diff --git a/.gitignore b/.gitignore index aea9e1e..f10c77c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ nimcache/ *.exe +gen diff --git a/README.md b/README.md index 402d71f..50ae5bd 100644 --- a/README.md +++ b/README.md @@ -7,15 +7,51 @@ [![License: Apache](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) ![Github action](https://github.com/status-im/nim-bearssl/workflows/CI/badge.svg) -[BearSSL](https://bearssl.org/) wrapper. +Simple [BearSSL](https://bearssl.org/) wrapper for Nim, fully integrated with the Nim build system. + +Applications using `nim-bearssl` are fully stand-alone, needing no additional DLL or shared library. + +## Usage + +The library is organised into two parts: + +* `bearssl/` (except for `abi`) exposes thin wrappers around the raw ABI making the functions more convenient to use in Nim +* `bearssl/abi` exposes the raw C functions of bearssl + +For each `bearssl` header file, a corresponding Nim file exists - `bearssl_rand.h` ~ `bearssl/rand.nim`. + +```nim +# You can import the whole library +import bearssl + +# ... or simply parts thereof, which can save compilation time +import bearssl/rand +``` + +In general, the mappings follow the conventions of the original BearSSL library closely. The following conventions exist: + +* the `br_` prefix has been dropped throughout +* functions taking a `XxxContext*` use `var` and not `ptr` +* `byte` replaces `unsigned char*` - this type is predominantly used for byte buffers +* `uint` used instead of `csize_t` - these are the same type in Nim, but spelled more conveniently + * Canonical nim code will have to be careful when converting existing `int` lengths, looking out for out-of-range values ## Installation -You can install the developement version of the library through nimble with the following command +You can install the developement version of the library through nimble with the following command: + ``` nimble install bearssl ``` +`BearSSL` itself is compiled as part of your project - there is no need to install any third-party libraries. + +## Developer notes + +When updating the library, `c2nim` is used via `regenerate.sh` to update the RAW ABI files. Manual editing is then needed to make a few adjustments to the mapping, after which the files can be generated. + +When adding new convenience functions, these should be added to `bearssl/` instead of the generated files. + ## License Licensed and distributed under either of diff --git a/bearssl.nim b/bearssl.nim index 1553569..cf49d1d 100644 --- a/bearssl.nim +++ b/bearssl.nim @@ -1,12 +1,32 @@ ## Nim-BearSSL -## Copyright (c) 2018 Status Research & Development GmbH +## Copyright (c) 2018-2022 Status Research & Development GmbH ## Licensed under either of ## * Apache License, version 2.0, ([LICENSE-APACHE](LICENSE-APACHE)) ## * MIT license ([LICENSE-MIT](LICENSE-MIT)) ## at your option. ## This file may not be copied, modified, or distributed except according to ## those terms. -import bearssl/[decls, errors] -export decls, errors + +when defined(bearsslSplitAbi): + # This will become default in the future - we cannot use it now because there + # are duplicate symbols in `decls.nim` - the new ABI can already be accessed + # using the more specific imports (`import bearssl/ssl`) + import + ./bearssl/[ + aead, blockx, brssl, ec, errors, hash, hmac, kdf, pem, prf, rand, rsa, + ssl, x509], + ./bearssl/abi/[cacert, config] + + export + aead, blockx, brssl, ec, errors, hash, hmac, kdf, pem, prf, rand, rsa, + ssl, x509, + cacert, config + +else: + import + ./bearssl/[cacert, errors, decls] # Deprecated, will be removed in the future + + export cacert, errors, decls + when defined(nimHasUsed): {.used.} diff --git a/bearssl.nimble b/bearssl.nimble index c35e93e..39186e8 100644 --- a/bearssl.nimble +++ b/bearssl.nimble @@ -15,7 +15,7 @@ requires "nim >= 1.2.0", proc test(env, path: string) = # Compilation language is controlled by TEST_LANG exec "nim " & getEnv("TEST_LANG", "c") & " " & getEnv("NIMFLAGS") & " " & env & - " -rf --hints:off --skipParentCfg --styleCheck:usages --styleCheck:error " & path + " -d:bearsslSplitAbi -rf --hints:off --skipParentCfg --styleCheck:usages --styleCheck:error " & path task test, "Run tests": for path in listFiles(thisDir() / "tests"): diff --git a/bearssl/abi/bearssl_aead.nim b/bearssl/abi/bearssl_aead.nim new file mode 100644 index 0000000..769648c --- /dev/null +++ b/bearssl/abi/bearssl_aead.nim @@ -0,0 +1,176 @@ +import + "."/[bearssl_block, bearssl_hash, csources] + +{.pragma: importcFunc, cdecl, gcsafe, noSideEffect, raises: [].} +{.used.} + +const + bearAeadPath = bearSrcPath / "aead" + +{.compile: bearAeadPath / "ccm.c".} +{.compile: bearAeadPath / "eax.c".} +{.compile: bearAeadPath / "gcm.c".} + +type + AeadClass* {.importc: "br_aead_class", header: "bearssl_aead.h", bycopy.} = object + tagSize* {.importc: "tag_size".}: uint + reset* {.importc: "reset".}: proc (cc: ptr ptr AeadClass; iv: pointer; len: uint) {. + importcFunc.} + aadInject* {.importc: "aad_inject".}: proc (cc: ptr ptr AeadClass; data: pointer; + len: uint) {.importcFunc.} + flip* {.importc: "flip".}: proc (cc: ptr ptr AeadClass) {.importcFunc.} + run* {.importc: "run".}: proc (cc: ptr ptr AeadClass; encrypt: cint; data: pointer; + len: uint) {.importcFunc.} + getTag* {.importc: "get_tag".}: proc (cc: ptr ptr AeadClass; tag: pointer) {.importcFunc.} + checkTag* {.importc: "check_tag".}: proc (cc: ptr ptr AeadClass; tag: pointer): uint32 {. + importcFunc.} + getTagTrunc* {.importc: "get_tag_trunc".}: proc (cc: ptr ptr AeadClass; + tag: pointer; len: uint) {.importcFunc.} + checkTagTrunc* {.importc: "check_tag_trunc".}: proc (cc: ptr ptr AeadClass; + tag: pointer; len: uint): uint32 {.importcFunc.} + + + +type + GcmContext* {.importc: "br_gcm_context", header: "bearssl_aead.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr AeadClass + bctx* {.importc: "bctx".}: ptr ptr BlockCtrClass + gh* {.importc: "gh".}: Ghash + h* {.importc: "h".}: array[16, byte] + j01* {.importc: "j0_1".}: array[12, byte] + buf* {.importc: "buf".}: array[16, byte] + y* {.importc: "y".}: array[16, byte] + j02* {.importc: "j0_2".}: uint32 + jc* {.importc: "jc".}: uint32 + countAad* {.importc: "count_aad".}: uint64 + countCtr* {.importc: "count_ctr".}: uint64 + + + +proc gcmInit*(ctx: var GcmContext; bctx: ptr ptr BlockCtrClass; gh: Ghash) {.importcFunc, + importc: "br_gcm_init", header: "bearssl_aead.h".} + +proc gcmReset*(ctx: var GcmContext; iv: pointer; len: uint) {.importcFunc, + importc: "br_gcm_reset", header: "bearssl_aead.h".} + +proc gcmAadInject*(ctx: var GcmContext; data: pointer; len: uint) {.importcFunc, + importc: "br_gcm_aad_inject", header: "bearssl_aead.h".} + +proc gcmFlip*(ctx: var GcmContext) {.importcFunc, importc: "br_gcm_flip", + header: "bearssl_aead.h".} + +proc gcmRun*(ctx: var GcmContext; encrypt: cint; data: pointer; len: uint) {.importcFunc, + importc: "br_gcm_run", header: "bearssl_aead.h".} + +proc gcmGetTag*(ctx: var GcmContext; tag: pointer) {.importcFunc, importc: "br_gcm_get_tag", + header: "bearssl_aead.h".} + +proc gcmCheckTag*(ctx: var GcmContext; tag: pointer): uint32 {.importcFunc, + importc: "br_gcm_check_tag", header: "bearssl_aead.h".} + +proc gcmGetTagTrunc*(ctx: var GcmContext; tag: pointer; len: uint) {.importcFunc, + importc: "br_gcm_get_tag_trunc", header: "bearssl_aead.h".} + +proc gcmCheckTagTrunc*(ctx: var GcmContext; tag: pointer; len: uint): uint32 {.importcFunc, + importc: "br_gcm_check_tag_trunc", header: "bearssl_aead.h".} + +var gcmVtable* {.importc: "br_gcm_vtable", header: "bearssl_aead.h".}: AeadClass + + +type + EaxContext* {.importc: "br_eax_context", header: "bearssl_aead.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr AeadClass + bctx* {.importc: "bctx".}: ptr ptr BlockCtrcbcClass + l2* {.importc: "L2".}: array[16, byte] + l4* {.importc: "L4".}: array[16, byte] + nonce* {.importc: "nonce".}: array[16, byte] + head* {.importc: "head".}: array[16, byte] + ctr* {.importc: "ctr".}: array[16, byte] + cbcmac* {.importc: "cbcmac".}: array[16, byte] + buf* {.importc: "buf".}: array[16, byte] + `ptr`* {.importc: "ptr".}: uint + + + +type + EaxState* {.importc: "br_eax_state", header: "bearssl_aead.h", bycopy.} = object + st* {.importc: "st".}: array[3, array[16, byte]] + + + +proc eaxInit*(ctx: var EaxContext; bctx: ptr ptr BlockCtrcbcClass) {.importcFunc, + importc: "br_eax_init", header: "bearssl_aead.h".} + +proc eaxCapture*(ctx: var EaxContext; st: ptr EaxState) {.importcFunc, + importc: "br_eax_capture", header: "bearssl_aead.h".} + +proc eaxReset*(ctx: var EaxContext; nonce: pointer; len: uint) {.importcFunc, + importc: "br_eax_reset", header: "bearssl_aead.h".} + +proc eaxResetPreAad*(ctx: var EaxContext; st: ptr EaxState; nonce: pointer; len: uint) {. + importcFunc, importc: "br_eax_reset_pre_aad", header: "bearssl_aead.h".} + +proc eaxResetPostAad*(ctx: var EaxContext; st: ptr EaxState; nonce: pointer; len: uint) {. + importcFunc, importc: "br_eax_reset_post_aad", header: "bearssl_aead.h".} + +proc eaxAadInject*(ctx: var EaxContext; data: pointer; len: uint) {.importcFunc, + importc: "br_eax_aad_inject", header: "bearssl_aead.h".} + +proc eaxFlip*(ctx: var EaxContext) {.importcFunc, importc: "br_eax_flip", + header: "bearssl_aead.h".} + +proc eaxGetAadMac*(ctx: var EaxContext; st: ptr EaxState) {.inline.} = + copyMem(unsafeAddr st.st[1], unsafeAddr ctx.head, sizeof(ctx.head)) + + +proc eaxRun*(ctx: var EaxContext; encrypt: cint; data: pointer; len: uint) {.importcFunc, + importc: "br_eax_run", header: "bearssl_aead.h".} + +proc eaxGetTag*(ctx: var EaxContext; tag: pointer) {.importcFunc, importc: "br_eax_get_tag", + header: "bearssl_aead.h".} + +proc eaxCheckTag*(ctx: var EaxContext; tag: pointer): uint32 {.importcFunc, + importc: "br_eax_check_tag", header: "bearssl_aead.h".} + +proc eaxGetTagTrunc*(ctx: var EaxContext; tag: pointer; len: uint) {.importcFunc, + importc: "br_eax_get_tag_trunc", header: "bearssl_aead.h".} + +proc eaxCheckTagTrunc*(ctx: var EaxContext; tag: pointer; len: uint): uint32 {.importcFunc, + importc: "br_eax_check_tag_trunc", header: "bearssl_aead.h".} + +var eaxVtable* {.importc: "br_eax_vtable", header: "bearssl_aead.h".}: AeadClass + + +type + CcmContext* {.importc: "br_ccm_context", header: "bearssl_aead.h", bycopy.} = object + bctx* {.importc: "bctx".}: ptr ptr BlockCtrcbcClass + ctr* {.importc: "ctr".}: array[16, byte] + cbcmac* {.importc: "cbcmac".}: array[16, byte] + tagmask* {.importc: "tagmask".}: array[16, byte] + buf* {.importc: "buf".}: array[16, byte] + `ptr`* {.importc: "ptr".}: uint + tagLen* {.importc: "tag_len".}: uint + + + +proc ccmInit*(ctx: var CcmContext; bctx: ptr ptr BlockCtrcbcClass) {.importcFunc, + importc: "br_ccm_init", header: "bearssl_aead.h".} + +proc ccmReset*(ctx: var CcmContext; nonce: pointer; nonceLen: uint; aadLen: uint64; + dataLen: uint64; tagLen: uint): cint {.importcFunc, + importc: "br_ccm_reset", header: "bearssl_aead.h".} + +proc ccmAadInject*(ctx: var CcmContext; data: pointer; len: uint) {.importcFunc, + importc: "br_ccm_aad_inject", header: "bearssl_aead.h".} + +proc ccmFlip*(ctx: var CcmContext) {.importcFunc, importc: "br_ccm_flip", + header: "bearssl_aead.h".} + +proc ccmRun*(ctx: var CcmContext; encrypt: cint; data: pointer; len: uint) {.importcFunc, + importc: "br_ccm_run", header: "bearssl_aead.h".} + +proc ccmGetTag*(ctx: var CcmContext; tag: pointer): uint {.importcFunc, + importc: "br_ccm_get_tag", header: "bearssl_aead.h".} + +proc ccmCheckTag*(ctx: var CcmContext; tag: pointer): uint32 {.importcFunc, + importc: "br_ccm_check_tag", header: "bearssl_aead.h".} diff --git a/bearssl/abi/bearssl_block.nim b/bearssl/abi/bearssl_block.nim new file mode 100644 index 0000000..85d7c86 --- /dev/null +++ b/bearssl/abi/bearssl_block.nim @@ -0,0 +1,908 @@ +import + "."/[csources, intx] + +{.pragma: importcFunc, cdecl, gcsafe, noSideEffect, raises: [].} +{.used.} + +const + bearSymcPath = bearSrcPath / "symcipher" + +{.compile: bearSymcPath / "aes_big_cbcdec.c".} +{.compile: bearSymcPath / "aes_big_cbcenc.c".} +{.compile: bearSymcPath / "aes_big_ctr.c".} +{.compile: bearSymcPath / "aes_big_ctrcbc.c".} +{.compile: bearSymcPath / "aes_big_dec.c".} +{.compile: bearSymcPath / "aes_big_enc.c".} +{.compile: bearSymcPath / "aes_common.c".} +{.compile: bearSymcPath / "aes_ct.c".} +{.compile: bearSymcPath / "aes_ct64.c".} +{.compile: bearSymcPath / "aes_ct64_cbcdec.c".} +{.compile: bearSymcPath / "aes_ct64_cbcenc.c".} +{.compile: bearSymcPath / "aes_ct64_ctr.c".} +{.compile: bearSymcPath / "aes_ct64_ctrcbc.c".} +{.compile: bearSymcPath / "aes_ct64_dec.c".} +{.compile: bearSymcPath / "aes_ct64_enc.c".} +{.compile: bearSymcPath / "aes_ct_cbcdec.c".} +{.compile: bearSymcPath / "aes_ct_cbcenc.c".} +{.compile: bearSymcPath / "aes_ct_ctr.c".} +{.compile: bearSymcPath / "aes_ct_ctrcbc.c".} +{.compile: bearSymcPath / "aes_ct_dec.c".} +{.compile: bearSymcPath / "aes_ct_enc.c".} +{.compile: bearSymcPath / "aes_pwr8.c".} +{.compile: bearSymcPath / "aes_pwr8_cbcdec.c".} +{.compile: bearSymcPath / "aes_pwr8_cbcenc.c".} +{.compile: bearSymcPath / "aes_pwr8_ctr.c".} +{.compile: bearSymcPath / "aes_pwr8_ctrcbc.c".} +{.compile: bearSymcPath / "aes_small_cbcdec.c".} +{.compile: bearSymcPath / "aes_small_cbcenc.c".} +{.compile: bearSymcPath / "aes_small_ctr.c".} +{.compile: bearSymcPath / "aes_small_ctrcbc.c".} +{.compile: bearSymcPath / "aes_small_dec.c".} +{.compile: bearSymcPath / "aes_small_enc.c".} +{.compile: bearSymcPath / "aes_x86ni.c".} +{.compile: bearSymcPath / "aes_x86ni_cbcdec.c".} +{.compile: bearSymcPath / "aes_x86ni_cbcenc.c".} +{.compile: bearSymcPath / "aes_x86ni_ctr.c".} +{.compile: bearSymcPath / "aes_x86ni_ctrcbc.c".} +{.compile: bearSymcPath / "chacha20_ct.c".} +{.compile: bearSymcPath / "chacha20_sse2.c".} +{.compile: bearSymcPath / "des_ct.c".} +{.compile: bearSymcPath / "des_ct_cbcdec.c".} +{.compile: bearSymcPath / "des_ct_cbcenc.c".} +{.compile: bearSymcPath / "des_support.c".} +{.compile: bearSymcPath / "des_tab.c".} +{.compile: bearSymcPath / "des_tab_cbcdec.c".} +{.compile: bearSymcPath / "des_tab_cbcenc.c".} +{.compile: bearSymcPath / "poly1305_ctmul.c".} +{.compile: bearSymcPath / "poly1305_ctmul32.c".} +{.compile: bearSymcPath / "poly1305_ctmulq.c".} +{.compile: bearSymcPath / "poly1305_i15.c".} + +type + BlockCbcencClass* {.importc: "br_block_cbcenc_class", header: "bearssl_block.h", + bycopy.} = object + contextSize* {.importc: "context_size".}: uint + blockSize* {.importc: "block_size".}: cuint + logBlockSize* {.importc: "log_block_size".}: cuint + init* {.importc: "init".}: proc (ctx: ptr ptr BlockCbcencClass; key: pointer; + keyLen: uint) {.importcFunc.} + run* {.importc: "run".}: proc (ctx: ptr ptr BlockCbcencClass; iv: pointer; + data: pointer; len: uint) {.importcFunc.} + + + +type + BlockCbcdecClass* {.importc: "br_block_cbcdec_class", header: "bearssl_block.h", + bycopy.} = object + contextSize* {.importc: "context_size".}: uint + blockSize* {.importc: "block_size".}: cuint + logBlockSize* {.importc: "log_block_size".}: cuint + init* {.importc: "init".}: proc (ctx: ptr ptr BlockCbcdecClass; key: pointer; + keyLen: uint) {.importcFunc.} + run* {.importc: "run".}: proc (ctx: ptr ptr BlockCbcdecClass; iv: pointer; + data: pointer; len: uint) {.importcFunc.} + + + +type + BlockCtrClass* {.importc: "br_block_ctr_class", header: "bearssl_block.h", bycopy.} = object + contextSize* {.importc: "context_size".}: uint + blockSize* {.importc: "block_size".}: cuint + logBlockSize* {.importc: "log_block_size".}: cuint + init* {.importc: "init".}: proc (ctx: ptr ptr BlockCtrClass; key: pointer; + keyLen: uint) {.importcFunc.} + run* {.importc: "run".}: proc (ctx: ptr ptr BlockCtrClass; iv: pointer; cc: uint32; + data: pointer; len: uint): uint32 {.importcFunc.} + + + +type + BlockCtrcbcClass* {.importc: "br_block_ctrcbc_class", header: "bearssl_block.h", + bycopy.} = object + contextSize* {.importc: "context_size".}: uint + blockSize* {.importc: "block_size".}: cuint + logBlockSize* {.importc: "log_block_size".}: cuint + init* {.importc: "init".}: proc (ctx: ptr ptr BlockCtrcbcClass; key: pointer; + keyLen: uint) {.importcFunc.} + encrypt* {.importc: "encrypt".}: proc (ctx: ptr ptr BlockCtrcbcClass; ctr: pointer; + cbcmac: pointer; data: pointer; len: uint) {. + importcFunc.} + decrypt* {.importc: "decrypt".}: proc (ctx: ptr ptr BlockCtrcbcClass; ctr: pointer; + cbcmac: pointer; data: pointer; len: uint) {. + importcFunc.} + ctr* {.importc: "ctr".}: proc (ctx: ptr ptr BlockCtrcbcClass; ctr: pointer; + data: pointer; len: uint) {.importcFunc.} + mac* {.importc: "mac".}: proc (ctx: ptr ptr BlockCtrcbcClass; cbcmac: pointer; + data: pointer; len: uint) {.importcFunc.} + + + +const + aesBigBLOCK_SIZE* = 16 + + +type + AesBigCbcencKeys* {.importc: "br_aes_big_cbcenc_keys", header: "bearssl_block.h", + bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCbcencClass + skey* {.importc: "skey".}: array[60, uint32] + numRounds* {.importc: "num_rounds".}: cuint + + + +type + AesBigCbcdecKeys* {.importc: "br_aes_big_cbcdec_keys", header: "bearssl_block.h", + bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCbcdecClass + skey* {.importc: "skey".}: array[60, uint32] + numRounds* {.importc: "num_rounds".}: cuint + + + +type + AesBigCtrKeys* {.importc: "br_aes_big_ctr_keys", header: "bearssl_block.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCtrClass + skey* {.importc: "skey".}: array[60, uint32] + numRounds* {.importc: "num_rounds".}: cuint + + + +type + AesBigCtrcbcKeys* {.importc: "br_aes_big_ctrcbc_keys", header: "bearssl_block.h", + bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCtrcbcClass + skey* {.importc: "skey".}: array[60, uint32] + numRounds* {.importc: "num_rounds".}: cuint + + +var aesBigCbcencVtable* {.importc: "br_aes_big_cbcenc_vtable", header: "bearssl_block.h".}: BlockCbcencClass + + +var aesBigCbcdecVtable* {.importc: "br_aes_big_cbcdec_vtable", header: "bearssl_block.h".}: BlockCbcdecClass + + +var aesBigCtrVtable* {.importc: "br_aes_big_ctr_vtable", header: "bearssl_block.h".}: BlockCtrClass + + +var aesBigCtrcbcVtable* {.importc: "br_aes_big_ctrcbc_vtable", header: "bearssl_block.h".}: BlockCtrcbcClass + + +proc aesBigCbcencInit*(ctx: var AesBigCbcencKeys; key: pointer; len: uint) {.importcFunc, + importc: "br_aes_big_cbcenc_init", header: "bearssl_block.h".} + +proc aesBigCbcdecInit*(ctx: var AesBigCbcdecKeys; key: pointer; len: uint) {.importcFunc, + importc: "br_aes_big_cbcdec_init", header: "bearssl_block.h".} + +proc aesBigCtrInit*(ctx: var AesBigCtrKeys; key: pointer; len: uint) {.importcFunc, + importc: "br_aes_big_ctr_init", header: "bearssl_block.h".} + +proc aesBigCtrcbcInit*(ctx: var AesBigCtrcbcKeys; key: pointer; len: uint) {.importcFunc, + importc: "br_aes_big_ctrcbc_init", header: "bearssl_block.h".} + +proc aesBigCbcencRun*(ctx: var AesBigCbcencKeys; iv: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_aes_big_cbcenc_run", + header: "bearssl_block.h".} + +proc aesBigCbcdecRun*(ctx: var AesBigCbcdecKeys; iv: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_aes_big_cbcdec_run", + header: "bearssl_block.h".} + +proc aesBigCtrRun*(ctx: var AesBigCtrKeys; iv: pointer; cc: uint32; data: pointer; + len: uint): uint32 {.importcFunc, importc: "br_aes_big_ctr_run", + header: "bearssl_block.h".} + +proc aesBigCtrcbcEncrypt*(ctx: var AesBigCtrcbcKeys; ctr: pointer; cbcmac: pointer; + data: pointer; len: uint) {.importcFunc, + importc: "br_aes_big_ctrcbc_encrypt", header: "bearssl_block.h".} + +proc aesBigCtrcbcDecrypt*(ctx: var AesBigCtrcbcKeys; ctr: pointer; cbcmac: pointer; + data: pointer; len: uint) {.importcFunc, + importc: "br_aes_big_ctrcbc_decrypt", header: "bearssl_block.h".} + +proc aesBigCtrcbcCtr*(ctx: var AesBigCtrcbcKeys; ctr: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_aes_big_ctrcbc_ctr", + header: "bearssl_block.h".} + +proc aesBigCtrcbcMac*(ctx: var AesBigCtrcbcKeys; cbcmac: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_aes_big_ctrcbc_mac", + header: "bearssl_block.h".} + +const + aesSmallBLOCK_SIZE* = 16 + + +type + AesSmallCbcencKeys* {.importc: "br_aes_small_cbcenc_keys", + header: "bearssl_block.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCbcencClass + skey* {.importc: "skey".}: array[60, uint32] + numRounds* {.importc: "num_rounds".}: cuint + + + +type + AesSmallCbcdecKeys* {.importc: "br_aes_small_cbcdec_keys", + header: "bearssl_block.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCbcdecClass + skey* {.importc: "skey".}: array[60, uint32] + numRounds* {.importc: "num_rounds".}: cuint + + + +type + AesSmallCtrKeys* {.importc: "br_aes_small_ctr_keys", header: "bearssl_block.h", + bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCtrClass + skey* {.importc: "skey".}: array[60, uint32] + numRounds* {.importc: "num_rounds".}: cuint + + + +type + AesSmallCtrcbcKeys* {.importc: "br_aes_small_ctrcbc_keys", + header: "bearssl_block.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCtrcbcClass + skey* {.importc: "skey".}: array[60, uint32] + numRounds* {.importc: "num_rounds".}: cuint + + +var aesSmallCbcencVtable* {.importc: "br_aes_small_cbcenc_vtable", header: "bearssl_block.h".}: BlockCbcencClass + + +var aesSmallCbcdecVtable* {.importc: "br_aes_small_cbcdec_vtable", header: "bearssl_block.h".}: BlockCbcdecClass + + +var aesSmallCtrVtable* {.importc: "br_aes_small_ctr_vtable", header: "bearssl_block.h".}: BlockCtrClass + + +var aesSmallCtrcbcVtable* {.importc: "br_aes_small_ctrcbc_vtable", header: "bearssl_block.h".}: BlockCtrcbcClass + + +proc aesSmallCbcencInit*(ctx: var AesSmallCbcencKeys; key: pointer; len: uint) {. + importcFunc, importc: "br_aes_small_cbcenc_init", header: "bearssl_block.h".} + +proc aesSmallCbcdecInit*(ctx: var AesSmallCbcdecKeys; key: pointer; len: uint) {. + importcFunc, importc: "br_aes_small_cbcdec_init", header: "bearssl_block.h".} + +proc aesSmallCtrInit*(ctx: var AesSmallCtrKeys; key: pointer; len: uint) {.importcFunc, + importc: "br_aes_small_ctr_init", header: "bearssl_block.h".} + +proc aesSmallCtrcbcInit*(ctx: var AesSmallCtrcbcKeys; key: pointer; len: uint) {. + importcFunc, importc: "br_aes_small_ctrcbc_init", header: "bearssl_block.h".} + +proc aesSmallCbcencRun*(ctx: var AesSmallCbcencKeys; iv: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_aes_small_cbcenc_run", + header: "bearssl_block.h".} + +proc aesSmallCbcdecRun*(ctx: var AesSmallCbcdecKeys; iv: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_aes_small_cbcdec_run", + header: "bearssl_block.h".} + +proc aesSmallCtrRun*(ctx: var AesSmallCtrKeys; iv: pointer; cc: uint32; data: pointer; + len: uint): uint32 {.importcFunc, importc: "br_aes_small_ctr_run", + header: "bearssl_block.h".} + +proc aesSmallCtrcbcEncrypt*(ctx: var AesSmallCtrcbcKeys; ctr: pointer; + cbcmac: pointer; data: pointer; len: uint) {.importcFunc, + importc: "br_aes_small_ctrcbc_encrypt", header: "bearssl_block.h".} + +proc aesSmallCtrcbcDecrypt*(ctx: var AesSmallCtrcbcKeys; ctr: pointer; + cbcmac: pointer; data: pointer; len: uint) {.importcFunc, + importc: "br_aes_small_ctrcbc_decrypt", header: "bearssl_block.h".} + +proc aesSmallCtrcbcCtr*(ctx: var AesSmallCtrcbcKeys; ctr: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_aes_small_ctrcbc_ctr", + header: "bearssl_block.h".} + +proc aesSmallCtrcbcMac*(ctx: var AesSmallCtrcbcKeys; cbcmac: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_aes_small_ctrcbc_mac", + header: "bearssl_block.h".} + +const + aesCtBLOCK_SIZE* = 16 + + +type + AesCtCbcencKeys* {.importc: "br_aes_ct_cbcenc_keys", header: "bearssl_block.h", + bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCbcencClass + skey* {.importc: "skey".}: array[60, uint32] + numRounds* {.importc: "num_rounds".}: cuint + + + +type + AesCtCbcdecKeys* {.importc: "br_aes_ct_cbcdec_keys", header: "bearssl_block.h", + bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCbcdecClass + skey* {.importc: "skey".}: array[60, uint32] + numRounds* {.importc: "num_rounds".}: cuint + + + +type + AesCtCtrKeys* {.importc: "br_aes_ct_ctr_keys", header: "bearssl_block.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCtrClass + skey* {.importc: "skey".}: array[60, uint32] + numRounds* {.importc: "num_rounds".}: cuint + + + +type + AesCtCtrcbcKeys* {.importc: "br_aes_ct_ctrcbc_keys", header: "bearssl_block.h", + bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCtrcbcClass + skey* {.importc: "skey".}: array[60, uint32] + numRounds* {.importc: "num_rounds".}: cuint + + +var aesCtCbcencVtable* {.importc: "br_aes_ct_cbcenc_vtable", header: "bearssl_block.h".}: BlockCbcencClass + + +var aesCtCbcdecVtable* {.importc: "br_aes_ct_cbcdec_vtable", header: "bearssl_block.h".}: BlockCbcdecClass + + +var aesCtCtrVtable* {.importc: "br_aes_ct_ctr_vtable", header: "bearssl_block.h".}: BlockCtrClass + + +var aesCtCtrcbcVtable* {.importc: "br_aes_ct_ctrcbc_vtable", header: "bearssl_block.h".}: BlockCtrcbcClass + + +proc aesCtCbcencInit*(ctx: var AesCtCbcencKeys; key: pointer; len: uint) {.importcFunc, + importc: "br_aes_ct_cbcenc_init", header: "bearssl_block.h".} + +proc aesCtCbcdecInit*(ctx: var AesCtCbcdecKeys; key: pointer; len: uint) {.importcFunc, + importc: "br_aes_ct_cbcdec_init", header: "bearssl_block.h".} + +proc aesCtCtrInit*(ctx: var AesCtCtrKeys; key: pointer; len: uint) {.importcFunc, + importc: "br_aes_ct_ctr_init", header: "bearssl_block.h".} + +proc aesCtCtrcbcInit*(ctx: var AesCtCtrcbcKeys; key: pointer; len: uint) {.importcFunc, + importc: "br_aes_ct_ctrcbc_init", header: "bearssl_block.h".} + +proc aesCtCbcencRun*(ctx: var AesCtCbcencKeys; iv: pointer; data: pointer; len: uint) {. + importcFunc, importc: "br_aes_ct_cbcenc_run", header: "bearssl_block.h".} + +proc aesCtCbcdecRun*(ctx: var AesCtCbcdecKeys; iv: pointer; data: pointer; len: uint) {. + importcFunc, importc: "br_aes_ct_cbcdec_run", header: "bearssl_block.h".} + +proc aesCtCtrRun*(ctx: var AesCtCtrKeys; iv: pointer; cc: uint32; data: pointer; + len: uint): uint32 {.importcFunc, importc: "br_aes_ct_ctr_run", + header: "bearssl_block.h".} + +proc aesCtCtrcbcEncrypt*(ctx: var AesCtCtrcbcKeys; ctr: pointer; cbcmac: pointer; + data: pointer; len: uint) {.importcFunc, + importc: "br_aes_ct_ctrcbc_encrypt", header: "bearssl_block.h".} + +proc aesCtCtrcbcDecrypt*(ctx: var AesCtCtrcbcKeys; ctr: pointer; cbcmac: pointer; + data: pointer; len: uint) {.importcFunc, + importc: "br_aes_ct_ctrcbc_decrypt", header: "bearssl_block.h".} + +proc aesCtCtrcbcCtr*(ctx: var AesCtCtrcbcKeys; ctr: pointer; data: pointer; len: uint) {. + importcFunc, importc: "br_aes_ct_ctrcbc_ctr", header: "bearssl_block.h".} + +proc aesCtCtrcbcMac*(ctx: var AesCtCtrcbcKeys; cbcmac: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_aes_ct_ctrcbc_mac", + header: "bearssl_block.h".} + +const + aesCt64BLOCK_SIZE* = 16 + + +type + AesCt64CbcencKeys* {.importc: "br_aes_ct64_cbcenc_keys", + header: "bearssl_block.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCbcencClass + skey* {.importc: "skey".}: array[30, uint64] + numRounds* {.importc: "num_rounds".}: cuint + + + +type + AesCt64CbcdecKeys* {.importc: "br_aes_ct64_cbcdec_keys", + header: "bearssl_block.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCbcdecClass + skey* {.importc: "skey".}: array[30, uint64] + numRounds* {.importc: "num_rounds".}: cuint + + + +type + AesCt64CtrKeys* {.importc: "br_aes_ct64_ctr_keys", header: "bearssl_block.h", + bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCtrClass + skey* {.importc: "skey".}: array[30, uint64] + numRounds* {.importc: "num_rounds".}: cuint + + + +type + AesCt64CtrcbcKeys* {.importc: "br_aes_ct64_ctrcbc_keys", + header: "bearssl_block.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCtrcbcClass + skey* {.importc: "skey".}: array[30, uint64] + numRounds* {.importc: "num_rounds".}: cuint + + +var aesCt64CbcencVtable* {.importc: "br_aes_ct64_cbcenc_vtable", header: "bearssl_block.h".}: BlockCbcencClass + + +var aesCt64CbcdecVtable* {.importc: "br_aes_ct64_cbcdec_vtable", header: "bearssl_block.h".}: BlockCbcdecClass + + +var aesCt64CtrVtable* {.importc: "br_aes_ct64_ctr_vtable", header: "bearssl_block.h".}: BlockCtrClass + + +var aesCt64CtrcbcVtable* {.importc: "br_aes_ct64_ctrcbc_vtable", header: "bearssl_block.h".}: BlockCtrcbcClass + + +proc aesCt64CbcencInit*(ctx: var AesCt64CbcencKeys; key: pointer; len: uint) {.importcFunc, + importc: "br_aes_ct64_cbcenc_init", header: "bearssl_block.h".} + +proc aesCt64CbcdecInit*(ctx: var AesCt64CbcdecKeys; key: pointer; len: uint) {.importcFunc, + importc: "br_aes_ct64_cbcdec_init", header: "bearssl_block.h".} + +proc aesCt64CtrInit*(ctx: var AesCt64CtrKeys; key: pointer; len: uint) {.importcFunc, + importc: "br_aes_ct64_ctr_init", header: "bearssl_block.h".} + +proc aesCt64CtrcbcInit*(ctx: var AesCt64CtrcbcKeys; key: pointer; len: uint) {.importcFunc, + importc: "br_aes_ct64_ctrcbc_init", header: "bearssl_block.h".} + +proc aesCt64CbcencRun*(ctx: var AesCt64CbcencKeys; iv: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_aes_ct64_cbcenc_run", + header: "bearssl_block.h".} + +proc aesCt64CbcdecRun*(ctx: var AesCt64CbcdecKeys; iv: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_aes_ct64_cbcdec_run", + header: "bearssl_block.h".} + +proc aesCt64CtrRun*(ctx: var AesCt64CtrKeys; iv: pointer; cc: uint32; data: pointer; + len: uint): uint32 {.importcFunc, importc: "br_aes_ct64_ctr_run", + header: "bearssl_block.h".} + +proc aesCt64CtrcbcEncrypt*(ctx: var AesCt64CtrcbcKeys; ctr: pointer; cbcmac: pointer; + data: pointer; len: uint) {.importcFunc, + importc: "br_aes_ct64_ctrcbc_encrypt", header: "bearssl_block.h".} + +proc aesCt64CtrcbcDecrypt*(ctx: var AesCt64CtrcbcKeys; ctr: pointer; cbcmac: pointer; + data: pointer; len: uint) {.importcFunc, + importc: "br_aes_ct64_ctrcbc_decrypt", header: "bearssl_block.h".} + +proc aesCt64CtrcbcCtr*(ctx: var AesCt64CtrcbcKeys; ctr: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_aes_ct64_ctrcbc_ctr", + header: "bearssl_block.h".} + +proc aesCt64CtrcbcMac*(ctx: var AesCt64CtrcbcKeys; cbcmac: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_aes_ct64_ctrcbc_mac", + header: "bearssl_block.h".} + +const + aesX86niBLOCK_SIZE* = 16 + + +type + INNER_C_UNION_bearssl_block_1* {.importc: "br_aes_x86ni_cbcenc_keys::no_name", + header: "bearssl_block.h", bycopy, union.} = object + skni* {.importc: "skni".}: array[16 * 15, byte] + + AesX86niCbcencKeys* {.importc: "br_aes_x86ni_cbcenc_keys", + header: "bearssl_block.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCbcencClass + skey* {.importc: "skey".}: INNER_C_UNION_bearssl_block_1 + numRounds* {.importc: "num_rounds".}: cuint + + + +type + INNER_C_UNION_bearssl_block_3* {.importc: "br_aes_x86ni_cbcdec_keys::no_name", + header: "bearssl_block.h", bycopy, union.} = object + skni* {.importc: "skni".}: array[16 * 15, byte] + + AesX86niCbcdecKeys* {.importc: "br_aes_x86ni_cbcdec_keys", + header: "bearssl_block.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCbcdecClass + skey* {.importc: "skey".}: INNER_C_UNION_bearssl_block_3 + numRounds* {.importc: "num_rounds".}: cuint + + + +type + INNER_C_UNION_bearssl_block_5* {.importc: "br_aes_x86ni_ctr_keys::no_name", + header: "bearssl_block.h", bycopy, union.} = object + skni* {.importc: "skni".}: array[16 * 15, byte] + + AesX86niCtrKeys* {.importc: "br_aes_x86ni_ctr_keys", header: "bearssl_block.h", + bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCtrClass + skey* {.importc: "skey".}: INNER_C_UNION_bearssl_block_5 + numRounds* {.importc: "num_rounds".}: cuint + + + +type + INNER_C_UNION_bearssl_block_7* {.importc: "br_aes_x86ni_ctrcbc_keys::no_name", + header: "bearssl_block.h", bycopy, union.} = object + skni* {.importc: "skni".}: array[16 * 15, byte] + + AesX86niCtrcbcKeys* {.importc: "br_aes_x86ni_ctrcbc_keys", + header: "bearssl_block.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCtrcbcClass + skey* {.importc: "skey".}: INNER_C_UNION_bearssl_block_7 + numRounds* {.importc: "num_rounds".}: cuint + + +var aesX86niCbcencVtable* {.importc: "br_aes_x86ni_cbcenc_vtable", header: "bearssl_block.h".}: BlockCbcencClass + + +var aesX86niCbcdecVtable* {.importc: "br_aes_x86ni_cbcdec_vtable", header: "bearssl_block.h".}: BlockCbcdecClass + + +var aesX86niCtrVtable* {.importc: "br_aes_x86ni_ctr_vtable", header: "bearssl_block.h".}: BlockCtrClass + + +var aesX86niCtrcbcVtable* {.importc: "br_aes_x86ni_ctrcbc_vtable", header: "bearssl_block.h".}: BlockCtrcbcClass + + +proc aesX86niCbcencInit*(ctx: var AesX86niCbcencKeys; key: pointer; len: uint) {. + importcFunc, importc: "br_aes_x86ni_cbcenc_init", header: "bearssl_block.h".} + +proc aesX86niCbcdecInit*(ctx: var AesX86niCbcdecKeys; key: pointer; len: uint) {. + importcFunc, importc: "br_aes_x86ni_cbcdec_init", header: "bearssl_block.h".} + +proc aesX86niCtrInit*(ctx: var AesX86niCtrKeys; key: pointer; len: uint) {.importcFunc, + importc: "br_aes_x86ni_ctr_init", header: "bearssl_block.h".} + +proc aesX86niCtrcbcInit*(ctx: var AesX86niCtrcbcKeys; key: pointer; len: uint) {. + importcFunc, importc: "br_aes_x86ni_ctrcbc_init", header: "bearssl_block.h".} + +proc aesX86niCbcencRun*(ctx: var AesX86niCbcencKeys; iv: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_aes_x86ni_cbcenc_run", + header: "bearssl_block.h".} + +proc aesX86niCbcdecRun*(ctx: var AesX86niCbcdecKeys; iv: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_aes_x86ni_cbcdec_run", + header: "bearssl_block.h".} + +proc aesX86niCtrRun*(ctx: var AesX86niCtrKeys; iv: pointer; cc: uint32; data: pointer; + len: uint): uint32 {.importcFunc, importc: "br_aes_x86ni_ctr_run", + header: "bearssl_block.h".} + +proc aesX86niCtrcbcEncrypt*(ctx: var AesX86niCtrcbcKeys; ctr: pointer; + cbcmac: pointer; data: pointer; len: uint) {.importcFunc, + importc: "br_aes_x86ni_ctrcbc_encrypt", header: "bearssl_block.h".} + +proc aesX86niCtrcbcDecrypt*(ctx: var AesX86niCtrcbcKeys; ctr: pointer; + cbcmac: pointer; data: pointer; len: uint) {.importcFunc, + importc: "br_aes_x86ni_ctrcbc_decrypt", header: "bearssl_block.h".} + +proc aesX86niCtrcbcCtr*(ctx: var AesX86niCtrcbcKeys; ctr: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_aes_x86ni_ctrcbc_ctr", + header: "bearssl_block.h".} + +proc aesX86niCtrcbcMac*(ctx: var AesX86niCtrcbcKeys; cbcmac: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_aes_x86ni_ctrcbc_mac", + header: "bearssl_block.h".} + +proc aesX86niCbcencGetVtable*(): ptr BlockCbcencClass {.importcFunc, + importc: "br_aes_x86ni_cbcenc_get_vtable", header: "bearssl_block.h".} + +proc aesX86niCbcdecGetVtable*(): ptr BlockCbcdecClass {.importcFunc, + importc: "br_aes_x86ni_cbcdec_get_vtable", header: "bearssl_block.h".} + +proc aesX86niCtrGetVtable*(): ptr BlockCtrClass {.importcFunc, + importc: "br_aes_x86ni_ctr_get_vtable", header: "bearssl_block.h".} + +proc aesX86niCtrcbcGetVtable*(): ptr BlockCtrcbcClass {.importcFunc, + importc: "br_aes_x86ni_ctrcbc_get_vtable", header: "bearssl_block.h".} + +const + aesPwr8BLOCK_SIZE* = 16 + + +type + INNER_C_UNION_bearssl_block_9* {.importc: "br_aes_pwr8_cbcenc_keys::no_name", + header: "bearssl_block.h", bycopy, union.} = object + skni* {.importc: "skni".}: array[16 * 15, byte] + + AesPwr8CbcencKeys* {.importc: "br_aes_pwr8_cbcenc_keys", + header: "bearssl_block.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCbcencClass + skey* {.importc: "skey".}: INNER_C_UNION_bearssl_block_9 + numRounds* {.importc: "num_rounds".}: cuint + + + +type + INNER_C_UNION_bearssl_block_11* {.importc: "br_aes_pwr8_cbcdec_keys::no_name", + header: "bearssl_block.h", bycopy, union.} = object + skni* {.importc: "skni".}: array[16 * 15, byte] + + AesPwr8CbcdecKeys* {.importc: "br_aes_pwr8_cbcdec_keys", + header: "bearssl_block.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCbcdecClass + skey* {.importc: "skey".}: INNER_C_UNION_bearssl_block_11 + numRounds* {.importc: "num_rounds".}: cuint + + + +type + INNER_C_UNION_bearssl_block_13* {.importc: "br_aes_pwr8_ctr_keys::no_name", + header: "bearssl_block.h", bycopy, union.} = object + skni* {.importc: "skni".}: array[16 * 15, byte] + + AesPwr8CtrKeys* {.importc: "br_aes_pwr8_ctr_keys", header: "bearssl_block.h", + bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCtrClass + skey* {.importc: "skey".}: INNER_C_UNION_bearssl_block_13 + numRounds* {.importc: "num_rounds".}: cuint + + + +type + INNER_C_UNION_bearssl_block_15* {.importc: "br_aes_pwr8_ctrcbc_keys::no_name", + header: "bearssl_block.h", bycopy, union.} = object + skni* {.importc: "skni".}: array[16 * 15, byte] + + AesPwr8CtrcbcKeys* {.importc: "br_aes_pwr8_ctrcbc_keys", + header: "bearssl_block.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCtrcbcClass + skey* {.importc: "skey".}: INNER_C_UNION_bearssl_block_15 + numRounds* {.importc: "num_rounds".}: cuint + + +var aesPwr8CbcencVtable* {.importc: "br_aes_pwr8_cbcenc_vtable", header: "bearssl_block.h".}: BlockCbcencClass + + +var aesPwr8CbcdecVtable* {.importc: "br_aes_pwr8_cbcdec_vtable", header: "bearssl_block.h".}: BlockCbcdecClass + + +var aesPwr8CtrVtable* {.importc: "br_aes_pwr8_ctr_vtable", header: "bearssl_block.h".}: BlockCtrClass + + +var aesPwr8CtrcbcVtable* {.importc: "br_aes_pwr8_ctrcbc_vtable", header: "bearssl_block.h".}: BlockCtrcbcClass + + +proc aesPwr8CbcencInit*(ctx: var AesPwr8CbcencKeys; key: pointer; len: uint) {.importcFunc, + importc: "br_aes_pwr8_cbcenc_init", header: "bearssl_block.h".} + +proc aesPwr8CbcdecInit*(ctx: var AesPwr8CbcdecKeys; key: pointer; len: uint) {.importcFunc, + importc: "br_aes_pwr8_cbcdec_init", header: "bearssl_block.h".} + +proc aesPwr8CtrInit*(ctx: var AesPwr8CtrKeys; key: pointer; len: uint) {.importcFunc, + importc: "br_aes_pwr8_ctr_init", header: "bearssl_block.h".} + +proc aesPwr8CtrcbcInit*(ctx: var AesPwr8CtrcbcKeys; key: pointer; len: uint) {.importcFunc, + importc: "br_aes_pwr8_ctrcbc_init", header: "bearssl_block.h".} + +proc aesPwr8CbcencRun*(ctx: var AesPwr8CbcencKeys; iv: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_aes_pwr8_cbcenc_run", + header: "bearssl_block.h".} + +proc aesPwr8CbcdecRun*(ctx: var AesPwr8CbcdecKeys; iv: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_aes_pwr8_cbcdec_run", + header: "bearssl_block.h".} + +proc aesPwr8CtrRun*(ctx: var AesPwr8CtrKeys; iv: pointer; cc: uint32; data: pointer; + len: uint): uint32 {.importcFunc, importc: "br_aes_pwr8_ctr_run", + header: "bearssl_block.h".} + +proc aesPwr8CtrcbcEncrypt*(ctx: var AesPwr8CtrcbcKeys; ctr: pointer; cbcmac: pointer; + data: pointer; len: uint) {.importcFunc, + importc: "br_aes_pwr8_ctrcbc_encrypt", header: "bearssl_block.h".} + +proc aesPwr8CtrcbcDecrypt*(ctx: var AesPwr8CtrcbcKeys; ctr: pointer; cbcmac: pointer; + data: pointer; len: uint) {.importcFunc, + importc: "br_aes_pwr8_ctrcbc_decrypt", header: "bearssl_block.h".