Update to OpenSSL 3.2.0

Source commit: c708cd643dbbef248d19db5abc595bdccb04a36a

libs/openssl/Makefile

@@ -21,7 +21,8 @@ CFLAG= \
     -DMD5_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRMD160_ASM \
     -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m \
     -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_WHIRLPOOL \
-    -DOPENSSL_NO_SEED -DOPENSSL_NO_CAPIENG -DOPENSSL_NO_ENGINE \
+    -DOPENSSL_NO_SEED -DOPENSSL_NO_CAPIENG -DOPENSSL_NO_ENGINE -DOPENSSL_NO_ZLIB \
+    -DOPENSSL_NO_QUIC -DOPENSSL_NO_BROTLI -DOPENSSL_NO_COMP -DOPENSSL_NO_COMP_ALG \
     -DNO_INTERLOCKEDOR64 \
     -DWINSCP
 
@@ -72,7 +73,7 @@ LIBS_DEP=$(O_CRYPTO) $(O_SSL)
 
 #############################################
 SSLOBJ= \
-    $(OBJ_D)\s3_lib.obj $(OBJ_D)\s3_enc.obj $(OBJ_D)\s3_cbc.obj $(OBJ_D)\s3_msg.obj \
+    $(OBJ_D)\s3_lib.obj $(OBJ_D)\s3_enc.obj $(OBJ_D)\s3_msg.obj \
     $(OBJ_D)\t1_lib.obj $(OBJ_D)\t1_enc.obj \
     $(OBJ_D)\tls_srp.obj \
     $(OBJ_D)\tls13_enc.obj \
@@ -84,14 +85,21 @@ SSLOBJ= \
     $(OBJ_D)\pqueue.obj $(OBJ_D)\methods.obj \
     $(OBJ_D)\ssl_conf.obj \
     $(OBJ_D)\tls_depr.obj \
+    $(OBJ_D)\ssl_cert_comp.obj \
     $(OBJ_D)\statem.obj \
     $(OBJ_D)\statem_clnt.obj $(OBJ_D)\statem_dtls.obj $(OBJ_D)\statem_lib.obj $(OBJ_D)\statem_srvr.obj \
     $(OBJ_D)\extensions.obj \
     $(OBJ_D)\extensions_clnt.obj $(OBJ_D)\extensions_cust.obj $(OBJ_D)\extensions_srvr.obj \
     $(OBJ_D)\rec_layer_s3.obj $(OBJ_D)\rec_layer_d1.obj \
-    $(OBJ_D)\ssl3_record.obj $(OBJ_D)\ssl3_record_tls13.obj $(OBJ_D)\ssl3_buffer.obj \
-    $(OBJ_D)\dtls1_bitmap.obj \
-    $(OBJ_D)\tls_pad.obj
+    $(OBJ_D)\ssl3_cbc.obj \
+    $(OBJ_D)\tls_pad.obj \
+    $(OBJ_D)\dtls_meth.obj \
+    $(OBJ_D)\tls_common.obj \
+    $(OBJ_D)\tlsany_meth.obj \
+    $(OBJ_D)\tls13_meth.obj \
+    $(OBJ_D)\tls1_meth.obj \
+    $(OBJ_D)\ssl3_meth.obj \
+    $(OBJ_D)\tls_multib.obj
 
 CRYPTOOBJ= \
     $(OBJ_D)\cryptlib.obj $(OBJ_D)\ctype.obj $(OBJ_D)\init.obj $(OBJ_D)\mem.obj \
@@ -100,16 +108,17 @@ CRYPTOOBJ= \
     $(OBJ_D)\o_fopen.obj $(OBJ_D)\getenv.obj $(OBJ_D)\mem_sec.obj $(OBJ_D)\threads_win.obj \
     $(OBJ_D)\packet.obj $(OBJ_D)\bsearch.obj $(OBJ_D)\context.obj $(OBJ_D)\cpuid.obj \
     $(OBJ_D)\initthread.obj $(OBJ_D)\param_build_set.obj $(OBJ_D)\params.obj $(OBJ_D)\params_dup.obj \
-    $(OBJ_D)\sparse_array.obj $(OBJ_D)\provider.obj $(OBJ_D)\provider_core.obj $(OBJ_D)\provider_conf.obj \
-    $(OBJ_D)\provider_child.obj $(OBJ_D)\provider_predefined.obj $(OBJ_D)\core_algorithm.obj $(OBJ_D)\core_namemap.obj \
-    $(OBJ_D)\core_fetch.obj $(OBJ_D)\asn1_dsa.obj $(OBJ_D)\self_test_core.obj $(OBJ_D)\passphrase.obj \
-    $(OBJ_D)\punycode.obj $(OBJ_D)\param_build.obj $(OBJ_D)\params_from_text.obj $(OBJ_D)\trace.obj \
-    $(OBJ_D)\der_writer.obj \
+    $(OBJ_D)\params_idx.obj $(OBJ_D)\sparse_array.obj $(OBJ_D)\provider.obj $(OBJ_D)\provider_core.obj \
+    $(OBJ_D)\provider_conf.obj $(OBJ_D)\provider_child.obj $(OBJ_D)\provider_predefined.obj $(OBJ_D)\core_algorithm.obj \
+    $(OBJ_D)\core_namemap.obj $(OBJ_D)\core_fetch.obj $(OBJ_D)\asn1_dsa.obj $(OBJ_D)\self_test_core.obj \
+    $(OBJ_D)\passphrase.obj $(OBJ_D)\punycode.obj $(OBJ_D)\param_build.obj $(OBJ_D)\params_from_text.obj \
+    $(OBJ_D)\trace.obj $(OBJ_D)\der_writer.obj $(OBJ_D)\sleep.obj $(OBJ_D)\deterministic_nonce.obj \
+    $(OBJ_D)\time.obj \
     $(OBJ_D)\md4_dgst.obj $(OBJ_D)\md4_one.obj \
     $(OBJ_D)\md5_dgst.obj $(OBJ_D)\md5_one.obj $(OBJ_D)\md5_sha1.obj \
     $(OBJ_D)\cbc128.obj $(OBJ_D)\cfb128.obj $(OBJ_D)\ofb128.obj $(OBJ_D)\ccm128.obj \
-    $(OBJ_D)\gcm128.obj $(OBJ_D)\xts128.obj $(OBJ_D)\wrap128.obj $(OBJ_D)\ctr128.obj \
-    $(OBJ_D)\ocb128.obj $(OBJ_D)\siv128.obj \
+    $(OBJ_D)\gcm128.obj $(OBJ_D)\xts128.obj $(OBJ_D)\xts128gb.obj $(OBJ_D)\wrap128.obj \
+    $(OBJ_D)\ctr128.obj $(OBJ_D)\ocb128.obj $(OBJ_D)\siv128.obj \
     $(OBJ_D)\sha1dgst.obj $(OBJ_D)\sha1_one.obj $(OBJ_D)\sha256.obj $(OBJ_D)\sha512.obj \
     $(OBJ_D)\keccak1600.obj $(OBJ_D)\sha3.obj \
     $(OBJ_D)\hmac.obj \
@@ -154,16 +163,17 @@ CRYPTOOBJ= \
     $(OBJ_D)\buffer.obj $(OBJ_D)\buf_err.obj \
     $(OBJ_D)\bio_lib.obj $(OBJ_D)\bio_cb.obj $(OBJ_D)\bio_err.obj $(OBJ_D)\bss_mem.obj \
     $(OBJ_D)\bss_null.obj $(OBJ_D)\bss_fd.obj $(OBJ_D)\bss_file.obj $(OBJ_D)\bss_sock.obj \
-    $(OBJ_D)\bf_null.obj $(OBJ_D)\bf_buff.obj $(OBJ_D)\bf_nbio.obj $(OBJ_D)\bf_prefix.obj \
-    $(OBJ_D)\bf_readbuff.obj $(OBJ_D)\bio_addr.obj $(OBJ_D)\bio_dump.obj $(OBJ_D)\bio_meth.obj \
-    $(OBJ_D)\bio_print.obj $(OBJ_D)\bio_sock.obj $(OBJ_D)\bio_sock2.obj $(OBJ_D)\bss_bio.obj \
-    $(OBJ_D)\bss_conn.obj $(OBJ_D)\bss_log.obj $(OBJ_D)\bss_acpt.obj $(OBJ_D)\bss_core.obj \
-    $(OBJ_D)\ossl_core_bio.obj \
+    $(OBJ_D)\bss_dgram.obj $(OBJ_D)\bss_dgram_pair.obj $(OBJ_D)\bf_null.obj $(OBJ_D)\bf_buff.obj \
+    $(OBJ_D)\bf_nbio.obj $(OBJ_D)\bf_prefix.obj $(OBJ_D)\bf_readbuff.obj $(OBJ_D)\bio_addr.obj \
+    $(OBJ_D)\bio_dump.obj $(OBJ_D)\bio_meth.obj $(OBJ_D)\bio_print.obj $(OBJ_D)\bio_sock.obj \
+    $(OBJ_D)\bio_sock2.obj $(OBJ_D)\bss_bio.obj $(OBJ_D)\bss_conn.obj $(OBJ_D)\bss_log.obj \
+    $(OBJ_D)\bss_acpt.obj $(OBJ_D)\bss_core.obj $(OBJ_D)\ossl_core_bio.obj \
     $(OBJ_D)\stack.obj \
     $(OBJ_D)\lhash.obj $(OBJ_D)\lh_stats.obj \
     $(OBJ_D)\rand_lib.obj $(OBJ_D)\rand_err.obj $(OBJ_D)\rand_egd.obj $(OBJ_D)\rand_win.obj \
-    $(OBJ_D)\rand_pool.obj $(OBJ_D)\rand_meth.obj $(OBJ_D)\prov_seed.obj \
+    $(OBJ_D)\rand_pool.obj $(OBJ_D)\rand_meth.obj $(OBJ_D)\prov_seed.obj $(OBJ_D)\rand_uniform.obj \
     $(OBJ_D)\err.obj $(OBJ_D)\err_all.obj $(OBJ_D)\err_prn.obj $(OBJ_D)\err_blocks.obj \
+    $(OBJ_D)\err_mark.obj $(OBJ_D)\err_save.obj \
     $(OBJ_D)\o_names.obj $(OBJ_D)\obj_dat.obj $(OBJ_D)\obj_lib.obj $(OBJ_D)\obj_err.obj \
     $(OBJ_D)\obj_xref.obj \
     $(OBJ_D)\encode.obj $(OBJ_D)\digest.obj $(OBJ_D)\evp_enc.obj $(OBJ_D)\evp_key.obj \
@@ -222,7 +232,9 @@ CRYPTOOBJ= \
     $(OBJ_D)\v3_ncons.obj $(OBJ_D)\v3_pcia.obj $(OBJ_D)\v3_pci.obj $(OBJ_D)\pcy_cache.obj \
     $(OBJ_D)\pcy_node.obj $(OBJ_D)\pcy_data.obj $(OBJ_D)\pcy_map.obj $(OBJ_D)\pcy_tree.obj \
     $(OBJ_D)\pcy_lib.obj $(OBJ_D)\v3_asid.obj $(OBJ_D)\v3_addr.obj $(OBJ_D)\v3_tlsf.obj \
-    $(OBJ_D)\v3_admis.obj $(OBJ_D)\v3_utf8.obj $(OBJ_D)\v3_ist.obj \
+    $(OBJ_D)\v3_admis.obj $(OBJ_D)\v3_utf8.obj $(OBJ_D)\v3_ist.obj $(OBJ_D)\v3_no_rev_avail.obj \
+    $(OBJ_D)\v3_soa_id.obj $(OBJ_D)\v3_ind_iss.obj $(OBJ_D)\v3_no_ass.obj $(OBJ_D)\v3_single_use.obj \
+    $(OBJ_D)\v3_group_ac.obj \
     $(OBJ_D)\conf_err.obj $(OBJ_D)\conf_lib.obj $(OBJ_D)\conf_api.obj $(OBJ_D)\conf_def.obj \
     $(OBJ_D)\conf_mod.obj $(OBJ_D)\conf_mall.obj $(OBJ_D)\conf_sap.obj $(OBJ_D)\conf_ssl.obj \
     $(OBJ_D)\pk7_asn1.obj $(OBJ_D)\pk7_lib.obj $(OBJ_D)\pkcs7err.obj $(OBJ_D)\pk7_doit.obj \
@@ -280,6 +292,9 @@ CRYPTOOBJ= \
     $(OBJ_D)\encoder_lib.obj $(OBJ_D)\encoder_pkey.obj \
     $(OBJ_D)\ffc_params.obj $(OBJ_D)\ffc_params_validate.obj $(OBJ_D)\ffc_params_generate.obj $(OBJ_D)\ffc_key_generate.obj \
     $(OBJ_D)\ffc_key_validate.obj $(OBJ_D)\ffc_dh.obj $(OBJ_D)\ffc_backend.obj \
+    $(OBJ_D)\hpke_util.obj \
+    $(OBJ_D)\internal.obj $(OBJ_D)\arch.obj \
+    $(OBJ_D)\thread_win.obj \
     $(OBJ_D)\prov_running.obj $(OBJ_D)\nullprov.obj $(OBJ_D)\baseprov.obj $(OBJ_D)\defltprov.obj \
     $(OBJ_D)\bio_prov.obj $(OBJ_D)\digest_to_nid.obj $(OBJ_D)\provider_err.obj $(OBJ_D)\provider_ctx.obj \
     $(OBJ_D)\provider_util.obj $(OBJ_D)\provider_seeding.obj $(OBJ_D)\securitycheck.obj $(OBJ_D)\securitycheck_default.obj \
@@ -298,30 +313,32 @@ CRYPTOOBJ= \
     $(OBJ_D)\ciphercommon.obj $(OBJ_D)\cipher_cts.obj $(OBJ_D)\cipher_aes_hw.obj $(OBJ_D)\cipher_aria.obj \
     $(OBJ_D)\cipher_aria_ccm.obj $(OBJ_D)\cipher_aria_ccm_hw.obj $(OBJ_D)\cipher_aes_xts.obj $(OBJ_D)\cipher_aes_xts_hw.obj \
     $(OBJ_D)\cipher_aes_ocb.obj $(OBJ_D)\cipher_aes_ocb_hw.obj $(OBJ_D)\cipher_aes_siv.obj $(OBJ_D)\cipher_aes_siv_hw.obj \
-    $(OBJ_D)\cipher_aes_gcm.obj $(OBJ_D)\cipher_aes_gcm_hw.obj $(OBJ_D)\cipher_aes_ccm.obj $(OBJ_D)\cipher_aes_ccm_hw.obj \
-    $(OBJ_D)\cipher_aes_wrp.obj $(OBJ_D)\cipher_aes_cbc_hmac_sha.obj $(OBJ_D)\cipher_aes_cbc_hmac_sha1_hw.obj $(OBJ_D)\cipher_aes_cbc_hmac_sha256_hw.obj \
-    $(OBJ_D)\cipher_aes_xts_fips.obj $(OBJ_D)\cipher_aria_gcm.obj $(OBJ_D)\cipher_aria_gcm_hw.obj $(OBJ_D)\cipher_aria_hw.obj \
-    $(OBJ_D)\cipher_tdes.obj $(OBJ_D)\cipher_tdes_common.obj $(OBJ_D)\cipher_tdes_default.obj $(OBJ_D)\cipher_tdes_default_hw.obj \
-    $(OBJ_D)\cipher_tdes_hw.obj $(OBJ_D)\cipher_tdes_wrap.obj $(OBJ_D)\cipher_tdes_wrap_hw.obj $(OBJ_D)\cipher_sm4.obj \
-    $(OBJ_D)\cipher_sm4_ccm.obj $(OBJ_D)\cipher_sm4_gcm.obj $(OBJ_D)\cipher_sm4_ccm_hw.obj $(OBJ_D)\cipher_sm4_gcm_hw.obj \
-    $(OBJ_D)\cipher_sm4_hw.obj $(OBJ_D)\cipher_chacha20.obj $(OBJ_D)\cipher_chacha20_hw.obj $(OBJ_D)\cipher_chacha20_poly1305.obj \
-    $(OBJ_D)\cipher_chacha20_poly1305_hw.obj \
+    $(OBJ_D)\cipher_aes_gcm.obj $(OBJ_D)\cipher_aes_gcm_hw.obj $(OBJ_D)\cipher_aes_gcm_siv.obj $(OBJ_D)\cipher_aes_gcm_siv_hw.obj \
+    $(OBJ_D)\cipher_aes_gcm_siv_polyval.obj $(OBJ_D)\cipher_aes_ccm.obj $(OBJ_D)\cipher_aes_ccm_hw.obj $(OBJ_D)\cipher_aes_wrp.obj \
+    $(OBJ_D)\cipher_aes_cbc_hmac_sha.obj $(OBJ_D)\cipher_aes_cbc_hmac_sha1_hw.obj $(OBJ_D)\cipher_aes_cbc_hmac_sha256_hw.obj $(OBJ_D)\cipher_aes_xts_fips.obj \
+    $(OBJ_D)\cipher_aria_gcm.obj $(OBJ_D)\cipher_aria_gcm_hw.obj $(OBJ_D)\cipher_aria_hw.obj $(OBJ_D)\cipher_tdes.obj \
+    $(OBJ_D)\cipher_tdes_common.obj $(OBJ_D)\cipher_tdes_default.obj $(OBJ_D)\cipher_tdes_default_hw.obj $(OBJ_D)\cipher_tdes_hw.obj \
+    $(OBJ_D)\cipher_tdes_wrap.obj $(OBJ_D)\cipher_tdes_wrap_hw.obj $(OBJ_D)\cipher_sm4.obj $(OBJ_D)\cipher_sm4_ccm.obj \
+    $(OBJ_D)\cipher_sm4_gcm.obj $(OBJ_D)\cipher_sm4_ccm_hw.obj $(OBJ_D)\cipher_sm4_gcm_hw.obj $(OBJ_D)\cipher_sm4_hw.obj \
+    $(OBJ_D)\cipher_sm4_xts.obj $(OBJ_D)\cipher_sm4_xts_hw.obj $(OBJ_D)\cipher_chacha20.obj $(OBJ_D)\cipher_chacha20_hw.obj \
+    $(OBJ_D)\cipher_chacha20_poly1305.obj $(OBJ_D)\cipher_chacha20_poly1305_hw.obj \
     $(OBJ_D)\blake2b_mac.obj $(OBJ_D)\blake2s_mac.obj $(OBJ_D)\cmac_prov.obj $(OBJ_D)\gmac_prov.obj \
     $(OBJ_D)\hmac_prov.obj $(OBJ_D)\kmac_prov.obj $(OBJ_D)\poly1305_prov.obj $(OBJ_D)\siphash_prov.obj \
     $(OBJ_D)\hkdf.obj $(OBJ_D)\kbkdf.obj $(OBJ_D)\krb5kdf.obj $(OBJ_D)\pbkdf1.obj \
     $(OBJ_D)\pbkdf2.obj $(OBJ_D)\pbkdf2_fips.obj $(OBJ_D)\pkcs12kdf.obj $(OBJ_D)\scrypt.obj \
     $(OBJ_D)\sshkdf.obj $(OBJ_D)\sskdf.obj $(OBJ_D)\tls1_prf.obj $(OBJ_D)\x942kdf.obj \
+    $(OBJ_D)\hmacdrbg_kdf.obj $(OBJ_D)\argon2.obj \
     $(OBJ_D)\dh_exch.obj $(OBJ_D)\ecdh_exch.obj $(OBJ_D)\ecx_exch.obj $(OBJ_D)\kdf_exch.obj \
     $(OBJ_D)\dsa_sig.obj $(OBJ_D)\ecdsa_sig.obj $(OBJ_D)\eddsa_sig.obj $(OBJ_D)\mac_legacy_sig.obj \
     $(OBJ_D)\rsa_sig.obj $(OBJ_D)\sm2_sig.obj \
     $(OBJ_D)\rsa_enc.obj $(OBJ_D)\sm2_enc.obj \
-    $(OBJ_D)\rsa_kem.obj \
+    $(OBJ_D)\rsa_kem.obj $(OBJ_D)\ec_kem.obj $(OBJ_D)\kem_util.obj $(OBJ_D)\ecx_kem.obj \
     $(OBJ_D)\dh_kmgmt.obj $(OBJ_D)\dsa_kmgmt.obj $(OBJ_D)\ec_kmgmt.obj $(OBJ_D)\ecx_kmgmt.obj \
     $(OBJ_D)\kdf_legacy_kmgmt.obj $(OBJ_D)\mac_legacy_kmgmt.obj $(OBJ_D)\rsa_kmgmt.obj \
     $(OBJ_D)\decode_der2key.obj $(OBJ_D)\decode_epki2pki.obj $(OBJ_D)\decode_msblob2key.obj $(OBJ_D)\decode_pem2der.obj \
     $(OBJ_D)\decode_pvk2key.obj $(OBJ_D)\decode_spki2typespki.obj $(OBJ_D)\encode_key2any.obj $(OBJ_D)\encode_key2blob.obj \
     $(OBJ_D)\encode_key2ms.obj $(OBJ_D)\encode_key2text.obj $(OBJ_D)\endecoder_common.obj \
-    $(OBJ_D)\file_store.obj $(OBJ_D)\file_store_any2obj.obj \
+    $(OBJ_D)\file_store.obj $(OBJ_D)\file_store_any2obj.obj $(OBJ_D)\winstore_store.obj \
     $(OBJ_D)\des_586.obj \
     $(OBJ_D)\bf_586.obj \
     $(OBJ_D)\cast_586.obj \
@@ -347,9 +364,6 @@ $(OBJ_D)\s3_lib.obj: $(SRC_D)\ssl\s3_lib.c
 $(OBJ_D)\s3_enc.obj: $(SRC_D)\ssl\s3_enc.c
     $(CC) -o$(OBJ_D)\s3_enc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_enc.c
 
-$(OBJ_D)\s3_cbc.obj: $(SRC_D)\ssl\s3_cbc.c
-    $(CC) -o$(OBJ_D)\s3_cbc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_cbc.c
-
 $(OBJ_D)\s3_msg.obj: $(SRC_D)\ssl\s3_msg.c
     $(CC) -o$(OBJ_D)\s3_msg.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_msg.c
 
@@ -422,6 +436,9 @@ $(OBJ_D)\ssl_conf.obj: $(SRC_D)\ssl\ssl_conf.c
 $(OBJ_D)\tls_depr.obj: $(SRC_D)\ssl\tls_depr.c
     $(CC) -o$(OBJ_D)\tls_depr.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\tls_depr.c
 
+$(OBJ_D)\ssl_cert_comp.obj: $(SRC_D)\ssl\ssl_cert_comp.c
+    $(CC) -o$(OBJ_D)\ssl_cert_comp.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_cert_comp.c
+
 $(OBJ_D)\statem.obj: $(SRC_D)\ssl\statem\statem.c
     $(CC) -o$(OBJ_D)\statem.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\statem\statem.c
 
@@ -455,20 +472,32 @@ $(OBJ_D)\rec_layer_s3.obj: $(SRC_D)\ssl\record\rec_layer_s3.c
 $(OBJ_D)\rec_layer_d1.obj: $(SRC_D)\ssl\record\rec_layer_d1.c
     $(CC) -o$(OBJ_D)\rec_layer_d1.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\record\rec_layer_d1.c
 
-$(OBJ_D)\ssl3_record.obj: $(SRC_D)\ssl\record\ssl3_record.c
-    $(CC) -o$(OBJ_D)\ssl3_record.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\record\ssl3_record.c
+$(OBJ_D)\ssl3_cbc.obj: $(SRC_D)\ssl\record\methods\ssl3_cbc.c
+    $(CC) -o$(OBJ_D)\ssl3_cbc.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\record\methods\ssl3_cbc.c
+
+$(OBJ_D)\tls_pad.obj: $(SRC_D)\ssl\record\methods\tls_pad.c
+    $(CC) -o$(OBJ_D)\tls_pad.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\record\methods\tls_pad.c
+
+$(OBJ_D)\dtls_meth.obj: $(SRC_D)\ssl\record\methods\dtls_meth.c
+    $(CC) -o$(OBJ_D)\dtls_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\record\methods\dtls_meth.c
+
+$(OBJ_D)\tls_common.obj: $(SRC_D)\ssl\record\methods\tls_common.c
+    $(CC) -o$(OBJ_D)\tls_common.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\record\methods\tls_common.c
 
-$(OBJ_D)\ssl3_record_tls13.obj: $(SRC_D)\ssl\record\ssl3_record_tls13.c
-    $(CC) -o$(OBJ_D)\ssl3_record_tls13.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\record\ssl3_record_tls13.c
+$(OBJ_D)\tlsany_meth.obj: $(SRC_D)\ssl\record\methods\tlsany_meth.c
+    $(CC) -o$(OBJ_D)\tlsany_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\record\methods\tlsany_meth.c
 
-$(OBJ_D)\ssl3_buffer.obj: $(SRC_D)\ssl\record\ssl3_buffer.c
-    $(CC) -o$(OBJ_D)\ssl3_buffer.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\record\ssl3_buffer.c
+$(OBJ_D)\tls13_meth.obj: $(SRC_D)\ssl\record\methods\tls13_meth.c
+    $(CC) -o$(OBJ_D)\tls13_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\record\methods\tls13_meth.c
 
-$(OBJ_D)\dtls1_bitmap.obj: $(SRC_D)\ssl\record\dtls1_bitmap.c
-    $(CC) -o$(OBJ_D)\dtls1_bitmap.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\record\dtls1_bitmap.c
+$(OBJ_D)\tls1_meth.obj: $(SRC_D)\ssl\record\methods\tls1_meth.c
+    $(CC) -o$(OBJ_D)\tls1_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\record\methods\tls1_meth.c
 
-$(OBJ_D)\tls_pad.obj: $(SRC_D)\ssl\record\tls_pad.c
-    $(CC) -o$(OBJ_D)\tls_pad.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\record\tls_pad.c
+$(OBJ_D)\ssl3_meth.obj: $(SRC_D)\ssl\record\methods\ssl3_meth.c
+    $(CC) -o$(OBJ_D)\ssl3_meth.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\record\methods\ssl3_meth.c
+
+$(OBJ_D)\tls_multib.obj: $(SRC_D)\ssl\record\methods\tls_multib.c
+    $(CC) -o$(OBJ_D)\tls_multib.obj  $(LIB_CFLAGS) -c $(SRC_D)\ssl\record\methods\tls_multib.c
 
 $(OBJ_D)\cryptlib.obj: $(SRC_D)\crypto\cryptlib.c
     $(CC) -o$(OBJ_D)\cryptlib.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\cryptlib.c
@@ -542,6 +571,9 @@ $(OBJ_D)\params.obj: $(SRC_D)\crypto\params.c
 $(OBJ_D)\params_dup.obj: $(SRC_D)\crypto\params_dup.c
     $(CC) -o$(OBJ_D)\params_dup.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\params_dup.c
 
+$(OBJ_D)\params_idx.obj: $(SRC_D)\crypto\params_idx.c
+    $(CC) -o$(OBJ_D)\params_idx.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\params_idx.c
+
 $(OBJ_D)\sparse_array.obj: $(SRC_D)\crypto\sparse_array.c
     $(CC) -o$(OBJ_D)\sparse_array.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\sparse_array.c
 
@@ -593,6 +625,15 @@ $(OBJ_D)\trace.obj: $(SRC_D)\crypto\trace.c
 $(OBJ_D)\der_writer.obj: $(SRC_D)\crypto\der_writer.c
     $(CC) -o$(OBJ_D)\der_writer.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\der_writer.c
 
+$(OBJ_D)\sleep.obj: $(SRC_D)\crypto\sleep.c
+    $(CC) -o$(OBJ_D)\sleep.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\sleep.c
+
+$(OBJ_D)\deterministic_nonce.obj: $(SRC_D)\crypto\deterministic_nonce.c
+    $(CC) -o$(OBJ_D)\deterministic_nonce.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\deterministic_nonce.c
+
+$(OBJ_D)\time.obj: $(SRC_D)\crypto\time.c
+    $(CC) -o$(OBJ_D)\time.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\time.c
+
 $(OBJ_D)\md4_dgst.obj: $(SRC_D)\crypto\md4\md4_dgst.c
     $(CC) -o$(OBJ_D)\md4_dgst.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\md4\md4_dgst.c
 
@@ -626,6 +667,9 @@ $(OBJ_D)\gcm128.obj: $(SRC_D)\crypto\modes\gcm128.c
 $(OBJ_D)\xts128.obj: $(SRC_D)\crypto\modes\xts128.c
     $(CC) -o$(OBJ_D)\xts128.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\modes\xts128.c
 
+$(OBJ_D)\xts128gb.obj: $(SRC_D)\crypto\modes\xts128gb.c
+    $(CC) -o$(OBJ_D)\xts128gb.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\modes\xts128gb.c
+
 $(OBJ_D)\wrap128.obj: $(SRC_D)\crypto\modes\wrap128.c
     $(CC) -o$(OBJ_D)\wrap128.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\modes\wrap128.c
 
@@ -1085,6 +1129,12 @@ $(OBJ_D)\bss_file.obj: $(SRC_D)\crypto\bio\bss_file.c
 $(OBJ_D)\bss_sock.obj: $(SRC_D)\crypto\bio\bss_sock.c
     $(CC) -o$(OBJ_D)\bss_sock.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_sock.c
 
+$(OBJ_D)\bss_dgram.obj: $(SRC_D)\crypto\bio\bss_dgram.c
+    $(CC) -o$(OBJ_D)\bss_dgram.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_dgram.c
+
+$(OBJ_D)\bss_dgram_pair.obj: $(SRC_D)\crypto\bio\bss_dgram_pair.c
+    $(CC) -o$(OBJ_D)\bss_dgram_pair.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_dgram_pair.c
+
 $(OBJ_D)\bf_null.obj: $(SRC_D)\crypto\bio\bf_null.c
     $(CC) -o$(OBJ_D)\bf_null.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bf_null.c
 
@@ -1166,6 +1216,9 @@ $(OBJ_D)\rand_meth.obj: $(SRC_D)\crypto\rand\rand_meth.c
 $(OBJ_D)\prov_seed.obj: $(SRC_D)\crypto\rand\prov_seed.c
     $(CC) -o$(OBJ_D)\prov_seed.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\rand\prov_seed.c
 
+$(OBJ_D)\rand_uniform.obj: $(SRC_D)\crypto\rand\rand_uniform.c
+    $(CC) -o$(OBJ_D)\rand_uniform.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\rand\rand_uniform.c
+
 $(OBJ_D)\err.obj: $(SRC_D)\crypto\err\err.c
     $(CC) -o$(OBJ_D)\err.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\err\err.c
 
@@ -1178,6 +1231,12 @@ $(OBJ_D)\err_prn.obj: $(SRC_D)\crypto\err\err_prn.c
 $(OBJ_D)\err_blocks.obj: $(SRC_D)\crypto\err\err_blocks.c
     $(CC) -o$(OBJ_D)\err_blocks.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\err\err_blocks.c
 
+$(OBJ_D)\err_mark.obj: $(SRC_D)\crypto\err\err_mark.c
+    $(CC) -o$(OBJ_D)\err_mark.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\err\err_mark.c
+
+$(OBJ_D)\err_save.obj: $(SRC_D)\crypto\err\err_save.c
+    $(CC) -o$(OBJ_D)\err_save.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\err\err_save.c
+
 $(OBJ_D)\o_names.obj: $(SRC_D)\crypto\objects\o_names.c
     $(CC) -o$(OBJ_D)\o_names.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\objects\o_names.c
 
@@ -1856,6 +1915,24 @@ $(OBJ_D)\v3_utf8.obj: $(SRC_D)\crypto\x509\v3_utf8.c
 $(OBJ_D)\v3_ist.obj: $(SRC_D)\crypto\x509\v3_ist.c
     $(CC) -o$(OBJ_D)\v3_ist.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\v3_ist.c
 
+$(OBJ_D)\v3_no_rev_avail.obj: $(SRC_D)\crypto\x509\v3_no_rev_avail.c
+    $(CC) -o$(OBJ_D)\v3_no_rev_avail.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\v3_no_rev_avail.c
+
+$(OBJ_D)\v3_soa_id.obj: $(SRC_D)\crypto\x509\v3_soa_id.c
+    $(CC) -o$(OBJ_D)\v3_soa_id.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\v3_soa_id.c
+
+$(OBJ_D)\v3_ind_iss.obj: $(SRC_D)\crypto\x509\v3_ind_iss.c
+    $(CC) -o$(OBJ_D)\v3_ind_iss.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\v3_ind_iss.c
+
+$(OBJ_D)\v3_no_ass.obj: $(SRC_D)\crypto\x509\v3_no_ass.c
+    $(CC) -o$(OBJ_D)\v3_no_ass.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\v3_no_ass.c
+
+$(OBJ_D)\v3_single_use.obj: $(SRC_D)\crypto\x509\v3_single_use.c
+    $(CC) -o$(OBJ_D)\v3_single_use.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\v3_single_use.c
+
+$(OBJ_D)\v3_group_ac.obj: $(SRC_D)\crypto\x509\v3_group_ac.c
+    $(CC) -o$(OBJ_D)\v3_group_ac.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\v3_group_ac.c
+
 $(OBJ_D)\conf_err.obj: $(SRC_D)\crypto\conf\conf_err.c
     $(CC) -o$(OBJ_D)\conf_err.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\conf\conf_err.c
 
@@ -2330,6 +2407,18 @@ $(OBJ_D)\ffc_dh.obj: $(SRC_D)\crypto\ffc\ffc_dh.c
 $(OBJ_D)\ffc_backend.obj: $(SRC_D)\crypto\ffc\ffc_backend.c
     $(CC) -o$(OBJ_D)\ffc_backend.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\ffc\ffc_backend.c
 
+$(OBJ_D)\hpke_util.obj: $(SRC_D)\crypto\hpke\hpke_util.c
+    $(CC) -o$(OBJ_D)\hpke_util.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\hpke\hpke_util.c
+
+$(OBJ_D)\internal.obj: $(SRC_D)\crypto\thread\internal.c
+    $(CC) -o$(OBJ_D)\internal.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\thread\internal.c
+
+$(OBJ_D)\arch.obj: $(SRC_D)\crypto\thread\arch.c
+    $(CC) -o$(OBJ_D)\arch.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\thread\arch.c
+
+$(OBJ_D)\thread_win.obj: $(SRC_D)\crypto\thread\arch\thread_win.c
+    $(CC) -o$(OBJ_D)\thread_win.obj  $(LIB_CFLAGS) -c $(SRC_D)\crypto\thread\arch\thread_win.c
+
 $(OBJ_D)\prov_running.obj: $(SRC_D)\providers\prov_running.c
     $(CC) -o$(OBJ_D)\prov_running.obj  $(LIB_CFLAGS) -c $(SRC_D)\providers\prov_running.c
 
@@ -2537,6 +2626,15 @@ $(OBJ_D)\cipher_aes_gcm.obj: $(SRC_D)\providers\implementations\ciphers\cipher_a
 $(OBJ_D)\cipher_aes_gcm_hw.obj: $(SRC_D)\providers\implementations\ciphers\cipher_aes_gcm_hw.c
     $(CC) -o$(OBJ_D)\cipher_aes_gcm_hw.obj  $(LIB_CFLAGS) -c $(SRC_D)\providers\implementations\ciphers\cipher_aes_gcm_hw.c
 
