New "i62" code for big integers with 64x64->128 opcodes; also improved "i31" modular...

[BearSSL] / src / ssl / ssl_hs_client.c

diff --git a/src/ssl/ssl_hs_client.c b/src/ssl/ssl_hs_client.c
index 6f5131a..25b2906 100644 (file)
--- a/src/ssl/ssl_hs_client.c
+++ b/src/ssl/ssl_hs_client.c
@@ -58,7 +58,7 @@ t0_parse7E_signed(const unsigned char **p)
 #define T0_INT4(x)       T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
 #define T0_INT5(x)       T0_SBYTE(x), T0_VBYTE(x, 21), T0_VBYTE(x, 14), T0_VBYTE(x, 7), T0_FBYTE(x, 0)
 
-static const uint8_t t0_datablock[];
+/* static const unsigned char t0_datablock[]; */
 
 
 void br_ssl_hs_client_init_main(void *t0ctx);
@@ -286,7 +286,7 @@ make_pms_ecdh(br_ssl_client_context *ctx, unsigned ecdhe, int prf_id)
        int curve;
        unsigned char key[66], point[133];
        const unsigned char *order, *point_src;
-       size_t glen, olen, point_len;
+       size_t glen, olen, point_len, xoff, xlen;
        unsigned char mask;
 
        if (ecdhe) {
@@ -339,7 +339,8 @@ make_pms_ecdh(br_ssl_client_context *ctx, unsigned ecdhe, int prf_id)
        /*
         * The pre-master secret is the X coordinate.
         */
-       br_ssl_engine_compute_master(&ctx->eng, prf_id, point + 1, glen >> 1);
+       xoff = ctx->eng.iec->xoff(curve, &xlen);
+       br_ssl_engine_compute_master(&ctx->eng, prf_id, point + xoff, xlen);
 
        ctx->eng.iec->mulgen(point, key, olen, curve);
        memcpy(ctx->eng.pad, point, glen);
@@ -372,12 +373,12 @@ make_pms_static_ecdh(br_ssl_client_context *ctx, int prf_id)
        }
        memcpy(point, pk->key.ec.q, point_len);
        if (!(*ctx->client_auth_vtable)->do_keyx(
-               ctx->client_auth_vtable, point, point_len))
+               ctx->client_auth_vtable, point, &point_len))
        {
                return -1;
        }
        br_ssl_engine_compute_master(&ctx->eng,
-               prf_id, point + 1, point_len >> 1);
+               prf_id, point, point_len);
        return 0;
 }
 
@@ -415,7 +416,7 @@ make_client_sign(br_ssl_client_context *ctx)
 
 
 
-static const uint8_t t0_datablock[] = {
+static const unsigned char t0_datablock[] = {
        0x00, 0x00, 0x0A, 0x00, 0x24, 0x00, 0x2F, 0x01, 0x24, 0x00, 0x35, 0x02,
        0x24, 0x00, 0x3C, 0x01, 0x44, 0x00, 0x3D, 0x02, 0x44, 0x00, 0x9C, 0x03,
        0x04, 0x00, 0x9D, 0x04, 0x05, 0xC0, 0x03, 0x40, 0x24, 0xC0, 0x04, 0x41,
@@ -431,7 +432,7 @@ static const uint8_t t0_datablock[] = {
        0x04, 0xCC, 0xA9, 0x25, 0x04, 0x00, 0x00
 };
 
