From 354bb40e75d94466e91fe6960523612c9d17ccfb Mon Sep 17 00:00:00 2001 From: Karen Arutyunov Date: Thu, 2 Nov 2017 23:11:29 +0300 Subject: Add implementation --- mysql/extra/yassl/taocrypt/COPYING | 340 ++ mysql/extra/yassl/taocrypt/README | 48 + mysql/extra/yassl/taocrypt/include/aes.hpp | 155 + mysql/extra/yassl/taocrypt/include/algebra.hpp | 226 ++ mysql/extra/yassl/taocrypt/include/arc4.hpp | 58 + mysql/extra/yassl/taocrypt/include/asn.hpp | 392 ++ mysql/extra/yassl/taocrypt/include/block.hpp | 202 + mysql/extra/yassl/taocrypt/include/blowfish.hpp | 88 + mysql/extra/yassl/taocrypt/include/coding.hpp | 91 + mysql/extra/yassl/taocrypt/include/des.hpp | 130 + mysql/extra/yassl/taocrypt/include/dh.hpp | 86 + mysql/extra/yassl/taocrypt/include/dsa.hpp | 126 + mysql/extra/yassl/taocrypt/include/error.hpp | 88 + mysql/extra/yassl/taocrypt/include/file.hpp | 130 + mysql/extra/yassl/taocrypt/include/hash.hpp | 110 + mysql/extra/yassl/taocrypt/include/hc128.hpp | 63 + mysql/extra/yassl/taocrypt/include/hmac.hpp | 138 + mysql/extra/yassl/taocrypt/include/integer.hpp | 332 ++ mysql/extra/yassl/taocrypt/include/kernelc.hpp | 34 + mysql/extra/yassl/taocrypt/include/md2.hpp | 64 + mysql/extra/yassl/taocrypt/include/md4.hpp | 62 + mysql/extra/yassl/taocrypt/include/md5.hpp | 70 + mysql/extra/yassl/taocrypt/include/misc.hpp | 888 +++++ mysql/extra/yassl/taocrypt/include/modarith.hpp | 165 + mysql/extra/yassl/taocrypt/include/modes.hpp | 154 + mysql/extra/yassl/taocrypt/include/pwdbased.hpp | 91 + mysql/extra/yassl/taocrypt/include/rabbit.hpp | 65 + mysql/extra/yassl/taocrypt/include/random.hpp | 84 + mysql/extra/yassl/taocrypt/include/ripemd.hpp | 69 + mysql/extra/yassl/taocrypt/include/rsa.hpp | 250 ++ mysql/extra/yassl/taocrypt/include/runtime.hpp | 60 + mysql/extra/yassl/taocrypt/include/sha.hpp | 174 + mysql/extra/yassl/taocrypt/include/twofish.hpp | 94 + mysql/extra/yassl/taocrypt/include/type_traits.hpp | 77 + mysql/extra/yassl/taocrypt/include/types.hpp | 99 + mysql/extra/yassl/taocrypt/mySTL/algorithm.hpp | 108 + mysql/extra/yassl/taocrypt/mySTL/helpers.hpp | 153 + mysql/extra/yassl/taocrypt/mySTL/list.hpp | 367 ++ mysql/extra/yassl/taocrypt/mySTL/memory.hpp | 136 + mysql/extra/yassl/taocrypt/mySTL/memory_array.hpp | 135 + mysql/extra/yassl/taocrypt/mySTL/pair.hpp | 58 + mysql/extra/yassl/taocrypt/mySTL/stdexcept.hpp | 76 + mysql/extra/yassl/taocrypt/mySTL/vector.hpp | 153 + mysql/extra/yassl/taocrypt/src/aes.cpp | 1885 ++++++++++ mysql/extra/yassl/taocrypt/src/aestables.cpp | 36 + mysql/extra/yassl/taocrypt/src/algebra.cpp | 336 ++ mysql/extra/yassl/taocrypt/src/arc4.cpp | 243 ++ mysql/extra/yassl/taocrypt/src/asn.cpp | 1348 +++++++ mysql/extra/yassl/taocrypt/src/coding.cpp | 266 ++ mysql/extra/yassl/taocrypt/src/des.cpp | 778 ++++ mysql/extra/yassl/taocrypt/src/dh.cpp | 103 + mysql/extra/yassl/taocrypt/src/dsa.cpp | 274 ++ mysql/extra/yassl/taocrypt/src/file.cpp | 115 + mysql/extra/yassl/taocrypt/src/hash.cpp | 191 + mysql/extra/yassl/taocrypt/src/hc128.cpp | 317 ++ mysql/extra/yassl/taocrypt/src/integer.cpp | 3894 ++++++++++++++++++++ mysql/extra/yassl/taocrypt/src/md2.cpp | 125 + mysql/extra/yassl/taocrypt/src/md4.cpp | 157 + mysql/extra/yassl/taocrypt/src/md5.cpp | 506 +++ mysql/extra/yassl/taocrypt/src/misc.cpp | 297 ++ mysql/extra/yassl/taocrypt/src/rabbit.cpp | 255 ++ mysql/extra/yassl/taocrypt/src/random.cpp | 138 + mysql/extra/yassl/taocrypt/src/ripemd.cpp | 844 +++++ mysql/extra/yassl/taocrypt/src/rsa.cpp | 215 ++ mysql/extra/yassl/taocrypt/src/sha.cpp | 1033 ++++++ 65 files changed, 19845 insertions(+) create mode 100644 mysql/extra/yassl/taocrypt/COPYING create mode 100644 mysql/extra/yassl/taocrypt/README create mode 100644 mysql/extra/yassl/taocrypt/include/aes.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/algebra.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/arc4.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/asn.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/block.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/blowfish.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/coding.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/des.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/dh.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/dsa.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/error.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/file.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/hash.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/hc128.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/hmac.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/integer.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/kernelc.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/md2.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/md4.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/md5.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/misc.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/modarith.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/modes.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/pwdbased.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/rabbit.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/random.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/ripemd.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/rsa.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/runtime.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/sha.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/twofish.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/type_traits.hpp create mode 100644 mysql/extra/yassl/taocrypt/include/types.hpp create mode 100644 mysql/extra/yassl/taocrypt/mySTL/algorithm.hpp create mode 100644 mysql/extra/yassl/taocrypt/mySTL/helpers.hpp create mode 100644 mysql/extra/yassl/taocrypt/mySTL/list.hpp create mode 100644 mysql/extra/yassl/taocrypt/mySTL/memory.hpp create mode 100644 mysql/extra/yassl/taocrypt/mySTL/memory_array.hpp create mode 100644 mysql/extra/yassl/taocrypt/mySTL/pair.hpp create mode 100644 mysql/extra/yassl/taocrypt/mySTL/stdexcept.hpp create mode 100644 mysql/extra/yassl/taocrypt/mySTL/vector.hpp create mode 100644 mysql/extra/yassl/taocrypt/src/aes.cpp create mode 100644 mysql/extra/yassl/taocrypt/src/aestables.cpp create mode 100644 mysql/extra/yassl/taocrypt/src/algebra.cpp create mode 100644 mysql/extra/yassl/taocrypt/src/arc4.cpp create mode 100644 mysql/extra/yassl/taocrypt/src/asn.cpp create mode 100644 mysql/extra/yassl/taocrypt/src/coding.cpp create mode 100644 mysql/extra/yassl/taocrypt/src/des.cpp create mode 100644 mysql/extra/yassl/taocrypt/src/dh.cpp create mode 100644 mysql/extra/yassl/taocrypt/src/dsa.cpp create mode 100644 mysql/extra/yassl/taocrypt/src/file.cpp create mode 100644 mysql/extra/yassl/taocrypt/src/hash.cpp create mode 100644 mysql/extra/yassl/taocrypt/src/hc128.cpp create mode 100644 mysql/extra/yassl/taocrypt/src/integer.cpp create mode 100644 mysql/extra/yassl/taocrypt/src/md2.cpp create mode 100644 mysql/extra/yassl/taocrypt/src/md4.cpp create mode 100644 mysql/extra/yassl/taocrypt/src/md5.cpp create mode 100644 mysql/extra/yassl/taocrypt/src/misc.cpp create mode 100644 mysql/extra/yassl/taocrypt/src/rabbit.cpp create mode 100644 mysql/extra/yassl/taocrypt/src/random.cpp create mode 100644 mysql/extra/yassl/taocrypt/src/ripemd.cpp create mode 100644 mysql/extra/yassl/taocrypt/src/rsa.cpp create mode 100644 mysql/extra/yassl/taocrypt/src/sha.cpp (limited to 'mysql/extra/yassl/taocrypt') diff --git a/mysql/extra/yassl/taocrypt/COPYING b/mysql/extra/yassl/taocrypt/COPYING new file mode 100644 index 0000000..845980a --- /dev/null +++ b/mysql/extra/yassl/taocrypt/COPYING @@ -0,0 +1,340 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc. + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Library General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Library General +Public License instead of this License. diff --git a/mysql/extra/yassl/taocrypt/README b/mysql/extra/yassl/taocrypt/README new file mode 100644 index 0000000..bd786b7 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/README @@ -0,0 +1,48 @@ +TaoCrypt release 0.9.2 02/5/2007 + + +This release includes bug fixes, portability enhancements, and some +optimiations. + +See 0.9.0 for build instructions. + + + + +******************TaoCrypt release 0.9.0 09/18/2006 + +This is the first release of TaoCrypt, it was previously only included with +yaSSL. TaoCrypt is highly portable and fast, its features include: + +One way hash functions: SHA-1, MD2, MD4, MD5, RIPEMD-160 +Message authentication codes: HMAC +Block Ciphers: DES, Triple-DES, AES, Blowfish, Twofish +Stream Ciphers: ARC4 +Public Key Crypto: RSA, DSA, Diffie-Hellman +Password based key derivation: PBKDF2 from PKCS #5 +Pseudo Random Number Generators +Large Integer Support +Base 16/64 encoding/decoding +DER encoding/decoding +X.509 processing +SSE2 and ia32 asm for the right processors and compilers + + +To build on Unix + + ./configure + make + + To test the build, from the ./test directory run ./test + + +On Windows + + Open the taocrypt project workspace + Choose (Re)Build All + + To test the build, run the test executable + + +Please send any questions or comments to todd@yassl.com. + diff --git a/mysql/extra/yassl/taocrypt/include/aes.hpp b/mysql/extra/yassl/taocrypt/include/aes.hpp new file mode 100644 index 0000000..bccf6e7 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/aes.hpp @@ -0,0 +1,155 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* aes.hpp defines AES +*/ + + +#ifndef TAO_CRYPT_AES_HPP +#define TAO_CRYPT_AES_HPP + +#include "misc.hpp" +#include "modes.hpp" + + +#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) + #define DO_AES_ASM +#endif + + + +namespace TaoCrypt { + + +enum { AES_BLOCK_SIZE = 16 }; + + +// AES encryption and decryption, see FIPS-197 +class AES : public Mode_BASE { +public: + enum { BLOCK_SIZE = AES_BLOCK_SIZE }; + + AES(CipherDir DIR, Mode MODE) + : Mode_BASE(BLOCK_SIZE, DIR, MODE) {} + +#ifdef DO_AES_ASM + void Process(byte*, const byte*, word32); +#endif + void SetKey(const byte* key, word32 sz, CipherDir fake = ENCRYPTION); + void SetIV(const byte* iv) { memcpy(r_, iv, BLOCK_SIZE); } +private: + static const word32 rcon_[]; + + word32 rounds_; + word32 key_[60]; // max size + + static const word32 Te[5][256]; + static const word32 Td[5][256]; + static const byte CTd4[256]; + + static const word32* Te0; + static const word32* Te1; + static const word32* Te2; + static const word32* Te3; + static const word32* Te4; + + static const word32* Td0; + static const word32* Td1; + static const word32* Td2; + static const word32* Td3; + static const word32* Td4; + + void encrypt(const byte*, const byte*, byte*) const; + void AsmEncrypt(const byte*, byte*, void*) const; + void decrypt(const byte*, const byte*, byte*) const; + void AsmDecrypt(const byte*, byte*, void*) const; + + void ProcessAndXorBlock(const byte*, const byte*, byte*) const; + + word32 PreFetchTe() const; + word32 PreFetchTd() const; + word32 PreFetchCTd4() const; + + AES(const AES&); // hide copy + AES& operator=(const AES&); // and assign +}; + + +#if defined(__x86_64__) || defined(_M_X64) || \ + (defined(__ILP32__) && (__ILP32__ >= 1)) + #define TC_CACHE_LINE_SZ 64 +#else + /* default cache line size */ + #define TC_CACHE_LINE_SZ 32 +#endif + +inline word32 AES::PreFetchTe() const +{ + word32 x = 0; + + /* 4 tables of 256 entries */ + for (int i = 0; i < 4; i++) { + /* each entry is 4 bytes */ + for (int j = 0; j < 256; j += TC_CACHE_LINE_SZ/4) { + x &= Te[i][j]; + } + } + + return x; +} + + +inline word32 AES::PreFetchTd() const +{ + word32 x = 0; + + /* 4 tables of 256 entries */ + for (int i = 0; i < 4; i++) { + /* each entry is 4 bytes */ + for (int j = 0; j < 256; j += TC_CACHE_LINE_SZ/4) { + x &= Td[i][j]; + } + } + + return x; +} + + +inline word32 AES::PreFetchCTd4() const +{ + word32 x = 0; + int i; + + for (i = 0; i < 256; i += TC_CACHE_LINE_SZ) { + x &= CTd4[i]; + } + + return x; +} + + +typedef BlockCipher AES_ECB_Encryption; +typedef BlockCipher AES_ECB_Decryption; + +typedef BlockCipher AES_CBC_Encryption; +typedef BlockCipher AES_CBC_Decryption; + + +} // naemspace + +#endif // TAO_CRYPT_AES_HPP diff --git a/mysql/extra/yassl/taocrypt/include/algebra.hpp b/mysql/extra/yassl/taocrypt/include/algebra.hpp new file mode 100644 index 0000000..5ce7038 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/algebra.hpp @@ -0,0 +1,226 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* based on Wei Dai's algebra.h from CryptoPP */ + +#ifndef TAO_CRYPT_ALGEBRA_HPP +#define TAO_CRYPT_ALGEBRA_HPP + +#include "integer.hpp" + +namespace TaoCrypt { + + +// "const Element&" returned by member functions are references +// to internal data members. Since each object may have only +// one such data member for holding results, the following code +// will produce incorrect results: +// abcd = group.Add(group.Add(a,b), group.Add(c,d)); +// But this should be fine: +// abcd = group.Add(a, group.Add(b, group.Add(c,d)); + +// Abstract Group +class TAOCRYPT_NO_VTABLE AbstractGroup : public virtual_base +{ +public: + typedef Integer Element; + + virtual ~AbstractGroup() {} + + virtual bool Equal(const Element &a, const Element &b) const =0; + virtual const Element& Identity() const =0; + virtual const Element& Add(const Element &a, const Element &b) const =0; + virtual const Element& Inverse(const Element &a) const =0; + virtual bool InversionIsFast() const {return false;} + + virtual const Element& Double(const Element &a) const; + virtual const Element& Subtract(const Element &a, const Element &b) const; + virtual Element& Accumulate(Element &a, const Element &b) const; + virtual Element& Reduce(Element &a, const Element &b) const; + + virtual Element ScalarMultiply(const Element &a, const Integer &e) const; + virtual Element CascadeScalarMultiply(const Element &x, const Integer &e1, + const Element &y, const Integer &e2) const; + + virtual void SimultaneousMultiply(Element *results, const Element &base, + const Integer *exponents, unsigned int exponentsCount) const; +}; + +// Abstract Ring +class TAOCRYPT_NO_VTABLE AbstractRing : public AbstractGroup +{ +public: + typedef Integer Element; + + AbstractRing() : AbstractGroup() {m_mg.m_pRing = this;} + AbstractRing(const AbstractRing &source) : AbstractGroup() + {m_mg.m_pRing = this;} + AbstractRing& operator=(const AbstractRing &source) {return *this;} + + virtual bool IsUnit(const Element &a) const =0; + virtual const Element& MultiplicativeIdentity() const =0; + virtual const Element& Multiply(const Element&, const Element&) const =0; + virtual const Element& MultiplicativeInverse(const Element &a) const =0; + + virtual const Element& Square(const Element &a) const; + virtual const Element& Divide(const Element &a, const Element &b) const; + + virtual Element Exponentiate(const Element &a, const Integer &e) const; + virtual Element CascadeExponentiate(const Element &x, const Integer &e1, + const Element &y, const Integer &e2) const; + + virtual void SimultaneousExponentiate(Element *results, const Element&, + const Integer *exponents, unsigned int exponentsCount) const; + + virtual const AbstractGroup& MultiplicativeGroup() const + {return m_mg;} + +private: + class MultiplicativeGroupT : public AbstractGroup + { + public: + const AbstractRing& GetRing() const + {return *m_pRing;} + + bool Equal(const Element &a, const Element &b) const + {return GetRing().Equal(a, b);} + + const Element& Identity() const + {return GetRing().MultiplicativeIdentity();} + + const Element& Add(const Element &a, const Element &b) const + {return GetRing().Multiply(a, b);} + + Element& Accumulate(Element &a, const Element &b) const + {return a = GetRing().Multiply(a, b);} + + const Element& Inverse(const Element &a) const + {return GetRing().MultiplicativeInverse(a);} + + const Element& Subtract(const Element &a, const Element &b) const + {return GetRing().Divide(a, b);} + + Element& Reduce(Element &a, const Element &b) const + {return a = GetRing().Divide(a, b);} + + const Element& Double(const Element &a) const + {return GetRing().Square(a);} + + Element ScalarMultiply(const Element &a, const Integer &e) const + {return GetRing().Exponentiate(a, e);} + + Element CascadeScalarMultiply(const Element &x, const Integer &e1, + const Element &y, const Integer &e2) const + {return GetRing().CascadeExponentiate(x, e1, y, e2);} + + void SimultaneousMultiply(Element *results, const Element &base, + const Integer *exponents, unsigned int exponentsCount) const + {GetRing().SimultaneousExponentiate(results, base, exponents, + exponentsCount);} + + const AbstractRing* m_pRing; + }; + + MultiplicativeGroupT m_mg; +}; + + +// Abstract Euclidean Domain +class TAOCRYPT_NO_VTABLE AbstractEuclideanDomain + : public AbstractRing +{ +public: + typedef Integer Element; + + virtual void DivisionAlgorithm(Element &r, Element &q, const Element &a, + const Element &d) const =0; + + virtual const Element& Mod(const Element &a, const Element &b) const =0; + virtual const Element& Gcd(const Element &a, const Element &b) const; + +protected: + mutable Element result; +}; + + +// EuclideanDomainOf +class EuclideanDomainOf : public AbstractEuclideanDomain +{ +public: + typedef Integer Element; + + EuclideanDomainOf() {} + + bool Equal(const Element &a, const Element &b) const + {return a==b;} + + const Element& Identity() const + {return Element::Zero();} + + const Element& Add(const Element &a, const Element &b) const + {return result = a+b;} + + Element& Accumulate(Element &a, const Element &b) const + {return a+=b;} + + const Element& Inverse(const Element &a) const + {return result = -a;} + + const Element& Subtract(const Element &a, const Element &b) const + {return result = a-b;} + + Element& Reduce(Element &a, const Element &b) const + {return a-=b;} + + const Element& Double(const Element &a) const + {return result = a.Doubled();} + + const Element& MultiplicativeIdentity() const + {return Element::One();} + + const Element& Multiply(const Element &a, const Element &b) const + {return result = a*b;} + + const Element& Square(const Element &a) const + {return result = a.Squared();} + + bool IsUnit(const Element &a) const + {return a.IsUnit();} + + const Element& MultiplicativeInverse(const Element &a) const + {return result = a.MultiplicativeInverse();} + + const Element& Divide(const Element &a, const Element &b) const + {return result = a/b;} + + const Element& Mod(const Element &a, const Element &b) const + {return result = a%b;} + + void DivisionAlgorithm(Element &r, Element &q, const Element &a, + const Element &d) const + {Element::Divide(r, q, a, d);} + +private: + mutable Element result; +}; + + + +} // namespace + +#endif // TAO_CRYPT_ALGEBRA_HPP diff --git a/mysql/extra/yassl/taocrypt/include/arc4.hpp b/mysql/extra/yassl/taocrypt/include/arc4.hpp new file mode 100644 index 0000000..be64ba4 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/arc4.hpp @@ -0,0 +1,58 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* arc4.hpp defines ARC4 +*/ + + +#ifndef TAO_CRYPT_ARC4_HPP +#define TAO_CRYPT_ARC4_HPP + +#include "misc.hpp" + +namespace TaoCrypt { + + +// ARC4 encryption and decryption +class ARC4 { +public: + enum { STATE_SIZE = 256 }; + + typedef ARC4 Encryption; + typedef ARC4 Decryption; + + ARC4() {} + + void Process(byte*, const byte*, word32); + void SetKey(const byte*, word32); +private: + byte x_; + byte y_; + byte state_[STATE_SIZE]; + + ARC4(const ARC4&); // hide copy + const ARC4 operator=(const ARC4&); // and assign + + void AsmProcess(byte*, const byte*, word32); +}; + +} // namespace + + +#endif // TAO_CRYPT_ARC4_HPP + diff --git a/mysql/extra/yassl/taocrypt/include/asn.hpp b/mysql/extra/yassl/taocrypt/include/asn.hpp new file mode 100644 index 0000000..28c7c8f --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/asn.hpp @@ -0,0 +1,392 @@ +/* + Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* asn.hpp provides ASN1 BER, PublicKey, and x509v3 decoding +*/ + + +#ifndef TAO_CRYPT_ASN_HPP +#define TAO_CRYPT_ASN_HPP + + +#include +#include "misc.hpp" +#include "block.hpp" +#include "error.hpp" +#ifdef USE_SYS_STL + #include +#else + #include "list.hpp" +#endif + + +namespace STL = STL_NAMESPACE; + + +namespace TaoCrypt { + +// these tags and flags are not complete +enum ASNTag +{ + BOOLEAN = 0x01, + INTEGER = 0x02, + BIT_STRING = 0x03, + OCTET_STRING = 0x04, + TAG_NULL = 0x05, + OBJECT_IDENTIFIER = 0x06, + OBJECT_DESCRIPTOR = 0x07, + EXTERNAL = 0x08, + REAL = 0x09, + ENUMERATED = 0x0a, + UTF8_STRING = 0x0c, + SEQUENCE = 0x10, + SET = 0x11, + NUMERIC_STRING = 0x12, + PRINTABLE_STRING = 0x13, + T61_STRING = 0x14, + VIDEOTEXT_STRING = 0x15, + IA5_STRING = 0x16, + UTC_TIME = 0x17, + GENERALIZED_TIME = 0x18, + GRAPHIC_STRING = 0x19, + VISIBLE_STRING = 0x1a, + GENERAL_STRING = 0x1b, + LONG_LENGTH = 0x80 +}; + +enum ASNIdFlag +{ + UNIVERSAL = 0x00, + DATA = 0x01, + HEADER = 0x02, + CONSTRUCTED = 0x20, + APPLICATION = 0x40, + CONTEXT_SPECIFIC = 0x80, + PRIVATE = 0xc0 +}; + + +enum DNTags +{ + COMMON_NAME = 0x03, // CN + SUR_NAME = 0x04, // SN + COUNTRY_NAME = 0x06, // C + LOCALITY_NAME = 0x07, // L + STATE_NAME = 0x08, // ST + ORG_NAME = 0x0a, // O + ORGUNIT_NAME = 0x0b // OU +}; + + +enum PCKS12_Tags +{ + /* DATA = 1, */ // from ASN1 + SIGNED_DATA = 2, + ENVELOPED_DATA = 3, + SIGNED_AND_ENVELOPED_DATA = 4, + DIGESTED_DATA = 5, + ENCRYPTED_DATA = 6 +}; + + +enum Constants +{ + MIN_DATE_SZ = 13, + MAX_DATE_SZ = 16, + MAX_ALGO_SZ = 16, + MAX_LENGTH_SZ = 5, + MAX_SEQ_SZ = 5, // enum(seq|con) + length(4) + MAX_ALGO_SIZE = 9, + MAX_DIGEST_SZ = 69, // SHA512 + enum(Bit or Octet) + length(4) + DSA_SIG_SZ = 40, + ASN_NAME_MAX = 512 // max total of all included names +}; + + +class Source; +class RSA_PublicKey; +class RSA_PrivateKey; +class DSA_PublicKey; +class DSA_PrivateKey; +class Integer; +class DH; + + +// General BER decoding +class BER_Decoder : public virtual_base { +protected: + Source& source_; +public: + explicit BER_Decoder(Source& s) : source_(s) {} + virtual ~BER_Decoder() {} + + Integer& GetInteger(Integer&); + word32 GetSequence(); + word32 GetSet(); + word32 GetVersion(); + word32 GetExplicitVersion(); + + Error GetError(); +private: + virtual void ReadHeader() = 0; + + BER_Decoder(const BER_Decoder&); // hide copy + BER_Decoder& operator=(const BER_Decoder&); // and assign +}; + + +// RSA Private Key BER Decoder +class RSA_Private_Decoder : public BER_Decoder { +public: + explicit RSA_Private_Decoder(Source& s) : BER_Decoder(s) {} + void Decode(RSA_PrivateKey&); +private: + void ReadHeader(); +}; + + +// RSA Public Key BER Decoder +class RSA_Public_Decoder : public BER_Decoder { +public: + explicit RSA_Public_Decoder(Source& s) : BER_Decoder(s) {} + void Decode(RSA_PublicKey&); +private: + void ReadHeader(); + void ReadHeaderOpenSSL(); +}; + + +// DSA Private Key BER Decoder +class DSA_Private_Decoder : public BER_Decoder { +public: + explicit DSA_Private_Decoder(Source& s) : BER_Decoder(s) {} + void Decode(DSA_PrivateKey&); +private: + void ReadHeader(); +}; + + +// DSA Public Key BER Decoder +class DSA_Public_Decoder : public BER_Decoder { +public: + explicit DSA_Public_Decoder(Source& s) : BER_Decoder(s) {} + void Decode(DSA_PublicKey&); +private: + void ReadHeader(); +}; + + +// DH Key BER Decoder +class DH_Decoder : public BER_Decoder { +public: + explicit DH_Decoder(Source& s) : BER_Decoder(s) {} + void Decode(DH&); +private: + void ReadHeader(); +}; + + +// PKCS12 BER Decoder +class PKCS12_Decoder : public BER_Decoder { +public: + explicit PKCS12_Decoder(Source& s) : BER_Decoder(s) {} + void Decode(); +private: + void ReadHeader(); +}; + + +// General PublicKey +class PublicKey { + byte* key_; + word32 sz_; +public: + explicit PublicKey(const byte* k = 0, word32 s = 0); + ~PublicKey() { tcArrayDelete(key_); } + + const byte* GetKey() const { return key_; } + word32 size() const { return sz_; } + + void SetKey(const byte*); + void SetSize(word32 s); + + void AddToEnd(const byte*, word32); +private: + PublicKey(const PublicKey&); // hide copy + PublicKey& operator=(const PublicKey&); // and assign +}; + + +enum { SHA_SIZE = 20 }; + + +// A Signing Authority +class Signer { + PublicKey key_; + char name_[ASN_NAME_MAX]; + byte hash_[SHA_SIZE]; +public: + Signer(const byte* k, word32 kSz, const char* n, const byte* h); + ~Signer(); + + const PublicKey& GetPublicKey() const { return key_; } + const char* GetName() const { return name_; } + const byte* GetHash() const { return hash_; } + +private: + Signer(const Signer&); // hide copy + Signer& operator=(const Signer&); // and assign +}; + + +typedef STL::list SignerList; + + +enum ContentType { HUH = 651 }; +enum SigType { SHAwDSA = 517, MD2wRSA = 646, MD5wRSA = 648, SHAwRSA = 649, + SHA256wRSA = 655, SHA384wRSA = 656, SHA512wRSA = 657, + SHA256wDSA = 416 }; +enum HashType { MD2h = 646, MD5h = 649, SHAh = 88, SHA256h = 414, SHA384h = 415, + SHA512h = 416 }; +enum KeyType { DSAk = 515, RSAk = 645 }; // sums of algo OID + + +// an x509v Certificate BER Decoder +class CertDecoder : public BER_Decoder { +public: + enum DateType { BEFORE, AFTER }; + enum NameType { ISSUER, SUBJECT }; + enum CertType { CA, USER }; + + explicit CertDecoder(Source&, bool decode = true, SignerList* sl = 0, + bool noVerify = false, CertType ct = USER); + ~CertDecoder(); + + const PublicKey& GetPublicKey() const { return key_; } + KeyType GetKeyType() const { return KeyType(keyOID_); } + const char* GetIssuer() const { return issuer_; } + const char* GetCommonName() const { return subject_; } + const byte* GetHash() const { return subjectHash_; } + const char* GetBeforeDate() const { return beforeDate_; } + byte GetBeforeDateType() const { return beforeDateType_; } + const char* GetAfterDate() const { return afterDate_; } + byte GetAfterDateType() const { return afterDateType_; } + int GetSubjectCnStart() const { return subCnPos_; } + int GetIssuerCnStart() const { return issCnPos_; } + int GetSubjectCnLength() const { return subCnLen_; } + int GetIssuerCnLength() const { return issCnLen_; } + void DecodeToKey(); +private: + PublicKey key_; + word32 certBegin_; // offset to start of cert + word32 sigIndex_; // offset to start of signature + word32 sigLength_; // length of signature + word32 signatureOID_; // sum of algorithm object id + word32 keyOID_; // sum of key algo object id + int subCnPos_; // subject common name start, -1 is none + int subCnLen_; // length of above + int issCnPos_; // issuer common name start, -1 is none + int issCnLen_; // length of above + byte subjectHash_[SHA_SIZE]; // hash of all Names + byte issuerHash_[SHA_SIZE]; // hash of all Names + byte* signature_; + char issuer_[ASN_NAME_MAX]; // Names + char subject_[ASN_NAME_MAX]; // Names + char beforeDate_[MAX_DATE_SZ+1]; // valid before date, +null term + byte beforeDateType_; // beforeDate time type + char afterDate_[MAX_DATE_SZ+1]; // valid after date, +null term + byte afterDateType_; // afterDate time type + bool verify_; // Default to yes, but could be off + + void ReadHeader(); + void Decode(SignerList*, CertType); + void StoreKey(); + void AddDSA(); + bool ValidateSelfSignature(); + bool ValidateSignature(SignerList*); + bool ConfirmSignature(Source&); + void GetKey(); + char* AddTag(char*, const char*, const char*, word32, word32); + void GetName(NameType); + void GetValidity(); + void GetDate(DateType); + void GetCompareHash(const byte*, word32, byte*, word32); + word32 GetAlgoId(); + word32 GetSignature(); + word32 GetDigest(); +}; + + +word32 GetLength(Source&); + +word32 SetLength(word32, byte*); +word32 SetSequence(word32, byte*); + +word32 EncodeDSA_Signature(const byte* signature, byte* output); +word32 EncodeDSA_Signature(const Integer& r, const Integer& s, byte* output); +word32 DecodeDSA_Signature(byte* decoded, const byte* encoded, word32 sz); + + +// General DER encoding +class DER_Encoder : public virtual_base { +public: + DER_Encoder() {} + virtual ~DER_Encoder() {} + + word32 SetAlgoID(HashType, byte*); + + Error GetError() const { return error_; } +private: + //virtual void WriteHeader() = 0; + Error error_; + + DER_Encoder(const DER_Encoder&); // hide copy + DER_Encoder& operator=(const DER_Encoder&); // and assign +}; + + + +class Signature_Encoder : public DER_Encoder { + const byte* digest_; + word32 digestSz_; + SigType digestOID_; +public: + explicit Signature_Encoder(const byte*, word32, HashType, Source&); + +private: + void WriteHeader(); + word32 SetDigest(const byte*, word32, byte*); + + Signature_Encoder(const Signature_Encoder&); // hide copy + Signature_Encoder& operator=(const Signature_Encoder&); // and assign +}; + + +// Get Cert in PEM format from BEGIN to END +int GetCert(Source&); + +// Get Cert in PEM format from pkcs12 file +int GetPKCS_Cert(const char* password, Source&); + +bool ASN1_TIME_extract(const unsigned char* date, unsigned char format, + tm *parsed_time); + +} // namespace + + +#endif // TAO_CRYPT_ASN_HPP diff --git a/mysql/extra/yassl/taocrypt/include/block.hpp b/mysql/extra/yassl/taocrypt/include/block.hpp new file mode 100644 index 0000000..4f58c82 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/block.hpp @@ -0,0 +1,202 @@ +/* + Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + + +/* block.hpp provides word and byte blocks with configurable allocators +*/ + + +#ifndef TAO_CRYPT_BLOCK_HPP +#define TAO_CRYPT_BLOCK_HPP + +#include "misc.hpp" +#include // memcpy +#include // ptrdiff_t + +#ifdef USE_SYS_STL + #include +#else + #include "algorithm.hpp" +#endif + + +namespace STL = STL_NAMESPACE; + + +namespace TaoCrypt { + + +// a Base class for Allocators +template +class AllocatorBase +{ +public: + typedef T value_type; + typedef size_t size_type; + typedef ptrdiff_t difference_type; + typedef T* pointer; + typedef const T* const_pointer; + typedef T& reference; + typedef const T& const_reference; + + pointer address(reference r) const {return (&r);} + const_pointer address(const_reference r) const {return (&r); } + void construct(pointer p, const T& val) {new (p) T(val);} + void destroy(pointer p) {p->~T();} + size_type max_size() const {return ~size_type(0)/sizeof(T);} +protected: +}; + + +// General purpose realloc +template +typename A::pointer StdReallocate(A& a, T* p, typename A::size_type oldSize, + typename A::size_type newSize, bool preserve) +{ + if (oldSize == newSize) + return p; + + if (preserve) { + A b = A(); + typename A::pointer newPointer = b.allocate(newSize, 0); + memcpy(newPointer, p, sizeof(T) * min(oldSize, newSize)); + a.deallocate(p, oldSize); + STL::swap(a, b); + return newPointer; + } + else { + a.deallocate(p, oldSize); + return a.allocate(newSize, 0); + } +} + + +// Allocator that zeros out memory on deletion +template +class AllocatorWithCleanup : public AllocatorBase +{ +public: + typedef typename AllocatorBase::pointer pointer; + typedef typename AllocatorBase::size_type size_type; + + pointer allocate(size_type n, const void* = 0) + { + if (n > this->max_size()) + return 0; + if (n == 0) + return 0; + return NEW_TC T[n]; + } + + void deallocate(void* p, size_type n) + { + memset(p, 0, n * sizeof(T)); + tcArrayDelete((T*)p); + } + + pointer reallocate(T* p, size_type oldSize, size_type newSize, + bool preserve) + { + return StdReallocate(*this, p, oldSize, newSize, preserve); + } + + // VS.NET STL enforces the policy of "All STL-compliant allocators have to + // provide a template class member called rebind". + template struct rebind { typedef AllocatorWithCleanup other;}; +}; + + +// Block class template +template > +class Block { +public: + explicit Block(word32 s = 0) : sz_(s), buffer_(allocator_.allocate(sz_)) + { CleanNew(sz_); } + + Block(const T* buff, word32 s) : sz_(s), buffer_(allocator_.allocate(sz_)) + { memcpy(buffer_, buff, sz_ * sizeof(T)); } + + Block(const Block& that) : sz_(that.sz_), buffer_(allocator_.allocate(sz_)) + { memcpy(buffer_, that.buffer_, sz_ * sizeof(T)); } + + Block& operator=(const Block& that) { + Block tmp(that); + Swap(tmp); + return *this; + } + + T& operator[] (word32 i) { return buffer_[i]; } + const T& operator[] (word32 i) const { return buffer_[i]; } + + T* operator+ (word32 i) { return buffer_ + i; } + const T* operator+ (word32 i) const { return buffer_ + i; } + + word32 size() const { return sz_; } + + T* get_buffer() const { return buffer_; } + T* begin() const { return get_buffer(); } + + void CleanGrow(word32 newSize) + { + if (newSize > sz_) { + buffer_ = allocator_.reallocate(buffer_, sz_, newSize, true); + memset(buffer_ + sz_, 0, (newSize - sz_) * sizeof(T)); + sz_ = newSize; + } + } + + void CleanNew(word32 newSize) + { + New(newSize); + memset(buffer_, 0, sz_ * sizeof(T)); + } + + void New(word32 newSize) + { + buffer_ = allocator_.reallocate(buffer_, sz_, newSize, false); + sz_ = newSize; + } + + void resize(word32 newSize) + { + buffer_ = allocator_.reallocate(buffer_, sz_, newSize, true); + sz_ = newSize; + } + + void Swap(Block& other) { + STL::swap(sz_, other.sz_); + STL::swap(buffer_, other.buffer_); + STL::swap(allocator_, other.allocator_); + } + + ~Block() { allocator_.deallocate(buffer_, sz_); } +private: + A allocator_; + word32 sz_; // size in Ts + T* buffer_; +}; + + +typedef Block ByteBlock; +typedef Block WordBlock; +typedef Block Word32Block; + + +} // namespace + +#endif // TAO_CRYPT_BLOCK_HPP diff --git a/mysql/extra/yassl/taocrypt/include/blowfish.hpp b/mysql/extra/yassl/taocrypt/include/blowfish.hpp new file mode 100644 index 0000000..1f8d058 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/blowfish.hpp @@ -0,0 +1,88 @@ +/* + Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* blowfish.hpp defines Blowfish +*/ + + +#ifndef TAO_CRYPT_BLOWFISH_HPP +#define TAO_CRYPT_BLOWFISH_HPP + +#include "misc.hpp" +#include "modes.hpp" +#ifdef USE_SYS_STL + #include +#else + #include "algorithm.hpp" +#endif + + +namespace STL = STL_NAMESPACE; + + +#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) + #define DO_BLOWFISH_ASM +#endif + + +namespace TaoCrypt { + +enum { BLOWFISH_BLOCK_SIZE = 8 }; + + +// Blowfish encryption and decryption, see +class Blowfish : public Mode_BASE { +public: + enum { BLOCK_SIZE = BLOWFISH_BLOCK_SIZE, ROUNDS = 16 }; + + Blowfish(CipherDir DIR, Mode MODE) + : Mode_BASE(BLOCK_SIZE, DIR, MODE), sbox_(pbox_ + ROUNDS + 2) {} + +#ifdef DO_BLOWFISH_ASM + void Process(byte*, const byte*, word32); +#endif + void SetKey(const byte* key, word32 sz, CipherDir fake = ENCRYPTION); + void SetIV(const byte* iv) { memcpy(r_, iv, BLOCK_SIZE); } +private: + static const word32 p_init_[ROUNDS + 2]; + static const word32 s_init_[4 * 256]; + + word32 pbox_[ROUNDS + 2 + 4 * 256]; + word32* sbox_; + + void crypt_block(const word32 in[2], word32 out[2]) const; + void AsmProcess(const byte* in, byte* out) const; + void ProcessAndXorBlock(const byte*, const byte*, byte*) const; + + Blowfish(const Blowfish&); // hide copy + Blowfish& operator=(const Blowfish&); // and assign +}; + + +typedef BlockCipher Blowfish_ECB_Encryption; +typedef BlockCipher Blowfish_ECB_Decryption; + +typedef BlockCipher Blowfish_CBC_Encryption; +typedef BlockCipher Blowfish_CBC_Decryption; + + + +} // namespace + +#endif // TAO_CRYPT_BLOWFISH_HPP + diff --git a/mysql/extra/yassl/taocrypt/include/coding.hpp b/mysql/extra/yassl/taocrypt/include/coding.hpp new file mode 100644 index 0000000..61ac993 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/coding.hpp @@ -0,0 +1,91 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* coding.hpp defines hex and base64 encoding/decoing +*/ + +#ifndef TAO_CRYPT_CODING_HPP +#define TAO_CRYPT_CODING_HPP + +#include "misc.hpp" +#include "block.hpp" + +namespace TaoCrypt { + +class Source; + + +// Hex Encoding, see RFC 3548 +class HexEncoder { + ByteBlock encoded_; + Source& plain_; +public: + explicit HexEncoder(Source& s) : plain_(s) { Encode(); } +private: + void Encode(); + + HexEncoder(const HexEncoder&); // hide copy + HexEncoder& operator=(const HexEncoder&); // and assign +}; + + +// Hex Decoding, see RFC 3548 +class HexDecoder { + ByteBlock decoded_; + Source& coded_; +public: + explicit HexDecoder(Source& s) : coded_(s) { Decode(); } +private: + void Decode(); + + HexDecoder(const HexDecoder&); // hide copy + HexDecoder& operator=(const HexDecoder&); // and assign +}; + + +// Base 64 encoding, see RFC 3548 +class Base64Encoder { + ByteBlock encoded_; + Source& plain_; +public: + explicit Base64Encoder(Source& s) : plain_(s) { Encode(); } +private: + void Encode(); + + Base64Encoder(const Base64Encoder&); // hide copy + Base64Encoder& operator=(const Base64Encoder&); // and assign +}; + + +// Base 64 decoding, see RFC 3548 +class Base64Decoder { + ByteBlock decoded_; + Source& coded_; +public: + explicit Base64Decoder(Source& s) : coded_(s) { Decode(); } +private: + void Decode(); + + Base64Decoder(const Base64Decoder&); // hide copy + Base64Decoder& operator=(const Base64Decoder&); // and assign +}; + + +} // namespace + +#endif // TAO_CRYPT_CODING_HPP diff --git a/mysql/extra/yassl/taocrypt/include/des.hpp b/mysql/extra/yassl/taocrypt/include/des.hpp new file mode 100644 index 0000000..d88e9ef --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/des.hpp @@ -0,0 +1,130 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* des.hpp defines DES, DES_EDE2, and DES_EDE3 + see FIPS 46-2 and FIPS 81 +*/ + + +#ifndef TAO_CRYPT_DES_HPP +#define TAO_CRYPT_DES_HPP + +#include "misc.hpp" +#include "modes.hpp" + + +#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) + #define DO_DES_ASM +#endif + + +namespace TaoCrypt { + + +enum { DES_BLOCK_SIZE = 8, DES_KEY_SIZE = 32 }; + + +class BasicDES { +public: + void SetKey(const byte*, word32, CipherDir dir); + void RawProcessBlock(word32&, word32&) const; +protected: + word32 k_[DES_KEY_SIZE]; +}; + + +// DES +class DES : public Mode_BASE, public BasicDES { +public: + DES(CipherDir DIR, Mode MODE) + : Mode_BASE(DES_BLOCK_SIZE, DIR, MODE) {} + +private: + void ProcessAndXorBlock(const byte*, const byte*, byte*) const; + + DES(const DES&); // hide copy + DES& operator=(const DES&); // and assign +}; + + +// DES_EDE2 +class DES_EDE2 : public Mode_BASE { +public: + DES_EDE2(CipherDir DIR, Mode MODE) + : Mode_BASE(DES_BLOCK_SIZE, DIR, MODE) {} + + void SetKey(const byte*, word32, CipherDir dir); +private: + BasicDES des1_; + BasicDES des2_; + + void ProcessAndXorBlock(const byte*, const byte*, byte*) const; + + DES_EDE2(const DES_EDE2&); // hide copy + DES_EDE2& operator=(const DES_EDE2&); // and assign +}; + + + +// DES_EDE3 +class DES_EDE3 : public Mode_BASE { +public: + DES_EDE3(CipherDir DIR, Mode MODE) + : Mode_BASE(DES_BLOCK_SIZE, DIR, MODE) {} + + void SetKey(const byte*, word32, CipherDir dir); + void SetIV(const byte* iv) { memcpy(r_, iv, DES_BLOCK_SIZE); } +#ifdef DO_DES_ASM + void Process(byte*, const byte*, word32); +#endif +private: + BasicDES des1_; + BasicDES des2_; + BasicDES des3_; + + void AsmProcess(const byte* in, byte* out, void* box) const; + void ProcessAndXorBlock(const byte*, const byte*, byte*) const; + + DES_EDE3(const DES_EDE3&); // hide copy + DES_EDE3& operator=(const DES_EDE3&); // and assign +}; + + +typedef BlockCipher DES_ECB_Encryption; +typedef BlockCipher DES_ECB_Decryption; + +typedef BlockCipher DES_CBC_Encryption; +typedef BlockCipher DES_CBC_Decryption; + +typedef BlockCipher DES_EDE2_ECB_Encryption; +typedef BlockCipher DES_EDE2_ECB_Decryption; + +typedef BlockCipher DES_EDE2_CBC_Encryption; +typedef BlockCipher DES_EDE2_CBC_Decryption; + +typedef BlockCipher DES_EDE3_ECB_Encryption; +typedef BlockCipher DES_EDE3_ECB_Decryption; + +typedef BlockCipher DES_EDE3_CBC_Encryption; +typedef BlockCipher DES_EDE3_CBC_Decryption; + + +} // namespace + + +#endif // TAO_CRYPT_DES_HPP diff --git a/mysql/extra/yassl/taocrypt/include/dh.hpp b/mysql/extra/yassl/taocrypt/include/dh.hpp new file mode 100644 index 0000000..bdb90dd --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/dh.hpp @@ -0,0 +1,86 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* dh.hpp provides Diffie-Hellman support +*/ + + +#ifndef TAO_CRYPT_DH_HPP +#define TAO_CRYPT_DH_HPP + +#include "misc.hpp" +#include "integer.hpp" + +namespace TaoCrypt { + + +class Source; + + +// Diffie-Hellman +class DH { +public: + DH() {} + DH(Integer& p, Integer& g) : p_(p), g_(g) {} + explicit DH(Source&); + + DH(const DH& that) : p_(that.p_), g_(that.g_) {} + DH& operator=(const DH& that) + { + DH tmp(that); + Swap(tmp); + return *this; + } + + void Swap(DH& other) + { + p_.Swap(other.p_); + g_.Swap(other.g_); + } + + void Initialize(Source&); + void Initialize(Integer& p, Integer& g) + { + SetP(p); + SetG(g); + } + + void GenerateKeyPair(RandomNumberGenerator&, byte*, byte*); + void Agree(byte*, const byte*, const byte*, word32 otherSz = 0); + + void SetP(const Integer& p) { p_ = p; } + void SetG(const Integer& g) { g_ = g; } + + Integer& GetP() { return p_; } + Integer& GetG() { return g_; } + + // for p and agree + word32 GetByteLength() const { return p_.ByteCount(); } +private: + // group parms + Integer p_; + Integer g_; + + void GeneratePrivate(RandomNumberGenerator&, byte*); + void GeneratePublic(const byte*, byte*); +}; + + +} // namespace + +#endif // TAO_CRYPT_DH_HPP diff --git a/mysql/extra/yassl/taocrypt/include/dsa.hpp b/mysql/extra/yassl/taocrypt/include/dsa.hpp new file mode 100644 index 0000000..d7f81c2 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/dsa.hpp @@ -0,0 +1,126 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* dsa.hpp provides Digitial Signautre Algorithm see FIPS 186-2 +*/ + +#ifndef TAO_CRYPT_DSA_HPP +#define TAO_CRYPT_DSA_HPP + +#include "integer.hpp" + + +namespace TaoCrypt { + +class Source; + + +class DSA_PublicKey { +protected: + Integer p_; + Integer q_; + Integer g_; + Integer y_; +public: + DSA_PublicKey() {} + explicit DSA_PublicKey(Source&); + + void Initialize(Source&); + void Initialize(const Integer& p, const Integer& q, const Integer& g, + const Integer& y); + + const Integer& GetModulus() const; + const Integer& GetSubGroupOrder() const; + const Integer& GetSubGroupGenerator() const; + const Integer& GetPublicPart() const; + + void SetModulus(const Integer&); + void SetSubGroupOrder(const Integer&); + void SetSubGroupGenerator(const Integer&); + void SetPublicPart(const Integer&); + + word32 SignatureLength() const; + + DSA_PublicKey(const DSA_PublicKey&); + DSA_PublicKey& operator=(const DSA_PublicKey&); + + void Swap(DSA_PublicKey& other); +}; + + + +class DSA_PrivateKey : public DSA_PublicKey { + Integer x_; +public: + DSA_PrivateKey() {} + explicit DSA_PrivateKey(Source&); + + void Initialize(Source&); + void Initialize(const Integer& p, const Integer& q, const Integer& g, + const Integer& y, const Integer& x); + + const Integer& GetPrivatePart() const; + + void SetPrivatePart(const Integer&); +private: + DSA_PrivateKey(const DSA_PrivateKey&); // hide copy + DSA_PrivateKey& operator=(const DSA_PrivateKey&); // and assign +}; + + + +class DSA_Signer { + const DSA_PrivateKey& key_; + Integer r_; + Integer s_; +public: + explicit DSA_Signer(const DSA_PrivateKey&); + + word32 Sign(const byte* sha_digest, byte* sig, RandomNumberGenerator&); + + const Integer& GetR() const; + const Integer& GetS() const; +private: + DSA_Signer(const DSA_Signer&); // hide copy + DSA_Signer& operator=(DSA_Signer&); // and assign +}; + + +class DSA_Verifier { + const DSA_PublicKey& key_; + Integer r_; + Integer s_; +public: + explicit DSA_Verifier(const DSA_PublicKey&); + + bool Verify(const byte* sha_digest, const byte* sig); + + const Integer& GetR() const; + const Integer& GetS() const; +private: + DSA_Verifier(const DSA_Verifier&); // hide copy + DSA_Verifier& operator=(const DSA_Verifier&); // and assign +}; + + + + + +} // namespace + +#endif // TAO_CRYPT_DSA_HPP diff --git a/mysql/extra/yassl/taocrypt/include/error.hpp b/mysql/extra/yassl/taocrypt/include/error.hpp new file mode 100644 index 0000000..cb2130d --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/error.hpp @@ -0,0 +1,88 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* error.hpp provides a taocrypt error numbers + * + */ + + +#ifndef TAO_CRYPT_ERROR_HPP +#define TAO_CRYPT_ERROR_HPP + + +namespace TaoCrypt { + + +enum ErrorNumber { + +NO_ERROR_E = 0, // "not in error state" + +// RandomNumberGenerator +WINCRYPT_E = 1001, // "bad wincrypt acquire" +CRYPTGEN_E = 1002, // "CryptGenRandom error" +OPEN_RAN_E = 1003, // "open /dev/urandom error" +READ_RAN_E = 1004, // "read /dev/urandom error" + +// Integer +INTEGER_E = 1010, // "bad DER Integer Header" + + +// ASN.1 +SEQUENCE_E = 1020, // "bad Sequence Header" +SET_E = 1021, // "bad Set Header" +VERSION_E = 1022, // "version length not 1" +SIG_OID_E = 1023, // "signature OID mismatch" +BIT_STR_E = 1024, // "bad BitString Header" +UNKNOWN_OID_E = 1025, // "unknown key OID type" +OBJECT_ID_E = 1026, // "bad Ojbect ID Header" +TAG_NULL_E = 1027, // "expected TAG NULL" +EXPECT_0_E = 1028, // "expected 0" +OCTET_STR_E = 1029, // "bad Octet String Header" +TIME_E = 1030, // "bad TIME" + +DATE_SZ_E = 1031, // "bad Date Size" +SIG_LEN_E = 1032, // "bad Signature Length" +UNKOWN_SIG_E = 1033, // "unknown signature OID" +UNKOWN_HASH_E = 1034, // "unknown hash OID" +DSA_SZ_E = 1035, // "bad DSA r or s size" +BEFORE_DATE_E = 1036, // "before date in the future" +AFTER_DATE_E = 1037, // "after date in the past" +SIG_CONFIRM_E = 1038, // "bad self signature confirmation" +SIG_OTHER_E = 1039, // "bad other signature confirmation" + +CONTENT_E = 1040, // "bad content processing" +PEM_E = 1041 // "bad pem format error" + + // add error string to yassl/src/yassl_error.cpp !!! +}; + + +struct Error { + ErrorNumber what_; // description number, 0 for no error + + explicit Error(ErrorNumber w = NO_ERROR_E) : what_(w) {} + + ErrorNumber What() const { return what_; } + void SetError(ErrorNumber w) { what_ = w; } +}; + + + +} // namespace TaoCrypt + +#endif // TAO_CRYPT_ERROR_HPP diff --git a/mysql/extra/yassl/taocrypt/include/file.hpp b/mysql/extra/yassl/taocrypt/include/file.hpp new file mode 100644 index 0000000..9851a00 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/file.hpp @@ -0,0 +1,130 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* file.hpp provies File Sources and Sinks +*/ + + +#ifndef TAO_CRYPT_FILE_HPP +#define TAO_CRYPT_FILE_HPP + +#include "misc.hpp" +#include "block.hpp" +#include "error.hpp" +#include + +namespace TaoCrypt { + + +class Source { + ByteBlock buffer_; + word32 current_; + Error error_; +public: + explicit Source(word32 sz = 0) : buffer_(sz), current_(0) {} + Source(const byte* b, word32 sz) : buffer_(b, sz), current_(0) {} + + word32 remaining() { if (GetError().What()) return 0; + else return buffer_.size() - current_; } + word32 size() const { return buffer_.size(); } + void grow(word32 sz) { buffer_.CleanGrow(sz); } + + bool IsLeft(word32 sz) { if (remaining() >= sz) return true; + else { SetError(CONTENT_E); return false; } } + + const byte* get_buffer() const { return buffer_.get_buffer(); } + const byte* get_current() const { return &buffer_[current_]; } + word32 get_index() const { return current_; } + void set_index(word32 i) { if (i < size()) current_ = i; } + + byte operator[] (word32 i) { current_ = i; return next(); } + byte next() { if (IsLeft(1)) return buffer_[current_++]; else return 0; } + byte prev() { if (current_) return buffer_[--current_]; else return 0; } + + void add(const byte* data, word32 len) + { + if (IsLeft(len)) { + memcpy(buffer_.get_buffer() + current_, data, len); + current_ += len; + } + } + + void advance(word32 i) { if (IsLeft(i)) current_ += i; } + void reset(ByteBlock&); + + Error GetError() { return error_; } + void SetError(ErrorNumber w) { error_.SetError(w); } + + friend class FileSource; // for get() + + Source(const Source& that) + : buffer_(that.buffer_), current_(that.current_) {} + + Source& operator=(const Source& that) + { + Source tmp(that); + Swap(tmp); + return *this; + } + + void Swap(Source& other) + { + buffer_.Swap(other.buffer_); + STL::swap(current_, other.current_); + } + +}; + + +// File Source +class FileSource { + FILE* file_; +public: + FileSource(const char* fname, Source& source); + ~FileSource(); + + word32 size(bool use_current = false); +private: + word32 get(Source&); + word32 size_left(); + + FileSource(const FileSource&); // hide + FileSource& operator=(const FileSource&); // hide +}; + + +// File Sink +class FileSink { + FILE* file_; +public: + FileSink(const char* fname, Source& source); + ~FileSink(); + + word32 size(bool use_current = false); +private: + void put(Source&); + + FileSink(const FileSink&); // hide + FileSink& operator=(const FileSink&); // hide +}; + + + +} // namespace + +#endif // TAO_CRYPT_FILE_HPP diff --git a/mysql/extra/yassl/taocrypt/include/hash.hpp b/mysql/extra/yassl/taocrypt/include/hash.hpp new file mode 100644 index 0000000..4d2f7dd --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/hash.hpp @@ -0,0 +1,110 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* hash.hpp provides a base for digest types +*/ + + +#ifndef TAO_CRYPT_HASH_HPP +#define TAO_CRYPT_HASH_HPP + +#include "misc.hpp" + +namespace TaoCrypt { + + +// HASH +class HASH : public virtual_base { +public: + virtual ~HASH() {} + + virtual void Update(const byte*, word32) = 0; + virtual void Final(byte*) = 0; + + virtual void Init() = 0; + + virtual word32 getBlockSize() const = 0; + virtual word32 getDigestSize() const = 0; +}; + + +// HASH with Transform +class HASHwithTransform : public HASH { +public: + HASHwithTransform(word32 digSz, word32 buffSz); + virtual ~HASHwithTransform() {} + virtual ByteOrder getByteOrder() const = 0; + virtual word32 getPadSize() const = 0; + + virtual void Update(const byte*, word32); + virtual void Final(byte*); + + word32 GetBitCountLo() const { return loLen_ << 3; } + word32 GetBitCountHi() const { return (loLen_ >> (8*sizeof(loLen_) - 3)) + + (hiLen_ << 3); } + enum { MaxDigestSz = 8, MaxBufferSz = 64 }; +protected: + typedef word32 HashLengthType; + word32 buffLen_; // in bytes + HashLengthType loLen_; // length in bytes + HashLengthType hiLen_; // length in bytes + word32 digest_[MaxDigestSz]; + word32 buffer_[MaxBufferSz / sizeof(word32)]; + + virtual void Transform() = 0; + + void AddLength(word32); +}; + + +#ifdef WORD64_AVAILABLE + +// 64-bit HASH with Transform +class HASH64withTransform : public HASH { +public: + HASH64withTransform(word32 digSz, word32 buffSz); + virtual ~HASH64withTransform() {} + virtual ByteOrder getByteOrder() const = 0; + virtual word32 getPadSize() const = 0; + + virtual void Update(const byte*, word32); + virtual void Final(byte*); + + word32 GetBitCountLo() const { return loLen_ << 3; } + word32 GetBitCountHi() const { return (loLen_ >> (8*sizeof(loLen_) - 3)) + + (hiLen_ << 3); } + enum { MaxDigestSz = 8, MaxBufferSz = 128 }; +protected: + typedef word32 HashLengthType; + word32 buffLen_; // in bytes + HashLengthType loLen_; // length in bytes + HashLengthType hiLen_; // length in bytes + word64 digest_[MaxDigestSz]; + word64 buffer_[MaxBufferSz / sizeof(word64)]; + + virtual void Transform() = 0; + + void AddLength(word32); +}; + +#endif // WORD64_AVAILABLE + + +} // namespace + +#endif // TAO_CRYPT_HASH_HPP diff --git a/mysql/extra/yassl/taocrypt/include/hc128.hpp b/mysql/extra/yassl/taocrypt/include/hc128.hpp new file mode 100644 index 0000000..69e9d63 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/hc128.hpp @@ -0,0 +1,63 @@ +/* + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* hc128.hpp defines HC128 +*/ + + +#ifndef TAO_CRYPT_HC128_HPP +#define TAO_CRYPT_HC128_HPP + +#include "misc.hpp" + +namespace TaoCrypt { + + +// HC128 encryption and decryption +class HC128 { +public: + + typedef HC128 Encryption; + typedef HC128 Decryption; + + + HC128() {} + + void Process(byte*, const byte*, word32); + void SetKey(const byte*, const byte*); +private: + word32 T_[1024]; /* P[i] = T[i]; Q[i] = T[1024 + i ]; */ + word32 X_[16]; + word32 Y_[16]; + word32 counter1024_; /* counter1024 = i mod 1024 at the ith step */ + word32 key_[8]; + word32 iv_[8]; + + void SetIV(const byte*); + void GenerateKeystream(word32*); + void SetupUpdate(); + + HC128(const HC128&); // hide copy + const HC128 operator=(const HC128&); // and assign +}; + +} // namespace + + +#endif // TAO_CRYPT_HC128_HPP + diff --git a/mysql/extra/yassl/taocrypt/include/hmac.hpp b/mysql/extra/yassl/taocrypt/include/hmac.hpp new file mode 100644 index 0000000..4df081b --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/hmac.hpp @@ -0,0 +1,138 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* hamc.hpp implements HMAC, see RFC 2104 +*/ + + +#ifndef TAO_CRYPT_HMAC_HPP +#define TAO_CRYPT_HMAC_HPP + +#include "hash.hpp" + +namespace TaoCrypt { + + +// HMAC class template +template +class HMAC { +public: + enum { IPAD = 0x36, OPAD = 0x5C }; + + HMAC() : ipad_(reinterpret_cast(&ip_)), + opad_(reinterpret_cast(&op_)), + innerHash_(reinterpret_cast(&innerH_)) + { + Init(); + } + void Update(const byte*, word32); + void Final(byte*); + void Init(); + + void SetKey(const byte*, word32); +private: + byte* ipad_; + byte* opad_; + byte* innerHash_; + bool innerHashKeyed_; + T mac_; + + // MSVC 6 HACK, gives compiler error if calculated in array + enum { HMAC_BSIZE = T::BLOCK_SIZE / sizeof(word32), + HMAC_DSIZE = T::DIGEST_SIZE / sizeof(word32) }; + + word32 ip_[HMAC_BSIZE]; // align ipad_ on word32 + word32 op_[HMAC_BSIZE]; // align opad_ on word32 + word32 innerH_[HMAC_DSIZE]; // align innerHash_ on word32 + + void KeyInnerHash(); + + HMAC(const HMAC&); + HMAC& operator= (const HMAC&); +}; + + +// Setup +template +void HMAC::Init() +{ + mac_.Init(); + innerHashKeyed_ = false; +} + + +// Key generation +template +void HMAC::SetKey(const byte* key, word32 length) +{ + Init(); + + if (length <= T::BLOCK_SIZE) + memcpy(ipad_, key, length); + else { + mac_.Update(key, length); + mac_.Final(ipad_); + length = T::DIGEST_SIZE; + } + memset(ipad_ + length, 0, T::BLOCK_SIZE - length); + + for (word32 i = 0; i < T::BLOCK_SIZE; i++) { + opad_[i] = ipad_[i] ^ OPAD; + ipad_[i] ^= IPAD; + } +} + + +// Inner Key Hash +template +void HMAC::KeyInnerHash() +{ + mac_.Update(ipad_, T::BLOCK_SIZE); + innerHashKeyed_ = true; +} + + +// Update +template +void HMAC::Update(const byte* msg, word32 length) +{ + if (!innerHashKeyed_) + KeyInnerHash(); + mac_.Update(msg, length); +} + + +// Final +template +void HMAC::Final(byte* hash) +{ + if (!innerHashKeyed_) + KeyInnerHash(); + mac_.Final(innerHash_); + + mac_.Update(opad_, T::BLOCK_SIZE); + mac_.Update(innerHash_, T::DIGEST_SIZE); + mac_.Final(hash); + + innerHashKeyed_ = false; +} + + +} // namespace + +#endif // TAO_CRYPT_HMAC_HPP diff --git a/mysql/extra/yassl/taocrypt/include/integer.hpp b/mysql/extra/yassl/taocrypt/include/integer.hpp new file mode 100644 index 0000000..05fe189 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/integer.hpp @@ -0,0 +1,332 @@ +/* + Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* based on Wei Dai's integer.h from CryptoPP */ + + +#ifndef TAO_CRYPT_INTEGER_HPP +#define TAO_CRYPT_INTEGER_HPP + + +#ifdef _MSC_VER + // 4250: dominance + // 4660: explicitly instantiating a class already implicitly instantiated + // 4661: no suitable definition provided for explicit template request + // 4786: identifer was truncated in debug information + // 4355: 'this' : used in base member initializer list +# pragma warning(disable: 4250 4660 4661 4786 4355) +#endif + + +#include "misc.hpp" +#include "block.hpp" +#include "random.hpp" +#include "file.hpp" +#include +#ifdef USE_SYS_STL + #include +#else + #include "algorithm.hpp" +#endif + + +#ifdef TAOCRYPT_X86ASM_AVAILABLE + #if defined(__GNUC__) && (__GNUC__ >= 4) + // GCC 4 or greater optimizes too much inline on recursive for bigint, + // -O3 just as fast without asm here anyway + #undef TAOCRYPT_X86ASM_AVAILABLE + #endif +#endif + +#ifdef TAOCRYPT_X86ASM_AVAILABLE + +#ifdef _M_IX86 + #if (defined(__INTEL_COMPILER) && (__INTEL_COMPILER >= 500)) || \ + (defined(__ICL) && (__ICL >= 500)) + #define SSE2_INTRINSICS_AVAILABLE + #define TAOCRYPT_MM_MALLOC_AVAILABLE + #elif defined(_MSC_VER) + // _mm_free seems to be the only way to tell if the Processor Pack is + //installed or not + #include + #if defined(_mm_free) + #define SSE2_INTRINSICS_AVAILABLE + #define TAOCRYPT_MM_MALLOC_AVAILABLE + #endif + #endif +#endif + +// SSE2 intrinsics work in GCC 3.3 or later +#if defined(__SSE2__) && (__GNUC__ == 4 || __GNUC_MAJOR__ > 3 || \ + __GNUC_MINOR__ > 2) + #define SSE2_INTRINSICS_AVAILABLE +#endif + +#endif // X86ASM + + + + +namespace TaoCrypt { + +#if defined(SSE2_INTRINSICS_AVAILABLE) + + // Allocator handling proper alignment + template + class AlignedAllocator : public AllocatorBase + { + public: + typedef typename AllocatorBase::pointer pointer; + typedef typename AllocatorBase::size_type size_type; + + pointer allocate(size_type n, const void* = 0); + void deallocate(void* p, size_type n); + pointer reallocate(T* p, size_type oldSize, size_type newSize, + bool preserve) + { + return StdReallocate(*this, p, oldSize, newSize, preserve); + } + + #if !