Replace OPENSSL_STATIC_ASSERT with static_assert.
The C11 change has survived for three months now. Let's start freely
using static_assert. In C files, we need to include <assert.h> because
it is a macro. In C++ files, it is a keyword and we can just use it. (In
MSVC C, it is actually also a keyword as in C++, but close enough.)
I moved one assert from ssl3.h to ssl_lib.cc. We haven't yet required
C11 in our public headers, just our internal files.
Change-Id: Ic59978be43b699f2c997858179a9691606784ea5
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/53665
Auto-Submit: David Benjamin <davidben@google.com>
Commit-Queue: Bob Beck <bbe@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c
index 316210e..afc88d2 100644
--- a/crypto/asn1/a_int.c
+++ b/crypto/asn1/a_int.c
@@ -56,13 +56,13 @@
#include <openssl/asn1.h>
+#include <assert.h>
#include <limits.h>
#include <string.h>
#include <openssl/bytestring.h>
#include <openssl/err.h>
#include <openssl/mem.h>
-#include <openssl/type_check.h>
#include "../internal.h"
@@ -353,7 +353,7 @@
i64 = (int64_t)v;
fits_in_i64 = i64 >= 0;
}
- OPENSSL_STATIC_ASSERT(sizeof(long) <= sizeof(int64_t), "long is too big");
+ static_assert(sizeof(long) <= sizeof(int64_t), "long is too big");
if (fits_in_i64 && LONG_MIN <= i64 && i64 <= LONG_MAX) {
return (long)i64;
diff --git a/crypto/base64/base64.c b/crypto/base64/base64.c
index 6ce6007..d2b1e58 100644
--- a/crypto/base64/base64.c
+++ b/crypto/base64/base64.c
@@ -60,8 +60,6 @@
#include <limits.h>
#include <string.h>
-#include <openssl/type_check.h>
-
#include "../internal.h"
@@ -98,8 +96,8 @@
return ret;
}
-OPENSSL_STATIC_ASSERT(sizeof(((EVP_ENCODE_CTX *)(NULL))->data) % 3 == 0,
- "data length must be a multiple of base64 chunk size");
+static_assert(sizeof(((EVP_ENCODE_CTX *)(NULL))->data) % 3 == 0,
+ "data length must be a multiple of base64 chunk size");
int EVP_EncodedLength(size_t *out_len, size_t len) {
if (len + 2 < len) {
diff --git a/crypto/blake2/blake2.c b/crypto/blake2/blake2.c
index 096d61d..5c6b17e 100644
--- a/crypto/blake2/blake2.c
+++ b/crypto/blake2/blake2.c
@@ -14,7 +14,7 @@
#include <openssl/blake2.h>
-#include <openssl/type_check.h>
+#include <assert.h>
#include "../internal.h"
@@ -61,7 +61,7 @@
size_t num_bytes, int is_final_block) {
// https://tools.ietf.org/html/rfc7693#section-3.2
uint64_t v[16];
- OPENSSL_STATIC_ASSERT(sizeof(v) == sizeof(b2b->h) + sizeof(kIV), "");
+ static_assert(sizeof(v) == sizeof(b2b->h) + sizeof(kIV), "");
OPENSSL_memcpy(v, b2b->h, sizeof(b2b->h));
OPENSSL_memcpy(&v[8], kIV, sizeof(kIV));
@@ -97,7 +97,7 @@
void BLAKE2B256_Init(BLAKE2B_CTX *b2b) {
OPENSSL_memset(b2b, 0, sizeof(BLAKE2B_CTX));
- OPENSSL_STATIC_ASSERT(sizeof(kIV) == sizeof(b2b->h), "");
+ static_assert(sizeof(kIV) == sizeof(b2b->h), "");
OPENSSL_memcpy(&b2b->h, kIV, sizeof(kIV));
// https://tools.ietf.org/html/rfc7693#section-2.5
@@ -143,7 +143,7 @@
sizeof(b2b->block.bytes) - b2b->block_used);
blake2b_transform(b2b, b2b->block.words, b2b->block_used,
/*is_final_block=*/1);
- OPENSSL_STATIC_ASSERT(BLAKE2B256_DIGEST_LENGTH <= sizeof(b2b->h), "");
+ static_assert(BLAKE2B256_DIGEST_LENGTH <= sizeof(b2b->h), "");
memcpy(out, b2b->h, BLAKE2B256_DIGEST_LENGTH);
}
diff --git a/crypto/cipher_extra/e_aesctrhmac.c b/crypto/cipher_extra/e_aesctrhmac.c
index c75f8a8..32b42d2 100644
--- a/crypto/cipher_extra/e_aesctrhmac.c
+++ b/crypto/cipher_extra/e_aesctrhmac.c
@@ -13,6 +13,9 @@
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
#include <openssl/aead.h>
+
+#include <assert.h>
+
#include <openssl/cipher.h>
#include <openssl/crypto.h>
#include <openssl/err.h>
@@ -35,12 +38,12 @@
SHA256_CTX outer_init_state;
};
-OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) >=
- sizeof(struct aead_aes_ctr_hmac_sha256_ctx),
- "AEAD state is too small");
-OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >=
- alignof(struct aead_aes_ctr_hmac_sha256_ctx),
- "AEAD state has insufficient alignment");
+static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) >=
+ sizeof(struct aead_aes_ctr_hmac_sha256_ctx),
+ "AEAD state is too small");
+static_assert(alignof(union evp_aead_ctx_st_state) >=
+ alignof(struct aead_aes_ctr_hmac_sha256_ctx),
+ "AEAD state has insufficient alignment");
static void hmac_init(SHA256_CTX *out_inner, SHA256_CTX *out_outer,
const uint8_t hmac_key[32]) {
diff --git a/crypto/cipher_extra/e_aesgcmsiv.c b/crypto/cipher_extra/e_aesgcmsiv.c
index ee20e1b..15601e1 100644
--- a/crypto/cipher_extra/e_aesgcmsiv.c
+++ b/crypto/cipher_extra/e_aesgcmsiv.c
@@ -42,11 +42,11 @@
// The assembly code assumes 8-byte alignment of the EVP_AEAD_CTX's state, and
// aligns to 16 bytes itself.
-OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) + 8 >=
- sizeof(struct aead_aes_gcm_siv_asm_ctx),
- "AEAD state is too small");
-OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >= 8,
- "AEAD state has insufficient alignment");
+static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) + 8 >=
+ sizeof(struct aead_aes_gcm_siv_asm_ctx),
+ "AEAD state is too small");
+static_assert(alignof(union evp_aead_ctx_st_state) >= 8,
+ "AEAD state has insufficient alignment");
// asm_ctx_from_ctx returns a 16-byte aligned context pointer from |ctx|.
