aboutsummaryrefslogtreecommitdiffstats
path: root/src/crypto
diff options
context:
space:
mode:
Diffstat (limited to 'src/crypto')
-rw-r--r--src/crypto/cms.c19
-rw-r--r--src/crypto/crypto_null.c24
-rw-r--r--src/crypto/ocsp.c21
-rw-r--r--src/crypto/rsa.c295
-rw-r--r--src/crypto/x509.c13
5 files changed, 205 insertions, 167 deletions
diff --git a/src/crypto/cms.c b/src/crypto/cms.c
index 0b772f1cf..2e153d819 100644
--- a/src/crypto/cms.c
+++ b/src/crypto/cms.c
@@ -612,33 +612,22 @@ static int cms_verify_digest ( struct cms_message *cms,
userptr_t data, size_t len ) {
struct digest_algorithm *digest = part->digest;
struct pubkey_algorithm *pubkey = part->pubkey;
- struct x509_public_key *public_key = &cert->subject.public_key;
+ struct asn1_cursor *key = &cert->subject.public_key.raw;
uint8_t digest_out[ digest->digestsize ];
- uint8_t ctx[ pubkey->ctxsize ];
int rc;
/* Generate digest */
cms_digest ( cms, part, data, len, digest_out );
- /* Initialise public-key algorithm */
- if ( ( rc = pubkey_init ( pubkey, ctx, &public_key->raw ) ) != 0 ) {
- DBGC ( cms, "CMS %p/%p could not initialise public key: %s\n",
- cms, part, strerror ( rc ) );
- goto err_init;
- }
-
/* Verify digest */
- if ( ( rc = pubkey_verify ( pubkey, ctx, digest, digest_out,
+ if ( ( rc = pubkey_verify ( pubkey, key, digest, digest_out,
part->value, part->len ) ) != 0 ) {
DBGC ( cms, "CMS %p/%p signature verification failed: %s\n",
cms, part, strerror ( rc ) );
- goto err_verify;
+ return rc;
}
- err_verify:
- pubkey_final ( pubkey, ctx );
- err_init:
- return rc;
+ return 0;
}
/**
diff --git a/src/crypto/crypto_null.c b/src/crypto/crypto_null.c
index b4169382b..d5863f958 100644
--- a/src/crypto/crypto_null.c
+++ b/src/crypto/crypto_null.c
@@ -93,34 +93,31 @@ struct cipher_algorithm cipher_null = {
.auth = cipher_null_auth,
};
-int pubkey_null_init ( void *ctx __unused,
- const struct asn1_cursor *key __unused ) {
+size_t pubkey_null_max_len ( const struct asn1_cursor *key __unused ) {
return 0;
}
-size_t pubkey_null_max_len ( void *ctx __unused ) {
- return 0;
-}
-
-int pubkey_null_encrypt ( void *ctx __unused, const void *plaintext __unused,
+int pubkey_null_encrypt ( const struct asn1_cursor *key __unused,
+ const void *plaintext __unused,
size_t plaintext_len __unused,
void *ciphertext __unused ) {
return 0;
}
-int pubkey_null_decrypt ( void *ctx __unused, const void *ciphertext __unused,
+int pubkey_null_decrypt ( const struct asn1_cursor *key __unused,
+ const void *ciphertext __unused,
size_t ciphertext_len __unused,
void *plaintext __unused ) {
return 0;
}
-int pubkey_null_sign ( void *ctx __unused,
+int pubkey_null_sign ( const struct asn1_cursor *key __unused,
struct digest_algorithm *digest __unused,
const void *value __unused, void *signature __unused ) {
return 0;
}
-int pubkey_null_verify ( void *ctx __unused,
+int pubkey_null_verify ( const struct asn1_cursor *key __unused,
struct digest_algorithm *digest __unused,
const void *value __unused,
const void *signature __unused ,
@@ -128,18 +125,11 @@ int pubkey_null_verify ( void *ctx __unused,
return 0;
}
-void pubkey_null_final ( void *ctx __unused ) {
- /* Do nothing */
-}
-
struct pubkey_algorithm pubkey_null = {
.name = "null",
- .ctxsize = 0,
- .init = pubkey_null_init,
.max_len = pubkey_null_max_len,
.encrypt = pubkey_null_encrypt,
.decrypt = pubkey_null_decrypt,
.sign = pubkey_null_sign,
.verify = pubkey_null_verify,
