X-Git-Url: https://www.bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=src%2Finner.h;h=5f596a1a0c527b17cb265acdd3bf3715097edcc6;hp=52bcaf087b302c6f5b209e231225b824b7161966;hb=a8a8f51ea4f59b9344d26a323f1fb737984a4dca;hpb=af9c79a0710a45361f9ae4313f8bb5bf738c3b7a diff --git a/src/inner.h b/src/inner.h index 52bcaf0..5f596a1 100644 --- a/src/inner.h +++ b/src/inner.h @@ -1887,6 +1887,31 @@ uint32_t br_rsa_pkcs1_sig_unpad(const unsigned char *sig, size_t sig_len, const unsigned char *hash_oid, size_t hash_len, unsigned char *hash_out); +/* + * Apply OAEP padding. Returned value is the actual padded string length, + * or zero on error. + */ +size_t br_rsa_oaep_pad(const br_prng_class **rnd, const br_hash_class *dig, + const void *label, size_t label_len, const br_rsa_public_key *pk, + void *dst, size_t dst_nax_len, const void *src, size_t src_len); + +/* + * Unravel and check OAEP padding. If the padding is correct, then 1 is + * returned, '*len' is adjusted to the length of the message, and the + * data is moved to the start of the 'data' buffer. If the padding is + * incorrect, then 0 is returned and '*len' is untouched. Either way, + * the complete buffer contents are altered. + */ +uint32_t br_rsa_oaep_unpad(const br_hash_class *dig, + const void *label, size_t label_len, void *data, size_t *len); + +/* + * Compute MGF1 for a given seed, and XOR the output into the provided + * buffer. + */ +void br_mgf1_xor(void *data, size_t len, + const br_hash_class *dig, const void *seed, size_t seed_len); + /* ==================================================================== */ /* * Elliptic curves. @@ -2243,18 +2268,25 @@ int br_ssl_choose_hash(unsigned bf); */ #if BR_i386 || BR_amd64 +/* + * On GCC before version 5.0, we need to use the pragma to enable the + * target options globally, because the 'target' function attribute + * appears to be unreliable. Before 4.6 we must also avoid the + * push_options / pop_options mechanism, because it tends to trigger + * some internal compiler errors. + */ #if BR_GCC && !BR_GCC_5_0 #if BR_GCC_4_6 #define BR_TARGETS_X86_UP \ _Pragma("GCC push_options") \ _Pragma("GCC target(\"sse2,ssse3,sse4.1,aes,pclmul,rdrnd\")") +#define BR_TARGETS_X86_DOWN \ + _Pragma("GCC pop_options") #else #define BR_TARGETS_X86_UP \ - _Pragma("GCC push_options") \ _Pragma("GCC target(\"sse2,ssse3,sse4.1,aes,pclmul\")") #endif -#define BR_TARGETS_X86_DOWN \ - _Pragma("GCC pop_options") +#define BR_TARGETS_X86_DOWN #pragma GCC diagnostic ignored "-Wpsabi" #endif @@ -2286,7 +2318,7 @@ int br_ssl_choose_hash(unsigned bf); BR_TARGETS_X86_UP #include #include -#define bswap32 __builtin_bswap32 +#define br_bswap32 __builtin_bswap32 BR_TARGETS_X86_DOWN #endif @@ -2294,7 +2326,7 @@ BR_TARGETS_X86_DOWN #include #include #include -#define bswap32 _byteswap_ulong +#define br_bswap32 _byteswap_ulong #endif static inline int