} + +proc aesPwr8CtrcbcCtr*(ctx: var AesPwr8CtrcbcKeys; ctr: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_aes_pwr8_ctrcbc_ctr", + header: "bearssl_block.h".} + +proc aesPwr8CtrcbcMac*(ctx: var AesPwr8CtrcbcKeys; cbcmac: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_aes_pwr8_ctrcbc_mac", + header: "bearssl_block.h".} + +proc aesPwr8CbcencGetVtable*(): ptr BlockCbcencClass {.importcFunc, + importc: "br_aes_pwr8_cbcenc_get_vtable", header: "bearssl_block.h".} + +proc aesPwr8CbcdecGetVtable*(): ptr BlockCbcdecClass {.importcFunc, + importc: "br_aes_pwr8_cbcdec_get_vtable", header: "bearssl_block.h".} + +proc aesPwr8CtrGetVtable*(): ptr BlockCtrClass {.importcFunc, + importc: "br_aes_pwr8_ctr_get_vtable", header: "bearssl_block.h".} + +proc aesPwr8CtrcbcGetVtable*(): ptr BlockCtrcbcClass {.importcFunc, + importc: "br_aes_pwr8_ctrcbc_get_vtable", header: "bearssl_block.h".} + +type + AesGenCbcencKeys* {.importc: "br_aes_gen_cbcenc_keys", header: "bearssl_block.h", + bycopy, union.} = object + vtable* {.importc: "vtable".}: ptr BlockCbcencClass + cBig* {.importc: "c_big".}: AesBigCbcencKeys + cSmall* {.importc: "c_small".}: AesSmallCbcencKeys + cCt* {.importc: "c_ct".}: AesCtCbcencKeys + cCt64* {.importc: "c_ct64".}: AesCt64CbcencKeys + cX86ni* {.importc: "c_x86ni".}: AesX86niCbcencKeys + cPwr8* {.importc: "c_pwr8".}: AesPwr8CbcencKeys + + + +type + AesGenCbcdecKeys* {.importc: "br_aes_gen_cbcdec_keys", header: "bearssl_block.h", + bycopy, union.} = object + vtable* {.importc: "vtable".}: ptr BlockCbcdecClass + cBig* {.importc: "c_big".}: AesBigCbcdecKeys + cSmall* {.importc: "c_small".}: AesSmallCbcdecKeys + cCt* {.importc: "c_ct".}: AesCtCbcdecKeys + cCt64* {.importc: "c_ct64".}: AesCt64CbcdecKeys + cX86ni* {.importc: "c_x86ni".}: AesX86niCbcdecKeys + cPwr8* {.importc: "c_pwr8".}: AesPwr8CbcdecKeys + + + +type + AesGenCtrKeys* {.importc: "br_aes_gen_ctr_keys", header: "bearssl_block.h", bycopy, + union.} = object + vtable* {.importc: "vtable".}: ptr BlockCtrClass + cBig* {.importc: "c_big".}: AesBigCtrKeys + cSmall* {.importc: "c_small".}: AesSmallCtrKeys + cCt* {.importc: "c_ct".}: AesCtCtrKeys + cCt64* {.importc: "c_ct64".}: AesCt64CtrKeys + cX86ni* {.importc: "c_x86ni".}: AesX86niCtrKeys + cPwr8* {.importc: "c_pwr8".}: AesPwr8CtrKeys + + + +type + AesGenCtrcbcKeys* {.importc: "br_aes_gen_ctrcbc_keys", header: "bearssl_block.h", + bycopy, union.} = object + vtable* {.importc: "vtable".}: ptr BlockCtrcbcClass + cBig* {.importc: "c_big".}: AesBigCtrcbcKeys + cSmall* {.importc: "c_small".}: AesSmallCtrcbcKeys + cCt* {.importc: "c_ct".}: AesCtCtrcbcKeys + cCt64* {.importc: "c_ct64".}: AesCt64CtrcbcKeys + cX86ni* {.importc: "c_x86ni".}: AesX86niCtrcbcKeys + cPwr8* {.importc: "c_pwr8".}: AesPwr8CtrcbcKeys + + + +const + desTabBLOCK_SIZE* = 8 + + +type + DesTabCbcencKeys* {.importc: "br_des_tab_cbcenc_keys", header: "bearssl_block.h", + bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCbcencClass + skey* {.importc: "skey".}: array[96, uint32] + numRounds* {.importc: "num_rounds".}: cuint + + + +type + DesTabCbcdecKeys* {.importc: "br_des_tab_cbcdec_keys", header: "bearssl_block.h", + bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCbcdecClass + skey* {.importc: "skey".}: array[96, uint32] + numRounds* {.importc: "num_rounds".}: cuint + + +var desTabCbcencVtable* {.importc: "br_des_tab_cbcenc_vtable", header: "bearssl_block.h".}: BlockCbcencClass + + +var desTabCbcdecVtable* {.importc: "br_des_tab_cbcdec_vtable", header: "bearssl_block.h".}: BlockCbcdecClass + + +proc desTabCbcencInit*(ctx: var DesTabCbcencKeys; key: pointer; len: uint) {.importcFunc, + importc: "br_des_tab_cbcenc_init", header: "bearssl_block.h".} + +proc desTabCbcdecInit*(ctx: var DesTabCbcdecKeys; key: pointer; len: uint) {.importcFunc, + importc: "br_des_tab_cbcdec_init", header: "bearssl_block.h".} + +proc desTabCbcencRun*(ctx: var DesTabCbcencKeys; iv: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_des_tab_cbcenc_run", + header: "bearssl_block.h".} + +proc desTabCbcdecRun*(ctx: var DesTabCbcdecKeys; iv: pointer; data: pointer; + len: uint) {.importcFunc, importc: "br_des_tab_cbcdec_run", + header: "bearssl_block.h".} + +const + desCtBLOCK_SIZE* = 8 + + +type + DesCtCbcencKeys* {.importc: "br_des_ct_cbcenc_keys", header: "bearssl_block.h", + bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCbcencClass + skey* {.importc: "skey".}: array[96, uint32] + numRounds* {.importc: "num_rounds".}: cuint + + + +type + DesCtCbcdecKeys* {.importc: "br_des_ct_cbcdec_keys", header: "bearssl_block.h", + bycopy.} = object + vtable* {.importc: "vtable".}: ptr BlockCbcdecClass + skey* {.importc: "skey".}: array[96, uint32] + numRounds* {.importc: "num_rounds".}: cuint + + +var desCtCbcencVtable* {.importc: "br_des_ct_cbcenc_vtable", header: "bearssl_block.h".}: BlockCbcencClass + + +var desCtCbcdecVtable* {.importc: "br_des_ct_cbcdec_vtable", header: "bearssl_block.h".}: BlockCbcdecClass + + +proc desCtCbcencInit*(ctx: var DesCtCbcencKeys; key: pointer; len: uint) {.importcFunc, + importc: "br_des_ct_cbcenc_init", header: "bearssl_block.h".} + +proc desCtCbcdecInit*(ctx: var DesCtCbcdecKeys; key: pointer; len: uint) {.importcFunc, + importc: "br_des_ct_cbcdec_init", header: "bearssl_block.h".} + +proc desCtCbcencRun*(ctx: var DesCtCbcencKeys; iv: pointer; data: pointer; len: uint) {. + importcFunc, importc: "br_des_ct_cbcenc_run", header: "bearssl_block.h".} + +proc desCtCbcdecRun*(ctx: var DesCtCbcdecKeys; iv: pointer; data: pointer; len: uint) {. + importcFunc, importc: "br_des_ct_cbcdec_run", header: "bearssl_block.h".} + +type + DesGenCbcencKeys* {.importc: "br_des_gen_cbcenc_keys", header: "bearssl_block.h", + bycopy, union.} = object + vtable* {.importc: "vtable".}: ptr BlockCbcencClass + tab* {.importc: "tab".}: DesTabCbcencKeys + ct* {.importc: "ct".}: DesCtCbcencKeys + + + +type + DesGenCbcdecKeys* {.importc: "br_des_gen_cbcdec_keys", header: "bearssl_block.h", + bycopy, union.} = object + vtable* {.importc: "vtable".}: ptr BlockCbcdecClass + cTab* {.importc: "c_tab".}: DesTabCbcdecKeys + cCt* {.importc: "c_ct".}: DesCtCbcdecKeys + + + +type + Chacha20Run* {.importc: "br_chacha20_run".} = proc (key: pointer; iv: pointer; cc: uint32; data: pointer; len: uint): uint32 {. + importcFunc.} + + +proc chacha20CtRun*(key: pointer; iv: pointer; cc: uint32; data: pointer; len: uint): uint32 {. + importcFunc, importc: "br_chacha20_ct_run", header: "bearssl_block.h".} + +proc chacha20Sse2Run*(key: pointer; iv: pointer; cc: uint32; data: pointer; len: uint): uint32 {. + importcFunc, importc: "br_chacha20_sse2_run", header: "bearssl_block.h".} + +proc chacha20Sse2Get*(): Chacha20Run {.importcFunc, importc: "br_chacha20_sse2_get", + header: "bearssl_block.h".} + +type + Poly1305Run* {.importc: "br_poly1305_run".} = proc (key: pointer; iv: pointer; data: pointer; len: uint; + aad: pointer; aadLen: uint; tag: pointer; ichacha: Chacha20Run; + encrypt: cint) {.importcFunc.} + + +proc poly1305CtmulRun*(key: pointer; iv: pointer; data: pointer; len: uint; + aad: pointer; aadLen: uint; tag: pointer; + ichacha: Chacha20Run; encrypt: cint) {.importcFunc, + importc: "br_poly1305_ctmul_run", header: "bearssl_block.h".} + +proc poly1305Ctmul32Run*(key: pointer; iv: pointer; data: pointer; len: uint; + aad: pointer; aadLen: uint; tag: pointer; + ichacha: Chacha20Run; encrypt: cint) {.importcFunc, + importc: "br_poly1305_ctmul32_run", header: "bearssl_block.h".} + +proc poly1305I15Run*(key: pointer; iv: pointer; data: pointer; len: uint; + aad: pointer; aadLen: uint; tag: pointer; ichacha: Chacha20Run; + encrypt: cint) {.importcFunc, importc: "br_poly1305_i15_run", + header: "bearssl_block.h".} + +proc poly1305CtmulqRun*(key: pointer; iv: pointer; data: pointer; len: uint; + aad: pointer; aadLen: uint; tag: pointer; + ichacha: Chacha20Run; encrypt: cint) {.importcFunc, + importc: "br_poly1305_ctmulq_run", header: "bearssl_block.h".} + +proc poly1305CtmulqGet*(): Poly1305Run {.importcFunc, importc: "br_poly1305_ctmulq_get", + header: "bearssl_block.h".} diff --git a/bearssl/abi/bearssl_ec.nim b/bearssl/abi/bearssl_ec.nim new file mode 100644 index 0000000..5da01b4 --- /dev/null +++ b/bearssl/abi/bearssl_ec.nim @@ -0,0 +1,334 @@ +import + "."/[bearssl_hash, bearssl_rand, csources, intx] + +{.pragma: importcFunc, cdecl, gcsafe, noSideEffect, raises: [].} +{.used.} + +const + bearEcPath = bearSrcPath / "ec" + +{.compile: bearEcPath / "ecdsa_atr.c".} +{.compile: bearEcPath / "ecdsa_default_sign_asn1.c".} +{.compile: bearEcPath / "ecdsa_default_sign_raw.c".} +{.compile: bearEcPath / "ecdsa_default_vrfy_asn1.c".} +{.compile: bearEcPath / "ecdsa_default_vrfy_raw.c".} +{.compile: bearEcPath / "ecdsa_i15_bits.c".} +{.compile: bearEcPath / "ecdsa_i15_sign_asn1.c".} +{.compile: bearEcPath / "ecdsa_i15_sign_raw.c".} +{.compile: bearEcPath / "ecdsa_i15_vrfy_asn1.c".} +{.compile: bearEcPath / "ecdsa_i15_vrfy_raw.c".} +{.compile: bearEcPath / "ecdsa_i31_bits.c".} +{.compile: bearEcPath / "ecdsa_i31_sign_asn1.c".} +{.compile: bearEcPath / "ecdsa_i31_sign_raw.c".} +{.compile: bearEcPath / "ecdsa_i31_vrfy_asn1.c".} +{.compile: bearEcPath / "ecdsa_i31_vrfy_raw.c".} +{.compile: bearEcPath / "ecdsa_rta.c".} +{.compile: bearEcPath / "ec_all_m15.c".} +{.compile: bearEcPath / "ec_all_m31.c".} +{.compile: bearEcPath / "ec_c25519_i15.c".} +{.compile: bearEcPath / "ec_c25519_i31.c".} +{.compile: bearEcPath / "ec_c25519_m15.c".} +{.compile: bearEcPath / "ec_c25519_m31.c".} +{.compile: bearEcPath / "ec_c25519_m62.c".} +{.compile: bearEcPath / "ec_c25519_m64.c".} +{.compile: bearEcPath / "ec_curve25519.c".} +{.compile: bearEcPath / "ec_default.c".} +{.compile: bearEcPath / "ec_keygen.c".} +{.compile: bearEcPath / "ec_p256_m15.c".} +{.compile: bearEcPath / "ec_p256_m31.c".} +{.compile: bearEcPath / "ec_p256_m62.c".} +{.compile: bearEcPath / "ec_p256_m64.c".} +{.compile: bearEcPath / "ec_prime_i15.c".} +{.compile: bearEcPath / "ec_prime_i31.c".} +{.compile: bearEcPath / "ec_pubkey.c".} +{.compile: bearEcPath / "ec_secp256r1.c".} +{.compile: bearEcPath / "ec_secp384r1.c".} +{.compile: bearEcPath / "ec_secp521r1.c".} + + +const + EC_sect163k1* = 1 + + +const + EC_sect163r1* = 2 + + +const + EC_sect163r2* = 3 + + +const + EC_sect193r1* = 4 + + +const + EC_sect193r2* = 5 + + +const + EC_sect233k1* = 6 + + +const + EC_sect233r1* = 7 + + +const + EC_sect239k1* = 8 + + +const + EC_sect283k1* = 9 + + +const + EC_sect283r1* = 10 + + +const + EC_sect409k1* = 11 + + +const + EC_sect409r1* = 12 + + +const + EC_sect571k1* = 13 + + +const + EC_sect571r1* = 14 + + +const + EC_secp160k1* = 15 + + +const + EC_secp160r1* = 16 + + +const + EC_secp160r2* = 17 + + +const + EC_secp192k1* = 18 + + +const + EC_secp192r1* = 19 + + +const + EC_secp224k1* = 20 + + +const + EC_secp224r1* = 21 + + +const + EC_secp256k1* = 22 + + +const + EC_secp256r1* = 23 + + +const + EC_secp384r1* = 24 + + +const + EC_secp521r1* = 25 + + +const + EC_brainpoolP256r1* = 26 + + +const + EC_brainpoolP384r1* = 27 + + +const + EC_brainpoolP512r1* = 28 + + +const + EC_curve25519* = 29 + + +const + EC_curve448* = 30 + + +type + EcPublicKey* {.importc: "br_ec_public_key", header: "bearssl_ec.h", bycopy.} = object + curve* {.importc: "curve".}: cint + q* {.importc: "q".}: ptr byte + qlen* {.importc: "qlen".}: uint + + + +type + EcPrivateKey* {.importc: "br_ec_private_key", header: "bearssl_ec.h", bycopy.} = object + curve* {.importc: "curve".}: cint + x* {.importc: "x".}: ptr byte + xlen* {.importc: "xlen".}: uint + + + +type + EcImpl* {.importc: "br_ec_impl", header: "bearssl_ec.h", bycopy.} = object + supportedCurves* {.importc: "supported_curves".}: uint32 + generator* {.importc: "generator".}: proc (curve: cint; len: var uint): ptr byte {. + importcFunc.} + order* {.importc: "order".}: proc (curve: cint; len: var uint): ptr byte {.importcFunc.} + xoff* {.importc: "xoff".}: proc (curve: cint; len: var uint): uint {.importcFunc.} + mul* {.importc: "mul".}: proc (g: ptr byte; glen: uint; x: ptr byte; + xlen: uint; curve: cint): uint32 {.importcFunc.} + mulgen* {.importc: "mulgen".}: proc (r: ptr byte; x: ptr byte; xlen: uint; + curve: cint): uint {.importcFunc.} + muladd* {.importc: "muladd".}: proc (a: ptr byte; b: ptr byte; len: uint; + x: ptr byte; xlen: uint; y: ptr byte; + ylen: uint; curve: cint): uint32 {.importcFunc.} + + +var ecPrimeI31* {.importc: "br_ec_prime_i31", header: "bearssl_ec.h".}: EcImpl + + +var ecPrimeI15* {.importc: "br_ec_prime_i15", header: "bearssl_ec.h".}: EcImpl + + +var ecP256M15* {.importc: "br_ec_p256_m15", header: "bearssl_ec.h".}: EcImpl + + +var ecP256M31* {.importc: "br_ec_p256_m31", header: "bearssl_ec.h".}: EcImpl + + +var ecP256M62* {.importc: "br_ec_p256_m62", header: "bearssl_ec.h".}: EcImpl + + +proc ecP256M62Get*(): ptr EcImpl {.importcFunc, importc: "br_ec_p256_m62_get", + header: "bearssl_ec.h".} + +var ecP256M64* {.importc: "br_ec_p256_m64", header: "bearssl_ec.h".}: EcImpl + + +proc ecP256M64Get*(): ptr EcImpl {.importcFunc, importc: "br_ec_p256_m64_get", + header: "bearssl_ec.h".} + + +var ecC25519I15* {.importc: "br_ec_c25519_i15", header: "bearssl_ec.h".}: EcImpl + + +var ecC25519I31* {.importc: "br_ec_c25519_i31", header: "bearssl_ec.h".}: EcImpl + + +var ecC25519M15* {.importc: "br_ec_c25519_m15", header: "bearssl_ec.h".}: EcImpl + + +var ecC25519M31* {.importc: "br_ec_c25519_m31", header: "bearssl_ec.h".}: EcImpl + + +var ecC25519M62* {.importc: "br_ec_c25519_m62", header: "bearssl_ec.h".}: EcImpl + + +proc ecC25519M62Get*(): ptr EcImpl {.importcFunc, importc: "br_ec_c25519_m62_get", + header: "bearssl_ec.h".} + +var ecC25519M64* {.importc: "br_ec_c25519_m64", header: "bearssl_ec.h".}: EcImpl + + +proc ecC25519M64Get*(): ptr EcImpl {.importcFunc, importc: "br_ec_c25519_m64_get", + header: "bearssl_ec.h".} + + +var ecAllM15* {.importc: "br_ec_all_m15", header: "bearssl_ec.h".}: EcImpl + + +var ecAllM31* {.importc: "br_ec_all_m31", header: "bearssl_ec.h".}: EcImpl + + +proc ecGetDefault*(): ptr EcImpl {.importcFunc, importc: "br_ec_get_default", + header: "bearssl_ec.h".} + +proc ecdsaRawToAsn1*(sig: pointer; sigLen: uint): uint {.importcFunc, + importc: "br_ecdsa_raw_to_asn1", header: "bearssl_ec.h".} + +proc ecdsaAsn1ToRaw*(sig: pointer; sigLen: uint): uint {.importcFunc, + importc: "br_ecdsa_asn1_to_raw", header: "bearssl_ec.h".} + +type + EcdsaSign* {.importc: "br_ecdsa_sign".} = proc (impl: ptr EcImpl; hf: ptr HashClass; hashValue: pointer; + sk: ptr EcPrivateKey; sig: pointer): uint {.importcFunc.} + + +type + EcdsaVrfy* {.importc: "br_ecdsa_vrfy".} = proc (impl: ptr EcImpl; hash: pointer; hashLen: uint; + pk: ptr EcPublicKey; sig: pointer; sigLen: uint): uint32 {.importcFunc.} + + +proc ecdsaI31SignAsn1*(impl: ptr EcImpl; hf: ptr HashClass; hashValue: pointer; + sk: ptr EcPrivateKey; sig: pointer): uint {.importcFunc, + importc: "br_ecdsa_i31_sign_asn1", header: "bearssl_ec.h".} + +proc ecdsaI31SignRaw*(impl: ptr EcImpl; hf: ptr HashClass; hashValue: pointer; + sk: ptr EcPrivateKey; sig: pointer): uint {.importcFunc, + importc: "br_ecdsa_i31_sign_raw", header: "bearssl_ec.h".} + +proc ecdsaI31VrfyAsn1*(impl: ptr EcImpl; hash: pointer; hashLen: uint; + pk: ptr EcPublicKey; sig: pointer; sigLen: uint): uint32 {. + importcFunc, importc: "br_ecdsa_i31_vrfy_asn1", header: "bearssl_ec.h".} + +proc ecdsaI31VrfyRaw*(impl: ptr EcImpl; hash: pointer; hashLen: uint; + pk: ptr EcPublicKey; sig: pointer; sigLen: uint): uint32 {. + importcFunc, importc: "br_ecdsa_i31_vrfy_raw", header: "bearssl_ec.h".} + +proc ecdsaI15SignAsn1*(impl: ptr EcImpl; hf: ptr HashClass; hashValue: pointer; + sk: ptr EcPrivateKey; sig: pointer): uint {.importcFunc, + importc: "br_ecdsa_i15_sign_asn1", header: "bearssl_ec.h".} + +proc ecdsaI15SignRaw*(impl: ptr EcImpl; hf: ptr HashClass; hashValue: pointer; + sk: ptr EcPrivateKey; sig: pointer): uint {.importcFunc, + importc: "br_ecdsa_i15_sign_raw", header: "bearssl_ec.h".} + +proc ecdsaI15VrfyAsn1*(impl: ptr EcImpl; hash: pointer; hashLen: uint; + pk: ptr EcPublicKey; sig: pointer; sigLen: uint): uint32 {. + importcFunc, importc: "br_ecdsa_i15_vrfy_asn1", header: "bearssl_ec.h".} + +proc ecdsaI15VrfyRaw*(impl: ptr EcImpl; hash: pointer; hashLen: uint; + pk: ptr EcPublicKey; sig: pointer; sigLen: uint): uint32 {. + importcFunc, importc: "br_ecdsa_i15_vrfy_raw", header: "bearssl_ec.h".} + +proc ecdsaSignAsn1GetDefault*(): EcdsaSign {.importcFunc, + importc: "br_ecdsa_sign_asn1_get_default", header: "bearssl_ec.h".} + +proc ecdsaSignRawGetDefault*(): EcdsaSign {.importcFunc, + importc: "br_ecdsa_sign_raw_get_default", header: "bearssl_ec.h".} + +proc ecdsaVrfyAsn1GetDefault*(): EcdsaVrfy {.importcFunc, + importc: "br_ecdsa_vrfy_asn1_get_default", header: "bearssl_ec.h".} + +proc ecdsaVrfyRawGetDefault*(): EcdsaVrfy {.importcFunc, + importc: "br_ecdsa_vrfy_raw_get_default", header: "bearssl_ec.h".} + +const + EC_KBUF_PRIV_MAX_SIZE* = 72 + + +const + EC_KBUF_PUB_MAX_SIZE* = 145 + + +proc ecKeygen*(rngCtx: ptr ptr PrngClass; impl: ptr EcImpl; sk: ptr EcPrivateKey; + kbuf: pointer; curve: cint): uint {.importcFunc, importc: "br_ec_keygen", + header: "bearssl_ec.h".} + +proc ecComputePub*(impl: ptr EcImpl; pk: ptr EcPublicKey; kbuf: pointer; + sk: ptr EcPrivateKey): uint {.importcFunc, + importc: "br_ec_compute_pub", header: "bearssl_ec.h".} diff --git a/bearssl/abi/bearssl_hash.nim b/bearssl/abi/bearssl_hash.nim new file mode 100644 index 0000000..5f61121 --- /dev/null +++ b/bearssl/abi/bearssl_hash.nim @@ -0,0 +1,368 @@ +import + "."/[csources, inner] + +{.pragma: importcFunc, cdecl, gcsafe, noSideEffect, raises: [].} +{.used.} + +const + bearHashPath = bearSrcPath / "hash" + +{.compile: bearHashPath / "dig_oid.c".} +{.compile: bearHashPath / "dig_size.c".} +{.compile: bearHashPath / "ghash_ctmul.c".} +{.compile: bearHashPath / "ghash_ctmul32.c".} +{.compile: bearHashPath / "ghash_ctmul64.c".} +{.compile: bearHashPath / "ghash_pclmul.c".} +{.compile: bearHashPath / "ghash_pwr8.c".} +{.compile: bearHashPath / "md5.c".} +{.compile: bearHashPath / "md5sha1.c".} +{.compile: bearHashPath / "mgf1.c".} +{.compile: bearHashPath / "multihash.c".} +{.compile: bearHashPath / "sha1.c".} +{.compile: bearHashPath / "sha2big.c".} +{.compile: bearHashPath / "sha2small.c".} + +type + HashClass* {.importc: "br_hash_class", header: "bearssl_hash.h", bycopy.} = object + contextSize* {.importc: "context_size".}: uint + desc* {.importc: "desc".}: uint32 + init* {.importc: "init".}: proc (ctx: ptr ptr HashClass) {.importcFunc.} + update* {.importc: "update".}: proc (ctx: ptr ptr HashClass; data: pointer; + len: uint) {.importcFunc.} + `out`* {.importc: "out".}: proc (ctx: ptr ptr HashClass; dst: pointer) {.importcFunc.} + state* {.importc: "state".}: proc (ctx: ptr ptr HashClass; dst: pointer): uint64 {. + importcFunc.} + setState* {.importc: "set_state".}: proc (ctx: ptr ptr HashClass; stb: pointer; + count: uint64) {.importcFunc.} + + +template hashdesc_Id*(id: untyped): untyped = + ((uint32)(id) shl hashdesc_Id_Off) + +const + HASHDESC_ID_OFF* = 0 + HASHDESC_ID_MASK* = 0xFF + +template hashdesc_Out*(size: untyped): untyped = + ((uint32)(size) shl hashdesc_Out_Off) + +const + HASHDESC_OUT_OFF* = 8 + HASHDESC_OUT_MASK* = 0x7F + +template hashdesc_State*(size: untyped): untyped = + ((uint32)(size) shl hashdesc_State_Off) + +const + HASHDESC_STATE_OFF* = 15 + HASHDESC_STATE_MASK* = 0xFF + +template hashdesc_Lblen*(ls: untyped): untyped = + ((uint32)(ls) shl hashdesc_Lblen_Off) + +const + HASHDESC_LBLEN_OFF* = 23 + HASHDESC_LBLEN_MASK* = 0x0F + HASHDESC_MD_PADDING* = (1'u32 shl 28) + HASHDESC_MD_PADDING_128* = (1'u32 shl 29) + HASHDESC_MD_PADDING_BE* = (1'u32 shl 30) + + +const + md5ID* = 1 + + +const + md5SIZE* = 16 + + +var md5Vtable* {.importc: "br_md5_vtable", header: "bearssl_hash.h".}: HashClass + + +type + Md5Context* {.importc: "br_md5_context", header: "bearssl_hash.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr HashClass + buf* {.importc: "buf".}: array[64, byte] + count* {.importc: "count".}: uint64 + val* {.importc: "val".}: array[4, uint32] + + + +proc md5Init*(ctx: var Md5Context) {.importcFunc, importc: "br_md5_init", + header: "bearssl_hash.h".} + +proc md5Update*(ctx: var Md5Context; data: pointer; len: uint) {.importcFunc, + importc: "br_md5_update", header: "bearssl_hash.h".} + +proc md5Out*(ctx: var Md5Context; `out`: pointer) {.importcFunc, importc: "br_md5_out", + header: "bearssl_hash.h".} + +proc md5State*(ctx: var Md5Context; `out`: pointer): uint64 {.importcFunc, + importc: "br_md5_state", header: "bearssl_hash.h".} + +proc md5SetState*(ctx: var Md5Context; stb: pointer; count: uint64) {.importcFunc, + importc: "br_md5_set_state", header: "bearssl_hash.h".} + +const + sha1ID* = 2 + + +const + sha1SIZE* = 20 + + +var sha1Vtable* {.importc: "br_sha1_vtable", header: "bearssl_hash.h".}: HashClass + + +type + Sha1Context* {.importc: "br_sha1_context", header: "bearssl_hash.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr HashClass + buf* {.importc: "buf".}: array[64, byte] + count* {.importc: "count".}: uint64 + val* {.importc: "val".}: array[5, uint32] + + + +proc sha1Init*(ctx: var Sha1Context) {.importcFunc, importc: "br_sha1_init", + header: "bearssl_hash.h".} + +proc sha1Update*(ctx: var Sha1Context; data: pointer; len: uint) {.importcFunc, + importc: "br_sha1_update", header: "bearssl_hash.h".} + +proc sha1Out*(ctx: var Sha1Context; `out`: pointer) {.importcFunc, importc: "br_sha1_out", + header: "bearssl_hash.h".} + +proc sha1State*(ctx: var Sha1Context; `out`: pointer): uint64 {.importcFunc, + importc: "br_sha1_state", header: "bearssl_hash.h".} + +proc sha1SetState*(ctx: var Sha1Context; stb: pointer; count: uint64) {.importcFunc, + importc: "br_sha1_set_state", header: "bearssl_hash.h".} + +const + sha224ID* = 3 + + +const + sha224SIZE* = 28 + + +var sha224Vtable* {.importc: "br_sha224_vtable", header: "bearssl_hash.h".}: HashClass + + +type + Sha224Context* {.importc: "br_sha224_context", header: "bearssl_hash.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr HashClass + buf* {.importc: "buf".}: array[64, byte] + count* {.importc: "count".}: uint64 + val* {.importc: "val".}: array[8, uint32] + + + +proc sha224Init*(ctx: var Sha224Context) {.importcFunc, importc: "br_sha224_init", + header: "bearssl_hash.h".} + +proc sha224Update*(ctx: var Sha224Context; data: pointer; len: uint) {.importcFunc, + importc: "br_sha224_update", header: "bearssl_hash.h".} + +proc sha224Out*(ctx: var Sha224Context; `out`: pointer) {.importcFunc, + importc: "br_sha224_out", header: "bearssl_hash.h".} + +proc sha224State*(ctx: var Sha224Context; `out`: pointer): uint64 {.importcFunc, + importc: "br_sha224_state", header: "bearssl_hash.h".} + +proc sha224SetState*(ctx: var Sha224Context; stb: pointer; count: uint64) {.importcFunc, + importc: "br_sha224_set_state", header: "bearssl_hash.h".} + +const + sha256ID* = 4 + + +const + sha256SIZE* = 32 + + +var sha256Vtable* {.importc: "br_sha256_vtable", header: "bearssl_hash.h".}: HashClass + +type + Sha256Context* = Sha224Context + + +proc sha256Init*(ctx: var Sha256Context) {.importcFunc, importc: "br_sha256_init", + header: "bearssl_hash.h".} + +template sha256Update*(ctx: var Sha256Context; data: pointer; len: int) = + sha224Update(ctx, data, len) + +proc sha256Out*(ctx: var Sha256Context; `out`: pointer) {.importcFunc, + importc: "br_sha256_out", header: "bearssl_hash.h".} + +template sha256State*(ctx: var Sha256Context; `out`: pointer): uint64 = + sha224State(ctx, `out`) + +template sha256SetState*(ctx: var Sha256Context; stb: pointer; count: uint64) = + sha224SetState(ctx, stb, count) + +const + sha384ID* = 5 + + +const + sha384SIZE* = 48 + + +var sha384Vtable* {.importc: "br_sha384_vtable", header: "bearssl_hash.h".}: HashClass + + +type + Sha384Context* {.importc: "br_sha384_context", header: "bearssl_hash.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr HashClass + buf* {.importc: "buf".}: array[128, byte] + count* {.importc: "count".}: uint64 + val* {.importc: "val".}: array[8, uint64] + + + +proc sha384Init*(ctx: var Sha384Context) {.importcFunc, importc: "br_sha384_init", + header: "bearssl_hash.h".} + +proc sha384Update*(ctx: var Sha384Context; data: pointer; len: uint) {.importcFunc, + importc: "br_sha384_update", header: "bearssl_hash.h".} + +proc sha384Out*(ctx: var Sha384Context; `out`: pointer) {.importcFunc, + importc: "br_sha384_out", header: "bearssl_hash.h".} + +proc sha384State*(ctx: var Sha384Context; `out`: pointer): uint64 {.importcFunc, + importc: "br_sha384_state", header: "bearssl_hash.h".} + +proc sha384SetState*(ctx: var Sha384Context; stb: pointer; count: uint64) {.importcFunc, + importc: "br_sha384_set_state", header: "bearssl_hash.h".} + +const + sha512ID* = 6 + + +const + sha512SIZE* = 64 + + +var sha512Vtable* {.importc: "br_sha512_vtable", header: "bearssl_hash.h".}: HashClass + +type + Sha512Context* = Sha384Context + + +proc sha512Init*(ctx: var Sha512Context) {.importcFunc, importc: "br_sha512_init", + header: "bearssl_hash.h".} +const + sha512Update* = sha384Update + + +proc sha512Out*(ctx: var Sha512Context; `out`: pointer) {.importcFunc, + importc: "br_sha512_out", header: "bearssl_hash.h".} + +const + md5sha1ID* = 0 + + +const + md5sha1SIZE* = 36 + + +var md5sha1Vtable* {.importc: "br_md5sha1_vtable", header: "bearssl_hash.h".}: HashClass + + +type + Md5sha1Context* {.importc: "br_md5sha1_context", header: "bearssl_hash.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr HashClass + buf* {.importc: "buf".}: array[64, byte] + count* {.importc: "count".}: uint64 + valMd5* {.importc: "val_md5".}: array[4, uint32] + valSha1* {.importc: "val_sha1".}: array[5, uint32] + + + +proc md5sha1Init*(ctx: var Md5sha1Context) {.importcFunc, importc: "br_md5sha1_init", + header: "bearssl_hash.h".} + +proc md5sha1Update*(ctx: var Md5sha1Context; data: pointer; len: uint) {.importcFunc, + importc: "br_md5sha1_update", header: "bearssl_hash.h".} + +proc md5sha1Out*(ctx: var Md5sha1Context; `out`: pointer) {.importcFunc, + importc: "br_md5sha1_out", header: "bearssl_hash.h".} + +proc md5sha1State*(ctx: var Md5sha1Context; `out`: pointer): uint64 {.importcFunc, + importc: "br_md5sha1_state", header: "bearssl_hash.h".} + +proc md5sha1SetState*(ctx: var Md5sha1Context; stb: pointer; count: uint64) {.importcFunc, + importc: "br_md5sha1_set_state", header: "bearssl_hash.h".} + +type + HashCompatContext* {.importc: "br_hash_compat_context", header: "bearssl_hash.h", + bycopy, union.} = object + vtable* {.importc: "vtable".}: ptr HashClass + md5* {.importc: "md5".}: Md5Context + sha1* {.importc: "sha1".}: Sha1Context + sha224* {.importc: "sha224".}: Sha224Context + sha256* {.importc: "sha256".}: Sha256Context + sha384* {.importc: "sha384".}: Sha384Context + sha512* {.importc: "sha512".}: Sha512Context + md5sha1* {.importc: "md5sha1".}: Md5sha1Context + + + +type + MultihashContext* {.importc: "br_multihash_context", header: "bearssl_hash.h", + bycopy.} = object + buf* {.importc: "buf".}: array[128, byte] + count* {.importc: "count".}: uint64 + val32* {.importc: "val_32".}: array[25, uint32] + val64* {.importc: "val_64".}: array[16, uint64] + impl* {.importc: "impl".}: array[6, ptr HashClass] + + + +proc multihashZero*(ctx: var MultihashContext) {.importcFunc, importc: "br_multihash_zero", + header: "bearssl_hash.h".} + +proc multihashSetimpl*(ctx: var MultihashContext; id: cint; impl: ptr HashClass) {. + inline.} = + ctx.impl[id - 1] = impl + + +proc multihashGetimpl*(ctx: var MultihashContext; id: cint): ptr HashClass {.inline.} = + return ctx.impl[id - 1] + + +proc multihashInit*(ctx: var MultihashContext) {.importcFunc, importc: "br_multihash_init", + header: "bearssl_hash.h".} + +proc multihashUpdate*(ctx: var MultihashContext; data: pointer; len: uint) {.importcFunc, + importc: "br_multihash_update", header: "bearssl_hash.h".} + +proc multihashOut*(ctx: var MultihashContext; id: cint; dst: pointer): uint {.importcFunc, + importc: "br_multihash_out", header: "bearssl_hash.h".} + +type + Ghash* {.importc: "br_ghash".} = proc (y: pointer; h: pointer; data: pointer; len: uint) {.importcFunc.} + + +proc ghashCtmul*(y: pointer; h: pointer; data: pointer; len: uint) {.importcFunc, + importc: "br_ghash_ctmul", header: "bearssl_hash.h".} + +proc ghashCtmul32*(y: pointer; h: pointer; data: pointer; len: uint) {.importcFunc, + importc: "br_ghash_ctmul32", header: "bearssl_hash.h".} + +proc ghashCtmul64*(y: pointer; h: pointer; data: pointer; len: uint) {.importcFunc, + importc: "br_ghash_ctmul64", header: "bearssl_hash.h".} + +proc ghashPclmul*(y: pointer; h: pointer; data: pointer; len: uint) {.importcFunc, + importc: "br_ghash_pclmul", header: "bearssl_hash.h".} + +proc ghashPclmulGet*(): Ghash {.importcFunc, importc: "br_ghash_pclmul_get", + header: "bearssl_hash.h".} + +proc ghashPwr8*(y: pointer; h: pointer; data: pointer; len: uint) {.importcFunc, + importc: "br_ghash_pwr8", header: "bearssl_hash.h".} + +proc ghashPwr8Get*(): Ghash {.importcFunc, importc: "br_ghash_pwr8_get", + header: "bearssl_hash.h".} diff --git a/bearssl/abi/bearssl_hmac.nim b/bearssl/abi/bearssl_hmac.nim new file mode 100644 index 0000000..aa9706a --- /dev/null +++ b/bearssl/abi/bearssl_hmac.nim @@ -0,0 +1,56 @@ +import + "."/[bearssl_hash, csources, inner] + +{.pragma: importcFunc, cdecl, gcsafe, noSideEffect, raises: [].} +{.used.} + +const + bearMacPath = bearSrcPath / "mac" + +{.compile: bearMacPath / "hmac.c".} +{.compile: bearMacPath / "hmac_ct.c".} + +type + HmacKeyContext* {.importc: "br_hmac_key_context", header: "bearssl_hmac.h", bycopy.} = object + digVtable* {.importc: "dig_vtable".}: ptr HashClass + ksi* {.importc: "ksi".}: array[64, byte] + kso* {.importc: "kso".}: array[64, byte] + + + +proc hmacKeyInit*(kc: var HmacKeyContext; digestVtable: ptr HashClass; key: pointer; + keyLen: uint) {.importcFunc, importc: "br_hmac_key_init", + header: "bearssl_hmac.h".} + +proc hmacKeyGetDigest*(kc: var HmacKeyContext): ptr HashClass {.inline.} = + return kc.digVtable + + +type + HmacContext* {.importc: "br_hmac_context", header: "bearssl_hmac.h", bycopy.} = object + dig* {.importc: "dig".}: HashCompatContext + kso* {.importc: "kso".}: array[64, byte] + outLen* {.importc: "out_len".}: uint + + + +proc hmacInit*(ctx: var HmacContext; kc: var HmacKeyContext; outLen: uint) {.importcFunc, + importc: "br_hmac_init", header: "bearssl_hmac.h".} + +proc hmacSize*(ctx: var HmacContext): uint {.inline, importcFunc, importc: "br_hmac_size".} = + return ctx.outLen + + +proc hmacGetDigest*(hc: var HmacContext): ptr HashClass {.inline.} = + return hc.dig.vtable + + +proc hmacUpdate*(ctx: var HmacContext; data: pointer; len: uint) {.importcFunc, + importc: "br_hmac_update", header: "bearssl_hmac.h".} + +proc hmacOut*(ctx: var HmacContext; `out`: pointer): uint {.importcFunc, + importc: "br_hmac_out", header: "bearssl_hmac.h".} + +proc hmacOutCT*(ctx: var HmacContext; data: pointer; len: uint; minLen: uint; + maxLen: uint; `out`: pointer): uint {.importcFunc, + importc: "br_hmac_outCT", header: "bearssl_hmac.h".} diff --git a/bearssl/abi/bearssl_kdf.nim b/bearssl/abi/bearssl_kdf.nim new file mode 100644 index 0000000..9338700 --- /dev/null +++ b/bearssl/abi/bearssl_kdf.nim @@ -0,0 +1,65 @@ +import + "."/[bearssl_hash, bearssl_hmac, csources] + +{.pragma: importcFunc, cdecl, gcsafe, noSideEffect, raises: [].} +{.used.} + +const + bearKdfPath = bearSrcPath / "kdf" + +{.compile: bearKdfPath / "hkdf.c".} +{.compile: bearKdfPath / "shake.c".} + +type + INNER_C_UNION_bearssl_kdf_1* {.importc: "br_hkdf_context::no_name", + header: "bearssl_kdf.h", bycopy, union.} = object + hmacCtx* {.importc: "hmac_ctx".}: HmacContext + prkCtx* {.importc: "prk_ctx".}: HmacKeyContext + + HkdfContext* {.importc: "br_hkdf_context", header: "bearssl_kdf.h", bycopy.} = object + u* {.importc: "u".}: INNER_C_UNION_bearssl_kdf_1 + buf* {.importc: "buf".}: array[64, byte] + `ptr`* {.importc: "ptr".}: uint + digLen* {.importc: "dig_len".}: uint + chunkNum* {.importc: "chunk_num".}: cuint + + + +proc hkdfInit*(hc: var HkdfContext; digestVtable: ptr HashClass; salt: pointer; + saltLen: uint) {.importcFunc, importc: "br_hkdf_init", + header: "bearssl_kdf.h".} + + +var hkdfNoSalt* {.importc: "br_hkdf_no_salt", header: "bearssl_kdf.h".}: byte + + +proc hkdfInject*(hc: var HkdfContext; ikm: pointer; ikmLen: uint) {.importcFunc, + importc: "br_hkdf_inject", header: "bearssl_kdf.h".} + +proc hkdfFlip*(hc: var HkdfContext) {.importcFunc, importc: "br_hkdf_flip", + header: "bearssl_kdf.h".} + +proc hkdfProduce*(hc: var HkdfContext; info: pointer; infoLen: uint; `out`: pointer; + outLen: uint): uint {.importcFunc, importc: "br_hkdf_produce", + header: "bearssl_kdf.h".} + +type + ShakeContext* {.importc: "br_shake_context", header: "bearssl_kdf.h", bycopy.} = object + dbuf* {.importc: "dbuf".}: array[200, byte] + dptr* {.importc: "dptr".}: uint + rate* {.importc: "rate".}: uint + a* {.importc: "A".}: array[25, uint64] + + + +proc shakeInit*(sc: var ShakeContext; securityLevel: cint) {.importcFunc, + importc: "br_shake_init", header: "bearssl_kdf.h".} + +proc shakeInject*(sc: var ShakeContext; data: pointer; len: uint) {.importcFunc, + importc: "br_shake_inject", header: "bearssl_kdf.h".} + +proc shakeFlip*(hc: var ShakeContext) {.importcFunc, importc: "br_shake_flip", + header: "bearssl_kdf.h".} + +proc shakeProduce*(sc: var ShakeContext; `out`: pointer; len: uint) {.importcFunc, + importc: "br_shake_produce", header: "bearssl_kdf.h".} diff --git a/bearssl/abi/bearssl_pem.nim b/bearssl/abi/bearssl_pem.nim new file mode 100644 index 0000000..4791b31 --- /dev/null +++ b/bearssl/abi/bearssl_pem.nim @@ -0,0 +1,76 @@ +import + "."/[csources] + +{.pragma: importcFunc, cdecl, gcsafe, noSideEffect, raises: [].} +{.used.} + +const + bearCodecPath = bearSrcPath & "/" & "codec" & "/" + +{.compile: bearCodecPath / "pemdec.c".} +{.compile: bearCodecPath / "pemenc.c".} + +type + INNER_C_STRUCT_bearssl_pem_1* {.importc: "br_pem_decoder_context::no_name", + header: "bearssl_pem.h", bycopy.} = object + dp* {.importc: "dp".}: ptr uint32 + rp* {.importc: "rp".}: ptr uint32 + ip* {.importc: "ip".}: ptr byte + + PemDecoderContext* {.importc: "br_pem_decoder_context", header: "bearssl_pem.h", + bycopy.} = object + cpu* {.importc: "cpu".}: INNER_C_STRUCT_bearssl_pem_1 + dpStack* {.importc: "dp_stack".}: array[32, uint32] + rpStack* {.importc: "rp_stack".}: array[32, uint32] + err* {.importc: "err".}: cint + hbuf* {.importc: "hbuf".}: ptr byte + hlen* {.importc: "hlen".}: uint + dest* {.importc: "dest".}: proc (destCtx: pointer; src: pointer; len: uint) {.importcFunc.} + destCtx* {.importc: "dest_ctx".}: pointer + event* {.importc: "event".}: byte + name* {.importc: "name".}: array[128, char] + buf* {.importc: "buf".}: array[255, byte] + `ptr`* {.importc: "ptr".}: uint + + + +proc pemDecoderInit*(ctx: var PemDecoderContext) {.importcFunc, + importc: "br_pem_decoder_init", header: "bearssl_pem.h".} + +proc pemDecoderPush*(ctx: var PemDecoderContext; data: pointer; len: uint): uint {. + importcFunc, importc: "br_pem_decoder_push", header: "bearssl_pem.h".} + +proc pemDecoderSetdest*(ctx: var PemDecoderContext; dest: proc (destCtx: pointer; + src: pointer; len: uint) {.importcFunc.}; destCtx: pointer) {.inline.} = + ctx.dest = dest + ctx.destCtx = destCtx + + +proc pemDecoderEvent*(ctx: var PemDecoderContext): cint {.importcFunc, + importc: "br_pem_decoder_event", header: "bearssl_pem.h".} + +const + PEM_BEGIN_OBJ* = 1 + + +const + PEM_END_OBJ* = 2 + + +const + PEM_ERROR* = 3 + + +proc pemDecoderName*(ctx: var PemDecoderContext): cstring {.inline.} = + return addr ctx.name + + +proc pemEncode*(dest: pointer; data: pointer; len: uint; banner: cstring; flags: cuint): uint {. + importcFunc, importc: "br_pem_encode", header: "bearssl_pem.h".} + +const + PEM_LINE64* = 0x0001 + + +const + PEM_CRLF* = 0x0002 diff --git a/bearssl/abi/bearssl_prf.nim b/bearssl/abi/bearssl_prf.nim new file mode 100644 index 0000000..5062534 --- /dev/null +++ b/bearssl/abi/bearssl_prf.nim @@ -0,0 +1,37 @@ +import + "."/[csources] + +{.pragma: importcFunc, cdecl, gcsafe, noSideEffect, raises: [].} +{.used.} + +const + bearSslPath = bearSrcPath / "ssl" + +{.compile: bearSslPath / "prf.c".} +{.compile: bearSslPath / "prf_md5sha1.c".} +{.compile: bearSslPath / "prf_sha256.c".} +{.compile: bearSslPath / "prf_sha384.c".} + +type + TlsPrfSeedChunk* {.importc: "br_tls_prf_seed_chunk", header: "bearssl_prf.h", + bycopy.} = object + data* {.importc: "data".}: pointer + len* {.importc: "len".}: uint + + + +proc tls10Prf*(dst: pointer; len: uint; secret: pointer; secretLen: uint; + label: cstring; seedNum: uint; seed: ptr TlsPrfSeedChunk) {.importcFunc, + importc: "br_tls10_prf", header: "bearssl_prf.h".} + +proc tls12Sha256Prf*(dst: pointer; len: uint; secret: pointer; secretLen: uint; + label: cstring; seedNum: uint; seed: ptr TlsPrfSeedChunk) {. + importcFunc, importc: "br_tls12_sha256_prf", header: "bearssl_prf.h".} + +proc tls12Sha384Prf*(dst: pointer; len: uint; secret: pointer; secretLen: uint; + label: cstring; seedNum: uint; seed: ptr TlsPrfSeedChunk) {. + importcFunc, importc: "br_tls12_sha384_prf", header: "bearssl_prf.h".} + +type + TlsPrfImpl* {.importc: "br_tls_prf_impl".} = proc (dst: pointer; len: uint; secret: pointer; secretLen: uint; + label: cstring; seedNum: uint; seed: ptr TlsPrfSeedChunk) {.importcFunc.} diff --git a/bearssl/abi/bearssl_rand.nim b/bearssl/abi/bearssl_rand.nim new file mode 100644 index 0000000..1daaaef --- /dev/null +++ b/bearssl/abi/bearssl_rand.nim @@ -0,0 +1,80 @@ +import + "."/[bearssl_hash, bearssl_hmac, csources] + +{.pragma: importcFunc, cdecl, gcsafe, noSideEffect, raises: [].} +{.used.} + +const + bearRandPath = bearSrcPath / "rand" + +# {.compile: bearRandPath / "aesctr_drbg.c".} +{.compile: bearRandPath / "hmac_drbg.c".} +{.compile: bearRandPath / "sysrng.c".} + +type + PrngClass* {.importc: "br_prng_class", header: "bearssl_rand.h", bycopy.} = object + contextSize* {.importc: "context_size".}: uint + init* {.importc: "init".}: proc (ctx: ptr ptr PrngClass; params: pointer; + seed: pointer; seedLen: uint) {.importcFunc.} + generate* {.importc: "generate".}: proc (ctx: ptr ptr PrngClass; `out`: pointer; + len: uint) {.importcFunc.} + update* {.importc: "update".}: proc (ctx: ptr ptr PrngClass; seed: pointer; + seedLen: uint) {.importcFunc.} + + + +type + HmacDrbgContext* {.importc: "br_hmac_drbg_context", header: "bearssl_rand.h", + bycopy.} = object + vtable* {.importc: "vtable".}: ptr PrngClass + k* {.importc: "K".}: array[64, byte] + v* {.importc: "V".}: array[64, byte] + digestClass* {.importc: "digest_class".}: ptr HashClass + + + +var hmacDrbgVtable* {.importc: "br_hmac_drbg_vtable", header: "bearssl_rand.h".}: PrngClass + + +proc hmacDrbgInit*(ctx: var HmacDrbgContext; digestClass: ptr HashClass; seed: pointer; + seedLen: uint) {.importcFunc, importc: "br_hmac_drbg_init", + header: "bearssl_rand.h".