generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Move more BN internals to bn_lcl.h

Browse Source 
There was an unused macro in ssl_locl.h that used an internal
type, so I removed it.
Move bio_st from bio.h to ossl_type.h

Reviewed-by: Andy Polyakov <appro@openssl.org>
This commit is contained in:
Rich Salz
2016-01-28 10:13:21 -05:00
committed by Rich Salz
parent 98ab57644f
commit 94af0cd7f3
12 changed files with 130 additions and 146 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES
View File

@@ -16,6 +16,9 @@
RC2_SHORT, RC2_LONG, RC4_LONG, RC4_CHUNK, RC4_INDEX RC2_SHORT, RC2_LONG, RC4_LONG, RC4_CHUNK, RC4_INDEX
[Rich Salz, with advice from Andy Polyakov] [Rich Salz, with advice from Andy Polyakov]
*) Many BN internals have been moved to an internal header file.
[Rich Salz with help from Andy Polyakov]
*) Configuration and writing out the results from it has changed. *) Configuration and writing out the results from it has changed.
Files such as Makefile include/openssl/opensslconf.h and are now Files such as Makefile include/openssl/opensslconf.h and are now
produced through general templates, such as Makefile.in and produced through general templates, such as Makefile.in and

22
Configure
View File

@@ -1116,17 +1116,21 @@ my $def_int="unsigned int";
$config{rc4_int} =$def_int; $config{rc4_int} =$def_int;
($config{b64l},$config{b64},$config{b32})=(0,0,1); ($config{b64l},$config{b64},$config{b32})=(0,0,1);
my $count = 0;
foreach (sort split(/\s+/,$target{bn_ops})) { foreach (sort split(/\s+/,$target{bn_ops})) {
$config{bn_ll}=1 if /BN_LLONG/; $count++ if /SIXTY_FOUR_BIT|SIXTY_FOUR_BIT_LONG|THIRTY_TWO_BIT/;
$config{rc4_int}="unsigned char" if /RC4_CHAR/; $config{export_var_as_fn}=1 if $_ eq 'EXPORT_VAR_AS_FN';
($config{b64l},$config{b64},$config{b32},$config{b16},$config{b8}) $config{bn_ll}=1 if $_ eq 'BN_LLONG';
=(0,1,0,0,0) if /SIXTY_FOUR_BIT/; $config{rc4_int}="unsigned char" if $_ eq 'RC4_CHAR';
($config{b64l},$config{b64},$config{b32},$config{b16},$config{b8}) ($config{b64l},$config{b64},$config{b32})
=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/; =(0,1,0) if $_ eq 'SIXTY_FOUR_BIT';
($config{b64l},$config{b64},$config{b32},$config{b16},$config{b8}) ($config{b64l},$config{b64},$config{b32})
=(0,0,1,0,0) if /THIRTY_TWO_BIT/; =(1,0,0) if $_ eq 'SIXTY_FOUR_BIT_LONG';
$config{export_var_as_fn}=1 if /EXPORT_VAR_AS_FN/; ($config{b64l},$config{b64},$config{b32})
=(0,0,1) if $_ eq 'THIRTY_TWO_BIT';
} }
die "Exactly one of SIXTY_FOUR_BIT|SIXTY_FOUR_BIT_LONG|THIRTY_TWO_BIT can be set in bn_ops\n"
if $count > 1;
# Hack cflags for better warnings (dev option) ####################### # Hack cflags for better warnings (dev option) #######################

8
crypto/bn/bn_div.c
View File

@@ -360,10 +360,6 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
q = (BN_ULONG)(((((BN_ULLONG) n0) << BN_BITS2) | n1) / d0); q = (BN_ULONG)(((((BN_ULLONG) n0) << BN_BITS2) | n1) / d0);
# else # else
q = bn_div_words(n0, n1, d0); q = bn_div_words(n0, n1, d0);
# ifdef BN_DEBUG_LEVITTE
fprintf(stderr, "DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\
X) -> 0x%08X\n", n0, n1, d0, q);
# endif
# endif # endif
# ifndef REMAINDER_IS_ALREADY_CALCULATED # ifndef REMAINDER_IS_ALREADY_CALCULATED
@@ -388,10 +384,6 @@ X) -> 0x%08X\n", n0, n1, d0, q);
BN_ULONG t2l, t2h; BN_ULONG t2l, t2h;
q = bn_div_words(n0, n1, d0); q = bn_div_words(n0, n1, d0);
# ifdef BN_DEBUG_LEVITTE
fprintf(stderr, "DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\
X) -> 0x%08X\n", n0, n1, d0, q);
# endif
# ifndef REMAINDER_IS_ALREADY_CALCULATED # ifndef REMAINDER_IS_ALREADY_CALCULATED
rem = (n1 - q * d0) & BN_MASK2; rem = (n1 - q * d0) & BN_MASK2;
# endif # endif

2
crypto/bn/bn_gcd.c
View File

@@ -290,7 +290,7 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
* sign*Y*a == A (mod |n|). * sign*Y*a == A (mod |n|).
*/ */
if (BN_is_odd(n) && (BN_num_bits(n) <= (BN_BITS <= 32 ? 450 : 2048))) { if (BN_is_odd(n) && (BN_num_bits(n) <= 2048)) {
/* /*
* Binary inversion algorithm; requires odd modulus. This is faster * Binary inversion algorithm; requires odd modulus. This is faster
* than the general algorithm if the modulus is sufficiently small * than the general algorithm if the modulus is sufficiently small

88
crypto/bn/bn_lcl.h
View File

@@ -118,6 +118,94 @@
extern "C" { extern "C" {
#endif #endif
/*
* These preprocessor symbols control various aspects of the bignum headers
* and library code. They're not defined by any "normal" configuration, as
* they are intended for development and testing purposes. NB: defining all
* three can be useful for debugging application code as well as openssl
* itself. BN_DEBUG - turn on various debugging alterations to the bignum
* code BN_DEBUG_RAND - uses random poisoning of unused words to trip up
* mismanagement of bignum internals. You must also define BN_DEBUG.
*/
/* #define BN_DEBUG */
/* #define BN_DEBUG_RAND */
# ifndef OPENSSL_SMALL_FOOTPRINT
# define BN_MUL_COMBA
# define BN_SQR_COMBA
# define BN_RECURSION
# endif
/*
* This next option uses the C libraries (2 word)/(1 word) function. If it is
* not defined, I use my C version (which is slower). The reason for this
* flag is that when the particular C compiler library routine is used, and
* the library is linked with a different compiler, the library is missing.
* This mostly happens when the library is built with gcc and then linked
* using normal cc. This would be a common occurrence because gcc normally
* produces code that is 2 times faster than system compilers for the big
* number stuff. For machines with only one compiler (or shared libraries),
* this should be on. Again this in only really a problem on machines using
* "long long's", are 32bit, and are not using my assembler code.
*/
# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || \
defined(OPENSSL_SYS_WIN32) || defined(linux)
# define BN_DIV2W
# endif
/*
* 64-bit processor with LP64 ABI
*/
# ifdef SIXTY_FOUR_BIT_LONG
# define BN_ULLONG unsigned long long
# define BN_BITS4 32
# define BN_MASK2 (0xffffffffffffffffL)
# define BN_MASK2l (0xffffffffL)
# define BN_MASK2h (0xffffffff00000000L)
# define BN_MASK2h1 (0xffffffff80000000L)
# define BN_DEC_CONV (10000000000000000000UL)
# define BN_DEC_NUM 19
# define BN_DEC_FMT1 "%lu"
# define BN_DEC_FMT2 "%019lu"
# endif
/*
* 64-bit processor other than LP64 ABI
*/
# ifdef SIXTY_FOUR_BIT
# undef BN_LLONG
# undef BN_ULLONG
# define BN_BITS4 32
# define BN_MASK2 (0xffffffffffffffffLL)
# define BN_MASK2l (0xffffffffL)
# define BN_MASK2h (0xffffffff00000000LL)
# define BN_MASK2h1 (0xffffffff80000000LL)
# define BN_DEC_CONV (10000000000000000000ULL)
# define BN_DEC_NUM 19
# define BN_DEC_FMT1 "%llu"
# define BN_DEC_FMT2 "%019llu"
# endif
# ifdef THIRTY_TWO_BIT
# ifdef BN_LLONG
# if defined(_WIN32) && !defined(__GNUC__)
# define BN_ULLONG unsigned __int64
# else
# define BN_ULLONG unsigned long long
# endif
# endif
# define BN_BITS4 16
# define BN_MASK2 (0xffffffffL)
# define BN_MASK2l (0xffff)
# define BN_MASK2h1 (0xffff8000L)
# define BN_MASK2h (0xffff0000L)
# define BN_DEC_CONV (1000000000L)
# define BN_DEC_NUM 9
# define BN_DEC_FMT1 "%u"
# define BN_DEC_FMT2 "%09u"
# endif
/*- /*-
* Bignum consistency macros * Bignum consistency macros
* There is one "API" macro, bn_fix_top(), for stripping leading zeroes from * There is one "API" macro, bn_fix_top(), for stripping leading zeroes from

1
crypto/ec/ecp_nistz256.c
View File

@@ -179,7 +179,6 @@ static BN_ULONG is_zero(BN_ULONG in)
{ {
in |= (0 - in); in |= (0 - in);
in = ~in; in = ~in;
in &= BN_MASK2;
in >>= BN_BITS2 - 1; in >>= BN_BITS2 - 1;
return in; return in;
} }

2
include/openssl/bio.h
View File

@@ -221,8 +221,6 @@ extern "C" {
*/ */
# define BIO_FLAGS_MEM_RDONLY 0x200 # define BIO_FLAGS_MEM_RDONLY 0x200
typedef struct bio_st BIO;
void BIO_set_flags(BIO *b, int flags); void BIO_set_flags(BIO *b, int flags);
int BIO_test_flags(const BIO *b, int flags); int BIO_test_flags(const BIO *b, int flags);
void BIO_clear_flags(BIO *b, int flags); void BIO_clear_flags(BIO *b, int flags);

113
include/openssl/bn.h
View File

@@ -137,126 +137,29 @@ extern "C" {
#endif #endif
/* /*
* These preprocessor symbols control various aspects of the bignum headers * 64-bit processor with LP64 ABI
* and library code. They're not defined by any "normal" configuration, as
* they are intended for development and testing purposes. NB: defining all
* three can be useful for debugging application code as well as openssl
* itself. BN_DEBUG - turn on various debugging alterations to the bignum
* code BN_DEBUG_RAND - uses random poisoning of unused words to trip up
* mismanagement of bignum internals. You must also define BN_DEBUG.
*/
/* #define BN_DEBUG */
/* #define BN_DEBUG_RAND */
# ifndef OPENSSL_SMALL_FOOTPRINT
# define BN_MUL_COMBA
# define BN_SQR_COMBA
# define BN_RECURSION
# endif
/*
* This next option uses the C libraries (2 word)/(1 word) function. If it is
* not defined, I use my C version (which is slower). The reason for this
* flag is that when the particular C compiler library routine is used, and
* the library is linked with a different compiler, the library is missing.
* This mostly happens when the library is built with gcc and then linked
* using normal cc. This would be a common occurrence because gcc normally
* produces code that is 2 times faster than system compilers for the big
* number stuff. For machines with only one compiler (or shared libraries),
* this should be on. Again this in only really a problem on machines using
* "long long's", are 32bit, and are not using my assembler code.
*/
# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || \
defined(OPENSSL_SYS_WIN32) || defined(linux)
# ifndef BN_DIV2W
# define BN_DIV2W
# endif
# endif
/*
* assuming long is 64bit - this is the DEC Alpha unsigned long long is only
* 64 bits :-(, don't define BN_LLONG for the DEC Alpha
*/ */
# ifdef SIXTY_FOUR_BIT_LONG # ifdef SIXTY_FOUR_BIT_LONG
# define BN_ULLONG unsigned long long
# define BN_ULONG unsigned long # define BN_ULONG unsigned long
# define BN_LONG long
# define BN_BITS 128
# define BN_BYTES 8 # define BN_BYTES 8
# define BN_BITS2 64
# define BN_BITS4 32
# define BN_MASK (0xffffffffffffffffffffffffffffffffLL)
# define BN_MASK2 (0xffffffffffffffffL)
# define BN_MASK2l (0xffffffffL)
# define BN_MASK2h (0xffffffff00000000L)
# define BN_MASK2h1 (0xffffffff80000000L)
# define BN_TBIT (0x8000000000000000L)
# define BN_DEC_CONV (10000000000000000000UL)
# define BN_DEC_FMT1 "%lu"
# define BN_DEC_FMT2 "%019lu"
# define BN_DEC_NUM 19
# define BN_HEX_FMT1 "%lX"
# define BN_HEX_FMT2 "%016lX"
# endif # endif
/* /*
