From 53e2147d8d28041166b00693c9f9c6b45653bb55 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 10 Jul 2016 20:40:45 -0400
Subject: [PATCH 1/3] Fix compile under Sun Studio 12.3 and below with
 -xarch=aes defines

---
 blake2.cpp       | 12 ++++++------
 config.h         |  6 +++---
 config.recommend |  6 +++---
 3 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/blake2.cpp b/blake2.cpp
index 7e86a98f..593795d7 100644
--- a/blake2.cpp
+++ b/blake2.cpp
@@ -22,6 +22,12 @@ NAMESPACE_BEGIN(CryptoPP)
 # undef CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE
 #endif
 
+// Visual Studio needs VS2008 (1500); no dependency on _mm_set_epi64x()
+//   http://msdn.microsoft.com/en-us/library/bb892950%28v=vs.90%29.aspx
+#if defined(_MSC_VER) && (_MSC_VER < 1500)
+# undef CRYPTOPP_BOOL_SSE4_INTRINSICS_AVAILABLE
+#endif
+
 // SunCC needs 12.4 for _mm_set_epi64x, _mm_blend_epi16, _mm_shuffle_epi16, etc
 #if defined(__SUNPRO_CC) && (__SUNPRO_CC < 0x5130)
 # undef CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE
@@ -32,12 +38,6 @@ NAMESPACE_BEGIN(CryptoPP)
 # include <tmmintrin.h>    // _mm_shuffle_epi16
 #endif
 
-// Visual Studio needs VS2008 (1500); no dependency on _mm_set_epi64x()
-//   http://msdn.microsoft.com/en-us/library/bb892950%28v=vs.90%29.aspx
-#if defined(_MSC_VER) && (_MSC_VER < 1500)
-# undef CRYPTOPP_BOOL_SSE4_INTRINSICS_AVAILABLE
-#endif
-
 // Apple Clang 6.0/Clang 3.5 does not have SSSE3 intrinsics
 //   http://llvm.org/bugs/show_bug.cgi?id=20213
 #if (defined(CRYPTOPP_APPLE_CLANG_VERSION) && (CRYPTOPP_APPLE_CLANG_VERSION <= 60000)) || (defined(CRYPTOPP_LLVM_CLANG_VERSION) && (CRYPTOPP_LLVM_CLANG_VERSION <= 30500))
diff --git a/config.h b/config.h
index 9a40f2ba..39b11d87 100644
--- a/config.h
+++ b/config.h
@@ -416,8 +416,8 @@ NAMESPACE_END
 
 // Sun Studio 12 provides GCC inline assembly, http://blogs.oracle.com/x86be/entry/gcc_style_asm_inlining_support
 // We can enable SSE2 for Sun Studio in the makefile with -D__SSE2__, but users may not compile with it.
-#if !defined(CRYPTOPP_DISABLE_ASM) && defined(__x86_64__) && (__SUNPRO_CC >= 0x5100) && !defined(__SSE2__)
-# define __SSE2__ 1
+#if !defined(CRYPTOPP_DISABLE_ASM) && !defined(__SSE2__) && defined(__x86_64__) && (__SUNPRO_CC >= 0x5100)
+# define __SSE2__
 #endif
 
 #if !defined(CRYPTOPP_DISABLE_ASM) && ((defined(_MSC_VER) && defined(_M_IX86)) || (defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__))))
@@ -456,7 +456,7 @@ NAMESPACE_END
 
