MFC r307584

Fix C++ includability of crypto headers with static array sizes

C99 allows array function parameters to use the static keyword for their
sizes. This tells the compiler that the parameter will have at least the
specified size, and calling code will fail to compile if that guarantee is
not met. However, this syntax is not legal in C++.

This commit reverts r300824, which worked around the problem for
sys/sys/md5.h only, and introduces a new macro: min_size(). min_size(x) can
be used in headers as a static array size, but will still compile in C++
mode.

12 files changed, 45 insertions, 28 deletions

diff --git a/lib/libmd/md5.h b/lib/libmd/md5.h
index 1d125a8..5ab3b14 100644
--- a/lib/libmd/md5.h
+++ b/lib/libmd/md5.h
@@ -37,13 +37,5 @@
 
 #endif
 
-#ifdef __cplusplus
-#define static
-#endif
-
 #include <sys/md5.h>
-
-#ifdef __cplusplus
-#undef static
-#endif
 #endif /* _MD5_H_ */
diff --git a/sys/crypto/aesni/aesni.h b/sys/crypto/aesni/aesni.h
index b327c01..c3e113d 100644
--- a/sys/crypto/aesni/aesni.h
+++ b/sys/crypto/aesni/aesni.h
@@ -79,23 +79,25 @@ void aesni_set_deckey(const uint8_t *encrypt_schedule /*__aligned(16)*/,
  */
 void aesni_encrypt_cbc(int rounds, const void *key_schedule /*__aligned(16)*/,
     size_t len, const uint8_t *from, uint8_t *to,
-    const uint8_t iv[static AES_BLOCK_LEN]);
+    const uint8_t iv[__min_size(AES_BLOCK_LEN)]);
 void aesni_decrypt_cbc(int rounds, const void *key_schedule /*__aligned(16)*/,
-    size_t len, uint8_t *buf, const uint8_t iv[static AES_BLOCK_LEN]);
+    size_t len, uint8_t *buf, const uint8_t iv[__min_size(AES_BLOCK_LEN)]);
 void aesni_encrypt_ecb(int rounds, const void *key_schedule /*__aligned(16)*/,
     size_t len, const uint8_t *from, uint8_t *to);
 void aesni_decrypt_ecb(int rounds, const void *key_schedule /*__aligned(16)*/,
     size_t len, const uint8_t *from, uint8_t *to);
 void aesni_encrypt_icm(int rounds, const void *key_schedule /*__aligned(16)*/,
     size_t len, const uint8_t *from, uint8_t *to,
-    const uint8_t iv[static AES_BLOCK_LEN]);
+    const uint8_t iv[__min_size(AES_BLOCK_LEN)]);
 
 void aesni_encrypt_xts(int rounds, const void *data_schedule /*__aligned(16)*/,
     const void *tweak_schedule /*__aligned(16)*/, size_t len,
-    const uint8_t *from, uint8_t *to, const uint8_t iv[static AES_BLOCK_LEN]);
+    const uint8_t *from, uint8_t *to,
+    const uint8_t iv[__min_size(AES_BLOCK_LEN)]);
 void aesni_decrypt_xts(int rounds, const void *data_schedule /*__aligned(16)*/,
     const void *tweak_schedule /*__aligned(16)*/, size_t len,
-    const uint8_t *from, uint8_t *to, const uint8_t iv[static AES_BLOCK_LEN]);
+    const uint8_t *from, uint8_t *to,
+    const uint8_t iv[__min_size(AES_BLOCK_LEN)]);
 
 /* GCM & GHASH functions */
 void AES_GCM_encrypt(const unsigned char *in, unsigned char *out,
diff --git a/sys/crypto/sha1.h b/sys/crypto/sha1.h
index d61709e..c1bc1a3 100644
--- a/sys/crypto/sha1.h
+++ b/sys/crypto/sha1.h
@@ -61,7 +61,7 @@ typedef struct sha1_ctxt SHA1_CTX;
 extern void sha1_init(struct sha1_ctxt *);
 extern void sha1_pad(struct sha1_ctxt *);
 extern void sha1_loop(struct sha1_ctxt *, const u_int8_t *, size_t);
-extern void sha1_result(struct sha1_ctxt *, char[static SHA1_RESULTLEN]);
+extern void sha1_result(struct sha1_ctxt *, char[__min_size(SHA1_RESULTLEN)]);
 
