl -+ -+/* -+#include "zossl.h" -+ -+// Force mkcgo_err_retrieve to be stack-guarded, -+// even when it doesn't actually need it. -+// This is necessary to ensure Go binaries built -+// with -fstack-protector-strong comply with BinSkim BA3003, -+// so that at least one function in the binary uses __stack_chk_guard. -+// See https://github.com/microsoft/go/issues/2240. -+ -+#define MKCGO_STACK_PROTECT -+ -+#if defined(__has_attribute) -+#if __has_attribute(stack_protect) -+#undef MKCGO_STACK_PROTECT -+#define MKCGO_STACK_PROTECT __attribute__((stack_protect)) -+#endif -+#endif -+ -+// mkcgo_err_retrieve retrieves the error state from OpenSSL. -+uintptr_t MKCGO_STACK_PROTECT mkcgo_err_retrieve() { -+ // BIO operations using BIO_s_mem should not fail. -+ _BIO_PTR bio = _mkcgo_BIO_new(_mkcgo_BIO_s_mem(), NULL); -+ _mkcgo_ERR_print_errors(bio); -+ return (uintptr_t)bio; -+} -+*/ -+import "C" -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors_nocgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors_nocgo.go -new file mode 100644 -index 00000000000000..ec42d4f6f9c26c ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/errors_nocgo.go -@@ -0,0 +1,19 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+//go:build !cgo -+ -+package ossl -+ -+// retrieveErrorState retrieves errors from the OpenSSL error queue. -+// It might run on the system stack, so it can't allocate Go memory -+// nor grow the stack over the nosplit limit. -+// -+//go:nosplit -+func retrieveErrorState() uintptr { -+ // BIO operations using BIO_s_mem should not fail. -+ smem := syscallNRaw(_mkcgo_BIO_s_mem) -+ bio := syscallNRaw(_mkcgo_BIO_new, smem) -+ syscallNRaw(_mkcgo_ERR_print_errors, bio) -+ return bio -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/ossl.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/ossl.go -new file mode 100644 -index 00000000000000..9acac55865dc17 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/ossl.go -@@ -0,0 +1,62 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+// Package ossl provides a Go interface to OpenSSL. -+package ossl -+ -+//go:generate go run ../../cmd/mkcgo -out zossl.go -mode dynload -package ossl shims.h -+//go:generate go run ../../cmd/mkcgo -out zossl.go -nocgo -mode dynload -package ossl shims.h -+//go:generate go run ../../cmd/mkcgo -out zdl.go -nocgo -mode dynamic -noerrors -package ossl -tags unix dl.h -+ -+import "unsafe" -+ -+const _OSSL_PARAM_UNMODIFIED uint = uint(^uintptr(0)) -+ -+// OSSL_PARAM is a structure to pass or request object parameters. -+// https://docs.openssl.org/3.0/man3/OSSL_PARAM/. -+type OSSL_PARAM struct { -+ Key *byte -+ DataType uint32 -+ Data unsafe.Pointer -+ DataSize uint -+ ReturnSize uint -+} -+ -+func ossl_param_construct(key *byte, dataType uint32, data unsafe.Pointer, dataSize int) OSSL_PARAM { -+ return OSSL_PARAM{ -+ Key: key, -+ DataType: dataType, -+ Data: data, -+ DataSize: uint(dataSize), -+ ReturnSize: _OSSL_PARAM_UNMODIFIED, -+ } -+} -+ -+func OSSL_PARAM_construct_octet_string(key *byte, data unsafe.Pointer, dataSize int) OSSL_PARAM { -+ return ossl_param_construct(key, OSSL_PARAM_OCTET_STRING, data, dataSize) -+} -+ -+func OSSL_PARAM_construct_int32(key *byte, data *int32) OSSL_PARAM { -+ return ossl_param_construct(key, OSSL_PARAM_INTEGER, unsafe.Pointer(data), 4) -+} -+ -+func OSSL_PARAM_construct_end() OSSL_PARAM { -+ return OSSL_PARAM{} -+} -+ -+func OSSL_PARAM_modified(param *OSSL_PARAM) bool { -+ // If ReturnSize is not set, the parameter has not been modified. -+ return param != nil && param.ReturnSize != _OSSL_PARAM_UNMODIFIED -+} -+ -+// goString converts a C string (byte pointer) to a Go string -+func goString(p *byte) string { -+ if p == nil { -+ return "" -+ } -+ end := unsafe.Pointer(p) -+ for *(*byte)(end) != 0 { -+ end = unsafe.Add(end, 1) -+ } -+ return string(unsafe.Slice(p, uintptr(end)-uintptr(unsafe.Pointer(p)))) -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/shims.h b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/shims.h -new file mode 100644 -index 00000000000000..9a47c5bf820472 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/shims.h -@@ -0,0 +1,446 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+// This header file is used by the mkcgo tool to generate cgo and Go bindings for the -+// OpenSSL C API. Run "go generate ." to regenerate the bindings. -+// Do not include this file, import "zossl.h" instead. -+ -+#ifndef _GO_OSSL_SHIMS_H // only include this header once -+#define _GO_OSSL_SHIMS_H -+ -+#include // size_t -+#include // uint64_t -+ -+// The following includes are used by the checkheader tool. -+// #include -+// #include -+// #include -+// #include -+// #include -+// #include -+// #include -+// #include -+// #include -+// #include -+// #include -+// #if OPENSSL_VERSION_NUMBER >= 0x30000000L -+// #include -+// #include -+// #include -+// #include -+// #endif -+// #if OPENSSL_VERSION_NUMBER < 0x10100000L -+// #include -+// #endif -+ -+enum { -+ _POINT_CONVERSION_UNCOMPRESSED = 4, -+ -+ _OPENSSL_INIT_LOAD_CRYPTO_STRINGS = 0x00000002, -+ _OPENSSL_INIT_ADD_ALL_CIPHERS = 0x00000004, -+ _OPENSSL_INIT_ADD_ALL_DIGESTS = 0x00000008, -+ _OPENSSL_INIT_LOAD_CONFIG = 0x00000040, -+ -+ _EVP_CTRL_GCM_GET_TAG = 0x10, -+ _EVP_CTRL_GCM_SET_TAG = 0x11, -+ _EVP_CTRL_AEAD_SET_IVLEN = 0x9, -+ _EVP_CTRL_AEAD_GET_TAG = 0x10, -+ _EVP_CTRL_AEAD_SET_TAG = 0x11, -+ _EVP_PKEY_CTRL_MD = 1, -+ _EVP_PKEY_RSA = 6, -+ _EVP_PKEY_EC = 408, -+ _EVP_PKEY_TLS1_PRF = 1021, -+ _EVP_PKEY_X25519 = 1034, -+ _EVP_PKEY_HKDF = 1036, -+ _EVP_PKEY_ED25519 = 1087, -+ _EVP_PKEY_DSA = 116, -+ _EVP_PKEY_MLKEM_768 = 1455, -+ _EVP_PKEY_MLKEM_1024 = 1456, -+ _EVP_PKEY_ML_DSA_44 = 1457, -+ _EVP_PKEY_ML_DSA_65 = 1458, -+ _EVP_PKEY_ML_DSA_87 = 1459, -+ _EVP_PKEY_OP_DERIVE = (1 << 10), // this value differs between OpenSSL 1 and 3, but we only use it in 1 -+ _EVP_MAX_MD_SIZE = 64, -+ -+ _EVP_PKEY_PUBLIC_KEY = 0x86, -+ _EVP_PKEY_KEYPAIR = 0x87, -+ -+ _EVP_MD_CTRL_XOF_LEN = 0x3, -+ -+ _EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID = 0x1001, -+ -+ _EVP_KDF_HKDF_MODE_EXTRACT_ONLY = 1, -+ _EVP_KDF_HKDF_MODE_EXPAND_ONLY = 2, -+ -+ _EVP_PKEY_CTRL_TLS_MD = 0x1000, -+ _EVP_PKEY_CTRL_TLS_SECRET = 0x1001, -+ _EVP_PKEY_CTRL_TLS_SEED = 0x1002, -+ _EVP_PKEY_CTRL_HKDF_MD = 0x1003, -+ _EVP_PKEY_CTRL_HKDF_SALT = 0x1004, -+ _EVP_PKEY_CTRL_HKDF_KEY = 0x1005, -+ _EVP_PKEY_CTRL_HKDF_INFO = 0x1006, -+ _EVP_PKEY_CTRL_HKDF_MODE = 0x1007, -+ -+ _NID_X9_62_prime256v1 = 415, -+ _NID_secp224r1 = 713, -+ _NID_secp384r1 = 715, -+ _NID_secp521r1 = 716, -+ -+ _NID_ML_KEM_768 = 1455, -+ _NID_ML_KEM_1024 = 1456, -+ _NID_ML_DSA_44 = 1457, -+ _NID_ML_DSA_65 = 1458, -+ _NID_ML_DSA_87 = 1459, -+ -+ _RSA_PKCS1_PADDING = 1, -+ _RSA_NO_PADDING = 3, -+ _RSA_PKCS1_OAEP_PADDING = 4, -+ _RSA_PKCS1_PSS_PADDING = 6, -+ _RSA_PSS_SALTLEN_DIGEST = -1, -+ _RSA_PSS_SALTLEN_AUTO = -2, -+ _RSA_PSS_SALTLEN_MAX_SIGN = -2, -+ _RSA_PSS_SALTLEN_MAX = -3, -+ _EVP_PKEY_CTRL_RSA_PADDING = 0x1001, -+ _EVP_PKEY_CTRL_RSA_PSS_SALTLEN = 0x1002, -+ _EVP_PKEY_CTRL_RSA_KEYGEN_BITS = 0x1003, -+ _EVP_PKEY_CTRL_RSA_MGF1_MD = 0x1005, -+ _EVP_PKEY_CTRL_RSA_OAEP_MD = 0x1009, -+ _EVP_PKEY_CTRL_RSA_OAEP_LABEL = 0x100A, -+ _EVP_PKEY_CTRL_DSA_PARAMGEN_BITS = 0x1001, -+ _EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS = 0x1002, -+ -+ _OSSL_PARAM_INTEGER = 1, -+ _OSSL_PARAM_OCTET_STRING = 5, -+ -+ BIO_CTRL_INFO = 3, -+}; -+ -+typedef void* _OPENSSL_INIT_SETTINGS_PTR; -+typedef void* _OSSL_LIB_CTX_PTR; -+typedef void* _OSSL_PROVIDER_PTR; -+typedef void* _ENGINE_PTR; -+typedef void* _EVP_PKEY_PTR; -+typedef void* _EVP_PKEY_CTX_PTR; -+typedef void* _EVP_MD_PTR; -+typedef void* _EVP_MD_CTX_PTR; -+typedef void* _HMAC_CTX_PTR; -+typedef void* _EVP_CIPHER_PTR; -+typedef void* _EVP_CIPHER_CTX_PTR; -+typedef void* _EC_KEY_PTR; -+typedef void* _EC_POINT_PTR; -+typedef void* _EC_GROUP_PTR; -+typedef void* _RSA_PTR; -+typedef void* _BIGNUM_PTR; -+typedef void* _BN_CTX_PTR; -+typedef void* _EVP_MAC_PTR; -+typedef void* _EVP_MAC_CTX_PTR; -+typedef void* _OSSL_PARAM_BLD_PTR; -+typedef void* _OSSL_PARAM_PTR; -+typedef void* _EVP_SIGNATURE_PTR; -+typedef void* _EVP_KEYMGMT_PTR; -+typedef void* _DSA_PTR; -+typedef void* _EVP_KDF_PTR; -+typedef void* _EVP_KDF_CTX_PTR; -+typedef void* _BIO_METHOD_PTR; -+typedef void* _BIO_PTR; -+typedef int point_conversion_form_t; -+ -+// Tags used by mkcgo to determine which OpenSSL version each function is available in: -+// - no tag: available in all supported versions (OpenSSL 1.1.1+) -+// - legacy_1: Only OpenSSL 1 -+// - 3: OpenSSL 3.0 or later -+// - 33: OpenSSL 3.3 or later -+ -+// The noescape/nocallback attributes are performance optimizations. -+// Only add functions that have been observed to benefit from these -+// directives, not every function that is merely expected to meet -+// the noescape/nocallback criteria. -+ -+// BIO API -+const _BIO_METHOD_PTR BIO_s_mem(void) __attribute__((tag(""),tag("init_3"),noerror)); -+_BIO_PTR BIO_new(const _BIO_METHOD_PTR type) __attribute__((tag(""),tag("init_3"))); -+int BIO_free(_BIO_PTR a) __attribute__((tag(""),tag("init_3"),noerror,noescape,nocallback)); -+long BIO_ctrl(_BIO_PTR bp, int cmd, long larg, void *parg) __attribute__((tag(""),tag("init_3"),noerror,noescape,nocallback)); -+ -+// ERR API -+unsigned long ERR_peek_error(void) __attribute__((noerror)); -+void ERR_print_errors(_BIO_PTR bp) __attribute__((tag(""),tag("init_3"),noescape,nocallback)); -+ -+// OPENSSL API -+const char *OpenSSL_version(int type) __attribute__((noerror)); -+void OPENSSL_init(void); -+int OPENSSL_init_crypto(uint64_t ops, const _OPENSSL_INIT_SETTINGS_PTR settings); -+unsigned long OpenSSL_version_num(void) __attribute__((tag("version"),optional,noerror)); -+unsigned int OPENSSL_version_major(void) __attribute__((tag("version"),optional,noerror)); -+unsigned int OPENSSL_version_minor(void) __attribute__((tag("version"),optional,noerror)); -+unsigned int OPENSSL_version_patch(void) __attribute__((tag("version"),optional,noerror)); -+ -+// CRYPTO API -+void *CRYPTO_malloc(size_t num, const char *file, int line); -+void CRYPTO_free(void *str, const char *file, int line); -+ -+// FIPS API -+int FIPS_mode(void) __attribute__((tag("legacy_1"),tag("init_1"),noerror)); -+int FIPS_mode_set(int r) __attribute__((tag("legacy_1"),tag("init_1"))); -+ -+// EVP Config API -+int EVP_default_properties_is_fips_enabled(_OSSL_LIB_CTX_PTR libctx) __attribute__((tag("3"),tag("init_3"),noerror)); -+int EVP_default_properties_enable_fips(_OSSL_LIB_CTX_PTR libctx, int enable) __attribute__((tag("3"))); -+ -+// OSSL_PROVIDER API -+int OSSL_PROVIDER_available(_OSSL_LIB_CTX_PTR libctx, const char *name) __attribute__((tag("3"),noerror)); -+_OSSL_PROVIDER_PTR OSSL_PROVIDER_try_load(_OSSL_LIB_CTX_PTR libctx, const char *name, int retain_fallbacks) __attribute__((tag("3"))); -+const char *OSSL_PROVIDER_get0_name(const _OSSL_PROVIDER_PTR prov) __attribute__((tag("3"),noerror)); -+ -+// RAND API -+int RAND_bytes(unsigned char *buf, int num) __attribute__((tag("legacy_1"),noescape,nocallback,slice("buf","num"))); -+int RAND_bytes_ex(_OSSL_LIB_CTX_PTR ctx, unsigned char *buf, size_t num, unsigned int strength) __attribute__((tag("3"),noescape,nocallback,slice("buf","num"))); -+ -+// EVP_MD API -+_EVP_MD_PTR EVP_MD_fetch(_OSSL_LIB_CTX_PTR ctx, const char *algorithm, const char *properties) __attribute__((tag("3"),tag("init_3"))); -+void EVP_MD_free(_EVP_MD_PTR md) __attribute__((tag("3"),tag("init_3"))); -+const char *EVP_MD_get0_name(const _EVP_MD_PTR md) __attribute__((tag("3"),noerror)); -+int EVP_MD_get_type(const _EVP_MD_PTR md) __attribute__((tag("3"),noerror)); -+const _OSSL_PROVIDER_PTR EVP_MD_get0_provider(const _EVP_MD_PTR md) __attribute__((tag("3"),tag("init_3"),noerror)); -+int EVP_MD_get_size(const _EVP_MD_PTR md) __attribute__((tag("3"),tag("legacy_1","EVP_MD_size"),noerror)); -+int EVP_MD_get_block_size(const _EVP_MD_PTR md) __attribute__((tag("3"),tag("legacy_1","EVP_MD_block_size"),noerror)); -+const _EVP_MD_PTR EVP_md5_sha1(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_ripemd160(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_md4(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_md5(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_sha1(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_sha224(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_sha256(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_sha384(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_sha512(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_sha512_224(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_sha512_256(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_sha3_224(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_sha3_256(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_sha3_384(void) __attribute__((noerror)); -+const _EVP_MD_PTR EVP_sha3_512(void) __attribute__((noerror)); -+ -+_EVP_MD_CTX_PTR EVP_MD_CTX_new(void); -+void EVP_MD_CTX_free(_EVP_MD_CTX_PTR ctx); -+int EVP_MD_CTX_ctrl(_EVP_MD_CTX_PTR ctx, int cmd, int p1, void *p2); -+int EVP_MD_CTX_copy_ex(_EVP_MD_CTX_PTR out, const _EVP_MD_CTX_PTR in); -+const _OSSL_PARAM_PTR EVP_MD_CTX_gettable_params(_EVP_MD_CTX_PTR ctx) __attribute__((tag("3"))); -+const _OSSL_PARAM_PTR EVP_MD_CTX_settable_params(_EVP_MD_CTX_PTR ctx) __attribute__((tag("3"))); -+int EVP_MD_CTX_get_params(_EVP_MD_CTX_PTR ctx, _OSSL_PARAM_PTR params) __attribute__((tag("3"),noescape,nocallback)); -+int EVP_MD_CTX_set_params(_EVP_MD_CTX_PTR ctx, const _OSSL_PARAM_PTR params) __attribute__((tag("3"),noescape,nocallback)); -+int EVP_Digest(const void *data, size_t count, unsigned char *md, unsigned int *size, const _EVP_MD_PTR type, _ENGINE_PTR impl) __attribute__((noescape,nocallback,slice("data","count"),slice("md","size"))); -+int EVP_DigestInit_ex(_EVP_MD_CTX_PTR ctx, const _EVP_MD_PTR type, _ENGINE_PTR impl); -+int EVP_DigestInit(_EVP_MD_CTX_PTR ctx, const _EVP_MD_PTR type); -+int EVP_DigestUpdate(_EVP_MD_CTX_PTR ctx, const void *d, size_t cnt) __attribute__((noescape,nocallback,slice("d","cnt"))); -+int EVP_DigestFinal_ex(_EVP_MD_CTX_PTR ctx, unsigned char *md, unsigned int *s) __attribute__((noescape,nocallback,slice("md","s"))); -+int EVP_DigestFinalXOF(_EVP_MD_CTX_PTR ctx, unsigned char *md, size_t mdlen) __attribute__((tag("33"),noescape,nocallback,slice("md","mdlen"))); -+int EVP_DigestSqueeze(_EVP_MD_CTX_PTR ctx, unsigned char *out, size_t outlen) __attribute__((tag("33"),optional,noescape,nocallback,slice("out","outlen"))); -+int EVP_DigestSign(_EVP_MD_CTX_PTR ctx, unsigned char *sigret, size_t *siglen, const unsigned char *tbs, size_t tbslen) __attribute__((noescape,nocallback,slice("sigret","siglen"),slice("tbs","tbslen"))); -+int EVP_DigestSignInit(_EVP_MD_CTX_PTR ctx, _EVP_PKEY_CTX_PTR *pctx, const _EVP_MD_PTR type, _ENGINE_PTR e, _EVP_PKEY_PTR pkey); -+int EVP_DigestSignFinal(_EVP_MD_CTX_PTR ctx, unsigned char *sig, size_t *siglen) __attribute__((slice("sig","siglen"))); -+int EVP_DigestVerifyInit(_EVP_MD_CTX_PTR ctx, _EVP_PKEY_CTX_PTR *pctx, const _EVP_MD_PTR type, _ENGINE_PTR e, _EVP_PKEY_PTR pkey); -+int EVP_DigestVerifyFinal(_EVP_MD_CTX_PTR ctx, const unsigned char *sig, size_t siglen) __attribute__((slice("sig","siglen"))); -+int EVP_DigestVerify(_EVP_MD_CTX_PTR ctx, const unsigned char *sigret, size_t siglen, const unsigned char *tbs, size_t tbslen) __attribute__((slice("sigret","siglen"),slice("tbs","tbslen"))); -+ -+// HMAC API -+int HMAC_Init_ex(_HMAC_CTX_PTR arg0, const void *arg1, int arg2, const _EVP_MD_PTR arg3, _ENGINE_PTR arg4) __attribute__((tag("legacy_1"),noescape,nocallback,slice("arg1","arg2"))); -+int HMAC_Update(_HMAC_CTX_PTR arg0, const unsigned char *arg1, size_t arg2) __attribute__((tag("legacy_1"),noescape,nocallback,slice("arg1","arg2"))); -+int HMAC_Final(_HMAC_CTX_PTR arg0, unsigned char *arg1, unsigned int *arg2) __attribute__((tag("legacy_1"),noescape,nocallback,slice("arg1","arg2"))); -+ -+_HMAC_CTX_PTR HMAC_CTX_new(void) __attribute__((tag("legacy_1"))); -+int HMAC_CTX_copy(_HMAC_CTX_PTR dest, _HMAC_CTX_PTR src) __attribute__((tag("legacy_1"),noescape,nocallback)); -+void HMAC_CTX_free(_HMAC_CTX_PTR arg0) __attribute__((tag("legacy_1"),noescape,nocallback)); -+ -+// EVP_CIPHER API -+_EVP_CIPHER_PTR EVP_CIPHER_fetch(_OSSL_LIB_CTX_PTR ctx, const char *algorithm, const char *properties) __attribute__((tag("3"))); -+const char *EVP_CIPHER_get0_name(const _EVP_CIPHER_PTR cipher) __attribute__((tag("3"),noerror)); -+const _EVP_CIPHER_PTR EVP_aes_128_gcm(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_aes_128_cbc(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_aes_128_ctr(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_aes_128_ecb(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_aes_192_gcm(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_aes_192_cbc(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_aes_192_ctr(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_aes_192_ecb(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_aes_256_cbc(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_aes_256_ctr(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_aes_256_ecb(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_aes_256_gcm(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_des_ecb(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_des_cbc(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_des_ede3_ecb(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_des_ede3_cbc(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_rc4(void) __attribute__((noerror)); -+const _EVP_CIPHER_PTR EVP_chacha20_poly1305(void) __attribute__((optional,noerror)); -+int EVP_CIPHER_get_block_size(const _EVP_CIPHER_PTR cipher) __attribute__((tag("3"),tag("legacy_1","EVP_CIPHER_block_size"),noerror)); -+ -+_EVP_CIPHER_CTX_PTR EVP_CIPHER_CTX_new(void); -+int EVP_CIPHER_CTX_set_padding(_EVP_CIPHER_CTX_PTR x, int padding); -+int EVP_CIPHER_CTX_set_key_length(_EVP_CIPHER_CTX_PTR x, int keylen); -+void EVP_CIPHER_CTX_free(_EVP_CIPHER_CTX_PTR arg0); -+int EVP_CIPHER_CTX_ctrl(_EVP_CIPHER_CTX_PTR ctx, int type, int arg, void *ptr); -+int EVP_CipherInit_ex(_EVP_CIPHER_CTX_PTR ctx, const _EVP_CIPHER_PTR type, _ENGINE_PTR impl, const unsigned char *key, const unsigned char *iv, int enc); -+int EVP_CipherUpdate(_EVP_CIPHER_CTX_PTR ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) __attribute__((noescape,nocallback,slice("out","outl"),slice("in","inl"))); -+int EVP_EncryptInit_ex(_EVP_CIPHER_CTX_PTR ctx, const _EVP_CIPHER_PTR type, _ENGINE_PTR impl, const unsigned char *key, const unsigned char *iv); -+int EVP_EncryptUpdate(_EVP_CIPHER_CTX_PTR ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) __attribute__((noescape,nocallback,slice("out","outl"),slice("in","inl"))); -+int EVP_EncryptFinal_ex(_EVP_CIPHER_CTX_PTR ctx, unsigned char *out, int *outl) __attribute__((noescape,nocallback,slice("out","outl"))); -+int EVP_DecryptInit_ex(_EVP_CIPHER_CTX_PTR ctx, const _EVP_CIPHER_PTR type, _ENGINE_PTR impl, const unsigned char *key, const unsigned char *iv); -+int EVP_DecryptUpdate(_EVP_CIPHER_CTX_PTR ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) __attribute__((noescape,nocallback,slice("out","outl"),slice("in","inl"))); -+int EVP_DecryptFinal_ex(_EVP_CIPHER_CTX_PTR ctx, unsigned char *outm, int *outl) __attribute__((noescape,nocallback,slice("outm","outl"))); -+ -+// EVP_PKEY API -+_EVP_PKEY_PTR EVP_PKEY_new(void); -+_EVP_PKEY_PTR EVP_PKEY_new_raw_private_key(int type, _ENGINE_PTR e, const unsigned char *key, size_t keylen) __attribute__((slice("key","keylen"))); -+_EVP_PKEY_PTR EVP_PKEY_new_raw_public_key(int type, _ENGINE_PTR e, const unsigned char *key, size_t keylen) __attribute__((slice("key","keylen"))); -+int EVP_PKEY_get_size(const _EVP_PKEY_PTR pkey) __attribute__((tag("3"),tag("legacy_1","EVP_PKEY_size"))); -+int EVP_PKEY_get_bits(const _EVP_PKEY_PTR pkey) __attribute__((tag("3"),tag("legacy_1","EVP_PKEY_bits"))); -+void EVP_PKEY_free(_EVP_PKEY_PTR arg0); -+_RSA_PTR EVP_PKEY_get1_RSA(_EVP_PKEY_PTR pkey) __attribute__((tag("legacy_1"))); -+int EVP_PKEY_assign(_EVP_PKEY_PTR pkey, int type, void *key) __attribute__((tag("legacy_1"))); -+_EC_KEY_PTR EVP_PKEY_get0_EC_KEY(_EVP_PKEY_PTR pkey) __attribute__((tag("legacy_1"))); -+_DSA_PTR EVP_PKEY_get0_DSA(_EVP_PKEY_PTR pkey) __attribute__((tag("legacy_1"))); -+int EVP_PKEY_set1_encoded_public_key(_EVP_PKEY_PTR pkey, const unsigned char *pub, size_t publen) __attribute__((tag("3"),slice("pub","publen"))); -+size_t EVP_PKEY_get1_encoded_public_key(_EVP_PKEY_PTR pkey, unsigned char **ppub) __attribute__((tag("3"))); -+int EVP_PKEY_get_bn_param(const _EVP_PKEY_PTR pkey, const char *key_name, _BIGNUM_PTR *bn) __attribute__((tag("3"),noescape,nocallback)); -+int EVP_PKEY_get_octet_string_param(const _EVP_PKEY_PTR pkey, const char *key_name, unsigned char *buf, size_t buf_len, size_t *out_len) __attribute__((tag("3"),slice("buf","buf_len"))); -+int EVP_PKEY_up_ref(_EVP_PKEY_PTR key); -+int EVP_PKEY_set1_EC_KEY(_EVP_PKEY_PTR pkey, _EC_KEY_PTR key) __attribute__((tag("legacy_1"))); -+int EVP_PKEY_CTX_set0_rsa_oaep_label(_EVP_PKEY_CTX_PTR ctx, void *label, int labellen) __attribute__((tag("3"),slice("label","labellen"))); -+int EVP_PKEY_get_raw_public_key(const _EVP_PKEY_PTR pkey, unsigned char *pub, size_t *publen) __attribute__((noescape,nocallback,slice("pub","publen"))); -+int EVP_PKEY_get_raw_private_key(const _EVP_PKEY_PTR pkey, unsigned char *priv, size_t *privlen) __attribute__((noescape,nocallback,slice("priv","privlen"))); -+int EVP_PKEY_fromdata_init(_EVP_PKEY_CTX_PTR ctx) __attribute__((tag("3"))); -+int EVP_PKEY_fromdata(_EVP_PKEY_CTX_PTR ctx, _EVP_PKEY_PTR *pkey, int selection, _OSSL_PARAM_PTR params) __attribute__((tag("3"))); -+int EVP_PKEY_paramgen_init(_EVP_PKEY_CTX_PTR ctx); -+int EVP_PKEY_paramgen(_EVP_PKEY_CTX_PTR ctx, _EVP_PKEY_PTR *ppkey); -+int EVP_PKEY_keygen_init(_EVP_PKEY_CTX_PTR ctx); -+int EVP_PKEY_keygen(_EVP_PKEY_CTX_PTR ctx, _EVP_PKEY_PTR *ppkey) __attribute__((noescape,nocallback)); -+int EVP_PKEY_decrypt(_EVP_PKEY_CTX_PTR arg0, unsigned char *arg1, size_t *arg2, const unsigned char *arg3, size_t arg4) __attribute__((slice("arg1","arg2"),slice("arg3","arg4"))); -+int EVP_PKEY_encrypt(_EVP_PKEY_CTX_PTR arg0, unsigned char *arg1, size_t *arg2, const unsigned char *arg3, size_t arg4) __attribute__((slice("arg1","arg2"),slice("arg3","arg4"))); -+int EVP_PKEY_decrypt_init(_EVP_PKEY_CTX_PTR arg0); -+int EVP_PKEY_encrypt_init(_EVP_PKEY_CTX_PTR arg0); -+int EVP_PKEY_sign_init(_EVP_PKEY_CTX_PTR arg0); -+int EVP_PKEY_verify_init(_EVP_PKEY_CTX_PTR arg0); -+int EVP_PKEY_sign(_EVP_PKEY_CTX_PTR arg0, unsigned char *arg1, size_t *arg2, const unsigned char *arg3, size_t arg4) __attribute__((slice("arg1","arg2"),slice("arg3","arg4"))); -+int EVP_PKEY_verify(_EVP_PKEY_CTX_PTR ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen) __attribute__((slice("sig","siglen"),slice("tbs","tbslen"))); -+int EVP_PKEY_derive_init(_EVP_PKEY_CTX_PTR ctx); -+int EVP_PKEY_derive_set_peer(_EVP_PKEY_CTX_PTR ctx, _EVP_PKEY_PTR peer); -+int EVP_PKEY_derive(_EVP_PKEY_CTX_PTR ctx, unsigned char *key, size_t *keylen) __attribute__((noescape,nocallback,slice("key","keylen"))); -+int EVP_PKEY_public_check_quick(_EVP_PKEY_CTX_PTR ctx) __attribute__((tag("3"))); -+int EVP_PKEY_private_check(_EVP_PKEY_CTX_PTR ctx) __attribute__((tag("3"))); -+_EVP_PKEY_PTR EVP_PKEY_Q_keygen(_OSSL_LIB_CTX_PTR ctx, const char *propq, const char *type, ...) __attribute__((tag("3"))); -+_EVP_PKEY_PTR EVP_PKEY_Q_keygen_RSA(_OSSL_LIB_CTX_PTR ctx, const char *propq, const char *type, size_t arg1) __attribute__((tag("3"),variadic("EVP_PKEY_Q_keygen"),noescape,nocallback)); -+_EVP_PKEY_PTR EVP_PKEY_Q_keygen_EC(_OSSL_LIB_CTX_PTR ctx, const char *propq, const char *type, const char *arg1) __attribute__((tag("3"),variadic("EVP_PKEY_Q_keygen"),noescape,nocallback)); -+_EVP_PKEY_PTR EVP_PKEY_Q_keygen_ED25519(_OSSL_LIB_CTX_PTR ctx, const char *propq, const char *type) __attribute__((tag("3"),variadic("EVP_PKEY_Q_keygen"),noescape,nocallback)); -+_EVP_PKEY_PTR EVP_PKEY_Q_keygen_X25519(_OSSL_LIB_CTX_PTR ctx, const char *propq, const char *type) __attribute__((tag("3"),variadic("EVP_PKEY_Q_keygen"),noescape,nocallback)); -+_EVP_PKEY_PTR EVP_PKEY_Q_keygen_MLKEM(_OSSL_LIB_CTX_PTR ctx, const char *propq, const char *type) __attribute__((tag("3"),variadic("EVP_PKEY_Q_keygen"),noescape,nocallback)); -+_EVP_PKEY_PTR EVP_PKEY_Q_keygen_MLDSA(_OSSL_LIB_CTX_PTR ctx, const char *propq, const char *type) __attribute__((tag("3"),variadic("EVP_PKEY_Q_keygen"),noescape,nocallback)); -+ -+_EVP_PKEY_CTX_PTR EVP_PKEY_CTX_new(_EVP_PKEY_PTR arg0, _ENGINE_PTR arg1); -+_EVP_PKEY_CTX_PTR EVP_PKEY_CTX_new_id(int id, _ENGINE_PTR e); -+_EVP_PKEY_CTX_PTR EVP_PKEY_CTX_new_from_pkey(_OSSL_LIB_CTX_PTR libctx, _EVP_PKEY_PTR pkey, const char *propquery) __attribute__((tag("3"))); -+void EVP_PKEY_CTX_free(_EVP_PKEY_CTX_PTR arg0); -+int EVP_PKEY_CTX_ctrl(_EVP_PKEY_CTX_PTR ctx, int keytype, int optype, int cmd, int p1, void *p2); -+int EVP_PKEY_CTX_set_params(_EVP_PKEY_CTX_PTR ctx, const _OSSL_PARAM_PTR params) __attribute__((tag("3"),noescape,nocallback)); -+int EVP_PKEY_CTX_set_hkdf_mode(_EVP_PKEY_CTX_PTR arg0, int arg1) __attribute__((tag("3"))); -+int EVP_PKEY_CTX_set_hkdf_md(_EVP_PKEY_CTX_PTR arg0, const _EVP_MD_PTR arg1) __attribute__((tag("3"))); -+int EVP_PKEY_CTX_set1_hkdf_salt(_EVP_PKEY_CTX_PTR arg0, const unsigned char *arg1, int arg2) __attribute__((tag("3"),slice("arg1","arg2"))); -+int EVP_PKEY_CTX_set1_hkdf_key(_EVP_PKEY_CTX_PTR arg0, const unsigned char *arg1, int arg2) __attribute__((tag("3"),slice("arg1","arg2"))); -+int EVP_PKEY_CTX_add1_hkdf_info(_EVP_PKEY_CTX_PTR arg0, const unsigned char *arg1, int arg2) __attribute__((tag("3"),slice("arg1","arg2"))); -+ -+// RSA API -+_RSA_PTR RSA_new(void) __attribute__((tag("legacy_1"))); -+void RSA_free(_RSA_PTR arg0) __attribute__((tag("legacy_1"))); -+void RSA_get0_factors(const _RSA_PTR rsa, const _BIGNUM_PTR *p, const _BIGNUM_PTR *q) __attribute__((tag("legacy_1"),noerror)); -+int RSA_set0_factors(_RSA_PTR rsa, _BIGNUM_PTR p, _BIGNUM_PTR q) __attribute__((tag("legacy_1"))); -+void RSA_get0_crt_params(const _RSA_PTR r, const _BIGNUM_PTR *dmp1, const _BIGNUM_PTR *dmq1, const _BIGNUM_PTR *iqmp) __attribute__((tag("legacy_1"),noerror)); -+int RSA_set0_crt_params(_RSA_PTR rsa, _BIGNUM_PTR dmp1, _BIGNUM_PTR dmp2, _BIGNUM_PTR iqmp) __attribute__((tag("legacy_1"))); -+void RSA_get0_key(const _RSA_PTR rsa, const _BIGNUM_PTR *n, const _BIGNUM_PTR *e, const _BIGNUM_PTR *d) __attribute__((tag("legacy_1"),noerror)); -+int RSA_set0_key(_RSA_PTR r, _BIGNUM_PTR n, _BIGNUM_PTR e, _BIGNUM_PTR d) __attribute__((tag("legacy_1"))); -+ -+// BIGNUM API -+_BIGNUM_PTR BN_new(void); -+void BN_free(_BIGNUM_PTR arg0); -+void BN_clear(_BIGNUM_PTR arg0); -+void BN_clear_free(_BIGNUM_PTR arg0); -+int BN_num_bits(const _BIGNUM_PTR arg0) __attribute__((noerror)); -+_BIGNUM_PTR BN_bin2bn(const unsigned char *arg0, int arg1, _BIGNUM_PTR arg2) __attribute__((slice("arg0","arg1"))); -+_BIGNUM_PTR BN_lebin2bn(const unsigned char *s, int slen, _BIGNUM_PTR ret) __attribute__((slice("s","slen"))); -+int BN_bn2lebinpad(const _BIGNUM_PTR a, unsigned char *to, int tolen) __attribute__((errcond("== -1"),slice("to","tolen"))); -+int BN_bn2binpad(const _BIGNUM_PTR a, unsigned char *to, int tolen) __attribute__((errcond("== -1"),slice("to","tolen"))); -+ -+// EC API -+int EC_KEY_set_public_key_affine_coordinates(_EC_KEY_PTR key, _BIGNUM_PTR x, _BIGNUM_PTR y) __attribute__((tag("legacy_1"))); -+int EC_KEY_set_public_key(_EC_KEY_PTR key, const _EC_POINT_PTR pub) __attribute__((tag("legacy_1"))); -+void EC_KEY_free(_EC_KEY_PTR arg0) __attribute__((tag("legacy_1"))); -+const _EC_GROUP_PTR EC_KEY_get0_group(const _EC_KEY_PTR arg0) __attribute__((tag("legacy_1"),noerror)); -+const _BIGNUM_PTR EC_KEY_get0_private_key(const _EC_KEY_PTR arg0) __attribute__((tag("legacy_1"),noerror)); -+const _EC_POINT_PTR EC_KEY_get0_public_key(const _EC_KEY_PTR arg0) __attribute__((tag("legacy_1"),noerror)); -+_EC_KEY_PTR EC_KEY_new_by_curve_name(int arg0) __attribute__((tag("legacy_1"))); -+int EC_KEY_set_private_key(_EC_KEY_PTR arg0, const _BIGNUM_PTR arg1) __attribute__((tag("legacy_1"))); -+int EC_KEY_check_key(const _EC_KEY_PTR key) __attribute__((tag("legacy_1"))); -+_EC_POINT_PTR EC_POINT_new(const _EC_GROUP_PTR arg0); -+void EC_POINT_free(_EC_POINT_PTR arg0); -+int EC_POINT_mul(const _EC_GROUP_PTR group, _EC_POINT_PTR r, const _BIGNUM_PTR n, const _EC_POINT_PTR q, const _BIGNUM_PTR m, _BN_CTX_PTR ctx); -+int EC_POINT_get_affine_coordinates_GFp(const _EC_GROUP_PTR arg0, const _EC_POINT_PTR arg1, _BIGNUM_PTR arg2, _BIGNUM_PTR arg3, _BN_CTX_PTR arg4) __attribute__((tag("legacy_1"))); -+int EC_POINT_set_affine_coordinates(const _EC_GROUP_PTR arg0, _EC_POINT_PTR arg1, const _BIGNUM_PTR arg2, const _BIGNUM_PTR arg3, _BN_CTX_PTR arg4) __attribute__((tag("3"))); -+size_t EC_POINT_point2oct(const _EC_GROUP_PTR group, const _EC_POINT_PTR p, point_conversion_form_t form, unsigned char *buf, size_t buflen, _BN_CTX_PTR ctx) __attribute__((slice("buf","buflen"))); -+int EC_POINT_oct2point(const _EC_GROUP_PTR group, _EC_POINT_PTR p, const unsigned char *buf, size_t buflen, _BN_CTX_PTR ctx) __attribute__((slice("buf","buflen"))); -+_EC_GROUP_PTR EC_GROUP_new_by_curve_name(int nid); -+void EC_GROUP_free(_EC_GROUP_PTR group); -+ -+// EVP_MAC API -+_EVP_MAC_PTR EVP_MAC_fetch(_OSSL_LIB_CTX_PTR ctx, const char *algorithm, const char *properties) __attribute__((tag("3"))); -+_EVP_MAC_CTX_PTR EVP_MAC_CTX_new(_EVP_MAC_PTR arg0) __attribute__((tag("3"))); -+int EVP_MAC_CTX_set_params(_EVP_MAC_CTX_PTR ctx, const _OSSL_PARAM_PTR params) __attribute__((tag("3"))); -+void EVP_MAC_CTX_free(_EVP_MAC_CTX_PTR arg0) __attribute__((tag("3"),noescape,nocallback)); -+_EVP_MAC_CTX_PTR EVP_MAC_CTX_dup(const _EVP_MAC_CTX_PTR arg0) __attribute__((tag("3"))); -+int EVP_MAC_init(_EVP_MAC_CTX_PTR ctx, const unsigned char *key, size_t keylen, const _OSSL_PARAM_PTR params) __attribute__((tag("3"),noescape,nocallback,slice("key","keylen"))); -+int EVP_MAC_update(_EVP_MAC_CTX_PTR ctx, const unsigned char *data, size_t datalen) __attribute__((tag("3"),noescape,nocallback,slice("data","datalen"))); -+int EVP_MAC_final(_EVP_MAC_CTX_PTR ctx, unsigned char *out, size_t *outl, size_t outsize) __attribute__((tag("3"),noescape,nocallback,slice("out","outsize"))); -+ -+// OSSL_PARAM API -+void OSSL_PARAM_free(_OSSL_PARAM_PTR p) __attribute__((tag("3"))); -+const _OSSL_PARAM_PTR OSSL_PARAM_locate_const(const _OSSL_PARAM_PTR p, const char *key) __attribute__((tag("3"))); -+_OSSL_PARAM_BLD_PTR OSSL_PARAM_BLD_new(void) __attribute__((tag("3"),noerror)); -+void OSSL_PARAM_BLD_free(_OSSL_PARAM_BLD_PTR bld) __attribute__((tag("3"))); -+_OSSL_PARAM_PTR OSSL_PARAM_BLD_to_param(_OSSL_PARAM_BLD_PTR bld) __attribute__((tag("3"))); -+int OSSL_PARAM_BLD_push_utf8_string(_OSSL_PARAM_BLD_PTR bld, const char *key, const char *buf, size_t bsize) __attribute__((tag("3"),slice("buf","bsize"))); -+int OSSL_PARAM_BLD_push_octet_string(_OSSL_PARAM_BLD_PTR bld, const char *key, const void *buf, size_t bsize) __attribute__((tag("3"),slice("buf","bsize"))); -+int OSSL_PARAM_BLD_push_BN(_OSSL_PARAM_BLD_PTR bld, const char *key, const _BIGNUM_PTR bn) __attribute__((tag("3"))); -+int OSSL_PARAM_BLD_push_int32(_OSSL_PARAM_BLD_PTR bld, const char *key, int32_t num) __attribute__((tag("3"))); -+ -+// EVP_SIGNATURE API -+_EVP_SIGNATURE_PTR EVP_SIGNATURE_fetch(_OSSL_LIB_CTX_PTR ctx, const char *algorithm, const char *properties) __attribute__((tag("3"))); -+void EVP_SIGNATURE_free(_EVP_SIGNATURE_PTR signature) __attribute__((tag("3"))); -+ -+// DSA API -+_DSA_PTR DSA_new(void) __attribute__((tag("legacy_1"))); -+void DSA_free(_DSA_PTR r) __attribute__((tag("legacy_1"))); -+int DSA_generate_key(_DSA_PTR a) __attribute__((tag("legacy_1"))); -+void DSA_get0_pqg(const _DSA_PTR d, const _BIGNUM_PTR *p, const _BIGNUM_PTR *q, const _BIGNUM_PTR *g) __attribute__((tag("legacy_1"))); -+int DSA_set0_pqg(_DSA_PTR d, _BIGNUM_PTR p, _BIGNUM_PTR q, _BIGNUM_PTR g) __attribute__((tag("legacy_1"))); -+void DSA_get0_key(const _DSA_PTR d, const _BIGNUM_PTR *pub_key, const _BIGNUM_PTR *priv_key) __attribute__((tag("legacy_1"))); -+int DSA_set0_key(_DSA_PTR d, _BIGNUM_PTR pub_key, _BIGNUM_PTR priv_key) __attribute__((tag("legacy_1"))); -+ -+// EVP_KDF API -+_EVP_KDF_PTR EVP_KDF_fetch(_OSSL_LIB_CTX_PTR libctx, const char *algorithm, const char *properties) __attribute__((tag("3"))); -+void EVP_KDF_free(_EVP_KDF_PTR kdf) __attribute__((tag("3"))); -+_EVP_KDF_CTX_PTR EVP_KDF_CTX_new(_EVP_KDF_PTR kdf) __attribute__((tag("3"))); -+int EVP_KDF_CTX_set_params(_EVP_KDF_CTX_PTR ctx, const _OSSL_PARAM_PTR params) __attribute__((tag("3"))); -+void EVP_KDF_CTX_free(_EVP_KDF_CTX_PTR ctx) __attribute__((tag("3"))); -+size_t EVP_KDF_CTX_get_kdf_size(_EVP_KDF_CTX_PTR ctx) __attribute__((tag("3"))); -+int EVP_KDF_derive(_EVP_KDF_CTX_PTR ctx, unsigned char *key, size_t keylen, const _OSSL_PARAM_PTR params) __attribute__((tag("3"),slice("key","keylen"))); -+int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, const _EVP_MD_PTR digest, int keylen, unsigned char *out) __attribute__((tag("legacy_1"),slice("pass","passlen"),slice("salt","saltlen"),slice("out","keylen"))); -+ -+// OBJ API -+const char *OBJ_nid2sn(int n) __attribute__((noerror)); -+ -+// EVP KEM API for ML-KEM (OpenSSL 3.x) -+_EVP_KEYMGMT_PTR EVP_KEYMGMT_fetch(_OSSL_LIB_CTX_PTR libctx, const char *algorithm, const char *properties) __attribute__((tag("3"),optional)); -+void EVP_KEYMGMT_free(_EVP_KEYMGMT_PTR keymgmt) __attribute__((tag("3"))); -+int EVP_PKEY_encapsulate_init(_EVP_PKEY_CTX_PTR ctx, const _OSSL_PARAM_PTR params) __attribute__((tag("3"))); -+int EVP_PKEY_encapsulate(_EVP_PKEY_CTX_PTR ctx, unsigned char *wrappedkey, size_t *wrappedkeylen, unsigned char *genkey, size_t *genkeylen) __attribute__((tag("3"))); -+int EVP_PKEY_decapsulate_init(_EVP_PKEY_CTX_PTR ctx, const _OSSL_PARAM_PTR params) __attribute__((tag("3"))); -+int EVP_PKEY_decapsulate(_EVP_PKEY_CTX_PTR ctx, unsigned char *genkey, size_t *genkeylen, const unsigned char *wrappedkey, size_t wrappedkeylen) __attribute__((tag("3"))); -+ -+#endif // _GO_OSSL_SHIMS_H -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo.go -new file mode 100644 -index 00000000000000..45c9ce7215a2bd ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo.go -@@ -0,0 +1,87 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+//go:build !cgo -+ -+package ossl -+ -+import ( -+ "unsafe" -+) -+ -+//go:linkname runtime_cgocall runtime.cgocall -+ -+//go:noescape -+func runtime_cgocall(fn uintptr, arg unsafe.Pointer) int32 // from runtime/sys_libc.go -+ -+//go:linkname noescape -+//go:nosplit -+func noescape(p unsafe.Pointer) unsafe.Pointer { -+ x := uintptr(p) -+ return unsafe.Pointer(x ^ 0) -+} -+ -+type libcCallInfo struct { -+ fn uintptr -+ n uintptr // number of parameters -+ args uintptr // parameters -+ r1, r2 uintptr // return values -+ errType uintptr -+} -+ -+//go:noescape -+func syscallNAsm(libcArgs *libcCallInfo) -+ -+// syscallNSystemStack performs a syscall on the system stack. -+// It can't allocate Go memory nor grow the stack over the nosplit limit. -+// -+//go:nosplit -+func syscallNSystemStack(libcArgs *libcCallInfo) { -+ if libcArgs.errType != 0 { -+ libcArgs.n-- -+ } -+ syscallNAsm(libcArgs) -+ if libcArgs.errType != 0 { -+ _mkcgo_error_check(libcArgs.errType, libcArgs.r1, libcArgs.args, libcArgs.n) -+ } -+} -+ -+var syscallNSystemStack_trampoline byte -+var syscallNSystemStackABIInternal = uintptr(unsafe.Pointer(&syscallNSystemStack_trampoline)) -+ -+// syscallN performs a syscall with the given function and arguments. -+// -+// All its parameters and return values must be uintptr in order -+// for the Go compiler to automatically set the //go:uintptrkeepalive -+// directive (which we can't set manually here). -+// See https://github.com/golang/go/blob/9a5a1202f4c4d5a7048b149b65c3e5b82a2de9aa/src/cmd/compile/internal/escape/call.go#L275. -+// -+//go:nosplit -+func syscallN(errType uintptr, fn uintptr, args ...uintptr) (r1, r2 uintptr) { -+ libcArgs := libcCallInfo{ -+ fn: fn, -+ n: uintptr(len(args)), -+ errType: errType, -+ } -+ if libcArgs.n != 0 { -+ libcArgs.args = uintptr(noescape(unsafe.Pointer(&args[0]))) -+ } -+ runtime_cgocall(syscallNSystemStackABIInternal, unsafe.Pointer(&libcArgs)) -+ return libcArgs.r1, libcArgs.r2 -+} -+ -+// syscallNRaw performs a syscall with the given function and arguments, -+// without any error checking nor switching to the system stack. -+// -+//go:nosplit -+func syscallNRaw(fn uintptr, args ...uintptr) uintptr { -+ libcArgs := libcCallInfo{ -+ fn: fn, -+ n: uintptr(len(args)), -+ } -+ if libcArgs.n != 0 { -+ libcArgs.args = uintptr(noescape(unsafe.Pointer(&args[0]))) -+ } -+ syscallNAsm(&libcArgs) -+ return libcArgs.r1 -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_darwin.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_darwin.go -new file mode 100644 -index 00000000000000..70dbcb15a9142d ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_darwin.go -@@ -0,0 +1,8 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+//go:build !cgo -+ -+package ossl -+ -+//go:cgo_import_dynamic _ _ "/usr/lib/libSystem.B.dylib" -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_freebsd.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_freebsd.go -new file mode 100644 -index 00000000000000..4a8747b4d6b2a9 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_freebsd.go -@@ -0,0 +1,8 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+//go:build !cgo -+ -+package ossl -+ -+//go:cgo_import_dynamic _ _ "libc.so.7" -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_linux.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_linux.go -new file mode 100644 -index 00000000000000..236f6361eb0935 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_linux.go -@@ -0,0 +1,8 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+//go:build !cgo -+ -+package ossl -+ -+//go:cgo_import_dynamic _ _ "libdl.so.2" -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_unix.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_unix.go -new file mode 100644 -index 00000000000000..24c7b8aaa3e5bd ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_unix.go -@@ -0,0 +1,23 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+//go:build !cgo && unix && (go1.27 || !s390x) -+ -+package ossl -+ -+import ( -+ "unsafe" -+ -+ _ "github.com/microsoft/go-crypto-openssl/internal/fakecgo" -+) -+ -+func dlsym(handle unsafe.Pointer, symbol string, optional bool) uintptr { -+ r0 := Dlsym(handle, unsafe.StringData(symbol)) -+ if r0 == nil { -+ if !optional { -+ panic("cannot get required symbol " + symbol) -+ } -+ return 0 -+ } -+ return uintptr(r0) -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_windows.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_windows.go -new file mode 100644 -index 00000000000000..38fb4882eb487d ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/syscall_nocgo_windows.go -@@ -0,0 +1,25 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+//go:build !cgo && windows -+ -+package ossl -+ -+import ( -+ "syscall" -+ "unsafe" -+) -+ -+var modkernel32 = syscall.NewLazyDLL("kernel32.dll") -+var procGetProcAddress = modkernel32.NewProc("GetProcAddress") -+ -+func dlsym(handle unsafe.Pointer, symbol string, optional bool) uintptr { -+ r0, _, err := syscall.SyscallN(procGetProcAddress.Addr(), uintptr(handle), uintptr(unsafe.Pointer(unsafe.StringData(symbol)))) -+ if err != 0 { -+ if !optional { -+ panic("cannot get required symbol " + symbol + ": " + err.Error()) -+ } -+ return 0 -+ } -+ return r0 -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zdl.s b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zdl.s -new file mode 100644 -index 00000000000000..51fd1af1cf33fd ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zdl.s -@@ -0,0 +1,58 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+// Code generated by mkcgo. DO NOT EDIT. -+ -+//go:build !cgo && unix -+ -+#include "textflag.h" -+ -+#ifndef GOARCH_amd64 -+#ifndef GOARCH_arm64 -+#ifndef GOARCH_riscv64 -+#ifndef GOARCH_loong64 -+#ifndef GOARCH_mips64 -+#ifndef GOARCH_mips64le -+#ifndef GOARCH_ppc64 -+#ifndef GOARCH_ppc64le -+#ifndef GOARCH_s390x -+#ifndef GOARCH_sparc64 -+#define _GOPTRSIZE 4 -+#endif -+#endif -+#endif -+#endif -+#endif -+#endif -+#endif -+#endif -+#endif -+#endif -+ -+#ifndef _GOPTRSIZE -+#define _GOPTRSIZE 8 -+#endif -+TEXT _mkcgo_dlclose_trampoline<>(SB), NOSPLIT, $0-0 -+ JMP _mkcgo_dlclose(SB) -+ -+GLOBL ·_mkcgo_dlclose_trampoline_addr(SB), RODATA, $_GOPTRSIZE -+DATA ·_mkcgo_dlclose_trampoline_addr(SB)/_GOPTRSIZE, $_mkcgo_dlclose_trampoline<>(SB) -+ -+TEXT _mkcgo_dlerror_trampoline<>(SB), NOSPLIT, $0-0 -+ JMP _mkcgo_dlerror(SB) -+ -+GLOBL ·_mkcgo_dlerror_trampoline_addr(SB), RODATA, $_GOPTRSIZE -+DATA ·_mkcgo_dlerror_trampoline_addr(SB)/_GOPTRSIZE, $_mkcgo_dlerror_trampoline<>(SB) -+ -+TEXT _mkcgo_dlopen_trampoline<>(SB), NOSPLIT, $0-0 -+ JMP _mkcgo_dlopen(SB) -+ -+GLOBL ·_mkcgo_dlopen_trampoline_addr(SB), RODATA, $_GOPTRSIZE -+DATA ·_mkcgo_dlopen_trampoline_addr(SB)/_GOPTRSIZE, $_mkcgo_dlopen_trampoline<>(SB) -+ -+TEXT _mkcgo_dlsym_trampoline<>(SB), NOSPLIT, $0-0 -+ JMP _mkcgo_dlsym(SB) -+ -+GLOBL ·_mkcgo_dlsym_trampoline_addr(SB), RODATA, $_GOPTRSIZE -+DATA ·_mkcgo_dlsym_trampoline_addr(SB)/_GOPTRSIZE, $_mkcgo_dlsym_trampoline<>(SB) -+ -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zdl_nocgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zdl_nocgo.go -new file mode 100644 -index 00000000000000..7d382b9a5c288c ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zdl_nocgo.go -@@ -0,0 +1,61 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+// Code generated by mkcgo. DO NOT EDIT. -+ -+//go:build !cgo && unix -+ -+package ossl -+ -+import ( -+ "runtime" -+ "unsafe" -+) -+ -+var _ = runtime.GOOS -+ -+var _mkcgoAlwaysFalseDl bool -+var _mkcgoEscapeSinkDl unsafe.Pointer -+ -+// mkcgoEscapePtrDl forces p to escape to the heap. -+// This implementation is also used in the standard library: -+// https://github.com/golang/go/blob/f71432d223eeb2139b460957817400750fd13655/src/internal/abi/escape.go#L24-L33 -+func mkcgoEscapePtrDl(p unsafe.Pointer) unsafe.Pointer { -+ if _mkcgoAlwaysFalseDl { -+ _mkcgoEscapeSinkDl = p -+ } -+ return p -+} -+ -+//go:cgo_import_dynamic _mkcgo_dlclose dlclose "" -+//go:cgo_import_dynamic _mkcgo_dlerror dlerror "" -+//go:cgo_import_dynamic _mkcgo_dlopen dlopen "" -+//go:cgo_import_dynamic _mkcgo_dlsym dlsym "" -+ -+var _mkcgo_dlclose_trampoline_addr uintptr -+ -+func Dlclose(handle unsafe.Pointer) int32 { -+ r0, _ := syscallN(0, _mkcgo_dlclose_trampoline_addr, uintptr(handle)) -+ return int32(r0) -+} -+ -+var _mkcgo_dlerror_trampoline_addr uintptr -+ -+func Dlerror() *byte { -+ r0, _ := syscallN(0, _mkcgo_dlerror_trampoline_addr) -+ return (*byte)(unsafe.Pointer(r0)) -+} -+ -+var _mkcgo_dlopen_trampoline_addr uintptr -+ -+func Dlopen(path *byte, flags int32) unsafe.Pointer { -+ r0, _ := syscallN(0, _mkcgo_dlopen_trampoline_addr, uintptr(mkcgoEscapePtrDl(unsafe.Pointer(path))), uintptr(flags)) -+ return unsafe.Pointer(r0) -+} -+ -+var _mkcgo_dlsym_trampoline_addr uintptr -+ -+func Dlsym(handle unsafe.Pointer, symbol *byte) unsafe.Pointer { -+ r0, _ := syscallN(0, _mkcgo_dlsym_trampoline_addr, uintptr(handle), uintptr(mkcgoEscapePtrDl(unsafe.Pointer(symbol)))) -+ return unsafe.Pointer(r0) -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.c b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.c -new file mode 100644 -index 00000000000000..8abb6430c2a6e7 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.c -@@ -0,0 +1,2083 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+// Code generated by mkcgo. DO NOT EDIT. -+ -+#include -+#include -+#include -+#include -+#include "zossl.h" -+ -+#ifdef _WIN32 -+#include -+#define dlsym GetProcAddress -+#else -+#include -+#endif -+ -+long (*_g_BIO_ctrl)(_BIO_PTR, int, long, void*); -+int (*_g_BIO_free)(_BIO_PTR); -+_BIO_PTR (*_g_BIO_new)(const _BIO_METHOD_PTR); -+const _BIO_METHOD_PTR (*_g_BIO_s_mem)(void); -+_BIGNUM_PTR (*_g_BN_bin2bn)(const unsigned char*, int, _BIGNUM_PTR); -+int (*_g_BN_bn2binpad)(const _BIGNUM_PTR, unsigned char*, int); -+int (*_g_BN_bn2lebinpad)(const _BIGNUM_PTR, unsigned char*, int); -+void (*_g_BN_clear)(_BIGNUM_PTR); -+void (*_g_BN_clear_free)(_BIGNUM_PTR); -+void (*_g_BN_free)(_BIGNUM_PTR); -+_BIGNUM_PTR (*_g_BN_lebin2bn)(const unsigned char*, int, _BIGNUM_PTR); -+_BIGNUM_PTR (*_g_BN_new)(void); -+int (*_g_BN_num_bits)(const _BIGNUM_PTR); -+void (*_g_CRYPTO_free)(void*, const char*, int); -+void* (*_g_CRYPTO_malloc)(size_t, const char*, int); -+void (*_g_DSA_free)(_DSA_PTR); -+int (*_g_DSA_generate_key)(_DSA_PTR); -+void (*_g_DSA_get0_key)(const _DSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*); -+void (*_g_DSA_get0_pqg)(const _DSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); -+_DSA_PTR (*_g_DSA_new)(void); -+int (*_g_DSA_set0_key)(_DSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR); -+int (*_g_DSA_set0_pqg)(_DSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR); -+void (*_g_EC_GROUP_free)(_EC_GROUP_PTR); -+_EC_GROUP_PTR (*_g_EC_GROUP_new_by_curve_name)(int); -+int (*_g_EC_KEY_check_key)(const _EC_KEY_PTR); -+void (*_g_EC_KEY_free)(_EC_KEY_PTR); -+const _EC_GROUP_PTR (*_g_EC_KEY_get0_group)(const _EC_KEY_PTR); -+const _BIGNUM_PTR (*_g_EC_KEY_get0_private_key)(const _EC_KEY_PTR); -+const _EC_POINT_PTR (*_g_EC_KEY_get0_public_key)(const _EC_KEY_PTR); -+_EC_KEY_PTR (*_g_EC_KEY_new_by_curve_name)(int); -+int (*_g_EC_KEY_set_private_key)(_EC_KEY_PTR, const _BIGNUM_PTR); -+int (*_g_EC_KEY_set_public_key)(_EC_KEY_PTR, const _EC_POINT_PTR); -+int (*_g_EC_KEY_set_public_key_affine_coordinates)(_EC_KEY_PTR, _BIGNUM_PTR, _BIGNUM_PTR); -+void (*_g_EC_POINT_free)(_EC_POINT_PTR); -+int (*_g_EC_POINT_get_affine_coordinates_GFp)(const _EC_GROUP_PTR, const _EC_POINT_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BN_CTX_PTR); -+int (*_g_EC_POINT_mul)(const _EC_GROUP_PTR, _EC_POINT_PTR, const _BIGNUM_PTR, const _EC_POINT_PTR, const _BIGNUM_PTR, _BN_CTX_PTR); -+_EC_POINT_PTR (*_g_EC_POINT_new)(const _EC_GROUP_PTR); -+int (*_g_EC_POINT_oct2point)(const _EC_GROUP_PTR, _EC_POINT_PTR, const unsigned char*, size_t, _BN_CTX_PTR); -+size_t (*_g_EC_POINT_point2oct)(const _EC_GROUP_PTR, const _EC_POINT_PTR, point_conversion_form_t, unsigned char*, size_t, _BN_CTX_PTR); -+int (*_g_EC_POINT_set_affine_coordinates)(const _EC_GROUP_PTR, _EC_POINT_PTR, const _BIGNUM_PTR, const _BIGNUM_PTR, _BN_CTX_PTR); -+unsigned long (*_g_ERR_peek_error)(void); -+void (*_g_ERR_print_errors)(_BIO_PTR); -+int (*_g_EVP_CIPHER_CTX_ctrl)(_EVP_CIPHER_CTX_PTR, int, int, void*); -+void (*_g_EVP_CIPHER_CTX_free)(_EVP_CIPHER_CTX_PTR); -+_EVP_CIPHER_CTX_PTR (*_g_EVP_CIPHER_CTX_new)(void); -+int (*_g_EVP_CIPHER_CTX_set_key_length)(_EVP_CIPHER_CTX_PTR, int); -+int (*_g_EVP_CIPHER_CTX_set_padding)(_EVP_CIPHER_CTX_PTR, int); -+_EVP_CIPHER_PTR (*_g_EVP_CIPHER_fetch)(_OSSL_LIB_CTX_PTR, const char*, const char*); -+const char* (*_g_EVP_CIPHER_get0_name)(const _EVP_CIPHER_PTR); -+int (*_g_EVP_CIPHER_get_block_size)(const _EVP_CIPHER_PTR); -+int (*_g_EVP_CipherInit_ex)(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*, int); -+int (*_g_EVP_CipherUpdate)(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int); -+int (*_g_EVP_DecryptFinal_ex)(_EVP_CIPHER_CTX_PTR, unsigned char*, int*); -+int (*_g_EVP_DecryptInit_ex)(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*); -+int (*_g_EVP_DecryptUpdate)(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int); -+int (*_g_EVP_Digest)(const unsigned char*, size_t, unsigned char*, unsigned int*, const _EVP_MD_PTR, _ENGINE_PTR); -+int (*_g_EVP_DigestFinalXOF)(_EVP_MD_CTX_PTR, unsigned char*, size_t); -+int (*_g_EVP_DigestFinal_ex)(_EVP_MD_CTX_PTR, unsigned char*, unsigned int*); -+int (*_g_EVP_DigestInit)(_EVP_MD_CTX_PTR, const _EVP_MD_PTR); -+int (*_g_EVP_DigestInit_ex)(_EVP_MD_CTX_PTR, const _EVP_MD_PTR, _ENGINE_PTR); -+int (*_g_EVP_DigestSign)(_EVP_MD_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t); -+int (*_g_EVP_DigestSignFinal)(_EVP_MD_CTX_PTR, unsigned char*, size_t*); -+int (*_g_EVP_DigestSignInit)(_EVP_MD_CTX_PTR, _EVP_PKEY_CTX_PTR*, const _EVP_MD_PTR, _ENGINE_PTR, _EVP_PKEY_PTR); -+int (*_g_EVP_DigestSqueeze)(_EVP_MD_CTX_PTR, unsigned char*, size_t); -+int (*_g_EVP_DigestUpdate)(_EVP_MD_CTX_PTR, const unsigned char*, size_t); -+int (*_g_EVP_DigestVerify)(_EVP_MD_CTX_PTR, const unsigned char*, size_t, const unsigned char*, size_t); -+int (*_g_EVP_DigestVerifyFinal)(_EVP_MD_CTX_PTR, const unsigned char*, size_t); -+int (*_g_EVP_DigestVerifyInit)(_EVP_MD_CTX_PTR, _EVP_PKEY_CTX_PTR*, const _EVP_MD_PTR, _ENGINE_PTR, _EVP_PKEY_PTR); -+int (*_g_EVP_EncryptFinal_ex)(_EVP_CIPHER_CTX_PTR, unsigned char*, int*); -+int (*_g_EVP_EncryptInit_ex)(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*); -+int (*_g_EVP_EncryptUpdate)(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int); -+void (*_g_EVP_KDF_CTX_free)(_EVP_KDF_CTX_PTR); -+size_t (*_g_EVP_KDF_CTX_get_kdf_size)(_EVP_KDF_CTX_PTR); -+_EVP_KDF_CTX_PTR (*_g_EVP_KDF_CTX_new)(_EVP_KDF_PTR); -+int (*_g_EVP_KDF_CTX_set_params)(_EVP_KDF_CTX_PTR, const _OSSL_PARAM_PTR); -+int (*_g_EVP_KDF_derive)(_EVP_KDF_CTX_PTR, unsigned char*, size_t, const _OSSL_PARAM_PTR); -+_EVP_KDF_PTR (*_g_EVP_KDF_fetch)(_OSSL_LIB_CTX_PTR, const char*, const char*); -+void (*_g_EVP_KDF_free)(_EVP_KDF_PTR); -+_EVP_KEYMGMT_PTR (*_g_EVP_KEYMGMT_fetch)(_OSSL_LIB_CTX_PTR, const char*, const char*); -+void (*_g_EVP_KEYMGMT_free)(_EVP_KEYMGMT_PTR); -+_EVP_MAC_CTX_PTR (*_g_EVP_MAC_CTX_dup)(const _EVP_MAC_CTX_PTR); -+void (*_g_EVP_MAC_CTX_free)(_EVP_MAC_CTX_PTR); -+_EVP_MAC_CTX_PTR (*_g_EVP_MAC_CTX_new)(_EVP_MAC_PTR); -+int (*_g_EVP_MAC_CTX_set_params)(_EVP_MAC_CTX_PTR, const _OSSL_PARAM_PTR); -+_EVP_MAC_PTR (*_g_EVP_MAC_fetch)(_OSSL_LIB_CTX_PTR, const char*, const char*); -+int (*_g_EVP_MAC_final)(_EVP_MAC_CTX_PTR, unsigned char*, size_t*, size_t); -+int (*_g_EVP_MAC_init)(_EVP_MAC_CTX_PTR, const unsigned char*, size_t, const _OSSL_PARAM_PTR); -+int (*_g_EVP_MAC_update)(_EVP_MAC_CTX_PTR, const unsigned char*, size_t); -+int (*_g_EVP_MD_CTX_copy_ex)(_EVP_MD_CTX_PTR, const _EVP_MD_CTX_PTR); -+int (*_g_EVP_MD_CTX_ctrl)(_EVP_MD_CTX_PTR, int, int, void*); -+void (*_g_EVP_MD_CTX_free)(_EVP_MD_CTX_PTR); -+int (*_g_EVP_MD_CTX_get_params)(_EVP_MD_CTX_PTR, _OSSL_PARAM_PTR); -+const _OSSL_PARAM_PTR (*_g_EVP_MD_CTX_gettable_params)(_EVP_MD_CTX_PTR); -+_EVP_MD_CTX_PTR (*_g_EVP_MD_CTX_new)(void); -+int (*_g_EVP_MD_CTX_set_params)(_EVP_MD_CTX_PTR, const _OSSL_PARAM_PTR); -+const _OSSL_PARAM_PTR (*_g_EVP_MD_CTX_settable_params)(_EVP_MD_CTX_PTR); -+_EVP_MD_PTR (*_g_EVP_MD_fetch)(_OSSL_LIB_CTX_PTR, const char*, const char*); -+void (*_g_EVP_MD_free)(_EVP_MD_PTR); -+const char* (*_g_EVP_MD_get0_name)(const _EVP_MD_PTR); -+const _OSSL_PROVIDER_PTR (*_g_EVP_MD_get0_provider)(const _EVP_MD_PTR); -+int (*_g_EVP_MD_get_block_size)(const _EVP_MD_PTR); -+int (*_g_EVP_MD_get_size)(const _EVP_MD_PTR); -+int (*_g_EVP_MD_get_type)(const _EVP_MD_PTR); -+int (*_g_EVP_PKEY_CTX_add1_hkdf_info)(_EVP_PKEY_CTX_PTR, const unsigned char*, int); -+int (*_g_EVP_PKEY_CTX_ctrl)(_EVP_PKEY_CTX_PTR, int, int, int, int, void*); -+void (*_g_EVP_PKEY_CTX_free)(_EVP_PKEY_CTX_PTR); -+_EVP_PKEY_CTX_PTR (*_g_EVP_PKEY_CTX_new)(_EVP_PKEY_PTR, _ENGINE_PTR); -+_EVP_PKEY_CTX_PTR (*_g_EVP_PKEY_CTX_new_from_pkey)(_OSSL_LIB_CTX_PTR, _EVP_PKEY_PTR, const char*); -+_EVP_PKEY_CTX_PTR (*_g_EVP_PKEY_CTX_new_id)(int, _ENGINE_PTR); -+int (*_g_EVP_PKEY_CTX_set0_rsa_oaep_label)(_EVP_PKEY_CTX_PTR, unsigned char*, int); -+int (*_g_EVP_PKEY_CTX_set1_hkdf_key)(_EVP_PKEY_CTX_PTR, const unsigned char*, int); -+int (*_g_EVP_PKEY_CTX_set1_hkdf_salt)(_EVP_PKEY_CTX_PTR, const unsigned char*, int); -+int (*_g_EVP_PKEY_CTX_set_hkdf_md)(_EVP_PKEY_CTX_PTR, const _EVP_MD_PTR); -+int (*_g_EVP_PKEY_CTX_set_hkdf_mode)(_EVP_PKEY_CTX_PTR, int); -+int (*_g_EVP_PKEY_CTX_set_params)(_EVP_PKEY_CTX_PTR, const _OSSL_PARAM_PTR); -+_EVP_PKEY_PTR (*_g_EVP_PKEY_Q_keygen)(_OSSL_LIB_CTX_PTR, const char*, const char*, ...); -+int (*_g_EVP_PKEY_assign)(_EVP_PKEY_PTR, int, void*); -+int (*_g_EVP_PKEY_decapsulate)(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t); -+int (*_g_EVP_PKEY_decapsulate_init)(_EVP_PKEY_CTX_PTR, const _OSSL_PARAM_PTR); -+int (*_g_EVP_PKEY_decrypt)(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t); -+int (*_g_EVP_PKEY_decrypt_init)(_EVP_PKEY_CTX_PTR); -+int (*_g_EVP_PKEY_derive)(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*); -+int (*_g_EVP_PKEY_derive_init)(_EVP_PKEY_CTX_PTR); -+int (*_g_EVP_PKEY_derive_set_peer)(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR); -+int (*_g_EVP_PKEY_encapsulate)(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, unsigned char*, size_t*); -+int (*_g_EVP_PKEY_encapsulate_init)(_EVP_PKEY_CTX_PTR, const _OSSL_PARAM_PTR); -+int (*_g_EVP_PKEY_encrypt)(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t); -+int (*_g_EVP_PKEY_encrypt_init)(_EVP_PKEY_CTX_PTR); -+void (*_g_EVP_PKEY_free)(_EVP_PKEY_PTR); -+int (*_g_EVP_PKEY_fromdata)(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*, int, _OSSL_PARAM_PTR); -+int (*_g_EVP_PKEY_fromdata_init)(_EVP_PKEY_CTX_PTR); -+_DSA_PTR (*_g_EVP_PKEY_get0_DSA)(_EVP_PKEY_PTR); -+_EC_KEY_PTR (*_g_EVP_PKEY_get0_EC_KEY)(_EVP_PKEY_PTR); -+_RSA_PTR (*_g_EVP_PKEY_get1_RSA)(_EVP_PKEY_PTR); -+size_t (*_g_EVP_PKEY_get1_encoded_public_key)(_EVP_PKEY_PTR, unsigned char**); -+int (*_g_EVP_PKEY_get_bits)(const _EVP_PKEY_PTR); -+int (*_g_EVP_PKEY_get_bn_param)(const _EVP_PKEY_PTR, const char*, _BIGNUM_PTR*); -+int (*_g_EVP_PKEY_get_octet_string_param)(const _EVP_PKEY_PTR, const char*, unsigned char*, size_t, size_t*); -+int (*_g_EVP_PKEY_get_raw_private_key)(const _EVP_PKEY_PTR, unsigned char*, size_t*); -+int (*_g_EVP_PKEY_get_raw_public_key)(const _EVP_PKEY_PTR, unsigned char*, size_t*); -+int (*_g_EVP_PKEY_get_size)(const _EVP_PKEY_PTR); -+int (*_g_EVP_PKEY_keygen)(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*); -+int (*_g_EVP_PKEY_keygen_init)(_EVP_PKEY_CTX_PTR); -+_EVP_PKEY_PTR (*_g_EVP_PKEY_new)(void); -+_EVP_PKEY_PTR (*_g_EVP_PKEY_new_raw_private_key)(int, _ENGINE_PTR, const unsigned char*, size_t); -+_EVP_PKEY_PTR (*_g_EVP_PKEY_new_raw_public_key)(int, _ENGINE_PTR, const unsigned char*, size_t); -+int (*_g_EVP_PKEY_paramgen)(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*); -+int (*_g_EVP_PKEY_paramgen_init)(_EVP_PKEY_CTX_PTR); -+int (*_g_EVP_PKEY_private_check)(_EVP_PKEY_CTX_PTR); -+int (*_g_EVP_PKEY_public_check_quick)(_EVP_PKEY_CTX_PTR); -+int (*_g_EVP_PKEY_set1_EC_KEY)(_EVP_PKEY_PTR, _EC_KEY_PTR); -+int (*_g_EVP_PKEY_set1_encoded_public_key)(_EVP_PKEY_PTR, const unsigned char*, size_t); -+int (*_g_EVP_PKEY_sign)(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t); -+int (*_g_EVP_PKEY_sign_init)(_EVP_PKEY_CTX_PTR); -+int (*_g_EVP_PKEY_up_ref)(_EVP_PKEY_PTR); -+int (*_g_EVP_PKEY_verify)(_EVP_PKEY_CTX_PTR, const unsigned char*, size_t, const unsigned char*, size_t); -+int (*_g_EVP_PKEY_verify_init)(_EVP_PKEY_CTX_PTR); -+_EVP_SIGNATURE_PTR (*_g_EVP_SIGNATURE_fetch)(_OSSL_LIB_CTX_PTR, const char*, const char*); -+void (*_g_EVP_SIGNATURE_free)(_EVP_SIGNATURE_PTR); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_128_cbc)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_128_ctr)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_128_ecb)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_128_gcm)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_192_cbc)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_192_ctr)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_192_ecb)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_192_gcm)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_256_cbc)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_256_ctr)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_256_ecb)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_aes_256_gcm)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_chacha20_poly1305)(void); -+int (*_g_EVP_default_properties_enable_fips)(_OSSL_LIB_CTX_PTR, int); -+int (*_g_EVP_default_properties_is_fips_enabled)(_OSSL_LIB_CTX_PTR); -+const _EVP_CIPHER_PTR (*_g_EVP_des_cbc)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_des_ecb)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_des_ede3_cbc)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_des_ede3_ecb)(void); -+const _EVP_MD_PTR (*_g_EVP_md4)(void); -+const _EVP_MD_PTR (*_g_EVP_md5)(void); -+const _EVP_MD_PTR (*_g_EVP_md5_sha1)(void); -+const _EVP_CIPHER_PTR (*_g_EVP_rc4)(void); -+const _EVP_MD_PTR (*_g_EVP_ripemd160)(void); -+const _EVP_MD_PTR (*_g_EVP_sha1)(void); -+const _EVP_MD_PTR (*_g_EVP_sha224)(void); -+const _EVP_MD_PTR (*_g_EVP_sha256)(void); -+const _EVP_MD_PTR (*_g_EVP_sha384)(void); -+const _EVP_MD_PTR (*_g_EVP_sha3_224)(void); -+const _EVP_MD_PTR (*_g_EVP_sha3_256)(void); -+const _EVP_MD_PTR (*_g_EVP_sha3_384)(void); -+const _EVP_MD_PTR (*_g_EVP_sha3_512)(void); -+const _EVP_MD_PTR (*_g_EVP_sha512)(void); -+const _EVP_MD_PTR (*_g_EVP_sha512_224)(void); -+const _EVP_MD_PTR (*_g_EVP_sha512_256)(void); -+int (*_g_FIPS_mode)(void); -+int (*_g_FIPS_mode_set)(int); -+int (*_g_HMAC_CTX_copy)(_HMAC_CTX_PTR, _HMAC_CTX_PTR); -+void (*_g_HMAC_CTX_free)(_HMAC_CTX_PTR); -+_HMAC_CTX_PTR (*_g_HMAC_CTX_new)(void); -+int (*_g_HMAC_Final)(_HMAC_CTX_PTR, unsigned char*, unsigned int*); -+int (*_g_HMAC_Init_ex)(_HMAC_CTX_PTR, const unsigned char*, int, const _EVP_MD_PTR, _ENGINE_PTR); -+int (*_g_HMAC_Update)(_HMAC_CTX_PTR, const unsigned char*, size_t); -+const char* (*_g_OBJ_nid2sn)(int); -+void (*_g_OPENSSL_init)(void); -+int (*_g_OPENSSL_init_crypto)(uint64_t, const _OPENSSL_INIT_SETTINGS_PTR); -+unsigned int (*_g_OPENSSL_version_major)(void); -+unsigned int (*_g_OPENSSL_version_minor)(void); -+unsigned int (*_g_OPENSSL_version_patch)(void); -+void (*_g_OSSL_PARAM_BLD_free)(_OSSL_PARAM_BLD_PTR); -+_OSSL_PARAM_BLD_PTR (*_g_OSSL_PARAM_BLD_new)(void); -+int (*_g_OSSL_PARAM_BLD_push_BN)(_OSSL_PARAM_BLD_PTR, const char*, const _BIGNUM_PTR); -+int (*_g_OSSL_PARAM_BLD_push_int32)(_OSSL_PARAM_BLD_PTR, const char*, int32_t); -+int (*_g_OSSL_PARAM_BLD_push_octet_string)(_OSSL_PARAM_BLD_PTR, const char*, const unsigned char*, size_t); -+int (*_g_OSSL_PARAM_BLD_push_utf8_string)(_OSSL_PARAM_BLD_PTR, const char*, const char*, size_t); -+_OSSL_PARAM_PTR (*_g_OSSL_PARAM_BLD_to_param)(_OSSL_PARAM_BLD_PTR); -+void (*_g_OSSL_PARAM_free)(_OSSL_PARAM_PTR); -+const _OSSL_PARAM_PTR (*_g_OSSL_PARAM_locate_const)(const _OSSL_PARAM_PTR, const char*); -+int (*_g_OSSL_PROVIDER_available)(_OSSL_LIB_CTX_PTR, const char*); -+const char* (*_g_OSSL_PROVIDER_get0_name)(const _OSSL_PROVIDER_PTR); -+_OSSL_PROVIDER_PTR (*_g_OSSL_PROVIDER_try_load)(_OSSL_LIB_CTX_PTR, const char*, int); -+const char* (*_g_OpenSSL_version)(int); -+unsigned long (*_g_OpenSSL_version_num)(void); -+int (*_g_PKCS5_PBKDF2_HMAC)(const char*, int, const unsigned char*, int, int, const _EVP_MD_PTR, int, unsigned char*); -+int (*_g_RAND_bytes)(unsigned char*, int); -+int (*_g_RAND_bytes_ex)(_OSSL_LIB_CTX_PTR, unsigned char*, size_t, unsigned int); -+void (*_g_RSA_free)(_RSA_PTR); -+void (*_g_RSA_get0_crt_params)(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); -+void (*_g_RSA_get0_factors)(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*); -+void (*_g_RSA_get0_key)(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); -+_RSA_PTR (*_g_RSA_new)(void); -+int (*_g_RSA_set0_crt_params)(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR); -+int (*_g_RSA_set0_factors)(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR); -+int (*_g_RSA_set0_key)(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR); -+ -+#define __mkcgo__dlsym_nocheck(varname, funcname) _g_##varname = (typeof(_g_##varname))dlsym(handle, #funcname); -+ -+#define __mkcgo__dlsym(name) __mkcgo__dlsym2(name, name) -+ -+#define __mkcgo__dlsym2(varname, funcname) \ -+ __mkcgo__dlsym_nocheck(varname, funcname) \ -+ if (_g_##varname == NULL) { \ -+ fprintf(stderr, "Cannot get required symbol " #funcname "\n"); \ -+ abort(); \ -+ } -+ -+void __mkcgo_load_(void* handle) { -+ __mkcgo__dlsym(BIO_ctrl) -+ __mkcgo__dlsym(BIO_free) -+ __mkcgo__dlsym(BIO_new) -+ __mkcgo__dlsym(BIO_s_mem) -+ __mkcgo__dlsym(BN_bin2bn) -+ __mkcgo__dlsym(BN_bn2binpad) -+ __mkcgo__dlsym(BN_bn2lebinpad) -+ __mkcgo__dlsym(BN_clear) -+ __mkcgo__dlsym(BN_clear_free) -+ __mkcgo__dlsym(BN_free) -+ __mkcgo__dlsym(BN_lebin2bn) -+ __mkcgo__dlsym(BN_new) -+ __mkcgo__dlsym(BN_num_bits) -+ __mkcgo__dlsym(CRYPTO_free) -+ __mkcgo__dlsym(CRYPTO_malloc) -+ __mkcgo__dlsym(EC_GROUP_free) -+ __mkcgo__dlsym(EC_GROUP_new_by_curve_name) -+ __mkcgo__dlsym(EC_POINT_free) -+ __mkcgo__dlsym(EC_POINT_mul) -+ __mkcgo__dlsym(EC_POINT_new) -+ __mkcgo__dlsym(EC_POINT_oct2point) -+ __mkcgo__dlsym(EC_POINT_point2oct) -+ __mkcgo__dlsym(ERR_peek_error) -+ __mkcgo__dlsym(ERR_print_errors) -+ __mkcgo__dlsym(EVP_CIPHER_CTX_ctrl) -+ __mkcgo__dlsym(EVP_CIPHER_CTX_free) -+ __mkcgo__dlsym(EVP_CIPHER_CTX_new) -+ __mkcgo__dlsym(EVP_CIPHER_CTX_set_key_length) -+ __mkcgo__dlsym(EVP_CIPHER_CTX_set_padding) -+ __mkcgo__dlsym(EVP_CipherInit_ex) -+ __mkcgo__dlsym(EVP_CipherUpdate) -+ __mkcgo__dlsym(EVP_DecryptFinal_ex) -+ __mkcgo__dlsym(EVP_DecryptInit_ex) -+ __mkcgo__dlsym(EVP_DecryptUpdate) -+ __mkcgo__dlsym(EVP_Digest) -+ __mkcgo__dlsym(EVP_DigestFinal_ex) -+ __mkcgo__dlsym(EVP_DigestInit) -+ __mkcgo__dlsym(EVP_DigestInit_ex) -+ __mkcgo__dlsym(EVP_DigestSign) -+ __mkcgo__dlsym(EVP_DigestSignFinal) -+ __mkcgo__dlsym(EVP_DigestSignInit) -+ __mkcgo__dlsym(EVP_DigestUpdate) -+ __mkcgo__dlsym(EVP_DigestVerify) -+ __mkcgo__dlsym(EVP_DigestVerifyFinal) -+ __mkcgo__dlsym(EVP_DigestVerifyInit) -+ __mkcgo__dlsym(EVP_EncryptFinal_ex) -+ __mkcgo__dlsym(EVP_EncryptInit_ex) -+ __mkcgo__dlsym(EVP_EncryptUpdate) -+ __mkcgo__dlsym(EVP_MD_CTX_copy_ex) -+ __mkcgo__dlsym(EVP_MD_CTX_ctrl) -+ __mkcgo__dlsym(EVP_MD_CTX_free) -+ __mkcgo__dlsym(EVP_MD_CTX_new) -+ __mkcgo__dlsym(EVP_PKEY_CTX_ctrl) -+ __mkcgo__dlsym(EVP_PKEY_CTX_free) -+ __mkcgo__dlsym(EVP_PKEY_CTX_new) -+ __mkcgo__dlsym(EVP_PKEY_CTX_new_id) -+ __mkcgo__dlsym(EVP_PKEY_decrypt) -+ __mkcgo__dlsym(EVP_PKEY_decrypt_init) -+ __mkcgo__dlsym(EVP_PKEY_derive) -+ __mkcgo__dlsym(EVP_PKEY_derive_init) -+ __mkcgo__dlsym(EVP_PKEY_derive_set_peer) -+ __mkcgo__dlsym(EVP_PKEY_encrypt) -+ __mkcgo__dlsym(EVP_PKEY_encrypt_init) -+ __mkcgo__dlsym(EVP_PKEY_free) -+ __mkcgo__dlsym(EVP_PKEY_get_raw_private_key) -+ __mkcgo__dlsym(EVP_PKEY_get_raw_public_key) -+ __mkcgo__dlsym(EVP_PKEY_keygen) -+ __mkcgo__dlsym(EVP_PKEY_keygen_init) -+ __mkcgo__dlsym(EVP_PKEY_new) -+ __mkcgo__dlsym(EVP_PKEY_new_raw_private_key) -+ __mkcgo__dlsym(EVP_PKEY_new_raw_public_key) -+ __mkcgo__dlsym(EVP_PKEY_paramgen) -+ __mkcgo__dlsym(EVP_PKEY_paramgen_init) -+ __mkcgo__dlsym(EVP_PKEY_sign) -+ __mkcgo__dlsym(EVP_PKEY_sign_init) -+ __mkcgo__dlsym(EVP_PKEY_up_ref) -+ __mkcgo__dlsym(EVP_PKEY_verify) -+ __mkcgo__dlsym(EVP_PKEY_verify_init) -+ __mkcgo__dlsym(EVP_aes_128_cbc) -+ __mkcgo__dlsym(EVP_aes_128_ctr) -+ __mkcgo__dlsym(EVP_aes_128_ecb) -+ __mkcgo__dlsym(EVP_aes_128_gcm) -+ __mkcgo__dlsym(EVP_aes_192_cbc) -+ __mkcgo__dlsym(EVP_aes_192_ctr) -+ __mkcgo__dlsym(EVP_aes_192_ecb) -+ __mkcgo__dlsym(EVP_aes_192_gcm) -+ __mkcgo__dlsym(EVP_aes_256_cbc) -+ __mkcgo__dlsym(EVP_aes_256_ctr) -+ __mkcgo__dlsym(EVP_aes_256_ecb) -+ __mkcgo__dlsym(EVP_aes_256_gcm) -+ __mkcgo__dlsym_nocheck(EVP_chacha20_poly1305, EVP_chacha20_poly1305) -+ __mkcgo__dlsym(EVP_des_cbc) -+ __mkcgo__dlsym(EVP_des_ecb) -+ __mkcgo__dlsym(EVP_des_ede3_cbc) -+ __mkcgo__dlsym(EVP_des_ede3_ecb) -+ __mkcgo__dlsym(EVP_md4) -+ __mkcgo__dlsym(EVP_md5) -+ __mkcgo__dlsym(EVP_md5_sha1) -+ __mkcgo__dlsym(EVP_rc4) -+ __mkcgo__dlsym(EVP_ripemd160) -+ __mkcgo__dlsym(EVP_sha1) -+ __mkcgo__dlsym(EVP_sha224) -+ __mkcgo__dlsym(EVP_sha256) -+ __mkcgo__dlsym(EVP_sha384) -+ __mkcgo__dlsym(EVP_sha3_224) -+ __mkcgo__dlsym(EVP_sha3_256) -+ __mkcgo__dlsym(EVP_sha3_384) -+ __mkcgo__dlsym(EVP_sha3_512) -+ __mkcgo__dlsym(EVP_sha512) -+ __mkcgo__dlsym(EVP_sha512_224) -+ __mkcgo__dlsym(EVP_sha512_256) -+ __mkcgo__dlsym(OBJ_nid2sn) -+ __mkcgo__dlsym(OPENSSL_init) -+ __mkcgo__dlsym(OPENSSL_init_crypto) -+ __mkcgo__dlsym(OpenSSL_version) -+} -+ -+void __mkcgo_unload_() { -+ _g_BIO_ctrl = NULL; -+ _g_BIO_free = NULL; -+ _g_BIO_new = NULL; -+ _g_BIO_s_mem = NULL; -+ _g_BN_bin2bn = NULL; -+ _g_BN_bn2binpad = NULL; -+ _g_BN_bn2lebinpad = NULL; -+ _g_BN_clear = NULL; -+ _g_BN_clear_free = NULL; -+ _g_BN_free = NULL; -+ _g_BN_lebin2bn = NULL; -+ _g_BN_new = NULL; -+ _g_BN_num_bits = NULL; -+ _g_CRYPTO_free = NULL; -+ _g_CRYPTO_malloc = NULL; -+ _g_EC_GROUP_free = NULL; -+ _g_EC_GROUP_new_by_curve_name = NULL; -+ _g_EC_POINT_free = NULL; -+ _g_EC_POINT_mul = NULL; -+ _g_EC_POINT_new = NULL; -+ _g_EC_POINT_oct2point = NULL; -+ _g_EC_POINT_point2oct = NULL; -+ _g_ERR_peek_error = NULL; -+ _g_ERR_print_errors = NULL; -+ _g_EVP_CIPHER_CTX_ctrl = NULL; -+ _g_EVP_CIPHER_CTX_free = NULL; -+ _g_EVP_CIPHER_CTX_new = NULL; -+ _g_EVP_CIPHER_CTX_set_key_length = NULL; -+ _g_EVP_CIPHER_CTX_set_padding = NULL; -+ _g_EVP_CipherInit_ex = NULL; -+ _g_EVP_CipherUpdate = NULL; -+ _g_EVP_DecryptFinal_ex = NULL; -+ _g_EVP_DecryptInit_ex = NULL; -+ _g_EVP_DecryptUpdate = NULL; -+ _g_EVP_Digest = NULL; -+ _g_EVP_DigestFinal_ex = NULL; -+ _g_EVP_DigestInit = NULL; -+ _g_EVP_DigestInit_ex = NULL; -+ _g_EVP_DigestSign = NULL; -+ _g_EVP_DigestSignFinal = NULL; -+ _g_EVP_DigestSignInit = NULL; -+ _g_EVP_DigestUpdate = NULL; -+ _g_EVP_DigestVerify = NULL; -+ _g_EVP_DigestVerifyFinal = NULL; -+ _g_EVP_DigestVerifyInit = NULL; -+ _g_EVP_EncryptFinal_ex = NULL; -+ _g_EVP_EncryptInit_ex = NULL; -+ _g_EVP_EncryptUpdate = NULL; -+ _g_EVP_MD_CTX_copy_ex = NULL; -+ _g_EVP_MD_CTX_ctrl = NULL; -+ _g_EVP_MD_CTX_free = NULL; -+ _g_EVP_MD_CTX_new = NULL; -+ _g_EVP_PKEY_CTX_ctrl = NULL; -+ _g_EVP_PKEY_CTX_free = NULL; -+ _g_EVP_PKEY_CTX_new = NULL; -+ _g_EVP_PKEY_CTX_new_id = NULL; -+ _g_EVP_PKEY_decrypt = NULL; -+ _g_EVP_PKEY_decrypt_init = NULL; -+ _g_EVP_PKEY_derive = NULL; -+ _g_EVP_PKEY_derive_init = NULL; -+ _g_EVP_PKEY_derive_set_peer = NULL; -+ _g_EVP_PKEY_encrypt = NULL; -+ _g_EVP_PKEY_encrypt_init = NULL; -+ _g_EVP_PKEY_free = NULL; -+ _g_EVP_PKEY_get_raw_private_key = NULL; -+ _g_EVP_PKEY_get_raw_public_key = NULL; -+ _g_EVP_PKEY_keygen = NULL; -+ _g_EVP_PKEY_keygen_init = NULL; -+ _g_EVP_PKEY_new = NULL; -+ _g_EVP_PKEY_new_raw_private_key = NULL; -+ _g_EVP_PKEY_new_raw_public_key = NULL; -+ _g_EVP_PKEY_paramgen = NULL; -+ _g_EVP_PKEY_paramgen_init = NULL; -+ _g_EVP_PKEY_sign = NULL; -+ _g_EVP_PKEY_sign_init = NULL; -+ _g_EVP_PKEY_up_ref = NULL; -+ _g_EVP_PKEY_verify = NULL; -+ _g_EVP_PKEY_verify_init = NULL; -+ _g_EVP_aes_128_cbc = NULL; -+ _g_EVP_aes_128_ctr = NULL; -+ _g_EVP_aes_128_ecb = NULL; -+ _g_EVP_aes_128_gcm = NULL; -+ _g_EVP_aes_192_cbc = NULL; -+ _g_EVP_aes_192_ctr = NULL; -+ _g_EVP_aes_192_ecb = NULL; -+ _g_EVP_aes_192_gcm = NULL; -+ _g_EVP_aes_256_cbc = NULL; -+ _g_EVP_aes_256_ctr = NULL; -+ _g_EVP_aes_256_ecb = NULL; -+ _g_EVP_aes_256_gcm = NULL; -+ _g_EVP_chacha20_poly1305 = NULL; -+ _g_EVP_des_cbc = NULL; -+ _g_EVP_des_ecb = NULL; -+ _g_EVP_des_ede3_cbc = NULL; -+ _g_EVP_des_ede3_ecb = NULL; -+ _g_EVP_md4 = NULL; -+ _g_EVP_md5 = NULL; -+ _g_EVP_md5_sha1 = NULL; -+ _g_EVP_rc4 = NULL; -+ _g_EVP_ripemd160 = NULL; -+ _g_EVP_sha1 = NULL; -+ _g_EVP_sha224 = NULL; -+ _g_EVP_sha256 = NULL; -+ _g_EVP_sha384 = NULL; -+ _g_EVP_sha3_224 = NULL; -+ _g_EVP_sha3_256 = NULL; -+ _g_EVP_sha3_384 = NULL; -+ _g_EVP_sha3_512 = NULL; -+ _g_EVP_sha512 = NULL; -+ _g_EVP_sha512_224 = NULL; -+ _g_EVP_sha512_256 = NULL; -+ _g_OBJ_nid2sn = NULL; -+ _g_OPENSSL_init = NULL; -+ _g_OPENSSL_init_crypto = NULL; -+ _g_OpenSSL_version = NULL; -+} -+ -+void __mkcgo_load_3(void* handle) { -+ __mkcgo__dlsym(EC_POINT_set_affine_coordinates) -+ __mkcgo__dlsym(EVP_CIPHER_fetch) -+ __mkcgo__dlsym(EVP_CIPHER_get0_name) -+ __mkcgo__dlsym(EVP_CIPHER_get_block_size) -+ __mkcgo__dlsym(EVP_KDF_CTX_free) -+ __mkcgo__dlsym(EVP_KDF_CTX_get_kdf_size) -+ __mkcgo__dlsym(EVP_KDF_CTX_new) -+ __mkcgo__dlsym(EVP_KDF_CTX_set_params) -+ __mkcgo__dlsym(EVP_KDF_derive) -+ __mkcgo__dlsym(EVP_KDF_fetch) -+ __mkcgo__dlsym(EVP_KDF_free) -+ __mkcgo__dlsym_nocheck(EVP_KEYMGMT_fetch, EVP_KEYMGMT_fetch) -+ __mkcgo__dlsym(EVP_KEYMGMT_free) -+ __mkcgo__dlsym(EVP_MAC_CTX_dup) -+ __mkcgo__dlsym(EVP_MAC_CTX_free) -+ __mkcgo__dlsym(EVP_MAC_CTX_new) -+ __mkcgo__dlsym(EVP_MAC_CTX_set_params) -+ __mkcgo__dlsym(EVP_MAC_fetch) -+ __mkcgo__dlsym(EVP_MAC_final) -+ __mkcgo__dlsym(EVP_MAC_init) -+ __mkcgo__dlsym(EVP_MAC_update) -+ __mkcgo__dlsym(EVP_MD_CTX_get_params) -+ __mkcgo__dlsym(EVP_MD_CTX_gettable_params) -+ __mkcgo__dlsym(EVP_MD_CTX_set_params) -+ __mkcgo__dlsym(EVP_MD_CTX_settable_params) -+ __mkcgo__dlsym(EVP_MD_fetch) -+ __mkcgo__dlsym(EVP_MD_free) -+ __mkcgo__dlsym(EVP_MD_get0_name) -+ __mkcgo__dlsym(EVP_MD_get0_provider) -+ __mkcgo__dlsym(EVP_MD_get_block_size) -+ __mkcgo__dlsym(EVP_MD_get_size) -+ __mkcgo__dlsym(EVP_MD_get_type) -+ __mkcgo__dlsym(EVP_PKEY_CTX_add1_hkdf_info) -+ __mkcgo__dlsym(EVP_PKEY_CTX_new_from_pkey) -+ __mkcgo__dlsym(EVP_PKEY_CTX_set0_rsa_oaep_label) -+ __mkcgo__dlsym(EVP_PKEY_CTX_set1_hkdf_key) -+ __mkcgo__dlsym(EVP_PKEY_CTX_set1_hkdf_salt) -+ __mkcgo__dlsym(EVP_PKEY_CTX_set_hkdf_md) -+ __mkcgo__dlsym(EVP_PKEY_CTX_set_hkdf_mode) -+ __mkcgo__dlsym(EVP_PKEY_CTX_set_params) -+ __mkcgo__dlsym(EVP_PKEY_Q_keygen) -+ __mkcgo__dlsym(EVP_PKEY_decapsulate) -+ __mkcgo__dlsym(EVP_PKEY_decapsulate_init) -+ __mkcgo__dlsym(EVP_PKEY_encapsulate) -+ __mkcgo__dlsym(EVP_PKEY_encapsulate_init) -+ __mkcgo__dlsym(EVP_PKEY_fromdata) -+ __mkcgo__dlsym(EVP_PKEY_fromdata_init) -+ __mkcgo__dlsym(EVP_PKEY_get1_encoded_public_key) -+ __mkcgo__dlsym(EVP_PKEY_get_bits) -+ __mkcgo__dlsym(EVP_PKEY_get_bn_param) -+ __mkcgo__dlsym(EVP_PKEY_get_octet_string_param) -+ __mkcgo__dlsym(EVP_PKEY_get_size) -+ __mkcgo__dlsym(EVP_PKEY_private_check) -+ __mkcgo__dlsym(EVP_PKEY_public_check_quick) -+ __mkcgo__dlsym(EVP_PKEY_set1_encoded_public_key) -+ __mkcgo__dlsym(EVP_SIGNATURE_fetch) -+ __mkcgo__dlsym(EVP_SIGNATURE_free) -+ __mkcgo__dlsym(EVP_default_properties_enable_fips) -+ __mkcgo__dlsym(EVP_default_properties_is_fips_enabled) -+ __mkcgo__dlsym(OSSL_PARAM_BLD_free) -+ __mkcgo__dlsym(OSSL_PARAM_BLD_new) -+ __mkcgo__dlsym(OSSL_PARAM_BLD_push_BN) -+ __mkcgo__dlsym(OSSL_PARAM_BLD_push_int32) -+ __mkcgo__dlsym(OSSL_PARAM_BLD_push_octet_string) -+ __mkcgo__dlsym(OSSL_PARAM_BLD_push_utf8_string) -+ __mkcgo__dlsym(OSSL_PARAM_BLD_to_param) -+ __mkcgo__dlsym(OSSL_PARAM_free) -+ __mkcgo__dlsym(OSSL_PARAM_locate_const) -+ __mkcgo__dlsym(OSSL_PROVIDER_available) -+ __mkcgo__dlsym(OSSL_PROVIDER_get0_name) -+ __mkcgo__dlsym(OSSL_PROVIDER_try_load) -+ __mkcgo__dlsym(RAND_bytes_ex) -+} -+ -+void __mkcgo_unload_3() { -+ _g_EC_POINT_set_affine_coordinates = NULL; -+ _g_EVP_CIPHER_fetch = NULL; -+ _g_EVP_CIPHER_get0_name = NULL; -+ _g_EVP_CIPHER_get_block_size = NULL; -+ _g_EVP_KDF_CTX_free = NULL; -+ _g_EVP_KDF_CTX_get_kdf_size = NULL; -+ _g_EVP_KDF_CTX_new = NULL; -+ _g_EVP_KDF_CTX_set_params = NULL; -+ _g_EVP_KDF_derive = NULL; -+ _g_EVP_KDF_fetch = NULL; -+ _g_EVP_KDF_free = NULL; -+ _g_EVP_KEYMGMT_fetch = NULL; -+ _g_EVP_KEYMGMT_free = NULL; -+ _g_EVP_MAC_CTX_dup = NULL; -+ _g_EVP_MAC_CTX_free = NULL; -+ _g_EVP_MAC_CTX_new = NULL; -+ _g_EVP_MAC_CTX_set_params = NULL; -+ _g_EVP_MAC_fetch = NULL; -+ _g_EVP_MAC_final = NULL; -+ _g_EVP_MAC_init = NULL; -+ _g_EVP_MAC_update = NULL; -+ _g_EVP_MD_CTX_get_params = NULL; -+ _g_EVP_MD_CTX_gettable_params = NULL; -+ _g_EVP_MD_CTX_set_params = NULL; -+ _g_EVP_MD_CTX_settable_params = NULL; -+ _g_EVP_MD_fetch = NULL; -+ _g_EVP_MD_free = NULL; -+ _g_EVP_MD_get0_name = NULL; -+ _g_EVP_MD_get0_provider = NULL; -+ _g_EVP_MD_get_block_size = NULL; -+ _g_EVP_MD_get_size = NULL; -+ _g_EVP_MD_get_type = NULL; -+ _g_EVP_PKEY_CTX_add1_hkdf_info = NULL; -+ _g_EVP_PKEY_CTX_new_from_pkey = NULL; -+ _g_EVP_PKEY_CTX_set0_rsa_oaep_label = NULL; -+ _g_EVP_PKEY_CTX_set1_hkdf_key = NULL; -+ _g_EVP_PKEY_CTX_set1_hkdf_salt = NULL; -+ _g_EVP_PKEY_CTX_set_hkdf_md = NULL; -+ _g_EVP_PKEY_CTX_set_hkdf_mode = NULL; -+ _g_EVP_PKEY_CTX_set_params = NULL; -+ _g_EVP_PKEY_Q_keygen = NULL; -+ _g_EVP_PKEY_decapsulate = NULL; -+ _g_EVP_PKEY_decapsulate_init = NULL; -+ _g_EVP_PKEY_encapsulate = NULL; -+ _g_EVP_PKEY_encapsulate_init = NULL; -+ _g_EVP_PKEY_fromdata = NULL; -+ _g_EVP_PKEY_fromdata_init = NULL; -+ _g_EVP_PKEY_get1_encoded_public_key = NULL; -+ _g_EVP_PKEY_get_bits = NULL; -+ _g_EVP_PKEY_get_bn_param = NULL; -+ _g_EVP_PKEY_get_octet_string_param = NULL; -+ _g_EVP_PKEY_get_size = NULL; -+ _g_EVP_PKEY_private_check = NULL; -+ _g_EVP_PKEY_public_check_quick = NULL; -+ _g_EVP_PKEY_set1_encoded_public_key = NULL; -+ _g_EVP_SIGNATURE_fetch = NULL; -+ _g_EVP_SIGNATURE_free = NULL; -+ _g_EVP_default_properties_enable_fips = NULL; -+ _g_EVP_default_properties_is_fips_enabled = NULL; -+ _g_OSSL_PARAM_BLD_free = NULL; -+ _g_OSSL_PARAM_BLD_new = NULL; -+ _g_OSSL_PARAM_BLD_push_BN = NULL; -+ _g_OSSL_PARAM_BLD_push_int32 = NULL; -+ _g_OSSL_PARAM_BLD_push_octet_string = NULL; -+ _g_OSSL_PARAM_BLD_push_utf8_string = NULL; -+ _g_OSSL_PARAM_BLD_to_param = NULL; -+ _g_OSSL_PARAM_free = NULL; -+ _g_OSSL_PARAM_locate_const = NULL; -+ _g_OSSL_PROVIDER_available = NULL; -+ _g_OSSL_PROVIDER_get0_name = NULL; -+ _g_OSSL_PROVIDER_try_load = NULL; -+ _g_RAND_bytes_ex = NULL; -+} -+ -+void __mkcgo_load_33(void* handle) { -+ __mkcgo__dlsym(EVP_DigestFinalXOF) -+ __mkcgo__dlsym_nocheck(EVP_DigestSqueeze, EVP_DigestSqueeze) -+} -+ -+void __mkcgo_unload_33() { -+ _g_EVP_DigestFinalXOF = NULL; -+ _g_EVP_DigestSqueeze = NULL; -+} -+ -+void __mkcgo_load_init_1(void* handle) { -+ __mkcgo__dlsym(FIPS_mode) -+ __mkcgo__dlsym(FIPS_mode_set) -+} -+ -+void __mkcgo_unload_init_1() { -+ _g_FIPS_mode = NULL; -+ _g_FIPS_mode_set = NULL; -+} -+ -+void __mkcgo_load_init_3(void* handle) { -+ __mkcgo__dlsym(BIO_ctrl) -+ __mkcgo__dlsym(BIO_free) -+ __mkcgo__dlsym(BIO_new) -+ __mkcgo__dlsym(BIO_s_mem) -+ __mkcgo__dlsym(ERR_print_errors) -+ __mkcgo__dlsym(EVP_MD_fetch) -+ __mkcgo__dlsym(EVP_MD_free) -+ __mkcgo__dlsym(EVP_MD_get0_provider) -+ __mkcgo__dlsym(EVP_default_properties_is_fips_enabled) -+} -+ -+void __mkcgo_unload_init_3() { -+ _g_BIO_ctrl = NULL; -+ _g_BIO_free = NULL; -+ _g_BIO_new = NULL; -+ _g_BIO_s_mem = NULL; -+ _g_ERR_print_errors = NULL; -+ _g_EVP_MD_fetch = NULL; -+ _g_EVP_MD_free = NULL; -+ _g_EVP_MD_get0_provider = NULL; -+ _g_EVP_default_properties_is_fips_enabled = NULL; -+} -+ -+void __mkcgo_load_legacy_1(void* handle) { -+ __mkcgo__dlsym(DSA_free) -+ __mkcgo__dlsym(DSA_generate_key) -+ __mkcgo__dlsym(DSA_get0_key) -+ __mkcgo__dlsym(DSA_get0_pqg) -+ __mkcgo__dlsym(DSA_new) -+ __mkcgo__dlsym(DSA_set0_key) -+ __mkcgo__dlsym(DSA_set0_pqg) -+ __mkcgo__dlsym(EC_KEY_check_key) -+ __mkcgo__dlsym(EC_KEY_free) -+ __mkcgo__dlsym(EC_KEY_get0_group) -+ __mkcgo__dlsym(EC_KEY_get0_private_key) -+ __mkcgo__dlsym(EC_KEY_get0_public_key) -+ __mkcgo__dlsym(EC_KEY_new_by_curve_name) -+ __mkcgo__dlsym(EC_KEY_set_private_key) -+ __mkcgo__dlsym(EC_KEY_set_public_key) -+ __mkcgo__dlsym(EC_KEY_set_public_key_affine_coordinates) -+ __mkcgo__dlsym(EC_POINT_get_affine_coordinates_GFp) -+ __mkcgo__dlsym2(EVP_CIPHER_get_block_size, EVP_CIPHER_block_size) -+ __mkcgo__dlsym2(EVP_MD_get_block_size, EVP_MD_block_size) -+ __mkcgo__dlsym2(EVP_MD_get_size, EVP_MD_size) -+ __mkcgo__dlsym(EVP_PKEY_assign) -+ __mkcgo__dlsym(EVP_PKEY_get0_DSA) -+ __mkcgo__dlsym(EVP_PKEY_get0_EC_KEY) -+ __mkcgo__dlsym(EVP_PKEY_get1_RSA) -+ __mkcgo__dlsym2(EVP_PKEY_get_bits, EVP_PKEY_bits) -+ __mkcgo__dlsym2(EVP_PKEY_get_size, EVP_PKEY_size) -+ __mkcgo__dlsym(EVP_PKEY_set1_EC_KEY) -+ __mkcgo__dlsym(FIPS_mode) -+ __mkcgo__dlsym(FIPS_mode_set) -+ __mkcgo__dlsym(HMAC_CTX_copy) -+ __mkcgo__dlsym(HMAC_CTX_free) -+ __mkcgo__dlsym(HMAC_CTX_new) -+ __mkcgo__dlsym(HMAC_Final) -+ __mkcgo__dlsym(HMAC_Init_ex) -+ __mkcgo__dlsym(HMAC_Update) -+ __mkcgo__dlsym(PKCS5_PBKDF2_HMAC) -+ __mkcgo__dlsym(RAND_bytes) -+ __mkcgo__dlsym(RSA_free) -+ __mkcgo__dlsym(RSA_get0_crt_params) -+ __mkcgo__dlsym(RSA_get0_factors) -+ __mkcgo__dlsym(RSA_get0_key) -+ __mkcgo__dlsym(RSA_new) -+ __mkcgo__dlsym(RSA_set0_crt_params) -+ __mkcgo__dlsym(RSA_set0_factors) -+ __mkcgo__dlsym(RSA_set0_key) -+} -+ -+void __mkcgo_unload_legacy_1() { -+ _g_DSA_free = NULL; -+ _g_DSA_generate_key = NULL; -+ _g_DSA_get0_key = NULL; -+ _g_DSA_get0_pqg = NULL; -+ _g_DSA_new = NULL; -+ _g_DSA_set0_key = NULL; -+ _g_DSA_set0_pqg = NULL; -+ _g_EC_KEY_check_key = NULL; -+ _g_EC_KEY_free = NULL; -+ _g_EC_KEY_get0_group = NULL; -+ _g_EC_KEY_get0_private_key = NULL; -+ _g_EC_KEY_get0_public_key = NULL; -+ _g_EC_KEY_new_by_curve_name = NULL; -+ _g_EC_KEY_set_private_key = NULL; -+ _g_EC_KEY_set_public_key = NULL; -+ _g_EC_KEY_set_public_key_affine_coordinates = NULL; -+ _g_EC_POINT_get_affine_coordinates_GFp = NULL; -+ _g_EVP_CIPHER_get_block_size = NULL; -+ _g_EVP_MD_get_block_size = NULL; -+ _g_EVP_MD_get_size = NULL; -+ _g_EVP_PKEY_assign = NULL; -+ _g_EVP_PKEY_get0_DSA = NULL; -+ _g_EVP_PKEY_get0_EC_KEY = NULL; -+ _g_EVP_PKEY_get1_RSA = NULL; -+ _g_EVP_PKEY_get_bits = NULL; -+ _g_EVP_PKEY_get_size = NULL; -+ _g_EVP_PKEY_set1_EC_KEY = NULL; -+ _g_FIPS_mode = NULL; -+ _g_FIPS_mode_set = NULL; -+ _g_HMAC_CTX_copy = NULL; -+ _g_HMAC_CTX_free = NULL; -+ _g_HMAC_CTX_new = NULL; -+ _g_HMAC_Final = NULL; -+ _g_HMAC_Init_ex = NULL; -+ _g_HMAC_Update = NULL; -+ _g_PKCS5_PBKDF2_HMAC = NULL; -+ _g_RAND_bytes = NULL; -+ _g_RSA_free = NULL; -+ _g_RSA_get0_crt_params = NULL; -+ _g_RSA_get0_factors = NULL; -+ _g_RSA_get0_key = NULL; -+ _g_RSA_new = NULL; -+ _g_RSA_set0_crt_params = NULL; -+ _g_RSA_set0_factors = NULL; -+ _g_RSA_set0_key = NULL; -+} -+ -+void __mkcgo_load_version(void* handle) { -+ __mkcgo__dlsym_nocheck(OPENSSL_version_major, OPENSSL_version_major) -+ __mkcgo__dlsym_nocheck(OPENSSL_version_minor, OPENSSL_version_minor) -+ __mkcgo__dlsym_nocheck(OPENSSL_version_patch, OPENSSL_version_patch) -+ __mkcgo__dlsym_nocheck(OpenSSL_version_num, OpenSSL_version_num) -+} -+ -+void __mkcgo_unload_version() { -+ _g_OPENSSL_version_major = NULL; -+ _g_OPENSSL_version_minor = NULL; -+ _g_OPENSSL_version_patch = NULL; -+ _g_OpenSSL_version_num = NULL; -+} -+ -+long _mkcgo_BIO_ctrl(_BIO_PTR _arg0, int _arg1, long _arg2, void* _arg3) { -+ return _g_BIO_ctrl(_arg0, _arg1, _arg2, _arg3); -+} -+ -+int _mkcgo_BIO_free(_BIO_PTR _arg0) { -+ return _g_BIO_free(_arg0); -+} -+ -+_BIO_PTR _mkcgo_BIO_new(const _BIO_METHOD_PTR _arg0, uintptr_t *_err_state) { -+ _BIO_PTR _ret = _g_BIO_new(_arg0); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+const _BIO_METHOD_PTR _mkcgo_BIO_s_mem(void) { -+ return _g_BIO_s_mem(); -+} -+ -+_BIGNUM_PTR _mkcgo_BN_bin2bn(const unsigned char* _arg0, int _arg1, _BIGNUM_PTR _arg2, uintptr_t *_err_state) { -+ _BIGNUM_PTR _ret = _g_BN_bin2bn(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_BN_bn2binpad(const _BIGNUM_PTR _arg0, unsigned char* _arg1, int _arg2, uintptr_t *_err_state) { -+ int _ret = _g_BN_bn2binpad(_arg0, _arg1, _arg2); -+ if (_ret == -1) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_BN_bn2lebinpad(const _BIGNUM_PTR _arg0, unsigned char* _arg1, int _arg2, uintptr_t *_err_state) { -+ int _ret = _g_BN_bn2lebinpad(_arg0, _arg1, _arg2); -+ if (_ret == -1) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_BN_clear(_BIGNUM_PTR _arg0) { -+ _g_BN_clear(_arg0); -+} -+ -+void _mkcgo_BN_clear_free(_BIGNUM_PTR _arg0) { -+ _g_BN_clear_free(_arg0); -+} -+ -+void _mkcgo_BN_free(_BIGNUM_PTR _arg0) { -+ _g_BN_free(_arg0); -+} -+ -+_BIGNUM_PTR _mkcgo_BN_lebin2bn(const unsigned char* _arg0, int _arg1, _BIGNUM_PTR _arg2, uintptr_t *_err_state) { -+ _BIGNUM_PTR _ret = _g_BN_lebin2bn(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_BIGNUM_PTR _mkcgo_BN_new(uintptr_t *_err_state) { -+ _BIGNUM_PTR _ret = _g_BN_new(); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_BN_num_bits(const _BIGNUM_PTR _arg0) { -+ return _g_BN_num_bits(_arg0); -+} -+ -+void _mkcgo_CRYPTO_free(void* _arg0, const char* _arg1, int _arg2) { -+ _g_CRYPTO_free(_arg0, _arg1, _arg2); -+} -+ -+void* _mkcgo_CRYPTO_malloc(size_t _arg0, const char* _arg1, int _arg2, uintptr_t *_err_state) { -+ void* _ret = _g_CRYPTO_malloc(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_DSA_free(_DSA_PTR _arg0) { -+ _g_DSA_free(_arg0); -+} -+ -+int _mkcgo_DSA_generate_key(_DSA_PTR _arg0, uintptr_t *_err_state) { -+ int _ret = _g_DSA_generate_key(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_DSA_get0_key(const _DSA_PTR _arg0, const _BIGNUM_PTR* _arg1, const _BIGNUM_PTR* _arg2) { -+ _g_DSA_get0_key(_arg0, _arg1, _arg2); -+} -+ -+void _mkcgo_DSA_get0_pqg(const _DSA_PTR _arg0, const _BIGNUM_PTR* _arg1, const _BIGNUM_PTR* _arg2, const _BIGNUM_PTR* _arg3) { -+ _g_DSA_get0_pqg(_arg0, _arg1, _arg2, _arg3); -+} -+ -+_DSA_PTR _mkcgo_DSA_new(uintptr_t *_err_state) { -+ _DSA_PTR _ret = _g_DSA_new(); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_DSA_set0_key(_DSA_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, uintptr_t *_err_state) { -+ int _ret = _g_DSA_set0_key(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_DSA_set0_pqg(_DSA_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, _BIGNUM_PTR _arg3, uintptr_t *_err_state) { -+ int _ret = _g_DSA_set0_pqg(_arg0, _arg1, _arg2, _arg3); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EC_GROUP_free(_EC_GROUP_PTR _arg0) { -+ _g_EC_GROUP_free(_arg0); -+} -+ -+_EC_GROUP_PTR _mkcgo_EC_GROUP_new_by_curve_name(int _arg0, uintptr_t *_err_state) { -+ _EC_GROUP_PTR _ret = _g_EC_GROUP_new_by_curve_name(_arg0); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EC_KEY_check_key(const _EC_KEY_PTR _arg0, uintptr_t *_err_state) { -+ int _ret = _g_EC_KEY_check_key(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EC_KEY_free(_EC_KEY_PTR _arg0) { -+ _g_EC_KEY_free(_arg0); -+} -+ -+const _EC_GROUP_PTR _mkcgo_EC_KEY_get0_group(const _EC_KEY_PTR _arg0) { -+ return _g_EC_KEY_get0_group(_arg0); -+} -+ -+const _BIGNUM_PTR _mkcgo_EC_KEY_get0_private_key(const _EC_KEY_PTR _arg0) { -+ return _g_EC_KEY_get0_private_key(_arg0); -+} -+ -+const _EC_POINT_PTR _mkcgo_EC_KEY_get0_public_key(const _EC_KEY_PTR _arg0) { -+ return _g_EC_KEY_get0_public_key(_arg0); -+} -+ -+_EC_KEY_PTR _mkcgo_EC_KEY_new_by_curve_name(int _arg0, uintptr_t *_err_state) { -+ _EC_KEY_PTR _ret = _g_EC_KEY_new_by_curve_name(_arg0); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EC_KEY_set_private_key(_EC_KEY_PTR _arg0, const _BIGNUM_PTR _arg1, uintptr_t *_err_state) { -+ int _ret = _g_EC_KEY_set_private_key(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EC_KEY_set_public_key(_EC_KEY_PTR _arg0, const _EC_POINT_PTR _arg1, uintptr_t *_err_state) { -+ int _ret = _g_EC_KEY_set_public_key(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EC_KEY_set_public_key_affine_coordinates(_EC_KEY_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, uintptr_t *_err_state) { -+ int _ret = _g_EC_KEY_set_public_key_affine_coordinates(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EC_POINT_free(_EC_POINT_PTR _arg0) { -+ _g_EC_POINT_free(_arg0); -+} -+ -+int _mkcgo_EC_POINT_get_affine_coordinates_GFp(const _EC_GROUP_PTR _arg0, const _EC_POINT_PTR _arg1, _BIGNUM_PTR _arg2, _BIGNUM_PTR _arg3, _BN_CTX_PTR _arg4, uintptr_t *_err_state) { -+ int _ret = _g_EC_POINT_get_affine_coordinates_GFp(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EC_POINT_mul(const _EC_GROUP_PTR _arg0, _EC_POINT_PTR _arg1, const _BIGNUM_PTR _arg2, const _EC_POINT_PTR _arg3, const _BIGNUM_PTR _arg4, _BN_CTX_PTR _arg5, uintptr_t *_err_state) { -+ int _ret = _g_EC_POINT_mul(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EC_POINT_PTR _mkcgo_EC_POINT_new(const _EC_GROUP_PTR _arg0, uintptr_t *_err_state) { -+ _EC_POINT_PTR _ret = _g_EC_POINT_new(_arg0); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EC_POINT_oct2point(const _EC_GROUP_PTR _arg0, _EC_POINT_PTR _arg1, const unsigned char* _arg2, size_t _arg3, _BN_CTX_PTR _arg4, uintptr_t *_err_state) { -+ int _ret = _g_EC_POINT_oct2point(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+size_t _mkcgo_EC_POINT_point2oct(const _EC_GROUP_PTR _arg0, const _EC_POINT_PTR _arg1, point_conversion_form_t _arg2, unsigned char* _arg3, size_t _arg4, _BN_CTX_PTR _arg5, uintptr_t *_err_state) { -+ size_t _ret = _g_EC_POINT_point2oct(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EC_POINT_set_affine_coordinates(const _EC_GROUP_PTR _arg0, _EC_POINT_PTR _arg1, const _BIGNUM_PTR _arg2, const _BIGNUM_PTR _arg3, _BN_CTX_PTR _arg4, uintptr_t *_err_state) { -+ int _ret = _g_EC_POINT_set_affine_coordinates(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+unsigned long _mkcgo_ERR_peek_error(void) { -+ return _g_ERR_peek_error(); -+} -+ -+void _mkcgo_ERR_print_errors(_BIO_PTR _arg0) { -+ _g_ERR_print_errors(_arg0); -+} -+ -+int _mkcgo_EVP_CIPHER_CTX_ctrl(_EVP_CIPHER_CTX_PTR _arg0, int _arg1, int _arg2, void* _arg3, uintptr_t *_err_state) { -+ int _ret = _g_EVP_CIPHER_CTX_ctrl(_arg0, _arg1, _arg2, _arg3); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EVP_CIPHER_CTX_free(_EVP_CIPHER_CTX_PTR _arg0) { -+ _g_EVP_CIPHER_CTX_free(_arg0); -+} -+ -+_EVP_CIPHER_CTX_PTR _mkcgo_EVP_CIPHER_CTX_new(uintptr_t *_err_state) { -+ _EVP_CIPHER_CTX_PTR _ret = _g_EVP_CIPHER_CTX_new(); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_CIPHER_CTX_set_key_length(_EVP_CIPHER_CTX_PTR _arg0, int _arg1, uintptr_t *_err_state) { -+ int _ret = _g_EVP_CIPHER_CTX_set_key_length(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_CIPHER_CTX_set_padding(_EVP_CIPHER_CTX_PTR _arg0, int _arg1, uintptr_t *_err_state) { -+ int _ret = _g_EVP_CIPHER_CTX_set_padding(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_CIPHER_PTR _mkcgo_EVP_CIPHER_fetch(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, uintptr_t *_err_state) { -+ _EVP_CIPHER_PTR _ret = _g_EVP_CIPHER_fetch(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+const char* _mkcgo_EVP_CIPHER_get0_name(const _EVP_CIPHER_PTR _arg0) { -+ return _g_EVP_CIPHER_get0_name(_arg0); -+} -+ -+int _mkcgo_EVP_CIPHER_get_block_size(const _EVP_CIPHER_PTR _arg0) { -+ return _g_EVP_CIPHER_get_block_size(_arg0); -+} -+ -+int _mkcgo_EVP_CipherInit_ex(_EVP_CIPHER_CTX_PTR _arg0, const _EVP_CIPHER_PTR _arg1, _ENGINE_PTR _arg2, const unsigned char* _arg3, const unsigned char* _arg4, int _arg5, uintptr_t *_err_state) { -+ int _ret = _g_EVP_CipherInit_ex(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_CipherUpdate(_EVP_CIPHER_CTX_PTR _arg0, unsigned char* _arg1, int* _arg2, const unsigned char* _arg3, int _arg4, uintptr_t *_err_state) { -+ int _ret = _g_EVP_CipherUpdate(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DecryptFinal_ex(_EVP_CIPHER_CTX_PTR _arg0, unsigned char* _arg1, int* _arg2, uintptr_t *_err_state) { -+ int _ret = _g_EVP_DecryptFinal_ex(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DecryptInit_ex(_EVP_CIPHER_CTX_PTR _arg0, const _EVP_CIPHER_PTR _arg1, _ENGINE_PTR _arg2, const unsigned char* _arg3, const unsigned char* _arg4, uintptr_t *_err_state) { -+ int _ret = _g_EVP_DecryptInit_ex(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DecryptUpdate(_EVP_CIPHER_CTX_PTR _arg0, unsigned char* _arg1, int* _arg2, const unsigned char* _arg3, int _arg4, uintptr_t *_err_state) { -+ int _ret = _g_EVP_DecryptUpdate(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_Digest(const unsigned char* _arg0, size_t _arg1, unsigned char* _arg2, unsigned int* _arg3, const _EVP_MD_PTR _arg4, _ENGINE_PTR _arg5, uintptr_t *_err_state) { -+ int _ret = _g_EVP_Digest(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DigestFinalXOF(_EVP_MD_CTX_PTR _arg0, unsigned char* _arg1, size_t _arg2, uintptr_t *_err_state) { -+ int _ret = _g_EVP_DigestFinalXOF(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DigestFinal_ex(_EVP_MD_CTX_PTR _arg0, unsigned char* _arg1, unsigned int* _arg2, uintptr_t *_err_state) { -+ int _ret = _g_EVP_DigestFinal_ex(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DigestInit(_EVP_MD_CTX_PTR _arg0, const _EVP_MD_PTR _arg1, uintptr_t *_err_state) { -+ int _ret = _g_EVP_DigestInit(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DigestInit_ex(_EVP_MD_CTX_PTR _arg0, const _EVP_MD_PTR _arg1, _ENGINE_PTR _arg2, uintptr_t *_err_state) { -+ int _ret = _g_EVP_DigestInit_ex(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DigestSign(_EVP_MD_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, const unsigned char* _arg3, size_t _arg4, uintptr_t *_err_state) { -+ int _ret = _g_EVP_DigestSign(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DigestSignFinal(_EVP_MD_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, uintptr_t *_err_state) { -+ int _ret = _g_EVP_DigestSignFinal(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DigestSignInit(_EVP_MD_CTX_PTR _arg0, _EVP_PKEY_CTX_PTR* _arg1, const _EVP_MD_PTR _arg2, _ENGINE_PTR _arg3, _EVP_PKEY_PTR _arg4, uintptr_t *_err_state) { -+ int _ret = _g_EVP_DigestSignInit(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_available_EVP_DigestSqueeze() { -+ return _g_EVP_DigestSqueeze != NULL; -+} -+ -+int _mkcgo_EVP_DigestSqueeze(_EVP_MD_CTX_PTR _arg0, unsigned char* _arg1, size_t _arg2, uintptr_t *_err_state) { -+ int _ret = _g_EVP_DigestSqueeze(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DigestUpdate(_EVP_MD_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, uintptr_t *_err_state) { -+ int _ret = _g_EVP_DigestUpdate(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DigestVerify(_EVP_MD_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, const unsigned char* _arg3, size_t _arg4, uintptr_t *_err_state) { -+ int _ret = _g_EVP_DigestVerify(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DigestVerifyFinal(_EVP_MD_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, uintptr_t *_err_state) { -+ int _ret = _g_EVP_DigestVerifyFinal(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_DigestVerifyInit(_EVP_MD_CTX_PTR _arg0, _EVP_PKEY_CTX_PTR* _arg1, const _EVP_MD_PTR _arg2, _ENGINE_PTR _arg3, _EVP_PKEY_PTR _arg4, uintptr_t *_err_state) { -+ int _ret = _g_EVP_DigestVerifyInit(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_EncryptFinal_ex(_EVP_CIPHER_CTX_PTR _arg0, unsigned char* _arg1, int* _arg2, uintptr_t *_err_state) { -+ int _ret = _g_EVP_EncryptFinal_ex(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_EncryptInit_ex(_EVP_CIPHER_CTX_PTR _arg0, const _EVP_CIPHER_PTR _arg1, _ENGINE_PTR _arg2, const unsigned char* _arg3, const unsigned char* _arg4, uintptr_t *_err_state) { -+ int _ret = _g_EVP_EncryptInit_ex(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_EncryptUpdate(_EVP_CIPHER_CTX_PTR _arg0, unsigned char* _arg1, int* _arg2, const unsigned char* _arg3, int _arg4, uintptr_t *_err_state) { -+ int _ret = _g_EVP_EncryptUpdate(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EVP_KDF_CTX_free(_EVP_KDF_CTX_PTR _arg0) { -+ _g_EVP_KDF_CTX_free(_arg0); -+} -+ -+size_t _mkcgo_EVP_KDF_CTX_get_kdf_size(_EVP_KDF_CTX_PTR _arg0, uintptr_t *_err_state) { -+ size_t _ret = _g_EVP_KDF_CTX_get_kdf_size(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_KDF_CTX_PTR _mkcgo_EVP_KDF_CTX_new(_EVP_KDF_PTR _arg0, uintptr_t *_err_state) { -+ _EVP_KDF_CTX_PTR _ret = _g_EVP_KDF_CTX_new(_arg0); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_KDF_CTX_set_params(_EVP_KDF_CTX_PTR _arg0, const _OSSL_PARAM_PTR _arg1, uintptr_t *_err_state) { -+ int _ret = _g_EVP_KDF_CTX_set_params(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_KDF_derive(_EVP_KDF_CTX_PTR _arg0, unsigned char* _arg1, size_t _arg2, const _OSSL_PARAM_PTR _arg3, uintptr_t *_err_state) { -+ int _ret = _g_EVP_KDF_derive(_arg0, _arg1, _arg2, _arg3); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_KDF_PTR _mkcgo_EVP_KDF_fetch(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, uintptr_t *_err_state) { -+ _EVP_KDF_PTR _ret = _g_EVP_KDF_fetch(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EVP_KDF_free(_EVP_KDF_PTR _arg0) { -+ _g_EVP_KDF_free(_arg0); -+} -+ -+int _mkcgo_available_EVP_KEYMGMT_fetch() { -+ return _g_EVP_KEYMGMT_fetch != NULL; -+} -+ -+_EVP_KEYMGMT_PTR _mkcgo_EVP_KEYMGMT_fetch(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, uintptr_t *_err_state) { -+ _EVP_KEYMGMT_PTR _ret = _g_EVP_KEYMGMT_fetch(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EVP_KEYMGMT_free(_EVP_KEYMGMT_PTR _arg0) { -+ _g_EVP_KEYMGMT_free(_arg0); -+} -+ -+_EVP_MAC_CTX_PTR _mkcgo_EVP_MAC_CTX_dup(const _EVP_MAC_CTX_PTR _arg0, uintptr_t *_err_state) { -+ _EVP_MAC_CTX_PTR _ret = _g_EVP_MAC_CTX_dup(_arg0); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EVP_MAC_CTX_free(_EVP_MAC_CTX_PTR _arg0) { -+ _g_EVP_MAC_CTX_free(_arg0); -+} -+ -+_EVP_MAC_CTX_PTR _mkcgo_EVP_MAC_CTX_new(_EVP_MAC_PTR _arg0, uintptr_t *_err_state) { -+ _EVP_MAC_CTX_PTR _ret = _g_EVP_MAC_CTX_new(_arg0); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_MAC_CTX_set_params(_EVP_MAC_CTX_PTR _arg0, const _OSSL_PARAM_PTR _arg1, uintptr_t *_err_state) { -+ int _ret = _g_EVP_MAC_CTX_set_params(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_MAC_PTR _mkcgo_EVP_MAC_fetch(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, uintptr_t *_err_state) { -+ _EVP_MAC_PTR _ret = _g_EVP_MAC_fetch(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_MAC_final(_EVP_MAC_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, size_t _arg3, uintptr_t *_err_state) { -+ int _ret = _g_EVP_MAC_final(_arg0, _arg1, _arg2, _arg3); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_MAC_init(_EVP_MAC_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, const _OSSL_PARAM_PTR _arg3, uintptr_t *_err_state) { -+ int _ret = _g_EVP_MAC_init(_arg0, _arg1, _arg2, _arg3); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_MAC_update(_EVP_MAC_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, uintptr_t *_err_state) { -+ int _ret = _g_EVP_MAC_update(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_MD_CTX_copy_ex(_EVP_MD_CTX_PTR _arg0, const _EVP_MD_CTX_PTR _arg1, uintptr_t *_err_state) { -+ int _ret = _g_EVP_MD_CTX_copy_ex(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_MD_CTX_ctrl(_EVP_MD_CTX_PTR _arg0, int _arg1, int _arg2, void* _arg3, uintptr_t *_err_state) { -+ int _ret = _g_EVP_MD_CTX_ctrl(_arg0, _arg1, _arg2, _arg3); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EVP_MD_CTX_free(_EVP_MD_CTX_PTR _arg0) { -+ _g_EVP_MD_CTX_free(_arg0); -+} -+ -+int _mkcgo_EVP_MD_CTX_get_params(_EVP_MD_CTX_PTR _arg0, _OSSL_PARAM_PTR _arg1, uintptr_t *_err_state) { -+ int _ret = _g_EVP_MD_CTX_get_params(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+const _OSSL_PARAM_PTR _mkcgo_EVP_MD_CTX_gettable_params(_EVP_MD_CTX_PTR _arg0, uintptr_t *_err_state) { -+ const _OSSL_PARAM_PTR _ret = _g_EVP_MD_CTX_gettable_params(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_MD_CTX_PTR _mkcgo_EVP_MD_CTX_new(uintptr_t *_err_state) { -+ _EVP_MD_CTX_PTR _ret = _g_EVP_MD_CTX_new(); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_MD_CTX_set_params(_EVP_MD_CTX_PTR _arg0, const _OSSL_PARAM_PTR _arg1, uintptr_t *_err_state) { -+ int _ret = _g_EVP_MD_CTX_set_params(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+const _OSSL_PARAM_PTR _mkcgo_EVP_MD_CTX_settable_params(_EVP_MD_CTX_PTR _arg0, uintptr_t *_err_state) { -+ const _OSSL_PARAM_PTR _ret = _g_EVP_MD_CTX_settable_params(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_MD_PTR _mkcgo_EVP_MD_fetch(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, uintptr_t *_err_state) { -+ _EVP_MD_PTR _ret = _g_EVP_MD_fetch(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EVP_MD_free(_EVP_MD_PTR _arg0) { -+ _g_EVP_MD_free(_arg0); -+} -+ -+const char* _mkcgo_EVP_MD_get0_name(const _EVP_MD_PTR _arg0) { -+ return _g_EVP_MD_get0_name(_arg0); -+} -+ -+const _OSSL_PROVIDER_PTR _mkcgo_EVP_MD_get0_provider(const _EVP_MD_PTR _arg0) { -+ return _g_EVP_MD_get0_provider(_arg0); -+} -+ -+int _mkcgo_EVP_MD_get_block_size(const _EVP_MD_PTR _arg0) { -+ return _g_EVP_MD_get_block_size(_arg0); -+} -+ -+int _mkcgo_EVP_MD_get_size(const _EVP_MD_PTR _arg0) { -+ return _g_EVP_MD_get_size(_arg0); -+} -+ -+int _mkcgo_EVP_MD_get_type(const _EVP_MD_PTR _arg0) { -+ return _g_EVP_MD_get_type(_arg0); -+} -+ -+int _mkcgo_EVP_PKEY_CTX_add1_hkdf_info(_EVP_PKEY_CTX_PTR _arg0, const unsigned char* _arg1, int _arg2, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_CTX_add1_hkdf_info(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_CTX_ctrl(_EVP_PKEY_CTX_PTR _arg0, int _arg1, int _arg2, int _arg3, int _arg4, void* _arg5, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_CTX_ctrl(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EVP_PKEY_CTX_free(_EVP_PKEY_CTX_PTR _arg0) { -+ _g_EVP_PKEY_CTX_free(_arg0); -+} -+ -+_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new(_EVP_PKEY_PTR _arg0, _ENGINE_PTR _arg1, uintptr_t *_err_state) { -+ _EVP_PKEY_CTX_PTR _ret = _g_EVP_PKEY_CTX_new(_arg0, _arg1); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new_from_pkey(_OSSL_LIB_CTX_PTR _arg0, _EVP_PKEY_PTR _arg1, const char* _arg2, uintptr_t *_err_state) { -+ _EVP_PKEY_CTX_PTR _ret = _g_EVP_PKEY_CTX_new_from_pkey(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new_id(int _arg0, _ENGINE_PTR _arg1, uintptr_t *_err_state) { -+ _EVP_PKEY_CTX_PTR _ret = _g_EVP_PKEY_CTX_new_id(_arg0, _arg1); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_CTX_set0_rsa_oaep_label(_EVP_PKEY_CTX_PTR _arg0, unsigned char* _arg1, int _arg2, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_CTX_set0_rsa_oaep_label(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_CTX_set1_hkdf_key(_EVP_PKEY_CTX_PTR _arg0, const unsigned char* _arg1, int _arg2, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_CTX_set1_hkdf_key(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_CTX_set1_hkdf_salt(_EVP_PKEY_CTX_PTR _arg0, const unsigned char* _arg1, int _arg2, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_CTX_set1_hkdf_salt(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_CTX_set_hkdf_md(_EVP_PKEY_CTX_PTR _arg0, const _EVP_MD_PTR _arg1, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_CTX_set_hkdf_md(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_CTX_set_hkdf_mode(_EVP_PKEY_CTX_PTR _arg0, int _arg1, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_CTX_set_hkdf_mode(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_CTX_set_params(_EVP_PKEY_CTX_PTR _arg0, const _OSSL_PARAM_PTR _arg1, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_CTX_set_params(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_EC(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, const char* _arg3, uintptr_t *_err_state) { -+ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_Q_keygen(_arg0, _arg1, _arg2, _arg3); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_ED25519(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, uintptr_t *_err_state) { -+ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_Q_keygen(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_MLDSA(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, uintptr_t *_err_state) { -+ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_Q_keygen(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_MLKEM(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, uintptr_t *_err_state) { -+ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_Q_keygen(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_RSA(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, size_t _arg3, uintptr_t *_err_state) { -+ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_Q_keygen(_arg0, _arg1, _arg2, _arg3); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_X25519(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, uintptr_t *_err_state) { -+ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_Q_keygen(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_assign(_EVP_PKEY_PTR _arg0, int _arg1, void* _arg2, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_assign(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_decapsulate(_EVP_PKEY_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, const unsigned char* _arg3, size_t _arg4, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_decapsulate(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_decapsulate_init(_EVP_PKEY_CTX_PTR _arg0, const _OSSL_PARAM_PTR _arg1, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_decapsulate_init(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_decrypt(_EVP_PKEY_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, const unsigned char* _arg3, size_t _arg4, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_decrypt(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_decrypt_init(_EVP_PKEY_CTX_PTR _arg0, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_decrypt_init(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_derive(_EVP_PKEY_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_derive(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_derive_init(_EVP_PKEY_CTX_PTR _arg0, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_derive_init(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_derive_set_peer(_EVP_PKEY_CTX_PTR _arg0, _EVP_PKEY_PTR _arg1, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_derive_set_peer(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_encapsulate(_EVP_PKEY_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, unsigned char* _arg3, size_t* _arg4, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_encapsulate(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_encapsulate_init(_EVP_PKEY_CTX_PTR _arg0, const _OSSL_PARAM_PTR _arg1, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_encapsulate_init(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_encrypt(_EVP_PKEY_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, const unsigned char* _arg3, size_t _arg4, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_encrypt(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_encrypt_init(_EVP_PKEY_CTX_PTR _arg0, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_encrypt_init(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EVP_PKEY_free(_EVP_PKEY_PTR _arg0) { -+ _g_EVP_PKEY_free(_arg0); -+} -+ -+int _mkcgo_EVP_PKEY_fromdata(_EVP_PKEY_CTX_PTR _arg0, _EVP_PKEY_PTR* _arg1, int _arg2, _OSSL_PARAM_PTR _arg3, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_fromdata(_arg0, _arg1, _arg2, _arg3); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_fromdata_init(_EVP_PKEY_CTX_PTR _arg0, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_fromdata_init(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_DSA_PTR _mkcgo_EVP_PKEY_get0_DSA(_EVP_PKEY_PTR _arg0, uintptr_t *_err_state) { -+ _DSA_PTR _ret = _g_EVP_PKEY_get0_DSA(_arg0); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EC_KEY_PTR _mkcgo_EVP_PKEY_get0_EC_KEY(_EVP_PKEY_PTR _arg0, uintptr_t *_err_state) { -+ _EC_KEY_PTR _ret = _g_EVP_PKEY_get0_EC_KEY(_arg0); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_RSA_PTR _mkcgo_EVP_PKEY_get1_RSA(_EVP_PKEY_PTR _arg0, uintptr_t *_err_state) { -+ _RSA_PTR _ret = _g_EVP_PKEY_get1_RSA(_arg0); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+size_t _mkcgo_EVP_PKEY_get1_encoded_public_key(_EVP_PKEY_PTR _arg0, unsigned char** _arg1, uintptr_t *_err_state) { -+ size_t _ret = _g_EVP_PKEY_get1_encoded_public_key(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_get_bits(const _EVP_PKEY_PTR _arg0, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_get_bits(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_get_bn_param(const _EVP_PKEY_PTR _arg0, const char* _arg1, _BIGNUM_PTR* _arg2, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_get_bn_param(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_get_octet_string_param(const _EVP_PKEY_PTR _arg0, const char* _arg1, unsigned char* _arg2, size_t _arg3, size_t* _arg4, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_get_octet_string_param(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_get_raw_private_key(const _EVP_PKEY_PTR _arg0, unsigned char* _arg1, size_t* _arg2, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_get_raw_private_key(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_get_raw_public_key(const _EVP_PKEY_PTR _arg0, unsigned char* _arg1, size_t* _arg2, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_get_raw_public_key(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_get_size(const _EVP_PKEY_PTR _arg0, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_get_size(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_keygen(_EVP_PKEY_CTX_PTR _arg0, _EVP_PKEY_PTR* _arg1, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_keygen(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_keygen_init(_EVP_PKEY_CTX_PTR _arg0, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_keygen_init(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new(uintptr_t *_err_state) { -+ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_new(); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new_raw_private_key(int _arg0, _ENGINE_PTR _arg1, const unsigned char* _arg2, size_t _arg3, uintptr_t *_err_state) { -+ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_new_raw_private_key(_arg0, _arg1, _arg2, _arg3); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new_raw_public_key(int _arg0, _ENGINE_PTR _arg1, const unsigned char* _arg2, size_t _arg3, uintptr_t *_err_state) { -+ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_new_raw_public_key(_arg0, _arg1, _arg2, _arg3); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_paramgen(_EVP_PKEY_CTX_PTR _arg0, _EVP_PKEY_PTR* _arg1, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_paramgen(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_paramgen_init(_EVP_PKEY_CTX_PTR _arg0, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_paramgen_init(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_private_check(_EVP_PKEY_CTX_PTR _arg0, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_private_check(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_public_check_quick(_EVP_PKEY_CTX_PTR _arg0, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_public_check_quick(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_set1_EC_KEY(_EVP_PKEY_PTR _arg0, _EC_KEY_PTR _arg1, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_set1_EC_KEY(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_set1_encoded_public_key(_EVP_PKEY_PTR _arg0, const unsigned char* _arg1, size_t _arg2, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_set1_encoded_public_key(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_sign(_EVP_PKEY_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, const unsigned char* _arg3, size_t _arg4, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_sign(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_sign_init(_EVP_PKEY_CTX_PTR _arg0, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_sign_init(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_up_ref(_EVP_PKEY_PTR _arg0, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_up_ref(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_verify(_EVP_PKEY_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, const unsigned char* _arg3, size_t _arg4, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_verify(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_PKEY_verify_init(_EVP_PKEY_CTX_PTR _arg0, uintptr_t *_err_state) { -+ int _ret = _g_EVP_PKEY_verify_init(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_EVP_SIGNATURE_PTR _mkcgo_EVP_SIGNATURE_fetch(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, uintptr_t *_err_state) { -+ _EVP_SIGNATURE_PTR _ret = _g_EVP_SIGNATURE_fetch(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_EVP_SIGNATURE_free(_EVP_SIGNATURE_PTR _arg0) { -+ _g_EVP_SIGNATURE_free(_arg0); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_cbc(void) { -+ return _g_EVP_aes_128_cbc(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_ctr(void) { -+ return _g_EVP_aes_128_ctr(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_ecb(void) { -+ return _g_EVP_aes_128_ecb(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_gcm(void) { -+ return _g_EVP_aes_128_gcm(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_cbc(void) { -+ return _g_EVP_aes_192_cbc(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_ctr(void) { -+ return _g_EVP_aes_192_ctr(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_ecb(void) { -+ return _g_EVP_aes_192_ecb(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_gcm(void) { -+ return _g_EVP_aes_192_gcm(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_cbc(void) { -+ return _g_EVP_aes_256_cbc(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_ctr(void) { -+ return _g_EVP_aes_256_ctr(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_ecb(void) { -+ return _g_EVP_aes_256_ecb(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_gcm(void) { -+ return _g_EVP_aes_256_gcm(); -+} -+ -+int _mkcgo_available_EVP_chacha20_poly1305() { -+ return _g_EVP_chacha20_poly1305 != NULL; -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_chacha20_poly1305(void) { -+ return _g_EVP_chacha20_poly1305(); -+} -+ -+int _mkcgo_EVP_default_properties_enable_fips(_OSSL_LIB_CTX_PTR _arg0, int _arg1, uintptr_t *_err_state) { -+ int _ret = _g_EVP_default_properties_enable_fips(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_EVP_default_properties_is_fips_enabled(_OSSL_LIB_CTX_PTR _arg0) { -+ return _g_EVP_default_properties_is_fips_enabled(_arg0); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_des_cbc(void) { -+ return _g_EVP_des_cbc(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_des_ecb(void) { -+ return _g_EVP_des_ecb(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_des_ede3_cbc(void) { -+ return _g_EVP_des_ede3_cbc(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_des_ede3_ecb(void) { -+ return _g_EVP_des_ede3_ecb(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_md4(void) { -+ return _g_EVP_md4(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_md5(void) { -+ return _g_EVP_md5(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_md5_sha1(void) { -+ return _g_EVP_md5_sha1(); -+} -+ -+const _EVP_CIPHER_PTR _mkcgo_EVP_rc4(void) { -+ return _g_EVP_rc4(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_ripemd160(void) { -+ return _g_EVP_ripemd160(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_sha1(void) { -+ return _g_EVP_sha1(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_sha224(void) { -+ return _g_EVP_sha224(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_sha256(void) { -+ return _g_EVP_sha256(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_sha384(void) { -+ return _g_EVP_sha384(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_sha3_224(void) { -+ return _g_EVP_sha3_224(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_sha3_256(void) { -+ return _g_EVP_sha3_256(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_sha3_384(void) { -+ return _g_EVP_sha3_384(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_sha3_512(void) { -+ return _g_EVP_sha3_512(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_sha512(void) { -+ return _g_EVP_sha512(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_sha512_224(void) { -+ return _g_EVP_sha512_224(); -+} -+ -+const _EVP_MD_PTR _mkcgo_EVP_sha512_256(void) { -+ return _g_EVP_sha512_256(); -+} -+ -+int _mkcgo_FIPS_mode(void) { -+ return _g_FIPS_mode(); -+} -+ -+int _mkcgo_FIPS_mode_set(int _arg0, uintptr_t *_err_state) { -+ int _ret = _g_FIPS_mode_set(_arg0); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_HMAC_CTX_copy(_HMAC_CTX_PTR _arg0, _HMAC_CTX_PTR _arg1, uintptr_t *_err_state) { -+ int _ret = _g_HMAC_CTX_copy(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_HMAC_CTX_free(_HMAC_CTX_PTR _arg0) { -+ _g_HMAC_CTX_free(_arg0); -+} -+ -+_HMAC_CTX_PTR _mkcgo_HMAC_CTX_new(uintptr_t *_err_state) { -+ _HMAC_CTX_PTR _ret = _g_HMAC_CTX_new(); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_HMAC_Final(_HMAC_CTX_PTR _arg0, unsigned char* _arg1, unsigned int* _arg2, uintptr_t *_err_state) { -+ int _ret = _g_HMAC_Final(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_HMAC_Init_ex(_HMAC_CTX_PTR _arg0, const unsigned char* _arg1, int _arg2, const _EVP_MD_PTR _arg3, _ENGINE_PTR _arg4, uintptr_t *_err_state) { -+ int _ret = _g_HMAC_Init_ex(_arg0, _arg1, _arg2, _arg3, _arg4); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_HMAC_Update(_HMAC_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, uintptr_t *_err_state) { -+ int _ret = _g_HMAC_Update(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+const char* _mkcgo_OBJ_nid2sn(int _arg0) { -+ return _g_OBJ_nid2sn(_arg0); -+} -+ -+void _mkcgo_OPENSSL_init(void) { -+ _g_OPENSSL_init(); -+} -+ -+int _mkcgo_OPENSSL_init_crypto(uint64_t _arg0, const _OPENSSL_INIT_SETTINGS_PTR _arg1, uintptr_t *_err_state) { -+ int _ret = _g_OPENSSL_init_crypto(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_available_OPENSSL_version_major() { -+ return _g_OPENSSL_version_major != NULL; -+} -+ -+unsigned int _mkcgo_OPENSSL_version_major(void) { -+ return _g_OPENSSL_version_major(); -+} -+ -+int _mkcgo_available_OPENSSL_version_minor() { -+ return _g_OPENSSL_version_minor != NULL; -+} -+ -+unsigned int _mkcgo_OPENSSL_version_minor(void) { -+ return _g_OPENSSL_version_minor(); -+} -+ -+int _mkcgo_available_OPENSSL_version_patch() { -+ return _g_OPENSSL_version_patch != NULL; -+} -+ -+unsigned int _mkcgo_OPENSSL_version_patch(void) { -+ return _g_OPENSSL_version_patch(); -+} -+ -+void _mkcgo_OSSL_PARAM_BLD_free(_OSSL_PARAM_BLD_PTR _arg0) { -+ _g_OSSL_PARAM_BLD_free(_arg0); -+} -+ -+_OSSL_PARAM_BLD_PTR _mkcgo_OSSL_PARAM_BLD_new(void) { -+ return _g_OSSL_PARAM_BLD_new(); -+} -+ -+int _mkcgo_OSSL_PARAM_BLD_push_BN(_OSSL_PARAM_BLD_PTR _arg0, const char* _arg1, const _BIGNUM_PTR _arg2, uintptr_t *_err_state) { -+ int _ret = _g_OSSL_PARAM_BLD_push_BN(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_OSSL_PARAM_BLD_push_int32(_OSSL_PARAM_BLD_PTR _arg0, const char* _arg1, int32_t _arg2, uintptr_t *_err_state) { -+ int _ret = _g_OSSL_PARAM_BLD_push_int32(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_OSSL_PARAM_BLD_push_octet_string(_OSSL_PARAM_BLD_PTR _arg0, const char* _arg1, const unsigned char* _arg2, size_t _arg3, uintptr_t *_err_state) { -+ int _ret = _g_OSSL_PARAM_BLD_push_octet_string(_arg0, _arg1, _arg2, _arg3); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_OSSL_PARAM_BLD_push_utf8_string(_OSSL_PARAM_BLD_PTR _arg0, const char* _arg1, const char* _arg2, size_t _arg3, uintptr_t *_err_state) { -+ int _ret = _g_OSSL_PARAM_BLD_push_utf8_string(_arg0, _arg1, _arg2, _arg3); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+_OSSL_PARAM_PTR _mkcgo_OSSL_PARAM_BLD_to_param(_OSSL_PARAM_BLD_PTR _arg0, uintptr_t *_err_state) { -+ _OSSL_PARAM_PTR _ret = _g_OSSL_PARAM_BLD_to_param(_arg0); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_OSSL_PARAM_free(_OSSL_PARAM_PTR _arg0) { -+ _g_OSSL_PARAM_free(_arg0); -+} -+ -+const _OSSL_PARAM_PTR _mkcgo_OSSL_PARAM_locate_const(const _OSSL_PARAM_PTR _arg0, const char* _arg1, uintptr_t *_err_state) { -+ const _OSSL_PARAM_PTR _ret = _g_OSSL_PARAM_locate_const(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_OSSL_PROVIDER_available(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1) { -+ return _g_OSSL_PROVIDER_available(_arg0, _arg1); -+} -+ -+const char* _mkcgo_OSSL_PROVIDER_get0_name(const _OSSL_PROVIDER_PTR _arg0) { -+ return _g_OSSL_PROVIDER_get0_name(_arg0); -+} -+ -+_OSSL_PROVIDER_PTR _mkcgo_OSSL_PROVIDER_try_load(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, int _arg2, uintptr_t *_err_state) { -+ _OSSL_PROVIDER_PTR _ret = _g_OSSL_PROVIDER_try_load(_arg0, _arg1, _arg2); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+const char* _mkcgo_OpenSSL_version(int _arg0) { -+ return _g_OpenSSL_version(_arg0); -+} -+ -+int _mkcgo_available_OpenSSL_version_num() { -+ return _g_OpenSSL_version_num != NULL; -+} -+ -+unsigned long _mkcgo_OpenSSL_version_num(void) { -+ return _g_OpenSSL_version_num(); -+} -+ -+int _mkcgo_PKCS5_PBKDF2_HMAC(const char* _arg0, int _arg1, const unsigned char* _arg2, int _arg3, int _arg4, const _EVP_MD_PTR _arg5, int _arg6, unsigned char* _arg7, uintptr_t *_err_state) { -+ int _ret = _g_PKCS5_PBKDF2_HMAC(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5, _arg6, _arg7); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_RAND_bytes(unsigned char* _arg0, int _arg1, uintptr_t *_err_state) { -+ int _ret = _g_RAND_bytes(_arg0, _arg1); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_RAND_bytes_ex(_OSSL_LIB_CTX_PTR _arg0, unsigned char* _arg1, size_t _arg2, unsigned int _arg3, uintptr_t *_err_state) { -+ int _ret = _g_RAND_bytes_ex(_arg0, _arg1, _arg2, _arg3); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+void _mkcgo_RSA_free(_RSA_PTR _arg0) { -+ _g_RSA_free(_arg0); -+} -+ -+void _mkcgo_RSA_get0_crt_params(const _RSA_PTR _arg0, const _BIGNUM_PTR* _arg1, const _BIGNUM_PTR* _arg2, const _BIGNUM_PTR* _arg3) { -+ _g_RSA_get0_crt_params(_arg0, _arg1, _arg2, _arg3); -+} -+ -+void _mkcgo_RSA_get0_factors(const _RSA_PTR _arg0, const _BIGNUM_PTR* _arg1, const _BIGNUM_PTR* _arg2) { -+ _g_RSA_get0_factors(_arg0, _arg1, _arg2); -+} -+ -+void _mkcgo_RSA_get0_key(const _RSA_PTR _arg0, const _BIGNUM_PTR* _arg1, const _BIGNUM_PTR* _arg2, const _BIGNUM_PTR* _arg3) { -+ _g_RSA_get0_key(_arg0, _arg1, _arg2, _arg3); -+} -+ -+_RSA_PTR _mkcgo_RSA_new(uintptr_t *_err_state) { -+ _RSA_PTR _ret = _g_RSA_new(); -+ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_RSA_set0_crt_params(_RSA_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, _BIGNUM_PTR _arg3, uintptr_t *_err_state) { -+ int _ret = _g_RSA_set0_crt_params(_arg0, _arg1, _arg2, _arg3); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_RSA_set0_factors(_RSA_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, uintptr_t *_err_state) { -+ int _ret = _g_RSA_set0_factors(_arg0, _arg1, _arg2); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -+int _mkcgo_RSA_set0_key(_RSA_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, _BIGNUM_PTR _arg3, uintptr_t *_err_state) { -+ int _ret = _g_RSA_set0_key(_arg0, _arg1, _arg2, _arg3); -+ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); -+ return _ret; -+} -+ -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.go -new file mode 100644 -index 00000000000000..a73b6a785f0265 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.go -@@ -0,0 +1,76 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+// Code generated by mkcgo. DO NOT EDIT. -+ -+package ossl -+ -+const ( -+ POINT_CONVERSION_UNCOMPRESSED = 4 -+ OPENSSL_INIT_LOAD_CRYPTO_STRINGS = 0x00000002 -+ OPENSSL_INIT_ADD_ALL_CIPHERS = 0x00000004 -+ OPENSSL_INIT_ADD_ALL_DIGESTS = 0x00000008 -+ OPENSSL_INIT_LOAD_CONFIG = 0x00000040 -+ EVP_CTRL_GCM_GET_TAG = 0x10 -+ EVP_CTRL_GCM_SET_TAG = 0x11 -+ EVP_CTRL_AEAD_SET_IVLEN = 0x9 -+ EVP_CTRL_AEAD_GET_TAG = 0x10 -+ EVP_CTRL_AEAD_SET_TAG = 0x11 -+ EVP_PKEY_CTRL_MD = 1 -+ EVP_PKEY_RSA = 6 -+ EVP_PKEY_EC = 408 -+ EVP_PKEY_TLS1_PRF = 1021 -+ EVP_PKEY_X25519 = 1034 -+ EVP_PKEY_HKDF = 1036 -+ EVP_PKEY_ED25519 = 1087 -+ EVP_PKEY_DSA = 116 -+ EVP_PKEY_MLKEM_768 = 1455 -+ EVP_PKEY_MLKEM_1024 = 1456 -+ EVP_PKEY_ML_DSA_44 = 1457 -+ EVP_PKEY_ML_DSA_65 = 1458 -+ EVP_PKEY_ML_DSA_87 = 1459 -+ EVP_PKEY_OP_DERIVE = (1 << 10) -+ EVP_MAX_MD_SIZE = 64 -+ EVP_PKEY_PUBLIC_KEY = 0x86 -+ EVP_PKEY_KEYPAIR = 0x87 -+ EVP_MD_CTRL_XOF_LEN = 0x3 -+ EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID = 0x1001 -+ EVP_KDF_HKDF_MODE_EXTRACT_ONLY = 1 -+ EVP_KDF_HKDF_MODE_EXPAND_ONLY = 2 -+ EVP_PKEY_CTRL_TLS_MD = 0x1000 -+ EVP_PKEY_CTRL_TLS_SECRET = 0x1001 -+ EVP_PKEY_CTRL_TLS_SEED = 0x1002 -+ EVP_PKEY_CTRL_HKDF_MD = 0x1003 -+ EVP_PKEY_CTRL_HKDF_SALT = 0x1004 -+ EVP_PKEY_CTRL_HKDF_KEY = 0x1005 -+ EVP_PKEY_CTRL_HKDF_INFO = 0x1006 -+ EVP_PKEY_CTRL_HKDF_MODE = 0x1007 -+ NID_X9_62_prime256v1 = 415 -+ NID_secp224r1 = 713 -+ NID_secp384r1 = 715 -+ NID_secp521r1 = 716 -+ NID_ML_KEM_768 = 1455 -+ NID_ML_KEM_1024 = 1456 -+ NID_ML_DSA_44 = 1457 -+ NID_ML_DSA_65 = 1458 -+ NID_ML_DSA_87 = 1459 -+ RSA_PKCS1_PADDING = 1 -+ RSA_NO_PADDING = 3 -+ RSA_PKCS1_OAEP_PADDING = 4 -+ RSA_PKCS1_PSS_PADDING = 6 -+ RSA_PSS_SALTLEN_DIGEST = -1 -+ RSA_PSS_SALTLEN_AUTO = -2 -+ RSA_PSS_SALTLEN_MAX_SIGN = -2 -+ RSA_PSS_SALTLEN_MAX = -3 -+ EVP_PKEY_CTRL_RSA_PADDING = 0x1001 -+ EVP_PKEY_CTRL_RSA_PSS_SALTLEN = 0x1002 -+ EVP_PKEY_CTRL_RSA_KEYGEN_BITS = 0x1003 -+ EVP_PKEY_CTRL_RSA_MGF1_MD = 0x1005 -+ EVP_PKEY_CTRL_RSA_OAEP_MD = 0x1009 -+ EVP_PKEY_CTRL_RSA_OAEP_LABEL = 0x100A -+ EVP_PKEY_CTRL_DSA_PARAMGEN_BITS = 0x1001 -+ EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS = 0x1002 -+ OSSL_PARAM_INTEGER = 1 -+ OSSL_PARAM_OCTET_STRING = 5 -+ BIO_CTRL_INFO = 3 -+) -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.h b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.h -new file mode 100644 -index 00000000000000..152e26e99367e9 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.h -@@ -0,0 +1,375 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+// Code generated by mkcgo. DO NOT EDIT. -+ -+#ifndef MKCGO_H // only include this header once -+#define MKCGO_H -+ -+#include -+#include -+ -+typedef void* _OPENSSL_INIT_SETTINGS_PTR; -+typedef void* _OSSL_LIB_CTX_PTR; -+typedef void* _OSSL_PROVIDER_PTR; -+typedef void* _ENGINE_PTR; -+typedef void* _EVP_PKEY_PTR; -+typedef void* _EVP_PKEY_CTX_PTR; -+typedef void* _EVP_MD_PTR; -+typedef void* _EVP_MD_CTX_PTR; -+typedef void* _HMAC_CTX_PTR; -+typedef void* _EVP_CIPHER_PTR; -+typedef void* _EVP_CIPHER_CTX_PTR; -+typedef void* _EC_KEY_PTR; -+typedef void* _EC_POINT_PTR; -+typedef void* _EC_GROUP_PTR; -+typedef void* _RSA_PTR; -+typedef void* _BIGNUM_PTR; -+typedef void* _BN_CTX_PTR; -+typedef void* _EVP_MAC_PTR; -+typedef void* _EVP_MAC_CTX_PTR; -+typedef void* _OSSL_PARAM_BLD_PTR; -+typedef void* _OSSL_PARAM_PTR; -+typedef void* _EVP_SIGNATURE_PTR; -+typedef void* _EVP_KEYMGMT_PTR; -+typedef void* _DSA_PTR; -+typedef void* _EVP_KDF_PTR; -+typedef void* _EVP_KDF_CTX_PTR; -+typedef void* _BIO_METHOD_PTR; -+typedef void* _BIO_PTR; -+typedef int point_conversion_form_t; -+ -+enum { -+ _POINT_CONVERSION_UNCOMPRESSED = 4, -+ _OPENSSL_INIT_LOAD_CRYPTO_STRINGS = 0x00000002, -+ _OPENSSL_INIT_ADD_ALL_CIPHERS = 0x00000004, -+ _OPENSSL_INIT_ADD_ALL_DIGESTS = 0x00000008, -+ _OPENSSL_INIT_LOAD_CONFIG = 0x00000040, -+ _EVP_CTRL_GCM_GET_TAG = 0x10, -+ _EVP_CTRL_GCM_SET_TAG = 0x11, -+ _EVP_CTRL_AEAD_SET_IVLEN = 0x9, -+ _EVP_CTRL_AEAD_GET_TAG = 0x10, -+ _EVP_CTRL_AEAD_SET_TAG = 0x11, -+ _EVP_PKEY_CTRL_MD = 1, -+ _EVP_PKEY_RSA = 6, -+ _EVP_PKEY_EC = 408, -+ _EVP_PKEY_TLS1_PRF = 1021, -+ _EVP_PKEY_X25519 = 1034, -+ _EVP_PKEY_HKDF = 1036, -+ _EVP_PKEY_ED25519 = 1087, -+ _EVP_PKEY_DSA = 116, -+ _EVP_PKEY_MLKEM_768 = 1455, -+ _EVP_PKEY_MLKEM_1024 = 1456, -+ _EVP_PKEY_ML_DSA_44 = 1457, -+ _EVP_PKEY_ML_DSA_65 = 1458, -+ _EVP_PKEY_ML_DSA_87 = 1459, -+ _EVP_PKEY_OP_DERIVE = (1 << 10), -+ _EVP_MAX_MD_SIZE = 64, -+ _EVP_PKEY_PUBLIC_KEY = 0x86, -+ _EVP_PKEY_KEYPAIR = 0x87, -+ _EVP_MD_CTRL_XOF_LEN = 0x3, -+ _EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID = 0x1001, -+ _EVP_KDF_HKDF_MODE_EXTRACT_ONLY = 1, -+ _EVP_KDF_HKDF_MODE_EXPAND_ONLY = 2, -+ _EVP_PKEY_CTRL_TLS_MD = 0x1000, -+ _EVP_PKEY_CTRL_TLS_SECRET = 0x1001, -+ _EVP_PKEY_CTRL_TLS_SEED = 0x1002, -+ _EVP_PKEY_CTRL_HKDF_MD = 0x1003, -+ _EVP_PKEY_CTRL_HKDF_SALT = 0x1004, -+ _EVP_PKEY_CTRL_HKDF_KEY = 0x1005, -+ _EVP_PKEY_CTRL_HKDF_INFO = 0x1006, -+ _EVP_PKEY_CTRL_HKDF_MODE = 0x1007, -+ _NID_X9_62_prime256v1 = 415, -+ _NID_secp224r1 = 713, -+ _NID_secp384r1 = 715, -+ _NID_secp521r1 = 716, -+ _NID_ML_KEM_768 = 1455, -+ _NID_ML_KEM_1024 = 1456, -+ _NID_ML_DSA_44 = 1457, -+ _NID_ML_DSA_65 = 1458, -+ _NID_ML_DSA_87 = 1459, -+ _RSA_PKCS1_PADDING = 1, -+ _RSA_NO_PADDING = 3, -+ _RSA_PKCS1_OAEP_PADDING = 4, -+ _RSA_PKCS1_PSS_PADDING = 6, -+ _RSA_PSS_SALTLEN_DIGEST = -1, -+ _RSA_PSS_SALTLEN_AUTO = -2, -+ _RSA_PSS_SALTLEN_MAX_SIGN = -2, -+ _RSA_PSS_SALTLEN_MAX = -3, -+ _EVP_PKEY_CTRL_RSA_PADDING = 0x1001, -+ _EVP_PKEY_CTRL_RSA_PSS_SALTLEN = 0x1002, -+ _EVP_PKEY_CTRL_RSA_KEYGEN_BITS = 0x1003, -+ _EVP_PKEY_CTRL_RSA_MGF1_MD = 0x1005, -+ _EVP_PKEY_CTRL_RSA_OAEP_MD = 0x1009, -+ _EVP_PKEY_CTRL_RSA_OAEP_LABEL = 0x100A, -+ _EVP_PKEY_CTRL_DSA_PARAMGEN_BITS = 0x1001, -+ _EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS = 0x1002, -+ _OSSL_PARAM_INTEGER = 1, -+ _OSSL_PARAM_OCTET_STRING = 5, -+ BIO_CTRL_INFO = 3, -+}; -+ -+uintptr_t mkcgo_err_retrieve(); -+void __mkcgo_load_(void* handle); -+void __mkcgo_unload_(); -+void __mkcgo_load_3(void* handle); -+void __mkcgo_unload_3(); -+void __mkcgo_load_33(void* handle); -+void __mkcgo_unload_33(); -+void __mkcgo_load_init_1(void* handle); -+void __mkcgo_unload_init_1(); -+void __mkcgo_load_init_3(void* handle); -+void __mkcgo_unload_init_3(); -+void __mkcgo_load_legacy_1(void* handle); -+void __mkcgo_unload_legacy_1(); -+void __mkcgo_load_version(void* handle); -+void __mkcgo_unload_version(); -+ -+int _mkcgo_available_EVP_DigestSqueeze(); -+int _mkcgo_available_EVP_KEYMGMT_fetch(); -+int _mkcgo_available_EVP_chacha20_poly1305(); -+int _mkcgo_available_OPENSSL_version_major(); -+int _mkcgo_available_OPENSSL_version_minor(); -+int _mkcgo_available_OPENSSL_version_patch(); -+int _mkcgo_available_OpenSSL_version_num(); -+ -+long _mkcgo_BIO_ctrl(_BIO_PTR, int, long, void*); -+int _mkcgo_BIO_free(_BIO_PTR); -+_BIO_PTR _mkcgo_BIO_new(const _BIO_METHOD_PTR, uintptr_t *); -+const _BIO_METHOD_PTR _mkcgo_BIO_s_mem(void); -+_BIGNUM_PTR _mkcgo_BN_bin2bn(const unsigned char*, int, _BIGNUM_PTR, uintptr_t *); -+int _mkcgo_BN_bn2binpad(const _BIGNUM_PTR, unsigned char*, int, uintptr_t *); -+int _mkcgo_BN_bn2lebinpad(const _BIGNUM_PTR, unsigned char*, int, uintptr_t *); -+void _mkcgo_BN_clear(_BIGNUM_PTR); -+void _mkcgo_BN_clear_free(_BIGNUM_PTR); -+void _mkcgo_BN_free(_BIGNUM_PTR); -+_BIGNUM_PTR _mkcgo_BN_lebin2bn(const unsigned char*, int, _BIGNUM_PTR, uintptr_t *); -+_BIGNUM_PTR _mkcgo_BN_new(uintptr_t *); -+int _mkcgo_BN_num_bits(const _BIGNUM_PTR); -+void _mkcgo_CRYPTO_free(void*, const char*, int); -+void* _mkcgo_CRYPTO_malloc(size_t, const char*, int, uintptr_t *); -+void _mkcgo_DSA_free(_DSA_PTR); -+int _mkcgo_DSA_generate_key(_DSA_PTR, uintptr_t *); -+void _mkcgo_DSA_get0_key(const _DSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*); -+void _mkcgo_DSA_get0_pqg(const _DSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); -+_DSA_PTR _mkcgo_DSA_new(uintptr_t *); -+int _mkcgo_DSA_set0_key(_DSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, uintptr_t *); -+int _mkcgo_DSA_set0_pqg(_DSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR, uintptr_t *); -+void _mkcgo_EC_GROUP_free(_EC_GROUP_PTR); -+_EC_GROUP_PTR _mkcgo_EC_GROUP_new_by_curve_name(int, uintptr_t *); -+int _mkcgo_EC_KEY_check_key(const _EC_KEY_PTR, uintptr_t *); -+void _mkcgo_EC_KEY_free(_EC_KEY_PTR); -+const _EC_GROUP_PTR _mkcgo_EC_KEY_get0_group(const _EC_KEY_PTR); -+const _BIGNUM_PTR _mkcgo_EC_KEY_get0_private_key(const _EC_KEY_PTR); -+const _EC_POINT_PTR _mkcgo_EC_KEY_get0_public_key(const _EC_KEY_PTR); -+_EC_KEY_PTR _mkcgo_EC_KEY_new_by_curve_name(int, uintptr_t *); -+int _mkcgo_EC_KEY_set_private_key(_EC_KEY_PTR, const _BIGNUM_PTR, uintptr_t *); -+int _mkcgo_EC_KEY_set_public_key(_EC_KEY_PTR, const _EC_POINT_PTR, uintptr_t *); -+int _mkcgo_EC_KEY_set_public_key_affine_coordinates(_EC_KEY_PTR, _BIGNUM_PTR, _BIGNUM_PTR, uintptr_t *); -+void _mkcgo_EC_POINT_free(_EC_POINT_PTR); -+int _mkcgo_EC_POINT_get_affine_coordinates_GFp(const _EC_GROUP_PTR, const _EC_POINT_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BN_CTX_PTR, uintptr_t *); -+int _mkcgo_EC_POINT_mul(const _EC_GROUP_PTR, _EC_POINT_PTR, const _BIGNUM_PTR, const _EC_POINT_PTR, const _BIGNUM_PTR, _BN_CTX_PTR, uintptr_t *); -+_EC_POINT_PTR _mkcgo_EC_POINT_new(const _EC_GROUP_PTR, uintptr_t *); -+int _mkcgo_EC_POINT_oct2point(const _EC_GROUP_PTR, _EC_POINT_PTR, const unsigned char*, size_t, _BN_CTX_PTR, uintptr_t *); -+size_t _mkcgo_EC_POINT_point2oct(const _EC_GROUP_PTR, const _EC_POINT_PTR, point_conversion_form_t, unsigned char*, size_t, _BN_CTX_PTR, uintptr_t *); -+int _mkcgo_EC_POINT_set_affine_coordinates(const _EC_GROUP_PTR, _EC_POINT_PTR, const _BIGNUM_PTR, const _BIGNUM_PTR, _BN_CTX_PTR, uintptr_t *); -+unsigned long _mkcgo_ERR_peek_error(void); -+void _mkcgo_ERR_print_errors(_BIO_PTR); -+int _mkcgo_EVP_CIPHER_CTX_ctrl(_EVP_CIPHER_CTX_PTR, int, int, void*, uintptr_t *); -+void _mkcgo_EVP_CIPHER_CTX_free(_EVP_CIPHER_CTX_PTR); -+_EVP_CIPHER_CTX_PTR _mkcgo_EVP_CIPHER_CTX_new(uintptr_t *); -+int _mkcgo_EVP_CIPHER_CTX_set_key_length(_EVP_CIPHER_CTX_PTR, int, uintptr_t *); -+int _mkcgo_EVP_CIPHER_CTX_set_padding(_EVP_CIPHER_CTX_PTR, int, uintptr_t *); -+_EVP_CIPHER_PTR _mkcgo_EVP_CIPHER_fetch(_OSSL_LIB_CTX_PTR, const char*, const char*, uintptr_t *); -+const char* _mkcgo_EVP_CIPHER_get0_name(const _EVP_CIPHER_PTR); -+int _mkcgo_EVP_CIPHER_get_block_size(const _EVP_CIPHER_PTR); -+int _mkcgo_EVP_CipherInit_ex(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*, int, uintptr_t *); -+int _mkcgo_EVP_CipherUpdate(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int, uintptr_t *); -+int _mkcgo_EVP_DecryptFinal_ex(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, uintptr_t *); -+int _mkcgo_EVP_DecryptInit_ex(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*, uintptr_t *); -+int _mkcgo_EVP_DecryptUpdate(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int, uintptr_t *); -+int _mkcgo_EVP_Digest(const unsigned char*, size_t, unsigned char*, unsigned int*, const _EVP_MD_PTR, _ENGINE_PTR, uintptr_t *); -+int _mkcgo_EVP_DigestFinalXOF(_EVP_MD_CTX_PTR, unsigned char*, size_t, uintptr_t *); -+int _mkcgo_EVP_DigestFinal_ex(_EVP_MD_CTX_PTR, unsigned char*, unsigned int*, uintptr_t *); -+int _mkcgo_EVP_DigestInit(_EVP_MD_CTX_PTR, const _EVP_MD_PTR, uintptr_t *); -+int _mkcgo_EVP_DigestInit_ex(_EVP_MD_CTX_PTR, const _EVP_MD_PTR, _ENGINE_PTR, uintptr_t *); -+int _mkcgo_EVP_DigestSign(_EVP_MD_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t, uintptr_t *); -+int _mkcgo_EVP_DigestSignFinal(_EVP_MD_CTX_PTR, unsigned char*, size_t*, uintptr_t *); -+int _mkcgo_EVP_DigestSignInit(_EVP_MD_CTX_PTR, _EVP_PKEY_CTX_PTR*, const _EVP_MD_PTR, _ENGINE_PTR, _EVP_PKEY_PTR, uintptr_t *); -+int _mkcgo_EVP_DigestSqueeze(_EVP_MD_CTX_PTR, unsigned char*, size_t, uintptr_t *); -+int _mkcgo_EVP_DigestUpdate(_EVP_MD_CTX_PTR, const unsigned char*, size_t, uintptr_t *); -+int _mkcgo_EVP_DigestVerify(_EVP_MD_CTX_PTR, const unsigned char*, size_t, const unsigned char*, size_t, uintptr_t *); -+int _mkcgo_EVP_DigestVerifyFinal(_EVP_MD_CTX_PTR, const unsigned char*, size_t, uintptr_t *); -+int _mkcgo_EVP_DigestVerifyInit(_EVP_MD_CTX_PTR, _EVP_PKEY_CTX_PTR*, const _EVP_MD_PTR, _ENGINE_PTR, _EVP_PKEY_PTR, uintptr_t *); -+int _mkcgo_EVP_EncryptFinal_ex(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, uintptr_t *); -+int _mkcgo_EVP_EncryptInit_ex(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*, uintptr_t *); -+int _mkcgo_EVP_EncryptUpdate(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int, uintptr_t *); -+void _mkcgo_EVP_KDF_CTX_free(_EVP_KDF_CTX_PTR); -+size_t _mkcgo_EVP_KDF_CTX_get_kdf_size(_EVP_KDF_CTX_PTR, uintptr_t *); -+_EVP_KDF_CTX_PTR _mkcgo_EVP_KDF_CTX_new(_EVP_KDF_PTR, uintptr_t *); -+int _mkcgo_EVP_KDF_CTX_set_params(_EVP_KDF_CTX_PTR, const _OSSL_PARAM_PTR, uintptr_t *); -+int _mkcgo_EVP_KDF_derive(_EVP_KDF_CTX_PTR, unsigned char*, size_t, const _OSSL_PARAM_PTR, uintptr_t *); -+_EVP_KDF_PTR _mkcgo_EVP_KDF_fetch(_OSSL_LIB_CTX_PTR, const char*, const char*, uintptr_t *); -+void _mkcgo_EVP_KDF_free(_EVP_KDF_PTR); -+_EVP_KEYMGMT_PTR _mkcgo_EVP_KEYMGMT_fetch(_OSSL_LIB_CTX_PTR, const char*, const char*, uintptr_t *); -+void _mkcgo_EVP_KEYMGMT_free(_EVP_KEYMGMT_PTR); -+_EVP_MAC_CTX_PTR _mkcgo_EVP_MAC_CTX_dup(const _EVP_MAC_CTX_PTR, uintptr_t *); -+void _mkcgo_EVP_MAC_CTX_free(_EVP_MAC_CTX_PTR); -+_EVP_MAC_CTX_PTR _mkcgo_EVP_MAC_CTX_new(_EVP_MAC_PTR, uintptr_t *); -+int _mkcgo_EVP_MAC_CTX_set_params(_EVP_MAC_CTX_PTR, const _OSSL_PARAM_PTR, uintptr_t *); -+_EVP_MAC_PTR _mkcgo_EVP_MAC_fetch(_OSSL_LIB_CTX_PTR, const char*, const char*, uintptr_t *); -+int _mkcgo_EVP_MAC_final(_EVP_MAC_CTX_PTR, unsigned char*, size_t*, size_t, uintptr_t *); -+int _mkcgo_EVP_MAC_init(_EVP_MAC_CTX_PTR, const unsigned char*, size_t, const _OSSL_PARAM_PTR, uintptr_t *); -+int _mkcgo_EVP_MAC_update(_EVP_MAC_CTX_PTR, const unsigned char*, size_t, uintptr_t *); -+int _mkcgo_EVP_MD_CTX_copy_ex(_EVP_MD_CTX_PTR, const _EVP_MD_CTX_PTR, uintptr_t *); -+int _mkcgo_EVP_MD_CTX_ctrl(_EVP_MD_CTX_PTR, int, int, void*, uintptr_t *); -+void _mkcgo_EVP_MD_CTX_free(_EVP_MD_CTX_PTR); -+int _mkcgo_EVP_MD_CTX_get_params(_EVP_MD_CTX_PTR, _OSSL_PARAM_PTR, uintptr_t *); -+const _OSSL_PARAM_PTR _mkcgo_EVP_MD_CTX_gettable_params(_EVP_MD_CTX_PTR, uintptr_t *); -+_EVP_MD_CTX_PTR _mkcgo_EVP_MD_CTX_new(uintptr_t *); -+int _mkcgo_EVP_MD_CTX_set_params(_EVP_MD_CTX_PTR, const _OSSL_PARAM_PTR, uintptr_t *); -+const _OSSL_PARAM_PTR _mkcgo_EVP_MD_CTX_settable_params(_EVP_MD_CTX_PTR, uintptr_t *); -+_EVP_MD_PTR _mkcgo_EVP_MD_fetch(_OSSL_LIB_CTX_PTR, const char*, const char*, uintptr_t *); -+void _mkcgo_EVP_MD_free(_EVP_MD_PTR); -+const char* _mkcgo_EVP_MD_get0_name(const _EVP_MD_PTR); -+const _OSSL_PROVIDER_PTR _mkcgo_EVP_MD_get0_provider(const _EVP_MD_PTR); -+int _mkcgo_EVP_MD_get_block_size(const _EVP_MD_PTR); -+int _mkcgo_EVP_MD_get_size(const _EVP_MD_PTR); -+int _mkcgo_EVP_MD_get_type(const _EVP_MD_PTR); -+int _mkcgo_EVP_PKEY_CTX_add1_hkdf_info(_EVP_PKEY_CTX_PTR, const unsigned char*, int, uintptr_t *); -+int _mkcgo_EVP_PKEY_CTX_ctrl(_EVP_PKEY_CTX_PTR, int, int, int, int, void*, uintptr_t *); -+void _mkcgo_EVP_PKEY_CTX_free(_EVP_PKEY_CTX_PTR); -+_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new(_EVP_PKEY_PTR, _ENGINE_PTR, uintptr_t *); -+_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new_from_pkey(_OSSL_LIB_CTX_PTR, _EVP_PKEY_PTR, const char*, uintptr_t *); -+_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new_id(int, _ENGINE_PTR, uintptr_t *); -+int _mkcgo_EVP_PKEY_CTX_set0_rsa_oaep_label(_EVP_PKEY_CTX_PTR, unsigned char*, int, uintptr_t *); -+int _mkcgo_EVP_PKEY_CTX_set1_hkdf_key(_EVP_PKEY_CTX_PTR, const unsigned char*, int, uintptr_t *); -+int _mkcgo_EVP_PKEY_CTX_set1_hkdf_salt(_EVP_PKEY_CTX_PTR, const unsigned char*, int, uintptr_t *); -+int _mkcgo_EVP_PKEY_CTX_set_hkdf_md(_EVP_PKEY_CTX_PTR, const _EVP_MD_PTR, uintptr_t *); -+int _mkcgo_EVP_PKEY_CTX_set_hkdf_mode(_EVP_PKEY_CTX_PTR, int, uintptr_t *); -+int _mkcgo_EVP_PKEY_CTX_set_params(_EVP_PKEY_CTX_PTR, const _OSSL_PARAM_PTR, uintptr_t *); -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_EC(_OSSL_LIB_CTX_PTR, const char*, const char*, const char*, uintptr_t *); -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_ED25519(_OSSL_LIB_CTX_PTR, const char*, const char*, uintptr_t *); -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_MLDSA(_OSSL_LIB_CTX_PTR, const char*, const char*, uintptr_t *); -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_MLKEM(_OSSL_LIB_CTX_PTR, const char*, const char*, uintptr_t *); -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_RSA(_OSSL_LIB_CTX_PTR, const char*, const char*, size_t, uintptr_t *); -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_X25519(_OSSL_LIB_CTX_PTR, const char*, const char*, uintptr_t *); -+int _mkcgo_EVP_PKEY_assign(_EVP_PKEY_PTR, int, void*, uintptr_t *); -+int _mkcgo_EVP_PKEY_decapsulate(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t, uintptr_t *); -+int _mkcgo_EVP_PKEY_decapsulate_init(_EVP_PKEY_CTX_PTR, const _OSSL_PARAM_PTR, uintptr_t *); -+int _mkcgo_EVP_PKEY_decrypt(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t, uintptr_t *); -+int _mkcgo_EVP_PKEY_decrypt_init(_EVP_PKEY_CTX_PTR, uintptr_t *); -+int _mkcgo_EVP_PKEY_derive(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, uintptr_t *); -+int _mkcgo_EVP_PKEY_derive_init(_EVP_PKEY_CTX_PTR, uintptr_t *); -+int _mkcgo_EVP_PKEY_derive_set_peer(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR, uintptr_t *); -+int _mkcgo_EVP_PKEY_encapsulate(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, unsigned char*, size_t*, uintptr_t *); -+int _mkcgo_EVP_PKEY_encapsulate_init(_EVP_PKEY_CTX_PTR, const _OSSL_PARAM_PTR, uintptr_t *); -+int _mkcgo_EVP_PKEY_encrypt(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t, uintptr_t *); -+int _mkcgo_EVP_PKEY_encrypt_init(_EVP_PKEY_CTX_PTR, uintptr_t *); -+void _mkcgo_EVP_PKEY_free(_EVP_PKEY_PTR); -+int _mkcgo_EVP_PKEY_fromdata(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*, int, _OSSL_PARAM_PTR, uintptr_t *); -+int _mkcgo_EVP_PKEY_fromdata_init(_EVP_PKEY_CTX_PTR, uintptr_t *); -+_DSA_PTR _mkcgo_EVP_PKEY_get0_DSA(_EVP_PKEY_PTR, uintptr_t *); -+_EC_KEY_PTR _mkcgo_EVP_PKEY_get0_EC_KEY(_EVP_PKEY_PTR, uintptr_t *); -+_RSA_PTR _mkcgo_EVP_PKEY_get1_RSA(_EVP_PKEY_PTR, uintptr_t *); -+size_t _mkcgo_EVP_PKEY_get1_encoded_public_key(_EVP_PKEY_PTR, unsigned char**, uintptr_t *); -+int _mkcgo_EVP_PKEY_get_bits(const _EVP_PKEY_PTR, uintptr_t *); -+int _mkcgo_EVP_PKEY_get_bn_param(const _EVP_PKEY_PTR, const char*, _BIGNUM_PTR*, uintptr_t *); -+int _mkcgo_EVP_PKEY_get_octet_string_param(const _EVP_PKEY_PTR, const char*, unsigned char*, size_t, size_t*, uintptr_t *); -+int _mkcgo_EVP_PKEY_get_raw_private_key(const _EVP_PKEY_PTR, unsigned char*, size_t*, uintptr_t *); -+int _mkcgo_EVP_PKEY_get_raw_public_key(const _EVP_PKEY_PTR, unsigned char*, size_t*, uintptr_t *); -+int _mkcgo_EVP_PKEY_get_size(const _EVP_PKEY_PTR, uintptr_t *); -+int _mkcgo_EVP_PKEY_keygen(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*, uintptr_t *); -+int _mkcgo_EVP_PKEY_keygen_init(_EVP_PKEY_CTX_PTR, uintptr_t *); -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new(uintptr_t *); -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new_raw_private_key(int, _ENGINE_PTR, const unsigned char*, size_t, uintptr_t *); -+_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new_raw_public_key(int, _ENGINE_PTR, const unsigned char*, size_t, uintptr_t *); -+int _mkcgo_EVP_PKEY_paramgen(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*, uintptr_t *); -+int _mkcgo_EVP_PKEY_paramgen_init(_EVP_PKEY_CTX_PTR, uintptr_t *); -+int _mkcgo_EVP_PKEY_private_check(_EVP_PKEY_CTX_PTR, uintptr_t *); -+int _mkcgo_EVP_PKEY_public_check_quick(_EVP_PKEY_CTX_PTR, uintptr_t *); -+int _mkcgo_EVP_PKEY_set1_EC_KEY(_EVP_PKEY_PTR, _EC_KEY_PTR, uintptr_t *); -+int _mkcgo_EVP_PKEY_set1_encoded_public_key(_EVP_PKEY_PTR, const unsigned char*, size_t, uintptr_t *); -+int _mkcgo_EVP_PKEY_sign(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t, uintptr_t *); -+int _mkcgo_EVP_PKEY_sign_init(_EVP_PKEY_CTX_PTR, uintptr_t *); -+int _mkcgo_EVP_PKEY_up_ref(_EVP_PKEY_PTR, uintptr_t *); -+int _mkcgo_EVP_PKEY_verify(_EVP_PKEY_CTX_PTR, const unsigned char*, size_t, const unsigned char*, size_t, uintptr_t *); -+int _mkcgo_EVP_PKEY_verify_init(_EVP_PKEY_CTX_PTR, uintptr_t *); -+_EVP_SIGNATURE_PTR _mkcgo_EVP_SIGNATURE_fetch(_OSSL_LIB_CTX_PTR, const char*, const char*, uintptr_t *); -+void _mkcgo_EVP_SIGNATURE_free(_EVP_SIGNATURE_PTR); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_cbc(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_ctr(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_ecb(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_gcm(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_cbc(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_ctr(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_ecb(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_gcm(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_cbc(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_ctr(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_ecb(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_gcm(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_chacha20_poly1305(void); -+int _mkcgo_EVP_default_properties_enable_fips(_OSSL_LIB_CTX_PTR, int, uintptr_t *); -+int _mkcgo_EVP_default_properties_is_fips_enabled(_OSSL_LIB_CTX_PTR); -+const _EVP_CIPHER_PTR _mkcgo_EVP_des_cbc(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_des_ecb(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_des_ede3_cbc(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_des_ede3_ecb(void); -+const _EVP_MD_PTR _mkcgo_EVP_md4(void); -+const _EVP_MD_PTR _mkcgo_EVP_md5(void); -+const _EVP_MD_PTR _mkcgo_EVP_md5_sha1(void); -+const _EVP_CIPHER_PTR _mkcgo_EVP_rc4(void); -+const _EVP_MD_PTR _mkcgo_EVP_ripemd160(void); -+const _EVP_MD_PTR _mkcgo_EVP_sha1(void); -+const _EVP_MD_PTR _mkcgo_EVP_sha224(void); -+const _EVP_MD_PTR _mkcgo_EVP_sha256(void); -+const _EVP_MD_PTR _mkcgo_EVP_sha384(void); -+const _EVP_MD_PTR _mkcgo_EVP_sha3_224(void); -+const _EVP_MD_PTR _mkcgo_EVP_sha3_256(void); -+const _EVP_MD_PTR _mkcgo_EVP_sha3_384(void); -+const _EVP_MD_PTR _mkcgo_EVP_sha3_512(void); -+const _EVP_MD_PTR _mkcgo_EVP_sha512(void); -+const _EVP_MD_PTR _mkcgo_EVP_sha512_224(void); -+const _EVP_MD_PTR _mkcgo_EVP_sha512_256(void); -+int _mkcgo_FIPS_mode(void); -+int _mkcgo_FIPS_mode_set(int, uintptr_t *); -+int _mkcgo_HMAC_CTX_copy(_HMAC_CTX_PTR, _HMAC_CTX_PTR, uintptr_t *); -+void _mkcgo_HMAC_CTX_free(_HMAC_CTX_PTR); -+_HMAC_CTX_PTR _mkcgo_HMAC_CTX_new(uintptr_t *); -+int _mkcgo_HMAC_Final(_HMAC_CTX_PTR, unsigned char*, unsigned int*, uintptr_t *); -+int _mkcgo_HMAC_Init_ex(_HMAC_CTX_PTR, const unsigned char*, int, const _EVP_MD_PTR, _ENGINE_PTR, uintptr_t *); -+int _mkcgo_HMAC_Update(_HMAC_CTX_PTR, const unsigned char*, size_t, uintptr_t *); -+const char* _mkcgo_OBJ_nid2sn(int); -+void _mkcgo_OPENSSL_init(void); -+int _mkcgo_OPENSSL_init_crypto(uint64_t, const _OPENSSL_INIT_SETTINGS_PTR, uintptr_t *); -+unsigned int _mkcgo_OPENSSL_version_major(void); -+unsigned int _mkcgo_OPENSSL_version_minor(void); -+unsigned int _mkcgo_OPENSSL_version_patch(void); -+void _mkcgo_OSSL_PARAM_BLD_free(_OSSL_PARAM_BLD_PTR); -+_OSSL_PARAM_BLD_PTR _mkcgo_OSSL_PARAM_BLD_new(void); -+int _mkcgo_OSSL_PARAM_BLD_push_BN(_OSSL_PARAM_BLD_PTR, const char*, const _BIGNUM_PTR, uintptr_t *); -+int _mkcgo_OSSL_PARAM_BLD_push_int32(_OSSL_PARAM_BLD_PTR, const char*, int32_t, uintptr_t *); -+int _mkcgo_OSSL_PARAM_BLD_push_octet_string(_OSSL_PARAM_BLD_PTR, const char*, const unsigned char*, size_t, uintptr_t *); -+int _mkcgo_OSSL_PARAM_BLD_push_utf8_string(_OSSL_PARAM_BLD_PTR, const char*, const char*, size_t, uintptr_t *); -+_OSSL_PARAM_PTR _mkcgo_OSSL_PARAM_BLD_to_param(_OSSL_PARAM_BLD_PTR, uintptr_t *); -+void _mkcgo_OSSL_PARAM_free(_OSSL_PARAM_PTR); -+const _OSSL_PARAM_PTR _mkcgo_OSSL_PARAM_locate_const(const _OSSL_PARAM_PTR, const char*, uintptr_t *); -+int _mkcgo_OSSL_PROVIDER_available(_OSSL_LIB_CTX_PTR, const char*); -+const char* _mkcgo_OSSL_PROVIDER_get0_name(const _OSSL_PROVIDER_PTR); -+_OSSL_PROVIDER_PTR _mkcgo_OSSL_PROVIDER_try_load(_OSSL_LIB_CTX_PTR, const char*, int, uintptr_t *); -+const char* _mkcgo_OpenSSL_version(int); -+unsigned long _mkcgo_OpenSSL_version_num(void); -+int _mkcgo_PKCS5_PBKDF2_HMAC(const char*, int, const unsigned char*, int, int, const _EVP_MD_PTR, int, unsigned char*, uintptr_t *); -+int _mkcgo_RAND_bytes(unsigned char*, int, uintptr_t *); -+int _mkcgo_RAND_bytes_ex(_OSSL_LIB_CTX_PTR, unsigned char*, size_t, unsigned int, uintptr_t *); -+void _mkcgo_RSA_free(_RSA_PTR); -+void _mkcgo_RSA_get0_crt_params(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); -+void _mkcgo_RSA_get0_factors(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*); -+void _mkcgo_RSA_get0_key(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); -+_RSA_PTR _mkcgo_RSA_new(uintptr_t *); -+int _mkcgo_RSA_set0_crt_params(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR, uintptr_t *); -+int _mkcgo_RSA_set0_factors(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, uintptr_t *); -+int _mkcgo_RSA_set0_key(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR, uintptr_t *); -+ -+#endif // MKCGO_H -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl_cgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl_cgo.go -new file mode 100644 -index 00000000000000..2eb57068990277 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl_cgo.go -@@ -0,0 +1,1513 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+// Code generated by mkcgo. DO NOT EDIT. -+ -+package ossl -+ -+/* -+#cgo CFLAGS: -Wno-attributes -+#cgo unix LDFLAGS: -ldl -+ -+#include "zossl.h" -+#cgo noescape _mkcgo_BIO_ctrl -+#cgo nocallback _mkcgo_BIO_ctrl -+#cgo noescape _mkcgo_BIO_free -+#cgo nocallback _mkcgo_BIO_free -+#cgo noescape _mkcgo_ERR_print_errors -+#cgo nocallback _mkcgo_ERR_print_errors -+#cgo noescape _mkcgo_EVP_CipherUpdate -+#cgo nocallback _mkcgo_EVP_CipherUpdate -+#cgo noescape _mkcgo_EVP_DecryptFinal_ex -+#cgo nocallback _mkcgo_EVP_DecryptFinal_ex -+#cgo noescape _mkcgo_EVP_DecryptUpdate -+#cgo nocallback _mkcgo_EVP_DecryptUpdate -+#cgo noescape _mkcgo_EVP_Digest -+#cgo nocallback _mkcgo_EVP_Digest -+#cgo noescape _mkcgo_EVP_DigestFinalXOF -+#cgo nocallback _mkcgo_EVP_DigestFinalXOF -+#cgo noescape _mkcgo_EVP_DigestFinal_ex -+#cgo nocallback _mkcgo_EVP_DigestFinal_ex -+#cgo noescape _mkcgo_EVP_DigestSign -+#cgo nocallback _mkcgo_EVP_DigestSign -+#cgo noescape _mkcgo_EVP_DigestSqueeze -+#cgo nocallback _mkcgo_EVP_DigestSqueeze -+#cgo noescape _mkcgo_EVP_DigestUpdate -+#cgo nocallback _mkcgo_EVP_DigestUpdate -+#cgo noescape _mkcgo_EVP_EncryptFinal_ex -+#cgo nocallback _mkcgo_EVP_EncryptFinal_ex -+#cgo noescape _mkcgo_EVP_EncryptUpdate -+#cgo nocallback _mkcgo_EVP_EncryptUpdate -+#cgo noescape _mkcgo_EVP_MAC_CTX_free -+#cgo nocallback _mkcgo_EVP_MAC_CTX_free -+#cgo noescape _mkcgo_EVP_MAC_final -+#cgo nocallback _mkcgo_EVP_MAC_final -+#cgo noescape _mkcgo_EVP_MAC_init -+#cgo nocallback _mkcgo_EVP_MAC_init -+#cgo noescape _mkcgo_EVP_MAC_update -+#cgo nocallback _mkcgo_EVP_MAC_update -+#cgo noescape _mkcgo_EVP_MD_CTX_get_params -+#cgo nocallback _mkcgo_EVP_MD_CTX_get_params -+#cgo noescape _mkcgo_EVP_MD_CTX_set_params -+#cgo nocallback _mkcgo_EVP_MD_CTX_set_params -+#cgo noescape _mkcgo_EVP_PKEY_CTX_set_params -+#cgo nocallback _mkcgo_EVP_PKEY_CTX_set_params -+#cgo noescape _mkcgo_EVP_PKEY_Q_keygen_EC -+#cgo nocallback _mkcgo_EVP_PKEY_Q_keygen_EC -+#cgo noescape _mkcgo_EVP_PKEY_Q_keygen_ED25519 -+#cgo nocallback _mkcgo_EVP_PKEY_Q_keygen_ED25519 -+#cgo noescape _mkcgo_EVP_PKEY_Q_keygen_MLDSA -+#cgo nocallback _mkcgo_EVP_PKEY_Q_keygen_MLDSA -+#cgo noescape _mkcgo_EVP_PKEY_Q_keygen_MLKEM -+#cgo nocallback _mkcgo_EVP_PKEY_Q_keygen_MLKEM -+#cgo noescape _mkcgo_EVP_PKEY_Q_keygen_RSA -+#cgo nocallback _mkcgo_EVP_PKEY_Q_keygen_RSA -+#cgo noescape _mkcgo_EVP_PKEY_Q_keygen_X25519 -+#cgo nocallback _mkcgo_EVP_PKEY_Q_keygen_X25519 -+#cgo noescape _mkcgo_EVP_PKEY_derive -+#cgo nocallback _mkcgo_EVP_PKEY_derive -+#cgo noescape _mkcgo_EVP_PKEY_get_bn_param -+#cgo nocallback _mkcgo_EVP_PKEY_get_bn_param -+#cgo noescape _mkcgo_EVP_PKEY_get_raw_private_key -+#cgo nocallback _mkcgo_EVP_PKEY_get_raw_private_key -+#cgo noescape _mkcgo_EVP_PKEY_get_raw_public_key -+#cgo nocallback _mkcgo_EVP_PKEY_get_raw_public_key -+#cgo noescape _mkcgo_EVP_PKEY_keygen -+#cgo nocallback _mkcgo_EVP_PKEY_keygen -+#cgo noescape _mkcgo_HMAC_CTX_copy -+#cgo nocallback _mkcgo_HMAC_CTX_copy -+#cgo noescape _mkcgo_HMAC_CTX_free -+#cgo nocallback _mkcgo_HMAC_CTX_free -+#cgo noescape _mkcgo_HMAC_Final -+#cgo nocallback _mkcgo_HMAC_Final -+#cgo noescape _mkcgo_HMAC_Init_ex -+#cgo nocallback _mkcgo_HMAC_Init_ex -+#cgo noescape _mkcgo_HMAC_Update -+#cgo nocallback _mkcgo_HMAC_Update -+#cgo noescape _mkcgo_RAND_bytes -+#cgo nocallback _mkcgo_RAND_bytes -+#cgo noescape _mkcgo_RAND_bytes_ex -+#cgo nocallback _mkcgo_RAND_bytes_ex -+*/ -+import "C" -+import "unsafe" -+ -+type BIGNUM_PTR = C._BIGNUM_PTR -+type BIO_METHOD_PTR = C._BIO_METHOD_PTR -+type BIO_PTR = C._BIO_PTR -+type BN_CTX_PTR = C._BN_CTX_PTR -+type DSA_PTR = C._DSA_PTR -+type EC_GROUP_PTR = C._EC_GROUP_PTR -+type EC_KEY_PTR = C._EC_KEY_PTR -+type EC_POINT_PTR = C._EC_POINT_PTR -+type ENGINE_PTR = C._ENGINE_PTR -+type EVP_CIPHER_CTX_PTR = C._EVP_CIPHER_CTX_PTR -+type EVP_CIPHER_PTR = C._EVP_CIPHER_PTR -+type EVP_KDF_CTX_PTR = C._EVP_KDF_CTX_PTR -+type EVP_KDF_PTR = C._EVP_KDF_PTR -+type EVP_KEYMGMT_PTR = C._EVP_KEYMGMT_PTR -+type EVP_MAC_CTX_PTR = C._EVP_MAC_CTX_PTR -+type EVP_MAC_PTR = C._EVP_MAC_PTR -+type EVP_MD_CTX_PTR = C._EVP_MD_CTX_PTR -+type EVP_MD_PTR = C._EVP_MD_PTR -+type EVP_PKEY_CTX_PTR = C._EVP_PKEY_CTX_PTR -+type EVP_PKEY_PTR = C._EVP_PKEY_PTR -+type EVP_SIGNATURE_PTR = C._EVP_SIGNATURE_PTR -+type HMAC_CTX_PTR = C._HMAC_CTX_PTR -+type OPENSSL_INIT_SETTINGS_PTR = C._OPENSSL_INIT_SETTINGS_PTR -+type OSSL_LIB_CTX_PTR = C._OSSL_LIB_CTX_PTR -+type OSSL_PARAM_BLD_PTR = C._OSSL_PARAM_BLD_PTR -+type OSSL_PARAM_PTR = C._OSSL_PARAM_PTR -+type OSSL_PROVIDER_PTR = C._OSSL_PROVIDER_PTR -+type RSA_PTR = C._RSA_PTR -+type Point_conversion_form_t = C.point_conversion_form_t -+ -+func MkcgoLoad_(handle unsafe.Pointer) { -+ C.__mkcgo_load_(handle) -+} -+ -+func MkcgoUnload_() { -+ C.__mkcgo_unload_() -+} -+ -+func MkcgoLoad_3(handle unsafe.Pointer) { -+ C.__mkcgo_load_3(handle) -+} -+ -+func MkcgoUnload_3() { -+ C.__mkcgo_unload_3() -+} -+ -+func MkcgoLoad_33(handle unsafe.Pointer) { -+ C.__mkcgo_load_33(handle) -+} -+ -+func MkcgoUnload_33() { -+ C.__mkcgo_unload_33() -+} -+ -+func MkcgoLoad_init_1(handle unsafe.Pointer) { -+ C.__mkcgo_load_init_1(handle) -+} -+ -+func MkcgoUnload_init_1() { -+ C.__mkcgo_unload_init_1() -+} -+ -+func MkcgoLoad_init_3(handle unsafe.Pointer) { -+ C.__mkcgo_load_init_3(handle) -+} -+ -+func MkcgoUnload_init_3() { -+ C.__mkcgo_unload_init_3() -+} -+ -+func MkcgoLoad_legacy_1(handle unsafe.Pointer) { -+ C.__mkcgo_load_legacy_1(handle) -+} -+ -+func MkcgoUnload_legacy_1() { -+ C.__mkcgo_unload_legacy_1() -+} -+ -+func MkcgoLoad_version(handle unsafe.Pointer) { -+ C.__mkcgo_load_version(handle) -+} -+ -+func MkcgoUnload_version() { -+ C.__mkcgo_unload_version() -+} -+ -+//go:nosplit -+func mkcgoNoEscape(p *C.uintptr_t) *C.uintptr_t { -+ x := uintptr(unsafe.Pointer(p)) -+ return (*C.uintptr_t)(unsafe.Pointer(x ^ 0)) -+} -+ -+func BIO_ctrl(bp BIO_PTR, cmd int32, larg int64, parg unsafe.Pointer) int64 { -+ return int64(C._mkcgo_BIO_ctrl(bp, C.int(cmd), C.long(larg), parg)) -+} -+ -+func BIO_free(a BIO_PTR) int32 { -+ return int32(C._mkcgo_BIO_free(a)) -+} -+ -+func BIO_new(__type BIO_METHOD_PTR) (BIO_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_BIO_new(__type, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("BIO_new", uintptr(_err)) -+} -+ -+func BIO_s_mem() BIO_METHOD_PTR { -+ return C._mkcgo_BIO_s_mem() -+} -+ -+func BN_bin2bn(arg0 []byte, arg2 BIGNUM_PTR) (BIGNUM_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_BN_bin2bn((*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg0))), C.int(len(arg0)), arg2, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("BN_bin2bn", uintptr(_err)) -+} -+ -+func BN_bn2binpad(a BIGNUM_PTR, to []byte) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_BN_bn2binpad(a, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(to))), C.int(len(to)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("BN_bn2binpad", uintptr(_err)) -+} -+ -+func BN_bn2lebinpad(a BIGNUM_PTR, to []byte) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_BN_bn2lebinpad(a, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(to))), C.int(len(to)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("BN_bn2lebinpad", uintptr(_err)) -+} -+ -+func BN_clear(arg0 BIGNUM_PTR) { -+ C._mkcgo_BN_clear(arg0) -+} -+ -+func BN_clear_free(arg0 BIGNUM_PTR) { -+ C._mkcgo_BN_clear_free(arg0) -+} -+ -+func BN_free(arg0 BIGNUM_PTR) { -+ C._mkcgo_BN_free(arg0) -+} -+ -+func BN_lebin2bn(s []byte, ret BIGNUM_PTR) (BIGNUM_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_BN_lebin2bn((*C.uchar)(unsafe.Pointer(unsafe.SliceData(s))), C.int(len(s)), ret, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("BN_lebin2bn", uintptr(_err)) -+} -+ -+func BN_new() (BIGNUM_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_BN_new(mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("BN_new", uintptr(_err)) -+} -+ -+func BN_num_bits(arg0 BIGNUM_PTR) int32 { -+ return int32(C._mkcgo_BN_num_bits(arg0)) -+} -+ -+func CRYPTO_free(str unsafe.Pointer, file *byte, line int32) { -+ C._mkcgo_CRYPTO_free(str, (*C.char)(unsafe.Pointer(file)), C.int(line)) -+} -+ -+func CRYPTO_malloc(num int, file *byte, line int32) (unsafe.Pointer, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_CRYPTO_malloc(C.size_t(num), (*C.char)(unsafe.Pointer(file)), C.int(line), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("CRYPTO_malloc", uintptr(_err)) -+} -+ -+func DSA_free(r DSA_PTR) { -+ C._mkcgo_DSA_free(r) -+} -+ -+func DSA_generate_key(a DSA_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_DSA_generate_key(a, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("DSA_generate_key", uintptr(_err)) -+} -+ -+func DSA_get0_key(d DSA_PTR, pub_key *BIGNUM_PTR, priv_key *BIGNUM_PTR) { -+ C._mkcgo_DSA_get0_key(d, pub_key, priv_key) -+} -+ -+func DSA_get0_pqg(d DSA_PTR, p *BIGNUM_PTR, q *BIGNUM_PTR, g *BIGNUM_PTR) { -+ C._mkcgo_DSA_get0_pqg(d, p, q, g) -+} -+ -+func DSA_new() (DSA_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_DSA_new(mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("DSA_new", uintptr(_err)) -+} -+ -+func DSA_set0_key(d DSA_PTR, pub_key BIGNUM_PTR, priv_key BIGNUM_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_DSA_set0_key(d, pub_key, priv_key, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("DSA_set0_key", uintptr(_err)) -+} -+ -+func DSA_set0_pqg(d DSA_PTR, p BIGNUM_PTR, q BIGNUM_PTR, g BIGNUM_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_DSA_set0_pqg(d, p, q, g, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("DSA_set0_pqg", uintptr(_err)) -+} -+ -+func EC_GROUP_free(group EC_GROUP_PTR) { -+ C._mkcgo_EC_GROUP_free(group) -+} -+ -+func EC_GROUP_new_by_curve_name(nid int32) (EC_GROUP_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EC_GROUP_new_by_curve_name(C.int(nid), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EC_GROUP_new_by_curve_name", uintptr(_err)) -+} -+ -+func EC_KEY_check_key(key EC_KEY_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EC_KEY_check_key(key, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EC_KEY_check_key", uintptr(_err)) -+} -+ -+func EC_KEY_free(arg0 EC_KEY_PTR) { -+ C._mkcgo_EC_KEY_free(arg0) -+} -+ -+func EC_KEY_get0_group(arg0 EC_KEY_PTR) EC_GROUP_PTR { -+ return C._mkcgo_EC_KEY_get0_group(arg0) -+} -+ -+func EC_KEY_get0_private_key(arg0 EC_KEY_PTR) BIGNUM_PTR { -+ return C._mkcgo_EC_KEY_get0_private_key(arg0) -+} -+ -+func EC_KEY_get0_public_key(arg0 EC_KEY_PTR) EC_POINT_PTR { -+ return C._mkcgo_EC_KEY_get0_public_key(arg0) -+} -+ -+func EC_KEY_new_by_curve_name(arg0 int32) (EC_KEY_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EC_KEY_new_by_curve_name(C.int(arg0), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EC_KEY_new_by_curve_name", uintptr(_err)) -+} -+ -+func EC_KEY_set_private_key(arg0 EC_KEY_PTR, arg1 BIGNUM_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EC_KEY_set_private_key(arg0, arg1, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EC_KEY_set_private_key", uintptr(_err)) -+} -+ -+func EC_KEY_set_public_key(key EC_KEY_PTR, pub EC_POINT_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EC_KEY_set_public_key(key, pub, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EC_KEY_set_public_key", uintptr(_err)) -+} -+ -+func EC_KEY_set_public_key_affine_coordinates(key EC_KEY_PTR, x BIGNUM_PTR, y BIGNUM_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EC_KEY_set_public_key_affine_coordinates(key, x, y, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EC_KEY_set_public_key_affine_coordinates", uintptr(_err)) -+} -+ -+func EC_POINT_free(arg0 EC_POINT_PTR) { -+ C._mkcgo_EC_POINT_free(arg0) -+} -+ -+func EC_POINT_get_affine_coordinates_GFp(arg0 EC_GROUP_PTR, arg1 EC_POINT_PTR, arg2 BIGNUM_PTR, arg3 BIGNUM_PTR, arg4 BN_CTX_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EC_POINT_get_affine_coordinates_GFp(arg0, arg1, arg2, arg3, arg4, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EC_POINT_get_affine_coordinates_GFp", uintptr(_err)) -+} -+ -+func EC_POINT_mul(group EC_GROUP_PTR, r EC_POINT_PTR, n BIGNUM_PTR, q EC_POINT_PTR, m BIGNUM_PTR, ctx BN_CTX_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EC_POINT_mul(group, r, n, q, m, ctx, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EC_POINT_mul", uintptr(_err)) -+} -+ -+func EC_POINT_new(arg0 EC_GROUP_PTR) (EC_POINT_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EC_POINT_new(arg0, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EC_POINT_new", uintptr(_err)) -+} -+ -+func EC_POINT_oct2point(group EC_GROUP_PTR, p EC_POINT_PTR, buf []byte, ctx BN_CTX_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EC_POINT_oct2point(group, p, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(buf))), C.size_t(len(buf)), ctx, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EC_POINT_oct2point", uintptr(_err)) -+} -+ -+func EC_POINT_point2oct(group EC_GROUP_PTR, p EC_POINT_PTR, form Point_conversion_form_t, buf []byte, ctx BN_CTX_PTR) (int, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EC_POINT_point2oct(group, p, form, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(buf))), C.size_t(len(buf)), ctx, mkcgoNoEscape(&_err)) -+ return int(_ret), newMkcgoErr("EC_POINT_point2oct", uintptr(_err)) -+} -+ -+func EC_POINT_set_affine_coordinates(arg0 EC_GROUP_PTR, arg1 EC_POINT_PTR, arg2 BIGNUM_PTR, arg3 BIGNUM_PTR, arg4 BN_CTX_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EC_POINT_set_affine_coordinates(arg0, arg1, arg2, arg3, arg4, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EC_POINT_set_affine_coordinates", uintptr(_err)) -+} -+ -+func ERR_peek_error() uint64 { -+ return uint64(C._mkcgo_ERR_peek_error()) -+} -+ -+func ERR_print_errors(bp BIO_PTR) { -+ C._mkcgo_ERR_print_errors(bp) -+} -+ -+func EVP_CIPHER_CTX_ctrl(ctx EVP_CIPHER_CTX_PTR, __type int32, arg int32, ptr unsafe.Pointer) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_CIPHER_CTX_ctrl(ctx, C.int(__type), C.int(arg), ptr, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_CIPHER_CTX_ctrl", uintptr(_err)) -+} -+ -+func EVP_CIPHER_CTX_free(arg0 EVP_CIPHER_CTX_PTR) { -+ C._mkcgo_EVP_CIPHER_CTX_free(arg0) -+} -+ -+func EVP_CIPHER_CTX_new() (EVP_CIPHER_CTX_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_CIPHER_CTX_new(mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_CIPHER_CTX_new", uintptr(_err)) -+} -+ -+func EVP_CIPHER_CTX_set_key_length(x EVP_CIPHER_CTX_PTR, keylen int32) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_CIPHER_CTX_set_key_length(x, C.int(keylen), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_CIPHER_CTX_set_key_length", uintptr(_err)) -+} -+ -+func EVP_CIPHER_CTX_set_padding(x EVP_CIPHER_CTX_PTR, padding int32) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_CIPHER_CTX_set_padding(x, C.int(padding), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_CIPHER_CTX_set_padding", uintptr(_err)) -+} -+ -+func EVP_CIPHER_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_CIPHER_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_CIPHER_fetch(ctx, (*C.char)(unsafe.Pointer(algorithm)), (*C.char)(unsafe.Pointer(properties)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_CIPHER_fetch", uintptr(_err)) -+} -+ -+func EVP_CIPHER_get0_name(cipher EVP_CIPHER_PTR) *byte { -+ return (*byte)(unsafe.Pointer(C._mkcgo_EVP_CIPHER_get0_name(cipher))) -+} -+ -+func EVP_CIPHER_get_block_size(cipher EVP_CIPHER_PTR) int32 { -+ return int32(C._mkcgo_EVP_CIPHER_get_block_size(cipher)) -+} -+ -+func EVP_CipherInit_ex(ctx EVP_CIPHER_CTX_PTR, __type EVP_CIPHER_PTR, impl ENGINE_PTR, key *byte, iv *byte, enc int32) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_CipherInit_ex(ctx, __type, impl, (*C.uchar)(unsafe.Pointer(key)), (*C.uchar)(unsafe.Pointer(iv)), C.int(enc), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_CipherInit_ex", uintptr(_err)) -+} -+ -+func EVP_CipherUpdate(ctx EVP_CIPHER_CTX_PTR, out []byte, outl *int32, in []byte) (int32, error) { -+ if outl != nil && int(*outl) > len(out) { -+ panic("EVP_CipherUpdate: *outl exceeds len(out)") -+ } -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_CipherUpdate(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(out))), (*C.int)(unsafe.Pointer(outl)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(in))), C.int(len(in)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_CipherUpdate", uintptr(_err)) -+} -+ -+func EVP_DecryptFinal_ex(ctx EVP_CIPHER_CTX_PTR, outm []byte, outl *int32) (int32, error) { -+ if outl != nil && int(*outl) > len(outm) { -+ panic("EVP_DecryptFinal_ex: *outl exceeds len(outm)") -+ } -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_DecryptFinal_ex(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(outm))), (*C.int)(unsafe.Pointer(outl)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DecryptFinal_ex", uintptr(_err)) -+} -+ -+func EVP_DecryptInit_ex(ctx EVP_CIPHER_CTX_PTR, __type EVP_CIPHER_PTR, impl ENGINE_PTR, key *byte, iv *byte) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_DecryptInit_ex(ctx, __type, impl, (*C.uchar)(unsafe.Pointer(key)), (*C.uchar)(unsafe.Pointer(iv)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DecryptInit_ex", uintptr(_err)) -+} -+ -+func EVP_DecryptUpdate(ctx EVP_CIPHER_CTX_PTR, out []byte, outl *int32, in []byte) (int32, error) { -+ if outl != nil && int(*outl) > len(out) { -+ panic("EVP_DecryptUpdate: *outl exceeds len(out)") -+ } -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_DecryptUpdate(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(out))), (*C.int)(unsafe.Pointer(outl)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(in))), C.int(len(in)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DecryptUpdate", uintptr(_err)) -+} -+ -+func EVP_Digest(data []byte, md []byte, size *uint32, __type EVP_MD_PTR, impl ENGINE_PTR) (int32, error) { -+ if size != nil && int(*size) > len(md) { -+ panic("EVP_Digest: *size exceeds len(md)") -+ } -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_Digest((*C.uchar)(unsafe.Pointer(unsafe.SliceData(data))), C.size_t(len(data)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(md))), (*C.uint)(unsafe.Pointer(size)), __type, impl, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_Digest", uintptr(_err)) -+} -+ -+func EVP_DigestFinalXOF(ctx EVP_MD_CTX_PTR, md []byte) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_DigestFinalXOF(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(md))), C.size_t(len(md)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DigestFinalXOF", uintptr(_err)) -+} -+ -+func EVP_DigestFinal_ex(ctx EVP_MD_CTX_PTR, md []byte, s *uint32) (int32, error) { -+ if s != nil && int(*s) > len(md) { -+ panic("EVP_DigestFinal_ex: *s exceeds len(md)") -+ } -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_DigestFinal_ex(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(md))), (*C.uint)(unsafe.Pointer(s)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DigestFinal_ex", uintptr(_err)) -+} -+ -+func EVP_DigestInit(ctx EVP_MD_CTX_PTR, __type EVP_MD_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_DigestInit(ctx, __type, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DigestInit", uintptr(_err)) -+} -+ -+func EVP_DigestInit_ex(ctx EVP_MD_CTX_PTR, __type EVP_MD_PTR, impl ENGINE_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_DigestInit_ex(ctx, __type, impl, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DigestInit_ex", uintptr(_err)) -+} -+ -+func EVP_DigestSign(ctx EVP_MD_CTX_PTR, sigret []byte, siglen *int, tbs []byte) (int32, error) { -+ if siglen != nil && int(*siglen) > len(sigret) { -+ panic("EVP_DigestSign: *siglen exceeds len(sigret)") -+ } -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_DigestSign(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(sigret))), (*C.size_t)(unsafe.Pointer(siglen)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(tbs))), C.size_t(len(tbs)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DigestSign", uintptr(_err)) -+} -+ -+func EVP_DigestSignFinal(ctx EVP_MD_CTX_PTR, sig []byte, siglen *int) (int32, error) { -+ if siglen != nil && int(*siglen) > len(sig) { -+ panic("EVP_DigestSignFinal: *siglen exceeds len(sig)") -+ } -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_DigestSignFinal(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(sig))), (*C.size_t)(unsafe.Pointer(siglen)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DigestSignFinal", uintptr(_err)) -+} -+ -+func EVP_DigestSignInit(ctx EVP_MD_CTX_PTR, pctx *EVP_PKEY_CTX_PTR, __type EVP_MD_PTR, e ENGINE_PTR, pkey EVP_PKEY_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_DigestSignInit(ctx, pctx, __type, e, pkey, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DigestSignInit", uintptr(_err)) -+} -+ -+func EVP_DigestSqueeze_Available() bool { -+ return C._mkcgo_available_EVP_DigestSqueeze() != 0 -+} -+ -+func EVP_DigestSqueeze(ctx EVP_MD_CTX_PTR, out []byte) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_DigestSqueeze(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(out))), C.size_t(len(out)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DigestSqueeze", uintptr(_err)) -+} -+ -+func EVP_DigestUpdate(ctx EVP_MD_CTX_PTR, d []byte) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_DigestUpdate(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(d))), C.size_t(len(d)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DigestUpdate", uintptr(_err)) -+} -+ -+func EVP_DigestVerify(ctx EVP_MD_CTX_PTR, sigret []byte, tbs []byte) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_DigestVerify(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(sigret))), C.size_t(len(sigret)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(tbs))), C.size_t(len(tbs)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DigestVerify", uintptr(_err)) -+} -+ -+func EVP_DigestVerifyFinal(ctx EVP_MD_CTX_PTR, sig []byte) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_DigestVerifyFinal(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(sig))), C.size_t(len(sig)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DigestVerifyFinal", uintptr(_err)) -+} -+ -+func EVP_DigestVerifyInit(ctx EVP_MD_CTX_PTR, pctx *EVP_PKEY_CTX_PTR, __type EVP_MD_PTR, e ENGINE_PTR, pkey EVP_PKEY_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_DigestVerifyInit(ctx, pctx, __type, e, pkey, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_DigestVerifyInit", uintptr(_err)) -+} -+ -+func EVP_EncryptFinal_ex(ctx EVP_CIPHER_CTX_PTR, out []byte, outl *int32) (int32, error) { -+ if outl != nil && int(*outl) > len(out) { -+ panic("EVP_EncryptFinal_ex: *outl exceeds len(out)") -+ } -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_EncryptFinal_ex(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(out))), (*C.int)(unsafe.Pointer(outl)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_EncryptFinal_ex", uintptr(_err)) -+} -+ -+func EVP_EncryptInit_ex(ctx EVP_CIPHER_CTX_PTR, __type EVP_CIPHER_PTR, impl ENGINE_PTR, key *byte, iv *byte) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_EncryptInit_ex(ctx, __type, impl, (*C.uchar)(unsafe.Pointer(key)), (*C.uchar)(unsafe.Pointer(iv)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_EncryptInit_ex", uintptr(_err)) -+} -+ -+func EVP_EncryptUpdate(ctx EVP_CIPHER_CTX_PTR, out []byte, outl *int32, in []byte) (int32, error) { -+ if outl != nil && int(*outl) > len(out) { -+ panic("EVP_EncryptUpdate: *outl exceeds len(out)") -+ } -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_EncryptUpdate(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(out))), (*C.int)(unsafe.Pointer(outl)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(in))), C.int(len(in)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_EncryptUpdate", uintptr(_err)) -+} -+ -+func EVP_KDF_CTX_free(ctx EVP_KDF_CTX_PTR) { -+ C._mkcgo_EVP_KDF_CTX_free(ctx) -+} -+ -+func EVP_KDF_CTX_get_kdf_size(ctx EVP_KDF_CTX_PTR) (int, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_KDF_CTX_get_kdf_size(ctx, mkcgoNoEscape(&_err)) -+ return int(_ret), newMkcgoErr("EVP_KDF_CTX_get_kdf_size", uintptr(_err)) -+} -+ -+func EVP_KDF_CTX_new(kdf EVP_KDF_PTR) (EVP_KDF_CTX_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_KDF_CTX_new(kdf, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_KDF_CTX_new", uintptr(_err)) -+} -+ -+func EVP_KDF_CTX_set_params(ctx EVP_KDF_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_KDF_CTX_set_params(ctx, params, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_KDF_CTX_set_params", uintptr(_err)) -+} -+ -+func EVP_KDF_derive(ctx EVP_KDF_CTX_PTR, key []byte, params OSSL_PARAM_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_KDF_derive(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(key))), C.size_t(len(key)), params, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_KDF_derive", uintptr(_err)) -+} -+ -+func EVP_KDF_fetch(libctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_KDF_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_KDF_fetch(libctx, (*C.char)(unsafe.Pointer(algorithm)), (*C.char)(unsafe.Pointer(properties)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_KDF_fetch", uintptr(_err)) -+} -+ -+func EVP_KDF_free(kdf EVP_KDF_PTR) { -+ C._mkcgo_EVP_KDF_free(kdf) -+} -+ -+func EVP_KEYMGMT_fetch_Available() bool { -+ return C._mkcgo_available_EVP_KEYMGMT_fetch() != 0 -+} -+ -+func EVP_KEYMGMT_fetch(libctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_KEYMGMT_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_KEYMGMT_fetch(libctx, (*C.char)(unsafe.Pointer(algorithm)), (*C.char)(unsafe.Pointer(properties)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_KEYMGMT_fetch", uintptr(_err)) -+} -+ -+func EVP_KEYMGMT_free(keymgmt EVP_KEYMGMT_PTR) { -+ C._mkcgo_EVP_KEYMGMT_free(keymgmt) -+} -+ -+func EVP_MAC_CTX_dup(arg0 EVP_MAC_CTX_PTR) (EVP_MAC_CTX_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_MAC_CTX_dup(arg0, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_MAC_CTX_dup", uintptr(_err)) -+} -+ -+func EVP_MAC_CTX_free(arg0 EVP_MAC_CTX_PTR) { -+ C._mkcgo_EVP_MAC_CTX_free(arg0) -+} -+ -+func EVP_MAC_CTX_new(arg0 EVP_MAC_PTR) (EVP_MAC_CTX_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_MAC_CTX_new(arg0, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_MAC_CTX_new", uintptr(_err)) -+} -+ -+func EVP_MAC_CTX_set_params(ctx EVP_MAC_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_MAC_CTX_set_params(ctx, params, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_MAC_CTX_set_params", uintptr(_err)) -+} -+ -+func EVP_MAC_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_MAC_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_MAC_fetch(ctx, (*C.char)(unsafe.Pointer(algorithm)), (*C.char)(unsafe.Pointer(properties)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_MAC_fetch", uintptr(_err)) -+} -+ -+func EVP_MAC_final(ctx EVP_MAC_CTX_PTR, out []byte, outl *int) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_MAC_final(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(out))), (*C.size_t)(unsafe.Pointer(outl)), C.size_t(len(out)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_MAC_final", uintptr(_err)) -+} -+ -+func EVP_MAC_init(ctx EVP_MAC_CTX_PTR, key []byte, params OSSL_PARAM_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_MAC_init(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(key))), C.size_t(len(key)), params, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_MAC_init", uintptr(_err)) -+} -+ -+func EVP_MAC_update(ctx EVP_MAC_CTX_PTR, data []byte) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_MAC_update(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(data))), C.size_t(len(data)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_MAC_update", uintptr(_err)) -+} -+ -+func EVP_MD_CTX_copy_ex(out EVP_MD_CTX_PTR, in EVP_MD_CTX_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_MD_CTX_copy_ex(out, in, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_MD_CTX_copy_ex", uintptr(_err)) -+} -+ -+func EVP_MD_CTX_ctrl(ctx EVP_MD_CTX_PTR, cmd int32, p1 int32, p2 unsafe.Pointer) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_MD_CTX_ctrl(ctx, C.int(cmd), C.int(p1), p2, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_MD_CTX_ctrl", uintptr(_err)) -+} -+ -+func EVP_MD_CTX_free(ctx EVP_MD_CTX_PTR) { -+ C._mkcgo_EVP_MD_CTX_free(ctx) -+} -+ -+func EVP_MD_CTX_get_params(ctx EVP_MD_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_MD_CTX_get_params(ctx, params, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_MD_CTX_get_params", uintptr(_err)) -+} -+ -+func EVP_MD_CTX_gettable_params(ctx EVP_MD_CTX_PTR) (OSSL_PARAM_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_MD_CTX_gettable_params(ctx, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_MD_CTX_gettable_params", uintptr(_err)) -+} -+ -+func EVP_MD_CTX_new() (EVP_MD_CTX_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_MD_CTX_new(mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_MD_CTX_new", uintptr(_err)) -+} -+ -+func EVP_MD_CTX_set_params(ctx EVP_MD_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_MD_CTX_set_params(ctx, params, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_MD_CTX_set_params", uintptr(_err)) -+} -+ -+func EVP_MD_CTX_settable_params(ctx EVP_MD_CTX_PTR) (OSSL_PARAM_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_MD_CTX_settable_params(ctx, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_MD_CTX_settable_params", uintptr(_err)) -+} -+ -+func EVP_MD_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_MD_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_MD_fetch(ctx, (*C.char)(unsafe.Pointer(algorithm)), (*C.char)(unsafe.Pointer(properties)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_MD_fetch", uintptr(_err)) -+} -+ -+func EVP_MD_free(md EVP_MD_PTR) { -+ C._mkcgo_EVP_MD_free(md) -+} -+ -+func EVP_MD_get0_name(md EVP_MD_PTR) *byte { -+ return (*byte)(unsafe.Pointer(C._mkcgo_EVP_MD_get0_name(md))) -+} -+ -+func EVP_MD_get0_provider(md EVP_MD_PTR) OSSL_PROVIDER_PTR { -+ return C._mkcgo_EVP_MD_get0_provider(md) -+} -+ -+func EVP_MD_get_block_size(md EVP_MD_PTR) int32 { -+ return int32(C._mkcgo_EVP_MD_get_block_size(md)) -+} -+ -+func EVP_MD_get_size(md EVP_MD_PTR) int32 { -+ return int32(C._mkcgo_EVP_MD_get_size(md)) -+} -+ -+func EVP_MD_get_type(md EVP_MD_PTR) int32 { -+ return int32(C._mkcgo_EVP_MD_get_type(md)) -+} -+ -+func EVP_PKEY_CTX_add1_hkdf_info(arg0 EVP_PKEY_CTX_PTR, arg1 []byte) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_CTX_add1_hkdf_info(arg0, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg1))), C.int(len(arg1)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_add1_hkdf_info", uintptr(_err)) -+} -+ -+func EVP_PKEY_CTX_ctrl(ctx EVP_PKEY_CTX_PTR, keytype int32, optype int32, cmd int32, p1 int32, p2 unsafe.Pointer) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_CTX_ctrl(ctx, C.int(keytype), C.int(optype), C.int(cmd), C.int(p1), p2, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_ctrl", uintptr(_err)) -+} -+ -+func EVP_PKEY_CTX_free(arg0 EVP_PKEY_CTX_PTR) { -+ C._mkcgo_EVP_PKEY_CTX_free(arg0) -+} -+ -+func EVP_PKEY_CTX_new(arg0 EVP_PKEY_PTR, arg1 ENGINE_PTR) (EVP_PKEY_CTX_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_CTX_new(arg0, arg1, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_CTX_new", uintptr(_err)) -+} -+ -+func EVP_PKEY_CTX_new_from_pkey(libctx OSSL_LIB_CTX_PTR, pkey EVP_PKEY_PTR, propquery *byte) (EVP_PKEY_CTX_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_CTX_new_from_pkey(libctx, pkey, (*C.char)(unsafe.Pointer(propquery)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_CTX_new_from_pkey", uintptr(_err)) -+} -+ -+func EVP_PKEY_CTX_new_id(id int32, e ENGINE_PTR) (EVP_PKEY_CTX_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_CTX_new_id(C.int(id), e, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_CTX_new_id", uintptr(_err)) -+} -+ -+func EVP_PKEY_CTX_set0_rsa_oaep_label(ctx EVP_PKEY_CTX_PTR, label []byte) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(label))), C.int(len(label)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_set0_rsa_oaep_label", uintptr(_err)) -+} -+ -+func EVP_PKEY_CTX_set1_hkdf_key(arg0 EVP_PKEY_CTX_PTR, arg1 []byte) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_CTX_set1_hkdf_key(arg0, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg1))), C.int(len(arg1)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_set1_hkdf_key", uintptr(_err)) -+} -+ -+func EVP_PKEY_CTX_set1_hkdf_salt(arg0 EVP_PKEY_CTX_PTR, arg1 []byte) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_CTX_set1_hkdf_salt(arg0, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg1))), C.int(len(arg1)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_set1_hkdf_salt", uintptr(_err)) -+} -+ -+func EVP_PKEY_CTX_set_hkdf_md(arg0 EVP_PKEY_CTX_PTR, arg1 EVP_MD_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_CTX_set_hkdf_md(arg0, arg1, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_set_hkdf_md", uintptr(_err)) -+} -+ -+func EVP_PKEY_CTX_set_hkdf_mode(arg0 EVP_PKEY_CTX_PTR, arg1 int32) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_CTX_set_hkdf_mode(arg0, C.int(arg1), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_set_hkdf_mode", uintptr(_err)) -+} -+ -+func EVP_PKEY_CTX_set_params(ctx EVP_PKEY_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_CTX_set_params(ctx, params, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_set_params", uintptr(_err)) -+} -+ -+func EVP_PKEY_Q_keygen_EC(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte, arg1 *byte) (EVP_PKEY_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_Q_keygen_EC(ctx, (*C.char)(unsafe.Pointer(propq)), (*C.char)(unsafe.Pointer(__type)), (*C.char)(unsafe.Pointer(arg1)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_Q_keygen_EC", uintptr(_err)) -+} -+ -+func EVP_PKEY_Q_keygen_ED25519(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte) (EVP_PKEY_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_Q_keygen_ED25519(ctx, (*C.char)(unsafe.Pointer(propq)), (*C.char)(unsafe.Pointer(__type)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_Q_keygen_ED25519", uintptr(_err)) -+} -+ -+func EVP_PKEY_Q_keygen_MLDSA(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte) (EVP_PKEY_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_Q_keygen_MLDSA(ctx, (*C.char)(unsafe.Pointer(propq)), (*C.char)(unsafe.Pointer(__type)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_Q_keygen_MLDSA", uintptr(_err)) -+} -+ -+func EVP_PKEY_Q_keygen_MLKEM(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte) (EVP_PKEY_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_Q_keygen_MLKEM(ctx, (*C.char)(unsafe.Pointer(propq)), (*C.char)(unsafe.Pointer(__type)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_Q_keygen_MLKEM", uintptr(_err)) -+} -+ -+func EVP_PKEY_Q_keygen_RSA(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte, arg1 int) (EVP_PKEY_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_Q_keygen_RSA(ctx, (*C.char)(unsafe.Pointer(propq)), (*C.char)(unsafe.Pointer(__type)), C.size_t(arg1), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_Q_keygen_RSA", uintptr(_err)) -+} -+ -+func EVP_PKEY_Q_keygen_X25519(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte) (EVP_PKEY_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_Q_keygen_X25519(ctx, (*C.char)(unsafe.Pointer(propq)), (*C.char)(unsafe.Pointer(__type)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_Q_keygen_X25519", uintptr(_err)) -+} -+ -+func EVP_PKEY_assign(pkey EVP_PKEY_PTR, __type int32, key unsafe.Pointer) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_assign(pkey, C.int(__type), key, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_assign", uintptr(_err)) -+} -+ -+func EVP_PKEY_decapsulate(ctx EVP_PKEY_CTX_PTR, genkey *byte, genkeylen *int, wrappedkey *byte, wrappedkeylen int) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_decapsulate(ctx, (*C.uchar)(unsafe.Pointer(genkey)), (*C.size_t)(unsafe.Pointer(genkeylen)), (*C.uchar)(unsafe.Pointer(wrappedkey)), C.size_t(wrappedkeylen), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_decapsulate", uintptr(_err)) -+} -+ -+func EVP_PKEY_decapsulate_init(ctx EVP_PKEY_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_decapsulate_init(ctx, params, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_decapsulate_init", uintptr(_err)) -+} -+ -+func EVP_PKEY_decrypt(arg0 EVP_PKEY_CTX_PTR, arg1 []byte, arg2 *int, arg3 []byte) (int32, error) { -+ if arg2 != nil && int(*arg2) > len(arg1) { -+ panic("EVP_PKEY_decrypt: *arg2 exceeds len(arg1)") -+ } -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_decrypt(arg0, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg1))), (*C.size_t)(unsafe.Pointer(arg2)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg3))), C.size_t(len(arg3)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_decrypt", uintptr(_err)) -+} -+ -+func EVP_PKEY_decrypt_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_decrypt_init(arg0, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_decrypt_init", uintptr(_err)) -+} -+ -+func EVP_PKEY_derive(ctx EVP_PKEY_CTX_PTR, key []byte, keylen *int) (int32, error) { -+ if keylen != nil && int(*keylen) > len(key) { -+ panic("EVP_PKEY_derive: *keylen exceeds len(key)") -+ } -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_derive(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(key))), (*C.size_t)(unsafe.Pointer(keylen)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_derive", uintptr(_err)) -+} -+ -+func EVP_PKEY_derive_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_derive_init(ctx, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_derive_init", uintptr(_err)) -+} -+ -+func EVP_PKEY_derive_set_peer(ctx EVP_PKEY_CTX_PTR, peer EVP_PKEY_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_derive_set_peer(ctx, peer, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_derive_set_peer", uintptr(_err)) -+} -+ -+func EVP_PKEY_encapsulate(ctx EVP_PKEY_CTX_PTR, wrappedkey *byte, wrappedkeylen *int, genkey *byte, genkeylen *int) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_encapsulate(ctx, (*C.uchar)(unsafe.Pointer(wrappedkey)), (*C.size_t)(unsafe.Pointer(wrappedkeylen)), (*C.uchar)(unsafe.Pointer(genkey)), (*C.size_t)(unsafe.Pointer(genkeylen)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_encapsulate", uintptr(_err)) -+} -+ -+func EVP_PKEY_encapsulate_init(ctx EVP_PKEY_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_encapsulate_init(ctx, params, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_encapsulate_init", uintptr(_err)) -+} -+ -+func EVP_PKEY_encrypt(arg0 EVP_PKEY_CTX_PTR, arg1 []byte, arg2 *int, arg3 []byte) (int32, error) { -+ if arg2 != nil && int(*arg2) > len(arg1) { -+ panic("EVP_PKEY_encrypt: *arg2 exceeds len(arg1)") -+ } -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_encrypt(arg0, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg1))), (*C.size_t)(unsafe.Pointer(arg2)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg3))), C.size_t(len(arg3)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_encrypt", uintptr(_err)) -+} -+ -+func EVP_PKEY_encrypt_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_encrypt_init(arg0, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_encrypt_init", uintptr(_err)) -+} -+ -+func EVP_PKEY_free(arg0 EVP_PKEY_PTR) { -+ C._mkcgo_EVP_PKEY_free(arg0) -+} -+ -+func EVP_PKEY_fromdata(ctx EVP_PKEY_CTX_PTR, pkey *EVP_PKEY_PTR, selection int32, params OSSL_PARAM_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_fromdata(ctx, pkey, C.int(selection), params, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_fromdata", uintptr(_err)) -+} -+ -+func EVP_PKEY_fromdata_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_fromdata_init(ctx, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_fromdata_init", uintptr(_err)) -+} -+ -+func EVP_PKEY_get0_DSA(pkey EVP_PKEY_PTR) (DSA_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_get0_DSA(pkey, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_get0_DSA", uintptr(_err)) -+} -+ -+func EVP_PKEY_get0_EC_KEY(pkey EVP_PKEY_PTR) (EC_KEY_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_get0_EC_KEY(pkey, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_get0_EC_KEY", uintptr(_err)) -+} -+ -+func EVP_PKEY_get1_RSA(pkey EVP_PKEY_PTR) (RSA_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_get1_RSA(pkey, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_get1_RSA", uintptr(_err)) -+} -+ -+func EVP_PKEY_get1_encoded_public_key(pkey EVP_PKEY_PTR, ppub **byte) (int, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_get1_encoded_public_key(pkey, (**C.uchar)(unsafe.Pointer(ppub)), mkcgoNoEscape(&_err)) -+ return int(_ret), newMkcgoErr("EVP_PKEY_get1_encoded_public_key", uintptr(_err)) -+} -+ -+func EVP_PKEY_get_bits(pkey EVP_PKEY_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_get_bits(pkey, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_get_bits", uintptr(_err)) -+} -+ -+func EVP_PKEY_get_bn_param(pkey EVP_PKEY_PTR, key_name *byte, bn *BIGNUM_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_get_bn_param(pkey, (*C.char)(unsafe.Pointer(key_name)), bn, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_get_bn_param", uintptr(_err)) -+} -+ -+func EVP_PKEY_get_octet_string_param(pkey EVP_PKEY_PTR, key_name *byte, buf []byte, out_len *int) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_get_octet_string_param(pkey, (*C.char)(unsafe.Pointer(key_name)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(buf))), C.size_t(len(buf)), (*C.size_t)(unsafe.Pointer(out_len)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_get_octet_string_param", uintptr(_err)) -+} -+ -+func EVP_PKEY_get_raw_private_key(pkey EVP_PKEY_PTR, priv []byte, privlen *int) (int32, error) { -+ if privlen != nil && int(*privlen) > len(priv) { -+ panic("EVP_PKEY_get_raw_private_key: *privlen exceeds len(priv)") -+ } -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_get_raw_private_key(pkey, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(priv))), (*C.size_t)(unsafe.Pointer(privlen)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_get_raw_private_key", uintptr(_err)) -+} -+ -+func EVP_PKEY_get_raw_public_key(pkey EVP_PKEY_PTR, pub []byte, publen *int) (int32, error) { -+ if publen != nil && int(*publen) > len(pub) { -+ panic("EVP_PKEY_get_raw_public_key: *publen exceeds len(pub)") -+ } -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_get_raw_public_key(pkey, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(pub))), (*C.size_t)(unsafe.Pointer(publen)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_get_raw_public_key", uintptr(_err)) -+} -+ -+func EVP_PKEY_get_size(pkey EVP_PKEY_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_get_size(pkey, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_get_size", uintptr(_err)) -+} -+ -+func EVP_PKEY_keygen(ctx EVP_PKEY_CTX_PTR, ppkey *EVP_PKEY_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_keygen(ctx, ppkey, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_keygen", uintptr(_err)) -+} -+ -+func EVP_PKEY_keygen_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_keygen_init(ctx, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_keygen_init", uintptr(_err)) -+} -+ -+func EVP_PKEY_new() (EVP_PKEY_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_new(mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_new", uintptr(_err)) -+} -+ -+func EVP_PKEY_new_raw_private_key(__type int32, e ENGINE_PTR, key []byte) (EVP_PKEY_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_new_raw_private_key(C.int(__type), e, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(key))), C.size_t(len(key)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_new_raw_private_key", uintptr(_err)) -+} -+ -+func EVP_PKEY_new_raw_public_key(__type int32, e ENGINE_PTR, key []byte) (EVP_PKEY_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_new_raw_public_key(C.int(__type), e, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(key))), C.size_t(len(key)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_PKEY_new_raw_public_key", uintptr(_err)) -+} -+ -+func EVP_PKEY_paramgen(ctx EVP_PKEY_CTX_PTR, ppkey *EVP_PKEY_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_paramgen(ctx, ppkey, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_paramgen", uintptr(_err)) -+} -+ -+func EVP_PKEY_paramgen_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_paramgen_init(ctx, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_paramgen_init", uintptr(_err)) -+} -+ -+func EVP_PKEY_private_check(ctx EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_private_check(ctx, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_private_check", uintptr(_err)) -+} -+ -+func EVP_PKEY_public_check_quick(ctx EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_public_check_quick(ctx, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_public_check_quick", uintptr(_err)) -+} -+ -+func EVP_PKEY_set1_EC_KEY(pkey EVP_PKEY_PTR, key EC_KEY_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_set1_EC_KEY(pkey, key, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_set1_EC_KEY", uintptr(_err)) -+} -+ -+func EVP_PKEY_set1_encoded_public_key(pkey EVP_PKEY_PTR, pub []byte) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_set1_encoded_public_key(pkey, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(pub))), C.size_t(len(pub)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_set1_encoded_public_key", uintptr(_err)) -+} -+ -+func EVP_PKEY_sign(arg0 EVP_PKEY_CTX_PTR, arg1 []byte, arg2 *int, arg3 []byte) (int32, error) { -+ if arg2 != nil && int(*arg2) > len(arg1) { -+ panic("EVP_PKEY_sign: *arg2 exceeds len(arg1)") -+ } -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_sign(arg0, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg1))), (*C.size_t)(unsafe.Pointer(arg2)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg3))), C.size_t(len(arg3)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_sign", uintptr(_err)) -+} -+ -+func EVP_PKEY_sign_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_sign_init(arg0, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_sign_init", uintptr(_err)) -+} -+ -+func EVP_PKEY_up_ref(key EVP_PKEY_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_up_ref(key, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_up_ref", uintptr(_err)) -+} -+ -+func EVP_PKEY_verify(ctx EVP_PKEY_CTX_PTR, sig []byte, tbs []byte) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_verify(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(sig))), C.size_t(len(sig)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(tbs))), C.size_t(len(tbs)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_verify", uintptr(_err)) -+} -+ -+func EVP_PKEY_verify_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_PKEY_verify_init(arg0, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_PKEY_verify_init", uintptr(_err)) -+} -+ -+func EVP_SIGNATURE_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_SIGNATURE_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_SIGNATURE_fetch(ctx, (*C.char)(unsafe.Pointer(algorithm)), (*C.char)(unsafe.Pointer(properties)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("EVP_SIGNATURE_fetch", uintptr(_err)) -+} -+ -+func EVP_SIGNATURE_free(signature EVP_SIGNATURE_PTR) { -+ C._mkcgo_EVP_SIGNATURE_free(signature) -+} -+ -+func EVP_aes_128_cbc() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_128_cbc() -+} -+ -+func EVP_aes_128_ctr() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_128_ctr() -+} -+ -+func EVP_aes_128_ecb() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_128_ecb() -+} -+ -+func EVP_aes_128_gcm() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_128_gcm() -+} -+ -+func EVP_aes_192_cbc() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_192_cbc() -+} -+ -+func EVP_aes_192_ctr() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_192_ctr() -+} -+ -+func EVP_aes_192_ecb() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_192_ecb() -+} -+ -+func EVP_aes_192_gcm() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_192_gcm() -+} -+ -+func EVP_aes_256_cbc() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_256_cbc() -+} -+ -+func EVP_aes_256_ctr() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_256_ctr() -+} -+ -+func EVP_aes_256_ecb() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_256_ecb() -+} -+ -+func EVP_aes_256_gcm() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_aes_256_gcm() -+} -+ -+func EVP_chacha20_poly1305_Available() bool { -+ return C._mkcgo_available_EVP_chacha20_poly1305() != 0 -+} -+ -+func EVP_chacha20_poly1305() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_chacha20_poly1305() -+} -+ -+func EVP_default_properties_enable_fips(libctx OSSL_LIB_CTX_PTR, enable int32) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_EVP_default_properties_enable_fips(libctx, C.int(enable), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("EVP_default_properties_enable_fips", uintptr(_err)) -+} -+ -+func EVP_default_properties_is_fips_enabled(libctx OSSL_LIB_CTX_PTR) int32 { -+ return int32(C._mkcgo_EVP_default_properties_is_fips_enabled(libctx)) -+} -+ -+func EVP_des_cbc() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_des_cbc() -+} -+ -+func EVP_des_ecb() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_des_ecb() -+} -+ -+func EVP_des_ede3_cbc() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_des_ede3_cbc() -+} -+ -+func EVP_des_ede3_ecb() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_des_ede3_ecb() -+} -+ -+func EVP_md4() EVP_MD_PTR { -+ return C._mkcgo_EVP_md4() -+} -+ -+func EVP_md5() EVP_MD_PTR { -+ return C._mkcgo_EVP_md5() -+} -+ -+func EVP_md5_sha1() EVP_MD_PTR { -+ return C._mkcgo_EVP_md5_sha1() -+} -+ -+func EVP_rc4() EVP_CIPHER_PTR { -+ return C._mkcgo_EVP_rc4() -+} -+ -+func EVP_ripemd160() EVP_MD_PTR { -+ return C._mkcgo_EVP_ripemd160() -+} -+ -+func EVP_sha1() EVP_MD_PTR { -+ return C._mkcgo_EVP_sha1() -+} -+ -+func EVP_sha224() EVP_MD_PTR { -+ return C._mkcgo_EVP_sha224() -+} -+ -+func EVP_sha256() EVP_MD_PTR { -+ return C._mkcgo_EVP_sha256() -+} -+ -+func EVP_sha384() EVP_MD_PTR { -+ return C._mkcgo_EVP_sha384() -+} -+ -+func EVP_sha3_224() EVP_MD_PTR { -+ return C._mkcgo_EVP_sha3_224() -+} -+ -+func EVP_sha3_256() EVP_MD_PTR { -+ return C._mkcgo_EVP_sha3_256() -+} -+ -+func EVP_sha3_384() EVP_MD_PTR { -+ return C._mkcgo_EVP_sha3_384() -+} -+ -+func EVP_sha3_512() EVP_MD_PTR { -+ return C._mkcgo_EVP_sha3_512() -+} -+ -+func EVP_sha512() EVP_MD_PTR { -+ return C._mkcgo_EVP_sha512() -+} -+ -+func EVP_sha512_224() EVP_MD_PTR { -+ return C._mkcgo_EVP_sha512_224() -+} -+ -+func EVP_sha512_256() EVP_MD_PTR { -+ return C._mkcgo_EVP_sha512_256() -+} -+ -+func FIPS_mode() int32 { -+ return int32(C._mkcgo_FIPS_mode()) -+} -+ -+func FIPS_mode_set(r int32) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_FIPS_mode_set(C.int(r), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("FIPS_mode_set", uintptr(_err)) -+} -+ -+func HMAC_CTX_copy(dest HMAC_CTX_PTR, src HMAC_CTX_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_HMAC_CTX_copy(dest, src, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("HMAC_CTX_copy", uintptr(_err)) -+} -+ -+func HMAC_CTX_free(arg0 HMAC_CTX_PTR) { -+ C._mkcgo_HMAC_CTX_free(arg0) -+} -+ -+func HMAC_CTX_new() (HMAC_CTX_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_HMAC_CTX_new(mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("HMAC_CTX_new", uintptr(_err)) -+} -+ -+func HMAC_Final(arg0 HMAC_CTX_PTR, arg1 []byte, arg2 *uint32) (int32, error) { -+ if arg2 != nil && int(*arg2) > len(arg1) { -+ panic("HMAC_Final: *arg2 exceeds len(arg1)") -+ } -+ var _err C.uintptr_t -+ _ret := C._mkcgo_HMAC_Final(arg0, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg1))), (*C.uint)(unsafe.Pointer(arg2)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("HMAC_Final", uintptr(_err)) -+} -+ -+func HMAC_Init_ex(arg0 HMAC_CTX_PTR, arg1 []byte, arg3 EVP_MD_PTR, arg4 ENGINE_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_HMAC_Init_ex(arg0, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg1))), C.int(len(arg1)), arg3, arg4, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("HMAC_Init_ex", uintptr(_err)) -+} -+ -+func HMAC_Update(arg0 HMAC_CTX_PTR, arg1 []byte) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_HMAC_Update(arg0, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(arg1))), C.size_t(len(arg1)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("HMAC_Update", uintptr(_err)) -+} -+ -+func OBJ_nid2sn(n int32) *byte { -+ return (*byte)(unsafe.Pointer(C._mkcgo_OBJ_nid2sn(C.int(n)))) -+} -+ -+func OPENSSL_init() { -+ C._mkcgo_OPENSSL_init() -+} -+ -+func OPENSSL_init_crypto(ops uint64, settings OPENSSL_INIT_SETTINGS_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_OPENSSL_init_crypto(C.uint64_t(ops), settings, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("OPENSSL_init_crypto", uintptr(_err)) -+} -+ -+func OPENSSL_version_major_Available() bool { -+ return C._mkcgo_available_OPENSSL_version_major() != 0 -+} -+ -+func OPENSSL_version_major() uint32 { -+ return uint32(C._mkcgo_OPENSSL_version_major()) -+} -+ -+func OPENSSL_version_minor_Available() bool { -+ return C._mkcgo_available_OPENSSL_version_minor() != 0 -+} -+ -+func OPENSSL_version_minor() uint32 { -+ return uint32(C._mkcgo_OPENSSL_version_minor()) -+} -+ -+func OPENSSL_version_patch_Available() bool { -+ return C._mkcgo_available_OPENSSL_version_patch() != 0 -+} -+ -+func OPENSSL_version_patch() uint32 { -+ return uint32(C._mkcgo_OPENSSL_version_patch()) -+} -+ -+func OSSL_PARAM_BLD_free(bld OSSL_PARAM_BLD_PTR) { -+ C._mkcgo_OSSL_PARAM_BLD_free(bld) -+} -+ -+func OSSL_PARAM_BLD_new() OSSL_PARAM_BLD_PTR { -+ return C._mkcgo_OSSL_PARAM_BLD_new() -+} -+ -+func OSSL_PARAM_BLD_push_BN(bld OSSL_PARAM_BLD_PTR, key *byte, bn BIGNUM_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_OSSL_PARAM_BLD_push_BN(bld, (*C.char)(unsafe.Pointer(key)), bn, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("OSSL_PARAM_BLD_push_BN", uintptr(_err)) -+} -+ -+func OSSL_PARAM_BLD_push_int32(bld OSSL_PARAM_BLD_PTR, key *byte, num int32) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_OSSL_PARAM_BLD_push_int32(bld, (*C.char)(unsafe.Pointer(key)), C.int32_t(num), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("OSSL_PARAM_BLD_push_int32", uintptr(_err)) -+} -+ -+func OSSL_PARAM_BLD_push_octet_string(bld OSSL_PARAM_BLD_PTR, key *byte, buf []byte) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_OSSL_PARAM_BLD_push_octet_string(bld, (*C.char)(unsafe.Pointer(key)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(buf))), C.size_t(len(buf)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("OSSL_PARAM_BLD_push_octet_string", uintptr(_err)) -+} -+ -+func OSSL_PARAM_BLD_push_utf8_string(bld OSSL_PARAM_BLD_PTR, key *byte, buf []byte) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_OSSL_PARAM_BLD_push_utf8_string(bld, (*C.char)(unsafe.Pointer(key)), (*C.char)(unsafe.Pointer(unsafe.SliceData(buf))), C.size_t(len(buf)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("OSSL_PARAM_BLD_push_utf8_string", uintptr(_err)) -+} -+ -+func OSSL_PARAM_BLD_to_param(bld OSSL_PARAM_BLD_PTR) (OSSL_PARAM_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_OSSL_PARAM_BLD_to_param(bld, mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("OSSL_PARAM_BLD_to_param", uintptr(_err)) -+} -+ -+func OSSL_PARAM_free(p OSSL_PARAM_PTR) { -+ C._mkcgo_OSSL_PARAM_free(p) -+} -+ -+func OSSL_PARAM_locate_const(p OSSL_PARAM_PTR, key *byte) (OSSL_PARAM_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_OSSL_PARAM_locate_const(p, (*C.char)(unsafe.Pointer(key)), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("OSSL_PARAM_locate_const", uintptr(_err)) -+} -+ -+func OSSL_PROVIDER_available(libctx OSSL_LIB_CTX_PTR, name *byte) int32 { -+ return int32(C._mkcgo_OSSL_PROVIDER_available(libctx, (*C.char)(unsafe.Pointer(name)))) -+} -+ -+func OSSL_PROVIDER_get0_name(prov OSSL_PROVIDER_PTR) *byte { -+ return (*byte)(unsafe.Pointer(C._mkcgo_OSSL_PROVIDER_get0_name(prov))) -+} -+ -+func OSSL_PROVIDER_try_load(libctx OSSL_LIB_CTX_PTR, name *byte, retain_fallbacks int32) (OSSL_PROVIDER_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_OSSL_PROVIDER_try_load(libctx, (*C.char)(unsafe.Pointer(name)), C.int(retain_fallbacks), mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("OSSL_PROVIDER_try_load", uintptr(_err)) -+} -+ -+func OpenSSL_version(__type int32) *byte { -+ return (*byte)(unsafe.Pointer(C._mkcgo_OpenSSL_version(C.int(__type)))) ++void __mkcgo_load_(void* handle) { ++ __mkcgo__dlsym(BN_bin2bn) ++ __mkcgo__dlsym(BN_bn2binpad) ++ __mkcgo__dlsym(BN_bn2lebinpad) ++ __mkcgo__dlsym(BN_clear) ++ __mkcgo__dlsym(BN_clear_free) ++ __mkcgo__dlsym(BN_free) ++ __mkcgo__dlsym(BN_lebin2bn) ++ __mkcgo__dlsym(BN_new) ++ __mkcgo__dlsym(BN_num_bits) ++ __mkcgo__dlsym(CRYPTO_free) ++ __mkcgo__dlsym(CRYPTO_malloc) ++ __mkcgo__dlsym(EC_GROUP_free) ++ __mkcgo__dlsym(EC_GROUP_new_by_curve_name) ++ __mkcgo__dlsym(EC_POINT_free) ++ __mkcgo__dlsym(EC_POINT_mul) ++ __mkcgo__dlsym(EC_POINT_new) ++ __mkcgo__dlsym(EC_POINT_oct2point) ++ __mkcgo__dlsym(EC_POINT_point2oct) ++ __mkcgo__dlsym(ERR_clear_error) ++ __mkcgo__dlsym(ERR_error_string_n) ++ __mkcgo__dlsym(EVP_CIPHER_CTX_ctrl) ++ __mkcgo__dlsym(EVP_CIPHER_CTX_free) ++ __mkcgo__dlsym(EVP_CIPHER_CTX_new) ++ __mkcgo__dlsym(EVP_CIPHER_CTX_set_key_length) ++ __mkcgo__dlsym(EVP_CIPHER_CTX_set_padding) ++ __mkcgo__dlsym(EVP_CipherInit_ex) ++ __mkcgo__dlsym(EVP_CipherUpdate) ++ __mkcgo__dlsym(EVP_DecryptFinal_ex) ++ __mkcgo__dlsym(EVP_DecryptInit_ex) ++ __mkcgo__dlsym(EVP_DecryptUpdate) ++ __mkcgo__dlsym(EVP_Digest) ++ __mkcgo__dlsym(EVP_DigestFinal_ex) ++ __mkcgo__dlsym(EVP_DigestInit) ++ __mkcgo__dlsym(EVP_DigestInit_ex) ++ __mkcgo__dlsym(EVP_DigestSignFinal) ++ __mkcgo__dlsym(EVP_DigestSignInit) ++ __mkcgo__dlsym(EVP_DigestUpdate) ++ __mkcgo__dlsym(EVP_DigestVerifyFinal) ++ __mkcgo__dlsym(EVP_DigestVerifyInit) ++ __mkcgo__dlsym(EVP_EncryptFinal_ex) ++ __mkcgo__dlsym(EVP_EncryptInit_ex) ++ __mkcgo__dlsym(EVP_EncryptUpdate) ++ __mkcgo__dlsym(EVP_MD_CTX_copy) ++ __mkcgo__dlsym(EVP_MD_CTX_copy_ex) ++ __mkcgo__dlsym(EVP_MD_CTX_free) ++ __mkcgo__dlsym(EVP_MD_CTX_new) ++ __mkcgo__dlsym(EVP_PKEY_CTX_ctrl) ++ __mkcgo__dlsym(EVP_PKEY_CTX_free) ++ __mkcgo__dlsym(EVP_PKEY_CTX_new) ++ __mkcgo__dlsym(EVP_PKEY_CTX_new_id) ++ __mkcgo__dlsym(EVP_PKEY_decrypt) ++ __mkcgo__dlsym(EVP_PKEY_decrypt_init) ++ __mkcgo__dlsym(EVP_PKEY_derive) ++ __mkcgo__dlsym(EVP_PKEY_derive_init) ++ __mkcgo__dlsym(EVP_PKEY_derive_set_peer) ++ __mkcgo__dlsym(EVP_PKEY_encrypt) ++ __mkcgo__dlsym(EVP_PKEY_encrypt_init) ++ __mkcgo__dlsym(EVP_PKEY_free) ++ __mkcgo__dlsym(EVP_PKEY_keygen) ++ __mkcgo__dlsym(EVP_PKEY_keygen_init) ++ __mkcgo__dlsym(EVP_PKEY_new) ++ __mkcgo__dlsym(EVP_PKEY_paramgen) ++ __mkcgo__dlsym(EVP_PKEY_paramgen_init) ++ __mkcgo__dlsym(EVP_PKEY_sign) ++ __mkcgo__dlsym(EVP_PKEY_sign_init) ++ __mkcgo__dlsym(EVP_PKEY_verify) ++ __mkcgo__dlsym(EVP_PKEY_verify_init) ++ __mkcgo__dlsym(EVP_aes_128_cbc) ++ __mkcgo__dlsym(EVP_aes_128_ctr) ++ __mkcgo__dlsym(EVP_aes_128_ecb) ++ __mkcgo__dlsym(EVP_aes_128_gcm) ++ __mkcgo__dlsym(EVP_aes_192_cbc) ++ __mkcgo__dlsym(EVP_aes_192_ctr) ++ __mkcgo__dlsym(EVP_aes_192_ecb) ++ __mkcgo__dlsym(EVP_aes_192_gcm) ++ __mkcgo__dlsym(EVP_aes_256_cbc) ++ __mkcgo__dlsym(EVP_aes_256_ctr) ++ __mkcgo__dlsym(EVP_aes_256_ecb) ++ __mkcgo__dlsym(EVP_aes_256_gcm) ++ __mkcgo__dlsym(EVP_des_cbc) ++ __mkcgo__dlsym(EVP_des_ecb) ++ __mkcgo__dlsym(EVP_des_ede3_cbc) ++ __mkcgo__dlsym(EVP_des_ede3_ecb) ++ __mkcgo__dlsym(EVP_md4) ++ __mkcgo__dlsym(EVP_md5) ++ __mkcgo__dlsym(EVP_md5_sha1) ++ __mkcgo__dlsym(EVP_rc4) ++ __mkcgo__dlsym(EVP_ripemd160) ++ __mkcgo__dlsym(EVP_sha1) ++ __mkcgo__dlsym(EVP_sha224) ++ __mkcgo__dlsym(EVP_sha256) ++ __mkcgo__dlsym(EVP_sha384) ++ __mkcgo__dlsym(EVP_sha512) ++ __mkcgo__dlsym(OBJ_nid2sn) ++ __mkcgo__dlsym(OPENSSL_init) ++ __mkcgo__dlsym(OPENSSL_init_crypto) ++ __mkcgo__dlsym(OpenSSL_version) ++ __mkcgo__dlsym(PKCS5_PBKDF2_HMAC) ++ __mkcgo__dlsym(RAND_bytes) +} + -+func OpenSSL_version_num_Available() bool { -+ return C._mkcgo_available_OpenSSL_version_num() != 0 ++void __mkcgo_unload_() { ++ _g_BN_bin2bn = NULL; ++ _g_BN_bn2binpad = NULL; ++ _g_BN_bn2lebinpad = NULL; ++ _g_BN_clear = NULL; ++ _g_BN_clear_free = NULL; ++ _g_BN_free = NULL; ++ _g_BN_lebin2bn = NULL; ++ _g_BN_new = NULL; ++ _g_BN_num_bits = NULL; ++ _g_CRYPTO_free = NULL; ++ _g_CRYPTO_malloc = NULL; ++ _g_EC_GROUP_free = NULL; ++ _g_EC_GROUP_new_by_curve_name = NULL; ++ _g_EC_POINT_free = NULL; ++ _g_EC_POINT_mul = NULL; ++ _g_EC_POINT_new = NULL; ++ _g_EC_POINT_oct2point = NULL; ++ _g_EC_POINT_point2oct = NULL; ++ _g_ERR_clear_error = NULL; ++ _g_ERR_error_string_n = NULL; ++ _g_EVP_CIPHER_CTX_ctrl = NULL; ++ _g_EVP_CIPHER_CTX_free = NULL; ++ _g_EVP_CIPHER_CTX_new = NULL; ++ _g_EVP_CIPHER_CTX_set_key_length = NULL; ++ _g_EVP_CIPHER_CTX_set_padding = NULL; ++ _g_EVP_CipherInit_ex = NULL; ++ _g_EVP_CipherUpdate = NULL; ++ _g_EVP_DecryptFinal_ex = NULL; ++ _g_EVP_DecryptInit_ex = NULL; ++ _g_EVP_DecryptUpdate = NULL; ++ _g_EVP_Digest = NULL; ++ _g_EVP_DigestFinal_ex = NULL; ++ _g_EVP_DigestInit = NULL; ++ _g_EVP_DigestInit_ex = NULL; ++ _g_EVP_DigestSignFinal = NULL; ++ _g_EVP_DigestSignInit = NULL; ++ _g_EVP_DigestUpdate = NULL; ++ _g_EVP_DigestVerifyFinal = NULL; ++ _g_EVP_DigestVerifyInit = NULL; ++ _g_EVP_EncryptFinal_ex = NULL; ++ _g_EVP_EncryptInit_ex = NULL; ++ _g_EVP_EncryptUpdate = NULL; ++ _g_EVP_MD_CTX_copy = NULL; ++ _g_EVP_MD_CTX_copy_ex = NULL; ++ _g_EVP_MD_CTX_free = NULL; ++ _g_EVP_MD_CTX_new = NULL; ++ _g_EVP_PKEY_CTX_ctrl = NULL; ++ _g_EVP_PKEY_CTX_free = NULL; ++ _g_EVP_PKEY_CTX_new = NULL; ++ _g_EVP_PKEY_CTX_new_id = NULL; ++ _g_EVP_PKEY_decrypt = NULL; ++ _g_EVP_PKEY_decrypt_init = NULL; ++ _g_EVP_PKEY_derive = NULL; ++ _g_EVP_PKEY_derive_init = NULL; ++ _g_EVP_PKEY_derive_set_peer = NULL; ++ _g_EVP_PKEY_encrypt = NULL; ++ _g_EVP_PKEY_encrypt_init = NULL; ++ _g_EVP_PKEY_free = NULL; ++ _g_EVP_PKEY_keygen = NULL; ++ _g_EVP_PKEY_keygen_init = NULL; ++ _g_EVP_PKEY_new = NULL; ++ _g_EVP_PKEY_paramgen = NULL; ++ _g_EVP_PKEY_paramgen_init = NULL; ++ _g_EVP_PKEY_sign = NULL; ++ _g_EVP_PKEY_sign_init = NULL; ++ _g_EVP_PKEY_verify = NULL; ++ _g_EVP_PKEY_verify_init = NULL; ++ _g_EVP_aes_128_cbc = NULL; ++ _g_EVP_aes_128_ctr = NULL; ++ _g_EVP_aes_128_ecb = NULL; ++ _g_EVP_aes_128_gcm = NULL; ++ _g_EVP_aes_192_cbc = NULL; ++ _g_EVP_aes_192_ctr = NULL; ++ _g_EVP_aes_192_ecb = NULL; ++ _g_EVP_aes_192_gcm = NULL; ++ _g_EVP_aes_256_cbc = NULL; ++ _g_EVP_aes_256_ctr = NULL; ++ _g_EVP_aes_256_ecb = NULL; ++ _g_EVP_aes_256_gcm = NULL; ++ _g_EVP_des_cbc = NULL; ++ _g_EVP_des_ecb = NULL; ++ _g_EVP_des_ede3_cbc = NULL; ++ _g_EVP_des_ede3_ecb = NULL; ++ _g_EVP_md4 = NULL; ++ _g_EVP_md5 = NULL; ++ _g_EVP_md5_sha1 = NULL; ++ _g_EVP_rc4 = NULL; ++ _g_EVP_ripemd160 = NULL; ++ _g_EVP_sha1 = NULL; ++ _g_EVP_sha224 = NULL; ++ _g_EVP_sha256 = NULL; ++ _g_EVP_sha384 = NULL; ++ _g_EVP_sha512 = NULL; ++ _g_OBJ_nid2sn = NULL; ++ _g_OPENSSL_init = NULL; ++ _g_OPENSSL_init_crypto = NULL; ++ _g_OpenSSL_version = NULL; ++ _g_PKCS5_PBKDF2_HMAC = NULL; ++ _g_RAND_bytes = NULL; +} + -+func OpenSSL_version_num() uint64 { -+ return uint64(C._mkcgo_OpenSSL_version_num()) ++void __mkcgo_load_111(void* handle) { ++ __mkcgo__dlsym(EVP_DigestSign) ++ __mkcgo__dlsym(EVP_DigestVerify) ++ __mkcgo__dlsym(EVP_PKEY_get_raw_private_key) ++ __mkcgo__dlsym(EVP_PKEY_get_raw_public_key) ++ __mkcgo__dlsym(EVP_PKEY_new_raw_private_key) ++ __mkcgo__dlsym(EVP_PKEY_new_raw_public_key) ++ __mkcgo__dlsym(EVP_sha3_224) ++ __mkcgo__dlsym(EVP_sha3_256) ++ __mkcgo__dlsym(EVP_sha3_384) ++ __mkcgo__dlsym(EVP_sha3_512) ++ __mkcgo__dlsym(EVP_sha512_224) ++ __mkcgo__dlsym(EVP_sha512_256) +} + -+func PKCS5_PBKDF2_HMAC(pass []byte, salt []byte, iter int32, digest EVP_MD_PTR, out []byte) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_PKCS5_PBKDF2_HMAC((*C.char)(unsafe.Pointer(unsafe.SliceData(pass))), C.int(len(pass)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(salt))), C.int(len(salt)), C.int(iter), digest, C.int(len(out)), (*C.uchar)(unsafe.Pointer(unsafe.SliceData(out))), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("PKCS5_PBKDF2_HMAC", uintptr(_err)) ++void __mkcgo_unload_111() { ++ _g_EVP_DigestSign = NULL; ++ _g_EVP_DigestVerify = NULL; ++ _g_EVP_PKEY_get_raw_private_key = NULL; ++ _g_EVP_PKEY_get_raw_public_key = NULL; ++ _g_EVP_PKEY_new_raw_private_key = NULL; ++ _g_EVP_PKEY_new_raw_public_key = NULL; ++ _g_EVP_sha3_224 = NULL; ++ _g_EVP_sha3_256 = NULL; ++ _g_EVP_sha3_384 = NULL; ++ _g_EVP_sha3_512 = NULL; ++ _g_EVP_sha512_224 = NULL; ++ _g_EVP_sha512_256 = NULL; +} + -+func RAND_bytes(buf []byte) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_RAND_bytes((*C.uchar)(unsafe.Pointer(unsafe.SliceData(buf))), C.int(len(buf)), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("RAND_bytes", uintptr(_err)) ++void __mkcgo_load_3(void* handle) { ++ __mkcgo__dlsym(EC_POINT_set_affine_coordinates) ++ __mkcgo__dlsym(ERR_get_error_all) ++ __mkcgo__dlsym(EVP_CIPHER_fetch) ++ __mkcgo__dlsym(EVP_CIPHER_get0_name) ++ __mkcgo__dlsym(EVP_CIPHER_get_block_size) ++ __mkcgo__dlsym(EVP_KDF_CTX_free) ++ __mkcgo__dlsym(EVP_KDF_CTX_get_kdf_size) ++ __mkcgo__dlsym(EVP_KDF_CTX_new) ++ __mkcgo__dlsym(EVP_KDF_CTX_set_params) ++ __mkcgo__dlsym(EVP_KDF_derive) ++ __mkcgo__dlsym(EVP_KDF_fetch) ++ __mkcgo__dlsym(EVP_KDF_free) ++ __mkcgo__dlsym(EVP_MAC_CTX_dup) ++ __mkcgo__dlsym(EVP_MAC_CTX_free) ++ __mkcgo__dlsym(EVP_MAC_CTX_new) ++ __mkcgo__dlsym(EVP_MAC_CTX_set_params) ++ __mkcgo__dlsym(EVP_MAC_fetch) ++ __mkcgo__dlsym(EVP_MAC_final) ++ __mkcgo__dlsym(EVP_MAC_init) ++ __mkcgo__dlsym(EVP_MAC_update) ++ __mkcgo__dlsym(EVP_MD_CTX_get_params) ++ __mkcgo__dlsym(EVP_MD_CTX_gettable_params) ++ __mkcgo__dlsym(EVP_MD_CTX_set_params) ++ __mkcgo__dlsym(EVP_MD_CTX_settable_params) ++ __mkcgo__dlsym(EVP_MD_fetch) ++ __mkcgo__dlsym(EVP_MD_free) ++ __mkcgo__dlsym(EVP_MD_get0_name) ++ __mkcgo__dlsym(EVP_MD_get0_provider) ++ __mkcgo__dlsym(EVP_MD_get_block_size) ++ __mkcgo__dlsym(EVP_MD_get_size) ++ __mkcgo__dlsym(EVP_MD_get_type) ++ __mkcgo__dlsym(EVP_PKEY_CTX_add1_hkdf_info) ++ __mkcgo__dlsym(EVP_PKEY_CTX_new_from_pkey) ++ __mkcgo__dlsym(EVP_PKEY_CTX_set0_rsa_oaep_label) ++ __mkcgo__dlsym(EVP_PKEY_CTX_set1_hkdf_key) ++ __mkcgo__dlsym(EVP_PKEY_CTX_set1_hkdf_salt) ++ __mkcgo__dlsym(EVP_PKEY_CTX_set_hkdf_md) ++ __mkcgo__dlsym(EVP_PKEY_CTX_set_hkdf_mode) ++ __mkcgo__dlsym(EVP_PKEY_Q_keygen) ++ __mkcgo__dlsym(EVP_PKEY_fromdata) ++ __mkcgo__dlsym(EVP_PKEY_fromdata_init) ++ __mkcgo__dlsym(EVP_PKEY_get1_encoded_public_key) ++ __mkcgo__dlsym(EVP_PKEY_get_bits) ++ __mkcgo__dlsym(EVP_PKEY_get_bn_param) ++ __mkcgo__dlsym(EVP_PKEY_get_size) ++ __mkcgo__dlsym(EVP_PKEY_private_check) ++ __mkcgo__dlsym(EVP_PKEY_public_check_quick) ++ __mkcgo__dlsym(EVP_PKEY_set1_encoded_public_key) ++ __mkcgo__dlsym(EVP_PKEY_up_ref) ++ __mkcgo__dlsym(EVP_SIGNATURE_fetch) ++ __mkcgo__dlsym(EVP_SIGNATURE_free) ++ __mkcgo__dlsym(EVP_default_properties_enable_fips) ++ __mkcgo__dlsym(EVP_default_properties_is_fips_enabled) ++ __mkcgo__dlsym(OSSL_PARAM_BLD_free) ++ __mkcgo__dlsym(OSSL_PARAM_BLD_new) ++ __mkcgo__dlsym(OSSL_PARAM_BLD_push_BN) ++ __mkcgo__dlsym(OSSL_PARAM_BLD_push_int32) ++ __mkcgo__dlsym(OSSL_PARAM_BLD_push_octet_string) ++ __mkcgo__dlsym(OSSL_PARAM_BLD_push_utf8_string) ++ __mkcgo__dlsym(OSSL_PARAM_BLD_to_param) ++ __mkcgo__dlsym(OSSL_PARAM_free) ++ __mkcgo__dlsym(OSSL_PARAM_locate_const) ++ __mkcgo__dlsym(OSSL_PROVIDER_available) ++ __mkcgo__dlsym(OSSL_PROVIDER_get0_name) ++ __mkcgo__dlsym(OSSL_PROVIDER_try_load) +} + -+func RAND_bytes_ex(ctx OSSL_LIB_CTX_PTR, buf []byte, strength uint32) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_RAND_bytes_ex(ctx, (*C.uchar)(unsafe.Pointer(unsafe.SliceData(buf))), C.size_t(len(buf)), C.uint(strength), mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("RAND_bytes_ex", uintptr(_err)) ++void __mkcgo_unload_3() { ++ _g_EC_POINT_set_affine_coordinates = NULL; ++ _g_ERR_get_error_all = NULL; ++ _g_EVP_CIPHER_fetch = NULL; ++ _g_EVP_CIPHER_get0_name = NULL; ++ _g_EVP_CIPHER_get_block_size = NULL; ++ _g_EVP_KDF_CTX_free = NULL; ++ _g_EVP_KDF_CTX_get_kdf_size = NULL; ++ _g_EVP_KDF_CTX_new = NULL; ++ _g_EVP_KDF_CTX_set_params = NULL; ++ _g_EVP_KDF_derive = NULL; ++ _g_EVP_KDF_fetch = NULL; ++ _g_EVP_KDF_free = NULL; ++ _g_EVP_MAC_CTX_dup = NULL; ++ _g_EVP_MAC_CTX_free = NULL; ++ _g_EVP_MAC_CTX_new = NULL; ++ _g_EVP_MAC_CTX_set_params = NULL; ++ _g_EVP_MAC_fetch = NULL; ++ _g_EVP_MAC_final = NULL; ++ _g_EVP_MAC_init = NULL; ++ _g_EVP_MAC_update = NULL; ++ _g_EVP_MD_CTX_get_params = NULL; ++ _g_EVP_MD_CTX_gettable_params = NULL; ++ _g_EVP_MD_CTX_set_params = NULL; ++ _g_EVP_MD_CTX_settable_params = NULL; ++ _g_EVP_MD_fetch = NULL; ++ _g_EVP_MD_free = NULL; ++ _g_EVP_MD_get0_name = NULL; ++ _g_EVP_MD_get0_provider = NULL; ++ _g_EVP_MD_get_block_size = NULL; ++ _g_EVP_MD_get_size = NULL; ++ _g_EVP_MD_get_type = NULL; ++ _g_EVP_PKEY_CTX_add1_hkdf_info = NULL; ++ _g_EVP_PKEY_CTX_new_from_pkey = NULL; ++ _g_EVP_PKEY_CTX_set0_rsa_oaep_label = NULL; ++ _g_EVP_PKEY_CTX_set1_hkdf_key = NULL; ++ _g_EVP_PKEY_CTX_set1_hkdf_salt = NULL; ++ _g_EVP_PKEY_CTX_set_hkdf_md = NULL; ++ _g_EVP_PKEY_CTX_set_hkdf_mode = NULL; ++ _g_EVP_PKEY_Q_keygen = NULL; ++ _g_EVP_PKEY_fromdata = NULL; ++ _g_EVP_PKEY_fromdata_init = NULL; ++ _g_EVP_PKEY_get1_encoded_public_key = NULL; ++ _g_EVP_PKEY_get_bits = NULL; ++ _g_EVP_PKEY_get_bn_param = NULL; ++ _g_EVP_PKEY_get_size = NULL; ++ _g_EVP_PKEY_private_check = NULL; ++ _g_EVP_PKEY_public_check_quick = NULL; ++ _g_EVP_PKEY_set1_encoded_public_key = NULL; ++ _g_EVP_PKEY_up_ref = NULL; ++ _g_EVP_SIGNATURE_fetch = NULL; ++ _g_EVP_SIGNATURE_free = NULL; ++ _g_EVP_default_properties_enable_fips = NULL; ++ _g_EVP_default_properties_is_fips_enabled = NULL; ++ _g_OSSL_PARAM_BLD_free = NULL; ++ _g_OSSL_PARAM_BLD_new = NULL; ++ _g_OSSL_PARAM_BLD_push_BN = NULL; ++ _g_OSSL_PARAM_BLD_push_int32 = NULL; ++ _g_OSSL_PARAM_BLD_push_octet_string = NULL; ++ _g_OSSL_PARAM_BLD_push_utf8_string = NULL; ++ _g_OSSL_PARAM_BLD_to_param = NULL; ++ _g_OSSL_PARAM_free = NULL; ++ _g_OSSL_PARAM_locate_const = NULL; ++ _g_OSSL_PROVIDER_available = NULL; ++ _g_OSSL_PROVIDER_get0_name = NULL; ++ _g_OSSL_PROVIDER_try_load = NULL; +} + -+func RSA_free(arg0 RSA_PTR) { -+ C._mkcgo_RSA_free(arg0) ++void __mkcgo_load_init_1(void* handle) { ++ __mkcgo__dlsym(FIPS_mode) ++ __mkcgo__dlsym(FIPS_mode_set) +} + -+func RSA_get0_crt_params(r RSA_PTR, dmp1 *BIGNUM_PTR, dmq1 *BIGNUM_PTR, iqmp *BIGNUM_PTR) { -+ C._mkcgo_RSA_get0_crt_params(r, dmp1, dmq1, iqmp) ++void __mkcgo_unload_init_1() { ++ _g_FIPS_mode = NULL; ++ _g_FIPS_mode_set = NULL; +} + -+func RSA_get0_factors(rsa RSA_PTR, p *BIGNUM_PTR, q *BIGNUM_PTR) { -+ C._mkcgo_RSA_get0_factors(rsa, p, q) ++void __mkcgo_load_init_3(void* handle) { ++ __mkcgo__dlsym(ERR_clear_error) ++ __mkcgo__dlsym(EVP_MD_fetch) ++ __mkcgo__dlsym(EVP_MD_free) ++ __mkcgo__dlsym(EVP_MD_get0_provider) ++ __mkcgo__dlsym(EVP_default_properties_is_fips_enabled) +} + -+func RSA_get0_key(rsa RSA_PTR, n *BIGNUM_PTR, e *BIGNUM_PTR, d *BIGNUM_PTR) { -+ C._mkcgo_RSA_get0_key(rsa, n, e, d) ++void __mkcgo_unload_init_3() { ++ _g_ERR_clear_error = NULL; ++ _g_EVP_MD_fetch = NULL; ++ _g_EVP_MD_free = NULL; ++ _g_EVP_MD_get0_provider = NULL; ++ _g_EVP_default_properties_is_fips_enabled = NULL; +} + -+func RSA_new() (RSA_PTR, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_RSA_new(mkcgoNoEscape(&_err)) -+ return _ret, newMkcgoErr("RSA_new", uintptr(_err)) ++void __mkcgo_load_legacy_1(void* handle) { ++ __mkcgo__dlsym(DSA_free) ++ __mkcgo__dlsym(DSA_generate_key) ++ __mkcgo__dlsym(DSA_get0_key) ++ __mkcgo__dlsym(DSA_get0_pqg) ++ __mkcgo__dlsym(DSA_new) ++ __mkcgo__dlsym(DSA_set0_key) ++ __mkcgo__dlsym(DSA_set0_pqg) ++ __mkcgo__dlsym(EC_KEY_check_key) ++ __mkcgo__dlsym(EC_KEY_free) ++ __mkcgo__dlsym(EC_KEY_get0_group) ++ __mkcgo__dlsym(EC_KEY_get0_private_key) ++ __mkcgo__dlsym(EC_KEY_get0_public_key) ++ __mkcgo__dlsym(EC_KEY_new_by_curve_name) ++ __mkcgo__dlsym(EC_KEY_set_private_key) ++ __mkcgo__dlsym(EC_KEY_set_public_key) ++ __mkcgo__dlsym(EC_KEY_set_public_key_affine_coordinates) ++ __mkcgo__dlsym(EC_POINT_get_affine_coordinates_GFp) ++ __mkcgo__dlsym(ERR_get_error_line) ++ __mkcgo__dlsym2(EVP_CIPHER_get_block_size, EVP_CIPHER_block_size) ++ __mkcgo__dlsym2(EVP_MD_get_block_size, EVP_MD_block_size) ++ __mkcgo__dlsym2(EVP_MD_get_size, EVP_MD_size) ++ __mkcgo__dlsym(EVP_PKEY_assign) ++ __mkcgo__dlsym(EVP_PKEY_get0_DSA) ++ __mkcgo__dlsym(EVP_PKEY_get0_EC_KEY) ++ __mkcgo__dlsym(EVP_PKEY_get1_RSA) ++ __mkcgo__dlsym2(EVP_PKEY_get_bits, EVP_PKEY_bits) ++ __mkcgo__dlsym2(EVP_PKEY_get_size, EVP_PKEY_size) ++ __mkcgo__dlsym(EVP_PKEY_set1_EC_KEY) ++ __mkcgo__dlsym(FIPS_mode) ++ __mkcgo__dlsym(FIPS_mode_set) ++ __mkcgo__dlsym(HMAC_CTX_copy) ++ __mkcgo__dlsym(HMAC_CTX_free) ++ __mkcgo__dlsym(HMAC_CTX_new) ++ __mkcgo__dlsym(HMAC_Final) ++ __mkcgo__dlsym(HMAC_Init_ex) ++ __mkcgo__dlsym(HMAC_Update) ++ __mkcgo__dlsym(RSA_free) ++ __mkcgo__dlsym(RSA_get0_crt_params) ++ __mkcgo__dlsym(RSA_get0_factors) ++ __mkcgo__dlsym(RSA_get0_key) ++ __mkcgo__dlsym(RSA_new) ++ __mkcgo__dlsym(RSA_set0_crt_params) ++ __mkcgo__dlsym(RSA_set0_factors) ++ __mkcgo__dlsym(RSA_set0_key) +} + -+func RSA_set0_crt_params(rsa RSA_PTR, dmp1 BIGNUM_PTR, dmp2 BIGNUM_PTR, iqmp BIGNUM_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_RSA_set0_crt_params(rsa, dmp1, dmp2, iqmp, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("RSA_set0_crt_params", uintptr(_err)) ++void __mkcgo_unload_legacy_1() { ++ _g_DSA_free = NULL; ++ _g_DSA_generate_key = NULL; ++ _g_DSA_get0_key = NULL; ++ _g_DSA_get0_pqg = NULL; ++ _g_DSA_new = NULL; ++ _g_DSA_set0_key = NULL; ++ _g_DSA_set0_pqg = NULL; ++ _g_EC_KEY_check_key = NULL; ++ _g_EC_KEY_free = NULL; ++ _g_EC_KEY_get0_group = NULL; ++ _g_EC_KEY_get0_private_key = NULL; ++ _g_EC_KEY_get0_public_key = NULL; ++ _g_EC_KEY_new_by_curve_name = NULL; ++ _g_EC_KEY_set_private_key = NULL; ++ _g_EC_KEY_set_public_key = NULL; ++ _g_EC_KEY_set_public_key_affine_coordinates = NULL; ++ _g_EC_POINT_get_affine_coordinates_GFp = NULL; ++ _g_ERR_get_error_line = NULL; ++ _g_EVP_CIPHER_get_block_size = NULL; ++ _g_EVP_MD_get_block_size = NULL; ++ _g_EVP_MD_get_size = NULL; ++ _g_EVP_PKEY_assign = NULL; ++ _g_EVP_PKEY_get0_DSA = NULL; ++ _g_EVP_PKEY_get0_EC_KEY = NULL; ++ _g_EVP_PKEY_get1_RSA = NULL; ++ _g_EVP_PKEY_get_bits = NULL; ++ _g_EVP_PKEY_get_size = NULL; ++ _g_EVP_PKEY_set1_EC_KEY = NULL; ++ _g_FIPS_mode = NULL; ++ _g_FIPS_mode_set = NULL; ++ _g_HMAC_CTX_copy = NULL; ++ _g_HMAC_CTX_free = NULL; ++ _g_HMAC_CTX_new = NULL; ++ _g_HMAC_Final = NULL; ++ _g_HMAC_Init_ex = NULL; ++ _g_HMAC_Update = NULL; ++ _g_RSA_free = NULL; ++ _g_RSA_get0_crt_params = NULL; ++ _g_RSA_get0_factors = NULL; ++ _g_RSA_get0_key = NULL; ++ _g_RSA_new = NULL; ++ _g_RSA_set0_crt_params = NULL; ++ _g_RSA_set0_factors = NULL; ++ _g_RSA_set0_key = NULL; +} + -+func RSA_set0_factors(rsa RSA_PTR, p BIGNUM_PTR, q BIGNUM_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_RSA_set0_factors(rsa, p, q, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("RSA_set0_factors", uintptr(_err)) ++void __mkcgo_load_version(void* handle) { ++ __mkcgo__dlsym_nocheck(OPENSSL_version_major, OPENSSL_version_major) ++ __mkcgo__dlsym_nocheck(OPENSSL_version_minor, OPENSSL_version_minor) ++ __mkcgo__dlsym_nocheck(OPENSSL_version_patch, OPENSSL_version_patch) ++ __mkcgo__dlsym_nocheck(OpenSSL_version_num, OpenSSL_version_num) +} + -+func RSA_set0_key(r RSA_PTR, n BIGNUM_PTR, e BIGNUM_PTR, d BIGNUM_PTR) (int32, error) { -+ var _err C.uintptr_t -+ _ret := C._mkcgo_RSA_set0_key(r, n, e, d, mkcgoNoEscape(&_err)) -+ return int32(_ret), newMkcgoErr("RSA_set0_key", uintptr(_err)) ++void __mkcgo_unload_version() { ++ _g_OPENSSL_version_major = NULL; ++ _g_OPENSSL_version_minor = NULL; ++ _g_OPENSSL_version_patch = NULL; ++ _g_OpenSSL_version_num = NULL; +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl_nocgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl_nocgo.go -new file mode 100644 -index 00000000000000..4323bdad14f62f ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl_nocgo.go -@@ -0,0 +1,2481 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+// Code generated by mkcgo. DO NOT EDIT. -+ -+//go:build !cgo -+ -+package ossl -+ -+import ( -+ "runtime" -+ "unsafe" -+) + -+var _ = runtime.GOOS -+ -+var _mkcgoAlwaysFalseOssl bool -+var _mkcgoEscapeSinkOssl unsafe.Pointer -+ -+// mkcgoEscapePtrOssl forces p to escape to the heap. -+// This implementation is also used in the standard library: -+// https://github.com/golang/go/blob/f71432d223eeb2139b460957817400750fd13655/src/internal/abi/escape.go#L24-L33 -+func mkcgoEscapePtrOssl(p unsafe.Pointer) unsafe.Pointer { -+ if _mkcgoAlwaysFalseOssl { -+ _mkcgoEscapeSinkOssl = p -+ } -+ return p ++_BIGNUM_PTR _mkcgo_BN_bin2bn(const unsigned char* _arg0, int _arg1, _BIGNUM_PTR _arg2, mkcgo_err_state *_err_state) { ++ _BIGNUM_PTR _ret = _g_BN_bin2bn(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+type OPENSSL_INIT_SETTINGS_PTR unsafe.Pointer -+type OSSL_LIB_CTX_PTR unsafe.Pointer -+type OSSL_PROVIDER_PTR unsafe.Pointer -+type ENGINE_PTR unsafe.Pointer -+type EVP_PKEY_PTR unsafe.Pointer -+type EVP_PKEY_CTX_PTR unsafe.Pointer -+type EVP_MD_PTR unsafe.Pointer -+type EVP_MD_CTX_PTR unsafe.Pointer -+type HMAC_CTX_PTR unsafe.Pointer -+type EVP_CIPHER_PTR unsafe.Pointer -+type EVP_CIPHER_CTX_PTR unsafe.Pointer -+type EC_KEY_PTR unsafe.Pointer -+type EC_POINT_PTR unsafe.Pointer -+type EC_GROUP_PTR unsafe.Pointer -+type RSA_PTR unsafe.Pointer -+type BIGNUM_PTR unsafe.Pointer -+type BN_CTX_PTR unsafe.Pointer -+type EVP_MAC_PTR unsafe.Pointer -+type EVP_MAC_CTX_PTR unsafe.Pointer -+type OSSL_PARAM_BLD_PTR unsafe.Pointer -+type OSSL_PARAM_PTR unsafe.Pointer -+type EVP_SIGNATURE_PTR unsafe.Pointer -+type EVP_KEYMGMT_PTR unsafe.Pointer -+type DSA_PTR unsafe.Pointer -+type EVP_KDF_PTR unsafe.Pointer -+type EVP_KDF_CTX_PTR unsafe.Pointer -+type BIO_METHOD_PTR unsafe.Pointer -+type BIO_PTR unsafe.Pointer -+type Point_conversion_form_t = int32 -+ -+var _mkcgo_BIO_ctrl uintptr -+ -+func BIO_ctrl(bp BIO_PTR, cmd int32, larg int64, parg unsafe.Pointer) int64 { -+ r0, _ := syscallN(0, _mkcgo_BIO_ctrl, uintptr(bp), uintptr(cmd), uintptr(larg), uintptr(parg)) -+ return int64(r0) ++int _mkcgo_BN_bn2binpad(const _BIGNUM_PTR _arg0, unsigned char* _arg1, int _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_BN_bn2binpad(_arg0, _arg1, _arg2); ++ if (_ret == -1) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_BIO_free uintptr -+ -+func BIO_free(a BIO_PTR) int32 { -+ r0, _ := syscallN(0, _mkcgo_BIO_free, uintptr(a)) -+ return int32(r0) ++int _mkcgo_BN_bn2lebinpad(const _BIGNUM_PTR _arg0, unsigned char* _arg1, int _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_BN_bn2lebinpad(_arg0, _arg1, _arg2); ++ if (_ret == -1) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_BIO_new uintptr -+ -+func BIO_new(__type BIO_METHOD_PTR) (BIO_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_BIO_new, uintptr(__type), uintptr(unsafe.Pointer(&_err))) -+ return BIO_PTR(r0), newMkcgoErr("BIO_new", _err) ++void _mkcgo_BN_clear(_BIGNUM_PTR _arg0) { ++ _g_BN_clear(_arg0); +} + -+var _mkcgo_BIO_s_mem uintptr -+ -+func BIO_s_mem() BIO_METHOD_PTR { -+ r0, _ := syscallN(0, _mkcgo_BIO_s_mem) -+ return BIO_METHOD_PTR(r0) ++void _mkcgo_BN_clear_free(_BIGNUM_PTR _arg0) { ++ _g_BN_clear_free(_arg0); +} + -+var _mkcgo_BN_bin2bn uintptr -+ -+func BN_bin2bn(arg0 []byte, arg2 BIGNUM_PTR) (BIGNUM_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_BN_bin2bn, uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(arg0)))), uintptr(len(arg0)), uintptr(arg2), uintptr(unsafe.Pointer(&_err))) -+ return BIGNUM_PTR(r0), newMkcgoErr("BN_bin2bn", _err) ++void _mkcgo_BN_free(_BIGNUM_PTR _arg0) { ++ _g_BN_free(_arg0); +} + -+var _mkcgo_BN_bn2binpad uintptr -+ -+func BN_bn2binpad(a BIGNUM_PTR, to []byte) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(2, _mkcgo_BN_bn2binpad, uintptr(a), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(to)))), uintptr(len(to)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("BN_bn2binpad", _err) ++_BIGNUM_PTR _mkcgo_BN_lebin2bn(const unsigned char* _arg0, int _arg1, _BIGNUM_PTR _arg2, mkcgo_err_state *_err_state) { ++ _BIGNUM_PTR _ret = _g_BN_lebin2bn(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_BN_bn2lebinpad uintptr -+ -+func BN_bn2lebinpad(a BIGNUM_PTR, to []byte) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(2, _mkcgo_BN_bn2lebinpad, uintptr(a), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(to)))), uintptr(len(to)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("BN_bn2lebinpad", _err) ++_BIGNUM_PTR _mkcgo_BN_new(mkcgo_err_state *_err_state) { ++ _BIGNUM_PTR _ret = _g_BN_new(); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_BN_clear uintptr -+ -+func BN_clear(arg0 BIGNUM_PTR) { -+ syscallN(0, _mkcgo_BN_clear, uintptr(arg0)) ++int _mkcgo_BN_num_bits(const _BIGNUM_PTR _arg0) { ++ return _g_BN_num_bits(_arg0); +} + -+var _mkcgo_BN_clear_free uintptr -+ -+func BN_clear_free(arg0 BIGNUM_PTR) { -+ syscallN(0, _mkcgo_BN_clear_free, uintptr(arg0)) ++void _mkcgo_CRYPTO_free(void* _arg0, const char* _arg1, int _arg2) { ++ _g_CRYPTO_free(_arg0, _arg1, _arg2); +} + -+var _mkcgo_BN_free uintptr -+ -+func BN_free(arg0 BIGNUM_PTR) { -+ syscallN(0, _mkcgo_BN_free, uintptr(arg0)) ++void* _mkcgo_CRYPTO_malloc(size_t _arg0, const char* _arg1, int _arg2, mkcgo_err_state *_err_state) { ++ void* _ret = _g_CRYPTO_malloc(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_BN_lebin2bn uintptr -+ -+func BN_lebin2bn(s []byte, ret BIGNUM_PTR) (BIGNUM_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_BN_lebin2bn, uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(s)))), uintptr(len(s)), uintptr(ret), uintptr(unsafe.Pointer(&_err))) -+ return BIGNUM_PTR(r0), newMkcgoErr("BN_lebin2bn", _err) ++void _mkcgo_DSA_free(_DSA_PTR _arg0) { ++ _g_DSA_free(_arg0); +} + -+var _mkcgo_BN_new uintptr -+ -+func BN_new() (BIGNUM_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_BN_new, uintptr(unsafe.Pointer(&_err))) -+ return BIGNUM_PTR(r0), newMkcgoErr("BN_new", _err) ++int _mkcgo_DSA_generate_key(_DSA_PTR _arg0, mkcgo_err_state *_err_state) { ++ int _ret = _g_DSA_generate_key(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_BN_num_bits uintptr -+ -+func BN_num_bits(arg0 BIGNUM_PTR) int32 { -+ r0, _ := syscallN(0, _mkcgo_BN_num_bits, uintptr(arg0)) -+ return int32(r0) ++void _mkcgo_DSA_get0_key(const _DSA_PTR _arg0, const _BIGNUM_PTR* _arg1, const _BIGNUM_PTR* _arg2) { ++ _g_DSA_get0_key(_arg0, _arg1, _arg2); +} + -+var _mkcgo_CRYPTO_free uintptr -+ -+func CRYPTO_free(str unsafe.Pointer, file *byte, line int32) { -+ syscallN(0, _mkcgo_CRYPTO_free, uintptr(str), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(file))), uintptr(line)) ++void _mkcgo_DSA_get0_pqg(const _DSA_PTR _arg0, const _BIGNUM_PTR* _arg1, const _BIGNUM_PTR* _arg2, const _BIGNUM_PTR* _arg3) { ++ _g_DSA_get0_pqg(_arg0, _arg1, _arg2, _arg3); +} + -+var _mkcgo_CRYPTO_malloc uintptr -+ -+func CRYPTO_malloc(num int, file *byte, line int32) (unsafe.Pointer, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_CRYPTO_malloc, uintptr(num), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(file))), uintptr(line), uintptr(unsafe.Pointer(&_err))) -+ return unsafe.Pointer(r0), newMkcgoErr("CRYPTO_malloc", _err) ++_DSA_PTR _mkcgo_DSA_new(mkcgo_err_state *_err_state) { ++ _DSA_PTR _ret = _g_DSA_new(); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_DSA_free uintptr -+ -+func DSA_free(r DSA_PTR) { -+ syscallN(0, _mkcgo_DSA_free, uintptr(r)) ++int _mkcgo_DSA_set0_key(_DSA_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_DSA_set0_key(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_DSA_generate_key uintptr -+ -+func DSA_generate_key(a DSA_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_DSA_generate_key, uintptr(a), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("DSA_generate_key", _err) ++int _mkcgo_DSA_set0_pqg(_DSA_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, _BIGNUM_PTR _arg3, mkcgo_err_state *_err_state) { ++ int _ret = _g_DSA_set0_pqg(_arg0, _arg1, _arg2, _arg3); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_DSA_get0_key uintptr -+ -+func DSA_get0_key(d DSA_PTR, pub_key *BIGNUM_PTR, priv_key *BIGNUM_PTR) { -+ syscallN(0, _mkcgo_DSA_get0_key, uintptr(d), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(pub_key))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(priv_key)))) ++void _mkcgo_EC_GROUP_free(_EC_GROUP_PTR _arg0) { ++ _g_EC_GROUP_free(_arg0); +} + -+var _mkcgo_DSA_get0_pqg uintptr -+ -+func DSA_get0_pqg(d DSA_PTR, p *BIGNUM_PTR, q *BIGNUM_PTR, g *BIGNUM_PTR) { -+ syscallN(0, _mkcgo_DSA_get0_pqg, uintptr(d), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(p))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(q))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(g)))) ++_EC_GROUP_PTR _mkcgo_EC_GROUP_new_by_curve_name(int _arg0, mkcgo_err_state *_err_state) { ++ _EC_GROUP_PTR _ret = _g_EC_GROUP_new_by_curve_name(_arg0); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_DSA_new uintptr -+ -+func DSA_new() (DSA_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_DSA_new, uintptr(unsafe.Pointer(&_err))) -+ return DSA_PTR(r0), newMkcgoErr("DSA_new", _err) ++int _mkcgo_EC_KEY_check_key(const _EC_KEY_PTR _arg0, mkcgo_err_state *_err_state) { ++ int _ret = _g_EC_KEY_check_key(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_DSA_set0_key uintptr -+ -+func DSA_set0_key(d DSA_PTR, pub_key BIGNUM_PTR, priv_key BIGNUM_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_DSA_set0_key, uintptr(d), uintptr(pub_key), uintptr(priv_key), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("DSA_set0_key", _err) ++void _mkcgo_EC_KEY_free(_EC_KEY_PTR _arg0) { ++ _g_EC_KEY_free(_arg0); +} + -+var _mkcgo_DSA_set0_pqg uintptr -+ -+func DSA_set0_pqg(d DSA_PTR, p BIGNUM_PTR, q BIGNUM_PTR, g BIGNUM_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_DSA_set0_pqg, uintptr(d), uintptr(p), uintptr(q), uintptr(g), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("DSA_set0_pqg", _err) ++const _EC_GROUP_PTR _mkcgo_EC_KEY_get0_group(const _EC_KEY_PTR _arg0) { ++ return _g_EC_KEY_get0_group(_arg0); +} + -+var _mkcgo_EC_GROUP_free uintptr -+ -+func EC_GROUP_free(group EC_GROUP_PTR) { -+ syscallN(0, _mkcgo_EC_GROUP_free, uintptr(group)) ++const _BIGNUM_PTR _mkcgo_EC_KEY_get0_private_key(const _EC_KEY_PTR _arg0) { ++ return _g_EC_KEY_get0_private_key(_arg0); +} + -+var _mkcgo_EC_GROUP_new_by_curve_name uintptr -+ -+func EC_GROUP_new_by_curve_name(nid int32) (EC_GROUP_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EC_GROUP_new_by_curve_name, uintptr(nid), uintptr(unsafe.Pointer(&_err))) -+ return EC_GROUP_PTR(r0), newMkcgoErr("EC_GROUP_new_by_curve_name", _err) ++const _EC_POINT_PTR _mkcgo_EC_KEY_get0_public_key(const _EC_KEY_PTR _arg0) { ++ return _g_EC_KEY_get0_public_key(_arg0); +} + -+var _mkcgo_EC_KEY_check_key uintptr -+ -+func EC_KEY_check_key(key EC_KEY_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EC_KEY_check_key, uintptr(key), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EC_KEY_check_key", _err) ++_EC_KEY_PTR _mkcgo_EC_KEY_new_by_curve_name(int _arg0, mkcgo_err_state *_err_state) { ++ _EC_KEY_PTR _ret = _g_EC_KEY_new_by_curve_name(_arg0); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EC_KEY_free uintptr -+ -+func EC_KEY_free(arg0 EC_KEY_PTR) { -+ syscallN(0, _mkcgo_EC_KEY_free, uintptr(arg0)) ++int _mkcgo_EC_KEY_set_private_key(_EC_KEY_PTR _arg0, const _BIGNUM_PTR _arg1, mkcgo_err_state *_err_state) { ++ int _ret = _g_EC_KEY_set_private_key(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EC_KEY_get0_group uintptr -+ -+func EC_KEY_get0_group(arg0 EC_KEY_PTR) EC_GROUP_PTR { -+ r0, _ := syscallN(0, _mkcgo_EC_KEY_get0_group, uintptr(arg0)) -+ return EC_GROUP_PTR(r0) ++int _mkcgo_EC_KEY_set_public_key(_EC_KEY_PTR _arg0, const _EC_POINT_PTR _arg1, mkcgo_err_state *_err_state) { ++ int _ret = _g_EC_KEY_set_public_key(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EC_KEY_get0_private_key uintptr -+ -+func EC_KEY_get0_private_key(arg0 EC_KEY_PTR) BIGNUM_PTR { -+ r0, _ := syscallN(0, _mkcgo_EC_KEY_get0_private_key, uintptr(arg0)) -+ return BIGNUM_PTR(r0) ++int _mkcgo_EC_KEY_set_public_key_affine_coordinates(_EC_KEY_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_EC_KEY_set_public_key_affine_coordinates(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EC_KEY_get0_public_key uintptr -+ -+func EC_KEY_get0_public_key(arg0 EC_KEY_PTR) EC_POINT_PTR { -+ r0, _ := syscallN(0, _mkcgo_EC_KEY_get0_public_key, uintptr(arg0)) -+ return EC_POINT_PTR(r0) ++void _mkcgo_EC_POINT_free(_EC_POINT_PTR _arg0) { ++ _g_EC_POINT_free(_arg0); +} + -+var _mkcgo_EC_KEY_new_by_curve_name uintptr -+ -+func EC_KEY_new_by_curve_name(arg0 int32) (EC_KEY_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EC_KEY_new_by_curve_name, uintptr(arg0), uintptr(unsafe.Pointer(&_err))) -+ return EC_KEY_PTR(r0), newMkcgoErr("EC_KEY_new_by_curve_name", _err) ++int _mkcgo_EC_POINT_get_affine_coordinates_GFp(const _EC_GROUP_PTR _arg0, const _EC_POINT_PTR _arg1, _BIGNUM_PTR _arg2, _BIGNUM_PTR _arg3, _BN_CTX_PTR _arg4, mkcgo_err_state *_err_state) { ++ int _ret = _g_EC_POINT_get_affine_coordinates_GFp(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EC_KEY_set_private_key uintptr -+ -+func EC_KEY_set_private_key(arg0 EC_KEY_PTR, arg1 BIGNUM_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EC_KEY_set_private_key, uintptr(arg0), uintptr(arg1), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EC_KEY_set_private_key", _err) ++int _mkcgo_EC_POINT_mul(const _EC_GROUP_PTR _arg0, _EC_POINT_PTR _arg1, const _BIGNUM_PTR _arg2, const _EC_POINT_PTR _arg3, const _BIGNUM_PTR _arg4, _BN_CTX_PTR _arg5, mkcgo_err_state *_err_state) { ++ int _ret = _g_EC_POINT_mul(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EC_KEY_set_public_key uintptr -+ -+func EC_KEY_set_public_key(key EC_KEY_PTR, pub EC_POINT_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EC_KEY_set_public_key, uintptr(key), uintptr(pub), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EC_KEY_set_public_key", _err) ++_EC_POINT_PTR _mkcgo_EC_POINT_new(const _EC_GROUP_PTR _arg0, mkcgo_err_state *_err_state) { ++ _EC_POINT_PTR _ret = _g_EC_POINT_new(_arg0); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EC_KEY_set_public_key_affine_coordinates uintptr -+ -+func EC_KEY_set_public_key_affine_coordinates(key EC_KEY_PTR, x BIGNUM_PTR, y BIGNUM_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EC_KEY_set_public_key_affine_coordinates, uintptr(key), uintptr(x), uintptr(y), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EC_KEY_set_public_key_affine_coordinates", _err) ++int _mkcgo_EC_POINT_oct2point(const _EC_GROUP_PTR _arg0, _EC_POINT_PTR _arg1, const unsigned char* _arg2, size_t _arg3, _BN_CTX_PTR _arg4, mkcgo_err_state *_err_state) { ++ int _ret = _g_EC_POINT_oct2point(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EC_POINT_free uintptr -+ -+func EC_POINT_free(arg0 EC_POINT_PTR) { -+ syscallN(0, _mkcgo_EC_POINT_free, uintptr(arg0)) ++size_t _mkcgo_EC_POINT_point2oct(const _EC_GROUP_PTR _arg0, const _EC_POINT_PTR _arg1, point_conversion_form_t _arg2, unsigned char* _arg3, size_t _arg4, _BN_CTX_PTR _arg5, mkcgo_err_state *_err_state) { ++ size_t _ret = _g_EC_POINT_point2oct(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EC_POINT_get_affine_coordinates_GFp uintptr ++int _mkcgo_EC_POINT_set_affine_coordinates(const _EC_GROUP_PTR _arg0, _EC_POINT_PTR _arg1, const _BIGNUM_PTR _arg2, const _BIGNUM_PTR _arg3, _BN_CTX_PTR _arg4, mkcgo_err_state *_err_state) { ++ int _ret = _g_EC_POINT_set_affine_coordinates(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} + -+func EC_POINT_get_affine_coordinates_GFp(arg0 EC_GROUP_PTR, arg1 EC_POINT_PTR, arg2 BIGNUM_PTR, arg3 BIGNUM_PTR, arg4 BN_CTX_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EC_POINT_get_affine_coordinates_GFp, uintptr(arg0), uintptr(arg1), uintptr(arg2), uintptr(arg3), uintptr(arg4), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EC_POINT_get_affine_coordinates_GFp", _err) ++void _mkcgo_ERR_clear_error(void) { ++ _g_ERR_clear_error(); +} + -+var _mkcgo_EC_POINT_mul uintptr ++void _mkcgo_ERR_error_string_n(unsigned long _arg0, char* _arg1, size_t _arg2) { ++ _g_ERR_error_string_n(_arg0, _arg1, _arg2); ++} + -+func EC_POINT_mul(group EC_GROUP_PTR, r EC_POINT_PTR, n BIGNUM_PTR, q EC_POINT_PTR, m BIGNUM_PTR, ctx BN_CTX_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EC_POINT_mul, uintptr(group), uintptr(r), uintptr(n), uintptr(q), uintptr(m), uintptr(ctx), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EC_POINT_mul", _err) ++unsigned long _mkcgo_ERR_get_error_all(const char** _arg0, int* _arg1, const char** _arg2, const char** _arg3, int* _arg4) { ++ return _g_ERR_get_error_all(_arg0, _arg1, _arg2, _arg3, _arg4); +} + -+var _mkcgo_EC_POINT_new uintptr ++unsigned long _mkcgo_ERR_get_error_line(const char** _arg0, int* _arg1) { ++ return _g_ERR_get_error_line(_arg0, _arg1); ++} + -+func EC_POINT_new(arg0 EC_GROUP_PTR) (EC_POINT_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EC_POINT_new, uintptr(arg0), uintptr(unsafe.Pointer(&_err))) -+ return EC_POINT_PTR(r0), newMkcgoErr("EC_POINT_new", _err) ++int _mkcgo_EVP_CIPHER_CTX_ctrl(_EVP_CIPHER_CTX_PTR _arg0, int _arg1, int _arg2, void* _arg3, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_CIPHER_CTX_ctrl(_arg0, _arg1, _arg2, _arg3); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EC_POINT_oct2point uintptr ++void _mkcgo_EVP_CIPHER_CTX_free(_EVP_CIPHER_CTX_PTR _arg0) { ++ _g_EVP_CIPHER_CTX_free(_arg0); ++} + -+func EC_POINT_oct2point(group EC_GROUP_PTR, p EC_POINT_PTR, buf []byte, ctx BN_CTX_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EC_POINT_oct2point, uintptr(group), uintptr(p), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(buf)))), uintptr(len(buf)), uintptr(ctx), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EC_POINT_oct2point", _err) ++_EVP_CIPHER_CTX_PTR _mkcgo_EVP_CIPHER_CTX_new(mkcgo_err_state *_err_state) { ++ _EVP_CIPHER_CTX_PTR _ret = _g_EVP_CIPHER_CTX_new(); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EC_POINT_point2oct uintptr ++int _mkcgo_EVP_CIPHER_CTX_set_key_length(_EVP_CIPHER_CTX_PTR _arg0, int _arg1, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_CIPHER_CTX_set_key_length(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} + -+func EC_POINT_point2oct(group EC_GROUP_PTR, p EC_POINT_PTR, form Point_conversion_form_t, buf []byte, ctx BN_CTX_PTR) (int, error) { -+ var _err uintptr -+ r0, _ := syscallN(4, _mkcgo_EC_POINT_point2oct, uintptr(group), uintptr(p), uintptr(form), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(buf)))), uintptr(len(buf)), uintptr(ctx), uintptr(unsafe.Pointer(&_err))) -+ return int(r0), newMkcgoErr("EC_POINT_point2oct", _err) ++int _mkcgo_EVP_CIPHER_CTX_set_padding(_EVP_CIPHER_CTX_PTR _arg0, int _arg1, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_CIPHER_CTX_set_padding(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EC_POINT_set_affine_coordinates uintptr ++_EVP_CIPHER_PTR _mkcgo_EVP_CIPHER_fetch(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, mkcgo_err_state *_err_state) { ++ _EVP_CIPHER_PTR _ret = _g_EVP_CIPHER_fetch(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} + -+func EC_POINT_set_affine_coordinates(arg0 EC_GROUP_PTR, arg1 EC_POINT_PTR, arg2 BIGNUM_PTR, arg3 BIGNUM_PTR, arg4 BN_CTX_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EC_POINT_set_affine_coordinates, uintptr(arg0), uintptr(arg1), uintptr(arg2), uintptr(arg3), uintptr(arg4), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EC_POINT_set_affine_coordinates", _err) ++const char* _mkcgo_EVP_CIPHER_get0_name(const _EVP_CIPHER_PTR _arg0) { ++ return _g_EVP_CIPHER_get0_name(_arg0); +} + -+var _mkcgo_ERR_peek_error uintptr ++int _mkcgo_EVP_CIPHER_get_block_size(const _EVP_CIPHER_PTR _arg0) { ++ return _g_EVP_CIPHER_get_block_size(_arg0); ++} + -+func ERR_peek_error() uint64 { -+ r0, _ := syscallN(0, _mkcgo_ERR_peek_error) -+ return uint64(r0) ++int _mkcgo_EVP_CipherInit_ex(_EVP_CIPHER_CTX_PTR _arg0, const _EVP_CIPHER_PTR _arg1, _ENGINE_PTR _arg2, const unsigned char* _arg3, const unsigned char* _arg4, int _arg5, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_CipherInit_ex(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_ERR_print_errors uintptr ++int _mkcgo_EVP_CipherUpdate(_EVP_CIPHER_CTX_PTR _arg0, unsigned char* _arg1, int* _arg2, const unsigned char* _arg3, int _arg4, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_CipherUpdate(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} + -+func ERR_print_errors(bp BIO_PTR) { -+ syscallN(0, _mkcgo_ERR_print_errors, uintptr(bp)) ++int _mkcgo_EVP_DecryptFinal_ex(_EVP_CIPHER_CTX_PTR _arg0, unsigned char* _arg1, int* _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_DecryptFinal_ex(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_CIPHER_CTX_ctrl uintptr ++int _mkcgo_EVP_DecryptInit_ex(_EVP_CIPHER_CTX_PTR _arg0, const _EVP_CIPHER_PTR _arg1, _ENGINE_PTR _arg2, const unsigned char* _arg3, const unsigned char* _arg4, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_DecryptInit_ex(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} + -+func EVP_CIPHER_CTX_ctrl(ctx EVP_CIPHER_CTX_PTR, __type int32, arg int32, ptr unsafe.Pointer) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_CIPHER_CTX_ctrl, uintptr(ctx), uintptr(__type), uintptr(arg), uintptr(ptr), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_CIPHER_CTX_ctrl", _err) ++int _mkcgo_EVP_DecryptUpdate(_EVP_CIPHER_CTX_PTR _arg0, unsigned char* _arg1, int* _arg2, const unsigned char* _arg3, int _arg4, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_DecryptUpdate(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_CIPHER_CTX_free uintptr ++int _mkcgo_EVP_Digest(const void* _arg0, size_t _arg1, unsigned char* _arg2, unsigned int* _arg3, const _EVP_MD_PTR _arg4, _ENGINE_PTR _arg5, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_Digest(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} + -+func EVP_CIPHER_CTX_free(arg0 EVP_CIPHER_CTX_PTR) { -+ syscallN(0, _mkcgo_EVP_CIPHER_CTX_free, uintptr(arg0)) ++int _mkcgo_EVP_DigestFinal_ex(_EVP_MD_CTX_PTR _arg0, unsigned char* _arg1, unsigned int* _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_DigestFinal_ex(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_CIPHER_CTX_new uintptr ++int _mkcgo_EVP_DigestInit(_EVP_MD_CTX_PTR _arg0, const _EVP_MD_PTR _arg1, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_DigestInit(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} + -+func EVP_CIPHER_CTX_new() (EVP_CIPHER_CTX_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_CIPHER_CTX_new, uintptr(unsafe.Pointer(&_err))) -+ return EVP_CIPHER_CTX_PTR(r0), newMkcgoErr("EVP_CIPHER_CTX_new", _err) ++int _mkcgo_EVP_DigestInit_ex(_EVP_MD_CTX_PTR _arg0, const _EVP_MD_PTR _arg1, _ENGINE_PTR _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_DigestInit_ex(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_CIPHER_CTX_set_key_length uintptr ++int _mkcgo_EVP_DigestSign(_EVP_MD_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, const unsigned char* _arg3, size_t _arg4, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_DigestSign(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} + -+func EVP_CIPHER_CTX_set_key_length(x EVP_CIPHER_CTX_PTR, keylen int32) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_CIPHER_CTX_set_key_length, uintptr(x), uintptr(keylen), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_CIPHER_CTX_set_key_length", _err) ++int _mkcgo_EVP_DigestSignFinal(_EVP_MD_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_DigestSignFinal(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_CIPHER_CTX_set_padding uintptr ++int _mkcgo_EVP_DigestSignInit(_EVP_MD_CTX_PTR _arg0, _EVP_PKEY_CTX_PTR* _arg1, const _EVP_MD_PTR _arg2, _ENGINE_PTR _arg3, _EVP_PKEY_PTR _arg4, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_DigestSignInit(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} + -+func EVP_CIPHER_CTX_set_padding(x EVP_CIPHER_CTX_PTR, padding int32) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_CIPHER_CTX_set_padding, uintptr(x), uintptr(padding), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_CIPHER_CTX_set_padding", _err) ++int _mkcgo_EVP_DigestUpdate(_EVP_MD_CTX_PTR _arg0, const void* _arg1, size_t _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_DigestUpdate(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_CIPHER_fetch uintptr ++int _mkcgo_EVP_DigestVerify(_EVP_MD_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, const unsigned char* _arg3, size_t _arg4, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_DigestVerify(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} + -+func EVP_CIPHER_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_CIPHER_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_CIPHER_fetch, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(algorithm))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(properties))), uintptr(unsafe.Pointer(&_err))) -+ return EVP_CIPHER_PTR(r0), newMkcgoErr("EVP_CIPHER_fetch", _err) ++int _mkcgo_EVP_DigestVerifyFinal(_EVP_MD_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_DigestVerifyFinal(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_CIPHER_get0_name uintptr ++int _mkcgo_EVP_DigestVerifyInit(_EVP_MD_CTX_PTR _arg0, _EVP_PKEY_CTX_PTR* _arg1, const _EVP_MD_PTR _arg2, _ENGINE_PTR _arg3, _EVP_PKEY_PTR _arg4, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_DigestVerifyInit(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} + -+func EVP_CIPHER_get0_name(cipher EVP_CIPHER_PTR) *byte { -+ r0, _ := syscallN(0, _mkcgo_EVP_CIPHER_get0_name, uintptr(cipher)) -+ return (*byte)(unsafe.Pointer(r0)) ++int _mkcgo_EVP_EncryptFinal_ex(_EVP_CIPHER_CTX_PTR _arg0, unsigned char* _arg1, int* _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_EncryptFinal_ex(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_CIPHER_get_block_size uintptr ++int _mkcgo_EVP_EncryptInit_ex(_EVP_CIPHER_CTX_PTR _arg0, const _EVP_CIPHER_PTR _arg1, _ENGINE_PTR _arg2, const unsigned char* _arg3, const unsigned char* _arg4, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_EncryptInit_ex(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} + -+func EVP_CIPHER_get_block_size(cipher EVP_CIPHER_PTR) int32 { -+ r0, _ := syscallN(0, _mkcgo_EVP_CIPHER_get_block_size, uintptr(cipher)) -+ return int32(r0) ++int _mkcgo_EVP_EncryptUpdate(_EVP_CIPHER_CTX_PTR _arg0, unsigned char* _arg1, int* _arg2, const unsigned char* _arg3, int _arg4, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_EncryptUpdate(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_CipherInit_ex uintptr ++void _mkcgo_EVP_KDF_CTX_free(_EVP_KDF_CTX_PTR _arg0) { ++ _g_EVP_KDF_CTX_free(_arg0); ++} + -+func EVP_CipherInit_ex(ctx EVP_CIPHER_CTX_PTR, __type EVP_CIPHER_PTR, impl ENGINE_PTR, key *byte, iv *byte, enc int32) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_CipherInit_ex, uintptr(ctx), uintptr(__type), uintptr(impl), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(key))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(iv))), uintptr(enc), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_CipherInit_ex", _err) ++size_t _mkcgo_EVP_KDF_CTX_get_kdf_size(_EVP_KDF_CTX_PTR _arg0, mkcgo_err_state *_err_state) { ++ size_t _ret = _g_EVP_KDF_CTX_get_kdf_size(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_CipherUpdate uintptr -+ -+func EVP_CipherUpdate(ctx EVP_CIPHER_CTX_PTR, out []byte, outl *int32, in []byte) (int32, error) { -+ if outl != nil && int(*outl) > len(out) { -+ panic("EVP_CipherUpdate: *outl exceeds len(out)") -+ } -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_CipherUpdate, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(out))), uintptr(unsafe.Pointer(outl)), uintptr(unsafe.Pointer(unsafe.SliceData(in))), uintptr(len(in)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_CipherUpdate", _err) ++_EVP_KDF_CTX_PTR _mkcgo_EVP_KDF_CTX_new(_EVP_KDF_PTR _arg0, mkcgo_err_state *_err_state) { ++ _EVP_KDF_CTX_PTR _ret = _g_EVP_KDF_CTX_new(_arg0); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_DecryptFinal_ex uintptr -+ -+func EVP_DecryptFinal_ex(ctx EVP_CIPHER_CTX_PTR, outm []byte, outl *int32) (int32, error) { -+ if outl != nil && int(*outl) > len(outm) { -+ panic("EVP_DecryptFinal_ex: *outl exceeds len(outm)") -+ } -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_DecryptFinal_ex, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(outm))), uintptr(unsafe.Pointer(outl)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_DecryptFinal_ex", _err) ++int _mkcgo_EVP_KDF_CTX_set_params(_EVP_KDF_CTX_PTR _arg0, const _OSSL_PARAM_PTR _arg1, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_KDF_CTX_set_params(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_DecryptInit_ex uintptr -+ -+func EVP_DecryptInit_ex(ctx EVP_CIPHER_CTX_PTR, __type EVP_CIPHER_PTR, impl ENGINE_PTR, key *byte, iv *byte) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_DecryptInit_ex, uintptr(ctx), uintptr(__type), uintptr(impl), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(key))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(iv))), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_DecryptInit_ex", _err) ++int _mkcgo_EVP_KDF_derive(_EVP_KDF_CTX_PTR _arg0, unsigned char* _arg1, size_t _arg2, const _OSSL_PARAM_PTR _arg3, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_KDF_derive(_arg0, _arg1, _arg2, _arg3); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_DecryptUpdate uintptr -+ -+func EVP_DecryptUpdate(ctx EVP_CIPHER_CTX_PTR, out []byte, outl *int32, in []byte) (int32, error) { -+ if outl != nil && int(*outl) > len(out) { -+ panic("EVP_DecryptUpdate: *outl exceeds len(out)") -+ } -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_DecryptUpdate, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(out))), uintptr(unsafe.Pointer(outl)), uintptr(unsafe.Pointer(unsafe.SliceData(in))), uintptr(len(in)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_DecryptUpdate", _err) ++_EVP_KDF_PTR _mkcgo_EVP_KDF_fetch(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, mkcgo_err_state *_err_state) { ++ _EVP_KDF_PTR _ret = _g_EVP_KDF_fetch(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_Digest uintptr -+ -+func EVP_Digest(data []byte, md []byte, size *uint32, __type EVP_MD_PTR, impl ENGINE_PTR) (int32, error) { -+ if size != nil && int(*size) > len(md) { -+ panic("EVP_Digest: *size exceeds len(md)") -+ } -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_Digest, uintptr(unsafe.Pointer(unsafe.SliceData(data))), uintptr(len(data)), uintptr(unsafe.Pointer(unsafe.SliceData(md))), uintptr(unsafe.Pointer(size)), uintptr(__type), uintptr(impl), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_Digest", _err) ++void _mkcgo_EVP_KDF_free(_EVP_KDF_PTR _arg0) { ++ _g_EVP_KDF_free(_arg0); +} + -+var _mkcgo_EVP_DigestFinalXOF uintptr -+ -+func EVP_DigestFinalXOF(ctx EVP_MD_CTX_PTR, md []byte) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_DigestFinalXOF, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(md))), uintptr(len(md)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_DigestFinalXOF", _err) ++_EVP_MAC_CTX_PTR _mkcgo_EVP_MAC_CTX_dup(const _EVP_MAC_CTX_PTR _arg0, mkcgo_err_state *_err_state) { ++ _EVP_MAC_CTX_PTR _ret = _g_EVP_MAC_CTX_dup(_arg0); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_DigestFinal_ex uintptr -+ -+func EVP_DigestFinal_ex(ctx EVP_MD_CTX_PTR, md []byte, s *uint32) (int32, error) { -+ if s != nil && int(*s) > len(md) { -+ panic("EVP_DigestFinal_ex: *s exceeds len(md)") -+ } -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_DigestFinal_ex, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(md))), uintptr(unsafe.Pointer(s)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_DigestFinal_ex", _err) ++void _mkcgo_EVP_MAC_CTX_free(_EVP_MAC_CTX_PTR _arg0) { ++ _g_EVP_MAC_CTX_free(_arg0); +} + -+var _mkcgo_EVP_DigestInit uintptr -+ -+func EVP_DigestInit(ctx EVP_MD_CTX_PTR, __type EVP_MD_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_DigestInit, uintptr(ctx), uintptr(__type), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_DigestInit", _err) ++_EVP_MAC_CTX_PTR _mkcgo_EVP_MAC_CTX_new(_EVP_MAC_PTR _arg0, mkcgo_err_state *_err_state) { ++ _EVP_MAC_CTX_PTR _ret = _g_EVP_MAC_CTX_new(_arg0); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_DigestInit_ex uintptr -+ -+func EVP_DigestInit_ex(ctx EVP_MD_CTX_PTR, __type EVP_MD_PTR, impl ENGINE_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_DigestInit_ex, uintptr(ctx), uintptr(__type), uintptr(impl), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_DigestInit_ex", _err) ++int _mkcgo_EVP_MAC_CTX_set_params(_EVP_MAC_CTX_PTR _arg0, const _OSSL_PARAM_PTR _arg1, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_MAC_CTX_set_params(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_DigestSign uintptr -+ -+func EVP_DigestSign(ctx EVP_MD_CTX_PTR, sigret []byte, siglen *int, tbs []byte) (int32, error) { -+ if siglen != nil && int(*siglen) > len(sigret) { -+ panic("EVP_DigestSign: *siglen exceeds len(sigret)") -+ } -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_DigestSign, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(sigret))), uintptr(unsafe.Pointer(siglen)), uintptr(unsafe.Pointer(unsafe.SliceData(tbs))), uintptr(len(tbs)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_DigestSign", _err) ++_EVP_MAC_PTR _mkcgo_EVP_MAC_fetch(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, mkcgo_err_state *_err_state) { ++ _EVP_MAC_PTR _ret = _g_EVP_MAC_fetch(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_DigestSignFinal uintptr -+ -+func EVP_DigestSignFinal(ctx EVP_MD_CTX_PTR, sig []byte, siglen *int) (int32, error) { -+ if siglen != nil && int(*siglen) > len(sig) { -+ panic("EVP_DigestSignFinal: *siglen exceeds len(sig)") -+ } -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_DigestSignFinal, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(sig)))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(siglen))), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_DigestSignFinal", _err) ++int _mkcgo_EVP_MAC_final(_EVP_MAC_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, size_t _arg3, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_MAC_final(_arg0, _arg1, _arg2, _arg3); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_DigestSignInit uintptr -+ -+func EVP_DigestSignInit(ctx EVP_MD_CTX_PTR, pctx *EVP_PKEY_CTX_PTR, __type EVP_MD_PTR, e ENGINE_PTR, pkey EVP_PKEY_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_DigestSignInit, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(pctx))), uintptr(__type), uintptr(e), uintptr(pkey), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_DigestSignInit", _err) ++int _mkcgo_EVP_MAC_init(_EVP_MAC_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, const _OSSL_PARAM_PTR _arg3, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_MAC_init(_arg0, _arg1, _arg2, _arg3); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+func EVP_DigestSqueeze_Available() bool { -+ return _mkcgo_EVP_DigestSqueeze != 0 ++int _mkcgo_EVP_MAC_update(_EVP_MAC_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_MAC_update(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_DigestSqueeze uintptr -+ -+func EVP_DigestSqueeze(ctx EVP_MD_CTX_PTR, out []byte) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_DigestSqueeze, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(out))), uintptr(len(out)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_DigestSqueeze", _err) ++int _mkcgo_EVP_MD_CTX_copy(_EVP_MD_CTX_PTR _arg0, const _EVP_MD_CTX_PTR _arg1, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_MD_CTX_copy(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_DigestUpdate uintptr -+ -+func EVP_DigestUpdate(ctx EVP_MD_CTX_PTR, d []byte) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_DigestUpdate, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(d))), uintptr(len(d)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_DigestUpdate", _err) ++int _mkcgo_EVP_MD_CTX_copy_ex(_EVP_MD_CTX_PTR _arg0, const _EVP_MD_CTX_PTR _arg1, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_MD_CTX_copy_ex(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_DigestVerify uintptr -+ -+func EVP_DigestVerify(ctx EVP_MD_CTX_PTR, sigret []byte, tbs []byte) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_DigestVerify, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(sigret)))), uintptr(len(sigret)), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(tbs)))), uintptr(len(tbs)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_DigestVerify", _err) ++void _mkcgo_EVP_MD_CTX_free(_EVP_MD_CTX_PTR _arg0) { ++ _g_EVP_MD_CTX_free(_arg0); +} + -+var _mkcgo_EVP_DigestVerifyFinal uintptr -+ -+func EVP_DigestVerifyFinal(ctx EVP_MD_CTX_PTR, sig []byte) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_DigestVerifyFinal, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(sig)))), uintptr(len(sig)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_DigestVerifyFinal", _err) ++int _mkcgo_EVP_MD_CTX_get_params(_EVP_MD_CTX_PTR _arg0, _OSSL_PARAM_PTR _arg1, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_MD_CTX_get_params(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_DigestVerifyInit uintptr -+ -+func EVP_DigestVerifyInit(ctx EVP_MD_CTX_PTR, pctx *EVP_PKEY_CTX_PTR, __type EVP_MD_PTR, e ENGINE_PTR, pkey EVP_PKEY_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_DigestVerifyInit, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(pctx))), uintptr(__type), uintptr(e), uintptr(pkey), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_DigestVerifyInit", _err) ++const _OSSL_PARAM_PTR _mkcgo_EVP_MD_CTX_gettable_params(_EVP_MD_CTX_PTR _arg0, mkcgo_err_state *_err_state) { ++ const _OSSL_PARAM_PTR _ret = _g_EVP_MD_CTX_gettable_params(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_EncryptFinal_ex uintptr -+ -+func EVP_EncryptFinal_ex(ctx EVP_CIPHER_CTX_PTR, out []byte, outl *int32) (int32, error) { -+ if outl != nil && int(*outl) > len(out) { -+ panic("EVP_EncryptFinal_ex: *outl exceeds len(out)") -+ } -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_EncryptFinal_ex, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(out))), uintptr(unsafe.Pointer(outl)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_EncryptFinal_ex", _err) ++_EVP_MD_CTX_PTR _mkcgo_EVP_MD_CTX_new(mkcgo_err_state *_err_state) { ++ _EVP_MD_CTX_PTR _ret = _g_EVP_MD_CTX_new(); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_EncryptInit_ex uintptr -+ -+func EVP_EncryptInit_ex(ctx EVP_CIPHER_CTX_PTR, __type EVP_CIPHER_PTR, impl ENGINE_PTR, key *byte, iv *byte) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_EncryptInit_ex, uintptr(ctx), uintptr(__type), uintptr(impl), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(key))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(iv))), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_EncryptInit_ex", _err) ++int _mkcgo_EVP_MD_CTX_set_params(_EVP_MD_CTX_PTR _arg0, const _OSSL_PARAM_PTR _arg1, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_MD_CTX_set_params(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_EncryptUpdate uintptr -+ -+func EVP_EncryptUpdate(ctx EVP_CIPHER_CTX_PTR, out []byte, outl *int32, in []byte) (int32, error) { -+ if outl != nil && int(*outl) > len(out) { -+ panic("EVP_EncryptUpdate: *outl exceeds len(out)") -+ } -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_EncryptUpdate, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(out))), uintptr(unsafe.Pointer(outl)), uintptr(unsafe.Pointer(unsafe.SliceData(in))), uintptr(len(in)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_EncryptUpdate", _err) ++const _OSSL_PARAM_PTR _mkcgo_EVP_MD_CTX_settable_params(_EVP_MD_CTX_PTR _arg0, mkcgo_err_state *_err_state) { ++ const _OSSL_PARAM_PTR _ret = _g_EVP_MD_CTX_settable_params(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_KDF_CTX_free uintptr -+ -+func EVP_KDF_CTX_free(ctx EVP_KDF_CTX_PTR) { -+ syscallN(0, _mkcgo_EVP_KDF_CTX_free, uintptr(ctx)) ++_EVP_MD_PTR _mkcgo_EVP_MD_fetch(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, mkcgo_err_state *_err_state) { ++ _EVP_MD_PTR _ret = _g_EVP_MD_fetch(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_KDF_CTX_get_kdf_size uintptr -+ -+func EVP_KDF_CTX_get_kdf_size(ctx EVP_KDF_CTX_PTR) (int, error) { -+ var _err uintptr -+ r0, _ := syscallN(4, _mkcgo_EVP_KDF_CTX_get_kdf_size, uintptr(ctx), uintptr(unsafe.Pointer(&_err))) -+ return int(r0), newMkcgoErr("EVP_KDF_CTX_get_kdf_size", _err) ++void _mkcgo_EVP_MD_free(_EVP_MD_PTR _arg0) { ++ _g_EVP_MD_free(_arg0); +} + -+var _mkcgo_EVP_KDF_CTX_new uintptr -+ -+func EVP_KDF_CTX_new(kdf EVP_KDF_PTR) (EVP_KDF_CTX_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_KDF_CTX_new, uintptr(kdf), uintptr(unsafe.Pointer(&_err))) -+ return EVP_KDF_CTX_PTR(r0), newMkcgoErr("EVP_KDF_CTX_new", _err) ++const char* _mkcgo_EVP_MD_get0_name(const _EVP_MD_PTR _arg0) { ++ return _g_EVP_MD_get0_name(_arg0); +} + -+var _mkcgo_EVP_KDF_CTX_set_params uintptr -+ -+func EVP_KDF_CTX_set_params(ctx EVP_KDF_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_KDF_CTX_set_params, uintptr(ctx), uintptr(params), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_KDF_CTX_set_params", _err) ++const _OSSL_PROVIDER_PTR _mkcgo_EVP_MD_get0_provider(const _EVP_MD_PTR _arg0) { ++ return _g_EVP_MD_get0_provider(_arg0); +} + -+var _mkcgo_EVP_KDF_derive uintptr -+ -+func EVP_KDF_derive(ctx EVP_KDF_CTX_PTR, key []byte, params OSSL_PARAM_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_KDF_derive, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(key)))), uintptr(len(key)), uintptr(params), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_KDF_derive", _err) ++int _mkcgo_EVP_MD_get_block_size(const _EVP_MD_PTR _arg0) { ++ return _g_EVP_MD_get_block_size(_arg0); +} + -+var _mkcgo_EVP_KDF_fetch uintptr -+ -+func EVP_KDF_fetch(libctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_KDF_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_KDF_fetch, uintptr(libctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(algorithm))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(properties))), uintptr(unsafe.Pointer(&_err))) -+ return EVP_KDF_PTR(r0), newMkcgoErr("EVP_KDF_fetch", _err) ++int _mkcgo_EVP_MD_get_size(const _EVP_MD_PTR _arg0) { ++ return _g_EVP_MD_get_size(_arg0); +} + -+var _mkcgo_EVP_KDF_free uintptr -+ -+func EVP_KDF_free(kdf EVP_KDF_PTR) { -+ syscallN(0, _mkcgo_EVP_KDF_free, uintptr(kdf)) ++int _mkcgo_EVP_MD_get_type(const _EVP_MD_PTR _arg0) { ++ return _g_EVP_MD_get_type(_arg0); +} + -+func EVP_KEYMGMT_fetch_Available() bool { -+ return _mkcgo_EVP_KEYMGMT_fetch != 0 ++int _mkcgo_EVP_PKEY_CTX_add1_hkdf_info(_EVP_PKEY_CTX_PTR _arg0, const unsigned char* _arg1, int _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_CTX_add1_hkdf_info(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_KEYMGMT_fetch uintptr -+ -+func EVP_KEYMGMT_fetch(libctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_KEYMGMT_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_KEYMGMT_fetch, uintptr(libctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(algorithm))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(properties))), uintptr(unsafe.Pointer(&_err))) -+ return EVP_KEYMGMT_PTR(r0), newMkcgoErr("EVP_KEYMGMT_fetch", _err) ++int _mkcgo_EVP_PKEY_CTX_ctrl(_EVP_PKEY_CTX_PTR _arg0, int _arg1, int _arg2, int _arg3, int _arg4, void* _arg5, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_CTX_ctrl(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_KEYMGMT_free uintptr -+ -+func EVP_KEYMGMT_free(keymgmt EVP_KEYMGMT_PTR) { -+ syscallN(0, _mkcgo_EVP_KEYMGMT_free, uintptr(keymgmt)) ++void _mkcgo_EVP_PKEY_CTX_free(_EVP_PKEY_CTX_PTR _arg0) { ++ _g_EVP_PKEY_CTX_free(_arg0); +} + -+var _mkcgo_EVP_MAC_CTX_dup uintptr -+ -+func EVP_MAC_CTX_dup(arg0 EVP_MAC_CTX_PTR) (EVP_MAC_CTX_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_MAC_CTX_dup, uintptr(arg0), uintptr(unsafe.Pointer(&_err))) -+ return EVP_MAC_CTX_PTR(r0), newMkcgoErr("EVP_MAC_CTX_dup", _err) ++_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new(_EVP_PKEY_PTR _arg0, _ENGINE_PTR _arg1, mkcgo_err_state *_err_state) { ++ _EVP_PKEY_CTX_PTR _ret = _g_EVP_PKEY_CTX_new(_arg0, _arg1); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_MAC_CTX_free uintptr -+ -+func EVP_MAC_CTX_free(arg0 EVP_MAC_CTX_PTR) { -+ syscallN(0, _mkcgo_EVP_MAC_CTX_free, uintptr(arg0)) ++_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new_from_pkey(_OSSL_LIB_CTX_PTR _arg0, _EVP_PKEY_PTR _arg1, const char* _arg2, mkcgo_err_state *_err_state) { ++ _EVP_PKEY_CTX_PTR _ret = _g_EVP_PKEY_CTX_new_from_pkey(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_MAC_CTX_new uintptr -+ -+func EVP_MAC_CTX_new(arg0 EVP_MAC_PTR) (EVP_MAC_CTX_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_MAC_CTX_new, uintptr(arg0), uintptr(unsafe.Pointer(&_err))) -+ return EVP_MAC_CTX_PTR(r0), newMkcgoErr("EVP_MAC_CTX_new", _err) ++_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new_id(int _arg0, _ENGINE_PTR _arg1, mkcgo_err_state *_err_state) { ++ _EVP_PKEY_CTX_PTR _ret = _g_EVP_PKEY_CTX_new_id(_arg0, _arg1); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_MAC_CTX_set_params uintptr -+ -+func EVP_MAC_CTX_set_params(ctx EVP_MAC_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_MAC_CTX_set_params, uintptr(ctx), uintptr(params), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_MAC_CTX_set_params", _err) ++int _mkcgo_EVP_PKEY_CTX_set0_rsa_oaep_label(_EVP_PKEY_CTX_PTR _arg0, void* _arg1, int _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_CTX_set0_rsa_oaep_label(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_MAC_fetch uintptr -+ -+func EVP_MAC_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_MAC_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_MAC_fetch, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(algorithm))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(properties))), uintptr(unsafe.Pointer(&_err))) -+ return EVP_MAC_PTR(r0), newMkcgoErr("EVP_MAC_fetch", _err) ++int _mkcgo_EVP_PKEY_CTX_set1_hkdf_key(_EVP_PKEY_CTX_PTR _arg0, const unsigned char* _arg1, int _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_CTX_set1_hkdf_key(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_MAC_final uintptr -+ -+func EVP_MAC_final(ctx EVP_MAC_CTX_PTR, out []byte, outl *int) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_MAC_final, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(out))), uintptr(unsafe.Pointer(outl)), uintptr(len(out)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_MAC_final", _err) ++int _mkcgo_EVP_PKEY_CTX_set1_hkdf_salt(_EVP_PKEY_CTX_PTR _arg0, const unsigned char* _arg1, int _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_CTX_set1_hkdf_salt(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_MAC_init uintptr -+ -+func EVP_MAC_init(ctx EVP_MAC_CTX_PTR, key []byte, params OSSL_PARAM_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_MAC_init, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(key))), uintptr(len(key)), uintptr(params), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_MAC_init", _err) ++int _mkcgo_EVP_PKEY_CTX_set_hkdf_md(_EVP_PKEY_CTX_PTR _arg0, const _EVP_MD_PTR _arg1, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_CTX_set_hkdf_md(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_MAC_update uintptr -+ -+func EVP_MAC_update(ctx EVP_MAC_CTX_PTR, data []byte) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_MAC_update, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(data))), uintptr(len(data)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_MAC_update", _err) ++int _mkcgo_EVP_PKEY_CTX_set_hkdf_mode(_EVP_PKEY_CTX_PTR _arg0, int _arg1, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_CTX_set_hkdf_mode(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_MD_CTX_copy_ex uintptr -+ -+func EVP_MD_CTX_copy_ex(out EVP_MD_CTX_PTR, in EVP_MD_CTX_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_MD_CTX_copy_ex, uintptr(out), uintptr(in), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_MD_CTX_copy_ex", _err) ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_EC(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, const char* _arg3, mkcgo_err_state *_err_state) { ++ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_Q_keygen(_arg0, _arg1, _arg2, _arg3); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_MD_CTX_ctrl uintptr -+ -+func EVP_MD_CTX_ctrl(ctx EVP_MD_CTX_PTR, cmd int32, p1 int32, p2 unsafe.Pointer) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_MD_CTX_ctrl, uintptr(ctx), uintptr(cmd), uintptr(p1), uintptr(p2), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_MD_CTX_ctrl", _err) ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_ED25519(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, mkcgo_err_state *_err_state) { ++ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_Q_keygen(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_MD_CTX_free uintptr -+ -+func EVP_MD_CTX_free(ctx EVP_MD_CTX_PTR) { -+ syscallN(0, _mkcgo_EVP_MD_CTX_free, uintptr(ctx)) ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_RSA(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, size_t _arg3, mkcgo_err_state *_err_state) { ++ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_Q_keygen(_arg0, _arg1, _arg2, _arg3); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_MD_CTX_get_params uintptr -+ -+func EVP_MD_CTX_get_params(ctx EVP_MD_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_MD_CTX_get_params, uintptr(ctx), uintptr(params), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_MD_CTX_get_params", _err) ++int _mkcgo_EVP_PKEY_assign(_EVP_PKEY_PTR _arg0, int _arg1, void* _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_assign(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_MD_CTX_gettable_params uintptr -+ -+func EVP_MD_CTX_gettable_params(ctx EVP_MD_CTX_PTR) (OSSL_PARAM_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_MD_CTX_gettable_params, uintptr(ctx), uintptr(unsafe.Pointer(&_err))) -+ return OSSL_PARAM_PTR(r0), newMkcgoErr("EVP_MD_CTX_gettable_params", _err) ++int _mkcgo_EVP_PKEY_decrypt(_EVP_PKEY_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, const unsigned char* _arg3, size_t _arg4, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_decrypt(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_MD_CTX_new uintptr -+ -+func EVP_MD_CTX_new() (EVP_MD_CTX_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_MD_CTX_new, uintptr(unsafe.Pointer(&_err))) -+ return EVP_MD_CTX_PTR(r0), newMkcgoErr("EVP_MD_CTX_new", _err) ++int _mkcgo_EVP_PKEY_decrypt_init(_EVP_PKEY_CTX_PTR _arg0, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_decrypt_init(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_MD_CTX_set_params uintptr -+ -+func EVP_MD_CTX_set_params(ctx EVP_MD_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_MD_CTX_set_params, uintptr(ctx), uintptr(params), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_MD_CTX_set_params", _err) ++int _mkcgo_EVP_PKEY_derive(_EVP_PKEY_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_derive(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_MD_CTX_settable_params uintptr -+ -+func EVP_MD_CTX_settable_params(ctx EVP_MD_CTX_PTR) (OSSL_PARAM_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_MD_CTX_settable_params, uintptr(ctx), uintptr(unsafe.Pointer(&_err))) -+ return OSSL_PARAM_PTR(r0), newMkcgoErr("EVP_MD_CTX_settable_params", _err) ++int _mkcgo_EVP_PKEY_derive_init(_EVP_PKEY_CTX_PTR _arg0, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_derive_init(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_MD_fetch uintptr -+ -+func EVP_MD_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_MD_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_MD_fetch, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(algorithm))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(properties))), uintptr(unsafe.Pointer(&_err))) -+ return EVP_MD_PTR(r0), newMkcgoErr("EVP_MD_fetch", _err) ++int _mkcgo_EVP_PKEY_derive_set_peer(_EVP_PKEY_CTX_PTR _arg0, _EVP_PKEY_PTR _arg1, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_derive_set_peer(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_MD_free uintptr -+ -+func EVP_MD_free(md EVP_MD_PTR) { -+ syscallN(0, _mkcgo_EVP_MD_free, uintptr(md)) ++int _mkcgo_EVP_PKEY_encrypt(_EVP_PKEY_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, const unsigned char* _arg3, size_t _arg4, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_encrypt(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_MD_get0_name uintptr -+ -+func EVP_MD_get0_name(md EVP_MD_PTR) *byte { -+ r0, _ := syscallN(0, _mkcgo_EVP_MD_get0_name, uintptr(md)) -+ return (*byte)(unsafe.Pointer(r0)) ++int _mkcgo_EVP_PKEY_encrypt_init(_EVP_PKEY_CTX_PTR _arg0, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_encrypt_init(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_MD_get0_provider uintptr -+ -+func EVP_MD_get0_provider(md EVP_MD_PTR) OSSL_PROVIDER_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_MD_get0_provider, uintptr(md)) -+ return OSSL_PROVIDER_PTR(r0) ++void _mkcgo_EVP_PKEY_free(_EVP_PKEY_PTR _arg0) { ++ _g_EVP_PKEY_free(_arg0); +} + -+var _mkcgo_EVP_MD_get_block_size uintptr -+ -+func EVP_MD_get_block_size(md EVP_MD_PTR) int32 { -+ r0, _ := syscallN(0, _mkcgo_EVP_MD_get_block_size, uintptr(md)) -+ return int32(r0) ++int _mkcgo_EVP_PKEY_fromdata(_EVP_PKEY_CTX_PTR _arg0, _EVP_PKEY_PTR* _arg1, int _arg2, _OSSL_PARAM_PTR _arg3, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_fromdata(_arg0, _arg1, _arg2, _arg3); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_MD_get_size uintptr -+ -+func EVP_MD_get_size(md EVP_MD_PTR) int32 { -+ r0, _ := syscallN(0, _mkcgo_EVP_MD_get_size, uintptr(md)) -+ return int32(r0) ++int _mkcgo_EVP_PKEY_fromdata_init(_EVP_PKEY_CTX_PTR _arg0, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_fromdata_init(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_MD_get_type uintptr -+ -+func EVP_MD_get_type(md EVP_MD_PTR) int32 { -+ r0, _ := syscallN(0, _mkcgo_EVP_MD_get_type, uintptr(md)) -+ return int32(r0) ++_DSA_PTR _mkcgo_EVP_PKEY_get0_DSA(_EVP_PKEY_PTR _arg0, mkcgo_err_state *_err_state) { ++ _DSA_PTR _ret = _g_EVP_PKEY_get0_DSA(_arg0); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_PKEY_CTX_add1_hkdf_info uintptr -+ -+func EVP_PKEY_CTX_add1_hkdf_info(arg0 EVP_PKEY_CTX_PTR, arg1 []byte) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_CTX_add1_hkdf_info, uintptr(arg0), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(arg1)))), uintptr(len(arg1)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_CTX_add1_hkdf_info", _err) ++_EC_KEY_PTR _mkcgo_EVP_PKEY_get0_EC_KEY(_EVP_PKEY_PTR _arg0, mkcgo_err_state *_err_state) { ++ _EC_KEY_PTR _ret = _g_EVP_PKEY_get0_EC_KEY(_arg0); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_PKEY_CTX_ctrl uintptr -+ -+func EVP_PKEY_CTX_ctrl(ctx EVP_PKEY_CTX_PTR, keytype int32, optype int32, cmd int32, p1 int32, p2 unsafe.Pointer) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_CTX_ctrl, uintptr(ctx), uintptr(keytype), uintptr(optype), uintptr(cmd), uintptr(p1), uintptr(p2), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_CTX_ctrl", _err) ++_RSA_PTR _mkcgo_EVP_PKEY_get1_RSA(_EVP_PKEY_PTR _arg0, mkcgo_err_state *_err_state) { ++ _RSA_PTR _ret = _g_EVP_PKEY_get1_RSA(_arg0); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_PKEY_CTX_free uintptr -+ -+func EVP_PKEY_CTX_free(arg0 EVP_PKEY_CTX_PTR) { -+ syscallN(0, _mkcgo_EVP_PKEY_CTX_free, uintptr(arg0)) ++size_t _mkcgo_EVP_PKEY_get1_encoded_public_key(_EVP_PKEY_PTR _arg0, unsigned char** _arg1, mkcgo_err_state *_err_state) { ++ size_t _ret = _g_EVP_PKEY_get1_encoded_public_key(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_PKEY_CTX_new uintptr -+ -+func EVP_PKEY_CTX_new(arg0 EVP_PKEY_PTR, arg1 ENGINE_PTR) (EVP_PKEY_CTX_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_CTX_new, uintptr(arg0), uintptr(arg1), uintptr(unsafe.Pointer(&_err))) -+ return EVP_PKEY_CTX_PTR(r0), newMkcgoErr("EVP_PKEY_CTX_new", _err) ++int _mkcgo_EVP_PKEY_get_bits(const _EVP_PKEY_PTR _arg0, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_get_bits(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_PKEY_CTX_new_from_pkey uintptr -+ -+func EVP_PKEY_CTX_new_from_pkey(libctx OSSL_LIB_CTX_PTR, pkey EVP_PKEY_PTR, propquery *byte) (EVP_PKEY_CTX_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_CTX_new_from_pkey, uintptr(libctx), uintptr(pkey), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(propquery))), uintptr(unsafe.Pointer(&_err))) -+ return EVP_PKEY_CTX_PTR(r0), newMkcgoErr("EVP_PKEY_CTX_new_from_pkey", _err) ++int _mkcgo_EVP_PKEY_get_bn_param(const _EVP_PKEY_PTR _arg0, const char* _arg1, _BIGNUM_PTR* _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_get_bn_param(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_PKEY_CTX_new_id uintptr -+ -+func EVP_PKEY_CTX_new_id(id int32, e ENGINE_PTR) (EVP_PKEY_CTX_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_CTX_new_id, uintptr(id), uintptr(e), uintptr(unsafe.Pointer(&_err))) -+ return EVP_PKEY_CTX_PTR(r0), newMkcgoErr("EVP_PKEY_CTX_new_id", _err) ++int _mkcgo_EVP_PKEY_get_raw_private_key(const _EVP_PKEY_PTR _arg0, unsigned char* _arg1, size_t* _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_get_raw_private_key(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_PKEY_CTX_set0_rsa_oaep_label uintptr -+ -+func EVP_PKEY_CTX_set0_rsa_oaep_label(ctx EVP_PKEY_CTX_PTR, label []byte) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_CTX_set0_rsa_oaep_label, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(label)))), uintptr(len(label)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_CTX_set0_rsa_oaep_label", _err) ++int _mkcgo_EVP_PKEY_get_raw_public_key(const _EVP_PKEY_PTR _arg0, unsigned char* _arg1, size_t* _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_get_raw_public_key(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_PKEY_CTX_set1_hkdf_key uintptr -+ -+func EVP_PKEY_CTX_set1_hkdf_key(arg0 EVP_PKEY_CTX_PTR, arg1 []byte) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_CTX_set1_hkdf_key, uintptr(arg0), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(arg1)))), uintptr(len(arg1)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_CTX_set1_hkdf_key", _err) ++int _mkcgo_EVP_PKEY_get_size(const _EVP_PKEY_PTR _arg0, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_get_size(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_PKEY_CTX_set1_hkdf_salt uintptr -+ -+func EVP_PKEY_CTX_set1_hkdf_salt(arg0 EVP_PKEY_CTX_PTR, arg1 []byte) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_CTX_set1_hkdf_salt, uintptr(arg0), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(arg1)))), uintptr(len(arg1)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_CTX_set1_hkdf_salt", _err) ++int _mkcgo_EVP_PKEY_keygen(_EVP_PKEY_CTX_PTR _arg0, _EVP_PKEY_PTR* _arg1, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_keygen(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_PKEY_CTX_set_hkdf_md uintptr -+ -+func EVP_PKEY_CTX_set_hkdf_md(arg0 EVP_PKEY_CTX_PTR, arg1 EVP_MD_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_CTX_set_hkdf_md, uintptr(arg0), uintptr(arg1), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_CTX_set_hkdf_md", _err) ++int _mkcgo_EVP_PKEY_keygen_init(_EVP_PKEY_CTX_PTR _arg0, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_keygen_init(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_PKEY_CTX_set_hkdf_mode uintptr -+ -+func EVP_PKEY_CTX_set_hkdf_mode(arg0 EVP_PKEY_CTX_PTR, arg1 int32) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_CTX_set_hkdf_mode, uintptr(arg0), uintptr(arg1), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_CTX_set_hkdf_mode", _err) ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new(mkcgo_err_state *_err_state) { ++ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_new(); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_PKEY_CTX_set_params uintptr -+ -+func EVP_PKEY_CTX_set_params(ctx EVP_PKEY_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_CTX_set_params, uintptr(ctx), uintptr(params), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_CTX_set_params", _err) ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new_raw_private_key(int _arg0, _ENGINE_PTR _arg1, const unsigned char* _arg2, size_t _arg3, mkcgo_err_state *_err_state) { ++ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_new_raw_private_key(_arg0, _arg1, _arg2, _arg3); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_PKEY_Q_keygen uintptr -+ -+func EVP_PKEY_Q_keygen_EC(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte, arg1 *byte) (EVP_PKEY_PTR, error) { -+ var _err uintptr -+ var r0 uintptr -+ if runtime.GOOS == "darwin" && runtime.GOARCH == "arm64" { -+ r0, _ = syscallN(1, _mkcgo_EVP_PKEY_Q_keygen, uintptr(ctx), uintptr(unsafe.Pointer(propq)), uintptr(unsafe.Pointer(__type)), 0, 0, 0, 0, 0, uintptr(unsafe.Pointer(arg1)), uintptr(unsafe.Pointer(&_err))) -+ } else { -+ r0, _ = syscallN(1, _mkcgo_EVP_PKEY_Q_keygen, uintptr(ctx), uintptr(unsafe.Pointer(propq)), uintptr(unsafe.Pointer(__type)), uintptr(unsafe.Pointer(arg1)), uintptr(unsafe.Pointer(&_err))) -+ } -+ return EVP_PKEY_PTR(r0), newMkcgoErr("EVP_PKEY_Q_keygen_EC", _err) ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new_raw_public_key(int _arg0, _ENGINE_PTR _arg1, const unsigned char* _arg2, size_t _arg3, mkcgo_err_state *_err_state) { ++ _EVP_PKEY_PTR _ret = _g_EVP_PKEY_new_raw_public_key(_arg0, _arg1, _arg2, _arg3); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+func EVP_PKEY_Q_keygen_ED25519(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte) (EVP_PKEY_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_Q_keygen, uintptr(ctx), uintptr(unsafe.Pointer(propq)), uintptr(unsafe.Pointer(__type)), uintptr(unsafe.Pointer(&_err))) -+ return EVP_PKEY_PTR(r0), newMkcgoErr("EVP_PKEY_Q_keygen_ED25519", _err) ++int _mkcgo_EVP_PKEY_paramgen(_EVP_PKEY_CTX_PTR _arg0, _EVP_PKEY_PTR* _arg1, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_paramgen(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+func EVP_PKEY_Q_keygen_MLDSA(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte) (EVP_PKEY_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_Q_keygen, uintptr(ctx), uintptr(unsafe.Pointer(propq)), uintptr(unsafe.Pointer(__type)), uintptr(unsafe.Pointer(&_err))) -+ return EVP_PKEY_PTR(r0), newMkcgoErr("EVP_PKEY_Q_keygen_MLDSA", _err) ++int _mkcgo_EVP_PKEY_paramgen_init(_EVP_PKEY_CTX_PTR _arg0, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_paramgen_init(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+func EVP_PKEY_Q_keygen_MLKEM(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte) (EVP_PKEY_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_Q_keygen, uintptr(ctx), uintptr(unsafe.Pointer(propq)), uintptr(unsafe.Pointer(__type)), uintptr(unsafe.Pointer(&_err))) -+ return EVP_PKEY_PTR(r0), newMkcgoErr("EVP_PKEY_Q_keygen_MLKEM", _err) ++int _mkcgo_EVP_PKEY_private_check(_EVP_PKEY_CTX_PTR _arg0, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_private_check(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+func EVP_PKEY_Q_keygen_RSA(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte, arg1 int) (EVP_PKEY_PTR, error) { -+ var _err uintptr -+ var r0 uintptr -+ if runtime.GOOS == "darwin" && runtime.GOARCH == "arm64" { -+ r0, _ = syscallN(1, _mkcgo_EVP_PKEY_Q_keygen, uintptr(ctx), uintptr(unsafe.Pointer(propq)), uintptr(unsafe.Pointer(__type)), 0, 0, 0, 0, 0, uintptr(arg1), uintptr(unsafe.Pointer(&_err))) -+ } else { -+ r0, _ = syscallN(1, _mkcgo_EVP_PKEY_Q_keygen, uintptr(ctx), uintptr(unsafe.Pointer(propq)), uintptr(unsafe.Pointer(__type)), uintptr(arg1), uintptr(unsafe.Pointer(&_err))) -+ } -+ return EVP_PKEY_PTR(r0), newMkcgoErr("EVP_PKEY_Q_keygen_RSA", _err) ++int _mkcgo_EVP_PKEY_public_check_quick(_EVP_PKEY_CTX_PTR _arg0, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_public_check_quick(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+func EVP_PKEY_Q_keygen_X25519(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte) (EVP_PKEY_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_Q_keygen, uintptr(ctx), uintptr(unsafe.Pointer(propq)), uintptr(unsafe.Pointer(__type)), uintptr(unsafe.Pointer(&_err))) -+ return EVP_PKEY_PTR(r0), newMkcgoErr("EVP_PKEY_Q_keygen_X25519", _err) ++int _mkcgo_EVP_PKEY_set1_EC_KEY(_EVP_PKEY_PTR _arg0, _EC_KEY_PTR _arg1, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_set1_EC_KEY(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_PKEY_assign uintptr -+ -+func EVP_PKEY_assign(pkey EVP_PKEY_PTR, __type int32, key unsafe.Pointer) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_assign, uintptr(pkey), uintptr(__type), uintptr(key), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_assign", _err) ++int _mkcgo_EVP_PKEY_set1_encoded_public_key(_EVP_PKEY_PTR _arg0, const unsigned char* _arg1, size_t _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_set1_encoded_public_key(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_PKEY_decapsulate uintptr -+ -+func EVP_PKEY_decapsulate(ctx EVP_PKEY_CTX_PTR, genkey *byte, genkeylen *int, wrappedkey *byte, wrappedkeylen int) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_decapsulate, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(genkey))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(genkeylen))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(wrappedkey))), uintptr(wrappedkeylen), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_decapsulate", _err) ++int _mkcgo_EVP_PKEY_sign(_EVP_PKEY_CTX_PTR _arg0, unsigned char* _arg1, size_t* _arg2, const unsigned char* _arg3, size_t _arg4, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_sign(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_PKEY_decapsulate_init uintptr -+ -+func EVP_PKEY_decapsulate_init(ctx EVP_PKEY_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_decapsulate_init, uintptr(ctx), uintptr(params), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_decapsulate_init", _err) ++int _mkcgo_EVP_PKEY_sign_init(_EVP_PKEY_CTX_PTR _arg0, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_sign_init(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_PKEY_decrypt uintptr -+ -+func EVP_PKEY_decrypt(arg0 EVP_PKEY_CTX_PTR, arg1 []byte, arg2 *int, arg3 []byte) (int32, error) { -+ if arg2 != nil && int(*arg2) > len(arg1) { -+ panic("EVP_PKEY_decrypt: *arg2 exceeds len(arg1)") -+ } -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_decrypt, uintptr(arg0), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(arg1)))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(arg2))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(arg3)))), uintptr(len(arg3)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_decrypt", _err) ++int _mkcgo_EVP_PKEY_up_ref(_EVP_PKEY_PTR _arg0, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_up_ref(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_PKEY_decrypt_init uintptr -+ -+func EVP_PKEY_decrypt_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_decrypt_init, uintptr(arg0), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_decrypt_init", _err) ++int _mkcgo_EVP_PKEY_verify(_EVP_PKEY_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, const unsigned char* _arg3, size_t _arg4, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_verify(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_PKEY_derive uintptr -+ -+func EVP_PKEY_derive(ctx EVP_PKEY_CTX_PTR, key []byte, keylen *int) (int32, error) { -+ if keylen != nil && int(*keylen) > len(key) { -+ panic("EVP_PKEY_derive: *keylen exceeds len(key)") -+ } -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_derive, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(key))), uintptr(unsafe.Pointer(keylen)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_derive", _err) ++int _mkcgo_EVP_PKEY_verify_init(_EVP_PKEY_CTX_PTR _arg0, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_PKEY_verify_init(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_PKEY_derive_init uintptr -+ -+func EVP_PKEY_derive_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_derive_init, uintptr(ctx), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_derive_init", _err) ++_EVP_SIGNATURE_PTR _mkcgo_EVP_SIGNATURE_fetch(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, const char* _arg2, mkcgo_err_state *_err_state) { ++ _EVP_SIGNATURE_PTR _ret = _g_EVP_SIGNATURE_fetch(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_PKEY_derive_set_peer uintptr -+ -+func EVP_PKEY_derive_set_peer(ctx EVP_PKEY_CTX_PTR, peer EVP_PKEY_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_derive_set_peer, uintptr(ctx), uintptr(peer), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_derive_set_peer", _err) ++void _mkcgo_EVP_SIGNATURE_free(_EVP_SIGNATURE_PTR _arg0) { ++ _g_EVP_SIGNATURE_free(_arg0); +} + -+var _mkcgo_EVP_PKEY_encapsulate uintptr -+ -+func EVP_PKEY_encapsulate(ctx EVP_PKEY_CTX_PTR, wrappedkey *byte, wrappedkeylen *int, genkey *byte, genkeylen *int) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_encapsulate, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(wrappedkey))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(wrappedkeylen))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(genkey))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(genkeylen))), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_encapsulate", _err) ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_cbc(void) { ++ return _g_EVP_aes_128_cbc(); +} + -+var _mkcgo_EVP_PKEY_encapsulate_init uintptr -+ -+func EVP_PKEY_encapsulate_init(ctx EVP_PKEY_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_encapsulate_init, uintptr(ctx), uintptr(params), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_encapsulate_init", _err) ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_ctr(void) { ++ return _g_EVP_aes_128_ctr(); +} + -+var _mkcgo_EVP_PKEY_encrypt uintptr -+ -+func EVP_PKEY_encrypt(arg0 EVP_PKEY_CTX_PTR, arg1 []byte, arg2 *int, arg3 []byte) (int32, error) { -+ if arg2 != nil && int(*arg2) > len(arg1) { -+ panic("EVP_PKEY_encrypt: *arg2 exceeds len(arg1)") -+ } -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_encrypt, uintptr(arg0), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(arg1)))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(arg2))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(arg3)))), uintptr(len(arg3)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_encrypt", _err) ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_ecb(void) { ++ return _g_EVP_aes_128_ecb(); +} + -+var _mkcgo_EVP_PKEY_encrypt_init uintptr -+ -+func EVP_PKEY_encrypt_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_encrypt_init, uintptr(arg0), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_encrypt_init", _err) ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_gcm(void) { ++ return _g_EVP_aes_128_gcm(); +} + -+var _mkcgo_EVP_PKEY_free uintptr -+ -+func EVP_PKEY_free(arg0 EVP_PKEY_PTR) { -+ syscallN(0, _mkcgo_EVP_PKEY_free, uintptr(arg0)) ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_cbc(void) { ++ return _g_EVP_aes_192_cbc(); +} + -+var _mkcgo_EVP_PKEY_fromdata uintptr -+ -+func EVP_PKEY_fromdata(ctx EVP_PKEY_CTX_PTR, pkey *EVP_PKEY_PTR, selection int32, params OSSL_PARAM_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_fromdata, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(pkey))), uintptr(selection), uintptr(params), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_fromdata", _err) ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_ctr(void) { ++ return _g_EVP_aes_192_ctr(); +} + -+var _mkcgo_EVP_PKEY_fromdata_init uintptr -+ -+func EVP_PKEY_fromdata_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_fromdata_init, uintptr(ctx), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_fromdata_init", _err) ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_ecb(void) { ++ return _g_EVP_aes_192_ecb(); +} + -+var _mkcgo_EVP_PKEY_get0_DSA uintptr -+ -+func EVP_PKEY_get0_DSA(pkey EVP_PKEY_PTR) (DSA_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_get0_DSA, uintptr(pkey), uintptr(unsafe.Pointer(&_err))) -+ return DSA_PTR(r0), newMkcgoErr("EVP_PKEY_get0_DSA", _err) ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_gcm(void) { ++ return _g_EVP_aes_192_gcm(); +} + -+var _mkcgo_EVP_PKEY_get0_EC_KEY uintptr -+ -+func EVP_PKEY_get0_EC_KEY(pkey EVP_PKEY_PTR) (EC_KEY_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_get0_EC_KEY, uintptr(pkey), uintptr(unsafe.Pointer(&_err))) -+ return EC_KEY_PTR(r0), newMkcgoErr("EVP_PKEY_get0_EC_KEY", _err) ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_cbc(void) { ++ return _g_EVP_aes_256_cbc(); +} + -+var _mkcgo_EVP_PKEY_get1_RSA uintptr -+ -+func EVP_PKEY_get1_RSA(pkey EVP_PKEY_PTR) (RSA_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_get1_RSA, uintptr(pkey), uintptr(unsafe.Pointer(&_err))) -+ return RSA_PTR(r0), newMkcgoErr("EVP_PKEY_get1_RSA", _err) ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_ctr(void) { ++ return _g_EVP_aes_256_ctr(); +} + -+var _mkcgo_EVP_PKEY_get1_encoded_public_key uintptr -+ -+func EVP_PKEY_get1_encoded_public_key(pkey EVP_PKEY_PTR, ppub **byte) (int, error) { -+ var _err uintptr -+ r0, _ := syscallN(4, _mkcgo_EVP_PKEY_get1_encoded_public_key, uintptr(pkey), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(ppub))), uintptr(unsafe.Pointer(&_err))) -+ return int(r0), newMkcgoErr("EVP_PKEY_get1_encoded_public_key", _err) ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_ecb(void) { ++ return _g_EVP_aes_256_ecb(); +} + -+var _mkcgo_EVP_PKEY_get_bits uintptr -+ -+func EVP_PKEY_get_bits(pkey EVP_PKEY_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_get_bits, uintptr(pkey), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_get_bits", _err) ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_gcm(void) { ++ return _g_EVP_aes_256_gcm(); +} + -+var _mkcgo_EVP_PKEY_get_bn_param uintptr -+ -+func EVP_PKEY_get_bn_param(pkey EVP_PKEY_PTR, key_name *byte, bn *BIGNUM_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_get_bn_param, uintptr(pkey), uintptr(unsafe.Pointer(key_name)), uintptr(unsafe.Pointer(bn)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_get_bn_param", _err) ++int _mkcgo_EVP_default_properties_enable_fips(_OSSL_LIB_CTX_PTR _arg0, int _arg1, mkcgo_err_state *_err_state) { ++ int _ret = _g_EVP_default_properties_enable_fips(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_PKEY_get_octet_string_param uintptr -+ -+func EVP_PKEY_get_octet_string_param(pkey EVP_PKEY_PTR, key_name *byte, buf []byte, out_len *int) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_get_octet_string_param, uintptr(pkey), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(key_name))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(buf)))), uintptr(len(buf)), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(out_len))), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_get_octet_string_param", _err) ++int _mkcgo_EVP_default_properties_is_fips_enabled(_OSSL_LIB_CTX_PTR _arg0) { ++ return _g_EVP_default_properties_is_fips_enabled(_arg0); +} + -+var _mkcgo_EVP_PKEY_get_raw_private_key uintptr -+ -+func EVP_PKEY_get_raw_private_key(pkey EVP_PKEY_PTR, priv []byte, privlen *int) (int32, error) { -+ if privlen != nil && int(*privlen) > len(priv) { -+ panic("EVP_PKEY_get_raw_private_key: *privlen exceeds len(priv)") -+ } -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_get_raw_private_key, uintptr(pkey), uintptr(unsafe.Pointer(unsafe.SliceData(priv))), uintptr(unsafe.Pointer(privlen)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_get_raw_private_key", _err) ++const _EVP_CIPHER_PTR _mkcgo_EVP_des_cbc(void) { ++ return _g_EVP_des_cbc(); +} + -+var _mkcgo_EVP_PKEY_get_raw_public_key uintptr -+ -+func EVP_PKEY_get_raw_public_key(pkey EVP_PKEY_PTR, pub []byte, publen *int) (int32, error) { -+ if publen != nil && int(*publen) > len(pub) { -+ panic("EVP_PKEY_get_raw_public_key: *publen exceeds len(pub)") -+ } -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_get_raw_public_key, uintptr(pkey), uintptr(unsafe.Pointer(unsafe.SliceData(pub))), uintptr(unsafe.Pointer(publen)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_get_raw_public_key", _err) ++const _EVP_CIPHER_PTR _mkcgo_EVP_des_ecb(void) { ++ return _g_EVP_des_ecb(); +} + -+var _mkcgo_EVP_PKEY_get_size uintptr -+ -+func EVP_PKEY_get_size(pkey EVP_PKEY_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_get_size, uintptr(pkey), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_get_size", _err) ++const _EVP_CIPHER_PTR _mkcgo_EVP_des_ede3_cbc(void) { ++ return _g_EVP_des_ede3_cbc(); +} + -+var _mkcgo_EVP_PKEY_keygen uintptr -+ -+func EVP_PKEY_keygen(ctx EVP_PKEY_CTX_PTR, ppkey *EVP_PKEY_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_keygen, uintptr(ctx), uintptr(unsafe.Pointer(ppkey)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_keygen", _err) ++const _EVP_CIPHER_PTR _mkcgo_EVP_des_ede3_ecb(void) { ++ return _g_EVP_des_ede3_ecb(); +} + -+var _mkcgo_EVP_PKEY_keygen_init uintptr -+ -+func EVP_PKEY_keygen_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_keygen_init, uintptr(ctx), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_keygen_init", _err) ++const _EVP_MD_PTR _mkcgo_EVP_md4(void) { ++ return _g_EVP_md4(); +} + -+var _mkcgo_EVP_PKEY_new uintptr -+ -+func EVP_PKEY_new() (EVP_PKEY_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_new, uintptr(unsafe.Pointer(&_err))) -+ return EVP_PKEY_PTR(r0), newMkcgoErr("EVP_PKEY_new", _err) ++const _EVP_MD_PTR _mkcgo_EVP_md5(void) { ++ return _g_EVP_md5(); +} + -+var _mkcgo_EVP_PKEY_new_raw_private_key uintptr -+ -+func EVP_PKEY_new_raw_private_key(__type int32, e ENGINE_PTR, key []byte) (EVP_PKEY_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_new_raw_private_key, uintptr(__type), uintptr(e), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(key)))), uintptr(len(key)), uintptr(unsafe.Pointer(&_err))) -+ return EVP_PKEY_PTR(r0), newMkcgoErr("EVP_PKEY_new_raw_private_key", _err) ++const _EVP_MD_PTR _mkcgo_EVP_md5_sha1(void) { ++ return _g_EVP_md5_sha1(); +} + -+var _mkcgo_EVP_PKEY_new_raw_public_key uintptr -+ -+func EVP_PKEY_new_raw_public_key(__type int32, e ENGINE_PTR, key []byte) (EVP_PKEY_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_PKEY_new_raw_public_key, uintptr(__type), uintptr(e), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(key)))), uintptr(len(key)), uintptr(unsafe.Pointer(&_err))) -+ return EVP_PKEY_PTR(r0), newMkcgoErr("EVP_PKEY_new_raw_public_key", _err) ++const _EVP_CIPHER_PTR _mkcgo_EVP_rc4(void) { ++ return _g_EVP_rc4(); +} + -+var _mkcgo_EVP_PKEY_paramgen uintptr -+ -+func EVP_PKEY_paramgen(ctx EVP_PKEY_CTX_PTR, ppkey *EVP_PKEY_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_paramgen, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(ppkey))), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_paramgen", _err) ++const _EVP_MD_PTR _mkcgo_EVP_ripemd160(void) { ++ return _g_EVP_ripemd160(); +} + -+var _mkcgo_EVP_PKEY_paramgen_init uintptr -+ -+func EVP_PKEY_paramgen_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_paramgen_init, uintptr(ctx), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_paramgen_init", _err) ++const _EVP_MD_PTR _mkcgo_EVP_sha1(void) { ++ return _g_EVP_sha1(); +} + -+var _mkcgo_EVP_PKEY_private_check uintptr -+ -+func EVP_PKEY_private_check(ctx EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_private_check, uintptr(ctx), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_private_check", _err) ++const _EVP_MD_PTR _mkcgo_EVP_sha224(void) { ++ return _g_EVP_sha224(); +} + -+var _mkcgo_EVP_PKEY_public_check_quick uintptr -+ -+func EVP_PKEY_public_check_quick(ctx EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_public_check_quick, uintptr(ctx), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_public_check_quick", _err) ++const _EVP_MD_PTR _mkcgo_EVP_sha256(void) { ++ return _g_EVP_sha256(); +} + -+var _mkcgo_EVP_PKEY_set1_EC_KEY uintptr -+ -+func EVP_PKEY_set1_EC_KEY(pkey EVP_PKEY_PTR, key EC_KEY_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_set1_EC_KEY, uintptr(pkey), uintptr(key), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_set1_EC_KEY", _err) ++const _EVP_MD_PTR _mkcgo_EVP_sha384(void) { ++ return _g_EVP_sha384(); +} + -+var _mkcgo_EVP_PKEY_set1_encoded_public_key uintptr -+ -+func EVP_PKEY_set1_encoded_public_key(pkey EVP_PKEY_PTR, pub []byte) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_set1_encoded_public_key, uintptr(pkey), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(pub)))), uintptr(len(pub)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_set1_encoded_public_key", _err) ++const _EVP_MD_PTR _mkcgo_EVP_sha3_224(void) { ++ return _g_EVP_sha3_224(); +} + -+var _mkcgo_EVP_PKEY_sign uintptr -+ -+func EVP_PKEY_sign(arg0 EVP_PKEY_CTX_PTR, arg1 []byte, arg2 *int, arg3 []byte) (int32, error) { -+ if arg2 != nil && int(*arg2) > len(arg1) { -+ panic("EVP_PKEY_sign: *arg2 exceeds len(arg1)") -+ } -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_sign, uintptr(arg0), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(arg1)))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(arg2))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(arg3)))), uintptr(len(arg3)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_sign", _err) ++const _EVP_MD_PTR _mkcgo_EVP_sha3_256(void) { ++ return _g_EVP_sha3_256(); +} + -+var _mkcgo_EVP_PKEY_sign_init uintptr -+ -+func EVP_PKEY_sign_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_sign_init, uintptr(arg0), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_sign_init", _err) ++const _EVP_MD_PTR _mkcgo_EVP_sha3_384(void) { ++ return _g_EVP_sha3_384(); +} + -+var _mkcgo_EVP_PKEY_up_ref uintptr -+ -+func EVP_PKEY_up_ref(key EVP_PKEY_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_up_ref, uintptr(key), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_up_ref", _err) ++const _EVP_MD_PTR _mkcgo_EVP_sha3_512(void) { ++ return _g_EVP_sha3_512(); +} + -+var _mkcgo_EVP_PKEY_verify uintptr -+ -+func EVP_PKEY_verify(ctx EVP_PKEY_CTX_PTR, sig []byte, tbs []byte) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_verify, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(sig)))), uintptr(len(sig)), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(tbs)))), uintptr(len(tbs)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_verify", _err) ++const _EVP_MD_PTR _mkcgo_EVP_sha512(void) { ++ return _g_EVP_sha512(); +} + -+var _mkcgo_EVP_PKEY_verify_init uintptr -+ -+func EVP_PKEY_verify_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_PKEY_verify_init, uintptr(arg0), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_PKEY_verify_init", _err) ++const _EVP_MD_PTR _mkcgo_EVP_sha512_224(void) { ++ return _g_EVP_sha512_224(); +} + -+var _mkcgo_EVP_SIGNATURE_fetch uintptr -+ -+func EVP_SIGNATURE_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_SIGNATURE_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_EVP_SIGNATURE_fetch, uintptr(ctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(algorithm))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(properties))), uintptr(unsafe.Pointer(&_err))) -+ return EVP_SIGNATURE_PTR(r0), newMkcgoErr("EVP_SIGNATURE_fetch", _err) ++const _EVP_MD_PTR _mkcgo_EVP_sha512_256(void) { ++ return _g_EVP_sha512_256(); +} + -+var _mkcgo_EVP_SIGNATURE_free uintptr ++int _mkcgo_FIPS_mode(void) { ++ return _g_FIPS_mode(); ++} + -+func EVP_SIGNATURE_free(signature EVP_SIGNATURE_PTR) { -+ syscallN(0, _mkcgo_EVP_SIGNATURE_free, uintptr(signature)) ++int _mkcgo_FIPS_mode_set(int _arg0, mkcgo_err_state *_err_state) { ++ int _ret = _g_FIPS_mode_set(_arg0); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_aes_128_cbc uintptr ++int _mkcgo_HMAC_CTX_copy(_HMAC_CTX_PTR _arg0, _HMAC_CTX_PTR _arg1, mkcgo_err_state *_err_state) { ++ int _ret = _g_HMAC_CTX_copy(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} + -+func EVP_aes_128_cbc() EVP_CIPHER_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_aes_128_cbc) -+ return EVP_CIPHER_PTR(r0) ++void _mkcgo_HMAC_CTX_free(_HMAC_CTX_PTR _arg0) { ++ _g_HMAC_CTX_free(_arg0); +} + -+var _mkcgo_EVP_aes_128_ctr uintptr ++_HMAC_CTX_PTR _mkcgo_HMAC_CTX_new(mkcgo_err_state *_err_state) { ++ _HMAC_CTX_PTR _ret = _g_HMAC_CTX_new(); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; ++} + -+func EVP_aes_128_ctr() EVP_CIPHER_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_aes_128_ctr) -+ return EVP_CIPHER_PTR(r0) ++int _mkcgo_HMAC_Final(_HMAC_CTX_PTR _arg0, unsigned char* _arg1, unsigned int* _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_HMAC_Final(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_aes_128_ecb uintptr -+ -+func EVP_aes_128_ecb() EVP_CIPHER_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_aes_128_ecb) -+ return EVP_CIPHER_PTR(r0) ++int _mkcgo_HMAC_Init_ex(_HMAC_CTX_PTR _arg0, const void* _arg1, int _arg2, const _EVP_MD_PTR _arg3, _ENGINE_PTR _arg4, mkcgo_err_state *_err_state) { ++ int _ret = _g_HMAC_Init_ex(_arg0, _arg1, _arg2, _arg3, _arg4); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_aes_128_gcm uintptr -+ -+func EVP_aes_128_gcm() EVP_CIPHER_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_aes_128_gcm) -+ return EVP_CIPHER_PTR(r0) ++int _mkcgo_HMAC_Update(_HMAC_CTX_PTR _arg0, const unsigned char* _arg1, size_t _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_HMAC_Update(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_aes_192_cbc uintptr -+ -+func EVP_aes_192_cbc() EVP_CIPHER_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_aes_192_cbc) -+ return EVP_CIPHER_PTR(r0) ++const char* _mkcgo_OBJ_nid2sn(int _arg0) { ++ return _g_OBJ_nid2sn(_arg0); +} + -+var _mkcgo_EVP_aes_192_ctr uintptr -+ -+func EVP_aes_192_ctr() EVP_CIPHER_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_aes_192_ctr) -+ return EVP_CIPHER_PTR(r0) ++void _mkcgo_OPENSSL_init(void) { ++ _g_OPENSSL_init(); +} + -+var _mkcgo_EVP_aes_192_ecb uintptr -+ -+func EVP_aes_192_ecb() EVP_CIPHER_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_aes_192_ecb) -+ return EVP_CIPHER_PTR(r0) ++int _mkcgo_OPENSSL_init_crypto(uint64_t _arg0, const _OPENSSL_INIT_SETTINGS_PTR _arg1, mkcgo_err_state *_err_state) { ++ int _ret = _g_OPENSSL_init_crypto(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_aes_192_gcm uintptr -+ -+func EVP_aes_192_gcm() EVP_CIPHER_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_aes_192_gcm) -+ return EVP_CIPHER_PTR(r0) ++int _mkcgo_available_OPENSSL_version_major() { ++ return _g_OPENSSL_version_major != NULL; +} + -+var _mkcgo_EVP_aes_256_cbc uintptr -+ -+func EVP_aes_256_cbc() EVP_CIPHER_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_aes_256_cbc) -+ return EVP_CIPHER_PTR(r0) ++unsigned int _mkcgo_OPENSSL_version_major(void) { ++ return _g_OPENSSL_version_major(); +} + -+var _mkcgo_EVP_aes_256_ctr uintptr -+ -+func EVP_aes_256_ctr() EVP_CIPHER_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_aes_256_ctr) -+ return EVP_CIPHER_PTR(r0) ++int _mkcgo_available_OPENSSL_version_minor() { ++ return _g_OPENSSL_version_minor != NULL; +} + -+var _mkcgo_EVP_aes_256_ecb uintptr -+ -+func EVP_aes_256_ecb() EVP_CIPHER_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_aes_256_ecb) -+ return EVP_CIPHER_PTR(r0) ++unsigned int _mkcgo_OPENSSL_version_minor(void) { ++ return _g_OPENSSL_version_minor(); +} + -+var _mkcgo_EVP_aes_256_gcm uintptr -+ -+func EVP_aes_256_gcm() EVP_CIPHER_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_aes_256_gcm) -+ return EVP_CIPHER_PTR(r0) ++int _mkcgo_available_OPENSSL_version_patch() { ++ return _g_OPENSSL_version_patch != NULL; +} + -+func EVP_chacha20_poly1305_Available() bool { -+ return _mkcgo_EVP_chacha20_poly1305 != 0 ++unsigned int _mkcgo_OPENSSL_version_patch(void) { ++ return _g_OPENSSL_version_patch(); +} + -+var _mkcgo_EVP_chacha20_poly1305 uintptr -+ -+func EVP_chacha20_poly1305() EVP_CIPHER_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_chacha20_poly1305) -+ return EVP_CIPHER_PTR(r0) ++void _mkcgo_OSSL_PARAM_BLD_free(_OSSL_PARAM_BLD_PTR _arg0) { ++ _g_OSSL_PARAM_BLD_free(_arg0); +} + -+var _mkcgo_EVP_default_properties_enable_fips uintptr -+ -+func EVP_default_properties_enable_fips(libctx OSSL_LIB_CTX_PTR, enable int32) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_EVP_default_properties_enable_fips, uintptr(libctx), uintptr(enable), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("EVP_default_properties_enable_fips", _err) ++_OSSL_PARAM_BLD_PTR _mkcgo_OSSL_PARAM_BLD_new(mkcgo_err_state *_err_state) { ++ _OSSL_PARAM_BLD_PTR _ret = _g_OSSL_PARAM_BLD_new(); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_default_properties_is_fips_enabled uintptr -+ -+func EVP_default_properties_is_fips_enabled(libctx OSSL_LIB_CTX_PTR) int32 { -+ r0, _ := syscallN(0, _mkcgo_EVP_default_properties_is_fips_enabled, uintptr(libctx)) -+ return int32(r0) ++int _mkcgo_OSSL_PARAM_BLD_push_BN(_OSSL_PARAM_BLD_PTR _arg0, const char* _arg1, const _BIGNUM_PTR _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_OSSL_PARAM_BLD_push_BN(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_des_cbc uintptr -+ -+func EVP_des_cbc() EVP_CIPHER_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_des_cbc) -+ return EVP_CIPHER_PTR(r0) ++int _mkcgo_OSSL_PARAM_BLD_push_int32(_OSSL_PARAM_BLD_PTR _arg0, const char* _arg1, int32_t _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_OSSL_PARAM_BLD_push_int32(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_des_ecb uintptr -+ -+func EVP_des_ecb() EVP_CIPHER_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_des_ecb) -+ return EVP_CIPHER_PTR(r0) ++int _mkcgo_OSSL_PARAM_BLD_push_octet_string(_OSSL_PARAM_BLD_PTR _arg0, const char* _arg1, const void* _arg2, size_t _arg3, mkcgo_err_state *_err_state) { ++ int _ret = _g_OSSL_PARAM_BLD_push_octet_string(_arg0, _arg1, _arg2, _arg3); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_des_ede3_cbc uintptr -+ -+func EVP_des_ede3_cbc() EVP_CIPHER_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_des_ede3_cbc) -+ return EVP_CIPHER_PTR(r0) ++int _mkcgo_OSSL_PARAM_BLD_push_utf8_string(_OSSL_PARAM_BLD_PTR _arg0, const char* _arg1, const char* _arg2, size_t _arg3, mkcgo_err_state *_err_state) { ++ int _ret = _g_OSSL_PARAM_BLD_push_utf8_string(_arg0, _arg1, _arg2, _arg3); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_des_ede3_ecb uintptr -+ -+func EVP_des_ede3_ecb() EVP_CIPHER_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_des_ede3_ecb) -+ return EVP_CIPHER_PTR(r0) ++_OSSL_PARAM_PTR _mkcgo_OSSL_PARAM_BLD_to_param(_OSSL_PARAM_BLD_PTR _arg0, mkcgo_err_state *_err_state) { ++ _OSSL_PARAM_PTR _ret = _g_OSSL_PARAM_BLD_to_param(_arg0); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_md4 uintptr -+ -+func EVP_md4() EVP_MD_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_md4) -+ return EVP_MD_PTR(r0) ++void _mkcgo_OSSL_PARAM_free(_OSSL_PARAM_PTR _arg0) { ++ _g_OSSL_PARAM_free(_arg0); +} + -+var _mkcgo_EVP_md5 uintptr -+ -+func EVP_md5() EVP_MD_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_md5) -+ return EVP_MD_PTR(r0) ++const _OSSL_PARAM_PTR _mkcgo_OSSL_PARAM_locate_const(const _OSSL_PARAM_PTR _arg0, const char* _arg1, mkcgo_err_state *_err_state) { ++ const _OSSL_PARAM_PTR _ret = _g_OSSL_PARAM_locate_const(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_md5_sha1 uintptr -+ -+func EVP_md5_sha1() EVP_MD_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_md5_sha1) -+ return EVP_MD_PTR(r0) ++int _mkcgo_OSSL_PROVIDER_available(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1) { ++ return _g_OSSL_PROVIDER_available(_arg0, _arg1); +} + -+var _mkcgo_EVP_rc4 uintptr -+ -+func EVP_rc4() EVP_CIPHER_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_rc4) -+ return EVP_CIPHER_PTR(r0) ++const char* _mkcgo_OSSL_PROVIDER_get0_name(const _OSSL_PROVIDER_PTR _arg0) { ++ return _g_OSSL_PROVIDER_get0_name(_arg0); +} + -+var _mkcgo_EVP_ripemd160 uintptr -+ -+func EVP_ripemd160() EVP_MD_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_ripemd160) -+ return EVP_MD_PTR(r0) ++_OSSL_PROVIDER_PTR _mkcgo_OSSL_PROVIDER_try_load(_OSSL_LIB_CTX_PTR _arg0, const char* _arg1, int _arg2, mkcgo_err_state *_err_state) { ++ _OSSL_PROVIDER_PTR _ret = _g_OSSL_PROVIDER_try_load(_arg0, _arg1, _arg2); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_sha1 uintptr -+ -+func EVP_sha1() EVP_MD_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_sha1) -+ return EVP_MD_PTR(r0) ++const char* _mkcgo_OpenSSL_version(int _arg0) { ++ return _g_OpenSSL_version(_arg0); +} + -+var _mkcgo_EVP_sha224 uintptr -+ -+func EVP_sha224() EVP_MD_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_sha224) -+ return EVP_MD_PTR(r0) ++int _mkcgo_available_OpenSSL_version_num() { ++ return _g_OpenSSL_version_num != NULL; +} + -+var _mkcgo_EVP_sha256 uintptr -+ -+func EVP_sha256() EVP_MD_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_sha256) -+ return EVP_MD_PTR(r0) ++unsigned long _mkcgo_OpenSSL_version_num(void) { ++ return _g_OpenSSL_version_num(); +} + -+var _mkcgo_EVP_sha384 uintptr -+ -+func EVP_sha384() EVP_MD_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_sha384) -+ return EVP_MD_PTR(r0) ++int _mkcgo_PKCS5_PBKDF2_HMAC(const char* _arg0, int _arg1, const unsigned char* _arg2, int _arg3, int _arg4, const _EVP_MD_PTR _arg5, int _arg6, unsigned char* _arg7, mkcgo_err_state *_err_state) { ++ int _ret = _g_PKCS5_PBKDF2_HMAC(_arg0, _arg1, _arg2, _arg3, _arg4, _arg5, _arg6, _arg7); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_sha3_224 uintptr -+ -+func EVP_sha3_224() EVP_MD_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_sha3_224) -+ return EVP_MD_PTR(r0) ++int _mkcgo_RAND_bytes(unsigned char* _arg0, int _arg1, mkcgo_err_state *_err_state) { ++ int _ret = _g_RAND_bytes(_arg0, _arg1); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_sha3_256 uintptr -+ -+func EVP_sha3_256() EVP_MD_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_sha3_256) -+ return EVP_MD_PTR(r0) ++void _mkcgo_RSA_free(_RSA_PTR _arg0) { ++ _g_RSA_free(_arg0); +} + -+var _mkcgo_EVP_sha3_384 uintptr -+ -+func EVP_sha3_384() EVP_MD_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_sha3_384) -+ return EVP_MD_PTR(r0) ++void _mkcgo_RSA_get0_crt_params(const _RSA_PTR _arg0, const _BIGNUM_PTR* _arg1, const _BIGNUM_PTR* _arg2, const _BIGNUM_PTR* _arg3) { ++ _g_RSA_get0_crt_params(_arg0, _arg1, _arg2, _arg3); +} + -+var _mkcgo_EVP_sha3_512 uintptr -+ -+func EVP_sha3_512() EVP_MD_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_sha3_512) -+ return EVP_MD_PTR(r0) ++void _mkcgo_RSA_get0_factors(const _RSA_PTR _arg0, const _BIGNUM_PTR* _arg1, const _BIGNUM_PTR* _arg2) { ++ _g_RSA_get0_factors(_arg0, _arg1, _arg2); +} + -+var _mkcgo_EVP_sha512 uintptr -+ -+func EVP_sha512() EVP_MD_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_sha512) -+ return EVP_MD_PTR(r0) ++void _mkcgo_RSA_get0_key(const _RSA_PTR _arg0, const _BIGNUM_PTR* _arg1, const _BIGNUM_PTR* _arg2, const _BIGNUM_PTR* _arg3) { ++ _g_RSA_get0_key(_arg0, _arg1, _arg2, _arg3); +} + -+var _mkcgo_EVP_sha512_224 uintptr -+ -+func EVP_sha512_224() EVP_MD_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_sha512_224) -+ return EVP_MD_PTR(r0) ++_RSA_PTR _mkcgo_RSA_new(mkcgo_err_state *_err_state) { ++ _RSA_PTR _ret = _g_RSA_new(); ++ if (_ret == NULL) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_EVP_sha512_256 uintptr -+ -+func EVP_sha512_256() EVP_MD_PTR { -+ r0, _ := syscallN(0, _mkcgo_EVP_sha512_256) -+ return EVP_MD_PTR(r0) ++int _mkcgo_RSA_set0_crt_params(_RSA_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, _BIGNUM_PTR _arg3, mkcgo_err_state *_err_state) { ++ int _ret = _g_RSA_set0_crt_params(_arg0, _arg1, _arg2, _arg3); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_FIPS_mode uintptr -+ -+func FIPS_mode() int32 { -+ r0, _ := syscallN(0, _mkcgo_FIPS_mode) -+ return int32(r0) ++int _mkcgo_RSA_set0_factors(_RSA_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, mkcgo_err_state *_err_state) { ++ int _ret = _g_RSA_set0_factors(_arg0, _arg1, _arg2); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_FIPS_mode_set uintptr -+ -+func FIPS_mode_set(r int32) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_FIPS_mode_set, uintptr(r), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("FIPS_mode_set", _err) ++int _mkcgo_RSA_set0_key(_RSA_PTR _arg0, _BIGNUM_PTR _arg1, _BIGNUM_PTR _arg2, _BIGNUM_PTR _arg3, mkcgo_err_state *_err_state) { ++ int _ret = _g_RSA_set0_key(_arg0, _arg1, _arg2, _arg3); ++ if (_ret <= 0) *_err_state = mkcgo_err_retrieve(); ++ return _ret; +} + -+var _mkcgo_HMAC_CTX_copy uintptr +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.go +new file mode 100644 +index 00000000000000..9079f7a0cffc40 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.go +@@ -0,0 +1,1329 @@ ++// Code generated by mkcgo. DO NOT EDIT. ++ ++package ossl + -+func HMAC_CTX_copy(dest HMAC_CTX_PTR, src HMAC_CTX_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_HMAC_CTX_copy, uintptr(dest), uintptr(src), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("HMAC_CTX_copy", _err) -+} ++/* ++#cgo CFLAGS: -Wno-attributes ++#cgo unix LDFLAGS: -ldl + -+var _mkcgo_HMAC_CTX_free uintptr ++#include "zossl.h" ++*/ ++import "C" ++import "unsafe" + -+func HMAC_CTX_free(arg0 HMAC_CTX_PTR) { -+ syscallN(0, _mkcgo_HMAC_CTX_free, uintptr(arg0)) -+} ++const ( ++ POINT_CONVERSION_UNCOMPRESSED = 4 ++ OPENSSL_INIT_LOAD_CRYPTO_STRINGS = 0x00000002 ++ OPENSSL_INIT_ADD_ALL_CIPHERS = 0x00000004 ++ OPENSSL_INIT_ADD_ALL_DIGESTS = 0x00000008 ++ OPENSSL_INIT_LOAD_CONFIG = 0x00000040 ++ EVP_CTRL_GCM_GET_TAG = 0x10 ++ EVP_CTRL_GCM_SET_TAG = 0x11 ++ EVP_PKEY_CTRL_MD = 1 ++ EVP_PKEY_RSA = 6 ++ EVP_PKEY_EC = 408 ++ EVP_PKEY_TLS1_PRF = 1021 ++ EVP_PKEY_HKDF = 1036 ++ EVP_PKEY_ED25519 = 1087 ++ EVP_PKEY_DSA = 116 ++ EVP_PKEY_OP_DERIVE = (1 << 10) ++ EVP_MAX_MD_SIZE = 64 ++ EVP_PKEY_PUBLIC_KEY = 0x86 ++ EVP_PKEY_KEYPAIR = 0x87 ++ EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID = 0x1001 ++ EVP_KDF_HKDF_MODE_EXTRACT_ONLY = 1 ++ EVP_KDF_HKDF_MODE_EXPAND_ONLY = 2 ++ EVP_PKEY_CTRL_TLS_MD = 0x1000 ++ EVP_PKEY_CTRL_TLS_SECRET = 0x1001 ++ EVP_PKEY_CTRL_TLS_SEED = 0x1002 ++ EVP_PKEY_CTRL_HKDF_MD = 0x1003 ++ EVP_PKEY_CTRL_HKDF_SALT = 0x1004 ++ EVP_PKEY_CTRL_HKDF_KEY = 0x1005 ++ EVP_PKEY_CTRL_HKDF_INFO = 0x1006 ++ EVP_PKEY_CTRL_HKDF_MODE = 0x1007 ++ NID_X9_62_prime256v1 = 415 ++ NID_secp224r1 = 713 ++ NID_secp384r1 = 715 ++ NID_secp521r1 = 716 ++ RSA_PKCS1_PADDING = 1 ++ RSA_NO_PADDING = 3 ++ RSA_PKCS1_OAEP_PADDING = 4 ++ RSA_PKCS1_PSS_PADDING = 6 ++ RSA_PSS_SALTLEN_DIGEST = -1 ++ RSA_PSS_SALTLEN_AUTO = -2 ++ RSA_PSS_SALTLEN_MAX_SIGN = -2 ++ RSA_PSS_SALTLEN_MAX = -3 ++ EVP_PKEY_CTRL_RSA_PADDING = 0x1001 ++ EVP_PKEY_CTRL_RSA_PSS_SALTLEN = 0x1002 ++ EVP_PKEY_CTRL_RSA_KEYGEN_BITS = 0x1003 ++ EVP_PKEY_CTRL_RSA_MGF1_MD = 0x1005 ++ EVP_PKEY_CTRL_RSA_OAEP_MD = 0x1009 ++ EVP_PKEY_CTRL_RSA_OAEP_LABEL = 0x100A ++ EVP_PKEY_CTRL_DSA_PARAMGEN_BITS = 0x1001 ++ EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS = 0x1002 ++ OSSL_PARAM_INTEGER = 1 ++ OSSL_PARAM_OCTET_STRING = 5 ++) + -+var _mkcgo_HMAC_CTX_new uintptr ++type BIGNUM_PTR = C._BIGNUM_PTR ++type BN_CTX_PTR = C._BN_CTX_PTR ++type DSA_PTR = C._DSA_PTR ++type EC_GROUP_PTR = C._EC_GROUP_PTR ++type EC_KEY_PTR = C._EC_KEY_PTR ++type EC_POINT_PTR = C._EC_POINT_PTR ++type ENGINE_PTR = C._ENGINE_PTR ++type EVP_CIPHER_CTX_PTR = C._EVP_CIPHER_CTX_PTR ++type EVP_CIPHER_PTR = C._EVP_CIPHER_PTR ++type EVP_KDF_CTX_PTR = C._EVP_KDF_CTX_PTR ++type EVP_KDF_PTR = C._EVP_KDF_PTR ++type EVP_MAC_CTX_PTR = C._EVP_MAC_CTX_PTR ++type EVP_MAC_PTR = C._EVP_MAC_PTR ++type EVP_MD_CTX_PTR = C._EVP_MD_CTX_PTR ++type EVP_MD_PTR = C._EVP_MD_PTR ++type EVP_PKEY_CTX_PTR = C._EVP_PKEY_CTX_PTR ++type EVP_PKEY_PTR = C._EVP_PKEY_PTR ++type EVP_SIGNATURE_PTR = C._EVP_SIGNATURE_PTR ++type HMAC_CTX_PTR = C._HMAC_CTX_PTR ++type OPENSSL_INIT_SETTINGS_PTR = C._OPENSSL_INIT_SETTINGS_PTR ++type OSSL_LIB_CTX_PTR = C._OSSL_LIB_CTX_PTR ++type OSSL_PARAM_BLD_PTR = C._OSSL_PARAM_BLD_PTR ++type OSSL_PARAM_PTR = C._OSSL_PARAM_PTR ++type OSSL_PROVIDER_PTR = C._OSSL_PROVIDER_PTR ++type RSA_PTR = C._RSA_PTR ++type Point_conversion_form_t = C.point_conversion_form_t + -+func HMAC_CTX_new() (HMAC_CTX_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_HMAC_CTX_new, uintptr(unsafe.Pointer(&_err))) -+ return HMAC_CTX_PTR(r0), newMkcgoErr("HMAC_CTX_new", _err) ++func MkcgoLoad_(handle unsafe.Pointer) { ++ C.