} + +proc hmacDrbgGenerate*(ctx: var HmacDrbgContext; `out`: pointer; len: uint) {.importcFunc, + importc: "br_hmac_drbg_generate", header: "bearssl_rand.h".} + +proc hmacDrbgUpdate*(ctx: var HmacDrbgContext; seed: pointer; seedLen: uint) {.importcFunc, + importc: "br_hmac_drbg_update", header: "bearssl_rand.h".} + +proc hmacDrbgGetHash*(ctx: var HmacDrbgContext): ptr HashClass {.inline.} = + return ctx.digestClass + + +type + PrngSeeder* {.importc: "br_prng_seeder".} = proc (ctx: ptr ptr PrngClass): cint {.importcFunc.} + + +proc prngSeederSystem*(name: cstringArray): PrngSeeder {.importcFunc, + importc: "br_prng_seeder_system", header: "bearssl_rand.h".} + +# type +# AesctrDrbgContext* {.importc: "br_aesctr_drbg_context", header: "bearssl_rand.h", +# bycopy.} = object +# vtable* {.importc: "vtable".}: ptr PrngClass +# sk* {.importc: "sk".}: AesGenCtrKeys +# cc* {.importc: "cc".}: uint32 + + + +# var aesctrDrbgVtable* {.importc: "br_aesctr_drbg_vtable", header: "bearssl_rand.h".}: PrngClass + + +# proc aesctrDrbgInit*(ctx: var AesctrDrbgContext; aesctr: ptr BlockCtrClass; +# seed: pointer; seedLen: uint) {.importcFunc, +# importc: "br_aesctr_drbg_init", header: "bearssl_rand.h".} + +# proc aesctrDrbgGenerate*(ctx: var AesctrDrbgContext; `out`: pointer; len: uint) {. +# importcFunc, importc: "br_aesctr_drbg_generate", header: "bearssl_rand.h".} + +# proc aesctrDrbgUpdate*(ctx: var AesctrDrbgContext; seed: pointer; seedLen: uint) {. +# importcFunc, importc: "br_aesctr_drbg_update", header: "bearssl_rand.h".} diff --git a/bearssl/abi/bearssl_rsa.nim b/bearssl/abi/bearssl_rsa.nim new file mode 100644 index 0000000..953c3c9 --- /dev/null +++ b/bearssl/abi/bearssl_rsa.nim @@ -0,0 +1,422 @@ +import + "."/[bearssl_hash, bearssl_rand, csources] + +{.pragma: importcFunc, cdecl, gcsafe, noSideEffect, raises: [].} +{.used.} + +const + bearRsaPath = bearSrcPath / "rsa" + +{.compile: bearRsaPath / "rsa_default_keygen.c".} +{.compile: bearRsaPath / "rsa_default_modulus.c".} +{.compile: bearRsaPath / "rsa_default_oaep_decrypt.c".} +{.compile: bearRsaPath / "rsa_default_oaep_encrypt.c".} +{.compile: bearRsaPath / "rsa_default_pkcs1_sign.c".} +{.compile: bearRsaPath / "rsa_default_pkcs1_vrfy.c".} +{.compile: bearRsaPath / "rsa_default_priv.c".} +{.compile: bearRsaPath / "rsa_default_privexp.c".} +{.compile: bearRsaPath / "rsa_default_pss_sign.c".} +{.compile: bearRsaPath / "rsa_default_pss_vrfy.c".} +{.compile: bearRsaPath / "rsa_default_pub.c".} +{.compile: bearRsaPath / "rsa_default_pubexp.c".} +{.compile: bearRsaPath / "rsa_i15_keygen.c".} +{.compile: bearRsaPath / "rsa_i15_modulus.c".} +{.compile: bearRsaPath / "rsa_i15_oaep_decrypt.c".} +{.compile: bearRsaPath / "rsa_i15_oaep_encrypt.c".} +{.compile: bearRsaPath / "rsa_i15_pkcs1_sign.c".} +{.compile: bearRsaPath / "rsa_i15_pkcs1_vrfy.c".} +{.compile: bearRsaPath / "rsa_i15_priv.c".} +{.compile: bearRsaPath / "rsa_i15_privexp.c".} +{.compile: bearRsaPath / "rsa_i15_pss_sign.c".} +{.compile: bearRsaPath / "rsa_i15_pss_vrfy.c".} +{.compile: bearRsaPath / "rsa_i15_pub.c".} +{.compile: bearRsaPath / "rsa_i15_pubexp.c".} +{.compile: bearRsaPath / "rsa_i31_keygen.c".} +{.compile: bearRsaPath / "rsa_i31_keygen_inner.c".} +{.compile: bearRsaPath / "rsa_i31_modulus.c".} +{.compile: bearRsaPath / "rsa_i31_oaep_decrypt.c".} +{.compile: bearRsaPath / "rsa_i31_oaep_encrypt.c".} +{.compile: bearRsaPath / "rsa_i31_pkcs1_sign.c".} +{.compile: bearRsaPath / "rsa_i31_pkcs1_vrfy.c".} +{.compile: bearRsaPath / "rsa_i31_priv.c".} +{.compile: bearRsaPath / "rsa_i31_privexp.c".} +{.compile: bearRsaPath / "rsa_i31_pss_sign.c".} +{.compile: bearRsaPath / "rsa_i31_pss_vrfy.c".} +{.compile: bearRsaPath / "rsa_i31_pub.c".} +{.compile: bearRsaPath / "rsa_i31_pubexp.c".} +{.compile: bearRsaPath / "rsa_i32_oaep_decrypt.c".} +{.compile: bearRsaPath / "rsa_i32_oaep_encrypt.c".} +{.compile: bearRsaPath / "rsa_i32_pkcs1_sign.c".} +{.compile: bearRsaPath / "rsa_i32_pkcs1_vrfy.c".} +{.compile: bearRsaPath / "rsa_i32_priv.c".} +{.compile: bearRsaPath / "rsa_i32_pss_sign.c".} +{.compile: bearRsaPath / "rsa_i32_pss_vrfy.c".} +{.compile: bearRsaPath / "rsa_i32_pub.c".} +{.compile: bearRsaPath / "rsa_i62_keygen.c".} +{.compile: bearRsaPath / "rsa_i62_oaep_decrypt.c".} +{.compile: bearRsaPath / "rsa_i62_oaep_encrypt.c".} +{.compile: bearRsaPath / "rsa_i62_pkcs1_sign.c".} +{.compile: bearRsaPath / "rsa_i62_pkcs1_vrfy.c".} +{.compile: bearRsaPath / "rsa_i62_priv.c".} +{.compile: bearRsaPath / "rsa_i62_pss_sign.c".} +{.compile: bearRsaPath / "rsa_i62_pss_vrfy.c".} +{.compile: bearRsaPath / "rsa_i62_pub.c".} +{.compile: bearRsaPath / "rsa_oaep_pad.c".} +{.compile: bearRsaPath / "rsa_oaep_unpad.c".} +{.compile: bearRsaPath / "rsa_pkcs1_sig_pad.c".} +{.compile: bearRsaPath / "rsa_pkcs1_sig_unpad.c".} +{.compile: bearRsaPath / "rsa_pss_sig_pad.c".} +{.compile: bearRsaPath / "rsa_pss_sig_unpad.c".} +{.compile: bearRsaPath / "rsa_ssl_decrypt.c".} + +type + RsaPublicKey* {.importc: "br_rsa_public_key", header: "bearssl_rsa.h", bycopy.} = object + n* {.importc: "n".}: ptr byte + nlen* {.importc: "nlen".}: uint + e* {.importc: "e".}: ptr byte + elen* {.importc: "elen".}: uint + + + +type + RsaPrivateKey* {.importc: "br_rsa_private_key", header: "bearssl_rsa.h", bycopy.} = object + nBitlen* {.importc: "n_bitlen".}: uint32 + p* {.importc: "p".}: ptr byte + plen* {.importc: "plen".}: uint + q* {.importc: "q".}: ptr byte + qlen* {.importc: "qlen".}: uint + dp* {.importc: "dp".}: ptr byte + dplen* {.importc: "dplen".}: uint + dq* {.importc: "dq".}: ptr byte + dqlen* {.importc: "dqlen".}: uint + iq* {.importc: "iq".}: ptr byte + iqlen* {.importc: "iqlen".}: uint + + + +type + RsaPublic* {.importc: "br_rsa_public".} = proc (x: ptr byte; xlen: uint; pk: ptr RsaPublicKey): uint32 {.importcFunc.} + + +type + RsaPkcs1Vrfy* {.importc: "br_rsa_pkcs1_vrfy".} = proc (x: ptr byte; xlen: uint; hashOid: ptr byte; + hashLen: uint; pk: ptr RsaPublicKey; hashOut: ptr byte): uint32 {. + importcFunc.} + + +type + RsaPssVrfy* {.importc: "br_rsa_pss_vrfy".} = proc (x: ptr byte; xlen: uint; hfData: ptr HashClass; + hfMgf1: ptr HashClass; hash: pointer; saltLen: uint; + pk: ptr RsaPublicKey): uint32 {.importcFunc.} + + +type + RsaOaepEncrypt* {.importc: "br_rsa_oaep_encrypt".} = proc (rnd: ptr ptr PrngClass; dig: ptr HashClass; label: pointer; + labelLen: uint; pk: ptr RsaPublicKey; dst: pointer; + dstMaxLen: uint; src: pointer; srcLen: uint): uint {. + importcFunc.} + + +type + RsaPrivate* {.importc: "br_rsa_private".} = proc (x: ptr byte; sk: ptr RsaPrivateKey): uint32 {.importcFunc.} + + +type + RsaPkcs1Sign* {.importc: "br_rsa_pkcs1_sign".} = proc (hashOid: ptr byte; hash: ptr byte; hashLen: uint; + sk: ptr RsaPrivateKey; x: ptr byte): uint32 {.importcFunc.} + + +type + RsaPssSign* {.importc: "br_rsa_pss_sign".} = proc (rng: ptr ptr PrngClass; hfData: ptr HashClass; + hfMgf1: ptr HashClass; hashValue: ptr byte; saltLen: uint; + sk: ptr RsaPrivateKey; x: ptr byte): uint32 {.importcFunc.} + + +const + HASH_OID_SHA1* = (("\x05+\x0E\x03\x02\x1A")) + + +const + HASH_OID_SHA224* = (("\t`\x86H\x01e\x03\x04\x02\x04")) + + +const + HASH_OID_SHA256* = (("\t`\x86H\x01e\x03\x04\x02\x01")) + + +const + HASH_OID_SHA384* = (("\t`\x86H\x01e\x03\x04\x02\x02")) + + +const + HASH_OID_SHA512* = (("\t`\x86H\x01e\x03\x04\x02\x03")) + + +type + RsaOaepDecrypt* {.importc: "br_rsa_oaep_decrypt".} = proc (dig: ptr HashClass; label: pointer; labelLen: uint; + sk: ptr RsaPrivateKey; data: pointer; len: var uint): uint32 {. + importcFunc.} + + +proc rsaI32Public*(x: ptr byte; xlen: uint; pk: ptr RsaPublicKey): uint32 {.importcFunc, + importc: "br_rsa_i32_public", header: "bearssl_rsa.h".} + +proc rsaI32Pkcs1Vrfy*(x: ptr byte; xlen: uint; hashOid: ptr byte; + hashLen: uint; pk: ptr RsaPublicKey; hashOut: ptr byte): uint32 {. + importcFunc, importc: "br_rsa_i32_pkcs1_vrfy", header: "bearssl_rsa.h".} + +proc rsaI32PssVrfy*(x: ptr byte; xlen: uint; hfData: ptr HashClass; + hfMgf1: ptr HashClass; hash: pointer; saltLen: uint; + pk: ptr RsaPublicKey): uint32 {.importcFunc, + importc: "br_rsa_i32_pss_vrfy", header: "bearssl_rsa.h".} + +proc rsaI32Private*(x: ptr byte; sk: ptr RsaPrivateKey): uint32 {.importcFunc, + importc: "br_rsa_i32_private", header: "bearssl_rsa.h".} + +proc rsaI32Pkcs1Sign*(hashOid: ptr byte; hash: ptr byte; hashLen: uint; + sk: ptr RsaPrivateKey; x: ptr byte): uint32 {.importcFunc, + importc: "br_rsa_i32_pkcs1_sign", header: "bearssl_rsa.h".} + +proc rsaI32PssSign*(rng: ptr ptr PrngClass; hfData: ptr HashClass; + hfMgf1: ptr HashClass; hashValue: ptr byte; saltLen: uint; + sk: ptr RsaPrivateKey; x: ptr byte): uint32 {.importcFunc, + importc: "br_rsa_i32_pss_sign", header: "bearssl_rsa.h".} + +proc rsaI31Public*(x: ptr byte; xlen: uint; pk: ptr RsaPublicKey): uint32 {.importcFunc, + importc: "br_rsa_i31_public", header: "bearssl_rsa.h".} + +proc rsaI31Pkcs1Vrfy*(x: ptr byte; xlen: uint; hashOid: ptr byte; + hashLen: uint; pk: ptr RsaPublicKey; hashOut: ptr byte): uint32 {. + importcFunc, importc: "br_rsa_i31_pkcs1_vrfy", header: "bearssl_rsa.h".} + +proc rsaI31PssVrfy*(x: ptr byte; xlen: uint; hfData: ptr HashClass; + hfMgf1: ptr HashClass; hash: pointer; saltLen: uint; + pk: ptr RsaPublicKey): uint32 {.importcFunc, + importc: "br_rsa_i31_pss_vrfy", header: "bearssl_rsa.h".} + +proc rsaI31Private*(x: ptr byte; sk: ptr RsaPrivateKey): uint32 {.importcFunc, + importc: "br_rsa_i31_private", header: "bearssl_rsa.h".} + +proc rsaI31Pkcs1Sign*(hashOid: ptr byte; hash: ptr byte; hashLen: uint; + sk: ptr RsaPrivateKey; x: ptr byte): uint32 {.importcFunc, + importc: "br_rsa_i31_pkcs1_sign", header: "bearssl_rsa.h".} + +proc rsaI31PssSign*(rng: ptr ptr PrngClass; hfData: ptr HashClass; + hfMgf1: ptr HashClass; hashValue: ptr byte; saltLen: uint; + sk: ptr RsaPrivateKey; x: ptr byte): uint32 {.importcFunc, + importc: "br_rsa_i31_pss_sign", header: "bearssl_rsa.h".} + +proc rsaI62Public*(x: ptr byte; xlen: uint; pk: ptr RsaPublicKey): uint32 {.importcFunc, + importc: "br_rsa_i62_public", header: "bearssl_rsa.h".} + +proc rsaI62Pkcs1Vrfy*(x: ptr byte; xlen: uint; hashOid: ptr byte; + hashLen: uint; pk: ptr RsaPublicKey; hashOut: ptr byte): uint32 {. + importcFunc, importc: "br_rsa_i62_pkcs1_vrfy", header: "bearssl_rsa.h".} + +proc rsaI62PssVrfy*(x: ptr byte; xlen: uint; hfData: ptr HashClass; + hfMgf1: ptr HashClass; hash: pointer; saltLen: uint; + pk: ptr RsaPublicKey): uint32 {.importcFunc, + importc: "br_rsa_i62_pss_vrfy", header: "bearssl_rsa.h".} + +proc rsaI62Private*(x: ptr byte; sk: ptr RsaPrivateKey): uint32 {.importcFunc, + importc: "br_rsa_i62_private", header: "bearssl_rsa.h".} + +proc rsaI62Pkcs1Sign*(hashOid: ptr byte; hash: ptr byte; hashLen: uint; + sk: ptr RsaPrivateKey; x: ptr byte): uint32 {.importcFunc, + importc: "br_rsa_i62_pkcs1_sign", header: "bearssl_rsa.h".} + +proc rsaI62PssSign*(rng: ptr ptr PrngClass; hfData: ptr HashClass; + hfMgf1: ptr HashClass; hashValue: ptr byte; saltLen: uint; + sk: ptr RsaPrivateKey; x: ptr byte): uint32 {.importcFunc, + importc: "br_rsa_i62_pss_sign", header: "bearssl_rsa.h".} + +proc rsaI62PublicGet*(): RsaPublic {.importcFunc, importc: "br_rsa_i62_public_get", + header: "bearssl_rsa.h".} + +proc rsaI62Pkcs1VrfyGet*(): RsaPkcs1Vrfy {.importcFunc, + importc: "br_rsa_i62_pkcs1_vrfy_get", + header: "bearssl_rsa.h".} + +proc rsaI62PssVrfyGet*(): RsaPssVrfy {.importcFunc, importc: "br_rsa_i62_pss_vrfy_get", + header: "bearssl_rsa.h".} + +proc rsaI62PrivateGet*(): RsaPrivate {.importcFunc, importc: "br_rsa_i62_private_get", + header: "bearssl_rsa.h".} + +proc rsaI62Pkcs1SignGet*(): RsaPkcs1Sign {.importcFunc, + importc: "br_rsa_i62_pkcs1_sign_get", + header: "bearssl_rsa.h".} + +proc rsaI62PssSignGet*(): RsaPssSign {.importcFunc, importc: "br_rsa_i62_pss_sign_get", + header: "bearssl_rsa.h".} + +proc rsaI62OaepEncryptGet*(): RsaOaepEncrypt {.importcFunc, + importc: "br_rsa_i62_oaep_encrypt_get", header: "bearssl_rsa.h".} + +proc rsaI62OaepDecryptGet*(): RsaOaepDecrypt {.importcFunc, + importc: "br_rsa_i62_oaep_decrypt_get", header: "bearssl_rsa.h".} + +proc rsaI15Public*(x: ptr byte; xlen: uint; pk: ptr RsaPublicKey): uint32 {.importcFunc, + importc: "br_rsa_i15_public", header: "bearssl_rsa.h".} + +proc rsaI15Pkcs1Vrfy*(x: ptr byte; xlen: uint; hashOid: ptr byte; + hashLen: uint; pk: ptr RsaPublicKey; hashOut: ptr byte): uint32 {. + importcFunc, importc: "br_rsa_i15_pkcs1_vrfy", header: "bearssl_rsa.h".} + +proc rsaI15PssVrfy*(x: ptr byte; xlen: uint; hfData: ptr HashClass; + hfMgf1: ptr HashClass; hash: pointer; saltLen: uint; + pk: ptr RsaPublicKey): uint32 {.importcFunc, + importc: "br_rsa_i15_pss_vrfy", header: "bearssl_rsa.h".} + +proc rsaI15Private*(x: ptr byte; sk: ptr RsaPrivateKey): uint32 {.importcFunc, + importc: "br_rsa_i15_private", header: "bearssl_rsa.h".} + +proc rsaI15Pkcs1Sign*(hashOid: ptr byte; hash: ptr byte; hashLen: uint; + sk: ptr RsaPrivateKey; x: ptr byte): uint32 {.importcFunc, + importc: "br_rsa_i15_pkcs1_sign", header: "bearssl_rsa.h".} + +proc rsaI15PssSign*(rng: ptr ptr PrngClass; hfData: ptr HashClass; + hfMgf1: ptr HashClass; hashValue: ptr byte; saltLen: uint; + sk: ptr RsaPrivateKey; x: ptr byte): uint32 {.importcFunc, + importc: "br_rsa_i15_pss_sign", header: "bearssl_rsa.h".} + +proc rsaPublicGetDefault*(): RsaPublic {.importcFunc, + importc: "br_rsa_public_get_default", + header: "bearssl_rsa.h".} + +proc rsaPrivateGetDefault*(): RsaPrivate {.importcFunc, + importc: "br_rsa_private_get_default", + header: "bearssl_rsa.h".} + +proc rsaPkcs1VrfyGetDefault*(): RsaPkcs1Vrfy {.importcFunc, + importc: "br_rsa_pkcs1_vrfy_get_default", header: "bearssl_rsa.h".} + +proc rsaPssVrfyGetDefault*(): RsaPssVrfy {.importcFunc, + importc: "br_rsa_pss_vrfy_get_default", + header: "bearssl_rsa.h".} + +proc rsaPkcs1SignGetDefault*(): RsaPkcs1Sign {.importcFunc, + importc: "br_rsa_pkcs1_sign_get_default", header: "bearssl_rsa.h".} + +proc rsaPssSignGetDefault*(): RsaPssSign {.importcFunc, + importc: "br_rsa_pss_sign_get_default", + header: "bearssl_rsa.h".} + +proc rsaOaepEncryptGetDefault*(): RsaOaepEncrypt {.importcFunc, + importc: "br_rsa_oaep_encrypt_get_default", header: "bearssl_rsa.h".} + +proc rsaOaepDecryptGetDefault*(): RsaOaepDecrypt {.importcFunc, + importc: "br_rsa_oaep_decrypt_get_default", header: "bearssl_rsa.h".} + +proc rsaSslDecrypt*(core: RsaPrivate; sk: ptr RsaPrivateKey; data: ptr byte; + len: uint): uint32 {.importcFunc, importc: "br_rsa_ssl_decrypt", + header: "bearssl_rsa.h".} + +proc rsaI15OaepEncrypt*(rnd: ptr ptr PrngClass; dig: ptr HashClass; label: pointer; + labelLen: uint; pk: ptr RsaPublicKey; dst: pointer; + dstMaxLen: uint; src: pointer; srcLen: uint): uint {. + importcFunc, importc: "br_rsa_i15_oaep_encrypt", header: "bearssl_rsa.h".} + +proc rsaI15OaepDecrypt*(dig: ptr HashClass; label: pointer; labelLen: uint; + sk: ptr RsaPrivateKey; data: pointer; len: var uint): uint32 {. + importcFunc, importc: "br_rsa_i15_oaep_decrypt", header: "bearssl_rsa.h".} + +proc rsaI31OaepEncrypt*(rnd: ptr ptr PrngClass; dig: ptr HashClass; label: pointer; + labelLen: uint; pk: ptr RsaPublicKey; dst: pointer; + dstMaxLen: uint; src: pointer; srcLen: uint): uint {. + importcFunc, importc: "br_rsa_i31_oaep_encrypt", header: "bearssl_rsa.h".} + +proc rsaI31OaepDecrypt*(dig: ptr HashClass; label: pointer; labelLen: uint; + sk: ptr RsaPrivateKey; data: pointer; len: var uint): uint32 {. + importcFunc, importc: "br_rsa_i31_oaep_decrypt", header: "bearssl_rsa.h".} + +proc rsaI32OaepEncrypt*(rnd: ptr ptr PrngClass; dig: ptr HashClass; label: pointer; + labelLen: uint; pk: ptr RsaPublicKey; dst: pointer; + dstMaxLen: uint; src: pointer; srcLen: uint): uint {. + importcFunc, importc: "br_rsa_i32_oaep_encrypt", header: "bearssl_rsa.h".} + +proc rsaI32OaepDecrypt*(dig: ptr HashClass; label: pointer; labelLen: uint; + sk: ptr RsaPrivateKey; data: pointer; len: var uint): uint32 {. + importcFunc, importc: "br_rsa_i32_oaep_decrypt", header: "bearssl_rsa.h".} + +proc rsaI62OaepEncrypt*(rnd: ptr ptr PrngClass; dig: ptr HashClass; label: pointer; + labelLen: uint; pk: ptr RsaPublicKey; dst: pointer; + dstMaxLen: uint; src: pointer; srcLen: uint): uint {. + importcFunc, importc: "br_rsa_i62_oaep_encrypt", header: "bearssl_rsa.h".} + +proc rsaI62OaepDecrypt*(dig: ptr HashClass; label: pointer; labelLen: uint; + sk: ptr RsaPrivateKey; data: pointer; len: var uint): uint32 {. + importcFunc, importc: "br_rsa_i62_oaep_decrypt", header: "bearssl_rsa.h".} + +template rsaKbufPrivSize*(size: untyped): untyped = + (5 * (((size) + 15) shr 4)) + + +template rsaKbufPubSize*(size: untyped): untyped = + (4 + (((size) + 7) shr 3)) + + +type + RsaKeygen* {.importc: "br_rsa_keygen".} = proc (rngCtx: ptr ptr PrngClass; sk: ptr RsaPrivateKey; kbufPriv: pointer; + pk: ptr RsaPublicKey; kbufPub: pointer; size: cuint; pubexp: uint32): uint32 {. + importcFunc.} + + +proc rsaI15Keygen*(rngCtx: ptr ptr PrngClass; sk: ptr RsaPrivateKey; kbufPriv: pointer; + pk: ptr RsaPublicKey; kbufPub: pointer; size: cuint; pubexp: uint32): uint32 {. + importcFunc, importc: "br_rsa_i15_keygen", header: "bearssl_rsa.h".} + +proc rsaI31Keygen*(rngCtx: ptr ptr PrngClass; sk: ptr RsaPrivateKey; kbufPriv: pointer; + pk: ptr RsaPublicKey; kbufPub: pointer; size: cuint; pubexp: uint32): uint32 {. + importcFunc, importc: "br_rsa_i31_keygen", header: "bearssl_rsa.h".} + +proc rsaI62Keygen*(rngCtx: ptr ptr PrngClass; sk: ptr RsaPrivateKey; kbufPriv: pointer; + pk: ptr RsaPublicKey; kbufPub: pointer; size: cuint; pubexp: uint32): uint32 {. + importcFunc, importc: "br_rsa_i62_keygen", header: "bearssl_rsa.h".} + +proc rsaI62KeygenGet*(): RsaKeygen {.importcFunc, importc: "br_rsa_i62_keygen_get", + header: "bearssl_rsa.h".} + +proc rsaKeygenGetDefault*(): RsaKeygen {.importcFunc, + importc: "br_rsa_keygen_get_default", + header: "bearssl_rsa.h".} + +type + RsaComputeModulus* {.importc: "br_rsa_compute_modulus".} = proc (n: pointer; sk: ptr RsaPrivateKey): uint {.importcFunc.} + + +proc rsaI15ComputeModulus*(n: pointer; sk: ptr RsaPrivateKey): uint {.importcFunc, + importc: "br_rsa_i15_compute_modulus", header: "bearssl_rsa.h".} + +proc rsaI31ComputeModulus*(n: pointer; sk: ptr RsaPrivateKey): uint {.importcFunc, + importc: "br_rsa_i31_compute_modulus", header: "bearssl_rsa.h".} + +proc rsaComputeModulusGetDefault*(): RsaComputeModulus {.importcFunc, + importc: "br_rsa_compute_modulus_get_default", header: "bearssl_rsa.h".} + +type + RsaComputePubexp* = proc (sk: ptr RsaPrivateKey): uint32 {.importcFunc.} + + +proc rsaI15ComputePubexp*(sk: ptr RsaPrivateKey): uint32 {.importcFunc, + importc: "br_rsa_i15_compute_pubexp", header: "bearssl_rsa.h".} + +proc rsaI31ComputePubexp*(sk: ptr RsaPrivateKey): uint32 {.importcFunc, + importc: "br_rsa_i31_compute_pubexp", header: "bearssl_rsa.h".} + +proc rsaComputePubexpGetDefault*(): RsaComputePubexp {.importcFunc, + importc: "br_rsa_compute_pubexp_get_default", header: "bearssl_rsa.h".} + +type + RsaComputePrivexp* {.importc: "br_rsa_compute_privexp".} = proc (d: pointer; sk: ptr RsaPrivateKey; pubexp: uint32): uint {. + importcFunc.} + + +proc rsaI15ComputePrivexp*(d: pointer; sk: ptr RsaPrivateKey; pubexp: uint32): uint {. + importcFunc, importc: "br_rsa_i15_compute_privexp", header: "bearssl_rsa.h".} + +proc rsaI31ComputePrivexp*(d: pointer; sk: ptr RsaPrivateKey; pubexp: uint32): uint {. + importcFunc, importc: "br_rsa_i31_compute_privexp", header: "bearssl_rsa.h".} + +proc rsaComputePrivexpGetDefault*(): RsaComputePrivexp {.importcFunc, + importc: "br_rsa_compute_privexp_get_default", header: "bearssl_rsa.h".} diff --git a/bearssl/abi/bearssl_ssl.nim b/bearssl/abi/bearssl_ssl.nim new file mode 100644 index 0000000..e6fbdfb --- /dev/null +++ b/bearssl/abi/bearssl_ssl.nim @@ -0,0 +1,1425 @@ +import + "."/[ + bearssl_aead, bearssl_block, bearssl_ec, bearssl_hash, bearssl_hmac, + bearssl_prf, bearssl_rand, bearssl_rsa, bearssl_x509, csources] + +{.pragma: importcFunc, cdecl, gcsafe, noSideEffect, raises: [].} +{.used.} + +const + bearSslPath = bearSrcPath / "ssl" + +{.compile: bearSslPath / "ssl_ccert_single_ec.c".} +{.compile: bearSslPath / "ssl_ccert_single_rsa.c".} +{.compile: bearSslPath / "ssl_client.c".} +{.compile: bearSslPath / "ssl_client_default_rsapub.c".} +{.compile: bearSslPath / "ssl_client_full.c".} +{.compile: bearSslPath / "ssl_engine.c".} +{.compile: bearSslPath / "ssl_engine_default_aescbc.c".} +{.compile: bearSslPath / "ssl_engine_default_aesccm.c".} +{.compile: bearSslPath / "ssl_engine_default_aesgcm.c".} +{.compile: bearSslPath / "ssl_engine_default_chapol.c".} +{.compile: bearSslPath / "ssl_engine_default_descbc.c".} +{.compile: bearSslPath / "ssl_engine_default_ec.c".} +{.compile: bearSslPath / "ssl_engine_default_ecdsa.c".} +{.compile: bearSslPath / "ssl_engine_default_rsavrfy.c".} +{.compile: bearSslPath / "ssl_hashes.c".} +{.compile: bearSslPath / "ssl_hs_client.c".} +{.compile: bearSslPath / "ssl_hs_server.c".} +{.compile: bearSslPath / "ssl_io.c".} +{.compile: bearSslPath / "ssl_keyexport.c".} +{.compile: bearSslPath / "ssl_lru.c".} +{.compile: bearSslPath / "ssl_rec_cbc.c".} +{.compile: bearSslPath / "ssl_rec_ccm.c".} +{.compile: bearSslPath / "ssl_rec_chapol.c".} +{.compile: bearSslPath / "ssl_rec_gcm.c".} +{.compile: bearSslPath / "ssl_scert_single_ec.c".} +{.compile: bearSslPath / "ssl_scert_single_rsa.c".} +{.compile: bearSslPath / "ssl_server.c".} +{.compile: bearSslPath / "ssl_server_full_ec.c".} +{.compile: bearSslPath / "ssl_server_full_rsa.c".} +{.compile: bearSslPath / "ssl_server_mine2c.c".} +{.compile: bearSslPath / "ssl_server_mine2g.c".} +{.compile: bearSslPath / "ssl_server_minf2c.c".} +{.compile: bearSslPath / "ssl_server_minf2g.c".} +{.compile: bearSslPath / "ssl_server_minr2g.c".} +{.compile: bearSslPath / "ssl_server_minu2g.c".} +{.compile: bearSslPath / "ssl_server_minv2g.c".} + +const + SSL_BUFSIZE_INPUT* = (16384 + 325) + + +const + SSL_BUFSIZE_OUTPUT* = (16384 + 85) + + +const + SSL_BUFSIZE_MONO* = SSL_BUFSIZE_INPUT + +const + SSL_BUFSIZE_BIDI* = (SSL_BUFSIZE_INPUT + SSL_BUFSIZE_OUTPUT) + +const + SSL30* = 0x0300 + + +const + TLS10* = 0x0301 + + +const + TLS11* = 0x0302 + + +const + TLS12* = 0x0303 + + +const + ERR_OK* = 0 + + +const + ERR_BAD_PARAM* = 1 + + +const + ERR_BAD_STATE* = 2 + + +const + ERR_UNSUPPORTED_VERSION* = 3 + + +const + ERR_BAD_VERSION* = 4 + + +const + ERR_BAD_LENGTH* = 5 + + +const + ERR_TOO_LARGE* = 6 + + +const + ERR_BAD_MAC* = 7 + + +const + ERR_NO_RANDOM* = 8 + + +const + ERR_UNKNOWN_TYPE* = 9 + + +const + ERR_UNEXPECTED* = 10 + + +const + ERR_BAD_CCS* = 12 + + +const + ERR_BAD_ALERT* = 13 + + +const + ERR_BAD_HANDSHAKE* = 14 + + +const + ERR_OVERSIZED_ID* = 15 + + +const + ERR_BAD_CIPHER_SUITE* = 16 + + +const + ERR_BAD_COMPRESSION* = 17 + + +const + ERR_BAD_FRAGLEN* = 18 + + +const + ERR_BAD_SECRENEG* = 19 + + +const + ERR_EXTRA_EXTENSION* = 20 + + +const + ERR_BAD_SNI* = 21 + + +const + ERR_BAD_HELLO_DONE* = 22 + + +const + ERR_LIMIT_EXCEEDED* = 23 + + +const + ERR_BAD_FINISHED* = 24 + + +const + ERR_RESUME_MISMATCH* = 25 + + +const + ERR_INVALID_ALGORITHM* = 26 + + +const + ERR_BAD_SIGNATURE* = 27 + + +const + ERR_WRONG_KEY_USAGE* = 28 + + +const + ERR_NO_CLIENT_AUTH* = 29 + + +const + ERR_IO* = 31 + + +const + ERR_RECV_FATAL_ALERT* = 256 + + +const + ERR_SEND_FATAL_ALERT* = 512 + + +type + SslrecInClass* {.importc: "br_sslrec_in_class", header: "bearssl_ssl.h", bycopy.} = object + contextSize* {.importc: "context_size".}: uint + checkLength* {.importc: "check_length".}: proc (ctx: ptr ptr SslrecInClass; + recordLen: uint): cint {.importcFunc.} + decrypt* {.importc: "decrypt".}: proc (ctx: ptr ptr SslrecInClass; recordType: cint; + version: cuint; payload: pointer; + len: var uint): ptr byte {.importcFunc.} + + + +type + SslrecOutClass* {.importc: "br_sslrec_out_class", header: "bearssl_ssl.h", bycopy.} = object + contextSize* {.importc: "context_size".}: uint + maxPlaintext* {.importc: "max_plaintext".}: proc (ctx: ptr ptr SslrecOutClass; + start: ptr uint; `end`: ptr uint) {.importcFunc.} + encrypt* {.importc: "encrypt".}: proc (ctx: ptr ptr SslrecOutClass; + recordType: cint; version: cuint; + plaintext: pointer; len: var uint): ptr byte {. + importcFunc.} + + + +type + SslrecOutClearContext* {.importc: "br_sslrec_out_clear_context", + header: "bearssl_ssl.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr SslrecOutClass + + + +var sslrecOutClearVtable* {.importc: "br_sslrec_out_clear_vtable", header: "bearssl_ssl.h".}: SslrecOutClass + + +type + SslrecInCbcClass* {.importc: "br_sslrec_in_cbc_class", header: "bearssl_ssl.h", + bycopy.} = object + inner* {.importc: "inner".}: SslrecInClass + init* {.importc: "init".}: proc (ctx: ptr ptr SslrecInCbcClass; + bcImpl: ptr BlockCbcdecClass; bcKey: pointer; + bcKeyLen: uint; digImpl: ptr HashClass; + macKey: pointer; macKeyLen: uint; + macOutLen: uint; iv: pointer) {.importcFunc.} + + + +type + SslrecOutCbcClass* {.importc: "br_sslrec_out_cbc_class", + header: "bearssl_ssl.h", bycopy.} = object + inner* {.importc: "inner".}: SslrecOutClass + init* {.importc: "init".}: proc (ctx: ptr ptr SslrecOutCbcClass; + bcImpl: ptr BlockCbcencClass; bcKey: pointer; + bcKeyLen: uint; digImpl: ptr HashClass; + macKey: pointer; macKeyLen: uint; + macOutLen: uint; iv: pointer) {.importcFunc.} + + + +type + INNER_C_UNION_bearssl_ssl_1* {.importc: "br_sslrec_in_cbc_context::no_name", + header: "bearssl_ssl.h", bycopy, union.} = object + vtable* {.importc: "vtable".}: ptr BlockCbcdecClass + aes* {.importc: "aes".}: AesGenCbcdecKeys + des* {.importc: "des".}: DesGenCbcdecKeys + + SslrecInCbcContext* {.importc: "br_sslrec_in_cbc_context", + header: "bearssl_ssl.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr SslrecInCbcClass + seq* {.importc: "seq".}: uint64 + bc* {.importc: "bc".}: INNER_C_UNION_bearssl_ssl_1 + mac* {.importc: "mac".}: HmacKeyContext + macLen* {.importc: "mac_len".}: uint + iv* {.importc: "iv".}: array[16, byte] + explicitIV* {.importc: "explicit_IV".}: cint + + + +var sslrecInCbcVtable* {.importc: "br_sslrec_in_cbc_vtable", header: "bearssl_ssl.h".}: SslrecInCbcClass + + +type + INNER_C_UNION_bearssl_ssl_3* {.importc: "br_sslrec_out_cbc_context::no_name", + header: "bearssl_ssl.h", bycopy, union.} = object + vtable* {.importc: "vtable".}: ptr BlockCbcencClass + aes* {.importc: "aes".}: AesGenCbcencKeys + des* {.importc: "des".}: DesGenCbcencKeys + + SslrecOutCbcContext* {.importc: "br_sslrec_out_cbc_context", + header: "bearssl_ssl.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr SslrecOutCbcClass + seq* {.importc: "seq".}: uint64 + bc* {.importc: "bc".}: INNER_C_UNION_bearssl_ssl_3 + mac* {.importc: "mac".}: HmacKeyContext + macLen* {.importc: "mac_len".}: uint + iv* {.importc: "iv".}: array[16, byte] + explicitIV* {.importc: "explicit_IV".}: cint + + + +var sslrecOutCbcVtable* {.importc: "br_sslrec_out_cbc_vtable", header: "bearssl_ssl.h".}: SslrecOutCbcClass + + +type + SslrecInGcmClass* {.importc: "br_sslrec_in_gcm_class", header: "bearssl_ssl.h", + bycopy.} = object + inner* {.importc: "inner".}: SslrecInClass + init* {.importc: "init".}: proc (ctx: ptr ptr SslrecInGcmClass; + bcImpl: ptr BlockCtrClass; key: pointer; + keyLen: uint; ghImpl: Ghash; iv: pointer) {.importcFunc.} + + + +type + SslrecOutGcmClass* {.importc: "br_sslrec_out_gcm_class", + header: "bearssl_ssl.h", bycopy.} = object + inner* {.importc: "inner".}: SslrecOutClass + init* {.importc: "init".}: proc (ctx: ptr ptr SslrecOutGcmClass; + bcImpl: ptr BlockCtrClass; key: pointer; + keyLen: uint; ghImpl: Ghash; iv: pointer) {.importcFunc.} + + + +type + INNER_C_UNION_bearssl_ssl_6* {.importc: "br_sslrec_gcm_context::no_name", + header: "bearssl_ssl.h", bycopy, union.} = object + gen* {.importc: "gen".}: pointer + `in`* {.importc: "in".}: ptr SslrecInGcmClass + `out`* {.importc: "out".}: ptr SslrecOutGcmClass + + INNER_C_UNION_bearssl_ssl_7* {.importc: "br_sslrec_gcm_context::no_name", + header: "bearssl_ssl.h", bycopy, union.} = object + vtable* {.importc: "vtable".}: ptr BlockCtrClass + aes* {.importc: "aes".}: AesGenCtrKeys + + SslrecGcmContext* {.importc: "br_sslrec_gcm_context", header: "bearssl_ssl.h", + bycopy.} = object + vtable* {.importc: "vtable".}: INNER_C_UNION_bearssl_ssl_6 + seq* {.importc: "seq".}: uint64 + bc* {.importc: "bc".}: INNER_C_UNION_bearssl_ssl_7 + gh* {.importc: "gh".}: Ghash + iv* {.importc: "iv".}: array[4, byte] + h* {.importc: "h".}: array[16, byte] + + +var sslrecInGcmVtable* {.importc: "br_sslrec_in_gcm_vtable", header: "bearssl_ssl.h".}: SslrecInGcmClass + + + +var sslrecOutGcmVtable* {.importc: "br_sslrec_out_gcm_vtable", header: "bearssl_ssl.h".}: SslrecOutGcmClass + + +type + SslrecInChapolClass* {.importc: "br_sslrec_in_chapol_class", + header: "bearssl_ssl.h", bycopy.} = object + inner* {.importc: "inner".}: SslrecInClass + init* {.importc: "init".}: proc (ctx: ptr ptr SslrecInChapolClass; + ichacha: Chacha20Run; ipoly: Poly1305Run; + key: pointer; iv: pointer) {.importcFunc.} + + + +type + SslrecOutChapolClass* {.importc: "br_sslrec_out_chapol_class", + header: "bearssl_ssl.h", bycopy.} = object + inner* {.importc: "inner".}: SslrecOutClass + init* {.importc: "init".}: proc (ctx: ptr ptr SslrecOutChapolClass; + ichacha: Chacha20Run; ipoly: Poly1305Run; + key: pointer; iv: pointer) {.importcFunc.} + + + +type + INNER_C_UNION_bearssl_ssl_9* {.importc: "br_sslrec_chapol_context::no_name", + header: "bearssl_ssl.h", bycopy, union.} = object + gen* {.importc: "gen".}: pointer + `in`* {.importc: "in".}: ptr SslrecInChapolClass + `out`* {.importc: "out".}: ptr SslrecOutChapolClass + + SslrecChapolContext* {.importc: "br_sslrec_chapol_context", + header: "bearssl_ssl.h", bycopy.} = object + vtable* {.importc: "vtable".}: INNER_C_UNION_bearssl_ssl_9 + seq* {.importc: "seq".}: uint64 + key* {.importc: "key".}: array[32, byte] + iv* {.importc: "iv".}: array[12, byte] + ichacha* {.importc: "ichacha".}: Chacha20Run + ipoly* {.importc: "ipoly".}: Poly1305Run + + +var sslrecInChapolVtable* {.importc: "br_sslrec_in_chapol_vtable", header: "bearssl_ssl.h".}: SslrecInChapolClass + + + +var sslrecOutChapolVtable* {.importc: "br_sslrec_out_chapol_vtable", header: "bearssl_ssl.h".}: SslrecOutChapolClass + + +type + SslrecInCcmClass* {.importc: "br_sslrec_in_ccm_class", header: "bearssl_ssl.h", + bycopy.} = object + inner* {.importc: "inner".}: SslrecInClass + init* {.importc: "init".}: proc (ctx: ptr ptr SslrecInCcmClass; + bcImpl: ptr BlockCtrcbcClass; key: pointer; + keyLen: uint; iv: pointer; tagLen: uint) {. + importcFunc.} + + + +type + SslrecOutCcmClass* {.importc: "br_sslrec_out_ccm_class", + header: "bearssl_ssl.h", bycopy.} = object + inner* {.importc: "inner".}: SslrecOutClass + init* {.importc: "init".}: proc (ctx: ptr ptr SslrecOutCcmClass; + bcImpl: ptr BlockCtrcbcClass; key: pointer; + keyLen: uint; iv: pointer; tagLen: uint) {. + importcFunc.} + + + +type + INNER_C_UNION_bearssl_ssl_12* {.importc: "br_sslrec_ccm_context::no_name", + header: "bearssl_ssl.h", bycopy, union.} = object + gen* {.importc: "gen".}: pointer + `in`* {.importc: "in".}: ptr SslrecInCcmClass + `out`* {.importc: "out".}: ptr SslrecOutCcmClass + + INNER_C_UNION_bearssl_ssl_13* {.importc: "br_sslrec_ccm_context::no_name", + header: "bearssl_ssl.h", bycopy, union.} = object + vtable* {.importc: "vtable".}: ptr BlockCtrcbcClass + aes* {.importc: "aes".}: AesGenCtrcbcKeys + + SslrecCcmContext* {.importc: "br_sslrec_ccm_context", header: "bearssl_ssl.h", + bycopy.} = object + vtable* {.importc: "vtable".}: INNER_C_UNION_bearssl_ssl_12 + seq* {.importc: "seq".}: uint64 + bc* {.importc: "bc".}: INNER_C_UNION_bearssl_ssl_13 + iv* {.importc: "iv".}: array[4, byte] + tagLen* {.importc: "tag_len".}: uint + + + +var sslrecInCcmVtable* {.importc: "br_sslrec_in_ccm_vtable", header: "bearssl_ssl.h".}: SslrecInCcmClass + + +var sslrecOutCcmVtable* {.importc: "br_sslrec_out_ccm_vtable", header: "bearssl_ssl.h".}: SslrecOutCcmClass + + +type + SslSessionParameters* {.importc: "br_ssl_session_parameters", + header: "bearssl_ssl.h", bycopy.} = object + sessionId* {.importc: "session_id".}: array[32, byte] + sessionIdLen* {.importc: "session_id_len".}: byte + version* {.importc: "version".}: uint16 + cipherSuite* {.importc: "cipher_suite".}: uint16 + masterSecret* {.importc: "master_secret".}: array[48, byte] + + + +const + MAX_CIPHER_SUITES* = 48 + + +type + INNER_C_UNION_bearssl_ssl_17* {.importc: "br_ssl_engine_context::no_name", + header: "bearssl_ssl.h", bycopy, union.} = object + vtable* {.importc: "vtable".}: ptr SslrecInClass + cbc* {.importc: "cbc".}: SslrecInCbcContext + gcm* {.importc: "gcm".}: SslrecGcmContext + chapol* {.importc: "chapol".}: SslrecChapolContext + ccm* {.importc: "ccm".}: SslrecCcmContext + + INNER_C_UNION_bearssl_ssl_18* {.importc: "br_ssl_engine_context::no_name", + header: "bearssl_ssl.h", bycopy, union.} = object + vtable* {.importc: "vtable".}: ptr SslrecOutClass + clear* {.importc: "clear".}: SslrecOutClearContext + cbc* {.importc: "cbc".}: SslrecOutCbcContext + gcm* {.importc: "gcm".}: SslrecGcmContext + chapol* {.importc: "chapol".}: SslrecChapolContext + ccm* {.importc: "ccm".}: SslrecCcmContext + + INNER_C_STRUCT_bearssl_ssl_19* {.importc: "br_ssl_engine_context::no_name", + header: "bearssl_ssl.h", bycopy.} = object + dp* {.importc: "dp".}: ptr uint32 + rp* {.importc: "rp".}: ptr uint32 + ip* {.importc: "ip".}: ptr byte + + SslEngineContext* {.importc: "br_ssl_engine_context", header: "bearssl_ssl.h", + bycopy.} = object + err* {.importc: "err".}: cint + ibuf* {.importc: "ibuf".}: ptr byte + obuf* {.importc: "obuf".}: ptr byte + ibufLen* {.importc: "ibuf_len".}: uint + obufLen* {.importc: "obuf_len".}: uint + maxFragLen* {.importc: "max_frag_len".}: uint16 + logMaxFragLen* {.importc: "log_max_frag_len".}: byte + peerLogMaxFragLen* {.importc: "peer_log_max_frag_len".}: byte + ixa* {.importc: "ixa".}: uint + ixb* {.importc: "ixb".}: uint + ixc* {.importc: "ixc".}: uint + oxa* {.importc: "oxa".}: uint + oxb* {.importc: "oxb".}: uint + oxc* {.importc: "oxc".}: uint + iomode* {.importc: "iomode".}: byte + incrypt* {.importc: "incrypt".}: byte + shutdownRecv* {.importc: "shutdown_recv".}: byte + recordTypeIn* {.importc: "record_type_in".}: byte + recordTypeOut* {.importc: "record_type_out".}: byte + versionIn* {.importc: "version_in".}: uint16 + versionOut* {.importc: "version_out".}: uint16 + `in`* {.importc: "in".}: INNER_C_UNION_bearssl_ssl_17 + `out`* {.importc: "out".}: INNER_C_UNION_bearssl_ssl_18 + applicationData* {.importc: "application_data".}: byte + rng* {.importc: "rng".}: HmacDrbgContext + rngInitDone* {.importc: "rng_init_done".}: cint + rngOsRandDone* {.importc: "rng_os_rand_done".}: cint + versionMin* {.importc: "version_min".}: uint16 + versionMax* {.importc: "version_max".}: uint16 + suitesBuf* {.importc: "suites_buf".}: array[MAX_CIPHER_SUITES, uint16] + suitesNum* {.importc: "suites_num".}: byte + serverName* {.importc: "server_name".}: array[256, char] + clientRandom* {.importc: "client_random".}: array[32, byte] + serverRandom* {.importc: "server_random".}: array[32, byte] + session* {.importc: "session".}: SslSessionParameters + ecdheCurve* {.importc: "ecdhe_curve".}: byte + ecdhePoint* {.importc: "ecdhe_point".}: array[133, byte] + ecdhePointLen* {.importc: "ecdhe_point_len".}: byte + reneg* {.importc: "reneg".}: byte + savedFinished* {.importc: "saved_finished".}: array[24, byte] + flags* {.importc: "flags".}: uint32 + cpu* {.importc: "cpu".}: INNER_C_STRUCT_bearssl_ssl_19 + dpStack* {.importc: "dp_stack".}: array[32, uint32] + rpStack* {.importc: "rp_stack".}: array[32, uint32] + pad* {.importc: "pad".}: array[512, byte] + hbufIn* {.importc: "hbuf_in".}: ptr byte + hbufOut* {.importc: "hbuf_out".}: ptr byte + savedHbufOut* {.importc: "saved_hbuf_out".}: ptr byte + hlenIn* {.importc: "hlen_in".}: uint + hlenOut* {.importc: "hlen_out".}: uint + hsrun* {.importc: "hsrun".}: proc (ctx: pointer) {.importcFunc.} + action* {.importc: "action".}: byte + alert* {.importc: "alert".}: byte + closeReceived* {.importc: "close_received".}: byte + mhash* {.importc: "mhash".}: MultihashContext + x509ctx* {.importc: "x509ctx".}: ptr ptr X509Class + chain* {.importc: "chain".}: ptr X509Certificate + chainLen* {.importc: "chain_len".}: uint + certCur* {.importc: "cert_cur".}: ptr byte + certLen* {.importc: "cert_len".}: uint + protocolNames* {.importc: "protocol_names".}: cstringArray + protocolNamesNum* {.importc: "protocol_names_num".}: uint16 + selectedProtocol* {.importc: "selected_protocol".}: uint16 + prf10* {.importc: "prf10".}: TlsPrfImpl + prfSha256* {.importc: "prf_sha256".}: TlsPrfImpl + prfSha384* {.importc: "prf_sha384".}: TlsPrfImpl + iaesCbcenc* {.importc: "iaes_cbcenc".}: ptr BlockCbcencClass + iaesCbcdec* {.importc: "iaes_cbcdec".}: ptr BlockCbcdecClass + iaesCtr* {.importc: "iaes_ctr".}: ptr BlockCtrClass + iaesCtrcbc* {.importc: "iaes_ctrcbc".}: ptr BlockCtrcbcClass + idesCbcenc* {.importc: "ides_cbcenc".}: ptr BlockCbcencClass + idesCbcdec* {.importc: "ides_cbcdec".}: ptr BlockCbcdecClass + ighash* {.importc: "ighash".}: Ghash + ichacha* {.importc: "ichacha".}: Chacha20Run + ipoly* {.importc: "ipoly".}: Poly1305Run + icbcIn* {.importc: "icbc_in".}: ptr SslrecInCbcClass + icbcOut* {.importc: "icbc_out".}: ptr SslrecOutCbcClass + igcmIn* {.importc: "igcm_in".}: ptr SslrecInGcmClass + igcmOut* {.importc: "igcm_out".}: ptr SslrecOutGcmClass + ichapolIn* {.importc: "ichapol_in".}: ptr SslrecInChapolClass + ichapolOut* {.importc: "ichapol_out".}: ptr SslrecOutChapolClass + iccmIn* {.importc: "iccm_in".}: ptr SslrecInCcmClass + iccmOut* {.importc: "iccm_out".}: ptr SslrecOutCcmClass + iec* {.importc: "iec".}: ptr EcImpl + irsavrfy* {.importc: "irsavrfy".}: RsaPkcs1Vrfy + iecdsa* {.importc: "iecdsa".}: EcdsaVrfy + + + +proc sslEngineGetFlags*(cc: var SslEngineContext): uint32 {.inline.} = + return cc.flags + +proc sslEngineSetAllFlags*(cc: var SslEngineContext; flags: uint32) {.inline.} = + cc.flags = flags + +proc sslEngineAddFlags*(cc: var SslEngineContext; flags: uint32) {.inline.} = + cc.flags = cc.flags or flags + +proc sslEngineRemoveFlags*(cc: var SslEngineContext; flags: uint32) {.inline.} = + cc.flags = cc.flags and not flags + + +const + OPT_ENFORCE_SERVER_PREFERENCES* = (1'u32 shl 0) + +const + OPT_NO_RENEGOTIATION* = (1'u32 shl 1) + +const + OPT_TOLERATE_NO_CLIENT_AUTH* = (1'u32 shl 2) + +const + OPT_FAIL_ON_ALPN_MISMATCH* = (1'u32 shl 3) + +proc sslEngineSetVersions*(cc: var SslEngineContext; versionMin: uint16; + versionMax: uint16) {.inline.} = + cc.versionMin = versionMin + cc.versionMax = versionMax + +proc sslEngineSetSuites*(cc: var SslEngineContext; suites: ptr uint16; + suitesNum: uint) {.importcFunc, + importc: "br_ssl_engine_set_suites", header: "bearssl_ssl.h".} + +proc sslEngineSetX509*(cc: var SslEngineContext; x509ctx: ptr ptr X509Class) {.inline, + importcFunc.} = + cc.x509ctx = x509ctx + + +proc sslEngineSetProtocolNames*(ctx: var SslEngineContext; names: cstringArray; + num: uint) {.inline.