- .final = pubkey_null_final,
};
diff --git a/src/crypto/ocsp.c b/src/crypto/ocsp.c
index f35593454..e65f7180a 100644
--- a/src/crypto/ocsp.c
+++ b/src/crypto/ocsp.c
@@ -844,10 +844,9 @@ static int ocsp_check_signature ( struct ocsp_check *ocsp,
struct ocsp_response *response = &ocsp->response;
struct digest_algorithm *digest = response->algorithm->digest;
struct pubkey_algorithm *pubkey = response->algorithm->pubkey;
- struct x509_public_key *public_key = &signer->subject.public_key;
+ struct asn1_cursor *key = &signer->subject.public_key.raw;
uint8_t digest_ctx[ digest->ctxsize ];
uint8_t digest_out[ digest->digestsize ];
- uint8_t pubkey_ctx[ pubkey->ctxsize ];
int rc;
/* Generate digest */
@@ -856,30 +855,18 @@ static int ocsp_check_signature ( struct ocsp_check *ocsp,
response->tbs.len );
digest_final ( digest, digest_ctx, digest_out );
- /* Initialise public-key algorithm */
- if ( ( rc = pubkey_init ( pubkey, pubkey_ctx,
- &public_key->raw ) ) != 0 ) {
- DBGC ( ocsp, "OCSP %p \"%s\" could not initialise public key: "
- "%s\n", ocsp, x509_name ( ocsp->cert ), strerror ( rc ));
- goto err_init;
- }
-
/* Verify digest */
- if ( ( rc = pubkey_verify ( pubkey, pubkey_ctx, digest, digest_out,
+ if ( ( rc = pubkey_verify ( pubkey, key, digest, digest_out,
response->signature.data,
response->signature.len ) ) != 0 ) {
DBGC ( ocsp, "OCSP %p \"%s\" signature verification failed: "
"%s\n", ocsp, x509_name ( ocsp->cert ), strerror ( rc ));
- goto err_verify;
+ return rc;
}
DBGC2 ( ocsp, "OCSP %p \"%s\" signature is correct\n",
ocsp, x509_name ( ocsp->cert ) );
-
- err_verify:
- pubkey_final ( pubkey, pubkey_ctx );
- err_init:
- return rc;
+ return 0;
}
/**
diff --git a/src/crypto/rsa.c b/src/crypto/rsa.c
index 2d288a953..19472c121 100644
--- a/src/crypto/rsa.c
+++ b/src/crypto/rsa.c
@@ -47,6 +47,28 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
#define EINFO_EACCES_VERIFY \
__einfo_uniqify ( EINFO_EACCES, 0x01, "RSA signature incorrect" )
+/** An RSA context */
+struct rsa_context {
+ /** Allocated memory */
+ void *dynamic;
+ /** Modulus */
+ bigint_element_t *modulus0;
+ /** Modulus size */
+ unsigned int size;
+ /** Modulus length */
+ size_t max_len;
+ /** Exponent */
+ bigint_element_t *exponent0;
+ /** Exponent size */
+ unsigned int exponent_size;
+ /** Input buffer */
+ bigint_element_t *input0;
+ /** Output buffer */
+ bigint_element_t *output0;
+ /** Temporary working space for modular exponentiation */
+ void *tmp;
+};
+
/**
* Identify RSA prefix
*
@@ -69,10 +91,9 @@ rsa_find_prefix ( struct digest_algorithm *digest ) {
*
* @v context RSA context
*/
-static void rsa_free ( struct rsa_context *context ) {
+static inline void rsa_free ( struct rsa_context *context ) {
free ( context->dynamic );
- context->dynamic = NULL;
}
/**
@@ -98,9 +119,6 @@ static int rsa_alloc ( struct rsa_context *context, size_t modulus_len,
uint8_t tmp[tmp_len];
} __attribute__ (( packed )) *dynamic;
- /* Free any existing dynamic storage */
- rsa_free ( context );
-
/* Allocate dynamic storage */
dynamic = malloc ( sizeof ( *dynamic ) );
if ( ! dynamic )
@@ -231,12 +249,12 @@ static int rsa_parse_mod_exp ( struct asn1_cursor *modulus,
/**
* Initialise RSA cipher
*
- * @v ctx RSA context
+ * @v context RSA context
* @v key Key
* @ret rc Return status code
*/
-static int rsa_init ( void *ctx, const struct asn1_cursor *key ) {
