len0rd/FreeRTOS-Kernel
1
0
Fork 0
mirror of https://github.com/FreeRTOS/FreeRTOS-Kernel.git synced 2025-08-19 09:38:32 -04:00
Code Issues Projects Releases Packages Wiki Activity

Update CyaSSL to latest version.

Browse source
This commit is contained in:
Richard Barry 2014-07-18 18:54:25 +00:00
parent 5fcd270398
commit 3d007d0b4b
445 changed files with 162375 additions and 26182 deletions
Download patch file Download diff file Expand all files Collapse all files

1064
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/benchmark/benchmark.c
View file

File diff suppressed because it is too large Load diff

1
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/benchmark/include.am
View file

@ -7,3 +7,4 @@ ctaocrypt_benchmark_benchmark_LDADD = src/libcyassl.la
ctaocrypt_benchmark_benchmark_DEPENDENCIES = src/libcyassl.la
EXTRA_DIST += ctaocrypt/benchmark/benchmark.sln
EXTRA_DIST += ctaocrypt/benchmark/benchmark.vcproj
DISTCLEANFILES+= ctaocrypt/benchmark/.libs/benchmark

1628
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/aes.c
View file

File diff suppressed because it is too large Load diff

972
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/aes_asm.asm Normal file
View file

@ -0,0 +1,972 @@
; /*aes_asm . asm
; *
; *Copyright[C]2006 -2014 wolfSSL Inc .
; *
; *This file is part of CyaSSL .
; *
; *CyaSSL is free software/ you can redistribute it and/or modify
; *it under the terms of the GNU General Public License as published by
; *the Free Software Foundation/ either version 2 of the License, or
; *[at your option]any later version .
; *
; *CyaSSL ,is distributed in the hope that it will be useful
; *but WITHOUT ANY WARRANTY/ without even the implied warranty of
; *MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
; *GNU General Public License for more details .
; *
; *You should have received a copy of the GNU General Public License
; *along with this program/ if not, write to the Free Software
; *Foundation,Inc .,51 Franklin Street,Fifth Floor,Boston,MA 02110-1301,USA
; */
;
;
; /*See IntelA dvanced Encryption Standard[AES]Instructions Set White Paper
; *by Israel,Intel Mobility Group Development Center,Israel Shay Gueron
; */
;
; /* This file is in intel asm syntax, see .s for at&t syntax */
;
; /*
; AES_CBC_encrypt[const ,unsigned char*in
; unsigned ,char*out
; unsigned ,char ivec+16
; unsigned ,long length
; const ,unsigned char*KS
; int nr]
; */
_text SEGMENT
AES_CBC_encrypt PROC
;# parameter 1: rdi
;# parameter 2: rsi
;# parameter 3: rdx
;# parameter 4: rcx
;# parameter 5: r8
;# parameter 6: r9d
; save rdi and rsi to rax and r11, restore before ret
mov rax,rdi
mov r11,rsi
; convert to what we had for att&t convention
mov rdi,rcx
mov rsi,rdx
mov rdx,r8
mov rcx,r9
mov r8,[rsp+40]
mov r9d,[rsp+48]
mov r10,rcx
shr rcx,4
shl r10,60
je NO_PARTS
add rcx,1
NO_PARTS:
sub rsi,16
movdqa xmm1,[rdx]
LOOP_1:
pxor xmm1,[rdi]
pxor xmm1,[r8]
add rsi,16
add rdi,16
cmp r9d,12
aesenc xmm1,16[r8]
aesenc xmm1,32[r8]
aesenc xmm1,48[r8]
aesenc xmm1,64[r8]
aesenc xmm1,80[r8]
aesenc xmm1,96[r8]
aesenc xmm1,112[r8]
aesenc xmm1,128[r8]
aesenc xmm1,144[r8]
movdqa xmm2,160[r8]
jb LAST
cmp r9d,14
aesenc xmm1,160[r8]
aesenc xmm1,176[r8]
movdqa xmm2,192[r8]
jb LAST
aesenc xmm1,192[r8]
aesenc xmm1,208[r8]
movdqa xmm2,224[r8]
LAST:
dec rcx
aesenclast xmm1,xmm2
movdqu [rsi],xmm1
jne LOOP_1
; restore non volatile rdi,rsi
mov rdi,rax
mov rsi,r11
ret
AES_CBC_encrypt ENDP
; /*
; AES_CBC_decrypt[const ,unsigned char*in
; unsigned ,char*out
; unsigned ,char ivec+16
; unsigned ,long length
; const ,unsigned char*KS
; int nr]
; */
; . globl AES_CBC_decrypt
AES_CBC_decrypt PROC
;# parameter 1: rdi
;# parameter 2: rsi
;# parameter 3: rdx
;# parameter 4: rcx
;# parameter 5: r8
;# parameter 6: r9d
; save rdi and rsi to rax and r11, restore before ret
mov rax,rdi
mov r11,rsi
; convert to what we had for att&t convention
mov rdi,rcx
mov rsi,rdx
mov rdx,r8
mov rcx,r9
mov r8,[rsp+40]
mov r9d,[rsp+48]
; on microsoft xmm6-xmm15 are non volaitle, let's save on stack and restore at end
sub rsp,8+8*16 ; 8 = align stack , 8 xmm6-12,15 16 bytes each
movdqa [rsp+0], xmm6
movdqa [rsp+16], xmm7
movdqa [rsp+32], xmm8
movdqa [rsp+48], xmm9
movdqa [rsp+64], xmm10
movdqa [rsp+80], xmm11
movdqa [rsp+96], xmm12
movdqa [rsp+112], xmm15
mov r10,rcx
shr rcx,4
shl r10,60
je DNO_PARTS_4
add rcx,1
DNO_PARTS_4:
mov r10,rcx
shl r10,62
shr r10,62
shr rcx,2
movdqu xmm5,[rdx]
je DREMAINDER_4
sub rsi,64
DLOOP_4:
movdqu xmm1,[rdi]
movdqu xmm2,16[rdi]
movdqu xmm3,32[rdi]
movdqu xmm4,48[rdi]
movdqa xmm6,xmm1
movdqa xmm7,xmm2
movdqa xmm8,xmm3
movdqa xmm15,xmm4
movdqa xmm9,[r8]
movdqa xmm10,16[r8]
movdqa xmm11,32[r8]
movdqa xmm12,48[r8]
pxor xmm1,xmm9
pxor xmm2,xmm9
pxor xmm3,xmm9
pxor xmm4,xmm9
aesdec xmm1,xmm10
aesdec xmm2,xmm10
aesdec xmm3,xmm10
aesdec xmm4,xmm10
aesdec xmm1,xmm11
aesdec xmm2,xmm11
aesdec xmm3,xmm11
aesdec xmm4,xmm11
aesdec xmm1,xmm12
aesdec xmm2,xmm12
aesdec xmm3,xmm12
aesdec xmm4,xmm12
movdqa xmm9,64[r8]
movdqa xmm10,80[r8]
movdqa xmm11,96[r8]
movdqa xmm12,112[r8]
aesdec xmm1,xmm9
aesdec xmm2,xmm9
aesdec xmm3,xmm9
aesdec xmm4,xmm9
aesdec xmm1,xmm10
aesdec xmm2,xmm10
aesdec xmm3,xmm10
aesdec xmm4,xmm10
aesdec xmm1,xmm11
aesdec xmm2,xmm11
aesdec xmm3,xmm11
aesdec xmm4,xmm11
aesdec xmm1,xmm12
aesdec xmm2,xmm12
aesdec xmm3,xmm12
aesdec xmm4,xmm12
movdqa xmm9,128[r8]
movdqa xmm10,144[r8]
movdqa xmm11,160[r8]
cmp r9d,12
aesdec xmm1,xmm9
aesdec xmm2,xmm9
aesdec xmm3,xmm9
aesdec xmm4,xmm9
aesdec xmm1,xmm10
aesdec xmm2,xmm10
aesdec xmm3,xmm10
aesdec xmm4,xmm10
jb DLAST_4
movdqa xmm9,160[r8]
movdqa xmm10,176[r8]
movdqa xmm11,192[r8]
cmp r9d,14
aesdec xmm1,xmm9
aesdec xmm2,xmm9
aesdec xmm3,xmm9
aesdec xmm4,xmm9
aesdec xmm1,xmm10
aesdec xmm2,xmm10
aesdec xmm3,xmm10
aesdec xmm4,xmm10
jb DLAST_4
movdqa xmm9,192[r8]
movdqa xmm10,208[r8]
movdqa xmm11,224[r8]
aesdec xmm1,xmm9
aesdec xmm2,xmm9
aesdec xmm3,xmm9
aesdec xmm4,xmm9
aesdec xmm1,xmm10
aesdec xmm2,xmm10
aesdec xmm3,xmm10
aesdec xmm4,xmm10
DLAST_4:
add rdi,64
add rsi,64
dec rcx
aesdeclast xmm1,xmm11
aesdeclast xmm2,xmm11
aesdeclast xmm3,xmm11
aesdeclast xmm4,xmm11
pxor xmm1,xmm5
pxor xmm2,xmm6
pxor xmm3,xmm7
pxor xmm4,xmm8
movdqu [rsi],xmm1
movdqu 16[rsi],xmm2
movdqu 32[rsi],xmm3
movdqu 48[rsi],xmm4
movdqa xmm5,xmm15
jne DLOOP_4
add rsi,64
DREMAINDER_4:
cmp r10,0
je DEND_4
DLOOP_4_2:
movdqu xmm1,[rdi]
movdqa xmm15,xmm1
add rdi,16
pxor xmm1,[r8]
movdqu xmm2,160[r8]
cmp r9d,12
aesdec xmm1,16[r8]
aesdec xmm1,32[r8]
aesdec xmm1,48[r8]
aesdec xmm1,64[r8]
aesdec xmm1,80[r8]
aesdec xmm1,96[r8]
aesdec xmm1,112[r8]
aesdec xmm1,128[r8]
aesdec xmm1,144[r8]
jb DLAST_4_2
movdqu xmm2,192[r8]
cmp r9d,14
aesdec xmm1,160[r8]
aesdec xmm1,176[r8]
jb DLAST_4_2
movdqu xmm2,224[r8]
aesdec xmm1,192[r8]
aesdec xmm1,208[r8]
DLAST_4_2:
aesdeclast xmm1,xmm2
pxor xmm1,xmm5
movdqa xmm5,xmm15
movdqu [rsi],xmm1
add rsi,16
dec r10
jne DLOOP_4_2
DEND_4:
; restore non volatile rdi,rsi
mov rdi,rax
mov rsi,r11
; restore non volatile xmms from stack
movdqa xmm6, [rsp+0]
movdqa xmm7, [rsp+16]
movdqa xmm8, [rsp+32]
movdqa xmm9, [rsp+48]
movdqa xmm10, [rsp+64]
movdqa xmm11, [rsp+80]
movdqa xmm12, [rsp+96]
movdqa xmm15, [rsp+112]
add rsp,8+8*16 ; 8 = align stack , 8 xmm6-12,15 16 bytes each
ret
AES_CBC_decrypt ENDP
; /*
; AES_ECB_encrypt[const ,unsigned char*in
; unsigned ,char*out
; unsigned ,long length
; const ,unsigned char*KS
; int nr]
; */
; . globl AES_ECB_encrypt
AES_ECB_encrypt PROC
;# parameter 1: rdi
;# parameter 2: rsi
;# parameter 3: rdx
;# parameter 4: rcx
;# parameter 5: r8d
; save rdi and rsi to rax and r11, restore before ret
mov rax,rdi
mov r11,rsi
; convert to what we had for att&t convention
mov rdi,rcx
mov rsi,rdx
mov rdx,r8
mov rcx,r9
mov r8d,[rsp+40]
; on microsoft xmm6-xmm15 are non volaitle, let's save on stack and restore at end
sub rsp,8+4*16 ; 8 = align stack , 4 xmm9-12, 16 bytes each
movdqa [rsp+0], xmm9
movdqa [rsp+16], xmm10
movdqa [rsp+32], xmm11
movdqa [rsp+48], xmm12
mov r10,rdx
shr rdx,4
shl r10,60
je EECB_NO_PARTS_4
add rdx,1
EECB_NO_PARTS_4:
mov r10,rdx
shl r10,62
shr r10,62
shr rdx,2
je EECB_REMAINDER_4
sub rsi,64
EECB_LOOP_4:
movdqu xmm1,[rdi]
movdqu xmm2,16[rdi]
movdqu xmm3,32[rdi]
movdqu xmm4,48[rdi]
movdqa xmm9,[rcx]
movdqa xmm10,16[rcx]
movdqa xmm11,32[rcx]
movdqa xmm12,48[rcx]
pxor xmm1,xmm9
pxor xmm2,xmm9
pxor xmm3,xmm9
pxor xmm4,xmm9
aesenc xmm1,xmm10
aesenc xmm2,xmm10
aesenc xmm3,xmm10
aesenc xmm4,xmm10
aesenc xmm1,xmm11
aesenc xmm2,xmm11
aesenc xmm3,xmm11
aesenc xmm4,xmm11
aesenc xmm1,xmm12
aesenc xmm2,xmm12
aesenc xmm3,xmm12
aesenc xmm4,xmm12
movdqa xmm9,64[rcx]
movdqa xmm10,80[rcx]
movdqa xmm11,96[rcx]
movdqa xmm12,112[rcx]
aesenc xmm1,xmm9
aesenc xmm2,xmm9
aesenc xmm3,xmm9
aesenc xmm4,xmm9
aesenc xmm1,xmm10
aesenc xmm2,xmm10
aesenc xmm3,xmm10
aesenc xmm4,xmm10
aesenc xmm1,xmm11
aesenc xmm2,xmm11
aesenc xmm3,xmm11
aesenc xmm4,xmm11
aesenc xmm1,xmm12
aesenc xmm2,xmm12
aesenc xmm3,xmm12
aesenc xmm4,xmm12
movdqa xmm9,128[rcx]
movdqa xmm10,144[rcx]
movdqa xmm11,160[rcx]
cmp r8d,12
aesenc xmm1,xmm9
aesenc xmm2,xmm9
aesenc xmm3,xmm9
aesenc xmm4,xmm9
aesenc xmm1,xmm10
aesenc xmm2,xmm10
aesenc xmm3,xmm10
aesenc xmm4,xmm10
jb EECB_LAST_4
movdqa xmm9,160[rcx]
movdqa xmm10,176[rcx]
movdqa xmm11,192[rcx]
cmp r8d,14
aesenc xmm1,xmm9
aesenc xmm2,xmm9
aesenc xmm3,xmm9
aesenc xmm4,xmm9
aesenc xmm1,xmm10
aesenc xmm2,xmm10
aesenc xmm3,xmm10
aesenc xmm4,xmm10
jb EECB_LAST_4
movdqa xmm9,192[rcx]
movdqa xmm10,208[rcx]
movdqa xmm11,224[rcx]
aesenc xmm1,xmm9
aesenc xmm2,xmm9
aesenc xmm3,xmm9
aesenc xmm4,xmm9
aesenc xmm1,xmm10
aesenc xmm2,xmm10
aesenc xmm3,xmm10
aesenc xmm4,xmm10
EECB_LAST_4:
add rdi,64
add rsi,64
dec rdx
aesenclast xmm1,xmm11
aesenclast xmm2,xmm11
aesenclast xmm3,xmm11
aesenclast xmm4,xmm11
movdqu [rsi],xmm1
movdqu 16[rsi],xmm2
movdqu 32[rsi],xmm3
movdqu 48[rsi],xmm4
jne EECB_LOOP_4
add rsi,64
EECB_REMAINDER_4:
cmp r10,0
je EECB_END_4
EECB_LOOP_4_2:
movdqu xmm1,[rdi]
add rdi,16
pxor xmm1,[rcx]
movdqu xmm2,160[rcx]
aesenc xmm1,16[rcx]
aesenc xmm1,32[rcx]
aesenc xmm1,48[rcx]
aesenc xmm1,64[rcx]
aesenc xmm1,80[rcx]
aesenc xmm1,96[rcx]
aesenc xmm1,112[rcx]
aesenc xmm1,128[rcx]
aesenc xmm1,144[rcx]
cmp r8d,12
jb EECB_LAST_4_2
movdqu xmm2,192[rcx]
aesenc xmm1,160[rcx]
aesenc xmm1,176[rcx]
cmp r8d,14
jb EECB_LAST_4_2
movdqu xmm2,224[rcx]
aesenc xmm1,192[rcx]
aesenc xmm1,208[rcx]
EECB_LAST_4_2:
aesenclast xmm1,xmm2
movdqu [rsi],xmm1
add rsi,16
dec r10
jne EECB_LOOP_4_2
EECB_END_4:
; restore non volatile rdi,rsi
mov rdi,rax
mov rsi,r11
; restore non volatile xmms from stack
movdqa xmm9, [rsp+0]
movdqa xmm10, [rsp+16]
movdqa xmm11, [rsp+32]
movdqa xmm12, [rsp+48]
add rsp,8+4*16 ; 8 = align stack , 4 xmm9-12 16 bytes each
ret
AES_ECB_encrypt ENDP
; /*
; AES_ECB_decrypt[const ,unsigned char*in
; unsigned ,char*out
; unsigned ,long length
; const ,unsigned char*KS
; int nr]
; */
; . globl AES_ECB_decrypt
AES_ECB_decrypt PROC
;# parameter 1: rdi
;# parameter 2: rsi
;# parameter 3: rdx
;# parameter 4: rcx
;# parameter 5: r8d
; save rdi and rsi to rax and r11, restore before ret
mov rax,rdi
mov r11,rsi
; convert to what we had for att&t convention
mov rdi,rcx
mov rsi,rdx
mov rdx,r8
mov rcx,r9
mov r8d,[rsp+40]
; on microsoft xmm6-xmm15 are non volaitle, let's save on stack and restore at end
sub rsp,8+4*16 ; 8 = align stack , 4 xmm9-12, 16 bytes each
movdqa [rsp+0], xmm9
movdqa [rsp+16], xmm10
movdqa [rsp+32], xmm11
movdqa [rsp+48], xmm12
mov r10,rdx
shr rdx,4
shl r10,60
je DECB_NO_PARTS_4
add rdx,1
DECB_NO_PARTS_4:
mov r10,rdx
shl r10,62
shr r10,62
shr rdx,2
je DECB_REMAINDER_4
sub rsi,64
DECB_LOOP_4:
movdqu xmm1,[rdi]
movdqu xmm2,16[rdi]
movdqu xmm3,32[rdi]
movdqu xmm4,48[rdi]
movdqa xmm9,[rcx]
movdqa xmm10,16[rcx]
movdqa xmm11,32[rcx]
movdqa xmm12,48[rcx]
pxor xmm1,xmm9
pxor xmm2,xmm9
pxor xmm3,xmm9
pxor xmm4,xmm9
aesdec xmm1,xmm10
aesdec xmm2,xmm10
aesdec xmm3,xmm10
aesdec xmm4,xmm10
aesdec xmm1,xmm11
aesdec xmm2,xmm11
aesdec xmm3,xmm11
aesdec xmm4,xmm11
aesdec xmm1,xmm12
aesdec xmm2,xmm12
aesdec xmm3,xmm12
aesdec xmm4,xmm12
movdqa xmm9,64[rcx]
movdqa xmm10,80[rcx]
movdqa xmm11,96[rcx]
movdqa xmm12,112[rcx]
aesdec xmm1,xmm9
aesdec xmm2,xmm9
aesdec xmm3,xmm9
aesdec xmm4,xmm9
aesdec xmm1,xmm10
aesdec xmm2,xmm10
aesdec xmm3,xmm10
aesdec xmm4,xmm10
aesdec xmm1,xmm11
aesdec xmm2,xmm11
aesdec xmm3,xmm11
aesdec xmm4,xmm11
aesdec xmm1,xmm12
aesdec xmm2,xmm12
aesdec xmm3,xmm12
aesdec xmm4,xmm12
movdqa xmm9,128[rcx]
movdqa xmm10,144[rcx]
movdqa xmm11,160[rcx]
cmp r8d,12
aesdec xmm1,xmm9
aesdec xmm2,xmm9
aesdec xmm3,xmm9
aesdec xmm4,xmm9
aesdec xmm1,xmm10
aesdec xmm2,xmm10
aesdec xmm3,xmm10
aesdec xmm4,xmm10
jb DECB_LAST_4
movdqa xmm9,160[rcx]
movdqa xmm10,176[rcx]
movdqa xmm11,192[rcx]
cmp r8d,14
aesdec xmm1,xmm9
aesdec xmm2,xmm9
aesdec xmm3,xmm9
aesdec xmm4,xmm9
aesdec xmm1,xmm10
aesdec xmm2,xmm10
aesdec xmm3,xmm10
aesdec xmm4,xmm10
jb DECB_LAST_4
movdqa xmm9,192[rcx]
movdqa xmm10,208[rcx]
movdqa xmm11,224[rcx]
aesdec xmm1,xmm9
aesdec xmm2,xmm9
aesdec xmm3,xmm9
aesdec xmm4,xmm9
aesdec xmm1,xmm10
aesdec xmm2,xmm10
aesdec xmm3,xmm10
aesdec xmm4,xmm10
DECB_LAST_4:
add rdi,64
add rsi,64
dec rdx
aesdeclast xmm1,xmm11
aesdeclast xmm2,xmm11
aesdeclast xmm3,xmm11
aesdeclast xmm4,xmm11
movdqu [rsi],xmm1
movdqu 16[rsi],xmm2
movdqu 32[rsi],xmm3
movdqu 48[rsi],xmm4
jne DECB_LOOP_4
add rsi,64
DECB_REMAINDER_4:
cmp r10,0
je DECB_END_4
DECB_LOOP_4_2:
movdqu xmm1,[rdi]
add rdi,16
pxor xmm1,[rcx]
movdqu xmm2,160[rcx]
cmp r8d,12
aesdec xmm1,16[rcx]
aesdec xmm1,32[rcx]
aesdec xmm1,48[rcx]
aesdec xmm1,64[rcx]
aesdec xmm1,80[rcx]
aesdec xmm1,96[rcx]
aesdec xmm1,112[rcx]
aesdec xmm1,128[rcx]
aesdec xmm1,144[rcx]
jb DECB_LAST_4_2
cmp r8d,14
movdqu xmm2,192[rcx]
aesdec xmm1,160[rcx]
aesdec xmm1,176[rcx]
jb DECB_LAST_4_2
movdqu xmm2,224[rcx]
aesdec xmm1,192[rcx]
aesdec xmm1,208[rcx]
DECB_LAST_4_2:
aesdeclast xmm1,xmm2
movdqu [rsi],xmm1
add rsi,16
dec r10
jne DECB_LOOP_4_2
DECB_END_4:
; restore non volatile rdi,rsi
mov rdi,rax
mov rsi,r11
; restore non volatile xmms from stack
movdqa xmm9, [rsp+0]
movdqa xmm10, [rsp+16]
movdqa xmm11, [rsp+32]
movdqa xmm12, [rsp+48]
add rsp,8+4*16 ; 8 = align stack , 4 xmm9-12 16 bytes each
ret
AES_ECB_decrypt ENDP
; /*
; void ,AES_128_Key_Expansion[const unsigned char*userkey
; unsigned char*key_schedule]/
; */
; . align 16,0x90
; . globl AES_128_Key_Expansion
AES_128_Key_Expansion PROC
;# parameter 1: rdi
;# parameter 2: rsi
; save rdi and rsi to rax and r11, restore before ret
mov rax,rdi
mov r11,rsi
; convert to what we had for att&t convention
mov rdi,rcx
mov rsi,rdx
mov dword ptr 240[rsi],10
movdqu xmm1,[rdi]
movdqa [rsi],xmm1
ASSISTS:
aeskeygenassist xmm2,xmm1,1
call PREPARE_ROUNDKEY_128
movdqa 16[rsi],xmm1
aeskeygenassist xmm2,xmm1,2
call PREPARE_ROUNDKEY_128
movdqa 32[rsi],xmm1
aeskeygenassist xmm2,xmm1,4
call PREPARE_ROUNDKEY_128
movdqa 48[rsi],xmm1
aeskeygenassist xmm2,xmm1,8
call PREPARE_ROUNDKEY_128
movdqa 64[rsi],xmm1
aeskeygenassist xmm2,xmm1,16
call PREPARE_ROUNDKEY_128
movdqa 80[rsi],xmm1
aeskeygenassist xmm2,xmm1,32
call PREPARE_ROUNDKEY_128
movdqa 96[rsi],xmm1
aeskeygenassist xmm2,xmm1,64
call PREPARE_ROUNDKEY_128
movdqa 112[rsi],xmm1
aeskeygenassist xmm2,xmm1,80h
call PREPARE_ROUNDKEY_128
movdqa 128[rsi],xmm1
aeskeygenassist xmm2,xmm1,1bh
call PREPARE_ROUNDKEY_128
movdqa 144[rsi],xmm1
aeskeygenassist xmm2,xmm1,36h
call PREPARE_ROUNDKEY_128
movdqa 160[rsi],xmm1
; restore non volatile rdi,rsi
mov rdi,rax
mov rsi,r11
ret
PREPARE_ROUNDKEY_128:
pshufd xmm2,xmm2,255
movdqa xmm3,xmm1
pslldq xmm3,4
pxor xmm1,xmm3
pslldq xmm3,4
pxor xmm1,xmm3
pslldq xmm3,4
pxor xmm1,xmm3
pxor xmm1,xmm2
ret
AES_128_Key_Expansion ENDP
; /*
; void ,AES_192_Key_Expansion[const unsigned char*userkey
; unsigned char*key]
; */
; . globl AES_192_Key_Expansion
AES_192_Key_Expansion PROC
;# parameter 1: rdi
;# parameter 2: rsi
; save rdi and rsi to rax and r11, restore before ret
mov rax,rdi
mov r11,rsi
; convert to what we had for att&t convention
mov rdi,rcx
mov rsi,rdx
; on microsoft xmm6-xmm15 are non volaitle, let's save on stack and restore at end
sub rsp,8+1*16 ; 8 = align stack , 1 xmm6, 16 bytes each
movdqa [rsp+0], xmm6
movdqu xmm1,[rdi]
movdqu xmm3,16[rdi]
movdqa [rsi],xmm1
movdqa xmm5,xmm3
aeskeygenassist xmm2,xmm3,1h
call PREPARE_ROUNDKEY_192
shufpd xmm5,xmm1,0
movdqa 16[rsi],xmm5
movdqa xmm6,xmm1
shufpd xmm6,xmm3,1
movdqa 32[rsi],xmm6
aeskeygenassist xmm2,xmm3,2h
call PREPARE_ROUNDKEY_192
movdqa 48[rsi],xmm1
movdqa xmm5,xmm3
aeskeygenassist xmm2,xmm3,4h
call PREPARE_ROUNDKEY_192
shufpd xmm5,xmm1,0
movdqa 64[rsi],xmm5
movdqa xmm6,xmm1
shufpd xmm6,xmm3,1
movdqa 80[rsi],xmm6
aeskeygenassist xmm2,xmm3,8h
call PREPARE_ROUNDKEY_192
movdqa 96[rsi],xmm1
movdqa xmm5,xmm3
aeskeygenassist xmm2,xmm3,10h
call PREPARE_ROUNDKEY_192
shufpd xmm5,xmm1,0
movdqa 112[rsi],xmm5
movdqa xmm6,xmm1
shufpd xmm6,xmm3,1
movdqa 128[rsi],xmm6
aeskeygenassist xmm2,xmm3,20h
call PREPARE_ROUNDKEY_192
movdqa 144[rsi],xmm1
movdqa xmm5,xmm3
aeskeygenassist xmm2,xmm3,40h
call PREPARE_ROUNDKEY_192
shufpd xmm5,xmm1,0
movdqa 160[rsi],xmm5
movdqa xmm6,xmm1
shufpd xmm6,xmm3,1
movdqa 176[rsi],xmm6
aeskeygenassist xmm2,xmm3,80h
call PREPARE_ROUNDKEY_192
movdqa 192[rsi],xmm1
movdqa 208[rsi],xmm3
; restore non volatile rdi,rsi
mov rdi,rax
mov rsi,r11
; restore non volatile xmms from stack
movdqa xmm6, [rsp+0]
add rsp,8+1*16 ; 8 = align stack , 1 xmm6 16 bytes each
ret
PREPARE_ROUNDKEY_192:
pshufd xmm2,xmm2,55h
movdqu xmm4,xmm1
pslldq xmm4,4
pxor xmm1,xmm4
pslldq xmm4,4
pxor xmm1,xmm4
pslldq xmm4,4
pxor xmm1,xmm4
pxor xmm1,xmm2
pshufd xmm2,xmm1,0ffh
movdqu xmm4,xmm3
pslldq xmm4,4
pxor xmm3,xmm4
pxor xmm3,xmm2
ret
AES_192_Key_Expansion ENDP
; /*
; void ,AES_256_Key_Expansion[const unsigned char*userkey
; unsigned char*key]
; */
; . globl AES_256_Key_Expansion
AES_256_Key_Expansion PROC
;# parameter 1: rdi
;# parameter 2: rsi
; save rdi and rsi to rax and r11, restore before ret
mov rax,rdi
mov r11,rsi
; convert to what we had for att&t convention
mov rdi,rcx
mov rsi,rdx
movdqu xmm1,[rdi]
movdqu xmm3,16[rdi]
movdqa [rsi],xmm1
movdqa 16[rsi],xmm3
aeskeygenassist xmm2,xmm3,1h
call MAKE_RK256_a
movdqa 32[rsi],xmm1
aeskeygenassist xmm2,xmm1,0h
call MAKE_RK256_b
movdqa 48[rsi],xmm3
aeskeygenassist xmm2,xmm3,2h
call MAKE_RK256_a
movdqa 64[rsi],xmm1
aeskeygenassist xmm2,xmm1,0h
call MAKE_RK256_b
movdqa 80[rsi],xmm3
aeskeygenassist xmm2,xmm3,4h
call MAKE_RK256_a
movdqa 96[rsi],xmm1
aeskeygenassist xmm2,xmm1,0h
call MAKE_RK256_b
movdqa 112[rsi],xmm3
aeskeygenassist xmm2,xmm3,8h
call MAKE_RK256_a
movdqa 128[rsi],xmm1
aeskeygenassist xmm2,xmm1,0h
call MAKE_RK256_b
movdqa 144[rsi],xmm3
aeskeygenassist xmm2,xmm3,10h
call MAKE_RK256_a
movdqa 160[rsi],xmm1
aeskeygenassist xmm2,xmm1,0h
call MAKE_RK256_b
movdqa 176[rsi],xmm3
aeskeygenassist xmm2,xmm3,20h
call MAKE_RK256_a
movdqa 192[rsi],xmm1
aeskeygenassist xmm2,xmm1,0h
call MAKE_RK256_b
movdqa 208[rsi],xmm3
aeskeygenassist xmm2,xmm3,40h
call MAKE_RK256_a
movdqa 224[rsi],xmm1
; restore non volatile rdi,rsi
mov rdi,rax
mov rsi,r11
ret
AES_256_Key_Expansion ENDP
MAKE_RK256_a:
pshufd xmm2,xmm2,0ffh
movdqa xmm4,xmm1
pslldq xmm4,4
pxor xmm1,xmm4
pslldq xmm4,4
pxor xmm1,xmm4
pslldq xmm4,4
pxor xmm1,xmm4
pxor xmm1,xmm2
ret
MAKE_RK256_b:
pshufd xmm2,xmm2,0aah
movdqa xmm4,xmm3
pslldq xmm4,4
pxor xmm3,xmm4
pslldq xmm4,4
pxor xmm3,xmm4
pslldq xmm4,4
pxor xmm3,xmm4
pxor xmm3,xmm2
ret
END