static struct aead_aes_gcm_siv_asm_ctx *asm_ctx_from_ctx(
@@ -550,12 +550,12 @@
unsigned is_256:1;
};
-OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) >=
- sizeof(struct aead_aes_gcm_siv_ctx),
- "AEAD state is too small");
-OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >=
- alignof(struct aead_aes_gcm_siv_ctx),
- "AEAD state has insufficient alignment");
+static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) >=
+ sizeof(struct aead_aes_gcm_siv_ctx),
+ "AEAD state is too small");
+static_assert(alignof(union evp_aead_ctx_st_state) >=
+ alignof(struct aead_aes_gcm_siv_ctx),
+ "AEAD state has insufficient alignment");
static int aead_aes_gcm_siv_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
size_t key_len, size_t tag_len) {
diff --git a/crypto/cipher_extra/e_chacha20poly1305.c b/crypto/cipher_extra/e_chacha20poly1305.c
index a9fce3e..4a46a1d 100644
--- a/crypto/cipher_extra/e_chacha20poly1305.c
+++ b/crypto/cipher_extra/e_chacha20poly1305.c
@@ -14,6 +14,7 @@
#include <openssl/aead.h>
+#include <assert.h>
#include <string.h>
#include <openssl/chacha.h>
@@ -21,7 +22,6 @@
#include <openssl/err.h>
#include <openssl/mem.h>
#include <openssl/poly1305.h>
-#include <openssl/type_check.h>
#include "internal.h"
#include "../chacha/internal.h"
@@ -32,12 +32,12 @@
uint8_t key[32];
};
-OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) >=
- sizeof(struct aead_chacha20_poly1305_ctx),
- "AEAD state is too small");
-OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >=
- alignof(struct aead_chacha20_poly1305_ctx),
- "AEAD state has insufficient alignment");
+static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) >=
+ sizeof(struct aead_chacha20_poly1305_ctx),
+ "AEAD state is too small");
+static_assert(alignof(union evp_aead_ctx_st_state) >=
+ alignof(struct aead_chacha20_poly1305_ctx),
+ "AEAD state has insufficient alignment");
static int aead_chacha20_poly1305_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
size_t key_len, size_t tag_len) {
diff --git a/crypto/cipher_extra/e_tls.c b/crypto/cipher_extra/e_tls.c
index 9713dc7..cfaf95d 100644
--- a/crypto/cipher_extra/e_tls.c
+++ b/crypto/cipher_extra/e_tls.c
@@ -23,7 +23,6 @@
#include <openssl/md5.h>
#include <openssl/mem.h>
#include <openssl/sha.h>
-#include <openssl/type_check.h>
#include "../fipsmodule/cipher/internal.h"
#include "../internal.h"
@@ -42,15 +41,12 @@
char implicit_iv;
} AEAD_TLS_CTX;
-OPENSSL_STATIC_ASSERT(EVP_MAX_MD_SIZE < 256,
- "mac_key_len does not fit in uint8_t");
+static_assert(EVP_MAX_MD_SIZE < 256, "mac_key_len does not fit in uint8_t");
-OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) >=
- sizeof(AEAD_TLS_CTX),
- "AEAD state is too small");
-OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >=
- alignof(AEAD_TLS_CTX),
- "AEAD state has insufficient alignment");
+static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) >= sizeof(AEAD_TLS_CTX),
+ "AEAD state is too small");
+static_assert(alignof(union evp_aead_ctx_st_state) >= alignof(AEAD_TLS_CTX),
+ "AEAD state has insufficient alignment");
static void aead_tls_cleanup(EVP_AEAD_CTX *ctx) {
AEAD_TLS_CTX *tls_ctx = (AEAD_TLS_CTX *)&ctx->state;
diff --git a/crypto/cipher_extra/internal.h b/crypto/cipher_extra/internal.h
index 0fd0755..76a0314 100644
--- a/crypto/cipher_extra/internal.h
+++ b/crypto/cipher_extra/internal.h
@@ -57,10 +57,10 @@
#ifndef OPENSSL_HEADER_CIPHER_EXTRA_INTERNAL_H
#define OPENSSL_HEADER_CIPHER_EXTRA_INTERNAL_H
+#include <assert.h>
#include <stdlib.h>
#include <openssl/base.h>
-#include <openssl/type_check.h>
#include "../internal.h"
@@ -166,10 +166,10 @@
#if (defined(OPENSSL_X86_64) || defined(OPENSSL_AARCH64)) && \
!defined(OPENSSL_NO_ASM)
-OPENSSL_STATIC_ASSERT(sizeof(union chacha20_poly1305_open_data) == 48,
- "wrong chacha20_poly1305_open_data size");
-OPENSSL_STATIC_ASSERT(sizeof(union chacha20_poly1305_seal_data) == 48 + 8 + 8,
- "wrong chacha20_poly1305_seal_data size");
+static_assert(sizeof(union chacha20_poly1305_open_data) == 48,
+ "wrong chacha20_poly1305_open_data size");
+static_assert(sizeof(union chacha20_poly1305_seal_data) == 48 + 8 + 8,
+ "wrong chacha20_poly1305_seal_data size");
OPENSSL_INLINE int chacha20_poly1305_asm_capable(void) {
#if defined(OPENSSL_X86_64)
diff --git a/crypto/curve25519/curve25519.c b/crypto/curve25519/curve25519.c
index 4bf37b9..17740b8 100644
--- a/crypto/curve25519/curve25519.c
+++ b/crypto/curve25519/curve25519.c
@@ -27,7 +27,6 @@
#include <openssl/mem.h>
#include <openssl/rand.h>
#include <openssl/sha.h>
-#include <openssl/type_check.h>
#include "internal.h"
#include "../internal.h"
@@ -151,8 +150,8 @@
#endif // BORINGSSL_CURVE25519_64BIT
-OPENSSL_STATIC_ASSERT(sizeof(fe) == sizeof(fe_limb_t) * FE_NUM_LIMBS,
- "fe_limb_t[FE_NUM_LIMBS] is inconsistent with fe");
+static_assert(sizeof(fe) == sizeof(fe_limb_t) * FE_NUM_LIMBS,
+ "fe_limb_t[FE_NUM_LIMBS] is inconsistent with fe");
static void fe_frombytes_strict(fe *h, const uint8_t s[32]) {
// |fiat_25519_from_bytes| requires the top-most bit be clear.
@@ -315,8 +314,7 @@
}
static void fe_copy_lt(fe_loose *h, const fe *f) {
- OPENSSL_STATIC_ASSERT(sizeof(fe_loose) == sizeof(fe),
- "fe and fe_loose mismatch");
+ static_assert(sizeof(fe_loose) == sizeof(fe), "fe and fe_loose mismatch");
OPENSSL_memmove(h, f, sizeof(fe));
}
#if !defined(OPENSSL_SMALL)
diff --git a/crypto/ec_extra/hash_to_curve.c b/crypto/ec_extra/hash_to_curve.c
index 9c82454..fa7ff59 100644
--- a/crypto/ec_extra/hash_to_curve.c
+++ b/crypto/ec_extra/hash_to_curve.c
@@ -17,7 +17,6 @@
#include <openssl/digest.h>
#include <openssl/err.h>
#include <openssl/nid.h>
-#include <openssl/type_check.h>
#include <assert.h>
@@ -61,7 +60,7 @@
EVP_MD_CTX_init(&ctx);
// Long DSTs are hashed down to size. See section 5.3.3.
- OPENSSL_STATIC_ASSERT(EVP_MAX_MD_SIZE < 256, "hashed DST still too large");
+ static_assert(EVP_MAX_MD_SIZE < 256, "hashed DST still too large");
uint8_t dst_buf[EVP_MAX_MD_SIZE];
if (dst_len >= 256) {
static const char kPrefix[] = "H2C-OVERSIZE-DST-";
diff --git a/crypto/err/err_data_generate.go b/crypto/err/err_data_generate.go
index e8aefd8..963964c 100644
--- a/crypto/err/err_data_generate.go
+++ b/crypto/err/err_data_generate.go
@@ -270,15 +270,15 @@
#include <openssl/base.h>
#include <openssl/err.h>
-#include <openssl/type_check.h>
+#include <assert.h>
`)
for i, name := range libraryNames {
- fmt.Fprintf(out, "OPENSSL_STATIC_ASSERT(ERR_LIB_%s == %d, \"library value changed\");\n", name, i+1)
+ fmt.Fprintf(out, "static_assert(ERR_LIB_%s == %d, \"library value changed\");\n", name, i+1)
}
- fmt.Fprintf(out, "OPENSSL_STATIC_ASSERT(ERR_NUM_LIBS == %d, \"number of libraries changed\");\n", len(libraryNames)+1)
+ fmt.Fprintf(out, "static_assert(ERR_NUM_LIBS == %d, \"number of libraries changed\");\n", len(libraryNames)+1)
out.WriteString("\n")
e.reasons.WriteTo(out, "Reason")
diff --git a/crypto/evp/scrypt.c b/crypto/evp/scrypt.c
index 7ec6244..14a5e02 100644
--- a/crypto/evp/scrypt.c
+++ b/crypto/evp/scrypt.c
@@ -13,7 +13,6 @@
#include <openssl/err.h>
#include <openssl/mem.h>
-#include <openssl/type_check.h>
#include "../internal.h"
@@ -30,7 +29,7 @@
// A block_t is a Salsa20 block.
typedef struct { uint32_t words[16]; } block_t;
-OPENSSL_STATIC_ASSERT(sizeof(block_t) == 64, "block_t has padding");
+static_assert(sizeof(block_t) == 64, "block_t has padding");
// salsa208_word_specification implements the Salsa20/8 core function, also
// described in RFC 7914, section 3. It modifies the block at |inout|
@@ -171,7 +170,7 @@
// Allocate and divide up the scratch space. |max_mem| fits in a size_t, which
// is no bigger than uint64_t, so none of these operations may overflow.