(defined(TAOCRYPT_MALLOC_ALIGNMENT_IS_16) || \ + defined(TAOCRYPT_MEMALIGN_AVAILABLE) || \ + defined(TAOCRYPT_MM_MALLOC_AVAILABLE)) + #define TAOCRYPT_NO_ALIGNED_ALLOC + AlignedAllocator() : m_pBlock(0) {} + protected: + void *m_pBlock; + #endif + }; + + typedef Block > AlignedWordBlock; +#else + typedef WordBlock AlignedWordBlock; +#endif + + + +#ifdef _WIN32 + #undef max // avoid name clash +#endif +// general MAX +template inline +const T& max(const T& a, const T& b) +{ + return a > b ? a : b; +} + + +// Large Integer class +class Integer { +public: + enum Sign {POSITIVE = 0, NEGATIVE = 1 }; + enum Signedness { UNSIGNED, SIGNED }; + enum RandomNumberType { ANY, PRIME }; + + class DivideByZero {}; + + Integer(); + Integer(const Integer& t); + Integer(signed long value); + Integer(Sign s, word highWord, word lowWord); + + // BER Decode Source + explicit Integer(Source&); + + Integer(const byte* encodedInteger, unsigned int byteCount, + Signedness s = UNSIGNED); + + ~Integer() {} + + static const Integer& Zero(); + static const Integer& One(); + + Integer& Ref() { return *this; } + + Integer(RandomNumberGenerator& rng, const Integer& min, + const Integer& max); + + static Integer Power2(unsigned int e); + + unsigned int MinEncodedSize(Signedness = UNSIGNED) const; + unsigned int Encode(byte* output, unsigned int outputLen, + Signedness = UNSIGNED) const; + + void Decode(const byte* input, unsigned int inputLen, + Signedness = UNSIGNED); + void Decode(Source&); + + bool IsConvertableToLong() const; + signed long ConvertToLong() const; + + unsigned int BitCount() const; + unsigned int ByteCount() const; + unsigned int WordCount() const; + + bool GetBit(unsigned int i) const; + byte GetByte(unsigned int i) const; + unsigned long GetBits(unsigned int i, unsigned int n) const; + + bool IsZero() const { return !*this; } + bool NotZero() const { return !IsZero(); } + bool IsNegative() const { return sign_ == NEGATIVE; } + bool NotNegative() const { return !IsNegative(); } + bool IsPositive() const { return NotNegative() && NotZero(); } + bool NotPositive() const { return !IsPositive(); } + bool IsEven() const { return GetBit(0) == 0; } + bool IsOdd() const { return GetBit(0) == 1; } + + Integer& operator=(const Integer& t); + Integer& operator+=(const Integer& t); + Integer& operator-=(const Integer& t); + Integer& operator*=(const Integer& t) { return *this = Times(t); } + Integer& operator/=(const Integer& t) + { return *this = DividedBy(t);} + Integer& operator%=(const Integer& t) { return *this = Modulo(t); } + Integer& operator/=(word t) { return *this = DividedBy(t); } + Integer& operator%=(word t) { return *this = Modulo(t); } + Integer& operator<<=(unsigned int); + Integer& operator>>=(unsigned int); + + + void Randomize(RandomNumberGenerator &rng, unsigned int bitcount); + void Randomize(RandomNumberGenerator &rng, const Integer &min, + const Integer &max); + + void SetBit(unsigned int n, bool value = 1); + void SetByte(unsigned int n, byte value); + + void Negate(); + void SetPositive() { sign_ = POSITIVE; } + void SetNegative() { if (!!(*this)) sign_ = NEGATIVE; } + void Swap(Integer& a); + + bool operator!() const; + Integer operator+() const {return *this;} + Integer operator-() const; + Integer& operator++(); + Integer& operator--(); + Integer operator++(int) + { Integer temp = *this; ++*this; return temp; } + Integer operator--(int) + { Integer temp = *this; --*this; return temp; } + + int Compare(const Integer& a) const; + + Integer Plus(const Integer &b) const; + Integer Minus(const Integer &b) const; + Integer Times(const Integer &b) const; + Integer DividedBy(const Integer &b) const; + Integer Modulo(const Integer &b) const; + Integer DividedBy(word b) const; + word Modulo(word b) const; + + Integer operator>>(unsigned int n) const { return Integer(*this)>>=n; } + Integer operator<<(unsigned int n) const { return Integer(*this)<<=n; } + + Integer AbsoluteValue() const; + Integer Doubled() const { return Plus(*this); } + Integer Squared() const { return Times(*this); } + Integer SquareRoot() const; + + bool IsSquare() const; + bool IsUnit() const; + + Integer MultiplicativeInverse() const; + + friend Integer a_times_b_mod_c(const Integer& x, const Integer& y, + const Integer& m); + friend Integer a_exp_b_mod_c(const Integer& x, const Integer& e, + const Integer& m); + + static void Divide(Integer& r, Integer& q, const Integer& a, + const Integer& d); + static void Divide(word& r, Integer& q, const Integer& a, word d); + static void DivideByPowerOf2(Integer& r, Integer& q, const Integer& a, + unsigned int n); + static Integer Gcd(const Integer& a, const Integer& n); + + Integer InverseMod(const Integer& n) const; + word InverseMod(word n) const; + +private: + friend class ModularArithmetic; + friend class MontgomeryRepresentation; + + Integer(word value, unsigned int length); + int PositiveCompare(const Integer& t) const; + + friend void PositiveAdd(Integer& sum, const Integer& a, const Integer& b); + friend void PositiveSubtract(Integer& diff, const Integer& a, + const Integer& b); + friend void PositiveMultiply(Integer& product, const Integer& a, + const Integer& b); + friend void PositiveDivide(Integer& remainder, Integer& quotient, const + Integer& dividend, const Integer& divisor); + AlignedWordBlock reg_; + Sign sign_; +}; + +inline bool operator==(const Integer& a, const Integer& b) + {return a.Compare(b)==0;} +inline bool operator!=(const Integer& a, const Integer& b) + {return a.Compare(b)!=0;} +inline bool operator> (const Integer& a, const Integer& b) + {return a.Compare(b)> 0;} +inline bool operator>=(const Integer& a, const Integer& b) + {return a.Compare(b)>=0;} +inline bool operator< (const Integer& a, const Integer& b) + {return a.Compare(b)< 0;} +inline bool operator<=(const Integer& a, const Integer& b) + {return a.Compare(b)<=0;} + +inline Integer operator+(const Integer &a, const Integer &b) + {return a.Plus(b);} +inline Integer operator-(const Integer &a, const Integer &b) + {return a.Minus(b);} +inline Integer operator*(const Integer &a, const Integer &b) + {return a.Times(b);} +inline Integer operator/(const Integer &a, const Integer &b) + {return a.DividedBy(b);} +inline Integer operator%(const Integer &a, const Integer &b) + {return a.Modulo(b);} +inline Integer operator/(const Integer &a, word b) {return a.DividedBy(b);} +inline word operator%(const Integer &a, word b) {return a.Modulo(b);} + +inline void swap(Integer &a, Integer &b) +{ + a.Swap(b); +} + + +Integer CRT(const Integer& xp, const Integer& p, const Integer& xq, + const Integer& q, const Integer& u); + +inline Integer ModularExponentiation(const Integer& a, const Integer& e, + const Integer& m) +{ + return a_exp_b_mod_c(a, e, m); +} + +Integer ModularRoot(const Integer& a, const Integer& dp, const Integer& dq, + const Integer& p, const Integer& q, const Integer& u); + + + +} // namespace + +#endif // TAO_CRYPT_INTEGER_HPP diff --git a/mysql/extra/yassl/taocrypt/include/kernelc.hpp b/mysql/extra/yassl/taocrypt/include/kernelc.hpp new file mode 100644 index 0000000..0840b3f --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/kernelc.hpp @@ -0,0 +1,34 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* kernelc.hpp provides support for C std lib when compiled in kernel mode +*/ + +#ifndef TAOCRYPT_KERNELC_HPP +#define TAOCRYPT_KERNELC_HPP + +#include // get right size_t + +// system functions that c++ doesn't like headers for + +extern "C" void* memcpy(void*, const void*, size_t); +extern "C" void* memset(void*, int, size_t); +extern "C" void printk(char *fmt, ...); + + +#endif // TAOCRYPT_KERNELC_HPP diff --git a/mysql/extra/yassl/taocrypt/include/md2.hpp b/mysql/extra/yassl/taocrypt/include/md2.hpp new file mode 100644 index 0000000..5c2b141 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/md2.hpp @@ -0,0 +1,64 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* md2.hpp provides MD2 digest support, see RFC 1319 +*/ + +#ifndef TAO_CRYPT_MD2_HPP +#define TAO_CRYPT_MD2_HPP + + +#include "hash.hpp" +#include "block.hpp" + + +namespace TaoCrypt { + + +// MD2 digest +class MD2 : public HASH { +public: + enum { BLOCK_SIZE = 16, DIGEST_SIZE = 16, PAD_SIZE = 16, X_SIZE = 48 }; + MD2(); + + word32 getBlockSize() const { return BLOCK_SIZE; } + word32 getDigestSize() const { return DIGEST_SIZE; } + + void Update(const byte*, word32); + void Final(byte*); + + void Init(); + void Swap(MD2&); +private: + ByteBlock X_, C_, buffer_; + word32 count_; // bytes % PAD_SIZE + + MD2(const MD2&); + MD2& operator=(const MD2&); +}; + +inline void swap(MD2& a, MD2& b) +{ + a.Swap(b); +} + + +} // namespace + +#endif // TAO_CRYPT_MD2_HPP + diff --git a/mysql/extra/yassl/taocrypt/include/md4.hpp b/mysql/extra/yassl/taocrypt/include/md4.hpp new file mode 100644 index 0000000..424c744 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/md4.hpp @@ -0,0 +1,62 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* md4.hpp provides MD4 digest support + * WANRING: MD4 is considered insecure, only use if you have to, e.g., yaSSL + * libcurl supports needs this for NTLM authentication +*/ + +#ifndef TAO_CRYPT_MD4_HPP +#define TAO_CRYPT_MD4_HPP + +#include "hash.hpp" + +namespace TaoCrypt { + + +// MD4 digest +class MD4 : public HASHwithTransform { +public: + enum { BLOCK_SIZE = 64, DIGEST_SIZE = 16, PAD_SIZE = 56, + TAO_BYTE_ORDER = LittleEndianOrder }; // in Bytes + MD4() : HASHwithTransform(DIGEST_SIZE / sizeof(word32), BLOCK_SIZE) + { Init(); } + ByteOrder getByteOrder() const { return ByteOrder(TAO_BYTE_ORDER); } + word32 getBlockSize() const { return BLOCK_SIZE; } + word32 getDigestSize() const { return DIGEST_SIZE; } + word32 getPadSize() const { return PAD_SIZE; } + + MD4(const MD4&); + MD4& operator= (const MD4&); + + void Init(); + void Swap(MD4&); +private: + void Transform(); +}; + +inline void swap(MD4& a, MD4& b) +{ + a.Swap(b); +} + + +} // namespace + +#endif // TAO_CRYPT_MD4_HPP + diff --git a/mysql/extra/yassl/taocrypt/include/md5.hpp b/mysql/extra/yassl/taocrypt/include/md5.hpp new file mode 100644 index 0000000..fce37bd --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/md5.hpp @@ -0,0 +1,70 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* md5.hpp provides MD5 digest support, see RFC 1321 +*/ + +#ifndef TAO_CRYPT_MD5_HPP +#define TAO_CRYPT_MD5_HPP + +#include "hash.hpp" + + +#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) + #define DO_MD5_ASM +#endif + +namespace TaoCrypt { + + +// MD5 digest +class MD5 : public HASHwithTransform { +public: + enum { BLOCK_SIZE = 64, DIGEST_SIZE = 16, PAD_SIZE = 56, + TAO_BYTE_ORDER = LittleEndianOrder }; // in Bytes + MD5() : HASHwithTransform(DIGEST_SIZE / sizeof(word32), BLOCK_SIZE) + { Init(); } + ByteOrder getByteOrder() const { return ByteOrder(TAO_BYTE_ORDER); } + word32 getBlockSize() const { return BLOCK_SIZE; } + word32 getDigestSize() const { return DIGEST_SIZE; } + word32 getPadSize() const { return PAD_SIZE; } + + MD5(const MD5&); + MD5& operator= (const MD5&); + +#ifdef DO_MD5_ASM + void Update(const byte*, word32); +#endif + + void Init(); + void Swap(MD5&); +private: + void Transform(); + void AsmTransform(const byte* data, word32 times); +}; + +inline void swap(MD5& a, MD5& b) +{ + a.Swap(b); +} + + +} // namespace + +#endif // TAO_CRYPT_MD5_HPP + diff --git a/mysql/extra/yassl/taocrypt/include/misc.hpp b/mysql/extra/yassl/taocrypt/include/misc.hpp new file mode 100644 index 0000000..18f13e7 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/misc.hpp @@ -0,0 +1,888 @@ +/* + Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* based on Wei Dai's misc.h from CryptoPP */ + +#ifndef TAO_CRYPT_MISC_HPP +#define TAO_CRYPT_MISC_HPP + + +#if !defined(DO_TAOCRYPT_KERNEL_MODE) + #include + #include +#else + #include "kernelc.hpp" +#endif + +#include "types.hpp" +#include "type_traits.hpp" + + + +namespace TaoCrypt { + + +// Delete static singleton holders +void CleanUp(); + + +#ifdef YASSL_PURE_C + + // library allocation + struct new_t {}; // TaoCrypt New type + extern new_t tc; // pass in parameter + + } // namespace TaoCrypt + + void* operator new (size_t, TaoCrypt::new_t); + void* operator new[](size_t, TaoCrypt::new_t); + + void operator delete (void*, TaoCrypt::new_t); + void operator delete[](void*, TaoCrypt::new_t); + + + namespace TaoCrypt { + + template + void tcDelete(T* ptr) + { + if (ptr) ptr->~T(); + ::operator delete(ptr, TaoCrypt::tc); + } + + template + void tcArrayDelete(T* ptr) + { + // can't do array placement destruction since not tracking size in + // allocation, only allow builtins to use array placement since they + // don't need destructors called + typedef char builtin[IsFundamentalType::Yes ? 1 : -1]; + (void)sizeof(builtin); + + ::operator delete[](ptr, TaoCrypt::tc); + } + + #define NEW_TC new (TaoCrypt::tc) + + + // to resolve compiler generated operator delete on base classes with + // virtual destructors (when on stack) + class virtual_base { + public: + static void operator delete(void*) { } + }; + +#else // YASSL_PURE_C + + + template + void tcDelete(T* ptr) + { + delete ptr; + } + + template + void tcArrayDelete(T* ptr) + { + delete[] ptr; + } + + #define NEW_TC new + + class virtual_base {}; + + +#endif // YASSL_PURE_C + + +#if defined(_MSC_VER) || defined(__BCPLUSPLUS__) + #define INTEL_INTRINSICS + #define FAST_ROTATE +#elif defined(__MWERKS__) && TARGET_CPU_PPC + #define PPC_INTRINSICS + #define FAST_ROTATE +#elif defined(__GNUC__) && defined(__i386__) + // GCC does peephole optimizations which should result in using rotate + // instructions + #define FAST_ROTATE +#endif + + +// no gas on these systems ?, disable for now +#if defined(__sun__) + #undef TAOCRYPT_DISABLE_X86ASM + #define TAOCRYPT_DISABLE_X86ASM +#endif + +// icc problem with -03 and integer, disable for now +#if defined(__INTEL_COMPILER) + #undef TAOCRYPT_DISABLE_X86ASM + #define TAOCRYPT_DISABLE_X86ASM +#endif + +// indpedent of build system, unless ia32 asm is enabled disable it +#if !defined(TAOCRYPT_ENABLE_X86ASM) + #undef TAOCRYPT_DISABLE_X86ASM + #define TAOCRYPT_DISABLE_X86ASM +#endif + +// Turn on ia32 ASM for Big Integer +// CodeWarrior defines _MSC_VER +#if !defined(TAOCRYPT_DISABLE_X86ASM) && ((defined(_MSC_VER) && \ + !defined(__MWERKS__) && defined(_M_IX86)) || \ + (defined(__GNUC__) && defined(__i386__))) + #define TAOCRYPT_X86ASM_AVAILABLE +#endif + + +#ifdef TAOCRYPT_X86ASM_AVAILABLE + bool HaveCpuId(); + bool IsPentium(); + void CpuId(word32 input, word32 *output); + + extern bool isMMX; +#endif + + + + +// Turn on ia32 ASM for Ciphers and Message Digests +// Seperate define since these are more complex, use member offsets +// and user may want to turn off while leaving Big Integer optos on +#if defined(TAOCRYPT_X86ASM_AVAILABLE) && !defined(DISABLE_TAO_ASM) + #define TAO_ASM +#endif + + +// Extra word in older vtable implementations, for ASM member offset +#if defined(__GNUC__) && __GNUC__ < 3 + #define OLD_GCC_OFFSET +#endif + + +#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) +# define TAOCRYPT_MALLOC_ALIGNMENT_IS_16 +#endif + +#if defined(__linux__) || defined(__sun__) +# define TAOCRYPT_MEMALIGN_AVAILABLE +#endif + + +#if defined(_WIN32) + #define TAOCRYPT_WIN32_AVAILABLE +#endif + +#if defined(__unix__) || defined(__MACH__) + #define TAOCRYPT_UNIX_AVAILABLE +#endif + + +// VC60 workaround: it doesn't allow typename in some places +#if defined(_MSC_VER) && (_MSC_VER < 1300) + #define CPP_TYPENAME +#else + #define CPP_TYPENAME typename +#endif + + +#ifdef _MSC_VER + #define TAOCRYPT_NO_VTABLE __declspec(novtable) +#else + #define TAOCRYPT_NO_VTABLE +#endif + + +#ifdef USE_SYS_STL + // use system STL + #define STL_NAMESPACE std +#else + // use mySTL + #define STL_NAMESPACE mySTL +#endif + + +// ***************** DLL related ******************** + +#ifdef TAOCRYPT_WIN32_AVAILABLE + +#ifdef TAOCRYPT_EXPORTS + #define TAOCRYPT_IS_DLL + #define TAOCRYPT_DLL __declspec(dllexport) +#elif defined(TAOCRYPT_IMPORTS) + #define TAOCRYPT_IS_DLL + #define TAOCRYPT_DLL __declspec(dllimport) +#else + #define TAOCRYPT_DLL +#endif // EXPORTS + +#define TAOCRYPT_API __stdcall +#define TAOCRYPT_CDECL __cdecl + +#else // TAOCRYPT_WIN32_AVAILABLE + +#define TAOCRYPT_DLL +#define TAOCRYPT_API +#define TAOCRYPT_CDECL + +#endif // TAOCRYPT_WIN32_AVAILABLE + + +// ****************** tempalte stuff ******************* + + +#if defined(TAOCRYPT_MANUALLY_INSTANTIATE_TEMPLATES) && \ + !defined(TAOCRYPT_IMPORTS) + #define TAOCRYPT_DLL_TEMPLATE_CLASS template class TAOCRYPT_DLL +#elif defined(__MWERKS__) + #define TAOCRYPT_DLL_TEMPLATE_CLASS extern class TAOCRYPT_DLL +#else + #define TAOCRYPT_DLL_TEMPLATE_CLASS extern template class TAOCRYPT_DLL +#endif + + +#if defined(TAOCRYPT_MANUALLY_INSTANTIATE_TEMPLATES) && \ + !defined(TAOCRYPT_EXPORTS) + #define TAOCRYPT_STATIC_TEMPLATE_CLASS template class +#elif defined(__MWERKS__) + #define TAOCRYPT_STATIC_TEMPLATE_CLASS extern class +#else + #define TAOCRYPT_STATIC_TEMPLATE_CLASS extern template class +#endif + + +// ************** compile-time assertion *************** + +template +struct CompileAssert +{ + static char dummy[2*b-1]; +}; + +#define TAOCRYPT_COMPILE_ASSERT(assertion) \ + TAOCRYPT_COMPILE_ASSERT_INSTANCE(assertion, __LINE__) + +#if defined(TAOCRYPT_EXPORTS) || defined(TAOCRYPT_IMPORTS) + #define TAOCRYPT_COMPILE_ASSERT_INSTANCE(assertion, instance) +#else + #define TAOCRYPT_COMPILE_ASSERT_INSTANCE(assertion, instance) \ + (void)sizeof(CompileAssert<(assertion)>) +#endif + +#define TAOCRYPT_ASSERT_JOIN(X, Y) TAOCRYPT_DO_ASSERT_JOIN(X, Y) + +#define TAOCRYPT_DO_ASSERT_JOIN(X, Y) X##Y + + +/*************** helpers *****************************/ + +inline unsigned int BitsToBytes(unsigned int bitCount) +{ + return ((bitCount+7)/(8)); +} + +inline unsigned int BytesToWords(unsigned int byteCount) +{ + return ((byteCount+WORD_SIZE-1)/WORD_SIZE); +} + +inline unsigned int BitsToWords(unsigned int bitCount) +{ + return ((bitCount+WORD_BITS-1)/(WORD_BITS)); +} + +inline void CopyWords(word* r, const word* a, word32 n) +{ + for (word32 i = 0; i < n; i++) + r[i] = a[i]; +} + +inline unsigned int CountWords(const word* X, unsigned int N) +{ + while (N && X[N-1]==0) + N--; + return N; +} + +inline void SetWords(word* r, word a, unsigned int n) +{ + for (unsigned int i=0; i +struct EnumToType +{ + static ENUM_TYPE ToEnum() { return (ENUM_TYPE)VALUE; } +}; + +typedef EnumToType LittleEndian; +typedef EnumToType BigEndian; + + +#ifndef BIG_ENDIAN_ORDER + typedef LittleEndian HostByteOrder; +#else + typedef BigEndian HostByteOrder; +#endif + +inline ByteOrder GetHostByteOrder() +{ + return HostByteOrder::ToEnum(); +} + +inline bool HostByteOrderIs(ByteOrder order) +{ + return order == GetHostByteOrder(); +} + + +void xorbuf(byte*, const byte*, unsigned int); + + +template +inline bool IsPowerOf2(T n) +{ + return n > 0 && (n & (n-1)) == 0; +} + +template +inline T2 ModPowerOf2(T1 a, T2 b) +{ + return T2(a) & (b-1); +} + +template +inline T RoundDownToMultipleOf(T n, T m) +{ + return n - (IsPowerOf2(m) ? ModPowerOf2(n, m) : (n%m)); +} + +template +inline T RoundUpToMultipleOf(T n, T m) +{ + return RoundDownToMultipleOf(n+m-1, m); +} + +template +inline unsigned int GetAlignment(T* dummy = 0) // VC60 workaround +{ +#if (_MSC_VER >= 1300) + return __alignof(T); +#elif defined(__GNUC__) + return __alignof__(T); +#else + return sizeof(T); +#endif +} + +inline bool IsAlignedOn(const void* p, unsigned int alignment) +{ + return IsPowerOf2(alignment) ? ModPowerOf2((size_t)p, alignment) == 0 + : (size_t)p % alignment == 0; +} + +template +inline bool IsAligned(const void* p, T* dummy = 0) // VC60 workaround +{ + return IsAlignedOn(p, GetAlignment()); +} + + +template inline T rotlFixed(T x, unsigned int y) +{ + return (x<>(sizeof(T)*8-y)); +} + +template inline T rotrFixed(T x, unsigned int y) +{ + return (x>>y) | (x<<(sizeof(T)*8-y)); +} + +#ifdef INTEL_INTRINSICS + +#pragma intrinsic(_lrotl, _lrotr) + +template<> inline word32 rotlFixed(word32 x, word32 y) +{ + return y ? _lrotl(x, y) : x; +} + +template<> inline word32 rotrFixed(word32 x, word32 y) +{ + return y ? _lrotr(x, y) : x; +} + +#endif // INTEL_INTRINSICS + +#ifdef min +#undef min +#endif + + +template +inline const T& min(const T& a, const T& b) +{ + return a < b ? a : b; +} + + +inline word32 ByteReverse(word32 value) +{ +#ifdef PPC_INTRINSICS + // PPC: load reverse indexed instruction + return (word32)__lwbrx(&value,0); +#elif defined(FAST_ROTATE) + // 5 instructions with rotate instruction, 9 without + return (rotrFixed(value, 8U) & 0xff00ff00) | + (rotlFixed(value, 8U) & 0x00ff00ff); +#else + // 6 instructions with rotate instruction, 8 without + value = ((value & 0xFF00FF00) >> 8) | ((value & 0x00FF00FF) << 8); + return rotlFixed(value, 16U); +#endif +} + + +#ifdef WORD64_AVAILABLE + +inline word64 ByteReverse(word64 value) +{ +#ifdef TAOCRYPT_SLOW_WORD64 + return (word64(ByteReverse(word32(value))) << 32) | + ByteReverse(word32(value>>32)); +#else + value = ((value & W64LIT(0xFF00FF00FF00FF00)) >> 8) | + ((value & W64LIT(0x00FF00FF00FF00FF)) << 8); + value = ((value & W64LIT(0xFFFF0000FFFF0000)) >> 16) | + ((value & W64LIT(0x0000FFFF0000FFFF)) << 16); + return rotlFixed(value, 32U); +#endif +} + +#endif // WORD64_AVAILABLE + + +template +inline void ByteReverse(T* out, const T* in, word32 byteCount) +{ + word32 count = byteCount/sizeof(T); + for (word32 i=0; i(out); + const word32* i = reinterpret_cast(in); + ByteReverse(o, i, byteCount); +} + + +template +inline T ByteReverseIf(T value, ByteOrder order) +{ + return HostByteOrderIs(order) ? value : ByteReverse(value); +} + + +template +inline void ByteReverseIf(T* out, const T* in, word32 bc, ByteOrder order) +{ + if (!HostByteOrderIs(order)) + ByteReverse(out, in, bc); + else if (out != in) + memcpy(out, in, bc); +} + + + +// do Asm Reverse is host is Little and x86asm +#ifdef LITTLE_ENDIAN_ORDER + #ifdef TAOCRYPT_X86ASM_AVAILABLE + #define LittleReverse AsmReverse + #else + #define LittleReverse ByteReverse + #endif +#else + #define LittleReverse +#endif + + +// do Asm Reverse is host is Big and x86asm +#ifdef BIG_ENDIAN_ORDER + #ifdef TAOCRYPT_X86ASM_AVAILABLE + #define BigReverse AsmReverse + #else + #define BigReverse ByteReverse + #endif +#else + #define BigReverse +#endif + + +#ifdef TAOCRYPT_X86ASM_AVAILABLE + + // faster than rotate, use bswap + + inline word32 AsmReverse(word32 wd) + { + #ifdef __GNUC__ + __asm__ + ( + "bswap %1" + : "=r"(wd) + : "0"(wd) + ); + #else + __asm + { + mov eax, wd + bswap eax + mov wd, eax + } + #endif + return wd; + } + +#endif + + +template +inline void GetUserKey(ByteOrder order, T* out, word32 outlen, const byte* in, + word32 inlen) +{ + const unsigned int U = sizeof(T); + memcpy(out, in, inlen); + memset((byte *)out+inlen, 0, outlen*U-inlen); + ByteReverseIf(out, out, RoundUpToMultipleOf(inlen, U), order); +} + + +#ifdef _MSC_VER + // disable conversion warning + // 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy + #pragma warning(disable:4244 4996) +#endif + + +inline byte UnalignedGetWordNonTemplate(ByteOrder order, const byte *block, + byte*) +{ + return block[0]; +} + +inline word16 UnalignedGetWordNonTemplate(ByteOrder order, const byte* block, + word16*) +{ + return (order == BigEndianOrder) + ? block[1] | (block[0] << 8) + : block[0] | (block[1] << 8); +} + +inline word32 UnalignedGetWordNonTemplate(ByteOrder order, const byte* block, + word32*) +{ + return (order == BigEndianOrder) + ? word32(block[3]) | (word32(block[2]) << 8) | (word32(block[1]) << 16) + | (word32(block[0]) << 24) + : word32(block[0]) | (word32(block[1]) << 8) | (word32(block[2]) << 16) + | (word32(block[3]) << 24); +} + +template +inline T UnalignedGetWord(ByteOrder order, const byte *block, T* dummy = 0) +{ + return UnalignedGetWordNonTemplate(order, block, dummy); +} + +inline void UnalignedPutWord(ByteOrder order, byte *block, byte value, + const byte *xorBlock = 0) +{ + block[0] = xorBlock ? (value ^ xorBlock[0]) : value; +} + +#define GETBYTE(x, y) (unsigned int)byte((x)>>(8*(y))) + +inline void UnalignedPutWord(ByteOrder order, byte *block, word16 value, + const byte *xorBlock = 0) +{ + if (order == BigEndianOrder) + { + block[0] = GETBYTE(value, 1); + block[1] = GETBYTE(value, 0); + } + else + { + block[0] = GETBYTE(value, 0); + block[1] = GETBYTE(value, 1); + } + + if (xorBlock) + { + block[0] ^= xorBlock[0]; + block[1] ^= xorBlock[1]; + } +} + +inline void UnalignedPutWord(ByteOrder order, byte* block, word32 value, + const byte* xorBlock = 0) +{ + if (order == BigEndianOrder) + { + block[0] = GETBYTE(value, 3); + block[1] = GETBYTE(value, 2); + block[2] = GETBYTE(value, 1); + block[3] = GETBYTE(value, 0); + } + else + { + block[0] = GETBYTE(value, 0); + block[1] = GETBYTE(value, 1); + block[2] = GETBYTE(value, 2); + block[3] = GETBYTE(value, 3); + } + + if (xorBlock) + { + block[0] ^= xorBlock[0]; + block[1] ^= xorBlock[1]; + block[2] ^= xorBlock[2]; + block[3] ^= xorBlock[3]; + } +} + + +template +inline T GetWord(bool assumeAligned, ByteOrder order, const byte *block) +{ + if (assumeAligned) + return ByteReverseIf(*reinterpret_cast(block), order); + else + return UnalignedGetWord(order, block); +} + +template +inline void GetWord(bool assumeAligned, ByteOrder order, T &result, + const byte *block) +{ + result = GetWord(assumeAligned, order, block); +} + +template +inline void PutWord(bool assumeAligned, ByteOrder order, byte* block, T value, + const byte *xorBlock = 0) +{ + if (assumeAligned) + { + if (xorBlock) + *reinterpret_cast(block) = ByteReverseIf(value, order) + ^ *reinterpret_cast(xorBlock); + else + *reinterpret_cast(block) = ByteReverseIf(value, order); + } + else + UnalignedPutWord(order, block, value, xorBlock); +} + +template +class GetBlock +{ +public: + GetBlock(const void *block) + : m_block((const byte *)block) {} + + template + inline GetBlock & operator()(U &x) + { + TAOCRYPT_COMPILE_ASSERT(sizeof(U) >= sizeof(T)); + x = GetWord(A, B::ToEnum(), m_block); + m_block += sizeof(T); + return *this; + } + +private: + const byte *m_block; +}; + +template +class PutBlock +{ +public: + PutBlock(const void *xorBlock, void *block) + : m_xorBlock((const byte *)xorBlock), m_block((byte *)block) {} + + template + inline PutBlock & operator()(U x) + { + PutWord(A, B::ToEnum(), m_block, (T)x, m_xorBlock); + m_block += sizeof(T); + if (m_xorBlock) + m_xorBlock += sizeof(T); + return *this; + } + +private: + const byte *m_xorBlock; + byte *m_block; +}; + +/* + XXX MYSQL: Setting A (assumeAligned) to false, + keeping it true might trigger segfault on SPARC. +*/ +template +struct BlockGetAndPut +{ + // function needed because of C++ grammatical ambiguity between + // expression-statements and declarations + static inline GetBlock Get(const void *block) + {return GetBlock(block);} + typedef PutBlock Put; +}; + + + +template struct SafeShifter; + +template<> struct SafeShifter +{ + template + static inline T RightShift(T value, unsigned int bits) + { + return 0; + } + + template + static inline T LeftShift(T value, unsigned int bits) + { + return 0; + } +}; + +template<> struct SafeShifter +{ + template + static inline T RightShift(T value, unsigned int bits) + { + return value >> bits; + } + + template + static inline T LeftShift(T value, unsigned int bits) + { + return value << bits; + } +}; + +template +inline T SafeRightShift(T value) +{ + return SafeShifter<(bits>=(8*sizeof(T)))>::RightShift(value, bits); +} + +template +inline T SafeLeftShift(T value) +{ + return SafeShifter<(bits>=(8*sizeof(T)))>::LeftShift(value, bits); +} + + +inline +word ShiftWordsLeftByBits(word* r, unsigned int n, unsigned int shiftBits) +{ + word u, carry=0; + if (shiftBits) + for (unsigned int i=0; i> (WORD_BITS-shiftBits); + } + return carry; +} + + +inline +word ShiftWordsRightByBits(word* r, unsigned int n, unsigned int shiftBits) +{ + word u, carry=0; + if (shiftBits) + for (int i=n-1; i>=0; i--) + { + u = r[i]; + r[i] = (u >> shiftBits) | carry; + carry = u << (WORD_BITS-shiftBits); + } + return carry; +} + + +inline +void ShiftWordsLeftByWords(word* r, unsigned int n, unsigned int shiftWords) +{ + shiftWords = min(shiftWords, n); + if (shiftWords) + { + for (unsigned int i=n-1; i>=shiftWords; i--) + r[i] = r[i-shiftWords]; + SetWords(r, 0, shiftWords); + } +} + + +inline +void ShiftWordsRightByWords(word* r, unsigned int n, unsigned int shiftWords) +{ + shiftWords = min(shiftWords, n); + if (shiftWords) + { + for (unsigned int i=0; i+shiftWords +inline T1 SaturatingSubtract(T1 a, T2 b) +{ + TAOCRYPT_COMPILE_ASSERT_INSTANCE(T1(-1)>0, 0); // T1 is unsigned type + TAOCRYPT_COMPILE_ASSERT_INSTANCE(T2(-1)>0, 1); // T2 is unsigned type + return T1((a > b) ? (a - b) : 0); +} + + +// declares +unsigned int BytePrecision(word value); +unsigned int BitPrecision(word); +word Crop(word value, unsigned int size); + + + +} // namespace + +#endif // TAO_CRYPT_MISC_HPP diff --git a/mysql/extra/yassl/taocrypt/include/modarith.hpp b/mysql/extra/yassl/taocrypt/include/modarith.hpp new file mode 100644 index 0000000..5ac3f67 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/modarith.hpp @@ -0,0 +1,165 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + + +/* based on Wei Dai's modarith.h from CryptoPP */ + + +#ifndef TAO_CRYPT_MODARITH_HPP +#define TAO_CRYPT_MODARITH_HPP + +#include "misc.hpp" +#include "algebra.hpp" + +namespace TaoCrypt { + + +// ModularArithmetic +class ModularArithmetic : public AbstractRing +{ +public: + + typedef int RandomizationParameter; + typedef Integer Element; + + ModularArithmetic(const Integer &modulus = Integer::One()) + : modulus(modulus), result((word)0, modulus.reg_.size()) {} + + ModularArithmetic(const ModularArithmetic &ma) + : AbstractRing(), + modulus(ma.modulus), result((word)0, modulus.reg_.size()) {} + + const Integer& GetModulus() const {return modulus;} + void SetModulus(const Integer &newModulus) + { + modulus = newModulus; + result.reg_.resize(modulus.reg_.size()); + } + + virtual bool IsMontgomeryRepresentation() const {return false;} + + virtual Integer ConvertIn(const Integer &a) const + {return a%modulus;} + + virtual Integer ConvertOut(const Integer &a) const + {return a;} + + const Integer& Half(const Integer &a) const; + + bool Equal(const Integer &a, const Integer &b) const + {return a==b;} + + const Integer& Identity() const + {return Integer::Zero();} + + const Integer& Add(const Integer &a, const Integer &b) const; + + Integer& Accumulate(Integer &a, const Integer &b) const; + + const Integer& Inverse(const Integer &a) const; + + const Integer& Subtract(const Integer &a, const Integer &b) const; + + Integer& Reduce(Integer &a, const Integer &b) const; + + const Integer& Double(const Integer &a) const + {return Add(a, a);} + + const Integer& MultiplicativeIdentity() const + {return Integer::One();} + + const Integer& Multiply(const Integer &a, const Integer &b) const + {return result1 = a*b%modulus;} + + const Integer& Square(const Integer &a) const + {return result1 = a.Squared()%modulus;} + + bool IsUnit(const Integer &a) const + {return Integer::Gcd(a, modulus).IsUnit();} + + const Integer& MultiplicativeInverse(const Integer &a) const + {return result1 = a.InverseMod(modulus);} + + const Integer& Divide(const Integer &a, const Integer &b) const + {return Multiply(a, MultiplicativeInverse(b));} + + Integer CascadeExponentiate(const Integer &x, const Integer &e1, + const Integer &y, const Integer &e2) const; + + void SimultaneousExponentiate(Element *results, const Element &base, + const Integer *exponents, unsigned int exponentsCount) const; + + unsigned int MaxElementBitLength() const + {return (modulus-1).BitCount();} + + unsigned int MaxElementByteLength() const + {return (modulus-1).ByteCount();} + + + static const RandomizationParameter DefaultRandomizationParameter; + +protected: + Integer modulus; + mutable Integer result, result1; + +}; + + + +//! do modular arithmetics in Montgomery representation for increased speed +class MontgomeryRepresentation : public ModularArithmetic +{ +public: + MontgomeryRepresentation(const Integer &modulus); // modulus must be odd + + bool IsMontgomeryRepresentation() const {return true;} + + Integer ConvertIn(const Integer &a) const + {return (a<<(WORD_BITS*modulus.reg_.size()))%modulus;} + + Integer ConvertOut(const Integer &a) const; + + const Integer& MultiplicativeIdentity() const + {return result1 = Integer::Power2(WORD_BITS*modulus.reg_.size())%modulus;} + + const Integer& Multiply(const Integer &a, const Integer &b) const; + + const Integer& Square(const Integer &a) const; + + const Integer& MultiplicativeInverse(const Integer &a) const; + + Integer CascadeExponentiate(const Integer &x, const Integer &e1, + const Integer &y, const Integer &e2) const + {return AbstractRing::CascadeExponentiate(x, e1, y, e2);} + + void SimultaneousExponentiate(Element *results, const Element &base, + const Integer *exponents, unsigned int exponentsCount) const + {AbstractRing::SimultaneousExponentiate(results, base, + exponents, exponentsCount);} + +private: + Integer u; + mutable AlignedWordBlock workspace; +}; + + + + +} // namespace + +#endif // TAO_CRYPT_MODARITH_HPP diff --git a/mysql/extra/yassl/taocrypt/include/modes.hpp b/mysql/extra/yassl/taocrypt/include/modes.hpp new file mode 100644 index 0000000..bfe8c6e --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/modes.hpp @@ -0,0 +1,154 @@ +/* + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* modes.hpp provides ECB and CBC modes for block cipher encryption/decryption +*/ + + +#ifndef TAO_CRYPT_MODES_HPP +#define TAO_CRYPT_MODES_HPP + +#include "misc.hpp" + +namespace TaoCrypt { + + +enum Mode { ECB, CBC }; + + + +// BlockCipher abstraction +template +class BlockCipher { +public: + BlockCipher() : cipher_(DIR, MODE) {} + + void Process(byte* c, const byte* p, word32 sz) + { cipher_.Process(c, p, sz); } + void SetKey(const byte* k, word32 sz) + { cipher_.SetKey(k, sz, DIR); } + void SetKey(const byte* k, word32 sz, const byte* iv) + { cipher_.SetKey(k, sz, DIR); cipher_.SetIV(iv); } +private: + T cipher_; + + BlockCipher(const BlockCipher&); // hide copy + BlockCipher& operator=(const BlockCipher&); // and assign +}; + + +// Mode Base for block ciphers, static size +class Mode_BASE : public virtual_base { +public: + enum { MaxBlockSz = 16 }; + + explicit Mode_BASE(int sz, CipherDir dir, Mode mode) + : blockSz_(sz), reg_(reinterpret_cast(r_)), + tmp_(reinterpret_cast(t_)), dir_(dir), mode_(mode) + {} + virtual ~Mode_BASE() {} + + virtual void Process(byte*, const byte*, word32); + + void SetIV(const byte* iv) { memcpy(reg_, iv, blockSz_); } +protected: + int blockSz_; + byte* reg_; + byte* tmp_; + + word32 r_[MaxBlockSz / sizeof(word32)]; // align reg_ on word32 + word32 t_[MaxBlockSz / sizeof(word32)]; // align tmp_ on word32 + + CipherDir dir_; + Mode mode_; + + void ECB_Process(byte*, const byte*, word32); + void CBC_Encrypt(byte*, const byte*, word32); + void CBC_Decrypt(byte*, const byte*, word32); + + Mode_BASE(const Mode_BASE&); // hide copy + Mode_BASE& operator=(const Mode_BASE&); // and assign + +private: + virtual void ProcessAndXorBlock(const byte*, const byte*, byte*) const = 0; +}; + + +inline void Mode_BASE::Process(byte* out, const byte* in, word32 sz) +{ + if (mode_ == ECB) + ECB_Process(out, in, sz); + else if (mode_ == CBC) { + if (dir_ == ENCRYPTION) + CBC_Encrypt(out, in, sz); + else + CBC_Decrypt(out, in, sz); + } +} + + +// ECB Process blocks +inline void Mode_BASE::ECB_Process(byte* out, const byte* in, word32 sz) +{ + word32 blocks = sz / blockSz_; + + while (blocks--) { + ProcessAndXorBlock(in, 0, out); + out += blockSz_; + in += blockSz_; + } +} + + +// CBC Encrypt +inline void Mode_BASE::CBC_Encrypt(byte* out, const byte* in, word32 sz) +{ + word32 blocks = sz / blockSz_; + + while (blocks--) { + xorbuf(reg_, in, blockSz_); + ProcessAndXorBlock(reg_, 0, reg_); + memcpy(out, reg_, blockSz_); + out += blockSz_; + in += blockSz_; + } +} + + +// CBC Decrypt +inline void Mode_BASE::CBC_Decrypt(byte* out, const byte* in, word32 sz) +{ + word32 blocks = sz / blockSz_; + byte hold[MaxBlockSz]; + + while (blocks--) { + memcpy(tmp_, in, blockSz_); + ProcessAndXorBlock(tmp_, 0, out); + xorbuf(out, reg_, blockSz_); + memcpy(hold, reg_, blockSz_); // swap reg_ and tmp_ + memcpy(reg_, tmp_, blockSz_); + memcpy(tmp_, hold, blockSz_); + out += blockSz_; + in += blockSz_; + } +} + + +} // namespace + +#endif // TAO_CRYPT_MODES_HPP diff --git a/mysql/extra/yassl/taocrypt/include/pwdbased.hpp b/mysql/extra/yassl/taocrypt/include/pwdbased.hpp new file mode 100644 index 0000000..cf4dff5 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/pwdbased.hpp @@ -0,0 +1,91 @@ +/* + Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + + +/* pwdbased.hpp defines PBKDF2 from PKCS #5 +*/ + + +#ifndef TAO_CRYPT_PWDBASED_HPP +#define TAO_CRYPT_PWDBASED_HPP + +#include +#include "misc.hpp" +#include "block.hpp" +#include "hmac.hpp" + +namespace TaoCrypt { + + +// From PKCS #5, T must be type suitable for HMAC +template +class PBKDF2_HMAC { +public: + word32 MaxDerivedKeyLength() const { return 0xFFFFFFFFU;} // avoid overflow + + word32 DeriveKey(byte* derived, word32 dLen, const byte* pwd, word32 pLen, + const byte* salt, word32 sLen, word32 iterations) const; +}; + + + +template +word32 PBKDF2_HMAC::DeriveKey(byte* derived, word32 dLen, const byte* pwd, + word32 pLen, const byte* salt, word32 sLen, + word32 iterations) const +{ + if (dLen > MaxDerivedKeyLength()) + return 0; + + ByteBlock buffer(T::DIGEST_SIZE); + HMAC hmac; + + hmac.SetKey(pwd, pLen); + + word32 i = 1; + + while (dLen > 0) { + hmac.Update(salt, sLen); + word32 j; + for (j = 0; j < 4; j++) { + byte b = i >> ((3-j)*8); + hmac.Update(&b, 1); + } + hmac.Final(buffer.get_buffer()); + + word32 segmentLen = min(dLen, buffer.size()); + memcpy(derived, buffer.get_buffer(), segmentLen); + + for (j = 1; j < iterations; j++) { + hmac.Update(buffer.get_buffer(), buffer.size()); + hmac.Final(buffer.get_buffer()); + xorbuf(derived, buffer.get_buffer(), segmentLen); + } + derived += segmentLen; + dLen -= segmentLen; + i++; + } + return iterations; +} + + + + +} // naemspace + +#endif // TAO_CRYPT_PWDBASED_HPP diff --git a/mysql/extra/yassl/taocrypt/include/rabbit.hpp b/mysql/extra/yassl/taocrypt/include/rabbit.hpp new file mode 100644 index 0000000..d3ec947 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/rabbit.hpp @@ -0,0 +1,65 @@ +/* + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* rabbit.hpp defines Rabbit +*/ + + +#ifndef TAO_CRYPT_RABBIT_HPP +#define TAO_CRYPT_RABBIT_HPP + +#include "misc.hpp" + +namespace TaoCrypt { + + +// Rabbit encryption and decryption +class Rabbit { +public: + + typedef Rabbit Encryption; + typedef Rabbit Decryption; + + enum RabbitCtx { Master = 0, Work = 1 }; + + Rabbit() {} + + void Process(byte*, const byte*, word32); + void SetKey(const byte*, const byte*); +private: + struct Ctx { + word32 x[8]; + word32 c[8]; + word32 carry; + }; + + Ctx masterCtx_; + Ctx workCtx_; + + void NextState(RabbitCtx); + void SetIV(const byte*); + + Rabbit(const Rabbit&); // hide copy + const Rabbit operator=(const Rabbit&); // and assign +}; + +} // namespace + + +#endif // TAO_CRYPT_RABBIT_HPP + diff --git a/mysql/extra/yassl/taocrypt/include/random.hpp b/mysql/extra/yassl/taocrypt/include/random.hpp new file mode 100644 index 0000000..70c4c0e --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/random.hpp @@ -0,0 +1,84 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* random.hpp provides a crypto secure Random Number Generator using an OS + specific seed +*/ + + +#ifndef TAO_CRYPT_RANDOM_HPP +#define TAO_CRYPT_RANDOM_HPP + +#include "arc4.hpp" +#include "error.hpp" + +namespace TaoCrypt { + + +// OS specific seeder +class OS_Seed { +public: + OS_Seed(); + ~OS_Seed(); + + void GenerateSeed(byte*, word32 sz); + Error GetError() const { return error_; } +private: +#if defined(_WIN32) + #if defined(_WIN64) + typedef unsigned __int64 ProviderHandle; + // type HCRYPTPROV, avoid #include + #else + typedef unsigned long ProviderHandle; + #endif + ProviderHandle handle_; +#else + int fd_; +#endif + Error error_; + + OS_Seed(const OS_Seed&); // hide copy + OS_Seed& operator=(const OS_Seed&); // hide assign +}; + + +// secure Random Nnumber Generator +class RandomNumberGenerator { +public: + RandomNumberGenerator(); + ~RandomNumberGenerator() {} + + void GenerateBlock(byte*, word32 sz); + byte GenerateByte(); + + ErrorNumber GetError() const { return seed_.GetError().What(); } +private: + OS_Seed seed_; + ARC4 cipher_; + + RandomNumberGenerator(const RandomNumberGenerator&); // hide copy + RandomNumberGenerator operator=(const RandomNumberGenerator&); // && assign +}; + + + + +} // namespace + +#endif // TAO_CRYPT_RANDOM_HPP + diff --git a/mysql/extra/yassl/taocrypt/include/ripemd.hpp b/mysql/extra/yassl/taocrypt/include/ripemd.hpp new file mode 100644 index 0000000..5fb8aa8 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/ripemd.hpp @@ -0,0 +1,69 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* ripemd.hpp provides RIPEMD digest support +*/ + +#ifndef TAO_CRYPT_RIPEMD_HPP +#define TAO_CRYPT_RIPEMD_HPP + +#include "hash.hpp" + + +#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) + #define DO_RIPEMD_ASM +#endif + +namespace TaoCrypt { + + +// RIPEMD160 digest +class RIPEMD160 : public HASHwithTransform { +public: + enum { BLOCK_SIZE = 64, DIGEST_SIZE = 20, PAD_SIZE = 56, + TAO_BYTE_ORDER = LittleEndianOrder }; // in Bytes + RIPEMD160() : HASHwithTransform(DIGEST_SIZE / sizeof(word32), BLOCK_SIZE) + { Init(); } + ByteOrder getByteOrder() const { return ByteOrder(TAO_BYTE_ORDER); } + word32 getBlockSize() const { return BLOCK_SIZE; } + word32 getDigestSize() const { return DIGEST_SIZE; } + word32 getPadSize() const { return PAD_SIZE; } + + RIPEMD160(const RIPEMD160&); + RIPEMD160& operator= (const RIPEMD160&); + +#ifdef DO_RIPEMD_ASM + void Update(const byte*, word32); +#endif + void Init(); + void Swap(RIPEMD160&); +private: + void Transform(); + void AsmTransform(const byte* data, word32 times); +}; + +inline void swap(RIPEMD160& a, RIPEMD160& b) +{ + a.Swap(b); +} + + +} // namespace + +#endif // TAO_CRYPT_RIPEMD_HPP + diff --git a/mysql/extra/yassl/taocrypt/include/rsa.hpp b/mysql/extra/yassl/taocrypt/include/rsa.hpp new file mode 100644 index 0000000..ee3e378 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/rsa.hpp @@ -0,0 +1,250 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* rsa.hpp provides RSA ES encrypt/decrypt, SSL (block type 1) sign and verify +*/ + +#ifndef TAO_CRYPT_RSA_HPP +#define TAO_CRYPT_RSA_HPP + +#include "integer.hpp" +#include "random.hpp" + + +namespace TaoCrypt { + +class Source; + + +// Public Key Length helper +class PK_Lengths { + const Integer& image_; +public: + explicit PK_Lengths(const Integer& i) : image_(i) {} + + word32 PaddedBlockBitLength() const {return image_.BitCount() - 1;} + word32 PaddedBlockByteLength() const + {return BitsToBytes(PaddedBlockBitLength());} + + word32 FixedCiphertextLength() const {return image_.ByteCount();} + word32 FixedMaxPlaintextLength() const + {return SaturatingSubtract(PaddedBlockBitLength() / 8, 10U); } +}; + + +// RSA Public Key +class RSA_PublicKey { +protected: + Integer n_; + Integer e_; +public: + RSA_PublicKey() {} + explicit RSA_PublicKey(Source&); + + void Initialize(const Integer& n, const Integer& e) {n_ = n; e_ = e;} + void Initialize(Source&); + + Integer ApplyFunction(const Integer& x) const; + + const Integer& GetModulus() const {return n_;} + const Integer& GetPublicExponent() const {return e_;} + + void SetModulus(const Integer& n) {n_ = n;} + void SetPublicExponent(const Integer& e) {e_ = e;} + + word32 FixedCiphertextLength() + { + return PK_Lengths(n_).FixedCiphertextLength(); + } + + RSA_PublicKey(const RSA_PublicKey& other) : n_(other.n_), e_(other.e_) {} + RSA_PublicKey& operator=(const RSA_PublicKey& that) + { + RSA_PublicKey tmp(that); + Swap(tmp); + return *this; + } + + void Swap(RSA_PublicKey& other) + { + n_.Swap(other.n_); + e_.Swap(other.e_); + } +}; + + +// RSA Private Key +class RSA_PrivateKey : public RSA_PublicKey { + Integer d_; + Integer p_; + Integer q_; + Integer dp_; + Integer dq_; + Integer u_; +public: + RSA_PrivateKey() {} + explicit RSA_PrivateKey(Source&); + + void Initialize(const Integer& n, const Integer& e, const Integer& d, + const Integer& p, const Integer& q, const Integer& dp, + const Integer& dq, const Integer& u) + {n_ = n; e_ = e; d_ = d; p_ = p; q_ = q; dp_ = dp; dq_ = dq; u_ = u;} + void Initialize(Source&); + + Integer CalculateInverse(RandomNumberGenerator&, const Integer&) const; + + const Integer& GetPrime1() const {return p_;} + const Integer& GetPrime2() const {return q_;} + const Integer& GetPrivateExponent() const {return d_;} + const Integer& GetModPrime1PrivateExponent() const {return dp_;} + const Integer& GetModPrime2PrivateExponent() const {return dq_;} + const Integer& GetMultiplicativeInverseOfPrime2ModPrime1() const + {return u_;} + + void SetPrime1(const Integer& p) {p_ = p;} + void SetPrime2(const Integer& q) {q_ = q;} + void SetPrivateExponent(const Integer& d) {d_ = d;} + void SetModPrime1PrivateExponent(const Integer& dp) {dp_ = dp;} + void SetModPrime2PrivateExponent(const Integer& dq) {dq_ = dq;} + void SetMultiplicativeInverseOfPrime2ModPrime1(const Integer& u) {u_ = u;} +private: + RSA_PrivateKey(const RSA_PrivateKey&); // hide copy + RSA_PrivateKey& operator=(const RSA_PrivateKey&); // and assign +}; + + +// block type 2 padding +class RSA_BlockType2 { +public: + void Pad(const byte*, word32, byte*, word32, + RandomNumberGenerator&) const; + word32 UnPad(const byte*, word32, byte*) const; +}; + + +// block type 1 padding +class RSA_BlockType1 { +public: + void Pad(const byte*, word32, byte*, word32, + RandomNumberGenerator&) const; + word32 UnPad(const byte*, word32, byte*) const; +}; + + +// RSA Encryptor, can use any padding +template +class RSA_Encryptor { + const RSA_PublicKey& key_; + Pad padding_; +public: + explicit RSA_Encryptor(const RSA_PublicKey& k) : key_(k) {} + + void Encrypt(const byte*, word32, byte*, RandomNumberGenerator&); + bool SSL_Verify(const byte* msg, word32 sz, const byte* sig); +}; + + +// RSA Decryptor, can use any padding +template +class RSA_Decryptor { + const RSA_PrivateKey& key_; + Pad padding_; +public: + explicit RSA_Decryptor(const RSA_PrivateKey& k) : key_(k) {} + + word32 Decrypt(const byte*, word32, byte*, RandomNumberGenerator&); + void SSL_Sign(const byte*, word32, byte*, RandomNumberGenerator&); +}; + + +// Public Encrypt +template +void RSA_Encryptor::Encrypt(const byte* plain, word32 sz, byte* cipher, + RandomNumberGenerator& rng) +{ + PK_Lengths lengths(key_.GetModulus()); + if (sz > lengths.FixedMaxPlaintextLength()) + return; + + ByteBlock paddedBlock(lengths.PaddedBlockByteLength()); + padding_.Pad(plain, sz, paddedBlock.get_buffer(), + lengths.PaddedBlockBitLength(), rng); + + key_.ApplyFunction(Integer(paddedBlock.get_buffer(), paddedBlock.size())). + Encode(cipher, lengths.FixedCiphertextLength()); +} + + +// Private Decrypt +template +word32 RSA_Decryptor::Decrypt(const byte* cipher, word32 sz, byte* plain, + RandomNumberGenerator& rng) +{ + PK_Lengths lengths(key_.GetModulus()); + + if (sz != lengths.FixedCiphertextLength()) + return 0; + + ByteBlock paddedBlock(lengths.PaddedBlockByteLength()); + Integer x = key_.CalculateInverse(rng, Integer(cipher, + lengths.FixedCiphertextLength()).Ref()); + if (x.ByteCount() > paddedBlock.size()) + x = Integer::Zero(); // don't return false, prevents timing attack + x.Encode(paddedBlock.get_buffer(), paddedBlock.size()); + return padding_.UnPad(paddedBlock.get_buffer(), + lengths.PaddedBlockBitLength(), plain); +} + + +// Private SSL type (block 1) Encrypt +template +void RSA_Decryptor::SSL_Sign(const byte* message, word32 sz, byte* sig, + RandomNumberGenerator& rng) +{ + RSA_PublicKey inverse; + inverse.Initialize(key_.GetModulus(), key_.GetPrivateExponent()); + RSA_Encryptor enc(inverse); // SSL Type + enc.Encrypt(message, sz, sig, rng); +} + + +word32 SSL_Decrypt(const RSA_PublicKey& key, const byte* sig, byte* plain); + + +// Public SSL type (block 1) Decrypt +template +bool RSA_Encryptor::SSL_Verify(const byte* message, word32 sz, + const byte* sig) +{ + ByteBlock plain(PK_Lengths(key_.GetModulus()).FixedMaxPlaintextLength()); + if (SSL_Decrypt(key_, sig, plain.get_buffer()) != sz) + return false; // not right justified or bad padding + + if ( (memcmp(plain.get_buffer(), message, sz)) == 0) + return true; + return false; +} + + +typedef RSA_Encryptor<> RSAES_Encryptor; +typedef RSA_Decryptor<> RSAES_Decryptor; + + +} // namespace + +#endif // TAO_CRYPT_RSA_HPP diff --git a/mysql/extra/yassl/taocrypt/include/runtime.hpp b/mysql/extra/yassl/taocrypt/include/runtime.hpp new file mode 100644 index 0000000..c984287 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/runtime.hpp @@ -0,0 +1,60 @@ +/* + Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* runtime.hpp provides C++ runtime support functions when building a pure C + * version of yaSSL, user must define YASSL_PURE_C +*/ + + + +#ifndef yaSSL_NEW_HPP +#define yaSSL_NEW_HPP + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#ifdef YASSL_PURE_C + +#ifdef __sun + + +// Handler for pure virtual functions +namespace __Crun { + void pure_error(void); +} // namespace __Crun + +#endif // __sun + + +#if defined(__GNUC__) && !