mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-02-07 06:53:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add SNI support to redbean and improve SSL perf

Browse source 
This change makes SSL virtual hosting possible. You can now load
multiple certificates for multiple domains and redbean will just
figure out which one to use, even if you only have 1 ip address.
You can also use a jumbo certificate that lists all your domains
in the the subject alternative names.

This change also makes performance improvements to MbedTLS. Here
are some benchmarks vs. cc1920749e

                                   BEFORE    AFTER   (microsecs)
suite_ssl.com                     2512881   191738 13.11x faster
suite_pkparse.com                   36291     3295 11.01x faster
suite_x509parse.com                854669   120293  7.10x faster
suite_pkwrite.com                    6549     1265  5.18x faster
suite_ecdsa.com                     53347    18778  2.84x faster
suite_pk.com                        49051    18717  2.62x faster
suite_ecdh.com                      19535     9502  2.06x faster
suite_shax.com                      15848     7965  1.99x faster
suite_rsa.com                      353257   184828  1.91x faster
suite_x509write.com                162646    85733  1.90x faster
suite_ecp.com                       20503    11050  1.86x faster
suite_hmac_drbg.no_reseed.com       19528    11417  1.71x faster
suite_hmac_drbg.nopr.com            12460     8010  1.56x faster
suite_mpi.com                      687124   442661  1.55x faster
suite_hmac_drbg.pr.com              11890     7752  1.53x faster

There aren't any special tricks to the performance imporvements.
It's mostly due to code cleanup, assembly and intel instructions
like mulx, adox, and adcx.
This commit is contained in:
Justine Tunney 2021-07-19 14:55:20 -07:00
parent f3e28aa192
commit 398f0c16fb
190 changed files with 14367 additions and 8928 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
Makefile
View file

@ -176,6 +176,7 @@ include test/libc/stdio/test.mk
include test/libc/release/test.mk
include test/libc/test.mk
include test/net/http/test.mk
include test/net/https/test.mk
include test/net/test.mk
include test/tool/build/lib/test.mk
include test/tool/build/test.mk
@ -214,15 +215,19 @@ o/$(MODE)/srcs.txt: o/$(MODE)/.x $(MAKEFILES) $(call uniq,$(foreach x,$(SRCS),$(
$(file >$@) $(foreach x,$(SRCS),$(file >>$@,$(x)))
o/$(MODE)/hdrs.txt: o/$(MODE)/.x $(MAKEFILES) $(call uniq,$(foreach x,$(HDRS) $(INCS),$(dir $(x))))
$(file >$@) $(foreach x,$(HDRS) $(INCS),$(file >>$@,$(x)))
o/$(MODE)/incs.txt: o/$(MODE)/.x $(MAKEFILES) $(call uniq,$(foreach x,$(INCS) $(INCS),$(dir $(x))))
$(file >$@) $(foreach x,$(INCS) $(INCS),$(file >>$@,$(x)))
else
o/$(MODE)/srcs.txt: o/$(MODE)/.x $(MAKEFILES) $(call uniq,$(foreach x,$(SRCS),$(dir $(x))))
$(MAKE) MODE=rel -j8 -pn bopit 2>/dev/null | sed -ne '/^SRCS/ {s/.*:= //;s/ */\n/g;p;q}' >$@
o/$(MODE)/hdrs.txt: o/$(MODE)/.x $(MAKEFILES) $(call uniq,$(foreach x,$(HDRS) $(INCS),$(dir $(x))))
$(MAKE) MODE=rel -j8 -pn bopit 2>/dev/null | sed -ne '/^HDRS/ {s/.*:= //;s/ */\n/g;p;q}' >$@
o/$(MODE)/incs.txt: o/$(MODE)/.x $(MAKEFILES) $(call uniq,$(foreach x,$(INCS) $(INCS),$(dir $(x))))
$(MAKE) MODE=rel -j8 -pn bopit 2>/dev/null | sed -ne '/^INCS/ {s/.*:= //;s/ */\n/g;p;q}' >$@
endif
o/$(MODE)/depend: o/$(MODE)/.x o/$(MODE)/srcs.txt o/$(MODE)/hdrs.txt $(SRCS) $(HDRS) $(INCS)
@$(COMPILE) -AMKDEPS $(MKDEPS) -o $@ -r o/$(MODE)/ o/$(MODE)/srcs.txt o/$(MODE)/hdrs.txt
o/$(MODE)/depend: o/$(MODE)/.x o/$(MODE)/srcs.txt o/$(MODE)/hdrs.txt o/$(MODE)/incs.txt $(SRCS) $(HDRS) $(INCS)
@$(COMPILE) -AMKDEPS $(MKDEPS) -o $@ -r o/$(MODE)/ o/$(MODE)/srcs.txt o/$(MODE)/hdrs.txt o/$(MODE)/incs.txt
TAGS: o/$(MODE)/srcs.txt $(SRCS)
@rm -f $@

1
build/definitions.mk
View file

@ -181,7 +181,6 @@ DEFAULT_LDLIBS =
MCA = llvm-mca-10 \
-mtriple=x86_64-pc-linux-gnu \
-iterations=3 \
-instruction-info \
-iterations=3 \
-all-stats \

403
examples/certapp.c Normal file
View file

@ -0,0 +1,403 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "libc/fmt/conv.h"
#include "libc/stdio/stdio.h"
#include "libc/sysv/consts/exit.h"
#include "third_party/mbedtls/ctr_drbg.h"
#include "third_party/mbedtls/debug.h"
#include "third_party/mbedtls/entropy.h"
#include "third_party/mbedtls/net_sockets.h"
#include "third_party/mbedtls/ssl.h"
#include "third_party/mbedtls/x509_crt.h"
STATIC_YOINK("ssl_root_support");
#define MODE_NONE 0
#define MODE_FILE 1
#define MODE_SSL 2
#define DFL_MODE MODE_NONE
#define DFL_FILENAME "cert.crt"
#define DFL_CA_FILE ""
#define DFL_CRL_FILE ""
#define DFL_CA_PATH "zip:usr/share/ssl/root"
#define DFL_SERVER_NAME "localhost"
#define DFL_SERVER_PORT "4433"
#define DFL_DEBUG_LEVEL 0
#define DFL_PERMISSIVE 0
#define USAGE_IO \
" ca_file=%%s file containing top-level CAs\n" \
" ca_path=%%s dir containing top-level CAs\n" \
" crl_file=%%s The single CRL file you want to use\n"
#define USAGE \
"\n usage: %s param=<>...\n" \
"\n acceptable parameters:\n" \
" mode=file|ssl default: none\n" \
" filename=%%s default: cert.crt\n" USAGE_IO \
" server_name=%%s default: localhost\n" \
" server_port=%%d default: 4433\n" \
" debug_level=%%d default: 0 (disabled)\n" \
" permissive=%%d default: 0 (disabled)\n" \
"\n"
/*
* global options
*/
struct options {
int mode; /* the mode to run the application in */
const char *filename; /* filename of the certificate file */
const char *ca_file; /* the file with the CA certificate(s) */
const char *crl_file; /* the file with the CRL to use */
const char *ca_path; /* the path with the CA certificate(s) reside */
const char *server_name; /* hostname of the server (client only) */
const char *server_port; /* port on which the ssl service runs */
int debug_level; /* level of debugging */
int permissive; /* permissive parsing */
} opt;
static void my_debug(void *ctx, int level, const char *file, int line,
const char *str) {
fprintf((FILE *)ctx, "%s:%04d: %s", file, line, str);
fflush((FILE *)ctx);
}
static int my_verify(void *data, mbedtls_x509_crt *crt, int depth,
uint32_t *flags) {
char buf[1024];
printf("\nVerify requested for (Depth %d):\n", depth);
mbedtls_x509_crt_info(buf, sizeof(buf) - 1, "", crt);
printf("%s", buf);
if (*flags) {
mbedtls_x509_crt_verify_info(buf, sizeof(buf), " ! ", *flags);
printf("%s\n", buf);
}
return 0;
}
mbedtls_net_context server_fd;
unsigned char buf[1024];
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
mbedtls_x509_crt cacert;
mbedtls_x509_crl cacrl;
int main(int argc, char *argv[]) {
int ret = 1;
int exit_code = EXIT_FAILURE;
int i, j;
uint32_t flags;
int verify = 0;
char *p, *q;
const char *pers = "cert_app";
/*
* Set to sane values
*/
mbedtls_net_init(&server_fd);
mbedtls_ctr_drbg_init(&ctr_drbg);
mbedtls_ssl_init(&ssl);
mbedtls_ssl_config_init(&conf);
mbedtls_x509_crt_init(&cacert);
#if defined(MBEDTLS_X509_CRL_PARSE_C)
mbedtls_x509_crl_init(&cacrl);
#else
/* Zeroize structure as CRL parsing is not supported and we have to pass
it to the verify function */
memset(&cacrl, 0, sizeof(mbedtls_x509_crl));
#endif
if (argc == 0) {
usage:
printf(USAGE, program_invocation_name);
goto exit;
}
opt.mode = DFL_MODE;
opt.filename = DFL_FILENAME;
opt.ca_file = DFL_CA_FILE;
opt.crl_file = DFL_CRL_FILE;
opt.ca_path = DFL_CA_PATH;
opt.server_name = DFL_SERVER_NAME;
opt.server_port = DFL_SERVER_PORT;
opt.debug_level = DFL_DEBUG_LEVEL;
opt.permissive = DFL_PERMISSIVE;
for (i = 1; i < argc; i++) {
p = argv[i];
if ((q = strchr(p, '=')) == NULL) goto usage;
*q++ = '\0';
for (j = 0; p + j < q; j++) {
if (argv[i][j] >= 'A' && argv[i][j] <= 'Z') argv[i][j] |= 0x20;
}
if (strcmp(p, "mode") == 0) {
if (strcmp(q, "file") == 0)
opt.mode = MODE_FILE;
else if (strcmp(q, "ssl") == 0)
opt.mode = MODE_SSL;
else
goto usage;
} else if (strcmp(p, "filename") == 0)
opt.filename = q;
else if (strcmp(p, "ca_file") == 0)
opt.ca_file = q;
else if (strcmp(p, "crl_file") == 0)
opt.crl_file = q;
else if (strcmp(p, "ca_path") == 0)
opt.ca_path = q;
else if (strcmp(p, "server_name") == 0)
opt.server_name = q;
else if (strcmp(p, "server_port") == 0)
opt.server_port = q;
else if (strcmp(p, "debug_level") == 0) {
opt.debug_level = atoi(q);
if (opt.debug_level < 0 || opt.debug_level > 65535) goto usage;
} else if (strcmp(p, "permissive") == 0) {
opt.permissive = atoi(q);
if (opt.permissive < 0 || opt.permissive > 1) goto usage;
} else
goto usage;
}
/*
* 1.1. Load the trusted CA
*/
printf(" . Loading the CA root certificate ...");
fflush(stdout);
if (strlen(opt.ca_path)) {
if ((ret = mbedtls_x509_crt_parse_path(&cacert, opt.ca_path)) < 0) {
printf(" failed\n ! mbedtls_x509_crt_parse_path returned -0x%x\n\n",
(unsigned int)-ret);
goto exit;
}
verify = 1;
} else if (strlen(opt.ca_file)) {
if ((ret = mbedtls_x509_crt_parse_file(&cacert, opt.ca_file)) < 0) {
printf(" failed\n ! mbedtls_x509_crt_parse_file returned -0x%x\n\n",
(unsigned int)-ret);
goto exit;
}
verify = 1;
}
printf(" ok (%d skipped)\n", ret);
#if defined(MBEDTLS_X509_CRL_PARSE_C)
if (strlen(opt.crl_file)) {
if ((ret = mbedtls_x509_crl_parse_file(&cacrl, opt.crl_file)) != 0) {
printf(" failed\n ! mbedtls_x509_crl_parse returned -0x%x\n\n",
(unsigned int)-ret);
goto exit;
}
verify = 1;
}
#endif
if (opt.mode == MODE_FILE) {
mbedtls_x509_crt crt;
mbedtls_x509_crt *cur = &crt;
mbedtls_x509_crt_init(&crt);
/*
* 1.1. Load the certificate(s)
*/
printf("\n . Loading the certificate(s) ...");
fflush(stdout);
ret = mbedtls_x509_crt_parse_file(&crt, opt.filename);
if (ret < 0) {
printf(" failed\n ! mbedtls_x509_crt_parse_file returned -0x%04x\n\n",
-ret);
mbedtls_x509_crt_free(&crt);
goto exit;
}
if (opt.permissive == 0 && ret > 0) {
printf(" failed\n ! mbedtls_x509_crt_parse failed to parse %d "
"certificates\n\n",
ret);
mbedtls_x509_crt_free(&crt);
goto exit;
}
printf(" ok\n");
/*
* 1.2 Print the certificate(s)
*/
while (cur != NULL) {
printf(" . Peer certificate information ...\n");
ret = mbedtls_x509_crt_info((char *)buf, sizeof(buf) - 1, " ", cur);
if (ret == -1) {
printf(" failed\n ! mbedtls_x509_crt_info returned -0x%04x\n\n",
-ret);
mbedtls_x509_crt_free(&crt);
goto exit;
}
printf("%s\n", buf);
cur = cur->next;
}
/*
* 1.3 Verify the certificate
*/
if (verify) {
printf(" . Verifying X.509 certificate...");
if ((ret = mbedtls_x509_crt_verify(&crt, &cacert, &cacrl, NULL, &flags,
my_verify, NULL)) != 0) {
char vrfy_buf[512];
printf(" failed\n");
mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), " ! ", flags);
printf("%s\n", vrfy_buf);
} else
printf(" ok\n");
}
mbedtls_x509_crt_free(&crt);
} else if (opt.mode == MODE_SSL) {
/*
* 1. Initialize the RNG and the session data
*/
printf("\n . Seeding the random number generator...");
fflush(stdout);
mbedtls_entropy_init(&entropy);
if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
(const unsigned char *)pers,
strlen(pers))) != 0) {
printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret);
goto ssl_exit;
}
printf(" ok\n");
#if defined(MBEDTLS_DEBUG_C)
mbedtls_debug_set_threshold(opt.debug_level);
#endif
/*
* 2. Start the connection
*/
printf(" . Connecting to tcp/%s/%s...\n", opt.server_name,
opt.server_port);
if ((ret = mbedtls_net_connect(&server_fd, opt.server_name, opt.server_port,
MBEDTLS_NET_PROTO_TCP)) != 0) {
printf(" ! mbedtls_net_connect returned -0x%04x\n\n", -ret);
goto ssl_exit;
}
/*
* 3. Setup stuff
*/
if ((ret = mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_CLIENT,
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
printf(" ! mbedtls_ssl_config_defaults returned -0x%04x\n\n", -ret);
goto exit;
}
if (verify) {
mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_REQUIRED);
mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL);
mbedtls_ssl_conf_verify(&conf, my_verify, NULL);
} else
mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_NONE);
mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) {
printf(" ! mbedtls_ssl_setup returned -0x%04x\n\n", -ret);
goto ssl_exit;
}
if ((ret = mbedtls_ssl_set_hostname(&ssl, opt.server_name)) != 0) {
printf(" ! mbedtls_ssl_set_hostname returned -0x%04x\n\n", -ret);
goto ssl_exit;
}
mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv,
NULL);
/*
* 4. Handshake
*/
while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) {
if (ret != MBEDTLS_ERR_SSL_WANT_READ &&
ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
printf(" ! mbedtls_ssl_handshake returned -0x%04x\n\n", -ret);
goto ssl_exit;
}
}
/*
* 5. Print the certificate
*/
#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
printf(" . Peer certificate information ... skipped\n");
#else
printf(" . Peer certificate information ...\n");
ret = mbedtls_x509_crt_info((char *)buf, sizeof(buf) - 1, " ",
mbedtls_ssl_get_peer_cert(&ssl));
if (ret == -1) {
printf(" failed\n ! mbedtls_x509_crt_info returned -0x%04x\n\n", -ret);
goto ssl_exit;
}
printf("%s\n", buf);
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
mbedtls_ssl_close_notify(&ssl);
ssl_exit:
mbedtls_ssl_free(&ssl);
mbedtls_ssl_config_free(&conf);
} else
goto usage;
exit_code = MBEDTLS_EXIT_SUCCESS;
exit:
mbedtls_net_free(&server_fd);
mbedtls_x509_crt_free(&cacert);
#if defined(MBEDTLS_X509_CRL_PARSE_C)
mbedtls_x509_crl_free(&cacrl);
#endif
mbedtls_ctr_drbg_free(&ctr_drbg);
mbedtls_entropy_free(&entropy);
mbedtls_exit(exit_code);
}

64
examples/curl.c
View file

@ -22,6 +22,7 @@
#include "libc/runtime/gc.h"
#include "libc/runtime/runtime.h"
#include "libc/sock/sock.h"
#include "libc/stdio/append.internal.h"
#include "libc/stdio/stdio.h"
#include "libc/str/str.h"
#include "libc/sysv/consts/af.h"
@ -40,12 +41,14 @@
#include "net/http/http.h"
#include "net/http/url.h"
#include "net/https/https.h"
#include "net/https/sslcache.h"
#include "third_party/getopt/getopt.h"
#include "third_party/mbedtls/ctr_drbg.h"
#include "third_party/mbedtls/debug.h"
#include "third_party/mbedtls/error.h"
#include "third_party/mbedtls/pk.h"
#include "third_party/mbedtls/ssl.h"
#include "third_party/mbedtls/ssl_ticket.h"
/**
* @fileoverview Downloads HTTP URL to stdout.
@ -60,11 +63,6 @@
#define HeaderEqualCase(H, S) \
SlicesEqualCase(S, strlen(S), HeaderData(H), HeaderLength(H))
struct Buffer {
size_t i, n;
char *p;
};
static inline bool SlicesEqualCase(const char *a, size_t n, const char *b,
size_t m) {
return n == m && !memcasecmp(a, b, n);
@ -93,9 +91,9 @@ static int Socket(int family, int type, int protocol) {
static int TlsSend(void *c, const unsigned char *p, size_t n) {
int rc;
VERBOSEF("begin send %zu", n);
NOISEF("begin send %zu", n);
CHECK_NE(-1, (rc = write(*(int *)c, p, n)));
VERBOSEF("end send %zu", n);
NOISEF("end send %zu", n);
return rc;
}
@ -114,9 +112,9 @@ static int TlsRecv(void *c, unsigned char *p, size_t n, uint32_t o) {
v[0].iov_len = n;
v[1].iov_base = t;
v[1].iov_len = sizeof(t);
VERBOSEF("begin recv %zu", n + sizeof(t) - b);
NOISEF("begin recv %zu", n + sizeof(t) - b);
CHECK_NE(-1, (r = readv(*(int *)c, v, 2)));
VERBOSEF("end recv %zu", r);
NOISEF("end recv %zu", r);
if (r > n) b = r - n;
return MIN(n, r);
}
@ -150,30 +148,6 @@ static int GetEntropy(void *c, unsigned char *p, size_t n) {
return 0;
}
static int AppendFmt(struct Buffer *b, const char *fmt, ...) {
int n;
char *p;
va_list va, vb;
va_start(va, fmt);
va_copy(vb, va);
n = vsnprintf(b->p + b->i, b->n - b->i, fmt, va);
if (b->i + n + 1 > b->n) {
do {
if (b->n) {
b->n += b->n >> 1;
} else {
b->n = 16;
}
} while (b->i + n + 1 > b->n);
b->p = realloc(b->p, b->n);
vsnprintf(b->p + b->i, b->n - b->i, fmt, vb);
}
va_end(vb);
va_end(va);
b->i += n;
return n;
}
int main(int argc, char *argv[]) {
if (!NoDebug()) showcrashreports();
xsigaction(SIGPIPE, SIG_IGN, 0, 0, 0);
@ -189,6 +163,7 @@ int main(int argc, char *argv[]) {
int method = kHttpGet;
bool authmode = MBEDTLS_SSL_VERIFY_REQUIRED;
const char *agent = "hurl/1.o (https://github.com/jart/cosmopolitan)";
__log_level = kLogWarn;
while ((opt = getopt(argc, argv, "qksvVIX:H:A:")) != -1) {
switch (opt) {
case 's':
@ -277,34 +252,36 @@ int main(int argc, char *argv[]) {
/*
* Create HTTP message.
*/
struct Buffer request = {0};
AppendFmt(&request,
char *request = 0;
appendf(&request,
"%s %s HTTP/1.1\r\n"
"Host: %s:%s\r\n"
"Connection: close\r\n"
"User-Agent: %s\r\n",
kHttpMethod[method], _gc(EncodeUrl(&url, 0)), host, port, agent);
for (int i = 0; i < headers.n; ++i) {
AppendFmt(&request, "%s\r\n", headers.p[i]);
appendf(&request, "%s\r\n", headers.p[i]);
}
AppendFmt(&request, "\r\n");
appendf(&request, "\r\n");
/*
* Setup crypto.
*/
mbedtls_ssl_config conf;
mbedtls_ssl_context ssl;
mbedtls_x509_crt *cachain = 0;
mbedtls_ctr_drbg_context drbg;
if (usessl) {
mbedtls_ssl_init(&ssl);
mbedtls_ctr_drbg_init(&drbg);
mbedtls_ssl_config_init(&conf);
cachain = GetSslRoots();
CHECK_EQ(0, mbedtls_ctr_drbg_seed(&drbg, GetEntropy, 0, "justine", 7));
CHECK_EQ(0, mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_CLIENT,
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT));
mbedtls_ssl_conf_ca_chain(&conf, GetSslRoots(), 0);
mbedtls_ssl_conf_authmode(&conf, authmode);
mbedtls_ssl_conf_ca_chain(&conf, cachain, 0);
mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &drbg);
if (!IsTiny()) mbedtls_ssl_conf_dbg(&conf, TlsDebug, 0);
CHECK_EQ(0, mbedtls_ssl_setup(&ssl, &conf));
@ -339,11 +316,13 @@ int main(int argc, char *argv[]) {
/*
* Send HTTP Message.
*/
size_t n;
n = appendz(request).i;
if (usessl) {
ret = mbedtls_ssl_write(&ssl, request.p, request.i);
if (ret != request.i) TlsDie("ssl write", ret);
ret = mbedtls_ssl_write(&ssl, request, n);
if (ret != n) TlsDie("ssl write", ret);
} else {
CHECK_EQ(request.i, write(sock, request.p, request.i));
CHECK_EQ(n, write(sock, request, n));
}
/*
@ -354,7 +333,7 @@ int main(int argc, char *argv[]) {
ssize_t rc;
struct HttpMessage msg;
struct HttpUnchunker u;
size_t g, i, n, hdrlen, paylen;
size_t g, i, hdrlen, paylen;
InitHttpMessage(&msg, kHttpResponse);
for (p = 0, hdrlen = paylen = t = i = n = 0;;) {
if (i == n) {
@ -460,6 +439,7 @@ Finished:
mbedtls_ssl_free(&ssl);
mbedtls_ctr_drbg_free(&drbg);
mbedtls_ssl_config_free(&conf);
mbedtls_x509_crt_free(cachain);
mbedtls_ctr_drbg_free(&drbg);
}

1
examples/examples.mk
View file

@ -69,6 +69,7 @@ EXAMPLES_DIRECTDEPS = \
NET_HTTPS \
THIRD_PARTY_COMPILER_RT \
THIRD_PARTY_DLMALLOC \
THIRD_PARTY_QUICKJS \
THIRD_PARTY_GDTOA \
THIRD_PARTY_GETOPT \
THIRD_PARTY_LUA \

62
examples/fastdiv.c Normal file
View file

@ -0,0 +1,62 @@
#if 0
/*─────────────────────────────────────────────────────────────────╗
To the extent possible under law, Justine Tunney has waived
all copyright and related or neighboring rights to this file,
as it is written in the following disclaimers:
http://unlicense.org/ │
http://creativecommons.org/publicdomain/zero/1.0/ │
*/
#endif
#include "libc/calls/calls.h"
#include "libc/macros.internal.h"
#include "libc/stdio/stdio.h"
#include "libc/sysv/consts/sig.h"
#include "libc/testlib/ezbench.h"
/**
* @fileoverview Fast Division Using Multiplication Tutorial
*
* Expected program output:
*
* 23 / 3 = 7
* 0x5555555555555556 1 1
* division l: 16𝑐 5𝑛𝑠
* fast div l: 5𝑐 2𝑛𝑠
* precomps l: 70𝑐 23𝑛𝑠
*/
struct Divisor {
uint64_t m;
uint8_t s;
uint8_t t;
};
struct Divisor GetDivisor(uint64_t d) {
int b;
uint128_t x;
if (!d) raise(SIGFPE);
b = __builtin_clzll(d) ^ 63;
x = -d & (((1ull << b) - 1) | (1ull << b));
return (struct Divisor){(x << 64) / d + 1, MIN(1, b + 1), MAX(0, b)};
}
uint64_t Divide(uint64_t x, struct Divisor d) {
uint128_t t;
uint64_t l, h;
t = d.m;
t *= x;
l = t;
h = t >> 64;
l = (x - h) >> d.s;
return (h + l) >> d.t;
}
int main(int argc, char *argv[]) {
printf("23 / 3 = %ld\n", Divide(23, GetDivisor(3)));
volatile struct Divisor v = GetDivisor(3);
volatile uint64_t x = 23, y = 3, z;
EZBENCH2("division", donothing, z = x / y);
EZBENCH2("fast div", donothing, z = Divide(x, v));
EZBENCH2("precomp ", donothing, v = GetDivisor(y));
return 0;
}

48
examples/fastmod.c Normal file
View file

@ -0,0 +1,48 @@
#if 0
/*─────────────────────────────────────────────────────────────────╗
To the extent possible under law, Justine Tunney has waived
all copyright and related or neighboring rights to this file,
as it is written in the following disclaimers:
http://unlicense.org/ │
http://creativecommons.org/publicdomain/zero/1.0/ │
*/
#endif
#include "libc/stdio/stdio.h"
#include "libc/testlib/ezbench.h"
/**
* @fileoverview Fast Modulus Using Multiplication Tutorial
*
* Expected program output:
*
* 23 / 3 = 7
* 0x5555555555555556 1 1
* modulus l: 15𝑐 5𝑛𝑠
* fastmod l: 4𝑐 1𝑛𝑠
* precomp l: 18𝑐 6𝑛𝑠
*/
struct Modulus {
uint64_t c;
uint64_t d;
};
struct Modulus GetModulus(uint64_t d) {
return (struct Modulus){0xFFFFFFFFFFFFFFFFull / d + 1, d};
}
uint64_t Modulus(uint64_t x, struct Modulus m) {
return ((uint128_t)(m.c * x) * m.d) >> 64;
}
int main(int argc, char *argv[]) {
printf("%lx %% %d = %d\n", 3, 23, Modulus(23, GetModulus(3)));
printf("%lx %% %d = %d\n", 3, 23,
Modulus(0xf5bd76d4c3c91f47, GetModulus(34)));
volatile struct Modulus v = GetModulus(3);
volatile uint64_t x = 23, y = 3, z;
EZBENCH2("modulus", donothing, z = x % y);
EZBENCH2("fastmod", donothing, z = Modulus(x, v));
EZBENCH2("precomp", donothing, v = GetModulus(y));
return 0;
}

238
examples/getrandom.c Normal file
View file

@ -0,0 +1,238 @@
#if 0
/*─────────────────────────────────────────────────────────────────╗
To the extent possible under law, Justine Tunney has waived
all copyright and related or neighboring rights to this file,
as it is written in the following disclaimers:
http://unlicense.org/ │
http://creativecommons.org/publicdomain/zero/1.0/ │
*/
#endif
#include "libc/bits/bits.h"
#include "libc/calls/calls.h"
#include "libc/errno.h"
#include "libc/fmt/conv.h"
#include "libc/log/check.h"
#include "libc/log/log.h"
#include "libc/macros.internal.h"
#include "libc/nexgen32e/x86feature.h"
#include "libc/rand/rand.h"
#include "libc/stdio/stdio.h"
#include "libc/str/str.h"
#include "libc/sysv/consts/ex.h"
#include "libc/sysv/consts/exit.h"
#include "libc/sysv/consts/grnd.h"
#include "libc/sysv/consts/sig.h"
#include "libc/testlib/hyperion.h"
#include "third_party/getopt/getopt.h"
uint64_t bcast(uint64_t f(void)) {
unsigned i;
uint64_t x;
for (x = i = 0; i < 8; ++i) {
x <<= 8;
x |= f() & 255;
}
return x;
}
uint64_t randv6(void) {
static int16_t gorp;
gorp = (gorp + 625) & 077777;
return gorp;
}
uint64_t randv7(void) {
static uint32_t randx = 1;
return ((randx = randx * 1103515245 + 12345) >> 16) & 077777;
}
uint64_t zero(void) {
return 0;
}
uint64_t inc(void) {
static uint64_t x;
return x++;
}
uint64_t unixv6(void) {
return bcast(randv6);
}
uint64_t unixv7(void) {
return bcast(randv7);
}
uint64_t ape(void) {
static int i;
if ((i += 8) > _end - _base) i = 8;
return READ64LE(_base + i);
}
uint64_t moby(void) {
static int i;
if ((i += 8) > kMobySize) i = 8;
return READ64LE(kMoby + i);
}
uint64_t knuth(void) {
uint64_t a, b;
static uint64_t x = 1;
x *= 6364136223846793005;
x += 1442695040888963407;
a = x >> 32;
x *= 6364136223846793005;
x += 1442695040888963407;
b = x >> 32;
return a | b << 32;
}
uint64_t libc(void) {
uint64_t x;
CHECK_EQ(8, getrandom(&x, 8, 0));
return x;
}
uint64_t kernel(void) {
uint64_t x;
CHECK_EQ(8, getrandom(&x, 8, GRND_NORDRND));
return x;
}
uint64_t hardware(void) {
uint64_t x;
CHECK_EQ(8, getrandom(&x, 8, GRND_NOSYSTEM));
return x;
}
uint64_t rdrnd(void) {
char cf;
int i = 0;
uint64_t x;
CHECK(X86_HAVE(RDRND));
for (;;) {
asm volatile(CFLAG_ASM("rdrand\t%1")
: CFLAG_CONSTRAINT(cf), "=r"(x)
: /* no inputs */
: "cc");
if (cf) return x;
if (++i < 10) continue;
asm volatile("pause");
i = 0;
}
}
uint64_t rdseed(void) {
char cf;
int i = 0;
uint64_t x;
CHECK(X86_HAVE(RDSEED));
for (;;) {
asm volatile(CFLAG_ASM("rdseed\t%1")
: CFLAG_CONSTRAINT(cf), "=r"(x)
: /* no inputs */
: "cc");
if (cf) return x;
if (++i < 10) continue;
asm volatile("pause");
i = 0;
}
}
const struct Function {
const char *s;
uint64_t (*f)(void);
} kFunctions[] = {
{"ape", ape}, //
{"hardware", hardware}, //
{"inc", inc}, //
{"kernel", kernel}, //
{"knuth", knuth}, //
{"libc", libc}, //
{"moby", moby}, //
{"rand64", rand64}, //
{"rdrand", rdrnd}, //
{"rdrnd", rdrnd}, //
{"rdseed", rdseed}, //
{"unixv6", unixv6}, //
{"unixv7", unixv7}, //
{"zero", zero}, //
};
bool isdone;
bool isbinary;
unsigned long count = -1;
void OnInt(int sig) {
isdone = true;
}
wontreturn void PrintUsage(FILE *f, int rc) {
fprintf(f, "Usage: %s [-b] [-n NUM] [FUNC]\n", program_invocation_name);
exit(rc);
}
int main(int argc, char *argv[]) {
int i, opt;
ssize_t rc;
uint64_t x;
uint64_t (*f)(void);
while ((opt = getopt(argc, argv, "hbn:")) != -1) {
switch (opt) {
case 'b':
isbinary = true;
break;
case 'n':
count = strtoul(optarg, 0, 0);
break;
case 'h':
PrintUsage(stdout, EXIT_SUCCESS);
default:
PrintUsage(stderr, EX_USAGE);
}
}
if (optind == argc) {
f = libc;
} else {
for (f = 0, i = 0; i < ARRAYLEN(kFunctions); ++i) {
if (!strcasecmp(argv[optind], kFunctions[i].s)) {
f = kFunctions[i].f;
break;
}
}
if (!f) {
fprintf(stderr, "unknown function: %`'s\n", argv[optind]);
fprintf(stderr, "try: ");
for (i = 0; i < ARRAYLEN(kFunctions); ++i) {
if (i) fprintf(stderr, ", ");
fprintf(stderr, "%s", kFunctions[i].s);
}
fprintf(stderr, "\n");
return 1;
}
}
signal(SIGINT, OnInt);
signal(SIGPIPE, SIG_IGN);
if (!isbinary) {
for (; count && !isdone && !feof(stdout); --count) {
printf("0x%016lx\n", f());
}
fflush(stdout);
return ferror(stdout) ? 1 : 0;
}
while (count && !isdone) {
x = f();
rc = write(1, &x, MIN(8, count));
if (!rc) break;
if (rc == -1 && errno == EPIPE) return 1;
if (rc == -1) perror("write"), exit(1);
count -= rc;
}
return 0;
}

52
examples/stringbuffer.c
View file

@ -9,47 +9,27 @@
#endif
#include "libc/calls/calls.h"
#include "libc/fmt/fmt.h"
#include "libc/log/check.h"
#include "libc/stdio/append.internal.h"
/**
* @fileoverview Fast Growable Strings Tutorial
*/
struct Buffer {
size_t i, n;
char *p;
};
int AppendFmt(struct Buffer *b, const char *fmt, ...) {
int n;
char *p;
va_list va, vb;
va_start(va, fmt);
va_copy(vb, va);
n = vsnprintf(b->p + b->i, b->n - b->i, fmt, va);
if (n >= b->n - b->i) {
do {
if (b->n) {
b->n += b->n >> 1; /* this is the important line */
} else {
b->n = 16;
}
} while (b->i + n + 1 > b->n);
b->p = realloc(b->p, b->n);
vsnprintf(b->p + b->i, b->n - b->i, fmt, vb);
}
va_end(vb);
va_end(va);
b->i += n;
return n;
}
int main(int argc, char *argv[]) {
struct Buffer b = {0};
AppendFmt(&b, "hello ");
AppendFmt(&b, " world\n");
AppendFmt(&b, "%d arg%s\n", argc, argc == 1 ? "" : "s");
AppendFmt(&b, "%s\n", "have a nice day");
write(1, b.p, b.i);
free(b.p);
char *b = 0;
appendf(&b, "hello "); // guarantees nul terminator
CHECK_EQ(6, strlen(b));
CHECK_EQ(6, appendz(b).i);
appendf(&b, " world\n");
CHECK_EQ(13, strlen(b));
CHECK_EQ(13, appendz(b).i);
appendd(&b, "\0", 1); // supports binary
CHECK_EQ(13, strlen(b));
CHECK_EQ(14, appendz(b).i);
appendf(&b, "%d arg%s\n", argc, argc == 1 ? "" : "s");
appendf(&b, "%s\n", "have a nice day");
write(1, b, appendz(b).i);
free(b);
return 0;
}

1
libc/fmt/conv.h
View file

@ -53,6 +53,7 @@ char *dirname(char *);
char *basename(const char *) nosideeffect;
char *basename_n(const char *, size_t) nosideeffect;
bool isabspath(const char *) paramsnonnull() nosideeffect;
char *stripexts(char *);
/*───────────────────────────────────────────────────────────────────────────│─╗
cosmopolitan § conversion » computation

25
libc/fmt/fmt.c
View file

@ -191,7 +191,12 @@ hidden int __fmt(void *fn, void *arg, const char *format, va_list va) {
} else if (format[1] == '.' && format[2] == '*' && format[3] == 's') {
n = va_arg(va, unsigned); /* FAST PATH: PRECISION STRING */
s = va_arg(va, const char *);
if (!s) s = "(null)", n = MIN(6, n);
if (s) {
n = strnlen(s, n);
} else {
s = "(null)";
n = MIN(6, n);
}
if (out(s, arg, n) == -1) return -1;
format += 4;
continue;
@ -418,10 +423,12 @@ hidden int __fmt(void *fn, void *arg, const char *format, va_list va) {
if (flags & FLAGS_ZEROPAD) {
if (sign) PUT(sign);
sign = 0;
do PUT('0');
do
PUT('0');
while (--width > 0);
} else {
do PUT(' ');
do
PUT(' ');
while (--width > 0);
}
}
@ -523,10 +530,12 @@ hidden int __fmt(void *fn, void *arg, const char *format, va_list va) {
if (flags & FLAGS_ZEROPAD) {
if (sign) PUT(sign);
sign = 0;
do PUT('0');
do
PUT('0');
while (--width > 0);
} else {
do PUT(' ');
do
PUT(' ');
while (--width > 0);
}
}
@ -673,10 +682,12 @@ hidden int __fmt(void *fn, void *arg, const char *format, va_list va) {
PUT(sign);
sign = 0;
}
do PUT('0');
do
PUT('0');
while (--width > 0);
} else {
do PUT(' ');
do
PUT(' ');
while (--width > 0);
}
}

42
libc/fmt/stripexts.c Normal file
View file

@ -0,0 +1,42 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/fmt/fmt.h"
#include "libc/str/str.h"
/**
* Removes file extensions.
*
* @param s is mutated
* @return s
*/
char *stripexts(char *s) {
size_t i;
for (i = strlen(s); i--;) {
switch (s[i]) {
case '.':
s[i] = 0;
break;
case '/':
return s;
default:
break;
}
}
return s;
}

8
libc/intrin/asan.c
View file

@ -660,6 +660,10 @@ static void *__asan_realloc(void *p, size_t n) {
return q;
}
static void *__asan_realloc_in_place(void *p, size_t n) {
return 0;
}
static void *__asan_valloc(size_t n) {
return __asan_memalign(PAGESIZE, n);
}
@ -752,6 +756,7 @@ void __asan_install_malloc_hooks(void) {
HOOK(hook_realloc, __asan_realloc);
HOOK(hook_memalign, __asan_memalign);
HOOK(hook_malloc_trim, __asan_malloc_trim);
HOOK(hook_realloc_in_place, __asan_realloc_in_place);
HOOK(hook_malloc_usable_size, __asan_malloc_usable_size);
}
@ -847,7 +852,8 @@ textstartup void __asan_init(int argc, char **argv, char **envp,
REQUIRE(FindMemoryInterval);
REQUIRE(TrackMemoryInterval);
if (weaken(hook_malloc) || weaken(hook_calloc) || weaken(hook_realloc) ||
weaken(hook_pvalloc) || weaken(hook_valloc) || weaken(hook_free) ||
weaken(hook_realloc_in_place) || weaken(hook_pvalloc) ||
weaken(hook_valloc) || weaken(hook_free) ||
weaken(hook_malloc_usable_size)) {
REQUIRE(dlmemalign);
REQUIRE(dlmalloc_usable_size);

34
libc/log/backtrace2.c
View file

@ -48,7 +48,7 @@ static int PrintBacktraceUsingAddr2line(int fd, const struct StackFrame *bp) {
struct Garbages *garbage;
sigset_t chldmask, savemask;
const struct StackFrame *frame;
const char *debugbin, *p1, *p2, *p3, *addr2line;
char *debugbin, *p1, *p2, *p3, *addr2line;
char buf[kBacktraceBufSize], *argv[kBacktraceMaxFrames];
if (IsOpenbsd()) return -1;
if (IsWindows()) return -1;
@ -90,7 +90,36 @@ static int PrintBacktraceUsingAddr2line(int fd, const struct StackFrame *bp) {
}
close(pipefds[1]);
while ((got = read(pipefds[0], buf, kBacktraceBufSize)) > 0) {
for (p1 = buf; got;) {
p1 = buf;
p3 = p1 + got;
/*
* Remove deep libc error reporting facilities from backtraces.
*
* For example, if the following shows up in Emacs:
*
* 40d097: __die at libc/log/die.c:33
* 434daa: __asan_die at libc/intrin/asan.c:483
* 435146: __asan_report_memory_fault at libc/intrin/asan.c:524
* 435b32: __asan_report_store at libc/intrin/asan.c:719
* 43472e: __asan_report_store1 at libc/intrin/somanyasan.S:118
* 40c3a9: GetCipherSuite at net/https/getciphersuite.c:80
* 4383a5: GetCipherSuite_test at test/net/https/getciphersuite.c:23
* ...
*
* Then it's unpleasant to need to press C-x C-n six times.
*/
while ((p2 = memchr(p1, '\n', p3 - p1))) {
if (memmem(p1, p2 - p1, ": __asan_", 9) ||
memmem(p1, p2 - p1, ": __die", 7)) {
memmove(p1, p2 + 1, p3 - (p2 + 1));
p3 -= p2 + 1 - p1;
} else {
p1 = p2 + 1;
break;
}
}
/*
* remove racist output from gnu tooling, that can't be disabled
* otherwise, since it breaks other tools like emacs that aren't
@ -98,6 +127,7 @@ static int PrintBacktraceUsingAddr2line(int fd, const struct StackFrame *bp) {
* addr2line somehow manages to put the racism onto the one line
* in the backtrace we actually care about.
*/
for (got = p3 - buf, p1 = buf; got;) {
if ((p2 = memmem(p1, got, " (discriminator ",
strlen(" (discriminator ") - 1)) &&
(p3 = memchr(p2, '\n', got - (p2 - p1)))) {

40
libc/log/getcallername.c Normal file
View file

@ -0,0 +1,40 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/alg/bisectcarleft.internal.h"
#include "libc/log/log.h"
#include "libc/nexgen32e/stackframe.h"
#include "libc/runtime/symbols.internal.h"
/**
* Returns name of funciton that called caller function.
*/
const char *GetCallerName(const struct StackFrame *bp) {
struct SymbolTable *st;
if (!bp && (bp = __builtin_frame_address(0))) bp = bp->next;
if (bp && (st = GetSymbolTable()) && st->count &&
((intptr_t)bp->addr >= (intptr_t)&_base &&
(intptr_t)bp->addr <= (intptr_t)&_end)) {
return st->name_base +
st->symbols[bisectcarleft((const int32_t(*)[2])st->symbols,
st->count, bp->addr - st->addr_base - 1)]
.name_rva;
} else {
return 0;
}
}

