1 files changed, 109 insertions, 41 deletions
diff --git a/include/libbb.h b/include/libbb.h
index 27c523cdf..8dc4e4992 100644
--- a/include/libbb.h
+++ b/include/libbb.h
@@ -281,12 +281,26 @@ PUSH_AND_SET_FUNCTION_VISIBILITY_TO_HIDDEN
 # endif
 #endif
-#if ENABLE_FEATURE_TLS_SCHANNEL
+#if ENABLE_FEATURE_TLS_SCHANNEL || ENABLE_FEATURE_USE_CNG_API
 # define SECURITY_WIN32
 # include <windows.h>
 # include <security.h>
 #endif
+#if ENABLE_FEATURE_USE_CNG_API
+# include <bcrypt.h>
+// these work on Windows >= 10
+# define BCRYPT_HMAC_SHA1_ALG_HANDLE   ((BCRYPT_ALG_HANDLE) 0x000000a1)
+# define BCRYPT_HMAC_SHA256_ALG_HANDLE ((BCRYPT_ALG_HANDLE) 0x000000b1)
+# define sha1_begin_hmac BCRYPT_HMAC_SHA1_ALG_HANDLE
+# define sha256_begin_hmac BCRYPT_HMAC_SHA256_ALG_HANDLE
+#else
+# define sha1_begin_hmac sha1_begin
+# define sha256_begin_hmac sha256_begin
+# define hmac_uninit(...) ((void)0)
+#endif
 /* Tested to work correctly with all int types (IIRC :]) */
 #define MAXINT(T) (T)( \
        ((T)-1) > 0 \
@@ -1210,6 +1224,16 @@ char *bin2hex(char *dst, const char *src, int count) FAST_FUNC;
 /* Reverse */
 char* hex2bin(char *dst, const char *src, int count) FAST_FUNC;
+void FAST_FUNC xorbuf_3(void *dst, const void *src1, const void *src2, unsigned count);
+void FAST_FUNC xorbuf(void* buf, const void* mask, unsigned count);
+void FAST_FUNC xorbuf16_aligned_long(void* buf, const void* mask);
+void FAST_FUNC xorbuf64_3_aligned64(void *dst, const void *src1, const void *src2);
+#if BB_UNALIGNED_MEMACCESS_OK
+# define xorbuf16(buf,mask) xorbuf16_aligned_long(buf,mask)
+#else
+void FAST_FUNC xorbuf16(void* buf, const void* mask);
+#endif
 /* Generate a UUID */
 void generate_uuid(uint8_t *buf) FAST_FUNC;
@@ -1924,18 +1948,25 @@ extern char *pw_encrypt(const char *clear, const char *salt, int cleanup) FAST_F
 extern int obscure(const char *old, const char *newval, const struct passwd *pwdp) FAST_FUNC;
 /*
 * rnd is additional random input. New one is returned.
- * Useful if you call crypt_make_salt many times in a row:
+ * Useful if you call crypt_make_rand64encoded many times in a row:
- * rnd = crypt_make_salt(buf1, 4, 0);
+ * rnd = crypt_make_rand64encoded(buf1, 4, 0);
- * rnd = crypt_make_salt(buf2, 4, rnd);
+ * rnd = crypt_make_rand64encoded(buf2, 4, rnd);
- * rnd = crypt_make_salt(buf3, 4, rnd);
+ * rnd = crypt_make_rand64encoded(buf3, 4, rnd);
 * (otherwise we risk having same salt generated)
 */
-extern int crypt_make_salt(char *p, int cnt /*, int rnd*/) FAST_FUNC;
+extern int crypt_make_rand64encoded(char *p, int cnt /*, int rnd*/) FAST_FUNC;
-/* "$N$" + sha_salt_16_bytes + NUL */
+/* Size of char salt[] to hold randomly-generated salt string
-#define MAX_PW_SALT_LEN (3 + 16 + 1)
+ * sha256/512:
+ * "$5$" ["rounds=999999999$"] "<sha_salt_16_chars><NUL>"
+ * "$6$" ["rounds=999999999$"] "<sha_salt_16_chars><NUL>"
+ * #define MAX_PW_SALT_LEN (3 + sizeof("rounds=999999999$")-1 + 16 + 1)
