studio/cli
2
0
Fork 0
Code Issues Pull Requests Actions Packages Releases 4 Wiki Activity

chore: checkpoint before Python removal

Browse Source
This commit is contained in:
Sienna Meridian Satterwhite
2026-03-26 22:33:59 +00:00
parent 683cec9307
commit e568ddf82a
29972 changed files with 11269302 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
vendor/aws-lc-sys/aws-lc/crypto/pool/internal.h vendored Normal file
View File

@@ -0,0 +1,39 @@
// Copyright (c) 2016, Google Inc.
// SPDX-License-Identifier: ISC
#ifndef OPENSSL_HEADER_POOL_INTERNAL_H
#define OPENSSL_HEADER_POOL_INTERNAL_H
#include <openssl/lhash.h>
#include <openssl/thread.h>
#include "../lhash/internal.h"
#if defined(__cplusplus)
extern "C" {
#endif
DEFINE_LHASH_OF(CRYPTO_BUFFER)
struct crypto_buffer_st {
CRYPTO_BUFFER_POOL *pool;
uint8_t *data;
size_t len;
CRYPTO_refcount_t references;
int data_is_static;
};
struct crypto_buffer_pool_st {
LHASH_OF(CRYPTO_BUFFER) *bufs;
CRYPTO_MUTEX lock;
const uint64_t hash_key[2];
};
#if defined(__cplusplus)
} // extern C
#endif
#endif // OPENSSL_HEADER_POOL_INTERNAL_H

250
vendor/aws-lc-sys/aws-lc/crypto/pool/pool.c vendored Normal file
View File

@@ -0,0 +1,250 @@
// Copyright (c) 2016, Google Inc.
// SPDX-License-Identifier: ISC
#include <openssl/pool.h>
#include <assert.h>
#include <string.h>
#include <openssl/bytestring.h>
#include <openssl/mem.h>
#include <openssl/rand.h>
#include <openssl/siphash.h>
#include <openssl/thread.h>
#include "../internal.h"
#include "internal.h"
static uint32_t CRYPTO_BUFFER_hash(const CRYPTO_BUFFER *buf) {
return (uint32_t)SIPHASH_24(buf->pool->hash_key, buf->data, buf->len);
}
static int CRYPTO_BUFFER_cmp(const CRYPTO_BUFFER *a, const CRYPTO_BUFFER *b) {
// Only |CRYPTO_BUFFER|s from the same pool have compatible hashes.
assert(a->pool != NULL);
assert(a->pool == b->pool);
if (a->len != b->len) {
return 1;
}
return OPENSSL_memcmp(a->data, b->data, a->len);
}
CRYPTO_BUFFER_POOL* CRYPTO_BUFFER_POOL_new(void) {
CRYPTO_BUFFER_POOL *pool = OPENSSL_zalloc(sizeof(CRYPTO_BUFFER_POOL));
if (pool == NULL) {
return NULL;
}
pool->bufs = lh_CRYPTO_BUFFER_new(CRYPTO_BUFFER_hash, CRYPTO_BUFFER_cmp);
if (pool->bufs == NULL) {
OPENSSL_free(pool);
return NULL;
}
CRYPTO_MUTEX_init(&pool->lock);
AWSLC_ABORT_IF_NOT_ONE(RAND_bytes((uint8_t *)&pool->hash_key, sizeof(pool->hash_key)));
return pool;
}
void CRYPTO_BUFFER_POOL_free(CRYPTO_BUFFER_POOL *pool) {
if (pool == NULL) {
return;
}
#if !defined(NDEBUG)
CRYPTO_MUTEX_lock_write(&pool->lock);
assert(lh_CRYPTO_BUFFER_num_items(pool->bufs) == 0);
CRYPTO_MUTEX_unlock_write(&pool->lock);
#endif
lh_CRYPTO_BUFFER_free(pool->bufs);
CRYPTO_MUTEX_cleanup(&pool->lock);
OPENSSL_free(pool);
}
static void crypto_buffer_free_object(CRYPTO_BUFFER *buf) {
if (!buf->data_is_static) {
OPENSSL_free(buf->data);
}
OPENSSL_free(buf);
}
static CRYPTO_BUFFER *crypto_buffer_new(const uint8_t *data, size_t len,
int data_is_static,
CRYPTO_BUFFER_POOL *pool) {
if (pool != NULL) {
CRYPTO_BUFFER tmp;
tmp.data = (uint8_t *) data;
tmp.len = len;
tmp.pool = pool;
CRYPTO_MUTEX_lock_read(&pool->lock);
CRYPTO_BUFFER *duplicate = lh_CRYPTO_BUFFER_retrieve(pool->bufs, &tmp);
if (data_is_static && duplicate != NULL && !duplicate->data_is_static) {
// If the new |CRYPTO_BUFFER| would have static data, but the duplicate
// does not, we replace the old one with the new static version.