__mkcgo_load_(handle) +} + -+var _mkcgo_HMAC_Final uintptr ++func MkcgoUnload_() { ++ C.__mkcgo_unload_() ++} + -+func HMAC_Final(arg0 HMAC_CTX_PTR, arg1 []byte, arg2 *uint32) (int32, error) { -+ if arg2 != nil && int(*arg2) > len(arg1) { -+ panic("HMAC_Final: *arg2 exceeds len(arg1)") -+ } -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_HMAC_Final, uintptr(arg0), uintptr(unsafe.Pointer(unsafe.SliceData(arg1))), uintptr(unsafe.Pointer(arg2)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("HMAC_Final", _err) ++func MkcgoLoad_111(handle unsafe.Pointer) { ++ C.__mkcgo_load_111(handle) +} + -+var _mkcgo_HMAC_Init_ex uintptr ++func MkcgoUnload_111() { ++ C.__mkcgo_unload_111() ++} + -+func HMAC_Init_ex(arg0 HMAC_CTX_PTR, arg1 []byte, arg3 EVP_MD_PTR, arg4 ENGINE_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_HMAC_Init_ex, uintptr(arg0), uintptr(unsafe.Pointer(unsafe.SliceData(arg1))), uintptr(len(arg1)), uintptr(arg3), uintptr(arg4), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("HMAC_Init_ex", _err) ++func MkcgoLoad_3(handle unsafe.Pointer) { ++ C.__mkcgo_load_3(handle) +} + -+var _mkcgo_HMAC_Update uintptr ++func MkcgoUnload_3() { ++ C.__mkcgo_unload_3() ++} + -+func HMAC_Update(arg0 HMAC_CTX_PTR, arg1 []byte) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_HMAC_Update, uintptr(arg0), uintptr(unsafe.Pointer(unsafe.SliceData(arg1))), uintptr(len(arg1)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("HMAC_Update", _err) ++func MkcgoLoad_init_1(handle unsafe.Pointer) { ++ C.__mkcgo_load_init_1(handle) +} + -+var _mkcgo_OBJ_nid2sn uintptr ++func MkcgoUnload_init_1() { ++ C.__mkcgo_unload_init_1() ++} + -+func OBJ_nid2sn(n int32) *byte { -+ r0, _ := syscallN(0, _mkcgo_OBJ_nid2sn, uintptr(n)) -+ return (*byte)(unsafe.Pointer(r0)) ++func MkcgoLoad_init_3(handle unsafe.Pointer) { ++ C.__mkcgo_load_init_3(handle) +} + -+var _mkcgo_OPENSSL_init uintptr ++func MkcgoUnload_init_3() { ++ C.__mkcgo_unload_init_3() ++} + -+func OPENSSL_init() { -+ syscallN(0, _mkcgo_OPENSSL_init) ++func MkcgoLoad_legacy_1(handle unsafe.Pointer) { ++ C.__mkcgo_load_legacy_1(handle) +} + -+var _mkcgo_OPENSSL_init_crypto uintptr ++func MkcgoUnload_legacy_1() { ++ C.__mkcgo_unload_legacy_1() ++} + -+func OPENSSL_init_crypto(ops uint64, settings OPENSSL_INIT_SETTINGS_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_OPENSSL_init_crypto, uintptr(ops), uintptr(settings), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("OPENSSL_init_crypto", _err) ++func MkcgoLoad_version(handle unsafe.Pointer) { ++ C.__mkcgo_load_version(handle) +} + -+func OPENSSL_version_major_Available() bool { -+ return _mkcgo_OPENSSL_version_major != 0 ++func MkcgoUnload_version() { ++ C.__mkcgo_unload_version() +} + -+var _mkcgo_OPENSSL_version_major uintptr ++//go:nosplit ++func mkcgoNoEscape(p *C.mkcgo_err_state) *C.mkcgo_err_state { ++ x := uintptr(unsafe.Pointer(p)) ++ return (*C.mkcgo_err_state)(unsafe.Pointer(x ^ 0)) ++} + -+func OPENSSL_version_major() uint32 { -+ r0, _ := syscallN(0, _mkcgo_OPENSSL_version_major) -+ return uint32(r0) ++func BN_bin2bn(arg0 *byte, arg1 int32, arg2 BIGNUM_PTR) (BIGNUM_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_BN_bin2bn((*C.uchar)(unsafe.Pointer(arg0)), C.int(arg1), arg2, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("BN_bin2bn", _err) +} + -+func OPENSSL_version_minor_Available() bool { -+ return _mkcgo_OPENSSL_version_minor != 0 ++func BN_bn2binpad(a BIGNUM_PTR, to *byte, tolen int32) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_BN_bn2binpad(a, (*C.uchar)(unsafe.Pointer(to)), C.int(tolen), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("BN_bn2binpad", _err) +} + -+var _mkcgo_OPENSSL_version_minor uintptr ++func BN_bn2lebinpad(a BIGNUM_PTR, to *byte, tolen int32) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_BN_bn2lebinpad(a, (*C.uchar)(unsafe.Pointer(to)), C.int(tolen), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("BN_bn2lebinpad", _err) ++} + -+func OPENSSL_version_minor() uint32 { -+ r0, _ := syscallN(0, _mkcgo_OPENSSL_version_minor) -+ return uint32(r0) ++func BN_clear(arg0 BIGNUM_PTR) { ++ C._mkcgo_BN_clear(arg0) +} + -+func OPENSSL_version_patch_Available() bool { -+ return _mkcgo_OPENSSL_version_patch != 0 ++func BN_clear_free(arg0 BIGNUM_PTR) { ++ C._mkcgo_BN_clear_free(arg0) +} + -+var _mkcgo_OPENSSL_version_patch uintptr ++func BN_free(arg0 BIGNUM_PTR) { ++ C._mkcgo_BN_free(arg0) ++} + -+func OPENSSL_version_patch() uint32 { -+ r0, _ := syscallN(0, _mkcgo_OPENSSL_version_patch) -+ return uint32(r0) ++func BN_lebin2bn(s *byte, len int32, ret BIGNUM_PTR) (BIGNUM_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_BN_lebin2bn((*C.uchar)(unsafe.Pointer(s)), C.int(len), ret, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("BN_lebin2bn", _err) +} + -+var _mkcgo_OSSL_PARAM_BLD_free uintptr ++func BN_new() (BIGNUM_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_BN_new(mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("BN_new", _err) ++} + -+func OSSL_PARAM_BLD_free(bld OSSL_PARAM_BLD_PTR) { -+ syscallN(0, _mkcgo_OSSL_PARAM_BLD_free, uintptr(bld)) ++func BN_num_bits(arg0 BIGNUM_PTR) int32 { ++ return int32(C._mkcgo_BN_num_bits(arg0)) +} + -+var _mkcgo_OSSL_PARAM_BLD_new uintptr ++func CRYPTO_free(str unsafe.Pointer, file *byte, line int32) { ++ C._mkcgo_CRYPTO_free(str, (*C.char)(unsafe.Pointer(file)), C.int(line)) ++} + -+func OSSL_PARAM_BLD_new() OSSL_PARAM_BLD_PTR { -+ r0, _ := syscallN(0, _mkcgo_OSSL_PARAM_BLD_new) -+ return OSSL_PARAM_BLD_PTR(r0) ++func CRYPTO_malloc(num int, file *byte, line int32) (unsafe.Pointer, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_CRYPTO_malloc(C.size_t(num), (*C.char)(unsafe.Pointer(file)), C.int(line), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("CRYPTO_malloc", _err) +} + -+var _mkcgo_OSSL_PARAM_BLD_push_BN uintptr ++func DSA_free(r DSA_PTR) { ++ C._mkcgo_DSA_free(r) ++} + -+func OSSL_PARAM_BLD_push_BN(bld OSSL_PARAM_BLD_PTR, key *byte, bn BIGNUM_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_OSSL_PARAM_BLD_push_BN, uintptr(bld), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(key))), uintptr(bn), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("OSSL_PARAM_BLD_push_BN", _err) ++func DSA_generate_key(a DSA_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_DSA_generate_key(a, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("DSA_generate_key", _err) +} + -+var _mkcgo_OSSL_PARAM_BLD_push_int32 uintptr ++func DSA_get0_key(d DSA_PTR, pub_key *BIGNUM_PTR, priv_key *BIGNUM_PTR) { ++ C._mkcgo_DSA_get0_key(d, pub_key, priv_key) ++} + -+func OSSL_PARAM_BLD_push_int32(bld OSSL_PARAM_BLD_PTR, key *byte, num int32) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_OSSL_PARAM_BLD_push_int32, uintptr(bld), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(key))), uintptr(num), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("OSSL_PARAM_BLD_push_int32", _err) ++func DSA_get0_pqg(d DSA_PTR, p *BIGNUM_PTR, q *BIGNUM_PTR, g *BIGNUM_PTR) { ++ C._mkcgo_DSA_get0_pqg(d, p, q, g) +} + -+var _mkcgo_OSSL_PARAM_BLD_push_octet_string uintptr ++func DSA_new() (DSA_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_DSA_new(mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("DSA_new", _err) ++} + -+func OSSL_PARAM_BLD_push_octet_string(bld OSSL_PARAM_BLD_PTR, key *byte, buf []byte) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_OSSL_PARAM_BLD_push_octet_string, uintptr(bld), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(key))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(buf)))), uintptr(len(buf)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("OSSL_PARAM_BLD_push_octet_string", _err) ++func DSA_set0_key(d DSA_PTR, pub_key BIGNUM_PTR, priv_key BIGNUM_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_DSA_set0_key(d, pub_key, priv_key, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("DSA_set0_key", _err) +} + -+var _mkcgo_OSSL_PARAM_BLD_push_utf8_string uintptr ++func DSA_set0_pqg(d DSA_PTR, p BIGNUM_PTR, q BIGNUM_PTR, g BIGNUM_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_DSA_set0_pqg(d, p, q, g, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("DSA_set0_pqg", _err) ++} + -+func OSSL_PARAM_BLD_push_utf8_string(bld OSSL_PARAM_BLD_PTR, key *byte, buf []byte) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_OSSL_PARAM_BLD_push_utf8_string, uintptr(bld), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(key))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(buf)))), uintptr(len(buf)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("OSSL_PARAM_BLD_push_utf8_string", _err) ++func EC_GROUP_free(group EC_GROUP_PTR) { ++ C._mkcgo_EC_GROUP_free(group) +} + -+var _mkcgo_OSSL_PARAM_BLD_to_param uintptr ++func EC_GROUP_new_by_curve_name(nid int32) (EC_GROUP_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EC_GROUP_new_by_curve_name(C.int(nid), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EC_GROUP_new_by_curve_name", _err) ++} + -+func OSSL_PARAM_BLD_to_param(bld OSSL_PARAM_BLD_PTR) (OSSL_PARAM_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_OSSL_PARAM_BLD_to_param, uintptr(bld), uintptr(unsafe.Pointer(&_err))) -+ return OSSL_PARAM_PTR(r0), newMkcgoErr("OSSL_PARAM_BLD_to_param", _err) ++func EC_KEY_check_key(key EC_KEY_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EC_KEY_check_key(key, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EC_KEY_check_key", _err) +} + -+var _mkcgo_OSSL_PARAM_free uintptr ++func EC_KEY_free(arg0 EC_KEY_PTR) { ++ C._mkcgo_EC_KEY_free(arg0) ++} + -+func OSSL_PARAM_free(p OSSL_PARAM_PTR) { -+ syscallN(0, _mkcgo_OSSL_PARAM_free, uintptr(p)) ++func EC_KEY_get0_group(arg0 EC_KEY_PTR) EC_GROUP_PTR { ++ return C._mkcgo_EC_KEY_get0_group(arg0) +} + -+var _mkcgo_OSSL_PARAM_locate_const uintptr ++func EC_KEY_get0_private_key(arg0 EC_KEY_PTR) BIGNUM_PTR { ++ return C._mkcgo_EC_KEY_get0_private_key(arg0) ++} + -+func OSSL_PARAM_locate_const(p OSSL_PARAM_PTR, key *byte) (OSSL_PARAM_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_OSSL_PARAM_locate_const, uintptr(p), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(key))), uintptr(unsafe.Pointer(&_err))) -+ return OSSL_PARAM_PTR(r0), newMkcgoErr("OSSL_PARAM_locate_const", _err) ++func EC_KEY_get0_public_key(arg0 EC_KEY_PTR) EC_POINT_PTR { ++ return C._mkcgo_EC_KEY_get0_public_key(arg0) +} + -+var _mkcgo_OSSL_PROVIDER_available uintptr ++func EC_KEY_new_by_curve_name(arg0 int32) (EC_KEY_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EC_KEY_new_by_curve_name(C.int(arg0), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EC_KEY_new_by_curve_name", _err) ++} + -+func OSSL_PROVIDER_available(libctx OSSL_LIB_CTX_PTR, name *byte) int32 { -+ r0, _ := syscallN(0, _mkcgo_OSSL_PROVIDER_available, uintptr(libctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(name)))) -+ return int32(r0) ++func EC_KEY_set_private_key(arg0 EC_KEY_PTR, arg1 BIGNUM_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EC_KEY_set_private_key(arg0, arg1, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EC_KEY_set_private_key", _err) +} + -+var _mkcgo_OSSL_PROVIDER_get0_name uintptr ++func EC_KEY_set_public_key(key EC_KEY_PTR, pub EC_POINT_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EC_KEY_set_public_key(key, pub, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EC_KEY_set_public_key", _err) ++} + -+func OSSL_PROVIDER_get0_name(prov OSSL_PROVIDER_PTR) *byte { -+ r0, _ := syscallN(0, _mkcgo_OSSL_PROVIDER_get0_name, uintptr(prov)) -+ return (*byte)(unsafe.Pointer(r0)) ++func EC_KEY_set_public_key_affine_coordinates(key EC_KEY_PTR, x BIGNUM_PTR, y BIGNUM_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EC_KEY_set_public_key_affine_coordinates(key, x, y, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EC_KEY_set_public_key_affine_coordinates", _err) +} + -+var _mkcgo_OSSL_PROVIDER_try_load uintptr ++func EC_POINT_free(arg0 EC_POINT_PTR) { ++ C._mkcgo_EC_POINT_free(arg0) ++} + -+func OSSL_PROVIDER_try_load(libctx OSSL_LIB_CTX_PTR, name *byte, retain_fallbacks int32) (OSSL_PROVIDER_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_OSSL_PROVIDER_try_load, uintptr(libctx), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(name))), uintptr(retain_fallbacks), uintptr(unsafe.Pointer(&_err))) -+ return OSSL_PROVIDER_PTR(r0), newMkcgoErr("OSSL_PROVIDER_try_load", _err) ++func EC_POINT_get_affine_coordinates_GFp(arg0 EC_GROUP_PTR, arg1 EC_POINT_PTR, arg2 BIGNUM_PTR, arg3 BIGNUM_PTR, arg4 BN_CTX_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EC_POINT_get_affine_coordinates_GFp(arg0, arg1, arg2, arg3, arg4, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EC_POINT_get_affine_coordinates_GFp", _err) +} + -+var _mkcgo_OpenSSL_version uintptr ++func EC_POINT_mul(group EC_GROUP_PTR, r EC_POINT_PTR, n BIGNUM_PTR, q EC_POINT_PTR, m BIGNUM_PTR, ctx BN_CTX_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EC_POINT_mul(group, r, n, q, m, ctx, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EC_POINT_mul", _err) ++} + -+func OpenSSL_version(__type int32) *byte { -+ r0, _ := syscallN(0, _mkcgo_OpenSSL_version, uintptr(__type)) -+ return (*byte)(unsafe.Pointer(r0)) ++func EC_POINT_new(arg0 EC_GROUP_PTR) (EC_POINT_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EC_POINT_new(arg0, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EC_POINT_new", _err) +} + -+func OpenSSL_version_num_Available() bool { -+ return _mkcgo_OpenSSL_version_num != 0 ++func EC_POINT_oct2point(group EC_GROUP_PTR, p EC_POINT_PTR, buf *byte, len int, ctx BN_CTX_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EC_POINT_oct2point(group, p, (*C.uchar)(unsafe.Pointer(buf)), C.size_t(len), ctx, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EC_POINT_oct2point", _err) +} + -+var _mkcgo_OpenSSL_version_num uintptr ++func EC_POINT_point2oct(group EC_GROUP_PTR, p EC_POINT_PTR, form Point_conversion_form_t, buf *byte, len int, ctx BN_CTX_PTR) (int, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EC_POINT_point2oct(group, p, form, (*C.uchar)(unsafe.Pointer(buf)), C.size_t(len), ctx, mkcgoNoEscape(&_err)) ++ return int(_ret), newMkcgoErr("EC_POINT_point2oct", _err) ++} + -+func OpenSSL_version_num() uint64 { -+ r0, _ := syscallN(0, _mkcgo_OpenSSL_version_num) -+ return uint64(r0) ++func EC_POINT_set_affine_coordinates(arg0 EC_GROUP_PTR, arg1 EC_POINT_PTR, arg2 BIGNUM_PTR, arg3 BIGNUM_PTR, arg4 BN_CTX_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EC_POINT_set_affine_coordinates(arg0, arg1, arg2, arg3, arg4, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EC_POINT_set_affine_coordinates", _err) +} + -+var _mkcgo_PKCS5_PBKDF2_HMAC uintptr ++func ERR_clear_error() { ++ C._mkcgo_ERR_clear_error() ++} + -+func PKCS5_PBKDF2_HMAC(pass []byte, salt []byte, iter int32, digest EVP_MD_PTR, out []byte) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_PKCS5_PBKDF2_HMAC, uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(pass)))), uintptr(len(pass)), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(salt)))), uintptr(len(salt)), uintptr(iter), uintptr(digest), uintptr(len(out)), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(unsafe.SliceData(out)))), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("PKCS5_PBKDF2_HMAC", _err) ++func ERR_error_string_n(e uint32, buf *byte, len int) { ++ C._mkcgo_ERR_error_string_n(C.ulong(e), (*C.char)(unsafe.Pointer(buf)), C.size_t(len)) +} + -+var _mkcgo_RAND_bytes uintptr ++func ERR_get_error_all(file **byte, line *int32, __func **byte, data **byte, flags *int32) uint32 { ++ return uint32(C._mkcgo_ERR_get_error_all((**C.char)(unsafe.Pointer(file)), (*C.int)(unsafe.Pointer(line)), (**C.char)(unsafe.Pointer(__func)), (**C.char)(unsafe.Pointer(data)), (*C.int)(unsafe.Pointer(flags)))) ++} + -+func RAND_bytes(buf []byte) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_RAND_bytes, uintptr(unsafe.Pointer(unsafe.SliceData(buf))), uintptr(len(buf)), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("RAND_bytes", _err) ++func ERR_get_error_line(file **byte, line *int32) uint32 { ++ return uint32(C._mkcgo_ERR_get_error_line((**C.char)(unsafe.Pointer(file)), (*C.int)(unsafe.Pointer(line)))) +} + -+var _mkcgo_RAND_bytes_ex uintptr ++func EVP_CIPHER_CTX_ctrl(ctx EVP_CIPHER_CTX_PTR, __type int32, arg int32, ptr unsafe.Pointer) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_CIPHER_CTX_ctrl(ctx, C.int(__type), C.int(arg), ptr, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_CIPHER_CTX_ctrl", _err) ++} + -+func RAND_bytes_ex(ctx OSSL_LIB_CTX_PTR, buf []byte, strength uint32) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_RAND_bytes_ex, uintptr(ctx), uintptr(unsafe.Pointer(unsafe.SliceData(buf))), uintptr(len(buf)), uintptr(strength), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("RAND_bytes_ex", _err) ++func EVP_CIPHER_CTX_free(arg0 EVP_CIPHER_CTX_PTR) { ++ C._mkcgo_EVP_CIPHER_CTX_free(arg0) +} + -+var _mkcgo_RSA_free uintptr ++func EVP_CIPHER_CTX_new() (EVP_CIPHER_CTX_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_CIPHER_CTX_new(mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_CIPHER_CTX_new", _err) ++} + -+func RSA_free(arg0 RSA_PTR) { -+ syscallN(0, _mkcgo_RSA_free, uintptr(arg0)) ++func EVP_CIPHER_CTX_set_key_length(x EVP_CIPHER_CTX_PTR, keylen int32) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_CIPHER_CTX_set_key_length(x, C.int(keylen), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_CIPHER_CTX_set_key_length", _err) +} + -+var _mkcgo_RSA_get0_crt_params uintptr ++func EVP_CIPHER_CTX_set_padding(x EVP_CIPHER_CTX_PTR, padding int32) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_CIPHER_CTX_set_padding(x, C.int(padding), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_CIPHER_CTX_set_padding", _err) ++} + -+func RSA_get0_crt_params(r RSA_PTR, dmp1 *BIGNUM_PTR, dmq1 *BIGNUM_PTR, iqmp *BIGNUM_PTR) { -+ syscallN(0, _mkcgo_RSA_get0_crt_params, uintptr(r), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(dmp1))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(dmq1))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(iqmp)))) ++func EVP_CIPHER_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_CIPHER_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_CIPHER_fetch(ctx, (*C.char)(unsafe.Pointer(algorithm)), (*C.char)(unsafe.Pointer(properties)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_CIPHER_fetch", _err) +} + -+var _mkcgo_RSA_get0_factors uintptr ++func EVP_CIPHER_get0_name(cipher EVP_CIPHER_PTR) *byte { ++ return (*byte)(unsafe.Pointer(C._mkcgo_EVP_CIPHER_get0_name(cipher))) ++} + -+func RSA_get0_factors(rsa RSA_PTR, p *BIGNUM_PTR, q *BIGNUM_PTR) { -+ syscallN(0, _mkcgo_RSA_get0_factors, uintptr(rsa), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(p))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(q)))) ++func EVP_CIPHER_get_block_size(cipher EVP_CIPHER_PTR) int32 { ++ return int32(C._mkcgo_EVP_CIPHER_get_block_size(cipher)) +} + -+var _mkcgo_RSA_get0_key uintptr ++func EVP_CipherInit_ex(ctx EVP_CIPHER_CTX_PTR, __type EVP_CIPHER_PTR, impl ENGINE_PTR, key *byte, iv *byte, enc int32) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_CipherInit_ex(ctx, __type, impl, (*C.uchar)(unsafe.Pointer(key)), (*C.uchar)(unsafe.Pointer(iv)), C.int(enc), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_CipherInit_ex", _err) ++} + -+func RSA_get0_key(rsa RSA_PTR, n *BIGNUM_PTR, e *BIGNUM_PTR, d *BIGNUM_PTR) { -+ syscallN(0, _mkcgo_RSA_get0_key, uintptr(rsa), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(n))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(e))), uintptr(mkcgoEscapePtrOssl(unsafe.Pointer(d)))) ++func EVP_CipherUpdate(ctx EVP_CIPHER_CTX_PTR, out *byte, outl *int32, in *byte, inl int32) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_CipherUpdate(ctx, (*C.uchar)(unsafe.Pointer(out)), (*C.int)(unsafe.Pointer(outl)), (*C.uchar)(unsafe.Pointer(in)), C.int(inl), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_CipherUpdate", _err) +} + -+var _mkcgo_RSA_new uintptr ++func EVP_DecryptFinal_ex(ctx EVP_CIPHER_CTX_PTR, outm *byte, outl *int32) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_DecryptFinal_ex(ctx, (*C.uchar)(unsafe.Pointer(outm)), (*C.int)(unsafe.Pointer(outl)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DecryptFinal_ex", _err) ++} + -+func RSA_new() (RSA_PTR, error) { -+ var _err uintptr -+ r0, _ := syscallN(1, _mkcgo_RSA_new, uintptr(unsafe.Pointer(&_err))) -+ return RSA_PTR(r0), newMkcgoErr("RSA_new", _err) ++func EVP_DecryptInit_ex(ctx EVP_CIPHER_CTX_PTR, __type EVP_CIPHER_PTR, impl ENGINE_PTR, key *byte, iv *byte) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_DecryptInit_ex(ctx, __type, impl, (*C.uchar)(unsafe.Pointer(key)), (*C.uchar)(unsafe.Pointer(iv)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DecryptInit_ex", _err) +} + -+var _mkcgo_RSA_set0_crt_params uintptr ++func EVP_DecryptUpdate(ctx EVP_CIPHER_CTX_PTR, out *byte, outl *int32, in *byte, inl int32) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_DecryptUpdate(ctx, (*C.uchar)(unsafe.Pointer(out)), (*C.int)(unsafe.Pointer(outl)), (*C.uchar)(unsafe.Pointer(in)), C.int(inl), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DecryptUpdate", _err) ++} + -+func RSA_set0_crt_params(rsa RSA_PTR, dmp1 BIGNUM_PTR, dmp2 BIGNUM_PTR, iqmp BIGNUM_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_RSA_set0_crt_params, uintptr(rsa), uintptr(dmp1), uintptr(dmp2), uintptr(iqmp), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("RSA_set0_crt_params", _err) ++func EVP_Digest(data unsafe.Pointer, count int, md *byte, size *uint32, __type EVP_MD_PTR, impl ENGINE_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_Digest(unsafe.Pointer(&*(*byte)(data)), C.size_t(count), (*C.uchar)(unsafe.Pointer(md)), (*C.uint)(unsafe.Pointer(size)), __type, impl, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_Digest", _err) +} + -+var _mkcgo_RSA_set0_factors uintptr ++func EVP_DigestFinal_ex(ctx EVP_MD_CTX_PTR, md *byte, s *uint32) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_DigestFinal_ex(ctx, (*C.uchar)(unsafe.Pointer(md)), (*C.uint)(unsafe.Pointer(s)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DigestFinal_ex", _err) ++} + -+func RSA_set0_factors(rsa RSA_PTR, p BIGNUM_PTR, q BIGNUM_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_RSA_set0_factors, uintptr(rsa), uintptr(p), uintptr(q), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("RSA_set0_factors", _err) ++func EVP_DigestInit(ctx EVP_MD_CTX_PTR, __type EVP_MD_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_DigestInit(ctx, __type, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DigestInit", _err) +} + -+var _mkcgo_RSA_set0_key uintptr ++func EVP_DigestInit_ex(ctx EVP_MD_CTX_PTR, __type EVP_MD_PTR, impl ENGINE_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_DigestInit_ex(ctx, __type, impl, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DigestInit_ex", _err) ++} + -+func RSA_set0_key(r RSA_PTR, n BIGNUM_PTR, e BIGNUM_PTR, d BIGNUM_PTR) (int32, error) { -+ var _err uintptr -+ r0, _ := syscallN(3, _mkcgo_RSA_set0_key, uintptr(r), uintptr(n), uintptr(e), uintptr(d), uintptr(unsafe.Pointer(&_err))) -+ return int32(r0), newMkcgoErr("RSA_set0_key", _err) ++func EVP_DigestSign(ctx EVP_MD_CTX_PTR, sigret *byte, siglen *int, tbs *byte, tbslen int) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_DigestSign(ctx, (*C.uchar)(unsafe.Pointer(sigret)), (*C.size_t)(unsafe.Pointer(siglen)), (*C.uchar)(unsafe.Pointer(tbs)), C.size_t(tbslen), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DigestSign", _err) +} + -+//go:nosplit -+func _mkcgo_error_check(errType, r1, args, n uintptr) { -+ var hasError bool -+ switch errType { -+ case 1: -+ hasError = r1 == 0 -+ case 2: -+ hasError = int32(r1) == -1 -+ case 3: -+ hasError = int32(r1) <= 0 -+ case 4: -+ hasError = int64(r1) <= 0 -+ default: -+ panic("invalid error check type") -+ } -+ if hasError { -+ **(**uintptr)(unsafe.Pointer(args + unsafe.Sizeof(uintptr(0))*n)) = retrieveErrorState() -+ } ++func EVP_DigestSignFinal(ctx EVP_MD_CTX_PTR, sig *byte, siglen *int) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_DigestSignFinal(ctx, (*C.uchar)(unsafe.Pointer(sig)), (*C.size_t)(unsafe.Pointer(siglen)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DigestSignFinal", _err) +} + -+func MkcgoLoad_(handle unsafe.Pointer) { -+ _mkcgo_BIO_ctrl = dlsym(handle, "BIO_ctrl\x00", false) -+ _mkcgo_BIO_free = dlsym(handle, "BIO_free\x00", false) -+ _mkcgo_BIO_new = dlsym(handle, "BIO_new\x00", false) -+ _mkcgo_BIO_s_mem = dlsym(handle, "BIO_s_mem\x00", false) -+ _mkcgo_BN_bin2bn = dlsym(handle, "BN_bin2bn\x00", false) -+ _mkcgo_BN_bn2binpad = dlsym(handle, "BN_bn2binpad\x00", false) -+ _mkcgo_BN_bn2lebinpad = dlsym(handle, "BN_bn2lebinpad\x00", false) -+ _mkcgo_BN_clear = dlsym(handle, "BN_clear\x00", false) -+ _mkcgo_BN_clear_free = dlsym(handle, "BN_clear_free\x00", false) -+ _mkcgo_BN_free = dlsym(handle, "BN_free\x00", false) -+ _mkcgo_BN_lebin2bn = dlsym(handle, "BN_lebin2bn\x00", false) -+ _mkcgo_BN_new = dlsym(handle, "BN_new\x00", false) -+ _mkcgo_BN_num_bits = dlsym(handle, "BN_num_bits\x00", false) -+ _mkcgo_CRYPTO_free = dlsym(handle, "CRYPTO_free\x00", false) -+ _mkcgo_CRYPTO_malloc = dlsym(handle, "CRYPTO_malloc\x00", false) -+ _mkcgo_EC_GROUP_free = dlsym(handle, "EC_GROUP_free\x00", false) -+ _mkcgo_EC_GROUP_new_by_curve_name = dlsym(handle, "EC_GROUP_new_by_curve_name\x00", false) -+ _mkcgo_EC_POINT_free = dlsym(handle, "EC_POINT_free\x00", false) -+ _mkcgo_EC_POINT_mul = dlsym(handle, "EC_POINT_mul\x00", false) -+ _mkcgo_EC_POINT_new = dlsym(handle, "EC_POINT_new\x00", false) -+ _mkcgo_EC_POINT_oct2point = dlsym(handle, "EC_POINT_oct2point\x00", false) -+ _mkcgo_EC_POINT_point2oct = dlsym(handle, "EC_POINT_point2oct\x00", false) -+ _mkcgo_ERR_peek_error = dlsym(handle, "ERR_peek_error\x00", false) -+ _mkcgo_ERR_print_errors = dlsym(handle, "ERR_print_errors\x00", false) -+ _mkcgo_EVP_CIPHER_CTX_ctrl = dlsym(handle, "EVP_CIPHER_CTX_ctrl\x00", false) -+ _mkcgo_EVP_CIPHER_CTX_free = dlsym(handle, "EVP_CIPHER_CTX_free\x00", false) -+ _mkcgo_EVP_CIPHER_CTX_new = dlsym(handle, "EVP_CIPHER_CTX_new\x00", false) -+ _mkcgo_EVP_CIPHER_CTX_set_key_length = dlsym(handle, "EVP_CIPHER_CTX_set_key_length\x00", false) -+ _mkcgo_EVP_CIPHER_CTX_set_padding = dlsym(handle, "EVP_CIPHER_CTX_set_padding\x00", false) -+ _mkcgo_EVP_CipherInit_ex = dlsym(handle, "EVP_CipherInit_ex\x00", false) -+ _mkcgo_EVP_CipherUpdate = dlsym(handle, "EVP_CipherUpdate\x00", false) -+ _mkcgo_EVP_DecryptFinal_ex = dlsym(handle, "EVP_DecryptFinal_ex\x00", false) -+ _mkcgo_EVP_DecryptInit_ex = dlsym(handle, "EVP_DecryptInit_ex\x00", false) -+ _mkcgo_EVP_DecryptUpdate = dlsym(handle, "EVP_DecryptUpdate\x00", false) -+ _mkcgo_EVP_Digest = dlsym(handle, "EVP_Digest\x00", false) -+ _mkcgo_EVP_DigestFinal_ex = dlsym(handle, "EVP_DigestFinal_ex\x00", false) -+ _mkcgo_EVP_DigestInit = dlsym(handle, "EVP_DigestInit\x00", false) -+ _mkcgo_EVP_DigestInit_ex = dlsym(handle, "EVP_DigestInit_ex\x00", false) -+ _mkcgo_EVP_DigestSign = dlsym(handle, "EVP_DigestSign\x00", false) -+ _mkcgo_EVP_DigestSignFinal = dlsym(handle, "EVP_DigestSignFinal\x00", false) -+ _mkcgo_EVP_DigestSignInit = dlsym(handle, "EVP_DigestSignInit\x00", false) -+ _mkcgo_EVP_DigestUpdate = dlsym(handle, "EVP_DigestUpdate\x00", false) -+ _mkcgo_EVP_DigestVerify = dlsym(handle, "EVP_DigestVerify\x00", false) -+ _mkcgo_EVP_DigestVerifyFinal = dlsym(handle, "EVP_DigestVerifyFinal\x00", false) -+ _mkcgo_EVP_DigestVerifyInit = dlsym(handle, "EVP_DigestVerifyInit\x00", false) -+ _mkcgo_EVP_EncryptFinal_ex = dlsym(handle, "EVP_EncryptFinal_ex\x00", false) -+ _mkcgo_EVP_EncryptInit_ex = dlsym(handle, "EVP_EncryptInit_ex\x00", false) -+ _mkcgo_EVP_EncryptUpdate = dlsym(handle, "EVP_EncryptUpdate\x00", false) -+ _mkcgo_EVP_MD_CTX_copy_ex = dlsym(handle, "EVP_MD_CTX_copy_ex\x00", false) -+ _mkcgo_EVP_MD_CTX_ctrl = dlsym(handle, "EVP_MD_CTX_ctrl\x00", false) -+ _mkcgo_EVP_MD_CTX_free = dlsym(handle, "EVP_MD_CTX_free\x00", false) -+ _mkcgo_EVP_MD_CTX_new = dlsym(handle, "EVP_MD_CTX_new\x00", false) -+ _mkcgo_EVP_PKEY_CTX_ctrl = dlsym(handle, "EVP_PKEY_CTX_ctrl\x00", false) -+ _mkcgo_EVP_PKEY_CTX_free = dlsym(handle, "EVP_PKEY_CTX_free\x00", false) -+ _mkcgo_EVP_PKEY_CTX_new = dlsym(handle, "EVP_PKEY_CTX_new\x00", false) -+ _mkcgo_EVP_PKEY_CTX_new_id = dlsym(handle, "EVP_PKEY_CTX_new_id\x00", false) -+ _mkcgo_EVP_PKEY_decrypt = dlsym(handle, "EVP_PKEY_decrypt\x00", false) -+ _mkcgo_EVP_PKEY_decrypt_init = dlsym(handle, "EVP_PKEY_decrypt_init\x00", false) -+ _mkcgo_EVP_PKEY_derive = dlsym(handle, "EVP_PKEY_derive\x00", false) -+ _mkcgo_EVP_PKEY_derive_init = dlsym(handle, "EVP_PKEY_derive_init\x00", false) -+ _mkcgo_EVP_PKEY_derive_set_peer = dlsym(handle, "EVP_PKEY_derive_set_peer\x00", false) -+ _mkcgo_EVP_PKEY_encrypt = dlsym(handle, "EVP_PKEY_encrypt\x00", false) -+ _mkcgo_EVP_PKEY_encrypt_init = dlsym(handle, "EVP_PKEY_encrypt_init\x00", false) -+ _mkcgo_EVP_PKEY_free = dlsym(handle, "EVP_PKEY_free\x00", false) -+ _mkcgo_EVP_PKEY_get_raw_private_key = dlsym(handle, "EVP_PKEY_get_raw_private_key\x00", false) -+ _mkcgo_EVP_PKEY_get_raw_public_key = dlsym(handle, "EVP_PKEY_get_raw_public_key\x00", false) -+ _mkcgo_EVP_PKEY_keygen = dlsym(handle, "EVP_PKEY_keygen\x00", false) -+ _mkcgo_EVP_PKEY_keygen_init = dlsym(handle, "EVP_PKEY_keygen_init\x00", false) -+ _mkcgo_EVP_PKEY_new = dlsym(handle, "EVP_PKEY_new\x00", false) -+ _mkcgo_EVP_PKEY_new_raw_private_key = dlsym(handle, "EVP_PKEY_new_raw_private_key\x00", false) -+ _mkcgo_EVP_PKEY_new_raw_public_key = dlsym(handle, "EVP_PKEY_new_raw_public_key\x00", false) -+ _mkcgo_EVP_PKEY_paramgen = dlsym(handle, "EVP_PKEY_paramgen\x00", false) -+ _mkcgo_EVP_PKEY_paramgen_init = dlsym(handle, "EVP_PKEY_paramgen_init\x00", false) -+ _mkcgo_EVP_PKEY_sign = dlsym(handle, "EVP_PKEY_sign\x00", false) -+ _mkcgo_EVP_PKEY_sign_init = dlsym(handle, "EVP_PKEY_sign_init\x00", false) -+ _mkcgo_EVP_PKEY_up_ref = dlsym(handle, "EVP_PKEY_up_ref\x00", false) -+ _mkcgo_EVP_PKEY_verify = dlsym(handle, "EVP_PKEY_verify\x00", false) -+ _mkcgo_EVP_PKEY_verify_init = dlsym(handle, "EVP_PKEY_verify_init\x00", false) -+ _mkcgo_EVP_aes_128_cbc = dlsym(handle, "EVP_aes_128_cbc\x00", false) -+ _mkcgo_EVP_aes_128_ctr = dlsym(handle, "EVP_aes_128_ctr\x00", false) -+ _mkcgo_EVP_aes_128_ecb = dlsym(handle, "EVP_aes_128_ecb\x00", false) -+ _mkcgo_EVP_aes_128_gcm = dlsym(handle, "EVP_aes_128_gcm\x00", false) -+ _mkcgo_EVP_aes_192_cbc = dlsym(handle, "EVP_aes_192_cbc\x00", false) -+ _mkcgo_EVP_aes_192_ctr = dlsym(handle, "EVP_aes_192_ctr\x00", false) -+ _mkcgo_EVP_aes_192_ecb = dlsym(handle, "EVP_aes_192_ecb\x00", false) -+ _mkcgo_EVP_aes_192_gcm = dlsym(handle, "EVP_aes_192_gcm\x00", false) -+ _mkcgo_EVP_aes_256_cbc = dlsym(handle, "EVP_aes_256_cbc\x00", false) -+ _mkcgo_EVP_aes_256_ctr = dlsym(handle, "EVP_aes_256_ctr\x00", false) -+ _mkcgo_EVP_aes_256_ecb = dlsym(handle, "EVP_aes_256_ecb\x00", false) -+ _mkcgo_EVP_aes_256_gcm = dlsym(handle, "EVP_aes_256_gcm\x00", false) -+ _mkcgo_EVP_chacha20_poly1305 = dlsym(handle, "EVP_chacha20_poly1305\x00", true) -+ _mkcgo_EVP_des_cbc = dlsym(handle, "EVP_des_cbc\x00", false) -+ _mkcgo_EVP_des_ecb = dlsym(handle, "EVP_des_ecb\x00", false) -+ _mkcgo_EVP_des_ede3_cbc = dlsym(handle, "EVP_des_ede3_cbc\x00", false) -+ _mkcgo_EVP_des_ede3_ecb = dlsym(handle, "EVP_des_ede3_ecb\x00", false) -+ _mkcgo_EVP_md4 = dlsym(handle, "EVP_md4\x00", false) -+ _mkcgo_EVP_md5 = dlsym(handle, "EVP_md5\x00", false) -+ _mkcgo_EVP_md5_sha1 = dlsym(handle, "EVP_md5_sha1\x00", false) -+ _mkcgo_EVP_rc4 = dlsym(handle, "EVP_rc4\x00", false) -+ _mkcgo_EVP_ripemd160 = dlsym(handle, "EVP_ripemd160\x00", false) -+ _mkcgo_EVP_sha1 = dlsym(handle, "EVP_sha1\x00", false) -+ _mkcgo_EVP_sha224 = dlsym(handle, "EVP_sha224\x00", false) -+ _mkcgo_EVP_sha256 = dlsym(handle, "EVP_sha256\x00", false) -+ _mkcgo_EVP_sha384 = dlsym(handle, "EVP_sha384\x00", false) -+ _mkcgo_EVP_sha3_224 = dlsym(handle, "EVP_sha3_224\x00", false) -+ _mkcgo_EVP_sha3_256 = dlsym(handle, "EVP_sha3_256\x00", false) -+ _mkcgo_EVP_sha3_384 = dlsym(handle, "EVP_sha3_384\x00", false) -+ _mkcgo_EVP_sha3_512 = dlsym(handle, "EVP_sha3_512\x00", false) -+ _mkcgo_EVP_sha512 = dlsym(handle, "EVP_sha512\x00", false) -+ _mkcgo_EVP_sha512_224 = dlsym(handle, "EVP_sha512_224\x00", false) -+ _mkcgo_EVP_sha512_256 = dlsym(handle, "EVP_sha512_256\x00", false) -+ _mkcgo_OBJ_nid2sn = dlsym(handle, "OBJ_nid2sn\x00", false) -+ _mkcgo_OPENSSL_init = dlsym(handle, "OPENSSL_init\x00", false) -+ _mkcgo_OPENSSL_init_crypto = dlsym(handle, "OPENSSL_init_crypto\x00", false) -+ _mkcgo_OpenSSL_version = dlsym(handle, "OpenSSL_version\x00", false) ++func EVP_DigestSignInit(ctx EVP_MD_CTX_PTR, pctx *EVP_PKEY_CTX_PTR, __type EVP_MD_PTR, e ENGINE_PTR, pkey EVP_PKEY_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_DigestSignInit(ctx, pctx, __type, e, pkey, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DigestSignInit", _err) +} + -+func MkcgoUnload_() { -+ _mkcgo_BIO_ctrl = 0 -+ _mkcgo_BIO_free = 0 -+ _mkcgo_BIO_new = 0 -+ _mkcgo_BIO_s_mem = 0 -+ _mkcgo_BN_bin2bn = 0 -+ _mkcgo_BN_bn2binpad = 0 -+ _mkcgo_BN_bn2lebinpad = 0 -+ _mkcgo_BN_clear = 0 -+ _mkcgo_BN_clear_free = 0 -+ _mkcgo_BN_free = 0 -+ _mkcgo_BN_lebin2bn = 0 -+ _mkcgo_BN_new = 0 -+ _mkcgo_BN_num_bits = 0 -+ _mkcgo_CRYPTO_free = 0 -+ _mkcgo_CRYPTO_malloc = 0 -+ _mkcgo_EC_GROUP_free = 0 -+ _mkcgo_EC_GROUP_new_by_curve_name = 0 -+ _mkcgo_EC_POINT_free = 0 -+ _mkcgo_EC_POINT_mul = 0 -+ _mkcgo_EC_POINT_new = 0 -+ _mkcgo_EC_POINT_oct2point = 0 -+ _mkcgo_EC_POINT_point2oct = 0 -+ _mkcgo_ERR_peek_error = 0 -+ _mkcgo_ERR_print_errors = 0 -+ _mkcgo_EVP_CIPHER_CTX_ctrl = 0 -+ _mkcgo_EVP_CIPHER_CTX_free = 0 -+ _mkcgo_EVP_CIPHER_CTX_new = 0 -+ _mkcgo_EVP_CIPHER_CTX_set_key_length = 0 -+ _mkcgo_EVP_CIPHER_CTX_set_padding = 0 -+ _mkcgo_EVP_CipherInit_ex = 0 -+ _mkcgo_EVP_CipherUpdate = 0 -+ _mkcgo_EVP_DecryptFinal_ex = 0 -+ _mkcgo_EVP_DecryptInit_ex = 0 -+ _mkcgo_EVP_DecryptUpdate = 0 -+ _mkcgo_EVP_Digest = 0 -+ _mkcgo_EVP_DigestFinal_ex = 0 -+ _mkcgo_EVP_DigestInit = 0 -+ _mkcgo_EVP_DigestInit_ex = 0 -+ _mkcgo_EVP_DigestSign = 0 -+ _mkcgo_EVP_DigestSignFinal = 0 -+ _mkcgo_EVP_DigestSignInit = 0 -+ _mkcgo_EVP_DigestUpdate = 0 -+ _mkcgo_EVP_DigestVerify = 0 -+ _mkcgo_EVP_DigestVerifyFinal = 0 -+ _mkcgo_EVP_DigestVerifyInit = 0 -+ _mkcgo_EVP_EncryptFinal_ex = 0 -+ _mkcgo_EVP_EncryptInit_ex = 0 -+ _mkcgo_EVP_EncryptUpdate = 0 -+ _mkcgo_EVP_MD_CTX_copy_ex = 0 -+ _mkcgo_EVP_MD_CTX_ctrl = 0 -+ _mkcgo_EVP_MD_CTX_free = 0 -+ _mkcgo_EVP_MD_CTX_new = 0 -+ _mkcgo_EVP_PKEY_CTX_ctrl = 0 -+ _mkcgo_EVP_PKEY_CTX_free = 0 -+ _mkcgo_EVP_PKEY_CTX_new = 0 -+ _mkcgo_EVP_PKEY_CTX_new_id = 0 -+ _mkcgo_EVP_PKEY_decrypt = 0 -+ _mkcgo_EVP_PKEY_decrypt_init = 0 -+ _mkcgo_EVP_PKEY_derive = 0 -+ _mkcgo_EVP_PKEY_derive_init = 0 -+ _mkcgo_EVP_PKEY_derive_set_peer = 0 -+ _mkcgo_EVP_PKEY_encrypt = 0 -+ _mkcgo_EVP_PKEY_encrypt_init = 0 -+ _mkcgo_EVP_PKEY_free = 0 -+ _mkcgo_EVP_PKEY_get_raw_private_key = 0 -+ _mkcgo_EVP_PKEY_get_raw_public_key = 0 -+ _mkcgo_EVP_PKEY_keygen = 0 -+ _mkcgo_EVP_PKEY_keygen_init = 0 -+ _mkcgo_EVP_PKEY_new = 0 -+ _mkcgo_EVP_PKEY_new_raw_private_key = 0 -+ _mkcgo_EVP_PKEY_new_raw_public_key = 0 -+ _mkcgo_EVP_PKEY_paramgen = 0 -+ _mkcgo_EVP_PKEY_paramgen_init = 0 -+ _mkcgo_EVP_PKEY_sign = 0 -+ _mkcgo_EVP_PKEY_sign_init = 0 -+ _mkcgo_EVP_PKEY_up_ref = 0 -+ _mkcgo_EVP_PKEY_verify = 0 -+ _mkcgo_EVP_PKEY_verify_init = 0 -+ _mkcgo_EVP_aes_128_cbc = 0 -+ _mkcgo_EVP_aes_128_ctr = 0 -+ _mkcgo_EVP_aes_128_ecb = 0 -+ _mkcgo_EVP_aes_128_gcm = 0 -+ _mkcgo_EVP_aes_192_cbc = 0 -+ _mkcgo_EVP_aes_192_ctr = 0 -+ _mkcgo_EVP_aes_192_ecb = 0 -+ _mkcgo_EVP_aes_192_gcm = 0 -+ _mkcgo_EVP_aes_256_cbc = 0 -+ _mkcgo_EVP_aes_256_ctr = 0 -+ _mkcgo_EVP_aes_256_ecb = 0 -+ _mkcgo_EVP_aes_256_gcm = 0 -+ _mkcgo_EVP_chacha20_poly1305 = 0 -+ _mkcgo_EVP_des_cbc = 0 -+ _mkcgo_EVP_des_ecb = 0 -+ _mkcgo_EVP_des_ede3_cbc = 0 -+ _mkcgo_EVP_des_ede3_ecb = 0 -+ _mkcgo_EVP_md4 = 0 -+ _mkcgo_EVP_md5 = 0 -+ _mkcgo_EVP_md5_sha1 = 0 -+ _mkcgo_EVP_rc4 = 0 -+ _mkcgo_EVP_ripemd160 = 0 -+ _mkcgo_EVP_sha1 = 0 -+ _mkcgo_EVP_sha224 = 0 -+ _mkcgo_EVP_sha256 = 0 -+ _mkcgo_EVP_sha384 = 0 -+ _mkcgo_EVP_sha3_224 = 0 -+ _mkcgo_EVP_sha3_256 = 0 -+ _mkcgo_EVP_sha3_384 = 0 -+ _mkcgo_EVP_sha3_512 = 0 -+ _mkcgo_EVP_sha512 = 0 -+ _mkcgo_EVP_sha512_224 = 0 -+ _mkcgo_EVP_sha512_256 = 0 -+ _mkcgo_OBJ_nid2sn = 0 -+ _mkcgo_OPENSSL_init = 0 -+ _mkcgo_OPENSSL_init_crypto = 0 -+ _mkcgo_OpenSSL_version = 0 ++func EVP_DigestUpdate(ctx EVP_MD_CTX_PTR, d unsafe.Pointer, cnt int) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_DigestUpdate(ctx, unsafe.Pointer(&*(*byte)(d)), C.size_t(cnt), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DigestUpdate", _err) +} + -+func MkcgoLoad_3(handle unsafe.Pointer) { -+ _mkcgo_EC_POINT_set_affine_coordinates = dlsym(handle, "EC_POINT_set_affine_coordinates\x00", false) -+ _mkcgo_EVP_CIPHER_fetch = dlsym(handle, "EVP_CIPHER_fetch\x00", false) -+ _mkcgo_EVP_CIPHER_get0_name = dlsym(handle, "EVP_CIPHER_get0_name\x00", false) -+ _mkcgo_EVP_CIPHER_get_block_size = dlsym(handle, "EVP_CIPHER_get_block_size\x00", false) -+ _mkcgo_EVP_KDF_CTX_free = dlsym(handle, "EVP_KDF_CTX_free\x00", false) -+ _mkcgo_EVP_KDF_CTX_get_kdf_size = dlsym(handle, "EVP_KDF_CTX_get_kdf_size\x00", false) -+ _mkcgo_EVP_KDF_CTX_new = dlsym(handle, "EVP_KDF_CTX_new\x00", false) -+ _mkcgo_EVP_KDF_CTX_set_params = dlsym(handle, "EVP_KDF_CTX_set_params\x00", false) -+ _mkcgo_EVP_KDF_derive = dlsym(handle, "EVP_KDF_derive\x00", false) -+ _mkcgo_EVP_KDF_fetch = dlsym(handle, "EVP_KDF_fetch\x00", false) -+ _mkcgo_EVP_KDF_free = dlsym(handle, "EVP_KDF_free\x00", false) -+ _mkcgo_EVP_KEYMGMT_fetch = dlsym(handle, "EVP_KEYMGMT_fetch\x00", true) -+ _mkcgo_EVP_KEYMGMT_free = dlsym(handle, "EVP_KEYMGMT_free\x00", false) -+ _mkcgo_EVP_MAC_CTX_dup = dlsym(handle, "EVP_MAC_CTX_dup\x00", false) -+ _mkcgo_EVP_MAC_CTX_free = dlsym(handle, "EVP_MAC_CTX_free\x00", false) -+ _mkcgo_EVP_MAC_CTX_new = dlsym(handle, "EVP_MAC_CTX_new\x00", false) -+ _mkcgo_EVP_MAC_CTX_set_params = dlsym(handle, "EVP_MAC_CTX_set_params\x00", false) -+ _mkcgo_EVP_MAC_fetch = dlsym(handle, "EVP_MAC_fetch\x00", false) -+ _mkcgo_EVP_MAC_final = dlsym(handle, "EVP_MAC_final\x00", false) -+ _mkcgo_EVP_MAC_init = dlsym(handle, "EVP_MAC_init\x00", false) -+ _mkcgo_EVP_MAC_update = dlsym(handle, "EVP_MAC_update\x00", false) -+ _mkcgo_EVP_MD_CTX_get_params = dlsym(handle, "EVP_MD_CTX_get_params\x00", false) -+ _mkcgo_EVP_MD_CTX_gettable_params = dlsym(handle, "EVP_MD_CTX_gettable_params\x00", false) -+ _mkcgo_EVP_MD_CTX_set_params = dlsym(handle, "EVP_MD_CTX_set_params\x00", false) -+ _mkcgo_EVP_MD_CTX_settable_params = dlsym(handle, "EVP_MD_CTX_settable_params\x00", false) -+ _mkcgo_EVP_MD_fetch = dlsym(handle, "EVP_MD_fetch\x00", false) -+ _mkcgo_EVP_MD_free = dlsym(handle, "EVP_MD_free\x00", false) -+ _mkcgo_EVP_MD_get0_name = dlsym(handle, "EVP_MD_get0_name\x00", false) -+ _mkcgo_EVP_MD_get0_provider = dlsym(handle, "EVP_MD_get0_provider\x00", false) -+ _mkcgo_EVP_MD_get_block_size = dlsym(handle, "EVP_MD_get_block_size\x00", false) -+ _mkcgo_EVP_MD_get_size = dlsym(handle, "EVP_MD_get_size\x00", false) -+ _mkcgo_EVP_MD_get_type = dlsym(handle, "EVP_MD_get_type\x00", false) -+ _mkcgo_EVP_PKEY_CTX_add1_hkdf_info = dlsym(handle, "EVP_PKEY_CTX_add1_hkdf_info\x00", false) -+ _mkcgo_EVP_PKEY_CTX_new_from_pkey = dlsym(handle, "EVP_PKEY_CTX_new_from_pkey\x00", false) -+ _mkcgo_EVP_PKEY_CTX_set0_rsa_oaep_label = dlsym(handle, "EVP_PKEY_CTX_set0_rsa_oaep_label\x00", false) -+ _mkcgo_EVP_PKEY_CTX_set1_hkdf_key = dlsym(handle, "EVP_PKEY_CTX_set1_hkdf_key\x00", false) -+ _mkcgo_EVP_PKEY_CTX_set1_hkdf_salt = dlsym(handle, "EVP_PKEY_CTX_set1_hkdf_salt\x00", false) -+ _mkcgo_EVP_PKEY_CTX_set_hkdf_md = dlsym(handle, "EVP_PKEY_CTX_set_hkdf_md\x00", false) -+ _mkcgo_EVP_PKEY_CTX_set_hkdf_mode = dlsym(handle, "EVP_PKEY_CTX_set_hkdf_mode\x00", false) -+ _mkcgo_EVP_PKEY_CTX_set_params = dlsym(handle, "EVP_PKEY_CTX_set_params\x00", false) -+ _mkcgo_EVP_PKEY_Q_keygen = dlsym(handle, "EVP_PKEY_Q_keygen\x00", false) -+ _mkcgo_EVP_PKEY_decapsulate = dlsym(handle, "EVP_PKEY_decapsulate\x00", false) -+ _mkcgo_EVP_PKEY_decapsulate_init = dlsym(handle, "EVP_PKEY_decapsulate_init\x00", false) -+ _mkcgo_EVP_PKEY_encapsulate = dlsym(handle, "EVP_PKEY_encapsulate\x00", false) -+ _mkcgo_EVP_PKEY_encapsulate_init = dlsym(handle, "EVP_PKEY_encapsulate_init\x00", false) -+ _mkcgo_EVP_PKEY_fromdata = dlsym(handle, "EVP_PKEY_fromdata\x00", false) -+ _mkcgo_EVP_PKEY_fromdata_init = dlsym(handle, "EVP_PKEY_fromdata_init\x00", false) -+ _mkcgo_EVP_PKEY_get1_encoded_public_key = dlsym(handle, "EVP_PKEY_get1_encoded_public_key\x00", false) -+ _mkcgo_EVP_PKEY_get_bits = dlsym(handle, "EVP_PKEY_get_bits\x00", false) -+ _mkcgo_EVP_PKEY_get_bn_param = dlsym(handle, "EVP_PKEY_get_bn_param\x00", false) -+ _mkcgo_EVP_PKEY_get_octet_string_param = dlsym(handle, "EVP_PKEY_get_octet_string_param\x00", false) -+ _mkcgo_EVP_PKEY_get_size = dlsym(handle, "EVP_PKEY_get_size\x00", false) -+ _mkcgo_EVP_PKEY_private_check = dlsym(handle, "EVP_PKEY_private_check\x00", false) -+ _mkcgo_EVP_PKEY_public_check_quick = dlsym(handle, "EVP_PKEY_public_check_quick\x00", false) -+ _mkcgo_EVP_PKEY_set1_encoded_public_key = dlsym(handle, "EVP_PKEY_set1_encoded_public_key\x00", false) -+ _mkcgo_EVP_SIGNATURE_fetch = dlsym(handle, "EVP_SIGNATURE_fetch\x00", false) -+ _mkcgo_EVP_SIGNATURE_free = dlsym(handle, "EVP_SIGNATURE_free\x00", false) -+ _mkcgo_EVP_default_properties_enable_fips = dlsym(handle, "EVP_default_properties_enable_fips\x00", false) -+ _mkcgo_EVP_default_properties_is_fips_enabled = dlsym(handle, "EVP_default_properties_is_fips_enabled\x00", false) -+ _mkcgo_OSSL_PARAM_BLD_free = dlsym(handle, "OSSL_PARAM_BLD_free\x00", false) -+ _mkcgo_OSSL_PARAM_BLD_new = dlsym(handle, "OSSL_PARAM_BLD_new\x00", false) -+ _mkcgo_OSSL_PARAM_BLD_push_BN = dlsym(handle, "OSSL_PARAM_BLD_push_BN\x00", false) -+ _mkcgo_OSSL_PARAM_BLD_push_int32 = dlsym(handle, "OSSL_PARAM_BLD_push_int32\x00", false) -+ _mkcgo_OSSL_PARAM_BLD_push_octet_string = dlsym(handle, "OSSL_PARAM_BLD_push_octet_string\x00", false) -+ _mkcgo_OSSL_PARAM_BLD_push_utf8_string = dlsym(handle, "OSSL_PARAM_BLD_push_utf8_string\x00", false) -+ _mkcgo_OSSL_PARAM_BLD_to_param = dlsym(handle, "OSSL_PARAM_BLD_to_param\x00", false) -+ _mkcgo_OSSL_PARAM_free = dlsym(handle, "OSSL_PARAM_free\x00", false) -+ _mkcgo_OSSL_PARAM_locate_const = dlsym(handle, "OSSL_PARAM_locate_const\x00", false) -+ _mkcgo_OSSL_PROVIDER_available = dlsym(handle, "OSSL_PROVIDER_available\x00", false) -+ _mkcgo_OSSL_PROVIDER_get0_name = dlsym(handle, "OSSL_PROVIDER_get0_name\x00", false) -+ _mkcgo_OSSL_PROVIDER_try_load = dlsym(handle, "OSSL_PROVIDER_try_load\x00", false) -+ _mkcgo_RAND_bytes_ex = dlsym(handle, "RAND_bytes_ex\x00", false) ++func EVP_DigestVerify(ctx EVP_MD_CTX_PTR, sigret *byte, siglen int, tbs *byte, tbslen int) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_DigestVerify(ctx, (*C.uchar)(unsafe.Pointer(sigret)), C.size_t(siglen), (*C.uchar)(unsafe.Pointer(tbs)), C.size_t(tbslen), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DigestVerify", _err) +} + -+func MkcgoUnload_3() { -+ _mkcgo_EC_POINT_set_affine_coordinates = 0 -+ _mkcgo_EVP_CIPHER_fetch = 0 -+ _mkcgo_EVP_CIPHER_get0_name = 0 -+ _mkcgo_EVP_CIPHER_get_block_size = 0 -+ _mkcgo_EVP_KDF_CTX_free = 0 -+ _mkcgo_EVP_KDF_CTX_get_kdf_size = 0 -+ _mkcgo_EVP_KDF_CTX_new = 0 -+ _mkcgo_EVP_KDF_CTX_set_params = 0 -+ _mkcgo_EVP_KDF_derive = 0 -+ _mkcgo_EVP_KDF_fetch = 0 -+ _mkcgo_EVP_KDF_free = 0 -+ _mkcgo_EVP_KEYMGMT_fetch = 0 -+ _mkcgo_EVP_KEYMGMT_free = 0 -+ _mkcgo_EVP_MAC_CTX_dup = 0 -+ _mkcgo_EVP_MAC_CTX_free = 0 -+ _mkcgo_EVP_MAC_CTX_new = 0 -+ _mkcgo_EVP_MAC_CTX_set_params = 0 -+ _mkcgo_EVP_MAC_fetch = 0 -+ _mkcgo_EVP_MAC_final = 0 -+ _mkcgo_EVP_MAC_init = 0 -+ _mkcgo_EVP_MAC_update = 0 -+ _mkcgo_EVP_MD_CTX_get_params = 0 -+ _mkcgo_EVP_MD_CTX_gettable_params = 0 -+ _mkcgo_EVP_MD_CTX_set_params = 0 -+ _mkcgo_EVP_MD_CTX_settable_params = 0 -+ _mkcgo_EVP_MD_fetch = 0 -+ _mkcgo_EVP_MD_free = 0 -+ _mkcgo_EVP_MD_get0_name = 0 -+ _mkcgo_EVP_MD_get0_provider = 0 -+ _mkcgo_EVP_MD_get_block_size = 0 -+ _mkcgo_EVP_MD_get_size = 0 -+ _mkcgo_EVP_MD_get_type = 0 -+ _mkcgo_EVP_PKEY_CTX_add1_hkdf_info = 0 -+ _mkcgo_EVP_PKEY_CTX_new_from_pkey = 0 -+ _mkcgo_EVP_PKEY_CTX_set0_rsa_oaep_label = 0 -+ _mkcgo_EVP_PKEY_CTX_set1_hkdf_key = 0 -+ _mkcgo_EVP_PKEY_CTX_set1_hkdf_salt = 0 -+ _mkcgo_EVP_PKEY_CTX_set_hkdf_md = 0 -+ _mkcgo_EVP_PKEY_CTX_set_hkdf_mode = 0 -+ _mkcgo_EVP_PKEY_CTX_set_params = 0 -+ _mkcgo_EVP_PKEY_Q_keygen = 0 -+ _mkcgo_EVP_PKEY_decapsulate = 0 -+ _mkcgo_EVP_PKEY_decapsulate_init = 0 -+ _mkcgo_EVP_PKEY_encapsulate = 0 -+ _mkcgo_EVP_PKEY_encapsulate_init = 0 -+ _mkcgo_EVP_PKEY_fromdata = 0 -+ _mkcgo_EVP_PKEY_fromdata_init = 0 -+ _mkcgo_EVP_PKEY_get1_encoded_public_key = 0 -+ _mkcgo_EVP_PKEY_get_bits = 0 -+ _mkcgo_EVP_PKEY_get_bn_param = 0 -+ _mkcgo_EVP_PKEY_get_octet_string_param = 0 -+ _mkcgo_EVP_PKEY_get_size = 0 -+ _mkcgo_EVP_PKEY_private_check = 0 -+ _mkcgo_EVP_PKEY_public_check_quick = 0 -+ _mkcgo_EVP_PKEY_set1_encoded_public_key = 0 -+ _mkcgo_EVP_SIGNATURE_fetch = 0 -+ _mkcgo_EVP_SIGNATURE_free = 0 -+ _mkcgo_EVP_default_properties_enable_fips = 0 -+ _mkcgo_EVP_default_properties_is_fips_enabled = 0 -+ _mkcgo_OSSL_PARAM_BLD_free = 0 -+ _mkcgo_OSSL_PARAM_BLD_new = 0 -+ _mkcgo_OSSL_PARAM_BLD_push_BN = 0 -+ _mkcgo_OSSL_PARAM_BLD_push_int32 = 0 -+ _mkcgo_OSSL_PARAM_BLD_push_octet_string = 0 -+ _mkcgo_OSSL_PARAM_BLD_push_utf8_string = 0 -+ _mkcgo_OSSL_PARAM_BLD_to_param = 0 -+ _mkcgo_OSSL_PARAM_free = 0 -+ _mkcgo_OSSL_PARAM_locate_const = 0 -+ _mkcgo_OSSL_PROVIDER_available = 0 -+ _mkcgo_OSSL_PROVIDER_get0_name = 0 -+ _mkcgo_OSSL_PROVIDER_try_load = 0 -+ _mkcgo_RAND_bytes_ex = 0 -+} -+ -+func MkcgoLoad_33(handle unsafe.Pointer) { -+ _mkcgo_EVP_DigestFinalXOF = dlsym(handle, "EVP_DigestFinalXOF\x00", false) -+ _mkcgo_EVP_DigestSqueeze = dlsym(handle, "EVP_DigestSqueeze\x00", true) -+} -+ -+func MkcgoUnload_33() { -+ _mkcgo_EVP_DigestFinalXOF = 0 -+ _mkcgo_EVP_DigestSqueeze = 0 ++func EVP_DigestVerifyFinal(ctx EVP_MD_CTX_PTR, sig *byte, siglen int) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_DigestVerifyFinal(ctx, (*C.uchar)(unsafe.Pointer(sig)), C.size_t(siglen), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DigestVerifyFinal", _err) +} + -+func MkcgoLoad_init_1(handle unsafe.Pointer) { -+ _mkcgo_FIPS_mode = dlsym(handle, "FIPS_mode\x00", false) -+ _mkcgo_FIPS_mode_set = dlsym(handle, "FIPS_mode_set\x00", false) ++func EVP_DigestVerifyInit(ctx EVP_MD_CTX_PTR, pctx *EVP_PKEY_CTX_PTR, __type EVP_MD_PTR, e ENGINE_PTR, pkey EVP_PKEY_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_DigestVerifyInit(ctx, pctx, __type, e, pkey, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_DigestVerifyInit", _err) +} + -+func MkcgoUnload_init_1() { -+ _mkcgo_FIPS_mode = 0 -+ _mkcgo_FIPS_mode_set = 0 ++func EVP_EncryptFinal_ex(ctx EVP_CIPHER_CTX_PTR, out *byte, outl *int32) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_EncryptFinal_ex(ctx, (*C.uchar)(unsafe.Pointer(out)), (*C.int)(unsafe.Pointer(outl)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_EncryptFinal_ex", _err) +} + -+func MkcgoLoad_init_3(handle unsafe.Pointer) { -+ _mkcgo_BIO_ctrl = dlsym(handle, "BIO_ctrl\x00", false) -+ _mkcgo_BIO_free = dlsym(handle, "BIO_free\x00", false) -+ _mkcgo_BIO_new = dlsym(handle, "BIO_new\x00", false) -+ _mkcgo_BIO_s_mem = dlsym(handle, "BIO_s_mem\x00", false) -+ _mkcgo_ERR_print_errors = dlsym(handle, "ERR_print_errors\x00", false) -+ _mkcgo_EVP_MD_fetch = dlsym(handle, "EVP_MD_fetch\x00", false) -+ _mkcgo_EVP_MD_free = dlsym(handle, "EVP_MD_free\x00", false) -+ _mkcgo_EVP_MD_get0_provider = dlsym(handle, "EVP_MD_get0_provider\x00", false) -+ _mkcgo_EVP_default_properties_is_fips_enabled = dlsym(handle, "EVP_default_properties_is_fips_enabled\x00", false) ++func EVP_EncryptInit_ex(ctx EVP_CIPHER_CTX_PTR, __type EVP_CIPHER_PTR, impl ENGINE_PTR, key *byte, iv *byte) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_EncryptInit_ex(ctx, __type, impl, (*C.uchar)(unsafe.Pointer(key)), (*C.uchar)(unsafe.Pointer(iv)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_EncryptInit_ex", _err) +} + -+func MkcgoUnload_init_3() { -+ _mkcgo_BIO_ctrl = 0 -+ _mkcgo_BIO_free = 0 -+ _mkcgo_BIO_new = 0 -+ _mkcgo_BIO_s_mem = 0 -+ _mkcgo_ERR_print_errors = 0 -+ _mkcgo_EVP_MD_fetch = 0 -+ _mkcgo_EVP_MD_free = 0 -+ _mkcgo_EVP_MD_get0_provider = 0 -+ _mkcgo_EVP_default_properties_is_fips_enabled = 0 ++func EVP_EncryptUpdate(ctx EVP_CIPHER_CTX_PTR, out *byte, outl *int32, in *byte, inl int32) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_EncryptUpdate(ctx, (*C.uchar)(unsafe.Pointer(out)), (*C.int)(unsafe.Pointer(outl)), (*C.uchar)(unsafe.Pointer(in)), C.int(inl), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_EncryptUpdate", _err) +} + -+func MkcgoLoad_legacy_1(handle unsafe.Pointer) { -+ _mkcgo_DSA_free = dlsym(handle, "DSA_free\x00", false) -+ _mkcgo_DSA_generate_key = dlsym(handle, "DSA_generate_key\x00", false) -+ _mkcgo_DSA_get0_key = dlsym(handle, "DSA_get0_key\x00", false) -+ _mkcgo_DSA_get0_pqg = dlsym(handle, "DSA_get0_pqg\x00", false) -+ _mkcgo_DSA_new = dlsym(handle, "DSA_new\x00", false) -+ _mkcgo_DSA_set0_key = dlsym(handle, "DSA_set0_key\x00", false) -+ _mkcgo_DSA_set0_pqg = dlsym(handle, "DSA_set0_pqg\x00", false) -+ _mkcgo_EC_KEY_check_key = dlsym(handle, "EC_KEY_check_key\x00", false) -+ _mkcgo_EC_KEY_free = dlsym(handle, "EC_KEY_free\x00", false) -+ _mkcgo_EC_KEY_get0_group = dlsym(handle, "EC_KEY_get0_group\x00", false) -+ _mkcgo_EC_KEY_get0_private_key = dlsym(handle, "EC_KEY_get0_private_key\x00", false) -+ _mkcgo_EC_KEY_get0_public_key = dlsym(handle, "EC_KEY_get0_public_key\x00", false) -+ _mkcgo_EC_KEY_new_by_curve_name = dlsym(handle, "EC_KEY_new_by_curve_name\x00", false) -+ _mkcgo_EC_KEY_set_private_key = dlsym(handle, "EC_KEY_set_private_key\x00", false) -+ _mkcgo_EC_KEY_set_public_key = dlsym(handle, "EC_KEY_set_public_key\x00", false) -+ _mkcgo_EC_KEY_set_public_key_affine_coordinates = dlsym(handle, "EC_KEY_set_public_key_affine_coordinates\x00", false) -+ _mkcgo_EC_POINT_get_affine_coordinates_GFp = dlsym(handle, "EC_POINT_get_affine_coordinates_GFp\x00", false) -+ _mkcgo_EVP_CIPHER_get_block_size = dlsym(handle, "EVP_CIPHER_block_size\x00", false) -+ _mkcgo_EVP_MD_get_block_size = dlsym(handle, "EVP_MD_block_size\x00", false) -+ _mkcgo_EVP_MD_get_size = dlsym(handle, "EVP_MD_size\x00", false) -+ _mkcgo_EVP_PKEY_assign = dlsym(handle, "EVP_PKEY_assign\x00", false) -+ _mkcgo_EVP_PKEY_get0_DSA = dlsym(handle, "EVP_PKEY_get0_DSA\x00", false) -+ _mkcgo_EVP_PKEY_get0_EC_KEY = dlsym(handle, "EVP_PKEY_get0_EC_KEY\x00", false) -+ _mkcgo_EVP_PKEY_get1_RSA = dlsym(handle, "EVP_PKEY_get1_RSA\x00", false) -+ _mkcgo_EVP_PKEY_get_bits = dlsym(handle, "EVP_PKEY_bits\x00", false) -+ _mkcgo_EVP_PKEY_get_size = dlsym(handle, "EVP_PKEY_size\x00", false) -+ _mkcgo_EVP_PKEY_set1_EC_KEY = dlsym(handle, "EVP_PKEY_set1_EC_KEY\x00", false) -+ _mkcgo_FIPS_mode = dlsym(handle, "FIPS_mode\x00", false) -+ _mkcgo_FIPS_mode_set = dlsym(handle, "FIPS_mode_set\x00", false) -+ _mkcgo_HMAC_CTX_copy = dlsym(handle, "HMAC_CTX_copy\x00", false) -+ _mkcgo_HMAC_CTX_free = dlsym(handle, "HMAC_CTX_free\x00", false) -+ _mkcgo_HMAC_CTX_new = dlsym(handle, "HMAC_CTX_new\x00", false) -+ _mkcgo_HMAC_Final = dlsym(handle, "HMAC_Final\x00", false) -+ _mkcgo_HMAC_Init_ex = dlsym(handle, "HMAC_Init_ex\x00", false) -+ _mkcgo_HMAC_Update = dlsym(handle, "HMAC_Update\x00", false) -+ _mkcgo_PKCS5_PBKDF2_HMAC = dlsym(handle, "PKCS5_PBKDF2_HMAC\x00", false) -+ _mkcgo_RAND_bytes = dlsym(handle, "RAND_bytes\x00", false) -+ _mkcgo_RSA_free = dlsym(handle, "RSA_free\x00", false) -+ _mkcgo_RSA_get0_crt_params = dlsym(handle, "RSA_get0_crt_params\x00", false) -+ _mkcgo_RSA_get0_factors = dlsym(handle, "RSA_get0_factors\x00", false) -+ _mkcgo_RSA_get0_key = dlsym(handle, "RSA_get0_key\x00", false) -+ _mkcgo_RSA_new = dlsym(handle, "RSA_new\x00", false) -+ _mkcgo_RSA_set0_crt_params = dlsym(handle, "RSA_set0_crt_params\x00", false) -+ _mkcgo_RSA_set0_factors = dlsym(handle, "RSA_set0_factors\x00", false) -+ _mkcgo_RSA_set0_key = dlsym(handle, "RSA_set0_key\x00", false) ++func EVP_KDF_CTX_free(ctx EVP_KDF_CTX_PTR) { ++ C._mkcgo_EVP_KDF_CTX_free(ctx) +} + -+func MkcgoUnload_legacy_1() { -+ _mkcgo_DSA_free = 0 -+ _mkcgo_DSA_generate_key = 0 -+ _mkcgo_DSA_get0_key = 0 -+ _mkcgo_DSA_get0_pqg = 0 -+ _mkcgo_DSA_new = 0 -+ _mkcgo_DSA_set0_key = 0 -+ _mkcgo_DSA_set0_pqg = 0 -+ _mkcgo_EC_KEY_check_key = 0 -+ _mkcgo_EC_KEY_free = 0 -+ _mkcgo_EC_KEY_get0_group = 0 -+ _mkcgo_EC_KEY_get0_private_key = 0 -+ _mkcgo_EC_KEY_get0_public_key = 0 -+ _mkcgo_EC_KEY_new_by_curve_name = 0 -+ _mkcgo_EC_KEY_set_private_key = 0 -+ _mkcgo_EC_KEY_set_public_key = 0 -+ _mkcgo_EC_KEY_set_public_key_affine_coordinates = 0 -+ _mkcgo_EC_POINT_get_affine_coordinates_GFp = 0 -+ _mkcgo_EVP_CIPHER_get_block_size = 0 -+ _mkcgo_EVP_MD_get_block_size = 0 -+ _mkcgo_EVP_MD_get_size = 0 -+ _mkcgo_EVP_PKEY_assign = 0 -+ _mkcgo_EVP_PKEY_get0_DSA = 0 -+ _mkcgo_EVP_PKEY_get0_EC_KEY = 0 -+ _mkcgo_EVP_PKEY_get1_RSA = 0 -+ _mkcgo_EVP_PKEY_get_bits = 0 -+ _mkcgo_EVP_PKEY_get_size = 0 -+ _mkcgo_EVP_PKEY_set1_EC_KEY = 0 -+ _mkcgo_FIPS_mode = 0 -+ _mkcgo_FIPS_mode_set = 0 -+ _mkcgo_HMAC_CTX_copy = 0 -+ _mkcgo_HMAC_CTX_free = 0 -+ _mkcgo_HMAC_CTX_new = 0 -+ _mkcgo_HMAC_Final = 0 -+ _mkcgo_HMAC_Init_ex = 0 -+ _mkcgo_HMAC_Update = 0 -+ _mkcgo_PKCS5_PBKDF2_HMAC = 0 -+ _mkcgo_RAND_bytes = 0 -+ _mkcgo_RSA_free = 0 -+ _mkcgo_RSA_get0_crt_params = 0 -+ _mkcgo_RSA_get0_factors = 0 -+ _mkcgo_RSA_get0_key = 0 -+ _mkcgo_RSA_new = 0 -+ _mkcgo_RSA_set0_crt_params = 0 -+ _mkcgo_RSA_set0_factors = 0 -+ _mkcgo_RSA_set0_key = 0 ++func EVP_KDF_CTX_get_kdf_size(ctx EVP_KDF_CTX_PTR) (int, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_KDF_CTX_get_kdf_size(ctx, mkcgoNoEscape(&_err)) ++ return int(_ret), newMkcgoErr("EVP_KDF_CTX_get_kdf_size", _err) +} + -+func MkcgoLoad_version(handle unsafe.Pointer) { -+ _mkcgo_OPENSSL_version_major = dlsym(handle, "OPENSSL_version_major\x00", true) -+ _mkcgo_OPENSSL_version_minor = dlsym(handle, "OPENSSL_version_minor\x00", true) -+ _mkcgo_OPENSSL_version_patch = dlsym(handle, "OPENSSL_version_patch\x00", true) -+ _mkcgo_OpenSSL_version_num = dlsym(handle, "OpenSSL_version_num\x00", true) ++func EVP_KDF_CTX_new(kdf EVP_KDF_PTR) (EVP_KDF_CTX_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_KDF_CTX_new(kdf, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_KDF_CTX_new", _err) +} + -+func MkcgoUnload_version() { -+ _mkcgo_OPENSSL_version_major = 0 -+ _mkcgo_OPENSSL_version_minor = 0 -+ _mkcgo_OPENSSL_version_patch = 0 -+ _mkcgo_OpenSSL_version_num = 0 ++func EVP_KDF_CTX_set_params(ctx EVP_KDF_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_KDF_CTX_set_params(ctx, params, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_KDF_CTX_set_params", _err) +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/aes.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/aes.go -new file mode 100644 -index 00000000000000..e487d1f1688cb7 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/aes.go -@@ -0,0 +1,158 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. + -+package openssl ++func EVP_KDF_derive(ctx EVP_KDF_CTX_PTR, key *byte, keylen int, params OSSL_PARAM_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_KDF_derive(ctx, (*C.uchar)(unsafe.Pointer(key)), C.size_t(keylen), params, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_KDF_derive", _err) ++} + -+import ( -+ "crypto/cipher" -+ "errors" -+) ++func EVP_KDF_fetch(libctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_KDF_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_KDF_fetch(libctx, (*C.char)(unsafe.Pointer(algorithm)), (*C.char)(unsafe.Pointer(properties)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_KDF_fetch", _err) ++} + -+//go:generate go run github.com/microsoft/go-crypto-openssl/cmd/genaesmodes -in aes.go -modes CBC,CTR,GCM -out zaes.go -+//go:generate go run github.com/microsoft/go-crypto-openssl/cmd/gentestvectors -out vectors_test.go ++func EVP_KDF_free(kdf EVP_KDF_PTR) { ++ C._mkcgo_EVP_KDF_free(kdf) ++} + -+// Steps to support a new AES mode, e.g. `FOO`: -+// 1. Add `FOO` to the list of modes in the `genaesmodes` command. -+// 2. Run `go generate` to update the generated code. -+// 3. Implement the necessary interfaces for the new struct, which will be named `cipherWithFOO`. ++func EVP_MAC_CTX_dup(arg0 EVP_MAC_CTX_PTR) (EVP_MAC_CTX_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_MAC_CTX_dup(arg0, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_MAC_CTX_dup", _err) ++} + -+// NewAESCipher creates and returns a new AES cipher.Block. -+// The key argument should be the AES key, either 16, 24, or 32 bytes to select -+// AES-128, AES-192, or AES-256. -+// The returned cipher.Block implements the CBC, CTR, and/or GCM modes if -+// the underlying OpenSSL library supports them. -+func NewAESCipher(key []byte) (cipher.Block, error) { -+ var kind cipherKind -+ switch len(key) * 8 { -+ case 128: -+ kind = cipherAES128 -+ case 192: -+ kind = cipherAES192 -+ case 256: -+ kind = cipherAES256 -+ default: -+ return nil, errors.New("crypto/aes: invalid key size") -+ } -+ c, err := newEVPCipher(key, kind) -+ if err != nil { -+ return nil, err -+ } -+ return newAESBlock(c, kind), nil ++func EVP_MAC_CTX_free(arg0 EVP_MAC_CTX_PTR) { ++ C._mkcgo_EVP_MAC_CTX_free(arg0) ++} ++ ++func EVP_MAC_CTX_new(arg0 EVP_MAC_PTR) (EVP_MAC_CTX_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_MAC_CTX_new(arg0, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_MAC_CTX_new", _err) +} + -+// NewGCMTLS returns a GCM cipher specific to TLS -+// and should not be used for non-TLS purposes. -+func NewGCMTLS(c cipher.Block) (cipher.AEAD, error) { -+ if c, ok := c.(interface { -+ NewGCMTLS() (cipher.AEAD, error) -+ }); ok { -+ return c.NewGCMTLS() -+ } -+ return nil, errors.New("GCM not supported") ++func EVP_MAC_CTX_set_params(ctx EVP_MAC_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_MAC_CTX_set_params(ctx, params, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_MAC_CTX_set_params", _err) +} + -+// NewGCMTLS13 returns a GCM cipher specific to TLS 1.3 and should not be used -+// for non-TLS purposes. -+func NewGCMTLS13(c cipher.Block) (cipher.AEAD, error) { -+ if c, ok := c.(interface { -+ NewGCMTLS13() (cipher.AEAD, error) -+ }); ok { -+ return c.NewGCMTLS13() -+ } -+ return nil, errors.New("GCM not supported") ++func EVP_MAC_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_MAC_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_MAC_fetch(ctx, (*C.char)(unsafe.Pointer(algorithm)), (*C.char)(unsafe.Pointer(properties)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_MAC_fetch", _err) +} + -+// aesCipher implements the cipher.Block interface. -+type aesCipher struct { -+ cipher *evpCipher ++func EVP_MAC_final(ctx EVP_MAC_CTX_PTR, out *byte, outl *int, outsize int) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_MAC_final(ctx, (*C.uchar)(unsafe.Pointer(out)), (*C.size_t)(unsafe.Pointer(outl)), C.size_t(outsize), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_MAC_final", _err) +} + -+func (c aesCipher) BlockSize() int { -+ return c.cipher.blockSize ++func EVP_MAC_init(ctx EVP_MAC_CTX_PTR, key *byte, keylen int, params OSSL_PARAM_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_MAC_init(ctx, (*C.uchar)(unsafe.Pointer(key)), C.size_t(keylen), params, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_MAC_init", _err) +} + -+func (c aesCipher) Encrypt(dst, src []byte) { -+ if err := c.cipher.encrypt(dst, src); err != nil { -+ // crypto/aes expects that the panic message starts with "crypto/aes: ". -+ panic("crypto/aes: " + err.Error()) -+ } ++func EVP_MAC_update(ctx EVP_MAC_CTX_PTR, data *byte, datalen int) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_MAC_update(ctx, (*C.uchar)(unsafe.Pointer(data)), C.size_t(datalen), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_MAC_update", _err) +} + -+func (c aesCipher) Decrypt(dst, src []byte) { -+ if err := c.cipher.decrypt(dst, src); err != nil { -+ // crypto/aes expects that the panic message starts with "crypto/aes: ". -+ panic("crypto/aes: " + err.Error()) -+ } ++func EVP_MD_CTX_copy(out EVP_MD_CTX_PTR, in EVP_MD_CTX_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_MD_CTX_copy(out, in, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_MD_CTX_copy", _err) +} + -+// Implement optional interfaces for AES modes. ++func EVP_MD_CTX_copy_ex(out EVP_MD_CTX_PTR, in EVP_MD_CTX_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_MD_CTX_copy_ex(out, in, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_MD_CTX_copy_ex", _err) ++} + -+func (c cipherWithCBC) NewCBCEncrypter(iv []byte) cipher.BlockMode { -+ return c.cipher.newCBC(iv, cipherOpEncrypt) ++func EVP_MD_CTX_free(ctx EVP_MD_CTX_PTR) { ++ C._mkcgo_EVP_MD_CTX_free(ctx) +} + -+func (c cipherWithCBC) NewFIPSCBCEncrypter(iv []byte) cipher.BlockMode { -+ return c.cipher.newCBC(iv, cipherOpEncrypt) ++func EVP_MD_CTX_get_params(ctx EVP_MD_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_MD_CTX_get_params(ctx, params, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_MD_CTX_get_params", _err) +} + -+func (c cipherWithCBC) NewCBCDecrypter(iv []byte) cipher.BlockMode { -+ return c.cipher.newCBC(iv, cipherOpDecrypt) ++func EVP_MD_CTX_gettable_params(ctx EVP_MD_CTX_PTR) (OSSL_PARAM_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_MD_CTX_gettable_params(ctx, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_MD_CTX_gettable_params", _err) +} + -+func (c cipherWithCBC) NewFIPSCBCDecrypter(iv []byte) cipher.BlockMode { -+ return c.cipher.newCBC(iv, cipherOpDecrypt) ++func EVP_MD_CTX_new() (EVP_MD_CTX_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_MD_CTX_new(mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_MD_CTX_new", _err) +} + -+func (c cipherWithCTR) NewCTR(iv []byte) cipher.Stream { -+ return c.cipher.newCTR(iv) ++func EVP_MD_CTX_set_params(ctx EVP_MD_CTX_PTR, params OSSL_PARAM_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_MD_CTX_set_params(ctx, params, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_MD_CTX_set_params", _err) +} + -+func (c cipherWithCTR) NewFIPSCTR(iv []byte) cipher.Stream { -+ return c.cipher.newCTR(iv) ++func EVP_MD_CTX_settable_params(ctx EVP_MD_CTX_PTR) (OSSL_PARAM_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_MD_CTX_settable_params(ctx, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_MD_CTX_settable_params", _err) +} + -+func (c cipherWithGCM) NewGCM(nonceSize, tagSize int) (cipher.AEAD, error) { -+ return c.cipher.newGCMChecked(nonceSize, tagSize) ++func EVP_MD_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_MD_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_MD_fetch(ctx, (*C.char)(unsafe.Pointer(algorithm)), (*C.char)(unsafe.Pointer(properties)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_MD_fetch", _err) +} + -+func (c cipherWithGCM) NewGCMTLS() (cipher.AEAD, error) { -+ return c.cipher.newGCM(cipherGCMTLS12) ++func EVP_MD_free(md EVP_MD_PTR) { ++ C._mkcgo_EVP_MD_free(md) +} + -+func (c cipherWithGCM) NewGCMTLS13() (cipher.AEAD, error) { -+ return c.cipher.newGCM(cipherGCMTLS13) ++func EVP_MD_get0_name(md EVP_MD_PTR) *byte { ++ return (*byte)(unsafe.Pointer(C._mkcgo_EVP_MD_get0_name(md))) +} + -+// The following interfaces have been copied out of crypto/aes/modes.go. ++func EVP_MD_get0_provider(md EVP_MD_PTR) OSSL_PROVIDER_PTR { ++ return C._mkcgo_EVP_MD_get0_provider(md) ++} + -+type gcmAble interface { -+ NewGCM(nonceSize, tagSize int) (cipher.AEAD, error) ++func EVP_MD_get_block_size(md EVP_MD_PTR) int32 { ++ return int32(C._mkcgo_EVP_MD_get_block_size(md)) +} + -+type cbcEncAble interface { -+ NewCBCEncrypter(iv []byte) cipher.BlockMode ++func EVP_MD_get_size(md EVP_MD_PTR) int32 { ++ return int32(C._mkcgo_EVP_MD_get_size(md)) +} + -+type cbcDecAble interface { -+ NewCBCDecrypter(iv []byte) cipher.BlockMode ++func EVP_MD_get_type(md EVP_MD_PTR) int32 { ++ return int32(C._mkcgo_EVP_MD_get_type(md)) +} + -+type ctrAble interface { -+ NewCTR(iv []byte) cipher.Stream ++func EVP_PKEY_CTX_add1_hkdf_info(arg0 EVP_PKEY_CTX_PTR, arg1 *byte, arg2 int32) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_CTX_add1_hkdf_info(arg0, (*C.uchar)(unsafe.Pointer(arg1)), C.int(arg2), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_add1_hkdf_info", _err) +} + -+// Test that the interfaces are implemented. ++func EVP_PKEY_CTX_ctrl(ctx EVP_PKEY_CTX_PTR, keytype int32, optype int32, cmd int32, p1 int32, p2 unsafe.Pointer) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_CTX_ctrl(ctx, C.int(keytype), C.int(optype), C.int(cmd), C.int(p1), p2, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_ctrl", _err) ++} + -+var ( -+ _ cipher.Block = (*aesCipher)(nil) ++func EVP_PKEY_CTX_free(arg0 EVP_PKEY_CTX_PTR) { ++ C._mkcgo_EVP_PKEY_CTX_free(arg0) ++} + -+ _ cipher.Block = (*cipherWithCBC)(nil) -+ _ cbcEncAble = (*cipherWithCBC)(nil) -+ _ cbcDecAble = (*cipherWithCBC)(nil) ++func EVP_PKEY_CTX_new(arg0 EVP_PKEY_PTR, arg1 ENGINE_PTR) (EVP_PKEY_CTX_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_CTX_new(arg0, arg1, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_CTX_new", _err) ++} + -+ _ cipher.Block = (*cipherWithCTR)(nil) -+ _ ctrAble = (*cipherWithCTR)(nil) ++func EVP_PKEY_CTX_new_from_pkey(libctx OSSL_LIB_CTX_PTR, pkey EVP_PKEY_PTR, propquery *byte) (EVP_PKEY_CTX_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_CTX_new_from_pkey(libctx, pkey, (*C.char)(unsafe.Pointer(propquery)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_CTX_new_from_pkey", _err) ++} + -+ _ cipher.Block = (*cipherWithGCM)(nil) -+ _ gcmAble = (*cipherWithGCM)(nil) -+) -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/big.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/big.go -new file mode 100644 -index 00000000000000..a5d005176e63f9 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/big.go -@@ -0,0 +1,14 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. ++func EVP_PKEY_CTX_new_id(id int32, e ENGINE_PTR) (EVP_PKEY_CTX_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_CTX_new_id(C.int(id), e, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_CTX_new_id", _err) ++} + -+package openssl ++func EVP_PKEY_CTX_set0_rsa_oaep_label(ctx EVP_PKEY_CTX_PTR, label unsafe.Pointer, len int32) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, label, C.int(len), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_set0_rsa_oaep_label", _err) ++} + -+// This file does not have build constraints to -+// facilitate using BigInt in Go crypto. -+// Go crypto references BigInt unconditionally, -+// even if it is not finally used. ++func EVP_PKEY_CTX_set1_hkdf_key(arg0 EVP_PKEY_CTX_PTR, arg1 *byte, arg2 int32) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_CTX_set1_hkdf_key(arg0, (*C.uchar)(unsafe.Pointer(arg1)), C.int(arg2), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_set1_hkdf_key", _err) ++} + -+// A BigInt is the raw words from a BigInt. -+// This definition allows us to avoid importing math/big. -+// Conversion between BigInt and *big.Int is in openssl/bbig. -+type BigInt []uint -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/chacha20poly1305.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/chacha20poly1305.go -new file mode 100644 -index 00000000000000..410829738931c7 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/chacha20poly1305.go -@@ -0,0 +1,152 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. ++func EVP_PKEY_CTX_set1_hkdf_salt(arg0 EVP_PKEY_CTX_PTR, arg1 *byte, arg2 int32) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_CTX_set1_hkdf_salt(arg0, (*C.uchar)(unsafe.Pointer(arg1)), C.int(arg2), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_set1_hkdf_salt", _err) ++} + -+package openssl ++func EVP_PKEY_CTX_set_hkdf_md(arg0 EVP_PKEY_CTX_PTR, arg1 EVP_MD_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_CTX_set_hkdf_md(arg0, arg1, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_set_hkdf_md", _err) ++} + -+import ( -+ "crypto/cipher" -+ "errors" -+ "runtime" -+ "sync" -+ "unsafe" ++func EVP_PKEY_CTX_set_hkdf_mode(arg0 EVP_PKEY_CTX_PTR, arg1 int32) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_CTX_set_hkdf_mode(arg0, C.int(arg1), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_CTX_set_hkdf_mode", _err) ++} + -+ "github.com/microsoft/go-crypto-openssl/internal/ossl" -+) ++func EVP_PKEY_Q_keygen_EC(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte, arg1 *byte) (EVP_PKEY_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_Q_keygen_EC(ctx, (*C.char)(unsafe.Pointer(propq)), (*C.char)(unsafe.Pointer(__type)), (*C.char)(unsafe.Pointer(arg1)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_Q_keygen_EC", _err) ++} + -+const ( -+ chacha20Poly1305KeySize = 32 -+ chacha20Poly1305NonceSize = 12 -+ chacha20Poly1305Overhead = 16 -+) ++func EVP_PKEY_Q_keygen_ED25519(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte) (EVP_PKEY_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_Q_keygen_ED25519(ctx, (*C.char)(unsafe.Pointer(propq)), (*C.char)(unsafe.Pointer(__type)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_Q_keygen_ED25519", _err) ++} + -+var supportsChaCha20Poly1305 = sync.OnceValue(func() bool { -+ return loadCipher(cipherChaCha20Poly1305, cipherModeNone) != nil -+}) ++func EVP_PKEY_Q_keygen_RSA(ctx OSSL_LIB_CTX_PTR, propq *byte, __type *byte, arg1 int) (EVP_PKEY_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_Q_keygen_RSA(ctx, (*C.char)(unsafe.Pointer(propq)), (*C.char)(unsafe.Pointer(__type)), C.size_t(arg1), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_Q_keygen_RSA", _err) ++} + -+func SupportsChaCha20Poly1305() bool { -+ return supportsChaCha20Poly1305() ++func EVP_PKEY_assign(pkey EVP_PKEY_PTR, __type int32, key unsafe.Pointer) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_assign(pkey, C.int(__type), key, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_assign", _err) +} + -+type chacha20poly1305 struct { -+ key [chacha20Poly1305KeySize]byte ++func EVP_PKEY_decrypt(arg0 EVP_PKEY_CTX_PTR, arg1 *byte, arg2 *int, arg3 *byte, arg4 int) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_decrypt(arg0, (*C.uchar)(unsafe.Pointer(arg1)), (*C.size_t)(unsafe.Pointer(arg2)), (*C.uchar)(unsafe.Pointer(arg3)), C.size_t(arg4), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_decrypt", _err) +} + -+// NewChaCha20Poly1305 returns a ChaCha20-Poly1305 AEAD that uses the given 256-bit key. -+func NewChaCha20Poly1305(key []byte) (cipher.AEAD, error) { -+ if len(key) != chacha20Poly1305KeySize { -+ return nil, errors.New("chacha20poly1305: bad key length") -+ } -+ ret := new(chacha20poly1305) -+ copy(ret.key[:], key) -+ return ret, nil ++func EVP_PKEY_decrypt_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_decrypt_init(arg0, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_decrypt_init", _err) +} + -+func (c *chacha20poly1305) NonceSize() int { -+ return chacha20Poly1305NonceSize ++func EVP_PKEY_derive(ctx EVP_PKEY_CTX_PTR, key *byte, keylen *int) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_derive(ctx, (*C.uchar)(unsafe.Pointer(key)), (*C.size_t)(unsafe.Pointer(keylen)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_derive", _err) +} + -+func (c *chacha20poly1305) Overhead() int { -+ return chacha20Poly1305Overhead ++func EVP_PKEY_derive_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_derive_init(ctx, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_derive_init", _err) +} + -+func (c *chacha20poly1305) Seal(dst, nonce, plaintext, additionalData []byte) []byte { -+ if len(nonce) != chacha20Poly1305NonceSize { -+ panic("chacha20poly1305: bad nonce length passed to Seal") -+ } -+ if uint64(len(plaintext)) > (1<<38)-64 { -+ panic("chacha20poly1305: plaintext too large") -+ } -+ ret, out := sliceForAppend(dst, len(plaintext)+chacha20Poly1305Overhead) -+ if inexactOverlap(out, plaintext) { -+ panic("chacha20poly1305: invalid buffer overlap of output and input") -+ } -+ if anyOverlap(out, additionalData) { -+ panic("chacha20poly1305: invalid buffer overlap of output and additional data") -+ } -+ ctx, err := newCipherCtx(cipherChaCha20Poly1305, cipherModeNone, cipherOpEncrypt, c.key[:], nil) -+ if err != nil { -+ panic(err) -+ } -+ defer ossl.EVP_CIPHER_CTX_free(ctx) -+ if _, err := ossl.EVP_CIPHER_CTX_ctrl(ctx, ossl.EVP_CTRL_AEAD_SET_IVLEN, int32(len(nonce)), nil); err != nil { -+ panic(err) -+ } -+ if _, err := ossl.EVP_EncryptInit_ex(ctx, nil, nil, nil, base(nonce)); err != nil { -+ panic(err) -+ } -+ if len(additionalData) > 0 { -+ var discard int32 -+ if _, err := ossl.EVP_EncryptUpdate(ctx, nil, &discard, additionalData); err != nil { -+ panic(err) -+ } -+ } -+ var outl int32 -+ if len(plaintext) > 0 { -+ if _, err := ossl.EVP_EncryptUpdate(ctx, out, &outl, plaintext); err != nil { -+ panic(err) -+ } -+ } -+ var discard int32 -+ if _, err := ossl.EVP_EncryptFinal_ex(ctx, out[outl:], &discard); err != nil { -+ panic(err) -+ } -+ tag := out[len(out)-chacha20Poly1305Overhead:] -+ if _, err := ossl.EVP_CIPHER_CTX_ctrl(ctx, ossl.EVP_CTRL_AEAD_GET_TAG, 16, unsafe.Pointer(base(tag))); err != nil { -+ panic(err) -+ } -+ runtime.KeepAlive(c) -+ return ret ++func EVP_PKEY_derive_set_peer(ctx EVP_PKEY_CTX_PTR, peer EVP_PKEY_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_derive_set_peer(ctx, peer, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_derive_set_peer", _err) +} + -+func (c *chacha20poly1305) Open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error) { -+ if len(nonce) != chacha20Poly1305NonceSize { -+ panic("chacha20poly1305: bad nonce length passed to Open") -+ } -+ if len(ciphertext) < 16 { -+ return nil, errOpen -+ } -+ if uint64(len(ciphertext)) > (1<<38)-48 { -+ panic("chacha20poly1305: ciphertext too large") -+ } -+ tag := ciphertext[len(ciphertext)-chacha20Poly1305Overhead:] -+ ciphertext = ciphertext[:len(ciphertext)-chacha20Poly1305Overhead] -+ ret, out := sliceForAppend(dst, len(ciphertext)) -+ if inexactOverlap(out, ciphertext) { -+ panic("chacha20poly1305: invalid buffer overlap of output and input") -+ } -+ if anyOverlap(out, additionalData) { -+ panic("chacha20poly1305: invalid buffer overlap of output and additional data") -+ } -+ ctx, err := newCipherCtx(cipherChaCha20Poly1305, cipherModeNone, cipherOpDecrypt, c.key[:], nil) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EVP_CIPHER_CTX_free(ctx) -+ if _, err := ossl.EVP_CIPHER_CTX_ctrl(ctx, ossl.EVP_CTRL_AEAD_SET_IVLEN, int32(len(nonce)), nil); err != nil { -+ return nil, err -+ } -+ if _, err := ossl.EVP_CIPHER_CTX_ctrl(ctx, ossl.EVP_CTRL_AEAD_SET_TAG, 16, unsafe.Pointer(base(tag))); err != nil { -+ return nil, err -+ } -+ if _, err := ossl.EVP_DecryptInit_ex(ctx, nil, nil, nil, base(nonce)); err != nil { -+ return nil, err -+ } -+ if len(additionalData) > 0 { -+ var discard int32 -+ if _, err := ossl.EVP_DecryptUpdate(ctx, nil, &discard, additionalData); err != nil { -+ return nil, err -+ } -+ } -+ var outl int32 -+ if len(ciphertext) > 0 { -+ if _, err := ossl.EVP_DecryptUpdate(ctx, out, &outl, ciphertext); err != nil { -+ return nil, err -+ } -+ } -+ var discard int32 -+ if _, err := ossl.EVP_DecryptFinal_ex(ctx, out[outl:], &discard); err != nil { -+ return nil, errOpen -+ } -+ runtime.KeepAlive(c) -+ return ret[:len(dst)+len(ciphertext)], nil ++func EVP_PKEY_encrypt(arg0 EVP_PKEY_CTX_PTR, arg1 *byte, arg2 *int, arg3 *byte, arg4 int) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_encrypt(arg0, (*C.uchar)(unsafe.Pointer(arg1)), (*C.size_t)(unsafe.Pointer(arg2)), (*C.uchar)(unsafe.Pointer(arg3)), C.size_t(arg4), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_encrypt", _err) ++} ++ ++func EVP_PKEY_encrypt_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_encrypt_init(arg0, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_encrypt_init", _err) ++} ++ ++func EVP_PKEY_free(arg0 EVP_PKEY_PTR) { ++ C._mkcgo_EVP_PKEY_free(arg0) +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/cipher.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/cipher.go -new file mode 100644 -index 00000000000000..24615432053f01 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/cipher.go -@@ -0,0 +1,666 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. + -+package openssl ++func EVP_PKEY_fromdata(ctx EVP_PKEY_CTX_PTR, pkey *EVP_PKEY_PTR, selection int32, params OSSL_PARAM_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_fromdata(ctx, pkey, C.int(selection), params, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_fromdata", _err) ++} + -+import ( -+ "crypto/cipher" -+ "errors" -+ "runtime" -+ "strconv" -+ "sync" -+ "unsafe" ++func EVP_PKEY_fromdata_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_fromdata_init(ctx, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_fromdata_init", _err) ++} + -+ "github.com/microsoft/go-crypto-openssl/internal/ossl" -+) ++func EVP_PKEY_get0_DSA(pkey EVP_PKEY_PTR) (DSA_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_get0_DSA(pkey, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_get0_DSA", _err) ++} + -+type cipherKind int8 ++func EVP_PKEY_get0_EC_KEY(pkey EVP_PKEY_PTR) (EC_KEY_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_get0_EC_KEY(pkey, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_get0_EC_KEY", _err) ++} + -+const ( -+ cipherAES128 cipherKind = iota -+ cipherAES192 -+ cipherAES256 -+ cipherDES -+ cipherDES3 -+ cipherRC4 -+ cipherChaCha20Poly1305 -+) ++func EVP_PKEY_get1_RSA(pkey EVP_PKEY_PTR) (RSA_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_get1_RSA(pkey, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_get1_RSA", _err) ++} + -+func (c cipherKind) String() string { -+ switch c { -+ case cipherAES128: -+ return "AES-128" -+ case cipherAES192: -+ return "AES-192" -+ case cipherAES256: -+ return "AES-256" -+ case cipherDES: -+ return "DES" -+ case cipherDES3: -+ return "DES3" -+ case cipherRC4: -+ return "RC4" -+ case cipherChaCha20Poly1305: -+ return "ChaCha20-Poly1305" -+ default: -+ panic("unknown cipher kind: " + strconv.Itoa(int(c))) -+ } ++func EVP_PKEY_get1_encoded_public_key(pkey EVP_PKEY_PTR, ppub **byte) (int, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_get1_encoded_public_key(pkey, (**C.uchar)(unsafe.Pointer(ppub)), mkcgoNoEscape(&_err)) ++ return int(_ret), newMkcgoErr("EVP_PKEY_get1_encoded_public_key", _err) +} + -+type cipherMode int8 ++func EVP_PKEY_get_bits(pkey EVP_PKEY_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_get_bits(pkey, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_get_bits", _err) ++} + -+const ( -+ cipherModeNone cipherMode = -1 -+ cipherModeECB cipherMode = iota -+ cipherModeCBC -+ cipherModeCTR -+ cipherModeGCM -+) ++func EVP_PKEY_get_bn_param(pkey EVP_PKEY_PTR, key_name *byte, bn *BIGNUM_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_get_bn_param(pkey, (*C.char)(unsafe.Pointer(key_name)), bn, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_get_bn_param", _err) ++} + -+// cipherOp is the allowed operations for a cipher, -+// as documented in [EVP_CipherInit_ex]. -+// -+// [EVP_CipherInit_ex]: https://www.openssl.org/docs/man3.0/man3/EVP_CipherInit_ex.html -+type cipherOp int8 ++func EVP_PKEY_get_raw_private_key(pkey EVP_PKEY_PTR, priv *byte, len *int) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_get_raw_private_key(pkey, (*C.uchar)(unsafe.Pointer(priv)), (*C.size_t)(unsafe.Pointer(len)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_get_raw_private_key", _err) ++} + -+const ( -+ cipherOpNone cipherOp = -1 // leaves the value of the previous call, if any. -+ cipherOpDecrypt cipherOp = 0 -+ cipherOpEncrypt cipherOp = 1 -+) ++func EVP_PKEY_get_raw_public_key(pkey EVP_PKEY_PTR, pub *byte, len *int) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_get_raw_public_key(pkey, (*C.uchar)(unsafe.Pointer(pub)), (*C.size_t)(unsafe.Pointer(len)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_get_raw_public_key", _err) ++} + -+// cacheCipher is a cache of cipherKind to GO_EVP_CIPHER_PTR. -+var cacheCipher sync.Map ++func EVP_PKEY_get_size(pkey EVP_PKEY_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_get_size(pkey, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_get_size", _err) ++} + -+type cacheCipherKey struct { -+ kind cipherKind -+ mode cipherMode ++func EVP_PKEY_keygen(ctx EVP_PKEY_CTX_PTR, ppkey *EVP_PKEY_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_keygen(ctx, ppkey, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_keygen", _err) +} + -+// loadCipher returns a cipher object for the given k. -+func loadCipher(k cipherKind, mode cipherMode) (cipher ossl.EVP_CIPHER_PTR) { -+ if v, ok := cacheCipher.Load(cacheCipherKey{k, mode}); ok { -+ return v.(ossl.EVP_CIPHER_PTR) -+ } -+ defer func() { -+ if cipher != nil { -+ switch major() { -+ case 3, 4: -+ // On OpenSSL 3, directly operating on a EVP_CIPHER object -+ // not created by EVP_CIPHER has negative performance -+ // implications, as cipher operations will have -+ // to fetch it on every call. Better to just fetch it once here. -+ cipher, _ = ossl.EVP_CIPHER_fetch(nil, ossl.EVP_CIPHER_get0_name(cipher), nil) -+ } -+ } -+ cacheCipher.Store(cacheCipherKey{k, mode}, cipher) -+ }() -+ switch k { -+ case cipherAES128: -+ switch mode { -+ case cipherModeECB: -+ cipher = ossl.EVP_aes_128_ecb() -+ case cipherModeCBC: -+ cipher = ossl.EVP_aes_128_cbc() -+ case cipherModeCTR: -+ cipher = ossl.EVP_aes_128_ctr() -+ case cipherModeGCM: -+ cipher = ossl.EVP_aes_128_gcm() -+ } -+ case cipherAES192: -+ switch mode { -+ case cipherModeECB: -+ cipher = ossl.EVP_aes_192_ecb() -+ case cipherModeCBC: -+ cipher = ossl.EVP_aes_192_cbc() -+ case cipherModeCTR: -+ cipher = ossl.EVP_aes_192_ctr() -+ case cipherModeGCM: -+ cipher = ossl.EVP_aes_192_gcm() -+ } -+ case cipherAES256: -+ switch mode { -+ case cipherModeECB: -+ cipher = ossl.EVP_aes_256_ecb() -+ case cipherModeCBC: -+ cipher = ossl.EVP_aes_256_cbc() -+ case cipherModeCTR: -+ cipher = ossl.EVP_aes_256_ctr() -+ case cipherModeGCM: -+ cipher = ossl.EVP_aes_256_gcm() -+ } -+ case cipherDES: -+ switch mode { -+ case cipherModeECB: -+ cipher = ossl.EVP_des_ecb() -+ case cipherModeCBC: -+ cipher = ossl.EVP_des_cbc() -+ } -+ case cipherDES3: -+ switch mode { -+ case cipherModeECB: -+ cipher = ossl.EVP_des_ede3_ecb() -+ case cipherModeCBC: -+ cipher = ossl.EVP_des_ede3_cbc() -+ } -+ case cipherRC4: -+ cipher = ossl.EVP_rc4() -+ case cipherChaCha20Poly1305: -+ if ossl.EVP_chacha20_poly1305_Available() { -+ cipher = ossl.EVP_chacha20_poly1305() -+ } -+ } -+ return cipher ++func EVP_PKEY_keygen_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_keygen_init(ctx, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_keygen_init", _err) +} + -+type evpCipher struct { -+ key []byte -+ kind cipherKind -+ blockSize int ++func EVP_PKEY_new() (EVP_PKEY_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_new(mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_new", _err) +} + -+func newEVPCipher(key []byte, kind cipherKind) (*evpCipher, error) { -+ cipher := loadCipher(kind, cipherModeECB) -+ if cipher == nil { -+ return nil, errors.New("crypto/cipher: unsupported cipher: " + kind.String()) -+ } -+ c := &evpCipher{key: make([]byte, len(key)), kind: kind} -+ copy(c.key, key) -+ c.blockSize = int(ossl.EVP_CIPHER_get_block_size(cipher)) -+ return c, nil ++func EVP_PKEY_new_raw_private_key(__type int32, e ENGINE_PTR, key *byte, keylen int) (EVP_PKEY_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_new_raw_private_key(C.int(__type), e, (*C.uchar)(unsafe.Pointer(key)), C.size_t(keylen), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_new_raw_private_key", _err) +} + -+func (c *evpCipher) encrypt(dst, src []byte) error { -+ if len(src) < c.blockSize { -+ return errors.New("input not full block") -+ } -+ if len(dst) < c.blockSize { -+ return errors.New("output not full block") -+ } -+ // Only check for overlap between the parts of src and dst that will actually be used. -+ // This matches Go standard library behavior. -+ if inexactOverlap(dst[:c.blockSize], src[:c.blockSize]) { -+ return errors.New("invalid buffer overlap") -+ } -+ enc_ctx, err := newCipherCtx(c.kind, cipherModeECB, cipherOpEncrypt, c.key, nil) -+ if err != nil { -+ return err -+ } -+ defer ossl.EVP_CIPHER_CTX_free(enc_ctx) ++func EVP_PKEY_new_raw_public_key(__type int32, e ENGINE_PTR, key *byte, keylen int) (EVP_PKEY_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_new_raw_public_key(C.int(__type), e, (*C.uchar)(unsafe.Pointer(key)), C.size_t(keylen), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_PKEY_new_raw_public_key", _err) ++} + -+ var outl int32 -+ if _, err := ossl.EVP_EncryptUpdate(enc_ctx, dst[:c.blockSize], &outl, src[:c.blockSize]); err != nil { -+ return err -+ } -+ runtime.KeepAlive(c) -+ return nil ++func EVP_PKEY_paramgen(ctx EVP_PKEY_CTX_PTR, ppkey *EVP_PKEY_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_paramgen(ctx, ppkey, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_paramgen", _err) +} + -+func (c *evpCipher) decrypt(dst, src []byte) error { -+ if len(src) < c.blockSize { -+ return errors.New("input not full block") -+ } -+ if len(dst) < c.blockSize { -+ return errors.New("output not full block") -+ } -+ // Only check for overlap between the parts of src and dst that will actually be used. -+ // This matches Go standard library behavior. -+ if inexactOverlap(dst[:c.blockSize], src[:c.blockSize]) { -+ return errors.New("invalid buffer overlap") -+ } -+ dec_ctx, err := newCipherCtx(c.kind, cipherModeECB, cipherOpDecrypt, c.key, nil) -+ if err != nil { -+ return err -+ } -+ defer ossl.EVP_CIPHER_CTX_free(dec_ctx) ++func EVP_PKEY_paramgen_init(ctx EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_paramgen_init(ctx, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_paramgen_init", _err) ++} + -+ if _, err := ossl.EVP_CIPHER_CTX_set_padding(dec_ctx, 0); err != nil { -+ return err -+ } ++func EVP_PKEY_private_check(ctx EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_private_check(ctx, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_private_check", _err) ++} + -+ var outl int32 -+ ossl.EVP_DecryptUpdate(dec_ctx, dst[:c.blockSize], &outl, src[:c.blockSize]) -+ runtime.KeepAlive(c) -+ return nil ++func EVP_PKEY_public_check_quick(ctx EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_public_check_quick(ctx, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_public_check_quick", _err) +} + -+type cipherCBC struct { -+ ctx ossl.EVP_CIPHER_CTX_PTR -+ blockSize int ++func EVP_PKEY_set1_EC_KEY(pkey EVP_PKEY_PTR, key EC_KEY_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_set1_EC_KEY(pkey, key, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_set1_EC_KEY", _err) +} + -+func (c *cipherCBC) finalize() { -+ ossl.EVP_CIPHER_CTX_free(c.ctx) ++func EVP_PKEY_set1_encoded_public_key(pkey EVP_PKEY_PTR, pub *byte, publen int) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_set1_encoded_public_key(pkey, (*C.uchar)(unsafe.Pointer(pub)), C.size_t(publen), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_set1_encoded_public_key", _err) +} + -+func (x *cipherCBC) BlockSize() int { return x.blockSize } ++func EVP_PKEY_sign(arg0 EVP_PKEY_CTX_PTR, arg1 *byte, arg2 *int, arg3 *byte, arg4 int) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_sign(arg0, (*C.uchar)(unsafe.Pointer(arg1)), (*C.size_t)(unsafe.Pointer(arg2)), (*C.uchar)(unsafe.Pointer(arg3)), C.size_t(arg4), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_sign", _err) ++} + -+func (x *cipherCBC) CryptBlocks(dst, src []byte) { -+ if inexactOverlap(dst, src) { -+ panic("crypto/cipher: invalid buffer overlap") -+ } -+ if len(src)%x.blockSize != 0 { -+ panic("crypto/cipher: input not full blocks") -+ } -+ if len(dst) < len(src) { -+ panic("crypto/cipher: output smaller than input") -+ } -+ if len(src) > 0 { -+ var outl int32 -+ if _, err := ossl.EVP_CipherUpdate(x.ctx, dst, &outl, src); err != nil { -+ panic("crypto/cipher: " + err.Error()) -+ } -+ runtime.KeepAlive(x) -+ } ++func EVP_PKEY_sign_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_sign_init(arg0, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_sign_init", _err) ++} ++ ++func EVP_PKEY_up_ref(key EVP_PKEY_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_up_ref(key, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_up_ref", _err) +} + -+func (x *cipherCBC) SetIV(iv []byte) { -+ if len(iv) != x.blockSize { -+ panic("crypto/cipher: incorrect length IV") -+ } -+ if _, err := ossl.EVP_CipherInit_ex(x.ctx, nil, nil, nil, base(iv), int32(cipherOpNone)); err != nil { -+ panic("crypto/cipher: " + err.Error()) -+ } ++func EVP_PKEY_verify(ctx EVP_PKEY_CTX_PTR, sig *byte, siglen int, tbs *byte, tbslen int) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_verify(ctx, (*C.uchar)(unsafe.Pointer(sig)), C.size_t(siglen), (*C.uchar)(unsafe.Pointer(tbs)), C.size_t(tbslen), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_verify", _err) +} + -+func (c *evpCipher) newCBC(iv []byte, op cipherOp) cipher.BlockMode { -+ ctx, err := newCipherCtx(c.kind, cipherModeCBC, op, c.key, iv) -+ if err != nil { -+ panic(err) -+ } -+ x := &cipherCBC{ctx: ctx, blockSize: c.blockSize} -+ runtime.SetFinalizer(x, (*cipherCBC).finalize) -+ if _, err := ossl.EVP_CIPHER_CTX_set_padding(x.ctx, 0); err != nil { -+ panic("crypto/cipher: " + err.Error()) -+ } -+ return x ++func EVP_PKEY_verify_init(arg0 EVP_PKEY_CTX_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_PKEY_verify_init(arg0, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_PKEY_verify_init", _err) +} + -+type cipherCTR struct { -+ ctx ossl.EVP_CIPHER_CTX_PTR ++func EVP_SIGNATURE_fetch(ctx OSSL_LIB_CTX_PTR, algorithm *byte, properties *byte) (EVP_SIGNATURE_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_SIGNATURE_fetch(ctx, (*C.char)(unsafe.Pointer(algorithm)), (*C.char)(unsafe.Pointer(properties)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("EVP_SIGNATURE_fetch", _err) +} + -+func (x *cipherCTR) XORKeyStream(dst, src []byte) { -+ if inexactOverlap(dst, src) { -+ panic("crypto/cipher: invalid buffer overlap") -+ } -+ if len(dst) < len(src) { -+ panic("crypto/cipher: output smaller than input") -+ } -+ if len(src) == 0 { -+ return -+ } -+ var outl int32 -+ if _, err := ossl.EVP_EncryptUpdate(x.ctx, dst, &outl, src); err != nil { -+ panic("crypto/cipher: " + err.Error()) -+ } -+ runtime.KeepAlive(x) ++func EVP_SIGNATURE_free(signature EVP_SIGNATURE_PTR) { ++ C._mkcgo_EVP_SIGNATURE_free(signature) +} + -+func (c *evpCipher) newCTR(iv []byte) cipher.Stream { -+ ctx, err := newCipherCtx(c.kind, cipherModeCTR, cipherOpEncrypt, c.key, iv) -+ if err != nil { -+ panic(err) -+ } -+ x := &cipherCTR{ctx: ctx} -+ runtime.SetFinalizer(x, (*cipherCTR).finalize) -+ return x ++func EVP_aes_128_cbc() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_128_cbc() +} + -+func (c *cipherCTR) finalize() { -+ ossl.EVP_CIPHER_CTX_free(c.ctx) ++func EVP_aes_128_ctr() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_128_ctr() +} + -+type cipherGCMTLS uint8 ++func EVP_aes_128_ecb() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_128_ecb() ++} + -+const ( -+ cipherGCMTLSNone cipherGCMTLS = iota -+ cipherGCMTLS12 -+ cipherGCMTLS13 -+) ++func EVP_aes_128_gcm() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_128_gcm() ++} + -+type cipherGCM struct { -+ c *evpCipher -+ tls cipherGCMTLS -+ // minNextNonce is the minimum value that the next nonce can be, enforced by -+ // all TLS modes. -+ minNextNonce uint64 -+ // mask is the nonce mask used in TLS 1.3 mode. -+ mask uint64 -+ // maskInitialized is true if mask has been initialized. This happens during -+ // the first Seal. The initialized mask may be 0. Used by TLS 1.3 mode. -+ maskInitialized bool -+ blockSize int ++func EVP_aes_192_cbc() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_192_cbc() +} + -+const ( -+ aesBlockSize = 16 -+ gcmTagSize = 16 -+ gcmStandardNonceSize = 12 -+ // TLS 1.2 additional data is constructed as: -+ // -+ // additional_data = seq_num(8) + TLSCompressed.type(1) + TLSCompressed.version(2) + TLSCompressed.length(2); -+ gcmTls12AddSize = 13 -+ // TLS 1.3 additional data is constructed as: -+ // -+ // additional_data = TLSCiphertext.opaque_type(1) || TLSCiphertext.legacy_record_version(2) || TLSCiphertext.length(2) -+ gcmTls13AddSize = 5 -+ gcmTlsFixedNonceSize = 4 -+) ++func EVP_aes_192_ctr() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_192_ctr() ++} + -+type noGCM struct { -+ *evpCipher ++func EVP_aes_192_ecb() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_192_ecb() +} + -+func (g *noGCM) BlockSize() int { -+ return g.blockSize ++func EVP_aes_192_gcm() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_192_gcm() +} + -+func (g *noGCM) Encrypt(dst, src []byte) { -+ g.encrypt(dst, src) ++func EVP_aes_256_cbc() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_256_cbc() +} + -+func (g *noGCM) Decrypt(dst, src []byte) { -+ g.decrypt(dst, src) ++func EVP_aes_256_ctr() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_256_ctr() +} + -+func (c *evpCipher) newGCMChecked(nonceSize, tagSize int) (cipher.AEAD, error) { -+ if nonceSize != gcmStandardNonceSize && tagSize != gcmTagSize { -+ return nil, errors.New("crypto/cipher: GCM tag and nonce sizes can't be non-standard at the same time") -+ } -+ // Fall back to standard library for GCM with non-standard nonce or tag size. -+ if nonceSize != gcmStandardNonceSize { -+ return cipher.NewGCMWithNonceSize(&noGCM{c}, nonceSize) -+ } -+ if tagSize != gcmTagSize { -+ return cipher.NewGCMWithTagSize(&noGCM{c}, tagSize) -+ } -+ return c.newGCM(cipherGCMTLSNone) ++func EVP_aes_256_ecb() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_256_ecb() +} + -+func (c *evpCipher) newGCM(tls cipherGCMTLS) (cipher.AEAD, error) { -+ g := &cipherGCM{c: c, tls: tls, blockSize: c.blockSize} -+ return g, nil ++func EVP_aes_256_gcm() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_aes_256_gcm() +} + -+func (g *cipherGCM) NonceSize() int { -+ return gcmStandardNonceSize ++func EVP_default_properties_enable_fips(libctx OSSL_LIB_CTX_PTR, enable int32) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_EVP_default_properties_enable_fips(libctx, C.int(enable), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("EVP_default_properties_enable_fips", _err) +} + -+func (g *cipherGCM) Overhead() int { -+ return gcmTagSize ++func EVP_default_properties_is_fips_enabled(libctx OSSL_LIB_CTX_PTR) int32 { ++ return int32(C._mkcgo_EVP_default_properties_is_fips_enabled(libctx)) +} + -+func (g *cipherGCM) Seal(dst, nonce, plaintext, aad []byte) []byte { -+ if len(nonce) != gcmStandardNonceSize { -+ panic("cipher: incorrect nonce length given to GCM") -+ } -+ if uint64(len(plaintext)) > ((1<<32)-2)*uint64(g.blockSize) || len(plaintext)+gcmTagSize < len(plaintext) { -+ panic("cipher: message too large for GCM") -+ } -+ if len(dst)+len(plaintext)+gcmTagSize < len(dst) { -+ panic("cipher: message too large for buffer") -+ } -+ if g.tls != cipherGCMTLSNone { -+ if g.tls == cipherGCMTLS12 && len(aad) != gcmTls12AddSize { -+ panic("cipher: incorrect additional data length given to GCM TLS 1.2") -+ } else if g.tls == cipherGCMTLS13 && len(aad) != gcmTls13AddSize { -+ panic("cipher: incorrect additional data length given to GCM TLS 1.3") -+ } -+ counter := bigEndianUint64(nonce[gcmTlsFixedNonceSize:]) -+ if g.tls == cipherGCMTLS13 { -+ // In TLS 1.3, the counter in the nonce has a mask and requires -+ // further decoding. -+ if !g.maskInitialized { -+ // According to TLS 1.3 nonce construction details at -+ // https://tools.ietf.org/html/rfc8446#section-5.3: -+ // -+ // the first record transmitted under a particular traffic -+ // key MUST use sequence number 0. -+ // -+ // The padded sequence number is XORed with [a mask]. -+ // -+ // The resulting quantity (of length iv_length) is used as -+ // the per-record nonce. -+ // -+ // We need to convert from the given nonce to sequence numbers -+ // to keep track of minNextNonce and enforce the counter -+ // maximum. On the first call, we know counter^mask is 0^mask, -+ // so we can simply store it as the mask. -+ g.mask = counter -+ g.maskInitialized = true -+ } -+ counter ^= g.mask -+ } -+ // BoringCrypto enforces strictly monotonically increasing explicit nonces -+ // and to fail after 2^64 - 1 keys as per FIPS 140-2 IG A.5, -+ // but OpenSSL does not perform this check, so it is implemented here. -+ const maxUint64 = 1<<64 - 1 -+ if counter == maxUint64 { -+ panic("cipher: nonce counter must be less than 2^64 - 1") -+ } -+ if counter < g.minNextNonce { -+ panic("cipher: nonce counter must be strictly monotonically increasing") -+ } -+ defer func() { -+ g.minNextNonce = counter + 1 -+ }() -+ } ++func EVP_des_cbc() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_des_cbc() ++} + -+ // Make room in dst to append plaintext+overhead. -+ ret, out := sliceForAppend(dst, len(plaintext)+gcmTagSize) ++func EVP_des_ecb() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_des_ecb() ++} + -+ // Check delayed until now to make sure len(dst) is accurate. -+ if inexactOverlap(out, plaintext) { -+ panic("cipher: invalid buffer overlap") -+ } ++func EVP_des_ede3_cbc() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_des_ede3_cbc() ++} + -+ ctx, err := newCipherCtx(g.c.kind, cipherModeGCM, cipherOpNone, g.c.key, nil) -+ if err != nil { -+ panic(err) -+ } -+ defer ossl.EVP_CIPHER_CTX_free(ctx) -+ // Encrypt additional data. -+ // When sealing a TLS payload, OpenSSL app sets the additional data using -+ // '_EVP_CIPHER_CTX_ctrl(g.ctx, _EVP_CTRL_AEAD_TLS1_AAD, _EVP_AEAD_TLS1_AAD_LEN, base(additionalData))'. -+ // This makes the explicit nonce component to monotonically increase on every Seal operation without -+ // relying in the explicit nonce being securely set externally, -+ // and it also gives some interesting speed gains. -+ // Unfortunately we can't use it because Go expects AEAD.Seal to honor the provided nonce. -+ if _, err := ossl.EVP_EncryptInit_ex(ctx, nil, nil, nil, base(nonce)); err != nil { -+ panic(err) -+ } -+ var outl, discard int32 -+ if _, err := ossl.EVP_EncryptUpdate(ctx, nil, &discard, sliceNeverNil(aad)); err != nil { -+ panic(err) -+ } -+ if _, err := ossl.EVP_EncryptUpdate(ctx, out, &outl, sliceNeverNil(plaintext)); err != nil { -+ panic(err) -+ } -+ if len(plaintext) != int(outl) { -+ panic("cipher: incorrect length returned from GCM EncryptUpdate") -+ } -+ discard = 0 -+ if _, err := ossl.EVP_EncryptFinal_ex(ctx, out[outl:], &discard); err != nil { -+ panic(err) -+ } -+ if _, err := ossl.EVP_CIPHER_CTX_ctrl(ctx, ossl.EVP_CTRL_GCM_GET_TAG, 16, unsafe.Pointer(base(out[outl:]))); err != nil { -+ panic(err) -+ } -+ runtime.KeepAlive(g) -+ return ret ++func EVP_des_ede3_ecb() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_des_ede3_ecb() ++} ++ ++func EVP_md4() EVP_MD_PTR { ++ return C._mkcgo_EVP_md4() ++} ++ ++func EVP_md5() EVP_MD_PTR { ++ return C._mkcgo_EVP_md5() ++} ++ ++func EVP_md5_sha1() EVP_MD_PTR { ++ return C._mkcgo_EVP_md5_sha1() ++} ++ ++func EVP_rc4() EVP_CIPHER_PTR { ++ return C._mkcgo_EVP_rc4() +} + -+func (g *cipherGCM) SealWithRandomNonce(out, nonce, plaintext, aad []byte) { -+ if uint64(len(plaintext)) > uint64((1<<32)-2)*aesBlockSize { -+ panic("crypto/cipher: message too large for GCM") -+ } -+ if len(nonce) != gcmStandardNonceSize { -+ panic("crypto/cipher: incorrect nonce length given to GCMWithRandomNonce") -+ } -+ if len(out) != len(plaintext)+gcmTagSize { -+ panic("crypto/cipher: incorrect output length given to GCMWithRandomNonce") -+ } -+ if inexactOverlap(out, plaintext) { -+ panic("crypto/cipher: invalid buffer overlap of output and input") -+ } -+ if anyOverlap(out, aad) { -+ panic("crypto/cipher: invalid buffer overlap of output and additional data") -+ } ++func EVP_ripemd160() EVP_MD_PTR { ++ return C._mkcgo_EVP_ripemd160() ++} + -+ if g.tls != cipherGCMTLSNone { -+ panic("cipher: encryption failed") -+ } ++func EVP_sha1() EVP_MD_PTR { ++ return C._mkcgo_EVP_sha1() ++} + -+ RandReader.Read(nonce) -+ ctx, err := newCipherCtx(g.c.kind, cipherModeGCM, cipherOpNone, g.c.key, nil) -+ if err != nil { -+ panic(err) -+ } -+ defer ossl.EVP_CIPHER_CTX_free(ctx) ++func EVP_sha224() EVP_MD_PTR { ++ return C._mkcgo_EVP_sha224() ++} + -+ if _, err := ossl.EVP_EncryptInit_ex(ctx, nil, nil, nil, base(nonce)); err != nil { -+ panic(err) -+ } -+ var outl, discard int32 -+ if _, err := ossl.EVP_EncryptUpdate(ctx, nil, &discard, sliceNeverNil(aad)); err != nil { -+ panic(err) -+ } -+ if _, err := ossl.EVP_EncryptUpdate(ctx, out, &outl, sliceNeverNil(plaintext)); err != nil { -+ panic(err) -+ } -+ if len(plaintext) != int(outl) { -+ panic("cipher: incorrect length returned from GCM EncryptUpdate") -+ } -+ discard = 0 -+ if _, err := ossl.EVP_EncryptFinal_ex(ctx, out[outl:], &discard); err != nil { -+ panic(err) -+ } -+ if _, err := ossl.EVP_CIPHER_CTX_ctrl(ctx, ossl.EVP_CTRL_GCM_GET_TAG, 16, unsafe.Pointer(base(out[outl:]))); err != nil { -+ panic(err) -+ } -+ runtime.KeepAlive(g) ++func EVP_sha256() EVP_MD_PTR { ++ return C._mkcgo_EVP_sha256() +} + -+var errOpen = errors.New("cipher: message authentication failed") ++func EVP_sha384() EVP_MD_PTR { ++ return C._mkcgo_EVP_sha384() ++} + -+func (g *cipherGCM) Open(dst, nonce, ciphertext, aad []byte) (_ []byte, err error) { -+ if len(nonce) != gcmStandardNonceSize { -+ panic("cipher: incorrect nonce length given to GCM") -+ } -+ if len(ciphertext) < gcmTagSize { -+ return nil, errOpen -+ } -+ if uint64(len(ciphertext)) > ((1<<32)-2)*uint64(g.blockSize)+gcmTagSize { -+ return nil, errOpen -+ } -+ // BoringCrypto does not do any TLS check when decrypting, neither do we. ++func EVP_sha3_224() EVP_MD_PTR { ++ return C._mkcgo_EVP_sha3_224() ++} + -+ tag := ciphertext[len(ciphertext)-gcmTagSize:] -+ ciphertext = ciphertext[:len(ciphertext)-gcmTagSize] ++func EVP_sha3_256() EVP_MD_PTR { ++ return C._mkcgo_EVP_sha3_256() ++} + -+ // Make room in dst to append ciphertext without tag. -+ ret, out := sliceForAppend(dst, len(ciphertext)) ++func EVP_sha3_384() EVP_MD_PTR { ++ return C._mkcgo_EVP_sha3_384() ++} + -+ // Check delayed until now to make sure len(dst) is accurate. -+ if inexactOverlap(out, ciphertext) { -+ panic("cipher: invalid buffer overlap") -+ } ++func EVP_sha3_512() EVP_MD_PTR { ++ return C._mkcgo_EVP_sha3_512() ++} + -+ ctx, err := newCipherCtx(g.c.kind, cipherModeGCM, cipherOpNone, g.c.key, nil) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EVP_CIPHER_CTX_free(ctx) ++func EVP_sha512() EVP_MD_PTR { ++ return C._mkcgo_EVP_sha512() ++} + -+ defer func() { -+ if err != nil { -+ // Zero output buffer on error. -+ for i := range out { -+ out[i] = 0 -+ } -+ } -+ }() -+ if _, err := ossl.EVP_DecryptInit_ex(ctx, nil, nil, nil, base(nonce)); err != nil { -+ return nil, errOpen -+ } -+ if _, err := ossl.EVP_CIPHER_CTX_ctrl(ctx, ossl.EVP_CTRL_GCM_SET_TAG, 16, unsafe.Pointer(base(tag))); err != nil { -+ return nil, errOpen -+ } -+ var outl, discard int32 -+ if _, err := ossl.EVP_DecryptUpdate(ctx, nil, &discard, sliceNeverNil(aad)); err != nil { -+ return nil, errOpen -+ } -+ if _, err := ossl.EVP_DecryptUpdate(ctx, out, &outl, sliceNeverNil(ciphertext)); err != nil { -+ return nil, errOpen -+ } -+ if len(ciphertext) != int(outl) { -+ return nil, errOpen -+ } -+ discard = 0 -+ if _, err := ossl.EVP_DecryptFinal_ex(ctx, out[outl:], &discard); err != nil { -+ return nil, errOpen -+ } -+ runtime.KeepAlive(g) -+ return ret, nil ++func EVP_sha512_224() EVP_MD_PTR { ++ return C._mkcgo_EVP_sha512_224() +} + -+// sliceForAppend is a mirror of crypto/cipher.sliceForAppend. -+func sliceForAppend(in []byte, n int) (head, tail []byte) { -+ if total := len(in) + n; cap(in) >= total { -+ head = in[:total] -+ } else { -+ head = make([]byte, total) -+ copy(head, in) -+ } -+ tail = head[len(in):] -+ return ++func EVP_sha512_256() EVP_MD_PTR { ++ return C._mkcgo_EVP_sha512_256() +} + -+func newCipherCtx(kind cipherKind, mode cipherMode, encrypt cipherOp, key, iv []byte) (_ ossl.EVP_CIPHER_CTX_PTR, err error) { -+ cipher := loadCipher(kind, mode) -+ if cipher == nil { -+ panic("crypto/cipher: unsupported cipher: " + kind.String()) -+ } -+ ctx, err := ossl.EVP_CIPHER_CTX_new() -+ if err != nil { -+ return nil, err -+ } -+ defer func() { -+ if err != nil { -+ ossl.EVP_CIPHER_CTX_free(ctx) -+ } -+ }() -+ if kind == cipherRC4 { -+ // RC4 cipher supports a variable key length. -+ // We need to set the key length before setting the key, -+ // and to do so we need to have an initialized cipher ctx. -+ if _, err := ossl.EVP_CipherInit_ex(ctx, cipher, nil, nil, nil, int32(encrypt)); err != nil { -+ return nil, err -+ } -+ if _, err := ossl.EVP_CIPHER_CTX_set_key_length(ctx, int32(len(key))); err != nil { -+ return nil, err -+ } -+ // Pass nil to the next call to EVP_CipherInit_ex to avoid resetting ctx's cipher. -+ cipher = nil -+ } -+ if _, err := ossl.EVP_CipherInit_ex(ctx, cipher, nil, base(key), base(iv), int32(encrypt)); err != nil { -+ return nil, err -+ } -+ return ctx, nil ++func FIPS_mode() int32 { ++ return int32(C._mkcgo_FIPS_mode()) +} + -+// The following two functions are a mirror of golang.org/x/crypto/internal/subtle. ++func FIPS_mode_set(r int32) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_FIPS_mode_set(C.int(r), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("FIPS_mode_set", _err) ++} + -+func anyOverlap(x, y []byte) bool { -+ return len(x) > 0 && len(y) > 0 && -+ uintptr(unsafe.Pointer(&x[0])) <= uintptr(unsafe.Pointer(&y[len(y)-1])) && -+ uintptr(unsafe.Pointer(&y[0])) <= uintptr(unsafe.Pointer(&x[len(x)-1])) ++func HMAC_CTX_copy(dest HMAC_CTX_PTR, src HMAC_CTX_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_HMAC_CTX_copy(dest, src, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("HMAC_CTX_copy", _err) +} + -+func inexactOverlap(x, y []byte) bool { -+ if len(x) == 0 || len(y) == 0 || &x[0] == &y[0] { -+ return false -+ } -+ return anyOverlap(x, y) ++func HMAC_CTX_free(arg0 HMAC_CTX_PTR) { ++ C._mkcgo_HMAC_CTX_free(arg0) +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/const.