yggdrasil/ring
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use libc's types instead of defining our own ring::c.

Browse Source 
As far as I know, `libc` is available for every target now. Especially
since the introduction of `bssl::Result` we hardly reference these
types, other than `size_t`. This will help get rid of crypto/crypto.c.
This commit is contained in:
Brian Smith 2019-02-05 15:58:20 -10:00
parent e53936a348
commit 5dc4dda179
17 changed files with 84 additions and 290 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Cargo.toml
View File

@ -299,12 +299,12 @@ name = "ring"
[dependencies]
untrusted = "0.6.2"
libc = { version = "0.2.48", default_features = false }
[target.'cfg(not(target_os = "ios"))'.dependencies]
spin = { version = "0.5.0" }
[target.'cfg(any(target_os = "android", target_os = "linux"))'.dependencies]
libc = { version = "0.2.45" }
[target.'cfg(any(target_os = "redox", all(unix, not(any(target_os = "macos", target_os = "ios")))))'.dependencies]
lazy_static = "1.2"

27
crypto/crypto.c
View File

@ -85,30 +85,3 @@ HIDDEN uint32_t GFp_armcap_P = 0;
const long GFp_SYS_GETRANDOM = SYS_getrandom;
#endif
// These allow tests in other languages to verify that their understanding of
// the C types matches the C compiler's understanding.
#define DEFINE_METRICS(ty) \
OPENSSL_EXPORT uint16_t GFp_##ty##_align = alignof(ty); \
OPENSSL_EXPORT uint16_t GFp_##ty##_size = sizeof(ty);
DEFINE_METRICS(int8_t)
DEFINE_METRICS(uint8_t)
DEFINE_METRICS(int16_t)
DEFINE_METRICS(uint16_t)
DEFINE_METRICS(int32_t)
DEFINE_METRICS(uint32_t)
DEFINE_METRICS(int64_t)
DEFINE_METRICS(uint64_t)
DEFINE_METRICS(int)
DEFINE_METRICS(long)
typedef unsigned int uint;
DEFINE_METRICS(uint)
DEFINE_METRICS(size_t)

23
src/aead/aes.rs
View File

@ -16,7 +16,8 @@ use super::{
nonce::{self, Iv},
shift, Block, Direction, BLOCK_LEN,
};
use crate::{bits::BitLength, c, cpu, endian::*, error, polyfill};
use crate::{bits::BitLength, cpu, endian::*, error, polyfill};
use libc::size_t;
pub(crate) struct Key {
inner: AES_KEY,
@ -45,13 +46,13 @@ impl Key {
Implementation::HWAES => {
extern "C" {
fn GFp_aes_hw_set_encrypt_key(
user_key: *const u8, bits: c::uint, key: &mut AES_KEY,
user_key: *const u8, bits: libc::c_uint, key: &mut AES_KEY,
) -> ZeroMeansSuccess;
}
Result::from(unsafe {
GFp_aes_hw_set_encrypt_key(
bytes.as_ptr(),
key_bits.as_usize_bits() as c::uint,
key_bits.as_usize_bits() as libc::c_uint,
&mut key,
)
})?;
@ -61,13 +62,13 @@ impl Key {
Implementation::VPAES => {
extern "C" {
fn GFp_vpaes_set_encrypt_key(
user_key: *const u8, bits: c::uint, key: &mut AES_KEY,
user_key: *const u8, bits: libc::c_uint, key: &mut AES_KEY,
) -> ZeroMeansSuccess;
}
Result::from(unsafe {
GFp_vpaes_set_encrypt_key(
bytes.as_ptr(),
key_bits.as_usize_bits() as c::uint,
key_bits.as_usize_bits() as libc::c_uint,
&mut key,
)
})?;
@ -76,13 +77,13 @@ impl Key {
_ => {
extern "C" {
fn GFp_aes_nohw_set_encrypt_key(
user_key: *const u8, bits: c::uint, key: &mut AES_KEY,
user_key: *const u8, bits: libc::c_uint, key: &mut AES_KEY,
) -> ZeroMeansSuccess;
}
Result::from(unsafe {
GFp_aes_nohw_set_encrypt_key(
bytes.as_ptr(),
key_bits.as_usize_bits() as c::uint,
key_bits.as_usize_bits() as libc::c_uint,
&mut key,
)
})?;
@ -162,7 +163,7 @@ impl Key {
Implementation::HWAES => {
extern "C" {
fn GFp_aes_hw_ctr32_encrypt_blocks(
input: *const u8, output: *mut u8, blocks: c::size_t, key: &AES_KEY,
input: *const u8, output: *mut u8, blocks: size_t, key: &AES_KEY,
ivec: &Counter,
);
}
@ -176,7 +177,7 @@ impl Key {
Implementation::BSAES => {
extern "C" {
fn GFp_bsaes_ctr32_encrypt_blocks(
input: *const u8, output: *mut u8, blocks: c::size_t, key: &AES_KEY,
input: *const u8, output: *mut u8, blocks: size_t, key: &AES_KEY,
ivec: &Counter,
);
}
@ -221,7 +222,7 @@ impl Key {
#[repr(C)]
pub(super) struct AES_KEY {
pub rd_key: [u32; 4 * (MAX_ROUNDS + 1)],
pub rounds: c::uint,
pub rounds: libc::c_uint,
}
// Keep this in sync with `AES_MAXNR` in aes.h.
@ -272,7 +273,7 @@ fn detect_implementation(cpu_features: cpu::Features) -> Implementation {
#[must_use]
#[repr(transparent)]
pub struct ZeroMeansSuccess(c::int);
pub struct ZeroMeansSuccess(libc::c_int);
impl From<ZeroMeansSuccess> for Result<(), error::Unspecified> {
fn from(ZeroMeansSuccess(value): ZeroMeansSuccess) -> Self {

