From b3e49d8c96bb8044715db457d04669b42b169fab Mon Sep 17 00:00:00 2001 From: Jeffrey Walton Date: Thu, 19 Nov 2015 13:09:33 -0500 Subject: [PATCH] Additional documentation; fixed issues with Clang integrated assembler and different versions numbers for LLVM Clang and Apple Clang; fixed missing header in DSA class --- GNUmakefile | 2 +- Readme.txt | 22 +- base32.h | 2 +- base64.h | 2 +- config.recommend | 1416 +++++++++++++++++++++++----------------------- cryptlib.h | 35 +- dsa.h | 30 +- filters.h | 4 +- fips140.h | 80 ++- gcm.cpp | 20 +- hex.h | 5 + hmac.h | 3 + ida.h | 9 +- osrng.h | 117 +++- pubkey.h | 8 +- rabin.h | 2 +- rdrand.cpp | 2 +- rdrand.h | 4 +- rijndael.h | 16 +- ripemd.h | 5 + rng.h | 34 +- validat1.cpp | 90 ++- validat2.cpp | 7 +- 23 files changed, 1095 insertions(+), 820 deletions(-) diff --git a/GNUmakefile b/GNUmakefile index c8eccfb5..8fae3168 100755 --- a/GNUmakefile +++ b/GNUmakefile @@ -435,7 +435,7 @@ bench benchmark benchmarks: cryptest.exe echo "" >> benchmarks.html echo "

Crypto++" $(LIB_MAJOR).$(LIB_MINOR).$(LIB_REVISION) "Benchmarks

" >> benchmarks.html echo "

Here are speed benchmarks for some commonly used cryptographic algorithms.

" >> benchmarks.html - cryptest.exe b 3 2.4+1e9 >> benchmarks.html + cryptest.exe b 3 2.4 >> benchmarks.html echo "" >> benchmarks.html echo "" >> benchmarks.html diff --git a/Readme.txt b/Readme.txt index 5a22c06f..415a62af 100644 --- a/Readme.txt +++ b/Readme.txt @@ -1,5 +1,5 @@ Crypto++: a C++ Class Library of Cryptographic Schemes -Version 5.6.3 - NOV/01/2015 +Version 5.6.3 - NOV/20/2015 Crypto++ Library is a free C++ class library of cryptographic schemes. Currently the library contains the following algorithms: @@ -454,14 +454,14 @@ the mailing list. - fixed CVE-2015-2141 - cleared most Undefined Behavior Sanitizer (UBsan) findings - cleared all Address Sanitizer (Asan) findings - - cleared most Valgrind findings - - cleared most Coverity findings + - cleared all Valgrind findings + - cleared all Coverity findings - cleared all Enterprise Analysis (/analyze) findings - cleared most GCC warnings with -Wall - cleared most Clang warnings with -Wall - cleared most MSVC warnings with /W4 - - added -fPIC for x86_64/amd64 builds. Off by default for i386 - - added HKDF class for RFC 5868 + - added -fPIC 64-bit builds. Off by default for i386 + - added HKDF class from RFC 5868 - switched to member_ptr due to C++ 11 warnings for auto_ptr - initialization of C++ static objects, off by default * GCC and init_priotirty/constructor attributes @@ -469,13 +469,11 @@ the mailing list. * CRYPTOPP_INIT_PRIORITY disabled by default, but available - improved OS X support - improved GNUmakefile support for Testing and QA - - added additional self tests for improved Testing and QA + - added self tests for additional Testing and QA - added cryptest.sh for systematic Testing and QA - added GNU Gold linker support - - added Visual Studio 2010 solution and project files in vs2010.zip + - added Visual Studio 2010 solution and project files in vs2010.zip - added Clang integrated assembler support - - added more complete ARM, ARM64, MIPS, MIPS64, S/390 and X32 (ILP32) support - - __ARM_FEATURE_UNALIGNED and definition of CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS - unconditionally define CRYPTOPP_NO_UNALIGNED_DATA_ACCESS for Makefile target 'ubsan' and at -O3 due to GCC vectorization on x86 and x86_64 - workaround ARMEL/GCC 5.2 bug and failed self test @@ -487,13 +485,15 @@ the mailing list. - fixed X32 (ILP32) feature detection - removed _CRT_SECURE_NO_DEPRECATE for Microsoft platforms - utilized bound checking interfaces from ISO/IEC TR 24772 when available + - improved ARM, ARM64, MIPS, MIPS64, S/390 and X32 (ILP32) support - introduced CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 - - added additional Doxygen documentation + - added additional Doxygen-based documentation + - ported to MSVC 2015, Xcode 7.2, GCC 5.2, Clang 3.7, Intel C++ 16.00 5.7 - nearly identical to 5.6.3 - minor breaks to the ABI and API - cleared remaining Undefined Behavior Sanitizer (UBsan) findings - - cleared remaining Valgrind findings + - cleared remaining GCC and Visual Studio warnings - removed CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 Written by Wei Dai and the Crypto++ Project diff --git a/base32.h b/base32.h index 6bc48c8a..ad4da97c 100644 --- a/base32.h +++ b/base32.h @@ -1,7 +1,7 @@ // base32.h - written and placed in the public domain by Wei Dai //! \file -//! \brief Classes for Base32 encoder and decoder +//! \brief Classes for Base32Encoder and Base32Decoder #ifndef CRYPTOPP_BASE32_H #define CRYPTOPP_BASE32_H diff --git a/base64.h b/base64.h index 24b184b0..0f957f32 100644 --- a/base64.h +++ b/base64.h @@ -1,4 +1,4 @@ -// .h - written and placed in the public domain by Wei Dai +// base64.h - written and placed in the public domain by Wei Dai //! \file //! \brief Classes for the Base64Encoder, Base64Decoder, Base64URLEncoder and Base64URLDecoder diff --git a/config.recommend b/config.recommend index eb7dbb58..f30f9a26 100644 --- a/config.recommend +++ b/config.recommend @@ -1,708 +1,708 @@ -// config.h - written and placed in the public domain by Wei Dai - -//! \file config.h -//! \brief Library configuration file - -#ifndef CRYPTOPP_CONFIG_H -#define CRYPTOPP_CONFIG_H - -// ***************** Important Settings ******************** - -// define this if running on a big-endian CPU -#if !defined(IS_LITTLE_ENDIAN) && (defined(__BIG_ENDIAN__) || (defined(__s390__) || defined(__s390x__) || defined(__zarch__)) || defined(__sparc) || defined(__sparc__) || defined(__hppa__) || defined(__MIPSEB__) || defined(__ARMEB__) || (defined(__MWERKS__) && !defined(__INTEL__))) -# define IS_BIG_ENDIAN -#endif - -// define this if running on a little-endian CPU -// big endian will be assumed if IS_LITTLE_ENDIAN is not defined -#ifndef IS_BIG_ENDIAN -# define IS_LITTLE_ENDIAN -#endif - -// Sanity checks. Some processors have more than big-, little- and bi-endian modes. PDP mode, where order results in "4312", should -// raise red flags immediately. Additionally, mis-classified machines, like (previosuly) S/390, should raise red flags immediately. -#if defined(IS_BIG_ENDIAN) && defined(__GNUC__) && defined(__BYTE_ORDER__) && (__BYTE_ORDER__ != __ORDER_BIG_ENDIAN__) -# error "IS_BIG_ENDIAN is set, but __BYTE_ORDER__ does not equal __ORDER_BIG_ENDIAN__" -#endif -#if defined(IS_LITTLE_ENDIAN) && defined(__GNUC__) && defined(__BYTE_ORDER__) && (__BYTE_ORDER__ != __ORDER_LITTLE_ENDIAN__) -# error "IS_LITTLE_ENDIAN is set, but __BYTE_ORDER__ does not equal __ORDER_LITTLE_ENDIAN__" -#endif - -// define this if you want to disable all OS-dependent features, -// such as sockets and OS-provided random number generators -// #define NO_OS_DEPENDENCE - -// Define this to use features provided by Microsoft's CryptoAPI. -// Currently the only feature used is random number generation. -// This macro will be ignored if NO_OS_DEPENDENCE is defined. -#define USE_MS_CRYPTOAPI - -// Define this to ensure C/C++ standard compliance and respect for GCC aliasing rules and other alignment fodder. If you -// experience a break with GCC at -O3, you should try this first. Guard it in case its set on the command line (and it differs). -#ifndef CRYPTOPP_NO_UNALIGNED_DATA_ACCESS -# define CRYPTOPP_NO_UNALIGNED_DATA_ACCESS -#endif - -// ***************** Less Important Settings *************** - -// Library version -#define CRYPTOPP_VERSION 563 - -// define this to retain (as much as possible) old deprecated function and class names -// #define CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY - -// define this to retain (as much as possible) ABI and binary compatibility with Crypto++ 5.6.2. -// Also see https://cryptopp.com/wiki/Config.h#Avoid_MAINTAIN_BACKWARDS_COMPATIBILITY -#if (CRYPTOPP_VERSION <= 600) -# if !defined(CRYPTOPP_NO_BACKWARDS_COMPATIBILITY_562) && !defined(CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562) -// # define CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 -# endif -#endif - -// Define this if you want or need the library's memcpy_s and memmove_s. -// See http://github.com/weidai11/cryptopp/issues/28. -// #if !defined(CRYPTOPP_WANT_SECURE_LIB) -// # define CRYPTOPP_WANT_SECURE_LIB -// #endif - -// File system code to write to GZIP archive. -#if !defined(GZIP_OS_CODE) -# define GZIP_OS_CODE 0 -#endif - -// Try this if your CPU has 256K internal cache or a slow multiply instruction -// and you want a (possibly) faster IDEA implementation using log tables -// #define IDEA_LARGECACHE - -// Define this if, for the linear congruential RNG, you want to use -// the original constants as specified in S.K. Park and K.W. Miller's -// CACM paper. -// #define LCRNG_ORIGINAL_NUMBERS - -// choose which style of sockets to wrap (mostly useful for MinGW which has both) -#if !defined(NO_BERKELEY_STYLE_SOCKETS) && !defined(PREFER_BERKELEY_STYLE_SOCKETS) -# define PREFER_BERKELEY_STYLE_SOCKETS -#endif - -// #if !defined(NO_WINDOWS_STYLE_SOCKETS) && !defined(PREFER_WINDOWS_STYLE_SOCKETS) -// # define PREFER_WINDOWS_STYLE_SOCKETS -// #endif - -// set the name of Rijndael cipher, was "Rijndael" before version 5.3 -#define CRYPTOPP_RIJNDAEL_NAME "AES" - -// CRYPTOPP_INIT_PRIORITY attempts to manage initialization of C++ static objects. -// Under GCC, the library uses init_priority attribute in the range -// [CRYPTOPP_INIT_PRIORITY, CRYPTOPP_INIT_PRIORITY+100]. Under Windows, -// CRYPTOPP_INIT_PRIORITY enlists "#pragma init_seg(lib)". -#define CRYPTOPP_INIT_PRIORITY 250 - -// CRYPTOPP_USER_PRIORITY is for other libraries and user code that is using Crypto++ -// and managing C++ static object creation. It is guaranteed not to conflict with -// values used by (or would be used by) the Crypto++ library. -#if defined(CRYPTOPP_INIT_PRIORITY) && (CRYPTOPP_INIT_PRIORITY > 0) -# define CRYPTOPP_USER_PRIORITY (CRYPTOPP_INIT_PRIORITY + 101) -#else -# define CRYPTOPP_USER_PRIORITY 250 -#endif - -// ***************** Important Settings Again ******************** -// But the defaults should be ok. - -// namespace support is now required -#ifdef NO_NAMESPACE -# error namespace support is now required -#endif - -// Define this to workaround a Microsoft CryptoAPI bug where -// each call to CryptAcquireContext causes a 100 KB memory leak. -// Defining this will cause Crypto++ to make only one call to CryptAcquireContext. -#define WORKAROUND_MS_BUG_Q258000 - -#ifdef CRYPTOPP_DOXYGEN_PROCESSING -// Document the namespce exists. Put it here before CryptoPP is undefined below. -//! \namespace CryptoPP -//! \brief Crypto++ library namespace -//! \details Nearly all classes are located in the CryptoPP namespace. Within -//! the namespace, there are two additional namespaces. -//! -namespace CryptoPP { } -// Bring in the symbols fund in the weak namespace; and fold Weak1 into Weak -# define CRYPTOPP_ENABLE_NAMESPACE_WEAK 1 -# define Weak1 Weak -// Avoid putting "CryptoPP::" in front of everything in Doxygen output -# define CryptoPP -# define NAMESPACE_BEGIN(x) -# define NAMESPACE_END -// Get Doxygen to generate better documentation for these typedefs -# define DOCUMENTED_TYPEDEF(x, y) class y : public x {}; -// Make "protected" "private" so the functions and members are not documented -# define protected private -#else -# define NAMESPACE_BEGIN(x) namespace x { -# define NAMESPACE_END } -# define DOCUMENTED_TYPEDEF(x, y) typedef x y; -#endif -#define ANONYMOUS_NAMESPACE_BEGIN namespace { -#define ANONYMOUS_NAMESPACE_END } -#define USING_NAMESPACE(x) using namespace x; -#define DOCUMENTED_NAMESPACE_BEGIN(x) namespace x { -#define DOCUMENTED_NAMESPACE_END } - -// What is the type of the third parameter to bind? -// For Unix, the new standard is ::socklen_t (typically unsigned int), and the old standard is int. -// Unfortunately there is no way to tell whether or not socklen_t is defined. -// To work around this, TYPE_OF_SOCKLEN_T is a macro so that you can change it from the makefile. -#ifndef TYPE_OF_SOCKLEN_T -# if defined(_WIN32) || defined(__CYGWIN__) -# define TYPE_OF_SOCKLEN_T int -# else -# define TYPE_OF_SOCKLEN_T ::socklen_t -# endif -#endif - -#if defined(__CYGWIN__) && defined(PREFER_WINDOWS_STYLE_SOCKETS) -# define __USE_W32_SOCKETS -#endif - -typedef unsigned char byte; // put in global namespace to avoid ambiguity with other byte typedefs - -NAMESPACE_BEGIN(CryptoPP) - -typedef unsigned short word16; -typedef unsigned int word32; - -#if defined(_MSC_VER) || defined(__BORLANDC__) - typedef unsigned __int64 word64; - #define W64LIT(x) x##ui64 -#else - typedef unsigned long long word64; - #define W64LIT(x) x##ULL -#endif - -// define large word type, used for file offsets and such -typedef word64 