(defined(__ICC) || defined(__INTEL_COMPILER)) + +#if __GNUC__ > 2 + +extern "C" { +#if defined(DO_TAOCRYPT_KERNEL_MODE) + #include "kernelc.hpp" +#endif + int __cxa_pure_virtual () __attribute__ ((weak)); +} // extern "C" + +#endif // __GNUC__ > 2 +#endif // compiler check +#endif // YASSL_PURE_C +#endif // yaSSL_NEW_HPP + diff --git a/mysql/extra/yassl/taocrypt/include/sha.hpp b/mysql/extra/yassl/taocrypt/include/sha.hpp new file mode 100644 index 0000000..cf6d0d0 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/sha.hpp @@ -0,0 +1,174 @@ +/* + Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* sha.hpp provides SHA-1 digests, see RFC 3174 +*/ + +#ifndef TAO_CRYPT_SHA_HPP +#define TAO_CRYPT_SHA_HPP + +#include "hash.hpp" + + +#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) + #define DO_SHA_ASM +#endif + +namespace TaoCrypt { + + +// SHA-1 digest +class SHA : public HASHwithTransform { +public: + enum { BLOCK_SIZE = 64, DIGEST_SIZE = 20, PAD_SIZE = 56, + TAO_BYTE_ORDER = BigEndianOrder}; // in Bytes + SHA() : HASHwithTransform(DIGEST_SIZE / sizeof(word32), BLOCK_SIZE) + { Init(); } + ByteOrder getByteOrder() const { return ByteOrder(TAO_BYTE_ORDER); } + word32 getBlockSize() const { return BLOCK_SIZE; } + word32 getDigestSize() const { return DIGEST_SIZE; } + word32 getPadSize() const { return PAD_SIZE; } + +#ifdef DO_SHA_ASM + void Update(const byte* data, word32 len); +#endif + void Init(); + + SHA(const SHA&); + SHA& operator= (const SHA&); + + void Swap(SHA&); +private: + void Transform(); + void AsmTransform(const byte* data, word32 times); +}; + + +inline void swap(SHA& a, SHA& b) +{ + a.Swap(b); +} + +// SHA-256 digest +class SHA256 : public HASHwithTransform { +public: + enum { BLOCK_SIZE = 64, DIGEST_SIZE = 32, PAD_SIZE = 56, + TAO_BYTE_ORDER = BigEndianOrder}; // in Bytes + SHA256() : HASHwithTransform(DIGEST_SIZE / sizeof(word32), BLOCK_SIZE) + { Init(); } + ByteOrder getByteOrder() const { return ByteOrder(TAO_BYTE_ORDER); } + word32 getBlockSize() const { return BLOCK_SIZE; } + word32 getDigestSize() const { return DIGEST_SIZE; } + word32 getPadSize() const { return PAD_SIZE; } + + void Init(); + + SHA256(const SHA256&); + SHA256& operator= (const SHA256&); + + void Swap(SHA256&); +private: + void Transform(); +}; + + +// SHA-224 digest +class SHA224 : public HASHwithTransform { +public: + enum { BLOCK_SIZE = 64, DIGEST_SIZE = 28, PAD_SIZE = 56, + TAO_BYTE_ORDER = BigEndianOrder}; // in Bytes + SHA224() : HASHwithTransform(SHA256::DIGEST_SIZE /sizeof(word32),BLOCK_SIZE) + { Init(); } + ByteOrder getByteOrder() const { return ByteOrder(TAO_BYTE_ORDER); } + word32 getBlockSize() const { return BLOCK_SIZE; } + word32 getDigestSize() const { return DIGEST_SIZE; } + word32 getPadSize() const { return PAD_SIZE; } + + void Init(); + + SHA224(const SHA224&); + SHA224& operator= (const SHA224&); + + void Swap(SHA224&); +private: + void Transform(); +}; + + +#ifdef WORD64_AVAILABLE + +// SHA-512 digest +class SHA512 : public HASH64withTransform { +public: + enum { BLOCK_SIZE = 128, DIGEST_SIZE = 64, PAD_SIZE = 112, + TAO_BYTE_ORDER = BigEndianOrder}; // in Bytes + SHA512() : HASH64withTransform(DIGEST_SIZE / sizeof(word64), BLOCK_SIZE) + { Init(); } + ByteOrder getByteOrder() const { return ByteOrder(TAO_BYTE_ORDER); } + word32 getBlockSize() const { return BLOCK_SIZE; } + word32 getDigestSize() const { return DIGEST_SIZE; } + word32 getPadSize() const { return PAD_SIZE; } + + void Init(); + + SHA512(const SHA512&); + SHA512& operator= (const SHA512&); + + void Swap(SHA512&); +private: + void Transform(); +}; + + +// SHA-384 digest +class SHA384 : public HASH64withTransform { +public: + enum { BLOCK_SIZE = 128, DIGEST_SIZE = 48, PAD_SIZE = 112, + TAO_BYTE_ORDER = BigEndianOrder}; // in Bytes + SHA384() : HASH64withTransform(SHA512::DIGEST_SIZE/ sizeof(word64), + BLOCK_SIZE) + { Init(); } + ByteOrder getByteOrder() const { return ByteOrder(TAO_BYTE_ORDER); } + word32 getBlockSize() const { return BLOCK_SIZE; } + word32 getDigestSize() const { return DIGEST_SIZE; } + word32 getPadSize() const { return PAD_SIZE; } + + void Init(); + + SHA384(const SHA384&); + SHA384& operator= (const SHA384&); + + void Swap(SHA384&); +private: + void Transform(); +}; + +enum { MAX_SHA2_DIGEST_SIZE = 64 }; // SHA512 + +#else + +enum { MAX_SHA2_DIGEST_SIZE = 32 }; // SHA256 + +#endif // WORD64_AVAILABLE + + +} // namespace + + +#endif // TAO_CRYPT_SHA_HPP + diff --git a/mysql/extra/yassl/taocrypt/include/twofish.hpp b/mysql/extra/yassl/taocrypt/include/twofish.hpp new file mode 100644 index 0000000..eeb9b6a --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/twofish.hpp @@ -0,0 +1,94 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* twofish.hpp defines Twofish +*/ + + +#ifndef TAO_CRYPT_TWOFISH_HPP +#define TAO_CRYPT_TWOFISH_HPP + +#include "misc.hpp" +#include "modes.hpp" +#ifdef USE_SYS_STL + #include +#else + #include "algorithm.hpp" +#endif + + +namespace STL = STL_NAMESPACE; + + +#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) + #define DO_TWOFISH_ASM +#endif + +namespace TaoCrypt { + +enum { TWOFISH_BLOCK_SIZE = 16 }; + + +// Twofish encryption and decryption, see +class Twofish : public Mode_BASE { +public: + enum { BLOCK_SIZE = TWOFISH_BLOCK_SIZE }; + + Twofish(CipherDir DIR, Mode MODE) + : Mode_BASE(BLOCK_SIZE, DIR, MODE) {} + +#ifdef DO_TWOFISH_ASM + void Process(byte*, const byte*, word32); +#endif + void SetKey(const byte* key, word32 sz, CipherDir fake = ENCRYPTION); + void SetIV(const byte* iv) { memcpy(r_, iv, BLOCK_SIZE); } +private: + static const byte q_[2][256]; + static const word32 mds_[4][256]; + + word32 k_[40]; + word32 s_[4][256]; + + static word32 h0(word32 x, const word32 *key, unsigned int kLen); + static word32 h(word32 x, const word32 *key, unsigned int kLen); + + void ProcessAndXorBlock(const byte*, const byte*, byte*) const; + + void encrypt(const byte*, const byte*, byte*) const; + void decrypt(const byte*, const byte*, byte*) const; + + void AsmEncrypt(const byte* inBlock, byte* outBlock) const; + void AsmDecrypt(const byte* inBlock, byte* outBlock) const; + + Twofish(const Twofish&); // hide copy + Twofish& operator=(const Twofish&); // and assign +}; + + +typedef BlockCipher Twofish_ECB_Encryption; +typedef BlockCipher Twofish_ECB_Decryption; + +typedef BlockCipher Twofish_CBC_Encryption; +typedef BlockCipher Twofish_CBC_Decryption; + + + +} // naemspace + +#endif // TAO_CRYPT_TWOFISH_HPP + diff --git a/mysql/extra/yassl/taocrypt/include/type_traits.hpp b/mysql/extra/yassl/taocrypt/include/type_traits.hpp new file mode 100644 index 0000000..8c6fe53 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/type_traits.hpp @@ -0,0 +1,77 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* type_traits defines fundamental types + * see discussion in C++ Templates, $19.1 +*/ + + +#ifndef TAO_CRYPT_TYPE_TRAITS_HPP +#define TAO_CRYPT_TYPE_TRAITS_HPP + +#include "types.hpp" + +namespace TaoCrypt { + + +// primary template: in general T is not a fundamental type + +template +class IsFundamentalType { + public: + enum { Yes = 0, No = 1 }; +}; + + +// macro to specialize for fundamental types +#define MK_FUNDAMENTAL_TYPE(T) \ + template<> class IsFundamentalType { \ + public: \ + enum { Yes = 1, No = 0 }; \ + }; + + +MK_FUNDAMENTAL_TYPE(void) + +MK_FUNDAMENTAL_TYPE(bool) +MK_FUNDAMENTAL_TYPE( char) +MK_FUNDAMENTAL_TYPE(signed char) +MK_FUNDAMENTAL_TYPE(unsigned char) + +MK_FUNDAMENTAL_TYPE(signed short) +MK_FUNDAMENTAL_TYPE(unsigned short) +MK_FUNDAMENTAL_TYPE(signed int) +MK_FUNDAMENTAL_TYPE(unsigned int) +MK_FUNDAMENTAL_TYPE(signed long) +MK_FUNDAMENTAL_TYPE(unsigned long) + +MK_FUNDAMENTAL_TYPE(float) +MK_FUNDAMENTAL_TYPE( double) +MK_FUNDAMENTAL_TYPE(long double) + +#if defined(WORD64_AVAILABLE) && defined(WORD64_IS_DISTINCT_TYPE) + MK_FUNDAMENTAL_TYPE(word64) +#endif + + +#undef MK_FUNDAMENTAL_TYPE + + +} // namespace + +#endif // TAO_CRYPT_TYPE_TRAITS_HPP diff --git a/mysql/extra/yassl/taocrypt/include/types.hpp b/mysql/extra/yassl/taocrypt/include/types.hpp new file mode 100644 index 0000000..67ea260 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/include/types.hpp @@ -0,0 +1,99 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* based on Wei Dai's misc.h from CryptoPP, basic crypt types */ + + +#ifndef TAO_CRYPT_TYPES_HPP +#define TAO_CRYPT_TYPES_HPP + +#ifdef HAVE_CONFIG_H + #include "config.h" +#endif + +namespace TaoCrypt { + + +#if defined(WORDS_BIGENDIAN) || (defined(__MWERKS__) && !defined(__INTEL__)) + #define BIG_ENDIAN_ORDER +#endif + +#ifndef BIG_ENDIAN_ORDER + #define LITTLE_ENDIAN_ORDER +#endif + + +typedef unsigned char byte; +typedef unsigned short word16; +typedef unsigned int word32; + +#if defined(_MSC_VER) || defined(__BCPLUSPLUS__) + #define WORD64_AVAILABLE + #define WORD64_IS_DISTINCT_TYPE + typedef unsigned __int64 word64; + #define W64LIT(x) x##ui64 +#elif SIZEOF_LONG == 8 + #define WORD64_AVAILABLE + typedef unsigned long word64; + #define W64LIT(x) x##LL +#elif SIZEOF_LONG_LONG == 8 + #define WORD64_AVAILABLE + #define WORD64_IS_DISTINCT_TYPE + typedef unsigned long long word64; + #define W64LIT(x) x##LL +#endif + + +// compilers we've found 64-bit multiply insructions for +#if defined(__GNUC__) || defined(_MSC_VER) || defined(__DECCXX) + #if !(defined(__ICC) || defined(__INTEL_COMPILER)) + #define HAVE_64_MULTIPLY + #endif +#endif + + +#if defined(HAVE_64_MULTIPLY) && (defined(__ia64__) \ + || defined(_ARCH_PPC64) || defined(__mips64) || defined(__x86_64__) \ + || defined(_M_X64) || defined(_M_IA64)) +// These platforms have 64-bit CPU registers. Unfortunately most C++ compilers +// don't allow any way to access the 64-bit by 64-bit multiply instruction +// without using assembly, so in order to use word64 as word, the assembly +// instruction must be defined in Dword::Multiply(). + typedef word32 hword; + typedef word64 word; +#else + #define TAOCRYPT_NATIVE_DWORD_AVAILABLE + #ifdef WORD64_AVAILABLE + #define TAOCRYPT_SLOW_WORD64 + typedef word16 hword; + typedef word32 word; + typedef word64 dword; + #else + typedef byte hword; + typedef word16 word; + typedef word32 dword; + #endif +#endif + +const word32 WORD_SIZE = sizeof(word); +const word32 WORD_BITS = WORD_SIZE * 8; + + +} // namespace + +#endif // TAO_CRYPT_TYPES_HPP diff --git a/mysql/extra/yassl/taocrypt/mySTL/algorithm.hpp b/mysql/extra/yassl/taocrypt/mySTL/algorithm.hpp new file mode 100644 index 0000000..83be964 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/mySTL/algorithm.hpp @@ -0,0 +1,108 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + + +/* mySTL algorithm implements max, min, for_each, swap, find_if, copy, + * copy_backward, fill + */ + +#ifndef mySTL_ALGORITHM_HPP +#define mySTL_ALGORITHM_HPP + + +namespace mySTL { + + +template +inline const T& max(const T& a, const T&b) +{ + return a < b ? b : a; +} + + +template +inline const T& min(const T& a, const T&b) +{ + return b < a ? b : a; +} + + +template +Func for_each(InIter first, InIter last, Func op) +{ + while (first != last) { + op(*first); + ++first; + } + return op; +} + + +template +inline void swap(T& a, T& b) +{ + T tmp = a; + a = b; + b = tmp; +} + + +template +InIter find_if(InIter first, InIter last, Pred pred) +{ + while (first != last && !pred(*first)) + ++first; + return first; +} + + +template +inline OutputIter copy(InputIter first, InputIter last, OutputIter place) +{ + while (first != last) { + *place = *first; + ++first; + ++place; + } + return place; +} + + +template +inline OutputIter +copy_backward(InputIter first, InputIter last, OutputIter place) +{ + while (first != last) + *--place = *--last; + return place; +} + + +template +void fill(InputIter first, InputIter last, const T& v) +{ + while (first != last) { + *first = v; + ++first; + } +} + + +} // namespace mySTL + +#endif // mySTL_ALGORITHM_HPP diff --git a/mysql/extra/yassl/taocrypt/mySTL/helpers.hpp b/mysql/extra/yassl/taocrypt/mySTL/helpers.hpp new file mode 100644 index 0000000..fc6e89d --- /dev/null +++ b/mysql/extra/yassl/taocrypt/mySTL/helpers.hpp @@ -0,0 +1,153 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + + +/* mySTL helpers implements misc constructs for vector and list + * + */ + +#ifndef mySTL_HELPERS_HPP +#define mySTL_HELPERS_HPP + +#include +#ifdef _MSC_VER + #include +#endif + +/* + Workaround for the lack of operator new(size_t, void*) + in IBM VA C++ 6.0 + Also used as a workaround to avoid including +*/ + struct Dummy {}; + + inline void* operator new(size_t size, Dummy* d) + { + return static_cast(d); + } + + // for compilers that want matching delete + inline void operator delete(void* ptr, Dummy* d) + { + } + + typedef Dummy* yassl_pointer; + +namespace mySTL { + + +template +inline void construct(T* p, const T2& value) +{ + new (reinterpret_cast(p)) T(value); +} + + +template +inline void construct(T* p) +{ + new (reinterpret_cast(p)) T(); +} + + +template +inline void destroy(T* p) +{ + p->~T(); +} + + +template +void destroy(Iter first, Iter last) +{ + while (first != last) { + destroy(&*first); + ++first; + } +} + + +template +PlaceIter uninit_copy(Iter first, Iter last, PlaceIter place) +{ + while (first != last) { + construct(&*place, *first); + ++first; + ++place; + } + return place; +} + + +template +PlaceIter uninit_fill_n(PlaceIter place, Size n, const T& value) +{ + while (n) { + construct(&*place, value); + --n; + ++place; + } + return place; +} + + +template +T* GetArrayMemory(size_t items) +{ + unsigned char* ret; + + #ifdef YASSL_LIB + ret = NEW_YS unsigned char[sizeof(T) * items]; + #else + ret = NEW_TC unsigned char[sizeof(T) * items]; + #endif + + return reinterpret_cast(ret); +} + + +template +void FreeArrayMemory(T* ptr) +{ + unsigned char* p = reinterpret_cast(ptr); + + #ifdef YASSL_LIB + yaSSL::ysArrayDelete(p); + #else + TaoCrypt::tcArrayDelete(p); + #endif +} + + + +inline void* GetMemory(size_t bytes) +{ + return GetArrayMemory(bytes); +} + + +inline void FreeMemory(void* ptr) +{ + FreeArrayMemory(ptr); +} + + + +} // namespace mySTL + +#endif // mySTL_HELPERS_HPP diff --git a/mysql/extra/yassl/taocrypt/mySTL/list.hpp b/mysql/extra/yassl/taocrypt/mySTL/list.hpp new file mode 100644 index 0000000..df03e0a --- /dev/null +++ b/mysql/extra/yassl/taocrypt/mySTL/list.hpp @@ -0,0 +1,367 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + + +/* mySTL list implements a simple list + * + */ + +#ifndef mySTL_LIST_HPP +#define mySTL_LIST_HPP + + +#include "helpers.hpp" + + +namespace mySTL { + + + +template +class list { + +#ifdef __SUNPRO_CC +/* + Sun Forte 7 C++ v. 5.4 needs class 'node' public to be visible to + the nested class 'iterator' (a non-standard behaviour). +*/ +public: +#endif + + struct node { + node(T t) : prev_(0), next_(0), value_(t) {} + + node* prev_; + node* next_; + T value_; + }; +public: + list() : head_(0), tail_(0), sz_(0) {} + ~list(); + + void push_front(T); + void pop_front(); + T front() const; + void push_back(T); + void pop_back(); + T back() const; + bool remove(T); + size_t size() const { return sz_; } + bool empty() const { return sz_ == 0; } + + class iterator { + node* current_; + public: + explicit iterator(node* p = 0) : current_(p) {} + + T& operator*() const + { + return current_->value_; + } + + T* operator->() const + { + return &(operator*()); + } + + iterator& operator++() + { + current_ = current_->next_; + return *this; + } + + iterator& operator--() + { + current_ = current_->prev_; + return *this; + } + + iterator operator++(int) + { + iterator tmp = *this; + current_ = current_->next_; + return tmp; + } + + iterator operator--(int) + { + iterator tmp = *this; + current_ = current_->prev_; + return tmp; + } + + bool operator==(const iterator& other) const + { + return current_ == other.current_; + } + + bool operator!=(const iterator& other) const + { + return current_ != other.current_; + } + + friend class list; + }; + + + class reverse_iterator { + node* current_; + public: + explicit reverse_iterator(node* p = 0) : current_(p) {} + + T& operator*() const + { + return current_->value_; + } + + T* operator->() const + { + return &(operator*()); + } + + reverse_iterator& operator++() + { + current_ = current_->prev_; + return *this; + } + + reverse_iterator& operator--() + { + current_ = current_->next_; + return *this; + } + + reverse_iterator operator++(int) + { + reverse_iterator tmp = *this; + current_ = current_->prev_; + return tmp; + } + + reverse_iterator operator--(int) + { + reverse_iterator tmp = *this; + current_ = current_->next_; + return tmp; + } + + bool operator==(const reverse_iterator& other) const + { + return current_ == other.current_; + } + + bool operator!=(const reverse_iterator& other) const + { + return current_ != other.current_; + } + + friend class list; + }; + + bool erase(iterator); + + iterator begin() const { return iterator(head_); } + reverse_iterator rbegin() const { return reverse_iterator(tail_); } + iterator end() const { return iterator(); } + reverse_iterator rend() const { return reverse_iterator(); } + + typedef iterator const_iterator; // for now + + class underflow {}; + class overflow {}; +private: + node* head_; + node* tail_; + size_t sz_; + + node* look_up(T); + + list(const list&); // hide copy + list& operator=(const list&); // and assign +}; + + +template +list::~list() +{ + node* start = head_; + node* next_; + + for (; start; start = next_) { + next_ = start->next_; + destroy(start); + FreeMemory(start); + } +} + + +template +void list::push_front(T t) +{ + void* mem = GetMemory(sizeof(node)); + node* add = new (reinterpret_cast(mem)) node(t); + + if (head_) { + add->next_ = head_; + head_->prev_ = add; + } + else + tail_ = add; + + head_ = add; + ++sz_; +} + + +template +void list::pop_front() +{ + node* front = head_; + + if (head_ == 0) + return; + else if (head_ == tail_) + head_ = tail_ = 0; + else { + head_ = head_->next_; + head_->prev_ = 0; + } + destroy(front); + FreeMemory(front); + --sz_; +} + + +template +T list::front() const +{ + if (head_ == 0) return T(); + return head_->value_; +} + + +template +void list::push_back(T t) +{ + void* mem = GetMemory(sizeof(node)); + node* add = new (reinterpret_cast(mem)) node(t); + + if (tail_) { + tail_->next_ = add; + add->prev_ = tail_; + } + else + head_ = add; + + tail_ = add; + ++sz_; +} + + +template +void list::pop_back() +{ + node* rear = tail_; + + if (tail_ == 0) + return; + else if (tail_ == head_) + tail_ = head_ = 0; + else { + tail_ = tail_->prev_; + tail_->next_ = 0; + } + destroy(rear); + FreeMemory(rear); + --sz_; +} + + +template +T list::back() const +{ + if (tail_ == 0) return T(); + return tail_->value_; +} + + +template +typename list::node* list::look_up(T t) +{ + node* list = head_; + + if (list == 0) return 0; + + for (; list; list = list->next_) + if (list->value_ == t) + return list; + + return 0; +} + + +template +bool list::remove(T t) +{ + node* del = look_up(t); + + if (del == 0) + return false; + else if (del == head_) + pop_front(); + else if (del == tail_) + pop_back(); + else { + del->prev_->next_ = del->next_; + del->next_->prev_ = del->prev_; + + destroy(del); + FreeMemory(del); + --sz_; + } + return true; +} + + +template +bool list::erase(iterator iter) +{ + node* del = iter.current_; + + if (del == 0) + return false; + else if (del == head_) + pop_front(); + else if (del == tail_) + pop_back(); + else { + del->prev_->next_ = del->next_; + del->next_->prev_ = del->prev_; + + destroy(del); + FreeMemory(del); + --sz_; + } + return true; +} + + + +} // namespace mySTL + +#endif // mySTL_LIST_HPP diff --git a/mysql/extra/yassl/taocrypt/mySTL/memory.hpp b/mysql/extra/yassl/taocrypt/mySTL/memory.hpp new file mode 100644 index 0000000..7e709be --- /dev/null +++ b/mysql/extra/yassl/taocrypt/mySTL/memory.hpp @@ -0,0 +1,136 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + + +/* mySTL memory implements auto_ptr + * + */ + +#ifndef mySTL_MEMORY_HPP +#define mySTL_MEMORY_HPP + +#include "memory_array.hpp" // for auto_array + +#ifdef _MSC_VER + // disable operator-> warning for builtins + #pragma warning(disable:4284) +#endif + + +namespace mySTL { + + +template +struct auto_ptr_ref { + T* ptr_; + explicit auto_ptr_ref(T* p) : ptr_(p) {} +}; + + +template +class auto_ptr { + T* ptr_; + + void Destroy() + { + #ifdef YASSL_LIB + yaSSL::ysDelete(ptr_); + #else + TaoCrypt::tcDelete(ptr_); + #endif + } +public: + explicit auto_ptr(T* p = 0) : ptr_(p) {} + + ~auto_ptr() + { + Destroy(); + } + + + auto_ptr(auto_ptr& other) : ptr_(other.release()) {} + + auto_ptr& operator=(auto_ptr& that) + { + if (this != &that) { + Destroy(); + ptr_ = that.release(); + } + return *this; + } + + + T* operator->() const + { + return ptr_; + } + + T& operator*() const + { + return *ptr_; + } + + T* get() const + { + return ptr_; + } + + T* release() + { + T* tmp = ptr_; + ptr_ = 0; + return tmp; + } + + void reset(T* p = 0) + { + if (ptr_ != p) { + Destroy(); + ptr_ = p; + } + } + + // auto_ptr_ref conversions + auto_ptr(auto_ptr_ref ref) : ptr_(ref.ptr_) {} + + auto_ptr& operator=(auto_ptr_ref ref) + { + if (this->ptr_ != ref.ptr_) { + Destroy(); + ptr_ = ref.ptr_; + } + return *this; + } + + template + operator auto_ptr() + { + return auto_ptr(this->release()); + } + + template + operator auto_ptr_ref() + { + return auto_ptr_ref(this->release()); + } +}; + + +} // namespace mySTL + +#endif // mySTL_MEMORY_HPP diff --git a/mysql/extra/yassl/taocrypt/mySTL/memory_array.hpp b/mysql/extra/yassl/taocrypt/mySTL/memory_array.hpp new file mode 100644 index 0000000..1c238d9 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/mySTL/memory_array.hpp @@ -0,0 +1,135 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + + +/* mySTL memory_arry implements auto_array + * + */ + +#ifndef mySTL_MEMORY_ARRAY_HPP +#define mySTL_MEMORY_ARRAY_HPP + + +#ifdef _MSC_VER + // disable operator-> warning for builtins + #pragma warning(disable:4284) +#endif + + +namespace mySTL { + + +template +struct auto_array_ref { + T* ptr_; + explicit auto_array_ref(T* p) : ptr_(p) {} +}; + + +template +class auto_array { + T* ptr_; + + void Destroy() + { + #ifdef YASSL_LIB + yaSSL::ysArrayDelete(ptr_); + #else + TaoCrypt::tcArrayDelete(ptr_); + #endif + } +public: + explicit auto_array(T* p = 0) : ptr_(p) {} + + ~auto_array() + { + Destroy(); + } + + + auto_array(auto_array& other) : ptr_(other.release()) {} + + auto_array& operator=(auto_array& that) + { + if (this != &that) { + Destroy(); + ptr_ = that.release(); + } + return *this; + } + + + T* operator->() const + { + return ptr_; + } + + T& operator*() const + { + return *ptr_; + } + + T* get() const + { + return ptr_; + } + + T* release() + { + T* tmp = ptr_; + ptr_ = 0; + return tmp; + } + + void reset(T* p = 0) + { + if (ptr_ != p) { + Destroy(); + ptr_ = p; + } + } + + // auto_array_ref conversions + auto_array(auto_array_ref ref) : ptr_(ref.ptr_) {} + + auto_array& operator=(auto_array_ref ref) + { + if (this->ptr_ != ref.ptr_) { + Destroy(); + ptr_ = ref.ptr_; + } + return *this; + } + + template + operator auto_array() + { + return auto_array(this->release()); + } + + template + operator auto_array_ref() + { + return auto_array_ref(this->release()); + } +}; + + +} // namespace mySTL + +#endif // mySTL_MEMORY_ARRAY_HPP diff --git a/mysql/extra/yassl/taocrypt/mySTL/pair.hpp b/mysql/extra/yassl/taocrypt/mySTL/pair.hpp new file mode 100644 index 0000000..545827a --- /dev/null +++ b/mysql/extra/yassl/taocrypt/mySTL/pair.hpp @@ -0,0 +1,58 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + + +/* mySTL pair implements pair + * + */ + +#ifndef mySTL_PAIR_HPP +#define mySTL_PAIR_HPP + + + +namespace mySTL { + + +template +struct pair { + typedef T1 first_type; + typedef T2 second_type; + + first_type first; + second_type second; + + pair() {} + pair(const T1& t1, const T2& t2) : first(t1), second(t2) {} + + template + pair(const pair& p) : first(p.first), second(p.second) {} +}; + + +template +inline pair make_pair(const T1& a, const T2& b) +{ + return pair(a, b); +} + + + +} // namespace mySTL + +#endif // mySTL_PAIR_HPP diff --git a/mysql/extra/yassl/taocrypt/mySTL/stdexcept.hpp b/mysql/extra/yassl/taocrypt/mySTL/stdexcept.hpp new file mode 100644 index 0000000..79ae6de --- /dev/null +++ b/mysql/extra/yassl/taocrypt/mySTL/stdexcept.hpp @@ -0,0 +1,76 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + + +/* mySTL memory implements exception, runtime_error + * + */ + +#ifndef mySTL_STDEXCEPT_HPP +#define mySTL_STDEXCEPT_HPP + + +#include // strncpy +#include // size_t + + +namespace mySTL { + + +class exception { +public: + exception() {} + virtual ~exception() {} // to shut up compiler warnings + + virtual const char* what() const { return ""; } + + // for compiler generated call, never used + static void operator delete(void*) { } +private: + // don't allow dynamic creation of exceptions + static void* operator new(size_t); +}; + + +class named_exception : public exception { +public: + enum { NAME_SIZE = 80 }; + + explicit named_exception(const char* str) + { + strncpy(name_, str, NAME_SIZE); + name_[NAME_SIZE - 1] = 0; + } + + virtual const char* what() const { return name_; } +private: + char name_[NAME_SIZE]; +}; + + +class runtime_error : public named_exception { +public: + explicit runtime_error(const char* str) : named_exception(str) {} +}; + + + + +} // namespace mySTL + +#endif // mySTL_STDEXCEPT_HPP diff --git a/mysql/extra/yassl/taocrypt/mySTL/vector.hpp b/mysql/extra/yassl/taocrypt/mySTL/vector.hpp new file mode 100644 index 0000000..f3702b7 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/mySTL/vector.hpp @@ -0,0 +1,153 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + + +/* mySTL vector implements simple vector, w/ swap + * + */ + +#ifndef mySTL_VECTOR_HPP +#define mySTL_VECTOR_HPP + +#include "helpers.hpp" // construct, destory, fill, etc. +#include "algorithm.hpp" // swap + + +namespace mySTL { + + +template +struct vector_base { + T* start_; + T* finish_; + T* end_of_storage_; + + vector_base() : start_(0), finish_(0), end_of_storage_(0) {} + vector_base(size_t n) + { + start_ = GetArrayMemory(n); + finish_ = start_; + end_of_storage_ = start_ + n; + } + + ~vector_base() + { + FreeArrayMemory(start_); + } + + void Swap(vector_base& that) + { + swap(start_, that.start_); + swap(finish_, that.finish_); + swap(end_of_storage_, that.end_of_storage_); + } +}; + + + +template +class vector { +public: + typedef T* iterator; + typedef const T* const_iterator; + + vector() {} + explicit vector(size_t n) : vec_(n) + { + vec_.finish_ = uninit_fill_n(vec_.start_, n, T()); + } + + ~vector() { destroy(vec_.start_, vec_.finish_); } + + vector(const vector& other) : vec_(other.size()) + { + vec_.finish_ = uninit_copy(other.vec_.start_, other.vec_.finish_, + vec_.start_); + } + + size_t capacity() const { return vec_.end_of_storage_ - vec_.start_; } + + size_t size() const { return vec_.finish_ - vec_.start_; } + + T& operator[](size_t idx) { return *(vec_.start_ + idx); } + const T& operator[](size_t idx) const { return *(vec_.start_ + idx); } + + const T* begin() const { return vec_.start_; } + const T* end() const { return vec_.finish_; } + + void push_back(const T& v) + { + if (vec_.finish_ != vec_.end_of_storage_) { + construct(vec_.finish_, v); + ++vec_.finish_; + } + else { + vector tmp(size() * 2 + 1, *this); + construct(tmp.vec_.finish_, v); + ++tmp.vec_.finish_; + Swap(tmp); + } + } + + void resize(size_t n, const T& v) + { + if (n == size()) return; + + if (n < size()) { + T* first = vec_.start_ + n; + destroy(first, vec_.finish_); + vec_.finish_ -= vec_.finish_ - first; + } + else { + vector tmp(n, *this); + tmp.vec_.finish_ = uninit_fill_n(tmp.vec_.finish_, n - size(), v); + Swap(tmp); + } + } + + void reserve(size_t n) + { + if (capacity() < n) { + vector tmp(n, *this); + Swap(tmp); + } + } + + void Swap(vector& that) + { + vec_.Swap(that.vec_); + } +private: + vector_base vec_; + + vector& operator=(const vector&); // hide assign + + // for growing, n must be bigger than other size + vector(size_t n, const vector& other) : vec_(n) + { + if (n > other.size()) + vec_.finish_ = uninit_copy(other.vec_.start_, other.vec_.finish_, + vec_.start_); + } +}; + + + +} // namespace mySTL + +#endif // mySTL_VECTOR_HPP diff --git a/mysql/extra/yassl/taocrypt/src/aes.cpp b/mysql/extra/yassl/taocrypt/src/aes.cpp new file mode 100644 index 0000000..3fcf80a --- /dev/null +++ b/mysql/extra/yassl/taocrypt/src/aes.cpp @@ -0,0 +1,1885 @@ +/* + Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* C++ based on Wei Dai's aes.cpp from CryptoPP */ +/* x86 asm original */ + +#if defined(TAOCRYPT_KERNEL_MODE) + #define DO_TAOCRYPT_KERNEL_MODE +#endif // only some modules now support this + +#include "runtime.hpp" +#include "aes.hpp" + + +namespace TaoCrypt { + + +#if defined(DO_AES_ASM) + +// ia32 optimized version +void AES::Process(byte* out, const byte* in, word32 sz) +{ + if (!isMMX) { + Mode_BASE::Process(out, in, sz); + return; + } + + word32 blocks = sz / BLOCK_SIZE; + + if (mode_ == ECB) + while (blocks--) { + if (dir_ == ENCRYPTION) + AsmEncrypt(in, out, (void*)Te0); + else + AsmDecrypt(in, out, (void*)Td0); + out += BLOCK_SIZE; + in += BLOCK_SIZE; + } + else if (mode_ == CBC) { + if (dir_ == ENCRYPTION) { + while (blocks--) { + r_[0] ^= *(word32*)in; + r_[1] ^= *(word32*)(in + 4); + r_[2] ^= *(word32*)(in + 8); + r_[3] ^= *(word32*)(in + 12); + + AsmEncrypt((byte*)r_, (byte*)r_, (void*)Te0); + + memcpy(out, r_, BLOCK_SIZE); + out += BLOCK_SIZE; + in += BLOCK_SIZE; + } + } + else { + while (blocks--) { + AsmDecrypt(in, out, (void*)Td0); + + *(word32*)out ^= r_[0]; + *(word32*)(out + 4) ^= r_[1]; + *(word32*)(out + 8) ^= r_[2]; + *(word32*)(out + 12) ^= r_[3]; + + memcpy(r_, in, BLOCK_SIZE); + out += BLOCK_SIZE; + in += BLOCK_SIZE; + } + } + } +} + +#endif // DO_AES_ASM + + +void AES::SetKey(const byte* userKey, word32 keylen, CipherDir /*dummy*/) +{ + if (keylen <= 16) + keylen = 16; + else if (keylen >= 32) + keylen = 32; + else if (keylen != 24) + keylen = 24; + + rounds_ = keylen/4 + 6; + + word32 temp, *rk = key_; + unsigned int i=0; + + GetUserKey(BigEndianOrder, rk, keylen/4, userKey, keylen); + + switch(keylen) + { + case 16: + while (true) + { + temp = rk[3]; + rk[4] = rk[0] ^ + (Te2[GETBYTE(temp, 2)] & 0xff000000) ^ + (Te3[GETBYTE(temp, 1)] & 0x00ff0000) ^ + (Te0[GETBYTE(temp, 0)] & 0x0000ff00) ^ + (Te1[GETBYTE(temp, 3)] & 0x000000ff) ^ + rcon_[i]; + rk[5] = rk[1] ^ rk[4]; + rk[6] = rk[2] ^ rk[5]; + rk[7] = rk[3] ^ rk[6]; + if (++i == 10) + break; + rk += 4; + } + break; + + case 24: + while (true) // for (;;) here triggers a bug in VC60 SP4 w/ Pro Pack + { + temp = rk[ 5]; + rk[ 6] = rk[ 0] ^ + (Te2[GETBYTE(temp, 2)] & 0xff000000) ^ + (Te3[GETBYTE(temp, 1)] & 0x00ff0000) ^ + (Te0[GETBYTE(temp, 0)] & 0x0000ff00) ^ + (Te1[GETBYTE(temp, 3)] & 0x000000ff) ^ + rcon_[i]; + rk[ 7] = rk[ 1] ^ rk[ 6]; + rk[ 8] = rk[ 2] ^ rk[ 7]; + rk[ 9] = rk[ 3] ^ rk[ 8]; + if (++i == 8) + break; + rk[10] = rk[ 4] ^ rk[ 9]; + rk[11] = rk[ 5] ^ rk[10]; + rk += 6; + } + break; + + case 32: + while (true) + { + temp = rk[ 7]; + rk[ 8] = rk[ 0] ^ + (Te2[GETBYTE(temp, 2)] & 0xff000000) ^ + (Te3[GETBYTE(temp, 1)] & 0x00ff0000) ^ + (Te0[GETBYTE(temp, 0)] & 0x0000ff00) ^ + (Te1[GETBYTE(temp, 3)] & 0x000000ff) ^ + rcon_[i]; + rk[ 9] = rk[ 1] ^ rk[ 8]; + rk[10] = rk[ 2] ^ rk[ 9]; + rk[11] = rk[ 3] ^ rk[10]; + if (++i == 7) + break; + temp = rk[11]; + rk[12] = rk[ 4] ^ + (Te2[GETBYTE(temp, 3)] & 0xff000000) ^ + (Te3[GETBYTE(temp, 2)] & 0x00ff0000) ^ + (Te0[GETBYTE(temp, 1)] & 0x0000ff00) ^ + (Te1[GETBYTE(temp, 0)] & 0x000000ff); + rk[13] = rk[ 5] ^ rk[12]; + rk[14] = rk[ 6] ^ rk[13]; + rk[15] = rk[ 7] ^ rk[14]; + + rk += 8; + } + break; + } + + if (dir_ == DECRYPTION) + { + unsigned int i, j; + rk = key_; + + /* invert the order of the round keys: */ + for (i = 0, j = 4*rounds_; i < j; i += 4, j -= 4) { + temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp; + temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp; + temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp; + temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp; + } + // apply the inverse MixColumn transform to all round keys but the + // first and the last: + for (i = 1; i < rounds_; i++) { + rk += 4; + rk[0] = + Td0[Te1[GETBYTE(rk[0], 3)] & 0xff] ^ + Td1[Te1[GETBYTE(rk[0], 2)] & 0xff] ^ + Td2[Te1[GETBYTE(rk[0], 1)] & 0xff] ^ + Td3[Te1[GETBYTE(rk[0], 0)] & 0xff]; + rk[1] = + Td0[Te1[GETBYTE(rk[1], 3)] & 0xff] ^ + Td1[Te1[GETBYTE(rk[1], 2)] & 0xff] ^ + Td2[Te1[GETBYTE(rk[1], 1)] & 0xff] ^ + Td3[Te1[GETBYTE(rk[1], 0)] & 0xff]; + rk[2] = + Td0[Te1[GETBYTE(rk[2], 3)] & 0xff] ^ + Td1[Te1[GETBYTE(rk[2], 2)] & 0xff] ^ + Td2[Te1[GETBYTE(rk[2], 1)] & 0xff] ^ + Td3[Te1[GETBYTE(rk[2], 0)] & 0xff]; + rk[3] = + Td0[Te1[GETBYTE(rk[3], 3)] & 0xff] ^ + Td1[Te1[GETBYTE(rk[3], 2)] & 0xff] ^ + Td2[Te1[GETBYTE(rk[3], 1)] & 0xff] ^ + Td3[Te1[GETBYTE(rk[3], 0)] & 0xff]; + } + } +} + + +void AES::ProcessAndXorBlock(const byte* in, const byte* xOr, byte* out) const +{ + if (dir_ == ENCRYPTION) + encrypt(in, xOr, out); + else + decrypt(in, xOr, out); +} + + +typedef BlockGetAndPut gpBlock; + + +void AES::encrypt(const byte* inBlock, const byte* xorBlock, + byte* outBlock) const +{ + word32 s0, s1, s2, s3; + word32 t0, t1, t2, t3; + + const word32 *rk = key_; + /* + * map byte array block to cipher state + * and add initial round key: + */ + gpBlock::Get(inBlock)(s0)(s1)(s2)(s3); + s0 ^= rk[0]; + s1 ^= rk[1]; + s2 ^= rk[2]; + s3 ^= rk[3]; + + s0 |= PreFetchTe(); + /* + * Nr - 1 full rounds: + */ + + unsigned int r = rounds_ >> 1; + for (;;) { + t0 = + Te0[GETBYTE(s0, 3)] ^ + Te1[GETBYTE(s1, 2)] ^ + Te2[GETBYTE(s2, 1)] ^ + Te3[GETBYTE(s3, 0)] ^ + rk[4]; + t1 = + Te0[GETBYTE(s1, 3)] ^ + Te1[GETBYTE(s2, 2)] ^ + Te2[GETBYTE(s3, 1)] ^ + Te3[GETBYTE(s0, 0)] ^ + rk[5]; + t2 = + Te0[GETBYTE(s2, 3)] ^ + Te1[GETBYTE(s3, 2)] ^ + Te2[GETBYTE(s0, 1)] ^ + Te3[GETBYTE(s1, 0)] ^ + rk[6]; + t3 = + Te0[GETBYTE(s3, 3)] ^ + Te1[GETBYTE(s0, 2)] ^ + Te2[GETBYTE(s1, 1)] ^ + Te3[GETBYTE(s2, 0)] ^ + rk[7]; + + rk += 8; + if (--r == 0) { + break; + } + + s0 = + Te0[GETBYTE(t0, 3)] ^ + Te1[GETBYTE(t1, 2)] ^ + Te2[GETBYTE(t2, 1)] ^ + Te3[GETBYTE(t3, 0)] ^ + rk[0]; + s1 = + Te0[GETBYTE(t1, 3)] ^ + Te1[GETBYTE(t2, 2)] ^ + Te2[GETBYTE(t3, 1)] ^ + Te3[GETBYTE(t0, 0)] ^ + rk[1]; + s2 = + Te0[GETBYTE(t2, 3)] ^ + Te1[GETBYTE(t3, 2)] ^ + Te2[GETBYTE(t0, 1)] ^ + Te3[GETBYTE(t1, 0)] ^ + rk[2]; + s3 = + Te0[GETBYTE(t3, 3)] ^ + Te1[GETBYTE(t0, 2)] ^ + Te2[GETBYTE(t1, 1)] ^ + Te3[GETBYTE(t2, 0)] ^ + rk[3]; + } + + /* + * apply last round and + * map cipher state to byte array block: + */ + + s0 = + (Te2[GETBYTE(t0, 3)] & 0xff000000) ^ + (Te3[GETBYTE(t1, 2)] & 0x00ff0000) ^ + (Te0[GETBYTE(t2, 1)] & 0x0000ff00) ^ + (Te1[GETBYTE(t3, 0)] & 0x000000ff) ^ + rk[0]; + s1 = + (Te2[GETBYTE(t1, 3)] & 0xff000000) ^ + (Te3[GETBYTE(t2, 2)] & 0x00ff0000) ^ + (Te0[GETBYTE(t3, 1)] & 0x0000ff00) ^ + (Te1[GETBYTE(t0, 0)] & 0x000000ff) ^ + rk[1]; + s2 = + (Te2[GETBYTE(t2, 3)] & 0xff000000) ^ + (Te3[GETBYTE(t3, 2)] & 0x00ff0000) ^ + (Te0[GETBYTE(t0, 1)] & 0x0000ff00) ^ + (Te1[GETBYTE(t1, 0)] & 0x000000ff) ^ + rk[2]; + s3 = + (Te2[GETBYTE(t3, 3)] & 0xff000000) ^ + (Te3[GETBYTE(t0, 2)] & 0x00ff0000) ^ + (Te0[GETBYTE(t1, 1)] & 0x0000ff00) ^ + (Te1[GETBYTE(t2, 0)] & 0x000000ff) ^ + rk[3]; + + + gpBlock::Put(xorBlock, outBlock)(s0)(s1)(s2)(s3); +} + + +void AES::decrypt(const byte* inBlock, const byte* xorBlock, + byte* outBlock) const +{ + word32 s0, s1, s2, s3; + word32 t0, t1, t2, t3; + const word32* rk = key_; + + /* + * map byte array block to cipher state + * and add initial round key: + */ + gpBlock::Get(inBlock)(s0)(s1)(s2)(s3); + s0 ^= rk[0]; + s1 ^= rk[1]; + s2 ^= rk[2]; + s3 ^= rk[3]; + + s0 |= PreFetchTd(); + + /* + * Nr - 1 full rounds: + */ + + unsigned int r = rounds_ >> 1; + for (;;) { + t0 = + Td0[GETBYTE(s0, 3)] ^ + Td1[GETBYTE(s3, 2)] ^ + Td2[GETBYTE(s2, 1)] ^ + Td3[GETBYTE(s1, 0)] ^ + rk[4]; + t1 = + Td0[GETBYTE(s1, 3)] ^ + Td1[GETBYTE(s0, 2)] ^ + Td2[GETBYTE(s3, 1)] ^ + Td3[GETBYTE(s2, 0)] ^ + rk[5]; + t2 = + Td0[GETBYTE(s2, 3)] ^ + Td1[GETBYTE(s1, 2)] ^ + Td2[GETBYTE(s0, 1)] ^ + Td3[GETBYTE(s3, 0)] ^ + rk[6]; + t3 = + Td0[GETBYTE(s3, 3)] ^ + Td1[GETBYTE(s2, 2)] ^ + Td2[GETBYTE(s1, 1)] ^ + Td3[GETBYTE(s0, 0)] ^ + rk[7]; + + rk += 8; + if (--r == 0) { + break; + } + + s0 = + Td0[GETBYTE(t0, 3)] ^ + Td1[GETBYTE(t3, 2)] ^ + Td2[GETBYTE(t2, 1)] ^ + Td3[GETBYTE(t1, 0)] ^ + rk[0]; + s1 = + Td0[GETBYTE(t1, 3)] ^ + Td1[GETBYTE(t0, 2)] ^ + Td2[GETBYTE(t3, 1)] ^ + Td3[GETBYTE(t2, 0)] ^ + rk[1]; + s2 = + Td0[GETBYTE(t2, 3)] ^ + Td1[GETBYTE(t1, 2)] ^ + Td2[GETBYTE(t0, 1)] ^ + Td3[GETBYTE(t3, 0)] ^ + rk[2]; + s3 = + Td0[GETBYTE(t3, 3)] ^ + Td1[GETBYTE(t2, 2)] ^ + Td2[GETBYTE(t1, 1)] ^ + Td3[GETBYTE(t0, 0)] ^ + rk[3]; + } + /* + * apply last round and + * map cipher state to byte array block: + */ + + t0 |= PreFetchCTd4(); + + s0 = + ((word32)CTd4[GETBYTE(t0, 3)] << 24) ^ + ((word32)CTd4[GETBYTE(t3, 2)] << 16) ^ + ((word32)CTd4[GETBYTE(t2, 1)] << 8) ^ + ((word32)CTd4[GETBYTE(t1, 0)]) ^ + rk[0]; + s1 = + ((word32)CTd4[GETBYTE(t1, 3)] << 24) ^ + ((word32)CTd4[GETBYTE(t0, 2)] << 16) ^ + ((word32)CTd4[GETBYTE(t3, 1)] << 8) ^ + ((word32)CTd4[GETBYTE(t2, 0)]) ^ + rk[1]; + s2 = + ((word32)CTd4[GETBYTE(t2, 3)] << 24 ) ^ + ((word32)CTd4[GETBYTE(t1, 2)] << 16 ) ^ + ((word32)CTd4[GETBYTE(t0, 1)] << 8 ) ^ + ((word32)CTd4[GETBYTE(t3, 0)]) ^ + rk[2]; + s3 = + ((word32)CTd4[GETBYTE(t3, 3)] << 24) ^ + ((word32)CTd4[GETBYTE(t2, 2)] << 16) ^ + ((word32)CTd4[GETBYTE(t1, 1)] << 8) ^ + ((word32)CTd4[GETBYTE(t0, 0)]) ^ + rk[3]; + + gpBlock::Put(xorBlock, outBlock)(s0)(s1)(s2)(s3); +} + + +#if defined(DO_AES_ASM) + #ifdef __GNUC__ + #define AS1(x) #x ";" + #define AS2(x, y) #x ", " #y ";" + + #define PROLOG() \ + __asm__ __volatile__ \ + ( \ + ".intel_syntax noprefix;" \ + "push ebx;" \ + "push ebp;" \ + "movd mm7, ebp;" \ + "movd mm4, eax;" \ + "mov ebp, edx;" \ + "sub esp, 4;" + #define EPILOG() \ + "add esp, 4;" \ + "pop ebp;" \ + "pop ebx;" \ + "emms;" \ + ".att_syntax;" \ + : \ + : "c" (this), "S" (inBlock), "d" (boxes), "a" (outBlock) \ + : "%edi", "memory", "cc" \ + ); + + #else + #define AS1(x) __asm x + #define AS2(x, y) __asm x, y + + #define PROLOG() \ + AS1( push ebp ) \ + AS2( mov ebp, esp ) \ + AS2( movd mm3, edi ) \ + AS2( movd mm4, ebx ) \ + AS2( sub esp, 4 ) \ + AS2( movd mm7, ebp ) \ + AS2( mov [ebp - 4], esi ) \ + AS2( mov esi, DWORD PTR [ebp + 8] ) \ + AS2( mov ebp, DWORD PTR [ebp + 16] ) + + // ebp is restored at end + #define EPILOG() \ + AS2( mov esi, [ebp - 4] ) \ + AS2( movd ebx, mm4 ) \ + AS2( movd edi, mm3 ) \ + AS2( mov esp, ebp ) \ + AS1( pop ebp ) \ + AS1( emms ) \ + AS1( ret 12 ) + + + #endif + + +#ifdef _MSC_VER + __declspec(naked) +#else + __attribute__ ((noinline)) +#endif +void AES::AsmEncrypt(const byte* inBlock, byte* outBlock, void* boxes) const +{ + + PROLOG() + + #ifdef OLD_GCC_OFFSET + AS2( mov edx, DWORD PTR [ecx + 60] ) // rounds + AS2( lea edi, [ecx + 64] ) // rk + #else + AS2( mov edx, DWORD PTR [ecx + 56] ) // rounds + AS2( lea edi, [ecx + 60] ) // rk + #endif + + AS1( dec edx ) + AS2( movd mm6, edi ) // save rk + AS2( movd mm5, edx ) // save rounds + + AS2( mov eax, DWORD PTR [esi] ) + AS2( mov ebx, DWORD PTR [esi + 4] ) + AS2( mov ecx, DWORD PTR [esi + 8] ) + AS2( mov edx, DWORD PTR [esi + 12] ) + + AS1( bswap eax ) + AS1( bswap ebx ) + AS1( bswap ecx ) + AS1( bswap edx ) + + AS2( xor eax, DWORD PTR [edi] ) // s0 + AS2( xor ebx, DWORD PTR [edi + 4] ) // s1 + AS2( xor ecx, DWORD PTR [edi + 8] ) // s2 + AS2( xor edx, DWORD PTR [edi + 12] ) // s3 + +#ifdef _MSC_VER + AS1( loop1: ) // loop1 +#else + AS1(1: ) // loop1 +#endif + /* Put0 (mm0) = + Te0[get0,rs 24] ^ + Te1[get1,rs 16] ^ + Te2[get2,rs 8] ^ + Te3[get3,rs 0] + */ + + AS2( mov esi, eax ) + AS2( shr esi, 24 ) + AS2( mov esi, DWORD PTR [ebp + esi*4] ) + + AS2( mov edi, ebx ) + AS2( shr edi, 16 ) + AS2( and edi, 255 ) + AS2( xor esi, DWORD PTR [ebp + 1024 + edi*4] ) + + AS2( movzx edi, ch ) + AS2( xor esi, DWORD PTR [ebp + 2048 + edi*4] ) + + AS2( movzx edi, dl ) + AS2( xor esi, DWORD PTR [ebp + 3072 + edi*4] ) + + AS2( movd mm0, esi ) + + /* Put1 (mm1) = + Te0[get1,rs 24] ^ + Te1[get2,rs 16] ^ + Te2[get3,rs 8] ^ + Te3[get0,rs 0] + */ + + AS2( mov esi, ebx ) + AS2( shr esi, 24 ) + AS2( mov esi, DWORD PTR [ebp + esi*4] ) + + AS2( mov edi, ecx ) + AS2( shr edi, 16 ) + AS2( and edi, 255 ) + AS2( xor esi, DWORD PTR [ebp + 1024 + edi*4] ) + + AS2( movzx edi, dh ) + AS2( xor esi, DWORD PTR [ebp + 2048 + edi*4] ) + + AS2( movzx edi, al ) + AS2( xor esi, DWORD PTR [ebp + 3072 + edi*4] ) + + AS2( movd mm1, esi ) + + + /* Put2 (mm2) = + Te0[get2,rs 24] ^ + Te1[get3,rs 16] ^ + Te2[get0,rs 8] ^ + Te3[get1,rs 0] + */ + + AS2( mov esi, ecx ) + AS2( shr esi, 24 ) + AS2( mov esi, DWORD PTR [ebp + esi*4] ) + + AS2( mov edi, edx ) + AS2( shr edi, 16 ) + AS2( and edi, 255 ) + AS2( xor esi, DWORD PTR [ebp + 1024 + edi*4] ) + + AS2( movzx edi, ah ) + AS2( xor esi, DWORD PTR [ebp + 2048 + edi*4] ) + + AS2( movzx edi, bl ) + AS2( xor esi, DWORD PTR [ebp + 3072 + edi*4] ) + + AS2( movd mm2, esi ) + + /* Put3 (edx) = + Te0[get3,rs 24] ^ + Te1[get0,rs 16] ^ + Te2[get1,rs 8] ^ + Te3[get2,rs 0] + */ + + AS2( mov esi, edx ) + AS2( shr esi, 24 ) + AS2( mov edx, DWORD PTR [ebp + esi*4] ) + + AS2( mov edi, eax ) + AS2( shr edi, 16 ) + AS2( and edi, 255 ) + AS2( xor edx, DWORD PTR [ebp + 1024 + edi*4] ) + + AS2( movzx esi, bh ) + AS2( xor edx, DWORD PTR [ebp + 2048 + esi*4] ) + + AS2( movzx edi, cl ) + AS2( xor edx, DWORD PTR [ebp + 3072 + edi*4] ) + + // xOr + + AS2( movd esi, mm6 ) // rk + + AS2( movd eax, mm0 ) + AS2( add esi, 16 ) + AS2( movd ebx, mm1 ) + AS2( movd mm6, esi ) // save back + AS2( movd ecx, mm2 ) + + AS2( xor eax, DWORD PTR [esi] ) + AS2( xor ebx, DWORD PTR [esi + 4] ) + AS2( movd edi, mm5 ) + AS2( xor ecx, DWORD PTR [esi + 8] ) + AS2( xor edx, DWORD PTR [esi + 12] ) + + AS1( dec edi ) + AS2( movd mm5, edi ) + +#ifdef _MSC_VER + AS1( jnz loop1) // loop1 +#else + AS1( jnz 1b ) // loop1 +#endif + + // last round + /* + Put0 (mm0) = + (Te4[get0, rs24] & 0xff000000) ^ h = 4278190080 + (Te4[get1, rs16] & 0x00ff0000) ^ h = 16711680 + (Te4[get2, rs 8] & 0x0000ff00) ^ h = 65280 + (Te4[get3, rs 0] & 0x000000ff) h = 255 + */ + AS2( mov esi, eax ) + AS2( shr esi, 24 ) + AS2( mov esi, DWORD PTR [ebp + 4096 + esi*4] ) + AS2( and esi, 4278190080 ) + + AS2( mov edi, ebx ) + AS2( shr edi, 16 ) + AS2( and edi, 255 ) + AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) + AS2( and edi, 16711680 ) + AS2( xor esi, edi ) + + AS2( movzx edi, ch ) + AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) + AS2( and edi, 65280 ) + AS2( xor esi, edi ) + + AS2( movzx edi, dl ) + AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) + AS2( and edi, 255 ) + AS2( xor esi, edi ) + + AS2( movd mm0, esi ) + + /* + Put1 (mm1) = + (Te4[get1, rs24] & 0xff000000) ^ h = 4278190080 + (Te4[get2, rs16] & 0x00ff0000) ^ h = 16711680 + (Te4[get3, rs 8] & 0x0000ff00) ^ h = 65280 + (Te4[get0, rs 0] & 0x000000ff) h = 255 + */ + AS2( mov esi, ebx ) + AS2( shr esi, 24 ) + AS2( mov esi, DWORD PTR [ebp + 4096 + esi*4] ) + AS2( and esi, 4278190080 ) + + AS2( mov edi, ecx ) + AS2( shr edi, 16 ) + AS2( and edi, 255 ) + AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) + AS2( and edi, 16711680 ) + AS2( xor esi, edi ) + + AS2( movzx edi, dh ) + AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) + AS2( and edi, 65280 ) + AS2( xor esi, edi ) + + AS2( movzx edi, al ) + AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) + AS2( and edi, 255 ) + AS2( xor esi, edi ) + + AS2( movd mm1, esi ) + + /* + Put2 (mm2) = + (Te4[get2, rs24] & 0xff000000) ^ h = 4278190080 + (Te4[get3, rs16] & 0x00ff0000) ^ h = 16711680 + (Te4[get0, rs 8] & 0x0000ff00) ^ h = 65280 + (Te4[get1, rs 0] & 0x000000ff) h = 255 + */ + AS2( mov esi, ecx ) + AS2( shr esi, 24 ) + AS2( mov esi, DWORD PTR [ebp + 4096 + esi*4] ) + AS2( and esi, 4278190080 ) + + AS2( mov edi, edx ) + AS2( shr edi, 16 ) + AS2( and edi, 255 ) + AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) + AS2( and edi, 16711680 ) + AS2( xor esi, edi ) + + AS2( movzx edi, ah ) + AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) + AS2( and edi, 65280 ) + AS2( xor esi, edi ) + + AS2( movzx edi, bl ) + AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) + AS2( and edi, 255 ) + AS2( xor esi, edi ) + + AS2( movd mm2, esi ) + + /* + Put3 (edx) = + (Te4[get3, rs24] & 0xff000000) ^ h = 4278190080 + (Te4[get0, rs16] & 0x00ff0000) ^ h = 16711680 + (Te4[get1, rs 8] & 0x0000ff00) ^ h = 65280 + (Te4[get2, rs 0] & 0x000000ff) h = 255 + */ + AS2( mov esi, edx ) + AS2( shr esi, 24 ) + AS2( mov edx, DWORD PTR [ebp + 4096 + esi*4] ) + AS2( and edx, 4278190080 ) + + AS2( mov edi, eax ) + AS2( shr edi, 16 ) + AS2( and edi, 255 ) + AS2( mov esi, DWORD PTR [ebp + 4096 + edi*4] ) + AS2( and esi, 16711680 ) + AS2( xor edx, esi ) + + AS2( movzx esi, bh ) + AS2( mov edi, DWORD PTR [ebp + 4096 + esi*4] ) + AS2( and edi, 65280 ) + AS2( xor edx, edi ) + + AS2( movzx edi, cl ) + AS2( mov esi, DWORD PTR [ebp + 4096 + edi*4] ) + AS2( and esi, 255 ) + AS2( xor edx, esi ) + + + // xOr + AS2( movd eax, mm0 ) + AS2( movd esi, mm6 ) // rk + AS2( movd ebx, mm1 ) + AS2( add esi, 16 ) + AS2( movd ecx, mm2 ) + + AS2( xor eax, DWORD PTR [esi] ) + AS2( xor ebx, DWORD PTR [esi + 4] ) + AS2( xor ecx, DWORD PTR [esi + 8] ) + AS2( xor edx, DWORD PTR [esi + 12] ) + + // end + AS2( movd ebp, mm7 ) + + // swap + AS1( bswap eax ) + AS1( bswap ebx ) + + // store + #ifdef __GNUC__ + AS2( movd esi, mm4 ) // outBlock + #else + AS2( mov esi, DWORD PTR [ebp + 12] ) // outBlock + #endif + + AS1( bswap ecx ) + AS1( bswap edx ) + + AS2( mov DWORD PTR [esi], eax ) + AS2( mov DWORD PTR [esi + 4], ebx ) + AS2( mov DWORD PTR [esi + 8], ecx ) + AS2( mov DWORD PTR [esi + 12], edx ) + + + EPILOG() +} + + +#ifdef _MSC_VER + __declspec(naked) +#else + __attribute__ ((noinline)) +#endif +void AES::AsmDecrypt(const byte* inBlock, byte* outBlock, void* boxes) const +{ + + PROLOG() + + #ifdef OLD_GCC_OFFSET + AS2( mov edx, DWORD PTR [ecx + 60] ) // rounds + AS2( lea edi, [ecx + 64] ) // rk + #else + AS2( mov edx, DWORD PTR [ecx + 56] ) // rounds + AS2( lea edi, [ecx + 60] ) // rk + #endif + + AS1( dec edx ) + AS2( movd mm6, edi ) // save rk + AS2( movd mm5, edx ) // save rounds + + AS2( mov eax, DWORD PTR [esi] ) + AS2( mov ebx, DWORD PTR [esi + 4] ) + AS2( mov ecx, DWORD PTR [esi + 8] ) + AS2( mov edx, DWORD PTR [esi + 12] ) + + AS1( bswap eax ) + AS1( bswap ebx ) + AS1( bswap ecx ) + AS1( bswap edx ) + + AS2( xor eax, DWORD PTR [edi] ) // s0 + AS2( xor ebx, DWORD PTR [edi + 4] ) // s1 + AS2( xor ecx, DWORD PTR [edi + 8] ) // s2 + AS2( xor edx, DWORD PTR [edi + 12] ) // s3 + + +#ifdef _MSC_VER + AS1( loop2: ) // loop2 +#else + AS1(2: ) // loop2 +#endif + /* Put0 (mm0) = + Td0[GETBYTE(get0, rs24)] ^ + Td1[GETBYTE(get3, rs16)] ^ + Td2[GETBYTE(get2, rs 8)] ^ + Td3[GETBYTE(tet1, )] + */ + AS2( mov esi, eax ) + AS2( shr esi, 24 ) + AS2( mov esi, DWORD PTR [ebp + esi*4] ) + + AS2( mov edi, edx ) + AS2( shr edi, 16 ) + AS2( and edi, 255 ) + AS2( xor esi, DWORD PTR [ebp + 1024 + edi*4] ) + + AS2( movzx edi, ch ) + AS2( xor esi, DWORD PTR [ebp + 2048 + edi*4] ) + + AS2( movzx edi, bl ) + AS2( xor esi, DWORD PTR [ebp + 3072 + edi*4] ) + + AS2( movd mm0, esi ) + + /* Put1 (mm1) = + Td0[GETBYTE(get1, rs24)] ^ + Td1[GETBYTE(get0, rs16)] ^ + Td2[GETBYTE(get3, rs 8)] ^ + Td3[GETBYTE(tet2, )] + */ + AS2( mov esi, ebx ) + AS2( shr esi, 24 ) + AS2( mov esi, DWORD PTR [ebp + esi*4] ) + + AS2( mov edi, eax ) + AS2( shr edi, 16 ) + AS2( and edi, 255 ) + AS2( xor esi, DWORD PTR [ebp + 1024 + edi*4] ) + + AS2( movzx edi, dh ) + AS2( xor esi, DWORD PTR [ebp + 2048 + edi*4] ) + + AS2( movzx edi, cl ) + AS2( xor esi, DWORD PTR [ebp + 3072 + edi*4] ) + + AS2( movd mm1, esi ) + + /* Put2 (mm2) = + Td0[GETBYTE(get2, rs24)] ^ + Td1[GETBYTE(get1, rs16)] ^ + Td2[GETBYTE(get0, rs 8)] ^ + Td3[GETBYTE(tet3, )] + */ + AS2( mov esi, ecx ) + AS2( shr esi, 24 ) + AS2( mov esi, DWORD PTR [ebp + esi*4] ) + + AS2( mov edi, ebx ) + AS2( shr edi, 16 ) + AS2( and edi, 255 ) + AS2( xor esi, DWORD PTR [ebp + 1024 + edi*4] ) + + AS2( movzx edi, ah ) + AS2( xor esi, DWORD PTR [ebp + 2048 + edi*4] ) + + AS2( movzx edi, dl ) + AS2( xor esi, DWORD PTR [ebp + 3072 + edi*4] ) + + AS2( movd mm2, esi ) + + /* Put3 (edx) = + Td0[GETBYTE(get3, rs24)] ^ + Td1[GETBYTE(get2, rs16)] ^ + Td2[GETBYTE(get1, rs 8)] ^ + Td3[GETBYTE(tet0, )] + */ + AS2( mov esi, edx ) + AS2( shr esi, 24 ) + AS2( mov edx, DWORD PTR [ebp + esi*4] ) + + AS2( mov edi, ecx ) + AS2( shr edi, 16 ) + AS2( and edi, 255 ) + AS2( xor edx, DWORD PTR [ebp + 1024 + edi*4] ) + + AS2( movzx esi, bh ) + AS2( xor edx, DWORD PTR [ebp + 2048 + esi*4] ) + + AS2( movzx edi, al ) + AS2( xor edx, DWORD PTR [ebp + 3072 + edi*4] ) + + + // xOr + + AS2( movd esi, mm6 ) // rk + AS2( add esi, 16 ) + AS2( movd mm6, esi ) // save back + + AS2( movd eax, mm0 ) + AS2( movd ebx, mm1 ) + AS2( movd ecx, mm2 ) + + AS2( xor eax, DWORD PTR [esi] ) + AS2( xor ebx, DWORD PTR [esi + 4] ) + AS2( xor ecx, DWORD PTR [esi + 8] ) + AS2( xor edx, DWORD PTR [esi + 12] ) + + AS2( movd edi, mm5 ) + AS1( dec edi ) + AS2( movd mm5, edi ) + +#ifdef _MSC_VER + AS1( jnz loop2) // loop2 +#else + AS1( jnz 2b ) // loop2 +#endif + + // last round + /* + Put0 (mm0) = + (Td4[get0, rs24] & 0xff000000) ^ h = 4278190080 + (Td4[get3, rs16] & 0x00ff0000) ^ h = 16711680 + (Td4[get2, rs 8] & 0x0000ff00) ^ h = 65280 + (Td4[get1, rs 0] & 0x000000ff) h = 255 + */ + AS2( mov esi, eax ) + AS2( shr esi, 24 ) + AS2( mov esi, DWORD PTR [ebp + 4096 + esi*4] ) + AS2( and esi, 4278190080 ) + + AS2( mov edi, edx ) + AS2( shr edi, 16 ) + AS2( and edi, 255 ) + AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) + AS2( and edi, 16711680 ) + AS2( xor esi, edi ) + + AS2( movzx edi, ch ) + AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) + AS2( and edi, 65280 ) + AS2( xor esi, edi ) + + AS2( movzx edi, bl ) + AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) + AS2( and edi, 255 ) + AS2( xor esi, edi ) + + AS2( movd mm0, esi ) + + /* + Put1 (mm1) = + (Td4[get1, rs24] & 0xff000000) ^ h = 4278190080 + (Td4[get0, rs16] & 0x00ff0000) ^ h = 16711680 + (Td4[get3, rs 8] & 0x0000ff00) ^ h = 65280 + (Td4[get2, rs 0] & 0x000000ff) h = 255 + */ + AS2( mov esi, ebx ) + AS2( shr esi, 24 ) + AS2( mov esi, DWORD PTR [ebp + 4096 + esi*4] ) + AS2( and esi, 4278190080 ) + + AS2( mov edi, eax ) + AS2( shr edi, 16 ) + AS2( and edi, 255 ) + AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) + AS2( and edi, 16711680 ) + AS2( xor esi, edi ) + + AS2( movzx edi, dh ) + AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) + AS2( and edi, 65280 ) + AS2( xor esi, edi ) + + AS2( movzx edi, cl ) + AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) + AS2( and edi, 255 ) + AS2( xor esi, edi ) + + AS2( movd mm1, esi ) + + /* + Put2 (mm2) = + (Td4[get2, rs24] & 0xff000000) ^ h = 4278190080 + (Td4[get1, rs16] & 0x00ff0000) ^ h = 16711680 + (Td4[get0, rs 8] & 0x0000ff00) ^ h = 65280 + (Td4[get3, rs 0] & 0x000000ff) h = 255 + */ + AS2( mov esi, ecx ) + AS2( shr esi, 24 ) + AS2( mov esi, DWORD PTR [ebp + 4096 + esi*4] ) + AS2( and esi, 4278190080 ) + + AS2( mov edi, ebx ) + AS2( shr edi, 16 ) + AS2( and edi, 255 ) + AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) + AS2( and edi, 16711680 ) + AS2( xor esi, edi ) + + AS2( movzx edi, ah ) + AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) + AS2( and edi, 65280 ) + AS2( xor esi, edi ) + + AS2( movzx edi, dl ) + AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] ) + AS2( and edi, 255 ) + AS2( xor esi, edi ) + + AS2( movd mm2, esi ) + + /* + Put3 (edx) = + (Td4[get3, rs24] & 0xff000000) ^ h = 4278190080 + (Td4[get2, rs16] & 0x00ff0000) ^ h = 16711680 + (Td4[get1, rs 8] & 0x0000ff00) ^ h = 65280 + (Td4[get0, rs 0] & 0x000000ff) h = 255 + */ + AS2( mov esi, edx ) + AS2( shr esi, 24 ) + AS2( mov edx, DWORD PTR [ebp + 4096 + esi*4] ) + AS2( and edx, 4278190080 ) + + AS2( mov edi, ecx ) + AS2( shr edi, 16 ) + AS2( and edi, 255 ) + AS2( mov esi, DWORD PTR [ebp + 4096 + edi*4] ) + AS2( and esi, 16711680 ) + AS2( xor edx, esi ) + + AS2( movzx esi, bh ) + AS2( mov edi, DWORD PTR [ebp + 4096 + esi*4] ) + AS2( and edi, 65280 ) + AS2( xor edx, edi ) + + AS2( movzx edi, al ) + AS2( mov esi, DWORD PTR [ebp + 4096 + edi*4] ) + AS2( and esi, 255 ) + AS2( xor edx, esi ) + + + // xOr + AS2( movd esi, mm6 ) // rk + AS2( add esi, 16 ) + + AS2( movd eax, mm0 ) + AS2( movd ebx, mm1 ) + AS2( movd ecx, mm2 ) + + AS2( xor eax, DWORD PTR [esi] ) + AS2( xor ebx, DWORD PTR [esi + 4] ) + AS2( xor ecx, DWORD PTR [esi + 8] ) + AS2( xor edx, DWORD PTR [esi + 12] ) + + // end + AS2( movd ebp, mm7 ) + + // swap + AS1( bswap eax ) + AS1( bswap ebx ) + AS1( bswap ecx ) + AS1( bswap edx ) + + // store + #ifdef __GNUC__ + AS2( movd esi, mm4 ) // outBlock + #else + AS2( mov esi, DWORD PTR [ebp + 12] ) // outBlock + #endif + AS2( mov DWORD PTR [esi], eax ) + AS2( mov DWORD PTR [esi + 4], ebx ) + AS2( mov DWORD PTR [esi + 8], ecx ) + AS2( mov DWORD PTR [esi + 12], edx ) + + + EPILOG() +} + + + +#endif // defined(DO_AES_ASM) + + + +const word32 AES::Te[5][256] = { +{ + 0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU, + 0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U, + 0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU, + 0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU, + 0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U, + 0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU, + 0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU, + 0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU, + 0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU, + 0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU, + 0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U, + 0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU, + 0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU, + 0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U, + 0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU, + 0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU, + 0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU, + 0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU, + 0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU, + 0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U, + 0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU, + 0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU, + 0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU, + 0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU, + 0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U, + 0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U, + 0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U, + 0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U, + 0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU, + 0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U, + 0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U, + 0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU, + 0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU, + 0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U, + 0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U, + 0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U, + 0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU, + 0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U, + 0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU, + 0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U, + 0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU, + 0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U, + 0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U, + 0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU, + 0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U, + 0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U, + 0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U, + 0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U, + 0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U, + 0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U, + 0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U, + 0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U, + 0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU, + 0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U, + 0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U, + 0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U, + 0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U, + 0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U, + 0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U, + 0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU, + 0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U, + 0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U, + 0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U, + 0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU, +}, +{ + 0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU, + 0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U, + 0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU, + 0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U, + 0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU, + 0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U, + 0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU, + 0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U, + 0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U, + 0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU, + 0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U, + 0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U, + 0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U, + 0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU, + 0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U, + 0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U, + 0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU, + 0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U, + 0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U, + 0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U, + 0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU, + 0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU, + 0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U, + 0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU, + 0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU, + 0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U, + 0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU, + 0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U, + 0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU, + 0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U, + 0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U, + 0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U, + 0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU, + 0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U, + 0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU, + 0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U, + 0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU, + 0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U, + 0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U, + 0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU, + 0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU, + 0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU, + 0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U, + 0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U, + 0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU, + 0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U, + 0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU, + 0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U, + 0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU, + 0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U, + 0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU, + 0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU, + 0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U, + 0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU, + 0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U, + 0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU, + 0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U, + 