From 8779c8cd780eada03eedd6e68280421e62a81554 Mon Sep 17 00:00:00 2001 From: DevJPM Date: Fri, 16 Sep 2016 16:31:41 +0200 Subject: [PATCH 1/9] fixed Keccak and SHA3 to support HMAC added the blocksize constant and member functions to Keccak and SHA3 (and all derivatives) as well as some compile-time-checks --- keccak.h | 18 ++++++++++++++++++ sha3.h | 17 +++++++++++++++++ 2 files changed, 35 insertions(+) diff --git a/keccak.h b/keccak.h index d3580ec1..4bee18f4 100644 --- a/keccak.h +++ b/keccak.h @@ -56,6 +56,8 @@ public: void Restart(); void TruncatedFinal(byte *hash, size_t size); + unsigned int BlockSize() const { return r(); } + protected: inline unsigned int r() const {return 200 - 2 * m_digestSize;} @@ -70,10 +72,14 @@ class Keccak_224 : public Keccak { public: CRYPTOPP_CONSTANT(DIGESTSIZE = 28) + CRYPTOPP_CONSTANT(BLOCKSIZE = 200 - 2 * DIGESTSIZE) //! \brief Construct a Keccak-224 message digest Keccak_224() : Keccak(DIGESTSIZE) {} CRYPTOPP_CONSTEXPR static const char *StaticAlgorithmName() {return "Keccak-224";} +private: + CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE < 200); // ensure there was no underflow in the math + CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE > DIGESTSIZE); // this is a general expectation by HMAC }; //! \class Keccak_256 @@ -83,10 +89,14 @@ class Keccak_256 : public Keccak { public: CRYPTOPP_CONSTANT(DIGESTSIZE = 32) + CRYPTOPP_CONSTANT(BLOCKSIZE = 200 - 2 * DIGESTSIZE) //! \brief Construct a Keccak-256 message digest Keccak_256() : Keccak(DIGESTSIZE) {} CRYPTOPP_CONSTEXPR static const char *StaticAlgorithmName() {return "Keccak-256";} +private: + CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE < 200); // ensure there was no underflow in the math + CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE > DIGESTSIZE); // this is a general expectation by HMAC }; //! \class Keccak_384 @@ -96,10 +106,14 @@ class Keccak_384 : public Keccak { public: CRYPTOPP_CONSTANT(DIGESTSIZE = 48) + CRYPTOPP_CONSTANT(BLOCKSIZE = 200 - 2 * DIGESTSIZE) //! \brief Construct a Keccak-384 message digest Keccak_384() : Keccak(DIGESTSIZE) {} CRYPTOPP_CONSTEXPR static const char *StaticAlgorithmName() {return "Keccak-384";} +private: + CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE < 200); // ensure there was no underflow in the math + CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE > DIGESTSIZE); // this is a general expectation by HMAC }; //! \class Keccak_512 @@ -109,10 +123,14 @@ class Keccak_512 : public Keccak { public: CRYPTOPP_CONSTANT(DIGESTSIZE = 64) + CRYPTOPP_CONSTANT(BLOCKSIZE = 200 - 2 * DIGESTSIZE) //! \brief Construct a Keccak-512 message digest Keccak_512() : Keccak(DIGESTSIZE) {} CRYPTOPP_CONSTEXPR static const char *StaticAlgorithmName() {return "Keccak-512";} +private: + CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE < 200); // ensure there was no underflow in the math + CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE > DIGESTSIZE); // this is a general expectation by HMAC }; NAMESPACE_END diff --git a/sha3.h b/sha3.h index 6a8704c8..4f763f26 100644 --- a/sha3.h +++ b/sha3.h @@ -42,6 +42,7 @@ public: void Restart(); void TruncatedFinal(byte *hash, size_t size); + unsigned int BlockSize() const { return r(); } protected: inline unsigned int r() const {return 200 - 2 * m_digestSize;} @@ -56,10 +57,14 @@ class SHA3_224 : public SHA3 { public: CRYPTOPP_CONSTANT(DIGESTSIZE = 28) + CRYPTOPP_CONSTANT(BLOCKSIZE = 200 - 2 * DIGESTSIZE) //! \brief Construct a SHA3-224 message digest SHA3_224() : SHA3(DIGESTSIZE) {} CRYPTOPP_CONSTEXPR static const char *StaticAlgorithmName() {return "SHA3-224";} +private: + CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE < 200); // ensure there was no underflow in the math + CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE > DIGESTSIZE); // this is a general expectation by HMAC }; //! \class SHA3_256 @@ -69,10 +74,14 @@ class SHA3_256 : public SHA3 { public: CRYPTOPP_CONSTANT(DIGESTSIZE = 32) + CRYPTOPP_CONSTANT(BLOCKSIZE = 200 - 2 * DIGESTSIZE) //! \brief Construct a SHA3-256 message digest SHA3_256() : SHA3(DIGESTSIZE) {} CRYPTOPP_CONSTEXPR static const char *StaticAlgorithmName() {return "SHA3-256";} +private: + CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE < 200); // ensure there was no underflow in the math + CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE > DIGESTSIZE); // this is a general expectation by HMAC }; //! \class SHA3_384 @@ -82,10 +91,14 @@ class SHA3_384 : public SHA3 { public: CRYPTOPP_CONSTANT(DIGESTSIZE = 48) + CRYPTOPP_CONSTANT(BLOCKSIZE = 200 - 2 * DIGESTSIZE) //! \brief Construct a SHA3-384 message digest SHA3_384() : SHA3(DIGESTSIZE) {} CRYPTOPP_CONSTEXPR static const char *StaticAlgorithmName() {return "SHA3-384";} +private: + CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE < 200); // ensure there was no underflow in the math + CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE > DIGESTSIZE); // this is a general expectation by HMAC }; //! \class SHA3_512 @@ -95,10 +108,14 @@ class SHA3_512 : public SHA3 { public: CRYPTOPP_CONSTANT(DIGESTSIZE = 64) + CRYPTOPP_CONSTANT(BLOCKSIZE = 200 - 2 * DIGESTSIZE) //! \brief Construct a SHA3-512 message digest SHA3_512() : SHA3(DIGESTSIZE) {} CRYPTOPP_CONSTEXPR static const char *StaticAlgorithmName() {return "SHA3-512";} +private: + CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE < 200); // ensure there was no underflow in the math + CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE > DIGESTSIZE); // this is a general expectation by HMAC }; NAMESPACE_END From 51466b5b24c216d3e7a45f34df4c3d8167911ec0 Mon Sep 17 00:00:00 2001 From: DevJPM Date: Tue, 20 Sep 2016 00:48:02 +0200 Subject: [PATCH 2/9] moved BlockSize() into child classes moved the BlockkSize() function into the child classes and made it return the BLOCKSIZE value to enhance speed --- keccak.h | 6 +++++- sha3.h | 6 +++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/keccak.h b/keccak.h index 4bee18f4..0349b464 100644 --- a/keccak.h +++ b/keccak.h @@ -56,7 +56,7 @@ public: void Restart(); void TruncatedFinal(byte *hash, size_t size); - unsigned int BlockSize() const { return r(); } + //unsigned int BlockSize() const { return r(); } // that's the idea behind it protected: inline unsigned int r() const {return 200 - 2 * m_digestSize;} @@ -77,6 +77,7 @@ public: //! \brief Construct a Keccak-224 message digest Keccak_224() : Keccak(DIGESTSIZE) {} CRYPTOPP_CONSTEXPR static const char *StaticAlgorithmName() {return "Keccak-224";} + unsigned int BlockSize() const { return BLOCKSIZE; } private: CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE < 200); // ensure there was no underflow in the math CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE > DIGESTSIZE); // this is a general expectation by HMAC @@ -94,6 +95,7 @@ public: //! \brief Construct a Keccak-256 message digest Keccak_256() : Keccak(DIGESTSIZE) {} CRYPTOPP_CONSTEXPR static const char *StaticAlgorithmName() {return "Keccak-256";} + unsigned int BlockSize() const { return BLOCKSIZE; } private: CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE < 200); // ensure there was no underflow in the math CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE > DIGESTSIZE); // this is a general expectation by HMAC @@ -111,6 +113,7 @@ public: //! \brief Construct a Keccak-384 message digest Keccak_384() : Keccak(DIGESTSIZE) {} CRYPTOPP_CONSTEXPR static const char *StaticAlgorithmName() {return "Keccak-384";} + unsigned int BlockSize() const { return BLOCKSIZE; } private: CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE < 200); // ensure there was no underflow in the math CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE > DIGESTSIZE); // this is a general expectation by HMAC @@ -128,6 +131,7 @@ public: //! \brief Construct a Keccak-512 message digest Keccak_512() : Keccak(DIGESTSIZE) {} CRYPTOPP_CONSTEXPR static const char *StaticAlgorithmName() {return "Keccak-512";} + unsigned int BlockSize() const { return BLOCKSIZE; } private: CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE < 200); // ensure there was no underflow in the math CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE > DIGESTSIZE); // this is a general expectation by HMAC diff --git a/sha3.h b/sha3.h index 4f763f26..f2d3b742 100644 --- a/sha3.h +++ b/sha3.h @@ -42,7 +42,7 @@ public: void Restart(); void TruncatedFinal(byte *hash, size_t size); - unsigned