372
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/aes_asm.s
View file

@ -1,6 +1,6 @@
/* aes_asm.s
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -24,13 +24,17 @@
* by Intel Mobility Group, Israel Development Center, Israel Shay Gueron
*/
/* This file is in at&t asm syntax, see .asm for intel syntax */
//AES_CBC_encrypt (const unsigned char *in,
// unsigned char *out,
// unsigned char ivec[16],
// unsigned long length,
// const unsigned char *KS,
// int nr)
/*
AES_CBC_encrypt (const unsigned char *in,
unsigned char *out,
unsigned char ivec[16],
unsigned long length,
const unsigned char *KS,
int nr)
*/
.globl AES_CBC_encrypt
AES_CBC_encrypt:
# parameter 1: %rdi
@ -82,12 +86,15 @@ ret
//AES_CBC_decrypt (const unsigned char *in,
// unsigned char *out,
// unsigned char ivec[16],
// unsigned long length,
// const unsigned char *KS,
// int nr)
/*
AES_CBC_decrypt (const unsigned char *in,
unsigned char *out,
unsigned char ivec[16],
unsigned long length,
const unsigned char *KS,
int nr)
*/
.globl AES_CBC_decrypt
AES_CBC_decrypt:
# parameter 1: %rdi
@ -258,10 +265,331 @@ DEND_4:
ret
/*
AES_ECB_encrypt (const unsigned char *in,
unsigned char *out,
unsigned long length,
const unsigned char *KS,
int nr)
*/
.globl AES_ECB_encrypt
AES_ECB_encrypt:
# parameter 1: %rdi
# parameter 2: %rsi
# parameter 3: %rdx
# parameter 4: %rcx
# parameter 5: %r8d
movq %rdx, %r10
shrq $4, %rdx
shlq $60, %r10
je EECB_NO_PARTS_4
addq $1, %rdx
EECB_NO_PARTS_4:
movq %rdx, %r10
shlq $62, %r10
shrq $62, %r10
shrq $2, %rdx
je EECB_REMAINDER_4
subq $64, %rsi
EECB_LOOP_4:
movdqu (%rdi), %xmm1
movdqu 16(%rdi), %xmm2
movdqu 32(%rdi), %xmm3
movdqu 48(%rdi), %xmm4
movdqa (%rcx), %xmm9
movdqa 16(%rcx), %xmm10
movdqa 32(%rcx), %xmm11
movdqa 48(%rcx), %xmm12
pxor %xmm9, %xmm1
pxor %xmm9, %xmm2
pxor %xmm9, %xmm3
pxor %xmm9, %xmm4
aesenc %xmm10, %xmm1
aesenc %xmm10, %xmm2
aesenc %xmm10, %xmm3
aesenc %xmm10, %xmm4
aesenc %xmm11, %xmm1
aesenc %xmm11, %xmm2
aesenc %xmm11, %xmm3
aesenc %xmm11, %xmm4
aesenc %xmm12, %xmm1
aesenc %xmm12, %xmm2
aesenc %xmm12, %xmm3
aesenc %xmm12, %xmm4
movdqa 64(%rcx), %xmm9
movdqa 80(%rcx), %xmm10
movdqa 96(%rcx), %xmm11
movdqa 112(%rcx), %xmm12
aesenc %xmm9, %xmm1
aesenc %xmm9, %xmm2
aesenc %xmm9, %xmm3
aesenc %xmm9, %xmm4
aesenc %xmm10, %xmm1
aesenc %xmm10, %xmm2
aesenc %xmm10, %xmm3
aesenc %xmm10, %xmm4
aesenc %xmm11, %xmm1
aesenc %xmm11, %xmm2
aesenc %xmm11, %xmm3
aesenc %xmm11, %xmm4
aesenc %xmm12, %xmm1
aesenc %xmm12, %xmm2
aesenc %xmm12, %xmm3
aesenc %xmm12, %xmm4
movdqa 128(%rcx), %xmm9
movdqa 144(%rcx), %xmm10
movdqa 160(%rcx), %xmm11
cmpl $12, %r8d
aesenc %xmm9, %xmm1
aesenc %xmm9, %xmm2
aesenc %xmm9, %xmm3
aesenc %xmm9, %xmm4
aesenc %xmm10, %xmm1
aesenc %xmm10, %xmm2
aesenc %xmm10, %xmm3
aesenc %xmm10, %xmm4
jb EECB_LAST_4
movdqa 160(%rcx), %xmm9
movdqa 176(%rcx), %xmm10
movdqa 192(%rcx), %xmm11
cmpl $14, %r8d
aesenc %xmm9, %xmm1
aesenc %xmm9, %xmm2
aesenc %xmm9, %xmm3
aesenc %xmm9, %xmm4
aesenc %xmm10, %xmm1
aesenc %xmm10, %xmm2
aesenc %xmm10, %xmm3
aesenc %xmm10, %xmm4
jb EECB_LAST_4
movdqa 192(%rcx), %xmm9
movdqa 208(%rcx), %xmm10
movdqa 224(%rcx), %xmm11
aesenc %xmm9, %xmm1
aesenc %xmm9, %xmm2
aesenc %xmm9, %xmm3
aesenc %xmm9, %xmm4
aesenc %xmm10, %xmm1
aesenc %xmm10, %xmm2
aesenc %xmm10, %xmm3
aesenc %xmm10, %xmm4
EECB_LAST_4:
addq $64, %rdi
addq $64, %rsi
decq %rdx
aesenclast %xmm11, %xmm1
aesenclast %xmm11, %xmm2
aesenclast %xmm11, %xmm3
aesenclast %xmm11, %xmm4
movdqu %xmm1, (%rsi)
movdqu %xmm2, 16(%rsi)
movdqu %xmm3, 32(%rsi)
movdqu %xmm4, 48(%rsi)
jne EECB_LOOP_4
addq $64, %rsi
EECB_REMAINDER_4:
cmpq $0, %r10
je EECB_END_4
EECB_LOOP_4_2:
movdqu (%rdi), %xmm1
addq $16, %rdi
pxor (%rcx), %xmm1
movdqu 160(%rcx), %xmm2
aesenc 16(%rcx), %xmm1
aesenc 32(%rcx), %xmm1
aesenc 48(%rcx), %xmm1
aesenc 64(%rcx), %xmm1
aesenc 80(%rcx), %xmm1
aesenc 96(%rcx), %xmm1
aesenc 112(%rcx), %xmm1
aesenc 128(%rcx), %xmm1
aesenc 144(%rcx), %xmm1
cmpl $12, %r8d
jb EECB_LAST_4_2
movdqu 192(%rcx), %xmm2
aesenc 160(%rcx), %xmm1
aesenc 176(%rcx), %xmm1
cmpl $14, %r8d
jb EECB_LAST_4_2
movdqu 224(%rcx), %xmm2
aesenc 192(%rcx), %xmm1
aesenc 208(%rcx), %xmm1
EECB_LAST_4_2:
aesenclast %xmm2, %xmm1
movdqu %xmm1, (%rsi)
addq $16, %rsi
decq %r10
jne EECB_LOOP_4_2
EECB_END_4:
ret
//void AES_128_Key_Expansion(const unsigned char* userkey,
// unsigned char* key_schedule);
/*
AES_ECB_decrypt (const unsigned char *in,
unsigned char *out,
unsigned long length,
const unsigned char *KS,
int nr)
*/
.globl AES_ECB_decrypt
AES_ECB_decrypt:
# parameter 1: %rdi
# parameter 2: %rsi
# parameter 3: %rdx
# parameter 4: %rcx
# parameter 5: %r8d
movq %rdx, %r10
shrq $4, %rdx
shlq $60, %r10
je DECB_NO_PARTS_4
addq $1, %rdx
DECB_NO_PARTS_4:
movq %rdx, %r10
shlq $62, %r10
shrq $62, %r10
shrq $2, %rdx
je DECB_REMAINDER_4
subq $64, %rsi
DECB_LOOP_4:
movdqu (%rdi), %xmm1
movdqu 16(%rdi), %xmm2
movdqu 32(%rdi), %xmm3
movdqu 48(%rdi), %xmm4
movdqa (%rcx), %xmm9
movdqa 16(%rcx), %xmm10
movdqa 32(%rcx), %xmm11
movdqa 48(%rcx), %xmm12
pxor %xmm9, %xmm1
pxor %xmm9, %xmm2
pxor %xmm9, %xmm3
pxor %xmm9, %xmm4
aesdec %xmm10, %xmm1
aesdec %xmm10, %xmm2
aesdec %xmm10, %xmm3
aesdec %xmm10, %xmm4
aesdec %xmm11, %xmm1
aesdec %xmm11, %xmm2
aesdec %xmm11, %xmm3
aesdec %xmm11, %xmm4
aesdec %xmm12, %xmm1
aesdec %xmm12, %xmm2
aesdec %xmm12, %xmm3
aesdec %xmm12, %xmm4
movdqa 64(%rcx), %xmm9
movdqa 80(%rcx), %xmm10
movdqa 96(%rcx), %xmm11
movdqa 112(%rcx), %xmm12
aesdec %xmm9, %xmm1
aesdec %xmm9, %xmm2
aesdec %xmm9, %xmm3
aesdec %xmm9, %xmm4
aesdec %xmm10, %xmm1
aesdec %xmm10, %xmm2
aesdec %xmm10, %xmm3
aesdec %xmm10, %xmm4
aesdec %xmm11, %xmm1
aesdec %xmm11, %xmm2
aesdec %xmm11, %xmm3
aesdec %xmm11, %xmm4
aesdec %xmm12, %xmm1
aesdec %xmm12, %xmm2
aesdec %xmm12, %xmm3
aesdec %xmm12, %xmm4
movdqa 128(%rcx), %xmm9
movdqa 144(%rcx), %xmm10
movdqa 160(%rcx), %xmm11
cmpl $12, %r8d
aesdec %xmm9, %xmm1
aesdec %xmm9, %xmm2
aesdec %xmm9, %xmm3
aesdec %xmm9, %xmm4
aesdec %xmm10, %xmm1
aesdec %xmm10, %xmm2
aesdec %xmm10, %xmm3
aesdec %xmm10, %xmm4
jb DECB_LAST_4
movdqa 160(%rcx), %xmm9
movdqa 176(%rcx), %xmm10
movdqa 192(%rcx), %xmm11
cmpl $14, %r8d
aesdec %xmm9, %xmm1
aesdec %xmm9, %xmm2
aesdec %xmm9, %xmm3
aesdec %xmm9, %xmm4
aesdec %xmm10, %xmm1
aesdec %xmm10, %xmm2
aesdec %xmm10, %xmm3
aesdec %xmm10, %xmm4
jb DECB_LAST_4
movdqa 192(%rcx), %xmm9
movdqa 208(%rcx), %xmm10
movdqa 224(%rcx), %xmm11
aesdec %xmm9, %xmm1
aesdec %xmm9, %xmm2
aesdec %xmm9, %xmm3
aesdec %xmm9, %xmm4
aesdec %xmm10, %xmm1
aesdec %xmm10, %xmm2
aesdec %xmm10, %xmm3
aesdec %xmm10, %xmm4
DECB_LAST_4:
addq $64, %rdi
addq $64, %rsi
decq %rdx
aesdeclast %xmm11, %xmm1
aesdeclast %xmm11, %xmm2
aesdeclast %xmm11, %xmm3
aesdeclast %xmm11, %xmm4
movdqu %xmm1, (%rsi)
movdqu %xmm2, 16(%rsi)
movdqu %xmm3, 32(%rsi)
movdqu %xmm4, 48(%rsi)
jne DECB_LOOP_4
addq $64, %rsi
DECB_REMAINDER_4:
cmpq $0, %r10
je DECB_END_4
DECB_LOOP_4_2:
movdqu (%rdi), %xmm1
addq $16, %rdi
pxor (%rcx), %xmm1
movdqu 160(%rcx), %xmm2
cmpl $12, %r8d
aesdec 16(%rcx), %xmm1
aesdec 32(%rcx), %xmm1
aesdec 48(%rcx), %xmm1
aesdec 64(%rcx), %xmm1
aesdec 80(%rcx), %xmm1
aesdec 96(%rcx), %xmm1
aesdec 112(%rcx), %xmm1
aesdec 128(%rcx), %xmm1
aesdec 144(%rcx), %xmm1
jb DECB_LAST_4_2
cmpl $14, %r8d
movdqu 192(%rcx), %xmm2
aesdec 160(%rcx), %xmm1
aesdec 176(%rcx), %xmm1
jb DECB_LAST_4_2
movdqu 224(%rcx), %xmm2
aesdec 192(%rcx), %xmm1
aesdec 208(%rcx), %xmm1
DECB_LAST_4_2:
aesdeclast %xmm2, %xmm1
movdqu %xmm1, (%rsi)
addq $16, %rsi
decq %r10
jne DECB_LOOP_4_2
DECB_END_4:
ret
/*
void AES_128_Key_Expansion(const unsigned char* userkey,
unsigned char* key_schedule);
*/
.align 16,0x90
.globl AES_128_Key_Expansion
AES_128_Key_Expansion:
@ -319,8 +647,10 @@ pxor %xmm2, %xmm1
ret
//void AES_192_Key_Expansion (const unsigned char *userkey,
// unsigned char *key)
/*
void AES_192_Key_Expansion (const unsigned char *userkey,
unsigned char *key)
*/
.globl AES_192_Key_Expansion
AES_192_Key_Expansion:
# parameter 1: %rdi
@ -403,8 +733,10 @@ pxor %xmm2, %xmm3
ret
//void AES_256_Key_Expansion (const unsigned char *userkey,
// unsigned char *key)
/*
void AES_256_Key_Expansion (const unsigned char *userkey,
unsigned char *key)
*/
.globl AES_256_Key_Expansion
AES_256_Key_Expansion:
# parameter 1: %rdi

109
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/arc4.c
View file

@ -1,6 +1,6 @@
/* arc4.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,21 +16,37 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#ifndef NO_RC4
#include <cyassl/ctaocrypt/arc4.h>
#ifdef HAVE_CAVIUM
static void Arc4CaviumSetKey(Arc4* arc4, const byte* key, word32 length);
static void Arc4CaviumProcess(Arc4* arc4, byte* out, const byte* in,
word32 length);
#endif
void Arc4SetKey(Arc4* arc4, const byte* key, word32 length)
{
word32 i;
word32 keyIndex = 0, stateIndex = 0;
#ifdef HAVE_CAVIUM
if (arc4->magic == CYASSL_ARC4_CAVIUM_MAGIC)
return Arc4CaviumSetKey(arc4, key, length);
#endif
arc4->x = 1;
arc4->y = 0;
@ -66,8 +82,16 @@ static INLINE byte MakeByte(word32* x, word32* y, byte* s)
void Arc4Process(Arc4* arc4, byte* out, const byte* in, word32 length)
{
word32 x = arc4->x;
word32 y = arc4->y;
word32 x;
word32 y;
#ifdef HAVE_CAVIUM
if (arc4->magic == CYASSL_ARC4_CAVIUM_MAGIC)
return Arc4CaviumProcess(arc4, out, in, length);
#endif
x = arc4->x;
y = arc4->y;
while(length--)
*out++ = *in++ ^ MakeByte(&x, &y, arc4->state);
@ -76,3 +100,80 @@ void Arc4Process(Arc4* arc4, byte* out, const byte* in, word32 length)
arc4->y = (byte)y;
}
#ifdef HAVE_CAVIUM
#include <cyassl/ctaocrypt/logging.h>
#include "cavium_common.h"
/* Initiliaze Arc4 for use with Nitrox device */
int Arc4InitCavium(Arc4* arc4, int devId)
{
if (arc4 == NULL)
return -1;
if (CspAllocContext(CONTEXT_SSL, &arc4->contextHandle, devId) != 0)
return -1;
arc4->devId = devId;
arc4->magic = CYASSL_ARC4_CAVIUM_MAGIC;
return 0;
}
/* Free Arc4 from use with Nitrox device */
void Arc4FreeCavium(Arc4* arc4)
{
if (arc4 == NULL)
return;
if (arc4->magic != CYASSL_ARC4_CAVIUM_MAGIC)
return;
CspFreeContext(CONTEXT_SSL, arc4->contextHandle, arc4->devId);
arc4->magic = 0;
}
static void Arc4CaviumSetKey(Arc4* arc4, const byte* key, word32 length)
{
word32 requestId;
if (CspInitializeRc4(CAVIUM_BLOCKING, arc4->contextHandle, length,
(byte*)key, &requestId, arc4->devId) != 0) {
CYASSL_MSG("Bad Cavium Arc4 Init");
}
}
static void Arc4CaviumProcess(Arc4* arc4, byte* out, const byte* in,
word32 length)
{
word offset = 0;
word32 requestId;
while (length > CYASSL_MAX_16BIT) {
word16 slen = (word16)CYASSL_MAX_16BIT;
if (CspEncryptRc4(CAVIUM_BLOCKING, arc4->contextHandle,CAVIUM_UPDATE,
slen, (byte*)in + offset, out + offset, &requestId,
arc4->devId) != 0) {
CYASSL_MSG("Bad Cavium Arc4 Encrypt");
}
length -= CYASSL_MAX_16BIT;
offset += CYASSL_MAX_16BIT;
}
if (length) {
word16 slen = (word16)length;
if (CspEncryptRc4(CAVIUM_BLOCKING, arc4->contextHandle,CAVIUM_UPDATE,
slen, (byte*)in + offset, out + offset, &requestId,
arc4->devId) != 0) {
CYASSL_MSG("Bad Cavium Arc4 Encrypt");
}
}
}
#endif /* HAVE_CAVIUM */
#endif /* NO_ARC4 */

423
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/asm.c
View file

@ -1,6 +1,6 @@
/* asm.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,13 +16,15 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
/*
* Based on public domain TomsFastMath 0.10 by Tom St Denis, tomstdenis@iahu.ca,
* http://math.libtomcrypt.com
@ -41,7 +43,7 @@
mu = c[x] * mp
#define INNERMUL \
asm( \
__asm__( \
"movl %5,%%eax \n\t" \
"mull %4 \n\t" \
"addl %1,%%eax \n\t" \
@ -51,16 +53,16 @@ asm( \
"movl %%edx,%1 \n\t" \
:"=g"(_c[LO]), "=r"(cy) \
:"0"(_c[LO]), "1"(cy), "g"(mu), "g"(*tmpm++) \
: "%eax", "%edx", "%cc")
: "%eax", "%edx", "cc")
#define PROPCARRY \
asm( \
__asm__( \
"addl %1,%0 \n\t" \
"setb %%al \n\t" \
"movzbl %%al,%1 \n\t" \
:"=g"(_c[LO]), "=r"(cy) \
:"0"(_c[LO]), "1"(cy) \
: "%eax", "%cc")
: "%eax", "cc")
/******************************************************************/
#elif defined(TFM_X86_64)
@ -73,7 +75,7 @@ asm( \
mu = c[x] * mp
#define INNERMUL \
asm( \
__asm__( \
"movq %5,%%rax \n\t" \
"mulq %4 \n\t" \
"addq %1,%%rax \n\t" \
@ -83,10 +85,10 @@ asm( \
"movq %%rdx,%1 \n\t" \
:"=g"(_c[LO]), "=r"(cy) \
:"0"(_c[LO]), "1"(cy), "r"(mu), "r"(*tmpm++) \
: "%rax", "%rdx", "%cc")
: "%rax", "%rdx", "cc")
#define INNERMUL8 \
asm( \
__asm__( \
"movq 0(%5),%%rax \n\t" \
"movq 0(%2),%%r10 \n\t" \
"movq 0x8(%5),%%r11 \n\t" \
@ -176,17 +178,17 @@ asm( \
\
:"=r"(_c), "=r"(cy) \
: "0"(_c), "1"(cy), "g"(mu), "r"(tmpm)\
: "%rax", "%rdx", "%r10", "%r11", "%cc")
: "%rax", "%rdx", "%r10", "%r11", "cc")
#define PROPCARRY \
asm( \
__asm__( \
"addq %1,%0 \n\t" \
"setb %%al \n\t" \
"movzbq %%al,%1 \n\t" \
:"=g"(_c[LO]), "=r"(cy) \
:"0"(_c[LO]), "1"(cy) \
: "%rax", "%cc")
: "%rax", "cc")
/******************************************************************/
#elif defined(TFM_SSE2)
@ -200,13 +202,13 @@ asm( \
*/
#define MONT_START \
asm("movd %0,%%mm2"::"g"(mp))
__asm__("movd %0,%%mm2"::"g"(mp))
#define MONT_FINI \
asm("emms")
__asm__("emms")
#define LOOP_START \
asm( \
__asm__( \
"movd %0,%%mm1 \n\t" \
"pxor %%mm3,%%mm3 \n\t" \
"pmuludq %%mm2,%%mm1 \n\t" \
@ -214,7 +216,7 @@ asm( \
/* pmuludq on mmx registers does a 32x32->64 multiply. */
#define INNERMUL \
asm( \
__asm__( \
"movd %1,%%mm4 \n\t" \
"movd %2,%%mm0 \n\t" \
"paddq %%mm4,%%mm3 \n\t" \
@ -225,7 +227,7 @@ asm( \
:"=g"(_c[LO]) : "0"(_c[LO]), "g"(*tmpm++) );
#define INNERMUL8 \
asm( \
__asm__( \
"movd 0(%1),%%mm4 \n\t" \
"movd 0(%2),%%mm0 \n\t" \
"paddq %%mm4,%%mm3 \n\t" \
@ -295,16 +297,16 @@ asm( \
pointer */
#define LOOP_END \
asm( "movd %%mm3,%0 \n" :"=r"(cy))
__asm__( "movd %%mm3,%0 \n" :"=r"(cy))
#define PROPCARRY \
asm( \
__asm__( \
"addl %1,%0 \n\t" \
"setb %%al \n\t" \
"movzbl %%al,%1 \n\t" \
:"=g"(_c[LO]), "=r"(cy) \
:"0"(_c[LO]), "1"(cy) \
: "%eax", "%cc")
: "%eax", "cc")
/******************************************************************/
#elif defined(TFM_ARM)
@ -316,24 +318,56 @@ asm( \
#define LOOP_START \
mu = c[x] * mp
#ifdef __thumb__
#define INNERMUL \
asm( \
__asm__( \
" LDR r0,%1 \n\t" \
" ADDS r0,r0,%0 \n\t" \
" ITE CS \n\t" \
" MOVCS %0,#1 \n\t" \
" MOVCC %0,#0 \n\t" \
" UMLAL r0,%0,%3,%4 \n\t" \
" STR r0,%1 \n\t" \
:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(*tmpm++),"m"(_c[0]):"r0","cc");
#define PROPCARRY \
__asm__( \
" LDR r0,%1 \n\t" \
" ADDS r0,r0,%0 \n\t" \
" STR r0,%1 \n\t" \
" ITE CS \n\t" \
" MOVCS %0,#1 \n\t" \
" MOVCC %0,#0 \n\t" \
:"=r"(cy),"=m"(_c[0]):"0"(cy),"m"(_c[0]):"r0","cc");
/* TAO thumb mode uses ite (if then else) to detect carry directly
* fixed unmatched constraint warning by changing 1 to m */
#else /* __thumb__ */
#define INNERMUL \
__asm__( \
" LDR r0,%1 \n\t" \
" ADDS r0,r0,%0 \n\t" \
" MOVCS %0,#1 \n\t" \
" MOVCC %0,#0 \n\t" \
" UMLAL r0,%0,%3,%4 \n\t" \
" STR r0,%1 \n\t" \
:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(*tmpm++),"1"(_c[0]):"r0","%cc");
:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(*tmpm++),"1"(_c[0]):"r0","cc");
#define PROPCARRY \
asm( \
__asm__( \
" LDR r0,%1 \n\t" \
" ADDS r0,r0,%0 \n\t" \
" STR r0,%1 \n\t" \
" MOVCS %0,#1 \n\t" \
" MOVCC %0,#0 \n\t" \
:"=r"(cy),"=m"(_c[0]):"0"(cy),"1"(_c[0]):"r0","%cc");
:"=r"(cy),"=m"(_c[0]):"0"(cy),"1"(_c[0]):"r0","cc");
#endif /* __thumb__ */
#elif defined(TFM_PPC32)
@ -345,7 +379,7 @@ asm( \
mu = c[x] * mp
#define INNERMUL \
asm( \
__asm__( \
" mullw 16,%3,%4 \n\t" \
" mulhwu 17,%3,%4 \n\t" \
" addc 16,16,%0 \n\t" \
@ -354,16 +388,16 @@ asm( \
" addc 16,16,18 \n\t" \
" addze %0,17 \n\t" \
" stw 16,%1 \n\t" \
:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(tmpm[0]),"1"(_c[0]):"16", "17", "18","%cc"); ++tmpm;
:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(tmpm[0]),"1"(_c[0]):"16", "17", "18","cc"); ++tmpm;
#define PROPCARRY \
asm( \
__asm__( \
" lwz 16,%1 \n\t" \
" addc 16,16,%0 \n\t" \
" stw 16,%1 \n\t" \
" xor %0,%0,%0 \n\t" \
" addze %0,%0 \n\t" \
:"=r"(cy),"=m"(_c[0]):"0"(cy),"1"(_c[0]):"16","%cc");
:"=r"(cy),"=m"(_c[0]):"0"(cy),"1"(_c[0]):"16","cc");
#elif defined(TFM_PPC64)
@ -375,7 +409,7 @@ asm( \
mu = c[x] * mp
#define INNERMUL \
asm( \
__asm__( \
" mulld 16,%3,%4 \n\t" \
" mulhdu 17,%3,%4 \n\t" \
" addc 16,16,%0 \n\t" \
@ -384,16 +418,16 @@ asm( \
" addc 16,16,18 \n\t" \
" addze %0,17 \n\t" \
" sdx 16,0,%1 \n\t" \
:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(tmpm[0]),"1"(_c[0]):"16", "17", "18","%cc"); ++tmpm;
:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(tmpm[0]),"1"(_c[0]):"16", "17", "18","cc"); ++tmpm;
#define PROPCARRY \
asm( \
__asm__( \
" ldx 16,0,%1 \n\t" \
" addc 16,16,%0 \n\t" \
" sdx 16,0,%1 \n\t" \
" xor %0,%0,%0 \n\t" \
" addze %0,%0 \n\t" \
:"=r"(cy),"=m"(_c[0]):"0"(cy),"1"(_c[0]):"16","%cc");
:"=r"(cy),"=m"(_c[0]):"0"(cy),"1"(_c[0]):"16","cc");
/******************************************************************/
@ -407,7 +441,7 @@ asm( \
mu = c[x] * mp
#define INNERMUL \
asm( \
__asm__( \
" ld.w r2,%1 \n\t" \
" add r2,%0 \n\t" \
" eor r3,r3 \n\t" \
@ -418,13 +452,13 @@ asm( \
:"=r"(cy),"=r"(_c):"0"(cy),"r"(mu),"r"(*tmpm++),"1"(_c):"r2","r3");
#define PROPCARRY \
asm( \
__asm__( \
" ld.w r2,%1 \n\t" \
" add r2,%0 \n\t" \
" st.w %1,r2 \n\t" \
" eor %0,%0 \n\t" \
" acr %0 \n\t" \
:"=r"(cy),"=r"(&_c[0]):"0"(cy),"1"(&_c[0]):"r2","%cc");
:"=r"(cy),"=r"(&_c[0]):"0"(cy),"1"(&_c[0]):"r2","cc");
#else
@ -437,9 +471,10 @@ asm( \
#define INNERMUL \
do { fp_word t; \
_c[0] = t = ((fp_word)_c[0] + (fp_word)cy) + \
t = ((fp_word)_c[0] + (fp_word)cy) + \
(((fp_word)mu) * ((fp_word)*tmpm++)); \
cy = (t >> DIGIT_BIT); \
_c[0] = (fp_digit)t; \
cy = (fp_digit)(t >> DIGIT_BIT); \
} while (0)
#define PROPCARRY \
@ -475,16 +510,16 @@ asm( \
#define COMBA_FINI
#define SQRADD(i, j) \
asm( \
__asm__( \
"movl %6,%%eax \n\t" \
"mull %%eax \n\t" \
"addl %%eax,%0 \n\t" \
"adcl %%edx,%1 \n\t" \
"adcl $0,%2 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i) :"%eax","%edx","%cc");
:"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i) :"%eax","%edx","cc");
#define SQRADD2(i, j) \
asm( \
__asm__( \
"movl %6,%%eax \n\t" \
"mull %7 \n\t" \
"addl %%eax,%0 \n\t" \
@ -493,37 +528,37 @@ asm( \
"addl %%eax,%0 \n\t" \
"adcl %%edx,%1 \n\t" \
"adcl $0,%2 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j) :"%eax","%edx", "%cc");
:"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j) :"%eax","%edx", "cc");
#define SQRADDSC(i, j) \
asm( \
__asm__( \
"movl %3,%%eax \n\t" \
"mull %4 \n\t" \
"movl %%eax,%0 \n\t" \
"movl %%edx,%1 \n\t" \
"xorl %2,%2 \n\t" \
:"=r"(sc0), "=r"(sc1), "=r"(sc2): "g"(i), "g"(j) :"%eax","%edx","%cc");
:"=r"(sc0), "=r"(sc1), "=r"(sc2): "g"(i), "g"(j) :"%eax","%edx","cc");
/* TAO removed sc0,1,2 as input to remove warning so %6,%7 become %3,%4 */
#define SQRADDAC(i, j) \
asm( \
__asm__( \
"movl %6,%%eax \n\t" \
"mull %7 \n\t" \
"addl %%eax,%0 \n\t" \
"adcl %%edx,%1 \n\t" \
"adcl $0,%2 \n\t" \
:"=r"(sc0), "=r"(sc1), "=r"(sc2): "0"(sc0), "1"(sc1), "2"(sc2), "g"(i), "g"(j) :"%eax","%edx","%cc");
:"=r"(sc0), "=r"(sc1), "=r"(sc2): "0"(sc0), "1"(sc1), "2"(sc2), "g"(i), "g"(j) :"%eax","%edx","cc");
#define SQRADDDB \
asm( \
__asm__( \
"addl %6,%0 \n\t" \
"adcl %7,%1 \n\t" \
"adcl %8,%2 \n\t" \
"addl %6,%0 \n\t" \
"adcl %7,%1 \n\t" \
"adcl %8,%2 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1), "r"(sc2) : "%cc");
:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1), "r"(sc2) : "cc");
#elif defined(TFM_X86_64)
/* x86-64 optimized */
@ -545,16 +580,16 @@ asm( \
#define COMBA_FINI
#define SQRADD(i, j) \
asm( \
__asm__( \
"movq %6,%%rax \n\t" \
"mulq %%rax \n\t" \
"addq %%rax,%0 \n\t" \
"adcq %%rdx,%1 \n\t" \
"adcq $0,%2 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "g"(i) :"%rax","%rdx","%cc");
:"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "g"(i) :"%rax","%rdx","cc");
#define SQRADD2(i, j) \
asm( \
__asm__( \
"movq %6,%%rax \n\t" \
"mulq %7 \n\t" \
"addq %%rax,%0 \n\t" \
@ -563,37 +598,37 @@ asm( \
"addq %%rax,%0 \n\t" \
"adcq %%rdx,%1 \n\t" \
"adcq $0,%2 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "g"(i), "g"(j) :"%rax","%rdx","%cc");
:"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "g"(i), "g"(j) :"%rax","%rdx","cc");
#define SQRADDSC(i, j) \
asm( \
__asm__( \
"movq %3,%%rax \n\t" \
"mulq %4 \n\t" \
"movq %%rax,%0 \n\t" \
"movq %%rdx,%1 \n\t" \
"xorq %2,%2 \n\t" \
:"=r"(sc0), "=r"(sc1), "=r"(sc2): "g"(i), "g"(j) :"%rax","%rdx","%cc");
:"=r"(sc0), "=r"(sc1), "=r"(sc2): "g"(i), "g"(j) :"%rax","%rdx","cc");
/* TAO removed sc0,1,2 as input to remove warning so %6,%7 become %3,%4 */
#define SQRADDAC(i, j) \
asm( \
__asm__( \
"movq %6,%%rax \n\t" \
"mulq %7 \n\t" \
"addq %%rax,%0 \n\t" \
"adcq %%rdx,%1 \n\t" \
"adcq $0,%2 \n\t" \
:"=r"(sc0), "=r"(sc1), "=r"(sc2): "0"(sc0), "1"(sc1), "2"(sc2), "g"(i), "g"(j) :"%rax","%rdx","%cc");
:"=r"(sc0), "=r"(sc1), "=r"(sc2): "0"(sc0), "1"(sc1), "2"(sc2), "g"(i), "g"(j) :"%rax","%rdx","cc");
#define SQRADDDB \
asm( \
__asm__( \
"addq %6,%0 \n\t" \
"adcq %7,%1 \n\t" \
"adcq %8,%2 \n\t" \
"addq %6,%0 \n\t" \
"adcq %7,%1 \n\t" \
"adcq %8,%2 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1), "r"(sc2) : "%cc");
:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1), "r"(sc2) : "cc");
#elif defined(TFM_SSE2)
@ -613,10 +648,10 @@ asm( \
do { c0 = c1; c1 = c2; c2 = 0; } while (0);
#define COMBA_FINI \
asm("emms");
__asm__("emms");
#define SQRADD(i, j) \
asm( \
__asm__( \
"movd %6,%%mm0 \n\t" \
"pmuludq %%mm0,%%mm0\n\t" \
"movd %%mm0,%%eax \n\t" \
@ -625,10 +660,10 @@ asm( \
"movd %%mm0,%%eax \n\t" \
"adcl %%eax,%1 \n\t" \
"adcl $0,%2 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i) :"%eax","%cc");
:"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i) :"%eax","cc");
#define SQRADD2(i, j) \
asm( \
__asm__( \
"movd %6,%%mm0 \n\t" \
"movd %7,%%mm1 \n\t" \
"pmuludq %%mm1,%%mm0\n\t" \
@ -641,10 +676,10 @@ asm( \
"addl %%eax,%0 \n\t" \
"adcl %%edx,%1 \n\t" \
"adcl $0,%2 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j) :"%eax","%edx","%cc");
:"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j) :"%eax","%edx","cc");
#define SQRADDSC(i, j) \
asm( \
__asm__( \
"movd %3,%%mm0 \n\t" \
"movd %4,%%mm1 \n\t" \
"pmuludq %%mm1,%%mm0\n\t" \
@ -657,7 +692,7 @@ asm( \
/* TAO removed sc0,1,2 as input to remove warning so %6,%7 become %3,%4 */
#define SQRADDAC(i, j) \
asm( \
__asm__( \
"movd %6,%%mm0 \n\t" \
"movd %7,%%mm1 \n\t" \
"pmuludq %%mm1,%%mm0\n\t" \
@ -667,17 +702,17 @@ asm( \
"addl %%eax,%0 \n\t" \
"adcl %%edx,%1 \n\t" \
"adcl $0,%2 \n\t" \
:"=r"(sc0), "=r"(sc1), "=r"(sc2): "0"(sc0), "1"(sc1), "2"(sc2), "m"(i), "m"(j) :"%eax","%edx","%cc");
:"=r"(sc0), "=r"(sc1), "=r"(sc2): "0"(sc0), "1"(sc1), "2"(sc2), "m"(i), "m"(j) :"%eax","%edx","cc");
#define SQRADDDB \
asm( \
__asm__( \
"addl %6,%0 \n\t" \
"adcl %7,%1 \n\t" \
"adcl %8,%2 \n\t" \
"addl %6,%0 \n\t" \
"adcl %7,%1 \n\t" \
"adcl %8,%2 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1), "r"(sc2) : "%cc");
:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1), "r"(sc2) : "cc");
#elif defined(TFM_ARM)
@ -701,16 +736,16 @@ asm( \
/* multiplies point i and j, updates carry "c1" and digit c2 */
#define SQRADD(i, j) \
asm( \
__asm__( \
" UMULL r0,r1,%6,%6 \n\t" \
" ADDS %0,%0,r0 \n\t" \
" ADCS %1,%1,r1 \n\t" \
" ADC %2,%2,#0 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(i) : "r0", "r1", "%cc");
:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(i) : "r0", "r1", "cc");
/* for squaring some of the terms are doubled... */
#define SQRADD2(i, j) \
asm( \
__asm__( \
" UMULL r0,r1,%6,%7 \n\t" \
" ADDS %0,%0,r0 \n\t" \
" ADCS %1,%1,r1 \n\t" \
@ -718,31 +753,33 @@ asm( \
" ADDS %0,%0,r0 \n\t" \
" ADCS %1,%1,r1 \n\t" \
" ADC %2,%2,#0 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j) : "r0", "r1", "%cc");
:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j) : "r0", "r1", "cc");
#define SQRADDSC(i, j) \
asm( \
" UMULL %0,%1,%6,%7 \n\t" \
__asm__( \
" UMULL %0,%1,%3,%4 \n\t" \
" SUB %2,%2,%2 \n\t" \
:"=r"(sc0), "=r"(sc1), "=r"(sc2) : "0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j) : "%cc");
:"=r"(sc0), "=r"(sc1), "=r"(sc2) : "r"(i), "r"(j) : "cc");
/* TAO removed sc0,1,2 as input to remove warning so %6,%7 become %3,%4 */
#define SQRADDAC(i, j) \
asm( \
__asm__( \
" UMULL r0,r1,%6,%7 \n\t" \
" ADDS %0,%0,r0 \n\t" \
" ADCS %1,%1,r1 \n\t" \
" ADC %2,%2,#0 \n\t" \
:"=r"(sc0), "=r"(sc1), "=r"(sc2) : "0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j) : "r0", "r1", "%cc");
:"=r"(sc0), "=r"(sc1), "=r"(sc2) : "0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j) : "r0", "r1", "cc");
#define SQRADDDB \
asm( \
__asm__( \
" ADDS %0,%0,%3 \n\t" \
" ADCS %1,%1,%4 \n\t" \
" ADC %2,%2,%5 \n\t" \
" ADDS %0,%0,%3 \n\t" \
" ADCS %1,%1,%4 \n\t" \
" ADC %2,%2,%5 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "%cc");
:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "cc");
#elif defined(TFM_PPC32)
@ -766,17 +803,17 @@ asm( \
/* multiplies point i and j, updates carry "c1" and digit c2 */
#define SQRADD(i, j) \
asm( \
__asm__( \
" mullw 16,%6,%6 \n\t" \
" addc %0,%0,16 \n\t" \
" mulhwu 16,%6,%6 \n\t" \
" adde %1,%1,16 \n\t" \
" addze %2,%2 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i):"16","%cc");
:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i):"16","cc");
/* for squaring some of the terms are doubled... */
#define SQRADD2(i, j) \
asm( \
__asm__( \
" mullw 16,%6,%7 \n\t" \
" mulhwu 17,%6,%7 \n\t" \
" addc %0,%0,16 \n\t" \
@ -785,33 +822,33 @@ asm( \
" addc %0,%0,16 \n\t" \
" adde %1,%1,17 \n\t" \
" addze %2,%2 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"16", "17","%cc");
:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"16", "17","cc");
#define SQRADDSC(i, j) \
asm( \
__asm__( \
" mullw %0,%6,%7 \n\t" \
" mulhwu %1,%6,%7 \n\t" \
" xor %2,%2,%2 \n\t" \
:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i),"r"(j) : "%cc");
:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i),"r"(j) : "cc");
#define SQRADDAC(i, j) \
asm( \
__asm__( \
" mullw 16,%6,%7 \n\t" \
" addc %0,%0,16 \n\t" \
" mulhwu 16,%6,%7 \n\t" \
" adde %1,%1,16 \n\t" \
" addze %2,%2 \n\t" \
:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j):"16", "%cc");
:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j):"16", "cc");
#define SQRADDDB \
asm( \
__asm__( \
" addc %0,%0,%3 \n\t" \
" adde %1,%1,%4 \n\t" \
" adde %2,%2,%5 \n\t" \
" addc %0,%0,%3 \n\t" \
" adde %1,%1,%4 \n\t" \
" adde %2,%2,%5 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "%cc");
:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "cc");
#elif defined(TFM_PPC64)
/* PPC64 */
@ -834,17 +871,17 @@ asm( \
/* multiplies point i and j, updates carry "c1" and digit c2 */
#define SQRADD(i, j) \
asm( \
__asm__( \
" mulld 16,%6,%6 \n\t" \
" addc %0,%0,16 \n\t" \
" mulhdu 16,%6,%6 \n\t" \
" adde %1,%1,16 \n\t" \
" addze %2,%2 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i):"16","%cc");
:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i):"16","cc");
/* for squaring some of the terms are doubled... */
#define SQRADD2(i, j) \
asm( \
__asm__( \
" mulld 16,%6,%7 \n\t" \
" mulhdu 17,%6,%7 \n\t" \
" addc %0,%0,16 \n\t" \
@ -853,33 +890,33 @@ asm( \
" addc %0,%0,16 \n\t" \
" adde %1,%1,17 \n\t" \
" addze %2,%2 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"16", "17","%cc");
:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"16", "17","cc");
#define SQRADDSC(i, j) \
asm( \
__asm__( \
" mulld %0,%6,%7 \n\t" \
" mulhdu %1,%6,%7 \n\t" \
" xor %2,%2,%2 \n\t" \
:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i),"r"(j) : "%cc");
:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i),"r"(j) : "cc");
#define SQRADDAC(i, j) \
asm( \
__asm__( \
" mulld 16,%6,%7 \n\t" \
" addc %0,%0,16 \n\t" \
" mulhdu 16,%6,%7 \n\t" \
" adde %1,%1,16 \n\t" \
" addze %2,%2 \n\t" \
:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j):"16", "%cc");
:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j):"16", "cc");
#define SQRADDDB \
asm( \
__asm__( \
" addc %0,%0,%3 \n\t" \
" adde %1,%1,%4 \n\t" \
" adde %2,%2,%5 \n\t" \
" addc %0,%0,%3 \n\t" \
" adde %1,%1,%4 \n\t" \
" adde %2,%2,%5 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "%cc");
:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "cc");
#elif defined(TFM_AVR32)
@ -904,7 +941,7 @@ asm( \
/* multiplies point i and j, updates carry "c1" and digit c2 */
#define SQRADD(i, j) \
asm( \
__asm__( \
" mulu.d r2,%6,%6 \n\t" \
" add %0,%0,r2 \n\t" \
" adc %1,%1,r3 \n\t" \
@ -913,7 +950,7 @@ asm( \
/* for squaring some of the terms are doubled... */
#define SQRADD2(i, j) \
asm( \
__asm__( \
" mulu.d r2,%6,%7 \n\t" \
" add %0,%0,r2 \n\t" \
" adc %1,%1,r3 \n\t" \
@ -924,7 +961,7 @@ asm( \
:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"r2", "r3");
#define SQRADDSC(i, j) \
asm( \
__asm__( \
" mulu.d r2,%6,%7 \n\t" \
" mov %0,r2 \n\t" \
" mov %1,r3 \n\t" \
@ -932,7 +969,7 @@ asm( \
:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i),"r"(j) : "r2", "r3");
#define SQRADDAC(i, j) \
asm( \
__asm__( \
" mulu.d r2,%6,%7 \n\t" \
" add %0,%0,r2 \n\t" \
" adc %1,%1,r3 \n\t" \
@ -940,14 +977,14 @@ asm( \
:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j):"r2", "r3");
#define SQRADDDB \
asm( \
__asm__( \
" add %0,%0,%3 \n\t" \
" adc %1,%1,%4 \n\t" \
" adc %2,%2,%5 \n\t" \
" add %0,%0,%3 \n\t" \
" adc %1,%1,%4 \n\t" \
" adc %2,%2,%5 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "%cc");
:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "cc");
#else
@ -975,8 +1012,9 @@ asm( \
/* multiplies point i and j, updates carry "c1" and digit c2 */
#define SQRADD(i, j) \
do { fp_word t; \
t = c0 + ((fp_word)i) * ((fp_word)j); c0 = t; \
t = c1 + (t >> DIGIT_BIT); c1 = t; c2 += t >> DIGIT_BIT; \
t = c0 + ((fp_word)i) * ((fp_word)j); c0 = (fp_digit)t; \
t = c1 + (t >> DIGIT_BIT); c1 = (fp_digit)t; \
c2 +=(fp_digit) (t >> DIGIT_BIT); \
} while (0);
@ -984,10 +1022,12 @@ asm( \
#define SQRADD2(i, j) \
do { fp_word t; \
t = ((fp_word)i) * ((fp_word)j); \
tt = (fp_word)c0 + t; c0 = tt; \
tt = (fp_word)c1 + (tt >> DIGIT_BIT); c1 = tt; c2 += tt >> DIGIT_BIT; \
tt = (fp_word)c0 + t; c0 = tt; \
tt = (fp_word)c1 + (tt >> DIGIT_BIT); c1 = tt; c2 += tt >> DIGIT_BIT; \
tt = (fp_word)c0 + t; c0 = (fp_digit)tt; \
tt = (fp_word)c1 + (tt >> DIGIT_BIT); c1 = (fp_digit)tt; \
c2 +=(fp_digit)( tt >> DIGIT_BIT); \
tt = (fp_word)c0 + t; c0 = (fp_digit)tt; \
tt = (fp_word)c1 + (tt >> DIGIT_BIT); c1 = (fp_digit)tt; \
c2 +=(fp_digit) (tt >> DIGIT_BIT); \
} while (0);
#define SQRADDSC(i, j) \
@ -998,35 +1038,66 @@ asm( \
#define SQRADDAC(i, j) \
do { fp_word t; \
t = sc0 + ((fp_word)i) * ((fp_word)j); sc0 = t; \
t = sc1 + (t >> DIGIT_BIT); sc1 = t; sc2 += t >> DIGIT_BIT; \
t = sc0 + ((fp_word)i) * ((fp_word)j); sc0 = (fp_digit)t; \
t = sc1 + (t >> DIGIT_BIT); sc1 = (fp_digit)t; \
sc2 += (fp_digit)(t >> DIGIT_BIT); \
} while (0);
#define SQRADDDB \
do { fp_word t; \
t = ((fp_word)sc0) + ((fp_word)sc0) + c0; c0 = t; \
t = ((fp_word)sc1) + ((fp_word)sc1) + c1 + (t >> DIGIT_BIT); c1 = t; \
c2 = c2 + ((fp_word)sc2) + ((fp_word)sc2) + (t >> DIGIT_BIT); \
t = ((fp_word)sc0) + ((fp_word)sc0) + c0; c0 = (fp_digit)t; \
t = ((fp_word)sc1) + ((fp_word)sc1) + c1 + (t >> DIGIT_BIT); \
c1 = (fp_digit)t; \
c2 = c2 + (fp_digit)(((fp_word)sc2) + ((fp_word)sc2) + (t >> DIGIT_BIT)); \
} while (0);
#endif
#ifdef TFM_SMALL_SET
#include "fp_sqr_comba_small_set.i"
#include "fp_sqr_comba_3.i"
#include "fp_sqr_comba_4.i"
#include "fp_sqr_comba_6.i"
#include "fp_sqr_comba_7.i"
#include "fp_sqr_comba_8.i"
#include "fp_sqr_comba_9.i"
#include "fp_sqr_comba_12.i"
#include "fp_sqr_comba_17.i"
#include "fp_sqr_comba_20.i"
#include "fp_sqr_comba_24.i"
#include "fp_sqr_comba_28.i"
#include "fp_sqr_comba_32.i"
#include "fp_sqr_comba_48.i"
#include "fp_sqr_comba_64.i"
#include "fp_sqr_comba_small_set.i"
#endif
#if defined(TFM_SQR3)
#include "fp_sqr_comba_3.i"
#endif
#if defined(TFM_SQR4)
#include "fp_sqr_comba_4.i"
#endif
#if defined(TFM_SQR6)
#include "fp_sqr_comba_6.i"
#endif
#if defined(TFM_SQR7)
#include "fp_sqr_comba_7.i"
#endif
#if defined(TFM_SQR8)
#include "fp_sqr_comba_8.i"
#endif
#if defined(TFM_SQR9)
#include "fp_sqr_comba_9.i"
#endif
#if defined(TFM_SQR12)
#include "fp_sqr_comba_12.i"
#endif
#if defined(TFM_SQR17)
#include "fp_sqr_comba_17.i"
#endif
#if defined(TFM_SQR20)
#include "fp_sqr_comba_20.i"
#endif
#if defined(TFM_SQR24)
#include "fp_sqr_comba_24.i"
#endif
#if defined(TFM_SQR28)
#include "fp_sqr_comba_28.i"
#endif
#if defined(TFM_SQR32)
#include "fp_sqr_comba_32.i"
#endif
#if defined(TFM_SQR48)
#include "fp_sqr_comba_48.i"
#endif
#if defined(TFM_SQR64)
#include "fp_sqr_comba_64.i"
#endif
/* end fp_sqr_comba.c asm */
@ -1059,13 +1130,13 @@ asm( \
/* this should multiply i and j */
#define MULADD(i, j) \
asm( \
__asm__( \
"movl %6,%%eax \n\t" \
"mull %7 \n\t" \
"addl %%eax,%0 \n\t" \
"adcl %%edx,%1 \n\t" \
"adcl $0,%2 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j) :"%eax","%edx","%cc");
:"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j) :"%eax","%edx","cc");
#elif defined(TFM_X86_64)
/* x86-64 optimized */
@ -1094,13 +1165,13 @@ asm( \
/* this should multiply i and j */
#define MULADD(i, j) \
asm ( \
__asm__ ( \
"movq %6,%%rax \n\t" \
"mulq %7 \n\t" \
"addq %%rax,%0 \n\t" \
"adcq %%rdx,%1 \n\t" \
"adcq $0,%2 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "g"(i), "g"(j) :"%rax","%rdx","%cc");
:"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "g"(i), "g"(j) :"%rax","%rdx","cc");
#elif defined(TFM_SSE2)
/* use SSE2 optimizations */
@ -1126,11 +1197,11 @@ asm ( \
/* anything you need at the end */
#define COMBA_FINI \
asm("emms");
__asm__("emms");
/* this should multiply i and j */
#define MULADD(i, j) \
asm( \
__asm__( \
"movd %6,%%mm0 \n\t" \
"movd %7,%%mm1 \n\t" \
"pmuludq %%mm1,%%mm0\n\t" \
@ -1140,7 +1211,7 @@ asm( \
"movd %%mm0,%%eax \n\t" \
"adcl %%eax,%1 \n\t" \
"adcl $0,%2 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j) :"%eax","%cc");
:"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j) :"%eax","cc");
#elif defined(TFM_ARM)
/* ARM code */
@ -1162,12 +1233,12 @@ asm( \
#define COMBA_FINI
#define MULADD(i, j) \
asm( \
__asm__( \
" UMULL r0,r1,%6,%7 \n\t" \
" ADDS %0,%0,r0 \n\t" \
" ADCS %1,%1,r1 \n\t" \
" ADC %2,%2,#0 \n\t" \
:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j) : "r0", "r1", "%cc");
:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j) : "r0", "r1", "cc");
#elif defined(TFM_PPC32)
/* For 32-bit PPC */
@ -1190,7 +1261,7 @@ asm( \
/* untested: will mulhwu change the flags? Docs say no */
#define MULADD(i, j) \
asm( \
__asm__( \
" mullw 16,%6,%7 \n\t" \
" addc %0,%0,16 \n\t" \
" mulhwu 16,%6,%7 \n\t" \
@ -1219,7 +1290,7 @@ asm( \
/* untested: will mulhwu change the flags? Docs say no */
#define MULADD(i, j) \
asm( \
____asm__( \
" mulld 16,%6,%7 \n\t" \
" addc %0,%0,16 \n\t" \
" mulhdu 16,%6,%7 \n\t" \
@ -1248,7 +1319,7 @@ asm( \
#define COMBA_FINI
#define MULADD(i, j) \
asm( \
____asm__( \
" mulu.d r2,%6,%7 \n\t"\
" add %0,r2 \n\t"\
" adc %1,%1,r3 \n\t"\
@ -1274,31 +1345,61 @@ asm( \
#define COMBA_FINI
#define MULADD(i, j) \
do { fp_word t; \
t = (fp_word)c0 + ((fp_word)i) * ((fp_word)j); c0 = t; \
t = (fp_word)c1 + (t >> DIGIT_BIT); c1 = t; c2 += t >> DIGIT_BIT; \
#define MULADD(i, j) \
do { fp_word t; \
t = (fp_word)c0 + ((fp_word)i) * ((fp_word)j); c0 = (fp_digit)t; \
t = (fp_word)c1 + (t >> DIGIT_BIT); \
c1 = (fp_digit)t; c2 += (fp_digit)(t >> DIGIT_BIT); \
} while (0);
#endif
#ifdef TFM_SMALL_SET
#include "fp_mul_comba_small_set.i"
#include "fp_mul_comba_3.i"
#include "fp_mul_comba_4.i"
#include "fp_mul_comba_6.i"
#include "fp_mul_comba_7.i"
#include "fp_mul_comba_8.i"
#include "fp_mul_comba_9.i"
#include "fp_mul_comba_12.i"
#include "fp_mul_comba_17.i"
#include "fp_mul_comba_20.i"
#include "fp_mul_comba_24.i"
#include "fp_mul_comba_28.i"
#include "fp_mul_comba_32.i"
#include "fp_mul_comba_48.i"
#include "fp_mul_comba_64.i"
#include "fp_mul_comba_small_set.i"
#endif
#if defined(TFM_MUL3)
#include "fp_mul_comba_3.i"
#endif
#if defined(TFM_MUL4)
#include "fp_mul_comba_4.i"
#endif
#if defined(TFM_MUL6)
#include "fp_mul_comba_6.i"
#endif
#if defined(TFM_MUL7)
#include "fp_mul_comba_7.i"
#endif
#if defined(TFM_MUL8)
#include "fp_mul_comba_8.i"
#endif
#if defined(TFM_MUL9)
#include "fp_mul_comba_9.i"
#endif
#if defined(TFM_MUL12)
#include "fp_mul_comba_12.i"
#endif
#if defined(TFM_MUL17)
#include "fp_mul_comba_17.i"
#endif
#if defined(TFM_MUL20)
#include "fp_mul_comba_20.i"
#endif
#if defined(TFM_MUL24)
#include "fp_mul_comba_24.i"
#endif
#if defined(TFM_MUL28)
#include "fp_mul_comba_28.i"
#endif
#if defined(TFM_MUL32)
#include "fp_mul_comba_32.i"
#endif
#if defined(TFM_MUL48)
#include "fp_mul_comba_48.i"
#endif
#if defined(TFM_MUL64)
#include "fp_mul_comba_64.i"
#endif
/* end fp_mul_comba.c asm */