 /* compatibilty with other SHA1 source codes */
 #define SHA1Init(x)		sha1_init((x))
diff --git a/sys/crypto/sha2/sha256.h b/sys/crypto/sha2/sha256.h
index 17aae7d..ca67cae 100644
--- a/sys/crypto/sha2/sha256.h
+++ b/sys/crypto/sha2/sha256.h
@@ -78,7 +78,8 @@ __BEGIN_DECLS
 
 void	SHA256_Init(SHA256_CTX *);
 void	SHA256_Update(SHA256_CTX *, const void *, size_t);
-void	SHA256_Final(unsigned char [static SHA256_DIGEST_LENGTH], SHA256_CTX *);
+void	SHA256_Final(unsigned char [__min_size(SHA256_DIGEST_LENGTH)],
+    SHA256_CTX *);
 #ifndef _KERNEL
 char   *SHA256_End(SHA256_CTX *, char *);
 char   *SHA256_Data(const void *, unsigned int, char *);
diff --git a/sys/crypto/sha2/sha384.h b/sys/crypto/sha2/sha384.h
index 63dd948..2f21ee7 100644
--- a/sys/crypto/sha2/sha384.h
+++ b/sys/crypto/sha2/sha384.h
@@ -74,7 +74,8 @@ __BEGIN_DECLS
 
 void	SHA384_Init(SHA384_CTX *);
 void	SHA384_Update(SHA384_CTX *, const void *, size_t);
-void	SHA384_Final(unsigned char [static SHA384_DIGEST_LENGTH], SHA384_CTX *);
+void	SHA384_Final(unsigned char [__min_size(SHA384_DIGEST_LENGTH)],
+    SHA384_CTX *);
 #ifndef _KERNEL
 char   *SHA384_End(SHA384_CTX *, char *);
 char   *SHA384_Data(const void *, unsigned int, char *);
diff --git a/sys/crypto/sha2/sha512.h b/sys/crypto/sha2/sha512.h
index b008aea..174f11f 100644
--- a/sys/crypto/sha2/sha512.h
+++ b/sys/crypto/sha2/sha512.h
@@ -77,7 +77,8 @@ __BEGIN_DECLS
 
 void	SHA512_Init(SHA512_CTX *);
 void	SHA512_Update(SHA512_CTX *, const void *, size_t);
-void	SHA512_Final(unsigned char [static SHA512_DIGEST_LENGTH], SHA512_CTX *);
+void	SHA512_Final(unsigned char [__min_size(SHA512_DIGEST_LENGTH)],
+    SHA512_CTX *);
 #ifndef _KERNEL
 char   *SHA512_End(SHA512_CTX *, char *);
 char   *SHA512_Data(const void *, unsigned int, char *);
diff --git a/sys/crypto/sha2/sha512t.h b/sys/crypto/sha2/sha512t.h
index 3f0c921..d5da5f0 100644
--- a/sys/crypto/sha2/sha512t.h
+++ b/sys/crypto/sha2/sha512t.h
@@ -103,7 +103,8 @@ __BEGIN_DECLS
 
 void	SHA512_224_Init(SHA512_CTX *);
 void	SHA512_224_Update(SHA512_CTX *, const void *, size_t);
-void	SHA512_224_Final(unsigned char [static SHA512_224_DIGEST_LENGTH], SHA512_CTX *);
+void	SHA512_224_Final(unsigned char [__min_size(SHA512_224_DIGEST_LENGTH)],
+    SHA512_CTX *);
 #ifndef _KERNEL
 char   *SHA512_224_End(SHA512_CTX *, char *);
 char   *SHA512_224_Data(const void *, unsigned int, char *);
@@ -112,7 +113,8 @@ char   *SHA512_224_FileChunk(const char *, char *, off_t, off_t);
 #endif
 void	SHA512_256_Init(SHA512_CTX *);
 void	SHA512_256_Update(SHA512_CTX *, const void *, size_t);
-void	SHA512_256_Final(unsigned char [static SHA512_256_DIGEST_LENGTH], SHA512_CTX *);
+void	SHA512_256_Final(unsigned char [__min_size(SHA512_256_DIGEST_LENGTH)],
+    SHA512_CTX *);
 #ifndef _KERNEL
 char   *SHA512_256_End(SHA512_CTX *, char *);
 char   *SHA512_256_Data(const void *, unsigned int, char *);
diff --git a/sys/crypto/siphash/siphash.h b/sys/crypto/siphash/siphash.h
index 8bbda4f..235818b 100644
--- a/sys/crypto/siphash/siphash.h
+++ b/sys/crypto/siphash/siphash.h
@@ -68,15 +68,16 @@ typedef struct _SIPHASH_CTX {
 #define SipHash24_Init(x)	SipHash_InitX((x), 2, 4)
 #define SipHash48_Init(x)	SipHash_InitX((x), 4, 8)
 void SipHash_InitX(SIPHASH_CTX *, int, int);
-void SipHash_SetKey(SIPHASH_CTX *, const uint8_t[static SIPHASH_KEY_LENGTH]);
+void SipHash_SetKey(SIPHASH_CTX *,
+    const uint8_t[__min_size(SIPHASH_KEY_LENGTH)]);
 void SipHash_Update(SIPHASH_CTX *, const void *, size_t);
-void SipHash_Final(uint8_t[static SIPHASH_DIGEST_LENGTH], SIPHASH_CTX *);
+void SipHash_Final(uint8_t[__min_size(SIPHASH_DIGEST_LENGTH)], SIPHASH_CTX *);
 uint64_t SipHash_End(SIPHASH_CTX *);
 