- OPENSSL_STATIC_ASSERT(UINT64_MAX >= ((size_t)-1), "size_t exceeds uint64_t");
+ static_assert(UINT64_MAX >= ((size_t)-1), "size_t exceeds uint64_t");
size_t B_blocks = p * 2 * r;
size_t B_bytes = B_blocks * sizeof(block_t);
size_t T_blocks = 2 * r;
diff --git a/crypto/fipsmodule/aes/aes_nohw.c b/crypto/fipsmodule/aes/aes_nohw.c
index 5bb24bc..b5990b8 100644
--- a/crypto/fipsmodule/aes/aes_nohw.c
+++ b/crypto/fipsmodule/aes/aes_nohw.c
@@ -152,10 +152,10 @@
}
#endif // OPENSSL_SSE2
-OPENSSL_STATIC_ASSERT(AES_NOHW_BATCH_SIZE * 128 == 8 * 8 * sizeof(aes_word_t),
- "batch size does not match word size");
-OPENSSL_STATIC_ASSERT(AES_NOHW_WORD_SIZE == sizeof(aes_word_t),
- "AES_NOHW_WORD_SIZE is incorrect");
+static_assert(AES_NOHW_BATCH_SIZE * 128 == 8 * 8 * sizeof(aes_word_t),
+ "batch size does not match word size");
+static_assert(AES_NOHW_WORD_SIZE == sizeof(aes_word_t),
+ "AES_NOHW_WORD_SIZE is incorrect");
// Block representations.
diff --git a/crypto/fipsmodule/bn/bn.c b/crypto/fipsmodule/bn/bn.c
index 424d462..006e3eb 100644
--- a/crypto/fipsmodule/bn/bn.c
+++ b/crypto/fipsmodule/bn/bn.c
@@ -56,6 +56,7 @@
#include <openssl/bn.h>
+#include <assert.h>
#include <limits.h>
#include <string.h>
@@ -416,8 +417,8 @@
void bn_select_words(BN_ULONG *r, BN_ULONG mask, const BN_ULONG *a,
const BN_ULONG *b, size_t num) {
for (size_t i = 0; i < num; i++) {
- OPENSSL_STATIC_ASSERT(sizeof(BN_ULONG) <= sizeof(crypto_word_t),
- "crypto_word_t is too small");
+ static_assert(sizeof(BN_ULONG) <= sizeof(crypto_word_t),
+ "crypto_word_t is too small");
r[i] = constant_time_select_w(mask, a[i], b[i]);
}
}
diff --git a/crypto/fipsmodule/bn/cmp.c b/crypto/fipsmodule/bn/cmp.c
index fe478b6..84456a2 100644
--- a/crypto/fipsmodule/bn/cmp.c
+++ b/crypto/fipsmodule/bn/cmp.c
@@ -56,8 +56,9 @@
#include <openssl/bn.h>
+#include <assert.h>
+
#include <openssl/mem.h>
-#include <openssl/type_check.h>
#include "internal.h"
#include "../../internal.h"
@@ -65,8 +66,8 @@
static int bn_cmp_words_consttime(const BN_ULONG *a, size_t a_len,
const BN_ULONG *b, size_t b_len) {
- OPENSSL_STATIC_ASSERT(sizeof(BN_ULONG) <= sizeof(crypto_word_t),
- "crypto_word_t is too small");
+ static_assert(sizeof(BN_ULONG) <= sizeof(crypto_word_t),
+ "crypto_word_t is too small");
int ret = 0;
// Process the common words in little-endian order.
size_t min = a_len < b_len ? a_len : b_len;
diff --git a/crypto/fipsmodule/bn/montgomery.c b/crypto/fipsmodule/bn/montgomery.c
index e9fa08f..d04e91a 100644
--- a/crypto/fipsmodule/bn/montgomery.c
+++ b/crypto/fipsmodule/bn/montgomery.c
@@ -116,7 +116,6 @@
#include <openssl/err.h>
#include <openssl/mem.h>
#include <openssl/thread.h>
-#include <openssl/type_check.h>
#include "internal.h"
#include "../../internal.h"
@@ -190,11 +189,10 @@
// others, we could use a shorter R value and use faster |BN_ULONG|-based
// math instead of |uint64_t|-based math, which would be double-precision.
// However, currently only the assembler files know which is which.
- OPENSSL_STATIC_ASSERT(BN_MONT_CTX_N0_LIMBS == 1 || BN_MONT_CTX_N0_LIMBS == 2,
- "BN_MONT_CTX_N0_LIMBS value is invalid");
- OPENSSL_STATIC_ASSERT(
- sizeof(BN_ULONG) * BN_MONT_CTX_N0_LIMBS == sizeof(uint64_t),
- "uint64_t is insufficient precision for n0");
+ static_assert(BN_MONT_CTX_N0_LIMBS == 1 || BN_MONT_CTX_N0_LIMBS == 2,
+ "BN_MONT_CTX_N0_LIMBS value is invalid");
+ static_assert(sizeof(BN_ULONG) * BN_MONT_CTX_N0_LIMBS == sizeof(uint64_t),
+ "uint64_t is insufficient precision for n0");
uint64_t n0 = bn_mont_n0(&mont->N);
mont->n0[0] = (BN_ULONG)n0;
#if BN_MONT_CTX_N0_LIMBS == 2
diff --git a/crypto/fipsmodule/bn/montgomery_inv.c b/crypto/fipsmodule/bn/montgomery_inv.c
index c80873f..137af1d 100644
--- a/crypto/fipsmodule/bn/montgomery_inv.c
+++ b/crypto/fipsmodule/bn/montgomery_inv.c
@@ -22,11 +22,10 @@
static uint64_t bn_neg_inv_mod_r_u64(uint64_t n);
-OPENSSL_STATIC_ASSERT(BN_MONT_CTX_N0_LIMBS == 1 || BN_MONT_CTX_N0_LIMBS == 2,
- "BN_MONT_CTX_N0_LIMBS value is invalid");
-OPENSSL_STATIC_ASSERT(sizeof(BN_ULONG) * BN_MONT_CTX_N0_LIMBS ==
- sizeof(uint64_t),
- "uint64_t is insufficient precision for n0");
+static_assert(BN_MONT_CTX_N0_LIMBS == 1 || BN_MONT_CTX_N0_LIMBS == 2,
+ "BN_MONT_CTX_N0_LIMBS value is invalid");
+static_assert(sizeof(BN_ULONG) * BN_MONT_CTX_N0_LIMBS == sizeof(uint64_t),
+ "uint64_t is insufficient precision for n0");
// LG_LITTLE_R is log_2(r).