 // Intrinsics availible in GCC 4.3 (http://gcc.gnu.org/gcc-4.3/changes.html) and
 //   MSVC 2008 (http://msdn.microsoft.com/en-us/library/bb892950%28v=vs.90%29.aspx)
-#if !defined(CRYPTOPP_DISABLE_SSE2) && !defined(CRYPTOPP_DISABLE_SSE4) && (((_MSC_VER >= 1500) && !defined(_M_ARM)) || defined(__SSE4_2__))
+#if !defined(CRYPTOPP_DISABLE_SSE2) && !defined(CRYPTOPP_DISABLE_SSE4) && (((_MSC_VER >= 1500) && !defined(_M_ARM)) || defined(__SSE4_2__)) && (!defined(__SUNPRO_CC) || (defined(__SUNPRO_CC) && (__SUNPRO_CC >= 0x5130)))
 	#define CRYPTOPP_BOOL_SSE4_INTRINSICS_AVAILABLE 1
 #else
 	#define CRYPTOPP_BOOL_SSE4_INTRINSICS_AVAILABLE 0
diff --git a/config.recommend b/config.recommend
index 713a6780..4e24db31 100644
--- a/config.recommend
+++ b/config.recommend
@@ -416,8 +416,8 @@ NAMESPACE_END
 
 // Sun Studio 12 provides GCC inline assembly, http://blogs.oracle.com/x86be/entry/gcc_style_asm_inlining_support
 // We can enable SSE2 for Sun Studio in the makefile with -D__SSE2__, but users may not compile with it.
-#if !defined(CRYPTOPP_DISABLE_ASM) && defined(__x86_64__) && (__SUNPRO_CC >= 0x5100) && !defined(__SSE2__)
-# define __SSE2__ 1
+#if !defined(CRYPTOPP_DISABLE_ASM) && !defined(__SSE2__) && defined(__x86_64__) && (__SUNPRO_CC >= 0x5100)
+# define __SSE2__
 #endif
 
 #if !defined(CRYPTOPP_DISABLE_ASM) && ((defined(_MSC_VER) && defined(_M_IX86)) || (defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__))))
@@ -456,7 +456,7 @@ NAMESPACE_END
 
 // Intrinsics availible in GCC 4.3 (http://gcc.gnu.org/gcc-4.3/changes.html) and
 //   MSVC 2008 (http://msdn.microsoft.com/en-us/library/bb892950%28v=vs.90%29.aspx)
-#if !defined(CRYPTOPP_DISABLE_SSE2) && !defined(CRYPTOPP_DISABLE_SSE4) && (((_MSC_VER >= 1500) && !defined(_M_ARM)) || defined(__SSE4_2__))
+#if !defined(CRYPTOPP_DISABLE_SSE2) && !defined(CRYPTOPP_DISABLE_SSE4) && (((_MSC_VER >= 1500) && !defined(_M_ARM)) || defined(__SSE4_2__)) && (!defined(__SUNPRO_CC) || (defined(__SUNPRO_CC) && (__SUNPRO_CC >= 0x5130)))
 	#define CRYPTOPP_BOOL_SSE4_INTRINSICS_AVAILABLE 1
 #else
 	#define CRYPTOPP_BOOL_SSE4_INTRINSICS_AVAILABLE 0

From a017dbdeab46c57c555f292e23d1b38a900a64d6 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 10 Jul 2016 21:30:51 -0400
Subject: [PATCH 2/3] Fix SunCC version for RDSEED, which is available in Sun
 Studio 12.5

---
 rdrand.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rdrand.cpp b/rdrand.cpp
index fec720c0..45f591a6 100644
--- a/rdrand.cpp
+++ b/rdrand.cpp
@@ -105,7 +105,7 @@
 #  elif CRYPTOPP_BOOL_RDRAND_ASM
 #    define GCC_RDRAND_ASM_AVAILABLE 1
 #  endif
-#  if GCC_INTRIN_COMPILER && defined(__RDSEED__) && (__SUNPRO_CC >= 0x5150)
+#  if GCC_INTRIN_COMPILER && defined(__RDSEED__) && (__SUNPRO_CC >= 0x5140)
 #    define ALL_RDSEED_INTRIN_AVAILABLE 1
 #  elif CRYPTOPP_BOOL_RDSEED_ASM
 #    define GCC_RDSEED_ASM_AVAILABLE 1

From 0deae2c97421bbd6050af30dde7ac21951ddaf9f Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 10 Jul 2016 23:50:31 -0400
Subject: [PATCH 3/3] Simplify RDRAND and RDSEED implementation selection
 logic. Its was too convoluted