} = + ctx.protocolNames = names + ctx.protocolNamesNum = uint16 num + +proc sslEngineGetSelectedProtocol*(ctx: var SslEngineContext): cstring {.inline.} = + var k: cuint + k = ctx.selectedProtocol + return if (k == 0 or k == 0xFFFF): nil else: ctx.protocolNames[k - 1] + + +proc sslEngineSetHash*(ctx: var SslEngineContext; id: cint; impl: ptr HashClass) {. + inline.} = + multihashSetimpl(ctx.mhash, id, impl) + + +proc sslEngineGetHash*(ctx: var SslEngineContext; id: cint): ptr HashClass {.inline, + importcFunc.} = + return multihashGetimpl(ctx.mhash, id) + + +proc sslEngineSetPrf10*(cc: var SslEngineContext; impl: TlsPrfImpl) {.inline.} = + cc.prf10 = impl + + +proc sslEngineSetPrfSha256*(cc: var SslEngineContext; impl: TlsPrfImpl) {.inline.} = + cc.prfSha256 = impl + + +proc sslEngineSetPrfSha384*(cc: var SslEngineContext; impl: TlsPrfImpl) {.inline.} = + cc.prfSha384 = impl + + +proc sslEngineSetAesCbc*(cc: var SslEngineContext; implEnc: ptr BlockCbcencClass; + implDec: ptr BlockCbcdecClass) {.inline.} = + cc.iaesCbcenc = implEnc + cc.iaesCbcdec = implDec + + +proc sslEngineSetDefaultAesCbc*(cc: var SslEngineContext) {.importcFunc, + importc: "br_ssl_engine_set_default_aes_cbc", header: "bearssl_ssl.h".} + +proc sslEngineSetAesCtr*(cc: var SslEngineContext; impl: ptr BlockCtrClass) {.inline, + importcFunc.} = + cc.iaesCtr = impl + + +proc sslEngineSetDefaultAesGcm*(cc: var SslEngineContext) {.importcFunc, + importc: "br_ssl_engine_set_default_aes_gcm", header: "bearssl_ssl.h".} + +proc sslEngineSetDesCbc*(cc: var SslEngineContext; implEnc: ptr BlockCbcencClass; + implDec: ptr BlockCbcdecClass) {.inline.} = + cc.idesCbcenc = implEnc + cc.idesCbcdec = implDec + + +proc sslEngineSetDefaultDesCbc*(cc: var SslEngineContext) {.importcFunc, + importc: "br_ssl_engine_set_default_des_cbc", header: "bearssl_ssl.h".} + +proc sslEngineSetGhash*(cc: var SslEngineContext; impl: Ghash) {.inline.} = + cc.ighash = impl + + +proc sslEngineSetChacha20*(cc: var SslEngineContext; ichacha: Chacha20Run) {.inline, + importcFunc.} = + cc.ichacha = ichacha + + +proc sslEngineSetPoly1305*(cc: var SslEngineContext; ipoly: Poly1305Run) {.inline, + importcFunc.} = + cc.ipoly = ipoly + + +proc sslEngineSetDefaultChapol*(cc: var SslEngineContext) {.importcFunc, + importc: "br_ssl_engine_set_default_chapol", header: "bearssl_ssl.h".} + +proc sslEngineSetAesCtrcbc*(cc: var SslEngineContext; impl: ptr BlockCtrcbcClass) {. + inline.} = + cc.iaesCtrcbc = impl + + +proc sslEngineSetDefaultAesCcm*(cc: var SslEngineContext) {.importcFunc, + importc: "br_ssl_engine_set_default_aes_ccm", header: "bearssl_ssl.h".} + +proc sslEngineSetCbc*(cc: var SslEngineContext; implIn: ptr SslrecInCbcClass; + implOut: ptr SslrecOutCbcClass) {.inline.} = + cc.icbcIn = implIn + cc.icbcOut = implOut + + +proc sslEngineSetGcm*(cc: var SslEngineContext; implIn: ptr SslrecInGcmClass; + implOut: ptr SslrecOutGcmClass) {.inline.} = + cc.igcmIn = implIn + cc.igcmOut = implOut + + +proc sslEngineSetCcm*(cc: var SslEngineContext; implIn: ptr SslrecInCcmClass; + implOut: ptr SslrecOutCcmClass) {.inline.} = + cc.iccmIn = implIn + cc.iccmOut = implOut + + +proc sslEngineSetChapol*(cc: var SslEngineContext; implIn: ptr SslrecInChapolClass; + implOut: ptr SslrecOutChapolClass) {.inline.} = + cc.ichapolIn = implIn + cc.ichapolOut = implOut + +proc sslEngineSetEc*(cc: var SslEngineContext; iec: ptr EcImpl) {.inline.} = + cc.iec = iec + + +proc sslEngineSetDefaultEc*(cc: var SslEngineContext) {.importcFunc, + importc: "br_ssl_engine_set_default_ec", header: "bearssl_ssl.h".} + +proc sslEngineGetEc*(cc: var SslEngineContext): ptr EcImpl {.inline.} = + return cc.iec + + +proc sslEngineSetRsavrfy*(cc: var SslEngineContext; irsavrfy: RsaPkcs1Vrfy) {.inline, + importcFunc.} = + cc.irsavrfy = irsavrfy + + +proc sslEngineSetDefaultRsavrfy*(cc: var SslEngineContext) {.importcFunc, + importc: "br_ssl_engine_set_default_rsavrfy", header: "bearssl_ssl.h".} + +proc sslEngineGetRsavrfy*(cc: var SslEngineContext): RsaPkcs1Vrfy {.inline.} = + return cc.irsavrfy + +proc sslEngineSetEcdsa*(cc: var SslEngineContext; iecdsa: EcdsaVrfy) {.inline.} = + cc.iecdsa = iecdsa + + +proc sslEngineSetDefaultEcdsa*(cc: var SslEngineContext) {.importcFunc, + importc: "br_ssl_engine_set_default_ecdsa", header: "bearssl_ssl.h".} + +proc sslEngineGetEcdsa*(cc: var SslEngineContext): EcdsaVrfy {.inline.} = + return cc.iecdsa + + +proc sslEngineSetBuffer*(cc: var SslEngineContext; iobuf: pointer; iobufLen: uint; + bidi: cint) {.importcFunc, importc: "br_ssl_engine_set_buffer", + header: "bearssl_ssl.h".} + +proc sslEngineSetBuffersBidi*(cc: var SslEngineContext; ibuf: pointer; + ibufLen: uint; obuf: pointer; obufLen: uint) {. + importcFunc, importc: "br_ssl_engine_set_buffers_bidi", header: "bearssl_ssl.h".} + +proc sslEngineInjectEntropy*(cc: var SslEngineContext; data: pointer; len: uint) {. + importcFunc, importc: "br_ssl_engine_inject_entropy", header: "bearssl_ssl.h".} + +proc sslEngineGetServerName*(cc: var SslEngineContext): cstring {.inline.} = + return addr cc.serverName + + +proc sslEngineGetVersion*(cc: var SslEngineContext): cuint {.inline.} = + return cc.session.version + + +proc sslEngineGetSessionParameters*(cc: var SslEngineContext; + pp: ptr SslSessionParameters) {.inline.} = + copyMem(pp, addr(cc.session), sizeof(pp[])) + +proc sslEngineSetSessionParameters*(cc: var SslEngineContext; + pp: ptr SslSessionParameters) {.inline.} = + copyMem(addr(cc.session), pp, sizeof(pp[])) + + +proc sslEngineGetEcdheCurve*(cc: var SslEngineContext): cint {.inline.} = + return cint cc.ecdheCurve + + +proc sslEngineCurrentState*(cc: var SslEngineContext): cuint {.importcFunc, + importc: "br_ssl_engine_current_state", header: "bearssl_ssl.h".} + +const + SSL_CLOSED* = 0x0001 + + +const + SSL_SENDREC* = 0x0002 + + +const + SSL_RECVREC* = 0x0004 + + +const + SSL_SENDAPP* = 0x0008 + + +const + SSL_RECVAPP* = 0x0010 + +proc sslEngineLastError*(cc: var SslEngineContext): cint {.inline.} = + return cc.err + + +proc sslEngineSendappBuf*(cc: var SslEngineContext; len: var uint): ptr byte {. + importcFunc, importc: "br_ssl_engine_sendapp_buf", header: "bearssl_ssl.h".} + +proc sslEngineSendappAck*(cc: var SslEngineContext; len: uint) {.importcFunc, + importc: "br_ssl_engine_sendapp_ack", header: "bearssl_ssl.h".} + +proc sslEngineRecvappBuf*(cc: var SslEngineContext; len: var uint): ptr byte {. + importcFunc, importc: "br_ssl_engine_recvapp_buf", header: "bearssl_ssl.h".} + +proc sslEngineRecvappAck*(cc: var SslEngineContext; len: uint) {.importcFunc, + importc: "br_ssl_engine_recvapp_ack", header: "bearssl_ssl.h".} + +proc sslEngineSendrecBuf*(cc: var SslEngineContext; len: var uint): ptr byte {. + importcFunc, importc: "br_ssl_engine_sendrec_buf", header: "bearssl_ssl.h".} + +proc sslEngineSendrecAck*(cc: var SslEngineContext; len: uint) {.importcFunc, + importc: "br_ssl_engine_sendrec_ack", header: "bearssl_ssl.h".} + +proc sslEngineRecvrecBuf*(cc: var SslEngineContext; len: var uint): ptr byte {. + importcFunc, importc: "br_ssl_engine_recvrec_buf", header: "bearssl_ssl.h".} + +proc sslEngineRecvrecAck*(cc: var SslEngineContext; len: uint) {.importcFunc, + importc: "br_ssl_engine_recvrec_ack", header: "bearssl_ssl.h".} + +proc sslEngineFlush*(cc: var SslEngineContext; force: cint) {.importcFunc, + importc: "br_ssl_engine_flush", header: "bearssl_ssl.h".} + +proc sslEngineClose*(cc: var SslEngineContext) {.importcFunc, + importc: "br_ssl_engine_close", header: "bearssl_ssl.h".} + +proc sslEngineRenegotiate*(cc: var SslEngineContext): cint {.importcFunc, + importc: "br_ssl_engine_renegotiate", header: "bearssl_ssl.h".} + +proc sslKeyExport*(cc: var SslEngineContext; dst: pointer; len: uint; label: cstring; + context: pointer; contextLen: uint): cint {.importcFunc, + importc: "br_ssl_key_export", header: "bearssl_ssl.h".} + +type + SslClientCertificate* {.importc: "br_ssl_client_certificate", + header: "bearssl_ssl.h", bycopy.} = object + authType* {.importc: "auth_type".}: cint + hashId* {.importc: "hash_id".}: cint + chain* {.importc: "chain".}: ptr X509Certificate + chainLen* {.importc: "chain_len".}: uint + + + +const + AUTH_ECDH* = 0 + + +const + AUTH_RSA* = 1 + + +const + AUTH_ECDSA* = 3 + + +type + SslClientCertificateClass* {.importc: "br_ssl_client_certificate_class", + header: "bearssl_ssl.h", bycopy.} = object + contextSize* {.importc: "context_size".}: uint + startNameList* {.importc: "start_name_list".}: proc ( + pctx: ptr ptr SslClientCertificateClass) {.importcFunc.} + startName* {.importc: "start_name".}: proc ( + pctx: ptr ptr SslClientCertificateClass; len: uint) {.importcFunc.} + appendName* {.importc: "append_name".}: proc ( + pctx: ptr ptr SslClientCertificateClass; data: ptr byte; len: uint) {.importcFunc.} + endName* {.importc: "end_name".}: proc (pctx: ptr ptr SslClientCertificateClass) {. + importcFunc.} + endNameList* {.importc: "end_name_list".}: proc ( + pctx: ptr ptr SslClientCertificateClass) {.importcFunc.} + choose* {.importc: "choose".}: proc (pctx: ptr ptr SslClientCertificateClass; + cc: var SslClientContext; authTypes: uint32; + choices: ptr SslClientCertificate) {.importcFunc.} + doKeyx* {.importc: "do_keyx".}: proc (pctx: ptr ptr SslClientCertificateClass; + data: ptr byte; len: var uint): uint32 {. + importcFunc.} + doSign* {.importc: "do_sign".}: proc (pctx: ptr ptr SslClientCertificateClass; + hashId: cint; hvLen: uint; + data: ptr byte; len: uint): uint {.importcFunc.} + + + + SslClientCertificateRsaContext* {.importc: "br_ssl_client_certificate_rsa_context", + header: "bearssl_ssl.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr SslClientCertificateClass + chain* {.importc: "chain".}: ptr X509Certificate + chainLen* {.importc: "chain_len".}: uint + sk* {.importc: "sk".}: ptr RsaPrivateKey + irsasign* {.importc: "irsasign".}: RsaPkcs1Sign + + + + SslClientCertificateEcContext* {.importc: "br_ssl_client_certificate_ec_context", + header: "bearssl_ssl.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr SslClientCertificateClass + chain* {.importc: "chain".}: ptr X509Certificate + chainLen* {.importc: "chain_len".}: uint + sk* {.importc: "sk".}: ptr EcPrivateKey + allowedUsages* {.importc: "allowed_usages".}: cuint + issuerKeyType* {.importc: "issuer_key_type".}: cuint + mhash* {.importc: "mhash".}: ptr MultihashContext + iec* {.importc: "iec".}: ptr EcImpl + iecdsa* {.importc: "iecdsa".}: EcdsaSign + + + + + INNER_C_UNION_bearssl_ssl_20* {.importc: "no_name", header: "bearssl_ssl.h", + bycopy, union.} = object + vtable* {.importc: "vtable".}: ptr SslClientCertificateClass + singleRsa* {.importc: "single_rsa".}: SslClientCertificateRsaContext + singleEc* {.importc: "single_ec".}: SslClientCertificateEcContext + + SslClientContext* {.importc: "br_ssl_client_context", header: "bearssl_ssl.h", + bycopy.} = object + eng* {.importc: "eng".}: SslEngineContext + minClienthelloLen* {.importc: "min_clienthello_len".}: uint16 + hashes* {.importc: "hashes".}: uint32 + serverCurve* {.importc: "server_curve".}: cint + clientAuthVtable* {.importc: "client_auth_vtable".}: ptr ptr SslClientCertificateClass + authType* {.importc: "auth_type".}: byte + hashId* {.importc: "hash_id".}: byte + clientAuth* {.importc: "client_auth".}: INNER_C_UNION_bearssl_ssl_20 + irsapub* {.importc: "irsapub".}: RsaPublic + + + +proc sslClientGetServerHashes*(cc: var SslClientContext): uint32 {.inline.} = + return cc.hashes + +proc sslClientGetServerCurve*(cc: var SslClientContext): cint {.inline.} = + return cc.serverCurve + + +proc sslClientInitFull*(cc: var SslClientContext; xc: ptr X509MinimalContext; + trustAnchors: ptr X509TrustAnchor; trustAnchorsNum: uint) {. + importcFunc, importc: "br_ssl_client_init_full", header: "bearssl_ssl.h".} + +proc sslClientZero*(cc: var SslClientContext) {.importcFunc, importc: "br_ssl_client_zero", + header: "bearssl_ssl.h".} + +proc sslClientSetClientCertificate*(cc: var SslClientContext; + pctx: ptr ptr SslClientCertificateClass) {. + inline.} = + cc.clientAuthVtable = pctx + + +proc sslClientSetRsapub*(cc: var SslClientContext; irsapub: RsaPublic) {.inline.} = + cc.irsapub = irsapub + + +proc sslClientSetDefaultRsapub*(cc: var SslClientContext) {.importcFunc, + importc: "br_ssl_client_set_default_rsapub", header: "bearssl_ssl.h".} + +proc sslClientSetMinClienthelloLen*(cc: var SslClientContext; len: uint16) {.inline, + importcFunc.} = + cc.minClienthelloLen = len + + +proc sslClientReset*(cc: var SslClientContext; serverName: cstring; + resumeSession: cint): cint {.importcFunc, + importc: "br_ssl_client_reset", header: "bearssl_ssl.h".} + +proc sslClientForgetSession*(cc: var SslClientContext) {.inline.} = + cc.eng.session.sessionIdLen = byte(0) + + +proc sslClientSetSingleRsa*(cc: var SslClientContext; chain: ptr X509Certificate; + chainLen: int; sk: ptr RsaPrivateKey; + irsasign: RsaPkcs1Sign) {.importcFunc, + importc: "br_ssl_client_set_single_rsa", header: "bearssl_ssl.h".} + +proc sslClientSetSingleEc*(cc: var SslClientContext; chain: ptr X509Certificate; + chainLen: int; sk: ptr EcPrivateKey; + allowedUsages: cuint; certIssuerKeyType: cuint; + iec: ptr EcImpl; iecdsa: EcdsaSign) {.importcFunc, + importc: "br_ssl_client_set_single_ec", header: "bearssl_ssl.h".} + +type + SuiteTranslated* = array[2, uint16] + + +const + SSLKEYX_RSA* = 0 + SSLKEYX_ECDHE_RSA* = 1 + SSLKEYX_ECDHE_ECDSA* = 2 + SSLKEYX_ECDH_RSA* = 3 + SSLKEYX_ECDH_ECDSA* = 4 + SSLENC_3DES_CBC* = 0 + SSLENC_AES128_CBC* = 1 + SSLENC_AES256_CBC* = 2 + SSLENC_AES128_GCM* = 3 + SSLENC_AES256_GCM* = 4 + SSLENC_CHACHA20* = 5 + SSLMAC_AEAD* = 0 + SSLMAC_SHA1* = sha1ID + SSLMAC_SHA256* = sha256ID + SSLMAC_SHA384* = sha384ID + SSLPRF_SHA256* = sha256ID + SSLPRF_SHA384* = sha384ID + +type + SslServerChoices* {.importc: "br_ssl_server_choices", header: "bearssl_ssl.h", + bycopy.} = object + cipherSuite* {.importc: "cipher_suite".}: uint16 + algoId* {.importc: "algo_id".}: cuint + chain* {.importc: "chain".}: ptr X509Certificate + chainLen* {.importc: "chain_len".}: uint + + + +type + SslServerPolicyClass* {.importc: "br_ssl_server_policy_class", + header: "bearssl_ssl.h", bycopy.} = object + contextSize* {.importc: "context_size".}: uint + choose* {.importc: "choose".}: proc (pctx: ptr ptr SslServerPolicyClass; + cc: var SslServerContext; + choices: ptr SslServerChoices): cint {.importcFunc.} + doKeyx* {.importc: "do_keyx".}: proc (pctx: ptr ptr SslServerPolicyClass; + data: ptr byte; len: var uint): uint32 {. + importcFunc.} + doSign* {.importc: "do_sign".}: proc (pctx: ptr ptr SslServerPolicyClass; + algoId: cuint; data: ptr byte; + hvLen: uint; len: uint): uint {.importcFunc.} + + + + + SslServerPolicyRsaContext* {.importc: "br_ssl_server_policy_rsa_context", + header: "bearssl_ssl.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr SslServerPolicyClass + chain* {.importc: "chain".}: ptr X509Certificate + chainLen* {.importc: "chain_len".}: uint + sk* {.importc: "sk".}: ptr RsaPrivateKey + allowedUsages* {.importc: "allowed_usages".}: cuint + irsacore* {.importc: "irsacore".}: RsaPrivate + irsasign* {.importc: "irsasign".}: RsaPkcs1Sign + + + + + SslServerPolicyEcContext* {.importc: "br_ssl_server_policy_ec_context", + header: "bearssl_ssl.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr SslServerPolicyClass + chain* {.importc: "chain".}: ptr X509Certificate + chainLen* {.importc: "chain_len".}: uint + sk* {.importc: "sk".}: ptr EcPrivateKey + allowedUsages* {.importc: "allowed_usages".}: cuint + certIssuerKeyType* {.importc: "cert_issuer_key_type".}: cuint + mhash* {.importc: "mhash".}: ptr MultihashContext + iec* {.importc: "iec".}: ptr EcImpl + iecdsa* {.importc: "iecdsa".}: EcdsaSign + + + + SslSessionCacheClass* {.importc: "br_ssl_session_cache_class", + header: "bearssl_ssl.h", bycopy.} = object + contextSize* {.importc: "context_size".}: uint + save* {.importc: "save".}: proc (ctx: ptr ptr SslSessionCacheClass; + serverCtx: ptr SslServerContext; + params: ptr SslSessionParameters) {.importcFunc.} + load* {.importc: "load".}: proc (ctx: ptr ptr SslSessionCacheClass; + serverCtx: ptr SslServerContext; + params: ptr SslSessionParameters): cint {.importcFunc.} + + + + + SslSessionCacheLru* {.importc: "br_ssl_session_cache_lru", + header: "bearssl_ssl.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr SslSessionCacheClass + store* {.importc: "store".}: ptr byte + storeLen* {.importc: "store_len".}: uint + storePtr* {.importc: "store_ptr".}: uint + indexKey* {.importc: "index_key".}: array[32, byte] + hash* {.importc: "hash".}: ptr HashClass + initDone* {.importc: "init_done".}: cint + head* {.importc: "head".}: uint32 + tail* {.importc: "tail".}: uint32 + root* {.importc: "root".}: uint32 + + + + INNER_C_UNION_bearssl_ssl_21* {.importc: "no_name", header: "bearssl_ssl.h", + bycopy, union.} = object + vtable* {.importc: "vtable".}: ptr SslServerPolicyClass + singleRsa* {.importc: "single_rsa".}: SslServerPolicyRsaContext + singleEc* {.importc: "single_ec".}: SslServerPolicyEcContext + + SslServerContext* {.importc: "br_ssl_server_context", header: "bearssl_ssl.h", + bycopy.} = object + eng* {.importc: "eng".}: SslEngineContext + clientMaxVersion* {.importc: "client_max_version".}: uint16 + cacheVtable* {.importc: "cache_vtable".}: ptr ptr SslSessionCacheClass + clientSuites* {.importc: "client_suites".}: array[MAX_CIPHER_SUITES, + SuiteTranslated] + clientSuitesNum* {.importc: "client_suites_num".}: byte + hashes* {.importc: "hashes".}: uint32 + curves* {.importc: "curves".}: uint32 + policyVtable* {.importc: "policy_vtable".}: ptr ptr SslServerPolicyClass + signHashId* {.importc: "sign_hash_id".}: uint16 + chainHandler* {.importc: "chain_handler".}: INNER_C_UNION_bearssl_ssl_21 + ecdheKey* {.importc: "ecdhe_key".}: array[70, byte] + ecdheKeyLen* {.importc: "ecdhe_key_len".}: uint + taNames* {.importc: "ta_names".}: ptr X500Name + tas* {.importc: "tas".}: ptr X509TrustAnchor + numTas* {.importc: "num_tas".}: uint + curDnIndex* {.importc: "cur_dn_index".}: uint + curDn* {.importc: "cur_dn".}: ptr byte + curDnLen* {.importc: "cur_dn_len".}: uint + hashCV* {.importc: "hash_CV".}: array[64, byte] + hashCV_len* {.importc: "hash_CV_len".}: uint + hashCV_id* {.importc: "hash_CV_id".}: cint + +proc sslSessionCacheLruInit*(cc: var SslSessionCacheLru; store: ptr cuchar; + storeLen: int) {.importcFunc, + importc: "br_ssl_session_cache_lru_init", header: "bearssl_ssl.h".} + +proc sslSessionCacheLruForget*(cc: var SslSessionCacheLru; id: ptr cuchar) {.importcFunc, + importc: "br_ssl_session_cache_lru_forget", header: "bearssl_ssl.h".} + + + + +proc sslServerInitFullRsa*(cc: var SslServerContext; chain: ptr X509Certificate; + chainLen: uint; sk: ptr RsaPrivateKey) {.importcFunc, + importc: "br_ssl_server_init_full_rsa", header: "bearssl_ssl.h".} + +proc sslServerInitFullEc*(cc: var SslServerContext; chain: ptr X509Certificate; + chainLen: uint; certIssuerKeyType: cuint; + sk: ptr EcPrivateKey) {.importcFunc, + importc: "br_ssl_server_init_full_ec", header: "bearssl_ssl.h".} + +proc sslServerInitMinr2g*(cc: var SslServerContext; chain: ptr X509Certificate; + chainLen: uint; sk: ptr RsaPrivateKey) {.importcFunc, + importc: "br_ssl_server_init_minr2g", header: "bearssl_ssl.h".} + +proc sslServerInitMine2g*(cc: var SslServerContext; chain: ptr X509Certificate; + chainLen: uint; sk: ptr RsaPrivateKey) {.importcFunc, + importc: "br_ssl_server_init_mine2g", header: "bearssl_ssl.h".} + +proc sslServerInitMinf2g*(cc: var SslServerContext; chain: ptr X509Certificate; + chainLen: uint; sk: ptr EcPrivateKey) {.importcFunc, + importc: "br_ssl_server_init_minf2g", header: "bearssl_ssl.h".} + +proc sslServerInitMinu2g*(cc: var SslServerContext; chain: ptr X509Certificate; + chainLen: uint; sk: ptr EcPrivateKey) {.importcFunc, + importc: "br_ssl_server_init_minu2g", header: "bearssl_ssl.h".} + +proc sslServerInitMinv2g*(cc: var SslServerContext; chain: ptr X509Certificate; + chainLen: uint; sk: ptr EcPrivateKey) {.importcFunc, + importc: "br_ssl_server_init_minv2g", header: "bearssl_ssl.h".} + +proc sslServerInitMine2c*(cc: var SslServerContext; chain: ptr X509Certificate; + chainLen: uint; sk: ptr RsaPrivateKey) {.importcFunc, + importc: "br_ssl_server_init_mine2c", header: "bearssl_ssl.h".} + +proc sslServerInitMinf2c*(cc: var SslServerContext; chain: ptr X509Certificate; + chainLen: uint; sk: ptr EcPrivateKey) {.importcFunc, + importc: "br_ssl_server_init_minf2c", header: "bearssl_ssl.h".} + +proc sslServerGetClientSuites*(cc: var SslServerContext; num: ptr uint): + ptr array[MAX_CIPHER_SUITES, SuiteTranslated] {. + inline.} = + num[] = cc.clientSuitesNum + return addr cc.clientSuites + + +proc sslServerGetClientHashes*(cc: var SslServerContext): uint32 {.inline.} = + return cc.hashes + + +proc sslServerGetClientCurves*(cc: var SslServerContext): uint32 {.inline.} = + return cc.curves + + +proc sslServerZero*(cc: var SslServerContext) {.importcFunc, importc: "br_ssl_server_zero", + header: "bearssl_ssl.h".} + +proc sslServerSetPolicy*(cc: var SslServerContext; + pctx: ptr ptr SslServerPolicyClass) {.inline.} = + cc.policyVtable = pctx + + +proc sslServerSetSingleRsa*(cc: var SslServerContext; chain: ptr X509Certificate; + chainLen: uint; sk: ptr RsaPrivateKey; + allowedUsages: cuint; irsacore: RsaPrivate; + irsasign: RsaPkcs1Sign) {.importcFunc, + importc: "br_ssl_server_set_single_rsa", header: "bearssl_ssl.h".} + +proc sslServerSetSingleEc*(cc: var SslServerContext; chain: ptr X509Certificate; + chainLen: uint; sk: ptr EcPrivateKey; + allowedUsages: cuint; certIssuerKeyType: cuint; + iec: ptr EcImpl; iecdsa: EcdsaSign) {.importcFunc, + importc: "br_ssl_server_set_single_ec", header: "bearssl_ssl.h".} + +proc sslServerSetTrustAnchorNames*(cc: var SslServerContext; taNames: ptr X500Name; + num: uint) {.inline.} = + cc.taNames = taNames + cc.tas = nil + cc.numTas = num + + +proc sslServerSetTrustAnchorNamesAlt*(cc: var SslServerContext; + tas: ptr X509TrustAnchor; num: uint) {.inline.} = + cc.taNames = nil + cc.tas = tas + cc.numTas = num + + +proc sslServerSetCache*(cc: var SslServerContext; + vtable: ptr ptr SslSessionCacheClass) {.inline.} = + cc.cacheVtable = vtable + + +proc sslServerReset*(cc: var SslServerContext): cint {.importcFunc, + importc: "br_ssl_server_reset", header: "bearssl_ssl.h".} + +type + SslioContext* {.importc: "br_sslio_context", header: "bearssl_ssl.h", bycopy.} = object + engine* {.importc: "engine".}: ptr SslEngineContext + lowRead* {.importc: "low_read".}: proc (readContext: pointer; data: ptr byte; + len: uint): cint {.importcFunc.} + readContext* {.importc: "read_context".}: pointer + lowWrite* {.importc: "low_write".}: proc (writeContext: pointer; data: ptr byte; + len: uint): cint {.importcFunc.} + writeContext* {.importc: "write_context".}: pointer + + + +proc sslioInit*(ctx: var SslioContext; engine: ptr SslEngineContext; lowRead: proc ( + readContext: pointer; data: ptr byte; len: uint): cint {.importcFunc.}; + readContext: pointer; lowWrite: proc (writeContext: pointer; + data: ptr byte; len: uint): cint {.importcFunc.}; writeContext: pointer) {.importcFunc, + importc: "br_sslio_init", header: "bearssl_ssl.h".} + +proc sslioRead*(cc: var SslioContext; dst: pointer; len: uint): cint {.importcFunc, + importc: "br_sslio_read", header: "bearssl_ssl.h".} + +proc sslioReadAll*(cc: var SslioContext; dst: pointer; len: uint): cint {.importcFunc, + importc: "br_sslio_read_all", header: "bearssl_ssl.h".} + +proc sslioWrite*(cc: var SslioContext; src: pointer; len: uint): cint {.importcFunc, + importc: "br_sslio_write", header: "bearssl_ssl.h".} + +proc sslioWriteAll*(cc: var SslioContext; src: pointer; len: uint): cint {.importcFunc, + importc: "br_sslio_write_all", header: "bearssl_ssl.h".} + +proc sslioFlush*(cc: var SslioContext): cint {.importcFunc, importc: "br_sslio_flush", + header: "bearssl_ssl.h".} + +proc sslioClose*(cc: var SslioContext): cint {.importcFunc, importc: "br_sslio_close", + header: "bearssl_ssl.h".} + +const + TLS_NULL_WITH_NULL_NULL* = 0x0000 + TLS_RSA_WITH_NULL_MD5* = 0x0001 + TLS_RSA_WITH_NULL_SHA* = 0x0002 + TLS_RSA_WITH_NULL_SHA256* = 0x003B + TLS_RSA_WITH_RC4_128_MD5* = 0x0004 + TLS_RSA_WITH_RC4_128_SHA* = 0x0005 + TLS_RSA_WITH_3DES_EDE_CBC_SHA* = 0x000A + TLS_RSA_WITH_AES_128_CBC_SHA* = 0x002F + TLS_RSA_WITH_AES_256_CBC_SHA* = 0x0035 + TLS_RSA_WITH_AES_128_CBC_SHA256* = 0x003C + TLS_RSA_WITH_AES_256_CBC_SHA256* = 0x003D + TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA* = 0x000D + TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA* = 0x0010 + TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA* = 0x0013 + TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA* = 0x0016 + TLS_DH_DSS_WITH_AES_128_CBC_SHA* = 0x0030 + TLS_DH_RSA_WITH_AES_128_CBC_SHA* = 0x0031 + TLS_DHE_DSS_WITH_AES_128_CBC_SHA* = 0x0032 + TLS_DHE_RSA_WITH_AES_128_CBC_SHA* = 0x0033 + TLS_DH_DSS_WITH_AES_256_CBC_SHA* = 0x0036 + TLS_DH_RSA_WITH_AES_256_CBC_SHA* = 0x0037 + TLS_DHE_DSS_WITH_AES_256_CBC_SHA* = 0x0038 + TLS_DHE_RSA_WITH_AES_256_CBC_SHA* = 0x0039 + TLS_DH_DSS_WITH_AES_128_CBC_SHA256* = 0x003E + TLS_DH_RSA_WITH_AES_128_CBC_SHA256* = 0x003F + TLS_DHE_DSS_WITH_AES_128_CBC_SHA256* = 0x0040 + TLS_DHE_RSA_WITH_AES_128_CBC_SHA256* = 0x0067 + TLS_DH_DSS_WITH_AES_256_CBC_SHA256* = 0x0068 + TLS_DH_RSA_WITH_AES_256_CBC_SHA256* = 0x0069 + TLS_DHE_DSS_WITH_AES_256_CBC_SHA256* = 0x006A + TLS_DHE_RSA_WITH_AES_256_CBC_SHA256* = 0x006B + TLS_DH_anonWITH_RC4128MD5* = 0x0018 + TLS_DH_anonWITH_3DES_EDE_CBC_SHA* = 0x001B + TLS_DH_anonWITH_AES_128CBC_SHA* = 0x0034 + TLS_DH_anonWITH_AES_256CBC_SHA* = 0x003A + TLS_DH_anonWITH_AES_128CBC_SHA256* = 0x006C + TLS_DH_anonWITH_AES_256CBC_SHA256* = 0x006D + + +const + TLS_ECDH_ECDSA_WITH_NULL_SHA* = 0xC001 + TLS_ECDH_ECDSA_WITH_RC4_128_SHA* = 0xC002 + TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA* = 0xC003 + TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA* = 0xC004 + TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA* = 0xC005 + TLS_ECDHE_ECDSA_WITH_NULL_SHA* = 0xC006 + TLS_ECDHE_ECDSA_WITH_RC4_128_SHA* = 0xC007 + TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA* = 0xC008 + TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA* = 0xC009 + TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA* = 0xC00A + TLS_ECDH_RSA_WITH_NULL_SHA* = 0xC00B + TLS_ECDH_RSA_WITH_RC4_128_SHA* = 0xC00C + TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA* = 0xC00D + TLS_ECDH_RSA_WITH_AES_128_CBC_SHA* = 0xC00E + TLS_ECDH_RSA_WITH_AES_256_CBC_SHA* = 0xC00F + TLS_ECDHE_RSA_WITH_NULL_SHA* = 0xC010 + TLS_ECDHE_RSA_WITH_RC4_128_SHA* = 0xC011 + TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA* = 0xC012 + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA* = 0xC013 + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA* = 0xC014 + TLS_ECDH_anonWITH_NULL_SHA* = 0xC015 + TLS_ECDH_anonWITH_RC4128SHA* = 0xC016 + TLS_ECDH_anonWITH_3DES_EDE_CBC_SHA* = 0xC017 + TLS_ECDH_anonWITH_AES_128CBC_SHA* = 0xC018 + TLS_ECDH_anonWITH_AES_256CBC_SHA* = 0xC019 + + +const + TLS_RSA_WITH_AES_128_GCM_SHA256* = 0x009C + TLS_RSA_WITH_AES_256_GCM_SHA384* = 0x009D + TLS_DHE_RSA_WITH_AES_128_GCM_SHA256* = 0x009E + TLS_DHE_RSA_WITH_AES_256_GCM_SHA384* = 0x009F + TLS_DH_RSA_WITH_AES_128_GCM_SHA256* = 0x00A0 + TLS_DH_RSA_WITH_AES_256_GCM_SHA384* = 0x00A1 + TLS_DHE_DSS_WITH_AES_128_GCM_SHA256* = 0x00A2 + TLS_DHE_DSS_WITH_AES_256_GCM_SHA384* = 0x00A3 + TLS_DH_DSS_WITH_AES_128_GCM_SHA256* = 0x00A4 + TLS_DH_DSS_WITH_AES_256_GCM_SHA384* = 0x00A5 + TLS_DH_anonWITH_AES_128GCM_SHA256* = 0x00A6 + TLS_DH_anonWITH_AES_256GCM_SHA384* = 0x00A7 + + +const + TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256* = 0xC023 + TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384* = 0xC024 + TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256* = 0xC025 + TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384* = 0xC026 + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256* = 0xC027 + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384* = 0xC028 + TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256* = 0xC029 + TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384* = 0xC02A + TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256* = 0xC02B + TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384* = 0xC02C + TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256* = 0xC02D + TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384* = 0xC02E + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256* = 0xC02F + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384* = 0xC030 + TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256* = 0xC031 + TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384* = 0xC032 + + +const + TLS_RSA_WITH_AES_128_CCM* = 0xC09C + TLS_RSA_WITH_AES_256_CCM* = 0xC09D + TLS_RSA_WITH_AES_128_CCM_8* = 0xC0A0 + TLS_RSA_WITH_AES_256_CCM_8* = 0xC0A1 + TLS_ECDHE_ECDSA_WITH_AES_128_CCM* = 0xC0AC + TLS_ECDHE_ECDSA_WITH_AES_256_CCM* = 0xC0AD + TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8* = 0xC0AE + TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8* = 0xC0AF + + +const + TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256* = 0xCCA8 + TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256* = 0xCCA9 + TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256* = 0xCCAA + TLS_PSK_WITH_CHACHA20_POLY1305_SHA256* = 0xCCAB + TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256* = 0xCCAC + TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256* = 0xCCAD + TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256* = 0xCCAE + + +const + TLS_FALLBACK_SCSV* = 0x5600 + + +const + ALERT_CLOSE_NOTIFY* = 0 + ALERT_UNEXPECTED_MESSAGE* = 10 + ALERT_BAD_RECORD_MAC* = 20 + ALERT_RECORD_OVERFLOW* = 22 + ALERT_DECOMPRESSION_FAILURE* = 30 + ALERT_HANDSHAKE_FAILURE* = 40 + ALERT_BAD_CERTIFICATE* = 42 + ALERT_UNSUPPORTED_CERTIFICATE* = 43 + ALERT_CERTIFICATE_REVOKED* = 44 + ALERT_CERTIFICATE_EXPIRED* = 45 + ALERT_CERTIFICATE_UNKNOWN* = 46 + ALERT_ILLEGAL_PARAMETER* = 47 + ALERT_UNKNOWN_CA* = 48 + ALERT_ACCESS_DENIED* = 49 + ALERT_DECODE_ERROR* = 50 + ALERT_DECRYPT_ERROR* = 51 + ALERT_PROTOCOL_VERSION* = 70 + ALERT_INSUFFICIENT_SECURITY* = 71 + ALERT_INTERNAL_ERROR* = 80 + ALERT_USER_CANCELED* = 90 + ALERT_NO_RENEGOTIATION* = 100 + ALERT_UNSUPPORTED_EXTENSION* = 110 + ALERT_NO_APPLICATION_PROTOCOL* = 120 diff --git a/bearssl/abi/bearssl_x509.nim b/bearssl/abi/bearssl_x509.nim new file mode 100644 index 0000000..39e4462 --- /dev/null +++ b/bearssl/abi/bearssl_x509.nim @@ -0,0 +1,488 @@ +import + "."/[bearssl_ec, bearssl_hash, bearssl_rsa, csources] + +{.pragma: importcFunc, cdecl, gcsafe, noSideEffect, raises: [].} +{.used.} + +const + bearX509Path = bearSrcPath / "x509" + +{.compile: bearX509Path / "asn1enc.c".} +{.compile: bearX509Path / "encode_ec_pk8der.c".} +{.compile: bearX509Path / "encode_ec_rawder.c".} +{.compile: bearX509Path / "encode_rsa_pk8der.c".} +{.compile: bearX509Path / "encode_rsa_rawder.c".} +{.compile: bearX509Path / "skey_decoder.c".} +{.compile: bearX509Path / "x509_decoder.c".} +{.compile: bearX509Path / "x509_knownkey.c".} +{.compile: bearX509Path / "x509_minimal.c".} +{.compile: bearX509Path / "x509_minimal_full.c".} + +const + ERR_X509_OK* = 32 + + +const + ERR_X509_INVALID_VALUE* = 33 + + +const + ERR_X509_TRUNCATED* = 34 + + +const + ERR_X509_EMPTY_CHAIN* = 35 + + +const + ERR_X509_INNER_TRUNC* = 36 + + +const + ERR_X509_BAD_TAG_CLASS* = 37 + + +const + ERR_X509_BAD_TAG_VALUE* = 38 + + +const + ERR_X509_INDEFINITE_LENGTH* = 39 + + +const + ERR_X509_EXTRA_ELEMENT* = 40 + + +const + ERR_X509_UNEXPECTED* = 41 + + +const + ERR_X509_NOT_CONSTRUCTED* = 42 + + +const + ERR_X509_NOT_PRIMITIVE* = 43 + + +const + ERR_X509_PARTIAL_BYTE* = 44 + + +const + ERR_X509_BAD_BOOLEAN* = 45 + + +const + ERR_X509_OVERFLOW* = 46 + + +const + ERR_X509_BAD_DN* = 47 + + +const + ERR_X509_BAD_TIME* = 48 + + +const + ERR_X509_UNSUPPORTED* = 49 + + +const + ERR_X509_LIMIT_EXCEEDED* = 50 + + +const + ERR_X509_WRONG_KEY_TYPE* = 51 + + +const + ERR_X509_BAD_SIGNATURE* = 52 + + +const + ERR_X509_TIME_UNKNOWN* = 53 + + +const + ERR_X509_EXPIRED* = 54 + + +const + ERR_X509_DN_MISMATCH* = 55 + + +const + ERR_X509_BAD_SERVER_NAME* = 56 + + +const + ERR_X509_CRITICAL_EXTENSION* = 57 + + +const + ERR_X509_NOT_CA* = 58 + + +const + ERR_X509_FORBIDDEN_KEY_USAGE* = 59 + + +const + ERR_X509_WEAK_PUBLIC_KEY* = 60 + + +const + ERR_X509_NOT_TRUSTED* = 62 + + +type + INNER_C_UNION_bearssl_x509_1* {.importc: "br_x509_pkey::no_name", + header: "bearssl_x509.h", bycopy, union.} = object + rsa* {.importc: "rsa".}: RsaPublicKey + ec* {.importc: "ec".}: EcPublicKey + + X509Pkey* {.importc: "br_x509_pkey", header: "bearssl_x509.h", bycopy.} = object + keyType* {.importc: "key_type".}: byte + key* {.importc: "key".}: INNER_C_UNION_bearssl_x509_1 + + + +type + X500Name* {.importc: "br_x500_name", header: "bearssl_x509.h", bycopy.} = object + data* {.importc: "data".}: ptr byte + len* {.importc: "len".}: uint + + + +type + X509TrustAnchor* {.importc: "br_x509_trust_anchor", header: "bearssl_x509.h", + bycopy.} = object + dn* {.importc: "dn".}: X500Name + flags* {.importc: "flags".}: cuint + pkey* {.importc: "pkey".}: X509Pkey + + + +const + X509_TA_CA* = 0x0001 + + +const + KEYTYPE_RSA* = 1 + + +const + KEYTYPE_EC* = 2 + + +const + KEYTYPE_KEYX* = 0x10 + + +const + KEYTYPE_SIGN* = 0x20 + + +type + X509Class* {.importc: "br_x509_class", header: "bearssl_x509.h", bycopy.} = object + contextSize* {.importc: "context_size".}: uint + startChain* {.importc: "start_chain".}: proc (ctx: ptr ptr X509Class; + serverName: cstring) {.importcFunc.} + startCert* {.importc: "start_cert".}: proc (ctx: ptr ptr X509Class; length: uint32) {. + importcFunc.} + append* {.importc: "append".}: proc (ctx: ptr ptr X509Class; buf: ptr byte; + len: uint) {.importcFunc.} + endCert* {.importc: "end_cert".}: proc (ctx: ptr ptr X509Class) {.importcFunc.} + endChain* {.importc: "end_chain".}: proc (ctx: ptr ptr X509Class): cuint {.importcFunc.} + getPkey* {.importc: "get_pkey".}: proc (ctx: ptr ptr X509Class; usages: ptr cuint): ptr X509Pkey {. + importcFunc.} + + + +type + X509KnownkeyContext* {.importc: "br_x509_knownkey_context", + header: "bearssl_x509.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr X509Class + pkey* {.importc: "pkey".}: X509Pkey + usages* {.importc: "usages".}: cuint + + +var x509KnownkeyVtable* {.importc: "br_x509_knownkey_vtable", + header: "bearssl_x509.h".}: X509Class + +proc x509KnownkeyInitRsa*(ctx: var X509KnownkeyContext; pk: ptr RsaPublicKey; + usages: cuint) {.importcFunc, + importc: "br_x509_knownkey_init_rsa", + header: "bearssl_x509.h".} + +proc x509KnownkeyInitEc*(ctx: var X509KnownkeyContext; pk: ptr EcPublicKey; + usages: cuint) {.importcFunc, + importc: "br_x509_knownkey_init_ec", + header: "bearssl_x509.h".} + +const + X509_BUFSIZE_KEY* = 520 + X509_BUFSIZE_SIG* = 512 + + +type + NameElement* {.importc: "br_name_element", header: "bearssl_x509.h", bycopy.} = object + oid* {.importc: "oid".}: ptr byte + buf* {.importc: "buf".}: cstring + len* {.importc: "len".}: uint + status* {.importc: "status".}: cint + + + +type + INNER_C_STRUCT_bearssl_x509_3* {.importc: "br_x509_minimal_context::no_name", + header: "bearssl_x509.h", bycopy.} = object + dp* {.importc: "dp".}: ptr uint32 + rp* {.importc: "rp".}: ptr uint32 + ip* {.importc: "ip".}: ptr byte + + X509MinimalContext* {.importc: "br_x509_minimal_context", + header: "bearssl_x509.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr X509Class + pkey* {.importc: "pkey".}: X509Pkey + cpu* {.importc: "cpu".}: INNER_C_STRUCT_bearssl_x509_3 + dpStack* {.importc: "dp_stack".}: array[32, uint32] + rpStack* {.importc: "rp_stack".}: array[32, uint32] + err* {.importc: "err".}: cint + serverName* {.importc: "server_name".}: cstring + keyUsages* {.importc: "key_usages".}: byte + days* {.importc: "days".}: uint32 + seconds* {.importc: "seconds".}: uint32 + certLength* {.importc: "cert_length".}: uint32 + numCerts* {.importc: "num_certs".}: uint32 + hbuf* {.importc: "hbuf".}: ptr byte + hlen* {.importc: "hlen".}: uint + pad* {.importc: "pad".}: array[256, byte] + eePkeyData* {.importc: "ee_pkey_data".}: array[X509_BUFSIZE_KEY, byte] + pkeyData* {.importc: "pkey_data".}: array[X509_BUFSIZE_KEY, byte] + certSignerKeyType* {.importc: "cert_signer_key_type".}: byte + certSigHashOid* {.importc: "cert_sig_hash_oid".}: uint16 + certSigHashLen* {.importc: "cert_sig_hash_len".}: byte + certSig* {.importc: "cert_sig".}: array[X509_BUFSIZE_SIG, byte] + certSigLen* {.importc: "cert_sig_len".}: uint16 + minRsaSize* {.importc: "min_rsa_size".}: int16 + trustAnchors* {.importc: "trust_anchors".}: ptr X509TrustAnchor + trustAnchorsNum* {.importc: "trust_anchors_num".}: uint + doMhash* {.importc: "do_mhash".}: byte + mhash* {.importc: "mhash".}: MultihashContext + tbsHash* {.importc: "tbs_hash".}: array[64, byte] + doDnHash* {.importc: "do_dn_hash".}: byte + dnHashImpl* {.importc: "dn_hash_impl".}: ptr HashClass + dnHash* {.importc: "dn_hash".}: HashCompatContext + currentDnHash* {.importc: "current_dn_hash".}: array[64, byte] + nextDnHash* {.importc: "next_dn_hash".}: array[64, byte] + savedDnHash* {.importc: "saved_dn_hash".}: array[64, byte] + nameElts* {.importc: "name_elts".}: ptr NameElement + numNameElts* {.importc: "num_name_elts".}: uint + irsa* {.importc: "irsa".}: RsaPkcs1Vrfy + iecdsa* {.importc: "iecdsa".}: EcdsaVrfy + iec* {.importc: "iec".}: ptr EcImpl + + +var x509MinimalVtable* {.importc: "br_x509_minimal_vtable", header: "bearssl_x509.h".}: X509Class + +proc x509MinimalInit*(ctx: var X509MinimalContext; dnHashImpl: ptr HashClass; + trustAnchors: ptr X509TrustAnchor; trustAnchorsNum: uint) {. + importcFunc, importc: "br_x509_minimal_init", header: "bearssl_x509.h".} + +proc x509MinimalSetHash*(ctx: var X509MinimalContext; id: cint; impl: ptr HashClass) {. + inline.} = + multihashSetimpl(ctx.mhash, id, impl) + + +proc x509MinimalSetRsa*(ctx: var X509MinimalContext; irsa: RsaPkcs1Vrfy) {.inline.} = + ctx.irsa = irsa + + +proc x509MinimalSetEcdsa*(ctx: var X509MinimalContext; iec: ptr EcImpl; + iecdsa: EcdsaVrfy) {.inline.} = + ctx.iecdsa = iecdsa + ctx.iec = iec + + +proc x509MinimalInitFull*(ctx: var X509MinimalContext; + trustAnchors: ptr X509TrustAnchor; + trustAnchorsNum: uint) {.importcFunc, + importc: "br_x509_minimal_init_full", header: "bearssl_x509.h".} + +proc x509MinimalSetTime*(ctx: var X509MinimalContext; days: uint32; seconds: uint32) {. + inline.} = + ctx.days = days + ctx.seconds = seconds + + +proc x509MinimalSetMinrsa*(ctx: var X509MinimalContext; byteLength: cint) {.inline, + importcFunc.} = + ctx.minRsaSize = (int16)(byteLength - 128) + + +proc x509MinimalSetNameElements*(ctx: var X509MinimalContext; elts: ptr NameElement; + numElts: uint) {.inline.