#define LG_LITTLE_R (BN_MONT_CTX_N0_LIMBS * BN_BITS2)
diff --git a/crypto/fipsmodule/bn/mul.c b/crypto/fipsmodule/bn/mul.c
index 6e1c3ca..fe4e4d7 100644
--- a/crypto/fipsmodule/bn/mul.c
+++ b/crypto/fipsmodule/bn/mul.c
@@ -62,7 +62,6 @@
#include <openssl/err.h>
#include <openssl/mem.h>
-#include <openssl/type_check.h>
#include "internal.h"
#include "../../internal.h"
@@ -281,8 +280,8 @@
BN_ULONG c_neg = c - bn_sub_words(&t[n2 * 2], t, &t[n2], n2);
BN_ULONG c_pos = c + bn_add_words(&t[n2], t, &t[n2], n2);
bn_select_words(&t[n2], neg, &t[n2 * 2], &t[n2], n2);
- OPENSSL_STATIC_ASSERT(sizeof(BN_ULONG) <= sizeof(crypto_word_t),
- "crypto_word_t is too small");
+ static_assert(sizeof(BN_ULONG) <= sizeof(crypto_word_t),
+ "crypto_word_t is too small");
c = constant_time_select_w(neg, c_neg, c_pos);
// We now have our three components. Add them together.
@@ -395,8 +394,8 @@
BN_ULONG c_neg = c - bn_sub_words(&t[n2 * 2], t, &t[n2], n2);
BN_ULONG c_pos = c + bn_add_words(&t[n2], t, &t[n2], n2);
bn_select_words(&t[n2], neg, &t[n2 * 2], &t[n2], n2);
- OPENSSL_STATIC_ASSERT(sizeof(BN_ULONG) <= sizeof(crypto_word_t),
- "crypto_word_t is too small");
+ static_assert(sizeof(BN_ULONG) <= sizeof(crypto_word_t),
+ "crypto_word_t is too small");
c = constant_time_select_w(neg, c_neg, c_pos);
// We now have our three components. Add them together.
diff --git a/crypto/fipsmodule/bn/random.c b/crypto/fipsmodule/bn/random.c
index 36ad679..4966778 100644
--- a/crypto/fipsmodule/bn/random.c
+++ b/crypto/fipsmodule/bn/random.c
@@ -108,12 +108,12 @@
#include <openssl/bn.h>
+#include <assert.h>
#include <limits.h>
#include <string.h>
#include <openssl/err.h>
#include <openssl/rand.h>
-#include <openssl/type_check.h>
#include "../../internal.h"
#include "../rand/internal.h"
@@ -199,8 +199,8 @@
}
// |a| < |b| iff a[1..len-1] are all zero and a[0] < b.
- OPENSSL_STATIC_ASSERT(sizeof(BN_ULONG) <= sizeof(crypto_word_t),
- "crypto_word_t is too small");
+ static_assert(sizeof(BN_ULONG) <= sizeof(crypto_word_t),
+ "crypto_word_t is too small");
crypto_word_t mask = 0;
for (size_t i = 1; i < len; i++) {
mask |= a[i];
diff --git a/crypto/fipsmodule/bn/rsaz_exp.c b/crypto/fipsmodule/bn/rsaz_exp.c
index f4e50a6..7b455b5 100644
--- a/crypto/fipsmodule/bn/rsaz_exp.c
+++ b/crypto/fipsmodule/bn/rsaz_exp.c
@@ -18,6 +18,8 @@
#include <openssl/mem.h>
+#include <assert.h>
+
#include "internal.h"
#include "../../internal.h"
@@ -38,8 +40,8 @@
const BN_ULONG m_norm[16], const BN_ULONG RR[16],
BN_ULONG k0,
BN_ULONG storage[MOD_EXP_CTIME_STORAGE_LEN]) {
- OPENSSL_STATIC_ASSERT(MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH % 64 == 0,
- "MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH is too small");
+ static_assert(MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH % 64 == 0,
+ "MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH is too small");
assert((uintptr_t)storage % 64 == 0);
BN_ULONG *a_inv, *m, *result, *table_s = storage + 40 * 3, *R2 = table_s;
diff --git a/crypto/fipsmodule/bn/shift.c b/crypto/fipsmodule/bn/shift.c
index 523da67..55f864e 100644
--- a/crypto/fipsmodule/bn/shift.c
+++ b/crypto/fipsmodule/bn/shift.c
@@ -56,10 +56,10 @@
#include <openssl/bn.h>
+#include <assert.h>
#include <string.h>
#include <openssl/err.h>
-#include <openssl/type_check.h>
#include "internal.h"
@@ -296,15 +296,14 @@
}
static int bn_count_low_zero_bits_word(BN_ULONG l) {
- OPENSSL_STATIC_ASSERT(sizeof(BN_ULONG) <= sizeof(crypto_word_t),
- "crypto_word_t is too small");
- OPENSSL_STATIC_ASSERT(sizeof(int) <= sizeof(crypto_word_t),
- "crypto_word_t is too small");
- OPENSSL_STATIC_ASSERT(BN_BITS2 == sizeof(BN_ULONG) * 8,
- "BN_ULONG has padding bits");
+ static_assert(sizeof(BN_ULONG) <= sizeof(crypto_word_t),
+ "crypto_word_t is too small");
+ static_assert(sizeof(int) <= sizeof(crypto_word_t),
+ "crypto_word_t is too small");
+ static_assert(BN_BITS2 == sizeof(BN_ULONG) * 8, "BN_ULONG has padding bits");
// C has very bizarre rules for types smaller than an int.
- OPENSSL_STATIC_ASSERT(sizeof(BN_ULONG) >= sizeof(int),
- "BN_ULONG gets promoted to int");
+ static_assert(sizeof(BN_ULONG) >= sizeof(int),
+ "BN_ULONG gets promoted to int");
crypto_word_t mask;
int bits = 0;
@@ -342,10 +341,10 @@
}
int BN_count_low_zero_bits(const BIGNUM *bn) {
- OPENSSL_STATIC_ASSERT(sizeof(BN_ULONG) <= sizeof(crypto_word_t),
- "crypto_word_t is too small");
- OPENSSL_STATIC_ASSERT(sizeof(int) <= sizeof(crypto_word_t),
- "crypto_word_t is too small");
+ static_assert(sizeof(BN_ULONG) <= sizeof(crypto_word_t),
+ "crypto_word_t is too small");
+ static_assert(sizeof(int) <= sizeof(crypto_word_t),
+ "crypto_word_t is too small");
int ret = 0;
crypto_word_t saw_nonzero = 0;
diff --git a/crypto/fipsmodule/cipher/e_aes.c b/crypto/fipsmodule/cipher/e_aes.c
index e94d59a..8d5ed4c 100644
--- a/crypto/fipsmodule/cipher/e_aes.c
+++ b/crypto/fipsmodule/cipher/e_aes.c
@@ -335,7 +335,7 @@
#endif
static EVP_AES_GCM_CTX *aes_gcm_from_cipher_ctx(EVP_CIPHER_CTX *ctx) {
- OPENSSL_STATIC_ASSERT(
+ static_assert(
alignof(EVP_AES_GCM_CTX) <= 16,
"EVP_AES_GCM_CTX needs more alignment than this function provides");
@@ -921,12 +921,12 @@
return 1;
}
-OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) >=
- sizeof(struct aead_aes_gcm_ctx),
- "AEAD state is too small");
-OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >=
- alignof(struct aead_aes_gcm_ctx),
- "AEAD state has insufficient alignment");
+static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) >=
+ sizeof(struct aead_aes_gcm_ctx),
+ "AEAD state is too small");
+static_assert(alignof(union evp_aead_ctx_st_state) >=
+ alignof(struct aead_aes_gcm_ctx),
+ "AEAD state has insufficient alignment");
static int aead_aes_gcm_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
size_t key_len, size_t requested_tag_len) {
@@ -1259,12 +1259,12 @@
uint64_t min_next_nonce;
};
-OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) >=