10
src/aead/aes_gcm.rs
View File

@ -187,7 +187,7 @@ fn integrated_aes_gcm<'a>(
aes_key: &aes::Key, gcm_ctx: &mut gcm::Context, in_out: &'a mut [u8], ctr: &mut Counter,
direction: Direction, cpu_features: cpu::Features,
) -> &'a mut [u8] {
use crate::c;
use libc::size_t;
if !aes_key.is_aes_hw() || !gcm_ctx.is_avx2(cpu_features) {
return in_out;
@ -197,9 +197,9 @@ fn integrated_aes_gcm<'a>(
Direction::Opening { in_prefix_len } => {
extern "C" {
fn GFp_aesni_gcm_decrypt(
input: *const u8, output: *mut u8, len: c::size_t, key: &aes::AES_KEY,
input: *const u8, output: *mut u8, len: size_t, key: &aes::AES_KEY,
ivec: &mut Counter, gcm: &mut gcm::Context,
) -> c::size_t;
) -> size_t;
}
unsafe {
GFp_aesni_gcm_decrypt(
@ -215,9 +215,9 @@ fn integrated_aes_gcm<'a>(
Direction::Sealing => {
extern "C" {
fn GFp_aesni_gcm_encrypt(
input: *const u8, output: *mut u8, len: c::size_t, key: &aes::AES_KEY,
input: *const u8, output: *mut u8, len: size_t, key: &aes::AES_KEY,
ivec: &mut Counter, gcm: &mut gcm::Context,
) -> c::size_t;
) -> size_t;
}
unsafe {
GFp_aesni_gcm_encrypt(

5
src/aead/chacha.rs
View File

@ -17,8 +17,9 @@ use super::{
nonce::{self, Iv},
Block, BLOCK_LEN,
};
use crate::{c, endian::*, polyfill::convert::*};
use crate::{endian::*, polyfill::convert::*};
use core;
use libc::size_t;
#[repr(C)]
pub struct Key([Block; KEY_BLOCKS]);
@ -112,7 +113,7 @@ impl Key {
/// `Counter`.
extern "C" {
fn GFp_ChaCha20_ctr32(
out: *mut u8, in_: *const u8, in_len: c::size_t, key: &Key, first_iv: &Iv,
out: *mut u8, in_: *const u8, in_len: size_t, key: &Key, first_iv: &Iv,
);
}