- struct rsa_context *context = ctx;
+static int rsa_init ( struct rsa_context *context,
+ const struct asn1_cursor *key ) {
struct asn1_cursor modulus;
struct asn1_cursor exponent;
int rc;
@@ -277,13 +295,22 @@ static int rsa_init ( void *ctx, const struct asn1_cursor *key ) {
/**
* Calculate RSA maximum output length
*
- * @v ctx RSA context
+ * @v key Key
* @ret max_len Maximum output length
*/
-static size_t rsa_max_len ( void *ctx ) {
- struct rsa_context *context = ctx;
+static size_t rsa_max_len ( const struct asn1_cursor *key ) {
+ struct asn1_cursor modulus;
+ struct asn1_cursor exponent;
+ int rc;
- return context->max_len;
+ /* Parse moduli and exponents */
+ if ( ( rc = rsa_parse_mod_exp ( &modulus, &exponent, key ) ) != 0 ) {
+ /* Return a zero maximum length on error */
+ return 0;
+ }
+
+ /* Output length can never exceed modulus length */
+ return modulus.len;
}
/**
@@ -314,111 +341,147 @@ static void rsa_cipher ( struct rsa_context *context,
/**
* Encrypt using RSA
*
- * @v ctx RSA context
+ * @v key Key
* @v plaintext Plaintext
* @v plaintext_len Length of plaintext
* @v ciphertext Ciphertext
* @ret ciphertext_len Length of ciphertext, or negative error
*/
-static int rsa_encrypt ( void *ctx, const void *plaintext,
+static int rsa_encrypt ( const struct asn1_cursor *key, const void *plaintext,
size_t plaintext_len, void *ciphertext ) {
- struct rsa_context *context = ctx;
+ struct rsa_context context;
void *temp;
uint8_t *encoded;
- size_t max_len = ( context->max_len - 11 );
- size_t random_nz_len = ( max_len - plaintext_len + 8 );
+ size_t max_len;
+ size_t random_nz_len;
int rc;
+ DBGC ( &context, "RSA %p encrypting:\n", &context );
+ DBGC_HDA ( &context, 0, plaintext, plaintext_len );
+
+ /* Initialise context */
+ if ( ( rc = rsa_init ( &context, key ) ) != 0 )
+ goto err_init;
+
+ /* Calculate lengths */
+ max_len = ( context.max_len - 11 );
+ random_nz_len = ( max_len - plaintext_len + 8 );
+
/* Sanity check */
if ( plaintext_len > max_len ) {
- DBGC ( context, "RSA %p plaintext too long (%zd bytes, max "
- "%zd)\n", context, plaintext_len, max_len );
- return -ERANGE;
+ DBGC ( &context, "RSA %p plaintext too long (%zd bytes, max "
+ "%zd)\n", &context, plaintext_len, max_len );
+ rc = -ERANGE;
+ goto err_sanity;
}
- DBGC ( context, "RSA %p encrypting:\n", context );
- DBGC_HDA ( context, 0, plaintext, plaintext_len );
/* Construct encoded message (using the big integer output
* buffer as temporary storage)
*/
- temp = context->output0;
+ temp = context.output0;
encoded = temp;
encoded[0] = 0x00;
encoded[1] = 0x02;
if ( ( rc = get_random_nz ( &encoded[2], random_nz_len ) ) != 0 ) {
- DBGC ( context, "RSA %p could not generate random data: %s\n",
- context, strerror ( rc ) );
- return rc;
+ DBGC ( &context, "RSA %p could not generate random data: %s\n",
+ &context, strerror ( rc ) );
+ goto err_random;
}
encoded[ 2 + random_nz_len ] = 0x00;
- memcpy ( &encoded[ context->max_len - plaintext_len ],
+ memcpy ( &encoded[ context.max_len - plaintext_len ],
plaintext, plaintext_len );
/* Encipher the encoded message */
- rsa_cipher ( context, encoded, ciphertext );
- DBGC ( context, "RSA %p encrypted:\n", context );
- DBGC_HDA ( context, 0, ciphertext, context->max_len );
+ rsa_cipher ( &context, encoded, ciphertext );
+ DBGC ( &context, "RSA %p encrypted:\n", &context );
+ DBGC_HDA ( &context, 0, ciphertext, context.max_len );
+