- sizeof(struct aead_aes_gcm_tls12_ctx),
- "AEAD state is too small");
-OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >=
- alignof(struct aead_aes_gcm_tls12_ctx),
- "AEAD state has insufficient alignment");
+static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) >=
+ sizeof(struct aead_aes_gcm_tls12_ctx),
+ "AEAD state is too small");
+static_assert(alignof(union evp_aead_ctx_st_state) >=
+ alignof(struct aead_aes_gcm_tls12_ctx),
+ "AEAD state has insufficient alignment");
static int aead_aes_gcm_tls12_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
size_t key_len, size_t requested_tag_len) {
@@ -1353,12 +1353,12 @@
uint8_t first;
};
-OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) >=
- sizeof(struct aead_aes_gcm_tls13_ctx),
- "AEAD state is too small");
-OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >=
- alignof(struct aead_aes_gcm_tls13_ctx),
- "AEAD state has insufficient alignment");
+static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) >=
+ sizeof(struct aead_aes_gcm_tls13_ctx),
+ "AEAD state is too small");
+static_assert(alignof(union evp_aead_ctx_st_state) >=
+ alignof(struct aead_aes_gcm_tls13_ctx),
+ "AEAD state has insufficient alignment");
static int aead_aes_gcm_tls13_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
size_t key_len, size_t requested_tag_len) {
diff --git a/crypto/fipsmodule/cipher/e_aesccm.c b/crypto/fipsmodule/cipher/e_aesccm.c
index cd61701..c00bf61 100644
--- a/crypto/fipsmodule/cipher/e_aesccm.c
+++ b/crypto/fipsmodule/cipher/e_aesccm.c
@@ -276,12 +276,12 @@
struct ccm128_context ccm;
};
-OPENSSL_STATIC_ASSERT(sizeof(((EVP_AEAD_CTX *)NULL)->state) >=
- sizeof(struct aead_aes_ccm_ctx),
- "AEAD state is too small");
-OPENSSL_STATIC_ASSERT(alignof(union evp_aead_ctx_st_state) >=
- alignof(struct aead_aes_ccm_ctx),
- "AEAD state has insufficient alignment");
+static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) >=
+ sizeof(struct aead_aes_ccm_ctx),
+ "AEAD state is too small");
+static_assert(alignof(union evp_aead_ctx_st_state) >=
+ alignof(struct aead_aes_ccm_ctx),
+ "AEAD state has insufficient alignment");
static int aead_aes_ccm_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
size_t key_len, size_t tag_len, unsigned M,
diff --git a/crypto/fipsmodule/ec/ec.c b/crypto/fipsmodule/ec/ec.c
index c70fb11..4e632e1 100644
--- a/crypto/fipsmodule/ec/ec.c
+++ b/crypto/fipsmodule/ec/ec.c
@@ -1155,8 +1155,8 @@
void ec_precomp_select(const EC_GROUP *group, EC_PRECOMP *out, BN_ULONG mask,
const EC_PRECOMP *a, const EC_PRECOMP *b) {
- OPENSSL_STATIC_ASSERT(sizeof(out->comb) == sizeof(*out),
- "out->comb does not span the entire structure");
+ static_assert(sizeof(out->comb) == sizeof(*out),
+ "out->comb does not span the entire structure");
for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(out->comb); i++) {
ec_affine_select(group, &out->comb[i], mask, &a->comb[i], &b->comb[i]);
}
diff --git a/crypto/fipsmodule/ec/internal.h b/crypto/fipsmodule/ec/internal.h
index 522c8d9..f6c8e8a 100644
--- a/crypto/fipsmodule/ec/internal.h
+++ b/crypto/fipsmodule/ec/internal.h
@@ -70,10 +70,11 @@
#include <openssl/base.h>
+#include <assert.h>
+
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/ex_data.h>
-#include <openssl/type_check.h>
#include "../bn/internal.h"
@@ -91,8 +92,8 @@
#define EC_MAX_BYTES 66
#define EC_MAX_WORDS ((EC_MAX_BYTES + BN_BYTES - 1) / BN_BYTES)
-OPENSSL_STATIC_ASSERT(EC_MAX_WORDS <= BN_SMALL_MAX_WORDS,
- "bn_*_small functions not usable");
+static_assert(EC_MAX_WORDS <= BN_SMALL_MAX_WORDS,
+ "bn_*_small functions not usable");
// Scalars.
diff --git a/crypto/fipsmodule/ec/p256.c b/crypto/fipsmodule/ec/p256.c
index b3ee9d4..816e6f1 100644
--- a/crypto/fipsmodule/ec/p256.c
+++ b/crypto/fipsmodule/ec/p256.c
@@ -22,7 +22,6 @@
#include <openssl/ec.h>
#include <openssl/err.h>
#include <openssl/mem.h>
-#include <openssl/type_check.h>
#include <assert.h>
#include <string.h>
diff --git a/crypto/fipsmodule/ec/simple_mul.c b/crypto/fipsmodule/ec/simple_mul.c
index 0e6384e..024155d 100644
--- a/crypto/fipsmodule/ec/simple_mul.c
+++ b/crypto/fipsmodule/ec/simple_mul.c
@@ -202,9 +202,8 @@
// Store the comb in affine coordinates to shrink the table. (This reduces
// cache pressure and makes the constant-time selects faster.)
- OPENSSL_STATIC_ASSERT(
- OPENSSL_ARRAY_SIZE(comb) == OPENSSL_ARRAY_SIZE(out->comb),
- "comb sizes did not match");
+ static_assert(OPENSSL_ARRAY_SIZE(comb) == OPENSSL_ARRAY_SIZE(out->comb),
+ "comb sizes did not match");
return ec_jacobian_to_affine_batch(group, out->comb, comb,
OPENSSL_ARRAY_SIZE(comb));
}
diff --git a/crypto/fipsmodule/ecdsa/ecdsa.c b/crypto/fipsmodule/ecdsa/ecdsa.c
index b92f8b2..95b367f 100644
--- a/crypto/fipsmodule/ecdsa/ecdsa.c
+++ b/crypto/fipsmodule/ecdsa/ecdsa.c
@@ -59,7 +59,6 @@
#include <openssl/err.h>
#include <openssl/mem.h>
#include <openssl/sha.h>
-#include <openssl/type_check.h>
#include "../../internal.h"
#include "../bn/internal.h"
@@ -322,8 +321,8 @@
// Pass a SHA512 hash of the private key and digest as additional data
// into the RBG. This is a hardening measure against entropy failure.
- OPENSSL_STATIC_ASSERT(SHA512_DIGEST_LENGTH >= 32,
- "additional_data is too large for SHA-512");
+ static_assert(SHA512_DIGEST_LENGTH >= 32,
+ "additional_data is too large for SHA-512");
FIPS_service_indicator_lock_state();
diff --git a/crypto/fipsmodule/modes/cbc.c b/crypto/fipsmodule/modes/cbc.c
index ac0cd42..df8f9ce 100644
--- a/crypto/fipsmodule/modes/cbc.c
+++ b/crypto/fipsmodule/modes/cbc.c
@@ -49,8 +49,6 @@
#include <assert.h>
#include <string.h>
-#include <openssl/type_check.h>
-
#include "internal.h"
#include "../../internal.h"
@@ -120,8 +118,8 @@
if ((inptr >= 32 && outptr <= inptr - 32) || inptr < outptr) {
// If |out| is at least two blocks behind |in| or completely disjoint, there
// is no need to decrypt to a temporary block.