} = + ctx.nameElts = elts + ctx.numNameElts = numElts + + +type + INNER_C_STRUCT_bearssl_x509_5* {.importc: "br_x509_decoder_context::no_name", + header: "bearssl_x509.h", bycopy.} = object + dp* {.importc: "dp".}: ptr uint32 + rp* {.importc: "rp".}: ptr uint32 + ip* {.importc: "ip".}: ptr byte + + X509DecoderContext* {.importc: "br_x509_decoder_context", + header: "bearssl_x509.h", bycopy.} = object + pkey* {.importc: "pkey".}: X509Pkey + cpu* {.importc: "cpu".}: INNER_C_STRUCT_bearssl_x509_5 + dpStack* {.importc: "dp_stack".}: array[32, uint32] + rpStack* {.importc: "rp_stack".}: array[32, uint32] + err* {.importc: "err".}: cint + pad* {.importc: "pad".}: array[256, byte] + decoded* {.importc: "decoded".}: bool + notbeforeDays* {.importc: "notbefore_days".}: uint32 + notbeforeSeconds* {.importc: "notbefore_seconds".}: uint32 + notafterDays* {.importc: "notafter_days".}: uint32 + notafterSeconds* {.importc: "notafter_seconds".}: uint32 + isCA* {.importc: "isCA".}: bool + copyDn* {.importc: "copy_dn".}: byte + appendDnCtx* {.importc: "append_dn_ctx".}: pointer + appendDn* {.importc: "append_dn".}: proc (ctx: pointer; buf: pointer; len: uint) {. + importcFunc.} + hbuf* {.importc: "hbuf".}: ptr byte + hlen* {.importc: "hlen".}: uint + pkeyData* {.importc: "pkey_data".}: array[X509_BUFSIZE_KEY, byte] + signerKeyType* {.importc: "signer_key_type".}: byte + signerHashId* {.importc: "signer_hash_id".}: byte + + + +proc x509DecoderInit*(ctx: var X509DecoderContext; appendDn: proc (ctx: pointer; + buf: pointer; len: uint) {.importcFunc.}; appendDnCtx: pointer) {.importcFunc, + importc: "br_x509_decoder_init", header: "bearssl_x509.h".} + +proc x509DecoderPush*(ctx: var X509DecoderContext; data: pointer; len: uint) {.importcFunc, + importc: "br_x509_decoder_push", header: "bearssl_x509.h".} + +proc x509DecoderGetPkey*(ctx: var X509DecoderContext): ptr X509Pkey {.inline.} = + if ctx.decoded and ctx.err == 0: + return addr(ctx.pkey) + else: + return nil + + +proc x509DecoderLastError*(ctx: var X509DecoderContext): cint {.inline.} = + if ctx.err != 0: + return ctx.err + if not ctx.decoded: + return ERR_X509_TRUNCATED + return 0 + +proc x509DecoderIsCA*(ctx: var X509DecoderContext): cint {.inline.} = + return cint ctx.isCA + +proc x509DecoderGetSignerKeyType*(ctx: var X509DecoderContext): cint {.inline.} = + return cint ctx.signerKeyType + +proc x509DecoderGetSignerHashId*(ctx: var X509DecoderContext): cint {.inline.} = + return cint ctx.signerHashId + +type + X509Certificate* {.importc: "br_x509_certificate", header: "bearssl_x509.h", bycopy.} = object + data* {.importc: "data".}: ptr byte + dataLen* {.importc: "data_len".}: uint + + + +type + INNER_C_UNION_bearssl_x509_8* {.importc: "br_skey_decoder_context::no_name", + header: "bearssl_x509.h", bycopy, union.} = object + rsa* {.importc: "rsa".}: RsaPrivateKey + ec* {.importc: "ec".}: EcPrivateKey + + INNER_C_STRUCT_bearssl_x509_9* {.importc: "br_skey_decoder_context::no_name", + header: "bearssl_x509.h", bycopy.} = object + dp* {.importc: "dp".}: ptr uint32 + rp* {.importc: "rp".}: ptr uint32 + ip* {.importc: "ip".}: ptr byte + + SkeyDecoderContext* {.importc: "br_skey_decoder_context", + header: "bearssl_x509.h", bycopy.} = object + key* {.importc: "key".}: INNER_C_UNION_bearssl_x509_8 + cpu* {.importc: "cpu".}: INNER_C_STRUCT_bearssl_x509_9 + dpStack* {.importc: "dp_stack".}: array[32, uint32] + rpStack* {.importc: "rp_stack".}: array[32, uint32] + err* {.importc: "err".}: cint + hbuf* {.importc: "hbuf".}: ptr byte + hlen* {.importc: "hlen".}: uint + pad* {.importc: "pad".}: array[256, byte] + keyType* {.importc: "key_type".}: byte + keyData* {.importc: "key_data".}: array[3 * X509_BUFSIZE_SIG, byte] + + + +proc skeyDecoderInit*(ctx: var SkeyDecoderContext) {.importcFunc, + importc: "br_skey_decoder_init", header: "bearssl_x509.h".} + +proc skeyDecoderPush*(ctx: var SkeyDecoderContext; data: pointer; len: uint) {.importcFunc, + importc: "br_skey_decoder_push", header: "bearssl_x509.h".} + +proc skeyDecoderLastError*(ctx: var SkeyDecoderContext): cint {.inline.} = + if ctx.err != 0: + return ctx.err + if ctx.keyType == '\0'.byte: + return ERR_X509_TRUNCATED + return 0 + + +proc skeyDecoderKeyType*(ctx: var SkeyDecoderContext): cint {.inline.} = + if ctx.err == 0: + return cint ctx.keyType + else: + return 0 + + +proc skeyDecoderGetRsa*(ctx: var SkeyDecoderContext): ptr RsaPrivateKey {.inline.} = + if ctx.err == 0 and ctx.keyType == KEYTYPE_RSA: + return addr(ctx.key.rsa) + else: + return nil + + +proc skeyDecoderGetEc*(ctx: var SkeyDecoderContext): ptr EcPrivateKey {.inline.} = + if ctx.err == 0 and ctx.keyType == KEYTYPE_EC: + return addr(ctx.key.ec) + else: + return nil + + +proc encodeRsaRawDer*(dest: pointer; sk: ptr RsaPrivateKey; pk: ptr RsaPublicKey; + d: pointer; dlen: uint): uint {.importcFunc, + importc: "br_encode_rsa_raw_der", header: "bearssl_x509.h".} + +proc encodeRsaPkcs8Der*(dest: pointer; sk: ptr RsaPrivateKey; pk: ptr RsaPublicKey; + d: pointer; dlen: uint): uint {.importcFunc, + importc: "br_encode_rsa_pkcs8_der", header: "bearssl_x509.h".} + +proc encodeEcRawDer*(dest: pointer; sk: ptr EcPrivateKey; pk: ptr EcPublicKey): uint {. + importcFunc, importc: "br_encode_ec_raw_der", header: "bearssl_x509.h".} + +proc encodeEcPkcs8Der*(dest: pointer; sk: ptr EcPrivateKey; pk: ptr EcPublicKey): uint {. + importcFunc, importc: "br_encode_ec_pkcs8_der", header: "bearssl_x509.h".} + +const + ENCODE_PEM_RSA_RAW* = "RSA PRIVATE KEY" + + +const + ENCODE_PEM_EC_RAW* = "EC PRIVATE KEY" + + +const + ENCODE_PEM_PKCS8* = "PRIVATE KEY" diff --git a/bearssl/abi/brssl.nim b/bearssl/abi/brssl.nim new file mode 100644 index 0000000..0cf3dca --- /dev/null +++ b/bearssl/abi/brssl.nim @@ -0,0 +1,24 @@ +import + "."/[csources, bearssl_x509] + +{.pragma: importcFunc, cdecl, gcsafe, noSideEffect, raises: [].} +{.pragma: headerFunc, importcFunc, header: "brssl.h".} +{.used.} + +const + bearToolsPath = bearPath / "tools" + + +{.compile: bearToolsPath / "vector.c".} +{.compile: bearToolsPath / "xmem.c".} +{.compile: bearToolsPath / "names.c".} +{.compile: bearToolsPath / "certs.c".} +{.compile: bearToolsPath / "files.c".} + +type + X509NoAnchorContext* {.importc: "x509_noanchor_context", + header: "brssl.h", bycopy.} = object + vtable* {.importc: "vtable".}: ptr X509Class + +proc initNoAnchor*(xwc: var X509NoAnchorContext, inner: ptr ptr X509Class) {. + importcFunc, importc: "x509_noanchor_init", header: "brssl.h".} diff --git a/bearssl/abi/cacert.nim b/bearssl/abi/cacert.nim new file mode 100644 index 0000000..f63ad63 --- /dev/null +++ b/bearssl/abi/cacert.nim @@ -0,0 +1,25 @@ +## Nim-BearSSL +## Copyright (c) 2018-2021 Status Research & Development GmbH +## Licensed under either of +## * Apache License, version 2.0, ([LICENSE-APACHE](LICENSE-APACHE)) +## * MIT license ([LICENSE-MIT](LICENSE-MIT)) +## at your option. +## This file may not be copied, modified, or distributed except according to +## those terms. + +## This module provides access to Mozilla's CA certificate store in PEM format. +## This certificate store was downloaded from +## https://curl.haxx.se/ca/cacert.pem +## And converted to C header using ``brssl ta cacert.pem > cacert.h``. +from ./bearssl_x509 import X509TrustAnchor +from os import parentDir, `/` + +const + currentSourceDir* = currentSourcePath.parentDir + +{.passc: "-I" & currentSourceDir.parentDir / "certs".} + +var MozillaTrustAnchors* {. + importc: "TAs", header: "cacert20210119.h".}: array[129, X509TrustAnchor] +var MozillaTrustAnchorsCount* {. + importc: "TAs_NUM", header: "cacert20210119.h".}: cint diff --git a/bearssl/abi/config.nim b/bearssl/abi/config.nim new file mode 100644 index 0000000..830fde9 --- /dev/null +++ b/bearssl/abi/config.nim @@ -0,0 +1,21 @@ +import + "."/[csources] + +{.pragma: importcFunc, cdecl, gcsafe, noSideEffect, raises: [].} +{.pragma: headerFunc, importcFunc, header: "bearssl.h".} +{.used.} + +const + bearRootPath = bearSrcPath + +{.compile: bearRootPath / "settings.c".} + +type + ConfigOption* {.importc: "br_config_option", header: "bearssl.h", bycopy.} = object + name* {.importc: "name".}: cstring + value* {.importc: "value".}: clong + +# TODO: missing `extern "C"` in bearssl.h means this function cannot +# be used from C++ +proc getConfig*(): ptr ConfigOption {.importcFunc, importc: "br_get_config", + headerFunc.} diff --git a/bearssl/abi/csources.nim b/bearssl/abi/csources.nim new file mode 100644 index 0000000..4f66312 --- /dev/null +++ b/bearssl/abi/csources.nim @@ -0,0 +1,63 @@ +## Nim-BearSSL +## Copyright (c) 2018-2022 Status Research & Development GmbH +## Licensed under either of +## * Apache License, version 2.0, ([LICENSE-APACHE](LICENSE-APACHE)) +## * MIT license ([LICENSE-MIT](LICENSE-MIT)) +## at your option. +## This file may not be copied, modified, or distributed except according to +## those terms. + +import + os + +export os + +# For each bearssl header file, we create one nim module that compilers the +# C file related to that module. Some C "modules" have dependencies - the Nim +# modules make sure to import these dependencies so that the correct C source +# files get compiled transitively. +# +# Most of the header-like content was generated with c2nim, then hand-edited. +# +# For historical reasons, some functions and types are exposed with a "Br" +# prefix - these have been marked deprecated. +# +# Some functions take a length as input - in bearssl, `csize_t` is used for this +# purpose - wrappers do the same + +static: doAssert sizeof(csize_t) == sizeof(int) + +const + bearPath* = currentSourcePath.parentDir.parentDir / "csources" + bearIncPath* = bearPath / "inc" + bearSrcPath* = bearPath / "src" + bearToolsPath* = bearPath / "tools" + +# TODO https://github.com/nim-lang/Nim/issues/19864 + +{.passc: "-I" & quoteShell(bearSrcPath)} +{.passc: "-I" & quoteShell(bearIncPath)} +{.passc: "-I" & quoteShell(bearToolsPath)} + +when defined(windows): + {.passc: "-DBR_USE_WIN32_TIME=1".} + {.passc: "-DBR_USE_WIN32_RAND=1".} +else: + {.passc: "-DBR_USE_UNIX_TIME=1".} + {.passc: "-DBR_USE_URANDOM=1".} + +when defined(i386) or defined(amd64) or defined(arm64): + {.passc: "-DBR_LE_UNALIGNED=1".} +elif defined(powerpc) or defined(powerpc64): + {.passc: "-DBR_BE_UNALIGNED=1".} +elif defined(powerpc64el): + {.passc: "-DBR_LE_UNALIGNED=1".} + +when sizeof(int) == 8: + {.passc: "-DBR_64=1".} + when hostCPU == "amd64": + {.passc:" -DBR_amd64=1".} + when defined(vcc): + {.passc: "-DBR_UMUL128=1".} + else: + {.passc: "-DBR_INT128=1".} diff --git a/bearssl/abi/inner.nim b/bearssl/abi/inner.nim new file mode 100644 index 0000000..d3f16d1 --- /dev/null +++ b/bearssl/abi/inner.nim @@ -0,0 +1,21 @@ +import + "."/[csources] + +{.used.} + +const + bearCodecPath = bearSrcPath & "/" & "codec" & "/" + +{.compile: bearCodecPath / "ccopy.c".} +{.compile: bearCodecPath / "dec16be.c".} +{.compile: bearCodecPath / "dec16le.c".} +{.compile: bearCodecPath / "dec32be.c".} +{.compile: bearCodecPath / "dec32le.c".} +{.compile: bearCodecPath / "dec64be.c".} +{.compile: bearCodecPath / "dec64le.c".} +{.compile: bearCodecPath / "enc16be.c".} +{.compile: bearCodecPath / "enc16le.c".} +{.compile: bearCodecPath / "enc32be.c".} +{.compile: bearCodecPath / "enc32le.c".} +{.compile: bearCodecPath / "enc64be.c".} +{.compile: bearCodecPath / "enc64le.c".} diff --git a/bearssl/abi/intx.nim b/bearssl/abi/intx.nim new file mode 100644 index 0000000..24f8baf --- /dev/null +++ b/bearssl/abi/intx.nim @@ -0,0 +1,64 @@ +import + "."/[csources] + +{.used.} + +const + bearIntPath = bearSrcPath / "int" + +{.compile: bearIntPath / "i15_add.c".} +{.compile: bearIntPath / "i15_bitlen.c".} +{.compile: bearIntPath / "i15_decmod.c".} +{.compile: bearIntPath / "i15_decode.c".} +{.compile: bearIntPath / "i15_decred.c".} +{.compile: bearIntPath / "i15_encode.c".} +{.compile: bearIntPath / "i15_fmont.c".} +{.compile: bearIntPath / "i15_iszero.c".} +{.compile: bearIntPath / "i15_moddiv.c".} +{.compile: bearIntPath / "i15_modpow.c".} +{.compile: bearIntPath / "i15_modpow2.c".} +{.compile: bearIntPath / "i15_montmul.c".} +{.compile: bearIntPath / "i15_mulacc.c".} +{.compile: bearIntPath / "i15_muladd.c".} +{.compile: bearIntPath / "i15_ninv15.c".} +{.compile: bearIntPath / "i15_reduce.c".} +{.compile: bearIntPath / "i15_rshift.c".} +{.compile: bearIntPath / "i15_sub.c".} +{.compile: bearIntPath / "i15_tmont.c".} +{.compile: bearIntPath / "i31_add.c".} +{.compile: bearIntPath / "i31_bitlen.c".} +{.compile: bearIntPath / "i31_decmod.c".} +{.compile: bearIntPath / "i31_decode.c".} +{.compile: bearIntPath / "i31_decred.c".} +{.compile: bearIntPath / "i31_encode.c".} +{.compile: bearIntPath / "i31_fmont.c".} +{.compile: bearIntPath / "i31_iszero.c".} +{.compile: bearIntPath / "i31_moddiv.c".} +{.compile: bearIntPath / "i31_modpow.c".} +{.compile: bearIntPath / "i31_modpow2.c".} +{.compile: bearIntPath / "i31_montmul.c".} +{.compile: bearIntPath / "i31_mulacc.c".} +{.compile: bearIntPath / "i31_muladd.c".} +{.compile: bearIntPath / "i31_ninv31.c".} +{.compile: bearIntPath / "i31_reduce.c".} +{.compile: bearIntPath / "i31_rshift.c".} +{.compile: bearIntPath / "i31_sub.c".} +{.compile: bearIntPath / "i31_tmont.c".} +{.compile: bearIntPath / "i32_add.c".} +{.compile: bearIntPath / "i32_bitlen.c".} +{.compile: bearIntPath / "i32_decmod.c".} +{.compile: bearIntPath / "i32_decode.c".} +{.compile: bearIntPath / "i32_decred.c".} +{.compile: bearIntPath / "i32_div32.c".} +{.compile: bearIntPath / "i32_encode.c".} +{.compile: bearIntPath / "i32_fmont.c".} +{.compile: bearIntPath / "i32_iszero.c".} +{.compile: bearIntPath / "i32_modpow.c".} +{.compile: bearIntPath / "i32_montmul.c".} +{.compile: bearIntPath / "i32_mulacc.c".} +{.compile: bearIntPath / "i32_muladd.c".} +{.compile: bearIntPath / "i32_ninv32.c".} +{.compile: bearIntPath / "i32_reduce.c".} +{.compile: bearIntPath / "i32_sub.c".} +{.compile: bearIntPath / "i32_tmont.c".} +{.compile: bearIntPath / "i62_modpow2.c".} diff --git a/bearssl/aead.nim b/bearssl/aead.nim new file mode 100644 index 0000000..5438fa8 --- /dev/null +++ b/bearssl/aead.nim @@ -0,0 +1,4 @@ +import + ./abi/bearssl_aead + +export bearssl_aead diff --git a/bearssl/blockx.nim b/bearssl/blockx.nim new file mode 100644 index 0000000..17924ab --- /dev/null +++ b/bearssl/blockx.nim @@ -0,0 +1,4 @@ +import + ./abi/bearssl_block + +export bearssl_block diff --git a/bearssl/brssl.nim b/bearssl/brssl.nim new file mode 100644 index 0000000..b89aa78 --- /dev/null +++ b/bearssl/brssl.nim @@ -0,0 +1,4 @@ +import + ./abi/brssl + +export brssl diff --git a/bearssl/decls.nim b/bearssl/decls.nim index 205a655..bad6f4a 100644 --- a/bearssl/decls.nim +++ b/bearssl/decls.nim @@ -6,377 +6,24 @@ ## at your option. ## This file may not be copied, modified, or distributed except according to ## those terms. -## This module implements interface with BearSSL library sources. -import strutils -from os import quoteShell, DirSep, AltSep +## +## This module reexports the whole raw beassl C api, as found in the api/ +## directory as well as some legacy helpers. It should not be used in new +## projects (either import `bearssl` or individual abi modules) -const - bearPath = currentSourcePath.rsplit({DirSep, AltSep}, 1)[0] & "/" & - "csources" & "/" +import + "."/[aead, blockx, ec, hash, hmac, kdf, pem, prf, rand, rsa, ssl, x509], + ./abi/[brssl, config] - bearSrcPath = bearPath & "src" - bearIncPath = bearPath & "inc" - bearIntPath = bearSrcPath & "/" & "int" & "/" - bearCodecPath = bearSrcPath & "/" & "codec" & "/" - bearRandPath = bearSrcPath & "/" & "rand" & "/" - bearRsaPath = bearSrcPath & "/" & "rsa" & "/" - bearEcPath = bearSrcPath & "/" & "ec" & "/" - bearX509Path = bearSrcPath & "/" & "x509" & "/" - bearSslPath = bearSrcPath & "/" & "ssl" & "/" - bearMacPath = bearSrcPath & "/" & "mac" & "/" - bearKdfPath = bearSrcPath & "/" & "kdf" & "/" - bearHashPath = bearSrcPath & "/" & "hash" & "/" - bearSymcPath = bearSrcPath & "/" & "symcipher" & "/" - bearAeadPath = bearSrcPath & "/" & "aead" & "/" - bearToolsPath = bearPath & "tools" & "/" - bearRootPath = bearSrcPath & "/" - -{.passc: "-I" & quoteShell(bearSrcPath)} -{.passc: "-I" & quoteShell(bearIncPath)} -{.passc: "-I" & quoteShell(bearPath & "tools")} - -when defined(windows): - {.passc: "-DBR_USE_WIN32_TIME=1".} - {.passc: "-DBR_USE_WIN32_RAND=1".} -else: - {.passc: "-DBR_USE_UNIX_TIME=1".} - {.passc: "-DBR_USE_URANDOM=1".} - -when defined(i386) or defined(amd64) or defined(arm64): - {.passc: "-DBR_LE_UNALIGNED=1".} -elif defined(powerpc) or defined(powerpc64): - {.passc: "-DBR_BE_UNALIGNED=1".} -elif defined(powerpc64el): - {.passc: "-DBR_LE_UNALIGNED=1".} - -when sizeof(int) == 8: - {.passc: "-DBR_64=1".} - when hostCPU == "amd64": - {.passc:" -DBR_amd64=1".} - when defined(vcc): - {.passc: "-DBR_UMUL128=1".} - else: - {.passc: "-DBR_INT128=1".} - -{.compile: bearCodecPath & "ccopy.c".} -{.compile: bearCodecPath & "dec16be.c".} -{.compile: bearCodecPath & "dec16le.c".} -{.compile: bearCodecPath & "dec32be.c".} -{.compile: bearCodecPath & "dec32le.c".} -{.compile: bearCodecPath & "dec64be.c".} -{.compile: bearCodecPath & "dec64le.c".} -{.compile: bearCodecPath & "enc16be.c".} -{.compile: bearCodecPath & "enc16le.c".} -{.compile: bearCodecPath & "enc32be.c".} -{.compile: bearCodecPath & "enc32le.c".} -{.compile: bearCodecPath & "enc64be.c".} -{.compile: bearCodecPath & "enc64le.c".} -{.compile: bearCodecPath & "pemdec.c".} -{.compile: bearCodecPath & "pemenc.c".} - -{.compile: bearEcPath & "ecdsa_atr.c".} -{.compile: bearEcPath & "ecdsa_default_sign_asn1.c".} -{.compile: bearEcPath & "ecdsa_default_sign_raw.c".} -{.compile: bearEcPath & "ecdsa_default_vrfy_asn1.c".} -{.compile: bearEcPath & "ecdsa_default_vrfy_raw.c".} -{.compile: bearEcPath & "ecdsa_i15_bits.c".} -{.compile: bearEcPath & "ecdsa_i15_sign_asn1.c".} -{.compile: bearEcPath & "ecdsa_i15_sign_raw.c".} -{.compile: bearEcPath & "ecdsa_i15_vrfy_asn1.c".} -{.compile: bearEcPath & "ecdsa_i15_vrfy_raw.c".} -{.compile: bearEcPath & "ecdsa_i31_bits.c".} -{.compile: bearEcPath & "ecdsa_i31_sign_asn1.c".} -{.compile: bearEcPath & "ecdsa_i31_sign_raw.c".} -{.compile: bearEcPath & "ecdsa_i31_vrfy_asn1.c".} -{.compile: bearEcPath & "ecdsa_i31_vrfy_raw.c".} -{.compile: bearEcPath & "ecdsa_rta.c".} -{.compile: bearEcPath & "ec_all_m15.c".} -{.compile: bearEcPath & "ec_all_m31.c".} -{.compile: bearEcPath & "ec_c25519_i15.c".} -{.compile: bearEcPath & "ec_c25519_i31.c".} -{.compile: bearEcPath & "ec_c25519_m15.c".} -{.compile: bearEcPath & "ec_c25519_m31.c".} -{.compile: bearEcPath & "ec_c25519_m62.c".} -{.compile: bearEcPath & "ec_c25519_m64.c".} -{.compile: bearEcPath & "ec_curve25519.c".} -{.compile: bearEcPath & "ec_default.c".} -{.compile: bearEcPath & "ec_keygen.c".} -{.compile: bearEcPath & "ec_p256_m15.c".} -{.compile: bearEcPath & "ec_p256_m31.c".} -{.compile: bearEcPath & "ec_p256_m62.c".} -{.compile: bearEcPath & "ec_p256_m64.c".} -{.compile: bearEcPath & "ec_prime_i15.c".} -{.compile: bearEcPath & "ec_prime_i31.c".} -{.compile: bearEcPath & "ec_pubkey.c".} -{.compile: bearEcPath & "ec_secp256r1.c".} -{.compile: bearEcPath & "ec_secp384r1.c".} -{.compile: bearEcPath & "ec_secp521r1.c".} - -{.compile: bearHashPath & "dig_oid.c".} -{.compile: bearHashPath & "dig_size.c".} -{.compile: bearHashPath & "ghash_ctmul.c".} -{.compile: bearHashPath & "ghash_ctmul32.c".} -{.compile: bearHashPath & "ghash_ctmul64.c".} -{.compile: bearHashPath & "ghash_pclmul.c".} -{.compile: bearHashPath & "ghash_pwr8.c".} -{.compile: bearHashPath & "md5.c".} -{.compile: bearHashPath & "md5sha1.c".} -{.compile: bearHashPath & "mgf1.c".} -{.compile: bearHashPath & "multihash.c".} -{.compile: bearHashPath & "sha1.c".} -{.compile: bearHashPath & "sha2big.c".} -{.compile: bearHashPath & "sha2small.c".} - -{.compile: bearIntPath & "i15_add.c".} -{.compile: bearIntPath & "i15_bitlen.c".} -{.compile: bearIntPath & "i15_decmod.c".} -{.compile: bearIntPath & "i15_decode.c".} -{.compile: bearIntPath & "i15_decred.c".} -{.compile: bearIntPath & "i15_encode.c".} -{.compile: bearIntPath & "i15_fmont.c".} -{.compile: bearIntPath & "i15_iszero.c".} -{.compile: bearIntPath & "i15_moddiv.c".} -{.compile: bearIntPath & "i15_modpow.c".} -{.compile: bearIntPath & "i15_modpow2.c".} -{.compile: bearIntPath & "i15_montmul.c".} -{.compile: bearIntPath & "i15_mulacc.c".} -{.compile: bearIntPath & "i15_muladd.c".} -{.compile: bearIntPath & "i15_ninv15.c".} -{.compile: bearIntPath & "i15_reduce.c".} -{.compile: bearIntPath & "i15_rshift.c".} -{.compile: bearIntPath & "i15_sub.c".} -{.compile: bearIntPath & "i15_tmont.c".} -{.compile: bearIntPath & "i31_add.c".} -{.compile: bearIntPath & "i31_bitlen.c".} -{.compile: bearIntPath & "i31_decmod.c".} -{.compile: bearIntPath & "i31_decode.c".} -{.compile: bearIntPath & "i31_decred.c".} -{.compile: bearIntPath & "i31_encode.c".} -{.compile: bearIntPath & "i31_fmont.c".} -{.compile: bearIntPath & "i31_iszero.c".} -{.compile: bearIntPath & "i31_moddiv.c".} -{.compile: bearIntPath & "i31_modpow.c".} -{.compile: bearIntPath & "i31_modpow2.c".} -{.compile: bearIntPath & "i31_montmul.c".} -{.compile: bearIntPath & "i31_mulacc.c".} -{.compile: bearIntPath & "i31_muladd.c".} -{.compile: bearIntPath & "i31_ninv31.c".} -{.compile: bearIntPath & "i31_reduce.c".} -{.compile: bearIntPath & "i31_rshift.c".} -{.compile: bearIntPath & "i31_sub.c".} -{.compile: bearIntPath & "i31_tmont.c".} -{.compile: bearIntPath & "i32_add.c".} -{.compile: bearIntPath & "i32_bitlen.c".} -{.compile: bearIntPath & "i32_decmod.c".} -{.compile: bearIntPath & "i32_decode.c".} -{.compile: bearIntPath & "i32_decred.c".} -{.compile: bearIntPath & "i32_div32.c".} -{.compile: bearIntPath & "i32_encode.c".} -{.compile: bearIntPath & "i32_fmont.c".} -{.compile: bearIntPath & "i32_iszero.c".} -{.compile: bearIntPath & "i32_modpow.c".} -{.compile: bearIntPath & "i32_montmul.c".} -{.compile: bearIntPath & "i32_mulacc.c".} -{.compile: bearIntPath & "i32_muladd.c".} -{.compile: bearIntPath & "i32_ninv32.c".} -{.compile: bearIntPath & "i32_reduce.c".} -{.compile: bearIntPath & "i32_sub.c".} -{.compile: bearIntPath & "i32_tmont.c".} -{.compile: bearIntPath & "i62_modpow2.c".} - -{.compile: bearKdfPath & "hkdf.c".} -{.compile: bearKdfPath & "shake.c".} - -{.compile: bearMacPath & "hmac.c".} -{.compile: bearMacPath & "hmac_ct.c".} - -{.compile: bearRandPath & "aesctr_drbg.c".} -{.compile: bearRandPath & "hmac_drbg.c".} -{.compile: bearRandPath & "sysrng.c".} - -{.compile: bearRsaPath & "rsa_default_keygen.c".} -{.compile: bearRsaPath & "rsa_default_modulus.c".} -{.compile: bearRsaPath & "rsa_default_oaep_decrypt.c".} -{.compile: bearRsaPath & "rsa_default_oaep_encrypt.c".} -{.compile: bearRsaPath & "rsa_default_pkcs1_sign.c".} -{.compile: bearRsaPath & "rsa_default_pkcs1_vrfy.c".} -{.compile: bearRsaPath & "rsa_default_priv.c".} -{.compile: bearRsaPath & "rsa_default_privexp.c".} -{.compile: bearRsaPath & "rsa_default_pss_sign.c".} -{.compile: bearRsaPath & "rsa_default_pss_vrfy.c".} -{.compile: bearRsaPath & "rsa_default_pub.c".} -{.compile: bearRsaPath & "rsa_default_pubexp.c".} -{.compile: bearRsaPath & "rsa_i15_keygen.c".} -{.compile: bearRsaPath & "rsa_i15_modulus.c".} -{.compile: bearRsaPath & "rsa_i15_oaep_decrypt.c".} -{.compile: bearRsaPath & "rsa_i15_oaep_encrypt.c".} -{.compile: bearRsaPath & "rsa_i15_pkcs1_sign.c".} -{.compile: bearRsaPath & "rsa_i15_pkcs1_vrfy.c".} -{.compile: bearRsaPath & "rsa_i15_priv.c".} -{.compile: bearRsaPath & "rsa_i15_privexp.c".} -{.compile: bearRsaPath & "rsa_i15_pss_sign.c".} -{.compile: bearRsaPath & "rsa_i15_pss_vrfy.c".} -{.compile: bearRsaPath & "rsa_i15_pub.c".} -{.compile: bearRsaPath & "rsa_i15_pubexp.c".} -{.compile: bearRsaPath & "rsa_i31_keygen.c".} -{.compile: bearRsaPath & "rsa_i31_keygen_inner.c".} -{.compile: bearRsaPath & "rsa_i31_modulus.c".} -{.compile: bearRsaPath & "rsa_i31_oaep_decrypt.c".} -{.compile: bearRsaPath & "rsa_i31_oaep_encrypt.c".} -{.compile: bearRsaPath & "rsa_i31_pkcs1_sign.c".} -{.compile: bearRsaPath & "rsa_i31_pkcs1_vrfy.c".} -{.compile: bearRsaPath & "rsa_i31_priv.c".} -{.compile: bearRsaPath & "rsa_i31_privexp.c".} -{.compile: bearRsaPath & "rsa_i31_pss_sign.c".} -{.compile: bearRsaPath & "rsa_i31_pss_vrfy.c".} -{.compile: bearRsaPath & "rsa_i31_pub.c".} -{.compile: bearRsaPath & "rsa_i31_pubexp.c".} -{.compile: bearRsaPath & "rsa_i32_oaep_decrypt.c".} -{.compile: bearRsaPath & "rsa_i32_oaep_encrypt.c".} -{.compile: bearRsaPath & "rsa_i32_pkcs1_sign.c".} -{.compile: bearRsaPath & "rsa_i32_pkcs1_vrfy.c".} -{.compile: bearRsaPath & "rsa_i32_priv.c".} -{.compile: bearRsaPath & "rsa_i32_pss_sign.c".} -{.compile: bearRsaPath & "rsa_i32_pss_vrfy.c".} -{.compile: bearRsaPath & "rsa_i32_pub.c".} -{.compile: bearRsaPath & "rsa_i62_keygen.c".} -{.compile: bearRsaPath & "rsa_i62_oaep_decrypt.c".} -{.compile: bearRsaPath & "rsa_i62_oaep_encrypt.c".} -{.compile: bearRsaPath & "rsa_i62_pkcs1_sign.c".} -{.compile: bearRsaPath & "rsa_i62_pkcs1_vrfy.c".} -{.compile: bearRsaPath & "rsa_i62_priv.c".} -{.compile: bearRsaPath & "rsa_i62_pss_sign.c".} -{.compile: bearRsaPath & "rsa_i62_pss_vrfy.c".} -{.compile: bearRsaPath & "rsa_i62_pub.c".} -{.compile: bearRsaPath & "rsa_oaep_pad.c".} -{.compile: bearRsaPath & "rsa_oaep_unpad.c".} -{.compile: bearRsaPath & "rsa_pkcs1_sig_pad.c".} -{.compile: bearRsaPath & "rsa_pkcs1_sig_unpad.c".} -{.compile: bearRsaPath & "rsa_pss_sig_pad.c".} -{.compile: bearRsaPath & "rsa_pss_sig_unpad.c".} -{.compile: bearRsaPath & "rsa_ssl_decrypt.c".} - -{.compile: bearSslPath & "prf.c".} -{.compile: bearSslPath & "prf_md5sha1.c".} -{.compile: bearSslPath & "prf_sha256.c".} -{.compile: bearSslPath & "prf_sha384.c".} -{.compile: bearSslPath & "ssl_ccert_single_ec.c".} -{.compile: bearSslPath & "ssl_ccert_single_rsa.c".} -{.compile: bearSslPath & "ssl_client.c".} -{.compile: bearSslPath & "ssl_client_default_rsapub.c".} -{.compile: bearSslPath & "ssl_client_full.c".} -{.compile: bearSslPath & "ssl_engine.c".} -{.compile: bearSslPath & "ssl_engine_default_aescbc.c".} -{.compile: bearSslPath & "ssl_engine_default_aesccm.c".} -{.compile: bearSslPath & "ssl_engine_default_aesgcm.c".} -{.compile: bearSslPath & "ssl_engine_default_chapol.c".} -{.compile: bearSslPath & "ssl_engine_default_descbc.c".} -{.compile: bearSslPath & "ssl_engine_default_ec.c".} -{.compile: bearSslPath & "ssl_engine_default_ecdsa.c".} -{.compile: bearSslPath & "ssl_engine_default_rsavrfy.c".} -{.compile: bearSslPath & "ssl_hashes.c".} -{.compile: bearSslPath & "ssl_hs_client.c".} -{.compile: bearSslPath & "ssl_hs_server.c".} -{.compile: bearSslPath & "ssl_io.c".} -{.compile: bearSslPath & "ssl_keyexport.c".} -{.compile: bearSslPath & "ssl_lru.c".} -{.compile: bearSslPath & "ssl_rec_cbc.c".} -{.compile: bearSslPath & "ssl_rec_ccm.c".} -{.compile: bearSslPath & "ssl_rec_chapol.c".} -{.compile: bearSslPath & "ssl_rec_gcm.c".} -{.compile: bearSslPath & "ssl_scert_single_ec.c".} -{.compile: bearSslPath & "ssl_scert_single_rsa.c".} -{.compile: bearSslPath & "ssl_server.c".} -{.compile: bearSslPath & "ssl_server_full_ec.c".} -{.compile: bearSslPath & "ssl_server_full_rsa.c".} -{.compile: bearSslPath & "ssl_server_mine2c.c".} -{.compile: bearSslPath & "ssl_server_mine2g.c".} -{.compile: bearSslPath & "ssl_server_minf2c.c".} -{.compile: bearSslPath & "ssl_server_minf2g.c".} -{.compile: bearSslPath & "ssl_server_minr2g.c".} -{.compile: bearSslPath & "ssl_server_minu2g.c".} -{.compile: bearSslPath & "ssl_server_minv2g.c".} - -{.compile: bearSymcPath & "aes_big_cbcdec.c".} -{.compile: bearSymcPath & "aes_big_cbcenc.c".} -{.compile: bearSymcPath & "aes_big_ctr.c".} -{.compile: bearSymcPath & "aes_big_ctrcbc.c".} -{.compile: bearSymcPath & "aes_big_dec.c".} -{.compile: bearSymcPath & "aes_big_enc.c".} -{.compile: bearSymcPath & "aes_common.c".} -{.compile: bearSymcPath & "aes_ct.c".} -{.compile: bearSymcPath & "aes_ct64.c".} -{.compile: bearSymcPath & "aes_ct64_cbcdec.c".} -{.compile: bearSymcPath & "aes_ct64_cbcenc.c".} -{.compile: bearSymcPath & "aes_ct64_ctr.c".} -{.compile: bearSymcPath & "aes_ct64_ctrcbc.c".} -{.compile: bearSymcPath & "aes_ct64_dec.c".} -{.compile: bearSymcPath & "aes_ct64_enc.c".} -{.compile: bearSymcPath & "aes_ct_cbcdec.c".} -{.compile: bearSymcPath & "aes_ct_cbcenc.c".} -{.compile: bearSymcPath & "aes_ct_ctr.c".} -{.compile: bearSymcPath & "aes_ct_ctrcbc.c".} -{.compile: bearSymcPath & "aes_ct_dec.c".} -{.compile: bearSymcPath & "aes_ct_enc.c".} -{.compile: bearSymcPath & "aes_pwr8.c".} -{.compile: bearSymcPath & "aes_pwr8_cbcdec.c".} -{.compile: bearSymcPath & "aes_pwr8_cbcenc.c".} -{.compile: bearSymcPath & "aes_pwr8_ctr.c".} -{.compile: bearSymcPath & "aes_pwr8_ctrcbc.c".} -{.compile: bearSymcPath & "aes_small_cbcdec.c".} -{.compile: bearSymcPath & "aes_small_cbcenc.c".} -{.compile: bearSymcPath & "aes_small_ctr.c".} -{.compile: bearSymcPath & "aes_small_ctrcbc.c".} -{.compile: bearSymcPath & "aes_small_dec.c".} -{.compile: bearSymcPath & "aes_small_enc.c".} -{.compile: bearSymcPath & "aes_x86ni.c".} -{.compile: bearSymcPath & "aes_x86ni_cbcdec.c".} -{.compile: bearSymcPath & "aes_x86ni_cbcenc.c".} -{.compile: bearSymcPath & "aes_x86ni_ctr.c".} -{.compile: bearSymcPath & "aes_x86ni_ctrcbc.c".} -{.compile: bearSymcPath & "chacha20_ct.c".} -{.compile: bearSymcPath & "chacha20_sse2.c".} -{.compile: bearSymcPath & "des_ct.c".} -{.compile: bearSymcPath & "des_ct_cbcdec.c".} -{.compile: bearSymcPath & "des_ct_cbcenc.c".} -{.compile: bearSymcPath & "des_support.c".} -{.compile: bearSymcPath & "des_tab.c".} -{.compile: bearSymcPath & "des_tab_cbcdec.c".} -{.compile: bearSymcPath & "des_tab_cbcenc.c".} -{.compile: bearSymcPath & "poly1305_ctmul.c".} -{.compile: bearSymcPath & "poly1305_ctmul32.c".} -{.compile: bearSymcPath & "poly1305_ctmulq.c".} -{.compile: bearSymcPath & "poly1305_i15.c".} - -{.compile: bearAeadPath & "ccm.c".} -{.compile: bearAeadPath & "eax.c".} -{.compile: bearAeadPath & "gcm.c".} - -{.compile: bearX509Path & "asn1enc.c".} -{.compile: bearX509Path & "encode_ec_pk8der.c".} -{.compile: bearX509Path & "encode_ec_rawder.c".} -{.compile: bearX509Path & "encode_rsa_pk8der.c".} -{.compile: bearX509Path & "encode_rsa_rawder.c".} -{.compile: bearX509Path & "skey_decoder.c".} -{.compile: bearX509Path & "x509_decoder.c".} -{.compile: bearX509Path & "x509_knownkey.c".} -{.compile: bearX509Path & "x509_minimal.c".} -{.compile: bearX509Path & "x509_minimal_full.c".} - -{.compile: bearRootPath & "settings.c".} - -# This modules must be reimplemented using Nim, because it can be changed -# freely. -{.compile: bearToolsPath & "xmem.c".} -{.compile: bearToolsPath & "vector.c".} -{.compile: bearToolsPath & "names.c".} -{.compile: bearToolsPath & "certs.c".} -{.compile: bearToolsPath & "files.c".} +# The bearssl wrappers over time started using different styles for `Br` prefixes, +# `uint` vs `int`, `ptr` vs `var`, etc - the new split modules offer a +# consistent set of exports as well as new convenience functions that should be +# used instead - this whole module is deprecated {.pragma: bearSslFunc, cdecl, gcsafe, noSideEffect, raises: [].} type - HashClass* {.importc: "br_hash_class", header: "bearssl_hash.h", bycopy.} = object + HashClass* {.importc: "br_hash_class", header: "bearssl_hash.h", bycopy, deprecated.} = object contextSize* {.importc: "context_size".}: int desc* {.importc: "desc".}: uint32 init* {.importc: "init".}: proc (ctx: ptr ptr HashClass) {.bearSslFunc.} @@ -428,7 +75,7 @@ const var md5Vtable* {.importc: "br_md5_vtable", header: "bearssl_hash.h".}: HashClass type - Md5Context* {.importc: "br_md5_context", header: "bearssl_hash.h", bycopy.} = object + Md5Context* {.importc: "br_md5_context", header: "bearssl_hash.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr HashClass buf* {.importc: "buf".}: array[64, cuchar] count* {.importc: "count".}: uint64 @@ -436,19 +83,19 @@ type proc md5Init*(ctx: ptr Md5Context) {. - bearSslFunc, importc: "br_md5_init", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_md5_init", header: "bearssl_hash.h".} proc md5Update*(ctx: ptr Md5Context; data: pointer; len: int) {. - bearSslFunc, importc: "br_md5_update", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_md5_update", header: "bearssl_hash.h".} proc md5Out*(ctx: ptr Md5Context; `out`: pointer) {. - bearSslFunc, importc: "br_md5_out", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_md5_out", header: "bearssl_hash.h".} proc md5State*(ctx: ptr Md5Context; `out`: pointer): uint64 {. - bearSslFunc, importc: "br_md5_state", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_md5_state", header: "bearssl_hash.h".} proc md5SetState*(ctx: ptr Md5Context; stb: pointer; count: uint64) {. - bearSslFunc, importc: "br_md5_set_state", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_md5_set_state", header: "bearssl_hash.h".} const sha1ID* = 2 @@ -459,7 +106,7 @@ const var sha1Vtable* {.importc: "br_sha1_vtable", header: "bearssl_hash.h".}: HashClass type - Sha1Context* {.importc: "br_sha1_context", header: "bearssl_hash.h", bycopy.} = object + Sha1Context* {.importc: "br_sha1_context", header: "bearssl_hash.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr HashClass buf* {.importc: "buf".}: array[64, cuchar] count* {.importc: "count".}: uint64 @@ -467,19 +114,19 @@ type proc sha1Init*(ctx: ptr Sha1Context) {. - bearSslFunc, importc: "br_sha1_init", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_sha1_init", header: "bearssl_hash.h".} proc sha1Update*(ctx: ptr Sha1Context; data: pointer; len: int) {. - bearSslFunc, importc: "br_sha1_update", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_sha1_update", header: "bearssl_hash.h".} proc sha1Out*(ctx: ptr Sha1Context; `out`: pointer) {. - bearSslFunc, importc: "br_sha1_out", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_sha1_out", header: "bearssl_hash.h".} proc sha1State*(ctx: ptr Sha1Context; `out`: pointer): uint64 {. - bearSslFunc, importc: "br_sha1_state", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_sha1_state", header: "bearssl_hash.h".} proc sha1SetState*(ctx: ptr Sha1Context; stb: pointer; count: uint64) {. - bearSslFunc, importc: "br_sha1_set_state", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_sha1_set_state", header: "bearssl_hash.h".} const sha224ID* = 3 @@ -491,7 +138,7 @@ var sha224Vtable* {.importc: "br_sha224_vtable", header: "bearssl_hash.h".}: Has type Sha256Context* = Sha224Context - Sha224Context* {.importc: "br_sha224_context", header: "bearssl_hash.h", bycopy.} = object + Sha224Context* {.importc: "br_sha224_context", header: "bearssl_hash.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr HashClass buf* {.importc: "buf".}: array[64, cuchar] count* {.importc: "count".}: uint64 @@ -499,19 +146,19 @@ type proc sha224Init*(ctx: ptr Sha224Context) {. - bearSslFunc, importc: "br_sha224_init", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_sha224_init", header: "bearssl_hash.h".} proc sha224Update*(ctx: ptr Sha224Context; data: pointer; len: int) {. - bearSslFunc, importc: "br_sha224_update", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_sha224_update", header: "bearssl_hash.h".} proc sha224Out*(ctx: ptr Sha224Context; `out`: pointer) {. - bearSslFunc, importc: "br_sha224_out", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_sha224_out", header: "bearssl_hash.h".} proc sha224State*(ctx: ptr Sha224Context; `out`: pointer): uint64 {. - bearSslFunc, importc: "br_sha224_state", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_sha224_state", header: "bearssl_hash.h".} proc sha224SetState*(ctx: ptr Sha224Context; stb: pointer; count: uint64) {. - bearSslFunc, importc: "br_sha224_set_state", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_sha224_set_state", header: "bearssl_hash.h".} const sha256ID* = 4 @@ -522,24 +169,17 @@ const var sha256Vtable* {.importc: "br_sha256_vtable", header: "bearssl_hash.h".}: HashClass proc sha256Init*(ctx: ptr Sha256Context) {. - bearSslFunc, importc: "br_sha256_init", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_sha256_init", header: "bearssl_hash.h".} proc sha256Out*(ctx: ptr Sha256Context; `out`: pointer) {. - bearSslFunc, importc: "br_sha256_out", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_sha256_out", header: "bearssl_hash.h".} when false: proc sha256State*(ctx: ptr Sha256Context; `out`: pointer): uint64 {. - bearSslFunc, importc: "br_sha256_state", header: "bearssl_hash.h".} -else: - const - sha256State* = sha224State - + bearSslFunc, deprecated, importc: "br_sha256_state", header: "bearssl_hash.h".} when false: proc sha256SetState*(ctx: ptr Sha256Context; stb: pointer; count: uint64) {. - bearSslFunc, importc: "br_sha256_set_state", header: "bearssl_hash.h".} -else: - const - sha256SetState* = sha224SetState + bearSslFunc, deprecated, importc: "br_sha256_set_state", header: "bearssl_hash.h".} const sha384ID* = 5 @@ -550,7 +190,7 @@ const var sha384Vtable* {.importc: "br_sha384_vtable", header: "bearssl_hash.h".}: HashClass type - Sha384Context* {.importc: "br_sha384_context", header: "bearssl_hash.h", bycopy.} = object + Sha384Context* {.importc: "br_sha384_context", header: "bearssl_hash.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr HashClass buf* {.importc: "buf".}: array[128, cuchar] count* {.importc: "count".}: uint64 @@ -558,19 +198,19 @@ type proc sha384Init*(ctx: ptr Sha384Context) {. - bearSslFunc, importc: "br_sha384_init", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_sha384_init", header: "bearssl_hash.h".} proc sha384Update*(ctx: ptr Sha384Context; data: pointer; len: int) {. - bearSslFunc, importc: "br_sha384_update", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_sha384_update", header: "bearssl_hash.h".} proc sha384Out*(ctx: ptr Sha384Context; `out`: pointer) {. - bearSslFunc, importc: "br_sha384_out", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_sha384_out", header: "bearssl_hash.h".} proc sha384State*(ctx: ptr Sha384Context; `out`: pointer): uint64 {. - bearSslFunc, importc: "br_sha384_state", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_sha384_state", header: "bearssl_hash.h".} proc sha384SetState*(ctx: ptr Sha384Context; stb: pointer; count: uint64) {. - bearSslFunc, importc: "br_sha384_set_state", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_sha384_set_state", header: "bearssl_hash.h".} const sha512ID* = 6 @@ -584,13 +224,10 @@ type Sha512Context* = Sha384Context proc sha512Init*(ctx: ptr Sha512Context) {. - bearSslFunc, importc: "br_sha512_init", header: "bearssl_hash.h".} - -const - sha512Update* = sha384Update + bearSslFunc, deprecated, importc: "br_sha512_init", header: "bearssl_hash.h".} proc sha512Out*(ctx: ptr Sha512Context; `out`: pointer) {. - bearSslFunc, importc: "br_sha512_out", header: "bearssl_hash.h".} + bearSslFunc, deprecated, importc: "br_sha512_out", header: "bearssl_hash.h".} const md5sha1ID* = 0 @@ -601,7 +238,7 @@ const var md5sha1Vtable* {.importc: "br_md5sha1_vtable", header: "bearssl_hash.h".