Commit 36168d29 authored by Niels Möller's avatar Niels Möller

New macros TMP_DECL_ALIGN and TMP_ALLOC_ALIGN.

parent c5fc9131
2018-02-19 Niels Möller <nisse@lysator.liu.se>
* nettle-internal.h: Include sha3.h, needed for the definition of
NETTLE_MAX_HASH_CONTEXT_SIZE.
(TMP_DECL_ALIGN, TMP_ALLOC_ALIGN): New macros, to support
allocation of context structs with alignment requirements.
[!HAVE_ALLOCA]: Also use assert, rather than calling abort
directly.
* pss.c (pss_encode_mgf1, pss_verify_mgf1): Use new macros.
* pss-mgf1.c (pss_mgf1): Likewise.
2018-02-18 Niels Möller <nisse@lysator.liu.se> 2018-02-18 Niels Möller <nisse@lysator.liu.se>
* testsuite/Makefile.in (TS_NETTLE_SOURCES): Moved pss-mgf1-test.c... * testsuite/Makefile.in (TS_NETTLE_SOURCES): Moved pss-mgf1-test.c...
......
...@@ -35,20 +35,41 @@ ...@@ -35,20 +35,41 @@
#ifndef NETTLE_INTERNAL_H_INCLUDED #ifndef NETTLE_INTERNAL_H_INCLUDED
#define NETTLE_INTERNAL_H_INCLUDED #define NETTLE_INTERNAL_H_INCLUDED
#include <assert.h>
#include "nettle-meta.h" #include "nettle-meta.h"
/* For definition of NETTLE_MAX_HASH_CONTEXT_SIZE. */
#include "sha3.h"
/* Temporary allocation, for systems that don't support alloca. Note /* Temporary allocation, for systems that don't support alloca. Note
* that the allocation requests should always be reasonably small, so * that the allocation requests should always be reasonably small, so
* that they can fit on the stack. For non-alloca systems, we use a * that they can fit on the stack. For non-alloca systems, we use a
* fix maximum size, and abort if we ever need anything larger. */ * fix maximum size + an assert.
*
* TMP_DECL and TMP_ALLOC allocate an array of the given type, and
* take the array size (not byte size) as argument.
*
* TMP_DECL_ALIGN and TMP_ALLOC_ALIGN are intended for context
* structs, which need proper alignment. They take the size in bytes,
* and produce a void *. On systems without alloca, implemented as an
* array of uint64_t, to ensure alignment. Since it is used as void *
* argument, no type casts are needed.
*/
#if HAVE_ALLOCA #if HAVE_ALLOCA
# define TMP_DECL(name, type, max) type *name # define TMP_DECL(name, type, max) type *name
# define TMP_ALLOC(name, size) (name = alloca(sizeof (*name) * (size))) # define TMP_ALLOC(name, size) (name = alloca(sizeof (*name) * (size)))
# define TMP_DECL_ALIGN(name, max) void *name
# define TMP_ALLOC_ALIGN(name, size) (name = alloca(size))
#else /* !HAVE_ALLOCA */ #else /* !HAVE_ALLOCA */
# define TMP_DECL(name, type, max) type name[max] # define TMP_DECL(name, type, max) type name[max]
# define TMP_ALLOC(name, size) \ # define TMP_ALLOC(name, size) \
do { if ((size) > (sizeof(name) / sizeof(name[0]))) abort(); } while (0) do { assert((size_t)(size) <= (sizeof(name) / sizeof(name[0]))); } while (0)
# define TMP_DECL_ALIGN(name, max) \
uint64_t name[((max) + (sizeof(uint64_t) - 1))/ sizeof(uint64_t)]
# define TMP_ALLOC_ALIGN(name, size) \
do { assert((size_t)(size) <= (sizeof(name))); } while (0)
#endif #endif
/* Arbitrary limits which apply to systems that don't have alloca */ /* Arbitrary limits which apply to systems that don't have alloca */
......