4966
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/asn.c
View file

File diff suppressed because it is too large Load diff

433
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/blake2b.c Normal file
View file

@ -0,0 +1,433 @@
/*
BLAKE2 reference source code package - reference C implementations
Written in 2012 by Samuel Neves <sneves@dei.uc.pt>
To the extent possible under law, the author(s) have dedicated all copyright
and related and neighboring rights to this software to the public domain
worldwide. This software is distributed without any warranty.
You should have received a copy of the CC0 Public Domain Dedication along with
this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
*/
/* blake2b.c
*
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#ifdef HAVE_BLAKE2
#include <cyassl/ctaocrypt/blake2.h>
#include <cyassl/ctaocrypt/blake2-impl.h>
static const word64 blake2b_IV[8] =
{
0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL,
0x3c6ef372fe94f82bULL, 0xa54ff53a5f1d36f1ULL,
0x510e527fade682d1ULL, 0x9b05688c2b3e6c1fULL,
0x1f83d9abfb41bd6bULL, 0x5be0cd19137e2179ULL
};
static const byte blake2b_sigma[12][16] =
{
{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } ,
{ 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } ,
{ 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 } ,
{ 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 } ,
{ 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 } ,
{ 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 } ,
{ 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 } ,
{ 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 } ,
{ 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 } ,
{ 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0 } ,
{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } ,
{ 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 }
};
static INLINE int blake2b_set_lastnode( blake2b_state *S )
{
S->f[1] = ~0ULL;
return 0;
}
/* Some helper functions, not necessarily useful */
static INLINE int blake2b_set_lastblock( blake2b_state *S )
{
if( S->last_node ) blake2b_set_lastnode( S );
S->f[0] = ~0ULL;
return 0;
}
static INLINE int blake2b_increment_counter( blake2b_state *S, const word64
inc )
{
S->t[0] += inc;
S->t[1] += ( S->t[0] < inc );
return 0;
}
static INLINE int blake2b_init0( blake2b_state *S )
{
int i;
XMEMSET( S, 0, sizeof( blake2b_state ) );
for( i = 0; i < 8; ++i ) S->h[i] = blake2b_IV[i];
return 0;
}
/* init xors IV with input parameter block */
int blake2b_init_param( blake2b_state *S, const blake2b_param *P )
{
word32 i;
blake2b_init0( S );
byte *p = ( byte * )( P );
/* IV XOR ParamBlock */
for( i = 0; i < 8; ++i )
S->h[i] ^= load64( p + sizeof( S->h[i] ) * i );
return 0;
}
int blake2b_init( blake2b_state *S, const byte outlen )
{
blake2b_param P[1];
if ( ( !outlen ) || ( outlen > BLAKE2B_OUTBYTES ) ) return -1;
P->digest_length = outlen;
P->key_length = 0;
P->fanout = 1;
P->depth = 1;
store32( &P->leaf_length, 0 );
store64( &P->node_offset, 0 );
P->node_depth = 0;
P->inner_length = 0;
XMEMSET( P->reserved, 0, sizeof( P->reserved ) );
XMEMSET( P->salt, 0, sizeof( P->salt ) );
XMEMSET( P->personal, 0, sizeof( P->personal ) );
return blake2b_init_param( S, P );
}
int blake2b_init_key( blake2b_state *S, const byte outlen, const void *key,
const byte keylen )
{
blake2b_param P[1];
if ( ( !outlen ) || ( outlen > BLAKE2B_OUTBYTES ) ) return -1;
if ( !key || !keylen || keylen > BLAKE2B_KEYBYTES ) return -1;
P->digest_length = outlen;
P->key_length = keylen;
P->fanout = 1;
P->depth = 1;
store32( &P->leaf_length, 0 );
store64( &P->node_offset, 0 );
P->node_depth = 0;
P->inner_length = 0;
XMEMSET( P->reserved, 0, sizeof( P->reserved ) );
XMEMSET( P->salt, 0, sizeof( P->salt ) );
XMEMSET( P->personal, 0, sizeof( P->personal ) );
if( blake2b_init_param( S, P ) < 0 ) return -1;
{
#ifdef CYASSL_SMALL_STACK
byte* block;
block = (byte*)XMALLOC(BLAKE2B_BLOCKBYTES, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if ( block == NULL ) return -1;
#else
byte block[BLAKE2B_BLOCKBYTES];
#endif
XMEMSET( block, 0, BLAKE2B_BLOCKBYTES );
XMEMCPY( block, key, keylen );
blake2b_update( S, block, BLAKE2B_BLOCKBYTES );
secure_zero_memory( block, BLAKE2B_BLOCKBYTES ); /* Burn the key from */
/* memory */
#ifdef CYASSL_SMALL_STACK
XFREE(block, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
}
return 0;
}
static int blake2b_compress( blake2b_state *S,
const byte block[BLAKE2B_BLOCKBYTES] )
{
int i;
#ifdef CYASSL_SMALL_STACK
word64* m;
word64* v;
m = (word64*)XMALLOC(sizeof(word64) * 16, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if ( m == NULL ) return -1;
v = (word64*)XMALLOC(sizeof(word64) * 16, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if ( v == NULL )
{
XFREE(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return -1;
}
#else
word64 m[16];
word64 v[16];
#endif
for( i = 0; i < 16; ++i )
m[i] = load64( block + i * sizeof( m[i] ) );
for( i = 0; i < 8; ++i )
v[i] = S->h[i];
v[ 8] = blake2b_IV[0];
v[ 9] = blake2b_IV[1];
v[10] = blake2b_IV[2];
v[11] = blake2b_IV[3];
v[12] = S->t[0] ^ blake2b_IV[4];
v[13] = S->t[1] ^ blake2b_IV[5];
v[14] = S->f[0] ^ blake2b_IV[6];
v[15] = S->f[1] ^ blake2b_IV[7];
#define G(r,i,a,b,c,d) \
do { \
a = a + b + m[blake2b_sigma[r][2*i+0]]; \
d = rotr64(d ^ a, 32); \
c = c + d; \
b = rotr64(b ^ c, 24); \
a = a + b + m[blake2b_sigma[r][2*i+1]]; \
d = rotr64(d ^ a, 16); \
c = c + d; \
b = rotr64(b ^ c, 63); \
} while(0)
#define ROUND(r) \
do { \
G(r,0,v[ 0],v[ 4],v[ 8],v[12]); \
G(r,1,v[ 1],v[ 5],v[ 9],v[13]); \
G(r,2,v[ 2],v[ 6],v[10],v[14]); \
G(r,3,v[ 3],v[ 7],v[11],v[15]); \
G(r,4,v[ 0],v[ 5],v[10],v[15]); \
G(r,5,v[ 1],v[ 6],v[11],v[12]); \
G(r,6,v[ 2],v[ 7],v[ 8],v[13]); \
G(r,7,v[ 3],v[ 4],v[ 9],v[14]); \
} while(0)
ROUND( 0 );
ROUND( 1 );
ROUND( 2 );
ROUND( 3 );
ROUND( 4 );
ROUND( 5 );
ROUND( 6 );
ROUND( 7 );
ROUND( 8 );
ROUND( 9 );
ROUND( 10 );
ROUND( 11 );
for( i = 0; i < 8; ++i )
S->h[i] = S->h[i] ^ v[i] ^ v[i + 8];
#undef G
#undef ROUND
#ifdef CYASSL_SMALL_STACK
XFREE(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(v, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return 0;
}
/* inlen now in bytes */
int blake2b_update( blake2b_state *S, const byte *in, word64 inlen )
{
while( inlen > 0 )
{
word64 left = S->buflen;
word64 fill = 2 * BLAKE2B_BLOCKBYTES - left;
if( inlen > fill )
{
XMEMCPY( S->buf + left, in, (word)fill ); /* Fill buffer */
S->buflen += fill;
blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES );
if ( blake2b_compress( S, S->buf ) < 0 ) return -1; /* Compress */
XMEMCPY( S->buf, S->buf + BLAKE2B_BLOCKBYTES, BLAKE2B_BLOCKBYTES );
/* Shift buffer left */
S->buflen -= BLAKE2B_BLOCKBYTES;
in += fill;
inlen -= fill;
}
else /* inlen <= fill */
{
XMEMCPY( S->buf + left, in, (word)inlen );
S->buflen += inlen; /* Be lazy, do not compress */
in += inlen;
inlen -= inlen;
}
}
return 0;
}
/* Is this correct? */
int blake2b_final( blake2b_state *S, byte *out, byte outlen )
{
byte buffer[BLAKE2B_OUTBYTES];
int i;
if( S->buflen > BLAKE2B_BLOCKBYTES )
{
blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES );
if ( blake2b_compress( S, S->buf ) < 0 ) return -1;
S->buflen -= BLAKE2B_BLOCKBYTES;
XMEMCPY( S->buf, S->buf + BLAKE2B_BLOCKBYTES, (word)S->buflen );
}
blake2b_increment_counter( S, S->buflen );
blake2b_set_lastblock( S );
XMEMSET( S->buf + S->buflen, 0, (word)(2 * BLAKE2B_BLOCKBYTES - S->buflen) );
/* Padding */
if ( blake2b_compress( S, S->buf ) < 0 ) return -1;
for( i = 0; i < 8; ++i ) /* Output full hash to temp buffer */
store64( buffer + sizeof( S->h[i] ) * i, S->h[i] );
XMEMCPY( out, buffer, outlen );
return 0;
}
/* inlen, at least, should be word64. Others can be size_t. */
int blake2b( byte *out, const void *in, const void *key, const byte outlen,
const word64 inlen, byte keylen )
{
blake2b_state S[1];
/* Verify parameters */
if ( NULL == in ) return -1;
if ( NULL == out ) return -1;
if( NULL == key ) keylen = 0;
if( keylen > 0 )
{
if( blake2b_init_key( S, outlen, key, keylen ) < 0 ) return -1;
}
else
{
if( blake2b_init( S, outlen ) < 0 ) return -1;
}
if ( blake2b_update( S, ( byte * )in, inlen ) < 0) return -1;
return blake2b_final( S, out, outlen );
}
#if defined(BLAKE2B_SELFTEST)
#include <string.h>
#include "blake2-kat.h"
int main( int argc, char **argv )
{
byte key[BLAKE2B_KEYBYTES];
byte buf[KAT_LENGTH];
for( word32 i = 0; i < BLAKE2B_KEYBYTES; ++i )
key[i] = ( byte )i;
for( word32 i = 0; i < KAT_LENGTH; ++i )
buf[i] = ( byte )i;
for( word32 i = 0; i < KAT_LENGTH; ++i )
{
byte hash[BLAKE2B_OUTBYTES];
if ( blake2b( hash, buf, key, BLAKE2B_OUTBYTES, i, BLAKE2B_KEYBYTES ) < 0 )
{
puts( "error" );
return -1;
}
if( 0 != memcmp( hash, blake2b_keyed_kat[i], BLAKE2B_OUTBYTES ) )
{
puts( "error" );
return -1;
}
}
puts( "ok" );
return 0;
}
#endif
/* CTaoCrypt API */
/* Init Blake2b digest, track size incase final doesn't want to "remember" */
int InitBlake2b(Blake2b* b2b, word32 digestSz)
{
b2b->digestSz = digestSz;
return blake2b_init(b2b->S, (byte)digestSz);
}
/* Blake2b Update */
int Blake2bUpdate(Blake2b* b2b, const byte* data, word32 sz)
{
return blake2b_update(b2b->S, data, sz);
}
/* Blake2b Final, if pass in zero size we use init digestSz */
int Blake2bFinal(Blake2b* b2b, byte* final, word32 requestSz)
{
word32 sz = requestSz ? requestSz : b2b->digestSz;
return blake2b_final(b2b->S, final, (byte)sz);
}
/* end CTaoCrypt API */
#endif /* HAVE_BLAKE2 */

1621
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/camellia.c Normal file
View file

File diff suppressed because it is too large Load diff

206
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/coding.c
View file

@ -1,6 +1,6 @@
/* coding.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,15 +16,19 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#ifndef NO_CODING
#include <cyassl/ctaocrypt/coding.h>
#include <cyassl/ctaocrypt/error.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#include <cyassl/ctaocrypt/logging.h>
@ -91,9 +95,9 @@ int Base64_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
e3 = (e3 == PAD) ? 0 : base64Decode[e3 - 0x2B];
e4 = (e4 == PAD) ? 0 : base64Decode[e4 - 0x2B];
b1 = (e1 << 2) | (e2 >> 4);
b2 = ((e2 & 0xF) << 4) | (e3 >> 2);
b3 = ((e3 & 0x3) << 6) | e4;
b1 = (byte)((e1 << 2) | (e2 >> 4));
b2 = (byte)(((e2 & 0xF) << 4) | (e3 >> 2));
b3 = (byte)(((e3 & 0x3) << 6) | e4);
out[i++] = b1;
if (!pad3)
@ -104,16 +108,18 @@ int Base64_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
break;
inLen -= 4;
if (in[j] == ' ' || in[j] == '\r' || in[j] == '\n') {
if (inLen && (in[j] == ' ' || in[j] == '\r' || in[j] == '\n')) {
byte endLine = in[j++];
inLen--;
while (endLine == ' ') { /* allow trailing whitespace */
while (inLen && endLine == ' ') { /* allow trailing whitespace */
endLine = in[j++];
inLen--;
}
if (endLine == '\r') {
endLine = in[j++];
inLen--;
if (inLen) {
endLine = in[j++];
inLen--;
}
}
if (endLine != '\n') {
CYASSL_MSG("Bad end of line in Base64 Decode");
@ -141,16 +147,101 @@ const byte base64Encode[] = { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J',
};
/* porting assistance from yaSSL by Raphael HUCK */
int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
/* make sure *i (idx) won't exceed max, store and possibly escape to out,
* raw means use e w/o decode, 0 on success */
static int CEscape(int escaped, byte e, byte* out, word32* i, word32 max,
int raw)
{
int doEscape = 0;
word32 needed = 1;
word32 idx = *i;
byte basic;
byte plus = 0;
byte equals = 0;
byte newline = 0;
if (raw)
basic = e;
else
basic = base64Encode[e];
/* check whether to escape */
if (escaped) {
switch ((char)basic) {
case '+' :
plus = 1;
doEscape = 1;
needed += 2;
break;
case '=' :
equals = 1;
doEscape = 1;
needed += 2;
break;
case '\n' :
newline = 1;
doEscape = 1;
needed += 2;
break;
default:
/* do nothing */
break;
}
}
/* check size */
if ( (idx+needed) > max) {
CYASSL_MSG("Escape buffer max too small");
return BUFFER_E;
}
/* store it */
if (doEscape == 0) {
out[idx++] = basic;
}
else {
out[idx++] = '%'; /* start escape */
if (plus) {
out[idx++] = '2';
out[idx++] = 'B';
}
else if (equals) {
out[idx++] = '3';
out[idx++] = 'D';
}
else if (newline) {
out[idx++] = '0';
out[idx++] = 'A';
}
}
*i = idx;
return 0;
}
/* internal worker, handles both escaped and normal line endings */
static int DoBase64_Encode(const byte* in, word32 inLen, byte* out,
word32* outLen, int escaped)
{
int ret = 0;
word32 i = 0,
j = 0,
n = 0; /* new line counter */
word32 outSz = (inLen + 3 - 1) / 3 * 4;
outSz += (outSz + PEM_LINE_SZ - 1) / PEM_LINE_SZ; /* new lines */
word32 addSz = (outSz + PEM_LINE_SZ - 1) / PEM_LINE_SZ; /* new lines */
if (escaped)
addSz *= 3; /* instead of just \n, we're doing %0A triplet */
outSz += addSz;
/* if escaped we can't predetermine size for one pass encoding, but
* make sure we have enough if no escapes are in input */
if (outSz > *outLen) return BAD_FUNC_ARG;
while (inLen > 2) {
@ -160,52 +251,93 @@ int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
/* encoded idx */
byte e1 = b1 >> 2;
byte e2 = ((b1 & 0x3) << 4) | (b2 >> 4);
byte e3 = ((b2 & 0xF) << 2) | (b3 >> 6);
byte e2 = (byte)(((b1 & 0x3) << 4) | (b2 >> 4));
byte e3 = (byte)(((b2 & 0xF) << 2) | (b3 >> 6));
byte e4 = b3 & 0x3F;
/* store */
out[i++] = base64Encode[e1];
out[i++] = base64Encode[e2];
out[i++] = base64Encode[e3];
out[i++] = base64Encode[e4];
ret = CEscape(escaped, e1, out, &i, *outLen, 0);
if (ret != 0) break;
ret = CEscape(escaped, e2, out, &i, *outLen, 0);
if (ret != 0) break;
ret = CEscape(escaped, e3, out, &i, *outLen, 0);
if (ret != 0) break;
ret = CEscape(escaped, e4, out, &i, *outLen, 0);
if (ret != 0) break;
inLen -= 3;
if ((++n % (PEM_LINE_SZ / 4)) == 0 && inLen)
out[i++] = '\n';
if ((++n % (PEM_LINE_SZ / 4)) == 0 && inLen) {
ret = CEscape(escaped, '\n', out, &i, *outLen, 1);
if (ret != 0) break;
}
}
/* last integral */
if (inLen) {
if (inLen && ret == 0) {
int twoBytes = (inLen == 2);
byte b1 = in[j++];
byte b2 = (twoBytes) ? in[j++] : 0;
byte e1 = b1 >> 2;
byte e2 = ((b1 & 0x3) << 4) | (b2 >> 4);
byte e3 = (b2 & 0xF) << 2;
byte e2 = (byte)(((b1 & 0x3) << 4) | (b2 >> 4));
byte e3 = (byte)((b2 & 0xF) << 2);
out[i++] = base64Encode[e1];
out[i++] = base64Encode[e2];
out[i++] = (twoBytes) ? base64Encode[e3] : PAD;
out[i++] = PAD;
ret = CEscape(escaped, e1, out, &i, *outLen, 0);
if (ret == 0)
ret = CEscape(escaped, e2, out, &i, *outLen, 0);
if (ret == 0) {
/* third */
if (twoBytes)
ret = CEscape(escaped, e3, out, &i, *outLen, 0);
else
ret = CEscape(escaped, '=', out, &i, *outLen, 1);
}
/* fourth always pad */
if (ret == 0)
ret = CEscape(escaped, '=', out, &i, *outLen, 1);
}
out[i++] = '\n';
if (i != outSz)
return ASN_INPUT_E;
*outLen = outSz;
if (ret == 0)
ret = CEscape(escaped, '\n', out, &i, *outLen, 1);
return 0;
if (i != outSz && escaped == 0 && ret == 0)
return ASN_INPUT_E;
*outLen = i;
return ret;
}
/* Base64 Encode, PEM style, with \n line endings */
int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
{
return DoBase64_Encode(in, inLen, out, outLen, 0);
}
/* Base64 Encode, with %0A esacped line endings instead of \n */
int Base64_EncodeEsc(const byte* in, word32 inLen, byte* out, word32* outLen)
{
return DoBase64_Encode(in, inLen, out, outLen, 1);
}
#endif /* defined(OPENSSL_EXTRA) || defined (SESSION_CERTS) || defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN) || defined(HAVE_WEBSERVER) */
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(HAVE_FIPS)
static
const byte hexDecode[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,
BAD, BAD, BAD, BAD, BAD, BAD, BAD,
10, 11, 12, 13, 14, 15
10, 11, 12, 13, 14, 15, /* upper case A-F */
BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD,
BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD,
BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD,
BAD, BAD, /* G - ` */
10, 11, 12, 13, 14, 15 /* lower case a-f */
}; /* A starts at 0x41 not 0x3A */
int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
@ -253,7 +385,7 @@ int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
if (b == BAD || b2 == BAD)
return ASN_INPUT_E;
out[outIdx++] = (b << 4) | b2;
out[outIdx++] = (byte)((b << 4) | b2);
inLen -= 2;
}
@ -262,4 +394,6 @@ int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
}
#endif /* OPENSSL_EXTRA */
#endif /* (OPENSSL_EXTRA) || (HAVE_WEBSERVER) || (HAVE_FIPS) */
#endif /* NO_CODING */