}: HashClass type - Md5sha1Context* {.importc: "br_md5sha1_context", header: "bearssl_hash.h", bycopy.} = object + Md5sha1Context* {.importc: "br_md5sha1_context", header: "bearssl_hash.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr HashClass buf* {.importc: "buf".}: array[64, cuchar] count* {.importc: "count".}: uint64 @@ -609,24 +246,24 @@ type valSha1* {.importc: "val_sha1".}: array[5, uint32] -proc md5sha1Init*(ctx: ptr Md5sha1Context) {.bearSslFunc, importc: "br_md5sha1_init", +proc md5sha1Init*(ctx: ptr Md5sha1Context) {.bearSslFunc, deprecated, importc: "br_md5sha1_init", header: "bearssl_hash.h".} -proc md5sha1Update*(ctx: ptr Md5sha1Context; data: pointer; len: int) {.bearSslFunc, +proc md5sha1Update*(ctx: ptr Md5sha1Context; data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_md5sha1_update", header: "bearssl_hash.h".} -proc md5sha1Out*(ctx: ptr Md5sha1Context; `out`: pointer) {.bearSslFunc, +proc md5sha1Out*(ctx: ptr Md5sha1Context; `out`: pointer) {.bearSslFunc, deprecated, importc: "br_md5sha1_out", header: "bearssl_hash.h".} -proc md5sha1State*(ctx: ptr Md5sha1Context; `out`: pointer): uint64 {.bearSslFunc, +proc md5sha1State*(ctx: ptr Md5sha1Context; `out`: pointer): uint64 {.bearSslFunc, deprecated, importc: "br_md5sha1_state", header: "bearssl_hash.h".} -proc md5sha1SetState*(ctx: ptr Md5sha1Context; stb: pointer; count: uint64) {.bearSslFunc, +proc md5sha1SetState*(ctx: ptr Md5sha1Context; stb: pointer; count: uint64) {.bearSslFunc, deprecated, importc: "br_md5sha1_set_state", header: "bearssl_hash.h".} type HashCompatContext* {.importc: "br_hash_compat_context", header: "bearssl_hash.h", - union, bycopy.} = object + union, bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr HashClass md5* {.importc: "md5".}: Md5Context sha1* {.importc: "sha1".}: Sha1Context @@ -647,7 +284,7 @@ type impl* {.importc: "impl".}: array[6, ptr HashClass] -proc multihashZero*(ctx: ptr MultihashContext) {.bearSslFunc, importc: "br_multihash_zero", +proc multihashZero*(ctx: ptr MultihashContext) {.bearSslFunc, deprecated, importc: "br_multihash_zero", header: "bearssl_hash.h".} proc multihashSetimpl*(ctx: ptr MultihashContext; id: cint; impl: ptr HashClass) {. @@ -655,78 +292,78 @@ proc multihashSetimpl*(ctx: ptr MultihashContext; id: cint; impl: ptr HashClass) ctx.impl[id - 1] = impl proc multihashGetimpl*(ctx: ptr MultihashContext; id: cint): ptr HashClass {.inline, - bearSslFunc.} = + bearSslFunc, deprecated.} = return ctx.impl[id - 1] -proc multihashInit*(ctx: ptr MultihashContext) {.bearSslFunc, importc: "br_multihash_init", +proc multihashInit*(ctx: ptr MultihashContext) {.bearSslFunc, deprecated, importc: "br_multihash_init", header: "bearssl_hash.h".} -proc multihashUpdate*(ctx: ptr MultihashContext; data: pointer; len: int) {.bearSslFunc, +proc multihashUpdate*(ctx: ptr MultihashContext; data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_multihash_update", header: "bearssl_hash.h".} -proc multihashOut*(ctx: ptr MultihashContext; id: cint; dst: pointer): int {.bearSslFunc, +proc multihashOut*(ctx: ptr MultihashContext; id: cint; dst: pointer): int {.bearSslFunc, deprecated, importc: "br_multihash_out", header: "bearssl_hash.h".} type - Ghash* = proc (y: pointer; h: pointer; data: pointer; len: int) {.bearSslFunc.} + Ghash* {.deprecated.} = proc (y: pointer; h: pointer; data: pointer; len: int) {.bearSslFunc.} -proc ghashCtmul*(y: pointer; h: pointer; data: pointer; len: int) {.bearSslFunc, +proc ghashCtmul*(y: pointer; h: pointer; data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_ghash_ctmul", header: "bearssl_hash.h".} -proc ghashCtmul32*(y: pointer; h: pointer; data: pointer; len: int) {.bearSslFunc, +proc ghashCtmul32*(y: pointer; h: pointer; data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_ghash_ctmul32", header: "bearssl_hash.h".} -proc ghashCtmul64*(y: pointer; h: pointer; data: pointer; len: int) {.bearSslFunc, +proc ghashCtmul64*(y: pointer; h: pointer; data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_ghash_ctmul64", header: "bearssl_hash.h".} -proc ghashPclmul*(y: pointer; h: pointer; data: pointer; len: int) {.bearSslFunc, +proc ghashPclmul*(y: pointer; h: pointer; data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_ghash_pclmul", header: "bearssl_hash.h".} -proc ghashPclmulGet*(): Ghash {.bearSslFunc, importc: "br_ghash_pclmul_get", +proc ghashPclmulGet*(): Ghash {.bearSslFunc, deprecated, importc: "br_ghash_pclmul_get", header: "bearssl_hash.h".} -proc ghashPwr8*(y: pointer; h: pointer; data: pointer; len: int) {.bearSslFunc, +proc ghashPwr8*(y: pointer; h: pointer; data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_ghash_pwr8", header: "bearssl_hash.h".} -proc ghashPwr8Get*(): Ghash {.bearSslFunc, importc: "br_ghash_pwr8_get", +proc ghashPwr8Get*(): Ghash {.bearSslFunc, deprecated, importc: "br_ghash_pwr8_get", header: "bearssl_hash.h".} type - HmacKeyContext* {.importc: "br_hmac_key_context", header: "bearssl_hmac.h", bycopy.} = object + HmacKeyContext* {.importc: "br_hmac_key_context", header: "bearssl_hmac.h", bycopy, deprecated.} = object digVtable* {.importc: "dig_vtable".}: ptr HashClass ksi* {.importc: "ksi".}: array[64, cuchar] kso* {.importc: "kso".}: array[64, cuchar] proc hmacKeyInit*(kc: ptr HmacKeyContext; digestVtable: ptr HashClass; key: pointer; - keyLen: int) {.bearSslFunc, importc: "br_hmac_key_init", + keyLen: int) {.bearSslFunc, deprecated, importc: "br_hmac_key_init", header: "bearssl_hmac.h".} type - HmacContext* {.importc: "br_hmac_context", header: "bearssl_hmac.h", bycopy.} = object + HmacContext* {.importc: "br_hmac_context", header: "bearssl_hmac.h", bycopy, deprecated.} = object dig* {.importc: "dig".}: HashCompatContext kso* {.importc: "kso".}: array[64, cuchar] outLen* {.importc: "out_len".}: int -proc hmacInit*(ctx: ptr HmacContext; kc: ptr HmacKeyContext; outLen: int) {.bearSslFunc, +proc hmacInit*(ctx: ptr HmacContext; kc: ptr HmacKeyContext; outLen: int) {.bearSslFunc, deprecated, importc: "br_hmac_init", header: "bearssl_hmac.h".} -proc hmacSize*(ctx: ptr HmacContext): int {.inline.} = +proc hmacSize*(ctx: ptr HmacContext): int {.inline, deprecated.} = return ctx.outLen -proc hmacUpdate*(ctx: ptr HmacContext; data: pointer; len: int) {.bearSslFunc, +proc hmacUpdate*(ctx: ptr HmacContext; data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_hmac_update", header: "bearssl_hmac.h".} -proc hmacOut*(ctx: ptr HmacContext; `out`: pointer): int {.bearSslFunc, +proc hmacOut*(ctx: ptr HmacContext; `out`: pointer): int {.bearSslFunc, deprecated, importc: "br_hmac_out", header: "bearssl_hmac.h".} proc hmacOutCT*(ctx: ptr HmacContext; data: pointer; len: int; minLen: int; - maxLen: int; `out`: pointer): int {.bearSslFunc, + maxLen: int; `out`: pointer): int {.bearSslFunc, deprecated, importc: "br_hmac_outCT", header: "bearssl_hmac.h".} type - PrngClass* {.importc: "br_prng_class", header: "bearssl_rand.h", bycopy.} = object + PrngClass* {.importc: "br_prng_class", header: "bearssl_rand.h", bycopy, deprecated.} = object contextSize* {.importc: "context_size".}: int init* {.importc: "init".}: proc (ctx: ptr ptr PrngClass; params: pointer; seed: pointer; seedLen: int) {.bearSslFunc.} @@ -747,22 +384,22 @@ type var hmacDrbgVtable* {.importc: "br_hmac_drbg_vtable", header: "bearssl_rand.h".}: PrngClass proc hmacDrbgInit*(ctx: ptr HmacDrbgContext; digestClass: ptr HashClass; seed: pointer; - seedLen: int) {.bearSslFunc, importc: "br_hmac_drbg_init", + seedLen: int) {.bearSslFunc, deprecated, importc: "br_hmac_drbg_init", header: "bearssl_rand.h".} -proc hmacDrbgGenerate*(ctx: ptr HmacDrbgContext; `out`: pointer; len: int) {.bearSslFunc, +proc hmacDrbgGenerate*(ctx: ptr HmacDrbgContext; `out`: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_hmac_drbg_generate", header: "bearssl_rand.h".} -proc hmacDrbgUpdate*(ctx: ptr HmacDrbgContext; seed: pointer; seedLen: int) {.bearSslFunc, +proc hmacDrbgUpdate*(ctx: ptr HmacDrbgContext; seed: pointer; seedLen: int) {.bearSslFunc, deprecated, importc: "br_hmac_drbg_update", header: "bearssl_rand.h".} -proc hmacDrbgGetHash*(ctx: ptr HmacDrbgContext): ptr HashClass {.inline.} = +proc hmacDrbgGetHash*(ctx: ptr HmacDrbgContext): ptr HashClass {.inline, deprecated.} = return ctx.digestClass type - PrngSeeder* = proc (ctx: ptr ptr PrngClass): cint {.bearSslFunc.} + PrngSeeder* {.deprecated.} = proc (ctx: ptr ptr PrngClass): cint {.bearSslFunc.} -proc prngSeederSystem*(name: cstringArray): PrngSeeder {.bearSslFunc, +proc prngSeederSystem*(name: cstringArray): PrngSeeder {.bearSslFunc, deprecated, importc: "br_prng_seeder_system", header: "bearssl_rand.h".} type @@ -773,19 +410,19 @@ type proc tls10Prf*(dst: pointer; len: int; secret: pointer; secretLen: int; - label: cstring; seedNum: int; seed: ptr TlsPrfSeedChunk) {.bearSslFunc, + label: cstring; seedNum: int; seed: ptr TlsPrfSeedChunk) {.bearSslFunc, deprecated, importc: "br_tls10_prf", header: "bearssl_prf.h".} proc tls12Sha256Prf*(dst: pointer; len: int; secret: pointer; secretLen: int; - label: cstring; seedNum: int; seed: ptr TlsPrfSeedChunk) {.bearSslFunc, + label: cstring; seedNum: int; seed: ptr TlsPrfSeedChunk) {.bearSslFunc, deprecated, importc: "br_tls12_sha256_prf", header: "bearssl_prf.h".} proc tls12Sha384Prf*(dst: pointer; len: int; secret: pointer; secretLen: int; - label: cstring; seedNum: int; seed: ptr TlsPrfSeedChunk) {.bearSslFunc, + label: cstring; seedNum: int; seed: ptr TlsPrfSeedChunk) {.bearSslFunc, deprecated, importc: "br_tls12_sha384_prf", header: "bearssl_prf.h".} type - TlsPrfImpl* = proc (dst: pointer; len: int; secret: pointer; secretLen: int; + TlsPrfImpl* {.deprecated.} = proc (dst: pointer; len: int; secret: pointer; secretLen: int; label: cstring; seedNum: int; seed: ptr TlsPrfSeedChunk) {.bearSslFunc.} type @@ -811,7 +448,7 @@ type data: pointer; len: int) {.bearSslFunc.} type - BlockCtrClass* {.importc: "br_block_ctr_class", header: "bearssl_block.h", bycopy.} = object + BlockCtrClass* {.importc: "br_block_ctr_class", header: "bearssl_block.h", bycopy, deprecated.} = object contextSize* {.importc: "context_size".}: int blockSize* {.importc: "block_size".}: cuint logBlockSize* {.importc: "log_block_size".}: cuint @@ -859,7 +496,7 @@ type type - AesBigCtrKeys* {.importc: "br_aes_big_ctr_keys", header: "bearssl_block.h", bycopy.} = object + AesBigCtrKeys* {.importc: "br_aes_big_ctr_keys", header: "bearssl_block.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr BlockCtrClass skey* {.importc: "skey".}: array[60, uint32] numRounds* {.importc: "num_rounds".}: cuint @@ -884,41 +521,41 @@ var aesBigCtrVtable* {.importc: "br_aes_big_ctr_vtable", header: "bearssl_block. var aesBigCtrcbcVtable* {.importc: "br_aes_big_ctrcbc_vtable", header: "bearssl_block.h".}: BlockCtrcbcClass -proc aesBigCbcencInit*(ctx: ptr AesBigCbcencKeys; key: pointer; len: int) {.bearSslFunc, +proc aesBigCbcencInit*(ctx: ptr AesBigCbcencKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_big_cbcenc_init", header: "bearssl_block.h".} -proc aesBigCbcdecInit*(ctx: ptr AesBigCbcdecKeys; key: pointer; len: int) {.bearSslFunc, +proc aesBigCbcdecInit*(ctx: ptr AesBigCbcdecKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_big_cbcdec_init", header: "bearssl_block.h".} -proc aesBigCtrInit*(ctx: ptr AesBigCtrKeys; key: pointer; len: int) {.bearSslFunc, +proc aesBigCtrInit*(ctx: ptr AesBigCtrKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_big_ctr_init", header: "bearssl_block.h".} -proc aesBigCtrcbcInit*(ctx: ptr AesBigCtrcbcKeys; key: pointer; len: int) {.bearSslFunc, +proc aesBigCtrcbcInit*(ctx: ptr AesBigCtrcbcKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_big_ctrcbc_init", header: "bearssl_block.h".} proc aesBigCbcencRun*(ctx: ptr AesBigCbcencKeys; iv: pointer; data: pointer; len: int) {. - bearSslFunc, importc: "br_aes_big_cbcenc_run", header: "bearssl_block.h".} + bearSslFunc, deprecated, importc: "br_aes_big_cbcenc_run", header: "bearssl_block.h".} proc aesBigCbcdecRun*(ctx: ptr AesBigCbcdecKeys; iv: pointer; data: pointer; len: int) {. - bearSslFunc, importc: "br_aes_big_cbcdec_run", header: "bearssl_block.h".} + bearSslFunc, deprecated, importc: "br_aes_big_cbcdec_run", header: "bearssl_block.h".} proc aesBigCtrRun*(ctx: ptr AesBigCtrKeys; iv: pointer; cc: uint32; data: pointer; - len: int): uint32 {.bearSslFunc, importc: "br_aes_big_ctr_run", + len: int): uint32 {.bearSslFunc, deprecated, importc: "br_aes_big_ctr_run", header: "bearssl_block.h".} proc aesBigCtrcbcEncrypt*(ctx: ptr AesBigCtrcbcKeys; ctr: pointer; cbcmac: pointer; - data: pointer; len: int) {.bearSslFunc, + data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_big_ctrcbc_encrypt", header: "bearssl_block.h".} proc aesBigCtrcbcDecrypt*(ctx: ptr AesBigCtrcbcKeys; ctr: pointer; cbcmac: pointer; - data: pointer; len: int) {.bearSslFunc, + data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_big_ctrcbc_decrypt", header: "bearssl_block.h".} proc aesBigCtrcbcCtr*(ctx: ptr AesBigCtrcbcKeys; ctr: pointer; data: pointer; len: int) {. - bearSslFunc, importc: "br_aes_big_ctrcbc_ctr", header: "bearssl_block.h".} + bearSslFunc, deprecated, importc: "br_aes_big_ctrcbc_ctr", header: "bearssl_block.h".} proc aesBigCtrcbcMac*(ctx: ptr AesBigCtrcbcKeys; cbcmac: pointer; data: pointer; - len: int) {.bearSslFunc, importc: "br_aes_big_ctrcbc_mac", + len: int) {.bearSslFunc, deprecated, importc: "br_aes_big_ctrcbc_mac", header: "bearssl_block.h".} const @@ -926,7 +563,7 @@ const type AesSmallCbcencKeys* {.importc: "br_aes_small_cbcenc_keys", - header: "bearssl_block.h", bycopy.} = object + header: "bearssl_block.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr BlockCbcencClass skey* {.importc: "skey".}: array[60, uint32] numRounds* {.importc: "num_rounds".}: cuint @@ -934,7 +571,7 @@ type type AesSmallCbcdecKeys* {.importc: "br_aes_small_cbcdec_keys", - header: "bearssl_block.h", bycopy.} = object + header: "bearssl_block.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr BlockCbcdecClass skey* {.importc: "skey".}: array[60, uint32] numRounds* {.importc: "num_rounds".}: cuint @@ -950,7 +587,7 @@ type type AesSmallCtrcbcKeys* {.importc: "br_aes_small_ctrcbc_keys", - header: "bearssl_block.h", bycopy.} = object + header: "bearssl_block.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr BlockCtrcbcClass skey* {.importc: "skey".}: array[60, uint32] numRounds* {.importc: "num_rounds".}: cuint @@ -968,44 +605,44 @@ var aesSmallCtrVtable* {.importc: "br_aes_small_ctr_vtable", var aesSmallCtrcbcVtable* {.importc: "br_aes_small_ctrcbc_vtable", header: "bearssl_block.h".}: BlockCtrcbcClass -proc aesSmallCbcencInit*(ctx: ptr AesSmallCbcencKeys; key: pointer; len: int) {.bearSslFunc, +proc aesSmallCbcencInit*(ctx: ptr AesSmallCbcencKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_small_cbcenc_init", header: "bearssl_block.h".} -proc aesSmallCbcdecInit*(ctx: ptr AesSmallCbcdecKeys; key: pointer; len: int) {.bearSslFunc, +proc aesSmallCbcdecInit*(ctx: ptr AesSmallCbcdecKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_small_cbcdec_init", header: "bearssl_block.h".} -proc aesSmallCtrInit*(ctx: ptr AesSmallCtrKeys; key: pointer; len: int) {.bearSslFunc, +proc aesSmallCtrInit*(ctx: ptr AesSmallCtrKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_small_ctr_init", header: "bearssl_block.h".} -proc aesSmallCtrcbcInit*(ctx: ptr AesSmallCtrcbcKeys; key: pointer; len: int) {.bearSslFunc, +proc aesSmallCtrcbcInit*(ctx: ptr AesSmallCtrcbcKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_small_ctrcbc_init", header: "bearssl_block.h".} proc aesSmallCbcencRun*(ctx: ptr AesSmallCbcencKeys; iv: pointer; data: pointer; - len: int) {.bearSslFunc, importc: "br_aes_small_cbcenc_run", + len: int) {.bearSslFunc, deprecated, importc: "br_aes_small_cbcenc_run", header: "bearssl_block.h".} proc aesSmallCbcdecRun*(ctx: ptr AesSmallCbcdecKeys; iv: pointer; data: pointer; - len: int) {.bearSslFunc, importc: "br_aes_small_cbcdec_run", + len: int) {.bearSslFunc, deprecated, importc: "br_aes_small_cbcdec_run", header: "bearssl_block.h".} proc aesSmallCtrRun*(ctx: ptr AesSmallCtrKeys; iv: pointer; cc: uint32; data: pointer; - len: int): uint32 {.bearSslFunc, importc: "br_aes_small_ctr_run", + len: int): uint32 {.bearSslFunc, deprecated, importc: "br_aes_small_ctr_run", header: "bearssl_block.h".} proc aesSmallCtrcbcEncrypt*(ctx: ptr AesSmallCtrcbcKeys; ctr: pointer; - cbcmac: pointer; data: pointer; len: int) {.bearSslFunc, + cbcmac: pointer; data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_small_ctrcbc_encrypt", header: "bearssl_block.h".} proc aesSmallCtrcbcDecrypt*(ctx: ptr AesSmallCtrcbcKeys; ctr: pointer; - cbcmac: pointer; data: pointer; len: int) {.bearSslFunc, + cbcmac: pointer; data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_small_ctrcbc_decrypt", header: "bearssl_block.h".} proc aesSmallCtrcbcCtr*(ctx: ptr AesSmallCtrcbcKeys; ctr: pointer; data: pointer; - len: int) {.bearSslFunc, importc: "br_aes_small_ctrcbc_ctr", + len: int) {.bearSslFunc, deprecated, importc: "br_aes_small_ctrcbc_ctr", header: "bearssl_block.h".} proc aesSmallCtrcbcMac*(ctx: ptr AesSmallCtrcbcKeys; cbcmac: pointer; data: pointer; - len: int) {.bearSslFunc, importc: "br_aes_small_ctrcbc_mac", + len: int) {.bearSslFunc, deprecated, importc: "br_aes_small_ctrcbc_mac", header: "bearssl_block.h".} const @@ -1028,7 +665,7 @@ type type - AesCtCtrKeys* {.importc: "br_aes_ct_ctr_keys", header: "bearssl_block.h", bycopy.} = object + AesCtCtrKeys* {.importc: "br_aes_ct_ctr_keys", header: "bearssl_block.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr BlockCtrClass skey* {.importc: "skey".}: array[60, uint32] numRounds* {.importc: "num_rounds".}: cuint @@ -1053,41 +690,41 @@ var aesCtCtrVtable* {.importc: "br_aes_ct_ctr_vtable", header: "bearssl_block.h" var aesCtCtrcbcVtable* {.importc: "br_aes_ct_ctrcbc_vtable", header: "bearssl_block.h".}: BlockCtrcbcClass -proc aesCtCbcencInit*(ctx: ptr AesCtCbcencKeys; key: pointer; len: int) {.bearSslFunc, +proc aesCtCbcencInit*(ctx: ptr AesCtCbcencKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_ct_cbcenc_init", header: "bearssl_block.h".} -proc aesCtCbcdecInit*(ctx: ptr AesCtCbcdecKeys; key: pointer; len: int) {.bearSslFunc, +proc aesCtCbcdecInit*(ctx: ptr AesCtCbcdecKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_ct_cbcdec_init", header: "bearssl_block.h".} -proc aesCtCtrInit*(ctx: ptr AesCtCtrKeys; key: pointer; len: int) {.bearSslFunc, +proc aesCtCtrInit*(ctx: ptr AesCtCtrKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_ct_ctr_init", header: "bearssl_block.h".} -proc aesCtCtrcbcInit*(ctx: ptr AesCtCtrcbcKeys; key: pointer; len: int) {.bearSslFunc, +proc aesCtCtrcbcInit*(ctx: ptr AesCtCtrcbcKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_ct_ctrcbc_init", header: "bearssl_block.h".} proc aesCtCbcencRun*(ctx: ptr AesCtCbcencKeys; iv: pointer; data: pointer; len: int) {. - bearSslFunc, importc: "br_aes_ct_cbcenc_run", header: "bearssl_block.h".} + bearSslFunc, deprecated, importc: "br_aes_ct_cbcenc_run", header: "bearssl_block.h".} proc aesCtCbcdecRun*(ctx: ptr AesCtCbcdecKeys; iv: pointer; data: pointer; len: int) {. - bearSslFunc, importc: "br_aes_ct_cbcdec_run", header: "bearssl_block.h".} + bearSslFunc, deprecated, importc: "br_aes_ct_cbcdec_run", header: "bearssl_block.h".} proc aesCtCtrRun*(ctx: ptr AesCtCtrKeys; iv: pointer; cc: uint32; data: pointer; - len: int): uint32 {.bearSslFunc, importc: "br_aes_ct_ctr_run", + len: int): uint32 {.bearSslFunc, deprecated, importc: "br_aes_ct_ctr_run", header: "bearssl_block.h".} proc aesCtCtrcbcEncrypt*(ctx: ptr AesCtCtrcbcKeys; ctr: pointer; cbcmac: pointer; - data: pointer; len: int) {.bearSslFunc, + data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_ct_ctrcbc_encrypt", header: "bearssl_block.h".} proc aesCtCtrcbcDecrypt*(ctx: ptr AesCtCtrcbcKeys; ctr: pointer; cbcmac: pointer; - data: pointer; len: int) {.bearSslFunc, + data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_ct_ctrcbc_decrypt", header: "bearssl_block.h".} proc aesCtCtrcbcCtr*(ctx: ptr AesCtCtrcbcKeys; ctr: pointer; data: pointer; len: int) {. - bearSslFunc, importc: "br_aes_ct_ctrcbc_ctr", header: "bearssl_block.h".} + bearSslFunc, deprecated, importc: "br_aes_ct_ctrcbc_ctr", header: "bearssl_block.h".} proc aesCtCtrcbcMac*(ctx: ptr AesCtCtrcbcKeys; cbcmac: pointer; data: pointer; - len: int) {.bearSslFunc, importc: "br_aes_ct_ctrcbc_mac", + len: int) {.bearSslFunc, deprecated, importc: "br_aes_ct_ctrcbc_mac", header: "bearssl_block.h".} const @@ -1095,7 +732,7 @@ const type AesCt64CbcencKeys* {.importc: "br_aes_ct64_cbcenc_keys", - header: "bearssl_block.h", bycopy.} = object + header: "bearssl_block.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr BlockCbcencClass skey* {.importc: "skey".}: array[30, uint64] numRounds* {.importc: "num_rounds".}: cuint @@ -1103,7 +740,7 @@ type type AesCt64CbcdecKeys* {.importc: "br_aes_ct64_cbcdec_keys", - header: "bearssl_block.h", bycopy.} = object + header: "bearssl_block.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr BlockCbcdecClass skey* {.importc: "skey".}: array[30, uint64] numRounds* {.importc: "num_rounds".}: cuint @@ -1119,7 +756,7 @@ type type AesCt64CtrcbcKeys* {.importc: "br_aes_ct64_ctrcbc_keys", - header: "bearssl_block.h", bycopy.} = object + header: "bearssl_block.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr BlockCtrcbcClass skey* {.importc: "skey".}: array[30, uint64] numRounds* {.importc: "num_rounds".}: cuint @@ -1136,44 +773,44 @@ var aesCt64CtrVtable* {.importc: "br_aes_ct64_ctr_vtable", header: "bearssl_bloc var aesCt64CtrcbcVtable* {.importc: "br_aes_ct64_ctrcbc_vtable", header: "bearssl_block.h".}: BlockCtrcbcClass -proc aesCt64CbcencInit*(ctx: ptr AesCt64CbcencKeys; key: pointer; len: int) {.bearSslFunc, +proc aesCt64CbcencInit*(ctx: ptr AesCt64CbcencKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_ct64_cbcenc_init", header: "bearssl_block.h".} -proc aesCt64CbcdecInit*(ctx: ptr AesCt64CbcdecKeys; key: pointer; len: int) {.bearSslFunc, +proc aesCt64CbcdecInit*(ctx: ptr AesCt64CbcdecKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_ct64_cbcdec_init", header: "bearssl_block.h".} -proc aesCt64CtrInit*(ctx: ptr AesCt64CtrKeys; key: pointer; len: int) {.bearSslFunc, +proc aesCt64CtrInit*(ctx: ptr AesCt64CtrKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_ct64_ctr_init", header: "bearssl_block.h".} -proc aesCt64CtrcbcInit*(ctx: ptr AesCt64CtrcbcKeys; key: pointer; len: int) {.bearSslFunc, +proc aesCt64CtrcbcInit*(ctx: ptr AesCt64CtrcbcKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_ct64_ctrcbc_init", header: "bearssl_block.h".} proc aesCt64CbcencRun*(ctx: ptr AesCt64CbcencKeys; iv: pointer; data: pointer; - len: int) {.bearSslFunc, importc: "br_aes_ct64_cbcenc_run", + len: int) {.bearSslFunc, deprecated, importc: "br_aes_ct64_cbcenc_run", header: "bearssl_block.h".} proc aesCt64CbcdecRun*(ctx: ptr AesCt64CbcdecKeys; iv: pointer; data: pointer; - len: int) {.bearSslFunc, importc: "br_aes_ct64_cbcdec_run", + len: int) {.bearSslFunc, deprecated, importc: "br_aes_ct64_cbcdec_run", header: "bearssl_block.h".} proc aesCt64CtrRun*(ctx: ptr AesCt64CtrKeys; iv: pointer; cc: uint32; data: pointer; - len: int): uint32 {.bearSslFunc, importc: "br_aes_ct64_ctr_run", + len: int): uint32 {.bearSslFunc, deprecated, importc: "br_aes_ct64_ctr_run", header: "bearssl_block.h".} proc aesCt64CtrcbcEncrypt*(ctx: ptr AesCt64CtrcbcKeys; ctr: pointer; cbcmac: pointer; - data: pointer; len: int) {.bearSslFunc, + data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_ct64_ctrcbc_encrypt", header: "bearssl_block.h".} proc aesCt64CtrcbcDecrypt*(ctx: ptr AesCt64CtrcbcKeys; ctr: pointer; cbcmac: pointer; - data: pointer; len: int) {.bearSslFunc, + data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_ct64_ctrcbc_decrypt", header: "bearssl_block.h".} proc aesCt64CtrcbcCtr*(ctx: ptr AesCt64CtrcbcKeys; ctr: pointer; data: pointer; - len: int) {.bearSslFunc, importc: "br_aes_ct64_ctrcbc_ctr", + len: int) {.bearSslFunc, deprecated, importc: "br_aes_ct64_ctrcbc_ctr", header: "bearssl_block.h".} proc aesCt64CtrcbcMac*(ctx: ptr AesCt64CtrcbcKeys; cbcmac: pointer; data: pointer; - len: int) {.bearSslFunc, importc: "br_aes_ct64_ctrcbc_mac", + len: int) {.bearSslFunc, deprecated, importc: "br_aes_ct64_ctrcbc_mac", header: "bearssl_block.h".} const @@ -1185,7 +822,7 @@ type skni* {.importc: "skni".}: array[16 * 15, cuchar] AesX86niCbcencKeys* {.importc: "br_aes_x86ni_cbcenc_keys", - header: "bearssl_block.h", bycopy.} = object + header: "bearssl_block.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr BlockCbcencClass skey* {.importc: "skey".}: INNER_C_UNION_1159666335 numRounds* {.importc: "num_rounds".}: cuint @@ -1197,7 +834,7 @@ type skni* {.importc: "skni".}: array[16 * 15, cuchar] AesX86niCbcdecKeys* {.importc: "br_aes_x86ni_cbcdec_keys", - header: "bearssl_block.h", bycopy.} = object + header: "bearssl_block.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr BlockCbcdecClass skey* {.importc: "skey".}: INNER_C_UNION_3830826214 numRounds* {.importc: "num_rounds".}: cuint @@ -1221,7 +858,7 @@ type skni* {.importc: "skni".}: array[16 * 15, cuchar] AesX86niCtrcbcKeys* {.importc: "br_aes_x86ni_ctrcbc_keys", - header: "bearssl_block.h", bycopy.} = object + header: "bearssl_block.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr BlockCtrcbcClass skey* {.importc: "skey".}: INNER_C_UNION_220758887 numRounds* {.importc: "num_rounds".}: cuint @@ -1239,56 +876,56 @@ var aesX86niCtrVtable* {.importc: "br_aes_x86ni_ctr_vtable", var aesX86niCtrcbcVtable* {.importc: "br_aes_x86ni_ctrcbc_vtable", header: "bearssl_block.h".}: BlockCtrcbcClass -proc aesX86niCbcencInit*(ctx: ptr AesX86niCbcencKeys; key: pointer; len: int) {.bearSslFunc, +proc aesX86niCbcencInit*(ctx: ptr AesX86niCbcencKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_x86ni_cbcenc_init", header: "bearssl_block.h".} -proc aesX86niCbcdecInit*(ctx: ptr AesX86niCbcdecKeys; key: pointer; len: int) {.bearSslFunc, +proc aesX86niCbcdecInit*(ctx: ptr AesX86niCbcdecKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_x86ni_cbcdec_init", header: "bearssl_block.h".} -proc aesX86niCtrInit*(ctx: ptr AesX86niCtrKeys; key: pointer; len: int) {.bearSslFunc, +proc aesX86niCtrInit*(ctx: ptr AesX86niCtrKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_x86ni_ctr_init", header: "bearssl_block.h".} -proc aesX86niCtrcbcInit*(ctx: ptr AesX86niCtrcbcKeys; key: pointer; len: int) {.bearSslFunc, +proc aesX86niCtrcbcInit*(ctx: ptr AesX86niCtrcbcKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_x86ni_ctrcbc_init", header: "bearssl_block.h".} proc aesX86niCbcencRun*(ctx: ptr AesX86niCbcencKeys; iv: pointer; data: pointer; - len: int) {.bearSslFunc, importc: "br_aes_x86ni_cbcenc_run", + len: int) {.bearSslFunc, deprecated, importc: "br_aes_x86ni_cbcenc_run", header: "bearssl_block.h".} proc aesX86niCbcdecRun*(ctx: ptr AesX86niCbcdecKeys; iv: pointer; data: pointer; - len: int) {.bearSslFunc, importc: "br_aes_x86ni_cbcdec_run", + len: int) {.bearSslFunc, deprecated, importc: "br_aes_x86ni_cbcdec_run", header: "bearssl_block.h".} proc aesX86niCtrRun*(ctx: ptr AesX86niCtrKeys; iv: pointer; cc: uint32; data: pointer; - len: int): uint32 {.bearSslFunc, importc: "br_aes_x86ni_ctr_run", + len: int): uint32 {.bearSslFunc, deprecated, importc: "br_aes_x86ni_ctr_run", header: "bearssl_block.h".} proc aesX86niCtrcbcEncrypt*(ctx: ptr AesX86niCtrcbcKeys; ctr: pointer; - cbcmac: pointer; data: pointer; len: int) {.bearSslFunc, + cbcmac: pointer; data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_x86ni_ctrcbc_encrypt", header: "bearssl_block.h".} proc aesX86niCtrcbcDecrypt*(ctx: ptr AesX86niCtrcbcKeys; ctr: pointer; - cbcmac: pointer; data: pointer; len: int) {.bearSslFunc, + cbcmac: pointer; data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_x86ni_ctrcbc_decrypt", header: "bearssl_block.h".} proc aesX86niCtrcbcCtr*(ctx: ptr AesX86niCtrcbcKeys; ctr: pointer; data: pointer; - len: int) {.bearSslFunc, importc: "br_aes_x86ni_ctrcbc_ctr", + len: int) {.bearSslFunc, deprecated, importc: "br_aes_x86ni_ctrcbc_ctr", header: "bearssl_block.h".} proc aesX86niCtrcbcMac*(ctx: ptr AesX86niCtrcbcKeys; cbcmac: pointer; data: pointer; - len: int) {.bearSslFunc, importc: "br_aes_x86ni_ctrcbc_mac", + len: int) {.bearSslFunc, deprecated, importc: "br_aes_x86ni_ctrcbc_mac", header: "bearssl_block.h".} -proc aesX86niCbcencGetVtable*(): ptr BlockCbcencClass {.bearSslFunc, +proc aesX86niCbcencGetVtable*(): ptr BlockCbcencClass {.bearSslFunc, deprecated, importc: "br_aes_x86ni_cbcenc_get_vtable", header: "bearssl_block.h".} -proc aesX86niCbcdecGetVtable*(): ptr BlockCbcdecClass {.bearSslFunc, +proc aesX86niCbcdecGetVtable*(): ptr BlockCbcdecClass {.bearSslFunc, deprecated, importc: "br_aes_x86ni_cbcdec_get_vtable", header: "bearssl_block.h".} -proc aesX86niCtrGetVtable*(): ptr BlockCtrClass {.bearSslFunc, +proc aesX86niCtrGetVtable*(): ptr BlockCtrClass {.bearSslFunc, deprecated, importc: "br_aes_x86ni_ctr_get_vtable", header: "bearssl_block.h".} -proc aesX86niCtrcbcGetVtable*(): ptr BlockCtrcbcClass {.bearSslFunc, +proc aesX86niCtrcbcGetVtable*(): ptr BlockCtrcbcClass {.bearSslFunc, deprecated, importc: "br_aes_x86ni_ctrcbc_get_vtable", header: "bearssl_block.h".} const @@ -1300,7 +937,7 @@ type skni* {.importc: "skni".}: array[16 * 15, cuchar] AesPwr8CbcencKeys* {.importc: "br_aes_pwr8_cbcenc_keys", - header: "bearssl_block.h", bycopy.} = object + header: "bearssl_block.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr BlockCbcencClass skey* {.importc: "skey".}: INNER_C_UNION_2338321047 numRounds* {.importc: "num_rounds".}: cuint @@ -1312,7 +949,7 @@ type skni* {.importc: "skni".}: array[16 * 15, cuchar] AesPwr8CbcdecKeys* {.importc: "br_aes_pwr8_cbcdec_keys", - header: "bearssl_block.h", bycopy.} = object + header: "bearssl_block.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr BlockCbcdecClass skey* {.importc: "skey".}: INNER_C_UNION_714513630 numRounds* {.importc: "num_rounds".}: cuint @@ -1338,34 +975,34 @@ var aesPwr8CbcdecVtable* {.importc: "br_aes_pwr8_cbcdec_vtable", var aesPwr8CtrVtable* {.importc: "br_aes_pwr8_ctr_vtable", header: "bearssl_block.h".}: BlockCtrClass -proc aesPwr8CbcencInit*(ctx: ptr AesPwr8CbcencKeys; key: pointer; len: int) {.bearSslFunc, +proc aesPwr8CbcencInit*(ctx: ptr AesPwr8CbcencKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_pwr8_cbcenc_init", header: "bearssl_block.h".} -proc aesPwr8CbcdecInit*(ctx: ptr AesPwr8CbcdecKeys; key: pointer; len: int) {.bearSslFunc, +proc aesPwr8CbcdecInit*(ctx: ptr AesPwr8CbcdecKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_pwr8_cbcdec_init", header: "bearssl_block.h".} -proc aesPwr8CtrInit*(ctx: ptr AesPwr8CtrKeys; key: pointer; len: int) {.bearSslFunc, +proc aesPwr8CtrInit*(ctx: ptr AesPwr8CtrKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_aes_pwr8_ctr_init", header: "bearssl_block.h".} proc aesPwr8CbcencRun*(ctx: ptr AesPwr8CbcencKeys; iv: pointer; data: pointer; - len: int) {.bearSslFunc, importc: "br_aes_pwr8_cbcenc_run", + len: int) {.bearSslFunc, deprecated, importc: "br_aes_pwr8_cbcenc_run", header: "bearssl_block.h".} proc aesPwr8CbcdecRun*(ctx: ptr AesPwr8CbcdecKeys; iv: pointer; data: pointer; - len: int) {.bearSslFunc, importc: "br_aes_pwr8_cbcdec_run", + len: int) {.bearSslFunc, deprecated, importc: "br_aes_pwr8_cbcdec_run", header: "bearssl_block.h".} proc aesPwr8CtrRun*(ctx: ptr AesPwr8CtrKeys; iv: pointer; cc: uint32; data: pointer; - len: int): uint32 {.bearSslFunc, importc: "br_aes_pwr8_ctr_run", + len: int): uint32 {.bearSslFunc, deprecated, importc: "br_aes_pwr8_ctr_run", header: "bearssl_block.h".} -proc aesPwr8CbcencGetVtable*(): ptr BlockCbcencClass {.bearSslFunc, +proc aesPwr8CbcencGetVtable*(): ptr BlockCbcencClass {.bearSslFunc, deprecated, importc: "br_aes_pwr8_cbcenc_get_vtable", header: "bearssl_block.h".} -proc aesPwr8CbcdecGetVtable*(): ptr BlockCbcdecClass {.bearSslFunc, +proc aesPwr8CbcdecGetVtable*(): ptr BlockCbcdecClass {.bearSslFunc, deprecated, importc: "br_aes_pwr8_cbcdec_get_vtable", header: "bearssl_block.h".} -proc aesPwr8CtrGetVtable*(): ptr BlockCtrClass {.bearSslFunc, +proc aesPwr8CtrGetVtable*(): ptr BlockCtrClass {.bearSslFunc, deprecated, importc: "br_aes_pwr8_ctr_get_vtable", header: "bearssl_block.h".} type @@ -1406,7 +1043,7 @@ type type AesGenCtrcbcKeys* {.importc: "br_aes_gen_ctrcbc_keys", - header: "bearssl_block.h", bycopy, union.} = object + header: "bearssl_block.h", bycopy, deprecated, union.} = object vtable* {.importc: "vtable".}: ptr BlockCtrcbcClass cBig* {.importc: "c_big".}: AesBigCtrcbcKeys cSmall* {.importc: "c_small".}: AesSmallCtrcbcKeys @@ -1439,17 +1076,17 @@ var desTabCbcencVtable* {.importc: "br_des_tab_cbcenc_vtable", var desTabCbcdecVtable* {.importc: "br_des_tab_cbcdec_vtable", header: "bearssl_block.h".}: BlockCbcdecClass -proc desTabCbcencInit*(ctx: ptr DesTabCbcencKeys; key: pointer; len: int) {.bearSslFunc, +proc desTabCbcencInit*(ctx: ptr DesTabCbcencKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_des_tab_cbcenc_init", header: "bearssl_block.h".} -proc desTabCbcdecInit*(ctx: ptr DesTabCbcdecKeys; key: pointer; len: int) {.bearSslFunc, +proc desTabCbcdecInit*(ctx: ptr DesTabCbcdecKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_des_tab_cbcdec_init", header: "bearssl_block.h".} proc desTabCbcencRun*(ctx: ptr DesTabCbcencKeys; iv: pointer; data: pointer; len: int) {. - bearSslFunc, importc: "br_des_tab_cbcenc_run", header: "bearssl_block.h".} + bearSslFunc, deprecated, importc: "br_des_tab_cbcenc_run", header: "bearssl_block.h".} proc desTabCbcdecRun*(ctx: ptr DesTabCbcdecKeys; iv: pointer; data: pointer; len: int) {. - bearSslFunc, importc: "br_des_tab_cbcdec_run", header: "bearssl_block.h".} + bearSslFunc, deprecated, importc: "br_des_tab_cbcdec_run", header: "bearssl_block.h".} const desCtBLOCK_SIZE* = 8 @@ -1476,21 +1113,21 @@ var desCtCbcencVtable* {.importc: "br_des_ct_cbcenc_vtable", var desCtCbcdecVtable* {.importc: "br_des_ct_cbcdec_vtable", header: "bearssl_block.h".}: BlockCbcdecClass -proc desCtCbcencInit*(ctx: ptr DesCtCbcencKeys; key: pointer; len: int) {.bearSslFunc, +proc desCtCbcencInit*(ctx: ptr DesCtCbcencKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_des_ct_cbcenc_init", header: "bearssl_block.h".} -proc desCtCbcdecInit*(ctx: ptr DesCtCbcdecKeys; key: pointer; len: int) {.bearSslFunc, +proc desCtCbcdecInit*(ctx: ptr DesCtCbcdecKeys; key: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_des_ct_cbcdec_init", header: "bearssl_block.h".} proc desCtCbcencRun*(ctx: ptr DesCtCbcencKeys; iv: pointer; data: pointer; len: int) {. - bearSslFunc, importc: "br_des_ct_cbcenc_run", header: "bearssl_block.h".} + bearSslFunc, deprecated, importc: "br_des_ct_cbcenc_run", header: "bearssl_block.h".} proc desCtCbcdecRun*(ctx: ptr DesCtCbcdecKeys; iv: pointer; data: pointer; len: int) {. - bearSslFunc, importc: "br_des_ct_cbcdec_run", header: "bearssl_block.h".} + bearSslFunc, deprecated, importc: "br_des_ct_cbcdec_run", header: "bearssl_block.h".} type DesGenCbcencKeys* {.importc: "br_des_gen_cbcenc_keys", - header: "bearssl_block.h", bycopy, union.} = object + header: "bearssl_block.h", bycopy, deprecated, union.} = object vtable* {.importc: "vtable".}: ptr BlockCbcencClass tab* {.importc: "tab".}: DesTabCbcencKeys ct* {.importc: "ct".}: DesCtCbcencKeys @@ -1498,54 +1135,54 @@ type type DesGenCbcdecKeys* {.importc: "br_des_gen_cbcdec_keys", - header: "bearssl_block.h", bycopy, union.} = object + header: "bearssl_block.h", bycopy, deprecated, union.} = object vtable* {.importc: "vtable".}: ptr BlockCbcdecClass cTab* {.importc: "c_tab".}: DesTabCbcdecKeys cCt* {.importc: "c_ct".}: DesCtCbcdecKeys type - Chacha20Run* = proc (key: pointer; iv: pointer; cc: uint32; data: pointer; len: int): uint32 {. + Chacha20Run* {.deprecated.} = proc (key: pointer; iv: pointer; cc: uint32; data: pointer; len: int): uint32 {. bearSslFunc.} proc chacha20CtRun*(key: pointer; iv: pointer; cc: uint32; data: pointer; len: int): uint32 {. - bearSslFunc, importc: "br_chacha20_ct_run", header: "bearssl_block.h".} + bearSslFunc, deprecated, importc: "br_chacha20_ct_run", header: "bearssl_block.h".} proc chacha20Sse2Run*(key: pointer; iv: pointer; cc: uint32; data: pointer; len: int): uint32 {. - bearSslFunc, importc: "br_chacha20_sse2_run", header: "bearssl_block.h".} + bearSslFunc, deprecated, importc: "br_chacha20_sse2_run", header: "bearssl_block.h".} -proc chacha20Sse2Get*(): Chacha20Run {.bearSslFunc, importc: "br_chacha20_sse2_get", +proc chacha20Sse2Get*(): Chacha20Run {.bearSslFunc, deprecated, importc: "br_chacha20_sse2_get", header: "bearssl_block.h".} type - Poly1305Run* = proc (key: pointer; iv: pointer; data: pointer; len: int; aad: pointer; + Poly1305Run* {.deprecated.} = proc (key: pointer; iv: pointer; data: pointer; len: int; aad: pointer; aadLen: int; tag: pointer; ichacha: Chacha20Run; encrypt: cint) {. bearSslFunc.} proc poly1305CtmulRun*(key: pointer; iv: pointer; data: pointer; len: int; aad: pointer; aadLen: int; tag: pointer; ichacha: Chacha20Run; - encrypt: cint) {.bearSslFunc, importc: "br_poly1305_ctmul_run", + encrypt: cint) {.bearSslFunc, deprecated, importc: "br_poly1305_ctmul_run", header: "bearssl_block.h".} proc poly1305Ctmul32Run*(key: pointer; iv: pointer; data: pointer; len: int; aad: pointer; aadLen: int; tag: pointer; - ichacha: Chacha20Run; encrypt: cint) {.bearSslFunc, + ichacha: Chacha20Run; encrypt: cint) {.bearSslFunc, deprecated, importc: "br_poly1305_ctmul32_run", header: "bearssl_block.h".} proc poly1305I15Run*(key: pointer; iv: pointer; data: pointer; len: int; aad: pointer; aadLen: int; tag: pointer; ichacha: Chacha20Run; encrypt: cint) {. - bearSslFunc, importc: "br_poly1305_i15_run", header: "bearssl_block.h".} + bearSslFunc, deprecated, importc: "br_poly1305_i15_run", header: "bearssl_block.h".} proc poly1305CtmulqRun*(key: pointer; iv: pointer; data: pointer; len: int; aad: pointer; aadLen: int; tag: pointer; - ichacha: Chacha20Run; encrypt: cint) {.bearSslFunc, + ichacha: Chacha20Run; encrypt: cint) {.bearSslFunc, deprecated, importc: "br_poly1305_ctmulq_run", header: "bearssl_block.h".} -proc poly1305CtmulqGet*(): Poly1305Run {.bearSslFunc, importc: "br_poly1305_ctmulq_get", +proc poly1305CtmulqGet*(): Poly1305Run {.bearSslFunc, deprecated, importc: "br_poly1305_ctmulq_get", header: "bearssl_block.h".} type - AeadClass* {.importc: "br_aead_class", header: "bearssl_aead.h", bycopy.} = object + AeadClass* {.importc: "br_aead_class", header: "bearssl_aead.h", bycopy, deprecated.} = object tagSize* {.importc: "tag_size".}: int reset* {.importc: "reset".}: proc (cc: ptr ptr AeadClass; iv: pointer; len: int) {. bearSslFunc.} @@ -1563,7 +1200,7 @@ type tag: pointer; len: int): uint32 {.bearSslFunc.} type - GcmContext* {.importc: "br_gcm_context", header: "bearssl_aead.h", bycopy.