Denys Vlasenko | 11d0096 | 2017-01-15 00:12:42 +0100 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2017 Denys Vlasenko |
| 3 | * |
| 4 | * Licensed under GPLv2, see file LICENSE in this source tree. |
| 5 | */ |
Denys Vlasenko | b7e9ae6 | 2017-01-18 17:20:27 +0100 | [diff] [blame] | 6 | /* Interface glue between bbox code and minimally tweaked matrixssl |
| 7 | * code. All C files (matrixssl and bbox (ones which need TLS)) |
| 8 | * include this file, and guaranteed to see a consistent API, |
| 9 | * defines, types, etc. |
| 10 | */ |
Denys Vlasenko | 11d0096 | 2017-01-15 00:12:42 +0100 | [diff] [blame] | 11 | #include "libbb.h" |
| 12 | |
Denys Vlasenko | b7e9ae6 | 2017-01-18 17:20:27 +0100 | [diff] [blame] | 13 | |
| 14 | /* Config tweaks */ |
| 15 | #define HAVE_NATIVE_INT64 |
Denys Vlasenko | 11d0096 | 2017-01-15 00:12:42 +0100 | [diff] [blame] | 16 | #undef USE_1024_KEY_SPEED_OPTIMIZATIONS |
| 17 | #undef USE_2048_KEY_SPEED_OPTIMIZATIONS |
Denys Vlasenko | b7e9ae6 | 2017-01-18 17:20:27 +0100 | [diff] [blame] | 18 | #define USE_AES |
| 19 | #undef USE_AES_CBC_EXTERNAL |
| 20 | #undef USE_AES_CCM |
| 21 | #undef USE_AES_GCM |
| 22 | #undef USE_3DES |
| 23 | #undef USE_ARC4 |
| 24 | #undef USE_IDEA |
| 25 | #undef USE_RC2 |
| 26 | #undef USE_SEED |
| 27 | /* pstm: multiprecision numbers */ |
| 28 | #undef DISABLE_PSTM |
Denys Vlasenko | 79376ec | 2017-07-15 17:13:08 +0200 | [diff] [blame] | 29 | #if defined(__GNUC__) && defined(__i386__) |
Denys Vlasenko | 432f1ae | 2017-01-19 16:32:38 +0100 | [diff] [blame] | 30 | /* PSTM_X86 works correctly. +25 bytes. */ |
Denys Vlasenko | b7e9ae6 | 2017-01-18 17:20:27 +0100 | [diff] [blame] | 31 | # define PSTM_32BIT |
| 32 | # define PSTM_X86 |
| 33 | #endif |
Denys Vlasenko | b7e9ae6 | 2017-01-18 17:20:27 +0100 | [diff] [blame] | 34 | //#if defined(__GNUC__) && defined(__x86_64__) |
Denys Vlasenko | 432f1ae | 2017-01-19 16:32:38 +0100 | [diff] [blame] | 35 | // /* PSTM_X86_64 works correctly, but +782 bytes. */ |
| 36 | // /* Looks like most of the growth is because of PSTM_64BIT. */ |
Denys Vlasenko | b7e9ae6 | 2017-01-18 17:20:27 +0100 | [diff] [blame] | 37 | //# define PSTM_64BIT |
| 38 | //# define PSTM_X86_64 |
| 39 | //#endif |
| 40 | //#if SOME_COND #define PSTM_MIPS, #define PSTM_32BIT |
| 41 | //#if SOME_COND #define PSTM_ARM, #define PSTM_32BIT |
Denys Vlasenko | 11d0096 | 2017-01-15 00:12:42 +0100 | [diff] [blame] | 42 | |
| 43 | |
| 44 | #define PS_SUCCESS 0 |
| 45 | #define PS_FAILURE -1 |
| 46 | #define PS_ARG_FAIL -6 /* Failure due to bad function param */ |
| 47 | #define PS_PLATFORM_FAIL -7 /* Failure as a result of system call error */ |
| 48 | #define PS_MEM_FAIL -8 /* Failure to allocate requested memory */ |
| 49 | #define PS_LIMIT_FAIL -9 /* Failure on sanity/limit tests */ |
| 50 | |
| 51 | #define PS_TRUE 1 |
| 52 | #define PS_FALSE 0 |
| 53 | |
| 54 | #if BB_BIG_ENDIAN |
| 55 | # define ENDIAN_BIG 1 |
| 56 | # undef ENDIAN_LITTLE |
| 57 | //#???? ENDIAN_32BITWORD |
| 58 | // controls only STORE32L, which we don't use |
| 59 | #else |
| 60 | # define ENDIAN_LITTLE 1 |