+ * yescrypt:
+ * "$y$" <up to 8 params of up to 6 chars each> "$" <up to 86 chars salt><NUL>
+ * (86 chars are ascii64-encoded 64 binary bytes)
+ */
+#define MAX_PW_SALT_LEN (3 + 8*6 + 1 + 86 + 1)
 extern char* crypt_make_pw_salt(char p[MAX_PW_SALT_LEN], const char *algo) FAST_FUNC;
 /* Returns number of lines changed, or -1 on error */
 #if !(ENABLE_FEATURE_ADDUSER_TO_GROUP || ENABLE_FEATURE_DEL_USER_FROM_GROUP)
 #define update_passwd(filename, username, data, member) \
@@ -2078,6 +2109,10 @@ int64_t windows_read_key(int fd, char *buffer, int timeout) FAST_FUNC;
 int64_t safe_read_key(int fd, char *buffer, int timeout) FAST_FUNC;
 void read_key_ungets(char *buffer, const char *str, unsigned len) FAST_FUNC;
+int check_got_signal_and_poll(struct pollfd pfd[1], int timeout) FAST_FUNC;
+#if ENABLE_PLATFORM_MINGW32
+# define check_got_signal_and_poll(p, t) poll(p, 1, t)
+#endif
 #if ENABLE_FEATURE_EDITING
 /* It's NOT just ENABLEd or disabled. It's a number: */
@@ -2124,7 +2159,7 @@ typedef struct line_input_t {
 # if MAX_HISTORY
        int cnt_history;
        int cur_history;
-        int max_history; /* must never be <= 0 */
+        int max_history; /* must never be < 0 */
 #  if ENABLE_FEATURE_EDITING_SAVEHISTORY
        /* meaning of this field depends on FEATURE_EDITING_SAVE_ON_EXIT:
         * if !FEATURE_EDITING_SAVE_ON_EXIT: "how many lines are
@@ -2331,6 +2366,21 @@ char *decode_base64(char *dst, const char **pp_src) FAST_FUNC;
 char *decode_base32(char *dst, const char **pp_src) FAST_FUNC;
 void read_base64(FILE *src_stream, FILE *dst_stream, int flags) FAST_FUNC;
+int FAST_FUNC i2a64(int i);
+int FAST_FUNC a2i64(char c);
+char* FAST_FUNC num2str64_lsb_first(char *s, unsigned v, int n);
+enum {
+        /* how many bytes XYZ_end() fills */
+        MD5_OUTSIZE    = 16,
+        SHA1_OUTSIZE   = 20,
+        SHA256_OUTSIZE = 32,
+        SHA512_OUTSIZE = 64,
+        SHA3_OUTSIZE   = 28,
+        /* size of input block */
+        SHA2_INSIZE     = 64,
+};
 #if defined CONFIG_FEATURE_USE_CNG_API
 struct bcrypt_hash_ctx_t {
        void *handle;
@@ -2395,6 +2445,7 @@ unsigned sha512_end(sha512_ctx_t *ctx, void *resbuf) FAST_FUNC;
 void sha3_begin(sha3_ctx_t *ctx) FAST_FUNC;
 void sha3_hash(sha3_ctx_t *ctx, const void *buffer, size_t len) FAST_FUNC;
 unsigned sha3_end(sha3_ctx_t *ctx, void *resbuf) FAST_FUNC;
+void FAST_FUNC sha256_block(const void *in, size_t len, uint8_t hash[32]);
 /* TLS benefits from knowing that sha1 and sha256 share these. Give them "agnostic" names too */
 #if defined CONFIG_FEATURE_USE_CNG_API
 typedef struct bcrypt_hash_ctx_t md5sha_ctx_t;
@@ -2405,13 +2456,51 @@ typedef struct md5_ctx_t md5sha_ctx_t;
 #define md5sha_hash md5_hash
 #define sha_end sha1_end
 #endif
-enum {
-        MD5_OUTSIZE    = 16,
+/* RFC 2104 HMAC (hash-based message authentication code) */
-        SHA1_OUTSIZE   = 20,
+#if !ENABLE_FEATURE_USE_CNG_API