15
src/aead/gcm.rs
View File

@ -13,7 +13,8 @@
// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
use super::{Aad, Block, BLOCK_LEN};
use crate::{c, cpu};
use crate::cpu;
use libc::size_t;
#[repr(transparent)]
pub struct Key(GCM128_KEY);
@ -107,8 +108,7 @@ impl Context {
Implementation::CLMUL if has_avx_movbe(self.cpu_features) => {
extern "C" {
fn GFp_gcm_ghash_avx(
ctx: &mut Context, h_table: *const GCM128_KEY, inp: *const u8,
len: c::size_t,
ctx: &mut Context, h_table: *const GCM128_KEY, inp: *const u8, len: size_t,
);
}
unsafe {
@ -119,8 +119,7 @@ impl Context {
Implementation::CLMUL => {
extern "C" {
fn GFp_gcm_ghash_clmul(
ctx: &mut Context, h_table: *const GCM128_KEY, inp: *const u8,
len: c::size_t,
ctx: &mut Context, h_table: *const GCM128_KEY, inp: *const u8, len: size_t,
);
}
unsafe {
@ -132,8 +131,7 @@ impl Context {
Implementation::NEON => {
extern "C" {
fn GFp_gcm_ghash_neon(
ctx: &mut Context, h_table: *const GCM128_KEY, inp: *const u8,
len: c::size_t,
ctx: &mut Context, h_table: *const GCM128_KEY, inp: *const u8, len: size_t,
);
}
unsafe {
@ -144,8 +142,7 @@ impl Context {
Implementation::Fallback => {
extern "C" {
fn GFp_gcm_ghash_4bit(
ctx: &mut Context, h_table: *const GCM128_KEY, inp: *const u8,
len: c::size_t,
ctx: &mut Context, h_table: *const GCM128_KEY, inp: *const u8, len: size_t,
);
}
unsafe {

7
src/aead/poly1305.rs
View File

@ -19,7 +19,8 @@ use super::{
block::{Block, BLOCK_LEN},
Tag,
};
use crate::{bssl, c, error};
use crate::{bssl, error};
use libc::size_t;
/// A Poly1305 key.
pub struct Key([Block; KEY_BLOCKS]);
@ -46,7 +47,7 @@ impl Context {
pub fn from_key(Key(key_and_nonce): Key) -> Context {
extern "C" {
fn GFp_poly1305_blocks(
state: &mut Opaque, input: *const u8, len: c::size_t, should_pad: Pad,
state: &mut Opaque, input: *const u8, len: size_t, should_pad: Pad,
);
fn GFp_poly1305_emit(state: &mut Opaque, tag: &mut Tag, nonce: &Nonce);
}
@ -115,7 +116,7 @@ struct Nonce(Block);
#[repr(C)]
struct Funcs {
blocks_fn:
unsafe extern "C" fn(&mut Opaque, input: *const u8, input_len: c::size_t, should_pad: Pad),
unsafe extern "C" fn(&mut Opaque, input: *const u8, input_len: size_t, should_pad: Pad),
emit_fn: unsafe extern "C" fn(&mut Opaque, &mut Tag, nonce: &Nonce),
}

10
src/bssl.rs
View File

@ -12,15 +12,15 @@
// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
use crate::{c, error};
use crate::error;
/// A `c::int` returned from a foreign function containing **1** if the function
/// An `int` returned from a foreign function containing **1** if the function
/// was successful or **0** if an error occurred. This is the convention used by
/// C code in `ring`.
#[derive(Clone, Copy, Debug)]
#[must_use]
#[repr(transparent)]
pub struct Result(c::int);
pub struct Result(libc::c_int);
impl From<Result> for core::result::Result<(), error::Unspecified> {
fn from(ret: Result) -> Self {
@ -37,12 +37,12 @@ impl From<Result> for core::result::Result<(), error::Unspecified> {
#[cfg(test)]
mod tests {
mod result {
use crate::{bssl, c};
use crate::bssl;
use core::mem;
#[test]
fn size_and_alignment() {
type Underlying = c::int;
type Underlying = libc::c_int;
assert_eq!(mem::size_of::<bssl::Result>(), mem::size_of::<Underlying>());
assert_eq!(
mem::align_of::<bssl::Result>(),

