Skip to content

Commit

Permalink
Rename the macro. Set/Reset is used for the CPU flag itself. Enable/D…
Browse files Browse the repository at this point in the history
…isable is used for the (perceived) CPU capability.
  • Loading branch information
nebeid committed Sep 12, 2024
1 parent 3c217cf commit 8ccc297
Show file tree
Hide file tree
Showing 18 changed files with 170 additions and 170 deletions.
2 changes: 1 addition & 1 deletion BUILDING.md
Original file line number Diff line number Diff line change
Expand Up @@ -257,7 +257,7 @@ It is also expected to disable the Data Memory-dependent Prefetcher
article](https://appleinsider.com/articles/24/03/21/apple-silicon-vulnerability-leaks-encryption-keys-and-cant-be-patched-easily).

Building with the option `-DENABLE_DATA_INDEPENDENT_TIMING_AARCH64=ON`
will enable the macro `SET_DIT_AUTO_DISABLE`. This macro is present at
will enable the macro `SET_DIT_AUTO_RESET`. This macro is present at
the entry of functions that process/load/store secret data to set the
DIT flag and then reset it to its original value on entry. With this
build option, there is an effect on performance that varies by
Expand Down
8 changes: 4 additions & 4 deletions crypto/fipsmodule/aes/aes.c
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@
// code, above, is incompatible with the |aes_hw_*| functions.

void AES_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
if (hwaes_capable()) {
aes_hw_encrypt(in, out, key);
} else if (vpaes_capable()) {
Expand All @@ -71,7 +71,7 @@ void AES_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
}

void AES_decrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
if (hwaes_capable()) {
aes_hw_decrypt(in, out, key);
} else if (vpaes_capable()) {
Expand All @@ -82,7 +82,7 @@ void AES_decrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
}

int AES_set_encrypt_key(const uint8_t *key, unsigned bits, AES_KEY *aeskey) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
if (bits != 128 && bits != 192 && bits != 256) {
return -2;
}
Expand All @@ -96,7 +96,7 @@ int AES_set_encrypt_key(const uint8_t *key, unsigned bits, AES_KEY *aeskey) {
}

int AES_set_decrypt_key(const uint8_t *key, unsigned bits, AES_KEY *aeskey) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
if (bits != 128 && bits != 192 && bits != 256) {
return -2;
}
Expand Down
10 changes: 5 additions & 5 deletions crypto/fipsmodule/cipher/aead.c
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ int EVP_AEAD_CTX_init_with_direction(EVP_AEAD_CTX *ctx, const EVP_AEAD *aead,
const uint8_t *key, size_t key_len,
size_t tag_len,
enum evp_aead_direction_t dir) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
if (key_len != aead->key_len) {
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_KEY_SIZE);
ctx->aead = NULL;
Expand Down Expand Up @@ -125,7 +125,7 @@ int EVP_AEAD_CTX_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, size_t *out_len,
size_t max_out_len, const uint8_t *nonce,
size_t nonce_len, const uint8_t *in, size_t in_len,
const uint8_t *ad, size_t ad_len) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
if (in_len + ctx->aead->overhead < in_len /* overflow */) {
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE);
goto error;
Expand Down Expand Up @@ -164,7 +164,7 @@ int EVP_AEAD_CTX_seal_scatter(const EVP_AEAD_CTX *ctx, uint8_t *out,
size_t in_len, const uint8_t *extra_in,
size_t extra_in_len, const uint8_t *ad,
size_t ad_len) {
SET_DIT_AUTO_DISABLE; //check that it was preserved
SET_DIT_AUTO_RESET; //check that it was preserved
// |in| and |out| may alias exactly, |out_tag| may not alias.
if (!check_alias(in, in_len, out, in_len) ||
buffers_alias(out, in_len, out_tag, max_out_tag_len) ||
Expand Down Expand Up @@ -197,7 +197,7 @@ int EVP_AEAD_CTX_open(const EVP_AEAD_CTX *ctx, uint8_t *out, size_t *out_len,
size_t max_out_len, const uint8_t *nonce,
size_t nonce_len, const uint8_t *in, size_t in_len,
const uint8_t *ad, size_t ad_len) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
if (!check_alias(in, in_len, out, max_out_len)) {
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_OUTPUT_ALIASES_INPUT);
goto error;
Expand Down Expand Up @@ -245,7 +245,7 @@ int EVP_AEAD_CTX_open_gather(const EVP_AEAD_CTX *ctx, uint8_t *out,
const uint8_t *in, size_t in_len,
const uint8_t *in_tag, size_t in_tag_len,
const uint8_t *ad, size_t ad_len) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
if (!check_alias(in, in_len, out, in_len)) {
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_OUTPUT_ALIASES_INPUT);
goto error;
Expand Down
14 changes: 7 additions & 7 deletions crypto/fipsmodule/cipher/cipher.c
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,7 @@ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) {
}