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/const.go -new file mode 100644 -index 00000000000000..7817e37ffdc40f ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/const.go -@@ -0,0 +1,109 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. + -+package openssl ++func HMAC_CTX_new() (HMAC_CTX_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_HMAC_CTX_new(mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("HMAC_CTX_new", _err) ++} + -+import "unsafe" ++func HMAC_Final(arg0 HMAC_CTX_PTR, arg1 *byte, arg2 *uint32) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_HMAC_Final(arg0, (*C.uchar)(unsafe.Pointer(arg1)), (*C.uint)(unsafe.Pointer(arg2)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("HMAC_Final", _err) ++} + -+// cString is a null-terminated string, -+// akin to C's char*. -+type cString string ++func HMAC_Init_ex(arg0 HMAC_CTX_PTR, arg1 unsafe.Pointer, arg2 int32, arg3 EVP_MD_PTR, arg4 ENGINE_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_HMAC_Init_ex(arg0, arg1, C.int(arg2), arg3, arg4, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("HMAC_Init_ex", _err) ++} + -+// str returns the string value. -+func (s cString) str() string { -+ return string(s) ++func HMAC_Update(arg0 HMAC_CTX_PTR, arg1 *byte, arg2 int) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_HMAC_Update(arg0, (*C.uchar)(unsafe.Pointer(arg1)), C.size_t(arg2), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("HMAC_Update", _err) +} + -+// ptr returns a pointer to the string data. -+// It panics if the string is not null-terminated. -+// -+// The memory pointed to by the returned pointer should -+// not be modified and it must only be passed to -+// "const char*" parameters. Any attempt to modify it -+// will result in a runtime panic, as Go strings are -+// allocated in read-only memory. -+func (s cString) ptr() *byte { -+ if len(s) == 0 { -+ return nil -+ } -+ if s[len(s)-1] != 0 { -+ panic("must be null-terminated") -+ } -+ return unsafe.StringData(string(s)) ++func OBJ_nid2sn(n int32) *byte { ++ return (*byte)(unsafe.Pointer(C._mkcgo_OBJ_nid2sn(C.int(n)))) +} + -+const ( //checkheader:ignore -+ // Key types -+ _KeyTypeRSA cString = "RSA\x00" -+ _KeyTypeEC cString = "EC\x00" -+ _KeyTypeED25519 cString = "ED25519\x00" -+ _KeyTypeX25519 cString = "X25519\x00" -+ _KeyTypeMLKEM768 cString = "ML-KEM-768\x00" -+ _KeyTypeMLKEM1024 cString = "ML-KEM-1024\x00" -+ _KeyTypeMLDSA44 cString = "ML-DSA-44\x00" -+ _KeyTypeMLDSA65 cString = "ML-DSA-65\x00" -+ _KeyTypeMLDSA87 cString = "ML-DSA-87\x00" -+ _KeyTypeChacha20Poly1305 cString = "CHACHA20-POLY1305\x00" -+ -+ // Digest names -+ _DigestNameSHAKE128 cString = "SHAKE-128\x00" -+ _DigestNameSHAKE256 cString = "SHAKE-256\x00" ++func OPENSSL_init() { ++ C._mkcgo_OPENSSL_init() ++} + -+ // KDF names -+ _OSSL_KDF_NAME_HKDF cString = "HKDF\x00" -+ _OSSL_KDF_NAME_PBKDF2 cString = "PBKDF2\x00" -+ _OSSL_KDF_NAME_TLS1_PRF cString = "TLS1-PRF\x00" -+ _OSSL_KDF_NAME_TLS13_KDF cString = "TLS13-KDF\x00" -+ _OSSL_MAC_NAME_HMAC cString = "HMAC\x00" ++func OPENSSL_init_crypto(ops uint64, settings OPENSSL_INIT_SETTINGS_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_OPENSSL_init_crypto(C.uint64_t(ops), settings, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("OPENSSL_init_crypto", _err) ++} + -+ // KDF parameters -+ _OSSL_KDF_PARAM_DIGEST cString = "digest\x00" -+ _OSSL_KDF_PARAM_SECRET cString = "secret\x00" -+ _OSSL_KDF_PARAM_SEED cString = "seed\x00" -+ _OSSL_KDF_PARAM_KEY cString = "key\x00" -+ _OSSL_KDF_PARAM_PASSWORD cString = "pass\x00" -+ _OSSL_KDF_PARAM_ITER cString = "iter\x00" -+ _OSSL_KDF_PARAM_PKCS5 cString = "pkcs5\x00" -+ _OSSL_KDF_PARAM_INFO cString = "info\x00" -+ _OSSL_KDF_PARAM_SALT cString = "salt\x00" -+ _OSSL_KDF_PARAM_MODE cString = "mode\x00" -+ -+ // KDF FIPS parameters -+ _OSSL_KDF_PARAM_FIPS_KEY_CHECK cString = "key-check\x00" ++func OPENSSL_version_major_Available() bool { ++ return C._mkcgo_available_OPENSSL_version_major() != 0 ++} ++ ++func OPENSSL_version_major() uint32 { ++ return uint32(C._mkcgo_OPENSSL_version_major()) ++} ++ ++func OPENSSL_version_minor_Available() bool { ++ return C._mkcgo_available_OPENSSL_version_minor() != 0 ++} ++ ++func OPENSSL_version_minor() uint32 { ++ return uint32(C._mkcgo_OPENSSL_version_minor()) ++} ++ ++func OPENSSL_version_patch_Available() bool { ++ return C._mkcgo_available_OPENSSL_version_patch() != 0 ++} + -+ // TLS3-KDF parameters -+ _OSSL_KDF_PARAM_PREFIX cString = "prefix\x00" -+ _OSSL_KDF_PARAM_LABEL cString = "label\x00" -+ _OSSL_KDF_PARAM_DATA cString = "data\x00" ++func OPENSSL_version_patch() uint32 { ++ return uint32(C._mkcgo_OPENSSL_version_patch()) ++} + -+ // PKEY parameters -+ _OSSL_PKEY_PARAM_PUB_KEY cString = "pub\x00" -+ _OSSL_PKEY_PARAM_PRIV_KEY cString = "priv\x00" -+ _OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY cString = "encoded-pub-key\x00" -+ _OSSL_PKEY_PARAM_GROUP_NAME cString = "group\x00" -+ _OSSL_PKEY_PARAM_EC_PUB_X cString = "qx\x00" -+ _OSSL_PKEY_PARAM_EC_PUB_Y cString = "qy\x00" -+ _OSSL_PKEY_PARAM_FFC_PBITS cString = "pbits\x00" -+ _OSSL_PKEY_PARAM_FFC_QBITS cString = "qbits\x00" -+ _OSSL_PKEY_PARAM_RSA_N cString = "n\x00" -+ _OSSL_PKEY_PARAM_RSA_E cString = "e\x00" -+ _OSSL_PKEY_PARAM_RSA_D cString = "d\x00" -+ _OSSL_PKEY_PARAM_FFC_P cString = "p\x00" -+ _OSSL_PKEY_PARAM_FFC_Q cString = "q\x00" -+ _OSSL_PKEY_PARAM_FFC_G cString = "g\x00" -+ _OSSL_PKEY_PARAM_RSA_FACTOR1 cString = "rsa-factor1\x00" -+ _OSSL_PKEY_PARAM_RSA_FACTOR2 cString = "rsa-factor2\x00" -+ _OSSL_PKEY_PARAM_RSA_EXPONENT1 cString = "rsa-exponent1\x00" -+ _OSSL_PKEY_PARAM_RSA_EXPONENT2 cString = "rsa-exponent2\x00" -+ _OSSL_PKEY_PARAM_RSA_COEFFICIENT1 cString = "rsa-coefficient1\x00" -+ _OSSL_PKEY_PARAM_ML_KEM_SEED cString = "seed\x00" -+ _OSSL_PKEY_PARAM_ML_DSA_SEED cString = "seed\x00" -+ -+ // Signature parameters -+ _OSSL_SIGNATURE_PARAM_CONTEXT_STRING cString = "context-string\x00" -+ _OSSL_SIGNATURE_PARAM_MU cString = "mu\x00" ++func OSSL_PARAM_BLD_free(bld OSSL_PARAM_BLD_PTR) { ++ C._mkcgo_OSSL_PARAM_BLD_free(bld) ++} + -+ // MAC parameters -+ _OSSL_MAC_PARAM_DIGEST cString = "digest\x00" -+ _OSSL_MAC_PARAM_FIPS_KEY_CHECK cString = "key-check\x00" -+) -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/cshake.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/cshake.go -new file mode 100644 -index 00000000000000..ece9605829f12d ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/cshake.go -@@ -0,0 +1,256 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. ++func OSSL_PARAM_BLD_new() (OSSL_PARAM_BLD_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_OSSL_PARAM_BLD_new(mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("OSSL_PARAM_BLD_new", _err) ++} + -+package openssl ++func OSSL_PARAM_BLD_push_BN(bld OSSL_PARAM_BLD_PTR, key *byte, bn BIGNUM_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_OSSL_PARAM_BLD_push_BN(bld, (*C.char)(unsafe.Pointer(key)), bn, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("OSSL_PARAM_BLD_push_BN", _err) ++} + -+import ( -+ "runtime" -+ "strconv" -+ "sync" ++func OSSL_PARAM_BLD_push_int32(bld OSSL_PARAM_BLD_PTR, key *byte, num int32) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_OSSL_PARAM_BLD_push_int32(bld, (*C.char)(unsafe.Pointer(key)), C.int32_t(num), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("OSSL_PARAM_BLD_push_int32", _err) ++} + -+ "github.com/microsoft/go-crypto-openssl/internal/ossl" -+) ++func OSSL_PARAM_BLD_push_octet_string(bld OSSL_PARAM_BLD_PTR, key *byte, buf unsafe.Pointer, bsize int) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_OSSL_PARAM_BLD_push_octet_string(bld, (*C.char)(unsafe.Pointer(key)), buf, C.size_t(bsize), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("OSSL_PARAM_BLD_push_octet_string", _err) ++} + -+// shakeOneShot applies the SHAKE extendable output function to data and -+// writes the output to out. -+func shakeOneShot(secuirtyBits int, data []byte, out []byte) { -+ // Can't use EVP_Digest because it doesn't support output lengths -+ // larger than the block size, while crypto/sha3 supports any length. -+ alg := loadShake(secuirtyBits) -+ if alg == nil { -+ panic("openssl: unsupported SHAKE" + strconv.Itoa(secuirtyBits) + " function") -+ } -+ ctx, err := ossl.EVP_MD_CTX_new() -+ if err != nil { -+ panic(err) -+ } -+ defer ossl.EVP_MD_CTX_free(ctx) -+ if _, err := ossl.EVP_DigestInit_ex(ctx, alg.md, nil); err != nil { -+ panic(err) -+ } -+ if _, err := ossl.EVP_DigestUpdate(ctx, data); err != nil { -+ panic(err) -+ } -+ if _, err := ossl.EVP_DigestFinalXOF(ctx, out); err != nil { -+ panic(err) -+ } ++func OSSL_PARAM_BLD_push_utf8_string(bld OSSL_PARAM_BLD_PTR, key *byte, buf *byte, bsize int) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_OSSL_PARAM_BLD_push_utf8_string(bld, (*C.char)(unsafe.Pointer(key)), (*C.char)(unsafe.Pointer(buf)), C.size_t(bsize), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("OSSL_PARAM_BLD_push_utf8_string", _err) +} + -+// SumSHAKE128 applies the SHAKE128 extendable output function to data and -+// returns an output of the given length in bytes. -+func SumSHAKE128(data []byte, length int) []byte { -+ out := make([]byte, length) -+ shakeOneShot(128, data, out) -+ return out ++func OSSL_PARAM_BLD_to_param(bld OSSL_PARAM_BLD_PTR) (OSSL_PARAM_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_OSSL_PARAM_BLD_to_param(bld, mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("OSSL_PARAM_BLD_to_param", _err) +} + -+// SumSHAKE256 applies the SHAKE256 extendable output function to data and -+// returns an output of the given length in bytes. -+func SumSHAKE256(data []byte, length int) []byte { -+ out := make([]byte, length) -+ shakeOneShot(256, data, out) -+ return out ++func OSSL_PARAM_free(p OSSL_PARAM_PTR) { ++ C._mkcgo_OSSL_PARAM_free(p) +} + -+var shakeSupported sync.Map ++func OSSL_PARAM_locate_const(p OSSL_PARAM_PTR, key *byte) (OSSL_PARAM_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_OSSL_PARAM_locate_const(p, (*C.char)(unsafe.Pointer(key)), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("OSSL_PARAM_locate_const", _err) ++} + -+var hasDigestSqueeze = sync.OnceValue(ossl.EVP_DigestSqueeze_Available) ++func OSSL_PROVIDER_available(libctx OSSL_LIB_CTX_PTR, name *byte) int32 { ++ return int32(C._mkcgo_OSSL_PROVIDER_available(libctx, (*C.char)(unsafe.Pointer(name)))) ++} + -+// SupportsSHAKE returns true if the SHAKE extendable output functions -+// with the given securityBits are supported. -+func SupportsSHAKE(securityBits int) bool { -+ if !hasDigestSqueeze() { -+ // SHAKE MD's are supported since OpenSSL 1.1.1, but -+ // EVP_DigestSqueeze (added in OpenSSL 3.3) is required to -+ // implement [sha3.SHAKE]'s streaming Read API. -+ return false -+ } -+ if v, ok := shakeSupported.Load(securityBits); ok { -+ return v.(bool) -+ } -+ alg := loadShake(securityBits) -+ if alg == nil { -+ shakeSupported.Store(securityBits, false) -+ return false -+ } -+ // EVP_MD objects can be non-nil but the underlying provider may not -+ // support EVP_DigestSqueeze. We need to test it. -+ var supported bool -+ if ctx, _ := ossl.EVP_MD_CTX_new(); ctx != nil { -+ defer ossl.EVP_MD_CTX_free(ctx) -+ if _, err := ossl.EVP_DigestInit_ex(ctx, alg.md, nil); err == nil { -+ var tmp [1]byte -+ _, err := ossl.EVP_DigestSqueeze(ctx, tmp[:]) -+ supported = err == nil -+ } -+ } -+ shakeSupported.Store(securityBits, supported) -+ return supported ++func OSSL_PROVIDER_get0_name(prov OSSL_PROVIDER_PTR) *byte { ++ return (*byte)(unsafe.Pointer(C._mkcgo_OSSL_PROVIDER_get0_name(prov))) +} + -+// SupportsCSHAKE returns true if the CSHAKE extendable output functions -+// with the given securityBits are supported. -+func SupportsCSHAKE(securityBits int) bool { -+ // OpenSSL tracker issue https://github.com/openssl/openssl/issues/28358 -+ return false ++func OSSL_PROVIDER_try_load(libctx OSSL_LIB_CTX_PTR, name *byte, retain_fallbacks int32) (OSSL_PROVIDER_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_OSSL_PROVIDER_try_load(libctx, (*C.char)(unsafe.Pointer(name)), C.int(retain_fallbacks), mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("OSSL_PROVIDER_try_load", _err) +} + -+// SHAKE is an instance of a SHAKE extendable output function. -+type SHAKE struct { -+ alg *shakeAlgorithm -+ ctx ossl.EVP_MD_CTX_PTR -+ lastXofLen int ++func OpenSSL_version(__type int32) *byte { ++ return (*byte)(unsafe.Pointer(C._mkcgo_OpenSSL_version(C.int(__type)))) +} + -+// NewSHAKE128 creates a new SHAKE128 XOF. -+func NewSHAKE128() *SHAKE { -+ return newSHAKE(128) ++func OpenSSL_version_num_Available() bool { ++ return C._mkcgo_available_OpenSSL_version_num() != 0 +} + -+// NewSHAKE256 creates a new SHAKE256 XOF. -+func NewSHAKE256() *SHAKE { -+ return newSHAKE(256) ++func OpenSSL_version_num() uint32 { ++ return uint32(C._mkcgo_OpenSSL_version_num()) +} + -+// NewCSHAKE128 creates a new cSHAKE128 XOF. -+// -+// N is used to define functions based on cSHAKE, it can be empty when plain -+// cSHAKE is desired. S is a customization byte string used for domain -+// separation. When N and S are both empty, this is equivalent to NewSHAKE128. -+func NewCSHAKE128(N, S []byte) *SHAKE { -+ if len(N) == 0 && len(S) == 0 { -+ return NewSHAKE128() -+ } -+ return nil ++func PKCS5_PBKDF2_HMAC(pass *byte, passlen int32, salt *byte, saltlen int32, iter int32, digest EVP_MD_PTR, keylen int32, out *byte) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_PKCS5_PBKDF2_HMAC((*C.char)(unsafe.Pointer(pass)), C.int(passlen), (*C.uchar)(unsafe.Pointer(salt)), C.int(saltlen), C.int(iter), digest, C.int(keylen), (*C.uchar)(unsafe.Pointer(out)), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("PKCS5_PBKDF2_HMAC", _err) +} + -+// NewCSHAKE256 creates a new cSHAKE256 XOF. -+// -+// N is used to define functions based on cSHAKE, it can be empty when plain -+// cSHAKE is desired. S is a customization byte string used for domain -+// separation. When N and S are both empty, this is equivalent to NewSHAKE256. -+func NewCSHAKE256(N, S []byte) *SHAKE { -+ if len(N) == 0 && len(S) == 0 { -+ return NewSHAKE256() -+ } -+ return nil ++func RAND_bytes(arg0 *byte, arg1 int32) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_RAND_bytes((*C.uchar)(unsafe.Pointer(arg0)), C.int(arg1), mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("RAND_bytes", _err) +} + -+func newSHAKE(securityBits int) *SHAKE { -+ alg := loadShake(securityBits) -+ if alg == nil { -+ panic("openssl: unsupported SHAKE" + strconv.Itoa(securityBits) + " function") -+ } -+ ctx, err := ossl.EVP_MD_CTX_new() -+ if err != nil { -+ panic(err) -+ } -+ if _, err := ossl.EVP_DigestInit_ex(ctx, alg.md, nil); err != nil { -+ ossl.EVP_MD_CTX_free(ctx) -+ panic(err) -+ } -+ s := &SHAKE{alg: alg, ctx: ctx} -+ runtime.SetFinalizer(s, (*SHAKE).finalize) -+ return s ++func RSA_free(arg0 RSA_PTR) { ++ C._mkcgo_RSA_free(arg0) +} + -+func (s *SHAKE) finalize() { -+ ossl.EVP_MD_CTX_free(s.ctx) ++func RSA_get0_crt_params(r RSA_PTR, dmp1 *BIGNUM_PTR, dmq1 *BIGNUM_PTR, iqmp *BIGNUM_PTR) { ++ C._mkcgo_RSA_get0_crt_params(r, dmp1, dmq1, iqmp) +} + -+// Write absorbs more data into the XOF's state. -+// -+// It panics if any output has already been read. -+func (s *SHAKE) Write(p []byte) (n int, err error) { -+ defer runtime.KeepAlive(s) -+ if len(p) == 0 { -+ return 0, nil -+ } -+ if _, err := ossl.EVP_DigestUpdate(s.ctx, p); err != nil { -+ panic(err) -+ } -+ return len(p), nil ++func RSA_get0_factors(rsa RSA_PTR, p *BIGNUM_PTR, q *BIGNUM_PTR) { ++ C._mkcgo_RSA_get0_factors(rsa, p, q) +} + -+// Read squeezes more output from the XOF. -+// -+// Any call to Write after a call to Read will panic. -+func (s *SHAKE) Read(p []byte) (n int, err error) { -+ defer runtime.KeepAlive(s) -+ if len(p) == 0 { -+ return 0, nil -+ } -+ if len(p) != s.lastXofLen { -+ if _, err := ossl.EVP_MD_CTX_ctrl(s.ctx, ossl.EVP_MD_CTRL_XOF_LEN, int32(len(p)), nil); err != nil { -+ panic(err) -+ } -+ s.lastXofLen = len(p) -+ } -+ if _, err := ossl.EVP_DigestSqueeze(s.ctx, p); err != nil { -+ panic(err) -+ } -+ return len(p), nil ++func RSA_get0_key(rsa RSA_PTR, n *BIGNUM_PTR, e *BIGNUM_PTR, d *BIGNUM_PTR) { ++ C._mkcgo_RSA_get0_key(rsa, n, e, d) +} + -+// Reset resets the XOF to its initial state. -+func (s *SHAKE) Reset() { -+ defer runtime.KeepAlive(s) -+ if _, err := ossl.EVP_DigestInit_ex(s.ctx, nil, nil); err != nil { -+ panic(err) -+ } -+ s.lastXofLen = 0 ++func RSA_new() (RSA_PTR, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_RSA_new(mkcgoNoEscape(&_err)) ++ return _ret, newMkcgoErr("RSA_new", _err) +} + -+// BlockSize returns the rate of the XOF. -+func (s *SHAKE) BlockSize() int { -+ return s.alg.blockSize ++func RSA_set0_crt_params(rsa RSA_PTR, dmp1 BIGNUM_PTR, dmp2 BIGNUM_PTR, iqmp BIGNUM_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_RSA_set0_crt_params(rsa, dmp1, dmp2, iqmp, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("RSA_set0_crt_params", _err) +} + -+func (s *SHAKE) MarshalBinary() ([]byte, error) { -+ return nil, errMarshallUnsupported{} ++func RSA_set0_factors(rsa RSA_PTR, p BIGNUM_PTR, q BIGNUM_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_RSA_set0_factors(rsa, p, q, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("RSA_set0_factors", _err) +} + -+func (s *SHAKE) AppendBinary(b []byte) ([]byte, error) { -+ return nil, errMarshallUnsupported{} ++func RSA_set0_key(r RSA_PTR, n BIGNUM_PTR, e BIGNUM_PTR, d BIGNUM_PTR) (int32, error) { ++ var _err C.mkcgo_err_state ++ _ret := C._mkcgo_RSA_set0_key(r, n, e, d, mkcgoNoEscape(&_err)) ++ return int32(_ret), newMkcgoErr("RSA_set0_key", _err) +} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.h b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.h +new file mode 100644 +index 00000000000000..335d129bb345cd +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl.h +@@ -0,0 +1,335 @@ ++// Code generated by mkcgo. DO NOT EDIT. ++ ++#ifndef MKCGO_H // only include this header once ++#define MKCGO_H ++ ++#include ++#include ++ ++typedef void* _OPENSSL_INIT_SETTINGS_PTR; ++typedef void* _OSSL_LIB_CTX_PTR; ++typedef void* _OSSL_PROVIDER_PTR; ++typedef void* _ENGINE_PTR; ++typedef void* _EVP_PKEY_PTR; ++typedef void* _EVP_PKEY_CTX_PTR; ++typedef void* _EVP_MD_PTR; ++typedef void* _EVP_MD_CTX_PTR; ++typedef void* _HMAC_CTX_PTR; ++typedef void* _EVP_CIPHER_PTR; ++typedef void* _EVP_CIPHER_CTX_PTR; ++typedef void* _EC_KEY_PTR; ++typedef void* _EC_POINT_PTR; ++typedef void* _EC_GROUP_PTR; ++typedef void* _RSA_PTR; ++typedef void* _BIGNUM_PTR; ++typedef void* _BN_CTX_PTR; ++typedef void* _EVP_MAC_PTR; ++typedef void* _EVP_MAC_CTX_PTR; ++typedef void* _OSSL_PARAM_BLD_PTR; ++typedef void* _OSSL_PARAM_PTR; ++typedef void* _EVP_SIGNATURE_PTR; ++typedef void* _DSA_PTR; ++typedef void* _EVP_KDF_PTR; ++typedef void* _EVP_KDF_CTX_PTR; ++typedef int point_conversion_form_t; ++ ++enum { ++ _POINT_CONVERSION_UNCOMPRESSED = 4, ++ _OPENSSL_INIT_LOAD_CRYPTO_STRINGS = 0x00000002, ++ _OPENSSL_INIT_ADD_ALL_CIPHERS = 0x00000004, ++ _OPENSSL_INIT_ADD_ALL_DIGESTS = 0x00000008, ++ _OPENSSL_INIT_LOAD_CONFIG = 0x00000040, ++ _EVP_CTRL_GCM_GET_TAG = 0x10, ++ _EVP_CTRL_GCM_SET_TAG = 0x11, ++ _EVP_PKEY_CTRL_MD = 1, ++ _EVP_PKEY_RSA = 6, ++ _EVP_PKEY_EC = 408, ++ _EVP_PKEY_TLS1_PRF = 1021, ++ _EVP_PKEY_HKDF = 1036, ++ _EVP_PKEY_ED25519 = 1087, ++ _EVP_PKEY_DSA = 116, ++ _EVP_PKEY_OP_DERIVE = (1 << 10), ++ _EVP_MAX_MD_SIZE = 64, ++ _EVP_PKEY_PUBLIC_KEY = 0x86, ++ _EVP_PKEY_KEYPAIR = 0x87, ++ _EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID = 0x1001, ++ _EVP_KDF_HKDF_MODE_EXTRACT_ONLY = 1, ++ _EVP_KDF_HKDF_MODE_EXPAND_ONLY = 2, ++ _EVP_PKEY_CTRL_TLS_MD = 0x1000, ++ _EVP_PKEY_CTRL_TLS_SECRET = 0x1001, ++ _EVP_PKEY_CTRL_TLS_SEED = 0x1002, ++ _EVP_PKEY_CTRL_HKDF_MD = 0x1003, ++ _EVP_PKEY_CTRL_HKDF_SALT = 0x1004, ++ _EVP_PKEY_CTRL_HKDF_KEY = 0x1005, ++ _EVP_PKEY_CTRL_HKDF_INFO = 0x1006, ++ _EVP_PKEY_CTRL_HKDF_MODE = 0x1007, ++ _NID_X9_62_prime256v1 = 415, ++ _NID_secp224r1 = 713, ++ _NID_secp384r1 = 715, ++ _NID_secp521r1 = 716, ++ _RSA_PKCS1_PADDING = 1, ++ _RSA_NO_PADDING = 3, ++ _RSA_PKCS1_OAEP_PADDING = 4, ++ _RSA_PKCS1_PSS_PADDING = 6, ++ _RSA_PSS_SALTLEN_DIGEST = -1, ++ _RSA_PSS_SALTLEN_AUTO = -2, ++ _RSA_PSS_SALTLEN_MAX_SIGN = -2, ++ _RSA_PSS_SALTLEN_MAX = -3, ++ _EVP_PKEY_CTRL_RSA_PADDING = 0x1001, ++ _EVP_PKEY_CTRL_RSA_PSS_SALTLEN = 0x1002, ++ _EVP_PKEY_CTRL_RSA_KEYGEN_BITS = 0x1003, ++ _EVP_PKEY_CTRL_RSA_MGF1_MD = 0x1005, ++ _EVP_PKEY_CTRL_RSA_OAEP_MD = 0x1009, ++ _EVP_PKEY_CTRL_RSA_OAEP_LABEL = 0x100A, ++ _EVP_PKEY_CTRL_DSA_PARAMGEN_BITS = 0x1001, ++ _EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS = 0x1002, ++ _OSSL_PARAM_INTEGER = 1, ++ _OSSL_PARAM_OCTET_STRING = 5, ++}; + -+func (s *SHAKE) UnmarshalBinary(data []byte) error { -+ return errMarshallUnsupported{} -+} ++typedef void* mkcgo_err_state; ++mkcgo_err_state mkcgo_err_retrieve(); ++void mkcgo_err_free(mkcgo_err_state); ++void __mkcgo_load_(void* handle); ++void __mkcgo_unload_(); ++void __mkcgo_load_111(void* handle); ++void __mkcgo_unload_111(); ++void __mkcgo_load_3(void* handle); ++void __mkcgo_unload_3(); ++void __mkcgo_load_init_1(void* handle); ++void __mkcgo_unload_init_1(); ++void __mkcgo_load_init_3(void* handle); ++void __mkcgo_unload_init_3(); ++void __mkcgo_load_legacy_1(void* handle); ++void __mkcgo_unload_legacy_1(); ++void __mkcgo_load_version(void* handle); ++void __mkcgo_unload_version(); + -+type shakeAlgorithm struct { -+ md ossl.EVP_MD_PTR -+ blockSize int -+} ++int _mkcgo_available_OPENSSL_version_major(); ++int _mkcgo_available_OPENSSL_version_minor(); ++int _mkcgo_available_OPENSSL_version_patch(); ++int _mkcgo_available_OpenSSL_version_num(); + -+var cacheSHAKE sync.Map ++_BIGNUM_PTR _mkcgo_BN_bin2bn(const unsigned char*, int, _BIGNUM_PTR, mkcgo_err_state *); ++int _mkcgo_BN_bn2binpad(const _BIGNUM_PTR, unsigned char*, int, mkcgo_err_state *); ++int _mkcgo_BN_bn2lebinpad(const _BIGNUM_PTR, unsigned char*, int, mkcgo_err_state *); ++void _mkcgo_BN_clear(_BIGNUM_PTR); ++void _mkcgo_BN_clear_free(_BIGNUM_PTR); ++void _mkcgo_BN_free(_BIGNUM_PTR); ++_BIGNUM_PTR _mkcgo_BN_lebin2bn(const unsigned char*, int, _BIGNUM_PTR, mkcgo_err_state *); ++_BIGNUM_PTR _mkcgo_BN_new(mkcgo_err_state *); ++int _mkcgo_BN_num_bits(const _BIGNUM_PTR); ++void _mkcgo_CRYPTO_free(void*, const char*, int); ++void* _mkcgo_CRYPTO_malloc(size_t, const char*, int, mkcgo_err_state *); ++void _mkcgo_DSA_free(_DSA_PTR); ++int _mkcgo_DSA_generate_key(_DSA_PTR, mkcgo_err_state *); ++void _mkcgo_DSA_get0_key(const _DSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*); ++void _mkcgo_DSA_get0_pqg(const _DSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); ++_DSA_PTR _mkcgo_DSA_new(mkcgo_err_state *); ++int _mkcgo_DSA_set0_key(_DSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, mkcgo_err_state *); ++int _mkcgo_DSA_set0_pqg(_DSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR, mkcgo_err_state *); ++void _mkcgo_EC_GROUP_free(_EC_GROUP_PTR); ++_EC_GROUP_PTR _mkcgo_EC_GROUP_new_by_curve_name(int, mkcgo_err_state *); ++int _mkcgo_EC_KEY_check_key(const _EC_KEY_PTR, mkcgo_err_state *); ++void _mkcgo_EC_KEY_free(_EC_KEY_PTR); ++const _EC_GROUP_PTR _mkcgo_EC_KEY_get0_group(const _EC_KEY_PTR); ++const _BIGNUM_PTR _mkcgo_EC_KEY_get0_private_key(const _EC_KEY_PTR); ++const _EC_POINT_PTR _mkcgo_EC_KEY_get0_public_key(const _EC_KEY_PTR); ++_EC_KEY_PTR _mkcgo_EC_KEY_new_by_curve_name(int, mkcgo_err_state *); ++int _mkcgo_EC_KEY_set_private_key(_EC_KEY_PTR, const _BIGNUM_PTR, mkcgo_err_state *); ++int _mkcgo_EC_KEY_set_public_key(_EC_KEY_PTR, const _EC_POINT_PTR, mkcgo_err_state *); ++int _mkcgo_EC_KEY_set_public_key_affine_coordinates(_EC_KEY_PTR, _BIGNUM_PTR, _BIGNUM_PTR, mkcgo_err_state *); ++void _mkcgo_EC_POINT_free(_EC_POINT_PTR); ++int _mkcgo_EC_POINT_get_affine_coordinates_GFp(const _EC_GROUP_PTR, const _EC_POINT_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BN_CTX_PTR, mkcgo_err_state *); ++int _mkcgo_EC_POINT_mul(const _EC_GROUP_PTR, _EC_POINT_PTR, const _BIGNUM_PTR, const _EC_POINT_PTR, const _BIGNUM_PTR, _BN_CTX_PTR, mkcgo_err_state *); ++_EC_POINT_PTR _mkcgo_EC_POINT_new(const _EC_GROUP_PTR, mkcgo_err_state *); ++int _mkcgo_EC_POINT_oct2point(const _EC_GROUP_PTR, _EC_POINT_PTR, const unsigned char*, size_t, _BN_CTX_PTR, mkcgo_err_state *); ++size_t _mkcgo_EC_POINT_point2oct(const _EC_GROUP_PTR, const _EC_POINT_PTR, point_conversion_form_t, unsigned char*, size_t, _BN_CTX_PTR, mkcgo_err_state *); ++int _mkcgo_EC_POINT_set_affine_coordinates(const _EC_GROUP_PTR, _EC_POINT_PTR, const _BIGNUM_PTR, const _BIGNUM_PTR, _BN_CTX_PTR, mkcgo_err_state *); ++void _mkcgo_ERR_clear_error(void); ++void _mkcgo_ERR_error_string_n(unsigned long, char*, size_t); ++unsigned long _mkcgo_ERR_get_error_all(const char**, int*, const char**, const char**, int*); ++unsigned long _mkcgo_ERR_get_error_line(const char**, int*); ++int _mkcgo_EVP_CIPHER_CTX_ctrl(_EVP_CIPHER_CTX_PTR, int, int, void*, mkcgo_err_state *); ++void _mkcgo_EVP_CIPHER_CTX_free(_EVP_CIPHER_CTX_PTR); ++_EVP_CIPHER_CTX_PTR _mkcgo_EVP_CIPHER_CTX_new(mkcgo_err_state *); ++int _mkcgo_EVP_CIPHER_CTX_set_key_length(_EVP_CIPHER_CTX_PTR, int, mkcgo_err_state *); ++int _mkcgo_EVP_CIPHER_CTX_set_padding(_EVP_CIPHER_CTX_PTR, int, mkcgo_err_state *); ++_EVP_CIPHER_PTR _mkcgo_EVP_CIPHER_fetch(_OSSL_LIB_CTX_PTR, const char*, const char*, mkcgo_err_state *); ++const char* _mkcgo_EVP_CIPHER_get0_name(const _EVP_CIPHER_PTR); ++int _mkcgo_EVP_CIPHER_get_block_size(const _EVP_CIPHER_PTR); ++int _mkcgo_EVP_CipherInit_ex(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*, int, mkcgo_err_state *); ++int _mkcgo_EVP_CipherUpdate(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int, mkcgo_err_state *); ++int _mkcgo_EVP_DecryptFinal_ex(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, mkcgo_err_state *); ++int _mkcgo_EVP_DecryptInit_ex(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*, mkcgo_err_state *); ++int _mkcgo_EVP_DecryptUpdate(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int, mkcgo_err_state *); ++int _mkcgo_EVP_Digest(const void*, size_t, unsigned char*, unsigned int*, const _EVP_MD_PTR, _ENGINE_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_DigestFinal_ex(_EVP_MD_CTX_PTR, unsigned char*, unsigned int*, mkcgo_err_state *); ++int _mkcgo_EVP_DigestInit(_EVP_MD_CTX_PTR, const _EVP_MD_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_DigestInit_ex(_EVP_MD_CTX_PTR, const _EVP_MD_PTR, _ENGINE_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_DigestSign(_EVP_MD_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t, mkcgo_err_state *); ++int _mkcgo_EVP_DigestSignFinal(_EVP_MD_CTX_PTR, unsigned char*, size_t*, mkcgo_err_state *); ++int _mkcgo_EVP_DigestSignInit(_EVP_MD_CTX_PTR, _EVP_PKEY_CTX_PTR*, const _EVP_MD_PTR, _ENGINE_PTR, _EVP_PKEY_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_DigestUpdate(_EVP_MD_CTX_PTR, const void*, size_t, mkcgo_err_state *); ++int _mkcgo_EVP_DigestVerify(_EVP_MD_CTX_PTR, const unsigned char*, size_t, const unsigned char*, size_t, mkcgo_err_state *); ++int _mkcgo_EVP_DigestVerifyFinal(_EVP_MD_CTX_PTR, const unsigned char*, size_t, mkcgo_err_state *); ++int _mkcgo_EVP_DigestVerifyInit(_EVP_MD_CTX_PTR, _EVP_PKEY_CTX_PTR*, const _EVP_MD_PTR, _ENGINE_PTR, _EVP_PKEY_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_EncryptFinal_ex(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, mkcgo_err_state *); ++int _mkcgo_EVP_EncryptInit_ex(_EVP_CIPHER_CTX_PTR, const _EVP_CIPHER_PTR, _ENGINE_PTR, const unsigned char*, const unsigned char*, mkcgo_err_state *); ++int _mkcgo_EVP_EncryptUpdate(_EVP_CIPHER_CTX_PTR, unsigned char*, int*, const unsigned char*, int, mkcgo_err_state *); ++void _mkcgo_EVP_KDF_CTX_free(_EVP_KDF_CTX_PTR); ++size_t _mkcgo_EVP_KDF_CTX_get_kdf_size(_EVP_KDF_CTX_PTR, mkcgo_err_state *); ++_EVP_KDF_CTX_PTR _mkcgo_EVP_KDF_CTX_new(_EVP_KDF_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_KDF_CTX_set_params(_EVP_KDF_CTX_PTR, const _OSSL_PARAM_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_KDF_derive(_EVP_KDF_CTX_PTR, unsigned char*, size_t, const _OSSL_PARAM_PTR, mkcgo_err_state *); ++_EVP_KDF_PTR _mkcgo_EVP_KDF_fetch(_OSSL_LIB_CTX_PTR, const char*, const char*, mkcgo_err_state *); ++void _mkcgo_EVP_KDF_free(_EVP_KDF_PTR); ++_EVP_MAC_CTX_PTR _mkcgo_EVP_MAC_CTX_dup(const _EVP_MAC_CTX_PTR, mkcgo_err_state *); ++void _mkcgo_EVP_MAC_CTX_free(_EVP_MAC_CTX_PTR); ++_EVP_MAC_CTX_PTR _mkcgo_EVP_MAC_CTX_new(_EVP_MAC_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_MAC_CTX_set_params(_EVP_MAC_CTX_PTR, const _OSSL_PARAM_PTR, mkcgo_err_state *); ++_EVP_MAC_PTR _mkcgo_EVP_MAC_fetch(_OSSL_LIB_CTX_PTR, const char*, const char*, mkcgo_err_state *); ++int _mkcgo_EVP_MAC_final(_EVP_MAC_CTX_PTR, unsigned char*, size_t*, size_t, mkcgo_err_state *); ++int _mkcgo_EVP_MAC_init(_EVP_MAC_CTX_PTR, const unsigned char*, size_t, const _OSSL_PARAM_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_MAC_update(_EVP_MAC_CTX_PTR, const unsigned char*, size_t, mkcgo_err_state *); ++int _mkcgo_EVP_MD_CTX_copy(_EVP_MD_CTX_PTR, const _EVP_MD_CTX_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_MD_CTX_copy_ex(_EVP_MD_CTX_PTR, const _EVP_MD_CTX_PTR, mkcgo_err_state *); ++void _mkcgo_EVP_MD_CTX_free(_EVP_MD_CTX_PTR); ++int _mkcgo_EVP_MD_CTX_get_params(_EVP_MD_CTX_PTR, _OSSL_PARAM_PTR, mkcgo_err_state *); ++const _OSSL_PARAM_PTR _mkcgo_EVP_MD_CTX_gettable_params(_EVP_MD_CTX_PTR, mkcgo_err_state *); ++_EVP_MD_CTX_PTR _mkcgo_EVP_MD_CTX_new(mkcgo_err_state *); ++int _mkcgo_EVP_MD_CTX_set_params(_EVP_MD_CTX_PTR, const _OSSL_PARAM_PTR, mkcgo_err_state *); ++const _OSSL_PARAM_PTR _mkcgo_EVP_MD_CTX_settable_params(_EVP_MD_CTX_PTR, mkcgo_err_state *); ++_EVP_MD_PTR _mkcgo_EVP_MD_fetch(_OSSL_LIB_CTX_PTR, const char*, const char*, mkcgo_err_state *); ++void _mkcgo_EVP_MD_free(_EVP_MD_PTR); ++const char* _mkcgo_EVP_MD_get0_name(const _EVP_MD_PTR); ++const _OSSL_PROVIDER_PTR _mkcgo_EVP_MD_get0_provider(const _EVP_MD_PTR); ++int _mkcgo_EVP_MD_get_block_size(const _EVP_MD_PTR); ++int _mkcgo_EVP_MD_get_size(const _EVP_MD_PTR); ++int _mkcgo_EVP_MD_get_type(const _EVP_MD_PTR); ++int _mkcgo_EVP_PKEY_CTX_add1_hkdf_info(_EVP_PKEY_CTX_PTR, const unsigned char*, int, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_CTX_ctrl(_EVP_PKEY_CTX_PTR, int, int, int, int, void*, mkcgo_err_state *); ++void _mkcgo_EVP_PKEY_CTX_free(_EVP_PKEY_CTX_PTR); ++_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new(_EVP_PKEY_PTR, _ENGINE_PTR, mkcgo_err_state *); ++_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new_from_pkey(_OSSL_LIB_CTX_PTR, _EVP_PKEY_PTR, const char*, mkcgo_err_state *); ++_EVP_PKEY_CTX_PTR _mkcgo_EVP_PKEY_CTX_new_id(int, _ENGINE_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_CTX_set0_rsa_oaep_label(_EVP_PKEY_CTX_PTR, void*, int, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_CTX_set1_hkdf_key(_EVP_PKEY_CTX_PTR, const unsigned char*, int, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_CTX_set1_hkdf_salt(_EVP_PKEY_CTX_PTR, const unsigned char*, int, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_CTX_set_hkdf_md(_EVP_PKEY_CTX_PTR, const _EVP_MD_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_CTX_set_hkdf_mode(_EVP_PKEY_CTX_PTR, int, mkcgo_err_state *); ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_EC(_OSSL_LIB_CTX_PTR, const char*, const char*, const char*, mkcgo_err_state *); ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_ED25519(_OSSL_LIB_CTX_PTR, const char*, const char*, mkcgo_err_state *); ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_Q_keygen_RSA(_OSSL_LIB_CTX_PTR, const char*, const char*, size_t, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_assign(_EVP_PKEY_PTR, int, void*, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_decrypt(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_decrypt_init(_EVP_PKEY_CTX_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_derive(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_derive_init(_EVP_PKEY_CTX_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_derive_set_peer(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_encrypt(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_encrypt_init(_EVP_PKEY_CTX_PTR, mkcgo_err_state *); ++void _mkcgo_EVP_PKEY_free(_EVP_PKEY_PTR); ++int _mkcgo_EVP_PKEY_fromdata(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*, int, _OSSL_PARAM_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_fromdata_init(_EVP_PKEY_CTX_PTR, mkcgo_err_state *); ++_DSA_PTR _mkcgo_EVP_PKEY_get0_DSA(_EVP_PKEY_PTR, mkcgo_err_state *); ++_EC_KEY_PTR _mkcgo_EVP_PKEY_get0_EC_KEY(_EVP_PKEY_PTR, mkcgo_err_state *); ++_RSA_PTR _mkcgo_EVP_PKEY_get1_RSA(_EVP_PKEY_PTR, mkcgo_err_state *); ++size_t _mkcgo_EVP_PKEY_get1_encoded_public_key(_EVP_PKEY_PTR, unsigned char**, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_get_bits(const _EVP_PKEY_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_get_bn_param(const _EVP_PKEY_PTR, const char*, _BIGNUM_PTR*, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_get_raw_private_key(const _EVP_PKEY_PTR, unsigned char*, size_t*, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_get_raw_public_key(const _EVP_PKEY_PTR, unsigned char*, size_t*, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_get_size(const _EVP_PKEY_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_keygen(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_keygen_init(_EVP_PKEY_CTX_PTR, mkcgo_err_state *); ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new(mkcgo_err_state *); ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new_raw_private_key(int, _ENGINE_PTR, const unsigned char*, size_t, mkcgo_err_state *); ++_EVP_PKEY_PTR _mkcgo_EVP_PKEY_new_raw_public_key(int, _ENGINE_PTR, const unsigned char*, size_t, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_paramgen(_EVP_PKEY_CTX_PTR, _EVP_PKEY_PTR*, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_paramgen_init(_EVP_PKEY_CTX_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_private_check(_EVP_PKEY_CTX_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_public_check_quick(_EVP_PKEY_CTX_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_set1_EC_KEY(_EVP_PKEY_PTR, _EC_KEY_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_set1_encoded_public_key(_EVP_PKEY_PTR, const unsigned char*, size_t, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_sign(_EVP_PKEY_CTX_PTR, unsigned char*, size_t*, const unsigned char*, size_t, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_sign_init(_EVP_PKEY_CTX_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_up_ref(_EVP_PKEY_PTR, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_verify(_EVP_PKEY_CTX_PTR, const unsigned char*, size_t, const unsigned char*, size_t, mkcgo_err_state *); ++int _mkcgo_EVP_PKEY_verify_init(_EVP_PKEY_CTX_PTR, mkcgo_err_state *); ++_EVP_SIGNATURE_PTR _mkcgo_EVP_SIGNATURE_fetch(_OSSL_LIB_CTX_PTR, const char*, const char*, mkcgo_err_state *); ++void _mkcgo_EVP_SIGNATURE_free(_EVP_SIGNATURE_PTR); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_cbc(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_ctr(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_ecb(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_128_gcm(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_cbc(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_ctr(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_ecb(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_192_gcm(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_cbc(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_ctr(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_ecb(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_aes_256_gcm(void); ++int _mkcgo_EVP_default_properties_enable_fips(_OSSL_LIB_CTX_PTR, int, mkcgo_err_state *); ++int _mkcgo_EVP_default_properties_is_fips_enabled(_OSSL_LIB_CTX_PTR); ++const _EVP_CIPHER_PTR _mkcgo_EVP_des_cbc(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_des_ecb(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_des_ede3_cbc(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_des_ede3_ecb(void); ++const _EVP_MD_PTR _mkcgo_EVP_md4(void); ++const _EVP_MD_PTR _mkcgo_EVP_md5(void); ++const _EVP_MD_PTR _mkcgo_EVP_md5_sha1(void); ++const _EVP_CIPHER_PTR _mkcgo_EVP_rc4(void); ++const _EVP_MD_PTR _mkcgo_EVP_ripemd160(void); ++const _EVP_MD_PTR _mkcgo_EVP_sha1(void); ++const _EVP_MD_PTR _mkcgo_EVP_sha224(void); ++const _EVP_MD_PTR _mkcgo_EVP_sha256(void); ++const _EVP_MD_PTR _mkcgo_EVP_sha384(void); ++const _EVP_MD_PTR _mkcgo_EVP_sha3_224(void); ++const _EVP_MD_PTR _mkcgo_EVP_sha3_256(void); ++const _EVP_MD_PTR _mkcgo_EVP_sha3_384(void); ++const _EVP_MD_PTR _mkcgo_EVP_sha3_512(void); ++const _EVP_MD_PTR _mkcgo_EVP_sha512(void); ++const _EVP_MD_PTR _mkcgo_EVP_sha512_224(void); ++const _EVP_MD_PTR _mkcgo_EVP_sha512_256(void); ++int _mkcgo_FIPS_mode(void); ++int _mkcgo_FIPS_mode_set(int, mkcgo_err_state *); ++int _mkcgo_HMAC_CTX_copy(_HMAC_CTX_PTR, _HMAC_CTX_PTR, mkcgo_err_state *); ++void _mkcgo_HMAC_CTX_free(_HMAC_CTX_PTR); ++_HMAC_CTX_PTR _mkcgo_HMAC_CTX_new(mkcgo_err_state *); ++int _mkcgo_HMAC_Final(_HMAC_CTX_PTR, unsigned char*, unsigned int*, mkcgo_err_state *); ++int _mkcgo_HMAC_Init_ex(_HMAC_CTX_PTR, const void*, int, const _EVP_MD_PTR, _ENGINE_PTR, mkcgo_err_state *); ++int _mkcgo_HMAC_Update(_HMAC_CTX_PTR, const unsigned char*, size_t, mkcgo_err_state *); ++const char* _mkcgo_OBJ_nid2sn(int); ++void _mkcgo_OPENSSL_init(void); ++int _mkcgo_OPENSSL_init_crypto(uint64_t, const _OPENSSL_INIT_SETTINGS_PTR, mkcgo_err_state *); ++unsigned int _mkcgo_OPENSSL_version_major(void); ++unsigned int _mkcgo_OPENSSL_version_minor(void); ++unsigned int _mkcgo_OPENSSL_version_patch(void); ++void _mkcgo_OSSL_PARAM_BLD_free(_OSSL_PARAM_BLD_PTR); ++_OSSL_PARAM_BLD_PTR _mkcgo_OSSL_PARAM_BLD_new(mkcgo_err_state *); ++int _mkcgo_OSSL_PARAM_BLD_push_BN(_OSSL_PARAM_BLD_PTR, const char*, const _BIGNUM_PTR, mkcgo_err_state *); ++int _mkcgo_OSSL_PARAM_BLD_push_int32(_OSSL_PARAM_BLD_PTR, const char*, int32_t, mkcgo_err_state *); ++int _mkcgo_OSSL_PARAM_BLD_push_octet_string(_OSSL_PARAM_BLD_PTR, const char*, const void*, size_t, mkcgo_err_state *); ++int _mkcgo_OSSL_PARAM_BLD_push_utf8_string(_OSSL_PARAM_BLD_PTR, const char*, const char*, size_t, mkcgo_err_state *); ++_OSSL_PARAM_PTR _mkcgo_OSSL_PARAM_BLD_to_param(_OSSL_PARAM_BLD_PTR, mkcgo_err_state *); ++void _mkcgo_OSSL_PARAM_free(_OSSL_PARAM_PTR); ++const _OSSL_PARAM_PTR _mkcgo_OSSL_PARAM_locate_const(const _OSSL_PARAM_PTR, const char*, mkcgo_err_state *); ++int _mkcgo_OSSL_PROVIDER_available(_OSSL_LIB_CTX_PTR, const char*); ++const char* _mkcgo_OSSL_PROVIDER_get0_name(const _OSSL_PROVIDER_PTR); ++_OSSL_PROVIDER_PTR _mkcgo_OSSL_PROVIDER_try_load(_OSSL_LIB_CTX_PTR, const char*, int, mkcgo_err_state *); ++const char* _mkcgo_OpenSSL_version(int); ++unsigned long _mkcgo_OpenSSL_version_num(void); ++int _mkcgo_PKCS5_PBKDF2_HMAC(const char*, int, const unsigned char*, int, int, const _EVP_MD_PTR, int, unsigned char*, mkcgo_err_state *); ++int _mkcgo_RAND_bytes(unsigned char*, int, mkcgo_err_state *); ++void _mkcgo_RSA_free(_RSA_PTR); ++void _mkcgo_RSA_get0_crt_params(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); ++void _mkcgo_RSA_get0_factors(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*); ++void _mkcgo_RSA_get0_key(const _RSA_PTR, const _BIGNUM_PTR*, const _BIGNUM_PTR*, const _BIGNUM_PTR*); ++_RSA_PTR _mkcgo_RSA_new(mkcgo_err_state *); ++int _mkcgo_RSA_set0_crt_params(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR, mkcgo_err_state *); ++int _mkcgo_RSA_set0_factors(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, mkcgo_err_state *); ++int _mkcgo_RSA_set0_key(_RSA_PTR, _BIGNUM_PTR, _BIGNUM_PTR, _BIGNUM_PTR, mkcgo_err_state *); + -+// loadShake converts a crypto.Hash to a EVP_MD. -+func loadShake(securityBits int) (alg *shakeAlgorithm) { -+ if v, ok := cacheSHAKE.Load(securityBits); ok { -+ return v.(*shakeAlgorithm) -+ } -+ defer func() { -+ cacheSHAKE.Store(securityBits, alg) -+ }() ++#endif // MKCGO_H +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl_go124.go b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl_go124.go +new file mode 100644 +index 00000000000000..ae64d2f7ee9990 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/internal/ossl/zossl_go124.go +@@ -0,0 +1,37 @@ ++// Code generated by mkcgo. DO NOT EDIT. + -+ var name cString -+ switch securityBits { -+ case 128: -+ name = _DigestNameSHAKE128 -+ case 256: -+ name = _DigestNameSHAKE256 -+ default: -+ return nil -+ } ++//go:build go1.24 && !cmd_go_bootstrap + -+ md, err := ossl.EVP_MD_fetch(nil, name.ptr(), nil) -+ if err != nil || md == nil { -+ return nil -+ } ++package ossl + -+ alg = new(shakeAlgorithm) -+ alg.md = md -+ alg.blockSize = int(ossl.EVP_MD_get_block_size(md)) -+ return alg -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/des.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/des.go ++/* ++#cgo noescape _mkcgo_EVP_CipherUpdate ++#cgo nocallback _mkcgo_EVP_CipherUpdate ++#cgo noescape _mkcgo_EVP_DecryptFinal_ex ++#cgo nocallback _mkcgo_EVP_DecryptFinal_ex ++#cgo noescape _mkcgo_EVP_DecryptUpdate ++#cgo nocallback _mkcgo_EVP_DecryptUpdate ++#cgo noescape _mkcgo_EVP_Digest ++#cgo nocallback _mkcgo_EVP_Digest ++#cgo noescape _mkcgo_EVP_DigestFinal_ex ++#cgo nocallback _mkcgo_EVP_DigestFinal_ex ++#cgo noescape _mkcgo_EVP_DigestSign ++#cgo nocallback _mkcgo_EVP_DigestSign ++#cgo noescape _mkcgo_EVP_DigestUpdate ++#cgo nocallback _mkcgo_EVP_DigestUpdate ++#cgo noescape _mkcgo_EVP_EncryptFinal_ex ++#cgo nocallback _mkcgo_EVP_EncryptFinal_ex ++#cgo noescape _mkcgo_EVP_EncryptUpdate ++#cgo nocallback _mkcgo_EVP_EncryptUpdate ++#cgo noescape _mkcgo_EVP_MD_CTX_copy ++#cgo nocallback _mkcgo_EVP_MD_CTX_copy ++#cgo noescape _mkcgo_EVP_PKEY_derive ++#cgo nocallback _mkcgo_EVP_PKEY_derive ++#cgo noescape _mkcgo_EVP_PKEY_get_raw_private_key ++#cgo nocallback _mkcgo_EVP_PKEY_get_raw_private_key ++#cgo noescape _mkcgo_EVP_PKEY_get_raw_public_key ++#cgo nocallback _mkcgo_EVP_PKEY_get_raw_public_key ++#cgo noescape _mkcgo_RAND_bytes ++#cgo nocallback _mkcgo_RAND_bytes ++*/ ++import "C" +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/aes.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/aes.go new file mode 100644 -index 00000000000000..6ae4a6372f8d08 +index 00000000000000..739d22d5df3108 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/des.go -@@ -0,0 +1,121 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/aes.go +@@ -0,0 +1,146 @@ ++//go:build !cmd_go_bootstrap + +package openssl + ++import "C" +import ( + "crypto/cipher" + "errors" -+ -+ "github.com/microsoft/go-crypto-openssl/osslsetup" +) + -+// SupportsDESCipher returns true if NewDESCipher is supported, -+// which uses ECB mode. -+// If CBC is also supported, then the returned cipher.Block -+// will also implement NewCBCEncrypter and NewCBCDecrypter. -+func SupportsDESCipher() bool { -+ switch major() { -+ case 1: -+ // DES is not part of the OpenSSL 1.x FIPS module. -+ return !osslsetup.FIPS() && loadCipher(cipherDES, cipherModeECB) != nil ++//go:generate go run github.com/microsoft/go-crypto-openssl/cmd/genaesmodes -in aes.go -modes CBC,CTR,GCM -out zaes.go ++//go:generate go run github.com/microsoft/go-crypto-openssl/cmd/gentestvectors -out vectors_test.go ++ ++// Steps to support a new AES mode, e.g. `FOO`: ++// 1. Add `FOO` to the list of modes in the `genaesmodes` command. ++// 2. Run `go generate` to update the generated code. ++// 3. Implement the necessary interfaces for the new struct, which will be named `cipherWithFOO`. ++ ++// NewAESCipher creates and returns a new AES cipher.Block. ++// The key argument should be the AES key, either 16, 24, or 32 bytes to select ++// AES-128, AES-192, or AES-256. ++// The returned cipher.Block implements the CBC, CTR, and/or GCM modes if ++// the underlying OpenSSL library supports them. ++func NewAESCipher(key []byte) (cipher.Block, error) { ++ var kind cipherKind ++ switch len(key) * 8 { ++ case 128: ++ kind = cipherAES128 ++ case 192: ++ kind = cipherAES192 ++ case 256: ++ kind = cipherAES256 + default: -+ // On OpenSSL 3+ availability is decided by the algorithm probe: -+ // EVP_CIPHER_fetch returns nil unless the legacy provider is loaded. -+ return loadCipher(cipherDES, cipherModeECB) != nil ++ return nil, errors.New("crypto/aes: invalid key size") ++ } ++ c, err := newEVPCipher(key, kind) ++ if err != nil { ++ return nil, err + } ++ return newAESBlock(c, kind), nil +} + -+// SupportsTripleDESCipher returns true if NewTripleDESCipher is supported, -+// which uses ECB mode. -+// If CBC is also supported, then the returned cipher.Block -+// will also implement NewCBCEncrypter and NewCBCDecrypter. -+func SupportsTripleDESCipher() bool { -+ // Should always be true for stock OpenSSL, -+ // even when using the FIPS provider. -+ return loadCipher(cipherDES3, cipherModeECB) != nil ++// NewGCMTLS returns a GCM cipher specific to TLS ++// and should not be used for non-TLS purposes. ++func NewGCMTLS(c cipher.Block) (cipher.AEAD, error) { ++ if c, ok := c.(interface { ++ NewGCMTLS() (cipher.AEAD, error) ++ }); ok { ++ return c.NewGCMTLS() ++ } ++ return nil, errors.New("GCM not supported") +} + -+func NewDESCipher(key []byte) (cipher.Block, error) { -+ if len(key) != 8 { -+ return nil, errors.New("crypto/des: invalid key size") ++// NewGCMTLS13 returns a GCM cipher specific to TLS 1.3 and should not be used ++// for non-TLS purposes. ++func NewGCMTLS13(c cipher.Block) (cipher.AEAD, error) { ++ if c, ok := c.(interface { ++ NewGCMTLS13() (cipher.AEAD, error) ++ }); ok { ++ return c.NewGCMTLS13() + } -+ return newDESCipher(key, cipherDES) ++ return nil, errors.New("GCM not supported") +} + -+func NewTripleDESCipher(key []byte) (cipher.Block, error) { -+ if len(key) != 24 { -+ return nil, errors.New("crypto/des: invalid key size") -+ } -+ return newDESCipher(key, cipherDES3) ++// aesCipher implements the cipher.Block interface. ++type aesCipher struct { ++ cipher *evpCipher +} + -+func newDESCipher(key []byte, kind cipherKind) (cipher.Block, error) { -+ c, err := newEVPCipher(key, kind) -+ if err != nil { -+ return nil, err -+ } -+ if loadCipher(kind, cipherModeCBC) == nil { -+ return &desCipherWithoutCBC{c}, nil ++func (c aesCipher) BlockSize() int { ++ return c.cipher.blockSize ++} ++ ++func (c aesCipher) Encrypt(dst, src []byte) { ++ if err := c.cipher.encrypt(dst, src); err != nil { ++ // crypto/aes expects that the panic message starts with "crypto/aes: ". ++ panic("crypto/aes: " + err.Error()) + } -+ return &desCipher{c}, nil +} + -+type desExtraModes interface { -+ NewCBCEncrypter(iv []byte) cipher.BlockMode -+ NewCBCDecrypter(iv []byte) cipher.BlockMode ++func (c aesCipher) Decrypt(dst, src []byte) { ++ if err := c.cipher.decrypt(dst, src); err != nil { ++ // crypto/aes expects that the panic message starts with "crypto/aes: ". ++ panic("crypto/aes: " + err.Error()) ++ } +} + -+var _ desExtraModes = (*desCipher)(nil) ++// Implement optional interfaces for AES modes. + -+type desCipher struct { -+ *evpCipher ++func (c cipherWithCBC) NewCBCEncrypter(iv []byte) cipher.BlockMode { ++ return c.cipher.newCBC(iv, cipherOpEncrypt) +} + -+func (c *desCipher) BlockSize() int { -+ return c.blockSize ++func (c cipherWithCBC) NewCBCDecrypter(iv []byte) cipher.BlockMode { ++ return c.cipher.newCBC(iv, cipherOpDecrypt) +} + -+func (c *desCipher) Encrypt(dst, src []byte) { -+ if err := c.encrypt(dst, src); err != nil { -+ // crypto/des expects that the panic message starts with "crypto/des: ". -+ panic("crypto/des: " + err.Error()) -+ } ++func (c cipherWithCTR) NewCTR(iv []byte) cipher.Stream { ++ return c.cipher.newCTR(iv) +} + -+func (c *desCipher) Decrypt(dst, src []byte) { -+ if err := c.decrypt(dst, src); err != nil { -+ // crypto/des expects that the panic message starts with "crypto/des: ". -+ panic("crypto/des: " + err.Error()) -+ } ++func (c cipherWithGCM) NewGCM(nonceSize, tagSize int) (cipher.AEAD, error) { ++ return c.cipher.newGCMChecked(nonceSize, tagSize) +} + -+func (c *desCipher) NewCBCEncrypter(iv []byte) cipher.BlockMode { -+ return c.newCBC(iv, cipherOpEncrypt) ++func (c cipherWithGCM) NewGCMTLS() (cipher.AEAD, error) { ++ return c.cipher.newGCM(cipherGCMTLS12) +} + -+func (c *desCipher) NewCBCDecrypter(iv []byte) cipher.BlockMode { -+ return c.newCBC(iv, cipherOpDecrypt) ++func (c cipherWithGCM) NewGCMTLS13() (cipher.AEAD, error) { ++ return c.cipher.newGCM(cipherGCMTLS13) +} + -+type desCipherWithoutCBC struct { -+ *evpCipher ++// The following interfaces have been copied out of crypto/aes/modes.go. ++ ++type gcmAble interface { ++ NewGCM(nonceSize, tagSize int) (cipher.AEAD, error) +} + -+func (c *desCipherWithoutCBC) BlockSize() int { -+ return c.blockSize ++type cbcEncAble interface { ++ NewCBCEncrypter(iv []byte) cipher.BlockMode +} + -+func (c *desCipherWithoutCBC) Encrypt(dst, src []byte) { -+ if err := c.encrypt(dst, src); err != nil { -+ // crypto/des expects that the panic message starts with "crypto/des: ". -+ panic("crypto/des: " + err.Error()) -+ } ++type cbcDecAble interface { ++ NewCBCDecrypter(iv []byte) cipher.BlockMode +} + -+func (c *desCipherWithoutCBC) Decrypt(dst, src []byte) { -+ if err := c.decrypt(dst, src); err != nil { -+ // crypto/des expects that the panic message starts with "crypto/des: ". -+ panic("crypto/des: " + err.Error()) -+ } ++type ctrAble interface { ++ NewCTR(iv []byte) cipher.Stream +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/dsa.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/dsa.go ++ ++// Test that the interfaces are implemented. ++ ++var ( ++ _ cipher.Block = (*aesCipher)(nil) ++ ++ _ cipher.Block = (*cipherWithCBC)(nil) ++ _ cbcEncAble = (*cipherWithCBC)(nil) ++ _ cbcDecAble = (*cipherWithCBC)(nil) ++ ++ _ cipher.Block = (*cipherWithCTR)(nil) ++ _ ctrAble = (*cipherWithCTR)(nil) ++ ++ _ cipher.Block = (*cipherWithGCM)(nil) ++ _ gcmAble = (*cipherWithGCM)(nil) ++) +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/big.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/big.go new file mode 100644 -index 00000000000000..82b7b1081468de +index 00000000000000..6461f241f863fc --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/dsa.go -@@ -0,0 +1,306 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/big.go +@@ -0,0 +1,11 @@ ++package openssl ++ ++// This file does not have build constraints to ++// facilitate using BigInt in Go crypto. ++// Go crypto references BigInt unconditionally, ++// even if it is not finally used. ++ ++// A BigInt is the raw words from a BigInt. ++// This definition allows us to avoid importing math/big. ++// Conversion between BigInt and *big.Int is in openssl/bbig. ++type BigInt []uint +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/cipher.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/cipher.go +new file mode 100644 +index 00000000000000..dcbb66acdce48a +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/cipher.go +@@ -0,0 +1,654 @@ ++//go:build !cmd_go_bootstrap + +package openssl + ++import "C" ++ +import ( ++ "crypto/cipher" ++ "errors" + "runtime" ++ "strconv" ++ "sync" + "unsafe" + + "github.com/microsoft/go-crypto-openssl/internal/ossl" +) + -+// SupportsDSA returns true if the OpenSSL library supports DSA. -+func SupportsDSA() bool { -+ ctx, err := ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_DSA, nil) -+ if err != nil { -+ return false -+ } -+ ossl.EVP_PKEY_CTX_free(ctx) -+ return true -+} -+ -+// DSAParameters contains the DSA parameters. -+type DSAParameters struct { -+ P, Q, G BigInt -+} ++type cipherKind int8 + -+// PrivateKeyDSA represents a DSA private key. -+type PrivateKeyDSA struct { -+ DSAParameters -+ X, Y BigInt ++const ( ++ cipherAES128 cipherKind = iota ++ cipherAES192 ++ cipherAES256 ++ cipherDES ++ cipherDES3 ++ cipherRC4 ++) + -+ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. -+ _pkey ossl.EVP_PKEY_PTR ++func (c cipherKind) String() string { ++ switch c { ++ case cipherAES128: ++ return "AES-128" ++ case cipherAES192: ++ return "AES-192" ++ case cipherAES256: ++ return "AES-256" ++ case cipherDES: ++ return "DES" ++ case cipherDES3: ++ return "DES3" ++ case cipherRC4: ++ return "RC4" ++ default: ++ panic("unknown cipher kind: " + strconv.Itoa(int(c))) ++ } +} + -+func (k *PrivateKeyDSA) finalize() { -+ ossl.EVP_PKEY_free(k._pkey) -+} ++type cipherMode int8 + -+func (k *PrivateKeyDSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { -+ defer runtime.KeepAlive(k) -+ return f(k._pkey) -+} ++const ( ++ cipherModeNone cipherMode = -1 ++ cipherModeECB cipherMode = iota ++ cipherModeCBC ++ cipherModeCTR ++ cipherModeGCM ++) + -+// PublicKeyDSA represents a DSA public key. -+type PublicKeyDSA struct { -+ DSAParameters -+ Y BigInt ++// cipherOp is the allowed operations for a cipher, ++// as documented in [EVP_CipherInit_ex]. ++// ++// [EVP_CipherInit_ex]: https://www.openssl.org/docs/man3.0/man3/EVP_CipherInit_ex.html ++type cipherOp int8 + -+ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. -+ _pkey ossl.EVP_PKEY_PTR -+} ++const ( ++ cipherOpNone cipherOp = -1 // leaves the value of the previous call, if any. ++ cipherOpDecrypt cipherOp = 0 ++ cipherOpEncrypt cipherOp = 1 ++) + -+func (k *PublicKeyDSA) finalize() { -+ ossl.EVP_PKEY_free(k._pkey) -+} ++// cacheCipher is a cache of cipherKind to GO_EVP_CIPHER_PTR. ++var cacheCipher sync.Map + -+func (k *PublicKeyDSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { -+ defer runtime.KeepAlive(k) -+ return f(k._pkey) ++type cacheCipherKey struct { ++ kind cipherKind ++ mode cipherMode +} + -+// GenerateParametersDSA generates a set of DSA parameters. -+func GenerateParametersDSA(l, n int) (DSAParameters, error) { -+ // The DSA parameters are generated by creating a new DSA key and -+ // extracting the domain parameters from it. -+ -+ // Generate a new DSA key context and set the known parameters. -+ ctx, err := ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_DSA, nil) -+ if err != nil { -+ return DSAParameters{}, err -+ } -+ defer ossl.EVP_PKEY_CTX_free(ctx) -+ if _, err := ossl.EVP_PKEY_paramgen_init(ctx); err != nil { -+ return DSAParameters{}, err -+ } -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_DSA, -1, ossl.EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, int32(l), nil); err != nil { -+ return DSAParameters{}, err -+ } -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_DSA, -1, ossl.EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, int32(n), nil); err != nil { -+ return DSAParameters{}, err -+ } -+ var pkey ossl.EVP_PKEY_PTR -+ if _, err := ossl.EVP_PKEY_paramgen(ctx, &pkey); err != nil { -+ return DSAParameters{}, err ++// loadCipher returns a cipher object for the given k. ++func loadCipher(k cipherKind, mode cipherMode) (cipher ossl.EVP_CIPHER_PTR) { ++ if v, ok := cacheCipher.Load(cacheCipherKey{k, mode}); ok { ++ return v.(ossl.EVP_CIPHER_PTR) + } -+ defer ossl.EVP_PKEY_free(pkey) -+ -+ // Extract the domain parameters from the generated key. -+ var p, q, g ossl.BIGNUM_PTR -+ switch major() { -+ case 1: -+ dsa := getDSA(pkey) -+ ossl.DSA_get0_pqg(dsa, &p, &q, &g) -+ case 3, 4: -+ defer func() { -+ ossl.BN_free(p) -+ ossl.BN_free(q) -+ ossl.BN_free(g) -+ }() -+ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_FFC_P.ptr(), &p); err != nil { -+ return DSAParameters{}, err ++ defer func() { ++ if cipher != nil && vMajor == 3 { ++ // On OpenSSL 3, directly operating on a EVP_CIPHER object ++ // not created by EVP_CIPHER has negative performance ++ // implications, as cipher operations will have ++ // to fetch it on every call. Better to just fetch it once here. ++ cipher, _ = ossl.EVP_CIPHER_fetch(nil, ossl.EVP_CIPHER_get0_name(cipher), nil) ++ } ++ cacheCipher.Store(cacheCipherKey{k, mode}, cipher) ++ }() ++ switch k { ++ case cipherAES128: ++ switch mode { ++ case cipherModeECB: ++ cipher = ossl.EVP_aes_128_ecb() ++ case cipherModeCBC: ++ cipher = ossl.EVP_aes_128_cbc() ++ case cipherModeCTR: ++ cipher = ossl.EVP_aes_128_ctr() ++ case cipherModeGCM: ++ cipher = ossl.EVP_aes_128_gcm() ++ } ++ case cipherAES192: ++ switch mode { ++ case cipherModeECB: ++ cipher = ossl.EVP_aes_192_ecb() ++ case cipherModeCBC: ++ cipher = ossl.EVP_aes_192_cbc() ++ case cipherModeCTR: ++ cipher = ossl.EVP_aes_192_ctr() ++ case cipherModeGCM: ++ cipher = ossl.EVP_aes_192_gcm() + } -+ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_FFC_Q.ptr(), &q); err != nil { -+ return DSAParameters{}, err ++ case cipherAES256: ++ switch mode { ++ case cipherModeECB: ++ cipher = ossl.EVP_aes_256_ecb() ++ case cipherModeCBC: ++ cipher = ossl.EVP_aes_256_cbc() ++ case cipherModeCTR: ++ cipher = ossl.EVP_aes_256_ctr() ++ case cipherModeGCM: ++ cipher = ossl.EVP_aes_256_gcm() + } -+ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_FFC_G.ptr(), &g); err != nil { -+ return DSAParameters{}, err ++ case cipherDES: ++ switch mode { ++ case cipherModeECB: ++ cipher = ossl.EVP_des_ecb() ++ case cipherModeCBC: ++ cipher = ossl.EVP_des_cbc() + } -+ default: -+ panic(errUnsupportedVersion()) ++ case cipherDES3: ++ switch mode { ++ case cipherModeECB: ++ cipher = ossl.EVP_des_ede3_ecb() ++ case cipherModeCBC: ++ cipher = ossl.EVP_des_ede3_cbc() ++ } ++ case cipherRC4: ++ cipher = ossl.EVP_rc4() + } ++ return cipher ++} + -+ return DSAParameters{ -+ P: bnToBig(p), -+ Q: bnToBig(q), -+ G: bnToBig(g), -+ }, nil ++type evpCipher struct { ++ key []byte ++ kind cipherKind ++ blockSize int +} + -+// NewPrivateKeyDSA creates a new DSA private key from the given parameters. -+func NewPrivateKeyDSA(params DSAParameters, x, y BigInt) (*PrivateKeyDSA, error) { -+ if x == nil || y == nil { -+ panic("x and y must not be nil") -+ } -+ pkey, err := newDSA(params, x, y) -+ if err != nil { -+ return nil, err ++func newEVPCipher(key []byte, kind cipherKind) (*evpCipher, error) { ++ cipher := loadCipher(kind, cipherModeECB) ++ if cipher == nil { ++ return nil, errors.New("crypto/cipher: unsupported cipher: " + kind.String()) + } -+ k := &PrivateKeyDSA{params, x, y, pkey} -+ runtime.SetFinalizer(k, (*PrivateKeyDSA).finalize) -+ return k, nil ++ c := &evpCipher{key: make([]byte, len(key)), kind: kind} ++ copy(c.key, key) ++ c.blockSize = int(ossl.EVP_CIPHER_get_block_size(cipher)) ++ return c, nil +} + -+// NewPublicKeyDSA creates a new DSA public key from the given parameters. -+func NewPublicKeyDSA(params DSAParameters, y BigInt) (*PublicKeyDSA, error) { -+ if y == nil { -+ panic("y must not be nil") ++func (c *evpCipher) encrypt(dst, src []byte) error { ++ if len(src) < c.blockSize { ++ return errors.New("input not full block") + } -+ pkey, err := newDSA(params, nil, y) ++ if len(dst) < c.blockSize { ++ return errors.New("output not full block") ++ } ++ // Only check for overlap between the parts of src and dst that will actually be used. ++ // This matches Go standard library behavior. ++ if inexactOverlap(dst[:c.blockSize], src[:c.blockSize]) { ++ return errors.New("invalid buffer overlap") ++ } ++ enc_ctx, err := newCipherCtx(c.kind, cipherModeECB, cipherOpEncrypt, c.key, nil) + if err != nil { -+ return nil, err ++ return err + } -+ k := &PublicKeyDSA{params, y, pkey} -+ runtime.SetFinalizer(k, (*PublicKeyDSA).finalize) -+ return k, nil ++ defer ossl.EVP_CIPHER_CTX_free(enc_ctx) ++ ++ var outl int32 ++ if _, err := ossl.EVP_EncryptUpdate(enc_ctx, base(dst), &outl, base(src), int32(c.blockSize)); err != nil { ++ return err ++ } ++ runtime.KeepAlive(c) ++ return nil +} + -+// GenerateKeyDSA generates a new private DSA key using the given parameters. -+func GenerateKeyDSA(params DSAParameters) (x, y BigInt, err error) { -+ pkey, err := newDSA(params, nil, nil) ++func (c *evpCipher) decrypt(dst, src []byte) error { ++ if len(src) < c.blockSize { ++ return errors.New("input not full block") ++ } ++ if len(dst) < c.blockSize { ++ return errors.New("output not full block") ++ } ++ // Only check for overlap between the parts of src and dst that will actually be used. ++ // This matches Go standard library behavior. ++ if inexactOverlap(dst[:c.blockSize], src[:c.blockSize]) { ++ return errors.New("invalid buffer overlap") ++ } ++ dec_ctx, err := newCipherCtx(c.kind, cipherModeECB, cipherOpDecrypt, c.key, nil) + if err != nil { -+ return nil, nil, err ++ return err + } -+ defer ossl.EVP_PKEY_free(pkey) -+ var bx, by ossl.BIGNUM_PTR -+ switch major() { -+ case 1: -+ dsa := getDSA(pkey) -+ ossl.DSA_get0_key(dsa, &by, &bx) -+ case 3, 4: -+ defer func() { -+ ossl.BN_clear_free(bx) -+ ossl.BN_free(by) -+ }() -+ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PUB_KEY.ptr(), &by); err != nil { -+ return nil, nil, err -+ } -+ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PRIV_KEY.ptr(), &bx); err != nil { -+ return nil, nil, err -+ } -+ default: -+ panic(errUnsupportedVersion()) ++ defer ossl.EVP_CIPHER_CTX_free(dec_ctx) ++ ++ if _, err := ossl.EVP_CIPHER_CTX_set_padding(dec_ctx, 0); err != nil { ++ return err + } -+ return bnToBig(bx), bnToBig(by), nil -+} + -+// SignDSA signs a hash (which should be the result of hashing a larger message). -+func SignDSA(priv *PrivateKeyDSA, hash []byte) ([]byte, error) { -+ return evpSign(priv.withKey, 0, 0, 0, hash) ++ var outl int32 ++ ossl.EVP_DecryptUpdate(dec_ctx, base(dst), &outl, base(src), int32(c.blockSize)) ++ runtime.KeepAlive(c) ++ return nil +} + -+// VerifyDSA verifiessig using the public key, pub. -+func VerifyDSA(pub *PublicKeyDSA, hash []byte, sig []byte) bool { -+ return evpVerify(pub.withKey, 0, 0, 0, sig, hash) == nil ++type cipherCBC struct { ++ ctx ossl.EVP_CIPHER_CTX_PTR ++ blockSize int +} + -+func newDSA(params DSAParameters, x, y BigInt) (ossl.EVP_PKEY_PTR, error) { -+ switch major() { -+ case 1: -+ return newDSA1(params, x, y) -+ case 3, 4: -+ return newDSA3(params, x, y) -+ default: -+ panic(errUnsupportedVersion()) -+ } ++func (c *cipherCBC) finalize() { ++ ossl.EVP_CIPHER_CTX_free(c.ctx) +} + -+func newDSA1(params DSAParameters, x, y BigInt) (pkey ossl.EVP_PKEY_PTR, err error) { -+ checkMajorVersion(1) ++func (x *cipherCBC) BlockSize() int { return x.blockSize } + -+ dsa, err := ossl.DSA_new() -+ if err != nil { -+ return nil, err -+ } -+ defer func() { -+ if pkey == nil { -+ ossl.DSA_free(dsa) -+ } -+ }() -+ // No need to check for errors here, DSA_set0_* functions will fail -+ // if the BNs are NULL and we will free non-NULL BNs in the error handling. -+ p, _ := bigToBN(params.P) -+ q, _ := bigToBN(params.Q) -+ g, _ := bigToBN(params.G) -+ if _, err := ossl.DSA_set0_pqg(dsa, p, q, g); err != nil { -+ ossl.BN_free(p) -+ ossl.BN_free(q) -+ ossl.BN_free(g) -+ return nil, err ++func (x *cipherCBC) CryptBlocks(dst, src []byte) { ++ if inexactOverlap(dst, src) { ++ panic("crypto/cipher: invalid buffer overlap") + } -+ if y != nil { -+ pub, _ := bigToBN(y) -+ priv, _ := bigToBN(x) -+ if _, err := ossl.DSA_set0_key(dsa, pub, priv); err != nil { -+ ossl.BN_free(pub) -+ ossl.BN_clear_free(priv) -+ return nil, err -+ } -+ } else { -+ if _, err := ossl.DSA_generate_key(dsa); err != nil { -+ return nil, err -+ } ++ if len(src)%x.blockSize != 0 { ++ panic("crypto/cipher: input not full blocks") + } -+ pkey, err = ossl.EVP_PKEY_new() -+ if err != nil { -+ return nil, err ++ if len(dst) < len(src) { ++ panic("crypto/cipher: output smaller than input") + } -+ if _, err := ossl.EVP_PKEY_assign(pkey, ossl.EVP_PKEY_DSA, unsafe.Pointer(dsa)); err != nil { -+ ossl.EVP_PKEY_free(pkey) -+ return nil, err ++ if len(src) > 0 { ++ var outl int32 ++ if _, err := ossl.EVP_CipherUpdate(x.ctx, base(dst), &outl, base(src), int32(len(src))); err != nil { ++ panic("crypto/cipher: " + err.Error()) ++ } ++ runtime.KeepAlive(x) + } -+ return pkey, nil +} + -+func newDSA3(params DSAParameters, x, y BigInt) (ossl.EVP_PKEY_PTR, error) { -+ checkMajorVersion(3, 4) -+ -+ bld := newParamBuilder() -+ defer bld.finalize() -+ -+ bld.addBigInt(_OSSL_PKEY_PARAM_FFC_P, params.P, false) -+ bld.addBigInt(_OSSL_PKEY_PARAM_FFC_Q, params.Q, false) -+ bld.addBigInt(_OSSL_PKEY_PARAM_FFC_G, params.G, false) -+ selection := int32(ossl.EVP_PKEY_KEYPAIR) -+ if y != nil { -+ bld.addBigInt(_OSSL_PKEY_PARAM_PUB_KEY, y, false) -+ if x == nil { -+ selection = ossl.EVP_PKEY_PUBLIC_KEY -+ } ++func (x *cipherCBC) SetIV(iv []byte) { ++ if len(iv) != x.blockSize { ++ panic("crypto/cipher: incorrect length IV") + } -+ if x != nil { -+ bld.addBigInt(_OSSL_PKEY_PARAM_PRIV_KEY, x, true) ++ if _, err := ossl.EVP_CipherInit_ex(x.ctx, nil, nil, nil, base(iv), int32(cipherOpNone)); err != nil { ++ panic("crypto/cipher: " + err.Error()) + } -+ bldparams, err := bld.build() ++} ++ ++func (c *evpCipher) newCBC(iv []byte, op cipherOp) cipher.BlockMode { ++ ctx, err := newCipherCtx(c.kind, cipherModeCBC, op, c.key, iv) + if err != nil { -+ return nil, err ++ panic(err) + } -+ defer ossl.OSSL_PARAM_free(bldparams) -+ pkey, err := newEvpFromParams(ossl.EVP_PKEY_DSA, selection, bldparams) -+ if err != nil { -+ return nil, err ++ x := &cipherCBC{ctx: ctx, blockSize: c.blockSize} ++ runtime.SetFinalizer(x, (*cipherCBC).finalize) ++ if _, err := ossl.EVP_CIPHER_CTX_set_padding(x.ctx, 0); err != nil { ++ panic("crypto/cipher: " + err.Error()) + } -+ if y != nil { -+ return pkey, nil ++ return x ++} ++ ++type cipherCTR struct { ++ ctx ossl.EVP_CIPHER_CTX_PTR ++} ++ ++func (x *cipherCTR) XORKeyStream(dst, src []byte) { ++ if inexactOverlap(dst, src) { ++ panic("crypto/cipher: invalid buffer overlap") + } -+ // pkey doesn't contain the public component, but the crypto/dsa package -+ // expects it to be always there. Generate a new key using pkey as domain -+ // parameters placeholder. -+ defer ossl.EVP_PKEY_free(pkey) -+ ctx, err := ossl.EVP_PKEY_CTX_new_from_pkey(nil, pkey, nil) -+ if err != nil { -+ return nil, err ++ if len(dst) < len(src) { ++ panic("crypto/cipher: output smaller than input") + } -+ defer ossl.EVP_PKEY_CTX_free(ctx) -+ if _, err := ossl.EVP_PKEY_keygen_init(ctx); err != nil { -+ return nil, err ++ if len(src) == 0 { ++ return + } -+ var gkey ossl.EVP_PKEY_PTR -+ if _, err := ossl.EVP_PKEY_keygen(ctx, &gkey); err != nil { -+ return nil, err ++ var outl int32 ++ if _, err := ossl.EVP_EncryptUpdate(x.ctx, base(dst), &outl, base(src), int32(len(src))); err != nil { ++ panic("crypto/cipher: " + err.Error()) + } -+ return gkey, nil ++ runtime.KeepAlive(x) +} + -+// getDSA returns the DSA from pkey. -+// If pkey does not contain an DSA it panics. -+// The returned key should not be freed. -+func getDSA(pkey ossl.EVP_PKEY_PTR) ossl.DSA_PTR { -+ key, err := ossl.EVP_PKEY_get0_DSA(pkey) ++func (c *evpCipher) newCTR(iv []byte) cipher.Stream { ++ ctx, err := newCipherCtx(c.kind, cipherModeCTR, cipherOpEncrypt, c.key, iv) + if err != nil { + panic(err) + } -+ return key ++ x := &cipherCTR{ctx: ctx} ++ runtime.SetFinalizer(x, (*cipherCTR).finalize) ++ return x +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ec.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ec.go -new file mode 100644 -index 00000000000000..d871a04b37942b ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ec.go -@@ -0,0 +1,132 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. + -+package openssl ++func (c *cipherCTR) finalize() { ++ ossl.EVP_CIPHER_CTX_free(c.ctx) ++} + -+import ( -+ "errors" -+ "strconv" -+ "sync" ++type cipherGCMTLS uint8 + -+ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++const ( ++ cipherGCMTLSNone cipherGCMTLS = iota ++ cipherGCMTLS12 ++ cipherGCMTLS13 +) + -+func SupportsCurve(curve string) bool { -+ switch curve { -+ case "P-224", "P-256", "P-384", "P-521": -+ return true -+ case "X25519": -+ return supportsX25519() -+ default: -+ return false -+ } ++type cipherGCM struct { ++ c *evpCipher ++ tls cipherGCMTLS ++ // minNextNonce is the minimum value that the next nonce can be, enforced by ++ // all TLS modes. ++ minNextNonce uint64 ++ // mask is the nonce mask used in TLS 1.3 mode. ++ mask uint64 ++ // maskInitialized is true if mask has been initialized. This happens during ++ // the first Seal. The initialized mask may be 0. Used by TLS 1.3 mode. ++ maskInitialized bool ++ blockSize int +} + -+var supportsX25519 = sync.OnceValue(func() bool { -+ ctx, _ := ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_X25519, nil) -+ if ctx != nil { -+ ossl.EVP_PKEY_CTX_free(ctx) -+ return true -+ } -+ return false -+}) ++const ( ++ aesBlockSize = 16 ++ gcmTagSize = 16 ++ gcmStandardNonceSize = 12 ++ // TLS 1.2 additional data is constructed as: ++ // ++ // additional_data = seq_num(8) + TLSCompressed.type(1) + TLSCompressed.version(2) + TLSCompressed.length(2); ++ gcmTls12AddSize = 13 ++ // TLS 1.3 additional data is constructed as: ++ // ++ // additional_data = TLSCiphertext.opaque_type(1) || TLSCiphertext.legacy_record_version(2) || TLSCiphertext.length(2) ++ gcmTls13AddSize = 5 ++ gcmTlsFixedNonceSize = 4 ++) + -+func curveID(curve string) int32 { -+ switch curve { -+ case "P-224": -+ return ossl.EVP_PKEY_EC -+ case "P-256": -+ return ossl.EVP_PKEY_EC -+ case "P-384": -+ return ossl.EVP_PKEY_EC -+ case "P-521": -+ return ossl.EVP_PKEY_EC -+ case "X25519": -+ return ossl.EVP_PKEY_X25519 -+ default: -+ panic("openssl: unknown curve " + curve) -+ } ++type noGCM struct { ++ *evpCipher +} + -+func curveNID(curve string) int32 { -+ switch curve { -+ case "P-224": -+ return ossl.NID_secp224r1 -+ case "P-256": -+ return ossl.NID_X9_62_prime256v1 -+ case "P-384": -+ return ossl.NID_secp384r1 -+ case "P-521": -+ return ossl.NID_secp521r1 -+ default: -+ panic("openssl: unknown curve " + curve) -+ } ++func (g *noGCM) BlockSize() int { ++ return g.blockSize +} + -+// curveSize returns the size of the curve in bytes. -+func curveSize(curve string) int { -+ switch curve { -+ case "P-224": -+ return 224 / 8 -+ case "P-256": -+ return 256 / 8 -+ case "P-384": -+ return 384 / 8 -+ case "P-521": -+ return (521 + 7) / 8 -+ default: -+ panic("openssl: unknown curve " + curve) -+ } ++func (g *noGCM) Encrypt(dst, src []byte) { ++ g.encrypt(dst, src) +} + -+// encodeEcPoint encodes pt. -+func encodeEcPoint(group ossl.EC_GROUP_PTR, pt ossl.EC_POINT_PTR) ([]byte, error) { -+ // Get encoded point size. -+ n, err := ossl.EC_POINT_point2oct(group, pt, ossl.POINT_CONVERSION_UNCOMPRESSED, nil, nil) -+ if err != nil { -+ return nil, err -+ } -+ // Encode point into bytes. -+ bytes := make([]byte, n) -+ if _, err = ossl.EC_POINT_point2oct(group, pt, ossl.POINT_CONVERSION_UNCOMPRESSED, bytes, nil); err != nil { -+ return nil, err -+ } -+ return bytes, nil ++func (g *noGCM) Decrypt(dst, src []byte) { ++ g.decrypt(dst, src) +} + -+// generateAndEncodeEcPublicKey calls newPubKeyPointFn to generate a public key point and then encodes it. -+func generateAndEncodeEcPublicKey(nid int32, newPubKeyPointFn func(group ossl.EC_GROUP_PTR) (ossl.EC_POINT_PTR, error)) ([]byte, error) { -+ group, err := ossl.EC_GROUP_new_by_curve_name(nid) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EC_GROUP_free(group) -+ pt, err := newPubKeyPointFn(group) -+ if err != nil { -+ return nil, err ++func (c *evpCipher) newGCMChecked(nonceSize, tagSize int) (cipher.AEAD, error) { ++ if nonceSize != gcmStandardNonceSize && tagSize != gcmTagSize { ++ return nil, errors.New("crypto/cipher: GCM tag and nonce sizes can't be non-standard at the same time") + } -+ defer ossl.EC_POINT_free(pt) -+ return encodeEcPoint(group, pt) -+} -+ -+func extractPKEYRawPublic(pkey ossl.EVP_PKEY_PTR, pub []byte) error { -+ keylen := len(pub) -+ if _, err := ossl.EVP_PKEY_get_raw_public_key(pkey, pub, &keylen); err != nil { -+ return err ++ // Fall back to standard library for GCM with non-standard nonce or tag size. ++ if nonceSize != gcmStandardNonceSize { ++ return cipher.NewGCMWithNonceSize(&noGCM{c}, nonceSize) + } -+ if keylen != len(pub) { -+ return errors.New("bad public key length: " + strconv.Itoa(keylen)) ++ if tagSize != gcmTagSize { ++ return cipher.NewGCMWithTagSize(&noGCM{c}, tagSize) + } -+ return nil ++ return c.newGCM(cipherGCMTLSNone) +} + -+func extractPKEYRawPrivate(pkey ossl.EVP_PKEY_PTR, pub []byte) error { -+ keylen := len(pub) -+ if _, err := ossl.EVP_PKEY_get_raw_private_key(pkey, pub, &keylen); err != nil { -+ return err -+ } -+ if keylen != len(pub) { -+ return errors.New("bad private key length: " + strconv.Itoa(keylen)) -+ } -+ return nil ++func (c *evpCipher) newGCM(tls cipherGCMTLS) (cipher.AEAD, error) { ++ g := &cipherGCM{c: c, tls: tls, blockSize: c.blockSize} ++ return g, nil +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdh.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdh.go -new file mode 100644 -index 00000000000000..7289538d753dc8 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdh.go -@@ -0,0 +1,341 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+package openssl -+ -+import ( -+ "errors" -+ "runtime" -+ "slices" -+ "unsafe" -+ -+ "github.com/microsoft/go-crypto-openssl/internal/ossl" -+) -+ -+const publicKeySizeX25519 = 32 -+const privateKeySizeX25519 = 32 + -+type PublicKeyECDH struct { -+ _pkey ossl.EVP_PKEY_PTR -+ bytes []byte ++func (g *cipherGCM) NonceSize() int { ++ return gcmStandardNonceSize +} + -+func (k *PublicKeyECDH) finalize() { -+ ossl.EVP_PKEY_free(k._pkey) ++func (g *cipherGCM) Overhead() int { ++ return gcmTagSize +} + -+type PrivateKeyECDH struct { -+ _pkey ossl.EVP_PKEY_PTR -+ curve string -+} ++func (g *cipherGCM) Seal(dst, nonce, plaintext, aad []byte) []byte { ++ if len(nonce) != gcmStandardNonceSize { ++ panic("cipher: incorrect nonce length given to GCM") ++ } ++ if uint64(len(plaintext)) > ((1<<32)-2)*uint64(g.blockSize) || len(plaintext)+gcmTagSize < len(plaintext) { ++ panic("cipher: message too large for GCM") ++ } ++ if len(dst)+len(plaintext)+gcmTagSize < len(dst) { ++ panic("cipher: message too large for buffer") ++ } ++ if g.tls != cipherGCMTLSNone { ++ if g.tls == cipherGCMTLS12 && len(aad) != gcmTls12AddSize { ++ panic("cipher: incorrect additional data length given to GCM TLS 1.2") ++ } else if g.tls == cipherGCMTLS13 && len(aad) != gcmTls13AddSize { ++ panic("cipher: incorrect additional data length given to GCM TLS 1.3") ++ } ++ counter := bigEndianUint64(nonce[gcmTlsFixedNonceSize:]) ++ if g.tls == cipherGCMTLS13 { ++ // In TLS 1.3, the counter in the nonce has a mask and requires ++ // further decoding. ++ if !g.maskInitialized { ++ // According to TLS 1.3 nonce construction details at ++ // https://tools.ietf.org/html/rfc8446#section-5.3: ++ // ++ // the first record transmitted under a particular traffic ++ // key MUST use sequence number 0. ++ // ++ // The padded sequence number is XORed with [a mask]. ++ // ++ // The resulting quantity (of length iv_length) is used as ++ // the per-record nonce. ++ // ++ // We need to convert from the given nonce to sequence numbers ++ // to keep track of minNextNonce and enforce the counter ++ // maximum. On the first call, we know counter^mask is 0^mask, ++ // so we can simply store it as the mask. ++ g.mask = counter ++ g.maskInitialized = true ++ } ++ counter ^= g.mask ++ } ++ // BoringCrypto enforces strictly monotonically increasing explicit nonces ++ // and to fail after 2^64 - 1 keys as per FIPS 140-2 IG A.5, ++ // but OpenSSL does not perform this check, so it is implemented here. ++ const maxUint64 = 1<<64 - 1 ++ if counter == maxUint64 { ++ panic("cipher: nonce counter must be less than 2^64 - 1") ++ } ++ if counter < g.minNextNonce { ++ panic("cipher: nonce counter must be strictly monotonically increasing") ++ } ++ defer func() { ++ g.minNextNonce = counter + 1 ++ }() ++ } + -+func (k *PrivateKeyECDH) finalize() { -+ ossl.EVP_PKEY_free(k._pkey) -+} ++ // Make room in dst to append plaintext+overhead. ++ ret, out := sliceForAppend(dst, len(plaintext)+gcmTagSize) + -+func NewPublicKeyECDH(curve string, bytes []byte) (*PublicKeyECDH, error) { -+ expectedLen := publicKeySizeX25519 -+ if curve != "X25519" { -+ expectedLen = 1 + 2*curveSize(curve) -+ } -+ if len(bytes) != expectedLen { -+ return nil, errors.New("NewPublicKeyECDH: wrong key length") ++ // Check delayed until now to make sure len(dst) is accurate. ++ if inexactOverlap(out, plaintext) { ++ panic("cipher: invalid buffer overlap") + } + -+ pkey, err := newECDHPkey(curve, bytes, false) ++ ctx, err := newCipherCtx(g.c.kind, cipherModeGCM, cipherOpNone, g.c.key, nil) + if err != nil { -+ return nil, err ++ panic(err) + } -+ k := &PublicKeyECDH{pkey, slices.Clone(bytes)} -+ runtime.SetFinalizer(k, (*PublicKeyECDH).finalize) -+ return k, nil -+} -+ -+func (k *PublicKeyECDH) Bytes() []byte { return k.bytes } -+ -+func NewPrivateKeyECDH(curve string, bytes []byte) (*PrivateKeyECDH, error) { -+ expectedLen := privateKeySizeX25519 -+ if curve != "X25519" { -+ expectedLen = curveSize(curve) ++ defer ossl.EVP_CIPHER_CTX_free(ctx) ++ // Encrypt additional data. ++ // When sealing a TLS payload, OpenSSL app sets the additional data using ++ // '_EVP_CIPHER_CTX_ctrl(g.ctx, _EVP_CTRL_AEAD_TLS1_AAD, _EVP_AEAD_TLS1_AAD_LEN, base(additionalData))'. ++ // This makes the explicit nonce component to monotonically increase on every Seal operation without ++ // relying in the explicit nonce being securely set externally, ++ // and it also gives some interesting speed gains. ++ // Unfortunately we can't use it because Go expects AEAD.Seal to honor the provided nonce. ++ if _, err := ossl.EVP_EncryptInit_ex(ctx, nil, nil, nil, base(nonce)); err != nil { ++ panic(err) + } -+ if len(bytes) != expectedLen { -+ return nil, errors.New("NewPrivateKeyECDH: wrong key length") ++ var outl, discard int32 ++ if _, err := ossl.EVP_EncryptUpdate(ctx, nil, &discard, baseNeverEmpty(aad), int32(len(aad))); err != nil { ++ panic(err) + } -+ pkey, err := newECDHPkey(curve, bytes, true) -+ if err != nil { -+ return nil, err ++ if _, err := ossl.EVP_EncryptUpdate(ctx, base(out), &outl, baseNeverEmpty(plaintext), int32(len(plaintext))); err != nil { ++ panic(err) + } -+ k := &PrivateKeyECDH{pkey, curve} -+ runtime.SetFinalizer(k, (*PrivateKeyECDH).finalize) -+ return k, nil -+} -+ -+func (k *PrivateKeyECDH) PublicKey() (*PublicKeyECDH, error) { -+ defer runtime.KeepAlive(k) -+ var pkey ossl.EVP_PKEY_PTR -+ defer func() { -+ ossl.EVP_PKEY_free(pkey) -+ }() -+ -+ var bytes []byte -+ if k.curve == "X25519" { -+ pkey = k._pkey -+ if _, err := ossl.EVP_PKEY_up_ref(pkey); err != nil { -+ return nil, err -+ } -+ bytes = make([]byte, publicKeySizeX25519) -+ if err := extractPKEYRawPublic(pkey, bytes); err != nil { -+ return nil, err -+ } -+ } else { -+ switch major() { -+ case 1: -+ var err error -+ pkey, err = ossl.EVP_PKEY_new() -+ if err != nil { -+ return nil, err -+ } -+ key := getECKey(k._pkey) -+ if _, err := ossl.EVP_PKEY_set1_EC_KEY(pkey, key); err != nil { -+ return nil, err -+ } -+ pt := ossl.EC_KEY_get0_public_key(key) -+ if pt == nil { -+ return nil, fail("missing ECDH public key") -+ } -+ group := ossl.EC_KEY_get0_group(key) -+ if bytes, err = encodeEcPoint(group, pt); err != nil { -+ return nil, err -+ } -+ case 3, 4: -+ pkey = k._pkey -+ if _, err := ossl.EVP_PKEY_up_ref(pkey); err != nil { -+ return nil, err -+ } -+ var cbytes *byte -+ n, err := ossl.EVP_PKEY_get1_encoded_public_key(k._pkey, &cbytes) -+ if err != nil { -+ return nil, err -+ } -+ bytes = goBytes(unsafe.Pointer(cbytes), n) -+ cryptoFree(unsafe.Pointer(cbytes)) -+ default: -+ panic(errUnsupportedVersion()) -+ } ++ if len(plaintext) != int(outl) { ++ panic("cipher: incorrect length returned from GCM EncryptUpdate") + } -+ pub := &PublicKeyECDH{pkey, bytes} -+ pkey = nil -+ runtime.SetFinalizer(pub, (*PublicKeyECDH).finalize) -+ return pub, nil -+} -+ -+func newECDHPkey(curve string, bytes []byte, isPrivate bool) (ossl.EVP_PKEY_PTR, error) { -+ if curve == "X25519" { -+ if isPrivate { -+ return ossl.EVP_PKEY_new_raw_private_key(ossl.EVP_PKEY_X25519, nil, bytes) -+ } else { -+ return ossl.EVP_PKEY_new_raw_public_key(ossl.EVP_PKEY_X25519, nil, bytes) -+ } ++ if _, err := ossl.EVP_EncryptFinal_ex(ctx, base(out[outl:]), &discard); err != nil { ++ panic(err) + } -+ nid := curveNID(curve) -+ switch major() { -+ case 1: -+ return newECDHPkey1(nid, bytes, isPrivate) -+ case 3, 4: -+ return newECDHPkey3(nid, bytes, isPrivate) -+ default: -+ panic(errUnsupportedVersion()) ++ if _, err := ossl.EVP_CIPHER_CTX_ctrl(ctx, ossl.EVP_CTRL_GCM_GET_TAG, 16, unsafe.Pointer(base(out[outl:]))); err != nil { ++ panic(err) + } ++ runtime.KeepAlive(g) ++ return ret +} + -+func newECDHPkey1(nid int32, bytes []byte, isPrivate bool) (pkey ossl.EVP_PKEY_PTR, err error) { -+ checkMajorVersion(1) -+ -+ key, err := ossl.EC_KEY_new_by_curve_name(nid) -+ if err != nil { -+ return nil, err ++func (g *cipherGCM) SealWithRandomNonce(out, nonce, plaintext, aad []byte) { ++ if uint64(len(plaintext)) > uint64((1<<32)-2)*aesBlockSize { ++ panic("crypto/cipher: message too large for GCM") + } -+ defer func() { -+ if pkey == nil { -+ ossl.EC_KEY_free(key) -+ } -+ }() -+ group := ossl.EC_KEY_get0_group(key) -+ if isPrivate { -+ priv, err := ossl.BN_bin2bn(bytes, nil) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.BN_clear_free(priv) -+ if _, err := ossl.EC_KEY_set_private_key(key, priv); err != nil { -+ return nil, err -+ } -+ pub, err := pointMult(group, priv) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EC_POINT_free(pub) -+ if _, err := ossl.EC_KEY_set_public_key(key, pub); err != nil { -+ return nil, err -+ } -+ } else { -+ pub, err := ossl.EC_POINT_new(group) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EC_POINT_free(pub) -+ if _, err := ossl.EC_POINT_oct2point(group, pub, bytes, nil); err != nil { -+ return nil, err -+ } -+ if _, err := ossl.EC_KEY_set_public_key(key, pub); err != nil { -+ return nil, err -+ } ++ if len(nonce) != gcmStandardNonceSize { ++ panic("crypto/cipher: incorrect nonce length given to GCMWithRandomNonce") + } -+ if _, err := ossl.EC_KEY_check_key(key); err != nil { -+ // Match upstream error message. -+ if isPrivate { -+ return nil, errors.New("crypto/ecdh: invalid private key") -+ } else { -+ return nil, errors.New("crypto/ecdh: invalid public key") -+ } ++ if len(out) != len(plaintext)+gcmTagSize { ++ panic("crypto/cipher: incorrect output length given to GCMWithRandomNonce") + } -+ return newEVPPKEY(key) -+} -+ -+func newECDHPkey3(nid int32, bytes []byte, isPrivate bool) (ossl.EVP_PKEY_PTR, error) { -+ checkMajorVersion(3, 4) -+ -+ bld := newParamBuilder() -+ defer bld.finalize() -+ bld.addUTF8String(_OSSL_PKEY_PARAM_GROUP_NAME, ossl.OBJ_nid2sn(nid), 0) -+ var selection int32 -+ if isPrivate { -+ priv, err := ossl.BN_bin2bn(bytes, nil) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.BN_clear_free(priv) -+ pubBytes, err := generateAndEncodeEcPublicKey(nid, func(group ossl.EC_GROUP_PTR) (ossl.EC_POINT_PTR, error) { -+ return pointMult(group, priv) -+ }) -+ if err != nil { -+ return nil, err -+ } -+ bld.addOctetString(_OSSL_PKEY_PARAM_PUB_KEY, pubBytes) -+ bld.addBN(_OSSL_PKEY_PARAM_PRIV_KEY, priv) -+ selection = ossl.EVP_PKEY_KEYPAIR -+ } else { -+ bld.addOctetString(_OSSL_PKEY_PARAM_PUB_KEY, bytes) -+ selection = ossl.EVP_PKEY_PUBLIC_KEY ++ if inexactOverlap(out, plaintext) { ++ panic("crypto/cipher: invalid buffer overlap of output and input") ++ } ++ if anyOverlap(out, aad) { ++ panic("crypto/cipher: invalid buffer overlap of output and additional data") + } + -+ params, err := bld.build() -+ if err != nil { -+ return nil, err ++ if g.tls != cipherGCMTLSNone { ++ panic("cipher: encryption failed") + } -+ defer ossl.OSSL_PARAM_free(params) -+ pkey, err := newEvpFromParams(ossl.EVP_PKEY_EC, selection, params) ++ ++ RandReader.Read(nonce) ++ ctx, err := newCipherCtx(g.c.kind, cipherModeGCM, cipherOpNone, g.c.key, nil) + if err != nil { -+ return nil, err ++ panic(err) + } ++ defer ossl.EVP_CIPHER_CTX_free(ctx) + -+ if err := checkPkey(pkey, isPrivate); err != nil { -+ ossl.EVP_PKEY_free(pkey) -+ return nil, errors.New("crypto/ecdh: " + err.Error()) ++ if _, err := ossl.EVP_EncryptInit_ex(ctx, nil, nil, nil, base(nonce)); err != nil { ++ panic(err) + } -+ return pkey, nil ++ var outl, discard int32 ++ if _, err := ossl.EVP_EncryptUpdate(ctx, nil, &discard, baseNeverEmpty(aad), int32(len(aad))); err != nil { ++ panic(err) ++ } ++ if _, err := ossl.EVP_EncryptUpdate(ctx, base(out), &outl, baseNeverEmpty(plaintext), int32(len(plaintext))); err != nil { ++ panic(err) ++ } ++ if len(plaintext) != int(outl) { ++ panic("cipher: incorrect length returned from GCM EncryptUpdate") ++ } ++ if _, err := ossl.EVP_EncryptFinal_ex(ctx, base(out[outl:]), &discard); err != nil { ++ panic(err) ++ } ++ if _, err := ossl.EVP_CIPHER_CTX_ctrl(ctx, ossl.EVP_CTRL_GCM_GET_TAG, 16, unsafe.Pointer(base(out[outl:]))); err != nil { ++ panic(err) ++ } ++ runtime.KeepAlive(g) +} + -+func pointMult(group ossl.EC_GROUP_PTR, priv ossl.BIGNUM_PTR) (ossl.EC_POINT_PTR, error) { -+ // OpenSSL does not expose any method to generate the public -+ // key from the private key [1], so we have to calculate it here. -+ // [1] https://github.com/openssl/openssl/issues/18437#issuecomment-1144717206 -+ pt, err := ossl.EC_POINT_new(group) -+ if err != nil { -+ return nil, err ++var errOpen = errors.New("cipher: message authentication failed") ++ ++func (g *cipherGCM) Open(dst, nonce, ciphertext, aad []byte) (_ []byte, err error) { ++ if len(nonce) != gcmStandardNonceSize { ++ panic("cipher: incorrect nonce length given to GCM") + } -+ if _, err := ossl.EC_POINT_mul(group, pt, priv, nil, nil, nil); err != nil { -+ ossl.EC_POINT_free(pt) -+ return nil, err ++ if len(ciphertext) < gcmTagSize { ++ return nil, errOpen ++ } ++ if uint64(len(ciphertext)) > ((1<<32)-2)*uint64(g.blockSize)+gcmTagSize { ++ return nil, errOpen ++ } ++ // BoringCrypto does not do any TLS check when decrypting, neither do we. ++ ++ tag := ciphertext[len(ciphertext)-gcmTagSize:] ++ ciphertext = ciphertext[:len(ciphertext)-gcmTagSize] ++ ++ // Make room in dst to append ciphertext without tag. ++ ret, out := sliceForAppend(dst, len(ciphertext)) ++ ++ // Check delayed until now to make sure len(dst) is accurate. ++ if inexactOverlap(out, ciphertext) { ++ panic("cipher: invalid buffer overlap") + } -+ return pt, nil -+} + -+func ECDH(priv *PrivateKeyECDH, pub *PublicKeyECDH) ([]byte, error) { -+ defer runtime.KeepAlive(priv) -+ defer runtime.KeepAlive(pub) -+ ctx, err := ossl.EVP_PKEY_CTX_new(priv._pkey, nil) ++ ctx, err := newCipherCtx(g.c.kind, cipherModeGCM, cipherOpNone, g.c.key, nil) + if err != nil { + return nil, err + } -+ defer ossl.EVP_PKEY_CTX_free(ctx) -+ if _, err := ossl.EVP_PKEY_derive_init(ctx); err != nil { -+ return nil, err ++ defer ossl.EVP_CIPHER_CTX_free(ctx) ++ ++ defer func() { ++ if err != nil { ++ // Zero output buffer on error. ++ for i := range out { ++ out[i] = 0 ++ } ++ } ++ }() ++ if _, err := ossl.EVP_DecryptInit_ex(ctx, nil, nil, nil, base(nonce)); err != nil { ++ return nil, errOpen + } -+ if _, err := ossl.EVP_PKEY_derive_set_peer(ctx, pub._pkey); err != nil { -+ return nil, err ++ if _, err := ossl.EVP_CIPHER_CTX_ctrl(ctx, ossl.EVP_CTRL_GCM_SET_TAG, 16, unsafe.Pointer(base(tag))); err != nil { ++ return nil, errOpen + } -+ var keylen int -+ if _, err := ossl.EVP_PKEY_derive(ctx, nil, &keylen); err != nil { -+ return nil, err ++ var outl, discard int32 ++ if _, err := ossl.EVP_DecryptUpdate(ctx, nil, &discard, baseNeverEmpty(aad), int32(len(aad))); err != nil { ++ return nil, errOpen + } -+ out := make([]byte, keylen) -+ if _, err := ossl.EVP_PKEY_derive(ctx, out, &keylen); err != nil { -+ return nil, err ++ if _, err := ossl.EVP_DecryptUpdate(ctx, base(out), &outl, baseNeverEmpty(ciphertext), int32(len(ciphertext))); err != nil { ++ return nil, errOpen + } -+ return out, nil ++ if len(ciphertext) != int(outl) { ++ return nil, errOpen ++ } ++ if _, err := ossl.EVP_DecryptFinal_ex(ctx, base(out[outl:]), &discard); err != nil { ++ return nil, errOpen ++ } ++ runtime.KeepAlive(g) ++ return ret, nil +} + -+func GenerateKeyECDH(curve string) (*PrivateKeyECDH, []byte, error) { -+ pkey, err := generateEVPPKey(curveID(curve), 0, curve) ++// sliceForAppend is a mirror of crypto/cipher.sliceForAppend. ++func sliceForAppend(in []byte, n int) (head, tail []byte) { ++ if total := len(in) + n; cap(in) >= total { ++ head = in[:total] ++ } else { ++ head = make([]byte, total) ++ copy(head, in) ++ } ++ tail = head[len(in):] ++ return ++} ++ ++func newCipherCtx(kind cipherKind, mode cipherMode, encrypt cipherOp, key, iv []byte) (_ ossl.EVP_CIPHER_CTX_PTR, err error) { ++ cipher := loadCipher(kind, mode) ++ if cipher == nil { ++ panic("crypto/cipher: unsupported cipher: " + kind.String()) ++ } ++ ctx, err := ossl.EVP_CIPHER_CTX_new() + if err != nil { -+ return nil, nil, err ++ return nil, err + } -+ var k *PrivateKeyECDH + defer func() { -+ if k == nil { -+ ossl.EVP_PKEY_free(pkey) ++ if err != nil { ++ ossl.EVP_CIPHER_CTX_free(ctx) + } + }() -+ var bytes []byte -+ if curve == "X25519" { -+ bytes = make([]byte, privateKeySizeX25519) -+ keylen := len(bytes) -+ if _, err := ossl.EVP_PKEY_get_raw_private_key(pkey, bytes, &keylen); err != nil { -+ return nil, nil, err -+ } -+ } else { -+ var priv ossl.BIGNUM_PTR -+ switch major() { -+ case 1: -+ key := getECKey(pkey) -+ priv = ossl.EC_KEY_get0_private_key(key) -+ if priv == nil { -+ return nil, nil, fail("missing ECDH private key") -+ } -+ case 3, 4: -+ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PRIV_KEY.ptr(), &priv); err != nil { -+ return nil, nil, err -+ } -+ defer ossl.BN_clear_free(priv) -+ default: -+ panic(errUnsupportedVersion()) -+ } -+ // We should not leak bit length of the secret scalar in the key. -+ // For this reason, we use BN_bn2binpad instead of BN_bn2bin with fixed length. -+ // The fixed length is the order of the large prime subgroup of the curve, -+ // returned by EVP_PKEY_get_bits, which is generally the upper bound for -+ // generating a private ECDH key. -+ bits, err := ossl.EVP_PKEY_get_bits(pkey) -+ if err != nil { -+ return nil, nil, err ++ if kind == cipherRC4 { ++ // RC4 cipher supports a variable key length. ++ // We need to set the key length before setting the key, ++ // and to do so we need to have an initialized cipher ctx. ++ if _, err := ossl.EVP_CipherInit_ex(ctx, cipher, nil, nil, nil, int32(encrypt)); err != nil { ++ return nil, err + } -+ bytes = make([]byte, (bits+7)/8) -+ if err := bnToBinPad(priv, bytes); err != nil { -+ return nil, nil, err ++ if _, err := ossl.EVP_CIPHER_CTX_set_key_length(ctx, int32(len(key))); err != nil { ++ return nil, err + } ++ // Pass nil to the next call to EVP_CipherInit_ex to avoid resetting ctx's cipher. ++ cipher = nil + } -+ k = &PrivateKeyECDH{pkey, curve} -+ runtime.SetFinalizer(k, (*PrivateKeyECDH).finalize) -+ return k, bytes, nil ++ if _, err := ossl.EVP_CipherInit_ex(ctx, cipher, nil, base(key), base(iv), int32(encrypt)); err != nil { ++ return nil, err ++ } ++ return ctx, nil +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdsa.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdsa.go ++ ++// The following two functions are a mirror of golang.org/x/crypto/internal/subtle. ++ ++func anyOverlap(x, y []byte) bool { ++ return len(x) > 0 && len(y) > 0 && ++ uintptr(unsafe.Pointer(&x[0])) <= uintptr(unsafe.Pointer(&y[len(y)-1])) && ++ uintptr(unsafe.Pointer(&y[0])) <= uintptr(unsafe.Pointer(&x[len(x)-1])) ++} ++ ++func inexactOverlap(x, y []byte) bool { ++ if len(x) == 0 || len(y) == 0 || &x[0] == &y[0] { ++ return false ++ } ++ return anyOverlap(x, y) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/const.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/const.go new file mode 100644 -index 00000000000000..d96c368fe1ca76 +index 00000000000000..9f99a9dc456242 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdsa.go -@@ -0,0 +1,220 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/const.go +@@ -0,0 +1,93 @@ +package openssl + -+import ( -+ "crypto" -+ "runtime" ++import "C" ++import "unsafe" + -+ "github.com/microsoft/go-crypto-openssl/internal/ossl" -+) ++// cString is a null-terminated string, ++// akin to C's char*. ++type cString string + -+type PrivateKeyECDSA struct { -+ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. -+ _pkey ossl.EVP_PKEY_PTR ++// str returns the string value. ++func (s cString) str() string { ++ return string(s) +} + -+func (k *PrivateKeyECDSA) finalize() { -+ ossl.EVP_PKEY_free(k._pkey) ++// ptr returns a pointer to the string data. ++// It panics if the string is not null-terminated. ++// ++// The memory pointed to by the returned pointer should ++// not be modified and it must only be passed to ++// "const char*" parameters. Any attempt to modify it ++// will result in a runtime panic, as Go strings are ++// allocated in read-only memory. ++func (s cString) ptr() *byte { ++ if len(s) == 0 { ++ return nil ++ } ++ if s[len(s)-1] != 0 { ++ panic("must be null-terminated") ++ } ++ return unsafe.StringData(string(s)) +} + -+func (k *PrivateKeyECDSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { -+ defer runtime.KeepAlive(k) -+ return f(k._pkey) -+} ++const ( //checkheader:ignore ++ // Provider names ++ _ProviderNameFips cString = "fips\x00" ++ _ProviderNameDefault cString = "default\x00" + -+type PublicKeyECDSA struct { -+ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. -+ _pkey ossl.EVP_PKEY_PTR -+} ++ // Property strings ++ _PropFIPSYes cString = "fips=yes\x00" ++ _PropFIPSNo cString = "-fips\x00" + -+func (k *PublicKeyECDSA) finalize() { -+ ossl.EVP_PKEY_free(k._pkey) -+} ++ // Key types ++ _KeyTypeRSA cString = "RSA\x00" ++ _KeyTypeEC cString = "EC\x00" ++ _KeyTypeED25519 cString = "ED25519\x00" + -+func (k *PublicKeyECDSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { -+ defer runtime.KeepAlive(k) -+ return f(k._pkey) -+} ++ // Digest Names ++ _DigestNameSHA2_256 cString = "SHA2-256\x00" + -+func NewPublicKeyECDSA(curve string, x, y BigInt) (*PublicKeyECDSA, error) { -+ pkey, err := newECDSAKey(curve, x, y, nil) -+ if err != nil { -+ return nil, err -+ } -+ k := &PublicKeyECDSA{_pkey: pkey} -+ runtime.SetFinalizer(k, (*PublicKeyECDSA).finalize) -+ return k, nil -+} ++ // KDF names ++ _OSSL_KDF_NAME_HKDF cString = "HKDF\x00" ++ _OSSL_KDF_NAME_PBKDF2 cString = "PBKDF2\x00" ++ _OSSL_KDF_NAME_TLS1_PRF cString = "TLS1-PRF\x00" ++ _OSSL_KDF_NAME_TLS13_KDF cString = "TLS13-KDF\x00" ++ _OSSL_MAC_NAME_HMAC cString = "HMAC\x00" + -+func NewPrivateKeyECDSA(curve string, x, y, d BigInt) (*PrivateKeyECDSA, error) { -+ pkey, err := newECDSAKey(curve, x, y, d) -+ if err != nil { -+ return nil, err -+ } -+ k := &PrivateKeyECDSA{_pkey: pkey} -+ runtime.SetFinalizer(k, (*PrivateKeyECDSA).finalize) -+ return k, nil -+} ++ // KDF parameters ++ _OSSL_KDF_PARAM_DIGEST cString = "digest\x00" ++ _OSSL_KDF_PARAM_SECRET cString = "secret\x00" ++ _OSSL_KDF_PARAM_SEED cString = "seed\x00" ++ _OSSL_KDF_PARAM_KEY cString = "key\x00" ++ _OSSL_KDF_PARAM_INFO cString = "info\x00" ++ _OSSL_KDF_PARAM_SALT cString = "salt\x00" ++ _OSSL_KDF_PARAM_MODE cString = "mode\x00" + -+func GenerateKeyECDSA(curve string) (x, y, d BigInt, err error) { -+ // Generate the private key. -+ pkey, err := generateEVPPKey(ossl.EVP_PKEY_EC, 0, curve) -+ if err != nil { -+ return nil, nil, nil, err -+ } -+ defer ossl.EVP_PKEY_free(pkey) ++ // TLS3-KDF parameters ++ _OSSL_KDF_PARAM_PREFIX cString = "prefix\x00" ++ _OSSL_KDF_PARAM_LABEL cString = "label\x00" ++ _OSSL_KDF_PARAM_DATA cString = "data\x00" + -+ var bx, by, bd ossl.BIGNUM_PTR -+ defer func() { -+ ossl.BN_free(bx) -+ ossl.BN_free(by) -+ }() -+ switch major() { -+ case 1: -+ // Retrieve the internal EC_KEY, which holds the X, Y, and D coordinates. -+ key := getECKey(pkey) -+ group := ossl.EC_KEY_get0_group(key) -+ pt := ossl.EC_KEY_get0_public_key(key) -+ // Allocate two big numbers to store the X and Y coordinates. -+ bx, err = ossl.BN_new() -+ if err != nil { -+ return nil, nil, nil, err -+ } -+ by, err = ossl.BN_new() -+ if err != nil { -+ return nil, nil, nil, err -+ } -+ // Get X and Y. -+ if _, err := ossl.EC_POINT_get_affine_coordinates_GFp(group, pt, bx, by, nil); err != nil { -+ return nil, nil, nil, err -+ } -+ // Get Z. We don't need to free it, get0 does not increase the reference count. -+ bd = ossl.EC_KEY_get0_private_key(key) -+ case 3, 4: -+ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_EC_PUB_X.ptr(), &bx); err != nil { -+ return nil, nil, nil, err -+ } -+ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_EC_PUB_Y.ptr(), &by); err != nil { -+ return nil, nil, nil, err -+ } -+ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PRIV_KEY.ptr(), &bd); err != nil { -+ return nil, nil, nil, err -+ } -+ defer ossl.BN_clear_free(bd) -+ default: -+ panic(errUnsupportedVersion()) -+ } ++ // PKEY parameters ++ _OSSL_PKEY_PARAM_PUB_KEY cString = "pub\x00" ++ _OSSL_PKEY_PARAM_PRIV_KEY cString = "priv\x00" ++ _OSSL_PKEY_PARAM_GROUP_NAME cString = "group\x00" ++ _OSSL_PKEY_PARAM_EC_PUB_X cString = "qx\x00" ++ _OSSL_PKEY_PARAM_EC_PUB_Y cString = "qy\x00" ++ _OSSL_PKEY_PARAM_FFC_PBITS cString = "pbits\x00" ++ _OSSL_PKEY_PARAM_FFC_QBITS cString = "qbits\x00" ++ _OSSL_PKEY_PARAM_RSA_N cString = "n\x00" ++ _OSSL_PKEY_PARAM_RSA_E cString = "e\x00" ++ _OSSL_PKEY_PARAM_RSA_D cString = "d\x00" ++ _OSSL_PKEY_PARAM_FFC_P cString = "p\x00" ++ _OSSL_PKEY_PARAM_FFC_Q cString = "q\x00" ++ _OSSL_PKEY_PARAM_FFC_G cString = "g\x00" ++ _OSSL_PKEY_PARAM_RSA_FACTOR1 cString = "rsa-factor1\x00" ++ _OSSL_PKEY_PARAM_RSA_FACTOR2 cString = "rsa-factor2\x00" ++ _OSSL_PKEY_PARAM_RSA_EXPONENT1 cString = "rsa-exponent1\x00" ++ _OSSL_PKEY_PARAM_RSA_EXPONENT2 cString = "rsa-exponent2\x00" ++ _OSSL_PKEY_PARAM_RSA_COEFFICIENT1 cString = "rsa-coefficient1\x00" ++ ++ // MAC parameters ++ _OSSL_MAC_PARAM_DIGEST cString = "digest\x00" ++) +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/des.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/des.go +new file mode 100644 +index 00000000000000..78ecb9888e18cb +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/des.go +@@ -0,0 +1,113 @@ ++//go:build !cmd_go_bootstrap ++ ++package openssl + -+ // Get D. -+ return bnToBig(bx), bnToBig(by), bnToBig(bd), nil -+} ++import "C" ++import ( ++ "crypto/cipher" ++ "errors" ++) + -+func SignMarshalECDSA(priv *PrivateKeyECDSA, hash []byte) ([]byte, error) { -+ return evpSign(priv.withKey, 0, 0, 0, hash) ++// SupportsDESCipher returns true if NewDESCipher is supported, ++// which uses ECB mode. ++// If CBC is also supported, then the returned cipher.Block ++// will also implement NewCBCEncrypter and NewCBCDecrypter. ++func SupportsDESCipher() bool { ++ // True for stock OpenSSL 1 w/o FIPS. ++ // False for stock OpenSSL 3 unless the legacy provider is available. ++ return (versionAtOrAbove(3, 0, 0) || !FIPS()) && loadCipher(cipherDES, cipherModeECB) != nil +} + -+func HashSignECDSA(priv *PrivateKeyECDSA, h crypto.Hash, msg []byte) ([]byte, error) { -+ return evpHashSign(priv.withKey, h, msg) ++// SupportsTripleDESCipher returns true if NewTripleDESCipher is supported, ++// which uses ECB mode. ++// If CBC is also supported, then the returned cipher.Block ++// will also implement NewCBCEncrypter and NewCBCDecrypter. ++func SupportsTripleDESCipher() bool { ++ // Should always be true for stock OpenSSL, ++ // even when using the FIPS provider. ++ return loadCipher(cipherDES3, cipherModeECB) != nil +} + -+func VerifyECDSA(pub *PublicKeyECDSA, hash []byte, sig []byte) bool { -+ return evpVerify(pub.withKey, 0, 0, 0, sig, hash) == nil ++func NewDESCipher(key []byte) (cipher.Block, error) { ++ if len(key) != 8 { ++ return nil, errors.New("crypto/des: invalid key size") ++ } ++ return newDESCipher(key, cipherDES) +} + -+func HashVerifyECDSA(pub *PublicKeyECDSA, h crypto.Hash, msg, sig []byte) bool { -+ return evpHashVerify(pub.withKey, h, msg, sig) == nil ++func NewTripleDESCipher(key []byte) (cipher.Block, error) { ++ if len(key) != 24 { ++ return nil, errors.New("crypto/des: invalid key size") ++ } ++ return newDESCipher(key, cipherDES3) +} + -+func newECDSAKey(curve string, x, y, d BigInt) (ossl.EVP_PKEY_PTR, error) { -+ nid := curveNID(curve) -+ bx, err := bigToBN(x) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.BN_free(bx) -+ by, err := bigToBN(y) ++func newDESCipher(key []byte, kind cipherKind) (cipher.Block, error) { ++ c, err := newEVPCipher(key, kind) + if err != nil { + return nil, err + } -+ defer ossl.BN_free(by) -+ var bd ossl.BIGNUM_PTR -+ if d != nil { -+ bd, err = bigToBN(d) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.BN_clear_free(bd) -+ } -+ switch major() { -+ case 1: -+ return newECDSAKey1(nid, bx, by, bd) -+ case 3, 4: -+ return newECDSAKey3(nid, bx, by, bd) -+ default: -+ panic(errUnsupportedVersion()) ++ if loadCipher(kind, cipherModeCBC) == nil { ++ return &desCipherWithoutCBC{c}, nil + } ++ return &desCipher{c}, nil +} + -+func newECDSAKey1(nid int32, bx, by, bd ossl.BIGNUM_PTR) (pkey ossl.EVP_PKEY_PTR, err error) { -+ checkMajorVersion(1) ++type desExtraModes interface { ++ NewCBCEncrypter(iv []byte) cipher.BlockMode ++ NewCBCDecrypter(iv []byte) cipher.BlockMode ++} + -+ key, err := ossl.EC_KEY_new_by_curve_name(nid) -+ if err != nil { -+ return nil, err -+ } -+ defer func() { -+ if pkey == nil { -+ defer ossl.EC_KEY_free(key) -+ } -+ }() -+ if _, err := ossl.EC_KEY_set_public_key_affine_coordinates(key, bx, by); err != nil { -+ return nil, err ++var _ desExtraModes = (*desCipher)(nil) ++ ++type desCipher struct { ++ *evpCipher ++} ++ ++func (c *desCipher) BlockSize() int { ++ return c.blockSize ++} ++ ++func (c *desCipher) Encrypt(dst, src []byte) { ++ if err := c.encrypt(dst, src); err != nil { ++ // crypto/des expects that the panic message starts with "crypto/des: ". ++ panic("crypto/des: " + err.Error()) + } -+ if bd != nil { -+ if _, err := ossl.EC_KEY_set_private_key(key, bd); err != nil { -+ return nil, err -+ } ++} ++ ++func (c *desCipher) Decrypt(dst, src []byte) { ++ if err := c.decrypt(dst, src); err != nil { ++ // crypto/des expects that the panic message starts with "crypto/des: ". ++ panic("crypto/des: " + err.Error()) + } ++} + -+ return newEVPPKEY(key) ++func (c *desCipher) NewCBCEncrypter(iv []byte) cipher.BlockMode { ++ return c.newCBC(iv, cipherOpEncrypt) +} + -+func newECDSAKey3(nid int32, bx, by, bd ossl.BIGNUM_PTR) (ossl.EVP_PKEY_PTR, error) { -+ checkMajorVersion(3, 4) ++func (c *desCipher) NewCBCDecrypter(iv []byte) cipher.BlockMode { ++ return c.newCBC(iv, cipherOpDecrypt) ++} + -+ // Create the encoded public key public key from bx and by. -+ pubBytes, err := generateAndEncodeEcPublicKey(nid, func(group ossl.EC_GROUP_PTR) (ossl.EC_POINT_PTR, error) { -+ pt, err := ossl.EC_POINT_new(group) -+ if err != nil { -+ return nil, err -+ } -+ if _, err := ossl.EC_POINT_set_affine_coordinates(group, pt, bx, by, nil); err != nil { -+ ossl.EC_POINT_free(pt) -+ return nil, err -+ } -+ return pt, nil -+ }) -+ if err != nil { -+ return nil, err -+ } -+ // Construct the parameters. -+ bld := newParamBuilder() -+ defer bld.finalize() -+ bld.addUTF8String(_OSSL_PKEY_PARAM_GROUP_NAME, ossl.OBJ_nid2sn(nid), 0) -+ bld.addOctetString(_OSSL_PKEY_PARAM_PUB_KEY, pubBytes) -+ var selection int32 -+ if bd != nil { -+ bld.addBN(_OSSL_PKEY_PARAM_PRIV_KEY, bd) -+ selection = ossl.EVP_PKEY_KEYPAIR -+ } else { -+ selection = ossl.EVP_PKEY_PUBLIC_KEY ++type desCipherWithoutCBC struct { ++ *evpCipher ++} ++ ++func (c *desCipherWithoutCBC) BlockSize() int { ++ return c.blockSize ++} ++ ++func (c *desCipherWithoutCBC) Encrypt(dst, src []byte) { ++ if err := c.encrypt(dst, src); err != nil { ++ // crypto/des expects that the panic message starts with "crypto/des: ". ++ panic("crypto/des: " + err.Error()) + } -+ params, err := bld.build() -+ if err != nil { -+ return nil, err ++} ++ ++func (c *desCipherWithoutCBC) Decrypt(dst, src []byte) { ++ if err := c.decrypt(dst, src); err != nil { ++ // crypto/des expects that the panic message starts with "crypto/des: ". ++ panic("crypto/des: " + err.Error()) + } -+ defer ossl.OSSL_PARAM_free(params) -+ return newEvpFromParams(ossl.EVP_PKEY_EC, selection, params) +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ed25519.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ed25519.go +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/dsa.