duplicate = NULL;
}
if (duplicate != NULL) {
CRYPTO_refcount_inc(&duplicate->references);
}
CRYPTO_MUTEX_unlock_read(&pool->lock);
if (duplicate != NULL) {
return duplicate;
}
}
CRYPTO_BUFFER *const buf = OPENSSL_zalloc(sizeof(CRYPTO_BUFFER));
if (buf == NULL) {
return NULL;
}
if (data_is_static) {
buf->data = (uint8_t *)data;
buf->data_is_static = 1;
} else {
buf->data = OPENSSL_memdup(data, len);
if (len != 0 && buf->data == NULL) {
OPENSSL_free(buf);
return NULL;
}
}
buf->len = len;
buf->references = 1;
if (pool == NULL) {
return buf;
}
buf->pool = pool;
CRYPTO_MUTEX_lock_write(&pool->lock);
CRYPTO_BUFFER *duplicate = lh_CRYPTO_BUFFER_retrieve(pool->bufs, buf);
if (data_is_static && duplicate != NULL && !duplicate->data_is_static) {
// If the new |CRYPTO_BUFFER| would have static data, but the duplicate does
// not, we replace the old one with the new static version.
duplicate = NULL;
}
int inserted = 0;
if (duplicate == NULL) {
CRYPTO_BUFFER *old = NULL;
inserted = lh_CRYPTO_BUFFER_insert(pool->bufs, &old, buf);
// |old| may be non-NULL if a match was found but ignored. |pool->bufs| does
// not increment refcounts, so there is no need to clean up after the
// replacement.
} else {
CRYPTO_refcount_inc(&duplicate->references);
}
CRYPTO_MUTEX_unlock_write(&pool->lock);
if (!inserted) {
// We raced to insert |buf| into the pool and lost, or else there was an
// error inserting.
crypto_buffer_free_object(buf);
return duplicate;
}
return buf;
}
CRYPTO_BUFFER *CRYPTO_BUFFER_new(const uint8_t *data, size_t len,
CRYPTO_BUFFER_POOL *pool) {
return crypto_buffer_new(data, len, /*data_is_static=*/0, pool);
}
CRYPTO_BUFFER *CRYPTO_BUFFER_alloc(uint8_t **out_data, size_t len) {
CRYPTO_BUFFER *const buf = OPENSSL_zalloc(sizeof(CRYPTO_BUFFER));
if (buf == NULL) {
return NULL;
}
buf->data = OPENSSL_malloc(len);
if (len != 0 && buf->data == NULL) {
OPENSSL_free(buf);
return NULL;
}
buf->len = len;
buf->references = 1;
*out_data = buf->data;
return buf;
}
CRYPTO_BUFFER *CRYPTO_BUFFER_new_from_CBS(const CBS *cbs,
CRYPTO_BUFFER_POOL *pool) {
return CRYPTO_BUFFER_new(CBS_data(cbs), CBS_len(cbs), pool);
}
CRYPTO_BUFFER *CRYPTO_BUFFER_new_from_static_data_unsafe(
const uint8_t *data, size_t len, CRYPTO_BUFFER_POOL *pool) {
return crypto_buffer_new(data, len, /*data_is_static=*/1, pool);
}
void CRYPTO_BUFFER_free(CRYPTO_BUFFER *buf) {
if (buf == NULL) {
return;
}
CRYPTO_BUFFER_POOL *const pool = buf->pool;
if (pool == NULL) {
if (CRYPTO_refcount_dec_and_test_zero(&buf->references)) {
// If a reference count of zero is observed, there cannot be a reference
// from any pool to this buffer and thus we are able to free this
// buffer.