169
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/compress.c Normal file
View file

@ -0,0 +1,169 @@
/* compress.c
*
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#ifdef HAVE_LIBZ
#include <cyassl/ctaocrypt/compress.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#include <cyassl/ctaocrypt/logging.h>
#ifdef NO_INLINE
#include <cyassl/ctaocrypt/misc.h>
#else
#include <ctaocrypt/src/misc.c>
#endif
#include <zlib.h>
/* alloc user allocs to work with zlib */
static void* myAlloc(void* opaque, unsigned int item, unsigned int size)
{
(void)opaque;
return XMALLOC(item * size, opaque, DYNAMIC_TYPE_LIBZ);
}
static void myFree(void* opaque, void* memory)
{
(void)opaque;
XFREE(memory, opaque, DYNAMIC_TYPE_LIBZ);
}
#ifdef HAVE_MCAPI
#define DEFLATE_DEFAULT_WINDOWBITS 11
#define DEFLATE_DEFAULT_MEMLEVEL 1
#else
#define DEFLATE_DEFAULT_WINDOWBITS 15
#define DEFLATE_DEFAULT_MEMLEVEL 8
#endif
int Compress(byte* out, word32 outSz, const byte* in, word32 inSz, word32 flags)
/*
* out - pointer to destination buffer
* outSz - size of destination buffer
* in - pointer to source buffer to compress
* inSz - size of source to compress
* flags - flags to control how compress operates
*
* return:
* negative - error code
* positive - bytes stored in out buffer
*
* Note, the output buffer still needs to be larger than the input buffer.
* The right chunk of data won't compress at all, and the lookup table will
* add to the size of the output. The libz code says the compressed
* buffer should be srcSz + 0.1% + 12.
*/
{
z_stream stream;
int result = 0;
stream.next_in = (Bytef*)in;
stream.avail_in = (uInt)inSz;
#ifdef MAXSEG_64K
/* Check for source > 64K on 16-bit machine: */
if ((uLong)stream.avail_in != inSz) return COMPRESS_INIT_E;
#endif
stream.next_out = out;
stream.avail_out = (uInt)outSz;
if ((uLong)stream.avail_out != outSz) return COMPRESS_INIT_E;
stream.zalloc = (alloc_func)myAlloc;
stream.zfree = (free_func)myFree;
stream.opaque = (voidpf)0;
if (deflateInit2(&stream, Z_DEFAULT_COMPRESSION, Z_DEFLATED,
DEFLATE_DEFAULT_WINDOWBITS, DEFLATE_DEFAULT_MEMLEVEL,
flags ? Z_FIXED : Z_DEFAULT_STRATEGY) != Z_OK)
return COMPRESS_INIT_E;
if (deflate(&stream, Z_FINISH) != Z_STREAM_END) {
deflateEnd(&stream);
return COMPRESS_E;
}
result = (int)stream.total_out;
if (deflateEnd(&stream) != Z_OK)
result = COMPRESS_E;
return result;
}
int DeCompress(byte* out, word32 outSz, const byte* in, word32 inSz)
/*
* out - pointer to destination buffer
* outSz - size of destination buffer
* in - pointer to source buffer to compress
* inSz - size of source to compress
* flags - flags to control how compress operates
*
* return:
* negative - error code
* positive - bytes stored in out buffer
*/
{
z_stream stream;
int result = 0;
stream.next_in = (Bytef*)in;
stream.avail_in = (uInt)inSz;
/* Check for source > 64K on 16-bit machine: */
if ((uLong)stream.avail_in != inSz) return DECOMPRESS_INIT_E;
stream.next_out = out;
stream.avail_out = (uInt)outSz;
if ((uLong)stream.avail_out != outSz) return DECOMPRESS_INIT_E;
stream.zalloc = (alloc_func)myAlloc;
stream.zfree = (free_func)myFree;
stream.opaque = (voidpf)0;
if (inflateInit2(&stream, DEFLATE_DEFAULT_WINDOWBITS) != Z_OK)
return DECOMPRESS_INIT_E;
if (inflate(&stream, Z_FINISH) != Z_STREAM_END) {
inflateEnd(&stream);
return DECOMPRESS_E;
}
result = (int)stream.total_out;
if (inflateEnd(&stream) != Z_OK)
result = DECOMPRESS_E;
return result;
}
#endif /* HAVE_LIBZ */

1151
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/des3.c
View file

File diff suppressed because it is too large Load diff

25
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/dh.c
View file

@ -1,6 +1,6 @@
/* dh.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,17 +16,19 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#ifndef NO_DH
#include <cyassl/ctaocrypt/dh.h>
#include <cyassl/ctaocrypt/error.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#ifndef USER_MATH_LIB
#include <math.h>
@ -80,15 +82,22 @@ static word32 DiscreteLogWorkFactor(word32 n)
}
static void GeneratePrivate(DhKey* key, RNG* rng, byte* priv, word32* privSz)
static int GeneratePrivate(DhKey* key, RNG* rng, byte* priv, word32* privSz)
{
int ret;
word32 sz = mp_unsigned_bin_size(&key->p);
sz = min(sz, 2 * DiscreteLogWorkFactor(sz * BIT_SIZE) / BIT_SIZE + 1);
sz = min(sz, 2 * DiscreteLogWorkFactor(sz * CYASSL_BIT_SIZE) /
CYASSL_BIT_SIZE + 1);
ret = RNG_GenerateBlock(rng, priv, sz);
if (ret != 0)
return ret;
RNG_GenerateBlock(rng, priv, sz);
priv[0] |= 0x0C;
*privSz = sz;
return 0;
}
@ -125,9 +134,9 @@ static int GeneratePublic(DhKey* key, const byte* priv, word32 privSz,
int DhGenerateKeyPair(DhKey* key, RNG* rng, byte* priv, word32* privSz,
byte* pub, word32* pubSz)
{
GeneratePrivate(key, rng, priv, privSz);
return GeneratePublic(key, priv, *privSz, pub, pubSz);
int ret = GeneratePrivate(key, rng, priv, privSz);
return (ret != 0) ? ret : GeneratePublic(key, priv, *privSz, pub, pubSz);
}
int DhAgree(DhKey* key, byte* agree, word32* agreeSz, const byte* priv,

23
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/dsa.c
View file

@ -1,6 +1,6 @@
/* dsa.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,19 +16,21 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#ifndef NO_DSA
#include <cyassl/ctaocrypt/dsa.h>
#include <cyassl/ctaocrypt/sha.h>
#include <cyassl/ctaocrypt/random.h>
#include <cyassl/ctaocrypt/error.h>
#include <cyassl/ctaocrypt/error-crypt.h>
enum {
@ -81,22 +83,25 @@ void FreeDsaKey(DsaKey* key)
int DsaSign(const byte* digest, byte* out, DsaKey* key, RNG* rng)
{
mp_int k, kInv, r, s, H;
int ret = 0, sz;
int ret, sz;
byte buffer[DSA_HALF_SIZE];
if (mp_init_multi(&k, &kInv, &r, &s, &H, 0) != MP_OKAY)
return MP_INIT_E;
sz = min(sizeof(buffer), mp_unsigned_bin_size(&key->q));
/* generate k */
RNG_GenerateBlock(rng, buffer, sz);
ret = RNG_GenerateBlock(rng, buffer, sz);
if (ret != 0)
return ret;
buffer[0] |= 0x0C;
if (mp_init_multi(&k, &kInv, &r, &s, &H, 0) != MP_OKAY)
return MP_INIT_E;
if (mp_read_unsigned_bin(&k, buffer, sz) != MP_OKAY)
ret = MP_READ_E;
if (mp_cmp_d(&k, 1) != MP_GT)
if (ret == 0 && mp_cmp_d(&k, 1) != MP_GT)
ret = MP_CMP_E;
/* inverse k mod q */

4157
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/ecc.c
View file

File diff suppressed because it is too large Load diff

295
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/error.c Normal file
View file

@ -0,0 +1,295 @@
/* error.c
*
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#ifdef _MSC_VER
/* 4996 warning to use MS extensions e.g., strcpy_s instead of XSTRNCPY */
#pragma warning(disable: 4996)
#endif
const char* CTaoCryptGetErrorString(int error)
{
#ifdef NO_ERROR_STRINGS
(void)error;
return "no support for error strings built in";
#else
switch (error) {
case OPEN_RAN_E :
return "opening random device error";
case READ_RAN_E :
return "reading random device error";
case WINCRYPT_E :
return "windows crypt init error";
case CRYPTGEN_E :
return "windows crypt generation error";
case RAN_BLOCK_E :
return "random device read would block error";
case BAD_MUTEX_E :
return "Bad mutex, operation failed";
case MP_INIT_E :
return "mp_init error state";
case MP_READ_E :
return "mp_read error state";
case MP_EXPTMOD_E :
return "mp_exptmod error state";
case MP_TO_E :
return "mp_to_xxx error state, can't convert";
case MP_SUB_E :
return "mp_sub error state, can't subtract";
case MP_ADD_E :
return "mp_add error state, can't add";
case MP_MUL_E :
return "mp_mul error state, can't multiply";
case MP_MULMOD_E :
return "mp_mulmod error state, can't multiply mod";
case MP_MOD_E :
return "mp_mod error state, can't mod";
case MP_INVMOD_E :
return "mp_invmod error state, can't inv mod";
case MP_CMP_E :
return "mp_cmp error state";
case MP_ZERO_E :
return "mp zero result, not expected";
case MEMORY_E :
return "out of memory error";
case RSA_WRONG_TYPE_E :
return "RSA wrong block type for RSA function";
case RSA_BUFFER_E :
return "RSA buffer error, output too small or input too big";
case BUFFER_E :
return "Buffer error, output too small or input too big";
case ALGO_ID_E :
return "Setting Cert AlogID error";
case PUBLIC_KEY_E :
return "Setting Cert Public Key error";
case DATE_E :
return "Setting Cert Date validity error";
case SUBJECT_E :
return "Setting Cert Subject name error";
case ISSUER_E :
return "Setting Cert Issuer name error";
case CA_TRUE_E :
return "Setting basic constraint CA true error";
case EXTENSIONS_E :
return "Setting extensions error";
case ASN_PARSE_E :
return "ASN parsing error, invalid input";
case ASN_VERSION_E :
return "ASN version error, invalid number";
case ASN_GETINT_E :
return "ASN get big int error, invalid data";
case ASN_RSA_KEY_E :
return "ASN key init error, invalid input";
case ASN_OBJECT_ID_E :
return "ASN object id error, invalid id";
case ASN_TAG_NULL_E :
return "ASN tag error, not null";
case ASN_EXPECT_0_E :
return "ASN expect error, not zero";
case ASN_BITSTR_E :
return "ASN bit string error, wrong id";
case ASN_UNKNOWN_OID_E :
return "ASN oid error, unknown sum id";
case ASN_DATE_SZ_E :
return "ASN date error, bad size";
case ASN_BEFORE_DATE_E :
return "ASN date error, current date before";
case ASN_AFTER_DATE_E :
return "ASN date error, current date after";
case ASN_SIG_OID_E :
return "ASN signature error, mismatched oid";
case ASN_TIME_E :
return "ASN time error, unkown time type";
case ASN_INPUT_E :
return "ASN input error, not enough data";
case ASN_SIG_CONFIRM_E :
return "ASN sig error, confirm failure";
case ASN_SIG_HASH_E :
return "ASN sig error, unsupported hash type";
case ASN_SIG_KEY_E :
return "ASN sig error, unsupported key type";
case ASN_DH_KEY_E :
return "ASN key init error, invalid input";
case ASN_NTRU_KEY_E :
return "ASN NTRU key decode error, invalid input";
case ASN_CRIT_EXT_E:
return "X.509 Critical extension ignored";
case ECC_BAD_ARG_E :
return "ECC input argument wrong type, invalid input";
case ASN_ECC_KEY_E :
return "ECC ASN1 bad key data, invalid input";
case ECC_CURVE_OID_E :
return "ECC curve sum OID unsupported, invalid input";
case BAD_FUNC_ARG :
return "Bad function argument";
case NOT_COMPILED_IN :
return "Feature not compiled in";
case UNICODE_SIZE_E :
return "Unicode password too big";
case NO_PASSWORD :
return "No password provided by user";
case ALT_NAME_E :
return "Alt Name problem, too big";
case AES_GCM_AUTH_E:
return "AES-GCM Authentication check fail";
case AES_CCM_AUTH_E:
return "AES-CCM Authentication check fail";
case CAVIUM_INIT_E:
return "Cavium Init type error";
case COMPRESS_INIT_E:
return "Compress Init error";
case COMPRESS_E:
return "Compress error";
case DECOMPRESS_INIT_E:
return "DeCompress Init error";
case DECOMPRESS_E:
return "DeCompress error";
case BAD_ALIGN_E:
return "Bad alignment error, no alloc help";
case ASN_NO_SIGNER_E :
return "ASN no signer error to confirm failure";
case ASN_CRL_CONFIRM_E :
return "ASN CRL sig error, confirm failure";
case ASN_CRL_NO_SIGNER_E :
return "ASN CRL no signer error to confirm failure";
case ASN_OCSP_CONFIRM_E :
return "ASN OCSP sig error, confirm failure";
case BAD_ENC_STATE_E:
return "Bad ecc encrypt state operation";
case BAD_PADDING_E:
return "Bad padding, message wrong length";
case REQ_ATTRIBUTE_E:
return "Setting cert request attributes error";
case PKCS7_OID_E:
return "PKCS#7 error: mismatched OID value";
case PKCS7_RECIP_E:
return "PKCS#7 error: no matching recipient found";
case FIPS_NOT_ALLOWED_E:
return "FIPS mode not allowed error";
case ASN_NAME_INVALID_E:
return "Name Constraint error";
case RNG_FAILURE_E:
return "Random Number Generator failed";
case HMAC_MIN_KEYLEN_E:
return "FIPS Mode HMAC Minimum Key Length error";
default:
return "unknown error number";
}
#endif /* NO_ERROR_STRINGS */
}
void CTaoCryptErrorString(int error, char* buffer)
{
XSTRNCPY(buffer, CTaoCryptGetErrorString(error), CYASSL_MAX_ERROR_SZ);
}

0
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fips.c Normal file
View file

0
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fips_test.c Normal file
View file

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mont_small.i
View file

@ -1,6 +1,6 @@
/* fp_mont_small.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_12.i
View file

@ -1,6 +1,6 @@
/* fp_mul_comba_12.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_17.i
View file

@ -1,6 +1,6 @@
/* fp_mul_comba_17.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_20.i
View file

@ -1,6 +1,6 @@
/* fp_mul_comba_20.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef TFM_MUL20

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_24.i
View file

@ -1,6 +1,6 @@
/* fp_mul_comba_24.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_28.i
View file

@ -1,6 +1,6 @@
/* fp_mul_comba_28.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_3.i
View file

@ -1,6 +1,6 @@
/* fp_mul_comba_3.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_32.i
View file

@ -1,6 +1,6 @@
/* fp_mul_comba_32.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_4.i
View file

@ -1,6 +1,6 @@
/* fp_mul_comba_4.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_48.i
View file

@ -1,6 +1,6 @@
/* fp_mul_comba_48.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_6.i
View file

@ -1,6 +1,6 @@
/* fp_mul_comba_6.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_64.i
View file

@ -1,6 +1,6 @@
/* fp_mul_comba_64.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_7.i
View file

@ -1,6 +1,6 @@
/* fp_mul_comba_7.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_8.i
View file

@ -1,6 +1,6 @@
/* fp_mul_comba_8.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_9.i
View file

@ -1,6 +1,6 @@
/* fp_mul_comba_9.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_small_set.i
View file

@ -1,6 +1,6 @@
/* fp_mul_comba_small_set.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

8
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_12.i
View file

@ -1,6 +1,6 @@
/* fp_sqr_comba_12.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -24,7 +24,9 @@
void fp_sqr_comba12(fp_int *A, fp_int *B)
{
fp_digit *a, b[24], c0, c1, c2, sc0, sc1, sc2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp;
COMBA_START;

7
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_17.i
View file

@ -1,6 +1,6 @@
/* fp_sqr_comba_17.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -24,6 +24,9 @@
void fp_sqr_comba17(fp_int *A, fp_int *B)
{
fp_digit *a, b[34], c0, c1, c2, sc0, sc1, sc2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp;
COMBA_START;

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_20.i
View file

@ -1,6 +1,6 @@
/* fp_sqr_comba_20.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_24.i
View file

@ -1,6 +1,6 @@
/* fp_sqr_comba_24.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_28.i
View file

@ -1,6 +1,6 @@
/* fp_sqr_comba_28.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

9
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_3.i
View file

@ -1,6 +1,6 @@
/* fp_sqr_comba_3.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,14 +16,17 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef TFM_SQR3
void fp_sqr_comba3(fp_int *A, fp_int *B)
{
fp_digit *a, b[6], c0, c1, c2, sc0, sc1, sc2;
fp_digit *a, b[6], c0, c1, c2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp;
COMBA_START;

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_32.i
View file

@ -1,6 +1,6 @@
/* fp_sqr_comba_32.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

9
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_4.i
View file

@ -1,6 +1,6 @@
/* fp_sqr_comba_4.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,14 +16,17 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef TFM_SQR4
void fp_sqr_comba4(fp_int *A, fp_int *B)
{
fp_digit *a, b[8], c0, c1, c2, sc0, sc1, sc2;
fp_digit *a, b[8], c0, c1, c2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp;
COMBA_START;

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_48.i
View file

@ -1,6 +1,6 @@
/* fp_sqr_comba_48.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

7
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_6.i
View file

@ -1,6 +1,6 @@
/* fp_sqr_comba_6.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -24,6 +24,9 @@
void fp_sqr_comba6(fp_int *A, fp_int *B)
{
fp_digit *a, b[12], c0, c1, c2, sc0, sc1, sc2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp;
COMBA_START;

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_64.i
View file

@ -1,6 +1,6 @@
/* fp_sqr_comba_64.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

7
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_7.i
View file

@ -1,6 +1,6 @@
/* fp_sqr_comba_7.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -24,6 +24,9 @@
void fp_sqr_comba7(fp_int *A, fp_int *B)
{
fp_digit *a, b[14], c0, c1, c2, sc0, sc1, sc2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp;
COMBA_START;

7
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_8.i
View file

@ -1,6 +1,6 @@
/* fp_sqr_comba_8.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -24,6 +24,9 @@
void fp_sqr_comba8(fp_int *A, fp_int *B)
{
fp_digit *a, b[16], c0, c1, c2, sc0, sc1, sc2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp;
COMBA_START;

7
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_9.i
View file

@ -1,6 +1,6 @@
/* fp_sqr_comba_9.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -24,6 +24,9 @@
void fp_sqr_comba9(fp_int *A, fp_int *B)
{
fp_digit *a, b[18], c0, c1, c2, sc0, sc1, sc2;
#ifdef TFM_ISO
fp_word tt;
#endif
a = A->dp;
COMBA_START;

4
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_small_set.i
View file

@ -1,6 +1,6 @@
/* fp_sqr_comba_small_set.i
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/

80
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/hc128.c
View file

@ -1,6 +1,6 @@
/* hc128.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,18 +16,23 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#ifdef HAVE_HC128
#include <cyassl/ctaocrypt/hc128.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#include <cyassl/ctaocrypt/logging.h>
#ifdef NO_INLINE
#include <cyassl/ctaocrypt/hc128.h>
#include <cyassl/ctaocrypt/misc.h>
#else
#include <ctaocrypt/src/misc.c>
#endif
@ -224,12 +229,18 @@ static void setup_update(HC128* ctx) /*each time 16 steps*/
static void Hc128_SetIV(HC128* ctx, const byte* iv)
static void Hc128_SetIV(HC128* ctx, const byte* inIv)
{
word32 i;
word32 iv[4];
if (inIv)
XMEMCPY(iv, inIv, sizeof(iv));
else
XMEMSET(iv, 0, sizeof(iv));
for (i = 0; i < (128 >> 5); i++)
ctx->iv[i] = LITTLE32(((word32*)iv)[i]);
ctx->iv[i] = LITTLE32(iv[i]);
for (; i < 8; i++) ctx->iv[i] = ctx->iv[i-4];
@ -259,7 +270,7 @@ static void Hc128_SetIV(HC128* ctx, const byte* iv)
}
void Hc128_SetKey(HC128* ctx, const byte* key, const byte* iv)
static INLINE int DoKey(HC128* ctx, const byte* key, const byte* iv)
{
word32 i;
@ -270,11 +281,35 @@ void Hc128_SetKey(HC128* ctx, const byte* key, const byte* iv)
for ( ; i < 8 ; i++) ctx->key[i] = ctx->key[i-4];
Hc128_SetIV(ctx, iv);
return 0;
}
/* Key setup */
int Hc128_SetKey(HC128* ctx, const byte* key, const byte* iv)
{
#ifdef XSTREAM_ALIGN
if ((word)key % 4) {
int alignKey[4];
/* iv gets aligned in SetIV */
CYASSL_MSG("Hc128SetKey unaligned key");
XMEMCPY(alignKey, key, sizeof(alignKey));
return DoKey(ctx, (const byte*)alignKey, iv);
}
#endif /* XSTREAM_ALIGN */
return DoKey(ctx, key, iv);
}
/* The following defines the encryption of data stream */
void Hc128_Process(HC128* ctx, byte* output, const byte* input, word32 msglen)
static INLINE int DoProcess(HC128* ctx, byte* output, const byte* input,
word32 msglen)
{
word32 i, keystream[16];
@ -303,6 +338,7 @@ void Hc128_Process(HC128* ctx, byte* output, const byte* input, word32 msglen)
if (msglen > 0)
{
XMEMSET(keystream, 0, sizeof(keystream)); /* hush the static analysis */
generate_keystream(ctx, keystream);
#ifdef BIG_ENDIAN_ORDER
@ -318,6 +354,36 @@ void Hc128_Process(HC128* ctx, byte* output, const byte* input, word32 msglen)
output[i] = input[i] ^ ((byte*)keystream)[i];
}
return 0;
}
/* Encrypt/decrypt a message of any size */
int Hc128_Process(HC128* ctx, byte* output, const byte* input, word32 msglen)
{
#ifdef XSTREAM_ALIGN
if ((word)input % 4 || (word)output % 4) {
#ifndef NO_CYASSL_ALLOC_ALIGN
byte* tmp;
CYASSL_MSG("Hc128Process unaligned");
tmp = (byte*)XMALLOC(msglen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (tmp == NULL) return MEMORY_E;
XMEMCPY(tmp, input, msglen);
DoProcess(ctx, tmp, tmp, msglen);
XMEMCPY(output, tmp, msglen);
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return 0;
#else
return BAD_ALIGN_E;
#endif
}
#endif /* XSTREAM_ALIGN */
return DoProcess(ctx, output, input, msglen);
}

875
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/hmac.c
View file

@ -1,6 +1,6 @@
/* hmac.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,195 +16,810 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#ifndef NO_HMAC
#include <cyassl/ctaocrypt/hmac.h>
#include <cyassl/ctaocrypt/error.h>
#ifdef CYASSL_PIC32MZ_HASH
#define InitMd5 InitMd5_sw
#define Md5Update Md5Update_sw
#define Md5Final Md5Final_sw
#define InitSha InitSha_sw
#define ShaUpdate ShaUpdate_sw
#define ShaFinal ShaFinal_sw
#define InitSha256 InitSha256_sw
#define Sha256Update Sha256Update_sw
#define Sha256Final Sha256Final_sw
#endif
#ifdef HAVE_FIPS
/* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
#define FIPS_NO_WRAPPERS
#endif
#include <cyassl/ctaocrypt/hmac.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#ifdef HAVE_CAVIUM
static void HmacCaviumFinal(Hmac* hmac, byte* hash);
static void HmacCaviumUpdate(Hmac* hmac, const byte* msg, word32 length);
static void HmacCaviumSetKey(Hmac* hmac, int type, const byte* key,
word32 length);
#endif
static int InitHmac(Hmac* hmac, int type)
{
int ret = 0;
hmac->innerHashKeyed = 0;
hmac->macType = (byte)type;
if (!(type == MD5 || type == SHA || type == SHA256 || type == SHA384))
if (!(type == MD5 || type == SHA || type == SHA256 || type == SHA384
|| type == SHA512 || type == BLAKE2B_ID))
return BAD_FUNC_ARG;
if (type == MD5)
InitMd5(&hmac->hash.md5);
else if (type == SHA)
InitSha(&hmac->hash.sha);
#ifndef NO_SHA256
else if (type == SHA256)
InitSha256(&hmac->hash.sha256);
#endif
#ifdef CYASSL_SHA384
else if (type == SHA384)
InitSha384(&hmac->hash.sha384);
#endif
switch (type) {
#ifndef NO_MD5
case MD5:
InitMd5(&hmac->hash.md5);
break;
#endif
return 0;
#ifndef NO_SHA
case SHA:
ret = InitSha(&hmac->hash.sha);
break;
#endif
#ifndef NO_SHA256
case SHA256:
ret = InitSha256(&hmac->hash.sha256);
break;
#endif
#ifdef CYASSL_SHA384
case SHA384:
ret = InitSha384(&hmac->hash.sha384);
break;
#endif
#ifdef CYASSL_SHA512
case SHA512:
ret = InitSha512(&hmac->hash.sha512);
break;
#endif
#ifdef HAVE_BLAKE2
case BLAKE2B_ID:
ret = InitBlake2b(&hmac->hash.blake2b, BLAKE2B_256);
break;
#endif
default:
return BAD_FUNC_ARG;
}
return ret;
}
void HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
int HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
{
byte* ip = (byte*) hmac->ipad;
byte* op = (byte*) hmac->opad;
word32 i, hmac_block_size = MD5_BLOCK_SIZE;
word32 i, hmac_block_size = 0;
int ret;
InitHmac(hmac, type);
#ifdef HAVE_CAVIUM
if (hmac->magic == CYASSL_HMAC_CAVIUM_MAGIC)
return HmacCaviumSetKey(hmac, type, key, length);
#endif
if (hmac->macType == MD5) {
if (length <= MD5_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
}
else {
Md5Update(&hmac->hash.md5, key, length);
Md5Final(&hmac->hash.md5, ip);
length = MD5_DIGEST_SIZE;
}
}
else if (hmac->macType == SHA) {
hmac_block_size = SHA_BLOCK_SIZE;
if (length <= SHA_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
}
else {
ShaUpdate(&hmac->hash.sha, key, length);
ShaFinal(&hmac->hash.sha, ip);
length = SHA_DIGEST_SIZE;
}
}
#ifndef NO_SHA256
else if (hmac->macType == SHA256) {
hmac_block_size = SHA256_BLOCK_SIZE;
if (length <= SHA256_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
}
else {
Sha256Update(&hmac->hash.sha256, key, length);
Sha256Final(&hmac->hash.sha256, ip);
length = SHA256_DIGEST_SIZE;
}
}
ret = InitHmac(hmac, type);
if (ret != 0)
return ret;
#ifdef HAVE_FIPS
if (length < HMAC_FIPS_MIN_KEY)
return HMAC_MIN_KEYLEN_E;
#endif
#ifdef CYASSL_SHA384
else if (hmac->macType == SHA384) {
hmac_block_size = SHA384_BLOCK_SIZE;
if (length <= SHA384_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
switch (hmac->macType) {
#ifndef NO_MD5
case MD5:
{
hmac_block_size = MD5_BLOCK_SIZE;
if (length <= MD5_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
}
else {
Md5Update(&hmac->hash.md5, key, length);
Md5Final(&hmac->hash.md5, ip);
length = MD5_DIGEST_SIZE;
}
}
else {
Sha384Update(&hmac->hash.sha384, key, length);
Sha384Final(&hmac->hash.sha384, ip);
length = SHA384_DIGEST_SIZE;
break;
#endif
#ifndef NO_SHA
case SHA:
{
hmac_block_size = SHA_BLOCK_SIZE;
if (length <= SHA_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
}
else {
ShaUpdate(&hmac->hash.sha, key, length);
ShaFinal(&hmac->hash.sha, ip);
length = SHA_DIGEST_SIZE;
}
}
break;
#endif
#ifndef NO_SHA256
case SHA256:
{
hmac_block_size = SHA256_BLOCK_SIZE;
if (length <= SHA256_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
}
else {
ret = Sha256Update(&hmac->hash.sha256, key, length);
if (ret != 0)
return ret;
ret = Sha256Final(&hmac->hash.sha256, ip);
if (ret != 0)
return ret;
length = SHA256_DIGEST_SIZE;
}
}
break;
#endif
#ifdef CYASSL_SHA384
case SHA384:
{
hmac_block_size = SHA384_BLOCK_SIZE;
if (length <= SHA384_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
}
else {
ret = Sha384Update(&hmac->hash.sha384, key, length);
if (ret != 0)
return ret;
ret = Sha384Final(&hmac->hash.sha384, ip);
if (ret != 0)
return ret;
length = SHA384_DIGEST_SIZE;
}
}
break;
#endif
#ifdef CYASSL_SHA512
case SHA512:
{
hmac_block_size = SHA512_BLOCK_SIZE;
if (length <= SHA512_BLOCK_SIZE) {
XMEMCPY(ip, key, length);
}
else {
ret = Sha512Update(&hmac->hash.sha512, key, length);
if (ret != 0)
return ret;
ret = Sha512Final(&hmac->hash.sha512, ip);
if (ret != 0)
return ret;
length = SHA512_DIGEST_SIZE;
}
}
break;
#endif
#ifdef HAVE_BLAKE2
case BLAKE2B_ID:
{
hmac_block_size = BLAKE2B_BLOCKBYTES;
if (length <= BLAKE2B_BLOCKBYTES) {
XMEMCPY(ip, key, length);
}
else {
ret = Blake2bUpdate(&hmac->hash.blake2b, key, length);
if (ret != 0)
return ret;
ret = Blake2bFinal(&hmac->hash.blake2b, ip, BLAKE2B_256);
if (ret != 0)
return ret;
length = BLAKE2B_256;
}
}
break;
#endif
default:
return BAD_FUNC_ARG;
}
#endif
XMEMSET(ip + length, 0, hmac_block_size - length);
if (length < hmac_block_size)
XMEMSET(ip + length, 0, hmac_block_size - length);
for(i = 0; i < hmac_block_size; i++) {
op[i] = ip[i] ^ OPAD;
ip[i] ^= IPAD;
}
return 0;
}
static void HmacKeyInnerHash(Hmac* hmac)
static int HmacKeyInnerHash(Hmac* hmac)
{
if (hmac->macType == MD5)
Md5Update(&hmac->hash.md5, (byte*) hmac->ipad, MD5_BLOCK_SIZE);
else if (hmac->macType == SHA)
ShaUpdate(&hmac->hash.sha, (byte*) hmac->ipad, SHA_BLOCK_SIZE);
#ifndef NO_SHA256
else if (hmac->macType == SHA256)
Sha256Update(&hmac->hash.sha256, (byte*) hmac->ipad, SHA256_BLOCK_SIZE);
#endif
#ifdef CYASSL_SHA384
else if (hmac->macType == SHA384)
Sha384Update(&hmac->hash.sha384, (byte*) hmac->ipad, SHA384_BLOCK_SIZE);
#endif
int ret = 0;
switch (hmac->macType) {
#ifndef NO_MD5
case MD5:
Md5Update(&hmac->hash.md5, (byte*) hmac->ipad, MD5_BLOCK_SIZE);
break;
#endif
#ifndef NO_SHA
case SHA:
ShaUpdate(&hmac->hash.sha, (byte*) hmac->ipad, SHA_BLOCK_SIZE);
break;
#endif
#ifndef NO_SHA256
case SHA256:
ret = Sha256Update(&hmac->hash.sha256,
(byte*) hmac->ipad, SHA256_BLOCK_SIZE);
if (ret != 0)
return ret;
break;
#endif
#ifdef CYASSL_SHA384
case SHA384:
ret = Sha384Update(&hmac->hash.sha384,
(byte*) hmac->ipad, SHA384_BLOCK_SIZE);
if (ret != 0)
return ret;
break;
#endif
#ifdef CYASSL_SHA512
case SHA512:
ret = Sha512Update(&hmac->hash.sha512,
(byte*) hmac->ipad, SHA512_BLOCK_SIZE);
if (ret != 0)
return ret;
break;
#endif
#ifdef HAVE_BLAKE2
case BLAKE2B_ID:
ret = Blake2bUpdate(&hmac->hash.blake2b,
(byte*) hmac->ipad,BLAKE2B_BLOCKBYTES);
if (ret != 0)
return ret;
break;
#endif
default:
break;
}
hmac->innerHashKeyed = 1;
return ret;
}
void HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
int HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
{
if (!hmac->innerHashKeyed)
HmacKeyInnerHash(hmac);
int ret;
if (hmac->macType == MD5)
Md5Update(&hmac->hash.md5, msg, length);
else if (hmac->macType == SHA)
ShaUpdate(&hmac->hash.sha, msg, length);
#ifndef NO_SHA256
else if (hmac->macType == SHA256)
Sha256Update(&hmac->hash.sha256, msg, length);
#endif
#ifdef CYASSL_SHA384
else if (hmac->macType == SHA384)
Sha384Update(&hmac->hash.sha384, msg, length);
#ifdef HAVE_CAVIUM
if (hmac->magic == CYASSL_HMAC_CAVIUM_MAGIC)
return HmacCaviumUpdate(hmac, msg, length);
#endif
if (!hmac->innerHashKeyed) {
ret = HmacKeyInnerHash(hmac);
if (ret != 0)
return ret;
}
switch (hmac->macType) {
#ifndef NO_MD5
case MD5:
Md5Update(&hmac->hash.md5, msg, length);
break;
#endif
#ifndef NO_SHA
case SHA:
ShaUpdate(&hmac->hash.sha, msg, length);
break;
#endif
#ifndef NO_SHA256
case SHA256:
ret = Sha256Update(&hmac->hash.sha256, msg, length);
if (ret != 0)
return ret;
break;
#endif
#ifdef CYASSL_SHA384
case SHA384:
ret = Sha384Update(&hmac->hash.sha384, msg, length);
if (ret != 0)
return ret;
break;
#endif
#ifdef CYASSL_SHA512
case SHA512:
ret = Sha512Update(&hmac->hash.sha512, msg, length);
if (ret != 0)
return ret;
break;
#endif
#ifdef HAVE_BLAKE2
case BLAKE2B_ID:
ret = Blake2bUpdate(&hmac->hash.blake2b, msg, length);
if (ret != 0)
return ret;
break;
#endif
default:
break;
}
return 0;
}
void HmacFinal(Hmac* hmac, byte* hash)
int HmacFinal(Hmac* hmac, byte* hash)
{
if (!hmac->innerHashKeyed)
HmacKeyInnerHash(hmac);
int ret;
if (hmac->macType == MD5) {
Md5Final(&hmac->hash.md5, (byte*) hmac->innerHash);
Md5Update(&hmac->hash.md5, (byte*) hmac->opad, MD5_BLOCK_SIZE);
Md5Update(&hmac->hash.md5, (byte*) hmac->innerHash, MD5_DIGEST_SIZE);
Md5Final(&hmac->hash.md5, hash);
}
else if (hmac->macType == SHA) {
ShaFinal(&hmac->hash.sha, (byte*) hmac->innerHash);
ShaUpdate(&hmac->hash.sha, (byte*) hmac->opad, SHA_BLOCK_SIZE);
ShaUpdate(&hmac->hash.sha, (byte*) hmac->innerHash, SHA_DIGEST_SIZE);
ShaFinal(&hmac->hash.sha, hash);
}
#ifndef NO_SHA256
else if (hmac->macType == SHA256) {
Sha256Final(&hmac->hash.sha256, (byte*) hmac->innerHash);
Sha256Update(&hmac->hash.sha256, (byte*) hmac->opad, SHA256_BLOCK_SIZE);
Sha256Update(&hmac->hash.sha256, (byte*) hmac->innerHash,
SHA256_DIGEST_SIZE);
Sha256Final(&hmac->hash.sha256, hash);
}
#ifdef HAVE_CAVIUM
if (hmac->magic == CYASSL_HMAC_CAVIUM_MAGIC)
return HmacCaviumFinal(hmac, hash);
#endif
#ifdef CYASSL_SHA384
else if (hmac->macType == SHA384) {
Sha384Final(&hmac->hash.sha384, (byte*) hmac->innerHash);
Sha384Update(&hmac->hash.sha384, (byte*) hmac->opad, SHA384_BLOCK_SIZE);
Sha384Update(&hmac->hash.sha384, (byte*) hmac->innerHash,
SHA384_DIGEST_SIZE);
Sha384Final(&hmac->hash.sha384, hash);
if (!hmac->innerHashKeyed) {
ret = HmacKeyInnerHash(hmac);
if (ret != 0)
return ret;
}
switch (hmac->macType) {
#ifndef NO_MD5
case MD5:
{
Md5Final(&hmac->hash.md5, (byte*) hmac->innerHash);
Md5Update(&hmac->hash.md5, (byte*) hmac->opad, MD5_BLOCK_SIZE);
Md5Update(&hmac->hash.md5,
(byte*) hmac->innerHash, MD5_DIGEST_SIZE);
Md5Final(&hmac->hash.md5, hash);
}
break;
#endif
#ifndef NO_SHA
case SHA:
{
ShaFinal(&hmac->hash.sha, (byte*) hmac->innerHash);
ShaUpdate(&hmac->hash.sha, (byte*) hmac->opad, SHA_BLOCK_SIZE);
ShaUpdate(&hmac->hash.sha,
(byte*) hmac->innerHash, SHA_DIGEST_SIZE);
ShaFinal(&hmac->hash.sha, hash);
}
break;
#endif
#ifndef NO_SHA256
case SHA256:
{
ret = Sha256Final(&hmac->hash.sha256, (byte*) hmac->innerHash);
if (ret != 0)
return ret;
ret = Sha256Update(&hmac->hash.sha256,
(byte*) hmac->opad, SHA256_BLOCK_SIZE);
if (ret != 0)
return ret;
ret = Sha256Update(&hmac->hash.sha256,
(byte*) hmac->innerHash, SHA256_DIGEST_SIZE);
if (ret != 0)
return ret;
ret = Sha256Final(&hmac->hash.sha256, hash);
if (ret != 0)
return ret;
}
break;
#endif
#ifdef CYASSL_SHA384
case SHA384:
{
ret = Sha384Final(&hmac->hash.sha384, (byte*) hmac->innerHash);
if (ret != 0)
return ret;
ret = Sha384Update(&hmac->hash.sha384,
(byte*) hmac->opad, SHA384_BLOCK_SIZE);
if (ret != 0)
return ret;
ret = Sha384Update(&hmac->hash.sha384,
(byte*) hmac->innerHash, SHA384_DIGEST_SIZE);
if (ret != 0)
return ret;
ret = Sha384Final(&hmac->hash.sha384, hash);
if (ret != 0)
return ret;
}
break;
#endif
#ifdef CYASSL_SHA512
case SHA512:
{
ret = Sha512Final(&hmac->hash.sha512, (byte*) hmac->innerHash);
if (ret != 0)
return ret;
ret = Sha512Update(&hmac->hash.sha512,
(byte*) hmac->opad, SHA512_BLOCK_SIZE);
if (ret != 0)
return ret;
ret = Sha512Update(&hmac->hash.sha512,
(byte*) hmac->innerHash, SHA512_DIGEST_SIZE);
if (ret != 0)
return ret;
ret = Sha512Final(&hmac->hash.sha512, hash);
if (ret != 0)
return ret;
}
break;
#endif
#ifdef HAVE_BLAKE2
case BLAKE2B_ID:
{
ret = Blake2bFinal(&hmac->hash.blake2b, (byte*) hmac->innerHash,
BLAKE2B_256);
if (ret != 0)
return ret;
ret = Blake2bUpdate(&hmac->hash.blake2b,
(byte*) hmac->opad, BLAKE2B_BLOCKBYTES);
if (ret != 0)
return ret;
ret = Blake2bUpdate(&hmac->hash.blake2b,
(byte*) hmac->innerHash, BLAKE2B_256);
if (ret != 0)
return ret;
ret = Blake2bFinal(&hmac->hash.blake2b, hash, BLAKE2B_256);
if (ret != 0)
return ret;
}
break;
#endif
default:
break;
}
#endif
hmac->innerHashKeyed = 0;
return 0;
}
#ifdef HAVE_CAVIUM
/* Initiliaze Hmac for use with Nitrox device */
int HmacInitCavium(Hmac* hmac, int devId)
{
if (hmac == NULL)
return -1;
if (CspAllocContext(CONTEXT_SSL, &hmac->contextHandle, devId) != 0)
return -1;
hmac->keyLen = 0;
hmac->dataLen = 0;
hmac->type = 0;
hmac->devId = devId;
hmac->magic = CYASSL_HMAC_CAVIUM_MAGIC;
hmac->data = NULL; /* buffered input data */
hmac->innerHashKeyed = 0;
return 0;
}
/* Free Hmac from use with Nitrox device */
void HmacFreeCavium(Hmac* hmac)
{
if (hmac == NULL)
return;
CspFreeContext(CONTEXT_SSL, hmac->contextHandle, hmac->devId);
hmac->magic = 0;
XFREE(hmac->data, NULL, DYNAMIC_TYPE_CAVIUM_TMP);
hmac->data = NULL;
}
static void HmacCaviumFinal(Hmac* hmac, byte* hash)
{
word32 requestId;
if (CspHmac(CAVIUM_BLOCKING, hmac->type, NULL, hmac->keyLen,
(byte*)hmac->ipad, hmac->dataLen, hmac->data, hash, &requestId,
hmac->devId) != 0) {
CYASSL_MSG("Cavium Hmac failed");
}
hmac->innerHashKeyed = 0; /* tell update to start over if used again */
}
static void HmacCaviumUpdate(Hmac* hmac, const byte* msg, word32 length)
{
word16 add = (word16)length;
word32 total;
byte* tmp;
if (length > CYASSL_MAX_16BIT) {
CYASSL_MSG("Too big msg for cavium hmac");
return;
}
if (hmac->innerHashKeyed == 0) { /* starting new */
hmac->dataLen = 0;
hmac->innerHashKeyed = 1;
}
total = add + hmac->dataLen;
if (total > CYASSL_MAX_16BIT) {
CYASSL_MSG("Too big msg for cavium hmac");
return;
}
tmp = XMALLOC(hmac->dataLen + add, NULL,DYNAMIC_TYPE_CAVIUM_TMP);
if (tmp == NULL) {
CYASSL_MSG("Out of memory for cavium update");
return;
}
if (hmac->dataLen)
XMEMCPY(tmp, hmac->data, hmac->dataLen);
XMEMCPY(tmp + hmac->dataLen, msg, add);
hmac->dataLen += add;
XFREE(hmac->data, NULL, DYNAMIC_TYPE_CAVIUM_TMP);
hmac->data = tmp;
}
static void HmacCaviumSetKey(Hmac* hmac, int type, const byte* key,
word32 length)
{
hmac->macType = (byte)type;
if (type == MD5)
hmac->type = MD5_TYPE;
else if (type == SHA)
hmac->type = SHA1_TYPE;
else if (type == SHA256)
hmac->type = SHA256_TYPE;
else {
CYASSL_MSG("unsupported cavium hmac type");
}
hmac->innerHashKeyed = 0; /* should we key Startup flag */
hmac->keyLen = (word16)length;
/* store key in ipad */
XMEMCPY(hmac->ipad, key, length);
}
#endif /* HAVE_CAVIUM */
int CyaSSL_GetHmacMaxSize(void)
{
return MAX_DIGEST_SIZE;
}
#ifdef HAVE_HKDF
#ifndef min
static INLINE word32 min(word32 a, word32 b)
{
return a > b ? b : a;
}
#endif /* min */
static INLINE int GetHashSizeByType(int type)
{
if (!(type == MD5 || type == SHA || type == SHA256 || type == SHA384
|| type == SHA512 || type == BLAKE2B_ID))
return BAD_FUNC_ARG;
switch (type) {
#ifndef NO_MD5
case MD5:
return MD5_DIGEST_SIZE;
break;
#endif
#ifndef NO_SHA
case SHA:
return SHA_DIGEST_SIZE;
break;
#endif
#ifndef NO_SHA256
case SHA256:
return SHA256_DIGEST_SIZE;
break;
#endif
#ifdef CYASSL_SHA384
case SHA384:
return SHA384_DIGEST_SIZE;
break;
#endif
#ifdef CYASSL_SHA512
case SHA512:
return SHA512_DIGEST_SIZE;
break;
#endif
#ifdef HAVE_BLAKE2
case BLAKE2B_ID:
return BLAKE2B_OUTBYTES;
break;
#endif
default:
return BAD_FUNC_ARG;
break;
}
}
/* HMAC-KDF with hash type, optional salt and info, return 0 on success */
int HKDF(int type, const byte* inKey, word32 inKeySz,
const byte* salt, word32 saltSz,
const byte* info, word32 infoSz,
byte* out, word32 outSz)
{
Hmac myHmac;
#ifdef CYASSL_SMALL_STACK
byte* tmp;
byte* prk;
#else
byte tmp[MAX_DIGEST_SIZE]; /* localSalt helper and T */
byte prk[MAX_DIGEST_SIZE];
#endif
const byte* localSalt; /* either points to user input or tmp */
int hashSz = GetHashSizeByType(type);
word32 outIdx = 0;
byte n = 0x1;
int ret;
if (hashSz < 0)
return BAD_FUNC_ARG;
#ifdef CYASSL_SMALL_STACK
tmp = (byte*)XMALLOC(MAX_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (tmp == NULL)
return MEMORY_E;
prk = (byte*)XMALLOC(MAX_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (prk == NULL) {
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return MEMORY_E;
}
#endif
localSalt = salt;
if (localSalt == NULL) {
XMEMSET(tmp, 0, hashSz);
localSalt = tmp;
saltSz = hashSz;
}
do {
ret = HmacSetKey(&myHmac, type, localSalt, saltSz);
if (ret != 0)
break;
ret = HmacUpdate(&myHmac, inKey, inKeySz);
if (ret != 0)
break;
ret = HmacFinal(&myHmac, prk);
} while (0);
if (ret == 0) {
while (outIdx < outSz) {
int tmpSz = (n == 1) ? 0 : hashSz;
word32 left = outSz - outIdx;
ret = HmacSetKey(&myHmac, type, prk, hashSz);
if (ret != 0)
break;
ret = HmacUpdate(&myHmac, tmp, tmpSz);
if (ret != 0)
break;
ret = HmacUpdate(&myHmac, info, infoSz);
if (ret != 0)
break;
ret = HmacUpdate(&myHmac, &n, 1);
if (ret != 0)
break;
ret = HmacFinal(&myHmac, tmp);
if (ret != 0)
break;
left = min(left, (word32)hashSz);
XMEMCPY(out+outIdx, tmp, left);
outIdx += hashSz;
n++;
}
}
#ifdef CYASSL_SMALL_STACK
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(prk, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#endif /* HAVE_HKDF */
#endif /* NO_HMAC */