int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
if (in == NULL || in->cipher == NULL) {
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INPUT_NOT_INITIALIZED);
return 0;
Expand Down Expand Up @@ -146,7 +146,7 @@ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx) {
int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
ENGINE *engine, const uint8_t *key, const uint8_t *iv,
int enc) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
GUARD_PTR(ctx);
if (enc == -1) {
enc = ctx->encrypt;
Expand Down Expand Up @@ -264,7 +264,7 @@ static int block_remainder(const EVP_CIPHER_CTX *ctx, int len) {

int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, uint8_t *out, int *out_len,
const uint8_t *in, int in_len) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
GUARD_PTR(ctx);
if (ctx->poisoned) {
OPENSSL_PUT_ERROR(CIPHER, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
Expand Down Expand Up @@ -357,7 +357,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, uint8_t *out, int *out_len,
}

int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, uint8_t *out, int *out_len) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
int n;
unsigned int i, b, bl;
GUARD_PTR(ctx);
Expand Down Expand Up @@ -412,7 +412,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, uint8_t *out, int *out_len) {

int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, uint8_t *out, int *out_len,
const uint8_t *in, int in_len) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
GUARD_PTR(ctx);
if (ctx->poisoned) {
OPENSSL_PUT_ERROR(CIPHER, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
Expand Down Expand Up @@ -479,7 +479,7 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, uint8_t *out, int *out_len,
}

int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *out_len) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
int i, n;
unsigned int b;
*out_len = 0;
Expand Down Expand Up @@ -552,7 +552,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *out_len) {

int EVP_Cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in,
size_t in_len) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
GUARD_PTR(ctx);
GUARD_PTR(ctx->cipher);
const int ret = ctx->cipher->cipher(ctx, out, in, in_len);
Expand Down
10 changes: 5 additions & 5 deletions crypto/fipsmodule/curve25519/curve25519.c
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,7 @@ void ED25519_keypair_from_seed(uint8_t out_public_key[ED25519_PUBLIC_KEY_LEN],
void ED25519_keypair(uint8_t out_public_key[ED25519_PUBLIC_KEY_LEN],
uint8_t out_private_key[ED25519_PRIVATE_KEY_LEN]) {
boringssl_ensure_eddsa_self_test();
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;

// Ed25519 key generation: rfc8032 5.1.5
// Private key is 32 octets of random data.
Expand Down Expand Up @@ -143,7 +143,7 @@ int ED25519_sign_no_self_test(uint8_t out_sig[ED25519_SIGNATURE_LEN],
// seed = private_key[0:31]
// A = private_key[32:61] (per 5.1.5.4)
// Compute az = SHA512(seed).
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
uint8_t az[SHA512_DIGEST_LENGTH];
SHA512(private_key, ED25519_PRIVATE_KEY_SEED_LEN, az);
// s = az[0:31]
Expand Down Expand Up @@ -253,7 +253,7 @@ int ED25519_check_public_key(const uint8_t public_key[ED25519_PUBLIC_KEY_LEN]) {
void X25519_public_from_private(
uint8_t out_public_value[X25519_PUBLIC_VALUE_LEN],
const uint8_t private_key[X25519_PRIVATE_KEY_LEN]) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;

#if defined(CURVE25519_S2N_BIGNUM_CAPABLE)
x25519_public_from_private_s2n_bignum(out_public_value, private_key);
Expand All @@ -266,7 +266,7 @@ void X25519_public_from_private(

void X25519_keypair(uint8_t out_public_value[X25519_PUBLIC_VALUE_LEN],
uint8_t out_private_key[X25519_PRIVATE_KEY_LEN]) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;

RAND_bytes(out_private_key, X25519_PRIVATE_KEY_LEN);

Expand Down Expand Up @@ -294,7 +294,7 @@ int X25519(uint8_t out_shared_key[X25519_SHARED_KEY_LEN],
const uint8_t private_key[X25519_PRIVATE_KEY_LEN],
const uint8_t peer_public_value[X25519_PUBLIC_VALUE_LEN]) {

SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
static const uint8_t kZeros[X25519_SHARED_KEY_LEN] = {0};