+$(OBJ_D)\cipher_aes_gcm_siv.obj: $(SRC_D)\providers\implementations\ciphers\cipher_aes_gcm_siv.c
+    $(CC) -o$(OBJ_D)\cipher_aes_gcm_siv.obj  $(LIB_CFLAGS) -c $(SRC_D)\providers\implementations\ciphers\cipher_aes_gcm_siv.c
+
+$(OBJ_D)\cipher_aes_gcm_siv_hw.obj: $(SRC_D)\providers\implementations\ciphers\cipher_aes_gcm_siv_hw.c
+    $(CC) -o$(OBJ_D)\cipher_aes_gcm_siv_hw.obj  $(LIB_CFLAGS) -c $(SRC_D)\providers\implementations\ciphers\cipher_aes_gcm_siv_hw.c
+
+$(OBJ_D)\cipher_aes_gcm_siv_polyval.obj: $(SRC_D)\providers\implementations\ciphers\cipher_aes_gcm_siv_polyval.c
+    $(CC) -o$(OBJ_D)\cipher_aes_gcm_siv_polyval.obj  $(LIB_CFLAGS) -c $(SRC_D)\providers\implementations\ciphers\cipher_aes_gcm_siv_polyval.c
+
 $(OBJ_D)\cipher_aes_ccm.obj: $(SRC_D)\providers\implementations\ciphers\cipher_aes_ccm.c
     $(CC) -o$(OBJ_D)\cipher_aes_ccm.obj  $(LIB_CFLAGS) -c $(SRC_D)\providers\implementations\ciphers\cipher_aes_ccm.c
 
@@ -2606,6 +2704,12 @@ $(OBJ_D)\cipher_sm4_gcm_hw.obj: $(SRC_D)\providers\implementations\ciphers\ciphe
 $(OBJ_D)\cipher_sm4_hw.obj: $(SRC_D)\providers\implementations\ciphers\cipher_sm4_hw.c
     $(CC) -o$(OBJ_D)\cipher_sm4_hw.obj  $(LIB_CFLAGS) -c $(SRC_D)\providers\implementations\ciphers\cipher_sm4_hw.c
 
+$(OBJ_D)\cipher_sm4_xts.obj: $(SRC_D)\providers\implementations\ciphers\cipher_sm4_xts.c
+    $(CC) -o$(OBJ_D)\cipher_sm4_xts.obj  $(LIB_CFLAGS) -c $(SRC_D)\providers\implementations\ciphers\cipher_sm4_xts.c
+
+$(OBJ_D)\cipher_sm4_xts_hw.obj: $(SRC_D)\providers\implementations\ciphers\cipher_sm4_xts_hw.c
+    $(CC) -o$(OBJ_D)\cipher_sm4_xts_hw.obj  $(LIB_CFLAGS) -c $(SRC_D)\providers\implementations\ciphers\cipher_sm4_xts_hw.c
+
 $(OBJ_D)\cipher_chacha20.obj: $(SRC_D)\providers\implementations\ciphers\cipher_chacha20.c
     $(CC) -o$(OBJ_D)\cipher_chacha20.obj  $(LIB_CFLAGS) -c $(SRC_D)\providers\implementations\ciphers\cipher_chacha20.c
 
@@ -2678,6 +2782,12 @@ $(OBJ_D)\tls1_prf.obj: $(SRC_D)\providers\implementations\kdfs\tls1_prf.c
 $(OBJ_D)\x942kdf.obj: $(SRC_D)\providers\implementations\kdfs\x942kdf.c
     $(CC) -o$(OBJ_D)\x942kdf.obj  $(LIB_CFLAGS) -c $(SRC_D)\providers\implementations\kdfs\x942kdf.c
 
+$(OBJ_D)\hmacdrbg_kdf.obj: $(SRC_D)\providers\implementations\kdfs\hmacdrbg_kdf.c
+    $(CC) -o$(OBJ_D)\hmacdrbg_kdf.obj  $(LIB_CFLAGS) -c $(SRC_D)\providers\implementations\kdfs\hmacdrbg_kdf.c
+
+$(OBJ_D)\argon2.obj: $(SRC_D)\providers\implementations\kdfs\argon2.c
+    $(CC) -o$(OBJ_D)\argon2.obj  $(LIB_CFLAGS) -c $(SRC_D)\providers\implementations\kdfs\argon2.c
+
 $(OBJ_D)\dh_exch.obj: $(SRC_D)\providers\implementations\exchange\dh_exch.c
     $(CC) -o$(OBJ_D)\dh_exch.obj  $(LIB_CFLAGS) -c $(SRC_D)\providers\implementations\exchange\dh_exch.c
 
@@ -2717,6 +2827,15 @@ $(OBJ_D)\sm2_enc.obj: $(SRC_D)\providers\implementations\asymciphers\sm2_enc.c
 $(OBJ_D)\rsa_kem.obj: $(SRC_D)\providers\implementations\kem\rsa_kem.c
     $(CC) -o$(OBJ_D)\rsa_kem.obj  $(LIB_CFLAGS) -c $(SRC_D)\providers\implementations\kem\rsa_kem.c
 
+$(OBJ_D)\ec_kem.obj: $(SRC_D)\providers\implementations\kem\ec_kem.c
+    $(CC) -o$(OBJ_D)\ec_kem.obj  $(LIB_CFLAGS) -c $(SRC_D)\providers\implementations\kem\ec_kem.c
+
+$(OBJ_D)\kem_util.obj: $(SRC_D)\providers\implementations\kem\kem_util.c
+    $(CC) -o$(OBJ_D)\kem_util.obj  $(LIB_CFLAGS) -c $(SRC_D)\providers\implementations\kem\kem_util.c
+
+$(OBJ_D)\ecx_kem.obj: $(SRC_D)\providers\implementations\kem\ecx_kem.c
+    $(CC) -o$(OBJ_D)\ecx_kem.obj  $(LIB_CFLAGS) -c $(SRC_D)\providers\implementations\kem\ecx_kem.c
+
 $(OBJ_D)\dh_kmgmt.obj: $(SRC_D)\providers\implementations\keymgmt\dh_kmgmt.c
     $(CC) -o$(OBJ_D)\dh_kmgmt.obj  $(LIB_CFLAGS) -c $(SRC_D)\providers\implementations\keymgmt\dh_kmgmt.c
 
@@ -2777,6 +2896,9 @@ $(OBJ_D)\file_store.obj: $(SRC_D)\providers\implementations\storemgmt\file_store
 $(OBJ_D)\file_store_any2obj.obj: $(SRC_D)\providers\implementations\storemgmt\file_store_any2obj.c
     $(CC) -o$(OBJ_D)\file_store_any2obj.obj  $(LIB_CFLAGS) -c $(SRC_D)\providers\implementations\storemgmt\file_store_any2obj.c
 
+$(OBJ_D)\winstore_store.obj: $(SRC_D)\providers\implementations\storemgmt\winstore_store.c
+    $(CC) -o$(OBJ_D)\winstore_store.obj  $(LIB_CFLAGS) -c $(SRC_D)\providers\implementations\storemgmt\winstore_store.c
+
 $(OBJ_D)\des_586.obj: $(SRC_D)\crypto\des\asm\des_586.asm
     $(ASM) -o$(OBJ_D)\des_586.obj $(SRC_D)\crypto\des\asm\des_586.asm
 