int BlockSize() const { return r(); } + // unsigned int BlockSize() const { return r(); } // that's the idea behind it protected: inline unsigned int r() const {return 200 - 2 * m_digestSize;} @@ -62,6 +62,7 @@ public: //! \brief Construct a SHA3-224 message digest SHA3_224() : SHA3(DIGESTSIZE) {} CRYPTOPP_CONSTEXPR static const char *StaticAlgorithmName() {return "SHA3-224";} + unsigned int BlockSize() const { return BLOCKSIZE; } private: CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE < 200); // ensure there was no underflow in the math CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE > DIGESTSIZE); // this is a general expectation by HMAC @@ -79,6 +80,7 @@ public: //! \brief Construct a SHA3-256 message digest SHA3_256() : SHA3(DIGESTSIZE) {} CRYPTOPP_CONSTEXPR static const char *StaticAlgorithmName() {return "SHA3-256";} + unsigned int BlockSize() const { return BLOCKSIZE; } private: CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE < 200); // ensure there was no underflow in the math CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE > DIGESTSIZE); // this is a general expectation by HMAC @@ -96,6 +98,7 @@ public: //! \brief Construct a SHA3-384 message digest SHA3_384() : SHA3(DIGESTSIZE) {} CRYPTOPP_CONSTEXPR static const char *StaticAlgorithmName() {return "SHA3-384";} + unsigned int BlockSize() const { return BLOCKSIZE; } private: CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE < 200); // ensure there was no underflow in the math CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE > DIGESTSIZE); // this is a general expectation by HMAC @@ -113,6 +116,7 @@ public: //! \brief Construct a SHA3-512 message digest SHA3_512() : SHA3(DIGESTSIZE) {} CRYPTOPP_CONSTEXPR static const char *StaticAlgorithmName() {return "SHA3-512";} + unsigned int BlockSize() const { return BLOCKSIZE; } private: CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE < 200); // ensure there was no underflow in the math CRYPTOPP_COMPILE_ASSERT(BLOCKSIZE > DIGESTSIZE); // this is a general expectation by HMAC From 478d57341654a1095801b1c4805fe1761c6f6be1 Mon Sep 17 00:00:00 2001 From: Jeffrey Walton Date: Mon, 19 Sep 2016 19:07:27 -0400 Subject: [PATCH 3/9] Whitespace checkin --- cryptdll.vcxproj | 2 +- cryptest.vcxproj | 2 +- cryptlib.vcxproj | 2 +- dlltest.vcxproj | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cryptdll.vcxproj b/cryptdll.vcxproj index 9d23541b..579b2777 100644 --- a/cryptdll.vcxproj +++ b/cryptdll.vcxproj @@ -906,4 +906,4 @@ IF %ERRORLEVEL% EQU 0 (echo mac done > "$(OutDir)"\cryptopp.mac.done) - \ No newline at end of file + diff --git a/cryptest.vcxproj b/cryptest.vcxproj index ae8d2b56..7ccea530 100644 --- a/cryptest.vcxproj +++ b/cryptest.vcxproj @@ -673,4 +673,4 @@ echo unless it undergoes FIPS validation. - \ No newline at end of file + diff --git a/cryptlib.vcxproj b/cryptlib.vcxproj index 61401912..04172809 100644 --- a/cryptlib.vcxproj +++ b/cryptlib.vcxproj @@ -723,4 +723,4 @@ echo: >> adhoc.cpp.copied - \ No newline at end of file + diff --git a/dlltest.vcxproj b/dlltest.vcxproj index 376eab21..3c6293cd 100644 --- a/dlltest.vcxproj +++ b/dlltest.vcxproj @@ -204,4 +204,4 @@ - \ No newline at end of file + From 923efa865b5b1161fb1a4a429b9e57125692f873 Mon Sep 17 00:00:00 2001 From: Jeffrey Walton Date: Mon, 19 Sep 2016 21:18:58 -0400 Subject: [PATCH 4/9] Fix Solaris GCC and "constructor priorities are not supported" --- config.compat | 35 +++++++++++++++++++++++++++-------- config.h | 35 +++++++++++++++++++++++++++-------- cpu.cpp | 5 ----- cryptlib.cpp | 4 ---- 4 files changed, 54 insertions(+), 25 deletions(-) diff --git a/config.compat b/config.compat index 55d22bfd..3f1dd093 100644 --- a/config.compat +++ b/config.compat @@ -119,6 +119,21 @@ // set the name of Rijndael cipher, was "Rijndael" before version 5.3 #define CRYPTOPP_RIJNDAEL_NAME "AES" +// CRYPTOPP_DEBUG enables the library's CRYPTOPP_ASSERT. CRYPTOPP_ASSERT +// raises a SIGTRAP (Unix) or calls DebugBreak() (Windows). CRYPTOPP_ASSERT +// is only in effect when CRYPTOPP_DEBUG, DEBUG or _DEBUG is defined. Unlike +// Posix assert, CRYPTOPP_ASSERT is not affected by NDEBUG (or failure to +// define it). +// Also see