int s2n_map_add(struct s2n_map *map, struct s2n_blob *key, struct s2n_blob *value) { if (map->immutable) { S2N_ERROR(S2N_ERR_MAP_IMMUTABLE); } if (map->capacity < (map->size * 2)) { /* Embiggen the map */ GUARD(s2n_map_embiggen(map, map->capacity * 2)); } uint32_t slot = s2n_map_slot(map, key); /* Linear probing until we find an empty slot */ while(map->table[slot].key.size) { if (key->size != map->table[slot].key.size || memcmp(key->data, map->table[slot].key.data, key->size)) { slot++; slot %= map->capacity; continue; } /* We found a duplicate key */ S2N_ERROR(S2N_ERR_MAP_DUPLICATE); } GUARD(s2n_dup(key, &map->table[slot].key)); GUARD(s2n_dup(value, &map->table[slot].value)); map->size++; return 0; }
/* Determines cipher suite availability and selects record algorithms */ int s2n_cipher_suites_init(void) { const int num_cipher_suites = sizeof(s2n_all_cipher_suites) / sizeof(s2n_all_cipher_suites[0]); for (int i = 0; i < num_cipher_suites; i++) { struct s2n_cipher_suite *cur_suite = s2n_all_cipher_suites[i]; cur_suite->available = 0; cur_suite->record_alg = NULL; /* Find the highest priority supported record algorithm */ for (int j = 0; j < cur_suite->num_record_algs; j++) { /* Can we use the record algorithm's cipher? Won't be available if the system CPU architecture * doesn't support it or if the libcrypto lacks the feature. All hmac_algs are supported. */ if (cur_suite->all_record_algs[j]->cipher->is_available()) { /* Found a supported record algorithm. Use it. */ cur_suite->available = 1; cur_suite->record_alg = cur_suite->all_record_algs[j]; break; } } /* Initialize SSLv3 cipher suite if SSLv3 utilizes a different record algorithm */ if (cur_suite->sslv3_record_alg && cur_suite->sslv3_record_alg->cipher->is_available()) { struct s2n_blob cur_suite_mem = {.data = (uint8_t *) cur_suite, .size = sizeof(struct s2n_cipher_suite)}; struct s2n_blob new_suite_mem = {0}; GUARD(s2n_dup(&cur_suite_mem, &new_suite_mem)); struct s2n_cipher_suite *new_suite = (struct s2n_cipher_suite *)(void *) new_suite_mem.data; new_suite->available = 1; new_suite->record_alg = cur_suite->sslv3_record_alg; cur_suite->sslv3_cipher_suite = new_suite; } else { cur_suite->sslv3_cipher_suite = cur_suite; } } #if !S2N_OPENSSL_VERSION_AT_LEAST(1, 1, 0) /*https://wiki.openssl.org/index.php/Manual:OpenSSL_add_all_algorithms(3)*/ OpenSSL_add_all_algorithms(); #else OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS | OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL); #endif return 0; }
int s2n_kem_server_key_recv_parse_data(struct s2n_connection *conn, union s2n_kex_raw_server_data *raw_server_data) { s2n_dup(&raw_server_data->kem_data.raw_public_key, &conn->secure.s2n_kem_keys.public_key); return 0; }