libs/openssl/crypto/bio/bss_dgram.c

@@ -0,0 +1,2837 @@
+/*
+ * Copyright 2005-2023 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef _GNU_SOURCE
+# define _GNU_SOURCE
+#endif
+
+#include <stdio.h>
+#include <errno.h>
+
+#include "internal/time.h"
+#include "bio_local.h"
+#ifndef OPENSSL_NO_DGRAM
+
+# ifndef OPENSSL_NO_SCTP
+#  include <netinet/sctp.h>
+#  include <fcntl.h>
+#  define OPENSSL_SCTP_DATA_CHUNK_TYPE            0x00
+#  define OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE 0xc0
+# endif
+
+# if defined(OPENSSL_SYS_LINUX) && !defined(IP_MTU)
+#  define IP_MTU      14        /* linux is lame */
+# endif
+
+# if OPENSSL_USE_IPV6 && !defined(IPPROTO_IPV6)
+#  define IPPROTO_IPV6 41       /* windows is lame */
+# endif
+
+# if defined(__FreeBSD__) && defined(IN6_IS_ADDR_V4MAPPED)
+/* Standard definition causes type-punning problems. */
+#  undef IN6_IS_ADDR_V4MAPPED
+#  define s6_addr32 __u6_addr.__u6_addr32
+#  define IN6_IS_ADDR_V4MAPPED(a)               \
+        (((a)->s6_addr32[0] == 0) &&          \
+         ((a)->s6_addr32[1] == 0) &&          \
+         ((a)->s6_addr32[2] == htonl(0x0000ffff)))
+# endif
+
+/* Determine what method to use for BIO_sendmmsg and BIO_recvmmsg. */
+# define M_METHOD_NONE       0
+# define M_METHOD_RECVMMSG   1
+# define M_METHOD_RECVMSG    2
+# define M_METHOD_RECVFROM   3
+# define M_METHOD_WSARECVMSG 4
+
+# if defined(__GLIBC__) && defined(__GLIBC_PREREQ)
+#  if !(__GLIBC_PREREQ(2, 14))
+#   undef NO_RECVMMSG
+    /*
+     * Some old glibc versions may have recvmmsg and MSG_WAITFORONE flag, but
+     * not sendmmsg. We need both so force this to be disabled on these old
+     * versions
+     */
+#   define NO_RECVMMSG
+#  endif
+# endif
+# if !defined(M_METHOD)
+#  if defined(OPENSSL_SYS_WINDOWS) && defined(BIO_HAVE_WSAMSG) && !defined(NO_WSARECVMSG)
+#   define M_METHOD  M_METHOD_WSARECVMSG
+#  elif !defined(OPENSSL_SYS_WINDOWS) && defined(MSG_WAITFORONE) && !defined(NO_RECVMMSG)
+#   define M_METHOD  M_METHOD_RECVMMSG
+#  elif !defined(OPENSSL_SYS_WINDOWS) && defined(CMSG_LEN) && !defined(NO_RECVMSG)
+#   define M_METHOD  M_METHOD_RECVMSG
+#  elif !defined(NO_RECVFROM)
+#   define M_METHOD  M_METHOD_RECVFROM
+#  else
+#   define M_METHOD  M_METHOD_NONE
+#  endif
+# endif
+
+# if defined(OPENSSL_SYS_WINDOWS)
+#  define BIO_CMSG_SPACE(x) WSA_CMSG_SPACE(x)
+#  define BIO_CMSG_FIRSTHDR(x) WSA_CMSG_FIRSTHDR(x)
+#  define BIO_CMSG_NXTHDR(x, y) WSA_CMSG_NXTHDR(x, y)
+#  define BIO_CMSG_DATA(x) WSA_CMSG_DATA(x)
+#  define BIO_CMSG_LEN(x) WSA_CMSG_LEN(x)
+#  define MSGHDR_TYPE WSAMSG
+#  define CMSGHDR_TYPE WSACMSGHDR
+# else
+#  define MSGHDR_TYPE struct msghdr
+#  define CMSGHDR_TYPE struct cmsghdr
+#  define BIO_CMSG_SPACE(x) CMSG_SPACE(x)
+#  define BIO_CMSG_FIRSTHDR(x) CMSG_FIRSTHDR(x)
+#  define BIO_CMSG_NXTHDR(x, y) CMSG_NXTHDR(x, y)
+#  define BIO_CMSG_DATA(x) CMSG_DATA(x)
+#  define BIO_CMSG_LEN(x) CMSG_LEN(x)
+# endif
+
+# if   M_METHOD == M_METHOD_RECVMMSG   \
+    || M_METHOD == M_METHOD_RECVMSG    \
+    || M_METHOD == M_METHOD_WSARECVMSG
+#  if defined(__APPLE__)
+    /*
+     * CMSG_SPACE is not a constant expresson on OSX even though POSIX
+     * says it's supposed to be. This should be adequate.
+     */
+#   define BIO_CMSG_ALLOC_LEN   64
+#  else
+#   if defined(IPV6_PKTINFO)
+#     define BIO_CMSG_ALLOC_LEN_1   BIO_CMSG_SPACE(sizeof(struct in6_pktinfo))
+#   else
+#     define BIO_CMSG_ALLOC_LEN_1   0
+#   endif
+#   if defined(IP_PKTINFO)
+#     define BIO_CMSG_ALLOC_LEN_2   BIO_CMSG_SPACE(sizeof(struct in_pktinfo))
+#   else
+#     define BIO_CMSG_ALLOC_LEN_2   0
+#   endif
+#   if defined(IP_RECVDSTADDR)
+#     define BIO_CMSG_ALLOC_LEN_3   BIO_CMSG_SPACE(sizeof(struct in_addr))
+#   else
+#     define BIO_CMSG_ALLOC_LEN_3   0
+#   endif
+#   define BIO_MAX(X,Y) ((X) > (Y) ? (X) : (Y))
+#   define BIO_CMSG_ALLOC_LEN                                        \
+        BIO_MAX(BIO_CMSG_ALLOC_LEN_1,                                \
+                BIO_MAX(BIO_CMSG_ALLOC_LEN_2, BIO_CMSG_ALLOC_LEN_3))
+#  endif
+#  if (defined(IP_PKTINFO) || defined(IP_RECVDSTADDR)) && defined(IPV6_RECVPKTINFO)
+#   define SUPPORT_LOCAL_ADDR
+#  endif
+# endif
+
+# define BIO_MSG_N(array, stride, n) (*(BIO_MSG *)((char *)(array) + (n)*(stride)))
+
+static int dgram_write(BIO *h, const char *buf, int num);
+static int dgram_read(BIO *h, char *buf, int size);
+static int dgram_puts(BIO *h, const char *str);
+static long dgram_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int dgram_new(BIO *h);
+static int dgram_free(BIO *data);
+static int dgram_clear(BIO *bio);
+static int dgram_sendmmsg(BIO *b, BIO_MSG *msg,
+                          size_t stride, size_t num_msg,
+                          uint64_t flags, size_t *num_processed);
+static int dgram_recvmmsg(BIO *b, BIO_MSG *msg,
+                          size_t stride, size_t num_msg,
+                          uint64_t flags, size_t *num_processed);
+
+# ifndef OPENSSL_NO_SCTP
+static int dgram_sctp_write(BIO *h, const char *buf, int num);
+static int dgram_sctp_read(BIO *h, char *buf, int size);
+static int dgram_sctp_puts(BIO *h, const char *str);
+static long dgram_sctp_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int dgram_sctp_new(BIO *h);
+static int dgram_sctp_free(BIO *data);
+static int dgram_sctp_wait_for_dry(BIO *b);
+static int dgram_sctp_msg_waiting(BIO *b);
+#  ifdef SCTP_AUTHENTICATION_EVENT
+static void dgram_sctp_handle_auth_free_key_event(BIO *b, union sctp_notification
+                                                  *snp);
+#  endif
+# endif
+
+static int BIO_dgram_should_retry(int s);
+
+static const BIO_METHOD methods_dgramp = {
+    BIO_TYPE_DGRAM,
+    "datagram socket",
+    bwrite_conv,
+    dgram_write,
+    bread_conv,
+    dgram_read,
+    dgram_puts,
+    NULL,                       /* dgram_gets,         */
+    dgram_ctrl,
+    dgram_new,
+    dgram_free,
+    NULL,                       /* dgram_callback_ctrl */
+    dgram_sendmmsg,
+    dgram_recvmmsg,
+};
+
+# ifndef OPENSSL_NO_SCTP
+static const BIO_METHOD methods_dgramp_sctp = {
+    BIO_TYPE_DGRAM_SCTP,
+    "datagram sctp socket",
+    bwrite_conv,
+    dgram_sctp_write,
+    bread_conv,
+    dgram_sctp_read,
+    dgram_sctp_puts,
+    NULL,                       /* dgram_gets,         */
+    dgram_sctp_ctrl,
+    dgram_sctp_new,
+    dgram_sctp_free,
+    NULL,                       /* dgram_callback_ctrl */
+    NULL,                       /* sendmmsg */
+    NULL,                       /* recvmmsg */
+};
+# endif
+
+typedef struct bio_dgram_data_st {
+    BIO_ADDR peer;
+    BIO_ADDR local_addr;
+    unsigned int connected;
+    unsigned int _errno;
+    unsigned int mtu;
+    OSSL_TIME next_timeout;
+    OSSL_TIME socket_timeout;
+    unsigned int peekmode;
+    char local_addr_enabled;
+} bio_dgram_data;
+
+# ifndef OPENSSL_NO_SCTP
+typedef struct bio_dgram_sctp_save_message_st {
+    BIO *bio;
+    char *data;
+    int length;
+} bio_dgram_sctp_save_message;
+
+/*
+ * Note: bio_dgram_data must be first here
+ * as we use dgram_ctrl for underlying dgram operations
+ * which will cast this struct to a bio_dgram_data
+ */
+typedef struct bio_dgram_sctp_data_st {
+    bio_dgram_data dgram;
+    struct bio_dgram_sctp_sndinfo sndinfo;
+    struct bio_dgram_sctp_rcvinfo rcvinfo;
+    struct bio_dgram_sctp_prinfo prinfo;
+    BIO_dgram_sctp_notification_handler_fn handle_notifications;
+    void *notification_context;
+    int in_handshake;
+    int ccs_rcvd;
+    int ccs_sent;
+    int save_shutdown;
+    int peer_auth_tested;
+} bio_dgram_sctp_data;
+# endif
+
+const BIO_METHOD *BIO_s_datagram(void)
+{
+    return &methods_dgramp;
+}
+
+BIO *BIO_new_dgram(int fd, int close_flag)
+{
+    BIO *ret;
+
+    ret = BIO_new(BIO_s_datagram());
+    if (ret == NULL)
+        return NULL;
+    BIO_set_fd(ret, fd, close_flag);
+    return ret;
+}
+
+static int dgram_new(BIO *bi)
+{
+    bio_dgram_data *data = OPENSSL_zalloc(sizeof(*data));
+
+    if (data == NULL)
+        return 0;
+    bi->ptr = data;
+    return 1;
+}
+
+static int dgram_free(BIO *a)
+{
+    bio_dgram_data *data;
+
+    if (a == NULL)
+        return 0;
+    if (!dgram_clear(a))
+        return 0;
+
+    data = (bio_dgram_data *)a->ptr;
+    OPENSSL_free(data);
+
+    return 1;
+}
+
+static int dgram_clear(BIO *a)
+{
+    if (a == NULL)
+        return 0;
+    if (a->shutdown) {
+        if (a->init) {
+            BIO_closesocket(a->num);
+        }
+        a->init = 0;
+        a->flags = 0;
+    }
+    return 1;
+}
+
+static void dgram_adjust_rcv_timeout(BIO *b)
+{
+# if defined(SO_RCVTIMEO)
+    bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+    OSSL_TIME timeleft;
+
+    /* Is a timer active? */
+    if (!ossl_time_is_zero(data->next_timeout)) {
+        /* Read current socket timeout */
+#  ifdef OPENSSL_SYS_WINDOWS
+        int timeout;
+        int sz = sizeof(timeout);
+
+        if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+                       (void *)&timeout, &sz) < 0)
+            ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
+                           "calling getsockopt()");
+        else
+            data->socket_timeout = ossl_ms2time(timeout);
+#  else
+        struct timeval tv;
+        socklen_t sz = sizeof(tv);
+
+        if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, &tv, &sz) < 0)
+            ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
+                           "calling getsockopt()");
+        else
+            data->socket_timeout = ossl_time_from_timeval(tv);
+#  endif
+
+        /* Calculate time left until timer expires */
+        timeleft = ossl_time_subtract(data->next_timeout, ossl_time_now());
+        if (ossl_time_compare(timeleft, ossl_ticks2time(OSSL_TIME_US)) < 0)
+            timeleft = ossl_ticks2time(OSSL_TIME_US);
+
+        /*
+         * Adjust socket timeout if next handshake message timer will expire
+         * earlier.
+         */
+        if (ossl_time_is_zero(data->socket_timeout)
+            || ossl_time_compare(data->socket_timeout, timeleft) >= 0) {
+#  ifdef OPENSSL_SYS_WINDOWS
+            timeout = (int)ossl_time2ms(timeleft);
+            if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+                           (void *)&timeout, sizeof(timeout)) < 0)
+                ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
+                               "calling setsockopt()");
+#  else
+            tv = ossl_time_to_timeval(timeleft);
+            if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, &tv,
+                           sizeof(tv)) < 0)
+                ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
+                               "calling setsockopt()");
+#  endif
+        }
+    }
+# endif
+}
+
+static void dgram_update_local_addr(BIO *b)
+{
+    bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+    socklen_t addr_len = sizeof(data->local_addr);
+
+    if (getsockname(b->num, &data->local_addr.sa, &addr_len) < 0)
+        /*
+         * This should not be possible, but zero-initialize and return
+         * anyway.
+         */
+        BIO_ADDR_clear(&data->local_addr);
+}
+
+# if M_METHOD == M_METHOD_RECVMMSG || M_METHOD == M_METHOD_RECVMSG || M_METHOD == M_METHOD_WSARECVMSG
+static int dgram_get_sock_family(BIO *b)
+{
+    bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+    return data->local_addr.sa.sa_family;
+}
+# endif
+
+static void dgram_reset_rcv_timeout(BIO *b)
+{
+# if defined(SO_RCVTIMEO)
+    bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+
+    /* Is a timer active? */
+    if (!ossl_time_is_zero(data->next_timeout)) {
+#  ifdef OPENSSL_SYS_WINDOWS
+        int timeout = (int)ossl_time2ms(data->socket_timeout);
+
+        if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+                       (void *)&timeout, sizeof(timeout)) < 0)
+            ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
+                           "calling setsockopt()");
+#  else
+        struct timeval tv = ossl_time_to_timeval(data->socket_timeout);
+
+        if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv)) < 0)
+            ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
+                           "calling setsockopt()");
+#  endif
+    }
+# endif
+}
+
+static int dgram_read(BIO *b, char *out, int outl)
+{
+    int ret = 0;
+    bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+    int flags = 0;
+
+    BIO_ADDR peer;
+    socklen_t len = sizeof(peer);
+
+    if (out != NULL) {
+        clear_socket_error();
+        BIO_ADDR_clear(&peer);
+        dgram_adjust_rcv_timeout(b);
+        if (data->peekmode)
+            flags = MSG_PEEK;
+        ret = recvfrom(b->num, out, outl, flags,
+                       BIO_ADDR_sockaddr_noconst(&peer), &len);
+
+        if (!data->connected && ret >= 0)
+            BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &peer);
+
+        BIO_clear_retry_flags(b);
+        if (ret < 0) {
+            if (BIO_dgram_should_retry(ret)) {
+                BIO_set_retry_read(b);
+                data->_errno = get_last_socket_error();
+            }
+        }
+
+        dgram_reset_rcv_timeout(b);
+    }
+    return ret;
+}
+
+static int dgram_write(BIO *b, const char *in, int inl)
+{
+    int ret;
+    bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+    clear_socket_error();
+
+    if (data->connected)
+        ret = writesocket(b->num, in, inl);
+    else {
+        int peerlen = BIO_ADDR_sockaddr_size(&data->peer);
+
+        ret = sendto(b->num, in, inl, 0,
+                     BIO_ADDR_sockaddr(&data->peer), peerlen);
+    }
+
+    BIO_clear_retry_flags(b);
+    if (ret <= 0) {
+        if (BIO_dgram_should_retry(ret)) {
+            BIO_set_retry_write(b);
+            data->_errno = get_last_socket_error();
+        }
+    }
+    return ret;
+}
+
+static long dgram_get_mtu_overhead(bio_dgram_data *data)
+{
+    long ret;
+
+    switch (BIO_ADDR_family(&data->peer)) {
+    case AF_INET:
+        /*
+         * Assume this is UDP - 20 bytes for IP, 8 bytes for UDP
+         */
+        ret = 28;
+        break;
+# if OPENSSL_USE_IPV6
+    case AF_INET6:
+        {
+#  ifdef IN6_IS_ADDR_V4MAPPED
+            struct in6_addr tmp_addr;
+            if (BIO_ADDR_rawaddress(&data->peer, &tmp_addr, NULL)
+                && IN6_IS_ADDR_V4MAPPED(&tmp_addr))
+                /*
+                 * Assume this is UDP - 20 bytes for IP, 8 bytes for UDP
+                 */
+                ret = 28;
+            else
+#  endif
+            /*
+             * Assume this is UDP - 40 bytes for IP, 8 bytes for UDP
+             */
+            ret = 48;
+        }
+        break;
+# endif
+    default:
+        /* We don't know. Go with the historical default */
+        ret = 28;
+        break;
+    }
+    return ret;
+}
+
+/* Enables appropriate destination address reception option on the socket. */
+# if defined(SUPPORT_LOCAL_ADDR)
+static int enable_local_addr(BIO *b, int enable) {
+    int af = dgram_get_sock_family(b);
+
+    if (af == AF_INET) {
+#  if defined(IP_PKTINFO)
+        /* IP_PKTINFO is preferred */
+        if (setsockopt(b->num, IPPROTO_IP, IP_PKTINFO,
+                       (void *)&enable, sizeof(enable)) < 0)
+            return 0;
+
+        return 1;
+
+#  elif defined(IP_RECVDSTADDR)
+        /* Fall back to IP_RECVDSTADDR */
+
+        if (setsockopt(b->num, IPPROTO_IP, IP_RECVDSTADDR,
+                       &enable, sizeof(enable)) < 0)
+            return 0;
+
+        return 1;
+#  endif
+    }
+
+#  if OPENSSL_USE_IPV6
+    if (af == AF_INET6) {
+#   if defined(IPV6_RECVPKTINFO)
+        if (setsockopt(b->num, IPPROTO_IPV6, IPV6_RECVPKTINFO,
+                       &enable, sizeof(enable)) < 0)
+            return 0;
+
+        return 1;
+#   endif
+    }
+#  endif
+
+    return 0;
+}
+# endif
+
+static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    long ret = 1;
+    int *ip;
+    bio_dgram_data *data = NULL;
+# ifndef __DJGPP__
+    /* There are currently no cases where this is used on djgpp/watt32. */
+    int sockopt_val = 0;
+# endif
+    int d_errno;
+# if defined(OPENSSL_SYS_LINUX) && (defined(IP_MTU_DISCOVER) || defined(IP_MTU))
+    socklen_t sockopt_len;      /* assume that system supporting IP_MTU is
+                                 * modern enough to define socklen_t */
+    socklen_t addr_len;
+    BIO_ADDR addr;
+# endif
+
+    data = (bio_dgram_data *)b->ptr;
+
+    switch (cmd) {
+    case BIO_CTRL_RESET:
+        num = 0;
+        ret = 0;
+        break;
+    case BIO_CTRL_INFO:
+        ret = 0;
+        break;
+    case BIO_C_SET_FD:
+        dgram_clear(b);
+        b->num = *((int *)ptr);
+        b->shutdown = (int)num;
+        b->init = 1;
+        dgram_update_local_addr(b);
+# if defined(SUPPORT_LOCAL_ADDR)
+        if (data->local_addr_enabled) {
+            if (enable_local_addr(b, 1) < 1)
+                data->local_addr_enabled = 0;
+        }
+# endif
+        break;
+    case BIO_C_GET_FD:
+        if (b->init) {
+            ip = (int *)ptr;
+            if (ip != NULL)
+                *ip = b->num;
+            ret = b->num;
+        } else
+            ret = -1;
+        break;
+    case BIO_CTRL_GET_CLOSE:
+        ret = b->shutdown;
+        break;
+    case BIO_CTRL_SET_CLOSE:
+        b->shutdown = (int)num;
+        break;
+    case BIO_CTRL_PENDING:
+    case BIO_CTRL_WPENDING:
+        ret = 0;
+        break;
+    case BIO_CTRL_DUP:
+    case BIO_CTRL_FLUSH:
+        ret = 1;
+        break;
+    case BIO_CTRL_DGRAM_CONNECT:
+        BIO_ADDR_make(&data->peer, BIO_ADDR_sockaddr((BIO_ADDR *)ptr));
+        break;
+        /* (Linux)kernel sets DF bit on outgoing IP packets */
+    case BIO_CTRL_DGRAM_MTU_DISCOVER:
+# if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DO)
+        addr_len = (socklen_t) sizeof(addr);
+        BIO_ADDR_clear(&addr);
+        if (getsockname(b->num, &addr.sa, &addr_len) < 0) {
+            ret = 0;
+            break;
+        }
+        switch (addr.sa.sa_family) {
+        case AF_INET:
+            sockopt_val = IP_PMTUDISC_DO;
+            if ((ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER,
+                                  &sockopt_val, sizeof(sockopt_val))) < 0)
+                ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
+                               "calling setsockopt()");
+            break;
+#  if OPENSSL_USE_IPV6 && defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_DO)
+        case AF_INET6:
+            sockopt_val = IPV6_PMTUDISC_DO;
+            if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
+                                  &sockopt_val, sizeof(sockopt_val))) < 0)
+                ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
+                               "calling setsockopt()");
+            break;
+#  endif
+        default:
+            ret = -1;
+            break;
+        }
+# else
+        ret = -1;
+# endif
+        break;
+    case BIO_CTRL_DGRAM_QUERY_MTU:
+# if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU)
+        addr_len = (socklen_t) sizeof(addr);
+        BIO_ADDR_clear(&addr);
+        if (getsockname(b->num, &addr.sa, &addr_len) < 0) {
+            ret = 0;
+            break;
+        }
+        sockopt_len = sizeof(sockopt_val);
+        switch (addr.sa.sa_family) {
+        case AF_INET:
+            if ((ret =
+                 getsockopt(b->num, IPPROTO_IP, IP_MTU, (void *)&sockopt_val,
+                            &sockopt_len)) < 0 || sockopt_val < 0) {
+                ret = 0;
+            } else {
+                /*
+                 * we assume that the transport protocol is UDP and no IP
+                 * options are used.
+                 */
+                data->mtu = sockopt_val - 8 - 20;
+                ret = data->mtu;
+            }
+            break;
+#  if OPENSSL_USE_IPV6 && defined(IPV6_MTU)
+        case AF_INET6:
+            if ((ret =
+                 getsockopt(b->num, IPPROTO_IPV6, IPV6_MTU,
+                            (void *)&sockopt_val, &sockopt_len)) < 0
+                || sockopt_val < 0) {
+                ret = 0;
+            } else {
+                /*
+                 * we assume that the transport protocol is UDP and no IPV6
+                 * options are used.
+                 */
+                data->mtu = sockopt_val - 8 - 40;
+                ret = data->mtu;
+            }
+            break;
+#  endif
+        default:
+            ret = 0;
+            break;
+        }
+# else
+        ret = 0;
+# endif
+        break;
+    case BIO_CTRL_DGRAM_GET_FALLBACK_MTU:
+        ret = -dgram_get_mtu_overhead(data);
+        switch (BIO_ADDR_family(&data->peer)) {
+        case AF_INET:
+            ret += 576;
+            break;
+# if OPENSSL_USE_IPV6
+        case AF_INET6:
+            {
+#  ifdef IN6_IS_ADDR_V4MAPPED
+                struct in6_addr tmp_addr;
+                if (BIO_ADDR_rawaddress(&data->peer, &tmp_addr, NULL)
+                    && IN6_IS_ADDR_V4MAPPED(&tmp_addr))
+                    ret += 576;
+                else
+#  endif
+                    ret += 1280;
+            }
+            break;
+# endif
+        default:
+            ret += 576;
+            break;
+        }
+        break;
+    case BIO_CTRL_DGRAM_GET_MTU:
+        return data->mtu;
+    case BIO_CTRL_DGRAM_SET_MTU:
+        data->mtu = num;
+        ret = num;
+        break;
+    case BIO_CTRL_DGRAM_SET_CONNECTED:
+        if (ptr != NULL) {
+            data->connected = 1;
+            BIO_ADDR_make(&data->peer, BIO_ADDR_sockaddr((BIO_ADDR *)ptr));
+        } else {
+            data->connected = 0;
+            BIO_ADDR_clear(&data->peer);
+        }
+        break;
+    case BIO_CTRL_DGRAM_GET_PEER:
+        ret = BIO_ADDR_sockaddr_size(&data->peer);
+        /* FIXME: if num < ret, we will only return part of an address.
+           That should bee an error, no? */
+        if (num == 0 || num > ret)
+            num = ret;
+        memcpy(ptr, &data->peer, (ret = num));
+        break;
+    case BIO_CTRL_DGRAM_SET_PEER:
+        BIO_ADDR_make(&data->peer, BIO_ADDR_sockaddr((BIO_ADDR *)ptr));
+        break;
+    case BIO_CTRL_DGRAM_DETECT_PEER_ADDR:
+        {
+            BIO_ADDR xaddr, *p = &data->peer;
+            socklen_t xaddr_len = sizeof(xaddr.sa);
+
+            if (BIO_ADDR_family(p) == AF_UNSPEC) {
+                if (getpeername(b->num, (void *)&xaddr.sa, &xaddr_len) == 0
+                    && BIO_ADDR_family(&xaddr) != AF_UNSPEC) {
+                    p = &xaddr;
+                } else {
+                    ret = 0;
+                    break;
+                }
+            }
+
+            ret = BIO_ADDR_sockaddr_size(p);
+            if (num == 0 || num > ret)
+                num = ret;
+
+            memcpy(ptr, p, (ret = num));
+        }
+        break;
+    case BIO_C_SET_NBIO:
+        if (!BIO_socket_nbio(b->num, num != 0))
+            ret = 0;
+        break;
+    case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
+        data->next_timeout = ossl_time_from_timeval(*(struct timeval *)ptr);
+        break;
+# if defined(SO_RCVTIMEO)
+    case BIO_CTRL_DGRAM_SET_RECV_TIMEOUT:
+#  ifdef OPENSSL_SYS_WINDOWS
+        {
+            struct timeval *tv = (struct timeval *)ptr;
+            int timeout = tv->tv_sec * 1000 + tv->tv_usec / 1000;
+
+            if ((ret = setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+                                  (void *)&timeout, sizeof(timeout))) < 0)
+                ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
+                               "calling setsockopt()");
+        }
+#  else
+        if ((ret = setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, ptr,
+                              sizeof(struct timeval))) < 0)
+            ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
+                           "calling setsockopt()");
+#  endif
+        break;
+    case BIO_CTRL_DGRAM_GET_RECV_TIMEOUT:
+        {
+#  ifdef OPENSSL_SYS_WINDOWS
+            int sz = 0;
+            int timeout;
+            struct timeval *tv = (struct timeval *)ptr;
+
+            sz = sizeof(timeout);
+            if ((ret = getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+                                  (void *)&timeout, &sz)) < 0) {
+                ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
+                               "calling getsockopt()");
+            } else {
+                tv->tv_sec = timeout / 1000;
+                tv->tv_usec = (timeout % 1000) * 1000;
+                ret = sizeof(*tv);
+            }
+#  else
+            socklen_t sz = sizeof(struct timeval);
+            if ((ret = getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+                                  ptr, &sz)) < 0) {
+                ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
+                               "calling getsockopt()");
+            } else {
+                OPENSSL_assert((size_t)sz <= sizeof(struct timeval));
+                ret = (int)sz;
+            }
+#  endif
+        }
+        break;
+# endif
+# if defined(SO_SNDTIMEO)
+    case BIO_CTRL_DGRAM_SET_SEND_TIMEOUT:
+#  ifdef OPENSSL_SYS_WINDOWS
+        {
+            struct timeval *tv = (struct timeval *)ptr;
+            int timeout = tv->tv_sec * 1000 + tv->tv_usec / 1000;
+
+            if ((ret = setsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
+                                  (void *)&timeout, sizeof(timeout))) < 0)
+                ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
+                               "calling setsockopt()");
+        }
+#  else
+        if ((ret = setsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO, ptr,
+                              sizeof(struct timeval))) < 0)
+            ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
+                           "calling setsockopt()");
+#  endif
+        break;
+    case BIO_CTRL_DGRAM_GET_SEND_TIMEOUT:
+        {
+#  ifdef OPENSSL_SYS_WINDOWS
+            int sz = 0;
+            int timeout;
+            struct timeval *tv = (struct timeval *)ptr;
+
+            sz = sizeof(timeout);
+            if ((ret = getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
+                                  (void *)&timeout, &sz)) < 0) {
+                ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
+                               "calling getsockopt()");
+            } else {
+                tv->tv_sec = timeout / 1000;
+                tv->tv_usec = (timeout % 1000) * 1000;
+                ret = sizeof(*tv);
+            }
+#  else
+            socklen_t sz = sizeof(struct timeval);
+
+            if ((ret = getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
+                                  ptr, &sz)) < 0) {
+                ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
+                               "calling getsockopt()");
+            } else {
+                OPENSSL_assert((size_t)sz <= sizeof(struct timeval));
+                ret = (int)sz;
+            }
+#  endif
+        }
+        break;
+# endif
+    case BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP:
+        /* fall-through */
+    case BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP:
+# ifdef OPENSSL_SYS_WINDOWS
+        d_errno = (data->_errno == WSAETIMEDOUT);
+# else
+        d_errno = (data->_errno == EAGAIN);
+# endif
+        if (d_errno) {
+            ret = 1;
+            data->_errno = 0;
+        } else
+            ret = 0;
+        break;
+# ifdef EMSGSIZE
+    case BIO_CTRL_DGRAM_MTU_EXCEEDED:
+        if (data->_errno == EMSGSIZE) {
+            ret = 1;
+            data->_errno = 0;
+        } else
+            ret = 0;
+        break;
+# endif
+    case BIO_CTRL_DGRAM_SET_DONT_FRAG:
+        switch (data->peer.sa.sa_family) {
+        case AF_INET:
+# if defined(IP_DONTFRAG)
+            sockopt_val = num ? 1 : 0;
+            if ((ret = setsockopt(b->num, IPPROTO_IP, IP_DONTFRAG,
+                                  &sockopt_val, sizeof(sockopt_val))) < 0)
+                ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
+                               "calling setsockopt()");
+# elif defined(OPENSSL_SYS_LINUX) && defined(IP_MTU_DISCOVER) && defined (IP_PMTUDISC_PROBE)
+            sockopt_val = num ? IP_PMTUDISC_PROBE : IP_PMTUDISC_DONT;
+            if ((ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER,
+                                  &sockopt_val, sizeof(sockopt_val))) < 0)
+                ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
+                               "calling setsockopt()");
+# elif defined(OPENSSL_SYS_WINDOWS) && defined(IP_DONTFRAGMENT)
+            sockopt_val = num ? 1 : 0;
+            if ((ret = setsockopt(b->num, IPPROTO_IP, IP_DONTFRAGMENT,
+                                  (const char *)&sockopt_val,
+                                  sizeof(sockopt_val))) < 0)
+                ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
+                               "calling setsockopt()");
+# else
+            ret = -1;
+# endif
+            break;
+# if OPENSSL_USE_IPV6
+        case AF_INET6:
+#  if defined(IPV6_DONTFRAG)
+            sockopt_val = num ? 1 : 0;
+            if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_DONTFRAG,
+                                  (const void *)&sockopt_val,
+                                  sizeof(sockopt_val))) < 0)
+                ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
+                               "calling setsockopt()");
+
+#  elif defined(OPENSSL_SYS_LINUX) && defined(IPV6_MTUDISCOVER)
+            sockopt_val = num ? IP_PMTUDISC_PROBE : IP_PMTUDISC_DONT;
+            if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
+                                  &sockopt_val, sizeof(sockopt_val))) < 0)
+                ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
+                               "calling setsockopt()");
+#  else
+            ret = -1;
+#  endif
+            break;
+# endif
+        default:
+            ret = -1;
+            break;
+        }
+        break;
+    case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD:
+        ret = dgram_get_mtu_overhead(data);
+        break;
+
+    /*
+     * BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE is used here for compatibility
+     * reasons. When BIO_CTRL_DGRAM_SET_PEEK_MODE was first defined its value
+     * was incorrectly clashing with BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE. The
+     * value has been updated to a non-clashing value. However to preserve
+     * binary compatibility we now respond to both the old value and the new one
+     */
+    case BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE:
+    case BIO_CTRL_DGRAM_SET_PEEK_MODE:
+        data->peekmode = (unsigned int)num;
+        break;
+
+    case BIO_CTRL_DGRAM_GET_LOCAL_ADDR_CAP:
+# if defined(SUPPORT_LOCAL_ADDR)
+        ret = 1;
+# else
+        ret = 0;
+# endif
+        break;
+
+    case BIO_CTRL_DGRAM_SET_LOCAL_ADDR_ENABLE:
+# if defined(SUPPORT_LOCAL_ADDR)
+        num = num > 0;
+        if (num != data->local_addr_enabled) {
+            if (enable_local_addr(b, num) < 1) {
+                ret = 0;
+                break;
+            }
+
+            data->local_addr_enabled = (char)num;
+        }
+# else
+        ret = 0;
+# endif
+        break;
+
+    case BIO_CTRL_DGRAM_GET_LOCAL_ADDR_ENABLE:
+        *(int *)ptr = data->local_addr_enabled;
+        break;
+
+    case BIO_CTRL_DGRAM_GET_EFFECTIVE_CAPS:
+        ret = (long)(BIO_DGRAM_CAP_HANDLES_DST_ADDR
+                     | BIO_DGRAM_CAP_HANDLES_SRC_ADDR
+                     | BIO_DGRAM_CAP_PROVIDES_DST_ADDR
+                     | BIO_DGRAM_CAP_PROVIDES_SRC_ADDR);
+        break;
+
+    case BIO_CTRL_GET_RPOLL_DESCRIPTOR:
+    case BIO_CTRL_GET_WPOLL_DESCRIPTOR:
+        {
+            BIO_POLL_DESCRIPTOR *pd = ptr;
+
+            pd->type        = BIO_POLL_DESCRIPTOR_TYPE_SOCK_FD;
+            pd->value.fd    = b->num;
+        }
+        break;
+
+    default:
+        ret = 0;
+        break;
+    }
+    /* Normalize if error */
+    if (ret < 0)
+        ret = -1;
+    return ret;
+}
+
+static int dgram_puts(BIO *bp, const char *str)
+{
+    int n, ret;
+
+    n = strlen(str);
+    ret = dgram_write(bp, str, n);
+    return ret;
+}
+
+# if M_METHOD == M_METHOD_WSARECVMSG
+static void translate_msg_win(BIO *b, WSAMSG *mh, WSABUF *iov,
+                              unsigned char *control, BIO_MSG *msg)
+{
+    iov->len = msg->data_len;
+    iov->buf = msg->data;
+
+    /* Windows requires namelen to be set exactly */
+    mh->name = msg->peer != NULL ? &msg->peer->sa : NULL;
+    if (msg->peer != NULL && dgram_get_sock_family(b) == AF_INET)
+        mh->namelen = sizeof(struct sockaddr_in);
+#  if OPENSSL_USE_IPV6
+    else if (msg->peer != NULL && dgram_get_sock_family(b) == AF_INET6)
+        mh->namelen = sizeof(struct sockaddr_in6);
+#  endif
+    else
+        mh->namelen = 0;
+
+    /*
+     * When local address reception (IP_PKTINFO, etc.) is enabled, on Windows
+     * this causes WSARecvMsg to fail if the control buffer is too small to hold
+     * the structure, or if no control buffer is passed. So we need to give it
+     * the control buffer even if we aren't actually going to examine the
+     * result.
+     */
+    mh->lpBuffers       = iov;
+    mh->dwBufferCount   = 1;
+    mh->Control.len     = BIO_CMSG_ALLOC_LEN;
+    mh->Control.buf     = control;
+    mh->dwFlags         = 0;
+}
+# endif
+
+# if M_METHOD == M_METHOD_RECVMMSG || M_METHOD == M_METHOD_RECVMSG
+/* Translates a BIO_MSG to a msghdr and iovec. */
+static void translate_msg(BIO *b, struct msghdr *mh, struct iovec *iov,
+                          unsigned char *control, BIO_MSG *msg)
+{
+    iov->iov_base = msg->data;
+    iov->iov_len  = msg->data_len;
+
+    /* macOS requires msg_namelen be 0 if msg_name is NULL */
+    mh->msg_name = msg->peer != NULL ? &msg->peer->sa : NULL;
+    if (msg->peer != NULL && dgram_get_sock_family(b) == AF_INET)
+        mh->msg_namelen = sizeof(struct sockaddr_in);
+#  if OPENSSL_USE_IPV6
+    else if (msg->peer != NULL && dgram_get_sock_family(b) == AF_INET6)
+        mh->msg_namelen = sizeof(struct sockaddr_in6);
+#  endif
+    else
+        mh->msg_namelen = 0;
+
+    mh->msg_iov         = iov;
+    mh->msg_iovlen      = 1;
+    mh->msg_control     = msg->local != NULL ? control : NULL;
+    mh->msg_controllen  = msg->local != NULL ? BIO_CMSG_ALLOC_LEN : 0;
+    mh->msg_flags       = 0;
+}
+# endif
+
+# if M_METHOD == M_METHOD_RECVMMSG || M_METHOD == M_METHOD_RECVMSG || M_METHOD == M_METHOD_WSARECVMSG
+/* Extracts destination address from the control buffer. */
+static int extract_local(BIO *b, MSGHDR_TYPE *mh, BIO_ADDR *local) {
+#  if defined(IP_PKTINFO) || defined(IP_RECVDSTADDR) || defined(IPV6_PKTINFO)
+    CMSGHDR_TYPE *cmsg;
+    int af = dgram_get_sock_family(b);
+
+    for (cmsg = BIO_CMSG_FIRSTHDR(mh); cmsg != NULL;
+         cmsg = BIO_CMSG_NXTHDR(mh, cmsg)) {
+        if (af == AF_INET) {
+            if (cmsg->cmsg_level != IPPROTO_IP)
+                continue;
+
+#   if defined(IP_PKTINFO)
+            if (cmsg->cmsg_type != IP_PKTINFO)
+                continue;
+
+            local->s_in.sin_addr =
+                ((struct in_pktinfo *)BIO_CMSG_DATA(cmsg))->ipi_addr;
+
+#   elif defined(IP_RECVDSTADDR)
+            if (cmsg->cmsg_type != IP_RECVDSTADDR)
+                continue;
+
+            local->s_in.sin_addr = *(struct in_addr *)BIO_CMSG_DATA(cmsg);
+#   endif
+
+#   if defined(IP_PKTINFO) || defined(IP_RECVDSTADDR)
+            {
+                bio_dgram_data *data = b->ptr;
+
+                local->s_in.sin_family = AF_INET;
+                local->s_in.sin_port   = data->local_addr.s_in.sin_port;
+            }
+            return 1;
+#   endif
+        }
+#   if OPENSSL_USE_IPV6
+        else if (af == AF_INET6) {
+            if (cmsg->cmsg_level != IPPROTO_IPV6)
+                continue;
+
+#    if defined(IPV6_RECVPKTINFO)
+            if (cmsg->cmsg_type != IPV6_PKTINFO)
+                continue;
+
+            {
+                bio_dgram_data *data = b->ptr;
+
+                local->s_in6.sin6_addr     =
+                    ((struct in6_pktinfo *)BIO_CMSG_DATA(cmsg))->ipi6_addr;
+                local->s_in6.sin6_family   = AF_INET6;
+                local->s_in6.sin6_port     = data->local_addr.s_in6.sin6_port;
+                local->s_in6.sin6_scope_id =
+                    data->local_addr.s_in6.sin6_scope_id;
+                local->s_in6.sin6_flowinfo = 0;
+            }
+            return 1;
+#    endif
+        }
+#   endif
+    }
+#  endif
+
+    return 0;
+}
+
+static int pack_local(BIO *b, MSGHDR_TYPE *mh, const BIO_ADDR *local) {
+    int af = dgram_get_sock_family(b);
+#  if defined(IP_PKTINFO) || defined(IP_RECVDSTADDR) || defined(IPV6_PKTINFO)
+    CMSGHDR_TYPE *cmsg;
+    bio_dgram_data *data = b->ptr;
+#  endif
+
+    if (af == AF_INET) {
+#  if defined(IP_PKTINFO)
+        struct in_pktinfo *info;
+
+#   if defined(OPENSSL_SYS_WINDOWS)
+        cmsg = (CMSGHDR_TYPE *)mh->Control.buf;
+#   else
+        cmsg = (CMSGHDR_TYPE *)mh->msg_control;
+#   endif
+
+        cmsg->cmsg_len   = BIO_CMSG_LEN(sizeof(struct in_pktinfo));
+        cmsg->cmsg_level = IPPROTO_IP;
+        cmsg->cmsg_type  = IP_PKTINFO;
+
+        info = (struct in_pktinfo *)BIO_CMSG_DATA(cmsg);
+#   if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_CYGWIN)
+        info->ipi_spec_dst      = local->s_in.sin_addr;
+#   endif
+        info->ipi_addr.s_addr   = 0;
+        info->ipi_ifindex       = 0;
+
+        /*
+         * We cannot override source port using this API, therefore
+         * ensure the application specified a source port of 0
+         * or the one we are bound to. (Better to error than silently
+         * ignore this.)
+         */
+        if (local->s_in.sin_port != 0
+            && data->local_addr.s_in.sin_port != local->s_in.sin_port) {
+            ERR_raise(ERR_LIB_BIO, BIO_R_PORT_MISMATCH);
+            return 0;
+        }
+
+#   if defined(OPENSSL_SYS_WINDOWS)
+        mh->Control.len = BIO_CMSG_SPACE(sizeof(struct in_pktinfo));
+#   else
+        mh->msg_controllen = BIO_CMSG_SPACE(sizeof(struct in_pktinfo));
+#   endif
+        return 1;
+
+#  elif defined(IP_SENDSRCADDR)
+        struct in_addr *info;
+
+        /*
+         * At least FreeBSD is very pedantic about using IP_SENDSRCADDR when we
+         * are not bound to 0.0.0.0 or ::, even if the address matches what we
+         * bound to. Support this by not packing the structure if the address
+         * matches our understanding of our local address. IP_SENDSRCADDR is a
+         * BSD thing, so we don't need an explicit test for BSD here.
+         */
+        if (local->s_in.sin_addr.s_addr == data->local_addr.s_in.sin_addr.s_addr) {
+            mh->msg_control    = NULL;
+            mh->msg_controllen = 0;
+            return 1;
+        }
+
+        cmsg = (struct cmsghdr *)mh->msg_control;
+        cmsg->cmsg_len   = BIO_CMSG_LEN(sizeof(struct in_addr));
+        cmsg->cmsg_level = IPPROTO_IP;
+        cmsg->cmsg_type  = IP_SENDSRCADDR;
+
+        info = (struct in_addr *)BIO_CMSG_DATA(cmsg);
+        *info = local->s_in.sin_addr;
+
+        /* See comment above. */
+        if (local->s_in.sin_port != 0
+            && data->local_addr.s_in.sin_port != local->s_in.sin_port) {
+            ERR_raise(ERR_LIB_BIO, BIO_R_PORT_MISMATCH);
+            return 0;
+        }
+
+        mh->msg_controllen = BIO_CMSG_SPACE(sizeof(struct in_addr));
+        return 1;
+#  endif
+    }
+#  if OPENSSL_USE_IPV6
+    else if (af == AF_INET6) {
+#   if defined(IPV6_PKTINFO)
+        struct in6_pktinfo *info;
+
+#    if defined(OPENSSL_SYS_WINDOWS)
+        cmsg = (CMSGHDR_TYPE *)mh->Control.buf;
+#    else
+        cmsg = (CMSGHDR_TYPE *)mh->msg_control;
+#    endif
+        cmsg->cmsg_len   = BIO_CMSG_LEN(sizeof(struct in6_pktinfo));
+        cmsg->cmsg_level = IPPROTO_IPV6;
+        cmsg->cmsg_type  = IPV6_PKTINFO;
+
+        info = (struct in6_pktinfo *)BIO_CMSG_DATA(cmsg);
+        info->ipi6_addr     = local->s_in6.sin6_addr;
+        info->ipi6_ifindex  = 0;
+
+        /*
+         * See comment above, but also applies to the other fields
+         * in sockaddr_in6.
+         */
+        if (local->s_in6.sin6_port != 0
+            && data->local_addr.s_in6.sin6_port != local->s_in6.sin6_port) {
+            ERR_raise(ERR_LIB_BIO, BIO_R_PORT_MISMATCH);
+            return 0;
+        }
+
+        if (local->s_in6.sin6_scope_id != 0
+            && data->local_addr.s_in6.sin6_scope_id != local->s_in6.sin6_scope_id) {
+            ERR_raise(ERR_LIB_BIO, BIO_R_PORT_MISMATCH);
+            return 0;
+        }
+
+#    if defined(OPENSSL_SYS_WINDOWS)
+        mh->Control.len = BIO_CMSG_SPACE(sizeof(struct in6_pktinfo));
+#    else
+        mh->msg_controllen = BIO_CMSG_SPACE(sizeof(struct in6_pktinfo));
+#    endif
+        return 1;
+#   endif
+    }
+#  endif
+
+    return 0;
+}
+# endif
+
+/*
+ * Converts flags passed to BIO_sendmmsg or BIO_recvmmsg to syscall flags. You
+ * should mask out any system flags returned by this function you cannot support
+ * in a particular circumstance. Currently no flags are defined.
+ */
+# if M_METHOD != M_METHOD_NONE
+static int translate_flags(uint64_t flags) {
+    return 0;
+}
+# endif
+
+static int dgram_sendmmsg(BIO *b, BIO_MSG *msg, size_t stride,
+                          size_t num_msg, uint64_t flags, size_t *num_processed)
+{
+# if M_METHOD != M_METHOD_NONE && M_METHOD != M_METHOD_RECVMSG
+    int ret;
+# endif
+# if M_METHOD == M_METHOD_RECVMMSG
+#  define BIO_MAX_MSGS_PER_CALL   64
+    int sysflags;
+    bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+    size_t i;
+    struct mmsghdr mh[BIO_MAX_MSGS_PER_CALL];
+    struct iovec iov[BIO_MAX_MSGS_PER_CALL];
+    unsigned char control[BIO_MAX_MSGS_PER_CALL][BIO_CMSG_ALLOC_LEN];
+    int have_local_enabled = data->local_addr_enabled;
+# elif M_METHOD == M_METHOD_RECVMSG
+    int sysflags;
+    bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+    ossl_ssize_t l;
+    struct msghdr mh;
+    struct iovec iov;
+    unsigned char control[BIO_CMSG_ALLOC_LEN];
+    int have_local_enabled = data->local_addr_enabled;
+# elif M_METHOD == M_METHOD_WSARECVMSG
+    bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+    int have_local_enabled = data->local_addr_enabled;
+    WSAMSG wmsg;
+    WSABUF wbuf;
+    DWORD num_bytes_sent = 0;
+    unsigned char control[BIO_CMSG_ALLOC_LEN];
+# endif
+# if M_METHOD == M_METHOD_RECVFROM || M_METHOD == M_METHOD_WSARECVMSG
+    int sysflags;
+# endif
+
+    if (num_msg == 0) {
+        *num_processed = 0;
+        return 1;
+    }
+
+    if (num_msg > OSSL_SSIZE_MAX)
+        num_msg = OSSL_SSIZE_MAX;
+
+# if M_METHOD != M_METHOD_NONE
+    sysflags = translate_flags(flags);
+# endif
+
+# if M_METHOD == M_METHOD_RECVMMSG
+    /*
+     * In the sendmmsg/recvmmsg case, we need to allocate our translated struct
+     * msghdr and struct iovec on the stack to support multithreaded use. Thus
+     * we place a fixed limit on the number of messages per call, in the
+     * expectation that we will be called again if there were more messages to
+     * be sent.
+     */
+    if (num_msg > BIO_MAX_MSGS_PER_CALL)
+        num_msg = BIO_MAX_MSGS_PER_CALL;
+
+    for (i = 0; i < num_msg; ++i) {
+        translate_msg(b, &mh[i].msg_hdr, &iov[i],
+                      control[i], &BIO_MSG_N(msg, stride, i));
+
+        /* If local address was requested, it must have been enabled */
+        if (BIO_MSG_N(msg, stride, i).local != NULL) {
+            if (!have_local_enabled) {
+                ERR_raise(ERR_LIB_BIO, BIO_R_LOCAL_ADDR_NOT_AVAILABLE);
+                *num_processed = 0;
+                return 0;
+            }
+
+            if (pack_local(b, &mh[i].msg_hdr,
+                           BIO_MSG_N(msg, stride, i).local) < 1) {
+                ERR_raise(ERR_LIB_BIO, BIO_R_LOCAL_ADDR_NOT_AVAILABLE);
+                *num_processed = 0;
+                return 0;
+            }
+        }
+    }
+
+    /* Do the batch */
+    ret = sendmmsg(b->num, mh, num_msg, sysflags);
+    if (ret < 0) {
+        ERR_raise(ERR_LIB_SYS, get_last_socket_error());
+        *num_processed = 0;
+        return 0;
+    }
+
+    for (i = 0; i < (size_t)ret; ++i) {
+        BIO_MSG_N(msg, stride, i).data_len = mh[i].msg_len;
+        BIO_MSG_N(msg, stride, i).flags    = 0;
+    }
+
+    *num_processed = (size_t)ret;
+    return 1;
+
+# elif M_METHOD == M_METHOD_RECVMSG
+    /*
+     * If sendmsg is available, use it.
+     */
+    translate_msg(b, &mh, &iov, control, msg);
+
+    if (msg->local != NULL) {
+        if (!have_local_enabled) {
+            ERR_raise(ERR_LIB_BIO, BIO_R_LOCAL_ADDR_NOT_AVAILABLE);
+            *num_processed = 0;
+            return 0;
+        }
+
+        if (pack_local(b, &mh, msg->local) < 1) {
+            ERR_raise(ERR_LIB_BIO, BIO_R_LOCAL_ADDR_NOT_AVAILABLE);
+            *num_processed = 0;
+            return 0;
+        }
+    }
+
+    l = sendmsg(b->num, &mh, sysflags);
+    if (l < 0) {
+        ERR_raise(ERR_LIB_SYS, get_last_socket_error());
+        *num_processed = 0;
+        return 0;
+    }
+
+    msg->data_len   = (size_t)l;
+    msg->flags      = 0;
+    *num_processed  = 1;
+    return 1;
+
+# elif M_METHOD == M_METHOD_WSARECVMSG || M_METHOD == M_METHOD_RECVFROM
+#  if M_METHOD == M_METHOD_WSARECVMSG
+    if (bio_WSASendMsg != NULL) {
+        /* WSASendMsg-based implementation for Windows. */
+        translate_msg_win(b, &wmsg, &wbuf, control, msg);
+