lword; -const lword LWORD_MAX = W64LIT(0xffffffffffffffff); - -#ifdef __GNUC__ - #define CRYPTOPP_GCC_VERSION (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) -#endif - -// Apple and LLVM's Clang. Apple Clang version 7.0 roughly equals LLVM Clang version 3.7 -#if defined(__clang__ ) && !defined(__apple_build_version__) - #define CRYPTOPP_CLANG_VERSION (__clang_major__ * 10000 + __clang_minor__ * 100 + __clang_patchlevel__) -#elif defined(__clang__ ) && defined(__apple_build_version__) - #define CRYPTOPP_APPLE_CLANG_VERSION (__clang_major__ * 10000 + __clang_minor__ * 100 + __clang_patchlevel__) -#endif - -#ifdef _MSC_VER - #define CRYPTOPP_MSC_VERSION (_MSC_VER) -#endif - -// Need GCC 4.6/Clang 1.7/Apple Clang 2.0 or above due to "GCC diagnostic {push|pop}" -#if (CRYPTOPP_GCC_VERSION >= 40600) || (CRYPTOPP_CLANG_VERSION >= 10700) || (CRYPTOPP_APPLE_CLANG_VERSION >= 20000) - #define CRYPTOPP_GCC_DIAGNOSTIC_AVAILABLE 1 -#endif - -// Clang due to "Inline assembly operands don't work with .intel_syntax", http://llvm.org/bugs/show_bug.cgi?id=24232 -// TODO: supply the upper version when LLVM fixes it. We set it to 20.0 for compilation purposes. -#if (defined(CRYPTOPP_CLANG_VERSION) && CRYPTOPP_CLANG_VERSION <= 200000) || (defined(CRYPTOPP_APPLE_CLANG_VERSION) && CRYPTOPP_APPLE_CLANG_VERSION <= 200000) - #define CRYPTOPP_DISABLE_INTEL_ASM 1 -#endif - -// define hword, word, and dword. these are used for multiprecision integer arithmetic -// Intel compiler won't have _umul128 until version 10.0. See http://softwarecommunity.intel.com/isn/Community/en-US/forums/thread/30231625.aspx -#if (defined(_MSC_VER) && (!defined(__INTEL_COMPILER) || __INTEL_COMPILER >= 1000) && (defined(_M_X64) || defined(_M_IA64))) || (defined(__DECCXX) && defined(__alpha__)) || (defined(__INTEL_COMPILER) && (__INTEL_COMPILER < 1000) && defined(__x86_64__)) || (defined(__SUNPRO_CC) && defined(__x86_64__)) - typedef word32 hword; - typedef word64 word; -#else - #define CRYPTOPP_NATIVE_DWORD_AVAILABLE - #if defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || defined(__x86_64__) || defined(__mips64) || defined(__sparc64__) - #if defined(__GNUC__) && !defined(__INTEL_COMPILER) && !(CRYPTOPP_GCC_VERSION == 40001 && defined(__APPLE__)) && (CRYPTOPP_GCC_VERSION >= 30400) - // GCC 4.0.1 on MacOS X is missing __umodti3 and __udivti3 - // mode(TI) division broken on amd64 with GCC earlier than GCC 3.4 - #define CRYPTOPP_WORD128_AVAILABLE - typedef word32 hword; - typedef word64 word; - typedef __uint128_t dword; - typedef __uint128_t word128; - #elif defined(__GNUC__) && (__SIZEOF_INT128__ >= 16) - // Detect availabliltiy of int128_t and uint128_t in preprocessor, http://gcc.gnu.org/ml/gcc-help/2015-08/msg00185.html. - #define CRYPTOPP_WORD128_AVAILABLE - typedef word32 hword; - typedef word64 word; - typedef __uint128_t dword; - typedef __uint128_t word128; - #else - // if we're here, it means we're on a 64-bit CPU but we don't have a way to obtain 128-bit multiplication results - typedef word16 hword; - typedef word32 word; - typedef word64 dword; - #endif - #elif defined(__GNUC__) && (__SIZEOF_INT128__ >= 16) - // Detect availabliltiy of int128_t and uint128_t in preprocessor, http://gcc.gnu.org/ml/gcc-help/2015-08/msg00185.html. - #define CRYPTOPP_WORD128_AVAILABLE - typedef word32 hword; - typedef word64 word; - typedef __uint128_t dword; - typedef __uint128_t word128; - #else - // being here means the native register size is probably 32 bits or less - #define CRYPTOPP_BOOL_SLOW_WORD64 1 - typedef word16 hword; - typedef word32 word; - typedef word64 dword; - #endif -#endif -#ifndef CRYPTOPP_BOOL_SLOW_WORD64 - #define CRYPTOPP_BOOL_SLOW_WORD64 0 -#endif - -// Produce a compiler error. It can be commented out, but you may not get the benefit of the fastest integers. -#if (__SIZEOF_INT128__ >= 16) && !defined(CRYPTOPP_WORD128_AVAILABLE) && !defined(__aarch64__) -# error "An int128_t and uint128_t are available, but CRYPTOPP_WORD128_AVAILABLE is not defined" -#endif - -const unsigned int WORD_SIZE = sizeof(word); -const unsigned int WORD_BITS = WORD_SIZE * 8; - -NAMESPACE_END - -#ifndef CRYPTOPP_L1_CACHE_LINE_SIZE - // This should be a lower bound on the L1 cache line size. It's used for defense against timing attacks. - // Also see http://stackoverflow.com/questions/794632/programmatically-get-the-cache-line-size. - #if defined(_M_X64) || defined(__x86_64__) || (__ILP32__ >= 1) - #define CRYPTOPP_L1_CACHE_LINE_SIZE 64 - #else - // L1 cache line size is 32 on Pentium III and earlier - #define CRYPTOPP_L1_CACHE_LINE_SIZE 32 - #endif -#endif - -#if defined(_MSC_VER) - #if _MSC_VER == 1200 - #include - #endif - #if _MSC_VER > 1200 || defined(_mm_free) - #define CRYPTOPP_MSVC6PP_OR_LATER // VC 6 processor pack or later - #else - #define CRYPTOPP_MSVC6_NO_PP // VC 6 without processor pack - #endif -#endif - -#ifndef CRYPTOPP_ALIGN_DATA - #if defined(CRYPTOPP_MSVC6PP_OR_LATER) - #define CRYPTOPP_ALIGN_DATA(x) __declspec(align(x)) - #elif defined(__GNUC__) - #define CRYPTOPP_ALIGN_DATA(x) __attribute__((aligned(x))) - #else - #define CRYPTOPP_ALIGN_DATA(x) - #endif -#endif - -#ifndef CRYPTOPP_SECTION_ALIGN16 -#if defined(__GNUC__) && !defined(__APPLE__) - // the alignment attribute doesn't seem to work without this section attribute when -fdata-sections is turned on - #define CRYPTOPP_SECTION_ALIGN16 __attribute__((section ("CryptoPP_Align16"))) - #else - #define CRYPTOPP_SECTION_ALIGN16 - #endif -#endif - -#if defined(_MSC_VER) || defined(__fastcall) - #define CRYPTOPP_FASTCALL __fastcall -#else - #define CRYPTOPP_FASTCALL -#endif - -// VC60 workaround: it doesn't allow typename in some places -#if defined(_MSC_VER) && (_MSC_VER < 1300) -#define CPP_TYPENAME -#else -#define CPP_TYPENAME typename -#endif - -// VC60 workaround: can't cast unsigned __int64 to float or double -#if defined(_MSC_VER) && !defined(CRYPTOPP_MSVC6PP_OR_LATER) -#define CRYPTOPP_VC6_INT64 (__int64) -#else -#define CRYPTOPP_VC6_INT64 -#endif - -#ifdef _MSC_VER -#define CRYPTOPP_NO_VTABLE __declspec(novtable) -#else -#define CRYPTOPP_NO_VTABLE -#endif - -#ifdef _MSC_VER - // 4127: conditional expression is constant - // 4231: nonstandard extension used : 'extern' before template explicit instantiation - // 4250: dominance - // 4251: member needs to have dll-interface - // 4275: base needs to have dll-interface - // 4505: unreferenced local function - // 4512: assignment operator not generated - // 4660: explicitly instantiating a class that's already implicitly instantiated - // 4661: no suitable definition provided for explicit template instantiation request - // 4786: identifer was truncated in debug information - // 4355: 'this' : used in base member initializer list - // 4910: '__declspec(dllexport)' and 'extern' are incompatible on an explicit instantiation -# pragma warning(disable: 4127 4231 4250 4251 4275 4505 4512 4660 4661 4786 4355 4910) - // Security related, possible defects - // http://blogs.msdn.com/b/vcblog/archive/2010/12/14/off-by-default-compiler-warnings-in-visual-c.aspx -# pragma warning(once: 4191 4242 4263 4264 4266 4302 4826 4905 4906 4928) -#endif - -#ifdef __BORLANDC__ -// 8037: non-const function called for const object. needed to work around BCB2006 bug -# pragma warn -8037 -#endif - -// [GCC Bug 53431] "C++ preprocessor ignores #pragma GCC diagnostic". Clang honors it. -#if CRYPTOPP_GCC_DIAGNOSTIC_AVAILABLE -# pragma GCC diagnostic ignored "-Wunknown-pragmas" -# pragma GCC diagnostic ignored "-Wunused-function" -#endif - -#if (defined(_MSC_VER) && _MSC_VER <= 1300) || defined(__MWERKS__) || defined(_STLPORT_VERSION) -#define CRYPTOPP_DISABLE_UNCAUGHT_EXCEPTION -#endif - -#ifndef CRYPTOPP_DISABLE_UNCAUGHT_EXCEPTION -#define CRYPTOPP_UNCAUGHT_EXCEPTION_AVAILABLE -#endif - -#ifdef CRYPTOPP_DISABLE_X86ASM // for backwards compatibility: this macro had both meanings -#define CRYPTOPP_DISABLE_ASM -#define CRYPTOPP_DISABLE_SSE2 -#endif - -// Apple's Clang prior to 5.0 cannot handle SSE2 (and Apple does not use LLVM Clang numbering...) -#if defined(CRYPTOPP_APPLE_CLANG_VERSION) && (CRYPTOPP_APPLE_CLANG_VERSION < 50000) -# define CRYPTOPP_DISABLE_ASM -#endif - -#if !defined(CRYPTOPP_DISABLE_ASM) && ((defined(_MSC_VER) && defined(_M_IX86)) || (defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__)))) - // C++Builder 2010 does not allow "call label" where label is defined within inline assembly - #define CRYPTOPP_X86_ASM_AVAILABLE - - #if !defined(CRYPTOPP_DISABLE_SSE2) && (defined(CRYPTOPP_MSVC6PP_OR_LATER) || CRYPTOPP_GCC_VERSION >= 30300 || defined(__SSE2__)) - #define CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE 1 - #else - #define CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE 0 - #endif - - // SSE3 was actually introduced in GNU as 2.17, which was released 6/23/2006, but we can't tell what version of binutils is installed. - // GCC 4.1.2 was released on 2/13/2007, so we'll use that as a proxy for the binutils version. Also see the output of - // `gcc -dM -E -march=native - < /dev/null | grep -i SSE` for preprocessor defines available. - #if !defined(CRYPTOPP_DISABLE_SSSE3) && (_MSC_VER >= 1400 || CRYPTOPP_GCC_VERSION >= 40102 || defined(__SSSE3__) || defined(__SSE3__)) - #define CRYPTOPP_BOOL_SSSE3_ASM_AVAILABLE 1 - #else - #define CRYPTOPP_BOOL_SSSE3_ASM_AVAILABLE 0 - #endif -#endif - -#if !defined(CRYPTOPP_DISABLE_ASM) && defined(_MSC_VER) && defined(_M_X64) - #define CRYPTOPP_X64_MASM_AVAILABLE -#endif - -#if !defined(CRYPTOPP_DISABLE_ASM) && defined(__GNUC__) && defined(__x86_64__) - #define CRYPTOPP_X64_ASM_AVAILABLE -#endif - -#if !defined(CRYPTOPP_DISABLE_SSE2) && (defined(CRYPTOPP_MSVC6PP_OR_LATER) || defined(__SSE2__)) - #define CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE 1 -#else - #define CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE 0 -#endif - -#if !defined(CRYPTOPP_DISABLE_SSSE3) && !defined(CRYPTOPP_DISABLE_AESNI) && CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && (CRYPTOPP_GCC_VERSION >= 40400 || _MSC_FULL_VER >= 150030729 || __INTEL_COMPILER >= 1110 || defined(__AES__)) - #define CRYPTOPP_BOOL_AESNI_INTRINSICS_AVAILABLE 1 -#else - #define CRYPTOPP_BOOL_AESNI_INTRINSICS_AVAILABLE 0 -#endif - -#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE || CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE || defined(CRYPTOPP_X64_MASM_AVAILABLE) - #define CRYPTOPP_BOOL_ALIGN16 1 -#else - #define CRYPTOPP_BOOL_ALIGN16 0 -#endif - -// how to allocate 16-byte aligned memory (for SSE2) -#if defined(CRYPTOPP_MSVC6PP_OR_LATER) - #define CRYPTOPP_MM_MALLOC_AVAILABLE -#elif defined(__APPLE__) - #define CRYPTOPP_APPLE_MALLOC_AVAILABLE -#elif defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) - #define CRYPTOPP_MALLOC_ALIGNMENT_IS_16 -#elif defined(__linux__) || defined(__sun__) || defined(__CYGWIN__) - #define CRYPTOPP_MEMALIGN_AVAILABLE -#else - #define CRYPTOPP_NO_ALIGNED_ALLOC -#endif - -// Apple always provides 16-byte aligned, and tells us to use calloc -// http://developer.apple.com/library/mac/documentation/Performance/Conceptual/ManagingMemory/Articles/MemoryAlloc.html - -// how to disable inlining -#if defined(_MSC_VER) && _MSC_VER >= 1300 -# define CRYPTOPP_NOINLINE_DOTDOTDOT -# define CRYPTOPP_NOINLINE __declspec(noinline) -#elif defined(__GNUC__) -# define CRYPTOPP_NOINLINE_DOTDOTDOT -# define CRYPTOPP_NOINLINE __attribute__((noinline)) -#else -# define CRYPTOPP_NOINLINE_DOTDOTDOT ... -# define CRYPTOPP_NOINLINE -#endif - -// how to declare class constants -#if (defined(_MSC_VER) && _MSC_VER <= 1300) || defined(__INTEL_COMPILER) -# define CRYPTOPP_CONSTANT(x) enum {x}; -#else -# define CRYPTOPP_CONSTANT(x) static const int x; -#endif - -// Linux provides X32, which is 32-bit integers, longs and pointers on x86_64 using the full x86_64 register set. -// Detect via __ILP32__ (http://wiki.debian.org/X32Port). Both GCC and Clang provide the preprocessor macro. -#if ((__ILP32__ >= 1) || (_ILP32 >= 1)) - #define CRYPTOPP_BOOL_X32 1 -#else - #define CRYPTOPP_BOOL_X32 0 -#endif - -// see http://predef.sourceforge.net/prearch.html -#if (defined(_M_IX86) || defined(__i386__) || defined(__i386) || defined(_X86_) || defined(__I86__) || defined(__INTEL__)) && !CRYPTOPP_BOOL_X32 - #define CRYPTOPP_BOOL_X86 1 -#else - #define CRYPTOPP_BOOL_X86 0 -#endif - -#if (defined(_M_X64) || defined(__x86_64__)) && !CRYPTOPP_BOOL_X32 - #define CRYPTOPP_BOOL_X64 1 -#else - #define CRYPTOPP_BOOL_X64 0 -#endif - -// Undo the ASM and Intrinsic related defines due to X32. -#if CRYPTOPP_BOOL_X32 -# undef CRYPTOPP_BOOL_X64 -# undef CRYPTOPP_X64_ASM_AVAILABLE -# undef CRYPTOPP_X64_MASM_AVAILABLE -#endif - -#if !defined(CRYPTOPP_NO_UNALIGNED_DATA_ACCESS) && !defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS) -#if (CRYPTOPP_BOOL_X64 || CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || defined(__powerpc__) || (__ARM_FEATURE_UNALIGNED >= 1)) - #define CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS -#endif -#endif - -// ***************** determine availability of OS features ******************** - -#ifndef NO_OS_DEPENDENCE - -#if defined(_WIN32) || defined(__CYGWIN__) -#define CRYPTOPP_WIN32_AVAILABLE -#endif - -#if defined(__unix__) || defined(__MACH__) || defined(__NetBSD__) || defined(__sun) -#define CRYPTOPP_UNIX_AVAILABLE -#endif - -#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) -#define CRYPTOPP_BSD_AVAILABLE -#endif - -#if defined(CRYPTOPP_WIN32_AVAILABLE) || defined(CRYPTOPP_UNIX_AVAILABLE) -# define HIGHRES_TIMER_AVAILABLE -#endif - -#ifdef CRYPTOPP_UNIX_AVAILABLE -# define HAS_BERKELEY_STYLE_SOCKETS -#endif - -#ifdef CRYPTOPP_WIN32_AVAILABLE -# define HAS_WINDOWS_STYLE_SOCKETS -#endif - -#if defined(HIGHRES_TIMER_AVAILABLE) && (defined(HAS_BERKELEY_STYLE_SOCKETS) || defined(HAS_WINDOWS_STYLE_SOCKETS)) -# define SOCKETS_AVAILABLE -#endif - -#if defined(HAS_WINDOWS_STYLE_SOCKETS) && (!defined(HAS_BERKELEY_STYLE_SOCKETS) || defined(PREFER_WINDOWS_STYLE_SOCKETS)) -# define USE_WINDOWS_STYLE_SOCKETS -#else -# define USE_BERKELEY_STYLE_SOCKETS -#endif - -#if defined(HIGHRES_TIMER_AVAILABLE) && defined(CRYPTOPP_WIN32_AVAILABLE) && !defined(USE_BERKELEY_STYLE_SOCKETS) -# define WINDOWS_PIPES_AVAILABLE -#endif - -#if defined(CRYPTOPP_WIN32_AVAILABLE) && defined(USE_MS_CRYPTOAPI) -# define NONBLOCKING_RNG_AVAILABLE -# define OS_RNG_AVAILABLE -#endif - -#if defined(CRYPTOPP_UNIX_AVAILABLE) || defined(CRYPTOPP_DOXYGEN_PROCESSING) -# define NONBLOCKING_RNG_AVAILABLE -# define BLOCKING_RNG_AVAILABLE -# define OS_RNG_AVAILABLE -# define HAS_PTHREADS -# define THREADS_AVAILABLE -#endif - -#ifdef CRYPTOPP_WIN32_AVAILABLE -# define HAS_WINTHREADS -# define THREADS_AVAILABLE -#endif - -#endif // NO_OS_DEPENDENCE - -// ***************** DLL related ******************** - -#if defined(CRYPTOPP_WIN32_AVAILABLE) && !defined(CRYPTOPP_DOXYGEN_PROCESSING) - -#ifdef CRYPTOPP_EXPORTS -#define CRYPTOPP_IS_DLL -#define CRYPTOPP_DLL __declspec(dllexport) -#elif defined(CRYPTOPP_IMPORTS) -#define CRYPTOPP_IS_DLL -#define CRYPTOPP_DLL __declspec(dllimport) -#else -#define CRYPTOPP_DLL -#endif - -#define CRYPTOPP_API __cdecl - -#else // not CRYPTOPP_WIN32_AVAILABLE - -#define CRYPTOPP_DLL -#define CRYPTOPP_API - -#endif // CRYPTOPP_WIN32_AVAILABLE - -#if defined(__MWERKS__) -#define CRYPTOPP_EXTERN_DLL_TEMPLATE_CLASS extern class CRYPTOPP_DLL -#elif defined(__BORLANDC__) || defined(__SUNPRO_CC) -#define CRYPTOPP_EXTERN_DLL_TEMPLATE_CLASS template class CRYPTOPP_DLL -#else -#define CRYPTOPP_EXTERN_DLL_TEMPLATE_CLASS extern template class CRYPTOPP_DLL -#endif - -#if defined(CRYPTOPP_MANUALLY_INSTANTIATE_TEMPLATES) && !defined(CRYPTOPP_IMPORTS) -#define CRYPTOPP_DLL_TEMPLATE_CLASS template class CRYPTOPP_DLL -#else -#define CRYPTOPP_DLL_TEMPLATE_CLASS CRYPTOPP_EXTERN_DLL_TEMPLATE_CLASS -#endif - -#if defined(__MWERKS__) -#define CRYPTOPP_EXTERN_STATIC_TEMPLATE_CLASS extern class -#elif defined(__BORLANDC__) || defined(__SUNPRO_CC) -#define CRYPTOPP_EXTERN_STATIC_TEMPLATE_CLASS template class -#else -#define CRYPTOPP_EXTERN_STATIC_TEMPLATE_CLASS extern template class -#endif - -#if defined(CRYPTOPP_MANUALLY_INSTANTIATE_TEMPLATES) && !defined(CRYPTOPP_EXPORTS) -#define CRYPTOPP_STATIC_TEMPLATE_CLASS template class -#else -#define CRYPTOPP_STATIC_TEMPLATE_CLASS CRYPTOPP_EXTERN_STATIC_TEMPLATE_CLASS -#endif - -// ************** Unused variable *************** - -// Portable way to suppress warnings. -// Moved from misc.h due to circular depenedencies. -#define CRYPTOPP_UNUSED(x) ((void)x) - -// ***************** C++11 related ******************** - -// Visual Studio began at VS2010, http://msdn.microsoft.com/en-us/library/hh567368%28v=vs.110%29.aspx. -// Intel and C++11 language features, http://software.intel.com/en-us/articles/c0x-features-supported-by-intel-c-compiler -// GCC and C++11 language features, http://gcc.gnu.org/projects/cxx0x.html -// Clang and C++11 language features, http://clang.llvm.org/cxx_status.html -#if (_MSC_VER >= 1600) || (__cplusplus >= 201103L) -# define CRYPTOPP_CXX11 1 -#endif - -// Hack ahead. Apple's standard library does not have C++'s unique_ptr in C++11. We can't -// test for unique_ptr directly because some of the non-Apple Clangs on OS X fail the same -// way. However, modern standard libraries have , so we test for it instead. -// Thanks to Jonathan Wakely for devising the clever test for modern/ancient versions. -// TODO: test under Xcode 3, where g++ is really g++. -#if defined(__APPLE__) && defined(__clang__) -# if !(defined(__has_include) && __has_include()) -# undef CRYPTOPP_CXX11 -# endif -#endif - -// C++11 or C++14 is available -#if defined(CRYPTOPP_CXX11) - -// alignof/alignas: MS at VS2013 (19.00); GCC at 4.8; Clang at 3.3; and Intel 15.0. -#if (CRYPTOPP_MSC_VERSION >= 1900) -# define CRYPTOPP_CXX11_ALIGNAS 1 -# define CRYPTOPP_CXX11_ALIGNOF 1 -#elif defined(__INTEL_COMPILER) && (__INTEL_COMPILER >= 1500) -# define CRYPTOPP_CXX11_ALIGNAS 1 -# define CRYPTOPP_CXX11_ALIGNOF 1 -#elif defined(__clang__) -# if __has_feature(cxx_alignof) -# define CRYPTOPP_CXX11_ALIGNAS 1 -# define CRYPTOPP_CXX11_ALIGNOF 1 -# endif -#elif (CRYPTOPP_GCC_VERSION >= 40800) -# define CRYPTOPP_CXX11_ALIGNAS 1 -# define CRYPTOPP_CXX11_ALIGNOF 1 -#endif // alignof/alignas - -// noexcept: MS at VS2015 (19.00); GCC at 4.6; Clang at 3.0; and Intel 14.0. -#if (CRYPTOPP_MSC_VERSION >= 1900) -# define CRYPTOPP_CXX11_NOEXCEPT 1 -#elif defined(__INTEL_COMPILER) && (__INTEL_COMPILER >= 1400) -# define CRYPTOPP_CXX11_NOEXCEPT 1 -#elif defined(__clang__) -# if __has_feature(cxx_noexcept) -# define CRYPTOPP_CXX11_NOEXCEPT 1 -# endif -#elif (CRYPTOPP_GCC_VERSION >= 40600) -# define CRYPTOPP_CXX11_NOEXCEPT 1 -#endif // noexcept compilers - -// variadic templates: MS at VS2013 (18.00); GCC at 4.3; Clang at 2.9; and Intel 12.1. -#if (CRYPTOPP_MSC_VERSION >= 1800) -# define CRYPTOPP_CXX11_VARIADIC_TEMPLATES 1 -#elif defined(__INTEL_COMPILER) && (__INTEL_COMPILER >= 1210) -# define CRYPTOPP_CXX11_VARIADIC_TEMPLATES 1 -#elif defined(__clang__) -# if __has_feature(cxx_variadic_templates) -# define CRYPTOPP_CXX11_VARIADIC_TEMPLATES 1 -# endif -#elif (CRYPTOPP_GCC_VERSION >= 40300) -# define CRYPTOPP_CXX11_VARIADIC_TEMPLATES 1 -#endif // variadic templates - -// TODO: Emplacement, R-values and Move semantics -// Needed because we are catching warnings with GCC and MSC - -#endif // CRYPTOPP_CXX11 - -#if defined(CRYPTOPP_CXX11_NOEXCEPT) -# define CRYPTOPP_THROW noexcept(false) -# define CRYPTOPP_NO_THROW noexcept(true) -#else -# define CRYPTOPP_THROW -# define CRYPTOPP_NO_THROW -#endif // CRYPTOPP_CXX11_NOEXCEPT - -// OK to comment the following out, but please report it so we can fix it. -#if (defined(__cplusplus) && (__cplusplus >= 199711L)) && !defined(CRYPTOPP_UNCAUGHT_EXCEPTION_AVAILABLE) -# error "std::uncaught_exception is not available. This is likely a configuration error." -#endif - -#endif +// config.h - written and placed in the public domain by Wei Dai + +//! \file config.h +//! \brief Library configuration file + +#ifndef CRYPTOPP_CONFIG_H +#define CRYPTOPP_CONFIG_H + +// ***************** Important Settings ******************** + +// define this if running on a big-endian CPU +#if !defined(IS_LITTLE_ENDIAN) && (defined(__BIG_ENDIAN__) || (defined(__s390__) || defined(__s390x__) || defined(__zarch__)) || defined(__sparc) || defined(__sparc__) || defined(__hppa__) || defined(__MIPSEB__) || defined(__ARMEB__) || (defined(__MWERKS__) && !defined(__INTEL__))) +# define IS_BIG_ENDIAN +#endif + +// define this if running on a little-endian CPU +// big endian will be assumed if IS_LITTLE_ENDIAN is not defined +#ifndef IS_BIG_ENDIAN +# define IS_LITTLE_ENDIAN +#endif + +// Sanity checks. Some processors have more than big-, little- and bi-endian modes. PDP mode, where order results in "4312", should +// raise red flags immediately. Additionally, mis-classified machines, like (previosuly) S/390, should raise red flags immediately. +#if defined(IS_BIG_ENDIAN) && defined(__GNUC__) && defined(__BYTE_ORDER__) && (__BYTE_ORDER__ != __ORDER_BIG_ENDIAN__) +# error "IS_BIG_ENDIAN is set, but __BYTE_ORDER__ does not equal __ORDER_BIG_ENDIAN__" +#endif +#if defined(IS_LITTLE_ENDIAN) && defined(__GNUC__) && defined(__BYTE_ORDER__) && (__BYTE_ORDER__ != __ORDER_LITTLE_ENDIAN__) +# error "IS_LITTLE_ENDIAN is set, but __BYTE_ORDER__ does not equal __ORDER_LITTLE_ENDIAN__" +#endif + +// define this if you want to disable all OS-dependent features, +// such as sockets and OS-provided random number generators +// #define NO_OS_DEPENDENCE + +// Define this to use features provided by Microsoft's CryptoAPI. +// Currently the only feature used is random number generation. +// This macro will be ignored if NO_OS_DEPENDENCE is defined. +#define USE_MS_CRYPTOAPI + +// Define this to ensure C/C++ standard compliance and respect for GCC aliasing rules and other alignment fodder. If you +// experience a break with GCC at -O3, you should try this first. Guard it in case its set on the command line (and it differs). +#ifndef CRYPTOPP_NO_UNALIGNED_DATA_ACCESS +# define CRYPTOPP_NO_UNALIGNED_DATA_ACCESS +#endif + +// ***************** Less Important Settings *************** + +// Library version +#define CRYPTOPP_VERSION 563 + +// define this to retain (as much as possible) old deprecated function and class names +// #define CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY + +// define this to retain (as much as possible) ABI and binary compatibility with Crypto++ 5.6.2. +// Also see https://cryptopp.com/wiki/Config.h#Avoid_MAINTAIN_BACKWARDS_COMPATIBILITY +#if (CRYPTOPP_VERSION <= 600) +# if !defined(CRYPTOPP_NO_BACKWARDS_COMPATIBILITY_562) && !defined(CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562) +// # define CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 +# endif +#endif + +// Define this if you want or need the library's memcpy_s and memmove_s. +// See http://github.com/weidai11/cryptopp/issues/28. +// #if !defined(CRYPTOPP_WANT_SECURE_LIB) +// # define CRYPTOPP_WANT_SECURE_LIB +// #endif + +// File system code to write to GZIP archive. +#if !defined(GZIP_OS_CODE) +# define GZIP_OS_CODE 0 +#endif + +// Try this if your CPU has 256K internal cache or a slow multiply instruction +// and you want a (possibly) faster IDEA implementation using log tables +// #define IDEA_LARGECACHE + +// Define this if, for the linear congruential RNG, you want to use +// the original constants as specified in S.K. Park and K.W. Miller's +// CACM paper. +// #define LCRNG_ORIGINAL_NUMBERS + +// choose which style of sockets to wrap (mostly useful for MinGW which has both) +#if !defined(NO_BERKELEY_STYLE_SOCKETS) && !defined(PREFER_BERKELEY_STYLE_SOCKETS) +# define PREFER_BERKELEY_STYLE_SOCKETS +#endif + +// #if !defined(NO_WINDOWS_STYLE_SOCKETS) && !defined(PREFER_WINDOWS_STYLE_SOCKETS) +// # define PREFER_WINDOWS_STYLE_SOCKETS +// #endif + +// set the name of Rijndael cipher, was "Rijndael" before version 5.3 +#define CRYPTOPP_RIJNDAEL_NAME "AES" + +// CRYPTOPP_INIT_PRIORITY attempts to manage initialization of C++ static objects. +// Under GCC, the library uses init_priority attribute in the range +// [CRYPTOPP_INIT_PRIORITY, CRYPTOPP_INIT_PRIORITY+100]. Under Windows, +// CRYPTOPP_INIT_PRIORITY enlists "#pragma init_seg(lib)". +#define CRYPTOPP_INIT_PRIORITY 250 + +// CRYPTOPP_USER_PRIORITY is for other libraries and user code that is using Crypto++ +// and managing C++ static object creation. It is guaranteed not to conflict with +// values used by (or would be used by) the Crypto++ library. +#if defined(CRYPTOPP_INIT_PRIORITY) && (CRYPTOPP_INIT_PRIORITY > 0) +# define CRYPTOPP_USER_PRIORITY (CRYPTOPP_INIT_PRIORITY + 101) +#else +# define CRYPTOPP_USER_PRIORITY 250 +#endif + +// ***************** Important Settings Again ******************** +// But the defaults should be ok. + +// namespace support is now required +#ifdef NO_NAMESPACE +# error namespace support is now required +#endif + +// Define this to workaround a Microsoft CryptoAPI bug where +// each call to CryptAcquireContext causes a 100 KB memory leak. +// Defining this will cause Crypto++ to make only one call to CryptAcquireContext. +#define WORKAROUND_MS_BUG_Q258000 + +#ifdef CRYPTOPP_DOXYGEN_PROCESSING +// Document the namespce exists. Put it here before CryptoPP is undefined below. +//! \namespace CryptoPP +//! \brief Crypto++ library namespace +//! \details Nearly all classes are located in the CryptoPP namespace. Within +//! the namespace, there are two additional namespaces. +//!