- OPENSSL_STATIC_ASSERT(16 % sizeof(crypto_word_t) == 0,
- "block cannot be evenly divided into words");
+ static_assert(16 % sizeof(crypto_word_t) == 0,
+ "block cannot be evenly divided into words");
const uint8_t *iv = ivec;
while (len >= 16) {
(*block)(in, out, key);
@@ -136,8 +134,8 @@
}
OPENSSL_memcpy(ivec, iv, 16);
} else {
- OPENSSL_STATIC_ASSERT(16 % sizeof(crypto_word_t) == 0,
- "block cannot be evenly divided into words");
+ static_assert(16 % sizeof(crypto_word_t) == 0,
+ "block cannot be evenly divided into words");
while (len >= 16) {
(*block)(in, tmp, key);
diff --git a/crypto/fipsmodule/modes/cfb.c b/crypto/fipsmodule/modes/cfb.c
index 283a107..37a8184 100644
--- a/crypto/fipsmodule/modes/cfb.c
+++ b/crypto/fipsmodule/modes/cfb.c
@@ -46,16 +46,13 @@
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ==================================================================== */
-#include <openssl/type_check.h>
-
#include <assert.h>
#include <string.h>
#include "internal.h"
-OPENSSL_STATIC_ASSERT(16 % sizeof(size_t) == 0,
- "block cannot be divided into size_t");
+static_assert(16 % sizeof(size_t) == 0, "block cannot be divided into size_t");
void CRYPTO_cfb128_encrypt(const uint8_t *in, uint8_t *out, size_t len,
const AES_KEY *key, uint8_t ivec[16], unsigned *num,
diff --git a/crypto/fipsmodule/modes/ctr.c b/crypto/fipsmodule/modes/ctr.c
index cea79ad..1688f82 100644
--- a/crypto/fipsmodule/modes/ctr.c
+++ b/crypto/fipsmodule/modes/ctr.c
@@ -46,8 +46,6 @@
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ==================================================================== */
-#include <openssl/type_check.h>
-
#include <assert.h>
#include <string.h>
@@ -70,8 +68,8 @@
} while (n);
}
-OPENSSL_STATIC_ASSERT(16 % sizeof(crypto_word_t) == 0,
- "block cannot be divided into crypto_word_t");
+static_assert(16 % sizeof(crypto_word_t) == 0,
+ "block cannot be divided into crypto_word_t");
// The input encrypted as though 128bit counter mode is being used. The extra
// state information to record how much of the 128bit block we have used is
diff --git a/crypto/fipsmodule/modes/ofb.c b/crypto/fipsmodule/modes/ofb.c
index 9d73d8a..5effba6 100644
--- a/crypto/fipsmodule/modes/ofb.c
+++ b/crypto/fipsmodule/modes/ofb.c
@@ -46,16 +46,13 @@
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ==================================================================== */
-#include <openssl/type_check.h>
-
#include <assert.h>
#include <string.h>
#include "internal.h"
-OPENSSL_STATIC_ASSERT(16 % sizeof(size_t) == 0,
- "block cannot be divided into size_t");
+static_assert(16 % sizeof(size_t) == 0, "block cannot be divided into size_t");
void CRYPTO_ofb128_encrypt(const uint8_t *in, uint8_t *out, size_t len,
const AES_KEY *key, uint8_t ivec[16], unsigned *num,
diff --git a/crypto/fipsmodule/rand/ctrdrbg.c b/crypto/fipsmodule/rand/ctrdrbg.c
index d01c797..0e8995f 100644
--- a/crypto/fipsmodule/rand/ctrdrbg.c
+++ b/crypto/fipsmodule/rand/ctrdrbg.c
@@ -14,7 +14,8 @@
#include <openssl/ctrdrbg.h>
-#include <openssl/type_check.h>
+#include <assert.h>
+
#include <openssl/mem.h>
#include "internal.h"
@@ -80,8 +81,8 @@
return 1;
}
-OPENSSL_STATIC_ASSERT(CTR_DRBG_ENTROPY_LEN % AES_BLOCK_SIZE == 0,
- "not a multiple of AES block size");
+static_assert(CTR_DRBG_ENTROPY_LEN % AES_BLOCK_SIZE == 0,
+ "not a multiple of AES block size");
// ctr_inc adds |n| to the last four bytes of |drbg->counter|, treated as a
// big-endian number.
diff --git a/crypto/fipsmodule/rand/fork_detect.c b/crypto/fipsmodule/rand/fork_detect.c
index 8dd2c95..51cf18a 100644
--- a/crypto/fipsmodule/rand/fork_detect.c
+++ b/crypto/fipsmodule/rand/fork_detect.c
@@ -21,18 +21,17 @@
#include "fork_detect.h"
#if defined(OPENSSL_LINUX)
+#include <assert.h>
#include <sys/mman.h>
#include <unistd.h>
#include <stdlib.h>
-#include <openssl/type_check.h>
-
#include "../delocate.h"
#include "../../internal.h"
#if defined(MADV_WIPEONFORK)
-OPENSSL_STATIC_ASSERT(MADV_WIPEONFORK == 18, "MADV_WIPEONFORK is not 18");
+static_assert(MADV_WIPEONFORK == 18, "MADV_WIPEONFORK is not 18");
#else
#define MADV_WIPEONFORK 18
#endif
diff --git a/crypto/fipsmodule/rand/rand.c b/crypto/fipsmodule/rand/rand.c
index f78e66a..bf0f486 100644
--- a/crypto/fipsmodule/rand/rand.c
+++ b/crypto/fipsmodule/rand/rand.c
@@ -25,7 +25,6 @@
#include <openssl/chacha.h>
#include <openssl/ctrdrbg.h>
#include <openssl/mem.h>
-#include <openssl/type_check.h>
#include "internal.h"
#include "fork_detect.h"
diff --git a/crypto/fipsmodule/rsa/rsa_impl.c b/crypto/fipsmodule/rsa/rsa_impl.c
index 0958961..2bef70d 100644
--- a/crypto/fipsmodule/rsa/rsa_impl.c
+++ b/crypto/fipsmodule/rsa/rsa_impl.c
@@ -64,7 +64,6 @@
#include <openssl/err.h>
#include <openssl/mem.h>
#include <openssl/thread.h>
-#include <openssl/type_check.h>
#include "../../internal.h"
#include "../bn/internal.h"
@@ -406,8 +405,8 @@
}
// Double the length of the cache.
- OPENSSL_STATIC_ASSERT(MAX_BLINDINGS_PER_RSA < UINT_MAX / 2,
- "MAX_BLINDINGS_PER_RSA too large");
+ static_assert(MAX_BLINDINGS_PER_RSA < UINT_MAX / 2,
+ "MAX_BLINDINGS_PER_RSA too large");
unsigned new_num_blindings = rsa->num_blindings * 2;
if (new_num_blindings == 0) {
new_num_blindings = 1;
@@ -417,9 +416,8 @@
}
assert(new_num_blindings > rsa->num_blindings);
- OPENSSL_STATIC_ASSERT(
- MAX_BLINDINGS_PER_RSA < UINT_MAX / sizeof(BN_BLINDING *),
- "MAX_BLINDINGS_PER_RSA too large");
+ static_assert(MAX_BLINDINGS_PER_RSA < UINT_MAX / sizeof(BN_BLINDING *),
+ "MAX_BLINDINGS_PER_RSA too large");
BN_BLINDING **new_blindings =
OPENSSL_malloc(sizeof(BN_BLINDING *) * new_num_blindings);
uint8_t *new_blindings_inuse = OPENSSL_malloc(new_num_blindings);
diff --git a/crypto/hrss/hrss.c b/crypto/hrss/hrss.c
index dd6e970..572e981 100644
--- a/crypto/hrss/hrss.c
+++ b/crypto/hrss/hrss.c
@@ -1226,10 +1226,10 @@
// poly_mul_vec sets |*out| to |x|×|y| mod (𝑥^n - 1).