+        if (msg[0].local != NULL) {
+            if (!have_local_enabled) {
+                ERR_raise(ERR_LIB_BIO, BIO_R_LOCAL_ADDR_NOT_AVAILABLE);
+                *num_processed = 0;
+                return 0;
+            }
+
+            if (pack_local(b, &wmsg, msg[0].local) < 1) {
+                ERR_raise(ERR_LIB_BIO, BIO_R_LOCAL_ADDR_NOT_AVAILABLE);
+                *num_processed = 0;
+                return 0;
+            }
+        }
+
+        ret = WSASendMsg((SOCKET)b->num, &wmsg, 0, &num_bytes_sent, NULL, NULL);
+        if (ret < 0) {
+            ERR_raise(ERR_LIB_SYS, get_last_socket_error());
+            *num_processed = 0;
+            return 0;
+        }
+
+        msg[0].data_len = num_bytes_sent;
+        msg[0].flags    = 0;
+        *num_processed  = 1;
+        return 1;
+    }
+#  endif
+
+    /*
+     * Fallback to sendto and send a single message.
+     */
+    if (msg[0].local != NULL) {
+        /*
+         * We cannot set the local address if using sendto
+         * so fail in this case
+         */
+        ERR_raise(ERR_LIB_BIO, BIO_R_LOCAL_ADDR_NOT_AVAILABLE);
+        *num_processed = 0;
+        return 0;
+    }
+
+    ret = sendto(b->num, msg[0].data,
+#  if defined(OPENSSL_SYS_WINDOWS)
+                 (int)msg[0].data_len,
+#  else
+                 msg[0].data_len,
+#  endif
+                 sysflags,
+                 msg[0].peer != NULL ? BIO_ADDR_sockaddr(msg[0].peer) : NULL,
+                 msg[0].peer != NULL ? BIO_ADDR_sockaddr_size(msg[0].peer) : 0);
+    if (ret <= 0) {
+        ERR_raise(ERR_LIB_SYS, get_last_socket_error());
+        *num_processed = 0;
+        return 0;
+    }
+
+    msg[0].data_len = ret;
+    msg[0].flags    = 0;
+    *num_processed  = 1;
+    return 1;
+
+# else
+    ERR_raise(ERR_LIB_BIO, BIO_R_UNSUPPORTED_METHOD);
+    *num_processed = 0;
+    return 0;
+# endif
+}
+
+static int dgram_recvmmsg(BIO *b, BIO_MSG *msg,
+                          size_t stride, size_t num_msg,
+                          uint64_t flags, size_t *num_processed)
+{
+# if M_METHOD != M_METHOD_NONE && M_METHOD != M_METHOD_RECVMSG
+    int ret;
+# endif
+# if M_METHOD == M_METHOD_RECVMMSG
+    int sysflags;
+    bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+    size_t i;
+    struct mmsghdr mh[BIO_MAX_MSGS_PER_CALL];
+    struct iovec iov[BIO_MAX_MSGS_PER_CALL];
+    unsigned char control[BIO_MAX_MSGS_PER_CALL][BIO_CMSG_ALLOC_LEN];
+    int have_local_enabled = data->local_addr_enabled;
+# elif M_METHOD == M_METHOD_RECVMSG
+    int sysflags;
+    bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+    ossl_ssize_t l;
+    struct msghdr mh;
+    struct iovec iov;
+    unsigned char control[BIO_CMSG_ALLOC_LEN];
+    int have_local_enabled = data->local_addr_enabled;
+# elif M_METHOD == M_METHOD_WSARECVMSG
+    bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+    int have_local_enabled = data->local_addr_enabled;
+    WSAMSG wmsg;
+    WSABUF wbuf;
+    DWORD num_bytes_received = 0;
+    unsigned char control[BIO_CMSG_ALLOC_LEN];
+# endif
+# if M_METHOD == M_METHOD_RECVFROM || M_METHOD == M_METHOD_WSARECVMSG
+    int sysflags;
+    socklen_t slen;
+# endif
+
+    if (num_msg == 0) {
+        *num_processed = 0;
+        return 1;
+    }
+
+    if (num_msg > OSSL_SSIZE_MAX)
+        num_msg = OSSL_SSIZE_MAX;
+
+# if M_METHOD != M_METHOD_NONE
+    sysflags = translate_flags(flags);
+# endif
+
+# if M_METHOD == M_METHOD_RECVMMSG
+    /*
+     * In the sendmmsg/recvmmsg case, we need to allocate our translated struct
+     * msghdr and struct iovec on the stack to support multithreaded use. Thus
+     * we place a fixed limit on the number of messages per call, in the
+     * expectation that we will be called again if there were more messages to
+     * be sent.
+     */
+    if (num_msg > BIO_MAX_MSGS_PER_CALL)
+        num_msg = BIO_MAX_MSGS_PER_CALL;
+
+    for (i = 0; i < num_msg; ++i) {
+        translate_msg(b, &mh[i].msg_hdr, &iov[i],
+                      control[i], &BIO_MSG_N(msg, stride, i));
+
+        /* If local address was requested, it must have been enabled */
+        if (BIO_MSG_N(msg, stride, i).local != NULL && !have_local_enabled) {
+            ERR_raise(ERR_LIB_BIO, BIO_R_LOCAL_ADDR_NOT_AVAILABLE);
+            *num_processed = 0;
+            return 0;
+        }
+    }
+
+    /* Do the batch */
+    ret = recvmmsg(b->num, mh, num_msg, sysflags, NULL);
+    if (ret < 0) {
+        ERR_raise(ERR_LIB_SYS, get_last_socket_error());
+        *num_processed = 0;
+        return 0;
+    }
+
+    for (i = 0; i < (size_t)ret; ++i) {
+        BIO_MSG_N(msg, stride, i).data_len = mh[i].msg_len;
+        BIO_MSG_N(msg, stride, i).flags    = 0;
+        /*
+         * *(msg->peer) will have been filled in by recvmmsg;
+         * for msg->local we parse the control data returned
+         */
+        if (BIO_MSG_N(msg, stride, i).local != NULL)
+            if (extract_local(b, &mh[i].msg_hdr,
+                              BIO_MSG_N(msg, stride, i).local) < 1)
+                /*
+                 * It appears BSDs do not support local addresses for
+                 * loopback sockets. In this case, just clear the local
+                 * address, as for OS X and Windows in some circumstances
+                 * (see below).
+                 */
+                BIO_ADDR_clear(msg->local);
+    }
+
+    *num_processed = (size_t)ret;
+    return 1;
+
+# elif M_METHOD == M_METHOD_RECVMSG
+    /*
+     * If recvmsg is available, use it.
+     */
+    translate_msg(b, &mh, &iov, control, msg);
+
+    /* If local address was requested, it must have been enabled */
+    if (msg->local != NULL && !have_local_enabled) {
+        /*
+         * If we have done at least one message, we must return the
+         * count; if we haven't done any, we can give an error code
+         */
+        ERR_raise(ERR_LIB_BIO, BIO_R_LOCAL_ADDR_NOT_AVAILABLE);
+        *num_processed = 0;
+        return 0;
+    }
+
+    l = recvmsg(b->num, &mh, sysflags);
+    if (l < 0) {
+        ERR_raise(ERR_LIB_SYS, get_last_socket_error());
+        *num_processed = 0;
+        return 0;
+    }
+
+    msg->data_len   = (size_t)l;
+    msg->flags      = 0;
+
+    if (msg->local != NULL)
+        if (extract_local(b, &mh, msg->local) < 1)
+            /*
+             * OS X exhibits odd behaviour where it appears that if a packet is
+             * sent before the receiving interface enables IP_PKTINFO, it will
+             * sometimes not have any control data returned even if the
+             * receiving interface enables IP_PKTINFO before calling recvmsg().
+             * This appears to occur non-deterministically. Presumably, OS X
+             * handles IP_PKTINFO at the time the packet is enqueued into a
+             * socket's receive queue, rather than at the time recvmsg() is
+             * called, unlike most other operating systems. Thus (if this
+             * hypothesis is correct) there is a race between where IP_PKTINFO
+             * is enabled by the process and when the kernel's network stack
+             * queues the incoming message.
+             *
+             * We cannot return the local address if we do not have it, but this
+             * is not a caller error either, so just return a zero address
+             * structure. This is similar to how we handle Windows loopback
+             * interfaces (see below). We enable this workaround for all
+             * platforms, not just Apple, as this kind of quirk in OS networking
+             * stacks seems to be common enough that failing hard if a local
+             * address is not provided appears to be too brittle.
+             */
+            BIO_ADDR_clear(msg->local);
+
+    *num_processed = 1;
+    return 1;
+
+# elif M_METHOD == M_METHOD_RECVFROM || M_METHOD == M_METHOD_WSARECVMSG
+#  if M_METHOD == M_METHOD_WSARECVMSG
+    if (bio_WSARecvMsg != NULL) {
+        /* WSARecvMsg-based implementation for Windows. */
+        translate_msg_win(b, &wmsg, &wbuf, control, msg);
+
+        /* If local address was requested, it must have been enabled */
+        if (msg[0].local != NULL && !have_local_enabled) {
+            ERR_raise(ERR_LIB_BIO, BIO_R_LOCAL_ADDR_NOT_AVAILABLE);
+            *num_processed = 0;
+            return 0;
+        }
+
+        ret = WSARecvMsg((SOCKET)b->num, &wmsg, &num_bytes_received, NULL, NULL);
+        if (ret < 0) {
+            ERR_raise(ERR_LIB_SYS, get_last_socket_error());
+            *num_processed = 0;
+            return 0;
+        }
+
+        msg[0].data_len = num_bytes_received;
+        msg[0].flags    = 0;
+        if (msg[0].local != NULL)
+            if (extract_local(b, &wmsg, msg[0].local) < 1)
+                /*
+                 * On Windows, loopback is not a "proper" interface and it works
+                 * differently; packets are essentially short-circuited and
+                 * don't go through all of the normal processing. A consequence
+                 * of this is that packets sent from the local machine to the
+                 * local machine _will not have IP_PKTINFO_ even if the
+                 * IP_PKTINFO socket option is enabled. WSARecvMsg just sets
+                 * Control.len to 0 on returning.
+                 *
+                 * This applies regardless of whether the loopback address,
+                 * 127.0.0.1 is used, or a local interface address (e.g.
+                 * 192.168.1.1); in both cases IP_PKTINFO will not be present.
+                 *
+                 * We report this condition by setting the local BIO_ADDR's
+                 * family to 0.
+                 */
+                BIO_ADDR_clear(msg[0].local);
+
+        *num_processed = 1;
+        return 1;
+    }
+#  endif
+
+    /*
+     * Fallback to recvfrom and receive a single message.
+     */
+    if (msg[0].local != NULL) {
+        /*
+         * We cannot determine the local address if using recvfrom
+         * so fail in this case
+         */
+        ERR_raise(ERR_LIB_BIO, BIO_R_LOCAL_ADDR_NOT_AVAILABLE);
+        *num_processed = 0;
+        return 0;
+    }
+
+    slen = sizeof(*msg[0].peer);
+    ret = recvfrom(b->num, msg[0].data,
+#  if defined(OPENSSL_SYS_WINDOWS)
+                   (int)msg[0].data_len,
+#  else
+                   msg[0].data_len,
+#  endif
+                   sysflags,
+                   msg[0].peer != NULL ? &msg[0].peer->sa : NULL,
+                   msg[0].peer != NULL ? &slen : NULL);
+    if (ret <= 0) {
+        ERR_raise(ERR_LIB_SYS, get_last_socket_error());
+        return 0;
+    }
+
+    msg[0].data_len = ret;
+    msg[0].flags    = 0;
+    *num_processed = 1;
+    return 1;
+
+# else
+    ERR_raise(ERR_LIB_BIO, BIO_R_UNSUPPORTED_METHOD);
+    *num_processed = 0;
+    return 0;
+# endif
+}
+
+# ifndef OPENSSL_NO_SCTP
+const BIO_METHOD *BIO_s_datagram_sctp(void)
+{
+    return &methods_dgramp_sctp;
+}
+
+BIO *BIO_new_dgram_sctp(int fd, int close_flag)
+{
+    BIO *bio;
+    int ret, optval = 20000;
+    int auth_data = 0, auth_forward = 0;
+    unsigned char *p;
+    struct sctp_authchunk auth;
+    struct sctp_authchunks *authchunks;
+    socklen_t sockopt_len;
+#  ifdef SCTP_AUTHENTICATION_EVENT
+#   ifdef SCTP_EVENT
+    struct sctp_event event;
+#   else
+    struct sctp_event_subscribe event;
+#   endif
+#  endif
+
+    bio = BIO_new(BIO_s_datagram_sctp());
+    if (bio == NULL)
+        return NULL;
+    BIO_set_fd(bio, fd, close_flag);
+
+    /* Activate SCTP-AUTH for DATA and FORWARD-TSN chunks */
+    auth.sauth_chunk = OPENSSL_SCTP_DATA_CHUNK_TYPE;
+    ret =
+        setsockopt(fd, IPPROTO_SCTP, SCTP_AUTH_CHUNK, &auth,
+                   sizeof(struct sctp_authchunk));
+    if (ret < 0) {
+        BIO_vfree(bio);
+        ERR_raise_data(ERR_LIB_BIO, ERR_R_SYS_LIB,
+                       "Ensure SCTP AUTH chunks are enabled in kernel");
+        return NULL;
+    }
+    auth.sauth_chunk = OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE;
+    ret =
+        setsockopt(fd, IPPROTO_SCTP, SCTP_AUTH_CHUNK, &auth,
+                   sizeof(struct sctp_authchunk));
+    if (ret < 0) {
+        BIO_vfree(bio);
+        ERR_raise_data(ERR_LIB_BIO, ERR_R_SYS_LIB,
+                       "Ensure SCTP AUTH chunks are enabled in kernel");
+        return NULL;
+    }
+
+    /*
+     * Test if activation was successful. When using accept(), SCTP-AUTH has
+     * to be activated for the listening socket already, otherwise the
+     * connected socket won't use it. Similarly with connect(): the socket
+     * prior to connection must be activated for SCTP-AUTH
+     */
+    sockopt_len = (socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
+    authchunks = OPENSSL_zalloc(sockopt_len);
+    if (authchunks == NULL) {
+        BIO_vfree(bio);
+        return NULL;
+    }
+    ret = getsockopt(fd, IPPROTO_SCTP, SCTP_LOCAL_AUTH_CHUNKS, authchunks,
+                   &sockopt_len);
+    if (ret < 0) {
+        OPENSSL_free(authchunks);
+        BIO_vfree(bio);
+        return NULL;
+    }
+
+    for (p = (unsigned char *)authchunks->gauth_chunks;
+         p < (unsigned char *)authchunks + sockopt_len;
+         p += sizeof(uint8_t)) {
+        if (*p == OPENSSL_SCTP_DATA_CHUNK_TYPE)
+            auth_data = 1;
+        if (*p == OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE)
+            auth_forward = 1;
+    }
+
+    OPENSSL_free(authchunks);
+
+    if (!auth_data || !auth_forward) {
+        BIO_vfree(bio);
+        ERR_raise_data(ERR_LIB_BIO, ERR_R_SYS_LIB,
+                       "Ensure SCTP AUTH chunks are enabled on the "
+                       "underlying socket");
+        return NULL;
+    }
+
+#  ifdef SCTP_AUTHENTICATION_EVENT
+#   ifdef SCTP_EVENT
+    memset(&event, 0, sizeof(event));
+    event.se_assoc_id = 0;
+    event.se_type = SCTP_AUTHENTICATION_EVENT;
+    event.se_on = 1;
+    ret =
+        setsockopt(fd, IPPROTO_SCTP, SCTP_EVENT, &event,
+                   sizeof(struct sctp_event));
+    if (ret < 0) {
+        BIO_vfree(bio);
+        return NULL;
+    }
+#   else
+    sockopt_len = (socklen_t) sizeof(struct sctp_event_subscribe);
+    ret = getsockopt(fd, IPPROTO_SCTP, SCTP_EVENTS, &event, &sockopt_len);
+    if (ret < 0) {
+        BIO_vfree(bio);
+        return NULL;
+    }
+
+    event.sctp_authentication_event = 1;
+
+    ret =
+        setsockopt(fd, IPPROTO_SCTP, SCTP_EVENTS, &event,
+                   sizeof(struct sctp_event_subscribe));
+    if (ret < 0) {
+        BIO_vfree(bio);
+        return NULL;
+    }
+#   endif
+#  endif
+
+    /*
+     * Disable partial delivery by setting the min size larger than the max
+     * record size of 2^14 + 2048 + 13
+     */
+    ret =
+        setsockopt(fd, IPPROTO_SCTP, SCTP_PARTIAL_DELIVERY_POINT, &optval,
+                   sizeof(optval));
+    if (ret < 0) {
+        BIO_vfree(bio);
+        return NULL;
+    }
+
+    return bio;
+}
+
+int BIO_dgram_is_sctp(BIO *bio)
+{
+    return (BIO_method_type(bio) == BIO_TYPE_DGRAM_SCTP);
+}
+
+static int dgram_sctp_new(BIO *bi)
+{
+    bio_dgram_sctp_data *data = NULL;
+
+    bi->init = 0;
+    bi->num = 0;
+    if ((data = OPENSSL_zalloc(sizeof(*data))) == NULL)
+        return 0;
+#  ifdef SCTP_PR_SCTP_NONE
+    data->prinfo.pr_policy = SCTP_PR_SCTP_NONE;
+#  endif
+    bi->ptr = data;
+
+    bi->flags = 0;
+    return 1;
+}
+
+static int dgram_sctp_free(BIO *a)
+{
+    bio_dgram_sctp_data *data;
+
+    if (a == NULL)
+        return 0;
+    if (!dgram_clear(a))
+        return 0;
+
+    data = (bio_dgram_sctp_data *) a->ptr;
+    if (data != NULL)
+        OPENSSL_free(data);
+
+    return 1;
+}
+
+#  ifdef SCTP_AUTHENTICATION_EVENT
+void dgram_sctp_handle_auth_free_key_event(BIO *b,
+                                           union sctp_notification *snp)
+{
+    int ret;
+    struct sctp_authkey_event *authkeyevent = &snp->sn_auth_event;
+
+    if (authkeyevent->auth_indication == SCTP_AUTH_FREE_KEY) {
+        struct sctp_authkeyid authkeyid;
+
+        /* delete key */
+        authkeyid.scact_keynumber = authkeyevent->auth_keynumber;
+        ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY,
+                         &authkeyid, sizeof(struct sctp_authkeyid));
+    }
+}
+#  endif
+
+static int dgram_sctp_read(BIO *b, char *out, int outl)
+{
+    int ret = 0, n = 0, i, optval;
+    socklen_t optlen;
+    bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
+    struct msghdr msg;
+    struct iovec iov;
+    struct cmsghdr *cmsg;
+    char cmsgbuf[512];
+
+    if (out != NULL) {
+        clear_socket_error();
+
+        do {
+            memset(&data->rcvinfo, 0, sizeof(data->rcvinfo));
+            iov.iov_base = out;
+            iov.iov_len = outl;
+            msg.msg_name = NULL;
+            msg.msg_namelen = 0;
+            msg.msg_iov = &iov;
+            msg.msg_iovlen = 1;
+            msg.msg_control = cmsgbuf;
+            msg.msg_controllen = 512;
+            msg.msg_flags = 0;
+            n = recvmsg(b->num, &msg, 0);
+
+            if (n <= 0) {
+                if (n < 0)
+                    ret = n;
+                break;
+            }
+
+            if (msg.msg_controllen > 0) {
+                for (cmsg = CMSG_FIRSTHDR(&msg); cmsg;
+                     cmsg = CMSG_NXTHDR(&msg, cmsg)) {
+                    if (cmsg->cmsg_level != IPPROTO_SCTP)
+                        continue;
+#  ifdef SCTP_RCVINFO
+                    if (cmsg->cmsg_type == SCTP_RCVINFO) {
+                        struct sctp_rcvinfo *rcvinfo;
+
+                        rcvinfo = (struct sctp_rcvinfo *)CMSG_DATA(cmsg);
+                        data->rcvinfo.rcv_sid = rcvinfo->rcv_sid;
+                        data->rcvinfo.rcv_ssn = rcvinfo->rcv_ssn;
+                        data->rcvinfo.rcv_flags = rcvinfo->rcv_flags;
+                        data->rcvinfo.rcv_ppid = rcvinfo->rcv_ppid;
+                        data->rcvinfo.rcv_tsn = rcvinfo->rcv_tsn;
+                        data->rcvinfo.rcv_cumtsn = rcvinfo->rcv_cumtsn;
+                        data->rcvinfo.rcv_context = rcvinfo->rcv_context;
+                    }
+#  endif
+#  ifdef SCTP_SNDRCV
+                    if (cmsg->cmsg_type == SCTP_SNDRCV) {
+                        struct sctp_sndrcvinfo *sndrcvinfo;
+
+                        sndrcvinfo =
+                            (struct sctp_sndrcvinfo *)CMSG_DATA(cmsg);
+                        data->rcvinfo.rcv_sid = sndrcvinfo->sinfo_stream;
+                        data->rcvinfo.rcv_ssn = sndrcvinfo->sinfo_ssn;
+                        data->rcvinfo.rcv_flags = sndrcvinfo->sinfo_flags;
+                        data->rcvinfo.rcv_ppid = sndrcvinfo->sinfo_ppid;
+                        data->rcvinfo.rcv_tsn = sndrcvinfo->sinfo_tsn;
+                        data->rcvinfo.rcv_cumtsn = sndrcvinfo->sinfo_cumtsn;
+                        data->rcvinfo.rcv_context = sndrcvinfo->sinfo_context;
+                    }
+#  endif
+                }
+            }
+
+            if (msg.msg_flags & MSG_NOTIFICATION) {
+                union sctp_notification snp;
+
+                memcpy(&snp, out, sizeof(snp));
+                if (snp.sn_header.sn_type == SCTP_SENDER_DRY_EVENT) {
+#  ifdef SCTP_EVENT
+                    struct sctp_event event;
+#  else
+                    struct sctp_event_subscribe event;
+                    socklen_t eventsize;
+#  endif
+
+                    /* disable sender dry event */
+#  ifdef SCTP_EVENT
+                    memset(&event, 0, sizeof(event));
+                    event.se_assoc_id = 0;
+                    event.se_type = SCTP_SENDER_DRY_EVENT;
+                    event.se_on = 0;
+                    i = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
+                                   sizeof(struct sctp_event));
+                    if (i < 0) {
+                        ret = i;
+                        break;
+                    }
+#  else
+                    eventsize = sizeof(struct sctp_event_subscribe);
+                    i = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
+                                   &eventsize);
+                    if (i < 0) {
+                        ret = i;
+                        break;
+                    }
+
+                    event.sctp_sender_dry_event = 0;
+
+                    i = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
+                                   sizeof(struct sctp_event_subscribe));
+                    if (i < 0) {
+                        ret = i;
+                        break;
+                    }
+#  endif
+                }
+#  ifdef SCTP_AUTHENTICATION_EVENT
+                if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
+                    dgram_sctp_handle_auth_free_key_event(b, &snp);
+#  endif
+
+                if (data->handle_notifications != NULL)
+                    data->handle_notifications(b, data->notification_context,
+                                               (void *)out);
+
+                memset(&snp, 0, sizeof(snp));
+                memset(out, 0, outl);
+            } else {
+                ret += n;
+            }
+        }
+        while ((msg.msg_flags & MSG_NOTIFICATION) && (msg.msg_flags & MSG_EOR)
+               && (ret < outl));
+
+        if (ret > 0 && !(msg.msg_flags & MSG_EOR)) {
+            /* Partial message read, this should never happen! */
+
+            /*
+             * The buffer was too small, this means the peer sent a message
+             * that was larger than allowed.
+             */
+            if (ret == outl)
+                return -1;
+
+            /*
+             * Test if socket buffer can handle max record size (2^14 + 2048
+             * + 13)
+             */
+            optlen = (socklen_t) sizeof(int);
+            ret = getsockopt(b->num, SOL_SOCKET, SO_RCVBUF, &optval, &optlen);
+            if (ret >= 0)
+                OPENSSL_assert(optval >= 18445);
+
+            /*
+             * Test if SCTP doesn't partially deliver below max record size
+             * (2^14 + 2048 + 13)
+             */
+            optlen = (socklen_t) sizeof(int);
+            ret =
+                getsockopt(b->num, IPPROTO_SCTP, SCTP_PARTIAL_DELIVERY_POINT,
+                           &optval, &optlen);
+            if (ret >= 0)
+                OPENSSL_assert(optval >= 18445);
+
+            /*
+             * Partially delivered notification??? Probably a bug....
+             */
+            OPENSSL_assert(!(msg.msg_flags & MSG_NOTIFICATION));
+
+            /*
+             * Everything seems ok till now, so it's most likely a message
+             * dropped by PR-SCTP.
+             */
+            memset(out, 0, outl);
+            BIO_set_retry_read(b);
+            return -1;
+        }
+
+        BIO_clear_retry_flags(b);
+        if (ret < 0) {
+            if (BIO_dgram_should_retry(ret)) {
+                BIO_set_retry_read(b);
+                data->dgram._errno = get_last_socket_error();
+            }
+        }
+
+        /* Test if peer uses SCTP-AUTH before continuing */
+        if (!data->peer_auth_tested) {
+            int ii, auth_data = 0, auth_forward = 0;
+            unsigned char *p;
+            struct sctp_authchunks *authchunks;
+
+            optlen =
+                (socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
+            authchunks = OPENSSL_malloc(optlen);
+            if (authchunks == NULL)
+                return -1;
+            memset(authchunks, 0, optlen);
+            ii = getsockopt(b->num, IPPROTO_SCTP, SCTP_PEER_AUTH_CHUNKS,
+                            authchunks, &optlen);
+
+            if (ii >= 0)
+                for (p = (unsigned char *)authchunks->gauth_chunks;
+                     p < (unsigned char *)authchunks + optlen;
+                     p += sizeof(uint8_t)) {
+                    if (*p == OPENSSL_SCTP_DATA_CHUNK_TYPE)
+                        auth_data = 1;
+                    if (*p == OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE)
+                        auth_forward = 1;
+                }
+
+            OPENSSL_free(authchunks);
+
+            if (!auth_data || !auth_forward) {
+                ERR_raise(ERR_LIB_BIO, BIO_R_CONNECT_ERROR);
+                return -1;
+            }
+
+            data->peer_auth_tested = 1;
+        }
+    }
+    return ret;
+}
+
+/*
+ * dgram_sctp_write - send message on SCTP socket
+ * @b: BIO to write to
+ * @in: data to send
+ * @inl: amount of bytes in @in to send
+ *
+ * Returns -1 on error or the sent amount of bytes on success
+ */
+static int dgram_sctp_write(BIO *b, const char *in, int inl)
+{
+    int ret;
+    bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
+    struct bio_dgram_sctp_sndinfo *sinfo = &(data->sndinfo);
+    struct bio_dgram_sctp_prinfo *pinfo = &(data->prinfo);
+    struct bio_dgram_sctp_sndinfo handshake_sinfo;
+    struct iovec iov[1];
+    struct msghdr msg;
+    struct cmsghdr *cmsg;
+#  if defined(SCTP_SNDINFO) && defined(SCTP_PRINFO)
+    char cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndinfo)) +
+                 CMSG_SPACE(sizeof(struct sctp_prinfo))];
+    struct sctp_sndinfo *sndinfo;
+    struct sctp_prinfo *prinfo;
+#  else
+    char cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
+    struct sctp_sndrcvinfo *sndrcvinfo;
+#  endif
+
+    clear_socket_error();
+
+    /*
+     * If we're send anything else than application data, disable all user
+     * parameters and flags.
+     */
+    if (in[0] != 23) {
+        memset(&handshake_sinfo, 0, sizeof(handshake_sinfo));
+#  ifdef SCTP_SACK_IMMEDIATELY
+        handshake_sinfo.snd_flags = SCTP_SACK_IMMEDIATELY;
+#  endif
+        sinfo = &handshake_sinfo;
+    }
+
+    /* We can only send a shutdown alert if the socket is dry */
+    if (data->save_shutdown) {
+        ret = BIO_dgram_sctp_wait_for_dry(b);
+        if (ret < 0)
+            return -1;
+        if (ret == 0) {
+            BIO_clear_retry_flags(b);
+            BIO_set_retry_write(b);
+            return -1;
+        }
+    }
+
+    iov[0].iov_base = (char *)in;
+    iov[0].iov_len = inl;
+    msg.msg_name = NULL;
+    msg.msg_namelen = 0;
+    msg.msg_iov = iov;
+    msg.msg_iovlen = 1;
+    msg.msg_control = (caddr_t) cmsgbuf;
+    msg.msg_controllen = 0;
+    msg.msg_flags = 0;
+#  if defined(SCTP_SNDINFO) && defined(SCTP_PRINFO)
+    cmsg = (struct cmsghdr *)cmsgbuf;
+    cmsg->cmsg_level = IPPROTO_SCTP;
+    cmsg->cmsg_type = SCTP_SNDINFO;
+    cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_sndinfo));
+    sndinfo = (struct sctp_sndinfo *)CMSG_DATA(cmsg);
+    memset(sndinfo, 0, sizeof(*sndinfo));
+    sndinfo->snd_sid = sinfo->snd_sid;
+    sndinfo->snd_flags = sinfo->snd_flags;
+    sndinfo->snd_ppid = sinfo->snd_ppid;
+    sndinfo->snd_context = sinfo->snd_context;
+    msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_sndinfo));
+
+    cmsg =
+        (struct cmsghdr *)&cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndinfo))];
+    cmsg->cmsg_level = IPPROTO_SCTP;
+    cmsg->cmsg_type = SCTP_PRINFO;
+    cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_prinfo));
+    prinfo = (struct sctp_prinfo *)CMSG_DATA(cmsg);
+    memset(prinfo, 0, sizeof(*prinfo));
+    prinfo->pr_policy = pinfo->pr_policy;
+    prinfo->pr_value = pinfo->pr_value;
+    msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_prinfo));
+#  else
+    cmsg = (struct cmsghdr *)cmsgbuf;
+    cmsg->cmsg_level = IPPROTO_SCTP;
+    cmsg->cmsg_type = SCTP_SNDRCV;
+    cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_sndrcvinfo));
+    sndrcvinfo = (struct sctp_sndrcvinfo *)CMSG_DATA(cmsg);
+    memset(sndrcvinfo, 0, sizeof(*sndrcvinfo));
+    sndrcvinfo->sinfo_stream = sinfo->snd_sid;
+    sndrcvinfo->sinfo_flags = sinfo->snd_flags;
+#   ifdef __FreeBSD__
+    sndrcvinfo->sinfo_flags |= pinfo->pr_policy;
+#   endif
+    sndrcvinfo->sinfo_ppid = sinfo->snd_ppid;
+    sndrcvinfo->sinfo_context = sinfo->snd_context;
+    sndrcvinfo->sinfo_timetolive = pinfo->pr_value;
+    msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_sndrcvinfo));
+#  endif
+
+    ret = sendmsg(b->num, &msg, 0);
+
+    BIO_clear_retry_flags(b);
+    if (ret <= 0) {
+        if (BIO_dgram_should_retry(ret)) {
+            BIO_set_retry_write(b);
+            data->dgram._errno = get_last_socket_error();
+        }
+    }
+    return ret;
+}
+
+static long dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    long ret = 1;
+    bio_dgram_sctp_data *data = NULL;
+    socklen_t sockopt_len = 0;
+    struct sctp_authkeyid authkeyid;
+    struct sctp_authkey *authkey = NULL;
+
+    data = (bio_dgram_sctp_data *) b->ptr;
+
+    switch (cmd) {
+    case BIO_CTRL_DGRAM_QUERY_MTU:
+        /*
+         * Set to maximum (2^14) and ignore user input to enable transport
+         * protocol fragmentation. Returns always 2^14.
+         */
+        data->dgram.mtu = 16384;
+        ret = data->dgram.mtu;
+        break;
+    case BIO_CTRL_DGRAM_SET_MTU:
+        /*
+         * Set to maximum (2^14) and ignore input to enable transport
+         * protocol fragmentation. Returns always 2^14.
+         */
+        data->dgram.mtu = 16384;
+        ret = data->dgram.mtu;
+        break;
+    case BIO_CTRL_DGRAM_SET_CONNECTED:
+    case BIO_CTRL_DGRAM_CONNECT:
+        /* Returns always -1. */
+        ret = -1;
+        break;
+    case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
+        /*
+         * SCTP doesn't need the DTLS timer Returns always 1.
+         */
+        break;
+    case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD:
+        /*
+         * We allow transport protocol fragmentation so this is irrelevant
+         */
+        ret = 0;
+        break;
+    case BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE:
+        if (num > 0)
+            data->in_handshake = 1;
+        else
+            data->in_handshake = 0;
+
+        ret =
+            setsockopt(b->num, IPPROTO_SCTP, SCTP_NODELAY,
+                       &data->in_handshake, sizeof(int));
+        break;
+    case BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY:
+        /*
+         * New shared key for SCTP AUTH. Returns 0 on success, -1 otherwise.
+         */
+
+        /* Get active key */
+        sockopt_len = sizeof(struct sctp_authkeyid);
+        ret =
+            getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY, &authkeyid,
+                       &sockopt_len);
+        if (ret < 0)
+            break;
+
+        /* Add new key */
+        sockopt_len = sizeof(struct sctp_authkey) + 64 * sizeof(uint8_t);
+        authkey = OPENSSL_malloc(sockopt_len);
+        if (authkey == NULL) {
+            ret = -1;
+            break;
+        }
+        memset(authkey, 0, sockopt_len);
+        authkey->sca_keynumber = authkeyid.scact_keynumber + 1;
+#  ifndef __FreeBSD__
+        /*
+         * This field is missing in FreeBSD 8.2 and earlier, and FreeBSD 8.3
+         * and higher work without it.
+         */
+        authkey->sca_keylength = 64;
+#  endif
+        memcpy(&authkey->sca_key[0], ptr, 64 * sizeof(uint8_t));
+
+        ret =
+            setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_KEY, authkey,
+                       sockopt_len);
+        OPENSSL_free(authkey);
+        authkey = NULL;
+        if (ret < 0)
+            break;
+
+        /* Reset active key */
+        ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
+                         &authkeyid, sizeof(struct sctp_authkeyid));
+        if (ret < 0)
+            break;
+
+        break;
+    case BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY:
+        /* Returns 0 on success, -1 otherwise. */
+
+        /* Get active key */
+        sockopt_len = sizeof(struct sctp_authkeyid);
+        ret =
+            getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY, &authkeyid,
+                       &sockopt_len);
+        if (ret < 0)
+            break;
+
+        /* Set active key */
+        authkeyid.scact_keynumber = authkeyid.scact_keynumber + 1;
+        ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
+                         &authkeyid, sizeof(struct sctp_authkeyid));
+        if (ret < 0)
+            break;
+
+        /*
+         * CCS has been sent, so remember that and fall through to check if
+         * we need to deactivate an old key
+         */
+        data->ccs_sent = 1;
+        /* fall-through */
+
+    case BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD:
+        /* Returns 0 on success, -1 otherwise. */
+
+        /*
+         * Has this command really been called or is this just a
+         * fall-through?
+         */
+        if (cmd == BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD)
+            data->ccs_rcvd = 1;
+
+        /*
+         * CSS has been both, received and sent, so deactivate an old key
+         */
+        if (data->ccs_rcvd == 1 && data->ccs_sent == 1) {
+            /* Get active key */
+            sockopt_len = sizeof(struct sctp_authkeyid);
+            ret =
+                getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
+                           &authkeyid, &sockopt_len);
+            if (ret < 0)
+                break;
+
+            /*
+             * Deactivate key or delete second last key if
+             * SCTP_AUTHENTICATION_EVENT is not available.
+             */
+            authkeyid.scact_keynumber = authkeyid.scact_keynumber - 1;
+#  ifdef SCTP_AUTH_DEACTIVATE_KEY
+            sockopt_len = sizeof(struct sctp_authkeyid);
+            ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DEACTIVATE_KEY,
+                             &authkeyid, sockopt_len);
+            if (ret < 0)
+                break;
+#  endif
+#  ifndef SCTP_AUTHENTICATION_EVENT
+            if (authkeyid.scact_keynumber > 0) {
+                authkeyid.scact_keynumber = authkeyid.scact_keynumber - 1;
+                ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY,
+                                 &authkeyid, sizeof(struct sctp_authkeyid));
+                if (ret < 0)
+                    break;
+            }
+#  endif
+
+            data->ccs_rcvd = 0;
+            data->ccs_sent = 0;
+        }
+        break;
+    case BIO_CTRL_DGRAM_SCTP_GET_SNDINFO:
+        /* Returns the size of the copied struct. */
+        if (num > (long)sizeof(struct bio_dgram_sctp_sndinfo))
+            num = sizeof(struct bio_dgram_sctp_sndinfo);
+
+        memcpy(ptr, &(data->sndinfo), num);
+        ret = num;
+        break;
+    case BIO_CTRL_DGRAM_SCTP_SET_SNDINFO:
+        /* Returns the size of the copied struct. */
+        if (num > (long)sizeof(struct bio_dgram_sctp_sndinfo))
+            num = sizeof(struct bio_dgram_sctp_sndinfo);
+
+        memcpy(&(data->sndinfo), ptr, num);
+        break;
+    case BIO_CTRL_DGRAM_SCTP_GET_RCVINFO:
+        /* Returns the size of the copied struct. */
+        if (num > (long)sizeof(struct bio_dgram_sctp_rcvinfo))
+            num = sizeof(struct bio_dgram_sctp_rcvinfo);
+
+        memcpy(ptr, &data->rcvinfo, num);
+
+        ret = num;
+        break;
+    case BIO_CTRL_DGRAM_SCTP_SET_RCVINFO:
+        /* Returns the size of the copied struct. */
+        if (num > (long)sizeof(struct bio_dgram_sctp_rcvinfo))
+            num = sizeof(struct bio_dgram_sctp_rcvinfo);
+
+        memcpy(&(data->rcvinfo), ptr, num);
+        break;
+    case BIO_CTRL_DGRAM_SCTP_GET_PRINFO:
+        /* Returns the size of the copied struct. */
+        if (num > (long)sizeof(struct bio_dgram_sctp_prinfo))
+            num = sizeof(struct bio_dgram_sctp_prinfo);
+
+        memcpy(ptr, &(data->prinfo), num);
+        ret = num;
+        break;
+    case BIO_CTRL_DGRAM_SCTP_SET_PRINFO:
+        /* Returns the size of the copied struct. */
+        if (num > (long)sizeof(struct bio_dgram_sctp_prinfo))
+            num = sizeof(struct bio_dgram_sctp_prinfo);
+
+        memcpy(&(data->prinfo), ptr, num);
+        break;
+    case BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN:
+        /* Returns always 1. */
+        if (num > 0)
+            data->save_shutdown = 1;
+        else
+            data->save_shutdown = 0;
+        break;
+    case BIO_CTRL_DGRAM_SCTP_WAIT_FOR_DRY:
+        return dgram_sctp_wait_for_dry(b);
+    case BIO_CTRL_DGRAM_SCTP_MSG_WAITING:
+        return dgram_sctp_msg_waiting(b);
+
+    default:
+        /*
+         * Pass to default ctrl function to process SCTP unspecific commands
+         */
+        ret = dgram_ctrl(b, cmd, num, ptr);
+        break;
+    }
+    return ret;
+}
+
+int BIO_dgram_sctp_notification_cb(BIO *b,
+                BIO_dgram_sctp_notification_handler_fn handle_notifications,
+                void *context)
+{
+    bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
+
+    if (handle_notifications != NULL) {
+        data->handle_notifications = handle_notifications;
+        data->notification_context = context;
+    } else
+        return -1;
+
+    return 0;
+}
+
+/*
+ * BIO_dgram_sctp_wait_for_dry - Wait for SCTP SENDER_DRY event
+ * @b: The BIO to check for the dry event
+ *
+ * Wait until the peer confirms all packets have been received, and so that
+ * our kernel doesn't have anything to send anymore.  This is only received by
+ * the peer's kernel, not the application.
+ *
+ * Returns:
+ * -1 on error
+ *  0 when not dry yet
+ *  1 when dry
+ */
+int BIO_dgram_sctp_wait_for_dry(BIO *b)
+{
+    return (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SCTP_WAIT_FOR_DRY, 0, NULL);
+}
+
+static int dgram_sctp_wait_for_dry(BIO *b)
+{
+    int is_dry = 0;
+    int sockflags = 0;
+    int n, ret;
+    union sctp_notification snp;
+    struct msghdr msg;
+    struct iovec iov;
+#  ifdef SCTP_EVENT
+    struct sctp_event event;
+#  else
+    struct sctp_event_subscribe event;
+    socklen_t eventsize;
+#  endif
+    bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
+
+    /* set sender dry event */
+#  ifdef SCTP_EVENT
+    memset(&event, 0, sizeof(event));
+    event.se_assoc_id = 0;
+    event.se_type = SCTP_SENDER_DRY_EVENT;
+    event.se_on = 1;
+    ret =
+        setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
+                   sizeof(struct sctp_event));
+#  else
+    eventsize = sizeof(struct sctp_event_subscribe);
+    ret = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event, &eventsize);
+    if (ret < 0)
+        return -1;
+
+    event.sctp_sender_dry_event = 1;
+
+    ret =
+        setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
+                   sizeof(struct sctp_event_subscribe));
+#  endif
+    if (ret < 0)
+        return -1;
+
+    /* peek for notification */
+    memset(&snp, 0, sizeof(snp));
+    iov.iov_base = (char *)&snp;
+    iov.iov_len = sizeof(union sctp_notification);
+    msg.msg_name = NULL;
+    msg.msg_namelen = 0;
+    msg.msg_iov = &iov;
+    msg.msg_iovlen = 1;
+    msg.msg_control = NULL;
+    msg.msg_controllen = 0;
+    msg.msg_flags = 0;
+
+    n = recvmsg(b->num, &msg, MSG_PEEK);
+    if (n <= 0) {
+        if ((n < 0) && (get_last_socket_error() != EAGAIN)
+            && (get_last_socket_error() != EWOULDBLOCK))
+            return -1;
+        else
+            return 0;
+    }
+
+    /* if we find a notification, process it and try again if necessary */
+    while (msg.msg_flags & MSG_NOTIFICATION) {
+        memset(&snp, 0, sizeof(snp));
+        iov.iov_base = (char *)&snp;
+        iov.iov_len = sizeof(union sctp_notification);
+        msg.msg_name = NULL;
+        msg.msg_namelen = 0;
+        msg.msg_iov = &iov;
+        msg.msg_iovlen = 1;
+        msg.msg_control = NULL;
+        msg.msg_controllen = 0;
+        msg.msg_flags = 0;
+
+        n = recvmsg(b->num, &msg, 0);
+        if (n <= 0) {
+            if ((n < 0) && (get_last_socket_error() != EAGAIN)
+                && (get_last_socket_error() != EWOULDBLOCK))
+                return -1;
+            else
+                return is_dry;
+        }
+
+        if (snp.sn_header.sn_type == SCTP_SENDER_DRY_EVENT) {
+            is_dry = 1;
+
+            /* disable sender dry event */
+#  ifdef SCTP_EVENT
+            memset(&event, 0, sizeof(event));
+            event.se_assoc_id = 0;
+            event.se_type = SCTP_SENDER_DRY_EVENT;
+            event.se_on = 0;
+            ret =
+                setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
+                           sizeof(struct sctp_event));
+#  else
+            eventsize = (socklen_t) sizeof(struct sctp_event_subscribe);
+            ret =
+                getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
+                           &eventsize);
+            if (ret < 0)
+                return -1;
+
+            event.sctp_sender_dry_event = 0;
+
+            ret =
+                setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
+                           sizeof(struct sctp_event_subscribe));
+#  endif
+            if (ret < 0)
+                return -1;
+        }
+#  ifdef SCTP_AUTHENTICATION_EVENT
+        if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
+            dgram_sctp_handle_auth_free_key_event(b, &snp);
+#  endif
+
+        if (data->handle_notifications != NULL)
+            data->handle_notifications(b, data->notification_context,
+                                       (void *)&snp);
+
+        /* found notification, peek again */
+        memset(&snp, 0, sizeof(snp));
+        iov.iov_base = (char *)&snp;
+        iov.iov_len = sizeof(union sctp_notification);
+        msg.msg_name = NULL;
+        msg.msg_namelen = 0;
+        msg.msg_iov = &iov;
+        msg.msg_iovlen = 1;
+        msg.msg_control = NULL;
+        msg.msg_controllen = 0;
+        msg.msg_flags = 0;
+
+        /* if we have seen the dry already, don't wait */
+        if (is_dry) {
+            sockflags = fcntl(b->num, F_GETFL, 0);
+            fcntl(b->num, F_SETFL, O_NONBLOCK);
+        }
+
+        n = recvmsg(b->num, &msg, MSG_PEEK);
+
+        if (is_dry) {
+            fcntl(b->num, F_SETFL, sockflags);
+        }
+
+        if (n <= 0) {
+            if ((n < 0) && (get_last_socket_error() != EAGAIN)
+                && (get_last_socket_error() != EWOULDBLOCK))
+                return -1;
+            else
+                return is_dry;
+        }
+    }
+
+    /* read anything else */
+    return is_dry;
+}
+
+int BIO_dgram_sctp_msg_waiting(BIO *b)
+{
+    return (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SCTP_MSG_WAITING, 0, NULL);
+}
+
+static int dgram_sctp_msg_waiting(BIO *b)
+{
+    int n, sockflags;
+    union sctp_notification snp;
+    struct msghdr msg;
+    struct iovec iov;
+    bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
+
+    /* Check if there are any messages waiting to be read */
+    do {
+        memset(&snp, 0, sizeof(snp));
+        iov.iov_base = (char *)&snp;
+        iov.iov_len = sizeof(union sctp_notification);
+        msg.msg_name = NULL;
+        msg.msg_namelen = 0;
+        msg.msg_iov = &iov;
+        msg.msg_iovlen = 1;
+        msg.msg_control = NULL;
+        msg.msg_controllen = 0;
+        msg.msg_flags = 0;
+
+        sockflags = fcntl(b->num, F_GETFL, 0);
+        fcntl(b->num, F_SETFL, O_NONBLOCK);
+        n = recvmsg(b->num, &msg, MSG_PEEK);
+        fcntl(b->num, F_SETFL, sockflags);
+
+        /* if notification, process and try again */
+        if (n > 0 && (msg.msg_flags & MSG_NOTIFICATION)) {
+#  ifdef SCTP_AUTHENTICATION_EVENT
+            if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
+                dgram_sctp_handle_auth_free_key_event(b, &snp);
+#  endif
+
+            memset(&snp, 0, sizeof(snp));
+            iov.iov_base = (char *)&snp;
+            iov.iov_len = sizeof(union sctp_notification);
+            msg.msg_name = NULL;
+            msg.msg_namelen = 0;
+            msg.msg_iov = &iov;
+            msg.msg_iovlen = 1;
+            msg.msg_control = NULL;
+            msg.msg_controllen = 0;
+            msg.msg_flags = 0;
+            n = recvmsg(b->num, &msg, 0);
+
+            if (data->handle_notifications != NULL)
+                data->handle_notifications(b, data->notification_context,
+                                           (void *)&snp);
+        }
+
+    } while (n > 0 && (msg.msg_flags & MSG_NOTIFICATION));
+
+    /* Return 1 if there is a message to be read, return 0 otherwise. */
+    if (n > 0)
+        return 1;
+    else
+        return 0;
+}
+
+static int dgram_sctp_puts(BIO *bp, const char *str)
+{
+    int n, ret;
+
+    n = strlen(str);
+    ret = dgram_sctp_write(bp, str, n);
+    return ret;
+}
+# endif
+
+static int BIO_dgram_should_retry(int i)
+{
+    int err;
+
+    if ((i == 0) || (i == -1)) {
+        err = get_last_socket_error();
+
+# if defined(OPENSSL_SYS_WINDOWS)
+        /*
+         * If the socket return value (i) is -1 and err is unexpectedly 0 at
+         * this point, the error code was overwritten by another system call
+         * before this error handling is called.
+         */
+# endif
+
+        return BIO_dgram_non_fatal_error(err);
+    }
+    return 0;
+}
+
+int BIO_dgram_non_fatal_error(int err)
+{
+    switch (err) {
+# if defined(OPENSSL_SYS_WINDOWS)
+#  if defined(WSAEWOULDBLOCK)
+    case WSAEWOULDBLOCK:
+#  endif
+# endif
+
+# ifdef EWOULDBLOCK
+#  ifdef WSAEWOULDBLOCK
+#   if WSAEWOULDBLOCK != EWOULDBLOCK
+    case EWOULDBLOCK:
+#   endif
+#  else
+    case EWOULDBLOCK:
+#  endif
+# endif
+
+# ifdef EINTR
+    case EINTR:
+# endif
+
+# ifdef EAGAIN
+#  if EWOULDBLOCK != EAGAIN
+    case EAGAIN:
+#  endif
+# endif
+
+# ifdef EPROTO
+    case EPROTO:
+# endif
+
+# ifdef EINPROGRESS
+    case EINPROGRESS:
+# endif
+
+# ifdef EALREADY
+    case EALREADY:
+# endif
+
+        return 1;
+    default:
+        break;
+    }
+    return 0;
+}
+
+#endif