...@@ -48,12 +48,12 @@ pss_mgf1(const void *seed, const struct nettle_hash *hash, ...@@ -48,12 +48,12 @@ pss_mgf1(const void *seed, const struct nettle_hash *hash,
size_t length, uint8_t *mask) size_t length, uint8_t *mask)
{ {
TMP_DECL(h, uint8_t, NETTLE_MAX_HASH_DIGEST_SIZE); TMP_DECL(h, uint8_t, NETTLE_MAX_HASH_DIGEST_SIZE);
TMP_DECL(state, uint8_t, NETTLE_MAX_HASH_CONTEXT_SIZE); TMP_DECL_ALIGN(state, NETTLE_MAX_HASH_CONTEXT_SIZE);
size_t i; size_t i;
uint8_t c[4]; uint8_t c[4];
TMP_ALLOC(h, hash->digest_size); TMP_ALLOC(h, hash->digest_size);
TMP_ALLOC(state, hash->context_size); TMP_ALLOC_ALIGN(state, hash->context_size);
for (i = 0;; for (i = 0;;
i++, mask += hash->digest_size, length -= hash->digest_size) i++, mask += hash->digest_size, length -= hash->digest_size)
......
...@@ -67,12 +67,12 @@ pss_encode_mgf1(mpz_t m, size_t bits, ...@@ -67,12 +67,12 @@ pss_encode_mgf1(mpz_t m, size_t bits,
const uint8_t *digest) const uint8_t *digest)
{ {
TMP_GMP_DECL(em, uint8_t); TMP_GMP_DECL(em, uint8_t);
TMP_DECL(state, uint8_t, NETTLE_MAX_HASH_CONTEXT_SIZE); TMP_DECL_ALIGN(state, NETTLE_MAX_HASH_CONTEXT_SIZE);
size_t key_size = (bits + 7) / 8; size_t key_size = (bits + 7) / 8;
size_t j; size_t j;
TMP_GMP_ALLOC(em, key_size); TMP_GMP_ALLOC(em, key_size);
TMP_ALLOC(state, hash->context_size); TMP_ALLOC_ALIGN(state, hash->context_size);
if (key_size < hash->digest_size + salt_length + 2) if (key_size < hash->digest_size + salt_length + 2)
{ {
...@@ -127,7 +127,7 @@ pss_verify_mgf1(const mpz_t m, size_t bits, ...@@ -127,7 +127,7 @@ pss_verify_mgf1(const mpz_t m, size_t bits,
{ {
TMP_GMP_DECL(em, uint8_t); TMP_GMP_DECL(em, uint8_t);
TMP_DECL(h2, uint8_t, NETTLE_MAX_HASH_DIGEST_SIZE); TMP_DECL(h2, uint8_t, NETTLE_MAX_HASH_DIGEST_SIZE);
TMP_DECL(state, uint8_t, NETTLE_MAX_HASH_CONTEXT_SIZE); TMP_DECL_ALIGN(state, NETTLE_MAX_HASH_CONTEXT_SIZE);
uint8_t *h, *db, *salt; uint8_t *h, *db, *salt;
size_t key_size = (bits + 7) / 8; size_t key_size = (bits + 7) / 8;
size_t j; size_t j;
...@@ -138,7 +138,7 @@ pss_verify_mgf1(const mpz_t m, size_t bits, ...@@ -138,7 +138,7 @@ pss_verify_mgf1(const mpz_t m, size_t bits,
TMP_GMP_ALLOC(em, key_size * 2); TMP_GMP_ALLOC(em, key_size * 2);
TMP_ALLOC(h2, hash->digest_size); TMP_ALLOC(h2, hash->digest_size);
TMP_ALLOC(state, hash->context_size); TMP_ALLOC_ALIGN(state, hash->context_size);
if (key_size < hash->digest_size + salt_length + 2) if (key_size < hash->digest_size + salt_length + 2)
goto cleanup; goto cleanup;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment