2014-12-19 15:30:07 -07:00
|
|
|
/* misc.c
|
|
|
|
|
*
|
2019-03-15 10:37:36 -07:00
|
|
|
* Copyright (C) 2006-2019 wolfSSL Inc.
|
2014-12-19 15:30:07 -07:00
|
|
|
*
|
2016-03-17 16:02:13 -06:00
|
|
|
* This file is part of wolfSSL.
|
2014-12-19 15:30:07 -07:00
|
|
|
*
|
2014-12-29 12:59:14 -07:00
|
|
|
* wolfSSL is free software; you can redistribute it and/or modify
|
2014-12-19 15:30:07 -07:00
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
*
|
2014-12-29 12:59:14 -07:00
|
|
|
* wolfSSL is distributed in the hope that it will be useful,
|
2014-12-19 15:30:07 -07:00
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program; if not, write to the Free Software
|
2016-03-17 16:02:13 -06:00
|
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
2014-12-19 15:30:07 -07:00
|
|
|
*/
|
|
|
|
|
|
2016-03-17 16:02:13 -06:00
|
|
|
|
2014-12-19 15:30:07 -07:00
|
|
|
#ifdef HAVE_CONFIG_H
|
|
|
|
|
#include <config.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
2014-12-29 12:59:14 -07:00
|
|
|
#include <wolfssl/wolfcrypt/settings.h>
|
2014-12-19 15:30:07 -07:00
|
|
|
|
2015-05-13 15:10:05 -07:00
|
|
|
#ifndef WOLF_CRYPT_MISC_C
|
|
|
|
|
#define WOLF_CRYPT_MISC_C
|
|
|
|
|
|
2014-12-29 12:59:14 -07:00
|
|
|
#include <wolfssl/wolfcrypt/misc.h>
|
2014-12-19 15:30:07 -07:00
|
|
|
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
/* inlining these functions is a huge speed increase and a small size decrease,
|
2014-12-19 15:30:07 -07:00
|
|
|
because the functions are smaller than function call setup/cleanup, e.g.,
|
|
|
|
|
md5 benchmark is twice as fast with inline. If you don't want it, then
|
2015-01-05 09:48:43 -07:00
|
|
|
define NO_INLINE and compile this file into wolfssl, otherwise it's used as
|
2014-12-19 15:30:07 -07:00
|
|
|
a source header
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#ifdef NO_INLINE
|
2019-04-12 13:54:33 -07:00
|
|
|
#define WC_STATIC
|
2014-12-19 15:30:07 -07:00
|
|
|
#else
|
2019-04-12 13:54:33 -07:00
|
|
|
#define WC_STATIC static
|
2014-12-19 15:30:07 -07:00
|
|
|
#endif
|
|
|
|
|
|
2016-03-29 13:42:40 -06:00
|
|
|
/* Check for if compiling misc.c when not needed. */
|
|
|
|
|
#if !defined(WOLFSSL_MISC_INCLUDED) && !defined(NO_INLINE)
|
2018-01-17 13:27:59 -08:00
|
|
|
#ifndef WOLFSSL_IGNORE_FILE_WARN
|
|
|
|
|
#warning misc.c does not need to be compiled when using inline (NO_INLINE not defined)
|
|
|
|
|
#endif
|
2016-08-08 13:13:59 -07:00
|
|
|
|
|
|
|
|
#else
|
2014-12-19 15:30:07 -07:00
|
|
|
|
2016-12-28 11:18:41 -08:00
|
|
|
|
|
|
|
|
#if defined(__ICCARM__)
|
|
|
|
|
#include <intrinsics.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
|
2014-12-19 15:30:07 -07:00
|
|
|
#ifdef INTEL_INTRINSICS
|
|
|
|
|
|
|
|
|
|
#include <stdlib.h> /* get intrinsic definitions */
|
|
|
|
|
|
|
|
|
|
/* for non visual studio probably need no long version, 32 bit only
|
|
|
|
|
* i.e., _rotl and _rotr */
|
|
|
|
|
#pragma intrinsic(_lrotl, _lrotr)
|
|
|
|
|
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE word32 rotlFixed(word32 x, word32 y)
|
2014-12-19 15:30:07 -07:00
|
|
|
{
|
|
|
|
|
return y ? _lrotl(x, y) : x;
|
|
|
|
|
}
|
|
|
|
|
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE word32 rotrFixed(word32 x, word32 y)
|
2014-12-19 15:30:07 -07:00
|
|
|
{
|
|
|
|
|
return y ? _lrotr(x, y) : x;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#else /* generic */
|
|
|
|
|
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE word32 rotlFixed(word32 x, word32 y)
|
2014-12-19 15:30:07 -07:00
|
|
|
{
|
|
|
|
|
return (x << y) | (x >> (sizeof(y) * 8 - y));
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
}
|
2014-12-19 15:30:07 -07:00
|
|
|
|
|
|
|
|
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE word32 rotrFixed(word32 x, word32 y)
|
2014-12-19 15:30:07 -07:00
|
|
|
{
|
|
|
|
|
return (x >> y) | (x << (sizeof(y) * 8 - y));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE word32 ByteReverseWord32(word32 value)
|
2014-12-19 15:30:07 -07:00
|
|
|
{
|
|
|
|
|
#ifdef PPC_INTRINSICS
|
|
|
|
|
/* PPC: load reverse indexed instruction */
|
|
|
|
|
return (word32)__lwbrx(&value,0);
|
2016-12-13 10:24:55 -08:00
|
|
|
#elif defined(__ICCARM__)
|
|
|
|
|
return (word32)__REV(value);
|
2014-12-19 15:30:07 -07:00
|
|
|
#elif defined(KEIL_INTRINSICS)
|
|
|
|
|
return (word32)__rev(value);
|
2018-02-07 11:13:13 -08:00
|
|
|
#elif defined(WOLF_ALLOW_BUILTIN) && \
|
|
|
|
|
defined(__GNUC_PREREQ) && __GNUC_PREREQ(4, 3)
|
|
|
|
|
return (word32)__builtin_bswap32(value);
|
2014-12-19 15:30:07 -07:00
|
|
|
#elif defined(FAST_ROTATE)
|
|
|
|
|
/* 5 instructions with rotate instruction, 9 without */
|
|
|
|
|
return (rotrFixed(value, 8U) & 0xff00ff00) |
|
|
|
|
|
(rotlFixed(value, 8U) & 0x00ff00ff);
|
|
|
|
|
#else
|
|
|
|
|
/* 6 instructions with rotate instruction, 8 without */
|
|
|
|
|
value = ((value & 0xFF00FF00) >> 8) | ((value & 0x00FF00FF) << 8);
|
|
|
|
|
return rotlFixed(value, 16U);
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE void ByteReverseWords(word32* out, const word32* in,
|
2014-12-19 15:30:07 -07:00
|
|
|
word32 byteCount)
|
|
|
|
|
{
|
|
|
|
|
word32 count = byteCount/(word32)sizeof(word32), i;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < count; i++)
|
|
|
|
|
out[i] = ByteReverseWord32(in[i]);
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2018-12-06 17:27:10 +10:00
|
|
|
#if defined(WORD64_AVAILABLE) && !defined(WOLFSSL_NO_WORD64_OPS)
|
2014-12-19 15:30:07 -07:00
|
|
|
|
|
|
|
|
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE word64 rotlFixed64(word64 x, word64 y)
|
2014-12-19 15:30:07 -07:00
|
|
|
{
|
|
|
|
|
return (x << y) | (x >> (sizeof(y) * 8 - y));
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
}
|
2014-12-19 15:30:07 -07:00
|
|
|
|
|
|
|
|
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE word64 rotrFixed64(word64 x, word64 y)
|
2014-12-19 15:30:07 -07:00
|
|
|
{
|
|
|
|
|
return (x >> y) | (x << (sizeof(y) * 8 - y));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE word64 ByteReverseWord64(word64 value)
|
2014-12-19 15:30:07 -07:00
|
|
|
{
|
2018-02-07 11:13:13 -08:00
|
|
|
#if defined(WOLF_ALLOW_BUILTIN) && defined(__GNUC_PREREQ) && __GNUC_PREREQ(4, 3)
|
|
|
|
|
return (word64)__builtin_bswap64(value);
|
|
|
|
|
#elif defined(WOLFCRYPT_SLOW_WORD64)
|
2017-11-06 14:37:34 -08:00
|
|
|
return (word64)((word64)ByteReverseWord32((word32) value)) << 32 |
|
|
|
|
|
(word64)ByteReverseWord32((word32)(value >> 32));
|
2014-12-19 15:30:07 -07:00
|
|
|
#else
|
|
|
|
|
value = ((value & W64LIT(0xFF00FF00FF00FF00)) >> 8) |
|
|
|
|
|
((value & W64LIT(0x00FF00FF00FF00FF)) << 8);
|
|
|
|
|
value = ((value & W64LIT(0xFFFF0000FFFF0000)) >> 16) |
|
|
|
|
|
((value & W64LIT(0x0000FFFF0000FFFF)) << 16);
|
|
|
|
|
return rotlFixed64(value, 32U);
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE void ByteReverseWords64(word64* out, const word64* in,
|
2014-12-19 15:30:07 -07:00
|
|
|
word32 byteCount)
|
|
|
|
|
{
|
|
|
|
|
word32 count = byteCount/(word32)sizeof(word64), i;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < count; i++)
|
|
|
|
|
out[i] = ByteReverseWord64(in[i]);
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-06 17:27:10 +10:00
|
|
|
#endif /* WORD64_AVAILABLE && !WOLFSSL_NO_WORD64_OPS */
|
2014-12-19 15:30:07 -07:00
|
|
|
|
2018-12-06 17:27:10 +10:00
|
|
|
#ifndef WOLFSSL_NO_XOR_OPS
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE void XorWords(wolfssl_word* r, const wolfssl_word* a, word32 n)
|
2014-12-19 15:30:07 -07:00
|
|
|
{
|
|
|
|
|
word32 i;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < n; i++) r[i] ^= a[i];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE void xorbuf(void* buf, const void* mask, word32 count)
|
2014-12-19 15:30:07 -07:00
|
|
|
{
|
2015-01-05 09:48:43 -07:00
|
|
|
if (((wolfssl_word)buf | (wolfssl_word)mask | count) % WOLFSSL_WORD_SIZE == 0)
|
|
|
|
|
XorWords( (wolfssl_word*)buf,
|
|
|
|
|
(const wolfssl_word*)mask, count / WOLFSSL_WORD_SIZE);
|
2014-12-19 15:30:07 -07:00
|
|
|
else {
|
|
|
|
|
word32 i;
|
|
|
|
|
byte* b = (byte*)buf;
|
|
|
|
|
const byte* m = (const byte*)mask;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < count; i++) b[i] ^= m[i];
|
|
|
|
|
}
|
|
|
|
|
}
|
2018-12-06 17:27:10 +10:00
|
|
|
#endif
|
2014-12-19 15:30:07 -07:00
|
|
|
|
2018-12-06 17:27:10 +10:00
|
|
|
#ifndef WOLFSSL_NO_FORCE_ZERO
|
2015-02-20 15:51:21 -08:00
|
|
|
/* Make sure compiler doesn't skip */
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE void ForceZero(const void* mem, word32 len)
|
2015-02-20 15:51:21 -08:00
|
|
|
{
|
|
|
|
|
volatile byte* z = (volatile byte*)mem;
|
2018-05-16 13:27:13 -07:00
|
|
|
|
2017-11-06 14:37:34 -08:00
|
|
|
#if defined(WOLFSSL_X86_64_BUILD) && defined(WORD64_AVAILABLE)
|
2016-11-10 15:06:59 +10:00
|
|
|
volatile word64* w;
|
2018-05-15 10:45:11 +10:00
|
|
|
#ifndef WOLFSSL_UNALIGNED_64BIT_ACCESS
|
2018-05-21 21:26:25 +10:00
|
|
|
word32 l = (sizeof(word64) - ((size_t)z & (sizeof(word64)-1))) &
|
|
|
|
|
(sizeof(word64)-1);
|
2015-02-20 15:51:21 -08:00
|
|
|
|
2018-05-15 10:45:11 +10:00
|
|
|
if (len < l) l = len;
|
|
|
|
|
len -= l;
|
|
|
|
|
while (l--) *z++ = 0;
|
|
|
|
|
#endif
|
2016-11-10 15:06:59 +10:00
|
|
|
for (w = (volatile word64*)z; len >= sizeof(*w); len -= sizeof(*w))
|
|
|
|
|
*w++ = 0;
|
|
|
|
|
z = (volatile byte*)w;
|
|
|
|
|
#endif
|
2018-05-16 13:27:13 -07:00
|
|
|
|
2015-02-20 15:51:21 -08:00
|
|
|
while (len--) *z++ = 0;
|
|
|
|
|
}
|
2018-12-06 17:27:10 +10:00
|
|
|
#endif
|
2015-02-20 15:51:21 -08:00
|
|
|
|
2015-02-26 17:31:47 -08:00
|
|
|
|
2018-12-06 17:27:10 +10:00
|
|
|
#ifndef WOLFSSL_NO_CONST_CMP
|
2015-02-26 17:31:47 -08:00
|
|
|
/* check all length bytes for equality, return 0 on success */
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE int ConstantCompare(const byte* a, const byte* b, int length)
|
2015-02-26 17:31:47 -08:00
|
|
|
{
|
|
|
|
|
int i;
|
|
|
|
|
int compareSum = 0;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < length; i++) {
|
|
|
|
|
compareSum |= a[i] ^ b[i];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return compareSum;
|
|
|
|
|
}
|
2018-12-06 17:27:10 +10:00
|
|
|
#endif
|
2015-02-26 17:31:47 -08:00
|
|
|
|
2017-03-28 19:10:19 -07:00
|
|
|
|
2016-12-21 14:05:00 -08:00
|
|
|
#ifndef WOLFSSL_HAVE_MIN
|
|
|
|
|
#define WOLFSSL_HAVE_MIN
|
2017-03-28 19:10:19 -07:00
|
|
|
#if defined(HAVE_FIPS) && !defined(min) /* so ifdef check passes */
|
2016-12-22 18:11:25 -08:00
|
|
|
#define min min
|
|
|
|
|
#endif
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE word32 min(word32 a, word32 b)
|
2016-12-21 14:05:00 -08:00
|
|
|
{
|
|
|
|
|
return a > b ? b : a;
|
|
|
|
|
}
|
2017-03-28 19:10:19 -07:00
|
|
|
#endif /* !WOLFSSL_HAVE_MIN */
|
|
|
|
|
|
|
|
|
|
#ifndef WOLFSSL_HAVE_MAX
|
|
|
|
|
#define WOLFSSL_HAVE_MAX
|
|
|
|
|
#if defined(HAVE_FIPS) && !defined(max) /* so ifdef check passes */
|
|
|
|
|
#define max max
|
|
|
|
|
#endif
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE word32 max(word32 a, word32 b)
|
2017-03-28 19:10:19 -07:00
|
|
|
{
|
|
|
|
|
return a > b ? a : b;
|
|
|
|
|
}
|
|
|
|
|
#endif /* !WOLFSSL_HAVE_MAX */
|
2016-12-21 14:05:00 -08:00
|
|
|
|
2018-12-06 17:27:10 +10:00
|
|
|
#ifndef WOLFSSL_NO_INT_ENCODE
|
2017-10-13 11:56:58 -07:00
|
|
|
/* converts a 32 bit integer to 24 bit */
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE void c32to24(word32 in, word24 out)
|
2017-10-13 11:56:58 -07:00
|
|
|
{
|
|
|
|
|
out[0] = (in >> 16) & 0xff;
|
|
|
|
|
out[1] = (in >> 8) & 0xff;
|
|
|
|
|
out[2] = in & 0xff;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* convert 16 bit integer to opaque */
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE void c16toa(word16 wc_u16, byte* c)
|
2017-10-13 11:56:58 -07:00
|
|
|
{
|
2018-02-26 11:48:33 -07:00
|
|
|
c[0] = (wc_u16 >> 8) & 0xff;
|
|
|
|
|
c[1] = wc_u16 & 0xff;
|
2017-10-13 11:56:58 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* convert 32 bit integer to opaque */
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE void c32toa(word32 wc_u32, byte* c)
|
2017-10-13 11:56:58 -07:00
|
|
|
{
|
2018-02-26 11:48:33 -07:00
|
|
|
c[0] = (wc_u32 >> 24) & 0xff;
|
|
|
|
|
c[1] = (wc_u32 >> 16) & 0xff;
|
|
|
|
|
c[2] = (wc_u32 >> 8) & 0xff;
|
|
|
|
|
c[3] = wc_u32 & 0xff;
|
2017-10-13 11:56:58 -07:00
|
|
|
}
|
2018-12-06 17:27:10 +10:00
|
|
|
#endif
|
2017-10-13 11:56:58 -07:00
|
|
|
|
2018-12-06 17:27:10 +10:00
|
|
|
#ifndef WOLFSSL_NO_INT_DECODE
|
2017-10-13 11:56:58 -07:00
|
|
|
/* convert a 24 bit integer into a 32 bit one */
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE void c24to32(const word24 wc_u24, word32* wc_u32)
|
2017-10-13 11:56:58 -07:00
|
|
|
{
|
2019-03-01 15:54:08 -08:00
|
|
|
*wc_u32 = ((word32)wc_u24[0] << 16) | (wc_u24[1] << 8) | wc_u24[2];
|
2017-10-13 11:56:58 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* convert opaque to 24 bit integer */
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE void ato24(const byte* c, word32* wc_u24)
|
2017-10-13 11:56:58 -07:00
|
|
|
{
|
2019-03-01 15:54:08 -08:00
|
|
|
*wc_u24 = ((word32)c[0] << 16) | (c[1] << 8) | c[2];
|
2017-10-13 11:56:58 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* convert opaque to 16 bit integer */
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE void ato16(const byte* c, word16* wc_u16)
|
2017-10-13 11:56:58 -07:00
|
|
|
{
|
2018-02-26 11:48:33 -07:00
|
|
|
*wc_u16 = (word16) ((c[0] << 8) | (c[1]));
|
2017-10-13 11:56:58 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* convert opaque to 32 bit integer */
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE void ato32(const byte* c, word32* wc_u32)
|
2017-10-13 11:56:58 -07:00
|
|
|
{
|
2019-03-01 15:54:08 -08:00
|
|
|
*wc_u32 = ((word32)c[0] << 24) | ((word32)c[1] << 16) | (c[2] << 8) | c[3];
|
2017-10-13 11:56:58 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE word32 btoi(byte b)
|
2017-10-13 11:56:58 -07:00
|
|
|
{
|
|
|
|
|
return (word32)(b - 0x30);
|
|
|
|
|
}
|
2018-12-06 17:27:10 +10:00
|
|
|
#endif
|
2017-10-13 11:56:58 -07:00
|
|
|
|
|
|
|
|
|
2018-12-06 17:27:10 +10:00
|
|
|
#ifndef WOLFSSL_NO_CT_OPS
|
2018-05-11 16:11:01 +10:00
|
|
|
/* Constant time - mask set when a > b. */
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE byte ctMaskGT(int a, int b)
|
2018-05-11 16:11:01 +10:00
|
|
|
{
|
|
|
|
|
return (((word32)a - b - 1) >> 31) - 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Constant time - mask set when a >= b. */
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE byte ctMaskGTE(int a, int b)
|
2018-05-11 16:11:01 +10:00
|
|
|
{
|
|
|
|
|
return (((word32)a - b ) >> 31) - 1;
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-11 10:57:23 +10:00
|
|
|
/* Constant time - mask set when a >= b. */
|
|
|
|
|
WC_STATIC WC_INLINE int ctMaskIntGTE(int a, int b)
|
|
|
|
|
{
|
|
|
|
|
return (((word32)a - b ) >> 31) - 1;
|
|
|
|
|
}
|
|
|
|
|
|
2018-05-11 16:11:01 +10:00
|
|
|
/* Constant time - mask set when a < b. */
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE byte ctMaskLT(int a, int b)
|
2018-05-11 16:11:01 +10:00
|
|
|
{
|
|
|
|
|
return (((word32)b - a - 1) >> 31) - 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Constant time - mask set when a <= b. */
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE byte ctMaskLTE(int a, int b)
|
2018-05-11 16:11:01 +10:00
|
|
|
{
|
|
|
|
|
return (((word32)b - a ) >> 31) - 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Constant time - mask set when a == b. */
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE byte ctMaskEq(int a, int b)
|
2018-05-11 16:11:01 +10:00
|
|
|
{
|
2019-09-11 10:57:23 +10:00
|
|
|
return (~ctMaskGT(a, b)) & (~ctMaskLT(a, b));
|
2018-05-11 16:11:01 +10:00
|
|
|
}
|
|
|
|
|
|
2019-06-24 07:53:23 +09:00
|
|
|
WC_STATIC WC_INLINE word16 ctMask16Eq(int a, int b)
|
|
|
|
|
{
|
2019-09-11 10:57:23 +10:00
|
|
|
return (~ctMaskGT(a, b)) & (~ctMaskLT(a, b));
|
2019-06-24 07:53:23 +09:00
|
|
|
}
|
|
|
|
|
|
2018-08-27 10:16:40 +10:00
|
|
|
/* Constant time - mask set when a != b. */
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE byte ctMaskNotEq(int a, int b)
|
2018-08-27 10:16:40 +10:00
|
|
|
{
|
2019-09-11 10:57:23 +10:00
|
|
|
return ctMaskGT(a, b) | ctMaskLT(a, b);
|
2018-08-27 10:16:40 +10:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Constant time - select a when mask is set and b otherwise. */
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE byte ctMaskSel(byte m, byte a, byte b)
|
2018-05-11 16:11:01 +10:00
|
|
|
{
|
2018-08-27 10:16:40 +10:00
|
|
|
return (b & ((byte)~(word32)m)) | (a & m);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Constant time - select integer a when mask is set and integer b otherwise. */
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE int ctMaskSelInt(byte m, int a, int b)
|
2018-08-27 10:16:40 +10:00
|
|
|
{
|
2018-12-07 15:01:18 +10:00
|
|
|
return (b & (~(signed int)(signed char)m)) |
|
|
|
|
|
(a & ( (signed int)(signed char)m));
|
2018-05-11 16:11:01 +10:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Constant time - bit set when a <= b. */
|
2019-04-12 13:54:33 -07:00
|
|
|
WC_STATIC WC_INLINE byte ctSetLTE(int a, int b)
|
2018-05-11 16:11:01 +10:00
|
|
|
{
|
|
|
|
|
return ((word32)a - b - 1) >> 31;
|
|
|
|
|
}
|
2018-12-06 17:27:10 +10:00
|
|
|
#endif
|
2018-05-11 16:11:01 +10:00
|
|
|
|
2016-12-21 14:05:00 -08:00
|
|
|
|
2019-04-12 13:54:33 -07:00
|
|
|
#undef WC_STATIC
|
2015-05-13 15:10:05 -07:00
|
|
|
|
2016-08-08 13:13:59 -07:00
|
|
|
#endif /* !WOLFSSL_MISC_INCLUDED && !NO_INLINE */
|
|
|
|
|
|
2015-05-13 15:10:05 -07:00
|
|
|
#endif /* WOLF_CRYPT_MISC_C */
|