-        SHA256_OUTSIZE = 32,
+typedef struct hmac_ctx {
-        SHA512_OUTSIZE = 64,
+        md5sha_ctx_t hashed_key_xor_ipad;
-        SHA3_OUTSIZE   = 28,
+        md5sha_ctx_t hashed_key_xor_opad;
-};
+} hmac_ctx_t;
+#else
+typedef struct bcrypt_hash_ctx_t hmac_ctx_t;
+#endif
+#define HMAC_ONLY_SHA256 (!ENABLE_FEATURE_TLS_SHA1)
+typedef void md5sha_begin_func(md5sha_ctx_t *ctx) FAST_FUNC;
+#if !ENABLE_FEATURE_USE_CNG_API
+#if HMAC_ONLY_SHA256
+#define hmac_begin(ctx,key,key_size,begin) \
+        hmac_begin(ctx,key,key_size)
+#endif
+void FAST_FUNC hmac_begin(hmac_ctx_t *ctx, const uint8_t *key, unsigned key_size, md5sha_begin_func *begin);
+static ALWAYS_INLINE void hmac_hash(hmac_ctx_t *ctx, const void *in, size_t len)
+{
+        md5sha_hash(&ctx->hashed_key_xor_ipad, in, len);
+}
+#else
+# if HMAC_ONLY_SHA256
+#  define hmac_begin(pre,key,key_size,begin) \
+        _hmac_begin(pre, key, key_size, sha256_begin_hmac)
+# else
+#  define hmac_begin _hmac_begin
+# endif
+void _hmac_begin(hmac_ctx_t *pre, uint8_t *key, unsigned key_size,
+        BCRYPT_ALG_HANDLE alg_handle);
+void hmac_uninit(hmac_ctx_t *pre);
+#endif
+unsigned FAST_FUNC hmac_end(hmac_ctx_t *ctx, uint8_t *out);
+#if HMAC_ONLY_SHA256
+#define hmac_block(key,key_size,begin,in,sz,out) \
+        hmac_block(key,key_size,in,sz,out)
+#endif
+unsigned FAST_FUNC hmac_block(const uint8_t *key, unsigned key_size,
+                md5sha_begin_func *begin,
+                const void *in, unsigned sz,
+                uint8_t *out);
+/* HMAC helpers for TLS: */
+void FAST_FUNC hmac_hash_v(hmac_ctx_t *ctx, va_list va);
+unsigned hmac_peek_hash(hmac_ctx_t *ctx, uint8_t *out, ...);
 extern uint32_t *global_crc32_table;
 uint32_t *crc32_filltable(uint32_t *tbl256, int endian) FAST_FUNC;
@@ -2547,31 +2636,10 @@ extern struct globals *BB_GLOBAL_CONST ptr_to_globals;
 #define barrier() asm volatile ("":::"memory")
 #if defined(__clang_major__) && __clang_major__ >= 9
-/* Clang/llvm drops assignment to "constant" storage. Silently.
+/* {ASSIGN,XZALLOC}_CONST_PTR() are out-of-line functions
- * Needs serious convincing to not eliminate the store.
+ * to prevent clang from reading pointer before it is assigned.
- */
-static ALWAYS_INLINE void* not_const_pp(const void *p)
-{
-        void *pp;
-        asm volatile (
-                "# forget that p points to const"
-                : /*outputs*/ "=r" (pp)
-                : /*inputs*/ "0" (p)
-        );
-        return pp;
-}
-# if !ENABLE_PLATFORM_MINGW32
-# define ASSIGN_CONST_PTR(pptr, v) do { \
-        *(void**)not_const_pp(pptr) = (void*)(v); \
-        barrier(); \
-} while (0)
-#else
-/* On Windows it seems necessary for this to be a function too. */
-void ASSIGN_CONST_PTR(const void *pptr, const void *ptr) FAST_FUNC;
-#endif
-/* XZALLOC_CONST_PTR() is an out-of-line function to prevent
- * clang from reading pointer before it is assigned.