61
libc/log/log.h
View file

@ -3,6 +3,8 @@
#include "libc/bits/likely.h"
#include "libc/calls/struct/sigset.h"
#include "libc/calls/struct/winsize.h"
#include "libc/nexgen32e/stackframe.h"
#include "libc/runtime/runtime.h"
#include "libc/stdio/stdio.h"
/*───────────────────────────────────────────────────────────────────────────│─╗
cosmopolitan § liblog
@ -21,7 +23,7 @@
*/
#ifndef LOGGABLELEVEL
#ifndef TINY
#define LOGGABLELEVEL kLogDebug
#define LOGGABLELEVEL kLogNoise
/* #elif IsTiny() */
/* #define LOGGABLELEVEL kLogInfo */
#else
@ -44,6 +46,7 @@ bool IsTerminalInarticulate(void) nosideeffect;
const char *commandvenv(const char *, const char *);
const char *GetAddr2linePath(void);
const char *GetGdbPath(void);
const char *GetCallerName(const struct StackFrame *);
void showcrashreports(void);
void callexitontermination(struct sigset *);
@ -63,6 +66,7 @@ extern unsigned __log_level; /* log level for runtime check */
#define FATALF(FMT, ...) \
do { \
++ftrace; \
ffatalf(kLogFatal, __FILE__, __LINE__, NULL, FMT, ##__VA_ARGS__); \
unreachable; \
} while (0)
@ -70,137 +74,174 @@ extern unsigned __log_level; /* log level for runtime check */
#define WARNF(FMT, ...) \
do { \
if (LOGGABLE(kLogWarn)) { \
++ftrace; \
flogf(kLogWarn, __FILE__, __LINE__, NULL, FMT, ##__VA_ARGS__); \
--ftrace; \
} \
} while (0)
#define LOGF(FMT, ...) \
do { \
if (LOGGABLE(kLogInfo)) { \
++ftrace; \
flogf(kLogInfo, __FILE__, __LINE__, NULL, FMT, ##__VA_ARGS__); \
--ftrace; \
} \
} while (0)
#define VERBOSEF(FMT, ...) \
do { \
if (LOGGABLE(kLogVerbose)) { \
++ftrace; \
fverbosef(kLogVerbose, __FILE__, __LINE__, NULL, FMT, ##__VA_ARGS__); \
--ftrace; \
} \
} while (0)
#define DEBUGF(FMT, ...) \
do { \
if (LOGGABLE(kLogDebug)) { \
if (UNLIKELY(LOGGABLE(kLogDebug))) { \
++ftrace; \
fdebugf(kLogDebug, __FILE__, __LINE__, NULL, FMT, ##__VA_ARGS__); \
--ftrace; \
} \
} while (0)
#define NOISEF(FMT, ...) \
do { \
if (LOGGABLE(kLogNoise)) { \
if (UNLIKELY(LOGGABLE(kLogNoise))) { \
++ftrace; \
fnoisef(kLogNoise, __FILE__, __LINE__, NULL, FMT, ##__VA_ARGS__); \
--ftrace; \
} \
} while (0)
#define VFLOG(FMT, VA) \
do { \
if (LOGGABLE(kLogInfo)) { \
++ftrace; \
vflogf(kLogInfo, __FILE__, __LINE__, NULL, FMT, VA); \
--ftrace; \
} \
} while (0)
#define FLOGF(F, FMT, ...) \
do { \
if (LOGGABLE(kLogInfo)) { \
++ftrace; \
flogf(kLogInfo, __FILE__, __LINE__, F, FMT, ##__VA_ARGS__); \
--ftrace; \
} \
} while (0)
#define VFLOGF(F, FMT, VA) \
do { \
if (LOGGABLE(kLogInfo)) { \
++ftrace; \
vflogf(kLogInfo, __FILE__, __LINE__, F, FMT, VA); \
--ftrace; \
} \
} while (0)
#define VWARNF(FMT, VA) \
do { \
if (LOGGABLE(kLogWarn)) { \
++ftrace; \
vflogf(kLogWarn, __FILE__, __LINE__, NULL, FMT, VA); \
--ftrace; \
} \
} while (0)
#define FWARNF(F, FMT, ...) \
do { \
if (LOGGABLE(kLogWarn)) { \
++ftrace; \
flogf(kLogWarn, __FILE__, __LINE__, F, FMT, ##__VA_ARGS__); \
--ftrace; \
} \
} while (0)
#define VFWARNF(F, FMT, VA) \
do { \
if (LOGGABLE(kLogWarn)) { \
++ftrace; \
vflogf(kLogWarn, __FILE__, __LINE__, F, FMT, VA); \
--ftrace; \
} \
} while (0)
#define VFATALF(FMT, VA) \
do { \
++ftrace; \
vffatalf(kLogFatal, __FILE__, __LINE__, NULL, FMT, VA); \
unreachable; \
} while (0)
#define FFATALF(F, FMT, ...) \
do { \
++ftrace; \
ffatalf(kLogFatal, __FILE__, __LINE__, F, FMT, ##__VA_ARGS__); \
unreachable; \
} while (0)
#define VFFATALF(F, FMT, VA) \
do { \
++ftrace; \
vffatalf(kLogFatal, __FILE__, __LINE__, F, FMT, VA); \
unreachable; \
} while (0)
#define VDEBUGF(FMT, VA) \
do { \
if (LOGGABLE(kLogDebug)) { \
if (UNLIKELY(LOGGABLE(kLogDebug))) { \
++ftrace; \
vfdebugf(kLogDebug, __FILE__, __LINE__, NULL, FMT, VA); \
--ftrace; \
} \
} while (0)
#define FDEBUGF(F, FMT, ...) \
do { \
if (LOGGABLE(kLogDebug)) { \
if (UNLIKELY(LOGGABLE(kLogDebug))) { \
++ftrace; \
fdebugf(kLogDebug, __FILE__, __LINE__, F, FMT, ##__VA_ARGS__); \
--ftrace; \
} \
} while (0)
#define VFVERBOSEF(F, FMT, VA) \
do { \
if (LOGGABLE(kLogVerbose)) { \
++ftrace; \
vfverbosef(kLogVerbose, __FILE__, __LINE__, F, FMT, VA); \
--ftrace; \
} \
} while (0)
#define VFDEBUGF(F, FMT, VA) \
do { \
if (LOGGABLE(kLogDebug)) { \
++ftrace; \
vfdebugf(kLogDebug, __FILE__, __LINE__, F, FMT, VA); \
--ftrace; \
} \
} while (0)
#define VNOISEF(FMT, VA) \
do { \
if (LOGGABLE(kLogNoise)) { \
if (UNLIKELY(LOGGABLE(kLogNoise))) { \
++ftrace; \
vfnoisef(kLogNoise, __FILE__, __LINE__, NULL, FMT, VA); \
--ftrace; \
} \
} while (0)
#define FNOISEF(F, FMT, ...) \
do { \
if (LOGGABLE(kLogNoise)) { \
if (UNLIKELY(LOGGABLE(kLogNoise))) { \
++ftrace; \
fnoisef(kLogNoise, __FILE__, __LINE__, F, FMT, ##__VA_ARGS__); \
--ftrace; \
} \
} while (0)
@ -211,8 +252,10 @@ extern unsigned __log_level; /* log level for runtime check */
#define LOGIFNEG1(FORM) \
({ \
autotype(FORM) Ax = (FORM); \
if (Ax == (typeof(Ax))(-1) && LOGGABLE(kLogWarn)) { \
if (UNLIKELY(Ax == (typeof(Ax))(-1)) && LOGGABLE(kLogWarn)) { \
++ftrace; \
__logerrno(__FILE__, __LINE__, #FORM); \
--ftrace; \
} \
Ax; \
})
@ -221,7 +264,9 @@ extern unsigned __log_level; /* log level for runtime check */
({ \
autotype(FORM) Ax = (FORM); \
if (Ax == NULL && LOGGABLE(kLogWarn)) { \
++ftrace; \
__logerrno(__FILE__, __LINE__, #FORM); \
--ftrace; \
} \
Ax; \
})

2
libc/log/vflogf.c
View file

@ -83,7 +83,6 @@ void(vflogf)(unsigned level, const char *file, int line, FILE *f,
int64_t secs, nsec, dots;
if (!f) f = __log_file;
if (!f) return;
++ftrace;
t2 = nowl();
secs = t2;
nsec = (t2 - secs) * 1e9L;
@ -121,5 +120,4 @@ void(vflogf)(unsigned level, const char *file, int line, FILE *f,
__die();
unreachable;
}
--ftrace;
}

116
libc/nexgen32e/mul4x4adx.S Normal file
View file

@ -0,0 +1,116 @@
/*-*- mode:unix-assembly; indent-tabs-mode:t; tab-width:8; coding:utf-8 -*-│
vi: set et ft=asm ts=8 tw=8 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/macros.internal.h"
Mul4x4Adx:
push %rbp
mov %rsp,%rbp
.profilable
push %r15
push %r14
push %r13
push %r12
mov %rdx,%r12
push %rbx
sub $16,%rsp
mov (%rdx),%rdx
mov (%rsi),%rax
mov 16(%rsi),%r11
mov 24(%rsi),%r10
xor %r13d,%r13d
mulx %rax,%rbx,%rax
mov %rbx,-48(%rbp)
mov 8(%rsi),%rbx
mulx %rbx,%rdx,%rcx
adox %rdx,%rax
mov (%r12),%rdx
mulx %r11,%rdx,%r9
adox %rdx,%rcx
mov (%r12),%rdx
mulx %r10,%rdx,%r8
adox %rdx,%r9
adox %r13,%r8
xor %r13d,%r13d
mov (%rsi),%r14
mov 8(%r12),%rdx
mulx %r14,%r14,%r15
adox %r14,%rax
adcx %r15,%rcx
mov %rax,-56(%rbp)
mulx %rbx,%r14,%rax
adox %r14,%rcx
adcx %rax,%r9
mulx %r11,%r14,%rax
adox %r14,%r9
adcx %rax,%r8
mulx %r10,%rdx,%rax
adox %rdx,%r8
mov 16(%r12),%rdx
adcx %r13,%rax
adox %r13,%rax
mov (%rsi),%r13
xor %r15d,%r15d
mulx %r13,%r13,%r14
adox %r13,%rcx
adcx %r14,%r9
mulx %rbx,%r14,%r13
adox %r14,%r9
adcx %r13,%r8
mulx %r11,%r14,%r13
adox %r14,%r8
adcx %r13,%rax
mov (%rsi),%rsi
mulx %r10,%rdx,%r13
adox %rdx,%rax
adcx %r15,%r13
mov 24(%r12),%rdx
adox %r15,%r13
mulx %rsi,%r12,%rsi
xor %r14d,%r14d
adox %r12,%r9
adcx %rsi,%r8
mulx %rbx,%rsi,%rbx
adox %rsi,%r8
adcx %rbx,%rax
mulx %r11,%r11,%rsi
mov -56(%rbp),%rbx
mov %rcx,16(%rdi)
adcx %rsi,%r13
mov -48(%rbp),%rsi
mov %rbx,8(%rdi)
adox %r11,%rax
mov %r9,24(%rdi)
mov %r8,32(%rdi)
mov %rax,40(%rdi)
mulx %r10,%rdx,%r10
adox %rdx,%r13
adcx %r14,%r10
mov %r13,48(%rdi)
adox %r14,%r10
mov %rsi,(%rdi)
mov %r10,56(%rdi)
add $16,%rsp
pop %rbx
pop %r12
pop %r13
pop %r14
pop %r15
pop %rbp
ret
.endfn Mul4x4Adx,globl

182
libc/nexgen32e/mul6x6adx.S Normal file
View file

@ -0,0 +1,182 @@
/*-*- mode:unix-assembly; indent-tabs-mode:t; tab-width:8; coding:utf-8 -*-│
vi: set et ft=asm ts=8 tw=8 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/macros.internal.h"
Mul6x6Adx:
push %rbp
mov %rsp,%rbp
.profilable
push %r15
push %r14
push %r13
push %r12
push %rbx
mov %rdx,%rbx
sub $24,%rsp
mov (%rdx),%rdx
xor %r8d,%r8d
mulx (%rsi),%rcx,%rax
mulx 8(%rsi),%rdx,%r12
mov %rcx,-48(%rbp)
adox %rdx,%rax
mov (%rbx),%rdx
mulx 16(%rsi),%rdx,%r15
adox %rdx,%r12
mov (%rbx),%rdx
mulx 24(%rsi),%rdx,%r10
adox %rdx,%r15
mov (%rbx),%rdx
mulx 32(%rsi),%rdx,%r9
adox %rdx,%r10
mov (%rbx),%rdx
mulx 40(%rsi),%rdx,%rcx
adox %rdx,%r9
mov 8(%rbx),%rdx
adox %r8,%rcx
mulx (%rsi),%r13,%r11
xor %r8d,%r8d
adox %r13,%rax
adcx %r11,%r12
mov %rax,-56(%rbp)
mulx 8(%rsi),%r11,%rax
adox %r11,%r12
adcx %rax,%r15
mov %r12,%r14
mulx 16(%rsi),%r11,%rax
adox %r11,%r15
adcx %rax,%r10
mulx 24(%rsi),%r11,%rax
adox %r11,%r10
adcx %rax,%r9
mulx 32(%rsi),%r11,%rax
adox %r11,%r9
adcx %rax,%rcx
mulx 40(%rsi),%rdx,%rax
adox %rdx,%rcx
adcx %r8,%rax
mov 16(%rbx),%rdx
adox %r8,%rax
mulx (%rsi),%r13,%r8
xor %r11d,%r11d
adox %r13,%r14
mov %r14,-64(%rbp)
adcx %r8,%r15
mulx 8(%rsi),%r12,%r8
adox %r12,%r15
adcx %r8,%r10
mulx 16(%rsi),%r12,%r8
adox %r12,%r10
adcx %r8,%r9
mulx 24(%rsi),%r12,%r8
adox %r12,%r9
adcx %r8,%rcx
mulx 32(%rsi),%r12,%r8
adox %r12,%rcx
adcx %r8,%rax
mulx 40(%rsi),%rdx,%r8
adox %rdx,%rax
adcx %r11,%r8
mov 24(%rbx),%rdx
adox %r11,%r8
mulx (%rsi),%r13,%r11
xor %r12d,%r12d
adox %r13,%r15
adcx %r11,%r10
mulx 8(%rsi),%r13,%r11
adox %r13,%r10
adcx %r11,%r9
mulx 16(%rsi),%r13,%r11
adox %r13,%r9
adcx %r11,%rcx
mulx 24(%rsi),%r13,%r11
adox %r13,%rcx
adcx %r11,%rax
mulx 32(%rsi),%r13,%r11
adox %r13,%rax
adcx %r11,%r8
mulx 40(%rsi),%rdx,%r11
adox %rdx,%r8
mov 32(%rbx),%rdx
adcx %r12,%r11
mulx (%rsi),%r14,%r13
adox %r12,%r11
xor %r12d,%r12d
adox %r14,%r10
adcx %r13,%r9
mulx 8(%rsi),%r14,%r13
adox %r14,%r9
adcx %r13,%rcx
mulx 16(%rsi),%r14,%r13
adox %r14,%rcx
adcx %r13,%rax
mulx 24(%rsi),%r14,%r13
adox %r14,%rax
adcx %r13,%r8
mulx 32(%rsi),%r14,%r13
adox %r14,%r8
adcx %r13,%r11
mulx 40(%rsi),%rdx,%r13
adox %rdx,%r11
adcx %r12,%r13
mov 40(%rbx),%rdx
adox %r12,%r13
mulx (%rsi),%r14,%rbx
xor %r12d,%r12d
adox %r14,%r9
adcx %rbx,%rcx
mulx 8(%rsi),%r14,%rbx
adox %r14,%rcx
adcx %rbx,%rax
mulx 16(%rsi),%r14,%rbx
adox %r14,%rax
adcx %rbx,%r8
mulx 24(%rsi),%r14,%rbx
adox %r14,%r8
adcx %rbx,%r11
mulx 32(%rsi),%r14,%rbx
mulx 40(%rsi),%rsi,%rdx
adox %r14,%r11
adcx %rbx,%r13
adox %rsi,%r13
adcx %r12,%rdx
adox %r12,%rdx
mov -48(%rbp),%rsi
mov -56(%rbp),%rbx
mov %r15,24(%rdi)
mov -64(%rbp),%r14
mov %r13,80(%rdi)
mov %rbx,8(%rdi)
mov %r14,16(%rdi)
mov %rsi,(%rdi)
mov %r10,32(%rdi)
mov %r9,40(%rdi)
mov %rcx,48(%rdi)
mov %rax,56(%rdi)
mov %r8,64(%rdi)
mov %r11,72(%rdi)
mov %rdx,88(%rdi)
add $24,%rsp
pop %rbx
pop %r12
pop %r13
pop %r14
pop %r15
pop %rbp
ret
.endfn Mul6x6Adx,globl

483
libc/nexgen32e/mul8x8.S Normal file
View file

@ -0,0 +1,483 @@
/*-*- mode:unix-assembly; indent-tabs-mode:t; tab-width:8; coding:utf-8 -*-│
vi: set et ft=asm ts=8 tw=8 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/macros.internal.h"
/ Computes 1024-bit product of 512-bit and 512-bit numbers.
/
/ Instructions: 262
/ Total Cycles: 114
/ Total uOps: 469
/ Dispatch Width: 6
/ uOps Per Cycle: 4.11
/ IPC: 2.30
/ Block RThroughput: 78.2
/
/ @param rdi receives 16 quadword result
/ @param rsi is left hand side which must have 8 quadwords
/ @param rdx is right hand side which must have 8 quadwords
/ @note words are host endian while array is little endian
/ @mayalias
Mul8x8Adx:
push %rbp
mov %rsp,%rbp
.profilable
push %r15
push %r14
push %r13
push %r12
mov %rdx,%r12
push %rbx
sub $64,%rsp
mov (%rdx),%rdx
xor %r13d,%r13d
mulx (%rsi),%rax,%rcx
mov %rdi,-48(%rbp)
mov %rax,-56(%rbp)
mulx 8(%rsi),%rdx,%rax
adox %rdx,%rcx
mov (%r12),%rdx
mulx 16(%rsi),%rdx,%rbx
adox %rdx,%rax
mov (%r12),%rdx
mulx 24(%rsi),%rdx,%r11
adox %rdx,%rbx
mov (%r12),%rdx
mulx 32(%rsi),%rdx,%r10
adox %rdx,%r11
mov (%r12),%rdx
mulx 40(%rsi),%rdx,%r9
adox %rdx,%r10
mov (%r12),%rdx
mulx 48(%rsi),%rdx,%r8
adox %rdx,%r9
mov (%r12),%rdx
mulx 56(%rsi),%rdx,%rdi
adox %rdx,%r8
adox %r13,%rdi
xor %r13d,%r13d
mov 8(%r12),%rdx
mulx (%rsi),%r15,%r14
adox %r15,%rcx
adcx %r14,%rax
mov %rcx,-64(%rbp)
mulx 8(%rsi),%r14,%rcx
adox %r14,%rax
adcx %rcx,%rbx
mulx 16(%rsi),%r14,%rcx
adox %r14,%rbx
adcx %rcx,%r11
mulx 24(%rsi),%r14,%rcx
adox %r14,%r11
adcx %rcx,%r10
mulx 32(%rsi),%r14,%rcx
adox %r14,%r10
adcx %rcx,%r9
mulx 40(%rsi),%r14,%rcx
adox %r14,%r9
adcx %rcx,%r8
mulx 48(%rsi),%r14,%rcx
adox %r14,%r8
adcx %rcx,%rdi
mulx 56(%rsi),%rdx,%rcx
adox %rdx,%rdi
adcx %r13,%rcx
mov 16(%r12),%rdx
adox %r13,%rcx
mulx (%rsi),%r15,%r14
xor %r13d,%r13d
adox %r15,%rax
adcx %r14,%rbx
mov %rax,-72(%rbp)
mulx 8(%rsi),%r14,%rax
adox %r14,%rbx
adcx %rax,%r11
mulx 16(%rsi),%r14,%rax
adox %r14,%r11
adcx %rax,%r10
mulx 24(%rsi),%r14,%rax
adox %r14,%r10
adcx %rax,%r9
mulx 32(%rsi),%r14,%rax
adox %r14,%r9
adcx %rax,%r8
mulx 40(%rsi),%r14,%rax
adox %r14,%r8
adcx %rax,%rdi
mulx 48(%rsi),%r14,%rax
adox %r14,%rdi
adcx %rax,%rcx
mulx 56(%rsi),%rdx,%rax
adox %rdx,%rcx
adcx %r13,%rax
adox %r13,%rax
xor %r13d,%r13d
mov 24(%r12),%rdx
mulx (%rsi),%r15,%r14
adox %r15,%rbx
adcx %r14,%r11
mov %rbx,-80(%rbp)
mov %r11,%r15
mulx 8(%rsi),%r14,%rbx
adox %r14,%r15
adcx %rbx,%r10
mulx 16(%rsi),%rbx,%r11
adox %rbx,%r10
adcx %r11,%r9
mulx 24(%rsi),%rbx,%r11
adox %rbx,%r9
adcx %r11,%r8
mulx 32(%rsi),%rbx,%r11
adox %rbx,%r8
adcx %r11,%rdi
mulx 40(%rsi),%rbx,%r11
adox %rbx,%rdi
adcx %r11,%rcx
mulx 48(%rsi),%rbx,%r11
adox %rbx,%rcx
adcx %r11,%rax
mulx 56(%rsi),%rdx,%r11
adox %rdx,%rax
adcx %r13,%r11
mov 32(%r12),%rdx
adox %r13,%r11
xor %ebx,%ebx
mulx (%rsi),%r14,%r13
adox %r14,%r15
adcx %r13,%r10
mov %r15,-88(%rbp)
mulx 8(%rsi),%r14,%r13
mov %r10,%r15
adcx %r13,%r9
adox %r14,%r15
mulx 16(%rsi),%r13,%r10
adox %r13,%r9
adcx %r10,%r8
mulx 24(%rsi),%r13,%r10
adcx %r10,%rdi
adox %r13,%r8
mulx 32(%rsi),%r13,%r10
adox %r13,%rdi
adcx %r10,%rcx
mulx 40(%rsi),%r13,%r10
adox %r13,%rcx
adcx %r10,%rax
mulx 48(%rsi),%r13,%r10
adox %r13,%rax
adcx %r10,%r11
mulx 56(%rsi),%rdx,%r10
adox %rdx,%r11
adcx %rbx,%r10
mov 40(%r12),%rdx
adox %rbx,%r10
mulx (%rsi),%r14,%r13
xor %ebx,%ebx
adox %r14,%r15
mov %r15,-96(%rbp)
adcx %r13,%r9
mulx 8(%rsi),%r14,%r13
mov %r9,%r15
adox %r14,%r15
adcx %r13,%r8
mulx 16(%rsi),%r13,%r9
adox %r13,%r8
adcx %r9,%rdi
mulx 24(%rsi),%r13,%r9
adox %r13,%rdi
adcx %r9,%rcx
mulx 32(%rsi),%r13,%r9
adox %r13,%rcx
adcx %r9,%rax
mulx 40(%rsi),%r13,%r9
adox %r13,%rax
adcx %r9,%r11
mulx 48(%rsi),%r13,%r9
adox %r13,%r11
adcx %r9,%r10
mulx 56(%rsi),%rdx,%r9
adox %rdx,%r10
adcx %rbx,%r9
adox %rbx,%r9
xor %ebx,%ebx
mov 48(%r12),%rdx
mulx (%rsi),%r14,%r13
adox %r14,%r15
adcx %r13,%r8
mov %r15,-104(%rbp)
mulx 8(%rsi),%r14,%r13
mov %r8,%r15
adcx %r13,%rdi
adox %r14,%r15
mulx 16(%rsi),%r13,%r8
adox %r13,%rdi
adcx %r8,%rcx
mulx 24(%rsi),%r13,%r8
adox %r13,%rcx
adcx %r8,%rax
mulx 32(%rsi),%r13,%r8
adox %r13,%rax
adcx %r8,%r11
mulx 40(%rsi),%r13,%r8
adox %r13,%r11
adcx %r8,%r10
mulx 48(%rsi),%r13,%r8
adox %r13,%r10
adcx %r8,%r9
mulx 56(%rsi),%rdx,%r8
adox %rdx,%r9
mov 56(%r12),%rdx
adcx %rbx,%r8
mulx (%rsi),%r13,%r12
adox %rbx,%r8
xor %ebx,%ebx
adox %r13,%r15
adcx %r12,%rdi
mulx 8(%rsi),%r13,%r12
adox %r13,%rdi
adcx %r12,%rcx
mulx 16(%rsi),%r13,%r12
adox %r13,%rcx
adcx %r12,%rax
mulx 24(%rsi),%r13,%r12
adox %r13,%rax
adcx %r12,%r11
mulx 32(%rsi),%r13,%r12
adox %r13,%r11
adcx %r12,%r10
mulx 40(%rsi),%r13,%r12
adox %r13,%r10
adcx %r12,%r9
mulx 48(%rsi),%r13,%r12
mulx 56(%rsi),%rsi,%rdx
adox %r13,%r9
adcx %r12,%r8
adox %rsi,%r8
adcx %rbx,%rdx
mov -64(%rbp),%rsi
adox %rbx,%rdx
mov -48(%rbp),%rbx
mov -56(%rbp),%r14
mov %rsi,8(%rbx)
mov -72(%rbp),%rsi
mov %r14,(%rbx)
mov %rsi,16(%rbx)
mov -80(%rbp),%rsi
mov %rsi,24(%rbx)
mov -88(%rbp),%rsi
mov %rsi,32(%rbx)
mov -96(%rbp),%rsi
mov %rsi,40(%rbx)
mov -104(%rbp),%rsi
mov %r15,56(%rbx)
mov %rsi,48(%rbx)
mov %rdi,64(%rbx)
mov %rcx,72(%rbx)
mov %rax,80(%rbx)
mov %r11,88(%rbx)
mov %r10,96(%rbx)
mov %r9,104(%rbx)
mov %r8,112(%rbx)
mov %rdx,120(%rbx)
add $64,%rsp
pop %rbx
pop %r12
pop %r13
pop %r14
pop %r15
pop %rbp
ret
.endfn Mul8x8Adx,globl
.end
Timeline view: 0123456789 0123456789 0123456789 0123456789
Index 0123456789 0123456789 0123456789 0123456789
[0,0] DeeER. . . . . . . . . . . . . . . . pushq %r15
[0,1] D==eeER . . . . . . . . . . . . . . . pushq %r14
[0,2] .D===eeER . . . . . . . . . . . . . . . pushq %r13
[0,3] .D=====eeER . . . . . . . . . . . . . . pushq %r12
[0,4] . DeE-----R . . . . . . . . . . . . . . movq %rdx, %r12
[0,5] . D======eeER . . . . . . . . . . . . . . pushq %rbx
[0,6] . D========eER . . . . . . . . . . . . . . subq $64, %rsp
[0,7] . DeeeeeE----R . . . . . . . . . . . . . . movq (%rdx), %rdx
[0,8] . D---------R . . . . . . . . . . . . . . xorl %r13d, %r13d
[0,9] . D====eeeeeeeeeER . . . . . . . . . . . . . mulxq (%rsi), %rax, %rcx
[0,10] . D======eE------R . . . . . . . . . . . . . movq %rdi, -48(%rbp)
[0,11] . D======eE-----R . . . . . . . . . . . . . movq %rax, -56(%rbp)
[0,12] . D====eeeeeeeeeER. . . . . . . . . . . . . mulxq 8(%rsi), %rdx, %rax
[0,13] . D============eER. . . . . . . . . . . . . adoxq %rdx, %rcx
[0,14] . DeeeeeE-------R. . . . . . . . . . . . . movq (%r12), %rdx
[0,15] . D=====eeeeeeeeeER . . . . . . . . . . . . mulxq 16(%rsi), %rdx, %rbx
[0,16] . D============eE-R . . . . . . . . . . . . adoxq %rdx, %rax
[0,17] . .DeeeeeE--------R . . . . . . . . . . . . movq (%r12), %rdx
[0,18] . .D=====eeeeeeeeeER . . . . . . . . . . . . mulxq 24(%rsi), %rdx, %r11
[0,19] . .D=============eER . . . . . . . . . . . . adoxq %rdx, %rbx
[0,20] . . DeeeeeE--------R . . . . . . . . . . . . movq (%r12), %rdx
[0,21] . . D=====eeeeeeeeeER . . . . . . . . . . . . mulxq 32(%rsi), %rdx, %r10
[0,22] . . D=============eER . . . . . . . . . . . . adoxq %rdx, %r11
[0,23] . . DeeeeeE--------R . . . . . . . . . . . . movq (%r12), %rdx
[0,24] . . D=====eeeeeeeeeER. . . . . . . . . . . . mulxq 40(%rsi), %rdx, %r9
[0,25] . . D=============eER. . . . . . . . . . . . adoxq %rdx, %r10
[0,26] . . DeeeeeE--------R. . . . . . . . . . . . movq (%r12), %rdx
[0,27] . . D=====eeeeeeeeeER . . . . . . . . . . . mulxq 48(%rsi), %rdx, %r8
[0,28] . . D=============eER . . . . . . . . . . . adoxq %rdx, %r9
[0,29] . . DeeeeeE--------R . . . . . . . . . . . movq (%r12), %rdx
[0,30] . . D=====eeeeeeeeeER . . . . . . . . . . . mulxq 56(%rsi), %rdx, %rdi
[0,31] . . D=============eER . . . . . . . . . . . adoxq %rdx, %r8
[0,32] . . .D=============eER . . . . . . . . . . . adoxq %r13, %rdi
[0,33] . . .D---------------R . . . . . . . . . . . xorl %r13d, %r13d
[0,34] . . .DeeeeeE---------R . . . . . . . . . . . movq 8(%r12), %rdx
[0,35] . . . D====eeeeeeeeeER . . . . . . . . . . . mulxq (%rsi), %r15, %r14
[0,36] . . . D=======eE-----R . . . . . . . . . . . adoxq %r15, %rcx
[0,37] . . . D=============eER . . . . . . . . . . . adcxq %r14, %rax
[0,38] . . . D=======eE-----R . . . . . . . . . . . movq %rcx, -64(%rbp)
[0,39] . . . D====eeeeeeeeeER . . . . . . . . . . . mulxq 8(%rsi), %r14, %rcx
[0,40] . . . D=============eER. . . . . . . . . . . adoxq %r14, %rax
[0,41] . . . D=============eER . . . . . . . . . . adcxq %rcx, %rbx
[0,42] . . . D====eeeeeeeeeE-R . . . . . . . . . . mulxq 16(%rsi), %r14, %rcx
[0,43] . . . D==============eER . . . . . . . . . . adoxq %r14, %rbx
[0,44] . . . D==============eER . . . . . . . . . . adcxq %rcx, %r11
[0,45] . . . D====eeeeeeeeeE--R . . . . . . . . . . mulxq 24(%rsi), %r14, %rcx
[0,46] . . . D===============eER . . . . . . . . . . adoxq %r14, %r11
[0,47] . . . .D===============eER. . . . . . . . . . adcxq %rcx, %r10
[0,48] . . . .D====eeeeeeeeeE---R. . . . . . . . . . mulxq 32(%rsi), %r14, %rcx
[0,49] . . . .D================eER . . . . . . . . . adoxq %r14, %r10
[0,50] . . . . D================eER . . . . . . . . . adcxq %rcx, %r9
[0,51] . . . . D====eeeeeeeeeE----R . . . . . . . . . mulxq 40(%rsi), %r14, %rcx
[0,52] . . . . D=================eER . . . . . . . . . adoxq %r14, %r9
[0,53] . . . . D=================eER . . . . . . . . . adcxq %rcx, %r8
[0,54] . . . . D====eeeeeeeeeE-----R . . . . . . . . . mulxq 48(%rsi), %r14, %rcx
[0,55] . . . . D==================eER. . . . . . . . . adoxq %r14, %r8
[0,56] . . . . D==================eER . . . . . . . . adcxq %rcx, %rdi
[0,57] . . . . D====eeeeeeeeeE------R . . . . . . . . mulxq 56(%rsi), %rdx, %rcx
[0,58] . . . . D===================eER . . . . . . . . adoxq %rdx, %rdi
[0,59] . . . . D===================eER . . . . . . . . adcxq %r13, %rcx
[0,60] . . . . DeeeeeE---------------R . . . . . . . . movq 16(%r12), %rdx
[0,61] . . . . D====================eER . . . . . . . . adoxq %r13, %rcx
[0,62] . . . . .D====eeeeeeeeeE-------R . . . . . . . . mulxq (%rsi), %r15, %r14
[0,63] . . . . .D---------------------R . . . . . . . . xorl %r13d, %r13d
[0,64] . . . . .D=======eE------------R . . . . . . . . adoxq %r15, %rax
[0,65] . . . . . D============eE------R . . . . . . . . adcxq %r14, %rbx
[0,66] . . . . . D=======eE-----------R . . . . . . . . movq %rax, -72(%rbp)
[0,67] . . . . . D====eeeeeeeeeE------R . . . . . . . . mulxq 8(%rsi), %r14, %rax
[0,68] . . . . . D============eE-----R . . . . . . . . adoxq %r14, %rbx
[0,69] . . . . . D=============eE----R . . . . . . . . adcxq %rax, %r11
[0,70] . . . . . D====eeeeeeeeeE-----R . . . . . . . . mulxq 16(%rsi), %r14, %rax
[0,71] . . . . . D=============eE---R . . . . . . . . adoxq %r14, %r11
[0,72] . . . . . D==============eE--R . . . . . . . . adcxq %rax, %r10
[0,73] . . . . . D====eeeeeeeeeE----R . . . . . . . . mulxq 24(%rsi), %r14, %rax
[0,74] . . . . . D==============eE-R . . . . . . . . adoxq %r14, %r10
[0,75] . . . . . D===============eER . . . . . . . . adcxq %rax, %r9
[0,76] . . . . . D====eeeeeeeeeE---R . . . . . . . . mulxq 32(%rsi), %r14, %rax
[0,77] . . . . . .D===============eER. . . . . . . . adoxq %r14, %r9
[0,78] . . . . . .D================eER . . . . . . . adcxq %rax, %r8
[0,79] . . . . . .D====eeeeeeeeeE----R . . . . . . . mulxq 40(%rsi), %r14, %rax
[0,80] . . . . . . D================eER . . . . . . . adoxq %r14, %r8
[0,81] . . . . . . D=================eER . . . . . . . adcxq %rax, %rdi
[0,82] . . . . . . D====eeeeeeeeeE-----R . . . . . . . mulxq 48(%rsi), %r14, %rax
[0,83] . . . . . . D=================eER . . . . . . . adoxq %r14, %rdi
[0,84] . . . . . . D==================eER. . . . . . . adcxq %rax, %rcx
[0,85] . . . . . . D====eeeeeeeeeE------R. . . . . . . mulxq 56(%rsi), %rdx, %rax
[0,86] . . . . . . D==================eER . . . . . . adoxq %rdx, %rcx
[0,87] . . . . . . D===================eER . . . . . . adcxq %r13, %rax
[0,88] . . . . . . D====================eER . . . . . . adoxq %r13, %rax
[0,89] . . . . . . D----------------------R . . . . . . xorl %r13d, %r13d
[0,90] . . . . . . DeeeeeE----------------R . . . . . . movq 24(%r12), %rdx
[0,91] . . . . . . D====eeeeeeeeeE-------R . . . . . . mulxq (%rsi), %r15, %r14
[0,92] . . . . . . D===========eE--------R . . . . . . adoxq %r15, %rbx
[0,93] . . . . . . D=============eE------R . . . . . . adcxq %r14, %r11
[0,94] . . . . . . .D===========eE-------R . . . . . . movq %rbx, -80(%rbp)
[0,95] . . . . . . .D=============eE-----R . . . . . . movq %r11, %r15
[0,96] . . . . . . .D====eeeeeeeeeE------R . . . . . . mulxq 8(%rsi), %r14, %rbx
[0,97] . . . . . . . D=============eE----R . . . . . . adoxq %r14, %r15
[0,98] . . . . . . . D==============eE---R . . . . . . adcxq %rbx, %r10
[0,99] . . . . . . . D====eeeeeeeeeE-----R . . . . . . mulxq 16(%rsi), %rbx, %r11
[0,100] . . . . . . . D==============eE--R . . . . . . adoxq %rbx, %r10
[0,101] . . . . . . . D===============eE-R . . . . . . adcxq %r11, %r9
[0,102] . . . . . . . D====eeeeeeeeeE----R . . . . . . mulxq 24(%rsi), %rbx, %r11
[0,103] . . . . . . . D===============eER . . . . . . adoxq %rbx, %r9
[0,104] . . . . . . . D================eER . . . . . . adcxq %r11, %r8
[0,105] . . . . . . . D====eeeeeeeeeE----R . . . . . . mulxq 32(%rsi), %rbx, %r11
[0,106] . . . . . . . D================eER. . . . . . adoxq %rbx, %r8
[0,107] . . . . . . . D=================eER . . . . . adcxq %r11, %rdi
[0,108] . . . . . . . D====eeeeeeeeeE-----R . . . . . mulxq 40(%rsi), %rbx, %r11
[0,109] . . . . . . . .D=================eER . . . . . adoxq %rbx, %rdi
[0,110] . . . . . . . .D==================eER . . . . . adcxq %r11, %rcx
[0,111] . . . . . . . .D====eeeeeeeeeE------R . . . . . mulxq 48(%rsi), %rbx, %r11
[0,112] . . . . . . . . D==================eER . . . . . adoxq %rbx, %rcx
[0,113] . . . . . . . . D===================eER. . . . . adcxq %r11, %rax
[0,114] . . . . . . . . D====eeeeeeeeeE-------R. . . . . mulxq 56(%rsi), %rdx, %r11
[0,115] . . . . . . . . D===================eER . . . . adoxq %rdx, %rax
[0,116] . . . . . . . . D====================eER . . . . adcxq %r13, %r11
[0,117] . . . . . . . . DeeeeeE----------------R . . . . movq 32(%r12), %rdx
[0,118] . . . . . . . . D=====================eER . . . . adoxq %r13, %r11
[0,119] . . . . . . . . D=====E-----------------R . . . . xorl %ebx, %ebx
[0,120] . . . . . . . . D====eeeeeeeeeE--------R . . . . mulxq (%rsi), %r14, %r13
[0,121] . . . . . . . . D===========eE---------R . . . . adoxq %r14, %r15
[0,122] . . . . . . . . D=============eE-------R . . . . adcxq %r13, %r10
[0,123] . . . . . . . . D===========eE--------R . . . . movq %r15, -88(%rbp)
[0,124] . . . . . . . . D====eeeeeeeeeE-------R . . . . mulxq 8(%rsi), %r14, %r13
[0,125] . . . . . . . . D=============eE------R . . . . movq %r10, %r15
[0,126] . . . . . . . . .D============eE------R . . . . adcxq %r13, %r9
[0,127] . . . . . . . . .D=============eE-----R . . . . adoxq %r14, %r15
[0,128] . . . . . . . . .D====eeeeeeeeeE------R . . . . mulxq 16(%rsi), %r13, %r10
[0,129] . . . . . . . . . D=============eE----R . . . . adoxq %r13, %r9
[0,130] . . . . . . . . . D==============eE---R . . . . adcxq %r10, %r8
[0,131] . . . . . . . . . D====eeeeeeeeeE-----R . . . . mulxq 24(%rsi), %r13, %r10
[0,132] . . . . . . . . . D==============eE--R . . . . adcxq %r10, %rdi
[0,133] . . . . . . . . . D===============eE-R . . . . adoxq %r13, %r8
[0,134] . . . . . . . . . D====eeeeeeeeeE----R . . . . mulxq 32(%rsi), %r13, %r10
[0,135] . . . . . . . . . D===============eER . . . . adoxq %r13, %rdi
[0,136] . . . . . . . . . D================eER . . . . adcxq %r10, %rcx
[0,137] . . . . . . . . . D====eeeeeeeeeE----R . . . . mulxq 40(%rsi), %r13, %r10
[0,138] . . . . . . . . . D================eER. . . . adoxq %r13, %rcx
[0,139] . . . . . . . . . D=================eER . . . adcxq %r10, %rax
[0,140] . . . . . . . . . D====eeeeeeeeeE-----R . . . mulxq 48(%rsi), %r13, %r10
[0,141] . . . . . . . . . .D=================eER . . . adoxq %r13, %rax
[0,142] . . . . . . . . . .D==================eER . . . adcxq %r10, %r11
[0,143] . . . . . . . . . .D====eeeeeeeeeE------R . . . mulxq 56(%rsi), %rdx, %r10
[0,144] . . . . . . . . . . D==================eER . . . adoxq %rdx, %r11
[0,145] . . . . . . . . . . D===================eER. . . adcxq %rbx, %r10
[0,146] . . . . . . . . . . DeeeeeE---------------R. . . movq 40(%r12), %rdx
[0,147] . . . . . . . . . . D====================eER . . adoxq %rbx, %r10
[0,148] . . . . . . . . . . D====eeeeeeeeeE-------R . . mulxq (%rsi), %r14, %r13
[0,149] . . . . . . . . . . D---------------------R . . xorl %ebx, %ebx
[0,150] . . . . . . . . . . D============eE-------R . . adoxq %r14, %r15
[0,151] . . . . . . . . . . D============eE------R . . movq %r15, -96(%rbp)
[0,152] . . . . . . . . . . D============eE------R . . adcxq %r13, %r9
[0,153] . . . . . . . . . . D=====eeeeeeeeeE-----R . . mulxq 8(%rsi), %r14, %r13
[0,154] . . . . . . . . . . D============eE-----R . . movq %r9, %r15
[0,155] . . . . . . . . . . D=============eE----R . . adoxq %r14, %r15
[0,156] . . . . . . . . . . D==============eE---R . . adcxq %r13, %r8
[0,157] . . . . . . . . . . .D====eeeeeeeeeE----R . . mulxq 16(%rsi), %r13, %r9
[0,158] . . . . . . . . . . .D==============eE--R . . adoxq %r13, %r8
[0,159] . . . . . . . . . . .D===============eE-R . . adcxq %r9, %rdi
[0,160] . . . . . . . . . . . D====eeeeeeeeeE---R . . mulxq 24(%rsi), %r13, %r9
[0,161] . . . . . . . . . . . D===============eER . . adoxq %r13, %rdi
[0,162] . . . . . . . . . . . D================eER . . adcxq %r9, %rcx
[0,163] . . . . . . . . . . . D====eeeeeeeeeE---R . . mulxq 32(%rsi), %r13, %r9
[0,164] . . . . . . . . . . . D================eER . . adoxq %r13, %rcx
[0,165] . . . . . . . . . . . D=================eER . . adcxq %r9, %rax
[0,166] . . . . . . . . . . . D====eeeeeeeeeE----R . . mulxq 40(%rsi), %r13, %r9
[0,167] . . . . . . . . . . . D=================eER. . adoxq %r13, %rax
[0,168] . . . . . . . . . . . D==================eER . adcxq %r9, %r11
[0,169] . . . . . . . . . . . D====eeeeeeeeeE-----R . mulxq 48(%rsi), %r13, %r9
[0,170] . . . . . . . . . . . D==================eER . adoxq %r13, %r11
[0,171] . . . . . . . . . . . D===================eER . adcxq %r9, %r10
[0,172] . . . . . . . . . . . .D====eeeeeeeeeE------R . mulxq 56(%rsi), %rdx, %r9
[0,173] . . . . . . . . . . . .D===================eER. adoxq %rdx, %r10
[0,174] . . . . . . . . . . . .D====================eER adcxq %rbx, %r9

1
libc/runtime/ftracer.c
View file

@ -104,7 +104,6 @@ privileged noasan void ftracer(void) {
p = mempcpy(p, symbol, symbolsize);
*p++ = ' ';
p += uint64toarray_radix10((stamp - laststamp) / 3.3, p);
*p++ = '\r';
*p++ = '\n';
write(2, g_buf, p - g_buf);
}

25
libc/stdio/append.internal.h Normal file
View file

@ -0,0 +1,25 @@
#ifndef COSMOPOLITAN_LIBC_STDIO_APPEND_INTERNAL_H_
#define COSMOPOLITAN_LIBC_STDIO_APPEND_INTERNAL_H_
#define APPEND_COOKIE 21578
#if !(__ASSEMBLER__ + __LINKER__ + 0)
COSMOPOLITAN_C_START_
struct appendz {
size_t i; /* data size */
size_t n; /* allocation size */
};
int appendf(char **, const char *, ...);
int vappendf(char **, const char *, va_list);
int appends(char **, const char *);
int appendd(char **, const void *, size_t);
struct appendz appendz(char *);
#if defined(__GNUC__) && !defined(__STRICT_ANSI__)
#define appendf(BUF, FMT, ...) (appendf)(BUF, PFLINK(FMT), ##__VA_ARGS__)
#define vappendf(BUF, FMT, VA) (vappendf)(BUF, PFLINK(FMT), VA)
#endif
COSMOPOLITAN_C_END_
#endif /* !(__ASSEMBLER__ + __LINKER__ + 0) */
#endif /* COSMOPOLITAN_LIBC_STDIO_APPEND_INTERNAL_H_ */

54
libc/stdio/appendd.c Normal file
View file

@ -0,0 +1,54 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/assert.h"
#include "libc/dce.h"
#include "libc/macros.internal.h"
#include "libc/mem/mem.h"
#include "libc/stdio/append.internal.h"
#include "libc/str/str.h"
#define W sizeof(size_t)
/**
* Appends raw data to buffer.
*/
int appendd(char **b, const void *s, size_t l) {
char *p;
struct appendz z;
z = appendz((p = *b));
if (ROUNDUP(z.i + l + 1, 8) + W > z.n) {
if (!z.n) z.n = W * 2;
while (ROUNDUP(z.i + l + 1, 8) + W > z.n) z.n += z.n >> 1;
z.n = ROUNDUP(z.n, W);
if ((p = realloc(p, z.n))) {
z.n = malloc_usable_size(p);
assert(!(z.n & (W - 1)));
*b = p;
} else {
return -1;
}
}
memcpy(p + z.i, s, l + 1);
z.i += l;
if (!IsTiny() && W == 8) {
z.i |= (size_t)APPEND_COOKIE << 48;
}
*(size_t *)(p + z.n - W) = z.i;
return l;
}

31
libc/stdio/appendf.c Normal file
View file

@ -0,0 +1,31 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/stdio/append.internal.h"
/**
* Appends formatted data to buffer.
*/
int(appendf)(char **b, const char *fmt, ...) {
int n;
va_list va;
va_start(va, fmt);
n = (vappendf)(b, fmt, va);
va_end(va);
return n;
}

27
libc/stdio/appends.c Normal file
View file

@ -0,0 +1,27 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/stdio/append.internal.h"
#include "libc/str/str.h"
/**
* Appends string to buffer.
*/
int appends(char **b, const char *s) {
return appendd(b, s, strlen(s));
}