---
 rdrand.cpp | 90 ++++++++++++++----------------------------------------
 1 file changed, 23 insertions(+), 67 deletions(-)

diff --git a/rdrand.cpp b/rdrand.cpp
index 45f591a6..b67f30bb 100644
--- a/rdrand.cpp
+++ b/rdrand.cpp
@@ -45,69 +45,41 @@
 /////////////////////////////////////////////////////////////////////
 /////////////////////////////////////////////////////////////////////
 
-// According to Wei, CRYPTOPP_DISABLE_ASM is a failsafe due to the assembler.
-//   We sidestep it because it does not limit us. The assembler does not limit
-//   us because we emit out own byte codes as needed. To diasble RDRAND or
-//    RDSEED, set CRYPTOPP_BOOL_RDRAND_ASM or CRYPTOPP_BOOL_RDSEED_ASM to 0.
-#ifndef CRYPTOPP_CPUID_AVAILABLE
-# if (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64)
+#if (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64)
+# ifndef CRYPTOPP_CPUID_AVAILABLE
 #  define CRYPTOPP_CPUID_AVAILABLE
 # endif
 #endif
 
-#if defined(CRYPTOPP_CPUID_AVAILABLE) && !defined(CRYPTOPP_BOOL_RDRAND_ASM)
-# define CRYPTOPP_BOOL_RDRAND_ASM 1
-#else
-# define CRYPTOPP_BOOL_RDRAND_ASM 0
-#endif
-#if defined(CRYPTOPP_CPUID_AVAILABLE) && !defined(CRYPTOPP_BOOL_RDSEED_ASM)
-# define CRYPTOPP_BOOL_RDSEED_ASM 1
-#else
-# define CRYPTOPP_BOOL_RDSEED_ASM 0
-#endif
-
-#if defined(CRYPTOPP_CPUID_AVAILABLE)
-# define MSC_INTRIN_COMPILER ((CRYPTOPP_MSC_VERSION >= 1700) || (CRYPTOPP_LLVM_CLANG_VERSION >= 30200) || (_INTEL_COMPILER >= 1210))
-# define GCC_INTRIN_COMPILER ((CRYPTOPP_GCC_VERSION >= 40600) || (CRYPTOPP_LLVM_CLANG_VERSION >= 30200) || (_INTEL_COMPILER >= 1210)) || (__SUNPRO_CC >= 0x5130)
-#else
-# define MSC_INTRIN_COMPILER 0
-# define GCC_INTRIN_COMPILER 0
-#endif
-
 // In general, the library's ASM code is best on Windows, and Intrinsics is
-//   the best code under GCC and compatibles. We favor them accordingly.
+//   the best code under GCC. Clang is missing symbols, so it gets ASM.
 //   The NASM code is optimized well on Linux, but its not easy to cut-in.
-#if defined(CRYPTOPP_CPUID_AVAILABLE) && (CRYPTOPP_MSC_VERSION >= 1200)
-#  if CRYPTOPP_BOOL_RDRAND_ASM
-#    define MASM_RDRAND_ASM_AVAILABLE 1
-#  elif MSC_INTRIN_COMPILER
+#if defined(CRYPTOPP_MSC_VERSION)
+#  define MASM_RDRAND_ASM_AVAILABLE 1
+#  define MASM_RDSEED_ASM_AVAILABLE 1
+#elif defined(CRYPTOPP_LLVM_CLANG_VERSION) || defined(CRYPTOPP_APPLE_CLANG_VERSION)
+#  define GCC_RDRAND_ASM_AVAILABLE 1
+#  define GCC_RDSEED_ASM_AVAILABLE 1
+#elif defined(__SUNPRO_CC)
+#  if defined(__RDRND__) && (__SUNPRO_CC >= 0x5130)
 #    define ALL_RDRAND_INTRIN_AVAILABLE 1
-#  endif
-#  if CRYPTOPP_BOOL_RDSEED_ASM
-#    define MASM_RDSEED_ASM_AVAILABLE 1
-#  elif MSC_INTRIN_COMPILER
-#    define ALL_RDSEED_INTRIN_AVAILABLE 1
-#  endif
-#elif defined(CRYPTOPP_CPUID_AVAILABLE) && (CRYPTOPP_GCC_VERSION >= 30200)
-#  if GCC_INTRIN_COMPILER && defined(__RDRND__)
-#    define ALL_RDRAND_INTRIN_AVAILABLE 1
-#  elif CRYPTOPP_BOOL_RDRAND_ASM
+#  elif (__SUNPRO_CC >= 0x5100)
 #    define GCC_RDRAND_ASM_AVAILABLE 1
 #  endif
-#  if GCC_INTRIN_COMPILER && defined(__RDSEED__)
+#  if defined(__RDSEED__) && (__SUNPRO_CC >= 0x5140)
 #    define ALL_RDSEED_INTRIN_AVAILABLE 1
-#  elif CRYPTOPP_BOOL_RDSEED_ASM
+#  elif (__SUNPRO_CC >= 0x5100)
 #    define GCC_RDSEED_ASM_AVAILABLE 1
 #  endif
-#elif defined(CRYPTOPP_CPUID_AVAILABLE) && (__SUNPRO_CC >= 0x5100)
-#  if GCC_INTRIN_COMPILER && defined(__RDRND__) && (__SUNPRO_CC >= 0x5130)
+#elif defined(CRYPTOPP_GCC_VERSION)
+#  if defined(__RDRND__) && (CRYPTOPP_GCC_VERSION >= 30200)
 #    define ALL_RDRAND_INTRIN_AVAILABLE 1
-#  elif CRYPTOPP_BOOL_RDRAND_ASM
+#  else
 #    define GCC_RDRAND_ASM_AVAILABLE 1
 #  endif
-#  if GCC_INTRIN_COMPILER && defined(__RDSEED__) && (__SUNPRO_CC >= 0x5140)
+#  if defined(__RDSEED__) && (CRYPTOPP_GCC_VERSION >= 30200)
 #    define ALL_RDSEED_INTRIN_AVAILABLE 1
-#  elif CRYPTOPP_BOOL_RDSEED_ASM
+#  else
 #    define GCC_RDSEED_ASM_AVAILABLE 1
 #  endif
 #endif
@@ -238,11 +210,7 @@ static int ALL_RRI_GenerateBlock(byte *output, size_t size, unsigned int safety)
 		}
 	}
 