 */
+void ASSIGN_CONST_PTR(const void *pptr, void *v) FAST_FUNC;
 void XZALLOC_CONST_PTR(const void *pptr, size_t size) FAST_FUNC;
 #else
 # define ASSIGN_CONST_PTR(pptr, v) do { \

diff --git a/include/libbb.h b/include/libbb.h index 27c523cdf..8dc4e4992 100644 --- a/include/libbb.h +++ b/include/libbb.h
@@ -281,12 +281,26 @@ PUSH_AND_SET_FUNCTION_VISIBILITY_TO_HIDDEN
281	# endif	281	# endif
282	#endif	282	#endif
283		283
284	#if ENABLE_FEATURE_TLS_SCHANNEL	284	#if ENABLE_FEATURE_TLS_SCHANNEL \|\| ENABLE_FEATURE_USE_CNG_API
285	# define SECURITY_WIN32	285	# define SECURITY_WIN32
286	# include <windows.h>	286	# include <windows.h>
287	# include <security.h>	287	# include <security.h>
288	#endif	288	#endif
289		289
		290	#if ENABLE_FEATURE_USE_CNG_API
		291	# include <bcrypt.h>
		292
		293	// these work on Windows >= 10
		294	# define BCRYPT_HMAC_SHA1_ALG_HANDLE ((BCRYPT_ALG_HANDLE) 0x000000a1)
		295	# define BCRYPT_HMAC_SHA256_ALG_HANDLE ((BCRYPT_ALG_HANDLE) 0x000000b1)
		296	# define sha1_begin_hmac BCRYPT_HMAC_SHA1_ALG_HANDLE
		297	# define sha256_begin_hmac BCRYPT_HMAC_SHA256_ALG_HANDLE
		298	#else
		299	# define sha1_begin_hmac sha1_begin
		300	# define sha256_begin_hmac sha256_begin
		301	# define hmac_uninit(...) ((void)0)
		302	#endif
		303
290	/* Tested to work correctly with all int types (IIRC :]) */	304	/* Tested to work correctly with all int types (IIRC :]) */
291	#define MAXINT(T) (T)( \	305	#define MAXINT(T) (T)( \
292	((T)-1) > 0 \	306	((T)-1) > 0 \
@@ -1210,6 +1224,16 @@ char bin2hex(char dst, const char *src, int count) FAST_FUNC;
1210	/* Reverse */	1224	/* Reverse */
1211	char* hex2bin(char dst, const char src, int count) FAST_FUNC;	1225	char* hex2bin(char dst, const char src, int count) FAST_FUNC;
1212		1226
		1227	void FAST_FUNC xorbuf_3(void dst, const void src1, const void *src2, unsigned count);
		1228	void FAST_FUNC xorbuf(void* buf, const void* mask, unsigned count);
		1229	void FAST_FUNC xorbuf16_aligned_long(void* buf, const void* mask);
		1230	void FAST_FUNC xorbuf64_3_aligned64(void dst, const void src1, const void *src2);
		1231	#if BB_UNALIGNED_MEMACCESS_OK
		1232	# define xorbuf16(buf,mask) xorbuf16_aligned_long(buf,mask)
		1233	#else
		1234	void FAST_FUNC xorbuf16(void* buf, const void* mask);
		1235	#endif
		1236
1213	/* Generate a UUID */	1237	/* Generate a UUID */
1214	void generate_uuid(uint8_t *buf) FAST_FUNC;	1238	void generate_uuid(uint8_t *buf) FAST_FUNC;
1215		1239
@@ -1924,18 +1948,25 @@ extern char pw_encrypt(const char clear, const char *salt, int cleanup) FAST_F
1924	extern int obscure(const char old, const char newval, const struct passwd *pwdp) FAST_FUNC;	1948	extern int obscure(const char old, const char newval, const struct passwd *pwdp) FAST_FUNC;
1925	/*	1949	/*
1926	* rnd is additional random input. New one is returned.	1950	* rnd is additional random input. New one is returned.