3
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/include.am
View file

@ -2,7 +2,8 @@
# All paths should be given relative to the root
EXTRA_DIST += ctaocrypt/src/misc.c
EXTRA_DIST += ctaocrypt/src/asm.c
EXTRA_DIST += ctaocrypt/src/asm.c
EXTRA_DIST += ctaocrypt/src/aes_asm.asm
EXTRA_DIST += \
ctaocrypt/src/ecc_fp.c \

132
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/integer.c
View file

@ -1,6 +1,6 @@
/* integer.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -33,10 +33,19 @@
/* in case user set USE_FAST_MATH there */
#include <cyassl/ctaocrypt/settings.h>
#ifndef NO_BIG_INT
#ifndef USE_FAST_MATH
#include <cyassl/ctaocrypt/integer.h>
#ifndef NO_CYASSL_SMALL_STACK
#ifndef CYASSL_SMALL_STACK
#define CYASSL_SMALL_STACK
#endif
#endif
static void bn_reverse (unsigned char *s, int len);
/* math settings check */
word32 CheckRunTimeSettings(void)
@ -116,6 +125,9 @@ mp_clear (mp_int * a)
{
int i;
if (a == NULL)
return;
/* only do anything if a hasn't been freed previously */
if (a->dp != NULL) {
/* first zero the digits */
@ -167,6 +179,28 @@ mp_count_bits (mp_int * a)
}
int mp_leading_bit (mp_int * a)
{
int bit = 0;
mp_int t;
if (mp_init_copy(&t, a) != MP_OKAY)
return 0;
while (mp_iszero(&t) == 0) {
#ifndef MP_8BIT
bit = (t.dp[0] & 0x80) != 0;
#else
bit = (t.dp[0] | ((t.dp[1] & 0x01) << 7)) & 0x80 != 0;
#endif
if (mp_div_2d (&t, 8, &t, NULL) != MP_OKAY)
break;
}
mp_clear(&t);
return bit;
}
/* store in unsigned [big endian] format */
int mp_to_unsigned_bin (mp_int * a, unsigned char *b)
{
@ -316,8 +350,7 @@ bn_reverse (unsigned char *s, int len)
remainder in d) */
int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d)
{
mp_digit D, r, rr;
int x, res;
int D, res;
mp_int t;
@ -354,33 +387,9 @@ int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d)
}
/* shift any bit count < DIGIT_BIT */
D = (mp_digit) (b % DIGIT_BIT);
D = (b % DIGIT_BIT);
if (D != 0) {
register mp_digit *tmpc, mask, shift;
/* mask */
mask = (((mp_digit)1) << D) - 1;
/* shift for lsb */
shift = DIGIT_BIT - D;
/* alias */
tmpc = c->dp + (c->used - 1);
/* carry */
r = 0;
for (x = c->used - 1; x >= 0; x--) {
/* get the lower bits of this word in a temp */
rr = *tmpc & mask;
/* shift the current word and mix in the carry bits from the previous
word */
*tmpc = (*tmpc >> D) | (r << shift);
--tmpc;
/* set the carry to the carry bits of the current word found above */
r = rr;
}
mp_rshb(c, D);
}
mp_clamp (c);
if (d != NULL) {
@ -445,6 +454,38 @@ mp_exch (mp_int * a, mp_int * b)
}
/* shift right a certain number of bits */
void mp_rshb (mp_int *c, int x)
{
register mp_digit *tmpc, mask, shift;
mp_digit r, rr;
mp_digit D = x;
/* mask */
mask = (((mp_digit)1) << D) - 1;
/* shift for lsb */
shift = DIGIT_BIT - D;
/* alias */
tmpc = c->dp + (c->used - 1);
/* carry */
r = 0;
for (x = c->used - 1; x >= 0; x--) {
/* get the lower bits of this word in a temp */
rr = *tmpc & mask;
/* shift the current word and mix in the carry bits from previous word */
*tmpc = (*tmpc >> D) | (r << shift);
--tmpc;
/* set the carry to the carry bits of the current word found above */
r = rr;
}
}
/* shift right a certain amount of digits */
void mp_rshd (mp_int * a, int b)
{
@ -1813,15 +1854,15 @@ int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y,
}
/* compute the value at M[1<<(winsize-1)] by squaring M[1] (winsize-1) times*/
if ((err = mp_copy (&M[1], &M[1 << (winsize - 1)])) != MP_OKAY) {
if ((err = mp_copy (&M[1], &M[(mp_digit)(1 << (winsize - 1))])) != MP_OKAY) {
goto LBL_RES;
}
for (x = 0; x < (winsize - 1); x++) {
if ((err = mp_sqr (&M[1 << (winsize - 1)], &M[1 << (winsize - 1)])) != MP_OKAY) {
if ((err = mp_sqr (&M[(mp_digit)(1 << (winsize - 1))], &M[(mp_digit)(1 << (winsize - 1))])) != MP_OKAY) {
goto LBL_RES;
}
if ((err = redux (&M[1 << (winsize - 1)], P, mp)) != MP_OKAY) {
if ((err = redux (&M[(mp_digit)(1 << (winsize - 1))], P, mp)) != MP_OKAY) {
goto LBL_RES;
}
}
@ -1857,7 +1898,7 @@ int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y,
}
/* grab the next msb from the exponent */
y = (mp_digit)(buf >> (DIGIT_BIT - 1)) & 1;
y = (int)(buf >> (DIGIT_BIT - 1)) & 1;
buf <<= (mp_digit)1;
/* if the bit is zero and mode == 0 then we ignore it
@ -3209,19 +3250,19 @@ int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int redmode)
/* compute the value at M[1<<(winsize-1)] by squaring
* M[1] (winsize-1) times
*/
if ((err = mp_copy (&M[1], &M[1 << (winsize - 1)])) != MP_OKAY) {
if ((err = mp_copy (&M[1], &M[(mp_digit)(1 << (winsize - 1))])) != MP_OKAY) {
goto LBL_MU;
}
for (x = 0; x < (winsize - 1); x++) {
/* square it */
if ((err = mp_sqr (&M[1 << (winsize - 1)],
&M[1 << (winsize - 1)])) != MP_OKAY) {
if ((err = mp_sqr (&M[(mp_digit)(1 << (winsize - 1))],
&M[(mp_digit)(1 << (winsize - 1))])) != MP_OKAY) {
goto LBL_MU;
}
/* reduce modulo P */
if ((err = redux (&M[1 << (winsize - 1)], P, &mu)) != MP_OKAY) {
if ((err = redux (&M[(mp_digit)(1 << (winsize - 1))], P, &mu)) != MP_OKAY) {
goto LBL_MU;
}
}
@ -3265,7 +3306,7 @@ int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int redmode)
}
/* grab the next msb from the exponent */
y = (buf >> (mp_digit)(DIGIT_BIT - 1)) & 1;
y = (int)(buf >> (mp_digit)(DIGIT_BIT - 1)) & 1;
buf <<= (mp_digit)1;
/* if the bit is zero and mode == 0 then we ignore it
@ -3388,7 +3429,7 @@ int mp_reduce (mp_int * x, mp_int * m, mp_int * mu)
mp_rshd (&q, um - 1);
/* according to HAC this optimization is ok */
if (((unsigned long) um) > (((mp_digit)1) << (DIGIT_BIT - 1))) {
if (((mp_word) um) > (((mp_digit)1) << (DIGIT_BIT - 1))) {
if ((res = mp_mul (&q, mu, &q)) != MP_OKAY) {
goto CLEANUP;
}
@ -3724,7 +3765,7 @@ int mp_sqrmod (mp_int * a, mp_int * b, mp_int * c)
#endif
#if defined(CYASSL_KEY_GEN) || defined(HAVE_ECC) || !defined(NO_PWDBASED)
#if defined(HAVE_ECC) || !defined(NO_PWDBASED) || defined(CYASSL_SNIFFER) || defined(CYASSL_HAVE_WOLFSCEP) || defined(CYASSL_KEY_GEN)
/* single digit addition */
int mp_add_d (mp_int* a, mp_digit b, mp_int* c)
@ -3784,8 +3825,10 @@ int mp_add_d (mp_int* a, mp_digit b, mp_int* c)
*tmpc++ &= MP_MASK;
}
/* set final carry */
ix++;
*tmpc++ = mu;
if (mu != 0 && ix < c->alloc) {
ix++;
*tmpc++ = mu;
}
/* setup size */
c->used = a->used + 1;
@ -3886,7 +3929,7 @@ int mp_sub_d (mp_int * a, mp_digit b, mp_int * c)
return MP_OKAY;
}
#endif /* CYASSL_KEY_GEN || HAVE_ECC */
#endif /* defined(HAVE_ECC) || !defined(NO_PWDBASED) */
#ifdef CYASSL_KEY_GEN
@ -4442,3 +4485,4 @@ int mp_read_radix (mp_int * a, const char *str, int radix)
#endif /* USE_FAST_MATH */
#endif /* NO_BIG_INT */

19
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/logging.c
View file

@ -1,6 +1,6 @@
/* logging.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,18 +16,19 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
/* submitted by eof */
#include <cyassl/ctaocrypt/settings.h>
#include <cyassl/ctaocrypt/logging.h>
#include <cyassl/ctaocrypt/error.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#ifdef __cplusplus
@ -88,7 +89,11 @@ void CyaSSL_Debugging_OFF(void)
#ifdef DEBUG_CYASSL
#include <stdio.h> /* for default printf stuff */
#ifdef FREESCALE_MQX
#include <fio.h>
#else
#include <stdio.h> /* for default printf stuff */
#endif
#ifdef THREADX
int dc_log_printf(char*, ...);
@ -106,6 +111,10 @@ static void cyassl_log(const int logLevel, const char *const logMessage)
#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
NetSecure_TraceOut((CPU_CHAR *)logMessage);
#endif
#elif defined(CYASSL_MDK_ARM)
fflush(stdout) ;
printf("%s\n", logMessage);
fflush(stdout) ;
#else
fprintf(stderr, "%s\n", logMessage);
#endif

34
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/md2.c
View file

@ -1,6 +1,6 @@
/* md2.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -24,9 +24,13 @@
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#ifdef CYASSL_MD2
#include <cyassl/ctaocrypt/md2.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#ifdef NO_INLINE
#include <cyassl/ctaocrypt/misc.h>
#else
@ -126,4 +130,30 @@ void Md2Final(Md2* md2, byte* hash)
}
int Md2Hash(const byte* data, word32 len, byte* hash)
{
#ifdef CYASSL_SMALL_STACK
Md2* md2;
#else
Md2 md2[1];
#endif
#ifdef CYASSL_SMALL_STACK
md2 = (Md2*)XMALLOC(sizeof(Md2), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (md2 == NULL)
return MEMORY_E;
#endif
InitMd2(md2);
Md2Update(md2, data, len);
Md2Final(md2, hash);
#ifdef CYASSL_SMALL_STACK
XFREE(md2, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return 0;
}
#endif /* CYASSL_MD2 */

11
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/md4.c
View file

@ -1,6 +1,6 @@
/* md4.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,13 +16,14 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#ifndef NO_MD4
@ -160,7 +161,7 @@ void Md4Update(Md4* md4, const byte* data, word32 len)
if (md4->buffLen == MD4_BLOCK_SIZE) {
#ifdef BIG_ENDIAN_ORDER
ByteReverseBytes(local, local, MD4_BLOCK_SIZE);
ByteReverseWords(md4->buffer, md4->buffer, MD4_BLOCK_SIZE);
#endif
Transform(md4);
AddLength(md4, MD4_BLOCK_SIZE);
@ -184,7 +185,7 @@ void Md4Final(Md4* md4, byte* hash)
md4->buffLen += MD4_BLOCK_SIZE - md4->buffLen;
#ifdef BIG_ENDIAN_ORDER
ByteReverseBytes(local, local, MD4_BLOCK_SIZE);
ByteReverseWords(md4->buffer, md4->buffer, MD4_BLOCK_SIZE);
#endif
Transform(md4);
md4->buffLen = 0;
@ -198,7 +199,7 @@ void Md4Final(Md4* md4, byte* hash)
/* store lengths */
#ifdef BIG_ENDIAN_ORDER
ByteReverseBytes(local, local, MD4_BLOCK_SIZE);
ByteReverseWords(md4->buffer, md4->buffer, MD4_BLOCK_SIZE);
#endif
/* ! length ordering dependent on digest endian type ! */
XMEMCPY(&local[MD4_PAD_SIZE], &md4->loLen, sizeof(word32));

189
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/md5.c
View file

@ -1,6 +1,6 @@
/* md5.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -24,7 +24,18 @@
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#if !defined(NO_MD5)
#ifdef CYASSL_PIC32MZ_HASH
#define InitMd5 InitMd5_sw
#define Md5Update Md5Update_sw
#define Md5Final Md5Final_sw
#endif
#include <cyassl/ctaocrypt/md5.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#ifdef NO_INLINE
#include <cyassl/ctaocrypt/misc.h>
@ -32,6 +43,128 @@
#include <ctaocrypt/src/misc.c>
#endif
#ifdef FREESCALE_MMCAU
#include "cau_api.h"
#define XTRANSFORM(S,B) cau_md5_hash_n((B), 1, (unsigned char*)(S)->digest)
#else
#define XTRANSFORM(S,B) Transform((S))
#endif
#ifdef STM32F2_HASH
/*
* STM32F2 hardware MD5 support through the STM32F2 standard peripheral
* library. Documentation located in STM32F2xx Standard Peripheral Library
* document (See note in README).
*/
#include "stm32f2xx.h"
void InitMd5(Md5* md5)
{
/* STM32F2 struct notes:
* md5->buffer = first 4 bytes used to hold partial block if needed
* md5->buffLen = num bytes currently stored in md5->buffer
* md5->loLen = num bytes that have been written to STM32 FIFO
*/
XMEMSET(md5->buffer, 0, MD5_REG_SIZE);
md5->buffLen = 0;
md5->loLen = 0;
/* initialize HASH peripheral */
HASH_DeInit();
/* configure algo used, algo mode, datatype */
HASH->CR &= ~ (HASH_CR_ALGO | HASH_CR_DATATYPE | HASH_CR_MODE);
HASH->CR |= (HASH_AlgoSelection_MD5 | HASH_AlgoMode_HASH
| HASH_DataType_8b);
/* reset HASH processor */
HASH->CR |= HASH_CR_INIT;
}
void Md5Update(Md5* md5, const byte* data, word32 len)
{
word32 i = 0;
word32 fill = 0;
word32 diff = 0;
/* if saved partial block is available */
if (md5->buffLen > 0) {
fill = 4 - md5->buffLen;
/* if enough data to fill, fill and push to FIFO */
if (fill <= len) {
XMEMCPY((byte*)md5->buffer + md5->buffLen, data, fill);
HASH_DataIn(*(uint32_t*)md5->buffer);
data += fill;
len -= fill;
md5->loLen += 4;
md5->buffLen = 0;
} else {
/* append partial to existing stored block */
XMEMCPY((byte*)md5->buffer + md5->buffLen, data, len);
md5->buffLen += len;
return;
}
}
/* write input block in the IN FIFO */
for (i = 0; i < len; i += 4)
{
diff = len - i;
if (diff < 4) {
/* store incomplete last block, not yet in FIFO */
XMEMSET(md5->buffer, 0, MD5_REG_SIZE);
XMEMCPY((byte*)md5->buffer, data, diff);
md5->buffLen = diff;
} else {
HASH_DataIn(*(uint32_t*)data);
data+=4;
}
}
/* keep track of total data length thus far */
md5->loLen += (len - md5->buffLen);
}
void Md5Final(Md5* md5, byte* hash)
{
__IO uint16_t nbvalidbitsdata = 0;
/* finish reading any trailing bytes into FIFO */
if (md5->buffLen > 0) {
HASH_DataIn(*(uint32_t*)md5->buffer);
md5->loLen += md5->buffLen;
}
/* calculate number of valid bits in last word of input data */
nbvalidbitsdata = 8 * (md5->loLen % MD5_REG_SIZE);
/* configure number of valid bits in last word of the data */
HASH_SetLastWordValidBitsNbr(nbvalidbitsdata);
/* start HASH processor */
HASH_StartDigest();
/* wait until Busy flag == RESET */
while (HASH_GetFlagStatus(HASH_FLAG_BUSY) != RESET) {}
/* read message digest */
md5->digest[0] = HASH->HR[0];
md5->digest[1] = HASH->HR[1];
md5->digest[2] = HASH->HR[2];
md5->digest[3] = HASH->HR[3];
ByteReverseWords(md5->digest, md5->digest, MD5_DIGEST_SIZE);
XMEMCPY(hash, md5->digest, MD5_DIGEST_SIZE);
InitMd5(md5); /* reset state */
}
#else /* CTaoCrypt software implementation */
#ifndef min
@ -55,6 +188,7 @@ void InitMd5(Md5* md5)
md5->hiLen = 0;
}
#ifndef FREESCALE_MMCAU
static void Transform(Md5* md5)
{
@ -147,6 +281,8 @@ static void Transform(Md5* md5)
md5->digest[3] += d;
}
#endif /* FREESCALE_MMCAU */
static INLINE void AddLength(Md5* md5, word32 len)
{
@ -170,10 +306,10 @@ void Md5Update(Md5* md5, const byte* data, word32 len)
len -= add;
if (md5->buffLen == MD5_BLOCK_SIZE) {
#ifdef BIG_ENDIAN_ORDER
ByteReverseBytes(local, local, MD5_BLOCK_SIZE);
#if defined(BIG_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
ByteReverseWords(md5->buffer, md5->buffer, MD5_BLOCK_SIZE);
#endif
Transform(md5);
XTRANSFORM(md5, local);
AddLength(md5, MD5_BLOCK_SIZE);
md5->buffLen = 0;
}
@ -185,7 +321,7 @@ void Md5Final(Md5* md5, byte* hash)
{
byte* local = (byte*)md5->buffer;
AddLength(md5, md5->buffLen); /* before adding pads */
AddLength(md5, md5->buffLen); /* before adding pads */
local[md5->buffLen++] = 0x80; /* add 1 */
@ -194,10 +330,10 @@ void Md5Final(Md5* md5, byte* hash)
XMEMSET(&local[md5->buffLen], 0, MD5_BLOCK_SIZE - md5->buffLen);
md5->buffLen += MD5_BLOCK_SIZE - md5->buffLen;
#ifdef BIG_ENDIAN_ORDER
ByteReverseBytes(local, local, MD5_BLOCK_SIZE);
#if defined(BIG_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
ByteReverseWords(md5->buffer, md5->buffer, MD5_BLOCK_SIZE);
#endif
Transform(md5);
XTRANSFORM(md5, local);
md5->buffLen = 0;
}
XMEMSET(&local[md5->buffLen], 0, MD5_PAD_SIZE - md5->buffLen);
@ -208,14 +344,14 @@ void Md5Final(Md5* md5, byte* hash)
md5->loLen = md5->loLen << 3;
/* store lengths */
#ifdef BIG_ENDIAN_ORDER
ByteReverseBytes(local, local, MD5_BLOCK_SIZE);
#if defined(BIG_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
ByteReverseWords(md5->buffer, md5->buffer, MD5_BLOCK_SIZE);
#endif
/* ! length ordering dependent on digest endian type ! */
XMEMCPY(&local[MD5_PAD_SIZE], &md5->loLen, sizeof(word32));
XMEMCPY(&local[MD5_PAD_SIZE + sizeof(word32)], &md5->hiLen, sizeof(word32));
Transform(md5);
XTRANSFORM(md5, local);
#ifdef BIG_ENDIAN_ORDER
ByteReverseWords(md5->digest, md5->digest, MD5_DIGEST_SIZE);
#endif
@ -224,3 +360,32 @@ void Md5Final(Md5* md5, byte* hash)
InitMd5(md5); /* reset state */
}
#endif /* STM32F2_HASH */
int Md5Hash(const byte* data, word32 len, byte* hash)
{
#ifdef CYASSL_SMALL_STACK
Md5* md5;
#else
Md5 md5[1];
#endif
#ifdef CYASSL_SMALL_STACK
md5 = (Md5*)XMALLOC(sizeof(Md5), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (md5 == NULL)
return MEMORY_E;
#endif
InitMd5(md5);
Md5Update(md5, data, len);
Md5Final(md5, hash);
#ifdef CYASSL_SMALL_STACK
XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return 0;
}
#endif /* NO_MD5 */

96
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/memory.c
View file

@ -1,6 +1,6 @@
/* memory.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,23 +16,23 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
/* submitted by eof */
#include <cyassl/ctaocrypt/settings.h>
#ifdef USE_CYASSL_MEMORY
#include <cyassl/ctaocrypt/memory.h>
#include <cyassl/ctaocrypt/error.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#ifdef CYASSL_MALLOC_CHECK
#include <stdio.h>
#endif
/* Set these to default values initially. */
static CyaSSL_Malloc_cb malloc_function = 0;
@ -73,6 +73,11 @@ void* CyaSSL_Malloc(size_t size)
else
res = malloc(size);
#ifdef CYASSL_MALLOC_CHECK
if (res == NULL)
puts("CyaSSL_malloc failed");
#endif
return res;
}
@ -97,3 +102,82 @@ void* CyaSSL_Realloc(void *ptr, size_t size)
}
#endif /* USE_CYASSL_MEMORY */
#ifdef HAVE_IO_POOL
/* Example for user io pool, shared build may need definitions in lib proper */
#include <cyassl/ctaocrypt/types.h>
#include <stdlib.h>
#ifndef HAVE_THREAD_LS
#error "Oops, simple I/O pool example needs thread local storage"
#endif
/* allow simple per thread in and out pools */
/* use 17k size sense max record size is 16k plus overhead */
static THREAD_LS_T byte pool_in[17*1024];
static THREAD_LS_T byte pool_out[17*1024];
void* XMALLOC(size_t n, void* heap, int type)
{
(void)heap;
if (type == DYNAMIC_TYPE_IN_BUFFER) {
if (n < sizeof(pool_in))
return pool_in;
else
return NULL;
}
if (type == DYNAMIC_TYPE_OUT_BUFFER) {
if (n < sizeof(pool_out))
return pool_out;
else
return NULL;
}
return malloc(n);
}
void* XREALLOC(void *p, size_t n, void* heap, int type)
{
(void)heap;
if (type == DYNAMIC_TYPE_IN_BUFFER) {
if (n < sizeof(pool_in))
return pool_in;
else
return NULL;
}
if (type == DYNAMIC_TYPE_OUT_BUFFER) {
if (n < sizeof(pool_out))
return pool_out;
else
return NULL;
}
return realloc(p, n);
}
/* unit api calls, let's make sure visisble with CYASSL_API */
CYASSL_API void XFREE(void *p, void* heap, int type)
{
(void)heap;
if (type == DYNAMIC_TYPE_IN_BUFFER)
return; /* do nothing, static pool */
if (type == DYNAMIC_TYPE_OUT_BUFFER)
return; /* do nothing, static pool */
free(p);
}
#endif /* HAVE_IO_POOL */