    +//!
  • Name - namespace for names used with \p NameValuePairs and documented in argnames.h +//!
  • Weak - namespace for weak and wounded algorithms, like ARC4, MD5 and Pananma +//!
+namespace CryptoPP { } +// Bring in the symbols fund in the weak namespace; and fold Weak1 into Weak +# define CRYPTOPP_ENABLE_NAMESPACE_WEAK 1 +# define Weak1 Weak +// Avoid putting "CryptoPP::" in front of everything in Doxygen output +# define CryptoPP +# define NAMESPACE_BEGIN(x) +# define NAMESPACE_END +// Get Doxygen to generate better documentation for these typedefs +# define DOCUMENTED_TYPEDEF(x, y) class y : public x {}; +// Make "protected" "private" so the functions and members are not documented +# define protected private +#else +# define NAMESPACE_BEGIN(x) namespace x { +# define NAMESPACE_END } +# define DOCUMENTED_TYPEDEF(x, y) typedef x y; +#endif +#define ANONYMOUS_NAMESPACE_BEGIN namespace { +#define ANONYMOUS_NAMESPACE_END } +#define USING_NAMESPACE(x) using namespace x; +#define DOCUMENTED_NAMESPACE_BEGIN(x) namespace x { +#define DOCUMENTED_NAMESPACE_END } + +// What is the type of the third parameter to bind? +// For Unix, the new standard is ::socklen_t (typically unsigned int), and the old standard is int. +// Unfortunately there is no way to tell whether or not socklen_t is defined. +// To work around this, TYPE_OF_SOCKLEN_T is a macro so that you can change it from the makefile. +#ifndef TYPE_OF_SOCKLEN_T +# if defined(_WIN32) || defined(__CYGWIN__) +# define TYPE_OF_SOCKLEN_T int +# else +# define TYPE_OF_SOCKLEN_T ::socklen_t +# endif +#endif + +#if defined(__CYGWIN__) && defined(PREFER_WINDOWS_STYLE_SOCKETS) +# define __USE_W32_SOCKETS +#endif + +typedef unsigned char byte; // put in global namespace to avoid ambiguity with other byte typedefs + +NAMESPACE_BEGIN(CryptoPP) + +typedef unsigned short word16; +typedef unsigned int word32; + +#if defined(_MSC_VER) || defined(__BORLANDC__) + typedef unsigned __int64 word64; + #define W64LIT(x) x##ui64 +#else + typedef unsigned long long word64; + #define W64LIT(x) x##ULL +#endif + +// define large word type, used for file offsets and such +typedef word64 lword; +const lword LWORD_MAX = W64LIT(0xffffffffffffffff); + +#ifdef __GNUC__ + #define CRYPTOPP_GCC_VERSION (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) +#endif + +// Apple and LLVM's Clang. Apple Clang version 7.0 roughly equals LLVM Clang version 3.7 +#if defined(__clang__ ) && !defined(__apple_build_version__) + #define CRYPTOPP_CLANG_VERSION (__clang_major__ * 10000 + __clang_minor__ * 100 + __clang_patchlevel__) +#elif defined(__clang__ ) && defined(__apple_build_version__) + #define CRYPTOPP_APPLE_CLANG_VERSION (__clang_major__ * 10000 + __clang_minor__ * 100 + __clang_patchlevel__) +#endif + +#ifdef _MSC_VER + #define CRYPTOPP_MSC_VERSION (_MSC_VER) +#endif + +// Need GCC 4.6/Clang 1.7/Apple Clang 2.0 or above due to "GCC diagnostic {push|pop}" +#if (CRYPTOPP_GCC_VERSION >= 40600) || (CRYPTOPP_CLANG_VERSION >= 10700) || (CRYPTOPP_APPLE_CLANG_VERSION >= 20000) + #define CRYPTOPP_GCC_DIAGNOSTIC_AVAILABLE 1 +#endif + +// Clang due to "Inline assembly operands don't work with .intel_syntax", http://llvm.org/bugs/show_bug.cgi?id=24232 +// TODO: supply the upper version when LLVM fixes it. We set it to 20.0 for compilation purposes. +#if (defined(CRYPTOPP_CLANG_VERSION) && CRYPTOPP_CLANG_VERSION <= 200000) || (defined(CRYPTOPP_APPLE_CLANG_VERSION) && CRYPTOPP_APPLE_CLANG_VERSION <= 200000) + #define CRYPTOPP_DISABLE_INTEL_ASM 1 +#endif + +// define hword, word, and dword. these are used for multiprecision integer arithmetic +// Intel compiler won't have _umul128 until version 10.0. See http://softwarecommunity.intel.com/isn/Community/en-US/forums/thread/30231625.aspx +#if (defined(_MSC_VER) && (!defined(__INTEL_COMPILER) || __INTEL_COMPILER >= 1000) && (defined(_M_X64) || defined(_M_IA64))) || (defined(__DECCXX) && defined(__alpha__)) || (defined(__INTEL_COMPILER) && (__INTEL_COMPILER < 1000) && defined(__x86_64__)) || (defined(__SUNPRO_CC) && defined(__x86_64__)) + typedef word32 hword; + typedef word64 word; +#else + #define CRYPTOPP_NATIVE_DWORD_AVAILABLE + #if defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || defined(__x86_64__) || defined(__mips64) || defined(__sparc64__) + #if defined(__GNUC__) && !defined(__INTEL_COMPILER) && !(CRYPTOPP_GCC_VERSION == 40001 && defined(__APPLE__)) && (CRYPTOPP_GCC_VERSION >= 30400) + // GCC 4.0.1 on MacOS X is missing __umodti3 and __udivti3 + // mode(TI) division broken on amd64 with GCC earlier than GCC 3.4 + #define CRYPTOPP_WORD128_AVAILABLE + typedef word32 hword; + typedef word64 word; + typedef __uint128_t dword; + typedef __uint128_t word128; + #elif defined(__GNUC__) && (__SIZEOF_INT128__ >= 16) + // Detect availabliltiy of int128_t and uint128_t in preprocessor, http://gcc.gnu.org/ml/gcc-help/2015-08/msg00185.html. + #define CRYPTOPP_WORD128_AVAILABLE + typedef word32 hword; + typedef word64 word; + typedef __uint128_t dword; + typedef __uint128_t word128; + #else + // if we're here, it means we're on a 64-bit CPU but we don't have a way to obtain 128-bit multiplication results + typedef word16 hword; + typedef word32 word; + typedef word64 dword; + #endif + #elif defined(__GNUC__) && (__SIZEOF_INT128__ >= 16) + // Detect availabliltiy of int128_t and uint128_t in preprocessor, http://gcc.gnu.org/ml/gcc-help/2015-08/msg00185.html. + #define CRYPTOPP_WORD128_AVAILABLE + typedef word32 hword; + typedef word64 word; + typedef __uint128_t dword; + typedef __uint128_t word128; + #else + // being here means the native register size is probably 32 bits or less + #define CRYPTOPP_BOOL_SLOW_WORD64 1 + typedef word16 hword; + typedef word32 word; + typedef word64 dword; + #endif +#endif +#ifndef CRYPTOPP_BOOL_SLOW_WORD64 + #define CRYPTOPP_BOOL_SLOW_WORD64 0 +#endif + +// Produce a compiler error. It can be commented out, but you may not get the benefit of the fastest integers. +#if (__SIZEOF_INT128__ >= 16) && !defined(CRYPTOPP_WORD128_AVAILABLE) && !defined(__aarch64__) +# error "An int128_t and uint128_t are available, but CRYPTOPP_WORD128_AVAILABLE is not defined" +#endif + +const unsigned int WORD_SIZE = sizeof(word); +const unsigned int WORD_BITS = WORD_SIZE * 8; + +NAMESPACE_END + +#ifndef CRYPTOPP_L1_CACHE_LINE_SIZE + // This should be a lower bound on the L1 cache line size. It's used for defense against timing attacks. + // Also see http://stackoverflow.com/questions/794632/programmatically-get-the-cache-line-size. + #if defined(_M_X64) || defined(__x86_64__) || (__ILP32__ >= 1) + #define CRYPTOPP_L1_CACHE_LINE_SIZE 64 + #else + // L1 cache line size is 32 on Pentium III and earlier + #define CRYPTOPP_L1_CACHE_LINE_SIZE 32 + #endif +#endif + +#if defined(_MSC_VER) + #if _MSC_VER == 1200 + #include + #endif + #if _MSC_VER > 1200 || defined(_mm_free) + #define CRYPTOPP_MSVC6PP_OR_LATER // VC 6 processor pack or later + #else + #define CRYPTOPP_MSVC6_NO_PP // VC 6 without processor pack + #endif +#endif + +#ifndef CRYPTOPP_ALIGN_DATA + #if defined(CRYPTOPP_MSVC6PP_OR_LATER) + #define CRYPTOPP_ALIGN_DATA(x) __declspec(align(x)) + #elif defined(__GNUC__) + #define CRYPTOPP_ALIGN_DATA(x) __attribute__((aligned(x))) + #else + #define CRYPTOPP_ALIGN_DATA(x) + #endif +#endif + +#ifndef CRYPTOPP_SECTION_ALIGN16 +#if defined(__GNUC__) && !defined(__APPLE__) + // the alignment attribute doesn't seem to work without this section attribute when -fdata-sections is turned on + #define CRYPTOPP_SECTION_ALIGN16 __attribute__((section ("CryptoPP_Align16"))) + #else + #define CRYPTOPP_SECTION_ALIGN16 + #endif +#endif + +#if defined(_MSC_VER) || defined(__fastcall) + #define CRYPTOPP_FASTCALL __fastcall +#else + #define CRYPTOPP_FASTCALL +#endif + +// VC60 workaround: it doesn't allow typename in some places +#if defined(_MSC_VER) && (_MSC_VER < 1300) +#define CPP_TYPENAME +#else +#define CPP_TYPENAME typename +#endif + +// VC60 workaround: can't cast unsigned __int64 to float or double +#if defined(_MSC_VER) && !defined(CRYPTOPP_MSVC6PP_OR_LATER) +#define CRYPTOPP_VC6_INT64 (__int64) +#else +#define CRYPTOPP_VC6_INT64 +#endif + +#ifdef _MSC_VER +#define CRYPTOPP_NO_VTABLE __declspec(novtable) +#else +#define CRYPTOPP_NO_VTABLE +#endif + +#ifdef _MSC_VER + // 4127: conditional expression is constant + // 4231: nonstandard extension used : 'extern' before template explicit instantiation + // 4250: dominance + // 4251: member needs to have dll-interface + // 4275: base needs to have dll-interface + // 4505: unreferenced local function + // 4512: assignment operator not generated + // 4660: explicitly instantiating a class that's already implicitly instantiated + // 4661: no suitable definition provided for explicit template instantiation request + // 4786: identifer was truncated in debug information + // 4355: 'this' : used in base member initializer list + // 4910: '__declspec(dllexport)' and 'extern' are incompatible on an explicit instantiation +# pragma warning(disable: 4127 4231 4250 4251 4275 4505 4512 4660 4661 4786 4355 4910) + // Security related, possible defects + // http://blogs.msdn.com/b/vcblog/archive/2010/12/14/off-by-default-compiler-warnings-in-visual-c.aspx +# pragma warning(once: 4191 4242 4263 4264 4266 4302 4826 4905 4906 4928) +#endif + +#ifdef __BORLANDC__ +// 8037: non-const function called for const object. needed to work around BCB2006 bug +# pragma warn -8037 +#endif + +// [GCC Bug 53431] "C++ preprocessor ignores #pragma GCC diagnostic". Clang honors it. +#if CRYPTOPP_GCC_DIAGNOSTIC_AVAILABLE +# pragma GCC diagnostic ignored "-Wunknown-pragmas" +# pragma GCC diagnostic ignored "-Wunused-function" +#endif + +#if (defined(_MSC_VER) && _MSC_VER <= 1300) || defined(__MWERKS__) || defined(_STLPORT_VERSION) +#define CRYPTOPP_DISABLE_UNCAUGHT_EXCEPTION +#endif + +#ifndef CRYPTOPP_DISABLE_UNCAUGHT_EXCEPTION +#define CRYPTOPP_UNCAUGHT_EXCEPTION_AVAILABLE +#endif + +#ifdef CRYPTOPP_DISABLE_X86ASM // for backwards compatibility: this macro had both meanings +#define CRYPTOPP_DISABLE_ASM +#define CRYPTOPP_DISABLE_SSE2 +#endif + +// Apple's Clang prior to 5.0 cannot handle SSE2 (and Apple does not use LLVM Clang numbering...) +#if defined(CRYPTOPP_APPLE_CLANG_VERSION) && (CRYPTOPP_APPLE_CLANG_VERSION < 50000) +# define CRYPTOPP_DISABLE_ASM +#endif + +#if !defined(CRYPTOPP_DISABLE_ASM) && ((defined(_MSC_VER) && defined(_M_IX86)) || (defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__)))) + // C++Builder 2010 does not allow "call label" where label is defined within inline assembly + #define CRYPTOPP_X86_ASM_AVAILABLE + + #if !defined(CRYPTOPP_DISABLE_SSE2) && (defined(CRYPTOPP_MSVC6PP_OR_LATER) || CRYPTOPP_GCC_VERSION >= 30300 || defined(__SSE2__)) + #define CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE 1 + #else + #define CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE 0 + #endif + + // SSE3 was actually introduced in GNU as 2.17, which was released 6/23/2006, but we can't tell what version of binutils is installed. + // GCC 4.1.2 was released on 2/13/2007, so we'll use that as a proxy for the binutils version. Also see the output of + // `gcc -dM -E -march=native - < /dev/null | grep -i SSE` for preprocessor defines available. + #if !defined(CRYPTOPP_DISABLE_SSSE3) && (_MSC_VER >= 1400 || CRYPTOPP_GCC_VERSION >= 40102 || defined(__SSSE3__) || defined(__SSE3__)) + #define CRYPTOPP_BOOL_SSSE3_ASM_AVAILABLE 1 + #else + #define CRYPTOPP_BOOL_SSSE3_ASM_AVAILABLE 0 + #endif +#endif + +#if !defined(CRYPTOPP_DISABLE_ASM) && defined(_MSC_VER) && defined(_M_X64) + #define CRYPTOPP_X64_MASM_AVAILABLE +#endif + +#if !defined(CRYPTOPP_DISABLE_ASM) && defined(__GNUC__) && defined(__x86_64__) + #define CRYPTOPP_X64_ASM_AVAILABLE +#endif + +#if !defined(CRYPTOPP_DISABLE_SSE2) && (defined(CRYPTOPP_MSVC6PP_OR_LATER) || defined(__SSE2__)) + #define CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE 1 +#else + #define CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE 0 +#endif + +#if !defined(CRYPTOPP_DISABLE_SSSE3) && !defined(CRYPTOPP_DISABLE_AESNI) && CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && (CRYPTOPP_GCC_VERSION >= 40400 || _MSC_FULL_VER >= 150030729 || __INTEL_COMPILER >= 1110 || defined(__AES__)) + #define CRYPTOPP_BOOL_AESNI_INTRINSICS_AVAILABLE 1 +#else + #define CRYPTOPP_BOOL_AESNI_INTRINSICS_AVAILABLE 0 +#endif + +#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE || CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE || defined(CRYPTOPP_X64_MASM_AVAILABLE) + #define CRYPTOPP_BOOL_ALIGN16 1 +#else + #define CRYPTOPP_BOOL_ALIGN16 0 +#endif + +// how to allocate 16-byte aligned memory (for SSE2) +#if defined(CRYPTOPP_MSVC6PP_OR_LATER) + #define CRYPTOPP_MM_MALLOC_AVAILABLE +#elif defined(__APPLE__) + #define CRYPTOPP_APPLE_MALLOC_AVAILABLE +#elif defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) + #define CRYPTOPP_MALLOC_ALIGNMENT_IS_16 +#elif defined(__linux__) || defined(__sun__) || defined(__CYGWIN__) + #define CRYPTOPP_MEMALIGN_AVAILABLE +#else + #define CRYPTOPP_NO_ALIGNED_ALLOC +#endif + +// Apple always provides 16-byte aligned, and tells us to use calloc +// http://developer.apple.com/library/mac/documentation/Performance/Conceptual/ManagingMemory/Articles/MemoryAlloc.html + +// how to disable inlining +#if defined(_MSC_VER) && _MSC_VER >= 1300 +# define CRYPTOPP_NOINLINE_DOTDOTDOT +# define CRYPTOPP_NOINLINE __declspec(noinline) +#elif defined(__GNUC__) +# define CRYPTOPP_NOINLINE_DOTDOTDOT +# define CRYPTOPP_NOINLINE __attribute__((noinline)) +#else +# define CRYPTOPP_NOINLINE_DOTDOTDOT ... +# define CRYPTOPP_NOINLINE +#endif + +// how to declare class constants +#if (defined(_MSC_VER) && _MSC_VER <= 1300) || defined(__INTEL_COMPILER) +# define CRYPTOPP_CONSTANT(x) enum {x}; +#else +# define CRYPTOPP_CONSTANT(x) static const int x; +#endif + +// Linux provides X32, which is 32-bit integers, longs and pointers on x86_64 using the full x86_64 register set. +// Detect via __ILP32__ (http://wiki.debian.org/X32Port). Both GCC and Clang provide the preprocessor macro. +#if ((__ILP32__ >= 1) || (_ILP32 >= 1)) + #define CRYPTOPP_BOOL_X32 1 +#else + #define CRYPTOPP_BOOL_X32 0 +#endif + +// see http://predef.sourceforge.net/prearch.html +#if (defined(_M_IX86) || defined(__i386__) || defined(__i386) || defined(_X86_) || defined(__I86__) || defined(__INTEL__)) && !CRYPTOPP_BOOL_X32 + #define CRYPTOPP_BOOL_X86 1 +#else + #define CRYPTOPP_BOOL_X86 0 +#endif + +#if (defined(_M_X64) || defined(__x86_64__)) && !CRYPTOPP_BOOL_X32 + #define CRYPTOPP_BOOL_X64 1 +#else + #define CRYPTOPP_BOOL_X64 0 +#endif + +// Undo the ASM and Intrinsic related defines due to X32. +#if CRYPTOPP_BOOL_X32 +# undef CRYPTOPP_BOOL_X64 +# undef CRYPTOPP_X64_ASM_AVAILABLE +# undef CRYPTOPP_X64_MASM_AVAILABLE +#endif + +#if !defined(CRYPTOPP_NO_UNALIGNED_DATA_ACCESS) && !defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS) +#if (CRYPTOPP_BOOL_X64 || CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || defined(__powerpc__) || (__ARM_FEATURE_UNALIGNED >= 1)) + #define CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS +#endif +#endif + +// ***************** determine availability of OS features ******************** + +#ifndef NO_OS_DEPENDENCE + +#if defined(_WIN32) || defined(__CYGWIN__) +#define CRYPTOPP_WIN32_AVAILABLE +#endif + +#if defined(__unix__) || defined(__MACH__) || defined(__NetBSD__) || defined(__sun) +#define CRYPTOPP_UNIX_AVAILABLE +#endif + +#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) +#define CRYPTOPP_BSD_AVAILABLE +#endif + +#if defined(CRYPTOPP_WIN32_AVAILABLE) || defined(CRYPTOPP_UNIX_AVAILABLE) +# define HIGHRES_TIMER_AVAILABLE +#endif + +#ifdef CRYPTOPP_UNIX_AVAILABLE +# define HAS_BERKELEY_STYLE_SOCKETS +#endif + +#ifdef CRYPTOPP_WIN32_AVAILABLE +# define HAS_WINDOWS_STYLE_SOCKETS +#endif + +#if defined(HIGHRES_TIMER_AVAILABLE) && (defined(HAS_BERKELEY_STYLE_SOCKETS) || defined(HAS_WINDOWS_STYLE_SOCKETS)) +# define SOCKETS_AVAILABLE +#endif + +#if defined(HAS_WINDOWS_STYLE_SOCKETS) && (!defined(HAS_BERKELEY_STYLE_SOCKETS) || defined(PREFER_WINDOWS_STYLE_SOCKETS)) +# define USE_WINDOWS_STYLE_SOCKETS +#else +# define USE_BERKELEY_STYLE_SOCKETS +#endif + +#if defined(HIGHRES_TIMER_AVAILABLE) && defined(CRYPTOPP_WIN32_AVAILABLE) && !defined(USE_BERKELEY_STYLE_SOCKETS) +# define WINDOWS_PIPES_AVAILABLE +#endif + +#if defined(CRYPTOPP_WIN32_AVAILABLE) && defined(USE_MS_CRYPTOAPI) +# define NONBLOCKING_RNG_AVAILABLE +# define OS_RNG_AVAILABLE +#endif + +#if defined(CRYPTOPP_UNIX_AVAILABLE) || defined(CRYPTOPP_DOXYGEN_PROCESSING) +# define NONBLOCKING_RNG_AVAILABLE +# define BLOCKING_RNG_AVAILABLE +# define OS_RNG_AVAILABLE +# define HAS_PTHREADS +# define THREADS_AVAILABLE +#endif + +#ifdef CRYPTOPP_WIN32_AVAILABLE +# define HAS_WINTHREADS +# define THREADS_AVAILABLE +#endif + +#endif // NO_OS_DEPENDENCE + +// ***************** DLL related ******************** + +#if defined(CRYPTOPP_WIN32_AVAILABLE) && !defined(CRYPTOPP_DOXYGEN_PROCESSING) + +#ifdef CRYPTOPP_EXPORTS +#define CRYPTOPP_IS_DLL +#define CRYPTOPP_DLL __declspec(dllexport) +#elif defined(CRYPTOPP_IMPORTS) +#define CRYPTOPP_IS_DLL +#define CRYPTOPP_DLL __declspec(dllimport) +#else +#define CRYPTOPP_DLL +#endif + +#define CRYPTOPP_API __cdecl + +#else // not CRYPTOPP_WIN32_AVAILABLE + +#define CRYPTOPP_DLL +#define CRYPTOPP_API + +#endif // CRYPTOPP_WIN32_AVAILABLE + +#if defined(__MWERKS__) +#define CRYPTOPP_EXTERN_DLL_TEMPLATE_CLASS extern class CRYPTOPP_DLL +#elif defined(__BORLANDC__) || defined(__SUNPRO_CC) +#define CRYPTOPP_EXTERN_DLL_TEMPLATE_CLASS template class CRYPTOPP_DLL +#else +#define CRYPTOPP_EXTERN_DLL_TEMPLATE_CLASS extern template class CRYPTOPP_DLL +#endif + +#if defined(CRYPTOPP_MANUALLY_INSTANTIATE_TEMPLATES) && !defined(CRYPTOPP_IMPORTS) +#define CRYPTOPP_DLL_TEMPLATE_CLASS template class CRYPTOPP_DLL +#else +#define CRYPTOPP_DLL_TEMPLATE_CLASS CRYPTOPP_EXTERN_DLL_TEMPLATE_CLASS +#endif + +#if defined(__MWERKS__) +#define CRYPTOPP_EXTERN_STATIC_TEMPLATE_CLASS extern class +#elif defined(__BORLANDC__) || defined(__SUNPRO_CC) +#define CRYPTOPP_EXTERN_STATIC_TEMPLATE_CLASS template class +#else +#define CRYPTOPP_EXTERN_STATIC_TEMPLATE_CLASS extern template class +#endif + +#if defined(CRYPTOPP_MANUALLY_INSTANTIATE_TEMPLATES) && !defined(CRYPTOPP_EXPORTS) +#define CRYPTOPP_STATIC_TEMPLATE_CLASS template class +#else +#define CRYPTOPP_STATIC_TEMPLATE_CLASS CRYPTOPP_EXTERN_STATIC_TEMPLATE_CLASS +#endif + +// ************** Unused variable *************** + +// Portable way to suppress warnings. +// Moved from misc.h due to circular depenedencies. +#define CRYPTOPP_UNUSED(x) ((void)x) + +// ***************** C++11 related ******************** + +// Visual Studio began at VS2010, http://msdn.microsoft.com/en-us/library/hh567368%28v=vs.110%29.aspx. +// Intel and C++11 language features, http://software.intel.com/en-us/articles/c0x-features-supported-by-intel-c-compiler +// GCC and C++11 language features, http://gcc.gnu.org/projects/cxx0x.html +// Clang and C++11 language features, http://clang.llvm.org/cxx_status.html +#if (_MSC_VER >= 1600) || (__cplusplus >= 201103L) +# define CRYPTOPP_CXX11 1 +#endif + +// Hack ahead. Apple's standard library does not have C++'s unique_ptr in C++11. We can't +// test for unique_ptr directly because some of the non-Apple Clangs on OS X fail the same +// way. However, modern standard libraries have , so we test for it instead. +// Thanks to Jonathan Wakely for devising the clever test for modern/ancient versions. +// TODO: test under Xcode 3, where g++ is really g++. +#if defined(__APPLE__) && defined(__clang__) +# if !(defined(__has_include) && __has_include()) +# undef CRYPTOPP_CXX11 +# endif +#endif + +// C++11 or C++14 is available +#if defined(CRYPTOPP_CXX11) + +// alignof/alignas: MS at VS2013 (19.00); GCC at 4.8; Clang at 3.3; and Intel 15.0. +#if (CRYPTOPP_MSC_VERSION >= 1900) +# define CRYPTOPP_CXX11_ALIGNAS 1 +# define CRYPTOPP_CXX11_ALIGNOF 1 +#elif defined(__INTEL_COMPILER) && (__INTEL_COMPILER >= 1500) +# define CRYPTOPP_CXX11_ALIGNAS 1 +# define CRYPTOPP_CXX11_ALIGNOF 1 +#elif defined(__clang__) +# if __has_feature(cxx_alignof) +# define CRYPTOPP_CXX11_ALIGNAS 1 +# define CRYPTOPP_CXX11_ALIGNOF 1 +# endif +#elif (CRYPTOPP_GCC_VERSION >= 40800) +# define CRYPTOPP_CXX11_ALIGNAS 1 +# define CRYPTOPP_CXX11_ALIGNOF 1 +#endif // alignof/alignas + +// noexcept: MS at VS2015 (19.00); GCC at 4.6; Clang at 3.0; and Intel 14.0. +#if (CRYPTOPP_MSC_VERSION >= 1900) +# define CRYPTOPP_CXX11_NOEXCEPT 1 +#elif defined(__INTEL_COMPILER) && (__INTEL_COMPILER >= 1400) +# define CRYPTOPP_CXX11_NOEXCEPT 1 +#elif defined(__clang__) +# if __has_feature(cxx_noexcept) +# define CRYPTOPP_CXX11_NOEXCEPT 1 +# endif +#elif (CRYPTOPP_GCC_VERSION >= 40600) +# define CRYPTOPP_CXX11_NOEXCEPT 1 +#endif // noexcept compilers + +// variadic templates: MS at VS2013 (18.00); GCC at 4.3; Clang at 2.9; and Intel 12.1. +#if (CRYPTOPP_MSC_VERSION >= 1800) +# define CRYPTOPP_CXX11_VARIADIC_TEMPLATES 1 +#elif defined(__INTEL_COMPILER) && (__INTEL_COMPILER >= 1210) +# define CRYPTOPP_CXX11_VARIADIC_TEMPLATES 1 +#elif defined(__clang__) +# if __has_feature(cxx_variadic_templates) +# define CRYPTOPP_CXX11_VARIADIC_TEMPLATES 1 +# endif +#elif (CRYPTOPP_GCC_VERSION >= 40300) +# define CRYPTOPP_CXX11_VARIADIC_TEMPLATES 1 +#endif // variadic templates + +// TODO: Emplacement, R-values and Move semantics +// Needed because we are catching warnings with GCC and MSC + +#endif // CRYPTOPP_CXX11 + +#if defined(CRYPTOPP_CXX11_NOEXCEPT) +# define CRYPTOPP_THROW noexcept(false) +# define CRYPTOPP_NO_THROW noexcept(true) +#else +# define CRYPTOPP_THROW +# define CRYPTOPP_NO_THROW +#endif // CRYPTOPP_CXX11_NOEXCEPT + +// OK to comment the following out, but please report it so we can fix it. +#if (defined(__cplusplus) && (__cplusplus >= 199711L)) && !defined(CRYPTOPP_UNCAUGHT_EXCEPTION_AVAILABLE) +# error "std::uncaught_exception is not available. This is likely a configuration error." +#endif + +#endif diff --git a/cryptlib.h b/cryptlib.h index f858af67..c27a23c1 100644 --- a/cryptlib.h +++ b/cryptlib.h @@ -1076,7 +1076,7 @@ typedef SymmetricCipher StreamCipher; //! \class RandomNumberGenerator //! \brief Interface for random number generators //! \details The library provides a number of random number generators, from software based to hardware based generators. -//! \details All return values are uniformly distributed over the range specified. +//! \details All generated values are uniformly distributed over the range specified. class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE RandomNumberGenerator : public Algorithm { public: @@ -1084,9 +1084,9 @@ public: //! \param input the entropy to add to the generator //! \param length the size of the input buffer //! \throws NotImplemented - //! \details A generator may or may not accept additional entropy. Call CanIncorporateEntropy to test for the + //! \details A generator may or may not accept additional entropy. Call CanIncorporateEntropy() to test for the //! ability to use additional entropy. - //! \details If a derived class does not override IncorporateEntropy, then the base class throws + //! \details If a derived class does not override IncorporateEntropy(), then the base class throws //! NotImplemented. virtual void IncorporateEntropy(const byte *input, size_t length) { @@ -1095,41 +1095,52 @@ public: } //! \brief Determines if a generator can accept additional entropy - //! \returns true if IncorporateEntropy is implemented + //! \returns true if IncorporateEntropy() is implemented virtual bool CanIncorporateEntropy() const {return false;} //! \brief Generate new random byte and return it - //! \details default implementation is to call GenerateBlock() with one byte + //! \returns a random 8-bit byte + //! \details Default implementation calls GenerateBlock() with one byte. + //! \details All generated values are uniformly distributed over the range