1927	* Useful if you call crypt_make_salt many times in a row:	1951	* Useful if you call crypt_make_rand64encoded many times in a row:
1928	* rnd = crypt_make_salt(buf1, 4, 0);	1952	* rnd = crypt_make_rand64encoded(buf1, 4, 0);
1929	* rnd = crypt_make_salt(buf2, 4, rnd);	1953	* rnd = crypt_make_rand64encoded(buf2, 4, rnd);
1930	* rnd = crypt_make_salt(buf3, 4, rnd);	1954	* rnd = crypt_make_rand64encoded(buf3, 4, rnd);
1931	* (otherwise we risk having same salt generated)	1955	* (otherwise we risk having same salt generated)
1932	*/	1956	*/
1933	extern int crypt_make_salt(char p, int cnt /, int rnd*/) FAST_FUNC;	1957	extern int crypt_make_rand64encoded(char p, int cnt /, int rnd*/) FAST_FUNC;
1934	/* "$N$" + sha_salt_16_bytes + NUL */	1958	/* Size of char salt[] to hold randomly-generated salt string
1935	#define MAX_PW_SALT_LEN (3 + 16 + 1)	1959	* sha256/512:
		1960	* "$5$" ["rounds=999999999$"] "<sha_salt_16_chars><NUL>"
		1961	* "$6$" ["rounds=999999999$"] "<sha_salt_16_chars><NUL>"
		1962	* #define MAX_PW_SALT_LEN (3 + sizeof("rounds=999999999$")-1 + 16 + 1)
		1963	* yescrypt:
		1964	* "$y$" <up to 8 params of up to 6 chars each> "$" <up to 86 chars salt><NUL>
		1965	* (86 chars are ascii64-encoded 64 binary bytes)
		1966	*/
		1967	#define MAX_PW_SALT_LEN (3 + 8*6 + 1 + 86 + 1)
1936	extern char* crypt_make_pw_salt(char p[MAX_PW_SALT_LEN], const char *algo) FAST_FUNC;	1968	extern char* crypt_make_pw_salt(char p[MAX_PW_SALT_LEN], const char *algo) FAST_FUNC;
1937		1969
1938
1939	/* Returns number of lines changed, or -1 on error */	1970	/* Returns number of lines changed, or -1 on error */
1940	#if !(ENABLE_FEATURE_ADDUSER_TO_GROUP \|\| ENABLE_FEATURE_DEL_USER_FROM_GROUP)	1971	#if !(ENABLE_FEATURE_ADDUSER_TO_GROUP \|\| ENABLE_FEATURE_DEL_USER_FROM_GROUP)
1941	#define update_passwd(filename, username, data, member) \	1972	#define update_passwd(filename, username, data, member) \
@@ -2078,6 +2109,10 @@ int64_t windows_read_key(int fd, char *buffer, int timeout) FAST_FUNC;
2078	int64_t safe_read_key(int fd, char *buffer, int timeout) FAST_FUNC;	2109	int64_t safe_read_key(int fd, char *buffer, int timeout) FAST_FUNC;
2079	void read_key_ungets(char buffer, const char str, unsigned len) FAST_FUNC;	2110	void read_key_ungets(char buffer, const char str, unsigned len) FAST_FUNC;
2080		2111
		2112	int check_got_signal_and_poll(struct pollfd pfd[1], int timeout) FAST_FUNC;
		2113	#if ENABLE_PLATFORM_MINGW32
		2114	# define check_got_signal_and_poll(p, t) poll(p, 1, t)
		2115	#endif
2081		2116
2082	#if ENABLE_FEATURE_EDITING	2117	#if ENABLE_FEATURE_EDITING
2083	/* It's NOT just ENABLEd or disabled. It's a number: */	2118	/* It's NOT just ENABLEd or disabled. It's a number: */
@@ -2124,7 +2159,7 @@ typedef struct line_input_t {
2124	# if MAX_HISTORY	2159	# if MAX_HISTORY
2125	int cnt_history;	2160	int cnt_history;
2126	int cur_history;	2161	int cur_history;
2127	int max_history; /* must never be <= 0 */	2162	int max_history; /* must never be < 0 */
2128	# if ENABLE_FEATURE_EDITING_SAVEHISTORY	2163	# if ENABLE_FEATURE_EDITING_SAVEHISTORY