36
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/misc.c
View file

@ -1,6 +1,6 @@
/* misc.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,13 +16,15 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#include <cyassl/ctaocrypt/misc.h>
/* inlining these functions is a huge speed increase and a small size decrease,
@ -43,6 +45,8 @@
#include <stdlib.h> /* get intrinsic definitions */
/* for non visual studio probably need no long version, 32 bit only
* i.e., _rotl and _rotr */
#pragma intrinsic(_lrotl, _lrotr)
STATIC INLINE word32 rotlFixed(word32 x, word32 y)
@ -76,6 +80,8 @@ STATIC INLINE word32 ByteReverseWord32(word32 value)
#ifdef PPC_INTRINSICS
/* PPC: load reverse indexed instruction */
return (word32)__lwbrx(&value,0);
#elif defined(KEIL_INTRINSICS)
return (word32)__rev(value);
#elif defined(FAST_ROTATE)
/* 5 instructions with rotate instruction, 9 without */
return (rotrFixed(value, 8U) & 0xff00ff00) |
@ -91,7 +97,7 @@ STATIC INLINE word32 ByteReverseWord32(word32 value)
STATIC INLINE void ByteReverseWords(word32* out, const word32* in,
word32 byteCount)
{
word32 count = byteCount/sizeof(word32), i;
word32 count = byteCount/(word32)sizeof(word32), i;
for (i = 0; i < count; i++)
out[i] = ByteReverseWord32(in[i]);
@ -132,7 +138,7 @@ STATIC INLINE word64 ByteReverseWord64(word64 value)
STATIC INLINE void ByteReverseWords64(word64* out, const word64* in,
word32 byteCount)
{
word32 count = byteCount/sizeof(word64), i;
word32 count = byteCount/(word32)sizeof(word64), i;
for (i = 0; i < count; i++)
out[i] = ByteReverseWord64(in[i]);
@ -142,15 +148,6 @@ STATIC INLINE void ByteReverseWords64(word64* out, const word64* in,
#endif /* WORD64_AVAILABLE */
STATIC INLINE void ByteReverseBytes(byte* out, const byte* in, word32 byteCount)
{
word32* op = (word32*)out;
const word32* ip = (const word32*)in;
ByteReverseWords(op, ip, byteCount);
}
STATIC INLINE void XorWords(word* r, const word* a, word32 n)
{
word32 i;
@ -159,16 +156,17 @@ STATIC INLINE void XorWords(word* r, const word* a, word32 n)
}
STATIC INLINE void xorbuf(byte* buf, const byte* mask, word32 count)
STATIC INLINE void xorbuf(void* buf, const void* mask, word32 count)
{
if (((word)buf | (word)mask | count) % WORD_SIZE == 0)
XorWords( (word*)buf, (const word*)mask, count / WORD_SIZE);
if (((word)buf | (word)mask | count) % CYASSL_WORD_SIZE == 0)
XorWords( (word*)buf, (const word*)mask, count / CYASSL_WORD_SIZE);
else {
word32 i;
for (i = 0; i < count; i++) buf[i] ^= mask[i];
byte* b = (byte*)buf;
const byte* m = (const byte*)mask;
for (i = 0; i < count; i++) b[i] ^= m[i];
}
}
#undef STATIC

1849
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/pkcs7.c Normal file
View file

File diff suppressed because it is too large Load diff

263
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/pwdbased.c
View file

@ -1,6 +1,6 @@
/* pwdbased.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,22 +16,41 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#ifndef NO_PWDBASED
#ifdef CYASSL_PIC32MZ_HASH
#define InitMd5 InitMd5_sw
#define Md5Update Md5Update_sw
#define Md5Final Md5Final_sw
#define InitSha InitSha_sw
#define ShaUpdate ShaUpdate_sw
#define ShaFinal ShaFinal_sw
#define InitSha256 InitSha256_sw
#define Sha256Update Sha256Update_sw
#define Sha256Final Sha256Final_sw
#endif
#include <cyassl/ctaocrypt/pwdbased.h>
#include <cyassl/ctaocrypt/hmac.h>
#include <cyassl/ctaocrypt/integer.h>
#include <cyassl/ctaocrypt/error.h>
#ifdef CYASSL_SHA512
#include <cyassl/ctaocrypt/error-crypt.h>
#if defined(CYASSL_SHA512) || defined(CYASSL_SHA384)
#include <cyassl/ctaocrypt/sha512.h>
#endif
#ifdef NO_INLINE
#include <cyassl/ctaocrypt/misc.h>
#else
@ -54,8 +73,8 @@ int PBKDF1(byte* output, const byte* passwd, int pLen, const byte* salt,
{
Md5 md5;
Sha sha;
int hLen = (hashType == MD5) ? MD5_DIGEST_SIZE : SHA_DIGEST_SIZE;
int i;
int hLen = (hashType == MD5) ? (int)MD5_DIGEST_SIZE : (int)SHA_DIGEST_SIZE;
int i, ret = 0;
byte buffer[SHA_DIGEST_SIZE]; /* max size */
if (hashType != MD5 && hashType != SHA)
@ -74,7 +93,9 @@ int PBKDF1(byte* output, const byte* passwd, int pLen, const byte* salt,
Md5Final(&md5, buffer);
}
else {
InitSha(&sha);
ret = InitSha(&sha);
if (ret != 0)
return ret;
ShaUpdate(&sha, passwd, pLen);
ShaUpdate(&sha, salt, sLen);
ShaFinal(&sha, buffer);
@ -101,9 +122,13 @@ int PBKDF2(byte* output, const byte* passwd, int pLen, const byte* salt,
{
word32 i = 1;
int hLen;
int j;
int j, ret;
Hmac hmac;
byte buffer[INNER_HASH_SIZE]; /* max size */
#ifdef CYASSL_SMALL_STACK
byte* buffer;
#else
byte buffer[MAX_DIGEST_SIZE];
#endif
if (hashType == MD5) {
hLen = MD5_DIGEST_SIZE;
@ -124,36 +149,76 @@ int PBKDF2(byte* output, const byte* passwd, int pLen, const byte* salt,
else
return BAD_FUNC_ARG;
HmacSetKey(&hmac, hashType, passwd, pLen);
#ifdef CYASSL_SMALL_STACK
buffer = (byte*)XMALLOC(MAX_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (buffer == NULL)
return MEMORY_E;
#endif
while (kLen) {
int currentLen;
HmacUpdate(&hmac, salt, sLen);
ret = HmacSetKey(&hmac, hashType, passwd, pLen);
/* encode i */
for (j = 0; j < 4; j++) {
byte b = (byte)(i >> ((3-j) * 8));
HmacUpdate(&hmac, &b, 1);
if (ret == 0) {
while (kLen) {
int currentLen;
ret = HmacUpdate(&hmac, salt, sLen);
if (ret != 0)
break;
/* encode i */
for (j = 0; j < 4; j++) {
byte b = (byte)(i >> ((3-j) * 8));
ret = HmacUpdate(&hmac, &b, 1);
if (ret != 0)
break;
}
/* check ret from inside for loop */
if (ret != 0)
break;
ret = HmacFinal(&hmac, buffer);
if (ret != 0)
break;
currentLen = min(kLen, hLen);
XMEMCPY(output, buffer, currentLen);
for (j = 1; j < iterations; j++) {
ret = HmacUpdate(&hmac, buffer, hLen);
if (ret != 0)
break;
ret = HmacFinal(&hmac, buffer);
if (ret != 0)
break;
xorbuf(output, buffer, currentLen);
}
/* check ret from inside for loop */
if (ret != 0)
break;
output += currentLen;
kLen -= currentLen;
i++;
}
HmacFinal(&hmac, buffer);
currentLen = min(kLen, hLen);
XMEMCPY(output, buffer, currentLen);
for (j = 1; j < iterations; j++) {
HmacUpdate(&hmac, buffer, hLen);
HmacFinal(&hmac, buffer);
xorbuf(output, buffer, currentLen);
}
output += currentLen;
kLen -= currentLen;
i++;
}
return 0;
#ifdef CYASSL_SMALL_STACK
XFREE(buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#ifdef CYASSL_SHA512
#define PBKDF_DIGEST_SIZE SHA512_BLOCK_SIZE
#elif !defined(NO_SHA256)
#define PBKDF_DIGEST_SIZE SHA256_BLOCK_SIZE
#else
#define PBKDF_DIGEST_SIZE SHA_DIGEST_SIZE
#endif
int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt,
int saltLen, int iterations, int kLen, int hashType, int id)
@ -164,17 +229,19 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt,
int ret = 0;
int i;
byte *D, *S, *P, *I;
byte staticBuffer[1024];
byte* buffer = staticBuffer;
#ifdef CYASSL_SHA512
byte Ai[SHA512_DIGEST_SIZE];
byte B[SHA512_BLOCK_SIZE];
#elif !defined(NO_SHA256)
byte Ai[SHA256_DIGEST_SIZE];
byte B[SHA256_BLOCK_SIZE];
#ifdef CYASSL_SMALL_STACK
byte staticBuffer[1]; /* force dynamic usage */
#else
byte Ai[SHA_DIGEST_SIZE];
byte B[SHA_BLOCK_SIZE];
byte staticBuffer[1024];
#endif
byte* buffer = staticBuffer;
#ifdef CYASSL_SMALL_STACK
byte* Ai;
byte* B;
#else
byte Ai[PBKDF_DIGEST_SIZE];
byte B[PBKDF_DIGEST_SIZE];
#endif
if (!iterations)
@ -201,7 +268,19 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt,
}
#endif
else
return BAD_FUNC_ARG;
return BAD_FUNC_ARG;
#ifdef CYASSL_SMALL_STACK
Ai = (byte*)XMALLOC(PBKDF_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (Ai == NULL)
return MEMORY_E;
B = (byte*)XMALLOC(PBKDF_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (B == NULL) {
XFREE(Ai, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return MEMORY_E;
}
#endif
dLen = v;
sLen = v * ((saltLen + v - 1) / v);
@ -215,7 +294,13 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt,
if (totalLen > sizeof(staticBuffer)) {
buffer = (byte*)XMALLOC(totalLen, 0, DYNAMIC_TYPE_KEY);
if (buffer == NULL) return MEMORY_E;
if (buffer == NULL) {
#ifdef CYASSL_SMALL_STACK
XFREE(Ai, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(B, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return MEMORY_E;
}
dynamic = 1;
}
@ -236,11 +321,23 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt,
mp_int B1;
if (hashType == MD5) {
Md5 md5;
InitMd5(&md5);
Md5Update(&md5, buffer, totalLen);
Md5Final(&md5, Ai);
for (i = 1; i < iterations; i++) {
Md5Update(&md5, Ai, u);
Md5Final(&md5, Ai);
}
}
else if (hashType == SHA) {
Sha sha;
InitSha(&sha);
ret = InitSha(&sha);
if (ret != 0)
break;
ShaUpdate(&sha, buffer, totalLen);
ShaFinal(&sha, Ai);
@ -251,21 +348,70 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt,
}
#ifndef NO_SHA256
else if (hashType == SHA256) {
Sha256 sha256;
ret = InitSha256(&sha256);
if (ret != 0)
break;
ret = Sha256Update(&sha256, buffer, totalLen);
if (ret != 0)
break;
ret = Sha256Final(&sha256, Ai);
if (ret != 0)
break;
for (i = 1; i < iterations; i++) {
ret = Sha256Update(&sha256, Ai, u);
if (ret != 0)
break;
ret = Sha256Final(&sha256, Ai);
if (ret != 0)
break;
}
}
#endif
#ifdef CYASSL_SHA512
else if (hashType == SHA512) {
Sha512 sha512;
ret = InitSha512(&sha512);
if (ret != 0)
break;
ret = Sha512Update(&sha512, buffer, totalLen);
if (ret != 0)
break;
ret = Sha512Final(&sha512, Ai);
if (ret != 0)
break;
for (i = 1; i < iterations; i++) {
ret = Sha512Update(&sha512, Ai, u);
if (ret != 0)
break;
ret = Sha512Final(&sha512, Ai);
if (ret != 0)
break;
}
}
#endif
for (i = 0; i < (int)v; i++)
B[i] = Ai[i % u];
mp_init(&B1);
if (mp_read_unsigned_bin(&B1, B, v) != MP_OKAY)
if (mp_init(&B1) != MP_OKAY)
ret = MP_INIT_E;
else if (mp_read_unsigned_bin(&B1, B, v) != MP_OKAY)
ret = MP_READ_E;
else if (mp_add_d(&B1, (mp_digit)1, &B1) != MP_OKAY) {
else if (mp_add_d(&B1, (mp_digit)1, &B1) != MP_OKAY)
ret = MP_ADD_E;
if (ret != 0) {
mp_clear(&B1);
break;
}
@ -275,9 +421,10 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt,
mp_int i1;
mp_int res;
mp_init(&i1);
mp_init(&res);
if (mp_init_multi(&i1, &res, NULL, NULL, NULL, NULL) != MP_OKAY) {
ret = MP_INIT_E;
break;
}
if (mp_read_unsigned_bin(&i1, I + i, v) != MP_OKAY)
ret = MP_READ_E;
else if (mp_add(&i1, &B1, &res) != MP_OKAY)
@ -288,15 +435,15 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt,
if (outSz > (int)v) {
/* take off MSB */
byte tmp[129];
mp_to_unsigned_bin(&res, tmp);
ret = mp_to_unsigned_bin(&res, tmp);
XMEMCPY(I + i, tmp + 1, v);
}
else if (outSz < (int)v) {
XMEMSET(I + i, 0, v - outSz);
mp_to_unsigned_bin(&res, I + i + v - outSz);
ret = mp_to_unsigned_bin(&res, I + i + v - outSz);
}
else
mp_to_unsigned_bin(&res, I + i);
ret = mp_to_unsigned_bin(&res, I + i);
}
mp_clear(&i1);
@ -312,8 +459,16 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt,
}
if (dynamic) XFREE(buffer, 0, DYNAMIC_TYPE_KEY);
#ifdef CYASSL_SMALL_STACK
XFREE(Ai, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(B, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#undef PBKDF_DIGEST_SIZE
#endif /* NO_PWDBASED */

86
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/rabbit.c
View file

@ -1,6 +1,6 @@
/* rabbit.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,16 +16,20 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#ifndef NO_RABBIT
#include <cyassl/ctaocrypt/rabbit.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#include <cyassl/ctaocrypt/logging.h>
#ifdef NO_INLINE
#include <cyassl/ctaocrypt/misc.h>
#else
@ -39,7 +43,7 @@
#define LITTLE32(x) (x)
#endif
#define U32V(x) (word32)(x)
#define U32V(x) ((word32)(x) & 0xFFFFFFFFU)
/* Square a 32-bit unsigned integer to obtain the 64-bit result and return */
@ -100,14 +104,20 @@ static void RABBIT_next_state(RabbitCtx* ctx)
/* IV setup */
static void RabbitSetIV(Rabbit* ctx, const byte* iv)
static void RabbitSetIV(Rabbit* ctx, const byte* inIv)
{
/* Temporary variables */
word32 i0, i1, i2, i3, i;
word32 iv[2];
if (inIv)
XMEMCPY(iv, inIv, sizeof(iv));
else
XMEMSET(iv, 0, sizeof(iv));
/* Generate four subvectors */
i0 = LITTLE32(*(word32*)(iv+0));
i2 = LITTLE32(*(word32*)(iv+4));
i0 = LITTLE32(iv[0]);
i2 = LITTLE32(iv[1]);
i1 = (i0>>16) | (i2&0xFFFF0000);
i3 = (i2<<16) | (i0&0x0000FFFF);
@ -133,7 +143,7 @@ static void RabbitSetIV(Rabbit* ctx, const byte* iv)
/* Key setup */
void RabbitSetKey(Rabbit* ctx, const byte* key, const byte* iv)
static INLINE int DoKey(Rabbit* ctx, const byte* key, const byte* iv)
{
/* Temporary variables */
word32 k0, k1, k2, k3, i;
@ -182,14 +192,36 @@ void RabbitSetKey(Rabbit* ctx, const byte* key, const byte* iv)
}
ctx->workCtx.carry = ctx->masterCtx.carry;
if (iv) RabbitSetIV(ctx, iv);
RabbitSetIV(ctx, iv);
return 0;
}
/* Key setup */
int RabbitSetKey(Rabbit* ctx, const byte* key, const byte* iv)
{
#ifdef XSTREAM_ALIGN
if ((word)key % 4) {
int alignKey[4];
/* iv aligned in SetIV */
CYASSL_MSG("RabbitSetKey unaligned key");
XMEMCPY(alignKey, key, sizeof(alignKey));
return DoKey(ctx, (const byte*)alignKey, iv);
}
#endif /* XSTREAM_ALIGN */
return DoKey(ctx, key, iv);
}
/* Encrypt/decrypt a message of any size */
void RabbitProcess(Rabbit* ctx, byte* output, const byte* input, word32 msglen)
static INLINE int DoProcess(Rabbit* ctx, byte* output, const byte* input,
word32 msglen)
{
/* Encrypt/decrypt all full blocks */
while (msglen >= 16) {
/* Iterate the system */
@ -210,7 +242,7 @@ void RabbitProcess(Rabbit* ctx, byte* output, const byte* input, word32 msglen)
U32V(ctx->workCtx.x[1]<<16));
/* Increment pointers and decrement length */
input += 16;
input += 16;
output += 16;
msglen -= 16;
}
@ -222,6 +254,8 @@ void RabbitProcess(Rabbit* ctx, byte* output, const byte* input, word32 msglen)
word32 tmp[4];
byte* buffer = (byte*)tmp;
XMEMSET(tmp, 0, sizeof(tmp)); /* help static analysis */
/* Iterate the system */
RABBIT_next_state(&(ctx->workCtx));
@ -239,8 +273,38 @@ void RabbitProcess(Rabbit* ctx, byte* output, const byte* input, word32 msglen)
for (i=0; i<msglen; i++)
output[i] = input[i] ^ buffer[i];
}
return 0;
}
/* Encrypt/decrypt a message of any size */
int RabbitProcess(Rabbit* ctx, byte* output, const byte* input, word32 msglen)
{
#ifdef XSTREAM_ALIGN
if ((word)input % 4 || (word)output % 4) {
#ifndef NO_CYASSL_ALLOC_ALIGN
byte* tmp;
CYASSL_MSG("RabbitProcess unaligned");
tmp = (byte*)XMALLOC(msglen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (tmp == NULL) return MEMORY_E;
XMEMCPY(tmp, input, msglen);
DoProcess(ctx, tmp, tmp, msglen);
XMEMCPY(output, tmp, msglen);
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return 0;
#else
return BAD_ALIGN_E;
#endif
}
#endif /* XSTREAM_ALIGN */
return DoProcess(ctx, output, input, msglen);
}
#endif /* NO_RABBIT */

751
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/random.c
View file

@ -1,6 +1,6 @@
/* random.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,21 +16,38 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
/* on HPUX 11 you may need to install /dev/random see
http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=KRNG11I
*/
#include <cyassl/ctaocrypt/random.h>
#include <cyassl/ctaocrypt/error.h>
#ifdef HAVE_FIPS
/* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
#define FIPS_NO_WRAPPERS
#endif
#include <cyassl/ctaocrypt/random.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
#include <cyassl/ctaocrypt/sha256.h>
#ifdef NO_INLINE
#include <cyassl/ctaocrypt/misc.h>
#else
#include <ctaocrypt/src/misc.c>
#endif
#endif /* HAVE_HASHDRBG || NO_RC4 */
#if defined(USE_WINDOWS_API)
#ifndef _WIN32_WINNT
@ -39,27 +56,284 @@
#include <windows.h>
#include <wincrypt.h>
#else
#ifndef NO_DEV_RANDOM
#include <fcntl.h>
#include <unistd.h>
#if !defined(NO_DEV_RANDOM) && !defined(CYASSL_MDK_ARM) \
&& !defined(CYASSL_IAR_ARM)
#include <fcntl.h>
#ifndef EBSNET
#include <unistd.h>
#endif
#else
/* include headers that may be needed to get good seed */
#endif
#endif /* USE_WINDOWS_API */
#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
/* Start NIST DRBG code */
#define OUTPUT_BLOCK_LEN (SHA256_DIGEST_SIZE)
#define MAX_REQUEST_LEN (0x10000)
#define RESEED_INTERVAL (1000000)
#define SECURITY_STRENGTH (256)
#define ENTROPY_SZ (SECURITY_STRENGTH/8)
#define NONCE_SZ (ENTROPY_SZ/2)
#define ENTROPY_NONCE_SZ (ENTROPY_SZ+NONCE_SZ)
/* Internal return codes */
#define DRBG_SUCCESS 0
#define DRBG_ERROR 1
#define DRBG_FAILURE 2
#define DRBG_NEED_RESEED 3
/* RNG health states */
#define DRBG_NOT_INIT 0
#define DRBG_OK 1
#define DRBG_FAILED 2
enum {
drbgInitC = 0,
drbgReseed = 1,
drbgGenerateW = 2,
drbgGenerateH = 3,
drbgInitV
};
/* Hash Derivation Function */
/* Returns: DRBG_SUCCESS or DRBG_FAILURE */
static int Hash_df(RNG* rng, byte* out, word32 outSz, byte type,
const byte* inA, word32 inASz,
const byte* inB, word32 inBSz)
{
byte ctr;
int i;
int len;
word32 bits = (outSz * 8); /* reverse byte order */
#ifdef LITTLE_ENDIAN_ORDER
bits = ByteReverseWord32(bits);
#endif
len = (outSz / OUTPUT_BLOCK_LEN)
+ ((outSz % OUTPUT_BLOCK_LEN) ? 1 : 0);
for (i = 0, ctr = 1; i < len; i++, ctr++)
{
if (InitSha256(&rng->sha) != 0)
return DRBG_FAILURE;
if (Sha256Update(&rng->sha, &ctr, sizeof(ctr)) != 0)
return DRBG_FAILURE;
if (Sha256Update(&rng->sha, (byte*)&bits, sizeof(bits)) != 0)
return DRBG_FAILURE;
/* churning V is the only string that doesn't have
* the type added */
if (type != drbgInitV)
if (Sha256Update(&rng->sha, &type, sizeof(type)) != 0)
return DRBG_FAILURE;
if (Sha256Update(&rng->sha, inA, inASz) != 0)
return DRBG_FAILURE;
if (inB != NULL && inBSz > 0)
if (Sha256Update(&rng->sha, inB, inBSz) != 0)
return DRBG_FAILURE;
if (Sha256Final(&rng->sha, rng->digest) != 0)
return DRBG_FAILURE;
if (outSz > OUTPUT_BLOCK_LEN) {
XMEMCPY(out, rng->digest, OUTPUT_BLOCK_LEN);
outSz -= OUTPUT_BLOCK_LEN;
out += OUTPUT_BLOCK_LEN;
}
else {
XMEMCPY(out, rng->digest, outSz);
}
}
return DRBG_SUCCESS;
}
/* Returns: DRBG_SUCCESS or DRBG_FAILURE */
static int Hash_DRBG_Reseed(RNG* rng, const byte* entropy, word32 entropySz)
{
byte seed[DRBG_SEED_LEN];
if (Hash_df(rng, seed, sizeof(seed), drbgReseed, rng->V, sizeof(rng->V),
entropy, entropySz) != DRBG_SUCCESS) {
return DRBG_FAILURE;
}
XMEMCPY(rng->V, seed, sizeof(rng->V));
XMEMSET(seed, 0, sizeof(seed));
if (Hash_df(rng, rng->C, sizeof(rng->C), drbgInitC, rng->V,
sizeof(rng->V), NULL, 0) != DRBG_SUCCESS) {
return DRBG_FAILURE;
}
rng->reseedCtr = 1;
return DRBG_SUCCESS;
}
static INLINE void array_add_one(byte* data, word32 dataSz)
{
int i;
for (i = dataSz - 1; i >= 0; i--)
{
data[i]++;
if (data[i] != 0) break;
}
}
/* Returns: DRBG_SUCCESS or DRBG_FAILURE */
static int Hash_gen(RNG* rng, byte* out, word32 outSz, const byte* V)
{
byte data[DRBG_SEED_LEN];
int i;
int len = (outSz / OUTPUT_BLOCK_LEN)
+ ((outSz % OUTPUT_BLOCK_LEN) ? 1 : 0);
XMEMCPY(data, V, sizeof(data));
for (i = 0; i < len; i++) {
if (InitSha256(&rng->sha) != 0 ||
Sha256Update(&rng->sha, data, sizeof(data)) != 0 ||
Sha256Final(&rng->sha, rng->digest) != 0) {
return DRBG_FAILURE;
}
if (outSz > OUTPUT_BLOCK_LEN) {
XMEMCPY(out, rng->digest, OUTPUT_BLOCK_LEN);
outSz -= OUTPUT_BLOCK_LEN;
out += OUTPUT_BLOCK_LEN;
array_add_one(data, DRBG_SEED_LEN);
}
else {
XMEMCPY(out, rng->digest, outSz);
}
}
XMEMSET(data, 0, sizeof(data));
return DRBG_SUCCESS;
}
static INLINE void array_add(byte* d, word32 dLen, const byte* s, word32 sLen)
{
word16 carry = 0;
if (dLen > 0 && sLen > 0 && dLen >= sLen) {
int sIdx, dIdx;
for (sIdx = sLen - 1, dIdx = dLen - 1; sIdx >= 0; dIdx--, sIdx--)
{
carry += d[dIdx] + s[sIdx];
d[dIdx] = carry;
carry >>= 8;
}
if (dIdx > 0)
d[dIdx] += carry;
}
}
/* Returns: DRBG_SUCCESS, DRBG_NEED_RESEED, or DRBG_FAILURE */
static int Hash_DRBG_Generate(RNG* rng, byte* out, word32 outSz)
{
int ret = DRBG_NEED_RESEED;
if (rng->reseedCtr != RESEED_INTERVAL) {
byte type = drbgGenerateH;
word32 reseedCtr = rng->reseedCtr;
rng->reseedCtr++;
if (Hash_gen(rng, out, outSz, rng->V) != 0 ||
InitSha256(&rng->sha) != 0 ||
Sha256Update(&rng->sha, &type, sizeof(type)) != 0 ||
Sha256Update(&rng->sha, rng->V, sizeof(rng->V)) != 0 ||
Sha256Final(&rng->sha, rng->digest) != 0) {
ret = DRBG_FAILURE;
}
else {
array_add(rng->V, sizeof(rng->V), rng->digest, sizeof(rng->digest));
array_add(rng->V, sizeof(rng->V), rng->C, sizeof(rng->C));
#ifdef LITTLE_ENDIAN_ORDER
reseedCtr = ByteReverseWord32(reseedCtr);
#endif
array_add(rng->V, sizeof(rng->V),
(byte*)&reseedCtr, sizeof(reseedCtr));
ret = DRBG_SUCCESS;
}
}
return ret;
}
/* Returns: DRBG_SUCCESS or DRBG_FAILURE */
static int Hash_DRBG_Instantiate(RNG* rng, const byte* seed, word32 seedSz,
const byte* nonce, word32 nonceSz)
{
int ret = DRBG_FAILURE;
XMEMSET(rng, 0, sizeof(*rng));
if (Hash_df(rng, rng->V, sizeof(rng->V), drbgInitV, seed, seedSz,
nonce, nonceSz) == DRBG_SUCCESS &&
Hash_df(rng, rng->C, sizeof(rng->C), drbgInitC, rng->V,
sizeof(rng->V), NULL, 0) == DRBG_SUCCESS) {
rng->reseedCtr = 1;
ret = DRBG_SUCCESS;
}
return ret;
}
/* Returns: DRBG_SUCCESS */
static int Hash_DRBG_Uninstantiate(RNG* rng)
{
XMEMSET(rng, 0, sizeof(*rng));
return DRBG_SUCCESS;
}
/* End NIST DRBG Code */
/* Get seed and key cipher */
int InitRng(RNG* rng)
{
byte key[32];
byte junk[256];
int ret = BAD_FUNC_ARG;
int ret = GenerateSeed(&rng->seed, key, sizeof(key));
if (rng != NULL) {
byte entropy[ENTROPY_NONCE_SZ];
if (ret == 0) {
Arc4SetKey(&rng->cipher, key, sizeof(key));
RNG_GenerateBlock(rng, junk, sizeof(junk)); /* rid initial state */
/* This doesn't use a separate nonce. The entropy input will be
* the default size plus the size of the nonce making the seed
* size. */
if (GenerateSeed(&rng->seed, entropy, ENTROPY_NONCE_SZ) == 0 &&
Hash_DRBG_Instantiate(rng, entropy, ENTROPY_NONCE_SZ,
NULL, 0) == DRBG_SUCCESS) {
rng->status = DRBG_OK;
ret = 0;
}
else {
rng->status = DRBG_FAILED;
ret = RNG_FAILURE_E;
}
XMEMSET(entropy, 0, ENTROPY_NONCE_SZ);
}
return ret;
@ -67,22 +341,221 @@ int InitRng(RNG* rng)
/* place a generated block in output */
void RNG_GenerateBlock(RNG* rng, byte* output, word32 sz)
int RNG_GenerateBlock(RNG* rng, byte* output, word32 sz)
{
int ret;
if (rng == NULL || output == NULL || sz > MAX_REQUEST_LEN)
return BAD_FUNC_ARG;
if (rng->status != DRBG_OK)
return RNG_FAILURE_E;
ret = Hash_DRBG_Generate(rng, output, sz);
if (ret == DRBG_SUCCESS) {
ret = 0;
}
else if (ret == DRBG_NEED_RESEED) {
byte entropy[ENTROPY_SZ];
if (GenerateSeed(&rng->seed, entropy, ENTROPY_SZ) == 0 &&
Hash_DRBG_Reseed(rng, entropy, ENTROPY_SZ) == DRBG_SUCCESS &&
Hash_DRBG_Generate(rng, output, sz) == DRBG_SUCCESS) {
ret = 0;
}
else {
ret = RNG_FAILURE_E;
rng->status = DRBG_FAILED;
}
XMEMSET(entropy, 0, ENTROPY_SZ);
}
else {
ret = RNG_FAILURE_E;
rng->status = DRBG_FAILED;
}
return ret;
}
int RNG_GenerateByte(RNG* rng, byte* b)
{
return RNG_GenerateBlock(rng, b, 1);
}
int FreeRng(RNG* rng)
{
int ret = BAD_FUNC_ARG;
if (rng != NULL) {
if (Hash_DRBG_Uninstantiate(rng) == DRBG_SUCCESS)
ret = 0;
else
ret = RNG_FAILURE_E;
}
return ret;
}
int RNG_HealthTest(int reseed, const byte* entropyA, word32 entropyASz,
const byte* entropyB, word32 entropyBSz,
const byte* output, word32 outputSz)
{
RNG rng;
byte check[SHA256_DIGEST_SIZE * 4];
if (Hash_DRBG_Instantiate(&rng, entropyA, entropyASz, NULL, 0) != 0)
return -1;
if (reseed) {
if (Hash_DRBG_Reseed(&rng, entropyB, entropyBSz) != 0) {
Hash_DRBG_Uninstantiate(&rng);
return -1;
}
}
if (Hash_DRBG_Generate(&rng, check, sizeof(check)) != 0) {
Hash_DRBG_Uninstantiate(&rng);
return -1;
}
if (Hash_DRBG_Generate(&rng, check, sizeof(check)) != 0) {
Hash_DRBG_Uninstantiate(&rng);
return -1;
}
if (outputSz != sizeof(check) || XMEMCMP(output, check, sizeof(check))) {
Hash_DRBG_Uninstantiate(&rng);
return -1;
}
Hash_DRBG_Uninstantiate(&rng);
return 0;
}
#else /* HAVE_HASHDRBG || NO_RC4 */
/* Get seed and key cipher */
int InitRng(RNG* rng)
{
int ret;
#ifdef CYASSL_SMALL_STACK
byte* key;
byte* junk;
#else
byte key[32];
byte junk[256];
#endif
#ifdef HAVE_CAVIUM
if (rng->magic == CYASSL_RNG_CAVIUM_MAGIC)
return 0;
#endif
#ifdef CYASSL_SMALL_STACK
key = (byte*)XMALLOC(32, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (key == NULL)
return MEMORY_E;
junk = (byte*)XMALLOC(256, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (junk == NULL) {
XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return MEMORY_E;
}
#endif
ret = GenerateSeed(&rng->seed, key, 32);
if (ret == 0) {
Arc4SetKey(&rng->cipher, key, sizeof(key));
ret = RNG_GenerateBlock(rng, junk, 256); /*rid initial state*/
}
#ifdef CYASSL_SMALL_STACK
XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(junk, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#ifdef HAVE_CAVIUM
static void CaviumRNG_GenerateBlock(RNG* rng, byte* output, word32 sz);
#endif
/* place a generated block in output */
int RNG_GenerateBlock(RNG* rng, byte* output, word32 sz)
{
#ifdef HAVE_CAVIUM
if (rng->magic == CYASSL_RNG_CAVIUM_MAGIC)
return CaviumRNG_GenerateBlock(rng, output, sz);
#endif
XMEMSET(output, 0, sz);
Arc4Process(&rng->cipher, output, output, sz);
return 0;
}
byte RNG_GenerateByte(RNG* rng)
int RNG_GenerateByte(RNG* rng, byte* b)
{
byte b;
RNG_GenerateBlock(rng, &b, 1);
return b;
return RNG_GenerateBlock(rng, b, 1);
}
#ifdef HAVE_CAVIUM
#include <cyassl/ctaocrypt/logging.h>
#include "cavium_common.h"
/* Initiliaze RNG for use with Nitrox device */
int InitRngCavium(RNG* rng, int devId)
{
if (rng == NULL)
return -1;
rng->devId = devId;
rng->magic = CYASSL_RNG_CAVIUM_MAGIC;
return 0;
}
static void CaviumRNG_GenerateBlock(RNG* rng, byte* output, word32 sz)
{
word offset = 0;
word32 requestId;
while (sz > CYASSL_MAX_16BIT) {
word16 slen = (word16)CYASSL_MAX_16BIT;
if (CspRandom(CAVIUM_BLOCKING, slen, output + offset, &requestId,
rng->devId) != 0) {
CYASSL_MSG("Cavium RNG failed");
}
sz -= CYASSL_MAX_16BIT;
offset += CYASSL_MAX_16BIT;
}
if (sz) {
word16 slen = (word16)sz;
if (CspRandom(CAVIUM_BLOCKING, slen, output + offset, &requestId,
rng->devId) != 0) {
CYASSL_MSG("Cavium RNG failed");
}
}
}
#endif /* HAVE_CAVIUM */
#endif /* HAVE_HASHDRBG || NO_RC4 */
#if defined(USE_WINDOWS_API)
@ -101,7 +574,7 @@ int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
}
#elif defined(THREADX)
#elif defined(HAVE_RTP_SYS) || defined(EBSNET)
#include "rtprand.h" /* rtp_rand () */
#include "rtptime.h" /* rtp_get_system_msec() */
@ -144,12 +617,244 @@ int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
return 0;
}
#elif defined(MICROCHIP_PIC32)
#ifdef MICROCHIP_MPLAB_HARMONY
#define PIC32_SEED_COUNT _CP0_GET_COUNT
#else
#if !defined(CYASSL_MICROCHIP_PIC32MZ)
#include <peripheral/timer.h>
#endif
#define PIC32_SEED_COUNT ReadCoreTimer
#endif
#ifdef CYASSL_MIC32MZ_RNG
#include "xc.h"
int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{
int i ;
byte rnd[8] ;
word32 *rnd32 = (word32 *)rnd ;
word32 size = sz ;
byte* op = output ;
/* This part has to be replaced with better random seed */
RNGNUMGEN1 = ReadCoreTimer();
RNGPOLY1 = ReadCoreTimer();
RNGPOLY2 = ReadCoreTimer();
RNGNUMGEN2 = ReadCoreTimer();
#ifdef DEBUG_CYASSL
printf("GenerateSeed::Seed=%08x, %08x\n", RNGNUMGEN1, RNGNUMGEN2) ;
#endif
RNGCONbits.PLEN = 0x40;
RNGCONbits.PRNGEN = 1;
for(i=0; i<5; i++) { /* wait for RNGNUMGEN ready */
volatile int x ;
x = RNGNUMGEN1 ;
x = RNGNUMGEN2 ;
}
do {
rnd32[0] = RNGNUMGEN1;
rnd32[1] = RNGNUMGEN2;
for(i=0; i<8; i++, op++) {
*op = rnd[i] ;
size -- ;
if(size==0)break ;
}
} while(size) ;
return 0;
}
#else /* CYASSL_MIC32MZ_RNG */
/* uses the core timer, in nanoseconds to seed srand */
int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{
int i;
srand(PIC32_SEED_COUNT() * 25);
for (i = 0; i < sz; i++ ) {
output[i] = rand() % 256;
if ( (i % 8) == 7)
srand(PIC32_SEED_COUNT() * 25);
}
return 0;
}
#endif /* CYASSL_MIC32MZ_RNG */
#elif defined(FREESCALE_MQX)
#ifdef FREESCALE_K70_RNGA
/*
* Generates a RNG seed using the Random Number Generator Accelerator
* on the Kinetis K70. Documentation located in Chapter 37 of
* K70 Sub-Family Reference Manual (see Note 3 in the README for link).
*/
int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{
int i;
/* turn on RNGA module */
SIM_SCGC3 |= SIM_SCGC3_RNGA_MASK;
/* set SLP bit to 0 - "RNGA is not in sleep mode" */
RNG_CR &= ~RNG_CR_SLP_MASK;
/* set HA bit to 1 - "security violations masked" */
RNG_CR |= RNG_CR_HA_MASK;
/* set GO bit to 1 - "output register loaded with data" */
RNG_CR |= RNG_CR_GO_MASK;
for (i = 0; i < sz; i++) {
/* wait for RNG FIFO to be full */
while((RNG_SR & RNG_SR_OREG_LVL(0xF)) == 0) {}
/* get value */
output[i] = RNG_OR;
}
return 0;
}
#elif defined(FREESCALE_K53_RNGB)
/*
* Generates a RNG seed using the Random Number Generator (RNGB)
* on the Kinetis K53. Documentation located in Chapter 33 of
* K53 Sub-Family Reference Manual (see note in the README for link).
*/
int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{
int i;
/* turn on RNGB module */
SIM_SCGC3 |= SIM_SCGC3_RNGB_MASK;
/* reset RNGB */
RNG_CMD |= RNG_CMD_SR_MASK;
/* FIFO generate interrupt, return all zeros on underflow,
* set auto reseed */
RNG_CR |= (RNG_CR_FUFMOD_MASK | RNG_CR_AR_MASK);
/* gen seed, clear interrupts, clear errors */
RNG_CMD |= (RNG_CMD_GS_MASK | RNG_CMD_CI_MASK | RNG_CMD_CE_MASK);
/* wait for seeding to complete */
while ((RNG_SR & RNG_SR_SDN_MASK) == 0) {}
for (i = 0; i < sz; i++) {
/* wait for a word to be available from FIFO */
while((RNG_SR & RNG_SR_FIFO_LVL_MASK) == 0) {}
/* get value */
output[i] = RNG_OUT;
}
return 0;
}
#else
#warning "write a real random seed!!!!, just for testing now"
int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{
int i;
for (i = 0; i < sz; i++ )
output[i] = i;
return 0;
}
#endif /* FREESCALE_K70_RNGA */
#elif defined(CYASSL_SAFERTOS) || defined(CYASSL_LEANPSK) \
|| defined(CYASSL_IAR_ARM) || defined(CYASSL_MDK_ARM)
#warning "write a real random seed!!!!, just for testing now"
int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{
word32 i;
for (i = 0; i < sz; i++ )
output[i] = i;
(void)os;
return 0;
}
#elif defined(STM32F2_RNG)
#undef RNG
#include "stm32f2xx_rng.h"
#include "stm32f2xx_rcc.h"
/*
* Generate a RNG seed using the hardware random number generator
* on the STM32F2. Documentation located in STM32F2xx Standard Peripheral
* Library document (See note in README).
*/
int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{
int i;
/* enable RNG clock source */
RCC_AHB2PeriphClockCmd(RCC_AHB2Periph_RNG, ENABLE);
/* enable RNG peripheral */
RNG_Cmd(ENABLE);
for (i = 0; i < sz; i++) {
/* wait until RNG number is ready */
while(RNG_GetFlagStatus(RNG_FLAG_DRDY)== RESET) { }
/* get value */
output[i] = RNG_GetRandomNumber();
}
return 0;
}
#elif defined(CYASSL_LPC43xx) || defined(CYASSL_STM32F2xx)
#warning "write a real random seed!!!!, just for testing now"
int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{
int i;
for (i = 0; i < sz; i++ )
output[i] = i;
return 0;
}
#elif defined(CUSTOM_RAND_GENERATE)
/* Implement your own random generation function
* word32 rand_gen(void);
* #define CUSTOM_RAND_GENERATE rand_gen */
int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{
int i;
for (i = 0; i < sz; i++ )
output[i] = CUSTOM_RAND_GENERATE();
return 0;
}
#elif defined(NO_DEV_RANDOM)
#error "you need to write an os specific GenerateSeed() here"
/*
int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{
return 0;
}
*/
#else /* !USE_WINDOWS_API && !THREADX && !MICRIUM && !NO_DEV_RANDOM */
#else /* !USE_WINDOWS_API && !HAVE_RPT_SYS && !MICRIUM && !NO_DEV_RANDOM */
/* may block */
@ -166,8 +871,8 @@ int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
}
while (sz) {
int len = read(os->fd, output, sz);
if (len == -1) {
int len = (int)read(os->fd, output, sz);
if (len == -1) {
ret = READ_RAN_E;
break;
}