libs/openssl/crypto/params_idx.c

@@ -0,0 +1,2710 @@
+/*
+ * WARNING: do not edit!
+ * Generated by makefile from crypto\params_idx.c.in
+ *
+ * Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+
+#include "internal/e_os.h"
+#include "internal/param_names.h"
+#include <string.h>
+
+/* Machine generated TRIE -- generated by util/perl/OpenSSL/paramnames.pm */
+int ossl_param_find_pidx(const char *s)
+{
+    switch(s[0]) {
+    default:
+        break;
+    case 'a':
+        switch(s[1]) {
+        default:
+            break;
+        case 'c':
+            if (strcmp("vp-info", s + 2) == 0)
+                return PIDX_KDF_PARAM_X942_ACVPINFO;
+            break;
+        case 'd':
+            switch(s[2]) {
+            default:
+                break;
+            case '\0':
+                return PIDX_KDF_PARAM_ARGON2_AD;
+            }
+            break;
+        case 'e':
+            if (strcmp("ad", s + 2) == 0)
+                return PIDX_CIPHER_PARAM_AEAD;
+            break;
+        case 'l':
+            switch(s[2]) {
+            default:
+                break;
+            case 'g':
+                switch(s[3]) {
+                default:
+                    break;
+                case '_':
+                    if (strcmp("id_param", s + 4) == 0)
+                        return PIDX_CIPHER_PARAM_ALGORITHM_ID_PARAMS;
+                    break;
+                case 'i':
+                    if (strcmp("d-absent", s + 4) == 0)
+                        return PIDX_DIGEST_PARAM_ALGID_ABSENT;
+                    break;
+                case 'o':
+                    if (strcmp("rithm-id", s + 4) == 0)
+                        return PIDX_SIGNATURE_PARAM_ALGORITHM_ID;
+                }
+                break;
+            case 'i':
+                if (strcmp("as", s + 3) == 0)
+                    return PIDX_STORE_PARAM_ALIAS;
+            }
+            break;
+        case '\0':
+            return PIDX_PKEY_PARAM_EC_A;
+        }
+        break;
+    case 'b':
+        switch(s[1]) {
+        default:
+            break;
+        case 'a':
+            if (strcmp("sis-type", s + 2) == 0)
+                return PIDX_PKEY_PARAM_EC_CHAR2_TYPE;
+            break;
+        case 'i':
+            if (strcmp("ts", s + 2) == 0)
+                return PIDX_PKEY_PARAM_BITS;
+            break;
+        case 'l':
+            switch(s[2]) {
+            default:
+                break;
+            case 'o':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'c':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'k':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case '-':
+                            if (strcmp("size", s + 6) == 0)
+                                return PIDX_MAC_PARAM_BLOCK_SIZE;
+                            break;
+                        case '_':
+                            if (strcmp("padding", s + 6) == 0)
+                                return PIDX_LIBSSL_RECORD_LAYER_PARAM_BLOCK_PADDING;
+                            break;
+                        case 's':
+                            if (strcmp("ize", s + 6) == 0)
+                                return PIDX_CIPHER_PARAM_BLOCK_SIZE;
+                        }
+                    }
+                }
+            }
+            break;
+        case 'u':
+            if (strcmp("ildinfo", s + 2) == 0)
+                return PIDX_PROV_PARAM_BUILDINFO;
+            break;
+        case '\0':
+            return PIDX_PKEY_PARAM_EC_B;
+        }
+        break;
+    case 'c':
+        switch(s[1]) {
+        default:
+            break;
+        case '-':
+            if (strcmp("rounds", s + 2) == 0)
+                return PIDX_MAC_PARAM_C_ROUNDS;
+            break;
+        case 'e':
+            if (strcmp("kalg", s + 2) == 0)
+                return PIDX_KDF_PARAM_CEK_ALG;
+            break;
+        case 'i':
+            if (strcmp("pher", s + 2) == 0)
+                return PIDX_ALG_PARAM_CIPHER;
+            break;
+        case 'o':
+            switch(s[2]) {
+            default:
+                break;
+            case 'f':
+                if (strcmp("actor", s + 3) == 0)
+                    return PIDX_PKEY_PARAM_EC_COFACTOR;
+                break;
+            case 'n':
+                switch(s[3]) {
+                default:
+                    break;
+                case 's':
+                    if (strcmp("tant", s + 4) == 0)
+                        return PIDX_KDF_PARAM_CONSTANT;
+                    break;
+                case 't':
+                    if (strcmp("ext-string", s + 4) == 0)
+                        return PIDX_SIGNATURE_PARAM_CONTEXT_STRING;
+                }
+            }
+            break;
+        case 't':
+            switch(s[2]) {
+            default:
+                break;
+            case 's':
+                switch(s[3]) {
+                default:
+                    break;
+                case '_':
+                    if (strcmp("mode", s + 4) == 0)
+                        return PIDX_CIPHER_PARAM_CTS_MODE;
+                    break;
+                case '\0':
+                    return PIDX_CIPHER_PARAM_CTS;
+                }
+            }
+            break;
+        case 'u':
+            switch(s[2]) {
+            default:
+                break;
+            case 's':
+                switch(s[3]) {
+                default:
+                    break;
+                case 't':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'o':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'm':
+                            switch(s[6]) {
+                            default:
+                                break;
+                            case '-':
+                                if (strcmp("iv", s + 7) == 0)
+                                    return PIDX_CIPHER_PARAM_CUSTOM_IV;
+                                break;
+                            case '\0':
+                                return PIDX_MAC_PARAM_CUSTOM;
+                            }
+                        }
+                    }
+                }
+            }
+        }
+        break;
+    case 'd':
+        switch(s[1]) {
+        default:
+            break;
+        case '-':
+            if (strcmp("rounds", s + 2) == 0)
+                return PIDX_MAC_PARAM_D_ROUNDS;
+            break;
+        case 'a':
+            switch(s[2]) {
+            default:
+                break;
+            case 't':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'a':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case '-':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 's':
+                            if (strcmp("tructure", s + 6) == 0)
+                                return PIDX_OBJECT_PARAM_DATA_STRUCTURE;
+                            break;
+                        case 't':
+                            if (strcmp("ype", s + 6) == 0)
+                                return PIDX_OBJECT_PARAM_DATA_TYPE;
+                        }
+                        break;
+                    case '\0':
+                        return PIDX_KDF_PARAM_DATA;
+                    }
+                }
+            }
+            break;
+        case 'e':
+            switch(s[2]) {
+            default:
+                break;
+            case 'c':
+                if (strcmp("oded-from-explicit", s + 3) == 0)
+                    return PIDX_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS;
+                break;
+            case 'f':
+                if (strcmp("ault-digest", s + 3) == 0)
+                    return PIDX_PKEY_PARAM_DEFAULT_DIGEST;
+                break;
+            case 's':
+                if (strcmp("c", s + 3) == 0)
+                    return PIDX_OBJECT_PARAM_DESC;
+            }
+            break;
+        case 'h':
+            if (strcmp("kem-ikm", s + 2) == 0)
+                return PIDX_PKEY_PARAM_DHKEM_IKM;
+            break;
+        case 'i':
+            switch(s[2]) {
+            default:
+                break;
+            case 'g':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'e':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 's':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 't':
+                            switch(s[6]) {
+                            default:
+                                break;
+                            case '-':
+                                switch(s[7]) {
+                                default:
+                                    break;
+                                case 'n':
+                                    if (strcmp("oinit", s + 8) == 0)
+                                        return PIDX_MAC_PARAM_DIGEST_NOINIT;
+                                    break;
+                                case 'o':
+                                    if (strcmp("neshot", s + 8) == 0)
+                                        return PIDX_MAC_PARAM_DIGEST_ONESHOT;
+                                    break;
+                                case 'p':
+                                    if (strcmp("rops", s + 8) == 0)
+                                        return PIDX_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS;
+                                    break;
+                                case 's':
+                                    if (strcmp("ize", s + 8) == 0)
+                                        return PIDX_PKEY_PARAM_DIGEST_SIZE;
+                                }
+                                break;
+                            case '\0':
+                                return PIDX_STORE_PARAM_DIGEST;
+                            }
+                        }
+                    }
+                }
+                break;
+            case 's':
+                if (strcmp("tid", s + 3) == 0)
+                    return PIDX_PKEY_PARAM_DIST_ID;
+            }
+            break;
+        case 'r':
+            if (strcmp("bg-no-trunc-md", s + 2) == 0)
+                return PIDX_PROV_PARAM_DRBG_TRUNC_DIGEST;
+            break;
+        case '\0':
+            return PIDX_PKEY_PARAM_RSA_D;
+        }
+        break;
+    case 'e':
+        switch(s[1]) {
+        default:
+            break;
+        case 'a':
+            if (strcmp("rly_clean", s + 2) == 0)
+                return PIDX_KDF_PARAM_EARLY_CLEAN;
+            break;
+        case 'c':
+            if (strcmp("dh-cofactor-mode", s + 2) == 0)
+                return PIDX_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE;
+            break;
+        case 'n':
+            switch(s[2]) {
+            default:
+                break;
+            case 'c':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'o':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'd':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'e':
+                            if (strcmp("d-pub-key", s + 6) == 0)
+                                return PIDX_PKEY_PARAM_ENCODED_PUBLIC_KEY;
+                            break;
+                        case 'i':
+                            if (strcmp("ng", s + 6) == 0)
+                                return PIDX_PKEY_PARAM_EC_ENCODING;
+                        }
+                    }
+                    break;
+                case 'r':
+                    if (strcmp("ypt-level", s + 4) == 0)
+                        return PIDX_ENCODER_PARAM_ENCRYPT_LEVEL;
+                }
+                break;
+            case 'g':
+                if (strcmp("ine", s + 3) == 0)
+                    return PIDX_ALG_PARAM_ENGINE;
+                break;
+            case 't':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'r':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'o':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'p':
+                            switch(s[6]) {
+                            default:
+                                break;
+                            case 'y':
+                                switch(s[7]) {
+                                default:
+                                    break;
+                                case '_':
+                                    if (strcmp("required", s + 8) == 0)
+                                        return PIDX_DRBG_PARAM_ENTROPY_REQUIRED;
+                                    break;
+                                case '\0':
+                                    return PIDX_KDF_PARAM_HMACDRBG_ENTROPY;
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+            break;
+        case '\0':
+            return PIDX_PKEY_PARAM_RSA_E;
+            break;
+        case 'x':
+            if (strcmp("pect", s + 2) == 0)
+                return PIDX_STORE_PARAM_EXPECT;
+        }
+        break;
+    case 'f':
+        switch(s[1]) {
+        default:
+            break;
+        case 'i':
+            switch(s[2]) {
+            default:
+                break;
+            case 'e':
+                if (strcmp("ld-type", s + 3) == 0)
+                    return PIDX_PKEY_PARAM_EC_FIELD_TYPE;
+                break;
+            case 'n':
+                if (strcmp("gerprint", s + 3) == 0)
+                    return PIDX_STORE_PARAM_FINGERPRINT;
+            }
+        }
+        break;
+    case 'g':
+        switch(s[1]) {
+        default:
+            break;
+        case 'e':
+            switch(s[2]) {
+            default:
+                break;
+            case 'n':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'e':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'r':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'a':
+                            switch(s[6]) {
+                            default:
+                                break;
+                            case 't':
+                                switch(s[7]) {
+                                default:
+                                    break;
+                                case 'e':
+                                    switch(s[8]) {
+                                    default:
+                                        break;
+                                    case '\0':
+                                        return PIDX_RAND_PARAM_GENERATE;
+                                    }
+                                    break;
+                                case 'o':
+                                    if (strcmp("r", s + 8) == 0)
+                                        return PIDX_PKEY_PARAM_EC_GENERATOR;
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+            break;
+        case 'i':
+            if (strcmp("ndex", s + 2) == 0)
+                return PIDX_PKEY_PARAM_FFC_GINDEX;
+            break;
+        case 'r':
+            switch(s[2]) {
+            default:
+                break;
+            case 'o':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'u':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'p':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case '-':
+                            if (strcmp("check", s + 6) == 0)
+                                return PIDX_PKEY_PARAM_EC_GROUP_CHECK_TYPE;
+                            break;
+                        case '\0':
+                            return PIDX_PKEY_PARAM_GROUP_NAME;
+                        }
+                    }
+                }
+            }
+            break;
+        case '\0':
+            return PIDX_PKEY_PARAM_FFC_G;
+        }
+        break;
+    case 'h':
+        switch(s[1]) {
+        default:
+            break;
+        case 'a':
+            if (strcmp("s-randkey", s + 2) == 0)
+                return PIDX_CIPHER_PARAM_HAS_RAND_KEY;
+            break;
+        case 'i':
+            if (strcmp("ndex", s + 2) == 0)
+                return PIDX_PKEY_PARAM_FFC_H;
+        }
+        break;
+    case 'i':
+        switch(s[1]) {
+        default:
+            break;
+        case 'd':
+            switch(s[2]) {
+            default:
+                break;
+            case '\0':
+                return PIDX_KDF_PARAM_PKCS12_ID;
+            }
+            break;
+        case 'k':
+            if (strcmp("me", s + 2) == 0)
+                return PIDX_KEM_PARAM_IKME;
+            break;
+        case 'm':
+            if (strcmp("plicit-rejection", s + 2) == 0)
+                return PIDX_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION;
+            break;
+        case 'n':
+            switch(s[2]) {
+            default:
+                break;
+            case 'c':
+                if (strcmp("lude-public", s + 3) == 0)
+                    return PIDX_PKEY_PARAM_EC_INCLUDE_PUBLIC;
+                break;
+            case 'f':
+                if (strcmp("o", s + 3) == 0)
+                    return PIDX_KDF_PARAM_INFO;
+                break;
+            case 'p':
+                if (strcmp("ut-type", s + 3) == 0)
+                    return PIDX_STORE_PARAM_INPUT_TYPE;
+                break;
+            case 's':
+                if (strcmp("tance", s + 3) == 0)
+                    return PIDX_SIGNATURE_PARAM_INSTANCE;
+            }
+            break;
+        case 't':
+            switch(s[2]) {
+            default:
+                break;
+            case 'e':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'r':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'a':
+                        if (strcmp("tion", s + 5) == 0)
+                            return PIDX_GEN_PARAM_ITERATION;
+                        break;
+                    case '\0':
+                        return PIDX_KDF_PARAM_ITER;
+                    }
+                }
+            }
+            break;
+        case 'v':
+            switch(s[2]) {
+            default:
+                break;
+            case 'l':
+                if (strcmp("en", s + 3) == 0)
+                    return PIDX_CIPHER_PARAM_IVLEN;
+                break;
+            case '\0':
+                return PIDX_CIPHER_PARAM_IV;
+            }
+        }
+        break;
+    case 'j':
+        switch(s[1]) {
+        default:
+            break;
+        case '\0':
+            return PIDX_PKEY_PARAM_FFC_COFACTOR;
+        }
+        break;
+    case 'k':
+        switch(s[1]) {
+        default:
+            break;
+        case '1':
+            switch(s[2]) {
+            default:
+                break;
+            case '\0':
+                return PIDX_PKEY_PARAM_EC_CHAR2_PP_K1;
+            }
+            break;
+        case '2':
+            switch(s[2]) {
+            default:
+                break;
+            case '\0':
+                return PIDX_PKEY_PARAM_EC_CHAR2_PP_K2;
+            }
+            break;
+        case '3':
+            switch(s[2]) {
+            default:
+                break;
+            case '\0':
+                return PIDX_PKEY_PARAM_EC_CHAR2_PP_K3;
+            }
+            break;
+        case 'a':
+            if (strcmp("t", s + 2) == 0)
+                return PIDX_SIGNATURE_PARAM_KAT;
+            break;
+        case 'd':
+            switch(s[2]) {
+            default:
+                break;
+            case 'f':
+                switch(s[3]) {
+                default:
+                    break;
+                case '-':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'd':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'i':
+                            switch(s[6]) {
+                            default:
+                                break;
+                            case 'g':
+                                switch(s[7]) {
+                                default:
+                                    break;
+                                case 'e':
+                                    switch(s[8]) {
+                                    default:
+                                        break;
+                                    case 's':
+                                        switch(s[9]) {
+                                        default:
+                                            break;
+                                        case 't':
+                                            switch(s[10]) {
+                                            default:
+                                                break;
+                                            case '-':
+                                                if (strcmp("props", s + 11) == 0)
+                                                    return PIDX_EXCHANGE_PARAM_KDF_DIGEST_PROPS;
+                                                break;
+                                            case '\0':
+                                                return PIDX_EXCHANGE_PARAM_KDF_DIGEST;
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                        break;
+                    case 'o':
+                        if (strcmp("utlen", s + 5) == 0)
+                            return PIDX_EXCHANGE_PARAM_KDF_OUTLEN;
+                        break;
+                    case 't':
+                        if (strcmp("ype", s + 5) == 0)
+                            return PIDX_EXCHANGE_PARAM_KDF_TYPE;
+                        break;
+                    case 'u':
+                        if (strcmp("km", s + 5) == 0)
+                            return PIDX_EXCHANGE_PARAM_KDF_UKM;
+                    }
+                }
+            }
+            break;
+        case 'e':
+            switch(s[2]) {
+            default:
+                break;
+            case 'y':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'b':
+                    if (strcmp("its", s + 4) == 0)
+                        return PIDX_CIPHER_PARAM_RC2_KEYBITS;
+                    break;
+                case 'l':
+                    if (strcmp("en", s + 4) == 0)
+                        return PIDX_CIPHER_PARAM_KEYLEN;
+                    break;
+                case '\0':
+                    return PIDX_MAC_PARAM_KEY;
+                }
+            }
+        }
+        break;
+    case 'l':
+        switch(s[1]) {
+        default:
+            break;
+        case 'a':
+            switch(s[2]) {
+            default:
+                break;
+            case 'b':
+                if (strcmp("el", s + 3) == 0)
+                    return PIDX_KDF_PARAM_LABEL;
+                break;
+            case 'n':
+                if (strcmp("es", s + 3) == 0)
+                    return PIDX_KDF_PARAM_ARGON2_LANES;
+            }
+        }
+        break;
+    case 'm':
+        switch(s[1]) {
+        default:
+            break;
+        case 'a':
+            switch(s[2]) {
+            default:
+                break;
+            case 'c':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'k':
+                    if (strcmp("ey", s + 4) == 0)
+                        return PIDX_CIPHER_PARAM_AEAD_MAC_KEY;
+                    break;
+                case 'l':
+                    if (strcmp("en", s + 4) == 0)
+                        return PIDX_KDF_PARAM_MAC_SIZE;
+                    break;
+                case '\0':
+                    return PIDX_ALG_PARAM_MAC;
+                }
+                break;
+            case 'n':
+                if (strcmp("datory-digest", s + 3) == 0)
+                    return PIDX_PKEY_PARAM_MANDATORY_DIGEST;
+                break;
+            case 'x':
+                switch(s[3]) {
+                default:
+                    break;
+                case '-':
+                    if (strcmp("size", s + 4) == 0)
+                        return PIDX_PKEY_PARAM_MAX_SIZE;
+                    break;
+                case '_':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'a':
+                        if (strcmp("dinlen", s + 5) == 0)
+                            return PIDX_DRBG_PARAM_MAX_ADINLEN;
+                        break;
+                    case 'e':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'a':
+                            if (strcmp("rly_data", s + 6) == 0)
+                                return PIDX_LIBSSL_RECORD_LAYER_PARAM_MAX_EARLY_DATA;
+                            break;
+                        case 'n':
+                            if (strcmp("tropylen", s + 6) == 0)
+                                return PIDX_DRBG_PARAM_MAX_ENTROPYLEN;
+                        }
+                        break;
+                    case 'f':
+                        if (strcmp("rag_len", s + 5) == 0)
+                            return PIDX_LIBSSL_RECORD_LAYER_PARAM_MAX_FRAG_LEN;
+                        break;
+                    case 'n':
+                        if (strcmp("oncelen", s + 5) == 0)
+                            return PIDX_DRBG_PARAM_MAX_NONCELEN;
+                        break;
+                    case 'p':
+                        if (strcmp("erslen", s + 5) == 0)
+                            return PIDX_DRBG_PARAM_MAX_PERSLEN;
+                        break;
+                    case 'r':
+                        if (strcmp("equest", s + 5) == 0)
+                            return PIDX_RAND_PARAM_MAX_REQUEST;
+                    }
+                    break;
+                case 'i':
+                    if (strcmp("um_length", s + 4) == 0)
+                        return PIDX_DRBG_PARAM_MAX_LENGTH;
+                    break;
+                case 'm':
+                    if (strcmp("em_bytes", s + 4) == 0)
+                        return PIDX_KDF_PARAM_SCRYPT_MAXMEM;
+                }
+            }
+            break;
+        case 'e':
+            if (strcmp("mcost", s + 2) == 0)
+                return PIDX_KDF_PARAM_ARGON2_MEMCOST;
+            break;
+        case 'g':
+            switch(s[2]) {
+            default:
+                break;
+            case 'f':
+                switch(s[3]) {
+                default:
+                    break;
+                case '1':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case '-':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'd':
+                            if (strcmp("igest", s + 6) == 0)
+                                return PIDX_PKEY_PARAM_MGF1_DIGEST;
+                            break;
+                        case 'p':
+                            if (strcmp("roperties", s + 6) == 0)
+                                return PIDX_PKEY_PARAM_MGF1_PROPERTIES;
+                        }
+                    }
+                    break;
+                case '\0':
+                    return PIDX_PKEY_PARAM_MASKGENFUNC;
+                }
+            }
+            break;
+        case 'i':
+            switch(s[2]) {
+            default:
+                break;
+            case 'c':
+                if (strcmp("alg", s + 3) == 0)
+                    return PIDX_DIGEST_PARAM_MICALG;
+                break;
+            case 'n':
+                switch(s[3]) {
+                default:
+                    break;
+                case '_':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'e':
+                        if (strcmp("ntropylen", s + 5) == 0)
+                            return PIDX_DRBG_PARAM_MIN_ENTROPYLEN;
+                        break;
+                    case 'n':
+                        if (strcmp("oncelen", s + 5) == 0)
+                            return PIDX_DRBG_PARAM_MIN_NONCELEN;
+                    }
+                    break;
+                case 'i':
+                    if (strcmp("um_length", s + 4) == 0)
+                        return PIDX_DRBG_PARAM_MIN_LENGTH;
+                }
+            }
+            break;
+        case 'o':
+            switch(s[2]) {
+            default:
+                break;
+            case 'd':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'e':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case '\0':
+                        return PIDX_CIPHER_PARAM_MODE;
+                    }
+                    break;
+                case 'u':
+                    if (strcmp("le-filename", s + 4) == 0)
+                        return PIDX_PROV_PARAM_CORE_MODULE_FILENAME;
+                }
+            }
+            break;
+        case '\0':
+            return PIDX_PKEY_PARAM_EC_CHAR2_M;
+        }
+        break;
+    case 'n':
+        switch(s[1]) {
+        default:
+            break;
+        case 'a':
+            if (strcmp("me", s + 2) == 0)
+                return PIDX_STORE_PARAM_ISSUER;
+            break;
+        case 'o':
+            switch(s[2]) {
+            default:
+                break;
+            case 'n':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'c':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'e':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case '-':
+                            if (strcmp("type", s + 6) == 0)
+                                return PIDX_SIGNATURE_PARAM_NONCE_TYPE;
+                            break;
+                        case '\0':
+                            return PIDX_KDF_PARAM_HMACDRBG_NONCE;
+                        }
+                    }
+                }
+            }
+            break;
+        case 'u':
+            if (strcmp("m", s + 2) == 0)
+                return PIDX_CIPHER_PARAM_NUM;
+            break;
+        case '\0':
+            return PIDX_PKEY_PARAM_RSA_N;
+        }
+        break;
+    case 'o':
+        switch(s[1]) {
+        default:
+            break;
+        case 'a':
+            if (strcmp("ep-label", s + 2) == 0)
+                return PIDX_ASYM_CIPHER_PARAM_OAEP_LABEL;
+            break;
+        case 'p':
+            switch(s[2]) {
+            default:
+                break;
+            case 'e':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'n':
+                    if (strcmp("ssl-version", s + 4) == 0)
+                        return PIDX_PROV_PARAM_CORE_VERSION;
+                    break;
+                case 'r':
+                    if (strcmp("ation", s + 4) == 0)
+                        return PIDX_KEM_PARAM_OPERATION;
+                }
+                break;
+            case 't':
+                if (strcmp("ions", s + 3) == 0)
+                    return PIDX_LIBSSL_RECORD_LAYER_PARAM_OPTIONS;
+            }
+            break;
+        case 'r':
+            if (strcmp("der", s + 2) == 0)
+                return PIDX_PKEY_PARAM_EC_ORDER;
+        }
+        break;
+    case 'p':
+        switch(s[1]) {
+        default:
+            break;
+        case '1':
+            switch(s[2]) {
+            default:
+                break;
+            case '\0':
+                return PIDX_PKEY_PARAM_RSA_TEST_P1;
+            }
+            break;
+        case '2':
+            switch(s[2]) {
+            default:
+                break;
+            case '\0':
+                return PIDX_PKEY_PARAM_RSA_TEST_P2;
+            }
+            break;
+        case 'a':
+            switch(s[2]) {
+            default:
+                break;
+            case 'd':
+                switch(s[3]) {
+                default:
+                    break;
+                case '-':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'm':
+                        if (strcmp("ode", s + 5) == 0)
+                            return PIDX_PKEY_PARAM_PAD_MODE;
+                        break;
+                    case 't':
+                        if (strcmp("ype", s + 5) == 0)
+                            return PIDX_DIGEST_PARAM_PAD_TYPE;
+                    }
+                    break;
+                case 'd':
+                    if (strcmp("ing", s + 4) == 0)
+                        return PIDX_CIPHER_PARAM_PADDING;
+                    break;
+                case '\0':
+                    return PIDX_EXCHANGE_PARAM_PAD;
+                }
+                break;
+            case 'r':
+                switch(s[3]) {
+                default:
+                    break;
+                case 't':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'y':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'u':
+                            if (strcmp("-info", s + 6) == 0)
+                                return PIDX_KDF_PARAM_X942_PARTYUINFO;
+                            break;
+                        case 'v':
+                            if (strcmp("-info", s + 6) == 0)
+                                return PIDX_KDF_PARAM_X942_PARTYVINFO;
+                        }
+                    }
+                }
+                break;
+            case 's':
+                if (strcmp("s", s + 3) == 0)
+                    return PIDX_KDF_PARAM_PASSWORD;
+            }
+            break;
+        case 'b':
+            if (strcmp("its", s + 2) == 0)
+                return PIDX_PKEY_PARAM_FFC_PBITS;
+            break;
+        case 'c':
+            if (strcmp("ounter", s + 2) == 0)
+                return PIDX_PKEY_PARAM_FFC_PCOUNTER;
+            break;
+        case 'k':
+            if (strcmp("cs5", s + 2) == 0)
+                return PIDX_KDF_PARAM_PKCS5;
+            break;
+        case 'o':
+            switch(s[2]) {
+            default:
+                break;
+            case 'i':
+                if (strcmp("nt-format", s + 3) == 0)
+                    return PIDX_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT;
+                break;
+            case 't':
+                if (strcmp("ential", s + 3) == 0)
+                    return PIDX_GEN_PARAM_POTENTIAL;
+            }
+            break;
+        case 'r':
+            switch(s[2]) {
+            default:
+                break;
+            case 'e':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'd':
+                    if (strcmp("iction_resistance", s + 4) == 0)
+                        return PIDX_DRBG_PARAM_PREDICTION_RESISTANCE;
+                    break;
+                case 'f':
+                    if (strcmp("ix", s + 4) == 0)
+                        return PIDX_KDF_PARAM_PREFIX;
+                }
+                break;
+            case 'i':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'm':
+                    if (strcmp("es", s + 4) == 0)
+                        return PIDX_PKEY_PARAM_RSA_PRIMES;
+                    break;
+                case 'v':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case '_':
+                        if (strcmp("len", s + 5) == 0)
+                            return PIDX_PKEY_PARAM_DH_PRIV_LEN;
+                        break;
+                    case '\0':
+                        return PIDX_PKEY_PARAM_PRIV_KEY;
+                    }
+                }
+                break;
+            case 'o':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'p':
+                    if (strcmp("erties", s + 4) == 0)
+                        return PIDX_STORE_PARAM_PROPERTIES;
+                    break;
+                case 'v':
+                    if (strcmp("ider-name", s + 4) == 0)
+                        return PIDX_PROV_PARAM_CORE_PROV_NAME;
+                }
+            }
+            break;
+        case 'u':
+            if (strcmp("b", s + 2) == 0)
+                return PIDX_PKEY_PARAM_PUB_KEY;
+            break;
+        case '\0':
+            return PIDX_PKEY_PARAM_EC_P;
+        }
+        break;
+    case 'q':
+        switch(s[1]) {
+        default:
+            break;
+        case '1':
+            switch(s[2]) {
+            default:
+                break;
+            case '\0':
+                return PIDX_PKEY_PARAM_RSA_TEST_Q1;
+            }
+            break;
+        case '2':
+            switch(s[2]) {
+            default:
+                break;
+            case '\0':
+                return PIDX_PKEY_PARAM_RSA_TEST_Q2;
+            }
+            break;
+        case 'b':
+            if (strcmp("its", s + 2) == 0)
+                return PIDX_PKEY_PARAM_FFC_QBITS;
+            break;
+        case '\0':
+            return PIDX_PKEY_PARAM_FFC_Q;
+            break;
+        case 'x':
+            switch(s[2]) {
+            default:
+                break;
+            case '\0':
+                return PIDX_PKEY_PARAM_EC_PUB_X;
+            }
+            break;
+        case 'y':
+            switch(s[2]) {
+            default:
+                break;
+            case '\0':
+                return PIDX_PKEY_PARAM_EC_PUB_Y;
+            }
+        }
+        break;
+    case 'r':
+        switch(s[1]) {
+        default:
+            break;
+        case 'a':
+            switch(s[2]) {
+            default:
+                break;
+            case 'n':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'd':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'k':
+                        if (strcmp("ey", s + 5) == 0)
+                            return PIDX_CIPHER_PARAM_RANDOM_KEY;
+                        break;
+                    case 'o':
+                        if (strcmp("m_data", s + 5) == 0)
+                            return PIDX_DRBG_PARAM_RANDOM_DATA;
+                    }
+                }
+            }
+            break;
+        case 'e':
+            switch(s[2]) {
+            default:
+                break;
+            case 'a':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'd':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case '_':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'a':
+                            if (strcmp("head", s + 6) == 0)
+                                return PIDX_LIBSSL_RECORD_LAYER_PARAM_READ_AHEAD;
+                            break;
+                        case 'b':
+                            if (strcmp("uffer_len", s + 6) == 0)
+                                return PIDX_LIBSSL_RECORD_LAYER_READ_BUFFER_LEN;
+                        }
+                    }
+                }
+                break;
+            case 'f':
+                if (strcmp("erence", s + 3) == 0)
+                    return PIDX_OBJECT_PARAM_REFERENCE;
+                break;
+            case 's':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'e':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'e':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'd':
+                            switch(s[6]) {
+                            default:
+                                break;
+                            case '_':
+                                switch(s[7]) {
+                                default:
+                                    break;
+                                case 'c':
+                                    if (strcmp("ounter", s + 8) == 0)
+                                        return PIDX_DRBG_PARAM_RESEED_COUNTER;
+                                    break;
+                                case 'r':
+                                    if (strcmp("equests", s + 8) == 0)
+                                        return PIDX_DRBG_PARAM_RESEED_REQUESTS;
+                                    break;
+                                case 't':
+                                    switch(s[8]) {
+                                    default:
+                                        break;
+                                    case 'i':
+                                        switch(s[9]) {
+                                        default:
+                                            break;
+                                        case 'm':
+                                            switch(s[10]) {
+                                            default:
+                                                break;
+                                            case 'e':
+                                                switch(s[11]) {
+                                                default:
+                                                    break;
+                                                case '_':
+                                                    if (strcmp("interval", s + 12) == 0)
+                                                        return PIDX_DRBG_PARAM_RESEED_TIME_INTERVAL;
+                                                    break;
+                                                case '\0':
+                                                    return PIDX_DRBG_PARAM_RESEED_TIME;
+                                                }
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+            break;
+        case 'o':
+            if (strcmp("unds", s + 2) == 0)
+                return PIDX_CIPHER_PARAM_ROUNDS;
+            break;
+        case 's':
+            switch(s[2]) {
+            default:
+                break;
+            case 'a':
+                switch(s[3]) {
+                default:
+                    break;
+                case '-':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'c':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'o':
+                            switch(s[6]) {
+                            default:
+                                break;
+                            case 'e':
+                                switch(s[7]) {
+                                default:
+                                    break;
+                                case 'f':
+                                    switch(s[8]) {
+                                    default:
+                                        break;
+                                    case 'f':
+                                        switch(s[9]) {
+                                        default:
+                                            break;
+                                        case 'i':
+                                            switch(s[10]) {
+                                            default:
+                                                break;
+                                            case 'c':
+                                                switch(s[11]) {
+                                                default:
+                                                    break;
+                                                case 'i':
+                                                    switch(s[12]) {
+                                                    default:
+                                                        break;
+                                                    case 'e':
+                                                        switch(s[13]) {
+                                                        default:
+                                                            break;
+                                                        case 'n':
+                                                            switch(s[14]) {
+                                                            default:
+                                                                break;
+                                                            case 't':
+                                                                switch(s[15]) {
+                                                                default:
+                                                                    break;
+                                                                case '1':
+                                                                    switch(s[16]) {
+                                                                    default:
+                                                                        break;
+                                                                    case '\0':
+                                                                        return PIDX_PKEY_PARAM_RSA_COEFFICIENT1;
+                                                                    }
+                                                                    break;
+                                                                case '2':
+                                                                    switch(s[16]) {
+                                                                    default:
+                                                                        break;
+                                                                    case '\0':
+                                                                        return PIDX_PKEY_PARAM_RSA_COEFFICIENT2;
+                                                                    }
+                                                                    break;
+                                                                case '3':
+                                                                    switch(s[16]) {
+                                                                    default:
+                                                                        break;
+                                                                    case '\0':
+                                                                        return PIDX_PKEY_PARAM_RSA_COEFFICIENT3;
+                                                                    }
+                                                                    break;
+                                                                case '4':
+                                                                    switch(s[16]) {
+                                                                    default:
+                                                                        break;
+                                                                    case '\0':
+                                                                        return PIDX_PKEY_PARAM_RSA_COEFFICIENT4;
+                                                                    }
+                                                                    break;
+                                                                case '5':
+                                                                    switch(s[16]) {
+                                                                    default:
+                                                                        break;
+                                                                    case '\0':
+                                                                        return PIDX_PKEY_PARAM_RSA_COEFFICIENT5;
+                                                                    }
+                                                                    break;
+                                                                case '6':
+                                                                    switch(s[16]) {
+                                                                    default:
+                                                                        break;
+                                                                    case '\0':
+                                                                        return PIDX_PKEY_PARAM_RSA_COEFFICIENT6;
+                                                                    }
+                                                                    break;
+                                                                case '7':
+                                                                    switch(s[16]) {
+                                                                    default:
+                                                                        break;
+                                                                    case '\0':
+                                                                        return PIDX_PKEY_PARAM_RSA_COEFFICIENT7;
+                                                                    }
+                                                                    break;
+                                                                case '8':
+                                                                    switch(s[16]) {
+                                                                    default:
+                                                                        break;
+                                                                    case '\0':
+                                                                        return PIDX_PKEY_PARAM_RSA_COEFFICIENT8;
+                                                                    }
+                                                                    break;
+                                                                case '9':
+                                                                    switch(s[16]) {
+                                                                    default:
+                                                                        break;
+                                                                    case '\0':
+                                                                        return PIDX_PKEY_PARAM_RSA_COEFFICIENT9;
+                                                                    }
+                                                                    break;
+                                                                case '\0':
+                                                                    return PIDX_PKEY_PARAM_RSA_COEFFICIENT;
+                                                                }
+                                                            }
+                                                        }
+                                                    }
+                                                }
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                        break;
+                    case 'e':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'x':
+                            switch(s[6]) {
+                            default:
+                                break;
+                            case 'p':
+                                switch(s[7]) {
+                                default:
+                                    break;
+                                case 'o':
+                                    switch(s[8]) {
+                                    default:
+                                        break;
+                                    case 'n':
+                                        switch(s[9]) {
+                                        default:
+                                            break;
+                                        case 'e':
+                                            switch(s[10]) {
+                                            default:
+                                                break;
+                                            case 'n':
+                                                switch(s[11]) {
+                                                default:
+                                                    break;
+                                                case 't':
+                                                    switch(s[12]) {
+                                                    default:
+                                                        break;
+                                                    case '1':
+                                                        switch(s[13]) {
+                                                        default:
+                                                            break;
+                                                        case '0':
+                                                            switch(s[14]) {
+                                                            default:
+                                                                break;
+                                                            case '\0':
+                                                                return PIDX_PKEY_PARAM_RSA_EXPONENT10;
+                                                            }
+                                                            break;
+                                                        case '\0':
+                                                            return PIDX_PKEY_PARAM_RSA_EXPONENT1;
+                                                        }
+                                                        break;
+                                                    case '2':
+                                                        switch(s[13]) {
+                                                        default:
+                                                            break;
+                                                        case '\0':
+                                                            return PIDX_PKEY_PARAM_RSA_EXPONENT2;
+                                                        }
+                                                        break;
+                                                    case '3':
+                                                        switch(s[13]) {
+                                                        default:
+                                                            break;
+                                                        case '\0':