-#if CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32
-	*((volatile word32*)&val) = 0;
-#else
-	*((volatile word64*)&val) = 0;
-#endif
+	SecureWipeBuffer(&val, 1);
 
 	return int(size == 0);
 }
@@ -302,11 +270,7 @@ static int GCC_RRA_GenerateBlock(byte *output, size_t size, unsigned int safety)
 		}
 	}
 
-#if CRYPTOPP_BOOL_X64 || CRYPTOPP_BOOL_X32
-	*((volatile word64*)&val) = 0;
-#else
-	*((volatile word32*)&val) = 0;
-#endif
+	SecureWipeBuffer(&val, 1);
 
 	return int(size == 0);
 }
@@ -419,11 +383,7 @@ static int ALL_RSI_GenerateBlock(byte *output, size_t size, unsigned int safety)
 		}
 	}
 
-#if CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32
-	*((volatile word32*)&val) = 0;
-#else
-	*((volatile word64*)&val) = 0;
-#endif
+	SecureWipeBuffer(&val, 1);
 
 	return int(size == 0);
 }
@@ -483,11 +443,7 @@ static int GCC_RSA_GenerateBlock(byte *output, size_t size, unsigned int safety)
 		}
 	}
 
-#if CRYPTOPP_BOOL_X64 || CRYPTOPP_BOOL_X32
-	*((volatile word64*)&val) = 0;
-#else
-	*((volatile word32*)&val) = 0;
-#endif
+	SecureWipeBuffer(&val, 1);
 
 	return int(size == 0);
 }