-static const uint8_t t0_codeblock[] = {
+static const unsigned char t0_codeblock[] = {
        0x00, 0x01, 0x00, 0x0A, 0x00, 0x00, 0x01, 0x00, 0x0D, 0x00, 0x00, 0x01,
        0x00, 0x0E, 0x00, 0x00, 0x01, 0x00, 0x0F, 0x00, 0x00, 0x01, 0x01, 0x08,
        0x00, 0x00, 0x01, 0x01, 0x09, 0x00, 0x00, 0x01, 0x02, 0x08, 0x00, 0x00,
@@ -710,7 +711,7 @@ static const uint8_t t0_codeblock[] = {
        0x8B, 0x8C, 0x2E, 0xD7, 0x8F, 0x2E, 0x26, 0x01, 0x01, 0x0B, 0xD9, 0x8E,
        0x44, 0x26, 0x06, 0x0F, 0x5B, 0x38, 0x2C, 0x26, 0xC5, 0x05, 0x02, 0x60,
        0x28, 0xD9, 0x44, 0x5C, 0x44, 0x04, 0x6E, 0x5E, 0x01, 0x01, 0xDB, 0x01,
-       0x00, 0xDB, 0x02, 0x00, 0x06, 0x81, 0x46, 0x02, 0x00, 0xD9, 0xA2, 0x06,
+       0x00, 0xDB, 0x02, 0x00, 0x06, 0x81, 0x5A, 0x02, 0x00, 0xD9, 0xA2, 0x06,
        0x0E, 0x01, 0x83, 0xFE, 0x01, 0xD9, 0x87, 0xA2, 0x01, 0x04, 0x09, 0x26,
        0xD9, 0x5B, 0xD7, 0xA4, 0x06, 0x16, 0x01, 0x00, 0xD9, 0x89, 0xA4, 0x01,
        0x04, 0x09, 0x26, 0xD9, 0x01, 0x02, 0x09, 0x26, 0xD9, 0x01, 0x00, 0xDB,
@@ -718,29 +719,31 @@ static const uint8_t t0_codeblock[] = {
        0xD9, 0x80, 0x2E, 0x01, 0x08, 0x09, 0xDB, 0xA3, 0x06, 0x19, 0x01, 0x0D,
        0xD9, 0xA3, 0x01, 0x04, 0x09, 0x26, 0xD9, 0x01, 0x02, 0x09, 0xD9, 0x42,
        0x06, 0x03, 0x01, 0x03, 0xD8, 0x43, 0x06, 0x03, 0x01, 0x01, 0xD8, 0xA5,
-       0x26, 0x06, 0x22, 0x01, 0x0A, 0xD9, 0x01, 0x04, 0x09, 0x26, 0xD9, 0x5D,
-       0xD9, 0x40, 0x01, 0x00, 0x26, 0x01, 0x20, 0x0A, 0x06, 0x0C, 0x9E, 0x11,
-       0x01, 0x01, 0x17, 0x06, 0x02, 0x26, 0xD9, 0x5A, 0x04, 0x6E, 0x5E, 0x04,
-       0x01, 0x25, 0xA1, 0x06, 0x0A, 0x01, 0x0B, 0xD9, 0x01, 0x02, 0xD9, 0x01,
-       0x82, 0x00, 0xD9, 0x27, 0x26, 0x06, 0x1F, 0x01, 0x10, 0xD9, 0x01, 0x04,
-       0x09, 0x26, 0xD9, 0x5D, 0xD9, 0x83, 0x2C, 0x01, 0x00, 0x9E, 0x0F, 0x06,
-       0x0A, 0x26, 0x1E, 0x26, 0xDB, 0x82, 0x44, 0xD5, 0x5A, 0x04, 0x72, 0x5E,
-       0x04, 0x01, 0x25, 0x02, 0x01, 0x56, 0x05, 0x11, 0x01, 0x15, 0xD9, 0x02,
-       0x01, 0x26, 0xD9, 0x26, 0x06, 0x06, 0x5B, 0x01, 0x00, 0xDB, 0x04, 0x77,
-       0x25, 0x00, 0x00, 0x01, 0x10, 0xDB, 0x77, 0x2C, 0x26, 0xCA, 0x06, 0x0C,
-       0xA9, 0x23, 0x26, 0x5C, 0xDA, 0x26, 0xD9, 0x82, 0x44, 0xD5, 0x04, 0x0D,
-       0x26, 0xC8, 0x44, 0xA9, 0x22, 0x26, 0x5A, 0xDA, 0x26, 0xDB, 0x82, 0x44,
-       0xD5, 0x00, 0x00, 0x9A, 0x01, 0x14, 0xDB, 0x01, 0x0C, 0xDA, 0x82, 0x01,
-       0x0C, 0xD5, 0x00, 0x00, 0x4F, 0x26, 0x01, 0x00, 0x0E, 0x06, 0x02, 0x5E,
-       0x00, 0xCB, 0x25, 0x04, 0x73, 0x00, 0x26, 0xD9, 0xD5, 0x00, 0x00, 0x26,
-       0xDB, 0xD5, 0x00, 0x01, 0x03, 0x00, 0x41, 0x25, 0x26, 0x01, 0x10, 0x17,
-       0x06, 0x06, 0x01, 0x04, 0xDB, 0x02, 0x00, 0xDB, 0x26, 0x01, 0x08, 0x17,
-       0x06, 0x06, 0x01, 0x03, 0xDB, 0x02, 0x00, 0xDB, 0x26, 0x01, 0x20, 0x17,