0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U, + 0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U, + 0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU, + 0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU, + 0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U, + 0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU, + 0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U, +}, +{ + 0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU, + 0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U, + 0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU, + 0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U, + 0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU, + 0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U, + 0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU, + 0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U, + 0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U, + 0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU, + 0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U, + 0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U, + 0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U, + 0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU, + 0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U, + 0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U, + 0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU, + 0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U, + 0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U, + 0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U, + 0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU, + 0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU, + 0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U, + 0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU, + 0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU, + 0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U, + 0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU, + 0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U, + 0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU, + 0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U, + 0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U, + 0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U, + 0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU, + 0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U, + 0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU, + 0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U, + 0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU, + 0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U, + 0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U, + 0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU, + 0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU, + 0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU, + 0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U, + 0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U, + 0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU, + 0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U, + 0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU, + 0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U, + 0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU, + 0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U, + 0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU, + 0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU, + 0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U, + 0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU, + 0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U, + 0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU, + 0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U, + 0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U, + 0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U, + 0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU, + 0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU, + 0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U, + 0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU, + 0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U, +}, +{ + 0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U, + 0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U, + 0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U, + 0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU, + 0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU, + 0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU, + 0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U, + 0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU, + 0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU, + 0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U, + 0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U, + 0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU, + 0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU, + 0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU, + 0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU, + 0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU, + 0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U, + 0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU, + 0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU, + 0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U, + 0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U, + 0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U, + 0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U, + 0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U, + 0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU, + 0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U, + 0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU, + 0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU, + 0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U, + 0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U, + 0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U, + 0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU, + 0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U, + 0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU, + 0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU, + 0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U, + 0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U, + 0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU, + 0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U, + 0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU, + 0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U, + 0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U, + 0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U, + 0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U, + 0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU, + 0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U, + 0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU, + 0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U, + 0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU, + 0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U, + 0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU, + 0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU, + 0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU, + 0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU, + 0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U, + 0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U, + 0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U, + 0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U, + 0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U, + 0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U, + 0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU, + 0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U, + 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU, + 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU, +}, +{ + 0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU, + 0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U, + 0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU, + 0xfefefefeU, 0xd7d7d7d7U, 0xababababU, 0x76767676U, + 0xcacacacaU, 0x82828282U, 0xc9c9c9c9U, 0x7d7d7d7dU, + 0xfafafafaU, 0x59595959U, 0x47474747U, 0xf0f0f0f0U, + 0xadadadadU, 0xd4d4d4d4U, 0xa2a2a2a2U, 0xafafafafU, + 0x9c9c9c9cU, 0xa4a4a4a4U, 0x72727272U, 0xc0c0c0c0U, + 0xb7b7b7b7U, 0xfdfdfdfdU, 0x93939393U, 0x26262626U, + 0x36363636U, 0x3f3f3f3fU, 0xf7f7f7f7U, 0xccccccccU, + 0x34343434U, 0xa5a5a5a5U, 0xe5e5e5e5U, 0xf1f1f1f1U, + 0x71717171U, 0xd8d8d8d8U, 0x31313131U, 0x15151515U, + 0x04040404U, 0xc7c7c7c7U, 0x23232323U, 0xc3c3c3c3U, + 0x18181818U, 0x96969696U, 0x05050505U, 0x9a9a9a9aU, + 0x07070707U, 0x12121212U, 0x80808080U, 0xe2e2e2e2U, + 0xebebebebU, 0x27272727U, 0xb2b2b2b2U, 0x75757575U, + 0x09090909U, 0x83838383U, 0x2c2c2c2cU, 0x1a1a1a1aU, + 0x1b1b1b1bU, 0x6e6e6e6eU, 0x5a5a5a5aU, 0xa0a0a0a0U, + 0x52525252U, 0x3b3b3b3bU, 0xd6d6d6d6U, 0xb3b3b3b3U, + 0x29292929U, 0xe3e3e3e3U, 0x2f2f2f2fU, 0x84848484U, + 0x53535353U, 0xd1d1d1d1U, 0x00000000U, 0xededededU, + 0x20202020U, 0xfcfcfcfcU, 0xb1b1b1b1U, 0x5b5b5b5bU, + 0x6a6a6a6aU, 0xcbcbcbcbU, 0xbebebebeU, 0x39393939U, + 0x4a4a4a4aU, 0x4c4c4c4cU, 0x58585858U, 0xcfcfcfcfU, + 0xd0d0d0d0U, 0xefefefefU, 0xaaaaaaaaU, 0xfbfbfbfbU, + 0x43434343U, 0x4d4d4d4dU, 0x33333333U, 0x85858585U, + 0x45454545U, 0xf9f9f9f9U, 0x02020202U, 0x7f7f7f7fU, + 0x50505050U, 0x3c3c3c3cU, 0x9f9f9f9fU, 0xa8a8a8a8U, + 0x51515151U, 0xa3a3a3a3U, 0x40404040U, 0x8f8f8f8fU, + 0x92929292U, 0x9d9d9d9dU, 0x38383838U, 0xf5f5f5f5U, + 0xbcbcbcbcU, 0xb6b6b6b6U, 0xdadadadaU, 0x21212121U, + 0x10101010U, 0xffffffffU, 0xf3f3f3f3U, 0xd2d2d2d2U, + 0xcdcdcdcdU, 0x0c0c0c0cU, 0x13131313U, 0xececececU, + 0x5f5f5f5fU, 0x97979797U, 0x44444444U, 0x17171717U, + 0xc4c4c4c4U, 0xa7a7a7a7U, 0x7e7e7e7eU, 0x3d3d3d3dU, + 0x64646464U, 0x5d5d5d5dU, 0x19191919U, 0x73737373U, + 0x60606060U, 0x81818181U, 0x4f4f4f4fU, 0xdcdcdcdcU, + 0x22222222U, 0x2a2a2a2aU, 0x90909090U, 0x88888888U, + 0x46464646U, 0xeeeeeeeeU, 0xb8b8b8b8U, 0x14141414U, + 0xdedededeU, 0x5e5e5e5eU, 0x0b0b0b0bU, 0xdbdbdbdbU, + 0xe0e0e0e0U, 0x32323232U, 0x3a3a3a3aU, 0x0a0a0a0aU, + 0x49494949U, 0x06060606U, 0x24242424U, 0x5c5c5c5cU, + 0xc2c2c2c2U, 0xd3d3d3d3U, 0xacacacacU, 0x62626262U, + 0x91919191U, 0x95959595U, 0xe4e4e4e4U, 0x79797979U, + 0xe7e7e7e7U, 0xc8c8c8c8U, 0x37373737U, 0x6d6d6d6dU, + 0x8d8d8d8dU, 0xd5d5d5d5U, 0x4e4e4e4eU, 0xa9a9a9a9U, + 0x6c6c6c6cU, 0x56565656U, 0xf4f4f4f4U, 0xeaeaeaeaU, + 0x65656565U, 0x7a7a7a7aU, 0xaeaeaeaeU, 0x08080808U, + 0xbabababaU, 0x78787878U, 0x25252525U, 0x2e2e2e2eU, + 0x1c1c1c1cU, 0xa6a6a6a6U, 0xb4b4b4b4U, 0xc6c6c6c6U, + 0xe8e8e8e8U, 0xddddddddU, 0x74747474U, 0x1f1f1f1fU, + 0x4b4b4b4bU, 0xbdbdbdbdU, 0x8b8b8b8bU, 0x8a8a8a8aU, + 0x70707070U, 0x3e3e3e3eU, 0xb5b5b5b5U, 0x66666666U, + 0x48484848U, 0x03030303U, 0xf6f6f6f6U, 0x0e0e0e0eU, + 0x61616161U, 0x35353535U, 0x57575757U, 0xb9b9b9b9U, + 0x86868686U, 0xc1c1c1c1U, 0x1d1d1d1dU, 0x9e9e9e9eU, + 0xe1e1e1e1U, 0xf8f8f8f8U, 0x98989898U, 0x11111111U, + 0x69696969U, 0xd9d9d9d9U, 0x8e8e8e8eU, 0x94949494U, + 0x9b9b9b9bU, 0x1e1e1e1eU, 0x87878787U, 0xe9e9e9e9U, + 0xcecececeU, 0x55555555U, 0x28282828U, 0xdfdfdfdfU, + 0x8c8c8c8cU, 0xa1a1a1a1U, 0x89898989U, 0x0d0d0d0dU, + 0xbfbfbfbfU, 0xe6e6e6e6U, 0x42424242U, 0x68686868U, + 0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU, + 0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U, +} +}; + + +const word32 AES::Td[5][256] = { +{ + 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U, + 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U, + 0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U, + 0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU, + 0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U, + 0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U, + 0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU, + 0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U, + 0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU, + 0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U, + 0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U, + 0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U, + 0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U, + 0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU, + 0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U, + 0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU, + 0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U, + 0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU, + 0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U, + 0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U, + 0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U, + 0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU, + 0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U, + 0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU, + 0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U, + 0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU, + 0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U, + 0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU, + 0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU, + 0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U, + 0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU, + 0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U, + 0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU, + 0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U, + 0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U, + 0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U, + 0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU, + 0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U, + 0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U, + 0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU, + 0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U, + 0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U, + 0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U, + 0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U, + 0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U, + 0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU, + 0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U, + 0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U, + 0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U, + 0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U, + 0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U, + 0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU, + 0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU, + 0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU, + 0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU, + 0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U, + 0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U, + 0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU, + 0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU, + 0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U, + 0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU, + 0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U, + 0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U, + 0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U, +}, +{ + 0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU, + 0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U, + 0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU, + 0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U, + 0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U, + 0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U, + 0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U, + 0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U, + 0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U, + 0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU, + 0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU, + 0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU, + 0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U, + 0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU, + 0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U, + 0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U, + 0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U, + 0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU, + 0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU, + 0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U, + 0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU, + 0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U, + 0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU, + 0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU, + 0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U, + 0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U, + 0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U, + 0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU, + 0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U, + 0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU, + 0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U, + 0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U, + 0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U, + 0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU, + 0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U, + 0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U, + 0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U, + 0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U, + 0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U, + 0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U, + 0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU, + 0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU, + 0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U, + 0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU, + 0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U, + 0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU, + 0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU, + 0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U, + 0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU, + 0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U, + 0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U, + 0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U, + 0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U, + 0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U, + 0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U, + 0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U, + 0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU, + 0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U, + 0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U, + 0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU, + 0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U, + 0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U, + 0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U, + 0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U, +}, +{ + 0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U, + 0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U, + 0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U, + 0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U, + 0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU, + 0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U, + 0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U, + 0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U, + 0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U, + 0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU, + 0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U, + 0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U, + 0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU, + 0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U, + 0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U, + 0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U, + 0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U, + 0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U, + 0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U, + 0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU, + + 0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U, + 0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U, + 0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U, + 0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U, + 0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U, + 0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU, + 0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU, + 0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U, + 0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU, + 0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U, + 0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU, + 0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU, + 0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU, + 0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU, + 0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U, + 0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U, + 0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U, + 0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U, + 0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U, + 0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U, + 0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U, + 0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU, + 0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU, + 0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U, + 0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U, + 0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU, + 0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU, + 0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U, + 0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U, + 0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U, + 0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U, + 0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U, + 0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U, + 0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U, + 0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU, + 0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U, + 0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U, + 0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U, + 0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U, + 0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U, + 0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U, + 0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU, + 0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U, + 0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U, +}, +{ + 0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU, + 0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU, + 0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U, + 0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U, + 0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU, + 0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU, + 0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U, + 0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU, + 0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U, + 0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU, + 0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U, + 0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U, + 0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U, + 0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U, + 0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U, + 0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU, + 0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU, + 0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U, + 0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U, + 0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU, + 0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU, + 0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U, + 0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U, + 0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U, + 0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U, + 0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU, + 0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U, + 0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U, + 0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU, + 0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU, + 0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U, + 0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U, + 0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U, + 0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU, + 0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U, + 0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U, + 0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U, + 0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U, + 0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U, + 0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U, + 0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U, + 0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU, + 0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U, + 0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U, + 0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU, + 0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU, + 0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U, + 0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU, + 0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U, + 0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U, + 0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U, + 0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U, + 0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U, + 0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U, + 0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU, + 0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU, + 0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU, + 0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU, + 0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U, + 0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U, + 0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U, + 0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU, + 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U, + 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U, +}, +{ + 0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U, + 0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U, + 0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU, + 0x81818181U, 0xf3f3f3f3U, 0xd7d7d7d7U, 0xfbfbfbfbU, + 0x7c7c7c7cU, 0xe3e3e3e3U, 0x39393939U, 0x82828282U, + 0x9b9b9b9bU, 0x2f2f2f2fU, 0xffffffffU, 0x87878787U, + 0x34343434U, 0x8e8e8e8eU, 0x43434343U, 0x44444444U, + 0xc4c4c4c4U, 0xdedededeU, 0xe9e9e9e9U, 0xcbcbcbcbU, + 0x54545454U, 0x7b7b7b7bU, 0x94949494U, 0x32323232U, + 0xa6a6a6a6U, 0xc2c2c2c2U, 0x23232323U, 0x3d3d3d3dU, + 0xeeeeeeeeU, 0x4c4c4c4cU, 0x95959595U, 0x0b0b0b0bU, + 0x42424242U, 0xfafafafaU, 0xc3c3c3c3U, 0x4e4e4e4eU, + 0x08080808U, 0x2e2e2e2eU, 0xa1a1a1a1U, 0x66666666U, + 0x28282828U, 0xd9d9d9d9U, 0x24242424U, 0xb2b2b2b2U, + 0x76767676U, 0x5b5b5b5bU, 0xa2a2a2a2U, 0x49494949U, + 0x6d6d6d6dU, 0x8b8b8b8bU, 0xd1d1d1d1U, 0x25252525U, + 0x72727272U, 0xf8f8f8f8U, 0xf6f6f6f6U, 0x64646464U, + 0x86868686U, 0x68686868U, 0x98989898U, 0x16161616U, + 0xd4d4d4d4U, 0xa4a4a4a4U, 0x5c5c5c5cU, 0xccccccccU, + 0x5d5d5d5dU, 0x65656565U, 0xb6b6b6b6U, 0x92929292U, + 0x6c6c6c6cU, 0x70707070U, 0x48484848U, 0x50505050U, + 0xfdfdfdfdU, 0xededededU, 0xb9b9b9b9U, 0xdadadadaU, + 0x5e5e5e5eU, 0x15151515U, 0x46464646U, 0x57575757U, + 0xa7a7a7a7U, 0x8d8d8d8dU, 0x9d9d9d9dU, 0x84848484U, + 0x90909090U, 0xd8d8d8d8U, 0xababababU, 0x00000000U, + 0x8c8c8c8cU, 0xbcbcbcbcU, 0xd3d3d3d3U, 0x0a0a0a0aU, + 0xf7f7f7f7U, 0xe4e4e4e4U, 0x58585858U, 0x05050505U, + 0xb8b8b8b8U, 0xb3b3b3b3U, 0x45454545U, 0x06060606U, + 0xd0d0d0d0U, 0x2c2c2c2cU, 0x1e1e1e1eU, 0x8f8f8f8fU, + 0xcacacacaU, 0x3f3f3f3fU, 0x0f0f0f0fU, 0x02020202U, + 0xc1c1c1c1U, 0xafafafafU, 0xbdbdbdbdU, 0x03030303U, + 0x01010101U, 0x13131313U, 0x8a8a8a8aU, 0x6b6b6b6bU, + 0x3a3a3a3aU, 0x91919191U, 0x11111111U, 0x41414141U, + 0x4f4f4f4fU, 0x67676767U, 0xdcdcdcdcU, 0xeaeaeaeaU, + 0x97979797U, 0xf2f2f2f2U, 0xcfcfcfcfU, 0xcecececeU, + 0xf0f0f0f0U, 0xb4b4b4b4U, 0xe6e6e6e6U, 0x73737373U, + 0x96969696U, 0xacacacacU, 0x74747474U, 0x22222222U, + 0xe7e7e7e7U, 0xadadadadU, 0x35353535U, 0x85858585U, + 0xe2e2e2e2U, 0xf9f9f9f9U, 0x37373737U, 0xe8e8e8e8U, + 0x1c1c1c1cU, 0x75757575U, 0xdfdfdfdfU, 0x6e6e6e6eU, + 0x47474747U, 0xf1f1f1f1U, 0x1a1a1a1aU, 0x71717171U, + 0x1d1d1d1dU, 0x29292929U, 0xc5c5c5c5U, 0x89898989U, + 0x6f6f6f6fU, 0xb7b7b7b7U, 0x62626262U, 0x0e0e0e0eU, + 0xaaaaaaaaU, 0x18181818U, 0xbebebebeU, 0x1b1b1b1bU, + 0xfcfcfcfcU, 0x56565656U, 0x3e3e3e3eU, 0x4b4b4b4bU, + 0xc6c6c6c6U, 0xd2d2d2d2U, 0x79797979U, 0x20202020U, + 0x9a9a9a9aU, 0xdbdbdbdbU, 0xc0c0c0c0U, 0xfefefefeU, + 0x78787878U, 0xcdcdcdcdU, 0x5a5a5a5aU, 0xf4f4f4f4U, + 0x1f1f1f1fU, 0xddddddddU, 0xa8a8a8a8U, 0x33333333U, + 0x88888888U, 0x07070707U, 0xc7c7c7c7U, 0x31313131U, + 0xb1b1b1b1U, 0x12121212U, 0x10101010U, 0x59595959U, + 0x27272727U, 0x80808080U, 0xececececU, 0x5f5f5f5fU, + 0x60606060U, 0x51515151U, 0x7f7f7f7fU, 0xa9a9a9a9U, + 0x19191919U, 0xb5b5b5b5U, 0x4a4a4a4aU, 0x0d0d0d0dU, + 0x2d2d2d2dU, 0xe5e5e5e5U, 0x7a7a7a7aU, 0x9f9f9f9fU, + 0x93939393U, 0xc9c9c9c9U, 0x9c9c9c9cU, 0xefefefefU, + 0xa0a0a0a0U, 0xe0e0e0e0U, 0x3b3b3b3bU, 0x4d4d4d4dU, + 0xaeaeaeaeU, 0x2a2a2a2aU, 0xf5f5f5f5U, 0xb0b0b0b0U, + 0xc8c8c8c8U, 0xebebebebU, 0xbbbbbbbbU, 0x3c3c3c3cU, + 0x83838383U, 0x53535353U, 0x99999999U, 0x61616161U, + 0x17171717U, 0x2b2b2b2bU, 0x04040404U, 0x7e7e7e7eU, + 0xbabababaU, 0x77777777U, 0xd6d6d6d6U, 0x26262626U, + 0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U, + 0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU, +} +}; + +const byte AES::CTd4[256] = +{ + 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U, + 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU, + 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U, + 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU, + 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU, + 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU, + 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U, + 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U, + 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U, + 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U, + 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU, + 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U, + 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU, + 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U, + 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U, + 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU, + 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU, + 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U, + 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U, + 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU, + 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U, + 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU, + 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U, + 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U, + 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U, + 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU, + 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU, + 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU, + 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U, + 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U, + 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U, + 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU, +}; + + +const word32* AES::Te0 = AES::Te[0]; +const word32* AES::Te1 = AES::Te[1]; +const word32* AES::Te2 = AES::Te[2]; +const word32* AES::Te3 = AES::Te[3]; + +const word32* AES::Td0 = AES::Td[0]; +const word32* AES::Td1 = AES::Td[1]; +const word32* AES::Td2 = AES::Td[2]; +const word32* AES::Td3 = AES::Td[3]; + + + +} // namespace + diff --git a/mysql/extra/yassl/taocrypt/src/aestables.cpp b/mysql/extra/yassl/taocrypt/src/aestables.cpp new file mode 100644 index 0000000..60795a5 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/src/aestables.cpp @@ -0,0 +1,36 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* based on Wei Dai's aestables.cpp from CryptoPP */ + +#include "runtime.hpp" +#include "aes.hpp" + + +namespace TaoCrypt { + + +const word32 AES::rcon_[] = { + 0x01000000, 0x02000000, 0x04000000, 0x08000000, + 0x10000000, 0x20000000, 0x40000000, 0x80000000, + 0x1B000000, 0x36000000, + /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */ +}; + + +} // namespace diff --git a/mysql/extra/yassl/taocrypt/src/algebra.cpp b/mysql/extra/yassl/taocrypt/src/algebra.cpp new file mode 100644 index 0000000..ace1704 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/src/algebra.cpp @@ -0,0 +1,336 @@ +/* + Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ + +/* based on Wei Dai's algebra.cpp from CryptoPP */ +#undef NDEBUG +#define DEBUG // GCC 4.0 bug if NDEBUG and Optimize > 1 + +#include "runtime.hpp" +#include "algebra.hpp" +#ifdef USE_SYS_STL + #include +#else + #include "vector.hpp" +#endif + + +namespace STL = STL_NAMESPACE; + + +namespace TaoCrypt { + + +const Integer& AbstractGroup::Double(const Element &a) const +{ + return Add(a, a); +} + +const Integer& AbstractGroup::Subtract(const Element &a, const Element &b) const +{ + // make copy of a in case Inverse() overwrites it + Element a1(a); + return Add(a1, Inverse(b)); +} + +Integer& AbstractGroup::Accumulate(Element &a, const Element &b) const +{ + return a = Add(a, b); +} + +Integer& AbstractGroup::Reduce(Element &a, const Element &b) const +{ + return a = Subtract(a, b); +} + +const Integer& AbstractRing::Square(const Element &a) const +{ + return Multiply(a, a); +} + + +const Integer& AbstractRing::Divide(const Element &a, const Element &b) const +{ + // make copy of a in case MultiplicativeInverse() overwrites it + Element a1(a); + return Multiply(a1, MultiplicativeInverse(b)); +} + + +const Integer& AbstractEuclideanDomain::Mod(const Element &a, + const Element &b) const +{ + Element q; + DivisionAlgorithm(result, q, a, b); + return result; +} + +const Integer& AbstractEuclideanDomain::Gcd(const Element &a, + const Element &b) const +{ + STL::vector g(3); + g[0]= b; + g[1]= a; + unsigned int i0=0, i1=1, i2=2; + + while (!Equal(g[i1], this->Identity())) + { + g[i2] = Mod(g[i0], g[i1]); + unsigned int t = i0; i0 = i1; i1 = i2; i2 = t; + } + + return result = g[i0]; +} + + +Integer AbstractGroup::ScalarMultiply(const Element &base, + const Integer &exponent) const +{ + Element result; + SimultaneousMultiply(&result, base, &exponent, 1); + return result; +} + + +Integer AbstractGroup::CascadeScalarMultiply(const Element &x, + const Integer &e1, const Element &y, const Integer &e2) const +{ + const unsigned expLen = max(e1.BitCount(), e2.BitCount()); + if (expLen==0) + return Identity(); + + const unsigned w = (expLen <= 46 ? 1 : (expLen <= 260 ? 2 : 3)); + const unsigned tableSize = 1< powerTable(tableSize << w); + + powerTable[1] = x; + powerTable[tableSize] = y; + if (w==1) + powerTable[3] = Add(x,y); + else + { + powerTable[2] = Double(x); + powerTable[2*tableSize] = Double(y); + + unsigned i, j; + + for (i=3; i=0; i--) + { + power1 = 2*power1 + e1.GetBit(i); + power2 = 2*power2 + e2.GetBit(i); + + if (i==0 || 2*power1 >= tableSize || 2*power2 >= tableSize) + { + unsigned squaresBefore = prevPosition-i; + unsigned squaresAfter = 0; + prevPosition = i; + while ((power1 || power2) && power1%2 == 0 && power2%2==0) + { + power1 /= 2; + power2 /= 2; + squaresBefore--; + squaresAfter++; + } + if (firstTime) + { + result = powerTable[(power2<= expLen) + { + finished = true; + return; + } + skipCount++; + } + + exp >>= skipCount; + windowBegin += skipCount; + expWindow = exp % (1 << windowSize); + + if (fastNegate && exp.GetBit(windowSize)) + { + negateNext = true; + expWindow = (1 << windowSize) - expWindow; + exp += windowModulus; + } + else + negateNext = false; + } + + Integer exp, windowModulus; + unsigned int windowSize, windowBegin, expWindow; + bool fastNegate, negateNext, firstTime, finished; +}; + + +void AbstractGroup::SimultaneousMultiply(Integer *results, const Integer &base, + const Integer *expBegin, unsigned int expCount) const +{ + STL::vector > buckets(expCount); + STL::vector exponents; + exponents.reserve(expCount); + unsigned int i; + + for (i=0; i 1) + { + for (size_t j = buckets[i].size()-2; j >= 1; j--) + { + Accumulate(buckets[i][j], buckets[i][j+1]); + Accumulate(r, buckets[i][j]); + } + Accumulate(buckets[i][0], buckets[i][1]); + r = Add(Double(r), buckets[i][0]); + } + } +} + +Integer AbstractRing::Exponentiate(const Element &base, + const Integer &exponent) const +{ + Element result; + SimultaneousExponentiate(&result, base, &exponent, 1); + return result; +} + + +Integer AbstractRing::CascadeExponentiate(const Element &x, + const Integer &e1, const Element &y, const Integer &e2) const +{ + return MultiplicativeGroup().AbstractGroup::CascadeScalarMultiply( + x, e1, y, e2); +} + + +void AbstractRing::SimultaneousExponentiate(Integer *results, + const Integer &base, + const Integer *exponents, unsigned int expCount) const +{ + MultiplicativeGroup().AbstractGroup::SimultaneousMultiply(results, base, + exponents, expCount); +} + + +} // namespace + + +#ifdef HAVE_EXPLICIT_TEMPLATE_INSTANTIATION +namespace mySTL { +template TaoCrypt::WindowSlider* uninit_copy(TaoCrypt::WindowSlider*, TaoCrypt::WindowSlider*, TaoCrypt::WindowSlider*); +template void destroy(TaoCrypt::WindowSlider*, TaoCrypt::WindowSlider*); +template TaoCrypt::WindowSlider* GetArrayMemory(size_t); +template void FreeArrayMemory(TaoCrypt::WindowSlider*); +} +#endif + diff --git a/mysql/extra/yassl/taocrypt/src/arc4.cpp b/mysql/extra/yassl/taocrypt/src/arc4.cpp new file mode 100644 index 0000000..10a3a7d --- /dev/null +++ b/mysql/extra/yassl/taocrypt/src/arc4.cpp @@ -0,0 +1,243 @@ +/* + Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* based on Wei Dai's arc4.cpp from CryptoPP */ + +#include "runtime.hpp" +#include "arc4.hpp" + + +#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) + #define DO_ARC4_ASM +#endif + + +namespace TaoCrypt { + +void ARC4::SetKey(const byte* key, word32 length) +{ + x_ = 1; + y_ = 0; + + word32 i; + + for (i = 0; i < STATE_SIZE; i++) + state_[i] = i; + + word32 keyIndex = 0, stateIndex = 0; + + for (i = 0; i < STATE_SIZE; i++) { + word32 a = state_[i]; + stateIndex += key[keyIndex] + a; + stateIndex &= 0xFF; + state_[i] = state_[stateIndex]; + state_[stateIndex] = a; + + if (++keyIndex >= length) + keyIndex = 0; + } +} + + +// local +namespace { + +inline unsigned int MakeByte(word32& x, word32& y, byte* s) +{ + word32 a = s[x]; + y = (y+a) & 0xff; + + word32 b = s[y]; + s[x] = b; + s[y] = a; + x = (x+1) & 0xff; + + return s[(a+b) & 0xff]; +} + +} // namespace + + + +void ARC4::Process(byte* out, const byte* in, word32 length) +{ + if (length == 0) return; + +#ifdef DO_ARC4_ASM + if (isMMX) { + AsmProcess(out, in, length); + return; + } +#endif + + byte *const s = state_; + word32 x = x_; + word32 y = y_; + + if (in == out) + while (length--) + *out++ ^= MakeByte(x, y, s); + else + while(length--) + *out++ = *in++ ^ MakeByte(x, y, s); + x_ = x; + y_ = y; +} + + + +#ifdef DO_ARC4_ASM + +#ifdef _MSC_VER + __declspec(naked) +#else + __attribute__ ((noinline)) +#endif +void ARC4::AsmProcess(byte* out, const byte* in, word32 length) +{ +#ifdef __GNUC__ + #define AS1(x) #x ";" + #define AS2(x, y) #x ", " #y ";" + + #define PROLOG() \ + __asm__ __volatile__ \ + ( \ + ".intel_syntax noprefix;" \ + "push ebx;" \ + "push ebp;" \ + "mov ebp, eax;" + #define EPILOG() \ + "pop ebp;" \ + "pop ebx;" \ + "emms;" \ + ".att_syntax;" \ + : \ + : "c" (this), "D" (out), "S" (in), "a" (length) \ + : "%edx", "memory", "cc" \ + ); + +#else + #define AS1(x) __asm x + #define AS2(x, y) __asm x, y + + #define PROLOG() \ + AS1( push ebp ) \ + AS2( mov ebp, esp ) \ + AS2( movd mm3, edi ) \ + AS2( movd mm4, ebx ) \ + AS2( movd mm5, esi ) \ + AS2( movd mm6, ebp ) \ + AS2( mov edi, DWORD PTR [ebp + 8] ) \ + AS2( mov esi, DWORD PTR [ebp + 12] ) \ + AS2( mov ebp, DWORD PTR [ebp + 16] ) + + #define EPILOG() \ + AS2( movd ebp, mm6 ) \ + AS2( movd esi, mm5 ) \ + AS2( movd ebx, mm4 ) \ + AS2( movd edi, mm3 ) \ + AS2( mov esp, ebp ) \ + AS1( pop ebp ) \ + AS1( emms ) \ + AS1( ret 12 ) + +#endif + + PROLOG() + + AS2( sub esp, 4 ) // make room + + AS2( cmp ebp, 0 ) + AS1( jz nothing ) + + AS2( mov [esp], ebp ) // length + + AS2( movzx edx, BYTE PTR [ecx + 1] ) // y + AS2( lea ebp, [ecx + 2] ) // state_ + AS2( movzx ecx, BYTE PTR [ecx] ) // x + + // setup loop + // a = s[x]; + AS2( movzx eax, BYTE PTR [ebp + ecx] ) + + +#ifdef _MSC_VER + AS1( loopStart: ) // loopStart +#else + AS1( 0: ) // loopStart for some gas (need numeric for jump back +#endif + + // y = (y+a) & 0xff; + AS2( add edx, eax ) + AS2( and edx, 255 ) + + // b = s[y]; + AS2( movzx ebx, BYTE PTR [ebp + edx] ) + + // s[x] = b; + AS2( mov [ebp + ecx], bl ) + + // s[y] = a; + AS2( mov [ebp + edx], al ) + + // x = (x+1) & 0xff; + AS1( inc ecx ) + AS2( and ecx, 255 ) + + //return s[(a+b) & 0xff]; + AS2( add eax, ebx ) + AS2( and eax, 255 ) + + AS2( movzx ebx, BYTE PTR [ebp + eax] ) + + // a = s[x]; for next round + AS2( movzx eax, BYTE PTR [ebp + ecx] ) + + // xOr w/ inByte + AS2( xor bl, BYTE PTR [esi] ) + AS1( inc esi ) + + // write to outByte + AS2( mov [edi], bl ) + AS1( inc edi ) + + AS1( dec DWORD PTR [esp] ) +#ifdef _MSC_VER + AS1( jnz loopStart ) // loopStart +#else + AS1( jnz 0b ) // loopStart +#endif + + + // write back to x_ and y_ + AS2( mov [ebp - 2], cl ) + AS2( mov [ebp - 1], dl ) + + +AS1( nothing: ) + + // inline adjust + AS2( add esp, 4 ) // fix room on stack + + EPILOG() +} + +#endif // DO_ARC4_ASM + + +} // namespace diff --git a/mysql/extra/yassl/taocrypt/src/asn.cpp b/mysql/extra/yassl/taocrypt/src/asn.cpp new file mode 100644 index 0000000..e0aef45 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/src/asn.cpp @@ -0,0 +1,1348 @@ +/* + Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* asn.cpp implements ASN1 BER, PublicKey, and x509v3 decoding +*/ + +#include "runtime.hpp" +#include "asn.hpp" +#include "file.hpp" +#include "integer.hpp" +#include "rsa.hpp" +#include "dsa.hpp" +#include "dh.hpp" +#include "md5.hpp" +#include "md2.hpp" +#include "sha.hpp" +#include "coding.hpp" +#include // gmtime(); +#include "memory.hpp" // some auto_ptr don't have reset, also need auto_array + + +namespace TaoCrypt { + +// like atoi but only use first byte +word32 btoi(byte b) +{ + return b - 0x30; +} + + +// two byte date/time, add to value +void GetTime(int *value, const byte* date, int& i) +{ + *value += btoi(date[i++]) * 10; + *value += btoi(date[i++]); +} + + +bool ASN1_TIME_extract(const unsigned char* date, unsigned char format, + tm *t) +{ + int i = 0; + memset(t, 0, sizeof (tm)); + + if (format != UTC_TIME && format != GENERALIZED_TIME) + return false; + + if (format == UTC_TIME) { + if (btoi(date[0]) >= 5) + t->tm_year = 1900; + else + t->tm_year = 2000; + } + else { // format == GENERALIZED_TIME + t->tm_year += btoi(date[i++]) * 1000; + t->tm_year += btoi(date[i++]) * 100; + } + + GetTime(&t->tm_year, date, i); t->tm_year -= 1900; // adjust + GetTime(&t->tm_mon, date, i); t->tm_mon -= 1; // adjust + GetTime(&t->tm_mday, date, i); + GetTime(&t->tm_hour, date, i); + GetTime(&t->tm_min, date, i); + GetTime(&t->tm_sec, date, i); + + if (date[i] != 'Z') // only Zulu supported for this profile + return false; + return true; +} + + +namespace { // locals + + +// to the second +bool operator>(tm& a, tm& b) +{ + if (a.tm_year > b.tm_year) + return true; + + if (a.tm_year == b.tm_year && a.tm_mon > b.tm_mon) + return true; + + if (a.tm_year == b.tm_year && a.tm_mon == b.tm_mon && a.tm_mday >b.tm_mday) + return true; + + if (a.tm_year == b.tm_year && a.tm_mon == b.tm_mon && + a.tm_mday == b.tm_mday && a.tm_hour > b.tm_hour) + return true; + + if (a.tm_year == b.tm_year && a.tm_mon == b.tm_mon && + a.tm_mday == b.tm_mday && a.tm_hour == b.tm_hour && + a.tm_min > b.tm_min) + return true; + + if (a.tm_year == b.tm_year && a.tm_mon == b.tm_mon && + a.tm_mday == b.tm_mday && a.tm_hour == b.tm_hour && + a.tm_min == b.tm_min && a.tm_sec > b.tm_sec) + return true; + + return false; +} + + +bool operator<(tm& a, tm&b) +{ + return (b>a); +} + + +// Make sure before and after dates are valid +bool ValidateDate(const byte* date, byte format, CertDecoder::DateType dt) +{ + tm certTime; + + if (!ASN1_TIME_extract(date, format, &certTime)) + return false; + + time_t ltime = time(0); + tm* localTime = gmtime(<ime); + + if (dt == CertDecoder::BEFORE) { + if (*localTime < certTime) + return false; + } + else + if (*localTime > certTime) + return false; + + return true; +} + + +class BadCertificate {}; + +} // local namespace + + + +// used by Integer as well +word32 GetLength(Source& source) +{ + word32 length = 0; + + byte b = source.next(); + if (b >= LONG_LENGTH) { + word32 bytes = b & 0x7F; + + if (source.IsLeft(bytes) == false) return 0; + + while (bytes--) { + b = source.next(); + length = (length << 8) | b; + } + } + else + length = b; + + if (source.IsLeft(length) == false) return 0; + + return length; +} + + +word32 SetLength(word32 length, byte* output) +{ + word32 i = 0; + + if (length < LONG_LENGTH) + output[i++] = length; + else { + output[i++] = BytePrecision(length) | 0x80; + + for (int j = BytePrecision(length); j; --j) { + output[i] = length >> (j - 1) * 8; + i++; + } + } + return i; +} + + +PublicKey::PublicKey(const byte* k, word32 s) : key_(0), sz_(0) +{ + if (s) { + SetSize(s); + SetKey(k); + } +} + + +void PublicKey::SetSize(word32 s) +{ + sz_ = s; + key_ = NEW_TC byte[sz_]; +} + + +void PublicKey::SetKey(const byte* k) +{ + memcpy(key_, k, sz_); +} + + +void PublicKey::AddToEnd(const byte* data, word32 len) +{ + mySTL::auto_array tmp(NEW_TC byte[sz_ + len]); + + memcpy(tmp.get(), key_, sz_); + memcpy(tmp.get() + sz_, data, len); + + byte* del = 0; + STL::swap(del, key_); + tcArrayDelete(del); + + key_ = tmp.release(); + sz_ += len; +} + + +Signer::Signer(const byte* k, word32 kSz, const char* n, const byte* h) + : key_(k, kSz) +{ + size_t sz = strlen(n); + memcpy(name_, n, sz); + name_[sz] = 0; + + memcpy(hash_, h, SHA::DIGEST_SIZE); +} + +Signer::~Signer() +{ +} + + +Error BER_Decoder::GetError() +{ + return source_.GetError(); +} + + +Integer& BER_Decoder::GetInteger(Integer& integer) +{ + if (!source_.GetError().What()) + integer.Decode(source_); + return integer; +} + + +// Read a Sequence, return length +word32 BER_Decoder::GetSequence() +{ + if (source_.GetError().What()) return 0; + + byte b = source_.next(); + if (b != (SEQUENCE | CONSTRUCTED)) { + source_.SetError(SEQUENCE_E); + return 0; + } + + return GetLength(source_); +} + + +// Read a Sequence, return length +word32 BER_Decoder::GetSet() +{ + if (source_.GetError().What()) return 0; + + byte b = source_.next(); + if (b != (SET | CONSTRUCTED)) { + source_.SetError(SET_E); + return 0; + } + + return GetLength(source_); +} + + +// Read Version, return it +word32 BER_Decoder::GetVersion() +{ + if (source_.GetError().What()) return 0; + + byte b = source_.next(); + if (b != INTEGER) { + source_.SetError(INTEGER_E); + return 0; + } + + b = source_.next(); + if (b != 0x01) { + source_.SetError(VERSION_E); + return 0; + } + + return source_.next(); +} + + +// Read ExplicitVersion, return it or 0 if not there (not an error) +word32 BER_Decoder::GetExplicitVersion() +{ + if (source_.GetError().What()) return 0; + + byte b = source_.next(); + + if (b == (CONTEXT_SPECIFIC | CONSTRUCTED)) { // not an error if not here + source_.next(); + return GetVersion(); + } + else + source_.prev(); // put back + + return 0; +} + + +// Decode a BER encoded RSA Private Key +void RSA_Private_Decoder::Decode(RSA_PrivateKey& key) +{ + ReadHeader(); + if (source_.GetError().What()) return; + // public + key.SetModulus(GetInteger(Integer().Ref())); + key.SetPublicExponent(GetInteger(Integer().Ref())); + + // private + key.SetPrivateExponent(GetInteger(Integer().Ref())); + key.SetPrime1(GetInteger(Integer().Ref())); + key.SetPrime2(GetInteger(Integer().Ref())); + key.SetModPrime1PrivateExponent(GetInteger(Integer().Ref())); + key.SetModPrime2PrivateExponent(GetInteger(Integer().Ref())); + key.SetMultiplicativeInverseOfPrime2ModPrime1(GetInteger(Integer().Ref())); +} + + +void RSA_Private_Decoder::ReadHeader() +{ + GetSequence(); + GetVersion(); +} + + +// Decode a BER encoded DSA Private Key +void DSA_Private_Decoder::Decode(DSA_PrivateKey& key) +{ + ReadHeader(); + if (source_.GetError().What()) return; + // group parameters + key.SetModulus(GetInteger(Integer().Ref())); + key.SetSubGroupOrder(GetInteger(Integer().Ref())); + key.SetSubGroupGenerator(GetInteger(Integer().Ref())); + + // key + key.SetPublicPart(GetInteger(Integer().Ref())); + key.SetPrivatePart(GetInteger(Integer().Ref())); +} + + +void DSA_Private_Decoder::ReadHeader() +{ + GetSequence(); + GetVersion(); +} + + +// Decode a BER encoded RSA Public Key +void RSA_Public_Decoder::Decode(RSA_PublicKey& key) +{ + ReadHeader(); + if (source_.GetError().What()) return; + + ReadHeaderOpenSSL(); // may or may not be + if (source_.GetError().What()) return; + + // public key + key.SetModulus(GetInteger(Integer().Ref())); + key.SetPublicExponent(GetInteger(Integer().Ref())); +} + + +// Read OpenSSL format public header +void RSA_Public_Decoder::ReadHeaderOpenSSL() +{ + byte b = source_.next(); // peek + source_.prev(); + + if (b != INTEGER) { // have OpenSSL public format + GetSequence(); + b = source_.next(); + if (b != OBJECT_IDENTIFIER) { + source_.SetError(OBJECT_ID_E); + return; + } + + word32 len = GetLength(source_); + source_.advance(len); + + b = source_.next(); + if (b == TAG_NULL) { // could have NULL tag and 0 terminator, may not + b = source_.next(); + if (b != 0) { + source_.SetError(EXPECT_0_E); + return; + } + } + else + source_.prev(); // put back + + b = source_.next(); + if (b != BIT_STRING) { + source_.SetError(BIT_STR_E); + return; + } + + len = GetLength(source_); + b = source_.next(); + if (b != 0) // could have 0 + source_.prev(); // put back + + GetSequence(); + } +} + + +void RSA_Public_Decoder::ReadHeader() +{ + GetSequence(); +} + + +// Decode a BER encoded DSA Public Key +void DSA_Public_Decoder::Decode(DSA_PublicKey& key) +{ + ReadHeader(); + if (source_.GetError().What()) return; + + // group parameters + key.SetModulus(GetInteger(Integer().Ref())); + key.SetSubGroupOrder(GetInteger(Integer().Ref())); + key.SetSubGroupGenerator(GetInteger(Integer().Ref())); + + // key + key.SetPublicPart(GetInteger(Integer().Ref())); +} + + +void DSA_Public_Decoder::ReadHeader() +{ + GetSequence(); +} + + +void DH_Decoder::ReadHeader() +{ + GetSequence(); +} + + +// Decode a BER encoded Diffie-Hellman Key +void DH_Decoder::Decode(DH& key) +{ + ReadHeader(); + if (source_.GetError().What()) return; + + // group parms + key.SetP(GetInteger(Integer().Ref())); + key.SetG(GetInteger(Integer().Ref())); +} + + +CertDecoder::CertDecoder(Source& s, bool decode, SignerList* signers, + bool noVerify, CertType ct) + : BER_Decoder(s), certBegin_(0), sigIndex_(0), sigLength_(0), subCnPos_(-1), + subCnLen_(0), issCnPos_(-1), issCnLen_(0), signature_(0), + verify_(!noVerify) +{ + issuer_[0] = 0; + subject_[0] = 0; + + if (decode) + Decode(signers, ct); + +} + + +CertDecoder::~CertDecoder() +{ + tcArrayDelete(signature_); +} + + +// process certificate header, set signature offset +void CertDecoder::ReadHeader() +{ + if (source_.GetError().What()) return; + + GetSequence(); // total + certBegin_ = source_.get_index(); + + sigIndex_ = GetSequence(); // this cert + sigIndex_ += source_.get_index(); + + GetExplicitVersion(); // version + GetInteger(Integer().Ref()); // serial number +} + + +// Decode a x509v3 Certificate +void CertDecoder::Decode(SignerList* signers, CertType ct) +{ + if (source_.GetError().What()) return; + DecodeToKey(); + if (source_.GetError().What()) return; + + if (source_.get_index() != sigIndex_) + source_.set_index(sigIndex_); + + word32 confirmOID = GetAlgoId(); + GetSignature(); + if (source_.GetError().What()) return; + + if ( confirmOID != signatureOID_ ) { + source_.SetError(SIG_OID_E); + return; + } + + if (ct != CA && verify_ && !ValidateSignature(signers)) + source_.SetError(SIG_OTHER_E); +} + + +void CertDecoder::DecodeToKey() +{ + ReadHeader(); + signatureOID_ = GetAlgoId(); + GetName(ISSUER); + GetValidity(); + GetName(SUBJECT); + GetKey(); +} + + +// Read public key +void CertDecoder::GetKey() +{ + if (source_.GetError().What()) return; + + GetSequence(); + keyOID_ = GetAlgoId(); + + if (keyOID_ == RSAk) { + byte b = source_.next(); + if (b != BIT_STRING) { + source_.SetError(BIT_STR_E); + return; + } + b = source_.next(); // length, future + b = source_.next(); + while(b != 0) + b = source_.next(); + } + else if (keyOID_ == DSAk) + ; // do nothing + else { + source_.SetError(UNKNOWN_OID_E); + return; + } + + StoreKey(); + if (keyOID_ == DSAk) + AddDSA(); +} + + +// Save public key +void CertDecoder::StoreKey() +{ + if (source_.GetError().What()) return; + + word32 read = source_.get_index(); + word32 length = GetSequence(); + + read = source_.get_index() - read; + length += read; + + if (source_.GetError().What()) return; + while (read--) source_.prev(); + + if (source_.IsLeft(length) == false) return; + key_.SetSize(length); + key_.SetKey(source_.get_current()); + source_.advance(length); +} + + +// DSA has public key after group +void CertDecoder::AddDSA() +{ + if (source_.GetError().What()) return; + + byte b = source_.next(); + if (b != BIT_STRING) { + source_.SetError(BIT_STR_E); + return; + } + b = source_.next(); // length, future + b = source_.next(); + while(b != 0) + b = source_.next(); + + word32 idx = source_.get_index(); + b = source_.next(); + if (b != INTEGER) { + source_.SetError(INTEGER_E); + return; + } + + word32 length = GetLength(source_); + length += source_.get_index() - idx; + + if (source_.IsLeft(length) == false) return; + + key_.AddToEnd(source_.get_buffer() + idx, length); +} + + +// process algo OID by summing, return it +word32 CertDecoder::GetAlgoId() +{ + if (source_.GetError().What()) return 0; + word32 length = GetSequence(); + + if (source_.GetError().What()) return 0; + + byte b = source_.next(); + if (b != OBJECT_IDENTIFIER) { + source_.SetError(OBJECT_ID_E); + return 0; + } + + length = GetLength(source_); + if (source_.IsLeft(length) == false) return 0; + + word32 oid = 0; + while(length--) + oid += source_.next(); // just sum it up for now + + // could have NULL tag and 0 terminator, but may not + b = source_.next(); + if (b == TAG_NULL) { + b = source_.next(); + if (b != 0) { + source_.SetError(EXPECT_0_E); + return 0; + } + } + else + // go back, didn't have it + b = source_.prev(); + + return oid; +} + + +// read cert signature, store in signature_ +word32 CertDecoder::GetSignature() +{ + if (source_.GetError().What()) return 0; + byte b = source_.next(); + + if (b != BIT_STRING) { + source_.SetError(BIT_STR_E); + return 0; + } + + sigLength_ = GetLength(source_); + if (sigLength_ <= 1 || source_.IsLeft(sigLength_) == false) { + source_.SetError(CONTENT_E); + return 0; + } + + b = source_.next(); + if (b != 0) { + source_.SetError(EXPECT_0_E); + return 0; + } + sigLength_--; + + signature_ = NEW_TC byte[sigLength_]; + memcpy(signature_, source_.get_current(), sigLength_); + source_.advance(sigLength_); + + return sigLength_; +} + + +// read cert digest, store in signature_ +word32 CertDecoder::GetDigest() +{ + if (source_.GetError().What()) return 0; + byte b = source_.next(); + + if (b != OCTET_STRING) { + source_.SetError(OCTET_STR_E); + return 0; + } + + sigLength_ = GetLength(source_); + + signature_ = NEW_TC byte[sigLength_]; + memcpy(signature_, source_.get_current(), sigLength_); + source_.advance(sigLength_); + + return sigLength_; +} + + +// memory length checked add tag to buffer +char* CertDecoder::AddTag(char* ptr, const char* buf_end, const char* tag_name, + word32 tag_name_length, word32 tag_value_length) +{ + if (ptr + tag_name_length + tag_value_length > buf_end) { + source_.SetError(CONTENT_E); + return 0; + } + + memcpy(ptr, tag_name, tag_name_length); + ptr += tag_name_length; + + memcpy(ptr, source_.get_current(), tag_value_length); + ptr += tag_value_length; + + return ptr; +} + + +// process NAME, either issuer or subject +void CertDecoder::GetName(NameType nt) +{ + if (source_.GetError().What()) return; + + SHA sha; + word32 length = GetSequence(); // length of all distinguished names + + if (length >= ASN_NAME_MAX) + return; + if (source_.IsLeft(length) == false) return; + length += source_.get_index(); + + char* ptr; + char* buf_end; + + if (nt == ISSUER) { + ptr = issuer_; + buf_end = ptr + sizeof(issuer_) - 1; // 1 byte for trailing 0 + } + else { + ptr = subject_; + buf_end = ptr + sizeof(subject_) - 1; // 1 byte for trailing 0 + } + + while (source_.get_index() < length) { + GetSet(); + if (source_.GetError().What() == SET_E) { + source_.SetError(NO_ERROR_E); // extensions may only have sequence + source_.prev(); + } + GetSequence(); + + byte b = source_.next(); + if (b != OBJECT_IDENTIFIER) { + source_.SetError(OBJECT_ID_E); + return; + } + + word32 oidSz = GetLength(source_); + if (source_.IsLeft(oidSz) == false) return; + + byte joint[2]; + if (source_.IsLeft(sizeof(joint)) == false) return; + memcpy(joint, source_.get_current(), sizeof(joint)); + + // v1 name types + if (joint[0] == 0x55 && joint[1] == 0x04) { + source_.advance(2); + byte id = source_.next(); + b = source_.next(); // strType + word32 strLen = GetLength(source_); + + if (source_.IsLeft(strLen) == false) return; + + switch (id) { + case COMMON_NAME: + if (!