static void poly_mul_vec(struct POLY_MUL_SCRATCH *scratch, struct poly *out,
const struct poly *x, const struct poly *y) {
- OPENSSL_STATIC_ASSERT(sizeof(out->v) == sizeof(vec_t) * VECS_PER_POLY,
- "struct poly is the wrong size");
- OPENSSL_STATIC_ASSERT(alignof(struct poly) == alignof(vec_t),
- "struct poly has incorrect alignment");
+ static_assert(sizeof(out->v) == sizeof(vec_t) * VECS_PER_POLY,
+ "struct poly is the wrong size");
+ static_assert(alignof(struct poly) == alignof(vec_t),
+ "struct poly has incorrect alignment");
poly_assert_normalized(x);
poly_assert_normalized(y);
@@ -1751,8 +1751,7 @@
// function uses that freedom to implement a flatter distribution of values.
static void poly_short_sample(struct poly *out,
const uint8_t in[HRSS_SAMPLE_BYTES]) {
- OPENSSL_STATIC_ASSERT(HRSS_SAMPLE_BYTES == N - 1,
- "HRSS_SAMPLE_BYTES incorrect");
+ static_assert(HRSS_SAMPLE_BYTES == N - 1, "HRSS_SAMPLE_BYTES incorrect");
for (size_t i = 0; i < N - 1; i++) {
uint16_t v = mod3(in[i]);
// Map {0, 1, 2} -> {0, 1, 0xffff}
@@ -1921,7 +1920,7 @@
// that up.)
static struct public_key *public_key_from_external(
struct HRSS_public_key *ext) {
- OPENSSL_STATIC_ASSERT(
+ static_assert(
sizeof(struct HRSS_public_key) >= sizeof(struct public_key) + 15,
"HRSS public key too small");
@@ -1933,7 +1932,7 @@
// issues.
static struct private_key *private_key_from_external(
struct HRSS_private_key *ext) {
- OPENSSL_STATIC_ASSERT(
+ static_assert(
sizeof(struct HRSS_private_key) >= sizeof(struct private_key) + 15,
"HRSS private key too small");
@@ -2110,8 +2109,8 @@
// This is HMAC, expanded inline rather than using the |HMAC| function so that
// we can avoid dealing with possible allocation failures and so keep this
// function infallible.
- OPENSSL_STATIC_ASSERT(sizeof(priv->hmac_key) <= sizeof(vars->masked_key),
- "HRSS HMAC key larger than SHA-256 block size");
+ static_assert(sizeof(priv->hmac_key) <= sizeof(vars->masked_key),
+ "HRSS HMAC key larger than SHA-256 block size");
for (size_t i = 0; i < sizeof(priv->hmac_key); i++) {
vars->masked_key[i] = priv->hmac_key[i] ^ 0x36;
}
@@ -2133,8 +2132,8 @@
SHA256_Init(&vars->hash_ctx);
SHA256_Update(&vars->hash_ctx, vars->masked_key, sizeof(vars->masked_key));
SHA256_Update(&vars->hash_ctx, inner_digest, sizeof(inner_digest));
- OPENSSL_STATIC_ASSERT(HRSS_KEY_BYTES == SHA256_DIGEST_LENGTH,
- "HRSS shared key length incorrect");
+ static_assert(HRSS_KEY_BYTES == SHA256_DIGEST_LENGTH,
+ "HRSS shared key length incorrect");
SHA256_Final(out_shared_key, &vars->hash_ctx);
// If the ciphertext is publicly invalid then a random shared key is still
@@ -2187,8 +2186,8 @@
// The |poly_marshal| here then is just confirming that |poly_unmarshal| is
// strict and could be omitted.
- OPENSSL_STATIC_ASSERT(HRSS_CIPHERTEXT_BYTES == POLY_BYTES,
- "ciphertext is the wrong size");
+ static_assert(HRSS_CIPHERTEXT_BYTES == POLY_BYTES,
+ "ciphertext is the wrong size");
assert(ciphertext_len == sizeof(vars->expected_ciphertext));
poly_marshal(vars->expected_ciphertext, &vars->c);
diff --git a/crypto/hrss/hrss_test.cc b/crypto/hrss/hrss_test.cc
index 31a1560..8c4d15f 100644
--- a/crypto/hrss/hrss_test.cc
+++ b/crypto/hrss/hrss_test.cc
@@ -490,7 +490,7 @@
alignas(16) uint16_t b[N + 3] = {0};
uint8_t kCanary[256];
- OPENSSL_STATIC_ASSERT(sizeof(kCanary) % 32 == 0, "needed for alignment");
+ static_assert(sizeof(kCanary) % 32 == 0, "needed for alignment");
memset(kCanary, 42, sizeof(kCanary));
alignas(32) uint8_t
scratch[sizeof(kCanary) + POLY_MUL_RQ_SCRATCH_SPACE + sizeof(kCanary)];
diff --git a/crypto/mem.c b/crypto/mem.c
index fde1b30..c90bb16 100644
--- a/crypto/mem.c
+++ b/crypto/mem.c
@@ -72,8 +72,7 @@
#define OPENSSL_MALLOC_PREFIX 8
-OPENSSL_STATIC_ASSERT(OPENSSL_MALLOC_PREFIX >= sizeof(size_t),
- "size_t too large");
+static_assert(OPENSSL_MALLOC_PREFIX >= sizeof(size_t), "size_t too large");
#if defined(OPENSSL_ASAN)
void __asan_poison_memory_region(const volatile void *addr, size_t size);
diff --git a/crypto/poly1305/poly1305.c b/crypto/poly1305/poly1305.c
index e4e6298..3017e32 100644
--- a/crypto/poly1305/poly1305.c
+++ b/crypto/poly1305/poly1305.c
@@ -18,6 +18,7 @@
#include <openssl/poly1305.h>
+#include <assert.h>
#include <string.h>
#include "internal.h"
@@ -48,7 +49,7 @@
uint8_t key[16];
};
-OPENSSL_STATIC_ASSERT(
+static_assert(
sizeof(struct poly1305_state_st) + 63 <= sizeof(poly1305_state),
"poly1305_state isn't large enough to hold aligned poly1305_state_st");
diff --git a/crypto/poly1305/poly1305_arm.c b/crypto/poly1305/poly1305_arm.c
index d6f034c..d01e0b7 100644
--- a/crypto/poly1305/poly1305_arm.c
+++ b/crypto/poly1305/poly1305_arm.c
@@ -17,6 +17,7 @@
#include <openssl/poly1305.h>
+#include <assert.h>
#include <string.h>
#include "../internal.h"
@@ -183,7 +184,7 @@
uint8_t key[16];
};
-OPENSSL_STATIC_ASSERT(
+static_assert(
sizeof(struct poly1305_state_st) + 63 <= sizeof(poly1305_state),
"poly1305_state isn't large enough to hold aligned poly1305_state_st.");
diff --git a/crypto/poly1305/poly1305_vec.c b/crypto/poly1305/poly1305_vec.c
index 0730508..209b403 100644
--- a/crypto/poly1305/poly1305_vec.c
+++ b/crypto/poly1305/poly1305_vec.c
@@ -20,6 +20,8 @@
#include <openssl/poly1305.h>
+#include <assert.h>
+
#include "../internal.h"
@@ -76,9 +78,10 @@
} poly1305_state_internal; /* 448 bytes total + 63 bytes for
alignment = 511 bytes raw */
-OPENSSL_STATIC_ASSERT(
- sizeof(struct poly1305_state_internal_t) + 63 <= sizeof(poly1305_state),
- "poly1305_state isn't large enough to hold aligned poly1305_state_internal_t");
+static_assert(sizeof(struct poly1305_state_internal_t) + 63 <=
+ sizeof(poly1305_state),
+ "poly1305_state isn't large enough to hold aligned "
+ "poly1305_state_internal_t");
static inline poly1305_state_internal *poly1305_aligned_state(
poly1305_state *state) {
diff --git a/crypto/refcount_c11.c b/crypto/refcount_c11.c
index 0a331a4..a1781c6 100644
--- a/crypto/refcount_c11.c
+++ b/crypto/refcount_c11.c
@@ -22,8 +22,6 @@
#include <stdatomic.h>
#include <stdlib.h>
-#include <openssl/type_check.h>
-
// See comment above the typedef of CRYPTO_refcount_t about these tests.