+ /* Free context */
+ rsa_free ( &context );
- return context->max_len;
+ return context.max_len;
+
+ err_random:
+ err_sanity:
+ rsa_free ( &context );
+ err_init:
+ return rc;
}
/**
* Decrypt using RSA
*
- * @v ctx RSA context
+ * @v key Key
* @v ciphertext Ciphertext
* @v ciphertext_len Ciphertext length
* @v plaintext Plaintext
* @ret plaintext_len Plaintext length, or negative error
*/
-static int rsa_decrypt ( void *ctx, const void *ciphertext,
+static int rsa_decrypt ( const struct asn1_cursor *key, const void *ciphertext,
size_t ciphertext_len, void *plaintext ) {
- struct rsa_context *context = ctx;
+ struct rsa_context context;
void *temp;
uint8_t *encoded;
uint8_t *end;
uint8_t *zero;
uint8_t *start;
size_t plaintext_len;
+ int rc;
+
+ DBGC ( &context, "RSA %p decrypting:\n", &context );
+ DBGC_HDA ( &context, 0, ciphertext, ciphertext_len );
+
+ /* Initialise context */
+ if ( ( rc = rsa_init ( &context, key ) ) != 0 )
+ goto err_init;
/* Sanity check */
- if ( ciphertext_len != context->max_len ) {
- DBGC ( context, "RSA %p ciphertext incorrect length (%zd "
+ if ( ciphertext_len != context.max_len ) {
+ DBGC ( &context, "RSA %p ciphertext incorrect length (%zd "
"bytes, should be %zd)\n",
- context, ciphertext_len, context->max_len );
- return -ERANGE;
+ &context, ciphertext_len, context.max_len );
+ rc = -ERANGE;
+ goto err_sanity;
}
- DBGC ( context, "RSA %p decrypting:\n", context );
- DBGC_HDA ( context, 0, ciphertext, ciphertext_len );
/* Decipher the message (using the big integer input buffer as
* temporary storage)
*/
- temp = context->input0;
+ temp = context.input0;
encoded = temp;
- rsa_cipher ( context, ciphertext, encoded );
+ rsa_cipher ( &context, ciphertext, encoded );
/* Parse the message */
- end = ( encoded + context->max_len );
- if ( ( encoded[0] != 0x00 ) || ( encoded[1] != 0x02 ) )
- goto invalid;
+ end = ( encoded + context.max_len );
+ if ( ( encoded[0] != 0x00 ) || ( encoded[1] != 0x02 ) ) {
+ rc = -EINVAL;
+ goto err_invalid;
+ }
zero = memchr ( &encoded[2], 0, ( end - &encoded[2] ) );
- if ( ! zero )
- goto invalid;
+ if ( ! zero ) {
+ rc = -EINVAL;
+ goto err_invalid;
+ }
start = ( zero + 1 );
plaintext_len = ( end - start );
/* Copy out message */
memcpy ( plaintext, start, plaintext_len );
- DBGC ( context, "RSA %p decrypted:\n", context );
- DBGC_HDA ( context, 0, plaintext, plaintext_len );
+ DBGC ( &context, "RSA %p decrypted:\n", &context );
+ DBGC_HDA ( &context, 0, plaintext, plaintext_len );
+
+ /* Free context */
+ rsa_free ( &context );
return plaintext_len;
- invalid:
- DBGC ( context, "RSA %p invalid decrypted message:\n", context );
- DBGC_HDA ( context, 0, encoded, context->max_len );
- return -EINVAL;
+ err_invalid:
+ DBGC ( &context, "RSA %p invalid decrypted message:\n", &context );
+ DBGC_HDA ( &context, 0, encoded, context.max_len );
+ err_sanity:
+ rsa_free ( &context );
+ err_init:
+ return rc;
}
/**
@@ -452,9 +515,9 @@ static int rsa_encode_digest ( struct rsa_context *context,
/* Sanity check */
max_len = ( context->max_len - 11 );
if ( digestinfo_len > max_len ) {
- DBGC ( context, "RSA %p %s digestInfo too long (%zd bytes, max"
- "%zd)\n",
- context, digest->name, digestinfo_len, max_len );
+ DBGC ( context, "RSA %p %s digestInfo too long (%zd bytes, "
+ "max %zd)\n", context, digest->name, digestinfo_len,
+ max_len );
return -ERANGE;
}
DBGC ( context, "RSA %p encoding %s digest:\n",
