diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c index 316210e71..afc88d23e 100644 --- a/crypto/asn1/a_int.c +++ b/crypto/asn1/a_int.c @@ -56,13 +56,13 @@ #include +#include #include #include #include #include #include -#include #include "../internal.h" @@ -353,7 +353,7 @@ static long asn1_string_get_long(const ASN1_STRING *a, int type) { i64 = (int64_t)v; fits_in_i64 = i64 >= 0; } - OPENSSL_STATIC_ASSERT(sizeof(long) <= sizeof(int64_t), "long is too big"); + static_assert(sizeof(long) <= sizeof(int64_t), "long is too big"); if (fits_in_i64 && LONG_MIN <= i64 && i64 <= LONG_MAX) { return (long)i64; diff --git a/crypto/base64/base64.c b/crypto/base64/base64.c index 6ce6007f6..d2b1e5840 100644 --- a/crypto/base64/base64.c +++ b/crypto/base64/base64.c @@ -60,8 +60,6 @@ #include #include -#include - #include "../internal.h" @@ -98,8 +96,8 @@ static uint8_t conv_bin2ascii(uint8_t a) { return ret; } -OPENSSL_STATIC_ASSERT(sizeof(((EVP_ENCODE_CTX *)(NULL))->data) % 3 == 0, - "data length must be a multiple of base64 chunk size"); +static_assert(sizeof(((EVP_ENCODE_CTX *)(NULL))->data) % 3 == 0, + "data length must be a multiple of base64 chunk size"); int EVP_EncodedLength(size_t *out_len, size_t len) { if (len + 2 < len) { diff --git a/crypto/blake2/blake2.c b/crypto/blake2/blake2.c index 096d61db1..5c6b17edf 100644 --- a/crypto/blake2/blake2.c +++ b/crypto/blake2/blake2.c @@ -14,7 +14,7 @@ #include -#include +#include #include "../internal.h" @@ -61,7 +61,7 @@ static void blake2b_transform( size_t num_bytes, int is_final_block) { // https://tools.ietf.org/html/rfc7693#section-3.2 uint64_t v[16]; - OPENSSL_STATIC_ASSERT(sizeof(v) == sizeof(b2b->h) + sizeof(kIV), ""); + static_assert(sizeof(v) == sizeof(b2b->h) + sizeof(kIV), ""); OPENSSL_memcpy(v, b2b->h, sizeof(b2b->h)); OPENSSL_memcpy(&v[8], kIV, sizeof(kIV)); @@ -97,7 +97,7 @@ static void blake2b_transform( void BLAKE2B256_Init(BLAKE2B_CTX *b2b) { OPENSSL_memset(b2b, 0, sizeof(BLAKE2B_CTX)); - OPENSSL_STATIC_ASSERT(sizeof(kIV) == sizeof(b2b->h), ""); + static_assert(sizeof(kIV) == sizeof(b2b->h), ""); OPENSSL_memcpy(&b2b->h, kIV, sizeof(kIV)); // https://tools.ietf.org/html/rfc7693#section-2.5 @@ -143,7 +143,7 @@ void BLAKE2B256_Final(uint8_t out[BLAKE2B256_DIGEST_LENGTH], BLAKE2B_CTX *b2b) { sizeof(b2b->block.bytes) - b2b->block_used); blake2b_transform(b2b, b2b->block.words, b2b->block_used, /*is_final_block=*/1); - OPENSSL_STATIC_ASSERT(BLAKE2B256_DIGEST_LENGTH <= sizeof(b2b->h), ""); + static_assert(BLAKE2B256_DIGEST_LENGTH <= sizeof(b2b->h), ""); memcpy(out, b2b->h, BLAKE2B256_DIGEST_LENGTH); } diff --git a/crypto/cipher_extra/e_aesctrhmac.c b/crypto/cipher_extra/e_aesctrhmac.c index c75f8a836..32b42d2e9 100644 --- a/crypto/cipher_extra/e_aesctrhmac.c +++ b/crypto/cipher_extra/e_aesctrhmac.c @@ -13,6 +13,9 @@ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include + +#include + #include #include #include @@ -35,12 +38,12 @@ struct aead_aes_ctr_hmac_sha256_ctx { SHA256_CTX outer_init_state; }; -OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) >= - sizeof(struct aead_aes_ctr_hmac_sha256_ctx), - "AEAD state is too small"); -OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >= - alignof(struct aead_aes_ctr_hmac_sha256_ctx), - "AEAD state has insufficient alignment"); +static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) >= + sizeof(struct aead_aes_ctr_hmac_sha256_ctx), + "AEAD state is too small"); +static_assert(alignof(union evp_aead_ctx_st_state) >= + alignof(struct aead_aes_ctr_hmac_sha256_ctx), + "AEAD state has insufficient alignment"); static void hmac_init(SHA256_CTX *out_inner, SHA256_CTX *out_outer, const uint8_t hmac_key[32]) { diff --git a/crypto/cipher_extra/e_aesgcmsiv.c b/crypto/cipher_extra/e_aesgcmsiv.c index ee20e1bb1..15601e19b 100644 --- a/crypto/cipher_extra/e_aesgcmsiv.c +++ b/crypto/cipher_extra/e_aesgcmsiv.c @@ -42,11 +42,11 @@ struct aead_aes_gcm_siv_asm_ctx { // The assembly code assumes 8-byte alignment of the EVP_AEAD_CTX's state, and // aligns to 16 bytes itself. -OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) + 8 >= - sizeof(struct aead_aes_gcm_siv_asm_ctx), - "AEAD state is too small"); -OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >= 8, - "AEAD state has insufficient alignment"); +static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) + 8 >= + sizeof(struct aead_aes_gcm_siv_asm_ctx), + "AEAD state is too small"); +static_assert(alignof(union evp_aead_ctx_st_state) >= 8, + "AEAD state has insufficient alignment"); // asm_ctx_from_ctx returns a 16-byte aligned context pointer from |ctx|. static struct aead_aes_gcm_siv_asm_ctx *asm_ctx_from_ctx( @@ -550,12 +550,12 @@ struct aead_aes_gcm_siv_ctx { unsigned is_256:1; }; -OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) >= - sizeof(struct aead_aes_gcm_siv_ctx), - "AEAD state is too small"); -OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >= - alignof(struct aead_aes_gcm_siv_ctx), - "AEAD state has insufficient alignment"); +static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) >= + sizeof(struct aead_aes_gcm_siv_ctx), + "AEAD state is too small"); +static_assert(alignof(union evp_aead_ctx_st_state) >= + alignof(struct aead_aes_gcm_siv_ctx), + "AEAD state has insufficient alignment"); static int aead_aes_gcm_siv_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len, size_t tag_len) { diff --git a/crypto/cipher_extra/e_chacha20poly1305.c b/crypto/cipher_extra/e_chacha20poly1305.c index a9fce3e88..4a46a1df4 100644 --- a/crypto/cipher_extra/e_chacha20poly1305.c +++ b/crypto/cipher_extra/e_chacha20poly1305.c @@ -14,6 +14,7 @@ #include +#include #include #include @@ -21,7 +22,6 @@ #include #include #include -#include #include "internal.h" #include "../chacha/internal.h" @@ -32,12 +32,12 @@ struct aead_chacha20_poly1305_ctx { uint8_t key[32]; }; -OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) >= - sizeof(struct aead_chacha20_poly1305_ctx), - "AEAD state is too small"); -OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >= - alignof(struct aead_chacha20_poly1305_ctx), - "AEAD state has insufficient alignment"); +static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) >= + sizeof(struct aead_chacha20_poly1305_ctx), + "AEAD state is too small"); +static_assert(alignof(union evp_aead_ctx_st_state) >= + alignof(struct aead_chacha20_poly1305_ctx), + "AEAD state has insufficient alignment"); static int aead_chacha20_poly1305_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len, size_t tag_len) { diff --git a/crypto/cipher_extra/e_tls.c b/crypto/cipher_extra/e_tls.c index 9713dc7ea..cfaf95dc7 100644 --- a/crypto/cipher_extra/e_tls.c +++ b/crypto/cipher_extra/e_tls.c @@ -23,7 +23,6 @@ #include #include #include -#include #include "../fipsmodule/cipher/internal.h" #include "../internal.h" @@ -42,15 +41,12 @@ typedef struct { char implicit_iv; } AEAD_TLS_CTX; -OPENSSL_STATIC_ASSERT(EVP_MAX_MD_SIZE < 256, - "mac_key_len does not fit in uint8_t"); +static_assert(EVP_MAX_MD_SIZE < 256, "mac_key_len does not fit in uint8_t"); -OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) >= - sizeof(AEAD_TLS_CTX), - "AEAD state is too small"); -OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >= - alignof(AEAD_TLS_CTX), - "AEAD state has insufficient alignment"); +static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) >= sizeof(AEAD_TLS_CTX), + "AEAD state is too small"); +static_assert(alignof(union evp_aead_ctx_st_state) >= alignof(AEAD_TLS_CTX), + "AEAD state has insufficient alignment"); static void aead_tls_cleanup(EVP_AEAD_CTX *ctx) { AEAD_TLS_CTX *tls_ctx = (AEAD_TLS_CTX *)&ctx->state; diff --git a/crypto/cipher_extra/internal.h b/crypto/cipher_extra/internal.h index 0fd075543..76a03144d 100644 --- a/crypto/cipher_extra/internal.h +++ b/crypto/cipher_extra/internal.h @@ -57,10 +57,10 @@ #ifndef OPENSSL_HEADER_CIPHER_EXTRA_INTERNAL_H #define OPENSSL_HEADER_CIPHER_EXTRA_INTERNAL_H +#include #include #include -#include #include "../internal.h" @@ -166,10 +166,10 @@ union chacha20_poly1305_seal_data { #if (defined(OPENSSL_X86_64) || defined(OPENSSL_AARCH64)) && \ !defined(OPENSSL_NO_ASM) -OPENSSL_STATIC_ASSERT(sizeof(union chacha20_poly1305_open_data) == 48, - "wrong chacha20_poly1305_open_data size"); -OPENSSL_STATIC_ASSERT(sizeof(union chacha20_poly1305_seal_data) == 48 + 8 + 8, - "wrong chacha20_poly1305_seal_data size"); +static_assert(sizeof(union chacha20_poly1305_open_data) == 48, + "wrong chacha20_poly1305_open_data size"); +static_assert(sizeof(union chacha20_poly1305_seal_data) == 48 + 8 + 8, + "wrong chacha20_poly1305_seal_data size"); OPENSSL_INLINE int chacha20_poly1305_asm_capable(void) { #if defined(OPENSSL_X86_64) diff --git a/crypto/curve25519/curve25519.c b/crypto/curve25519/curve25519.c index 4bf37b9fa..17740b83e 100644 --- a/crypto/curve25519/curve25519.c +++ b/crypto/curve25519/curve25519.c @@ -27,7 +27,6 @@ #include #include #include -#include #include "internal.h" #include "../internal.h" @@ -151,8 +150,8 @@ typedef uint32_t fe_limb_t; #endif // BORINGSSL_CURVE25519_64BIT -OPENSSL_STATIC_ASSERT(sizeof(fe) == sizeof(fe_limb_t) * FE_NUM_LIMBS, - "fe_limb_t[FE_NUM_LIMBS] is inconsistent with fe"); +static_assert(sizeof(fe) == sizeof(fe_limb_t) * FE_NUM_LIMBS, + "fe_limb_t[FE_NUM_LIMBS] is inconsistent with fe"); static void fe_frombytes_strict(fe *h, const uint8_t s[32]) { // |fiat_25519_from_bytes| requires the top-most bit be clear. @@ -315,8 +314,7 @@ static void fe_copy(fe *h, const fe *f) { } static void fe_copy_lt(fe_loose *h, const fe *f) { - OPENSSL_STATIC_ASSERT(sizeof(fe_loose) == sizeof(fe), - "fe and fe_loose mismatch"); + static_assert(sizeof(fe_loose) == sizeof(fe), "fe and fe_loose mismatch"); OPENSSL_memmove(h, f, sizeof(fe)); } #if !defined(OPENSSL_SMALL) diff --git a/crypto/ec_extra/hash_to_curve.c b/crypto/ec_extra/hash_to_curve.c index 9c824544a..fa7ff5909 100644 --- a/crypto/ec_extra/hash_to_curve.c +++ b/crypto/ec_extra/hash_to_curve.c @@ -17,7 +17,6 @@ #include #include #include -#include #include @@ -61,7 +60,7 @@ static int expand_message_xmd(const EVP_MD *md, uint8_t *out, size_t out_len, EVP_MD_CTX_init(&ctx); // Long DSTs are hashed down to size. See section 5.3.3. - OPENSSL_STATIC_ASSERT(EVP_MAX_MD_SIZE < 256, "hashed DST still too large"); + static_assert(EVP_MAX_MD_SIZE < 256, "hashed DST still too large"); uint8_t dst_buf[EVP_MAX_MD_SIZE]; if (dst_len >= 256) { static const char kPrefix[] = "H2C-OVERSIZE-DST-"; diff --git a/crypto/err/err_data_generate.go b/crypto/err/err_data_generate.go index e8aefd8f5..963964c66 100644 --- a/crypto/err/err_data_generate.go +++ b/crypto/err/err_data_generate.go @@ -270,15 +270,15 @@ func main() { #include #include -#include +#include `) for i, name := range libraryNames { - fmt.Fprintf(out, "OPENSSL_STATIC_ASSERT(ERR_LIB_%s == %d, \"library value changed\");\n", name, i+1) + fmt.Fprintf(out, "static_assert(ERR_LIB_%s == %d, \"library value changed\");\n", name, i+1) } - fmt.Fprintf(out, "OPENSSL_STATIC_ASSERT(ERR_NUM_LIBS == %d, \"number of libraries changed\");\n", len(libraryNames)+1) + fmt.Fprintf(out, "static_assert(ERR_NUM_LIBS == %d, \"number of libraries changed\");\n", len(libraryNames)+1) out.WriteString("\n") e.reasons.WriteTo(out, "Reason") diff --git a/crypto/evp/scrypt.c b/crypto/evp/scrypt.c index 7ec6244ab..14a5e02c9 100644 --- a/crypto/evp/scrypt.c +++ b/crypto/evp/scrypt.c @@ -13,7 +13,6 @@ #include #include -#include #include "../internal.h" @@ -30,7 +29,7 @@ // A block_t