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/dsa.go new file mode 100644 -index 00000000000000..205b01cd36b206 +index 00000000000000..a3ebbee02fac7b --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ed25519.go -@@ -0,0 +1,209 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/dsa.go +@@ -0,0 +1,309 @@ ++//go:build !cmd_go_bootstrap + +package openssl + ++import "C" +import ( -+ "errors" + "runtime" -+ "strconv" -+ "sync" ++ "unsafe" + + "github.com/microsoft/go-crypto-openssl/internal/ossl" +) + -+const ( -+ // publicKeySizeEd25519 is the size, in bytes, of public keys as used in crypto/ed25519. -+ publicKeySizeEd25519 = 32 -+ // privateKeySizeEd25519 is the size, in bytes, of private keys as used in crypto/ed25519. -+ privateKeySizeEd25519 = 64 -+ // signatureSizeEd25519 is the size, in bytes, of signatures generated and verified by crypto/ed25519. -+ signatureSizeEd25519 = 64 -+ // seedSizeEd25519 is the size, in bytes, of private key seeds. These are the private key representations used by RFC 8032. -+ seedSizeEd25519 = 32 -+) -+ -+// TODO: Add support for Ed25519ph and Ed25519ctx when OpenSSL supports them, -+// which will probably be in 3.2.0 (https://github.com/openssl/openssl/issues/20418). -+ -+var supportsEd25519 = sync.OnceValue(func() bool { -+ switch major() { -+ case 1: -+ ctx, _ := ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_ED25519, nil) -+ if ctx != nil { -+ ossl.EVP_PKEY_CTX_free(ctx) -+ return true -+ } -+ case 3, 4: -+ sig, _ := ossl.EVP_SIGNATURE_fetch(nil, _KeyTypeED25519.ptr(), nil) -+ if sig != nil { -+ ossl.EVP_SIGNATURE_free(sig) -+ return true -+ } ++// SupportsDSA returns true if the OpenSSL library supports DSA. ++func SupportsDSA() bool { ++ ctx, err := ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_DSA, nil) ++ if err != nil { ++ return false + } -+ return false -+}) -+ -+// SupportsEd25519 returns true if the current OpenSSL version supports -+// GenerateKeyEd25519, NewKeyFromSeedEd25519, SignEd25519 and VerifyEd25519. -+func SupportsEd25519() bool { -+ return supportsEd25519() -+} -+ -+type PublicKeyEd25519 struct { -+ _pkey ossl.EVP_PKEY_PTR ++ ossl.EVP_PKEY_CTX_free(ctx) ++ return true +} + -+func (k *PublicKeyEd25519) finalize() { -+ ossl.EVP_PKEY_free(k._pkey) ++// DSAParameters contains the DSA parameters. ++type DSAParameters struct { ++ P, Q, G BigInt +} + -+func (k *PublicKeyEd25519) Bytes() ([]byte, error) { -+ defer runtime.KeepAlive(k) -+ pub := make([]byte, publicKeySizeEd25519) -+ if err := extractPKEYRawPublic(k._pkey, pub); err != nil { -+ return nil, err -+ } -+ return pub, nil -+} ++// PrivateKeyDSA represents a DSA private key. ++type PrivateKeyDSA struct { ++ DSAParameters ++ X, Y BigInt + -+type PrivateKeyEd25519 struct { ++ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. + _pkey ossl.EVP_PKEY_PTR +} + -+func (k *PrivateKeyEd25519) finalize() { ++func (k *PrivateKeyDSA) finalize() { + ossl.EVP_PKEY_free(k._pkey) +} + -+func (k *PrivateKeyEd25519) Bytes() ([]byte, error) { ++func (k *PrivateKeyDSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { + defer runtime.KeepAlive(k) -+ priv := make([]byte, privateKeySizeEd25519) -+ if err := extractPKEYPrivEd25519(k._pkey, priv); err != nil { -+ return nil, err -+ } -+ return priv, nil -+} -+ -+func (k *PrivateKeyEd25519) Public() (*PublicKeyEd25519, error) { -+ pub := make([]byte, publicKeySizeEd25519) -+ if err := extractPKEYRawPublic(k._pkey, pub); err != nil { -+ return nil, err -+ } -+ pubk, err := NewPublicKeyEd25519(pub) -+ if err != nil { -+ return nil, err -+ } -+ return pubk, nil ++ return f(k._pkey) +} + -+// GenerateKeyEd25519 generates a private key. -+func GenerateKeyEd25519() (*PrivateKeyEd25519, error) { -+ pkeyPriv, err := generateEVPPKey(ossl.EVP_PKEY_ED25519, 0, "") -+ if err != nil { -+ return nil, err -+ } -+ priv := &PrivateKeyEd25519{_pkey: pkeyPriv} -+ runtime.SetFinalizer(priv, (*PrivateKeyEd25519).finalize) -+ return priv, nil -+} ++// PublicKeyDSA represents a DSA public key. ++type PublicKeyDSA struct { ++ DSAParameters ++ Y BigInt + -+// Deprecated: use NewPrivateKeyEd25519 instead. -+func NewPrivateKeyEd25119(priv []byte) (*PrivateKeyEd25519, error) { -+ return NewPrivateKeyEd25519(priv) ++ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. ++ _pkey ossl.EVP_PKEY_PTR +} + -+func NewPrivateKeyEd25519(priv []byte) (*PrivateKeyEd25519, error) { -+ if len(priv) != privateKeySizeEd25519 { -+ panic("ed25519: bad private key length: " + strconv.Itoa(len(priv))) -+ } -+ return NewPrivateKeyEd25519FromSeed(priv[:seedSizeEd25519]) ++func (k *PublicKeyDSA) finalize() { ++ ossl.EVP_PKEY_free(k._pkey) +} + -+// Deprecated: use NewPublicKeyEd25519 instead. -+func NewPublicKeyEd25119(pub []byte) (*PublicKeyEd25519, error) { -+ return NewPublicKeyEd25519(pub) ++func (k *PublicKeyDSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { ++ defer runtime.KeepAlive(k) ++ return f(k._pkey) +} + -+func NewPublicKeyEd25519(pub []byte) (*PublicKeyEd25519, error) { -+ if len(pub) != publicKeySizeEd25519 { -+ panic("ed25519: bad public key length: " + strconv.Itoa(len(pub))) -+ } -+ pkey, err := ossl.EVP_PKEY_new_raw_public_key(ossl.EVP_PKEY_ED25519, nil, pub) ++// GenerateParametersDSA generates a set of DSA parameters. ++func GenerateParametersDSA(l, n int) (DSAParameters, error) { ++ // The DSA parameters are generated by creating a new DSA key and ++ // extracting the domain parameters from it. ++ ++ // Generate a new DSA key context and set the known parameters. ++ ctx, err := ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_DSA, nil) + if err != nil { -+ return nil, err ++ return DSAParameters{}, err + } -+ pubk := &PublicKeyEd25519{_pkey: pkey} -+ runtime.SetFinalizer(pubk, (*PublicKeyEd25519).finalize) -+ return pubk, nil -+} -+ -+// NewPrivateKeyEd25519FromSeed calculates a private key from a seed. It will panic if -+// len(seed) is not [SeedSize]. RFC 8032's private keys correspond to seeds in this -+// package. -+func NewPrivateKeyEd25519FromSeed(seed []byte) (*PrivateKeyEd25519, error) { -+ if len(seed) != seedSizeEd25519 { -+ panic("ed25519: bad seed length: " + strconv.Itoa(len(seed))) ++ defer ossl.EVP_PKEY_CTX_free(ctx) ++ if _, err := ossl.EVP_PKEY_paramgen_init(ctx); err != nil { ++ return DSAParameters{}, err + } -+ pkey, err := ossl.EVP_PKEY_new_raw_private_key(ossl.EVP_PKEY_ED25519, nil, seed) -+ if err != nil { -+ return nil, err ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_DSA, -1, ossl.EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, int32(l), nil); err != nil { ++ return DSAParameters{}, err + } -+ priv := &PrivateKeyEd25519{_pkey: pkey} -+ runtime.SetFinalizer(priv, (*PrivateKeyEd25519).finalize) -+ return priv, nil -+} ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_DSA, -1, ossl.EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, int32(n), nil); err != nil { ++ return DSAParameters{}, err ++ } ++ var pkey ossl.EVP_PKEY_PTR ++ if _, err := ossl.EVP_PKEY_paramgen(ctx, &pkey); err != nil { ++ return DSAParameters{}, err ++ } ++ defer ossl.EVP_PKEY_free(pkey) + -+func extractPKEYPrivEd25519(pkey ossl.EVP_PKEY_PTR, priv []byte) error { -+ if err := extractPKEYRawPublic(pkey, priv[seedSizeEd25519:]); err != nil { -+ return err ++ // Extract the domain parameters from the generated key. ++ var p, q, g ossl.BIGNUM_PTR ++ switch vMajor { ++ case 1: ++ dsa := getDSA(pkey) ++ ossl.DSA_get0_pqg(dsa, &p, &q, &g) ++ case 3: ++ defer func() { ++ ossl.BN_free(p) ++ ossl.BN_free(q) ++ ossl.BN_free(g) ++ }() ++ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_FFC_P.ptr(), &p); err != nil { ++ return DSAParameters{}, err ++ } ++ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_FFC_Q.ptr(), &q); err != nil { ++ return DSAParameters{}, err ++ } ++ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_FFC_G.ptr(), &g); err != nil { ++ return DSAParameters{}, err ++ } ++ default: ++ panic(errUnsupportedVersion()) + } -+ return extractPKEYRawPrivate(pkey, priv[:seedSizeEd25519]) ++ ++ return DSAParameters{ ++ P: bnToBig(p), ++ Q: bnToBig(q), ++ G: bnToBig(g), ++ }, nil +} + -+// SignEd25519 signs the message with priv and returns a signature. -+func SignEd25519(priv *PrivateKeyEd25519, message []byte) (sig []byte, err error) { -+ // Outline the function body so that the returned key can be stack-allocated. -+ sig = make([]byte, signatureSizeEd25519) -+ err = signEd25519(priv, sig, message) ++// NewPrivateKeyDSA creates a new DSA private key from the given parameters. ++func NewPrivateKeyDSA(params DSAParameters, x, y BigInt) (*PrivateKeyDSA, error) { ++ if x == nil || y == nil { ++ panic("x and y must not be nil") ++ } ++ pkey, err := newDSA(params, x, y) + if err != nil { + return nil, err + } -+ return sig, err ++ k := &PrivateKeyDSA{params, x, y, pkey} ++ runtime.SetFinalizer(k, (*PrivateKeyDSA).finalize) ++ return k, nil +} + -+func signEd25519(priv *PrivateKeyEd25519, sig, message []byte) error { -+ defer runtime.KeepAlive(priv) -+ ctx, err := ossl.EVP_MD_CTX_new() -+ if err != nil { -+ return err -+ } -+ defer ossl.EVP_MD_CTX_free(ctx) -+ if _, err := ossl.EVP_DigestSignInit(ctx, nil, nil, nil, priv._pkey); err != nil { -+ return err -+ } -+ siglen := signatureSizeEd25519 -+ if _, err := ossl.EVP_DigestSign(ctx, sig, &siglen, message); err != nil { -+ return err ++// NewPublicKeyDSA creates a new DSA public key from the given parameters. ++func NewPublicKeyDSA(params DSAParameters, y BigInt) (*PublicKeyDSA, error) { ++ if y == nil { ++ panic("y must not be nil") + } -+ if siglen != signatureSizeEd25519 { -+ return errors.New("ed25519: bad signature length: " + strconv.Itoa(siglen)) ++ pkey, err := newDSA(params, nil, y) ++ if err != nil { ++ return nil, err + } -+ return nil ++ k := &PublicKeyDSA{params, y, pkey} ++ runtime.SetFinalizer(k, (*PublicKeyDSA).finalize) ++ return k, nil +} + -+// VerifyEd25519 reports whether sig is a valid signature of message by pub. -+func VerifyEd25519(pub *PublicKeyEd25519, message, sig []byte) error { -+ defer runtime.KeepAlive(pub) -+ ctx, err := ossl.EVP_MD_CTX_new() ++// GenerateKeyDSA generates a new private DSA key using the given parameters. ++func GenerateKeyDSA(params DSAParameters) (x, y BigInt, err error) { ++ pkey, err := newDSA(params, nil, nil) + if err != nil { -+ return err -+ } -+ defer ossl.EVP_MD_CTX_free(ctx) -+ if _, err := ossl.EVP_DigestVerifyInit(ctx, nil, nil, nil, pub._pkey); err != nil { -+ return err ++ return nil, nil, err + } -+ if _, err := ossl.EVP_DigestVerify(ctx, sig, message); err != nil { -+ return errors.New("ed25519: invalid signature") ++ defer ossl.EVP_PKEY_free(pkey) ++ var bx, by ossl.BIGNUM_PTR ++ switch vMajor { ++ case 1: ++ dsa := getDSA(pkey) ++ ossl.DSA_get0_key(dsa, &by, &bx) ++ case 3: ++ defer func() { ++ ossl.BN_clear_free(bx) ++ ossl.BN_free(by) ++ }() ++ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PUB_KEY.ptr(), &by); err != nil { ++ return nil, nil, err ++ } ++ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PRIV_KEY.ptr(), &bx); err != nil { ++ return nil, nil, err ++ } ++ default: ++ panic(errUnsupportedVersion()) + } -+ return nil ++ return bnToBig(bx), bnToBig(by), nil +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/evp.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/evp.go -new file mode 100644 -index 00000000000000..65f4d2ddcbc6fb ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/evp.go -@@ -0,0 +1,615 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. + -+package openssl ++// SignDSA signs a hash (which should be the result of hashing a larger message). ++func SignDSA(priv *PrivateKeyDSA, hash []byte) ([]byte, error) { ++ return evpSign(priv.withKey, 0, 0, 0, hash) ++} + -+import ( -+ "crypto" -+ "errors" -+ "hash" -+ "strconv" -+ "sync" -+ "unsafe" ++// VerifyDSA verifiessig using the public key, pub. ++func VerifyDSA(pub *PublicKeyDSA, hash []byte, sig []byte) bool { ++ return evpVerify(pub.withKey, 0, 0, 0, sig, hash) == nil ++} + -+ "github.com/microsoft/go-crypto-openssl/internal/ossl" -+) ++func newDSA(params DSAParameters, x, y BigInt) (ossl.EVP_PKEY_PTR, error) { ++ switch vMajor { ++ case 1: ++ return newDSA1(params, x, y) ++ case 3: ++ return newDSA3(params, x, y) ++ default: ++ panic(errUnsupportedVersion()) ++ } ++} + -+// cacheMD is a cache of crypto.Hash to GOossl.EVP_MD_PTR. -+var cacheMD sync.Map ++func newDSA1(params DSAParameters, x, y BigInt) (pkey ossl.EVP_PKEY_PTR, err error) { ++ checkMajorVersion(1) + -+// hashFuncHash calls fn() and returns its result. -+// If fn() panics, the panic is recovered and returned as an error. -+// This is used to avoid aborting the program when calling -+// an unsupported hash function. It is the caller's responsibility -+// to check the returned value. -+func hashFuncHash(fn func() hash.Hash) (h hash.Hash, err error) { ++ dsa, err := ossl.DSA_new() ++ if err != nil { ++ return nil, err ++ } + defer func() { -+ r := recover() -+ if r == nil { -+ return -+ } -+ h = nil -+ switch e := r.(type) { -+ case error: -+ err = e -+ case string: -+ err = errors.New(e) -+ default: -+ err = errors.New("unsupported panic") ++ if pkey == nil { ++ ossl.DSA_free(dsa) + } + }() -+ return fn(), nil -+} -+ -+// hashToMD converts a hash.Hash implementation from this package to a GOossl.EVP_MD_PTR. -+func hashToMD(h hash.Hash) ossl.EVP_MD_PTR { -+ if h, ok := h.(*Hash); ok { -+ return h.alg.md ++ // No need to check for errors here, DSA_set0_* functions will fail ++ // if the BNs are NULL and we will free non-NULL BNs in the error handling. ++ p, _ := bigToBN(params.P) ++ q, _ := bigToBN(params.Q) ++ g, _ := bigToBN(params.G) ++ if _, err := ossl.DSA_set0_pqg(dsa, p, q, g); err != nil { ++ ossl.BN_free(p) ++ ossl.BN_free(q) ++ ossl.BN_free(g) ++ return nil, err + } -+ return nil -+} -+ -+// hashToCryptoHash converts a hash.Hash implementation from this package to a crypto.Hash. -+func hashToCryptoHash(h hash.Hash) crypto.Hash { -+ if h, ok := h.(*Hash); ok { -+ return h.alg.ch ++ if y != nil { ++ pub, _ := bigToBN(y) ++ priv, _ := bigToBN(x) ++ if _, err := ossl.DSA_set0_key(dsa, pub, priv); err != nil { ++ ossl.BN_free(pub) ++ ossl.BN_clear_free(priv) ++ return nil, err ++ } ++ } else { ++ if _, err := ossl.DSA_generate_key(dsa); err != nil { ++ return nil, err ++ } + } -+ return 0 -+} -+ -+// hashFuncToMD converts a hash.Hash function to a GOossl.EVP_MD_PTR. -+// See [hashFuncHash] for details on error handling. -+func hashFuncToMD(fn func() hash.Hash) (ossl.EVP_MD_PTR, error) { -+ h, err := hashFuncHash(fn) ++ pkey, err = ossl.EVP_PKEY_new() + if err != nil { + return nil, err + } -+ md := hashToMD(h) -+ if md == nil { -+ return nil, errors.New("unsupported hash function") ++ if _, err := ossl.EVP_PKEY_assign(pkey, ossl.EVP_PKEY_DSA, unsafe.Pointer(dsa)); err != nil { ++ ossl.EVP_PKEY_free(pkey) ++ return nil, err + } -+ return md, nil ++ return pkey, nil +} + -+// provider is an identifier for a known provider. -+type provider uint8 -+ -+const ( -+ providerNone provider = iota -+ providerOSSLDefault -+ providerOSSLFIPS -+ providerSymCrypt -+) ++func newDSA3(params DSAParameters, x, y BigInt) (ossl.EVP_PKEY_PTR, error) { ++ checkMajorVersion(3) + -+type hashAlgorithm struct { -+ md ossl.EVP_MD_PTR -+ ch crypto.Hash -+ size int -+ blockSize int -+ provider provider -+ marshallable bool -+ magic string -+ marshalledSize int -+} ++ bld, err := newParamBuilder() ++ if err != nil { ++ return nil, err ++ } ++ defer bld.finalize() + -+// loadHash converts a crypto.Hash to a EVP_MD. -+func loadHash(ch crypto.Hash, must bool) (h *hashAlgorithm) { -+ defer func() { -+ if h == nil && must { -+ panic("openssl: unsupported hash function: " + strconv.Itoa(int(ch))) ++ bld.addBigInt(_OSSL_PKEY_PARAM_FFC_P, params.P, false) ++ bld.addBigInt(_OSSL_PKEY_PARAM_FFC_Q, params.Q, false) ++ bld.addBigInt(_OSSL_PKEY_PARAM_FFC_G, params.G, false) ++ selection := int32(ossl.EVP_PKEY_KEYPAIR) ++ if y != nil { ++ bld.addBigInt(_OSSL_PKEY_PARAM_PUB_KEY, y, false) ++ if x == nil { ++ selection = ossl.EVP_PKEY_PUBLIC_KEY + } -+ }() -+ if v, ok := cacheMD.Load(ch); ok { -+ return v.(*hashAlgorithm) + } -+ -+ var hash hashAlgorithm -+ switch ch { -+ case crypto.RIPEMD160: -+ hash.md = ossl.EVP_ripemd160() -+ case crypto.MD4: -+ hash.md = ossl.EVP_md4() -+ case crypto.MD5: -+ hash.md = ossl.EVP_md5() -+ hash.magic = magicMD5 -+ hash.marshalledSize = marshaledSizeMD5 -+ case crypto.MD5SHA1: -+ hash.md = ossl.EVP_md5_sha1() -+ case crypto.SHA1: -+ hash.md = ossl.EVP_sha1() -+ hash.magic = magic1 -+ hash.marshalledSize = marshaledSize1 -+ case crypto.SHA224: -+ hash.md = ossl.EVP_sha224() -+ hash.magic = magic224 -+ hash.marshalledSize = marshaledSize256 -+ case crypto.SHA256: -+ hash.md = ossl.EVP_sha256() -+ hash.magic = magic256 -+ hash.marshalledSize = marshaledSize256 -+ case crypto.SHA384: -+ hash.md = ossl.EVP_sha384() -+ hash.magic = magic384 -+ hash.marshalledSize = marshaledSize512 -+ case crypto.SHA512: -+ hash.md = ossl.EVP_sha512() -+ hash.magic = magic512 -+ hash.marshalledSize = marshaledSize512 -+ case crypto.SHA512_224: -+ hash.md = ossl.EVP_sha512_224() -+ hash.magic = magic512_224 -+ hash.marshalledSize = marshaledSize512 -+ case crypto.SHA512_256: -+ hash.md = ossl.EVP_sha512_256() -+ hash.magic = magic512_256 -+ hash.marshalledSize = marshaledSize512 -+ case crypto.SHA3_224: -+ hash.md = ossl.EVP_sha3_224() -+ case crypto.SHA3_256: -+ hash.md = ossl.EVP_sha3_256() -+ case crypto.SHA3_384: -+ hash.md = ossl.EVP_sha3_384() -+ case crypto.SHA3_512: -+ hash.md = ossl.EVP_sha3_512() ++ if x != nil { ++ bld.addBigInt(_OSSL_PKEY_PARAM_PRIV_KEY, x, true) + } -+ if hash.md == nil { -+ cacheMD.Store(ch, (*hashAlgorithm)(nil)) -+ return nil ++ bldparams, err := bld.build() ++ if err != nil { ++ return nil, err + } -+ hash.ch = ch -+ hash.size = int(ossl.EVP_MD_get_size(hash.md)) -+ hash.blockSize = int(ossl.EVP_MD_get_block_size(hash.md)) -+ switch major() { -+ case 3, 4: -+ // On OpenSSL 3, directly operating on a EVP_MD object -+ // not created by EVP_MD_fetch has negative performance -+ // implications, as digest operations will have -+ // to fetch it on every call. Better to just fetch it once here. -+ md, _ := ossl.EVP_MD_fetch(nil, ossl.EVP_MD_get0_name(hash.md), nil) -+ // Don't overwrite md in case it can't be fetched, as the md may still be used -+ // outside of EVP_MD_CTX, for example to sign and verify RSA signatures. -+ if md != nil { -+ hash.md = md -+ } ++ defer ossl.OSSL_PARAM_free(bldparams) ++ pkey, err := newEvpFromParams(ossl.EVP_PKEY_DSA, selection, bldparams) ++ if err != nil { ++ return nil, err + } -+ if hash.magic != "" { -+ if hash.marshalledSize == 0 { -+ panic("marshalledSize must be set for " + hash.magic) -+ } ++ if y != nil { ++ return pkey, nil + } -+ -+ switch major() { -+ case 1: -+ hash.provider = providerOSSLDefault -+ case 3, 4: -+ if prov := ossl.EVP_MD_get0_provider(hash.md); prov != nil { -+ cname := ossl.OSSL_PROVIDER_get0_name(prov) -+ switch goString(cname) { -+ case "default": -+ hash.provider = providerOSSLDefault -+ hash.marshallable = hash.magic != "" -+ case "fips": -+ hash.provider = providerOSSLFIPS -+ hash.marshallable = hash.magic != "" -+ case "symcryptprovider": -+ hash.provider = providerSymCrypt -+ hash.marshallable = hash.magic != "" && isSymCryptHashStateSerializable(hash.md) -+ } -+ } -+ default: -+ panic(errUnsupportedVersion()) ++ // pkey doesn't contain the public component, but the crypto/dsa package ++ // expects it to be always there. Generate a new key using pkey as domain ++ // parameters placeholder. ++ defer ossl.EVP_PKEY_free(pkey) ++ ctx, err := ossl.EVP_PKEY_CTX_new_from_pkey(nil, pkey, nil) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_PKEY_CTX_free(ctx) ++ if _, err := ossl.EVP_PKEY_keygen_init(ctx); err != nil { ++ return nil, err ++ } ++ var gkey ossl.EVP_PKEY_PTR ++ if _, err := ossl.EVP_PKEY_keygen(ctx, &gkey); err != nil { ++ return nil, err + } ++ return gkey, nil ++} + -+ cacheMD.Store(ch, &hash) -+ return &hash ++// getDSA returns the DSA from pkey. ++// If pkey does not contain an DSA it panics. ++// The returned key should not be freed. ++func getDSA(pkey ossl.EVP_PKEY_PTR) ossl.DSA_PTR { ++ key, err := ossl.EVP_PKEY_get0_DSA(pkey) ++ if err != nil { ++ panic(err) ++ } ++ return key +} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ec.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ec.go +new file mode 100644 +index 00000000000000..96ec25f3f35074 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ec.go +@@ -0,0 +1,67 @@ ++//go:build !cmd_go_bootstrap + -+// generateEVPPKey generates a new EVP_PKEY with the given id and properties. -+func generateEVPPKey(id, bits int32, curve string) (ossl.EVP_PKEY_PTR, error) { -+ if bits != 0 && curve != "" { -+ return nil, fail("incorrect generateEVPPKey parameters") ++package openssl ++ ++import "C" ++import "github.com/microsoft/go-crypto-openssl/internal/ossl" ++ ++func curveNID(curve string) int32 { ++ switch curve { ++ case "P-224": ++ return ossl.NID_secp224r1 ++ case "P-256": ++ return ossl.NID_X9_62_prime256v1 ++ case "P-384": ++ return ossl.NID_secp384r1 ++ case "P-521": ++ return ossl.NID_secp521r1 ++ default: ++ panic("openssl: unknown curve " + curve) + } -+ var pkey ossl.EVP_PKEY_PTR -+ switch major() { -+ case 1: -+ ctx, err := ossl.EVP_PKEY_CTX_new_id(id, nil) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EVP_PKEY_CTX_free(ctx) -+ if _, err := ossl.EVP_PKEY_keygen_init(ctx); err != nil { -+ return nil, err -+ } -+ if bits != 0 { -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, id, -1, ossl.EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, nil); err != nil { -+ return nil, err -+ } -+ } -+ if id == ossl.EVP_PKEY_EC && curve != "" { -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, id, -1, ossl.EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, curveNID(curve), nil); err != nil { -+ return nil, err -+ } -+ } -+ if _, err := ossl.EVP_PKEY_keygen(ctx, &pkey); err != nil { -+ return nil, err -+ } -+ case 3, 4: -+ var err error -+ switch id { -+ case ossl.EVP_PKEY_RSA: -+ pkey, err = ossl.EVP_PKEY_Q_keygen_RSA(nil, nil, _KeyTypeRSA.ptr(), int(bits)) -+ case ossl.EVP_PKEY_EC: -+ pkey, err = ossl.EVP_PKEY_Q_keygen_EC(nil, nil, _KeyTypeEC.ptr(), ossl.OBJ_nid2sn(curveNID(curve))) -+ case ossl.EVP_PKEY_ED25519: -+ pkey, err = ossl.EVP_PKEY_Q_keygen_ED25519(nil, nil, _KeyTypeED25519.ptr()) -+ case ossl.EVP_PKEY_X25519: -+ pkey, err = ossl.EVP_PKEY_Q_keygen_X25519(nil, nil, _KeyTypeX25519.ptr()) -+ case ossl.EVP_PKEY_MLKEM_768: -+ pkey, err = ossl.EVP_PKEY_Q_keygen_MLKEM(nil, nil, _KeyTypeMLKEM768.ptr()) -+ case ossl.EVP_PKEY_MLKEM_1024: -+ pkey, err = ossl.EVP_PKEY_Q_keygen_MLKEM(nil, nil, _KeyTypeMLKEM1024.ptr()) -+ case ossl.EVP_PKEY_ML_DSA_44: -+ pkey, err = ossl.EVP_PKEY_Q_keygen_MLDSA(nil, nil, _KeyTypeMLDSA44.ptr()) -+ case ossl.EVP_PKEY_ML_DSA_65: -+ pkey, err = ossl.EVP_PKEY_Q_keygen_MLDSA(nil, nil, _KeyTypeMLDSA65.ptr()) -+ case ossl.EVP_PKEY_ML_DSA_87: -+ pkey, err = ossl.EVP_PKEY_Q_keygen_MLDSA(nil, nil, _KeyTypeMLDSA87.ptr()) -+ default: -+ panic("unsupported key type '" + strconv.Itoa(int(id)) + "'") -+ } -+ if err != nil { -+ return nil, err -+ } ++} ++ ++// curveSize returns the size of the curve in bytes. ++func curveSize(curve string) int { ++ switch curve { ++ case "P-224": ++ return 224 / 8 ++ case "P-256": ++ return 256 / 8 ++ case "P-384": ++ return 384 / 8 ++ case "P-521": ++ return (521 + 7) / 8 + default: -+ panic(errUnsupportedVersion()) ++ panic("openssl: unknown curve " + curve) + } -+ -+ return pkey, nil +} + -+type withKeyFunc func(func(ossl.EVP_PKEY_PTR) error) error -+type initFunc func(ossl.EVP_PKEY_CTX_PTR) error -+type cryptFunc func(ossl.EVP_PKEY_CTX_PTR, []byte, *int, []byte) error -+type verifyFunc func(ossl.EVP_PKEY_CTX_PTR, []byte, []byte) error -+ -+func setupEVP(withKey withKeyFunc, padding int32, -+ h, mgfHash hash.Hash, label []byte, saltLen int32, ch crypto.Hash, -+ init initFunc) (_ ossl.EVP_PKEY_CTX_PTR, err error) { -+ var ctx ossl.EVP_PKEY_CTX_PTR -+ if err := withKey(func(pkey ossl.EVP_PKEY_PTR) error { -+ ctx, err = ossl.EVP_PKEY_CTX_new(pkey, nil) -+ return err -+ }); err != nil { ++// encodeEcPoint encodes pt. ++func encodeEcPoint(group ossl.EC_GROUP_PTR, pt ossl.EC_POINT_PTR) ([]byte, error) { ++ // Get encoded point size. ++ n, err := ossl.EC_POINT_point2oct(group, pt, ossl.POINT_CONVERSION_UNCOMPRESSED, nil, 0, nil) ++ if err != nil { + return nil, err + } -+ defer func() { -+ if err != nil { -+ if ctx != nil { -+ ossl.EVP_PKEY_CTX_free(ctx) -+ ctx = nil -+ } -+ } -+ }() -+ if err := init(ctx); err != nil { ++ // Encode point into bytes. ++ bytes := make([]byte, n) ++ if _, err = ossl.EC_POINT_point2oct(group, pt, ossl.POINT_CONVERSION_UNCOMPRESSED, base(bytes), n, nil); err != nil { + return nil, err + } -+ if padding == 0 { -+ return ctx, nil -+ } -+ // Each padding type has its own requirements in terms of when to apply the padding, -+ // so it can't be just set at this point. -+ switch padding { -+ case ossl.RSA_PKCS1_OAEP_PADDING: -+ err = setOAEPPadding(ctx, h, mgfHash, label) -+ case ossl.RSA_PKCS1_PSS_PADDING: -+ err = setPSSPadding(ctx, saltLen, ch) -+ case ossl.RSA_PKCS1_PADDING: -+ err = setPKCS1Padding(ctx, ch) -+ default: -+ _, err = ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_PADDING, padding, nil) ++ return bytes, nil ++} ++ ++// generateAndEncodeEcPublicKey calls newPubKeyPointFn to generate a public key point and then encodes it. ++func generateAndEncodeEcPublicKey(nid int32, newPubKeyPointFn func(group ossl.EC_GROUP_PTR) (ossl.EC_POINT_PTR, error)) ([]byte, error) { ++ group, err := ossl.EC_GROUP_new_by_curve_name(nid) ++ if err != nil { ++ return nil, err + } ++ defer ossl.EC_GROUP_free(group) ++ pt, err := newPubKeyPointFn(group) + if err != nil { + return nil, err + } -+ return ctx, nil ++ defer ossl.EC_POINT_free(pt) ++ return encodeEcPoint(group, pt) +} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdh.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdh.go +new file mode 100644 +index 00000000000000..381f0d2079743d +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdh.go +@@ -0,0 +1,306 @@ ++//go:build !cmd_go_bootstrap + -+func setPSSPadding(ctx ossl.EVP_PKEY_CTX_PTR, saltLen int32, ch crypto.Hash) error { -+ alg := loadHash(ch, false) -+ if alg == nil { -+ return errors.New("crypto/rsa: unsupported hash function") -+ } -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_MD, 0, unsafe.Pointer(alg.md)); err != nil { -+ return err -+ } -+ // setPadding must happen after setting EVP_PKEY_CTRL_MD. -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_PADDING, ossl.RSA_PKCS1_PSS_PADDING, nil); err != nil { -+ return err -+ } -+ if saltLen != 0 { -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_PSS_SALTLEN, saltLen, nil); err != nil { -+ return err -+ } -+ } -+ return nil ++package openssl ++ ++import "C" ++import ( ++ "errors" ++ "runtime" ++ "slices" ++ "unsafe" ++ ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) ++ ++type PublicKeyECDH struct { ++ _pkey ossl.EVP_PKEY_PTR ++ bytes []byte +} + -+func setPKCS1Padding(ctx ossl.EVP_PKEY_CTX_PTR, ch crypto.Hash) error { -+ if ch == 0 { -+ // We support unhashed messages. -+ return nil -+ } -+ alg := loadHash(ch, false) -+ if alg == nil { -+ return errors.New("crypto/rsa: unsupported hash function") -+ } -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, -1, ossl.EVP_PKEY_CTRL_MD, 0, unsafe.Pointer(alg.md)); err != nil { -+ return err -+ } -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_PADDING, ossl.RSA_PKCS1_PADDING, nil); err != nil { -+ return err -+ } -+ return nil ++func (k *PublicKeyECDH) finalize() { ++ ossl.EVP_PKEY_free(k._pkey) +} + -+func setOAEPPadding(ctx ossl.EVP_PKEY_CTX_PTR, h, mgfHash hash.Hash, label []byte) error { -+ md := hashToMD(h) -+ if md == nil { -+ return errors.New("crypto/rsa: unsupported hash function") -+ } -+ var mgfMD ossl.EVP_MD_PTR -+ if mgfHash != nil { -+ // mgfHash is optional, but if it is set it must match a supported hash function. -+ mgfMD = hashToMD(mgfHash) -+ if mgfMD == nil { -+ return errors.New("crypto/rsa: unsupported hash function") -+ } -+ } -+ // setPadding must happen before setting EVP_PKEY_CTRL_RSA_OAEP_MD. -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_PADDING, ossl.RSA_PKCS1_OAEP_PADDING, nil); err != nil { -+ return err -+ } -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_OAEP_MD, 0, unsafe.Pointer(md)); err != nil { -+ return err -+ } -+ if mgfHash != nil { -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_MGF1_MD, 0, unsafe.Pointer(mgfMD)); err != nil { -+ return err -+ } -+ } -+ // ctx takes ownership of label, so malloc a copy for OpenSSL to free. -+ // OpenSSL does not take ownership of the label if the length is zero, -+ // so better avoid the allocation. -+ var clabel *byte -+ if len(label) > 0 { -+ clabel = (*byte)(cryptoMalloc(len(label))) -+ copy((*[1 << 30]byte)(unsafe.Pointer(clabel))[:len(label)], label) -+ var err error -+ switch major() { -+ case 3, 4: -+ _, err = ossl.EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, unsafe.Slice(clabel, len(label))) -+ default: -+ _, err = ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_OAEP_LABEL, int32(len(label)), unsafe.Pointer(clabel)) -+ } -+ if err != nil { -+ cryptoFree(unsafe.Pointer(clabel)) -+ return err -+ } -+ } -+ return nil ++type PrivateKeyECDH struct { ++ _pkey ossl.EVP_PKEY_PTR ++ curve string +} + -+func cryptEVP(withKey withKeyFunc, padding int32, -+ h, mgfHash hash.Hash, label []byte, saltLen int32, ch crypto.Hash, -+ init initFunc, crypt cryptFunc, in []byte) ([]byte, error) { ++func (k *PrivateKeyECDH) finalize() { ++ ossl.EVP_PKEY_free(k._pkey) ++} + -+ ctx, err := setupEVP(withKey, padding, h, mgfHash, label, saltLen, ch, init) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EVP_PKEY_CTX_free(ctx) -+ var pkeySize int32 -+ if err := withKey(func(pkey ossl.EVP_PKEY_PTR) (err error) { -+ pkeySize, err = ossl.EVP_PKEY_get_size(pkey) -+ return err -+ }); err != nil { -+ return nil, err ++func NewPublicKeyECDH(curve string, bytes []byte) (*PublicKeyECDH, error) { ++ if len(bytes) != 1+2*curveSize(curve) { ++ return nil, errors.New("NewPublicKeyECDH: wrong key length") + } -+ outLen := int(pkeySize) -+ out := make([]byte, pkeySize) -+ if err := crypt(ctx, out, &outLen, in); err != nil { ++ pkey, err := newECDHPkey(curve, bytes, false) ++ if err != nil { + return nil, err + } -+ // The size returned by EVP_PKEY_get_size() is only preliminary and not exact, -+ // so the final contents of the out buffer may be smaller. -+ return out[:outLen], nil ++ k := &PublicKeyECDH{pkey, slices.Clone(bytes)} ++ runtime.SetFinalizer(k, (*PublicKeyECDH).finalize) ++ return k, nil +} + -+func verifyEVP(withKey withKeyFunc, padding int32, -+ h hash.Hash, label []byte, saltLen int32, ch crypto.Hash, -+ init initFunc, verify verifyFunc, -+ sig, in []byte) error { ++func (k *PublicKeyECDH) Bytes() []byte { return k.bytes } + -+ ctx, err := setupEVP(withKey, padding, h, nil, label, saltLen, ch, init) ++func NewPrivateKeyECDH(curve string, bytes []byte) (*PrivateKeyECDH, error) { ++ if len(bytes) != curveSize(curve) { ++ return nil, errors.New("NewPrivateKeyECDH: wrong key length") ++ } ++ pkey, err := newECDHPkey(curve, bytes, true) + if err != nil { -+ return err ++ return nil, err + } -+ defer ossl.EVP_PKEY_CTX_free(ctx) -+ return verify(ctx, sig, in) ++ k := &PrivateKeyECDH{pkey, curve} ++ runtime.SetFinalizer(k, (*PrivateKeyECDH).finalize) ++ return k, nil +} + -+func evpEncrypt(withKey withKeyFunc, padding int32, h, mgfHash hash.Hash, label, msg []byte) ([]byte, error) { -+ encryptInit := func(ctx ossl.EVP_PKEY_CTX_PTR) error { -+ _, err := ossl.EVP_PKEY_encrypt_init(ctx) -+ return err -+ } -+ encrypt := func(ctx ossl.EVP_PKEY_CTX_PTR, out []byte, outLen *int, in []byte) error { -+ if _, err := ossl.EVP_PKEY_encrypt(ctx, out, outLen, in); err != nil { -+ return err -+ } -+ return nil -+ } -+ return cryptEVP(withKey, padding, h, mgfHash, label, 0, 0, encryptInit, encrypt, msg) -+} ++func (k *PrivateKeyECDH) PublicKey() (*PublicKeyECDH, error) { ++ defer runtime.KeepAlive(k) ++ var pkey ossl.EVP_PKEY_PTR ++ defer func() { ++ ossl.EVP_PKEY_free(pkey) ++ }() + -+func evpDecrypt(withKey withKeyFunc, padding int32, h, mgfHash hash.Hash, label, msg []byte) ([]byte, error) { -+ decryptInit := func(ctx ossl.EVP_PKEY_CTX_PTR) error { -+ _, err := ossl.EVP_PKEY_decrypt_init(ctx) -+ return err -+ } -+ decrypt := func(ctx ossl.EVP_PKEY_CTX_PTR, out []byte, outLen *int, in []byte) error { -+ _, err := ossl.EVP_PKEY_decrypt(ctx, out, outLen, in) -+ return err -+ } -+ return cryptEVP(withKey, padding, h, mgfHash, label, 0, 0, decryptInit, decrypt, msg) -+} ++ var bytes []byte ++ switch vMajor { ++ case 1: ++ var err error ++ pkey, err = ossl.EVP_PKEY_new() ++ if err != nil { ++ return nil, err ++ } ++ key := getECKey(k._pkey) ++ if _, err := ossl.EVP_PKEY_set1_EC_KEY(pkey, key); err != nil { ++ return nil, err ++ } ++ pt := ossl.EC_KEY_get0_public_key(key) ++ if pt == nil { ++ return nil, fail("missing ECDH public key") ++ } ++ group := ossl.EC_KEY_get0_group(key) ++ if bytes, err = encodeEcPoint(group, pt); err != nil { ++ return nil, err ++ } ++ case 3: ++ pkey = k._pkey ++ if _, err := ossl.EVP_PKEY_up_ref(pkey); err != nil { ++ return nil, err ++ } + -+func evpSign(withKey withKeyFunc, padding int32, saltLen int32, h crypto.Hash, hashed []byte) ([]byte, error) { -+ signtInit := func(ctx ossl.EVP_PKEY_CTX_PTR) error { -+ _, err := ossl.EVP_PKEY_sign_init(ctx) -+ return err -+ } -+ sign := func(ctx ossl.EVP_PKEY_CTX_PTR, out []byte, outLen *int, in []byte) error { -+ _, err := ossl.EVP_PKEY_sign(ctx, out, outLen, in) -+ return err ++ var cbytes *byte ++ n, err := ossl.EVP_PKEY_get1_encoded_public_key(k._pkey, &cbytes) ++ if err != nil { ++ return nil, err ++ } ++ bytes = C.GoBytes(unsafe.Pointer(cbytes), C.int(n)) ++ cryptoFree(unsafe.Pointer(cbytes)) ++ default: ++ panic(errUnsupportedVersion()) + } -+ return cryptEVP(withKey, padding, nil, nil, nil, saltLen, h, signtInit, sign, hashed) ++ pub := &PublicKeyECDH{pkey, bytes} ++ pkey = nil ++ runtime.SetFinalizer(pub, (*PublicKeyECDH).finalize) ++ return pub, nil +} + -+func evpVerify(withKey withKeyFunc, padding int32, saltLen int32, h crypto.Hash, sig, hashed []byte) error { -+ verifyInit := func(ctx ossl.EVP_PKEY_CTX_PTR) error { -+ _, err := ossl.EVP_PKEY_verify_init(ctx) -+ return err -+ } -+ verify := func(ctx ossl.EVP_PKEY_CTX_PTR, sig []byte, in []byte) error { -+ _, err := ossl.EVP_PKEY_verify(ctx, sig, in) -+ return err ++func newECDHPkey(curve string, bytes []byte, isPrivate bool) (ossl.EVP_PKEY_PTR, error) { ++ nid := curveNID(curve) ++ switch vMajor { ++ case 1: ++ return newECDHPkey1(nid, bytes, isPrivate) ++ case 3: ++ return newECDHPkey3(nid, bytes, isPrivate) ++ default: ++ panic(errUnsupportedVersion()) + } -+ return verifyEVP(withKey, padding, nil, nil, saltLen, h, verifyInit, verify, sig, hashed) +} + -+func evpHashSign(withKey withKeyFunc, h crypto.Hash, msg []byte) ([]byte, error) { -+ alg := loadHash(h, false) -+ if alg == nil { -+ return nil, errors.New("unsupported hash function: " + strconv.Itoa(int(h))) -+ } -+ var out []byte -+ var outLen int -+ ctx, err := ossl.EVP_MD_CTX_new() ++func newECDHPkey1(nid int32, bytes []byte, isPrivate bool) (pkey ossl.EVP_PKEY_PTR, err error) { ++ checkMajorVersion(1) ++ ++ key, err := ossl.EC_KEY_new_by_curve_name(nid) + if err != nil { + return nil, err + } -+ defer ossl.EVP_MD_CTX_free(ctx) -+ if err := withKey(func(key ossl.EVP_PKEY_PTR) error { -+ _, err := ossl.EVP_DigestSignInit(ctx, nil, alg.md, nil, key) -+ return err -+ }); err != nil { -+ return nil, err -+ } -+ if len(msg) > 0 { -+ if _, err := ossl.EVP_DigestUpdate(ctx, msg); err != nil { ++ defer func() { ++ if pkey == nil { ++ ossl.EC_KEY_free(key) ++ } ++ }() ++ group := ossl.EC_KEY_get0_group(key) ++ if isPrivate { ++ priv, err := ossl.BN_bin2bn(base(bytes), int32(len(bytes)), nil) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.BN_clear_free(priv) ++ if _, err := ossl.EC_KEY_set_private_key(key, priv); err != nil { ++ return nil, err ++ } ++ pub, err := pointMult(group, priv) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EC_POINT_free(pub) ++ if _, err := ossl.EC_KEY_set_public_key(key, pub); err != nil { ++ return nil, err ++ } ++ } else { ++ pub, err := ossl.EC_POINT_new(group) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EC_POINT_free(pub) ++ if _, err := ossl.EC_POINT_oct2point(group, pub, base(bytes), len(bytes), nil); err != nil { ++ return nil, err ++ } ++ if _, err := ossl.EC_KEY_set_public_key(key, pub); err != nil { + return nil, err + } + } -+ // Obtain the signature length -+ if _, err := ossl.EVP_DigestSignFinal(ctx, nil, &outLen); err != nil { -+ return nil, err -+ } -+ out = make([]byte, outLen) -+ // Obtain the signature -+ if _, err := ossl.EVP_DigestSignFinal(ctx, out, &outLen); err != nil { -+ return nil, err ++ if _, err := ossl.EC_KEY_check_key(key); err != nil { ++ // Match upstream error message. ++ if isPrivate { ++ return nil, errors.New("crypto/ecdh: invalid private key") ++ } else { ++ return nil, errors.New("crypto/ecdh: invalid public key") ++ } + } -+ return out[:outLen], nil ++ return newEVPPKEY(key) +} + -+func evpHashVerify(withKey withKeyFunc, h crypto.Hash, msg, sig []byte) error { -+ alg := loadHash(h, false) -+ if alg == nil { -+ return errors.New("unsupported hash function: " + strconv.Itoa(int(h))) -+ } -+ ctx, err := ossl.EVP_MD_CTX_new() ++func newECDHPkey3(nid int32, bytes []byte, isPrivate bool) (ossl.EVP_PKEY_PTR, error) { ++ checkMajorVersion(3) ++ ++ bld, err := newParamBuilder() + if err != nil { -+ return err -+ } -+ defer ossl.EVP_MD_CTX_free(ctx) -+ if err := withKey(func(key ossl.EVP_PKEY_PTR) error { -+ _, err := ossl.EVP_DigestVerifyInit(ctx, nil, alg.md, nil, key) -+ return err -+ }); err != nil { -+ return err ++ return nil, err + } -+ if len(msg) > 0 { -+ if _, err := ossl.EVP_DigestUpdate(ctx, msg); err != nil { -+ return err ++ defer bld.finalize() ++ bld.addUTF8String(_OSSL_PKEY_PARAM_GROUP_NAME, ossl.OBJ_nid2sn(nid), 0) ++ var selection int32 ++ if isPrivate { ++ priv, err := ossl.BN_bin2bn(base(bytes), int32(len(bytes)), nil) ++ if err != nil { ++ return nil, err + } ++ defer ossl.BN_clear_free(priv) ++ pubBytes, err := generateAndEncodeEcPublicKey(nid, func(group ossl.EC_GROUP_PTR) (ossl.EC_POINT_PTR, error) { ++ return pointMult(group, priv) ++ }) ++ if err != nil { ++ return nil, err ++ } ++ bld.addOctetString(_OSSL_PKEY_PARAM_PUB_KEY, pubBytes) ++ bld.addBN(_OSSL_PKEY_PARAM_PRIV_KEY, priv) ++ selection = ossl.EVP_PKEY_KEYPAIR ++ } else { ++ bld.addOctetString(_OSSL_PKEY_PARAM_PUB_KEY, bytes) ++ selection = ossl.EVP_PKEY_PUBLIC_KEY + } -+ if _, err := ossl.EVP_DigestVerifyFinal(ctx, sig); err != nil { -+ return err -+ } -+ return nil -+} + -+func newEVPPKEY(key ossl.EC_KEY_PTR) (ossl.EVP_PKEY_PTR, error) { -+ pkey, err := ossl.EVP_PKEY_new() ++ params, err := bld.build() + if err != nil { + return nil, err + } -+ if _, err := ossl.EVP_PKEY_assign(pkey, ossl.EVP_PKEY_EC, unsafe.Pointer(key)); err != nil { -+ ossl.EVP_PKEY_free(pkey) ++ defer ossl.OSSL_PARAM_free(params) ++ pkey, err := newEvpFromParams(ossl.EVP_PKEY_EC, selection, params) ++ if err != nil { + return nil, err + } ++ ++ if err := checkPkey(pkey, isPrivate); err != nil { ++ ossl.EVP_PKEY_free(pkey) ++ return nil, errors.New("crypto/ecdh: " + err.Error()) ++ } + return pkey, nil +} + -+// getECKey returns the EC_KEY from pkey. -+// If pkey does not contain an EC_KEY it panics. -+// The returned key should not be freed. -+func getECKey(pkey ossl.EVP_PKEY_PTR) ossl.EC_KEY_PTR { -+ key, err := ossl.EVP_PKEY_get0_EC_KEY(pkey) ++func pointMult(group ossl.EC_GROUP_PTR, priv ossl.BIGNUM_PTR) (ossl.EC_POINT_PTR, error) { ++ // OpenSSL does not expose any method to generate the public ++ // key from the private key [1], so we have to calculate it here. ++ // [1] https://github.com/openssl/openssl/issues/18437#issuecomment-1144717206 ++ pt, err := ossl.EC_POINT_new(group) + if err != nil { -+ panic(err) ++ return nil, err + } -+ return key ++ if _, err := ossl.EC_POINT_mul(group, pt, priv, nil, nil, nil); err != nil { ++ ossl.EC_POINT_free(pt) ++ return nil, err ++ } ++ return pt, nil +} + -+func newEvpFromParams(id int32, selection int32, params ossl.OSSL_PARAM_PTR) (ossl.EVP_PKEY_PTR, error) { -+ ctx, err := ossl.EVP_PKEY_CTX_new_id(id, nil) ++func ECDH(priv *PrivateKeyECDH, pub *PublicKeyECDH) ([]byte, error) { ++ defer runtime.KeepAlive(priv) ++ defer runtime.KeepAlive(pub) ++ ctx, err := ossl.EVP_PKEY_CTX_new(priv._pkey, nil) + if err != nil { + return nil, err + } + defer ossl.EVP_PKEY_CTX_free(ctx) -+ if _, err := ossl.EVP_PKEY_fromdata_init(ctx); err != nil { ++ if _, err := ossl.EVP_PKEY_derive_init(ctx); err != nil { + return nil, err + } -+ var pkey ossl.EVP_PKEY_PTR -+ if _, err := ossl.EVP_PKEY_fromdata(ctx, &pkey, selection, params); err != nil { -+ //versionguardcheck:ignore OpenSSL 3.0.0–3.0.2 leak EVP_PKEY on error: https://github.com/openssl/openssl/issues/17407. -+ if major() == 3 && minor() == 0 && patch() <= 2 { -+ ossl.EVP_PKEY_free(pkey) -+ } ++ if _, err := ossl.EVP_PKEY_derive_set_peer(ctx, pub._pkey); err != nil { + return nil, err + } -+ return pkey, nil ++ var keylen int ++ if _, err := ossl.EVP_PKEY_derive(ctx, nil, &keylen); err != nil { ++ return nil, err ++ } ++ out := make([]byte, keylen) ++ if _, err := ossl.EVP_PKEY_derive(ctx, base(out), &keylen); err != nil { ++ return nil, err ++ } ++ return out, nil +} + -+func checkPkey(pkey ossl.EVP_PKEY_PTR, isPrivate bool) error { -+ ctx, err := ossl.EVP_PKEY_CTX_new(pkey, nil) ++func GenerateKeyECDH(curve string) (*PrivateKeyECDH, []byte, error) { ++ pkey, err := generateEVPPKey(ossl.EVP_PKEY_EC, 0, curve) + if err != nil { -+ return err ++ return nil, nil, err + } -+ defer ossl.EVP_PKEY_CTX_free(ctx) -+ if isPrivate { -+ if _, err := ossl.EVP_PKEY_private_check(ctx); err != nil { -+ // Match upstream error message. -+ return errors.New("invalid private key") ++ var k *PrivateKeyECDH ++ defer func() { ++ if k == nil { ++ ossl.EVP_PKEY_free(pkey) + } -+ } else { -+ // Upstream Go does a partial check here, so do we. -+ if _, err := ossl.EVP_PKEY_public_check_quick(ctx); err != nil { -+ // Match upstream error message. -+ return errors.New("invalid public key") ++ }() ++ var priv ossl.BIGNUM_PTR ++ switch vMajor { ++ case 1: ++ key := getECKey(pkey) ++ priv = ossl.EC_KEY_get0_private_key(key) ++ if priv == nil { ++ return nil, nil, fail("missing ECDH private key") ++ } ++ case 3: ++ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PRIV_KEY.ptr(), &priv); err != nil { ++ return nil, nil, err + } ++ defer ossl.BN_clear_free(priv) ++ default: ++ panic(errUnsupportedVersion()) + } -+ return nil ++ // We should not leak bit length of the secret scalar in the key. ++ // For this reason, we use BN_bn2binpad instead of BN_bn2bin with fixed length. ++ // The fixed length is the order of the large prime subgroup of the curve, ++ // returned by EVP_PKEY_get_bits, which is generally the upper bound for ++ // generating a private ECDH key. ++ bits, err := ossl.EVP_PKEY_get_bits(pkey) ++ if err != nil { ++ return nil, nil, err ++ } ++ bytes := make([]byte, (bits+7)/8) ++ if err := bnToBinPad(priv, bytes); err != nil { ++ return nil, nil, err ++ } ++ k = &PrivateKeyECDH{pkey, curve} ++ runtime.SetFinalizer(k, (*PrivateKeyECDH).finalize) ++ return k, bytes, nil +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hash.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hash.go +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdsa.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdsa.go new file mode 100644 -index 00000000000000..020323eb7be25e +index 00000000000000..d256b7996b4f08 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hash.go -@@ -0,0 +1,521 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ecdsa.go +@@ -0,0 +1,226 @@ ++//go:build !cmd_go_bootstrap + +package openssl + ++import "C" +import ( + "crypto" + "errors" -+ "hash" + "runtime" -+ "strconv" -+ "sync" -+ "unsafe" + + "github.com/microsoft/go-crypto-openssl/internal/ossl" +) + -+const ( -+ magicMD5 = "md5\x01" -+ magic1 = "sha\x01" -+ magic224 = "sha\x02" -+ magic256 = "sha\x03" -+ magic384 = "sha\x04" -+ magic512_224 = "sha\x05" -+ magic512_256 = "sha\x06" -+ magic512 = "sha\x07" -+ -+ marshaledSizeMD5 = len(magicMD5) + 4*4 + 64 + 8 // from crypto/md5 -+ marshaledSize1 = len(magic1) + 5*4 + 64 + 8 // from crypto/sha1 -+ marshaledSize256 = len(magic256) + 8*4 + 64 + 8 // from crypto/sha256 -+ marshaledSize512 = len(magic512) + 8*8 + 128 + 8 // from crypto/sha512 -+) ++type PrivateKeyECDSA struct { ++ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. ++ _pkey ossl.EVP_PKEY_PTR ++} + -+// maxHashSize is the size of SHA52 and SHA3_512, the largest hashes we support. -+const maxHashSize = 64 ++func (k *PrivateKeyECDSA) finalize() { ++ ossl.EVP_PKEY_free(k._pkey) ++} + -+type HashCloner = hash.Cloner ++func (k *PrivateKeyECDSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { ++ defer runtime.KeepAlive(k) ++ return f(k._pkey) ++} + -+func hashOneShot(ch crypto.Hash, p []byte, sum []byte) bool { -+ _, err := ossl.EVP_Digest(p, sum, nil, loadHash(ch, true).md, nil) -+ return err == nil ++type PublicKeyECDSA struct { ++ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. ++ _pkey ossl.EVP_PKEY_PTR +} + -+func MD4(p []byte) (sum [16]byte) { -+ if !hashOneShot(crypto.MD4, p, sum[:]) { -+ panic("openssl: MD4 failed") -+ } -+ return ++func (k *PublicKeyECDSA) finalize() { ++ ossl.EVP_PKEY_free(k._pkey) +} + -+func MD5(p []byte) (sum [16]byte) { -+ if !hashOneShot(crypto.MD5, p, sum[:]) { -+ panic("openssl: MD5 failed") -+ } -+ return ++func (k *PublicKeyECDSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { ++ defer runtime.KeepAlive(k) ++ return f(k._pkey) +} + -+func SHA1(p []byte) (sum [20]byte) { -+ if !hashOneShot(crypto.SHA1, p, sum[:]) { -+ panic("openssl: SHA1 failed") ++var errUnknownCurve = errors.New("openssl: unknown elliptic curve") ++ ++func NewPublicKeyECDSA(curve string, x, y BigInt) (*PublicKeyECDSA, error) { ++ pkey, err := newECDSAKey(curve, x, y, nil) ++ if err != nil { ++ return nil, err + } -+ return ++ k := &PublicKeyECDSA{_pkey: pkey} ++ runtime.SetFinalizer(k, (*PublicKeyECDSA).finalize) ++ return k, nil +} + -+func SHA224(p []byte) (sum [28]byte) { -+ if !hashOneShot(crypto.SHA224, p, sum[:]) { -+ panic("openssl: SHA224 failed") ++func NewPrivateKeyECDSA(curve string, x, y, d BigInt) (*PrivateKeyECDSA, error) { ++ pkey, err := newECDSAKey(curve, x, y, d) ++ if err != nil { ++ return nil, err + } -+ return ++ k := &PrivateKeyECDSA{_pkey: pkey} ++ runtime.SetFinalizer(k, (*PrivateKeyECDSA).finalize) ++ return k, nil +} + -+func SHA256(p []byte) (sum [32]byte) { -+ if !hashOneShot(crypto.SHA256, p, sum[:]) { -+ panic("openssl: SHA256 failed") ++func GenerateKeyECDSA(curve string) (x, y, d BigInt, err error) { ++ // Generate the private key. ++ pkey, err := generateEVPPKey(ossl.EVP_PKEY_EC, 0, curve) ++ if err != nil { ++ return nil, nil, nil, err + } -+ return -+} ++ defer ossl.EVP_PKEY_free(pkey) + -+func SHA384(p []byte) (sum [48]byte) { -+ if !hashOneShot(crypto.SHA384, p, sum[:]) { -+ panic("openssl: SHA384 failed") ++ var bx, by, bd ossl.BIGNUM_PTR ++ defer func() { ++ ossl.BN_free(bx) ++ ossl.BN_free(by) ++ }() ++ switch vMajor { ++ case 1: ++ // Retrieve the internal EC_KEY, which holds the X, Y, and D coordinates. ++ key := getECKey(pkey) ++ group := ossl.EC_KEY_get0_group(key) ++ pt := ossl.EC_KEY_get0_public_key(key) ++ // Allocate two big numbers to store the X and Y coordinates. ++ bx, err = ossl.BN_new() ++ if err != nil { ++ return nil, nil, nil, err ++ } ++ by, err = ossl.BN_new() ++ if err != nil { ++ return nil, nil, nil, err ++ } ++ // Get X and Y. ++ if _, err := ossl.EC_POINT_get_affine_coordinates_GFp(group, pt, bx, by, nil); err != nil { ++ return nil, nil, nil, err ++ } ++ // Get Z. We don't need to free it, get0 does not increase the reference count. ++ bd = ossl.EC_KEY_get0_private_key(key) ++ case 3: ++ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_EC_PUB_X.ptr(), &bx); err != nil { ++ return nil, nil, nil, err ++ } ++ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_EC_PUB_Y.ptr(), &by); err != nil { ++ return nil, nil, nil, err ++ } ++ if _, err := ossl.EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PRIV_KEY.ptr(), &bd); err != nil { ++ return nil, nil, nil, err ++ } ++ defer ossl.BN_clear_free(bd) ++ default: ++ panic(errUnsupportedVersion()) + } -+ return ++ ++ // Get D. ++ return bnToBig(bx), bnToBig(by), bnToBig(bd), nil +} + -+func SHA512(p []byte) (sum [64]byte) { -+ if !hashOneShot(crypto.SHA512, p, sum[:]) { -+ panic("openssl: SHA512 failed") -+ } -+ return ++func SignMarshalECDSA(priv *PrivateKeyECDSA, hash []byte) ([]byte, error) { ++ return evpSign(priv.withKey, 0, 0, 0, hash) +} + -+func SHA512_224(p []byte) (sum [28]byte) { -+ if !hashOneShot(crypto.SHA512_224, p, sum[:]) { -+ panic("openssl: SHA512 failed") -+ } -+ return ++func HashSignECDSA(priv *PrivateKeyECDSA, h crypto.Hash, msg []byte) ([]byte, error) { ++ return evpHashSign(priv.withKey, h, msg) +} + -+func SHA512_256(p []byte) (sum [32]byte) { -+ if !hashOneShot(crypto.SHA512_256, p, sum[:]) { -+ panic("openssl: SHA512_256 failed") -+ } -+ return ++func VerifyECDSA(pub *PublicKeyECDSA, hash []byte, sig []byte) bool { ++ return evpVerify(pub.withKey, 0, 0, 0, sig, hash) == nil +} + -+// cacheHashSupported is a cache of crypto.Hash support. -+var cacheHashSupported sync.Map ++func HashVerifyECDSA(pub *PublicKeyECDSA, h crypto.Hash, msg, sig []byte) bool { ++ return evpHashVerify(pub.withKey, h, msg, sig) == nil ++} + -+// SupportsHash reports whether the current OpenSSL version supports the given hash. -+func SupportsHash(h crypto.Hash) bool { -+ if v, ok := cacheHashSupported.Load(h); ok { -+ return v.(bool) ++func newECDSAKey(curve string, x, y, d BigInt) (ossl.EVP_PKEY_PTR, error) { ++ nid := curveNID(curve) ++ bx, err := bigToBN(x) ++ if err != nil { ++ return nil, err + } -+ alg := loadHash(h, false) -+ if alg == nil { -+ cacheHashSupported.Store(h, false) -+ return false ++ defer ossl.BN_free(bx) ++ by, err := bigToBN(y) ++ if err != nil { ++ return nil, err + } -+ // EVP_MD objects can be non-nil even when they can't be used -+ // in a EVP_MD_CTX, e.g. MD5 in FIPS mode. We need to prove -+ // if they can be used by passing them to a EVP_MD_CTX. -+ var supported bool -+ if ctx, _ := ossl.EVP_MD_CTX_new(); ctx != nil { -+ _, err := ossl.EVP_DigestInit_ex(ctx, alg.md, nil) -+ supported = err == nil -+ ossl.EVP_MD_CTX_free(ctx) ++ defer ossl.BN_free(by) ++ var bd ossl.BIGNUM_PTR ++ if d != nil { ++ bd, err = bigToBN(d) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.BN_clear_free(bd) + } -+ cacheHashSupported.Store(h, supported) -+ return supported -+} -+ -+func SumSHA3_224(p []byte) (sum [28]byte) { -+ if !hashOneShot(crypto.SHA3_224, p, sum[:]) { -+ panic("openssl: SHA3_224 failed") ++ switch vMajor { ++ case 1: ++ return newECDSAKey1(nid, bx, by, bd) ++ case 3: ++ return newECDSAKey3(nid, bx, by, bd) ++ default: ++ panic(errUnsupportedVersion()) + } -+ return +} + -+func SumSHA3_256(p []byte) (sum [32]byte) { -+ if !hashOneShot(crypto.SHA3_256, p, sum[:]) { -+ panic("openssl: SHA3_256 failed") -+ } -+ return -+} ++func newECDSAKey1(nid int32, bx, by, bd ossl.BIGNUM_PTR) (pkey ossl.EVP_PKEY_PTR, err error) { ++ checkMajorVersion(1) + -+func SumSHA3_384(p []byte) (sum [48]byte) { -+ if !hashOneShot(crypto.SHA3_384, p, sum[:]) { -+ panic("openssl: SHA3_384 failed") ++ key, err := ossl.EC_KEY_new_by_curve_name(nid) ++ if err != nil { ++ return nil, err + } -+ return -+} -+ -+func SumSHA3_512(p []byte) (sum [64]byte) { -+ if !hashOneShot(crypto.SHA3_512, p, sum[:]) { -+ panic("openssl: SHA3_512 failed") ++ defer func() { ++ if pkey == nil { ++ defer ossl.EC_KEY_free(key) ++ } ++ }() ++ if _, err := ossl.EC_KEY_set_public_key_affine_coordinates(key, bx, by); err != nil { ++ return nil, err ++ } ++ if bd != nil { ++ if _, err := ossl.EC_KEY_set_private_key(key, bd); err != nil { ++ return nil, err ++ } + } -+ return -+} -+ -+// NewMD4 returns a new MD4 hash. -+// The returned hash doesn't implement encoding.BinaryMarshaler and -+// encoding.BinaryUnmarshaler. -+func NewMD4() hash.Hash { -+ return newHash(crypto.MD4) -+} + -+// NewMD5 returns a new MD5 hash. -+func NewMD5() hash.Hash { -+ return newHash(crypto.MD5) ++ return newEVPPKEY(key) +} + -+// NewSHA1 returns a new SHA1 hash. -+func NewSHA1() hash.Hash { -+ return newHash(crypto.SHA1) -+} ++func newECDSAKey3(nid int32, bx, by, bd ossl.BIGNUM_PTR) (ossl.EVP_PKEY_PTR, error) { ++ checkMajorVersion(3) + -+// NewSHA224 returns a new SHA224 hash. -+func NewSHA224() hash.Hash { -+ return newHash(crypto.SHA224) ++ // Create the encoded public key public key from bx and by. ++ pubBytes, err := generateAndEncodeEcPublicKey(nid, func(group ossl.EC_GROUP_PTR) (ossl.EC_POINT_PTR, error) { ++ pt, err := ossl.EC_POINT_new(group) ++ if err != nil { ++ return nil, err ++ } ++ if _, err := ossl.EC_POINT_set_affine_coordinates(group, pt, bx, by, nil); err != nil { ++ ossl.EC_POINT_free(pt) ++ return nil, err ++ } ++ return pt, nil ++ }) ++ if err != nil { ++ return nil, err ++ } ++ // Construct the parameters. ++ bld, err := newParamBuilder() ++ if err != nil { ++ return nil, err ++ } ++ defer bld.finalize() ++ bld.addUTF8String(_OSSL_PKEY_PARAM_GROUP_NAME, ossl.OBJ_nid2sn(nid), 0) ++ bld.addOctetString(_OSSL_PKEY_PARAM_PUB_KEY, pubBytes) ++ var selection int32 ++ if bd != nil { ++ bld.addBN(_OSSL_PKEY_PARAM_PRIV_KEY, bd) ++ selection = ossl.EVP_PKEY_KEYPAIR ++ } else { ++ selection = ossl.EVP_PKEY_PUBLIC_KEY ++ } ++ params, err := bld.build() ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.OSSL_PARAM_free(params) ++ return newEvpFromParams(ossl.EVP_PKEY_EC, selection, params) +} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ed25519.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ed25519.go +new file mode 100644 +index 00000000000000..d4e8b90acb07cb +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/ed25519.go +@@ -0,0 +1,229 @@ ++//go:build !cmd_go_bootstrap + -+// NewSHA256 returns a new SHA256 hash. -+func NewSHA256() hash.Hash { -+ return newHash(crypto.SHA256) -+} ++package openssl + -+// NewSHA384 returns a new SHA384 hash. -+func NewSHA384() hash.Hash { -+ return newHash(crypto.SHA384) -+} ++import "C" ++import ( ++ "errors" ++ "runtime" ++ "strconv" ++ "sync" + -+// NewSHA512 returns a new SHA512 hash. -+func NewSHA512() hash.Hash { -+ return newHash(crypto.SHA512) -+} ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) + -+// NewSHA512_224 returns a new SHA512_224 hash. -+func NewSHA512_224() hash.Hash { -+ return newHash(crypto.SHA512_224) -+} ++const ( ++ // publicKeySizeEd25519 is the size, in bytes, of public keys as used in crypto/ed25519. ++ publicKeySizeEd25519 = 32 ++ // privateKeySizeEd25519 is the size, in bytes, of private keys as used in crypto/ed25519. ++ privateKeySizeEd25519 = 64 ++ // signatureSizeEd25519 is the size, in bytes, of signatures generated and verified by crypto/ed25519. ++ signatureSizeEd25519 = 64 ++ // seedSizeEd25519 is the size, in bytes, of private key seeds. These are the private key representations used by RFC 8032. ++ seedSizeEd25519 = 32 ++) + -+// NewSHA512_256 returns a new SHA512_256 hash. -+func NewSHA512_256() hash.Hash { -+ return newHash(crypto.SHA512_256) -+} ++// TODO: Add support for Ed25519ph and Ed25519ctx when OpenSSL supports them, ++// which will probably be in 3.2.0 (https://github.com/openssl/openssl/issues/20418). + -+// NewSHA3_224 returns a new SHA3-224 hash. -+func NewSHA3_224() *Hash { -+ return newHash(crypto.SHA3_224) -+} ++var supportsEd25519 = sync.OnceValue(func() bool { ++ switch vMajor { ++ case 1: ++ if versionAtOrAbove(1, 1, 1) { ++ ctx, _ := ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_ED25519, nil) ++ if ctx != nil { ++ ossl.EVP_PKEY_CTX_free(ctx) ++ return true ++ } ++ } ++ case 3: ++ sig, _ := ossl.EVP_SIGNATURE_fetch(nil, _KeyTypeED25519.ptr(), nil) ++ if sig != nil { ++ ossl.EVP_SIGNATURE_free(sig) ++ return true ++ } ++ } ++ return false ++}) + -+// NewSHA3_256 creates a new SHA3-256 hash. -+func NewSHA3_256() *Hash { -+ return newHash(crypto.SHA3_256) ++// SupportsEd25519 returns true if the current OpenSSL version supports ++// GenerateKeyEd25519, NewKeyFromSeedEd25519, SignEd25519 and VerifyEd25519. ++func SupportsEd25519() bool { ++ return supportsEd25519() +} + -+// NewSHA3_384 creates a new SHA3-384 hash. -+func NewSHA3_384() *Hash { -+ return newHash(crypto.SHA3_384) ++type PublicKeyEd25519 struct { ++ _pkey ossl.EVP_PKEY_PTR +} + -+// NewSHA3_512 creates a new SHA3-512 hash. -+func NewSHA3_512() *Hash { -+ return newHash(crypto.SHA3_512) ++func (k *PublicKeyEd25519) finalize() { ++ ossl.EVP_PKEY_free(k._pkey) +} + -+var _ hash.Hash = (*Hash)(nil) -+var _ HashCloner = (*Hash)(nil) -+ -+// FIPSApprovedHash reports whether this hash algorithm is FIPS 140-3 approved. -+func FIPSApprovedHash(h hash.Hash) bool { -+ xh, ok := h.(*Hash) -+ if !ok { -+ return false -+ } -+ switch xh.alg.ch { -+ case crypto.SHA224, crypto.SHA256, crypto.SHA384, crypto.SHA512, -+ crypto.SHA512_224, crypto.SHA512_256, -+ crypto.SHA3_224, crypto.SHA3_256, crypto.SHA3_384, crypto.SHA3_512: -+ return true -+ default: -+ return false ++func (k *PublicKeyEd25519) Bytes() ([]byte, error) { ++ defer runtime.KeepAlive(k) ++ pub := make([]byte, publicKeySizeEd25519) ++ if err := extractPKEYPubEd25519(k._pkey, pub); err != nil { ++ return nil, err + } ++ return pub, nil +} + -+// hashBufSize is the size of the buffer used for hashing. -+// 256 bytes is a reasonable compromise for general purpose use, -+// and the resulting evpHash size is still similar to the -+// upstream sha512 hash object. -+const hashBufSize = 256 -+ -+// Hash implements generic hash methods. -+type Hash struct { -+ alg *hashAlgorithm -+ ctx ossl.EVP_MD_CTX_PTR -+ // ctx2 is used in Hash.Sum to avoid changing -+ // the state of ctx. Having it here allows reusing the -+ // same allocated object multiple times. -+ ctx2 ossl.EVP_MD_CTX_PTR -+ -+ // buf is a buffer for data not yet written to ctx. -+ // It is used to reduce calls into OpenSSL for small writes. -+ // The buffer size is a trade-off between memory usage and -+ // number of calls into OpenSSL. -+ buf [hashBufSize]byte -+ nbuf int ++type PrivateKeyEd25519 struct { ++ _pkey ossl.EVP_PKEY_PTR +} + -+func newHash(ch crypto.Hash) *Hash { -+ // Don't call init() yet, it would be wasteful -+ // if the caller only wants to know the hash type. This -+ // is a common pattern in this package, as some functions -+ // accept a `func() hash.Hash` parameter and call it just -+ // to know the hash type. -+ return &Hash{alg: loadHash(ch, true)} ++func (k *PrivateKeyEd25519) finalize() { ++ ossl.EVP_PKEY_free(k._pkey) +} + -+func (h *Hash) finalize() { -+ if h.ctx != nil { -+ ossl.EVP_MD_CTX_free(h.ctx) -+ } -+ if h.ctx2 != nil { -+ ossl.EVP_MD_CTX_free(h.ctx2) ++func (k *PrivateKeyEd25519) Bytes() ([]byte, error) { ++ defer runtime.KeepAlive(k) ++ priv := make([]byte, privateKeySizeEd25519) ++ if err := extractPKEYPrivEd25519(k._pkey, priv); err != nil { ++ return nil, err + } ++ return priv, nil +} + -+func (h *Hash) init() { -+ if h.ctx != nil { -+ return -+ } -+ var err error -+ h.ctx, err = ossl.EVP_MD_CTX_new() -+ if err != nil { -+ panic(err) -+ } -+ if _, err := ossl.EVP_DigestInit_ex(h.ctx, h.alg.md, nil); err != nil { -+ ossl.EVP_MD_CTX_free(h.ctx) -+ panic(err) ++func (k *PrivateKeyEd25519) Public() (*PublicKeyEd25519, error) { ++ pub := make([]byte, publicKeySizeEd25519) ++ if err := extractPKEYPubEd25519(k._pkey, pub); err != nil { ++ return nil, err + } -+ h.ctx2, err = ossl.EVP_MD_CTX_new() ++ pubk, err := NewPublicKeyEd25519(pub) + if err != nil { -+ ossl.EVP_MD_CTX_free(h.ctx) -+ panic(err) ++ return nil, err + } -+ runtime.SetFinalizer(h, (*Hash).finalize) ++ return pubk, nil +} + -+func (h *Hash) write(p []byte) int { -+ if len(p) == 0 { -+ return 0 -+ } -+ if h.nbuf > 0 && h.nbuf+len(p) > len(h.buf) { -+ // We have buffered data and adding p would exceed the buffer, -+ // flush the buffer first. -+ h.flush() -+ } -+ if len(p) > len(h.buf) { -+ // p is larger than the buffer, write it directly. -+ h.init() -+ if _, err := ossl.EVP_DigestUpdate(h.ctx, p); err != nil { -+ panic(err) -+ } -+ } else { -+ // Otherwise, buffer it. -+ h.nbuf += copy(h.buf[h.nbuf:], p) ++// GenerateKeyEd25519 generates a private key. ++func GenerateKeyEd25519() (*PrivateKeyEd25519, error) { ++ pkeyPriv, err := generateEVPPKey(ossl.EVP_PKEY_ED25519, 0, "") ++ if err != nil { ++ return nil, err + } -+ runtime.KeepAlive(h) -+ return len(p) ++ priv := &PrivateKeyEd25519{_pkey: pkeyPriv} ++ runtime.SetFinalizer(priv, (*PrivateKeyEd25519).finalize) ++ return priv, nil +} + -+func (h *Hash) flush() { -+ h.init() -+ if h.nbuf > 0 { -+ if _, err := ossl.EVP_DigestUpdate(h.ctx, h.buf[:h.nbuf]); err != nil { -+ panic(err) -+ } -+ h.nbuf = 0 -+ } ++// Deprecated: use NewPrivateKeyEd25519 instead. ++func NewPrivateKeyEd25119(priv []byte) (*PrivateKeyEd25519, error) { ++ return NewPrivateKeyEd25519(priv) +} + -+func (h *Hash) Reset() { -+ h.nbuf = 0 -+ if h.ctx == nil { -+ // The hash is not initialized yet, no need to reset ctx. -+ return -+ } -+ // There is no need to reset h.ctx2 because it is always reset in evpHash.Sum. -+ if _, err := ossl.EVP_DigestInit_ex(h.ctx, nil, nil); err != nil { -+ panic(err) ++func NewPrivateKeyEd25519(priv []byte) (*PrivateKeyEd25519, error) { ++ if len(priv) != privateKeySizeEd25519 { ++ panic("ed25519: bad private key length: " + strconv.Itoa(len(priv))) + } -+ runtime.KeepAlive(h) -+} -+ -+func (h *Hash) Write(p []byte) (int, error) { -+ return h.write(p), nil -+} -+ -+func (h *Hash) WriteString(s string) (int, error) { -+ return h.write(unsafe.Slice(unsafe.StringData(s), len(s))), nil -+} -+ -+func (h *Hash) WriteByte(c byte) error { -+ h.write(unsafe.Slice(&c, 1)) -+ return nil -+} -+ -+func (h *Hash) Size() int { -+ return h.alg.size ++ return NewPrivateKeyEd25519FromSeed(priv[:seedSizeEd25519]) +} + -+func (h *Hash) BlockSize() int { -+ return h.alg.blockSize ++// Deprecated: use NewPublicKeyEd25519 instead. ++func NewPublicKeyEd25119(pub []byte) (*PublicKeyEd25519, error) { ++ return NewPublicKeyEd25519(pub) +} + -+func (h *Hash) Sum(in []byte) []byte { -+ out := append(in, make([]byte, h.Size(), maxHashSize)...) -+ if h.ctx == nil { -+ // Fast path: if ctx hasn't been initialized, all data is in the buffer -+ // and we can use the one-shot EVP_Digest function. -+ if _, err := ossl.EVP_Digest(h.buf[:h.nbuf], out[len(in):], nil, h.alg.md, nil); err != nil { -+ panic(err) -+ } -+ return out -+ } -+ // Slow path: copy h.ctx into h.ctx2 and call EVP_DigestFinal_ex using h.ctx2. -+ // This is necessary because Go hash.Hash mandates that Sum has no effect -+ // on the underlying stream. In particular it is OK to Sum, then Write more, -+ // then Sum again, and the second Sum acts as if the first didn't happen. -+ if _, err := ossl.EVP_MD_CTX_copy_ex(h.ctx2, h.ctx); err != nil { -+ panic(err) -+ } -+ if h.nbuf > 0 { -+ // If we have buffered data, update ctx2 with it -+ if _, err := ossl.EVP_DigestUpdate(h.ctx2, h.buf[:h.nbuf]); err != nil { -+ panic(err) -+ } ++func NewPublicKeyEd25519(pub []byte) (*PublicKeyEd25519, error) { ++ if len(pub) != publicKeySizeEd25519 { ++ panic("ed25519: bad public key length: " + strconv.Itoa(len(pub))) + } -+ if _, err := ossl.EVP_DigestFinal_ex(h.ctx2, out[len(in):], nil); err != nil { -+ panic(err) ++ pkey, err := ossl.EVP_PKEY_new_raw_public_key(ossl.EVP_PKEY_ED25519, nil, base(pub), len(pub)) ++ if err != nil { ++ return nil, err + } -+ runtime.KeepAlive(h) -+ return out ++ pubk := &PublicKeyEd25519{_pkey: pkey} ++ runtime.SetFinalizer(pubk, (*PublicKeyEd25519).finalize) ++ return pubk, nil +} + -+// Clone returns a new Hash object that is a deep clone of itself. -+// The duplicate object contains all state and data contained in the -+// original object at the point of duplication. -+func (h *Hash) Clone() (HashCloner, error) { -+ h2 := &Hash{alg: h.alg, nbuf: h.nbuf} -+ copy(h2.buf[:h.nbuf], h.buf[:h.nbuf]) -+ if h.ctx != nil { -+ var err error -+ h2.ctx, err = ossl.EVP_MD_CTX_new() -+ if err != nil { -+ panic(err) -+ } -+ if _, err := ossl.EVP_MD_CTX_copy_ex(h2.ctx, h.ctx); err != nil { -+ ossl.EVP_MD_CTX_free(h2.ctx) -+ panic(err) -+ } -+ h2.ctx2, err = ossl.EVP_MD_CTX_new() -+ if err != nil { -+ ossl.EVP_MD_CTX_free(h2.ctx) -+ panic(err) -+ } -+ runtime.SetFinalizer(h2, (*Hash).finalize) ++// NewPrivateKeyEd25519FromSeed calculates a private key from a seed. It will panic if ++// len(seed) is not [SeedSize]. RFC 8032's private keys correspond to seeds in this ++// package. ++func NewPrivateKeyEd25519FromSeed(seed []byte) (*PrivateKeyEd25519, error) { ++ if len(seed) != seedSizeEd25519 { ++ panic("ed25519: bad seed length: " + strconv.Itoa(len(seed))) + } -+ runtime.KeepAlive(h) -+ return h2, nil -+} -+ -+type errMarshallUnsupported struct{} -+ -+func (e errMarshallUnsupported) Error() string { -+ return "cryptokit: hash state is not marshallable" -+} -+ -+func (e errMarshallUnsupported) Unwrap() error { -+ return errors.ErrUnsupported -+} -+ -+func (d *Hash) MarshalBinary() ([]byte, error) { -+ if d.alg == nil || !d.alg.marshallable { -+ return nil, errMarshallUnsupported{} ++ pkey, err := ossl.EVP_PKEY_new_raw_private_key(ossl.EVP_PKEY_ED25519, nil, base(seed), len(seed)) ++ if err != nil { ++ return nil, err + } -+ buf := make([]byte, 0, d.alg.marshalledSize) -+ return d.AppendBinary(buf) ++ priv := &PrivateKeyEd25519{_pkey: pkey} ++ runtime.SetFinalizer(priv, (*PrivateKeyEd25519).finalize) ++ return priv, nil +} + -+func (d *Hash) AppendBinary(buf []byte) ([]byte, error) { -+ defer runtime.KeepAlive(d) -+ if d.alg == nil || !d.alg.marshallable { -+ return nil, errMarshallUnsupported{} ++func extractPKEYPubEd25519(pkey ossl.EVP_PKEY_PTR, pub []byte) error { ++ keylen := publicKeySizeEd25519 ++ if _, err := ossl.EVP_PKEY_get_raw_public_key(pkey, base(pub), &keylen); err != nil { ++ return err + } -+ d.flush() -+ switch d.alg.provider { -+ case providerOSSLDefault, providerOSSLFIPS: -+ return osslHashAppendBinary(d.ctx, d.alg.ch, d.alg.magic, buf) -+ case providerSymCrypt: -+ return symCryptHashAppendBinary(d.ctx, d.alg.ch, d.alg.magic, buf) -+ default: -+ panic("openssl: unknown hash provider" + strconv.Itoa(int(d.alg.provider))) ++ if keylen != publicKeySizeEd25519 { ++ return errors.New("ed25519: bad public key length: " + strconv.Itoa(keylen)) + } ++ return nil +} + -+func (d *Hash) UnmarshalBinary(b []byte) error { -+ defer runtime.KeepAlive(d) -+ d.flush() -+ if d.alg == nil || !d.alg.marshallable { -+ return errMarshallUnsupported{} -+ } -+ if len(b) < len(d.alg.magic) || string(b[:len(d.alg.magic)]) != d.alg.magic { -+ return errors.New("openssl: invalid hash state identifier") ++func extractPKEYPrivEd25519(pkey ossl.EVP_PKEY_PTR, priv []byte) error { ++ if err := extractPKEYPubEd25519(pkey, priv[seedSizeEd25519:]); err != nil { ++ return err + } -+ if len(b) != d.alg.marshalledSize { -+ return errors.New("openssl: invalid hash state size") ++ keylen := seedSizeEd25519 ++ if _, err := ossl.EVP_PKEY_get_raw_private_key(pkey, base(priv), &keylen); err != nil { ++ return err + } -+ switch d.alg.provider { -+ case providerOSSLDefault, providerOSSLFIPS: -+ return osslHashUnmarshalBinary(d.ctx, d.alg.ch, d.alg.magic, b) -+ case providerSymCrypt: -+ return symCryptHashUnmarshalBinary(d.ctx, d.alg.ch, d.alg.magic, b) -+ default: -+ panic("openssl: unknown hash provider" + strconv.Itoa(int(d.alg.provider))) ++ if keylen != seedSizeEd25519 { ++ return errors.New("ed25519: bad private key length: " + strconv.Itoa(keylen)) + } ++ return nil +} + -+// appendUint64 appends x into b as a big endian byte sequence. -+func appendUint64(b []byte, x uint64) []byte { -+ return append(b, -+ byte(x>>56), -+ byte(x>>48), -+ byte(x>>40), -+ byte(x>>32), -+ byte(x>>24), -+ byte(x>>16), -+ byte(x>>8), -+ byte(x), -+ ) -+} -+ -+// appendUint32 appends x into b as a big endian byte sequence. -+func appendUint32(b []byte, x uint32) []byte { -+ return append(b, byte(x>>24), byte(x>>16), byte(x>>8), byte(x)) ++// SignEd25519 signs the message with priv and returns a signature. ++func SignEd25519(priv *PrivateKeyEd25519, message []byte) (sig []byte, err error) { ++ // Outline the function body so that the returned key can be stack-allocated. ++ sig = make([]byte, signatureSizeEd25519) ++ err = signEd25519(priv, sig, message) ++ if err != nil { ++ return nil, err ++ } ++ return sig, err +} + -+// consumeUint64 reads a big endian uint64 number from b. -+func consumeUint64(b []byte) ([]byte, uint64) { -+ _ = b[7] -+ x := uint64(b[7]) | uint64(b[6])<<8 | uint64(b[5])<<16 | uint64(b[4])<<24 | -+ uint64(b[3])<<32 | uint64(b[2])<<40 | uint64(b[1])<<48 | uint64(b[0])<<56 -+ return b[8:], x ++func signEd25519(priv *PrivateKeyEd25519, sig, message []byte) error { ++ defer runtime.KeepAlive(priv) ++ ctx, err := ossl.EVP_MD_CTX_new() ++ if err != nil { ++ return err ++ } ++ defer ossl.EVP_MD_CTX_free(ctx) ++ if _, err := ossl.EVP_DigestSignInit(ctx, nil, nil, nil, priv._pkey); err != nil { ++ return err ++ } ++ siglen := signatureSizeEd25519 ++ if _, err := ossl.EVP_DigestSign(ctx, base(sig), &siglen, base(message), len(message)); err != nil { ++ return err ++ } ++ if siglen != signatureSizeEd25519 { ++ return errors.New("ed25519: bad signature length: " + strconv.Itoa(siglen)) ++ } ++ return nil +} + -+// consumeUint32 reads a big endian uint32 number from b. -+func consumeUint32(b []byte) ([]byte, uint32) { -+ _ = b[3] -+ x := uint32(b[3]) | uint32(b[2])<<8 | uint32(b[1])<<16 | uint32(b[0])<<24 -+ return b[4:], x ++// VerifyEd25519 reports whether sig is a valid signature of message by pub. ++func VerifyEd25519(pub *PublicKeyEd25519, message, sig []byte) error { ++ defer runtime.KeepAlive(pub) ++ ctx, err := ossl.EVP_MD_CTX_new() ++ if err != nil { ++ return err ++ } ++ defer ossl.EVP_MD_CTX_free(ctx) ++ if _, err := ossl.EVP_DigestVerifyInit(ctx, nil, nil, nil, pub._pkey); err != nil { ++ return err ++ } ++ if _, err := ossl.EVP_DigestVerify(ctx, base(sig), len(sig), base(message), len(message)); err != nil { ++ return errors.New("ed25519: invalid signature") ++ } ++ return nil +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hkdf.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hkdf.go +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/evp.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/evp.go new file mode 100644 -index 00000000000000..75207faf1aa043 +index 00000000000000..f87534cd4510b7 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hkdf.go -@@ -0,0 +1,330 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/evp.go +@@ -0,0 +1,590 @@ ++//go:build !cmd_go_bootstrap + +package openssl + ++import "C" +import ( ++ "crypto" ++ "errors" + "hash" ++ "strconv" + "sync" + "unsafe" + + "github.com/microsoft/go-crypto-openssl/internal/ossl" +) + -+// SupprtHKDF reports whether the current OpenSSL version supports HKDF. -+func SupportsHKDF() bool { -+ switch major() { -+ case 1: -+ return true -+ case 3, 4: -+ _, err := fetchHKDF3() -+ return err == nil -+ default: -+ panic(errUnsupportedVersion()) -+ } ++// cacheMD is a cache of crypto.Hash to GOossl.EVP_MD_PTR. ++var cacheMD sync.Map ++ ++// hashFuncHash calls fn() and returns its result. ++// If fn() panics, the panic is recovered and returned as an error. ++// This is used to avoid aborting the program when calling ++// an unsupported hash function. It is the caller's responsibility ++// to check the returned value. ++func hashFuncHash(fn func() hash.Hash) (h hash.Hash, err error) { ++ defer func() { ++ r := recover() ++ if r == nil { ++ return ++ } ++ h = nil ++ switch e := r.(type) { ++ case error: ++ err = e ++ case string: ++ err = errors.New(e) ++ default: ++ err = errors.New("unsupported panic") ++ } ++ }() ++ return fn(), nil +} + -+// SupprtsTLS13KDF reports whether the current OpenSSL version supports TLS13-KDF. -+func SupportsTLS13KDF() bool { -+ switch major() { -+ case 1: -+ return false -+ case 3, 4: -+ // TLS13-KDF is available in OpenSSL 3.0.0 and later. -+ _, err := fetchTLS13_KDF() -+ return err == nil -+ default: -+ panic(errUnsupportedVersion()) ++// hashToMD converts a hash.Hash implementation from this package to a GOossl.EVP_MD_PTR. ++func hashToMD(h hash.Hash) ossl.EVP_MD_PTR { ++ if h, ok := h.(*evpHash); ok { ++ return h.alg.md + } ++ return nil +} + -+func newHKDFCtx1(md ossl.EVP_MD_PTR, mode int32, secret, salt, pseudorandomKey, info []byte) (ctx ossl.EVP_PKEY_CTX_PTR, err error) { -+ checkMajorVersion(1) -+ -+ ctx, err = ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_HKDF, nil) ++// hashFuncToMD converts a hash.Hash function to a GOossl.EVP_MD_PTR. ++// See [hashFuncHash] for details on error handling. ++func hashFuncToMD(fn func() hash.Hash) (ossl.EVP_MD_PTR, error) { ++ h, err := hashFuncHash(fn) + if err != nil { + return nil, err + } -+ defer func() { -+ if err != nil { -+ ossl.EVP_PKEY_CTX_free(ctx) -+ } -+ }() -+ -+ if _, err := ossl.EVP_PKEY_derive_init(ctx); err != nil { -+ return ctx, err ++ md := hashToMD(h) ++ if md == nil { ++ return nil, errors.New("unsupported hash function") + } ++ return md, nil ++} + -+ ctrlSlice := func(ctrl int32, data []byte) bool { -+ if err != nil { -+ return false -+ } -+ if len(data) == 0 { -+ return true // No data to set. -+ } -+ _, err = ossl.EVP_PKEY_CTX_ctrl(ctx, -1, ossl.EVP_PKEY_OP_DERIVE, ctrl, int32(len(data)), unsafe.Pointer(base(data))) -+ return err == nil -+ } ++// provider is an identifier for a known provider. ++type provider uint8 + -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, ossl.EVP_PKEY_OP_DERIVE, ossl.EVP_PKEY_CTRL_HKDF_MODE, mode, nil); err != nil { -+ return ctx, err -+ } -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, ossl.EVP_PKEY_OP_DERIVE, ossl.EVP_PKEY_CTRL_HKDF_MD, 0, unsafe.Pointer(md)); err != nil { -+ return ctx, err -+ } -+ if ctrlSlice(ossl.EVP_PKEY_CTRL_HKDF_KEY, secret) && -+ ctrlSlice(ossl.EVP_PKEY_CTRL_HKDF_SALT, salt) && -+ ctrlSlice(ossl.EVP_PKEY_CTRL_HKDF_KEY, pseudorandomKey) && -+ ctrlSlice(ossl.EVP_PKEY_CTRL_HKDF_INFO, info) { -+ return ctx, err -+ } -+ return ctx, nil -+} ++const ( ++ providerNone provider = iota ++ providerOSSLDefault ++ providerOSSLFIPS ++ providerSymCrypt ++) + -+// hkdfAllZerosSalt is a preallocated buffer of zeros used in ExtractHKDF(). -+// The size should be kept as large as the output length of any hash algorithm -+// used with HKDF. -+var hkdfAllZerosSalt [64]byte ++type hashAlgorithm struct { ++ md ossl.EVP_MD_PTR ++ ch crypto.Hash ++ size int ++ blockSize int ++ provider provider ++ marshallable bool ++ magic string ++ marshalledSize int ++} + -+// ExtractHDKF implements the HDKF extract step. -+// If salt is nil, then this function replaces it internally with a buffer of -+// zeros whose length equals the output length of the specified hash algorithm. -+func ExtractHKDF(h func() hash.Hash, secret, salt []byte) ([]byte, error) { -+ if !SupportsHKDF() { -+ return nil, errUnsupportedVersion() ++// loadHash converts a crypto.Hash to a EVP_MD. ++func loadHash(ch crypto.Hash) *hashAlgorithm { ++ if v, ok := cacheMD.Load(ch); ok { ++ return v.(*hashAlgorithm) + } + -+ md, err := hashFuncToMD(h) -+ if err != nil { -+ return nil, err ++ var hash hashAlgorithm ++ switch ch { ++ case crypto.RIPEMD160: ++ hash.md = ossl.EVP_ripemd160() ++ case crypto.MD4: ++ hash.md = ossl.EVP_md4() ++ case crypto.MD5: ++ hash.md = ossl.EVP_md5() ++ hash.magic = magicMD5 ++ hash.marshalledSize = marshaledSizeMD5 ++ case crypto.MD5SHA1: ++ hash.md = ossl.EVP_md5_sha1() ++ case crypto.SHA1: ++ hash.md = ossl.EVP_sha1() ++ hash.magic = magic1 ++ hash.marshalledSize = marshaledSize1 ++ case crypto.SHA224: ++ hash.md = ossl.EVP_sha224() ++ hash.magic = magic224 ++ hash.marshalledSize = marshaledSize256 ++ case crypto.SHA256: ++ hash.md = ossl.EVP_sha256() ++ hash.magic = magic256 ++ hash.marshalledSize = marshaledSize256 ++ case crypto.SHA384: ++ hash.md = ossl.EVP_sha384() ++ hash.magic = magic384 ++ hash.marshalledSize = marshaledSize512 ++ case crypto.SHA512: ++ hash.md = ossl.EVP_sha512() ++ hash.magic = magic512 ++ hash.marshalledSize = marshaledSize512 ++ case crypto.SHA512_224: ++ if versionAtOrAbove(1, 1, 1) { ++ hash.md = ossl.EVP_sha512_224() ++ hash.magic = magic512_224 ++ hash.marshalledSize = marshaledSize512 ++ } ++ case crypto.SHA512_256: ++ if versionAtOrAbove(1, 1, 1) { ++ hash.md = ossl.EVP_sha512_256() ++ hash.magic = magic512_256 ++ hash.marshalledSize = marshaledSize512 ++ } ++ case crypto.SHA3_224: ++ if versionAtOrAbove(1, 1, 1) { ++ hash.md = ossl.EVP_sha3_224() ++ } ++ case crypto.SHA3_256: ++ if versionAtOrAbove(1, 1, 1) { ++ hash.md = ossl.EVP_sha3_256() ++ } ++ case crypto.SHA3_384: ++ if versionAtOrAbove(1, 1, 1) { ++ hash.md = ossl.EVP_sha3_384() ++ } ++ case crypto.SHA3_512: ++ if versionAtOrAbove(1, 1, 1) { ++ hash.md = ossl.EVP_sha3_512() ++ } + } -+ -+ // If calling code specifies nil salt, replace it with a buffer of hashLen -+ // zeros, as specified in RFC 5896 and as OpenSSL EVP_KDF-HKDF documentation -+ // instructs. Take a slice of a preallocated buffer to avoid allocating new -+ // buffer per call, but fall back to allocating a buffer if preallocated -+ // buffer is not large enough. -+ if salt == nil { -+ hlen := h().Size() -+ if hlen > len(hkdfAllZerosSalt) { -+ salt = make([]byte, hlen) -+ } else { -+ salt = hkdfAllZerosSalt[:hlen] ++ if hash.md == nil { ++ cacheMD.Store(ch, (*hashAlgorithm)(nil)) ++ return nil ++ } ++ hash.ch = ch ++ hash.size = int(ossl.EVP_MD_get_size(hash.md)) ++ hash.blockSize = int(ossl.EVP_MD_get_block_size(hash.md)) ++ if vMajor == 3 { ++ // On OpenSSL 3, directly operating on a EVP_MD object ++ // not created by EVP_MD_fetch has negative performance ++ // implications, as digest operations will have ++ // to fetch it on every call. Better to just fetch it once here. ++ md, _ := ossl.EVP_MD_fetch(nil, ossl.EVP_MD_get0_name(hash.md), nil) ++ // Don't overwrite md in case it can't be fetched, as the md may still be used ++ // outside of EVP_MD_CTX, for example to sign and verify RSA signatures. ++ if md != nil { ++ hash.md = md ++ } ++ } ++ if hash.magic != "" { ++ if hash.marshalledSize == 0 { ++ panic("marshalledSize must be set for " + hash.magic) + } + } + -+ switch major() { ++ switch vMajor { + case 1: -+ ctx, err := newHKDFCtx1(md, ossl.EVP_KDF_HKDF_MODE_EXTRACT_ONLY, secret, salt, nil, nil) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EVP_PKEY_CTX_free(ctx) -+ var keylen int -+ if _, err := ossl.EVP_PKEY_derive(ctx, nil, &keylen); err != nil { -+ return nil, err -+ } -+ out := make([]byte, keylen) -+ if _, err := ossl.EVP_PKEY_derive(ctx, out, &keylen); err != nil { -+ return nil, err -+ } -+ return out[:keylen], nil -+ case 3, 4: -+ ctx, err := newHKDFCtx3(md, ossl.EVP_KDF_HKDF_MODE_EXTRACT_ONLY, secret, salt, nil, nil) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EVP_KDF_CTX_free(ctx) -+ size, err := ossl.EVP_KDF_CTX_get_kdf_size(ctx) -+ if err != nil { -+ return nil, err -+ } -+ out := make([]byte, size) -+ if _, err := ossl.EVP_KDF_derive(ctx, out, nil); err != nil { -+ return nil, err ++ hash.provider = providerOSSLDefault ++ case 3: ++ if prov := ossl.EVP_MD_get0_provider(hash.md); prov != nil { ++ cname := ossl.OSSL_PROVIDER_get0_name(prov) ++ switch C.GoString((*C.char)(unsafe.Pointer(cname))) { ++ case "default": ++ hash.provider = providerOSSLDefault ++ hash.marshallable = hash.magic != "" ++ case "fips": ++ hash.provider = providerOSSLFIPS ++ hash.marshallable = hash.magic != "" ++ case "symcryptprovider": ++ hash.provider = providerSymCrypt ++ hash.marshallable = hash.magic != "" && isSymCryptHashStateSerializable(hash.md) ++ } + } -+ return out, nil + default: + panic(errUnsupportedVersion()) + } -+} + -+// ExpandHKDF derives a key from the given hash, key, and optional context info. -+func ExpandHKDF(h func() hash.Hash, pseudorandomKey, info []byte, keyLength int) ([]byte, error) { -+ if !SupportsHKDF() { -+ return nil, errUnsupportedVersion() -+ } ++ cacheMD.Store(ch, &hash) ++ return &hash ++} + -+ md, err := hashFuncToMD(h) -+ if err != nil { -+ return nil, err ++// generateEVPPKey generates a new EVP_PKEY with the given id and properties. ++func generateEVPPKey(id, bits int32, curve string) (ossl.EVP_PKEY_PTR, error) { ++ if bits != 0 && curve != "" { ++ return nil, fail("incorrect generateEVPPKey parameters") + } -+ -+ out := make([]byte, keyLength) -+ switch major() { ++ var pkey ossl.EVP_PKEY_PTR ++ switch vMajor { + case 1: -+ ctx, err := newHKDFCtx1(md, ossl.EVP_KDF_HKDF_MODE_EXPAND_ONLY, nil, nil, pseudorandomKey, info) ++ ctx, err := ossl.EVP_PKEY_CTX_new_id(id, nil) + if err != nil { + return nil, err + } + defer ossl.EVP_PKEY_CTX_free(ctx) -+ if len(out) == 0 { -+ // Nothing to do, so exit early. -+ // We also can't call EVP_PKEY_derive because some engines error on zero-length output. -+ // We can only exit after calling newHKDFCtx1 because we still need it to validate the parameters. -+ return out, nil -+ } -+ keylen := keyLength -+ if _, err := ossl.EVP_PKEY_derive(ctx, out, &keylen); err != nil { ++ if _, err := ossl.EVP_PKEY_keygen_init(ctx); err != nil { + return nil, err + } -+ case 3, 4: -+ ctx, err := newHKDFCtx3(md, ossl.EVP_KDF_HKDF_MODE_EXPAND_ONLY, nil, nil, pseudorandomKey, info) -+ if err != nil { ++ if bits != 0 { ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, id, -1, ossl.EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, nil); err != nil { ++ return nil, err ++ } ++ } ++ if curve != "" { ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, id, -1, ossl.EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, curveNID(curve), nil); err != nil { ++ return nil, err ++ } ++ } ++ if _, err := ossl.EVP_PKEY_keygen(ctx, &pkey); err != nil { + return nil, err + } -+ defer ossl.EVP_KDF_CTX_free(ctx) -+ if len(out) == 0 { -+ // Nothing to do, so exit early. -+ // We also can't call EVP_PKEY_derive because some engines error on zero-length output. -+ // We can only exit after calling newHKDFCtx3 because we still need it to validate the parameters. -+ return out, nil ++ case 3: ++ var err error ++ switch id { ++ case ossl.EVP_PKEY_RSA: ++ pkey, err = ossl.EVP_PKEY_Q_keygen_RSA(nil, nil, _KeyTypeRSA.ptr(), int(bits)) ++ case ossl.EVP_PKEY_EC: ++ pkey, err = ossl.EVP_PKEY_Q_keygen_EC(nil, nil, _KeyTypeEC.ptr(), ossl.OBJ_nid2sn(curveNID(curve))) ++ case ossl.EVP_PKEY_ED25519: ++ pkey, err = ossl.EVP_PKEY_Q_keygen_ED25519(nil, nil, _KeyTypeED25519.ptr()) ++ default: ++ panic("unsupported key type '" + strconv.Itoa(int(id)) + "'") + } -+ if _, err := ossl.EVP_KDF_derive(ctx, out, nil); err != nil { ++ if err != nil { + return nil, err + } + default: + panic(errUnsupportedVersion()) + } -+ return out, nil -+} -+ -+// ExpandTLS13KDF derives a key from the given hash, key, label and context. It will use -+// "TLS13-KDF" algorithm to do so. -+func ExpandTLS13KDF(h func() hash.Hash, pseudorandomKey, label, context []byte, keyLength int) ([]byte, error) { -+ if !SupportsTLS13KDF() { -+ return nil, errUnsupportedVersion() -+ } -+ -+ md, err := hashFuncToMD(h) -+ if err != nil { -+ return nil, err -+ } -+ -+ out := make([]byte, keyLength) -+ -+ ctx, err := newTLS13KDFExpandCtx3(md, label, context, pseudorandomKey) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EVP_KDF_CTX_free(ctx) -+ if _, err := ossl.EVP_KDF_derive(ctx, out, nil); err != nil { -+ return nil, err -+ } -+ return out, nil -+} -+ -+// fetchTLS13_KDF fetches the TLS13-KDF algorithm. -+// It is safe to call this function concurrently. -+// The returned EVP_KDF_PTR shouldn't be freed. -+var fetchTLS13_KDF = sync.OnceValues(func() (ossl.EVP_KDF_PTR, error) { -+ checkMajorVersion(3, 4) -+ -+ kdf, err := ossl.EVP_KDF_fetch(nil, _OSSL_KDF_NAME_TLS13_KDF.ptr(), nil) -+ if err != nil { -+ return nil, err -+ } -+ return kdf, nil -+}) -+ -+// newTLS13KDFExpandCtx3 fetches the "TLS13-KDF" for TLS 1.3 handshakes. -+func newTLS13KDFExpandCtx3(md ossl.EVP_MD_PTR, label, context, pseudorandomKey []byte) (_ ossl.EVP_KDF_CTX_PTR, err error) { -+ checkMajorVersion(3, 4) -+ -+ kdf, err := fetchTLS13_KDF() -+ if err != nil { -+ return nil, err -+ } -+ -+ ctx, err := ossl.EVP_KDF_CTX_new(kdf) -+ if err != nil { -+ return nil, err -+ } -+ defer func() { -+ if err != nil { -+ ossl.EVP_KDF_CTX_free(ctx) -+ } -+ }() -+ -+ bld := newParamBuilder() -+ defer bld.finalize() -+ bld.addUTF8String(_OSSL_KDF_PARAM_DIGEST, ossl.EVP_MD_get0_name(md), 0) -+ bld.addInt32(_OSSL_KDF_PARAM_MODE, int32(ossl.EVP_KDF_HKDF_MODE_EXPAND_ONLY)) -+ bld.addOctetString(_OSSL_KDF_PARAM_PREFIX, []byte("tls13 ")) -+ bld.addOctetString(_OSSL_KDF_PARAM_LABEL, label) -+ bld.addOctetString(_OSSL_KDF_PARAM_DATA, context) -+ bld.addOctetString(_OSSL_KDF_PARAM_KEY, pseudorandomKey) -+ -+ params, err := bld.build() -+ if err != nil { -+ return ctx, err -+ } -+ defer ossl.OSSL_PARAM_free(params) + -+ if _, err := ossl.EVP_KDF_CTX_set_params(ctx, params); err != nil { -+ return ctx, err -+ } -+ return ctx, nil ++ return pkey, nil +} + -+// fetchHKDF3 fetches the HKDF algorithm. -+// It is safe to call this function concurrently. -+// The returned EVP_KDF_PTR shouldn't be freed. -+var fetchHKDF3 = sync.OnceValues(func() (ossl.EVP_KDF_PTR, error) { -+ checkMajorVersion(3, 4) -+ -+ kdf, err := ossl.EVP_KDF_fetch(nil, _OSSL_KDF_NAME_HKDF.ptr(), nil) -+ if err != nil { -+ return nil, err -+ } -+ return kdf, nil -+}) -+ -+// newHKDFCtx3 implements HKDF for OpenSSL 3 using the EVP_KDF API. -+func newHKDFCtx3(md ossl.EVP_MD_PTR, mode int32, secret, salt, pseudorandomKey, info []byte) (_ ossl.EVP_KDF_CTX_PTR, err error) { -+ checkMajorVersion(3, 4) ++type withKeyFunc func(func(ossl.EVP_PKEY_PTR) error) error ++type initFunc func(ossl.EVP_PKEY_CTX_PTR) error ++type cryptFunc func(ossl.EVP_PKEY_CTX_PTR, *byte, *int, *byte, int) error ++type verifyFunc func(ossl.EVP_PKEY_CTX_PTR, *byte, int, *byte, int) error + -+ kdf, err := fetchHKDF3() -+ if err != nil { -+ return nil, err -+ } -+ ctx, err := ossl.EVP_KDF_CTX_new(kdf) -+ if err != nil { ++func setupEVP(withKey withKeyFunc, padding int32, ++ h, mgfHash hash.Hash, label []byte, saltLen int32, ch crypto.Hash, ++ init initFunc) (_ ossl.EVP_PKEY_CTX_PTR, err error) { ++ var ctx ossl.EVP_PKEY_CTX_PTR ++ if err := withKey(func(pkey ossl.EVP_PKEY_PTR) error { ++ ctx, err = ossl.EVP_PKEY_CTX_new(pkey, nil) ++ return err ++ }); err != nil { + return nil, err + } + defer func() { + if err != nil { -+ ossl.EVP_KDF_CTX_free(ctx) ++ if ctx != nil { ++ ossl.EVP_PKEY_CTX_free(ctx) ++ ctx = nil ++ } + } + }() -+ -+ bld := newParamBuilder() -+ defer bld.finalize() -+ bld.addInt32(_OSSL_KDF_PARAM_FIPS_KEY_CHECK, 0) -+ bld.addUTF8String(_OSSL_KDF_PARAM_DIGEST, ossl.EVP_MD_get0_name(md), 0) -+ bld.addInt32(_OSSL_KDF_PARAM_MODE, int32(mode)) -+ bld.addOctetString(_OSSL_KDF_PARAM_KEY, secret) -+ bld.addOctetString(_OSSL_KDF_PARAM_SALT, salt) -+ bld.addOctetString(_OSSL_KDF_PARAM_KEY, pseudorandomKey) -+ bld.addOctetString(_OSSL_KDF_PARAM_INFO, info) -+ params, err := bld.build() -+ if err != nil { -+ return ctx, err -+ } -+ defer ossl.OSSL_PARAM_free(params) -+ -+ if _, err := ossl.EVP_KDF_CTX_set_params(ctx, params); err != nil { -+ return ctx, err -+ } -+ return ctx, nil -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hmac.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hmac.go -new file mode 100644 -index 00000000000000..88f6ce7eb85ca1 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hmac.go -@@ -0,0 +1,280 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+package openssl -+ -+import ( -+ "hash" -+ "runtime" -+ "slices" -+ "sync" -+ -+ "github.com/microsoft/go-crypto-openssl/internal/ossl" -+) -+ -+// NewHMAC returns a new HMAC using OpenSSL. -+// The function h must return a hash implemented by -+// OpenSSL (for example, h could be openssl.NewSHA256). -+// If h is not recognized, NewHMAC returns nil. -+func NewHMAC(fh func() hash.Hash, key []byte) hash.Hash { -+ h, _ := hashFuncHash(fh) -+ md := hashToMD(h) -+ if md == nil { -+ return nil -+ } -+ -+ if len(key) == 0 { -+ // This is supported in OpenSSL/Standard lib and as such -+ // we must support it here. When using HMAC with a null key -+ // HMAC_Init will try and reuse the key from the ctx. This is -+ // not the behavior previously implemented, so as a workaround -+ // we pass an "empty" key. -+ key = make([]byte, ossl.EVP_MAX_MD_SIZE) ++ if err := init(ctx); err != nil { ++ return nil, err + } -+ -+ hmac := &opensslHMAC{ -+ size: h.Size(), -+ blockSize: h.BlockSize(), ++ if padding == 0 { ++ return ctx, nil + } -+ -+ switch major() { -+ case 1: -+ ctx := newHMAC1(key, md) -+ if ctx.ctx == nil { -+ return nil ++ // Each padding type has its own requirements in terms of when to apply the padding, ++ // so it can't be just set at this point. ++ setPadding := func() error { ++ _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_PADDING, padding, nil) ++ return err ++ } ++ switch padding { ++ case ossl.RSA_PKCS1_OAEP_PADDING: ++ md := hashToMD(h) ++ if md == nil { ++ return nil, errors.New("crypto/rsa: unsupported hash function") ++ } ++ var mgfMD ossl.EVP_MD_PTR ++ if mgfHash != nil { ++ // mgfHash is optional, but if it is set it must match a supported hash function. ++ mgfMD = hashToMD(mgfHash) ++ if mgfMD == nil { ++ return nil, errors.New("crypto/rsa: unsupported hash function") ++ } + } -+ hmac.ctx1 = ctx -+ case 3, 4: -+ ctx := newHMAC3(key, md) -+ if ctx.ctx == nil { -+ return nil ++ // setPadding must happen before setting EVP_PKEY_CTRL_RSA_OAEP_MD. ++ if err := setPadding(); err != nil { ++ return nil, err ++ } ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_OAEP_MD, 0, unsafe.Pointer(md)); err != nil { ++ return nil, err ++ } ++ if mgfHash != nil { ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_MGF1_MD, 0, unsafe.Pointer(mgfMD)); err != nil { ++ return nil, err ++ } ++ } ++ // ctx takes ownership of label, so malloc a copy for OpenSSL to free. ++ // OpenSSL does not take ownership of the label if the length is zero, ++ // so better avoid the allocation. ++ var clabel *byte ++ if len(label) > 0 { ++ clabel = (*byte)(cryptoMalloc(len(label))) ++ copy((*[1 << 30]byte)(unsafe.Pointer(clabel))[:len(label)], label) ++ var err error ++ if vMajor == 3 { ++ _, err = ossl.EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, unsafe.Pointer(clabel), int32(len(label))) ++ } else { ++ _, err = ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_OAEP_LABEL, int32(len(label)), unsafe.Pointer(clabel)) ++ } ++ if err != nil { ++ cryptoFree(unsafe.Pointer(clabel)) ++ return nil, err ++ } ++ } ++ case ossl.RSA_PKCS1_PSS_PADDING: ++ alg := loadHash(ch) ++ if alg == nil { ++ return nil, errors.New("crypto/rsa: unsupported hash function") ++ } ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_MD, 0, unsafe.Pointer(alg.md)); err != nil { ++ return nil, err ++ } ++ // setPadding must happen after setting EVP_PKEY_CTRL_MD. ++ if err := setPadding(); err != nil { ++ return nil, err ++ } ++ if saltLen != 0 { ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_PSS_SALTLEN, saltLen, nil); err != nil { ++ return nil, err ++ } ++ } ++ ++ case ossl.RSA_PKCS1_PADDING: ++ if ch != 0 { ++ // We support unhashed messages. ++ alg := loadHash(ch) ++ if alg == nil { ++ return nil, errors.New("crypto/rsa: unsupported hash function") ++ } ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, -1, ossl.EVP_PKEY_CTRL_MD, 0, unsafe.Pointer(alg.md)); err != nil { ++ return nil, err ++ } ++ if err := setPadding(); err != nil { ++ return nil, err ++ } + } -+ hmac.ctx3 = ctx + default: -+ panic(errUnsupportedVersion()) ++ if err := setPadding(); err != nil { ++ return nil, err ++ } + } -+ runtime.SetFinalizer(hmac, (*opensslHMAC).finalize) -+ return hmac -+} -+ -+// hmacCtx3 is used for OpenSSL 1. -+type hmacCtx1 struct { -+ ctx ossl.HMAC_CTX_PTR -+} -+ -+// hmacCtx3 is used for OpenSSL 3. -+type hmacCtx3 struct { -+ ctx ossl.EVP_MAC_CTX_PTR -+ key []byte // only set for OpenSSL 3.0.0, 3.0.1, and 3.0.2. ++ return ctx, nil +} + -+type opensslHMAC struct { -+ ctx1 hmacCtx1 -+ ctx3 hmacCtx3 -+ size int -+ blockSize int -+ sum [maxHashSize]byte -+} ++func cryptEVP(withKey withKeyFunc, padding int32, ++ h, mgfHash hash.Hash, label []byte, saltLen int32, ch crypto.Hash, ++ init initFunc, crypt cryptFunc, in []byte) ([]byte, error) { + -+func newHMAC1(key []byte, md ossl.EVP_MD_PTR) hmacCtx1 { -+ ctx, err := ossl.HMAC_CTX_new() ++ ctx, err := setupEVP(withKey, padding, h, mgfHash, label, saltLen, ch, init) + if err != nil { -+ panic(err) ++ return nil, err + } -+ if _, err := ossl.HMAC_Init_ex(ctx, key, md, nil); err != nil { -+ panic(err) ++ defer ossl.EVP_PKEY_CTX_free(ctx) ++ var pkeySize int32 ++ if err := withKey(func(pkey ossl.EVP_PKEY_PTR) (err error) { ++ pkeySize, err = ossl.EVP_PKEY_get_size(pkey) ++ return err ++ }); err != nil { ++ return nil, err + } -+ return hmacCtx1{ctx} ++ outLen := int(pkeySize) ++ out := make([]byte, pkeySize) ++ if err := crypt(ctx, base(out), &outLen, base(in), len(in)); err != nil { ++ return nil, err ++ } ++ // The size returned by EVP_PKEY_get_size() is only preliminary and not exact, ++ // so the final contents of the out buffer may be smaller. ++ return out[:outLen], nil +} + -+var hmacDigestsSupported sync.Map -+var fetchHMAC3 = sync.OnceValue(func() ossl.EVP_MAC_PTR { -+ mac, err := ossl.EVP_MAC_fetch(nil, _OSSL_MAC_NAME_HMAC.ptr(), nil) ++func verifyEVP(withKey withKeyFunc, padding int32, ++ h hash.Hash, label []byte, saltLen int32, ch crypto.Hash, ++ init initFunc, verify verifyFunc, ++ sig, in []byte) error { ++ ++ ctx, err := setupEVP(withKey, padding, h, nil, label, saltLen, ch, init) + if err != nil { -+ panic(err) ++ return err + } -+ return mac -+}) -+ -+func buildHMAC3Params(md ossl.EVP_MD_PTR) (ossl.OSSL_PARAM_PTR, error) { -+ bld := newParamBuilder() -+ defer bld.finalize() -+ bld.addUTF8String(_OSSL_MAC_PARAM_DIGEST, ossl.EVP_MD_get0_name(md), 0) -+ bld.addInt32(_OSSL_MAC_PARAM_FIPS_KEY_CHECK, 0) -+ return bld.build() ++ defer ossl.EVP_PKEY_CTX_free(ctx) ++ return verify(ctx, base(sig), len(sig), base(in), len(in)) +} + -+func isHMAC3DigestSupported(md ossl.EVP_MD_PTR) bool { -+ nid := ossl.EVP_MD_get_type(md) -+ if v, ok := hmacDigestsSupported.Load(nid); ok { -+ return v.(bool) -+ } -+ ctx, err := ossl.EVP_MAC_CTX_new(fetchHMAC3()) -+ if err != nil { -+ panic(err) ++func evpEncrypt(withKey withKeyFunc, padding int32, h, mgfHash hash.Hash, label, msg []byte) ([]byte, error) { ++ encryptInit := func(ctx ossl.EVP_PKEY_CTX_PTR) error { ++ _, err := ossl.EVP_PKEY_encrypt_init(ctx) ++ return err + } -+ defer ossl.EVP_MAC_CTX_free(ctx) -+ -+ params, err := buildHMAC3Params(md) -+ if err != nil { -+ panic(err) ++ encrypt := func(ctx ossl.EVP_PKEY_CTX_PTR, out *byte, outLen *int, in *byte, inLen int) error { ++ if _, err := ossl.EVP_PKEY_encrypt(ctx, out, outLen, in, inLen); err != nil { ++ return err ++ } ++ return nil + } -+ defer ossl.OSSL_PARAM_free(params) -+ -+ _, err = ossl.EVP_MAC_CTX_set_params(ctx, params) -+ supported := err == nil -+ hmacDigestsSupported.Store(nid, supported) -+ return supported ++ return cryptEVP(withKey, padding, h, mgfHash, label, 0, 0, encryptInit, encrypt, msg) +} + -+func newHMAC3(key []byte, md ossl.EVP_MD_PTR) hmacCtx3 { -+ if !isHMAC3DigestSupported(md) { -+ // The digest is not supported by the HMAC provider. -+ // Don't panic here so the Go standard library to -+ // fall back to the Go implementation. -+ // See https://github.com/golang-fips/openssl/issues/153. -+ return hmacCtx3{} ++func evpDecrypt(withKey withKeyFunc, padding int32, h, mgfHash hash.Hash, label, msg []byte) ([]byte, error) { ++ decryptInit := func(ctx ossl.EVP_PKEY_CTX_PTR) error { ++ _, err := ossl.EVP_PKEY_decrypt_init(ctx) ++ return err + } -+ params, err := buildHMAC3Params(md) -+ if err != nil { -+ panic(err) ++ decrypt := func(ctx ossl.EVP_PKEY_CTX_PTR, out *byte, outLen *int, in *byte, inLen int) error { ++ _, err := ossl.EVP_PKEY_decrypt(ctx, out, outLen, in, inLen) ++ return err + } -+ defer ossl.OSSL_PARAM_free(params) ++ return cryptEVP(withKey, padding, h, mgfHash, label, 0, 0, decryptInit, decrypt, msg) ++} + -+ ctx, err := ossl.EVP_MAC_CTX_new(fetchHMAC3()) -+ if err != nil { -+ panic(err) ++func evpSign(withKey withKeyFunc, padding int32, saltLen int32, h crypto.Hash, hashed []byte) ([]byte, error) { ++ signtInit := func(ctx ossl.EVP_PKEY_CTX_PTR) error { ++ _, err := ossl.EVP_PKEY_sign_init(ctx) ++ return err ++ } ++ sign := func(ctx ossl.EVP_PKEY_CTX_PTR, out *byte, outLen *int, in *byte, inLen int) error { ++ _, err := ossl.EVP_PKEY_sign(ctx, out, outLen, in, inLen) ++ return err + } ++ return cryptEVP(withKey, padding, nil, nil, nil, saltLen, h, signtInit, sign, hashed) ++} + -+ if _, err := ossl.EVP_MAC_init(ctx, key, params); err != nil { -+ ossl.EVP_MAC_CTX_free(ctx) -+ panic(err) ++func evpVerify(withKey withKeyFunc, padding int32, saltLen int32, h crypto.Hash, sig, hashed []byte) error { ++ verifyInit := func(ctx ossl.EVP_PKEY_CTX_PTR) error { ++ _, err := ossl.EVP_PKEY_verify_init(ctx) ++ return err + } -+ var hkey []byte -+ //versionguardcheck:ignore OpenSSL 3.0.0–3.0.2 EVP_MAC_init does not reset without a key: https://github.com/openssl/openssl/issues/17811. -+ if major() == 3 && minor() == 0 && patch() <= 2 { -+ // EVP_MAC_init only resets the ctx internal state if a key is passed -+ // when using OpenSSL 3.0.0, 3.0.1, and 3.0.2. Save a copy of the key -+ // in the context so Reset can use it later. New OpenSSL versions -+ // do not have this issue so it isn't necessary to save the key. -+ hkey = make([]byte, len(key)) -+ copy(hkey, key) ++ verify := func(ctx ossl.EVP_PKEY_CTX_PTR, out *byte, outLen int, in *byte, inLen int) error { ++ _, err := ossl.EVP_PKEY_verify(ctx, out, outLen, in, inLen) ++ return err + } -+ return hmacCtx3{ctx, hkey} ++ return verifyEVP(withKey, padding, nil, nil, saltLen, h, verifyInit, verify, sig, hashed) +} + -+func (h *opensslHMAC) Reset() { -+ switch major() { -+ case 1: -+ if _, err := ossl.HMAC_Init_ex(h.ctx1.ctx, nil, nil, nil); err != nil { -+ panic(err) -+ } -+ case 3, 4: -+ if _, err := ossl.EVP_MAC_init(h.ctx3.ctx, h.ctx3.key, nil); err != nil { -+ panic(err) ++func evpHashSign(withKey withKeyFunc, h crypto.Hash, msg []byte) ([]byte, error) { ++ alg := loadHash(h) ++ if alg == nil { ++ return nil, errors.New("unsupported hash function: " + strconv.Itoa(int(h))) ++ } ++ var out []byte ++ var outLen int ++ ctx, err := ossl.EVP_MD_CTX_new() ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_MD_CTX_free(ctx) ++ if err := withKey(func(key ossl.EVP_PKEY_PTR) error { ++ _, err := ossl.EVP_DigestSignInit(ctx, nil, alg.md, nil, key) ++ return err ++ }); err != nil { ++ return nil, err ++ } ++ if len(msg) > 0 { ++ if _, err := ossl.EVP_DigestUpdate(ctx, pbase(msg), len(msg)); err != nil { ++ return nil, err + } -+ default: -+ panic(errUnsupportedVersion()) + } -+ -+ runtime.KeepAlive(h) // Next line will keep h alive too; just making doubly sure. -+} -+ -+func (h *opensslHMAC) finalize() { -+ if h.ctx1.ctx != nil { -+ ossl.HMAC_CTX_free(h.ctx1.ctx) ++ // Obtain the signature length ++ if _, err := ossl.EVP_DigestSignFinal(ctx, nil, &outLen); err != nil { ++ return nil, err + } -+ if h.ctx3.ctx != nil { -+ ossl.EVP_MAC_CTX_free(h.ctx3.ctx) ++ out = make([]byte, outLen) ++ // Obtain the signature ++ if _, err := ossl.EVP_DigestSignFinal(ctx, base(out), &outLen); err != nil { ++ return nil, err + } ++ return out[:outLen], nil +} + -+func (h *opensslHMAC) Write(p []byte) (int, error) { -+ if len(p) > 0 { -+ switch major() { -+ case 1: -+ ossl.HMAC_Update(h.ctx1.ctx, p) -+ case 3, 4: -+ ossl.EVP_MAC_update(h.ctx3.ctx, p) -+ default: -+ panic(errUnsupportedVersion()) ++func evpHashVerify(withKey withKeyFunc, h crypto.Hash, msg, sig []byte) error { ++ alg := loadHash(h) ++ if alg == nil { ++ return errors.New("unsupported hash function: " + strconv.Itoa(int(h))) ++ } ++ ctx, err := ossl.EVP_MD_CTX_new() ++ if err != nil { ++ return err ++ } ++ defer ossl.EVP_MD_CTX_free(ctx) ++ if err := withKey(func(key ossl.EVP_PKEY_PTR) error { ++ _, err := ossl.EVP_DigestVerifyInit(ctx, nil, alg.md, nil, key) ++ return err ++ }); err != nil { ++ return err ++ } ++ if len(msg) > 0 { ++ if _, err := ossl.EVP_DigestUpdate(ctx, pbase(msg), len(msg)); err != nil { ++ return err + } + } -+ runtime.KeepAlive(h) -+ return len(p), nil ++ if _, err := ossl.EVP_DigestVerifyFinal(ctx, base(sig), len(sig)); err != nil { ++ return err ++ } ++ return nil +} + -+func (h *opensslHMAC) Size() int { -+ return h.size ++func newEVPPKEY(key ossl.EC_KEY_PTR) (ossl.EVP_PKEY_PTR, error) { ++ pkey, err := ossl.EVP_PKEY_new() ++ if err != nil { ++ return nil, err ++ } ++ if _, err := ossl.EVP_PKEY_assign(pkey, ossl.EVP_PKEY_EC, unsafe.Pointer(key)); err != nil { ++ ossl.EVP_PKEY_free(pkey) ++ return nil, err ++ } ++ return pkey, nil +} + -+func (h *opensslHMAC) BlockSize() int { -+ return h.blockSize ++// getECKey returns the EC_KEY from pkey. ++// If pkey does not contain an EC_KEY it panics. ++// The returned key should not be freed. ++func getECKey(pkey ossl.EVP_PKEY_PTR) ossl.EC_KEY_PTR { ++ key, err := ossl.EVP_PKEY_get0_EC_KEY(pkey) ++ if err != nil { ++ panic(err) ++ } ++ return key +} + -+func (h *opensslHMAC) Sum(in []byte) []byte { -+ // Make copy of context because Go hash.Hash mandates -+ // that Sum has no effect on the underlying stream. -+ // In particular it is OK to Sum, then Write more, then Sum again, -+ // and the second Sum acts as if the first didn't happen. -+ switch major() { -+ case 1: -+ ctx2, err := ossl.HMAC_CTX_new() -+ if err != nil { -+ panic(err) -+ } -+ defer ossl.HMAC_CTX_free(ctx2) -+ if _, err := ossl.HMAC_CTX_copy(ctx2, h.ctx1.ctx); err != nil { -+ panic(err) -+ } -+ ossl.HMAC_Final(ctx2, h.sum[:h.size], nil) -+ case 3, 4: -+ ctx2, err := ossl.EVP_MAC_CTX_dup(h.ctx3.ctx) -+ if err != nil { -+ panic(err) ++func newEvpFromParams(id int32, selection int32, params ossl.OSSL_PARAM_PTR) (ossl.EVP_PKEY_PTR, error) { ++ ctx, err := ossl.EVP_PKEY_CTX_new_id(id, nil) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_PKEY_CTX_free(ctx) ++ if _, err := ossl.EVP_PKEY_fromdata_init(ctx); err != nil { ++ return nil, err ++ } ++ var pkey ossl.EVP_PKEY_PTR ++ if _, err := ossl.EVP_PKEY_fromdata(ctx, &pkey, selection, params); err != nil { ++ if vMajor == 3 && vMinor <= 2 { ++ // OpenSSL 3.0.1 and 3.0.2 have a bug where EVP_PKEY_fromdata ++ // does not free the internally allocated EVP_PKEY on error. ++ // See https://github.com/openssl/openssl/issues/17407. ++ ossl.EVP_PKEY_free(pkey) + } -+ defer ossl.EVP_MAC_CTX_free(ctx2) -+ ossl.EVP_MAC_final(ctx2, h.sum[:h.size], nil) -+ default: -+ panic(errUnsupportedVersion()) ++ return nil, err + } -+ return append(in, h.sum[:h.size]...) ++ return pkey, nil +} + -+func (h *opensslHMAC) Clone() (HashCloner, error) { -+ switch major() { -+ case 1: -+ ctx2, err := ossl.HMAC_CTX_new() -+ if err != nil { -+ panic(err) -+ } -+ if _, err := ossl.HMAC_CTX_copy(ctx2, h.ctx1.ctx); err != nil { -+ ossl.HMAC_CTX_free(ctx2) -+ panic(err) -+ } -+ cl := &opensslHMAC{ -+ ctx1: hmacCtx1{ctx: ctx2}, -+ size: h.size, -+ blockSize: h.blockSize, -+ } -+ runtime.SetFinalizer(cl, (*opensslHMAC).finalize) -+ return cl, nil -+ -+ case 3, 4: -+ ctx2, err := ossl.EVP_MAC_CTX_dup(h.ctx3.ctx) -+ if err != nil { -+ panic(err) ++func checkPkey(pkey ossl.EVP_PKEY_PTR, isPrivate bool) error { ++ ctx, err := ossl.EVP_PKEY_CTX_new(pkey, nil) ++ if err != nil { ++ return err ++ } ++ defer ossl.EVP_PKEY_CTX_free(ctx) ++ if isPrivate { ++ if _, err := ossl.EVP_PKEY_private_check(ctx); err != nil { ++ // Match upstream error message. ++ return errors.New("invalid private key") + } -+ -+ cl := &opensslHMAC{ -+ ctx3: hmacCtx3{ctx: ctx2, key: slices.Clone(h.ctx3.key)}, -+ size: h.size, -+ blockSize: h.blockSize, ++ } else { ++ // Upstream Go does a partial check here, so do we. ++ if _, err := ossl.EVP_PKEY_public_check_quick(ctx); err != nil { ++ // Match upstream error message. ++ return errors.New("invalid public key") + } -+ runtime.SetFinalizer(cl, (*opensslHMAC).finalize) -+ return cl, nil -+ -+ default: -+ panic(errUnsupportedVersion()) + } ++ return nil +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/mldsa.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/mldsa.go +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hash.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hash.go new file mode 100644 -index 00000000000000..49481d99023c12 +index 00000000000000..b1e53673fd785a --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/mldsa.go -@@ -0,0 +1,449 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hash.go +@@ -0,0 +1,455 @@ ++//go:build !cmd_go_bootstrap + +package openssl + ++import "C" +import ( ++ "crypto" + "errors" ++ "hash" ++ "runtime" ++ "strconv" + "sync" ++ "unsafe" + + "github.com/microsoft/go-crypto-openssl/internal/ossl" +) + +const ( -+ // privateKeySizeMLDSA is the size of an ML-DSA private key seed. -+ privateKeySizeMLDSA = 32 -+ -+ // publicKeySizeMLDSA44 is the size of an ML-DSA-44 public key encoding. -+ publicKeySizeMLDSA44 = 1312 -+ -+ // publicKeySizeMLDSA65 is the size of an ML-DSA-65 public key encoding. -+ publicKeySizeMLDSA65 = 1952 -+ -+ // publicKeySizeMLDSA87 is the size of an ML-DSA-87 public key encoding. -+ publicKeySizeMLDSA87 = 2592 -+ -+ // signatureSizeMLDSA44 is the size of an ML-DSA-44 signature. -+ signatureSizeMLDSA44 = 2420 ++ magicMD5 = "md5\x01" ++ magic1 = "sha\x01" ++ magic224 = "sha\x02" ++ magic256 = "sha\x03" ++ magic384 = "sha\x04" ++ magic512_224 = "sha\x05" ++ magic512_256 = "sha\x06" ++ magic512 = "sha\x07" + -+ // signatureSizeMLDSA65 is the size of an ML-DSA-65 signature. -+ signatureSizeMLDSA65 = 3309 ++ marshaledSizeMD5 = len(magicMD5) + 4*4 + 64 + 8 // from crypto/md5 ++ marshaledSize1 = len(magic1) + 5*4 + 64 + 8 // from crypto/sha1 ++ marshaledSize256 = len(magic256) + 8*4 + 64 + 8 // from crypto/sha256 ++ marshaledSize512 = len(magic512) + 8*8 + 128 + 8 // from crypto/sha512 ++) + -+ // signatureSizeMLDSA87 is the size of an ML-DSA-87 signature. -+ signatureSizeMLDSA87 = 4627 ++// maxHashSize is the size of SHA52 and SHA3_512, the largest hashes we support. ++const maxHashSize = 64 + -+ // muSizeMLDSA is the size of the pre-hashed mu input to the external-mu -+ // variants of Sign and Verify. -+ muSizeMLDSA = 64 ++func hashOneShot(ch crypto.Hash, p []byte, sum []byte) bool { ++ _, err := ossl.EVP_Digest(pbaseNeverEmpty(p), len(p), base(sum), nil, loadHash(ch).md, nil) ++ return err == nil ++} + -+ // maxContextSizeMLDSA is the maximum allowed length of the context string -+ // passed to Sign and Verify. -+ maxContextSizeMLDSA = 255 -+) ++func MD4(p []byte) (sum [16]byte) { ++ if !hashOneShot(crypto.MD4, p, sum[:]) { ++ panic("openssl: MD4 failed") ++ } ++ return ++} + -+// SupportsMLDSA returns true if the given ML-DSA parameter set is supported -+// on this platform. Providers may not implement every security level, so -+// callers must probe each parameter set they intend to use. -+func SupportsMLDSA(params MLDSAParameters) bool { -+ switch params.keyType { -+ case ossl.EVP_PKEY_ML_DSA_44: -+ return supportsMLDSA44() -+ case ossl.EVP_PKEY_ML_DSA_65: -+ return supportsMLDSA65() -+ case ossl.EVP_PKEY_ML_DSA_87: -+ return supportsMLDSA87() -+ default: -+ return false ++func MD5(p []byte) (sum [16]byte) { ++ if !hashOneShot(crypto.MD5, p, sum[:]) { ++ panic("openssl: MD5 failed") + } ++ return +} + -+// probeMLDSA reports whether the OpenSSL provider exposes the given ML-DSA -+// algorithm via the keymgmt fetch interface. ML-DSA was added in OpenSSL 3.5; -+// older 3.x releases return nil for unknown algorithm names, and 1.x lacks -+// the fetch interface entirely. -+func probeMLDSA(name cString) bool { -+ if !ossl.EVP_KEYMGMT_fetch_Available() { -+ return false ++func SHA1(p []byte) (sum [20]byte) { ++ if !hashOneShot(crypto.SHA1, p, sum[:]) { ++ panic("openssl: SHA1 failed") + } -+ mgmt, _ := ossl.EVP_KEYMGMT_fetch(nil, name.ptr(), nil) -+ if mgmt == nil { -+ return false ++ return ++} ++ ++func SHA224(p []byte) (sum [28]byte) { ++ if !hashOneShot(crypto.SHA224, p, sum[:]) { ++ panic("openssl: SHA224 failed") + } -+ ossl.EVP_KEYMGMT_free(mgmt) -+ return true ++ return +} + -+var ( -+ supportsMLDSA44 = sync.OnceValue(func() bool { return probeMLDSA(_KeyTypeMLDSA44) }) -+ supportsMLDSA65 = sync.OnceValue(func() bool { return probeMLDSA(_KeyTypeMLDSA65) }) -+ supportsMLDSA87 = sync.OnceValue(func() bool { return probeMLDSA(_KeyTypeMLDSA87) }) -+) ++func SHA256(p []byte) (sum [32]byte) { ++ if !hashOneShot(crypto.SHA256, p, sum[:]) { ++ panic("openssl: SHA256 failed") ++ } ++ return ++} + -+// MLDSAParameters represents one of the fixed ML-DSA parameter sets. -+type MLDSAParameters struct { -+ name string -+ keyType int32 -+ keyTypeName cString -+ publicKeySize int -+ signatureSize int ++func SHA384(p []byte) (sum [48]byte) { ++ if !hashOneShot(crypto.SHA384, p, sum[:]) { ++ panic("openssl: SHA384 failed") ++ } ++ return +} + -+var ( -+ mldsa44 = MLDSAParameters{ -+ name: "ML-DSA-44", -+ keyType: ossl.EVP_PKEY_ML_DSA_44, -+ keyTypeName: _KeyTypeMLDSA44, -+ publicKeySize: publicKeySizeMLDSA44, -+ signatureSize: signatureSizeMLDSA44, -+ } -+ mldsa65 = MLDSAParameters{ -+ name: "ML-DSA-65", -+ keyType: ossl.EVP_PKEY_ML_DSA_65, -+ keyTypeName: _KeyTypeMLDSA65, -+ publicKeySize: publicKeySizeMLDSA65, -+ signatureSize: signatureSizeMLDSA65, -+ } -+ mldsa87 = MLDSAParameters{ -+ name: "ML-DSA-87", -+ keyType: ossl.EVP_PKEY_ML_DSA_87, -+ keyTypeName: _KeyTypeMLDSA87, -+ publicKeySize: publicKeySizeMLDSA87, -+ signatureSize: signatureSizeMLDSA87, ++func SHA512(p []byte) (sum [64]byte) { ++ if !hashOneShot(crypto.SHA512, p, sum[:]) { ++ panic("openssl: SHA512 failed") + } -+) ++ return ++} + -+// MLDSA44 returns the ML-DSA-44 parameter set. -+func MLDSA44() MLDSAParameters { return mldsa44 } ++func SHA512_224(p []byte) (sum [28]byte) { ++ if !hashOneShot(crypto.SHA512_224, p, sum[:]) { ++ panic("openssl: SHA512 failed") ++ } ++ return ++} + -+// MLDSA65 returns the ML-DSA-65 parameter set. -+func MLDSA65() MLDSAParameters { return mldsa65 } ++func SHA512_256(p []byte) (sum [32]byte) { ++ if !hashOneShot(crypto.SHA512_256, p, sum[:]) { ++ panic("openssl: SHA512_256 failed") ++ } ++ return ++} + -+// MLDSA87 returns the ML-DSA-87 parameter set. -+func MLDSA87() MLDSAParameters { return mldsa87 } ++// cacheHashSupported is a cache of crypto.Hash support. ++var cacheHashSupported sync.Map + -+func (params MLDSAParameters) valid() bool { -+ switch params { -+ case mldsa44, mldsa65, mldsa87: -+ return true -+ default: ++// SupportsHash reports whether the current OpenSSL version supports the given hash. ++func SupportsHash(h crypto.Hash) bool { ++ if v, ok := cacheHashSupported.Load(h); ok { ++ return v.(bool) ++ } ++ alg := loadHash(h) ++ if alg == nil { ++ cacheHashSupported.Store(h, false) + return false + } ++ // EVP_MD objects can be non-nil even when they can't be used ++ // in a EVP_MD_CTX, e.g. MD5 in FIPS mode. We need to prove ++ // if they can be used by passing them to a EVP_MD_CTX. ++ var supported bool ++ if ctx, _ := ossl.EVP_MD_CTX_new(); ctx != nil { ++ _, err := ossl.EVP_DigestInit_ex(ctx, alg.md, nil) ++ supported = err == nil ++ ossl.EVP_MD_CTX_free(ctx) ++ } ++ cacheHashSupported.Store(h, supported) ++ return supported +} + -+// PublicKeySize returns the size of public keys for this parameter set, in bytes. -+func (params MLDSAParameters) PublicKeySize() int { return params.publicKeySize } -+ -+// SignatureSize returns the size of signatures for this parameter set, in bytes. -+func (params MLDSAParameters) SignatureSize() int { return params.signatureSize } -+ -+// String returns the name of the parameter set. -+func (params MLDSAParameters) String() string { return params.name } -+ -+var errInvalidMLDSAParameters = errors.New("mldsa: invalid parameters") -+ -+// PrivateKeyMLDSA is an ML-DSA private key seed. -+type PrivateKeyMLDSA struct { -+ params MLDSAParameters -+ seed [privateKeySizeMLDSA]byte ++func SHA3_224(p []byte) (sum [28]byte) { ++ if !hashOneShot(crypto.SHA3_224, p, sum[:]) { ++ panic("openssl: SHA3_224 failed") ++ } ++ return +} + -+// GenerateKeyMLDSA generates a new ML-DSA private key. -+func GenerateKeyMLDSA(params MLDSAParameters) (*PrivateKeyMLDSA, error) { -+ if !params.valid() { -+ return nil, errInvalidMLDSAParameters -+ } -+ key := &PrivateKeyMLDSA{params: params} -+ if err := generateMLDSASeed(params.keyType, key.seed[:]); err != nil { -+ return nil, err ++func SHA3_256(p []byte) (sum [32]byte) { ++ if !hashOneShot(crypto.SHA3_256, p, sum[:]) { ++ panic("openssl: SHA3_256 failed") + } -+ return key, nil ++ return +} + -+// NewPrivateKeyMLDSA constructs an ML-DSA private key from its 32-byte seed. -+func NewPrivateKeyMLDSA(params MLDSAParameters, seed []byte) (*PrivateKeyMLDSA, error) { -+ if !params.valid() { -+ return nil, errInvalidMLDSAParameters ++func SHA3_384(p []byte) (sum [48]byte) { ++ if !hashOneShot(crypto.SHA3_384, p, sum[:]) { ++ panic("openssl: SHA3_384 failed") + } -+ if len(seed) != privateKeySizeMLDSA { -+ return nil, errors.New("mldsa: invalid private key size") ++ return ++} ++ ++func SHA3_512(p []byte) (sum [64]byte) { ++ if !hashOneShot(crypto.SHA3_512, p, sum[:]) { ++ panic("openssl: SHA3_512 failed") + } -+ key := &PrivateKeyMLDSA{params: params} -+ copy(key.seed[:], seed) -+ return key, nil ++ return ++} ++ ++// NewMD4 returns a new MD4 hash. ++// The returned hash doesn't implement encoding.BinaryMarshaler and ++// encoding.BinaryUnmarshaler. ++func NewMD4() hash.Hash { ++ return newEvpHash(crypto.MD4) ++} ++ ++// NewMD5 returns a new MD5 hash. ++func NewMD5() hash.Hash { ++ return newEvpHash(crypto.MD5) +} + -+// Bytes returns the private key seed. -+func (key *PrivateKeyMLDSA) Bytes() []byte { -+ return key.seed[:] ++// NewSHA1 returns a new SHA1 hash. ++func NewSHA1() hash.Hash { ++ return newEvpHash(crypto.SHA1) +} + -+// Parameters returns the parameters associated with this private key. -+func (key *PrivateKeyMLDSA) Parameters() MLDSAParameters { return key.params } -+ -+// PublicKey returns the corresponding public key. -+func (key *PrivateKeyMLDSA) PublicKey() *PublicKeyMLDSA { -+ publicKey := &PublicKeyMLDSA{params: key.params} -+ if err := mldsaExtractPublicKey(key.params, key.seed[:], publicKey.bytes[:key.params.publicKeySize]); err != nil { -+ panic(err) -+ } -+ return publicKey ++// NewSHA224 returns a new SHA224 hash. ++func NewSHA224() hash.Hash { ++ return newEvpHash(crypto.SHA224) +} + -+// Sign signs message with the private key, optionally binding the signature -+// to a context string. The context string must be at most 255 bytes long. -+func (key *PrivateKeyMLDSA) Sign(message []byte, context string) ([]byte, error) { -+ return mldsaSign(key.params, key.seed[:], message, context) ++// NewSHA256 returns a new SHA256 hash. ++func NewSHA256() hash.Hash { ++ return newEvpHash(crypto.SHA256) +} + -+// SignExternalMu signs a pre-hashed mu message representative using ML-DSA. -+// mu must be exactly 64 bytes long. -+func (key *PrivateKeyMLDSA) SignExternalMu(mu []byte) ([]byte, error) { -+ if len(mu) != muSizeMLDSA { -+ return nil, errors.New("mldsa: invalid message hash length") -+ } -+ return mldsaSignExternalMu(key.params, key.seed[:], mu) ++// NewSHA384 returns a new SHA384 hash. ++func NewSHA384() hash.Hash { ++ return newEvpHash(crypto.SHA384) +} + -+// PublicKeyMLDSA is an ML-DSA public key. -+type PublicKeyMLDSA struct { -+ params MLDSAParameters -+ bytes [publicKeySizeMLDSA87]byte ++// NewSHA512 returns a new SHA512 hash. ++func NewSHA512() hash.Hash { ++ return newEvpHash(crypto.SHA512) +} + -+// NewPublicKeyMLDSA constructs an ML-DSA public key from its encoding. -+func NewPublicKeyMLDSA(params MLDSAParameters, publicKey []byte) (*PublicKeyMLDSA, error) { -+ if !params.valid() { -+ return nil, errInvalidMLDSAParameters -+ } -+ if len(publicKey) != params.publicKeySize { -+ return nil, errors.New("mldsa: invalid public key size") -+ } -+ // Validate by attempting a key import. -+ pkey, err := createMLDSAPublicKey(params.keyType, publicKey) -+ if err != nil { -+ return nil, err -+ } -+ ossl.EVP_PKEY_free(pkey) -+ key := &PublicKeyMLDSA{params: params} -+ copy(key.bytes[:], publicKey) -+ return key, nil ++// NewSHA512_224 returns a new SHA512_224 hash. ++func NewSHA512_224() hash.Hash { ++ return newEvpHash(crypto.SHA512_224) +} + -+// Bytes returns the public key encoding. -+func (key *PublicKeyMLDSA) Bytes() []byte { -+ return key.bytes[:key.params.publicKeySize] ++// NewSHA512_256 returns a new SHA512_256 hash. ++func NewSHA512_256() hash.Hash { ++ return newEvpHash(crypto.SHA512_256) +} + -+// Parameters returns the parameters associated with this public key. -+func (key *PublicKeyMLDSA) Parameters() MLDSAParameters { return key.params } ++// NewSHA3_224 returns a new SHA3-224 hash. ++func NewSHA3_224() hash.Hash { ++ return newEvpHash(crypto.SHA3_224) ++} + -+// Verify verifies an ML-DSA signature over message bound to the given context. -+func (key *PublicKeyMLDSA) Verify(message, signature []byte, context string) error { -+ return mldsaVerify(key.params, key.bytes[:key.params.publicKeySize], message, signature, context) ++// NewSHA3_256 returns a new SHA3-256 hash. ++func NewSHA3_256() hash.Hash { ++ return newEvpHash(crypto.SHA3_256) +} + -+// VerifyExternalMu verifies an ML-DSA signature over a pre-hashed mu message -+// representative. mu must be exactly 64 bytes long. -+func (key *PublicKeyMLDSA) VerifyExternalMu(mu, signature []byte) error { -+ if len(mu) != muSizeMLDSA { -+ return errors.New("mldsa: invalid message hash length") -+ } -+ return mldsaVerifyExternalMu(key.params, key.bytes[:key.params.publicKeySize], mu, signature) ++// NewSHA3_384 returns a new SHA3-384 hash. ++func NewSHA3_384() hash.Hash { ++ return newEvpHash(crypto.SHA3_384) +} + -+// Helper functions ++// NewSHA3_512 returns a new SHA3-512 hash. ++func NewSHA3_512() hash.Hash { ++ return newEvpHash(crypto.SHA3_512) ++} + -+// generateMLDSASeed generates a new ML-DSA private key and extracts the seed. -+func generateMLDSASeed(keyType int32, seed []byte) error { -+ pkey, err := generateEVPPKey(keyType, 0, "") -+ if err != nil { -+ return err -+ } -+ defer ossl.EVP_PKEY_free(pkey) ++var _ hash.Hash = (*evpHash)(nil) ++var _ HashCloner = (*evpHash)(nil) + -+ _, err = ossl.EVP_PKEY_get_octet_string_param(pkey, _OSSL_PKEY_PARAM_ML_DSA_SEED.ptr(), seed, nil) -+ return err ++// evpHash implements generic hash methods. ++type evpHash struct { ++ alg *hashAlgorithm ++ ctx ossl.EVP_MD_CTX_PTR ++ // ctx2 is used in evpHash.sum to avoid changing ++ // the state of ctx. Having it here allows reusing the ++ // same allocated object multiple times. ++ ctx2 ossl.EVP_MD_CTX_PTR ++ out [maxHashSize]byte +} + -+// createMLDSAPrivateKey creates an ML-DSA EVP_PKEY from a 32-byte seed. -+func createMLDSAPrivateKey(id int32, seed []byte) (ossl.EVP_PKEY_PTR, error) { -+ if len(seed) != privateKeySizeMLDSA { -+ return nil, errors.New("mldsa: invalid seed size") ++func newEvpHash(ch crypto.Hash) *evpHash { ++ alg := loadHash(ch) ++ if alg == nil { ++ panic("openssl: unsupported hash function: " + strconv.Itoa(int(ch))) + } ++ h := &evpHash{alg: alg} ++ // Don't call init() yet, it would be wasteful ++ // if the caller only wants to know the hash type. This ++ // is a common pattern in this package, as some functions ++ // accept a `func() hash.Hash` parameter and call it just ++ // to know the hash type. ++ return h ++} + -+ bld := newParamBuilder() -+ defer bld.finalize() -+ -+ bld.addOctetString(_OSSL_PKEY_PARAM_ML_DSA_SEED, seed) -+ -+ params, err := bld.build() -+ if err != nil { -+ return nil, err ++func (h *evpHash) finalize() { ++ if h.ctx != nil { ++ ossl.EVP_MD_CTX_free(h.ctx) ++ } ++ if h.ctx2 != nil { ++ ossl.EVP_MD_CTX_free(h.ctx2) + } -+ defer ossl.OSSL_PARAM_free(params) -+ -+ return newEvpFromParams(id, ossl.EVP_PKEY_KEYPAIR, params) +} + -+// createMLDSAPublicKey creates an ML-DSA EVP_PKEY from encoded public key bytes. -+func createMLDSAPublicKey(id int32, pubKeyBytes []byte) (ossl.EVP_PKEY_PTR, error) { -+ bld := newParamBuilder() -+ defer bld.finalize() -+ -+ bld.addOctetString(_OSSL_PKEY_PARAM_PUB_KEY, pubKeyBytes) -+ -+ params, err := bld.build() ++func (h *evpHash) init() { ++ if h.ctx != nil { ++ return ++ } ++ var err error ++ h.ctx, err = ossl.EVP_MD_CTX_new() + if err != nil { -+ return nil, err ++ panic(err) + } -+ defer ossl.OSSL_PARAM_free(params) -+ -+ return newEvpFromParams(id, ossl.EVP_PKEY_PUBLIC_KEY, params) -+} -+ -+// mldsaExtractPublicKey derives and copies the encoded public key bytes from -+// a private key seed. -+func mldsaExtractPublicKey(params MLDSAParameters, seed, dst []byte) error { -+ pkey, err := createMLDSAPrivateKey(params.keyType, seed) ++ if _, err := ossl.EVP_DigestInit_ex(h.ctx, h.alg.md, nil); err != nil { ++ ossl.EVP_MD_CTX_free(h.ctx) ++ panic(err) ++ } ++ h.ctx2, err = ossl.EVP_MD_CTX_new() + if err != nil { -+ return err ++ ossl.EVP_MD_CTX_free(h.ctx) ++ panic(err) + } -+ defer ossl.EVP_PKEY_free(pkey) ++ runtime.SetFinalizer(h, (*evpHash).finalize) ++} + -+ var pubLen int -+ if _, err := ossl.EVP_PKEY_get_octet_string_param(pkey, _OSSL_PKEY_PARAM_PUB_KEY.ptr(), dst, &pubLen); err != nil { -+ return err ++func (h *evpHash) Reset() { ++ if h.ctx == nil { ++ // The hash is not initialized yet, no need to reset. ++ return + } -+ if pubLen != params.publicKeySize { -+ return errors.New("mldsa: unexpected public key size") ++ // There is no need to reset h.ctx2 because it is always reset after ++ // use in evpHash.sum. ++ if _, err := ossl.EVP_DigestInit_ex(h.ctx, nil, nil); err != nil { ++ panic(err) + } -+ return nil ++ runtime.KeepAlive(h) +} + -+// mldsaSigParams builds the OSSL_PARAM array used to bind a context string -+// (and/or the external-mu flag) to an ML-DSA Sign or Verify operation. -+// Returns nil params when neither is set. -+func mldsaSigParams(context string, externalMu bool) (ossl.OSSL_PARAM_PTR, error) { -+ if len(context) > maxContextSizeMLDSA { -+ return nil, errors.New("mldsa: context too long") ++func (h *evpHash) Write(p []byte) (int, error) { ++ if len(p) == 0 { ++ return 0, nil + } -+ if context == "" && !externalMu { -+ return nil, nil ++ h.init() ++ if _, err := ossl.EVP_DigestUpdate(h.ctx, pbase(p), len(p)); err != nil { ++ panic(err) + } -+ bld := newParamBuilder() -+ defer bld.finalize() -+ if context != "" { -+ bld.addOctetString(_OSSL_SIGNATURE_PARAM_CONTEXT_STRING, []byte(context)) ++ runtime.KeepAlive(h) ++ return len(p), nil ++} ++ ++func (h *evpHash) WriteString(s string) (int, error) { ++ if len(s) == 0 { ++ return 0, nil + } -+ if externalMu { -+ bld.addInt32(_OSSL_SIGNATURE_PARAM_MU, 1) ++ h.init() ++ if _, err := ossl.EVP_DigestUpdate(h.ctx, unsafe.Pointer(unsafe.StringData(s)), len(s)); err != nil { ++ panic(err) + } -+ return bld.build() ++ runtime.KeepAlive(h) ++ return len(s), nil +} + -+func mldsaSign(params MLDSAParameters, seed, message []byte, context string) ([]byte, error) { -+ pkey, err := createMLDSAPrivateKey(params.keyType, seed) -+ if err != nil { -+ return nil, err ++func (h *evpHash) WriteByte(c byte) error { ++ h.init() ++ if _, err := ossl.EVP_DigestUpdate(h.ctx, unsafe.Pointer(&c), 1); err != nil { ++ panic(err) + } -+ defer ossl.EVP_PKEY_free(pkey) -+ -+ return mldsaSignWithKey(pkey, params, message, context, false) ++ runtime.KeepAlive(h) ++ return nil +} + -+func mldsaSignExternalMu(params MLDSAParameters, seed, mu []byte) ([]byte, error) { -+ pkey, err := createMLDSAPrivateKey(params.keyType, seed) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EVP_PKEY_free(pkey) ++func (h *evpHash) Size() int { ++ return h.alg.size ++} + -+ return mldsaSignWithKey(pkey, params, mu, "", true) ++func (h *evpHash) BlockSize() int { ++ return h.alg.blockSize +} + -+func mldsaSignWithKey(pkey ossl.EVP_PKEY_PTR, params MLDSAParameters, message []byte, context string, externalMu bool) ([]byte, error) { -+ mdctx, err := ossl.EVP_MD_CTX_new() -+ if err != nil { -+ return nil, err ++func (h *evpHash) Sum(in []byte) []byte { ++ h.init() ++ tmp := h.out[:h.Size()] // Create slice view ++ clear(tmp) ++ if err := ossl.HashSum(h.ctx, h.ctx2, tmp); err != nil { ++ panic(err) + } -+ defer ossl.EVP_MD_CTX_free(mdctx) ++ runtime.KeepAlive(h) ++ return append(in, tmp...) ++} + -+ var pctx ossl.EVP_PKEY_CTX_PTR -+ if _, err := ossl.EVP_DigestSignInit(mdctx, &pctx, nil, nil, pkey); err != nil { -+ return nil, err -+ } -+ sigParams, err := mldsaSigParams(context, externalMu) -+ if err != nil { -+ return nil, err -+ } -+ if sigParams != nil { -+ defer ossl.OSSL_PARAM_free(sigParams) -+ if _, err := ossl.EVP_PKEY_CTX_set_params(pctx, sigParams); err != nil { -+ return nil, err ++// Clone returns a new evpHash object that is a deep clone of itself. ++// The duplicate object contains all state and data contained in the ++// original object at the point of duplication. ++func (h *evpHash) Clone() (HashCloner, error) { ++ h2 := &evpHash{alg: h.alg} ++ if h.ctx != nil { ++ var err error ++ h2.ctx, err = ossl.EVP_MD_CTX_new() ++ if err != nil { ++ panic(err) ++ } ++ if _, err := ossl.EVP_MD_CTX_copy_ex(h2.ctx, h.ctx); err != nil { ++ ossl.EVP_MD_CTX_free(h2.ctx) ++ panic(err) ++ } ++ h2.ctx2, err = ossl.EVP_MD_CTX_new() ++ if err != nil { ++ ossl.EVP_MD_CTX_free(h2.ctx) ++ panic(err) + } ++ runtime.SetFinalizer(h2, (*evpHash).finalize) + } ++ runtime.KeepAlive(h) ++ return h2, nil ++} + -+ signature := make([]byte, params.signatureSize) -+ siglen := params.signatureSize -+ if _, err := ossl.EVP_DigestSign(mdctx, signature, &siglen, message); err != nil { -+ return nil, err -+ } -+ if siglen != params.signatureSize { -+ return nil, errors.New("mldsa: unexpected signature length") ++var errHashNotMarshallable = errors.New("openssl: hash state is not marshallable") ++ ++func (d *evpHash) MarshalBinary() ([]byte, error) { ++ if !d.alg.marshallable { ++ return nil, errHashNotMarshallable + } -+ return signature[:siglen], nil ++ buf := make([]byte, 0, d.alg.marshalledSize) ++ return d.AppendBinary(buf) +} + -+func mldsaVerify(params MLDSAParameters, publicKey, message, signature []byte, context string) error { -+ if len(signature) != params.signatureSize { -+ return errors.New("mldsa: invalid signature length") ++func (d *evpHash) AppendBinary(buf []byte) ([]byte, error) { ++ defer runtime.KeepAlive(d) ++ if !d.alg.marshallable { ++ return nil, errHashNotMarshallable + } -+ pkey, err := createMLDSAPublicKey(params.keyType, publicKey) -+ if err != nil { -+ return err ++ d.init() ++ switch d.alg.provider { ++ case providerOSSLDefault, providerOSSLFIPS: ++ return osslHashAppendBinary(d.ctx, d.alg.ch, d.alg.magic, buf) ++ case providerSymCrypt: ++ return symCryptHashAppendBinary(d.ctx, d.alg.ch, d.alg.magic, buf) ++ default: ++ panic("openssl: unknown hash provider" + strconv.Itoa(int(d.alg.provider))) + } -+ defer ossl.EVP_PKEY_free(pkey) -+ -+ return mldsaVerifyWithKey(pkey, message, signature, context, false) +} + -+func mldsaVerifyExternalMu(params MLDSAParameters, publicKey, mu, signature []byte) error { -+ if len(signature) != params.signatureSize { -+ return errors.New("mldsa: invalid signature length") ++func (d *evpHash) UnmarshalBinary(b []byte) error { ++ defer runtime.KeepAlive(d) ++ d.init() ++ if !d.alg.marshallable { ++ return errHashNotMarshallable + } -+ pkey, err := createMLDSAPublicKey(params.keyType, publicKey) -+ if err != nil { -+ return err ++ if len(b) < len(d.alg.magic) || string(b[:len(d.alg.magic)]) != d.alg.magic { ++ return errors.New("openssl: invalid hash state identifier") + } -+ defer ossl.EVP_PKEY_free(pkey) ++ if len(b) != d.alg.marshalledSize { ++ return errors.New("openssl: invalid hash state size") ++ } ++ switch d.alg.provider { ++ case providerOSSLDefault, providerOSSLFIPS: ++ return osslHashUnmarshalBinary(d.ctx, d.alg.ch, d.alg.magic, b) ++ case providerSymCrypt: ++ return symCryptHashUnmarshalBinary(d.ctx, d.alg.ch, d.alg.magic, b) ++ default: ++ panic("openssl: unknown hash provider" + strconv.Itoa(int(d.alg.provider))) ++ } ++} ++ ++// appendUint64 appends x into b as a big endian byte sequence. ++func appendUint64(b []byte, x uint64) []byte { ++ return append(b, ++ byte(x>>56), ++ byte(x>>48), ++ byte(x>>40), ++ byte(x>>32), ++ byte(x>>24), ++ byte(x>>16), ++ byte(x>>8), ++ byte(x), ++ ) ++} + -+ return mldsaVerifyWithKey(pkey, mu, signature, "", true) ++// appendUint32 appends x into b as a big endian byte sequence. ++func appendUint32(b []byte, x uint32) []byte { ++ return append(b, byte(x>>24), byte(x>>16), byte(x>>8), byte(x)) +} + -+func mldsaVerifyWithKey(pkey ossl.EVP_PKEY_PTR, message, signature []byte, context string, externalMu bool) error { -+ mdctx, err := ossl.EVP_MD_CTX_new() -+ if err != nil { -+ return err -+ } -+ defer ossl.EVP_MD_CTX_free(mdctx) ++// consumeUint64 reads a big endian uint64 number from b. ++func consumeUint64(b []byte) ([]byte, uint64) { ++ _ = b[7] ++ x := uint64(b[7]) | uint64(b[6])<<8 | uint64(b[5])<<16 | uint64(b[4])<<24 | ++ uint64(b[3])<<32 | uint64(b[2])<<40 | uint64(b[1])<<48 | uint64(b[0])<<56 ++ return b[8:], x ++} ++ ++// consumeUint32 reads a big endian uint32 number from b. ++func consumeUint32(b []byte) ([]byte, uint32) { ++ _ = b[3] ++ x := uint32(b[3]) | uint32(b[2])<<8 | uint32(b[1])<<16 | uint32(b[0])<<24 ++ return b[4:], x ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hashclone.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hashclone.go +new file mode 100644 +index 00000000000000..423668c6acf239 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hashclone.go +@@ -0,0 +1,14 @@ ++//go:build !go1.25 && !cmd_go_bootstrap ++ ++package openssl ++ ++import ( ++ "hash" ++) ++ ++// HashCloner is an interface that defines a Clone method. ++type HashCloner interface { ++ hash.Hash ++ // Clone returns a separate Hash instance with the same state as h. ++ Clone() (HashCloner, error) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hashclone_go125.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hashclone_go125.go +new file mode 100644 +index 00000000000000..f1f2364c7246d4 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hashclone_go125.go +@@ -0,0 +1,9 @@ ++//go:build go1.25 && !cmd_go_bootstrap ++ ++package openssl + -+ var pctx ossl.EVP_PKEY_CTX_PTR -+ if _, err := ossl.EVP_DigestVerifyInit(mdctx, &pctx, nil, nil, pkey); err != nil { -+ return err -+ } -+ sigParams, err := mldsaSigParams(context, externalMu) -+ if err != nil { -+ return err -+ } -+ if sigParams != nil { -+ defer ossl.OSSL_PARAM_free(sigParams) -+ if _, err := ossl.EVP_PKEY_CTX_set_params(pctx, sigParams); err != nil { -+ return err -+ } -+ } ++import ( ++ "hash" ++) + -+ if _, err := ossl.EVP_DigestVerify(mdctx, signature, message); err != nil { -+ return errors.New("mldsa: invalid signature") -+ } -+ return nil -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/mlkem.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/mlkem.go ++type HashCloner = hash.Cloner +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hkdf.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hkdf.go new file mode 100644 -index 00000000000000..5c2ffbabe92e15 +index 00000000000000..ce6c9defc6a33d --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/mlkem.go -@@ -0,0 +1,369 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hkdf.go +@@ -0,0 +1,434 @@ ++//go:build !cmd_go_bootstrap + +package openssl + ++import "C" +import ( + "errors" ++ "hash" ++ "io" ++ "runtime" + "sync" + "unsafe" + + "github.com/microsoft/go-crypto-openssl/internal/ossl" +) + -+const ( -+ // sharedKeySizeMLKEM is the size of a shared key produced by ML-KEM. -+ sharedKeySizeMLKEM = 32 -+ -+ // seedSizeMLKEM is the size of a seed used to generate a decapsulation key. -+ seedSizeMLKEM = 64 -+ -+ // ciphertextSizeMLKEM768 is the size of a ciphertext produced by ML-KEM-768. -+ ciphertextSizeMLKEM768 = 1088 -+ -+ // encapsulationKeySizeMLKEM768 is the size of an ML-KEM-768 encapsulation key. -+ encapsulationKeySizeMLKEM768 = 1184 -+ -+ // ciphertextSizeMLKEM1024 is the size of a ciphertext produced by ML-KEM-1024. -+ ciphertextSizeMLKEM1024 = 1568 -+ -+ // encapsulationKeySizeMLKEM1024 is the size of an ML-KEM-1024 encapsulation key. -+ encapsulationKeySizeMLKEM1024 = 1568 -+) -+ -+// SupportsMLKEM768 returns true if ML-KEM-768 is supported on this platform. -+func SupportsMLKEM768() bool { -+ return supportsMLKEM768() -+} -+ -+// SupportsMLKEM1024 returns true if ML-KEM-1024 is supported on this platform. -+func SupportsMLKEM1024() bool { -+ return supportsMLKEM1024() ++// SupprtHKDF reports whether the current OpenSSL version supports HKDF. ++func SupportsHKDF() bool { ++ switch vMajor { ++ case 1: ++ return versionAtOrAbove(1, 1, 1) ++ case 3: ++ _, err := fetchHKDF3() ++ return err == nil ++ default: ++ panic(errUnsupportedVersion()) ++ } +} + -+var supportsMLKEM768 = sync.OnceValue(func() bool { -+ // EVP_KEYMGMT_fetch was added in OpenSSL 3.0; if it is not available we -+ // are on 1.x and ML-KEM is not supported. On 3.0–3.4 the fetch returns -+ // nil for the ML-KEM algorithm name, which the probe reports as false. -+ if !ossl.EVP_KEYMGMT_fetch_Available() { -+ return false -+ } -+ sig, _ := ossl.EVP_KEYMGMT_fetch(nil, _KeyTypeMLKEM768.ptr(), nil) -+ if sig == nil { ++// SupprtsTLS13KDF reports whether the current OpenSSL version supports TLS13-KDF. ++func SupportsTLS13KDF() bool { ++ switch vMajor { ++ case 1: + return false ++ case 3: ++ // TLS13-KDF is available in OpenSSL 3.0.0 and later. ++ _, err := fetchTLS13_KDF() ++ return err == nil ++ default: ++ panic(errUnsupportedVersion()) + } -+ ossl.EVP_KEYMGMT_free(sig) -+ return true -+}) ++} + -+var supportsMLKEM1024 = sync.OnceValue(func() bool { -+ if !ossl.EVP_KEYMGMT_fetch_Available() { -+ return false -+ } -+ sig, _ := ossl.EVP_KEYMGMT_fetch(nil, _KeyTypeMLKEM1024.ptr(), nil) -+ if sig == nil { -+ return false -+ } -+ ossl.EVP_KEYMGMT_free(sig) -+ return true -+}) ++func newHKDFCtx1(md ossl.EVP_MD_PTR, mode int32, secret, salt, pseudorandomKey, info []byte) (ctx ossl.EVP_PKEY_CTX_PTR, err error) { ++ checkMajorVersion(1) + -+// DecapsulationKeyMLKEM768 is the secret key used to decapsulate a shared key -+// from a ciphertext. It includes various precomputed values. -+type DecapsulationKeyMLKEM768 [seedSizeMLKEM]byte ++ ctx, err = ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_HKDF, nil) ++ if err != nil { ++ return nil, err ++ } ++ defer func() { ++ if err != nil { ++ ossl.EVP_PKEY_CTX_free(ctx) ++ } ++ }() + -+// GenerateKeyMLKEM768 generates a new decapsulation key, drawing random bytes from -+// the default crypto/rand source. The decapsulation key must be kept secret. -+func GenerateKeyMLKEM768() (DecapsulationKeyMLKEM768, error) { -+ var dk DecapsulationKeyMLKEM768 -+ if err := generateMLKEMSeed(ossl.EVP_PKEY_MLKEM_768, dk[:]); err != nil { -+ return DecapsulationKeyMLKEM768{}, err ++ if _, err := ossl.EVP_PKEY_derive_init(ctx); err != nil { ++ return ctx, err + } -+ return dk, nil -+} + -+// NewDecapsulationKeyMLKEM768 expands a decapsulation key from a 64-byte seed in the -+// "d || z" form. The seed must be uniformly random. -+func NewDecapsulationKeyMLKEM768(seed []byte) (DecapsulationKeyMLKEM768, error) { -+ if len(seed) != seedSizeMLKEM { -+ return DecapsulationKeyMLKEM768{}, errors.New("mlkem: invalid seed size") ++ ctrlSlice := func(ctrl int32, data []byte) bool { ++ if err != nil { ++ return false ++ } ++ if len(data) == 0 { ++ return true // No data to set. ++ } ++ _, err = ossl.EVP_PKEY_CTX_ctrl(ctx, -1, ossl.EVP_PKEY_OP_DERIVE, ctrl, int32(len(data)), unsafe.Pointer(base(data))) ++ return err == nil + } + -+ var dk DecapsulationKeyMLKEM768 -+ copy(dk[:], seed) -+ return dk, nil ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, ossl.EVP_PKEY_OP_DERIVE, ossl.EVP_PKEY_CTRL_HKDF_MODE, mode, nil); err != nil { ++ return ctx, err ++ } ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, ossl.EVP_PKEY_OP_DERIVE, ossl.EVP_PKEY_CTRL_HKDF_MD, 0, unsafe.Pointer(md)); err != nil { ++ return ctx, err ++ } ++ if ctrlSlice(ossl.EVP_PKEY_CTRL_HKDF_KEY, secret) && ++ ctrlSlice(ossl.EVP_PKEY_CTRL_HKDF_SALT, salt) && ++ ctrlSlice(ossl.EVP_PKEY_CTRL_HKDF_KEY, pseudorandomKey) && ++ ctrlSlice(ossl.EVP_PKEY_CTRL_HKDF_INFO, info) { ++ return ctx, err ++ } ++ return ctx, nil +} + -+// Bytes returns the decapsulation key as a 64-byte seed in the "d || z" form. -+// -+// The decapsulation key must be kept secret. -+func (dk DecapsulationKeyMLKEM768) Bytes() []byte { -+ return dk[:] -+} ++type hkdf1 struct { ++ ctx ossl.EVP_PKEY_CTX_PTR + -+// Decapsulate generates a shared key from a ciphertext and a decapsulation -+// key. If the ciphertext is not valid, Decapsulate returns an error. -+// -+// The shared key must be kept secret. -+func (dk DecapsulationKeyMLKEM768) Decapsulate(ciphertext []byte) (sharedKey []byte, err error) { -+ return performDecapsulation(ossl.NID_ML_KEM_768, dk[:], ciphertext) ++ hashLen int ++ buf []byte +} + -+// EncapsulationKey returns the public encapsulation key necessary to produce -+// ciphertexts. -+func (dk DecapsulationKeyMLKEM768) EncapsulationKey() EncapsulationKeyMLKEM768 { -+ ekBytes := extractEncapsulationKeyBytes(ossl.NID_ML_KEM_768, dk[:], encapsulationKeySizeMLKEM768) -+ var ek EncapsulationKeyMLKEM768 -+ copy(ek[:], ekBytes) -+ return ek ++func (c *hkdf1) finalize() { ++ if c.ctx != nil { ++ ossl.EVP_PKEY_CTX_free(c.ctx) ++ } +} + -+// An EncapsulationKeyMLKEM768 is the public key used to produce ciphertexts to be -+// decapsulated by the corresponding DecapsulationKeyMLKEM768. -+type EncapsulationKeyMLKEM768 [encapsulationKeySizeMLKEM768]byte ++func (c *hkdf1) Read(p []byte) (int, error) { ++ defer runtime.KeepAlive(c) + -+// NewEncapsulationKeyMLKEM768 parses an encapsulation key from its encoded form. If -+// the encapsulation key is not valid, NewEncapsulationKeyMLKEM768 returns an error. -+func NewEncapsulationKeyMLKEM768(encapsulationKey []byte) (EncapsulationKeyMLKEM768, error) { -+ if len(encapsulationKey) != encapsulationKeySizeMLKEM768 { -+ return EncapsulationKeyMLKEM768{}, errors.New("mlkem: invalid encapsulation key size") ++ // EVP_PKEY_derive doesn't support incremental output, each call ++ // derives the key from scratch and returns the requested bytes. ++ // To implement io.Reader, we need to ask for len(c.buf) + len(p) ++ // bytes and copy the last derived len(p) bytes to p. ++ // We use c.buf to know how many bytes we've already derived and ++ // to avoid allocating the whole output buffer on each call. ++ prevLen := len(c.buf) ++ needLen := len(p) ++ remains := 255*c.hashLen - prevLen ++ // Check whether enough data can be generated. ++ if remains < needLen { ++ return 0, errors.New("hkdf: entropy limit reached") + } -+ -+ var ek EncapsulationKeyMLKEM768 -+ copy(ek[:], encapsulationKey) -+ return ek, nil -+} -+ -+// Bytes returns the encapsulation key as a byte slice. -+func (ek EncapsulationKeyMLKEM768) Bytes() []byte { -+ return ek[:] ++ c.buf = append(c.buf, make([]byte, needLen)...) ++ outLen := prevLen + needLen ++ if _, err := ossl.EVP_PKEY_derive(c.ctx, base(c.buf), &outLen); err != nil { ++ return 0, err ++ } ++ n := copy(p, c.buf[prevLen:outLen]) ++ return n, nil +} + -+// Encapsulate generates a shared key and an associated ciphertext from an -+// encapsulation key, drawing random bytes from the default crypto/rand source. -+// -+// The shared key must be kept secret. -+func (ek EncapsulationKeyMLKEM768) Encapsulate() (sharedKey, ciphertext []byte) { -+ return performEncapsulation(ossl.NID_ML_KEM_768, ciphertextSizeMLKEM768, ek[:]) -+} ++// hkdfAllZerosSalt is a preallocated buffer of zeros used in ExtractHKDF(). ++// The size should be kept as large as the output length of any hash algorithm ++// used with HKDF. ++var hkdfAllZerosSalt [64]byte + -+func performEncapsulation(id int32, ciphertextSize int, ek []byte) (sharedKey, ciphertext []byte) { -+ pkey, err := createMLKEMPublicKey(id, ek) -+ if err != nil { -+ panic(err) ++// ExtractHDKF implements the HDKF extract step. ++// If salt is nil, then this function replaces it internally with a buffer of ++// zeros whose length equals the output length of the specified hash algorithm. ++func ExtractHKDF(h func() hash.Hash, secret, salt []byte) ([]byte, error) { ++ if !SupportsHKDF() { ++ return nil, errUnsupportedVersion() + } -+ defer ossl.EVP_PKEY_free(pkey) + -+ // Create encapsulation context -+ ctx, err := ossl.EVP_PKEY_CTX_new_from_pkey(nil, pkey, nil) ++ md, err := hashFuncToMD(h) + if err != nil { -+ panic(err) ++ return nil, err + } -+ defer ossl.EVP_PKEY_CTX_free(ctx) + -+ // Initialize encapsulation -+ if _, err := ossl.EVP_PKEY_encapsulate_init(ctx, nil); err != nil { -+ panic(err) ++ // If calling code specifies nil salt, replace it with a buffer of hashLen ++ // zeros, as specified in RFC 5896 and as OpenSSL EVP_KDF-HKDF documentation ++ // instructs. Take a slice of a preallocated buffer to avoid allocating new ++ // buffer per call, but fall back to allocating a buffer if preallocated ++ // buffer is not large enough. ++ if salt == nil { ++ hlen := h().Size() ++ if hlen > len(hkdfAllZerosSalt) { ++ salt = make([]byte, hlen) ++ } else { ++ salt = hkdfAllZerosSalt[:hlen] ++ } + } + -+ // Perform encapsulation - allocate buffers based on the key size -+ sharedKey = make([]byte, sharedKeySizeMLKEM) -+ ciphertext = make([]byte, ciphertextSize) -+ -+ sharedKeyLen := len(sharedKey) -+ ciphertextLen := len(ciphertext) -+ -+ if _, err := ossl.EVP_PKEY_encapsulate(ctx, base(ciphertext), &ciphertextLen, base(sharedKey), &sharedKeyLen); err != nil { -+ panic(err) ++ switch vMajor { ++ case 1: ++ ctx, err := newHKDFCtx1(md, ossl.EVP_KDF_HKDF_MODE_EXTRACT_ONLY, secret, salt, nil, nil) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_PKEY_CTX_free(ctx) ++ var keylen int ++ if _, err := ossl.EVP_PKEY_derive(ctx, nil, &keylen); err != nil { ++ return nil, err ++ } ++ out := make([]byte, keylen) ++ if _, err := ossl.EVP_PKEY_derive(ctx, base(out), &keylen); err != nil { ++ return nil, err ++ } ++ return out[:keylen], nil ++ case 3: ++ ctx, err := newHKDFCtx3(md, ossl.EVP_KDF_HKDF_MODE_EXTRACT_ONLY, secret, salt, nil, nil) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_KDF_CTX_free(ctx) ++ size, err := ossl.EVP_KDF_CTX_get_kdf_size(ctx) ++ if err != nil { ++ return nil, err ++ } ++ out := make([]byte, size) ++ if _, err := ossl.EVP_KDF_derive(ctx, base(out), len(out), nil); err != nil { ++ return nil, err ++ } ++ return out, nil ++ default: ++ panic(errUnsupportedVersion()) + } -+ -+ return sharedKey[:sharedKeyLen], ciphertext[:ciphertextLen] +} + -+func performDecapsulation(id int32, seed, ciphertext []byte) (sharedKey []byte, err error) { -+ if len(ciphertext) == 0 { -+ return nil, errors.New("mlkem: invalid ciphertext size") ++// ExpandHKDFOneShot derives a key from the given hash, key, and optional context info. ++func ExpandHKDFOneShot(h func() hash.Hash, pseudorandomKey, info []byte, keyLength int) ([]byte, error) { ++ if !SupportsHKDF() { ++ return nil, errUnsupportedVersion() + } + -+ pkey, err := createMLKEMPrivateKey(id, seed) ++ md, err := hashFuncToMD(h) + if err != nil { + return nil, err + } -+ defer ossl.EVP_PKEY_free(pkey) + -+ // Create decapsulation context -+ ctx, err := ossl.EVP_PKEY_CTX_new_from_pkey(nil, pkey, nil) -+ if err != nil { -+ return nil, err ++ out := make([]byte, keyLength) ++ switch vMajor { ++ case 1: ++ ctx, err := newHKDFCtx1(md, ossl.EVP_KDF_HKDF_MODE_EXPAND_ONLY, nil, nil, pseudorandomKey, info) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_PKEY_CTX_free(ctx) ++ keylen := keyLength ++ if _, err := ossl.EVP_PKEY_derive(ctx, base(out), &keylen); err != nil { ++ return nil, err ++ } ++ case 3: ++ ctx, err := newHKDFCtx3(md, ossl.EVP_KDF_HKDF_MODE_EXPAND_ONLY, nil, nil, pseudorandomKey, info) ++ if err != nil { ++ return nil, err ++ } ++ defer ossl.EVP_KDF_CTX_free(ctx) ++ if _, err := ossl.EVP_KDF_derive(ctx, base(out), keyLength, nil); err != nil { ++ return nil, err ++ } ++ default: ++ panic(errUnsupportedVersion()) + } -+ defer ossl.EVP_PKEY_CTX_free(ctx) ++ return out, nil ++} + -+ // Initialize decapsulation -+ if _, err := ossl.EVP_PKEY_decapsulate_init(ctx, nil); err != nil { -+ return nil, err ++// ExpandTLS13KDF derives a key from the given hash, key, label and context. It will use ++// "TLS13-KDF" algorithm to do so. ++func ExpandTLS13KDF(h func() hash.Hash, pseudorandomKey, label, context []byte, keyLength int) ([]byte, error) { ++ if !SupportsTLS13KDF() { ++ return nil, errUnsupportedVersion() + } + -+ // Perform decapsulation -+ sharedKey = make([]byte, sharedKeySizeMLKEM) -+ sharedKeyLen := len(sharedKey) -+ if _, err := ossl.EVP_PKEY_decapsulate(ctx, base(sharedKey), &sharedKeyLen, base(ciphertext), len(ciphertext)); err != nil { ++ md, err := hashFuncToMD(h) ++ if err != nil { + return nil, err + } + -+ return sharedKey[:sharedKeyLen], nil -+} -+ -+// DecapsulationKeyMLKEM1024 is the secret key used to decapsulate a shared key -+// from a ciphertext. It includes various precomputed values. -+type DecapsulationKeyMLKEM1024 [seedSizeMLKEM]byte ++ out := make([]byte, keyLength) + -+// GenerateKeyMLKEM1024 generates a new decapsulation key, drawing random bytes from -+// the default crypto/rand source. The decapsulation key must be kept secret. -+func GenerateKeyMLKEM1024() (DecapsulationKeyMLKEM1024, error) { -+ var dk DecapsulationKeyMLKEM1024 -+ if err := generateMLKEMSeed(ossl.EVP_PKEY_MLKEM_1024, dk[:]); err != nil { -+ return DecapsulationKeyMLKEM1024{}, err ++ ctx, err := newTLS13KDFExpandCtx3(md, label, context, pseudorandomKey) ++ if err != nil { ++ return nil, err + } -+ return dk, nil -+} -+ -+// NewDecapsulationKeyMLKEM1024 expands a decapsulation key from a 64-byte seed in the -+// "d || z" form. The seed must be uniformly random. -+func NewDecapsulationKeyMLKEM1024(seed []byte) (DecapsulationKeyMLKEM1024, error) { -+ if len(seed) != seedSizeMLKEM { -+ return DecapsulationKeyMLKEM1024{}, errors.New("mlkem: invalid seed size") ++ defer ossl.EVP_KDF_CTX_free(ctx) ++ if _, err := ossl.EVP_KDF_derive(ctx, base(out), keyLength, nil); err != nil { ++ return nil, err + } -+ -+ var dk DecapsulationKeyMLKEM1024 -+ copy(dk[:], seed) -+ return dk, nil -+} -+ -+// Bytes returns the decapsulation key as a 64-byte seed in the "d || z" form. -+// -+// The decapsulation key must be kept secret. -+func (dk DecapsulationKeyMLKEM1024) Bytes() []byte { -+ return dk[:] ++ return out, nil +} + -+// Decapsulate generates a shared key from a ciphertext and a decapsulation -+// key. If the ciphertext is not valid, Decapsulate returns an error. -+// -+// The shared key must be kept secret. -+func (dk DecapsulationKeyMLKEM1024) Decapsulate(ciphertext []byte) (sharedKey []byte, err error) { -+ return performDecapsulation(ossl.NID_ML_KEM_1024, dk[:], ciphertext) -+} ++func ExpandHKDF(h func() hash.Hash, pseudorandomKey, info []byte) (io.Reader, error) { ++ if !SupportsHKDF() { ++ return nil, errUnsupportedVersion() ++ } + -+// EncapsulationKey returns the public encapsulation key necessary to produce -+// ciphertexts. -+func (dk DecapsulationKeyMLKEM1024) EncapsulationKey() EncapsulationKeyMLKEM1024 { -+ ekBytes := extractEncapsulationKeyBytes(ossl.NID_ML_KEM_1024, dk[:], encapsulationKeySizeMLKEM1024) -+ var ek EncapsulationKeyMLKEM1024 -+ copy(ek[:], ekBytes) -+ return ek -+} ++ md, err := hashFuncToMD(h) ++ if err != nil { ++ return nil, err ++ } + -+// An EncapsulationKeyMLKEM1024 is the public key used to produce ciphertexts to be -+// decapsulated by the corresponding DecapsulationKeyMLKEM1024. -+type EncapsulationKeyMLKEM1024 [encapsulationKeySizeMLKEM1024]byte ++ size := int(ossl.EVP_MD_get_size(md)) + -+// NewEncapsulationKeyMLKEM1024 parses an encapsulation key from its encoded form. If -+// the encapsulation key is not valid, NewEncapsulationKeyMLKEM1024 returns an error. -+func NewEncapsulationKeyMLKEM1024(encapsulationKey []byte) (EncapsulationKeyMLKEM1024, error) { -+ if len(encapsulationKey) != encapsulationKeySizeMLKEM1024 { -+ return EncapsulationKeyMLKEM1024{}, errors.New("mlkem: invalid encapsulation key size") ++ switch vMajor { ++ case 1: ++ ctx, err := newHKDFCtx1(md, ossl.EVP_KDF_HKDF_MODE_EXPAND_ONLY, nil, nil, pseudorandomKey, info) ++ if err != nil { ++ return nil, err ++ } ++ c := &hkdf1{ctx: ctx, hashLen: size} ++ runtime.SetFinalizer(c, (*hkdf1).finalize) ++ return c, nil ++ case 3: ++ ctx, err := newHKDFCtx3(md, ossl.EVP_KDF_HKDF_MODE_EXPAND_ONLY, nil, nil, pseudorandomKey, info) ++ if err != nil { ++ return nil, err ++ } ++ c := &hkdf3{ctx: ctx, hashLen: size} ++ runtime.SetFinalizer(c, (*hkdf3).finalize) ++ return c, nil ++ default: ++ panic(errUnsupportedVersion()) + } -+ -+ var ek EncapsulationKeyMLKEM1024 -+ copy(ek[:], encapsulationKey) -+ return ek, nil +} + -+// Bytes returns the encapsulation key as a byte slice. -+func (ek EncapsulationKeyMLKEM1024) Bytes() []byte { -+ return ek[:] ++type hkdf3 struct { ++ ctx ossl.EVP_KDF_CTX_PTR ++ ++ hashLen int ++ buf []byte +} + -+// Encapsulate generates a shared key and an associated ciphertext from an -+// encapsulation key, drawing random bytes from the default crypto/rand source. -+// -+// The shared key must be kept secret. -+func (ek EncapsulationKeyMLKEM1024) Encapsulate() (sharedKey, ciphertext []byte) { -+ return performEncapsulation(ossl.NID_ML_KEM_1024, ciphertextSizeMLKEM1024, ek[:]) ++func (c *hkdf3) finalize() { ++ if c.ctx != nil { ++ ossl.EVP_KDF_CTX_free(c.ctx) ++ } +} + -+// Helper functions ++// fetchTLS13_KDF fetches the TLS13-KDF algorithm. ++// It is safe to call this function concurrently. ++// The returned EVP_KDF_PTR shouldn't be freed. ++var fetchTLS13_KDF = sync.OnceValues(func() (ossl.EVP_KDF_PTR, error) { ++ checkMajorVersion(3) + -+// generateMLKEMSeed generates a new ML-KEM seed by creating a key and extracting its seed parameter. -+func generateMLKEMSeed(keyType int32, seed []byte) error { -+ pkey, err := generateEVPPKey(keyType, 0, "") ++ kdf, err := ossl.EVP_KDF_fetch(nil, _OSSL_KDF_NAME_TLS13_KDF.ptr(), nil) + if err != nil { -+ return err ++ return nil, err + } -+ defer ossl.EVP_PKEY_free(pkey) ++ return kdf, nil ++}) + -+ _, err = ossl.EVP_PKEY_get_octet_string_param(pkey, _OSSL_PKEY_PARAM_ML_KEM_SEED.ptr(), seed, nil) -+ return err -+} ++// newTLS13KDFExpandCtx3 fetches the "TLS13-KDF" for TLS 1.3 handshakes. ++func newTLS13KDFExpandCtx3(md ossl.EVP_MD_PTR, label, context, pseudorandomKey []byte) (_ ossl.EVP_KDF_CTX_PTR, err error) { ++ checkMajorVersion(3) + -+// createMLKEMPrivateKey creates an ML-KEM private key from a seed -+func createMLKEMPrivateKey(id int32, seed []byte) (ossl.EVP_PKEY_PTR, error) { -+ if len(seed) != seedSizeMLKEM { -+ return nil, errors.New("mlkem: invalid seed size") ++ kdf, err := fetchTLS13_KDF() ++ if err != nil { ++ return nil, err + } + -+ bld := newParamBuilder() -+ defer bld.finalize() ++ ctx, err := ossl.EVP_KDF_CTX_new(kdf) ++ if err != nil { ++ return nil, err ++ } ++ defer func() { ++ if err != nil { ++ ossl.EVP_KDF_CTX_free(ctx) ++ } ++ }() + -+ bld.addOctetString(_OSSL_PKEY_PARAM_ML_KEM_SEED, seed) ++ bld, err := newParamBuilder() ++ if err != nil { ++ return ctx, err ++ } ++ bld.addUTF8String(_OSSL_KDF_PARAM_DIGEST, ossl.EVP_MD_get0_name(md), 0) ++ bld.addInt32(_OSSL_KDF_PARAM_MODE, int32(ossl.EVP_KDF_HKDF_MODE_EXPAND_ONLY)) ++ bld.addOctetString(_OSSL_KDF_PARAM_PREFIX, []byte("tls13 ")) ++ bld.addOctetString(_OSSL_KDF_PARAM_LABEL, label) ++ bld.addOctetString(_OSSL_KDF_PARAM_DATA, context) ++ bld.addOctetString(_OSSL_KDF_PARAM_KEY, pseudorandomKey) + + params, err := bld.build() + if err != nil { -+ return nil, err ++ return ctx, err + } + defer ossl.OSSL_PARAM_free(params) + -+ return newEvpFromParams(id, ossl.EVP_PKEY_KEYPAIR, params) ++ if _, err := ossl.EVP_KDF_CTX_set_params(ctx, params); err != nil { ++ return ctx, err ++ } ++ return ctx, nil +} + -+// createMLKEMPublicKey creates an ML-KEM public key from encoded bytes. -+func createMLKEMPublicKey(id int32, pubKeyBytes []byte) (ossl.EVP_PKEY_PTR, error) { -+ bld := newParamBuilder() -+ defer bld.finalize() -+ -+ bld.addOctetString(_OSSL_PKEY_PARAM_PUB_KEY, pubKeyBytes) ++// fetchHKDF3 fetches the HKDF algorithm. ++// It is safe to call this function concurrently. ++// The returned EVP_KDF_PTR shouldn't be freed. ++var fetchHKDF3 = sync.OnceValues(func() (ossl.EVP_KDF_PTR, error) { ++ checkMajorVersion(3) + -+ params, err := bld.build() ++ kdf, err := ossl.EVP_KDF_fetch(nil, _OSSL_KDF_NAME_HKDF.ptr(), nil) + if err != nil { + return nil, err + } -+ defer ossl.OSSL_PARAM_free(params) ++ return kdf, nil ++}) + -+ return newEvpFromParams(id, ossl.EVP_PKEY_PUBLIC_KEY, params) -+} ++// newHKDFCtx3 implements HKDF for OpenSSL 3 using the EVP_KDF API. ++func newHKDFCtx3(md ossl.EVP_MD_PTR, mode int32, secret, salt, pseudorandomKey, info []byte) (_ ossl.EVP_KDF_CTX_PTR, err error) { ++ checkMajorVersion(3) + -+// extractEncapsulationKeyBytes extracts the encapsulation key bytes from a decapsulation key. -+func extractEncapsulationKeyBytes(id int32, seed []byte, expectedSize int) []byte { -+ pkey, err := createMLKEMPrivateKey(id, seed) ++ kdf, err := fetchHKDF3() + if err != nil { -+ panic(err) ++ return nil, err + } -+ defer ossl.EVP_PKEY_free(pkey) ++ ctx, err := ossl.EVP_KDF_CTX_new(kdf) ++ if err != nil { ++ return nil, err ++ } ++ defer func() { ++ if err != nil { ++ ossl.EVP_KDF_CTX_free(ctx) ++ } ++ }() + -+ // Extract public key bytes -+ var pubBytes *byte -+ pubLen, err := ossl.EVP_PKEY_get1_encoded_public_key(pkey, &pubBytes) ++ bld, err := newParamBuilder() + if err != nil { -+ panic(err) ++ return ctx, err ++ } ++ bld.addUTF8String(_OSSL_KDF_PARAM_DIGEST, ossl.EVP_MD_get0_name(md), 0) ++ bld.addInt32(_OSSL_KDF_PARAM_MODE, int32(mode)) ++ bld.addOctetString(_OSSL_KDF_PARAM_KEY, secret) ++ bld.addOctetString(_OSSL_KDF_PARAM_SALT, salt) ++ bld.addOctetString(_OSSL_KDF_PARAM_KEY, pseudorandomKey) ++ bld.addOctetString(_OSSL_KDF_PARAM_INFO, info) ++ params, err := bld.build() ++ if err != nil { ++ return ctx, err + } -+ defer cryptoFree(unsafe.Pointer(pubBytes)) ++ defer ossl.OSSL_PARAM_free(params) + -+ if pubLen != expectedSize { -+ panic(errors.New("mlkem: invalid encapsulation key size")) ++ if _, err := ossl.EVP_KDF_CTX_set_params(ctx, params); err != nil { ++ return ctx, err + } ++ return ctx, nil ++} + -+ // Copy the bytes before pubBytes is freed -+ result := make([]byte, pubLen) -+ copy(result, unsafe.Slice(pubBytes, pubLen)) -+ return result ++func (c *hkdf3) Read(p []byte) (int, error) { ++ defer runtime.KeepAlive(c) ++ ++ // EVP_KDF_derive doesn't support incremental output, each call ++ // derives the key from scratch and returns the requested bytes. ++ // To implement io.Reader, we need to ask for len(c.buf) + len(p) ++ // bytes and copy the last derived len(p) bytes to p. ++ // We use c.buf to know how many bytes we've already derived and ++ // to avoid allocating the whole output buffer on each call. ++ prevLen := len(c.buf) ++ needLen := len(p) ++ remains := 255*c.hashLen - prevLen ++ // Check whether enough data can be generated. ++ if remains < needLen { ++ return 0, errors.New("hkdf: entropy limit reached") ++ } ++ c.buf = append(c.buf, make([]byte, needLen)...) ++ outLen := prevLen + needLen ++ if _, err := ossl.EVP_KDF_derive(c.ctx, base(c.buf), outLen, nil); err != nil { ++ return 0, err ++ } ++ n := copy(p, c.buf[prevLen:outLen]) ++ return n, nil +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl.go +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hmac.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hmac.go new file mode 100644 -index 00000000000000..94fd563ac87978 +index 00000000000000..50441c9ab6b7d8 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl.go -@@ -0,0 +1,183 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/hmac.go +@@ -0,0 +1,283 @@ ++//go:build !cmd_go_bootstrap + -+// Package openssl provides access to OpenSSL cryptographic functions. +package openssl + ++import "C" +import ( -+ "errors" -+ "math/bits" -+ "strconv" ++ "hash" ++ "runtime" ++ "slices" + "sync" + "unsafe" + + "github.com/microsoft/go-crypto-openssl/internal/ossl" -+ "github.com/microsoft/go-crypto-openssl/osslsetup" +) + -+var isBigEndian = sync.OnceValue(func() bool { -+ buf := [2]byte{} -+ *(*uint16)(unsafe.Pointer(&buf[0])) = uint16(0xABCD) ++// NewHMAC returns a new HMAC using OpenSSL. ++// The function h must return a hash implemented by ++// OpenSSL (for example, h could be openssl.NewSHA256). ++// If h is not recognized, NewHMAC returns nil. ++func NewHMAC(fh func() hash.Hash, key []byte) hash.Hash { ++ h, _ := hashFuncHash(fh) ++ md := hashToMD(h) ++ if md == nil { ++ return nil ++ } + -+ switch buf { -+ case [2]byte{0xCD, 0xAB}: -+ return false -+ case [2]byte{0xAB, 0xCD}: -+ return true -+ default: -+ panic("Could not determine native endianness.") ++ if len(key) == 0 { ++ // This is supported in OpenSSL/Standard lib and as such ++ // we must support it here. When using HMAC with a null key ++ // HMAC_Init will try and reuse the key from the ctx. This is ++ // not the behavior previously implemented, so as a workaround ++ // we pass an "empty" key. ++ key = make([]byte, ossl.EVP_MAX_MD_SIZE) + } -+}) + -+func major() int { -+ return osslsetup.VersionMajor() -+} ++ hmac := &opensslHMAC{ ++ size: h.Size(), ++ blockSize: h.BlockSize(), ++ } + -+func minor() int { -+ return osslsetup.VersionMinor() ++ switch vMajor { ++ case 1: ++ ctx := newHMAC1(key, md) ++ if ctx.ctx == nil { ++ return nil ++ } ++ hmac.ctx1 = ctx ++ case 3: ++ ctx := newHMAC3(key, md) ++ if ctx.ctx == nil { ++ return nil ++ } ++ hmac.ctx3 = ctx ++ default: ++ panic(errUnsupportedVersion()) ++ } ++ runtime.SetFinalizer(hmac, (*opensslHMAC).finalize) ++ return hmac +} + -+func patch() int { -+ return osslsetup.VersionPatch() ++// hmacCtx3 is used for OpenSSL 1. ++type hmacCtx1 struct { ++ ctx ossl.HMAC_CTX_PTR +} + -+func utoa(n int) string { -+ return strconv.FormatUint(uint64(n), 10) ++// hmacCtx3 is used for OpenSSL 3. ++type hmacCtx3 struct { ++ ctx ossl.EVP_MAC_CTX_PTR ++ key []byte // only set for OpenSSL 3.0.0, 3.0.1, and 3.0.2. +} + -+func errUnsupportedVersion() error { -+ return errors.New("openssl: unsupported OpenSSL version: " + utoa(major()) + "." + utoa(minor()) + "." + utoa(patch()) + " (minimum supported version is 1.1.1)") ++type opensslHMAC struct { ++ ctx1 hmacCtx1 ++ ctx3 hmacCtx3 ++ size int ++ blockSize int ++ sum [maxHashSize]byte +} + -+// checkMajorVersion panics if the current major version is not one of the expected versions. -+func checkMajorVersion(expected ...int) { -+ for _, v := range expected { -+ if major() == v { -+ return -+ } ++func newHMAC1(key []byte, md ossl.EVP_MD_PTR) hmacCtx1 { ++ ctx, err := ossl.HMAC_CTX_new() ++ if err != nil { ++ panic(err) + } -+ panic("openssl: incorrect major version (" + strconv.Itoa(major()) + ")") -+} -+ -+type fail string -+ -+func (e fail) Error() string { return "openssl: " + string(e) + " failed" } -+ -+// sliceNeverNil returns b if non-nil, and a non-nil zero-length slice otherwise. -+func sliceNeverNil(b []byte) []byte { -+ if b == nil { -+ return []byte{} ++ if _, err := ossl.HMAC_Init_ex(ctx, unsafe.Pointer(&key[0]), int32(len(key)), md, nil); err != nil { ++ panic(err) + } -+ return b ++ return hmacCtx1{ctx} +} + -+// base returns the address of the underlying array in b, -+// being careful not to panic when b has zero length. -+func base(b []byte) *byte { -+ if len(b) == 0 { -+ return nil ++var hmacDigestsSupported sync.Map ++var fetchHMAC3 = sync.OnceValue(func() ossl.EVP_MAC_PTR { ++ mac, err := ossl.EVP_MAC_fetch(nil, _OSSL_MAC_NAME_HMAC.ptr(), nil) ++ if err != nil { ++ panic(err) + } -+ return unsafe.SliceData(b) -+} -+ -+//go:linkname throw runtime.throw -+func throw(string) ++ return mac ++}) + -+// cryptoMalloc allocates n bytes of memory on the OpenSSL heap, which may be -+// different from the heap which C.malloc allocates on. The allocated object -+// must be freed using cryptoFree. cryptoMalloc is equivalent to the -+// OPENSSL_malloc macro. -+// -+// Like C.malloc, this function is guaranteed to never return nil. If OpenSSL's -+// malloc indicates out of memory, it crashes the program. -+// -+// Only objects which the OpenSSL library will take ownership of (i.e. will be -+// freed by OPENSSL_free / CRYPTO_free) need to be allocated on the OpenSSL -+// heap. -+func cryptoMalloc(n int) unsafe.Pointer { -+ p, _ := ossl.CRYPTO_malloc(n, nil, 0) -+ if p == nil { -+ // Un-recover()-ably crash the program in the same manner as the -+ // C.malloc() wrapper function. -+ throw("openssl: CRYPTO_malloc failed") ++func buildHMAC3Params(md ossl.EVP_MD_PTR) (ossl.OSSL_PARAM_PTR, error) { ++ bld, err := newParamBuilder() ++ if err != nil { ++ return nil, err + } -+ return p -+} -+ -+// cryptoFree frees an object allocated on the OpenSSL heap, which may be -+// different from the heap which C.malloc allocates on. cryptoFree is equivalent -+// to the OPENSSL_free macro. -+func cryptoFree(p unsafe.Pointer) { -+ ossl.CRYPTO_free(p, nil, 0) ++ defer bld.finalize() ++ bld.addUTF8String(_OSSL_MAC_PARAM_DIGEST, ossl.EVP_MD_get0_name(md), 0) ++ return bld.build() +} + -+const wordBytes = bits.UintSize / 8 -+ -+// Reverse each limb of z. -+func (z BigInt) byteSwap() { -+ for i, d := range z { -+ var n uint = 0 -+ for j := range wordBytes { -+ n |= uint(byte(d)) << (8 * (wordBytes - j - 1)) -+ d >>= 8 -+ } -+ z[i] = n ++func isHMAC3DigestSupported(md ossl.EVP_MD_PTR) bool { ++ nid := ossl.EVP_MD_get_type(md) ++ if v, ok := hmacDigestsSupported.Load(nid); ok { ++ return v.(bool) + } -+} ++ ctx, err := ossl.EVP_MAC_CTX_new(fetchHMAC3()) ++ if err != nil { ++ panic(err) ++ } ++ defer ossl.EVP_MAC_CTX_free(ctx) + -+func wbase(b BigInt) *byte { -+ if len(b) == 0 { -+ return nil ++ params, err := buildHMAC3Params(md) ++ if err != nil { ++ panic(err) + } -+ return (*byte)(unsafe.Pointer(unsafe.SliceData(b))) ++ defer ossl.OSSL_PARAM_free(params) ++ ++ _, err = ossl.EVP_MAC_CTX_set_params(ctx, params) ++ supported := err == nil ++ hmacDigestsSupported.Store(nid, supported) ++ return supported +} + -+func bigToBN(x BigInt) (ossl.BIGNUM_PTR, error) { -+ if len(x) == 0 { -+ return nil, nil -+ } -+ if isBigEndian() { -+ z := make(BigInt, len(x)) -+ copy(z, x) -+ z.byteSwap() -+ x = z ++func newHMAC3(key []byte, md ossl.EVP_MD_PTR) hmacCtx3 { ++ if !isHMAC3DigestSupported(md) { ++ // The digest is not supported by the HMAC provider. ++ // Don't panic here so the Go standard library to ++ // fall back to the Go implementation. ++ // See https://github.com/golang-fips/openssl/issues/153. ++ return hmacCtx3{} + } -+ // Limbs are always ordered in LSB first, so we can safely apply -+ // BN_lebin2bn regardless of host endianness. -+ bn, err := ossl.BN_lebin2bn(unsafe.Slice(wbase(x), len(x)*wordBytes), nil) ++ params, err := buildHMAC3Params(md) + if err != nil { -+ return nil, err ++ panic(err) + } -+ return bn, nil -+} ++ defer ossl.OSSL_PARAM_free(params) + -+func bnToBig(bn ossl.BIGNUM_PTR) BigInt { -+ if bn == nil { -+ return nil ++ ctx, err := ossl.EVP_MAC_CTX_new(fetchHMAC3()) ++ if err != nil { ++ panic(err) + } + -+ // Limbs are always ordered in LSB first, so we can safely apply -+ // BN_bn2lebinpad regardless of host endianness. -+ x := make(BigInt, ossl.BN_num_bits(bn)) -+ if _, err := ossl.BN_bn2lebinpad(bn, unsafe.Slice(wbase(x), len(x)*wordBytes)); err != nil { ++ if _, err := ossl.EVP_MAC_init(ctx, base(key), len(key), params); err != nil { ++ ossl.EVP_MAC_CTX_free(ctx) + panic(err) + } -+ if isBigEndian() { -+ x.byteSwap() ++ var hkey []byte ++ if vMinor == 0 && vPatch <= 2 { ++ // EVP_MAC_init only resets the ctx internal state if a key is passed ++ // when using OpenSSL 3.0.0, 3.0.1, and 3.0.2. Save a copy of the key ++ // in the context so Reset can use it later. New OpenSSL versions ++ // do not have this issue so it isn't necessary to save the key. ++ // See https://github.com/openssl/openssl/issues/17811. ++ hkey = make([]byte, len(key)) ++ copy(hkey, key) + } -+ return x ++ return hmacCtx3{ctx, hkey} +} + -+// bnToBinPad converts the absolute value of bn into big-endian form and stores -+// it at to, padding with zeroes if necessary. If len(to) is not large enough to -+// hold the result, an error is returned. -+func bnToBinPad(bn ossl.BIGNUM_PTR, to []byte) error { -+ _, err := ossl.BN_bn2binpad(bn, to) -+ return err -+} ++func (h *opensslHMAC) Reset() { ++ switch vMajor { ++ case 1: ++ if _, err := ossl.HMAC_Init_ex(h.ctx1.ctx, nil, 0, nil, nil); err != nil { ++ panic(err) ++ } ++ case 3: ++ if _, err := ossl.EVP_MAC_init(h.ctx3.ctx, base(h.ctx3.key), len(h.ctx3.key), nil); err != nil { ++ panic(err) ++ } ++ default: ++ panic(errUnsupportedVersion()) ++ } + -+func bigEndianUint64(b []byte) uint64 { -+ _ = b[7] // bounds check hint to compiler; see golang.org/issue/14808 -+ return uint64(b[7]) | uint64(b[6])<<8 | uint64(b[5])<<16 | uint64(b[4])<<24 | -+ uint64(b[3])<<32 | uint64(b[2])<<40 | uint64(b[1])<<48 | uint64(b[0])<<56 ++ runtime.KeepAlive(h) // Next line will keep h alive too; just making doubly sure. +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl_cgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl_cgo.go -new file mode 100644 -index 00000000000000..092c8046462b6f ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl_cgo.go -@@ -0,0 +1,17 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. + -+package openssl ++func (h *opensslHMAC) finalize() { ++ if h.ctx1.ctx != nil { ++ ossl.HMAC_CTX_free(h.ctx1.ctx) ++ } ++ if h.ctx3.ctx != nil { ++ ossl.EVP_MAC_CTX_free(h.ctx3.ctx) ++ } ++} + -+import "C" -+import "unsafe" ++func (h *opensslHMAC) Write(p []byte) (int, error) { ++ if len(p) > 0 { ++ switch vMajor { ++ case 1: ++ ossl.HMAC_Update(h.ctx1.ctx, base(p), len(p)) ++ case 3: ++ ossl.EVP_MAC_update(h.ctx3.ctx, base(p), len(p)) ++ default: ++ panic(errUnsupportedVersion()) ++ } ++ } ++ runtime.KeepAlive(h) ++ return len(p), nil ++} + -+// goString converts a C string pointer to a Go string for cgo mode -+func goString(ptr *byte) string { -+ return C.GoString((*C.char)(unsafe.Pointer(ptr))) ++func (h *opensslHMAC) Size() int { ++ return h.size +} + -+// goBytes converts a C byte array to a Go byte slice for cgo mode -+func goBytes(ptr unsafe.Pointer, length int) []byte { -+ return C.GoBytes(ptr, C.int(length)) ++func (h *opensslHMAC) BlockSize() int { ++ return h.blockSize +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl_nocgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl_nocgo.go -new file mode 100644 -index 00000000000000..5dc44cacea9c05 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl_nocgo.go -@@ -0,0 +1,35 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. + -+//go:build !cgo ++func (h *opensslHMAC) Sum(in []byte) []byte { ++ // Make copy of context because Go hash.Hash mandates ++ // that Sum has no effect on the underlying stream. ++ // In particular it is OK to Sum, then Write more, then Sum again, ++ // and the second Sum acts as if the first didn't happen. ++ switch vMajor { ++ case 1: ++ ctx2, err := ossl.HMAC_CTX_new() ++ if err != nil { ++ panic(err) ++ } ++ defer ossl.HMAC_CTX_free(ctx2) ++ if _, err := ossl.HMAC_CTX_copy(ctx2, h.ctx1.ctx); err != nil { ++ panic(err) ++ } ++ ossl.HMAC_Final(ctx2, base(h.sum[:h.size]), nil) ++ case 3: ++ ctx2, err := ossl.EVP_MAC_CTX_dup(h.ctx3.ctx) ++ if err != nil { ++ panic(err) ++ } ++ defer ossl.EVP_MAC_CTX_free(ctx2) ++ ossl.EVP_MAC_final(ctx2, base(h.sum[:h.size]), nil, len(h.sum)) ++ default: ++ panic(errUnsupportedVersion()) ++ } ++ return append(in, h.sum[:h.size]...) ++} + -+package openssl ++func (h *opensslHMAC) Clone() (HashCloner, error) { ++ switch vMajor { ++ case 1: ++ ctx2, err := ossl.HMAC_CTX_new() ++ if err != nil { ++ panic(err) ++ } ++ if _, err := ossl.HMAC_CTX_copy(ctx2, h.ctx1.ctx); err != nil { ++ ossl.HMAC_CTX_free(ctx2) ++ panic(err) ++ } ++ cl := &opensslHMAC{ ++ ctx1: hmacCtx1{ctx: ctx2}, ++ size: h.size, ++ blockSize: h.blockSize, ++ } ++ runtime.SetFinalizer(cl, (*opensslHMAC).finalize) ++ return cl, nil + -+import "unsafe" ++ case 3: ++ ctx2, err := ossl.EVP_MAC_CTX_dup(h.ctx3.ctx) ++ if err != nil { ++ panic(err) ++ } + -+// goString converts a C string pointer to a Go string for nocgo mode -+func goString(ptr *byte) string { -+ if ptr == nil { -+ return "" -+ } -+ var result []byte -+ for i := 0; ; i++ { -+ b := *(*byte)(unsafe.Pointer(uintptr(unsafe.Pointer(ptr)) + uintptr(i))) -+ if b == 0 { -+ break ++ cl := &opensslHMAC{ ++ ctx3: hmacCtx3{ctx: ctx2, key: slices.Clone(h.ctx3.key)}, ++ size: h.size, ++ blockSize: h.blockSize, + } -+ result = append(result, b) -+ } -+ return string(result) -+} ++ runtime.SetFinalizer(cl, (*opensslHMAC).finalize) ++ return cl, nil + -+// goBytes converts a C byte array to a Go byte slice for nocgo mode -+func goBytes(ptr unsafe.Pointer, length int) []byte { -+ if ptr == nil || length == 0 { -+ return nil ++ default: ++ panic(errUnsupportedVersion()) + } -+ // Copy the data to Go memory, similar to C.GoBytes -+ result := make([]byte, length) -+ copy(result, unsafe.Slice((*byte)(ptr), length)) -+ return result +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/params.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/params.go +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/init.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/init.go new file mode 100644 -index 00000000000000..8bd651d6493707 +index 00000000000000..c2175f52006784 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/params.go -@@ -0,0 +1,191 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/init.go +@@ -0,0 +1,157 @@ ++//go:build !cmd_go_bootstrap + +package openssl + ++import "C" +import ( -+ "runtime" ++ "errors" + "unsafe" + + "github.com/microsoft/go-crypto-openssl/internal/ossl" +) + -+type addParamError struct { -+ name string -+ err error -+} -+ -+func (e addParamError) Error() string { -+ return "failed to add parameter " + e.name + ": " + e.err.Error() -+} -+ -+type bnParam struct { -+ value ossl.BIGNUM_PTR -+ private bool -+} -+ -+// paramBuilder is a helper for building OSSL_PARAMs. -+// If an error occurs when adding a new parameter, -+// subsequent calls to add parameters are ignored -+// and build() will return the error. -+type paramBuilder struct { -+ bld ossl.OSSL_PARAM_BLD_PTR -+ pinner runtime.Pinner -+ bnToFree []bnParam -+ -+ err error -+} -+ -+// newParamBuilder creates a new paramBuilder. -+// [paramBuilder.finalize] must be called to free the builder. -+func newParamBuilder() *paramBuilder { -+ bld := ossl.OSSL_PARAM_BLD_new() -+ if bld == nil { -+ // If this happens it indicates an issue allocating memory. -+ panic("openssl: failed to create OSSL_PARAM_BLD") -+ } -+ return ¶mBuilder{bld: bld} -+} -+ -+// finalize frees the builder. -+func (b *paramBuilder) finalize() { -+ if b.bld != nil { -+ b.pinner.Unpin() -+ for _, bn := range b.bnToFree { -+ if bn.private { -+ ossl.BN_clear_free(bn.value) -+ } else { -+ ossl.BN_free(bn.value) -+ } -+ } -+ ossl.OSSL_PARAM_BLD_free(b.bld) -+ b.bld = nil -+ } -+} -+ -+// check is used internally to enforce invariants and should not be called by users of paramBuilder. -+// Returns true if it's ok to add parameters to the builder or build it. -+// Returns false if there has been an error while adding a parameter. -+// Panics if the paramBuilder has been freed, e.g. if it has already been built. -+func (b *paramBuilder) check() bool { -+ if b.err != nil { -+ return false -+ } -+ if b.bld == nil { -+ panic("openssl: paramBuilder has been freed") -+ } -+ return true -+} ++// osslHandle is the handle to the OpenSSL shared library loaded in the [Init] function. ++var osslHandle unsafe.Pointer + -+// build creates an OSSL_PARAM from the builder. -+// The returned OSSL_PARAM must be freed with OSSL_PARAM_free. -+// If an error occurred while adding parameters, the error is returned -+// and the OSSL_PARAM is nil. Once build() is called, the builder is finalized -+// and cannot be reused. -+func (b *paramBuilder) build() (ossl.OSSL_PARAM_PTR, error) { -+ defer b.finalize() -+ if !b.check() { -+ return nil, b.err -+ } -+ param, err := ossl.OSSL_PARAM_BLD_to_param(b.bld) ++// opensslInit loads and initializes OpenSSL. ++// ++// See [Init] for details about file. ++func opensslInit(file string) error { ++ // Load the OpenSSL shared library using dlopen. ++ handle, close, err := openLibrary(file) + if err != nil { -+ return nil, err ++ return err + } -+ return param, nil -+} + -+// addUTF8String adds a NUL-terminated UTF-8 string to the builder. -+// size should not include the terminating NUL byte. If size is zero, then it will be calculated. -+func (b *paramBuilder) addUTF8String(name cString, value *byte, size int) { -+ if !b.check() { -+ return -+ } -+ // OSSL_PARAM_BLD_push_utf8_string calculates the size if it is zero. -+ if size == 0 { -+ size = cStringLen(value) -+ } -+ if _, err := ossl.OSSL_PARAM_BLD_push_utf8_string(b.bld, name.ptr(), unsafe.Slice(value, size)); err != nil { -+ b.err = addParamError{name.str(), err} ++ ossl.MkcgoLoad_(handle) ++ if vMajor == 1 { ++ ossl.MkcgoLoad_legacy_1(handle) ++ if vPatch == 1 { ++ ossl.MkcgoLoad_111(handle) ++ } ++ } else { ++ ossl.MkcgoLoad_111(handle) ++ ossl.MkcgoLoad_3(handle) + } -+} + -+// addOctetString adds an octet string to the builder. -+// The value is pinned and will be unpinned when the builder is freed. -+func (b *paramBuilder) addOctetString(name cString, value []byte) { -+ if !b.check() { -+ return -+ } -+ if value == nil { -+ // Short-circuit a nil slice: don't pass anything at all to OpenSSL. -+ // OpenSSL 3.5.6 raises an error when passed null, and expects users -+ // to not call this function at all in this case. -+ // See https://github.com/openssl/openssl/issues/30728 -+ // -+ // Don't short-circuit empty slices, as they might have a meaning. -+ // For example, in KDFs an empty salt is different from a nil salt. -+ return -+ } -+ if len(value) != 0 { -+ b.pinner.Pin(&value[0]) -+ } -+ if _, err := ossl.OSSL_PARAM_BLD_push_octet_string(b.bld, name.ptr(), value); err != nil { -+ b.err = addParamError{name.str(), err} ++ // Initialize OpenSSL. ++ ossl.OPENSSL_init() ++ if _, err = ossl.OPENSSL_init_crypto( ++ ossl.OPENSSL_INIT_ADD_ALL_CIPHERS| ++ ossl.OPENSSL_INIT_ADD_ALL_DIGESTS| ++ ossl.OPENSSL_INIT_LOAD_CONFIG| ++ ossl.OPENSSL_INIT_LOAD_CRYPTO_STRINGS, ++ nil); err != nil { ++ close() ++ return err + } ++ osslHandle = handle ++ return nil +} + -+func cStringLen(ptr *byte) int { -+ if ptr == nil { -+ return 0 ++// initForCheckVersion loads and initialize only the ++// functions required in [CheckVersion]. ++// It returns a close function that must be called to release the resources. ++// ++// This function modifies the vMajor, vMinor, and vPatch global variables as ++// well as other internal global variables that facilitate OpenSSL calls. ++// ++// If the function succeeds, calling the close function restores the previous ++// state of the global variables. If it fails, the global variables are restored ++// before returning. ++func initForCheckVersion(file string) (func(), error) { ++ prevMajor, prevMinor, prevPatch := vMajor, vMinor, vPatch ++ restoreVersion := func() { ++ vMajor, vMinor, vPatch = prevMajor, prevMinor, prevPatch + } -+ for n := 0; ; n++ { -+ if *(*byte)(unsafe.Pointer(uintptr(unsafe.Pointer(ptr)) + uintptr(n))) == 0 { -+ return n -+ } ++ handle, close, err := openLibrary(file) ++ if err != nil { ++ restoreVersion() ++ return nil, err + } -+} -+ -+// addInt32 adds an int32 to the builder. -+func (b *paramBuilder) addInt32(name cString, value int32) { -+ if !b.check() { ++ initFuncs := func() (loadX func(unsafe.Pointer), unloadX func()) { ++ switch vMajor { ++ case 1: ++ loadX = ossl.MkcgoLoad_init_1 ++ unloadX = ossl.MkcgoUnload_init_1 ++ case 3: ++ loadX = ossl.MkcgoLoad_init_3 ++ unloadX = ossl.MkcgoUnload_init_3 ++ default: ++ // We shouldn't get here: openLibrary should have already returned an error. ++ panic(errUnsupportedVersion()) ++ } + return + } -+ if _, err := ossl.OSSL_PARAM_BLD_push_int32(b.bld, name.ptr(), value); err != nil { -+ b.err = addParamError{name.str(), err} -+ } ++ loadX, unloadX := initFuncs() ++ loadX(handle) ++ return func() { ++ restoreVersion() ++ close() ++ unloadX() ++ if osslHandle != nil { ++ // If osslHandle is not nil, it means that the library was already loaded ++ // and initialized. In this case, we need to reload the functions from ++ // the original handle. ++ loadX, _ = initFuncs() ++ loadX(osslHandle) ++ } ++ }, nil +} + -+// addBN adds a GOossl.BIGNUM_PTR to the builder. -+func (b *paramBuilder) addBN(name cString, value ossl.BIGNUM_PTR) { -+ if !b.check() { -+ return ++// openLibrary loads and initialize the version of OpenSSL. ++// It returns the handle to the OpenSSL shared library ++// and a function that can be called to release the resources. ++func openLibrary(file string) (handle unsafe.Pointer, close func(), err error) { ++ vMajor, vMinor, vPatch = 0, 0, 0 ++ handle, err = dlopen(file) ++ if err != nil { ++ return nil, nil, err + } -+ if _, err := ossl.OSSL_PARAM_BLD_push_BN(b.bld, name.ptr(), value); err != nil { -+ b.err = addParamError{name.str(), err} ++ // Retrieve the loaded OpenSSL version and check if it is supported. ++ // Notice that major and minor could not match with the version parameter ++ // in case the name of the shared library file differs from the OpenSSL ++ // version it contains. ++ ossl.MkcgoLoad_version(handle) ++ close = func() { ++ dlclose(handle) ++ if osslHandle == nil { ++ ossl.MkcgoUnload_version() ++ } else { ++ ossl.MkcgoLoad_version(osslHandle) ++ } + } -+} ++ defer func() { ++ if err != nil { ++ close() ++ } ++ }() + -+// addBigInt adds a BigInt to the builder. -+// The BigInt is converted using bigToBN to a BIGNUM that is freed when the builder is finalized. -+// If private is true, the BIGNUM will be cleared with BN_clear_free, -+// otherwise it will be freed with BN_free. -+func (b *paramBuilder) addBigInt(name cString, value BigInt, private bool) { -+ if !b.check() { -+ return -+ } -+ if len(value) == 0 { -+ // Nothing to do. -+ return ++ if ossl.OPENSSL_version_major_Available() && ++ ossl.OPENSSL_version_minor_Available() && ++ ossl.OPENSSL_version_patch_Available() { ++ // Likely OpenSSL 3 or later. ++ vMajor = uint(ossl.OPENSSL_version_major()) ++ vMinor = uint(ossl.OPENSSL_version_minor()) ++ vPatch = uint(ossl.OPENSSL_version_patch()) ++ } else if ossl.OpenSSL_version_num_Available() { ++ // Likely OpenSSL 1. ++ ver := ossl.OpenSSL_version_num() ++ vMajor = uint(ver >> 28) ++ vMinor = uint(ver >> 20 & 0xFF) ++ vPatch = uint(ver >> 12 & 0xFF) ++ } else { ++ return handle, nil, errors.New("openssl: version not available") + } -+ bn, err := bigToBN(value) -+ if err != nil { -+ b.err = err -+ return ++ var supported bool ++ if vMajor == 1 { ++ supported = vMinor == 1 ++ } else if vMajor == 3 { ++ // OpenSSL guarantees API and ABI compatibility within the same major version since OpenSSL 3. ++ supported = true + } -+ if b.bnToFree == nil { -+ // Preallocate the slice to avoid growing it later, which would cause allocations and copies. -+ // The maximum known number of BIGNUMs to free are 8 for RSA, so we use that as the capacity. -+ b.bnToFree = make([]bnParam, 0, 8) ++ if !supported { ++ return handle, nil, errUnsupportedVersion() + } -+ b.bnToFree = append(b.bnToFree, bnParam{bn, private}) -+ b.addBN(name, bn) ++ return handle, close, nil +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/pbkdf2.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/pbkdf2.go +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/init_unix.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/init_unix.go new file mode 100644 -index 00000000000000..66af2060e2cf87 +index 00000000000000..dbf5ac448fdf80 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/pbkdf2.go -@@ -0,0 +1,86 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/init_unix.go +@@ -0,0 +1,31 @@ ++//go:build unix && !cmd_go_bootstrap + +package openssl + ++// #cgo LDFLAGS: -ldl ++// #include ++// #include ++import "C" +import ( + "errors" -+ "hash" -+ "sync" -+ -+ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++ "unsafe" +) + -+// SupportsPBKDF2 reports whether the current OpenSSL version supports PBKDF2. -+func SupportsPBKDF2() bool { -+ switch major() { -+ case 1: -+ return true -+ case 3, 4: -+ _, err := fetchPBKDF2() -+ return err == nil -+ default: -+ panic(errUnsupportedVersion()) ++func dlopen(file string) (handle unsafe.Pointer, err error) { ++ cv := C.CString(file) ++ defer C.free(unsafe.Pointer(cv)) ++ handle = C.dlopen(cv, C.RTLD_LAZY|C.RTLD_LOCAL) ++ if handle == nil { ++ errstr := C.GoString(C.dlerror()) ++ return nil, errors.New("openssl: can't load " + file + ": " + errstr) + } ++ return handle, nil +} + -+// fetchPBKDF2 fetches the PBKDF2 algorithm. -+// It is safe to call this function concurrently. -+// The returned EVP_KDF_PTR shouldn't be freed. -+var fetchPBKDF2 = sync.OnceValues(func() (ossl.EVP_KDF_PTR, error) { -+ checkMajorVersion(3, 4) -+ -+ kdf, err := ossl.EVP_KDF_fetch(nil, _OSSL_KDF_NAME_PBKDF2.ptr(), nil) -+ if err != nil { -+ return nil, err ++func dlclose(handle unsafe.Pointer) error { ++ if C.dlclose(handle) != 0 { ++ errstr := C.GoString(C.dlerror()) ++ return errors.New("openssl: can't close libcrypto: " + errstr) + } -+ return kdf, nil -+}) ++ return nil ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/init_windows.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/init_windows.go +new file mode 100644 +index 00000000000000..3778e21227abb9 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/init_windows.go +@@ -0,0 +1,36 @@ ++//go:build !cmd_go_bootstrap + -+func PBKDF2(password, salt []byte, iter, keyLen int, fh func() hash.Hash) ([]byte, error) { -+ h, err := hashFuncHash(fh) -+ if err != nil { -+ return nil, err -+ } -+ md := hashToMD(h) -+ if md == nil { -+ return nil, errors.New("unsupported hash function") -+ } -+ out := make([]byte, keyLen) -+ switch major() { -+ case 1: -+ if _, err = ossl.PKCS5_PBKDF2_HMAC(password, salt, int32(iter), md, out); err != nil { -+ return nil, err -+ } -+ default: -+ kdf, err := fetchPBKDF2() -+ if err != nil { -+ return nil, err -+ } -+ ctx, err := ossl.EVP_KDF_CTX_new(kdf) -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.EVP_KDF_CTX_free(ctx) ++package openssl + -+ bld := newParamBuilder() -+ defer bld.finalize() -+ bld.addOctetString(_OSSL_KDF_PARAM_PASSWORD, password) -+ bld.addOctetString(_OSSL_KDF_PARAM_SALT, salt) -+ bld.addInt32(_OSSL_KDF_PARAM_ITER, int32(iter)) -+ bld.addInt32(_OSSL_KDF_PARAM_PKCS5, 1) // disable SP800-132 compliance checks, they are done at the crypto/pbkdf2 level -+ bld.addUTF8String(_OSSL_KDF_PARAM_DIGEST, ossl.EVP_MD_get0_name(md), 0) -+ params, err := bld.build() -+ if err != nil { -+ return nil, err -+ } -+ defer ossl.OSSL_PARAM_free(params) ++import ( ++ "syscall" ++ "unsafe" ++) ++ ++type dlopenError struct { ++ file string ++ err error ++} ++ ++func (e *dlopenError) Error() string { ++ return "openssl: can't load " + e.file + ": " + e.err.Error() ++} + -+ _, err = ossl.EVP_KDF_derive(ctx, out, params) -+ if err != nil { -+ return nil, err -+ } ++func (e *dlopenError) Unwrap() error { ++ return e.err ++} ++ ++func dlopen(file string) (handle unsafe.Pointer, err error) { ++ // As Windows generally does not ship with a system OpenSSL library, let ++ // alone a FIPS 140 certified one, use the default library search order so ++ // that we preferentially load the DLL bundled with the application. ++ h, err := syscall.LoadLibrary(file) ++ if err != nil { ++ return nil, &dlopenError{file: file, err: err} + } ++ return unsafe.Pointer(h), nil ++} + -+ return out, nil ++func dlclose(handle unsafe.Pointer) error { ++ return syscall.FreeLibrary(syscall.Handle(handle)) +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/provideropenssl.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/provideropenssl.go +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl.go new file mode 100644 -index 00000000000000..f6a4b1ac20b654 +index 00000000000000..c63aef25960668 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/provideropenssl.go -@@ -0,0 +1,250 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/openssl.go +@@ -0,0 +1,384 @@ ++//go:build !cmd_go_bootstrap + ++// Package openssl provides access to OpenSSL cryptographic functions. +package openssl + ++/* ++#include // for free() ++ ++static inline void ++go_openssl_do_leak_check(void) ++{ ++#ifndef __has_feature ++#define __has_feature(x) 0 ++#endif ++ ++#if (defined(__SANITIZE_ADDRESS__) && __SANITIZE_ADDRESS__) || \ ++ __has_feature(address_sanitizer) ++ extern void __lsan_do_leak_check(void); ++ __lsan_do_leak_check(); ++#endif ++} ++*/ ++import "C" +import ( -+ "crypto" + "errors" ++ "math/bits" ++ "strconv" ++ "sync" + "unsafe" + + "github.com/microsoft/go-crypto-openssl/internal/ossl" +) + -+// This file contains code specific to the built-in OpenSSL providers. -+ -+// _OSSL_MD5_CTX layout is taken from -+// https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/include/openssl/md5.h#L33. -+type _OSSL_MD5_CTX struct { -+ h [4]uint32 -+ nl, nh uint32 -+ x [64]byte -+ nx uint32 -+} -+ -+func (d *_OSSL_MD5_CTX) UnmarshalBinary(b []byte) error { -+ b, d.h[0] = consumeUint32(b) -+ b, d.h[1] = consumeUint32(b) -+ b, d.h[2] = consumeUint32(b) -+ b, d.h[3] = consumeUint32(b) -+ b = b[copy(d.x[:], b):] -+ _, n := consumeUint64(b) -+ d.nl = uint32(n << 3) -+ d.nh = uint32(n >> 29) -+ d.nx = uint32(n) % 64 -+ return nil -+} ++var ( ++ // vMajor and vMinor hold the major/minor OpenSSL version. ++ // It is only populated if Init has been called. ++ vMajor, vMinor, vPatch uint ++) + -+func (d *_OSSL_MD5_CTX) AppendBinary(buf []byte) ([]byte, error) { -+ buf = appendUint32(buf, d.h[0]) -+ buf = appendUint32(buf, d.h[1]) -+ buf = appendUint32(buf, d.h[2]) -+ buf = appendUint32(buf, d.h[3]) -+ buf = append(buf, d.x[:d.nx]...) -+ buf = append(buf, make([]byte, len(d.x)-int(d.nx))...) -+ buf = appendUint64(buf, uint64(d.nl)>>3|uint64(d.nh)<<29) -+ return buf, nil -+} ++var ( ++ initOnce sync.Once ++ initErr error ++) + -+// _OSSL_SHA_CTX layout is taken from -+// https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/include/openssl/sha.h#L34. -+type _OSSL_SHA_CTX struct { -+ h [5]uint32 -+ nl, nh uint32 -+ x [64]byte -+ nx uint32 -+} ++var isBigEndian bool + -+func (d *_OSSL_SHA_CTX) UnmarshalBinary(b []byte) error { -+ b, d.h[0] = consumeUint32(b) -+ b, d.h[1] = consumeUint32(b) -+ b, d.h[2] = consumeUint32(b) -+ b, d.h[3] = consumeUint32(b) -+ b, d.h[4] = consumeUint32(b) -+ b = b[copy(d.x[:], b):] -+ _, n := consumeUint64(b) -+ d.nl = uint32(n << 3) -+ d.nh = uint32(n >> 29) -+ d.nx = uint32(n) % 64 -+ return nil ++// CheckVersion checks if the OpenSSL version can be loaded ++// and if the FIPS mode is enabled. ++// This function can be called before Init. ++// All OpenSSL functions used in here should be tagged with "init_1" or "init_3" in shims.h. ++func CheckVersion(version string) (exists, fips bool) { ++ close, err := initForCheckVersion(version) ++ if err != nil { ++ return false, false ++ } ++ defer close() ++ return true, FIPS() +} + -+func (d *_OSSL_SHA_CTX) AppendBinary(buf []byte) ([]byte, error) { -+ buf = appendUint32(buf, d.h[0]) -+ buf = appendUint32(buf, d.h[1]) -+ buf = appendUint32(buf, d.h[2]) -+ buf = appendUint32(buf, d.h[3]) -+ buf = appendUint32(buf, d.h[4]) -+ buf = append(buf, d.x[:d.nx]...) -+ buf = append(buf, make([]byte, len(d.x)-int(d.nx))...) -+ buf = appendUint64(buf, uint64(d.nl)>>3|uint64(d.nh)<<29) -+ return buf, nil ++// Init loads and initializes OpenSSL from the shared library at path. ++// It must be called before any other OpenSSL call, except CheckVersion. ++// ++// Only the first call to Init is effective. ++// Subsequent calls will return the same error result as the one from the first call. ++// ++// The file is passed to dlopen() verbatim to load the OpenSSL shared library. ++// For example, `file=libcrypto.so.1.1.1k-fips` makes Init look for the shared ++// library libcrypto.so.1.1.1k-fips. ++func Init(file string) error { ++ initOnce.Do(func() { ++ buf := [2]byte{} ++ *(*uint16)(unsafe.Pointer(&buf[0])) = uint16(0xABCD) ++ ++ switch buf { ++ case [2]byte{0xCD, 0xAB}: ++ isBigEndian = false ++ case [2]byte{0xAB, 0xCD}: ++ isBigEndian = true ++ default: ++ panic("Could not determine native endianness.") ++ } ++ initErr = opensslInit(file) ++ }) ++ return initErr +} + -+// _OSSL_SHA256_CTX layout is taken from -+// https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/include/openssl/sha.h#L51. -+type _OSSL_SHA256_CTX struct { -+ h [8]uint32 -+ nl, nh uint32 -+ x [64]byte -+ nx uint32 ++func utoa(n uint) string { ++ return strconv.FormatUint(uint64(n), 10) +} + -+func (d *_OSSL_SHA256_CTX) UnmarshalBinary(b []byte) error { -+ b, d.h[0] = consumeUint32(b) -+ b, d.h[1] = consumeUint32(b) -+ b, d.h[2] = consumeUint32(b) -+ b, d.h[3] = consumeUint32(b) -+ b, d.h[4] = consumeUint32(b) -+ b, d.h[5] = consumeUint32(b) -+ b, d.h[6] = consumeUint32(b) -+ b, d.h[7] = consumeUint32(b) -+ b = b[copy(d.x[:], b):] -+ _, n := consumeUint64(b) -+ d.nl = uint32(n << 3) -+ d.nh = uint32(n >> 29) -+ d.nx = uint32(n) % 64 -+ return nil ++func errUnsupportedVersion() error { ++ return errors.New("openssl: OpenSSL version: " + utoa(vMajor) + "." + utoa(vMinor) + "." + utoa(vPatch)) +} + -+func (d *_OSSL_SHA256_CTX) AppendBinary(buf []byte) ([]byte, error) { -+ buf = appendUint32(buf, d.h[0]) -+ buf = appendUint32(buf, d.h[1]) -+ buf = appendUint32(buf, d.h[2]) -+ buf = appendUint32(buf, d.h[3]) -+ buf = appendUint32(buf, d.h[4]) -+ buf = appendUint32(buf, d.h[5]) -+ buf = appendUint32(buf, d.h[6]) -+ buf = appendUint32(buf, d.h[7]) -+ buf = append(buf, d.x[:d.nx]...) -+ buf = append(buf, make([]byte, len(d.x)-int(d.nx))...) -+ buf = appendUint64(buf, uint64(d.nl)>>3|uint64(d.nh)<<29) -+ return buf, nil ++// checkMajorVersion panics if the current major version is not expected. ++func checkMajorVersion(expected uint) { ++ if vMajor != expected { ++ panic("openssl: incorrect major version (" + strconv.Itoa(int(vMajor)) + "), expected " + strconv.Itoa(int(expected))) ++ } +} + -+// _OSSL_SHA512_CTX layout is taken from -+// https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/include/openssl/sha.h#L95. -+type _OSSL_SHA512_CTX struct { -+ h [8]uint64 -+ nl, nh uint64 -+ x [128]byte -+ nx uint32 -+} ++type fail string + -+func (d *_OSSL_SHA512_CTX) UnmarshalBinary(b []byte) error { -+ b, d.h[0] = consumeUint64(b) -+ b, d.h[1] = consumeUint64(b) -+ b, d.h[2] = consumeUint64(b) -+ b, d.h[3] = consumeUint64(b) -+ b, d.h[4] = consumeUint64(b) -+ b, d.h[5] = consumeUint64(b) -+ b, d.h[6] = consumeUint64(b) -+ b, d.h[7] = consumeUint64(b) -+ b = b[copy(d.x[:], b):] -+ _, n := consumeUint64(b) -+ d.nl = n << 3 -+ d.nh = n >> 61 -+ d.nx = uint32(n) % 128 -+ return nil -+} ++func (e fail) Error() string { return "openssl: " + string(e) + " failed" } + -+func (d *_OSSL_SHA512_CTX) AppendBinary(buf []byte) ([]byte, error) { -+ buf = appendUint64(buf, d.h[0]) -+ buf = appendUint64(buf, d.h[1]) -+ buf = appendUint64(buf, d.h[2]) -+ buf = appendUint64(buf, d.h[3]) -+ buf = appendUint64(buf, d.h[4]) -+ buf = appendUint64(buf, d.h[5]) -+ buf = appendUint64(buf, d.h[6]) -+ buf = appendUint64(buf, d.h[7]) -+ buf = append(buf, d.x[:d.nx]...) -+ buf = append(buf, make([]byte, len(d.x)-int(d.nx))...) -+ buf = appendUint64(buf, d.nl>>3|d.nh<<61) -+ return buf, nil ++// VersionText returns the version text of the OpenSSL currently loaded. ++func VersionText() string { ++ return C.GoString((*C.char)(unsafe.Pointer(ossl.OpenSSL_version(0)))) +} + -+func getOSSLDigetsContext(ctx ossl.EVP_MD_CTX_PTR) unsafe.Pointer { -+ switch major() { ++// FIPS returns true if OpenSSL is running in FIPS mode and there is ++// a provider available that supports FIPS. It returns false otherwise. ++// All OpenSSL functions used in here should be tagged with "init_1" or "init_3" in shims.h. ++func FIPS() bool { ++ switch vMajor { + case 1: -+ // https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/crypto/evp/evp_local.h#L12. -+ type mdCtx struct { -+ _ [2]unsafe.Pointer -+ _ uint32 -+ md_data unsafe.Pointer -+ } -+ return (*mdCtx)(unsafe.Pointer(ctx)).md_data ++ return ossl.FIPS_mode() == 1 + case 3: -+ // The EVP_MD_CTX memory layout has changed in OpenSSL 3 -+ // and the property holding the internal structure is no longer md_data but algctx. -+ // https://github.com/openssl/openssl/blob/5675a5aaf6a2e489022bcfc18330dae9263e598e/crypto/evp/evp_local.h#L16. -+ type mdCtx struct { -+ _ [3]unsafe.Pointer -+ _ uint32 -+ _ [3]unsafe.Pointer -+ algctx unsafe.Pointer -+ } -+ return (*mdCtx)(unsafe.Pointer(ctx)).algctx -+ case 4: -+ // OpenSSL 4 removed the ENGINE, md_data, and update fields from EVP_MD_CTX. -+ // https://github.com/openssl/openssl/blob/openssl-4.0.0-alpha1/crypto/evp/evp_local.h -+ type mdCtx struct { -+ _ [2]unsafe.Pointer // reqdigest, digest -+ _ uint32 // flags -+ _ unsafe.Pointer // pctx -+ algctx unsafe.Pointer ++ // Check if the default properties contain `fips=1`. ++ if ossl.EVP_default_properties_is_fips_enabled(nil) != 1 { ++ // Note that it is still possible that the provider used by default is FIPS-compliant, ++ // but that wouldn't be a system or user requirement. ++ return false + } -+ return (*mdCtx)(unsafe.Pointer(ctx)).algctx ++ // Check if the SHA-256 algorithm is available. If it is, then we can be sure that there is a provider available that matches ++ // the `fips=1` query. Most notably, this works for the common case of using the built-in FIPS provider. ++ // ++ // Note that this approach has a small chance of false negative if the FIPS provider doesn't provide the SHA-256 algorithm, ++ // but that is highly unlikely because SHA-256 is one of the most common algorithms and fundamental to many cryptographic operations. ++ // It also has a small chance of false positive if the FIPS provider implements the SHA-256 algorithm but not the other algorithms ++ // used by the caller application, but that is also unlikely because the FIPS provider should provide all common algorithms. ++ return proveSHA256("") + default: + panic(errUnsupportedVersion()) + } +} + -+var errHashStateInvalid = errors.New("openssl: can't retrieve hash state") -+ -+func osslHashAppendBinary(ctx ossl.EVP_MD_CTX_PTR, ch crypto.Hash, magic string, buf []byte) ([]byte, error) { -+ algctx := getOSSLDigetsContext(ctx) -+ if algctx == nil { -+ return nil, errHashStateInvalid -+ } -+ buf = append(buf, magic...) -+ switch ch { -+ case crypto.MD5: -+ d := (*_OSSL_MD5_CTX)(unsafe.Pointer(algctx)) -+ return d.AppendBinary(buf) -+ case crypto.SHA1: -+ d := (*_OSSL_SHA_CTX)(unsafe.Pointer(algctx)) -+ return d.AppendBinary(buf) -+ case crypto.SHA224, crypto.SHA256: -+ d := (*_OSSL_SHA256_CTX)(unsafe.Pointer(algctx)) -+ return d.AppendBinary(buf) -+ case crypto.SHA384, crypto.SHA512_224, crypto.SHA512_256, crypto.SHA512: -+ d := (*_OSSL_SHA512_CTX)(unsafe.Pointer(algctx)) -+ return d.AppendBinary(buf) -+ default: -+ panic("unsupported hash " + ch.String()) ++// FIPSCapable returns true if the provider used by default matches the `fips=yes` query. ++// It is useful for checking whether OpenSSL is capable of running in FIPS mode regardless ++// of whether FIPS mode is explicitly enabled. For example, Azure Linux 3 doesn't set the ++// `fips=yes` query in the default properties, but sets the default provider to be SCOSSL, ++// which is FIPS-capable. ++// ++// Considerations: ++// - Multiple calls to FIPSCapable can return different values if [SetFIPS] is called in between. ++// - Can return true even if [FIPS] returns false, because [FIPS] also checks whether ++// the default properties contain `fips=yes`. ++// - When using OpenSSL 3, will always return true if [FIPS] returns true. ++// - When using OpenSSL 1, Will always return the same value as [FIPS]. ++// - OpenSSL 3 doesn't provide a way to know if a provider is FIPS-capable. This function uses ++// some heuristics that should be treated as an implementation detail that may change in the future. ++func FIPSCapable() bool { ++ if FIPS() { ++ return true ++ } ++ if vMajor == 3 { ++ // Load the provider with and without the `fips=yes` query. ++ // If the providers are the same, then the default provider is FIPS-capable. ++ provFIPS := sha256Provider(_ProviderNameFips) ++ if provFIPS == nil { ++ return false ++ } ++ provDefault := sha256Provider("") ++ return provFIPS == provDefault ++ } ++ return false ++} ++ ++// isProviderAvailable checks if the provider with the given name is available. ++// This function is used in export_test.go, but must be defined here as test files can't access C functions. ++func isProviderAvailable(name string) bool { ++ if vMajor == 1 { ++ return false + } ++ providerName := C.CString(name) ++ defer C.free(unsafe.Pointer(providerName)) ++ return ossl.OSSL_PROVIDER_available(nil, (*byte)(unsafe.Pointer(providerName))) == 1 +} + -+func osslHashUnmarshalBinary(ctx ossl.EVP_MD_CTX_PTR, ch crypto.Hash, magic string, b []byte) error { -+ algctx := getOSSLDigetsContext(ctx) -+ if algctx == nil { -+ return errHashStateInvalid ++// SetFIPS enables or disables FIPS mode. ++// ++// For OpenSSL 3, if there is no provider available that supports FIPS mode, ++// SetFIPS will try to load a built-in provider that supports FIPS mode. ++func SetFIPS(enable bool) error { ++ if FIPS() == enable { ++ // Already in the desired state. ++ return nil + } -+ b = b[len(magic):] -+ switch ch { -+ case crypto.MD5: -+ d := (*_OSSL_MD5_CTX)(unsafe.Pointer(algctx)) -+ return d.UnmarshalBinary(b) -+ case crypto.SHA1: -+ d := (*_OSSL_SHA_CTX)(unsafe.Pointer(algctx)) -+ return d.UnmarshalBinary(b) -+ case crypto.SHA224, crypto.SHA256: -+ d := (*_OSSL_SHA256_CTX)(unsafe.Pointer(algctx)) -+ return d.UnmarshalBinary(b) -+ case crypto.SHA384, crypto.SHA512_224, crypto.SHA512_256, crypto.SHA512: -+ d := (*_OSSL_SHA512_CTX)(unsafe.Pointer(algctx)) -+ return d.UnmarshalBinary(b) ++ var mode int32 ++ if enable { ++ mode = int32(1) ++ } else { ++ mode = int32(0) ++ } ++ switch vMajor { ++ case 1: ++ if _, err := ossl.FIPS_mode_set(mode); err != nil { ++ return err ++ } ++ return nil ++ case 3: ++ var shaProps, provName cString ++ if enable { ++ shaProps = _PropFIPSYes ++ provName = _ProviderNameFips ++ } else { ++ shaProps = _PropFIPSNo ++ provName = _ProviderNameDefault ++ } ++ if !proveSHA256(shaProps) { ++ // There is no provider available that supports the desired FIPS mode. ++ // Try to load the built-in provider associated with the given mode. ++ if p, _ := ossl.OSSL_PROVIDER_try_load(nil, provName.ptr(), 1); p == nil { ++ // The built-in provider was not loaded successfully, we can't enable FIPS mode. ++ ossl.ERR_clear_error() ++ return errors.New("openssl: FIPS mode not supported by any provider") ++ } ++ } ++ _, err := ossl.EVP_default_properties_enable_fips(nil, mode) ++ return err + default: -+ panic("unsupported hash " + ch.String()) ++ panic(errUnsupportedVersion()) + } +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/providersymcrypt.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/providersymcrypt.go -new file mode 100644 -index 00000000000000..1fc14f756a0ce4 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/providersymcrypt.go -@@ -0,0 +1,331 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+package openssl + -+import ( -+ "crypto" -+ "errors" -+ "unsafe" ++// sha256Provider returns the provider for the SHA-256 algorithm ++// using the given properties. ++func sha256Provider(props cString) ossl.OSSL_PROVIDER_PTR { ++ md, _ := ossl.EVP_MD_fetch(nil, _DigestNameSHA2_256.ptr(), props.ptr()) ++ if md == nil { ++ ossl.ERR_clear_error() ++ return nil ++ } ++ defer ossl.EVP_MD_free(md) ++ return ossl.EVP_MD_get0_provider(md) ++} + -+ "github.com/microsoft/go-crypto-openssl/internal/ossl" -+) ++// proveSHA256 checks if the SHA-256 algorithm is available ++// using the given properties. ++func proveSHA256(props cString) bool { ++ return sha256Provider(props) != nil ++} + -+// This file contains code specific to the SymCrypt provider. ++var zero byte + -+const ( -+ _SCOSSL_DIGEST_PARAM_STATE cString = "state\x00" -+ _SCOSSL_DIGEST_PARAM_RECOMPUTE_CHECKSUM cString = "recompute_checksum\x00" -+) ++// baseNeverEmpty returns the address of the underlying array in b. ++// If b has zero length, it returns a pointer to a zero byte. ++func baseNeverEmpty(b []byte) *byte { ++ if len(b) == 0 { ++ return &zero ++ } ++ return unsafe.SliceData(b) ++} + -+const ( -+ _SYMCRYPT_BLOB_MAGIC = 0x636D7973 // "cysm" in little-endian ++// pbaseNeverEmpty returns the address of the underlying array in b. ++// If b has zero length, it returns a pointer to a zero byte. ++func pbaseNeverEmpty(b []byte) unsafe.Pointer { ++ return unsafe.Pointer(baseNeverEmpty(b)) ++} + -+ _SymCryptBlobTypeHashState = 0x100 -+ _SymCryptBlobTypeMd2State = _SymCryptBlobTypeHashState + 1 -+ _SymCryptBlobTypeMd4State = _SymCryptBlobTypeHashState + 2 -+ _SymCryptBlobTypeMd5State = _SymCryptBlobTypeHashState + 3 -+ _SymCryptBlobTypeSha1State = _SymCryptBlobTypeHashState + 4 -+ _SymCryptBlobTypeSha256State = _SymCryptBlobTypeHashState + 5 -+ _SymCryptBlobTypeSha384State = _SymCryptBlobTypeHashState + 6 -+ _SymCryptBlobTypeSha512State = _SymCryptBlobTypeHashState + 7 -+ _SymCryptBlobTypeSha3_256State = _SymCryptBlobTypeHashState + 8 -+ _SymCryptBlobTypeSha3_384State = _SymCryptBlobTypeHashState + 9 -+ _SymCryptBlobTypeSha3_512State = _SymCryptBlobTypeHashState + 10 -+ _SymCryptBlobTypeSha224State = _SymCryptBlobTypeHashState + 11 -+ _SymCryptBlobTypeSha512_224State = _SymCryptBlobTypeHashState + 12 -+ _SymCryptBlobTypeSha512_256State = _SymCryptBlobTypeHashState + 13 -+ _SymCryptBlobTypeSha3_224State = _SymCryptBlobTypeHashState + 14 ++// pbase returns the address of the underlying array in b, ++// being careful not to panic when b has zero length. ++func pbase(b []byte) unsafe.Pointer { ++ return unsafe.Pointer(base(b)) ++} + -+ _SYMCRYPT_MD5_STATE_EXPORT_SIZE = uint32(unsafe.Sizeof(_SYMCRYPT_MD5_STATE_EXPORT_BLOB{})) -+ _SYMCRYPT_SHA1_STATE_EXPORT_SIZE = uint32(unsafe.Sizeof(_SYMCRYPT_SHA1_STATE_EXPORT_BLOB{})) -+ _SYMCRYPT_SHA256_STATE_EXPORT_SIZE = uint32(unsafe.Sizeof(_SYMCRYPT_SHA256_STATE_EXPORT_BLOB{})) -+ _SYMCRYPT_SHA512_STATE_EXPORT_SIZE = uint32(unsafe.Sizeof(_SYMCRYPT_SHA512_STATE_EXPORT_BLOB{})) -+) ++// base returns the address of the underlying array in b, ++// being careful not to panic when b has zero length. ++func base(b []byte) *byte { ++ if len(b) == 0 { ++ return nil ++ } ++ return unsafe.SliceData(b) ++} + -+type _SYMCRYPT_BLOB_HEADER struct { -+ magic uint32 -+ size uint32 -+ _type uint32 ++// cryptoMalloc allocates n bytes of memory on the OpenSSL heap, which may be ++// different from the heap which C.malloc allocates on. The allocated object ++// must be freed using cryptoFree. cryptoMalloc is equivalent to the ++// OPENSSL_malloc macro. ++// ++// Like C.malloc, this function is guaranteed to never return nil. If OpenSSL's ++// malloc indicates out of memory, it crashes the program. ++// ++// Only objects which the OpenSSL library will take ownership of (i.e. will be ++// freed by OPENSSL_free / CRYPTO_free) need to be allocated on the OpenSSL ++// heap. ++func cryptoMalloc(n int) unsafe.Pointer { ++ p, _ := ossl.CRYPTO_malloc(n, nil, 0) ++ if p == nil { ++ // Un-recover()-ably crash the program in the same manner as the ++ // C.malloc() wrapper function. ++ runtime_throw("openssl: CRYPTO_malloc failed") ++ } ++ return p +} + -+type _SYMCRYPT_BLOB_TRAILER struct { -+ checksum [8]uint8 ++// cryptoFree frees an object allocated on the OpenSSL heap, which may be ++// different from the heap which C.malloc allocates on. cryptoFree is equivalent ++// to the OPENSSL_free macro. ++func cryptoFree(p unsafe.Pointer) { ++ ossl.CRYPTO_free(p, nil, 0) +} + -+// _UINT64 is a 64-bit unsigned integer, stored in native endianess. -+// It is used to represent a SymCrypt UINT64 type without making the -+// parent struct 8-byte aligned, given that the Windows ABI makes -+// the struct 4-byte aligned. -+type _UINT64 [2]uint32 ++const wordBytes = bits.UintSize / 8 + -+func newUINT64(v uint64) _UINT64 { -+ var u _UINT64 -+ if isBigEndian() { -+ u[0], u[1] = uint32(v>>32), uint32(v) -+ } else { -+ u[0], u[1] = uint32(v), uint32(v>>32) ++// Reverse each limb of z. ++func (z BigInt) byteSwap() { ++ for i, d := range z { ++ var n uint = 0 ++ for j := range wordBytes { ++ n |= uint(byte(d)) << (8 * (wordBytes - j - 1)) ++ d >>= 8 ++ } ++ z[i] = n + } -+ return u +} + -+func (u *_UINT64) uint64() uint64 { -+ if isBigEndian() { -+ return uint64(u[0])<<32 | (uint64(u[1])) ++func wbase(b BigInt) *byte { ++ if len(b) == 0 { ++ return nil + } -+ return uint64(u[0]) | (uint64(u[1]) << 32) ++ return (*byte)(unsafe.Pointer(unsafe.SliceData(b))) +} + -+// symCryptAppendBinary appends the binary representation of a SymCrypt state -+// to the given destination slice. -+func symCryptAppendBinary(dst, chain, buffer []byte, blength _UINT64) []byte { -+ length := blength.uint64() -+ var nx uint64 -+ if len(buffer) <= 64 { -+ nx = length & 0x3f -+ } else { -+ nx = length & 0x7f ++func bigToBN(x BigInt) (ossl.BIGNUM_PTR, error) { ++ if len(x) == 0 { ++ return nil, nil + } -+ dst = append(dst, chain...) -+ dst = append(dst, buffer[:nx]...) -+ dst = append(dst, make([]byte, len(buffer)-int(nx))...) -+ dst = appendUint64(dst, length) -+ return dst -+} -+ -+// symCryptUnmarshalBinary unmarshals the binary representation of a SymCrypt state -+// from the given source slice. It returns the length of the data. -+func symCryptUnmarshalBinary(d []byte, chain, buffer []byte) _UINT64 { -+ copy(chain[:], d) -+ d = d[len(chain):] -+ copy(buffer[:], d) -+ d = d[len(buffer):] -+ _, length := consumeUint64(d) -+ return newUINT64(length) ++ if isBigEndian { ++ z := make(BigInt, len(x)) ++ copy(z, x) ++ z.byteSwap() ++ x = z ++ } ++ // Limbs are always ordered in LSB first, so we can safely apply ++ // BN_lebin2bn regardless of host endianness. ++ bn, err := ossl.BN_lebin2bn(wbase(x), int32(len(x)*wordBytes), nil) ++ if err != nil { ++ return nil, err ++ } ++ return bn, nil +} + -+// swapEndianessUint32 swaps the endianness of the given byte slice -+// in place. It assumes the slice is a backup of a 32-bit integer array. -+func swapEndianessUint32(d []uint8) { -+ for i := 0; i < len(d); i += 4 { -+ d[i], d[i+3] = d[i+3], d[i] -+ d[i+1], d[i+2] = d[i+2], d[i+1] ++func bnToBig(bn ossl.BIGNUM_PTR) BigInt { ++ if bn == nil { ++ return nil + } + ++ // Limbs are always ordered in LSB first, so we can safely apply ++ // BN_bn2lebinpad regardless of host endianness. ++ x := make(BigInt, ossl.BN_num_bits(bn)) ++ if _, err := ossl.BN_bn2lebinpad(bn, wbase(x), int32(len(x)*wordBytes)); err != nil { ++ panic(err) ++ } ++ if isBigEndian { ++ x.byteSwap() ++ } ++ return x +} + -+type _SYMCRYPT_MD5_STATE_EXPORT_BLOB struct { -+ header _SYMCRYPT_BLOB_HEADER -+ chain [16]uint8 // little endian -+ length _UINT64 // native endian -+ buffer [64]uint8 -+ _ [8]uint8 // reserved -+ _ _SYMCRYPT_BLOB_TRAILER ++// bnToBinPad converts the absolute value of bn into big-endian form and stores ++// it at to, padding with zeroes if necessary. If len(to) is not large enough to ++// hold the result, an error is returned. ++func bnToBinPad(bn ossl.BIGNUM_PTR, to []byte) error { ++ _, err := ossl.BN_bn2binpad(bn, base(to), int32(len(to))) ++ return err +} + -+func (b *_SYMCRYPT_MD5_STATE_EXPORT_BLOB) appendBinary(d []byte) ([]byte, error) { -+ // b.chain is little endian, but Go expects big endian, -+ // we need to swap the bytes. -+ swapEndianessUint32(b.chain[:]) -+ return symCryptAppendBinary(d, b.chain[:], b.buffer[:], b.length), nil ++func CheckLeaks() { ++ C.go_openssl_do_leak_check() +} + -+func (b *_SYMCRYPT_MD5_STATE_EXPORT_BLOB) unmarshalBinary(d []byte) { -+ b.length = symCryptUnmarshalBinary(d, b.chain[:], b.buffer[:]) -+ swapEndianessUint32(b.chain[:]) ++// versionAtOrAbove returns true when ++// (vMajor, vMinor, vPatch) >= (major, minor, patch), ++// compared lexicographically. ++func versionAtOrAbove(major, minor, patch uint) bool { ++ return vMajor > major || (vMajor == major && vMinor > minor) || (vMajor == major && vMinor == minor && vPatch >= patch) +} + -+type _SYMCRYPT_SHA1_STATE_EXPORT_BLOB struct { -+ header _SYMCRYPT_BLOB_HEADER -+ chain [20]uint8 // big endian -+ length _UINT64 // native endian -+ buffer [64]uint8 -+ _ [8]uint8 // reserved -+ _ _SYMCRYPT_BLOB_TRAILER ++func bigEndianUint64(b []byte) uint64 { ++ _ = b[7] // bounds check hint to compiler; see golang.org/issue/14808 ++ return uint64(b[7]) | uint64(b[6])<<8 | uint64(b[5])<<16 | uint64(b[4])<<24 | ++ uint64(b[3])<<32 | uint64(b[2])<<40 | uint64(b[1])<<48 | uint64(b[0])<<56 +} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/params.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/params.go +new file mode 100644 +index 00000000000000..def3f021be19da +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/params.go +@@ -0,0 +1,195 @@ ++//go:build !cmd_go_bootstrap + -+func (b *_SYMCRYPT_SHA1_STATE_EXPORT_BLOB) appendBinary(d []byte) ([]byte, error) { -+ return symCryptAppendBinary(d, b.chain[:], b.buffer[:], b.length), nil -+} ++package openssl + -+func (b *_SYMCRYPT_SHA1_STATE_EXPORT_BLOB) unmarshalBinary(d []byte) { -+ b.length = symCryptUnmarshalBinary(d, b.chain[:], b.buffer[:]) ++import "C" ++import ( ++ "runtime" ++ ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) ++ ++type addParamError struct { ++ name string ++ err error +} + -+type _SYMCRYPT_SHA256_STATE_EXPORT_BLOB struct { -+ header _SYMCRYPT_BLOB_HEADER -+ chain [32]uint8 // big endian -+ length _UINT64 // native endian -+ buffer [64]uint8 -+ _ [8]uint8 // reserved -+ _ _SYMCRYPT_BLOB_TRAILER ++func (e addParamError) Error() string { ++ return "failed to add parameter " + e.name + ": " + e.err.Error() +} + -+func (b *_SYMCRYPT_SHA256_STATE_EXPORT_BLOB) appendBinary(d []byte) ([]byte, error) { -+ return symCryptAppendBinary(d, b.chain[:], b.buffer[:], b.length), nil ++type bnParam struct { ++ value ossl.BIGNUM_PTR ++ private bool +} + -+func (b *_SYMCRYPT_SHA256_STATE_EXPORT_BLOB) unmarshalBinary(d []byte) { -+ b.length = symCryptUnmarshalBinary(d, b.chain[:], b.buffer[:]) ++// paramBuilder is a helper for building OSSL_PARAMs. ++// If an error occurs when adding a new parameter, ++// subsequent calls to add parameters are ignored ++// and build() will return the error. ++type paramBuilder struct { ++ bld ossl.OSSL_PARAM_BLD_PTR ++ pinner runtime.Pinner ++ bnToFree []bnParam ++ ++ err error +} + -+type _SYMCRYPT_SHA512_STATE_EXPORT_BLOB struct { -+ header _SYMCRYPT_BLOB_HEADER -+ chain [64]uint8 // big endian -+ lengthL _UINT64 // native endian -+ lengthH _UINT64 // native endian -+ buffer [128]uint8 -+ _ [8]uint8 // reserved -+ _ _SYMCRYPT_BLOB_TRAILER ++// newParamBuilder creates a new paramBuilder. ++func newParamBuilder() (*paramBuilder, error) { ++ bld, err := ossl.OSSL_PARAM_BLD_new() ++ if err != nil { ++ return nil, err ++ } ++ pb := ¶mBuilder{ ++ bld: bld, ++ bnToFree: make([]bnParam, 0, 8), // the maximum known number of BIGNUMs to free are 8 for RSA ++ } ++ runtime.SetFinalizer(pb, (*paramBuilder).finalize) ++ return pb, nil +} + -+func (b *_SYMCRYPT_SHA512_STATE_EXPORT_BLOB) appendBinary(d []byte) ([]byte, error) { -+ if b.lengthH.uint64() != 0 { -+ return nil, errors.New("exporting state with more than 2^63-1 bytes of data is not supported") ++// finalize frees the builder. ++func (b *paramBuilder) finalize() { ++ if b.bld != nil { ++ b.pinner.Unpin() ++ for _, bn := range b.bnToFree { ++ if bn.private { ++ ossl.BN_clear_free(bn.value) ++ } else { ++ ossl.BN_free(bn.value) ++ } ++ } ++ ossl.OSSL_PARAM_BLD_free(b.bld) ++ b.bld = nil + } -+ return symCryptAppendBinary(d, b.chain[:], b.buffer[:], b.lengthL), nil +} + -+func (b *_SYMCRYPT_SHA512_STATE_EXPORT_BLOB) unmarshalBinary(d []byte) { -+ b.lengthL = symCryptUnmarshalBinary(d, b.chain[:], b.buffer[:]) ++// check is used internally to enforce invariants and should not be called by users of paramBuilder. ++// Returns true if it's ok to add parameters to the builder or build it. ++// Returns false if there has been an error while adding a parameter. ++// Panics if the paramBuilder has been freed, e.g. if it has already been built. ++func (b *paramBuilder) check() bool { ++ if b.err != nil { ++ return false ++ } ++ if b.bld == nil { ++ panic("openssl: paramBuilder has been freed") ++ } ++ return true +} + -+func symCryptHashAppendBinary(ctx ossl.EVP_MD_CTX_PTR, ch crypto.Hash, magic string, buf []byte) ([]byte, error) { -+ size, typ := symCryptHashStateInfo(ch) -+ state := make([]byte, size, _SYMCRYPT_SHA512_STATE_EXPORT_SIZE) // 512 is the largest size -+ params := [2]ossl.OSSL_PARAM{ -+ ossl.OSSL_PARAM_construct_octet_string(_SCOSSL_DIGEST_PARAM_STATE.ptr(), unsafe.Pointer(&state[0]), len(state)), -+ ossl.OSSL_PARAM_construct_end(), ++// build creates an OSSL_PARAM from the builder. ++// The returned OSSL_PARAM must be freed with OSSL_PARAM_free. ++// If an error occurred while adding parameters, the error is returned ++// and the OSSL_PARAM is nil. Once build() is called, the builder is finalized ++// and cannot be reused. ++func (b *paramBuilder) build() (ossl.OSSL_PARAM_PTR, error) { ++ defer b.finalize() ++ if !b.check() { ++ return nil, b.err + } -+ if _, err := ossl.EVP_MD_CTX_get_params(ctx, (ossl.OSSL_PARAM_PTR)(unsafe.Pointer(¶ms[0]))); err != nil { ++ param, err := ossl.OSSL_PARAM_BLD_to_param(b.bld) ++ if err != nil { + return nil, err + } -+ if !ossl.OSSL_PARAM_modified(¶ms[0]) { -+ return nil, errors.New("EVP_MD_CTX_get_params did not retrieve the state") ++ return param, nil ++} ++ ++// addUTF8String adds a NUL-terminated UTF-8 string to the builder. ++// size should not include the terminating NUL byte. If size is zero, then it will be calculated. ++func (b *paramBuilder) addUTF8String(name cString, value *byte, size int) { ++ if !b.check() { ++ return ++ } ++ // OSSL_PARAM_BLD_push_utf8_string calculates the size if it is zero. ++ if _, err := ossl.OSSL_PARAM_BLD_push_utf8_string(b.bld, name.ptr(), value, size); err != nil { ++ b.err = addParamError{name.str(), err} + } ++} + -+ header := (*_SYMCRYPT_BLOB_HEADER)(unsafe.Pointer(&state[0])) -+ if header.magic != _SYMCRYPT_BLOB_MAGIC { -+ return nil, errors.New("invalid blob magic") ++// addOctetString adds an octet string to the builder. ++// The value is pinned and will be unpinned when the builder is freed. ++func (b *paramBuilder) addOctetString(name cString, value []byte) { ++ if !b.check() { ++ return + } -+ if header.size != size { -+ return nil, errors.New("invalid blob size") ++ if value == nil { ++ // Short-circuit a nil slice: don't pass anything at all to OpenSSL. ++ // OpenSSL 3.5.6 raises an error when passed null, and expects users ++ // to not call this function at all in this case. ++ // See https://github.com/openssl/openssl/issues/30728 ++ // ++ // Don't short-circuit empty slices, as they might have a meaning. ++ // For example, in KDFs an empty salt is different from a nil salt. ++ return + } -+ if header._type != typ { -+ return nil, errors.New("invalid blob type") ++ if len(value) != 0 { ++ b.pinner.Pin(&value[0]) + } -+ -+ buf = append(buf, magic...) -+ switch ch { -+ case crypto.MD5: -+ blob := (*_SYMCRYPT_MD5_STATE_EXPORT_BLOB)(unsafe.Pointer(&state[0])) -+ return blob.appendBinary(buf) -+ case crypto.SHA1: -+ blob := (*_SYMCRYPT_SHA1_STATE_EXPORT_BLOB)(unsafe.Pointer(&state[0])) -+ return blob.appendBinary(buf) -+ case crypto.SHA224, crypto.SHA256: -+ blob := (*_SYMCRYPT_SHA256_STATE_EXPORT_BLOB)(unsafe.Pointer(&state[0])) -+ return blob.appendBinary(buf) -+ case crypto.SHA384, crypto.SHA512_224, crypto.SHA512_256, crypto.SHA512: -+ blob := (*_SYMCRYPT_SHA512_STATE_EXPORT_BLOB)(unsafe.Pointer(&state[0])) -+ return blob.appendBinary(buf) -+ default: -+ panic("unsupported hash " + ch.String()) ++ if _, err := ossl.OSSL_PARAM_BLD_push_octet_string(b.bld, name.ptr(), pbaseNeverEmpty(value), len(value)); err != nil { ++ b.err = addParamError{name.str(), err} + } +} + -+func symCryptHashUnmarshalBinary(ctx ossl.EVP_MD_CTX_PTR, ch crypto.Hash, magic string, b []byte) error { -+ size, typ := symCryptHashStateInfo(ch) -+ hdr := _SYMCRYPT_BLOB_HEADER{ -+ magic: _SYMCRYPT_BLOB_MAGIC, -+ size: size, -+ _type: typ, -+ } -+ var blobPtr unsafe.Pointer -+ b = b[len(magic):] -+ switch ch { -+ case crypto.MD5: -+ var blob _SYMCRYPT_MD5_STATE_EXPORT_BLOB -+ blobPtr = unsafe.Pointer(&blob) -+ blob.header = hdr -+ blob.unmarshalBinary(b) -+ case crypto.SHA1: -+ var blob _SYMCRYPT_SHA1_STATE_EXPORT_BLOB -+ blobPtr = unsafe.Pointer(&blob) -+ blob.header = hdr -+ blob.unmarshalBinary(b) -+ case crypto.SHA224, crypto.SHA256: -+ var blob _SYMCRYPT_SHA256_STATE_EXPORT_BLOB -+ blobPtr = unsafe.Pointer(&blob) -+ blob.header = hdr -+ blob.unmarshalBinary(b) -+ case crypto.SHA384, crypto.SHA512_224, crypto.SHA512_256, crypto.SHA512: -+ var blob _SYMCRYPT_SHA512_STATE_EXPORT_BLOB -+ blobPtr = unsafe.Pointer(&blob) -+ blob.header = hdr -+ blob.unmarshalBinary(b) -+ default: -+ panic("unsupported hash " + ch.String()) ++// addInt32 adds an int32 to the builder. ++func (b *paramBuilder) addInt32(name cString, value int32) { ++ if !b.check() { ++ return + } -+ var checksum int32 = 1 -+ params := [3]ossl.OSSL_PARAM{ -+ ossl.OSSL_PARAM_construct_octet_string(_SCOSSL_DIGEST_PARAM_STATE.ptr(), blobPtr, int(hdr.size)), -+ ossl.OSSL_PARAM_construct_int32(_SCOSSL_DIGEST_PARAM_RECOMPUTE_CHECKSUM.ptr(), &checksum), -+ ossl.OSSL_PARAM_construct_end(), ++ if _, err := ossl.OSSL_PARAM_BLD_push_int32(b.bld, name.ptr(), value); err != nil { ++ b.err = addParamError{name.str(), err} + } -+ _, err := ossl.EVP_MD_CTX_set_params(ctx, (ossl.OSSL_PARAM_PTR)(unsafe.Pointer(¶ms[0]))) -+ return err +} + -+func symCryptHashStateInfo(ch crypto.Hash) (size, typ uint32) { -+ switch ch { -+ case crypto.MD5: -+ return _SYMCRYPT_MD5_STATE_EXPORT_SIZE, _SymCryptBlobTypeMd5State -+ case crypto.SHA1: -+ return _SYMCRYPT_SHA1_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha1State -+ case crypto.SHA224: -+ return _SYMCRYPT_SHA256_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha224State -+ case crypto.SHA256: -+ return _SYMCRYPT_SHA256_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha256State -+ case crypto.SHA384: -+ return _SYMCRYPT_SHA512_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha384State -+ case crypto.SHA512_224: -+ return _SYMCRYPT_SHA512_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha512_224State -+ case crypto.SHA512_256: -+ return _SYMCRYPT_SHA512_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha512_256State -+ case crypto.SHA512: -+ return _SYMCRYPT_SHA512_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha512State -+ default: -+ panic("unsupported hash " + ch.String()) ++// addBN adds a GOossl.BIGNUM_PTR to the builder. ++func (b *paramBuilder) addBN(name cString, value ossl.BIGNUM_PTR) { ++ if !b.check() { ++ return ++ } ++ if _, err := ossl.OSSL_PARAM_BLD_push_BN(b.bld, name.ptr(), value); err != nil { ++ b.err = addParamError{name.str(), err} + } +} + -+// isSymCryptHashStateSerializable checks if the SymCrypt hash state is serializable. -+func isSymCryptHashStateSerializable(md ossl.EVP_MD_PTR) bool { -+ ctx, err := ossl.EVP_MD_CTX_new() -+ if err != nil { -+ return false ++// addBin adds a byte slice to the builder. ++// The slice is converted to a BIGNUM using BN_bin2bn and freed when the builder is finalized. ++// If private is true, the BIGNUM will be cleared with BN_clear_free, ++// otherwise it will be freed with BN_free. ++func (b *paramBuilder) addBin(name cString, value []byte, private bool) { ++ if !b.check() { ++ return + } -+ defer ossl.EVP_MD_CTX_free(ctx) -+ if _, err := ossl.EVP_DigestInit_ex(ctx, md, nil); err != nil { -+ return false ++ if len(value) == 0 { ++ // Nothing to do. ++ return + } -+ params, err := ossl.EVP_MD_CTX_gettable_params(ctx) ++ bn, err := ossl.BN_bin2bn(base(value), int32(len(value)), nil) + if err != nil { -+ return false -+ } -+ if _, err = ossl.OSSL_PARAM_locate_const(params, _SCOSSL_DIGEST_PARAM_STATE.ptr()); err != nil { -+ return false ++ b.err = err ++ return + } -+ params, err = ossl.EVP_MD_CTX_settable_params(ctx) -+ if err != nil { -+ return false ++ b.bnToFree = append(b.bnToFree, bnParam{bn, private}) ++ b.addBN(name, bn) ++} ++ ++// addBigInt adds a BigInt to the builder. ++// The BigInt is converted using bigToBN to a BIGNUM that is freed when the builder is finalized. ++// If private is true, the BIGNUM will be cleared with BN_clear_free, ++// otherwise it will be freed with BN_free. ++func (b *paramBuilder) addBigInt(name cString, value BigInt, private bool) { ++ if !b.check() { ++ return + } -+ if _, err = ossl.OSSL_PARAM_locate_const(params, _SCOSSL_DIGEST_PARAM_STATE.ptr()); err != nil { -+ return false ++ if len(value) == 0 { ++ // Nothing to do. ++ return + } -+ if _, err = ossl.OSSL_PARAM_locate_const(params, _SCOSSL_DIGEST_PARAM_RECOMPUTE_CHECKSUM.ptr()); err != nil { -+ return false ++ bn, err := bigToBN(value) ++ if err != nil { ++ b.err = err ++ return + } -+ return true ++ b.bnToFree = append(b.bnToFree, bnParam{bn, private}) ++ b.addBN(name, bn) +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rand.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rand.go +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/pbkdf2.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/pbkdf2.go new file mode 100644 -index 00000000000000..cd8a656a8bae65 +index 00000000000000..b050953aad4581 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rand.go -@@ -0,0 +1,37 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/pbkdf2.go +@@ -0,0 +1,55 @@ ++//go:build !cmd_go_bootstrap + +package openssl + ++import "C" +import ( -+ "math" ++ "errors" ++ "hash" ++ "sync" + + "github.com/microsoft/go-crypto-openssl/internal/ossl" +) + -+type randReader int -+ -+func (randReader) Read(b []byte) (int, error) { -+ if len(b) == 0 { -+ return 0, nil -+ } -+ switch major() { ++// SupportsPBKDF2 reports whether the current OpenSSL version supports PBKDF2. ++func SupportsPBKDF2() bool { ++ switch vMajor { + case 1: -+ if len(b) > math.MaxInt32 { -+ // OpenSSL 1 does not support reading more than 2^31-1 bytes at once. -+ // Instead of erroring out, read only up to 2^31-1 bytes and return -+ // the number of bytes read. -+ b = b[:math.MaxInt32] -+ } -+ if _, err := ossl.RAND_bytes(b); err != nil { -+ return 0, err -+ } ++ return true ++ case 3: ++ _, err := fetchPBKDF2() ++ return err == nil + default: -+ if _, err := ossl.RAND_bytes_ex(nil, b, 0); err != nil { -+ return 0, err -+ } ++ panic(errUnsupportedVersion()) + } -+ return len(b), nil +} + -+const RandReader = randReader(0) -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rc4.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rc4.go ++// fetchPBKDF2 fetches the PBKDF2 algorithm. ++// It is safe to call this function concurrently. ++// The returned EVP_KDF_PTR shouldn't be freed. ++var fetchPBKDF2 = sync.OnceValues(func() (ossl.EVP_KDF_PTR, error) { ++ checkMajorVersion(3) ++ ++ kdf, err := ossl.EVP_KDF_fetch(nil, _OSSL_KDF_NAME_PBKDF2.ptr(), nil) ++ if err != nil { ++ return nil, err ++ } ++ return kdf, nil ++}) ++ ++func PBKDF2(password, salt []byte, iter, keyLen int, fh func() hash.Hash) ([]byte, error) { ++ h, err := hashFuncHash(fh) ++ if err != nil { ++ return nil, err ++ } ++ md := hashToMD(h) ++ if md == nil { ++ return nil, errors.New("unsupported hash function") ++ } ++ out := make([]byte, keyLen) ++ _, err = ossl.PKCS5_PBKDF2_HMAC(base(password), int32(len(password)), base(salt), int32(len(salt)), int32(iter), md, int32(keyLen), base(out)) ++ if err != nil { ++ return nil, err ++ } ++ return out, nil ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/provideropenssl.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/provideropenssl.go new file mode 100644 -index 00000000000000..37d12ec889a91e +index 00000000000000..35a98044ac2e65 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rc4.go -@@ -0,0 +1,76 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/provideropenssl.go +@@ -0,0 +1,239 @@ ++//go:build !cmd_go_bootstrap && cgo + +package openssl + +import ( -+ "runtime" ++ "crypto" ++ "errors" ++ "unsafe" + + "github.com/microsoft/go-crypto-openssl/internal/ossl" -+ "github.com/microsoft/go-crypto-openssl/osslsetup" +) + -+// SupportsRC4 returns true if NewRC4Cipher is supported. -+func SupportsRC4() bool { -+ switch major() { -+ case 1: -+ // RC4 is not part of the OpenSSL 1.x FIPS module. -+ return !osslsetup.FIPS() && loadCipher(cipherRC4, cipherModeNone) != nil -+ default: -+ // On OpenSSL 3+ availability is decided by the algorithm probe: -+ // EVP_CIPHER_fetch returns nil unless the legacy provider is loaded. -+ return loadCipher(cipherRC4, cipherModeNone) != nil -+ } ++// This file contains code specific to the built-in OpenSSL providers. ++ ++// _OSSL_MD5_CTX layout is taken from ++// https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/include/openssl/md5.h#L33. ++type _OSSL_MD5_CTX struct { ++ h [4]uint32 ++ nl, nh uint32 ++ x [64]byte ++ nx uint32 +} + -+// A RC4Cipher is an instance of RC4 using a particular key. -+type RC4Cipher struct { -+ ctx ossl.EVP_CIPHER_CTX_PTR ++func (d *_OSSL_MD5_CTX) UnmarshalBinary(b []byte) error { ++ b, d.h[0] = consumeUint32(b) ++ b, d.h[1] = consumeUint32(b) ++ b, d.h[2] = consumeUint32(b) ++ b, d.h[3] = consumeUint32(b) ++ b = b[copy(d.x[:], b):] ++ _, n := consumeUint64(b) ++ d.nl = uint32(n << 3) ++ d.nh = uint32(n >> 29) ++ d.nx = uint32(n) % 64 ++ return nil +} + -+// NewRC4Cipher creates and returns a new Cipher. -+func NewRC4Cipher(key []byte) (*RC4Cipher, error) { -+ ctx, err := newCipherCtx(cipherRC4, cipherModeNone, cipherOpEncrypt, key, nil) -+ if err != nil { -+ return nil, err -+ } -+ c := &RC4Cipher{ctx} -+ runtime.SetFinalizer(c, (*RC4Cipher).finalize) -+ return c, nil ++func (d *_OSSL_MD5_CTX) AppendBinary(buf []byte) ([]byte, error) { ++ buf = appendUint32(buf, d.h[0]) ++ buf = appendUint32(buf, d.h[1]) ++ buf = appendUint32(buf, d.h[2]) ++ buf = appendUint32(buf, d.h[3]) ++ buf = append(buf, d.x[:d.nx]...) ++ buf = append(buf, make([]byte, len(d.x)-int(d.nx))...) ++ buf = appendUint64(buf, uint64(d.nl)>>3|uint64(d.nh)<<29) ++ return buf, nil +} + -+func (c *RC4Cipher) finalize() { -+ if c.ctx != nil { -+ ossl.EVP_CIPHER_CTX_free(c.ctx) -+ } ++// _OSSL_SHA_CTX layout is taken from ++// https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/include/openssl/sha.h#L34. ++type _OSSL_SHA_CTX struct { ++ h [5]uint32 ++ nl, nh uint32 ++ x [64]byte ++ nx uint32 +} + -+// Reset zeros the key data and makes the Cipher unusable. -+func (c *RC4Cipher) Reset() { -+ if c.ctx != nil { -+ ossl.EVP_CIPHER_CTX_free(c.ctx) -+ c.ctx = nil -+ } ++func (d *_OSSL_SHA_CTX) UnmarshalBinary(b []byte) error { ++ b, d.h[0] = consumeUint32(b) ++ b, d.h[1] = consumeUint32(b) ++ b, d.h[2] = consumeUint32(b) ++ b, d.h[3] = consumeUint32(b) ++ b, d.h[4] = consumeUint32(b) ++ b = b[copy(d.x[:], b):] ++ _, n := consumeUint64(b) ++ d.nl = uint32(n << 3) ++ d.nh = uint32(n >> 29) ++ d.nx = uint32(n) % 64 ++ return nil +} + -+// XORKeyStream sets dst to the result of XORing src with the key stream. -+// Dst and src must overlap entirely or not at all. -+func (c *RC4Cipher) XORKeyStream(dst, src []byte) { -+ if c.ctx == nil || len(src) == 0 { -+ return -+ } -+ if inexactOverlap(dst[:len(src)], src) { -+ panic("crypto/rc4: invalid buffer overlap") -+ } -+ // panic if len(dst) < len(src) with a runtime out of bound error, -+ // which is what crypto/rc4 does. -+ _ = dst[len(src)-1] -+ var outLen int32 -+ if _, err := ossl.EVP_EncryptUpdate(c.ctx, dst, &outLen, src); err != nil { -+ panic("crypto/rc4: " + err.Error()) -+ } -+ if int(outLen) != len(src) { -+ panic("crypto/rc4: src not fully XORed") -+ } -+ runtime.KeepAlive(c) ++func (d *_OSSL_SHA_CTX) AppendBinary(buf []byte) ([]byte, error) { ++ buf = appendUint32(buf, d.h[0]) ++ buf = appendUint32(buf, d.h[1]) ++ buf = appendUint32(buf, d.h[2]) ++ buf = appendUint32(buf, d.h[3]) ++ buf = appendUint32(buf, d.h[4]) ++ buf = append(buf, d.x[:d.nx]...) ++ buf = append(buf, make([]byte, len(d.x)-int(d.nx))...) ++ buf = appendUint64(buf, uint64(d.nl)>>3|uint64(d.nh)<<29) ++ return buf, nil +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rsa.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rsa.go -new file mode 100644 -index 00000000000000..36f84902a21ece ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rsa.go -@@ -0,0 +1,712 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. + -+package openssl ++// _OSSL_SHA256_CTX layout is taken from ++// https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/include/openssl/sha.h#L51. ++type _OSSL_SHA256_CTX struct { ++ h [8]uint32 ++ nl, nh uint32 ++ x [64]byte ++ nx uint32 ++} ++ ++func (d *_OSSL_SHA256_CTX) UnmarshalBinary(b []byte) error { ++ b, d.h[0] = consumeUint32(b) ++ b, d.h[1] = consumeUint32(b) ++ b, d.h[2] = consumeUint32(b) ++ b, d.h[3] = consumeUint32(b) ++ b, d.h[4] = consumeUint32(b) ++ b, d.h[5] = consumeUint32(b) ++ b, d.h[6] = consumeUint32(b) ++ b, d.h[7] = consumeUint32(b) ++ b = b[copy(d.x[:], b):] ++ _, n := consumeUint64(b) ++ d.nl = uint32(n << 3) ++ d.nh = uint32(n >> 29) ++ d.nx = uint32(n) % 64 ++ return nil ++} + -+import ( -+ "crypto" -+ "crypto/subtle" -+ "errors" -+ "hash" -+ "runtime" -+ "sync" -+ "unsafe" ++func (d *_OSSL_SHA256_CTX) AppendBinary(buf []byte) ([]byte, error) { ++ buf = appendUint32(buf, d.h[0]) ++ buf = appendUint32(buf, d.h[1]) ++ buf = appendUint32(buf, d.h[2]) ++ buf = appendUint32(buf, d.h[3]) ++ buf = appendUint32(buf, d.h[4]) ++ buf = appendUint32(buf, d.h[5]) ++ buf = appendUint32(buf, d.h[6]) ++ buf = appendUint32(buf, d.h[7]) ++ buf = append(buf, d.x[:d.nx]...) ++ buf = append(buf, make([]byte, len(d.x)-int(d.nx))...) ++ buf = appendUint64(buf, uint64(d.nl)>>3|uint64(d.nh)<<29) ++ return buf, nil ++} + -+ "github.com/microsoft/go-crypto-openssl/internal/ossl" -+) ++// _OSSL_SHA512_CTX layout is taken from ++// https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/include/openssl/sha.h#L95. ++type _OSSL_SHA512_CTX struct { ++ h [8]uint64 ++ nl, nh uint64 ++ x [128]byte ++ nx uint32 ++} + -+func GenerateKeyRSA(bits int) (N, E, D, P, Q, Dp, Dq, Qinv BigInt, err error) { -+ bad := func(e error) (N, E, D, P, Q, Dp, Dq, Qinv BigInt, err error) { -+ return nil, nil, nil, nil, nil, nil, nil, nil, e -+ } -+ pkey, err := generateEVPPKey(ossl.EVP_PKEY_RSA, int32(bits), "") -+ if err != nil { -+ return bad(err) -+ } -+ defer ossl.EVP_PKEY_free(pkey) -+ switch major() { -+ case 1: -+ key, err := ossl.EVP_PKEY_get1_RSA(pkey) -+ if err != nil { -+ return bad(err) -+ } -+ defer ossl.RSA_free(key) -+ var n, e, d, p, q, dmp1, dmq1, iqmp ossl.BIGNUM_PTR -+ ossl.RSA_get0_key(key, &n, &e, &d) -+ ossl.RSA_get0_factors(key, &p, &q) -+ ossl.RSA_get0_crt_params(key, &dmp1, &dmq1, &iqmp) -+ N, E, D = bnToBig(n), bnToBig(e), bnToBig(d) -+ P, Q = bnToBig(p), bnToBig(q) -+ Dp, Dq, Qinv = bnToBig(dmp1), bnToBig(dmq1), bnToBig(iqmp) -+ case 3, 4: -+ tmp, err := ossl.BN_new() -+ if err != nil { -+ return bad(err) -+ } -+ defer func() { -+ ossl.BN_clear_free(tmp) -+ }() -+ setBigInt := func(bi *BigInt, param cString) bool { -+ if err != nil { -+ return false -+ } -+ if _, err = ossl.EVP_PKEY_get_bn_param(pkey, param.ptr(), &tmp); err != nil { -+ return false -+ } -+ *bi = bnToBig(tmp) -+ ossl.BN_clear(tmp) -+ return true -+ } -+ if !(setBigInt(&N, _OSSL_PKEY_PARAM_RSA_N) && -+ setBigInt(&E, _OSSL_PKEY_PARAM_RSA_E) && -+ setBigInt(&D, _OSSL_PKEY_PARAM_RSA_D) && -+ setBigInt(&P, _OSSL_PKEY_PARAM_RSA_FACTOR1) && -+ setBigInt(&Q, _OSSL_PKEY_PARAM_RSA_FACTOR2) && -+ setBigInt(&Dp, _OSSL_PKEY_PARAM_RSA_EXPONENT1) && -+ setBigInt(&Dq, _OSSL_PKEY_PARAM_RSA_EXPONENT2) && -+ setBigInt(&Qinv, _OSSL_PKEY_PARAM_RSA_COEFFICIENT1)) { -+ return bad(err) -+ } -+ default: -+ panic(errUnsupportedVersion()) -+ } -+ return ++func (d *_OSSL_SHA512_CTX) UnmarshalBinary(b []byte) error { ++ b, d.h[0] = consumeUint64(b) ++ b, d.h[1] = consumeUint64(b) ++ b, d.h[2] = consumeUint64(b) ++ b, d.h[3] = consumeUint64(b) ++ b, d.h[4] = consumeUint64(b) ++ b, d.h[5] = consumeUint64(b) ++ b, d.h[6] = consumeUint64(b) ++ b, d.h[7] = consumeUint64(b) ++ b = b[copy(d.x[:], b):] ++ _, n := consumeUint64(b) ++ d.nl = n << 3 ++ d.nh = n >> 61 ++ d.nx = uint32(n) % 128 ++ return nil +} + -+type PublicKeyRSA struct { -+ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. -+ _pkey ossl.EVP_PKEY_PTR ++func (d *_OSSL_SHA512_CTX) AppendBinary(buf []byte) ([]byte, error) { ++ buf = appendUint64(buf, d.h[0]) ++ buf = appendUint64(buf, d.h[1]) ++ buf = appendUint64(buf, d.h[2]) ++ buf = appendUint64(buf, d.h[3]) ++ buf = appendUint64(buf, d.h[4]) ++ buf = appendUint64(buf, d.h[5]) ++ buf = appendUint64(buf, d.h[6]) ++ buf = appendUint64(buf, d.h[7]) ++ buf = append(buf, d.x[:d.nx]...) ++ buf = append(buf, make([]byte, len(d.x)-int(d.nx))...) ++ buf = appendUint64(buf, d.nl>>3|d.nh<<61) ++ return buf, nil +} + -+func NewPublicKeyRSA(n, e BigInt) (*PublicKeyRSA, error) { -+ var pkey ossl.EVP_PKEY_PTR -+ switch major() { ++func getOSSLDigetsContext(ctx ossl.EVP_MD_CTX_PTR) unsafe.Pointer { ++ switch vMajor { + case 1: -+ key, err := ossl.RSA_new() -+ if err != nil { -+ return nil, err -+ } -+ // No need to check for errors here, RSA_set0_* functions will fail -+ // if the BNs are NULL and we will free non-NULL BNs in the error handling. -+ bn, _ := bigToBN(n) -+ be, _ := bigToBN(e) -+ if _, err := ossl.RSA_set0_key(key, bn, be, nil); err != nil { -+ ossl.BN_free(bn) -+ ossl.BN_free(be) -+ ossl.RSA_free(key) -+ return nil, err -+ } -+ pkey, err = ossl.EVP_PKEY_new() -+ if err != nil { -+ ossl.RSA_free(key) -+ return nil, err -+ } -+ if _, err := ossl.EVP_PKEY_assign(pkey, ossl.EVP_PKEY_RSA, (unsafe.Pointer)(key)); err != nil { -+ ossl.RSA_free(key) -+ ossl.EVP_PKEY_free(pkey) -+ return nil, err ++ // https://github.com/openssl/openssl/blob/0418e993c717a6863f206feaa40673a261de7395/crypto/evp/evp_local.h#L12. ++ type mdCtx struct { ++ _ [2]unsafe.Pointer ++ _ uint32 ++ md_data unsafe.Pointer + } -+ case 3, 4: -+ var err error -+ if pkey, err = newRSAKey3(false, n, e, nil, nil, nil, nil, nil, nil); err != nil { -+ return nil, err ++ return (*mdCtx)(unsafe.Pointer(ctx)).md_data ++ case 3: ++ // The EVP_MD_CTX memory layout has changed in OpenSSL 3 ++ // and the property holding the internal structure is no longer md_data but algctx. ++ // https://github.com/openssl/openssl/blob/5675a5aaf6a2e489022bcfc18330dae9263e598e/crypto/evp/evp_local.h#L16. ++ type mdCtx struct { ++ _ [3]unsafe.Pointer ++ _ uint32 ++ _ [3]unsafe.Pointer ++ algctx unsafe.Pointer + } ++ return (*mdCtx)(unsafe.Pointer(ctx)).algctx + default: + panic(errUnsupportedVersion()) + } -+ k := &PublicKeyRSA{_pkey: pkey} -+ runtime.SetFinalizer(k, (*PublicKeyRSA).finalize) -+ return k, nil -+} -+ -+func (k *PublicKeyRSA) finalize() { -+ ossl.EVP_PKEY_free(k._pkey) -+} -+ -+func (k *PublicKeyRSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { -+ // Because of the finalizer, any time _pkey is passed to cgo, that call must -+ // be followed by a call to runtime.KeepAlive, to make sure k is not -+ // collected (and finalized) before the cgo call returns. -+ defer runtime.KeepAlive(k) -+ return f(k._pkey) +} + -+type PrivateKeyRSA struct { -+ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. -+ _pkey ossl.EVP_PKEY_PTR -+} ++var errHashStateInvalid = errors.New("openssl: can't retrieve hash state") + -+func NewPrivateKeyRSA(n, e, d, p, q, dp, dq, qinv BigInt) (*PrivateKeyRSA, error) { -+ var pkey ossl.EVP_PKEY_PTR -+ switch major() { -+ case 1: -+ key, err := ossl.RSA_new() -+ if err != nil { -+ return nil, err -+ } -+ // No need to check for errors here, RSA_set0_* functions will fail -+ // if the BNs are NULL and we will free non-NULL BNs in the error handling. -+ bn, _ := bigToBN(n) -+ be, _ := bigToBN(e) -+ bd, _ := bigToBN(d) -+ if _, err := ossl.RSA_set0_key(key, bn, be, bd); err != nil { -+ ossl.BN_free(bn) -+ ossl.BN_free(be) -+ ossl.BN_clear_free(bd) -+ return nil, err -+ } -+ if p != nil && q != nil { -+ bp, _ := bigToBN(p) -+ bq, _ := bigToBN(q) -+ if _, err := ossl.RSA_set0_factors(key, bp, bq); err != nil { -+ ossl.BN_clear_free(bp) -+ ossl.BN_clear_free(bq) -+ return nil, err -+ } -+ } -+ if dp != nil && dq != nil && qinv != nil { -+ bdp, _ := bigToBN(dp) -+ bdq, _ := bigToBN(dq) -+ bqinv, _ := bigToBN(qinv) -+ if _, err := ossl.RSA_set0_crt_params(key, bdp, bdq, bqinv); err != nil { -+ ossl.BN_free(bdp) -+ ossl.BN_free(bdq) -+ ossl.BN_free(bqinv) -+ return nil, err -+ } -+ } -+ pkey, err = ossl.EVP_PKEY_new() -+ if err != nil { -+ ossl.RSA_free(key) -+ return nil, err -+ } -+ if _, err := ossl.EVP_PKEY_assign(pkey, ossl.EVP_PKEY_RSA, (unsafe.Pointer)(key)); err != nil { -+ ossl.RSA_free(key) -+ ossl.EVP_PKEY_free(pkey) -+ return nil, err -+ } -+ case 3, 4: -+ var err error -+ if pkey, err = newRSAKey3(true, n, e, d, p, q, dp, dq, qinv); err != nil { -+ return nil, err -+ } ++func osslHashAppendBinary(ctx ossl.EVP_MD_CTX_PTR, ch crypto.Hash, magic string, buf []byte) ([]byte, error) { ++ algctx := getOSSLDigetsContext(ctx) ++ if algctx == nil { ++ return nil, errHashStateInvalid ++ } ++ buf = append(buf, magic...) ++ switch ch { ++ case crypto.MD5: ++ d := (*_OSSL_MD5_CTX)(unsafe.Pointer(algctx)) ++ return d.AppendBinary(buf) ++ case crypto.SHA1: ++ d := (*_OSSL_SHA_CTX)(unsafe.Pointer(algctx)) ++ return d.AppendBinary(buf) ++ case crypto.SHA224, crypto.SHA256: ++ d := (*_OSSL_SHA256_CTX)(unsafe.Pointer(algctx)) ++ return d.AppendBinary(buf) ++ case crypto.SHA384, crypto.SHA512_224, crypto.SHA512_256, crypto.SHA512: ++ d := (*_OSSL_SHA512_CTX)(unsafe.Pointer(algctx)) ++ return d.AppendBinary(buf) + default: -+ panic(errUnsupportedVersion()) ++ panic("unsupported hash " + ch.String()) + } -+ k := &PrivateKeyRSA{_pkey: pkey} -+ runtime.SetFinalizer(k, (*PrivateKeyRSA).finalize) -+ return k, nil +} + -+func (k *PrivateKeyRSA) finalize() { -+ ossl.EVP_PKEY_free(k._pkey) ++func osslHashUnmarshalBinary(ctx ossl.EVP_MD_CTX_PTR, ch crypto.Hash, magic string, b []byte) error { ++ algctx := getOSSLDigetsContext(ctx) ++ if algctx == nil { ++ return errHashStateInvalid ++ } ++ b = b[len(magic):] ++ switch ch { ++ case crypto.MD5: ++ d := (*_OSSL_MD5_CTX)(unsafe.Pointer(algctx)) ++ return d.UnmarshalBinary(b) ++ case crypto.SHA1: ++ d := (*_OSSL_SHA_CTX)(unsafe.Pointer(algctx)) ++ return d.UnmarshalBinary(b) ++ case crypto.SHA224, crypto.SHA256: ++ d := (*_OSSL_SHA256_CTX)(unsafe.Pointer(algctx)) ++ return d.UnmarshalBinary(b) ++ case crypto.SHA384, crypto.SHA512_224, crypto.SHA512_256, crypto.SHA512: ++ d := (*_OSSL_SHA512_CTX)(unsafe.Pointer(algctx)) ++ return d.UnmarshalBinary(b) ++ default: ++ panic("unsupported hash " + ch.String()) ++ } +} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/providersymcrypt.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/providersymcrypt.go +new file mode 100644 +index 00000000000000..b52e4ecfd8d5fd +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/providersymcrypt.go +@@ -0,0 +1,338 @@ ++//go:build !cmd_go_bootstrap && cgo + -+func (k *PrivateKeyRSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { -+ // Because of the finalizer, any time _pkey is passed to cgo, that call must -+ // be followed by a call to runtime.KeepAlive, to make sure k is not -+ // collected (and finalized) before the cgo call returns. -+ defer runtime.KeepAlive(k) -+ return f(k._pkey) -+} ++package openssl + -+func DecryptRSAOAEP(h, mgfHash hash.Hash, priv *PrivateKeyRSA, ciphertext, label []byte) ([]byte, error) { -+ return evpDecrypt(priv.withKey, ossl.RSA_PKCS1_OAEP_PADDING, h, mgfHash, label, ciphertext) -+} ++import ( ++ "crypto" ++ "errors" ++ "runtime" ++ "unsafe" + -+func EncryptRSAOAEP(h, mgfHash hash.Hash, pub *PublicKeyRSA, msg, label []byte) ([]byte, error) { -+ return evpEncrypt(pub.withKey, ossl.RSA_PKCS1_OAEP_PADDING, h, mgfHash, label, msg) -+} ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) + -+func DecryptRSAPKCS1(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error) { -+ return evpDecrypt(priv.withKey, ossl.RSA_PKCS1_PADDING, nil, nil, nil, ciphertext) ++// This file contains code specific to the SymCrypt provider. ++ ++const ( ++ _SCOSSL_DIGEST_PARAM_STATE cString = "state\x00" ++ _SCOSSL_DIGEST_PARAM_RECOMPUTE_CHECKSUM cString = "recompute_checksum\x00" ++) ++ ++const ( ++ _SYMCRYPT_BLOB_MAGIC = 0x636D7973 // "cysm" in little-endian ++ ++ _SymCryptBlobTypeHashState = 0x100 ++ _SymCryptBlobTypeMd2State = _SymCryptBlobTypeHashState + 1 ++ _SymCryptBlobTypeMd4State = _SymCryptBlobTypeHashState + 2 ++ _SymCryptBlobTypeMd5State = _SymCryptBlobTypeHashState + 3 ++ _SymCryptBlobTypeSha1State = _SymCryptBlobTypeHashState + 4 ++ _SymCryptBlobTypeSha256State = _SymCryptBlobTypeHashState + 5 ++ _SymCryptBlobTypeSha384State = _SymCryptBlobTypeHashState + 6 ++ _SymCryptBlobTypeSha512State = _SymCryptBlobTypeHashState + 7 ++ _SymCryptBlobTypeSha3_256State = _SymCryptBlobTypeHashState + 8 ++ _SymCryptBlobTypeSha3_384State = _SymCryptBlobTypeHashState + 9 ++ _SymCryptBlobTypeSha3_512State = _SymCryptBlobTypeHashState + 10 ++ _SymCryptBlobTypeSha224State = _SymCryptBlobTypeHashState + 11 ++ _SymCryptBlobTypeSha512_224State = _SymCryptBlobTypeHashState + 12 ++ _SymCryptBlobTypeSha512_256State = _SymCryptBlobTypeHashState + 13 ++ _SymCryptBlobTypeSha3_224State = _SymCryptBlobTypeHashState + 14 ++ ++ _SYMCRYPT_MD5_STATE_EXPORT_SIZE = uint32(unsafe.Sizeof(_SYMCRYPT_MD5_STATE_EXPORT_BLOB{})) ++ _SYMCRYPT_SHA1_STATE_EXPORT_SIZE = uint32(unsafe.Sizeof(_SYMCRYPT_SHA1_STATE_EXPORT_BLOB{})) ++ _SYMCRYPT_SHA256_STATE_EXPORT_SIZE = uint32(unsafe.Sizeof(_SYMCRYPT_SHA256_STATE_EXPORT_BLOB{})) ++ _SYMCRYPT_SHA512_STATE_EXPORT_SIZE = uint32(unsafe.Sizeof(_SYMCRYPT_SHA512_STATE_EXPORT_BLOB{})) ++) ++ ++type _SYMCRYPT_BLOB_HEADER struct { ++ magic uint32 ++ size uint32 ++ _type uint32 +} + -+func EncryptRSAPKCS1(pub *PublicKeyRSA, msg []byte) ([]byte, error) { -+ return evpEncrypt(pub.withKey, ossl.RSA_PKCS1_PADDING, nil, nil, nil, msg) ++type _SYMCRYPT_BLOB_TRAILER struct { ++ checksum [8]uint8 +} + -+func DecryptRSANoPadding(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error) { -+ ret, err := evpDecrypt(priv.withKey, ossl.RSA_NO_PADDING, nil, nil, nil, ciphertext) -+ if err != nil { -+ return nil, err ++// _UINT64 is a 64-bit unsigned integer, stored in native endianess. ++// It is used to represent a SymCrypt UINT64 type without making the ++// parent struct 8-byte aligned, given that the Windows ABI makes ++// the struct 4-byte aligned. ++type _UINT64 [2]uint32 ++ ++func newUINT64(v uint64) _UINT64 { ++ var u _UINT64 ++ if isBigEndian { ++ u[0], u[1] = uint32(v>>32), uint32(v) ++ } else { ++ u[0], u[1] = uint32(v), uint32(v>>32) + } -+ // We could return here, but the Go standard library test expects DecryptRSANoPadding to verify the result -+ // in order to defend against errors in the CRT computation. -+ // -+ // The following code tries to replicate the verification implemented in the upstream function decryptAndCheck, found at -+ // https://github.com/golang/go/blob/9de1ac6ac2cad3871760d0aa288f5ca713afd0a6/src/crypto/rsa/rsa.go#L569-L582. -+ pub := &PublicKeyRSA{_pkey: priv._pkey} -+ // A private EVP_PKEY can be used as a public key as it contains the public information. -+ enc, err := EncryptRSANoPadding(pub, ret) -+ if err != nil { -+ return nil, err ++ return u ++} ++ ++func (u *_UINT64) uint64() uint64 { ++ if isBigEndian { ++ return uint64(u[0])<<32 | (uint64(u[1])) + } -+ // Upstream does not do a constant time comparison because it works with math/big instead of byte slices, -+ // and math/big does not support constant-time arithmetic yet. See #20654 for more info. -+ if subtle.ConstantTimeCompare(ciphertext, enc) != 1 { -+ return nil, errors.New("rsa: internal error") ++ return uint64(u[0]) | (uint64(u[1]) << 32) ++} ++ ++// symCryptAppendBinary appends the binary representation of a SymCrypt state ++// to the given destination slice. ++func symCryptAppendBinary(dst, chain, buffer []byte, blength _UINT64) []byte { ++ length := blength.uint64() ++ var nx uint64 ++ if len(buffer) <= 64 { ++ nx = length & 0x3f ++ } else { ++ nx = length & 0x7f + } -+ return ret, nil ++ dst = append(dst, chain...) ++ dst = append(dst, buffer[:nx]...) ++ dst = append(dst, make([]byte, len(buffer)-int(nx))...) ++ dst = appendUint64(dst, length) ++ return dst +} + -+func EncryptRSANoPadding(pub *PublicKeyRSA, msg []byte) ([]byte, error) { -+ return evpEncrypt(pub.withKey, ossl.RSA_NO_PADDING, nil, nil, nil, msg) ++// symCryptUnmarshalBinary unmarshals the binary representation of a SymCrypt state ++// from the given source slice. It returns the length of the data. ++func symCryptUnmarshalBinary(d []byte, chain, buffer []byte) _UINT64 { ++ copy(chain[:], d) ++ d = d[len(chain):] ++ copy(buffer[:], d) ++ d = d[len(buffer):] ++ _, length := consumeUint64(d) ++ return newUINT64(length) +} + -+func saltLength(saltLen int, sign bool) (int32, error) { -+ // A salt length of -2 is valid in OpenSSL, but not in crypto/rsa, so reject -+ // it, and lengths < -2, before we convert to the OpenSSL sentinel values. -+ if saltLen <= -2 { -+ return 0, errors.New("crypto/rsa: invalid PSS salt length") -+ } -+ // OpenSSL uses sentinel salt length values like Go crypto does, -+ // but the values don't fully match for rsa.PSSSaltLengthAuto (0). -+ if saltLen == 0 { -+ if sign { -+ if major() == 1 { -+ // OpenSSL 1.x uses -2 to mean maximal size when signing where Go crypto uses 0. -+ return ossl.RSA_PSS_SALTLEN_MAX_SIGN, nil -+ } -+ // OpenSSL 3.x deprecated RSA_PSS_SALTLEN_MAX_SIGN -+ // and uses -3 to mean maximal size when signing where Go crypto uses 0. -+ return ossl.RSA_PSS_SALTLEN_MAX, nil -+ } -+ // OpenSSL uses -2 to mean auto-detect size when verifying where Go crypto uses 0. -+ return ossl.RSA_PSS_SALTLEN_AUTO, nil ++// swapEndianessUint32 swaps the endianness of the given byte slice ++// in place. It assumes the slice is a backup of a 32-bit integer array. ++func swapEndianessUint32(d []uint8) { ++ for i := 0; i < len(d); i += 4 { ++ d[i], d[i+3] = d[i+3], d[i] ++ d[i+1], d[i+2] = d[i+2], d[i+1] + } -+ return int32(saltLen), nil ++ +} + -+func SignRSAPSS(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte, saltLen int) ([]byte, error) { -+ cSaltLen, err := saltLength(saltLen, true) -+ if err != nil { -+ return nil, err -+ } -+ return evpSign(priv.withKey, ossl.RSA_PKCS1_PSS_PADDING, cSaltLen, h, hashed) ++type _SYMCRYPT_MD5_STATE_EXPORT_BLOB struct { ++ header _SYMCRYPT_BLOB_HEADER ++ chain [16]uint8 // little endian ++ length _UINT64 // native endian ++ buffer [64]uint8 ++ _ [8]uint8 // reserved ++ _ _SYMCRYPT_BLOB_TRAILER +} + -+func VerifyRSAPSS(pub *PublicKeyRSA, h crypto.Hash, hashed, sig []byte, saltLen int) error { -+ cSaltLen, err := saltLength(saltLen, false) -+ if err != nil { -+ return err -+ } -+ return evpVerify(pub.withKey, ossl.RSA_PKCS1_PSS_PADDING, cSaltLen, h, sig, hashed) ++func (b *_SYMCRYPT_MD5_STATE_EXPORT_BLOB) appendBinary(d []byte) ([]byte, error) { ++ // b.chain is little endian, but Go expects big endian, ++ // we need to swap the bytes. ++ swapEndianessUint32(b.chain[:]) ++ return symCryptAppendBinary(d, b.chain[:], b.buffer[:], b.length), nil +} + -+func SignRSAPKCS1v15(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte) ([]byte, error) { -+ return evpSign(priv.withKey, ossl.RSA_PKCS1_PADDING, 0, h, hashed) ++func (b *_SYMCRYPT_MD5_STATE_EXPORT_BLOB) unmarshalBinary(d []byte) { ++ b.length = symCryptUnmarshalBinary(d, b.chain[:], b.buffer[:]) ++ swapEndianessUint32(b.chain[:]) +} + -+func HashSignRSAPKCS1v15(priv *PrivateKeyRSA, h crypto.Hash, msg []byte) ([]byte, error) { -+ return evpHashSign(priv.withKey, h, msg) ++type _SYMCRYPT_SHA1_STATE_EXPORT_BLOB struct { ++ header _SYMCRYPT_BLOB_HEADER ++ chain [20]uint8 // big endian ++ length _UINT64 // native endian ++ buffer [64]uint8 ++ _ [8]uint8 // reserved ++ _ _SYMCRYPT_BLOB_TRAILER +} + -+func VerifyRSAPKCS1v15(pub *PublicKeyRSA, h crypto.Hash, hashed, sig []byte) error { -+ defer runtime.KeepAlive(pub) -+ var size int32 -+ if err := pub.withKey(func(pkey ossl.EVP_PKEY_PTR) (err error) { -+ size, err = ossl.EVP_PKEY_get_size(pkey) -+ if err != nil { -+ return err -+ } -+ if len(sig) < int(size) { -+ return errors.New("crypto/rsa: verification error") -+ } -+ return nil -+ }); err != nil { -+ return err -+ } -+ return evpVerify(pub.withKey, ossl.RSA_PKCS1_PADDING, 0, h, sig, hashed) ++func (b *_SYMCRYPT_SHA1_STATE_EXPORT_BLOB) appendBinary(d []byte) ([]byte, error) { ++ return symCryptAppendBinary(d, b.chain[:], b.buffer[:], b.length), nil ++} ++ ++func (b *_SYMCRYPT_SHA1_STATE_EXPORT_BLOB) unmarshalBinary(d []byte) { ++ b.length = symCryptUnmarshalBinary(d, b.chain[:], b.buffer[:]) ++} ++ ++type _SYMCRYPT_SHA256_STATE_EXPORT_BLOB struct { ++ header _SYMCRYPT_BLOB_HEADER ++ chain [32]uint8 // big endian ++ length _UINT64 // native endian ++ buffer [64]uint8 ++ _ [8]uint8 // reserved ++ _ _SYMCRYPT_BLOB_TRAILER +} + -+func HashVerifyRSAPKCS1v15(pub *PublicKeyRSA, h crypto.Hash, msg, sig []byte) error { -+ return evpHashVerify(pub.withKey, h, msg, sig) ++func (b *_SYMCRYPT_SHA256_STATE_EXPORT_BLOB) appendBinary(d []byte) ([]byte, error) { ++ return symCryptAppendBinary(d, b.chain[:], b.buffer[:], b.length), nil +} + -+func newRSAKey3(isPriv bool, n, e, d, p, q, dp, dq, qinv BigInt) (ossl.EVP_PKEY_PTR, error) { -+ bld := newParamBuilder() -+ defer bld.finalize() ++func (b *_SYMCRYPT_SHA256_STATE_EXPORT_BLOB) unmarshalBinary(d []byte) { ++ b.length = symCryptUnmarshalBinary(d, b.chain[:], b.buffer[:]) ++} + -+ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_N, n, false) -+ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_E, e, false) -+ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_D, d, false) ++type _SYMCRYPT_SHA512_STATE_EXPORT_BLOB struct { ++ header _SYMCRYPT_BLOB_HEADER ++ chain [64]uint8 // big endian ++ lengthL _UINT64 // native endian ++ lengthH _UINT64 // native endian ++ buffer [128]uint8 ++ _ [8]uint8 // reserved ++ _ _SYMCRYPT_BLOB_TRAILER ++} + -+ // OpenSSL 3.0 and 3.1 required all the precomputed values if -+ // P and Q are present. See: -+ // https://github.com/openssl/openssl/pull/22334 -+ // -+ // We could only set P and Q if they exist when using OpenSSL 3.2 -+ // or newer, but the RSA provider might be built with an older -+ // OpenSSL version, in which case it would still require all the -+ // precomputed values. So better always provide all the values or -+ // none of them. -+ if p != nil && q != nil && dp != nil && dq != nil && qinv != nil { -+ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_FACTOR1, p, true) -+ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_FACTOR2, q, true) -+ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_EXPONENT1, dp, true) -+ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_EXPONENT2, dq, true) -+ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_COEFFICIENT1, qinv, true) ++func (b *_SYMCRYPT_SHA512_STATE_EXPORT_BLOB) appendBinary(d []byte) ([]byte, error) { ++ if b.lengthH.uint64() != 0 { ++ return nil, errors.New("exporting state with more than 2^63-1 bytes of data is not supported") + } ++ return symCryptAppendBinary(d, b.chain[:], b.buffer[:], b.lengthL), nil ++} + -+ params, err := bld.build() -+ if err != nil { ++func (b *_SYMCRYPT_SHA512_STATE_EXPORT_BLOB) unmarshalBinary(d []byte) { ++ b.lengthL = symCryptUnmarshalBinary(d, b.chain[:], b.buffer[:]) ++} ++ ++func symCryptHashAppendBinary(ctx ossl.EVP_MD_CTX_PTR, ch crypto.Hash, magic string, buf []byte) ([]byte, error) { ++ size, typ := symCryptHashStateInfo(ch) ++ state := make([]byte, size, _SYMCRYPT_SHA512_STATE_EXPORT_SIZE) // 512 is the largest size ++ var pinner runtime.Pinner ++ pinner.Pin(&state[0]) ++ defer pinner.Unpin() ++ params := [2]ossl.OSSL_PARAM{ ++ ossl.OSSL_PARAM_construct_octet_string(_SCOSSL_DIGEST_PARAM_STATE.ptr(), unsafe.Pointer(&state[0]), len(state)), ++ ossl.OSSL_PARAM_construct_end(), ++ } ++ if _, err := ossl.EVP_MD_CTX_get_params(ctx, (ossl.OSSL_PARAM_PTR)(unsafe.Pointer(¶ms[0]))); err != nil { + return nil, err + } -+ defer ossl.OSSL_PARAM_free(params) -+ selection := ossl.EVP_PKEY_PUBLIC_KEY -+ if isPriv { -+ selection = ossl.EVP_PKEY_KEYPAIR ++ if !ossl.OSSL_PARAM_modified(¶ms[0]) { ++ return nil, errors.New("EVP_MD_CTX_get_params did not retrieve the state") + } -+ return newEvpFromParams(ossl.EVP_PKEY_RSA, int32(selection), params) -+} + -+// SupportsRSAPKCS1v15Encryption returns true if the RSA PKCS1 v1.5 padding is supported for encryption and decryption. -+var SupportsRSAPKCS1v15Encryption = sync.OnceValue(func() bool { -+ pkey := testRSAPrivateKey() -+ ctx, err := ossl.EVP_PKEY_CTX_new(pkey, nil) -+ if err != nil { -+ return false ++ header := (*_SYMCRYPT_BLOB_HEADER)(unsafe.Pointer(&state[0])) ++ if header.magic != _SYMCRYPT_BLOB_MAGIC { ++ return nil, errors.New("invalid blob magic") + } -+ defer ossl.EVP_PKEY_CTX_free(ctx) -+ -+ if _, err := ossl.EVP_PKEY_encrypt_init(ctx); err != nil { -+ return false ++ if header.size != size { ++ return nil, errors.New("invalid blob size") + } -+ -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, ossl.EVP_PKEY_RSA, -1, ossl.EVP_PKEY_CTRL_RSA_PADDING, ossl.RSA_PKCS1_PADDING, nil); err != nil { -+ return false ++ if header._type != typ { ++ return nil, errors.New("invalid blob type") + } + -+ // In FIPS mode, setting the padding might succeed, but the actual encryption will fail. -+ // So we need to try to encrypt something to be sure. -+ in := []byte("test") -+ var outLen int -+ if _, err := ossl.EVP_PKEY_encrypt(ctx, nil, &outLen, in); err != nil { -+ return false ++ buf = append(buf, magic...) ++ switch ch { ++ case crypto.MD5: ++ blob := (*_SYMCRYPT_MD5_STATE_EXPORT_BLOB)(unsafe.Pointer(&state[0])) ++ return blob.appendBinary(buf) ++ case crypto.SHA1: ++ blob := (*_SYMCRYPT_SHA1_STATE_EXPORT_BLOB)(unsafe.Pointer(&state[0])) ++ return blob.appendBinary(buf) ++ case crypto.SHA224, crypto.SHA256: ++ blob := (*_SYMCRYPT_SHA256_STATE_EXPORT_BLOB)(unsafe.Pointer(&state[0])) ++ return blob.appendBinary(buf) ++ case crypto.SHA384, crypto.SHA512_224, crypto.SHA512_256, crypto.SHA512: ++ blob := (*_SYMCRYPT_SHA512_STATE_EXPORT_BLOB)(unsafe.Pointer(&state[0])) ++ return blob.appendBinary(buf) ++ default: ++ panic("unsupported hash " + ch.String()) + } -+ return true -+}) ++} + -+var rsaPKCS1SignatureSupport sync.Map ++func symCryptHashUnmarshalBinary(ctx ossl.EVP_MD_CTX_PTR, ch crypto.Hash, magic string, b []byte) error { ++ size, typ := symCryptHashStateInfo(ch) ++ hdr := _SYMCRYPT_BLOB_HEADER{ ++ magic: _SYMCRYPT_BLOB_MAGIC, ++ size: size, ++ _type: typ, ++ } ++ var blobPtr unsafe.Pointer ++ b = b[len(magic):] ++ switch ch { ++ case crypto.MD5: ++ var blob _SYMCRYPT_MD5_STATE_EXPORT_BLOB ++ blobPtr = unsafe.Pointer(&blob) ++ blob.header = hdr ++ blob.unmarshalBinary(b) ++ case crypto.SHA1: ++ var blob _SYMCRYPT_SHA1_STATE_EXPORT_BLOB ++ blobPtr = unsafe.Pointer(&blob) ++ blob.header = hdr ++ blob.unmarshalBinary(b) ++ case crypto.SHA224, crypto.SHA256: ++ var blob _SYMCRYPT_SHA256_STATE_EXPORT_BLOB ++ blobPtr = unsafe.Pointer(&blob) ++ blob.header = hdr ++ blob.unmarshalBinary(b) ++ case crypto.SHA384, crypto.SHA512_224, crypto.SHA512_256, crypto.SHA512: ++ var blob _SYMCRYPT_SHA512_STATE_EXPORT_BLOB ++ blobPtr = unsafe.Pointer(&blob) ++ blob.header = hdr ++ blob.unmarshalBinary(b) ++ default: ++ panic("unsupported hash " + ch.String()) ++ } ++ var checksum int32 = 1 ++ var pinner runtime.Pinner ++ pinner.Pin(blobPtr) ++ pinner.Pin(&checksum) ++ defer pinner.Unpin() ++ params := [3]ossl.OSSL_PARAM{ ++ ossl.OSSL_PARAM_construct_octet_string(_SCOSSL_DIGEST_PARAM_STATE.ptr(), blobPtr, int(hdr.size)), ++ ossl.OSSL_PARAM_construct_int32(_SCOSSL_DIGEST_PARAM_RECOMPUTE_CHECKSUM.ptr(), &checksum), ++ ossl.OSSL_PARAM_construct_end(), ++ } ++ _, err := ossl.EVP_MD_CTX_set_params(ctx, (ossl.OSSL_PARAM_PTR)(unsafe.Pointer(¶ms[0]))) ++ return err ++} + -+// SupportsRSAPKCS1v15Signature returns true if the RSA PKCS1 v1.5 padding is supported for signatures with the given hash. -+func SupportsRSAPKCS1v15Signature(ch crypto.Hash) (supported bool) { -+ v, ok := rsaPKCS1SignatureSupport.Load(ch) -+ if ok { -+ return v.(bool) ++func symCryptHashStateInfo(ch crypto.Hash) (size, typ uint32) { ++ switch ch { ++ case crypto.MD5: ++ return _SYMCRYPT_MD5_STATE_EXPORT_SIZE, _SymCryptBlobTypeMd5State ++ case crypto.SHA1: ++ return _SYMCRYPT_SHA1_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha1State ++ case crypto.SHA224: ++ return _SYMCRYPT_SHA256_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha224State ++ case crypto.SHA256: ++ return _SYMCRYPT_SHA256_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha256State ++ case crypto.SHA384: ++ return _SYMCRYPT_SHA512_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha384State ++ case crypto.SHA512_224: ++ return _SYMCRYPT_SHA512_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha512_224State ++ case crypto.SHA512_256: ++ return _SYMCRYPT_SHA512_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha512_256State ++ case crypto.SHA512: ++ return _SYMCRYPT_SHA512_STATE_EXPORT_SIZE, _SymCryptBlobTypeSha512State ++ default: ++ panic("unsupported hash " + ch.String()) + } -+ defer func() { -+ rsaPKCS1SignatureSupport.Store(ch, supported) -+ }() ++} + -+ pkey := testRSAPrivateKey() -+ ctx, err := ossl.EVP_PKEY_CTX_new(pkey, nil) ++// isSymCryptHashStateSerializable checks if the SymCrypt hash state is serializable. ++func isSymCryptHashStateSerializable(md ossl.EVP_MD_PTR) bool { ++ ctx, err := ossl.EVP_MD_CTX_new() + if err != nil { + return false + } -+ defer ossl.EVP_PKEY_CTX_free(ctx) -+ if _, err := ossl.EVP_PKEY_sign_init(ctx); err != nil { -+ return false -+ } -+ if setPKCS1Padding(ctx, ch) != nil { ++ defer ossl.EVP_MD_CTX_free(ctx) ++ if _, err := ossl.EVP_DigestInit_ex(ctx, md, nil); err != nil { + return false + } -+ // In FIPS mode, setting the padding might succeed, but the actual signature will fail. -+ // So we need to try to sign something to be sure. -+ size := 1 -+ if ch != 0 { -+ size = ch.Size() -+ } -+ in := make([]byte, size, maxHashSize) -+ var outLen int -+ if _, err := ossl.EVP_PKEY_sign(ctx, nil, &outLen, in); err != nil { ++ params, err := ossl.EVP_MD_CTX_gettable_params(ctx) ++ if err != nil { + return false + } -+ return true -+} -+ -+var rsaPSSSupport sync.Map -+ -+// SupportsRSAPSS returns true if the RSA PSS padding is supported for signatures with the given hash. -+func SupportsRSAPSS(ch crypto.Hash) (supported bool) { -+ v, ok := rsaPSSSupport.Load(ch) -+ if ok { -+ return v.(bool) -+ } -+ defer func() { -+ rsaPSSSupport.Store(ch, supported) -+ }() -+ -+ if !SupportsHash(ch) { -+ // Short-circuit if the hash itself is not supported. ++ if _, err = ossl.OSSL_PARAM_locate_const(params, _SCOSSL_DIGEST_PARAM_STATE.ptr()); err != nil { + return false + } -+ -+ pkey := testRSAPrivateKey() -+ ctx, err := ossl.EVP_PKEY_CTX_new(pkey, nil) ++ params, err = ossl.EVP_MD_CTX_settable_params(ctx) + if err != nil { + return false + } -+ defer ossl.EVP_PKEY_CTX_free(ctx) -+ if _, err := ossl.EVP_PKEY_sign_init(ctx); err != nil { -+ return false -+ } -+ if setPSSPadding(ctx, 0, ch) != nil { ++ if _, err = ossl.OSSL_PARAM_locate_const(params, _SCOSSL_DIGEST_PARAM_STATE.ptr()); err != nil { + return false + } -+ // In FIPS mode, setting the padding might succeed, but the actual signature will fail. -+ // So we need to try to sign something to be sure. -+ in := make([]byte, ch.Size(), maxHashSize) -+ var outLen int -+ if _, err := ossl.EVP_PKEY_sign(ctx, nil, &outLen, in); err != nil { ++ if _, err = ossl.OSSL_PARAM_locate_const(params, _SCOSSL_DIGEST_PARAM_RECOMPUTE_CHECKSUM.ptr()); err != nil { + return false + } + return true +} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rand.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rand.go +new file mode 100644 +index 00000000000000..b65ffa85f0cba5 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rand.go +@@ -0,0 +1,22 @@ ++//go:build !cmd_go_bootstrap + -+var rsaOAEPSupport sync.Map ++package openssl + -+type rsaOAEPSupportEntry struct { -+ ch crypto.Hash -+ mgfHash crypto.Hash -+} ++import "C" ++import "github.com/microsoft/go-crypto-openssl/internal/ossl" + -+// SupportsRSAOAEP returns true if the RSA OAEP padding is supported for encryption/decryption -+// with the given hash and MGF hash. -+func SupportsRSAOAEP(h, mgfHash hash.Hash) (supported bool) { -+ ch := hashToCryptoHash(h) -+ if ch == 0 { -+ return false -+ } -+ mgfCh := hashToCryptoHash(mgfHash) -+ if mgfCh == 0 { -+ return false ++type randReader int ++ ++func (randReader) Read(b []byte) (int, error) { ++ if len(b) == 0 { ++ return 0, nil + } -+ entry := rsaOAEPSupportEntry{ch, mgfCh} -+ v, ok := rsaOAEPSupport.Load(entry) -+ if ok { -+ return v.(bool) ++ // Note: RAND_bytes should never fail; the return value exists only for historical reasons. ++ // We check it even so. ++ if _, err := ossl.RAND_bytes(base(b), int32(len(b))); err != nil { ++ return 0, err + } -+ defer func() { -+ rsaOAEPSupport.Store(entry, supported) -+ }() ++ return len(b), nil ++} + -+ if !SupportsHash(ch) { -+ // Short-circuit if the hash itself is not supported. -+ return false -+ } ++const RandReader = randReader(0) +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rc4.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rc4.go +new file mode 100644 +index 00000000000000..1276de2124a9c4 +--- /dev/null ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rc4.go +@@ -0,0 +1,69 @@ ++//go:build !cmd_go_bootstrap + -+ pkey := testRSAPrivateKey() -+ ctx, err := ossl.EVP_PKEY_CTX_new(pkey, nil) -+ if err != nil { -+ return false -+ } -+ defer ossl.EVP_PKEY_CTX_free(ctx) ++package openssl + -+ if _, err := ossl.EVP_PKEY_encrypt_init(ctx); err != nil { -+ return false ++import "C" ++import ( ++ "runtime" ++ ++ "github.com/microsoft/go-crypto-openssl/internal/ossl" ++) ++ ++// SupportsRC4 returns true if NewRC4Cipher is supported. ++func SupportsRC4() bool { ++ // True for stock OpenSSL 1 w/o FIPS. ++ // False for stock OpenSSL 3 unless the legacy provider is available. ++ return (versionAtOrAbove(3, 0, 0) || !FIPS()) && loadCipher(cipherRC4, cipherModeNone) != nil ++} ++ ++// A RC4Cipher is an instance of RC4 using a particular key. ++type RC4Cipher struct { ++ ctx ossl.EVP_CIPHER_CTX_PTR ++} ++ ++// NewRC4Cipher creates and returns a new Cipher. ++func NewRC4Cipher(key []byte) (*RC4Cipher, error) { ++ ctx, err := newCipherCtx(cipherRC4, cipherModeNone, cipherOpEncrypt, key, nil) ++ if err != nil { ++ return nil, err + } ++ c := &RC4Cipher{ctx} ++ runtime.SetFinalizer(c, (*RC4Cipher).finalize) ++ return c, nil ++} + -+ if setOAEPPadding(ctx, h, mgfHash, nil) != nil { -+ return false ++func (c *RC4Cipher) finalize() { ++ if c.ctx != nil { ++ ossl.EVP_CIPHER_CTX_free(c.ctx) + } ++} + -+ // In FIPS mode, setting the padding might succeed, but the actual encryption will fail. -+ // So we need to try to encrypt something to be sure. -+ in := []byte("test") -+ var outLen int -+ if _, err := ossl.EVP_PKEY_encrypt(ctx, nil, &outLen, in); err != nil { -+ return false ++// Reset zeros the key data and makes the Cipher unusable. ++func (c *RC4Cipher) Reset() { ++ if c.ctx != nil { ++ ossl.EVP_CIPHER_CTX_free(c.ctx) ++ c.ctx = nil + } -+ return true +} + -+// testRSAPrivateKey returns a test RSA private key for use in capability probing functions. -+// -+// The key is constructed from hard-coded parameters to avoid -+// spurious failures due to key generation issues and to avoid the speed cost of -+// key generation. -+var testRSAPrivateKey = sync.OnceValue(func() ossl.EVP_PKEY_PTR { -+ // RSA-2048 key "testRSA2048": -+ // https://www.rfc-editor.org/rfc/rfc9500.html#section-2.1 -+ N := []byte{ -+ 0xB0, 0xF9, 0xE8, 0x19, 0x43, 0xA7, 0xAE, 0x98, -+ 0x92, 0xAA, 0xDE, 0x17, 0xCA, 0x7C, 0x40, 0xF8, -+ 0x74, 0x4F, 0xED, 0x2F, 0x81, 0x48, 0xE6, 0xC8, -+ 0xEA, 0xA2, 0x7B, 0x7D, 0x00, 0x15, 0x48, 0xFB, -+ 0x51, 0x92, 0xAB, 0x28, 0xB5, 0x6C, 0x50, 0x60, -+ 0xB1, 0x18, 0xCC, 0xD1, 0x31, 0xE5, 0x94, 0x87, -+ 0x4C, 0x6C, 0xA9, 0x89, 0xB5, 0x6C, 0x27, 0x29, -+ 0x6F, 0x09, 0xFB, 0x93, 0xA0, 0x34, 0xDF, 0x32, -+ 0xE9, 0x7C, 0x6F, 0xF0, 0x99, 0x8C, 0xFD, 0x8E, -+ 0x6F, 0x42, 0xDD, 0xA5, 0x8A, 0xCD, 0x1F, 0xA9, -+ 0x79, 0x86, 0xF1, 0x44, 0xF3, 0xD1, 0x54, 0xD6, -+ 0x76, 0x50, 0x17, 0x5E, 0x68, 0x54, 0xB3, 0xA9, -+ 0x52, 0x00, 0x3B, 0xC0, 0x68, 0x87, 0xB8, 0x45, -+ 0x5A, 0xC2, 0xB1, 0x9F, 0x7B, 0x2F, 0x76, 0x50, -+ 0x4E, 0xBC, 0x98, 0xEC, 0x94, 0x55, 0x71, 0xB0, -+ 0x78, 0x92, 0x15, 0x0D, 0xDC, 0x6A, 0x74, 0xCA, -+ 0x0F, 0xBC, 0xD3, 0x54, 0x97, 0xCE, 0x81, 0x53, -+ 0x4D, 0xAF, 0x94, 0x18, 0x84, 0x4B, 0x13, 0xAE, -+ 0xA3, 0x1F, 0x9D, 0x5A, 0x6B, 0x95, 0x57, 0xBB, -+ 0xDF, 0x61, 0x9E, 0xFD, 0x4E, 0x88, 0x7F, 0x2D, -+ 0x42, 0xB8, 0xDD, 0x8B, 0xC9, 0x87, 0xEA, 0xE1, -+ 0xBF, 0x89, 0xCA, 0xB8, 0x5E, 0xE2, 0x1E, 0x35, -+ 0x63, 0x05, 0xDF, 0x6C, 0x07, 0xA8, 0x83, 0x8E, -+ 0x3E, 0xF4, 0x1C, 0x59, 0x5D, 0xCC, 0xE4, 0x3D, -+ 0xAF, 0xC4, 0x91, 0x23, 0xEF, 0x4D, 0x8A, 0xBB, -+ 0xA9, 0x3D, 0x39, 0x05, 0xE4, 0x02, 0x8D, 0x7B, -+ 0xA9, 0x14, 0x84, 0xA2, 0x75, 0x96, 0xE0, 0x7B, -+ 0x4B, 0x6E, 0xD9, 0x92, 0xF0, 0x77, 0xB5, 0x24, -+ 0xD3, 0xDC, 0xFE, 0x7D, 0xDD, 0x55, 0x49, 0xBE, -+ 0x7C, 0xCE, 0x8D, 0xA0, 0x35, 0xCF, 0xA0, 0xB3, -+ 0xFB, 0x8F, 0x9E, 0x46, 0xF7, 0x32, 0xB2, 0xA8, -+ 0x6B, 0x46, 0x01, 0x65, 0xC0, 0x8F, 0x53, 0x13} -+ E := []byte{0x01, 0x00, 0x01} -+ d := []byte{ -+ 0x41, 0x18, 0x8B, 0x20, 0xCF, 0xDB, 0xDB, 0xC2, -+ 0xCF, 0x1F, 0xFE, 0x75, 0x2D, 0xCB, 0xAA, 0x72, -+ 0x39, 0x06, 0x35, 0x2E, 0x26, 0x15, 0xD4, 0x9D, -+ 0xCE, 0x80, 0x59, 0x7F, 0xCF, 0x0A, 0x05, 0x40, -+ 0x3B, 0xEF, 0x00, 0xFA, 0x06, 0x51, 0x82, 0xF7, -+ 0x2D, 0xEC, 0xFB, 0x59, 0x6F, 0x4B, 0x0C, 0xE8, -+ 0xFF, 0x59, 0x70, 0xBA, 0xF0, 0x7A, 0x89, 0xA5, -+ 0x19, 0xEC, 0xC8, 0x16, 0xB2, 0xF4, 0xFF, 0xAC, -+ 0x50, 0x69, 0xAF, 0x1B, 0x06, 0xBF, 0xEF, 0x7B, -+ 0xF6, 0xBC, 0xD7, 0x9E, 0x4E, 0x81, 0xC8, 0xC5, -+ 0xA3, 0xA7, 0xD9, 0x13, 0x0D, 0xC3, 0xCF, 0xBA, -+ 0xDA, 0xE5, 0xF6, 0xD2, 0x88, 0xF9, 0xAE, 0xE3, -+ 0xF6, 0xFF, 0x92, 0xFA, 0xE0, 0xF8, 0x1A, 0xF5, -+ 0x97, 0xBE, 0xC9, 0x6A, 0xE9, 0xFA, 0xB9, 0x40, -+ 0x2C, 0xD5, 0xFE, 0x41, 0xF7, 0x05, 0xBE, 0xBD, -+ 0xB4, 0x7B, 0xB7, 0x36, 0xD3, 0xFE, 0x6C, 0x5A, -+ 0x51, 0xE0, 0xE2, 0x07, 0x32, 0xA9, 0x7B, 0x5E, -+ 0x46, 0xC1, 0xCB, 0xDB, 0x26, 0xD7, 0x48, 0x54, -+ 0xC6, 0xB6, 0x60, 0x4A, 0xED, 0x46, 0x37, 0x35, -+ 0xFF, 0x90, 0x76, 0x04, 0x65, 0x57, 0xCA, 0xF9, -+ 0x49, 0xBF, 0x44, 0x88, 0x95, 0xC2, 0x04, 0x32, -+ 0xC1, 0xE0, 0x9C, 0x01, 0x4E, 0xA7, 0x56, 0x60, -+ 0x43, 0x4F, 0x1A, 0x0F, 0x3B, 0xE2, 0x94, 0xBA, -+ 0xBC, 0x5D, 0x53, 0x0E, 0x6A, 0x10, 0x21, 0x3F, -+ 0x53, 0xB6, 0x03, 0x75, 0xFC, 0x84, 0xA7, 0x57, -+ 0x3F, 0x2A, 0xF1, 0x21, 0x55, 0x84, 0xF5, 0xB4, -+ 0xBD, 0xA6, 0xD4, 0xE8, 0xF9, 0xE1, 0x7A, 0x78, -+ 0xD9, 0x7E, 0x77, 0xB8, 0x6D, 0xA4, 0xA1, 0x84, -+ 0x64, 0x75, 0x31, 0x8A, 0x7A, 0x10, 0xA5, 0x61, -+ 0x01, 0x4E, 0xFF, 0xA2, 0x3A, 0x81, 0xEC, 0x56, -+ 0xE9, 0xE4, 0x10, 0x9D, 0xEF, 0x8C, 0xB3, 0xF7, -+ 0x97, 0x22, 0x3F, 0x7D, 0x8D, 0x0D, 0x43, 0x51} -+ p := []byte{ -+ 0xDD, 0x10, 0x57, 0x02, 0x38, 0x2F, 0x23, 0x2B, -+ 0x36, 0x81, 0xF5, 0x37, 0x91, 0xE2, 0x26, 0x17, -+ 0xC7, 0xBF, 0x4E, 0x9A, 0xCB, 0x81, 0xED, 0x48, -+ 0xDA, 0xF6, 0xD6, 0x99, 0x5D, 0xA3, 0xEA, 0xB6, -+ 0x42, 0x83, 0x9A, 0xFF, 0x01, 0x2D, 0x2E, 0xA6, -+ 0x28, 0xB9, 0x0A, 0xF2, 0x79, 0xFD, 0x3E, 0x6F, -+ 0x7C, 0x93, 0xCD, 0x80, 0xF0, 0x72, 0xF0, 0x1F, -+ 0xF2, 0x44, 0x3B, 0x3E, 0xE8, 0xF2, 0x4E, 0xD4, -+ 0x69, 0xA7, 0x96, 0x13, 0xA4, 0x1B, 0xD2, 0x40, -+ 0x20, 0xF9, 0x2F, 0xD1, 0x10, 0x59, 0xBD, 0x1D, -+ 0x0F, 0x30, 0x1B, 0x5B, 0xA7, 0xA9, 0xD3, 0x63, -+ 0x7C, 0xA8, 0xD6, 0x5C, 0x1A, 0x98, 0x15, 0x41, -+ 0x7D, 0x8E, 0xAB, 0x73, 0x4B, 0x0B, 0x4F, 0x3A, -+ 0x2C, 0x66, 0x1D, 0x9A, 0x1A, 0x82, 0xF3, 0xAC, -+ 0x73, 0x4C, 0x40, 0x53, 0x06, 0x69, 0xAB, 0x8E, -+ 0x47, 0x30, 0x45, 0xA5, 0x8E, 0x65, 0x53, 0x9D} -+ q := []byte{ -+ 0xCC, 0xF1, 0xE5, 0xBB, 0x90, 0xC8, 0xE9, 0x78, -+ 0x1E, 0xA7, 0x5B, 0xEB, 0xF1, 0x0B, 0xC2, 0x52, -+ 0xE1, 0x1E, 0xB0, 0x23, 0xA0, 0x26, 0x0F, 0x18, -+ 0x87, 0x55, 0x2A, 0x56, 0x86, 0x3F, 0x4A, 0x64, -+ 0x21, 0xE8, 0xC6, 0x00, 0xBF, 0x52, 0x3D, 0x6C, -+ 0xB1, 0xB0, 0xAD, 0xBD, 0xD6, 0x5B, 0xFE, 0xE4, -+ 0xA8, 0x8A, 0x03, 0x7E, 0x3D, 0x1A, 0x41, 0x5E, -+ 0x5B, 0xB9, 0x56, 0x48, 0xDA, 0x5A, 0x0C, 0xA2, -+ 0x6B, 0x54, 0xF4, 0xA6, 0x39, 0x48, 0x52, 0x2C, -+ 0x3D, 0x5F, 0x89, 0xB9, 0x4A, 0x72, 0xEF, 0xFF, -+ 0x95, 0x13, 0x4D, 0x59, 0x40, 0xCE, 0x45, 0x75, -+ 0x8F, 0x30, 0x89, 0x80, 0x90, 0x89, 0x56, 0x58, -+ 0x8E, 0xEF, 0x57, 0x5B, 0x3E, 0x4B, 0xC4, 0xC3, -+ 0x68, 0xCF, 0xE8, 0x13, 0xEE, 0x9C, 0x25, 0x2C, -+ 0x2B, 0x02, 0xE0, 0xDF, 0x91, 0xF1, 0xAA, 0x01, -+ 0x93, 0x8D, 0x38, 0x68, 0x5D, 0x60, 0xBA, 0x6F} -+ qInv := []byte{ -+ 0x0A, 0x81, 0xD8, 0xA6, 0x18, 0x31, 0x4A, 0x80, -+ 0x3A, 0xF6, 0x1C, 0x06, 0x71, 0x1F, 0x2C, 0x39, -+ 0xB2, 0x66, 0xFF, 0x41, 0x4D, 0x53, 0x47, 0x6D, -+ 0x1D, 0xA5, 0x2A, 0x43, 0x18, 0xAA, 0xFE, 0x4B, -+ 0x96, 0xF0, 0xDA, 0x07, 0x15, 0x5F, 0x8A, 0x51, -+ 0x34, 0xDA, 0xB8, 0x8E, 0xE2, 0x9E, 0x81, 0x68, -+ 0x07, 0x6F, 0xCD, 0x78, 0xCA, 0x79, 0x1A, 0xC6, -+ 0x34, 0x42, 0xA8, 0x1C, 0xD0, 0x69, 0x39, 0x27, -+ 0xD8, 0x08, 0xE3, 0x35, 0xE8, 0xD8, 0xCB, 0xF2, -+ 0x12, 0x19, 0x07, 0x50, 0x9A, 0x57, 0x75, 0x9B, -+ 0x4F, 0x9A, 0x18, 0xFA, 0x3A, 0x7B, 0x33, 0x37, -+ 0x79, 0xED, 0xDE, 0x7A, 0x45, 0x93, 0x84, 0xF8, -+ 0x44, 0x4A, 0xDA, 0xEC, 0xFF, 0xEC, 0x95, 0xFD, -+ 0x55, 0x2B, 0x0C, 0xFC, 0xB6, 0xC7, 0xF6, 0x92, -+ 0x62, 0x6D, 0xDE, 0x1E, 0xF2, 0x68, 0xA4, 0x0D, -+ 0x2F, 0x67, 0xB5, 0xC8, 0xAA, 0x38, 0x7F, 0xF7} -+ dP := []byte{ -+ 0x09, 0xED, 0x54, 0xEA, 0xED, 0x98, 0xF8, 0x4C, -+ 0x55, 0x7B, 0x4A, 0x86, 0xBF, 0x4F, 0x57, 0x84, -+ 0x93, 0xDC, 0xBC, 0x6B, 0xE9, 0x1D, 0xA1, 0x89, -+ 0x37, 0x04, 0x04, 0xA9, 0x08, 0x72, 0x76, 0xF4, -+ 0xCE, 0x51, 0xD8, 0xA1, 0x00, 0xED, 0x85, 0x7D, -+ 0xC2, 0xB0, 0x64, 0x94, 0x74, 0xF3, 0xF1, 0x5C, -+ 0xD2, 0x4C, 0x54, 0xDB, 0x28, 0x71, 0x10, 0xE5, -+ 0x6E, 0x5C, 0xB0, 0x08, 0x68, 0x2F, 0x91, 0x68, -+ 0xAA, 0x81, 0xF3, 0x14, 0x58, 0xB7, 0x43, 0x1E, -+ 0xCC, 0x1C, 0x44, 0x90, 0x6F, 0xDA, 0x87, 0xCA, -+ 0x89, 0x47, 0x10, 0xC3, 0x71, 0xE9, 0x07, 0x6C, -+ 0x1D, 0x49, 0xFB, 0xAE, 0x51, 0x27, 0x69, 0x34, -+ 0xF2, 0xAD, 0x78, 0x77, 0x89, 0xF4, 0x2D, 0x0F, -+ 0xA0, 0xB4, 0xC9, 0x39, 0x85, 0x5D, 0x42, 0x12, -+ 0x09, 0x6F, 0x70, 0x28, 0x0A, 0x4E, 0xAE, 0x7C, -+ 0x8A, 0x27, 0xD9, 0xC8, 0xD0, 0x77, 0x2E, 0x65} -+ dQ := []byte{ -+ 0x8C, 0xB6, 0x85, 0x7A, 0x7B, 0xD5, 0x46, 0x5F, -+ 0x80, 0x04, 0x7E, 0x9B, 0x87, 0xBC, 0x00, 0x27, -+ 0x31, 0x84, 0x05, 0x81, 0xE0, 0x62, 0x61, 0x39, -+ 0x01, 0x2A, 0x5B, 0x50, 0x5F, 0x0A, 0x33, 0x84, -+ 0x7E, 0xB7, 0xB8, 0xC3, 0x28, 0x99, 0x49, 0xAD, -+ 0x48, 0x6F, 0x3B, 0x4B, 0x3D, 0x53, 0x9A, 0xB5, -+ 0xDA, 0x76, 0x30, 0x21, 0xCB, 0xC8, 0x2C, 0x1B, -+ 0xA2, 0x34, 0xA5, 0x66, 0x8D, 0xED, 0x08, 0x01, -+ 0xB8, 0x59, 0xF3, 0x43, 0xF1, 0xCE, 0x93, 0x04, -+ 0xE6, 0xFA, 0xA2, 0xB0, 0x02, 0xCA, 0xD9, 0xB7, -+ 0x8C, 0xDE, 0x5C, 0xDC, 0x2C, 0x1F, 0xB4, 0x17, -+ 0x1C, 0x42, 0x42, 0x16, 0x70, 0xA6, 0xAB, 0x0F, -+ 0x50, 0xCC, 0x4A, 0x19, 0x4E, 0xB3, 0x6D, 0x1C, -+ 0x91, 0xE9, 0x35, 0xBA, 0x01, 0xB9, 0x59, 0xD8, -+ 0x72, 0x8B, 0x9E, 0x64, 0x42, 0x6B, 0x3F, 0xC3, -+ 0xA7, 0x50, 0x6D, 0xEB, 0x52, 0x39, 0xA8, 0xA7} -+ -+ // Convert []byte to BigInt using BN_bin2bn and bnToBig -+ bytesToBigInt := func(b []byte) BigInt { -+ bn, err := ossl.BN_bin2bn(b, nil) -+ if err != nil { -+ panic(err) -+ } -+ defer ossl.BN_free(bn) -+ return bnToBig(bn) ++// XORKeyStream sets dst to the result of XORing src with the key stream. ++// Dst and src must overlap entirely or not at all. ++func (c *RC4Cipher) XORKeyStream(dst, src []byte) { ++ if c.ctx == nil || len(src) == 0 { ++ return + } -+ -+ priv, err := NewPrivateKeyRSA( -+ bytesToBigInt(N), -+ bytesToBigInt(E), -+ bytesToBigInt(d), -+ bytesToBigInt(p), -+ bytesToBigInt(q), -+ bytesToBigInt(dP), -+ bytesToBigInt(dQ), -+ bytesToBigInt(qInv), -+ ) -+ if err != nil { -+ panic("failed to create test RSA private key: " + err.Error()) ++ if inexactOverlap(dst[:len(src)], src) { ++ panic("crypto/rc4: invalid buffer overlap") + } -+ // Prevent finalization to avoid freeing OpenSSL objects. -+ runtime.SetFinalizer(priv, nil) -+ return priv._pkey -+}) -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/tls1prf.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/tls1prf.go ++ // panic if len(dst) < len(src) with a runtime out of bound error, ++ // which is what crypto/rc4 does. ++ _ = dst[len(src)-1] ++ var outLen int32 ++ if _, err := ossl.EVP_EncryptUpdate(c.ctx, base(dst), &outLen, base(src), int32(len(src))); err != nil { ++ panic("crypto/rc4: " + err.Error()) ++ } ++ if int(outLen) != len(src) { ++ panic("crypto/rc4: src not fully XORed") ++ } ++ runtime.KeepAlive(c) ++} +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rsa.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rsa.go new file mode 100644 -index 00000000000000..87fe3879ab48d3 +index 00000000000000..9731a8e2e83ac2 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/tls1prf.go -@@ -0,0 +1,157 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/rsa.go +@@ -0,0 +1,366 @@ ++//go:build !cmd_go_bootstrap + +package openssl + ++import "C" +import ( + "crypto" ++ "crypto/subtle" + "errors" + "hash" -+ "sync" ++ "runtime" + "unsafe" + + "github.com/microsoft/go-crypto-openssl/internal/ossl" +) + -+func SupportsTLS1PRF() bool { -+ switch major() { ++func GenerateKeyRSA(bits int) (N, E, D, P, Q, Dp, Dq, Qinv BigInt, err error) { ++ bad := func(e error) (N, E, D, P, Q, Dp, Dq, Qinv BigInt, err error) { ++ return nil, nil, nil, nil, nil, nil, nil, nil, e ++ } ++ pkey, err := generateEVPPKey(ossl.EVP_PKEY_RSA, int32(bits), "") ++ if err != nil { ++ return bad(err) ++ } ++ defer ossl.EVP_PKEY_free(pkey) ++ switch vMajor { + case 1: -+ return minor() >= 1 -+ case 3, 4: -+ _, err := fetchTLS1PRF3() -+ return err == nil ++ key, err := ossl.EVP_PKEY_get1_RSA(pkey) ++ if err != nil { ++ return bad(err) ++ } ++ defer ossl.RSA_free(key) ++ var n, e, d, p, q, dmp1, dmq1, iqmp ossl.BIGNUM_PTR ++ ossl.RSA_get0_key(key, &n, &e, &d) ++ ossl.RSA_get0_factors(key, &p, &q) ++ ossl.RSA_get0_crt_params(key, &dmp1, &dmq1, &iqmp) ++ N, E, D = bnToBig(n), bnToBig(e), bnToBig(d) ++ P, Q = bnToBig(p), bnToBig(q) ++ Dp, Dq, Qinv = bnToBig(dmp1), bnToBig(dmq1), bnToBig(iqmp) ++ case 3: ++ tmp, err := ossl.BN_new() ++ if err != nil { ++ return bad(err) ++ } ++ defer func() { ++ ossl.BN_clear_free(tmp) ++ }() ++ setBigInt := func(bi *BigInt, param cString) bool { ++ if err != nil { ++ return false ++ } ++ if _, err = ossl.EVP_PKEY_get_bn_param(pkey, param.ptr(), &tmp); err != nil { ++ return false ++ } ++ *bi = bnToBig(tmp) ++ ossl.BN_clear(tmp) ++ return true ++ } ++ if !(setBigInt(&N, _OSSL_PKEY_PARAM_RSA_N) && ++ setBigInt(&E, _OSSL_PKEY_PARAM_RSA_E) && ++ setBigInt(&D, _OSSL_PKEY_PARAM_RSA_D) && ++ setBigInt(&P, _OSSL_PKEY_PARAM_RSA_FACTOR1) && ++ setBigInt(&Q, _OSSL_PKEY_PARAM_RSA_FACTOR2) && ++ setBigInt(&Dp, _OSSL_PKEY_PARAM_RSA_EXPONENT1) && ++ setBigInt(&Dq, _OSSL_PKEY_PARAM_RSA_EXPONENT2) && ++ setBigInt(&Qinv, _OSSL_PKEY_PARAM_RSA_COEFFICIENT1)) { ++ return bad(err) ++ } + default: + panic(errUnsupportedVersion()) + } ++ return +} + -+// TLS1PRF implements the TLS 1.0/1.1 pseudo-random function if h is nil, -+// else it implements the TLS 1.2 pseudo-random function. -+// The pseudo-random number will be written to result and will be of length len(result). -+func TLS1PRF(result, secret, label, seed []byte, fh func() hash.Hash) error { -+ var md ossl.EVP_MD_PTR -+ if fh == nil { -+ // TLS 1.0/1.1 PRF doesn't allow to specify the hash function, -+ // it always uses MD5SHA1. If h is nil, then assume -+ // that the caller wants to use TLS 1.0/1.1 PRF. -+ // OpenSSL detects this case by checking if the hash -+ // function is MD5SHA1. -+ md = loadHash(crypto.MD5SHA1, false).md -+ } else { -+ h, err := hashFuncHash(fh) -+ if err != nil { -+ return err -+ } -+ md = hashToMD(h) -+ } -+ if md == nil { -+ return errors.New("unsupported hash function") -+ } ++type PublicKeyRSA struct { ++ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. ++ _pkey ossl.EVP_PKEY_PTR ++} + -+ switch major() { ++func NewPublicKeyRSA(n, e BigInt) (*PublicKeyRSA, error) { ++ var pkey ossl.EVP_PKEY_PTR ++ switch vMajor { + case 1: -+ return tls1PRF1(result, secret, label, seed, md) -+ case 3, 4: -+ return tls1PRF3(result, secret, label, seed, md) ++ key, err := ossl.RSA_new() ++ if err != nil { ++ return nil, err ++ } ++ // No need to check for errors here, RSA_set0_* functions will fail ++ // if the BNs are NULL and we will free non-NULL BNs in the error handling. ++ bn, _ := bigToBN(n) ++ be, _ := bigToBN(e) ++ if _, err := ossl.RSA_set0_key(key, bn, be, nil); err != nil { ++ ossl.BN_free(bn) ++ ossl.BN_free(be) ++ ossl.RSA_free(key) ++ return nil, err ++ } ++ pkey, err = ossl.EVP_PKEY_new() ++ if err != nil { ++ ossl.RSA_free(key) ++ return nil, err ++ } ++ if _, err := ossl.EVP_PKEY_assign(pkey, ossl.EVP_PKEY_RSA, (unsafe.Pointer)(key)); err != nil { ++ ossl.RSA_free(key) ++ ossl.EVP_PKEY_free(pkey) ++ return nil, err ++ } ++ case 3: ++ var err error ++ if pkey, err = newRSAKey3(false, n, e, nil, nil, nil, nil, nil, nil); err != nil { ++ return nil, err ++ } + default: -+ return errUnsupportedVersion() ++ panic(errUnsupportedVersion()) + } ++ k := &PublicKeyRSA{_pkey: pkey} ++ runtime.SetFinalizer(k, (*PublicKeyRSA).finalize) ++ return k, nil +} + -+// tls1PRF1 implements TLS1PRF for OpenSSL 1 using the EVP_PKEY API. -+func tls1PRF1(result, secret, label, seed []byte, md ossl.EVP_MD_PTR) error { -+ checkMajorVersion(1) -+ -+ ctx, err := ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_TLS1_PRF, nil) -+ if err != nil { -+ return err -+ } -+ defer func() { -+ ossl.EVP_PKEY_CTX_free(ctx) -+ }() -+ -+ if _, err := ossl.EVP_PKEY_derive_init(ctx); err != nil { -+ return err -+ } -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, -+ ossl.EVP_PKEY_OP_DERIVE, -+ ossl.EVP_PKEY_CTRL_TLS_MD, -+ 0, unsafe.Pointer(md)); err != nil { -+ return err -+ } -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, -+ ossl.EVP_PKEY_OP_DERIVE, -+ ossl.EVP_PKEY_CTRL_TLS_SECRET, -+ int32(len(secret)), unsafe.Pointer(base(secret))); err != nil { -+ return err -+ } -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, -+ ossl.EVP_PKEY_OP_DERIVE, -+ ossl.EVP_PKEY_CTRL_TLS_SEED, -+ int32(len(label)), unsafe.Pointer(base(label))); err != nil { -+ return err -+ } -+ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, -+ ossl.EVP_PKEY_OP_DERIVE, -+ ossl.EVP_PKEY_CTRL_TLS_SEED, -+ int32(len(seed)), unsafe.Pointer(base(seed))); err != nil { -+ return err -+ } -+ outLen := len(result) -+ if _, err := ossl.EVP_PKEY_derive(ctx, result, &outLen); err != nil { -+ return err -+ } -+ // The Go standard library expects TLS1PRF to return the requested number of bytes, -+ // fail if it doesn't. While there is no known situation where this will happen, -+ // EVP_PKEY_derive handles multiple algorithms and there could be a subtle mismatch -+ // after more code changes in the future. -+ if outLen != len(result) { -+ return errors.New("tls1-prf: derived less bytes than requested") -+ } -+ return nil ++func (k *PublicKeyRSA) finalize() { ++ ossl.EVP_PKEY_free(k._pkey) +} + -+// fetchTLS1PRF3 fetches the TLS1-PRF KDF algorithm. -+// It is safe to call this function concurrently. -+// The returned EVP_KDF_PTR shouldn't be freed. -+var fetchTLS1PRF3 = sync.OnceValues(func() (ossl.EVP_KDF_PTR, error) { -+ checkMajorVersion(3, 4) -+ -+ kdf, err := ossl.EVP_KDF_fetch(nil, _OSSL_KDF_NAME_TLS1_PRF.ptr(), nil) -+ if err != nil { -+ return nil, err -+ } -+ return kdf, nil -+}) -+ -+// tls1PRF3 implements TLS1PRF for OpenSSL 3 using the EVP_KDF API. -+func tls1PRF3(result, secret, label, seed []byte, md ossl.EVP_MD_PTR) error { -+ checkMajorVersion(3, 4) -+ -+ kdf, err := fetchTLS1PRF3() -+ if err != nil { -+ return err -+ } -+ ctx, err := ossl.EVP_KDF_CTX_new(kdf) -+ if err != nil { -+ return err -+ } -+ defer ossl.EVP_KDF_CTX_free(ctx) -+ -+ bld := newParamBuilder() -+ defer bld.finalize() -+ bld.addUTF8String(_OSSL_KDF_PARAM_DIGEST, ossl.EVP_MD_get0_name(md), 0) -+ bld.addOctetString(_OSSL_KDF_PARAM_SECRET, secret) -+ bld.addOctetString(_OSSL_KDF_PARAM_SEED, label) -+ bld.addOctetString(_OSSL_KDF_PARAM_SEED, seed) -+ params, err := bld.build() -+ if err != nil { -+ return err -+ } -+ defer ossl.OSSL_PARAM_free(params) -+ -+ if _, err := ossl.EVP_KDF_derive(ctx, result, params); err != nil { -+ return err -+ } -+ return nil ++func (k *PublicKeyRSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { ++ // Because of the finalizer, any time _pkey is passed to cgo, that call must ++ // be followed by a call to runtime.KeepAlive, to make sure k is not ++ // collected (and finalized) before the cgo call returns. ++ defer runtime.KeepAlive(k) ++ return f(k._pkey) +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/zaes.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/zaes.go -new file mode 100644 -index 00000000000000..ac79a864271eee ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/zaes.go -@@ -0,0 +1,87 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. + -+// Code generated by cmd/genaesmodes. DO NOT EDIT. ++type PrivateKeyRSA struct { ++ // _pkey MUST NOT be accessed directly. Instead, use the withKey method. ++ _pkey ossl.EVP_PKEY_PTR ++} + -+package openssl ++func NewPrivateKeyRSA(n, e, d, p, q, dp, dq, qinv BigInt) (*PrivateKeyRSA, error) { ++ var pkey ossl.EVP_PKEY_PTR ++ switch vMajor { ++ case 1: ++ key, err := ossl.RSA_new() ++ if err != nil { ++ return nil, err ++ } ++ // No need to check for errors here, RSA_set0_* functions will fail ++ // if the BNs are NULL and we will free non-NULL BNs in the error handling. ++ bn, _ := bigToBN(n) ++ be, _ := bigToBN(e) ++ bd, _ := bigToBN(d) ++ if _, err := ossl.RSA_set0_key(key, bn, be, bd); err != nil { ++ ossl.BN_free(bn) ++ ossl.BN_free(be) ++ ossl.BN_clear_free(bd) ++ return nil, err ++ } ++ if p != nil && q != nil { ++ bp, _ := bigToBN(p) ++ bq, _ := bigToBN(q) ++ if _, err := ossl.RSA_set0_factors(key, bp, bq); err != nil { ++ ossl.BN_clear_free(bp) ++ ossl.BN_clear_free(bq) ++ return nil, err ++ } ++ } ++ if dp != nil && dq != nil && qinv != nil { ++ bdp, _ := bigToBN(dp) ++ bdq, _ := bigToBN(dq) ++ bqinv, _ := bigToBN(qinv) ++ if _, err := ossl.RSA_set0_crt_params(key, bdp, bdq, bqinv); err != nil { ++ ossl.BN_free(bdp) ++ ossl.BN_free(bdq) ++ ossl.BN_free(bqinv) ++ return nil, err ++ } ++ } ++ pkey, err = ossl.EVP_PKEY_new() ++ if err != nil { ++ ossl.RSA_free(key) ++ return nil, err ++ } ++ if _, err := ossl.EVP_PKEY_assign(pkey, ossl.EVP_PKEY_RSA, (unsafe.Pointer)(key)); err != nil { ++ ossl.RSA_free(key) ++ ossl.EVP_PKEY_free(pkey) ++ return nil, err ++ } ++ case 3: ++ var err error ++ if pkey, err = newRSAKey3(true, n, e, d, p, q, dp, dq, qinv); err != nil { ++ return nil, err ++ } ++ default: ++ panic(errUnsupportedVersion()) ++ } ++ k := &PrivateKeyRSA{_pkey: pkey} ++ runtime.SetFinalizer(k, (*PrivateKeyRSA).finalize) ++ return k, nil ++} + -+import "crypto/cipher" ++func (k *PrivateKeyRSA) finalize() { ++ ossl.EVP_PKEY_free(k._pkey) ++} + -+type cipherWithCBC struct { -+ aesCipher ++func (k *PrivateKeyRSA) withKey(f func(ossl.EVP_PKEY_PTR) error) error { ++ // Because of the finalizer, any time _pkey is passed to cgo, that call must ++ // be followed by a call to runtime.KeepAlive, to make sure k is not ++ // collected (and finalized) before the cgo call returns. ++ defer runtime.KeepAlive(k) ++ return f(k._pkey) +} + -+type cipherWithCTR struct { -+ aesCipher ++func DecryptRSAOAEP(h, mgfHash hash.Hash, priv *PrivateKeyRSA, ciphertext, label []byte) ([]byte, error) { ++ return evpDecrypt(priv.withKey, ossl.RSA_PKCS1_OAEP_PADDING, h, mgfHash, label, ciphertext) +} + -+type cipherWithCBC_CTR struct { -+ aesCipher -+ cipherWithCBC -+ cipherWithCTR ++func EncryptRSAOAEP(h, mgfHash hash.Hash, pub *PublicKeyRSA, msg, label []byte) ([]byte, error) { ++ return evpEncrypt(pub.withKey, ossl.RSA_PKCS1_OAEP_PADDING, h, mgfHash, label, msg) +} + -+type cipherWithGCM struct { -+ aesCipher ++func DecryptRSAPKCS1(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error) { ++ return evpDecrypt(priv.withKey, ossl.RSA_PKCS1_PADDING, nil, nil, nil, ciphertext) +} + -+type cipherWithCBC_GCM struct { -+ aesCipher -+ cipherWithCBC -+ cipherWithGCM ++func EncryptRSAPKCS1(pub *PublicKeyRSA, msg []byte) ([]byte, error) { ++ return evpEncrypt(pub.withKey, ossl.RSA_PKCS1_PADDING, nil, nil, nil, msg) +} + -+type cipherWithCTR_GCM struct { -+ aesCipher -+ cipherWithCTR -+ cipherWithGCM ++func DecryptRSANoPadding(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error) { ++ ret, err := evpDecrypt(priv.withKey, ossl.RSA_NO_PADDING, nil, nil, nil, ciphertext) ++ if err != nil { ++ return nil, err ++ } ++ // We could return here, but the Go standard library test expects DecryptRSANoPadding to verify the result ++ // in order to defend against errors in the CRT computation. ++ // ++ // The following code tries to replicate the verification implemented in the upstream function decryptAndCheck, found at ++ // https://github.com/golang/go/blob/9de1ac6ac2cad3871760d0aa288f5ca713afd0a6/src/crypto/rsa/rsa.go#L569-L582. ++ pub := &PublicKeyRSA{_pkey: priv._pkey} ++ // A private EVP_PKEY can be used as a public key as it contains the public information. ++ enc, err := EncryptRSANoPadding(pub, ret) ++ if err != nil { ++ return nil, err ++ } ++ // Upstream does not do a constant time comparison because it works with math/big instead of byte slices, ++ // and math/big does not support constant-time arithmetic yet. See #20654 for more info. ++ if subtle.ConstantTimeCompare(ciphertext, enc) != 1 { ++ return nil, errors.New("rsa: internal error") ++ } ++ return ret, nil +} + -+type cipherWithCBC_CTR_GCM struct { -+ aesCipher -+ cipherWithCBC -+ cipherWithCTR -+ cipherWithGCM ++func EncryptRSANoPadding(pub *PublicKeyRSA, msg []byte) ([]byte, error) { ++ return evpEncrypt(pub.withKey, ossl.RSA_NO_PADDING, nil, nil, nil, msg) +} + -+func newAESBlock(c *evpCipher, kind cipherKind) cipher.Block { -+ aes := aesCipher{c} -+ var block cipher.Block -+ supportsCBC := loadCipher(kind, cipherModeCBC) != nil -+ supportsCTR := loadCipher(kind, cipherModeCTR) != nil -+ supportsGCM := loadCipher(kind, cipherModeGCM) != nil -+ switch { -+ case !supportsCBC && !supportsCTR && !supportsGCM: -+ block = aes -+ case supportsCBC && !supportsCTR && !supportsGCM: -+ block = cipherWithCBC{aes} -+ case !supportsCBC && supportsCTR && !supportsGCM: -+ block = cipherWithCTR{aes} -+ case supportsCBC && supportsCTR && !supportsGCM: -+ block = cipherWithCBC_CTR{aes, -+ cipherWithCBC{aes}, -+ cipherWithCTR{aes}, -+ } -+ case !supportsCBC && !supportsCTR && supportsGCM: -+ block = cipherWithGCM{aes} -+ case supportsCBC && !supportsCTR && supportsGCM: -+ block = cipherWithCBC_GCM{aes, -+ cipherWithCBC{aes}, -+ cipherWithGCM{aes}, -+ } -+ case !supportsCBC && supportsCTR && supportsGCM: -+ block = cipherWithCTR_GCM{aes, -+ cipherWithCTR{aes}, -+ cipherWithGCM{aes}, -+ } -+ case supportsCBC && supportsCTR && supportsGCM: -+ block = cipherWithCBC_CTR_GCM{aes, -+ cipherWithCBC{aes}, -+ cipherWithCTR{aes}, -+ cipherWithGCM{aes}, ++func saltLength(saltLen int, sign bool) (int32, error) { ++ // A salt length of -2 is valid in OpenSSL, but not in crypto/rsa, so reject ++ // it, and lengths < -2, before we convert to the OpenSSL sentinel values. ++ if saltLen <= -2 { ++ return 0, errors.New("crypto/rsa: invalid PSS salt length") ++ } ++ // OpenSSL uses sentinel salt length values like Go crypto does, ++ // but the values don't fully match for rsa.PSSSaltLengthAuto (0). ++ if saltLen == 0 { ++ if sign { ++ if vMajor == 1 { ++ // OpenSSL 1.x uses -2 to mean maximal size when signing where Go crypto uses 0. ++ return ossl.RSA_PSS_SALTLEN_MAX_SIGN, nil ++ } ++ // OpenSSL 3.x deprecated RSA_PSS_SALTLEN_MAX_SIGN ++ // and uses -3 to mean maximal size when signing where Go crypto uses 0. ++ return ossl.RSA_PSS_SALTLEN_MAX, nil + } -+ default: -+ panic("unreachable") ++ // OpenSSL uses -2 to mean auto-detect size when verifying where Go crypto uses 0. ++ return ossl.RSA_PSS_SALTLEN_AUTO, nil + } -+ return block ++ return int32(saltLen), nil +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/fips.go b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/fips.go -new file mode 100644 -index 00000000000000..2084b384b9f3a9 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/fips.go -@@ -0,0 +1,69 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. + -+package osslsetup ++func SignRSAPSS(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte, saltLen int) ([]byte, error) { ++ cSaltLen, err := saltLength(saltLen, true) ++ if err != nil { ++ return nil, err ++ } ++ return evpSign(priv.withKey, ossl.RSA_PKCS1_PSS_PADDING, cSaltLen, h, hashed) ++} + -+import ( -+ "unsafe" ++func VerifyRSAPSS(pub *PublicKeyRSA, h crypto.Hash, hashed, sig []byte, saltLen int) error { ++ cSaltLen, err := saltLength(saltLen, false) ++ if err != nil { ++ return err ++ } ++ return evpVerify(pub.withKey, ossl.RSA_PKCS1_PSS_PADDING, cSaltLen, h, sig, hashed) ++} + -+ "github.com/microsoft/go-crypto-openssl/internal/ossl" -+) ++func SignRSAPKCS1v15(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte) ([]byte, error) { ++ return evpSign(priv.withKey, ossl.RSA_PKCS1_PADDING, 0, h, hashed) ++} + -+// cString is a null-terminated string, -+// akin to C's char*. -+type cString string ++func HashSignRSAPKCS1v15(priv *PrivateKeyRSA, h crypto.Hash, msg []byte) ([]byte, error) { ++ return evpHashSign(priv.withKey, h, msg) ++} + -+// ptr returns a pointer to the string data. -+// It panics if the string is not null-terminated. -+// -+// The memory pointed to by the returned pointer should -+// not be modified and it must only be passed to -+// "const char*" parameters. Any attempt to modify it -+// will result in a runtime panic, as Go strings are -+// allocated in read-only memory. -+func (s cString) ptr() *byte { -+ if len(s) == 0 { ++func VerifyRSAPKCS1v15(pub *PublicKeyRSA, h crypto.Hash, hashed, sig []byte) error { ++ defer runtime.KeepAlive(pub) ++ var size int32 ++ if err := pub.withKey(func(pkey ossl.EVP_PKEY_PTR) (err error) { ++ size, err = ossl.EVP_PKEY_get_size(pkey) ++ if err != nil { ++ return err ++ } ++ if len(sig) < int(size) { ++ return errors.New("crypto/rsa: verification error") ++ } + return nil ++ }); err != nil { ++ return err + } -+ if s[len(s)-1] != 0 { -+ panic("must be null-terminated") -+ } -+ return unsafe.StringData(string(s)) ++ return evpVerify(pub.withKey, ossl.RSA_PKCS1_PADDING, 0, h, sig, hashed) +} + -+const ( -+ _ProviderNameFips cString = "fips\x00" -+ _DigestNameSHA2_256 cString = "SHA2-256\x00" -+) ++func HashVerifyRSAPKCS1v15(pub *PublicKeyRSA, h crypto.Hash, msg, sig []byte) error { ++ return evpHashVerify(pub.withKey, h, msg, sig) ++} + -+// FIPS returns true if the provider used by default matches the `fips=yes` query. -+// It is useful for checking whether OpenSSL is capable of running in FIPS mode regardless -+// of whether the `fips=yes` query is explicitly enabled. For example, Azure Linux 3 doesn't set the -+// `fips=yes` query in the default properties, but sets the default provider to be SCOSSL, -+// which is FIPS-capable. -+func FIPS() bool { -+ switch vMajor { -+ case 1: -+ return ossl.FIPS_mode() == 1 -+ default: -+ // Load the provider with and without the `fips=yes` query. -+ // If the providers are the same, then the default provider is FIPS-capable. -+ provFIPS := sha256Provider(_ProviderNameFips) -+ if provFIPS == nil { -+ return false ++func newRSAKey3(isPriv bool, n, e, d, p, q, dp, dq, qinv BigInt) (ossl.EVP_PKEY_PTR, error) { ++ bld, err := newParamBuilder() ++ if err != nil { ++ return nil, err ++ } ++ defer bld.finalize() ++ ++ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_N, n, false) ++ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_E, e, false) ++ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_D, d, false) ++ ++ if p != nil && q != nil { ++ allPrecomputedExists := dp != nil && dq != nil && qinv != nil ++ // The precomputed values should only be passed if P and Q are present ++ // and every precomputed value is present. (If any precomputed value is ++ // missing, don't pass any of them.) ++ // ++ // In OpenSSL 3.0 and 3.1, we must also omit P and Q if any precomputed ++ // value is missing. See https://github.com/openssl/openssl/pull/22334 ++ if vMinor >= 2 || allPrecomputedExists { ++ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_FACTOR1, p, true) ++ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_FACTOR2, q, true) ++ } ++ if allPrecomputedExists { ++ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_EXPONENT1, dp, true) ++ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_EXPONENT2, dq, true) ++ bld.addBigInt(_OSSL_PKEY_PARAM_RSA_COEFFICIENT1, qinv, true) + } -+ provDefault := sha256Provider("") -+ return provFIPS == provDefault + } -+} + -+// sha256Provider returns the provider for the SHA-256 algorithm -+// using the given properties. -+func sha256Provider(props cString) ossl.OSSL_PROVIDER_PTR { -+ md, _ := ossl.EVP_MD_fetch(nil, _DigestNameSHA2_256.ptr(), props.ptr()) -+ if md == nil { -+ return nil ++ params, err := bld.build() ++ if err != nil { ++ return nil, err + } -+ defer ossl.EVP_MD_free(md) -+ return ossl.EVP_MD_get0_provider(md) ++ defer ossl.OSSL_PARAM_free(params) ++ selection := ossl.EVP_PKEY_PUBLIC_KEY ++ if isPriv { ++ selection = ossl.EVP_PKEY_KEYPAIR ++ } ++ return newEvpFromParams(ossl.EVP_PKEY_RSA, int32(selection), params) +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init.go b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init.go +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/tls1prf.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/tls1prf.go new file mode 100644 -index 00000000000000..720a446838ea7d +index 00000000000000..a5e24cff4f068c --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init.go -@@ -0,0 +1,170 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/tls1prf.go +@@ -0,0 +1,159 @@ ++//go:build !cmd_go_bootstrap + -+package osslsetup ++package openssl + ++import "C" +import ( ++ "crypto" + "errors" ++ "hash" ++ "sync" + "unsafe" + + "github.com/microsoft/go-crypto-openssl/internal/ossl" +) + -+// osslHandle is the handle to the OpenSSL shared library loaded in the [Init] function. -+var osslHandle unsafe.Pointer -+ -+// opensslInit loads and initializes OpenSSL. -+// -+// See [Init] for details about file. -+func opensslInit(file string) error { -+ // Load the OpenSSL shared library using dlopen. -+ handle, close, err := openLibrary(file) -+ if err != nil { -+ return err ++func SupportsTLS1PRF() bool { ++ switch vMajor { ++ case 1: ++ return vMinor >= 1 ++ case 3: ++ _, err := fetchTLS1PRF3() ++ return err == nil ++ default: ++ panic(errUnsupportedVersion()) + } ++} + -+ ossl.MkcgoLoad_(handle) -+ if vMajor == 1 { -+ ossl.MkcgoLoad_legacy_1(handle) ++// TLS1PRF implements the TLS 1.0/1.1 pseudo-random function if h is nil, ++// else it implements the TLS 1.2 pseudo-random function. ++// The pseudo-random number will be written to result and will be of length len(result). ++func TLS1PRF(result, secret, label, seed []byte, fh func() hash.Hash) error { ++ var md ossl.EVP_MD_PTR ++ if fh == nil { ++ // TLS 1.0/1.1 PRF doesn't allow to specify the hash function, ++ // it always uses MD5SHA1. If h is nil, then assume ++ // that the caller wants to use TLS 1.0/1.1 PRF. ++ // OpenSSL detects this case by checking if the hash ++ // function is MD5SHA1. ++ md = loadHash(crypto.MD5SHA1).md + } else { -+ ossl.MkcgoLoad_3(handle) -+ if vMajor > 3 || (vMajor == 3 && vMinor >= 3) { -+ ossl.MkcgoLoad_33(handle) ++ h, err := hashFuncHash(fh) ++ if err != nil { ++ return err + } ++ md = hashToMD(h) + } -+ -+ // Initialize OpenSSL. -+ ossl.OPENSSL_init() -+ if _, err = ossl.OPENSSL_init_crypto( -+ ossl.OPENSSL_INIT_ADD_ALL_CIPHERS| -+ ossl.OPENSSL_INIT_ADD_ALL_DIGESTS| -+ ossl.OPENSSL_INIT_LOAD_CONFIG| -+ ossl.OPENSSL_INIT_LOAD_CRYPTO_STRINGS, -+ nil); err != nil { -+ close() -+ return err ++ if md == nil { ++ return errors.New("unsupported hash function") + } -+ osslHandle = handle -+ return nil -+} + -+// initForCheckVersion loads and initialize only the -+// functions required in [CheckVersion]. -+// It returns a close function that must be called to release the resources. -+// -+// This function modifies the vMajor, vMinor, and vPatch global variables as -+// well as other internal global variables that facilitate OpenSSL calls. -+// -+// If the function succeeds, calling the close function restores the previous -+// state of the global variables. If it fails, the global variables are restored -+// before returning. -+func initForCheckVersion(file string) (func(), error) { -+ prevMajor, prevMinor, prevPatch := vMajor, vMinor, vPatch -+ restoreVersion := func() { -+ vMajor, vMinor, vPatch = prevMajor, prevMinor, prevPatch -+ } -+ handle, close, err := openLibrary(file) -+ if err != nil { -+ restoreVersion() -+ return nil, err -+ } -+ initFuncs := func() (loadX func(unsafe.Pointer), unloadX func()) { -+ switch vMajor { -+ case 1: -+ loadX = ossl.MkcgoLoad_init_1 -+ unloadX = ossl.MkcgoUnload_init_1 -+ default: -+ if vMajor < 3 { -+ // openLibrary should have already rejected this. -+ panic(errUnsupportedVersion()) -+ } -+ // Any 3+ major uses the OpenSSL 3 init shim: 3+ guarantees -+ // ABI/API compatibility within the same major. -+ loadX = ossl.MkcgoLoad_init_3 -+ unloadX = ossl.MkcgoUnload_init_3 -+ } -+ return ++ switch vMajor { ++ case 1: ++ return tls1PRF1(result, secret, label, seed, md) ++ case 3: ++ return tls1PRF3(result, secret, label, seed, md) ++ default: ++ return errUnsupportedVersion() + } -+ loadX, unloadX := initFuncs() -+ loadX(handle) -+ return func() { -+ restoreVersion() -+ close() -+ unloadX() -+ if osslHandle != nil { -+ // If osslHandle is not nil, it means that the library was already loaded -+ // and initialized. In this case, we need to reload the functions from -+ // the original handle. -+ loadX, _ = initFuncs() -+ loadX(osslHandle) -+ } -+ }, nil +} + -+// openLibrary loads and initialize the version of OpenSSL. -+// It returns the handle to the OpenSSL shared library -+// and a function that can be called to release the resources. -+func openLibrary(file string) (handle unsafe.Pointer, close func(), err error) { -+ vMajor, vMinor, vPatch = 0, 0, 0 -+ handle, err = dlopen(file) ++// tls1PRF1 implements TLS1PRF for OpenSSL 1 using the EVP_PKEY API. ++func tls1PRF1(result, secret, label, seed []byte, md ossl.EVP_MD_PTR) error { ++ checkMajorVersion(1) ++ ++ ctx, err := ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_TLS1_PRF, nil) + if err != nil { -+ return nil, nil, err -+ } -+ // Retrieve the loaded OpenSSL version and check if it is supported. -+ // Notice that major and minor could not match with the version parameter -+ // in case the name of the shared library file differs from the OpenSSL -+ // version it contains. -+ ossl.MkcgoLoad_version(handle) -+ close = func() { -+ dlclose(handle) -+ if osslHandle == nil { -+ ossl.MkcgoUnload_version() -+ } else { -+ ossl.MkcgoLoad_version(osslHandle) -+ } ++ return err + } + defer func() { -+ if err != nil { -+ close() -+ } ++ ossl.EVP_PKEY_CTX_free(ctx) + }() + -+ if ossl.OPENSSL_version_major_Available() && -+ ossl.OPENSSL_version_minor_Available() && -+ ossl.OPENSSL_version_patch_Available() { -+ // Likely OpenSSL 3 or later. -+ vMajor = int(ossl.OPENSSL_version_major()) -+ vMinor = int(ossl.OPENSSL_version_minor()) -+ vPatch = int(ossl.OPENSSL_version_patch()) -+ } else if ossl.OpenSSL_version_num_Available() { -+ // Likely OpenSSL 1. -+ ver := ossl.OpenSSL_version_num() -+ vMajor = int(ver >> 28) -+ vMinor = int(ver >> 20 & 0xFF) -+ vPatch = int(ver >> 12 & 0xFF) -+ } else { -+ return handle, nil, errors.New("openssl: version not available") ++ if _, err := ossl.EVP_PKEY_derive_init(ctx); err != nil { ++ return err + } -+ var supported bool -+ switch vMajor { -+ case 1: -+ supported = vMinor == 1 && vPatch >= 1 -+ default: -+ // 3+ guarantees ABI/API compatibility within the same major, -+ // so any tested major is supported. Untested 3+ majors require -+ // GODEBUG=ms_opensslallowuntested=1. -+ for _, m := range testedMajors { -+ if vMajor == m { -+ supported = true -+ break -+ } -+ } -+ if !supported && vMajor >= 3 && allowUntestedMajor() { -+ supported = true -+ } ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, ++ ossl.EVP_PKEY_OP_DERIVE, ++ ossl.EVP_PKEY_CTRL_TLS_MD, ++ 0, unsafe.Pointer(md)); err != nil { ++ return err + } -+ if !supported { -+ return handle, nil, errUnsupportedVersion() ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, ++ ossl.EVP_PKEY_OP_DERIVE, ++ ossl.EVP_PKEY_CTRL_TLS_SECRET, ++ int32(len(secret)), unsafe.Pointer(base(secret))); err != nil { ++ return err + } -+ return handle, close, nil -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_cgo_unix.go b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_cgo_unix.go -new file mode 100644 -index 00000000000000..45903c12e802df ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_cgo_unix.go -@@ -0,0 +1,34 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+//go:build unix -+ -+package osslsetup -+ -+// #cgo LDFLAGS: -ldl -+// #include -+// #include -+import "C" -+import ( -+ "errors" -+ "unsafe" -+) -+ -+func dlopen(file string) (handle unsafe.Pointer, err error) { -+ cv := C.CString(file) -+ defer C.free(unsafe.Pointer(cv)) -+ handle = C.dlopen(cv, C.RTLD_LAZY|C.RTLD_LOCAL) -+ if handle == nil { -+ errstr := C.GoString(C.dlerror()) -+ return nil, errors.New("openssl: can't load " + file + ": " + errstr) ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, ++ ossl.EVP_PKEY_OP_DERIVE, ++ ossl.EVP_PKEY_CTRL_TLS_SEED, ++ int32(len(label)), unsafe.Pointer(base(label))); err != nil { ++ return err + } -+ return handle, nil -+} -+ -+func dlclose(handle unsafe.Pointer) error { -+ if C.dlclose(handle) != 0 { -+ errstr := C.GoString(C.dlerror()) -+ return errors.New("openssl: can't close libcrypto: " + errstr) ++ if _, err := ossl.EVP_PKEY_CTX_ctrl(ctx, -1, ++ ossl.EVP_PKEY_OP_DERIVE, ++ ossl.EVP_PKEY_CTRL_TLS_SEED, ++ int32(len(seed)), unsafe.Pointer(base(seed))); err != nil { ++ return err ++ } ++ outLen := len(result) ++ if _, err := ossl.EVP_PKEY_derive(ctx, base(result), &outLen); err != nil { ++ return err ++ } ++ // The Go standard library expects TLS1PRF to return the requested number of bytes, ++ // fail if it doesn't. While there is no known situation where this will happen, ++ // EVP_PKEY_derive handles multiple algorithms and there could be a subtle mismatch ++ // after more code changes in the future. ++ if outLen != len(result) { ++ return errors.New("tls1-prf: derived less bytes than requested") + } + return nil +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_nocgo_unix.go b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_nocgo_unix.go -new file mode 100644 -index 00000000000000..e91d5df6b7685a ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_nocgo_unix.go -@@ -0,0 +1,35 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+//go:build unix && !cgo && (go1.27 || !s390x) + -+package osslsetup ++// fetchTLS1PRF3 fetches the TLS1-PRF KDF algorithm. ++// It is safe to call this function concurrently. ++// The returned EVP_KDF_PTR shouldn't be freed. ++var fetchTLS1PRF3 = sync.OnceValues(func() (ossl.EVP_KDF_PTR, error) { ++ checkMajorVersion(3) + -+import ( -+ "errors" -+ "runtime" -+ "unsafe" ++ kdf, err := ossl.EVP_KDF_fetch(nil, _OSSL_KDF_NAME_TLS1_PRF.ptr(), nil) ++ if err != nil { ++ return nil, err ++ } ++ return kdf, nil ++}) + -+ "github.com/microsoft/go-crypto-openssl/internal/ossl" -+) ++// tls1PRF3 implements TLS1PRF for OpenSSL 3 using the EVP_KDF API. ++func tls1PRF3(result, secret, label, seed []byte, md ossl.EVP_MD_PTR) error { ++ checkMajorVersion(3) + -+func dlopen(file string) (handle unsafe.Pointer, err error) { -+ const RTLD_LAZY = 1 -+ var RTLD_LOCAL = 0 -+ if runtime.GOOS == "darwin" { -+ RTLD_LOCAL = 4 // darwin uses 4 as RTLD_LOCAL ++ kdf, err := fetchTLS1PRF3() ++ if err != nil { ++ return err + } -+ handle = ossl.Dlopen(unsafe.StringData(file+"\x00"), int32(RTLD_LAZY|RTLD_LOCAL)) -+ if handle == nil { -+ return nil, errors.New("openssl: can't load " + file + ": " + goString(ossl.Dlerror())) ++ ctx, err := ossl.EVP_KDF_CTX_new(kdf) ++ if err != nil { ++ return err + } -+ return handle, nil -+} ++ defer ossl.EVP_KDF_CTX_free(ctx) + -+func dlclose(handle unsafe.Pointer) error { -+ if ossl.Dlclose(handle) != 0 { -+ errstr := goString(ossl.Dlerror()) -+ return errors.New("openssl: can't close libcrypto: " + errstr) ++ bld, err := newParamBuilder() ++ if err != nil { ++ return err + } -+ return nil -+} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_windows.go b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_windows.go -new file mode 100644 -index 00000000000000..312dfc88d7f311 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/init_windows.go -@@ -0,0 +1,37 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+package osslsetup -+ -+import ( -+ "syscall" -+ "unsafe" -+) -+ -+type dlopenError struct { -+ file string -+ err error -+} -+ -+func (e *dlopenError) Error() string { -+ return "openssl: can't load " + e.file + ": " + e.err.Error() -+} -+ -+func (e *dlopenError) Unwrap() error { -+ return e.err -+} -+ -+func dlopen(file string) (handle unsafe.Pointer, err error) { -+ // As Windows generally does not ship with a system OpenSSL library, let -+ // alone a FIPS 140 certified one, use the default library search order so -+ // that we preferentially load the DLL bundled with the application. -+ h, err := syscall.LoadLibrary(file) ++ bld.addUTF8String(_OSSL_KDF_PARAM_DIGEST, ossl.EVP_MD_get0_name(md), 0) ++ bld.addOctetString(_OSSL_KDF_PARAM_SECRET, secret) ++ bld.addOctetString(_OSSL_KDF_PARAM_SEED, label) ++ bld.addOctetString(_OSSL_KDF_PARAM_SEED, seed) ++ params, err := bld.build() + if err != nil { -+ return nil, &dlopenError{file: file, err: err} ++ return err + } -+ return unsafe.Pointer(h), nil -+} ++ defer ossl.OSSL_PARAM_free(params) + -+func dlclose(handle unsafe.Pointer) error { -+ return syscall.FreeLibrary(syscall.Handle(handle)) ++ if _, err := ossl.EVP_KDF_derive(ctx, base(result), len(result), params); err != nil { ++ return err ++ } ++ return nil +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup.go b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup.go +diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/zaes.go b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/zaes.go new file mode 100644 -index 00000000000000..189335d93c80f8 +index 00000000000000..e60a5dde390be6 --- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup.go -@@ -0,0 +1,109 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+package osslsetup -+ -+import ( -+ "errors" -+ "strconv" -+ "sync" -+ "syscall" -+ -+ "github.com/microsoft/go-crypto-openssl/internal/ossl" -+) -+ -+var ( -+ vMajor, vMinor, vPatch int -+) -+ -+// testedMajors lists the OpenSSL major versions this backend has been -+// tested against. [openLibrary] rejects majors not in this list unless -+// GODEBUG=ms_opensslallowuntested=1 is set. OpenSSL 1 is supported only -+// at 1.1.1+; that minor/patch constraint is enforced separately in -+// [openLibrary]. -+var testedMajors = [...]int{1, 3, 4} -+ -+// allowUntestedMajor reports whether the user has set -+// GODEBUG=ms_opensslallowuntested=1. The "ms_" prefix marks this as a -+// Microsoft-defined GODEBUG so it will not collide with upstream Go. -+var allowUntestedMajor = sync.OnceValue(func() bool { -+ godebug, _ := syscall.Getenv("GODEBUG") -+ return godebugAllowUntested(godebug) -+}) ++++ b/src/vendor/github.com/microsoft/go-crypto-openssl/openssl/zaes.go +@@ -0,0 +1,86 @@ ++// Code generated by cmd/genaesmodes. DO NOT EDIT. + -+// godebugAllowUntested reports whether the comma-separated GODEBUG string -+// contains ms_opensslallowuntested=1. Matches internal/godebug parsing: -+// no whitespace trimming. -+func godebugAllowUntested(godebug string) bool { -+ const key = "ms_opensslallowuntested=1" -+ var start int = 0 -+ for i := 0; i <= len(godebug); i++ { -+ if i < len(godebug) && godebug[i] != ',' { -+ continue -+ } -+ if godebug[start:i] == key { -+ return true -+ } -+ start = i + 1 -+ } -+ return false -+} ++//go:build cgo && !cmd_go_bootstrap + -+func VersionMajor() int { -+ return vMajor -+} ++package openssl + -+func VersionMinor() int { -+ return vMinor -+} ++import "crypto/cipher" + -+func VersionPatch() int { -+ return vPatch ++type cipherWithCBC struct { ++ aesCipher +} + -+func utoa(n int) string { -+ return strconv.FormatUint(uint64(n), 10) ++type cipherWithCTR struct { ++ aesCipher +} + -+func errUnsupportedVersion() error { -+ return errors.New("openssl: unsupported OpenSSL version: " + utoa(vMajor) + "." + utoa(vMinor) + "." + utoa(vPatch) + " (minimum supported version is 1.1.1)") ++type cipherWithCBC_CTR struct { ++ aesCipher ++ cipherWithCBC ++ cipherWithCTR +} + -+var ( -+ initOnce sync.Once -+ initErr error -+) -+ -+// Init loads and initializes OpenSSL from the shared library at path. -+// It must be called before any other OpenSSL call, except CheckVersion. -+// -+// Only the first call to Init is effective. -+// Subsequent calls will return the same error result as the one from the first call. -+// -+// The file is passed to dlopen() verbatim to load the OpenSSL shared library. -+// For example, `file=libcrypto.so.1.1.1k-fips` makes Init look for the shared -+// library libcrypto.so.1.1.1k-fips. -+func Init(file string) error { -+ initOnce.Do(func() { -+ initErr = opensslInit(file) -+ }) -+ return initErr ++type cipherWithGCM struct { ++ aesCipher +} + -+// VersionText returns the version text of the OpenSSL currently loaded. -+func VersionText() string { -+ return goString(ossl.OpenSSL_version(0)) ++type cipherWithCBC_GCM struct { ++ aesCipher ++ cipherWithCBC ++ cipherWithGCM +} + -+// CheckVersion checks if the OpenSSL version can be loaded -+// and if the FIPS mode is enabled. -+// This function can be called before Init. -+// All OpenSSL functions used in here should be tagged with "init_1" or "init_3" in shims.h. -+func CheckVersion(version string) (exists, fips bool) { -+ close, err := initForCheckVersion(version) -+ if err != nil { -+ return false, false -+ } -+ defer close() -+ return true, FIPS() ++type cipherWithCTR_GCM struct { ++ aesCipher ++ cipherWithCTR ++ cipherWithGCM +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup_cgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup_cgo.go -new file mode 100644 -index 00000000000000..079fbceb2cdc56 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup_cgo.go -@@ -0,0 +1,12 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+package osslsetup -+ -+import "C" -+import "unsafe" + -+// goString converts a C string pointer to a Go string for cgo mode -+func goString(ptr *byte) string { -+ return C.GoString((*C.char)(unsafe.Pointer(ptr))) ++type cipherWithCBC_CTR_GCM struct { ++ aesCipher ++ cipherWithCBC ++ cipherWithCTR ++ cipherWithGCM +} -diff --git a/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup_nocgo.go b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup_nocgo.go -new file mode 100644 -index 00000000000000..fe075ff0822c29 ---- /dev/null -+++ b/src/vendor/github.com/microsoft/go-crypto-openssl/osslsetup/osslsetup_nocgo.go -@@ -0,0 +1,24 @@ -+// Copyright (c) Microsoft Corporation. -+// Licensed under the MIT License. -+ -+//go:build !cgo -+ -+package osslsetup + -+import "unsafe" -+ -+// goString converts a C string pointer to a Go string for nocgo mode -+func goString(ptr *byte) string { -+ if ptr == nil { -+ return "" -+ } -+ var result []byte -+ for i := 0; ; i++ { -+ b := *(*byte)(unsafe.Pointer(uintptr(unsafe.Pointer(ptr)) + uintptr(i))) -+ if b == 0 { -+ break ++func newAESBlock(c *evpCipher, kind cipherKind) cipher.Block { ++ aes := aesCipher{c} ++ var block cipher.Block ++ supportsCBC := loadCipher(kind, cipherModeCBC) != nil ++ supportsCTR := loadCipher(kind, cipherModeCTR) != nil ++ supportsGCM := loadCipher(kind, cipherModeGCM) != nil ++ switch { ++ case !supportsCBC && !supportsCTR && !supportsGCM: ++ block = aes ++ case supportsCBC && !supportsCTR && !supportsGCM: ++ block = cipherWithCBC{aes} ++ case !supportsCBC && supportsCTR && !supportsGCM: ++ block = cipherWithCTR{aes} ++ case supportsCBC && supportsCTR && !supportsGCM: ++ block = cipherWithCBC_CTR{aes, ++ cipherWithCBC{aes}, ++ cipherWithCTR{aes}, ++ } ++ case !supportsCBC && !supportsCTR && supportsGCM: ++ block = cipherWithGCM{aes} ++ case supportsCBC && !supportsCTR && supportsGCM: ++ block = cipherWithCBC_GCM{aes, ++ cipherWithCBC{aes}, ++ cipherWithGCM{aes}, ++ } ++ case !supportsCBC && supportsCTR && supportsGCM: ++ block = cipherWithCTR_GCM{aes, ++ cipherWithCTR{aes}, ++ cipherWithGCM{aes}, ++ } ++ case supportsCBC && supportsCTR && supportsGCM: ++ block = cipherWithCBC_CTR_GCM{aes, ++ cipherWithCBC{aes}, ++ cipherWithCTR{aes}, ++ cipherWithGCM{aes}, + } -+ result = append(result, b) ++ default: ++ panic("unreachable") + } -+ return string(result) ++ return block +} diff --git a/src/vendor/github.com/microsoft/go-crypto-winnative/LICENSE b/src/vendor/github.com/microsoft/go-crypto-winnative/LICENSE new file mode 100644 @@ -31401,22 +21134,20 @@ index 00000000000000..1722410e5af193 + return getSystemDirectory() + "\\" + dll +} diff --git a/src/vendor/modules.txt b/src/vendor/modules.txt -index a6b711219383c2..e6e8ef24250f7b 100644 +index a6b711219383c2..8668fcb28e0ba4 100644 --- a/src/vendor/modules.txt +++ b/src/vendor/modules.txt -@@ -1,3 +1,22 @@ +@@ -1,3 +1,20 @@ +# github.com/microsoft/go-crypto-darwin v0.0.2-0.20250714125817-871ed82e87d7 +## explicit; go 1.22 +github.com/microsoft/go-crypto-darwin/bbig +github.com/microsoft/go-crypto-darwin/internal/cryptokit +github.com/microsoft/go-crypto-darwin/xcrypto -+# github.com/microsoft/go-crypto-openssl v0.0.0-20260521090922-bd6798f35c69 -+## explicit; go 1.25 ++# github.com/microsoft/go-crypto-openssl v0.0.0-20260521141647-8d2a891ca446 ++## explicit; go 1.22 +github.com/microsoft/go-crypto-openssl/bbig -+github.com/microsoft/go-crypto-openssl/internal/fakecgo +github.com/microsoft/go-crypto-openssl/internal/ossl +github.com/microsoft/go-crypto-openssl/openssl -+github.com/microsoft/go-crypto-openssl/osslsetup +# github.com/microsoft/go-crypto-winnative v0.0.0-20250703113837-e4483837c98b +## explicit; go 1.22 +github.com/microsoft/go-crypto-winnative/cng diff --git a/patches/0003-Implement-crypto-internal-backend.patch b/patches/0003-Implement-crypto-internal-backend.patch index 269a773b8b2..5868181d986 100644 --- a/patches/0003-Implement-crypto-internal-backend.patch +++ b/patches/0003-Implement-crypto-internal-backend.patch @@ -1858,7 +1858,7 @@ index 00000000000000..5f99705f9d8c20 + _ "crypto/internal/backend/internal/opensslsetup" + "syscall" + -+ "github.com/microsoft/go-crypto-openssl/osslsetup" ++ "github.com/microsoft/go-crypto-openssl/openssl" +) + +const backendEnabled = true @@ -1870,7 +1870,7 @@ index 00000000000000..5f99705f9d8c20 + if kernelFIPSMode() { + return true + } -+ return osslsetup.FIPS() ++ return openssl.FIPS() +} + +// kernelFIPSMode reports whether the kernel is in FIPS mode. @@ -1999,7 +1999,7 @@ index 00000000000000..cc720b20984666 +import ( + "syscall" + -+ "github.com/microsoft/go-crypto-openssl/osslsetup" ++ "github.com/microsoft/go-crypto-openssl/openssl" +) + +// knownVersions is a list of supported and well-known libcrypto.so suffixes in decreasing version order. @@ -2011,7 +2011,7 @@ index 00000000000000..cc720b20984666 + +func init() { + lib := library() -+ if err := osslsetup.Init(lib); err != nil { ++ if err := openssl.Init(lib); err != nil { + panic("opensslcrypto: can't initialize OpenSSL " + lib + ": " + err.Error()) + } +} @@ -2032,7 +2032,7 @@ index 00000000000000..cc720b20984666 + +// checkVersion is a variable that holds the openssl.CheckVersion function. +// It is initialized in the init function to allow overriding in tests. -+var checkVersion = osslsetup.CheckVersion ++var checkVersion = openssl.CheckVersion + +// searchKnownLibrary returns the name of the highest available FIPS-enabled version of OpenSSL +// using the known library suffixes. @@ -2448,7 +2448,6 @@ index 00000000000000..941edd3d1dc98c + "hash" + + "github.com/microsoft/go-crypto-openssl/openssl" -+ "github.com/microsoft/go-crypto-openssl/osslsetup" +) + +// Enabled controls whether FIPS crypto is enabled. @@ -2459,15 +2458,15 @@ index 00000000000000..941edd3d1dc98c +func init() { + // Some distributions, e.g. Azure Linux 3, don't set the `fips=yes` property when running in FIPS mode, + // but they configure OpenSSL to use a FIPS-compliant provider (in the case of Azure Linux 3, the SCOSSL provider). -+ // In this cases, osslsetup.FIPS would return `false` and osslsetup.FIPSCapable would return `true`. ++ // In this cases, openssl.FIPS would return `false` and openssl.FIPSCapable would return `true`. + // We don't care about the `fips=yes` property as long as the provider is FIPS-compliant, so use -+ // osslsetup.FIPS to determine whether FIPS mode is enabled. -+ if err := fips140.Check(func() bool { return osslsetup.FIPS() }); err != nil { ++ // openssl.FIPSCapable to determine whether FIPS mode is enabled. ++ if err := fips140.Check(func() bool { return openssl.FIPSCapable() }); err != nil { + // This path can be reached for the following reasons: + // - In OpenSSL 1, the active engine doesn't support FIPS mode. + // - In OpenSSL 1, the active engine supports FIPS mode, but it is not enabled. + // - In OpenSSL 3, the provider used by default doesn't match the `fips=yes` query. -+ panic("opensslcrypto: " + err.Error() + ": " + osslsetup.VersionText()) ++ panic("opensslcrypto: " + err.Error() + ": " + openssl.VersionText()) + } + sig.BoringCrypto() +} @@ -2629,7 +2628,7 @@ index 00000000000000..941edd3d1dc98c +} + +func ExpandHKDF(h func() hash.Hash, pseudorandomKey, info []byte, keyLength int) ([]byte, error) { -+ return openssl.ExpandHKDF(h, pseudorandomKey, info, keyLength) ++ return openssl.ExpandHKDFOneShot(h, pseudorandomKey, info, keyLength) +} + +func ExtractHKDF(h func() hash.Hash, secret, salt []byte) ([]byte, error) { @@ -2760,6 +2759,7 @@ index 00000000000000..941edd3d1dc98c + } + + return openssl.VerifyDSA(pub, hashed, sig) ++} diff --git a/src/crypto/internal/backend/stub.s b/src/crypto/internal/backend/stub.s new file mode 100644 index 00000000000000..5e4b436554d44d @@ -2815,7 +2815,7 @@ index 4145c70f62440e..df7c5f9181be80 100644 < github.com/microsoft/go-crypto-winnative/cng; + syscall, -+ github.com/microsoft/go-crypto-openssl/osslsetup ++ github.com/microsoft/go-crypto-openssl/openssl + < crypto/internal/backend/internal/opensslsetup + < crypto/internal/backend/fips140; + From c4f4c8dac054251b84c072cd3ecfa575032f242c Mon Sep 17 00:00:00 2001 From: George Adams Date: Thu, 21 May 2026 15:50:02 +0100 Subject: [PATCH 7/7] fix test --- patches/0001-Vendor-external-dependencies.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/patches/0001-Vendor-external-dependencies.patch b/patches/0001-Vendor-external-dependencies.patch index 3d6cdfd5739..88aad3a50c1 100644 --- a/patches/0001-Vendor-external-dependencies.patch +++ b/patches/0001-Vendor-external-dependencies.patch @@ -2013,7 +2013,7 @@ index 641d1a325a5c07..4145c70f62440e 100644 var imports []string var haveImport = map[string]bool{} - if pkg == "crypto/internal/boring" { -+ if pkg == "crypto/internal/boring" || strings.HasPrefix(pkg, "github.com/microsoft/go-crypto-openssl/openssl") || strings.HasPrefix(pkg, "github.com/microsoft/go-crypto-darwin") { ++ if pkg == "crypto/internal/boring" || strings.HasPrefix(pkg, "github.com/microsoft/go-crypto-openssl/") || strings.HasPrefix(pkg, "github.com/microsoft/go-crypto-darwin") { haveImport["C"] = true // kludge: prevent C from appearing in crypto/internal/boring imports } fset := token.NewFileSet()