184
src/c.rs
View File

@ -1,184 +0,0 @@
// Copyright 2015-2016 Brian Smith.
//
// Permission to use, copy, modify, and/or distribute this software for any
// purpose with or without fee is hereby granted, provided that the above
// copyright notice and this permission notice appear in all copies.
//
// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
//! TODO: Module-level documentation.
macro_rules! define_type {
( $name:ident, $builtin:ty, $test_c_metrics:ident, $get_c_align_fn:ident,
$get_c_size_fn:ident, $doc:expr ) => {
#[allow(dead_code)] // Not all types are used in all configurations.
#[doc = $doc]
pub type $name = $builtin;
define_metrics_tests!($name, $test_c_metrics, $get_c_align_fn, $get_c_size_fn);
};
}
macro_rules! define_metrics_tests {
( $name:ident, $test_c_metrics:ident, $get_c_align_fn:ident,
$get_c_size_fn:ident ) => {
define_metrics_tests!($name, $test_c_metrics, $get_c_align_fn, $get_c_size_fn, 1);
};
( $name:ident, $test_c_metrics:ident, $c_align:ident, $c_size:ident,
$expected_align_factor:expr ) => {
#[cfg(test)]
extern "C" {
// We can't use `size_t` because we need to test that our
// definition of `size_t` is correct using this code! We use `u16`
// because even 8-bit and 16-bit microcontrollers have no trouble
// with it, and because `u16` is always as smaller or smaller than
// `usize`.
static $c_align: u16;
static $c_size: u16;
}
#[cfg(test)]
#[test]
fn $test_c_metrics() {
use core::mem;
let c_align = unsafe { $c_align };
let c_size = unsafe { $c_size };
// XXX: Remove these assertions and these uses of `as` when Rust
// supports implicit coercion of `u16` to `usize`.
assert!(mem::size_of_val(&c_align) <= mem::size_of::<usize>());
assert!(mem::size_of_val(&c_size) <= mem::size_of::<usize>());
// Rust uses 4 for the alignment of `i64` and `u64`. On Linux x86,
// GCC 5 uses 8 but earlier versions use 4 and so does Clang.
let rust_align =
if $expected_align_factor != 1 && mem::align_of::<$name>() != c_align as usize {
mem::align_of::<$name>() * $expected_align_factor
} else {
mem::align_of::<$name>()
};
assert_eq!(
(rust_align, mem::size_of::<$name>()),
(c_align as usize, c_size as usize)
);
}
};
}
define_type!(
int,
i32,
test_int_metrics,
GFp_int_align,
GFp_int_size,
"The C `int` type. Equivalent to `libc::c_int`."
);
define_type!(
uint,
u32,
test_uint_metrics,
GFp_uint_align,
GFp_uint_size,
"The C `unsigned int` type. Equivalent to `libc::c_uint`."
);
define_type!(
size_t,
usize,
test_size_t_metrics,
GFp_size_t_align,
GFp_size_t_size,
"The C `size_t` type from `<stdint.h>`.
ISO C's `size_t` is defined to be the type of the result of the
`sizeof` operator and the type of the size parameter to `malloc`. That
is, C's `size_t` is only required to hold the size of the largest object
that can be allocated. In particular, it is legal for a C implementation
to have a maximum object size smaller than the entire address space. For
example, a C implementation may have an maximum object size of 2^32
bytes with a 64-bit address space, and typedef `size_t` as `uint32_t` so
that `sizeof(size_t) == 4` and `sizeof(void*) == 8`.
Rust's `usize`, on the other hand, is defined to always be the same size
as a pointer. This means that it is possible, in theory, to have a platform
where `usize` can represent values that `size_t` cannot represent. However,
on the vast majority of systems, `usize` and `size_t` are represented the
same way. If it were required to explicitly cast `usize` to `size_t` on
common platforms, then many programmers would habitually write expressions
such as `my_slice.len() as libc::size_t` expecting this to always work and
be safe. But such a cast is *not* safe on the uncommon platforms where
`mem::sizeof(libc::size_t) < mem::size_t(usize)`. Consequently, to reduce
the chances of programmers becoming habituated to such casts that would be
unsafe on unusual platforms, we have adopted the following convention:
* On common platforms where C's `size_t` is the same size as `usize`,
`ring::c::size_t` must be a type alias of `usize`.
* On uncommon platforms where C's `size_t` is not the same size as `usize`,
`ring::c::size_t` must be a type alias for a type other than `usize`.
* Code that was written without consideration for the uncommon platforms
should not do any explicit casting between `size_t` and `usize`. Such
code will fail to compile on the uncommon platforms; this is better than
executing with unsafe truncations.
* Code that was written with full consideration of the uncommon platforms
should have explicit casts using `num::cast` or other methods that avoid
unintended truncation. Such code will then work on all platforms."
);
define_metrics_tests!(i8, test_i8_metrics, GFp_int8_t_align, GFp_int8_t_size);
define_metrics_tests!(u8, test_u8_metrics, GFp_uint8_t_align, GFp_uint8_t_size);
define_metrics_tests!(i16, test_i16_metrics, GFp_int16_t_align, GFp_int16_t_size);
define_metrics_tests!(u16, test_u16_metrics, GFp_uint16_t_align, GFp_uint16_t_size);
define_metrics_tests!(i32, test_i32_metrics, GFp_int32_t_align, GFp_int32_t_size);
define_metrics_tests!(u32, test_u32_metrics, GFp_uint32_t_align, GFp_uint32_t_size);
#[cfg(all(
test,
not(any(
all(target_arch = "x86", target_os = "linux"),
all(target_arch = "x86", target_os = "macos"),
all(target_arch = "x86", target_os = "ios"),
all(target_arch = "arm", target_os = "ios")
))
))]
const SIXTY_FOUR_BIT_ALIGNMENT_FACTOR: usize = 1;
#[cfg(all(
test,
any(
all(target_arch = "x86", target_os = "linux"),
all(target_arch = "x86", target_os = "macos"),
all(target_arch = "x86", target_os = "ios"),
all(target_arch = "arm", target_os = "ios")
)
))]
const SIXTY_FOUR_BIT_ALIGNMENT_FACTOR: usize = 2;
define_metrics_tests!(
i64,
test_i64_metrics,
GFp_int64_t_align,
GFp_int64_t_size,
SIXTY_FOUR_BIT_ALIGNMENT_FACTOR
);
define_metrics_tests!(
u64,
test_u64_metrics,
GFp_uint64_t_align,
GFp_uint64_t_size,
SIXTY_FOUR_BIT_ALIGNMENT_FACTOR
);