45
libc/stdio/appendz.c Normal file
View file

@ -0,0 +1,45 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/assert.h"
#include "libc/dce.h"
#include "libc/mem/mem.h"
#include "libc/stdio/append.internal.h"
#define W sizeof(size_t)
/**
* Returns size of append buffer.
*/
struct appendz appendz(char *p) {
struct appendz z;
if (p) {
z.n = malloc_usable_size(p);
assert(z.n >= W * 2 && !(z.n & (W - 1)));
z.i = *(size_t *)(p + z.n - W);
if (!IsTiny() && W == 8) {
assert((z.i >> 48) == APPEND_COOKIE);
z.i &= 0x0000ffffffffffff;
}
assert(z.n >= z.i);
} else {
z.i = 0;
z.n = 0;
}
return z;
}

10
libc/stdio/stdout.c
View file

@ -36,9 +36,15 @@ static textstartup void __stdout_init() {
struct FILE *sf;
sf = stdout;
asm("" : "+r"(sf));
if (IsWindows() || ischardev(pushpop(sf->fd))) {
/*
* Unlike other C libraries we don't bother calling fstat() to check
* if stdio is a character device and we instead choose to always line
* buffer it. We need it because there's no way to use the unbuffer
* command on a statically linked binary. This still goes fast. We
* value latency more than throughput, and stdio isn't the best api
* when the goal is throughput.
*/
sf->bufmode = _IOLBF;
}
__fflush_register(sf);
}

59
libc/stdio/vappendf.c Normal file
View file

@ -0,0 +1,59 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/assert.h"
#include "libc/fmt/fmt.h"
#include "libc/macros.internal.h"
#include "libc/mem/mem.h"
#include "libc/stdio/append.internal.h"
#define W sizeof(size_t)
/**
* Appends data to buffer.
*/
int(vappendf)(char **b, const char *f, va_list v) {
char *p;
int r, s;
va_list w;
struct appendz z;
z = appendz((p = *b));
va_copy(w, v);
if ((r = (vsnprintf)(p + z.i, z.n ? z.n - W - z.i : 0, f, v)) >= 0) {
if (ROUNDUP(z.i + r + 1, 8) + W > z.n) {
if (!z.n) z.n = W * 2;
while (ROUNDUP(z.i + r + 1, 8) + W > z.n) z.n += z.n >> 1;
z.n = ROUNDUP(z.n, W);
if ((p = realloc(p, z.n))) {
z.n = malloc_usable_size(p);
assert(!(z.n & (W - 1)));
s = (vsnprintf)(p + z.i, z.n - W - z.i, f, w);
assert(s == r);
*b = p;
} else {
va_end(w);
return -1;
}
}
z.i += r;
if (!IsTiny() && W == 8) z.i |= (size_t)APPEND_COOKIE << 48;
*(size_t *)(p + z.n - W) = z.i;
}
va_end(w);
return r;
}

16
libc/str/memcasecmp.c
View file

@ -16,6 +16,7 @@
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/bits/bits.h"
#include "libc/str/str.h"
/**
@ -25,10 +26,23 @@
int memcasecmp(const void *p, const void *q, size_t n) {
int c;
size_t i;
uint64_t w;
const unsigned char *a, *b;
if ((a = p) != (b = q)) {
for (i = 0; i < n; ++i) {
if ((c = kToLower[a[i]] - kToLower[b[i]])) {
while (i + 8 <= n) {
w = READ64LE(a);
w ^= READ64LE(b);
if (w) {
i += (unsigned)__builtin_ctzll(w) >> 3;
break;
} else {
i += 8;
}
}
if (i == n) {
break;
} else if ((c = kToLower[a[i]] - kToLower[b[i]])) {
return c;
}
}

2
net/http/gethttpheader.inc
View file

@ -72,7 +72,7 @@ static unsigned char gperf_downcase[256] =
#ifndef GPERF_CASE_STRNCMP
#define GPERF_CASE_STRNCMP 1
static int
static inline int
gperf_case_strncmp (register const char *s1, register const char *s2, register size_t n)
{
for (; n > 0;)

4
net/http/parseip.c
View file

@ -30,13 +30,14 @@ int64_t ParseIp(const char *s, size_t n) {
uint32_t x;
int b, c, j;
if (n == -1) n = s ? strlen(s) : 0;
if (!n) return -1;
for (b = x = j = i = 0; i < n; ++i) {
c = s[i] & 255;
if (isdigit(c)) {
b *= 10;
b += c - '0';
if (b > 255) return -1;
} else if (c == '.') {
if (b > 255) return -1;
x <<= 8;
x |= b;
b = 0;
@ -47,6 +48,5 @@ int64_t ParseIp(const char *s, size_t n) {
}
x <<= 8;
x |= b;
if (j != 3) return -1;
return x;
}

37
net/https/getsslcachefile.c Normal file
View file

@ -0,0 +1,37 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/bits/safemacros.internal.h"
#include "libc/fmt/fmt.h"
#include "libc/runtime/runtime.h"
#include "net/https/sslcache.h"
/**
* Returns recommended path argument for CreateSslCache().
* @return pointer to static memory
*/
char *GetSslCacheFile(void) {
static char sslcachefile[PATH_MAX + 1];
if (snprintf(sslcachefile, sizeof(sslcachefile), "%s/%s.sslcache",
firstnonnull(getenv("TMPDIR"), "/tmp"),
getenv("USER")) <= PATH_MAX) {
return sslcachefile;
} else {
return 0;
}
}

16
net/https/getsslroots.c
View file

@ -30,21 +30,7 @@
#include "net/https/https.h"
#include "third_party/mbedtls/x509_crt.h"
STATIC_YOINK("zip_uri_support");
STATIC_YOINK("usr/share/ssl/root/amazon.pem");
STATIC_YOINK("usr/share/ssl/root/certum.pem");
STATIC_YOINK("usr/share/ssl/root/comodo.pem");
STATIC_YOINK("usr/share/ssl/root/digicert.pem");
STATIC_YOINK("usr/share/ssl/root/dst.pem");
STATIC_YOINK("usr/share/ssl/root/geotrust.pem");
STATIC_YOINK("usr/share/ssl/root/globalsign.pem");
STATIC_YOINK("usr/share/ssl/root/godaddy.pem");
STATIC_YOINK("usr/share/ssl/root/google.pem");
STATIC_YOINK("usr/share/ssl/root/isrg.pem");
STATIC_YOINK("usr/share/ssl/root/quovadis.pem");
STATIC_YOINK("usr/share/ssl/root/redbean.pem");
STATIC_YOINK("usr/share/ssl/root/starfield.pem");
STATIC_YOINK("usr/share/ssl/root/verisign.pem");
STATIC_YOINK("ssl_root_support");
mbedtls_x509_crt *GetSslRoots(void) {
int fd;

1
net/https/https.h
View file

@ -1,6 +1,7 @@
#ifndef COSMOPOLITAN_NET_HTTPS_HTTPS_H_
#define COSMOPOLITAN_NET_HTTPS_HTTPS_H_
#include "libc/time/struct/tm.h"
#include "third_party/mbedtls/ssl_ciphersuites.h"
#include "third_party/mbedtls/x509_crt.h"
#if !(__ASSEMBLER__ + __LINKER__ + 0)
COSMOPOLITAN_C_START_

65
net/https/sslcache.c
View file

@ -19,17 +19,24 @@
#include "libc/bits/bits.h"
#include "libc/bits/safemacros.internal.h"
#include "libc/calls/calls.h"
#include "libc/calls/struct/stat.h"
#include "libc/errno.h"
#include "libc/log/check.h"
#include "libc/log/log.h"
#include "libc/macros.internal.h"
#include "libc/nexgen32e/rdtsc.h"
#include "libc/runtime/runtime.h"
#include "libc/str/str.h"
#include "libc/sysv/consts/map.h"
#include "libc/sysv/consts/o.h"
#include "libc/sysv/consts/prot.h"
#include "net/https/sslcache.h"
#include "third_party/mbedtls/ssl.h"
#include "third_party/mbedtls/x509_crt.h"
#define PROT (PROT_READ | PROT_WRITE)
#define FLAGS MAP_SHARED
static uint32_t HashSslSession(mbedtls_ssl_session *session) {
int i;
uint32_t h;
@ -44,16 +51,46 @@ static uint32_t HashSslSession(mbedtls_ssl_session *session) {
return h;
}
struct SslCache *CreateSslCache(size_t bytes, int lifetime) {
struct SslCache *c;
static struct SslCache *OpenSslCache(const char *path, size_t size) {
int fd;
struct stat st;
struct SslCache *c = NULL;
if (path) {
if ((fd = open(path, O_RDWR | O_CREAT, 0600)) != -1) {
CHECK_NE(-1, fstat(fd, &st));
if (st.st_size && st.st_size != size) {
WARNF("unlinking sslcache because size changed from %,zu to %,zu",
st.st_size, size);
unlink(path);
fd = open(path, O_RDWR | O_CREAT, 0600);
st.st_size = 0;
}
if (fd != -1) {
if (!st.st_size) CHECK_NE(-1, ftruncate(fd, size));
c = mmap(0, size, PROT, FLAGS, fd, 0);
close(fd);
}
} else {
WARNF("sslcache open(%`'s) failed %s", path, strerror(errno));
}
}
return c;
}
struct SslCache *CreateSslCache(const char *path, size_t bytes, int lifetime) {
size_t ents, size;
struct SslCache *c;
if (!bytes) bytes = 10 * 1024 * 1024;
if (lifetime <= 0) lifetime = 24 * 60 * 60;
ents = rounddown2pow(MAX(2, bytes / sizeof(struct SslCacheEntry)));
size = sizeof(struct SslCache) + sizeof(struct SslCacheEntry) * ents;
size = ROUNDUP(size, FRAMESIZE);
CHECK_NE(MAP_FAILED, (c = mmap(NULL, size, PROT_READ | PROT_WRITE,
MAP_SHARED | MAP_ANONYMOUS, -1, 0)));
VERBOSEF("ssl cache %,zu bytes with %,u slots", size, ents);
c->lifetime = lifetime > 0 ? lifetime : 24 * 60 * 60;
c = OpenSslCache(path, size);
if (!c) c = mmap(0, size, PROT, FLAGS | MAP_ANONYMOUS, -1, 0);
CHECK_NE(MAP_FAILED, c);
VERBOSEF("opened %`'s %,zu bytes with %,u slots",
c ? path : "anonymous shared memory", size, ents);
c->lifetime = lifetime;
c->size = size;
c->mask = ents - 1;
return c;
@ -72,6 +109,7 @@ int UncacheSslSession(void *data, mbedtls_ssl_session *session) {
mbedtls_x509_crt *cert;
struct SslCacheEntry *e;
uint32_t i, hash, ticketlen;
LOGF("uncache");
cache = data;
hash = HashSslSession(session);
i = hash & cache->mask;
@ -85,12 +123,12 @@ int UncacheSslSession(void *data, mbedtls_ssl_session *session) {
session->compression != e->session.compression ||
session->id_len != e->session.id_len ||
memcmp(session->id, e->session.id, e->session.id_len)) {
VERBOSEF("%u ssl cache collision", i);
VERBOSEF("%u sslcache collision", i);
return 1;
}
ts = time(0);
if (!(e->time <= ts && ts <= e->time + cache->lifetime)) {
DEBUGF("%u ssl cache expired", i);
DEBUGF("%u sslcache expired", i);
lockcmpxchg(&e->tick, tick, 0);
return 1;
}
@ -114,7 +152,7 @@ int UncacheSslSession(void *data, mbedtls_ssl_session *session) {
DEBUGF("%u restored ssl from cache", i);
return 0;
Contention:
WARNF("%u ssl cache contention 0x%08x", i, hash);
WARNF("%u sslcache contention 0x%08x", i, hash);
mbedtls_x509_crt_free(cert);
free(ticket);
free(cert);
@ -159,10 +197,13 @@ int CacheSslSession(void *data, const mbedtls_ssl_session *session) {
}
e->hash = hash;
e->time = time(0);
tick = unsignedsubtract(rdtsc(), kStartTsc);
tick = rdtsc();
asm volatile("" ::: "memory");
if (lockcmpxchg(&e->pid, pid, 0)) {
DEBUGF("%u saved", i);
if (tick && lockcmpxchg(&e->pid, pid, 0)) {
DEBUGF("%u saved %s%s %`#.*s", i,
mbedtls_ssl_get_ciphersuite_name(session->ciphersuite),
session->compression ? " DEFLATE" : "", session->id_len,
session->id);
e->tick = tick;
return 0;
} else {

3
net/https/sslcache.h
View file

@ -21,10 +21,11 @@ struct SslCache {
} p[];
};
struct SslCache *CreateSslCache(size_t, int);
struct SslCache *CreateSslCache(const char *, size_t, int);
void FreeSslCache(struct SslCache *);
int UncacheSslSession(void *, mbedtls_ssl_session *);
int CacheSslSession(void *, const mbedtls_ssl_session *);
char *GetSslCacheFile(void);
COSMOPOLITAN_C_END_
#endif /* !(__ASSEMBLER__ + __LINKER__ + 0) */

37
net/https/sslroots.c Normal file
View file

@ -0,0 +1,37 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "net/https/https.h"
STATIC_YOINK("zip_uri_support");
STATIC_YOINK("usr/share/ssl/root/amazon.pem");
STATIC_YOINK("usr/share/ssl/root/certum.pem");
STATIC_YOINK("usr/share/ssl/root/comodo.pem");
STATIC_YOINK("usr/share/ssl/root/digicert.pem");
STATIC_YOINK("usr/share/ssl/root/dst.pem");
STATIC_YOINK("usr/share/ssl/root/geotrust.pem");
STATIC_YOINK("usr/share/ssl/root/globalsign.pem");
STATIC_YOINK("usr/share/ssl/root/godaddy.pem");
STATIC_YOINK("usr/share/ssl/root/google.pem");
STATIC_YOINK("usr/share/ssl/root/isrg.pem");
STATIC_YOINK("usr/share/ssl/root/quovadis.pem");
STATIC_YOINK("usr/share/ssl/root/redbean.pem");
STATIC_YOINK("usr/share/ssl/root/starfield.pem");
STATIC_YOINK("usr/share/ssl/root/verisign.pem");
char ssl_root_support;

31
test/libc/fmt/stripexts_test.c Normal file
View file

@ -0,0 +1,31 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/fmt/conv.h"
#include "libc/fmt/fmt.h"
#include "libc/testlib/testlib.h"
TEST(stripexts, test) {
char s[] = "foo/bar.com.dbg";
EXPECT_STREQ("foo/bar", stripexts(s));
}
TEST(stripexts, test2) {
char s[] = "foo/bar.com.dbg";
EXPECT_STREQ("bar", stripexts(basename(s)));
}

62
test/libc/stdio/vappendf_test.c Normal file
View file

@ -0,0 +1,62 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/stdio/append.internal.h"
#include "libc/testlib/ezbench.h"
#include "libc/testlib/testlib.h"
TEST(vappendf, test) {
char *b = 0;
appendf(&b, "hello ");
EXPECT_EQ(6, appendz(b).i);
EXPECT_EQ(6, strlen(b)); // guarantees nul terminator
appendf(&b, " world\n");
EXPECT_EQ(13, appendz(b).i);
EXPECT_EQ(13, strlen(b));
appendd(&b, "\0", 1); // supports binary
EXPECT_EQ(14, appendz(b).i);
EXPECT_EQ(13, strlen(b));
EXPECT_EQ(0, b[13]);
EXPECT_EQ(0, b[14]);
EXPECT_STREQ("hello world\n", b);
free(b);
}
TEST(vappends, test) {
char *b = 0;
appends(&b, "hello ");
EXPECT_EQ(6, appendz(b).i);
EXPECT_EQ(6, strlen(b)); // guarantees nul terminator
appends(&b, " world\n");
EXPECT_EQ(13, appendz(b).i);
EXPECT_EQ(13, strlen(b));
EXPECT_EQ(0, b[13]);
EXPECT_STREQ("hello world\n", b);
free(b);
}
BENCH(vappendf, bench) {
const char t[] = {0};
char *b = 0;
EZBENCH2("appendf", donothing, appendf(&b, "1"));
free(b), b = 0;
EZBENCH2("appends", donothing, appends(&b, "1"));
free(b), b = 0;
EZBENCH2("appendd", donothing, appendd(&b, t, 1));
free(b);
}

39
test/libc/str/memcasecmp_test.c Normal file
View file

@ -0,0 +1,39 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/mem/mem.h"
#include "libc/runtime/gc.internal.h"
#include "libc/str/str.h"
#include "libc/testlib/ezbench.h"
#include "libc/testlib/hyperion.h"
#include "libc/testlib/testlib.h"
TEST(memcasecmp, test) {
EXPECT_EQ(0, memcasecmp("HELLOHELLO", "hellohello", 10));
EXPECT_EQ(-17, memcasecmp("HELLOHELLO", "yelloyello", 10));
EXPECT_EQ(-17, memcasecmp("HELLOHELLO", "YELLOYELLO", 10));
EXPECT_EQ(+17, memcasecmp("yelloyello", "HELLOHELLO", 10));
EXPECT_EQ(0, memcasecmp("\0ELLo\0ELLo", "\0ELLO\0ELLO", 10));
EXPECT_NE(0, memcasecmp("\0ELLo\0ELLo", "\0ELL-\0ELL-", 10));
}
BENCH(memcasecmp, bench) {
volatile char *copy = gc(strdup(kHyperion));
EZBENCH2("memcasecmp", donothing,
EXPROPRIATE(memcasecmp(kHyperion, copy, kHyperionSize)));
}

11
test/libc/str/strcmp_test.c
View file

@ -16,6 +16,7 @@
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/assert.h"
#include "libc/bits/bits.h"
#include "libc/dce.h"
#include "libc/macros.internal.h"
@ -27,6 +28,7 @@
#include "libc/stdio/stdio.h"
#include "libc/str/str.h"
#include "libc/testlib/ezbench.h"
#include "libc/testlib/hyperion.h"
#include "libc/testlib/testlib.h"
int (*memcmpi)(const void *, const void *, size_t) = memcmp;
@ -602,3 +604,12 @@ BENCH(bench_01_strcasecmp, bench) {
longstringislong_dupe(size, data, dupe),
EXPROPRIATE(strcasecmp_pure(VEIL("r", data), VEIL("r", dupe))));
}
BENCH(memcmp, bench) {
volatile char *copy = gc(strdup(kHyperion));
EZBENCH2("memcmp big", donothing,
EXPROPRIATE(memcmp(kHyperion, copy, kHyperionSize)));
copy = gc(strdup("tought little ship"));
EZBENCH2("memcmp 19", donothing,
EXPROPRIATE(memcmp("tought little ship", copy, 19)));
}

32
test/net/http/isacceptablehost_test.c
View file

@ -57,38 +57,6 @@ TEST(IsAcceptablePort, test) {
EXPECT_FALSE(IsAcceptablePort("http", -1));
}
TEST(ParseIp, test) {
EXPECT_EQ(-1, ParseIp("", -1));
EXPECT_EQ(0x00000000, ParseIp("0.0.0.0", -1));
EXPECT_EQ(0x01020304, ParseIp("1.2.3.4", -1));
EXPECT_EQ(0x80020304, ParseIp("128.2.3.4", -1));
EXPECT_EQ(0xFFFFFFFF, ParseIp("255.255.255.255", -1));
EXPECT_EQ(0xcb007100, ParseIp("203.0.113.0", -1));
EXPECT_EQ(0x00000000, ParseIp("...", -1)); /* meh */
EXPECT_EQ(-1, ParseIp("128.2..3.4", -1));
EXPECT_EQ(-1, ParseIp("1.2.3", -1));
EXPECT_EQ(-1, ParseIp("256.255.255.255", -1));
EXPECT_EQ(-1, ParseIp("1.2.3.4.5", -1));
EXPECT_EQ(-1, ParseIp("1.2.3.4.5.arpa", -1));
EXPECT_EQ(-1, ParseIp("255.255.255", -1));
EXPECT_EQ(-1, ParseIp("hello", -1));
EXPECT_EQ(-1, ParseIp("hello\177", -1));
EXPECT_EQ(-1, ParseIp("hello.example\300\200", -1));
EXPECT_EQ(-1, ParseIp(".", -1));
EXPECT_EQ(-1, ParseIp(".e", -1));
EXPECT_EQ(-1, ParseIp("e.", -1));
EXPECT_EQ(-1, ParseIp(".hi.example", -1));
EXPECT_EQ(-1, ParseIp("hi..example", -1));
EXPECT_EQ(-1, ParseIp("hi-there.example", -1));
EXPECT_EQ(-1, ParseIp("_there.example", -1));
EXPECT_EQ(-1, ParseIp("-there.example", -1));
EXPECT_EQ(-1, ParseIp("there-.example", -1));
EXPECT_EQ(-1, ParseIp("ther#e.example", -1));
EXPECT_EQ(-1, ParseIp("localhost", -1));
EXPECT_EQ(-1, ParseIp("hello.example", -1));
EXPECT_EQ(-1, ParseIp("hello..example", -1));
}
BENCH(IsAcceptableHost, bench) {
uint32_t ip;
uint16_t port;

49
test/net/http/parseip_test.c Normal file
View file

@ -0,0 +1,49 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/testlib/testlib.h"
#include "net/http/http.h"
TEST(ParseIp, test) {
EXPECT_EQ(-1, ParseIp("", -1));
EXPECT_EQ(0x00000000, ParseIp("0.0.0.0", -1));
EXPECT_EQ(0x01020304, ParseIp("1.2.3.4", -1));
EXPECT_EQ(0x01020304, ParseIp("16909060", -1));
EXPECT_EQ(0x80020304, ParseIp("128.2.3.4", -1));
EXPECT_EQ(0xFFFFFFFF, ParseIp("255.255.255.255", -1));
EXPECT_EQ(0xcb007100, ParseIp("203.0.113.0", -1));
EXPECT_EQ(0x00000000, ParseIp("...", -1)); /* meh */
EXPECT_EQ(0x80000304, ParseIp("128.0.3.4", -1));
EXPECT_EQ(0x80000304, ParseIp("128..3.4", -1));
EXPECT_EQ(-1, ParseIp("256.255.255.255", -1));
EXPECT_EQ(-1, ParseIp("hello", -1));
EXPECT_EQ(-1, ParseIp("hello\177", -1));
EXPECT_EQ(-1, ParseIp("hello.example\300\200", -1));
EXPECT_EQ(-1, ParseIp(".e", -1));
EXPECT_EQ(-1, ParseIp("e.", -1));
EXPECT_EQ(-1, ParseIp(".hi.example", -1));
EXPECT_EQ(-1, ParseIp("hi..example", -1));
EXPECT_EQ(-1, ParseIp("hi-there.example", -1));
EXPECT_EQ(-1, ParseIp("_there.example", -1));
EXPECT_EQ(-1, ParseIp("-there.example", -1));
EXPECT_EQ(-1, ParseIp("there-.example", -1));
EXPECT_EQ(-1, ParseIp("ther#e.example", -1));
EXPECT_EQ(-1, ParseIp("localhost", -1));
EXPECT_EQ(-1, ParseIp("hello.example", -1));
EXPECT_EQ(-1, ParseIp("hello..example", -1));
}

4
test/net/http/test.mk
View file

@ -28,10 +28,6 @@ TEST_NET_HTTP_DIRECTDEPS = \
TEST_NET_HTTP_DEPS := \
$(call uniq,$(foreach x,$(TEST_NET_HTTP_DIRECTDEPS),$($(x))))
o/$(MODE)/test/net/http/joyent_test.o: \
OVERRIDE_CPPFLAGS += \
-DSTACK_FRAME_UNLIMITED
o/$(MODE)/test/net/http/http.pkg: \
$(TEST_NET_HTTP_OBJS) \
$(foreach x,$(TEST_NET_HTTP_DIRECTDEPS),$($(x)_A).pkg)

72
test/net/https/getciphersuite_test.c Normal file
View file

@ -0,0 +1,72 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/testlib/testlib.h"
#include "third_party/mbedtls/config.h"
#include "third_party/mbedtls/ssl_ciphersuites.h"
int GetCipherId(const char *s) {
const mbedtls_ssl_ciphersuite_t *c;
if ((c = GetCipherSuite(s))) {
return c->id;
} else {
return -1;
}
}
#ifdef MBEDTLS_CIPHER_MODE_CBC
TEST(GetCipherSuite, theOlde) {
EXPECT_EQ(0x002F, GetCipherId("RSA-AES128-CBC-SHA")); // Cosmo
EXPECT_EQ(0x002F, GetCipherId("TLS_RSA_AES_128_CBC_SHA1")); // GnuTLS
EXPECT_EQ(0x002F, GetCipherId("TLS_RSA_WITH_AES_128_CBC_SHA")); // IANA
// EXPECT_EQ(0x002F, GetCipherId("AES128-SHA")); // OpenSSL
}
#endif
#ifdef MBEDTLS_DES_C
TEST(GetCipherSuite, theAncient) {
EXPECT_EQ(0x000A, GetCipherId("RSA-3DES-EDE-CBC-SHA")); // Cosmo
EXPECT_EQ(0x000A, GetCipherId("TLS_RSA_3DES_EDE_CBC_SHA1")); // GnuTLS
EXPECT_EQ(0x000A, GetCipherId("TLS_RSA_WITH_3DES_EDE_CBC_SHA")); // IANA
// EXPECT_EQ(0x000A, GetCipherId("DES-CBC3-SHA"));
}
#endif
#ifdef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
TEST(GetCipherSuite, theUltimo) {
EXPECT_EQ(0xC02C, GetCipherId("ECDHE-ECDSA-AES256-GCM-SHA384"));
EXPECT_EQ(0xC02C, GetCipherId("ECDHE-ECDSA-WITH-AES-256-GCM-SHA384"));
EXPECT_EQ(0xC02C, GetCipherId("TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384"));
EXPECT_EQ(0xC02C, GetCipherId("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"));
}
#endif
#ifdef MBEDTLS_CHACHAPOLY_C
TEST(GetCipherSuite, arcfourReborn) {
EXPECT_EQ(0xCCA8, GetCipherId("ECDHE-RSA-CHACHA20-POLY1305-SHA256"));
EXPECT_EQ(0xCCA8, GetCipherId("TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"));
// EXPECT_EQ(0xCCA8, GetCipherId("TLS_ECDHE_RSA_CHACHA20_POLY1305"));
// EXPECT_EQ(0xCCA8, GetCipherId("ECDHE-RSA-CHACHA20-POLY1305"));
}
#endif
TEST(GetCipherSuite, forTheeNotForMe) {
EXPECT_EQ(0x0004, GetCipherId("RSA-RC4-128-MD5")); // Cosmo
EXPECT_EQ(0x0004, GetCipherId("TLS_RSA_WITH_RC4_128_MD5")); // IANA
// EXPECT_EQ(0x0004, GetCipherId("TLS_RSA_ARCFOUR_128_MD5"));
}

1114
test/net/https/mbedtls_test.c Normal file
View file

File diff suppressed because it is too large Load diff

46
test/net/https/test.mk Normal file
View file

@ -0,0 +1,46 @@
#-*-mode:makefile-gmake;indent-tabs-mode:t;tab-width:8;coding:utf-8-*-┐
#───vi: set et ft=make ts=8 tw=8 fenc=utf-8 :vi───────────────────────┘
PKGS += TEST_NET_HTTPS
TEST_NET_HTTPS_SRCS := $(wildcard test/net/https/*.c)
TEST_NET_HTTPS_SRCS_TEST = $(filter %_test.c,$(TEST_NET_HTTPS_SRCS))
TEST_NET_HTTPS_BINS = $(TEST_NET_HTTPS_COMS) $(TEST_NET_HTTPS_COMS:%=%.dbg)
TEST_NET_HTTPS_OBJS = \
$(TEST_NET_HTTPS_SRCS:%.c=o/$(MODE)/%.o)
TEST_NET_HTTPS_COMS = \
$(TEST_NET_HTTPS_SRCS:%.c=o/$(MODE)/%.com)
TEST_NET_HTTPS_TESTS = \
$(TEST_NET_HTTPS_SRCS_TEST:%.c=o/$(MODE)/%.com.ok)
TEST_NET_HTTPS_CHECKS = \
$(TEST_NET_HTTPS_SRCS_TEST:%.c=o/$(MODE)/%.com.runs)
TEST_NET_HTTPS_DIRECTDEPS = \
NET_HTTPS \
LIBC_LOG \
LIBC_TESTLIB \
THIRD_PARTY_MBEDTLS
TEST_NET_HTTPS_DEPS := \
$(call uniq,$(foreach x,$(TEST_NET_HTTPS_DIRECTDEPS),$($(x))))
o/$(MODE)/test/net/https/https.pkg: \
$(TEST_NET_HTTPS_OBJS) \
$(foreach x,$(TEST_NET_HTTPS_DIRECTDEPS),$($(x)_A).pkg)
o/$(MODE)/test/net/https/%.com.dbg: \
$(TEST_NET_HTTPS_DEPS) \
o/$(MODE)/test/net/https/%.o \
$(LIBC_TESTMAIN) \
$(CRT) \
$(APE)
@$(APELINK)
.PHONY: o/$(MODE)/test/net/https
o/$(MODE)/test/net/https: \
$(TEST_NET_HTTPS_BINS) \
$(TEST_NET_HTTPS_CHECKS)

3
test/net/test.mk
View file

@ -2,4 +2,5 @@
#───vi: set et ft=make ts=8 tw=8 fenc=utf-8 :vi───────────────────────┘
.PHONY: o/$(MODE)/test/net
o/$(MODE)/test/net: o/$(MODE)/test/net/http
o/$(MODE)/test/net: o/$(MODE)/test/net/http \
o/$(MODE)/test/net/https

187
test/tool/net/mbedtls_test.c
View file

@ -1,187 +0,0 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/testlib/ezbench.h"
#include "libc/testlib/hyperion.h"
#include "libc/testlib/testlib.h"
#include "third_party/mbedtls/aes.h"
#include "third_party/mbedtls/base64.h"
#include "third_party/mbedtls/bignum.h"
#include "third_party/mbedtls/chacha20.h"
#include "third_party/mbedtls/chachapoly.h"
#include "third_party/mbedtls/ctr_drbg.h"
#include "third_party/mbedtls/des.h"
#include "third_party/mbedtls/dhm.h"
#include "third_party/mbedtls/ecp.h"
#include "third_party/mbedtls/entropy.h"
#include "third_party/mbedtls/gcm.h"
#include "third_party/mbedtls/hmac_drbg.h"
#include "third_party/mbedtls/md5.h"
#include "third_party/mbedtls/memory_buffer_alloc.h"
#include "third_party/mbedtls/nist_kw.h"
#include "third_party/mbedtls/pkcs5.h"
#include "third_party/mbedtls/poly1305.h"
#include "third_party/mbedtls/rsa.h"
#include "third_party/mbedtls/sha1.h"
#include "third_party/mbedtls/sha256.h"
#include "third_party/mbedtls/sha512.h"
#include "third_party/mbedtls/x509.h"
#ifdef MBEDTLS_SELF_TEST
TEST(mbedtls, selfTest) {
#ifdef MBEDTLS_DES_C
EXPECT_EQ(0, mbedtls_des_self_test(0));
#endif
#ifdef MBEDTLS_CTR_DRBG_C
EXPECT_EQ(0, mbedtls_ctr_drbg_self_test(0));
#endif
#ifdef MBEDTLS_HMAC_DRBG_C
EXPECT_EQ(0, mbedtls_hmac_drbg_self_test(0));
#endif
#ifdef MBEDTLS_ENTROPY_C
EXPECT_EQ(0, mbedtls_entropy_self_test(0));
#endif
#ifdef MBEDTLS_POLY1305_C
EXPECT_EQ(0, mbedtls_poly1305_self_test(0));
#endif
#ifdef MBEDTLS_RSA_C
EXPECT_EQ(0, mbedtls_rsa_self_test(0));
#endif
#ifdef MBEDTLS_BIGNUM_C
EXPECT_EQ(0, mbedtls_mpi_self_test(0));
#endif
#ifdef MBEDTLS_PKCS5_C
EXPECT_EQ(0, mbedtls_pkcs5_self_test(0));
#endif
#ifdef MBEDTLS_DHM_C
EXPECT_EQ(0, mbedtls_dhm_self_test(0));
#endif
#ifdef MBEDTLS_GCM_C
EXPECT_EQ(0, mbedtls_gcm_self_test(0));
#endif
#ifdef MBEDTLS_X509_USE_C
EXPECT_EQ(0, mbedtls_x509_self_test(0));
#endif
#ifdef MBEDTLS_CHACHA20_C
EXPECT_EQ(0, mbedtls_chacha20_self_test(0));
#endif
#ifdef MBEDTLS_CHACHAPOLY_C
EXPECT_EQ(0, mbedtls_chachapoly_self_test(0));
#endif
#ifdef MBEDTLS_MEMORY_BUFFER_ALLOC_C
EXPECT_EQ(0, mbedtls_memory_buffer_alloc_self_test(0));
#endif
#ifdef MBEDTLS_AES_C
EXPECT_EQ(0, mbedtls_aes_self_test(0));
#endif
#ifdef MBEDTLS_BASE64_C
EXPECT_EQ(0, mbedtls_base64_self_test(0));
#endif
#ifdef MBEDTLS_ECP_C
EXPECT_EQ(0, mbedtls_ecp_self_test(0));
#endif
#ifdef MBEDTLS_MD5_C
EXPECT_EQ(0, mbedtls_md5_self_test(0));
#endif
#ifdef MBEDTLS_SHA1_C
EXPECT_EQ(0, mbedtls_sha1_self_test(0));
#endif
#ifdef MBEDTLS_SHA256_C
EXPECT_EQ(0, mbedtls_sha256_self_test(0));
#endif
#ifdef MBEDTLS_SHA512_C
EXPECT_EQ(0, mbedtls_sha512_self_test(0));
#endif
#ifdef MBEDTLS_NIST_KW_C
EXPECT_EQ(0, mbedtls_nist_kw_self_test(0));
#endif
}
#endif /* MBEDTLS_SELF_TEST */
TEST(md5, test) {
uint8_t d[16];
uint8_t want[16] = {0x90, 0x01, 0x50, 0x98, 0x3C, 0xD2, 0x4F, 0xB0,
0xD6, 0x96, 0x3F, 0x7D, 0x28, 0xE1, 0x7F, 0x72};
mbedtls_md5_ret("abc", 3, d);
EXPECT_EQ(0, memcmp(want, d, 16));
}
TEST(sha1, test) {
uint8_t d[20];
uint8_t want[20] = {0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81,
0x6A, 0xBA, 0x3E, 0x25, 0x71, 0x78, 0x50,
0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D};
mbedtls_sha1_ret("abc", 3, d);
EXPECT_EQ(0, memcmp(want, d, 20));
}
TEST(sha224, test) {
uint8_t d[28];
uint8_t want[28] = {0x23, 0x09, 0x7D, 0x22, 0x34, 0x05, 0xD8,
0x22, 0x86, 0x42, 0xA4, 0x77, 0xBD, 0xA2,
0x55, 0xB3, 0x2A, 0xAD, 0xBC, 0xE4, 0xBD,
0xA0, 0xB3, 0xF7, 0xE3, 0x6C, 0x9D, 0xA7};
mbedtls_sha256_ret("abc", 3, d, 1);
EXPECT_EQ(0, memcmp(want, d, 28));
}
TEST(sha256, test) {
uint8_t d[32];
uint8_t want[32] = {0xBA, 0x78, 0x16, 0xBF, 0x8F, 0x01, 0xCF, 0xEA,
0x41, 0x41, 0x40, 0xDE, 0x5D, 0xAE, 0x22, 0x23,
0xB0, 0x03, 0x61, 0xA3, 0x96, 0x17, 0x7A, 0x9C,
0xB4, 0x10, 0xFF, 0x61, 0xF2, 0x00, 0x15, 0xAD};
mbedtls_sha256_ret("abc", 3, d, 0);
EXPECT_EQ(0, memcmp(want, d, 32));
}
TEST(sha384, test) {
uint8_t d[48];
uint8_t want[48] = {
0xCB, 0x00, 0x75, 0x3F, 0x45, 0xA3, 0x5E, 0x8B, 0xB5, 0xA0, 0x3D, 0x69,
0x9A, 0xC6, 0x50, 0x07, 0x27, 0x2C, 0x32, 0xAB, 0x0E, 0xDE, 0xD1, 0x63,
0x1A, 0x8B, 0x60, 0x5A, 0x43, 0xFF, 0x5B, 0xED, 0x80, 0x86, 0x07, 0x2B,
0xA1, 0xE7, 0xCC, 0x23, 0x58, 0xBA, 0xEC, 0xA1, 0x34, 0xC8, 0x25, 0xA7};
mbedtls_sha512_ret("abc", 3, d, 1);
EXPECT_EQ(0, memcmp(want, d, 48));
}
TEST(sha512, test) {
uint8_t d[64];
uint8_t want[64] = {
0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA, 0xCC, 0x41, 0x73,
0x49, 0xAE, 0x20, 0x41, 0x31, 0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9,
0x7E, 0xA2, 0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A, 0x21,
0x92, 0x99, 0x2A, 0x27, 0x4F, 0xC1, 0xA8, 0x36, 0xBA, 0x3C, 0x23,
0xA3, 0xFE, 0xEB, 0xBD, 0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8,
0x0E, 0x2A, 0x9A, 0xC9, 0x4F, 0xA5, 0x4C, 0xA4, 0x9F};
mbedtls_sha512_ret("abc", 3, d, 0);
EXPECT_EQ(0, memcmp(want, d, 64));
}
BENCH(mbedtls, bench) {
uint8_t d[64];
EZBENCH2("md5", donothing, mbedtls_md5_ret(kHyperion, kHyperionSize, d));
EZBENCH2("sha1", donothing, mbedtls_sha1_ret(kHyperion, kHyperionSize, d));
EZBENCH2("sha256", donothing,
mbedtls_sha256_ret(kHyperion, kHyperionSize, d, 0));
EZBENCH2("sha384", donothing,
mbedtls_sha512_ret(kHyperion, kHyperionSize, d, 1));
EZBENCH2("sha512", donothing,
mbedtls_sha512_ret(kHyperion, kHyperionSize, d, 0));
}

10
third_party/dlmalloc/dlmalloc_try_realloc_chunk.c vendored
View file

@ -1,7 +1,7 @@
#include "third_party/dlmalloc/dlmalloc.internal.h"
/* Realloc using mmap */
static mchunkptr mmap_resize(mstate m, mchunkptr oldp, size_t nb, int flags) {
mchunkptr dlmalloc_mmap_resize(mstate m, mchunkptr oldp, size_t nb, int flags) {
size_t oldsize = chunksize(oldp);
if (is_small(nb)) return 0; /* Can't shrink mmap regions below small size */
/* Keep old chunk if big enough but not too big */
@ -39,9 +39,8 @@ mchunkptr dlmalloc_try_realloc_chunk(mstate m, mchunkptr p, size_t nb,
mchunkptr next = chunk_plus_offset(p, oldsize);
if (RTCHECK(ok_address(m, p) && ok_inuse(p) && ok_next(p, next) &&
ok_pinuse(next))) {
if (is_mmapped(p)) {
newp = mmap_resize(m, p, nb, can_move);
} else if (oldsize >= nb) { /* already big enough */
if (!is_mmapped(p)) {
if (oldsize >= nb) { /* already big enough */
size_t rsize = oldsize - nb;
if (rsize >= MIN_CHUNK_SIZE) { /* split off remainder */
mchunkptr r = chunk_plus_offset(p, nb);
@ -98,6 +97,9 @@ mchunkptr dlmalloc_try_realloc_chunk(mstate m, mchunkptr p, size_t nb,
newp = p;
}
}
} else {
newp = dlmalloc_mmap_resize(m, p, nb, can_move);
}
} else {
USAGE_ERROR_ACTION(m, chunk2mem(p));
}

2
third_party/mbedtls/README.cosmo vendored
View file

@ -49,6 +49,8 @@ LOCAL CHANGES
- Fix mbedtls_mpi_sub_abs() to not call malloc/free/memcpy since
it's called 11,124 times during as SSL handshake.
- Make P-256 and P-384 modulus goes 5x faster.
- Make chacha20 26% faster.
- Make base64 100x faster.

64
third_party/mbedtls/aes.c vendored
View file

@ -1,3 +1,20 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "libc/bits/bits.h"
#include "libc/nexgen32e/x86feature.h"
#include "third_party/mbedtls/aes.h"
@ -11,32 +28,15 @@ Mbed TLS (Apache 2.0)\\n\
Copyright ARM Limited\\n\
Copyright Mbed TLS Contributors\"");
asm(".include \"libc/disclaimer.inc\"");
/* clang-format off */
/*
* FIPS-197 compliant AES implementation
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/*
/**
* @fileoverview FIPS-197 compliant AES implementation
*
* The AES block cipher was designed by Vincent Rijmen and Joan Daemen.
*
* http://csrc.nist.gov/encryption/aes/rijndael/Rijndael.pdf
* http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
* @see http://csrc.nist.gov/encryption/aes/rijndael/Rijndael.pdf
* @see http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
*/
#if defined(MBEDTLS_AES_C)
@ -485,7 +485,7 @@ void mbedtls_aes_init( mbedtls_aes_context *ctx )
{
AES_VALIDATE( ctx != NULL );
memset( ctx, 0, sizeof( mbedtls_aes_context ) );
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_aes_context ) );
}
void mbedtls_aes_free( mbedtls_aes_context *ctx )
@ -733,7 +733,7 @@ int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx,
const unsigned char *key,
unsigned int keybits)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
const unsigned char *key1, *key2;
unsigned int key1bits, key2bits;
@ -758,7 +758,7 @@ int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx,
const unsigned char *key,
unsigned int keybits)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
const unsigned char *key1, *key2;
unsigned int key1bits, key2bits;
@ -1100,7 +1100,7 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
const unsigned char *input,
unsigned char *output )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t blocks = length / 16;
size_t leftover = length % 16;
unsigned char tweak[16];
@ -1734,7 +1734,7 @@ int mbedtls_aes_self_test( int verbose )
#endif
mbedtls_aes_context ctx;
memset( key, 0, 32 );
mbedtls_platform_zeroize( key, 32 );
mbedtls_aes_init( &ctx );
/*
@ -1750,7 +1750,7 @@ int mbedtls_aes_self_test( int verbose )
mbedtls_printf( " AES-ECB-%3u (%s): ", keybits,
( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
memset( buf, 0, 16 );
mbedtls_platform_zeroize( buf, 16 );
if( mode == MBEDTLS_AES_DECRYPT )
{
@ -1797,9 +1797,9 @@ int mbedtls_aes_self_test( int verbose )
mbedtls_printf( " AES-CBC-%3u (%s): ", keybits,
( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
memset( iv , 0, 16 );
memset( prv, 0, 16 );
memset( buf, 0, 16 );
mbedtls_platform_zeroize( iv , 16 );
mbedtls_platform_zeroize( prv, 16 );
mbedtls_platform_zeroize( buf, 16 );
if( mode == MBEDTLS_AES_DECRYPT )
{
@ -2042,7 +2042,7 @@ int mbedtls_aes_self_test( int verbose )
mbedtls_printf( " AES-XTS-128 (%s): ",
( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
memset( key, 0, sizeof( key ) );
mbedtls_platform_zeroize( key, sizeof( key ) );
memcpy( key, aes_test_xts_key[u], 32 );
data_unit = aes_test_xts_data_unit[u];

44
third_party/mbedtls/aesni.c vendored
View file

@ -1,3 +1,20 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "libc/bits/bits.h"
#include "libc/str/str.h"
#include "third_party/mbedtls/aesni.h"
@ -10,25 +27,6 @@ Copyright Mbed TLS Contributors\"");
asm(".include \"libc/disclaimer.inc\"");
/* clang-format off */
/*
* AES-NI support functions
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/*
* [AES-WP] http://software.intel.com/en-us/articles/intel-advanced-encryption-standard-aes-instructions-set
* [CLMUL-WP] http://software.intel.com/en-us/articles/intel-carry-less-multiplication-instruction-and-its-usage-for-computing-the-gcm-mode/
@ -91,22 +89,22 @@ int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx,
"1: \n\t" // encryption loop
"movdqu (%1), %%xmm1 \n\t" // load round key
AESENC xmm1_xmm0 "\n\t" // do round
"aesenc %%xmm1, %%xmm0 \n\t" // do round
"add $16, %1 \n\t" // point to next round key
"subl $1, %0 \n\t" // loop
"jnz 1b \n\t"
"movdqu (%1), %%xmm1 \n\t" // load round key
AESENCLAST xmm1_xmm0 "\n\t" // last round
"aesenclast %%xmm1, %%xmm0 \n\t" // last round
"jmp 3f \n\t"
"2: \n\t" // decryption loop
"movdqu (%1), %%xmm1 \n\t"
AESDEC xmm1_xmm0 "\n\t" // do round
"aesdec %%xmm1, %%xmm0 \n\t" // do round
"add $16, %1 \n\t"
"subl $1, %0 \n\t"
"jnz 2b \n\t"
"movdqu (%1), %%xmm1 \n\t" // load round key
AESDECLAST xmm1_xmm0 "\n\t" // last round
"aesdeclast %%xmm1,%%xmm0 \n\t" // last round
"3: \n\t"
"movdqu %%xmm0, (%4) \n\t" // export output

26
third_party/mbedtls/asn1.h vendored
View file

@ -175,9 +175,19 @@ mbedtls_asn1_named_data;
* would end beyond \p end.
* \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparseable.
*/
int mbedtls_asn1_get_len( unsigned char **p,
forceinline int mbedtls_asn1_get_len( unsigned char **p,
const unsigned char *end,
size_t *len );
size_t *len ) {
int mbedtls_asn1_get_len_impl( unsigned char **, const unsigned char *, size_t * );
if( ( end - *p ) < 1 )
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
if( **p & 0x80 )
return( mbedtls_asn1_get_len_impl( p, end, len ) );
*len = *(*p)++;
if( *len > (size_t) ( end - *p ) )
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
return( 0 );
}
/**
* \brief Get the tag and length of the element.
@ -200,9 +210,17 @@ int mbedtls_asn1_get_len( unsigned char **p,
* would end beyond \p end.
* \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparseable.
*/
int mbedtls_asn1_get_tag( unsigned char **p,
forceinline int mbedtls_asn1_get_tag( unsigned char **p,
const unsigned char *end,
size_t *len, int tag );
size_t *len, int tag )
{
if( ( end - *p ) < 1 )
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
if( **p != tag )
return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
(*p)++;
return( mbedtls_asn1_get_len( p, end, len ) );
}
/**
* \brief Retrieve a boolean ASN.1 tag and its value.

169
third_party/mbedtls/asn1parse.c vendored
View file

@ -1,3 +1,20 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "third_party/mbedtls/asn1.h"
#include "third_party/mbedtls/bignum.h"
#include "third_party/mbedtls/common.h"
@ -9,39 +26,19 @@ Mbed TLS (Apache 2.0)\\n\
Copyright ARM Limited\\n\
Copyright Mbed TLS Contributors\"");
asm(".include \"libc/disclaimer.inc\"");
/* clang-format off */
/*
* Generic ASN.1 parsing
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#if defined(MBEDTLS_ASN1_PARSE_C)
/*
* ASN.1 DER decoding routines
*/
int mbedtls_asn1_get_len( unsigned char **p,
int mbedtls_asn1_get_len_impl( unsigned char **p,
const unsigned char *end,
size_t *len )
{
if( ( end - *p ) < 1 )
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
if( ( **p & 0x80 ) == 0 )
*len = *(*p)++;
else
@ -51,79 +48,50 @@ int mbedtls_asn1_get_len( unsigned char **p,
case 1:
if( ( end - *p ) < 2 )
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
*len = (*p)[1];
(*p) += 2;
break;
case 2:
if( ( end - *p ) < 3 )
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
*len = ( (size_t)(*p)[1] << 8 ) | (*p)[2];
(*p) += 3;
break;
case 3:
if( ( end - *p ) < 4 )
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
*len = ( (size_t)(*p)[1] << 16 ) |
( (size_t)(*p)[2] << 8 ) | (*p)[3];
(*p) += 4;
break;
case 4:
if( ( end - *p ) < 5 )
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
*len = ( (size_t)(*p)[1] << 24 ) | ( (size_t)(*p)[2] << 16 ) |
( (size_t)(*p)[3] << 8 ) | (*p)[4];
(*p) += 5;
break;
default:
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
}
}
if( *len > (size_t) ( end - *p ) )
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
return( 0 );
}
int mbedtls_asn1_get_tag( unsigned char **p,
const unsigned char *end,
size_t *len, int tag )
{
if( ( end - *p ) < 1 )
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
if( **p != tag )
return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
(*p)++;
return( mbedtls_asn1_get_len( p, end, len ) );
}
int mbedtls_asn1_get_bool( unsigned char **p,
const unsigned char *end,
int *val )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t len;
if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_BOOLEAN ) ) != 0 )
return( ret );
if( len != 1 )
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
*val = ( **p != 0 ) ? 1 : 0;
(*p)++;
return( 0 );
}
@ -131,12 +99,10 @@ static int asn1_get_tagged_int( unsigned char **p,
const unsigned char *end,
int tag, int *val )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t len;
if( ( ret = mbedtls_asn1_get_tag( p, end, &len, tag ) ) != 0 )
return( ret );
/*
* len==0 is malformed (0 must be represented as 020100 for INTEGER,
* or 0A0100 for ENUMERATED tags
@ -146,28 +112,24 @@ static int asn1_get_tagged_int( unsigned char **p,
/* This is a cryptography library. Reject negative integers. */
if( ( **p & 0x80 ) != 0 )
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
/* Skip leading zeros. */
while( len > 0 && **p == 0 )
{
++( *p );
--len;
}
/* Reject integers that don't fit in an int. This code assumes that
* the int type has no padding bit. */
if( len > sizeof( int ) )
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
if( len == sizeof( int ) && ( **p & 0x80 ) != 0 )
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
*val = 0;
while( len-- > 0 )
{
*val = ( *val << 8 ) | **p;
(*p)++;
}
return( 0 );
}
@ -185,52 +147,41 @@ int mbedtls_asn1_get_enum( unsigned char **p,
return( asn1_get_tagged_int( p, end, MBEDTLS_ASN1_ENUMERATED, val) );
}
#if defined(MBEDTLS_BIGNUM_C)
int mbedtls_asn1_get_mpi( unsigned char **p,
const unsigned char *end,
mbedtls_mpi *X )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t len;
if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 )
return( ret );
ret = mbedtls_mpi_read_binary( X, *p, len );
*p += len;
return( ret );
}
#endif /* MBEDTLS_BIGNUM_C */
int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end,
int mbedtls_asn1_get_bitstring( unsigned char **p,
const unsigned char *end,
mbedtls_asn1_bitstring *bs)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
/* Certificate type is a single byte bitstring */
if( ( ret = mbedtls_asn1_get_tag( p, end, &bs->len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 )
return( ret );
/* Check length, subtract one for actual bit string length */
if( bs->len < 1 )
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
bs->len -= 1;
/* Get number of unused bits, ensure unused bits <= 7 */
bs->unused_bits = **p;
if( bs->unused_bits > 7 )
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
(*p)++;
/* Get actual bitstring */
bs->p = *p;
*p += bs->len;
if( *p != end )
return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
return( 0 );
}
@ -249,68 +200,57 @@ int mbedtls_asn1_traverse_sequence_of(
{
int ret;
size_t len;
/* Get main sequence tag */
if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
return( ret );
}
if( *p + len != end )
return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
while( *p < end )
{
unsigned char const tag = *(*p)++;
if( ( tag & tag_must_mask ) != tag_must_val )
return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
if( ( ret = mbedtls_asn1_get_len( p, end, &len ) ) != 0 )
return( ret );
if( ( tag & tag_may_mask ) == tag_may_val )
{
if( cb != NULL )
if( cb )
{
ret = cb( ctx, tag, *p, len );
if( ret != 0 )
return( ret );
}
}
*p += len;
}
return( 0 );
}
/*
* Get a bit string without unused bits
*/
int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end,
int mbedtls_asn1_get_bitstring_null( unsigned char **p,
const unsigned char *end,
size_t *len )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
if( ( ret = mbedtls_asn1_get_tag( p, end, len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 )
return( ret );
if( *len == 0 )
if( !*len )
return( MBEDTLS_ERR_ASN1_INVALID_DATA );
--( *len );
if( **p != 0 )
return( MBEDTLS_ERR_ASN1_INVALID_DATA );
++( *p );
return( 0 );
}
void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq )
{
while( seq != NULL )
while( seq )
{
mbedtls_asn1_sequence *next = seq->next;
mbedtls_platform_zeroize( seq, sizeof( *seq ) );
@ -334,22 +274,17 @@ static int asn1_get_sequence_of_cb( void *ctx,
(asn1_get_sequence_of_cb_ctx_t *) ctx;
mbedtls_asn1_sequence *cur =
cb_ctx->cur;
if( cur->buf.p != NULL )
if( cur->buf.p )
{
cur->next =
mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) );
if( cur->next == NULL )
if( !cur->next )
return( MBEDTLS_ERR_ASN1_ALLOC_FAILED );
cur = cur->next;
}
cur->buf.p = start;
cur->buf.len = len;
cur->buf.tag = tag;
cb_ctx->cur = cur;
return( 0 );
}
@ -363,7 +298,7 @@ int mbedtls_asn1_get_sequence_of( unsigned char **p,
int tag)
{
asn1_get_sequence_of_cb_ctx_t cb_ctx = { tag, cur };
memset( cur, 0, sizeof( mbedtls_asn1_sequence ) );
mbedtls_platform_zeroize( cur, sizeof( mbedtls_asn1_sequence ) );
return( mbedtls_asn1_traverse_sequence_of(
p, end, 0xFF, tag, 0, 0,
asn1_get_sequence_of_cb, &cb_ctx ) );
@ -371,45 +306,35 @@ int mbedtls_asn1_get_sequence_of( unsigned char **p,
int mbedtls_asn1_get_alg( unsigned char **p,
const unsigned char *end,
mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params )
mbedtls_asn1_buf *alg,
mbedtls_asn1_buf *params )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t len;
if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
return( ret );
if( ( end - *p ) < 1 )
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
alg->tag = **p;
end = *p + len;
if( ( ret = mbedtls_asn1_get_tag( p, end, &alg->len, MBEDTLS_ASN1_OID ) ) != 0 )
return( ret );
alg->p = *p;
*p += alg->len;
if( *p == end )
{
mbedtls_platform_zeroize( params, sizeof(mbedtls_asn1_buf) );
return( 0 );
}
params->tag = **p;
(*p)++;
if( ( ret = mbedtls_asn1_get_len( p, end, &params->len ) ) != 0 )
return( ret );
params->p = *p;
*p += params->len;
if( *p != end )
return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
return( 0 );
}
@ -417,36 +342,29 @@ int mbedtls_asn1_get_alg_null( unsigned char **p,
const unsigned char *end,
mbedtls_asn1_buf *alg )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
mbedtls_asn1_buf params;
memset( &params, 0, sizeof(mbedtls_asn1_buf) );
mbedtls_platform_zeroize( &params, sizeof(mbedtls_asn1_buf) );
if( ( ret = mbedtls_asn1_get_alg( p, end, alg, &params ) ) != 0 )
return( ret );
if( ( params.tag != MBEDTLS_ASN1_NULL && params.tag != 0 ) || params.len != 0 )
return( MBEDTLS_ERR_ASN1_INVALID_DATA );
return( 0 );
}
void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *cur )
{
if( cur == NULL )
if( !cur )
return;
mbedtls_free( cur->oid.p );
mbedtls_free( cur->val.p );
mbedtls_platform_zeroize( cur, sizeof( mbedtls_asn1_named_data ) );
}
void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head )
{
mbedtls_asn1_named_data *cur;
while( ( cur = *head ) != NULL )
while( ( cur = *head ) )
{
*head = cur->next;
mbedtls_asn1_free_named_data( cur );
@ -454,20 +372,19 @@ void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head )
}
}
mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data *list,
mbedtls_asn1_named_data *
mbedtls_asn1_find_named_data(mbedtls_asn1_named_data *list,
const char *oid, size_t len )
{
while( list != NULL )
while( list )
{
if( list->oid.len == len &&
memcmp( list->oid.p, oid, len ) == 0 )
{
break;
}
list = list->next;
}
return( list );
}

145
third_party/mbedtls/asn1write.c vendored
View file

@ -1,3 +1,20 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "third_party/mbedtls/asn1write.h"
#include "third_party/mbedtls/common.h"
#include "third_party/mbedtls/error.h"
@ -8,25 +25,10 @@ Mbed TLS (Apache 2.0)\\n\
Copyright ARM Limited\\n\
Copyright Mbed TLS Contributors\"");
asm(".include \"libc/disclaimer.inc\"");
/* clang-format off */
/*
* ASN.1 buffer writing functionality
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
/**
* @fileoverview ASN.1 buffer writing functionality
*/
#if defined(MBEDTLS_ASN1_WRITE_C)
@ -49,51 +51,42 @@ int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len
{
if( *p - start < 1 )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = (unsigned char) len;
return( 1 );
}
if( len <= 0xFF )
{
if( *p - start < 2 )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = (unsigned char) len;
*--(*p) = 0x81;
return( 2 );
}
if( len <= 0xFFFF )
{
if( *p - start < 3 )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = ( len ) & 0xFF;
*--(*p) = ( len >> 8 ) & 0xFF;
*--(*p) = 0x82;
return( 3 );
}
if( len <= 0xFFFFFF )
{
if( *p - start < 4 )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = ( len ) & 0xFF;
*--(*p) = ( len >> 8 ) & 0xFF;
*--(*p) = ( len >> 16 ) & 0xFF;
*--(*p) = 0x83;
return( 4 );
}
#if SIZE_MAX > 0xFFFFFFFF
if( len <= 0xFFFFFFFF )
#endif
{
if( *p - start < 5 )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = ( len ) & 0xFF;
*--(*p) = ( len >> 8 ) & 0xFF;
*--(*p) = ( len >> 16 ) & 0xFF;
@ -101,7 +94,6 @@ int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len
*--(*p) = 0x84;
return( 5 );
}
#if SIZE_MAX > 0xFFFFFFFF
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
#endif
@ -123,9 +115,7 @@ int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start, unsigned ch
{
if( *p - start < 1 )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = tag;
return( 1 );
}
@ -146,14 +136,11 @@ int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t size )
{
size_t len = 0;
if( *p < start || (size_t)( *p - start ) < size )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
len = size;
(*p) -= len;
memcpy( *p, buf, len );
return( (int) len );
}
@ -174,19 +161,15 @@ int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
*/
int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start, const mbedtls_mpi *X )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t len = 0;
// Write the MPI
//
len = mbedtls_mpi_size( X );
if( *p < start || (size_t)( *p - start ) < len )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
(*p) -= len;
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( X, *p, len ) );
// DER format assumes 2s complement for numbers, so the leftmost bit
// should be 0 for positive numbers and 1 for negative numbers.
//
@ -194,16 +177,12 @@ int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start, const mbedt
{
if( *p - start < 1 )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = 0x00;
len += 1;
}
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_INTEGER ) );
ret = (int) len;
cleanup:
return( ret );
}
@ -223,14 +202,12 @@ cleanup:
*/
int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t len = 0;
// Write NULL
//
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, 0) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_NULL ) );
return( (int) len );
}
@ -251,14 +228,12 @@ int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start )
int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t len = 0;
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
(const unsigned char *) oid, oid_len ) );
MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OID ) );
return( (int) len );
}
@ -281,20 +256,16 @@ int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, unsigned char *s
const char *oid, size_t oid_len,
size_t par_len )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t len = 0;
if( par_len == 0 )
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_null( p, start ) );
else
len += par_len;
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
return( (int) len );
}
@ -313,26 +284,21 @@ int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, unsigned char *s
*/
int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, int boolean )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t len = 0;
if( *p - start < 1 )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = (boolean) ? 255 : 0;
len++;
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BOOLEAN ) );
return( (int) len );
}
static int asn1_write_tagged_int( unsigned char **p, unsigned char *start, int val, int tag )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t len = 0;
do
{
if( *p - start < 1 )
@ -342,7 +308,6 @@ static int asn1_write_tagged_int( unsigned char **p, unsigned char *start, int v
val >>= 8;
}
while( val > 0 );
if( **p & 0x80 )
{
if( *p - start < 1 )
@ -350,10 +315,8 @@ static int asn1_write_tagged_int( unsigned char **p, unsigned char *start, int v
*--(*p) = 0x00;
len += 1;
}
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, tag ) );
return( (int) len );
}
@ -414,15 +377,12 @@ int mbedtls_asn1_write_enum( unsigned char **p, unsigned char *start, int val )
int mbedtls_asn1_write_tagged_string( unsigned char **p, unsigned char *start,
int tag, const char *text, size_t text_len )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t len = 0;
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
(const unsigned char *) text, text_len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, tag ) );
return( (int) len );
}
@ -515,37 +475,30 @@ int mbedtls_asn1_write_named_bitstring( unsigned char **p,
const unsigned char *cur_byte;
unsigned char cur_byte_shifted;
unsigned char bit;
byte_len = ( bits + 7 ) / 8;
unused_bits = ( byte_len * 8 ) - bits;
/*
* Named bitstrings require that trailing 0s are excluded in the encoding
* of the bitstring. Trailing 0s are considered part of the 'unused' bits
* when encoding this value in the first content octet
*/
if( bits != 0 )
if( bits )
{
cur_byte = buf + byte_len - 1;
cur_byte_shifted = *cur_byte >> unused_bits;
for( ; ; )
{
bit = cur_byte_shifted & 0x1;
cur_byte_shifted >>= 1;
if( bit != 0 )
if( bit )
break;
bits--;
if( bits == 0 )
break;
if( bits % 8 == 0 )
cur_byte_shifted = *--cur_byte;
}
}
return( mbedtls_asn1_write_bitstring( p, start, buf, bits ) );
}
@ -566,18 +519,14 @@ int mbedtls_asn1_write_named_bitstring( unsigned char **p,
int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t bits )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t len = 0;
size_t unused_bits, byte_len;
byte_len = ( bits + 7 ) / 8;
unused_bits = ( byte_len * 8 ) - bits;
if( *p < start || (size_t)( *p - start ) < byte_len + 1 )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
len = byte_len + 1;
/* Write the bitstring. Ensure the unused bits are zeroed */
if( byte_len > 0 )
{
@ -586,13 +535,10 @@ int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start,
( *p ) -= byte_len;
memcpy( *p, buf, byte_len );
}
/* Write unused bits */
*--( *p ) = (unsigned char)unused_bits;
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) );
return( (int) len );
}
@ -613,35 +559,29 @@ int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start,
int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t size )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t len = 0;
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, buf, size ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OCTET_STRING ) );
return( (int) len );
}
/* This is a copy of the ASN.1 parsing function mbedtls_asn1_find_named_data(),
* which is replicated to avoid a dependency ASN1_WRITE_C on ASN1_PARSE_C. */
static mbedtls_asn1_named_data *asn1_find_named_data(
mbedtls_asn1_named_data *list,
const char *oid, size_t len )
{
while( list != NULL )
while( list )
{
if( list->oid.len == len &&
memcmp( list->oid.p, oid, len ) == 0 )
{
break;
}
list = list->next;
}
return( list );
}
@ -672,38 +612,33 @@ mbedtls_asn1_named_data *mbedtls_asn1_store_named_data(mbedtls_asn1_named_data *
size_t val_len )
{
mbedtls_asn1_named_data *cur;
if( ( cur = asn1_find_named_data( *head, oid, oid_len ) ) == NULL )
{
// Add new entry if not present yet based on OID
//
cur = (mbedtls_asn1_named_data*)mbedtls_calloc( 1,
sizeof(mbedtls_asn1_named_data) );
if( cur == NULL )
if( !cur )
return( NULL );
cur->oid.len = oid_len;
cur->oid.p = mbedtls_calloc( 1, oid_len );
if( cur->oid.p == NULL )
if( !cur->oid.p )
{
mbedtls_free( cur );
return( NULL );
}
memcpy( cur->oid.p, oid, oid_len );
cur->val.len = val_len;
if( val_len != 0 )
if( val_len )
{
cur->val.p = mbedtls_calloc( 1, val_len );
if( cur->val.p == NULL )
if( !cur->val.p )
{
mbedtls_free( cur->oid.p );
mbedtls_free( cur );
return( NULL );
}
}
cur->next = *head;
*head = cur;
}
@ -720,17 +655,15 @@ mbedtls_asn1_named_data *mbedtls_asn1_store_named_data(mbedtls_asn1_named_data *
* a consistent state in case allocation fails.
*/
void *p = mbedtls_calloc( 1, val_len );
if( p == NULL )
if( !p )
return( NULL );
mbedtls_free( cur->val.p );
cur->val.p = p;
cur->val.len = val_len;
}
if( val != NULL )
if( val )
memcpy( cur->val.p, val, val_len );
return( cur );
}
#endif /* MBEDTLS_ASN1_WRITE_C */

69
third_party/mbedtls/base64.c vendored
View file

@ -1,3 +1,20 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "third_party/mbedtls/base64.h"
#include "third_party/mbedtls/common.h"
#include "third_party/mbedtls/platform.h"
@ -7,28 +24,7 @@ Mbed TLS (Apache 2.0)\\n\
Copyright ARM Limited\\n\
Copyright Mbed TLS Contributors\"");
asm(".include \"libc/disclaimer.inc\"");
/* clang-format off */
/*
* RFC 1521 base64 encoding/decoding
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#if defined(MBEDTLS_BASE64_C)
#define ENC "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
@ -187,7 +183,6 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
uint32_t j, x;
unsigned char *p;
unsigned char dec_map_lookup;
/* First pass: check for validity and get output length */
for( i = n = j = 0; i < slen; i++ )
{
@ -198,65 +193,49 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
++i;
++x;
}
/* Spaces at end of buffer are OK */
if( i == slen )
break;
if( ( slen - i ) >= 2 &&
src[i] == '\r' && src[i + 1] == '\n' )
continue;
if( src[i] == '\n' )
continue;
/* Space inside a line is an error */
if( x != 0 )
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
if( src[i] == '=' && ++j > 2 )
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
dec_map_lookup = mbedtls_base64_table_lookup( base64_dec_map, sizeof( base64_dec_map ), src[i] );
if( src[i] > 127 || dec_map_lookup == 127 )
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
if( dec_map_lookup < 64 && j != 0 )
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
n++;
}
if( n == 0 )
{
*olen = 0;
return( 0 );
}
/* The following expression is to calculate the following formula without
* risk of integer overflow in n:
* n = ( ( n * 6 ) + 7 ) >> 3;
*/
n = ( 6 * ( n >> 3 ) ) + ( ( 6 * ( n & 0x7 ) + 7 ) >> 3 );
n -= j;
if( dst == NULL || dlen < n )
{
*olen = n;
return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
}
for( j = 3, n = x = 0, p = dst; i > 0; i--, src++ )
{
if( *src == '\r' || *src == '\n' || *src == ' ' )
continue;
dec_map_lookup = mbedtls_base64_table_lookup( base64_dec_map, sizeof( base64_dec_map ), *src );
mbedtls_base64_cond_assign_uint32( &j, j - 1, mbedtls_base64_eq( dec_map_lookup, 64 ) );
x = ( x << 6 ) | ( dec_map_lookup & 0x3F );
if( ++n == 4 )
{
n = 0;
@ -265,9 +244,7 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
if( j > 2 ) *p++ = (unsigned char)( x );
}
}
*olen = p - dst;
return( 0 );
}
@ -299,41 +276,29 @@ int mbedtls_base64_self_test( int verbose )
size_t len;
const unsigned char *src;
unsigned char buffer[128];
if( verbose != 0 )
mbedtls_printf( " Base64 encoding test: " );
src = base64_test_dec;
if( mbedtls_base64_encode( buffer, sizeof( buffer ), &len, src, 64 ) != 0 ||
memcmp( base64_test_enc, buffer, 88 ) != 0 )
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );
return( 1 );
}
if( verbose != 0 )
mbedtls_printf( "passed\n Base64 decoding test: " );
src = base64_test_enc;
if( mbedtls_base64_decode( buffer, sizeof( buffer ), &len, src, 88 ) != 0 ||
memcmp( base64_test_dec, buffer, 64 ) != 0 )
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );
return( 1 );
}
if( verbose != 0 )
mbedtls_printf( "passed\n\n" );
return( 0 );
}
#endif /* MBEDTLS_SELF_TEST */
#endif /* MBEDTLS_BASE64_C */

285
third_party/mbedtls/bigmul.c vendored Normal file
View file

@ -0,0 +1,285 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "libc/bits/bits.h"
#include "libc/log/backtrace.internal.h"
#include "libc/log/check.h"
#include "libc/macros.internal.h"
#include "libc/mem/mem.h"
#include "libc/nexgen32e/bsr.h"
#include "libc/nexgen32e/x86feature.h"
#include "third_party/mbedtls/bignum.h"
#include "third_party/mbedtls/bignum_internal.h"
#include "third_party/mbedtls/profile.h"
/* clang-format off */
void Mul(uint64_t *c, uint64_t *A, unsigned n, uint64_t *B, unsigned m)
{
if (!m--) return;
mbedtls_platform_zeroize(c, m * ciL);
mbedtls_mpi_mul_hlp1(n, A, c + m, B[m]);
for (; m > 0; m--)
mbedtls_mpi_mul_hlp(n, A, c + m - 1, B[m - 1]);
}
/**
* Computes inner loop of multiplication algorithm.
*/
void mbedtls_mpi_mul_hlp1(size_t n, const uint64_t *s, uint64_t *d, uint64_t b)
{
size_t i;
uint128_t x;
uint64_t c, t;
i = c = 0;
#ifdef __x86_64__
#define MULXADOX(i) \
"mulx\t" #i "*8(%2),%%rax,%%r9\n\t" \
"adox\t%0,%%rax\n\t" \
"mov\t%%rax," #i "*8(%1)\n\t" \
"mov\t%%r9,%0\n\t"
if (X86_HAVE(BMI2) && X86_HAVE(ADX))
{
for (; n >= 8; n -= 8, s += 8, d += 8)
{
asm volatile("xor\t%%r8d,%%r8d\n\t" //
MULXADOX(0) //
MULXADOX(1) //
MULXADOX(2) //
MULXADOX(3) //
MULXADOX(4) //
MULXADOX(5) //
MULXADOX(6) //
MULXADOX(7) //
"adcx\t%%r8,%0\n" //
"adox\t%%r8,%0" //
: "+r"(c)
: "r"(d), "S"(s), "d"(b)
: "rax", "r8", "r9", "memory", "cc");
}
for (; n >= 4; n -= 4, s += 4, d += 4)
{
asm volatile("xor\t%%r8d,%%r8d\n\t" //
MULXADOX(0) //
MULXADOX(1) //
MULXADOX(2) //
MULXADOX(3) //
"adcx\t%%r8,%0\n" //
"adox\t%%r8,%0" //
: "+r"(c)
: "r"(d), "S"(s), "d"(b)
: "rax", "r8", "r9", "memory", "cc");
}
}
#undef MULXADOX
#endif
for (; i < n; ++i)
{
x = s[i];
x *= b;
x += c;
c = x >> 64;
d[i] = x;
}
d[i] = c;
}
/**
* Computes inner loop of multiplication algorithm.
*/
void mbedtls_mpi_mul_hlp(size_t n, uint64_t *s, uint64_t *d, uint64_t b)
{
size_t i;
uint128_t x;
uint64_t c, l, h, t;
i = c = 0;
#ifdef __x86_64__
#define MULADDC(i) \
"mulx\t" #i "*8(%2),%%rax,%%r9\n\t" \
"adcx\t" #i "*8(%1),%%rax\n\t" \
"adox\t%0,%%rax\n\t" \
"mov\t%%rax," #i "*8(%1)\n\t" \
"mov\t%%r9,%0\n\t"
if (X86_HAVE(BMI2) && X86_HAVE(ADX))
{
for (; n >= 8; n -= 8, s += 8, d += 8)
{
asm volatile("xor\t%%r8d,%%r8d\n\t" //
MULADDC(0) //
MULADDC(1) //
MULADDC(2) //
MULADDC(3) //
MULADDC(4) //
MULADDC(5) //
MULADDC(6) //
MULADDC(7) //
"adcx\t%%r8,%0\n" //
"adox\t%%r8,%0" //
: "+r"(c)
: "r"(d), "S"(s), "d"(b)
: "rax", "r8", "r9", "memory", "cc");
}
for (; n >= 4; n -= 4, s += 4, d += 4)
{
asm volatile("xor\t%%r8d,%%r8d\n\t" //
MULADDC(0) //
MULADDC(1) //
MULADDC(2) //
MULADDC(3) //
"adcx\t%%r8,%0\n" //
"adox\t%%r8,%0" //
: "+r"(c)
: "r"(d), "S"(s), "d"(b)
: "rax", "r8", "r9", "memory", "cc");
}
}
#undef MULADDC
#endif
for (; i < n; ++i)
{
x = s[i];
x *= b;
x += c;
l = x;
h = x >> 64;
t = d[i];
d[i] = t + l;
c = (t + l < t) + h;
}
do
{
d[i] += c;
} while ((c = d[i++] < c));
}
/**
* Multiplies big number with unsigned scalar: X = A × b
*
* @param X receives result w/ aliasing permitted
* @param A is left-hand side big number
* @param B is left-hand side unsigned scalar
* @return 0 on success or negative on error
*/
int mbedtls_mpi_mul_int(mbedtls_mpi *X, const mbedtls_mpi *A,
mbedtls_mpi_uint b)
{
int r;
size_t n;
MPI_VALIDATE_RET(X);
MPI_VALIDATE_RET(A);
n = mbedtls_mpi_limbs(A);
if ((r = mbedtls_mpi_grow(X, n + 1))) return r;
mbedtls_mpi_mul_hlp1(n, A->p, X->p, b);
X->s = A->s;
X->n = n + 1;
return 0;
}
/**
* Multiplies big numbers: X = A * B
*
* @param X is destination mpi
* @param A is first factor
* @param B is second factor
* @return 0 on success or <0 on error
*/
int mbedtls_mpi_mul_mpi(mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *B)
{
int i, j, t, k, ret;
mbedtls_mpi_uint *K;
mbedtls_mpi TA, TB, *T;
MPI_VALIDATE_RET(X);
MPI_VALIDATE_RET(A);
MPI_VALIDATE_RET(B);
i = mbedtls_mpi_limbs(A);
j = mbedtls_mpi_limbs(B);
if (!i || !j)
return mbedtls_mpi_lset(X, 0);
if( j > i )
T = A,
A = B,
B = T,
t = i,
i = j,
j = t;
if (!IsTiny() && j == 1) {
if (X->n < i + 1)
if ((ret = mbedtls_mpi_grow(X, i + 1))) return ret;
else if (X->n > i + 1)
mbedtls_platform_zeroize(X->p + i + 1, (X->n - (i + 1)) * ciL);
mbedtls_mpi_mul_hlp1(i, A->p, X->p, B->p[0]);
X->s = A->s * B->s;
return 0;
}
if (!IsTiny() && i == j) {
if (X->n < i * 2)
if ((ret = mbedtls_mpi_grow(X, i * 2))) return ret;
else if (X->n > i * 2)
mbedtls_platform_zeroize(X->p + i * 2, (X->n - (i * 2)) * ciL);
if (i == 4) {
Mul4x4(X->p, A->p, B->p);
X->s = A->s * B->s;
return 0;
} else if (i == 6 && X86_HAVE(BMI2) && X86_HAVE(ADX)) {
Mul6x6Adx(X->p, A->p, B->p);
X->s = A->s * B->s;
return 0;
} else if (i == 8 && X86_HAVE(BMI2) && X86_HAVE(ADX)) {
Mul8x8Adx(X->p, A->p, B->p);
X->s = A->s * B->s;
return 0;
}
}
mbedtls_mpi_init( &TA );
mbedtls_mpi_init( &TB );
if (X->n < i + j)
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i + j ) );
else if (X->n > i + j)
mbedtls_platform_zeroize( X->p + i + j, (X->n - (i + j)) * ciL );
if (X == A) {
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TA, A ) );
A = &TA;
}
if (X == B) {
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, B ) );
B = &TB;
}
if (!IsTiny() &&
i >= 16 && i == j && !(i & (i - 1)) &&
X86_HAVE(BMI2) && X86_HAVE(ADX) &&
(K = malloc(i * 4 * sizeof(*K)))) {
Karatsuba(X->p, A->p, B->p, i, K);
free(K);
} else {
Mul(X->p, A->p, i, B->p, j);
}
X->s = A->s * B->s;
ret = 0;
cleanup:
mbedtls_mpi_free(&TB);
mbedtls_mpi_free(&TA);
return ret;
}

75
third_party/mbedtls/bigmul4.c vendored Normal file
View file

@ -0,0 +1,75 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "libc/nexgen32e/x86feature.h"
#include "third_party/mbedtls/bignum_internal.h"
#include "third_party/mbedtls/math.h"
/* clang-format off */
/**
* Computes 512-bit product of 256-bit and 256-bit numbers.
*
* @param C receives 8 quadword result
* @param A is left hand side which must have 4 quadwords
* @param B is right hand side which must have 4 quadwords
* @note words are host endian while array is little endian
* @mayalias
*/
void (*Mul4x4)(uint64_t C[8], const uint64_t A[4], const uint64_t B[4]);
static textstartup void Mul4x4Init()
{
Mul4x4 = X86_HAVE(ADX) && X86_HAVE(BMI2) ? Mul4x4Adx : Mul4x4Pure;
}
const void *const Mul4x4Ctor[] initarray = {Mul4x4Init};
void Mul4x4Pure(uint64_t C[8], const uint64_t A[4], const uint64_t B[4])
{
uint128_t t;
uint64_t h, c1, c2, c3;
uint64_t r0, r1, r2, r3;
c1 = c2 = c3 = 0;
MADD(A[0], B[0], c1, c2, c3);
r0 = c1, c1 = 0;
MADD(A[0], B[1], c2, c3, c1);
MADD(A[1], B[0], c2, c3, c1);
r1 = c2, c2 = 0;
MADD(A[2], B[0], c3, c1, c2);
MADD(A[1], B[1], c3, c1, c2);
MADD(A[0], B[2], c3, c1, c2);
r2 = c3, c3 = 0;
MADD(A[0], B[3], c1, c2, c3);
MADD(A[1], B[2], c1, c2, c3);
MADD(A[2], B[1], c1, c2, c3);
MADD(A[3], B[0], c1, c2, c3);
C[0] = r0;
r3 = c1, c1 = 0;
MADD(A[3], B[1], c2, c3, c1);
MADD(A[2], B[2], c2, c3, c1);
MADD(A[1], B[3], c2, c3, c1);
C[1] = r1;
C[4] = c2, c2 = 0;
MADD(A[2], B[3], c3, c1, c2);
MADD(A[3], B[2], c3, c1, c2);
C[2] = r2;
C[5] = c3, c3 = 0;
MADD(A[3], B[3], c1, c2, c3);
C[3] = r3;
C[6] = c1;
C[7] = c2;
}

3157
third_party/mbedtls/bignum.c vendored
View file

File diff suppressed because it is too large Load diff

123
third_party/mbedtls/bignum.h vendored
View file

@ -1,7 +1,9 @@
#ifndef MBEDTLS_BIGNUM_H_
#define MBEDTLS_BIGNUM_H_
#include "libc/stdio/stdio.h"
#include "third_party/mbedtls/bignum_internal.h"
#include "third_party/mbedtls/config.h"
#include "third_party/mbedtls/platform.h"
COSMOPOLITAN_C_START_
/* clang-format off */
@ -16,7 +18,7 @@ COSMOPOLITAN_C_START_
#define MBEDTLS_MPI_CHK(f) \
do \
{ \
if( ( ret = (f) ) != 0 ) \
if( ( ret = (f) ) ) \
goto cleanup; \
} while( 0 )
@ -82,10 +84,10 @@ typedef uint64_t mbedtls_mpi_uint;
typedef struct mbedtls_mpi
{
int s; /*!< Sign: -1 if the mpi is negative, 1 otherwise */
size_t n; /*!< total # of limbs */
unsigned n; /*!< total # of limbs */
mbedtls_mpi_uint *p; /*!< pointer to limbs */
}
mbedtls_mpi;
mbedtls_mpi forcealign(16);
/**
* \brief Flags for mbedtls_mpi_gen_prime()
@ -98,53 +100,92 @@ typedef enum {
MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR = 0x0002, /**< lower error rate from 2<sup>-80</sup> to 2<sup>-128</sup> */
} mbedtls_mpi_gen_prime_flag_t;
void mbedtls_mpi_init( mbedtls_mpi * );
void mbedtls_mpi_free( mbedtls_mpi * );
int mbedtls_mpi_grow( mbedtls_mpi *, size_t );
int mbedtls_mpi_shrink( mbedtls_mpi *, size_t );
int mbedtls_mpi_copy( mbedtls_mpi *, const mbedtls_mpi * );
void mbedtls_mpi_swap( mbedtls_mpi *, mbedtls_mpi * );
int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *, const mbedtls_mpi *, unsigned char );
int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *, mbedtls_mpi *, unsigned char );
int mbedtls_mpi_lset( mbedtls_mpi *, mbedtls_mpi_sint );
int mbedtls_mpi_get_bit( const mbedtls_mpi *, size_t );
int mbedtls_mpi_set_bit( mbedtls_mpi *, size_t, unsigned char );
size_t mbedtls_mpi_lsb( const mbedtls_mpi * );
size_t mbedtls_mpi_bitlen( const mbedtls_mpi * );
size_t mbedtls_mpi_size( const mbedtls_mpi * );
int mbedtls_mpi_read_string( mbedtls_mpi *, int, const char * );
int mbedtls_mpi_write_string( const mbedtls_mpi *, int, char *, size_t, size_t * );
int mbedtls_mpi_read_file( mbedtls_mpi *, int, FILE * );
int mbedtls_mpi_write_file( const char *, const mbedtls_mpi *, int, FILE * );
int mbedtls_mpi_read_binary( mbedtls_mpi *, const unsigned char *, size_t );
int mbedtls_mpi_read_binary_le( mbedtls_mpi *, const unsigned char *, size_t );
int mbedtls_mpi_write_binary( const mbedtls_mpi *, unsigned char *, size_t );
int mbedtls_mpi_write_binary_le( const mbedtls_mpi *, unsigned char *, size_t );
int mbedtls_mpi_shift_l( mbedtls_mpi *, size_t );
int mbedtls_mpi_shift_r( mbedtls_mpi *, size_t );
int mbedtls_mpi_cmp_abs( const mbedtls_mpi *, const mbedtls_mpi * );
int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *, const mbedtls_mpi * );
int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *, const mbedtls_mpi *, unsigned * );
int mbedtls_mpi_cmp_int( const mbedtls_mpi *, mbedtls_mpi_sint );
int mbedtls_mpi_add_abs( mbedtls_mpi *, const mbedtls_mpi *, const mbedtls_mpi * );
int mbedtls_mpi_sub_abs( mbedtls_mpi *, const mbedtls_mpi *, const mbedtls_mpi * );
int mbedtls_mpi_add_mpi( mbedtls_mpi *, const mbedtls_mpi *, const mbedtls_mpi * );
int mbedtls_mpi_sub_mpi( mbedtls_mpi *, const mbedtls_mpi *, const mbedtls_mpi * );
int mbedtls_mpi_add_int( mbedtls_mpi *, const mbedtls_mpi *, mbedtls_mpi_sint );
int mbedtls_mpi_sub_int( mbedtls_mpi *, const mbedtls_mpi *, mbedtls_mpi_sint );
int mbedtls_mpi_mul_mpi( mbedtls_mpi *, const mbedtls_mpi *, const mbedtls_mpi * );
int mbedtls_mpi_mul_int( mbedtls_mpi *, const mbedtls_mpi *, mbedtls_mpi_uint );
int mbedtls_mpi_div_mpi( mbedtls_mpi *, mbedtls_mpi *, const mbedtls_mpi *, const mbedtls_mpi * );
int mbedtls_mpi_add_mpi( mbedtls_mpi *, const mbedtls_mpi *, const mbedtls_mpi * );
int mbedtls_mpi_cmp_abs( const mbedtls_mpi *, const mbedtls_mpi * );
int mbedtls_mpi_cmp_int( const mbedtls_mpi *, mbedtls_mpi_sint );
int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *, const mbedtls_mpi * );
int mbedtls_mpi_copy( mbedtls_mpi *, const mbedtls_mpi * );
int mbedtls_mpi_div_int( mbedtls_mpi *, mbedtls_mpi *, const mbedtls_mpi *, mbedtls_mpi_sint );
int mbedtls_mpi_mod_mpi( mbedtls_mpi *, const mbedtls_mpi *, const mbedtls_mpi * );
int mbedtls_mpi_mod_int( mbedtls_mpi_uint *, const mbedtls_mpi *, mbedtls_mpi_sint );
int mbedtls_mpi_div_mpi( mbedtls_mpi *, mbedtls_mpi *, const mbedtls_mpi *, const mbedtls_mpi * );
int mbedtls_mpi_exp_mod( mbedtls_mpi *, const mbedtls_mpi *, const mbedtls_mpi *, const mbedtls_mpi *, mbedtls_mpi * );
int mbedtls_mpi_fill_random( mbedtls_mpi *, size_t, int (*)(void *, unsigned char *, size_t), void * );
int mbedtls_mpi_gcd( mbedtls_mpi *, const mbedtls_mpi *, const mbedtls_mpi * );
int mbedtls_mpi_gen_prime( mbedtls_mpi *, size_t, int, int (*)(void *, unsigned char *, size_t), void * );
int mbedtls_mpi_get_bit( const mbedtls_mpi *, size_t );
int mbedtls_mpi_grow( mbedtls_mpi *, size_t );
int mbedtls_mpi_inv_mod( mbedtls_mpi *, const mbedtls_mpi *, const mbedtls_mpi * );
int mbedtls_mpi_is_prime_ext( const mbedtls_mpi *, int, int (*)(void *, unsigned char *, size_t), void * );
int mbedtls_mpi_gen_prime( mbedtls_mpi *, size_t, int, int (*)(void *, unsigned char *, size_t), void * );
int mbedtls_mpi_lset( mbedtls_mpi *, mbedtls_mpi_sint );
int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *, const mbedtls_mpi *, unsigned * );
int mbedtls_mpi_mod_int( mbedtls_mpi_uint *, const mbedtls_mpi *, mbedtls_mpi_sint );
int mbedtls_mpi_mod_mpi( mbedtls_mpi *, const mbedtls_mpi *, const mbedtls_mpi * );
int mbedtls_mpi_mul_int( mbedtls_mpi *, const mbedtls_mpi *, mbedtls_mpi_uint );
int mbedtls_mpi_mul_mpi( mbedtls_mpi *, const mbedtls_mpi *, const mbedtls_mpi * );
int mbedtls_mpi_read_binary( mbedtls_mpi *, const unsigned char *, size_t );
int mbedtls_mpi_read_binary_le( mbedtls_mpi *, const unsigned char *, size_t );
int mbedtls_mpi_read_file( mbedtls_mpi *, int, FILE * );
int mbedtls_mpi_read_string( mbedtls_mpi *, int, const char * );
int mbedtls_mpi_resize( mbedtls_mpi *, size_t );
int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *, const mbedtls_mpi *, unsigned char );
int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *, mbedtls_mpi *, unsigned char );
int mbedtls_mpi_self_test( int );
int mbedtls_mpi_set_bit( mbedtls_mpi *, size_t, unsigned char );
int mbedtls_mpi_shift_l( mbedtls_mpi *, size_t );
int mbedtls_mpi_shift_r( mbedtls_mpi *, size_t );
int mbedtls_mpi_shrink( mbedtls_mpi *, size_t );
int mbedtls_mpi_sub_abs( mbedtls_mpi *, const mbedtls_mpi *, const mbedtls_mpi * );
int mbedtls_mpi_sub_int( mbedtls_mpi *, const mbedtls_mpi *, mbedtls_mpi_sint );
int mbedtls_mpi_sub_mpi( mbedtls_mpi *, const mbedtls_mpi *, const mbedtls_mpi * );
int mbedtls_mpi_write_binary( const mbedtls_mpi *, unsigned char *, size_t );
int mbedtls_mpi_write_binary_le( const mbedtls_mpi *, unsigned char *, size_t );
int mbedtls_mpi_write_file( const char *, const mbedtls_mpi *, int, FILE * );
int mbedtls_mpi_write_string( const mbedtls_mpi *, int, char *, size_t, size_t * );
size_t mbedtls_mpi_bitlen( const mbedtls_mpi * );
size_t mbedtls_mpi_lsb( const mbedtls_mpi * );
size_t mbedtls_mpi_size( const mbedtls_mpi * );
void mbedtls_mpi_free( mbedtls_mpi * );
void mbedtls_mpi_swap( mbedtls_mpi *, mbedtls_mpi * );
/**
* \brief Initialize an MPI context.
*
* This makes the MPI ready to be set or freed,
* but does not define a value for the MPI.
*
* \param X The MPI context to initialize. This must not be \c NULL.
*/
forceinline void mbedtls_mpi_init(mbedtls_mpi *X)
{
MBEDTLS_INTERNAL_VALIDATE(X);
typedef int mbedtls_mpi_lol
__attribute__((__vector_size__(16), __aligned__(16)));
*(mbedtls_mpi_lol *)X = (mbedtls_mpi_lol){1};
}
forceinline size_t mbedtls_mpi_limbs(const mbedtls_mpi *X) {
size_t i;
for (i = X->n; i; i--) {
if (X->p[i - 1]) {
break;
}
}
return i;
}
static inline bool mbedtls_mpi_is_zero(const mbedtls_mpi *X)
{
if (X->n && *X->p) return false;
if (!mbedtls_mpi_limbs(X)) return true;
return false;
}
static inline bool mbedtls_mpi_is_one(const mbedtls_mpi *X)
{
if (!X->n || *X->p != 1 || X->s != 1) return false;
return mbedtls_mpi_limbs(X) == 1;
}
COSMOPOLITAN_C_END_
#endif /* MBEDTLS_BIGNUM_H_ */