2129	/* meaning of this field depends on FEATURE_EDITING_SAVE_ON_EXIT:	2164	/* meaning of this field depends on FEATURE_EDITING_SAVE_ON_EXIT:
2130	* if !FEATURE_EDITING_SAVE_ON_EXIT: "how many lines are	2165	* if !FEATURE_EDITING_SAVE_ON_EXIT: "how many lines are
@@ -2331,6 +2366,21 @@ char decode_base64(char dst, const char **pp_src) FAST_FUNC;
2331	char decode_base32(char dst, const char **pp_src) FAST_FUNC;	2366	char decode_base32(char dst, const char **pp_src) FAST_FUNC;
2332	void read_base64(FILE src_stream, FILE dst_stream, int flags) FAST_FUNC;	2367	void read_base64(FILE src_stream, FILE dst_stream, int flags) FAST_FUNC;
2333		2368
		2369	int FAST_FUNC i2a64(int i);
		2370	int FAST_FUNC a2i64(char c);
		2371	char* FAST_FUNC num2str64_lsb_first(char *s, unsigned v, int n);
		2372
		2373	enum {
		2374	/* how many bytes XYZ_end() fills */
		2375	MD5_OUTSIZE = 16,
		2376	SHA1_OUTSIZE = 20,
		2377	SHA256_OUTSIZE = 32,
		2378	SHA512_OUTSIZE = 64,
		2379	SHA3_OUTSIZE = 28,
		2380	/* size of input block */
		2381	SHA2_INSIZE = 64,
		2382	};
		2383
2334	#if defined CONFIG_FEATURE_USE_CNG_API	2384	#if defined CONFIG_FEATURE_USE_CNG_API
2335	struct bcrypt_hash_ctx_t {	2385	struct bcrypt_hash_ctx_t {
2336	void *handle;	2386	void *handle;
@@ -2395,6 +2445,7 @@ unsigned sha512_end(sha512_ctx_t ctx, void resbuf) FAST_FUNC;
2395	void sha3_begin(sha3_ctx_t *ctx) FAST_FUNC;	2445	void sha3_begin(sha3_ctx_t *ctx) FAST_FUNC;
2396	void sha3_hash(sha3_ctx_t ctx, const void buffer, size_t len) FAST_FUNC;	2446	void sha3_hash(sha3_ctx_t ctx, const void buffer, size_t len) FAST_FUNC;
2397	unsigned sha3_end(sha3_ctx_t ctx, void resbuf) FAST_FUNC;	2447	unsigned sha3_end(sha3_ctx_t ctx, void resbuf) FAST_FUNC;
		2448	void FAST_FUNC sha256_block(const void *in, size_t len, uint8_t hash[32]);
2398	/* TLS benefits from knowing that sha1 and sha256 share these. Give them "agnostic" names too */	2449	/* TLS benefits from knowing that sha1 and sha256 share these. Give them "agnostic" names too */
2399	#if defined CONFIG_FEATURE_USE_CNG_API	2450	#if defined CONFIG_FEATURE_USE_CNG_API
2400	typedef struct bcrypt_hash_ctx_t md5sha_ctx_t;	2451	typedef struct bcrypt_hash_ctx_t md5sha_ctx_t;
@@ -2405,13 +2456,51 @@ typedef struct md5_ctx_t md5sha_ctx_t;
2405	#define md5sha_hash md5_hash	2456	#define md5sha_hash md5_hash
2406	#define sha_end sha1_end	2457	#define sha_end sha1_end
2407	#endif	2458	#endif
2408	enum {	2459
2409	MD5_OUTSIZE = 16,	2460	/* RFC 2104 HMAC (hash-based message authentication code) */
2410	SHA1_OUTSIZE = 20,	2461	#if !ENABLE_FEATURE_USE_CNG_API
2411	SHA256_OUTSIZE = 32,	2462	typedef struct hmac_ctx {
2412	SHA512_OUTSIZE = 64,	2463	md5sha_ctx_t hashed_key_xor_ipad;
2413	SHA3_OUTSIZE = 28,	2464	md5sha_ctx_t hashed_key_xor_opad;
2414	};	2465	} hmac_ctx_t;
		2466	#else
		2467	typedef struct bcrypt_hash_ctx_t hmac_ctx_t;
		2468	#endif
		2469	#define HMAC_ONLY_SHA256 (!ENABLE_FEATURE_TLS_SHA1)
		2470	typedef void md5sha_begin_func(md5sha_ctx_t *ctx) FAST_FUNC;
		2471	#if !ENABLE_FEATURE_USE_CNG_API
		2472	#if HMAC_ONLY_SHA256
		2473	#define hmac_begin(ctx,key,key_size,begin) \