5
src/constant_time.rs
View File

@ -14,7 +14,8 @@
//! Constant-time operations.
use crate::{c, error};
use crate::error;
use libc::size_t;
/// Returns `Ok(())` if `a == b` and `Err(error::Unspecified)` otherwise.
/// The comparison of `a` and `b` is done in constant time with respect to the
@ -32,7 +33,7 @@ pub fn verify_slices_are_equal(a: &[u8], b: &[u8]) -> Result<(), error::Unspecif
}
extern "C" {
fn GFp_memcmp(a: *const u8, b: *const u8, len: c::size_t) -> c::int;
fn GFp_memcmp(a: *const u8, b: *const u8, len: size_t) -> libc::c_int;
}
#[cfg(test)]

9
src/digest.rs
View File

@ -24,8 +24,9 @@
// The goal for this implementation is to drive the overhead as close to zero
// as possible.
use crate::{c, cpu, debug, endian::*, polyfill};
use crate::{cpu, debug, endian::*, polyfill};
use core::{self, num::Wrapping};
use libc::size_t;
mod sha1;
@ -246,7 +247,7 @@ pub struct Algorithm {
/// The length of the length in the padding.
len_len: usize,
block_data_order: unsafe extern "C" fn(state: &mut State, data: *const u8, num: c::size_t),
block_data_order: unsafe extern "C" fn(state: &mut State, data: *const u8, num: size_t),
format_output: fn(input: State) -> Output,
initial_state: State,
@ -480,8 +481,8 @@ const SHA512_BLOCK_LEN: usize = 1024 / 8;
const SHA512_LEN_LEN: usize = 128 / 8;
extern "C" {
fn GFp_sha256_block_data_order(state: &mut State, data: *const u8, num: c::size_t);
fn GFp_sha512_block_data_order(state: &mut State, data: *const u8, num: c::size_t);
fn GFp_sha256_block_data_order(state: &mut State, data: *const u8, num: size_t);
fn GFp_sha512_block_data_order(state: &mut State, data: *const u8, num: size_t);
}
#[cfg(test)]