41
third_party/mbedtls/bignum_internal.h vendored Normal file
View file

@ -0,0 +1,41 @@
#ifndef COSMOPOLITAN_THIRD_PARTY_MBEDTLS_BIGNUM_INTERNAL_H_
#define COSMOPOLITAN_THIRD_PARTY_MBEDTLS_BIGNUM_INTERNAL_H_
#include "third_party/mbedtls/bignum.h"
#include "third_party/mbedtls/platform.h"
#if !(__ASSEMBLER__ + __LINKER__ + 0)
COSMOPOLITAN_C_START_
#define MPI_VALIDATE_RET(cond) \
MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_MPI_BAD_INPUT_DATA)
#define MPI_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE(cond)
#define ciL (sizeof(mbedtls_mpi_uint)) /* chars in limb */
#define biL (ciL << 3) /* bits in limb */
#define biH (ciL << 2) /* half limb size */
#define MPI_SIZE_T_MAX ((size_t)-1) /* SIZE_T_MAX is not standard */
/*
* Convert between bits/chars and number of limbs
* Divide first in order to avoid potential overflows
*/
#define BITS_TO_LIMBS(i) ((i) / biL + ((i) % biL != 0))
#define CHARS_TO_LIMBS(i) ((i) / ciL + ((i) % ciL != 0))
extern void (*Mul4x4)(uint64_t[8], const uint64_t[4], const uint64_t[4]);
extern void (*ShiftRight)(uint64_t *, size_t, unsigned char);
void ShiftRightAvx(uint64_t *, size_t, unsigned char);
void ShiftRightPure(uint64_t *, size_t, unsigned char);
void Mul4x4Adx(uint64_t[8], const uint64_t[4], const uint64_t[4]);
void Mul6x6Adx(uint64_t[12], const uint64_t[6], const uint64_t[6]);
void Mul8x8Adx(uint64_t[16], const uint64_t[8], const uint64_t[8]);
void Mul4x4Pure(uint64_t[16], const uint64_t[8], const uint64_t[8]);
void Mul(uint64_t *, uint64_t *, unsigned, uint64_t *, unsigned);
void Karatsuba(uint64_t *, uint64_t *, uint64_t *, size_t, uint64_t *);
void mbedtls_mpi_mul_hlp(size_t, uint64_t *, uint64_t *, uint64_t);
void mbedtls_mpi_mul_hlp1(size_t, const uint64_t *, uint64_t *, uint64_t);
COSMOPOLITAN_C_END_
#endif /* !(__ASSEMBLER__ + __LINKER__ + 0) */
#endif /* COSMOPOLITAN_THIRD_PARTY_MBEDTLS_BIGNUM_INTERNAL_H_ */

121
third_party/mbedtls/bigshift.c vendored Normal file
View file

@ -0,0 +1,121 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "libc/assert.h"
#include "libc/log/log.h"
#include "libc/macros.internal.h"
#include "libc/str/str.h"
#include "third_party/mbedtls/bignum.h"
#include "third_party/mbedtls/bignum_internal.h"
#include "third_party/mbedtls/platform.h"
/* clang-format off */
typedef long long xmm_t __attribute__((__vector_size__(16), __aligned__(1)));
static inline void shrd(mbedtls_mpi_uint *p, size_t n, size_t j, size_t m,
char k)
{
mbedtls_mpi_uint x, y, *e, *f;
f = p + m;
if (n)
{
y = 0;
x = p[j];
e = p + n;
for (; ++p < e; x = y)
{
y = p[j];
p[-1] = x >> k | y << (biL - k);
}
p[-1] = x >> k;
}
while (p < f)
*p++ = 0;
}
static inline void shld(mbedtls_mpi_uint *p, size_t n, size_t m, char k)
{
size_t i;
mbedtls_mpi_uint x, y;
MBEDTLS_ASSERT(n > m);
i = n - 1;
y = p[i - m];
for (; i - m > 0; --i, y = x)
{
x = p[i - m - 1];
p[i] = y << k | x >> (64 - k);
}
p[i] = y << k;
while (i)
{
p[--i] = 0;
}
}
/**
* Performs left shift on big number: X <<= k
*/
int mbedtls_mpi_shift_l(mbedtls_mpi *X, size_t k)
{
int r;
size_t b, n, m, l, z;
MPI_VALIDATE_RET(X);
l = mbedtls_mpi_bitlen(X);
b = l + k;
n = BITS_TO_LIMBS(b);
m = k / biL;
k = k % biL;
z = X->n;
if (n > X->n && (r = mbedtls_mpi_grow(X, n)))
return r;
if (k)
{
shld(X->p, X->n, m, k);
}
else if (m)
{
memmove_pure(X->p + m, X->p, (X->n - m) * ciL);
mbedtls_platform_zeroize(X->p, m * ciL);
}
return 0;
}
/**
* Performs right arithmetic shift on big number: X >>= k
*/
int mbedtls_mpi_shift_r(mbedtls_mpi *X, size_t k)
{
size_t n;
mbedtls_mpi_uint x, y;
MPI_VALIDATE_RET(X);
k = MIN(k, X->n * biL);
n = k / biL;
k = k % biL;
if (k)
{
if (!n)
ShiftRight(X->p, X->n, k);
else
shrd(X->p, X->n - n, n, X->n, k);
}
else if (n)
{
memmove_pure(X->p, X->p + n, (X->n - n) * ciL);
mbedtls_platform_zeroize(X->p + X->n - n, n * ciL);
}
return 0;
}

907
third_party/mbedtls/bn_mul.h vendored
View file

@ -1,907 +0,0 @@
#ifndef MBEDTLS_BN_MUL_H
#define MBEDTLS_BN_MUL_H
#include "third_party/mbedtls/bignum.h"
#include "third_party/mbedtls/config.h"
/* clang-format off */
#if defined(MBEDTLS_HAVE_ASM)
#ifndef asm
#define asm __asm
#endif
/* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */
#if defined(__GNUC__) && \
( !defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000 )
/*
* Disable use of the i386 assembly code below if option -O0, to disable all
* compiler optimisations, is passed, detected with __OPTIMIZE__
* This is done as the number of registers used in the assembly code doesn't
* work with the -O0 option.
*/
#if defined(__i386__) && defined(__OPTIMIZE__)
#define MULADDC_INIT \
asm( \
"movl %%ebx, %0 \n\t" \
"movl %5, %%esi \n\t" \
"movl %6, %%edi \n\t" \
"movl %7, %%ecx \n\t" \
"movl %8, %%ebx \n\t"
#define MULADDC_CORE \
"lodsl \n\t" \
"mull %%ebx \n\t" \
"addl %%ecx, %%eax \n\t" \
"adcl $0, %%edx \n\t" \
"addl (%%edi), %%eax \n\t" \
"adcl $0, %%edx \n\t" \
"movl %%edx, %%ecx \n\t" \
"stosl \n\t"
#if defined(MBEDTLS_HAVE_SSE2)
#define MULADDC_HUIT \
"movd %%ecx, %%mm1 \n\t" \
"movd %%ebx, %%mm0 \n\t" \
"movd (%%edi), %%mm3 \n\t" \
"paddq %%mm3, %%mm1 \n\t" \
"movd (%%esi), %%mm2 \n\t" \
"pmuludq %%mm0, %%mm2 \n\t" \
"movd 4(%%esi), %%mm4 \n\t" \
"pmuludq %%mm0, %%mm4 \n\t" \
"movd 8(%%esi), %%mm6 \n\t" \
"pmuludq %%mm0, %%mm6 \n\t" \
"movd 12(%%esi), %%mm7 \n\t" \
"pmuludq %%mm0, %%mm7 \n\t" \
"paddq %%mm2, %%mm1 \n\t" \
"movd 4(%%edi), %%mm3 \n\t" \
"paddq %%mm4, %%mm3 \n\t" \
"movd 8(%%edi), %%mm5 \n\t" \
"paddq %%mm6, %%mm5 \n\t" \
"movd 12(%%edi), %%mm4 \n\t" \
"paddq %%mm4, %%mm7 \n\t" \
"movd %%mm1, (%%edi) \n\t" \
"movd 16(%%esi), %%mm2 \n\t" \
"pmuludq %%mm0, %%mm2 \n\t" \
"psrlq $32, %%mm1 \n\t" \
"movd 20(%%esi), %%mm4 \n\t" \
"pmuludq %%mm0, %%mm4 \n\t" \
"paddq %%mm3, %%mm1 \n\t" \
"movd 24(%%esi), %%mm6 \n\t" \
"pmuludq %%mm0, %%mm6 \n\t" \
"movd %%mm1, 4(%%edi) \n\t" \
"psrlq $32, %%mm1 \n\t" \
"movd 28(%%esi), %%mm3 \n\t" \
"pmuludq %%mm0, %%mm3 \n\t" \
"paddq %%mm5, %%mm1 \n\t" \
"movd 16(%%edi), %%mm5 \n\t" \
"paddq %%mm5, %%mm2 \n\t" \
"movd %%mm1, 8(%%edi) \n\t" \
"psrlq $32, %%mm1 \n\t" \
"paddq %%mm7, %%mm1 \n\t" \
"movd 20(%%edi), %%mm5 \n\t" \
"paddq %%mm5, %%mm4 \n\t" \
"movd %%mm1, 12(%%edi) \n\t" \
"psrlq $32, %%mm1 \n\t" \
"paddq %%mm2, %%mm1 \n\t" \
"movd 24(%%edi), %%mm5 \n\t" \
"paddq %%mm5, %%mm6 \n\t" \
"movd %%mm1, 16(%%edi) \n\t" \
"psrlq $32, %%mm1 \n\t" \
"paddq %%mm4, %%mm1 \n\t" \
"movd 28(%%edi), %%mm5 \n\t" \
"paddq %%mm5, %%mm3 \n\t" \
"movd %%mm1, 20(%%edi) \n\t" \
"psrlq $32, %%mm1 \n\t" \
"paddq %%mm6, %%mm1 \n\t" \
"movd %%mm1, 24(%%edi) \n\t" \
"psrlq $32, %%mm1 \n\t" \
"paddq %%mm3, %%mm1 \n\t" \
"movd %%mm1, 28(%%edi) \n\t" \
"addl $32, %%edi \n\t" \
"addl $32, %%esi \n\t" \
"psrlq $32, %%mm1 \n\t" \
"movd %%mm1, %%ecx \n\t"
#define MULADDC_STOP \
"emms \n\t" \
"movl %4, %%ebx \n\t" \
"movl %%ecx, %1 \n\t" \
"movl %%edi, %2 \n\t" \
"movl %%esi, %3 \n\t" \
: "=m" (t), "=m" (c), "=m" (d), "=m" (s) \
: "m" (t), "m" (s), "m" (d), "m" (c), "m" (b) \
: "eax", "ebx", "ecx", "edx", "esi", "edi" \
);
#else
#define MULADDC_STOP \
"movl %4, %%ebx \n\t" \
"movl %%ecx, %1 \n\t" \
"movl %%edi, %2 \n\t" \
"movl %%esi, %3 \n\t" \
: "=m" (t), "=m" (c), "=m" (d), "=m" (s) \
: "m" (t), "m" (s), "m" (d), "m" (c), "m" (b) \
: "eax", "ebx", "ecx", "edx", "esi", "edi" \
);
#endif /* SSE2 */
#endif /* i386 */
#if defined(__amd64__) || defined (__x86_64__)
#if 1
#define MULADDC_INIT \
asm( \
"xorq %%r8, %%r8\n"
#define MULADDC_CORE \
"movq (%%rsi), %%rax\n" \
"mulq %%rbx\n" \
"addq $8, %%rsi\n" \
"addq %%rcx, %%rax\n" \
"movq %%r8, %%rcx\n" \
"adcq $0, %%rdx\n" \
"nop \n" \
"addq %%rax, (%%rdi)\n" \
"adcq %%rdx, %%rcx\n" \
"addq $8, %%rdi\n"
#define MULADDC_STOP \
: "+c" (c), "+D" (d), "+S" (s) \
: "b" (b) \
: "rax", "rdx", "r8" \
);
#else
#define MULADDC_INIT
#define MULADDC_STOP
#define MULADDC_CORE \
ax = *s++; \
axdx = (uint128_t)ax * b + c; \
t = *d; \
*d++ = t + (uint64_t)axdx; \
c = (t + (uint64_t)axdx < t) + (uint64_t)(axdx >> 64);
#endif
#endif /* AMD64 */
#if defined(__aarch64__)
#define MULADDC_INIT \
asm(
#define MULADDC_CORE \
"ldr x4, [%2], #8 \n\t" \
"ldr x5, [%1] \n\t" \
"mul x6, x4, %3 \n\t" \
"umulh x7, x4, %3 \n\t" \
"adds x5, x5, x6 \n\t" \
"adc x7, x7, xzr \n\t" \
"adds x5, x5, %0 \n\t" \
"adc %0, x7, xzr \n\t" \
"str x5, [%1], #8 \n\t"
#define MULADDC_STOP \
: "+r" (c), "+r" (d), "+r" (s) \
: "r" (b) \
: "x4", "x5", "x6", "x7", "cc" \
);
#endif /* Aarch64 */
#if defined(__mc68020__) || defined(__mcpu32__)
#define MULADDC_INIT \
asm( \
"movl %3, %%a2 \n\t" \
"movl %4, %%a3 \n\t" \
"movl %5, %%d3 \n\t" \
"movl %6, %%d2 \n\t" \
"moveq #0, %%d0 \n\t"
#define MULADDC_CORE \
"movel %%a2@+, %%d1 \n\t" \
"mulul %%d2, %%d4:%%d1 \n\t" \
"addl %%d3, %%d1 \n\t" \
"addxl %%d0, %%d4 \n\t" \
"moveq #0, %%d3 \n\t" \
"addl %%d1, %%a3@+ \n\t" \
"addxl %%d4, %%d3 \n\t"
#define MULADDC_STOP \
"movl %%d3, %0 \n\t" \
"movl %%a3, %1 \n\t" \
"movl %%a2, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "d0", "d1", "d2", "d3", "d4", "a2", "a3" \
);
#define MULADDC_HUIT \
"movel %%a2@+, %%d1 \n\t" \
"mulul %%d2, %%d4:%%d1 \n\t" \
"addxl %%d3, %%d1 \n\t" \
"addxl %%d0, %%d4 \n\t" \
"addl %%d1, %%a3@+ \n\t" \
"movel %%a2@+, %%d1 \n\t" \
"mulul %%d2, %%d3:%%d1 \n\t" \
"addxl %%d4, %%d1 \n\t" \
"addxl %%d0, %%d3 \n\t" \
"addl %%d1, %%a3@+ \n\t" \
"movel %%a2@+, %%d1 \n\t" \
"mulul %%d2, %%d4:%%d1 \n\t" \
"addxl %%d3, %%d1 \n\t" \
"addxl %%d0, %%d4 \n\t" \
"addl %%d1, %%a3@+ \n\t" \
"movel %%a2@+, %%d1 \n\t" \
"mulul %%d2, %%d3:%%d1 \n\t" \
"addxl %%d4, %%d1 \n\t" \
"addxl %%d0, %%d3 \n\t" \
"addl %%d1, %%a3@+ \n\t" \
"movel %%a2@+, %%d1 \n\t" \
"mulul %%d2, %%d4:%%d1 \n\t" \
"addxl %%d3, %%d1 \n\t" \
"addxl %%d0, %%d4 \n\t" \
"addl %%d1, %%a3@+ \n\t" \
"movel %%a2@+, %%d1 \n\t" \
"mulul %%d2, %%d3:%%d1 \n\t" \
"addxl %%d4, %%d1 \n\t" \
"addxl %%d0, %%d3 \n\t" \
"addl %%d1, %%a3@+ \n\t" \
"movel %%a2@+, %%d1 \n\t" \
"mulul %%d2, %%d4:%%d1 \n\t" \
"addxl %%d3, %%d1 \n\t" \
"addxl %%d0, %%d4 \n\t" \
"addl %%d1, %%a3@+ \n\t" \
"movel %%a2@+, %%d1 \n\t" \
"mulul %%d2, %%d3:%%d1 \n\t" \
"addxl %%d4, %%d1 \n\t" \
"addxl %%d0, %%d3 \n\t" \
"addl %%d1, %%a3@+ \n\t" \
"addxl %%d0, %%d3 \n\t"
#endif /* MC68000 */
#if defined(__powerpc64__) || defined(__ppc64__)
#if defined(__MACH__) && defined(__APPLE__)
#define MULADDC_INIT \
asm( \
"ld r3, %3 \n\t" \
"ld r4, %4 \n\t" \
"ld r5, %5 \n\t" \
"ld r6, %6 \n\t" \
"addi r3, r3, -8 \n\t" \
"addi r4, r4, -8 \n\t" \
"addic r5, r5, 0 \n\t"
#define MULADDC_CORE \
"ldu r7, 8(r3) \n\t" \
"mulld r8, r7, r6 \n\t" \
"mulhdu r9, r7, r6 \n\t" \
"adde r8, r8, r5 \n\t" \
"ld r7, 8(r4) \n\t" \
"addze r5, r9 \n\t" \
"addc r8, r8, r7 \n\t" \
"stdu r8, 8(r4) \n\t"
#define MULADDC_STOP \
"addze r5, r5 \n\t" \
"addi r4, r4, 8 \n\t" \
"addi r3, r3, 8 \n\t" \
"std r5, %0 \n\t" \
"std r4, %1 \n\t" \
"std r3, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "r3", "r4", "r5", "r6", "r7", "r8", "r9" \
);
#else /* __MACH__ && __APPLE__ */
#define MULADDC_INIT \
asm( \
"ld %%r3, %3 \n\t" \
"ld %%r4, %4 \n\t" \
"ld %%r5, %5 \n\t" \
"ld %%r6, %6 \n\t" \
"addi %%r3, %%r3, -8 \n\t" \
"addi %%r4, %%r4, -8 \n\t" \
"addic %%r5, %%r5, 0 \n\t"
#define MULADDC_CORE \
"ldu %%r7, 8(%%r3) \n\t" \
"mulld %%r8, %%r7, %%r6 \n\t" \
"mulhdu %%r9, %%r7, %%r6 \n\t" \
"adde %%r8, %%r8, %%r5 \n\t" \
"ld %%r7, 8(%%r4) \n\t" \
"addze %%r5, %%r9 \n\t" \
"addc %%r8, %%r8, %%r7 \n\t" \
"stdu %%r8, 8(%%r4) \n\t"
#define MULADDC_STOP \
"addze %%r5, %%r5 \n\t" \
"addi %%r4, %%r4, 8 \n\t" \
"addi %%r3, %%r3, 8 \n\t" \
"std %%r5, %0 \n\t" \
"std %%r4, %1 \n\t" \
"std %%r3, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "r3", "r4", "r5", "r6", "r7", "r8", "r9" \
);
#endif /* __MACH__ && __APPLE__ */
#elif defined(__powerpc__) || defined(__ppc__) /* end PPC64/begin PPC32 */
#if defined(__MACH__) && defined(__APPLE__)
#define MULADDC_INIT \
asm( \
"lwz r3, %3 \n\t" \
"lwz r4, %4 \n\t" \
"lwz r5, %5 \n\t" \
"lwz r6, %6 \n\t" \
"addi r3, r3, -4 \n\t" \
"addi r4, r4, -4 \n\t" \
"addic r5, r5, 0 \n\t"
#define MULADDC_CORE \
"lwzu r7, 4(r3) \n\t" \
"mullw r8, r7, r6 \n\t" \
"mulhwu r9, r7, r6 \n\t" \
"adde r8, r8, r5 \n\t" \
"lwz r7, 4(r4) \n\t" \
"addze r5, r9 \n\t" \
"addc r8, r8, r7 \n\t" \
"stwu r8, 4(r4) \n\t"
#define MULADDC_STOP \
"addze r5, r5 \n\t" \
"addi r4, r4, 4 \n\t" \
"addi r3, r3, 4 \n\t" \
"stw r5, %0 \n\t" \
"stw r4, %1 \n\t" \
"stw r3, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "r3", "r4", "r5", "r6", "r7", "r8", "r9" \
);
#else /* __MACH__ && __APPLE__ */
#define MULADDC_INIT \
asm( \
"lwz %%r3, %3 \n\t" \
"lwz %%r4, %4 \n\t" \
"lwz %%r5, %5 \n\t" \
"lwz %%r6, %6 \n\t" \
"addi %%r3, %%r3, -4 \n\t" \
"addi %%r4, %%r4, -4 \n\t" \
"addic %%r5, %%r5, 0 \n\t"
#define MULADDC_CORE \
"lwzu %%r7, 4(%%r3) \n\t" \
"mullw %%r8, %%r7, %%r6 \n\t" \
"mulhwu %%r9, %%r7, %%r6 \n\t" \
"adde %%r8, %%r8, %%r5 \n\t" \
"lwz %%r7, 4(%%r4) \n\t" \
"addze %%r5, %%r9 \n\t" \
"addc %%r8, %%r8, %%r7 \n\t" \
"stwu %%r8, 4(%%r4) \n\t"
#define MULADDC_STOP \
"addze %%r5, %%r5 \n\t" \
"addi %%r4, %%r4, 4 \n\t" \
"addi %%r3, %%r3, 4 \n\t" \
"stw %%r5, %0 \n\t" \
"stw %%r4, %1 \n\t" \
"stw %%r3, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "r3", "r4", "r5", "r6", "r7", "r8", "r9" \
);
#endif /* __MACH__ && __APPLE__ */
#endif /* PPC32 */
/*
* The Sparc(64) assembly is reported to be broken.
* Disable it for now, until we're able to fix it.
*/
#if 0 && defined(__sparc__)
#if defined(__sparc64__)
#define MULADDC_INIT \
asm( \
"ldx %3, %%o0 \n\t" \
"ldx %4, %%o1 \n\t" \
"ld %5, %%o2 \n\t" \
"ld %6, %%o3 \n\t"
#define MULADDC_CORE \
"ld [%%o0], %%o4 \n\t" \
"inc 4, %%o0 \n\t" \
"ld [%%o1], %%o5 \n\t" \
"umul %%o3, %%o4, %%o4 \n\t" \
"addcc %%o4, %%o2, %%o4 \n\t" \
"rd %%y, %%g1 \n\t" \
"addx %%g1, 0, %%g1 \n\t" \
"addcc %%o4, %%o5, %%o4 \n\t" \
"st %%o4, [%%o1] \n\t" \
"addx %%g1, 0, %%o2 \n\t" \
"inc 4, %%o1 \n\t"
#define MULADDC_STOP \
"st %%o2, %0 \n\t" \
"stx %%o1, %1 \n\t" \
"stx %%o0, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "g1", "o0", "o1", "o2", "o3", "o4", \
"o5" \
);
#else /* __sparc64__ */
#define MULADDC_INIT \
asm( \
"ld %3, %%o0 \n\t" \
"ld %4, %%o1 \n\t" \
"ld %5, %%o2 \n\t" \
"ld %6, %%o3 \n\t"
#define MULADDC_CORE \
"ld [%%o0], %%o4 \n\t" \
"inc 4, %%o0 \n\t" \
"ld [%%o1], %%o5 \n\t" \
"umul %%o3, %%o4, %%o4 \n\t" \
"addcc %%o4, %%o2, %%o4 \n\t" \
"rd %%y, %%g1 \n\t" \
"addx %%g1, 0, %%g1 \n\t" \
"addcc %%o4, %%o5, %%o4 \n\t" \
"st %%o4, [%%o1] \n\t" \
"addx %%g1, 0, %%o2 \n\t" \
"inc 4, %%o1 \n\t"
#define MULADDC_STOP \
"st %%o2, %0 \n\t" \
"st %%o1, %1 \n\t" \
"st %%o0, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "g1", "o0", "o1", "o2", "o3", "o4", \
"o5" \
);
#endif /* __sparc64__ */
#endif /* __sparc__ */
#if defined(__microblaze__) || defined(microblaze)
#define MULADDC_INIT \
asm( \
"lwi r3, %3 \n\t" \
"lwi r4, %4 \n\t" \
"lwi r5, %5 \n\t" \
"lwi r6, %6 \n\t" \
"andi r7, r6, 0xffff \n\t" \
"bsrli r6, r6, 16 \n\t"
#define MULADDC_CORE \
"lhui r8, r3, 0 \n\t" \
"addi r3, r3, 2 \n\t" \
"lhui r9, r3, 0 \n\t" \
"addi r3, r3, 2 \n\t" \
"mul r10, r9, r6 \n\t" \
"mul r11, r8, r7 \n\t" \
"mul r12, r9, r7 \n\t" \
"mul r13, r8, r6 \n\t" \
"bsrli r8, r10, 16 \n\t" \
"bsrli r9, r11, 16 \n\t" \
"add r13, r13, r8 \n\t" \
"add r13, r13, r9 \n\t" \
"bslli r10, r10, 16 \n\t" \
"bslli r11, r11, 16 \n\t" \
"add r12, r12, r10 \n\t" \
"addc r13, r13, r0 \n\t" \
"add r12, r12, r11 \n\t" \
"addc r13, r13, r0 \n\t" \
"lwi r10, r4, 0 \n\t" \
"add r12, r12, r10 \n\t" \
"addc r13, r13, r0 \n\t" \
"add r12, r12, r5 \n\t" \
"addc r5, r13, r0 \n\t" \
"swi r12, r4, 0 \n\t" \
"addi r4, r4, 4 \n\t"
#define MULADDC_STOP \
"swi r5, %0 \n\t" \
"swi r4, %1 \n\t" \
"swi r3, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "r3", "r4", "r5", "r6", "r7", "r8", \
"r9", "r10", "r11", "r12", "r13" \
);
#endif /* MicroBlaze */
#if defined(__tricore__)
#define MULADDC_INIT \
asm( \
"ld.a %%a2, %3 \n\t" \
"ld.a %%a3, %4 \n\t" \
"ld.w %%d4, %5 \n\t" \
"ld.w %%d1, %6 \n\t" \
"xor %%d5, %%d5 \n\t"
#define MULADDC_CORE \
"ld.w %%d0, [%%a2+] \n\t" \
"madd.u %%e2, %%e4, %%d0, %%d1 \n\t" \
"ld.w %%d0, [%%a3] \n\t" \
"addx %%d2, %%d2, %%d0 \n\t" \
"addc %%d3, %%d3, 0 \n\t" \
"mov %%d4, %%d3 \n\t" \
"st.w [%%a3+], %%d2 \n\t"
#define MULADDC_STOP \
"st.w %0, %%d4 \n\t" \
"st.a %1, %%a3 \n\t" \
"st.a %2, %%a2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "d0", "d1", "e2", "d4", "a2", "a3" \
);
#endif /* TriCore */
/*
* Note, gcc -O0 by default uses r7 for the frame pointer, so it complains about
* our use of r7 below, unless -fomit-frame-pointer is passed.
*
* On the other hand, -fomit-frame-pointer is implied by any -Ox options with
* x !=0, which we can detect using __OPTIMIZE__ (which is also defined by
* clang and armcc5 under the same conditions).
*
* So, only use the optimized assembly below for optimized build, which avoids
* the build error and is pretty reasonable anyway.
*/
#if defined(__GNUC__) && !defined(__OPTIMIZE__)
#define MULADDC_CANNOT_USE_R7
#endif
#if defined(__arm__) && !defined(MULADDC_CANNOT_USE_R7)
#if defined(__thumb__) && !defined(__thumb2__)
#define MULADDC_INIT \
asm( \
"ldr r0, %3 \n\t" \
"ldr r1, %4 \n\t" \
"ldr r2, %5 \n\t" \
"ldr r3, %6 \n\t" \
"lsr r7, r3, #16 \n\t" \
"mov r9, r7 \n\t" \
"lsl r7, r3, #16 \n\t" \
"lsr r7, r7, #16 \n\t" \
"mov r8, r7 \n\t"
#define MULADDC_CORE \
"ldmia r0!, {r6} \n\t" \
"lsr r7, r6, #16 \n\t" \
"lsl r6, r6, #16 \n\t" \
"lsr r6, r6, #16 \n\t" \
"mov r4, r8 \n\t" \
"mul r4, r6 \n\t" \
"mov r3, r9 \n\t" \
"mul r6, r3 \n\t" \
"mov r5, r9 \n\t" \
"mul r5, r7 \n\t" \
"mov r3, r8 \n\t" \
"mul r7, r3 \n\t" \
"lsr r3, r6, #16 \n\t" \
"add r5, r5, r3 \n\t" \
"lsr r3, r7, #16 \n\t" \
"add r5, r5, r3 \n\t" \
"add r4, r4, r2 \n\t" \
"mov r2, #0 \n\t" \
"adc r5, r2 \n\t" \
"lsl r3, r6, #16 \n\t" \
"add r4, r4, r3 \n\t" \
"adc r5, r2 \n\t" \
"lsl r3, r7, #16 \n\t" \
"add r4, r4, r3 \n\t" \
"adc r5, r2 \n\t" \
"ldr r3, [r1] \n\t" \
"add r4, r4, r3 \n\t" \
"adc r2, r5 \n\t" \
"stmia r1!, {r4} \n\t"
#define MULADDC_STOP \
"str r2, %0 \n\t" \
"str r1, %1 \n\t" \
"str r0, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "r0", "r1", "r2", "r3", "r4", "r5", \
"r6", "r7", "r8", "r9", "cc" \
);
#elif (__ARM_ARCH >= 6) && \
defined (__ARM_FEATURE_DSP) && (__ARM_FEATURE_DSP == 1)
#define MULADDC_INIT \
asm(
#define MULADDC_CORE \
"ldr r0, [%0], #4 \n\t" \
"ldr r1, [%1] \n\t" \
"umaal r1, %2, %3, r0 \n\t" \
"str r1, [%1], #4 \n\t"
#define MULADDC_STOP \
: "=r" (s), "=r" (d), "=r" (c) \
: "r" (b), "0" (s), "1" (d), "2" (c) \
: "r0", "r1", "memory" \
);
#else
#define MULADDC_INIT \
asm( \
"ldr r0, %3 \n\t" \
"ldr r1, %4 \n\t" \
"ldr r2, %5 \n\t" \
"ldr r3, %6 \n\t"
#define MULADDC_CORE \
"ldr r4, [r0], #4 \n\t" \
"mov r5, #0 \n\t" \
"ldr r6, [r1] \n\t" \
"umlal r2, r5, r3, r4 \n\t" \
"adds r7, r6, r2 \n\t" \
"adc r2, r5, #0 \n\t" \
"str r7, [r1], #4 \n\t"
#define MULADDC_STOP \
"str r2, %0 \n\t" \
"str r1, %1 \n\t" \
"str r0, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "r0", "r1", "r2", "r3", "r4", "r5", \
"r6", "r7", "cc" \
);
#endif /* Thumb */
#endif /* ARMv3 */
#if defined(__alpha__)
#define MULADDC_INIT \
asm( \
"ldq $1, %3 \n\t" \
"ldq $2, %4 \n\t" \
"ldq $3, %5 \n\t" \
"ldq $4, %6 \n\t"
#define MULADDC_CORE \
"ldq $6, 0($1) \n\t" \
"addq $1, 8, $1 \n\t" \
"mulq $6, $4, $7 \n\t" \
"umulh $6, $4, $6 \n\t" \
"addq $7, $3, $7 \n\t" \
"cmpult $7, $3, $3 \n\t" \
"ldq $5, 0($2) \n\t" \
"addq $7, $5, $7 \n\t" \
"cmpult $7, $5, $5 \n\t" \
"stq $7, 0($2) \n\t" \
"addq $2, 8, $2 \n\t" \
"addq $6, $3, $3 \n\t" \
"addq $5, $3, $3 \n\t"
#define MULADDC_STOP \
"stq $3, %0 \n\t" \
"stq $2, %1 \n\t" \
"stq $1, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "$1", "$2", "$3", "$4", "$5", "$6", "$7" \
);
#endif /* Alpha */
#if defined(__mips__) && !defined(__mips64)
#define MULADDC_INIT \
asm( \
"lw $10, %3 \n\t" \
"lw $11, %4 \n\t" \
"lw $12, %5 \n\t" \
"lw $13, %6 \n\t"
#define MULADDC_CORE \
"lw $14, 0($10) \n\t" \
"multu $13, $14 \n\t" \
"addi $10, $10, 4 \n\t" \
"mflo $14 \n\t" \
"mfhi $9 \n\t" \
"addu $14, $12, $14 \n\t" \
"lw $15, 0($11) \n\t" \
"sltu $12, $14, $12 \n\t" \
"addu $15, $14, $15 \n\t" \
"sltu $14, $15, $14 \n\t" \
"addu $12, $12, $9 \n\t" \
"sw $15, 0($11) \n\t" \
"addu $12, $12, $14 \n\t" \
"addi $11, $11, 4 \n\t"
#define MULADDC_STOP \
"sw $12, %0 \n\t" \
"sw $11, %1 \n\t" \
"sw $10, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "$9", "$10", "$11", "$12", "$13", "$14", "$15", "lo", "hi" \
);
#endif /* MIPS */
#endif /* GNUC */
#if (defined(_MSC_VER) && defined(_M_IX86)) || defined(__WATCOMC__)
#define MULADDC_INIT \
__asm mov esi, s \
__asm mov edi, d \
__asm mov ecx, c \
__asm mov ebx, b
#define MULADDC_CORE \
__asm lodsd \
__asm mul ebx \
__asm add eax, ecx \
__asm adc edx, 0 \
__asm add eax, [edi] \
__asm adc edx, 0 \
__asm mov ecx, edx \
__asm stosd
#if defined(MBEDTLS_HAVE_SSE2)
#define EMIT __asm _emit
#define MULADDC_HUIT \
EMIT 0x0F EMIT 0x6E EMIT 0xC9 \
EMIT 0x0F EMIT 0x6E EMIT 0xC3 \
EMIT 0x0F EMIT 0x6E EMIT 0x1F \
EMIT 0x0F EMIT 0xD4 EMIT 0xCB \
EMIT 0x0F EMIT 0x6E EMIT 0x16 \
EMIT 0x0F EMIT 0xF4 EMIT 0xD0 \
EMIT 0x0F EMIT 0x6E EMIT 0x66 EMIT 0x04 \
EMIT 0x0F EMIT 0xF4 EMIT 0xE0 \
EMIT 0x0F EMIT 0x6E EMIT 0x76 EMIT 0x08 \
EMIT 0x0F EMIT 0xF4 EMIT 0xF0 \
EMIT 0x0F EMIT 0x6E EMIT 0x7E EMIT 0x0C \
EMIT 0x0F EMIT 0xF4 EMIT 0xF8 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCA \
EMIT 0x0F EMIT 0x6E EMIT 0x5F EMIT 0x04 \
EMIT 0x0F EMIT 0xD4 EMIT 0xDC \
EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x08 \
EMIT 0x0F EMIT 0xD4 EMIT 0xEE \
EMIT 0x0F EMIT 0x6E EMIT 0x67 EMIT 0x0C \
EMIT 0x0F EMIT 0xD4 EMIT 0xFC \
EMIT 0x0F EMIT 0x7E EMIT 0x0F \
EMIT 0x0F EMIT 0x6E EMIT 0x56 EMIT 0x10 \
EMIT 0x0F EMIT 0xF4 EMIT 0xD0 \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0x6E EMIT 0x66 EMIT 0x14 \
EMIT 0x0F EMIT 0xF4 EMIT 0xE0 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCB \
EMIT 0x0F EMIT 0x6E EMIT 0x76 EMIT 0x18 \
EMIT 0x0F EMIT 0xF4 EMIT 0xF0 \
EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x04 \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0x6E EMIT 0x5E EMIT 0x1C \
EMIT 0x0F EMIT 0xF4 EMIT 0xD8 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCD \
EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x10 \
EMIT 0x0F EMIT 0xD4 EMIT 0xD5 \
EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x08 \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCF \
EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x14 \
EMIT 0x0F EMIT 0xD4 EMIT 0xE5 \
EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x0C \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCA \
EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x18 \
EMIT 0x0F EMIT 0xD4 EMIT 0xF5 \
EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x10 \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCC \
EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x1C \
EMIT 0x0F EMIT 0xD4 EMIT 0xDD \
EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x14 \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCE \
EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x18 \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCB \
EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x1C \
EMIT 0x83 EMIT 0xC7 EMIT 0x20 \
EMIT 0x83 EMIT 0xC6 EMIT 0x20 \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0x7E EMIT 0xC9
#define MULADDC_STOP \
EMIT 0x0F EMIT 0x77 \
__asm mov c, ecx \
__asm mov d, edi \
__asm mov s, esi \
#else
#define MULADDC_STOP \
__asm mov c, ecx \
__asm mov d, edi \
__asm mov s, esi \
#endif /* SSE2 */
#endif /* MSVC */
#endif /* MBEDTLS_HAVE_ASM */
#if !defined(MULADDC_CORE)
#if defined(MBEDTLS_HAVE_UDBL)
#define MULADDC_INIT \
{ \
mbedtls_t_udbl r; \
mbedtls_mpi_uint r0, r1;
#define MULADDC_CORE \
r = *(s++) * (mbedtls_t_udbl) b; \
r0 = (mbedtls_mpi_uint) r; \
r1 = (mbedtls_mpi_uint)( r >> biL ); \
r0 += c; r1 += (r0 < c); \
r0 += *d; r1 += (r0 < *d); \
c = r1; *(d++) = r0;
#define MULADDC_STOP \
}
#else
#define MULADDC_INIT \
{ \
mbedtls_mpi_uint s0, s1, b0, b1; \
mbedtls_mpi_uint r0, r1, rx, ry; \
b0 = ( b << biH ) >> biH; \
b1 = ( b >> biH );
#define MULADDC_CORE \
s0 = ( *s << biH ) >> biH; \
s1 = ( *s >> biH ); s++; \
rx = s0 * b1; r0 = s0 * b0; \
ry = s1 * b0; r1 = s1 * b1; \
r1 += ( rx >> biH ); \
r1 += ( ry >> biH ); \
rx <<= biH; ry <<= biH; \
r0 += rx; r1 += (r0 < rx); \
r0 += ry; r1 += (r0 < ry); \
r0 += c; r1 += (r0 < c); \
r0 += *d; r1 += (r0 < *d); \
c = r1; *(d++) = r0;
#define MULADDC_STOP \
}
#endif /* C (generic) */
#endif /* C (longlong) */
#endif /* bn_mul.h */

123
third_party/mbedtls/ccm.c vendored
View file

@ -1,3 +1,20 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "third_party/mbedtls/ccm.h"
#include "third_party/mbedtls/common.h"
#include "third_party/mbedtls/error.h"
@ -8,32 +25,13 @@ Mbed TLS (Apache 2.0)\\n\
Copyright ARM Limited\\n\
Copyright Mbed TLS Contributors\"");
asm(".include \"libc/disclaimer.inc\"");
/* clang-format off */
/*
* NIST SP800-38C compliant CCM implementation
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* \file ccm.c
* @fileoverview NIST SP800-38C compliant CCM implementation
*
* \brief This file provides an API for the CCM authenticated encryption
* mode for block ciphers.
* This file provides an API for the CCM authenticated encryption mode
* for block ciphers.
*
* CCM combines Counter mode encryption with CBC-MAC authentication
* for 128-bit block ciphers.
@ -76,8 +74,8 @@ asm(".include \"libc/disclaimer.inc\"");
*/
void mbedtls_ccm_init( mbedtls_ccm_context *ctx )
{
CCM_VALIDATE( ctx != NULL );
memset( ctx, 0, sizeof( mbedtls_ccm_context ) );
CCM_VALIDATE( ctx );
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ccm_context ) );
}
/**
@ -98,31 +96,24 @@ int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
const unsigned char *key,
unsigned int keybits )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
const mbedtls_cipher_info_t *cipher_info;
CCM_VALIDATE_RET( ctx != NULL );
CCM_VALIDATE_RET( key != NULL );
CCM_VALIDATE_RET( ctx );
CCM_VALIDATE_RET( key );
cipher_info = mbedtls_cipher_info_from_values( cipher, keybits,
MBEDTLS_MODE_ECB );
if( cipher_info == NULL )
return( MBEDTLS_ERR_CCM_BAD_INPUT );
if( cipher_info->block_size != 16 )
return( MBEDTLS_ERR_CCM_BAD_INPUT );
mbedtls_cipher_free( &ctx->cipher_ctx );
if( ( ret = mbedtls_cipher_setup( &ctx->cipher_ctx, cipher_info ) ) != 0 )
return( ret );
if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keybits,
MBEDTLS_ENCRYPT ) ) != 0 )
{
return( ret );
}
return( 0 );
}
@ -184,7 +175,7 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length,
const unsigned char *input, unsigned char *output,
unsigned char *tag, size_t tag_len )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
unsigned char i;
unsigned char q;
size_t len_left, olen;
@ -395,12 +386,12 @@ int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
const unsigned char *input, unsigned char *output,
unsigned char *tag, size_t tag_len )
{
CCM_VALIDATE_RET( ctx != NULL );
CCM_VALIDATE_RET( iv != NULL );
CCM_VALIDATE_RET( add_len == 0 || add != NULL );
CCM_VALIDATE_RET( length == 0 || input != NULL );
CCM_VALIDATE_RET( length == 0 || output != NULL );
CCM_VALIDATE_RET( tag_len == 0 || tag != NULL );
CCM_VALIDATE_RET( ctx );
CCM_VALIDATE_RET( iv );
CCM_VALIDATE_RET( add_len == 0 || add );
CCM_VALIDATE_RET( length == 0 || input );
CCM_VALIDATE_RET( length == 0 || output );
CCM_VALIDATE_RET( tag_len == 0 || tag );
return( ccm_auth_crypt( ctx, CCM_ENCRYPT, length, iv, iv_len,
add, add_len, input, output, tag, tag_len ) );
}
@ -447,12 +438,12 @@ int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
const unsigned char *input, unsigned char *output,
unsigned char *tag, size_t tag_len )
{
CCM_VALIDATE_RET( ctx != NULL );
CCM_VALIDATE_RET( iv != NULL );
CCM_VALIDATE_RET( add_len == 0 || add != NULL );
CCM_VALIDATE_RET( length == 0 || input != NULL );
CCM_VALIDATE_RET( length == 0 || output != NULL );
CCM_VALIDATE_RET( tag_len == 0 || tag != NULL );
CCM_VALIDATE_RET( ctx );
CCM_VALIDATE_RET( iv );
CCM_VALIDATE_RET( add_len == 0 || add );
CCM_VALIDATE_RET( length == 0 || input );
CCM_VALIDATE_RET( length == 0 || output );
CCM_VALIDATE_RET( tag_len == 0 || tag );
if( tag_len == 0 )
return( MBEDTLS_ERR_CCM_BAD_INPUT );
@ -505,17 +496,17 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
const unsigned char *input, unsigned char *output,
const unsigned char *tag, size_t tag_len )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
unsigned char check_tag[16];
unsigned char i;
int diff;
CCM_VALIDATE_RET( ctx != NULL );
CCM_VALIDATE_RET( iv != NULL );
CCM_VALIDATE_RET( add_len == 0 || add != NULL );
CCM_VALIDATE_RET( length == 0 || input != NULL );
CCM_VALIDATE_RET( length == 0 || output != NULL );
CCM_VALIDATE_RET( tag_len == 0 || tag != NULL );
CCM_VALIDATE_RET( ctx );
CCM_VALIDATE_RET( iv );
CCM_VALIDATE_RET( add_len == 0 || add );
CCM_VALIDATE_RET( length == 0 || input );
CCM_VALIDATE_RET( length == 0 || output );
CCM_VALIDATE_RET( tag_len == 0 || tag );
if( ( ret = ccm_auth_crypt( ctx, CCM_DECRYPT, length,
iv, iv_len, add, add_len,
@ -574,16 +565,14 @@ int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
const unsigned char *input, unsigned char *output,
const unsigned char *tag, size_t tag_len )
{
CCM_VALIDATE_RET( ctx != NULL );
CCM_VALIDATE_RET( iv != NULL );
CCM_VALIDATE_RET( add_len == 0 || add != NULL );
CCM_VALIDATE_RET( length == 0 || input != NULL );
CCM_VALIDATE_RET( length == 0 || output != NULL );
CCM_VALIDATE_RET( tag_len == 0 || tag != NULL );
if( tag_len == 0 )
CCM_VALIDATE_RET( ctx );
CCM_VALIDATE_RET( iv );
CCM_VALIDATE_RET( add || !add_len );
CCM_VALIDATE_RET( input || !length );
CCM_VALIDATE_RET( output || !length );
CCM_VALIDATE_RET( tag || !tag_len );
if( !tag_len )
return( MBEDTLS_ERR_CCM_BAD_INPUT );
return( mbedtls_ccm_star_auth_decrypt( ctx, length, iv, iv_len, add,
add_len, input, output, tag, tag_len ) );
}
@ -654,7 +643,7 @@ int mbedtls_ccm_self_test( int verbose )
unsigned char plaintext[CCM_SELFTEST_PT_MAX_LEN];
unsigned char ciphertext[CCM_SELFTEST_CT_MAX_LEN];
size_t i;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
mbedtls_ccm_init( &ctx );
@ -672,8 +661,8 @@ int mbedtls_ccm_self_test( int verbose )
if( verbose != 0 )
mbedtls_printf( " CCM-AES #%u: ", (unsigned int) i + 1 );
memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
memset( ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN );
mbedtls_platform_zeroize( plaintext, CCM_SELFTEST_PT_MAX_LEN );
mbedtls_platform_zeroize( ciphertext, CCM_SELFTEST_CT_MAX_LEN );
memcpy( plaintext, msg_test_data, msg_len_test_data[i] );
ret = mbedtls_ccm_encrypt_and_tag( &ctx, msg_len_test_data[i],
@ -692,7 +681,7 @@ int mbedtls_ccm_self_test( int verbose )
return( 1 );
}
memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
mbedtls_platform_zeroize( plaintext, CCM_SELFTEST_PT_MAX_LEN );
ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len_test_data[i],
iv_test_data, iv_len_test_data[i],