-       0x06, 0x06, 0x01, 0x05, 0xDB, 0x02, 0x00, 0xDB, 0x26, 0x01, 0x80, 0x40,
-       0x17, 0x06, 0x06, 0x01, 0x06, 0xDB, 0x02, 0x00, 0xDB, 0x01, 0x04, 0x17,
-       0x06, 0x06, 0x01, 0x02, 0xDB, 0x02, 0x00, 0xDB, 0x00, 0x00, 0x26, 0x01,
-       0x08, 0x4D, 0xDB, 0xDB, 0x00, 0x00, 0x26, 0x01, 0x10, 0x4D, 0xDB, 0xD9,
-       0x00, 0x00, 0x26, 0x50, 0x06, 0x02, 0x25, 0x00, 0xCB, 0x25, 0x04, 0x76
+       0x26, 0x06, 0x36, 0x01, 0x0A, 0xD9, 0x01, 0x04, 0x09, 0x26, 0xD9, 0x5D,
+       0xD9, 0x40, 0x01, 0x00, 0x26, 0x01, 0x82, 0x80, 0x80, 0x80, 0x00, 0x17,
+       0x06, 0x0A, 0x01, 0xFD, 0xFF, 0xFF, 0xFF, 0x7F, 0x17, 0x01, 0x1D, 0xD9,
+       0x26, 0x01, 0x20, 0x0A, 0x06, 0x0C, 0x9E, 0x11, 0x01, 0x01, 0x17, 0x06,
+       0x02, 0x26, 0xD9, 0x5A, 0x04, 0x6E, 0x5E, 0x04, 0x01, 0x25, 0xA1, 0x06,
+       0x0A, 0x01, 0x0B, 0xD9, 0x01, 0x02, 0xD9, 0x01, 0x82, 0x00, 0xD9, 0x27,
+       0x26, 0x06, 0x1F, 0x01, 0x10, 0xD9, 0x01, 0x04, 0x09, 0x26, 0xD9, 0x5D,
+       0xD9, 0x83, 0x2C, 0x01, 0x00, 0x9E, 0x0F, 0x06, 0x0A, 0x26, 0x1E, 0x26,
+       0xDB, 0x82, 0x44, 0xD5, 0x5A, 0x04, 0x72, 0x5E, 0x04, 0x01, 0x25, 0x02,
+       0x01, 0x56, 0x05, 0x11, 0x01, 0x15, 0xD9, 0x02, 0x01, 0x26, 0xD9, 0x26,
+       0x06, 0x06, 0x5B, 0x01, 0x00, 0xDB, 0x04, 0x77, 0x25, 0x00, 0x00, 0x01,
+       0x10, 0xDB, 0x77, 0x2C, 0x26, 0xCA, 0x06, 0x0C, 0xA9, 0x23, 0x26, 0x5C,
+       0xDA, 0x26, 0xD9, 0x82, 0x44, 0xD5, 0x04, 0x0D, 0x26, 0xC8, 0x44, 0xA9,
+       0x22, 0x26, 0x5A, 0xDA, 0x26, 0xDB, 0x82, 0x44, 0xD5, 0x00, 0x00, 0x9A,
+       0x01, 0x14, 0xDB, 0x01, 0x0C, 0xDA, 0x82, 0x01, 0x0C, 0xD5, 0x00, 0x00,
+       0x4F, 0x26, 0x01, 0x00, 0x0E, 0x06, 0x02, 0x5E, 0x00, 0xCB, 0x25, 0x04,
+       0x73, 0x00, 0x26, 0xD9, 0xD5, 0x00, 0x00, 0x26, 0xDB, 0xD5, 0x00, 0x01,
+       0x03, 0x00, 0x41, 0x25, 0x26, 0x01, 0x10, 0x17, 0x06, 0x06, 0x01, 0x04,
+       0xDB, 0x02, 0x00, 0xDB, 0x26, 0x01, 0x08, 0x17, 0x06, 0x06, 0x01, 0x03,
+       0xDB, 0x02, 0x00, 0xDB, 0x26, 0x01, 0x20, 0x17, 0x06, 0x06, 0x01, 0x05,
+       0xDB, 0x02, 0x00, 0xDB, 0x26, 0x01, 0x80, 0x40, 0x17, 0x06, 0x06, 0x01,
+       0x06, 0xDB, 0x02, 0x00, 0xDB, 0x01, 0x04, 0x17, 0x06, 0x06, 0x01, 0x02,
+       0xDB, 0x02, 0x00, 0xDB, 0x00, 0x00, 0x26, 0x01, 0x08, 0x4D, 0xDB, 0xDB,
+       0x00, 0x00, 0x26, 0x01, 0x10, 0x4D, 0xDB, 0xD9, 0x00, 0x00, 0x26, 0x50,
+       0x06, 0x02, 0x25, 0x00, 0xCB, 0x25, 0x04, 0x76
 };
 
 static const uint16_t t0_caddr[] = {
@@ -869,15 +872,15 @@ static const uint16_t t0_caddr[] = {
        2541,
        2573,
        2607,
-       2955,
-       2991,
-       3004,
-       3018,
-       3023,
-       3028,
-       3094,
-       3102,
-       3110
+       2975,
+       3011,
+       3024,
+       3038,
+       3043,
+       3048,
+       3114,
+       3122,
+       3130
 };
 
 #define T0_INTERPRETED   86