5
src/digest/sha1.rs
View File

@ -13,8 +13,9 @@
// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
use crate::{c, polyfill};
use crate::polyfill;
use core::{self, num::Wrapping};
use libc::size_t;
pub const BLOCK_LEN: usize = 512 / 8;
pub const CHAINING_LEN: usize = 160 / 8;
@ -38,7 +39,7 @@ fn maj(x: W32, y: W32, z: W32) -> W32 { (x & y) | (x & z) | (y & z) }
/// Unlike SHA-256, SHA-384, and SHA-512,
/// there is no assembly language implementation.
pub(super) unsafe extern "C" fn block_data_order(
state: &mut super::State, data: *const u8, num: c::size_t,
state: &mut super::State, data: *const u8, num: size_t,
) {
let data = data as *const [[u8; 4]; 16];
let blocks = core::slice::from_raw_parts(data, num);

5
src/ec/suite_b/ops.rs
View File

@ -12,8 +12,9 @@
// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
use crate::{arithmetic::montgomery::*, c, error, limb::*};
use crate::{arithmetic::montgomery::*, error, limb::*};
use core::marker::PhantomData;
use libc::size_t;
use untrusted;
pub use self::elem::*;
@ -435,7 +436,7 @@ fn parse_big_endian_fixed_consttime<M>(
extern "C" {
fn LIMBS_add_mod(
r: *mut Limb, a: *const Limb, b: *const Limb, m: *const Limb, num_limbs: c::size_t,
r: *mut Limb, a: *const Limb, b: *const Limb, m: *const Limb, num_limbs: size_t,
);
}

1
src/lib.rs
View File

@ -95,7 +95,6 @@ pub mod agreement;
mod bits;
mod c;
pub mod constant_time;
pub mod io;

23
src/limb.rs
View File

@ -18,7 +18,8 @@
//! Limbs ordered least-significant-limb to most-significant-limb. The bits
//! limbs use the native endianness.
use crate::{c, error};
use crate::error;
use libc::size_t;
use untrusted;
#[cfg(any(test, feature = "use_heap"))]
@ -61,7 +62,7 @@ pub const LIMB_BYTES: usize = (LIMB_BITS + 7) / 8;
#[inline]
pub fn limbs_equal_limbs_consttime(a: &[Limb], b: &[Limb]) -> LimbMask {
extern "C" {
fn LIMBS_equal(a: *const Limb, b: *const Limb, num_limbs: c::size_t) -> LimbMask;
fn LIMBS_equal(a: *const Limb, b: *const Limb, num_limbs: size_t) -> LimbMask;
}
assert_eq!(a.len(), b.len());
@ -269,9 +270,9 @@ pub fn fold_5_bit_windows<R, I: FnOnce(Window) -> R, F: Fn(R, Window) -> R>(
) -> R {
#[derive(Clone, Copy)]
#[repr(transparent)]
struct BitIndex(Wrapping<c::size_t>);
struct BitIndex(Wrapping<size_t>);
const WINDOW_BITS: Wrapping<c::size_t> = Wrapping(5);
const WINDOW_BITS: Wrapping<size_t> = Wrapping(5);
extern "C" {
fn LIMBS_window5_split_window(
@ -326,17 +327,17 @@ pub fn fold_5_bit_windows<R, I: FnOnce(Window) -> R, F: Fn(R, Window) -> R>(
extern "C" {
#[cfg(any(test, feature = "use_heap"))]
fn LIMB_shr(a: Limb, shift: c::size_t) -> Limb;
fn LIMB_shr(a: Limb, shift: size_t) -> Limb;
#[cfg(any(test, feature = "use_heap"))]
fn LIMBS_are_even(a: *const Limb, num_limbs: c::size_t) -> LimbMask;
fn LIMBS_are_zero(a: *const Limb, num_limbs: c::size_t) -> LimbMask;
fn LIMBS_are_even(a: *const Limb, num_limbs: size_t) -> LimbMask;
fn LIMBS_are_zero(a: *const Limb, num_limbs: size_t) -> LimbMask;
#[cfg(any(test, feature = "use_heap"))]
fn LIMBS_equal_limb(a: *const Limb, b: Limb, num_limbs: c::size_t) -> LimbMask;
fn LIMBS_less_than(a: *const Limb, b: *const Limb, num_limbs: c::size_t) -> LimbMask;
fn LIMBS_equal_limb(a: *const Limb, b: Limb, num_limbs: size_t) -> LimbMask;
fn LIMBS_less_than(a: *const Limb, b: *const Limb, num_limbs: size_t) -> LimbMask;
#[cfg(feature = "use_heap")]
fn LIMBS_less_than_limb(a: *const Limb, b: Limb, num_limbs: c::size_t) -> LimbMask;
fn LIMBS_reduce_once(r: *mut Limb, m: *const Limb, num_limbs: c::size_t);
fn LIMBS_less_than_limb(a: *const Limb, b: Limb, num_limbs: size_t) -> LimbMask;
fn LIMBS_reduce_once(r: *mut Limb, m: *const Limb, num_limbs: size_t);
}
#[cfg(test)]