(ptr = AddTag(ptr, buf_end, "/CN=", 4, strLen))) + return; + if (nt == ISSUER) { + issCnPos_ = (int)(ptr - strLen - issuer_); + issCnLen_ = (int)strLen; + } else { + subCnPos_ = (int)(ptr - strLen - subject_); + subCnLen_ = (int)strLen; + } + break; + case SUR_NAME: + if (!(ptr = AddTag(ptr, buf_end, "/SN=", 4, strLen))) + return; + break; + case COUNTRY_NAME: + if (!(ptr = AddTag(ptr, buf_end, "/C=", 3, strLen))) + return; + break; + case LOCALITY_NAME: + if (!(ptr = AddTag(ptr, buf_end, "/L=", 3, strLen))) + return; + break; + case STATE_NAME: + if (!(ptr = AddTag(ptr, buf_end, "/ST=", 4, strLen))) + return; + break; + case ORG_NAME: + if (!(ptr = AddTag(ptr, buf_end, "/O=", 3, strLen))) + return; + break; + case ORGUNIT_NAME: + if (!(ptr = AddTag(ptr, buf_end, "/OU=", 4, strLen))) + return; + break; + } + + sha.Update(source_.get_current(), strLen); + source_.advance(strLen); + } + else { + bool email = false; + if (joint[0] == 0x2a && joint[1] == 0x86) // email id hdr + email = true; + + source_.advance(oidSz + 1); + word32 length = GetLength(source_); + if (source_.IsLeft(length) == false) return; + + if (email) { + if (!(ptr = AddTag(ptr, buf_end, "/emailAddress=", 14, length))) + return; + } + + source_.advance(length); + } + } + + *ptr = 0; + + if (nt == ISSUER) + sha.Final(issuerHash_); + else + sha.Final(subjectHash_); +} + + +// process a Date, either BEFORE or AFTER +void CertDecoder::GetDate(DateType dt) +{ + if (source_.GetError().What()) return; + + byte b = source_.next(); + if (b != UTC_TIME && b != GENERALIZED_TIME) { + source_.SetError(TIME_E); + return; + } + + word32 length = GetLength(source_); + if (source_.IsLeft(length) == false) return; + + byte date[MAX_DATE_SZ]; + if (length > MAX_DATE_SZ || length < MIN_DATE_SZ) { + source_.SetError(DATE_SZ_E); + return; + } + + memcpy(date, source_.get_current(), length); + source_.advance(length); + + if (!ValidateDate(date, b, dt) && verify_) { + if (dt == BEFORE) + source_.SetError(BEFORE_DATE_E); + else + source_.SetError(AFTER_DATE_E); + } + + // save for later use + if (dt == BEFORE) { + memcpy(beforeDate_, date, length); + beforeDate_[length] = 0; + beforeDateType_= b; + } + else { // after + memcpy(afterDate_, date, length); + afterDate_[length] = 0; + afterDateType_= b; + } +} + + +void CertDecoder::GetValidity() +{ + if (source_.GetError().What()) return; + + GetSequence(); + GetDate(BEFORE); + GetDate(AFTER); +} + + +bool CertDecoder::ValidateSelfSignature() +{ + Source pub(key_.GetKey(), key_.size()); + return ConfirmSignature(pub); +} + + +// extract compare signature hash from plain and place into digest +void CertDecoder::GetCompareHash(const byte* plain, word32 sz, byte* digest, + word32 digSz) +{ + if (source_.GetError().What()) return; + + Source s(plain, sz); + CertDecoder dec(s, false); + + dec.GetSequence(); + dec.GetAlgoId(); + dec.GetDigest(); + + if (dec.sigLength_ > digSz) { + source_.SetError(SIG_LEN_E); + return; + } + + memcpy(digest, dec.signature_, dec.sigLength_); +} + + +// validate signature signed by someone else +bool CertDecoder::ValidateSignature(SignerList* signers) +{ + if (!signers) + return false; + + SignerList::iterator first = signers->begin(); + SignerList::iterator last = signers->end(); + + while (first != last) { + if ( memcmp(issuerHash_, (*first)->GetHash(), SHA::DIGEST_SIZE) == 0) { + + const PublicKey& iKey = (*first)->GetPublicKey(); + Source pub(iKey.GetKey(), iKey.size()); + return ConfirmSignature(pub); + } + ++first; + } + return false; +} + + +// confirm certificate signature +bool CertDecoder::ConfirmSignature(Source& pub) +{ + HashType ht; + mySTL::auto_ptr hasher; + + if (signatureOID_ == MD5wRSA) { + hasher.reset(NEW_TC MD5); + ht = MD5h; + } + else if (signatureOID_ == MD2wRSA) { + hasher.reset(NEW_TC MD2); + ht = MD2h; + } + else if (signatureOID_ == SHAwRSA || signatureOID_ == SHAwDSA) { + hasher.reset(NEW_TC SHA); + ht = SHAh; + } + else if (signatureOID_ == SHA256wRSA || signatureOID_ == SHA256wDSA) { + hasher.reset(NEW_TC SHA256); + ht = SHA256h; + } +#ifdef WORD64_AVAILABLE + else if (signatureOID_ == SHA384wRSA) { + hasher.reset(NEW_TC SHA384); + ht = SHA384h; + } + else if (signatureOID_ == SHA512wRSA) { + hasher.reset(NEW_TC SHA512); + ht = SHA512h; + } +#endif + else { + source_.SetError(UNKOWN_SIG_E); + return false; + } + + byte digest[MAX_SHA2_DIGEST_SIZE]; // largest size + + hasher->Update(source_.get_buffer() + certBegin_, sigIndex_ - certBegin_); + hasher->Final(digest); + + if (keyOID_ == RSAk) { + // put in ASN.1 signature format + Source build; + Signature_Encoder(digest, hasher->getDigestSize(), ht, build); + + RSA_PublicKey pubKey(pub); + RSAES_Encryptor enc(pubKey); + + if (pubKey.FixedCiphertextLength() != sigLength_) { + source_.SetError(SIG_LEN_E); + return false; + } + + return enc.SSL_Verify(build.get_buffer(), build.size(), signature_); + } + else { // DSA + // extract r and s from sequence + byte seqDecoded[DSA_SIG_SZ]; + memset(seqDecoded, 0, sizeof(seqDecoded)); + DecodeDSA_Signature(seqDecoded, signature_, sigLength_); + + DSA_PublicKey pubKey(pub); + DSA_Verifier ver(pubKey); + + return ver.Verify(digest, seqDecoded); + } +} + + +Signature_Encoder::Signature_Encoder(const byte* dig, word32 digSz, + HashType digOID, Source& source) +{ + // build bottom up + + // Digest + byte digArray[MAX_DIGEST_SZ]; + word32 digestSz = SetDigest(dig, digSz, digArray); + + // AlgoID + byte algoArray[MAX_ALGO_SZ]; + word32 algoSz = SetAlgoID(digOID, algoArray); + + // Sequence + byte seqArray[MAX_SEQ_SZ]; + word32 seqSz = SetSequence(digestSz + algoSz, seqArray); + + source.grow(seqSz + algoSz + digestSz); // make sure enough room + source.add(seqArray, seqSz); + source.add(algoArray, algoSz); + source.add(digArray, digestSz); +} + + + +word32 Signature_Encoder::SetDigest(const byte* d, word32 dSz, byte* output) +{ + output[0] = OCTET_STRING; + output[1] = dSz; + memcpy(&output[2], d, dSz); + + return dSz + 2; +} + + + +word32 DER_Encoder::SetAlgoID(HashType aOID, byte* output) +{ + // adding TAG_NULL and 0 to end + static const byte shaAlgoID[] = { 0x2b, 0x0e, 0x03, 0x02, 0x1a, + 0x05, 0x00 }; + static const byte md5AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, + 0x02, 0x05, 0x05, 0x00 }; + static const byte md2AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, + 0x02, 0x02, 0x05, 0x00}; + static const byte sha256AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, + 0x04, 0x02, 0x01, 0x05, 0x00 }; + static const byte sha384AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, + 0x04, 0x02, 0x02, 0x05, 0x00 }; + static const byte sha512AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, + 0x04, 0x02, 0x03, 0x05, 0x00 }; + int algoSz = 0; + const byte* algoName = 0; + + switch (aOID) { + case SHAh: + algoSz = sizeof(shaAlgoID); + algoName = shaAlgoID; + break; + + case SHA256h: + algoSz = sizeof(sha256AlgoID); + algoName = sha256AlgoID; + break; + + case SHA384h: + algoSz = sizeof(sha384AlgoID); + algoName = sha384AlgoID; + break; + + case SHA512h: + algoSz = sizeof(sha512AlgoID); + algoName = sha512AlgoID; + break; + + case MD2h: + algoSz = sizeof(md2AlgoID); + algoName = md2AlgoID; + break; + + case MD5h: + algoSz = sizeof(md5AlgoID); + algoName = md5AlgoID; + break; + + default: + error_.SetError(UNKOWN_HASH_E); + return 0; + } + + + byte ID_Length[MAX_LENGTH_SZ]; + word32 idSz = SetLength(algoSz - 2, ID_Length); // don't include TAG_NULL/0 + + byte seqArray[MAX_SEQ_SZ + 1]; // add object_id to end + word32 seqSz = SetSequence(idSz + algoSz + 1, seqArray); + seqArray[seqSz++] = OBJECT_IDENTIFIER; + + memcpy(output, seqArray, seqSz); + memcpy(output + seqSz, ID_Length, idSz); + memcpy(output + seqSz + idSz, algoName, algoSz); + + return seqSz + idSz + algoSz; +} + + +word32 SetSequence(word32 len, byte* output) +{ + + output[0] = SEQUENCE | CONSTRUCTED; + return SetLength(len, output + 1) + 1; +} + + +word32 EncodeDSA_Signature(const byte* signature, byte* output) +{ + Integer r(signature, 20); + Integer s(signature + 20, 20); + + return EncodeDSA_Signature(r, s, output); +} + + +word32 EncodeDSA_Signature(const Integer& r, const Integer& s, byte* output) +{ + word32 rSz = r.ByteCount(); + word32 sSz = s.ByteCount(); + + byte rLen[MAX_LENGTH_SZ + 1]; + byte sLen[MAX_LENGTH_SZ + 1]; + + rLen[0] = INTEGER; + sLen[0] = INTEGER; + + word32 rLenSz = SetLength(rSz, &rLen[1]) + 1; + word32 sLenSz = SetLength(sSz, &sLen[1]) + 1; + + byte seqArray[MAX_SEQ_SZ]; + + word32 seqSz = SetSequence(rLenSz + rSz + sLenSz + sSz, seqArray); + + // seq + memcpy(output, seqArray, seqSz); + // r + memcpy(output + seqSz, rLen, rLenSz); + r.Encode(output + seqSz + rLenSz, rSz); + // s + memcpy(output + seqSz + rLenSz + rSz, sLen, sLenSz); + s.Encode(output + seqSz + rLenSz + rSz + sLenSz, sSz); + + return seqSz + rLenSz + rSz + sLenSz + sSz; +} + + +// put sequence encoded dsa signature into decoded in 2 20 byte integers +word32 DecodeDSA_Signature(byte* decoded, const byte* encoded, word32 sz) +{ + Source source(encoded, sz); + + if (source.next() != (SEQUENCE | CONSTRUCTED)) { + source.SetError(SEQUENCE_E); + return 0; + } + + GetLength(source); // total + + // r + if (source.next() != INTEGER) { + source.SetError(INTEGER_E); + return 0; + } + word32 rLen = GetLength(source); + if (rLen != 20) { + while (rLen > 20 && source.remaining() > 0) { // zero's at front, eat + source.next(); + --rLen; + } + if (rLen < 20) { // add zero's to front so 20 bytes + word32 tmpLen = rLen; + while (tmpLen < 20) { + decoded[0] = 0; + decoded++; + tmpLen++; + } + } + } + memcpy(decoded, source.get_buffer() + source.get_index(), rLen); + source.advance(rLen); + + // s + if (source.next() != INTEGER) { + source.SetError(INTEGER_E); + return 0; + } + word32 sLen = GetLength(source); + if (sLen != 20) { + while (sLen > 20 && source.remaining() > 0) { + source.next(); // zero's at front, eat + --sLen; + } + if (sLen < 20) { // add zero's to front so 20 bytes + word32 tmpLen = sLen; + while (tmpLen < 20) { + decoded[rLen] = 0; + decoded++; + tmpLen++; + } + } + } + memcpy(decoded + rLen, source.get_buffer() + source.get_index(), sLen); + source.advance(sLen); + + return 40; +} + + +/* +// Get Cert in PEM format from BEGIN to END +int GetCert(Source& source) +{ + char header[] = "-----BEGIN CERTIFICATE-----"; + char footer[] = "-----END CERTIFICATE-----"; + + char* begin = strstr((char*)source.get_buffer(), header); + char* end = strstr((char*)source.get_buffer(), footer); + + if (!begin || !end || begin >= end) return -1; + + end += strlen(footer); + if (*end == '\r') end++; + + Source tmp((byte*)begin, end - begin + 1); + source.Swap(tmp); + + return 0; +} + + + +// Decode a BER encoded PKCS12 structure +void PKCS12_Decoder::Decode() +{ + ReadHeader(); + if (source_.GetError().What()) return; + + // Get AuthSafe + + GetSequence(); + + // get object id + byte obj_id = source_.next(); + if (obj_id != OBJECT_IDENTIFIER) { + source_.SetError(OBJECT_ID_E); + return; + } + + word32 length = GetLength(source_); + + word32 algo_sum = 0; + while (length--) + algo_sum += source_.next(); + + + + + + + // Get MacData optional + // mac digestInfo like certdecoder::getdigest? + // macsalt octet string + // iter integer + +} + + +void PKCS12_Decoder::ReadHeader() +{ + // Gets Version + GetSequence(); + GetVersion(); +} + + +// Get Cert in PEM format from pkcs12 file +int GetPKCS_Cert(const char* password, Source& source) +{ + PKCS12_Decoder pkcs12(source); + pkcs12.Decode(); + + return 0; +} +*/ + + + +} // namespace diff --git a/mysql/extra/yassl/taocrypt/src/coding.cpp b/mysql/extra/yassl/taocrypt/src/coding.cpp new file mode 100644 index 0000000..bc4727c --- /dev/null +++ b/mysql/extra/yassl/taocrypt/src/coding.cpp @@ -0,0 +1,266 @@ +/* + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* coding.cpp implements hex and base64 encoding/decoing +*/ + +#include "runtime.hpp" +#include "coding.hpp" +#include "file.hpp" + + +namespace TaoCrypt { + + +namespace { // locals + +const byte bad = 0xFF; // invalid encoding + +const byte hexEncode[] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', + 'A', 'B', 'C', 'D', 'E', 'F' + }; + +const byte hexDecode[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, + bad, bad, bad, bad, bad, bad, bad, + 10, 11, 12, 13, 14, 15 + }; // A starts at 0x41 not 0x3A + + +const byte base64Encode[] = { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', + 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', + 'U', 'V', 'W', 'X', 'Y', 'Z', + 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', + 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', + 'u', 'v', 'w', 'x', 'y', 'z', + '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', + '+', '/' + }; + +const byte base64Decode[] = { 62, bad, bad, bad, 63, // + starts at 0x2B + 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, + bad, bad, bad, bad, bad, bad, bad, + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, + 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, + 20, 21, 22, 23, 24, 25, + bad, bad, bad, bad, bad, bad, + 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, + 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, + 46, 47, 48, 49, 50, 51 + }; + +const byte pad = '='; +const int pemLineSz = 64; + +} // local namespace + + +// Hex Encode +void HexEncoder::Encode() +{ + word32 bytes = plain_.size(); + encoded_.New(bytes * 2); + + word32 i = 0; + + while (bytes--) { + byte p = plain_.next(); + + byte b = p >> 4; + byte b2 = p & 0xF; + + encoded_[i++] = hexEncode[b]; + encoded_[i++] = hexEncode[b2]; + } + + plain_.reset(encoded_); +} + + +// Hex Decode +void HexDecoder::Decode() +{ + word32 bytes = coded_.size(); + decoded_.New(bytes / 2); + + word32 i(0); + + while (bytes) { + byte b = coded_.next() - 0x30; // 0 starts at 0x30 + byte b2 = coded_.next() - 0x30; + + // sanity checks + if (b >= sizeof(hexDecode)/sizeof(hexDecode[0])) { + coded_.SetError(PEM_E); + return; + } + if (b2 >= sizeof(hexDecode)/sizeof(hexDecode[0])) { + coded_.SetError(PEM_E); + return; + } + + b = hexDecode[b]; + b2 = hexDecode[b2]; + + decoded_[i++] = (b << 4) | b2; + bytes -= 2; + } + + coded_.reset(decoded_); +} + + +// Base 64 Encode +void Base64Encoder::Encode() +{ + word32 bytes = plain_.size(); + word32 outSz = (bytes + 3 - 1) / 3 * 4; + + outSz += (outSz + pemLineSz - 1) / pemLineSz; // new lines + encoded_.New(outSz); + + word32 i = 0; + word32 j = 0; + + while (bytes > 2) { + byte b1 = plain_.next(); + byte b2 = plain_.next(); + byte b3 = plain_.next(); + + // encoded idx + byte e1 = b1 >> 2; + byte e2 = ((b1 & 0x3) << 4) | (b2 >> 4); + byte e3 = ((b2 & 0xF) << 2) | (b3 >> 6); + byte e4 = b3 & 0x3F; + + // store + encoded_[i++] = base64Encode[e1]; + encoded_[i++] = base64Encode[e2]; + encoded_[i++] = base64Encode[e3]; + encoded_[i++] = base64Encode[e4]; + + bytes -= 3; + + if ((++j % 16) == 0 && bytes) + encoded_[i++] = '\n'; + } + + // last integral + if (bytes) { + bool twoBytes = (bytes == 2); + + byte b1 = plain_.next(); + byte b2 = (twoBytes) ? plain_.next() : 0; + + byte e1 = b1 >> 2; + byte e2 = ((b1 & 0x3) << 4) | (b2 >> 4); + byte e3 = (b2 & 0xF) << 2; + + encoded_[i++] = base64Encode[e1]; + encoded_[i++] = base64Encode[e2]; + encoded_[i++] = (twoBytes) ? base64Encode[e3] : pad; + encoded_[i++] = pad; + } + + encoded_[i++] = '\n'; + + if (i == outSz) + plain_.reset(encoded_); +} + + +// Base 64 Decode +void Base64Decoder::Decode() +{ + word32 bytes = coded_.size(); + word32 plainSz = bytes - ((bytes + (pemLineSz - 1)) / pemLineSz); + const byte maxIdx = (byte)sizeof(base64Decode) + 0x2B - 1; + plainSz = ((plainSz * 3) / 4) + 3; + decoded_.New(plainSz); + + word32 i = 0; + word32 j = 0; + + while (bytes > 3) { + byte e1 = coded_.next(); + byte e2 = coded_.next(); + byte e3 = coded_.next(); + byte e4 = coded_.next(); + + if (e1 == 0) // end file 0's + break; + + bool pad3 = false; + bool pad4 = false; + if (e3 == pad) + pad3 = true; + if (e4 == pad) + pad4 = true; + + if (e1 < 0x2B || e2 < 0x2B || e3 < 0x2B || e4 < 0x2B) { + coded_.SetError(PEM_E); + return; + } + + if (e1 > maxIdx || e2 > maxIdx || e3 > maxIdx || e4 > maxIdx) { + coded_.SetError(PEM_E); + return; + } + + e1 = base64Decode[e1 - 0x2B]; + e2 = base64Decode[e2 - 0x2B]; + e3 = (e3 == pad) ? 0 : base64Decode[e3 - 0x2B]; + e4 = (e4 == pad) ? 0 : base64Decode[e4 - 0x2B]; + + byte b1 = (e1 << 2) | (e2 >> 4); + byte b2 = ((e2 & 0xF) << 4) | (e3 >> 2); + byte b3 = ((e3 & 0x3) << 6) | e4; + + decoded_[i++] = b1; + if (!pad3) + decoded_[i++] = b2; + if (!pad4) + decoded_[i++] = b3; + else + break; + + bytes -= 4; + if ((++j % 16) == 0) { + byte endLine = coded_.next(); + bytes--; + while (endLine == ' ') { // remove possible whitespace + endLine = coded_.next(); + bytes--; + } + if (endLine == '\r') { + endLine = coded_.next(); + bytes--; + } + if (endLine != '\n') { + coded_.SetError(PEM_E); + return; + } + } + } + + if (i != decoded_.size()) + decoded_.resize(i); + coded_.reset(decoded_); +} + + +} // namespace diff --git a/mysql/extra/yassl/taocrypt/src/des.cpp b/mysql/extra/yassl/taocrypt/src/des.cpp new file mode 100644 index 0000000..53777f0 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/src/des.cpp @@ -0,0 +1,778 @@ +/* + Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* C++ part based on Wei Dai's des.cpp from CryptoPP */ +/* x86 asm is original */ + + +#if defined(TAOCRYPT_KERNEL_MODE) + #define DO_TAOCRYPT_KERNEL_MODE +#endif // only some modules now support this + + +#include "runtime.hpp" +#include "des.hpp" +#ifdef USE_SYS_STL + #include +#else + #include "algorithm.hpp" +#endif + + +namespace STL = STL_NAMESPACE; + + + +namespace TaoCrypt { + + +/* permuted choice table (key) */ +static const byte pc1[] = { + 57, 49, 41, 33, 25, 17, 9, + 1, 58, 50, 42, 34, 26, 18, + 10, 2, 59, 51, 43, 35, 27, + 19, 11, 3, 60, 52, 44, 36, + + 63, 55, 47, 39, 31, 23, 15, + 7, 62, 54, 46, 38, 30, 22, + 14, 6, 61, 53, 45, 37, 29, + 21, 13, 5, 28, 20, 12, 4 +}; + +/* number left rotations of pc1 */ +static const byte totrot[] = { + 1,2,4,6,8,10,12,14,15,17,19,21,23,25,27,28 +}; + +/* permuted choice key (table) */ +static const byte pc2[] = { + 14, 17, 11, 24, 1, 5, + 3, 28, 15, 6, 21, 10, + 23, 19, 12, 4, 26, 8, + 16, 7, 27, 20, 13, 2, + 41, 52, 31, 37, 47, 55, + 30, 40, 51, 45, 33, 48, + 44, 49, 39, 56, 34, 53, + 46, 42, 50, 36, 29, 32 +}; + +/* End of DES-defined tables */ + +/* bit 0 is left-most in byte */ +static const int bytebit[] = { + 0200,0100,040,020,010,04,02,01 +}; + +const word32 Spbox[8][64] = { +{ +0x01010400,0x00000000,0x00010000,0x01010404, +0x01010004,0x00010404,0x00000004,0x00010000, +0x00000400,0x01010400,0x01010404,0x00000400, +0x01000404,0x01010004,0x01000000,0x00000004, +0x00000404,0x01000400,0x01000400,0x00010400, +0x00010400,0x01010000,0x01010000,0x01000404, +0x00010004,0x01000004,0x01000004,0x00010004, +0x00000000,0x00000404,0x00010404,0x01000000, +0x00010000,0x01010404,0x00000004,0x01010000, +0x01010400,0x01000000,0x01000000,0x00000400, +0x01010004,0x00010000,0x00010400,0x01000004, +0x00000400,0x00000004,0x01000404,0x00010404, +0x01010404,0x00010004,0x01010000,0x01000404, +0x01000004,0x00000404,0x00010404,0x01010400, +0x00000404,0x01000400,0x01000400,0x00000000, +0x00010004,0x00010400,0x00000000,0x01010004}, +{ +0x80108020,0x80008000,0x00008000,0x00108020, +0x00100000,0x00000020,0x80100020,0x80008020, +0x80000020,0x80108020,0x80108000,0x80000000, +0x80008000,0x00100000,0x00000020,0x80100020, +0x00108000,0x00100020,0x80008020,0x00000000, +0x80000000,0x00008000,0x00108020,0x80100000, +0x00100020,0x80000020,0x00000000,0x00108000, +0x00008020,0x80108000,0x80100000,0x00008020, +0x00000000,0x00108020,0x80100020,0x00100000, +0x80008020,0x80100000,0x80108000,0x00008000, +0x80100000,0x80008000,0x00000020,0x80108020, +0x00108020,0x00000020,0x00008000,0x80000000, +0x00008020,0x80108000,0x00100000,0x80000020, +0x00100020,0x80008020,0x80000020,0x00100020, +0x00108000,0x00000000,0x80008000,0x00008020, +0x80000000,0x80100020,0x80108020,0x00108000}, +{ +0x00000208,0x08020200,0x00000000,0x08020008, +0x08000200,0x00000000,0x00020208,0x08000200, +0x00020008,0x08000008,0x08000008,0x00020000, +0x08020208,0x00020008,0x08020000,0x00000208, +0x08000000,0x00000008,0x08020200,0x00000200, +0x00020200,0x08020000,0x08020008,0x00020208, +0x08000208,0x00020200,0x00020000,0x08000208, +0x00000008,0x08020208,0x00000200,0x08000000, +0x08020200,0x08000000,0x00020008,0x00000208, +0x00020000,0x08020200,0x08000200,0x00000000, +0x00000200,0x00020008,0x08020208,0x08000200, +0x08000008,0x00000200,0x00000000,0x08020008, +0x08000208,0x00020000,0x08000000,0x08020208, +0x00000008,0x00020208,0x00020200,0x08000008, +0x08020000,0x08000208,0x00000208,0x08020000, +0x00020208,0x00000008,0x08020008,0x00020200}, +{ +0x00802001,0x00002081,0x00002081,0x00000080, +0x00802080,0x00800081,0x00800001,0x00002001, +0x00000000,0x00802000,0x00802000,0x00802081, +0x00000081,0x00000000,0x00800080,0x00800001, +0x00000001,0x00002000,0x00800000,0x00802001, +0x00000080,0x00800000,0x00002001,0x00002080, +0x00800081,0x00000001,0x00002080,0x00800080, +0x00002000,0x00802080,0x00802081,0x00000081, +0x00800080,0x00800001,0x00802000,0x00802081, +0x00000081,0x00000000,0x00000000,0x00802000, +0x00002080,0x00800080,0x00800081,0x00000001, +0x00802001,0x00002081,0x00002081,0x00000080, +0x00802081,0x00000081,0x00000001,0x00002000, +0x00800001,0x00002001,0x00802080,0x00800081, +0x00002001,0x00002080,0x00800000,0x00802001, +0x00000080,0x00800000,0x00002000,0x00802080}, +{ +0x00000100,0x02080100,0x02080000,0x42000100, +0x00080000,0x00000100,0x40000000,0x02080000, +0x40080100,0x00080000,0x02000100,0x40080100, +0x42000100,0x42080000,0x00080100,0x40000000, +0x02000000,0x40080000,0x40080000,0x00000000, +0x40000100,0x42080100,0x42080100,0x02000100, +0x42080000,0x40000100,0x00000000,0x42000000, +0x02080100,0x02000000,0x42000000,0x00080100, +0x00080000,0x42000100,0x00000100,0x02000000, +0x40000000,0x02080000,0x42000100,0x40080100, +0x02000100,0x40000000,0x42080000,0x02080100, +0x40080100,0x00000100,0x02000000,0x42080000, +0x42080100,0x00080100,0x42000000,0x42080100, +0x02080000,0x00000000,0x40080000,0x42000000, +0x00080100,0x02000100,0x40000100,0x00080000, +0x00000000,0x40080000,0x02080100,0x40000100}, +{ +0x20000010,0x20400000,0x00004000,0x20404010, +0x20400000,0x00000010,0x20404010,0x00400000, +0x20004000,0x00404010,0x00400000,0x20000010, +0x00400010,0x20004000,0x20000000,0x00004010, +0x00000000,0x00400010,0x20004010,0x00004000, +0x00404000,0x20004010,0x00000010,0x20400010, +0x20400010,0x00000000,0x00404010,0x20404000, +0x00004010,0x00404000,0x20404000,0x20000000, +0x20004000,0x00000010,0x20400010,0x00404000, +0x20404010,0x00400000,0x00004010,0x20000010, +0x00400000,0x20004000,0x20000000,0x00004010, +0x20000010,0x20404010,0x00404000,0x20400000, +0x00404010,0x20404000,0x00000000,0x20400010, +0x00000010,0x00004000,0x20400000,0x00404010, +0x00004000,0x00400010,0x20004010,0x00000000, +0x20404000,0x20000000,0x00400010,0x20004010}, +{ +0x00200000,0x04200002,0x04000802,0x00000000, +0x00000800,0x04000802,0x00200802,0x04200800, +0x04200802,0x00200000,0x00000000,0x04000002, +0x00000002,0x04000000,0x04200002,0x00000802, +0x04000800,0x00200802,0x00200002,0x04000800, +0x04000002,0x04200000,0x04200800,0x00200002, +0x04200000,0x00000800,0x00000802,0x04200802, +0x00200800,0x00000002,0x04000000,0x00200800, +0x04000000,0x00200800,0x00200000,0x04000802, +0x04000802,0x04200002,0x04200002,0x00000002, +0x00200002,0x04000000,0x04000800,0x00200000, +0x04200800,0x00000802,0x00200802,0x04200800, +0x00000802,0x04000002,0x04200802,0x04200000, +0x00200800,0x00000000,0x00000002,0x04200802, +0x00000000,0x00200802,0x04200000,0x00000800, +0x04000002,0x04000800,0x00000800,0x00200002}, +{ +0x10001040,0x00001000,0x00040000,0x10041040, +0x10000000,0x10001040,0x00000040,0x10000000, +0x00040040,0x10040000,0x10041040,0x00041000, +0x10041000,0x00041040,0x00001000,0x00000040, +0x10040000,0x10000040,0x10001000,0x00001040, +0x00041000,0x00040040,0x10040040,0x10041000, +0x00001040,0x00000000,0x00000000,0x10040040, +0x10000040,0x10001000,0x00041040,0x00040000, +0x00041040,0x00040000,0x10041000,0x00001000, +0x00000040,0x10040040,0x00001000,0x00041040, +0x10001000,0x00000040,0x10000040,0x10040000, +0x10040040,0x10000000,0x00040000,0x10001040, +0x00000000,0x10041040,0x00040040,0x10000040, +0x10040000,0x10001000,0x10001040,0x00000000, +0x10041040,0x00041000,0x00041000,0x00001040, +0x00001040,0x00040040,0x10000000,0x10041000} +}; + + +void BasicDES::SetKey(const byte* key, word32 /*length*/, CipherDir dir) +{ + byte buffer[56+56+8]; + byte *const pc1m = buffer; /* place to modify pc1 into */ + byte *const pcr = pc1m + 56; /* place to rotate pc1 into */ + byte *const ks = pcr + 56; + int i,j,l; + int m; + + for (j = 0; j < 56; j++) { /* convert pc1 to bits of key */ + l = pc1[j] - 1; /* integer bit location */ + m = l & 07; /* find bit */ + pc1m[j] = (key[l >> 3] & /* find which key byte l is in */ + bytebit[m]) /* and which bit of that byte */ + ? 1 : 0; /* and store 1-bit result */ + } + for (i = 0; i < 16; i++) { /* key chunk for each iteration */ + memset(ks, 0, 8); /* Clear key schedule */ + for (j = 0; j < 56; j++) /* rotate pc1 the right amount */ + pcr[j] = pc1m[(l = j + totrot[i]) < (j < 28 ? 28 : 56) ? l: l-28]; + /* rotate left and right halves independently */ + for (j = 0; j < 48; j++){ /* select bits individually */ + /* check bit that goes to ks[j] */ + if (pcr[pc2[j] - 1]){ + /* mask it in if it's there */ + l= j % 6; + ks[j/6] |= bytebit[l] >> 2; + } + } + /* Now convert to odd/even interleaved form for use in F */ + k_[2*i] = ((word32)ks[0] << 24) + | ((word32)ks[2] << 16) + | ((word32)ks[4] << 8) + | ((word32)ks[6]); + k_[2*i + 1] = ((word32)ks[1] << 24) + | ((word32)ks[3] << 16) + | ((word32)ks[5] << 8) + | ((word32)ks[7]); + } + + // reverse key schedule order + if (dir == DECRYPTION) + for (i = 0; i < 16; i += 2) { + STL::swap(k_[i], k_[32 - 2 - i]); + STL::swap(k_[i+1], k_[32 - 1 - i]); + } + +} + +static inline void IPERM(word32& left, word32& right) +{ + word32 work; + + right = rotlFixed(right, 4U); + work = (left ^ right) & 0xf0f0f0f0; + left ^= work; + + right = rotrFixed(right^work, 20U); + work = (left ^ right) & 0xffff0000; + left ^= work; + + right = rotrFixed(right^work, 18U); + work = (left ^ right) & 0x33333333; + left ^= work; + + right = rotrFixed(right^work, 6U); + work = (left ^ right) & 0x00ff00ff; + left ^= work; + + right = rotlFixed(right^work, 9U); + work = (left ^ right) & 0xaaaaaaaa; + left = rotlFixed(left^work, 1U); + right ^= work; +} + +static inline void FPERM(word32& left, word32& right) +{ + word32 work; + + right = rotrFixed(right, 1U); + work = (left ^ right) & 0xaaaaaaaa; + right ^= work; + left = rotrFixed(left^work, 9U); + work = (left ^ right) & 0x00ff00ff; + right ^= work; + left = rotlFixed(left^work, 6U); + work = (left ^ right) & 0x33333333; + right ^= work; + left = rotlFixed(left^work, 18U); + work = (left ^ right) & 0xffff0000; + right ^= work; + left = rotlFixed(left^work, 20U); + work = (left ^ right) & 0xf0f0f0f0; + right ^= work; + left = rotrFixed(left^work, 4U); +} + + +void BasicDES::RawProcessBlock(word32& lIn, word32& rIn) const +{ + word32 l = lIn, r = rIn; + const word32* kptr = k_; + + for (unsigned i=0; i<8; i++) + { + word32 work = rotrFixed(r, 4U) ^ kptr[4*i+0]; + l ^= Spbox[6][(work) & 0x3f] + ^ Spbox[4][(work >> 8) & 0x3f] + ^ Spbox[2][(work >> 16) & 0x3f] + ^ Spbox[0][(work >> 24) & 0x3f]; + work = r ^ kptr[4*i+1]; + l ^= Spbox[7][(work) & 0x3f] + ^ Spbox[5][(work >> 8) & 0x3f] + ^ Spbox[3][(work >> 16) & 0x3f] + ^ Spbox[1][(work >> 24) & 0x3f]; + + work = rotrFixed(l, 4U) ^ kptr[4*i+2]; + r ^= Spbox[6][(work) & 0x3f] + ^ Spbox[4][(work >> 8) & 0x3f] + ^ Spbox[2][(work >> 16) & 0x3f] + ^ Spbox[0][(work >> 24) & 0x3f]; + work = l ^ kptr[4*i+3]; + r ^= Spbox[7][(work) & 0x3f] + ^ Spbox[5][(work >> 8) & 0x3f] + ^ Spbox[3][(work >> 16) & 0x3f] + ^ Spbox[1][(work >> 24) & 0x3f]; + } + + lIn = l; rIn = r; +} + + + +typedef BlockGetAndPut Block; + + +void DES::ProcessAndXorBlock(const byte* in, const byte* xOr, byte* out) const +{ + word32 l,r; + Block::Get(in)(l)(r); + IPERM(l,r); + + RawProcessBlock(l, r); + + FPERM(l,r); + Block::Put(xOr, out)(r)(l); +} + + +void DES_EDE2::SetKey(const byte* key, word32 sz, CipherDir dir) +{ + des1_.SetKey(key, sz, dir); + des2_.SetKey(key + 8, sz, ReverseDir(dir)); +} + + +void DES_EDE2::ProcessAndXorBlock(const byte* in, const byte* xOr, + byte* out) const +{ + word32 l,r; + Block::Get(in)(l)(r); + IPERM(l,r); + + des1_.RawProcessBlock(l, r); + des2_.RawProcessBlock(r, l); + des1_.RawProcessBlock(l, r); + + FPERM(l,r); + Block::Put(xOr, out)(r)(l); +} + + +void DES_EDE3::SetKey(const byte* key, word32 sz, CipherDir dir) +{ + des1_.SetKey(key+(dir==ENCRYPTION?0:2*8), sz, dir); + des2_.SetKey(key+8, sz, ReverseDir(dir)); + des3_.SetKey(key+(dir==DECRYPTION?0:2*8), sz, dir); +} + + + +#if defined(DO_DES_ASM) + +// ia32 optimized version +void DES_EDE3::Process(byte* out, const byte* in, word32 sz) +{ + if (!isMMX) { + Mode_BASE::Process(out, in, sz); + return; + } + + word32 blocks = sz / DES_BLOCK_SIZE; + + if (mode_ == CBC) + if (dir_ == ENCRYPTION) + while (blocks--) { + r_[0] ^= *(word32*)in; + r_[1] ^= *(word32*)(in + 4); + + AsmProcess((byte*)r_, (byte*)r_, (void*)Spbox); + + memcpy(out, r_, DES_BLOCK_SIZE); + + in += DES_BLOCK_SIZE; + out += DES_BLOCK_SIZE; + } + else + while (blocks--) { + AsmProcess(in, out, (void*)Spbox); + + *(word32*)out ^= r_[0]; + *(word32*)(out + 4) ^= r_[1]; + + memcpy(r_, in, DES_BLOCK_SIZE); + + out += DES_BLOCK_SIZE; + in += DES_BLOCK_SIZE; + } + else + while (blocks--) { + AsmProcess(in, out, (void*)Spbox); + + out += DES_BLOCK_SIZE; + in += DES_BLOCK_SIZE; + } +} + +#endif // DO_DES_ASM + + +void DES_EDE3::ProcessAndXorBlock(const byte* in, const byte* xOr, + byte* out) const +{ + word32 l,r; + Block::Get(in)(l)(r); + IPERM(l,r); + + des1_.RawProcessBlock(l, r); + des2_.RawProcessBlock(r, l); + des3_.RawProcessBlock(l, r); + + FPERM(l,r); + Block::Put(xOr, out)(r)(l); +} + + +#if defined(DO_DES_ASM) + +/* Uses IPERM algorithm from above + + left is in eax + right is in ebx + + uses ecx +*/ +#define AsmIPERM() \ + AS2( rol ebx, 4 ) \ + AS2( mov ecx, eax ) \ + AS2( xor ecx, ebx ) \ + AS2( and ecx, 0xf0f0f0f0 ) \ + AS2( xor ebx, ecx ) \ + AS2( xor eax, ecx ) \ + AS2( ror ebx, 20 ) \ + AS2( mov ecx, eax ) \ + AS2( xor ecx, ebx ) \ + AS2( and ecx, 0xffff0000 ) \ + AS2( xor ebx, ecx ) \ + AS2( xor eax, ecx ) \ + AS2( ror ebx, 18 ) \ + AS2( mov ecx, eax ) \ + AS2( xor ecx, ebx ) \ + AS2( and ecx, 0x33333333 ) \ + AS2( xor ebx, ecx ) \ + AS2( xor eax, ecx ) \ + AS2( ror ebx, 6 ) \ + AS2( mov ecx, eax ) \ + AS2( xor ecx, ebx ) \ + AS2( and ecx, 0x00ff00ff ) \ + AS2( xor ebx, ecx ) \ + AS2( xor eax, ecx ) \ + AS2( rol ebx, 9 ) \ + AS2( mov ecx, eax ) \ + AS2( xor ecx, ebx ) \ + AS2( and ecx, 0xaaaaaaaa ) \ + AS2( xor eax, ecx ) \ + AS2( rol eax, 1 ) \ + AS2( xor ebx, ecx ) + + +/* Uses FPERM algorithm from above + + left is in eax + right is in ebx + + uses ecx +*/ +#define AsmFPERM() \ + AS2( ror ebx, 1 ) \ + AS2( mov ecx, eax ) \ + AS2( xor ecx, ebx ) \ + AS2( and ecx, 0xaaaaaaaa ) \ + AS2( xor eax, ecx ) \ + AS2( xor ebx, ecx ) \ + AS2( ror eax, 9 ) \ + AS2( mov ecx, ebx ) \ + AS2( xor ecx, eax ) \ + AS2( and ecx, 0x00ff00ff ) \ + AS2( xor eax, ecx ) \ + AS2( xor ebx, ecx ) \ + AS2( rol eax, 6 ) \ + AS2( mov ecx, ebx ) \ + AS2( xor ecx, eax ) \ + AS2( and ecx, 0x33333333 ) \ + AS2( xor eax, ecx ) \ + AS2( xor ebx, ecx ) \ + AS2( rol eax, 18 ) \ + AS2( mov ecx, ebx ) \ + AS2( xor ecx, eax ) \ + AS2( and ecx, 0xffff0000 ) \ + AS2( xor eax, ecx ) \ + AS2( xor ebx, ecx ) \ + AS2( rol eax, 20 ) \ + AS2( mov ecx, ebx ) \ + AS2( xor ecx, eax ) \ + AS2( and ecx, 0xf0f0f0f0 ) \ + AS2( xor eax, ecx ) \ + AS2( xor ebx, ecx ) \ + AS2( ror eax, 4 ) + + + + +/* DesRound implements this algorithm: + + word32 work = rotrFixed(r, 4U) ^ key[0]; + l ^= Spbox[6][(work) & 0x3f] + ^ Spbox[4][(work >> 8) & 0x3f] + ^ Spbox[2][(work >> 16) & 0x3f] + ^ Spbox[0][(work >> 24) & 0x3f]; + work = r ^ key[1]; + l ^= Spbox[7][(work) & 0x3f] + ^ Spbox[5][(work >> 8) & 0x3f] + ^ Spbox[3][(work >> 16) & 0x3f] + ^ Spbox[1][(work >> 24) & 0x3f]; + + work = rotrFixed(l, 4U) ^ key[2]; + r ^= Spbox[6][(work) & 0x3f] + ^ Spbox[4][(work >> 8) & 0x3f] + ^ Spbox[2][(work >> 16) & 0x3f] + ^ Spbox[0][(work >> 24) & 0x3f]; + work = l ^ key[3]; + r ^= Spbox[7][(work) & 0x3f] + ^ Spbox[5][(work >> 8) & 0x3f] + ^ Spbox[3][(work >> 16) & 0x3f] + ^ Spbox[1][(work >> 24) & 0x3f]; + + left is in aex + right is in ebx + key is in edx + + edvances key for next round + + uses ecx, esi, and edi +*/ +#define DesRound() \ + AS2( mov ecx, ebx )\ + AS2( mov esi, DWORD PTR [edx] )\ + AS2( ror ecx, 4 )\ + AS2( xor ecx, esi )\ + AS2( and ecx, 0x3f3f3f3f )\ + AS2( movzx esi, cl )\ + AS2( movzx edi, ch )\ + AS2( xor eax, [ebp + esi*4 + 6*256] )\ + AS2( shr ecx, 16 )\ + AS2( xor eax, [ebp + edi*4 + 4*256] )\ + AS2( movzx esi, cl )\ + AS2( movzx edi, ch )\ + AS2( xor eax, [ebp + esi*4 + 2*256] )\ + AS2( mov esi, DWORD PTR [edx + 4] )\ + AS2( xor eax, [ebp + edi*4] )\ + AS2( mov ecx, ebx )\ + AS2( xor ecx, esi )\ + AS2( and ecx, 0x3f3f3f3f )\ + AS2( movzx esi, cl )\ + AS2( movzx edi, ch )\ + AS2( xor eax, [ebp + esi*4 + 7*256] )\ + AS2( shr ecx, 16 )\ + AS2( xor eax, [ebp + edi*4 + 5*256] )\ + AS2( movzx esi, cl )\ + AS2( movzx edi, ch )\ + AS2( xor eax, [ebp + esi*4 + 3*256] )\ + AS2( mov esi, DWORD PTR [edx + 8] )\ + AS2( xor eax, [ebp + edi*4 + 1*256] )\ + AS2( mov ecx, eax )\ + AS2( ror ecx, 4 )\ + AS2( xor ecx, esi )\ + AS2( and ecx, 0x3f3f3f3f )\ + AS2( movzx esi, cl )\ + AS2( movzx edi, ch )\ + AS2( xor ebx, [ebp + esi*4 + 6*256] )\ + AS2( shr ecx, 16 )\ + AS2( xor ebx, [ebp + edi*4 + 4*256] )\ + AS2( movzx esi, cl )\ + AS2( movzx edi, ch )\ + AS2( xor ebx, [ebp + esi*4 + 2*256] )\ + AS2( mov esi, DWORD PTR [edx + 12] )\ + AS2( xor ebx, [ebp + edi*4] )\ + AS2( mov ecx, eax )\ + AS2( xor ecx, esi )\ + AS2( and ecx, 0x3f3f3f3f )\ + AS2( movzx esi, cl )\ + AS2( movzx edi, ch )\ + AS2( xor ebx, [ebp + esi*4 + 7*256] )\ + AS2( shr ecx, 16 )\ + AS2( xor ebx, [ebp + edi*4 + 5*256] )\ + AS2( movzx esi, cl )\ + AS2( movzx edi, ch )\ + AS2( xor ebx, [ebp + esi*4 + 3*256] )\ + AS2( add edx, 16 )\ + AS2( xor ebx, [ebp + edi*4 + 1*256] ) + + +#ifdef _MSC_VER + __declspec(naked) +#else + __attribute__ ((noinline)) +#endif +void DES_EDE3::AsmProcess(const byte* in, byte* out, void* box) const +{ +#ifdef __GNUC__ + #define AS1(x) #x ";" + #define AS2(x, y) #x ", " #y ";" + + #define PROLOG() \ + __asm__ __volatile__ \ + ( \ + ".intel_syntax noprefix;" \ + "push ebx;" \ + "push ebp;" \ + "movd mm6, ebp;" \ + "movd mm7, ecx;" \ + "mov ebp, eax;" + #define EPILOG() \ + "pop ebp;" \ + "pop ebx;" \ + "emms;" \ + ".att_syntax;" \ + : \ + : "d" (this), "S" (in), "a" (box), "c" (out) \ + : "%edi", "memory", "cc" \ + ); + +#else + #define AS1(x) __asm x + #define AS2(x, y) __asm x, y + + #define PROLOG() \ + AS1( push ebp ) \ + AS2( mov ebp, esp ) \ + AS2( movd mm3, edi ) \ + AS2( movd mm4, ebx ) \ + AS2( movd mm5, esi ) \ + AS2( movd mm6, ebp ) \ + AS2( mov esi, DWORD PTR [ebp + 8] ) \ + AS2( mov edx, ecx ) \ + AS2( mov ebp, DWORD PTR [ebp + 16] ) + + // ebp restored at end + #define EPILOG() \ + AS2( movd edi, mm3 ) \ + AS2( movd ebx, mm4 ) \ + AS2( movd esi, mm5 ) \ + AS2( mov esp, ebp ) \ + AS1( pop ebp ) \ + AS1( emms ) \ + AS1( ret 12 ) + +#endif + + + PROLOG() + + AS2( movd mm2, edx ) + + #ifdef OLD_GCC_OFFSET + AS2( add edx, 60 ) // des1 = des1 key + #else + AS2( add edx, 56 ) // des1 = des1 key + #endif + + AS2( mov eax, DWORD PTR [esi] ) + AS2( mov ebx, DWORD PTR [esi + 4] ) + AS1( bswap eax ) // left + AS1( bswap ebx ) // right + + AsmIPERM() + + DesRound() // 1 + DesRound() // 2 + DesRound() // 3 + DesRound() // 4 + DesRound() // 5 + DesRound() // 6 + DesRound() // 7 + DesRound() // 8 + + // swap left and right + AS2( xchg eax, ebx ) + + DesRound() // 1 + DesRound() // 2 + DesRound() // 3 + DesRound() // 4 + DesRound() // 5 + DesRound() // 6 + DesRound() // 7 + DesRound() // 8 + + // swap left and right + AS2( xchg eax, ebx ) + + DesRound() // 1 + DesRound() // 2 + DesRound() // 3 + DesRound() // 4 + DesRound() // 5 + DesRound() // 6 + DesRound() // 7 + DesRound() // 8 + + AsmFPERM() + + //end + AS2( movd ebp, mm6 ) + + // swap and write out + AS1( bswap ebx ) + AS1( bswap eax ) + +#ifdef __GNUC__ + AS2( movd esi, mm7 ) // outBlock +#else + AS2( mov esi, DWORD PTR [ebp + 12] ) // outBlock +#endif + + AS2( mov DWORD PTR [esi], ebx ) // right first + AS2( mov DWORD PTR [esi + 4], eax ) + + + EPILOG() +} + + + +#endif // defined(DO_DES_ASM) + + +} // namespace diff --git a/mysql/extra/yassl/taocrypt/src/dh.cpp b/mysql/extra/yassl/taocrypt/src/dh.cpp new file mode 100644 index 0000000..615a8c6 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/src/dh.cpp @@ -0,0 +1,103 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + + +/* dh.cpp implements Diffie-Hellman support +*/ + +#include "runtime.hpp" +#include "dh.hpp" +#include "asn.hpp" +#include + +namespace TaoCrypt { + + +namespace { // locals + +unsigned int DiscreteLogWorkFactor(unsigned int n) +{ + // assuming discrete log takes about the same time as factoring + if (n<5) + return 0; + else + return (unsigned int)(2.4 * pow((double)n, 1.0/3.0) * + pow(log(double(n)), 2.0/3.0) - 5); +} + +} // namespace locals + + +// Generate a DH Key Pair +void DH::GenerateKeyPair(RandomNumberGenerator& rng, byte* priv, byte* pub) +{ + GeneratePrivate(rng, priv); + GeneratePublic(priv, pub); +} + + +// Generate private value +void DH::GeneratePrivate(RandomNumberGenerator& rng, byte* priv) +{ + Integer x(rng, Integer::One(), min(p_ - 1, + Integer::Power2(2*DiscreteLogWorkFactor(p_.BitCount())) ) ); + x.Encode(priv, p_.ByteCount()); +} + + +// Generate public value +void DH::GeneratePublic(const byte* priv, byte* pub) +{ + const word32 bc(p_.ByteCount()); + Integer x(priv, bc); + Integer y(a_exp_b_mod_c(g_, x, p_)); + y.Encode(pub, bc); +} + + +// Generate Agreement +void DH::Agree(byte* agree, const byte* priv, const byte* otherPub, word32 + otherSz) +{ + const word32 bc(p_.ByteCount()); + Integer x(priv, bc); + Integer y; + if (otherSz) + y.Decode(otherPub, otherSz); + else + y.Decode(otherPub, bc); + + Integer z(a_exp_b_mod_c(y, x, p_)); + z.Encode(agree, bc); +} + + +DH::DH(Source& source) +{ + Initialize(source); +} + + +void DH::Initialize(Source& source) +{ + DH_Decoder decoder(source); + decoder.Decode(*this); +} + + +} // namespace diff --git a/mysql/extra/yassl/taocrypt/src/dsa.cpp b/mysql/extra/yassl/taocrypt/src/dsa.cpp new file mode 100644 index 0000000..b19fed9 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/src/dsa.cpp @@ -0,0 +1,274 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + + +#include "runtime.hpp" +#include "dsa.hpp" +#include "sha.hpp" +#include "asn.hpp" +#include "modarith.hpp" + + +namespace TaoCrypt { + + +void DSA_PublicKey::Swap(DSA_PublicKey& other) +{ + p_.Swap(other.p_); + q_.Swap(other.q_); + g_.Swap(other.g_); + y_.Swap(other.y_); +} + + +DSA_PublicKey::DSA_PublicKey(const DSA_PublicKey& other) + : p_(other.p_), q_(other.q_), g_(other.g_), y_(other.y_) +{} + + +DSA_PublicKey& DSA_PublicKey::operator=(const DSA_PublicKey& that) +{ + DSA_PublicKey tmp(that); + Swap(tmp); + return *this; +} + + +DSA_PublicKey::DSA_PublicKey(Source& source) +{ + Initialize(source); +} + + +void DSA_PublicKey::Initialize(Source& source) +{ + DSA_Public_Decoder decoder(source); + decoder.Decode(*this); +} + + +void DSA_PublicKey::Initialize(const Integer& p, const Integer& q, + const Integer& g, const Integer& y) +{ + p_ = p; + q_ = q; + g_ = g; + y_ = y; +} + + +const Integer& DSA_PublicKey::GetModulus() const +{ + return p_; +} + +const Integer& DSA_PublicKey::GetSubGroupOrder() const +{ + return q_; +} + + +const Integer& DSA_PublicKey::GetSubGroupGenerator() const +{ + return g_; +} + + +const Integer& DSA_PublicKey::GetPublicPart() const +{ + return y_; +} + + +void DSA_PublicKey::SetModulus(const Integer& p) +{ + p_ = p; +} + + +void DSA_PublicKey::SetSubGroupOrder(const Integer& q) +{ + q_ = q; +} + + +void DSA_PublicKey::SetSubGroupGenerator(const Integer& g) +{ + g_ = g; +} + + +void DSA_PublicKey::SetPublicPart(const Integer& y) +{ + y_ = y; +} + + +word32 DSA_PublicKey::SignatureLength() const +{ + return GetSubGroupOrder().ByteCount() * 2; // r and s +} + + + +DSA_PrivateKey::DSA_PrivateKey(Source& source) +{ + Initialize(source); +} + + +void DSA_PrivateKey::Initialize(Source& source) +{ + DSA_Private_Decoder decoder(source); + decoder.Decode(*this); +} + + +void DSA_PrivateKey::Initialize(const Integer& p, const Integer& q, + const Integer& g, const Integer& y, + const Integer& x) +{ + DSA_PublicKey::Initialize(p, q, g, y); + x_ = x; +} + + +const Integer& DSA_PrivateKey::GetPrivatePart() const +{ + return x_; +} + + +void DSA_PrivateKey::SetPrivatePart(const Integer& x) +{ + x_ = x; +} + + +DSA_Signer::DSA_Signer(const DSA_PrivateKey& key) + : key_(key) +{} + + +word32 DSA_Signer::Sign(const byte* sha_digest, byte* sig, + RandomNumberGenerator& rng) +{ + const Integer& p = key_.GetModulus(); + const Integer& q = key_.GetSubGroupOrder(); + const Integer& g = key_.GetSubGroupGenerator(); + const Integer& x = key_.GetPrivatePart(); + byte* tmpPtr = sig; // initial signature output + + Integer k(rng, 1, q - 1); + + r_ = a_exp_b_mod_c(g, k, p); + r_ %= q; + + Integer H(sha_digest, SHA::DIGEST_SIZE); // sha Hash(m) + + Integer kInv = k.InverseMod(q); + s_ = (kInv * (H + x*r_)) % q; + + if (!(!!r_ && !!s_)) + return -1; + + int rSz = r_.ByteCount(); + int tmpSz = rSz; + + while (tmpSz++ < SHA::DIGEST_SIZE) { + *sig++ = 0; + } + + r_.Encode(sig, rSz); + + sig = tmpPtr + SHA::DIGEST_SIZE; // advance sig output to s + int sSz = s_.ByteCount(); + tmpSz = sSz; + + while (tmpSz++ < SHA::DIGEST_SIZE) { + *sig++ = 0; + } + + s_.Encode(sig, sSz); + + return 40; +} + + +DSA_Verifier::DSA_Verifier(const DSA_PublicKey& key) + : key_(key) +{} + + +bool DSA_Verifier::Verify(const byte* sha_digest, const byte* sig) +{ + const Integer& p = key_.GetModulus(); + const Integer& q = key_.GetSubGroupOrder(); + const Integer& g = key_.GetSubGroupGenerator(); + const Integer& y = key_.GetPublicPart(); + + int sz = q.ByteCount(); + + r_.Decode(sig, sz); + s_.Decode(sig + sz, sz); + + if (r_ >= q || r_ < 1 || s_ >= q || s_ < 1) + return false; + + Integer H(sha_digest, SHA::DIGEST_SIZE); // sha Hash(m) + + Integer w = s_.InverseMod(q); + Integer u1 = (H * w) % q; + Integer u2 = (r_ * w) % q; + + // verify r == ((g^u1 * y^u2) mod p) mod q + ModularArithmetic ma(p); + Integer v = ma.CascadeExponentiate(g, u1, y, u2); + v %= q; + + return r_ == v; +} + + + + +const Integer& DSA_Signer::GetR() const +{ + return r_; +} + + +const Integer& DSA_Signer::GetS() const +{ + return s_; +} + + +const Integer& DSA_Verifier::GetR() const +{ + return r_; +} + + +const Integer& DSA_Verifier::GetS() const +{ + return s_; +} + + +} // namespace diff --git a/mysql/extra/yassl/taocrypt/src/file.cpp b/mysql/extra/yassl/taocrypt/src/file.cpp new file mode 100644 index 0000000..7c2044b --- /dev/null +++ b/mysql/extra/yassl/taocrypt/src/file.cpp @@ -0,0 +1,115 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* file.cpp implements File Sources and Sinks +*/ + +#include "runtime.hpp" +#include "file.hpp" + + +namespace TaoCrypt { + + +FileSource::FileSource(const char* fname, Source& source) +{ + file_ = fopen(fname, "rb"); + if (file_) get(source); +} + + +FileSource::~FileSource() +{ + if (file_) + fclose(file_); +} + + + +// return size of source from beginning or current position +word32 FileSource::size(bool use_current) +{ + long current = ftell(file_); + long begin = current; + + if (!use_current) { + fseek(file_, 0, SEEK_SET); + begin = ftell(file_); + } + + fseek(file_, 0, SEEK_END); + long end = ftell(file_); + + fseek(file_, current, SEEK_SET); + + return end - begin; +} + + +word32 FileSource::size_left() +{ + return size(true); +} + + +// fill file source from source +word32 FileSource::get(Source& source) +{ + word32 sz(size()); + if (source.size() < sz) + source.grow(sz); + + size_t bytes = fread(source.buffer_.get_buffer(), 1, sz, file_); + + if (bytes == 1) + return sz; + else + return 0; +} + + +FileSink::FileSink(const char* fname, Source& source) +{ + file_ = fopen(fname, "wb"); + if (file_) put(source); +} + + +FileSink::~FileSink() +{ + if (file_) + fclose(file_); +} + + +// fill source from file sink +void FileSink::put(Source& source) +{ + fwrite(source.get_buffer(), 1, source.size(), file_); +} + + +// swap with other and reset to beginning +void Source::reset(ByteBlock& otherBlock) +{ + buffer_.Swap(otherBlock); + current_ = 0; +} + + +} // namespace diff --git a/mysql/extra/yassl/taocrypt/src/hash.cpp b/mysql/extra/yassl/taocrypt/src/hash.cpp new file mode 100644 index 0000000..c176e6a --- /dev/null +++ b/mysql/extra/yassl/taocrypt/src/hash.cpp @@ -0,0 +1,191 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* hash.cpp implements a base for digest types +*/ + +#include "runtime.hpp" +#include + +#include "hash.hpp" + + +namespace TaoCrypt { + + +HASHwithTransform::HASHwithTransform(word32 digSz, word32 buffSz) +{ +} + + +void HASHwithTransform::AddLength(word32 len) +{ + HashLengthType tmp = loLen_; + if ( (loLen_ += len) < tmp) + hiLen_++; // carry low to high + hiLen_ += SafeRightShift<8*sizeof(HashLengthType)>(len); +} + + +// Update digest with data of size len, do in blocks +void HASHwithTransform::Update(const byte* data, word32 len) +{ + // do block size increments + word32 blockSz = getBlockSize(); + byte* local = reinterpret_cast(buffer_); + + while (len) { + word32 add = min(len, blockSz - buffLen_); + memcpy(&local[buffLen_], data, add); + + buffLen_ += add; + data += add; + len -= add; + + if (buffLen_ == blockSz) { + ByteReverseIf(local, local, blockSz, getByteOrder()); + Transform(); + AddLength(blockSz); + buffLen_ = 0; + } + } +} + + +// Final process, place digest in hash +void HASHwithTransform::Final(byte* hash) +{ + word32 blockSz = getBlockSize(); + word32 digestSz = getDigestSize(); + word32 padSz = getPadSize(); + ByteOrder order = getByteOrder(); + + AddLength(buffLen_); // before adding pads + HashLengthType preLoLen = GetBitCountLo(); + HashLengthType preHiLen = GetBitCountHi(); + byte* local = reinterpret_cast(buffer_); + + local[buffLen_++] = 0x80; // add 1 + + // pad with zeros + if (buffLen_ > padSz) { + memset(&local[buffLen_], 0, blockSz - buffLen_); + buffLen_ += blockSz - buffLen_; + + ByteReverseIf(local, local, blockSz, order); + Transform(); + buffLen_ = 0; + } + memset(&local[buffLen_], 0, padSz - buffLen_); + + ByteReverseIf(local, local, blockSz, order); + + memcpy(&local[padSz], order ? &preHiLen : &preLoLen, sizeof(preLoLen)); + memcpy(&local[padSz+4], order ? &preLoLen : &preHiLen, sizeof(preLoLen)); + + Transform(); + ByteReverseIf(digest_, digest_, digestSz, order); + memcpy(hash, digest_, digestSz); + + Init(); // reset state +} + + +#ifdef WORD64_AVAILABLE + +HASH64withTransform::HASH64withTransform(word32 digSz, word32 buffSz) +{ +} + + +void HASH64withTransform::AddLength(word32 len) +{ + HashLengthType tmp = loLen_; + if ( (loLen_ += len) < tmp) + hiLen_++; // carry low to high + hiLen_ += SafeRightShift<8*sizeof(HashLengthType)>(len); +} + + +// Update digest with data of size len, do in blocks +void HASH64withTransform::Update(const byte* data, word32 len) +{ + // do block size increments + word32 blockSz = getBlockSize(); + byte* local = reinterpret_cast(buffer_); + + while (len) { + word32 add = min(len, blockSz - buffLen_); + memcpy(&local[buffLen_], data, add); + + buffLen_ += add; + data += add; + len -= add; + + if (buffLen_ == blockSz) { + ByteReverseIf(buffer_, buffer_, blockSz, getByteOrder()); + Transform(); + AddLength(blockSz); + buffLen_ = 0; + } + } +} + + +// Final process, place digest in hash +void HASH64withTransform::Final(byte* hash) +{ + word32 blockSz = getBlockSize(); + word32 digestSz = getDigestSize(); + word32 padSz = getPadSize(); + ByteOrder order = getByteOrder(); + + AddLength(buffLen_); // before adding pads + HashLengthType preLoLen = GetBitCountLo(); + HashLengthType preHiLen = GetBitCountHi(); + byte* local = reinterpret_cast(buffer_); + + local[buffLen_++] = 0x80; // add 1 + + // pad with zeros + if (buffLen_ > padSz) { + memset(&local[buffLen_], 0, blockSz - buffLen_); + buffLen_ += blockSz - buffLen_; + + ByteReverseIf(buffer_, buffer_, blockSz, order); + Transform(); + buffLen_ = 0; + } + memset(&local[buffLen_], 0, padSz - buffLen_); + + ByteReverseIf(buffer_, buffer_, padSz, order); + + buffer_[blockSz / sizeof(word64) - 2] = order ? preHiLen : preLoLen; + buffer_[blockSz / sizeof(word64) - 1] = order ? preLoLen : preHiLen; + + Transform(); + ByteReverseIf(digest_, digest_, digestSz, order); + memcpy(hash, digest_, digestSz); + + Init(); // reset state +} + +#endif // WORD64_AVAILABLE + + +} // namespace diff --git a/mysql/extra/yassl/taocrypt/src/hc128.cpp b/mysql/extra/yassl/taocrypt/src/hc128.cpp new file mode 100644 index 0000000..1d329c8 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/src/hc128.cpp @@ -0,0 +1,317 @@ +/* + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + + +#include "runtime.hpp" +#include "hc128.hpp" + + + +namespace TaoCrypt { + + + + +#ifdef BIG_ENDIAN_ORDER + #define LITTLE32(x) ByteReverse((word32)x) +#else + #define LITTLE32(x) (x) +#endif + + +/*h1 function*/ +#define h1(x, y) { \ + byte a,c; \ + a = (byte) (x); \ + c = (byte) ((x) >> 16); \ + y = (T_[512+a])+(T_[512+256+c]); \ +} + +/*h2 function*/ +#define h2(x, y) { \ + byte a,c; \ + a = (byte) (x); \ + c = (byte) ((x) >> 16); \ + y = (T_[a])+(T_[256+c]); \ +} + +/*one step of HC-128, update P and generate 32 bits keystream*/ +#define step_P(u,v,a,b,c,d,n){ \ + word32 tem0,tem1,tem2,tem3; \ + h1((X_[(d)]),tem3); \ + tem0 = rotrFixed((T_[(v)]),23); \ + tem1 = rotrFixed((X_[(c)]),10); \ + tem2 = rotrFixed((X_[(b)]),8); \ + (T_[(u)]) += tem2+(tem0 ^ tem1); \ + (X_[(a)]) = (T_[(u)]); \ + (n) = tem3 ^ (T_[(u)]) ; \ +} + +/*one step of HC-128, update Q and generate 32 bits keystream*/ +#define step_Q(u,v,a,b,c,d,n){ \ + word32 tem0,tem1,tem2,tem3; \ + h2((Y_[(d)]),tem3); \ + tem0 = rotrFixed((T_[(v)]),(32-23)); \ + tem1 = rotrFixed((Y_[(c)]),(32-10)); \ + tem2 = rotrFixed((Y_[(b)]),(32-8)); \ + (T_[(u)]) += tem2 + (tem0 ^ tem1); \ + (Y_[(a)]) = (T_[(u)]); \ + (n) = tem3 ^ (T_[(u)]) ; \ +} + + +/*16 steps of HC-128, generate 512 bits keystream*/ +void HC128::GenerateKeystream(word32* keystream) +{ + word32 cc,dd; + cc = counter1024_ & 0x1ff; + dd = (cc+16)&0x1ff; + + if (counter1024_ < 512) + { + counter1024_ = (counter1024_ + 16) & 0x3ff; + step_P(cc+0, cc+1, 0, 6, 13,4, keystream[0]); + step_P(cc+1, cc+2, 1, 7, 14,5, keystream[1]); + step_P(cc+2, cc+3, 2, 8, 15,6, keystream[2]); + step_P(cc+3, cc+4, 3, 9, 0, 7, keystream[3]); + step_P(cc+4, cc+5, 4, 10,1, 8, keystream[4]); + step_P(cc+5, cc+6, 5, 11,2, 9, keystream[5]); + step_P(cc+6, cc+7, 6, 12,3, 10,keystream[6]); + step_P(cc+7, cc+8, 7, 13,4, 11,keystream[7]); + step_P(cc+8, cc+9, 8, 14,5, 12,keystream[8]); + step_P(cc+9, cc+10,9, 15,6, 13,keystream[9]); + step_P(cc+10,cc+11,10,0, 7, 14,keystream[10]); + step_P(cc+11,cc+12,11,1, 8, 15,keystream[11]); + step_P(cc+12,cc+13,12,2, 9, 0, keystream[12]); + step_P(cc+13,cc+14,13,3, 10,1, keystream[13]); + step_P(cc+14,cc+15,14,4, 11,2, keystream[14]); + step_P(cc+15,dd+0, 15,5, 12,3, keystream[15]); + } + else + { + counter1024_ = (counter1024_ + 16) & 0x3ff; + step_Q(512+cc+0, 512+cc+1, 0, 6, 13,4, keystream[0]); + step_Q(512+cc+1, 512+cc+2, 1, 7, 14,5, keystream[1]); + step_Q(512+cc+2, 512+cc+3, 2, 8, 15,6, keystream[2]); + step_Q(512+cc+3, 512+cc+4, 3, 9, 0, 7, keystream[3]); + step_Q(512+cc+4, 512+cc+5, 4, 10,1, 8, keystream[4]); + step_Q(512+cc+5, 512+cc+6, 5, 11,2, 9, keystream[5]); + step_Q(512+cc+6, 512+cc+7, 6, 12,3, 10,keystream[6]); + step_Q(512+cc+7, 512+cc+8, 7, 13,4, 11,keystream[7]); + step_Q(512+cc+8, 512+cc+9, 8, 14,5, 12,keystream[8]); + step_Q(512+cc+9, 512+cc+10,9, 15,6, 13,keystream[9]); + step_Q(512+cc+10,512+cc+11,10,0, 7, 14,keystream[10]); + step_Q(512+cc+11,512+cc+12,11,1, 8, 15,keystream[11]); + step_Q(512+cc+12,512+cc+13,12,2, 9, 0, keystream[12]); + step_Q(512+cc+13,512+cc+14,13,3, 10,1, keystream[13]); + step_Q(512+cc+14,512+cc+15,14,4, 11,2, keystream[14]); + step_Q(512+cc+15,512+dd+0, 15,5, 12,3, keystream[15]); + } +} + + +/* The following defines the initialization functions */ +#define f1(x) (rotrFixed((x),7) ^ rotrFixed((x),18) ^ ((x) >> 3)) +#define f2(x) (rotrFixed((x),17) ^ rotrFixed((x),19) ^ ((x) >> 10)) + +/*update table P*/ +#define update_P(u,v,a,b,c,d){ \ + word32 tem0,tem1,tem2,tem3; \ + tem0 = rotrFixed((T_[(v)]),23); \ + tem1 = rotrFixed((X_[(c)]),10); \ + tem2 = rotrFixed((X_[(b)]),8); \ + h1((X_[(d)]),tem3); \ + (T_[(u)]) = ((T_[(u)]) + tem2+(tem0^tem1)) ^ tem3; \ + (X_[(a)]) = (T_[(u)]); \ +} + +/*update table Q*/ +#define update_Q(u,v,a,b,c,d){ \ + word32 tem0,tem1,tem2,tem3; \ + tem0 = rotrFixed((T_[(v)]),(32-23)); \ + tem1 = rotrFixed((Y_[(c)]),(32-10)); \ + tem2 = rotrFixed((Y_[(b)]),(32-8)); \ + h2((Y_[(d)]),tem3); \ + (T_[(u)]) = ((T_[(u)]) + tem2+(tem0^tem1)) ^ tem3; \ + (Y_[(a)]) = (T_[(u)]); \ +} + +/*16 steps of HC-128, without generating keystream, */ +/*but use the outputs to update P and Q*/ +void HC128::SetupUpdate() /*each time 16 steps*/ +{ + word32 cc,dd; + cc = counter1024_ & 0x1ff; + dd = (cc+16)&0x1ff; + + if (counter1024_ < 512) + { + counter1024_ = (counter1024_ + 16) & 0x3ff; + update_P(cc+0, cc+1, 0, 6, 13, 4); + update_P(cc+1, cc+2, 1, 7, 14, 5); + update_P(cc+2, cc+3, 2, 8, 15, 6); + update_P(cc+3, cc+4, 3, 9, 0, 7); + update_P(cc+4, cc+5, 4, 10,1, 8); + update_P(cc+5, cc+6, 5, 11,2, 9); + update_P(cc+6, cc+7, 6, 12,3, 10); + update_P(cc+7, cc+8, 7, 13,4, 11); + update_P(cc+8, cc+9, 8, 14,5, 12); + update_P(cc+9, cc+10,9, 15,6, 13); + update_P(cc+10,cc+11,10,0, 7, 14); + update_P(cc+11,cc+12,11,1, 8, 15); + update_P(cc+12,cc+13,12,2, 9, 0); + update_P(cc+13,cc+14,13,3, 10, 1); + update_P(cc+14,cc+15,14,4, 11, 2); + update_P(cc+15,dd+0, 15,5, 12, 3); + } + else + { + counter1024_ = (counter1024_ + 16) & 0x3ff; + update_Q(512+cc+0, 512+cc+1, 0, 6, 13, 4); + update_Q(512+cc+1, 512+cc+2, 1, 7, 14, 5); + update_Q(512+cc+2, 512+cc+3, 2, 8, 15, 6); + update_Q(512+cc+3, 512+cc+4, 3, 9, 0, 7); + update_Q(512+cc+4, 512+cc+5, 4, 10,1, 8); + update_Q(512+cc+5, 512+cc+6, 5, 11,2, 9); + update_Q(512+cc+6, 512+cc+7, 6, 12,3, 10); + update_Q(512+cc+7, 512+cc+8, 7, 13,4, 11); + update_Q(512+cc+8, 512+cc+9, 8, 14,5, 12); + update_Q(512+cc+9, 512+cc+10,9, 15,6, 13); + update_Q(512+cc+10,512+cc+11,10,0, 7, 14); + update_Q(512+cc+11,512+cc+12,11,1, 8, 15); + update_Q(512+cc+12,512+cc+13,12,2, 9, 0); + update_Q(512+cc+13,512+cc+14,13,3, 10, 1); + update_Q(512+cc+14,512+cc+15,14,4, 11, 2); + update_Q(512+cc+15,512+dd+0, 15,5, 12, 3); + } +} + + +/* for the 128-bit key: key[0]...key[15] +* key[0] is the least significant byte of ctx->key[0] (K_0); +* key[3] is the most significant byte of ctx->key[0] (K_0); +* ... +* key[12] is the least significant byte of ctx->key[3] (K_3) +* key[15] is the most significant byte of ctx->key[3] (K_3) +* +* for the 128-bit iv: iv[0]...iv[15] +* iv[0] is the least significant byte of ctx->iv[0] (IV_0); +* iv[3] is the most significant byte of ctx->iv[0] (IV_0); +* ... +* iv[12] is the least significant byte of ctx->iv[3] (IV_3) +* iv[15] is the most significant byte of ctx->iv[3] (IV_3) +*/ + + + +void HC128::SetIV(const byte* iv) +{ + word32 i; + + for (i = 0; i < (128 >> 5); i++) + iv_[i] = LITTLE32(((word32*)iv)[i]); + + for (; i < 8; i++) iv_[i] = iv_[i-4]; + + /* expand the key and IV into the table T */ + /* (expand the key and IV into the table P and Q) */ + + for (i = 0; i < 8; i++) T_[i] = key_[i]; + for (i = 8; i < 16; i++) T_[i] = iv_[i-8]; + + for (i = 16; i < (256+16); i++) + T_[i] = f2(T_[i-2]) + T_[i-7] + f1(T_[i-15]) + T_[i-16]+i; + + for (i = 0; i < 16; i++) T_[i] = T_[256+i]; + + for (i = 16; i < 1024; i++) + T_[i] = f2(T_[i-2]) + T_[i-7] + f1(T_[i-15]) + T_[i-16]+256+i; + + /* initialize counter1024, X and Y */ + counter1024_ = 0; + for (i = 0; i < 16; i++) X_[i] = T_[512-16+i]; + for (i = 0; i < 16; i++) Y_[i] = T_[512+512-16+i]; + + /* run the cipher 1024 steps before generating the output */ + for (i = 0; i < 64; i++) SetupUpdate(); +} + + +void HC128::SetKey(const byte* key, const byte* iv) +{ + word32 i; + + /* Key size in bits 128 */ + for (i = 0; i < (128 >> 5); i++) + key_[i] = LITTLE32(((word32*)key)[i]); + + for ( ; i < 8 ; i++) key_[i] = key_[i-4]; + + SetIV(iv); +} + + +/* The following defines the encryption of data stream */ +void HC128::Process(byte* output, const byte* input, word32 msglen) +{ + word32 i, keystream[16]; + + for ( ; msglen >= 64; msglen -= 64, input += 64, output += 64) + { + GenerateKeystream(keystream); + + /* unroll loop */ + ((word32*)output)[0] = ((word32*)input)[0] ^ LITTLE32(keystream[0]); + ((word32*)output)[1] = ((word32*)input)[1] ^ LITTLE32(keystream[1]); + ((word32*)output)[2] = ((word32*)input)[2] ^ LITTLE32(keystream[2]); + ((word32*)output)[3] = ((word32*)input)[3] ^ LITTLE32(keystream[3]); + ((word32*)output)[4] = ((word32*)input)[4] ^ LITTLE32(keystream[4]); + ((word32*)output)[5] = ((word32*)input)[5] ^ LITTLE32(keystream[5]); + ((word32*)output)[6] = ((word32*)input)[6] ^ LITTLE32(keystream[6]); + ((word32*)output)[7] = ((word32*)input)[7] ^ LITTLE32(keystream[7]); + ((word32*)output)[8] = ((word32*)input)[8] ^ LITTLE32(keystream[8]); + ((word32*)output)[9] = ((word32*)input)[9] ^ LITTLE32(keystream[9]); + ((word32*)output)[10] = ((word32*)input)[10] ^ LITTLE32(keystream[10]); + ((word32*)output)[11] = ((word32*)input)[11] ^ LITTLE32(keystream[11]); + ((word32*)output)[12] = ((word32*)input)[12] ^ LITTLE32(keystream[12]); + ((word32*)output)[13] = ((word32*)input)[13] ^ LITTLE32(keystream[13]); + ((word32*)output)[14] = ((word32*)input)[14] ^ LITTLE32(keystream[14]); + ((word32*)output)[15] = ((word32*)input)[15] ^ LITTLE32(keystream[15]); + } + + if (msglen > 0) + { + GenerateKeystream(keystream); + +#ifdef BIG_ENDIAN_ORDER + { + word32 wordsLeft = msglen / sizeof(word32); + if (msglen % sizeof(word32)) wordsLeft++; + + ByteReverse(keystream, keystream, wordsLeft * sizeof(word32)); + } +#endif + + for (i = 0; i < msglen; i++) + output[i] = input[i] ^ ((byte*)keystream)[i]; + } + +} + + +} // namespace diff --git a/mysql/extra/yassl/taocrypt/src/integer.cpp b/mysql/extra/yassl/taocrypt/src/integer.cpp new file mode 100644 index 0000000..478a13c --- /dev/null +++ b/mysql/extra/yassl/taocrypt/src/integer.cpp @@ -0,0 +1,3894 @@ +/* Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ + +/* based on Wei Dai's integer.cpp from CryptoPP */ + +#include "runtime.hpp" +#include "integer.hpp" +#include "modarith.hpp" +#include "asn.hpp" + + + +#ifdef __DECCXX + #include // for asm overflow assembly +#endif + +#if defined(_M_X64) || defined(_M_IA64) + #include +#pragma intrinsic(_umul128) +#endif + + +#ifdef __GNUC__ + #include + #include +#endif + + +#ifdef SSE2_INTRINSICS_AVAILABLE + #ifdef __GNUC__ + #include + #ifdef TAOCRYPT_MEMALIGN_AVAILABLE + #include + #else + #include + #endif + #else + #include + #endif +#elif defined(_MSC_VER) && defined(_M_IX86) +/* #pragma message("You do not seem to have the Visual C++ Processor Pack ") + #pragma message("installed, so use of SSE2 intrinsics will be disabled.") +*/ + #pragma message("installed, so use of SSE2 intrinsics will be disabled.") +#elif defined(__GNUC__) && defined(__i386__) +/* #warning You do not have GCC 3.3 or later, or did not specify the -msse2 \ + compiler option. Use of SSE2 intrinsics will be disabled. +*/ +#endif + + +namespace TaoCrypt { + + +#ifdef SSE2_INTRINSICS_AVAILABLE + +template +CPP_TYPENAME AlignedAllocator::pointer AlignedAllocator::allocate( + size_type n, const void *) +{ + if (n > this->max_size()) + return 0; + if (n == 0) + return 0; + if (n >= 4) + { + void* p; + #ifdef TAOCRYPT_MM_MALLOC_AVAILABLE + p = _mm_malloc(sizeof(T)*n, 16); + #elif defined(TAOCRYPT_MEMALIGN_AVAILABLE) + p = memalign(16, sizeof(T)*n); + #elif defined(TAOCRYPT_MALLOC_ALIGNMENT_IS_16) + p = malloc(sizeof(T)*n); + #else + p = (byte *)malloc(sizeof(T)*n + 8); + // assume malloc alignment is at least 8 + #endif + + #ifdef TAOCRYPT_NO_ALIGNED_ALLOC + m_pBlock = p; + if (!IsAlignedOn(p, 16)) + { + p = (byte *)p + 8; + } + #endif + + return (T*)p; + } + return NEW_TC T[n]; +} + + +template +void AlignedAllocator::deallocate(void* p, size_type n) +{ + memset(p, 0, n*sizeof(T)); + if (n >= 4) + { + #ifdef TAOCRYPT_MM_MALLOC_AVAILABLE + _mm_free(p); + #elif defined(TAOCRYPT_NO_ALIGNED_ALLOC) + free(m_pBlock); + m_pBlock = 0; + #else + free(p); + #endif + } + else + tcArrayDelete((T *)p); +} + +#endif // SSE2 + + +// ******** start of integer needs + +// start 5.2.1 adds DWord and Word ******** + +// ******************************************************** + +class DWord { +public: +DWord() {} + +#ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE + explicit DWord(word low) + { + whole_ = low; + } +#else + explicit DWord(word low) + { + halfs_.low = low; + halfs_.high = 0; + } +#endif + + DWord(word low, word high) + { + halfs_.low = low; + halfs_.high = high; + } + + static DWord Multiply(word a, word b) + { + DWord r; + + #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE + r.whole_ = (dword)a * b; + + #elif defined(_M_X64) || defined(_M_IA64) + r.halfs_.low = _umul128(a, b, &r.halfs_.high); + + #elif defined(__ia64__) + r.halfs_.low = a*b; + __asm__("xmpy.hu %0=%1,%2" : "=f" (r.halfs_.high) + : "f" (a), "f" (b)); + + #elif defined(_ARCH_PPC64) + r.halfs_.low = a*b; + __asm__("mulhdu %0,%1,%2" : "=r" (r.halfs_.high) + : "r" (a), "r" (b) : "cc"); + + #elif defined(__x86_64__) + __asm__("mulq %3" : "=d" (r.halfs_.high), "=a" (r.halfs_.low) : + "a" (a), "rm" (b) : "cc"); + + #elif defined(__mips64) + __asm__("dmultu %2,%3" : "=h" (r.halfs_.high), "=l" (r.halfs_.low) + : "r" (a), "r" (b)); + + #elif defined(_M_IX86) + // for testing + word64 t = (word64)a * b; + r.halfs_.high = ((word32 *)(&t))[1]; + r.halfs_.low = (word32)t; + #else + #error can not implement DWord + #endif + + return r; + } + + static DWord MultiplyAndAdd(word a, word b, word c) + { + DWord r = Multiply(a, b); + return r += c; + } + + DWord & operator+=(word a) + { + #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE + whole_ = whole_ + a; + #else + halfs_.low += a; + halfs_.high += (halfs_.low < a); + #endif + return *this; + } + + DWord operator+(word a) + { + DWord r; + #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE + r.whole_ = whole_ + a; + #else + r.halfs_.low = halfs_.low + a; + r.halfs_.high = halfs_.high + (r.halfs_.low < a); + #endif + return r; + } + + DWord operator-(DWord a) + { + DWord r; + #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE + r.whole_ = whole_ - a.whole_; + #else + r.halfs_.low = halfs_.low - a.halfs_.low; + r.halfs_.high = halfs_.high - a.halfs_.high - + (r.halfs_.low > halfs_.low); + #endif + return r; + } + + DWord operator-(word a) + { + DWord r; + #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE + r.whole_ = whole_ - a; + #else + r.halfs_.low = halfs_.low - a; + r.halfs_.high = halfs_.high - (r.halfs_.low > halfs_.low); + #endif + return r; + } + + // returns quotient, which must fit in a word + word operator/(word divisor); + + word operator%(word a); + + bool operator!() const + { + #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE + return !whole_; + #else + return !halfs_.high && !halfs_.low; + #endif + } + + word GetLowHalf() const {return halfs_.low;} + word GetHighHalf() const {return halfs_.high;} + word GetHighHalfAsBorrow() const {return 0-halfs_.high;} + +private: + struct dword_struct + { + #ifdef LITTLE_ENDIAN_ORDER + word low; + word high; + #else + word high; + word low; + #endif + }; + + union + { + #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE + dword whole_; + #endif + struct dword_struct halfs_; + }; +}; + + +class Word { +public: + Word() {} + + Word(word value) + { + whole_ = value; + } + + Word(hword low, hword high) + { + whole_ = low | (word(high) << (WORD_BITS/2)); + } + + static Word Multiply(hword a, hword b) + { + Word r; + r.whole_ = (word)a * b; + return r; + } + + Word operator-(Word a) + { + Word r; + r.whole_ = whole_ - a.whole_; + return r; + } + + Word operator-(hword a) + { + Word r; + r.whole_ = whole_ - a; + return r; + } + + // returns quotient, which must fit in a word + hword operator/(hword divisor) + { + return hword(whole_ / divisor); + } + + bool operator!() const + { + return !whole_; + } + + word GetWhole() const {return whole_;} + hword GetLowHalf() const {return hword(whole_);} + hword GetHighHalf() const {return hword(whole_>>(WORD_BITS/2));} + hword GetHighHalfAsBorrow() const {return 0-hword(whole_>>(WORD_BITS/2));} + +private: + word whole_; +}; + + +// dummy is VC60 compiler bug workaround +// do a 3 word by 2 word divide, returns quotient and leaves remainder in A +template +S DivideThreeWordsByTwo(S* A, S B0, S B1, D* dummy_VC6_WorkAround = 0) +{ + // estimate the quotient: do a 2 S by 1 S divide + S Q; + if (S(B1+1) == 0) + Q = A[2]; + else + Q = D(A[1], A[2]) / S(B1+1); + + // now subtract Q*B from A + D p = D::Multiply(B0, Q); + D u = (D) A[0] - p.GetLowHalf(); + A[0] = u.GetLowHalf(); + u = (D) A[1] - p.GetHighHalf() - u.GetHighHalfAsBorrow() - + D::Multiply(B1, Q); + A[1] = u.GetLowHalf(); + A[2] += u.GetHighHalf(); + + // Q <= actual quotient, so fix it + while (A[2] || A[1] > B1 || (A[1]==B1 && A[0]>=B0)) + { + u = (D) A[0] - B0; + A[0] = u.GetLowHalf(); + u = (D) A[1] - B1 - u.GetHighHalfAsBorrow(); + A[1] = u.GetLowHalf(); + A[2] += u.GetHighHalf(); + Q++; + } + + return Q; +} + + +// do a 4 word by 2 word divide, returns 2 word quotient in Q0 and Q1 +template +inline D DivideFourWordsByTwo(S *T, const D &Al, const D &Ah, const D &B) +{ + if (!B) // if divisor is 0, we assume divisor==2**(2*WORD_BITS) + return D(Ah.GetLowHalf(), Ah.GetHighHalf()); + else + { + S Q[2]; + T[0] = Al.GetLowHalf(); + T[1] = Al.GetHighHalf(); + T[2] = Ah.GetLowHalf(); + T[3] = Ah.GetHighHalf(); + Q[1] = DivideThreeWordsByTwo(T+1, B.GetLowHalf(), + B.GetHighHalf()); + Q[0] = DivideThreeWordsByTwo(T, B.GetLowHalf(), B.GetHighHalf()); + return D(Q[0], Q[1]); + } +} + + +// returns quotient, which must fit in a word +inline word DWord::operator/(word a) +{ + #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE + return word(whole_ / a); + #else + hword r[4]; + return DivideFourWordsByTwo(r, halfs_.low, + halfs_.high, a).GetWhole(); + #endif +} + +inline word DWord::operator%(word a) +{ + #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE + return word(whole_ % a); + #else + if (a < (word(1) << (WORD_BITS/2))) + { + hword h = hword(a); + word r = halfs_.high % h; + r = ((halfs_.low >> (WORD_BITS/2)) + (r << (WORD_BITS/2))) % h; + return hword((hword(halfs_.low) + (r << (WORD_BITS/2))) % h); + } + else + { + hword r[4]; + DivideFourWordsByTwo(r, halfs_.low, halfs_.high, a); + return Word(r[0], r[1]).GetWhole(); + } + #endif +} + + + +// end 5.2.1 DWord and Word adds + + + + + +static const unsigned int RoundupSizeTable[] = {2, 2, 2, 4, 4, 8, 8, 8, 8}; + +static inline unsigned int RoundupSize(unsigned int n) +{ + if (n<=8) + return RoundupSizeTable[n]; + else if (n<=16) + return 16; + else if (n<=32) + return 32; + else if (n<=64) + return 64; + else return 1U << BitPrecision(n-1); +} + + +static int Compare(const word *A, const word *B, unsigned int N) +{ + while (N--) + if (A[N] > B[N]) + return 1; + else if (A[N] < B[N]) + return -1; + + return 0; +} + +static word Increment(word *A, unsigned int N, word B=1) +{ + word t = A[0]; + A[0] = t+B; + if (A[0] >= t) + return 0; + for (unsigned i=1; i= A0) + if (B0 >= B1) + { + s = 0; + d = (dword)(A1-A0)*(B0-B1); + } + else + { + s = (A1-A0); + d = (dword)s*(word)(B0-B1); + } + else + if (B0 > B1) + { + s = (B0-B1); + d = (word)(A1-A0)*(dword)s; + } + else + { + s = 0; + d = (dword)(A0-A1)*(B1-B0); + } +*/ + // this segment is the branchless equivalent of above + word D[4] = {A[1]-A[0], A[0]-A[1], B[0]-B[1], B[1]-B[0]}; + unsigned int ai = A[1] < A[0]; + unsigned int bi = B[0] < B[1]; + unsigned int di = ai & bi; + DWord d = DWord::Multiply(D[di], D[di+2]); + D[1] = D[3] = 0; + unsigned int si = ai + !bi; + word s = D[si]; + + DWord A0B0 = DWord::Multiply(A[0], B[0]); + C[0] = A0B0.GetLowHalf(); + + DWord A1B1 = DWord::Multiply(A[1], B[1]); + DWord t = (DWord) A0B0.GetHighHalf() + A0B0.GetLowHalf() + d.GetLowHalf() + + A1B1.GetLowHalf(); + C[1] = t.GetLowHalf(); + + t = A1B1 + t.GetHighHalf() + A0B0.GetHighHalf() + d.GetHighHalf() + + A1B1.GetHighHalf() - s; + C[2] = t.GetLowHalf(); + C[3] = t.GetHighHalf(); +} + +void Portable::Multiply2Bottom(word *C, const word *A, const word *B) +{ + DWord t = DWord::Multiply(A[0], B[0]); + C[0] = t.GetLowHalf(); + C[1] = t.GetHighHalf() + A[0]*B[1] + A[1]*B[0]; +} + +word Portable::Multiply2Add(word *C, const word *A, const word *B) +{ + word D[4] = {A[1]-A[0], A[0]-A[1], B[0]-B[1], B[1]-B[0]}; + unsigned int ai = A[1] < A[0]; + unsigned int bi = B[0] < B[1]; + unsigned int di = ai & bi; + DWord d = DWord::Multiply(D[di], D[di+2]); + D[1] = D[3] = 0; + unsigned int si = ai + !bi; + word s = D[si]; + + DWord A0B0 = DWord::Multiply(A[0], B[0]); + DWord t = A0B0 + C[0]; + C[0] = t.GetLowHalf(); + + DWord A1B1 = DWord::Multiply(A[1], B[1]); + t = (DWord) t.GetHighHalf() + A0B0.GetLowHalf() + d.GetLowHalf() + + A1B1.GetLowHalf() + C[1]; + C[1] = t.GetLowHalf(); + + t = (DWord) t.GetHighHalf() + A1B1.GetLowHalf() + A0B0.GetHighHalf() + + d.GetHighHalf() + A1B1.GetHighHalf() - s + C[2]; + C[2] = t.GetLowHalf(); + + t = (DWord) t.GetHighHalf() + A1B1.GetHighHalf() + C[3]; + C[3] = t.GetLowHalf(); + return t.GetHighHalf(); +} + + +#define MulAcc(x, y) \ + p = DWord::MultiplyAndAdd(A[x], B[y], c); \ + c = p.GetLowHalf(); \ + p = (DWord) d + p.GetHighHalf(); \ + d = p.GetLowHalf(); \ + e += p.GetHighHalf(); + +#define SaveMulAcc(s, x, y) \ + R[s] = c; \ + p = DWord::MultiplyAndAdd(A[x], B[y], d); \ + c = p.GetLowHalf(); \ + p = (DWord) e + p.GetHighHalf(); \ + d = p.GetLowHalf(); \ + e = p.GetHighHalf(); + +#define SquAcc(x, y) \ + q = DWord::Multiply(A[x], A[y]); \ + p = q + c; \ + c = p.GetLowHalf(); \ + p = (DWord) d + p.GetHighHalf(); \ + d = p.GetLowHalf(); \ + e += p.GetHighHalf(); \ + p = q + c; \ + c = p.GetLowHalf(); \ + p = (DWord) d + p.GetHighHalf(); \ + d = p.GetLowHalf(); \ + e += p.GetHighHalf(); + +#define SaveSquAcc(s, x, y) \ + R[s] = c; \ + q = DWord::Multiply(A[x], A[y]); \ + p = q + d; \ + c = p.GetLowHalf(); \ + p = (DWord) e + p.GetHighHalf(); \ + d = p.GetLowHalf(); \ + e = p.GetHighHalf(); \ + p = q + c; \ + c = p.GetLowHalf(); \ + p = (DWord) d + p.GetHighHalf(); \ + d = p.GetLowHalf(); \ + e += p.GetHighHalf(); + + +void Portable::Multiply4(word *R, const word *A, const word *B) +{ + DWord p; + word c, d, e; + + p = DWord::Multiply(A[0], B[0]); + R[0] = p.GetLowHalf(); + c = p.GetHighHalf(); + d = e = 0; + + MulAcc(0, 1); + MulAcc(1, 0); + + SaveMulAcc(1, 2, 0); + MulAcc(1, 1); + MulAcc(0, 2); + + SaveMulAcc(2, 0, 3); + MulAcc(1, 2); + MulAcc(2, 1); + MulAcc(3, 0); + + SaveMulAcc(3, 3, 1); + MulAcc(2, 2); + MulAcc(1, 3); + + SaveMulAcc(4, 2, 3); + MulAcc(3, 2); + + R[5] = c; + p = DWord::MultiplyAndAdd(A[3], B[3], d); + R[6] = p.GetLowHalf(); + R[7] = e + p.GetHighHalf(); +} + +void Portable::Square2(word *R, const word *A) +{ + DWord p, q; + word c, d, e; + + p = DWord::Multiply(A[0], A[0]); + R[0] = p.GetLowHalf(); + c = p.GetHighHalf(); + d = e = 0; + + SquAcc(0, 1); + + R[1] = c; + p = DWord::MultiplyAndAdd(A[1], A[1], d); + R[2] = p.GetLowHalf(); + R[3] = e + p.GetHighHalf(); +} + +void Portable::Square4(word *R, const word *A) +{ +#ifdef _MSC_VER + // VC60 workaround: MSVC 6.0 has an optimization bug that makes + // (dword)A*B where either A or B has been cast to a dword before + // very expensive. Revisit this function when this + // bug is fixed. + Multiply4(R, A, A); +#else + const word *B = A; + DWord p, q; + word c, d, e; + + p = DWord::Multiply(A[0], A[0]); + R[0] = p.GetLowHalf(); + c = p.GetHighHalf(); + d = e = 0; + + SquAcc(0, 1); + + SaveSquAcc(1, 2, 0); + MulAcc(1, 1); + + SaveSquAcc(2, 0, 3); + SquAcc(1, 2); + + SaveSquAcc(3, 3, 1); + MulAcc(2, 2); + + SaveSquAcc(4, 2, 3); + + R[5] = c; + p = DWord::MultiplyAndAdd(A[3], A[3], d); + R[6] = p.GetLowHalf(); + R[7] = e + p.GetHighHalf(); +#endif +} + +void Portable::Multiply8(word *R, const word *A, const word *B) +{ + DWord p; + word c, d, e; + + p = DWord::Multiply(A[0], B[0]); + R[0] = p.GetLowHalf(); + c = p.GetHighHalf(); + d = e = 0; + + MulAcc(0, 1); + MulAcc(1, 0); + + SaveMulAcc(1, 2, 0); + MulAcc(1, 1); + MulAcc(0, 2); + + SaveMulAcc(2, 0, 3); + MulAcc(1, 2); + MulAcc(2, 1); + MulAcc(3, 0); + + SaveMulAcc(3, 0, 4); + MulAcc(1, 3); + MulAcc(2, 2); + MulAcc(3, 1); + MulAcc(4, 0); + + SaveMulAcc(4, 0, 5); + MulAcc(1, 4); + MulAcc(2, 3); + MulAcc(3, 2); + MulAcc(4, 1); + MulAcc(5, 0); + + SaveMulAcc(5, 0, 6); + MulAcc(1, 5); + MulAcc(2, 4); + MulAcc(3, 3); + MulAcc(4, 2); + MulAcc(5, 1); + MulAcc(6, 0); + + SaveMulAcc(6, 0, 7); + MulAcc(1, 6); + MulAcc(2, 5); + MulAcc(3, 4); + MulAcc(4, 3); + MulAcc(5, 2); + MulAcc(6, 1); + MulAcc(7, 0); + + SaveMulAcc(7, 1, 7); + MulAcc(2, 6); + MulAcc(3, 5); + MulAcc(4, 4); + MulAcc(5, 3); + MulAcc(6, 2); + MulAcc(7, 1); + + SaveMulAcc(8, 2, 7); + MulAcc(3, 6); + MulAcc(4, 5); + MulAcc(5, 4); + MulAcc(6, 3); + MulAcc(7, 2); + + SaveMulAcc(9, 3, 7); + MulAcc(4, 6); + MulAcc(5, 5); + MulAcc(6, 4); + MulAcc(7, 3); + + SaveMulAcc(10, 4, 7); + MulAcc(5, 6); + MulAcc(6, 5); + MulAcc(7, 4); + + SaveMulAcc(11, 5, 7); + MulAcc(6, 6); + MulAcc(7, 5); + + SaveMulAcc(12, 6, 7); + MulAcc(7, 6); + + R[13] = c; + p = DWord::MultiplyAndAdd(A[7], B[7], d); + R[14] = p.GetLowHalf(); + R[15] = e + p.GetHighHalf(); +} + +void Portable::Multiply4Bottom(word *R, const word *A, const word *B) +{ + DWord p; + word c, d, e; + + p = DWord::Multiply(A[0], B[0]); + R[0] = p.GetLowHalf(); + c = p.GetHighHalf(); + d = e = 0; + + MulAcc(0, 1); + MulAcc(1, 0); + + SaveMulAcc(1, 2, 0); + MulAcc(1, 1); + MulAcc(0, 2); + + R[2] = c; + R[3] = d + A[0] * B[3] + A[1] * B[2] + A[2] * B[1] + A[3] * B[0]; +} + +void Portable::Multiply8Bottom(word *R, const word *A, const word *B) +{ + DWord p; + word c, d, e; + + p = DWord::Multiply(A[0], B[0]); + R[0] = p.GetLowHalf(); + c = p.GetHighHalf(); + d = e = 0; + + MulAcc(0, 1); + MulAcc(1, 0); + + SaveMulAcc(1, 2, 0); + MulAcc(1, 1); + MulAcc(0, 2); + + SaveMulAcc(2, 0, 3); + MulAcc(1, 2); + MulAcc(2, 1); + MulAcc(3, 0); + + SaveMulAcc(3, 0, 4); + MulAcc(1, 3); + MulAcc(2, 2); + MulAcc(3, 1); + MulAcc(4, 0); + + SaveMulAcc(4, 0, 5); + MulAcc(1, 4); + MulAcc(2, 3); + MulAcc(3, 2); + MulAcc(4, 1); + MulAcc(5, 0); + + SaveMulAcc(5, 0, 6); + MulAcc(1, 5); + MulAcc(2, 4); + MulAcc(3, 3); + MulAcc(4, 2); + MulAcc(5, 1); + MulAcc(6, 0); + + R[6] = c; + R[7] = d + A[0] * B[7] + A[1] * B[6] + A[2] * B[5] + A[3] * B[4] + + A[4] * B[3] + A[5] * B[2] + A[6] * B[1] + A[7] * B[0]; +} + + +#undef MulAcc +#undef SaveMulAcc +#undef SquAcc +#undef SaveSquAcc + +// optimized + +#ifdef TAOCRYPT_X86ASM_AVAILABLE + +// ************** x86 feature detection *************** + + +#ifdef SSE2_INTRINSICS_AVAILABLE + +#ifndef _MSC_VER + static jmp_buf s_env; + static void SigIllHandler(int) + { + longjmp(s_env, 1); + } +#endif + +static bool HasSSE2() +{ + if (!IsPentium()) + return false; + + word32 cpuid[4]; + CpuId(1, cpuid); + if ((cpuid[3] & (1 << 26)) == 0) + return false; + +#ifdef _MSC_VER + __try + { + __asm xorpd xmm0, xmm0 // executing SSE2 instruction + } + __except (1) + { + return false; + } + return true; +#else + typedef void (*SigHandler)(int); + + SigHandler oldHandler = signal(SIGILL, SigIllHandler); + if (oldHandler == SIG_ERR) + return false; + + bool result = true; + if (setjmp(s_env)) + result = false; + else + __asm __volatile ("xorpd %xmm0, %xmm0"); + + signal(SIGILL, oldHandler); + return result; +#endif +} +#endif // SSE2_INTRINSICS_AVAILABLE + + +static bool IsP4() +{ + if (!IsPentium()) + return false; + + word32 cpuid[4]; + + CpuId(1, cpuid); + return ((cpuid[0] >> 8) & 0xf) == 0xf; +} + +// ************** Pentium/P4 optimizations *************** + +class PentiumOptimized : public Portable +{ +public: + static word TAOCRYPT_CDECL Add(word *C, const word *A, const word *B, + unsigned int N); + static word TAOCRYPT_CDECL Subtract(word *C, const word *A, const word *B, + unsigned int N); + static void TAOCRYPT_CDECL Multiply4(word *C, const word *A, + const word *B); + static void TAOCRYPT_CDECL Multiply8(word *C, const word *A, + const word *B); + static void TAOCRYPT_CDECL Multiply8Bottom(word *C, const word *A, + const word *B); +}; + +class P4Optimized +{ +public: + static word TAOCRYPT_CDECL Add(word *C, const word *A, const word *B, + unsigned int N); + static word TAOCRYPT_CDECL Subtract(word *C, const word *A, const word *B, + unsigned int N); +#ifdef SSE2_INTRINSICS_AVAILABLE + static void TAOCRYPT_CDECL Multiply4(word *C, const word *A, + const word *B); + static void TAOCRYPT_CDECL Multiply8(word *C, const word *A, + const word *B); + static void TAOCRYPT_CDECL Multiply8Bottom(word *C, const word *A, + const word *B); +#endif +}; + +typedef word (TAOCRYPT_CDECL * PAddSub)(word *C, const word *A, const word *B, + unsigned int N); +typedef void (TAOCRYPT_CDECL * PMul)(word *C, const word *A, const word *B); + +static PAddSub s_pAdd, s_pSub; +#ifdef SSE2_INTRINSICS_AVAILABLE +static PMul s_pMul4, s_pMul8, s_pMul8B; +#endif + +static void SetPentiumFunctionPointers() +{ + if (!IsPentium()) + { + s_pAdd = &Portable::Add; + s_pSub = &Portable::Subtract; + } + else if (IsP4()) + { + s_pAdd = &P4Optimized::Add; + s_pSub = &P4Optimized::Subtract; + } + else + { + s_pAdd = &PentiumOptimized::Add; + s_pSub = &PentiumOptimized::Subtract; + } + +#ifdef SSE2_INTRINSICS_AVAILABLE + if (!IsPentium()) + { + s_pMul4 = &Portable::Multiply4; + s_pMul8 = &Portable::Multiply8; + s_pMul8B = &Portable::Multiply8Bottom; + } + else if (HasSSE2()) + { + s_pMul4 = &P4Optimized::Multiply4; + s_pMul8 = &P4Optimized::Multiply8; + s_pMul8B = &P4Optimized::Multiply8Bottom; + } + else + { + s_pMul4 = &PentiumOptimized::Multiply4; + s_pMul8 = &PentiumOptimized::Multiply8; + s_pMul8B = &PentiumOptimized::Multiply8Bottom; + } +#endif +} + +static const char s_RunAtStartupSetPentiumFunctionPointers = + (SetPentiumFunctionPointers(), 0); + + +class LowLevel : public PentiumOptimized +{ +public: + inline static word Add(word *C, const word *A, const word *B, + unsigned int N) + {return s_pAdd(C, A, B, N);} + inline static word Subtract(word *C, const word *A, const word *B, + unsigned int N) + {return s_pSub(C, A, B, N);} + inline static void Square4(word *R, const word *A) + {Multiply4(R, A, A);} +#ifdef SSE2_INTRINSICS_AVAILABLE + inline static void Multiply4(word *C, const word *A, const word *B) + {s_pMul4(C, A, B);} + inline static void Multiply8(word *C, const word *A, const word *B) + {s_pMul8(C, A, B);} + inline static void Multiply8Bottom(word *C, const word *A, const word *B) + {s_pMul8B(C, A, B);} +#endif +}; + +// use some tricks to share assembly code between MSVC and GCC +#ifdef _MSC_VER + #define TAOCRYPT_NAKED __declspec(naked) + #define AS1(x) __asm x + #define AS2(x, y) __asm x, y + #define AddPrologue \ + __asm push ebp \ + __asm push ebx \ + __asm push esi \ + __asm push edi \ + __asm mov ecx, [esp+20] \ + __asm mov edx, [esp+24] \ + __asm mov ebx, [esp+28] \ + __asm mov esi, [esp+32] + #define AddEpilogue \ + __asm pop edi \ + __asm pop esi \ + __asm pop ebx \ + __asm pop ebp \ + __asm ret + #define MulPrologue \ + __asm push ebp \ + __asm push ebx \ + __asm push esi \ + __asm push edi \ + __asm mov ecx, [esp+28] \ + __asm mov esi, [esp+24] \ + __asm push [esp+20] + #define MulEpilogue \ + __asm add esp, 4 \ + __asm pop edi \ + __asm pop esi \ + __asm pop ebx \ + __asm pop ebp \ + __asm ret +#else + #define TAOCRYPT_NAKED + #define AS1(x) #x ";" + #define AS2(x, y) #x ", " #y ";" + #define AddPrologue \ + word res; \ + __asm__ __volatile__ \ + ( \ + "push %%ebx;" /* save this manually, in case of -fPIC */ \ + "mov %3, %%ebx;" \ + ".intel_syntax noprefix;" \ + "push ebp;" + #define AddEpilogue \ + "pop ebp;" \ + ".att_syntax prefix;" \ + "pop %%ebx;" \ + "mov %%eax, %0;" \ + : "=g" (res) \ + : "c" (C), "d" (A), "m" (B), "S" (N) \ + : "%edi", "memory", "cc" \ + ); \ + return res; + + #define MulPrologue \ + __asm__ __volatile__ \ + ( \ + "push %%ebx;" /* save this manually, in case of -fPIC */ \ + "push %%ebp;" \ + "push %0;" \ + ".intel_syntax noprefix;" + #define MulEpilogue \ + "add esp, 4;" \ + "pop ebp;" \ + "pop ebx;" \ + ".att_syntax prefix;" \ + : \ + : "rm" (Z), "S" (X), "c" (Y) \ + : "%eax", "%edx", "%edi", "memory", "cc" \ + ); +#endif + +TAOCRYPT_NAKED word PentiumOptimized::Add(word *C, const word *A, + const word *B, unsigned int N) +{ + AddPrologue + + // now: ebx = B, ecx = C, edx = A, esi = N + AS2( sub ecx, edx) // hold the distance between C & A so we + // can add this to A to get C + AS2( xor eax, eax) // clear eax + + AS2( sub eax, esi) // eax is a negative index from end of B + AS2( lea ebx, [ebx+4*esi]) // ebx is end of B + + AS2( sar eax, 1) // unit of eax is now dwords; this also + // clears the carry flag + AS1( jz loopendAdd) // if no dwords then nothing to do + + AS1(loopstartAdd:) + AS2( mov esi,[edx]) // load lower word of A + AS2( mov ebp,[edx+4]) // load higher word of A + + AS2( mov edi,[ebx+8*eax]) // load lower word of B + AS2( lea edx,[edx+8]) // advance A and C + + AS2( adc esi,edi) // add lower words + AS2( mov edi,[ebx+8*eax+4]) // load higher word of B + + AS2( adc ebp,edi) // add higher words + AS1( inc eax) // advance B + + AS2( mov [edx+ecx-8],esi) // store lower word result + AS2( mov [edx+ecx-4],ebp) // store higher word result + + AS1( jnz loopstartAdd) // loop until eax overflows and becomes zero + + AS1(loopendAdd:) + AS2( adc eax, 0) // store carry into eax (return result register) + + AddEpilogue +} + +TAOCRYPT_NAKED word PentiumOptimized::Subtract(word *C, const word *A, + const word *B, unsigned int N) +{ + AddPrologue + + // now: ebx = B, ecx = C, edx = A, esi = N + AS2( sub ecx, edx) // hold the distance between C & A so we + // can add this to A to get C + AS2( xor eax, eax) // clear eax + + AS2( sub eax, esi) // eax is a negative index from end of B + AS2( lea ebx, [ebx+4*esi]) // ebx is end of B + + AS2( sar eax, 1) // unit of eax is now dwords; this also + // clears the carry flag + AS1( jz loopendSub) // if no dwords then nothing to do + + AS1(loopstartSub:) + AS2( mov esi,[edx]) // load lower word of A + AS2( mov ebp,[edx+4]) // load higher word of A + + AS2( mov edi,[ebx+8*eax]) // load lower word of B + AS2( lea edx,[edx+8]) // advance A and C + + AS2( sbb esi,edi) // subtract lower words + AS2( mov edi,[ebx+8*eax+4]) // load higher word of B + + AS2( sbb ebp,edi) // subtract higher words + AS1( inc eax) // advance B + + AS2( mov [edx+ecx-8],esi) // store lower word result + AS2( mov [edx+ecx-4],ebp) // store higher word result + + AS1( jnz loopstartSub) // loop until eax overflows and becomes zero + + AS1(loopendSub:) + AS2( adc eax, 0) // store carry into eax (return result register) + + AddEpilogue +} + +// On Pentium 4, the adc and sbb instructions are very expensive, so avoid them. + +TAOCRYPT_NAKED word P4Optimized::Add(word *C, const word *A, const word *B, + unsigned int N) +{ + AddPrologue + + // now: ebx = B, ecx = C, edx = A, esi = N + AS2( xor eax, eax) + AS1( neg esi) + AS1( jz loopendAddP4) // if no dwords then nothing to do + + AS2( mov edi, [edx]) + AS2( mov ebp, [ebx]) + AS1( jmp carry1AddP4) + + AS1(loopstartAddP4:) + AS2( mov edi, [edx+8]) + AS2( add ecx, 8) + AS2( add edx, 8) + AS2( mov ebp, [ebx]) + AS2( add edi, eax) + AS1( jc carry1AddP4) + AS2( xor eax, eax) + + AS1(carry1AddP4:) + AS2( add edi, ebp) + AS2( mov ebp, 1) + AS2( mov [ecx], edi) + AS2( mov edi, [edx+4]) + AS2( cmovc eax, ebp) + AS2( mov ebp, [ebx+4]) + AS2( add ebx, 8) + AS2( add edi, eax) + AS1( jc carry2AddP4) + AS2( xor eax, eax) + + AS1(carry2AddP4:) + AS2( add edi, ebp) + AS2( mov ebp, 1) + AS2( cmovc eax, ebp) + AS2( mov [ecx+4], edi) + AS2( add esi, 2) + AS1( jnz loopstartAddP4) + + AS1(loopendAddP4:) + + AddEpilogue +} + +TAOCRYPT_NAKED word P4Optimized::Subtract(word *C, const word *A, + const word *B, unsigned int N) +{ + AddPrologue + + // now: ebx = B, ecx = C, edx = A, esi = N + AS2( xor eax, eax) + AS1( neg esi) + AS1( jz loopendSubP4) // if no dwords then nothing to do + + AS2( mov edi, [edx]) + AS2( mov ebp, [ebx]) + AS1( jmp carry1SubP4) + + AS1(loopstartSubP4:) + AS2( mov edi, [edx+8]) + AS2( add edx, 8) + AS2( add ecx, 8) + AS2( mov ebp, [ebx]) + AS2( sub edi, eax) + AS1( jc carry1SubP4) + AS2( xor eax, eax) + + AS1(carry1SubP4:) + AS2( sub edi, ebp) + AS2( mov ebp, 1) + AS2( mov [ecx], edi) + AS2( mov edi, [edx+4]) + AS2( cmovc eax, ebp) + AS2( mov ebp, [ebx+4]) + AS2( add ebx, 8) + AS2( sub edi, eax) + AS1( jc carry2SubP4) + AS2( xor eax, eax) + + AS1(carry2SubP4:) + AS2( sub edi, ebp) + AS2( mov ebp, 1) + AS2( cmovc eax, ebp) + AS2( mov [ecx+4], edi) + AS2( add esi, 2) + AS1( jnz loopstartSubP4) + + AS1(loopendSubP4:) + + AddEpilogue +} + +// multiply assembly code originally contributed by Leonard Janke + +#define MulStartup \ + AS2(xor ebp, ebp) \ + AS2(xor edi, edi) \ + AS2(xor ebx, ebx) + +#define MulShiftCarry \ + AS2(mov ebp, edx) \ + AS2(mov edi, ebx) \ + AS2(xor ebx, ebx) + +#define MulAccumulateBottom(i,j) \ + AS2(mov eax, [ecx+4*j]) \ + AS2(imul eax, dword ptr [esi+4*i]) \ + AS2(add ebp, eax) + +#define MulAccumulate(i,j) \ + AS2(mov eax, [ecx+4*j]) \ + AS1(mul dword ptr [esi+4*i]) \ + AS2(add ebp, eax) \ + AS2(adc edi, edx) \ + AS2(adc bl, bh) + +#define MulStoreDigit(i) \ + AS2(mov edx, edi) \ + AS2(mov edi, [esp]) \ + AS2(mov [edi+4*i], ebp) + +#define MulLastDiagonal(digits) \ + AS2(mov eax, [ecx+4*(digits-1)]) \ + AS1(mul dword ptr [esi+4*(digits-1)]) \ + AS2(add ebp, eax) \ + AS2(adc edx, edi) \ + AS2(mov edi, [esp]) \ + AS2(mov [edi+4*(2*digits-2)], ebp) \ + AS2(mov [edi+4*(2*digits-1)], edx) + +TAOCRYPT_NAKED void PentiumOptimized::Multiply4(word* Z, const word* X, + const word* Y) +{ + MulPrologue + // now: [esp] = Z, esi = X, ecx = Y + MulStartup + MulAccumulate(0,0) + MulStoreDigit(0) + MulShiftCarry + + MulAccumulate(1,0) + MulAccumulate(0,1) + MulStoreDigit(1) + MulShiftCarry + + MulAccumulate(2,0) + MulAccumulate(1,1) + MulAccumulate(0,2) + MulStoreDigit(2) + MulShiftCarry + + MulAccumulate(3,0) + MulAccumulate(2,1) + MulAccumulate(1,2) + MulAccumulate(0,3) + MulStoreDigit(3) + MulShiftCarry + + MulAccumulate(3,1) + MulAccumulate(2,2) + MulAccumulate(1,3) + MulStoreDigit(4) + MulShiftCarry + + MulAccumulate(3,2) + MulAccumulate(2,3) + MulStoreDigit(5) + MulShiftCarry + + MulLastDiagonal(4) + MulEpilogue +} + +TAOCRYPT_NAKED void PentiumOptimized::Multiply8(word* Z, const word* X, + const word* Y) +{ + MulPrologue + // now: [esp] = Z, esi = X, ecx = Y + MulStartup + MulAccumulate(0,0) + MulStoreDigit(0) + MulShiftCarry + + MulAccumulate(1,0) + MulAccumulate(0,1) + MulStoreDigit(1) + MulShiftCarry + + MulAccumulate(2,0) + MulAccumulate(1,1) + MulAccumulate(0,2) + MulStoreDigit(2) + MulShiftCarry + + MulAccumulate(3,0) + MulAccumulate(2,1) + MulAccumulate(1,2) + MulAccumulate(0,3) + MulStoreDigit(3) + MulShiftCarry + + MulAccumulate(4,0) + MulAccumulate(3,1) + MulAccumulate(2,2) + MulAccumulate(1,3) + MulAccumulate(0,4) + MulStoreDigit(4) + MulShiftCarry + + MulAccumulate(5,0) + MulAccumulate(4,1) + MulAccumulate(3,2) + MulAccumulate(2,3) + MulAccumulate(1,4) + MulAccumulate(0,5) + MulStoreDigit(5) + MulShiftCarry + + MulAccumulate(6,0) + MulAccumulate(5,1) + MulAccumulate(4,2) + MulAccumulate(3,3) + MulAccumulate(2,4) + MulAccumulate(1,5) + MulAccumulate(0,6) + MulStoreDigit(6) + MulShiftCarry + + MulAccumulate(7,0) + MulAccumulate(6,1) + MulAccumulate(5,2) + MulAccumulate(4,3) + MulAccumulate(3,4) + MulAccumulate(2,5) + MulAccumulate(1,6) + MulAccumulate(0,7) + MulStoreDigit(7) + MulShiftCarry + + MulAccumulate(7,1) + MulAccumulate(6,2) + MulAccumulate(5,3) + MulAccumulate(4,4) + MulAccumulate(3,5) + MulAccumulate(2,6) + MulAccumulate(1,7) + MulStoreDigit(8) + MulShiftCarry + + MulAccumulate(7,2) + MulAccumulate(6,3) + MulAccumulate(5,4) + MulAccumulate(4,5) + MulAccumulate(3,6) + MulAccumulate(2,7) + MulStoreDigit(9) + MulShiftCarry + + MulAccumulate(7,3) + MulAccumulate(6,4) + MulAccumulate(5,5) + MulAccumulate(4,6) + MulAccumulate(3,7) + MulStoreDigit(10) + MulShiftCarry + + MulAccumulate(7,4) + MulAccumulate(6,5) + MulAccumulate(5,6) + MulAccumulate(4,7) + MulStoreDigit(11) + MulShiftCarry + + MulAccumulate(7,5) + MulAccumulate(6,6) + MulAccumulate(5,7) + MulStoreDigit(12) + MulShiftCarry + + MulAccumulate(7,6) + MulAccumulate(6,7) + MulStoreDigit(13) + MulShiftCarry + + MulLastDiagonal(8) + MulEpilogue +} + +TAOCRYPT_NAKED void PentiumOptimized::Multiply8Bottom(word* Z, const word* X, + const word* Y) +{ + MulPrologue + // now: [esp] = Z, esi = X, ecx = Y + MulStartup + MulAccumulate(0,0) + MulStoreDigit(0) + MulShiftCarry + + MulAccumulate(1,0) + MulAccumulate(0,1) + MulStoreDigit(1) + MulShiftCarry + + MulAccumulate(2,0) + MulAccumulate(1,1) + MulAccumulate(0,2) + MulStoreDigit(2) + MulShiftCarry + + MulAccumulate(3,0) + MulAccumulate(2,1) + MulAccumulate(1,2) + MulAccumulate(0,3) + MulStoreDigit(3) + MulShiftCarry + + MulAccumulate(4,0) + MulAccumulate(3,1) + MulAccumulate(2,2) + MulAccumulate(1,3) + MulAccumulate(0,4) + MulStoreDigit(4) + MulShiftCarry + + MulAccumulate(5,0) + MulAccumulate(4,1) + MulAccumulate(3,2) + MulAccumulate(2,3) + MulAccumulate(1,4) + MulAccumulate(0,5) + MulStoreDigit(5) + MulShiftCarry + + MulAccumulate(6,0) + MulAccumulate(5,1) + MulAccumulate(4,2) + MulAccumulate(3,3) + MulAccumulate(2,4) + MulAccumulate(1,5) + MulAccumulate(0,6) + MulStoreDigit(6) + MulShiftCarry + + MulAccumulateBottom(7,0) + MulAccumulateBottom(6,1) + MulAccumulateBottom(5,2) + MulAccumulateBottom(4,3) + MulAccumulateBottom(3,4) + MulAccumulateBottom(2,5) + MulAccumulateBottom(1,6) + MulAccumulateBottom(0,7) + MulStoreDigit(7) + MulEpilogue +} + +#undef AS1 +#undef AS2 + +#else // not x86 - no processor specific code at this layer + +typedef Portable LowLevel; + +#endif + +#ifdef SSE2_INTRINSICS_AVAILABLE + +#ifdef __GNUC__ +#define TAOCRYPT_FASTCALL +#else +#define TAOCRYPT_FASTCALL __fastcall +#endif + +static void TAOCRYPT_FASTCALL P4_Mul(__m128i *C, const __m128i *A, + const __m128i *B) +{ + __m128i a3210 = _mm_load_si128(A); + __m128i b3210 = _mm_load_si128(B); + + __m128i sum; + + __m128i z = _mm_setzero_si128(); + __m128i a2b2_a0b0 = _mm_mul_epu32(a3210, b3210); + C[0] = a2b2_a0b0; + + __m128i a3120 = _mm_shuffle_epi32(a3210, _MM_SHUFFLE(3, 1, 2, 0)); + __m128i b3021 = _mm_shuffle_epi32(b3210, _MM_SHUFFLE(3, 0, 2, 1)); + __m128i a1b0_a0b1 = _mm_mul_epu32(a3120, b3021); + __m128i a1b0 = _mm_unpackhi_epi32(a1b0_a0b1, z); + __m128i a0b1 = _mm_unpacklo_epi32(a1b0_a0b1, z); + C[1] = _mm_add_epi64(a1b0, a0b1); + + __m128i a31 = _mm_srli_epi64(a3210, 32); + __m128i b31 = _mm_srli_epi64(b3210, 32); + __m128i a3b3_a1b1 = _mm_mul_epu32(a31, b31); + C[6] = a3b3_a1b1; + + __m128i a1b1 = _mm_unpacklo_epi32(a3b3_a1b1, z); + __m128i b3012 = _mm_shuffle_epi32(b3210, _MM_SHUFFLE(3, 0, 1, 2)); + __m128i a2b0_a0b2 = _mm_mul_epu32(a3210, b3012); + __m128i a0b2 = _mm_unpacklo_epi32(a2b0_a0b2, z); + __m128i a2b0 = _mm_unpackhi_epi32(a2b0_a0b2, z); + sum = _mm_add_epi64(a1b1, a0b2); + C[2] = _mm_add_epi64(sum, a2b0); + + __m128i a2301 = _mm_shuffle_epi32(a3210, _MM_SHUFFLE(2, 3, 0, 1)); + __m128i b2103 = _mm_shuffle_epi32(b3210, _MM_SHUFFLE(2, 1, 0, 3)); + __m128i a3b0_a1b2 = _mm_mul_epu32(a2301, b3012); + __m128i a2b1_a0b3 = _mm_mul_epu32(a3210, b2103); + __m128i a3b0 = _mm_unpackhi_epi32(a3b0_a1b2, z); + __m128i a1b2 = _mm_unpacklo_epi32(a3b0_a1b2, z); + __m128i a2b1 = _mm_unpackhi_epi32(a2b1_a0b3, z); + __m128i a0b3 = _mm_unpacklo_epi32(a2b1_a0b3, z); + __m128i sum1 = _mm_add_epi64(a3b0, a1b2); + sum = _mm_add_epi64(a2b1, a0b3); + C[3] = _mm_add_epi64(sum, sum1); + + __m128i a3b1_a1b3 = _mm_mul_epu32(a2301, b2103); + __m128i a2b2 = _mm_unpackhi_epi32(a2b2_a0b0, z); + __m128i a3b1 = _mm_unpackhi_epi32(a3b1_a1b3, z); + __m128i a1b3 = _mm_unpacklo_epi32(a3b1_a1b3, z); + sum = _mm_add_epi64(a2b2, a3b1); + C[4] = _mm_add_epi64(sum, a1b3); + + __m128i a1302 = _mm_shuffle_epi32(a3210, _MM_SHUFFLE(1, 3, 0, 2)); + __m128i b1203 = _mm_shuffle_epi32(b3210, _MM_SHUFFLE(1, 2, 0, 3)); + __m128i a3b2_a2b3 = _mm_mul_epu32(a1302, b1203); + __m128i a3b2 = _mm_unpackhi_epi32(a3b2_a2b3, z); + __m128i a2b3 = _mm_unpacklo_epi32(a3b2_a2b3, z); + C[5] = _mm_add_epi64(a3b2, a2b3); +} + +void P4Optimized::Multiply4(word *C, const word *A, const word *B) +{ + __m128i temp[7]; + const word *w = (word *)temp; + const __m64 *mw = (__m64 *)w; + + P4_Mul(temp, (__m128i *)A, (__m128i *)B); + + C[0] = w[0]; + + __m64 s1, s2; + + __m64 w1 = _mm_cvtsi32_si64(w[1]); + __m64 w4 = mw[2]; + __m64 w6 = mw[3]; + __m64 w8 = mw[4]; + __m64 w10 = mw[5]; + __m64 w12 = mw[6]; + __m64 w14 = mw[7]; + __m64 w16 = mw[8]; + __m64 w18 = mw[9]; + __m64 w20 = mw[10]; + __m64 w22 = mw[11]; + __m64 w26 = _mm_cvtsi32_si64(w[26]); + + s1 = _mm_add_si64(w1, w4); + C[1] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s2 = _mm_add_si64(w6, w8); + s1 = _mm_add_si64(s1, s2); + C[2] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s2 = _mm_add_si64(w10, w12); + s1 = _mm_add_si64(s1, s2); + C[3] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s2 = _mm_add_si64(w14, w16); + s1 = _mm_add_si64(s1, s2); + C[4] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s2 = _mm_add_si64(w18, w20); + s1 = _mm_add_si64(s1, s2); + C[5] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s2 = _mm_add_si64(w22, w26); + s1 = _mm_add_si64(s1, s2); + C[6] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + C[7] = _mm_cvtsi64_si32(s1) + w[27]; + _mm_empty(); +} + +void P4Optimized::Multiply8(word *C, const word *A, const word *B) +{ + __m128i temp[28]; + const word *w = (word *)temp; + const __m64 *mw = (__m64 *)w; + const word *x = (word *)temp+7*4; + const __m64 *mx = (__m64 *)x; + const word *y = (word *)temp+7*4*2; + const __m64 *my = (__m64 *)y; + const word *z = (word *)temp+7*4*3; + const __m64 *mz = (__m64 *)z; + + P4_Mul(temp, (__m128i *)A, (__m128i *)B); + + P4_Mul(temp+7, (__m128i *)A+1, (__m128i *)B); + + P4_Mul(temp+14, (__m128i *)A, (__m128i *)B+1); + + P4_Mul(temp+21, (__m128i *)A+1, (__m128i *)B+1); + + C[0] = w[0]; + + __m64 s1, s2, s3, s4; + + __m64 w1 = _mm_cvtsi32_si64(w[1]); + __m64 w4 = mw[2]; + __m64 w6 = mw[3]; + __m64 w8 = mw[4]; + __m64 w10 = mw[5]; + __m64 w12 = mw[6]; + __m64 w14 = mw[7]; + __m64 w16 = mw[8]; + __m64 w18 = mw[9]; + __m64 w20 = mw[10]; + __m64 w22 = mw[11]; + __m64 w26 = _mm_cvtsi32_si64(w[26]); + __m64 w27 = _mm_cvtsi32_si64(w[27]); + + __m64 x0 = _mm_cvtsi32_si64(x[0]); + __m64 x1 = _mm_cvtsi32_si64(x[1]); + __m64 x4 = mx[2]; + __m64 x6 = mx[3]; + __m64 x8 = mx[4]; + __m64 x10 = mx[5]; + __m64 x12 = mx[6]; + __m64 x14 = mx[7]; + __m64 x16 = mx[8]; + __m64 x18 = mx[9]; + __m64 x20 = mx[10]; + __m64 x22 = mx[11]; + __m64 x26 = _mm_cvtsi32_si64(x[26]); + __m64 x27 = _mm_cvtsi32_si64(x[27]); + + __m64 y0 = _mm_cvtsi32_si64(y[0]); + __m64 y1 = _mm_cvtsi32_si64(y[1]); + __m64 y4 = my[2]; + __m64 y6 = my[3]; + __m64 y8 = my[4]; + __m64 y10 = my[5]; + __m64 y12 = my[6]; + __m64 y14 = my[7]; + __m64 y16 = my[8]; + __m64 y18 = my[9]; + __m64 y20 = my[10]; + __m64 y22 = my[11]; + __m64 y26 = _mm_cvtsi32_si64(y[26]); + __m64 y27 = _mm_cvtsi32_si64(y[27]); + + __m64 z0 = _mm_cvtsi32_si64(z[0]); + __m64 z1 = _mm_cvtsi32_si64(z[1]); + __m64 z4 = mz[2]; + __m64 z6 = mz[3]; + __m64 z8 = mz[4]; + __m64 z10 = mz[5]; + __m64 z12 = mz[6]; + __m64 z14 = mz[7]; + __m64 z16 = mz[8]; + __m64 z18 = mz[9]; + __m64 z20 = mz[10]; + __m64 z22 = mz[11]; + __m64 z26 = _mm_cvtsi32_si64(z[26]); + + s1 = _mm_add_si64(w1, w4); + C[1] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s2 = _mm_add_si64(w6, w8); + s1 = _mm_add_si64(s1, s2); + C[2] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s2 = _mm_add_si64(w10, w12); + s1 = _mm_add_si64(s1, s2); + C[3] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s3 = _mm_add_si64(x0, y0); + s2 = _mm_add_si64(w14, w16); + s1 = _mm_add_si64(s1, s3); + s1 = _mm_add_si64(s1, s2); + C[4] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s3 = _mm_add_si64(x1, y1); + s4 = _mm_add_si64(x4, y4); + s1 = _mm_add_si64(s1, w18); + s3 = _mm_add_si64(s3, s4); + s1 = _mm_add_si64(s1, w20); + s1 = _mm_add_si64(s1, s3); + C[5] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s3 = _mm_add_si64(x6, y6); + s4 = _mm_add_si64(x8, y8); + s1 = _mm_add_si64(s1, w22); + s3 = _mm_add_si64(s3, s4); + s1 = _mm_add_si64(s1, w26); + s1 = _mm_add_si64(s1, s3); + C[6] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s3 = _mm_add_si64(x10, y10); + s4 = _mm_add_si64(x12, y12); + s1 = _mm_add_si64(s1, w27); + s3 = _mm_add_si64(s3, s4); + s1 = _mm_add_si64(s1, s3); + C[7] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s3 = _mm_add_si64(x14, y14); + s4 = _mm_add_si64(x16, y16); + s1 = _mm_add_si64(s1, z0); + s3 = _mm_add_si64(s3, s4); + s1 = _mm_add_si64(s1, s3); + C[8] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s3 = _mm_add_si64(x18, y18); + s4 = _mm_add_si64(x20, y20); + s1 = _mm_add_si64(s1, z1); + s3 = _mm_add_si64(s3, s4); + s1 = _mm_add_si64(s1, z4); + s1 = _mm_add_si64(s1, s3); + C[9] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s3 = _mm_add_si64(x22, y22); + s4 = _mm_add_si64(x26, y26); + s1 = _mm_add_si64(s1, z6); + s3 = _mm_add_si64(s3, s4); + s1 = _mm_add_si64(s1, z8); + s1 = _mm_add_si64(s1, s3); + C[10] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s3 = _mm_add_si64(x27, y27); + s1 = _mm_add_si64(s1, z10); + s1 = _mm_add_si64(s1, z12); + s1 = _mm_add_si64(s1, s3); + C[11] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s3 = _mm_add_si64(z14, z16); + s1 = _mm_add_si64(s1, s3); + C[12] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s3 = _mm_add_si64(z18, z20); + s1 = _mm_add_si64(s1, s3); + C[13] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s3 = _mm_add_si64(z22, z26); + s1 = _mm_add_si64(s1, s3); + C[14] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + C[15] = z[27] + _mm_cvtsi64_si32(s1); + _mm_empty(); +} + +void P4Optimized::Multiply8Bottom(word *C, const word *A, const word *B) +{ + __m128i temp[21]; + const word *w = (word *)temp; + const __m64 *mw = (__m64 *)w; + const word *x = (word *)temp+7*4; + const __m64 *mx = (__m64 *)x; + const word *y = (word *)temp+7*4*2; + const __m64 *my = (__m64 *)y; + + P4_Mul(temp, (__m128i *)A, (__m128i *)B); + + P4_Mul(temp+7, (__m128i *)A+1, (__m128i *)B); + + P4_Mul(temp+14, (__m128i *)A, (__m128i *)B+1); + + C[0] = w[0]; + + __m64 s1, s2, s3, s4; + + __m64 w1 = _mm_cvtsi32_si64(w[1]); + __m64 w4 = mw[2]; + __m64 w6 = mw[3]; + __m64 w8 = mw[4]; + __m64 w10 = mw[5]; + __m64 w12 = mw[6]; + __m64 w14 = mw[7]; + __m64 w16 = mw[8]; + __m64 w18 = mw[9]; + __m64 w20 = mw[10]; + __m64 w22 = mw[11]; + __m64 w26 = _mm_cvtsi32_si64(w[26]); + + __m64 x0 = _mm_cvtsi32_si64(x[0]); + __m64 x1 = _mm_cvtsi32_si64(x[1]); + __m64 x4 = mx[2]; + __m64 x6 = mx[3]; + __m64 x8 = mx[4]; + + __m64 y0 = _mm_cvtsi32_si64(y[0]); + __m64 y1 = _mm_cvtsi32_si64(y[1]); + __m64 y4 = my[2]; + __m64 y6 = my[3]; + __m64 y8 = my[4]; + + s1 = _mm_add_si64(w1, w4); + C[1] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s2 = _mm_add_si64(w6, w8); + s1 = _mm_add_si64(s1, s2); + C[2] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s2 = _mm_add_si64(w10, w12); + s1 = _mm_add_si64(s1, s2); + C[3] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s3 = _mm_add_si64(x0, y0); + s2 = _mm_add_si64(w14, w16); + s1 = _mm_add_si64(s1, s3); + s1 = _mm_add_si64(s1, s2); + C[4] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s3 = _mm_add_si64(x1, y1); + s4 = _mm_add_si64(x4, y4); + s1 = _mm_add_si64(s1, w18); + s3 = _mm_add_si64(s3, s4); + s1 = _mm_add_si64(s1, w20); + s1 = _mm_add_si64(s1, s3); + C[5] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + s3 = _mm_add_si64(x6, y6); + s4 = _mm_add_si64(x8, y8); + s1 = _mm_add_si64(s1, w22); + s3 = _mm_add_si64(s3, s4); + s1 = _mm_add_si64(s1, w26); + s1 = _mm_add_si64(s1, s3); + C[6] = _mm_cvtsi64_si32(s1); + s1 = _mm_srli_si64(s1, 32); + + C[7] = _mm_cvtsi64_si32(s1) + w[27] + x[10] + y[10] + x[12] + y[12]; + _mm_empty(); +} + +#endif // #ifdef SSE2_INTRINSICS_AVAILABLE + +// end optimized + +// ******************************************************** + +#define A0 A +#define A1 (A+N2) +#define B0 B +#define B1 (B+N2) + +#define T0 T +#define T1 (T+N2) +#define T2 (T+N) +#define T3 (T+N+N2) + +#define R0 R +#define R1 (R+N2) +#define R2 (R+N) +#define R3 (R+N+N2) + +//VC60 workaround: compiler bug triggered without the extra dummy parameters + +// R[2*N] - result = A*B +// T[2*N] - temporary work space +// A[N] --- multiplier +// B[N] --- multiplicant + + +void RecursiveMultiply(word *R, word *T, const word *A, const word *B, + unsigned int N) +{ + if (LowLevel::MultiplyRecursionLimit() >= 8 && N==8) + LowLevel::Multiply8(R, A, B); + else if (LowLevel::MultiplyRecursionLimit() >= 4 && N==4) + LowLevel::Multiply4(R, A, B); + else if (N==2) + LowLevel::Multiply2(R, A, B); + else + { + const unsigned int N2 = N/2; + int carry; + + int aComp = Compare(A0, A1, N2); + int bComp = Compare(B0, B1, N2); + + switch (2*aComp + aComp + bComp) + { + case -4: + LowLevel::Subtract(R0, A1, A0, N2); + LowLevel::Subtract(R1, B0, B1, N2); + RecursiveMultiply(T0, T2, R0, R1, N2); + LowLevel::Subtract(T1, T1, R0, N2); + carry = -1; + break; + case -2: + LowLevel::Subtract(R0, A1, A0, N2); + LowLevel::Subtract(R1, B0, B1, N2); + RecursiveMultiply(T0, T2, R0, R1, N2); + carry = 0; + break; + case 2: + LowLevel::Subtract(R0, A0, A1, N2); + LowLevel::Subtract(R1, B1, B0, N2); + RecursiveMultiply(T0, T2, R0, R1, N2); + carry = 0; + break; + case 4: + LowLevel::Subtract(R0, A1, A0, N2); + LowLevel::Subtract(R1, B0, B1, N2); + RecursiveMultiply(T0, T2, R0, R1, N2); + LowLevel::Subtract(T1, T1, R1, N2); + carry = -1; + break; + default: + SetWords(T0, 0, N); + carry = 0; + } + + RecursiveMultiply(R0, T2, A0, B0, N2); + RecursiveMultiply(R2, T2, A1, B1, N2); + + // now T[01] holds (A1-A0)*(B0-B1),R[01] holds A0*B0, R[23] holds A1*B1 + + carry += LowLevel::Add(T0, T0, R0, N); + carry += LowLevel::Add(T0, T0, R2, N); + carry += LowLevel::Add(R1, R1, T0, N); + + Increment(R3, N2, carry); + } +} + + +void RecursiveSquare(word *R, word *T, const word *A, unsigned int N) +{ + if (LowLevel::SquareRecursionLimit() >= 4 && N==4) + LowLevel::Square4(R, A); + else if (N==2) + LowLevel::Square2(R, A); + else + { + const unsigned int N2 = N/2; + + RecursiveSquare(R0, T2, A0, N2); + RecursiveSquare(R2, T2, A1, N2); + RecursiveMultiply(T0, T2, A0, A1, N2); + + word carry = LowLevel::Add(R1, R1, T0, N); + carry += LowLevel::Add(R1, R1, T0, N); + Increment(R3, N2, carry); + } +} + + +// R[N] - bottom half of A*B +// T[N] - temporary work space +// A[N] - multiplier +// B[N] - multiplicant + + +void RecursiveMultiplyBottom(word *R, word *T, const word *A, const word *B, + unsigned int N) +{ + if (LowLevel::MultiplyBottomRecursionLimit() >= 8 && N==8) + LowLevel::Multiply8Bottom(R, A, B); + else if (LowLevel::MultiplyBottomRecursionLimit() >= 4 && N==4) + LowLevel::Multiply4Bottom(R, A, B); + else if (N==2) + LowLevel::Multiply2Bottom(R, A, B); + else + { + const unsigned int N2 = N/2; + + RecursiveMultiply(R, T, A0, B0, N2); + RecursiveMultiplyBottom(T0, T1, A1, B0, N2); + LowLevel::Add(R1, R1, T0, N2); + RecursiveMultiplyBottom(T0, T1, A0, B1, N2); + LowLevel::Add(R1, R1, T0, N2); + } +} + + +void RecursiveMultiplyTop(word *R, word *T, const word *L, const word *A, + const word *B, unsigned int N) +{ + if (N==4) + { + LowLevel::Multiply4(T, A, B); + memcpy(R, T+4, 4*WORD_SIZE); + } + else if (N==2) + { + LowLevel::Multiply2(T, A, B); + memcpy(R, T+2, 2*WORD_SIZE); + } + else + { + const unsigned int N2 = N/2; + int carry; + + int aComp = Compare(A0, A1, N2); + int bComp = Compare(B0, B1, N2); + + switch (2*aComp + aComp + bComp) + { + case -4: + LowLevel::Subtract(R0, A1, A0, N2); + LowLevel::Subtract(R1, B0, B1, N2); + RecursiveMultiply(T0, T2, R0, R1, N2); + LowLevel::Subtract(T1, T1, R0, N2); + carry = -1; + break; + case -2: + LowLevel::Subtract(R0, A1, A0, N2); + LowLevel::Subtract(R1, B0, B1, N2); + RecursiveMultiply(T0, T2, R0, R1, N2); + carry = 0; + break; + case 2: + LowLevel::Subtract(R0, A0, A1, N2); + LowLevel::Subtract(R1, B1, B0, N2); + RecursiveMultiply(T0, T2, R0, R1, N2); + carry = 0; + break; + case 4: + LowLevel::Subtract(R0, A1, A0, N2); + LowLevel::Subtract(R1, B0, B1, N2); + RecursiveMultiply(T0, T2, R0, R1, N2); + LowLevel::Subtract(T1, T1, R1, N2); + carry = -1; + break; + default: + SetWords(T0, 0, N); + carry = 0; + } + + RecursiveMultiply(T2, R0, A1, B1, N2); + + // now T[01] holds (A1-A0)*(B0-B1), T[23] holds A1*B1 + + word c2 = LowLevel::Subtract(R0, L+N2, L, N2); + c2 += LowLevel::Subtract(R0, R0, T0, N2); + word t = (Compare(R0, T2, N2) == -1); + + carry += t; + carry += Increment(R0, N2, c2+t); + carry += LowLevel::Add(R0, R0, T1, N2); + carry += LowLevel::Add(R0, R0, T3, N2); + + CopyWords(R1, T3, N2); + Increment(R1, N2, carry); + } +} + + +inline word Add(word *C, const word *A, const word *B, unsigned int N) +{ + return LowLevel::Add(C, A, B, N); +} + +inline word Subtract(word *C, const word *A, const word *B, unsigned int N) +{ + return LowLevel::Subtract(C, A, B, N); +} + +inline void Multiply(word *R, word *T, const word *A, const word *B, + unsigned int N) +{ + RecursiveMultiply(R, T, A, B, N); +} + +inline void Square(word *R, word *T, const word *A, unsigned int N) +{ + RecursiveSquare(R, T, A, N); +} + + +void AsymmetricMultiply(word *R, word *T, const word *A, unsigned int NA, + const word *B, unsigned int NB) +{ + if (NA == NB) + { + if (A == B) + Square(R, T, A, NA); + else + Multiply(R, T, A, B, NA); + + return; + } + + if (NA > NB) + { + STL::swap(A, B); + STL::swap(NA, NB); + } + + if (NA==2 && !A[1]) + { + switch (A[0]) + { + case 0: + SetWords(R, 0, NB+2); + return; + case 1: + CopyWords(R, B, NB); + R[NB] = R[NB+1] = 0; + return; + default: + R[NB] = LinearMultiply(R, B, A[0], NB); + R[NB+1] = 0; + return; + } + } + + Multiply(R, T, A, B, NA); + CopyWords(T+2*NA, R+NA, NA); + + unsigned i; + + for (i=2*NA; i>=1; + i++; + } + k+=i; + + if (t==1 && f[1]==0 && EvenWordCount(f, fgLen)==2) + { + if (s%2==0) + CopyWords(R, b, N); + else + Subtract(R, M, b, N); + return k; + } + + ShiftWordsRightByBits(f, fgLen, i); + t=ShiftWordsLeftByBits(c, bcLen, i); + if (t) + { + c[bcLen] = t; + bcLen+=2; + } + + if (f[fgLen-2]==0 && g[fgLen-2]==0 && f[fgLen-1]==0 && g[fgLen-1]==0) + fgLen-=2; + + if (Compare(f, g, fgLen)==-1) + { + STL::swap(f, g); + STL::swap(b, c); + s++; + } + + Subtract(f, f, g, fgLen); + + if (Add(b, b, c, bcLen)) + { + b[bcLen] = 1; + bcLen+=2; + } + } +} + +// R[N] - result = A/(2^k) mod M +// A[N] - input +// M[N] - modulus + +void DivideByPower2Mod(word *R, const word *A, unsigned int k, const word *M, + unsigned int N) +{ + CopyWords(R, A, N); + + while (k--) + { + if (R[0]%2==0) + ShiftWordsRightByBits(R, N, 1); + else + { + word carry = Add(R, R, M, N); + ShiftWordsRightByBits(R, N, 1); + R[N-1] += carry<<(WORD_BITS-1); + } + } +} + +// R[N] - result = A*(2^k) mod M +// A[N] - input +// M[N] - modulus + +void MultiplyByPower2Mod(word *R, const word *A, unsigned int k, const word *M, + unsigned int N) +{ + CopyWords(R, A, N); + + while (k--) + if (ShiftWordsLeftByBits(R, N, 1) || Compare(R, M, N)>=0) + Subtract(R, R, M, N); +} + + +// ********** end of integer needs + + +Integer::Integer() + : reg_(2), sign_(POSITIVE) +{ + reg_[0] = reg_[1] = 0; +} + + +Integer::Integer(const Integer& t) + : reg_(RoundupSize(t.WordCount())), sign_(t.sign_) +{ + CopyWords(reg_.get_buffer(), t.reg_.get_buffer(), reg_.size()); +} + + +Integer::Integer(signed long value) + : reg_(2) +{ + if (value >= 0) + sign_ = POSITIVE; + else + { + sign_ = NEGATIVE; + value = -value; + } + reg_[0] = word(value); + reg_[1] = word(SafeRightShift(value)); +} + + +Integer::Integer(Sign s, word high, word low) + : reg_(2), sign_(s) +{ + reg_[0] = low; + reg_[1] = high; +} + + +Integer::Integer(word value, unsigned int length) + : reg_(RoundupSize(length)), sign_(POSITIVE) +{ + reg_[0] = value; + SetWords(reg_ + 1, 0, reg_.size() - 1); +} + + +Integer::Integer(const byte *encodedInteger, unsigned int byteCount, + Signedness s) +{ + Decode(encodedInteger, byteCount, s); +} + +class BadBER {}; + +// BER Decode Source +Integer::Integer(Source& source) + : reg_(2), sign_(POSITIVE) +{ + Decode(source); +} + +void Integer::Decode(Source& source) +{ + byte b = source.next(); + if (b != INTEGER) { + source.SetError(INTEGER_E); + return; + } + + word32 length = GetLength(source); + if (length == 0 || source.GetError().What()) return; + + if ( (b = source.next()) == 0x00) + length--; + else + source.prev(); + + if (source.IsLeft(length) == false) return; + + unsigned int words = (length + WORD_SIZE - 1) / WORD_SIZE; + words = RoundupSize(words); + if (words > reg_.size()) reg_.CleanNew(words); + + for (int j = length; j > 0; j--) { + b = source.next(); + reg_ [(j-1) / WORD_SIZE] |= (word)b << ((j-1) % WORD_SIZE) * 8; + } +} + + +void Integer::Decode(const byte* input, unsigned int inputLen, Signedness s) +{ + unsigned int idx(0); + byte b = 0; + if (inputLen>0) + b = input[idx]; // peek + sign_ = ((s==SIGNED) && (b & 0x80)) ? NEGATIVE : POSITIVE; + + while (inputLen>0 && (sign_==POSITIVE ? b==0 : b==0xff)) + { + idx++; // skip + if (--inputLen>0) + b = input[idx]; // peek + } + + reg_.CleanNew(RoundupSize(BytesToWords(inputLen))); + + for (unsigned int i=inputLen; i > 0; i--) + { + b = input[idx++]; + reg_[(i-1)/WORD_SIZE] |= (word)b << ((i-1)%WORD_SIZE)*8; + } + + if (sign_ == NEGATIVE) + { + for (unsigned i=inputLen; i 0; i--) + output[idx++] = GetByte(i-1); + } + else + { + // take two's complement of *this + Integer temp = Integer::Power2(8*max(ByteCount(), outputLen)) + *this; + for (unsigned i=0; i range); + + *this += min; +} + + +Integer Integer::Power2(unsigned int e) +{ + Integer r((word)0, BitsToWords(e + 1)); + r.SetBit(e); + return r; +} + + +void Integer::SetBit(unsigned int n, bool value) +{ + if (value) + { + reg_.CleanGrow(RoundupSize(BitsToWords(n + 1))); + reg_[n / WORD_BITS] |= (word(1) << (n % WORD_BITS)); + } + else + { + if (n / WORD_BITS < reg_.size()) + reg_[n / WORD_BITS] &= ~(word(1) << (n % WORD_BITS)); + } +} + + +void Integer::SetByte(unsigned int n, byte value) +{ + reg_.CleanGrow(RoundupSize(BytesToWords(n+1))); + reg_[n/WORD_SIZE] &= ~(word(0xff) << 8*(n%WORD_SIZE)); + reg_[n/WORD_SIZE] |= (word(value) << 8*(n%WORD_SIZE)); +} + + +void Integer::Negate() +{ + if (!!