crypto_buffer_free_object(buf);
}
return;
}
CRYPTO_MUTEX_lock_write(&pool->lock);
if (!CRYPTO_refcount_dec_and_test_zero(&buf->references)) {
CRYPTO_MUTEX_unlock_write(&buf->pool->lock);
return;
}
// We have an exclusive lock on the pool, therefore no concurrent lookups can
// find this buffer and increment the reference count. Thus, if the count is
// zero there are and can never be any more references and thus we can free
// this buffer.
//
// Note it is possible |buf| is no longer in the pool, if it was replaced by a
// static version. If that static version was since removed, it is even
// possible for |found| to be NULL.
CRYPTO_BUFFER *found = lh_CRYPTO_BUFFER_retrieve(pool->bufs, buf);
if (found == buf) {
found = lh_CRYPTO_BUFFER_delete(pool->bufs, buf);
assert(found == buf);
(void)found;
}
CRYPTO_MUTEX_unlock_write(&buf->pool->lock);
crypto_buffer_free_object(buf);
}
int CRYPTO_BUFFER_up_ref(CRYPTO_BUFFER *buf) {
// This is safe in the case that |buf->pool| is NULL because it's just
// standard reference counting in that case.
//
// This is also safe if |buf->pool| is non-NULL because, if it were racing
// with |CRYPTO_BUFFER_free| then the two callers must have independent
// references already and so the reference count will never hit zero.
CRYPTO_refcount_inc(&buf->references);
return 1;
}
const uint8_t *CRYPTO_BUFFER_data(const CRYPTO_BUFFER *buf) {
return buf->data;
}
size_t CRYPTO_BUFFER_len(const CRYPTO_BUFFER *buf) {
return buf->len;
}
void CRYPTO_BUFFER_init_CBS(const CRYPTO_BUFFER *buf, CBS *out) {
CBS_init(out, buf->data, buf->len);
}

202
vendor/aws-lc-sys/aws-lc/crypto/pool/pool_test.cc vendored Normal file
View File

@@ -0,0 +1,202 @@
// Copyright (c) 2016, Google Inc.
// SPDX-License-Identifier: ISC
#include <gtest/gtest.h>
#include <openssl/pool.h>
#include "internal.h"
#include "../test/test_util.h"
#if defined(OPENSSL_THREADS)
#include <chrono>
#include <thread>
#endif
TEST(PoolTest, Unpooled) {
static const uint8_t kData[4] = {1, 2, 3, 4};
bssl::UniquePtr<CRYPTO_BUFFER> buf(
CRYPTO_BUFFER_new(kData, sizeof(kData), nullptr));
ASSERT_TRUE(buf);
EXPECT_EQ(Bytes(kData),
Bytes(CRYPTO_BUFFER_data(buf.get()), CRYPTO_BUFFER_len(buf.get())));
// Test that reference-counting works properly.
bssl::UniquePtr<CRYPTO_BUFFER> buf2 = bssl::UpRef(buf);
bssl::UniquePtr<CRYPTO_BUFFER> buf_static(
CRYPTO_BUFFER_new_from_static_data_unsafe(kData, sizeof(kData), nullptr));
ASSERT_TRUE(buf_static);
EXPECT_EQ(kData, CRYPTO_BUFFER_data(buf_static.get()));
EXPECT_EQ(sizeof(kData), CRYPTO_BUFFER_len(buf_static.get()));
// Test that reference-counting works properly.