36
third_party/mbedtls/certs.c vendored
View file

@ -1,3 +1,20 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "third_party/mbedtls/certs.h"
#include "third_party/mbedtls/common.h"
@ -6,26 +23,7 @@ Mbed TLS (Apache 2.0)\\n\
Copyright ARM Limited\\n\
Copyright Mbed TLS Contributors\"");
asm(".include \"libc/disclaimer.inc\"");
/* clang-format off */
/*
* X.509 test certificates
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#if defined(MBEDTLS_CERTS_C)

44
third_party/mbedtls/chacha20.c vendored
View file

@ -1,3 +1,20 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "libc/bits/bits.h"
#include "libc/stdio/stdio.h"
#include "third_party/mbedtls/chacha20.h"
@ -10,30 +27,7 @@ Mbed TLS (Apache 2.0)\\n\
Copyright ARM Limited\\n\
Copyright Mbed TLS Contributors\"");
asm(".include \"libc/disclaimer.inc\"");
/* clang-format off */
/**
* \file chacha20.c
*
* \brief ChaCha20 cipher.
*
* \author Daniel King <damaki.gh@gmail.com>
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/* Parameter validation macros */
#define CHACHA20_VALIDATE_RET( cond ) \
@ -384,7 +378,7 @@ int mbedtls_chacha20_crypt( const unsigned char key[32],
unsigned char* output )
{
mbedtls_chacha20_context ctx;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
CHACHA20_VALIDATE_RET( key != NULL );
CHACHA20_VALIDATE_RET( nonce != NULL );
@ -602,7 +596,7 @@ int mbedtls_chacha20_self_test( int verbose )
{
unsigned char output[381];
unsigned i;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
for( i = 0U; i < 2U; i++ )
{

161
third_party/mbedtls/chachapoly.c vendored
View file

@ -1,4 +1,22 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "third_party/mbedtls/chachapoly.h"
#include "third_party/mbedtls/chk.h"
#include "third_party/mbedtls/common.h"
#include "third_party/mbedtls/error.h"
#include "third_party/mbedtls/platform.h"
@ -8,27 +26,10 @@ Mbed TLS (Apache 2.0)\\n\
Copyright ARM Limited\\n\
Copyright Mbed TLS Contributors\"");
asm(".include \"libc/disclaimer.inc\"");
/* clang-format off */
/**
* \file chachapoly.c
*
* \brief ChaCha20-Poly1305 AEAD construction based on RFC 7539.
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
* @fileoverview ChaCha20-Poly1305 AEAD construction based on RFC 7539.
*/
#if defined(MBEDTLS_CHACHAPOLY_C)
@ -59,7 +60,7 @@ static int chachapoly_pad_aad( mbedtls_chachapoly_context *ctx )
if( partial_block_len == 0U )
return( 0 );
memset( zeroes, 0, sizeof( zeroes ) );
mbedtls_platform_zeroize( zeroes, sizeof( zeroes ) );
return( mbedtls_poly1305_update( &ctx->poly1305_ctx,
zeroes,
@ -79,7 +80,7 @@ static int chachapoly_pad_ciphertext( mbedtls_chachapoly_context *ctx )
if( partial_block_len == 0U )
return( 0 );
memset( zeroes, 0, sizeof( zeroes ) );
mbedtls_platform_zeroize( zeroes, sizeof( zeroes ) );
return( mbedtls_poly1305_update( &ctx->poly1305_ctx,
zeroes,
16U - partial_block_len ) );
@ -87,7 +88,7 @@ static int chachapoly_pad_ciphertext( mbedtls_chachapoly_context *ctx )
void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx )
{
CHACHAPOLY_VALIDATE( ctx != NULL );
CHACHAPOLY_VALIDATE( ctx );
mbedtls_chacha20_init( &ctx->chacha20_ctx );
mbedtls_poly1305_init( &ctx->poly1305_ctx );
@ -113,12 +114,10 @@ void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx )
int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx,
const unsigned char key[32] )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
CHACHAPOLY_VALIDATE_RET( ctx != NULL );
CHACHAPOLY_VALIDATE_RET( key != NULL );
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
CHACHAPOLY_VALIDATE_RET( ctx );
CHACHAPOLY_VALIDATE_RET( key );
ret = mbedtls_chacha20_setkey( &ctx->chacha20_ctx, key );
return( ret );
}
@ -126,26 +125,22 @@ int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx,
const unsigned char nonce[12],
mbedtls_chachapoly_mode_t mode )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
unsigned char poly1305_key[64];
CHACHAPOLY_VALIDATE_RET( ctx != NULL );
CHACHAPOLY_VALIDATE_RET( nonce != NULL );
CHACHAPOLY_VALIDATE_RET( ctx );
CHACHAPOLY_VALIDATE_RET( nonce );
/* Set counter = 0, will be update to 1 when generating Poly1305 key */
ret = mbedtls_chacha20_starts( &ctx->chacha20_ctx, nonce, 0U );
if( ret != 0 )
goto cleanup;
MBEDTLS_CHK( mbedtls_chacha20_starts( &ctx->chacha20_ctx, nonce, 0U ) );
/* Generate the Poly1305 key by getting the ChaCha20 keystream output with
* counter = 0. This is the same as encrypting a buffer of zeroes.
* Only the first 256-bits (32 bytes) of the key is used for Poly1305.
* The other 256 bits are discarded.
*/
memset( poly1305_key, 0, sizeof( poly1305_key ) );
ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, sizeof( poly1305_key ),
poly1305_key, poly1305_key );
if( ret != 0 )
goto cleanup;
mbedtls_platform_zeroize( poly1305_key, sizeof( poly1305_key ) );
MBEDTLS_CHK( mbedtls_chacha20_update( &ctx->chacha20_ctx, sizeof( poly1305_key ),
poly1305_key, poly1305_key ) );
ret = mbedtls_poly1305_starts( &ctx->poly1305_ctx, poly1305_key );
@ -166,8 +161,8 @@ int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx,
const unsigned char *aad,
size_t aad_len )
{
CHACHAPOLY_VALIDATE_RET( ctx != NULL );
CHACHAPOLY_VALIDATE_RET( aad_len == 0 || aad != NULL );
CHACHAPOLY_VALIDATE_RET( ctx );
CHACHAPOLY_VALIDATE_RET( aad_len == 0 || aad );
if( ctx->state != CHACHAPOLY_STATE_AAD )
return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
@ -182,10 +177,10 @@ int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx,
const unsigned char *input,
unsigned char *output )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
CHACHAPOLY_VALIDATE_RET( ctx != NULL );
CHACHAPOLY_VALIDATE_RET( len == 0 || input != NULL );
CHACHAPOLY_VALIDATE_RET( len == 0 || output != NULL );
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
CHACHAPOLY_VALIDATE_RET( ctx );
CHACHAPOLY_VALIDATE_RET( len == 0 || input );
CHACHAPOLY_VALIDATE_RET( len == 0 || output );
if( ( ctx->state != CHACHAPOLY_STATE_AAD ) &&
( ctx->state != CHACHAPOLY_STATE_CIPHERTEXT ) )
@ -231,16 +226,14 @@ int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx,
int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx,
unsigned char mac[16] )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
unsigned char len_block[16];
CHACHAPOLY_VALIDATE_RET( ctx != NULL );
CHACHAPOLY_VALIDATE_RET( mac != NULL );
CHACHAPOLY_VALIDATE_RET( ctx );
CHACHAPOLY_VALIDATE_RET( mac );
if( ctx->state == CHACHAPOLY_STATE_INIT )
{
return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
}
if( ctx->state == CHACHAPOLY_STATE_AAD )
{
ret = chachapoly_pad_aad( ctx );
@ -253,9 +246,7 @@ int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx,
if( ret != 0 )
return( ret );
}
ctx->state = CHACHAPOLY_STATE_FINISHED;
/* The lengths of the AAD and ciphertext are processed by
* Poly1305 as the final 128-bit block, encoded as little-endian integers.
*/
@ -275,13 +266,10 @@ int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx,
len_block[13] = (unsigned char)( ctx->ciphertext_len >> 40 );
len_block[14] = (unsigned char)( ctx->ciphertext_len >> 48 );
len_block[15] = (unsigned char)( ctx->ciphertext_len >> 56 );
ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, len_block, 16U );
if( ret != 0 )
return( ret );
ret = mbedtls_poly1305_finish( &ctx->poly1305_ctx, mac );
return( ret );
}
@ -295,22 +283,11 @@ static int chachapoly_crypt_and_tag( mbedtls_chachapoly_context *ctx,
unsigned char *output,
unsigned char tag[16] )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
ret = mbedtls_chachapoly_starts( ctx, nonce, mode );
if( ret != 0 )
goto cleanup;
ret = mbedtls_chachapoly_update_aad( ctx, aad, aad_len );
if( ret != 0 )
goto cleanup;
ret = mbedtls_chachapoly_update( ctx, length, input, output );
if( ret != 0 )
goto cleanup;
ret = mbedtls_chachapoly_finish( ctx, tag );
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
MBEDTLS_CHK( mbedtls_chachapoly_starts( ctx, nonce, mode ) );
MBEDTLS_CHK( mbedtls_chachapoly_update_aad( ctx, aad, aad_len ) );
MBEDTLS_CHK( mbedtls_chachapoly_update( ctx, length, input, output ) );
MBEDTLS_CHK( mbedtls_chachapoly_finish( ctx, tag ) );
cleanup:
return( ret );
}
@ -324,13 +301,12 @@ int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx,
unsigned char *output,
unsigned char tag[16] )
{
CHACHAPOLY_VALIDATE_RET( ctx != NULL );
CHACHAPOLY_VALIDATE_RET( nonce != NULL );
CHACHAPOLY_VALIDATE_RET( tag != NULL );
CHACHAPOLY_VALIDATE_RET( aad_len == 0 || aad != NULL );
CHACHAPOLY_VALIDATE_RET( length == 0 || input != NULL );
CHACHAPOLY_VALIDATE_RET( length == 0 || output != NULL );
CHACHAPOLY_VALIDATE_RET( ctx );
CHACHAPOLY_VALIDATE_RET( nonce );
CHACHAPOLY_VALIDATE_RET( tag );
CHACHAPOLY_VALIDATE_RET( aad || !aad_len );
CHACHAPOLY_VALIDATE_RET( input || !length );
CHACHAPOLY_VALIDATE_RET( output || !length );
return( chachapoly_crypt_and_tag( ctx, MBEDTLS_CHACHAPOLY_ENCRYPT,
length, nonce, aad, aad_len,
input, output, tag ) );
@ -345,34 +321,30 @@ int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx,
const unsigned char *input,
unsigned char *output )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
unsigned char check_tag[16];
size_t i;
int diff;
CHACHAPOLY_VALIDATE_RET( ctx != NULL );
CHACHAPOLY_VALIDATE_RET( nonce != NULL );
CHACHAPOLY_VALIDATE_RET( tag != NULL );
CHACHAPOLY_VALIDATE_RET( aad_len == 0 || aad != NULL );
CHACHAPOLY_VALIDATE_RET( length == 0 || input != NULL );
CHACHAPOLY_VALIDATE_RET( length == 0 || output != NULL );
CHACHAPOLY_VALIDATE_RET( ctx );
CHACHAPOLY_VALIDATE_RET( nonce );
CHACHAPOLY_VALIDATE_RET( tag );
CHACHAPOLY_VALIDATE_RET( aad_len == 0 || aad );
CHACHAPOLY_VALIDATE_RET( length == 0 || input );
CHACHAPOLY_VALIDATE_RET( length == 0 || output );
if( ( ret = chachapoly_crypt_and_tag( ctx,
MBEDTLS_CHACHAPOLY_DECRYPT, length, nonce,
aad, aad_len, input, output, check_tag ) ) != 0 )
{
return( ret );
}
/* Check tag in "constant-time" */
for( diff = 0, i = 0; i < sizeof( check_tag ); i++ )
diff |= tag[i] ^ check_tag[i];
if( diff != 0 )
{
mbedtls_platform_zeroize( output, length );
return( MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED );
}
return( 0 );
}
@ -486,20 +458,16 @@ int mbedtls_chachapoly_self_test( int verbose )
{
mbedtls_chachapoly_context ctx;
unsigned i;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
unsigned char output[200];
unsigned char mac[16];
for( i = 0U; i < 1U; i++ )
{
if( verbose != 0 )
mbedtls_printf( " ChaCha20-Poly1305 test %u ", i );
mbedtls_chachapoly_init( &ctx );
ret = mbedtls_chachapoly_setkey( &ctx, test_key[i] );
ASSERT( 0 == ret, ( "setkey() error code: %i\n", ret ) );
ret = mbedtls_chachapoly_encrypt_and_tag( &ctx,
test_input_len[i],
test_nonce[i],
@ -508,24 +476,17 @@ int mbedtls_chachapoly_self_test( int verbose )
test_input[i],
output,
mac );
ASSERT( 0 == ret, ( "crypt_and_tag() error code: %i\n", ret ) );
ASSERT( 0 == memcmp( output, test_output[i], test_input_len[i] ),
( "failure (wrong output)\n" ) );
ASSERT( 0 == memcmp( mac, test_mac[i], 16U ),
( "failure (wrong MAC)\n" ) );
mbedtls_chachapoly_free( &ctx );
if( verbose != 0 )
mbedtls_printf( "passed\n" );
}
if( verbose != 0 )
mbedtls_printf( "\n" );
return( 0 );
}

9
third_party/mbedtls/chk.h vendored Normal file
View file

@ -0,0 +1,9 @@
#ifndef COSMOPOLITAN_THIRD_PARTY_MBEDTLS_CHK_H_
#define COSMOPOLITAN_THIRD_PARTY_MBEDTLS_CHK_H_
#define MBEDTLS_CHK(f) \
do { \
if ((ret = (f))) goto cleanup; \
} while (0)
#endif /* COSMOPOLITAN_THIRD_PARTY_MBEDTLS_CHK_H_ */

67
third_party/mbedtls/cipher.c vendored
View file

@ -1,3 +1,20 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "third_party/mbedtls/ccm.h"
#include "third_party/mbedtls/chacha20.h"
#include "third_party/mbedtls/chachapoly.h"
@ -14,30 +31,7 @@ Mbed TLS (Apache 2.0)\\n\
Copyright ARM Limited\\n\
Copyright Mbed TLS Contributors\"");
asm(".include \"libc/disclaimer.inc\"");
/* clang-format off */
/**
* \file cipher.c
*
* \brief Generic cipher wrapper for mbed TLS
*
* \author Adriaan de Jong <dejong@fox-it.com>
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#if defined(MBEDTLS_CIPHER_C)
@ -136,7 +130,7 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values(
void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx )
{
CIPHER_VALIDATE( ctx != NULL );
memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_cipher_context_t ) );
}
void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx )
@ -189,7 +183,7 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
if( cipher_info == NULL )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_cipher_context_t ) );
if( NULL == ( ctx->cipher_ctx = cipher_info->base->ctx_alloc_func() ) )
return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED );
@ -229,7 +223,7 @@ int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
if( mbedtls_psa_translate_cipher_type( cipher_info->type ) == 0 )
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_cipher_context_t ) );
cipher_psa = mbedtls_calloc( 1, sizeof(mbedtls_cipher_context_psa ) );
if( cipher_psa == NULL )
@ -471,7 +465,7 @@ int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
size_t ilen, unsigned char *output, size_t *olen )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t block_size;
CIPHER_VALIDATE_RET( ctx != NULL );
@ -495,8 +489,9 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i
*olen = ilen;
if( 0 != ( ret = ctx->cipher_info->base->ecb_func( ctx->cipher_ctx,
ctx->operation, input, output ) ) )
if( ( ret = ctx->cipher_info->base->ecb_func( ctx->cipher_ctx,
ctx->operation,
input, output ) ) )
{
return( ret );
}
@ -1085,7 +1080,7 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
const unsigned char *tag, size_t tag_len )
{
unsigned char check_tag[16];
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
CIPHER_VALIDATE_RET( ctx != NULL );
CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
@ -1162,7 +1157,7 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t finish_olen;
CIPHER_VALIDATE_RET( ctx != NULL );
@ -1270,14 +1265,11 @@ static int mbedtls_cipher_aead_encrypt( mbedtls_cipher_context_t *ctx,
* below will gracefully fail. */
mbedtls_cipher_context_psa * const cipher_psa =
(mbedtls_cipher_context_psa *) ctx->cipher_ctx;
psa_status_t status;
/* PSA Crypto API always writes the authentication tag
* at the end of the encrypted message. */
if( output == NULL || tag != output + ilen )
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
status = psa_aead_encrypt( cipher_psa->slot,
cipher_psa->alg,
iv, iv_len,
@ -1286,7 +1278,6 @@ static int mbedtls_cipher_aead_encrypt( mbedtls_cipher_context_t *ctx,
output, ilen + tag_len, olen );
if( status != PSA_SUCCESS )
return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
*olen -= tag_len;
return( 0 );
}
@ -1376,7 +1367,7 @@ static int mbedtls_cipher_aead_decrypt( mbedtls_cipher_context_t *ctx,
#if defined(MBEDTLS_GCM_C)
if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
*olen = ilen;
ret = mbedtls_gcm_auth_decrypt( ctx->cipher_ctx, ilen,
@ -1392,7 +1383,7 @@ static int mbedtls_cipher_aead_decrypt( mbedtls_cipher_context_t *ctx,
#if defined(MBEDTLS_CCM_C)
if( MBEDTLS_MODE_CCM == ctx->cipher_info->mode )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
*olen = ilen;
ret = mbedtls_ccm_auth_decrypt( ctx->cipher_ctx, ilen,
@ -1408,7 +1399,7 @@ static int mbedtls_cipher_aead_decrypt( mbedtls_cipher_context_t *ctx,
#if defined(MBEDTLS_CHACHAPOLY_C)
if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
/* ChachaPoly has fixed length nonce and MAC (tag) */
if ( ( iv_len != ctx->cipher_info->iv_size ) ||

2
third_party/mbedtls/cipher.h vendored
View file

@ -411,7 +411,6 @@ static inline unsigned int mbedtls_cipher_get_block_size(
MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 );
if( ctx->cipher_info == NULL )
return 0;
return ctx->cipher_info->block_size;
}
@ -430,7 +429,6 @@ static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode(
MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, MBEDTLS_MODE_NONE );
if( ctx->cipher_info == NULL )
return MBEDTLS_MODE_NONE;
return ctx->cipher_info->mode;
}

68
third_party/mbedtls/cipher_wrap.c vendored
View file

@ -1,3 +1,20 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "libc/mem/mem.h"
#include "third_party/mbedtls/aes.h"
#include "third_party/mbedtls/ccm.h"
@ -16,30 +33,8 @@ Mbed TLS (Apache 2.0)\\n\
Copyright ARM Limited\\n\
Copyright Mbed TLS Contributors\"");
asm(".include \"libc/disclaimer.inc\"");
/* clang-format off */
/**
* \file cipher_wrap.c
*
* \brief Generic cipher wrapper for mbed TLS
*
* \author Adriaan de Jong <dejong@fox-it.com>
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#if defined(MBEDTLS_CIPHER_C)
#if defined(MBEDTLS_GCM_C)
@ -48,7 +43,7 @@ static void *gcm_ctx_alloc( void )
{
void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_gcm_context ) );
if( ctx != NULL )
if( ctx )
mbedtls_gcm_init( (mbedtls_gcm_context *) ctx );
return( ctx );
@ -67,7 +62,7 @@ static void *ccm_ctx_alloc( void )
{
void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ccm_context ) );
if( ctx != NULL )
if( ctx )
mbedtls_ccm_init( (mbedtls_ccm_context *) ctx );
return( ctx );
@ -82,21 +77,6 @@ static void ccm_ctx_free( void *ctx )
#if defined(MBEDTLS_AES_C)
static int aes_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation,
const unsigned char *input, unsigned char *output )
{
return mbedtls_aes_crypt_ecb( (mbedtls_aes_context *) ctx, operation, input, output );
}
#if defined(MBEDTLS_CIPHER_MODE_CBC)
static int aes_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length,
unsigned char *iv, const unsigned char *input, unsigned char *output )
{
return mbedtls_aes_crypt_cbc( (mbedtls_aes_context *) ctx, operation, length, iv, input,
output );
}
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_CFB)
static int aes_crypt_cfb128_wrap( void *ctx, mbedtls_operation_t operation,
size_t length, size_t *iv_off, unsigned char *iv,
@ -169,7 +149,7 @@ static void * aes_ctx_alloc( void )
{
mbedtls_aes_context *aes = mbedtls_calloc( 1, sizeof( mbedtls_aes_context ) );
if( aes == NULL )
if( !aes )
return( NULL );
mbedtls_aes_init( aes );
@ -185,9 +165,9 @@ static void aes_ctx_free( void *ctx )
static const mbedtls_cipher_base_t aes_info = {
MBEDTLS_CIPHER_ID_AES,
aes_crypt_ecb_wrap,
(void *)mbedtls_aes_crypt_ecb,
#if defined(MBEDTLS_CIPHER_MODE_CBC)
aes_crypt_cbc_wrap,
(void *)mbedtls_aes_crypt_cbc,
#endif
#if defined(MBEDTLS_CIPHER_MODE_CFB)
aes_crypt_cfb128_wrap,
@ -1041,7 +1021,7 @@ static int chacha20_stream_wrap( void *ctx, size_t length,
const unsigned char *input,
unsigned char *output )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
ret = mbedtls_chacha20_update( ctx, length, input, output );
if( ret == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA )

19
third_party/mbedtls/config.h vendored
View file

@ -1,5 +1,6 @@
#ifndef MBEDTLS_CONFIG_H_
#define MBEDTLS_CONFIG_H_
#include "libc/dce.h"
/* protocols */
#define MBEDTLS_SSL_PROTO_TLS1_2
@ -46,8 +47,8 @@
/* block modes */
#define MBEDTLS_GCM_C
#ifndef TINY
/*#define MBEDTLS_CCM_C*/
#define MBEDTLS_CIPHER_MODE_CBC
/*#define MBEDTLS_CCM_C*/
/*#define MBEDTLS_CIPHER_MODE_CFB*/
/*#define MBEDTLS_CIPHER_MODE_CTR*/
/*#define MBEDTLS_CIPHER_MODE_OFB*/
@ -60,9 +61,9 @@
#ifndef TINY
#define MBEDTLS_ECP_C
#define MBEDTLS_ECDH_C
#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
#define MBEDTLS_ECDSA_C
#define MBEDTLS_ECDSA_DETERMINISTIC
#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
/*#define MBEDTLS_DHM_C*/
@ -113,7 +114,7 @@
#endif
#endif
#ifndef NDEBUG
#if IsModeDbg()
#define MBEDTLS_CHECK_PARAMS
#endif
@ -121,11 +122,10 @@
#define MBEDTLS_SHA1_SMALLER
#define MBEDTLS_SHA256_SMALLER
#define MBEDTLS_SHA512_SMALLER
#define MBEDTLS_ECP_NIST_OPTIM
#ifdef TINY
#define MBEDTLS_AES_ROM_TABLES
#define MBEDTLS_AES_FEWER_TABLES
#else
#define MBEDTLS_ECP_NIST_OPTIM
#endif
#define MBEDTLS_PLATFORM_C
@ -793,7 +793,7 @@
*
* Comment this macro to disable support for server name indication in SSL
*/
/*#define MBEDTLS_SSL_SERVER_NAME_INDICATION*/
#define MBEDTLS_SSL_SERVER_NAME_INDICATION
/**
* \def MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
@ -1205,7 +1205,6 @@
* \warning SHA-1 is considered a weak message digest and its use constitutes
* a security risk. If possible, we recommend avoiding dependencies
* on it, and considering stronger message digests instead.
*
*/
/*#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES*/
@ -1223,7 +1222,11 @@
* a security risk. If possible, we recommend avoiding dependencies
* on it, and considering stronger message digests instead.
*/
/*#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE*/
#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
#define mbedtls_t_udbl uint128_t
#define MBEDTLS_HAVE_UDBL
#include "libc/dce.h"
#include "third_party/mbedtls/check.h"
#endif /* MBEDTLS_CONFIG_H_ */

59
third_party/mbedtls/ctr_drbg.c vendored
View file

@ -1,3 +1,20 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "libc/stdio/stdio.h"
#include "libc/str/str.h"
#include "third_party/mbedtls/common.h"
@ -12,25 +29,9 @@ Copyright ARM Limited\\n\
Copyright Mbed TLS Contributors\"");
asm(".include \"libc/disclaimer.inc\"");
/*
* CTR_DRBG implementation based on AES-256 (NIST SP 800-90)
/**
* @fileoverview CTR_DRBG implementation based on AES-256 (NIST SP 800-90)
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/*
* The NIST SP 800-90 DRBGs are described in the following publication.
*
* http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2007.pdf
@ -50,7 +51,7 @@ asm(".include \"libc/disclaimer.inc\"");
*/
void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx )
{
memset( ctx, 0, sizeof( mbedtls_ctr_drbg_context ) );
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ctr_drbg_context ) );
/* Indicate that the entropy nonce length is not set explicitly.
* See mbedtls_ctr_drbg_set_nonce_len(). */
ctx->reseed_counter = -1;
@ -134,7 +135,7 @@ static int block_cipher_df( unsigned char *output,
if( data_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT )
return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
memset( buf, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT +
mbedtls_platform_zeroize( buf, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT +
MBEDTLS_CTR_DRBG_BLOCKSIZE + 16 );
mbedtls_aes_init( &aes_ctx );
@ -172,7 +173,7 @@ static int block_cipher_df( unsigned char *output,
for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE )
{
p = buf;
memset( chain, 0, MBEDTLS_CTR_DRBG_BLOCKSIZE );
mbedtls_platform_zeroize( chain, MBEDTLS_CTR_DRBG_BLOCKSIZE );
use_len = buf_len;
while( use_len > 0 )
@ -255,7 +256,7 @@ static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx,
int i, j;
int ret = 0;
memset( tmp, 0, MBEDTLS_CTR_DRBG_SEEDLEN );
mbedtls_platform_zeroize( tmp, MBEDTLS_CTR_DRBG_SEEDLEN );
for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE )
{
@ -314,7 +315,7 @@ int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx,
size_t add_len )
{
unsigned char add_input[MBEDTLS_CTR_DRBG_SEEDLEN];
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
if( add_len == 0 )
return( 0 );
@ -349,7 +350,7 @@ static int mbedtls_ctr_drbg_reseed_internal( mbedtls_ctr_drbg_context *ctx,
{
unsigned char seed[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT];
size_t seedlen = 0;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
if( ctx->entropy_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT )
return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
@ -358,7 +359,7 @@ static int mbedtls_ctr_drbg_reseed_internal( mbedtls_ctr_drbg_context *ctx,
if( len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len - nonce_len )
return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
memset( seed, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT );
mbedtls_platform_zeroize( seed, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT );
/* Gather entropy_len bytes of entropy to seed state. */
if( 0 != ctx->f_entropy( ctx->p_entropy, seed, ctx->entropy_len ) )
@ -399,7 +400,7 @@ exit:
}
int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
const unsigned char *additional, size_t len )
const void *additional, size_t len )
{
return( mbedtls_ctr_drbg_reseed_internal( ctx, additional, len, 0 ) );
}
@ -434,11 +435,11 @@ int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx,
const void *custom,
size_t len )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE];
size_t nonce_len;
memset( key, 0, MBEDTLS_CTR_DRBG_KEYSIZE );
mbedtls_platform_zeroize( key, MBEDTLS_CTR_DRBG_KEYSIZE );
mbedtls_aes_init( &ctx->aes_ctx );
@ -508,7 +509,7 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng,
if( add_len > MBEDTLS_CTR_DRBG_MAX_INPUT )
return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
memset( add_input, 0, MBEDTLS_CTR_DRBG_SEEDLEN );
mbedtls_platform_zeroize( add_input, MBEDTLS_CTR_DRBG_SEEDLEN );
if( ctx->reseed_counter > ctx->reseed_interval ||
ctx->prediction_resistance )

2
third_party/mbedtls/ctr_drbg.h vendored
View file

@ -356,7 +356,7 @@ void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx,
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure.
*/
int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
const unsigned char *additional, size_t len );
const void *additional, size_t len );
/**
* \brief This function updates the state of the CTR_DRBG context.

44
third_party/mbedtls/debug.c vendored
View file

@ -1,3 +1,20 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "third_party/mbedtls/common.h"
#include "third_party/mbedtls/debug.h"
#include "third_party/mbedtls/error.h"
@ -8,26 +25,7 @@ Mbed TLS (Apache 2.0)\\n\
Copyright ARM Limited\\n\
Copyright Mbed TLS Contributors\"");
asm(".include \"libc/disclaimer.inc\"");
/* clang-format off */
/*
* Debugging routines
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
char mbedtls_debug_threshold;
@ -57,7 +55,7 @@ void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
{
va_list argp;
char str[DEBUG_BUF_SIZE];
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
if( NULL == ssl ||
NULL == ssl->conf ||
@ -129,7 +127,7 @@ void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
debug_send_line( ssl, level, file, line, str );
idx = 0;
memset( txt, 0, sizeof( txt ) );
mbedtls_platform_zeroize( txt, sizeof( txt ) );
for( i = 0; i < len; i++ )
{
if( i >= 4096 )
@ -143,7 +141,7 @@ void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
debug_send_line( ssl, level, file, line, str );
idx = 0;
memset( txt, 0, sizeof( txt ) );
mbedtls_platform_zeroize( txt, sizeof( txt ) );
}
idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, "%04x: ",
@ -273,7 +271,7 @@ static void debug_print_pk( const mbedtls_ssl_context *ssl, int level,
mbedtls_pk_debug_item items[MBEDTLS_PK_DEBUG_MAX_ITEMS];
char name[16];
memset( items, 0, sizeof( items ) );
mbedtls_platform_zeroize( items, sizeof( items ) );
if( mbedtls_pk_debug( pk, items ) != 0 )
{

43
third_party/mbedtls/des.c vendored
View file

@ -1,3 +1,20 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "libc/stdio/stdio.h"
#include "libc/str/str.h"
#include "third_party/mbedtls/common.h"
@ -10,27 +27,11 @@ Mbed TLS (Apache 2.0)\\n\
Copyright ARM Limited\\n\
Copyright Mbed TLS Contributors\"");
asm(".include \"libc/disclaimer.inc\"");
/* clang-format off */
/*
* FIPS-46-3 compliant Triple-DES implementation
/**
* @fileoverview FIPS-46-3 compliant Triple-DES implementation
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/*
* DES, on which TDES is based, was originally designed by Horst Feistel
* at IBM in 1974, and was adopted as a standard by NIST (formerly NBS).
*
@ -276,7 +277,7 @@ static const uint32_t RHs[16] =
void mbedtls_des_init( mbedtls_des_context *ctx )
{
memset( ctx, 0, sizeof( mbedtls_des_context ) );
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_des_context ) );
}
void mbedtls_des_free( mbedtls_des_context *ctx )
@ -289,7 +290,7 @@ void mbedtls_des_free( mbedtls_des_context *ctx )
void mbedtls_des3_init( mbedtls_des3_context *ctx )
{
memset( ctx, 0, sizeof( mbedtls_des3_context ) );
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_des3_context ) );
}
void mbedtls_des3_free( mbedtls_des3_context *ctx )

69
third_party/mbedtls/dhm.c vendored
View file

@ -1,3 +1,20 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "libc/calls/calls.h"
#include "third_party/mbedtls/asn1.h"
#include "third_party/mbedtls/common.h"
@ -11,34 +28,16 @@ Mbed TLS (Apache 2.0)\\n\
Copyright ARM Limited\\n\
Copyright Mbed TLS Contributors\"");
asm(".include \"libc/disclaimer.inc\"");
/* clang-format off */
/*
* Diffie-Hellman-Merkle key exchange
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/*
* The following sources were referenced in the design of this implementation
* of the Diffie-Hellman-Merkle algorithm:
/**
* @fileoverview Diffie-Hellman-Merkle key exchange
*
* The following sources were referenced in the design of this
* implementation of the Diffie-Hellman-Merkle algorithm:
*
* [1] Handbook of Applied Cryptography - 1997, Chapter 12
* Menezes, van Oorschot and Vanstone
*
*/
#if defined(MBEDTLS_DHM_C)
@ -112,7 +111,7 @@ cleanup:
void mbedtls_dhm_init( mbedtls_dhm_context *ctx )
{
DHM_VALIDATE( ctx != NULL );
memset( ctx, 0, sizeof( mbedtls_dhm_context ) );
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_dhm_context ) );
}
/*
@ -122,7 +121,7 @@ int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx,
unsigned char **p,
const unsigned char *end )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
DHM_VALIDATE_RET( ctx != NULL );
DHM_VALIDATE_RET( p != NULL && *p != NULL );
DHM_VALIDATE_RET( end != NULL );
@ -167,7 +166,7 @@ int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &ctx->X, x_size, f_rng, p_rng ) );
while( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &ctx->X, 1 ) );
mbedtls_mpi_shift_r( &ctx->X, 1 );
if( count++ > 10 )
return( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED );
@ -224,7 +223,7 @@ int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx,
const mbedtls_mpi *P,
const mbedtls_mpi *G )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
DHM_VALIDATE_RET( ctx != NULL );
DHM_VALIDATE_RET( P != NULL );
DHM_VALIDATE_RET( G != NULL );
@ -245,7 +244,7 @@ int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx,
int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx,
const unsigned char *input, size_t ilen )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
DHM_VALIDATE_RET( ctx != NULL );
DHM_VALIDATE_RET( input != NULL );
@ -285,7 +284,7 @@ int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size,
MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &ctx->X, x_size, f_rng, p_rng ) );
while( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &ctx->X, 1 ) );
mbedtls_mpi_shift_r( &ctx->X, 1 );
if( count++ > 10 )
return( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED );
@ -323,7 +322,7 @@ static int dhm_random_below( mbedtls_mpi *R, const mbedtls_mpi *M,
MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( R, mbedtls_mpi_size( M ), f_rng, p_rng ) );
while( mbedtls_mpi_cmp_mpi( R, M ) >= 0 )
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( R, 1 ) );
mbedtls_mpi_shift_r( &R, 1 );
if( count++ > 10 )
return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE );
@ -367,7 +366,7 @@ static int dhm_update_blinding( mbedtls_dhm_context *ctx,
* Ok, we need blinding. Can we re-use existing values?
* If yes, just update them by squaring them.
*/
if( mbedtls_mpi_cmp_int( &ctx->Vi, 1 ) != 0 )
if( !mbedtls_mpi_is_one( &ctx->Vi ) )
{
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &ctx->Vi ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->P ) );
@ -411,7 +410,7 @@ int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
mbedtls_mpi GYb;
DHM_VALIDATE_RET( ctx != NULL );
DHM_VALIDATE_RET( output != NULL );
@ -488,7 +487,7 @@ void mbedtls_dhm_free( mbedtls_dhm_context *ctx )
int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin,
size_t dhminlen )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t len;
unsigned char *p, *end;
#if defined(MBEDTLS_PEM_PARSE_C)
@ -642,7 +641,7 @@ static int load_file( const char *path, unsigned char **buf, size_t *n )
*/
int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t n;
unsigned char *buf;
DHM_VALIDATE_RET( dhm != NULL );
@ -694,7 +693,7 @@ static const size_t mbedtls_test_dhm_params_len = sizeof( mbedtls_test_dhm_param
*/
int mbedtls_dhm_self_test( int verbose )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
mbedtls_dhm_context dhm;
mbedtls_dhm_init( &dhm );

68
third_party/mbedtls/ecdh.c vendored
View file

@ -1,3 +1,20 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "third_party/mbedtls/common.h"
#include "third_party/mbedtls/ecdh.h"
#include "third_party/mbedtls/error.h"
@ -8,32 +25,13 @@ Mbed TLS (Apache 2.0)\\n\
Copyright ARM Limited\\n\
Copyright Mbed TLS Contributors\"");
asm(".include \"libc/disclaimer.inc\"");
/* clang-format off */
/*
* Elliptic curve Diffie-Hellman
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/*
* References:
/**
* @fileoverview Elliptic curve Diffie-Hellman
*
* SEC1 http://www.secg.org/index.php?action=secg,docs_secg
* RFC 4492
* @see SEC1 http://www.secg.org/index.php?action=secg,docs_secg
* @see RFC4492
*/
#if defined(MBEDTLS_ECDH_C)
@ -78,11 +76,11 @@ static int ecdh_gen_public_restartable( mbedtls_ecp_group *grp,
void *p_rng,
mbedtls_ecp_restart_ctx *rs_ctx )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
/* If multiplication is in progress, we already generated a privkey */
#if defined(MBEDTLS_ECP_RESTARTABLE)
if( rs_ctx == NULL || rs_ctx->rsm == NULL )
if( !rs_ctx || !rs_ctx->rsm )
#endif
MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, d, f_rng, p_rng ) );
@ -119,7 +117,7 @@ static int ecdh_compute_shared_restartable( mbedtls_ecp_group *grp,
void *p_rng,
mbedtls_ecp_restart_ctx *rs_ctx )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
mbedtls_ecp_point P;
mbedtls_ecp_point_init( &P );
@ -184,7 +182,7 @@ void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx )
mbedtls_ecp_point_init( &ctx->Vf );
mbedtls_mpi_init( &ctx->_d );
#else
memset( ctx, 0, sizeof( mbedtls_ecdh_context ) );
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ecdh_context ) );
ctx->var = MBEDTLS_ECDH_VARIANT_NONE;
#endif
@ -197,7 +195,7 @@ void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx )
static int ecdh_setup_internal( mbedtls_ecdh_context_mbed *ctx,
mbedtls_ecp_group_id grp_id )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
ret = mbedtls_ecp_group_load( &ctx->grp, grp_id );
if( ret != 0 )
@ -305,7 +303,7 @@ static int ecdh_make_params_internal( mbedtls_ecdh_context_mbed *ctx,
void *p_rng,
int restart_enabled )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t grp_len, pt_len;
#if defined(MBEDTLS_ECP_RESTARTABLE)
mbedtls_ecp_restart_ctx *rs_ctx = NULL;
@ -412,7 +410,7 @@ int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx,
const unsigned char **buf,
const unsigned char *end )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
mbedtls_ecp_group_id grp_id;
ECDH_VALIDATE_RET( ctx != NULL );
ECDH_VALIDATE_RET( buf != NULL );
@ -449,7 +447,7 @@ static int ecdh_get_params_internal( mbedtls_ecdh_context_mbed *ctx,
const mbedtls_ecp_keypair *key,
mbedtls_ecdh_side side )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
/* If it's not our key, just import the public part as Qp */
if( side == MBEDTLS_ECDH_THEIRS )
@ -473,7 +471,7 @@ int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx,
const mbedtls_ecp_keypair *key,
mbedtls_ecdh_side side )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
ECDH_VALIDATE_RET( ctx != NULL );
ECDH_VALIDATE_RET( key != NULL );
ECDH_VALIDATE_RET( side == MBEDTLS_ECDH_OURS ||
@ -528,7 +526,7 @@ static int ecdh_make_public_internal( mbedtls_ecdh_context_mbed *ctx,
void *p_rng,
int restart_enabled )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
#if defined(MBEDTLS_ECP_RESTARTABLE)
mbedtls_ecp_restart_ctx *rs_ctx = NULL;
#endif
@ -600,7 +598,7 @@ int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
static int ecdh_read_public_internal( mbedtls_ecdh_context_mbed *ctx,
const unsigned char *buf, size_t blen )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
const unsigned char *p = buf;
if( ( ret = mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, &p,
@ -650,7 +648,7 @@ static int ecdh_calc_secret_internal( mbedtls_ecdh_context_mbed *ctx,
void *p_rng,
int restart_enabled )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
#if defined(MBEDTLS_ECP_RESTARTABLE)
mbedtls_ecp_restart_ctx *rs_ctx = NULL;
#endif

32
third_party/mbedtls/ecdsa.c vendored
View file

@ -1,9 +1,27 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "third_party/mbedtls/asn1write.h"
#include "third_party/mbedtls/common.h"
#include "third_party/mbedtls/ecdsa.h"
#include "third_party/mbedtls/error.h"
#include "third_party/mbedtls/hmac_drbg.h"
#include "third_party/mbedtls/platform.h"
#include "third_party/mbedtls/profile.h"
asm(".ident\t\"\\n\\n\
Mbed TLS (Apache 2.0)\\n\
@ -219,7 +237,7 @@ static void ecdsa_restart_det_free( mbedtls_ecdsa_restart_det_ctx *ctx )
static int derive_mpi( const mbedtls_ecp_group *grp, mbedtls_mpi *x,
const unsigned char *buf, size_t blen )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t n_size = ( grp->nbits + 7 ) / 8;
size_t use_size = blen > n_size ? n_size : blen;
@ -421,7 +439,7 @@ static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp,
void *p_rng_blind,
mbedtls_ecdsa_restart_ctx *rs_ctx )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
mbedtls_hmac_drbg_context rng_ctx;
mbedtls_hmac_drbg_context *p_rng = &rng_ctx;
unsigned char data[2 * MBEDTLS_ECP_MAX_BYTES];
@ -576,7 +594,7 @@ static int ecdsa_verify_restartable( mbedtls_ecp_group *grp,
const mbedtls_mpi *r, const mbedtls_mpi *s,
mbedtls_ecdsa_restart_ctx *rs_ctx )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
mbedtls_mpi e, s_inv, u1, u2;
mbedtls_ecp_point R;
mbedtls_mpi *pu1 = &u1, *pu2 = &u2;
@ -700,7 +718,7 @@ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
static int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s,
unsigned char *sig, size_t *slen )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
unsigned char buf[MBEDTLS_ECDSA_MAX_LEN];
unsigned char *p = buf + sizeof( buf );
size_t len = 0;
@ -729,7 +747,7 @@ int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx,
void *p_rng,
mbedtls_ecdsa_restart_ctx *rs_ctx )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
mbedtls_mpi r, s;
ECDSA_VALIDATE_RET( ctx != NULL );
ECDSA_VALIDATE_RET( hash != NULL );
@ -808,7 +826,7 @@ int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx,
const unsigned char *sig, size_t slen,
mbedtls_ecdsa_restart_ctx *rs_ctx )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
unsigned char *p = (unsigned char *) sig;
const unsigned char *end = sig + slen;
size_t len;
@ -890,7 +908,7 @@ int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
*/
int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
ECDSA_VALIDATE_RET( ctx != NULL );
ECDSA_VALIDATE_RET( key != NULL );