(*this)) // don't flip sign if *this==0 + sign_ = Sign(1 - sign_); +} + + +bool Integer::operator!() const +{ + return IsNegative() ? false : (reg_[0]==0 && WordCount()==0); +} + + +Integer& Integer::operator=(const Integer& t) +{ + if (this != &t) + { + reg_.New(RoundupSize(t.WordCount())); + CopyWords(reg_.get_buffer(), t.reg_.get_buffer(), reg_.size()); + sign_ = t.sign_; + } + return *this; +} + + +Integer& Integer::operator+=(const Integer& t) +{ + reg_.CleanGrow(t.reg_.size()); + if (NotNegative()) + { + if (t.NotNegative()) + PositiveAdd(*this, *this, t); + else + PositiveSubtract(*this, *this, t); + } + else + { + if (t.NotNegative()) + PositiveSubtract(*this, t, *this); + else + { + PositiveAdd(*this, *this, t); + sign_ = Integer::NEGATIVE; + } + } + return *this; +} + + +Integer Integer::operator-() const +{ + Integer result(*this); + result.Negate(); + return result; +} + + +Integer& Integer::operator-=(const Integer& t) +{ + reg_.CleanGrow(t.reg_.size()); + if (NotNegative()) + { + if (t.NotNegative()) + PositiveSubtract(*this, *this, t); + else + PositiveAdd(*this, *this, t); + } + else + { + if (t.NotNegative()) + { + PositiveAdd(*this, *this, t); + sign_ = Integer::NEGATIVE; + } + else + PositiveSubtract(*this, t, *this); + } + return *this; +} + + +Integer& Integer::operator++() +{ + if (NotNegative()) + { + if (Increment(reg_.get_buffer(), reg_.size())) + { + reg_.CleanGrow(2*reg_.size()); + reg_[reg_.size()/2]=1; + } + } + else + { + word borrow = Decrement(reg_.get_buffer(), reg_.size()); + (void)borrow; // shut up compiler + if (WordCount()==0) + *this = Zero(); + } + return *this; +} + +Integer& Integer::operator--() +{ + if (IsNegative()) + { + if (Increment(reg_.get_buffer(), reg_.size())) + { + reg_.CleanGrow(2*reg_.size()); + reg_[reg_.size()/2]=1; + } + } + else + { + if (Decrement(reg_.get_buffer(), reg_.size())) + *this = -One(); + } + return *this; +} + + +Integer& Integer::operator<<=(unsigned int n) +{ + const unsigned int wordCount = WordCount(); + const unsigned int shiftWords = n / WORD_BITS; + const unsigned int shiftBits = n % WORD_BITS; + + reg_.CleanGrow(RoundupSize(wordCount+BitsToWords(n))); + ShiftWordsLeftByWords(reg_.get_buffer(), wordCount + shiftWords, + shiftWords); + ShiftWordsLeftByBits(reg_+shiftWords, wordCount+BitsToWords(shiftBits), + shiftBits); + return *this; +} + +Integer& Integer::operator>>=(unsigned int n) +{ + const unsigned int wordCount = WordCount(); + const unsigned int shiftWords = n / WORD_BITS; + const unsigned int shiftBits = n % WORD_BITS; + + ShiftWordsRightByWords(reg_.get_buffer(), wordCount, shiftWords); + if (wordCount > shiftWords) + ShiftWordsRightByBits(reg_.get_buffer(), wordCount-shiftWords, + shiftBits); + if (IsNegative() && WordCount()==0) // avoid -0 + *this = Zero(); + return *this; +} + + +void PositiveAdd(Integer& sum, const Integer& a, const Integer& b) +{ + word carry; + if (a.reg_.size() == b.reg_.size()) + carry = Add(sum.reg_.get_buffer(), a.reg_.get_buffer(), + b.reg_.get_buffer(), a.reg_.size()); + else if (a.reg_.size() > b.reg_.size()) + { + carry = Add(sum.reg_.get_buffer(), a.reg_.get_buffer(), + b.reg_.get_buffer(), b.reg_.size()); + CopyWords(sum.reg_+b.reg_.size(), a.reg_+b.reg_.size(), + a.reg_.size()-b.reg_.size()); + carry = Increment(sum.reg_+b.reg_.size(), a.reg_.size()-b.reg_.size(), + carry); + } + else + { + carry = Add(sum.reg_.get_buffer(), a.reg_.get_buffer(), + b.reg_.get_buffer(), a.reg_.size()); + CopyWords(sum.reg_+a.reg_.size(), b.reg_+a.reg_.size(), + b.reg_.size()-a.reg_.size()); + carry = Increment(sum.reg_+a.reg_.size(), b.reg_.size()-a.reg_.size(), + carry); + } + + if (carry) + { + sum.reg_.CleanGrow(2*sum.reg_.size()); + sum.reg_[sum.reg_.size()/2] = 1; + } + sum.sign_ = Integer::POSITIVE; +} + +void PositiveSubtract(Integer &diff, const Integer &a, const Integer& b) +{ + unsigned aSize = a.WordCount(); + aSize += aSize%2; + unsigned bSize = b.WordCount(); + bSize += bSize%2; + + if (aSize == bSize) + { + if (Compare(a.reg_.get_buffer(), b.reg_.get_buffer(), aSize) >= 0) + { + Subtract(diff.reg_.get_buffer(), a.reg_.get_buffer(), + b.reg_.get_buffer(), aSize); + diff.sign_ = Integer::POSITIVE; + } + else + { + Subtract(diff.reg_.get_buffer(), b.reg_.get_buffer(), + a.reg_.get_buffer(), aSize); + diff.sign_ = Integer::NEGATIVE; + } + } + else if (aSize > bSize) + { + word borrow = Subtract(diff.reg_.get_buffer(), a.reg_.get_buffer(), + b.reg_.get_buffer(), bSize); + CopyWords(diff.reg_+bSize, a.reg_+bSize, aSize-bSize); + borrow = Decrement(diff.reg_+bSize, aSize-bSize, borrow); + diff.sign_ = Integer::POSITIVE; + } + else + { + word borrow = Subtract(diff.reg_.get_buffer(), b.reg_.get_buffer(), + a.reg_.get_buffer(), aSize); + CopyWords(diff.reg_+aSize, b.reg_+aSize, bSize-aSize); + borrow = Decrement(diff.reg_+aSize, bSize-aSize, borrow); + diff.sign_ = Integer::NEGATIVE; + } +} + + +unsigned int Integer::MinEncodedSize(Signedness signedness) const +{ + unsigned int outputLen = max(1U, ByteCount()); + if (signedness == UNSIGNED) + return outputLen; + if (NotNegative() && (GetByte(outputLen-1) & 0x80)) + outputLen++; + if (IsNegative() && *this < -Power2(outputLen*8-1)) + outputLen++; + return outputLen; +} + + +int Integer::Compare(const Integer& t) const +{ + if (NotNegative()) + { + if (t.NotNegative()) + return PositiveCompare(t); + else + return 1; + } + else + { + if (t.NotNegative()) + return -1; + else + return -PositiveCompare(t); + } +} + + +int Integer::PositiveCompare(const Integer& t) const +{ + unsigned size = WordCount(), tSize = t.WordCount(); + + if (size == tSize) + return TaoCrypt::Compare(reg_.get_buffer(), t.reg_.get_buffer(), size); + else + return size > tSize ? 1 : -1; +} + + +bool Integer::GetBit(unsigned int n) const +{ + if (n/WORD_BITS >= reg_.size()) + return 0; + else + return bool((reg_[n/WORD_BITS] >> (n % WORD_BITS)) & 1); +} + + +unsigned long Integer::GetBits(unsigned int i, unsigned int n) const +{ + unsigned long v = 0; + for (unsigned int j=0; j= reg_.size()) + return 0; + else + return byte(reg_[n/WORD_SIZE] >> ((n%WORD_SIZE)*8)); +} + + +unsigned int Integer::BitCount() const +{ + unsigned wordCount = WordCount(); + if (wordCount) + return (wordCount-1)*WORD_BITS + BitPrecision(reg_[wordCount-1]); + else + return 0; +} + + +unsigned int Integer::ByteCount() const +{ + unsigned wordCount = WordCount(); + if (wordCount) + return (wordCount-1)*WORD_SIZE + BytePrecision(reg_[wordCount-1]); + else + return 0; +} + + +unsigned int Integer::WordCount() const +{ + return CountWords(reg_.get_buffer(), reg_.size()); +} + + +bool Integer::IsConvertableToLong() const +{ + if (ByteCount() > sizeof(long)) + return false; + + unsigned long value = reg_[0]; + value += SafeLeftShift(reg_[1]); + + if (sign_ == POSITIVE) + return (signed long)value >= 0; + else + return -(signed long)value < 0; +} + + +signed long Integer::ConvertToLong() const +{ + unsigned long value = reg_[0]; + value += SafeLeftShift(reg_[1]); + return sign_ == POSITIVE ? value : -(signed long)value; +} + + +void Integer::Swap(Integer& a) +{ + reg_.Swap(a.reg_); + STL::swap(sign_, a.sign_); +} + + +Integer Integer::Plus(const Integer& b) const +{ + Integer sum((word)0, max(reg_.size(), b.reg_.size())); + if (NotNegative()) + { + if (b.NotNegative()) + PositiveAdd(sum, *this, b); + else + PositiveSubtract(sum, *this, b); + } + else + { + if (b.NotNegative()) + PositiveSubtract(sum, b, *this); + else + { + PositiveAdd(sum, *this, b); + sum.sign_ = Integer::NEGATIVE; + } + } + return sum; +} + + +Integer Integer::Minus(const Integer& b) const +{ + Integer diff((word)0, max(reg_.size(), b.reg_.size())); + if (NotNegative()) + { + if (b.NotNegative()) + PositiveSubtract(diff, *this, b); + else + PositiveAdd(diff, *this, b); + } + else + { + if (b.NotNegative()) + { + PositiveAdd(diff, *this, b); + diff.sign_ = Integer::NEGATIVE; + } + else + PositiveSubtract(diff, b, *this); + } + return diff; +} + + +Integer Integer::Times(const Integer &b) const +{ + Integer product; + Multiply(product, *this, b); + return product; +} + + +#undef A0 +#undef A1 +#undef B0 +#undef B1 + +#undef T0 +#undef T1 +#undef T2 +#undef T3 + +#undef R0 +#undef R1 +#undef R2 +#undef R3 + + +static inline void AtomicDivide(word *Q, const word *A, const word *B) +{ + word T[4]; + DWord q = DivideFourWordsByTwo(T, DWord(A[0], A[1]), + DWord(A[2], A[3]), DWord(B[0], B[1])); + Q[0] = q.GetLowHalf(); + Q[1] = q.GetHighHalf(); + +#ifndef NDEBUG + if (B[0] || B[1]) + { + // multiply quotient and divisor and add remainder, make sure it + // equals dividend + word P[4]; + Portable::Multiply2(P, Q, B); + Add(P, P, T, 4); + } +#endif +} + + +// for use by Divide(), corrects the underestimated quotient {Q1,Q0} +static void CorrectQuotientEstimate(word *R, word *T, word *Q, const word *B, + unsigned int N) +{ + if (Q[1]) + { + T[N] = T[N+1] = 0; + unsigned i; + for (i=0; i= 0) + { + R[N] -= Subtract(R, R, B, N); + Q[1] += (++Q[0]==0); + } +} + +// R[NB] -------- remainder = A%B +// Q[NA-NB+2] --- quotient = A/B +// T[NA+2*NB+4] - temp work space +// A[NA] -------- dividend +// B[NB] -------- divisor + + +void Divide(word* R, word* Q, word* T, const word* A, unsigned int NA, + const word* B, unsigned int NB) +{ + // set up temporary work space + word *const TA=T; + word *const TB=T+NA+2; + word *const TP=T+NA+2+NB; + + // copy B into TB and normalize it so that TB has highest bit set to 1 + unsigned shiftWords = (B[NB-1]==0); + TB[0] = TB[NB-1] = 0; + CopyWords(TB+shiftWords, B, NB-shiftWords); + unsigned shiftBits = WORD_BITS - BitPrecision(TB[NB-1]); + ShiftWordsLeftByBits(TB, NB, shiftBits); + + // copy A into TA and normalize it + TA[0] = TA[NA] = TA[NA+1] = 0; + CopyWords(TA+shiftWords, A, NA); + ShiftWordsLeftByBits(TA, NA+2, shiftBits); + + if (TA[NA+1]==0 && TA[NA] <= 1) + { + Q[NA-NB+1] = Q[NA-NB] = 0; + while (TA[NA] || Compare(TA+NA-NB, TB, NB) >= 0) + { + TA[NA] -= Subtract(TA+NA-NB, TA+NA-NB, TB, NB); + ++Q[NA-NB]; + } + } + else + { + NA+=2; + } + + word BT[2]; + BT[0] = TB[NB-2] + 1; + BT[1] = TB[NB-1] + (BT[0]==0); + + // start reducing TA mod TB, 2 words at a time + for (unsigned i=NA-2; i>=NB; i-=2) + { + AtomicDivide(Q+i-NB, TA+i-2, BT); + CorrectQuotientEstimate(TA+i-NB, TP, Q+i-NB, TB, NB); + } + + // copy TA into R, and denormalize it + CopyWords(R, TA+shiftWords, NB); + ShiftWordsRightByBits(R, NB, shiftBits); +} + + +void PositiveDivide(Integer& remainder, Integer& quotient, + const Integer& a, const Integer& b) +{ + unsigned aSize = a.WordCount(); + unsigned bSize = b.WordCount(); + + if (a.PositiveCompare(b) == -1) + { + remainder = a; + remainder.sign_ = Integer::POSITIVE; + quotient = Integer::Zero(); + return; + } + + aSize += aSize%2; // round up to next even number + bSize += bSize%2; + + remainder.reg_.CleanNew(RoundupSize(bSize)); + remainder.sign_ = Integer::POSITIVE; + quotient.reg_.CleanNew(RoundupSize(aSize-bSize+2)); + quotient.sign_ = Integer::POSITIVE; + + AlignedWordBlock T(aSize+2*bSize+4); + Divide(remainder.reg_.get_buffer(), quotient.reg_.get_buffer(), + T.get_buffer(), a.reg_.get_buffer(), aSize, b.reg_.get_buffer(), + bSize); +} + +void Integer::Divide(Integer &remainder, Integer "ient, + const Integer ÷nd, const Integer &divisor) +{ + PositiveDivide(remainder, quotient, dividend, divisor); + + if (dividend.IsNegative()) + { + quotient.Negate(); + if (remainder.NotZero()) + { + --quotient; + remainder = divisor.AbsoluteValue() - remainder; + } + } + + if (divisor.IsNegative()) + quotient.Negate(); +} + +void Integer::DivideByPowerOf2(Integer &r, Integer &q, const Integer &a, + unsigned int n) +{ + q = a; + q >>= n; + + const unsigned int wordCount = BitsToWords(n); + if (wordCount <= a.WordCount()) + { + r.reg_.resize(RoundupSize(wordCount)); + CopyWords(r.reg_.get_buffer(), a.reg_.get_buffer(), wordCount); + SetWords(r.reg_+wordCount, 0, r.reg_.size()-wordCount); + if (n % WORD_BITS != 0) + r.reg_[wordCount-1] %= (word(1) << (n % WORD_BITS)); + } + else + { + r.reg_.resize(RoundupSize(a.WordCount())); + CopyWords(r.reg_.get_buffer(), a.reg_.get_buffer(), r.reg_.size()); + } + r.sign_ = POSITIVE; + + if (a.IsNegative() && r.NotZero()) + { + --q; + r = Power2(n) - r; + } +} + +Integer Integer::DividedBy(const Integer &b) const +{ + Integer remainder, quotient; + Integer::Divide(remainder, quotient, *this, b); + return quotient; +} + +Integer Integer::Modulo(const Integer &b) const +{ + Integer remainder, quotient; + Integer::Divide(remainder, quotient, *this, b); + return remainder; +} + +void Integer::Divide(word &remainder, Integer "ient, + const Integer ÷nd, word divisor) +{ + if ((divisor & (divisor-1)) == 0) // divisor is a power of 2 + { + quotient = dividend >> (BitPrecision(divisor)-1); + remainder = dividend.reg_[0] & (divisor-1); + return; + } + + unsigned int i = dividend.WordCount(); + quotient.reg_.CleanNew(RoundupSize(i)); + remainder = 0; + while (i--) + { + quotient.reg_[i] = DWord(dividend.reg_[i], remainder) / divisor; + remainder = DWord(dividend.reg_[i], remainder) % divisor; + } + + if (dividend.NotNegative()) + quotient.sign_ = POSITIVE; + else + { + quotient.sign_ = NEGATIVE; + if (remainder) + { + --quotient; + remainder = divisor - remainder; + } + } +} + +Integer Integer::DividedBy(word b) const +{ + word remainder; + Integer quotient; + Integer::Divide(remainder, quotient, *this, b); + return quotient; +} + +word Integer::Modulo(word divisor) const +{ + word remainder; + + if ((divisor & (divisor-1)) == 0) // divisor is a power of 2 + remainder = reg_[0] & (divisor-1); + else + { + unsigned int i = WordCount(); + + if (divisor <= 5) + { + DWord sum(0, 0); + while (i--) + sum += reg_[i]; + remainder = sum % divisor; + } + else + { + remainder = 0; + while (i--) + remainder = DWord(reg_[i], remainder) % divisor; + } + } + + if (IsNegative() && remainder) + remainder = divisor - remainder; + + return remainder; +} + + +Integer Integer::AbsoluteValue() const +{ + Integer result(*this); + result.sign_ = POSITIVE; + return result; +} + + +Integer Integer::SquareRoot() const +{ + if (!IsPositive()) + return Zero(); + + // overestimate square root + Integer x, y = Power2((BitCount()+1)/2); + + do + { + x = y; + y = (x + *this/x) >> 1; + } while (y=m) + return (*this%m).InverseMod(m); + + if (m.IsEven()) + { + if (!m || IsEven()) + return Zero(); // no inverse + if (*this == One()) + return One(); + + Integer u = m.InverseMod(*this); + return !u ? Zero() : (m*(*this-u)+1)/(*this); + } + + AlignedWordBlock T(m.reg_.size() * 4); + Integer r((word)0, m.reg_.size()); + unsigned k = AlmostInverse(r.reg_.get_buffer(), T.get_buffer(), + reg_.get_buffer(), reg_.size(), + m.reg_.get_buffer(), m.reg_.size()); + DivideByPower2Mod(r.reg_.get_buffer(), r.reg_.get_buffer(), k, + m.reg_.get_buffer(), m.reg_.size()); + return r; +} + +word Integer::InverseMod(const word mod) const +{ + word g0 = mod, g1 = *this % mod; + word v0 = 0, v1 = 1; + word y; + + while (g1) + { + if (g1 == 1) + return v1; + y = g0 / g1; + g0 = g0 % g1; + v0 += y * v1; + + if (!g0) + break; + if (g0 == 1) + return mod-v0; + y = g1 / g0; + g1 = g1 % g0; + v1 += y * v0; + } + return 0; +} + +// ********* ModArith stuff + +const Integer& ModularArithmetic::Half(const Integer &a) const +{ + if (a.reg_.size()==modulus.reg_.size()) + { + TaoCrypt::DivideByPower2Mod(result.reg_.begin(), a.reg_.begin(), 1, + modulus.reg_.begin(), a.reg_.size()); + return result; + } + else + return result1 = (a.IsEven() ? (a >> 1) : ((a+modulus) >> 1)); +} + +const Integer& ModularArithmetic::Add(const Integer &a, const Integer &b) const +{ + if (a.reg_.size()==modulus.reg_.size() && + b.reg_.size()==modulus.reg_.size()) + { + if (TaoCrypt::Add(result.reg_.begin(), a.reg_.begin(), b.reg_.begin(), + a.reg_.size()) + || Compare(result.reg_.get_buffer(), modulus.reg_.get_buffer(), + a.reg_.size()) >= 0) + { + TaoCrypt::Subtract(result.reg_.begin(), result.reg_.begin(), + modulus.reg_.begin(), a.reg_.size()); + } + return result; + } + else + { + result1 = a+b; + if (result1 >= modulus) + result1 -= modulus; + return result1; + } +} + +Integer& ModularArithmetic::Accumulate(Integer &a, const Integer &b) const +{ + if (a.reg_.size()==modulus.reg_.size() && + b.reg_.size()==modulus.reg_.size()) + { + if (TaoCrypt::Add(a.reg_.get_buffer(), a.reg_.get_buffer(), + b.reg_.get_buffer(), a.reg_.size()) + || Compare(a.reg_.get_buffer(), modulus.reg_.get_buffer(), + a.reg_.size()) >= 0) + { + TaoCrypt::Subtract(a.reg_.get_buffer(), a.reg_.get_buffer(), + modulus.reg_.get_buffer(), a.reg_.size()); + } + } + else + { + a+=b; + if (a>=modulus) + a-=modulus; + } + + return a; +} + +const Integer& ModularArithmetic::Subtract(const Integer &a, + const Integer &b) const +{ + if (a.reg_.size()==modulus.reg_.size() && + b.reg_.size()==modulus.reg_.size()) + { + if (TaoCrypt::Subtract(result.reg_.begin(), a.reg_.begin(), + b.reg_.begin(), a.reg_.size())) + TaoCrypt::Add(result.reg_.begin(), result.reg_.begin(), + modulus.reg_.begin(), a.reg_.size()); + return result; + } + else + { + result1 = a-b; + if (result1.IsNegative()) + result1 += modulus; + return result1; + } +} + +Integer& ModularArithmetic::Reduce(Integer &a, const Integer &b) const +{ + if (a.reg_.size()==modulus.reg_.size() && + b.reg_.size()==modulus.reg_.size()) + { + if (TaoCrypt::Subtract(a.reg_.get_buffer(), a.reg_.get_buffer(), + b.reg_.get_buffer(), a.reg_.size())) + TaoCrypt::Add(a.reg_.get_buffer(), a.reg_.get_buffer(), + modulus.reg_.get_buffer(), a.reg_.size()); + } + else + { + a-=b; + if (a.IsNegative()) + a+=modulus; + } + + return a; +} + +const Integer& ModularArithmetic::Inverse(const Integer &a) const +{ + if (!a) + return a; + + CopyWords(result.reg_.begin(), modulus.reg_.begin(), modulus.reg_.size()); + if (TaoCrypt::Subtract(result.reg_.begin(), result.reg_.begin(), + a.reg_.begin(), a.reg_.size())) + Decrement(result.reg_.begin()+a.reg_.size(), 1, + modulus.reg_.size()-a.reg_.size()); + + return result; +} + +Integer ModularArithmetic::CascadeExponentiate(const Integer &x, + const Integer &e1, const Integer &y, const Integer &e2) const +{ + if (modulus.IsOdd()) + { + MontgomeryRepresentation dr(modulus); + return dr.ConvertOut(dr.CascadeExponentiate(dr.ConvertIn(x), e1, + dr.ConvertIn(y), e2)); + } + else + return AbstractRing::CascadeExponentiate(x, e1, y, e2); +} + +void ModularArithmetic::SimultaneousExponentiate(Integer *results, + const Integer &base, const Integer *exponents, + unsigned int exponentsCount) const +{ + if (modulus.IsOdd()) + { + MontgomeryRepresentation dr(modulus); + dr.SimultaneousExponentiate(results, dr.ConvertIn(base), exponents, + exponentsCount); + for (unsigned int i=0; i + +namespace TaoCrypt { + + +MD2::MD2() + : X_(X_SIZE), C_(BLOCK_SIZE), buffer_(BLOCK_SIZE) +{ + Init(); +} + +void MD2::Init() +{ + memset(X_.get_buffer(), 0, X_SIZE); + memset(C_.get_buffer(), 0, BLOCK_SIZE); + memset(buffer_.get_buffer(), 0, BLOCK_SIZE); + count_ = 0; +} + + +void MD2::Update(const byte* data, word32 len) +{ + + static const byte S[256] = + { + 41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6, + 19, 98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188, + 76, 130, 202, 30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24, + 138, 23, 229, 18, 190, 78, 196, 214, 218, 158, 222, 73, 160, 251, + 245, 142, 187, 47, 238, 122, 169, 104, 121, 145, 21, 178, 7, 63, + 148, 194, 16, 137, 11, 34, 95, 33, 128, 127, 93, 154, 90, 144, 50, + 39, 53, 62, 204, 231, 191, 247, 151, 3, 255, 25, 48, 179, 72, 165, + 181, 209, 215, 94, 146, 42, 172, 86, 170, 198, 79, 184, 56, 210, + 150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241, 69, 157, + 112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2, 27, + 96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15, + 85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197, + 234, 38, 44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65, + 129, 77, 82, 106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123, + 8, 12, 189, 177, 74, 120, 136, 149, 139, 227, 99, 232, 109, 233, + 203, 213, 254, 59, 0, 29, 57, 242, 239, 183, 14, 102, 88, 208, 228, + 166, 119, 114, 248, 235, 117, 75, 10, 49, 68, 80, 180, 143, 237, + 31, 26, 219, 153, 141, 51, 159, 17, 131, 20 + }; + + while (len) { + word32 L = (PAD_SIZE - count_) < len ? (PAD_SIZE - count_) : len; + memcpy(buffer_.get_buffer() + count_, data, L); + count_ += L; + data += L; + len -= L; + + if (count_==PAD_SIZE) { + count_ = 0; + memcpy(X_.get_buffer() + PAD_SIZE, buffer_.get_buffer(), PAD_SIZE); + byte t = C_[15]; + + int i; + for(i = 0; i < PAD_SIZE; i++) { + X_[32 + i] = X_[PAD_SIZE + i] ^ X_[i]; + t = C_[i] ^= S[buffer_[i] ^ t]; + } + + t=0; + for(i = 0; i < 18; i++) { + for(int j = 0; j < X_SIZE; j += 8) { + t = X_[j+0] ^= S[t]; + t = X_[j+1] ^= S[t]; + t = X_[j+2] ^= S[t]; + t = X_[j+3] ^= S[t]; + t = X_[j+4] ^= S[t]; + t = X_[j+5] ^= S[t]; + t = X_[j+6] ^= S[t]; + t = X_[j+7] ^= S[t]; + } + t = (t + i) & 0xFF; + } + } + } +} + + +void MD2::Final(byte *hash) +{ + byte padding[BLOCK_SIZE]; + word32 padLen = PAD_SIZE - count_; + + for (word32 i = 0; i < padLen; i++) + padding[i] = static_cast(padLen); + + Update(padding, padLen); + Update(C_.get_buffer(), BLOCK_SIZE); + + memcpy(hash, X_.get_buffer(), DIGEST_SIZE); + + Init(); +} + + + + +} // namespace diff --git a/mysql/extra/yassl/taocrypt/src/md4.cpp b/mysql/extra/yassl/taocrypt/src/md4.cpp new file mode 100644 index 0000000..9364a1c --- /dev/null +++ b/mysql/extra/yassl/taocrypt/src/md4.cpp @@ -0,0 +1,157 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + + +/* based on Wei Dai's md4.cpp from CryptoPP */ + +#include "runtime.hpp" +#include "md4.hpp" +#ifdef USE_SYS_STL + #include +#else + #include "algorithm.hpp" +#endif + + +namespace STL = STL_NAMESPACE; + + +namespace TaoCrypt { + +void MD4::Init() +{ + digest_[0] = 0x67452301L; + digest_[1] = 0xefcdab89L; + digest_[2] = 0x98badcfeL; + digest_[3] = 0x10325476L; + + buffLen_ = 0; + loLen_ = 0; + hiLen_ = 0; +} + + +MD4::MD4(const MD4& that) : HASHwithTransform(DIGEST_SIZE / sizeof(word32), + BLOCK_SIZE) +{ + buffLen_ = that.buffLen_; + loLen_ = that.loLen_; + hiLen_ = that.hiLen_; + + memcpy(digest_, that.digest_, DIGEST_SIZE); + memcpy(buffer_, that.buffer_, BLOCK_SIZE); +} + +MD4& MD4::operator= (const MD4& that) +{ + MD4 tmp(that); + Swap(tmp); + + return *this; +} + + +void MD4::Swap(MD4& other) +{ + STL::swap(loLen_, other.loLen_); + STL::swap(hiLen_, other.hiLen_); + STL::swap(buffLen_, other.buffLen_); + + memcpy(digest_, other.digest_, DIGEST_SIZE); + memcpy(buffer_, other.buffer_, BLOCK_SIZE); +} + + +void MD4::Transform() +{ +#define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) +#define G(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z))) +#define H(x, y, z) ((x) ^ (y) ^ (z)) + + word32 A, B, C, D; + + A = digest_[0]; + B = digest_[1]; + C = digest_[2]; + D = digest_[3]; + +#define function(a,b,c,d,k,s) a=rotlFixed(a+F(b,c,d)+buffer_[k],s); + function(A,B,C,D, 0, 3); + function(D,A,B,C, 1, 7); + function(C,D,A,B, 2,11); + function(B,C,D,A, 3,19); + function(A,B,C,D, 4, 3); + function(D,A,B,C, 5, 7); + function(C,D,A,B, 6,11); + function(B,C,D,A, 7,19); + function(A,B,C,D, 8, 3); + function(D,A,B,C, 9, 7); + function(C,D,A,B,10,11); + function(B,C,D,A,11,19); + function(A,B,C,D,12, 3); + function(D,A,B,C,13, 7); + function(C,D,A,B,14,11); + function(B,C,D,A,15,19); + +#undef function +#define function(a,b,c,d,k,s) a=rotlFixed(a+G(b,c,d)+buffer_[k]+0x5a827999,s); + function(A,B,C,D, 0, 3); + function(D,A,B,C, 4, 5); + function(C,D,A,B, 8, 9); + function(B,C,D,A,12,13); + function(A,B,C,D, 1, 3); + function(D,A,B,C, 5, 5); + function(C,D,A,B, 9, 9); + function(B,C,D,A,13,13); + function(A,B,C,D, 2, 3); + function(D,A,B,C, 6, 5); + function(C,D,A,B,10, 9); + function(B,C,D,A,14,13); + function(A,B,C,D, 3, 3); + function(D,A,B,C, 7, 5); + function(C,D,A,B,11, 9); + function(B,C,D,A,15,13); + +#undef function +#define function(a,b,c,d,k,s) a=rotlFixed(a+H(b,c,d)+buffer_[k]+0x6ed9eba1,s); + function(A,B,C,D, 0, 3); + function(D,A,B,C, 8, 9); + function(C,D,A,B, 4,11); + function(B,C,D,A,12,15); + function(A,B,C,D, 2, 3); + function(D,A,B,C,10, 9); + function(C,D,A,B, 6,11); + function(B,C,D,A,14,15); + function(A,B,C,D, 1, 3); + function(D,A,B,C, 9, 9); + function(C,D,A,B, 5,11); + function(B,C,D,A,13,15); + function(A,B,C,D, 3, 3); + function(D,A,B,C,11, 9); + function(C,D,A,B, 7,11); + function(B,C,D,A,15,15); + + digest_[0] += A; + digest_[1] += B; + digest_[2] += C; + digest_[3] += D; +} + + +} // namespace + diff --git a/mysql/extra/yassl/taocrypt/src/md5.cpp b/mysql/extra/yassl/taocrypt/src/md5.cpp new file mode 100644 index 0000000..45cfa8a --- /dev/null +++ b/mysql/extra/yassl/taocrypt/src/md5.cpp @@ -0,0 +1,506 @@ +/* + Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + + +/* based on Wei Dai's md5.cpp from CryptoPP */ + +#include "runtime.hpp" +#include "md5.hpp" +#ifdef USE_SYS_STL + #include +#else + #include "algorithm.hpp" +#endif + + +namespace STL = STL_NAMESPACE; + + + +namespace TaoCrypt { + +void MD5::Init() +{ + digest_[0] = 0x67452301L; + digest_[1] = 0xefcdab89L; + digest_[2] = 0x98badcfeL; + digest_[3] = 0x10325476L; + + buffLen_ = 0; + loLen_ = 0; + hiLen_ = 0; +} + + +MD5::MD5(const MD5& that) : HASHwithTransform(DIGEST_SIZE / sizeof(word32), + BLOCK_SIZE) +{ + buffLen_ = that.buffLen_; + loLen_ = that.loLen_; + hiLen_ = that.hiLen_; + + memcpy(digest_, that.digest_, DIGEST_SIZE); + memcpy(buffer_, that.buffer_, BLOCK_SIZE); +} + +MD5& MD5::operator= (const MD5& that) +{ + MD5 tmp(that); + Swap(tmp); + + return *this; +} + + +void MD5::Swap(MD5& other) +{ + STL::swap(loLen_, other.loLen_); + STL::swap(hiLen_, other.hiLen_); + STL::swap(buffLen_, other.buffLen_); + + memcpy(digest_, other.digest_, DIGEST_SIZE); + memcpy(buffer_, other.buffer_, BLOCK_SIZE); +} + + +#ifdef DO_MD5_ASM + +// Update digest with data of size len +void MD5::Update(const byte* data, word32 len) +{ + if (!isMMX) { + HASHwithTransform::Update(data, len); + return; + } + + byte* local = reinterpret_cast(buffer_); + + // remove buffered data if possible + if (buffLen_) { + word32 add = min(len, BLOCK_SIZE - buffLen_); + memcpy(&local[buffLen_], data, add); + + buffLen_ += add; + data += add; + len -= add; + + if (buffLen_ == BLOCK_SIZE) { + Transform(); + AddLength(BLOCK_SIZE); + buffLen_ = 0; + } + } + + // at once for asm + if (buffLen_ == 0) { + word32 times = len / BLOCK_SIZE; + if (times) { + AsmTransform(data, times); + const word32 add = BLOCK_SIZE * times; + AddLength(add); + len -= add; + data += add; + } + } + + // cache any data left + if (len) { + memcpy(&local[buffLen_], data, len); + buffLen_ += len; + } +} + + + + +/* + // w = rotlFixed(w + f(x, y, z) + index[edi] + data, s) + x +#define ASMMD5STEP(f, w, x, y, z, index, data, s) \ + f(x, y, z) \ + AS2( mov ebp, [edi + index * 4] ) \ + AS2( lea w, [esi + w + data] ) \ + AS2( add w, ebp ) \ + AS2( rol w, s ) \ + AS2( add w, x ) + + + // F1(x, y, z) (z ^ (x & (y ^ z))) + // place in esi +#define ASMF1(x, y, z) \ + AS2( mov esi, y ) \ + AS2( xor esi, z ) \ + AS2( and esi, x ) \ + AS2( xor esi, z ) + + +#define ASMF2(x, y, z) ASMF1(z, x, y) + + + // F3(x ^ y ^ z) + // place in esi +#define ASMF3(x, y, z) \ + AS2( mov esi, x ) \ + AS2( xor esi, y ) \ + AS2( xor esi, z ) + + + + // F4(x, y, z) (y ^ (x | ~z)) + // place in esi +#define ASMF4(x, y, z) \ + AS2( mov esi, z ) \ + AS1( not esi ) \ + AS2( or esi, x ) \ + AS2( xor esi, y ) +*/ + + + // combine above ASMMD5STEP(f w/ each f ASMF1 - F4 + + // esi already set up, after using set for next round + // ebp already set up, set up using next round index + +#define MD5STEP1(w, x, y, z, index, data, s) \ + AS2( xor esi, z ) \ + AS2( and esi, x ) \ + AS2( lea w, [ebp + w + data] ) \ + AS2( xor esi, z ) \ + AS2( add w, esi ) \ + AS2( mov esi, x ) \ + AS2( rol w, s ) \ + AS2( mov ebp, [edi + index * 4] ) \ + AS2( add w, x ) + +#define MD5STEP2(w, x, y, z, index, data, s) \ + AS2( xor esi, x ) \ + AS2( and esi, z ) \ + AS2( lea w, [ebp + w + data] ) \ + AS2( xor esi, y ) \ + AS2( add w, esi ) \ + AS2( mov esi, x ) \ + AS2( rol w, s ) \ + AS2( mov ebp, [edi + index * 4] ) \ + AS2( add w, x ) + + +#define MD5STEP3(w, x, y, z, index, data, s) \ + AS2( xor esi, z ) \ + AS2( lea w, [ebp + w + data] ) \ + AS2( xor esi, x ) \ + AS2( add w, esi ) \ + AS2( mov esi, x ) \ + AS2( rol w, s ) \ + AS2( mov ebp, [edi + index * 4] ) \ + AS2( add w, x ) + + +#define MD5STEP4(w, x, y, z, index, data, s) \ + AS2( or esi, x ) \ + AS2( lea w, [ebp + w + data] ) \ + AS2( xor esi, y ) \ + AS2( add w, esi ) \ + AS2( mov esi, y ) \ + AS2( rol w, s ) \ + AS1( not esi ) \ + AS2( mov ebp, [edi + index * 4] ) \ + AS2( add w, x ) + + + +#ifdef _MSC_VER + __declspec(naked) +#else + __attribute__ ((noinline)) +#endif +void MD5::AsmTransform(const byte* data, word32 times) +{ +#ifdef __GNUC__ + #define AS1(x) #x ";" + #define AS2(x, y) #x ", " #y ";" + + #define PROLOG() \ + __asm__ __volatile__ \ + ( \ + ".intel_syntax noprefix;" \ + "push ebx;" \ + "push ebp;" + #define EPILOG() \ + "pop ebp;" \ + "pop ebx;" \ + "emms;" \ + ".att_syntax;" \ + : \ + : "c" (this), "D" (data), "a" (times) \ + : "%esi", "%edx", "memory", "cc" \ + ); + +#else + #define AS1(x) __asm x + #define AS2(x, y) __asm x, y + + #define PROLOG() \ + AS1( push ebp ) \ + AS2( mov ebp, esp ) \ + AS2( movd mm3, edi ) \ + AS2( movd mm4, ebx ) \ + AS2( movd mm5, esi ) \ + AS2( movd mm6, ebp ) \ + AS2( mov edi, DWORD PTR [ebp + 8] ) \ + AS2( mov eax, DWORD PTR [ebp + 12] ) + + #define EPILOG() \ + AS2( movd ebp, mm6 ) \ + AS2( movd esi, mm5 ) \ + AS2( movd ebx, mm4 ) \ + AS2( movd edi, mm3 ) \ + AS2( mov esp, ebp ) \ + AS1( pop ebp ) \ + AS1( emms ) \ + AS1( ret 8 ) + +#endif + + + PROLOG() + + AS2( mov esi, ecx ) + + #ifdef OLD_GCC_OFFSET + AS2( add esi, 20 ) // digest_[0] + #else + AS2( add esi, 16 ) // digest_[0] + #endif + + AS2( movd mm2, eax ) // store times_ + AS2( movd mm1, esi ) // store digest_ + + AS2( mov eax, [esi] ) // a + AS2( mov ebx, [esi + 4] ) // b + AS2( mov ecx, [esi + 8] ) // c + AS2( mov edx, [esi + 12] ) // d + +#ifdef _MSC_VER + AS1( loopStart: ) // loopStart +#else + AS1( 0: ) // loopStart for some gas (need numeric for jump back +#endif + + // set up + AS2( mov esi, ecx ) + AS2( mov ebp, [edi] ) + + MD5STEP1( eax, ebx, ecx, edx, 1, 0xd76aa478, 7) + MD5STEP1( edx, eax, ebx, ecx, 2, 0xe8c7b756, 12) + MD5STEP1( ecx, edx, eax, ebx, 3, 0x242070db, 17) + MD5STEP1( ebx, ecx, edx, eax, 4, 0xc1bdceee, 22) + MD5STEP1( eax, ebx, ecx, edx, 5, 0xf57c0faf, 7) + MD5STEP1( edx, eax, ebx, ecx, 6, 0x4787c62a, 12) + MD5STEP1( ecx, edx, eax, ebx, 7, 0xa8304613, 17) + MD5STEP1( ebx, ecx, edx, eax, 8, 0xfd469501, 22) + MD5STEP1( eax, ebx, ecx, edx, 9, 0x698098d8, 7) + MD5STEP1( edx, eax, ebx, ecx, 10, 0x8b44f7af, 12) + MD5STEP1( ecx, edx, eax, ebx, 11, 0xffff5bb1, 17) + MD5STEP1( ebx, ecx, edx, eax, 12, 0x895cd7be, 22) + MD5STEP1( eax, ebx, ecx, edx, 13, 0x6b901122, 7) + MD5STEP1( edx, eax, ebx, ecx, 14, 0xfd987193, 12) + MD5STEP1( ecx, edx, eax, ebx, 15, 0xa679438e, 17) + MD5STEP1( ebx, ecx, edx, eax, 1, 0x49b40821, 22) + + MD5STEP2( eax, ebx, ecx, edx, 6, 0xf61e2562, 5) + MD5STEP2( edx, eax, ebx, ecx, 11, 0xc040b340, 9) + MD5STEP2( ecx, edx, eax, ebx, 0, 0x265e5a51, 14) + MD5STEP2( ebx, ecx, edx, eax, 5, 0xe9b6c7aa, 20) + MD5STEP2( eax, ebx, ecx, edx, 10, 0xd62f105d, 5) + MD5STEP2( edx, eax, ebx, ecx, 15, 0x02441453, 9) + MD5STEP2( ecx, edx, eax, ebx, 4, 0xd8a1e681, 14) + MD5STEP2( ebx, ecx, edx, eax, 9, 0xe7d3fbc8, 20) + MD5STEP2( eax, ebx, ecx, edx, 14, 0x21e1cde6, 5) + MD5STEP2( edx, eax, ebx, ecx, 3, 0xc33707d6, 9) + MD5STEP2( ecx, edx, eax, ebx, 8, 0xf4d50d87, 14) + MD5STEP2( ebx, ecx, edx, eax, 13, 0x455a14ed, 20) + MD5STEP2( eax, ebx, ecx, edx, 2, 0xa9e3e905, 5) + MD5STEP2( edx, eax, ebx, ecx, 7, 0xfcefa3f8, 9) + MD5STEP2( ecx, edx, eax, ebx, 12, 0x676f02d9, 14) + MD5STEP2( ebx, ecx, edx, eax, 5, 0x8d2a4c8a, 20) + + MD5STEP3( eax, ebx, ecx, edx, 8, 0xfffa3942, 4) + MD5STEP3( edx, eax, ebx, ecx, 11, 0x8771f681, 11) + MD5STEP3( ecx, edx, eax, ebx, 14, 0x6d9d6122, 16) + MD5STEP3( ebx, ecx, edx, eax, 1, 0xfde5380c, 23) + MD5STEP3( eax, ebx, ecx, edx, 4, 0xa4beea44, 4) + MD5STEP3( edx, eax, ebx, ecx, 7, 0x4bdecfa9, 11) + MD5STEP3( ecx, edx, eax, ebx, 10, 0xf6bb4b60, 16) + MD5STEP3( ebx, ecx, edx, eax, 13, 0xbebfbc70, 23) + MD5STEP3( eax, ebx, ecx, edx, 0, 0x289b7ec6, 4) + MD5STEP3( edx, eax, ebx, ecx, 3, 0xeaa127fa, 11) + MD5STEP3( ecx, edx, eax, ebx, 6, 0xd4ef3085, 16) + MD5STEP3( ebx, ecx, edx, eax, 9, 0x04881d05, 23) + MD5STEP3( eax, ebx, ecx, edx, 12, 0xd9d4d039, 4) + MD5STEP3( edx, eax, ebx, ecx, 15, 0xe6db99e5, 11) + MD5STEP3( ecx, edx, eax, ebx, 2, 0x1fa27cf8, 16) + MD5STEP3( ebx, ecx, edx, eax, 0, 0xc4ac5665, 23) + + // setup + AS2( mov esi, edx ) + AS1( not esi ) + + MD5STEP4( eax, ebx, ecx, edx, 7, 0xf4292244, 6) + MD5STEP4( edx, eax, ebx, ecx, 14, 0x432aff97, 10) + MD5STEP4( ecx, edx, eax, ebx, 5, 0xab9423a7, 15) + MD5STEP4( ebx, ecx, edx, eax, 12, 0xfc93a039, 21) + MD5STEP4( eax, ebx, ecx, edx, 3, 0x655b59c3, 6) + MD5STEP4( edx, eax, ebx, ecx, 10, 0x8f0ccc92, 10) + MD5STEP4( ecx, edx, eax, ebx, 1, 0xffeff47d, 15) + MD5STEP4( ebx, ecx, edx, eax, 8, 0x85845dd1, 21) + MD5STEP4( eax, ebx, ecx, edx, 15, 0x6fa87e4f, 6) + MD5STEP4( edx, eax, ebx, ecx, 6, 0xfe2ce6e0, 10) + MD5STEP4( ecx, edx, eax, ebx, 13, 0xa3014314, 15) + MD5STEP4( ebx, ecx, edx, eax, 4, 0x4e0811a1, 21) + MD5STEP4( eax, ebx, ecx, edx, 11, 0xf7537e82, 6) + MD5STEP4( edx, eax, ebx, ecx, 2, 0xbd3af235, 10) + MD5STEP4( ecx, edx, eax, ebx, 9, 0x2ad7d2bb, 15) + MD5STEP4( ebx, ecx, edx, eax, 9, 0xeb86d391, 21) + + AS2( movd esi, mm1 ) // digest_ + + AS2( add [esi], eax ) // write out + AS2( add [esi + 4], ebx ) + AS2( add [esi + 8], ecx ) + AS2( add [esi + 12], edx ) + + AS2( add edi, 64 ) + + AS2( mov eax, [esi] ) + AS2( mov ebx, [esi + 4] ) + AS2( mov ecx, [esi + 8] ) + AS2( mov edx, [esi + 12] ) + + AS2( movd ebp, mm2 ) // times + AS1( dec ebp ) + AS2( movd mm2, ebp ) +#ifdef _MSC_VER + AS1( jnz loopStart ) // loopStart +#else + AS1( jnz 0b ) // loopStart +#endif + + + EPILOG() +} + + +#endif // DO_MD5_ASM + + +void MD5::Transform() +{ +#define F1(x, y, z) (z ^ (x & (y ^ z))) +#define F2(x, y, z) F1(z, x, y) +#define F3(x, y, z) (x ^ y ^ z) +#define F4(x, y, z) (y ^ (x | ~z)) + +#define MD5STEP(f, w, x, y, z, data, s) \ + w = rotlFixed(w + f(x, y, z) + data, s) + x + + // Copy context->state[] to working vars + word32 a = digest_[0]; + word32 b = digest_[1]; + word32 c = digest_[2]; + word32 d = digest_[3]; + + MD5STEP(F1, a, b, c, d, buffer_[0] + 0xd76aa478, 7); + MD5STEP(F1, d, a, b, c, buffer_[1] + 0xe8c7b756, 12); + MD5STEP(F1, c, d, a, b, buffer_[2] + 0x242070db, 17); + MD5STEP(F1, b, c, d, a, buffer_[3] + 0xc1bdceee, 22); + MD5STEP(F1, a, b, c, d, buffer_[4] + 0xf57c0faf, 7); + MD5STEP(F1, d, a, b, c, buffer_[5] + 0x4787c62a, 12); + MD5STEP(F1, c, d, a, b, buffer_[6] + 0xa8304613, 17); + MD5STEP(F1, b, c, d, a, buffer_[7] + 0xfd469501, 22); + MD5STEP(F1, a, b, c, d, buffer_[8] + 0x698098d8, 7); + MD5STEP(F1, d, a, b, c, buffer_[9] + 0x8b44f7af, 12); + MD5STEP(F1, c, d, a, b, buffer_[10] + 0xffff5bb1, 17); + MD5STEP(F1, b, c, d, a, buffer_[11] + 0x895cd7be, 22); + MD5STEP(F1, a, b, c, d, buffer_[12] + 0x6b901122, 7); + MD5STEP(F1, d, a, b, c, buffer_[13] + 0xfd987193, 12); + MD5STEP(F1, c, d, a, b, buffer_[14] + 0xa679438e, 17); + MD5STEP(F1, b, c, d, a, buffer_[15] + 0x49b40821, 22); + + MD5STEP(F2, a, b, c, d, buffer_[1] + 0xf61e2562, 5); + MD5STEP(F2, d, a, b, c, buffer_[6] + 0xc040b340, 9); + MD5STEP(F2, c, d, a, b, buffer_[11] + 0x265e5a51, 14); + MD5STEP(F2, b, c, d, a, buffer_[0] + 0xe9b6c7aa, 20); + MD5STEP(F2, a, b, c, d, buffer_[5] + 0xd62f105d, 5); + MD5STEP(F2, d, a, b, c, buffer_[10] + 0x02441453, 9); + MD5STEP(F2, c, d, a, b, buffer_[15] + 0xd8a1e681, 14); + MD5STEP(F2, b, c, d, a, buffer_[4] + 0xe7d3fbc8, 20); + MD5STEP(F2, a, b, c, d, buffer_[9] + 0x21e1cde6, 5); + MD5STEP(F2, d, a, b, c, buffer_[14] + 0xc33707d6, 9); + MD5STEP(F2, c, d, a, b, buffer_[3] + 0xf4d50d87, 14); + MD5STEP(F2, b, c, d, a, buffer_[8] + 0x455a14ed, 20); + MD5STEP(F2, a, b, c, d, buffer_[13] + 0xa9e3e905, 5); + MD5STEP(F2, d, a, b, c, buffer_[2] + 0xfcefa3f8, 9); + MD5STEP(F2, c, d, a, b, buffer_[7] + 0x676f02d9, 14); + MD5STEP(F2, b, c, d, a, buffer_[12] + 0x8d2a4c8a, 20); + + MD5STEP(F3, a, b, c, d, buffer_[5] + 0xfffa3942, 4); + MD5STEP(F3, d, a, b, c, buffer_[8] + 0x8771f681, 11); + MD5STEP(F3, c, d, a, b, buffer_[11] + 0x6d9d6122, 16); + MD5STEP(F3, b, c, d, a, buffer_[14] + 0xfde5380c, 23); + MD5STEP(F3, a, b, c, d, buffer_[1] + 0xa4beea44, 4); + MD5STEP(F3, d, a, b, c, buffer_[4] + 0x4bdecfa9, 11); + MD5STEP(F3, c, d, a, b, buffer_[7] + 0xf6bb4b60, 16); + MD5STEP(F3, b, c, d, a, buffer_[10] + 0xbebfbc70, 23); + MD5STEP(F3, a, b, c, d, buffer_[13] + 0x289b7ec6, 4); + MD5STEP(F3, d, a, b, c, buffer_[0] + 0xeaa127fa, 11); + MD5STEP(F3, c, d, a, b, buffer_[3] + 0xd4ef3085, 16); + MD5STEP(F3, b, c, d, a, buffer_[6] + 0x04881d05, 23); + MD5STEP(F3, a, b, c, d, buffer_[9] + 0xd9d4d039, 4); + MD5STEP(F3, d, a, b, c, buffer_[12] + 0xe6db99e5, 11); + MD5STEP(F3, c, d, a, b, buffer_[15] + 0x1fa27cf8, 16); + MD5STEP(F3, b, c, d, a, buffer_[2] + 0xc4ac5665, 23); + + MD5STEP(F4, a, b, c, d, buffer_[0] + 0xf4292244, 6); + MD5STEP(F4, d, a, b, c, buffer_[7] + 0x432aff97, 10); + MD5STEP(F4, c, d, a, b, buffer_[14] + 0xab9423a7, 15); + MD5STEP(F4, b, c, d, a, buffer_[5] + 0xfc93a039, 21); + MD5STEP(F4, a, b, c, d, buffer_[12] + 0x655b59c3, 6); + MD5STEP(F4, d, a, b, c, buffer_[3] + 0x8f0ccc92, 10); + MD5STEP(F4, c, d, a, b, buffer_[10] + 0xffeff47d, 15); + MD5STEP(F4, b, c, d, a, buffer_[1] + 0x85845dd1, 21); + MD5STEP(F4, a, b, c, d, buffer_[8] + 0x6fa87e4f, 6); + MD5STEP(F4, d, a, b, c, buffer_[15] + 0xfe2ce6e0, 10); + MD5STEP(F4, c, d, a, b, buffer_[6] + 0xa3014314, 15); + MD5STEP(F4, b, c, d, a, buffer_[13] + 0x4e0811a1, 21); + MD5STEP(F4, a, b, c, d, buffer_[4] + 0xf7537e82, 6); + MD5STEP(F4, d, a, b, c, buffer_[11] + 0xbd3af235, 10); + MD5STEP(F4, c, d, a, b, buffer_[2] + 0x2ad7d2bb, 15); + MD5STEP(F4, b, c, d, a, buffer_[9] + 0xeb86d391, 21); + + // Add the working vars back into digest state[] + digest_[0] += a; + digest_[1] += b; + digest_[2] += c; + digest_[3] += d; + + // Wipe variables + a = b = c = d = 0; +} + + +} // namespace + diff --git a/mysql/extra/yassl/taocrypt/src/misc.cpp b/mysql/extra/yassl/taocrypt/src/misc.cpp new file mode 100644 index 0000000..b576d3d --- /dev/null +++ b/mysql/extra/yassl/taocrypt/src/misc.cpp @@ -0,0 +1,297 @@ +/* + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* based on Wei Dai's misc.cpp from CryptoPP */ + + +#include "runtime.hpp" +#include "misc.hpp" + + +#ifdef __GNUC__ + #include + #include +#endif + +#ifdef USE_SYS_STL + #include +#else + #include "algorithm.hpp" +#endif + +namespace STL = STL_NAMESPACE; + + +#ifdef YASSL_PURE_C + + void* operator new(size_t sz, TaoCrypt::new_t) + { + void* ptr = malloc(sz ? sz : 1); + if (!ptr) abort(); + + return ptr; + } + + + void operator delete(void* ptr, TaoCrypt::new_t) + { + if (ptr) free(ptr); + } + + + void* operator new[](size_t sz, TaoCrypt::new_t nt) + { + return ::operator new(sz, nt); + } + + + void operator delete[](void* ptr, TaoCrypt::new_t nt) + { + ::operator delete(ptr, nt); + } + + + /* uncomment to test + // make sure not using globals anywhere by forgetting to use overloaded + void* operator new(size_t sz); + + void operator delete(void* ptr); + + void* operator new[](size_t sz); + + void operator delete[](void* ptr); + */ + + + namespace TaoCrypt { + + new_t tc; // for library new + + } + +#ifdef __sun + +// Handler for pure virtual functions +namespace __Crun { + void pure_error() { + } +} + +#endif + +#if defined(__ICC) || defined(__INTEL_COMPILER) || (__GNUC__ > 2) + +extern "C" { + + int __cxa_pure_virtual() { + return 0; + } + +} // extern "C" + +#endif + +#endif // YASSL_PURE_C + + +namespace TaoCrypt { + + +inline void XorWords(word* r, const word* a, unsigned int n) +{ + for (unsigned int i=0; i> (i-1)*8) + break; + + return i; +} + + +unsigned int BitPrecision(word value) +{ + if (!value) + return 0; + + unsigned int l = 0, + h = 8 * sizeof(value); + + while (h-l > 1) + { + unsigned int t = (l+h)/2; + if (value >> t) + l = t; + else + h = t; + } + + return h; +} + + +word Crop(word value, unsigned int size) +{ + if (size < 8*sizeof(value)) + return (value & ((1L << size) - 1)); + else + return value; +} + + + +#ifdef TAOCRYPT_X86ASM_AVAILABLE + + +bool HaveCpuId() +{ +#ifdef _MSC_VER + __try + { + __asm + { + mov eax, 0 + cpuid + } + } + __except (1) + { + return false; + } + return true; +#else + word32 eax, ebx; + __asm__ __volatile + ( + /* Put EFLAGS in eax and ebx */ + "pushf;" + "pushf;" + "pop %0;" + "movl %0,%1;" + + /* Flip the cpuid bit and store back in EFLAGS */ + "xorl $0x200000,%0;" + "push %0;" + "popf;" + + /* Read EFLAGS again */ + "pushf;" + "pop %0;" + "popf" + : "=r" (eax), "=r" (ebx) + : + : "cc" + ); + + if (eax == ebx) + return false; + return true; +#endif +} + + +void CpuId(word32 input, word32 *output) +{ +#ifdef __GNUC__ + __asm__ + ( + // save ebx in case -fPIC is being used + "push %%ebx; cpuid; mov %%ebx, %%edi; pop %%ebx" + : "=a" (output[0]), "=D" (output[1]), "=c" (output[2]), "=d"(output[3]) + : "a" (input) + ); +#else + __asm + { + mov eax, input + cpuid + mov edi, output + mov [edi], eax + mov [edi+4], ebx + mov [edi+8], ecx + mov [edi+12], edx + } +#endif +} + + +bool IsPentium() +{ + if (!HaveCpuId()) + return false; + + word32 cpuid[4]; + + CpuId(0, cpuid); + STL::swap(cpuid[2], cpuid[3]); + if (memcmp(cpuid+1, "GenuineIntel", 12) != 0) + return false; + + CpuId(1, cpuid); + byte family = ((cpuid[0] >> 8) & 0xf); + if (family < 5) + return false; + + return true; +} + + + +static bool IsMmx() +{ + if (!IsPentium()) + return false; + + word32 cpuid[4]; + + CpuId(1, cpuid); + if ((cpuid[3] & (1 << 23)) == 0) + return false; + + return true; +} + + +bool isMMX = IsMmx(); + + +#endif // TAOCRYPT_X86ASM_AVAILABLE + + + + +} // namespace + diff --git a/mysql/extra/yassl/taocrypt/src/rabbit.cpp b/mysql/extra/yassl/taocrypt/src/rabbit.cpp new file mode 100644 index 0000000..5e32f38 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/src/rabbit.cpp @@ -0,0 +1,255 @@ +/* + Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + + +#include "runtime.hpp" +#include "rabbit.hpp" + + + +namespace TaoCrypt { + + +#define U32V(x) (word32)(x) + + +#ifdef BIG_ENDIAN_ORDER + #define LITTLE32(x) ByteReverse((word32)x) +#else + #define LITTLE32(x) (x) +#endif + + +// local +namespace { + + +/* Square a 32-bit unsigned integer to obtain the 64-bit result and return */ +/* the upper 32 bits XOR the lower 32 bits */ +word32 RABBIT_g_func(word32 x) +{ + /* Temporary variables */ + word32 a, b, h, l; + + /* Construct high and low argument for squaring */ + a = x&0xFFFF; + b = x>>16; + + /* Calculate high and low result of squaring */ + h = (((U32V(a*a)>>17) + U32V(a*b))>>15) + b*b; + l = x*x; + + /* Return high XOR low */ + return U32V(h^l); +} + + +} // namespace local + + +/* Calculate the next internal state */ +void Rabbit::NextState(RabbitCtx which) +{ + /* Temporary variables */ + word32 g[8], c_old[8], i; + + Ctx* ctx; + + if (which == Master) + ctx = &masterCtx_; + else + ctx = &workCtx_; + + /* Save old counter values */ + for (i=0; i<8; i++) + c_old[i] = ctx->c[i]; + + /* Calculate new counter values */ + ctx->c[0] = U32V(ctx->c[0] + 0x4D34D34D + ctx->carry); + ctx->c[1] = U32V(ctx->c[1] + 0xD34D34D3 + (ctx->c[0] < c_old[0])); + ctx->c[2] = U32V(ctx->c[2] + 0x34D34D34 + (ctx->c[1] < c_old[1])); + ctx->c[3] = U32V(ctx->c[3] + 0x4D34D34D + (ctx->c[2] < c_old[2])); + ctx->c[4] = U32V(ctx->c[4] + 0xD34D34D3 + (ctx->c[3] < c_old[3])); + ctx->c[5] = U32V(ctx->c[5] + 0x34D34D34 + (ctx->c[4] < c_old[4])); + ctx->c[6] = U32V(ctx->c[6] + 0x4D34D34D + (ctx->c[5] < c_old[5])); + ctx->c[7] = U32V(ctx->c[7] + 0xD34D34D3 + (ctx->c[6] < c_old[6])); + ctx->carry = (ctx->c[7] < c_old[7]); + + /* Calculate the g-values */ + for (i=0;i<8;i++) + g[i] = RABBIT_g_func(U32V(ctx->x[i] + ctx->c[i])); + + /* Calculate new state values */ + ctx->x[0] = U32V(g[0] + rotlFixed(g[7],16) + rotlFixed(g[6], 16)); + ctx->x[1] = U32V(g[1] + rotlFixed(g[0], 8) + g[7]); + ctx->x[2] = U32V(g[2] + rotlFixed(g[1],16) + rotlFixed(g[0], 16)); + ctx->x[3] = U32V(g[3] + rotlFixed(g[2], 8) + g[1]); + ctx->x[4] = U32V(g[4] + rotlFixed(g[3],16) + rotlFixed(g[2], 16)); + ctx->x[5] = U32V(g[5] + rotlFixed(g[4], 8) + g[3]); + ctx->x[6] = U32V(g[6] + rotlFixed(g[5],16) + rotlFixed(g[4], 16)); + ctx->x[7] = U32V(g[7] + rotlFixed(g[6], 8) + g[5]); +} + + +/* IV setup */ +void Rabbit::SetIV(const byte* iv) +{ + /* Temporary variables */ + word32 i0, i1, i2, i3, i; + + /* Generate four subvectors */ + i0 = LITTLE32(*(word32*)(iv+0)); + i2 = LITTLE32(*(word32*)(iv+4)); + i1 = (i0>>16) | (i2&0xFFFF0000); + i3 = (i2<<16) | (i0&0x0000FFFF); + + /* Modify counter values */ + workCtx_.c[0] = masterCtx_.c[0] ^ i0; + workCtx_.c[1] = masterCtx_.c[1] ^ i1; + workCtx_.c[2] = masterCtx_.c[2] ^ i2; + workCtx_.c[3] = masterCtx_.c[3] ^ i3; + workCtx_.c[4] = masterCtx_.c[4] ^ i0; + workCtx_.c[5] = masterCtx_.c[5] ^ i1; + workCtx_.c[6] = masterCtx_.c[6] ^ i2; + workCtx_.c[7] = masterCtx_.c[7] ^ i3; + + /* Copy state variables */ + for (i=0; i<8; i++) + workCtx_.x[i] = masterCtx_.x[i]; + workCtx_.carry = masterCtx_.carry; + + /* Iterate the system four times */ + for (i=0; i<4; i++) + NextState(Work); +} + + +/* Key setup */ +void Rabbit::SetKey(const byte* key, const byte* iv) +{ + /* Temporary variables */ + word32 k0, k1, k2, k3, i; + + /* Generate four subkeys */ + k0 = LITTLE32(*(word32*)(key+ 0)); + k1 = LITTLE32(*(word32*)(key+ 4)); + k2 = LITTLE32(*(word32*)(key+ 8)); + k3 = LITTLE32(*(word32*)(key+12)); + + /* Generate initial state variables */ + masterCtx_.x[0] = k0; + masterCtx_.x[2] = k1; + masterCtx_.x[4] = k2; + masterCtx_.x[6] = k3; + masterCtx_.x[1] = U32V(k3<<16) | (k2>>16); + masterCtx_.x[3] = U32V(k0<<16) | (k3>>16); + masterCtx_.x[5] = U32V(k1<<16) | (k0>>16); + masterCtx_.x[7] = U32V(k2<<16) | (k1>>16); + + /* Generate initial counter values */ + masterCtx_.c[0] = rotlFixed(k2, 16); + masterCtx_.c[2] = rotlFixed(k3, 16); + masterCtx_.c[4] = rotlFixed(k0, 16); + masterCtx_.c[6] = rotlFixed(k1, 16); + masterCtx_.c[1] = (k0&0xFFFF0000) | (k1&0xFFFF); + masterCtx_.c[3] = (k1&0xFFFF0000) | (k2&0xFFFF); + masterCtx_.c[5] = (k2&0xFFFF0000) | (k3&0xFFFF); + masterCtx_.c[7] = (k3&0xFFFF0000) | (k0&0xFFFF); + + /* Clear carry bit */ + masterCtx_.carry = 0; + + /* Iterate the system four times */ + for (i=0; i<4; i++) + NextState(Master); + + /* Modify the counters */ + for (i=0; i<8; i++) + masterCtx_.c[i] ^= masterCtx_.x[(i+4)&0x7]; + + /* Copy master instance to work instance */ + for (i=0; i<8; i++) { + workCtx_.x[i] = masterCtx_.x[i]; + workCtx_.c[i] = masterCtx_.c[i]; + } + workCtx_.carry = masterCtx_.carry; + + if (iv) SetIV(iv); +} + + +/* Encrypt/decrypt a message of any size */ +void Rabbit::Process(byte* output, const byte* input, word32 msglen) +{ + /* Temporary variables */ + word32 i; + + /* Encrypt/decrypt all full blocks */ + while (msglen >= 16) { + /* Iterate the system */ + NextState(Work); + + /* Encrypt/decrypt 16 bytes of data */ + *(word32*)(output+ 0) = *(word32*)(input+ 0) ^ + LITTLE32(workCtx_.x[0] ^ (workCtx_.x[5]>>16) ^ + U32V(workCtx_.x[3]<<16)); + *(word32*)(output+ 4) = *(word32*)(input+ 4) ^ + LITTLE32(workCtx_.x[2] ^ (workCtx_.x[7]>>16) ^ + U32V(workCtx_.x[5]<<16)); + *(word32*)(output+ 8) = *(word32*)(input+ 8) ^ + LITTLE32(workCtx_.x[4] ^ (workCtx_.x[1]>>16) ^ + U32V(workCtx_.x[7]<<16)); + *(word32*)(output+12) = *(word32*)(input+12) ^ + LITTLE32(workCtx_.x[6] ^ (workCtx_.x[3]>>16) ^ + U32V(workCtx_.x[1]<<16)); + + /* Increment pointers and decrement length */ + input += 16; + output += 16; + msglen -= 16; + } + + /* Encrypt/decrypt remaining data */ + if (msglen) { + + word32 tmp[4]; + byte* buffer = (byte*)tmp; + + memset(tmp, 0, sizeof(tmp)); /* help static analysis */ + + /* Iterate the system */ + NextState(Work); + + /* Generate 16 bytes of pseudo-random data */ + tmp[0] = LITTLE32(workCtx_.x[0] ^ + (workCtx_.x[5]>>16) ^ U32V(workCtx_.x[3]<<16)); + tmp[1] = LITTLE32(workCtx_.x[2] ^ + (workCtx_.x[7]>>16) ^ U32V(workCtx_.x[5]<<16)); + tmp[2] = LITTLE32(workCtx_.x[4] ^ + (workCtx_.x[1]>>16) ^ U32V(workCtx_.x[7]<<16)); + tmp[3] = LITTLE32(workCtx_.x[6] ^ + (workCtx_.x[3]>>16) ^ U32V(workCtx_.x[1]<<16)); + + /* Encrypt/decrypt the data */ + for (i=0; i +#include + +#if defined(_WIN32) + #include + #include +#else + #include + #include + #include +#endif // _WIN32 + +namespace TaoCrypt { + + +// Get seed and key cipher +RandomNumberGenerator::RandomNumberGenerator() +{ + byte key[32]; + byte junk[256]; + + seed_.GenerateSeed(key, sizeof(key)); + cipher_.SetKey(key, sizeof(key)); + GenerateBlock(junk, sizeof(junk)); // rid initial state +} + + +// place a generated block in output +void RandomNumberGenerator::GenerateBlock(byte* output, word32 sz) +{ + memset(output, 0, sz); + cipher_.Process(output, output, sz); +} + + +byte RandomNumberGenerator::GenerateByte() +{ + byte b; + GenerateBlock(&b, 1); + + return b; +} + + +#if defined(_WIN32) + +/* The OS_Seed implementation for windows */ + +OS_Seed::OS_Seed() +{ + if(!CryptAcquireContext(&handle_, 0, 0, PROV_RSA_FULL, + CRYPT_VERIFYCONTEXT)) + error_.SetError(WINCRYPT_E); +} + + +OS_Seed::~OS_Seed() +{ + CryptReleaseContext(handle_, 0); +} + + +void OS_Seed::GenerateSeed(byte* output, word32 sz) +{ + if (!CryptGenRandom(handle_, sz, output)) + error_.SetError(CRYPTGEN_E); +} + + +#else + +/* The default OS_Seed implementation */ + +OS_Seed::OS_Seed() +{ + fd_ = open("/dev/urandom",O_RDONLY); + if (fd_ == -1) { + fd_ = open("/dev/random",O_RDONLY); + if (fd_ == -1) + error_.SetError(OPEN_RAN_E); + } +} + + +OS_Seed::~OS_Seed() +{ + close(fd_); +} + + +// may block +void OS_Seed::GenerateSeed(byte* output, word32 sz) +{ + while (sz) { + int len = read(fd_, output, sz); + if (len == -1) { + error_.SetError(READ_RAN_E); + return; + } + + sz -= len; + output += len; + + if (sz) + sleep(1); + } +} + +#endif // _WIN32 + + + +} // namespace diff --git a/mysql/extra/yassl/taocrypt/src/ripemd.cpp b/mysql/extra/yassl/taocrypt/src/ripemd.cpp new file mode 100644 index 0000000..5d03dc6 --- /dev/null +++ b/mysql/extra/yassl/taocrypt/src/ripemd.cpp @@ -0,0 +1,844 @@ +/* + Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + + +/* based on Wei Dai's ripemd.cpp from CryptoPP */ + +#include "runtime.hpp" +#include "ripemd.hpp" +#ifdef USE_SYS_STL + #include +#else + #include "algorithm.hpp" +#endif + + +namespace STL = STL_NAMESPACE; + + + +namespace TaoCrypt { + +void RIPEMD160::Init() +{ + digest_[0] = 0x67452301L; + digest_[1] = 0xefcdab89L; + digest_[2] = 0x98badcfeL; + digest_[3] = 0x10325476L; + digest_[4] = 0xc3d2e1f0L; + + buffLen_ = 0; + loLen_ = 0; + hiLen_ = 0; +} + + +RIPEMD160::RIPEMD160(const RIPEMD160& that) + : HASHwithTransform(DIGEST_SIZE / sizeof(word32), BLOCK_SIZE) +{ + buffLen_ = that.buffLen_; + loLen_ = that.loLen_; + hiLen_ = that.hiLen_; + + memcpy(digest_, that.digest_, DIGEST_SIZE); + memcpy(buffer_, that.buffer_, BLOCK_SIZE); +} + + +RIPEMD160& RIPEMD160::operator= (const RIPEMD160& that) +{ + RIPEMD160 tmp(that); + Swap(tmp); + + return *this; +} + + +void RIPEMD160::Swap(RIPEMD160& other) +{ + STL::swap(loLen_, other.loLen_); + STL::swap(hiLen_, other.hiLen_); + STL::swap(buffLen_, other.buffLen_); + + memcpy(digest_, other.digest_, DIGEST_SIZE); + memcpy(buffer_, other.buffer_, BLOCK_SIZE); +} + + +#ifdef DO_RIPEMD_ASM + +// Update digest with data of size len +void RIPEMD160::Update(const byte* data, word32 len) +{ + if (!isMMX) { + HASHwithTransform::Update(data, len); + return; + } + + byte* local = reinterpret_cast(buffer_); + + // remove buffered data if possible + if (buffLen_) { + word32 add = min(len, BLOCK_SIZE - buffLen_); + memcpy(&local[buffLen_], data, add); + + buffLen_ += add; + data += add; + len -= add; + + if (buffLen_ == BLOCK_SIZE) { + Transform(); + AddLength(BLOCK_SIZE); + buffLen_ = 0; + } + } + + // all at once for asm + if (buffLen_ == 0) { + word32 times = len / BLOCK_SIZE; + if (times) { + AsmTransform(data, times); + const word32 add = BLOCK_SIZE * times; + AddLength(add); + len -= add; + data += add; + } + } + + // cache any data left + if (len) { + memcpy(&local[buffLen_], data, len); + buffLen_ += len; + } +} + +#endif // DO_RIPEMD_ASM + + +// for all +#define F(x, y, z) (x ^ y ^ z) +#define G(x, y, z) (z ^ (x & (y^z))) +#define H(x, y, z) (z ^ (x | ~y)) +#define I(x, y, z) (y ^ (z & (x^y))) +#define J(x, y, z) (x ^ (y | ~z)) + +#define k0 0 +#define k1 0x5a827999 +#define k2 0x6ed9eba1 +#define k3 0x8f1bbcdc +#define k4 0xa953fd4e +#define k5 0x50a28be6 +#define k6 0x5c4dd124 +#define k7 0x6d703ef3 +#define k8 0x7a6d76e9 +#define k9 0 + +// for 160 and 320 +#define Subround(f, a, b, c, d, e, x, s, k) \ + a += f(b, c, d) + x + k;\ + a = rotlFixed((word32)a, s) + e;\ + c = rotlFixed((word32)c, 10U) + + +void RIPEMD160::Transform() +{ + unsigned long a1, b1, c1, d1, e1, a2, b2, c2, d2, e2; + a1 = a2 = digest_[0]; + b1 = b2 = digest_[1]; + c1 = c2 = digest_[2]; + d1 = d2 = digest_[3]; + e1 = e2 = digest_[4]; + + Subround(F, a1, b1, c1, d1, e1, buffer_[ 0], 11, k0); + Subround(F, e1, a1, b1, c1, d1, buffer_[ 1], 14, k0); + Subround(F, d1, e1, a1, b1, c1, buffer_[ 2], 15, k0); + Subround(F, c1, d1, e1, a1, b1, buffer_[ 3], 12, k0); + Subround(F, b1, c1, d1, e1, a1, buffer_[ 4], 5, k0); + Subround(F, a1, b1, c1, d1, e1, buffer_[ 5], 8, k0); + Subround(F, e1, a1, b1, c1, d1, buffer_[ 6], 7, k0); + Subround(F, d1, e1, a1, b1, c1, buffer_[ 7], 9, k0); + Subround(F, c1, d1, e1, a1, b1, buffer_[ 8], 11, k0); + Subround(F, b1, c1, d1, e1, a1, buffer_[ 9], 13, k0); + Subround(F, a1, b1, c1, d1, e1, buffer_[10], 14, k0); + Subround(F, e1, a1, b1, c1, d1, buffer_[11], 15, k0); + Subround(F, d1, e1, a1, b1, c1, buffer_[12], 6, k0); + Subround(F, c1, d1, e1, a1, b1, buffer_[13], 7, k0); + Subround(F, b1, c1, d1, e1, a1, buffer_[14], 9, k0); + Subround(F, a1, b1, c1, d1, e1, buffer_[15], 8, k0); + + Subround(G, e1, a1, b1, c1, d1, buffer_[ 7], 7, k1); + Subround(G, d1, e1, a1, b1, c1, buffer_[ 4], 6, k1); + Subround(G, c1, d1, e1, a1, b1, buffer_[13], 8, k1); + Subround(G, b1, c1, d1, e1, a1, buffer_[ 1], 13, k1); + Subround(G, a1, b1, c1, d1, e1, buffer_[10], 11, k1); + Subround(G, e1, a1, b1, c1, d1, buffer_[ 6], 9, k1); + Subround(G, d1, e1, a1, b1, c1, buffer_[15], 7, k1); + Subround(G, c1, d1, e1, a1, b1, buffer_[ 3], 15, k1); + Subround(G, b1, c1, d1, e1, a1, buffer_[12], 7, k1); + Subround(G, a1, b1, c1, d1, e1, buffer_[ 0], 12, k1); + Subround(G, e1, a1, b1, c1, d1, buffer_[ 9], 15, k1); + Subround(G, d1, e1, a1, b1, c1, buffer_[ 5], 9, k1); + Subround(G, c1, d1, e1, a1, b1, buffer_[ 2], 11, k1); + Subround(G, b1, c1, d1, e1, a1, buffer_[14], 7, k1); + Subround(G, a1, b1, c1, d1, e1, buffer_[11], 13, k1); + Subround(G, e1, a1, b1, c1, d1, buffer_[ 8], 12, k1); + + Subround(H, d1, e1, a1, b1, c1, buffer_[ 3], 11, k2); + Subround(H, c1, d1, e1, a1, b1, buffer_[10], 13, k2); + Subround(H, b1, c1, d1, e1, a1, buffer_[14], 6, k2); + Subround(H, a1, b1, c1, d1, e1, buffer_[ 4], 7, k2); + Subround(H, e1, a1, b1, c1, d1, buffer_[ 9], 14, k2); + Subround(H, d1, e1, a1, b1, c1, buffer_[15], 9, k2); + Subround(H, c1, d1, e1, a1, b1, buffer_[ 8], 13, k2); + Subround(H, b1, c1, d1, e1, a1, buffer_[ 1], 15, k2); + Subround(H, a1, b1, c1, d1, e1, buffer_[ 2], 14, k2); + Subround(H, e1, a1, b1, c1, d1, buffer_[ 7], 8, k2); + Subround(H, d1, e1, a1, b1, c1, buffer_[ 0], 13, k2); + Subround(H, c1, d1, e1, a1, b1, buffer_[ 6], 6, k2); + Subround(H, b1, c1, d1, e1, a1, buffer_[13], 5, k2); + Subround(H, a1, b1, c1, d1, e1, buffer_[11], 12, k2); + Subround(H, e1, a1, b1, c1, d1, buffer_[ 5], 7, k2); + Subround(H, d1, e1, a1, b1, c1, buffer_[12], 5, k2); + + Subround(I, c1, d1, e1, a1, b1, buffer_[ 1], 11, k3); + Subround(I, b1, c1, d1, e1, a1, buffer_[ 9], 12, k3); + Subround(I, a1, b1, c1, d1, e1, buffer_[11], 14, k3); + Subround(I, e1, a1, b1, c1, d1, buffer_[10], 15, k3); + Subround(I, d1, e1, a1, b1, c1, buffer_[ 0], 14, k3); + Subround(I, c1, d1, e1, a1, b1, buffer_[ 8], 15, k3); + Subround(I, b1, c1, d1, e1, a1, buffer_[12], 9, k3); + Subround(I, a1, b1, c1, d1, e1, buffer_[ 4], 8, k3); + Subround(I, e1, a1, b1, c1, d1, buffer_[13], 9, k3); + Subround(I, d1, e1, a1, b1, c1, buffer_[ 3], 14, k3); + Subround(I, c1, d1, e1, a1, b1, buffer_[ 7], 5, k3); + Subround(I, b1, c1, d1, e1, a1, buffer_[15], 6, k3); + Subround(I, a1, b1, c1, d1, e1, buffer_[14], 8, k3); + Subround(I, e1, a1, b1, c1, d1, buffer_[ 5], 6, k3); + Subround(I, d1, e1, a1, b1, c1, buffer_[ 6], 5, k3); + Subround(I, c1, d1, e1, a1, b1, buffer_[ 2], 12, k3); + + Subround(J, b1, c1, d1, e1, a1, buffer_[ 4], 9, k4); + Subround(J, a1, b1, c1, d1, e1, buffer_[ 0], 15, k4); + Subround(J, e1, a1, b1, c1, d1, buffer_[ 5], 5, k4); + Subround(J, d1, e1, a1, b1, c1, buffer_[ 9], 11, k4); + Subround(J, c1, d1, e1, a1, b1, buffer_[ 7], 6, k4); + Subround(J, b1, c1, d1, e1, a1, buffer_[12], 8, k4); + Subround(J, a1, b1, c1, d1, e1, buffer_[ 2], 13, k4); + Subround(J, e1, a1, b1, c1, d1, buffer_[10], 12, k4); + Subround(J, d1, e1, a1, b1, c1, buffer_[14], 5, k4); + Subround(J, c1, d1, e1, a1, b1, buffer_[ 1], 12, k4); + Subround(J, b1, c1, d1, e1, a1, buffer_[ 3], 13, k4); + Subround(J, a1, b1, c1, d1, e1, buffer_[ 8], 14, k4); + Subround(J, e1, a1, b1, c1, d1, buffer_[11], 11, k4); + Subround(J, d1, e1, a1, b1, c1, buffer_[ 6], 8, k4); + Subround(J, c1, d1, e1, a1, b1, buffer_[15], 5, k4); + Subround(J, b1, c1, d1, e1, a1, buffer_[13], 6, k4); + + Subround(J, a2, b2, c2, d2, e2, buffer_[ 5], 8, k5); + Subround(J, e2, a2, b2, c2, d2, buffer_[14], 9, k5); + Subround(J, d2, e2, a2, b2, c2, buffer_[ 7], 9, k5); + Subround(J, c2, d2, e2, a2, b2, buffer_[ 0], 11, k5); + Subround(J, b2, c2, d2, e2, a2, buffer_[ 9], 13, k5); + Subround(J, a2, b2, c2, d2, e2, buffer_[ 2], 15, k5); + Subround(J, e2, a2, b2, c2, d2, buffer_[11], 15, k5); + Subround(J, d2, e2, a2, b2, c2, buffer_[ 4], 5, k5); + Subround(J, c2, d2, e2, a2, b2, buffer_[13], 7, k5); + Subround(J, b2, c2, d2, e2, a2, buffer_[ 6], 7, k5); + Subround(J, a2, b2, c2, d2, e2, buffer_[15], 8, k5); + Subround(J, e2, a2, b2, c2, d2, buffer_[ 8], 11, k5); + Subround(J, d2, e2, a2, b2, c2, buffer_[ 1], 14, k5); + Subround(J, c2, d2, e2, a2, b2, buffer_[10], 14, k5); + Subround(J, b2, c2, d2, e2, a2, buffer_[ 3], 12, k5); + Subround(J, a2, b2, c2, d2, e2, buffer_[12], 6, k5); + + Subround(I, e2, a2, b2, c2, d2, buffer_[ 6], 9, k6); + Subround(I, d2, e2, a2, b2, c2, buffer_[11], 13, k6); + Subround(I, c2, d2, e2, a2, b2, buffer_[ 3], 15, k6); + Subround(I, b2, c2, d2, e2, a2, buffer_[ 7], 7, k6); + Subround(I, a2, b2, c2, d2, e2, buffer_[ 0], 12, k6); + Subround(I, e2, a2, b2, c2, d2, buffer_[13], 8, k6); + Subround(I, d2, e2, a2, b2, c2, buffer_[ 5], 9, k6); + Subround(I, c2, d2, e2, a2, b2, buffer_[10], 11, k6); + Subround(I, b2, c2, d2, e2, a2, buffer_[14], 7, k6); + Subround(I, a2, b2, c2, d2, e2, buffer_[15], 7, k6); + Subround(I, e2, a2, b2, c2, d2, buffer_[ 8], 12, k6); + Subround(I, d2, e2, a2, b2, c2, buffer_[12], 7, k6); + Subround(I, c2, d2, e2, a2, b2, buffer_[ 4], 6, k6); + Subround(I, b2, c2, d2, e2, a2, buffer_[ 9], 15, k6); + Subround(I, a2, b2, c2, d2, e2, buffer_[ 1], 13, k6); + Subround(I, e2, a2, b2, c2, d2, buffer_[ 2], 11, k6); + + Subround(H, d2, e2, a2, b2, c2, buffer_[15], 9, k7); + Subround(H, c2, d2, e2, a2, b2, buffer_[ 5], 7, k7); + Subround(H, b2, c2, d2, e2, a2, buffer_[ 1], 15, k7); + Subround(H, a2, b2, c2, d2, e2, buffer_[ 3], 11, k7); + Subround(H, e2, a2, b2, c2, d2, buffer_[ 7], 8, k7); + Subround(H, d2, e2, a2, b2, c2, buffer_[14], 6, k7); + Subround(H, c2, d2, e2, a2, b2, buffer_[ 6], 6, k7); + Subround(H, b2, c2, d2, e2, a2, buffer_[ 9], 14, k7); + Subround(H, a2, b2, c2, d2, e2, buffer_[11], 12, k7); + Subround(H, e2, a2, b2, c2, d2, buffer_[ 8], 13, k7); + Subround(H, d2, e2, a2, b2, c2, buffer_[12], 5, k7); + Subround(H, c2, d2, e2, a2, b2, buffer_[ 2], 14, k7); + Subround(H, b2, c2, d2, e2, a2, buffer_[10], 13, k7); + Subround(H, a2, b2, c2, d2, e2, buffer_[ 0], 13, k7); + Subround(H, e2, a2, b2, c2, d2, buffer_[ 4], 7, k7); + Subround(H, d2, e2, a2, b2, c2, buffer_[13], 5, k7); + + Subround(G, c2, d2, e2, a2, b2, buffer_[ 8], 15, k8); + Subround(G, b2, c2, d2, e2, a2, buffer_[ 6], 5, k8); + Subround(G, a2, b2, c2, d2, e2, buffer_[ 4], 8, k8); + Subround(G, e2, a2, b2, c2, d2, buffer_[ 1], 11, k8); + Subround(G, d2, e2, a2, b2, c2, buffer_[ 3], 14, k8); + Subround(G, c2, d2, e2, a2, b2, buffer_[11], 14, k8); + Subround(G, b2, c2, d2, e2, a2, buffer_[15], 6, k8); + Subround(G, a2, b2, c2, d2, e2, buffer_[ 0], 14, k8); + Subround(G, e2, a2, b2, c2, d2, buffer_[ 5], 6, k8); + Subround(G, d2, e2, a2, b2, c2, buffer_[12], 9, k8); + Subround(G, c2, d2, e2, a2, b2, buffer_[ 2], 12, k8); + Subround(G, b2, c2, d2, e2, a2, buffer_[13], 9, k8); + Subround(G, a2, b2, c2, d2, e2, buffer_[ 9], 12, k8); + Subround(G, e2, a2, b2, c2, d2, buffer_[ 7], 5, k8); + Subround(G, d2, e2, a2, b2, c2, buffer_[10], 15, k8); + Subround(G, c2, d2, e2, a2, b2, buffer_[14], 8, k8); + + Subround(F, b2, c2, d2, e2, a2, buffer_[12], 8, k9); + Subround(F, a2, b2, c2, d2, e2, buffer_[15], 5, k9); + Subround(F, e2, a2, b2, c2, d2, buffer_[10], 12, k9); + Subround(F, d2, e2, a2, b2, c2, buffer_[ 4], 9, k9); + Subround(F, c2, d2, e2, a2, b2, buffer_[ 1], 12, k9); + Subround(F, b2, c2, d2, e2, a2, buffer_[ 5], 5, k9); + Subround(F, a2, b2, c2, d2, e2, buffer_[ 8], 14, k9); + Subround(F, e2, a2, b2, c2, d2, buffer_[ 7], 6, k9); + Subround(F, d2, e2, a2, b2, c2, buffer_[ 6], 8, k9); + Subround(F, c2, d2, e2, a2, b2, buffer_[ 2], 13, k9); + Subround(F, b2, c2, d2, e2, a2, buffer_[13], 6, k9); + Subround(F, a2, b2, c2, d2, e2, buffer_[14], 5, k9); + Subround(F, e2, a2, b2, c2, d2, buffer_[ 0], 15, k9); + Subround(F, d2, e2, a2, b2, c2, buffer_[ 3], 13, k9); + Subround(F, c2, d2, e2, a2, b2, buffer_[ 9], 11, k9); + Subround(F, b2, c2, d2, e2, a2, buffer_[11], 11, k9); + + c1 = digest_[1] + c1 + d2; + digest_[1] = digest_[2] + d1 + e2; + digest_[2] = digest_[3] + e1 + a2; + digest_[3] = digest_[4] + a1 + b2; + digest_[4] = digest_[0] + b1 + c2; + digest_[0] = c1; +} + + +#ifdef DO_RIPEMD_ASM + +/* + // F(x ^ y ^ z) + // place in esi +#define ASMF(x, y, z) \ + AS2( mov esi, x ) \ + AS2( xor esi, y ) \ + AS2( xor esi, z ) + + + // G(z ^ (x & (y^z))) + // place in esi +#define ASMG(x, y, z) \ + AS2( mov esi, z ) \ + AS2( xor esi, y ) \ + AS2( and esi, x ) \ + AS2( xor esi, z ) + + + // H(z ^ (x | ~y)) + // place in esi +#define ASMH(x, y, z) \ + AS2( mov esi, y ) \ + AS1( not esi ) \ + AS2( or esi, x ) \ + AS2( xor esi, z ) + + + // I(y ^ (z & (x^y))) + // place in esi +#define ASMI(x, y, z) \ + AS2( mov esi, y ) \ + AS2( xor esi, x ) \ + AS2( and esi, z ) \ + AS2( xor esi, y ) + + + // J(x ^ (y | ~z))) + // place in esi +#define ASMJ(x, y, z) \ + AS2( mov esi, z ) \ + AS1( not esi ) \ + AS2( or esi, y ) \ + AS2( xor esi, x ) + + +// for 160 and 320 +// #define ASMSubround(f, a, b, c, d, e, i, s, k) +// a += f(b, c, d) + data[i] + k; +// a = rotlFixed((word32)a, s) + e; +// c = rotlFixed((word32)c, 10U) + +#define ASMSubround(f, a, b, c, d, e, index, s, k) \ + // a += f(b, c, d) + data[i] + k \ + AS2( mov esp, [edi + index * 4] ) \ + f(b, c, d) \ + AS2( add esi, k ) \ + AS2( add esi, esp ) \ + AS2( add a, esi ) \ + // a = rotlFixed((word32)a, s) + e \ + AS2( rol a, s ) \ + AS2( rol c, 10 ) \ + // c = rotlFixed((word32)c, 10U) \ + AS2( add a, e ) +*/ + + +// combine F into subround w/ setup +// esi already has c, setup for next round when done +// esp already has edi[index], setup for next round when done + +#define ASMSubroundF(a, b, c, d, e, index, s) \ + /* a += (b ^ c ^ d) + data[i] + k */ \ + AS2( xor esi, b ) \ + AS2( add a, [edi + index * 4] ) \ + AS2( xor esi, d ) \ + AS2( add a, esi ) \ + /* a = rotlFixed((word32)a, s) + e */ \ + AS2( mov esi, b ) \ + AS2( rol a, s ) \ + /* c = rotlFixed((word32)c, 10U) */ \ + AS2( rol c, 10 ) \ + AS2( add a, e ) + + +// combine G into subround w/ setup +// esi already has c, setup for next round when done +// esp already has edi[index], setup for next round when done + +#define ASMSubroundG(a, b, c, d, e, index, s, k) \ + /* a += (d ^ (b & (c^d))) + data[i] + k */ \ + AS2( xor esi, d ) \ + AS2( and esi, b ) \ + AS2( add a, [edi + index * 4] ) \ + AS2( xor esi, d ) \ + AS2( lea a, [esi + a + k] ) \ + /* a = rotlFixed((word32)a, s) + e */ \ + AS2( mov esi, b ) \ + AS2( rol a, s ) \ + /* c = rotlFixed((word32)c, 10U) */ \ + AS2( rol c, 10 ) \ + AS2( add a, e ) + + +// combine H into subround w/ setup +// esi already has c, setup for next round when done +// esp already has edi[index], setup for next round when done + +#define ASMSubroundH(a, b, c, d, e, index, s, k) \ + /* a += (d ^ (b | ~c)) + data[i] + k */ \ + AS1( not esi ) \ + AS2( or esi, b ) \ + AS2( add a, [edi + index * 4] ) \ + AS2( xor esi, d ) \ + AS2( lea a, [esi + a + k] ) \ + /* a = rotlFixed((word32)a, s) + e */ \ + AS2( mov esi, b ) \ + AS2( rol a, s ) \ + /* c = rotlFixed((word32)c, 10U) */ \ + AS2( rol c, 10 ) \ + AS2( add a, e ) + + +// combine I into subround w/ setup +// esi already has c, setup for next round when done +// esp already has edi[index], setup for next round when done + +#define ASMSubroundI(a, b, c, d, e, index, s, k) \ + /* a += (c ^ (d & (b^c))) + data[i] + k */ \ + AS2( xor esi, b ) \ + AS2( and esi, d ) \ + AS2( add a, [edi + index * 4] ) \ + AS2( xor esi, c ) \ + AS2( lea a, [esi + a + k] ) \ + /* a = rotlFixed((word32)a, s) + e */ \ + AS2( mov esi, b ) \ + AS2( rol a, s ) \ + /* c = rotlFixed((word32)c, 10U) */ \ + AS2( rol c, 10 ) \ + AS2( add a, e ) + + +// combine J into subround w/ setup +// esi already has d, setup for next round when done +// esp already has edi[index], setup for next round when done + +#define ASMSubroundJ(a, b, c, d, e, index, s, k) \ + /* a += (b ^ (c | ~d))) + data[i] + k */ \ + AS1( not esi ) \ + AS2( or esi, c ) \ + /* c = rotlFixed((word32)c, 10U) */ \ + AS2( add a, [edi + index * 4] ) \ + AS2( xor esi, b ) \ + AS2( rol c, 10 ) \ + AS2( lea a, [esi + a + k] ) \ + /* a = rotlFixed((word32)a, s) + e */ \ + AS2( rol a, s ) \ + AS2( mov esi, c ) \ + AS2( add a, e ) + + +#ifdef _MSC_VER + __declspec(naked) +#else + __attribute__ ((noinline)) +#endif +void RIPEMD160::AsmTransform(const byte* data, word32 times) +{ +#ifdef __GNUC__ + #define AS1(x) #x ";" + #define AS2(x, y) #x ", " #y ";" + + #define PROLOG() \ + __asm__ __volatile__ \ + ( \ + ".intel_syntax noprefix;" \ + "push ebx;" \ + "push ebp;" + #define EPILOG() \ + "pop ebp;" \ + "pop ebx;" \ + "emms;" \ + ".att_syntax;" \ + : \ + : "c" (this), "D" (data), "d" (times) \ + : "%esi", "%eax", "memory", "cc" \ + ); + +#else + #define AS1(x) __asm x + #define AS2(x, y) __asm x, y + + #define PROLOG() \ + AS1( push ebp ) \ + AS2( mov ebp, esp ) \ + AS2( movd mm3, edi ) \ + AS2( movd mm4, ebx ) \ + AS2( movd mm5, esi ) \ + AS2( movd mm6, ebp ) \ + AS2( mov edi, DWORD PTR [ebp + 8] ) \ + AS2( mov edx, DWORD PTR [ebp + 12] ) + + #define EPILOG() \ + AS2( movd ebp, mm6 ) \ + AS2( movd esi, mm5 ) \ + AS2( movd ebx, mm4 ) \ + AS2( movd edi, mm3 ) \ + AS2( mov esp, ebp ) \ + AS1( pop ebp ) \ + AS1( emms ) \ + AS1( ret 8 ) + +#endif + + PROLOG() + + #ifdef OLD_GCC_OFFSET + AS2( lea esi, [ecx + 20] ) // digest_[0] + #else + AS2( lea esi, [ecx + 16] ) // digest_[0] + #endif + + AS2( sub esp, 24 ) // make room for tmp a1 - e1 + AS2( movd mm1, esi ) // store digest_ + +#ifdef _MSC_VER + AS1( loopStart: ) // loopStart +#else + AS1( 0: ) // loopStart for some gas (need numeric for jump back +#endif + + AS2( movd mm2, edx ) // store times_ + + AS2( mov eax, [esi] ) // a1 + AS2( mov ebx, [esi + 4] ) // b1 + AS2( mov ecx, [esi + 8] ) // c1 + AS2( mov edx, [esi + 12] ) // d1 + AS2( mov ebp, [esi + 16] ) // e1 + + // setup + AS2( mov esi, ecx ) + + ASMSubroundF( eax, ebx, ecx, edx, ebp, 0, 11) + ASMSubroundF( ebp, eax, ebx, ecx, edx, 1, 14) + ASMSubroundF( edx, ebp, eax, ebx, ecx, 2, 15) + ASMSubroundF( ecx, edx, ebp, eax, ebx, 3, 12) + ASMSubroundF( ebx, ecx, edx, ebp, eax, 4, 5) + ASMSubroundF( eax, ebx, ecx, edx, ebp, 5, 8) + ASMSubroundF( ebp, eax, ebx, ecx, edx, 6, 7) + ASMSubroundF( edx, ebp, eax, ebx, ecx, 7, 9) + ASMSubroundF( ecx, edx, ebp, eax, ebx, 8, 11) + ASMSubroundF( ebx, ecx, edx, ebp, eax, 9, 13) + ASMSubroundF( eax, ebx, ecx, edx, ebp, 10, 14) + ASMSubroundF( ebp, eax, ebx, ecx, edx, 11, 15) + ASMSubroundF( edx, ebp, eax, ebx, ecx, 12, 6) + ASMSubroundF( ecx, edx, ebp, eax, ebx, 13, 7) + ASMSubroundF( ebx, ecx, edx, ebp, eax, 14, 9) + ASMSubroundF( eax, ebx, ecx, edx, ebp, 15, 8) + + ASMSubroundG( ebp, eax, ebx, ecx, edx, 7, 7, k1) + ASMSubroundG( edx, ebp, eax, ebx, ecx, 4, 6, k1) + ASMSubroundG( ecx, edx, ebp, eax, ebx, 13, 8, k1) + ASMSubroundG( ebx, ecx, edx, ebp, eax, 1, 13, k1) + ASMSubroundG( eax, ebx, ecx, edx, ebp, 10, 11, k1) + ASMSubroundG( ebp, eax, ebx, ecx, edx, 6, 9, k1) + ASMSubroundG( edx, ebp, eax, ebx, ecx, 15, 7, k1) + ASMSubroundG( ecx, edx, ebp, eax, ebx, 3, 15, k1) + ASMSubroundG( ebx, ecx, edx, ebp, eax, 12, 7, k1) + ASMSubroundG( eax, ebx, ecx, edx, ebp, 0, 12, k1) + ASMSubroundG( ebp, eax, ebx, ecx, edx, 9, 15, k1) + ASMSubroundG( edx, ebp, eax, ebx, ecx, 5, 9, k1) + ASMSubroundG( ecx, edx, ebp, eax, ebx, 2, 11, k1) + ASMSubroundG( ebx, ecx, edx, ebp, eax, 14, 7, k1) + ASMSubroundG( eax, ebx, ecx, edx, ebp, 11, 13, k1) + ASMSubroundG( ebp, eax, ebx, ecx, edx, 8, 12, k1) + + ASMSubroundH( edx, ebp, eax, ebx, ecx, 3, 11, k2) + ASMSubroundH( ecx, edx, ebp, eax, ebx, 10, 13, k2) + ASMSubroundH( ebx, ecx, edx, ebp, eax, 14, 6, k2) + ASMSubroundH( eax, ebx, ecx, edx, ebp, 4, 7, k2) + ASMSubroundH( ebp, eax, ebx, ecx, edx, 9, 14, k2) + ASMSubroundH( edx, ebp, eax, ebx, ecx, 15, 9, k2) + ASMSubroundH( ecx, edx, ebp, eax, ebx, 8, 13, k2) + ASMSubroundH( ebx, ecx, edx, ebp, eax, 1, 15, k2) + ASMSubroundH( eax, ebx, ecx, edx, ebp, 2, 14, k2) + ASMSubroundH( ebp, eax, ebx, ecx, edx, 7, 8, k2) + ASMSubroundH( edx, ebp, eax, ebx, ecx, 0, 13, k2) + ASMSubroundH( ecx, edx, ebp, eax, ebx, 6, 6, k2) + ASMSubroundH( ebx, ecx, edx, ebp, eax, 13, 5, k2) + ASMSubroundH( eax, ebx, ecx, edx, ebp, 11, 12, k2) + ASMSubroundH( ebp, eax, ebx, ecx, edx, 5, 7, k2) + ASMSubroundH( edx, ebp, eax, ebx, ecx, 12, 5, k2) + + ASMSubroundI( ecx, edx, ebp, eax, ebx, 1, 11, k3) + ASMSubroundI( ebx, ecx, edx, ebp, eax, 9, 12, k3) + ASMSubroundI( eax, ebx, ecx, edx, ebp, 11, 14, k3) + ASMSubroundI( ebp, eax, ebx, ecx, edx, 10, 15, k3) + ASMSubroundI( edx, ebp, eax, ebx, ecx, 0, 14, k3) + ASMSubroundI( ecx, edx, ebp, eax, ebx, 8, 15, k3) + ASMSubroundI( ebx, ecx, edx, ebp, eax, 12, 9, k3) + ASMSubroundI( eax, ebx, ecx, edx, ebp, 4, 8, k3) + ASMSubroundI( ebp, eax, ebx, ecx, edx, 13, 9, k3) + ASMSubroundI( edx, ebp, eax, ebx, ecx, 3, 14, k3) + ASMSubroundI( ecx, edx, ebp, eax, ebx, 7, 5, k3) + ASMSubroundI( ebx, ecx, edx, ebp, eax, 15, 6, k3) + ASMSubroundI( eax, ebx, ecx, edx, ebp, 14, 8, k3) + ASMSubroundI( ebp, eax, ebx, ecx, edx, 5, 6, k3) + ASMSubroundI( edx, ebp, eax, ebx, ecx, 6, 5, k3) + ASMSubroundI( ecx, edx, ebp, eax, ebx, 2, 12, k3) + + // setup + AS2( mov esi, ebp ) + + ASMSubroundJ( ebx, ecx, edx, ebp, eax, 4, 9, k4) + ASMSubroundJ( eax, ebx, ecx, edx, ebp, 0, 15, k4) + ASMSubroundJ( ebp, eax, ebx, ecx, edx, 5, 5, k4) + ASMSubroundJ( edx, ebp, eax, ebx, ecx, 9, 11, k4) + ASMSubroundJ( ecx, edx, ebp, eax, ebx, 7, 6, k4) + ASMSubroundJ( ebx, ecx, edx, ebp, eax, 12, 8, k4) + ASMSubroundJ( eax, ebx, ecx, edx, ebp, 2, 13, k4) + ASMSubroundJ( ebp, eax, ebx, ecx, edx, 10, 12, k4) + ASMSubroundJ( edx, ebp, eax, ebx, ecx, 14, 5, k4) + ASMSubroundJ( ecx, edx, ebp, eax, ebx, 1, 12, k4) + ASMSubroundJ( ebx, ecx, edx, ebp, eax, 3, 13, k4) + ASMSubroundJ( eax, ebx, ecx, edx, ebp, 8, 14, k4) + ASMSubroundJ( ebp, eax, ebx, ecx, edx, 11, 11, k4) + ASMSubroundJ( edx, ebp, eax, ebx, ecx, 6, 8, k4) + ASMSubroundJ( ecx, edx, ebp, eax, ebx, 15, 5, k4) + ASMSubroundJ( ebx, ecx, edx, ebp, eax, 13, 6, k4) + + // store a1 - e1 on stack + AS2( movd esi, mm1 ) // digest_ + + AS2( mov [esp], eax ) + AS2( mov [esp + 4], ebx ) + AS2( mov [esp + 8], ecx ) + AS2( mov [esp + 12], edx ) + AS2( mov [esp + 16], ebp ) + + AS2( mov eax, [esi] ) // a2 + AS2( mov ebx, [esi + 4] ) // b2 + AS2( mov ecx, [esi + 8] ) // c2 + AS2( mov edx, [esi + 12] ) // d2 + AS2( mov ebp, [esi + 16] ) // e2 + + + // setup + AS2( mov esi, edx ) + + ASMSubroundJ( eax, ebx, ecx, edx, ebp, 5, 8, k5) + ASMSubroundJ( ebp, eax, ebx, ecx, edx, 14, 9, k5) + ASMSubroundJ( edx, ebp, eax, ebx, ecx, 7, 9, k5) + ASMSubroundJ( ecx, edx, ebp, eax, ebx, 0, 11, k5) + ASMSubroundJ( ebx, ecx, edx, ebp, eax, 9, 13, k5) + ASMSubroundJ( eax, ebx, ecx, edx, ebp, 2, 15, k5) + ASMSubroundJ( ebp, eax, ebx, ecx, edx, 11, 15, k5) + ASMSubroundJ( edx, ebp, eax, ebx, ecx, 4, 5, k5) + ASMSubroundJ( ecx, edx, ebp, eax, ebx, 13, 7, k5) + ASMSubroundJ( ebx, ecx, edx, ebp, eax, 6, 7, k5) + ASMSubroundJ( eax, ebx, ecx, edx, ebp, 15, 8, k5) + ASMSubroundJ( ebp, eax, ebx, ecx, edx, 8, 11, k5) + ASMSubroundJ( edx, ebp, eax, ebx, ecx, 1, 14, k5) + ASMSubroundJ( ecx, edx, ebp, eax, ebx, 10, 14, k5) + ASMSubroundJ( ebx, ecx, edx, ebp, eax, 3, 12, k5) + ASMSubroundJ( eax, ebx, ecx, edx, ebp, 12, 6, k5) + + // setup + AS2( mov esi, ebx ) + + ASMSubroundI( ebp, eax, ebx, ecx, edx, 6, 9, k6) + ASMSubroundI( edx, ebp, eax, ebx, ecx, 11, 13, k6) + ASMSubroundI( ecx, edx, ebp, eax, ebx, 3, 15, k6) + ASMSubroundI( ebx, ecx, edx, ebp, eax, 7, 7, k6) + ASMSubroundI( eax, ebx, ecx, edx, ebp, 0, 12, k6) + ASMSubroundI( ebp, eax, ebx, ecx, edx, 13, 8, k6) + ASMSubroundI( edx, ebp, eax, ebx, ecx, 5, 9, k6) + ASMSubroundI( ecx, edx, ebp, eax, ebx, 10, 11, k6) + ASMSubroundI( ebx, ecx, edx, ebp, eax, 14, 7, k6) + ASMSubroundI( eax, ebx, ecx, edx, ebp, 15, 7, k6) + ASMSubroundI( ebp, eax, ebx, ecx, edx, 8, 12, k6) + ASMSubroundI( edx, ebp, eax, ebx, ecx, 12, 7, k6) + ASMSubroundI( ecx, edx, ebp, eax, ebx, 4, 6, k6) + ASMSubroundI( ebx, ecx, edx, ebp, eax, 9, 15, k6) + ASMSubroundI( eax, ebx, ecx, edx, ebp, 1, 13, k6) + ASMSubroundI( ebp, eax, ebx, ecx, edx, 2, 11, k6) + + ASMSubroundH( edx, ebp, eax, ebx, ecx, 15, 9, k7) + ASMSubroundH( ecx, edx, ebp, eax, ebx, 5, 7, k7) + ASMSubroundH( ebx, ecx, edx, ebp, eax, 1, 15, k7) + ASMSubroundH( eax, ebx, ecx, edx, ebp, 3, 11, k7) + ASMSubroundH( ebp, eax, ebx, ecx, edx, 7, 8, k7) + ASMSubroundH( edx, ebp, eax, ebx, ecx, 14, 6, k7) + ASMSubroundH( ecx, edx, ebp, eax, ebx, 6, 6, k7) + ASMSubroundH( ebx, ecx, edx, ebp, eax, 9, 14, k7) + ASMSubroundH( eax, ebx, ecx, edx, ebp, 11, 12, k7) + ASMSubroundH( ebp, eax, ebx, ecx, edx, 8, 13, k7) + ASMSubroundH( edx, ebp, eax, ebx, ecx, 12, 5, k7) + ASMSubroundH( ecx, edx, ebp, eax, ebx, 2, 14, k7) + ASMSubroundH( ebx, ecx, edx, ebp, eax, 10, 13, k7) + ASMSubroundH( eax, ebx, ecx, edx, ebp, 0, 13, k7) + ASMSubroundH( ebp, eax, ebx, ecx, edx, 4, 7, k7) + ASMSubroundH( edx, ebp, eax, ebx, ecx, 13, 5, k7) + + ASMSubroundG( ecx, edx, ebp, eax, ebx, 8, 15, k8) + ASMSubroundG( ebx, ecx, edx, ebp, eax, 6, 5, k8) + ASMSubroundG( eax, ebx, ecx, edx, ebp, 4, 8, k8) + ASMSubroundG( ebp, eax, ebx, ecx, edx, 1, 11, k8) + ASMSubroundG( edx, ebp, eax, ebx, ecx, 3, 14, k8) + ASMSubroundG( ecx, edx, ebp, eax, ebx, 11, 14, k8) + ASMSubroundG( ebx, ecx, edx, ebp, eax, 15, 6, k8) + ASMSubroundG( eax, ebx, ecx, edx, ebp, 0, 14, k8) + ASMSubroundG( ebp, eax, ebx, ecx, edx, 5, 6, k8) + ASMSubroundG( edx, ebp, eax, ebx, ecx, 12, 9, k8) + ASMSubroundG( ecx, edx, ebp, eax, ebx, 2, 12, k8) + ASMSubroundG( ebx, ecx, edx, ebp, eax, 13, 9, k8) + ASMSubroundG( eax, ebx, ecx, edx, ebp, 9, 12, k8) + ASMSubroundG( ebp, eax, ebx, ecx, edx, 7, 5, k8) + ASMSubroundG( edx, ebp, eax, ebx, ecx, 10, 15, k8) + ASMSubroundG( ecx, edx, ebp, eax, ebx, 14, 8, k8) + + ASMSubroundF( ebx, ecx, edx, ebp, eax, 12, 8) + ASMSubroundF( eax, ebx, ecx, edx, ebp, 15, 5) + ASMSubroundF( ebp, eax, ebx, ecx, edx, 10, 12) + ASMSubroundF( edx, ebp, eax, ebx, ecx, 4, 9) + ASMSubroundF( ecx, edx, ebp, eax, ebx, 1, 12) + ASMSubroundF( ebx, ecx, edx, ebp, eax, 5, 5) + ASMSubroundF( eax, ebx, ecx, edx, ebp, 8, 14) + ASMSubroundF( ebp, eax, ebx, ecx, edx, 7, 6) + ASMSubroundF( edx, ebp, eax, ebx, ecx, 6, 8) + ASMSubroundF( ecx, edx, ebp, eax, ebx, 2, 13) + ASMSubroundF( ebx, ecx, edx, ebp, eax, 13, 6) + ASMSubroundF( eax, ebx, ecx, edx, ebp, 14, 5) + ASMSubroundF( ebp, eax, ebx, ecx, edx, 0, 15) + ASMSubroundF( edx, ebp, eax, ebx, ecx, 3, 13) + ASMSubroundF( ecx, edx, ebp, eax, ebx, 9, 11) + ASMSubroundF( ebx, ecx, edx, ebp, eax, 11, 11) + + // advance data and store for next round + AS2( add edi, 64 ) + AS2( movd esi, mm1 ) // digest_ + AS2( movd mm0, edi ) // store + + // now edi as tmp + + // c1 = digest_[1] + c1 + d2; + AS2( add [esp + 8], edx ) // + d2 + AS2( mov edi, [esi + 4] ) // digest_[1] + AS2( add [esp + 8], edi ) + + // digest_[1] = digest_[2] + d1 + e2; + AS2( mov [esi + 4], ebp ) // e2 + AS2( mov edi, [esp + 12] ) // d1 + AS2( add edi, [esi + 8] ) // digest_[2] + AS2( add [esi + 4], edi ) + + // digest_[2] = digest_[3] + e1 + a2; + AS2( mov [esi + 8], eax ) // a2 + AS2( mov edi, [esp + 16] ) // e1 + AS2( add edi, [esi + 12] ) // digest_[3] + AS2( add [esi + 8], edi ) + + // digest_[3] = digest_[4] + a1 + b2; + AS2( mov [esi + 12], ebx ) // b2 + AS2( mov edi, [esp] ) // a1 + AS2( add edi, [esi + 16] ) // digest_[4] + AS2( add [esi + 12], edi ) + + // digest_[4] = digest_[0] + b1 + c2; + AS2( mov [esi + 16], ecx ) // c2 + AS2( mov edi, [esp + 4] ) // b1 + AS2( add edi, [esi] ) // digest_[0] + AS2( add [esi + 16], edi ) + + // digest_[0] = c1; + AS2( mov edi, [esp + 8] ) // c1 + AS2( mov [esi], edi ) + + // setup for loop back + AS2( movd edx, mm2 ) // times + AS2( movd edi, mm0 ) // data, already advanced + AS1( dec edx ) +#ifdef _MSC_VER + AS1( jnz loopStart ) // loopStart +#else + AS1( jnz 0b ) // loopStart +#endif + + // inline adjust + AS2( add esp, 24 ) // fix room on stack + + EPILOG() +} + + +#endif // DO_RIPEMD_ASM + + +} // namespace TaoCrypt diff --git a/mysql/extra/yassl/taocrypt/src/rsa.cpp b/mysql/extra/yassl/taocrypt/src/rsa.cpp new file mode 100644 index 0000000..73f678e --- /dev/null +++ b/mysql/extra/yassl/taocrypt/src/rsa.cpp @@ -0,0 +1,215 @@ +/* + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* based on Wei Dai's rsa.cpp from CryptoPP */ + +#include "runtime.hpp" +#include "rsa.hpp" +#include "asn.hpp" +#include "modarith.hpp" + + + +namespace TaoCrypt { + + +Integer RSA_PublicKey::ApplyFunction(const Integer& x) const +{ + return a_exp_b_mod_c(x, e_, n_); +} + + +RSA_PublicKey::RSA_PublicKey(Source& source) +{ + Initialize(source); +} + + +void RSA_PublicKey::Initialize(Source& source) +{ + RSA_Public_Decoder decoder(source); + decoder.Decode(*this); +} + + +Integer RSA_PrivateKey::CalculateInverse(RandomNumberGenerator& rng, + const Integer& x) const +{ + ModularArithmetic modn(n_); + + Integer r(rng, Integer::One(), n_ - Integer::One()); + Integer re = modn.Exponentiate(r, e_); + re = modn.Multiply(re, x); // blind + + // here we follow the notation of PKCS #1 and let u=q inverse mod p + // but in ModRoot, u=p inverse mod q, so we reverse the order of p and q + + Integer y = ModularRoot(re, dq_, dp_, q_, p_, u_); + y = modn.Divide(y, r); // unblind + + return y; +} + + +RSA_PrivateKey::RSA_PrivateKey(Source& source) +{ + Initialize(source); +} + + +void RSA_PrivateKey::Initialize(Source& source) +{ + RSA_Private_Decoder decoder(source); + decoder.Decode(*this); +} + + +void RSA_BlockType2::Pad(const byte *input, word32 inputLen, byte *pkcsBlock, + word32 pkcsBlockLen, RandomNumberGenerator& rng) const +{ + // convert from bit length to byte length + if (pkcsBlockLen % 8 != 0) + { + pkcsBlock[0] = 0; + pkcsBlock++; + } + pkcsBlockLen /= 8; + + pkcsBlock[0] = 2; // block type 2 + + // pad with non-zero random bytes + word32 padLen = pkcsBlockLen - inputLen - 1; + rng.GenerateBlock(&pkcsBlock[1], padLen); + for (word32 i = 1; i < padLen; i++) + if (pkcsBlock[i] == 0) pkcsBlock[i] = 0x01; + + pkcsBlock[pkcsBlockLen-inputLen-1] = 0; // separator + memcpy(pkcsBlock+pkcsBlockLen-inputLen, input, inputLen); +} + +word32 RSA_BlockType2::UnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen, + byte *output) const +{ + bool invalid = false; + unsigned int maxOutputLen = SaturatingSubtract(pkcsBlockLen / 8, 10U); + + // convert from bit length to byte length + if (pkcsBlockLen % 8 != 0) + { + invalid = (pkcsBlock[0] != 0) || invalid; + pkcsBlock++; + } + pkcsBlockLen /= 8; + + // Require block type 2. + invalid = (pkcsBlock[0] != 2) || invalid; + + // skip past the padding until we find the separator + unsigned i=1; + while (i maxOutputLen) || invalid; + + if (invalid) + return 0; + + memcpy (output, pkcsBlock+i, outputLen); + return outputLen; +} + + +void RSA_BlockType1::Pad(const byte* input, word32 inputLen, byte* pkcsBlock, + word32 pkcsBlockLen, RandomNumberGenerator&) const +{ + // sanity checks + if (input == NULL || pkcsBlock == NULL) + return; + + // convert from bit length to byte length + if (pkcsBlockLen % 8 != 0) + { + pkcsBlock[0] = 0; + pkcsBlock++; + } + pkcsBlockLen /= 8; + + pkcsBlock[0] = 1; // block type 1 for SSL + + // pad with 0xff bytes + memset(&pkcsBlock[1], 0xFF, pkcsBlockLen - inputLen - 2); + + pkcsBlock[pkcsBlockLen-inputLen-1] = 0; // separator + memcpy(pkcsBlock+pkcsBlockLen-inputLen, input, inputLen); +} + + +word32 RSA_BlockType1::UnPad(const byte* pkcsBlock, word32 pkcsBlockLen, + byte* output) const +{ + bool invalid = false; + unsigned int maxOutputLen = SaturatingSubtract(pkcsBlockLen / 8, 10U); + + // convert from bit length to byte length + if (pkcsBlockLen % 8 != 0) + { + invalid = (pkcsBlock[0] != 0) || invalid; + pkcsBlock++; + } + pkcsBlockLen /= 8; + + // Require block type 1 for SSL. + invalid = (pkcsBlock[0] != 1) || invalid; + + // skip past the padding until we find the separator + unsigned i=1; + while (i maxOutputLen) || invalid; + + if (invalid) + return 0; + + memcpy(output, pkcsBlock+i, outputLen); + return outputLen; +} + + +word32 SSL_Decrypt(const RSA_PublicKey& key, const byte* sig, byte* plain) +{ + PK_Lengths lengths(key.GetModulus()); + + ByteBlock paddedBlock(BitsToBytes(lengths.PaddedBlockBitLength())); + Integer x = key.ApplyFunction(Integer(sig, + lengths.FixedCiphertextLength())); + if (x.ByteCount() > paddedBlock.size()) + x = Integer::Zero(); + x.Encode(paddedBlock.get_buffer(), paddedBlock.size()); + return RSA_BlockType1().UnPad(paddedBlock.get_buffer(), + lengths.PaddedBlockBitLength(), plain); +} + + +} // namespace diff --git a/mysql/extra/yassl/taocrypt/src/sha.cpp b/mysql/extra/yassl/taocrypt/src/sha.cpp new file mode 100644 index 0000000..4206f7f --- /dev/null +++ b/mysql/extra/yassl/taocrypt/src/sha.cpp @@ -0,0 +1,1033 @@ +/* + Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA. +*/ + +/* based on Wei Dai's sha.cpp from CryptoPP */ + +#include "runtime.hpp" +#include +#include "sha.hpp" +#ifdef USE_SYS_STL + #include +#else + #include "algorithm.hpp" +#endif + + +namespace STL = STL_NAMESPACE; + + + +namespace TaoCrypt { + +#define blk0(i) (W[i] = buffer_[i]) +#define blk1(i) (W[i&15] = \ + rotlFixed(W[(i+13)&15]^W[(i+8)&15]^W[(i+2)&15]^W[i&15],1)) + +#define f1(x,y,z) (z^(x &(y^z))) +#define f2(x,y,z) (x^y^z) +#define f3(x,y,z) ((x&y)|(z&(x|y))) +#define f4(x,y,z) (x^y^z) + +// (R0+R1), R2, R3, R4 are the different operations used in SHA1 +#define R0(v,w,x,y,z,i) z+= f1(w,x,y) + blk0(i) + 0x5A827999+ \ + rotlFixed(v,5); w = rotlFixed(w,30); +#define R1(v,w,x,y,z,i) z+= f1(w,x,y) + blk1(i) + 0x5A827999+ \ + rotlFixed(v,5); w = rotlFixed(w,30); +#define R2(v,w,x,y,z,i) z+= f2(w,x,y) + blk1(i) + 0x6ED9EBA1+ \ + rotlFixed(v,5); w = rotlFixed(w,30); +#define R3(v,w,x,y,z,i) z+= f3(w,x,y) + blk1(i) + 0x8F1BBCDC+ \ + rotlFixed(v,5); w = rotlFixed(w,30); +#define R4(v,w,x,y,z,i) z+= f4(w,x,y) + blk1(i) + 0xCA62C1D6+ \ + rotlFixed(v,5); w = rotlFixed(w,30); + + +void SHA::Init() +{ + digest_[0] = 0x67452301L; + digest_[1] = 0xEFCDAB89L; + digest_[2] = 0x98BADCFEL; + digest_[3] = 0x10325476L; + digest_[4] = 0xC3D2E1F0L; + + buffLen_ = 0; + loLen_ = 0; + hiLen_ = 0; +} + +void SHA256::Init() +{ + digest_[0] = 0x6A09E667L; + digest_[1] = 0xBB67AE85L; + digest_[2] = 0x3C6EF372L; + digest_[3] = 0xA54FF53AL; + digest_[4] = 0x510E527FL; + digest_[5] = 0x9B05688CL; + digest_[6] = 0x1F83D9ABL; + digest_[7] = 0x5BE0CD19L; + + buffLen_ = 0; + loLen_ = 0; + hiLen_ = 0; +} + + +void SHA224::Init() +{ + digest_[0] = 0xc1059ed8; + digest_[1] = 0x367cd507; + digest_[2] = 0x3070dd17; + digest_[3] = 0xf70e5939; + digest_[4] = 0xffc00b31; + digest_[5] = 0x68581511; + digest_[6] = 0x64f98fa7; + digest_[7] = 0xbefa4fa4; + + buffLen_ = 0; + loLen_ = 0; + hiLen_ = 0; +} + + +#ifdef WORD64_AVAILABLE + +void SHA512::Init() +{ + digest_[0] = W64LIT(0x6a09e667f3bcc908); + digest_[1] = W64LIT(0xbb67ae8584caa73b); + digest_[2] = W64LIT(0x3c6ef372fe94f82b); + digest_[3] = W64LIT(0xa54ff53a5f1d36f1); + digest_[4] = W64LIT(0x510e527fade682d1); + digest_[5] = W64LIT(0x9b05688c2b3e6c1f); + digest_[6] = W64LIT(0x1f83d9abfb41bd6b); + digest_[7] = W64LIT(0x5be0cd19137e2179); + + buffLen_ = 0; + loLen_ = 0; + hiLen_ = 0; +} + + +void SHA384::Init() +{ + digest_[0] = W64LIT(0xcbbb9d5dc1059ed8); + digest_[1] = W64LIT(0x629a292a367cd507); + digest_[2] = W64LIT(0x9159015a3070dd17); + digest_[3] = W64LIT(0x152fecd8f70e5939); + digest_[4] = W64LIT(0x67332667ffc00b31); + digest_[5] = W64LIT(0x8eb44a8768581511); + digest_[6] = W64LIT(0xdb0c2e0d64f98fa7); + digest_[7] = W64LIT(0x47b5481dbefa4fa4); + + buffLen_ = 0; + loLen_ = 0; + hiLen_ = 0; +} + +#endif // WORD64_AVAILABLE + + +SHA::SHA(const SHA& that) : HASHwithTransform(DIGEST_SIZE / sizeof(word32), + BLOCK_SIZE) +{ + buffLen_ = that.buffLen_; + loLen_ = that.loLen_; + hiLen_ = that.hiLen_; + + memcpy(digest_, that.digest_, DIGEST_SIZE); + memcpy(buffer_, that.buffer_, BLOCK_SIZE); +} + + +SHA256::SHA256(const SHA256& that) : HASHwithTransform(DIGEST_SIZE / + sizeof(word32), BLOCK_SIZE) +{ + buffLen_ = that.buffLen_; + loLen_ = that.loLen_; + hiLen_ = that.hiLen_; + + memcpy(digest_, that.digest_, DIGEST_SIZE); + memcpy(buffer_, that.buffer_, BLOCK_SIZE); +} + + +SHA224::SHA224(const SHA224& that) : HASHwithTransform(SHA256::DIGEST_SIZE / + sizeof(word32), BLOCK_SIZE) +{ + buffLen_ = that.buffLen_; + loLen_ = that.loLen_; + hiLen_ = that.hiLen_; + + memcpy(digest_, that.digest_, DIGEST_SIZE); + memcpy(buffer_, that.buffer_, BLOCK_SIZE); +} + + +#ifdef WORD64_AVAILABLE + +SHA512::SHA512(const SHA512& that) : HASH64withTransform(DIGEST_SIZE / + sizeof(word64), BLOCK_SIZE) +{ + buffLen_ = that.buffLen_; + loLen_ = that.loLen_; + hiLen_ = that.hiLen_; + + memcpy(digest_, that.digest_, DIGEST_SIZE); + memcpy(buffer_, that.buffer_, BLOCK_SIZE); +} + + +SHA384::SHA384(const SHA384& that) : HASH64withTransform(SHA512::DIGEST_SIZE / + sizeof(word64), BLOCK_SIZE) +{ + buffLen_ = that.buffLen_; + loLen_ = that.loLen_; + hiLen_ = that.hiLen_; + + memcpy(digest_, that.digest_, DIGEST_SIZE); + memcpy(buffer_, that.buffer_, BLOCK_SIZE); +} + +#endif // WORD64_AVAILABLE + + +SHA& SHA::operator= (const SHA& that) +{ + SHA tmp(that); + Swap(tmp); + + return *this; +} + + +SHA256& SHA256::operator= (const SHA256& that) +{ + SHA256 tmp(that); + Swap(tmp); + + return *this; +} + + +SHA224& SHA224::operator= (const SHA224& that) +{ + SHA224 tmp(that); + Swap(tmp); + + return *this; +} + + +#ifdef WORD64_AVAILABLE + +SHA512& SHA512::operator= (const SHA512& that) +{ + SHA512 tmp(that); + Swap(tmp); + + return *this; +} + + +SHA384& SHA384::operator= (const SHA384& that) +{ + SHA384 tmp(that); + Swap(tmp); + + return *this; +} + +#endif // WORD64_AVAILABLE + + +void SHA::Swap(SHA& other) +{ + STL::swap(loLen_, other.loLen_); + STL::swap(hiLen_, other.hiLen_); + STL::swap(buffLen_, other.buffLen_); + + memcpy(digest_, other.digest_, DIGEST_SIZE); + memcpy(buffer_, other.buffer_, BLOCK_SIZE); +} + + +void SHA256::Swap(SHA256& other) +{ + STL::swap(loLen_, other.loLen_); + STL::swap(hiLen_, other.hiLen_); + STL::swap(buffLen_, other.buffLen_); + + memcpy(digest_, other.digest_, DIGEST_SIZE); + memcpy(buffer_, other.buffer_, BLOCK_SIZE); +} + + +void SHA224::Swap(SHA224& other) +{ + STL::swap(loLen_, other.loLen_); + STL::swap(hiLen_, other.hiLen_); + STL::swap(buffLen_, other.buffLen_); + + memcpy(digest_, other.digest_, DIGEST_SIZE); + memcpy(buffer_, other.buffer_, BLOCK_SIZE); +} + + +#ifdef WORD64_AVAILABLE + +void SHA512::Swap(SHA512& other) +{ + STL::swap(loLen_, other.loLen_); + STL::swap(hiLen_, other.hiLen_); + STL::swap(buffLen_, other.buffLen_); + + memcpy(digest_, other.digest_, DIGEST_SIZE); + memcpy(buffer_, other.buffer_, BLOCK_SIZE); +} + + +void SHA384::Swap(SHA384& other) +{ + STL::swap(loLen_, other.loLen_); + STL::swap(hiLen_, other.hiLen_); + STL::swap(buffLen_, other.buffLen_); + + memcpy(digest_, other.digest_, DIGEST_SIZE); + memcpy(buffer_, other.buffer_, BLOCK_SIZE); +} + +#endif // WORD64_AVIALABLE + + +#ifdef DO_SHA_ASM + +// Update digest with data of size len +void SHA::Update(const byte* data, word32 len) +{ + if (!isMMX) { + HASHwithTransform::Update(data, len); + return; + } + + byte* local = reinterpret_cast(buffer_); + + // remove buffered data if possible + if (buffLen_) { + word32 add = min(len, BLOCK_SIZE - buffLen_); + memcpy(&local[buffLen_], data, add); + + buffLen_ += add; + data += add; + len -= add; + + if (buffLen_ == BLOCK_SIZE) { + ByteReverse(local, local, BLOCK_SIZE); + Transform(); + AddLength(BLOCK_SIZE); + buffLen_ = 0; + } + } + + // all at once for asm + if (buffLen_ == 0) { + word32 times = len / BLOCK_SIZE; + if (times) { + AsmTransform(data, times); + const word32 add = BLOCK_SIZE * times; + AddLength(add); + len -= add; + data += add; + } + } + + // cache any data left + if (len) { + memcpy(&local[buffLen_], data, len); + buffLen_ += len; + } +} + +#endif // DO_SHA_ASM + + +void SHA::Transform() +{ + word32 W[BLOCK_SIZE / sizeof(word32)]; + + // Copy context->state[] to working vars + word32 a = digest_[0]; + word32 b = digest_[1]; + word32 c = digest_[2]; + word32 d = digest_[3]; + word32 e = digest_[4]; + + // 4 rounds of 20 operations each. Loop unrolled. + R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3); + R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7); + R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11); + R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15); + + R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19); + + R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23); + R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27); + R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31); + R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35); + R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39); + + R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43); + R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47); + R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51); + R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55); + R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59); + + R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63); + R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67); + R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71); + R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75); + R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79); + + // Add the working vars back into digest state[] + digest_[0] += a; + digest_[1] += b; + digest_[2] += c; + digest_[3] += d; + digest_[4] += e; + + // Wipe variables + a = b = c = d = e = 0; + memset(W, 0, sizeof(W)); +} + + +#define blk2(i) (W[i&15]+=s1(W[(i-2)&15])+W[(i-7)&15]+s0(W[(i-15)&15])) + +#define Ch(x,y,z) (z^(x&(y^z))) +#define Maj(x,y,z) ((x&y)|(z&(x|y))) + +#define a(i) T[(0-i)&7] +#define b(i) T[(1-i)&7] +#define c(i) T[(2-i)&7] +#define d(i) T[(3-i)&7] +#define e(i) T[(4-i)&7] +#define f(i) T[(5-i)&7] +#define g(i) T[(6-i)&7] +#define h(i) T[(7-i)&7] + +#define R(i) h(i)+=S1(e(i))+Ch(e(i),f(i),g(i))+K[i+j]+(j?blk2(i):blk0(i));\ + d(i)+=h(i);h(i)+=S0(a(i))+Maj(a(i),b(i),c(i)) + +// for SHA256 +#define S0(x) (rotrFixed(x,2)^rotrFixed(x,13)^rotrFixed(x,22)) +#define S1(x) (rotrFixed(x,6)^rotrFixed(x,11)^rotrFixed(x,25)) +#define s0(x) (rotrFixed(x,7)^rotrFixed(x,18)^(x>>3)) +#define s1(x) (rotrFixed(x,17)^rotrFixed(x,19)^(x>>10)) + + +static const word32 K256[64] = { + 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, + 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, + 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, + 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, + 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, + 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, + 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, + 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, + 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, + 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, + 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, + 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, + 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, + 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, + 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, + 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 +}; + + +static void Transform256(word32* digest_, word32* buffer_) +{ + const word32* K = K256; + + word32 W[16]; + word32 T[8]; + + // Copy digest to working vars + memcpy(T, digest_, sizeof(T)); + + // 64 operations, partially loop unrolled + for (unsigned int j = 0; j < 64; j += 16) { + R( 0); R( 1); R( 2); R( 3); + R( 4); R( 5); R( 6); R( 7); + R( 8); R( 9); R(10); R(11); + R(12); R(13); R(14); R(15); + } + + // Add the working vars back into digest + digest_[0] += a(0); + digest_[1] += b(0); + digest_[2] += c(0); + digest_[3] += d(0); + digest_[4] += e(0); + digest_[5] += f(0); + digest_[6] += g(0); + digest_[7] += h(0); + + // Wipe variables + memset(W, 0, sizeof(W)); + memset(T, 0, sizeof(T)); +} + + +// undef for 256 +#undef S0 +#undef S1 +#undef s0 +#undef s1 + + +void SHA256::Transform() +{ + Transform256(digest_, buffer_); +} + + +void SHA224::Transform() +{ + Transform256(digest_, buffer_); +} + + +#ifdef WORD64_AVAILABLE + +static const word64 K512[80] = { + W64LIT(0x428a2f98d728ae22), W64LIT(0x7137449123ef65cd), + W64LIT(0xb5c0fbcfec4d3b2f), W64LIT(0xe9b5dba58189dbbc), + W64LIT(0x3956c25bf348b538), W64LIT(0x59f111f1b605d019), + W64LIT(0x923f82a4af194f9b), W64LIT(0xab1c5ed5da6d8118), + W64LIT(0xd807aa98a3030242), W64LIT(0x12835b0145706fbe), + W64LIT(0x243185be4ee4b28c), W64LIT(0x550c7dc3d5ffb4e2), + W64LIT(0x72be5d74f27b896f), W64LIT(0x80deb1fe3b1696b1), + W64LIT(0x9bdc06a725c71235), W64LIT(0xc19bf174cf692694), + W64LIT(0xe49b69c19ef14ad2), W64LIT(0xefbe4786384f25e3), + W64LIT(0x0fc19dc68b8cd5b5), W64LIT(0x240ca1cc77ac9c65), + W64LIT(0x2de92c6f592b0275), W64LIT(0x4a7484aa6ea6e483), + W64LIT(0x5cb0a9dcbd41fbd4), W64LIT(0x76f988da831153b5), + W64LIT(0x983e5152ee66dfab), W64LIT(0xa831c66d2db43210), + W64LIT(0xb00327c898fb213f), W64LIT(0xbf597fc7beef0ee4), + W64LIT(0xc6e00bf33da88fc2), W64LIT(0xd5a79147930aa725), + W64LIT(0x06ca6351e003826f), W64LIT(0x142929670a0e6e70), + W64LIT(0x27b70a8546d22ffc), W64LIT(0x2e1b21385c26c926), + W64LIT(0x4d2c6dfc5ac42aed), W64LIT(0x53380d139d95b3df), + W64LIT(0x650a73548baf63de), W64LIT(0x766a0abb3c77b2a8), + W64LIT(0x81c2c92e47edaee6), W64LIT(0x92722c851482353b), + W64LIT(0xa2bfe8a14cf10364), W64LIT(0xa81a664bbc423001), + W64LIT(0xc24b8b70d0f89791), W64LIT(0xc76c51a30654be30), + W64LIT(0xd192e819d6ef5218), W64LIT(0xd69906245565a910), + W64LIT(0xf40e35855771202a), W64LIT(0x106aa07032bbd1b8), + W64LIT(0x19a4c116b8d2d0c8), W64LIT(0x1e376c085141ab53), + W64LIT(0x2748774cdf8eeb99), W64LIT(0x34b0bcb5e19b48a8), + W64LIT(0x391c0cb3c5c95a63), W64LIT(0x4ed8aa4ae3418acb), + W64LIT(0x5b9cca4f7763e373), W64LIT(0x682e6ff3d6b2b8a3), + W64LIT(0x748f82ee5defb2fc), W64LIT(0x78a5636f43172f60), + W64LIT(0x84c87814a1f0ab72), W64LIT(0x8cc702081a6439ec), + W64LIT(0x90befffa23631e28), W64LIT(0xa4506cebde82bde9), + W64LIT(0xbef9a3f7b2c67915), W64LIT(0xc67178f2e372532b), + W64LIT(0xca273eceea26619c), W64LIT(0xd186b8c721c0c207), + W64LIT(0xeada7dd6cde0eb1e), W64LIT(0xf57d4f7fee6ed178), + W64LIT(0x06f067aa72176fba), W64LIT(0x0a637dc5a2c898a6), + W64LIT(0x113f9804bef90dae), W64LIT(0x1b710b35131c471b), + W64LIT(0x28db77f523047d84), W64LIT(0x32caab7b40c72493), + W64LIT(0x3c9ebe0a15c9bebc), W64LIT(0x431d67c49c100d4c), + W64LIT(0x4cc5d4becb3e42b6), W64LIT(0x597f299cfc657e2a), + W64LIT(0x5fcb6fab3ad6faec), W64LIT(0x6c44198c4a475817) +}; + + +// for SHA512 +#define S0(x) (rotrFixed(x,28)^rotrFixed(x,34)^rotrFixed(x,39)) +#define S1(x) (rotrFixed(x,14)^rotrFixed(x,18)^rotrFixed(x,41)) +#define s0(x) (rotrFixed(x,1)^rotrFixed(x,8)^(x>>7)) +#define s1(x) (rotrFixed(x,19)^rotrFixed(x,61)^(x>>6)) + + +static void Transform512(word64* digest_, word64* buffer_) +{ + const word64* K = K512; + + word64 W[16]; + word64 T[8]; + + // Copy digest to working vars + memcpy(T, digest_, sizeof(T)); + + // 64 operations, partially loop unrolled + for (unsigned int j = 0; j < 80; j += 16) { + R( 0); R( 1); R( 2); R( 3); + R( 4); R( 5); R( 6); R( 7); + R( 8); R( 9); R(10); R(11); + R(12); R(13); R(14); R(15); + } + + // Add the working vars back into digest + + digest_[0] += a(0); + digest_[1] += b(0); + digest_[2] += c(0); + digest_[3] += d(0); + digest_[4] += e(0); + digest_[5] += f(0); + digest_[6] += g(0); + digest_[7] += h(0); + + // Wipe variables + memset(W, 0, sizeof(W)); + memset(T, 0, sizeof(T)); +} + + +void SHA512::Transform() +{ + Transform512(digest_, buffer_); +} + + +void SHA384::Transform() +{ + Transform512(digest_, buffer_); +} + +#endif // WORD64_AVIALABLE + + +#ifdef DO_SHA_ASM + +// f1(x,y,z) (z^(x &(y^z))) +// place in esi +#define ASMf1(x,y,z) \ + AS2( mov esi, y ) \ + AS2( xor esi, z ) \ + AS2( and esi, x ) \ + AS2( xor esi, z ) + + +// R0(v,w,x,y,z,i) = +// z+= f1(w,x,y) + W[i] + 0x5A827999 + rotlFixed(v,5); +// w = rotlFixed(w,30); + +// use esi for f +// use edi as tmp + + +#define ASMR0(v,w,x,y,z,i) \ + AS2( mov esi, x ) \ + AS2( mov edi, [esp + i * 4] ) \ + AS2( xor esi, y ) \ + AS2( and esi, w ) \ + AS2( lea z, [edi + z + 0x5A827999] ) \ + AS2( mov edi, v ) \ + AS2( xor esi, y ) \ + AS2( rol edi, 5 ) \ + AS2( add z, esi ) \ + AS2( rol w, 30 ) \ + AS2( add z, edi ) + + +/* Some macro stuff, but older gas ( < 2,16 ) can't process &, so do by hand + % won't work on gas at all + +#define xstr(s) str(s) +#define str(s) #s + +#define WOFF1(a) ( a & 15) +#define WOFF2(a) ((a + 2) & 15) +#define WOFF3(a) ((a + 8) & 15) +#define WOFF4(a) ((a + 13) & 15) + +#ifdef __GNUC__ + #define WGET1(i) asm("mov esp, [edi - "xstr(WOFF1(i))" * 4] "); + #define WGET2(i) asm("xor esp, [edi - "xstr(WOFF2(i))" * 4] "); + #define WGET3(i) asm("xor esp, [edi - "xstr(WOFF3(i))" * 4] "); + #define WGET4(i) asm("xor esp, [edi - "xstr(WOFF4(i))" * 4] "); + #define WPUT1(i) asm("mov [edi - "xstr(WOFF1(i))" * 4], esp "); +#else + #define WGET1(i) AS2( mov esp, [edi - WOFF1(i) * 4] ) + #define WGET2(i) AS2( xor esp, [edi - WOFF2(i) * 4] ) + #define WGET3(i) AS2( xor esp, [edi - WOFF3(i) * 4] ) + #define WGET4(i) AS2( xor esp, [edi - WOFF4(i) * 4] ) + #define WPUT1(i) AS2( mov [edi - WOFF1(i) * 4], esp ) +#endif +*/ + +// ASMR1 = ASMR0 but use esp for W calcs + +#define ASMR1(v,w,x,y,z,i,W1,W2,W3,W4) \ + AS2( mov edi, [esp + W1 * 4] ) \ + AS2( mov esi, x ) \ + AS2( xor edi, [esp + W2 * 4] ) \ + AS2( xor esi, y ) \ + AS2( xor edi, [esp + W3 * 4] ) \ + AS2( and esi, w ) \ + AS2( xor edi, [esp + W4 * 4] ) \ + AS2( rol edi, 1 ) \ + AS2( xor esi, y ) \ + AS2( mov [esp + W1 * 4], edi ) \ + AS2( lea z, [edi + z + 0x5A827999] ) \ + AS2( mov edi, v ) \ + AS2( rol edi, 5 ) \ + AS2( add z, esi ) \ + AS2( rol w, 30 ) \ + AS2( add z, edi ) + + +// ASMR2 = ASMR1 but f is xor, xor instead + +#define ASMR2(v,w,x,y,z,i,W1,W2,W3,W4) \ + AS2( mov edi, [esp + W1 * 4] ) \ + AS2( mov esi, x ) \ + AS2( xor edi, [esp + W2 * 4] ) \ + AS2( xor esi, y ) \ + AS2( xor edi, [esp + W3 * 4] ) \ + AS2( xor esi, w ) \ + AS2( xor edi, [esp + W4 * 4] ) \ + AS2( rol edi, 1 ) \ + AS2( add z, esi ) \ + AS2( mov [esp + W1 * 4], edi ) \ + AS2( lea z, [edi + z + 0x6ED9EBA1] ) \ + AS2( mov edi, v ) \ + AS2( rol edi, 5 ) \ + AS2( rol w, 30 ) \ + AS2( add z, edi ) + + +// ASMR3 = ASMR2 but f is (x&y)|(z&(x|y)) +// which is (w&x)|(y&(w|x)) + +#define ASMR3(v,w,x,y,z,i,W1,W2,W3,W4) \ + AS2( mov edi, [esp + W1 * 4] ) \ + AS2( mov esi, x ) \ + AS2( xor edi, [esp + W2 * 4] ) \ + AS2( or esi, w ) \ + AS2( xor edi, [esp + W3 * 4] ) \ + AS2( and esi, y ) \ + AS2( xor edi, [esp + W4 * 4] ) \ + AS2( movd mm0, esi ) \ + AS2( rol edi, 1 ) \ + AS2( mov esi, x ) \ + AS2( mov [esp + W1 * 4], edi ) \ + AS2( and esi, w ) \ + AS2( lea z, [edi + z + 0x8F1BBCDC] ) \ + AS2( movd edi, mm0 ) \ + AS2( or esi, edi ) \ + AS2( mov edi, v ) \ + AS2( rol edi, 5 ) \ + AS2( add z, esi ) \ + AS2( rol w, 30 ) \ + AS2( add z, edi ) + + +// ASMR4 = ASMR2 but different constant + +#define ASMR4(v,w,x,y,z,i,W1,W2,W3,W4) \ + AS2( mov edi, [esp + W1 * 4] ) \ + AS2( mov esi, x ) \ + AS2( xor edi, [esp + W2 * 4] ) \ + AS2( xor esi, y ) \ + AS2( xor edi, [esp + W3 * 4] ) \ + AS2( xor esi, w ) \ + AS2( xor edi, [esp + W4 * 4] ) \ + AS2( rol edi, 1 ) \ + AS2( add z, esi ) \ + AS2( mov [esp + W1 * 4], edi ) \ + AS2( lea z, [edi + z + 0xCA62C1D6] ) \ + AS2( mov edi, v ) \ + AS2( rol edi, 5 ) \ + AS2( rol w, 30 ) \ + AS2( add z, edi ) + + +#ifdef _MSC_VER + __declspec(naked) +#else + __attribute__ ((noinline)) +#endif +void SHA::AsmTransform(const byte* data, word32 times) +{ +#ifdef __GNUC__ + #define AS1(x) #x ";" + #define AS2(x, y) #x ", " #y ";" + + #define PROLOG() \ + __asm__ __volatile__ \ + ( \ + ".intel_syntax noprefix;" \ + "push ebx;" \ + "push ebp;" + #define EPILOG() \ + "pop ebp;" \ + "pop ebx;" \ + "emms;" \ + ".att_syntax;" \ + : \ + : "c" (this), "D" (data), "a" (times) \ + : "%esi", "%edx", "memory", "cc" \ + ); + +#else + #define AS1(x) __asm x + #define AS2(x, y) __asm x, y + + #define PROLOG() \ + AS1( push ebp ) \ + AS2( mov ebp, esp ) \ + AS2( movd mm3, edi ) \ + AS2( movd mm4, ebx ) \ + AS2( movd mm5, esi ) \ + AS2( movd mm6, ebp ) \ + AS2( mov edi, data ) \ + AS2( mov eax, times ) + + #define EPILOG() \ + AS2( movd ebp, mm6 ) \ + AS2( movd esi, mm5 ) \ + AS2( movd ebx, mm4 ) \ + AS2( movd edi, mm3 ) \ + AS2( mov esp, ebp ) \ + AS1( pop ebp ) \ + AS1( emms ) \ + AS1( ret 8 ) +#endif + + PROLOG() + + AS2( mov esi, ecx ) + + #ifdef OLD_GCC_OFFSET + AS2( add esi, 20 ) // digest_[0] + #else + AS2( add esi, 16 ) // digest_[0] + #endif + + AS2( movd mm2, eax ) // store times_ + AS2( movd mm1, esi ) // store digest_ + + AS2( sub esp, 68 ) // make room on stack + +#ifdef _MSC_VER + AS1( loopStart: ) // loopStart +#else + AS1( 0: ) // loopStart for some gas (need numeric for jump back +#endif + + // byte reverse 16 words of input, 4 at a time, put on stack for W[] + + // part 1 + AS2( mov eax, [edi] ) + AS2( mov ebx, [edi + 4] ) + AS2( mov ecx, [edi + 8] ) + AS2( mov edx, [edi + 12] ) + + AS1( bswap eax ) + AS1( bswap ebx ) + AS1( bswap ecx ) + AS1( bswap edx ) + + AS2( mov [esp], eax ) + AS2( mov [esp + 4], ebx ) + AS2( mov [esp + 8], ecx ) + AS2( mov [esp + 12], edx ) + + // part 2 + AS2( mov eax, [edi + 16] ) + AS2( mov ebx, [edi + 20] ) + AS2( mov ecx, [edi + 24] ) + AS2( mov edx, [edi + 28] ) + + AS1( bswap eax ) + AS1( bswap ebx ) + AS1( bswap ecx ) + AS1( bswap edx ) + + AS2( mov [esp + 16], eax ) + AS2( mov [esp + 20], ebx ) + AS2( mov [esp + 24], ecx ) + AS2( mov [esp + 28], edx ) + + + // part 3 + AS2( mov eax, [edi + 32] ) + AS2( mov ebx, [edi + 36] ) + AS2( mov ecx, [edi + 40] ) + AS2( mov edx, [edi + 44] ) + + AS1( bswap eax ) + AS1( bswap ebx ) + AS1( bswap ecx ) + AS1( bswap edx ) + + AS2( mov [esp + 32], eax ) + AS2( mov [esp + 36], ebx ) + AS2( mov [esp + 40], ecx ) + AS2( mov [esp + 44], edx ) + + + // part 4 + AS2( mov eax, [edi + 48] ) + AS2( mov ebx, [edi + 52] ) + AS2( mov ecx, [edi + 56] ) + AS2( mov edx, [edi + 60] ) + + AS1( bswap eax ) + AS1( bswap ebx ) + AS1( bswap ecx ) + AS1( bswap edx ) + + AS2( mov [esp + 48], eax ) + AS2( mov [esp + 52], ebx ) + AS2( mov [esp + 56], ecx ) + AS2( mov [esp + 60], edx ) + + AS2( mov [esp + 64], edi ) // store edi for end + + // read from digest_ + AS2( mov eax, [esi] ) // a1 + AS2( mov ebx, [esi + 4] ) // b1 + AS2( mov ecx, [esi + 8] ) // c1 + AS2( mov edx, [esi + 12] ) // d1 + AS2( mov ebp, [esi + 16] ) // e1 + + + ASMR0(eax, ebx, ecx, edx, ebp, 0) + ASMR0(ebp, eax, ebx, ecx, edx, 1) + ASMR0(edx, ebp, eax, ebx, ecx, 2) + ASMR0(ecx, edx, ebp, eax, ebx, 3) + ASMR0(ebx, ecx, edx, ebp, eax, 4) + ASMR0(eax, ebx, ecx, edx, ebp, 5) + ASMR0(ebp, eax, ebx, ecx, edx, 6) + ASMR0(edx, ebp, eax, ebx, ecx, 7) + ASMR0(ecx, edx, ebp, eax, ebx, 8) + ASMR0(ebx, ecx, edx, ebp, eax, 9) + ASMR0(eax, ebx, ecx, edx, ebp, 10) + ASMR0(ebp, eax, ebx, ecx, edx, 11) + ASMR0(edx, ebp, eax, ebx, ecx, 12) + ASMR0(ecx, edx, ebp, eax, ebx, 13) + ASMR0(ebx, ecx, edx, ebp, eax, 14) + ASMR0(eax, ebx, ecx, edx, ebp, 15) + + ASMR1(ebp, eax, ebx, ecx, edx, 16, 0, 2, 8, 13) + ASMR1(edx, ebp, eax, ebx, ecx, 17, 1, 3, 9, 14) + ASMR1(ecx, edx, ebp, eax, ebx, 18, 2, 4, 10, 15) + ASMR1(ebx, ecx, edx, ebp, eax, 19, 3, 5, 11, 0) + + ASMR2(eax, ebx, ecx, edx, ebp, 20, 4, 6, 12, 1) + ASMR2(ebp, eax, ebx, ecx, edx, 21, 5, 7, 13, 2) + ASMR2(edx, ebp, eax, ebx, ecx, 22, 6, 8, 14, 3) + ASMR2(ecx, edx, ebp, eax, ebx, 23, 7, 9, 15, 4) + ASMR2(ebx, ecx, edx, ebp, eax, 24, 8, 10, 0, 5) + ASMR2(eax, ebx, ecx, edx, ebp, 25, 9, 11, 1, 6) + ASMR2(ebp, eax, ebx, ecx, edx, 26, 10, 12, 2, 7) + ASMR2(edx, ebp, eax, ebx, ecx, 27, 11, 13, 3, 8) + ASMR2(ecx, edx, ebp, eax, ebx, 28, 12, 14, 4, 9) + ASMR2(ebx, ecx, edx, ebp, eax, 29, 13, 15, 5, 10) + ASMR2(eax, ebx, ecx, edx, ebp, 30, 14, 0, 6, 11) + ASMR2(ebp, eax, ebx, ecx, edx, 31, 15, 1, 7, 12) + ASMR2(edx, ebp, eax, ebx, ecx, 32, 0, 2, 8, 13) + ASMR2(ecx, edx, ebp, eax, ebx, 33, 1, 3, 9, 14) + ASMR2(ebx, ecx, edx, ebp, eax, 34, 2, 4, 10, 15) + ASMR2(eax, ebx, ecx, edx, ebp, 35, 3, 5, 11, 0) + ASMR2(ebp, eax, ebx, ecx, edx, 36, 4, 6, 12, 1) + ASMR2(edx, ebp, eax, ebx, ecx, 37, 5, 7, 13, 2) + ASMR2(ecx, edx, ebp, eax, ebx, 38, 6, 8, 14, 3) + ASMR2(ebx, ecx, edx, ebp, eax, 39, 7, 9, 15, 4) + + + ASMR3(eax, ebx, ecx, edx, ebp, 40, 8, 10, 0, 5) + ASMR3(ebp, eax, ebx, ecx, edx, 41, 9, 11, 1, 6) + ASMR3(edx, ebp, eax, ebx, ecx, 42, 10, 12, 2, 7) + ASMR3(ecx, edx, ebp, eax, ebx, 43, 11, 13, 3, 8) + ASMR3(ebx, ecx, edx, ebp, eax, 44, 12, 14, 4, 9) + ASMR3(eax, ebx, ecx, edx, ebp, 45, 13, 15, 5, 10) + ASMR3(ebp, eax, ebx, ecx, edx, 46, 14, 0, 6, 11) + ASMR3(edx, ebp, eax, ebx, ecx, 47, 15, 1, 7, 12) + ASMR3(ecx, edx, ebp, eax, ebx, 48, 0, 2, 8, 13) + ASMR3(ebx, ecx, edx, ebp, eax, 49, 1, 3, 9, 14) + ASMR3(eax, ebx, ecx, edx, ebp, 50, 2, 4, 10, 15) + ASMR3(ebp, eax, ebx, ecx, edx, 51, 3, 5, 11, 0) + ASMR3(edx, ebp, eax, ebx, ecx, 52, 4, 6, 12, 1) + ASMR3(ecx, edx, ebp, eax, ebx, 53, 5, 7, 13, 2) + ASMR3(ebx, ecx, edx, ebp, eax, 54, 6, 8, 14, 3) + ASMR3(eax, ebx, ecx, edx, ebp, 55, 7, 9, 15, 4) + ASMR3(ebp, eax, ebx, ecx, edx, 56, 8, 10, 0, 5) + ASMR3(edx, ebp, eax, ebx, ecx, 57, 9, 11, 1, 6) + ASMR3(ecx, edx, ebp, eax, ebx, 58, 10, 12, 2, 7) + ASMR3(ebx, ecx, edx, ebp, eax, 59, 11, 13, 3, 8) + + ASMR4(eax, ebx, ecx, edx, ebp, 60, 12, 14, 4, 9) + ASMR4(ebp, eax, ebx, ecx, edx, 61, 13, 15, 5, 10) + ASMR4(edx, ebp, eax, ebx, ecx, 62, 14, 0, 6, 11) + ASMR4(ecx, edx, ebp, eax, ebx, 63, 15, 1, 7, 12) + ASMR4(ebx, ecx, edx, ebp, eax, 64, 0, 2, 8, 13) + ASMR4(eax, ebx, ecx, edx, ebp, 65, 1, 3, 9, 14) + ASMR4(ebp, eax, ebx, ecx, edx, 66, 2, 4, 10, 15) + ASMR4(edx, ebp, eax, ebx, ecx, 67, 3, 5, 11, 0) + ASMR4(ecx, edx, ebp, eax, ebx, 68, 4, 6, 12, 1) + ASMR4(ebx, ecx, edx, ebp, eax, 69, 5, 7, 13, 2) + ASMR4(eax, ebx, ecx, edx, ebp, 70, 6, 8, 14, 3) + ASMR4(ebp, eax, ebx, ecx, edx, 71, 7, 9, 15, 4) + ASMR4(edx, ebp, eax, ebx, ecx, 72, 8, 10, 0, 5) + ASMR4(ecx, edx, ebp, eax, ebx, 73, 9, 11, 1, 6) + ASMR4(ebx, ecx, edx, ebp, eax, 74, 10, 12, 2, 7) + ASMR4(eax, ebx, ecx, edx, ebp, 75, 11, 13, 3, 8) + ASMR4(ebp, eax, ebx, ecx, edx, 76, 12, 14, 4, 9) + ASMR4(edx, ebp, eax, ebx, ecx, 77, 13, 15, 5, 10) + ASMR4(ecx, edx, ebp, eax, ebx, 78, 14, 0, 6, 11) + ASMR4(ebx, ecx, edx, ebp, eax, 79, 15, 1, 7, 12) + + + AS2( movd esi, mm1 ) // digest_ + + AS2( add [esi], eax ) // write out + AS2( add [esi + 4], ebx ) + AS2( add [esi + 8], ecx ) + AS2( add [esi + 12], edx ) + AS2( add [esi + 16], ebp ) + + // setup next round + AS2( movd ebp, mm2 ) // times + + AS2( mov edi, DWORD PTR [esp + 64] ) // data + + AS2( add edi, 64 ) // next round of data + AS2( mov [esp + 64], edi ) // restore + + AS1( dec ebp ) + AS2( movd mm2, ebp ) +#ifdef _MSC_VER + AS1( jnz loopStart ) // loopStart +#else + AS1( jnz 0b ) // loopStart +#endif + + // inline adjust + AS2( add esp, 68 ) // fix room on stack + + EPILOG() +} + + +#endif // DO_SHA_ASM + +} // namespace -- cgit v1.1