http://github.com/weidai11/cryptopp/issues/277, CVE-2016-7420 +#if (defined(DEBUG) || defined(_DEBUG)) && !defined(CRYPTOPP_DEBUG) +# define CRYPTOPP_DEBUG 1 +#endif + +// ***************** Initialization and Constructor priorities ******************** + +// MacPorts/GCC and Solaris/GCC does not provide constructor(priority). Apple/GCC and Fink/GCC do provide it. +// See http://cryptopp.com/wiki/Static_Initialization_Order_Fiasco + // CRYPTOPP_INIT_PRIORITY attempts to manage initialization of C++ static objects. // Under GCC, the library uses init_priority attribute in the range // [CRYPTOPP_INIT_PRIORITY, CRYPTOPP_INIT_PRIORITY+100]. Under Windows, @@ -136,14 +151,18 @@ # define CRYPTOPP_USER_PRIORITY 350 #endif -// CRYPTOPP_DEBUG enables the library's CRYPTOPP_ASSERT. CRYPTOPP_ASSERT -// raises a SIGTRAP (Unix) or calls DebugBreak() (Windows). CRYPTOPP_ASSERT -// is only in effect when CRYPTOPP_DEBUG, DEBUG or _DEBUG is defined. Unlike -// Posix assert, CRYPTOPP_ASSERT is not affected by NDEBUG (or failure to -// define it). -// Also see http://github.com/weidai11/cryptopp/issues/277, CVE-2016-7420 -#if (defined(DEBUG) || defined(_DEBUG)) && !defined(CRYPTOPP_DEBUG) -# define CRYPTOPP_DEBUG 1 +// __attribute__(init_priority(250)) is supported +#if (__GNUC__ && (CRYPTOPP_INIT_PRIORITY > 0) && ((CRYPTOPP_GCC_VERSION >= 40300) || (CRYPTOPP_LLVM_CLANG_VERSION >= 20900) || (_INTEL_COMPILER >= 300)) && !(MACPORTS_GCC_COMPILER > 0) && !defined(__sun__)) +# define HAVE_GCC_CONSTRUCTOR1 1 +#endif + +// __attribute__(init_priority()) is supported +#if (__GNUC__ && (CRYPTOPP_INIT_PRIORITY > 0) && !HAVE_GCC_CONSTRUCTOR1 && !(MACPORTS_GCC_COMPILER > 0) && !defined(__sun__)) +# define HAVE_GCC_CONSTRUCTOR0 1 +#endif + +#if (_MSC_VER && (CRYPTOPP_INIT_PRIORITY > 0)) +# define HAVE_MSC_INIT_PRIORITY 1 #endif // ***************** Important Settings Again ******************** diff --git a/config.h b/config.h index c9cbb15d..c8920928 100644 --- a/config.h +++ b/config.h @@ -119,6 +119,21 @@ // set the name of Rijndael cipher, was "Rijndael" before version 5.3 #define CRYPTOPP_RIJNDAEL_NAME "AES" +// CRYPTOPP_DEBUG enables the library's CRYPTOPP_ASSERT. CRYPTOPP_ASSERT +// raises a SIGTRAP (Unix) or calls DebugBreak() (Windows). CRYPTOPP_ASSERT +// is only in effect when CRYPTOPP_DEBUG, DEBUG or _DEBUG is defined. Unlike +// Posix assert, CRYPTOPP_ASSERT is not affected by NDEBUG (or failure to +// define it). +// Also see http://github.com/weidai11/cryptopp/issues/277, CVE-2016-7420 +#if (defined(DEBUG) || defined(_DEBUG)) && !defined(CRYPTOPP_DEBUG) +# define CRYPTOPP_DEBUG 1 +#endif + +// ***************** Initialization and Constructor priorities ******************** + +// MacPorts/GCC and Solaris/GCC does not provide constructor(priority). Apple/GCC and Fink/GCC do provide it. +// See http://cryptopp.com/wiki/Static_Initialization_Order_Fiasco + // CRYPTOPP_INIT_PRIORITY attempts to manage initialization of C++ static objects. // Under GCC, the library uses init_priority attribute in the range // [CRYPTOPP_INIT_PRIORITY, CRYPTOPP_INIT_PRIORITY+100]. Under Windows, @@ -136,14 +151,18 @@ # define CRYPTOPP_USER_PRIORITY 350 #endif -// CRYPTOPP_DEBUG enables the library's CRYPTOPP_ASSERT. CRYPTOPP_ASSERT -// raises a SIGTRAP (Unix) or calls DebugBreak() (Windows). CRYPTOPP_ASSERT -// is only in effect when CRYPTOPP_DEBUG, DEBUG or _DEBUG is defined. Unlike -// Posix assert, CRYPTOPP_ASSERT is not affected by NDEBUG (or failure to -// define it). -// Also see http://github.com/weidai11/cryptopp/issues/277, CVE-2016-7420 -#if (defined(DEBUG) || defined(_DEBUG)) && !defined(CRYPTOPP_DEBUG) -# define CRYPTOPP_DEBUG 1 +// __attribute__(init_priority(250)) is supported +#if (__GNUC__ && (CRYPTOPP_INIT_PRIORITY > 0) && ((CRYPTOPP_GCC_VERSION >= 40300) || (CRYPTOPP_LLVM_CLANG_VERSION >= 20900) || (_INTEL_COMPILER >= 300)) && !(MACPORTS_GCC_COMPILER > 0) && !defined(__sun__)) +# define HAVE_GCC_CONSTRUCTOR1 1 +#endif + +// __attribute__(init_priority()) is supported +#if (__GNUC__ && (CRYPTOPP_INIT_PRIORITY > 0) && !HAVE_GCC_CONSTRUCTOR1 && !(MACPORTS_GCC_COMPILER > 0) && !defined(__sun__)) +# define HAVE_GCC_CONSTRUCTOR0 1 +#endif + +#if (_MSC_VER && (CRYPTOPP_INIT_PRIORITY > 0)) +# define HAVE_MSC_INIT_PRIORITY 1 #endif // ***************** Important Settings Again ******************** diff --git a/cpu.cpp b/cpu.cpp index ce9fc2ee..42831c15 100644 --- a/cpu.cpp +++ b/cpu.cpp @@ -25,11 +25,6 @@ NAMESPACE_BEGIN(CryptoPP) #ifndef CRYPTOPP_MS_STYLE_INLINE_ASSEMBLY - -// MacPorts/GCC does not provide constructor(priority). Apple/GCC and Fink/GCC do provide it. -#define HAVE_GCC_CONSTRUCTOR1 (__GNUC__ && (CRYPTOPP_INIT_PRIORITY > 0) && ((CRYPTOPP_GCC_VERSION >= 40300) || (CRYPTOPP_LLVM_CLANG_VERSION >= 20900) || (_INTEL_COMPILER >= 300)) && !(MACPORTS_GCC_COMPILER > 0)) -#define HAVE_GCC_CONSTRUCTOR0 (__GNUC__ && (CRYPTOPP_INIT_PRIORITY > 0) && !(MACPORTS_GCC_COMPILER > 0)) - extern "C" { typedef void (*SigHandler)(int); }; diff --git a/cryptlib.cpp b/cryptlib.cpp index c1f6f63e..d58c71d5 100644 --- a/cryptlib.cpp +++ b/cryptlib.cpp @@ -32,10 +32,6 @@ # error Cygwin does not support Windows style sockets. See http://www.cygwin.com/faq.html#faq.api.winsock #endif -// MacPorts/GCC does not provide init_priority(priority). Apple/GCC and Fink/GCC do provide it. -#define HAVE_GCC_INIT_PRIORITY (__GNUC__ && (CRYPTOPP_INIT_PRIORITY > 0) && !(MACPORTS_GCC_COMPILER > 0)) -#define HAVE_MSC_INIT_PRIORITY (_MSC_VER && (CRYPTOPP_INIT_PRIORITY > 0)) - NAMESPACE_BEGIN(CryptoPP) CRYPTOPP_COMPILE_ASSERT(sizeof(byte) == 1); From f7c8251a088332d7b78f911357539b9b24b582e9 Mon Sep 17 00:00:00 2001 From: Jeffrey Walton Date: Mon, 19 Sep 2016 22:35:53 -0400 Subject: [PATCH 5/9] Updated documentation --- ossig.h | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/ossig.h b/ossig.h index 27df5562..ca5398a4 100644 --- a/ossig.h +++ b/ossig.h @@ -20,11 +20,22 @@ NAMESPACE_BEGIN(CryptoPP) #if defined(CRYPTOPP_BSD_AVAILABLE) || defined(CRYPTOPP_UNIX_AVAILABLE) || defined(CRYPTOPP_DOXYGEN_PROCESSING) //! \brief Signal handler function pointer -//! \sa SignalHandler +//! \details SignalHandlerFn is provided as a stand alone function pointer with external "C" linkage +//! \sa SignalHandler, NullSignalHandler extern "C" { typedef void (*SignalHandlerFn) (int); }; +//! \brief Null signal handler function +//! \param unused the signal number +//! \details NullSignalHandler is provided as a stand alone function with external "C" linkage +//! and not a static member function due to the the member function's implicit +//! external "C++" linkage. +//! \sa SignalHandler, SignalHandlerFn +extern "C" { + inline void NullSignalHandler(int unused) {CRYPTOPP_UNUSED(unused);} +}; + //! Signal handler for Linux and Unix compatibles //! \tparam S Signal number //! \tparam O Flag indicating exsting handler should be overwriiten @@ -38,7 +49,7 @@ extern "C" { //! \warning Do not use SignalHandler in a code block that uses setjmp or longjmp //! because the destructor may not run. //! \since Crypto++ 5.6.5 -//! \sa SignalHandlerFn, \ref CRYPTOPP_ASSERT "CRYPTOPP_ASSERT", DebugTrapHandler +//! \sa NullSignalHandler, SignalHandlerFn, \ref CRYPTOPP_ASSERT "CRYPTOPP_ASSERT", DebugTrapHandler template struct SignalHandler { @@ -72,7 +83,7 @@ struct SignalHandler if (m_old.sa_handler != 0 && !O) break; // Sun Studio 12.2-12.4 needs the two casts, and they must be C-style casts - new_handler.sa_handler = (SignalHandlerFn)(pfn ? pfn : (SignalHandlerFn)&SignalHandler::NullHandler); + new_handler.sa_handler = (pfn ? pfn : &NullSignalHandler); new_handler.sa_flags = (pfn ? flags : 0); ret = sigemptyset (&new_handler.sa_mask); @@ -97,8 +108,6 @@ private: struct sigaction m_old; bool m_installed; - static void NullHandler(int /*unused*/) { /* continue*/ } - private: // Not copyable SignalHandler(const SignalHandler &); From 0e9da813110e29e3b60202859941aaf4a5c76fee Mon Sep 17 00:00:00 2001 From: Jeffrey Walton Date: Mon, 19 Sep 2016 23:00:33 -0400 Subject: [PATCH 6/9] Fix compile under CentOS 5 with GCC 4.1 --- config.compat | 2 +- config.h | 2 +- cpu.h | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/config.compat b/config.compat index 3f1dd093..4e7271a4 100644 --- a/config.compat +++ b/config.compat @@ -473,7 +473,7 @@ NAMESPACE_END #define CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE 0 #endif - #if !defined(CRYPTOPP_DISABLE_SSE3) && (_MSC_VER >= 1400 || CRYPTOPP_GCC_VERSION >= 40102 || defined(__SSSE3__)) + #if !defined(CRYPTOPP_DISABLE_SSE3) && (_MSC_VER >= 1400 || (defined(__SSE3__) && defined(__SSSE3__))) #define CRYPTOPP_BOOL_SSSE3_ASM_AVAILABLE 1 #else #define CRYPTOPP_BOOL_SSSE3_ASM_AVAILABLE 0 diff --git a/config.h b/config.h index c8920928..f0d43680 100644 --- a/config.h +++ b/config.h @@ -473,7 +473,7 @@ NAMESPACE_END #define CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE 0 #endif - #if !defined(CRYPTOPP_DISABLE_SSE3) && (_MSC_VER >= 1400 || CRYPTOPP_GCC_VERSION >= 40102 || defined(__SSSE3__)) + #if !defined(CRYPTOPP_DISABLE_SSE3) && (_MSC_VER >= 1400 || (defined(__SSE3__) && defined(__SSSE3__))) #define CRYPTOPP_BOOL_SSSE3_ASM_AVAILABLE 1 #else #define CRYPTOPP_BOOL_SSSE3_ASM_AVAILABLE 0 diff --git a/cpu.h b/cpu.h index 61db67e9..8d5b931a 100644 --- a/cpu.h +++ b/cpu.h @@ -38,7 +38,7 @@ // PUSHFB needs Clang 3.3 and Apple Clang 5.0. // #if (defined(__SSE3__) || defined(__SSSE3__)) || defined(__INTEL_COMPILER) || (CRYPTOPP_LLVM_CLANG_VERSION >= 30300) || (CRYPTOPP_APPLE_CLANG_VERSION >= 50000) #if CRYPTOPP_BOOL_SSSE3_ASM_AVAILABLE -# include // _mm_shuffle_epi16 +# include // _mm_shuffle_pi8, _mm_shuffle_epi8 #endif // tmmintrin.h // PEXTRD needs Clang 3.3 and Apple Clang 5.0. From 51423972b1b5eea640ff2b8d9230b73650ec3bf1 Mon Sep 17 00:00:00 2001 From: Jeffrey Walton Date: Mon, 19 Sep 2016 23:18:19 -0400 Subject: [PATCH 7/9] Updated documentation --- misc.h | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/misc.h b/misc.h index b9777cc8..a90c6801 100644 --- a/misc.h +++ b/misc.h @@ -1194,17 +1194,17 @@ inline void SecureWipeArray(T *buf, size_t n) } //! \brief Converts a wide character C-string to a multibyte string -//! \param str C-string consiting of wide characters -//! \param throwOnError specifies the function should throw an InvalidArgument exception on error +//! \param str C-string consisting of wide characters +//! \param throwOnError flag indication the function should throw on error //! \returns str converted to a multibyte string or an empty string. -//! \details StringNarrow converts a wide string to a narrow string using C++ std::wcstombs under the executing -//! thread's locale. A locale must be set before using this function, and it can be set with std::setlocale. -//! Upon success, the converted string is returned. -//! \details Upon failure with throwOnError as false, the function returns an empty string. Upon failure with -//! throwOnError as true, the function throws InvalidArgument exception. +//! \details StringNarrow converts a wide string to a narrow string using C++ std::wcstombs() under +//! the executing thread's locale. A locale must be set before using this function, and it can be +//! set with std::setlocale() if needed. Upon success, the converted string is returned. +//! \details Upon failure with throwOnError as false, the function returns an empty string. If +//! throwOnError as true, the function throws an InvalidArgument() exception. //! \note If you try to convert, say, the Chinese character for "bone" from UTF-16 (0x9AA8) to UTF-8 //! (0xE9 0xAA 0xA8), then you must ensure the locale is available. If the locale is not available, -//! then a 0x21 error is returned on Windows which eventually results in an InvalidArgument exception. +//! then a 0x21 error is returned on Windows which eventually results in an InvalidArgument() exception. #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 std::string StringNarrow(const wchar_t *str, bool throwOnError = true); #else @@ -1269,10 +1269,10 @@ CONVERSION_ERROR: //! \brief Allocates a buffer on 16-byte boundary //! \param size the size of the buffer -//! \details AlignedAllocate is primarily used when the data will be proccessed by MMX and SSE2 +//! \details AlignedAllocate is primarily used when the data will be proccessed by MMX, SSE2 and NEON //! instructions. The assembly language routines rely on the alignment. If the alignment is not -//! respected, then a SIGBUS is generated under Unix and an EXCEPTION_DATATYPE_MISALIGNMENT -//! is generated under Windows. +//! respected, then a SIGBUS could be generated on Unix and Linux, and an +//! EXCEPTION_DATATYPE_MISALIGNMENT could be generated on Windows. //! \note AlignedAllocate