static_assert(alignof(CRYPTO_refcount_t) == alignof(_Atomic CRYPTO_refcount_t),
diff --git a/crypto/refcount_lock.c b/crypto/refcount_lock.c
index fb1c11f..173267e 100644
--- a/crypto/refcount_lock.c
+++ b/crypto/refcount_lock.c
@@ -14,15 +14,14 @@
#include "internal.h"
+#include <assert.h>
#include <stdlib.h>
-#include <openssl/type_check.h>
-
#if !defined(OPENSSL_C11_ATOMIC)
-OPENSSL_STATIC_ASSERT((CRYPTO_refcount_t)-1 == CRYPTO_REFCOUNT_MAX,
- "CRYPTO_REFCOUNT_MAX is incorrect");
+static_assert((CRYPTO_refcount_t)-1 == CRYPTO_REFCOUNT_MAX,
+ "CRYPTO_REFCOUNT_MAX is incorrect");
static struct CRYPTO_STATIC_MUTEX g_refcount_lock = CRYPTO_STATIC_MUTEX_INIT;
diff --git a/crypto/thread_pthread.c b/crypto/thread_pthread.c
index 1b83294..08bdd5a 100644
--- a/crypto/thread_pthread.c
+++ b/crypto/thread_pthread.c
@@ -16,18 +16,18 @@
#if defined(OPENSSL_PTHREADS)
+#include <assert.h>
#include <pthread.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/mem.h>
-#include <openssl/type_check.h>
-OPENSSL_STATIC_ASSERT(sizeof(CRYPTO_MUTEX) >= sizeof(pthread_rwlock_t),
- "CRYPTO_MUTEX is too small");
-OPENSSL_STATIC_ASSERT(alignof(CRYPTO_MUTEX) >= alignof(pthread_rwlock_t),
- "CRYPTO_MUTEX has insufficient alignment");
+static_assert(sizeof(CRYPTO_MUTEX) >= sizeof(pthread_rwlock_t),
+ "CRYPTO_MUTEX is too small");
+static_assert(alignof(CRYPTO_MUTEX) >= alignof(pthread_rwlock_t),
+ "CRYPTO_MUTEX has insufficient alignment");
void CRYPTO_MUTEX_init(CRYPTO_MUTEX *lock) {
if (pthread_rwlock_init((pthread_rwlock_t *) lock, NULL) != 0) {
diff --git a/crypto/thread_win.c b/crypto/thread_win.c
index 1065884..3b61bfc 100644
--- a/crypto/thread_win.c
+++ b/crypto/thread_win.c
@@ -20,17 +20,17 @@
#include <windows.h>
OPENSSL_MSVC_PRAGMA(warning(pop))
+#include <assert.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/mem.h>
-#include <openssl/type_check.h>
-OPENSSL_STATIC_ASSERT(sizeof(CRYPTO_MUTEX) >= sizeof(SRWLOCK),
- "CRYPTO_MUTEX is too small");
-OPENSSL_STATIC_ASSERT(alignof(CRYPTO_MUTEX) >= alignof(SRWLOCK),
- "CRYPTO_MUTEX has insufficient alignment");
+static_assert(sizeof(CRYPTO_MUTEX) >= sizeof(SRWLOCK),
+ "CRYPTO_MUTEX is too small");
+static_assert(alignof(CRYPTO_MUTEX) >= alignof(SRWLOCK),
+ "CRYPTO_MUTEX has insufficient alignment");
static BOOL CALLBACK call_once_init(INIT_ONCE *once, void *arg, void **out) {
void (**init)(void) = (void (**)(void))arg;
diff --git a/include/openssl/ssl3.h b/include/openssl/ssl3.h
index 533142c..190bca4 100644
--- a/include/openssl/ssl3.h
+++ b/include/openssl/ssl3.h
@@ -118,7 +118,6 @@
#define OPENSSL_HEADER_SSL3_H
#include <openssl/aead.h>
-#include <openssl/type_check.h>
#ifdef __cplusplus
extern "C" {
@@ -251,10 +250,6 @@
#define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \
(EVP_AEAD_MAX_OVERHEAD + EVP_AEAD_MAX_NONCE_LENGTH)
-OPENSSL_STATIC_ASSERT(SSL3_RT_MAX_ENCRYPTED_OVERHEAD >=
- SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD,
- "max overheads are inconsistent");
-
// SSL3_RT_MAX_COMPRESSED_LENGTH is an alias for
// |SSL3_RT_MAX_PLAIN_LENGTH|. Compression is gone, so don't include the
// compression overhead.
diff --git a/include/openssl/stack.h b/include/openssl/stack.h
index 7b95f34..5850275 100644
--- a/include/openssl/stack.h
+++ b/include/openssl/stack.h
@@ -59,8 +59,6 @@
#include <openssl/base.h>
-#include <openssl/type_check.h>
-
#if defined(__cplusplus)
extern "C" {
#endif
diff --git a/include/openssl/type_check.h b/include/openssl/type_check.h
index 41de895..6460ab1 100644
--- a/include/openssl/type_check.h
+++ b/include/openssl/type_check.h
@@ -64,22 +64,6 @@
#endif
-#if defined(__cplusplus) || (defined(_MSC_VER) && !defined(__clang__))
-// In C++ and non-clang MSVC, |static_assert| is a keyword.
-#define OPENSSL_STATIC_ASSERT(cond, msg) static_assert(cond, msg)
-#else
-// C11 defines the |_Static_assert| keyword and the |static_assert| macro in
-// assert.h. While the former is available at all versions in Clang and GCC, the
-// later depends on libc and, in glibc, depends on being built in C11 mode. We
-// require C11 mode to build the library but, for now, do not require it in
-// public headers. Use |_Static_assert| directly.
-//
-// TODO(davidben): In July 2022, if the C11 change has not been reverted, switch
-// all uses of this macro within the library to C11 |static_assert|. This macro
-// will only be necessary in public headers.
-#define OPENSSL_STATIC_ASSERT(cond, msg) _Static_assert(cond, msg)
-#endif
-
// CHECKED_CAST casts |p| from type |from| to type |to|.
//
// TODO(davidben): Although this macro is not public API and is unused in
diff --git a/rust/wrapper.h b/rust/wrapper.h
index aa5aeed..ff63244 100644
--- a/rust/wrapper.h
+++ b/rust/wrapper.h
@@ -70,7 +70,6 @@
#include "../include/openssl/thread.h"
#include "../include/openssl/tls1.h"
#include "../include/openssl/trust_token.h"
-#include "../include/openssl/type_check.h"
#include "../include/openssl/x509.h"
#include "../include/openssl/x509_vfy.h"
#include "../include/openssl/x509v3.h"
diff --git a/ssl/ssl_lib.cc b/ssl/ssl_lib.cc
index 4d3ad44..56bc5c2 100644
--- a/ssl/ssl_lib.cc
+++ b/ssl/ssl_lib.cc
@@ -166,6 +166,10 @@
BSSL_NAMESPACE_BEGIN
+static_assert(SSL3_RT_MAX_ENCRYPTED_OVERHEAD >=
+ SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD,
+ "max overheads are inconsistent");
+
// |SSL_R_UNKNOWN_PROTOCOL| is no longer emitted, but continue to define it
// to avoid downstream churn.
OPENSSL_DECLARE_ERROR_REASON(SSL, UNKNOWN_PROTOCOL)