862
third_party/mbedtls/ecp.c vendored
View file

File diff suppressed because it is too large Load diff

5
third_party/mbedtls/ecp.h vendored
View file

@ -1,5 +1,6 @@
#ifndef COSMOPOLITAN_THIRD_PARTY_MBEDTLS_ECP_H_
#define COSMOPOLITAN_THIRD_PARTY_MBEDTLS_ECP_H_
#include "libc/log/backtrace.internal.h"
#include "third_party/mbedtls/bignum.h"
#include "third_party/mbedtls/config.h"
COSMOPOLITAN_C_START_
@ -350,6 +351,7 @@ int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *, mbedtls_ecp_point *,
int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *, size_t *, unsigned char *, size_t );
int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *, const mbedtls_ecp_point *, int, size_t *, unsigned char *, size_t );
int mbedtls_ecp_write_key( mbedtls_ecp_keypair *, unsigned char *, size_t );
int mbedtls_mpi_shift_l_mod( const mbedtls_ecp_group *, mbedtls_mpi * );
mbedtls_ecp_curve_type mbedtls_ecp_get_type( const mbedtls_ecp_group * );
void mbedtls_ecp_group_free( mbedtls_ecp_group * );
void mbedtls_ecp_group_init( mbedtls_ecp_group * );
@ -361,5 +363,8 @@ void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx * );
void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx * );
void mbedtls_ecp_set_max_ops( unsigned );
int ecp_mod_p256(mbedtls_mpi *);
int ecp_mod_p384(mbedtls_mpi *);
COSMOPOLITAN_C_END_
#endif /* COSMOPOLITAN_THIRD_PARTY_MBEDTLS_ECP_H_ */

673
third_party/mbedtls/ecp256.c vendored Normal file
View file

@ -0,0 +1,673 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/log/check.h"
#include "libc/nexgen32e/x86feature.h"
#include "libc/runtime/gc.internal.h"
#include "libc/runtime/runtime.h"
#include "third_party/mbedtls/bignum_internal.h"
#include "third_party/mbedtls/ecp.h"
#include "third_party/mbedtls/ecp_internal.h"
#include "third_party/mbedtls/error.h"
#include "third_party/mbedtls/math.h"
#include "third_party/mbedtls/profile.h"
#include "third_party/mbedtls/traceme.h"
/* clang-format off */
static inline bool
mbedtls_p256_isz( uint64_t p[4] )
{
return( !p[0] & !p[1] & !p[2] & !p[3] );
}
static inline bool
mbedtls_p256_gte( uint64_t p[5] )
{
return( (p[4] ||
p[3] > 0xffffffff00000001 ||
(p[3] == 0xffffffff00000001 &&
p[2] > 0x0000000000000000 ||
(p[2] == 0x0000000000000000 &&
p[1] > 0x00000000ffffffff ||
(p[1] == 0x00000000ffffffff &&
p[0] > 0xffffffffffffffff ||
(p[0] == 0xffffffffffffffff))))) );
}
static int
mbedtls_p256_cmp( const uint64_t a[5],
const uint64_t b[5] )
{
if( a[4] < b[4] ) return -1;
if( a[4] > b[4] ) return 1;
if( a[3] < b[3] ) return -1;
if( a[3] > b[3] ) return 1;
if( a[2] < b[2] ) return -1;
if( a[2] > b[2] ) return 1;
if( a[1] < b[1] ) return -1;
if( a[1] > b[1] ) return 1;
if( a[0] < b[0] ) return -1;
if( a[0] > b[0] ) return 1;
return 0;
}
static inline void
mbedtls_p256_red( uint64_t p[5] )
{
#if defined(__x86_64__) && !defined(__STRICT_ANSI__)
asm("subq\t%1,%0\n\t"
"sbbq\t%2,8+%0\n\t"
"sbbq\t%3,16+%0\n\t"
"sbbq\t%4,24+%0\n\t"
"sbbq\t$0,32+%0"
: "+o"(*p)
: "i"(0xffffffffffffffffl), "r"(0x00000000ffffffffl),
"i"(0x0000000000000000l), "r"(0xffffffff00000001l)
: "memory", "cc");
#else
uint64_t c;
SBB( p[0], p[0], 0xffffffffffffffff, 0, c );
SBB( p[1], p[1], 0x00000000ffffffff, c, c );
SBB( p[2], p[2], 0x0000000000000000, c, c );
SBB( p[3], p[3], 0xffffffff00000001, c, c );
SBB( p[4], p[4], 0, c, c );
#endif
}
static noinline void
mbedtls_p256_gro( uint64_t p[5] )
{
#if defined(__x86_64__) && !defined(__STRICT_ANSI__)
asm("addq\t%1,%0\n\t"
"adcq\t%2,8+%0\n\t"
"adcq\t%3,16+%0\n\t"
"adcq\t%4,24+%0\n\t"
"adcq\t$0,32+%0"
: "+o"(*p)
: "i"(0xffffffffffffffffl), "r"(0x00000000ffffffffl),
"i"(0x0000000000000000l), "r"(0xffffffff00000001l)
: "memory", "cc");
#else
uint64_t c;
ADC( p[0], p[0], 0xffffffffffffffff, 0, c );
ADC( p[1], p[1], 0x00000000ffffffff, c, c );
ADC( p[2], p[2], 0x0000000000000000, c, c );
ADC( p[3], p[3], 0xffffffff00000001, c, c );
ADC( p[4], p[4], 0, c, c );
#endif
}
static void
mbedtls_p256_rum( uint64_t p[5] )
{
while( mbedtls_p256_gte( p ) )
mbedtls_p256_red( p );
}
static inline void
mbedtls_p256_sar( uint64_t p[5] )
{
#if defined(__x86_64__) && !defined(__STRICT_ANSI__)
asm("sarq\t32+%0\n\t"
"rcrq\t24+%0\n\t"
"rcrq\t16+%0\n\t"
"rcrq\t8+%0\n\t"
"rcrq\t%0\n\t"
: "+o"(*p)
: /* no inputs */
: "memory", "cc");
#else
p[0] = p[0] >> 1 | p[1] << 63;
p[1] = p[1] >> 1 | p[2] << 63;
p[2] = p[2] >> 1 | p[3] << 63;
p[3] = p[3] >> 1 | p[4] << 63;
p[4] = (int64_t)p[4] >> 1;
#endif
}
static inline void
mbedtls_p256_shl( uint64_t p[5] )
{
#if defined(__x86_64__) && !defined(__STRICT_ANSI__)
asm("shlq\t%0\n\t"
"rclq\t8+%0\n\t"
"rclq\t16+%0\n\t"
"rclq\t24+%0\n\t"
"rclq\t32+%0\n\t"
: "+o"(*p)
: /* no inputs */
: "memory", "cc");
#else
p[4] = p[3] >> 63;
p[3] = p[3] << 1 | p[2] >> 63;
p[2] = p[2] << 1 | p[1] >> 63;
p[1] = p[1] << 1 | p[0] >> 63;
p[0] = p[0] << 1;
#endif
mbedtls_p256_rum( p );
}
static inline void
mbedtls_p256_jam( uint64_t p[5] )
{
secp256r1( p );
if( (int64_t)p[4] < 0 )
do
mbedtls_p256_gro( p );
while( (int64_t)p[4] < 0 );
else
mbedtls_p256_rum( p );
}
static void
mbedtls_p256_mul_1x1( uint64_t X[8],
const uint64_t A[4], size_t n,
const uint64_t B[4], size_t m )
{
uint128_t t;
t = A[0];
t *= B[0];
X[ 0] = t;
X[ 1] = t >> 64;
X[ 2] = 0;
X[ 3] = 0;
X[ 4] = 0;
X[ 5] = 0;
X[ 6] = 0;
X[ 7] = 0;
}
static void
mbedtls_p256_mul_nx1( uint64_t X[8],
const uint64_t A[4], size_t n,
const uint64_t B[4], size_t m )
{
mbedtls_mpi_mul_hlp1(n, A, X, B[0]);
mbedtls_platform_zeroize( X + n + m, ( 8 - n - m ) * 8 );
if ( n + m >= 4 )
mbedtls_p256_jam( X );
}
static void
mbedtls_p256_mul_4x4( uint64_t X[8],
const uint64_t A[4], size_t n,
const uint64_t B[4], size_t m )
{
Mul4x4( X, A, B );
mbedtls_p256_jam( X );
}
static void
mbedtls_p256_mul_nxm( uint64_t X[8],
const uint64_t A[4], size_t n,
const uint64_t B[4], size_t m )
{
if (A == X) A = gc(memcpy(malloc(4 * 8), A, 4 * 8));
if (B == X) B = gc(memcpy(malloc(4 * 8), B, 4 * 8));
Mul( X, A, n, B, m );
mbedtls_platform_zeroize( X + n + m, (8 - n - m) * 8 );
if ( n + m >= 4 )
mbedtls_p256_jam( X );
}
static void
mbedtls_p256_mul( uint64_t X[8],
const uint64_t A[4], size_t n,
const uint64_t B[4], size_t m )
{
if( n == 4 && m == 4 )
mbedtls_p256_mul_4x4( X, A, n, B, m );
else if( m == 1 && n == 1 )
mbedtls_p256_mul_1x1( X, A, n, B, m );
else if( m == 1 )
mbedtls_p256_mul_nx1( X, A, n, B, m );
else
mbedtls_p256_mul_nxm( X, A, n, B, m );
}
static void
mbedtls_p256_add( uint64_t X[5],
const uint64_t A[4],
const uint64_t B[4] )
{
#if defined(__x86_64__) && !defined(__STRICT_ANSI__)
asm("xor\t%%rcx,%%rcx\n\t"
"mov\t%1,%%rax\n\t"
"add\t%2,%%rax\n\t"
"mov\t%%rax,%0\n\t"
"mov\t8+%1,%%rax\n\t"
"adc\t8+%2,%%rax\n\t"
"mov\t%%rax,8+%0\n\t"
"mov\t16+%1,%%rax\n\t"
"adc\t16+%2,%%rax\n\t"
"mov\t%%rax,16+%0\n\t"
"mov\t24+%1,%%rax\n\t"
"adc\t24+%2,%%rax\n\t"
"mov\t%%rax,24+%0\n\t"
"adc\t$0,%%rcx\n\t"
"mov\t%%rcx,32+%0"
: "+o"(*X)
: "o"(*A), "o"(*B)
: "rax", "rcx", "memory", "cc");
#else
uint64_t c;
ADC( X[0], A[0], B[0], 0, c );
ADC( X[1], A[1], B[1], c, c );
ADC( X[2], A[2], B[2], c, c );
ADC( X[3], A[3], B[3], c, X[4] );
#endif
mbedtls_p256_rum( X );
DCHECK_EQ( 0, X[4] );
}
static void
mbedtls_p256_sub( uint64_t X[5],
const uint64_t A[4],
const uint64_t B[4] )
{
#if defined(__x86_64__) && !defined(__STRICT_ANSI__)
asm("xor\t%%rcx,%%rcx\n\t"
"mov\t%1,%%rax\n\t"
"sub\t%2,%%rax\n\t"
"mov\t%%rax,%0\n\t"
"mov\t8+%1,%%rax\n\t"
"sbb\t8+%2,%%rax\n\t"
"mov\t%%rax,8+%0\n\t"
"mov\t16+%1,%%rax\n\t"
"sbb\t16+%2,%%rax\n\t"
"mov\t%%rax,16+%0\n\t"
"mov\t24+%1,%%rax\n\t"
"sbb\t24+%2,%%rax\n\t"
"mov\t%%rax,24+%0\n\t"
"sbb\t$0,%%rcx\n\t"
"mov\t%%rcx,32+%0"
: "+o"(*X)
: "o"(*A), "o"(*B)
: "rax", "rcx", "memory", "cc");
#else
uint64_t c;
SBB( X[0], A[0], B[0], 0, c );
SBB( X[1], A[1], B[1], c, c );
SBB( X[2], A[2], B[2], c, c );
SBB( X[3], A[3], B[3], c, c );
X[4] = -c;
#endif
while( (int64_t)X[4] < 0 )
mbedtls_p256_gro( X );
DCHECK_EQ( 0, X[4] );
}
static void
mbedtls_p256_hub( uint64_t A[5],
const uint64_t B[4] )
{
#if defined(__x86_64__) && !defined(__STRICT_ANSI__)
asm("xor\t%%rcx,%%rcx\n\t"
"mov\t%1,%%rax\n\t"
"sub\t%%rax,%0\n\t"
"mov\t8+%1,%%rax\n\t"
"sbb\t%%rax,8+%0\n\t"
"mov\t16+%1,%%rax\n\t"
"sbb\t%%rax,16+%0\n\t"
"mov\t24+%1,%%rax\n\t"
"sbb\t%%rax,24+%0\n\t"
"sbb\t$0,%%rcx\n\t"
"mov\t%%rcx,32+%0"
: "+o"(*A)
: "o"(*B)
: "rax", "rcx", "memory", "cc");
while( (int64_t)A[4] < 0 )
mbedtls_p256_gro( A );
DCHECK_EQ( 0, A[4] );
#else
mbedtls_p256_sub( A, A, B );
#endif
}
static inline void
mbedtls_p256_cop( uint64_t X[4],
const uint64_t Y[4] )
{
memcpy( X, Y, 4 * 8 );
}
static int
mbedtls_p256_dim( mbedtls_ecp_point *R )
{
int ret;
if( R->X.n < 4 && ( ret = mbedtls_mpi_grow( &R->X, 4 ) ) ) return ret;
if( R->Y.n < 4 && ( ret = mbedtls_mpi_grow( &R->Y, 4 ) ) ) return ret;
if( R->Z.n < 4 && ( ret = mbedtls_mpi_grow( &R->Z, 4 ) ) ) return ret;
return 0;
}
int mbedtls_p256_double_jac( const mbedtls_ecp_group *G,
const mbedtls_ecp_point *P,
mbedtls_ecp_point *R )
{
int ret;
struct {
uint64_t X[4], Y[4], Z[4];
uint64_t M[8], S[8], T[8], U[8];
size_t Xn, Yn, Zn;
} s;
MBEDTLS_ASSERT( G->A.p == 0 );
MBEDTLS_ASSERT( P->X.s == 1 );
MBEDTLS_ASSERT( P->Y.s == 1 );
MBEDTLS_ASSERT( P->Z.s == 1 );
MBEDTLS_ASSERT( G->P.p[0] == 0xffffffffffffffff );
MBEDTLS_ASSERT( G->P.p[1] == 0x00000000ffffffff );
MBEDTLS_ASSERT( G->P.p[2] == 0x0000000000000000 );
MBEDTLS_ASSERT( G->P.p[3] == 0xffffffff00000001 );
if ( ( ret = mbedtls_p256_dim( R ) ) ) return ret;
mbedtls_platform_zeroize(&s, sizeof(s));
s.Xn = mbedtls_mpi_limbs( &P->X );
s.Yn = mbedtls_mpi_limbs( &P->Y );
s.Zn = mbedtls_mpi_limbs( &P->Z );
CHECK_LE( s.Xn, 4 );
CHECK_LE( s.Yn, 4 );
CHECK_LE( s.Zn, 4 );
memcpy( s.X, P->X.p, s.Xn * 8 );
memcpy( s.Y, P->Y.p, s.Yn * 8 );
memcpy( s.Z, P->Z.p, s.Zn * 8 );
mbedtls_p256_mul( s.S, s.Z, s.Zn, s.Z, s.Zn );
mbedtls_p256_add( s.T, s.X, s.S );
mbedtls_p256_sub( s.U, s.X, s.S );
mbedtls_p256_mul( s.S, s.T, 4, s.U, 4 );
mbedtls_mpi_mul_hlp1( 4, s.S, s.M, 3 );
mbedtls_p256_rum( s.M );
mbedtls_p256_mul( s.T, s.Y, s.Yn, s.Y, s.Yn );
mbedtls_p256_shl( s.T );
mbedtls_p256_mul( s.S, s.X, s.Xn, s.T, 4 );
mbedtls_p256_shl( s.S );
mbedtls_p256_mul( s.U, s.T, 4, s.T, 4 );
mbedtls_p256_shl( s.U );
mbedtls_p256_mul( s.T, s.M, 4, s.M, 4 );
mbedtls_p256_hub( s.T, s.S );
mbedtls_p256_hub( s.T, s.S );
mbedtls_p256_hub( s.S, s.T );
mbedtls_p256_mul( s.S, s.S, 4, s.M, 4 );
mbedtls_p256_hub( s.S, s.U );
mbedtls_p256_mul( s.U, s.Y, s.Yn, s.Z, s.Zn );
mbedtls_p256_shl( s.U );
mbedtls_p256_cop( R->X.p, s.T );
mbedtls_p256_cop( R->Y.p, s.S );
mbedtls_p256_cop( R->Z.p, s.U );
mbedtls_platform_zeroize( &s, sizeof(s) );
return 0;
}
int mbedtls_p256_add_mixed( const mbedtls_ecp_group *G,
const mbedtls_ecp_point *P,
const mbedtls_ecp_point *Q,
mbedtls_ecp_point *R )
{
int ret;
struct {
uint64_t X[8], Y[8], Z[8];
uint64_t T1[8], T2[8], T3[8], T4[8];
size_t Xn, Yn, Zn, QXn, QYn;
} s;
MBEDTLS_ASSERT( P->X.s == 1 );
MBEDTLS_ASSERT( P->Y.s == 1 );
MBEDTLS_ASSERT( P->Z.s == 1 );
MBEDTLS_ASSERT( Q->X.s == 1 );
MBEDTLS_ASSERT( Q->Y.s == 1 );
if ( ( ret = mbedtls_p256_dim( R ) ) ) return ret;
mbedtls_platform_zeroize(&s, sizeof(s));
s.Xn = mbedtls_mpi_limbs( &P->X );
s.Yn = mbedtls_mpi_limbs( &P->Y );
s.Zn = mbedtls_mpi_limbs( &P->Z );
s.QXn = mbedtls_mpi_limbs( &Q->X );
s.QYn = mbedtls_mpi_limbs( &Q->Y );
CHECK_LE( s.Xn, 4 );
CHECK_LE( s.Yn, 4 );
CHECK_LE( s.Zn, 4 );
CHECK_LE( s.QXn, 4 );
CHECK_LE( s.QYn, 4 );
memcpy( s.X, P->X.p, s.Xn * 8 );
memcpy( s.Y, P->Y.p, s.Yn * 8 );
memcpy( s.Z, P->Z.p, s.Zn * 8 );
mbedtls_p256_mul( s.T1, s.Z, s.Zn, s.Z, s.Zn );
mbedtls_p256_mul( s.T2, s.T1, 4, s.Z, s.Zn );
mbedtls_p256_mul( s.T1, s.T1, 4, Q->X.p, s.QXn );
mbedtls_p256_mul( s.T2, s.T2, 4, Q->Y.p, s.QYn );
mbedtls_p256_hub( s.T1, s.X );
mbedtls_p256_hub( s.T2, s.Y );
if( mbedtls_p256_isz( s.T1 ) )
{
if( mbedtls_p256_isz( s.T2 ) )
return mbedtls_p256_double_jac( G, P, R );
else
return mbedtls_ecp_set_zero( R );
}
mbedtls_p256_mul( s.Z, s.Z, s.Zn, s.T1, 4 );
mbedtls_p256_mul( s.T3, s.T1, 4, s.T1, 4 );
mbedtls_p256_mul( s.T4, s.T3, 4, s.T1, 4 );
mbedtls_p256_mul( s.T3, s.T3, 4, s.X, s.Xn );
mbedtls_p256_cop( s.T1, s.T3 );
mbedtls_p256_shl( s.T1 );
mbedtls_p256_mul( s.X, s.T2, 4, s.T2, 4 );
mbedtls_p256_hub( s.X, s.T1 );
mbedtls_p256_hub( s.X, s.T4 );
mbedtls_p256_hub( s.T3, s.X );
mbedtls_p256_mul( s.T3, s.T3, 4, s.T2, 4 );
mbedtls_p256_mul( s.T4, s.T4, 4, s.Y, s.Yn );
mbedtls_p256_sub( s.Y, s.T3, s.T4 );
mbedtls_p256_cop( R->X.p, s.X );
mbedtls_p256_cop( R->Y.p, s.Y );
mbedtls_p256_cop( R->Z.p, s.Z );
mbedtls_platform_zeroize(&s, sizeof(s));
return 0;
}
static int mbedtls_p256_inv(mbedtls_mpi *X,
const mbedtls_mpi *A,
const mbedtls_mpi *B)
{
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
mbedtls_mpi G, TA, TU, U1, U2, TB, TV, V1, V2;
MBEDTLS_ASSERT( A->s == 1 );
MBEDTLS_ASSERT( B->s == 1 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs(X) <= 4 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs(A) <= 4 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs(B) <= 4 );
MBEDTLS_ASSERT( mbedtls_mpi_cmp_int(B, 1) > 0 );
mbedtls_mpi_init( &TA );
mbedtls_mpi_init( &TU );
mbedtls_mpi_init( &U1 );
mbedtls_mpi_init( &U2 );
mbedtls_mpi_init( &G );
mbedtls_mpi_init( &TB );
mbedtls_mpi_init( &TV );
mbedtls_mpi_init( &V1 );
mbedtls_mpi_init( &V2 );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &TA, 5 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &TU, 5 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &U1, 5 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &U2, 5 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &G, 5 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &TB, 5 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &TV, 5 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &V1, 5 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &V2, 5 ) );
MBEDTLS_MPI_CHK(mbedtls_mpi_gcd( &G, A, B ));
if (!mbedtls_mpi_is_one( &G ))
{
ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
goto cleanup;
}
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &TA, A, B ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TU, &TA ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, B ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TV, B ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &U1, 1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &U2, 0 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &V1, 0 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &V2, 1 ) );
do
{
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &TU ) <= 5 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &U1 ) <= 5 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &U2 ) <= 5 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &TV ) <= 5 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &V2 ) <= 5 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &V1 ) <= 5 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &G ) <= 5 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &TA ) <= 5 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &TB ) <= 5 );
while (!(TU.p[0] & 1))
{
mbedtls_p256_sar(TU.p);
if ((U1.p[0] & 1) || (U2.p[0] & 1))
{
MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi(&U1, &U1, &TB) );
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi(&U2, &U2, &TA) );
}
mbedtls_p256_sar(U1.p);
mbedtls_p256_sar(U2.p);
}
while (!(TV.p[0] & 1))
{
mbedtls_p256_sar(TV.p);
if ((V1.p[0] & 1) || (V2.p[0] & 1))
{
MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi(&V1, &V1, &TB) );
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi(&V2, &V2, &TA) );
}
mbedtls_p256_sar( V1.p );
mbedtls_p256_sar( V2.p );
}
if (mbedtls_mpi_cmp_mpi( &TU, &TV ) >= 0)
{
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &TU, &TU, &TV ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U1, &U1, &V1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U2, &U2, &V2 ) );
}
else
{
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &TV, &TV, &TU ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V1, &V1, &U1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V2, &V2, &U2 ) );
}
} while ( TU.p[0] | TU.p[1] | TU.p[2] | TU.p[3] );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &TU ) <= 5 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &U1 ) <= 5 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &U2 ) <= 5 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &TV ) <= 5 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &V2 ) <= 5 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &V1 ) <= 5 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &G ) <= 5 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &TA ) <= 5 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &TB ) <= 5 );
while (V1.s < 0)
MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi( &V1, &V1, B ));
while (mbedtls_mpi_cmp_mpi( &V1, B ) >= 0)
MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi( &V1, &V1, B ));
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, &V1 ) );
cleanup:
mbedtls_mpi_free( &TA );
mbedtls_mpi_free( &TU );
mbedtls_mpi_free( &U1 );
mbedtls_mpi_free( &U2 );
mbedtls_mpi_free( &G );
mbedtls_mpi_free( &TB );
mbedtls_mpi_free( &TV );
mbedtls_mpi_free( &V1 );
mbedtls_mpi_free( &V2 );
return ret;
}
int mbedtls_p256_normalize_jac_many( const mbedtls_ecp_group *grp,
mbedtls_ecp_point *T[], size_t T_size )
{
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t i;
uint64_t ta[8];
mbedtls_mpi *c, u, Zi, ZZi;
if( !( c = mbedtls_calloc( T_size, sizeof( mbedtls_mpi ) ) ) )
return( MBEDTLS_ERR_ECP_ALLOC_FAILED );
mbedtls_mpi_init( &u );
mbedtls_mpi_init( &Zi );
mbedtls_mpi_init( &ZZi );
for( i = 0; i < T_size; i++ )
{
CHECK_EQ( 4, T[i]->X.n );
CHECK_EQ( 4, T[i]->Y.n );
CHECK_EQ( 4, T[i]->Z.n );
mbedtls_mpi_init( c + i );
}
for( i = 0; i < T_size; i++ )
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( c + i, 8 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &u, 8 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &Zi, 8 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &ZZi, 8 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( c, &T[0]->Z ) );
for( i = 1; i < T_size; i++ )
mbedtls_p256_mul( c[i].p, c[i-1].p, 4, T[i]->Z.p, 4 );
/* mbedtls_mpi_inv_mod( &u, &c[T_size-1], &grp->P ); */
MBEDTLS_MPI_CHK( mbedtls_p256_inv( &u, c + T_size - 1, &grp->P ) );
for( i = T_size - 1; ; i-- )
{
if( !i )
memcpy( Zi.p, u.p, 4 * 8 );
else
{
mbedtls_p256_mul( Zi.p, u.p, 4, c[i-1].p, 4 );
mbedtls_p256_mul( u.p, u.p, 4, T[i]->Z.p, 4 );
}
mbedtls_p256_mul( ZZi.p, Zi.p, 4, Zi.p, 4 );
mbedtls_p256_mul( ta, T[i]->X.p, 4, ZZi.p, 4 );
memcpy( T[i]->X.p, ta, 4 * 8 );
mbedtls_p256_mul( ta, T[i]->Y.p, 4, ZZi.p, 4 );
mbedtls_p256_mul( ta, ta, 4, Zi.p, 4 );
memcpy( T[i]->Y.p, ta, 4 * 8 );
mbedtls_mpi_free( &T[i]->Z );
if( !i ) break;
}
cleanup:
mbedtls_platform_zeroize( ta, sizeof(ta) );
for( i = 0; i < T_size; i++ )
mbedtls_mpi_free( c + i );
mbedtls_mpi_free( &ZZi );
mbedtls_mpi_free( &Zi );
mbedtls_mpi_free( &u );
mbedtls_free( c );
return( ret );
}
int mbedtls_p256_normalize_jac( const mbedtls_ecp_group *grp,
mbedtls_ecp_point *pt )
{
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
mbedtls_mpi Zi, ZZi;
mbedtls_mpi_init( &Zi );
mbedtls_mpi_init( &ZZi );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &Zi, 8 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &ZZi, 8 ) );
mbedtls_p256_inv( &Zi, &pt->Z, &grp->P );
mbedtls_p256_mul( ZZi.p, Zi.p, 4, Zi.p, 4 );
mbedtls_p256_mul( pt->X.p, pt->X.p, 4, ZZi.p, 4 );
mbedtls_p256_mul( pt->Y.p, pt->Y.p, 4, ZZi.p, 4 );
mbedtls_p256_mul( pt->Y.p, pt->Y.p, 4, Zi.p, 4 );
mbedtls_mpi_lset( &pt->Z, 1 );
cleanup:
mbedtls_mpi_free( &ZZi );
mbedtls_mpi_free( &Zi );
return( ret );
}

701
third_party/mbedtls/ecp384.c vendored Normal file
View file

@ -0,0 +1,701 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/log/check.h"
#include "libc/nexgen32e/x86feature.h"
#include "libc/runtime/gc.internal.h"
#include "libc/runtime/runtime.h"
#include "third_party/mbedtls/bignum_internal.h"
#include "third_party/mbedtls/ecp.h"
#include "third_party/mbedtls/ecp_internal.h"
#include "third_party/mbedtls/error.h"
#include "third_party/mbedtls/math.h"
#include "third_party/mbedtls/profile.h"
#include "third_party/mbedtls/traceme.h"
/* clang-format off */
static inline bool
mbedtls_p384_isz( uint64_t p[6] )
{
return( !p[0] & !p[1] & !p[2] & !p[3] & !p[4] & !p[5] );
}
static inline bool
mbedtls_p384_gte( uint64_t p[7] )
{
return( (p[6] ||
p[5] > 0xffffffffffffffff ||
(p[5] == 0xffffffffffffffff &&
p[4] > 0xffffffffffffffff ||
(p[4] == 0xffffffffffffffff &&
p[3] > 0xffffffffffffffff ||
(p[3] == 0xffffffffffffffff &&
p[2] > 0xfffffffffffffffe ||
(p[2] == 0xfffffffffffffffe &&
p[1] > 0xffffffff00000000 ||
(p[1] == 0xffffffff00000000 &&
p[0] > 0x00000000ffffffff ||
(p[0] == 0x00000000ffffffff))))))) );
}
static int
mbedtls_p384_cmp( const uint64_t a[7],
const uint64_t b[7] )
{
if( a[6] < b[6] ) return -1;
if( a[6] > b[6] ) return 1;
if( a[5] < b[5] ) return -1;
if( a[5] > b[5] ) return 1;
if( a[4] < b[4] ) return -1;
if( a[4] > b[4] ) return 1;
if( a[3] < b[3] ) return -1;
if( a[3] > b[3] ) return 1;
if( a[2] < b[2] ) return -1;
if( a[2] > b[2] ) return 1;
if( a[1] < b[1] ) return -1;
if( a[1] > b[1] ) return 1;
if( a[0] < b[0] ) return -1;
if( a[0] > b[0] ) return 1;
return 0;
}
static inline void
mbedtls_p384_red( uint64_t p[7] )
{
#if defined(__x86_64__) && !defined(__STRICT_ANSI__)
asm("subq\t%1,%0\n\t"
"sbbq\t%2,8+%0\n\t"
"sbbq\t%3,16+%0\n\t"
"sbbq\t%4,24+%0\n\t"
"sbbq\t%4,32+%0\n\t"
"sbbq\t%4,40+%0\n\t"
"sbbq\t$0,48+%0"
: "+o"(*p)
: "r"(0x00000000ffffffffl), "r"(0xffffffff00000000),
"i"(0xfffffffffffffffel), "i"(0xffffffffffffffff)
: "memory", "cc");
#else
uint64_t c;
SBB( p[0], p[0], 0x00000000ffffffff, 0, c );
SBB( p[1], p[1], 0xffffffff00000000, c, c );
SBB( p[2], p[2], 0xfffffffffffffffe, c, c );
SBB( p[3], p[3], 0xffffffffffffffff, c, c );
SBB( p[4], p[4], 0xffffffffffffffff, c, c );
SBB( p[5], p[5], 0xffffffffffffffff, c, c );
SBB( p[6], p[6], 0, c, c );
#endif
}
static noinline void
mbedtls_p384_gro( uint64_t p[7] )
{
#if defined(__x86_64__) && !defined(__STRICT_ANSI__)
asm("addq\t%1,%0\n\t"
"adcq\t%2,8+%0\n\t"
"adcq\t%3,16+%0\n\t"
"adcq\t%4,24+%0\n\t"
"adcq\t%4,32+%0\n\t"
"adcq\t%4,40+%0\n\t"
"adcq\t$0,48+%0"
: "+o"(*p)
: "r"(0x00000000ffffffffl), "r"(0xffffffff00000000),
"i"(0xfffffffffffffffel), "i"(0xffffffffffffffff)
: "memory", "cc");
#else
uint64_t c;
ADC( p[0], p[0], 0x00000000ffffffff, 0, c );
ADC( p[1], p[1], 0xffffffff00000000, c, c );
ADC( p[2], p[2], 0xfffffffffffffffe, c, c );
ADC( p[3], p[3], 0xffffffffffffffff, c, c );
ADC( p[4], p[4], 0xffffffffffffffff, c, c );
ADC( p[5], p[5], 0xffffffffffffffff, c, c );
ADC( p[6], p[6], 0, c, c );
#endif
}
static void
mbedtls_p384_rum( uint64_t p[7] )
{
while( mbedtls_p384_gte( p ) )
mbedtls_p384_red( p );
}
static inline void
mbedtls_p384_sar( uint64_t p[7] )
{
#if defined(__x86_64__) && !defined(__STRICT_ANSI__)
asm("sarq\t48+%0\n\t"
"rcrq\t40+%0\n\t"
"rcrq\t32+%0\n\t"
"rcrq\t24+%0\n\t"
"rcrq\t16+%0\n\t"
"rcrq\t8+%0\n\t"
"rcrq\t%0\n\t"
: "+o"(*p)
: /* no inputs */
: "memory", "cc");
#else
p[0] = p[0] >> 1 | p[1] << 63;
p[1] = p[1] >> 1 | p[2] << 63;
p[2] = p[2] >> 1 | p[3] << 63;
p[3] = p[3] >> 1 | p[4] << 63;
p[4] = p[4] >> 1 | p[5] << 63;
p[5] = p[5] >> 1 | p[6] << 63;
p[6] = (int64_t)p[6] >> 1;
#endif
}
static inline void
mbedtls_p384_shl( uint64_t p[7] )
{
#if defined(__x86_64__) && !defined(__STRICT_ANSI__)
asm("shlq\t%0\n\t"
"rclq\t8+%0\n\t"
"rclq\t16+%0\n\t"
"rclq\t24+%0\n\t"
"rclq\t32+%0\n\t"
"rclq\t40+%0\n\t"
"rclq\t48+%0\n\t"
: "+o"(*p)
: /* no inputs */
: "memory", "cc");
#else
p[6] = p[5] >> 63;
p[5] = p[5] << 1 | p[4] >> 63;
p[4] = p[4] << 1 | p[3] >> 63;
p[3] = p[3] << 1 | p[2] >> 63;
p[2] = p[2] << 1 | p[1] >> 63;
p[1] = p[1] << 1 | p[0] >> 63;
p[0] = p[0] << 1;
#endif
mbedtls_p384_rum( p );
}
static inline void
mbedtls_p384_jam( uint64_t p[7] )
{
secp384r1( p );
if( (int64_t)p[6] < 0 )
do
mbedtls_p384_gro( p );
while( (int64_t)p[6] < 0 );
else
mbedtls_p384_rum( p );
}
static void
mbedtls_p384_mul_1x1( uint64_t X[12],
const uint64_t A[6], size_t n,
const uint64_t B[6], size_t m )
{
uint128_t t;
t = A[0];
t *= B[0];
X[ 0] = t;
X[ 1] = t >> 64;
X[ 2] = 0;
X[ 3] = 0;
X[ 4] = 0;
X[ 5] = 0;
X[ 6] = 0;
X[ 7] = 0;
X[ 8] = 0;
X[ 9] = 0;
X[10] = 0;
X[11] = 0;
}
static void
mbedtls_p384_mul_nx1( uint64_t X[12],
const uint64_t A[6], size_t n,
const uint64_t B[6], size_t m )
{
mbedtls_mpi_mul_hlp1(n, A, X, B[0]);
mbedtls_platform_zeroize( X + n + m, ( 12 - n - m ) * 8 );
if ( n + m >= 6 )
mbedtls_p384_jam( X );
}
static void
mbedtls_p384_mul_6x6( uint64_t X[12],
const uint64_t A[6], size_t n,
const uint64_t B[6], size_t m )
{
Mul6x6Adx( X, A, B );
mbedtls_p384_jam( X );
}
static void
mbedtls_p384_mul_nxm( uint64_t X[12],
const uint64_t A[6], size_t n,
const uint64_t B[6], size_t m )
{
if (A == X) A = gc(memcpy(malloc(6 * 8), A, 6 * 8));
if (B == X) B = gc(memcpy(malloc(6 * 8), B, 6 * 8));
Mul( X, A, n, B, m );
mbedtls_platform_zeroize( X + n + m, (12 - n - m) * 8 );
if ( n + m >= 6 )
mbedtls_p384_jam( X );
}
static void
mbedtls_p384_mul( uint64_t X[12],
const uint64_t A[6], size_t n,
const uint64_t B[6], size_t m )
{
if( n == 6 && m == 6 && X86_HAVE(ADX) && X86_HAVE(BMI2) )
mbedtls_p384_mul_6x6( X, A, n, B, m );
else if( m == 1 && n == 1 )
mbedtls_p384_mul_1x1( X, A, n, B, m );
else if( m == 1 )
mbedtls_p384_mul_nx1( X, A, n, B, m );
else
mbedtls_p384_mul_nxm( X, A, n, B, m );
}
static void
mbedtls_p384_add( uint64_t X[7],
const uint64_t A[6],
const uint64_t B[6] )
{
#if defined(__x86_64__) && !defined(__STRICT_ANSI__)
asm("xor\t%%rcx,%%rcx\n\t"
"mov\t%1,%%rax\n\t"
"add\t%2,%%rax\n\t"
"mov\t%%rax,%0\n\t"
"mov\t8+%1,%%rax\n\t"
"adc\t8+%2,%%rax\n\t"
"mov\t%%rax,8+%0\n\t"
"mov\t16+%1,%%rax\n\t"
"adc\t16+%2,%%rax\n\t"
"mov\t%%rax,16+%0\n\t"
"mov\t24+%1,%%rax\n\t"
"adc\t24+%2,%%rax\n\t"
"mov\t%%rax,24+%0\n\t"
"mov\t32+%1,%%rax\n\t"
"adc\t32+%2,%%rax\n\t"
"mov\t%%rax,32+%0\n\t"
"mov\t40+%1,%%rax\n\t"
"adc\t40+%2,%%rax\n\t"
"mov\t%%rax,40+%0\n\t"
"adc\t$0,%%rcx\n\t"
"mov\t%%rcx,48+%0"
: "+o"(*X)
: "o"(*A), "o"(*B)
: "rax", "rcx", "memory", "cc");
#else
uint64_t c;
ADC( X[0], A[0], B[0], 0, c );
ADC( X[1], A[1], B[1], c, c );
ADC( X[2], A[2], B[2], c, c );
ADC( X[3], A[3], B[3], c, c );
ADC( X[4], A[4], B[4], c, c );
ADC( X[5], A[5], B[5], c, X[6] );
#endif
mbedtls_p384_rum( X );
DCHECK_EQ(0, X[6]);
}
static void
mbedtls_p384_sub( uint64_t X[7],
const uint64_t A[6],
const uint64_t B[6] )
{
#if defined(__x86_64__) && !defined(__STRICT_ANSI__)
asm("xor\t%%rcx,%%rcx\n\t"
"mov\t%1,%%rax\n\t"
"sub\t%2,%%rax\n\t"
"mov\t%%rax,%0\n\t"
"mov\t8+%1,%%rax\n\t"
"sbb\t8+%2,%%rax\n\t"
"mov\t%%rax,8+%0\n\t"
"mov\t16+%1,%%rax\n\t"
"sbb\t16+%2,%%rax\n\t"
"mov\t%%rax,16+%0\n\t"
"mov\t24+%1,%%rax\n\t"
"sbb\t24+%2,%%rax\n\t"
"mov\t%%rax,24+%0\n\t"
"mov\t32+%1,%%rax\n\t"
"sbb\t32+%2,%%rax\n\t"
"mov\t%%rax,32+%0\n\t"
"mov\t40+%1,%%rax\n\t"
"sbb\t40+%2,%%rax\n\t"
"mov\t%%rax,40+%0\n\t"
"sbb\t$0,%%rcx\n\t"
"mov\t%%rcx,48+%0"
: "+o"(*X)
: "o"(*A), "o"(*B)
: "rax", "rcx", "memory", "cc");
#else
uint64_t c;
SBB( X[0], A[0], B[0], 0, c );
SBB( X[1], A[1], B[1], c, c );
SBB( X[2], A[2], B[2], c, c );
SBB( X[3], A[3], B[3], c, c );
SBB( X[4], A[4], B[4], c, c );
SBB( X[5], A[5], B[5], c, c );
X[6] = -c;
#endif
while( (int64_t)X[6] < 0 )
mbedtls_p384_gro( X );
DCHECK_EQ(0, X[6]);
}
static void
mbedtls_p384_hub( uint64_t A[7],
const uint64_t B[6] )
{
#if defined(__x86_64__) && !defined(__STRICT_ANSI__)
asm("xor\t%%rcx,%%rcx\n\t"
"mov\t%1,%%rax\n\t"
"sub\t%%rax,%0\n\t"
"mov\t8+%1,%%rax\n\t"
"sbb\t%%rax,8+%0\n\t"
"mov\t16+%1,%%rax\n\t"
"sbb\t%%rax,16+%0\n\t"
"mov\t24+%1,%%rax\n\t"
"sbb\t%%rax,24+%0\n\t"
"mov\t32+%1,%%rax\n\t"
"sbb\t%%rax,32+%0\n\t"
"mov\t40+%1,%%rax\n\t"
"sbb\t%%rax,40+%0\n\t"
"sbb\t$0,%%rcx\n\t"
"mov\t%%rcx,48+%0"
: "+o"(*A)
: "o"(*B)
: "rax", "rcx", "memory", "cc");
while( (int64_t)A[6] < 0 )
mbedtls_p384_gro( A );
DCHECK_EQ(0, A[6]);
#else
mbedtls_p384_sub(A, A, B);
#endif
}
static inline void
mbedtls_p384_cop( uint64_t X[6],
const uint64_t Y[6] )
{
memcpy( X, Y, 6 * 8 );
}
static int
mbedtls_p384_dim( mbedtls_ecp_point *R )
{
int ret;
if( R->X.n < 6 && ( ret = mbedtls_mpi_grow( &R->X, 6 ) ) ) return ret;
if( R->Y.n < 6 && ( ret = mbedtls_mpi_grow( &R->Y, 6 ) ) ) return ret;
if( R->Z.n < 6 && ( ret = mbedtls_mpi_grow( &R->Z, 6 ) ) ) return ret;
return 0;
}
int mbedtls_p384_double_jac( const mbedtls_ecp_group *G,
const mbedtls_ecp_point *P,
mbedtls_ecp_point *R )
{
int ret;
struct {
uint64_t X[6], Y[6], Z[6];
uint64_t M[12], S[12], T[12], U[12];
size_t Xn, Yn, Zn;
} s;
MBEDTLS_ASSERT( G->A.p == 0 );
MBEDTLS_ASSERT( P->X.s == 1 );
MBEDTLS_ASSERT( P->Y.s == 1 );
MBEDTLS_ASSERT( P->Z.s == 1 );
MBEDTLS_ASSERT( G->P.p[0] == 0x00000000ffffffff );
MBEDTLS_ASSERT( G->P.p[1] == 0xffffffff00000000 );
MBEDTLS_ASSERT( G->P.p[2] == 0xfffffffffffffffe );
MBEDTLS_ASSERT( G->P.p[3] == 0xffffffffffffffff );
MBEDTLS_ASSERT( G->P.p[4] == 0xffffffffffffffff );
MBEDTLS_ASSERT( G->P.p[5] == 0xffffffffffffffff );
if ( ( ret = mbedtls_p384_dim( R ) ) ) return ret;
mbedtls_platform_zeroize( &s, sizeof( s ) );
s.Xn = mbedtls_mpi_limbs( &P->X );
s.Yn = mbedtls_mpi_limbs( &P->Y );
s.Zn = mbedtls_mpi_limbs( &P->Z );
CHECK_LE( s.Xn, 6 );
CHECK_LE( s.Yn, 6 );
CHECK_LE( s.Zn, 6 );
memcpy( s.X, P->X.p, s.Xn * 8 );
memcpy( s.Y, P->Y.p, s.Yn * 8 );
memcpy( s.Z, P->Z.p, s.Zn * 8 );
mbedtls_p384_mul( s.S, s.Z, s.Zn, s.Z, s.Zn );
mbedtls_p384_add( s.T, s.X, s.S );
mbedtls_p384_sub( s.U, s.X, s.S );
mbedtls_p384_mul( s.S, s.T, 6, s.U, 6 );
mbedtls_mpi_mul_hlp1( 6, s.S, s.M, 3 );
mbedtls_p384_rum( s.M );
mbedtls_p384_mul( s.T, s.Y, s.Yn, s.Y, s.Yn );
mbedtls_p384_shl( s.T );
mbedtls_p384_mul( s.S, s.X, s.Xn, s.T, 6 );
mbedtls_p384_shl( s.S );
mbedtls_p384_mul( s.U, s.T, 6, s.T, 6 );
mbedtls_p384_shl( s.U );
mbedtls_p384_mul( s.T, s.M, 6, s.M, 6 );
mbedtls_p384_hub( s.T, s.S );
mbedtls_p384_hub( s.T, s.S );
mbedtls_p384_hub( s.S, s.T );
mbedtls_p384_mul( s.S, s.S, 6, s.M, 6 );
mbedtls_p384_hub( s.S, s.U );
mbedtls_p384_mul( s.U, s.Y, s.Yn, s.Z, s.Zn );
mbedtls_p384_shl( s.U );
mbedtls_p384_cop( R->X.p, s.T );
mbedtls_p384_cop( R->Y.p, s.S );
mbedtls_p384_cop( R->Z.p, s.U );
mbedtls_platform_zeroize( &s, sizeof(s) );
return 0;
}
int mbedtls_p384_add_mixed( const mbedtls_ecp_group *G,
const mbedtls_ecp_point *P,
const mbedtls_ecp_point *Q,
mbedtls_ecp_point *R )
{
int ret;
struct {
uint64_t X[12], Y[12], Z[12];
uint64_t T1[12], T2[12], T3[12], T4[12];
size_t Xn, Yn, Zn, QXn, QYn;
} s;
MBEDTLS_ASSERT( P->X.s == 1 );
MBEDTLS_ASSERT( P->Y.s == 1 );
MBEDTLS_ASSERT( P->Z.s == 1 );
MBEDTLS_ASSERT( Q->X.s == 1 );
MBEDTLS_ASSERT( Q->Y.s == 1 );
if ( ( ret = mbedtls_p384_dim( R ) ) ) return ret;
mbedtls_platform_zeroize(&s, sizeof(s));
s.Xn = mbedtls_mpi_limbs( &P->X );
s.Yn = mbedtls_mpi_limbs( &P->Y );
s.Zn = mbedtls_mpi_limbs( &P->Z );
s.QXn = mbedtls_mpi_limbs( &Q->X );
s.QYn = mbedtls_mpi_limbs( &Q->Y );
CHECK_LE( s.Xn, 6 );
CHECK_LE( s.Yn, 6 );
CHECK_LE( s.Zn, 6 );
CHECK_LE( s.QXn, 6 );
CHECK_LE( s.QYn, 6 );
memcpy( s.X, P->X.p, s.Xn * 8 );
memcpy( s.Y, P->Y.p, s.Yn * 8 );
memcpy( s.Z, P->Z.p, s.Zn * 8 );
mbedtls_p384_mul( s.T1, s.Z, s.Zn, s.Z, s.Zn );
mbedtls_p384_mul( s.T2, s.T1, 6, s.Z, s.Zn );
mbedtls_p384_mul( s.T1, s.T1, 6, Q->X.p, s.QXn );
mbedtls_p384_mul( s.T2, s.T2, 6, Q->Y.p, s.QYn );
mbedtls_p384_hub( s.T1, s.X );
mbedtls_p384_hub( s.T2, s.Y );
if( mbedtls_p384_isz( s.T1 ) )
{
if( mbedtls_p384_isz( s.T2 ) )
return mbedtls_p384_double_jac( G, P, R );
else
return mbedtls_ecp_set_zero( R );
}
mbedtls_p384_mul( s.Z, s.Z, s.Zn, s.T1, 6 );
mbedtls_p384_mul( s.T3, s.T1, 6, s.T1, 6 );
mbedtls_p384_mul( s.T4, s.T3, 6, s.T1, 6 );
mbedtls_p384_mul( s.T3, s.T3, 6, s.X, s.Xn );
mbedtls_p384_cop( s.T1, s.T3 );
mbedtls_p384_shl( s.T1 );
mbedtls_p384_mul( s.X, s.T2, 6, s.T2, 6 );
mbedtls_p384_hub( s.X, s.T1 );
mbedtls_p384_hub( s.X, s.T4 );
mbedtls_p384_hub( s.T3, s.X );
mbedtls_p384_mul( s.T3, s.T3, 6, s.T2, 6 );
mbedtls_p384_mul( s.T4, s.T4, 6, s.Y, s.Yn );
mbedtls_p384_sub( s.Y, s.T3, s.T4 );
mbedtls_p384_cop( R->X.p, s.X );
mbedtls_p384_cop( R->Y.p, s.Y );
mbedtls_p384_cop( R->Z.p, s.Z );
mbedtls_platform_zeroize( &s, sizeof( s ) );
return 0;
}
static int mbedtls_p384_inv_mod(mbedtls_mpi *X,
const mbedtls_mpi *A,
const mbedtls_mpi *N)
{
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
mbedtls_mpi G, TA, TU, U1, U2, TB, TV, V1, V2;
MBEDTLS_ASSERT( A->s == 1 );
MBEDTLS_ASSERT( N->s == 1 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( X ) <= 6 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( A ) <= 6 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( N ) <= 6 );
MBEDTLS_ASSERT( mbedtls_mpi_cmp_int( N, 1 ) > 0 );
mbedtls_mpi_init( &TA );
mbedtls_mpi_init( &TU );
mbedtls_mpi_init( &U1 );
mbedtls_mpi_init( &U2 );
mbedtls_mpi_init( &G );
mbedtls_mpi_init( &TB );
mbedtls_mpi_init( &TV );
mbedtls_mpi_init( &V1 );
mbedtls_mpi_init( &V2 );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &TA, 7 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &TU, 7 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &U1, 7 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &U2, 7 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &G, 7 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &TB, 7 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &TV, 7 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &V1, 7 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &V2, 7 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &G, A, N ) );
if (!mbedtls_mpi_is_one( &G ))
{
ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
goto cleanup;
}
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &TA, A, N ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TU, &TA ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, N ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TV, N ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &U1, 1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &U2, 0 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &V1, 0 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &V2, 1 ) );
do
{
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &TU ) <= 7 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &U1 ) <= 7 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &U2 ) <= 7 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &TV ) <= 7 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &V2 ) <= 7 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &V1 ) <= 7 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &G ) <= 7 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &TA ) <= 7 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &TB ) <= 7 );
while ( !( TU.p[0] & 1 ) )
{
mbedtls_p384_sar( TU.p );
if ((U1.p[0] & 1) || (U2.p[0] & 1))
{
MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &U1, &U1, &TB ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U2, &U2, &TA ) );
}
mbedtls_p384_sar(U1.p);
mbedtls_p384_sar(U2.p);
}
while ( !( TV.p[0] & 1 ) )
{
mbedtls_p384_sar(TV.p);
if ((V1.p[0] & 1) || (V2.p[0] & 1))
{
MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &V1, &V1, &TB ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V2, &V2, &TA ) );
}
mbedtls_p384_sar( V1.p );
mbedtls_p384_sar( V2.p );
}
if (mbedtls_mpi_cmp_mpi( &TU, &TV ) >= 0)
{
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &TU, &TU, &TV ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U1, &U1, &V1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U2, &U2, &V2 ) );
}
else
{
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &TV, &TV, &TU ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V1, &V1, &U1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V2, &V2, &U2 ) );
}
} while ( TU.p[0] | TU.p[1] | TU.p[2] | TU.p[3] | TU.p[4] | TU.p[5] );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &TU ) <= 7 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &U1 ) <= 7 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &U2 ) <= 7 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &TV ) <= 7 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &V2 ) <= 7 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &V1 ) <= 7 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &G ) <= 7 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &TA ) <= 7 );
MBEDTLS_ASSERT( mbedtls_mpi_limbs( &TB ) <= 7 );
while (V1.s < 0)
MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &V1, &V1, N ) );
while (mbedtls_mpi_cmp_mpi( &V1, N ) >= 0)
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V1, &V1, N ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, &V1 ) );
cleanup:
mbedtls_mpi_free( &TA );
mbedtls_mpi_free( &TU );
mbedtls_mpi_free( &U1 );
mbedtls_mpi_free( &U2 );
mbedtls_mpi_free( &G );
mbedtls_mpi_free( &TB );
mbedtls_mpi_free( &TV );
mbedtls_mpi_free( &V1 );
mbedtls_mpi_free( &V2 );
return ret;
}
int mbedtls_p384_normalize_jac_many( const mbedtls_ecp_group *grp,
mbedtls_ecp_point *T[], size_t T_size )
{
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t i;
uint64_t ta[12];
mbedtls_mpi *c, u, Zi, ZZi;
if( !( c = mbedtls_calloc( T_size, sizeof( mbedtls_mpi ) ) ) )
return( MBEDTLS_ERR_ECP_ALLOC_FAILED );
mbedtls_mpi_init( &u );
mbedtls_mpi_init( &Zi );
mbedtls_mpi_init( &ZZi );
for( i = 0; i < T_size; i++ )
{
CHECK_EQ( 6, T[i]->X.n );
CHECK_EQ( 6, T[i]->Y.n );
CHECK_EQ( 6, T[i]->Z.n );
mbedtls_mpi_init( c + i );
}
for( i = 0; i < T_size; i++ )
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( c + i, 12 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &u, 12 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &Zi, 12 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &ZZi, 12 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( c, &T[0]->Z ) );
for( i = 1; i < T_size; i++ )
mbedtls_p384_mul( c[i].p, c[i-1].p, 6, T[i]->Z.p, 6 );
MBEDTLS_MPI_CHK( mbedtls_p384_inv_mod( &u, c + T_size - 1, &grp->P ) );
for( i = T_size - 1; ; i-- )
{
if( !i )
memcpy( Zi.p, u.p, 6 * 8 );
else
{
mbedtls_p384_mul( Zi.p, u.p, 6, c[i-1].p, 6 );
mbedtls_p384_mul( u.p, u.p, 6, T[i]->Z.p, 6 );
}
mbedtls_p384_mul( ZZi.p, Zi.p, 6, Zi.p, 6 );
mbedtls_p384_mul( ta, T[i]->X.p, 6, ZZi.p, 6 );
memcpy( T[i]->X.p, ta, 6 * 8 );
mbedtls_p384_mul( ta, T[i]->Y.p, 6, ZZi.p, 6 );
mbedtls_p384_mul( ta, ta, 6, Zi.p, 6 );
memcpy( T[i]->Y.p, ta, 6 * 8 );
mbedtls_mpi_free( &T[i]->Z );
if( !i ) break;
}
cleanup:
mbedtls_platform_zeroize( ta, sizeof( ta ) );
for( i = 0; i < T_size; i++ )
mbedtls_mpi_free( c + i );
mbedtls_mpi_free( &ZZi );
mbedtls_mpi_free( &Zi );
mbedtls_mpi_free( &u );
mbedtls_free( c );
return( ret );
}