		2474	hmac_begin(ctx,key,key_size)
		2475	#endif
		2476	void FAST_FUNC hmac_begin(hmac_ctx_t ctx, const uint8_t key, unsigned key_size, md5sha_begin_func *begin);
		2477	static ALWAYS_INLINE void hmac_hash(hmac_ctx_t ctx, const void in, size_t len)
		2478	{
		2479	md5sha_hash(&ctx->hashed_key_xor_ipad, in, len);
		2480	}
		2481	#else
		2482	# if HMAC_ONLY_SHA256
		2483	# define hmac_begin(pre,key,key_size,begin) \
		2484	_hmac_begin(pre, key, key_size, sha256_begin_hmac)
		2485	# else
		2486	# define hmac_begin _hmac_begin
		2487	# endif
		2488	void _hmac_begin(hmac_ctx_t pre, uint8_t key, unsigned key_size,
		2489	BCRYPT_ALG_HANDLE alg_handle);
		2490	void hmac_uninit(hmac_ctx_t *pre);
		2491	#endif
		2492	unsigned FAST_FUNC hmac_end(hmac_ctx_t ctx, uint8_t out);
		2493	#if HMAC_ONLY_SHA256
		2494	#define hmac_block(key,key_size,begin,in,sz,out) \
		2495	hmac_block(key,key_size,in,sz,out)
		2496	#endif
		2497	unsigned FAST_FUNC hmac_block(const uint8_t *key, unsigned key_size,
		2498	md5sha_begin_func *begin,
		2499	const void *in, unsigned sz,
		2500	uint8_t *out);
		2501	/* HMAC helpers for TLS: */
		2502	void FAST_FUNC hmac_hash_v(hmac_ctx_t *ctx, va_list va);
		2503	unsigned hmac_peek_hash(hmac_ctx_t ctx, uint8_t out, ...);
2415		2504
2416	extern uint32_t *global_crc32_table;	2505	extern uint32_t *global_crc32_table;
2417	uint32_t crc32_filltable(uint32_t tbl256, int endian) FAST_FUNC;	2506	uint32_t crc32_filltable(uint32_t tbl256, int endian) FAST_FUNC;
@@ -2547,31 +2636,10 @@ extern struct globals *BB_GLOBAL_CONST ptr_to_globals;
2547	#define barrier() asm volatile ("":::"memory")	2636	#define barrier() asm volatile ("":::"memory")
2548		2637
2549	#if defined(__clang_major__) && __clang_major__ >= 9	2638	#if defined(__clang_major__) && __clang_major__ >= 9
2550	/* Clang/llvm drops assignment to "constant" storage. Silently.	2639	/* {ASSIGN,XZALLOC}_CONST_PTR() are out-of-line functions
2551	* Needs serious convincing to not eliminate the store.	2640	* to prevent clang from reading pointer before it is assigned.
2552	*/
2553	static ALWAYS_INLINE void* not_const_pp(const void *p)
2554	{
2555	void *pp;
2556	asm volatile (
2557	"# forget that p points to const"
2558	: /outputs/ "=r" (pp)
2559	: /inputs/ "0" (p)
2560	);
2561	return pp;
2562	}
2563	# if !ENABLE_PLATFORM_MINGW32
2564	# define ASSIGN_CONST_PTR(pptr, v) do { \
2565	(void)not_const_pp(pptr) = (void)(v); \
2566	barrier(); \
2567	} while (0)
2568	#else
2569	/* On Windows it seems necessary for this to be a function too. */
2570	void ASSIGN_CONST_PTR(const void pptr, const void ptr) FAST_FUNC;
2571	#endif
2572	/* XZALLOC_CONST_PTR() is an out-of-line function to prevent
2573	* clang from reading pointer before it is assigned.
2574	*/	2641	*/
		2642	void ASSIGN_CONST_PTR(const void pptr, void v) FAST_FUNC;
2575	void XZALLOC_CONST_PTR(const void *pptr, size_t size) FAST_FUNC;	2643	void XZALLOC_CONST_PTR(const void *pptr, size_t size) FAST_FUNC;
2576	#else	2644	#else
2577	# define ASSIGN_CONST_PTR(pptr, v) do { \	2645	# define ASSIGN_CONST_PTR(pptr, v) do { \