16
src/rand.rs
View File

@ -124,17 +124,17 @@ use crate::sealed;
#[cfg(target_os = "linux")]
mod sysrand_chunk {
use crate::{c, error};
use libc;
use crate::error;
use libc::{self, size_t};
extern "C" {
static GFp_SYS_GETRANDOM: c::long;
static GFp_SYS_GETRANDOM: libc::c_long;
}
#[inline]
pub fn chunk(dest: &mut [u8]) -> Result<usize, error::Unspecified> {
let chunk_len: c::size_t = dest.len();
let flags: c::uint = 0;
let chunk_len: size_t = dest.len();
let flags: libc::c_uint = 0;
let r = unsafe { libc::syscall(GFp_SYS_GETRANDOM, dest.as_mut_ptr(), chunk_len, flags) };
if r < 0 {
if unsafe { *libc::__errno_location() } == libc::EINTR {
@ -257,7 +257,7 @@ mod sysrand_or_urandom {
#[cfg(any(target_os = "macos", target_os = "ios"))]
mod darwin {
use crate::{c, error};
use crate::error;
pub fn fill(dest: &mut [u8]) -> Result<(), error::Unspecified> {
let r = unsafe { SecRandomCopyBytes(kSecRandomDefault, dest.len(), dest.as_mut_ptr()) };
@ -281,8 +281,8 @@ mod darwin {
// For now `rnd` must be `kSecRandomDefault`.
#[must_use]
fn SecRandomCopyBytes(
rnd: &'static SecRandomRef, count: c::size_t, bytes: *mut u8,
) -> c::int;
rnd: &'static SecRandomRef, count: libc::size_t, bytes: *mut u8,
) -> libc::c_int;
}
}