} = object + GcmContext* {.importc: "br_gcm_context", header: "bearssl_aead.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr AeadClass bctx* {.importc: "bctx".}: ptr ptr BlockCtrClass gh* {.importc: "gh".}: Ghash @@ -1577,37 +1214,37 @@ type countCtr* {.importc: "count_ctr".}: uint64 -proc gcmInit*(ctx: ptr GcmContext; bctx: ptr ptr BlockCtrClass; gh: Ghash) {.bearSslFunc, +proc gcmInit*(ctx: ptr GcmContext; bctx: ptr ptr BlockCtrClass; gh: Ghash) {.bearSslFunc, deprecated, importc: "br_gcm_init", header: "bearssl_aead.h".} -proc gcmReset*(ctx: ptr GcmContext; iv: pointer; len: int) {.bearSslFunc, +proc gcmReset*(ctx: ptr GcmContext; iv: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_gcm_reset", header: "bearssl_aead.h".} -proc gcmAadInject*(ctx: ptr GcmContext; data: pointer; len: int) {.bearSslFunc, +proc gcmAadInject*(ctx: ptr GcmContext; data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_gcm_aad_inject", header: "bearssl_aead.h".} -proc gcmFlip*(ctx: ptr GcmContext) {.bearSslFunc, importc: "br_gcm_flip", +proc gcmFlip*(ctx: ptr GcmContext) {.bearSslFunc, deprecated, importc: "br_gcm_flip", header: "bearssl_aead.h".} -proc gcmRun*(ctx: ptr GcmContext; encrypt: cint; data: pointer; len: int) {.bearSslFunc, +proc gcmRun*(ctx: ptr GcmContext; encrypt: cint; data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_gcm_run", header: "bearssl_aead.h".} -proc gcmGetTag*(ctx: ptr GcmContext; tag: pointer) {.bearSslFunc, importc: "br_gcm_get_tag", +proc gcmGetTag*(ctx: ptr GcmContext; tag: pointer) {.bearSslFunc, deprecated, importc: "br_gcm_get_tag", header: "bearssl_aead.h".} -proc gcmCheckTag*(ctx: ptr GcmContext; tag: pointer): uint32 {.bearSslFunc, +proc gcmCheckTag*(ctx: ptr GcmContext; tag: pointer): uint32 {.bearSslFunc, deprecated, importc: "br_gcm_check_tag", header: "bearssl_aead.h".} -proc gcmGetTagTrunc*(ctx: ptr GcmContext; tag: pointer; len: int) {.bearSslFunc, +proc gcmGetTagTrunc*(ctx: ptr GcmContext; tag: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_gcm_get_tag_trunc", header: "bearssl_aead.h".} -proc gcmCheckTagTrunc*(ctx: ptr GcmContext; tag: pointer; len: int): uint32 {.bearSslFunc, +proc gcmCheckTagTrunc*(ctx: ptr GcmContext; tag: pointer; len: int): uint32 {.bearSslFunc, deprecated, importc: "br_gcm_check_tag_trunc", header: "bearssl_aead.h".} var gcmVtable* {.importc: "br_gcm_vtable", header: "bearssl_aead.h".}: AeadClass type - EaxContext* {.importc: "br_eax_context", header: "bearssl_aead.h", bycopy.} = object + EaxContext* {.importc: "br_eax_context", header: "bearssl_aead.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr AeadClass bctx* {.importc: "bctx".}: ptr ptr BlockCtrcbcClass l2* {.importc: "L2".}: array[16, cuchar] @@ -1621,53 +1258,53 @@ type type - EaxState* {.importc: "br_eax_state", header: "bearssl_aead.h", bycopy.} = object + EaxState* {.importc: "br_eax_state", header: "bearssl_aead.h", bycopy, deprecated.} = object st* {.importc: "st".}: array[3, array[16, cuchar]] -proc eaxInit*(ctx: ptr EaxContext; bctx: ptr ptr BlockCtrcbcClass) {.bearSslFunc, +proc eaxInit*(ctx: ptr EaxContext; bctx: ptr ptr BlockCtrcbcClass) {.bearSslFunc, deprecated, importc: "br_eax_init", header: "bearssl_aead.h".} -proc eaxCapture*(ctx: ptr EaxContext; st: ptr EaxState) {.bearSslFunc, +proc eaxCapture*(ctx: ptr EaxContext; st: ptr EaxState) {.bearSslFunc, deprecated, importc: "br_eax_capture", header: "bearssl_aead.h".} -proc eaxReset*(ctx: ptr EaxContext; nonce: pointer; len: int) {.bearSslFunc, +proc eaxReset*(ctx: ptr EaxContext; nonce: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_eax_reset", header: "bearssl_aead.h".} proc eaxResetPreAad*(ctx: ptr EaxContext; st: ptr EaxState; nonce: pointer; len: int) {. - bearSslFunc, importc: "br_eax_reset_pre_aad", header: "bearssl_aead.h".} + bearSslFunc, deprecated, importc: "br_eax_reset_pre_aad", header: "bearssl_aead.h".} proc eaxResetPostAad*(ctx: ptr EaxContext; st: ptr EaxState; nonce: pointer; len: int) {. - bearSslFunc, importc: "br_eax_reset_post_aad", header: "bearssl_aead.h".} + bearSslFunc, deprecated, importc: "br_eax_reset_post_aad", header: "bearssl_aead.h".} -proc eaxAadInject*(ctx: ptr EaxContext; data: pointer; len: int) {.bearSslFunc, +proc eaxAadInject*(ctx: ptr EaxContext; data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_eax_aad_inject", header: "bearssl_aead.h".} -proc eaxFlip*(ctx: ptr EaxContext) {.bearSslFunc, importc: "br_eax_flip", +proc eaxFlip*(ctx: ptr EaxContext) {.bearSslFunc, deprecated, importc: "br_eax_flip", header: "bearssl_aead.h".} -proc eaxGetAadMac*(ctx: ptr EaxContext; st: ptr EaxState) {.inline.} = +proc eaxGetAadMac*(ctx: ptr EaxContext; st: ptr EaxState) {.inline, deprecated.} = copyMem(unsafeAddr st.st[1], unsafeAddr ctx.head, sizeof(ctx.head)) -proc eaxRun*(ctx: ptr EaxContext; encrypt: cint; data: pointer; len: int) {.bearSslFunc, +proc eaxRun*(ctx: ptr EaxContext; encrypt: cint; data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_eax_run", header: "bearssl_aead.h".} -proc eaxGetTag*(ctx: ptr EaxContext; tag: pointer) {.bearSslFunc, importc: "br_eax_get_tag", +proc eaxGetTag*(ctx: ptr EaxContext; tag: pointer) {.bearSslFunc, deprecated, importc: "br_eax_get_tag", header: "bearssl_aead.h".} -proc eaxCheckTag*(ctx: ptr EaxContext; tag: pointer): uint32 {.bearSslFunc, +proc eaxCheckTag*(ctx: ptr EaxContext; tag: pointer): uint32 {.bearSslFunc, deprecated, importc: "br_eax_check_tag", header: "bearssl_aead.h".} -proc eaxGetTagTrunc*(ctx: ptr EaxContext; tag: pointer; len: int) {.bearSslFunc, +proc eaxGetTagTrunc*(ctx: ptr EaxContext; tag: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_eax_get_tag_trunc", header: "bearssl_aead.h".} -proc eaxCheckTagTrunc*(ctx: ptr EaxContext; tag: pointer; len: int): uint32 {.bearSslFunc, +proc eaxCheckTagTrunc*(ctx: ptr EaxContext; tag: pointer; len: int): uint32 {.bearSslFunc, deprecated, importc: "br_eax_check_tag_trunc", header: "bearssl_aead.h".} var eaxVtable* {.importc: "br_eax_vtable", header: "bearssl_aead.h".}: AeadClass type - CcmContext* {.importc: "br_ccm_context", header: "bearssl_aead.h", bycopy.} = object + CcmContext* {.importc: "br_ccm_context", header: "bearssl_aead.h", bycopy, deprecated.} = object bctx* {.importc: "bctx".}: ptr ptr BlockCtrcbcClass ctr* {.importc: "ctr".}: array[16, cuchar] cbcmac* {.importc: "cbcmac".}: array[16, cuchar] @@ -1677,30 +1314,30 @@ type tagLen* {.importc: "tag_len".}: int -proc ccmInit*(ctx: ptr CcmContext; bctx: ptr ptr BlockCtrcbcClass) {.bearSslFunc, +proc ccmInit*(ctx: ptr CcmContext; bctx: ptr ptr BlockCtrcbcClass) {.bearSslFunc, deprecated, importc: "br_ccm_init", header: "bearssl_aead.h".} proc ccmReset*(ctx: ptr CcmContext; nonce: pointer; nonceLen: int; aadLen: uint64; - dataLen: uint64; tagLen: int): cint {.bearSslFunc, importc: "br_ccm_reset", + dataLen: uint64; tagLen: int): cint {.bearSslFunc, deprecated, importc: "br_ccm_reset", header: "bearssl_aead.h".} -proc ccmAadInject*(ctx: ptr CcmContext; data: pointer; len: int) {.bearSslFunc, +proc ccmAadInject*(ctx: ptr CcmContext; data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_ccm_aad_inject", header: "bearssl_aead.h".} -proc ccmFlip*(ctx: ptr CcmContext) {.bearSslFunc, importc: "br_ccm_flip", +proc ccmFlip*(ctx: ptr CcmContext) {.bearSslFunc, deprecated, importc: "br_ccm_flip", header: "bearssl_aead.h".} -proc ccmRun*(ctx: ptr CcmContext; encrypt: cint; data: pointer; len: int) {.bearSslFunc, +proc ccmRun*(ctx: ptr CcmContext; encrypt: cint; data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_ccm_run", header: "bearssl_aead.h".} -proc ccmGetTag*(ctx: ptr CcmContext; tag: pointer): int {.bearSslFunc, +proc ccmGetTag*(ctx: ptr CcmContext; tag: pointer): int {.bearSslFunc, deprecated, importc: "br_ccm_get_tag", header: "bearssl_aead.h".} -proc ccmCheckTag*(ctx: ptr CcmContext; tag: pointer): uint32 {.bearSslFunc, +proc ccmCheckTag*(ctx: ptr CcmContext; tag: pointer): uint32 {.bearSslFunc, deprecated, importc: "br_ccm_check_tag", header: "bearssl_aead.h".} type - RsaPublicKey* {.importc: "br_rsa_public_key", header: "bearssl_rsa.h", bycopy.} = object + RsaPublicKey* {.importc: "br_rsa_public_key", header: "bearssl_rsa.h", bycopy, deprecated.} = object n* {.importc: "n".}: ptr cuchar nlen* {.importc: "nlen".}: int e* {.importc: "e".}: ptr cuchar @@ -1708,7 +1345,7 @@ type type - RsaPrivateKey* {.importc: "br_rsa_private_key", header: "bearssl_rsa.h", bycopy.} = object + RsaPrivateKey* {.importc: "br_rsa_private_key", header: "bearssl_rsa.h", bycopy, deprecated.} = object nBitlen* {.importc: "n_bitlen".}: uint32 p* {.importc: "p".}: ptr cuchar plen* {.importc: "plen".}: int @@ -1723,17 +1360,17 @@ type type - RsaPublic* = proc (x: ptr cuchar; xlen: int; pk: ptr RsaPublicKey): uint32 {.bearSslFunc.} + RsaPublic* {.deprecated.} = proc (x: ptr cuchar; xlen: int; pk: ptr RsaPublicKey): uint32 {.bearSslFunc.} type - RsaPkcs1Vrfy* = proc (x: ptr cuchar; xlen: int; hashOid: ptr cuchar; hashLen: int; + RsaPkcs1Vrfy* {.deprecated.} = proc (x: ptr cuchar; xlen: int; hashOid: ptr cuchar; hashLen: int; pk: ptr RsaPublicKey; hashOut: ptr cuchar): uint32 {.bearSslFunc.} type - RsaPrivate* = proc (x: ptr cuchar; sk: ptr RsaPrivateKey): uint32 {.bearSslFunc.} + RsaPrivate* {.deprecated.} = proc (x: ptr cuchar; sk: ptr RsaPrivateKey): uint32 {.bearSslFunc.} type - RsaPkcs1Sign* = proc (hashOid: ptr cuchar; hash: ptr cuchar; hashLen: int; + RsaPkcs1Sign* {.deprecated.} = proc (hashOid: ptr cuchar; hash: ptr cuchar; hashLen: int; sk: ptr RsaPrivateKey; x: ptr cuchar): uint32 {.bearSslFunc.} const @@ -1751,156 +1388,156 @@ const const HASH_OID_SHA512* = (("\t`\x86H\x01e\x03\x04\x02\x03")) -proc rsaI32Public*(x: ptr cuchar; xlen: int; pk: ptr RsaPublicKey): uint32 {.bearSslFunc, +proc rsaI32Public*(x: ptr cuchar; xlen: int; pk: ptr RsaPublicKey): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i32_public", header: "bearssl_rsa.h".} proc rsaI32Pkcs1Vrfy*(x: ptr cuchar; xlen: int; hashOid: ptr cuchar; hashLen: int; - pk: ptr RsaPublicKey; hashOut: ptr cuchar): uint32 {.bearSslFunc, + pk: ptr RsaPublicKey; hashOut: ptr cuchar): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i32_pkcs1_vrfy", header: "bearssl_rsa.h".} -proc rsaI32Private*(x: ptr cuchar; sk: ptr RsaPrivateKey): uint32 {.bearSslFunc, +proc rsaI32Private*(x: ptr cuchar; sk: ptr RsaPrivateKey): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i32_private", header: "bearssl_rsa.h".} proc rsaI32Pkcs1Sign*(hashOid: ptr cuchar; hash: ptr cuchar; hashLen: int; - sk: ptr RsaPrivateKey; x: ptr cuchar): uint32 {.bearSslFunc, + sk: ptr RsaPrivateKey; x: ptr cuchar): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i32_pkcs1_sign", header: "bearssl_rsa.h".} -proc rsaI31Public*(x: ptr cuchar; xlen: int; pk: ptr RsaPublicKey): uint32 {.bearSslFunc, +proc rsaI31Public*(x: ptr cuchar; xlen: int; pk: ptr RsaPublicKey): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i31_public", header: "bearssl_rsa.h".} proc rsaI31Pkcs1Vrfy*(x: ptr cuchar; xlen: int; hashOid: ptr cuchar; hashLen: int; - pk: ptr RsaPublicKey; hashOut: ptr cuchar): uint32 {.bearSslFunc, + pk: ptr RsaPublicKey; hashOut: ptr cuchar): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i31_pkcs1_vrfy", header: "bearssl_rsa.h".} -proc rsaI31Private*(x: ptr cuchar; sk: ptr RsaPrivateKey): uint32 {.bearSslFunc, +proc rsaI31Private*(x: ptr cuchar; sk: ptr RsaPrivateKey): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i31_private", header: "bearssl_rsa.h".} proc rsaI31Pkcs1Sign*(hashOid: ptr cuchar; hash: ptr cuchar; hashLen: int; - sk: ptr RsaPrivateKey; x: ptr cuchar): uint32 {.bearSslFunc, + sk: ptr RsaPrivateKey; x: ptr cuchar): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i31_pkcs1_sign", header: "bearssl_rsa.h".} -proc rsaI62Public*(x: ptr cuchar; xlen: int; pk: ptr RsaPublicKey): uint32 {.bearSslFunc, +proc rsaI62Public*(x: ptr cuchar; xlen: int; pk: ptr RsaPublicKey): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i62_public", header: "bearssl_rsa.h".} proc rsaI62Pkcs1Vrfy*(x: ptr cuchar; xlen: int; hashOid: ptr cuchar; hashLen: int; - pk: ptr RsaPublicKey; hashOut: ptr cuchar): uint32 {.bearSslFunc, + pk: ptr RsaPublicKey; hashOut: ptr cuchar): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i62_pkcs1_vrfy", header: "bearssl_rsa.h".} -proc rsaI62Private*(x: ptr cuchar; sk: ptr RsaPrivateKey): uint32 {.bearSslFunc, +proc rsaI62Private*(x: ptr cuchar; sk: ptr RsaPrivateKey): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i62_private", header: "bearssl_rsa.h".} proc rsaI62Pkcs1Sign*(hashOid: ptr cuchar; hash: ptr cuchar; hashLen: int; - sk: ptr RsaPrivateKey; x: ptr cuchar): uint32 {.bearSslFunc, + sk: ptr RsaPrivateKey; x: ptr cuchar): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i62_pkcs1_sign", header: "bearssl_rsa.h".} -proc rsaI62PublicGet*(): RsaPublic {.bearSslFunc, importc: "br_rsa_i62_public_get", +proc rsaI62PublicGet*(): RsaPublic {.bearSslFunc, deprecated, importc: "br_rsa_i62_public_get", header: "bearssl_rsa.h".} -proc rsaI62Pkcs1VrfyGet*(): RsaPkcs1Vrfy {.bearSslFunc, +proc rsaI62Pkcs1VrfyGet*(): RsaPkcs1Vrfy {.bearSslFunc, deprecated, importc: "br_rsa_i62_pkcs1_vrfy_get", header: "bearssl_rsa.h".} -proc rsaI62PrivateGet*(): RsaPrivate {.bearSslFunc, importc: "br_rsa_i62_private_get", +proc rsaI62PrivateGet*(): RsaPrivate {.bearSslFunc, deprecated, importc: "br_rsa_i62_private_get", header: "bearssl_rsa.h".} -proc rsaI62Pkcs1SignGet*(): RsaPkcs1Sign {.bearSslFunc, +proc rsaI62Pkcs1SignGet*(): RsaPkcs1Sign {.bearSslFunc, deprecated, importc: "br_rsa_i62_pkcs1_sign_get", header: "bearssl_rsa.h".} -proc rsaI15Public*(x: ptr cuchar; xlen: int; pk: ptr RsaPublicKey): uint32 {.bearSslFunc, +proc rsaI15Public*(x: ptr cuchar; xlen: int; pk: ptr RsaPublicKey): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i15_public", header: "bearssl_rsa.h".} proc rsaI15Pkcs1Vrfy*(x: ptr cuchar; xlen: int; hashOid: ptr cuchar; hashLen: int; - pk: ptr RsaPublicKey; hashOut: ptr cuchar): uint32 {.bearSslFunc, + pk: ptr RsaPublicKey; hashOut: ptr cuchar): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i15_pkcs1_vrfy", header: "bearssl_rsa.h".} -proc rsaI15Private*(x: ptr cuchar; sk: ptr RsaPrivateKey): uint32 {.bearSslFunc, +proc rsaI15Private*(x: ptr cuchar; sk: ptr RsaPrivateKey): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i15_private", header: "bearssl_rsa.h".} proc rsaI15Pkcs1Sign*(hashOid: ptr cuchar; hash: ptr cuchar; hashLen: int; - sk: ptr RsaPrivateKey; x: ptr cuchar): uint32 {.bearSslFunc, + sk: ptr RsaPrivateKey; x: ptr cuchar): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i15_pkcs1_sign", header: "bearssl_rsa.h".} -proc rsaPublicGetDefault*(): RsaPublic {.bearSslFunc, +proc rsaPublicGetDefault*(): RsaPublic {.bearSslFunc, deprecated, importc: "br_rsa_public_get_default", header: "bearssl_rsa.h".} -proc rsaPrivateGetDefault*(): RsaPrivate {.bearSslFunc, +proc rsaPrivateGetDefault*(): RsaPrivate {.bearSslFunc, deprecated, importc: "br_rsa_private_get_default", header: "bearssl_rsa.h".} -proc rsaPkcs1VrfyGetDefault*(): RsaPkcs1Vrfy {.bearSslFunc, +proc rsaPkcs1VrfyGetDefault*(): RsaPkcs1Vrfy {.bearSslFunc, deprecated, importc: "br_rsa_pkcs1_vrfy_get_default", header: "bearssl_rsa.h".} -proc rsaPkcs1SignGetDefault*(): RsaPkcs1Sign {.bearSslFunc, +proc rsaPkcs1SignGetDefault*(): RsaPkcs1Sign {.bearSslFunc, deprecated, importc: "br_rsa_pkcs1_sign_get_default", header: "bearssl_rsa.h".} proc rsaSslDecrypt*(core: RsaPrivate; sk: ptr RsaPrivateKey; data: ptr cuchar; len: int): uint32 {. - bearSslFunc, importc: "br_rsa_ssl_decrypt", header: "bearssl_rsa.h".} + bearSslFunc, deprecated, importc: "br_rsa_ssl_decrypt", header: "bearssl_rsa.h".} type - RsaPssSign* = proc(rng: ptr ptr PrngClass, + RsaPssSign* {.deprecated.} = proc(rng: ptr ptr PrngClass, hf_data, hf_mgf1: ptr HashClass, hash_value: ptr cuchar, salt_len: int, sk: ptr RsaPrivateKey, x: ptr cuchar): uint32 {.bearSslFunc.} - RsaPssVrfy* = proc(x: ptr cuchar, xlen: int, + RsaPssVrfy* {.deprecated.} = proc(x: ptr cuchar, xlen: int, hf_data, hf_mgf1: ptr HashClass, hash: ptr cuchar, salt_len: int, pk: ptr RsaPublicKey): uint32 {.bearSslFunc.} -proc rsaPssSignGetDefault*(): RsaPssSign {.bearSslFunc, +proc rsaPssSignGetDefault*(): RsaPssSign {.bearSslFunc, deprecated, importc: "br_rsa_pss_sign_get_default", header: "bearssl_rsa.h".} -proc rsaPssVrfyGetDefault*(): RsaPssVrfy {.bearSslFunc, +proc rsaPssVrfyGetDefault*(): RsaPssVrfy {.bearSslFunc, deprecated, importc: "br_rsa_pss_vrfy_get_default", header: "bearssl_rsa.h".} proc rsaI15PssSign*(rng: ptr ptr PrngClass, hf_data, hf_mgf1: ptr HashClass, hash_value: ptr cuchar, salt_len: int, - sk: ptr RsaPrivateKey, x: ptr cuchar): uint32 {.bearSslFunc, + sk: ptr RsaPrivateKey, x: ptr cuchar): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i15_pss_sign", header: "bearssl_rsa.h".} proc rsaI15PssVrfy*(x: ptr cuchar, xlen: int, hf_data, hf_mgf1: ptr HashClass, hash: ptr cuchar, salt_len: int, - pk: ptr RsaPublicKey): uint32 {.bearSslFunc, + pk: ptr RsaPublicKey): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i15_pss_vrfy", header: "bearssl_rsa.h".} proc rsaI31PssSign*(rng: ptr ptr PrngClass, hf_data, hf_mgf1: ptr HashClass, hash_value: ptr cuchar, salt_len: int, - sk: ptr RsaPrivateKey, x: ptr cuchar): uint32 {.bearSslFunc, + sk: ptr RsaPrivateKey, x: ptr cuchar): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i31_pss_sign", header: "bearssl_rsa.h".} proc rsaI31PssVrfy*(x: ptr cuchar, xlen: int, hf_data, hf_mgf1: ptr HashClass, hash: ptr cuchar, salt_len: int, - pk: ptr RsaPublicKey): uint32 {.bearSslFunc, + pk: ptr RsaPublicKey): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i31_pss_vrfy", header: "bearssl_rsa.h".} proc rsaI32PssSign*(rng: ptr ptr PrngClass, hf_data, hf_mgf1: ptr HashClass, hash_value: ptr cuchar, salt_len: int, - sk: ptr RsaPrivateKey, x: ptr cuchar): uint32 {.bearSslFunc, + sk: ptr RsaPrivateKey, x: ptr cuchar): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i32_pss_sign", header: "bearssl_rsa.h".} proc rsaI32PssVrfy*(x: ptr cuchar, xlen: int, hf_data, hf_mgf1: ptr HashClass, hash: ptr cuchar, salt_len: int, - pk: ptr RsaPublicKey): uint32 {.bearSslFunc, + pk: ptr RsaPublicKey): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i32_pss_vrfy", header: "bearssl_rsa.h".} proc rsaI62PssSign*(rng: ptr ptr PrngClass, hf_data, hf_mgf1: ptr HashClass, hash_value: ptr cuchar, salt_len: int, - sk: ptr RsaPrivateKey, x: ptr cuchar): uint32 {.bearSslFunc, + sk: ptr RsaPrivateKey, x: ptr cuchar): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i62_pss_sign", header: "bearssl_rsa.h".} proc rsaI62PssVrfy*(x: ptr cuchar, xlen: int, hf_data, hf_mgf1: ptr HashClass, hash: ptr cuchar, salt_len: int, - pk: ptr RsaPublicKey): uint32 {.bearSslFunc, + pk: ptr RsaPublicKey): uint32 {.bearSslFunc, deprecated, importc: "br_rsa_i62_pss_vrfy", header: "bearssl_rsa.h".} const @@ -1994,21 +1631,21 @@ const EC_curve448* = 30 type - EcPublicKey* {.importc: "br_ec_public_key", header: "bearssl_ec.h", bycopy.} = object + EcPublicKey* {.importc: "br_ec_public_key", header: "bearssl_ec.h", bycopy, deprecated.} = object curve* {.importc: "curve".}: cint q* {.importc: "q".}: ptr cuchar qlen* {.importc: "qlen".}: int type - EcPrivateKey* {.importc: "br_ec_private_key", header: "bearssl_ec.h", bycopy.} = object + EcPrivateKey* {.importc: "br_ec_private_key", header: "bearssl_ec.h", bycopy, deprecated.} = object curve* {.importc: "curve".}: cint x* {.importc: "x".}: ptr cuchar xlen* {.importc: "xlen".}: int type - EcImpl* {.importc: "br_ec_impl", header: "bearssl_ec.h", bycopy.} = object + EcImpl* {.importc: "br_ec_impl", header: "bearssl_ec.h", bycopy, deprecated.} = object supportedCurves* {.importc: "supported_curves".}: uint32 generator* {.importc: "generator".}: proc (curve: cint; len: ptr int): ptr cuchar {.bearSslFunc.} order* {.importc: "order".}: proc (curve: cint; len: ptr int): ptr cuchar {.bearSslFunc.} @@ -2042,65 +1679,65 @@ var ecAllM15* {.importc: "br_ec_all_m15", header: "bearssl_ec.h".}: EcImpl var ecAllM31* {.importc: "br_ec_all_m31", header: "bearssl_ec.h".}: EcImpl -proc ecGetDefault*(): ptr EcImpl {.bearSslFunc, importc: "br_ec_get_default", +proc ecGetDefault*(): ptr EcImpl {.bearSslFunc, deprecated, importc: "br_ec_get_default", header: "bearssl_ec.h".} -proc ecdsaRawToAsn1*(sig: pointer; sigLen: int): int {.bearSslFunc, +proc ecdsaRawToAsn1*(sig: pointer; sigLen: int): int {.bearSslFunc, deprecated, importc: "br_ecdsa_raw_to_asn1", header: "bearssl_ec.h".} -proc ecdsaAsn1ToRaw*(sig: pointer; sigLen: int): int {.bearSslFunc, +proc ecdsaAsn1ToRaw*(sig: pointer; sigLen: int): int {.bearSslFunc, deprecated, importc: "br_ecdsa_asn1_to_raw", header: "bearssl_ec.h".} type - EcdsaSign* = proc (impl: ptr EcImpl; hf: ptr HashClass; hashValue: pointer; + EcdsaSign* {.deprecated.} = proc (impl: ptr EcImpl; hf: ptr HashClass; hashValue: pointer; sk: ptr EcPrivateKey; sig: pointer): int {.bearSslFunc.} type - EcdsaVrfy* = proc (impl: ptr EcImpl; hash: pointer; hashLen: int; pk: ptr EcPublicKey; + EcdsaVrfy* {.deprecated.} = proc (impl: ptr EcImpl; hash: pointer; hashLen: int; pk: ptr EcPublicKey; sig: pointer; sigLen: int): uint32 {.bearSslFunc.} proc ecdsaI31SignAsn1*(impl: ptr EcImpl; hf: ptr HashClass; hashValue: pointer; - sk: ptr EcPrivateKey; sig: pointer): int {.bearSslFunc, + sk: ptr EcPrivateKey; sig: pointer): int {.bearSslFunc, deprecated, importc: "br_ecdsa_i31_sign_asn1", header: "bearssl_ec.h".} proc ecdsaI31SignRaw*(impl: ptr EcImpl; hf: ptr HashClass; hashValue: pointer; - sk: ptr EcPrivateKey; sig: pointer): int {.bearSslFunc, + sk: ptr EcPrivateKey; sig: pointer): int {.bearSslFunc, deprecated, importc: "br_ecdsa_i31_sign_raw", header: "bearssl_ec.h".} proc ecdsaI31VrfyAsn1*(impl: ptr EcImpl; hash: pointer; hashLen: int; pk: ptr EcPublicKey; sig: pointer; sigLen: int): uint32 {. - bearSslFunc, importc: "br_ecdsa_i31_vrfy_asn1", header: "bearssl_ec.h".} + bearSslFunc, deprecated, importc: "br_ecdsa_i31_vrfy_asn1", header: "bearssl_ec.h".} proc ecdsaI31VrfyRaw*(impl: ptr EcImpl; hash: pointer; hashLen: int; - pk: ptr EcPublicKey; sig: pointer; sigLen: int): uint32 {.bearSslFunc, + pk: ptr EcPublicKey; sig: pointer; sigLen: int): uint32 {.bearSslFunc, deprecated, importc: "br_ecdsa_i31_vrfy_raw", header: "bearssl_ec.h".} proc ecdsaI15SignAsn1*(impl: ptr EcImpl; hf: ptr HashClass; hashValue: pointer; - sk: ptr EcPrivateKey; sig: pointer): int {.bearSslFunc, + sk: ptr EcPrivateKey; sig: pointer): int {.bearSslFunc, deprecated, importc: "br_ecdsa_i15_sign_asn1", header: "bearssl_ec.h".} proc ecdsaI15SignRaw*(impl: ptr EcImpl; hf: ptr HashClass; hashValue: pointer; - sk: ptr EcPrivateKey; sig: pointer): int {.bearSslFunc, + sk: ptr EcPrivateKey; sig: pointer): int {.bearSslFunc, deprecated, importc: "br_ecdsa_i15_sign_raw", header: "bearssl_ec.h".} proc ecdsaI15VrfyAsn1*(impl: ptr EcImpl; hash: pointer; hashLen: int; pk: ptr EcPublicKey; sig: pointer; sigLen: int): uint32 {. - bearSslFunc, importc: "br_ecdsa_i15_vrfy_asn1", header: "bearssl_ec.h".} + bearSslFunc, deprecated, importc: "br_ecdsa_i15_vrfy_asn1", header: "bearssl_ec.h".} proc ecdsaI15VrfyRaw*(impl: ptr EcImpl; hash: pointer; hashLen: int; - pk: ptr EcPublicKey; sig: pointer; sigLen: int): uint32 {.bearSslFunc, + pk: ptr EcPublicKey; sig: pointer; sigLen: int): uint32 {.bearSslFunc, deprecated, importc: "br_ecdsa_i15_vrfy_raw", header: "bearssl_ec.h".} -proc ecdsaSignAsn1GetDefault*(): EcdsaSign {.bearSslFunc, +proc ecdsaSignAsn1GetDefault*(): EcdsaSign {.bearSslFunc, deprecated, importc: "br_ecdsa_sign_asn1_get_default", header: "bearssl_ec.h".} -proc ecdsaSignRawGetDefault*(): EcdsaSign {.bearSslFunc, +proc ecdsaSignRawGetDefault*(): EcdsaSign {.bearSslFunc, deprecated, importc: "br_ecdsa_sign_raw_get_default", header: "bearssl_ec.h".} -proc ecdsaVrfyAsn1GetDefault*(): EcdsaVrfy {.bearSslFunc, +proc ecdsaVrfyAsn1GetDefault*(): EcdsaVrfy {.bearSslFunc, deprecated, importc: "br_ecdsa_vrfy_asn1_get_default", header: "bearssl_ec.h".} -proc ecdsaVrfyRawGetDefault*(): EcdsaVrfy {.bearSslFunc, +proc ecdsaVrfyRawGetDefault*(): EcdsaVrfy {.bearSslFunc, deprecated, importc: "br_ecdsa_vrfy_raw_get_default", header: "bearssl_ec.h".} const @@ -2199,13 +1836,13 @@ type rsa* {.importc: "rsa".}: RsaPublicKey ec* {.importc: "ec".}: EcPublicKey - X509Pkey* {.importc: "br_x509_pkey", header: "bearssl_x509.h", bycopy.} = object + X509Pkey* {.importc: "br_x509_pkey", header: "bearssl_x509.h", bycopy, deprecated.} = object keyType* {.importc: "key_type".}: cuchar key* {.importc: "key".}: INNER_C_UNION_2211491720 type - X500Name* {.importc: "br_x500_name", header: "bearssl_x509.h", bycopy.} = object + X500Name* {.importc: "br_x500_name", header: "bearssl_x509.h", bycopy, deprecated.} = object data* {.importc: "data".}: ptr cuchar len* {.importc: "len".}: int @@ -2234,7 +1871,7 @@ const KEYTYPE_SIGN* = 0x00000020 type - X509Class* {.importc: "br_x509_class", header: "bearssl_x509.h", bycopy.} = object + X509Class* {.importc: "br_x509_class", header: "bearssl_x509.h", bycopy, deprecated.} = object contextSize* {.importc: "context_size".}: int startChain* {.importc: "start_chain".}: proc (ctx: ptr ptr X509Class; serverName: cstring) {.bearSslFunc.} @@ -2249,7 +1886,7 @@ type type X509KnownkeyContext* {.importc: "br_x509_knownkey_context", - header: "bearssl_x509.h", bycopy.} = object + header: "bearssl_x509.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr X509Class pkey* {.importc: "pkey".}: X509Pkey usages* {.importc: "usages".}: cuint @@ -2259,12 +1896,12 @@ var x509KnownkeyVtable* {.importc: "br_x509_knownkey_vtable", header: "bearssl_x509.h".}: X509Class proc x509KnownkeyInitRsa*(ctx: ptr X509KnownkeyContext; pk: ptr RsaPublicKey; - usages: cuint) {.bearSslFunc, + usages: cuint) {.bearSslFunc, deprecated, importc: "br_x509_knownkey_init_rsa", header: "bearssl_x509.h".} proc x509KnownkeyInitEc*(ctx: ptr X509KnownkeyContext; pk: ptr EcPublicKey; - usages: cuint) {.bearSslFunc, + usages: cuint) {.bearSslFunc, deprecated, importc: "br_x509_knownkey_init_ec", header: "bearssl_x509.h".} @@ -2273,7 +1910,7 @@ const X509_BUFSIZE_SIG* = 512 type - NameElement* {.importc: "br_name_element", header: "bearssl_x509.h", bycopy.} = object + NameElement* {.importc: "br_name_element", header: "bearssl_x509.h", bycopy, deprecated.} = object oid* {.importc: "oid".}: ptr cuchar buf* {.importc: "buf".}: cstring len* {.importc: "len".}: int @@ -2281,13 +1918,13 @@ type type - INNER_C_STRUCT_573696436* {.importc: "no_name", header: "bearssl_x509.h", bycopy.} = object + INNER_C_STRUCT_573696436* {.importc: "no_name", header: "bearssl_x509.h", bycopy, deprecated.} = object dp* {.importc: "dp".}: ptr uint32 rp* {.importc: "rp".}: ptr uint32 ip* {.importc: "ip".}: ptr cuchar X509MinimalContext* {.importc: "br_x509_minimal_context", - header: "bearssl_x509.h", bycopy.} = object + header: "bearssl_x509.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr X509Class pkey* {.importc: "pkey".}: X509Pkey cpu* {.importc: "cpu".}: INNER_C_STRUCT_573696436 @@ -2333,24 +1970,24 @@ var x509MinimalVtable* {.importc: "br_x509_minimal_vtable", header: "bearssl_x50 proc x509MinimalInit*(ctx: ptr X509MinimalContext; dnHashImpl: ptr HashClass; trustAnchors: ptr X509TrustAnchor; trustAnchorsNum: int) {. - bearSslFunc, importc: "br_x509_minimal_init", header: "bearssl_x509.h".} + bearSslFunc, deprecated, importc: "br_x509_minimal_init", header: "bearssl_x509.h".} proc x509MinimalSetHash*(ctx: ptr X509MinimalContext; id: cint; impl: ptr HashClass) {. inline.} = multihashSetimpl(addr(ctx.mhash), id, impl) proc x509MinimalSetRsa*(ctx: ptr X509MinimalContext; irsa: RsaPkcs1Vrfy) {.inline, - bearSslFunc.} = + bearSslFunc, deprecated.} = ctx.irsa = irsa proc x509MinimalSetEcdsa*(ctx: ptr X509MinimalContext; iec: ptr EcImpl; - iecdsa: EcdsaVrfy) {.inline.} = + iecdsa: EcdsaVrfy) {.inline, deprecated.} = ctx.iecdsa = iecdsa ctx.iec = iec proc x509MinimalInitFull*(ctx: ptr X509MinimalContext; trustAnchors: ptr X509TrustAnchor; trustAnchorsNum: int) {. - bearSslFunc, importc: "br_x509_minimal_init_full", header: "bearssl_x509.h".} + bearSslFunc, deprecated, importc: "br_x509_minimal_init_full", header: "bearssl_x509.h".} proc x509MinimalSetTime*(ctx: ptr X509MinimalContext; days: uint32; seconds: uint32) {. inline.} = @@ -2358,22 +1995,22 @@ proc x509MinimalSetTime*(ctx: ptr X509MinimalContext; days: uint32; seconds: uin ctx.seconds = seconds proc x509MinimalSetMinrsa*(ctx: ptr X509MinimalContext; byteLength: cint) {.inline, - bearSslFunc.} = + bearSslFunc, deprecated.} = ctx.minRsaSize = (int16)(byteLength - 128) proc x509MinimalSetNameElements*(ctx: ptr X509MinimalContext; elts: ptr NameElement; - numElts: int) {.inline.} = + numElts: int) {.inline, deprecated.} = ctx.nameElts = elts ctx.numNameElts = numElts type - INNER_C_STRUCT_161597942* {.importc: "no_name", header: "bearssl_x509.h", bycopy.} = object + INNER_C_STRUCT_161597942* {.importc: "no_name", header: "bearssl_x509.h", bycopy, deprecated.} = object dp* {.importc: "dp".}: ptr uint32 rp* {.importc: "rp".}: ptr uint32 ip* {.importc: "ip".}: ptr cuchar X509DecoderContext* {.importc: "br_x509_decoder_context", - header: "bearssl_x509.h", bycopy.} = object + header: "bearssl_x509.h", bycopy, deprecated.} = object pkey* {.importc: "pkey".}: X509Pkey cpu* {.importc: "cpu".}: INNER_C_STRUCT_161597942 dpStack* {.importc: "dp_stack".}: array[32, uint32] @@ -2398,36 +2035,36 @@ type proc x509DecoderInit*(ctx: ptr X509DecoderContext; appendDn: proc (ctx: pointer; - buf: pointer; len: int) {.bearSslFunc.}; appendDnCtx: pointer) {.bearSslFunc, + buf: pointer; len: int) {.bearSslFunc.}; appendDnCtx: pointer) {.bearSslFunc, deprecated, importc: "br_x509_decoder_init", header: "bearssl_x509.h".} -proc x509DecoderPush*(ctx: ptr X509DecoderContext; data: pointer; len: int) {.bearSslFunc, +proc x509DecoderPush*(ctx: ptr X509DecoderContext; data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_x509_decoder_push", header: "bearssl_x509.h".} -proc x509DecoderGetPkey*(ctx: ptr X509DecoderContext): ptr X509Pkey {.inline.} = +proc x509DecoderGetPkey*(ctx: ptr X509DecoderContext): ptr X509Pkey {.inline, deprecated.} = if ctx.decoded and ctx.err == 0: return addr(ctx.pkey) else: return nil -proc x509DecoderLastError*(ctx: ptr X509DecoderContext): cint {.inline.} = +proc x509DecoderLastError*(ctx: ptr X509DecoderContext): cint {.inline, deprecated.} = if ctx.err != 0: return ctx.err if not ctx.decoded: return ERR_X509_TRUNCATED return 0 -proc x509DecoderIsCA*(ctx: ptr X509DecoderContext): cint {.inline.} = +proc x509DecoderIsCA*(ctx: ptr X509DecoderContext): cint {.inline, deprecated.} = return cint ctx.isCA -proc x509DecoderGetSignerKeyType*(ctx: ptr X509DecoderContext): cint {.inline.} = +proc x509DecoderGetSignerKeyType*(ctx: ptr X509DecoderContext): cint {.inline, deprecated.} = return cint ctx.signerKeyType -proc x509DecoderGetSignerHashId*(ctx: ptr X509DecoderContext): cint {.inline.} = +proc x509DecoderGetSignerHashId*(ctx: ptr X509DecoderContext): cint {.inline, deprecated.} = return cint ctx.signerHashId type - X509Certificate* {.importc: "br_x509_certificate", header: "bearssl_x509.h", bycopy.} = object + X509Certificate* {.importc: "br_x509_certificate", header: "bearssl_x509.h", bycopy, deprecated.} = object data* {.importc: "data".}: ptr cuchar dataLen* {.importc: "data_len".}: int @@ -2445,7 +2082,7 @@ type ip* {.importc: "ip".}: ptr cuchar SkeyDecoderContext* {.importc: "br_skey_decoder_context", - header: "bearssl_x509.h", bycopy.} = object + header: "bearssl_x509.h", bycopy, deprecated.} = object key* {.importc: "key".}: INNER_C_UNION_3754611343 cpu* {.importc: "cpu".}: INNER_C_STRUCT_3633027466 dpStack* {.importc: "dp_stack".}: array[32, uint32] @@ -2458,20 +2095,20 @@ type keyData* {.importc: "key_data".}: array[3 * X509_BUFSIZE_SIG, cuchar] -proc skeyDecoderInit*(ctx: ptr SkeyDecoderContext) {.bearSslFunc, +proc skeyDecoderInit*(ctx: ptr SkeyDecoderContext) {.bearSslFunc, deprecated, importc: "br_skey_decoder_init", header: "bearssl_x509.h".} -proc skeyDecoderPush*(ctx: ptr SkeyDecoderContext; data: pointer; len: int) {.bearSslFunc, +proc skeyDecoderPush*(ctx: ptr SkeyDecoderContext; data: pointer; len: int) {.bearSslFunc, deprecated, importc: "br_skey_decoder_push", header: "bearssl_x509.h".} -proc skeyDecoderLastError*(ctx: ptr SkeyDecoderContext): cint {.inline.} = +proc skeyDecoderLastError*(ctx: ptr SkeyDecoderContext): cint {.inline, deprecated.} = if ctx.err != 0: return ctx.err if ctx.keyType == '\0'.cuchar: return ERR_X509_TRUNCATED return 0 -proc skeyDecoderKeyType*(ctx: ptr SkeyDecoderContext): cint {.inline.} = +proc skeyDecoderKeyType*(ctx: ptr SkeyDecoderContext): cint {.inline, deprecated.} = if ctx.err == 0: return cint ctx.keyType else: @@ -2598,7 +2235,7 @@ const ERR_SEND_FATAL_ALERT* = 512 type - SslrecInClass* {.importc: "br_sslrec_in_class", header: "bearssl_ssl.h", bycopy.} = object + SslrecInClass* {.importc: "br_sslrec_in_class", header: "bearssl_ssl.h", bycopy, deprecated.} = object contextSize* {.importc: "context_size".}: int checkLength* {.importc: "check_length".}: proc (ctx: ptr ptr SslrecInClass; recordLen: int): cint {.bearSslFunc.} @@ -2607,7 +2244,7 @@ type len: ptr int): ptr cuchar {.bearSslFunc.} type - SslrecOutClass* {.importc: "br_sslrec_out_class", header: "bearssl_ssl.h", bycopy.} = object + SslrecOutClass* {.importc: "br_sslrec_out_class", header: "bearssl_ssl.h", bycopy, deprecated.} = object contextSize* {.importc: "context_size".}: int maxPlaintext* {.importc: "max_plaintext".}: proc (ctx: ptr ptr SslrecOutClass; start: ptr int; `end`: ptr int) {.bearSslFunc.} @@ -2618,7 +2255,7 @@ type type SslrecOutClearContext* {.importc: "br_sslrec_out_clear_context", - header: "bearssl_ssl.h", bycopy.} = object + header: "bearssl_ssl.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr SslrecOutClass @@ -2637,7 +2274,7 @@ type type SslrecOutCbcClass* {.importc: "br_sslrec_out_cbc_class", - header: "bearssl_ssl.h", bycopy.} = object + header: "bearssl_ssl.h", bycopy, deprecated.} = object inner* {.importc: "inner".}: SslrecOutClass init* {.importc: "init".}: proc (ctx: ptr ptr SslrecOutCbcClass; bcImpl: ptr BlockCbcencClass; bcKey: pointer; @@ -2653,7 +2290,7 @@ type des* {.importc: "des".}: DesGenCbcdecKeys SslrecInCbcContext* {.importc: "br_sslrec_in_cbc_context", - header: "bearssl_ssl.h", bycopy.} = object + header: "bearssl_ssl.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr SslrecInCbcClass seq* {.importc: "seq".}: uint64 bc* {.importc: "bc".}: INNER_C_UNION_2105460304 @@ -2673,7 +2310,7 @@ type des* {.importc: "des".}: DesGenCbcencKeys SslrecOutCbcContext* {.importc: "br_sslrec_out_cbc_context", - header: "bearssl_ssl.h", bycopy.} = object + header: "bearssl_ssl.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr SslrecOutCbcClass seq* {.importc: "seq".}: uint64 bc* {.importc: "bc".}: INNER_C_UNION_3724465237 @@ -2696,7 +2333,7 @@ type type SslrecOutGcmClass* {.importc: "br_sslrec_out_gcm_class", - header: "bearssl_ssl.h", bycopy.} = object + header: "bearssl_ssl.h", bycopy, deprecated.} = object inner* {.importc: "inner".}: SslrecOutClass init* {.importc: "init".}: proc (ctx: ptr ptr SslrecOutGcmClass; bcImpl: ptr BlockCtrClass; key: pointer; @@ -2731,7 +2368,7 @@ var sslrecOutGcmVtable* {.importc: "br_sslrec_out_gcm_vtable", type SslrecInChapolClass* {.importc: "br_sslrec_in_chapol_class", - header: "bearssl_ssl.h", bycopy.} = object + header: "bearssl_ssl.h", bycopy, deprecated.} = object inner* {.importc: "inner".}: SslrecInClass init* {.importc: "init".}: proc (ctx: ptr ptr SslrecInChapolClass; ichacha: Chacha20Run; ipoly: Poly1305Run; @@ -2739,7 +2376,7 @@ type type SslrecOutChapolClass* {.importc: "br_sslrec_out_chapol_class", - header: "bearssl_ssl.h", bycopy.} = object + header: "bearssl_ssl.h", bycopy, deprecated.} = object inner* {.importc: "inner".}: SslrecOutClass init* {.importc: "init".}: proc (ctx: ptr ptr SslrecOutChapolClass; ichacha: Chacha20Run; ipoly: Poly1305Run; @@ -2753,7 +2390,7 @@ type `out`* {.importc: "out".}: ptr SslrecOutChapolClass SslrecChapolContext* {.importc: "br_sslrec_chapol_context", - header: "bearssl_ssl.h", bycopy.} = object + header: "bearssl_ssl.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: INNER_C_UNION_1683842004 seq* {.importc: "seq".}: uint64 key* {.importc: "key".}: array[32, cuchar] @@ -2770,7 +2407,7 @@ var sslrecOutChapolVtable* {.importc: "br_sslrec_out_chapol_vtable", type SslSessionParameters* {.importc: "br_ssl_session_parameters", - header: "bearssl_ssl.h", bycopy.} = object + header: "bearssl_ssl.h", bycopy, deprecated.} = object sessionId* {.importc: "session_id".}: array[32, cuchar] sessionIdLen* {.importc: "session_id_len".}: byte version* {.importc: "version".}: uint16 @@ -2797,7 +2434,7 @@ type gcm* {.importc: "gcm".}: SslrecGcmContext chapol* {.importc: "chapol".}: SslrecChapolContext - INNER_C_STRUCT_671658464* {.importc: "no_name", header: "bearssl_ssl.h", bycopy.} = object + INNER_C_STRUCT_671658464* {.importc: "no_name", header: "bearssl_ssl.h", bycopy, deprecated.} = object dp* {.importc: "dp".}: ptr uint32 rp* {.importc: "rp".}: ptr uint32 ip* {.importc: "ip".}: ptr cuchar @@ -2889,16 +2526,16 @@ type iecdsa* {.importc: "iecdsa".}: EcdsaVrfy -proc sslEngineGetFlags*(cc: ptr SslEngineContext): uint32 {.inline.} = +proc sslEngineGetFlags*(cc: ptr SslEngineContext): uint32 {.inline, deprecated.} = return cc.flags -proc sslEngineSetAllFlags*(cc: ptr SslEngineContext; flags: uint32) {.inline.} = +proc sslEngineSetAllFlags*(cc: ptr SslEngineContext; flags: uint32) {.inline, deprecated.} = cc.flags = flags -proc sslEngineAddFlags*(cc: ptr SslEngineContext; flags: uint32) {.inline.} = +proc sslEngineAddFlags*(cc: ptr SslEngineContext; flags: uint32) {.inline, deprecated.} = cc.flags = cc.flags or flags -proc sslEngineRemoveFlags*(cc: ptr SslEngineContext; flags: uint32) {.inline.} = +proc sslEngineRemoveFlags*(cc: ptr SslEngineContext; flags: uint32) {.inline, deprecated.} = cc.flags = cc.flags and not flags const @@ -2914,24 +2551,24 @@ const OPT_FAIL_ON_ALPN_MISMATCH* = (1'u32 shl 3) proc sslEngineSetVersions*(cc: ptr SslEngineContext; versionMin: uint16; - versionMax: uint16) {.inline.} = + versionMax: uint16) {.inline, deprecated.} = cc.versionMin = versionMin cc.versionMax = versionMax proc sslEngineSetSuites*(cc: ptr SslEngineContext; suites: ptr uint16; - suitesNum: int) {.bearSslFunc, + suitesNum: int) {.bearSslFunc, deprecated, importc: "br_ssl_engine_set_suites", header: "bearssl_ssl.h".} proc sslEngineSetX509*(cc: ptr SslEngineContext; x509ctx: ptr ptr X509Class) {.inline, - bearSslFunc.} = + bearSslFunc, deprecated.} = cc.x509ctx = x509ctx proc sslEngineSetProtocolNames*(ctx: ptr SslEngineContext; names: cstringArray; - num: int) {.inline.} = + num: int) {.inline, deprecated.