#if defined(CURVE25519_S2N_BIGNUM_CAPABLE)
Expand Down
40 changes: 20 additions & 20 deletions crypto/fipsmodule/dh/dh.c
Original file line number Diff line number Diff line change
Expand Up @@ -97,7 +97,7 @@ DH *DH_new_by_nid(int nid) {
}

void DH_free(DH *dh) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
if (dh == NULL) {
return;
}
Expand All @@ -118,38 +118,38 @@ void DH_free(DH *dh) {
}

unsigned DH_bits(const DH *dh) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
return BN_num_bits(dh->p);
}

const BIGNUM *DH_get0_pub_key(const DH *dh) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
return dh->pub_key;;
}

const BIGNUM *DH_get0_priv_key(const DH *dh) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
return dh->priv_key;
}

const BIGNUM *DH_get0_p(const DH *dh) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
return dh->p;
}

const BIGNUM *DH_get0_q(const DH *dh) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
return dh->q;
}

const BIGNUM *DH_get0_g(const DH *dh) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
return dh->g;
}

void DH_get0_key(const DH *dh, const BIGNUM **out_pub_key,
const BIGNUM **out_priv_key) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
if (out_pub_key != NULL) {
*out_pub_key = dh->pub_key;
}
Expand All @@ -159,13 +159,13 @@ void DH_get0_key(const DH *dh, const BIGNUM **out_pub_key,
}

void DH_clear_flags(DH *dh, int flags) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
(void) dh;
(void) flags;
}

int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
if (pub_key != NULL) {
BN_free(dh->pub_key);
dh->pub_key = pub_key;
Expand All @@ -181,7 +181,7 @@ int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key) {

void DH_get0_pqg(const DH *dh, const BIGNUM **out_p, const BIGNUM **out_q,
const BIGNUM **out_g) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
if (out_p != NULL) {
*out_p = dh->p;
}
Expand All @@ -194,7 +194,7 @@ void DH_get0_pqg(const DH *dh, const BIGNUM **out_p, const BIGNUM **out_q,
}

int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
if ((dh->p == NULL && p == NULL) ||
(dh->g == NULL && g == NULL)) {
return 0;
Expand Down Expand Up @@ -222,13 +222,13 @@ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) {
}

int DH_set_length(DH *dh, unsigned priv_length) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
dh->priv_length = priv_length;
return 1;
}

int DH_generate_key(DH *dh) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
boringssl_ensure_ffdh_self_test();

if (!dh_check_params_fast(dh)) {
Expand Down Expand Up @@ -412,14 +412,14 @@ int dh_compute_key_padded_no_self_test(unsigned char *out,

int DH_compute_key_padded(unsigned char *out, const BIGNUM *peers_key, DH *dh) {
boringssl_ensure_ffdh_self_test();
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;

return dh_compute_key_padded_no_self_test(out, peers_key, dh);
}

int DH_compute_key(unsigned char *out, const BIGNUM *peers_key, DH *dh) {
boringssl_ensure_ffdh_self_test();
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;

BN_CTX *ctx = BN_CTX_new();
if (ctx == NULL) {
Expand All @@ -442,7 +442,7 @@ int DH_compute_key(unsigned char *out, const BIGNUM *peers_key, DH *dh) {
int DH_compute_key_hashed(DH *dh, uint8_t *out, size_t *out_len,
size_t max_out_len, const BIGNUM *peers_key,
const EVP_MD *digest) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;

*out_len = SIZE_MAX;

Expand Down Expand Up @@ -482,17 +482,17 @@ int DH_compute_key_hashed(DH *dh, uint8_t *out, size_t *out_len,
}

int DH_size(const DH *dh) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
return BN_num_bytes(dh->p);
}

unsigned DH_num_bits(const DH *dh) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
return BN_num_bits(dh->p);
}

int DH_up_ref(DH *dh) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
CRYPTO_refcount_inc(&dh->references);
return 1;
}
Expand Down
6 changes: 3 additions & 3 deletions crypto/fipsmodule/ec/ec.c
Original file line number Diff line number Diff line change
Expand Up @@ -846,7 +846,7 @@ int ec_point_mul_no_self_test(const EC_GROUP *group, EC_POINT *r,
int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar,
const EC_POINT *p, const BIGNUM *p_scalar, BN_CTX *ctx) {
boringssl_ensure_ecc_self_test();
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;

return ec_point_mul_no_self_test(group, r, g_scalar, p, p_scalar, ctx);
}
Expand Down Expand Up @@ -882,7 +882,7 @@ int ec_point_mul_scalar_public_batch(const EC_GROUP *group, EC_JACOBIAN *r,

int ec_point_mul_scalar(const EC_GROUP *group, EC_JACOBIAN *r,
const EC_JACOBIAN *p, const EC_SCALAR *scalar) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
if (p == NULL || scalar == NULL) {
OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER);
return 0;
Expand All @@ -902,7 +902,7 @@ int ec_point_mul_scalar(const EC_GROUP *group, EC_JACOBIAN *r,

int ec_point_mul_scalar_base(const EC_GROUP *group, EC_JACOBIAN *r,
const EC_SCALAR *scalar) {
SET_DIT_AUTO_DISABLE;
SET_DIT_AUTO_RESET;
if (scalar == NULL) {
OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER);
return 0;
Expand Down
Loading

0 comments on commit 8ccc297

Please sign in to comment.