13
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/ripemd.c
View file

@ -1,6 +1,6 @@
/* ripemd.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -24,6 +24,8 @@
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#ifdef CYASSL_RIPEMD
#include <cyassl/ctaocrypt/ripemd.h>
@ -293,7 +295,8 @@ void RipeMdUpdate(RipeMd* ripemd, const byte* data, word32 len)
if (ripemd->buffLen == RIPEMD_BLOCK_SIZE) {
#ifdef BIG_ENDIAN_ORDER
ByteReverseBytes(local, local, RIPEMD_BLOCK_SIZE);
ByteReverseWords(ripemd->buffer, ripemd->buffer,
RIPEMD_BLOCK_SIZE);
#endif
Transform(ripemd);
AddLength(ripemd, RIPEMD_BLOCK_SIZE);
@ -317,7 +320,7 @@ void RipeMdFinal(RipeMd* ripemd, byte* hash)
ripemd->buffLen += RIPEMD_BLOCK_SIZE - ripemd->buffLen;
#ifdef BIG_ENDIAN_ORDER
ByteReverseBytes(local, local, RIPEMD_BLOCK_SIZE);
ByteReverseWords(ripemd->buffer, ripemd->buffer, RIPEMD_BLOCK_SIZE);
#endif
Transform(ripemd);
ripemd->buffLen = 0;
@ -331,7 +334,7 @@ void RipeMdFinal(RipeMd* ripemd, byte* hash)
/* store lengths */
#ifdef BIG_ENDIAN_ORDER
ByteReverseBytes(local, local, RIPEMD_BLOCK_SIZE);
ByteReverseWords(ripemd->buffer, ripemd->buffer, RIPEMD_BLOCK_SIZE);
#endif
/* ! length ordering dependent on digest endian type ! */
XMEMCPY(&local[RIPEMD_PAD_SIZE], &ripemd->loLen, sizeof(word32));

309
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/rsa.c
View file

@ -1,6 +1,6 @@
/* rsa.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -24,15 +24,40 @@
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#ifndef NO_RSA
#ifdef HAVE_FIPS
/* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
#define FIPS_NO_WRAPPERS
#endif
#include <cyassl/ctaocrypt/rsa.h>
#include <cyassl/ctaocrypt/random.h>
#include <cyassl/ctaocrypt/error.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#include <cyassl/ctaocrypt/logging.h>
#ifdef SHOW_GEN
#include <stdio.h>
#ifdef FREESCALE_MQX
#include <fio.h>
#else
#include <stdio.h>
#endif
#endif
#ifdef HAVE_CAVIUM
static int InitCaviumRsaKey(RsaKey* key, void* heap);
static int FreeCaviumRsaKey(RsaKey* key);
static int CaviumRsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key);
static int CaviumRsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key);
static int CaviumRsaSSL_Sign(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key);
static int CaviumRsaSSL_Verify(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key);
#endif
enum {
RSA_PUBLIC_ENCRYPT = 0,
@ -50,8 +75,13 @@ enum {
};
void InitRsaKey(RsaKey* key, void* heap)
int InitRsaKey(RsaKey* key, void* heap)
{
#ifdef HAVE_CAVIUM
if (key->magic == CYASSL_RSA_CAVIUM_MAGIC)
return InitCaviumRsaKey(key, heap);
#endif
key->type = -1; /* haven't decided yet */
key->heap = heap;
@ -63,12 +93,20 @@ void InitRsaKey(RsaKey* key, void* heap)
key->q.dp = key->dP.dp = 0;
key->u.dp = key->dQ.dp = 0;
#endif
return 0;
}
void FreeRsaKey(RsaKey* key)
int FreeRsaKey(RsaKey* key)
{
(void)key;
#ifdef HAVE_CAVIUM
if (key->magic == CYASSL_RSA_CAVIUM_MAGIC)
return FreeCaviumRsaKey(key);
#endif
/* TomsFastMath doesn't use memory allocation */
#ifndef USE_FAST_MATH
if (key->type == RSA_PRIVATE) {
@ -82,12 +120,15 @@ void FreeRsaKey(RsaKey* key)
mp_clear(&key->e);
mp_clear(&key->n);
#endif
return 0;
}
static void RsaPad(const byte* input, word32 inputLen, byte* pkcsBlock,
static int RsaPad(const byte* input, word32 inputLen, byte* pkcsBlock,
word32 pkcsBlockLen, byte padValue, RNG* rng)
{
if (inputLen == 0) return;
if (inputLen == 0)
return 0;
pkcsBlock[0] = 0x0; /* set first byte to zero and advance */
pkcsBlock++; pkcsBlockLen--;
@ -99,7 +140,10 @@ static void RsaPad(const byte* input, word32 inputLen, byte* pkcsBlock,
else {
/* pad with non-zero random bytes */
word32 padLen = pkcsBlockLen - inputLen - 1, i;
RNG_GenerateBlock(rng, &pkcsBlock[1], padLen);
int ret = RNG_GenerateBlock(rng, &pkcsBlock[1], padLen);
if (ret != 0)
return ret;
/* remove zeros */
for (i = 1; i < padLen; i++)
@ -108,6 +152,8 @@ static void RsaPad(const byte* input, word32 inputLen, byte* pkcsBlock,
pkcsBlock[pkcsBlockLen-inputLen-1] = 0; /* separator */
XMEMCPY(pkcsBlock+pkcsBlockLen-inputLen, input, inputLen);
return 0;
}
@ -243,15 +289,23 @@ done:
int RsaPublicEncrypt(const byte* in, word32 inLen, byte* out, word32 outLen,
RsaKey* key, RNG* rng)
{
int sz = mp_unsigned_bin_size(&key->n), ret;
int sz, ret;
#ifdef HAVE_CAVIUM
if (key->magic == CYASSL_RSA_CAVIUM_MAGIC)
return CaviumRsaPublicEncrypt(in, inLen, out, outLen, key);
#endif
sz = mp_unsigned_bin_size(&key->n);
if (sz > (int)outLen)
return RSA_BUFFER_E;
if (inLen > (word32)(sz - RSA_MIN_PAD_SZ))
return RSA_BUFFER_E;
RsaPad(in, inLen, out, sz, RSA_BLOCK_TYPE_2, rng);
ret = RsaPad(in, inLen, out, sz, RSA_BLOCK_TYPE_2, rng);
if (ret != 0)
return ret;
if ((ret = RsaFunction(out, sz, out, &outLen, RSA_PUBLIC_ENCRYPT, key)) < 0)
sz = ret;
@ -264,6 +318,15 @@ int RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out, RsaKey* key)
{
int plainLen, ret;
#ifdef HAVE_CAVIUM
if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) {
ret = CaviumRsaPrivateDecrypt(in, inLen, in, inLen, key);
if (ret > 0)
*out = in;
return ret;
}
#endif
if ((ret = RsaFunction(in, inLen, in, &inLen, RSA_PRIVATE_DECRYPT, key))
< 0) {
return ret;
@ -282,6 +345,11 @@ int RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, word32 outLen,
byte* tmp;
byte* pad = 0;
#ifdef HAVE_CAVIUM
if (key->magic == CYASSL_RSA_CAVIUM_MAGIC)
return CaviumRsaPrivateDecrypt(in, inLen, out, outLen, key);
#endif
tmp = (byte*)XMALLOC(inLen, key->heap, DYNAMIC_TYPE_RSA);
if (tmp == NULL) {
return MEMORY_E;
@ -310,6 +378,15 @@ int RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key)
{
int plainLen, ret;
#ifdef HAVE_CAVIUM
if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) {
ret = CaviumRsaSSL_Verify(in, inLen, in, inLen, key);
if (ret > 0)
*out = in;
return ret;
}
#endif
if ((ret = RsaFunction(in, inLen, in, &inLen, RSA_PUBLIC_DECRYPT, key))
< 0) {
return ret;
@ -328,6 +405,11 @@ int RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen,
byte* tmp;
byte* pad = 0;
#ifdef HAVE_CAVIUM
if (key->magic == CYASSL_RSA_CAVIUM_MAGIC)
return CaviumRsaSSL_Verify(in, inLen, out, outLen, key);
#endif
tmp = (byte*)XMALLOC(inLen, key->heap, DYNAMIC_TYPE_RSA);
if (tmp == NULL) {
return MEMORY_E;
@ -356,15 +438,23 @@ int RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen,
int RsaSSL_Sign(const byte* in, word32 inLen, byte* out, word32 outLen,
RsaKey* key, RNG* rng)
{
int sz = mp_unsigned_bin_size(&key->n), ret;
int sz, ret;
#ifdef HAVE_CAVIUM
if (key->magic == CYASSL_RSA_CAVIUM_MAGIC)
return CaviumRsaSSL_Sign(in, inLen, out, outLen, key);
#endif
sz = mp_unsigned_bin_size(&key->n);
if (sz > (int)outLen)
return RSA_BUFFER_E;
if (inLen > (word32)(sz - RSA_MIN_PAD_SZ))
return RSA_BUFFER_E;
RsaPad(in, inLen, out, sz, RSA_BLOCK_TYPE_1, rng);
ret = RsaPad(in, inLen, out, sz, RSA_BLOCK_TYPE_1, rng);
if (ret != 0)
return ret;
if ((ret = RsaFunction(out, sz, out, &outLen, RSA_PRIVATE_ENCRYPT,key)) < 0)
sz = ret;
@ -375,6 +465,10 @@ int RsaSSL_Sign(const byte* in, word32 inLen, byte* out, word32 outLen,
int RsaEncryptSize(RsaKey* key)
{
#ifdef HAVE_CAVIUM
if (key->magic == CYASSL_RSA_CAVIUM_MAGIC)
return key->c_nSz;
#endif
return mp_unsigned_bin_size(&key->n);
}
@ -418,7 +512,11 @@ static int rand_prime(mp_int* N, int len, RNG* rng, void* heap)
fflush(stdout);
#endif
/* generate value */
RNG_GenerateBlock(rng, buf, len);
err = RNG_GenerateBlock(rng, buf, len);
if (err != 0) {
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
return err;
}
/* munge bits */
buf[0] |= 0x80 | 0x40;
@ -496,7 +594,7 @@ int MakeRsaKey(RsaKey* key, int size, long e, RNG* rng)
err = mp_init_multi(&key->n, &key->e, &key->d, &key->p, &key->q, NULL);
if (err == MP_OKAY)
err = mp_init_multi(&key->dP, &key->dP, &key->u, NULL, NULL, NULL);
err = mp_init_multi(&key->dP, &key->dQ, &key->u, NULL, NULL, NULL);
if (err == MP_OKAY)
err = mp_sub_d(&p, 1, &tmp2); /* tmp2 = p-1 */
@ -553,5 +651,184 @@ int MakeRsaKey(RsaKey* key, int size, long e, RNG* rng)
}
#endif /* CYASLS_KEY_GEN */
#endif /* CYASSL_KEY_GEN */
#ifdef HAVE_CAVIUM
#include <cyassl/ctaocrypt/logging.h>
#include "cavium_common.h"
/* Initiliaze RSA for use with Nitrox device */
int RsaInitCavium(RsaKey* rsa, int devId)
{
if (rsa == NULL)
return -1;
if (CspAllocContext(CONTEXT_SSL, &rsa->contextHandle, devId) != 0)
return -1;
rsa->devId = devId;
rsa->magic = CYASSL_RSA_CAVIUM_MAGIC;
return 0;
}
/* Free RSA from use with Nitrox device */
void RsaFreeCavium(RsaKey* rsa)
{
if (rsa == NULL)
return;
CspFreeContext(CONTEXT_SSL, rsa->contextHandle, rsa->devId);
rsa->magic = 0;
}
/* Initialize cavium RSA key */
static int InitCaviumRsaKey(RsaKey* key, void* heap)
{
if (key == NULL)
return BAD_FUNC_ARG;
key->heap = heap;
key->type = -1; /* don't know yet */
key->c_n = NULL;
key->c_e = NULL;
key->c_d = NULL;
key->c_p = NULL;
key->c_q = NULL;
key->c_dP = NULL;
key->c_dQ = NULL;
key->c_u = NULL;
key->c_nSz = 0;
key->c_eSz = 0;
key->c_dSz = 0;
key->c_pSz = 0;
key->c_qSz = 0;
key->c_dP_Sz = 0;
key->c_dQ_Sz = 0;
key->c_uSz = 0;
return 0;
}
/* Free cavium RSA key */
static int FreeCaviumRsaKey(RsaKey* key)
{
if (key == NULL)
return BAD_FUNC_ARG;
XFREE(key->c_n, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
XFREE(key->c_e, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
XFREE(key->c_d, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
XFREE(key->c_p, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
XFREE(key->c_q, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
XFREE(key->c_dP, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
XFREE(key->c_dQ, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
XFREE(key->c_u, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
return InitCaviumRsaKey(key, key->heap); /* reset pointers */
}
static int CaviumRsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key)
{
word32 requestId;
word32 ret;
if (key == NULL || in == NULL || out == NULL || outLen < (word32)key->c_nSz)
return -1;
ret = CspPkcs1v15Enc(CAVIUM_BLOCKING, BT2, key->c_nSz, key->c_eSz,
(word16)inLen, key->c_n, key->c_e, (byte*)in, out,
&requestId, key->devId);
if (ret != 0) {
CYASSL_MSG("Cavium Enc BT2 failed");
return -1;
}
return key->c_nSz;
}
static INLINE void ato16(const byte* c, word16* u16)
{
*u16 = (c[0] << 8) | (c[1]);
}
static int CaviumRsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key)
{
word32 requestId;
word32 ret;
word16 outSz = (word16)outLen;
if (key == NULL || in == NULL || out == NULL || inLen != (word32)key->c_nSz)
return -1;
ret = CspPkcs1v15CrtDec(CAVIUM_BLOCKING, BT2, key->c_nSz, key->c_q,
key->c_dQ, key->c_p, key->c_dP, key->c_u,
(byte*)in, &outSz, out, &requestId, key->devId);
if (ret != 0) {
CYASSL_MSG("Cavium CRT Dec BT2 failed");
return -1;
}
ato16((const byte*)&outSz, &outSz);
return outSz;
}
static int CaviumRsaSSL_Sign(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key)
{
word32 requestId;
word32 ret;
if (key == NULL || in == NULL || out == NULL || inLen == 0 || outLen <
(word32)key->c_nSz)
return -1;
ret = CspPkcs1v15CrtEnc(CAVIUM_BLOCKING, BT1, key->c_nSz, (word16)inLen,
key->c_q, key->c_dQ, key->c_p, key->c_dP, key->c_u,
(byte*)in, out, &requestId, key->devId);
if (ret != 0) {
CYASSL_MSG("Cavium CRT Enc BT1 failed");
return -1;
}
return key->c_nSz;
}
static int CaviumRsaSSL_Verify(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key)
{
word32 requestId;
word32 ret;
word16 outSz = (word16)outLen;
if (key == NULL || in == NULL || out == NULL || inLen != (word32)key->c_nSz)
return -1;
ret = CspPkcs1v15Dec(CAVIUM_BLOCKING, BT1, key->c_nSz, key->c_eSz,
key->c_n, key->c_e, (byte*)in, &outSz, out,
&requestId, key->devId);
if (ret != 0) {
CYASSL_MSG("Cavium Dec BT1 failed");
return -1;
}
outSz = ntohs(outSz);
return outSz;
}
#endif /* HAVE_CAVIUM */
#endif /* NO_RSA */

270
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/sha.c
View file

@ -1,6 +1,6 @@
/* sha.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,20 +16,166 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#if !defined(NO_SHA)
#ifdef CYASSL_PIC32MZ_HASH
#define InitSha InitSha_sw
#define ShaUpdate ShaUpdate_sw
#define ShaFinal ShaFinal_sw
#endif
#ifdef HAVE_FIPS
/* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
#define FIPS_NO_WRAPPERS
#endif
#include <cyassl/ctaocrypt/sha.h>
#include <cyassl/ctaocrypt/logging.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#ifdef NO_INLINE
#include <cyassl/ctaocrypt/misc.h>
#else
#include <ctaocrypt/src/misc.c>
#endif
#ifdef FREESCALE_MMCAU
#include "cau_api.h"
#define XTRANSFORM(S,B) cau_sha1_hash_n((B), 1, ((S))->digest)
#else
#define XTRANSFORM(S,B) Transform((S))
#endif
#ifdef STM32F2_HASH
/*
* STM32F2 hardware SHA1 support through the STM32F2 standard peripheral
* library. Documentation located in STM32F2xx Standard Peripheral Library
* document (See note in README).
*/
#include "stm32f2xx.h"
#include "stm32f2xx_hash.h"
int InitSha(Sha* sha)
{
/* STM32F2 struct notes:
* sha->buffer = first 4 bytes used to hold partial block if needed
* sha->buffLen = num bytes currently stored in sha->buffer
* sha->loLen = num bytes that have been written to STM32 FIFO
*/
XMEMSET(sha->buffer, 0, SHA_REG_SIZE);
sha->buffLen = 0;
sha->loLen = 0;
/* initialize HASH peripheral */
HASH_DeInit();
/* configure algo used, algo mode, datatype */
HASH->CR &= ~ (HASH_CR_ALGO | HASH_CR_DATATYPE | HASH_CR_MODE);
HASH->CR |= (HASH_AlgoSelection_SHA1 | HASH_AlgoMode_HASH
| HASH_DataType_8b);
/* reset HASH processor */
HASH->CR |= HASH_CR_INIT;
return 0;
}
int ShaUpdate(Sha* sha, const byte* data, word32 len)
{
word32 i = 0;
word32 fill = 0;
word32 diff = 0;
/* if saved partial block is available */
if (sha->buffLen) {
fill = 4 - sha->buffLen;
/* if enough data to fill, fill and push to FIFO */
if (fill <= len) {
XMEMCPY((byte*)sha->buffer + sha->buffLen, data, fill);
HASH_DataIn(*(uint32_t*)sha->buffer);
data += fill;
len -= fill;
sha->loLen += 4;
sha->buffLen = 0;
} else {
/* append partial to existing stored block */
XMEMCPY((byte*)sha->buffer + sha->buffLen, data, len);
sha->buffLen += len;
return;
}
}
/* write input block in the IN FIFO */
for(i = 0; i < len; i += 4)
{
diff = len - i;
if ( diff < 4) {
/* store incomplete last block, not yet in FIFO */
XMEMSET(sha->buffer, 0, SHA_REG_SIZE);
XMEMCPY((byte*)sha->buffer, data, diff);
sha->buffLen = diff;
} else {
HASH_DataIn(*(uint32_t*)data);
data+=4;
}
}
/* keep track of total data length thus far */
sha->loLen += (len - sha->buffLen);
return 0;
}
int ShaFinal(Sha* sha, byte* hash)
{
__IO uint16_t nbvalidbitsdata = 0;
/* finish reading any trailing bytes into FIFO */
if (sha->buffLen) {
HASH_DataIn(*(uint32_t*)sha->buffer);
sha->loLen += sha->buffLen;
}
/* calculate number of valid bits in last word of input data */
nbvalidbitsdata = 8 * (sha->loLen % SHA_REG_SIZE);
/* configure number of valid bits in last word of the data */
HASH_SetLastWordValidBitsNbr(nbvalidbitsdata);
/* start HASH processor */
HASH_StartDigest();
/* wait until Busy flag == RESET */
while (HASH_GetFlagStatus(HASH_FLAG_BUSY) != RESET) {}
/* read message digest */
sha->digest[0] = HASH->HR[0];
sha->digest[1] = HASH->HR[1];
sha->digest[2] = HASH->HR[2];
sha->digest[3] = HASH->HR[3];
sha->digest[4] = HASH->HR[4];
ByteReverseWords(sha->digest, sha->digest, SHA_DIGEST_SIZE);
XMEMCPY(hash, sha->digest, SHA_DIGEST_SIZE);
return InitSha(sha); /* reset state */
}
#else /* CTaoCrypt software implementation */
#ifndef min
@ -41,19 +187,27 @@
#endif /* min */
void InitSha(Sha* sha)
int InitSha(Sha* sha)
{
sha->digest[0] = 0x67452301L;
sha->digest[1] = 0xEFCDAB89L;
sha->digest[2] = 0x98BADCFEL;
sha->digest[3] = 0x10325476L;
sha->digest[4] = 0xC3D2E1F0L;
#ifdef FREESCALE_MMCAU
cau_sha1_initialize_output(sha->digest);
#else
sha->digest[0] = 0x67452301L;
sha->digest[1] = 0xEFCDAB89L;
sha->digest[2] = 0x98BADCFEL;
sha->digest[3] = 0x10325476L;
sha->digest[4] = 0xC3D2E1F0L;
#endif
sha->buffLen = 0;
sha->loLen = 0;
sha->hiLen = 0;
return 0;
}
#ifndef FREESCALE_MMCAU
#define blk0(i) (W[i] = sha->buffer[i])
#define blk1(i) (W[i&15] = \
rotlFixed(W[(i+13)&15]^W[(i+8)&15]^W[(i+2)&15]^W[i&15],1))
@ -87,6 +241,34 @@ static void Transform(Sha* sha)
word32 d = sha->digest[3];
word32 e = sha->digest[4];
#ifdef USE_SLOW_SHA
word32 t, i;
for (i = 0; i < 16; i++) {
R0(a, b, c, d, e, i);
t = e; e = d; d = c; c = b; b = a; a = t;
}
for (; i < 20; i++) {
R1(a, b, c, d, e, i);
t = e; e = d; d = c; c = b; b = a; a = t;
}
for (; i < 40; i++) {
R2(a, b, c, d, e, i);
t = e; e = d; d = c; c = b; b = a; a = t;
}
for (; i < 60; i++) {
R3(a, b, c, d, e, i);
t = e; e = d; d = c; c = b; b = a; a = t;
}
for (; i < 80; i++) {
R4(a, b, c, d, e, i);
t = e; e = d; d = c; c = b; b = a; a = t;
}
#else
/* nearly 1 K bigger in code size but 25% faster */
/* 4 rounds of 20 operations each. Loop unrolled. */
R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
@ -113,6 +295,7 @@ static void Transform(Sha* sha)
R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
#endif
/* Add the working vars back into digest state[] */
sha->digest[0] += a;
@ -122,6 +305,8 @@ static void Transform(Sha* sha)
sha->digest[4] += e;
}
#endif /* FREESCALE_MMCAU */
static INLINE void AddLength(Sha* sha, word32 len)
{
@ -131,7 +316,7 @@ static INLINE void AddLength(Sha* sha, word32 len)
}
void ShaUpdate(Sha* sha, const byte* data, word32 len)
int ShaUpdate(Sha* sha, const byte* data, word32 len)
{
/* do block size increments */
byte* local = (byte*)sha->buffer;
@ -145,22 +330,24 @@ void ShaUpdate(Sha* sha, const byte* data, word32 len)
len -= add;
if (sha->buffLen == SHA_BLOCK_SIZE) {
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseBytes(local, local, SHA_BLOCK_SIZE);
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
ByteReverseWords(sha->buffer, sha->buffer, SHA_BLOCK_SIZE);
#endif
Transform(sha);
XTRANSFORM(sha, local);
AddLength(sha, SHA_BLOCK_SIZE);
sha->buffLen = 0;
}
}
return 0;
}
void ShaFinal(Sha* sha, byte* hash)
int ShaFinal(Sha* sha, byte* hash)
{
byte* local = (byte*)sha->buffer;
AddLength(sha, sha->buffLen); /* before adding pads */
AddLength(sha, sha->buffLen); /* before adding pads */
local[sha->buffLen++] = 0x80; /* add 1 */
@ -169,10 +356,10 @@ void ShaFinal(Sha* sha, byte* hash)
XMEMSET(&local[sha->buffLen], 0, SHA_BLOCK_SIZE - sha->buffLen);
sha->buffLen += SHA_BLOCK_SIZE - sha->buffLen;
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseBytes(local, local, SHA_BLOCK_SIZE);
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
ByteReverseWords(sha->buffer, sha->buffer, SHA_BLOCK_SIZE);
#endif
Transform(sha);
XTRANSFORM(sha, local);
sha->buffLen = 0;
}
XMEMSET(&local[sha->buffLen], 0, SHA_PAD_SIZE - sha->buffLen);
@ -183,19 +370,60 @@ void ShaFinal(Sha* sha, byte* hash)
sha->loLen = sha->loLen << 3;
/* store lengths */
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseBytes(local, local, SHA_BLOCK_SIZE);
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
ByteReverseWords(sha->buffer, sha->buffer, SHA_BLOCK_SIZE);
#endif
/* ! length ordering dependent on digest endian type ! */
XMEMCPY(&local[SHA_PAD_SIZE], &sha->hiLen, sizeof(word32));
XMEMCPY(&local[SHA_PAD_SIZE + sizeof(word32)], &sha->loLen, sizeof(word32));
Transform(sha);
#ifdef FREESCALE_MMCAU
/* Kinetis requires only these bytes reversed */
ByteReverseWords(&sha->buffer[SHA_PAD_SIZE/sizeof(word32)],
&sha->buffer[SHA_PAD_SIZE/sizeof(word32)],
2 * sizeof(word32));
#endif
XTRANSFORM(sha, local);
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseWords(sha->digest, sha->digest, SHA_DIGEST_SIZE);
#endif
XMEMCPY(hash, sha->digest, SHA_DIGEST_SIZE);
InitSha(sha); /* reset state */
return InitSha(sha); /* reset state */
}
#endif /* STM32F2_HASH */
int ShaHash(const byte* data, word32 len, byte* hash)
{
int ret = 0;
#ifdef CYASSL_SMALL_STACK
Sha* sha;
#else
Sha sha[1];
#endif
#ifdef CYASSL_SMALL_STACK
sha = (Sha*)XMALLOC(sizeof(Sha), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (sha == NULL)
return MEMORY_E;
#endif
if ((ret = InitSha(sha)) != 0) {
CYASSL_MSG("InitSha failed");
}
else {
ShaUpdate(sha, data, len);
ShaFinal(sha, hash);
}
#ifdef CYASSL_SMALL_STACK
XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#endif /* NO_SHA */