27
src/rsa/bigint.rs
View File

@ -42,7 +42,7 @@
use crate::{
arithmetic::montgomery::*,
bits, bssl, c, error,
bits, bssl, error,
limb::{self, Limb, LimbMask, LIMB_BITS, LIMB_BYTES},
};
use core::{
@ -50,6 +50,7 @@ use core::{
marker::PhantomData,
ops::{Deref, DerefMut},
};
use libc::size_t;
use untrusted;
pub unsafe trait Prime {}
@ -467,7 +468,7 @@ where
fn elem_mul_by_2<M, AF>(a: &mut Elem<M, AF>, m: &PartialModulus<M>) {
extern "C" {
fn LIMBS_shl_mod(r: *mut Limb, a: *const Limb, m: *const Limb, num_limbs: c::size_t);
fn LIMBS_shl_mod(r: *mut Limb, a: *const Limb, m: *const Limb, num_limbs: size_t);
}
unsafe {
LIMBS_shl_mod(
@ -500,8 +501,8 @@ pub fn elem_reduced<Larger, Smaller: NotMuchSmallerModulus<Larger>>(
) -> Result<Elem<Smaller, RInverse>, error::Unspecified> {
extern "C" {
fn GFp_bn_from_montgomery_in_place(
r: *mut Limb, num_r: c::size_t, a: *mut Limb, num_a: c::size_t, n: *const Limb,
num_n: c::size_t, n0: &N0,
r: *mut Limb, num_r: size_t, a: *mut Limb, num_a: size_t, n: *const Limb,
num_n: size_t, n0: &N0,
) -> bssl::Result;
}
@ -550,7 +551,7 @@ pub fn elem_add<M, E>(mut a: Elem<M, E>, b: Elem<M, E>, m: &Modulus<M>) -> Elem<
extern "C" {
// `r` and `a` may alias.
fn LIMBS_add_mod(
r: *mut Limb, a: *const Limb, b: *const Limb, m: *const Limb, num_limbs: c::size_t,
r: *mut Limb, a: *const Limb, b: *const Limb, m: *const Limb, num_limbs: size_t,
);
}
unsafe {
@ -570,7 +571,7 @@ pub fn elem_sub<M, E>(mut a: Elem<M, E>, b: &Elem<M, E>, m: &Modulus<M>) -> Elem
extern "C" {
// `r` and `a` may alias.
fn LIMBS_sub_mod(
r: *mut Limb, a: *const Limb, b: *const Limb, m: *const Limb, num_limbs: c::size_t,
r: *mut Limb, a: *const Limb, b: *const Limb, m: *const Limb, num_limbs: size_t,
);
}
unsafe {
@ -806,7 +807,7 @@ pub fn elem_exp_consttime<M>(
fn gather<M>(table: &[Limb], i: Window, r: &mut Elem<M, R>) {
extern "C" {
fn LIMBS_select_512_32(
r: *mut Limb, table: *const Limb, num_limbs: c::size_t, i: Window,
r: *mut Limb, table: *const Limb, num_limbs: size_t, i: Window,
) -> bssl::Result;
}
Result::from(unsafe {
@ -922,7 +923,7 @@ pub fn elem_exp_consttime<M>(
fn scatter(table: &mut [Limb], state: &[Limb], i: Window, num_limbs: usize) {
extern "C" {
fn GFp_bn_scatter5(a: *const Limb, a_len: c::size_t, table: *mut Limb, i: Window);
fn GFp_bn_scatter5(a: *const Limb, a_len: size_t, table: *mut Limb, i: Window);
}
unsafe {
GFp_bn_scatter5(
@ -936,7 +937,7 @@ pub fn elem_exp_consttime<M>(
fn gather(table: &[Limb], state: &mut [Limb], i: Window, num_limbs: usize) {
extern "C" {
fn GFp_bn_gather5(r: *mut Limb, a_len: c::size_t, table: *const Limb, i: Window);
fn GFp_bn_gather5(r: *mut Limb, a_len: size_t, table: *const Limb, i: Window);
}
unsafe {
GFp_bn_gather5(
@ -960,7 +961,7 @@ pub fn elem_exp_consttime<M>(
extern "C" {
fn GFp_bn_mul_mont_gather5(
rp: *mut Limb, ap: *const Limb, table: *const Limb, np: *const Limb, n0: &N0,
num: c::size_t, power: Window,
num: size_t, power: Window,
);
}
unsafe {
@ -980,7 +981,7 @@ pub fn elem_exp_consttime<M>(
extern "C" {
fn GFp_bn_power5(
r: *mut Limb, a: *const Limb, table: *const Limb, n: *const Limb, n0: &N0,
num: c::size_t, i: Window,
num: size_t, i: Window,
);
}
unsafe {
@ -1033,7 +1034,7 @@ pub fn elem_exp_consttime<M>(
extern "C" {
fn GFp_bn_from_montgomery(
r: *mut Limb, a: *const Limb, not_used: *const Limb, n: *const Limb, n0: &N0,
num: c::size_t,
num: size_t,
) -> bssl::Result;
}
Result::from(unsafe {
@ -1209,7 +1210,7 @@ fn limbs_mont_square(r: &mut [Limb], m: &[Limb], n0: &N0) {
extern "C" {
// `r` and/or 'a' and/or 'b' may alias.
fn GFp_bn_mul_mont(
r: *mut Limb, a: *const Limb, b: *const Limb, n: *const Limb, n0: &N0, num_limbs: c::size_t,
r: *mut Limb, a: *const Limb, b: *const Limb, n: *const Limb, n0: &N0, num_limbs: size_t,
);
}