is a Salsa20 block. typedef struct { uint32_t words[16]; } block_t; -OPENSSL_STATIC_ASSERT(sizeof(block_t) == 64, "block_t has padding"); +static_assert(sizeof(block_t) == 64, "block_t has padding"); // salsa208_word_specification implements the Salsa20/8 core function, also // described in RFC 7914, section 3. It modifies the block at |inout| @@ -171,7 +170,7 @@ int EVP_PBE_scrypt(const char *password, size_t password_len, // Allocate and divide up the scratch space. |max_mem| fits in a size_t, which // is no bigger than uint64_t, so none of these operations may overflow. - OPENSSL_STATIC_ASSERT(UINT64_MAX >= ((size_t)-1), "size_t exceeds uint64_t"); + static_assert(UINT64_MAX >= ((size_t)-1), "size_t exceeds uint64_t"); size_t B_blocks = p * 2 * r; size_t B_bytes = B_blocks * sizeof(block_t); size_t T_blocks = 2 * r; diff --git a/crypto/fipsmodule/aes/aes_nohw.c b/crypto/fipsmodule/aes/aes_nohw.c index 5bb24bc25..b5990b84d 100644 --- a/crypto/fipsmodule/aes/aes_nohw.c +++ b/crypto/fipsmodule/aes/aes_nohw.c @@ -152,10 +152,10 @@ static inline aes_word_t aes_nohw_shift_right(aes_word_t a, aes_word_t i) { } #endif // OPENSSL_SSE2 -OPENSSL_STATIC_ASSERT(AES_NOHW_BATCH_SIZE * 128 == 8 * 8 * sizeof(aes_word_t), - "batch size does not match word size"); -OPENSSL_STATIC_ASSERT(AES_NOHW_WORD_SIZE == sizeof(aes_word_t), - "AES_NOHW_WORD_SIZE is incorrect"); +static_assert(AES_NOHW_BATCH_SIZE * 128 == 8 * 8 * sizeof(aes_word_t), + "batch size does not match word size"); +static_assert(AES_NOHW_WORD_SIZE == sizeof(aes_word_t), + "AES_NOHW_WORD_SIZE is incorrect"); // Block representations. diff --git a/crypto/fipsmodule/bn/bn.c b/crypto/fipsmodule/bn/bn.c index 424d4621a..006e3eb7a 100644 --- a/crypto/fipsmodule/bn/bn.c +++ b/crypto/fipsmodule/bn/bn.c @@ -56,6 +56,7 @@ #include +#include #include #include @@ -416,8 +417,8 @@ int bn_resize_words(BIGNUM *bn, size_t words) { void bn_select_words(BN_ULONG *r, BN_ULONG mask, const BN_ULONG *a, const BN_ULONG *b, size_t num) { for (size_t i = 0; i < num; i++) { - OPENSSL_STATIC_ASSERT(sizeof(BN_ULONG) <= sizeof(crypto_word_t), - "crypto_word_t is too small"); + static_assert(sizeof(BN_ULONG) <= sizeof(crypto_word_t), + "crypto_word_t is too small"); r[i] = constant_time_select_w(mask, a[i], b[i]); } } diff --git a/crypto/fipsmodule/bn/cmp.c b/crypto/fipsmodule/bn/cmp.c index fe478b601..84456a21a 100644 --- a/crypto/fipsmodule/bn/cmp.c +++ b/crypto/fipsmodule/bn/cmp.c @@ -56,8 +56,9 @@ #include +#include + #include -#include #include "internal.h" #include "../../internal.h" @@ -65,8 +66,8 @@ static int bn_cmp_words_consttime(const BN_ULONG *a, size_t a_len, const BN_ULONG *b, size_t b_len) { - OPENSSL_STATIC_ASSERT(sizeof(BN_ULONG) <= sizeof(crypto_word_t), - "crypto_word_t is too small"); + static_assert(sizeof(BN_ULONG) <= sizeof(crypto_word_t), + "crypto_word_t is too small"); int ret = 0; // Process the common words in little-endian order. size_t min = a_len < b_len ? a_len : b_len; diff --git a/crypto/fipsmodule/bn/montgomery.c b/crypto/fipsmodule/bn/montgomery.c index e9fa08f7d..d04e91a13 100644 --- a/crypto/fipsmodule/bn/montgomery.c +++ b/crypto/fipsmodule/bn/montgomery.c @@ -116,7 +116,6 @@ #include #include #include -#include #include "internal.h" #include "../../internal.h" @@ -190,11 +189,10 @@ static int bn_mont_ctx_set_N_and_n0(BN_MONT_CTX *mont, const BIGNUM *mod) { // others, we could use a shorter R value and use faster |BN_ULONG|-based // math instead of |uint64_t|-based math, which would be double-precision. // However, currently only the assembler files know which is which. - OPENSSL_STATIC_ASSERT(BN_MONT_CTX_N0_LIMBS == 1 || BN_MONT_CTX_N0_LIMBS == 2, - "BN_MONT_CTX_N0_LIMBS value is invalid"); - OPENSSL_STATIC_ASSERT( - sizeof(BN_ULONG) * BN_MONT_CTX_N0_LIMBS == sizeof(uint64_t), - "uint64_t is insufficient precision for n0"); + static_assert(BN_MONT_CTX_N0_LIMBS == 1 || BN_MONT_CTX_N0_LIMBS == 2, + "BN_MONT_CTX_N0_LIMBS value is invalid"); + static_assert(sizeof(BN_ULONG) * BN_MONT_CTX_N0_LIMBS == sizeof(uint64_t), + "uint64_t is insufficient precision for n0"); uint64_t n0 = bn_mont_n0(&mont->N); mont->n0[0] = (BN_ULONG)n0; #if BN_MONT_CTX_N0_LIMBS == 2 diff --git a/crypto/fipsmodule/bn/montgomery_inv.c b/crypto/fipsmodule/bn/montgomery_inv.c index c80873f57..137af1dd6 100644 --- a/crypto/fipsmodule/bn/montgomery_inv.c +++ b/crypto/fipsmodule/bn/montgomery_inv.c @@ -22,11 +22,10 @@ static uint64_t bn_neg_inv_mod_r_u64(uint64_t n); -OPENSSL_STATIC_ASSERT(BN_MONT_CTX_N0_LIMBS == 1 || BN_MONT_CTX_N0_LIMBS == 2, - "BN_MONT_CTX_N0_LIMBS value is invalid"); -OPENSSL_STATIC_ASSERT(sizeof(BN_ULONG) * BN_MONT_CTX_N0_LIMBS == - sizeof(uint64_t), - "uint64_t is insufficient precision for n0"); +static_assert(BN_MONT_CTX_N0_LIMBS == 1 || BN_MONT_CTX_N0_LIMBS == 2, + "BN_MONT_CTX_N0_LIMBS value is invalid"); +static_assert(sizeof(BN_ULONG) * BN_MONT_CTX_N0_LIMBS == sizeof(uint64_t), + "uint64_t is insufficient precision for n0"); // LG_LITTLE_R is log_2(r). #define LG_LITTLE_R (BN_MONT_CTX_N0_LIMBS * BN_BITS2) diff --git a/crypto/fipsmodule/bn/mul.c b/crypto/fipsmodule/bn/mul.c index 6e1c3caa2..fe4e4d7aa 100644 --- a/crypto/fipsmodule/bn/mul.c +++ b/crypto/fipsmodule/bn/mul.c @@ -62,7 +62,6 @@ #include #include -#include #include "internal.h" #include "../../internal.h" @@ -281,8 +280,8 @@ static void bn_mul_recursive(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, BN_ULONG c_neg = c - bn_sub_words(&t[n2 * 2], t, &t[n2], n2); BN_ULONG c_pos = c + bn_add_words(&t[n2], t, &t[n2], n2); bn_select_words(&t[n2], neg, &t[n2 * 2], &t[n2], n2); - OPENSSL_STATIC_ASSERT(sizeof(BN_ULONG) <= sizeof(crypto_word_t), - "crypto_word_t is too small"); + static_assert(sizeof(BN_ULONG) <= sizeof(crypto_word_t), + "crypto_word_t