169
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/sha256.c
View file

@ -1,6 +1,6 @@
/* sha256.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -26,15 +26,34 @@
#include <config.h>
#endif
#ifndef NO_SHA256
#include <cyassl/ctaocrypt/settings.h>
#if !defined(NO_SHA256)
#ifdef CYASSL_PIC32MZ_HASH
#define InitSha256 InitSha256_sw
#define Sha256Update Sha256Update_sw
#define Sha256Final Sha256Final_sw
#endif
#ifdef HAVE_FIPS
/* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
#define FIPS_NO_WRAPPERS
#endif
#include <cyassl/ctaocrypt/sha256.h>
#include <cyassl/ctaocrypt/logging.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#ifdef NO_INLINE
#include <cyassl/ctaocrypt/misc.h>
#else
#include <ctaocrypt/src/misc.c>
#endif
#ifdef FREESCALE_MMCAU
#include "cau_api.h"
#endif
#ifndef min
@ -46,22 +65,41 @@
#endif /* min */
void InitSha256(Sha256* sha256)
int InitSha256(Sha256* sha256)
{
sha256->digest[0] = 0x6A09E667L;
sha256->digest[1] = 0xBB67AE85L;
sha256->digest[2] = 0x3C6EF372L;
sha256->digest[3] = 0xA54FF53AL;
sha256->digest[4] = 0x510E527FL;
sha256->digest[5] = 0x9B05688CL;
sha256->digest[6] = 0x1F83D9ABL;
sha256->digest[7] = 0x5BE0CD19L;
#ifdef FREESCALE_MMCAU
cau_sha256_initialize_output(sha256->digest);
#else
sha256->digest[0] = 0x6A09E667L;
sha256->digest[1] = 0xBB67AE85L;
sha256->digest[2] = 0x3C6EF372L;
sha256->digest[3] = 0xA54FF53AL;
sha256->digest[4] = 0x510E527FL;
sha256->digest[5] = 0x9B05688CL;
sha256->digest[6] = 0x1F83D9ABL;
sha256->digest[7] = 0x5BE0CD19L;
#endif
sha256->buffLen = 0;
sha256->loLen = 0;
sha256->hiLen = 0;
return 0;
}
#ifdef FREESCALE_MMCAU
#define XTRANSFORM(S,B) Transform((S), (B))
static int Transform(Sha256* sha256, byte* buf)
{
cau_sha256_hash_n(buf, 1, sha256->digest);
return 0;
}
#else
#define XTRANSFORM(S,B) Transform((S))
static const word32 K[64] = {
0x428A2F98L, 0x71374491L, 0xB5C0FBCFL, 0xE9B5DBA5L, 0x3956C25BL,
0x59F111F1L, 0x923F82A4L, 0xAB1C5ED5L, 0xD807AA98L, 0x12835B01L,
@ -81,7 +119,7 @@ static const word32 K[64] = {
#define Ch(x,y,z) (z ^ (x & (y ^ z)))
#define Maj(x,y,z) (((x | y) & z) | (x & y))
#define S(x, n) rotrFixed(x, n)
#define R(x, n) (((x)&0xFFFFFFFFL)>>(n))
#define R(x, n) (((x)&0xFFFFFFFFU)>>(n))
#define Sigma0(x) (S(x, 2) ^ S(x, 13) ^ S(x, 22))
#define Sigma1(x) (S(x, 6) ^ S(x, 11) ^ S(x, 25))
#define Gamma0(x) (S(x, 7) ^ S(x, 18) ^ R(x, 3))
@ -94,11 +132,21 @@ static const word32 K[64] = {
h = t0 + t1;
static void Transform(Sha256* sha256)
static int Transform(Sha256* sha256)
{
word32 S[8], W[64], t0, t1;
word32 S[8], t0, t1;
int i;
#ifdef CYASSL_SMALL_STACK
word32* W;
W = (word32*) XMALLOC(sizeof(word32) * 64, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (W == NULL)
return MEMORY_E;
#else
word32 W[64];
#endif
/* Copy context->state[] to working vars */
for (i = 0; i < 8; i++)
S[i] = sha256->digest[i];
@ -124,8 +172,16 @@ static void Transform(Sha256* sha256)
for (i = 0; i < 8; i++) {
sha256->digest[i] += S[i];
}
#ifdef CYASSL_SMALL_STACK
XFREE(W, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return 0;
}
#endif /* FREESCALE_MMCAU */
static INLINE void AddLength(Sha256* sha256, word32 len)
{
@ -135,7 +191,7 @@ static INLINE void AddLength(Sha256* sha256, word32 len)
}
void Sha256Update(Sha256* sha256, const byte* data, word32 len)
int Sha256Update(Sha256* sha256, const byte* data, word32 len)
{
/* do block size increments */
byte* local = (byte*)sha256->buffer;
@ -149,34 +205,48 @@ void Sha256Update(Sha256* sha256, const byte* data, word32 len)
len -= add;
if (sha256->buffLen == SHA256_BLOCK_SIZE) {
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseBytes(local, local, SHA256_BLOCK_SIZE);
int ret;
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
ByteReverseWords(sha256->buffer, sha256->buffer,
SHA256_BLOCK_SIZE);
#endif
Transform(sha256);
ret = XTRANSFORM(sha256, local);
if (ret != 0)
return ret;
AddLength(sha256, SHA256_BLOCK_SIZE);
sha256->buffLen = 0;
}
}
return 0;
}
void Sha256Final(Sha256* sha256, byte* hash)
int Sha256Final(Sha256* sha256, byte* hash)
{
byte* local = (byte*)sha256->buffer;
int ret;
AddLength(sha256, sha256->buffLen); /* before adding pads */
local[sha256->buffLen++] = 0x80; /* add 1 */
local[sha256->buffLen++] = 0x80; /* add 1 */
/* pad with zeros */
if (sha256->buffLen > SHA256_PAD_SIZE) {
XMEMSET(&local[sha256->buffLen], 0, SHA256_BLOCK_SIZE - sha256->buffLen);
sha256->buffLen += SHA256_BLOCK_SIZE - sha256->buffLen;
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseBytes(local, local, SHA256_BLOCK_SIZE);
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
ByteReverseWords(sha256->buffer, sha256->buffer, SHA256_BLOCK_SIZE);
#endif
Transform(sha256);
ret = XTRANSFORM(sha256, local);
if (ret != 0)
return ret;
sha256->buffLen = 0;
}
XMEMSET(&local[sha256->buffLen], 0, SHA256_PAD_SIZE - sha256->buffLen);
@ -187,21 +257,64 @@ void Sha256Final(Sha256* sha256, byte* hash)
sha256->loLen = sha256->loLen << 3;
/* store lengths */
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseBytes(local, local, SHA256_BLOCK_SIZE);
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
ByteReverseWords(sha256->buffer, sha256->buffer, SHA256_BLOCK_SIZE);
#endif
/* ! length ordering dependent on digest endian type ! */
XMEMCPY(&local[SHA256_PAD_SIZE], &sha256->hiLen, sizeof(word32));
XMEMCPY(&local[SHA256_PAD_SIZE + sizeof(word32)], &sha256->loLen,
sizeof(word32));
Transform(sha256);
#ifdef FREESCALE_MMCAU
/* Kinetis requires only these bytes reversed */
ByteReverseWords(&sha256->buffer[SHA256_PAD_SIZE/sizeof(word32)],
&sha256->buffer[SHA256_PAD_SIZE/sizeof(word32)],
2 * sizeof(word32));
#endif
ret = XTRANSFORM(sha256, local);
if (ret != 0)
return ret;
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseWords(sha256->digest, sha256->digest, SHA256_DIGEST_SIZE);
#endif
XMEMCPY(hash, sha256->digest, SHA256_DIGEST_SIZE);
InitSha256(sha256); /* reset state */
return InitSha256(sha256); /* reset state */
}
int Sha256Hash(const byte* data, word32 len, byte* hash)
{
int ret = 0;
#ifdef CYASSL_SMALL_STACK
Sha256* sha256;
#else
Sha256 sha256[1];
#endif
#ifdef CYASSL_SMALL_STACK
sha256 = (Sha256*)XMALLOC(sizeof(Sha256), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (sha256 == NULL)
return MEMORY_E;
#endif
if ((ret = InitSha256(sha256)) != 0) {
CYASSL_MSG("InitSha256 failed");
}
else if ((ret = Sha256Update(sha256, data, len)) != 0) {
CYASSL_MSG("Sha256Update failed");
}
else if ((ret = Sha256Final(sha256, hash)) != 0) {
CYASSL_MSG("Sha256Final failed");
}
#ifdef CYASSL_SMALL_STACK
XFREE(sha256, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}

204
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/sha512.c
View file

@ -1,6 +1,6 @@
/* sha512.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,17 +16,26 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#ifdef CYASSL_SHA512
#ifdef HAVE_FIPS
/* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
#define FIPS_NO_WRAPPERS
#endif
#include <cyassl/ctaocrypt/sha512.h>
#include <cyassl/ctaocrypt/logging.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#ifdef NO_INLINE
#include <cyassl/ctaocrypt/misc.h>
#else
@ -44,7 +53,7 @@
#endif /* min */
void InitSha512(Sha512* sha512)
int InitSha512(Sha512* sha512)
{
sha512->digest[0] = W64LIT(0x6a09e667f3bcc908);
sha512->digest[1] = W64LIT(0xbb67ae8584caa73b);
@ -58,6 +67,8 @@ void InitSha512(Sha512* sha512)
sha512->buffLen = 0;
sha512->loLen = 0;
sha512->hiLen = 0;
return 0;
}
@ -134,24 +145,44 @@ static const word64 K512[80] = {
d(i)+=h(i);h(i)+=S0(a(i))+Maj(a(i),b(i),c(i))
static void Transform(Sha512* sha512)
static int Transform(Sha512* sha512)
{
const word64* K = K512;
word32 j;
word64 W[16];
word64 T[8];
#ifdef CYASSL_SMALL_STACK
word64* W;
W = (word64*) XMALLOC(sizeof(word64) * 16, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (W == NULL)
return MEMORY_E;
#else
word64 W[16];
#endif
/* Copy digest to working vars */
XMEMCPY(T, sha512->digest, sizeof(T));
/* 64 operations, partially loop unrolled */
#ifdef USE_SLOW_SHA2
/* over twice as small, but 50% slower */
/* 80 operations, not unrolled */
for (j = 0; j < 80; j += 16) {
int m;
for (m = 0; m < 16; m++) { /* braces needed here for macros {} */
R(m);
}
}
#else
/* 80 operations, partially loop unrolled */
for (j = 0; j < 80; j += 16) {
R( 0); R( 1); R( 2); R( 3);
R( 4); R( 5); R( 6); R( 7);
R( 8); R( 9); R(10); R(11);
R(12); R(13); R(14); R(15);
}
#endif /* USE_SLOW_SHA2 */
/* Add the working vars back into digest */
@ -165,8 +196,14 @@ static void Transform(Sha512* sha512)
sha512->digest[7] += h(0);
/* Wipe variables */
XMEMSET(W, 0, sizeof(W));
XMEMSET(W, 0, sizeof(word64) * 16);
XMEMSET(T, 0, sizeof(T));
#ifdef CYASSL_SMALL_STACK
XFREE(W, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return 0;
}
@ -178,7 +215,7 @@ static INLINE void AddLength(Sha512* sha512, word32 len)
}
void Sha512Update(Sha512* sha512, const byte* data, word32 len)
int Sha512Update(Sha512* sha512, const byte* data, word32 len)
{
/* do block size increments */
byte* local = (byte*)sha512->buffer;
@ -192,21 +229,28 @@ void Sha512Update(Sha512* sha512, const byte* data, word32 len)
len -= add;
if (sha512->buffLen == SHA512_BLOCK_SIZE) {
int ret;
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseWords64(sha512->buffer, sha512->buffer,
SHA512_BLOCK_SIZE);
#endif
Transform(sha512);
ret = Transform(sha512);
if (ret != 0)
return ret;
AddLength(sha512, SHA512_BLOCK_SIZE);
sha512->buffLen = 0;
}
}
return 0;
}
void Sha512Final(Sha512* sha512, byte* hash)
int Sha512Final(Sha512* sha512, byte* hash)
{
byte* local = (byte*)sha512->buffer;
int ret;
AddLength(sha512, sha512->buffLen); /* before adding pads */
@ -220,7 +264,10 @@ void Sha512Final(Sha512* sha512, byte* hash)
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseWords64(sha512->buffer,sha512->buffer,SHA512_BLOCK_SIZE);
#endif
Transform(sha512);
ret = Transform(sha512);
if (ret != 0)
return ret;
sha512->buffLen = 0;
}
XMEMSET(&local[sha512->buffLen], 0, SHA512_PAD_SIZE - sha512->buffLen);
@ -238,20 +285,55 @@ void Sha512Final(Sha512* sha512, byte* hash)
sha512->buffer[SHA512_BLOCK_SIZE / sizeof(word64) - 2] = sha512->hiLen;
sha512->buffer[SHA512_BLOCK_SIZE / sizeof(word64) - 1] = sha512->loLen;
Transform(sha512);
ret = Transform(sha512);
if (ret != 0)
return ret;
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseWords64(sha512->digest, sha512->digest, SHA512_DIGEST_SIZE);
#endif
XMEMCPY(hash, sha512->digest, SHA512_DIGEST_SIZE);
InitSha512(sha512); /* reset state */
return InitSha512(sha512); /* reset state */
}
int Sha512Hash(const byte* data, word32 len, byte* hash)
{
int ret = 0;
#ifdef CYASSL_SMALL_STACK
Sha512* sha512;
#else
Sha512 sha512[1];
#endif
#ifdef CYASSL_SMALL_STACK
sha512 = (Sha512*)XMALLOC(sizeof(Sha512), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (sha512 == NULL)
return MEMORY_E;
#endif
if ((ret = InitSha512(sha512)) != 0) {
CYASSL_MSG("InitSha512 failed");
}
else if ((ret = Sha512Update(sha512, data, len)) != 0) {
CYASSL_MSG("Sha512Update failed");
}
else if ((ret = Sha512Final(sha512, hash)) != 0) {
CYASSL_MSG("Sha512Final failed");
}
#ifdef CYASSL_SMALL_STACK
XFREE(sha512, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#ifdef CYASSL_SHA384
void InitSha384(Sha384* sha384)
int InitSha384(Sha384* sha384)
{
sha384->digest[0] = W64LIT(0xcbbb9d5dc1059ed8);
sha384->digest[1] = W64LIT(0x629a292a367cd507);
@ -265,27 +347,49 @@ void InitSha384(Sha384* sha384)
sha384->buffLen = 0;
sha384->loLen = 0;
sha384->hiLen = 0;
return 0;
}
static void Transform384(Sha384* sha384)
static int Transform384(Sha384* sha384)
{
const word64* K = K512;
word32 j;
word64 W[16];
word64 T[8];
#ifdef CYASSL_SMALL_STACK
word64* W;
W = (word64*) XMALLOC(sizeof(word64) * 16, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (W == NULL)
return MEMORY_E;
#else
word64 W[16];
#endif
/* Copy digest to working vars */
XMEMCPY(T, sha384->digest, sizeof(T));
/* 64 operations, partially loop unrolled */
#ifdef USE_SLOW_SHA2
/* over twice as small, but 50% slower */
/* 80 operations, not unrolled */
for (j = 0; j < 80; j += 16) {
int m;
for (m = 0; m < 16; m++) { /* braces needed for macros {} */
R2(m);
}
}
#else
/* 80 operations, partially loop unrolled */
for (j = 0; j < 80; j += 16) {
R2( 0); R2( 1); R2( 2); R2( 3);
R2( 4); R2( 5); R2( 6); R2( 7);
R2( 8); R2( 9); R2(10); R2(11);
R2(12); R2(13); R2(14); R2(15);
}
#endif /* USE_SLOW_SHA2 */
/* Add the working vars back into digest */
@ -299,8 +403,14 @@ static void Transform384(Sha384* sha384)
sha384->digest[7] += h(0);
/* Wipe variables */
XMEMSET(W, 0, sizeof(W));
XMEMSET(W, 0, sizeof(word64) * 16);
XMEMSET(T, 0, sizeof(T));
#ifdef CYASSL_SMALL_STACK
XFREE(W, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return 0;
}
@ -312,7 +422,7 @@ static INLINE void AddLength384(Sha384* sha384, word32 len)
}
void Sha384Update(Sha384* sha384, const byte* data, word32 len)
int Sha384Update(Sha384* sha384, const byte* data, word32 len)
{
/* do block size increments */
byte* local = (byte*)sha384->buffer;
@ -326,21 +436,28 @@ void Sha384Update(Sha384* sha384, const byte* data, word32 len)
len -= add;
if (sha384->buffLen == SHA384_BLOCK_SIZE) {
int ret;
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseWords64(sha384->buffer, sha384->buffer,
SHA384_BLOCK_SIZE);
#endif
Transform384(sha384);
ret = Transform384(sha384);
if (ret != 0)
return ret;
AddLength384(sha384, SHA384_BLOCK_SIZE);
sha384->buffLen = 0;
}
}
return 0;
}
void Sha384Final(Sha384* sha384, byte* hash)
int Sha384Final(Sha384* sha384, byte* hash)
{
byte* local = (byte*)sha384->buffer;
int ret;
AddLength384(sha384, sha384->buffLen); /* before adding pads */
@ -354,7 +471,10 @@ void Sha384Final(Sha384* sha384, byte* hash)
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseWords64(sha384->buffer,sha384->buffer,SHA384_BLOCK_SIZE);
#endif
Transform384(sha384);
ret = Transform384(sha384);
if (ret != 0)
return ret;
sha384->buffLen = 0;
}
XMEMSET(&local[sha384->buffLen], 0, SHA384_PAD_SIZE - sha384->buffLen);
@ -372,13 +492,49 @@ void Sha384Final(Sha384* sha384, byte* hash)
sha384->buffer[SHA384_BLOCK_SIZE / sizeof(word64) - 2] = sha384->hiLen;
sha384->buffer[SHA384_BLOCK_SIZE / sizeof(word64) - 1] = sha384->loLen;
Transform384(sha384);
ret = Transform384(sha384);
if (ret != 0)
return ret;
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseWords64(sha384->digest, sha384->digest, SHA384_DIGEST_SIZE);
#endif
XMEMCPY(hash, sha384->digest, SHA384_DIGEST_SIZE);
InitSha384(sha384); /* reset state */
return InitSha384(sha384); /* reset state */
}
int Sha384Hash(const byte* data, word32 len, byte* hash)
{
int ret = 0;
#ifdef CYASSL_SMALL_STACK
Sha384* sha384;
#else
Sha384 sha384[1];
#endif
#ifdef CYASSL_SMALL_STACK
sha384 = (Sha384*)XMALLOC(sizeof(Sha384), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (sha384 == NULL)
return MEMORY_E;
#endif
if ((ret = InitSha384(sha384)) != 0) {
CYASSL_MSG("InitSha384 failed");
}
else if ((ret = Sha384Update(sha384, data, len)) != 0) {
CYASSL_MSG("Sha384Update failed");
}
else if ((ret = Sha384Final(sha384, hash)) != 0) {
CYASSL_MSG("Sha384Final failed");
}
#ifdef CYASSL_SMALL_STACK
XFREE(sha384, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#endif /* CYASSL_SHA384 */

144
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/tfm.c
View file

@ -1,6 +1,6 @@
/* tfm.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,7 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
@ -26,7 +26,7 @@
*/
/**
* Edited by Moisés Guimarães (moises.guimaraes@phoebus.com.br)
* Edited by Moisés Guimarães (moisesguimaraesm@gmail.com)
* to fit CyaSSL's needs.
*/
@ -95,7 +95,7 @@ void s_fp_add(fp_int *a, fp_int *b, fp_int *c)
register fp_word t;
y = MAX(a->used, b->used);
oldused = c->used;
oldused = MAX(c->used, FP_SIZE); /* help static analysis w/ max size */
c->used = y;
t = 0;
@ -169,7 +169,7 @@ void s_fp_sub(fp_int *a, fp_int *b, fp_int *c)
for (; x < a->used; x++) {
t = ((fp_word)a->dp[x]) - t;
c->dp[x] = (fp_digit)t;
t = (t >> DIGIT_BIT);
t = (t >> DIGIT_BIT)&1;
}
for (; x < oldused; x++) {
c->dp[x] = 0;
@ -524,7 +524,7 @@ int fp_div(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
/* step 3.1 if xi == yt then set q{i-t-1} to b-1,
* otherwise set q{i-t-1} to (xi*b + x{i-1})/yt */
if (x.dp[i] == y.dp[t]) {
q.dp[i - t - 1] = ((((fp_word)1) << DIGIT_BIT) - 1);
q.dp[i - t - 1] = (fp_digit) ((((fp_word)1) << DIGIT_BIT) - 1);
} else {
fp_word tmp;
tmp = ((fp_word) x.dp[i]) << ((fp_word) DIGIT_BIT);
@ -641,8 +641,7 @@ void fp_div_2(fp_int * a, fp_int * b)
/* c = a / 2**b */
void fp_div_2d(fp_int *a, int b, fp_int *c, fp_int *d)
{
fp_digit D, r, rr;
int x;
int D;
fp_int t;
/* if the shift count is <= 0 then we do no work */
@ -670,32 +669,9 @@ void fp_div_2d(fp_int *a, int b, fp_int *c, fp_int *d)
}
/* shift any bit count < DIGIT_BIT */
D = (fp_digit) (b % DIGIT_BIT);
D = (b % DIGIT_BIT);
if (D != 0) {
register fp_digit *tmpc, mask, shift;
/* mask */
mask = (((fp_digit)1) << D) - 1;
/* shift for lsb */
shift = DIGIT_BIT - D;
/* alias */
tmpc = c->dp + (c->used - 1);
/* carry */
r = 0;
for (x = c->used - 1; x >= 0; x--) {
/* get the lower bits of this word in a temp */
rr = *tmpc & mask;
/* shift the current word and mix in the carry bits from the previous word */
*tmpc = (*tmpc >> D) | (r << shift);
--tmpc;
/* set the carry to the carry bits of the current word found above */
r = rr;
}
fp_rshb(c, D);
}
fp_clamp (c);
if (d != NULL) {
@ -1005,7 +981,7 @@ static int _fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
}
/* grab the next msb from the exponent */
y = (fp_digit)(buf >> (DIGIT_BIT - 1)) & 1;
y = (int)(buf >> (DIGIT_BIT - 1)) & 1;
buf <<= (fp_digit)1;
/* do ops */
@ -1107,7 +1083,7 @@ static int _fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
}
/* grab the next msb from the exponent */
y = (fp_digit)(buf >> (DIGIT_BIT - 1)) & 1;
y = (int)(buf >> (DIGIT_BIT - 1)) & 1;
buf <<= (fp_digit)1;
/* if the bit is zero and mode == 0 then we ignore it
@ -1183,16 +1159,16 @@ static int _fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
int fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
{
fp_int tmp;
int err;
/* prevent overflows */
if (P->used > (FP_SIZE/2)) {
return FP_VAL;
}
/* is X negative? */
if (X->sign == FP_NEG) {
#ifndef POSITIVE_EXP_ONLY /* reduce stack if assume no negatives */
int err;
fp_int tmp;
/* yes, copy G and invmod it */
fp_copy(G, &tmp);
if ((err = fp_invmod(&tmp, P, &tmp)) != FP_OKAY) {
@ -1204,7 +1180,11 @@ int fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
X->sign = FP_NEG;
}
return err;
} else {
#else
return FP_VAL;
#endif
}
else {
/* Positive exponent so just exptmod */
return _fp_exptmod(G, X, P, Y);
}
@ -1548,7 +1528,7 @@ void fp_montgomery_calc_normalization(fp_int *a, fp_int *b)
/* computes x/R == x (mod N) via Montgomery Reduction */
void fp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp)
{
fp_digit c[FP_SIZE], *_c, *tmpm, mu;
fp_digit c[FP_SIZE], *_c, *tmpm, mu = 0;
int oldused, x, y, pa;
/* bail if too large */
@ -1565,10 +1545,8 @@ void fp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp)
#endif
#if defined(USE_MEMSET)
/* now zero the buff */
XMEMSET(c, 0, sizeof c);
#endif
pa = m->used;
/* copy the input */
@ -1576,11 +1554,6 @@ void fp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp)
for (x = 0; x < oldused; x++) {
c[x] = a->dp[x];
}
#if !defined(USE_MEMSET)
for (; x < 2*pa+1; x++) {
c[x] = 0;
}
#endif
MONT_START;
for (x = 0; x < pa; x++) {
@ -1638,10 +1611,10 @@ void fp_read_unsigned_bin(fp_int *a, unsigned char *b, int c)
/* If we know the endianness of this architecture, and we're using
32-bit fp_digits, we can optimize this */
#if (defined(ENDIAN_LITTLE) || defined(ENDIAN_BIG)) && !defined(FP_64BIT)
#if (defined(LITTLE_ENDIAN_ORDER) || defined(BIG_ENDIAN_ORDER)) && !defined(FP_64BIT)
/* But not for both simultaneously */
#if defined(ENDIAN_LITTLE) && defined(ENDIAN_BIG)
#error Both ENDIAN_LITTLE and ENDIAN_BIG defined.
#if defined(LITTLE_ENDIAN_ORDER) && defined(BIG_ENDIAN_ORDER)
#error Both LITTLE_ENDIAN_ORDER and BIG_ENDIAN_ORDER defined.
#endif
{
unsigned char *pd = (unsigned char *)a->dp;
@ -1653,7 +1626,7 @@ void fp_read_unsigned_bin(fp_int *a, unsigned char *b, int c)
}
a->used = (c + sizeof(fp_digit) - 1)/sizeof(fp_digit);
/* read the bytes in */
#ifdef ENDIAN_BIG
#ifdef BIG_ENDIAN_ORDER
{
/* Use Duff's device to unroll the loop. */
int idx = (c - 1) & ~3;
@ -1733,6 +1706,25 @@ int fp_count_bits (fp_int * a)
return r;
}
int fp_leading_bit(fp_int *a)
{
int bit = 0;
if (a->used != 0) {
fp_digit q = a->dp[a->used - 1];
int qSz = sizeof(fp_digit);
while (qSz > 0) {
if ((unsigned char)q != 0)
bit = (q & 0x80) != 0;
q >>= 8;
qSz--;
}
}
return bit;
}
void fp_lshd(fp_int *a, int x)
{
int y;
@ -1757,6 +1749,39 @@ void fp_lshd(fp_int *a, int x)
fp_clamp(a);
}
/* right shift by bit count */
void fp_rshb(fp_int *c, int x)
{
register fp_digit *tmpc, mask, shift;
fp_digit r, rr;
fp_digit D = x;
/* mask */
mask = (((fp_digit)1) << D) - 1;
/* shift for lsb */
shift = DIGIT_BIT - D;
/* alias */
tmpc = c->dp + (c->used - 1);
/* carry */
r = 0;
for (x = c->used - 1; x >= 0; x--) {
/* get the lower bits of this word in a temp */
rr = *tmpc & mask;
/* shift the current word and mix in the carry bits from previous word */
*tmpc = (*tmpc >> D) | (r << shift);
--tmpc;
/* set the carry to the carry bits of the current word found above */
r = rr;
}
}
void fp_rshd(fp_int *a, int x)
{
int y;
@ -1962,6 +1987,19 @@ int mp_count_bits (mp_int* a)
}
int mp_leading_bit (mp_int* a)
{
return fp_leading_bit(a);
}
/* fast math conversion */
void mp_rshb (mp_int* a, int x)
{
fp_rshb(a, x);
}
/* fast math wrappers */
int mp_set_int(fp_int *a, fp_digit b)
{
@ -2364,7 +2402,7 @@ int mp_add_d(fp_int *a, fp_digit b, fp_int *c)
#ifdef HAVE_ECC
/* chars used in radix conversions */
const char *fp_s_rmap = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
static const char *fp_s_rmap = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
static int fp_read_radix(fp_int *a, const char *str, int radix)
{

436
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/wc_port.c Normal file
View file

@ -0,0 +1,436 @@
/* port.c
*
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#include <cyassl/ctaocrypt/types.h>
#include <cyassl/ctaocrypt/error-crypt.h>
#ifdef _MSC_VER
/* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
#pragma warning(disable: 4996)
#endif
#ifdef SINGLE_THREADED
int InitMutex(CyaSSL_Mutex* m)
{
(void)m;
return 0;
}
int FreeMutex(CyaSSL_Mutex *m)
{
(void)m;
return 0;
}
int LockMutex(CyaSSL_Mutex *m)
{
(void)m;
return 0;
}
int UnLockMutex(CyaSSL_Mutex *m)
{
(void)m;
return 0;
}
#else /* MULTI_THREAD */
#if defined(FREERTOS)
int InitMutex(CyaSSL_Mutex* m)
{
int iReturn;
*m = ( CyaSSL_Mutex ) xSemaphoreCreateMutex();
if( *m != NULL )
iReturn = 0;
else
iReturn = BAD_MUTEX_E;
return iReturn;
}
int FreeMutex(CyaSSL_Mutex* m)
{
vSemaphoreDelete( *m );
return 0;
}
int LockMutex(CyaSSL_Mutex* m)
{
/* Assume an infinite block, or should there be zero block? */
xSemaphoreTake( *m, portMAX_DELAY );
return 0;
}
int UnLockMutex(CyaSSL_Mutex* m)
{
xSemaphoreGive( *m );
return 0;
}
#elif defined(CYASSL_SAFERTOS)
int InitMutex(CyaSSL_Mutex* m)
{
vSemaphoreCreateBinary(m->mutexBuffer, m->mutex);
if (m->mutex == NULL)
return BAD_MUTEX_E;
return 0;
}
int FreeMutex(CyaSSL_Mutex* m)
{
(void)m;
return 0;
}
int LockMutex(CyaSSL_Mutex* m)
{
/* Assume an infinite block */
xSemaphoreTake(m->mutex, portMAX_DELAY);
return 0;
}
int UnLockMutex(CyaSSL_Mutex* m)
{
xSemaphoreGive(m->mutex);
return 0;
}
#elif defined(USE_WINDOWS_API)
int InitMutex(CyaSSL_Mutex* m)
{
InitializeCriticalSection(m);
return 0;
}
int FreeMutex(CyaSSL_Mutex* m)
{
DeleteCriticalSection(m);
return 0;
}
int LockMutex(CyaSSL_Mutex* m)
{
EnterCriticalSection(m);
return 0;
}
int UnLockMutex(CyaSSL_Mutex* m)
{
LeaveCriticalSection(m);
return 0;
}
#elif defined(CYASSL_PTHREADS)
int InitMutex(CyaSSL_Mutex* m)
{
if (pthread_mutex_init(m, 0) == 0)
return 0;
else
return BAD_MUTEX_E;
}
int FreeMutex(CyaSSL_Mutex* m)
{
if (pthread_mutex_destroy(m) == 0)
return 0;
else
return BAD_MUTEX_E;
}
int LockMutex(CyaSSL_Mutex* m)
{
if (pthread_mutex_lock(m) == 0)
return 0;
else
return BAD_MUTEX_E;
}
int UnLockMutex(CyaSSL_Mutex* m)
{
if (pthread_mutex_unlock(m) == 0)
return 0;
else
return BAD_MUTEX_E;
}
#elif defined(THREADX)
int InitMutex(CyaSSL_Mutex* m)
{
if (tx_mutex_create(m, "CyaSSL Mutex", TX_NO_INHERIT) == 0)
return 0;
else
return BAD_MUTEX_E;
}
int FreeMutex(CyaSSL_Mutex* m)
{
if (tx_mutex_delete(m) == 0)
return 0;
else
return BAD_MUTEX_E;
}
int LockMutex(CyaSSL_Mutex* m)
{
if (tx_mutex_get(m, TX_WAIT_FOREVER) == 0)
return 0;
else
return BAD_MUTEX_E;
}
int UnLockMutex(CyaSSL_Mutex* m)
{
if (tx_mutex_put(m) == 0)
return 0;
else
return BAD_MUTEX_E;
}
#elif defined(MICRIUM)
int InitMutex(CyaSSL_Mutex* m)
{
#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
if (NetSecure_OS_MutexCreate(m) == 0)
return 0;
else
return BAD_MUTEX_E;
#else
return 0;
#endif
}
int FreeMutex(CyaSSL_Mutex* m)
{
#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
if (NetSecure_OS_FreeMutex(m) == 0)
return 0;
else
return BAD_MUTEX_E;
#else
return 0;
#endif
}
int LockMutex(CyaSSL_Mutex* m)
{
#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
if (NetSecure_OS_LockMutex(m) == 0)
return 0;
else
return BAD_MUTEX_E;
#else
return 0;
#endif
}
int UnLockMutex(CyaSSL_Mutex* m)
{
#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
if (NetSecure_OS_UnLockMutex(m) == 0)
return 0;
else
return BAD_MUTEX_E;
#else
return 0;
#endif
}
#elif defined(EBSNET)
int InitMutex(CyaSSL_Mutex* m)
{
if (rtp_sig_mutex_alloc(m, "CyaSSL Mutex") == -1)
return BAD_MUTEX_E;
else
return 0;
}
int FreeMutex(CyaSSL_Mutex* m)
{
rtp_sig_mutex_free(*m);
return 0;
}
int LockMutex(CyaSSL_Mutex* m)
{
if (rtp_sig_mutex_claim_timed(*m, RTIP_INF) == 0)
return 0;
else
return BAD_MUTEX_E;
}
int UnLockMutex(CyaSSL_Mutex* m)
{
rtp_sig_mutex_release(*m);
return 0;
}
#elif defined(FREESCALE_MQX)
int InitMutex(CyaSSL_Mutex* m)
{
if (_mutex_init(m, NULL) == MQX_EOK)
return 0;
else
return BAD_MUTEX_E;
}
int FreeMutex(CyaSSL_Mutex* m)
{
if (_mutex_destroy(m) == MQX_EOK)
return 0;
else
return BAD_MUTEX_E;
}
int LockMutex(CyaSSL_Mutex* m)
{
if (_mutex_lock(m) == MQX_EOK)
return 0;
else
return BAD_MUTEX_E;
}
int UnLockMutex(CyaSSL_Mutex* m)
{
if (_mutex_unlock(m) == MQX_EOK)
return 0;
else
return BAD_MUTEX_E;
}
#elif defined(CYASSL_MDK_ARM)|| defined(CYASSL_CMSIS_RTOS)
#if defined(CYASSL_CMSIS_RTOS)
#include "cmsis_os.h"
#define CMSIS_NMUTEX 10
osMutexDef(CyaSSL_mt0) ; osMutexDef(CyaSSL_mt1) ; osMutexDef(CyaSSL_mt2) ;
osMutexDef(CyaSSL_mt3) ; osMutexDef(CyaSSL_mt4) ; osMutexDef(CyaSSL_mt5) ;
osMutexDef(CyaSSL_mt6) ; osMutexDef(CyaSSL_mt7) ; osMutexDef(CyaSSL_mt8) ;
osMutexDef(CyaSSL_mt9) ;
static const osMutexDef_t *CMSIS_mutex[] = { osMutex(CyaSSL_mt0),
osMutex(CyaSSL_mt1), osMutex(CyaSSL_mt2), osMutex(CyaSSL_mt3),
osMutex(CyaSSL_mt4), osMutex(CyaSSL_mt5), osMutex(CyaSSL_mt6),
osMutex(CyaSSL_mt7), osMutex(CyaSSL_mt8), osMutex(CyaSSL_mt9) } ;
static osMutexId CMSIS_mutexID[CMSIS_NMUTEX] = {0} ;
int InitMutex(CyaSSL_Mutex* m)
{
int i ;
for (i=0; i<CMSIS_NMUTEX; i++) {
if(CMSIS_mutexID[i] == 0) {
CMSIS_mutexID[i] = osMutexCreate(CMSIS_mutex[i]) ;
(*m) = CMSIS_mutexID[i] ;
return 0 ;
}
}
return -1 ;
}
int FreeMutex(CyaSSL_Mutex* m)
{
int i ;
osMutexDelete (*m) ;
for (i=0; i<CMSIS_NMUTEX; i++) {
if(CMSIS_mutexID[i] == (*m)) {
CMSIS_mutexID[i] = 0 ;
return(0) ;
}
}
return(-1) ;
}
int LockMutex(CyaSSL_Mutex* m)
{
osMutexWait(*m, osWaitForever) ;
return(0) ;
}
int UnLockMutex(CyaSSL_Mutex* m)
{
osMutexRelease (*m);
return 0;
}
#else
int InitMutex(CyaSSL_Mutex* m)
{
os_mut_init (m);
return 0;
}
int FreeMutex(CyaSSL_Mutex* m)
{
return(0) ;
}
int LockMutex(CyaSSL_Mutex* m)
{
os_mut_wait (m, 0xffff);
return(0) ;
}
int UnLockMutex(CyaSSL_Mutex* m)
{
os_mut_release (m);
return 0;
}
#endif
#endif /* USE_WINDOWS_API */
#endif /* SINGLE_THREADED */

47
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/wolfcrypt_first.c Normal file
View file

@ -0,0 +1,47 @@
/* wolfcrypt_first.c
*
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
/* This file needs to be linked first in order to work correctly */
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
/* in case user set HAVE_FIPS there */
#include <cyassl/ctaocrypt/settings.h>
#ifdef HAVE_FIPS
/* read only start address */
const unsigned int wolfCrypt_FIPS_ro_start[] =
{ 0x1a2b3c4d, 0x00000001 };
/* first function of text/code segment */
int wolfCrypt_FIPS_first(void);
int wolfCrypt_FIPS_first(void)
{
return 0;
}
#endif /* HAVE_FIPS */

47
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/wolfcrypt_last.c Normal file
View file

@ -0,0 +1,47 @@
/* wolfcrypt_last.c
*
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
/* This file needs to be linked last in order to work correctly */
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
/* in case user set HAVE_FIPS there */
#include <cyassl/ctaocrypt/settings.h>
#ifdef HAVE_FIPS
/* last function of text/code segment */
int wolfCrypt_FIPS_last(void);
int wolfCrypt_FIPS_last(void)
{
return 0;
}
/* read only end address */
const unsigned int wolfCrypt_FIPS_ro_end[] =
{ 0x1a2b3c4d, 0xffffffff };
#endif /* HAVE_FIPS */

2
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/test/include.am
View file

@ -5,5 +5,7 @@ noinst_PROGRAMS+= ctaocrypt/test/testctaocrypt
ctaocrypt_test_testctaocrypt_SOURCES = ctaocrypt/test/test.c
ctaocrypt_test_testctaocrypt_LDADD = src/libcyassl.la
ctaocrypt_test_testctaocrypt_DEPENDENCIES = src/libcyassl.la
noinst_HEADERS += ctaocrypt/test/test.h
EXTRA_DIST += ctaocrypt/test/test.sln
EXTRA_DIST += ctaocrypt/test/test.vcproj
DISTCLEANFILES+= ctaocrypt/test/.libs/testctaocrypt

3413
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/test/test.c
View file

File diff suppressed because it is too large Load diff

33
FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/test/test.h Normal file
View file

@ -0,0 +1,33 @@
/* ctaocrypt/test/test.h
*
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#pragma once
#ifdef __cplusplus
extern "C" {
#endif
void ctaocrypt_test(void* args);
#ifdef __cplusplus
} /* extern "C" */
#endif