bssl::UniquePtr<CRYPTO_BUFFER> buf_static2 = bssl::UpRef(buf_static);
}
TEST(PoolTest, Empty) {
bssl::UniquePtr<CRYPTO_BUFFER> buf(CRYPTO_BUFFER_new(nullptr, 0, nullptr));
ASSERT_TRUE(buf);
EXPECT_EQ(Bytes(""),
Bytes(CRYPTO_BUFFER_data(buf.get()), CRYPTO_BUFFER_len(buf.get())));
bssl::UniquePtr<CRYPTO_BUFFER> buf_static(
CRYPTO_BUFFER_new_from_static_data_unsafe(nullptr, 0, nullptr));
ASSERT_TRUE(buf_static);
EXPECT_EQ(nullptr, CRYPTO_BUFFER_data(buf_static.get()));
EXPECT_EQ(0u, CRYPTO_BUFFER_len(buf_static.get()));
}
TEST(PoolTest, Pooled) {
bssl::UniquePtr<CRYPTO_BUFFER_POOL> pool(CRYPTO_BUFFER_POOL_new());
ASSERT_TRUE(pool);
static const uint8_t kData1[4] = {1, 2, 3, 4};
bssl::UniquePtr<CRYPTO_BUFFER> buf(
CRYPTO_BUFFER_new(kData1, sizeof(kData1), pool.get()));
ASSERT_TRUE(buf);
EXPECT_EQ(Bytes(kData1),
Bytes(CRYPTO_BUFFER_data(buf.get()), CRYPTO_BUFFER_len(buf.get())));
bssl::UniquePtr<CRYPTO_BUFFER> buf2(
CRYPTO_BUFFER_new(kData1, sizeof(kData1), pool.get()));
ASSERT_TRUE(buf2);
EXPECT_EQ(Bytes(kData1), Bytes(CRYPTO_BUFFER_data(buf2.get()),
CRYPTO_BUFFER_len(buf2.get())));
EXPECT_EQ(buf.get(), buf2.get()) << "CRYPTO_BUFFER_POOL did not dedup data.";
// Different inputs do not get deduped.
static const uint8_t kData2[4] = {5, 6, 7, 8};
bssl::UniquePtr<CRYPTO_BUFFER> buf3(
CRYPTO_BUFFER_new(kData2, sizeof(kData2), pool.get()));
ASSERT_TRUE(buf3);
EXPECT_EQ(Bytes(kData2), Bytes(CRYPTO_BUFFER_data(buf3.get()),
CRYPTO_BUFFER_len(buf3.get())));
EXPECT_NE(buf.get(), buf3.get());
// When the last refcount on |buf3| is dropped, it is removed from the pool.
buf3 = nullptr;
EXPECT_EQ(1u, lh_CRYPTO_BUFFER_num_items(pool->bufs));
// Static buffers participate in pooling.
buf3.reset(CRYPTO_BUFFER_new_from_static_data_unsafe(kData2, sizeof(kData2),
pool.get()));
ASSERT_TRUE(buf3);
EXPECT_EQ(kData2, CRYPTO_BUFFER_data(buf3.get()));
EXPECT_EQ(sizeof(kData2), CRYPTO_BUFFER_len(buf3.get()));
EXPECT_NE(buf.get(), buf3.get());
bssl::UniquePtr<CRYPTO_BUFFER> buf4(
CRYPTO_BUFFER_new(kData2, sizeof(kData2), pool.get()));
EXPECT_EQ(buf4.get(), buf3.get());
bssl::UniquePtr<CRYPTO_BUFFER> buf5(CRYPTO_BUFFER_new_from_static_data_unsafe(
kData2, sizeof(kData2), pool.get()));
EXPECT_EQ(buf5.get(), buf3.get());
// When creating a static buffer, if there is already a non-static buffer, it
// replaces the old buffer.
bssl::UniquePtr<CRYPTO_BUFFER> buf6(CRYPTO_BUFFER_new_from_static_data_unsafe(
kData1, sizeof(kData1), pool.get()));
ASSERT_TRUE(buf6);
EXPECT_EQ(kData1, CRYPTO_BUFFER_data(buf6.get()));
EXPECT_EQ(sizeof(kData1), CRYPTO_BUFFER_len(buf6.get()));
EXPECT_NE(buf.get(), buf6.get());
// Subsequent lookups of |kData1| should return |buf6|.