 #define SipHash24(x, y, z, i)	SipHashX((x), 2, 4, (y), (z), (i));
 #define SipHash48(x, y, z, i)	SipHashX((x), 4, 8, (y), (z), (i));
-uint64_t SipHashX(SIPHASH_CTX *, int, int, const uint8_t[static SIPHASH_KEY_LENGTH], const void *,
-    size_t);
+uint64_t SipHashX(SIPHASH_CTX *, int, int,
+    const uint8_t[__min_size(SIPHASH_KEY_LENGTH)], const void *, size_t);
 
 int SipHash24_TestVectors(void);
 
diff --git a/sys/crypto/skein/skein_freebsd.h b/sys/crypto/skein/skein_freebsd.h
index 935fa09..1fd6565 100644
--- a/sys/crypto/skein/skein_freebsd.h
+++ b/sys/crypto/skein/skein_freebsd.h
@@ -57,9 +57,12 @@ void SKEIN256_Update(SKEIN256_CTX *ctx, const void *in, size_t len);
 void SKEIN512_Update(SKEIN512_CTX *ctx, const void *in, size_t len);
 void SKEIN1024_Update(SKEIN1024_CTX *ctx, const void *in, size_t len);
 
-void SKEIN256_Final(unsigned char digest[static SKEIN256_DIGEST_LENGTH], SKEIN256_CTX *ctx);
-void SKEIN512_Final(unsigned char digest[static SKEIN512_DIGEST_LENGTH], SKEIN512_CTX *ctx);
-void SKEIN1024_Final(unsigned char digest[static SKEIN1024_DIGEST_LENGTH], SKEIN1024_CTX *ctx);
+void SKEIN256_Final(unsigned char digest[__min_size(SKEIN256_DIGEST_LENGTH)],
+    SKEIN256_CTX *ctx);
+void SKEIN512_Final(unsigned char digest[__min_size(SKEIN512_DIGEST_LENGTH)],
+    SKEIN512_CTX *ctx);
+void SKEIN1024_Final(unsigned char digest[__min_size(SKEIN1024_DIGEST_LENGTH)],
+    SKEIN1024_CTX *ctx);
 
 #ifndef _KERNEL
 char   *SKEIN256_End(SKEIN256_CTX *, char *);
diff --git a/sys/sys/cdefs.h b/sys/sys/cdefs.h
index 89516cf..dd18784 100644
--- a/sys/sys/cdefs.h
+++ b/sys/sys/cdefs.h
@@ -341,6 +341,20 @@
 	    __builtin_types_compatible_p(__typeof(expr), t), yes, no)
 #endif
 
+/*
+ * C99 Static array indices in function parameter declarations.  Syntax such as:
+ * void bar(int myArray[static 10]);
+ * is allowed in C99 but not in C++.  Define __min_size appropriately so
+ * headers using it can be compiled in either language.  Use like this:
+ * void bar(int myArray[__min_size(10)]);
+ */
+#if !defined(__cplusplus) && \
+    (!defined(__STDC_VERSION) || (__STDC_VERSION__ >= 199901))
+#define __min_size(x)	static (x)
+#else
+#define __min_size(x)	(x)
+#endif
+
 #if __GNUC_PREREQ__(2, 96)
 #define	__malloc_like	__attribute__((__malloc__))
 #define	__pure		__attribute__((__pure__))
diff --git a/sys/sys/md4.h b/sys/sys/md4.h
index 55160ed..bae52a3 100644
--- a/sys/sys/md4.h
+++ b/sys/sys/md4.h
@@ -39,7 +39,7 @@ __BEGIN_DECLS
 void   MD4Init(MD4_CTX *);
 void   MD4Update(MD4_CTX *, const unsigned char *, unsigned int);
 void   MD4Pad(MD4_CTX *);
-void   MD4Final(unsigned char [static 16], MD4_CTX *);
+void   MD4Final(unsigned char [__min_size(16)], MD4_CTX *);
 #ifndef _KERNEL
 char * MD4End(MD4_CTX *, char *);
 char * MD4File(const char *, char *);
diff --git a/sys/sys/md5.h b/sys/sys/md5.h
index 8a47795..98449e9 100644
--- a/sys/sys/md5.h
+++ b/sys/sys/md5.h
@@ -44,7 +44,7 @@ typedef struct MD5Context {
 __BEGIN_DECLS
 void   MD5Init (MD5_CTX *);
 void   MD5Update (MD5_CTX *, const void *, unsigned int);
-void   MD5Final (unsigned char[static MD5_DIGEST_LENGTH], MD5_CTX *);
+void   MD5Final (unsigned char[__min_size(MD5_DIGEST_LENGTH)], MD5_CTX *);
 #ifndef _KERNEL
 char * MD5End(MD5_CTX *, char *);
 char * MD5File(const char *, char *);