* This is where the long long data type is 64 bits, but long is 32. For * 64-bit processor other than LP64 ABI
* machines where there are 64bit registers, this is the mode to use. IRIX,
* on R4000 and above should use this mode, along with the relevant assembler
* code :-). Do NOT define BN_LLONG.
*/ */
# ifdef SIXTY_FOUR_BIT # ifdef SIXTY_FOUR_BIT
# undef BN_LLONG
# undef BN_ULLONG
# define BN_ULONG unsigned long long # define BN_ULONG unsigned long long
# define BN_LONG long long
# define BN_BITS 128
# define BN_BYTES 8 # define BN_BYTES 8
# define BN_BITS2 64
# define BN_BITS4 32
# define BN_MASK2 (0xffffffffffffffffLL)
# define BN_MASK2l (0xffffffffL)
# define BN_MASK2h (0xffffffff00000000LL)
# define BN_MASK2h1 (0xffffffff80000000LL)
# define BN_TBIT (0x8000000000000000LL)
# define BN_DEC_CONV (10000000000000000000ULL)
# define BN_DEC_FMT1 "%llu"
# define BN_DEC_FMT2 "%019llu"
# define BN_DEC_NUM 19
# define BN_HEX_FMT1 "%llX"
# define BN_HEX_FMT2 "%016llX"
# endif # endif
# ifdef THIRTY_TWO_BIT # ifdef THIRTY_TWO_BIT
# ifdef BN_LLONG
# if defined(_WIN32) && !defined(__GNUC__)
# define BN_ULLONG unsigned __int64
# define BN_MASK (0xffffffffffffffffI64)
# else
# define BN_ULLONG unsigned long long
# define BN_MASK (0xffffffffffffffffLL)
# endif
# endif
# define BN_ULONG unsigned int # define BN_ULONG unsigned int
# define BN_LONG int
# define BN_BITS 64
# define BN_BYTES 4 # define BN_BYTES 4
# define BN_BITS2 32
# define BN_BITS4 16
# define BN_MASK2 (0xffffffffL)
# define BN_MASK2l (0xffff)
# define BN_MASK2h1 (0xffff8000L)
# define BN_MASK2h (0xffff0000L)
# define BN_TBIT (0x80000000L)
# define BN_DEC_CONV (1000000000L)
# define BN_DEC_FMT1 "%u"
# define BN_DEC_FMT2 "%09u"
# define BN_DEC_NUM 9
# define BN_HEX_FMT1 "%X"
# define BN_HEX_FMT2 "%08X"
# endif # endif
# define BN_DEFAULT_BITS 1280 # define BN_BITS2 (BN_BYTES * 8)
# define BN_BITS (BN_BITS2 * 2)
# define BN_TBIT ((BN_ULONG)1 << (BN_BITS2 - 1))
# define BN_FLG_MALLOCED 0x01 # define BN_FLG_MALLOCED 0x01
# define BN_FLG_STATIC_DATA 0x02 # define BN_FLG_STATIC_DATA 0x02
@@ -441,11 +344,7 @@ int BN_mask_bits(BIGNUM *a, int n);
# ifndef OPENSSL_NO_STDIO # ifndef OPENSSL_NO_STDIO
int BN_print_fp(FILE *fp, const BIGNUM *a); int BN_print_fp(FILE *fp, const BIGNUM *a);
# endif # endif
# ifdef HEADER_BIO_H int BN_print(BIO *bio, const BIGNUM *a);
int BN_print(BIO *fp, const BIGNUM *a);
# else
int BN_print(void *fp, const BIGNUM *a);
# endif
int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx); int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx);
int BN_rshift(BIGNUM *r, const BIGNUM *a, int n); int BN_rshift(BIGNUM *r, const BIGNUM *a, int n);
int BN_rshift1(BIGNUM *r, const BIGNUM *a); int BN_rshift1(BIGNUM *r, const BIGNUM *a);

1
include/openssl/ossl_typ.h
View File

@@ -119,6 +119,7 @@ typedef struct asn1_sctx_st ASN1_SCTX;
# ifdef BIGNUM # ifdef BIGNUM
# undef BIGNUM # undef BIGNUM
# endif # endif
typedef struct bio_st BIO;
typedef struct bignum_st BIGNUM; typedef struct bignum_st BIGNUM;
typedef struct bignum_ctx BN_CTX; typedef struct bignum_ctx BN_CTX;
typedef struct bn_blinding_st BN_BLINDING; typedef struct bn_blinding_st BN_BLINDING;

7
ssl/ssl_locl.h
View File

@@ -229,13 +229,6 @@
*((c)++)=(unsigned char)(((l)>> 8)&0xff), \ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
*((c)++)=(unsigned char)(((l) )&0xff)) *((c)++)=(unsigned char)(((l) )&0xff))
# define n2l6(c,l) (l =((BN_ULLONG)(*((c)++)))<<40, \
l|=((BN_ULLONG)(*((c)++)))<<32, \
l|=((BN_ULLONG)(*((c)++)))<<24, \
l|=((BN_ULLONG)(*((c)++)))<<16, \
l|=((BN_ULLONG)(*((c)++)))<< 8, \
l|=((BN_ULLONG)(*((c)++))))
/* NOTE - c is not incremented as per l2c */ /* NOTE - c is not incremented as per l2c */
# define l2cn(l1,l2,c,n) { \ # define l2cn(l1,l2,c,n) { \
c+=n; \ c+=n; \

27
test/bntest.c
View File

@@ -502,18 +502,25 @@ int test_div(BIO *bp, BN_CTX *ctx)
static void print_word(BIO *bp, BN_ULONG w) static void print_word(BIO *bp, BN_ULONG w)
{ {
#ifdef SIXTY_FOUR_BIT int i = sizeof(w) * 8;
if (sizeof(w) > sizeof(unsigned long)) { char *fmt = NULL;
unsigned long h = (unsigned long)(w >> 32), l = (unsigned long)(w); unsigned char byte;
if (h) do {
BIO_printf(bp, "%lX%08lX", h, l); i -= 8;
byte = (unsigned char)(w >> i);
if (fmt == NULL)
fmt = byte ? "%X" : NULL;
else else
BIO_printf(bp, "%lX", l); fmt = "%02X";
return;
} if (fmt != NULL)
#endif BIO_printf(bp, fmt, byte);
BIO_printf(bp, BN_HEX_FMT1, w); } while (i);
/* If we haven't printed anything, at least print a zero! */
if (fmt == NULL)
BIO_printf(bp, "0");
} }
int test_div_word(BIO *bp) int test_div_word(BIO *bp)

2
test/exptest.c
View File

@@ -66,7 +66,7 @@
#include <openssl/rand.h> #include <openssl/rand.h>
#include <openssl/err.h> #include <openssl/err.h>
#define NUM_BITS (BN_BITS*2) #define NUM_BITS (BN_BITS2 * 4)
static const char rnd_seed[] = static const char rnd_seed[] =
"string to make the random number generator think it has entropy"; "string to make the random number generator think it has entropy";