} = ctx.protocolNames = names ctx.protocolNamesNum = uint16 num -proc sslEngineGetSelectedProtocol*(ctx: ptr SslEngineContext): cstring {.inline.} = +proc sslEngineGetSelectedProtocol*(ctx: ptr SslEngineContext): cstring {.inline, deprecated.} = var k: cuint k = ctx.selectedProtocol return if (k == 0 or k == 0x0000FFFF): nil else: ctx.protocolNames[k - 1] @@ -2941,127 +2578,127 @@ proc sslEngineSetHash*(ctx: ptr SslEngineContext; id: cint; impl: ptr HashClass) multihashSetimpl(addr(ctx.mhash), id, impl) proc sslEngineGetHash*(ctx: ptr SslEngineContext; id: cint): ptr HashClass {.inline, - bearSslFunc.} = + bearSslFunc, deprecated.} = return multihashGetimpl(addr(ctx.mhash), id) -proc sslEngineSetPrf10*(cc: ptr SslEngineContext; impl: TlsPrfImpl) {.inline.} = +proc sslEngineSetPrf10*(cc: ptr SslEngineContext; impl: TlsPrfImpl) {.inline, deprecated.} = cc.prf10 = impl -proc sslEngineSetPrfSha256*(cc: ptr SslEngineContext; impl: TlsPrfImpl) {.inline.} = +proc sslEngineSetPrfSha256*(cc: ptr SslEngineContext; impl: TlsPrfImpl) {.inline, deprecated.} = cc.prfSha256 = impl -proc sslEngineSetPrfSha384*(cc: ptr SslEngineContext; impl: TlsPrfImpl) {.inline.} = +proc sslEngineSetPrfSha384*(cc: ptr SslEngineContext; impl: TlsPrfImpl) {.inline, deprecated.} = cc.prfSha384 = impl proc sslEngineSetAesCbc*(cc: ptr SslEngineContext; implEnc: ptr BlockCbcencClass; - implDec: ptr BlockCbcdecClass) {.inline.} = + implDec: ptr BlockCbcdecClass) {.inline, deprecated.} = cc.iaesCbcenc = implEnc cc.iaesCbcdec = implDec -proc sslEngineSetDefaultAesCbc*(cc: ptr SslEngineContext) {.bearSslFunc, +proc sslEngineSetDefaultAesCbc*(cc: ptr SslEngineContext) {.bearSslFunc, deprecated, importc: "br_ssl_engine_set_default_aes_cbc", header: "bearssl_ssl.h".} proc sslEngineSetAesCtr*(cc: ptr SslEngineContext; impl: ptr BlockCtrClass) {.inline, - bearSslFunc.} = + bearSslFunc, deprecated.} = cc.iaesCtr = impl -proc sslEngineSetDefaultAesGcm*(cc: ptr SslEngineContext) {.bearSslFunc, +proc sslEngineSetDefaultAesGcm*(cc: ptr SslEngineContext) {.bearSslFunc, deprecated, importc: "br_ssl_engine_set_default_aes_gcm", header: "bearssl_ssl.h".} proc sslEngineSetDesCbc*(cc: ptr SslEngineContext; implEnc: ptr BlockCbcencClass; - implDec: ptr BlockCbcdecClass) {.inline.} = + implDec: ptr BlockCbcdecClass) {.inline, deprecated.} = cc.idesCbcenc = implEnc cc.idesCbcdec = implDec -proc sslEngineSetDefaultDesCbc*(cc: ptr SslEngineContext) {.bearSslFunc, +proc sslEngineSetDefaultDesCbc*(cc: ptr SslEngineContext) {.bearSslFunc, deprecated, importc: "br_ssl_engine_set_default_des_cbc", header: "bearssl_ssl.h".} -proc sslEngineSetGhash*(cc: ptr SslEngineContext; impl: Ghash) {.inline.} = +proc sslEngineSetGhash*(cc: ptr SslEngineContext; impl: Ghash) {.inline, deprecated.} = cc.ighash = impl proc sslEngineSetChacha20*(cc: ptr SslEngineContext; ichacha: Chacha20Run) {.inline, - bearSslFunc.} = + bearSslFunc, deprecated.} = cc.ichacha = ichacha proc sslEngineSetPoly1305*(cc: ptr SslEngineContext; ipoly: Poly1305Run) {.inline, - bearSslFunc.} = + bearSslFunc, deprecated.} = cc.ipoly = ipoly -proc sslEngineSetDefaultChapol*(cc: ptr SslEngineContext) {.bearSslFunc, +proc sslEngineSetDefaultChapol*(cc: ptr SslEngineContext) {.bearSslFunc, deprecated, importc: "br_ssl_engine_set_default_chapol", header: "bearssl_ssl.h".} proc sslEngineSetCbc*(cc: ptr SslEngineContext; implIn: ptr SslrecInCbcClass; - implOut: ptr SslrecOutCbcClass) {.inline.} = + implOut: ptr SslrecOutCbcClass) {.inline, deprecated.} = cc.icbcIn = implIn cc.icbcOut = implOut proc sslEngineSetGcm*(cc: ptr SslEngineContext; implIn: ptr SslrecInGcmClass; - implOut: ptr SslrecOutGcmClass) {.inline.} = + implOut: ptr SslrecOutGcmClass) {.inline, deprecated.} = cc.igcmIn = implIn cc.igcmOut = implOut proc sslEngineSetChapol*(cc: ptr SslEngineContext; implIn: ptr SslrecInChapolClass; - implOut: ptr SslrecOutChapolClass) {.inline.} = + implOut: ptr SslrecOutChapolClass) {.inline, deprecated.} = cc.ichapolIn = implIn cc.ichapolOut = implOut -proc sslEngineSetEc*(cc: ptr SslEngineContext; iec: ptr EcImpl) {.inline.} = +proc sslEngineSetEc*(cc: ptr SslEngineContext; iec: ptr EcImpl) {.inline, deprecated.} = cc.iec = iec -proc sslEngineSetDefaultEc*(cc: ptr SslEngineContext) {.bearSslFunc, +proc sslEngineSetDefaultEc*(cc: ptr SslEngineContext) {.bearSslFunc, deprecated, importc: "br_ssl_engine_set_default_ec", header: "bearssl_ssl.h".} -proc sslEngineGetEc*(cc: ptr SslEngineContext): ptr EcImpl {.inline.} = +proc sslEngineGetEc*(cc: ptr SslEngineContext): ptr EcImpl {.inline, deprecated.} = return cc.iec proc sslEngineSetRsavrfy*(cc: ptr SslEngineContext; irsavrfy: RsaPkcs1Vrfy) {.inline, - bearSslFunc.} = + bearSslFunc, deprecated.} = cc.irsavrfy = irsavrfy -proc sslEngineSetDefaultRsavrfy*(cc: ptr SslEngineContext) {.bearSslFunc, +proc sslEngineSetDefaultRsavrfy*(cc: ptr SslEngineContext) {.bearSslFunc, deprecated, importc: "br_ssl_engine_set_default_rsavrfy", header: "bearssl_ssl.h".} -proc sslEngineGetRsavrfy*(cc: ptr SslEngineContext): RsaPkcs1Vrfy {.inline.} = +proc sslEngineGetRsavrfy*(cc: ptr SslEngineContext): RsaPkcs1Vrfy {.inline, deprecated.} = return cc.irsavrfy -proc sslEngineSetEcdsa*(cc: ptr SslEngineContext; iecdsa: EcdsaVrfy) {.inline.} = +proc sslEngineSetEcdsa*(cc: ptr SslEngineContext; iecdsa: EcdsaVrfy) {.inline, deprecated.} = cc.iecdsa = iecdsa -proc sslEngineSetDefaultEcdsa*(cc: ptr SslEngineContext) {.bearSslFunc, +proc sslEngineSetDefaultEcdsa*(cc: ptr SslEngineContext) {.bearSslFunc, deprecated, importc: "br_ssl_engine_set_default_ecdsa", header: "bearssl_ssl.h".} -proc sslEngineGetEcdsa*(cc: ptr SslEngineContext): EcdsaVrfy {.inline.} = +proc sslEngineGetEcdsa*(cc: ptr SslEngineContext): EcdsaVrfy {.inline, deprecated.} = return cc.iecdsa proc sslEngineSetBuffer*(cc: ptr SslEngineContext, iobuf: ptr byte, iobufLen: uint, bidi: cint) {. - bearSslFunc, importc: "br_ssl_engine_set_buffer", header: "bearssl_ssl.h".} + bearSslFunc, deprecated, importc: "br_ssl_engine_set_buffer", header: "bearssl_ssl.h".} proc sslEngineSetBuffersBidi*(cc: ptr SslEngineContext, ibuf: ptr byte, ibufLen: uint, obuf: ptr byte, obufLen: uint) {. - bearSslFunc, importc: "br_ssl_engine_set_buffers_bidi", header: "bearssl_ssl.h".} + bearSslFunc, deprecated, importc: "br_ssl_engine_set_buffers_bidi", header: "bearssl_ssl.h".} proc sslEngineInjectEntropy*(cc: ptr SslEngineContext; data: pointer; len: int) {. - bearSslFunc, importc: "br_ssl_engine_inject_entropy", header: "bearssl_ssl.h".} + bearSslFunc, deprecated, importc: "br_ssl_engine_inject_entropy", header: "bearssl_ssl.h".} -proc sslEngineGetServerName*(cc: ptr SslEngineContext): cstring {.inline.} = +proc sslEngineGetServerName*(cc: ptr SslEngineContext): cstring {.inline, deprecated.} = return addr cc.serverName -proc sslEngineGetVersion*(cc: ptr SslEngineContext): cuint {.inline.} = +proc sslEngineGetVersion*(cc: ptr SslEngineContext): cuint {.inline, deprecated.} = return cc.session.version proc sslEngineGetSessionParameters*(cc: ptr SslEngineContext; - pp: ptr SslSessionParameters) {.inline.} = + pp: ptr SslSessionParameters) {.inline, deprecated.} = copyMem(pp, addr(cc.session), sizeof(pp[])) proc sslEngineSetSessionParameters*(cc: ptr SslEngineContext; - pp: ptr SslSessionParameters) {.inline.} = + pp: ptr SslSessionParameters) {.inline, deprecated.} = copyMem(addr(cc.session), pp, sizeof(pp[])) -proc sslEngineGetEcdheCurve*(cc: ptr SslEngineContext): cint {.inline.} = +proc sslEngineGetEcdheCurve*(cc: ptr SslEngineContext): cint {.inline, deprecated.} = return cint cc.ecdheCurve -proc sslEngineCurrentState*(cc: ptr SslEngineContext): cuint {.bearSslFunc, +proc sslEngineCurrentState*(cc: ptr SslEngineContext): cuint {.bearSslFunc, deprecated, importc: "br_ssl_engine_current_state", header: "bearssl_ssl.h".} const @@ -3079,56 +2716,56 @@ const const SSL_RECVAPP* = 0x00000010 -proc sslEngineLastError*(cc: ptr SslEngineContext): cint {.inline.} = +proc sslEngineLastError*(cc: ptr SslEngineContext): cint {.inline, deprecated.} = return cc.err proc sslEngineSendappBuf*(cc: ptr SslEngineContext, length: var uint): ptr byte {. - bearSslFunc, importc: "br_ssl_engine_sendapp_buf", header: "bearssl_ssl.h".} + bearSslFunc, deprecated, importc: "br_ssl_engine_sendapp_buf", header: "bearssl_ssl.h".} proc sslEngineSendappAck*(cc: ptr SslEngineContext, length: uint) {. - bearSslFunc, importc: "br_ssl_engine_sendapp_ack", header: "bearssl_ssl.h".} + bearSslFunc, deprecated, importc: "br_ssl_engine_sendapp_ack", header: "bearssl_ssl.h".} proc sslEngineRecvappBuf*(cc: ptr SslEngineContext, length: var uint): ptr byte {. - bearSslFunc, importc: "br_ssl_engine_recvapp_buf", header: "bearssl_ssl.h".} + bearSslFunc, deprecated, importc: "br_ssl_engine_recvapp_buf", header: "bearssl_ssl.h".} proc sslEngineRecvappAck*(cc: ptr SslEngineContext, length: uint) {. - bearSslFunc, importc: "br_ssl_engine_recvapp_ack", header: "bearssl_ssl.h".} + bearSslFunc, deprecated, importc: "br_ssl_engine_recvapp_ack", header: "bearssl_ssl.h".} proc sslEngineSendrecBuf*(cc: ptr SslEngineContext, length: var uint): ptr byte {. - bearSslFunc, importc: "br_ssl_engine_sendrec_buf", header: "bearssl_ssl.h".} + bearSslFunc, deprecated, importc: "br_ssl_engine_sendrec_buf", header: "bearssl_ssl.h".} proc sslEngineSendrecAck*(cc: ptr SslEngineContext, length: uint) {. - bearSslFunc, importc: "br_ssl_engine_sendrec_ack", header: "bearssl_ssl.h".} + bearSslFunc, deprecated, importc: "br_ssl_engine_sendrec_ack", header: "bearssl_ssl.h".} proc sslEngineRecvrecBuf*(cc: ptr SslEngineContext, length: var uint): ptr byte {. - bearSslFunc, importc: "br_ssl_engine_recvrec_buf", header: "bearssl_ssl.h".} + bearSslFunc, deprecated, importc: "br_ssl_engine_recvrec_buf", header: "bearssl_ssl.h".} proc sslEngineRecvrecAck*(cc: ptr SslEngineContext; length: uint) {. - bearSslFunc, importc: "br_ssl_engine_recvrec_ack", header: "bearssl_ssl.h".} + bearSslFunc, deprecated, importc: "br_ssl_engine_recvrec_ack", header: "bearssl_ssl.h".} proc sslEngineFlush*(cc: ptr SslEngineContext; force: cint) {. - bearSslFunc, importc: "br_ssl_engine_flush", header: "bearssl_ssl.h".} + bearSslFunc, deprecated, importc: "br_ssl_engine_flush", header: "bearssl_ssl.h".} proc sslEngineClose*(cc: ptr SslEngineContext) {. - bearSslFunc, importc: "br_ssl_engine_close", header: "bearssl_ssl.h".} + bearSslFunc, deprecated, importc: "br_ssl_engine_close", header: "bearssl_ssl.h".} proc sslEngineRenegotiate*(cc: ptr SslEngineContext): cint {. - bearSslFunc, importc: "br_ssl_engine_renegotiate", header: "bearssl_ssl.h".} + bearSslFunc, deprecated, importc: "br_ssl_engine_renegotiate", header: "bearssl_ssl.h".} proc sslKeyExport*(cc: ptr SslEngineContext; dst: pointer; len: int; label: cstring; - context: pointer; contextLen: int): cint {.bearSslFunc, + context: pointer; contextLen: int): cint {.bearSslFunc, deprecated, importc: "br_ssl_key_export", header: "bearssl_ssl.h".} type SslClientCertificate* {.importc: "br_ssl_client_certificate", - header: "bearssl_ssl.h", bycopy.} = object + header: "bearssl_ssl.h", bycopy, deprecated.} = object authType* {.importc: "auth_type".}: cint hashId* {.importc: "hash_id".}: cint chain* {.importc: "chain".}: ptr X509Certificate @@ -3164,7 +2801,7 @@ type irsapub* {.importc: "irsapub".}: RsaPublic SslClientCertificateClass* {.importc: "br_ssl_client_certificate_class", - header: "bearssl_ssl.h", bycopy.} = object + header: "bearssl_ssl.h", bycopy, deprecated.} = object contextSize* {.importc: "context_size".}: int startNameList* {.importc: "start_name_list".}: proc ( pctx: ptr ptr SslClientCertificateClass) {.bearSslFunc.} @@ -3187,7 +2824,7 @@ type len: int): int {.bearSslFunc.} SslClientCertificateRsaContext* {.importc: "br_ssl_client_certificate_rsa_context", - header: "bearssl_ssl.h", bycopy.} = object + header: "bearssl_ssl.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr SslClientCertificateClass chain* {.importc: "chain".}: ptr X509Certificate chainLen* {.importc: "chain_len".}: int @@ -3195,7 +2832,7 @@ type irsasign* {.importc: "irsasign".}: RsaPkcs1Sign SslClientCertificateEcContext* {.importc: "br_ssl_client_certificate_ec_context", - header: "bearssl_ssl.h", bycopy.} = object + header: "bearssl_ssl.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr SslClientCertificateClass chain* {.importc: "chain".}: ptr X509Certificate chainLen* {.importc: "chain_len".}: int @@ -3208,17 +2845,17 @@ type -proc sslClientGetServerHashes*(cc: ptr SslClientContext): uint32 {.inline.} = +proc sslClientGetServerHashes*(cc: ptr SslClientContext): uint32 {.inline, deprecated.} = return cc.hashes -proc sslClientGetServerCurve*(cc: ptr SslClientContext): cint {.inline.} = +proc sslClientGetServerCurve*(cc: ptr SslClientContext): cint {.inline, deprecated.} = return cc.serverCurve proc sslClientInitFull*(cc: ptr SslClientContext; xc: ptr X509MinimalContext; trustAnchors: ptr X509TrustAnchor; trustAnchorsNum: int) {. - bearSslFunc, importc: "br_ssl_client_init_full", header: "bearssl_ssl.h".} + bearSslFunc, deprecated, importc: "br_ssl_client_init_full", header: "bearssl_ssl.h".} -proc sslClientZero*(cc: ptr SslClientContext) {.bearSslFunc, importc: "br_ssl_client_zero", +proc sslClientZero*(cc: ptr SslClientContext) {.bearSslFunc, deprecated, importc: "br_ssl_client_zero", header: "bearssl_ssl.h".} proc sslClientSetClientCertificate*(cc: ptr SslClientContext; @@ -3226,32 +2863,32 @@ proc sslClientSetClientCertificate*(cc: ptr SslClientContext; inline.} = cc.clientAuthVtable = pctx -proc sslClientSetRsapub*(cc: ptr SslClientContext; irsapub: RsaPublic) {.inline.} = +proc sslClientSetRsapub*(cc: ptr SslClientContext; irsapub: RsaPublic) {.inline, deprecated.} = cc.irsapub = irsapub -proc sslClientSetDefaultRsapub*(cc: ptr SslClientContext) {.bearSslFunc, +proc sslClientSetDefaultRsapub*(cc: ptr SslClientContext) {.bearSslFunc, deprecated, importc: "br_ssl_client_set_default_rsapub", header: "bearssl_ssl.h".} proc sslClientSetMinClienthelloLen*(cc: ptr SslClientContext; len: uint16) {.inline, - bearSslFunc.} = + bearSslFunc, deprecated.} = cc.minClienthelloLen = len proc sslClientReset*(cc: ptr SslClientContext; serverName: cstring; - resumeSession: cint): cint {.bearSslFunc, + resumeSession: cint): cint {.bearSslFunc, deprecated, importc: "br_ssl_client_reset", header: "bearssl_ssl.h".} -proc sslClientForgetSession*(cc: ptr SslClientContext) {.inline.} = +proc sslClientForgetSession*(cc: ptr SslClientContext) {.inline, deprecated.} = cc.eng.session.sessionIdLen = 0 proc sslClientSetSingleRsa*(cc: ptr SslClientContext; chain: ptr X509Certificate; chainLen: int; sk: ptr RsaPrivateKey; - irsasign: RsaPkcs1Sign) {.bearSslFunc, + irsasign: RsaPkcs1Sign) {.bearSslFunc, deprecated, importc: "br_ssl_client_set_single_rsa", header: "bearssl_ssl.h".} proc sslClientSetSingleEc*(cc: ptr SslClientContext; chain: ptr X509Certificate; chainLen: int; sk: ptr EcPrivateKey; allowedUsages: cuint; certIssuerKeyType: cuint; - iec: ptr EcImpl; iecdsa: EcdsaSign) {.bearSslFunc, + iec: ptr EcImpl; iecdsa: EcdsaSign) {.bearSslFunc, deprecated, importc: "br_ssl_client_set_single_ec", header: "bearssl_ssl.h".} type @@ -3286,7 +2923,7 @@ type chainLen* {.importc: "chain_len".}: int SslServerPolicyClass* {.importc: "br_ssl_server_policy_class", - header: "bearssl_ssl.h", bycopy.} = object + header: "bearssl_ssl.h", bycopy, deprecated.} = object contextSize* {.importc: "context_size".}: int choose* {.importc: "choose".}: proc (pctx: ptr ptr SslServerPolicyClass; cc: ptr SslServerContext; @@ -3299,7 +2936,7 @@ type len: int): int {.bearSslFunc.} SslServerPolicyRsaContext* {.importc: "br_ssl_server_policy_rsa_context", - header: "bearssl_ssl.h", bycopy.} = object + header: "bearssl_ssl.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr SslServerPolicyClass chain* {.importc: "chain".}: ptr X509Certificate chainLen* {.importc: "chain_len".}: int @@ -3309,7 +2946,7 @@ type irsasign* {.importc: "irsasign".}: RsaPkcs1Sign SslServerPolicyEcContext* {.importc: "br_ssl_server_policy_ec_context", - header: "bearssl_ssl.h", bycopy.} = object + header: "bearssl_ssl.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr SslServerPolicyClass chain* {.importc: "chain".}: ptr X509Certificate chainLen* {.importc: "chain_len".}: int @@ -3353,7 +2990,7 @@ type SslSessionCacheClass* {.importc: "br_ssl_session_cache_class", - header: "bearssl_ssl.h", bycopy.} = object + header: "bearssl_ssl.h", bycopy, deprecated.} = object contextSize* {.importc: "context_size".}: int save* {.importc: "save".}: proc (ctx: ptr ptr SslSessionCacheClass; serverCtx: ptr SslServerContext; @@ -3363,7 +3000,7 @@ type params: ptr SslSessionParameters): cint {.bearSslFunc.} SslSessionCacheLru* {.importc: "br_ssl_session_cache_lru", - header: "bearssl_ssl.h", bycopy.} = object + header: "bearssl_ssl.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr SslSessionCacheClass store* {.importc: "store".}: ptr cuchar storeLen* {.importc: "store_len".}: int @@ -3377,48 +3014,48 @@ type proc sslSessionCacheLruInit*(cc: ptr SslSessionCacheLru; store: ptr cuchar; - storeLen: int) {.bearSslFunc, + storeLen: int) {.bearSslFunc, deprecated, importc: "br_ssl_session_cache_lru_init", header: "bearssl_ssl.h".} -proc sslSessionCacheLruForget*(cc: ptr SslSessionCacheLru; id: ptr cuchar) {.bearSslFunc, +proc sslSessionCacheLruForget*(cc: ptr SslSessionCacheLru; id: ptr cuchar) {.bearSslFunc, deprecated, importc: "br_ssl_session_cache_lru_forget", header: "bearssl_ssl.h".} proc sslServerInitFullRsa*(cc: ptr SslServerContext; chain: ptr X509Certificate; - chainLen: int; sk: ptr RsaPrivateKey) {.bearSslFunc, + chainLen: int; sk: ptr RsaPrivateKey) {.bearSslFunc, deprecated, importc: "br_ssl_server_init_full_rsa", header: "bearssl_ssl.h".} proc sslServerInitFullEc*(cc: ptr SslServerContext; chain: ptr X509Certificate; chainLen: int; certIssuerKeyType: cuint; - sk: ptr EcPrivateKey) {.bearSslFunc, + sk: ptr EcPrivateKey) {.bearSslFunc, deprecated, importc: "br_ssl_server_init_full_ec", header: "bearssl_ssl.h".} proc sslServerInitMinr2g*(cc: ptr SslServerContext; chain: ptr X509Certificate; - chainLen: int; sk: ptr RsaPrivateKey) {.bearSslFunc, + chainLen: int; sk: ptr RsaPrivateKey) {.bearSslFunc, deprecated, importc: "br_ssl_server_init_minr2g", header: "bearssl_ssl.h".} proc sslServerInitMine2g*(cc: ptr SslServerContext; chain: ptr X509Certificate; - chainLen: int; sk: ptr RsaPrivateKey) {.bearSslFunc, + chainLen: int; sk: ptr RsaPrivateKey) {.bearSslFunc, deprecated, importc: "br_ssl_server_init_mine2g", header: "bearssl_ssl.h".} proc sslServerInitMinf2g*(cc: ptr SslServerContext; chain: ptr X509Certificate; - chainLen: int; sk: ptr EcPrivateKey) {.bearSslFunc, + chainLen: int; sk: ptr EcPrivateKey) {.bearSslFunc, deprecated, importc: "br_ssl_server_init_minf2g", header: "bearssl_ssl.h".} proc sslServerInitMinu2g*(cc: ptr SslServerContext; chain: ptr X509Certificate; - chainLen: int; sk: ptr EcPrivateKey) {.bearSslFunc, + chainLen: int; sk: ptr EcPrivateKey) {.bearSslFunc, deprecated, importc: "br_ssl_server_init_minu2g", header: "bearssl_ssl.h".} proc sslServerInitMinv2g*(cc: ptr SslServerContext; chain: ptr X509Certificate; - chainLen: int; sk: ptr EcPrivateKey) {.bearSslFunc, + chainLen: int; sk: ptr EcPrivateKey) {.bearSslFunc, deprecated, importc: "br_ssl_server_init_minv2g", header: "bearssl_ssl.h".} proc sslServerInitMine2c*(cc: ptr SslServerContext; chain: ptr X509Certificate; - chainLen: int; sk: ptr RsaPrivateKey) {.bearSslFunc, + chainLen: int; sk: ptr RsaPrivateKey) {.bearSslFunc, deprecated, importc: "br_ssl_server_init_mine2c", header: "bearssl_ssl.h".} proc sslServerInitMinf2c*(cc: ptr SslServerContext; chain: ptr X509Certificate; - chainLen: int; sk: ptr EcPrivateKey) {.bearSslFunc, + chainLen: int; sk: ptr EcPrivateKey) {.bearSslFunc, deprecated, importc: "br_ssl_server_init_minf2c", header: "bearssl_ssl.h".} proc sslServerGetClientSuites*(cc: ptr SslServerContext; num: ptr int): @@ -3427,53 +3064,53 @@ proc sslServerGetClientSuites*(cc: ptr SslServerContext; num: ptr int): num[] = int cc.clientSuitesNum return addr cc.clientSuites -proc sslServerGetClientHashes*(cc: ptr SslServerContext): uint32 {.inline.} = +proc sslServerGetClientHashes*(cc: ptr SslServerContext): uint32 {.inline, deprecated.} = return cc.hashes -proc sslServerGetClientCurves*(cc: ptr SslServerContext): uint32 {.inline.} = +proc sslServerGetClientCurves*(cc: ptr SslServerContext): uint32 {.inline, deprecated.} = return cc.curves -proc sslServerZero*(cc: ptr SslServerContext) {.bearSslFunc, importc: "br_ssl_server_zero", +proc sslServerZero*(cc: ptr SslServerContext) {.bearSslFunc, deprecated, importc: "br_ssl_server_zero", header: "bearssl_ssl.h".} proc sslServerSetPolicy*(cc: ptr SslServerContext; - pctx: ptr ptr SslServerPolicyClass) {.inline.} = + pctx: ptr ptr SslServerPolicyClass) {.inline, deprecated.} = cc.policyVtable = pctx proc sslServerSetSingleRsa*(cc: ptr SslServerContext; chain: ptr X509Certificate; chainLen: int; sk: ptr RsaPrivateKey; allowedUsages: cuint; irsacore: RsaPrivate; - irsasign: RsaPkcs1Sign) {.bearSslFunc, + irsasign: RsaPkcs1Sign) {.bearSslFunc, deprecated, importc: "br_ssl_server_set_single_rsa", header: "bearssl_ssl.h".} proc sslServerSetSingleEc*(cc: ptr SslServerContext; chain: ptr X509Certificate; chainLen: int; sk: ptr EcPrivateKey; allowedUsages: cuint; certIssuerKeyType: cuint; - iec: ptr EcImpl; iecdsa: EcdsaSign) {.bearSslFunc, + iec: ptr EcImpl; iecdsa: EcdsaSign) {.bearSslFunc, deprecated, importc: "br_ssl_server_set_single_ec", header: "bearssl_ssl.h".} proc sslServerSetTrustAnchorNames*(cc: ptr SslServerContext; taNames: ptr X500Name; - num: int) {.inline.} = + num: int) {.inline, deprecated.} = cc.taNames = taNames cc.tas = nil cc.numTas = num proc sslServerSetTrustAnchorNamesAlt*(cc: ptr SslServerContext; tas: ptr X509TrustAnchor; num: int) {.inline, - bearSslFunc.} = + bearSslFunc, deprecated.} = cc.taNames = nil cc.tas = tas cc.numTas = num proc sslServerSetCache*(cc: ptr SslServerContext; - vtable: ptr ptr SslSessionCacheClass) {.inline.} = + vtable: ptr ptr SslSessionCacheClass) {.inline, deprecated.} = cc.cacheVtable = vtable -proc sslServerReset*(cc: ptr SslServerContext): cint {.bearSslFunc, +proc sslServerReset*(cc: ptr SslServerContext): cint {.bearSslFunc, deprecated, importc: "br_ssl_server_reset", header: "bearssl_ssl.h".} type - SslioContext* {.importc: "br_sslio_context", header: "bearssl_ssl.h", bycopy.} = object + SslioContext* {.importc: "br_sslio_context", header: "bearssl_ssl.h", bycopy, deprecated.} = object engine* {.importc: "engine".}: ptr SslEngineContext lowRead* {.importc: "low_read".}: proc (readContext: pointer; data: ptr cuchar; len: int): cint {.bearSslFunc.} @@ -3486,25 +3123,25 @@ type proc sslioInit*(ctx: ptr SslioContext; engine: ptr SslEngineContext; lowRead: proc ( readContext: pointer; data: ptr cuchar; len: int): cint {.bearSslFunc.}; readContext: pointer; lowWrite: proc (writeContext: pointer; - data: ptr cuchar; len: int): cint {.bearSslFunc.}; writeContext: pointer) {.bearSslFunc, + data: ptr cuchar; len: int): cint {.bearSslFunc.}; writeContext: pointer) {.bearSslFunc, deprecated, importc: "br_sslio_init", header: "bearssl_ssl.h".} -proc sslioRead*(cc: ptr SslioContext; dst: pointer; len: int): cint {.bearSslFunc, +proc sslioRead*(cc: ptr SslioContext; dst: pointer; len: int): cint {.bearSslFunc, deprecated, importc: "br_sslio_read", header: "bearssl_ssl.h".} -proc sslioReadAll*(cc: ptr SslioContext; dst: pointer; len: int): cint {.bearSslFunc, +proc sslioReadAll*(cc: ptr SslioContext; dst: pointer; len: int): cint {.bearSslFunc, deprecated, importc: "br_sslio_read_all", header: "bearssl_ssl.h".} -proc sslioWrite*(cc: ptr SslioContext; src: pointer; len: int): cint {.bearSslFunc, +proc sslioWrite*(cc: ptr SslioContext; src: pointer; len: int): cint {.bearSslFunc, deprecated, importc: "br_sslio_write", header: "bearssl_ssl.h".} -proc sslioWriteAll*(cc: ptr SslioContext; src: pointer; len: int): cint {.bearSslFunc, +proc sslioWriteAll*(cc: ptr SslioContext; src: pointer; len: int): cint {.bearSslFunc, deprecated, importc: "br_sslio_write_all", header: "bearssl_ssl.h".} -proc sslioFlush*(cc: ptr SslioContext): cint {.bearSslFunc, importc: "br_sslio_flush", +proc sslioFlush*(cc: ptr SslioContext): cint {.bearSslFunc, deprecated, importc: "br_sslio_flush", header: "bearssl_ssl.h".} -proc sslioClose*(cc: ptr SslioContext): cint {.bearSslFunc, importc: "br_sslio_close", +proc sslioClose*(cc: ptr SslioContext): cint {.bearSslFunc, deprecated, importc: "br_sslio_close", header: "bearssl_ssl.h".} const @@ -3643,7 +3280,7 @@ const ALERT_NO_APPLICATION_PROTOCOL* = 120 type - INNER_C_STRUCT_1475532182* {.importc: "no_name", header: "bearssl_pem.h", bycopy.} = object + INNER_C_STRUCT_1475532182* {.importc: "no_name", header: "bearssl_pem.h", bycopy, deprecated.} = object dp* {.importc: "dp".}: ptr uint32 rp* {.importc: "rp".}: ptr uint32 ip* {.importc: "ip".}: ptr cuchar @@ -3664,18 +3301,18 @@ type `ptr`* {.importc: "ptr".}: int -proc pemDecoderInit*(ctx: ptr PemDecoderContext) {.bearSslFunc, +proc pemDecoderInit*(ctx: ptr PemDecoderContext) {.bearSslFunc, deprecated, importc: "br_pem_decoder_init", header: "bearssl_pem.h".} proc pemDecoderPush*(ctx: ptr PemDecoderContext; data: pointer; len: int): int {. - bearSslFunc, importc: "br_pem_decoder_push", header: "bearssl_pem.h".} + bearSslFunc, deprecated, importc: "br_pem_decoder_push", header: "bearssl_pem.h".} proc pemDecoderSetdest*(ctx: ptr PemDecoderContext; dest: proc (destCtx: pointer; - src: pointer; len: int) {.bearSslFunc.}; destCtx: pointer) {.inline.} = + src: pointer; len: int) {.bearSslFunc.}; destCtx: pointer) {.inline, deprecated.} = ctx.dest = dest ctx.destCtx = destCtx -proc pemDecoderEvent*(ctx: ptr PemDecoderContext): cint {.bearSslFunc, +proc pemDecoderEvent*(ctx: ptr PemDecoderContext): cint {.bearSslFunc, deprecated, importc: "br_pem_decoder_event", header: "bearssl_pem.h".} const @@ -3687,16 +3324,16 @@ const const PEM_ERROR* = 3 -proc pemDecoderName*(ctx: ptr PemDecoderContext): cstring {.inline.} = +proc pemDecoderName*(ctx: ptr PemDecoderContext): cstring {.inline, deprecated.} = return addr ctx.name type - ConfigOption* {.importc: "br_config_option", header: "bearssl.h", bycopy.} = object + ConfigOption* {.importc: "br_config_option", header: "bearssl.h", bycopy, deprecated.} = object name* {.importc: "name".}: cstring value* {.importc: "value".}: clong -proc getConfig*(): ptr ConfigOption {.bearSslFunc, importc: "br_get_config", +proc getConfig*(): ptr ConfigOption {.bearSslFunc, deprecated, importc: "br_get_config", header: "bearssl.h".} const @@ -3709,119 +3346,119 @@ const type X509NoAnchorContext* {.importc: "x509_noanchor_context", - header: "brssl.h", bycopy.} = object + header: "brssl.h", bycopy, deprecated.} = object vtable* {.importc: "vtable".}: ptr X509Class proc initNoAnchor*(xwc: ptr X509NoAnchorContext, inner: ptr ptr X509Class) {. - bearSslFunc, importc: "x509_noanchor_init", header: "brssl.h".} + bearSslFunc, deprecated, importc: "x509_noanchor_init", header: "brssl.h".} # Following declarations are used inside `nim-libp2p`. type - BrHashClass* = HashClass - BrMd5Context* = Md5Context - BrMd5sha1Context* = Md5sha1Context - BrSha512Context* = Sha384Context - BrSha384Context* = Sha384Context - BrSha256Context* = Sha224Context - BrSha224Context* = Sha224Context - BrHashCompatContext* = HashCompatContext - BrPrngClass* = PrngClass - BrHmacDrbgContext* = HmacDrbgContext - BrRsaPublicKey* = RsaPublicKey - BrRsaPrivateKey* = RsaPrivateKey - BrEcPublicKey* = EcPublicKey - BrEcPrivateKey* = EcPrivateKey - BrEcImplementation* = EcImpl - BrPrngSeeder* = PrngSeeder - BrRsaKeygen* = proc (ctx: ptr ptr BrPrngClass, + BrHashClass* {.deprecated.} = HashClass + BrMd5Context* {.deprecated.} = Md5Context + BrMd5sha1Context* {.deprecated.} = Md5sha1Context + BrSha512Context* {.deprecated.} = Sha384Context + BrSha384Context* {.deprecated.} = Sha384Context + BrSha256Context* {.deprecated.} = Sha224Context + BrSha224Context* {.deprecated.} = Sha224Context + BrHashCompatContext* {.deprecated.} = HashCompatContext + BrPrngClass* {.deprecated.} = PrngClass + BrHmacDrbgContext* {.deprecated.} = HmacDrbgContext + BrRsaPublicKey* {.deprecated.} = RsaPublicKey + BrRsaPrivateKey* {.deprecated.} = RsaPrivateKey + BrEcPublicKey* {.deprecated.} = EcPublicKey + BrEcPrivateKey* {.deprecated.} = EcPrivateKey + BrEcImplementation* {.deprecated.} = EcImpl + BrPrngSeeder* {.deprecated.} = PrngSeeder + BrRsaKeygen* {.deprecated.} = proc (ctx: ptr ptr BrPrngClass, sk: ptr BrRsaPrivateKey, bufsec: ptr byte, pk: ptr BrRsaPublicKey, bufpub: ptr byte, size: cuint, pubexp: uint32): uint32 {.bearSslFunc.} - BrRsaComputeModulus* = proc (n: pointer, + BrRsaComputeModulus* {.deprecated.} = proc (n: pointer, sk: ptr BrRsaPrivateKey): int {.bearSslFunc.} - BrRsaComputePubexp* = proc (sk: ptr BrRsaPrivateKey): uint32 {.bearSslFunc.} - BrRsaComputePrivexp* = proc (d: pointer, + BrRsaComputePubexp* {.deprecated.} = proc (sk: ptr BrRsaPrivateKey): uint32 {.bearSslFunc.} + BrRsaComputePrivexp* {.deprecated.} = proc (d: pointer, sk: ptr BrRsaPrivateKey, pubexp: uint32): int {.bearSslFunc.} - BrRsaPkcs1Verify* = proc (x: ptr cuchar, xlen: int, + BrRsaPkcs1Verify* {.deprecated.} = proc (x: ptr cuchar, xlen: int, hash_oid: ptr cuchar, hash_len: int, pk: ptr BrRsaPublicKey, hash_out: ptr cuchar): uint32 {.bearSslFunc.} - BrPemDecoderProc* = proc (destctx: pointer, src: pointer, + BrPemDecoderProc* {.deprecated.} = proc (destctx: pointer, src: pointer, length: int) {.bearSslFunc.} BrRsaPkcs1Sign* = RsaPkcs1Sign -proc brPrngSeederSystem*(name: cstringArray): BrPrngSeeder {.bearSslFunc, +proc brPrngSeederSystem*(name: cstringArray): BrPrngSeeder {.bearSslFunc, deprecated, importc: "br_prng_seeder_system", header: "bearssl_rand.h".} proc brHmacDrbgInit*(ctx: ptr BrHmacDrbgContext, digestClass: ptr BrHashClass, seed: pointer, seedLen: int) {. - bearSslFunc, importc: "br_hmac_drbg_init", header: "bearssl_rand.h".} + bearSslFunc, deprecated, importc: "br_hmac_drbg_init", header: "bearssl_rand.h".} proc brHmacDrbgGenerate*(ctx: ptr BrHmacDrbgContext, outs: pointer, len: csize_t) {. - bearSslFunc, importc: "br_hmac_drbg_generate", header: "bearssl_rand.h".} + bearSslFunc, deprecated, importc: "br_hmac_drbg_generate", header: "bearssl_rand.h".} proc brHmacDrbgGenerate*(ctx: var BrHmacDrbgContext, outp: var openArray[byte]) = brHmacDrbgGenerate(addr ctx, addr outp, csize_t(outp.len)) proc brRsaKeygenGetDefault*(): BrRsaKeygen {. - bearSslFunc, importc: "br_rsa_keygen_get_default", header: "bearssl_rsa.h".} + bearSslFunc, deprecated, importc: "br_rsa_keygen_get_default", header: "bearssl_rsa.h".} proc BrRsaPkcs1SignGetDefault*(): BrRsaPkcs1Sign {. - bearSslFunc, importc: "br_rsa_pkcs1_sign_get_default", header: "bearssl_rsa.h".} + bearSslFunc, deprecated, importc: "br_rsa_pkcs1_sign_get_default", header: "bearssl_rsa.h".} proc BrRsaPkcs1VrfyGetDefault*(): BrRsaPkcs1Verify {. - bearSslFunc, importc: "br_rsa_pkcs1_vrfy_get_default", header: "bearssl_rsa.h".} + bearSslFunc, deprecated, importc: "br_rsa_pkcs1_vrfy_get_default", header: "bearssl_rsa.h".} proc brRsaComputeModulusGetDefault*(): BrRsaComputeModulus {. - bearSslFunc, importc: "br_rsa_compute_modulus_get_default", + bearSslFunc, deprecated, importc: "br_rsa_compute_modulus_get_default", header: "bearssl_rsa.h".} proc brRsaComputePubexpGetDefault*(): BrRsaComputePubexp {. - bearSslFunc, importc: "br_rsa_compute_pubexp_get_default", + bearSslFunc, deprecated, importc: "br_rsa_compute_pubexp_get_default", header: "bearssl_rsa.h".} proc brRsaComputePrivexpGetDefault*(): BrRsaComputePrivexp {. - bearSslFunc, importc: "br_rsa_compute_privexp_get_default", + bearSslFunc, deprecated, importc: "br_rsa_compute_privexp_get_default", header: "bearssl_rsa.h".} proc brEcGetDefault*(): ptr BrEcImplementation {. - bearSslFunc, importc: "br_ec_get_default", header: "bearssl_ec.h".} + bearSslFunc, deprecated, importc: "br_ec_get_default", header: "bearssl_ec.h".} proc brEcKeygen*(ctx: ptr ptr BrPrngClass, impl: ptr BrEcImplementation, sk: ptr BrEcPrivateKey, keybuf: ptr byte, - curve: cint): int {.bearSslFunc, + curve: cint): int {.bearSslFunc, deprecated, importc: "br_ec_keygen", header: "bearssl_ec.h".} proc brEcComputePublicKey*(impl: ptr BrEcImplementation, pk: ptr BrEcPublicKey, kbuf: ptr byte, sk: ptr BrEcPrivateKey): int {. - bearSslFunc, importc: "br_ec_compute_pub", header: "bearssl_ec.h".} + bearSslFunc, deprecated, importc: "br_ec_compute_pub", header: "bearssl_ec.h".} proc brEcdsaSignRaw*(impl: ptr BrEcImplementation, hf: ptr BrHashClass, value: pointer, sk: ptr BrEcPrivateKey, sig: pointer): int {. - bearSslFunc, importc: "br_ecdsa_i31_sign_raw", header: "bearssl_ec.h".} + bearSslFunc, deprecated, importc: "br_ecdsa_i31_sign_raw", header: "bearssl_ec.h".} proc brEcdsaVerifyRaw*(impl: ptr BrEcImplementation, hash: pointer, hashlen: int, pk: ptr BrEcPublicKey, sig: pointer, siglen: int): uint32 {. - bearSslFunc, importc: "br_ecdsa_i31_vrfy_raw", header: "bearssl_ec.h".} + bearSslFunc, deprecated, importc: "br_ecdsa_i31_vrfy_raw", header: "bearssl_ec.h".} proc brEcdsaSignAsn1*(impl: ptr BrEcImplementation, hf: ptr BrHashClass, value: pointer, sk: ptr BrEcPrivateKey, sig: pointer): int {. - bearSslFunc, importc: "br_ecdsa_i31_sign_asn1", header: "bearssl_ec.h".} + bearSslFunc, deprecated, importc: "br_ecdsa_i31_sign_asn1", header: "bearssl_ec.h".} proc brEcdsaVerifyAsn1*(impl: ptr BrEcImplementation, hash: pointer, hashlen: int, pk: ptr BrEcPublicKey, sig: pointer, siglen: int): uint32 {. - bearSslFunc, importc: "br_ecdsa_i31_vrfy_asn1", header: "bearssl_ec.h".} + bearSslFunc, deprecated, importc: "br_ecdsa_i31_vrfy_asn1", header: "bearssl_ec.h".} -template brRsaPrivateKeyBufferSize*(size: int): int = +template brRsaPrivateKeyBufferSize*(size: int): int {.deprecated.} = # BR_RSA_KBUF_PRIV_SIZE(size) (5 * ((size + 15) shr 4)) -template brRsaPublicKeyBufferSize*(size: int): int = +template brRsaPublicKeyBufferSize*(size: int): int {.deprecated.} = # BR_RSA_KBUF_PUB_SIZE(size) (4 + ((size + 7) shr 3)) diff --git a/bearssl/ec.nim b/bearssl/ec.nim new file mode 100644 index 0000000..c315b1b --- /dev/null +++ b/bearssl/ec.nim @@ -0,0 +1,4 @@ +import + ./abi/bearssl_ec + +export bearssl_ec diff --git a/bearssl/hash.nim b/bearssl/hash.nim new file mode 100644 index 0000000..c8a23b5 --- /dev/null +++ b/bearssl/hash.nim @@ -0,0 +1,4 @@ +import + ./abi/bearssl_hash + +export bearssl_hash diff --git a/bearssl/hmac.nim b/bearssl/hmac.nim new file mode 100644 index 0000000..08633f8 --- /dev/null +++ b/bearssl/hmac.nim @@ -0,0 +1,4 @@ +import + ./abi/bearssl_hmac + +export bearssl_hmac diff --git a/bearssl/kdf.nim b/bearssl/kdf.nim new file mode 100644 index 0000000..f6f2f94 --- /dev/null +++ b/bearssl/kdf.nim @@ -0,0 +1,4 @@ +import + ./abi/bearssl_kdf + +export bearssl_kdf diff --git a/bearssl/pem.nim b/bearssl/pem.nim new file mode 100644 index 0000000..37b7ffd --- /dev/null +++ b/bearssl/pem.nim @@ -0,0 +1,4 @@ +import + ./abi/bearssl_pem + +export bearssl_pem diff --git a/bearssl/prf.nim b/bearssl/prf.nim new file mode 100644 index 0000000..41380d2 --- /dev/null +++ b/bearssl/prf.nim @@ -0,0 +1,4 @@ +import + ./abi/bearssl_prf + +export bearssl_prf diff --git a/bearssl/rand.nim b/bearssl/rand.nim new file mode 100644 index 0000000..024b3ed --- /dev/null +++ b/bearssl/rand.nim @@ -0,0 +1,8 @@ +import + ./abi/bearssl_rand + +export bearssl_rand + +func hmacDrbgGenerate*(ctx: var HmacDrbgContext, output: var openArray[byte]) = + if output.len > 0: + hmacDrbgGenerate(ctx, addr output[0], uint output.len) diff --git a/bearssl/rsa.nim b/bearssl/rsa.nim new file mode 100644 index 0000000..4780b21 --- /dev/null +++ b/bearssl/rsa.nim @@ -0,0 +1,4 @@ +import + ./abi/bearssl_rsa + +export bearssl_rsa diff --git a/bearssl/ssl.nim b/bearssl/ssl.nim new file mode 100644 index 0000000..bed9715 --- /dev/null +++ b/bearssl/ssl.nim @@ -0,0 +1,4 @@ +import + ./abi/bearssl_ssl + +export bearssl_ssl diff --git a/bearssl/x509.nim b/bearssl/x509.nim new file mode 100644 index 0000000..62e245e --- /dev/null +++ b/bearssl/x509.nim @@ -0,0 +1,4 @@ +import + ./abi/bearssl_x509 + +export bearssl_x509 diff --git a/regenerate.sh b/regenerate.sh new file mode 100644 index 0000000..15cb5a2 --- /dev/null +++ b/regenerate.sh @@ -0,0 +1,40 @@ +#!/bin/sh +mkdir -p gen +cp bearssl/csources/inc/*.h gen + +# c2nim gets confused by #ifdef inside struct's +unifdef -m -UBR_DOXYGEN_IGNORE gen/*.h + +# TODO: several things broken in c2nim 0.9.18 +# https://github.com/nim-lang/c2nim/issues/239 +# https://github.com/nim-lang/c2nim/issues/240 +# https://github.com/nim-lang/c2nim/issues/241 +# https://github.com/nim-lang/c2nim/issues/242 + +[[ $(c2nim -v) == "0.9.18" ]] || echo "Different c2nim used, check the code" +c2nim --header --importc --nep1 --prefix:br_ --prefix:BR_ --skipinclude --cdecl --skipcomments gen/*.h + +rm gen/*.h + +# Fix cosmetic and ease-of-use issues +sed -i \ + -e "s/int16T/int16/g" \ + -e "s/int32T/int32/g" \ + -e "s/int64T/int64/g" \ + -e "s/cuchar/byte/g" \ + -e "s/cdecl/importcFunc/g" \ + -e "s/csize_t/uint/g" \ + gen/*.nim + +# The functions taking a "Context" don't allow `nil` being passed to them - use +# `var` instead - ditto for "output" parameters like length +sed -i \ + -e 's/ctx: ptr \(.*\)Context/ctx: var \1Context/g' \ + -e 's/ctx: ptr \(.*\)Keys/ctx: var \1Keys/g' \ + -e 's/hc: ptr \(.*\)Context/hc: var \1Context/g' \ + -e 's/sc: ptr \(.*\)Context/sc: var \1Context/g' \ + -e 's/cc: ptr \(.*\)Context/cc: var \1Context/g' \ + -e 's/kc: ptr \(.*\)Context/kc: var \1Context/g' \ + -e 's/xwc: ptr \(.*\)Context/xwc: var \1Context/g' \ + -e 's/len: ptr uint/len: var uint/g' \ + gen/*.nim diff --git a/tests/hashing.nim b/tests/test_hash.nim similarity index 87% rename from tests/hashing.nim rename to tests/test_hash.nim index d9220b5..8ccbee2 100644 --- a/tests/hashing.nim +++ b/tests/test_hash.nim @@ -1,6 +1,8 @@ import std/[strutils, sequtils], unittest2, - ../bearssl + ../bearssl/hash + +{.used.} suite "Hashing": test "MD5": @@ -25,7 +27,7 @@ suite "Hashing": ctx = Md5Context() res: array[md5SIZE, uint8] - md5Init(addr ctx) - md5Update(addr ctx, input[i].cstring, input[i].len) - md5Out(addr ctx, addr res[0]) + md5Init(ctx) + md5Update(ctx, input[i].cstring, uint input[i].len) + md5Out(ctx, addr res[0]) check res.foldl(a & b.toHex(), "").toLower() == output[i] diff --git a/tests/test_import.nim b/tests/test_import.nim new file mode 100644 index 0000000..38cce02 --- /dev/null +++ b/tests/test_import.nim @@ -0,0 +1,11 @@ +# Test the full thing, given we do lots of compile and import tricks + +import ../bearssl + +# TODO doesn't work from C++ due to missing `export "C"` +# discard getConfig() + +# TODO doesn't work from C++ due to `const`:ness issues +# discard ecGetDefault() + +discard ghashPwr8Get()