and AlignedDeallocate are available when CRYPTOPP_BOOL_ALIGN16 is //! defined. CRYPTOPP_BOOL_ALIGN16 is defined in config.h CRYPTOPP_DLL void* CRYPTOPP_API AlignedAllocate(size_t size); @@ -1304,7 +1304,7 @@ CRYPTOPP_DLL void CRYPTOPP_API UnalignedDeallocate(void *ptr); //! \tparam T the word type //! \param x the value to rotate //! \param y the number of bit positions to rotate the value -//! \details This is a portable C/C++ implementation. The value x to be rotated can be 8 to 64-bits. +//! \details This is a portable C/C++ implementation. The value x to be rotated can be 8 to 64-bits wide. //! \details y must be in the range [0, sizeof(T)*8 - 1] to avoid undefined behavior. //! Use rotlMod if the rotate amount y is outside the range. //! \note rotlFixed attempts to enlist a rotate IMM instruction because its often faster @@ -1326,7 +1326,7 @@ template inline T rotlFixed(T x, unsigned int y) //! \tparam T the word type //! \param x the value to rotate //! \param y the number of bit positions to rotate the value -//! \details This is a portable C/C++ implementation. The value x to be rotated can be 8 to 64-bits. +//! \details This is a portable C/C++ implementation. The value x to be rotated can be 8 to 64-bits wide. //! \details y must be in the range [0, sizeof(T)*8 - 1] to avoid undefined behavior. //! Use rotrMod if the rotate amount y is outside the range. //! \note rotrFixed attempts to enlist a rotate IMM instruction because its often faster @@ -1348,7 +1348,7 @@ template inline T rotrFixed(T x, unsigned int y) //! \tparam T the word type //! \param x the value to rotate //! \param y the number of bit positions to rotate the value -//! \details This is a portable C/C++ implementation. The value x to be rotated can be 8 to 64-bits. +//! \details This is a portable C/C++ implementation. The value x to be rotated can be 8 to 64-bits wide. //! \details y must be in the range [0, sizeof(T)*8 - 1] to avoid undefined behavior. //! Use rotlMod if the rotate amount y is outside the range. //! \note rotlVariable attempts to enlist a rotate IMM instruction because its often faster @@ -1366,7 +1366,7 @@ template inline T rotlVariable(T x, unsigned int y) //! \tparam T the word type //! \param x the value to rotate //! \param y the number of bit positions to rotate the value -//! \details This is a portable C/C++ implementation. The value x to be rotated can be 8 to 64-bits. +//! \details This is a portable C/C++ implementation. The value x to be rotated can be 8 to 64-bits wide. //! \details y must be in the range [0, sizeof(T)*8 - 1] to avoid undefined behavior. //! Use rotrMod if the rotate amount y is outside the range. //! \note rotrVariable attempts to enlist a rotate IMM instruction because its often faster @@ -1384,7 +1384,7 @@ template inline T rotrVariable(T x, unsigned int y) //! \tparam T the word type //! \param x the value to rotate //! \param y the number of bit positions to rotate the value -//! \details This is a portable C/C++ implementation. The value x to be rotated can be 8 to 64-bits. +//! \details This is a portable C/C++ implementation. The value x to be rotated can be 8 to 64-bits wide. //! \details y is reduced to the range [0, sizeof(T)*8 - 1] to avoid undefined behavior. //! \note rotrVariable will use either rotate IMM or rotate REG. template inline T rotlMod(T x, unsigned int y) @@ -1398,7 +1398,7 @@ template inline T rotlMod(T x, unsigned int y) //! \tparam T the word type //! \param x the value to rotate //! \param y the number of bit positions to rotate the value -//! \details This is a portable C/C++ implementation. The value x to be rotated can be 8 to 64-bits. +//! \details This is a portable C/C++ implementation. The value x to be rotated can be 8 to 64-bits wide. //! \details y is reduced to the range [0, sizeof(T)*8 - 1] to avoid undefined behavior. //! \note rotrVariable will use either rotate IMM or rotate REG. template inline T rotrMod(T x, unsigned int y) From 49d7187255a3a44819d76a173d51a598a16cbedf Mon Sep 17 00:00:00 2001 From: Jeffrey Walton Date: Tue, 20 Sep 2016 00:35:27 -0400 Subject: [PATCH 8/9] Cleanup feature defines in . Cleanup intrinsic includes in --- config.compat | 7 +++++++ config.h | 7 +++++++ cpu.h | 21 ++++++++++----------- 3 files changed, 24 insertions(+), 11 deletions(-) diff --git a/config.compat b/config.compat index 4e7271a4..040701a5 100644 --- a/config.compat +++ b/config.compat @@ -510,6 +510,13 @@ NAMESPACE_END #define CRYPTOPP_BOOL_AESNI_INTRINSICS_AVAILABLE 0 #endif +// AVX2 in MSC 18.00 +#if !defined(CRYPTOPP_DISABLE_ASM) && !defined(CRYPTOPP_DISABLE_AVX) && (((_MSC_VER >= 1600) && !defined(_M_ARM)) || (defined(__RDRND__) || defined(__RDSEED__) || defined(__AVX__))) + #define CRYPTOPP_BOOL_AVX_AVAILABLE 1 +#else + #define CRYPTOPP_BOOL_AVX_AVAILABLE 0 +#endif + // Requires ARMv7 and ACLE 1.0. Testing shows ARMv7 is really ARMv7a under most toolchains. #if !defined(CRYPTOPP_BOOL_NEON_INTRINSICS_AVAILABLE) && !defined(CRYPTOPP_DISABLE_ASM) # if defined(__ARM_NEON__) || defined(__ARM_NEON) || defined(_M_ARM) diff --git a/config.h b/config.h index f0d43680..d73e2372 100644 --- a/config.h +++ b/config.h @@ -510,6 +510,13 @@ NAMESPACE_END #define CRYPTOPP_BOOL_AESNI_INTRINSICS_AVAILABLE 0 #endif +// AVX2 in MSC 18.00 +#if !defined(CRYPTOPP_DISABLE_ASM) && !defined(CRYPTOPP_DISABLE_AVX) && (((_MSC_VER >= 1600) && !defined(_M_ARM)) || (defined(__RDRND__) || defined(__RDSEED__) || defined(__AVX__))) + #define CRYPTOPP_BOOL_AVX_AVAILABLE 1 +#else + #define CRYPTOPP_BOOL_AVX_AVAILABLE 0 +#endif + // Requires ARMv7 and ACLE 1.0. Testing shows ARMv7 is really ARMv7a under most toolchains. #if !defined(CRYPTOPP_BOOL_NEON_INTRINSICS_AVAILABLE) && !defined(CRYPTOPP_DISABLE_ASM) # if defined(__ARM_NEON__) || defined(__ARM_NEON) || defined(_M_ARM) diff --git a/cpu.h b/cpu.h index 8d5b931a..6cef77bf 100644 --- a/cpu.h +++ b/cpu.h @@ -29,31 +29,30 @@ #if (CRYPTOPP_GCC_VERSION >= 40800) # include #endif +#if (CRYPTOPP_MSC_VERSION >= 1400) +# include +#endif // Baseline include #if CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE || CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE # include // __m64, __m128i, _mm_set_epi64x #endif - -// PUSHFB needs Clang 3.3 and Apple Clang 5.0. -// #if (defined(__SSE3__) || defined(__SSSE3__)) || defined(__INTEL_COMPILER) || (CRYPTOPP_LLVM_CLANG_VERSION >= 30300) || (CRYPTOPP_APPLE_CLANG_VERSION >= 50000) #if CRYPTOPP_BOOL_SSSE3_ASM_AVAILABLE # include // _mm_shuffle_pi8, _mm_shuffle_epi8 #endif // tmmintrin.h - -// PEXTRD needs Clang 3.3 and Apple Clang 5.0. -// #if (defined(__SSE4_1__) || defined(__SSE4_1__)) || defined(__INTEL_COMPILER) || (CRYPTOPP_LLVM_CLANG_VERSION >= 30300) || (CRYPTOPP_APPLE_CLANG_VERSION >= 50000) #if CRYPTOPP_BOOL_SSE4_INTRINSICS_AVAILABLE # include // _mm_blend_epi16 # include // _mm_crc32_u{8|16|32} #endif // smmintrin.h - -// AES and CLMUL need Clang 2.8 and Apple Clang 4.6. CLMUL needs Clang 3.4 and Apple Clang 6.0 -// #if (defined(__AES__) || defined(__PCLMUL__)) || defined(__INTEL_COMPILER) || (CRYPTOPP_LLVM_CLANG_VERSION >= 30400) || (CRYPTOPP_APPLE_CLANG_VERSION >= 60000) #if CRYPTOPP_BOOL_AESNI_INTRINSICS_AVAILABLE -# include +# include // aesenc, aesdec, etc #endif // wmmintrin.h - +#if CRYPTOPP_BOOL_AVX_INTRINSICS_AVAILABLE +# include // RDRAND, RDSEED and AVX +#endif +#if CRYPTOPP_BOOL_AVX2_INTRINSICS_AVAILABLE +# include // AVX 512-bit extensions +#endif #endif // X86/X64/X32 Headers // Applies to both X86/X32/X64 and ARM32/ARM64. And we've got MIPS devices on the way. From 31a7b99f9e0b3a138c07f512df90e22346b70b9b Mon Sep 17 00:00:00 2001 From: Jeffrey Walton Date: Tue, 20 Sep 2016 02:26:04 -0400 Subject: [PATCH 9/9] Remove CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 from block defining word64 based on data models We use the samllest word size that meets requirements, not th e largest size. That helps us get to a word128 on more platforms --- config.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config.h b/config.h index d73e2372..c82f7021 100644 --- a/config.h +++ b/config.h @@ -237,7 +237,7 @@ typedef unsigned int word32; #if defined(_MSC_VER) || defined(__BORLANDC__) typedef unsigned __int64 word64; #define W64LIT(x) x##ui64 -#elif (_LP64 || __LP64__) && ((__arm64__ || __aarch64__) || !defined(CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562)) +#elif (_LP64 || __LP64__) typedef unsigned long word64; #define W64LIT(x) x##UL #else