is too small"); c = constant_time_select_w(neg, c_neg, c_pos); // We now have our three components. Add them together. @@ -395,8 +394,8 @@ static void bn_mul_part_recursive(BN_ULONG *r, const BN_ULONG *a, BN_ULONG c_neg = c - bn_sub_words(&t[n2 * 2], t, &t[n2], n2); BN_ULONG c_pos = c + bn_add_words(&t[n2], t, &t[n2], n2); bn_select_words(&t[n2], neg, &t[n2 * 2], &t[n2], n2); - OPENSSL_STATIC_ASSERT(sizeof(BN_ULONG) <= sizeof(crypto_word_t), - "crypto_word_t is too small"); + static_assert(sizeof(BN_ULONG) <= sizeof(crypto_word_t), + "crypto_word_t is too small"); c = constant_time_select_w(neg, c_neg, c_pos); // We now have our three components. Add them together. diff --git a/crypto/fipsmodule/bn/random.c b/crypto/fipsmodule/bn/random.c index 36ad679c5..4966778ef 100644 --- a/crypto/fipsmodule/bn/random.c +++ b/crypto/fipsmodule/bn/random.c @@ -108,12 +108,12 @@ #include +#include #include #include #include #include -#include #include "../../internal.h" #include "../rand/internal.h" @@ -199,8 +199,8 @@ static crypto_word_t bn_less_than_word_mask(const BN_ULONG *a, size_t len, } // |a| < |b| iff a[1..len-1] are all zero and a[0] < b. - OPENSSL_STATIC_ASSERT(sizeof(BN_ULONG) <= sizeof(crypto_word_t), - "crypto_word_t is too small"); + static_assert(sizeof(BN_ULONG) <= sizeof(crypto_word_t), + "crypto_word_t is too small"); crypto_word_t mask = 0; for (size_t i = 1; i < len; i++) { mask |= a[i]; diff --git a/crypto/fipsmodule/bn/rsaz_exp.c b/crypto/fipsmodule/bn/rsaz_exp.c index f4e50a6e7..7b455b55f 100644 --- a/crypto/fipsmodule/bn/rsaz_exp.c +++ b/crypto/fipsmodule/bn/rsaz_exp.c @@ -18,6 +18,8 @@ #include +#include + #include "internal.h" #include "../../internal.h" @@ -38,8 +40,8 @@ void RSAZ_1024_mod_exp_avx2(BN_ULONG result_norm[16], const BN_ULONG m_norm[16], const BN_ULONG RR[16], BN_ULONG k0, BN_ULONG storage[MOD_EXP_CTIME_STORAGE_LEN]) { - OPENSSL_STATIC_ASSERT(MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH % 64 == 0, - "MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH is too small"); + static_assert(MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH % 64 == 0, + "MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH is too small"); assert((uintptr_t)storage % 64 == 0); BN_ULONG *a_inv, *m, *result, *table_s = storage + 40 * 3, *R2 = table_s; diff --git a/crypto/fipsmodule/bn/shift.c b/crypto/fipsmodule/bn/shift.c index 523da674c..55f864ea3 100644 --- a/crypto/fipsmodule/bn/shift.c +++ b/crypto/fipsmodule/bn/shift.c @@ -56,10 +56,10 @@ #include +#include #include #include -#include #include "internal.h" @@ -296,15 +296,14 @@ int BN_mask_bits(BIGNUM *a, int n) { } static int bn_count_low_zero_bits_word(BN_ULONG l) { - OPENSSL_STATIC_ASSERT(sizeof(BN_ULONG) <= sizeof(crypto_word_t), - "crypto_word_t is too small"); - OPENSSL_STATIC_ASSERT(sizeof(int) <= sizeof(crypto_word_t), - "crypto_word_t is too small"); - OPENSSL_STATIC_ASSERT(BN_BITS2 == sizeof(BN_ULONG) * 8, - "BN_ULONG has padding bits"); + static_assert(sizeof(BN_ULONG) <= sizeof(crypto_word_t), + "crypto_word_t is too small"); + static_assert(sizeof(int) <= sizeof(crypto_word_t), + "crypto_word_t is too small"); + static_assert(BN_BITS2 == sizeof(BN_ULONG) * 8, "BN_ULONG has padding bits"); // C has very bizarre rules for types smaller than an int. - OPENSSL_STATIC_ASSERT(sizeof(BN_ULONG) >= sizeof(int), - "BN_ULONG gets promoted to int"); + static_assert(sizeof(BN_ULONG) >= sizeof(int), + "BN_ULONG gets promoted to int"); crypto_word_t mask; int bits = 0; @@ -342,10 +341,10 @@ static int bn_count_low_zero_bits_word(BN_ULONG l) { } int BN_count_low_zero_bits(const BIGNUM *bn) { - OPENSSL_STATIC_ASSERT(sizeof(BN_ULONG) <= sizeof(crypto_word_t), - "crypto_word_t is too small"); - OPENSSL_STATIC_ASSERT(sizeof(int) <= sizeof(crypto_word_t), - "crypto_word_t is too small"); + static_assert(sizeof(BN_ULONG) <= sizeof(crypto_word_t), + "crypto_word_t is too small"); + static_assert(sizeof(int) <= sizeof(crypto_word_t), + "crypto_word_t is too small"); int ret = 0; crypto_word_t saw_nonzero = 0; diff --git a/crypto/fipsmodule/cipher/e_aes.c b/crypto/fipsmodule/cipher/e_aes.c index e94d59a14..8d5ed4cac 100644 --- a/crypto/fipsmodule/cipher/e_aes.c +++ b/crypto/fipsmodule/cipher/e_aes.c @@ -335,7 +335,7 @@ ctr128_f aes_ctr_set_key(AES_KEY *aes_key, GCM128_KEY *gcm_key, #endif static EVP_AES_GCM_CTX *aes_gcm_from_cipher_ctx(EVP_CIPHER_CTX *ctx) { - OPENSSL_STATIC_ASSERT( + static_assert( alignof(EVP_AES_GCM_CTX) <= 16, "EVP_AES_GCM_CTX needs more alignment than this function provides"); @@ -921,12 +921,12 @@ static int aead_aes_gcm_init_impl(struct aead_aes_gcm_ctx *gcm_ctx, return 1; } -OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) >= - sizeof(struct aead_aes_gcm_ctx), - "AEAD state is too small"); -OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >= - alignof(struct aead_aes_gcm_ctx), - "AEAD state has insufficient alignment"); +static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) >= + sizeof(struct aead_aes_gcm_ctx), + "AEAD state is too small"); +static_assert(alignof(union evp_aead_ctx_st_state) >= + alignof(struct aead_aes_gcm_ctx), + "AEAD state has insufficient alignment"); static int aead_aes_gcm_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len, size_t requested_tag_len) { @@ -1259,12 +1259,12 @@ struct aead_aes_gcm_tls12_ctx { uint64_t min_next_nonce; }; -OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) >= - sizeof(struct aead_aes_gcm_tls12_ctx), - "AEAD state is too small"); -OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >= - alignof(struct aead_aes_gcm_tls12_ctx), - "AEAD state has insufficient alignment"); +static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) >= + sizeof(struct