specified within the + //! the contraints of a particular generator. virtual byte GenerateByte(); //! \brief Generate new random bit and return it //! \returns a random bit //! \details The default implementation calls GenerateByte() and return its lowest bit. + //! \details All generated values are uniformly distributed over the range specified within the + //! the contraints of a particular generator. virtual unsigned int GenerateBit(); //! \brief Generate a random 32 bit word in the range min to max, inclusive //! \param min the lower bound of the range //! \param max the upper bound of the range //! \returns a random 32-bit word - //! \details The default implementation calls Crop on the difference between max and - //! min, and then returns the result added to min. + //! \details The default implementation calls Crop() on the difference between max and + //! min, and then returns the result added to min. + //! \details All generated values are uniformly distributed over the range specified within the + //! the contraints of a particular generator. virtual word32 GenerateWord32(word32 min=0, word32 max=0xffffffffUL); //! \brief Generate random array of bytes //! \param output the byte buffer //! \param size the length of the buffer, in bytes - //! \note A derived generator \a must override either GenerateBlock or - //! GenerateIntoBufferedTransformation. They can override both, or have one call the other. + //! \details All generated values are uniformly distributed over the range specified within the + //! the contraints of a particular generator. + //! \note A derived generator \a must override either GenerateBlock() or + //! GenerateIntoBufferedTransformation(). They can override both, or have one call the other. virtual void GenerateBlock(byte *output, size_t size); //! \brief Generate random bytes into a BufferedTransformation //! \param target the BufferedTransformation object which receives the bytes //! \param channel the channel on which the bytes should be pumped //! \param length the number of bytes to generate - //! \details The default implementation calls GenerateBlock() and pumps the result into + //! \details The default implementation calls GenerateBlock() and pumps the result into //! the DEFAULT_CHANNEL of the target. - //! \note A derived generator \a must override either GenerateBlock or - //! GenerateIntoBufferedTransformation. They can override both, or have one call the other. + //! \details All generated values are uniformly distributed over the range specified within the + //! the contraints of a particular generator. + //! \note A derived generator \a must override either GenerateBlock() or + //! GenerateIntoBufferedTransformation(). They can override both, or have one call the other. virtual void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword length); //! \brief Generate and discard n bytes diff --git a/dsa.h b/dsa.h index 3b530f27..a4ab4e97 100644 --- a/dsa.h +++ b/dsa.h @@ -2,20 +2,38 @@ //! \file //! \headerfile dsa.h -//! \brief Classes for DSA signature algorithm +//! \brief Classes for the DSA signature algorithm #ifndef CRYPTOPP_DSA_H #define CRYPTOPP_DSA_H #include "cryptlib.h" +#include "gfpcrypt.h" NAMESPACE_BEGIN(CryptoPP) -/*! The DSA signature format used by Crypto++ is as defined by IEEE P1363. - Java uses the DER format, and OpenPGP uses the OpenPGP format. */ -enum DSASignatureFormat {DSA_P1363, DSA_DER, DSA_OPENPGP}; -/** This function converts between these formats, and returns length of signature in the target format. - If toFormat == DSA_P1363, bufferSize must equal publicKey.SignatureLength() */ +//! \brief DSA Signature Format +//! \details The DSA signature format used by Crypto++ is as defined by IEEE P1363. +//! Java nad .Net use the DER format, and OpenPGP uses the OpenPGP format. +enum DSASignatureFormat { + //! \brief Crypto++ native signature encoding format + DSA_P1363, + //! \brief signature encoding format used by Java and .Net + DSA_DER, + //! \brief OpenPGP signature encoding format + DSA_OPENPGP +}; + +//! \brief Converts between signature encoding formats +//! \param buffer byte buffer for the converted signature encoding +//! \param bufferSize the length of the converted signature encoding buffer +//! \param toFormat the source signature format +//! \param signature byte buffer for the existing signature encoding +//! \param signatureLen the length of the existing signature encoding buffer +//! \param fromFormat the source signature format +//! \details This function converts between these formats, and returns length +//! of signature in the target format. If toFormat == DSA_P1363, then +//! bufferSize must equal publicKey.SignatureLength() size_t DSAConvertSignatureFormat(byte *buffer, size_t bufferSize, DSASignatureFormat toFormat, const byte *signature, size_t signatureLen, DSASignatureFormat fromFormat); diff --git a/filters.h b/filters.h index e6aaf0bb..7e5445d9 100644 --- a/filters.h +++ b/filters.h @@ -370,11 +370,11 @@ protected: }; //! \struct BlockPaddingSchemeDef -//! \detils Padding schemes used for block ciphers. +//! \details Padding schemes used for block ciphers. struct BlockPaddingSchemeDef { //! \enum BlockPaddingScheme - //! \detils Padding schemes used for block ciphers. + //! \details Padding schemes used for block ciphers. //! \details DEFAULT_PADDING means PKCS_PADDING if cipher.MandatoryBlockSize() > 1 && //! cipher.MinLastBlockSize() == 0, which holds for ECB or CBC mode. Otherwise, //! NO_PADDING for modes like OFB, CFB, CTR, CBC-CTS. diff --git a/fips140.h b/fips140.h index b580fe46..2023165a 100644 --- a/fips140.h +++ b/fips140.h @@ -1,46 +1,94 @@ +// fips140.h - written and placed in the public domain by Wei Dai + +//! \file fips140.h +//! \brief Classes and functions for the FIPS 140-2 validated library +//! \details The FIPS validated library is only available on Windows as a DLL. Once compiled, +//! the library is always in FIPS mode contingent upon successful execution of +//! DoPowerUpSelfTest() or DoDllPowerUpSelfTest(). +//! \sa Visual Studio and +//! config.h on the Crypto++ wiki. + #ifndef CRYPTOPP_FIPS140_H #define CRYPTOPP_FIPS140_H -/*! \file - FIPS 140 related functions and classes. -*/ - #include "cryptlib.h" #include "secblock.h" NAMESPACE_BEGIN(CryptoPP) - -//! exception thrown when a crypto algorithm is used after a self test fails + +//! \class SelfTestFailure +//! Exception thrown when a crypto algorithm is used after a self test fails +//! \details The self tests for an algorithm are performed by Algortihm class +//! when CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 is defined. class CRYPTOPP_DLL SelfTestFailure : public Exception { public: explicit SelfTestFailure(const std::string &s) : Exception(OTHER_ERROR, s) {} }; -//! returns whether FIPS 140-2 compliance features were enabled at compile time +//! \brief Determines whether the library provides FIPS validated cryptography +//! \returns true if FIPS 140-2 validated features were enabled at compile time. +//! \details true if FIPS 140-2 validated features were enabled at compile time, +//! false otherwise. +//! \note FIPS mode is enabled at compile time. A program or other module cannot +//! arbitrarily enter or exit the mode. CRYPTOPP_DLL bool CRYPTOPP_API FIPS_140_2_ComplianceEnabled(); -//! enum values representing status of the power-up self test -enum PowerUpSelfTestStatus {POWER_UP_SELF_TEST_NOT_DONE, POWER_UP_SELF_TEST_FAILED, POWER_UP_SELF_TEST_PASSED}; +//! \brief Status of the power-up self test +enum PowerUpSelfTestStatus { + + //! \brief The self tests have not been performed. + POWER_UP_SELF_TEST_NOT_DONE, + //! \brief The self tests were executed via DoPowerUpSelfTest() or + //! DoDllPowerUpSelfTest(), but the result was failure. + POWER_UP_SELF_TEST_FAILED, + //! \brief The self tests were executed via DoPowerUpSelfTest() or + //! DoDllPowerUpSelfTest(), and the result was success. + POWER_UP_SELF_TEST_PASSED +}; -//! perform the power-up self test, and set the self test status +//! \brief Performs the power-up self test +//! \param moduleFilename the fully qualified name of the module +//! \param expectedModuleMac the expected MAC of the components protected by the integrity check +//! \details Performs the power-up self test, and sets the self test status to +//! POWER_UP_SELF_TEST_PASSED or POWER_UP_SELF_TEST_FAILED. +//! \details The self tests for an algorithm are performed by the Algortihm class +//! when CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 is defined. CRYPTOPP_DLL void CRYPTOPP_API DoPowerUpSelfTest(const char *moduleFilename, const byte *expectedModuleMac); -//! perform the power-up self test using the filename of this DLL and the embedded module MAC +//! \brief Performs the power-up self test on the DLL +//! \details Performs the power-up self test using the filename of this DLL and the +//! embedded module MAC, and sets the self test status to POWER_UP_SELF_TEST_PASSED or +//! POWER_UP_SELF_TEST_FAILED. +//! \details The self tests for an algorithm are performed by the Algortihm class +//! when CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 is defined. CRYPTOPP_DLL void CRYPTOPP_API DoDllPowerUpSelfTest(); -//! set the power-up self test status to POWER_UP_SELF_TEST_FAILED +//! \brief Sets the power-up self test status to POWER_UP_SELF_TEST_FAILED +//! \details Sets the power-up self test status to POWER_UP_SELF_TEST_FAILED to simulate failure. CRYPTOPP_DLL void CRYPTOPP_API SimulatePowerUpSelfTestFailure(); -//! return the current power-up self test status +//! \brief Provides the current power-up self test status +//! \returns the current power-up self test status CRYPTOPP_DLL PowerUpSelfTestStatus CRYPTOPP_API GetPowerUpSelfTestStatus(); +#ifndef CRYPTOPP_DOXYGEN_PROCESSING typedef PowerUpSelfTestStatus (CRYPTOPP_API * PGetPowerUpSelfTestStatus)(); +#endif +//! \brief Class object that calculates the MAC on the module +//! \returns the MAC for the module CRYPTOPP_DLL MessageAuthenticationCode * CRYPTOPP_API NewIntegrityCheckingMAC(); +//! \brief Verifies the MAC on the module +//! \param moduleFilename the fully qualified name of the module +//! \param expectedModuleMac the expected MAC of the components protected by the integrity check +//! \param pActualMac the actual MAC of the components calculated by the integrity check +//! \param pMacFileLocation the offest of the MAC in the PE/PE+ module +//! \returns true if the MAC is valid, false otherwise CRYPTOPP_DLL bool CRYPTOPP_API IntegrityCheckModule(const char *moduleFilename, const byte *expectedModuleMac, SecByteBlock *pActualMac = NULL, unsigned long *pMacFileLocation = NULL); +#ifndef CRYPTOPP_DOXYGEN_PROCESSING // this is used by Algorithm constructor to allow Algorithm objects to be constructed for the self test bool PowerUpSelfTestInProgressOnThisThread(); @@ -51,7 +99,13 @@ void EncryptionPairwiseConsistencyTest(const PK_Encryptor &encryptor, const PK_D void SignaturePairwiseConsistencyTest_FIPS_140_Only(const PK_Signer &signer, const PK_Verifier &verifier); void EncryptionPairwiseConsistencyTest_FIPS_140_Only(const PK_Encryptor &encryptor, const PK_Decryptor &decryptor); +#endif +//! \brief The placeholder used prior to embedding the actual MAC in the module. +//! \details After the DLL is built but before it is MAC'd, the string CRYPTOPP_DUMMY_DLL_MAC +//! is used as a placeholder for the actual MAC. A post-build step is performed which calculates +//! the MAC of the DLL and embeds it in the module. The actual MAC is written by the +//! cryptest.exe program using the mac_dll subcommand. #define CRYPTOPP_DUMMY_DLL_MAC "MAC_51f34b8db820ae8" NAMESPACE_END diff --git a/gcm.cpp b/gcm.cpp index 4acb0c56..9f401c88 100644 --- a/gcm.cpp +++ b/gcm.cpp @@ -684,11 +684,11 @@ size_t GCM_Base::AuthenticateBlocks(const byte *data, size_t len) AS2( pxor xmm5, xmm2 ) AS2( psrldq xmm0, 15 ) -#if defined(CRYPTOPP_APPLE_CLANG_VERSION) - AS2( mov WORD_REG(di), xmm0 ) -#elif