| 61 | # undef ENDIAN_BIG |
| 62 | #endif |
| 63 | |
| 64 | typedef uint64_t uint64; |
| 65 | typedef int64_t int64; |
| 66 | typedef uint32_t uint32; |
| 67 | typedef int32_t int32; |
| 68 | typedef uint16_t uint16; |
| 69 | typedef int16_t int16; |
| 70 | |
Denys Vlasenko | 6b1b004 | 2017-01-19 15:51:00 +0100 | [diff] [blame] | 71 | //typedef char psPool_t; |
Denys Vlasenko | 11d0096 | 2017-01-15 00:12:42 +0100 | [diff] [blame] | 72 | |
| 73 | //#ifdef PS_PUBKEY_OPTIMIZE_FOR_SMALLER_RAM |
| 74 | #define PS_EXPTMOD_WINSIZE 3 |
| 75 | //#ifdef PS_PUBKEY_OPTIMIZE_FOR_FASTER_SPEED |
| 76 | //#define PS_EXPTMOD_WINSIZE 5 |
| 77 | |
| 78 | #define PUBKEY_TYPE 0x01 |
| 79 | #define PRIVKEY_TYPE 0x02 |
| 80 | |
Denys Vlasenko | 83e5c62 | 2018-11-23 17:21:38 +0100 | [diff] [blame] | 81 | #define AES_BLOCK_SIZE 16 |
| 82 | |
Denys Vlasenko | 624066f | 2018-11-23 19:24:57 +0100 | [diff] [blame] | 83 | void tls_get_random(void *buf, unsigned len) FAST_FUNC; |
Denys Vlasenko | 03569bc | 2018-11-24 14:08:29 +0100 | [diff] [blame] | 84 | |
Denys Vlasenko | 941440c | 2018-11-24 13:51:46 +0100 | [diff] [blame] | 85 | void xorbuf(void* buf, const void* mask, unsigned count) FAST_FUNC; |
Denys Vlasenko | 11d0096 | 2017-01-15 00:12:42 +0100 | [diff] [blame] | 86 | |
Denys Vlasenko | 03569bc | 2018-11-24 14:08:29 +0100 | [diff] [blame] | 87 | #define ALIGNED_long ALIGNED(sizeof(long)) |
| 88 | void xorbuf_aligned_AES_BLOCK_SIZE(void* buf, const void* mask) FAST_FUNC; |
| 89 | |
Denys Vlasenko | 11d0096 | 2017-01-15 00:12:42 +0100 | [diff] [blame] | 90 | #define matrixCryptoGetPrngData(buf, len, userPtr) (tls_get_random(buf, len), PS_SUCCESS) |
| 91 | |
| 92 | #define psFree(p, pool) free(p) |
James Byrne | 6937487 | 2019-07-02 11:35:03 +0200 | [diff] [blame] | 93 | #define psTraceCrypto(msg) bb_simple_error_msg_and_die(msg) |
Denys Vlasenko | 11d0096 | 2017-01-15 00:12:42 +0100 | [diff] [blame] | 94 | |
| 95 | /* Secure zerofill */ |
| 96 | #define memset_s(A,B,C,D) memset((A),(C),(D)) |
| 97 | /* Constant time memory comparison */ |
| 98 | #define memcmpct(s1, s2, len) memcmp((s1), (s2), (len)) |
Denys Vlasenko | b7e9ae6 | 2017-01-18 17:20:27 +0100 | [diff] [blame] | 99 | #undef min |
Denys Vlasenko | 11d0096 | 2017-01-15 00:12:42 +0100 | [diff] [blame] | 100 | #define min(x, y) ((x) < (y) ? (x) : (y)) |
| 101 | |
| 102 | |
| 103 | #include "tls_pstm.h" |
Denys Vlasenko | b7e9ae6 | 2017-01-18 17:20:27 +0100 | [diff] [blame] | 104 | #include "tls_symmetric.h" |
| 105 | #include "tls_aes.h" |
Denys Vlasenko | 83e5c62 | 2018-11-23 17:21:38 +0100 | [diff] [blame] | 106 | #include "tls_aesgcm.h" |
Denys Vlasenko | bddb654 | 2018-11-13 02:16:24 +0100 | [diff] [blame] | 107 | #include "tls_rsa.h" |
| 108 | #include "tls_fe.h" |
Denys Vlasenko | f18a1fd | 2021-04-26 13:25:56 +0200 | [diff] [blame^] | 109 | |
| 110 | #define EC_CURVE_KEYSIZE 32 |
| 111 | #define P256_KEYSIZE 32 |
| 112 | #define CURVE25519_KEYSIZE 32 |
| 113 | |
| 114 | void curve_P256_compute_pubkey_and_premaster( |
| 115 | uint8_t *pubkey, uint8_t *premaster, |
| 116 | const uint8_t *peerkey32) FAST_FUNC; |