aead_aes_gcm_tls12_ctx), + "AEAD state is too small"); +static_assert(alignof(union evp_aead_ctx_st_state) >= + alignof(struct aead_aes_gcm_tls12_ctx), + "AEAD state has insufficient alignment"); static int aead_aes_gcm_tls12_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len, size_t requested_tag_len) { @@ -1353,12 +1353,12 @@ struct aead_aes_gcm_tls13_ctx { uint8_t first; }; -OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) >= - sizeof(struct aead_aes_gcm_tls13_ctx), - "AEAD state is too small"); -OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >= - alignof(struct aead_aes_gcm_tls13_ctx), - "AEAD state has insufficient alignment"); +static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) >= + sizeof(struct aead_aes_gcm_tls13_ctx), + "AEAD state is too small"); +static_assert(alignof(union evp_aead_ctx_st_state) >= + alignof(struct aead_aes_gcm_tls13_ctx), + "AEAD state has insufficient alignment"); static int aead_aes_gcm_tls13_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len, size_t requested_tag_len) { diff --git a/crypto/fipsmodule/cipher/e_aesccm.c b/crypto/fipsmodule/cipher/e_aesccm.c index cd6170199..c00bf61ef 100644 --- a/crypto/fipsmodule/cipher/e_aesccm.c +++ b/crypto/fipsmodule/cipher/e_aesccm.c @@ -276,12 +276,12 @@ struct aead_aes_ccm_ctx { struct ccm128_context ccm; }; -OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) >= - sizeof(struct aead_aes_ccm_ctx), - "AEAD state is too small"); -OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >= - alignof(struct aead_aes_ccm_ctx), - "AEAD state has insufficient alignment"); +static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) >= + sizeof(struct aead_aes_ccm_ctx), + "AEAD state is too small"); +static_assert(alignof(union evp_aead_ctx_st_state) >= + alignof(struct aead_aes_ccm_ctx), + "AEAD state has insufficient alignment"); static int aead_aes_ccm_init(EVP_AEAD_CTX *ctx, const uint8_t *key, size_t key_len, size_t tag_len, unsigned M, diff --git a/crypto/fipsmodule/ec/ec.c b/crypto/fipsmodule/ec/ec.c index c70fb11ce..4e632e197 100644 --- a/crypto/fipsmodule/ec/ec.c +++ b/crypto/fipsmodule/ec/ec.c @@ -1155,8 +1155,8 @@ void ec_affine_select(const EC_GROUP *group, EC_AFFINE *out, BN_ULONG mask, void ec_precomp_select(const EC_GROUP *group, EC_PRECOMP *out, BN_ULONG mask, const EC_PRECOMP *a, const EC_PRECOMP *b) { - OPENSSL_STATIC_ASSERT(sizeof(out->comb) == sizeof(*out), - "out->comb does not span the entire structure"); + static_assert(sizeof(out->comb) == sizeof(*out), + "out->comb does not span the entire structure"); for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(out->comb); i++) { ec_affine_select(group, &out->comb[i], mask, &a->comb[i], &b->comb[i]); } diff --git a/crypto/fipsmodule/ec/internal.h b/crypto/fipsmodule/ec/internal.h index 522c8d936..f6c8e8a63 100644 --- a/crypto/fipsmodule/ec/internal.h +++ b/crypto/fipsmodule/ec/internal.h @@ -70,10 +70,11 @@ #include +#include + #include #include #include -#include #include "../bn/internal.h" @@ -91,8 +92,8 @@ extern "C" { #define EC_MAX_BYTES 66 #define EC_MAX_WORDS ((EC_MAX_BYTES + BN_BYTES - 1) / BN_BYTES) -OPENSSL_STATIC_ASSERT(EC_MAX_WORDS <= BN_SMALL_MAX_WORDS, - "bn_*_small functions not usable"); +static_assert(EC_MAX_WORDS <= BN_SMALL_MAX_WORDS, + "bn_*_small functions not usable"); // Scalars. diff --git a/crypto/fipsmodule/ec/p256.c b/crypto/fipsmodule/ec/p256.c index b3ee9d4ab..816e6f1ad 100644 --- a/crypto/fipsmodule/ec/p256.c +++ b/crypto/fipsmodule/ec/p256.c @@ -22,7 +22,6 @@ #include #include #include -#include #include #include diff --git a/crypto/fipsmodule/ec/simple_mul.c b/crypto/fipsmodule/ec/simple_mul.c index 0e6384ecd..024155d96 100644 --- a/crypto/fipsmodule/ec/simple_mul.c +++ b/crypto/fipsmodule/ec/simple_mul.c @@ -202,9 +202,8 @@ int ec_GFp_mont_init_precomp(const EC_GROUP *group, EC_PRECOMP *out, // Store the comb in affine coordinates to shrink the table. (This reduces // cache pressure and makes the constant-time selects faster.) - OPENSSL_STATIC_ASSERT( - OPENSSL_ARRAY_SIZE(comb) == OPENSSL_ARRAY_SIZE(out->comb), - "comb sizes did not match"); + static_assert(OPENSSL_ARRAY_SIZE(comb) == OPENSSL_ARRAY_SIZE(out->comb), + "comb sizes did not match"); return ec_jacobian_to_affine_batch(group, out->comb, comb, OPENSSL_ARRAY_SIZE(comb)); } diff --git a/crypto/fipsmodule/ecdsa/ecdsa.c b/crypto/fipsmodule/ecdsa/ecdsa.c index b92f8b247..95b367f13 100644 --- a/crypto/fipsmodule/ecdsa/ecdsa.c +++ b/crypto/fipsmodule/ecdsa/ecdsa.c @@ -59,7 +59,6 @@ #include #include #include -#include #include "../../internal.h" #include "../bn/internal.h" @@ -322,8 +321,8 @@ ECDSA_SIG *ECDSA_do_sign(const uint8_t *digest, size_t digest_len, // Pass a SHA512 hash of the private key and digest as additional data // into the RBG. This is a hardening measure against entropy failure. - OPENSSL_STATIC_ASSERT(SHA512_DIGEST_LENGTH >= 32, - "additional_data is too large for SHA-512"); + static_assert(SHA512_DIGEST_LENGTH >= 32, + "additional_data is too large for SHA-512"); FIPS_service_indicator_lock_state(); diff --git a/crypto/fipsmodule/modes/cbc.c b/crypto/fipsmodule/modes/cbc.c index ac0cd426a..df8f9ce83 100644 --- a/crypto/fipsmodule/modes/cbc.c +++ b/crypto/fipsmodule/modes/cbc.c @@ -49,8 +49,6 @@ #include #include -#include - #include "internal.h" #include "../../internal.h" @@ -120,8 +118,8 @@ void CRYPTO_cbc128_decrypt(const uint8_t *in, uint8_t *out, size_t len, if ((inptr >= 32 && outptr <= inptr - 32) || inptr < outptr) { // If |out| is at least two blocks behind |in| or completely disjoint, there // is no need to decrypt to a temporary block. - OPENSSL_STATIC_ASSERT(16 % sizeof(crypto_word_t) == 0, - "block cannot be evenly divided into words"); + static_assert(16 % sizeof(crypto_word_t) == 0, + "block cannot be evenly divided into words"); const uint8_t *iv = ivec; while (len >= 16) { (*block)(in, out, key); @@ -136,8 +134,8 @@ void CRYPTO_cbc128_decrypt(const uint8_t *in, uint8_t *out, size_t len, } OPENSSL_memcpy(ivec, iv, 16); } else { - OPENSSL_STATIC_ASSERT(16 % sizeof(crypto_word_t) == 0, - "block cannot be evenly divided into words"); + static_assert(16 % sizeof(crypto_word_t) == 0, + "block cannot be evenly divided into words"); while (len >= 16) { (*block)(in, tmp, key); diff --git a/crypto/fipsmodule/modes/cfb.c b/crypto/fipsmodule/modes/cfb.c index 283a10781..37a81843d 100644 --- a/crypto/fipsmodule/modes/cfb.c +++ b/crypto/fipsmodule/modes/cfb.c @@ -46,16 +46,13 @@ * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== */ -#include - #include #include #include "internal.h" -OPENSSL_STATIC_ASSERT(16 % sizeof(size_t) == 0, - "block cannot be divided into size_t"); +static_assert(16 % sizeof(size_t) == 0, "block cannot be divided into size_t"); void CRYPTO_cfb128_encrypt(const uint8_t *in, uint8_t *out, size_t len, const AES_KEY *key, uint8_t ivec[16], unsigned *num, diff --git a/crypto/fipsmodule/modes/ctr.c b/crypto/fipsmodule/modes/ctr.c index cea79ad9c..1688f823e 100644 --- a/crypto/fipsmodule/modes/ctr.c +++ b/crypto/fipsmodule/modes/ctr.c @@ -46,8 +46,6 @@ * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== */ -#include - #include #include @@ -70,8 +68,8 @@ static void ctr128_inc(uint8_t *counter) { } while (n); } -OPENSSL_STATIC_ASSERT(16 % sizeof(crypto_word_t) == 0, - "block cannot be divided into crypto_word_t"); +static_assert(16 % sizeof(crypto_word_t) == 0, + "block cannot be divided into crypto_word_t"); // The input encrypted as though 128bit counter mode is being used. The extra // state information to record how much of the 128bit block we have used is diff --git a/crypto/fipsmodule/modes/ofb.c b/crypto/fipsmodule/modes/ofb.c index 9d73d8a30..5effba667 100644 --- a/crypto/fipsmodule/modes/ofb.c +++ b/crypto/fipsmodule/modes/ofb.c @@ -46,16 +46,13 @@ * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== */ -#include - #include #include #include "internal.h" -OPENSSL_STATIC_ASSERT(16 % sizeof(size_t) == 0, - "block cannot be divided into size_t"); +static_assert(16 % sizeof(size_t) == 0, "block cannot be divided into size_t"); void CRYPTO_ofb128_encrypt(const uint8_t *in, uint8_t *out, size_t len, const AES_KEY *key, uint8_t ivec[16], unsigned *num, diff --git a/crypto/fipsmodule/rand/ctrdrbg.c b/crypto/fipsmodule/rand/ctrdrbg.c index d01c7979b..0e8995f4b 100644 --- a/crypto/fipsmodule/rand/ctrdrbg.c +++ b/crypto/fipsmodule/rand/ctrdrbg.c @@ -14,7 +14,8 @@ #include -#include +#include + #include #include "internal.h" @@ -80,8 +81,8 @@ int CTR_DRBG_init(CTR_DRBG_STATE *drbg, return 1; } -OPENSSL_STATIC_ASSERT(CTR_DRBG_ENTROPY_LEN % AES_BLOCK_SIZE == 0, - "not a multiple of AES block size"); +static_assert(CTR_DRBG_ENTROPY_LEN % AES_BLOCK_SIZE == 0, + "not a multiple of AES block size"); // ctr_inc adds |n| to the last four bytes of |drbg->counter|, treated as a // big-endian number. diff --git a/crypto/fipsmodule/rand/fork_detect.c b/crypto/fipsmodule/rand/fork_detect.c index 8dd2c9587..51cf18abc 100644 --- a/crypto/fipsmodule/rand/fork_detect.c +++ b/crypto/fipsmodule/rand/fork_detect.c @@ -21,18 +21,17 @@ #include "fork_detect.h" #if defined(OPENSSL_LINUX) +#include #include #include #include -#include - #include "../delocate.h" #include "../../internal.h" #if defined(MADV_WIPEONFORK) -OPENSSL_STATIC_ASSERT(MADV_WIPEONFORK == 18, "MADV_WIPEONFORK is not 18"); +static_assert(MADV_WIPEONFORK == 18, "MADV_WIPEONFORK is not 18"); #else #define MADV_WIPEONFORK 18 #endif diff --git a/crypto/fipsmodule/rand/rand.c b/crypto/fipsmodule/rand/rand.c index f78e66a0c..bf0f486c4 100644 --- a/crypto/fipsmodule/rand/rand.c +++ b/crypto/fipsmodule/rand/rand.c @@ -25,7 +25,6 @@ #include #include #include -#include #include "internal.h" #include "fork_detect.h" diff --git a/crypto/fipsmodule/rsa/rsa_impl.c b/crypto/fipsmodule/rsa/rsa_impl.c index 095896127..2bef70dac 100644 --- a/crypto/fipsmodule/rsa/rsa_impl.c +++ b/crypto/fipsmodule/rsa/rsa_impl.c @@ -64,7 +64,6 @@ #include #include #include -#include #include "../../internal.h" #include "../bn/internal.h" @@ -406,8 +405,8 @@ static BN_BLINDING *rsa_blinding_get(RSA *rsa, unsigned *index_used, } // Double the length of the cache. - OPENSSL_STATIC_ASSERT(MAX_BLINDINGS_PER_RSA < UINT_MAX / 2, - "MAX_BLINDINGS_PER_RSA too large"); + static_assert(MAX_BLINDINGS_PER_RSA < UINT_MAX / 2, + "MAX_BLINDINGS_PER_RSA too large"); unsigned new_num_blindings = rsa->num_blindings * 2; if (new_num_blindings == 0) { new_num_blindings = 1; @@ -417,9 +416,8 @@ static BN_BLINDING *rsa_blinding_get(RSA *rsa, unsigned *index_used, } assert(new_num_blindings > rsa->num_blindings); - OPENSSL_STATIC_ASSERT( - MAX_BLINDINGS_PER_RSA < UINT_MAX / sizeof(BN_BLINDING *), - "MAX_BLINDINGS_PER_RSA too large"); + static_assert(MAX_BLINDINGS_PER_RSA < UINT_MAX / sizeof(BN_BLINDING *), + "MAX_BLINDINGS_PER_RSA too large"); BN_BLINDING **new_blindings = OPENSSL_malloc(sizeof(BN_BLINDING *) * new_num_blindings); uint8_t *new_blindings_inuse = OPENSSL_malloc(new_num_blindings); diff --git a/crypto/hrss/hrss.c b/crypto/hrss/hrss.c index dd6e97080..572e9817c 100644 --- a/crypto/hrss/hrss.c +++ b/crypto/hrss/hrss.c @@ -1226,10 +1226,10 @@ static void poly_mul_vec_aux(vec_t *restrict out, vec_t *restrict scratch, // poly_mul_vec sets |*out| to |x|×|y| mod (𝑥^n - 1). static void poly_mul_vec(struct POLY_MUL_SCRATCH *scratch, struct poly *out, const struct poly *x, const struct poly *y) { - OPENSSL_STATIC_ASSERT(sizeof(out->v) == sizeof(vec_t) * VECS_PER_POLY, - "struct poly is the