183
third_party/mbedtls/ecp_curves.c vendored
View file

@ -1,3 +1,20 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "third_party/mbedtls/common.h"
#include "third_party/mbedtls/ecp.h"
#include "third_party/mbedtls/error.h"
@ -29,7 +46,7 @@ asm(".include \"libc/disclaimer.inc\"");
* limitations under the License.
*/
#if defined(MBEDTLS_ECP_C)
/* #if defined(MBEDTLS_ECP_C) */
#if !defined(MBEDTLS_ECP_ALT)
@ -618,29 +635,23 @@ static int ecp_group_load( mbedtls_ecp_group *grp,
#endif /* ECP_LOAD_GROUP */
#if defined(MBEDTLS_ECP_NIST_OPTIM)
/* Forward declarations */
#define NIST_MODP( P ) grp->modp = ecp_mod_ ## P;
#else
#define NIST_MODP( P )
#endif
#if defined(MBEDTLS_ECP_NIST_OPTIM)
#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
static int ecp_mod_p192( mbedtls_mpi * );
#endif
#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
static int ecp_mod_p224( mbedtls_mpi * );
#endif
#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
static int ecp_mod_p256( mbedtls_mpi * );
#endif
#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
static int ecp_mod_p384( mbedtls_mpi * );
#endif
#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
static int ecp_mod_p521( mbedtls_mpi * );
#endif
#define NIST_MODP( P ) grp->modp = ecp_mod_ ## P;
#else
#define NIST_MODP( P )
#endif /* MBEDTLS_ECP_NIST_OPTIM */
/* Additional forward declarations */
#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
static int ecp_mod_p255( mbedtls_mpi * );
#endif
@ -681,7 +692,7 @@ static int ecp_mod_p256k1( mbedtls_mpi * );
*/
static int ecp_use_curve25519( mbedtls_ecp_group *grp )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
/* Actually ( A + 2 ) / 4 */
MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &grp->A, 16, "01DB42" ) );
@ -721,7 +732,7 @@ cleanup:
static int ecp_use_curve448( mbedtls_ecp_group *grp )
{
mbedtls_mpi Ns;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
mbedtls_mpi_init( &Ns );
@ -760,6 +771,8 @@ cleanup:
}
#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */
#if defined(MBEDTLS_ECP_C)
/**
* \brief This function sets up an ECP group context
* from a standardized set of domain parameters.
@ -866,6 +879,7 @@ int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id )
return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
}
}
#endif /* MBEDTLS_ECP_C */
#if defined(MBEDTLS_ECP_NIST_OPTIM)
/*
@ -878,7 +892,6 @@ int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id )
* MPI remains loose, since these functions can be deactivated at will.
*/
#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
/*
* Compared to the way things are presented in FIPS 186-3 D.2,
* we proceed in columns, from right (least significant chunk) to left,
@ -926,20 +939,16 @@ static inline void carry64( mbedtls_mpi_uint *dst, mbedtls_mpi_uint *carry )
*/
static int ecp_mod_p192( mbedtls_mpi *N )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
mbedtls_mpi_uint c = 0;
mbedtls_mpi_uint *p, *end;
/* Make sure we have enough blocks so that A(5) is legal */
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( N, 6 * WIDTH ) );
p = N->p;
end = p + N->n;
ADD( 3 ); ADD( 5 ); NEXT; // A0 += A3 + A5
ADD( 3 ); ADD( 4 ); ADD( 5 ); NEXT; // A1 += A3 + A4 + A5
ADD( 4 ); ADD( 5 ); LAST; // A2 += A4 + A5
cleanup:
return( ret );
}
@ -949,11 +958,7 @@ cleanup:
#undef ADD
#undef NEXT
#undef LAST
#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \
defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \
defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
/*
* The reader is advised to first understand ecp_mod_p192() since the same
* general structure is used here, but with additional complications:
@ -1017,7 +1022,7 @@ static inline void sub32( uint32_t *dst, uint32_t src, signed char *carry )
* (see fix_negative for the motivation of C)
*/
#define INIT( b ) \
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; \
int ret = MBEDTLS_ERR_THIS_CORRUPTION; \
signed char c = 0, cc; \
uint32_t cur; \
size_t i = 0, bits = (b); \
@ -1053,8 +1058,7 @@ static inline void sub32( uint32_t *dst, uint32_t src, signed char *carry )
*/
static inline int fix_negative( mbedtls_mpi *N, signed char c, mbedtls_mpi *C, size_t bits )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
/* C = - c * 2^(bits + 32) */
#if !defined(MBEDTLS_HAVE_INT64)
((void) bits);
@ -1064,24 +1068,19 @@ static inline int fix_negative( mbedtls_mpi *N, signed char c, mbedtls_mpi *C, s
else
#endif
C->p[ C->n - 1 ] = (mbedtls_mpi_uint) -c;
/* N = - ( C - N ) */
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( N, C, N ) );
N->s = -1;
cleanup:
return( ret );
}
#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
/*
* Fast quasi-reduction modulo p224 (FIPS 186-3 D.2.2)
*/
static int ecp_mod_p224( mbedtls_mpi *N )
{
INIT( 224 );
SUB( 7 ); SUB( 11 ); NEXT; // A0 += -A7 - A11
SUB( 8 ); SUB( 12 ); NEXT; // A1 += -A8 - A12
SUB( 9 ); SUB( 13 ); NEXT; // A2 += -A9 - A13
@ -1089,97 +1088,9 @@ static int ecp_mod_p224( mbedtls_mpi *N )
SUB( 11 ); ADD( 8 ); ADD( 12 ); NEXT; // A4 += -A11 + A8 + A12
SUB( 12 ); ADD( 9 ); ADD( 13 ); NEXT; // A5 += -A12 + A9 + A13
SUB( 13 ); ADD( 10 ); LAST; // A6 += -A13 + A10
cleanup:
return( ret );
}
#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
/*
* Fast quasi-reduction modulo p256 (FIPS 186-3 D.2.3)
*/
static int ecp_mod_p256( mbedtls_mpi *N )
{
INIT( 256 );
ADD( 8 ); ADD( 9 );
SUB( 11 ); SUB( 12 ); SUB( 13 ); SUB( 14 ); NEXT; // A0
ADD( 9 ); ADD( 10 );
SUB( 12 ); SUB( 13 ); SUB( 14 ); SUB( 15 ); NEXT; // A1
ADD( 10 ); ADD( 11 );
SUB( 13 ); SUB( 14 ); SUB( 15 ); NEXT; // A2
ADD( 11 ); ADD( 11 ); ADD( 12 ); ADD( 12 ); ADD( 13 );
SUB( 15 ); SUB( 8 ); SUB( 9 ); NEXT; // A3
ADD( 12 ); ADD( 12 ); ADD( 13 ); ADD( 13 ); ADD( 14 );
SUB( 9 ); SUB( 10 ); NEXT; // A4
ADD( 13 ); ADD( 13 ); ADD( 14 ); ADD( 14 ); ADD( 15 );
SUB( 10 ); SUB( 11 ); NEXT; // A5
ADD( 14 ); ADD( 14 ); ADD( 15 ); ADD( 15 ); ADD( 14 ); ADD( 13 );
SUB( 8 ); SUB( 9 ); NEXT; // A6
ADD( 15 ); ADD( 15 ); ADD( 15 ); ADD( 8 );
SUB( 10 ); SUB( 11 ); SUB( 12 ); SUB( 13 ); LAST; // A7
cleanup:
return( ret );
}
#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
/*
* Fast quasi-reduction modulo p384 (FIPS 186-3 D.2.4)
*/
static int ecp_mod_p384( mbedtls_mpi *N )
{
INIT( 384 );
ADD( 12 ); ADD( 21 ); ADD( 20 );
SUB( 23 ); NEXT; // A0
ADD( 13 ); ADD( 22 ); ADD( 23 );
SUB( 12 ); SUB( 20 ); NEXT; // A2
ADD( 14 ); ADD( 23 );
SUB( 13 ); SUB( 21 ); NEXT; // A2
ADD( 15 ); ADD( 12 ); ADD( 20 ); ADD( 21 );
SUB( 14 ); SUB( 22 ); SUB( 23 ); NEXT; // A3
ADD( 21 ); ADD( 21 ); ADD( 16 ); ADD( 13 ); ADD( 12 ); ADD( 20 ); ADD( 22 );
SUB( 15 ); SUB( 23 ); SUB( 23 ); NEXT; // A4
ADD( 22 ); ADD( 22 ); ADD( 17 ); ADD( 14 ); ADD( 13 ); ADD( 21 ); ADD( 23 );
SUB( 16 ); NEXT; // A5
ADD( 23 ); ADD( 23 ); ADD( 18 ); ADD( 15 ); ADD( 14 ); ADD( 22 );
SUB( 17 ); NEXT; // A6
ADD( 19 ); ADD( 16 ); ADD( 15 ); ADD( 23 );
SUB( 18 ); NEXT; // A7
ADD( 20 ); ADD( 17 ); ADD( 16 );
SUB( 19 ); NEXT; // A8
ADD( 21 ); ADD( 18 ); ADD( 17 );
SUB( 20 ); NEXT; // A9
ADD( 22 ); ADD( 19 ); ADD( 18 );
SUB( 21 ); NEXT; // A10
ADD( 23 ); ADD( 20 ); ADD( 19 );
SUB( 22 ); LAST; // A11
cleanup:
return( ret );
}
#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
#undef A
#undef LOAD32
@ -1189,10 +1100,6 @@ cleanup:
#undef NEXT
#undef LAST
#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED ||
MBEDTLS_ECP_DP_SECP256R1_ENABLED ||
MBEDTLS_ECP_DP_SECP384R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
/*
* Here we have an actual Mersenne prime, so things are more straightforward.
@ -1211,7 +1118,7 @@ cleanup:
*/
static int ecp_mod_p521( mbedtls_mpi *N )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t i;
mbedtls_mpi M;
mbedtls_mpi_uint Mp[P521_WIDTH + 1];
@ -1249,8 +1156,6 @@ cleanup:
#endif /* MBEDTLS_ECP_NIST_OPTIM */
#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
/* Size of p255 in terms of mbedtls_mpi_uint */
#define P255_WIDTH ( 255 / 8 / sizeof( mbedtls_mpi_uint ) + 1 )
@ -1260,38 +1165,32 @@ cleanup:
*/
static int ecp_mod_p255( mbedtls_mpi *N )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t i;
mbedtls_mpi M;
mbedtls_mpi_uint Mp[P255_WIDTH + 2];
if( N->n < P255_WIDTH )
return( 0 );
/* M = A1 */
M.s = 1;
M.n = N->n - ( P255_WIDTH - 1 );
if( M.n > P255_WIDTH + 1 )
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
M.p = Mp;
memset( Mp, 0, sizeof Mp );
mbedtls_platform_zeroize( Mp, sizeof Mp );
memcpy( Mp, N->p + P255_WIDTH - 1, M.n * sizeof( mbedtls_mpi_uint ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, 255 % ( 8 * sizeof( mbedtls_mpi_uint ) ) ) );
M.n++; /* Make room for multiplication by 19 */
/* N = A0 */
MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( N, 255, 0 ) );
for( i = P255_WIDTH; i < N->n; i++ )
N->p[i] = 0;
/* N = A0 + 19 * A1 */
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &M, &M, 19 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( N, N, &M ) );
cleanup:
return( ret );
}
#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */
#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
@ -1317,7 +1216,7 @@ cleanup:
*/
static int ecp_mod_p448( mbedtls_mpi *N )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t i;
mbedtls_mpi M, Q;
mbedtls_mpi_uint Mp[P448_WIDTH + 1], Qp[P448_WIDTH];
@ -1332,7 +1231,7 @@ static int ecp_mod_p448( mbedtls_mpi *N )
/* Shouldn't be called with N larger than 2^896! */
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
M.p = Mp;
memset( Mp, 0, sizeof( Mp ) );
mbedtls_platform_zeroize( Mp, sizeof( Mp ) );
memcpy( Mp, N->p + P448_WIDTH, M.n * sizeof( mbedtls_mpi_uint ) );
/* N = A0 */
@ -1379,7 +1278,7 @@ cleanup:
static inline int ecp_mod_koblitz( mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t p_limbs,
size_t adjust, size_t shift, mbedtls_mpi_uint mask )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
size_t i;
mbedtls_mpi M, R;
mbedtls_mpi_uint Mp[P_KOBLITZ_MAX + P_KOBLITZ_R + 1];
@ -1400,7 +1299,7 @@ static inline int ecp_mod_koblitz( mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t
M.n = N->n - ( p_limbs - adjust );
if( M.n > p_limbs + adjust )
M.n = p_limbs + adjust;
memset( Mp, 0, sizeof Mp );
mbedtls_platform_zeroize( Mp, sizeof Mp );
memcpy( Mp, N->p + p_limbs - adjust, M.n * sizeof( mbedtls_mpi_uint ) );
if( shift != 0 )
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, shift ) );
@ -1422,7 +1321,7 @@ static inline int ecp_mod_koblitz( mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t
M.n = N->n - ( p_limbs - adjust );
if( M.n > p_limbs + adjust )
M.n = p_limbs + adjust;
memset( Mp, 0, sizeof Mp );
mbedtls_platform_zeroize( Mp, sizeof Mp );
memcpy( Mp, N->p + p_limbs - adjust, M.n * sizeof( mbedtls_mpi_uint ) );
if( shift != 0 )
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, shift ) );
@ -1493,4 +1392,4 @@ static int ecp_mod_p256k1( mbedtls_mpi *N )
#endif /* !MBEDTLS_ECP_ALT */
#endif /* MBEDTLS_ECP_C */
/* #endif /\* MBEDTLS_ECP_C *\/ */

37
third_party/mbedtls/ecp_internal.h vendored
View file

@ -1,6 +1,7 @@
#ifndef MBEDTLS_ECP_INTERNAL_H
#define MBEDTLS_ECP_INTERNAL_H
#ifndef COSMOPOLITAN_THIRD_PARTY_MBEDTLS_ECP_INTERNAL_H_
#define COSMOPOLITAN_THIRD_PARTY_MBEDTLS_ECP_INTERNAL_H_
#include "third_party/mbedtls/config.h"
#include "third_party/mbedtls/ecp.h"
/* clang-format off */
#if defined(MBEDTLS_ECP_INTERNAL_ALT)
@ -105,7 +106,8 @@ int mbedtls_internal_ecp_randomize_jac( const mbedtls_ecp_group *grp,
* \return 0 if successful.
*/
int mbedtls_internal_ecp_add_mixed( const mbedtls_ecp_group *grp,
mbedtls_ecp_point *R, const mbedtls_ecp_point *P,
mbedtls_ecp_point *R,
const mbedtls_ecp_point *P,
const mbedtls_ecp_point *Q );
#endif
@ -208,7 +210,8 @@ int mbedtls_internal_ecp_double_add_mxz( const mbedtls_ecp_group *grp,
*/
#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT)
int mbedtls_internal_ecp_randomize_mxz( const mbedtls_ecp_group *grp,
mbedtls_ecp_point *P, int (*f_rng)(void *, unsigned char *, size_t),
mbedtls_ecp_point *P,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
#endif
@ -231,5 +234,29 @@ int mbedtls_internal_ecp_normalize_mxz( const mbedtls_ecp_group *grp,
#endif /* MBEDTLS_ECP_INTERNAL_ALT */
#endif /* ecp_internal.h */
void secp256r1( uint64_t[8] );
void secp384r1( uint64_t[12] );
int mbedtls_p256_double_jac( const mbedtls_ecp_group *,
const mbedtls_ecp_point *,
mbedtls_ecp_point * );
int mbedtls_p256_add_mixed( const mbedtls_ecp_group *,
const mbedtls_ecp_point *,
const mbedtls_ecp_point *,
mbedtls_ecp_point * );
int mbedtls_p256_normalize_jac( const mbedtls_ecp_group *,
mbedtls_ecp_point * );
int mbedtls_p256_normalize_jac_many( const mbedtls_ecp_group *,
mbedtls_ecp_point *[], size_t );
int mbedtls_p384_double_jac( const mbedtls_ecp_group *,
const mbedtls_ecp_point *,
mbedtls_ecp_point * );
int mbedtls_p384_add_mixed( const mbedtls_ecp_group *,
const mbedtls_ecp_point *,
const mbedtls_ecp_point *,
mbedtls_ecp_point * );
int mbedtls_p384_normalize_jac_many( const mbedtls_ecp_group *,
mbedtls_ecp_point *[], size_t );
#endif /* COSMOPOLITAN_THIRD_PARTY_MBEDTLS_ECP_INTERNAL_H_ */

105
third_party/mbedtls/ecpshl.c vendored Normal file
View file

@ -0,0 +1,105 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "third_party/mbedtls/ecp.h"
#include "third_party/mbedtls/math.h"
/* clang-format off */
static void mbedtls_mpi_shift_l_mod_p256( const mbedtls_ecp_group *G,
mbedtls_mpi *X )
{
bool c;
MBEDTLS_ASSERT( G->P.n == 4 );
MBEDTLS_ASSERT( mbedtls_mpi_bitlen( X ) <= 256 );
MBEDTLS_ASSERT( mbedtls_mpi_bitlen( &G->P ) <= 256 );
X->p[4] = X->p[3] >> 63;
X->p[3] = X->p[3] << 1 | X->p[2] >> 63;
X->p[2] = X->p[2] << 1 | X->p[1] >> 63;
X->p[1] = X->p[1] << 1 | X->p[0] >> 63;
X->p[0] = X->p[0] << 1;
if( (X->p[4] ||
X->p[3] > G->P.p[3] ||
(X->p[3] == G->P.p[3] &&
X->p[2] > G->P.p[2] ||
(X->p[2] == G->P.p[2] &&
X->p[0] > G->P.p[0] ||
(X->p[0] == G->P.p[0])))) )
{
SBB(X->p[0], X->p[0], G->P.p[0], 0, c);
SBB(X->p[1], X->p[1], G->P.p[1], c, c);
SBB(X->p[2], X->p[2], G->P.p[2], c, c);
SBB(X->p[3], X->p[3], G->P.p[3], c, c);
SBB(X->p[4], X->p[4], 0, c, c);
}
}
static void mbedtls_mpi_shift_l_mod_p384( const mbedtls_ecp_group *G,
mbedtls_mpi *X )
{
bool c;
MBEDTLS_ASSERT( G->P.n == 6 );
MBEDTLS_ASSERT( mbedtls_mpi_bitlen( X ) <= 384 );
MBEDTLS_ASSERT( mbedtls_mpi_bitlen( &G->P ) <= 384 );
X->p[6] = X->p[5] >> 63;
X->p[5] = X->p[5] << 1 | X->p[4] >> 63;
X->p[4] = X->p[4] << 1 | X->p[3] >> 63;
X->p[3] = X->p[3] << 1 | X->p[2] >> 63;
X->p[2] = X->p[2] << 1 | X->p[1] >> 63;
X->p[1] = X->p[1] << 1 | X->p[0] >> 63;
X->p[0] = X->p[0] << 1;
if( (X->p[6] ||
X->p[5] > G->P.p[5] ||
(X->p[5] == G->P.p[5] &&
X->p[4] > G->P.p[4] ||
(X->p[4] == G->P.p[4] &&
X->p[3] > G->P.p[3] ||
(X->p[3] == G->P.p[3] &&
X->p[2] > G->P.p[2] ||
(X->p[2] == G->P.p[2] &&
X->p[0] > G->P.p[0] ||
(X->p[0] == G->P.p[0])))))) )
{
SBB(X->p[0], X->p[0], G->P.p[0], 0, c);
SBB(X->p[1], X->p[1], G->P.p[1], c, c);
SBB(X->p[2], X->p[2], G->P.p[2], c, c);
SBB(X->p[3], X->p[3], G->P.p[3], c, c);
SBB(X->p[4], X->p[4], G->P.p[4], c, c);
SBB(X->p[5], X->p[5], G->P.p[5], c, c);
SBB(X->p[6], X->p[6], 0, c, c);
}
}
int mbedtls_mpi_shift_l_mod( const mbedtls_ecp_group *G, mbedtls_mpi *X )
{
int ret = 0;
MBEDTLS_ASSERT( mbedtls_mpi_cmp_int( X, 0 ) >= 0 );
MBEDTLS_ASSERT( mbedtls_mpi_cmp_mpi( X, &G->P ) < 0 );
if( X->n == 8 )
mbedtls_mpi_shift_l_mod_p256( G, X );
else if( X->n == 12 )
mbedtls_mpi_shift_l_mod_p384( G, X );
else
{
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( X, 1 ) );
if( mbedtls_mpi_cmp_mpi( X, &G->P ) >= 0 )
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, X, &G->P ) );
}
MBEDTLS_ASSERT( mbedtls_mpi_cmp_mpi( X, &G->P ) < 0 );
MBEDTLS_ASSERT( mbedtls_mpi_cmp_int( X, 0 ) >= 0 );
cleanup:
return( ret );
}

15
third_party/mbedtls/endian.h vendored
View file

@ -43,6 +43,21 @@
OuT + 8; \
})
#define Write64le(P, V) \
({ \
uint64_t VaL = (V); \
uint8_t *OuT = (P); \
OuT[0] = (0x00000000000000FF & VaL) >> 000; \
OuT[1] = (0x000000000000FF00 & VaL) >> 010; \
OuT[2] = (0x0000000000FF0000 & VaL) >> 020; \
OuT[3] = (0x00000000FF000000 & VaL) >> 030; \
OuT[4] = (0x000000FF00000000 & VaL) >> 040; \
OuT[5] = (0x0000FF0000000000 & VaL) >> 050; \
OuT[6] = (0x00FF000000000000 & VaL) >> 060; \
OuT[7] = (0xFF00000000000000 & VaL) >> 070; \
OuT + 8; \
})
#define GET_UINT32_BE(n, b, i) (n) = Read32be((b) + (i))
#define PUT_UINT32_BE(n, b, i) Write32be((b) + (i), n)
#define GET_UINT64_BE(n, b, i) (n) = Read64be((b) + (i))

27
third_party/mbedtls/entropy.c vendored
View file

@ -1,3 +1,20 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "libc/calls/calls.h"
#include "libc/stdio/stdio.h"
#include "third_party/mbedtls/common.h"
@ -50,7 +67,7 @@ asm(".include \"libc/disclaimer.inc\"");
void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
{
ctx->source_count = 0;
memset( ctx->source, 0, sizeof( ctx->source ) );
mbedtls_platform_zeroize( ctx->source, sizeof( ctx->source ) );
ctx->accumulator_started = 0;
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
@ -315,7 +332,7 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len )
}
while( ! thresholds_reached || strong_size < MBEDTLS_ENTROPY_BLOCK_SIZE );
memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
mbedtls_platform_zeroize( buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
/*
@ -398,7 +415,7 @@ int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx )
if( mbedtls_nv_seed_write( buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) < 0 )
return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR );
/* Manually update the remaining stream with a separator value to diverge */
memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
mbedtls_platform_zeroize( buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
ret = mbedtls_entropy_update_manual( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
return( ret );
}
@ -581,8 +598,8 @@ int mbedtls_entropy_source_self_test( int verbose )
if( verbose != 0 )
mbedtls_printf( " ENTROPY_BIAS test: " );
memset( buf0, 0x00, sizeof( buf0 ) );
memset( buf1, 0x00, sizeof( buf1 ) );
mbedtls_platform_zeroize( buf0, sizeof( buf0 ) );
mbedtls_platform_zeroize( buf1, sizeof( buf1 ) );
if( ( ret = mbedtls_entropy_source_self_test_gather( buf0, sizeof( buf0 ) ) ) != 0 )
goto cleanup;

17
third_party/mbedtls/entropy_poll.c vendored
View file

@ -1,3 +1,20 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "libc/nexgen32e/rdtsc.h"
#include "libc/str/str.h"
#include "third_party/mbedtls/entropy_poll.h"

21
third_party/mbedtls/error.c vendored
View file

@ -1,3 +1,20 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "libc/fmt/fmt.h"
#include "third_party/mbedtls/aes.h"
#include "third_party/mbedtls/asn1.h"
@ -544,7 +561,7 @@ const char * mbedtls_low_level_strerr( int error_code )
#if defined(MBEDTLS_ERROR_C)
case -(MBEDTLS_ERR_ERROR_GENERIC_ERROR):
return( "ERROR - Generic error" );
case -(MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED):
case -(MBEDTLS_ERR_THIS_CORRUPTION):
return( "ERROR - This is a bug in the library" );
#endif /* MBEDTLS_ERROR_C */
@ -637,7 +654,7 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
if( buflen == 0 )
return;
memset( buf, 0x00, buflen );
mbedtls_platform_zeroize( buf, buflen );
if( ret < 0 )
ret = -ret;

2
third_party/mbedtls/error.h vendored
View file

@ -85,7 +85,7 @@ extern "C" {
#endif
#define MBEDTLS_ERR_ERROR_GENERIC_ERROR -0x0001 /**< Generic error */
#define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E /**< This is a bug in the library */
#define MBEDTLS_ERR_THIS_CORRUPTION -0x006E /**< This is a bug in the library */
/**
* \brief Translate a mbed TLS error code into a string representation,

939
third_party/mbedtls/everest.c vendored
View file

File diff suppressed because it is too large Load diff

34
third_party/mbedtls/fastdiv.h vendored Normal file
View file

@ -0,0 +1,34 @@
#ifndef COSMOPOLITAN_THIRD_PARTY_MBEDTLS_FASTDIV_H_
#define COSMOPOLITAN_THIRD_PARTY_MBEDTLS_FASTDIV_H_
#include "libc/macros.internal.h"
#if !(__ASSEMBLER__ + __LINKER__ + 0)
COSMOPOLITAN_C_START_
struct Divisor {
uint64_t m;
uint8_t s;
uint8_t t;
};
static inline struct Divisor GetDivisor(uint64_t d) {
int b;
uint128_t x;
b = __builtin_clzll(d) ^ 63;
x = -d & (((1ull << b) - 1) | (1ull << b));
return (struct Divisor){(x << 64) / d + 1, MIN(1, b + 1), MAX(0, b)};
}
forceinline uint64_t Divide(uint64_t x, struct Divisor d) {
uint128_t t;
uint64_t l, h;
t = d.m;
t *= x;
l = t;
h = t >> 64;
l = (x - h) >> d.s;
return (h + l) >> d.t;
}
COSMOPOLITAN_C_END_
#endif /* !(__ASSEMBLER__ + __LINKER__ + 0) */
#endif /* COSMOPOLITAN_THIRD_PARTY_MBEDTLS_FASTDIV_H_ */

46
third_party/mbedtls/gcm.c vendored
View file

@ -1,10 +1,29 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright The Mbed TLS Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "libc/bits/bits.h"
#include "libc/bits/likely.h"
#include "libc/log/log.h"
#include "libc/nexgen32e/x86feature.h"
#include "libc/runtime/runtime.h"
#include "libc/str/str.h"
#include "third_party/mbedtls/aes.h"
#include "third_party/mbedtls/aesni.h"
#include "third_party/mbedtls/cipher.h"
#include "third_party/mbedtls/common.h"
#include "third_party/mbedtls/endian.h"
#include "third_party/mbedtls/error.h"
@ -69,7 +88,7 @@ asm(".include \"libc/disclaimer.inc\"");
void mbedtls_gcm_init( mbedtls_gcm_context *ctx )
{
GCM_VALIDATE( ctx != NULL );
memset( ctx, 0, sizeof( mbedtls_gcm_context ) );
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_gcm_context ) );
}
/*
@ -87,7 +106,7 @@ static int gcm_gen_table( mbedtls_gcm_context *ctx )
uint64_t vl, vh;
unsigned char h[16];
size_t olen = 0;
memset( h, 0, 16 );
mbedtls_platform_zeroize( h, 16 );
if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, h, 16, h, &olen ) ) != 0 )
return( ret );
vh = READ64BE( h + 0 );
@ -146,7 +165,7 @@ int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx,
const unsigned char *key,
unsigned int keybits )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
const mbedtls_cipher_info_t *cipher_info;
GCM_VALIDATE_RET( ctx != NULL );
GCM_VALIDATE_RET( key != NULL );
@ -158,6 +177,7 @@ int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx,
if( cipher_info->block_size != 16 )
return( MBEDTLS_ERR_GCM_BAD_INPUT );
mbedtls_cipher_free( &ctx->cipher_ctx );
ctx->cipher = cipher;
if( ( ret = mbedtls_cipher_setup( &ctx->cipher_ctx, cipher_info ) ) != 0 )
return( ret );
if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keybits,
@ -250,7 +270,7 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
const unsigned char *p;
size_t use_len, olen = 0;
unsigned char work_buf[16];
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
GCM_VALIDATE_RET( ctx != NULL );
GCM_VALIDATE_RET( iv != NULL );
GCM_VALIDATE_RET( add_len == 0 || add != NULL );
@ -261,8 +281,8 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
( (uint64_t) add_len ) >> 61 != 0 ) {
return( MBEDTLS_ERR_GCM_BAD_INPUT );
}
memset( ctx->y, 0x00, sizeof(ctx->y) );
memset( ctx->buf, 0x00, sizeof(ctx->buf) );
mbedtls_platform_zeroize( ctx->y, sizeof(ctx->y) );
mbedtls_platform_zeroize( ctx->buf, sizeof(ctx->buf) );
ctx->mode = mode;
ctx->len = 0;
ctx->add_len = 0;
@ -270,7 +290,7 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
memcpy( ctx->y, iv, iv_len );
ctx->y[15] = 1;
} else {
memset( work_buf, 0x00, 16 );
mbedtls_platform_zeroize( work_buf, 16 );
PUT_UINT32_BE( iv_len * 8, work_buf, 12 );
p = iv;
while( iv_len > 0 ) {
@ -334,14 +354,14 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx,
{
size_t i, j;
uint64_t a, b;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
unsigned char ectr[16];
const unsigned char *p;
unsigned char *q, *out_p = output;
size_t olen = 0;
GCM_VALIDATE_RET( ctx != NULL );
GCM_VALIDATE_RET( length == 0 || input != NULL );
GCM_VALIDATE_RET( length == 0 || output != NULL );
GCM_VALIDATE_RET( ctx );
GCM_VALIDATE_RET( !length || input );
GCM_VALIDATE_RET( !length || output );
if( output > input && (size_t) ( output - input ) < length )
return( MBEDTLS_ERR_GCM_BAD_INPUT );
/* Total length is restricted to 2^39 - 256 bits, ie 2^36 - 2^5 bytes
@ -529,7 +549,7 @@ int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx,
size_t tag_len,
unsigned char *tag )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
GCM_VALIDATE_RET( ctx != NULL );
GCM_VALIDATE_RET( iv != NULL );
GCM_VALIDATE_RET( add_len == 0 || add != NULL );
@ -589,7 +609,7 @@ int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx,
const unsigned char *input,
unsigned char *output )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_THIS_CORRUPTION;
unsigned char check_tag[16];
size_t i;
int diff;

1
third_party/mbedtls/gcm.h vendored
View file

@ -22,6 +22,7 @@ typedef struct mbedtls_gcm_context {
uint64_t H8[2]; /*!< For AES-NI. */
uint64_t HL[16]; /*!< Precalculated HTable low. */
uint64_t HH[16]; /*!< Precalculated HTable high. */
mbedtls_cipher_id_t cipher; /*!< The cipher being used. */
} mbedtls_gcm_context;
void mbedtls_gcm_init( mbedtls_gcm_context * );

25
third_party/mbedtls/getalertdescription.c vendored
View file

@ -1,20 +1,19 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Copyright The Mbed TLS Contributors
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "libc/fmt/itoa.h"
#include "third_party/mbedtls/iana.h"

53
third_party/mbedtls/getciphersuite.c vendored Normal file
View file

@ -0,0 +1,53 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "third_party/mbedtls/ssl_ciphersuites.h"
#define S32(S) (S[0] << 24 | S[1] << 16 | S[2] << 8 | S[3])
/**
* Returns ciphersuite info by IANA name.
*
* This API provides some wiggle room for naming, e.g.
*
* - ECDHE-ECDSA-AES256-GCM-SHA384 (preferred)
* - ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
* - TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
* - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (canonical)
*
* All of the above are acceptable names for 0xC02C.
*/
const mbedtls_ssl_ciphersuite_t *GetCipherSuite(const char *s) {
int i, j;
char b[50];
uint32_t w;
unsigned char c;
for (i = j = w = 0; (c = s[i++]);) {
if (c == '_') c = '-'; // _ → -
if ('a' <= c && c <= 'z') c -= 'a' - 'A'; // a-z → A-Z
if (c == '-' && w == S32("WITH")) j -= 5; // WITH- → -
if (w == S32("TLS-")) j -= 4; // TLS- →
w = w << 8 | c; // ------- ------
if (w == S32("AES-")) continue; // AES-XXX → AESXXX
if (w == S32("SHA1")) continue; // SHA1 → SHA
if (!(0 <= j && j + 1 < sizeof(b))) return 0;
b[j++] = c;
}
b[j++] = 0;
return mbedtls_ssl_ciphersuite_from_string(b);
}

25
third_party/mbedtls/getciphersuitename.c vendored
View file

@ -1,20 +1,19 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Copyright The Mbed TLS Contributors
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
http://www.apache.org/licenses/LICENSE-2.0 │
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include "third_party/mbedtls/iana.h"

64
third_party/mbedtls/getsslstatename.c vendored Normal file
View file

@ -0,0 +1,64 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "third_party/mbedtls/ssl.h"
const char *GetSslStateName(mbedtls_ssl_states x) {
switch (x) {
case MBEDTLS_SSL_HELLO_REQUEST:
return "HELLO_REQUEST";
case MBEDTLS_SSL_CLIENT_HELLO:
return "CLIENT_HELLO";
case MBEDTLS_SSL_SERVER_HELLO:
return "SERVER_HELLO";
case MBEDTLS_SSL_SERVER_CERTIFICATE:
return "SERVER_CERTIFICATE";
case MBEDTLS_SSL_SERVER_KEY_EXCHANGE:
return "SERVER_KEY_EXCHANGE";
case MBEDTLS_SSL_CERTIFICATE_REQUEST:
return "CERTIFICATE_REQUEST";
case MBEDTLS_SSL_SERVER_HELLO_DONE:
return "SERVER_HELLO_DONE";
case MBEDTLS_SSL_CLIENT_CERTIFICATE:
return "CLIENT_CERTIFICATE";
case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE:
return "CLIENT_KEY_EXCHANGE";
case MBEDTLS_SSL_CERTIFICATE_VERIFY:
return "CERTIFICATE_VERIFY";
case MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC:
return "CLIENT_CHANGE_CIPHER_SPEC";
case MBEDTLS_SSL_CLIENT_FINISHED:
return "CLIENT_FINISHED";
case MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC:
return "SERVER_CHANGE_CIPHER_SPEC";
case MBEDTLS_SSL_SERVER_FINISHED:
return "SERVER_FINISHED";
case MBEDTLS_SSL_FLUSH_BUFFERS:
return "FLUSH_BUFFERS";
case MBEDTLS_SSL_HANDSHAKE_WRAPUP:
return "HANDSHAKE_WRAPUP";
case MBEDTLS_SSL_HANDSHAKE_OVER:
return "HANDSHAKE_OVER";
case MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET:
return "SERVER_NEW_SESSION_TICKET";
case MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT:
return "SERVER_HELLO_VERIFY_REQUEST_SENT";
default:
return NULL;
}
}

Some files were not shown because too many files have changed in this diff Show more