@@ -482,104 +545,125 @@ static int rsa_encode_digest ( struct rsa_context *context,
/**
* Sign digest value using RSA
*
- * @v ctx RSA context
+ * @v key Key
* @v digest Digest algorithm
* @v value Digest value
* @v signature Signature
* @ret signature_len Signature length, or negative error
*/
-static int rsa_sign ( void *ctx, struct digest_algorithm *digest,
- const void *value, void *signature ) {
- struct rsa_context *context = ctx;
+static int rsa_sign ( const struct asn1_cursor *key,
+ struct digest_algorithm *digest, const void *value,
+ void *signature ) {
+ struct rsa_context context;
void *temp;
int rc;
- DBGC ( context, "RSA %p signing %s digest:\n", context, digest->name );
- DBGC_HDA ( context, 0, value, digest->digestsize );
+ DBGC ( &context, "RSA %p signing %s digest:\n",
+ &context, digest->name );
+ DBGC_HDA ( &context, 0, value, digest->digestsize );
+
+ /* Initialise context */
+ if ( ( rc = rsa_init ( &context, key ) ) != 0 )
+ goto err_init;
/* Encode digest (using the big integer output buffer as
* temporary storage)
*/
- temp = context->output0;
- if ( ( rc = rsa_encode_digest ( context, digest, value, temp ) ) != 0 )
- return rc;
+ temp = context.output0;
+ if ( ( rc = rsa_encode_digest ( &context, digest, value, temp ) ) != 0 )
+ goto err_encode;
/* Encipher the encoded digest */
- rsa_cipher ( context, temp, signature );
- DBGC ( context, "RSA %p signed %s digest:\n", context, digest->name );
- DBGC_HDA ( context, 0, signature, context->max_len );
+ rsa_cipher ( &context, temp, signature );
+ DBGC ( &context, "RSA %p signed %s digest:\n", &context, digest->name );
+ DBGC_HDA ( &context, 0, signature, context.max_len );
+
+ /* Free context */
+ rsa_free ( &context );
- return context->max_len;
+ return context.max_len;
+
+ err_encode:
+ rsa_free ( &context );
+ err_init:
+ return rc;
}
/**
* Verify signed digest value using RSA
*
- * @v ctx RSA context
+ * @v key Key
* @v digest Digest algorithm
* @v value Digest value
* @v signature Signature
* @v signature_len Signature length
* @ret rc Return status code
*/
-static int rsa_verify ( void *ctx, struct digest_algorithm *digest,
- const void *value, const void *signature,
- size_t signature_len ) {
- struct rsa_context *context = ctx;
+static int rsa_verify ( const struct asn1_cursor *key,
+ struct digest_algorithm *digest, const void *value,
+ const void *signature, size_t signature_len ) {
+ struct rsa_context context;
void *temp;
void *expected;
void *actual;
int rc;
+ DBGC ( &context, "RSA %p verifying %s digest:\n",
+ &context, digest->name );
+ DBGC_HDA ( &context, 0, value, digest->digestsize );
+ DBGC_HDA ( &context, 0, signature, signature_len );
+
+ /* Initialise context */
+ if ( ( rc = rsa_init ( &context, key ) ) != 0 )
+ goto err_init;
+
/* Sanity check */
- if ( signature_len != context->max_len ) {
- DBGC ( context, "RSA %p signature incorrect length (%zd "
+ if ( signature_len != context.max_len ) {
+ DBGC ( &context, "RSA %p signature incorrect length (%zd "
"bytes, should be %zd)\n",
- context, signature_len, context->max_len );
- return -ERANGE;
+ &context, signature_len, context.max_len );
+ rc = -ERANGE;
+ goto err_sanity;
}
- DBGC ( context, "RSA %p verifying %s digest:\n",
- context, digest->name );
- DBGC_HDA ( context, 0, value, digest->digestsize );
- DBGC_HDA ( context, 0, signature, signature_len );
/* Decipher the signature (using the big integer input buffer
* as temporary storage)
*/
- temp = context->input0;
+ temp = context.input0;
expected = temp;
- rsa_cipher ( context, signature, expected );
- DBGC ( context, "RSA %p deciphered signature:\n", context );
- DBGC_HDA ( context, 0, expected, context->max_len );
+ rsa_cipher ( &context, signature, expected );
+ DBGC ( &context, "RSA %p deciphered signature:\n", &context );
+ DBGC_HDA ( &context, 0, expected, context.max_len );
/* Encode digest (using the big integer output buffer as
* temporary storage)
*/
- temp = context->output0;
+ temp = context.output0;
actual = temp;
- if ( ( rc = rsa_encode_digest ( context, digest, value, actual ) ) !=0 )
- return rc;
+ if ( ( rc = rsa_encode_digest ( &context, digest, value,
+ actual ) ) != 0 )
+ goto err_encode;
/* Verify the signature */
- if ( memcmp ( actual, expected, context->max_len ) != 0 ) {
- DBGC ( context, "RSA %p signature verification failed\n",
- context );
- return -EACCES_VERIFY;
+ if ( memcmp ( actual, expected, context.max_len ) != 0 ) {
+ DBGC ( &context, "RSA %p signature verification failed\n",
+ &context );
+ rc = -EACCES_VERIFY;
+ goto err_verify;
}
- DBGC ( context, "RSA %p signature verified successfully\n", context );
- return 0;
-}
+ /* Free context */
+ rsa_free ( &context );
-/**
- * Finalise RSA cipher
- *
- * @v ctx RSA context
- */
-static void rsa_final ( void *ctx ) {
- struct rsa_context *context = ctx;
+ DBGC ( &context, "RSA %p signature verified successfully\n", &context );
+ return 0;
- rsa_free ( context );
+ err_verify:
+ err_encode:
+ err_sanity:
+ rsa_free ( &context );
+ err_init:
+ return rc;
}
/**
@@ -615,14 +699,11 @@ static int rsa_match ( const struct asn1_cursor *private_key,
/** RSA public-key algorithm */
struct pubkey_algorithm rsa_algorithm = {
.name = "rsa",
- .ctxsize = RSA_CTX_SIZE,
- .init = rsa_init,
.max_len = rsa_max_len,
.encrypt = rsa_encrypt,
.decrypt = rsa_decrypt,
.sign = rsa_sign,
.verify = rsa_verify,
- .final = rsa_final,
.match = rsa_match,
};
diff --git a/src/crypto/x509.c b/src/crypto/x509.c
index c0762740e..4101c8094 100644
--- a/src/crypto/x509.c
+++ b/src/crypto/x509.c
@@ -1125,7 +1125,6 @@ static int x509_check_signature ( struct x509_certificate *cert,
struct pubkey_algorithm *pubkey = algorithm->pubkey;
uint8_t digest_ctx[ digest->ctxsize ];
uint8_t digest_out[ digest->digestsize ];
- uint8_t pubkey_ctx[ pubkey->ctxsize ];
int rc;
/* Sanity check */
@@ -1149,14 +1148,8 @@ static int x509_check_signature ( struct x509_certificate *cert,
}
/* Verify signature using signer's public key */
- if ( ( rc = pubkey_init ( pubkey, pubkey_ctx,
- &public_key->raw ) ) != 0 ) {
- DBGC ( cert, "X509 %p \"%s\" cannot initialise public key: "
- "%s\n", cert, x509_name ( cert ), strerror ( rc ) );
- goto err_pubkey_init;
- }
- if ( ( rc = pubkey_verify ( pubkey, pubkey_ctx, digest, digest_out,
- signature->value.data,
+ if ( ( rc = pubkey_verify ( pubkey, &public_key->raw, digest,
+ digest_out, signature->value.data,
signature->value.len ) ) != 0 ) {
DBGC ( cert, "X509 %p \"%s\" signature verification failed: "
"%s\n", cert, x509_name ( cert ), strerror ( rc ) );
@@ -1167,8 +1160,6 @@ static int x509_check_signature ( struct x509_certificate *cert,
rc = 0;
err_pubkey_verify:
- pubkey_final ( pubkey, pubkey_ctx );
- err_pubkey_init:
err_mismatch:
return rc;
}
generated by cgit (git 2.34.1) at 2025-02-23 05:20:31 +0000