defined(CRYPTOPP_CLANG_VERSION) +#if (CRYPTOPP_CLANG_VERSION >= 30600) || (CRYPTOPP_APPLE_CLANG_VERSION >= 70000) AS2( movd edi, xmm0 ) -#else +#elif defined(CRYPTOPP_CLANG_VERSION) || defined(CRYPTOPP_APPLE_CLANG_VERSION) + AS2( mov WORD_REG(di), xmm0 ) +#else // GNU Assembler AS2( movd WORD_REG(di), xmm0 ) #endif AS2( movzx eax, WORD PTR [RED_TABLE + WORD_REG(di)*2] ) @@ -699,10 +699,10 @@ size_t GCM_Base::AuthenticateBlocks(const byte *data, size_t len) AS2( pxor xmm4, xmm5 ) AS2( psrldq xmm1, 15 ) -#if defined(CRYPTOPP_APPLE_CLANG_VERSION) - AS2( mov WORD_REG(di), xmm1 ) -#elif defined(CRYPTOPP_CLANG_VERSION) +#if (CRYPTOPP_CLANG_VERSION >= 30600) || (CRYPTOPP_APPLE_CLANG_VERSION >= 70000) AS2( movd edi, xmm1 ) +#elif defined(CRYPTOPP_CLANG_VERSION) || defined(CRYPTOPP_APPLE_CLANG_VERSION) + AS2( mov WORD_REG(di), xmm1 ) #else AS2( movd WORD_REG(di), xmm1 ) #endif @@ -710,10 +710,10 @@ size_t GCM_Base::AuthenticateBlocks(const byte *data, size_t len) AS2( shl eax, 8 ) AS2( psrldq xmm0, 15 ) -#if defined(CRYPTOPP_APPLE_CLANG_VERSION) +#if (CRYPTOPP_CLANG_VERSION >= 30600) || (CRYPTOPP_APPLE_CLANG_VERSION >= 70000) + AS2( movd edi, xmm0 ) +#elif defined(CRYPTOPP_CLANG_VERSION) || defined(CRYPTOPP_APPLE_CLANG_VERSION) AS2( mov WORD_REG(di), xmm0 ) -#elif defined(CRYPTOPP_CLANG_VERSION) - AS2( movd edi, xmm0 ) #else AS2( movd WORD_REG(di), xmm0 ) #endif diff --git a/hex.h b/hex.h index 6f1d5e1f..1acc0903 100644 --- a/hex.h +++ b/hex.h @@ -1,3 +1,8 @@ +// hex.h - written and placed in the public domain by Wei Dai + +//! \file +//! \brief Classes for HexEncoder and HexDecoder + #ifndef CRYPTOPP_HEX_H #define CRYPTOPP_HEX_H diff --git a/hmac.h b/hmac.h index 8dfebe18..d46626d4 100644 --- a/hmac.h +++ b/hmac.h @@ -1,5 +1,8 @@ // hmac.h - written and placed in the public domain by Wei Dai +//! \file +//! \brief Classes for HMAC message authentication codes + #ifndef CRYPTOPP_HMAC_H #define CRYPTOPP_HMAC_H diff --git a/ida.h b/ida.h index 8e15c69f..e2224d84 100644 --- a/ida.h +++ b/ida.h @@ -1,3 +1,8 @@ +// ida.h - written and placed in the public domain by Wei Dai + +//! \file +//! \brief Classes for Information Dispersal Algorithm (IDA) + #ifndef CRYPTOPP_IDA_H #define CRYPTOPP_IDA_H @@ -6,11 +11,9 @@ #include "filters.h" #include "channels.h" #include "secblock.h" +#include "stdcpp.h" #include "misc.h" -#include -#include - NAMESPACE_BEGIN(CryptoPP) /// base class for secret sharing and information dispersal diff --git a/osrng.h b/osrng.h index c2acae8a..cb77de14 100644 --- a/osrng.h +++ b/osrng.h @@ -1,7 +1,11 @@ -#ifndef CRYPTOPP_OSRNG_H -#define CRYPTOPP_OSRNG_H +// osrng.h - written and placed in the public domain by Wei Dai //! \file +//! \headerfile osrng.h +//! \brief Classes for access to the operating system's random number generators + +#ifndef CRYPTOPP_OSRNG_H +#define CRYPTOPP_OSRNG_H #include "config.h" @@ -17,19 +21,26 @@ NAMESPACE_BEGIN(CryptoPP) -//! Exception class for Operating-System Random Number Generator. +//! \class OS_RNG_Err +//! \brief Exception thrown when an operating system error is encountered class CRYPTOPP_DLL OS_RNG_Err : public Exception { public: + //! \brief Constructs an OS_RNG_Err + //! \param operation the operation or API call when the error occurs OS_RNG_Err(const std::string &operation); }; #ifdef NONBLOCKING_RNG_AVAILABLE #ifdef CRYPTOPP_WIN32_AVAILABLE +//! \class MicrosoftCryptoProvider +//! \brief Wrapper for Microsoft crypto service provider +//! \sa \def USE_MS_CRYPTOAPI, \def WORKAROUND_MS_BUG_Q258000 class CRYPTOPP_DLL MicrosoftCryptoProvider { public: + //! \brief Construct a MicrosoftCryptoProvider MicrosoftCryptoProvider(); ~MicrosoftCryptoProvider(); @@ -42,7 +53,12 @@ public: typedef unsigned long ProviderHandle; #endif + //! \brief Retrieves the CryptoAPI provider handle + //! \returns CryptoAPI provider handle + //! \details The handle is acquired by a call to CryptAcquireContext(). + //! CryptReleaseContext() is called upon destruction. ProviderHandle GetProviderHandle() const {return m_hProvider;} + private: ProviderHandle m_hProvider; }; @@ -53,12 +69,20 @@ private: #endif //CRYPTOPP_WIN32_AVAILABLE -//! encapsulate CryptoAPI's CryptGenRandom or /dev/urandom +//! \class NonblockingRng +//! \brief Wrapper class for /dev/random and /dev/srandom +//! \details Encapsulates CryptoAPI's CryptGenRandom() on Windows, or /dev/urandom on Unix and compatibles. class CRYPTOPP_DLL NonblockingRng : public RandomNumberGenerator { public: + //! \brief Construct a NonblockingRng NonblockingRng(); ~NonblockingRng(); + + //! \brief Generate random array of bytes + //! \param output the byte buffer + //! \param size the length of the buffer, in bytes + //! \details GenerateIntoBufferedTransformation() calls are routed to GenerateBlock(). void GenerateBlock(byte *output, size_t size); protected: @@ -73,14 +97,22 @@ protected: #endif -#ifdef BLOCKING_RNG_AVAILABLE +#if defined(BLOCKING_RNG_AVAILABLE) || defined(CRYPTOPP_DOXYGEN_PROCESSING) -//! encapsulate /dev/random, or /dev/srandom on OpenBSD +//! \class BlockingRng +//! \brief Wrapper class for /dev/random and /dev/srandom +//! \details Encapsulates /dev/random on Linux, OS X and Unix; and /dev/srandom on the BSDs. class CRYPTOPP_DLL BlockingRng : public RandomNumberGenerator { public: + //! \brief Construct a BlockingRng BlockingRng(); ~BlockingRng(); + + //! \brief Generate random array of bytes + //! \param output the byte buffer + //! \param size the length of the buffer, in bytes + //! \details GenerateIntoBufferedTransformation() calls are routed to GenerateBlock(). void GenerateBlock(byte *output, size_t size); protected: @@ -89,34 +121,82 @@ protected: #endif +//! OS_GenerateRandomBlock +//! \brief Generate random array of bytes +//! \param output the byte buffer +//! \param size the length of the buffer, in bytes +//! \details OS_GenerateRandomBlock() uses the underlying operating system's +//! random number generator. On Windows, CryptGenRandom() is called using NonblockingRng. +//! \details On Unix and compatibles, /dev/urandom is called if blocking is false using +//! NonblockingRng. If blocking is true, then either /dev/randomd or /dev/srandom is used +//! by way of BlockingRng, if available. CRYPTOPP_DLL void CRYPTOPP_API OS_GenerateRandomBlock(bool blocking, byte *output, size_t size); -//! Automatically Seeded Randomness Pool -/*! This class seeds itself using an operating system provided RNG. */ + +//! \class AutoSeededRandomPool +//! \brief Automatically Seeded Randomness Pool +//! \details This class seeds itself using an operating system provided RNG. class CRYPTOPP_DLL AutoSeededRandomPool : public RandomPool { public: - //! use blocking to choose seeding with BlockingRng or NonblockingRng. the parameter is ignored if only one of these is available + //! \brief Construct an AutoSeededRandomPool + //! \param blocking controls seeding with BlockingRng or NonblockingRng + //! \param seedSize the size of the seed, in bytes + //! \details Use blocking to choose seeding with BlockingRng or NonblockingRng. + //! The parameter is ignored if only one of these is available. explicit AutoSeededRandomPool(bool blocking = false, unsigned int seedSize = 32) {Reseed(blocking, seedSize);} + + //! \brief Reseed an AutoSeededRandomPool + //! \param blocking controls seeding with BlockingRng or NonblockingRng + //! \param seedSize the size of the seed, in bytes void Reseed(bool blocking = false, unsigned int seedSize = 32); }; -//! RNG from ANSI X9.17 Appendix C, seeded using an OS provided RNG +//! \class AutoSeededX917RNG +//! \tparam BLOCK_CIPHER a block cipher +//! \brief Automatically Seeded X9.17 RNG +//! \details AutoSeededX917RNG is from ANSI X9.17 Appendix C, seeded using an OS provided RNG. +//! If 3-key TripleDES (DES_EDE3) is used, then its a X9.17 conforming generator. If AES is +//! used, then its a X9.31 conforming generator. +//! \details Though ANSI X9 prescribes 3-key TripleDES, the template parameter BLOCK_CIPHER can be any +//! BlockTransformation derived class. +//! \sa X917RNG, DefaultAutoSeededRNG template class AutoSeededX917RNG : public RandomNumberGenerator, public NotCopyable { public: - //! use blocking to choose seeding with BlockingRng or NonblockingRng. the parameter is ignored if only one of these is available + //! \brief Construct an AutoSeededX917RNG + //! \param blocking controls seeding with BlockingRng or NonblockingRng + //! \param autoSeed controls auto seeding of the generator + //! \details Use blocking to choose seeding with BlockingRng or NonblockingRng. + //! The parameter is ignored if only one of these is available. + //! \sa X917RNG explicit AutoSeededX917RNG(bool blocking = false, bool autoSeed = true) {if (autoSeed) Reseed(blocking);} + + //! \brief Reseed an AutoSeededX917RNG + //! \param blocking controls seeding with BlockingRng or NonblockingRng + //! \param additionalEntropy additional entropy to add to the generator + //! \param length the size of the additional entropy, in bytes + //! \details Internally, the generator uses SHA256 to extract the entropy from + //! from the seed and then stretch the material for the block cipher's key + //! and initialization vector. void Reseed(bool blocking = false, const byte *additionalEntropy = NULL, size_t length = 0); - // exposed for testing + + //! \brief Deterministically reseed an AutoSeededX917RNG for testing + //! \param key the key to use for the deterministic reseeding + //! \param keylength the size of the key, in bytes + //! \param seed the seed to use for the deterministic reseeding + //! \param timeVector a time vector to use for deterministic reseeding + //! \details This is a testing interface for testing purposes, and should \a NOT + //! be used in production. void Reseed(const byte *key, size_t keylength, const byte *seed, const byte *timeVector); bool CanIncorporateEntropy() const {return true;} void IncorporateEntropy(const byte *input, size_t length) {Reseed(false, input, length);} - void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword length) {m_rng->GenerateIntoBufferedTransformation(target, channel, length);} + void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword length) + {m_rng->GenerateIntoBufferedTransformation(target, channel, length);} private: member_ptr m_rng; @@ -152,12 +232,21 @@ void AutoSeededX917RNG::Reseed(bool blocking, const byte *input, s CRYPTOPP_DLL_TEMPLATE_CLASS AutoSeededX917RNG; -//! this is AutoSeededX917RNG\ in FIPS mode, otherwise it's AutoSeededRandomPool +#if defined(CRYPTOPP_DOXYGEN_PROCESSING) +//! \class DefaultAutoSeededRNG +//! \brief A typedef providing a default generator +//! \details DefaultAutoSeededRNG is a typedef of either AutoSeededX917RNG or AutoSeededRandomPool. +//! If CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 is defined, then DefaultAutoSeededRNG is +//! AutoSeededX917RNG. Otherwise, DefaultAutoSeededRNG is AutoSeededRandomPool. +class DefaultAutoSeededRNG {} +#else +// AutoSeededX917RNG in FIPS mode, otherwise it's AutoSeededRandomPool #if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 typedef AutoSeededX917RNG DefaultAutoSeededRNG; #else typedef AutoSeededRandomPool DefaultAutoSeededRNG; #endif +#endif // CRYPTOPP_DOXYGEN_PROCESSING NAMESPACE_END diff --git a/pubkey.h b/pubkey.h index 82769a27..47547e47 100644 --- a/pubkey.h +++ b/pubkey.h @@ -1875,10 +1875,14 @@ public: #endif }; -//! Base class for public key encryption standard classes. These classes are used to select from variants of algorithms. Note that not all standards apply to all algorithms. +//! \brief Base class for public key encryption standard classes. +//! \details These classes are used to select from variants of algorithms. +//! \note Not all standards apply to all algorithms. struct EncryptionStandard {}; -//! Base class for public key signature standard classes. These classes are used to select from variants of algorithms. Note that not all standards apply to all algorithms. +//! \brief Base class for