+                                                            return PIDX_PKEY_PARAM_RSA_EXPONENT3;
+                                                        }
+                                                        break;
+                                                    case '4':
+                                                        switch(s[13]) {
+                                                        default:
+                                                            break;
+                                                        case '\0':
+                                                            return PIDX_PKEY_PARAM_RSA_EXPONENT4;
+                                                        }
+                                                        break;
+                                                    case '5':
+                                                        switch(s[13]) {
+                                                        default:
+                                                            break;
+                                                        case '\0':
+                                                            return PIDX_PKEY_PARAM_RSA_EXPONENT5;
+                                                        }
+                                                        break;
+                                                    case '6':
+                                                        switch(s[13]) {
+                                                        default:
+                                                            break;
+                                                        case '\0':
+                                                            return PIDX_PKEY_PARAM_RSA_EXPONENT6;
+                                                        }
+                                                        break;
+                                                    case '7':
+                                                        switch(s[13]) {
+                                                        default:
+                                                            break;
+                                                        case '\0':
+                                                            return PIDX_PKEY_PARAM_RSA_EXPONENT7;
+                                                        }
+                                                        break;
+                                                    case '8':
+                                                        switch(s[13]) {
+                                                        default:
+                                                            break;
+                                                        case '\0':
+                                                            return PIDX_PKEY_PARAM_RSA_EXPONENT8;
+                                                        }
+                                                        break;
+                                                    case '9':
+                                                        switch(s[13]) {
+                                                        default:
+                                                            break;
+                                                        case '\0':
+                                                            return PIDX_PKEY_PARAM_RSA_EXPONENT9;
+                                                        }
+                                                        break;
+                                                    case '\0':
+                                                        return PIDX_PKEY_PARAM_RSA_EXPONENT;
+                                                    }
+                                                }
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                        break;
+                    case 'f':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'a':
+                            switch(s[6]) {
+                            default:
+                                break;
+                            case 'c':
+                                switch(s[7]) {
+                                default:
+                                    break;
+                                case 't':
+                                    switch(s[8]) {
+                                    default:
+                                        break;
+                                    case 'o':
+                                        switch(s[9]) {
+                                        default:
+                                            break;
+                                        case 'r':
+                                            switch(s[10]) {
+                                            default:
+                                                break;
+                                            case '1':
+                                                switch(s[11]) {
+                                                default:
+                                                    break;
+                                                case '0':
+                                                    switch(s[12]) {
+                                                    default:
+                                                        break;
+                                                    case '\0':
+                                                        return PIDX_PKEY_PARAM_RSA_FACTOR10;
+                                                    }
+                                                    break;
+                                                case '\0':
+                                                    return PIDX_PKEY_PARAM_RSA_FACTOR1;
+                                                }
+                                                break;
+                                            case '2':
+                                                switch(s[11]) {
+                                                default:
+                                                    break;
+                                                case '\0':
+                                                    return PIDX_PKEY_PARAM_RSA_FACTOR2;
+                                                }
+                                                break;
+                                            case '3':
+                                                switch(s[11]) {
+                                                default:
+                                                    break;
+                                                case '\0':
+                                                    return PIDX_PKEY_PARAM_RSA_FACTOR3;
+                                                }
+                                                break;
+                                            case '4':
+                                                switch(s[11]) {
+                                                default:
+                                                    break;
+                                                case '\0':
+                                                    return PIDX_PKEY_PARAM_RSA_FACTOR4;
+                                                }
+                                                break;
+                                            case '5':
+                                                switch(s[11]) {
+                                                default:
+                                                    break;
+                                                case '\0':
+                                                    return PIDX_PKEY_PARAM_RSA_FACTOR5;
+                                                }
+                                                break;
+                                            case '6':
+                                                switch(s[11]) {
+                                                default:
+                                                    break;
+                                                case '\0':
+                                                    return PIDX_PKEY_PARAM_RSA_FACTOR6;
+                                                }
+                                                break;
+                                            case '7':
+                                                switch(s[11]) {
+                                                default:
+                                                    break;
+                                                case '\0':
+                                                    return PIDX_PKEY_PARAM_RSA_FACTOR7;
+                                                }
+                                                break;
+                                            case '8':
+                                                switch(s[11]) {
+                                                default:
+                                                    break;
+                                                case '\0':
+                                                    return PIDX_PKEY_PARAM_RSA_FACTOR8;
+                                                }
+                                                break;
+                                            case '9':
+                                                switch(s[11]) {
+                                                default:
+                                                    break;
+                                                case '\0':
+                                                    return PIDX_PKEY_PARAM_RSA_FACTOR9;
+                                                }
+                                                break;
+                                            case '\0':
+                                                return PIDX_PKEY_PARAM_RSA_FACTOR;
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+            break;
+        case '\0':
+            return PIDX_KDF_PARAM_SCRYPT_R;
+        }
+        break;
+    case 's':
+        switch(s[1]) {
+        default:
+            break;
+        case 'a':
+            switch(s[2]) {
+            default:
+                break;
+            case 'f':
+                if (strcmp("eprime-generator", s + 3) == 0)
+                    return PIDX_PKEY_PARAM_DH_GENERATOR;
+                break;
+            case 'l':
+                switch(s[3]) {
+                default:
+                    break;
+                case 't':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'l':
+                        if (strcmp("en", s + 5) == 0)
+                            return PIDX_SIGNATURE_PARAM_PSS_SALTLEN;
+                        break;
+                    case '\0':
+                        return PIDX_MAC_PARAM_SALT;
+                    }
+                }
+                break;
+            case 'v':
+                if (strcmp("e-parameters", s + 3) == 0)
+                    return PIDX_ENCODER_PARAM_SAVE_PARAMETERS;
+            }
+            break;
+        case 'e':
+            switch(s[2]) {
+            default:
+                break;
+            case 'c':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'r':
+                    if (strcmp("et", s + 4) == 0)
+                        return PIDX_KDF_PARAM_SECRET;
+                    break;
+                case 'u':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'r':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'i':
+                            switch(s[6]) {
+                            default:
+                                break;
+                            case 't':
+                                switch(s[7]) {
+                                default:
+                                    break;
+                                case 'y':
+                                    switch(s[8]) {
+                                    default:
+                                        break;
+                                    case '-':
+                                        switch(s[9]) {
+                                        default:
+                                            break;
+                                        case 'b':
+                                            if (strcmp("its", s + 10) == 0)
+                                                return PIDX_PKEY_PARAM_SECURITY_BITS;
+                                            break;
+                                        case 'c':
+                                            if (strcmp("hecks", s + 10) == 0)
+                                                return PIDX_PROV_PARAM_SECURITY_CHECKS;
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+                break;
+            case 'e':
+                if (strcmp("d", s + 3) == 0)
+                    return PIDX_PKEY_PARAM_EC_SEED;
+                break;
+            case 'r':
+                if (strcmp("ial", s + 3) == 0)
+                    return PIDX_STORE_PARAM_SERIAL;
+                break;
+            case 's':
+                if (strcmp("sion_id", s + 3) == 0)
+                    return PIDX_KDF_PARAM_SSHKDF_SESSION_ID;
+            }
+            break;
+        case 'i':
+            if (strcmp("ze", s + 2) == 0)
+                return PIDX_DIGEST_PARAM_SIZE;
+            break;
+        case 'p':
+            if (strcmp("eed", s + 2) == 0)
+                return PIDX_CIPHER_PARAM_SPEED;
+            break;
+        case 's':
+            if (strcmp("l3-ms", s + 2) == 0)
+                return PIDX_DIGEST_PARAM_SSL3_MS;
+            break;
+        case 't':
+            switch(s[2]) {
+            default:
+                break;
+            case '-':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'd':
+                    if (strcmp("esc", s + 4) == 0)
+                        return PIDX_PROV_PARAM_SELF_TEST_DESC;
+                    break;
+                case 'p':
+                    if (strcmp("hase", s + 4) == 0)
+                        return PIDX_PROV_PARAM_SELF_TEST_PHASE;
+                    break;
+                case 't':
+                    if (strcmp("ype", s + 4) == 0)
+                        return PIDX_PROV_PARAM_SELF_TEST_TYPE;
+                }
+                break;
+            case 'a':
+                switch(s[3]) {
+                default:
+                    break;
+                case 't':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'e':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case '\0':
+                            return PIDX_RAND_PARAM_STATE;
+                        }
+                        break;
+                    case 'u':
+                        if (strcmp("s", s + 5) == 0)
+                            return PIDX_PROV_PARAM_STATUS;
+                    }
+                }
+                break;
+            case 'r':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'e':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'a':
+                        if (strcmp("m_mac", s + 5) == 0)
+                            return PIDX_LIBSSL_RECORD_LAYER_PARAM_STREAM_MAC;
+                        break;
+                    case 'n':
+                        if (strcmp("gth", s + 5) == 0)
+                            return PIDX_RAND_PARAM_STRENGTH;
+                    }
+                }
+            }
+            break;
+        case 'u':
+            switch(s[2]) {
+            default:
+                break;
+            case 'b':
+                if (strcmp("ject", s + 3) == 0)
+                    return PIDX_STORE_PARAM_SUBJECT;
+                break;
+            case 'p':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'p':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case '-':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'p':
+                            switch(s[6]) {
+                            default:
+                                break;
+                            case 'r':
+                                if (strcmp("ivinfo", s + 7) == 0)
+                                    return PIDX_KDF_PARAM_X942_SUPP_PRIVINFO;
+                                break;
+                            case 'u':
+                                if (strcmp("binfo", s + 7) == 0)
+                                    return PIDX_KDF_PARAM_X942_SUPP_PUBINFO;
+                            }
+                        }
+                    }
+                }
+            }
+        }
+        break;
+    case 't':
+        switch(s[1]) {
+        default:
+            break;
+        case 'a':
+            switch(s[2]) {
+            default:
+                break;
+            case 'g':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'l':
+                    if (strcmp("en", s + 4) == 0)
+                        return PIDX_CIPHER_PARAM_AEAD_TAGLEN;
+                    break;
+                case '\0':
+                    return PIDX_CIPHER_PARAM_AEAD_TAG;
+                }
+            }
+            break;
+        case 'e':
+            switch(s[2]) {
+            default:
+                break;
+            case 's':
+                switch(s[3]) {
+                default:
+                    break;
+                case 't':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case '_':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'e':
+                            if (strcmp("ntropy", s + 6) == 0)
+                                return PIDX_RAND_PARAM_TEST_ENTROPY;
+                            break;
+                        case 'n':
+                            if (strcmp("once", s + 6) == 0)
+                                return PIDX_RAND_PARAM_TEST_NONCE;
+                        }
+                    }
+                }
+            }
+            break;
+        case 'h':
+            if (strcmp("reads", s + 2) == 0)
+                return PIDX_KDF_PARAM_THREADS;
+            break;
+        case 'l':
+            switch(s[2]) {
+            default:
+                break;
+            case 's':
+                switch(s[3]) {
+                default:
+                    break;
+                case '-':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'c':
+                        if (strcmp("lient-version", s + 5) == 0)
+                            return PIDX_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION;
+                        break;
+                    case 'd':
+                        if (strcmp("ata-size", s + 5) == 0)
+                            return PIDX_MAC_PARAM_TLS_DATA_SIZE;
+                        break;
+                    case 'g':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'r':
+                            switch(s[6]) {
+                            default:
+                                break;
+                            case 'o':
+                                switch(s[7]) {
+                                default:
+                                    break;
+                                case 'u':
+                                    switch(s[8]) {
+                                    default:
+                                        break;
+                                    case 'p':
+                                        switch(s[9]) {
+                                        default:
+                                            break;
+                                        case '-':
+                                            switch(s[10]) {
+                                            default:
+                                                break;
+                                            case 'a':
+                                                if (strcmp("lg", s + 11) == 0)
+                                                    return PIDX_CAPABILITY_TLS_GROUP_ALG;
+                                                break;
+                                            case 'i':
+                                                switch(s[11]) {
+                                                default:
+                                                    break;
+                                                case 'd':
+                                                    switch(s[12]) {
+                                                    default:
+                                                        break;
+                                                    case '\0':
+                                                        return PIDX_CAPABILITY_TLS_GROUP_ID;
+                                                    }
+                                                    break;
+                                                case 's':
+                                                    if (strcmp("-kem", s + 12) == 0)
+                                                        return PIDX_CAPABILITY_TLS_GROUP_IS_KEM;
+                                                }
+                                                break;
+                                            case 'n':
+                                                switch(s[11]) {
+                                                default:
+                                                    break;
+                                                case 'a':
+                                                    switch(s[12]) {
+                                                    default:
+                                                        break;
+                                                    case 'm':
+                                                        switch(s[13]) {
+                                                        default:
+                                                            break;
+                                                        case 'e':
+                                                            switch(s[14]) {
+                                                            default:
+                                                                break;
+                                                            case '-':
+                                                                if (strcmp("internal", s + 15) == 0)
+                                                                    return PIDX_CAPABILITY_TLS_GROUP_NAME_INTERNAL;
+                                                                break;
+                                                            case '\0':
+                                                                return PIDX_CAPABILITY_TLS_GROUP_NAME;
+                                                            }
+                                                        }
+                                                    }
+                                                }
+                                                break;
+                                            case 's':
+                                                if (strcmp("ec-bits", s + 11) == 0)
+                                                    return PIDX_CAPABILITY_TLS_GROUP_SECURITY_BITS;
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                        break;
+                    case 'm':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'a':
+                            switch(s[6]) {
+                            default:
+                                break;
+                            case 'c':
+                                switch(s[7]) {
+                                default:
+                                    break;
+                                case '-':
+                                    if (strcmp("size", s + 8) == 0)
+                                        return PIDX_CIPHER_PARAM_TLS_MAC_SIZE;
+                                    break;
+                                case '\0':
+                                    return PIDX_CIPHER_PARAM_TLS_MAC;
+                                }
+                                break;
+                            case 'x':
+                                switch(s[7]) {
+                                default:
+                                    break;
+                                case '-':
+                                    switch(s[8]) {
+                                    default:
+                                        break;
+                                    case 'd':
+                                        if (strcmp("tls", s + 9) == 0)
+                                            return PIDX_CAPABILITY_TLS_GROUP_MAX_DTLS;
+                                        break;
+                                    case 't':
+                                        if (strcmp("ls", s + 9) == 0)
+                                            return PIDX_CAPABILITY_TLS_SIGALG_MAX_TLS;
+                                    }
+                                }
+                            }
+                            break;
+                        case 'i':
+                            switch(s[6]) {
+                            default:
+                                break;
+                            case 'n':
+                                switch(s[7]) {
+                                default:
+                                    break;
+                                case '-':
+                                    switch(s[8]) {
+                                    default:
+                                        break;
+                                    case 'd':
+                                        if (strcmp("tls", s + 9) == 0)
+                                            return PIDX_CAPABILITY_TLS_GROUP_MIN_DTLS;
+                                        break;
+                                    case 't':
+                                        if (strcmp("ls", s + 9) == 0)
+                                            return PIDX_CAPABILITY_TLS_GROUP_MIN_TLS;
+                                    }
+                                }
+                            }
+                            break;
+                        case 'u':
+                            if (strcmp("lti", s + 6) == 0)
+                                return PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK;
+                        }
+                        break;
+                    case 'n':
+                        if (strcmp("egotiated-version", s + 5) == 0)
+                            return PIDX_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION;
+                        break;
+                    case 's':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'i':
+                            switch(s[6]) {
+                            default:
+                                break;
+                            case 'g':
+                                switch(s[7]) {
+                                default:
+                                    break;
+                                case 'a':
+                                    switch(s[8]) {
+                                    default:
+                                        break;
+                                    case 'l':
+                                        switch(s[9]) {
+                                        default:
+                                            break;
+                                        case 'g':
+                                            switch(s[10]) {
+                                            default:
+                                                break;
+                                            case '-':
+                                                switch(s[11]) {
+                                                default:
+                                                    break;
+                                                case 'c':
+                                                    if (strcmp("ode-point", s + 12) == 0)
+                                                        return PIDX_CAPABILITY_TLS_SIGALG_CODE_POINT;
+                                                    break;
+                                                case 'h':
+                                                    switch(s[12]) {
+                                                    default:
+                                                        break;
+                                                    case 'a':
+                                                        switch(s[13]) {
+                                                        default:
+                                                            break;
+                                                        case 's':
+                                                            switch(s[14]) {
+                                                            default:
+                                                                break;
+                                                            case 'h':
+                                                                switch(s[15]) {
+                                                                default:
+                                                                    break;
+                                                                case '-':
+                                                                    switch(s[16]) {
+                                                                    default:
+                                                                        break;
+                                                                    case 'n':
+                                                                        if (strcmp("ame", s + 17) == 0)
+                                                                            return PIDX_CAPABILITY_TLS_SIGALG_HASH_NAME;
+                                                                        break;
+                                                                    case 'o':
+                                                                        if (strcmp("id", s + 17) == 0)
+                                                                            return PIDX_CAPABILITY_TLS_SIGALG_HASH_OID;
+                                                                    }
+                                                                }
+                                                            }
+                                                        }
+                                                    }
+                                                    break;
+                                                case 'i':
+                                                    if (strcmp("ana-name", s + 12) == 0)
+                                                        return PIDX_CAPABILITY_TLS_SIGALG_IANA_NAME;
+                                                    break;
+                                                case 'k':
+                                                    switch(s[12]) {
+                                                    default:
+                                                        break;
+                                                    case 'e':
+                                                        switch(s[13]) {
+                                                        default:
+                                                            break;
+                                                        case 'y':
+                                                            switch(s[14]) {
+                                                            default:
+                                                                break;
+                                                            case 't':
+                                                                switch(s[15]) {
+                                                                default:
+                                                                    break;
+                                                                case 'y':
+                                                                    switch(s[16]) {
+                                                                    default:
+                                                                        break;
+                                                                    case 'p':
+                                                                        switch(s[17]) {
+                                                                        default:
+                                                                            break;
+                                                                        case 'e':
+                                                                            switch(s[18]) {
+                                                                            default:
+                                                                                break;
+                                                                            case '-':
+                                                                                if (strcmp("oid", s + 19) == 0)
+                                                                                    return PIDX_CAPABILITY_TLS_SIGALG_KEYTYPE_OID;
+                                                                                break;
+                                                                            case '\0':
+                                                                                return PIDX_CAPABILITY_TLS_SIGALG_KEYTYPE;
+                                                                            }
+                                                                        }
+                                                                    }
+                                                                }
+                                                            }
+                                                        }
+                                                    }
+                                                    break;
+                                                case 'n':
+                                                    if (strcmp("ame", s + 12) == 0)
+                                                        return PIDX_CAPABILITY_TLS_SIGALG_NAME;
+                                                    break;
+                                                case 'o':
+                                                    if (strcmp("id", s + 12) == 0)
+                                                        return PIDX_CAPABILITY_TLS_SIGALG_OID;
+                                                    break;
+                                                case 's':
+                                                    switch(s[12]) {
+                                                    default:
+                                                        break;
+                                                    case 'e':
+                                                        if (strcmp("c-bits", s + 13) == 0)
+                                                            return PIDX_CAPABILITY_TLS_SIGALG_SECURITY_BITS;
+                                                        break;
+                                                    case 'i':
+                                                        switch(s[13]) {
+                                                        default:
+                                                            break;
+                                                        case 'g':
+                                                            switch(s[14]) {
+                                                            default:
+                                                                break;
+                                                            case '-':
+                                                                switch(s[15]) {
+                                                                default:
+                                                                    break;
+                                                                case 'n':
+                                                                    if (strcmp("ame", s + 16) == 0)
+                                                                        return PIDX_CAPABILITY_TLS_SIGALG_SIG_NAME;
+                                                                    break;
+                                                                case 'o':
+                                                                    if (strcmp("id", s + 16) == 0)
+                                                                        return PIDX_CAPABILITY_TLS_SIGALG_SIG_OID;
+                                                                }
+                                                            }
+                                                        }
+                                                    }
+                                                }
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                        break;
+                    case 'v':
+                        if (strcmp("ersion", s + 5) == 0)
+                            return PIDX_CIPHER_PARAM_TLS_VERSION;
+                    }
+                    break;
+                case '1':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case '-':
+                        if (strcmp("prf-ems-check", s + 5) == 0)
+                            return PIDX_PROV_PARAM_TLS1_PRF_EMS_CHECK;
+                        break;
+                    case 'm':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'u':
+                            switch(s[6]) {
+                            default:
+                                break;
+                            case 'l':
+                                switch(s[7]) {
+                                default:
+                                    break;
+                                case 't':
+                                    switch(s[8]) {
+                                    default:
+                                        break;
+                                    case 'i':
+                                        switch(s[9]) {
+                                        default:
+                                            break;
+                                        case '_':
+                                            switch(s[10]) {
+                                            default:
+                                                break;
+                                            case 'a':
+                                                switch(s[11]) {
+                                                default:
+                                                    break;
+                                                case 'a':
+                                                    switch(s[12]) {
+                                                    default:
+                                                        break;
+                                                    case 'd':
+                                                        switch(s[13]) {
+                                                        default:
+                                                            break;
+                                                        case 'p':
+                                                            if (strcmp("acklen", s + 14) == 0)
+                                                                return PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN;
+                                                            break;
+                                                        case '\0':
+                                                            return PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD;
+                                                        }
+                                                    }
+                                                }
+                                                break;
+                                            case 'e':
+                                                switch(s[11]) {
+                                                default:
+                                                    break;
+                                                case 'n':
+                                                    switch(s[12]) {
+                                                    default:
+                                                        break;
+                                                    case 'c':
+                                                        switch(s[13]) {
+                                                        default:
+                                                            break;
+                                                        case 'i':
+                                                            if (strcmp("n", s + 14) == 0)
+                                                                return PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN;
+                                                            break;
+                                                        case 'l':
+                                                            if (strcmp("en", s + 14) == 0)
+                                                                return PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN;
+                                                            break;
+                                                        case '\0':
+                                                            return PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC;
+                                                        }
+                                                    }
+                                                }
+                                                break;
+                                            case 'i':
+                                                if (strcmp("nterleave", s + 11) == 0)
+                                                    return PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE;
+                                                break;
+                                            case 'm':
+                                                switch(s[11]) {
+                                                default:
+                                                    break;
+                                                case 'a':
+                                                    switch(s[12]) {
+                                                    default:
+                                                        break;
+                                                    case 'x':
+                                                        switch(s[13]) {
+                                                        default:
+                                                            break;
+                                                        case 'b':
+                                                            if (strcmp("ufsz", s + 14) == 0)
+                                                                return PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE;
+                                                            break;
+                                                        case 's':
+                                                            if (strcmp("ndfrag", s + 14) == 0)
+                                                                return PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT;
+                                                        }
+                                                    }
+                                                }
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                    break;
+                case 'a':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'a':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'd':
+                            switch(s[6]) {
+                            default:
+                                break;
+                            case 'p':
+                                if (strcmp("ad", s + 7) == 0)
+                                    return PIDX_CIPHER_PARAM_AEAD_TLS1_AAD_PAD;
+                                break;
+                            case '\0':
+                                return PIDX_CIPHER_PARAM_AEAD_TLS1_AAD;
+                            }
+                        }
+                    }
+                    break;
+                case 'i':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'v':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'f':
+                            if (strcmp("ixed", s + 6) == 0)
+                                return PIDX_CIPHER_PARAM_AEAD_TLS1_IV_FIXED;
+                            break;
+                        case 'g':
+                            if (strcmp("en", s + 6) == 0)
+                                return PIDX_CIPHER_PARAM_AEAD_TLS1_GET_IV_GEN;
+                            break;
+                        case 'i':
+                            if (strcmp("nv", s + 6) == 0)
+                                return PIDX_CIPHER_PARAM_AEAD_TLS1_SET_IV_INV;
+                        }
+                    }
+                    break;
+                case 't':
+                    if (strcmp("ree", s + 4) == 0)
+                        return PIDX_LIBSSL_RECORD_LAYER_PARAM_TLSTREE;
+                }
+            }
+            break;
+        case 'p':
+            switch(s[2]) {
+            default:
+                break;
+            case '\0':
+                return PIDX_PKEY_PARAM_EC_CHAR2_TP_BASIS;
+            }
+            break;
+        case 'y':
+            if (strcmp("pe", s + 2) == 0)
+                return PIDX_OBJECT_PARAM_TYPE;
+        }
+        break;
+    case 'u':
+        switch(s[1]) {
+        default:
+            break;
+        case 'k':
+            if (strcmp("m", s + 2) == 0)
+                return PIDX_KDF_PARAM_UKM;
+            break;
+        case 'p':
+            if (strcmp("dated-iv", s + 2) == 0)
+                return PIDX_CIPHER_PARAM_UPDATED_IV;
+            break;
+        case 's':
+            switch(s[2]) {
+            default:
+                break;
+            case 'e':
+                switch(s[3]) {
+                default:
+                    break;
+                case '-':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'b':
+                        if (strcmp("its", s + 5) == 0)
+                            return PIDX_CIPHER_PARAM_USE_BITS;
+                        break;
+                    case 'c':
+                        if (strcmp("ofactor-flag", s + 5) == 0)
+                            return PIDX_PKEY_PARAM_USE_COFACTOR_FLAG;
+                        break;
+                    case 'k':
+                        if (strcmp("eybits", s + 5) == 0)
+                            return PIDX_KDF_PARAM_X942_USE_KEYBITS;
+                        break;
+                    case 'l':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case '\0':
+                            return PIDX_KDF_PARAM_KBKDF_USE_L;
+                        }
+                        break;
+                    case 's':
+                        if (strcmp("eparator", s + 5) == 0)
+                            return PIDX_KDF_PARAM_KBKDF_USE_SEPARATOR;
+                    }
+                    break;
+                case '_':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'd':
+                        if (strcmp("erivation_function", s + 5) == 0)
+                            return PIDX_DRBG_PARAM_USE_DF;
+                        break;
+                    case 'e':
+                        if (strcmp("tm", s + 5) == 0)
+                            return PIDX_LIBSSL_RECORD_LAYER_PARAM_USE_ETM;
+                    }
+                }
+            }
+        }
+        break;
+    case 'v':
+        switch(s[1]) {
+        default:
+            break;
+        case 'a':
+            switch(s[2]) {
+            default:
+                break;
+            case 'l':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'i':
+                    switch(s[4]) {
+                    default:
+                        break;
+                    case 'd':
+                        switch(s[5]) {
+                        default:
+                            break;
+                        case 'a':
+                            switch(s[6]) {
+                            default:
+                                break;
+                            case 't':
+                                switch(s[7]) {
+                                default:
+                                    break;
+                                case 'e':
+                                    switch(s[8]) {
+                                    default:
+                                        break;
+                                    case '-':
+                                        switch(s[9]) {
+                                        default:
+                                            break;
+                                        case 'g':
+                                            switch(s[10]) {
+                                            default:
+                                                break;
+                                            case '\0':
+                                                return PIDX_PKEY_PARAM_FFC_VALIDATE_G;
+                                            }
+                                            break;
+                                        case 'l':
+                                            if (strcmp("egacy", s + 10) == 0)
+                                                return PIDX_PKEY_PARAM_FFC_VALIDATE_LEGACY;
+                                            break;
+                                        case 'p':
+                                            if (strcmp("q", s + 10) == 0)
+                                                return PIDX_PKEY_PARAM_FFC_VALIDATE_PQ;
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+            break;
+        case 'e':
+            if (strcmp("rsion", s + 2) == 0)
+                return PIDX_PROV_PARAM_VERSION;
+        }
+        break;
+    case 'x':
+        switch(s[1]) {
+        default:
+            break;
+        case 'c':
+            if (strcmp("ghash", s + 2) == 0)
+                return PIDX_KDF_PARAM_SSHKDF_XCGHASH;
+            break;
+        case 'o':
+            switch(s[2]) {
+            default:
+                break;
+            case 'f':
+                switch(s[3]) {
+                default:
+                    break;
+                case 'l':
+                    if (strcmp("en", s + 4) == 0)
+                        return PIDX_DIGEST_PARAM_XOFLEN;
+                    break;
+                case '\0':
+                    return PIDX_DIGEST_PARAM_XOF;
+                }
+            }
+            break;
+        case 'p':
+            switch(s[2]) {
+            default:
+                break;
+            case '1':
+                switch(s[3]) {
+                default:
+                    break;
+                case '\0':
+                    return PIDX_PKEY_PARAM_RSA_TEST_XP1;
+                }
+                break;
+            case '2':
+                switch(s[3]) {
+                default:
+                    break;
+                case '\0':
+                    return PIDX_PKEY_PARAM_RSA_TEST_XP2;
+                }
+                break;
+            case '\0':
+                return PIDX_PKEY_PARAM_RSA_TEST_XP;
+            }
+            break;
+        case 'q':
+            switch(s[2]) {
+            default:
+                break;
+            case '1':
+                switch(s[3]) {
+                default:
+                    break;
+                case '\0':
+                    return PIDX_PKEY_PARAM_RSA_TEST_XQ1;
+                }
+                break;
+            case '2':
+                switch(s[3]) {
+                default:
+                    break;
+                case '\0':
+                    return PIDX_PKEY_PARAM_RSA_TEST_XQ2;
+                }
+                break;
+            case '\0':
+                return PIDX_PKEY_PARAM_RSA_TEST_XQ;
+            }
+            break;
+        case 't':
+            if (strcmp("s_standard", s + 2) == 0)
+                return PIDX_CIPHER_PARAM_XTS_STANDARD;
+        }
+    }
+    return -1;
+}
+
+/* End of TRIE */

libs/openssl/crypto/params_idx.c.in

@@ -1,21 +0,0 @@
-/*
- * {- join("\n * ", @autowarntext) -}
- *
- * Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-{-
-use OpenSSL::paramnames qw(produce_decoder);
--}
-
-#include "internal/e_os.h"
-#include "internal/param_names.h"
-#include <string.h>
-
-/* Machine generated TRIE -- generated by util/perl/OpenSSL/paramnames.pm */
-{- produce_decoder(); -}
-/* End of TRIE */

libs/openssl/crypto/thread/arch/thread_win.c

@@ -591,9 +591,11 @@ void ossl_crypto_condvar_free(CRYPTO_CONDVAR **cv)
 
 # endif
 
+#ifndef WINSCP
 void ossl_crypto_mem_barrier(void)
 {
     MemoryBarrier();
 }
+#endif
 
 #endif

libs/openssl/include/internal/param_names.h

@@ -0,0 +1,376 @@
+/*
+ * WARNING: do not edit!
+ * Generated by makefile from include\internal\param_names.h.in
+ *
+ * Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+
+int ossl_param_find_pidx(const char *s);
+
+/* Parameter name definitions - generated by util/perl/OpenSSL/paramnames.pm */
+#define NUM_PIDX 290
+
+#define PIDX_ALG_PARAM_CIPHER 0
+#define PIDX_ALG_PARAM_DIGEST 1
+#define PIDX_ALG_PARAM_ENGINE 2
+#define PIDX_ALG_PARAM_MAC 3
+#define PIDX_ALG_PARAM_PROPERTIES 4
+#define PIDX_ASYM_CIPHER_PARAM_DIGEST PIDX_PKEY_PARAM_DIGEST
+#define PIDX_ASYM_CIPHER_PARAM_ENGINE PIDX_PKEY_PARAM_ENGINE
+#define PIDX_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION 5
+#define PIDX_ASYM_CIPHER_PARAM_MGF1_DIGEST PIDX_PKEY_PARAM_MGF1_DIGEST
+#define PIDX_ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS PIDX_PKEY_PARAM_MGF1_PROPERTIES
+#define PIDX_ASYM_CIPHER_PARAM_OAEP_DIGEST PIDX_ALG_PARAM_DIGEST
+#define PIDX_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS 6
+#define PIDX_ASYM_CIPHER_PARAM_OAEP_LABEL 7
+#define PIDX_ASYM_CIPHER_PARAM_PAD_MODE PIDX_PKEY_PARAM_PAD_MODE
+#define PIDX_ASYM_CIPHER_PARAM_PROPERTIES PIDX_PKEY_PARAM_PROPERTIES
+#define PIDX_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION 8
+#define PIDX_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION 9
+#define PIDX_CAPABILITY_TLS_GROUP_ALG 10
+#define PIDX_CAPABILITY_TLS_GROUP_ID 11
+#define PIDX_CAPABILITY_TLS_GROUP_IS_KEM 12
+#define PIDX_CAPABILITY_TLS_GROUP_MAX_DTLS 13
+#define PIDX_CAPABILITY_TLS_GROUP_MAX_TLS 14
+#define PIDX_CAPABILITY_TLS_GROUP_MIN_DTLS 15
+#define PIDX_CAPABILITY_TLS_GROUP_MIN_TLS 16
+#define PIDX_CAPABILITY_TLS_GROUP_NAME 17
+#define PIDX_CAPABILITY_TLS_GROUP_NAME_INTERNAL 18
+#define PIDX_CAPABILITY_TLS_GROUP_SECURITY_BITS 19
+#define PIDX_CAPABILITY_TLS_SIGALG_CODE_POINT 20
+#define PIDX_CAPABILITY_TLS_SIGALG_HASH_NAME 21
+#define PIDX_CAPABILITY_TLS_SIGALG_HASH_OID 22
+#define PIDX_CAPABILITY_TLS_SIGALG_IANA_NAME 23
+#define PIDX_CAPABILITY_TLS_SIGALG_KEYTYPE 24
+#define PIDX_CAPABILITY_TLS_SIGALG_KEYTYPE_OID 25
+#define PIDX_CAPABILITY_TLS_SIGALG_MAX_TLS 14
+#define PIDX_CAPABILITY_TLS_SIGALG_MIN_TLS 16
+#define PIDX_CAPABILITY_TLS_SIGALG_NAME 26
+#define PIDX_CAPABILITY_TLS_SIGALG_OID 27
+#define PIDX_CAPABILITY_TLS_SIGALG_SECURITY_BITS 28
+#define PIDX_CAPABILITY_TLS_SIGALG_SIG_NAME 29
+#define PIDX_CAPABILITY_TLS_SIGALG_SIG_OID 30
+#define PIDX_CIPHER_PARAM_AEAD 31
+#define PIDX_CIPHER_PARAM_AEAD_IVLEN PIDX_CIPHER_PARAM_IVLEN
+#define PIDX_CIPHER_PARAM_AEAD_MAC_KEY 32
+#define PIDX_CIPHER_PARAM_AEAD_TAG 33
+#define PIDX_CIPHER_PARAM_AEAD_TAGLEN 34
+#define PIDX_CIPHER_PARAM_AEAD_TLS1_AAD 35
+#define PIDX_CIPHER_PARAM_AEAD_TLS1_AAD_PAD 36
+#define PIDX_CIPHER_PARAM_AEAD_TLS1_GET_IV_GEN 37
+#define PIDX_CIPHER_PARAM_AEAD_TLS1_IV_FIXED 38
+#define PIDX_CIPHER_PARAM_AEAD_TLS1_SET_IV_INV 39
+#define PIDX_CIPHER_PARAM_ALGORITHM_ID_PARAMS 40
+#define PIDX_CIPHER_PARAM_BLOCK_SIZE 41
+#define PIDX_CIPHER_PARAM_CTS 42
+#define PIDX_CIPHER_PARAM_CTS_MODE 43
+#define PIDX_CIPHER_PARAM_CUSTOM_IV 44
+#define PIDX_CIPHER_PARAM_HAS_RAND_KEY 45
+#define PIDX_CIPHER_PARAM_IV 46
+#define PIDX_CIPHER_PARAM_IVLEN 47
+#define PIDX_CIPHER_PARAM_KEYLEN 48
+#define PIDX_CIPHER_PARAM_MODE 49
+#define PIDX_CIPHER_PARAM_NUM 50
+#define PIDX_CIPHER_PARAM_PADDING 51
+#define PIDX_CIPHER_PARAM_RANDOM_KEY 52
+#define PIDX_CIPHER_PARAM_RC2_KEYBITS 53
+#define PIDX_CIPHER_PARAM_ROUNDS 54
+#define PIDX_CIPHER_PARAM_SPEED 55
+#define PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK 56
+#define PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD 57
+#define PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN 58
+#define PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC 59
+#define PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN 60
+#define PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN 61
+#define PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE 62
+#define PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE 63
+#define PIDX_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT 64
+#define PIDX_CIPHER_PARAM_TLS_MAC 65
+#define PIDX_CIPHER_PARAM_TLS_MAC_SIZE 66
+#define PIDX_CIPHER_PARAM_TLS_VERSION 67
+#define PIDX_CIPHER_PARAM_UPDATED_IV 68
+#define PIDX_CIPHER_PARAM_USE_BITS 69
+#define PIDX_CIPHER_PARAM_XTS_STANDARD 70
+#define PIDX_DECODER_PARAM_PROPERTIES PIDX_ALG_PARAM_PROPERTIES
+#define PIDX_DIGEST_PARAM_ALGID_ABSENT 71
+#define PIDX_DIGEST_PARAM_BLOCK_SIZE 41
+#define PIDX_DIGEST_PARAM_MICALG 72
+#define PIDX_DIGEST_PARAM_PAD_TYPE 73
+#define PIDX_DIGEST_PARAM_SIZE 74
+#define PIDX_DIGEST_PARAM_SSL3_MS 75
+#define PIDX_DIGEST_PARAM_XOF 76
+#define PIDX_DIGEST_PARAM_XOFLEN 77
+#define PIDX_DRBG_PARAM_CIPHER PIDX_ALG_PARAM_CIPHER
+#define PIDX_DRBG_PARAM_DIGEST PIDX_ALG_PARAM_DIGEST
+#define PIDX_DRBG_PARAM_ENTROPY_REQUIRED 78
+#define PIDX_DRBG_PARAM_MAC PIDX_ALG_PARAM_MAC
+#define PIDX_DRBG_PARAM_MAX_ADINLEN 79
+#define PIDX_DRBG_PARAM_MAX_ENTROPYLEN 80
+#define PIDX_DRBG_PARAM_MAX_LENGTH 81
+#define PIDX_DRBG_PARAM_MAX_NONCELEN 82
+#define PIDX_DRBG_PARAM_MAX_PERSLEN 83
+#define PIDX_DRBG_PARAM_MIN_ENTROPYLEN 84
+#define PIDX_DRBG_PARAM_MIN_LENGTH 85
+#define PIDX_DRBG_PARAM_MIN_NONCELEN 86
+#define PIDX_DRBG_PARAM_PREDICTION_RESISTANCE 87
+#define PIDX_DRBG_PARAM_PROPERTIES PIDX_ALG_PARAM_PROPERTIES
+#define PIDX_DRBG_PARAM_RANDOM_DATA 88
+#define PIDX_DRBG_PARAM_RESEED_COUNTER 89
+#define PIDX_DRBG_PARAM_RESEED_REQUESTS 90
+#define PIDX_DRBG_PARAM_RESEED_TIME 91
+#define PIDX_DRBG_PARAM_RESEED_TIME_INTERVAL 92
+#define PIDX_DRBG_PARAM_SIZE 74
+#define PIDX_DRBG_PARAM_USE_DF 93
+#define PIDX_ENCODER_PARAM_CIPHER PIDX_ALG_PARAM_CIPHER
+#define PIDX_ENCODER_PARAM_ENCRYPT_LEVEL 94
+#define PIDX_ENCODER_PARAM_PROPERTIES PIDX_ALG_PARAM_PROPERTIES
+#define PIDX_ENCODER_PARAM_SAVE_PARAMETERS 95
+#define PIDX_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE 96
+#define PIDX_EXCHANGE_PARAM_KDF_DIGEST 97
+#define PIDX_EXCHANGE_PARAM_KDF_DIGEST_PROPS 98
+#define PIDX_EXCHANGE_PARAM_KDF_OUTLEN 99
+#define PIDX_EXCHANGE_PARAM_KDF_TYPE 100
+#define PIDX_EXCHANGE_PARAM_KDF_UKM 101
+#define PIDX_EXCHANGE_PARAM_PAD 102
+#define PIDX_GEN_PARAM_ITERATION 103
+#define PIDX_GEN_PARAM_POTENTIAL 104
+#define PIDX_KDF_PARAM_ARGON2_AD 105
+#define PIDX_KDF_PARAM_ARGON2_LANES 106
+#define PIDX_KDF_PARAM_ARGON2_MEMCOST 107
+#define PIDX_KDF_PARAM_ARGON2_VERSION 108
+#define PIDX_KDF_PARAM_CEK_ALG 109
+#define PIDX_KDF_PARAM_CIPHER PIDX_ALG_PARAM_CIPHER
+#define PIDX_KDF_PARAM_CONSTANT 110
+#define PIDX_KDF_PARAM_DATA 111
+#define PIDX_KDF_PARAM_DIGEST PIDX_ALG_PARAM_DIGEST
+#define PIDX_KDF_PARAM_EARLY_CLEAN 112
+#define PIDX_KDF_PARAM_HMACDRBG_ENTROPY 113
+#define PIDX_KDF_PARAM_HMACDRBG_NONCE 114
+#define PIDX_KDF_PARAM_INFO 115
+#define PIDX_KDF_PARAM_ITER 116
+#define PIDX_KDF_PARAM_KBKDF_R 117
+#define PIDX_KDF_PARAM_KBKDF_USE_L 118
+#define PIDX_KDF_PARAM_KBKDF_USE_SEPARATOR 119
+#define PIDX_KDF_PARAM_KEY 120
+#define PIDX_KDF_PARAM_LABEL 121
+#define PIDX_KDF_PARAM_MAC PIDX_ALG_PARAM_MAC
+#define PIDX_KDF_PARAM_MAC_SIZE 122
+#define PIDX_KDF_PARAM_MODE 49
+#define PIDX_KDF_PARAM_PASSWORD 123
+#define PIDX_KDF_PARAM_PKCS12_ID 124
+#define PIDX_KDF_PARAM_PKCS5 125
+#define PIDX_KDF_PARAM_PREFIX 126
+#define PIDX_KDF_PARAM_PROPERTIES PIDX_ALG_PARAM_PROPERTIES
+#define PIDX_KDF_PARAM_SALT 127
+#define PIDX_KDF_PARAM_SCRYPT_MAXMEM 128
+#define PIDX_KDF_PARAM_SCRYPT_N 129
+#define PIDX_KDF_PARAM_SCRYPT_P 130
+#define PIDX_KDF_PARAM_SCRYPT_R 117
+#define PIDX_KDF_PARAM_SECRET 131
+#define PIDX_KDF_PARAM_SEED 132
+#define PIDX_KDF_PARAM_SIZE 74
+#define PIDX_KDF_PARAM_SSHKDF_SESSION_ID 133
+#define PIDX_KDF_PARAM_SSHKDF_TYPE 134
+#define PIDX_KDF_PARAM_SSHKDF_XCGHASH 135
+#define PIDX_KDF_PARAM_THREADS 136
+#define PIDX_KDF_PARAM_UKM 137
+#define PIDX_KDF_PARAM_X942_ACVPINFO 138
+#define PIDX_KDF_PARAM_X942_PARTYUINFO 139
+#define PIDX_KDF_PARAM_X942_PARTYVINFO 140
+#define PIDX_KDF_PARAM_X942_SUPP_PRIVINFO 141
+#define PIDX_KDF_PARAM_X942_SUPP_PUBINFO 142
+#define PIDX_KDF_PARAM_X942_USE_KEYBITS 143
+#define PIDX_KEM_PARAM_IKME 144
+#define PIDX_KEM_PARAM_OPERATION 145
+#define PIDX_LIBSSL_RECORD_LAYER_PARAM_BLOCK_PADDING 146
+#define PIDX_LIBSSL_RECORD_LAYER_PARAM_MAX_EARLY_DATA 147
+#define PIDX_LIBSSL_RECORD_LAYER_PARAM_MAX_FRAG_LEN 148
+#define PIDX_LIBSSL_RECORD_LAYER_PARAM_MODE 49
+#define PIDX_LIBSSL_RECORD_LAYER_PARAM_OPTIONS 149
+#define PIDX_LIBSSL_RECORD_LAYER_PARAM_READ_AHEAD 150
+#define PIDX_LIBSSL_RECORD_LAYER_PARAM_STREAM_MAC 151
+#define PIDX_LIBSSL_RECORD_LAYER_PARAM_TLSTREE 152
+#define PIDX_LIBSSL_RECORD_LAYER_PARAM_USE_ETM 153
+#define PIDX_LIBSSL_RECORD_LAYER_READ_BUFFER_LEN 154
+#define PIDX_MAC_PARAM_BLOCK_SIZE 155
+#define PIDX_MAC_PARAM_CIPHER PIDX_ALG_PARAM_CIPHER
+#define PIDX_MAC_PARAM_CUSTOM 156
+#define PIDX_MAC_PARAM_C_ROUNDS 157
+#define PIDX_MAC_PARAM_DIGEST PIDX_ALG_PARAM_DIGEST
+#define PIDX_MAC_PARAM_DIGEST_NOINIT 158
+#define PIDX_MAC_PARAM_DIGEST_ONESHOT 159
+#define PIDX_MAC_PARAM_D_ROUNDS 160
+#define PIDX_MAC_PARAM_IV 46
+#define PIDX_MAC_PARAM_KEY 120
+#define PIDX_MAC_PARAM_PROPERTIES PIDX_ALG_PARAM_PROPERTIES
+#define PIDX_MAC_PARAM_SALT 127
+#define PIDX_MAC_PARAM_SIZE 74
+#define PIDX_MAC_PARAM_TLS_DATA_SIZE 161
+#define PIDX_MAC_PARAM_XOF 76
+#define PIDX_OBJECT_PARAM_DATA 111
+#define PIDX_OBJECT_PARAM_DATA_STRUCTURE 162
+#define PIDX_OBJECT_PARAM_DATA_TYPE 163
+#define PIDX_OBJECT_PARAM_DESC 164
+#define PIDX_OBJECT_PARAM_REFERENCE 165
+#define PIDX_OBJECT_PARAM_TYPE 134
+#define PIDX_PASSPHRASE_PARAM_INFO 115
+#define PIDX_PKEY_PARAM_BITS 166
+#define PIDX_PKEY_PARAM_CIPHER PIDX_ALG_PARAM_CIPHER
+#define PIDX_PKEY_PARAM_DEFAULT_DIGEST 167
+#define PIDX_PKEY_PARAM_DHKEM_IKM 168
+#define PIDX_PKEY_PARAM_DH_GENERATOR 169
+#define PIDX_PKEY_PARAM_DH_PRIV_LEN 170
+#define PIDX_PKEY_PARAM_DIGEST PIDX_ALG_PARAM_DIGEST
+#define PIDX_PKEY_PARAM_DIGEST_SIZE 171
+#define PIDX_PKEY_PARAM_DIST_ID 172
+#define PIDX_PKEY_PARAM_EC_A 173
+#define PIDX_PKEY_PARAM_EC_B 174
+#define PIDX_PKEY_PARAM_EC_CHAR2_M 175
+#define PIDX_PKEY_PARAM_EC_CHAR2_PP_K1 176
+#define PIDX_PKEY_PARAM_EC_CHAR2_PP_K2 177
+#define PIDX_PKEY_PARAM_EC_CHAR2_PP_K3 178
+#define PIDX_PKEY_PARAM_EC_CHAR2_TP_BASIS 179
+#define PIDX_PKEY_PARAM_EC_CHAR2_TYPE 180
+#define PIDX_PKEY_PARAM_EC_COFACTOR 181
+#define PIDX_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS 182
+#define PIDX_PKEY_PARAM_EC_ENCODING 183
+#define PIDX_PKEY_PARAM_EC_FIELD_TYPE 184
+#define PIDX_PKEY_PARAM_EC_GENERATOR 185
+#define PIDX_PKEY_PARAM_EC_GROUP_CHECK_TYPE 186
+#define PIDX_PKEY_PARAM_EC_INCLUDE_PUBLIC 187
+#define PIDX_PKEY_PARAM_EC_ORDER 188
+#define PIDX_PKEY_PARAM_EC_P 130
+#define PIDX_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT 189
+#define PIDX_PKEY_PARAM_EC_PUB_X 190
+#define PIDX_PKEY_PARAM_EC_PUB_Y 191
+#define PIDX_PKEY_PARAM_EC_SEED 132
+#define PIDX_PKEY_PARAM_ENCODED_PUBLIC_KEY 192
+#define PIDX_PKEY_PARAM_ENGINE PIDX_ALG_PARAM_ENGINE
+#define PIDX_PKEY_PARAM_FFC_COFACTOR 193
+#define PIDX_PKEY_PARAM_FFC_DIGEST PIDX_PKEY_PARAM_DIGEST
+#define PIDX_PKEY_PARAM_FFC_DIGEST_PROPS PIDX_PKEY_PARAM_PROPERTIES
+#define PIDX_PKEY_PARAM_FFC_G 194
+#define PIDX_PKEY_PARAM_FFC_GINDEX 195
+#define PIDX_PKEY_PARAM_FFC_H 196
+#define PIDX_PKEY_PARAM_FFC_P 130
+#define PIDX_PKEY_PARAM_FFC_PBITS 197
+#define PIDX_PKEY_PARAM_FFC_PCOUNTER 198
+#define PIDX_PKEY_PARAM_FFC_Q 199
+#define PIDX_PKEY_PARAM_FFC_QBITS 200
+#define PIDX_PKEY_PARAM_FFC_SEED 132
+#define PIDX_PKEY_PARAM_FFC_TYPE 134
+#define PIDX_PKEY_PARAM_FFC_VALIDATE_G 201
+#define PIDX_PKEY_PARAM_FFC_VALIDATE_LEGACY 202
+#define PIDX_PKEY_PARAM_FFC_VALIDATE_PQ 203
+#define PIDX_PKEY_PARAM_GROUP_NAME 204
+#define PIDX_PKEY_PARAM_IMPLICIT_REJECTION 5
+#define PIDX_PKEY_PARAM_MANDATORY_DIGEST 205
+#define PIDX_PKEY_PARAM_MASKGENFUNC 206
+#define PIDX_PKEY_PARAM_MAX_SIZE 207
+#define PIDX_PKEY_PARAM_MGF1_DIGEST 208
+#define PIDX_PKEY_PARAM_MGF1_PROPERTIES 209
+#define PIDX_PKEY_PARAM_PAD_MODE 210
+#define PIDX_PKEY_PARAM_PRIV_KEY 211
+#define PIDX_PKEY_PARAM_PROPERTIES PIDX_ALG_PARAM_PROPERTIES
+#define PIDX_PKEY_PARAM_PUB_KEY 212
+#define PIDX_PKEY_PARAM_RSA_BITS PIDX_PKEY_PARAM_BITS
+#define PIDX_PKEY_PARAM_RSA_COEFFICIENT 213
+#define PIDX_PKEY_PARAM_RSA_COEFFICIENT1 214
+#define PIDX_PKEY_PARAM_RSA_COEFFICIENT2 215
+#define PIDX_PKEY_PARAM_RSA_COEFFICIENT3 216
+#define PIDX_PKEY_PARAM_RSA_COEFFICIENT4 217
+#define PIDX_PKEY_PARAM_RSA_COEFFICIENT5 218
+#define PIDX_PKEY_PARAM_RSA_COEFFICIENT6 219
+#define PIDX_PKEY_PARAM_RSA_COEFFICIENT7 220
+#define PIDX_PKEY_PARAM_RSA_COEFFICIENT8 221
+#define PIDX_PKEY_PARAM_RSA_COEFFICIENT9 222
+#define PIDX_PKEY_PARAM_RSA_D 223
+#define PIDX_PKEY_PARAM_RSA_DIGEST PIDX_PKEY_PARAM_DIGEST
+#define PIDX_PKEY_PARAM_RSA_DIGEST_PROPS PIDX_PKEY_PARAM_PROPERTIES
+#define PIDX_PKEY_PARAM_RSA_E 224
+#define PIDX_PKEY_PARAM_RSA_EXPONENT 225
+#define PIDX_PKEY_PARAM_RSA_EXPONENT1 226
+#define PIDX_PKEY_PARAM_RSA_EXPONENT10 227
+#define PIDX_PKEY_PARAM_RSA_EXPONENT2 228
+#define PIDX_PKEY_PARAM_RSA_EXPONENT3 229
+#define PIDX_PKEY_PARAM_RSA_EXPONENT4 230
+#define PIDX_PKEY_PARAM_RSA_EXPONENT5 231
+#define PIDX_PKEY_PARAM_RSA_EXPONENT6 232
+#define PIDX_PKEY_PARAM_RSA_EXPONENT7 233
+#define PIDX_PKEY_PARAM_RSA_EXPONENT8 234
+#define PIDX_PKEY_PARAM_RSA_EXPONENT9 235
+#define PIDX_PKEY_PARAM_RSA_FACTOR 236
+#define PIDX_PKEY_PARAM_RSA_FACTOR1 237
+#define PIDX_PKEY_PARAM_RSA_FACTOR10 238
+#define PIDX_PKEY_PARAM_RSA_FACTOR2 239
+#define PIDX_PKEY_PARAM_RSA_FACTOR3 240
+#define PIDX_PKEY_PARAM_RSA_FACTOR4 241
+#define PIDX_PKEY_PARAM_RSA_FACTOR5 242
+#define PIDX_PKEY_PARAM_RSA_FACTOR6 243
+#define PIDX_PKEY_PARAM_RSA_FACTOR7 244
+#define PIDX_PKEY_PARAM_RSA_FACTOR8 245
+#define PIDX_PKEY_PARAM_RSA_FACTOR9 246
+#define PIDX_PKEY_PARAM_RSA_MASKGENFUNC PIDX_PKEY_PARAM_MASKGENFUNC
+#define PIDX_PKEY_PARAM_RSA_MGF1_DIGEST PIDX_PKEY_PARAM_MGF1_DIGEST
+#define PIDX_PKEY_PARAM_RSA_N 129
+#define PIDX_PKEY_PARAM_RSA_PRIMES 247
+#define PIDX_PKEY_PARAM_RSA_PSS_SALTLEN 248
+#define PIDX_PKEY_PARAM_RSA_TEST_P1 249
+#define PIDX_PKEY_PARAM_RSA_TEST_P2 250
+#define PIDX_PKEY_PARAM_RSA_TEST_Q1 251
+#define PIDX_PKEY_PARAM_RSA_TEST_Q2 252
+#define PIDX_PKEY_PARAM_RSA_TEST_XP 253
+#define PIDX_PKEY_PARAM_RSA_TEST_XP1 254
+#define PIDX_PKEY_PARAM_RSA_TEST_XP2 255
+#define PIDX_PKEY_PARAM_RSA_TEST_XQ 256
+#define PIDX_PKEY_PARAM_RSA_TEST_XQ1 257
+#define PIDX_PKEY_PARAM_RSA_TEST_XQ2 258
+#define PIDX_PKEY_PARAM_SECURITY_BITS 259
+#define PIDX_PKEY_PARAM_USE_COFACTOR_ECDH PIDX_PKEY_PARAM_USE_COFACTOR_FLAG
+#define PIDX_PKEY_PARAM_USE_COFACTOR_FLAG 260
+#define PIDX_PROV_PARAM_BUILDINFO 261
+#define PIDX_PROV_PARAM_CORE_MODULE_FILENAME 262
+#define PIDX_PROV_PARAM_CORE_PROV_NAME 263
+#define PIDX_PROV_PARAM_CORE_VERSION 264
+#define PIDX_PROV_PARAM_DRBG_TRUNC_DIGEST 265
+#define PIDX_PROV_PARAM_NAME 266
+#define PIDX_PROV_PARAM_SECURITY_CHECKS 267
+#define PIDX_PROV_PARAM_SELF_TEST_DESC 268
+#define PIDX_PROV_PARAM_SELF_TEST_PHASE 269
+#define PIDX_PROV_PARAM_SELF_TEST_TYPE 270
+#define PIDX_PROV_PARAM_STATUS 271
+#define PIDX_PROV_PARAM_TLS1_PRF_EMS_CHECK 272
+#define PIDX_PROV_PARAM_VERSION 108
+#define PIDX_RAND_PARAM_GENERATE 273
+#define PIDX_RAND_PARAM_MAX_REQUEST 274
+#define PIDX_RAND_PARAM_STATE 275
+#define PIDX_RAND_PARAM_STRENGTH 276
+#define PIDX_RAND_PARAM_TEST_ENTROPY 277
+#define PIDX_RAND_PARAM_TEST_NONCE 278
+#define PIDX_SIGNATURE_PARAM_ALGORITHM_ID 279
+#define PIDX_SIGNATURE_PARAM_CONTEXT_STRING 280
+#define PIDX_SIGNATURE_PARAM_DIGEST PIDX_PKEY_PARAM_DIGEST
+#define PIDX_SIGNATURE_PARAM_DIGEST_SIZE PIDX_PKEY_PARAM_DIGEST_SIZE
+#define PIDX_SIGNATURE_PARAM_INSTANCE 281
+#define PIDX_SIGNATURE_PARAM_KAT 282
+#define PIDX_SIGNATURE_PARAM_MGF1_DIGEST PIDX_PKEY_PARAM_MGF1_DIGEST
+#define PIDX_SIGNATURE_PARAM_MGF1_PROPERTIES PIDX_PKEY_PARAM_MGF1_PROPERTIES
+#define PIDX_SIGNATURE_PARAM_NONCE_TYPE 283
+#define PIDX_SIGNATURE_PARAM_PAD_MODE PIDX_PKEY_PARAM_PAD_MODE
+#define PIDX_SIGNATURE_PARAM_PROPERTIES PIDX_PKEY_PARAM_PROPERTIES
+#define PIDX_SIGNATURE_PARAM_PSS_SALTLEN 248
+#define PIDX_STORE_PARAM_ALIAS 284
+#define PIDX_STORE_PARAM_DIGEST 1
+#define PIDX_STORE_PARAM_EXPECT 285
+#define PIDX_STORE_PARAM_FINGERPRINT 286
+#define PIDX_STORE_PARAM_INPUT_TYPE 287
+#define PIDX_STORE_PARAM_ISSUER 266
+#define PIDX_STORE_PARAM_PROPERTIES 4
+#define PIDX_STORE_PARAM_SERIAL 288
+#define PIDX_STORE_PARAM_SUBJECT 289

libs/openssl/include/internal/param_names.h.in

@@ -1,18 +0,0 @@
-/*
- * {- join("\n * ", @autowarntext) -}
- *
- * Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-{-
-use OpenSSL::paramnames qw(generate_internal_macros);
--}
-
-int ossl_param_find_pidx(const char *s);
-
-/* Parameter name definitions - generated by util/perl/OpenSSL/paramnames.pm */
-{- generate_internal_macros(); -}

libs/openssl/include/openssl/core_names.h

@@ -0,0 +1,475 @@
+/*
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\core_names.h.in
+ *
+ * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+
+#ifndef OPENSSL_CORE_NAMES_H
+# define OPENSSL_CORE_NAMES_H
+# pragma once
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+/* OSSL_CIPHER_PARAM_CTS_MODE Values */
+# define OSSL_CIPHER_CTS_MODE_CS1 "CS1"
+# define OSSL_CIPHER_CTS_MODE_CS2 "CS2"
+# define OSSL_CIPHER_CTS_MODE_CS3 "CS3"
+
+/* Known CIPHER names (not a complete list) */
+# define OSSL_CIPHER_NAME_AES_128_GCM_SIV      "AES-128-GCM-SIV"
+# define OSSL_CIPHER_NAME_AES_192_GCM_SIV      "AES-192-GCM-SIV"
+# define OSSL_CIPHER_NAME_AES_256_GCM_SIV      "AES-256-GCM-SIV"
+
+/* Known DIGEST names (not a complete list) */
+# define OSSL_DIGEST_NAME_MD5            "MD5"
+# define OSSL_DIGEST_NAME_MD5_SHA1       "MD5-SHA1"
+# define OSSL_DIGEST_NAME_SHA1           "SHA1"
+# define OSSL_DIGEST_NAME_SHA2_224       "SHA2-224"
+# define OSSL_DIGEST_NAME_SHA2_256       "SHA2-256"
+# define OSSL_DIGEST_NAME_SHA2_256_192   "SHA2-256/192"
+# define OSSL_DIGEST_NAME_SHA2_384       "SHA2-384"
+# define OSSL_DIGEST_NAME_SHA2_512       "SHA2-512"
+# define OSSL_DIGEST_NAME_SHA2_512_224   "SHA2-512/224"
+# define OSSL_DIGEST_NAME_SHA2_512_256   "SHA2-512/256"
+# define OSSL_DIGEST_NAME_MD2            "MD2"
+# define OSSL_DIGEST_NAME_MD4            "MD4"
+# define OSSL_DIGEST_NAME_MDC2           "MDC2"
+# define OSSL_DIGEST_NAME_RIPEMD160      "RIPEMD160"
+# define OSSL_DIGEST_NAME_SHA3_224       "SHA3-224"
+# define OSSL_DIGEST_NAME_SHA3_256       "SHA3-256"
+# define OSSL_DIGEST_NAME_SHA3_384       "SHA3-384"
+# define OSSL_DIGEST_NAME_SHA3_512       "SHA3-512"
+# define OSSL_DIGEST_NAME_KECCAK_KMAC128 "KECCAK-KMAC-128"
+# define OSSL_DIGEST_NAME_KECCAK_KMAC256 "KECCAK-KMAC-256"
+# define OSSL_DIGEST_NAME_SM3            "SM3"
+
+/* Known MAC names */
+# define OSSL_MAC_NAME_BLAKE2BMAC    "BLAKE2BMAC"
+# define OSSL_MAC_NAME_BLAKE2SMAC    "BLAKE2SMAC"
+# define OSSL_MAC_NAME_CMAC          "CMAC"
+# define OSSL_MAC_NAME_GMAC          "GMAC"
+# define OSSL_MAC_NAME_HMAC          "HMAC"
+# define OSSL_MAC_NAME_KMAC128       "KMAC128"
+# define OSSL_MAC_NAME_KMAC256       "KMAC256"
+# define OSSL_MAC_NAME_POLY1305      "POLY1305"
+# define OSSL_MAC_NAME_SIPHASH       "SIPHASH"
+
+/* Known KDF names */
+# define OSSL_KDF_NAME_HKDF           "HKDF"
+# define OSSL_KDF_NAME_TLS1_3_KDF     "TLS13-KDF"
+# define OSSL_KDF_NAME_PBKDF1         "PBKDF1"
+# define OSSL_KDF_NAME_PBKDF2         "PBKDF2"
+# define OSSL_KDF_NAME_SCRYPT         "SCRYPT"
+# define OSSL_KDF_NAME_SSHKDF         "SSHKDF"
+# define OSSL_KDF_NAME_SSKDF          "SSKDF"
+# define OSSL_KDF_NAME_TLS1_PRF       "TLS1-PRF"
+# define OSSL_KDF_NAME_X942KDF_ASN1   "X942KDF-ASN1"
+# define OSSL_KDF_NAME_X942KDF_CONCAT "X942KDF-CONCAT"
+# define OSSL_KDF_NAME_X963KDF        "X963KDF"
+# define OSSL_KDF_NAME_KBKDF          "KBKDF"
+# define OSSL_KDF_NAME_KRB5KDF        "KRB5KDF"
+# define OSSL_KDF_NAME_HMACDRBGKDF    "HMAC-DRBG-KDF"
+
+/* RSA padding modes */
+# define OSSL_PKEY_RSA_PAD_MODE_NONE    "none"
+# define OSSL_PKEY_RSA_PAD_MODE_PKCSV15 "pkcs1"
+# define OSSL_PKEY_RSA_PAD_MODE_OAEP    "oaep"
+# define OSSL_PKEY_RSA_PAD_MODE_X931    "x931"
+# define OSSL_PKEY_RSA_PAD_MODE_PSS     "pss"
+
+/* RSA pss padding salt length */
+# define OSSL_PKEY_RSA_PSS_SALT_LEN_DIGEST "digest"
+# define OSSL_PKEY_RSA_PSS_SALT_LEN_MAX    "max"
+# define OSSL_PKEY_RSA_PSS_SALT_LEN_AUTO   "auto"
+# define OSSL_PKEY_RSA_PSS_SALT_LEN_AUTO_DIGEST_MAX "auto-digestmax"
+
+/* OSSL_PKEY_PARAM_EC_ENCODING values */
+# define OSSL_PKEY_EC_ENCODING_EXPLICIT  "explicit"
+# define OSSL_PKEY_EC_ENCODING_GROUP     "named_curve"
+
+# define OSSL_PKEY_EC_POINT_CONVERSION_FORMAT_UNCOMPRESSED "uncompressed"
+# define OSSL_PKEY_EC_POINT_CONVERSION_FORMAT_COMPRESSED   "compressed"
+# define OSSL_PKEY_EC_POINT_CONVERSION_FORMAT_HYBRID       "hybrid"
+
+# define OSSL_PKEY_EC_GROUP_CHECK_DEFAULT     "default"
+# define OSSL_PKEY_EC_GROUP_CHECK_NAMED       "named"
+# define OSSL_PKEY_EC_GROUP_CHECK_NAMED_NIST  "named-nist"
+
+/* OSSL_KEM_PARAM_OPERATION values */
+#define OSSL_KEM_PARAM_OPERATION_RSASVE     "RSASVE"
+#define OSSL_KEM_PARAM_OPERATION_DHKEM      "DHKEM"
+
+/* Parameter name definitions - generated by util/perl/OpenSSL/paramnames.pm */
+# define OSSL_ALG_PARAM_CIPHER "cipher"
+# define OSSL_ALG_PARAM_DIGEST "digest"
+# define OSSL_ALG_PARAM_ENGINE "engine"
+# define OSSL_ALG_PARAM_MAC "mac"
+# define OSSL_ALG_PARAM_PROPERTIES "properties"
+# define OSSL_ASYM_CIPHER_PARAM_DIGEST OSSL_PKEY_PARAM_DIGEST
+# define OSSL_ASYM_CIPHER_PARAM_ENGINE OSSL_PKEY_PARAM_ENGINE
+# define OSSL_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION "implicit-rejection"
+# define OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST OSSL_PKEY_PARAM_MGF1_DIGEST
+# define OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS OSSL_PKEY_PARAM_MGF1_PROPERTIES
+# define OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST OSSL_ALG_PARAM_DIGEST
+# define OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS "digest-props"
+# define OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL "oaep-label"
+# define OSSL_ASYM_CIPHER_PARAM_PAD_MODE OSSL_PKEY_PARAM_PAD_MODE
+# define OSSL_ASYM_CIPHER_PARAM_PROPERTIES OSSL_PKEY_PARAM_PROPERTIES
+# define OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION "tls-client-version"
+# define OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION "tls-negotiated-version"
+# define OSSL_CAPABILITY_TLS_GROUP_ALG "tls-group-alg"
+# define OSSL_CAPABILITY_TLS_GROUP_ID "tls-group-id"
+# define OSSL_CAPABILITY_TLS_GROUP_IS_KEM "tls-group-is-kem"
+# define OSSL_CAPABILITY_TLS_GROUP_MAX_DTLS "tls-max-dtls"
+# define OSSL_CAPABILITY_TLS_GROUP_MAX_TLS "tls-max-tls"
+# define OSSL_CAPABILITY_TLS_GROUP_MIN_DTLS "tls-min-dtls"
+# define OSSL_CAPABILITY_TLS_GROUP_MIN_TLS "tls-min-tls"
+# define OSSL_CAPABILITY_TLS_GROUP_NAME "tls-group-name"
+# define OSSL_CAPABILITY_TLS_GROUP_NAME_INTERNAL "tls-group-name-internal"
+# define OSSL_CAPABILITY_TLS_GROUP_SECURITY_BITS "tls-group-sec-bits"
+# define OSSL_CAPABILITY_TLS_SIGALG_CODE_POINT "tls-sigalg-code-point"
+# define OSSL_CAPABILITY_TLS_SIGALG_HASH_NAME "tls-sigalg-hash-name"
+# define OSSL_CAPABILITY_TLS_SIGALG_HASH_OID "tls-sigalg-hash-oid"
+# define OSSL_CAPABILITY_TLS_SIGALG_IANA_NAME "tls-sigalg-iana-name"
+# define OSSL_CAPABILITY_TLS_SIGALG_KEYTYPE "tls-sigalg-keytype"
+# define OSSL_CAPABILITY_TLS_SIGALG_KEYTYPE_OID "tls-sigalg-keytype-oid"
+# define OSSL_CAPABILITY_TLS_SIGALG_MAX_TLS "tls-max-tls"
+# define OSSL_CAPABILITY_TLS_SIGALG_MIN_TLS "tls-min-tls"
+# define OSSL_CAPABILITY_TLS_SIGALG_NAME "tls-sigalg-name"
+# define OSSL_CAPABILITY_TLS_SIGALG_OID "tls-sigalg-oid"
+# define OSSL_CAPABILITY_TLS_SIGALG_SECURITY_BITS "tls-sigalg-sec-bits"
+# define OSSL_CAPABILITY_TLS_SIGALG_SIG_NAME "tls-sigalg-sig-name"
+# define OSSL_CAPABILITY_TLS_SIGALG_SIG_OID "tls-sigalg-sig-oid"
+# define OSSL_CIPHER_PARAM_AEAD "aead"
+# define OSSL_CIPHER_PARAM_AEAD_IVLEN OSSL_CIPHER_PARAM_IVLEN
+# define OSSL_CIPHER_PARAM_AEAD_MAC_KEY "mackey"
+# define OSSL_CIPHER_PARAM_AEAD_TAG "tag"
+# define OSSL_CIPHER_PARAM_AEAD_TAGLEN "taglen"
+# define OSSL_CIPHER_PARAM_AEAD_TLS1_AAD "tlsaad"
+# define OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD "tlsaadpad"
+# define OSSL_CIPHER_PARAM_AEAD_TLS1_GET_IV_GEN "tlsivgen"
+# define OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED "tlsivfixed"
+# define OSSL_CIPHER_PARAM_AEAD_TLS1_SET_IV_INV "tlsivinv"
+# define OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS "alg_id_param"
+# define OSSL_CIPHER_PARAM_BLOCK_SIZE "blocksize"
+# define OSSL_CIPHER_PARAM_CTS "cts"
+# define OSSL_CIPHER_PARAM_CTS_MODE "cts_mode"
+# define OSSL_CIPHER_PARAM_CUSTOM_IV "custom-iv"
+# define OSSL_CIPHER_PARAM_HAS_RAND_KEY "has-randkey"
+# define OSSL_CIPHER_PARAM_IV "iv"
+# define OSSL_CIPHER_PARAM_IVLEN "ivlen"
+# define OSSL_CIPHER_PARAM_KEYLEN "keylen"
+# define OSSL_CIPHER_PARAM_MODE "mode"
+# define OSSL_CIPHER_PARAM_NUM "num"
+# define OSSL_CIPHER_PARAM_PADDING "padding"
+# define OSSL_CIPHER_PARAM_RANDOM_KEY "randkey"
+# define OSSL_CIPHER_PARAM_RC2_KEYBITS "keybits"
+# define OSSL_CIPHER_PARAM_ROUNDS "rounds"
+# define OSSL_CIPHER_PARAM_SPEED "speed"
+# define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK "tls-multi"
+# define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD "tls1multi_aad"
+# define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN "tls1multi_aadpacklen"
+# define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC "tls1multi_enc"
+# define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN "tls1multi_encin"
+# define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN "tls1multi_enclen"
+# define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE "tls1multi_interleave"
+# define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE "tls1multi_maxbufsz"
+# define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT "tls1multi_maxsndfrag"
+# define OSSL_CIPHER_PARAM_TLS_MAC "tls-mac"
+# define OSSL_CIPHER_PARAM_TLS_MAC_SIZE "tls-mac-size"
+# define OSSL_CIPHER_PARAM_TLS_VERSION "tls-version"
+# define OSSL_CIPHER_PARAM_UPDATED_IV "updated-iv"
+# define OSSL_CIPHER_PARAM_USE_BITS "use-bits"
+# define OSSL_CIPHER_PARAM_XTS_STANDARD "xts_standard"
+# define OSSL_DECODER_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
+# define OSSL_DIGEST_PARAM_ALGID_ABSENT "algid-absent"
+# define OSSL_DIGEST_PARAM_BLOCK_SIZE "blocksize"
+# define OSSL_DIGEST_PARAM_MICALG "micalg"
+# define OSSL_DIGEST_PARAM_PAD_TYPE "pad-type"
+# define OSSL_DIGEST_PARAM_SIZE "size"
+# define OSSL_DIGEST_PARAM_SSL3_MS "ssl3-ms"
+# define OSSL_DIGEST_PARAM_XOF "xof"
+# define OSSL_DIGEST_PARAM_XOFLEN "xoflen"
+# define OSSL_DRBG_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER
+# define OSSL_DRBG_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST
+# define OSSL_DRBG_PARAM_ENTROPY_REQUIRED "entropy_required"
+# define OSSL_DRBG_PARAM_MAC OSSL_ALG_PARAM_MAC
+# define OSSL_DRBG_PARAM_MAX_ADINLEN "max_adinlen"
+# define OSSL_DRBG_PARAM_MAX_ENTROPYLEN "max_entropylen"
+# define OSSL_DRBG_PARAM_MAX_LENGTH "maxium_length"
+# define OSSL_DRBG_PARAM_MAX_NONCELEN "max_noncelen"
+# define OSSL_DRBG_PARAM_MAX_PERSLEN "max_perslen"
+# define OSSL_DRBG_PARAM_MIN_ENTROPYLEN "min_entropylen"
+# define OSSL_DRBG_PARAM_MIN_LENGTH "minium_length"
+# define OSSL_DRBG_PARAM_MIN_NONCELEN "min_noncelen"
+# define OSSL_DRBG_PARAM_PREDICTION_RESISTANCE "prediction_resistance"
+# define OSSL_DRBG_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
+# define OSSL_DRBG_PARAM_RANDOM_DATA "random_data"
+# define OSSL_DRBG_PARAM_RESEED_COUNTER "reseed_counter"
+# define OSSL_DRBG_PARAM_RESEED_REQUESTS "reseed_requests"
+# define OSSL_DRBG_PARAM_RESEED_TIME "reseed_time"
+# define OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL "reseed_time_interval"
+# define OSSL_DRBG_PARAM_SIZE "size"
+# define OSSL_DRBG_PARAM_USE_DF "use_derivation_function"
+# define OSSL_ENCODER_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER
+# define OSSL_ENCODER_PARAM_ENCRYPT_LEVEL "encrypt-level"
+# define OSSL_ENCODER_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
+# define OSSL_ENCODER_PARAM_SAVE_PARAMETERS "save-parameters"
+# define OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE "ecdh-cofactor-mode"
+# define OSSL_EXCHANGE_PARAM_KDF_DIGEST "kdf-digest"
+# define OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS "kdf-digest-props"
+# define OSSL_EXCHANGE_PARAM_KDF_OUTLEN "kdf-outlen"
+# define OSSL_EXCHANGE_PARAM_KDF_TYPE "kdf-type"
+# define OSSL_EXCHANGE_PARAM_KDF_UKM "kdf-ukm"
+# define OSSL_EXCHANGE_PARAM_PAD "pad"
+# define OSSL_GEN_PARAM_ITERATION "iteration"
+# define OSSL_GEN_PARAM_POTENTIAL "potential"
+# define OSSL_KDF_PARAM_ARGON2_AD "ad"
+# define OSSL_KDF_PARAM_ARGON2_LANES "lanes"
+# define OSSL_KDF_PARAM_ARGON2_MEMCOST "memcost"
+# define OSSL_KDF_PARAM_ARGON2_VERSION "version"
+# define OSSL_KDF_PARAM_CEK_ALG "cekalg"
+# define OSSL_KDF_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER
+# define OSSL_KDF_PARAM_CONSTANT "constant"
+# define OSSL_KDF_PARAM_DATA "data"
+# define OSSL_KDF_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST
+# define OSSL_KDF_PARAM_EARLY_CLEAN "early_clean"
+# define OSSL_KDF_PARAM_HMACDRBG_ENTROPY "entropy"
+# define OSSL_KDF_PARAM_HMACDRBG_NONCE "nonce"
+# define OSSL_KDF_PARAM_INFO "info"
+# define OSSL_KDF_PARAM_ITER "iter"
+# define OSSL_KDF_PARAM_KBKDF_R "r"
+# define OSSL_KDF_PARAM_KBKDF_USE_L "use-l"
+# define OSSL_KDF_PARAM_KBKDF_USE_SEPARATOR "use-separator"
+# define OSSL_KDF_PARAM_KEY "key"
+# define OSSL_KDF_PARAM_LABEL "label"
+# define OSSL_KDF_PARAM_MAC OSSL_ALG_PARAM_MAC
+# define OSSL_KDF_PARAM_MAC_SIZE "maclen"
+# define OSSL_KDF_PARAM_MODE "mode"
+# define OSSL_KDF_PARAM_PASSWORD "pass"
+# define OSSL_KDF_PARAM_PKCS12_ID "id"
+# define OSSL_KDF_PARAM_PKCS5 "pkcs5"
+# define OSSL_KDF_PARAM_PREFIX "prefix"
+# define OSSL_KDF_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
+# define OSSL_KDF_PARAM_SALT "salt"
+# define OSSL_KDF_PARAM_SCRYPT_MAXMEM "maxmem_bytes"
+# define OSSL_KDF_PARAM_SCRYPT_N "n"
+# define OSSL_KDF_PARAM_SCRYPT_P "p"
+# define OSSL_KDF_PARAM_SCRYPT_R "r"
+# define OSSL_KDF_PARAM_SECRET "secret"
+# define OSSL_KDF_PARAM_SEED "seed"
+# define OSSL_KDF_PARAM_SIZE "size"
+# define OSSL_KDF_PARAM_SSHKDF_SESSION_ID "session_id"
+# define OSSL_KDF_PARAM_SSHKDF_TYPE "type"
+# define OSSL_KDF_PARAM_SSHKDF_XCGHASH "xcghash"
+# define OSSL_KDF_PARAM_THREADS "threads"
+# define OSSL_KDF_PARAM_UKM "ukm"
+# define OSSL_KDF_PARAM_X942_ACVPINFO "acvp-info"
+# define OSSL_KDF_PARAM_X942_PARTYUINFO "partyu-info"
+# define OSSL_KDF_PARAM_X942_PARTYVINFO "partyv-info"
+# define OSSL_KDF_PARAM_X942_SUPP_PRIVINFO "supp-privinfo"
+# define OSSL_KDF_PARAM_X942_SUPP_PUBINFO "supp-pubinfo"
+# define OSSL_KDF_PARAM_X942_USE_KEYBITS "use-keybits"
+# define OSSL_KEM_PARAM_IKME "ikme"
+# define OSSL_KEM_PARAM_OPERATION "operation"
+# define OSSL_LIBSSL_RECORD_LAYER_PARAM_BLOCK_PADDING "block_padding"
+# define OSSL_LIBSSL_RECORD_LAYER_PARAM_MAX_EARLY_DATA "max_early_data"
+# define OSSL_LIBSSL_RECORD_LAYER_PARAM_MAX_FRAG_LEN "max_frag_len"
+# define OSSL_LIBSSL_RECORD_LAYER_PARAM_MODE "mode"
+# define OSSL_LIBSSL_RECORD_LAYER_PARAM_OPTIONS "options"
+# define OSSL_LIBSSL_RECORD_LAYER_PARAM_READ_AHEAD "read_ahead"
+# define OSSL_LIBSSL_RECORD_LAYER_PARAM_STREAM_MAC "stream_mac"
+# define OSSL_LIBSSL_RECORD_LAYER_PARAM_TLSTREE "tlstree"
+# define OSSL_LIBSSL_RECORD_LAYER_PARAM_USE_ETM "use_etm"
+# define OSSL_LIBSSL_RECORD_LAYER_READ_BUFFER_LEN "read_buffer_len"
+# define OSSL_MAC_PARAM_BLOCK_SIZE "block-size"
+# define OSSL_MAC_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER
+# define OSSL_MAC_PARAM_CUSTOM "custom"
+# define OSSL_MAC_PARAM_C_ROUNDS "c-rounds"
+# define OSSL_MAC_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST
+# define OSSL_MAC_PARAM_DIGEST_NOINIT "digest-noinit"
+# define OSSL_MAC_PARAM_DIGEST_ONESHOT "digest-oneshot"
+# define OSSL_MAC_PARAM_D_ROUNDS "d-rounds"
+# define OSSL_MAC_PARAM_IV "iv"
+# define OSSL_MAC_PARAM_KEY "key"
+# define OSSL_MAC_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
+# define OSSL_MAC_PARAM_SALT "salt"
+# define OSSL_MAC_PARAM_SIZE "size"
+# define OSSL_MAC_PARAM_TLS_DATA_SIZE "tls-data-size"
+# define OSSL_MAC_PARAM_XOF "xof"
+# define OSSL_OBJECT_PARAM_DATA "data"
+# define OSSL_OBJECT_PARAM_DATA_STRUCTURE "data-structure"
+# define OSSL_OBJECT_PARAM_DATA_TYPE "data-type"
+# define OSSL_OBJECT_PARAM_DESC "desc"
+# define OSSL_OBJECT_PARAM_REFERENCE "reference"
+# define OSSL_OBJECT_PARAM_TYPE "type"
+# define OSSL_PASSPHRASE_PARAM_INFO "info"
+# define OSSL_PKEY_PARAM_BITS "bits"
+# define OSSL_PKEY_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER
+# define OSSL_PKEY_PARAM_DEFAULT_DIGEST "default-digest"
+# define OSSL_PKEY_PARAM_DHKEM_IKM "dhkem-ikm"
+# define OSSL_PKEY_PARAM_DH_GENERATOR "safeprime-generator"
+# define OSSL_PKEY_PARAM_DH_PRIV_LEN "priv_len"
+# define OSSL_PKEY_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST
+# define OSSL_PKEY_PARAM_DIGEST_SIZE "digest-size"
+# define OSSL_PKEY_PARAM_DIST_ID "distid"
+# define OSSL_PKEY_PARAM_EC_A "a"
+# define OSSL_PKEY_PARAM_EC_B "b"
+# define OSSL_PKEY_PARAM_EC_CHAR2_M "m"
+# define OSSL_PKEY_PARAM_EC_CHAR2_PP_K1 "k1"
+# define OSSL_PKEY_PARAM_EC_CHAR2_PP_K2 "k2"
+# define OSSL_PKEY_PARAM_EC_CHAR2_PP_K3 "k3"
+# define OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS "tp"
+# define OSSL_PKEY_PARAM_EC_CHAR2_TYPE "basis-type"
+# define OSSL_PKEY_PARAM_EC_COFACTOR "cofactor"
+# define OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS "decoded-from-explicit"
+# define OSSL_PKEY_PARAM_EC_ENCODING "encoding"
+# define OSSL_PKEY_PARAM_EC_FIELD_TYPE "field-type"
+# define OSSL_PKEY_PARAM_EC_GENERATOR "generator"
+# define OSSL_PKEY_PARAM_EC_GROUP_CHECK_TYPE "group-check"
+# define OSSL_PKEY_PARAM_EC_INCLUDE_PUBLIC "include-public"
+# define OSSL_PKEY_PARAM_EC_ORDER "order"
+# define OSSL_PKEY_PARAM_EC_P "p"
+# define OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT "point-format"
+# define OSSL_PKEY_PARAM_EC_PUB_X "qx"
+# define OSSL_PKEY_PARAM_EC_PUB_Y "qy"
+# define OSSL_PKEY_PARAM_EC_SEED "seed"
+# define OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY "encoded-pub-key"
+# define OSSL_PKEY_PARAM_ENGINE OSSL_ALG_PARAM_ENGINE
+# define OSSL_PKEY_PARAM_FFC_COFACTOR "j"
+# define OSSL_PKEY_PARAM_FFC_DIGEST OSSL_PKEY_PARAM_DIGEST
+# define OSSL_PKEY_PARAM_FFC_DIGEST_PROPS OSSL_PKEY_PARAM_PROPERTIES
+# define OSSL_PKEY_PARAM_FFC_G "g"
+# define OSSL_PKEY_PARAM_FFC_GINDEX "gindex"
+# define OSSL_PKEY_PARAM_FFC_H "hindex"
+# define OSSL_PKEY_PARAM_FFC_P "p"
+# define OSSL_PKEY_PARAM_FFC_PBITS "pbits"
+# define OSSL_PKEY_PARAM_FFC_PCOUNTER "pcounter"
+# define OSSL_PKEY_PARAM_FFC_Q "q"
+# define OSSL_PKEY_PARAM_FFC_QBITS "qbits"
+# define OSSL_PKEY_PARAM_FFC_SEED "seed"
+# define OSSL_PKEY_PARAM_FFC_TYPE "type"
+# define OSSL_PKEY_PARAM_FFC_VALIDATE_G "validate-g"
+# define OSSL_PKEY_PARAM_FFC_VALIDATE_LEGACY "validate-legacy"
+# define OSSL_PKEY_PARAM_FFC_VALIDATE_PQ "validate-pq"
+# define OSSL_PKEY_PARAM_GROUP_NAME "group"
+# define OSSL_PKEY_PARAM_IMPLICIT_REJECTION "implicit-rejection"
+# define OSSL_PKEY_PARAM_MANDATORY_DIGEST "mandatory-digest"
+# define OSSL_PKEY_PARAM_MASKGENFUNC "mgf"
+# define OSSL_PKEY_PARAM_MAX_SIZE "max-size"
+# define OSSL_PKEY_PARAM_MGF1_DIGEST "mgf1-digest"
+# define OSSL_PKEY_PARAM_MGF1_PROPERTIES "mgf1-properties"
+# define OSSL_PKEY_PARAM_PAD_MODE "pad-mode"
+# define OSSL_PKEY_PARAM_PRIV_KEY "priv"
+# define OSSL_PKEY_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
+# define OSSL_PKEY_PARAM_PUB_KEY "pub"
+# define OSSL_PKEY_PARAM_RSA_BITS OSSL_PKEY_PARAM_BITS
+# define OSSL_PKEY_PARAM_RSA_COEFFICIENT "rsa-coefficient"
+# define OSSL_PKEY_PARAM_RSA_COEFFICIENT1 "rsa-coefficient1"
+# define OSSL_PKEY_PARAM_RSA_COEFFICIENT2 "rsa-coefficient2"
+# define OSSL_PKEY_PARAM_RSA_COEFFICIENT3 "rsa-coefficient3"
+# define OSSL_PKEY_PARAM_RSA_COEFFICIENT4 "rsa-coefficient4"
+# define OSSL_PKEY_PARAM_RSA_COEFFICIENT5 "rsa-coefficient5"
+# define OSSL_PKEY_PARAM_RSA_COEFFICIENT6 "rsa-coefficient6"
+# define OSSL_PKEY_PARAM_RSA_COEFFICIENT7 "rsa-coefficient7"
+# define OSSL_PKEY_PARAM_RSA_COEFFICIENT8 "rsa-coefficient8"
+# define OSSL_PKEY_PARAM_RSA_COEFFICIENT9 "rsa-coefficient9"
+# define OSSL_PKEY_PARAM_RSA_D "d"
+# define OSSL_PKEY_PARAM_RSA_DIGEST OSSL_PKEY_PARAM_DIGEST
+# define OSSL_PKEY_PARAM_RSA_DIGEST_PROPS OSSL_PKEY_PARAM_PROPERTIES
+# define OSSL_PKEY_PARAM_RSA_E "e"
+# define OSSL_PKEY_PARAM_RSA_EXPONENT "rsa-exponent"
+# define OSSL_PKEY_PARAM_RSA_EXPONENT1 "rsa-exponent1"
+# define OSSL_PKEY_PARAM_RSA_EXPONENT10 "rsa-exponent10"
+# define OSSL_PKEY_PARAM_RSA_EXPONENT2 "rsa-exponent2"
+# define OSSL_PKEY_PARAM_RSA_EXPONENT3 "rsa-exponent3"
+# define OSSL_PKEY_PARAM_RSA_EXPONENT4 "rsa-exponent4"
+# define OSSL_PKEY_PARAM_RSA_EXPONENT5 "rsa-exponent5"
+# define OSSL_PKEY_PARAM_RSA_EXPONENT6 "rsa-exponent6"
+# define OSSL_PKEY_PARAM_RSA_EXPONENT7 "rsa-exponent7"
+# define OSSL_PKEY_PARAM_RSA_EXPONENT8 "rsa-exponent8"
+# define OSSL_PKEY_PARAM_RSA_EXPONENT9 "rsa-exponent9"
+# define OSSL_PKEY_PARAM_RSA_FACTOR "rsa-factor"
+# define OSSL_PKEY_PARAM_RSA_FACTOR1 "rsa-factor1"
+# define OSSL_PKEY_PARAM_RSA_FACTOR10 "rsa-factor10"
+# define OSSL_PKEY_PARAM_RSA_FACTOR2 "rsa-factor2"
+# define OSSL_PKEY_PARAM_RSA_FACTOR3 "rsa-factor3"
+# define OSSL_PKEY_PARAM_RSA_FACTOR4 "rsa-factor4"
+# define OSSL_PKEY_PARAM_RSA_FACTOR5 "rsa-factor5"
+# define OSSL_PKEY_PARAM_RSA_FACTOR6 "rsa-factor6"
+# define OSSL_PKEY_PARAM_RSA_FACTOR7 "rsa-factor7"
+# define OSSL_PKEY_PARAM_RSA_FACTOR8 "rsa-factor8"
+# define OSSL_PKEY_PARAM_RSA_FACTOR9 "rsa-factor9"
+# define OSSL_PKEY_PARAM_RSA_MASKGENFUNC OSSL_PKEY_PARAM_MASKGENFUNC
+# define OSSL_PKEY_PARAM_RSA_MGF1_DIGEST OSSL_PKEY_PARAM_MGF1_DIGEST
+# define OSSL_PKEY_PARAM_RSA_N "n"
+# define OSSL_PKEY_PARAM_RSA_PRIMES "primes"
+# define OSSL_PKEY_PARAM_RSA_PSS_SALTLEN "saltlen"
+# define OSSL_PKEY_PARAM_RSA_TEST_P1 "p1"
+# define OSSL_PKEY_PARAM_RSA_TEST_P2 "p2"
+# define OSSL_PKEY_PARAM_RSA_TEST_Q1 "q1"
+# define OSSL_PKEY_PARAM_RSA_TEST_Q2 "q2"
+# define OSSL_PKEY_PARAM_RSA_TEST_XP "xp"
+# define OSSL_PKEY_PARAM_RSA_TEST_XP1 "xp1"
+# define OSSL_PKEY_PARAM_RSA_TEST_XP2 "xp2"
+# define OSSL_PKEY_PARAM_RSA_TEST_XQ "xq"
+# define OSSL_PKEY_PARAM_RSA_TEST_XQ1 "xq1"
+# define OSSL_PKEY_PARAM_RSA_TEST_XQ2 "xq2"
+# define OSSL_PKEY_PARAM_SECURITY_BITS "security-bits"
+# define OSSL_PKEY_PARAM_USE_COFACTOR_ECDH OSSL_PKEY_PARAM_USE_COFACTOR_FLAG
+# define OSSL_PKEY_PARAM_USE_COFACTOR_FLAG "use-cofactor-flag"
+# define OSSL_PROV_PARAM_BUILDINFO "buildinfo"
+# define OSSL_PROV_PARAM_CORE_MODULE_FILENAME "module-filename"
+# define OSSL_PROV_PARAM_CORE_PROV_NAME "provider-name"
+# define OSSL_PROV_PARAM_CORE_VERSION "openssl-version"
+# define OSSL_PROV_PARAM_DRBG_TRUNC_DIGEST "drbg-no-trunc-md"
+# define OSSL_PROV_PARAM_NAME "name"
+# define OSSL_PROV_PARAM_SECURITY_CHECKS "security-checks"
+# define OSSL_PROV_PARAM_SELF_TEST_DESC "st-desc"
+# define OSSL_PROV_PARAM_SELF_TEST_PHASE "st-phase"
+# define OSSL_PROV_PARAM_SELF_TEST_TYPE "st-type"
+# define OSSL_PROV_PARAM_STATUS "status"
+# define OSSL_PROV_PARAM_TLS1_PRF_EMS_CHECK "tls1-prf-ems-check"
+# define OSSL_PROV_PARAM_VERSION "version"
+# define OSSL_RAND_PARAM_GENERATE "generate"
+# define OSSL_RAND_PARAM_MAX_REQUEST "max_request"
+# define OSSL_RAND_PARAM_STATE "state"
+# define OSSL_RAND_PARAM_STRENGTH "strength"
+# define OSSL_RAND_PARAM_TEST_ENTROPY "test_entropy"
+# define OSSL_RAND_PARAM_TEST_NONCE "test_nonce"
+# define OSSL_SIGNATURE_PARAM_ALGORITHM_ID "algorithm-id"
+# define OSSL_SIGNATURE_PARAM_CONTEXT_STRING "context-string"
+# define OSSL_SIGNATURE_PARAM_DIGEST OSSL_PKEY_PARAM_DIGEST
+# define OSSL_SIGNATURE_PARAM_DIGEST_SIZE OSSL_PKEY_PARAM_DIGEST_SIZE
+# define OSSL_SIGNATURE_PARAM_INSTANCE "instance"
+# define OSSL_SIGNATURE_PARAM_KAT "kat"
+# define OSSL_SIGNATURE_PARAM_MGF1_DIGEST OSSL_PKEY_PARAM_MGF1_DIGEST
+# define OSSL_SIGNATURE_PARAM_MGF1_PROPERTIES OSSL_PKEY_PARAM_MGF1_PROPERTIES
+# define OSSL_SIGNATURE_PARAM_NONCE_TYPE "nonce-type"
+# define OSSL_SIGNATURE_PARAM_PAD_MODE OSSL_PKEY_PARAM_PAD_MODE
+# define OSSL_SIGNATURE_PARAM_PROPERTIES OSSL_PKEY_PARAM_PROPERTIES
+# define OSSL_SIGNATURE_PARAM_PSS_SALTLEN "saltlen"
+# define OSSL_STORE_PARAM_ALIAS "alias"
+# define OSSL_STORE_PARAM_DIGEST "digest"
+# define OSSL_STORE_PARAM_EXPECT "expect"
+# define OSSL_STORE_PARAM_FINGERPRINT "fingerprint"
+# define OSSL_STORE_PARAM_INPUT_TYPE "input-type"
+# define OSSL_STORE_PARAM_ISSUER "name"
+# define OSSL_STORE_PARAM_PROPERTIES "properties"
+# define OSSL_STORE_PARAM_SERIAL "serial"
+# define OSSL_STORE_PARAM_SUBJECT "subject"
+
+# ifdef __cplusplus
+}
+# endif
+
+#endif

libs/openssl/include/openssl/core_names.h.in

@@ -1,119 +0,0 @@
-/*
- * {- join("\n * ", @autowarntext) -}
- *
- * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-{-
-use OpenSSL::paramnames qw(generate_public_macros);
--}
-
-#ifndef OPENSSL_CORE_NAMES_H
-# define OPENSSL_CORE_NAMES_H
-# pragma once
-
-# ifdef __cplusplus
-extern "C" {
-# endif
-
-/* OSSL_CIPHER_PARAM_CTS_MODE Values */
-# define OSSL_CIPHER_CTS_MODE_CS1 "CS1"
-# define OSSL_CIPHER_CTS_MODE_CS2 "CS2"
-# define OSSL_CIPHER_CTS_MODE_CS3 "CS3"
-
-/* Known CIPHER names (not a complete list) */
-# define OSSL_CIPHER_NAME_AES_128_GCM_SIV      "AES-128-GCM-SIV"
-# define OSSL_CIPHER_NAME_AES_192_GCM_SIV      "AES-192-GCM-SIV"
-# define OSSL_CIPHER_NAME_AES_256_GCM_SIV      "AES-256-GCM-SIV"
-
-/* Known DIGEST names (not a complete list) */
-# define OSSL_DIGEST_NAME_MD5            "MD5"
-# define OSSL_DIGEST_NAME_MD5_SHA1       "MD5-SHA1"
-# define OSSL_DIGEST_NAME_SHA1           "SHA1"
-# define OSSL_DIGEST_NAME_SHA2_224       "SHA2-224"
-# define OSSL_DIGEST_NAME_SHA2_256       "SHA2-256"
-# define OSSL_DIGEST_NAME_SHA2_256_192   "SHA2-256/192"
-# define OSSL_DIGEST_NAME_SHA2_384       "SHA2-384"
-# define OSSL_DIGEST_NAME_SHA2_512       "SHA2-512"
-# define OSSL_DIGEST_NAME_SHA2_512_224   "SHA2-512/224"
-# define OSSL_DIGEST_NAME_SHA2_512_256   "SHA2-512/256"
-# define OSSL_DIGEST_NAME_MD2            "MD2"
-# define OSSL_DIGEST_NAME_MD4            "MD4"
-# define OSSL_DIGEST_NAME_MDC2           "MDC2"
-# define OSSL_DIGEST_NAME_RIPEMD160      "RIPEMD160"
-# define OSSL_DIGEST_NAME_SHA3_224       "SHA3-224"
-# define OSSL_DIGEST_NAME_SHA3_256       "SHA3-256"
-# define OSSL_DIGEST_NAME_SHA3_384       "SHA3-384"
-# define OSSL_DIGEST_NAME_SHA3_512       "SHA3-512"
-# define OSSL_DIGEST_NAME_KECCAK_KMAC128 "KECCAK-KMAC-128"
-# define OSSL_DIGEST_NAME_KECCAK_KMAC256 "KECCAK-KMAC-256"
-# define OSSL_DIGEST_NAME_SM3            "SM3"
-
-/* Known MAC names */
-# define OSSL_MAC_NAME_BLAKE2BMAC    "BLAKE2BMAC"
-# define OSSL_MAC_NAME_BLAKE2SMAC    "BLAKE2SMAC"
-# define OSSL_MAC_NAME_CMAC          "CMAC"
-# define OSSL_MAC_NAME_GMAC          "GMAC"
-# define OSSL_MAC_NAME_HMAC          "HMAC"
-# define OSSL_MAC_NAME_KMAC128       "KMAC128"
-# define OSSL_MAC_NAME_KMAC256       "KMAC256"
-# define OSSL_MAC_NAME_POLY1305      "POLY1305"
-# define OSSL_MAC_NAME_SIPHASH       "SIPHASH"
-
-/* Known KDF names */
-# define OSSL_KDF_NAME_HKDF           "HKDF"
-# define OSSL_KDF_NAME_TLS1_3_KDF     "TLS13-KDF"
-# define OSSL_KDF_NAME_PBKDF1         "PBKDF1"
-# define OSSL_KDF_NAME_PBKDF2         "PBKDF2"
-# define OSSL_KDF_NAME_SCRYPT         "SCRYPT"
-# define OSSL_KDF_NAME_SSHKDF         "SSHKDF"
-# define OSSL_KDF_NAME_SSKDF          "SSKDF"
-# define OSSL_KDF_NAME_TLS1_PRF       "TLS1-PRF"
-# define OSSL_KDF_NAME_X942KDF_ASN1   "X942KDF-ASN1"
-# define OSSL_KDF_NAME_X942KDF_CONCAT "X942KDF-CONCAT"
-# define OSSL_KDF_NAME_X963KDF        "X963KDF"
-# define OSSL_KDF_NAME_KBKDF          "KBKDF"
-# define OSSL_KDF_NAME_KRB5KDF        "KRB5KDF"
-# define OSSL_KDF_NAME_HMACDRBGKDF    "HMAC-DRBG-KDF"
-
-/* RSA padding modes */
-# define OSSL_PKEY_RSA_PAD_MODE_NONE    "none"
-# define OSSL_PKEY_RSA_PAD_MODE_PKCSV15 "pkcs1"
-# define OSSL_PKEY_RSA_PAD_MODE_OAEP    "oaep"
-# define OSSL_PKEY_RSA_PAD_MODE_X931    "x931"
-# define OSSL_PKEY_RSA_PAD_MODE_PSS     "pss"
-
-/* RSA pss padding salt length */
-# define OSSL_PKEY_RSA_PSS_SALT_LEN_DIGEST "digest"
-# define OSSL_PKEY_RSA_PSS_SALT_LEN_MAX    "max"
-# define OSSL_PKEY_RSA_PSS_SALT_LEN_AUTO   "auto"
-# define OSSL_PKEY_RSA_PSS_SALT_LEN_AUTO_DIGEST_MAX "auto-digestmax"
-
-/* OSSL_PKEY_PARAM_EC_ENCODING values */
-# define OSSL_PKEY_EC_ENCODING_EXPLICIT  "explicit"
-# define OSSL_PKEY_EC_ENCODING_GROUP     "named_curve"
-
-# define OSSL_PKEY_EC_POINT_CONVERSION_FORMAT_UNCOMPRESSED "uncompressed"
-# define OSSL_PKEY_EC_POINT_CONVERSION_FORMAT_COMPRESSED   "compressed"
-# define OSSL_PKEY_EC_POINT_CONVERSION_FORMAT_HYBRID       "hybrid"
-
-# define OSSL_PKEY_EC_GROUP_CHECK_DEFAULT     "default"
-# define OSSL_PKEY_EC_GROUP_CHECK_NAMED       "named"
-# define OSSL_PKEY_EC_GROUP_CHECK_NAMED_NIST  "named-nist"
-
-/* OSSL_KEM_PARAM_OPERATION values */
-#define OSSL_KEM_PARAM_OPERATION_RSASVE     "RSASVE"
-#define OSSL_KEM_PARAM_OPERATION_DHKEM      "DHKEM"
-
-/* Parameter name definitions - generated by util/perl/OpenSSL/paramnames.pm */
-{- generate_public_macros(); -}
-
-# ifdef __cplusplus
-}
-# endif
-
-#endif

libs/openssl/include/openssl/opensslv.h

@@ -28,8 +28,8 @@ extern "C" {
  * These macros express version number MAJOR.MINOR.PATCH exactly
  */
 # define OPENSSL_VERSION_MAJOR  3
-# define OPENSSL_VERSION_MINOR  1
-# define OPENSSL_VERSION_PATCH  4
+# define OPENSSL_VERSION_MINOR  2
+# define OPENSSL_VERSION_PATCH  0
 
 /*
  * Additional version information
@@ -74,21 +74,21 @@ extern "C" {
  * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
  * OPENSSL_VERSION_BUILD_METADATA_STR appended.
  */
-# define OPENSSL_VERSION_STR "3.1.4"
-# define OPENSSL_FULL_VERSION_STR "3.1.4"
+# define OPENSSL_VERSION_STR "3.2.0"
+# define OPENSSL_FULL_VERSION_STR "3.2.0"
 
 /*
  * SECTION 3: ADDITIONAL METADATA
  *
  * These strings are defined separately to allow them to be parsable.
  */
-# define OPENSSL_RELEASE_DATE "24 Oct 2023"
+# define OPENSSL_RELEASE_DATE "23 Nov 2023"
 
 /*
  * SECTION 4: BACKWARD COMPATIBILITY
  */
 
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.1.4 24 Oct 2023"
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.2.0 23 Nov 2023"
 
 /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
 # ifdef OPENSSL_VERSION_PRE_RELEASE

libs/openssl/include/openssl/x509v3.h

@@ -742,9 +742,10 @@ SKM_DEFINE_STACK_OF_INTERNAL(X509_PURPOSE, X509_PURPOSE, X509_PURPOSE)
 # define X509_PURPOSE_ANY                7
 # define X509_PURPOSE_OCSP_HELPER        8
 # define X509_PURPOSE_TIMESTAMP_SIGN     9
+# define X509_PURPOSE_CODE_SIGN         10
 
 # define X509_PURPOSE_MIN                1
-# define X509_PURPOSE_MAX                9
+# define X509_PURPOSE_MAX               10
 
 /* Flags for X509V3_EXT_print() */