bssl::UniquePtr<CRYPTO_BUFFER> buf7(
CRYPTO_BUFFER_new(kData1, sizeof(kData1), pool.get()));
EXPECT_EQ(buf7.get(), buf6.get());
}
#if defined(OPENSSL_THREADS)
TEST(PoolTest, Threads) {
bssl::UniquePtr<CRYPTO_BUFFER_POOL> pool(CRYPTO_BUFFER_POOL_new());
ASSERT_TRUE(pool);
// Race threads making pooled |CRYPTO_BUFFER|s.
static const uint8_t kData[4] = {1, 2, 3, 4};
static const uint8_t kData2[3] = {4, 5, 6};
bssl::UniquePtr<CRYPTO_BUFFER> buf, buf2, buf3;
{
std::thread thread([&] {
buf.reset(CRYPTO_BUFFER_new(kData, sizeof(kData), pool.get()));
});
std::thread thread2([&] {
buf2.reset(CRYPTO_BUFFER_new(kData, sizeof(kData), pool.get()));
});
buf3.reset(CRYPTO_BUFFER_new(kData2, sizeof(kData2), pool.get()));
thread.join();
thread2.join();
}
ASSERT_TRUE(buf);
ASSERT_TRUE(buf2);
ASSERT_TRUE(buf3);
EXPECT_EQ(buf.get(), buf2.get()) << "CRYPTO_BUFFER_POOL did not dedup data.";
EXPECT_NE(buf.get(), buf3.get())
<< "CRYPTO_BUFFER_POOL incorrectly deduped data.";
EXPECT_EQ(Bytes(kData),
Bytes(CRYPTO_BUFFER_data(buf.get()), CRYPTO_BUFFER_len(buf.get())));
EXPECT_EQ(Bytes(kData2), Bytes(CRYPTO_BUFFER_data(buf3.get()),
CRYPTO_BUFFER_len(buf3.get())));
// Reference-counting of |CRYPTO_BUFFER| interacts with pooling. Race an
// increment and free.
{
bssl::UniquePtr<CRYPTO_BUFFER> buf_ref;
std::thread thread([&] { buf_ref = bssl::UpRef(buf); });
buf2.reset();
thread.join();
}
// |buf|'s data is still valid.
EXPECT_EQ(Bytes(kData), Bytes(CRYPTO_BUFFER_data(buf.get()),
CRYPTO_BUFFER_len(buf.get())));
// Race a thread re-creating the |CRYPTO_BUFFER| with another thread freeing
// it. Do this twice with sleeps so ThreadSanitizer can observe two different
// interleavings. Ideally we would run this test under a tool that could
// search all interleavings.
{
std::thread thread([&] {
std::this_thread::sleep_for(std::chrono::milliseconds(1));
buf.reset();
});
buf2.reset(CRYPTO_BUFFER_new(kData, sizeof(kData), pool.get()));
thread.join();
ASSERT_TRUE(buf2);
EXPECT_EQ(Bytes(kData), Bytes(CRYPTO_BUFFER_data(buf2.get()),
CRYPTO_BUFFER_len(buf2.get())));
buf = std::move(buf2);
}
{
std::thread thread([&] { buf.reset(); });
std::this_thread::sleep_for(std::chrono::milliseconds(1));
buf2.reset(CRYPTO_BUFFER_new(kData, sizeof(kData), pool.get()));
thread.join();
ASSERT_TRUE(buf2);
EXPECT_EQ(Bytes(kData), Bytes(CRYPTO_BUFFER_data(buf2.get()),
CRYPTO_BUFFER_len(buf2.get())));
buf = std::move(buf2);
}
// Finally, race the frees.
{
buf2 = bssl::UpRef(buf);
std::thread thread([&] { buf.reset(); });
std::thread thread2([&] { buf3.reset(); });
buf2.reset();
thread.join();
thread2.join();
}
}
#endif