public key signature standard classes. +//! \details These classes are used to select from variants of algorithms. +//! \note Not all standards apply to all algorithms. struct SignatureStandard {}; template diff --git a/rabin.h b/rabin.h index 4da48b12..2bc5c1d4 100644 --- a/rabin.h +++ b/rabin.h @@ -2,7 +2,7 @@ //! \file //! \headerfile rabin.h -//! \brief Classes Rabin encryption and signature schemes +//! \brief Classes for Rabin encryption and signature schemes #ifndef CRYPTOPP_RABIN_H #define CRYPTOPP_RABIN_H diff --git a/rdrand.cpp b/rdrand.cpp index 48fea517..b14359fa 100644 --- a/rdrand.cpp +++ b/rdrand.cpp @@ -102,7 +102,7 @@ #endif // Debug diagnostics -#if !defined(NDEBUG) +#if 0 # if MASM_RDRAND_ASM_AVAILABLE # pragma message ("MASM_RDRAND_ASM_AVAILABLE is 1") # elif NASM_RDRAND_ASM_AVAILABLE diff --git a/rdrand.h b/rdrand.h index 8d5b7380..05b177f7 100644 --- a/rdrand.h +++ b/rdrand.h @@ -55,7 +55,7 @@ public: } //! \brief Set the number of retries used by the generator - //! \param the number of times GenerateBlock will attempt to recover from a failed generation + //! \param retries number of times GenerateBlock() will attempt to recover from a failed generation void SetRetries(unsigned int retries) { m_retries = retries; @@ -134,7 +134,7 @@ public: } //! \brief Set the number of retries used by the generator - //! \param the number of times GenerateBlock will attempt to recover from a failed generation + //! \param retries number of times GenerateBlock() will attempt to recover from a failed generation void SetRetries(unsigned int retries) { m_retries = retries; diff --git a/rijndael.h b/rijndael.h index 56843e6f..417df76b 100644 --- a/rijndael.h +++ b/rijndael.h @@ -1,8 +1,9 @@ // rijndael.h - written and placed in the public domain by Wei Dai -//! \file -//! \headerfile rijndael.h +//! \file rijndael.h //! \brief Classes for Rijndael encryption algorithm +//! \details All key sizes are supported. The library only provides Rijndael with 128-bit blocks, +//! and not 192-bit or 256-bit blocks #ifndef CRYPTOPP_RIJNDAEL_H #define CRYPTOPP_RIJNDAEL_H @@ -16,15 +17,18 @@ NAMESPACE_BEGIN(CryptoPP) -//! _ +//! \brief Rijndael block cipher information struct Rijndael_Info : public FixedBlockSize<16>, public VariableKeyLength<16, 16, 32, 8> { CRYPTOPP_DLL static const char * CRYPTOPP_API StaticAlgorithmName() {return CRYPTOPP_RIJNDAEL_NAME;} }; -/// Rijndael +//! \brief Rijndael block cipher implementation details +//! \sa Rijndael class CRYPTOPP_DLL Rijndael : public Rijndael_Info, public BlockCipherDocumentation { + //! \brief Rijndael block cipher data processing functionss + //! \details Provides implementation common to encryption and decryption class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE Base : public BlockCipherImpl { public: @@ -44,6 +48,8 @@ class CRYPTOPP_DLL Rijndael : public Rijndael_Info, public BlockCipherDocumentat FixedSizeAlignedSecBlock m_key; }; + //! \brief Rijndael block cipher data processing functions + //! \details Provides implementation for encryption transformation class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE Enc : public Base { public: @@ -53,6 +59,8 @@ class CRYPTOPP_DLL Rijndael : public Rijndael_Info, public BlockCipherDocumentat #endif }; + //! \brief Rijndael block cipher data processing functions + //! \details Provides implementation for decryption transformation class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE Dec : public Base { public: diff --git a/ripemd.h b/ripemd.h index fc7b54d3..818c4284 100644 --- a/ripemd.h +++ b/ripemd.h @@ -1,3 +1,8 @@ +// ripemd.h - written and placed in the public domain by Wei Dai + +//! \file +//! \brief Classes for RIPEMD message digest + #ifndef CRYPTOPP_RIPEMD_H #define CRYPTOPP_RIPEMD_H diff --git a/rng.h b/rng.h index 1190aeab..71ec4187 100644 --- a/rng.h +++ b/rng.h @@ -1,4 +1,4 @@ -//! rng.h - written and placed in the public domain by Wei Dai +// rng.h - written and placed in the public domain by Wei Dai //! \file rng.h //! \brief Miscellaneous classes for RNGs @@ -15,8 +15,8 @@ NAMESPACE_BEGIN(CryptoPP) -//! linear congruential generator -/*! originally by William S. England, do not use for cryptographic purposes */ +//! \brief Linear Congruential Generator (LCG) +//! \details Originally by William S. England, do not use for cryptographic purposes class LC_RNG : public RandomNumberGenerator { public: @@ -36,19 +36,37 @@ private: static const word16 r; }; -//! RNG derived from ANSI X9.17 Appendix C - +//! \class X917RNG +//! \brief ANSI X9.17 RNG +//! \details X917RNG is from ANSI X9.17 Appendix C. +//! \sa AutoSeededX917RNG, DefaultAutoSeededRNG class CRYPTOPP_DLL X917RNG : public RandomNumberGenerator, public NotCopyable { public: - // cipher will be deleted by destructor, deterministicTimeVector = 0 means obtain time vector from system + //! \brief Construct a X917RNG + //! \param cipher the block cipher to use for the generator + //! \param seed a byte buffer to use as a seed + //! \param deterministicTimeVector additional entropy + //! \details cipher will be deleted by the destructor. seed must be at least + //! BlockSize() in length. deterministicTimeVector = 0 means obtain time vector + //! from the system. + //! \details When constructing an AutoSeededX917RNG, the generator must be keyed or an + //! access violation will occur because the time vector is encrypted using the block cipher. + //! To key the generator during constructions, perform the following: + //! 
+	//!   SecByteBlock key(AES::DEFAULT_KEYLENGTH), seed(AES::BLOCKSIZE);
+	//!   OS_GenerateRandomBlock(false, key, key.size());
+	//!   OS_GenerateRandomBlock(false, seed, seed.size());
+	//!   X917RNG prng(new AES::Encryption(key, AES::DEFAULT_KEYLENGTH), seed, NULL);
+	//!
+ //! \sa AutoSeededX917RNG X917RNG(BlockTransformation *cipher, const byte *seed, const byte *deterministicTimeVector = 0); void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword size); private: member_ptr cipher; - unsigned int S; // blocksize of cipher + const unsigned int S; // blocksize of cipher SecByteBlock dtbuf; // buffer for enciphered timestamp SecByteBlock randseed, m_lastBlock, m_deterministicTimeVector; }; @@ -66,6 +84,8 @@ public: size_t Put2(const byte *inString, size_t length, int messageEnd, bool blocking); + //! \brief Provides the number of bytes of input is needed by the test + //! \returns how many more bytes of input is needed by the test // BytesNeeded() returns how many more bytes of input is needed by the test // GetTestValue() should not be called before BytesNeeded()==0 unsigned int BytesNeeded() const {return n >= (Q+K) ? 0 : Q+K-n;} diff --git a/validat1.cpp b/validat1.cpp index 689dfbf1..921afb00 100644 --- a/validat1.cpp +++ b/validat1.cpp @@ -459,26 +459,50 @@ bool TestAutoSeeded() bool TestRDRAND() { RDRAND rdrand; - bool generate = true, discard = true; + bool maurer = true, generate = true, discard = true; + static const unsigned int SIZE = 10000; + if (HasRDRAND()) { cout << "\nTesting RDRAND generator...\n\n"; - MeterFilter meter(new Redirector(TheBitBucket())); - RandomNumberSource test(rdrand, 100000, true, new Deflator(new Redirector(meter))); + vector_ptr rdbytes(SIZE); + RandomNumberSource rns(rdrand, SIZE, true, new ArraySink(rdbytes, rdbytes.size())); + ArraySource as(rdbytes, rdbytes.size(), true); - if (meter.GetTotalBytes() < 100000) + MaurerRandomnessTest mt; + as.CopyTo(mt); + + const double mv = mt.GetTestValue(); + if (mv < 0.98f) + { + cout << "FAILED:"; + maurer = false; + } + else + cout << "passed:"; + + const std::streamsize oldp = cout.precision(5); + const std::ios::fmtflags oldf = cout.setf(std::ios::fixed, std::ios::floatfield); + cout << " Maurer Randomness Test value of " << mv << endl; + cout.precision(oldp); + cout.setf(oldf, std::ios::floatfield); + + MeterFilter meter(new Redirector(TheBitBucket())); + as.CopyTo(meter); + + if (meter.GetTotalBytes() < SIZE) { cout << "FAILED:"; generate = false; } else cout << "passed:"; - cout << " 100000 generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE" << endl; + cout << " " << SIZE << " generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE\n"; try { - rdrand.DiscardBytes(100000); + rdrand.DiscardBytes(SIZE); } catch(const Exception&) { @@ -489,12 +513,15 @@ bool TestRDRAND() cout << "FAILED:"; else cout << "passed:"; - cout << " discarded 10000 bytes" << endl; + cout << " discarded " << SIZE << " bytes\n"; } else - cout << "\nRDRAND generator not available, skipping test." << endl; + cout << "\nRDRAND generator not available, skipping test.\n"; + + if (!(maurer && generate && discard)) + cout.flush(); - return generate && discard; + return maurer && generate && discard; } #endif @@ -502,26 +529,50 @@ bool TestRDRAND() bool TestRDSEED() { RDSEED rdseed; - bool generate = true, discard = true; + bool maurer = true, generate = true, discard = true; + static const unsigned int SIZE = 10000; + if (HasRDSEED()) { cout << "\nTesting RDSEED generator...\n\n"; - MeterFilter meter(new Redirector(TheBitBucket())); - RandomNumberSource test(rdseed, 100000, true, new Deflator(new Redirector(meter))); + vector_ptr rdbytes(SIZE); + RandomNumberSource rns(rdseed, SIZE, true, new ArraySink(rdbytes, rdbytes.size())); + ArraySource as(rdbytes, rdbytes.size(), true); - if (meter.GetTotalBytes() < 100000) + MaurerRandomnessTest mt; + as.CopyTo(mt); + + const double mv = mt.GetTestValue(); + if (mv < 0.98f) + { + cout << "FAILED:"; + maurer = false; + } + else + cout << "passed:"; + + const std::streamsize oldp = cout.precision(5); + const std::ios::fmtflags oldf = cout.setf(std::ios::fixed, std::ios::floatfield); + cout << " Maurer Randomness Test value of " << mv << endl; + cout.precision(oldp); + cout.setf(oldf, std::ios::floatfield); + + MeterFilter meter(new Redirector(TheBitBucket())); + as.CopyTo(meter); + + if (meter.GetTotalBytes() < SIZE) { cout << "FAILED:"; generate = false; } else cout << "passed:"; - cout << " 100000 generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE" << endl; + cout << " " << SIZE << " generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE\n"; try { - rdseed.DiscardBytes(100000); + rdseed.DiscardBytes(SIZE); } catch(const Exception&) { @@ -532,12 +583,15 @@ bool TestRDSEED() cout << "FAILED:"; else cout << "passed:"; - cout << " discarded 10000 bytes" << endl; + cout << " discarded " << SIZE << " bytes\n"; } else - cout << "\nRDSEED generator not available, skipping test." << endl; + cout << "\nRDSEED generator not available, skipping test.\n"; + + if (!(maurer && generate && discard)) + cout.flush(); - return generate && discard; + return maurer && generate && discard; } #endif diff --git a/validat2.cpp b/validat2.cpp index 2faeaa51..3c6cd456 100644 --- a/validat2.cpp +++ b/validat2.cpp @@ -467,6 +467,7 @@ bool ValidateDSA(bool thorough) assert(pub.GetKey() == pub1.GetKey()); pass = SignatureValidate(priv, pub, thorough) && pass; pass = RunTestDataFile("TestVectors/dsa.txt", g_nullNameValuePairs, thorough) && pass; + return pass; } @@ -654,9 +655,9 @@ bool TestPolynomialMod2() pass3 &= (str1 == str2); } - cout << (!pass1 ? "FAILED" : "passed") << " " << "1 shifted over range [0," << 2 * WORD_BITS + 1 << "]" << "\n"; - cout << (!pass2 ? "FAILED" : "passed") << " " << "0x" << hex << word(SIZE_MAX) << " shifted over range [0," << dec << 2 * WORD_BITS + 1 << "]" << "\n"; - cout << (!pass3 ? "FAILED" : "passed") << " " << "random values shifted over range [0," << dec << 2 * WORD_BITS + 1 << "]" << "\n"; + cout << (!pass1 ? "FAILED" : "passed") << " " << "1 shifted over range [" << dec << start << "," << stop << "]" << "\n"; + cout << (!pass2 ? "FAILED" : "passed") << " " << "0x" << hex << word(SIZE_MAX) << dec << " shifted over range [" << start << "," << stop << "]" << "\n"; + cout << (!pass3 ? "FAILED" : "passed") << " " << "random values shifted over range [" << dec << start << "," << stop << "]" << "\n"; if (!(pass1 && pass2 && pass3)) cout.flush();