wrong size"); - OPENSSL_STATIC_ASSERT(alignof(struct poly) == alignof(vec_t), - "struct poly has incorrect alignment"); + static_assert(sizeof(out->v) == sizeof(vec_t) * VECS_PER_POLY, + "struct poly is the wrong size"); + static_assert(alignof(struct poly) == alignof(vec_t), + "struct poly has incorrect alignment"); poly_assert_normalized(x); poly_assert_normalized(y); @@ -1751,8 +1751,7 @@ static void poly_marshal_mod3(uint8_t out[HRSS_POLY3_BYTES], // function uses that freedom to implement a flatter distribution of values. static void poly_short_sample(struct poly *out, const uint8_t in[HRSS_SAMPLE_BYTES]) { - OPENSSL_STATIC_ASSERT(HRSS_SAMPLE_BYTES == N - 1, - "HRSS_SAMPLE_BYTES incorrect"); + static_assert(HRSS_SAMPLE_BYTES == N - 1, "HRSS_SAMPLE_BYTES incorrect"); for (size_t i = 0; i < N - 1; i++) { uint16_t v = mod3(in[i]); // Map {0, 1, 2} -> {0, 1, 0xffff} @@ -1921,7 +1920,7 @@ struct private_key { // that up.) static struct public_key *public_key_from_external( struct HRSS_public_key *ext) { - OPENSSL_STATIC_ASSERT( + static_assert( sizeof(struct HRSS_public_key) >= sizeof(struct public_key) + 15, "HRSS public key too small"); @@ -1933,7 +1932,7 @@ static struct public_key *public_key_from_external( // issues. static struct private_key *private_key_from_external( struct HRSS_private_key *ext) { - OPENSSL_STATIC_ASSERT( + static_assert( sizeof(struct HRSS_private_key) >= sizeof(struct private_key) + 15, "HRSS private key too small"); @@ -2110,8 +2109,8 @@ int HRSS_decap(uint8_t out_shared_key[HRSS_KEY_BYTES], // This is HMAC, expanded inline rather than using the |HMAC| function so that // we can avoid dealing with possible allocation failures and so keep this // function infallible. - OPENSSL_STATIC_ASSERT(sizeof(priv->hmac_key) <= sizeof(vars->masked_key), - "HRSS HMAC key larger than SHA-256 block size"); + static_assert(sizeof(priv->hmac_key) <= sizeof(vars->masked_key), + "HRSS HMAC key larger than SHA-256 block size"); for (size_t i = 0; i < sizeof(priv->hmac_key); i++) { vars->masked_key[i] = priv->hmac_key[i] ^ 0x36; } @@ -2133,8 +2132,8 @@ int HRSS_decap(uint8_t out_shared_key[HRSS_KEY_BYTES], SHA256_Init(&vars->hash_ctx); SHA256_Update(&vars->hash_ctx, vars->masked_key, sizeof(vars->masked_key)); SHA256_Update(&vars->hash_ctx, inner_digest, sizeof(inner_digest)); - OPENSSL_STATIC_ASSERT(HRSS_KEY_BYTES == SHA256_DIGEST_LENGTH, - "HRSS shared key length incorrect"); + static_assert(HRSS_KEY_BYTES == SHA256_DIGEST_LENGTH, + "HRSS shared key length incorrect"); SHA256_Final(out_shared_key, &vars->hash_ctx); // If the ciphertext is publicly invalid then a random shared key is still @@ -2187,8 +2186,8 @@ int HRSS_decap(uint8_t out_shared_key[HRSS_KEY_BYTES], // The |poly_marshal| here then is just confirming that |poly_unmarshal| is // strict and could be omitted. - OPENSSL_STATIC_ASSERT(HRSS_CIPHERTEXT_BYTES == POLY_BYTES, - "ciphertext is the wrong size"); + static_assert(HRSS_CIPHERTEXT_BYTES == POLY_BYTES, + "ciphertext is the wrong size"); assert(ciphertext_len == sizeof(vars->expected_ciphertext)); poly_marshal(vars->expected_ciphertext, &vars->c); diff --git a/crypto/hrss/hrss_test.cc b/crypto/hrss/hrss_test.cc index 31a1560f1..8c4d15f33 100644 --- a/crypto/hrss/hrss_test.cc +++ b/crypto/hrss/hrss_test.cc @@ -490,7 +490,7 @@ TEST(HRSS, ABI) { alignas(16) uint16_t b[N + 3] = {0}; uint8_t kCanary[256]; - OPENSSL_STATIC_ASSERT(sizeof(kCanary) % 32 == 0, "needed for alignment"); + static_assert(sizeof(kCanary) % 32 == 0, "needed for alignment"); memset(kCanary, 42, sizeof(kCanary)); alignas(32) uint8_t scratch[sizeof(kCanary) + POLY_MUL_RQ_SCRATCH_SPACE + sizeof(kCanary)]; diff --git a/crypto/mem.c b/crypto/mem.c index fde1b3074..c90bb162b 100644 --- a/crypto/mem.c +++ b/crypto/mem.c @@ -72,8 +72,7 @@ OPENSSL_MSVC_PRAGMA(warning(pop)) #define OPENSSL_MALLOC_PREFIX 8 -OPENSSL_STATIC_ASSERT(OPENSSL_MALLOC_PREFIX >= sizeof(size_t), - "size_t too large"); +static_assert(OPENSSL_MALLOC_PREFIX >= sizeof(size_t), "size_t too large"); #if defined(OPENSSL_ASAN) void __asan_poison_memory_region(const volatile void *addr, size_t size); diff --git a/crypto/poly1305/poly1305.c b/crypto/poly1305/poly1305.c index e4e629804..3017e327e 100644 --- a/crypto/poly1305/poly1305.c +++ b/crypto/poly1305/poly1305.c @@ -18,6 +18,7 @@ #include +#include #include #include "internal.h" @@ -48,7 +49,7 @@ struct poly1305_state_st { uint8_t key[16]; }; -OPENSSL_STATIC_ASSERT( +static_assert( sizeof(struct poly1305_state_st) + 63 <= sizeof(poly1305_state), "poly1305_state isn't large enough to hold aligned poly1305_state_st"); diff --git a/crypto/poly1305/poly1305_arm.c b/crypto/poly1305/poly1305_arm.c index d6f034c65..d01e0b73d 100644 --- a/crypto/poly1305/poly1305_arm.c +++ b/crypto/poly1305/poly1305_arm.c @@ -17,6 +17,7 @@ #include +#include #include #include "../internal.h" @@ -183,7 +184,7 @@ struct poly1305_state_st { uint8_t key[16]; }; -OPENSSL_STATIC_ASSERT( +static_assert( sizeof(struct poly1305_state_st) + 63 <= sizeof(poly1305_state), "poly1305_state isn't large enough to hold aligned poly1305_state_st."); diff --git a/crypto/poly1305/poly1305_vec.c b/crypto/poly1305/poly1305_vec.c index 073050883..209b40338 100644 --- a/crypto/poly1305/poly1305_vec.c +++ b/crypto/poly1305/poly1305_vec.c @@ -20,6 +20,8 @@ #include +#include + #include "../internal.h" @@ -76,9 +78,10 @@ typedef struct poly1305_state_internal_t { } poly1305_state_internal; /* 448 bytes total + 63 bytes for alignment = 511 bytes raw */ -OPENSSL_STATIC_ASSERT( - sizeof(struct poly1305_state_internal_t) + 63 <= sizeof(poly1305_state), - "poly1305_state isn't large enough to hold aligned poly1305_state_internal_t"); +static_assert(sizeof(struct poly1305_state_internal_t) + 63 <= + sizeof(poly1305_state), + "poly1305_state isn't large enough to hold aligned " + "poly1305_state_internal_t"); static inline poly1305_state_internal *poly1305_aligned_state( poly1305_state *state) { diff --git a/crypto/refcount_c11.c b/crypto/refcount_c11.c index 0a331a45d..a1781c66a 100644 --- a/crypto/refcount_c11.c +++ b/crypto/refcount_c11.c @@ -22,8 +22,6 @@ #include #include -#include - // See comment above the typedef of CRYPTO_refcount_t about these tests. static_assert(alignof(CRYPTO_refcount_t) == alignof(_Atomic CRYPTO_refcount_t), diff --git a/crypto/refcount_lock.c b/crypto/refcount_lock.c index fb1c11f6b..173267e38 100644 --- a/crypto/refcount_lock.c +++ b/crypto/refcount_lock.c @@ -14,15 +14,14 @@ #include "internal.h" +#include #include -#include - #if !defined(OPENSSL_C11_ATOMIC) -OPENSSL_STATIC_ASSERT((CRYPTO_refcount_t)-1 == CRYPTO_REFCOUNT_MAX, - "CRYPTO_REFCOUNT_MAX is incorrect"); +static_assert((CRYPTO_refcount_t)-1 == CRYPTO_REFCOUNT_MAX, + "CRYPTO_REFCOUNT_MAX is incorrect"); static struct CRYPTO_STATIC_MUTEX g_refcount_lock = CRYPTO_STATIC_MUTEX_INIT; diff --git a/crypto/thread_pthread.c b/crypto/thread_pthread.c index 1b8329429..08bdd5a75 100644 --- a/crypto/thread_pthread.c +++ b/crypto/thread_pthread.c @@ -16,18 +16,18 @@ #if defined(OPENSSL_PTHREADS) +#include #include #include #include #include -#include -OPENSSL_STATIC_ASSERT(sizeof(CRYPTO_MUTEX) >= sizeof(pthread_rwlock_t), - "CRYPTO_MUTEX is too small"); -OPENSSL_STATIC_ASSERT(alignof(CRYPTO_MUTEX) >= alignof(pthread_rwlock_t), - "CRYPTO_MUTEX has insufficient alignment"); +static_assert(sizeof(CRYPTO_MUTEX) >= sizeof(pthread_rwlock_t), + "CRYPTO_MUTEX is too small"); +static_assert(alignof(CRYPTO_MUTEX) >= alignof(pthread_rwlock_t), + "CRYPTO_MUTEX has insufficient alignment"); void CRYPTO_MUTEX_init(CRYPTO_MUTEX *lock) { if (pthread_rwlock_init((pthread_rwlock_t *) lock, NULL) != 0) { diff --git a/crypto/thread_win.c b/crypto/thread_win.c index 1065884f1..3b61bfcfc 100644 --- a/crypto/thread_win.c +++ b/crypto/thread_win.c @@ -20,17 +20,17 @@ OPENSSL_MSVC_PRAGMA(warning(push, 3)) #include OPENSSL_MSVC_PRAGMA(warning(pop)) +#include #include #include #include -#include -OPENSSL_STATIC_ASSERT(sizeof(CRYPTO_MUTEX) >= sizeof(SRWLOCK), - "CRYPTO_MUTEX is too small"); -OPENSSL_STATIC_ASSERT(alignof(CRYPTO_MUTEX) >= alignof(SRWLOCK), - "CRYPTO_MUTEX has insufficient alignment"); +static_assert(sizeof(CRYPTO_MUTEX) >= sizeof(SRWLOCK), + "CRYPTO_MUTEX is too small"); +static_assert(alignof(CRYPTO_MUTEX) >= alignof(SRWLOCK), + "CRYPTO_MUTEX has insufficient alignment"); static BOOL CALLBACK call_once_init(INIT_ONCE *once, void *arg, void **out) { void (**init)(void) = (void (**)(void))arg; diff --git a/include/openssl/ssl3.h b/include/openssl/ssl3.h index 533142ccf..190bca4c4 100644 --- a/include/openssl/ssl3.h +++ b/include/openssl/ssl3.h @@ -118,7 +118,6 @@ #define OPENSSL_HEADER_SSL3_H #include -#include #ifdef __cplusplus extern "C" { @@ -251,10 +250,6 @@ extern "C" { #define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \ (EVP_AEAD_MAX_OVERHEAD + EVP_AEAD_MAX_NONCE_LENGTH) -OPENSSL_STATIC_ASSERT(SSL3_RT_MAX_ENCRYPTED_OVERHEAD >= - SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD, - "max overheads are inconsistent"); - // SSL3_RT_MAX_COMPRESSED_LENGTH is an alias for // |SSL3_RT_MAX_PLAIN_LENGTH|. Compression is gone, so don't include the // compression overhead. diff --git a/include/openssl/stack.h b/include/openssl/stack.h index 7b95f3466..585027550 100644 --- a/include/openssl/stack.h +++ b/include/openssl/stack.h @@ -59,8 +59,6 @@ #include -#include - #if defined(__cplusplus) extern "C" { #endif diff --git a/include/openssl/type_check.h b/include/openssl/type_check.h index 41de895d0..6460ab14d 100644 --- a/include/openssl/type_check.h +++ b/include/openssl/type_check.h @@ -64,22 +64,6 @@ extern "C" { #endif -#if defined(__cplusplus) || (defined(_MSC_VER) && !defined(__clang__)) -// In C++ and non-clang MSVC, |static_assert| is a keyword. -#define OPENSSL_STATIC_ASSERT(cond, msg) static_assert(cond, msg) -#else -// C11 defines the |_Static_assert| keyword and the |static_assert| macro in -// assert.h. While the former is available at all versions in Clang and GCC, the -// later depends on libc and, in glibc, depends on being built in C11 mode. We -// require C11 mode to build the library but, for now, do not require it in -// public headers. Use |_Static_assert| directly. -// -// TODO(davidben): In July 2022, if the C11 change has not been reverted, switch -// all uses of this macro within the library to C11 |static_assert|. This macro -// will only be necessary in public headers. -#define OPENSSL_STATIC_ASSERT(cond, msg) _Static_assert(cond, msg) -#endif - // CHECKED_CAST casts |p| from type |from| to type |to|. // // TODO(davidben): Although this macro is not public API and is unused in diff --git a/rust/wrapper.h b/rust/wrapper.h index aa5aeedb3..ff63244cc 100644 --- a/rust/wrapper.h +++ b/rust/wrapper.h @@ -70,7 +70,6 @@ #include "../include/openssl/thread.h" #include "../include/openssl/tls1.h" #include "../include/openssl/trust_token.h" -#include "../include/openssl/type_check.h" #include "../include/openssl/x509.h" #include "../include/openssl/x509_vfy.h" #include "../include/openssl/x509v3.h" diff --git a/ssl/ssl_lib.cc b/ssl/ssl_lib.cc index 4d3ad446e..56bc5c22e 100644 --- a/ssl/ssl_lib.cc +++ b/ssl/ssl_lib.cc @@ -166,6 +166,10 @@ BSSL_NAMESPACE_BEGIN +static_assert(SSL3_RT_MAX_ENCRYPTED_OVERHEAD >= + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD, + "max overheads are inconsistent"); + // |SSL_R_UNKNOWN_PROTOCOL| is no longer emitted, but continue to define it // to avoid downstream churn. OPENSSL_DECLARE_ERROR_REASON(SSL, UNKNOWN_PROTOCOL)